summaryrefslogtreecommitdiffstats
path: root/auth2-hostbased.c
diff options
context:
space:
mode:
authormarkus@openbsd.org <markus@openbsd.org>2017-05-30 16:25:42 +0200
committerDamien Miller <djm@mindrot.org>2017-05-31 02:50:05 +0200
commiteb76698b91338bd798c978d4db2d6af624d185e4 (patch)
tree100dd59a6daf9108cd8cbcd2f74bec581c8dfb67 /auth2-hostbased.c
parentupstream commit (diff)
downloadopenssh-eb76698b91338bd798c978d4db2d6af624d185e4.tar.xz
openssh-eb76698b91338bd798c978d4db2d6af624d185e4.zip
upstream commit
switch auth2-hostbased.c to modern APIs; ok djm@ Upstream-ID: 146af25c36daeeb83d5dbbb8ca52b5d25de88f4e
Diffstat (limited to 'auth2-hostbased.c')
-rw-r--r--auth2-hostbased.c101
1 files changed, 53 insertions, 48 deletions
diff --git a/auth2-hostbased.c b/auth2-hostbased.c
index eddf797fe..728548396 100644
--- a/auth2-hostbased.c
+++ b/auth2-hostbased.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: auth2-hostbased.c,v 1.28 2017/05/30 14:10:53 markus Exp $ */
+/* $OpenBSD: auth2-hostbased.c,v 1.29 2017/05/30 14:25:42 markus Exp $ */
/*
* Copyright (c) 2000 Markus Friedl. All rights reserved.
*
@@ -39,7 +39,7 @@
#include "misc.h"
#include "servconf.h"
#include "compat.h"
-#include "key.h"
+#include "sshkey.h"
#include "hostfile.h"
#include "auth.h"
#include "canohost.h"
@@ -48,6 +48,7 @@
#endif
#include "monitor_wrap.h"
#include "pathnames.h"
+#include "ssherr.h"
#include "match.h"
/* import */
@@ -58,52 +59,54 @@ extern u_int session_id2_len;
static int
userauth_hostbased(Authctxt *authctxt)
{
- Buffer b;
+ struct ssh *ssh = active_state; /* XXX */
+ struct sshbuf *b;
struct sshkey *key = NULL;
char *pkalg, *cuser, *chost, *service;
u_char *pkblob, *sig;
- u_int alen, blen, slen;
- int pktype;
- int authenticated = 0;
+ size_t alen, blen, slen;
+ int r, pktype, authenticated = 0;
if (!authctxt->valid) {
- debug2("userauth_hostbased: disabled because of invalid user");
+ debug2("%s: disabled because of invalid user", __func__);
return 0;
}
- pkalg = packet_get_string(&alen);
- pkblob = packet_get_string(&blen);
- chost = packet_get_string(NULL);
- cuser = packet_get_string(NULL);
- sig = packet_get_string(&slen);
+ /* XXX use sshkey_froms() */
+ if ((r = sshpkt_get_cstring(ssh, &pkalg, &alen)) != 0 ||
+ (r = sshpkt_get_string(ssh, &pkblob, &blen)) != 0 ||
+ (r = sshpkt_get_cstring(ssh, &chost, NULL)) != 0 ||
+ (r = sshpkt_get_cstring(ssh, &cuser, NULL)) != 0 ||
+ (r = sshpkt_get_string(ssh, &sig, &slen)) != 0)
+ fatal("%s: packet parsing: %s", __func__, ssh_err(r));
- debug("userauth_hostbased: cuser %s chost %s pkalg %s slen %d",
+ debug("%s: cuser %s chost %s pkalg %s slen %zu", __func__,
cuser, chost, pkalg, slen);
#ifdef DEBUG_PK
debug("signature:");
- buffer_init(&b);
- buffer_append(&b, sig, slen);
- buffer_dump(&b);
- buffer_free(&b);
+ sshbuf_dump_data(sig, siglen, stderr);
#endif
- pktype = key_type_from_name(pkalg);
+ pktype = sshkey_type_from_name(pkalg);
if (pktype == KEY_UNSPEC) {
/* this is perfectly legal */
- logit("userauth_hostbased: unsupported "
- "public key algorithm: %s", pkalg);
+ logit("%s: unsupported public key algorithm: %s",
+ __func__, pkalg);
+ goto done;
+ }
+ if ((r = sshkey_from_blob(pkblob, blen, &key)) != 0) {
+ error("%s: key_from_blob: %s", __func__, ssh_err(r));
goto done;
}
- key = key_from_blob(pkblob, blen);
if (key == NULL) {
- error("userauth_hostbased: cannot decode key: %s", pkalg);
+ error("%s: cannot decode key: %s", __func__, pkalg);
goto done;
}
if (key->type != pktype) {
- error("userauth_hostbased: type mismatch for decoded key "
- "(received %d, expected %d)", key->type, pktype);
