1 |
|
|
/* $OpenBSD: sshconnect2.c,v 1.266 2017/08/27 00:38:41 dtucker Exp $ */ |
2 |
|
|
/* |
3 |
|
|
* Copyright (c) 2000 Markus Friedl. All rights reserved. |
4 |
|
|
* Copyright (c) 2008 Damien Miller. All rights reserved. |
5 |
|
|
* |
6 |
|
|
* Redistribution and use in source and binary forms, with or without |
7 |
|
|
* modification, are permitted provided that the following conditions |
8 |
|
|
* are met: |
9 |
|
|
* 1. Redistributions of source code must retain the above copyright |
10 |
|
|
* notice, this list of conditions and the following disclaimer. |
11 |
|
|
* 2. Redistributions in binary form must reproduce the above copyright |
12 |
|
|
* notice, this list of conditions and the following disclaimer in the |
13 |
|
|
* documentation and/or other materials provided with the distribution. |
14 |
|
|
* |
15 |
|
|
* THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR |
16 |
|
|
* IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES |
17 |
|
|
* OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. |
18 |
|
|
* IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, |
19 |
|
|
* INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT |
20 |
|
|
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, |
21 |
|
|
* DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY |
22 |
|
|
* THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT |
23 |
|
|
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF |
24 |
|
|
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |
25 |
|
|
*/ |
26 |
|
|
|
27 |
|
|
#include <sys/types.h> |
28 |
|
|
#include <sys/socket.h> |
29 |
|
|
#include <sys/wait.h> |
30 |
|
|
#include <sys/queue.h> |
31 |
|
|
#include <sys/stat.h> |
32 |
|
|
|
33 |
|
|
#include <errno.h> |
34 |
|
|
#include <fcntl.h> |
35 |
|
|
#include <netdb.h> |
36 |
|
|
#include <stdio.h> |
37 |
|
|
#include <string.h> |
38 |
|
|
#include <signal.h> |
39 |
|
|
#include <pwd.h> |
40 |
|
|
#include <unistd.h> |
41 |
|
|
#include <vis.h> |
42 |
|
|
|
43 |
|
|
#include "xmalloc.h" |
44 |
|
|
#include "ssh.h" |
45 |
|
|
#include "ssh2.h" |
46 |
|
|
#include "buffer.h" |
47 |
|
|
#include "packet.h" |
48 |
|
|
#include "compat.h" |
49 |
|
|
#include "cipher.h" |
50 |
|
|
#include "key.h" |
51 |
|
|
#include "kex.h" |
52 |
|
|
#include "myproposal.h" |
53 |
|
|
#include "sshconnect.h" |
54 |
|
|
#include "authfile.h" |
55 |
|
|
#include "dh.h" |
56 |
|
|
#include "authfd.h" |
57 |
|
|
#include "log.h" |
58 |
|
|
#include "misc.h" |
59 |
|
|
#include "readconf.h" |
60 |
|
|
#include "match.h" |
61 |
|
|
#include "dispatch.h" |
62 |
|
|
#include "canohost.h" |
63 |
|
|
#include "msg.h" |
64 |
|
|
#include "pathnames.h" |
65 |
|
|
#include "uidswap.h" |
66 |
|
|
#include "hostfile.h" |
67 |
|
|
#include "ssherr.h" |
68 |
|
|
#include "utf8.h" |
69 |
|
|
|
70 |
|
|
#ifdef GSSAPI |
71 |
|
|
#include "ssh-gss.h" |
72 |
|
|
#endif |
73 |
|
|
|
74 |
|
|
/* import */ |
75 |
|
|
extern char *client_version_string; |
76 |
|
|
extern char *server_version_string; |
77 |
|
|
extern Options options; |
78 |
|
|
|
79 |
|
|
/* |
80 |
|
|
* SSH2 key exchange |
81 |
|
|
*/ |
82 |
|
|
|
83 |
|
|
u_char *session_id2 = NULL; |
84 |
|
|
u_int session_id2_len = 0; |
85 |
|
|
|
86 |
|
|
char *xxx_host; |
87 |
|
|
struct sockaddr *xxx_hostaddr; |
88 |
|
|
|
89 |
|
|
static int |
90 |
|
|
verify_host_key_callback(struct sshkey *hostkey, struct ssh *ssh) |
91 |
|
|
{ |
92 |
|
|
if (verify_host_key(xxx_host, xxx_hostaddr, hostkey) == -1) |
93 |
|
|
fatal("Host key verification failed."); |
94 |
|
|
return 0; |
95 |
|
|
} |
96 |
|
|
|
97 |
|
|
static char * |
98 |
|
|
order_hostkeyalgs(char *host, struct sockaddr *hostaddr, u_short port) |
99 |
|
|
{ |
100 |
|
|
char *oavail, *avail, *first, *last, *alg, *hostname, *ret; |
101 |
|
|
size_t maxlen; |
102 |
|
|
struct hostkeys *hostkeys; |
103 |
|
|
int ktype; |
104 |
|
|
u_int i; |
105 |
|
|
|
106 |
|
|
/* Find all hostkeys for this hostname */ |
107 |
|
|
get_hostfile_hostname_ipaddr(host, hostaddr, port, &hostname, NULL); |
108 |
|
|
hostkeys = init_hostkeys(); |
109 |
|
|
for (i = 0; i < options.num_user_hostfiles; i++) |
110 |
|
|
load_hostkeys(hostkeys, hostname, options.user_hostfiles[i]); |
111 |
|
|
for (i = 0; i < options.num_system_hostfiles; i++) |
112 |
|
|
load_hostkeys(hostkeys, hostname, options.system_hostfiles[i]); |
113 |
|
|
|
114 |
|
|
oavail = avail = xstrdup(KEX_DEFAULT_PK_ALG); |
115 |
|
|
maxlen = strlen(avail) + 1; |
116 |
|
|
first = xmalloc(maxlen); |
117 |
|
|
last = xmalloc(maxlen); |
118 |
|
|
*first = *last = '\0'; |
119 |
|
|
|
120 |
|
|
#define ALG_APPEND(to, from) \ |
121 |
|
|
do { \ |
122 |
|
|
if (*to != '\0') \ |
123 |
|
|
strlcat(to, ",", maxlen); \ |
124 |
|
|
strlcat(to, from, maxlen); \ |
125 |
|
|
} while (0) |
126 |
|
|
|
127 |
|
|
while ((alg = strsep(&avail, ",")) && *alg != '\0') { |
128 |
|
|
if ((ktype = sshkey_type_from_name(alg)) == KEY_UNSPEC) |
129 |
|
|
fatal("%s: unknown alg %s", __func__, alg); |
130 |
|
|
if (lookup_key_in_hostkeys_by_type(hostkeys, |
131 |
|
|
sshkey_type_plain(ktype), NULL)) |
132 |
|
|
ALG_APPEND(first, alg); |
133 |
|
|
else |
134 |
|
|
ALG_APPEND(last, alg); |
135 |
|
|
} |
136 |
|
|
#undef ALG_APPEND |
137 |
|
|
xasprintf(&ret, "%s%s%s", first, |
138 |
|
|
(*first == '\0' || *last == '\0') ? "" : ",", last); |
139 |
|
|
if (*first != '\0') |
140 |
|
|
debug3("%s: prefer hostkeyalgs: %s", __func__, first); |
141 |
|
|
|
142 |
|
|
free(first); |
143 |
|
|
free(last); |
144 |
|
|
free(hostname); |
145 |
|
|
free(oavail); |
146 |
|
|
free_hostkeys(hostkeys); |
147 |
|
|
|
148 |
|
|
return ret; |
149 |
|
|
} |
150 |
|
|
|
151 |
|
|
void |
152 |
|
|
ssh_kex2(char *host, struct sockaddr *hostaddr, u_short port) |
153 |
|
|
{ |
154 |
|
|
char *myproposal[PROPOSAL_MAX] = { KEX_CLIENT }; |
155 |
|
|
char *s; |
156 |
|
|
struct kex *kex; |
157 |
|
|
int r; |
158 |
|
|
|
159 |
|
|
xxx_host = host; |
160 |
|
|
xxx_hostaddr = hostaddr; |
161 |
|
|
|
162 |
|
|
if ((s = kex_names_cat(options.kex_algorithms, "ext-info-c")) == NULL) |
163 |
|
|
fatal("%s: kex_names_cat", __func__); |
164 |
