diff options
| author |   markus <markus@openbsd.org> | 2002-05-31 10:30:33 +0000 |
|---|---|---|
| committer | markus <markus@openbsd.org> | 2002-05-31 10:30:33 +0000 |
| commit | 6e8cec495b8bb73fd7bbb37170d3227f4f612455 (patch) | |
| tree | 5b9a4c54378f19c2c27775599d069d46209479b8 | |
| parent | function prototypes shoulnd't carry variable name (diff) | |
| download | wireguard-openbsd-6e8cec495b8bb73fd7bbb37170d3227f4f612455.tar.xz wireguard-openbsd-6e8cec495b8bb73fd7bbb37170d3227f4f612455.zip | |
extent ssh-keysign protocol:
pass # of socket-fd to ssh-keysign, keysign verfies locally used
ip-address using this socket-fd, restricts fake local hostnames
to actual local hostnames; ok stevesk@
| -rw-r--r-- | usr.bin/ssh/ssh-keysign.c | 37 | ||||
| -rw-r--r-- | usr.bin/ssh/ssh-keysign/Makefile | 6 | ||||
| -rw-r--r-- | usr.bin/ssh/sshconnect2.c | 13 |
3 files changed, 39 insertions, 17 deletions
diff --git a/usr.bin/ssh/ssh-keysign.c b/usr.bin/ssh/ssh-keysign.c index a309852d3d7..da630708db9 100644 --- a/usr.bin/ssh/ssh-keysign.c +++ b/usr.bin/ssh/ssh-keysign.c @@ -22,7 +22,7 @@ * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ #include "includes.h" -RCSID("$OpenBSD: ssh-keysign.c,v 1.1 2002/05/23 19:24:30 markus Exp $"); +RCSID("$OpenBSD: ssh-keysign.c,v 1.2 2002/05/31 10:30:33 markus Exp $"); #include <openssl/evp.h> @@ -35,16 +35,18 @@ RCSID("$OpenBSD: ssh-keysign.c,v 1.1 2002/05/23 19:24:30 markus Exp $"); #include "bufaux.h" #include "authfile.h" #include "msg.h" +#include "canohost.h" #include "pathnames.h" static int -valid_request(struct passwd *pw, Key **ret, u_char *data, u_int datalen) +valid_request(struct passwd *pw, char *host, Key **ret, u_char *data, + u_int datalen) { Buffer b; Key *key; - u_char *p, *pkblob; - u_int blen; - char *pkalg; + u_char *pkblob; + u_int blen, len; + char *pkalg, *p; int pktype, fail; fail = 0; @@ -86,11 +88,20 @@ valid_request(struct passwd *pw, Key **ret, u_char *data, u_int datalen) xfree(pkalg); xfree(pkblob); - /* chost */ - buffer_skip_string(&b); + /* client host name, handle trailing dot */ + p = buffer_get_string(&b, &len); + debug2("valid_request: check expect chost %s got %s", host, p); + if (strlen(host) != len - 1) + fail++; + else if (p[len - 1] != '.') + fail++; + else if (strncasecmp(host, p, len - 1) != 0) + fail++; + xfree(p); /* local user */ p = buffer_get_string(&b, NULL); + if (strcmp(pw->pw_name, p) != 0) fail++; xfree(p); @@ -115,8 +126,9 @@ main(int argc, char **argv) Buffer b; Key *keys[2], *key; struct passwd *pw; - int key_fd[2], i, found, version = 1; + int key_fd[2], i, found, version = 2, fd; u_char *signature, *data; + char *host; u_int slen, dlen; key_fd[0] = open(_PATH_HOST_RSA_KEY_FILE, O_RDONLY); @@ -157,10 +169,17 @@ main(int argc, char **argv) fatal("msg_recv failed"); if (buffer_get_char(&b) != version) fatal("bad version"); + fd = buffer_get_int(&b); + if ((fd == STDIN_FILENO) || (fd == STDOUT_FILENO)) + fatal("bad fd"); + if ((host = get_local_name(fd)) == NULL) + fatal("cannot get sockname for fd"); + data = buffer_get_string(&b, &dlen); - if (valid_request(pw, &key, data, dlen) < 0) + if (valid_request(pw, host, &key, data, dlen) < 0) fatal("not a valid request"); xfree(data); + xfree(host); found = 0; for (i = 0; i < 2; i++) { diff --git a/usr.bin/ssh/ssh-keysign/Makefile b/usr.bin/ssh/ssh-keysign/Makefile index 666aeaac3c6..1a13d9ed358 100644 --- a/usr.bin/ssh/ssh-keysign/Makefile +++ b/usr.bin/ssh/ssh-keysign/Makefile @@ -1,4 +1,4 @@ -# $OpenBSD: Makefile,v 1.2 2002/05/25 08:16:59 markus Exp $ +# $OpenBSD: Makefile,v 1.3 2002/05/31 10:30:33 markus Exp $ .PATH: ${.CURDIR}/.. @@ -14,5 +14,5 @@ SRCS= ssh-keysign.c .include <bsd.prog.mk> -LDADD+= -lcrypto -DPADD+= ${LIBCRYPTO} +LDADD+= -lcrypto -lz +DPADD+= ${LIBCRYPTO} ${LIBZ} diff --git a/usr.bin/ssh/sshconnect2.c b/usr.bin/ssh/sshconnect2.c index 6aa6c3db81a..6e53a75bf65 100644 --- a/usr.bin/ssh/sshconnect2.c +++ b/usr.bin/ssh/sshconnect2.c @@ -23,7 +23,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: sshconnect2.c,v 1.102 2002/05/25 08:50:39 markus Exp $"); +RCSID("$OpenBSD: sshconnect2.c,v 1.103 2002/05/31 10:30:33 markus Exp $"); #include "ssh.h" #include "ssh2.h" @@ -902,7 +902,7 @@ ssh_keysign( Buffer b; struct stat st; pid_t pid; - int to[2], from[2], status, version = 1; + int to[2], from[2], status, version = 2; debug("ssh_keysign called"); @@ -933,6 +933,8 @@ ssh_keysign( close(to[1]); if (dup2(to[0], STDIN_FILENO) < 0) fatal("ssh_keysign: dup2: %s", strerror(errno)); + close(from[1]); + close(to[0]); execl(_PATH_SSH_KEY_SIGN, _PATH_SSH_KEY_SIGN, (char *) 0); fatal("ssh_keysign: exec(%s): %s", _PATH_SSH_KEY_SIGN, strerror(errno)); @@ -941,6 +943,7 @@ ssh_keysign( close(to[0]); buffer_init(&b); + buffer_put_int(&b, packet_get_connection_in()); /* send # of socket */ buffer_put_string(&b, data, datalen); msg_send(to[1], version, &b); @@ -952,9 +955,9 @@ ssh_keysign( close(from[0]); close(to[1]); - while (waitpid(pid, &status, 0) < 0) - if (errno != EINTR) - break; + while (waitpid(pid, &status, 0) < 0) + if (errno != EINTR) + break; if (buffer_get_char(&b) != version) { error("ssh_keysign: bad version"); |