+ error("%s: type mismatch for decoded key "
+ "(received %d, expected %d)", __func__, key->type, pktype);
goto done;
}
- if (key_type_plain(key->type) == KEY_RSA &&
- (datafellows & SSH_BUG_RSASIGMD5) != 0) {
+ if (sshkey_type_plain(key->type) == KEY_RSA &&
+ (ssh->compat & SSH_BUG_RSASIGMD5) != 0) {
error("Refusing RSA key because peer uses unsafe "
"signature format");
goto done;
@@ -115,21 +118,23 @@ userauth_hostbased(Authctxt *authctxt)
goto done;
}
- service = datafellows & SSH_BUG_HBSERVICE ? "ssh-userauth" :
+ service = ssh->compat & SSH_BUG_HBSERVICE ? "ssh-userauth" :
authctxt->service;
- buffer_init(&b);
- buffer_put_string(&b, session_id2, session_id2_len);
+ if ((b = sshbuf_new()) == NULL)
+ fatal("%s: sshbuf_new failed", __func__);
/* reconstruct packet */
- buffer_put_char(&b, SSH2_MSG_USERAUTH_REQUEST);
- buffer_put_cstring(&b, authctxt->user);
- buffer_put_cstring(&b, service);
- buffer_put_cstring(&b, "hostbased");
- buffer_put_string(&b, pkalg, alen);
- buffer_put_string(&b, pkblob, blen);
- buffer_put_cstring(&b, chost);
- buffer_put_cstring(&b, cuser);
+ if ((r = sshbuf_put_string(b, session_id2, session_id2_len)) != 0 ||
+ (r = sshbuf_put_u8(b, SSH2_MSG_USERAUTH_REQUEST)) != 0 ||
+ (r = sshbuf_put_cstring(b, authctxt->user)) != 0 ||
+ (r = sshbuf_put_cstring(b, service)) != 0 ||
+ (r = sshbuf_put_cstring(b, "hostbased")) != 0 ||
+ (r = sshbuf_put_string(b, pkalg, alen)) != 0 ||
+ (r = sshbuf_put_string(b, pkblob, blen)) != 0 ||
+ (r = sshbuf_put_cstring(b, chost)) != 0 ||
+ (r = sshbuf_put_cstring(b, cuser)) != 0)
+ fatal("%s: buffer error: %s", __func__, ssh_err(r));
#ifdef DEBUG_PK
- buffer_dump(&b);
+ sshbuf_dump(b, stderr);
#endif
pubkey_auth_info(authctxt, key,
@@ -138,15 +143,15 @@ userauth_hostbased(Authctxt *authctxt)
/* test for allowed key and correct signature */
authenticated = 0;
if (PRIVSEP(hostbased_key_allowed(authctxt->pw, cuser, chost, key)) &&
- PRIVSEP(sshkey_verify(key, sig, slen, buffer_ptr(&b),
- buffer_len(&b), 0)) == 0)
+ PRIVSEP(sshkey_verify(key, sig, slen,
+ sshbuf_ptr(b), sshbuf_len(b), ssh->compat)) == 0)
authenticated = 1;
- buffer_free(&b);
+ sshbuf_free(b);
done:
- debug2("userauth_hostbased: authenticated %d", authenticated);
+ debug2("%s: authenticated %d", __func__, authenticated);
if (key != NULL)
- key_free(key);
+ sshkey_free(key);
free(pkalg);
free(pkblob);
free(cuser);
@@ -203,8 +208,8 @@ hostbased_key_allowed(struct passwd *pw, const char *cuser, char *chost,
}
debug2("%s: access allowed by auth_rhosts2", __func__);
- if (key_is_cert(key) &&
- key_cert_check_authority(key, 1, 0, lookup, &reason)) {
+ if (sshkey_is_cert(key) &&
+ sshkey_cert_check_authority(key, 1, 0, lookup, &reason)) {
error("%s", reason);
auth_debug_add("%s", reason);
return 0;
@@ -223,20 +228,20 @@ hostbased_key_allowed(struct passwd *pw, const char *cuser, char *chost,
}
if (host_status == HOST_OK) {
- if (key_is_cert(key)) {
+ if (sshkey_is_cert(key)) {
if ((fp = sshkey_fingerprint(key->cert->signature_key,
options.fingerprint_hash, SSH_FP_DEFAULT)) == NULL)
fatal("%s: sshkey_fingerprint fail", __func__);
verbose("Accepted certificate ID \"%s\" signed by "
"%s CA %s from %s@%s", key->cert->key_id,
- key_type(key->cert->signature_key), fp,
+ sshkey_type(key->cert->signature_key), fp,
cuser, lookup);
} else {
if ((fp = sshkey_fingerprint(key,
options.fingerprint_hash, SSH_FP_DEFAULT)) == NULL)
fatal("%s: sshkey_fingerprint fail", __func__);
verbose("Accepted %s public key %s from %s@%s",
- key_type(key), fp, cuser, lookup);
+ sshkey_type(key), fp, cuser, lookup);
}
free(fp);
}