|
|
myproposal[PROPOSAL_KEX_ALGS] = compat_kex_proposal(s); |
165 |
|
|
myproposal[PROPOSAL_ENC_ALGS_CTOS] = |
166 |
|
|
compat_cipher_proposal(options.ciphers); |
167 |
|
|
myproposal[PROPOSAL_ENC_ALGS_STOC] = |
168 |
|
|
compat_cipher_proposal(options.ciphers); |
169 |
|
|
myproposal[PROPOSAL_COMP_ALGS_CTOS] = |
170 |
|
|
myproposal[PROPOSAL_COMP_ALGS_STOC] = options.compression ? |
171 |
|
|
"zlib@openssh.com,zlib,none" : "none,zlib@openssh.com,zlib"; |
172 |
|
|
myproposal[PROPOSAL_MAC_ALGS_CTOS] = |
173 |
|
|
myproposal[PROPOSAL_MAC_ALGS_STOC] = options.macs; |
174 |
|
|
if (options.hostkeyalgorithms != NULL) { |
175 |
|
|
if (kex_assemble_names(KEX_DEFAULT_PK_ALG, |
176 |
|
|
&options.hostkeyalgorithms) != 0) |
177 |
|
|
fatal("%s: kex_assemble_namelist", __func__); |
178 |
|
|
myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = |
179 |
|
|
compat_pkalg_proposal(options.hostkeyalgorithms); |
180 |
|
|
} else { |
181 |
|
|
/* Enforce default */ |
182 |
|
|
options.hostkeyalgorithms = xstrdup(KEX_DEFAULT_PK_ALG); |
183 |
|
|
/* Prefer algorithms that we already have keys for */ |
184 |
|
|
myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = |
185 |
|
|
compat_pkalg_proposal( |
186 |
|
|
order_hostkeyalgs(host, hostaddr, port)); |
187 |
|
|
} |
188 |
|
|
|
189 |
|
|
if (options.rekey_limit || options.rekey_interval) |
190 |
|
|
packet_set_rekey_limits(options.rekey_limit, |
191 |
|
|
options.rekey_interval); |
192 |
|
|
|
193 |
|
|
/* start key exchange */ |
194 |
|
|
if ((r = kex_setup(active_state, myproposal)) != 0) |
195 |
|
|
fatal("kex_setup: %s", ssh_err(r)); |
196 |
|
|
kex = active_state->kex; |
197 |
|
|
#ifdef WITH_OPENSSL |
198 |
|
|
kex->kex[KEX_DH_GRP1_SHA1] = kexdh_client; |
199 |
|
|
kex->kex[KEX_DH_GRP14_SHA1] = kexdh_client; |
200 |
|
|
kex->kex[KEX_DH_GRP14_SHA256] = kexdh_client; |
201 |
|
|
kex->kex[KEX_DH_GRP16_SHA512] = kexdh_client; |
202 |
|
|
kex->kex[KEX_DH_GRP18_SHA512] = kexdh_client; |
203 |
|
|
kex->kex[KEX_DH_GEX_SHA1] = kexgex_client; |
204 |
|
|
kex->kex[KEX_DH_GEX_SHA256] = kexgex_client; |
205 |
|
|
kex->kex[KEX_ECDH_SHA2] = kexecdh_client; |
206 |
|
|
#endif |
207 |
|
|
kex->kex[KEX_C25519_SHA256] = kexc25519_client; |
208 |
|
|
kex->client_version_string=client_version_string; |
209 |
|
|
kex->server_version_string=server_version_string; |
210 |
|
|
kex->verify_host_key=&verify_host_key_callback; |
211 |
|
|
|
212 |
|
|
ssh_dispatch_run_fatal(active_state, DISPATCH_BLOCK, &kex->done); |
213 |
|
|
|
214 |
|
|
/* remove ext-info from the KEX proposals for rekeying */ |
215 |
|
|
myproposal[PROPOSAL_KEX_ALGS] = |
216 |
|
|
compat_kex_proposal(options.kex_algorithms); |
217 |
|
|
if ((r = kex_prop2buf(kex->my, myproposal)) != 0) |
218 |
|
|
fatal("kex_prop2buf: %s", ssh_err(r)); |
219 |
|
|
|
220 |
|
|
session_id2 = kex->session_id; |
221 |
|
|
session_id2_len = kex->session_id_len; |
222 |
|
|
|
223 |
|
|
#ifdef DEBUG_KEXDH |
224 |
|
|
/* send 1st encrypted/maced/compressed message */ |
225 |
|
|
packet_start(SSH2_MSG_IGNORE); |
226 |
|
|
packet_put_cstring("markus"); |
227 |
|
|
packet_send(); |
228 |
|
|
packet_write_wait(); |
229 |
|
|
#endif |
230 |
|
|
} |
231 |
|
|
|
232 |
|
|
/* |
233 |
|
|
* Authenticate user |
234 |
|
|
*/ |
235 |
|
|
|
236 |
|
|
typedef struct cauthctxt Authctxt; |
237 |
|
|
typedef struct cauthmethod Authmethod; |
238 |
|
|
typedef struct identity Identity; |
239 |
|
|
typedef struct idlist Idlist; |
240 |
|
|
|
241 |
|
|
struct identity { |
242 |
|
|
TAILQ_ENTRY(identity) next; |
243 |
|
|
int agent_fd; /* >=0 if agent supports key */ |
244 |
|
|
struct sshkey *key; /* public/private key */ |
245 |
|
|
char *filename; /* comment for agent-only keys */ |
246 |
|
|
int tried; |
247 |
|
|
int isprivate; /* key points to the private key */ |
248 |
|
|
int userprovided; |
249 |
|
|
}; |
250 |
|
|
TAILQ_HEAD(idlist, identity); |
251 |
|
|
|
252 |
|
|
struct cauthctxt { |
253 |
|
|
const char *server_user; |
254 |
|
|
const char *local_user; |
255 |
|
|
const char *host; |
256 |
|
|
const char *service; |
257 |
|
|
struct cauthmethod *method; |
258 |
|
|
sig_atomic_t success; |
259 |
|
|
char *authlist; |
260 |
|
|
int attempt; |
261 |
|
|
/* pubkey */ |
262 |
|
|
struct idlist keys; |
263 |
|
|
int agent_fd; |
264 |
|
|
/* hostbased */ |
265 |
|
|
Sensitive *sensitive; |
266 |
|
|
char *oktypes, *ktypes; |
267 |
|
|
const char *active_ktype; |
268 |
|
|
/* kbd-interactive */ |
269 |
|
|
int info_req_seen; |
270 |
|
|
/* generic */ |
271 |
|
|
void *methoddata; |
272 |
|
|
}; |
273 |
|
|
|
274 |
|
|
struct cauthmethod { |
275 |
|
|
char *name; /* string to compare against server's list */ |
276 |
|
|
int (*userauth)(Authctxt *authctxt); |
277 |
|
|
void (*cleanup)(Authctxt *authctxt); |
278 |
|
|
int *enabled; /* flag in option struct that enables method */ |
279 |
|
|
int *batch_flag; /* flag in option struct that disables method */ |
280 |
|
|
}; |
281 |
|
|
|
282 |
|
|
int input_userauth_service_accept(int, u_int32_t, struct ssh *); |
283 |
|
|
int input_userauth_ext_info(int, u_int32_t, struct ssh *); |
284 |
|
|
int input_userauth_success(int, u_int32_t, struct ssh *); |
285 |
|
|
int input_userauth_success_unexpected(int, u_int32_t, struct ssh *); |
286 |
|
|
int input_userauth_failure(int, u_int32_t, struct ssh *); |
287 |
|
|
int input_userauth_banner(int, u_int32_t, struct ssh *); |
288 |
|
|
int input_userauth_error(int, u_int32_t, struct ssh *); |
289 |
|
|
int input_userauth_info_req(int, u_int32_t, struct ssh *); |
290 |
|
|
int input_userauth_pk_ok(int, u_int32_t, struct ssh *); |
291 |
|
|
int input_userauth_passwd_changereq(int, u_int32_t, struct ssh *); |
292 |
|
|
|
293 |
|
|
int userauth_none(Authctxt *); |
294 |
|
|
int userauth_pubkey(Authctxt *); |
295 |
|
|
int userauth_passwd(Authctxt *); |
296 |
|
|
int userauth_kbdint(Authctxt *); |
297 |
|
|
int userauth_hostbased(Authctxt *); |
298 |
|
|
|
299 |
|
|
#ifdef GSSAPI |
300 |
|
|
int userauth_gssapi(Authctxt *authctxt); |
301 |
|
|
int input_gssapi_response(int type, u_int32_t, struct ssh *); |
302 |
|
|
int input_gssapi_token(int type, u_int32_t, struct ssh *); |
303 |
|
|
int input_gssapi_hash(int type, u_int32_t, struct ssh *); |
304 |
|
|
int input_gssapi_error(int, u_int32_t, struct ssh *); |
305 |
|
|
int input_gssapi_errtok(int, u_int32_t, struct ssh *); |
306 |
|
|
#endif |
307 |
|
|
|
308 |
|
|
void userauth(Authctxt *, char *); |
309 |
|
|
|
310 |
|
|
static int sign_and_send_pubkey(Authctxt *, Identity *); |
311 |
|
|
static void pubkey_prepare(Authctxt *); |
312 |
|
|
static void pubkey_cleanup(Authctxt *); |
313 |
|
|
static void pubkey_reset(Authctxt *); |
314 |
|
|
static struct sshkey *load_identity_file(Identity *); |
315 |
|
|
|
316 |
|
|
static Authmethod *authmethod_get(char *authlist); |
317 |
|
|
static Authmethod *authmethod_lookup(const char *name); |
318 |
|
|
static char *authmethods_get(void); |
319 |
|
|
|
320 |
|
|
Authmethod authmethods[] = { |
321 |
|
|
#ifdef GSSAPI |
322 |
|
|
{"gssapi-with-mic", |
323 |
|
|
userauth_gssapi, |
324 |
|
|
NULL, |
325 |
|
|
&options.gss_authentication, |
326 |
|
|
NULL}, |
327 |
|
|
#endif |
328 |
|
|
{"hostbased", |
329 |
|
|
userauth_hostbased, |
330 |
|
|
NULL, |
331 |
|
|
&options.hostbased_authentication, |
332 |
|
|
NULL}, |
333 |
|
|
{"publickey", |
334 |
|
|
userauth_pubkey, |
335 |
|
|
NULL, |
336 |
|
|
&options.pubkey_authentication, |
337 |
|
|
NULL}, |
338 |
|
|
{"keyboard-interactive", |
339 |
|
|
userauth_kbdint, |
340 |
|
|
NULL, |
341 |
|
|
&options.kbd_interactive_authentication, |
342 |
|
|
&options.batch_mode}, |
343 |
|
|
{"password", |
344 |
|
|
userauth_passwd, |
345 |
|
|
NULL, |
346 |
|
|
&options.password_authentication, |
347 |
|
|
&options.batch_mode}, |
348 |
|
|
{"none", |
349 |
|
|
userauth_none, |
350 |
|
|
NULL, |
351 |
|
|
NULL, |
352 |
|
|
NULL}, |
353 |
|
|
{NULL, NULL, NULL, NULL, NULL} |
354 |
|
|
}; |
355 |
|
|
|
356 |
|
|
void |
357 |
|
|
ssh_userauth2(const char *local_user, const char *server_user, char *host, |
358 |
|
|
Sensitive *sensitive) |
359 |
|
|
{ |
360 |
|
|
struct ssh *ssh = active_state; |
361 |
|
|
Authctxt authctxt; |
362 |
|
|
int r; |
363 |
|
|
|
364 |
|
|
if (options.challenge_response_authentication) |
365 |
|
|
options.kbd_interactive_authentication = 1; |
366 |
|
|
if (options.preferred_authentications == NULL) |
367 |
|
|
options.preferred_authentications = authmethods_get(); |
368 |
|
|
|
369 |
|
|
/* setup authentication context */ |
370 |
|
|
memset(&authctxt, 0, sizeof(authctxt)); |
371 |
|
|
pubkey_prepare(&authctxt); |
372 |
|
|
authctxt.server_user = server_user; |
373 |
|
|
authctxt.local_user = local_user; |
374 |
|
|
authctxt.host = host; |
375 |
|
|
authctxt.service = "ssh-connection"; /* service name */ |
376 |
|
|
authctxt.success = 0; |
377 |
|
|
authctxt.method = authmethod_lookup("none"); |
378 |
|
|
authctxt.authlist = NULL; |
379 |
|
|
authctxt.methoddata = NULL; |
380 |
|
|
authctxt.sensitive = sensitive; |
381 |
|
|
authctxt.active_ktype = authctxt.oktypes = authctxt.ktypes = NULL; |
382 |
|
|
authctxt.info_req_seen = 0; |
383 |
|
|
authctxt.agent_fd = -1; |
384 |
|
|
if (authctxt.method == NULL) |
385 |
|
|
fatal("ssh_userauth2: internal error: cannot send userauth none request"); |
386 |
|
|
|
387 |
|
|
if ((r = sshpkt_start(ssh, SSH2_MSG_SERVICE_REQUEST)) != 0 || |
388 |
|
|
(r = sshpkt_put_cstring(ssh, "ssh-userauth")) != 0 || |
389 |
|
|
(r = sshpkt_send(ssh)) != 0) |
390 |
|
|
fatal("%s: %s", __func__, ssh_err(r)); |
391 |
|
|
|
392 |
|
|
ssh->authctxt = &authctxt; |
393 |
|
|
ssh_dispatch_init(ssh, &input_userauth_error); |
394 |
|
|
ssh_dispatch_set(ssh, SSH2_MSG_EXT_INFO, &input_userauth_ext_info); |
395 |
|
|
ssh_dispatch_set(ssh, SSH2_MSG_SERVICE_ACCEPT, &input_userauth_service_accept); |
396 |
|
|
ssh_dispatch_run_fatal(ssh, DISPATCH_BLOCK, &authctxt.success); /* loop until success */ |
397 |
|
|
ssh->authctxt = NULL; |
398 |
|
|
|
399 |
|
|
pubkey_cleanup(&authctxt); |
400 |
|
|
ssh_dispatch_range(ssh, SSH2_MSG_USERAUTH_MIN, SSH2_MSG_USERAUTH_MAX, NULL); |
401 |
|
|
|
402 |
|
|
if (!authctxt.success) |
403 |
|
|
fatal("Authentication failed."); |
404 |
|
|
debug("Authentication succeeded (%s).", authctxt.method->name); |
405 |
|
|
} |
406 |
|
|
|
407 |
|
|
/* ARGSUSED */ |
408 |
|
|
int |
409 |
|
|
input_userauth_service_accept(int type, u_int32_t seq, struct ssh *ssh) |
410 |
|
|
{ |
411 |
|
|
Authctxt *authctxt = ssh->authctxt; |
412 |
|
|
int r; |
413 |
|
|
|
414 |
|
|
if (ssh_packet_remaining(ssh) > 0) { |
415 |
|
|
char *reply; |
416 |
|
|
|
417 |
|
|
if ((r = sshpkt_get_cstring(ssh, &reply, NULL)) != 0) |
418 |
|
|
goto out; |
419 |
|
|
debug2("service_accept: %s", reply); |
420 |
|
|
free(reply); |
421 |
|
|
} else { |
422 |
|
|
debug2("buggy server: service_accept w/o service"); |
423 |
|
|
} |
424 |
|
|
if ((r = sshpkt_get_end(ssh)) != 0) |
425 |
|
|
goto out; |
426 |
|
|
debug("SSH2_MSG_SERVICE_ACCEPT received"); |
427 |
|
|
|
428 |
|
|
/* initial userauth request */ |
429 |
|
|
userauth_none(authctxt); |
430 |
|
|
|
431 |
|
|
ssh_dispatch_set(ssh, SSH2_MSG_EXT_INFO, &input_userauth_error); |
432 |
|
|
ssh_dispatch_set(ssh, SSH2_MSG_USERAUTH_SUCCESS, &input_userauth_success); |
433 |
|
|
ssh_dispatch_set(ssh, SSH2_MSG_USERAUTH_FAILURE, &input_userauth_failure); |
434 |
|
|
ssh_dispatch_set(ssh, SSH2_MSG_USERAUTH_BANNER, &input_userauth_banner); |
435 |
|
|
r = 0; |
436 |
|
|
out: |
437 |
|
|
return r; |
438 |
|
|
} |
439 |
|
|
|
440 |
|
|
/* ARGSUSED */ |
441 |
|
|
int |
442 |
|
|
input_userauth_ext_info(int type, u_int32_t seqnr, struct ssh *ssh) |
443 |
|
|
{ |
444 |
|
|
return kex_input_ext_info(type, seqnr, ssh); |
445 |
|
|
} |
446 |
|
|
|
447 |
|
|
void |
448 |
|
|
userauth(Authctxt *authctxt, char *authlist) |
449 |
|
|
{ |
450 |
|
|
if (authctxt->method != NULL && authctxt->method->cleanup != NULL) |
451 |
|
|
authctxt->method->cleanup(authctxt); |
452 |
|
|
|
453 |
|
|
free(authctxt->methoddata); |
454 |
|
|
authctxt->methoddata = NULL; |
455 |
|
|
if (authlist == NULL) { |
456 |
|
|
authlist = authctxt->authlist; |
457 |
|
|
} else { |
458 |
|
|
free(authctxt->authlist); |
459 |
|
|
authctxt->authlist = authlist; |
460 |
|
|
} |
461 |
|
|
for (;;) { |
462 |
|
|
Authmethod *method = authmethod_get(authlist); |
463 |
|
|
if (method == NULL) |
464 |
|
|
fatal("%s@%s: Permission denied (%s).", |
465 |
|
|
authctxt->server_user, authctxt->host, authlist); |
466 |
|
|
authctxt->method = method; |
467 |
|
|
|
468 |
|
|
/* reset the per method handler */ |
469 |
|
|
dispatch_range(SSH2_MSG_USERAUTH_PER_METHOD_MIN, |
470 |
|
|
SSH2_MSG_USERAUTH_PER_METHOD_MAX, NULL); |
471 |
|
|
|
472 |
|
|
/* and try new method */ |
473 |
|
|
if (method->userauth(authctxt) != 0) { |
474 |
|
|
debug2("we sent a %s packet, wait for reply", method->name); |
475 |
|
|
break; |
476 |
|
|
} else { |
477 |
|
|
debug2("we did not send a packet, disable method"); |
478 |
|
|
method->enabled = NULL; |
479 |
|
|
} |
480 |
|
|
} |
481 |
|
|
} |
482 |
|
|
|
483 |
|
|
/* ARGSUSED */ |
484 |
|
|
int |
485 |
|
|
input_userauth_error(int type, u_int32_t seq, struct ssh *ssh) |
486 |
|
|
{ |
487 |
|
|
fatal("input_userauth_error: bad message during authentication: " |
488 |
|
|
"type %d", type); |
489 |
|
|
return 0; |
490 |
|
|
} |
491 |
|
|
|
492 |
|
|
/* ARGSUSED */ |
493 |
|
|
int |
494 |
|
|
input_userauth_banner(int type, u_int32_t seq, struct ssh *ssh) |
495 |
|
|
{ |
496 |
|
|
char *msg, *lang; |
497 |
|
|
u_int len; |
498 |
|
|
|
499 |
|
|
debug3("%s", __func__); |
500 |
|
|
msg = packet_get_string(&len); |
501 |
|
|
lang = packet_get_string(NULL); |
502 |
|
|
if (len > 0 && options.log_level >= SYSLOG_LEVEL_INFO) |
503 |
|
|
fmprintf(stderr, "%s", msg); |
504 |
|
|
free(msg); |
505 |
|
|
free(lang); |
506 |
|
|
return 0; |
507 |
|
|
} |
508 |
|
|
|
509 |
|
|
/* ARGSUSED */ |
510 |
|
|
int |
511 |
|
|
input_userauth_success(int type, u_int32_t seq, struct ssh *ssh) |
512 |
|
|
{ |
513 |
|
|
Authctxt *authctxt = ssh->authctxt; |
514 |
|
|
|
515 |
|
|
if (authctxt == NULL) |
516 |
|
|
fatal("input_userauth_success: no authentication context"); |
517 |
|
|
free(authctxt->authlist); |
518 |
|
|
authctxt->authlist = NULL; |
519 |
|
|
if (authctxt->method != NULL && authctxt->method->cleanup != NULL) |
520 |
|
|
authctxt->method->cleanup(authctxt); |
521 |
|
|
free(authctxt->methoddata); |
522 |
|
|
authctxt->methoddata = NULL; |
523 |
|
|
authctxt->success = 1; /* break out */ |
524 |
|
|
return 0; |
525 |
|
|
} |
526 |
|
|
|
527 |
|
|
int |
528 |
|
|
input_userauth_success_unexpected(int type, u_int32_t seq, struct ssh *ssh) |
529 |
|
|
{ |
530 |
|
|
Authctxt *authctxt = ssh->authctxt; |
531 |
|
|
|
532 |
|
|
if (authctxt == NULL) |
533 |
|
|
fatal("%s: no authentication context", __func__); |
534 |
|
|
|
535 |
|
|
fatal("Unexpected authentication success during %s.", |
536 |
|
|
authctxt->method->name); |
537 |
|
|
return 0; |
538 |
|
|
} |
539 |
|
|
|
540 |
|
|
/* ARGSUSED */ |
541 |
|
|
int |
542 |
|
|
input_userauth_failure(int type, u_int32_t seq, struct ssh *ssh) |
543 |
|
|
{ |
544 |
|
|
Authctxt *authctxt = ssh->authctxt; |
545 |
|
|
char *authlist = NULL; |
546 |
|
|
int partial; |
547 |
|
|
|
548 |
|
|
if (authctxt == NULL) |
549 |
|
|
fatal("input_userauth_failure: no authentication context"); |
550 |
|
|
|
551 |
|
|
authlist = packet_get_string(NULL); |
552 |
|
|
partial = packet_get_char(); |
553 |
|
|
packet_check_eom(); |
554 |
|
|
|
555 |
|
|
if (partial != 0) { |
556 |
|
|
verbose("Authenticated with partial success."); |
557 |
|
|
/* reset state */ |
558 |
|
|
pubkey_reset(authctxt); |
559 |
|
|
} |
560 |
|
|
debug("Authentications that can continue: %s", authlist); |
561 |
|
|
|
562 |
|
|
userauth(authctxt, authlist); |
563 |
|
|
return 0; |
564 |
|
|
} |
565 |
|
|
|
566 |
|
|
/* ARGSUSED */ |
567 |
|
|
int |
568 |
|
|
input_userauth_pk_ok(int type, u_int32_t seq, struct ssh *ssh) |
569 |
|
|
{ |
570 |
|
|
Authctxt *authctxt = ssh->authctxt; |
571 |
|
|
struct sshkey *key = NULL; |
572 |
|
|
Identity *id = NULL; |
573 |
|
|
Buffer b; |
574 |
|
|
int pktype, sent = 0; |
575 |
|
|
u_int alen, blen; |
576 |
|
|
char *pkalg, *fp; |
577 |
|
|
u_char *pkblob; |
578 |
|
|
|
579 |
|
|
if (authctxt == NULL) |
580 |
|
|
fatal("input_userauth_pk_ok: no authentication context"); |
581 |
|
|
if (datafellows & SSH_BUG_PKOK) { |
582 |
|
|
/* this is similar to SSH_BUG_PKAUTH */ |
583 |
|
|
debug2("input_userauth_pk_ok: SSH_BUG_PKOK"); |
584 |
|
|
pkblob = packet_get_string(&blen); |
585 |
|
|
buffer_init(&b); |
586 |
|
|
buffer_append(&b, pkblob, blen); |
587 |
|
|
pkalg = buffer_get_string(&b, &alen); |
588 |
|
|
buffer_free(&b); |
589 |
|
|
} else { |
590 |
|
|
pkalg = packet_get_string(&alen); |
591 |
|
|
pkblob = packet_get_string(&blen); |
592 |
|
|
} |
593 |
|
|
packet_check_eom(); |
594 |
|
|
|
595 |
|
|
debug("Server accepts key: pkalg %s blen %u", pkalg, blen); |
596 |
|
|
|
597 |
|
|
if ((pktype = key_type_from_name(pkalg)) == KEY_UNSPEC) { |
598 |
|
|
debug("unknown pkalg %s", pkalg); |
599 |
|
|
goto done; |
600 |
|
|
} |
601 |
|
|
if ((key = key_from_blob(pkblob, blen)) == NULL) { |
602 |
|
|
debug("no key from blob. pkalg %s", pkalg); |
603 |
|
|
goto done; |
604 |
|
|
} |
605 |
|
|
if (key->type != pktype) { |
606 |
|
|
error("input_userauth_pk_ok: type mismatch " |
607 |
|
|
"for decoded key (received %d, expected %d)", |
608 |
|
|
key->type, pktype); |
609 |
|
|
goto done; |
610 |
|
|
} |
611 |
|
|
if ((fp = sshkey_fingerprint(key, options.fingerprint_hash, |
612 |
|
|
SSH_FP_DEFAULT)) == NULL) |
613 |
|
|
goto done; |
614 |
|
|
debug2("input_userauth_pk_ok: fp %s", fp); |
615 |
|
|
free(fp); |
616 |
|
|
|
617 |
|
|
/* |
618 |
|
|
* search keys in the reverse order, because last candidate has been |
619 |
|
|
* moved to the end of the queue. this also avoids confusion by |
620 |
|
|
* duplicate keys |
621 |
|
|
*/ |
622 |
|
|
TAILQ_FOREACH_REVERSE(id, &authctxt->keys, idlist, next) { |
623 |
|
|
if (key_equal(key, id->key)) { |
624 |
|
|
sent = sign_and_send_pubkey(authctxt, id); |
625 |
|
|
break; |
626 |
|
|
} |
627 |
|
|
} |
628 |
|
|
done: |
629 |
|
|
if (key != NULL) |
630 |
|
|
key_free(key); |
631 |
|
|
free(pkalg); |
632 |
|
|
free(pkblob); |
633 |
|
|
|
634 |
|
|
/* try another method if we did not send a packet */ |
635 |
|
|
if (sent == 0) |
636 |
|
|
userauth(authctxt, NULL); |
637 |
|
|
return 0; |
638 |
|
|
} |
639 |
|
|
|
640 |
|
|
#ifdef GSSAPI |
641 |
|
|
int |
642 |
|
|
userauth_gssapi(Authctxt *authctxt) |
643 |
|
|
{ |
644 |
|
|
Gssctxt *gssctxt = NULL; |
645 |
|
|
static gss_OID_set gss_supported = NULL; |
646 |
|
|
static u_int mech = 0; |
647 |
|
|
OM_uint32 min; |
648 |
|
|
int ok = 0; |
649 |
|
|
|
650 |
|
|
/* Try one GSSAPI method at a time, rather than sending them all at |
651 |
|
|
* once. */ |
652 |
|
|
|
653 |
|
|
if (gss_supported == NULL) |
654 |
|
|
gss_indicate_mechs(&min, &gss_supported); |
655 |
|
|
|
656 |
|
|
/* Check to see if the mechanism is usable before we offer it */ |
657 |
|
|
while (mech < gss_supported->count && !ok) { |
658 |
|
|
/* My DER encoding requires length<128 */ |
659 |
|
|
if (gss_supported->elements[mech].length < 128 && |
660 |
|
|
ssh_gssapi_check_mechanism(&gssctxt, |
661 |
|
|
&gss_supported->elements[mech], authctxt->host)) { |
662 |
|
|
ok = 1; /* Mechanism works */ |
663 |
|
|
} else { |
664 |
|
|
mech++; |
665 |
|
|
} |
666 |
|
|
} |
667 |
|
|
|
668 |
|
|
if (!ok) |
669 |
|
|
return 0; |
670 |
|
|
|
671 |
|
|
authctxt->methoddata=(void *)gssctxt; |
672 |
|
|
|
673 |
|
|
packet_start(SSH2_MSG_USERAUTH_REQUEST); |
674 |
|
|
packet_put_cstring(authctxt->server_user); |
675 |
|
|
packet_put_cstring(authctxt->service); |
676 |
|
|
packet_put_cstring(authctxt->method->name); |
677 |
|
|
|
678 |
|
|
packet_put_int(1); |
679 |
|
|
|
680 |
|
|
packet_put_int((gss_supported->elements[mech].length) + 2); |
681 |
|
|
packet_put_char(SSH_GSS_OIDTYPE); |
682 |
|
|
packet_put_char(gss_supported->elements[mech].length); |
683 |
|
|
packet_put_raw(gss_supported->elements[mech].elements, |
684 |
|
|
gss_supported->elements[mech].length); |
685 |
|
|
|
686 |
|
|
packet_send(); |
687 |
|
|
|
688 |
|
|
dispatch_set(SSH2_MSG_USERAUTH_GSSAPI_RESPONSE, &input_gssapi_response); |
689 |
|
|
dispatch_set(SSH2_MSG_USERAUTH_GSSAPI_TOKEN, &input_gssapi_token); |
690 |
|
|
dispatch_set(SSH2_MSG_USERAUTH_GSSAPI_ERROR, &input_gssapi_error); |
691 |
|
|
dispatch_set(SSH2_MSG_USERAUTH_GSSAPI_ERRTOK, &input_gssapi_errtok); |
692 |
|
|
|
693 |
|
|
mech++; /* Move along to next candidate */ |
694 |
|
|
|
695 |
|
|
return 1; |
696 |
|
|
} |
697 |
|
|
|
698 |
|
|
static OM_uint32 |
699 |
|
|
process_gssapi_token(struct ssh *ssh, gss_buffer_t recv_tok) |
700 |
|
|
{ |
701 |
|
|
Authctxt *authctxt = ssh->authctxt; |
702 |
|
|
Gssctxt *gssctxt = authctxt->methoddata; |
703 |
|
|
gss_buffer_desc send_tok = GSS_C_EMPTY_BUFFER; |
704 |
|
|
gss_buffer_desc mic = GSS_C_EMPTY_BUFFER; |
705 |
|
|
gss_buffer_desc gssbuf; |
706 |
|
|
OM_uint32 status, ms, flags; |
707 |
|
|
Buffer b; |
708 |
|
|
|
709 |
|
|
status = ssh_gssapi_init_ctx(gssctxt, options.gss_deleg_creds, |
710 |
|
|
recv_tok, &send_tok, &flags); |
711 |
|
|
|
712 |
|
|
if (send_tok.length > 0) { |
713 |
|
|
if (GSS_ERROR(status)) |
714 |
|
|
packet_start(SSH2_MSG_USERAUTH_GSSAPI_ERRTOK); |
715 |
|
|
else |
716 |
|
|
packet_start(SSH2_MSG_USERAUTH_GSSAPI_TOKEN); |
717 |
|
|
|
718 |
|
|
packet_put_string(send_tok.value, send_tok.length); |
719 |
|
|
packet_send(); |
720 |
|
|
gss_release_buffer(&ms, &send_tok); |
721 |
|
|
} |
722 |
|
|
|
723 |
|
|
if (status == GSS_S_COMPLETE) { |
724 |
|
|
/* send either complete or MIC, depending on mechanism */ |
725 |
|
|
if (!(flags & GSS_C_INTEG_FLAG)) { |
726 |
|
|
packet_start(SSH2_MSG_USERAUTH_GSSAPI_EXCHANGE_COMPLETE); |
727 |
|
|
packet_send(); |
728 |
|
|
} else { |
729 |
|
|
ssh_gssapi_buildmic(&b, authctxt->server_user, |
730 |
|
|
authctxt->service, "gssapi-with-mic"); |
731 |
|
|
|
732 |
|
|
gssbuf.value = buffer_ptr(&b); |
733 |
|
|
gssbuf.length = buffer_len(&b); |
734 |
|
|
|
735 |
|
|
status = ssh_gssapi_sign(gssctxt, &gssbuf, &mic); |
736 |
|
|
|
737 |
|
|
if (!GSS_ERROR(status)) { |
738 |
|
|
packet_start(SSH2_MSG_USERAUTH_GSSAPI_MIC); |
739 |
|
|
packet_put_string(mic.value, mic.length); |
740 |
|
|
|
741 |
|
|
packet_send(); |
742 |
|
|
} |
743 |
|
|
|
744 |
|
|
buffer_free(&b); |
745 |
|
|
gss_release_buffer(&ms, &mic); |
746 |
|
|
} |
747 |
|
|
} |
748 |
|
|
|
749 |
|
|
return status; |
750 |
|
|
} |
751 |
|
|
|
752 |
|
|
/* ARGSUSED */ |
753 |
|
|
int |
754 |
|
|
input_gssapi_response(int type, u_int32_t plen, struct ssh *ssh) |
755 |
|
|
{ |
756 |
|
|
Authctxt *authctxt = ssh->authctxt; |
757 |
|
|
Gssctxt *gssctxt; |
758 |
|
|
int oidlen; |
759 |
|
|
char *oidv; |
760 |
|
|
|
761 |
|
|
if (authctxt == NULL) |
762 |
|
|
fatal("input_gssapi_response: no authentication context"); |
763 |
|
|
gssctxt = authctxt->methoddata; |
764 |
|
|
|
765 |
|
|
/* Setup our OID */ |
766 |
|
|
oidv = packet_get_string(&oidlen); |
767 |
|
|
|
768 |
|
|
if (oidlen <= 2 || |
769 |
|
|
oidv[0] != SSH_GSS_OIDTYPE || |
770 |
|
|
oidv[1] != oidlen - 2) { |
771 |
|
|
free(oidv); |
772 |
|
|
debug("Badly encoded mechanism OID received"); |
773 |
|
|
userauth(authctxt, NULL); |
774 |
|
|
return 0; |
775 |
|
|
} |
776 |
|
|
|
777 |
|
|
if (!ssh_gssapi_check_oid(gssctxt, oidv + 2, oidlen - 2)) |
778 |
|
|
fatal("Server returned different OID than expected"); |
779 |
|
|
|
780 |
|
|
packet_check_eom(); |
781 |
|
|
|
782 |
|
|
free(oidv); |
783 |
|
|
|
784 |
|
|
if (GSS_ERROR(process_gssapi_token(ssh, GSS_C_NO_BUFFER))) { |
785 |
|
|
/* Start again with next method on list */ |
786 |
|
|
debug("Trying to start again"); |
787 |
|
|
userauth(authctxt, NULL); |
788 |
|
|
return 0; |
789 |
|
|
} |
790 |
|
|
return 0; |
791 |
|
|
} |
792 |
|
|
|
793 |
|
|
/* ARGSUSED */ |
794 |
|
|
int |
795 |
|
|
input_gssapi_token(int type, u_int32_t plen, struct ssh *ssh) |
796 |
|
|
{ |
797 |
|
|
Authctxt *authctxt = ssh->authctxt; |
798 |
|
|
gss_buffer_desc recv_tok; |
799 |
|
|
OM_uint32 status; |
800 |
|
|
u_int slen; |
801 |
|
|
|
802 |
|
|
if (authctxt == NULL) |
803 |
|
|
fatal("input_gssapi_response: no authentication context"); |
804 |
|
|
|
805 |
|
|
recv_tok.value = packet_get_string(&slen); |
806 |
|
|
recv_tok.length = slen; /* safe typecast */ |
807 |
|
|
|
808 |
|
|
packet_check_eom(); |
809 |
|
|
|
810 |
|
|
status = process_gssapi_token(ssh, &recv_tok); |
811 |
|
|
|
812 |
|
|
free(recv_tok.value); |
813 |
|
|
|
814 |
|
|
if (GSS_ERROR(status)) { |
815 |
|
|
/* Start again with the next method in the list */ |
816 |
|
|
userauth(authctxt, NULL); |
817 |
|
|
return 0; |
818 |
|
|
} |
819 |
|
|
return 0; |
820 |
|
|
} |
821 |
|
|
|
822 |
|
|
/* ARGSUSED */ |
823 |
|
|
int |
824 |
|
|
input_gssapi_errtok(int type, u_int32_t plen, struct ssh *ssh) |
825 |
|
|
{ |
826 |
|
|
Authctxt *authctxt = ssh->authctxt; |
827 |
|
|
Gssctxt *gssctxt; |
828 |
|
|
gss_buffer_desc send_tok = GSS_C_EMPTY_BUFFER; |
829 |
|
|
gss_buffer_desc recv_tok; |
830 |
|
|
OM_uint32 ms; |
831 |
|
|
u_int len; |
832 |
|
|
|
833 |
|
|
if (authctxt == NULL) |
834 |
|
|
fatal("input_gssapi_response: no authentication context"); |
835 |
|
|
gssctxt = authctxt->methoddata; |
836 |
|
|
|
837 |
|
|
recv_tok.value = packet_get_string(&len); |
838 |
|
|
recv_tok.length = len; |
839 |
|
|
|
840 |
|
|
packet_check_eom(); |
841 |
|
|
|
842 |
|
|
/* Stick it into GSSAPI and see what it says */ |
843 |
|
|
(void)ssh_gssapi_init_ctx(gssctxt, options.gss_deleg_creds, |
844 |
|
|
&recv_tok, &send_tok, NULL); |
845 |
|
|
|
846 |
|
|
free(recv_tok.value); |
847 |
|
|
gss_release_buffer(&ms, &send_tok); |
848 |
|
|
|
849 |
|
|
/* Server will be returning a failed packet after this one */ |
850 |
|
|
return 0; |
851 |
|
|
} |
852 |
|
|
|
853 |
|
|
/* ARGSUSED */ |
854 |
|
|
int |
855 |
|
|
input_gssapi_error(int type, u_int32_t plen, struct ssh *ssh) |
856 |
|
|
{ |
857 |
|
|
char *msg; |
858 |
|
|
char *lang; |
859 |
|
|
|
860 |
|
|
/* maj */(void)packet_get_int(); |
861 |
|
|
/* min */(void)packet_get_int(); |
862 |
|
|
msg=packet_get_string(NULL); |
863 |
|
|
lang=packet_get_string(NULL); |
864 |
|
|
|
865 |
|
|
packet_check_eom(); |
866 |
|
|
|
867 |
|
|
debug("Server GSSAPI Error:\n%s", msg); |
868 |
|
|
free(msg); |
869 |
|
|
free(lang); |
870 |
|
|
return 0; |
871 |
|
|
} |
872 |
|
|
#endif /* GSSAPI */ |
873 |
|
|
|
874 |
|
|
int |
875 |
|
|
userauth_none(Authctxt *authctxt) |
876 |
|
|
{ |
877 |
|
|
/* initial userauth request */ |
878 |
|
|
packet_start(SSH2_MSG_USERAUTH_REQUEST); |
879 |
|
|
packet_put_cstring(authctxt->server_user); |
880 |
|
|
packet_put_cstring(authctxt->service); |
881 |
|
|
packet_put_cstring(authctxt->method->name); |
882 |
|
|
packet_send(); |
883 |
|
|
return 1; |
884 |
|
|
} |
885 |
|
|
|
886 |
|
|
int |
887 |
|
|
userauth_passwd(Authctxt *authctxt) |
888 |
|
|
{ |
889 |
|
|
static int attempt = 0; |
890 |
|
|
char prompt[256]; |
891 |
|
|
char *password; |
892 |
|
|
const char *host = options.host_key_alias ? options.host_key_alias : |
893 |
|
|
authctxt->host; |
894 |
|
|
|
895 |
|
|
if (attempt++ >= options.number_of_password_prompts) |
896 |
|
|
return 0; |
897 |
|
|
|
898 |
|
|
if (attempt != 1) |
899 |
|
|
error("Permission denied, please try again."); |
900 |
|
|
|
901 |
|
|
snprintf(prompt, sizeof(prompt), "%.30s@%.128s's password: ", |
902 |
|
|
authctxt->server_user, host); |
903 |
|
|
password = read_passphrase(prompt, 0); |
904 |
|
|
packet_start(SSH2_MSG_USERAUTH_REQUEST); |
905 |
|
|
packet_put_cstring(authctxt->server_user); |
906 |
|
|
packet_put_cstring(authctxt->service); |
907 |
|
|
packet_put_cstring(authctxt->method->name); |
908 |
|
|
packet_put_char(0); |
909 |
|
|
packet_put_cstring(password); |
910 |
|
|
explicit_bzero(password, strlen(password)); |
911 |
|
|
free(password); |
912 |
|
|
packet_add_padding(64); |
913 |
|
|
packet_send(); |
914 |
|
|
|
915 |
|
|
dispatch_set(SSH2_MSG_USERAUTH_PASSWD_CHANGEREQ, |
916 |
|
|
&input_userauth_passwd_changereq); |
917 |
|
|
|
918 |
|
|
return 1; |
919 |
|
|
} |
920 |
|
|
|
921 |
|
|
/* |
922 |
|
|
* parse PASSWD_CHANGEREQ, prompt user and send SSH2_MSG_USERAUTH_REQUEST |
923 |
|
|
*/ |
924 |
|
|
/* ARGSUSED */ |
925 |
|
|
int |
926 |
|
|
input_userauth_passwd_changereq(int type, u_int32_t seqnr, struct ssh *ssh) |
927 |
|
|
{ |
928 |
|
|
Authctxt *authctxt = ssh->authctxt; |
929 |
|
|
char *info, *lang, *password = NULL, *retype = NULL; |
930 |
|
|
char prompt[256]; |
931 |
|
|
const char *host; |
932 |
|
|
|
933 |
|
|
debug2("input_userauth_passwd_changereq"); |
934 |
|
|
|
935 |
|
|
if (authctxt == NULL) |
936 |
|
|
fatal("input_userauth_passwd_changereq: " |
937 |
|
|
"no authentication context"); |
938 |
|
|
host = options.host_key_alias ? options.host_key_alias : authctxt->host; |
939 |
|
|
|
940 |
|
|
info = packet_get_string(NULL); |
941 |
|
|
lang = packet_get_string(NULL); |
942 |
|
|
if (strlen(info) > 0) |
943 |
|
|
logit("%s", info); |
944 |
|
|
free(info); |
945 |
|
|
free(lang); |
946 |
|
|
packet_start(SSH2_MSG_USERAUTH_REQUEST); |
947 |
|
|
packet_put_cstring(authctxt->server_user); |
948 |
|
|
packet_put_cstring(authctxt->service); |
949 |
|
|
packet_put_cstring(authctxt->method->name); |
950 |
|
|
packet_put_char(1); /* additional info */ |
951 |
|
|
snprintf(prompt, sizeof(prompt), |
952 |
|
|
"Enter %.30s@%.128s's old password: ", |
953 |
|
|
authctxt->server_user, host); |
954 |
|
|
password = read_passphrase(prompt, 0); |
955 |
|
|
packet_put_cstring(password); |
956 |
|
|
explicit_bzero(password, strlen(password)); |
957 |
|
|
free(password); |
958 |
|
|
password = NULL; |
959 |
|
|
while (password == NULL) { |
960 |
|
|
snprintf(prompt, sizeof(prompt), |
961 |
|
|
"Enter %.30s@%.128s's new password: ", |
962 |
|
|
authctxt->server_user, host); |
963 |
|
|
password = read_passphrase(prompt, RP_ALLOW_EOF); |
964 |
|
|
if (password == NULL) { |
965 |
|
|
/* bail out */ |
966 |
|
|
return 0; |
967 |
|
|
} |
968 |
|
|
snprintf(prompt, sizeof(prompt), |
969 |
|
|
"Retype %.30s@%.128s's new password: ", |
970 |
|
|
authctxt->server_user, host); |
971 |
|
|
retype = read_passphrase(prompt, 0); |
972 |
|
|
if (strcmp(password, retype) != 0) { |
973 |
|
|
explicit_bzero(password, strlen(password)); |
974 |
|
|
free(password); |
975 |
|
|
logit("Mismatch; try again, EOF to quit."); |
976 |
|
|
password = NULL; |
977 |
|
|
} |
978 |
|
|
explicit_bzero(retype, strlen(retype)); |
979 |
|
|
free(retype); |
980 |
|
|
} |
981 |
|
|
packet_put_cstring(password); |
982 |
|
|
explicit_bzero(password, strlen(password)); |
983 |
|
|
free(password); |
984 |
|
|
packet_add_padding(64); |
985 |
|
|
packet_send(); |
986 |
|
|
|
987 |
|
|
dispatch_set(SSH2_MSG_USERAUTH_PASSWD_CHANGEREQ, |
988 |
|
|
&input_userauth_passwd_changereq); |
989 |
|
|
return 0; |
990 |
|
|
} |
991 |
|
|
|
992 |
|
|
static const char * |
993 |
|
|
key_sign_encode(const struct sshkey *key) |
994 |
|
|
{ |
995 |
|
|
struct ssh *ssh = active_state; |
996 |
|
|
|
997 |
|
|
if (key->type == KEY_RSA) { |
998 |
|
|
switch (ssh->kex->rsa_sha2) { |
999 |
|
|
case 256: |
1000 |
|
|
return "rsa-sha2-256"; |
1001 |
|
|
case 512: |
1002 |
|
|
return "rsa-sha2-512"; |
1003 |
|
|
} |
1004 |
|
|
} |
1005 |
|
|
return key_ssh_name(key); |
1006 |
|
|
} |
1007 |
|
|
|
1008 |
|
|
static int |
1009 |
|
|
identity_sign(struct identity *id, u_char **sigp, size_t *lenp, |
1010 |
|
|
const u_char *data, size_t datalen, u_int compat) |
1011 |
|
|
{ |
1012 |
|
|
struct sshkey *prv; |
1013 |
|
|
int ret; |
1014 |
|
|
|
1015 |
|
|
/* the agent supports this key */ |
1016 |
|
|
if (id->key != NULL && id->agent_fd != -1) |
1017 |
|
|
return ssh_agent_sign(id->agent_fd, id->key, sigp, lenp, |
1018 |
|
|
data, datalen, key_sign_encode(id->key), compat); |
1019 |
|
|
|
1020 |
|
|
/* |
1021 |
|
|
* we have already loaded the private key or |
1022 |
|
|
* the private key is stored in external hardware |
1023 |
|
|
*/ |
1024 |
|
|
if (id->key != NULL && |
1025 |
|
|
(id->isprivate || (id->key->flags & SSHKEY_FLAG_EXT))) |
1026 |
|
|
return (sshkey_sign(id->key, sigp, lenp, data, datalen, |
1027 |
|
|
key_sign_encode(id->key), compat)); |
1028 |
|
|
|
1029 |
|
|
/* load the private key from the file */ |
1030 |
|
|
if ((prv = load_identity_file(id)) == NULL) |
1031 |
|
|
return SSH_ERR_KEY_NOT_FOUND; |
1032 |
|
|
if (id->key != NULL && !sshkey_equal_public(prv, id->key)) { |
1033 |
|
|
error("%s: private key %s contents do not match public", |
1034 |
|
|
__func__, id->filename); |
1035 |
|
|
return SSH_ERR_KEY_NOT_FOUND; |
1036 |
|
|
} |
1037 |
|
|
ret = sshkey_sign(prv, sigp, lenp, data, datalen, |
1038 |
|
|
key_sign_encode(prv), compat); |
1039 |
|
|
sshkey_free(prv); |
1040 |
|
|
return (ret); |
1041 |
|
|
} |
1042 |
|
|
|
1043 |
|
|
static int |
1044 |
|
|
id_filename_matches(Identity *id, Identity *private_id) |
1045 |
|
|
{ |
1046 |
|
|
const char *suffixes[] = { ".pub", "-cert.pub", NULL }; |
1047 |
|
|
size_t len = strlen(id->filename), plen = strlen(private_id->filename); |
1048 |
|
|
size_t i, slen; |
1049 |
|
|
|
1050 |
|
|
if (strcmp(id->filename, private_id->filename) == 0) |
1051 |
|
|
return 1; |
1052 |
|
|
for (i = 0; suffixes[i]; i++) { |
1053 |
|
|
slen = strlen(suffixes[i]); |
1054 |
|
|
if (len > slen && plen == len - slen && |
1055 |
|
|
strcmp(id->filename + (len - slen), suffixes[i]) == 0 && |
1056 |
|
|
memcmp(id->filename, private_id->filename, plen) == 0) |
1057 |
|
|
return 1; |
1058 |
|
|
} |
1059 |
|
|
return 0; |
1060 |
|
|
} |
1061 |
|
|
|
1062 |
|
|
static int |
1063 |
|
|
sign_and_send_pubkey(Authctxt *authctxt, Identity *id) |
1064 |
|
|
{ |
1065 |
|
|
Buffer b; |
1066 |
|
|
Identity *private_id; |
1067 |
|
|
u_char *blob, *signature; |
1068 |
|
|
size_t slen; |
1069 |
|
|
u_int bloblen, skip = 0; |
1070 |
|
|
int matched, ret = -1, have_sig = 1; |
1071 |
|
|
char *fp; |
1072 |
|
|
|
1073 |
|
|
if ((fp = sshkey_fingerprint(id->key, options.fingerprint_hash, |
1074 |
|
|
SSH_FP_DEFAULT)) == NULL) |
1075 |
|
|
return 0; |
1076 |
|
|
debug3("%s: %s %s", __func__, key_type(id->key), fp); |
1077 |
|
|
free(fp); |
1078 |
|
|
|
1079 |
|
|
if (key_to_blob(id->key, &blob, &bloblen) == 0) { |
1080 |
|
|
/* we cannot handle this key */ |
1081 |
|
|
debug3("sign_and_send_pubkey: cannot handle key"); |
1082 |
|
|
return 0; |
1083 |
|
|
} |
1084 |
|
|
/* data to be signed */ |
1085 |
|
|
buffer_init(&b); |
1086 |
|
|
if (datafellows & SSH_OLD_SESSIONID) { |
1087 |
|
|
buffer_append(&b, session_id2, session_id2_len); |
1088 |
|
|
skip = session_id2_len; |
1089 |
|
|
} else { |
1090 |
|
|
buffer_put_string(&b, session_id2, session_id2_len); |
1091 |
|
|
skip = buffer_len(&b); |
1092 |
|
|
} |
1093 |
|
|
buffer_put_char(&b, SSH2_MSG_USERAUTH_REQUEST); |
1094 |
|
|
buffer_put_cstring(&b, authctxt->server_user); |
1095 |
|
|
buffer_put_cstring(&b, |
1096 |
|
|
datafellows & SSH_BUG_PKSERVICE ? |
1097 |
|
|
"ssh-userauth" : |
1098 |
|
|
authctxt->service); |
1099 |
|
|
if (datafellows & SSH_BUG_PKAUTH) { |
1100 |
|
|
buffer_put_char(&b, have_sig); |
1101 |
|
|
} else { |
1102 |
|
|
buffer_put_cstring(&b, authctxt->method->name); |
1103 |
|
|
buffer_put_char(&b, have_sig); |
1104 |
|
|
buffer_put_cstring(&b, key_sign_encode(id->key)); |
1105 |
|
|
} |
1106 |
|
|
buffer_put_string(&b, blob, bloblen); |
1107 |
|
|
|
1108 |
|
|
/* |
1109 |
|
|
* If the key is an certificate, try to find a matching private key |
1110 |
|
|
* and use it to complete the signature. |
1111 |
|
|
* If no such private key exists, fall back to trying the certificate |
1112 |
|
|
* key itself in case it has a private half already loaded. |
1113 |
|
|
*/ |
1114 |
|
|
if (key_is_cert(id->key)) { |
1115 |
|
|
matched = 0; |
1116 |
|
|
TAILQ_FOREACH(private_id, &authctxt->keys, next) { |
1117 |
|
|
if (sshkey_equal_public(id->key, private_id->key) && |
1118 |
|
|
id->key->type != private_id->key->type) { |
1119 |
|
|
id = private_id; |
1120 |
|
|
matched = 1; |
1121 |
|
|
break; |
1122 |
|
|
} |
1123 |
|
|
} |
1124 |
|
|
/* |
1125 |
|
|
* Exact key matches are preferred, but also allow |
1126 |
|
|
* filename matches for non-PKCS#11/agent keys that |
1127 |
|
|
* didn't load public keys. This supports the case |
1128 |
|
|
* of keeping just a private key file and public |
1129 |
|
|
* certificate on disk. |
1130 |
|
|
*/ |
1131 |
|
|
if (!matched && !id->isprivate && id->agent_fd == -1 && |
1132 |
|
|
(id->key->flags & SSHKEY_FLAG_EXT) == 0) { |
1133 |
|
|
TAILQ_FOREACH(private_id, &authctxt->keys, next) { |
1134 |
|
|
if (private_id->key == NULL && |
1135 |
|
|
id_filename_matches(id, private_id)) { |
1136 |
|
|
id = private_id; |
1137 |
|
|
matched = 1; |
1138 |
|
|
break; |
1139 |
|
|
} |
1140 |
|
|
} |
1141 |
|
|
} |
1142 |
|
|
if (matched) { |
1143 |
|
|
debug2("%s: using private key \"%s\"%s for " |
1144 |
|
|
"certificate", __func__, id->filename, |
1145 |
|
|
id->agent_fd != -1 ? " from agent" : ""); |
1146 |
|
|
} else { |
1147 |
|
|
debug("%s: no separate private key for certificate " |
1148 |
|
|
"\"%s\"", __func__, id->filename); |
1149 |
|
|
} |
1150 |
|
|
} |
1151 |
|
|
|
1152 |
|
|
/* generate signature */ |
1153 |
|
|
ret = identity_sign(id, &signature, &slen, |
1154 |
|
|
buffer_ptr(&b), buffer_len(&b), datafellows); |
1155 |
|
|
if (ret != 0) { |
1156 |
|
|
if (ret != SSH_ERR_KEY_NOT_FOUND) |
1157 |
|
|
error("%s: signing failed: %s", __func__, ssh_err(ret)); |
1158 |
|
|
free(blob); |
1159 |
|
|
buffer_free(&b); |
1160 |
|
|
return 0; |
1161 |
|
|
} |
1162 |
|
|
#ifdef DEBUG_PK |
1163 |
|
|
buffer_dump(&b); |
1164 |
|
|
#endif |
1165 |
|
|
if (datafellows & SSH_BUG_PKSERVICE) { |
1166 |
|
|
buffer_clear(&b); |
1167 |
|
|
buffer_append(&b, session_id2, session_id2_len); |
1168 |
|
|
skip = session_id2_len; |
1169 |
|
|
buffer_put_char(&b, SSH2_MSG_USERAUTH_REQUEST); |
1170 |
|
|
buffer_put_cstring(&b, authctxt->server_user); |
1171 |
|
|
buffer_put_cstring(&b, authctxt->service); |
1172 |
|
|
buffer_put_cstring(&b, authctxt->method->name); |
1173 |
|
|
buffer_put_char(&b, have_sig); |
1174 |
|
|
if (!(datafellows & SSH_BUG_PKAUTH)) |
1175 |
|
|
buffer_put_cstring(&b, key_ssh_name(id->key)); |
1176 |
|
|
buffer_put_string(&b, blob, bloblen); |
1177 |
|
|
} |
1178 |
|
|
free(blob); |
1179 |
|
|
|
1180 |
|
|
/* append signature */ |
1181 |
|
|
buffer_put_string(&b, signature, slen); |
1182 |
|
|
free(signature); |
1183 |
|
|
|
1184 |
|
|
/* skip session id and packet type */ |
1185 |
|
|
if (buffer_len(&b) < skip + 1) |
1186 |
|
|
fatal("userauth_pubkey: internal error"); |
1187 |
|
|
buffer_consume(&b, skip + 1); |
1188 |
|
|
|
1189 |
|
|
/* put remaining data from buffer into packet */ |
1190 |
|
|
packet_start(SSH2_MSG_USERAUTH_REQUEST); |
1191 |
|
|
packet_put_raw(buffer_ptr(&b), buffer_len(&b)); |
1192 |
|
|
buffer_free(&b); |
1193 |
|
|
packet_send(); |
1194 |
|
|
|
1195 |
|
|
return 1; |
1196 |
|
|
} |
1197 |
|
|
|
1198 |
|
|
static int |
1199 |
|
|
send_pubkey_test(Authctxt *authctxt, Identity *id) |
1200 |
|
|
{ |
1201 |
|
|
u_char *blob; |
1202 |
|
|
u_int bloblen, have_sig = 0; |
1203 |
|
|
|
1204 |
|
|
debug3("send_pubkey_test"); |
1205 |
|
|
|
1206 |
|
|
if (key_to_blob(id->key, &blob, &bloblen) == 0) { |
1207 |
|
|
/* we cannot handle this key */ |
1208 |
|
|
debug3("send_pubkey_test: cannot handle key"); |
1209 |
|
|
return 0; |
1210 |
|
|
} |
1211 |
|
|
/* register callback for USERAUTH_PK_OK message */ |
1212 |
|
|
dispatch_set(SSH2_MSG_USERAUTH_PK_OK, &input_userauth_pk_ok); |
1213 |
|
|
|
1214 |
|
|
packet_start(SSH2_MSG_USERAUTH_REQUEST); |
1215 |
|
|
packet_put_cstring(authctxt->server_user); |
1216 |
|
|
packet_put_cstring(authctxt->service); |
1217 |
|
|
packet_put_cstring(authctxt->method->name); |
1218 |
|
|
packet_put_char(have_sig); |
1219 |
|
|
if (!(datafellows & SSH_BUG_PKAUTH)) |
1220 |
|
|
packet_put_cstring(key_sign_encode(id->key)); |
1221 |
|
|
packet_put_string(blob, bloblen); |
1222 |
|
|
free(blob); |
1223 |
|
|
packet_send(); |
1224 |
|
|
return 1; |
1225 |
|
|
} |
1226 |
|
|
|
1227 |
|
|
static struct sshkey * |
1228 |
|
|
load_identity_file(Identity *id) |
1229 |
|
|
{ |
1230 |
|
|
struct sshkey *private = NULL; |
1231 |
|
|
char prompt[300], *passphrase, *comment; |
1232 |
|
|
int r, perm_ok = 0, quit = 0, i; |
1233 |
|
|
struct stat st; |
1234 |
|
|
|
1235 |
|
|
if (stat(id->filename, &st) < 0) { |
1236 |
|
|
(id->userprovided ? logit : debug3)("no such identity: %s: %s", |
1237 |
|
|
id->filename, strerror(errno)); |
1238 |
|
|
return NULL; |
1239 |
|
|
} |
1240 |
|
|
snprintf(prompt, sizeof prompt, |
1241 |
|
|
"Enter passphrase for key '%.100s': ", id->filename); |
1242 |
|
|
for (i = 0; i <= options.number_of_password_prompts; i++) { |
1243 |
|
|
if (i == 0) |
1244 |
|
|
passphrase = ""; |
1245 |
|
|
else { |
1246 |
|
|
passphrase = read_passphrase(prompt, 0); |
1247 |
|
|
if (*passphrase == '\0') { |
1248 |
|
|
debug2("no passphrase given, try next key"); |
1249 |
|
|
free(passphrase); |
1250 |
|
|
break; |
1251 |
|
|
} |
1252 |
|
|
} |
1253 |
|
|
switch ((r = sshkey_load_private_type(KEY_UNSPEC, id->filename, |
1254 |
|
|
passphrase, &private, &comment, &perm_ok))) { |
1255 |
|
|
case 0: |
1256 |
|
|
break; |
1257 |
|
|
case SSH_ERR_KEY_WRONG_PASSPHRASE: |
1258 |
|
|
if (options.batch_mode) { |
1259 |
|
|
quit = 1; |
1260 |
|
|
break; |
1261 |
|
|
} |
1262 |
|
|
if (i != 0) |
1263 |
|
|
debug2("bad passphrase given, try again..."); |
1264 |
|
|
break; |
1265 |
|
|
case SSH_ERR_SYSTEM_ERROR: |
1266 |
|
|
if (errno == ENOENT) { |
1267 |
|
|
debug2("Load key \"%s\": %s", |
1268 |
|
|
id->filename, ssh_err(r)); |
1269 |
|
|
quit = 1; |
1270 |
|
|
break; |
1271 |
|
|
} |
1272 |
|
|
/* FALLTHROUGH */ |
1273 |
|
|
default: |
1274 |
|
|
error("Load key \"%s\": %s", id->filename, ssh_err(r)); |
1275 |
|
|
quit = 1; |
1276 |
|
|
break; |
1277 |
|
|
} |
1278 |
|
|
if (!quit && private != NULL && id->agent_fd == -1 && |
1279 |
|
|
!(id->key && id->isprivate)) |
1280 |
|
|
maybe_add_key_to_agent(id->filename, private, comment, |
1281 |
|
|
passphrase); |
1282 |
|
|
if (i > 0) { |
1283 |
|
|
explicit_bzero(passphrase, strlen(passphrase)); |
1284 |
|
|
free(passphrase); |
1285 |
|
|
} |
1286 |
|
|
free(comment); |
1287 |
|
|
if (private != NULL || quit) |
1288 |
|
|
break; |
1289 |
|
|
} |
1290 |
|
|
return private; |
1291 |
|
|
} |
1292 |
|
|
|
1293 |
|
|
/* |
1294 |
|
|
* try keys in the following order: |
1295 |
|
|
* 1. certificates listed in the config file |
1296 |
|
|
* 2. other input certificates |
1297 |
|
|
* 3. agent keys that are found in the config file |
1298 |
|
|
* 4. other agent keys |
1299 |
|
|
* 5. keys that are only listed in the config file |
1300 |
|
|
*/ |
1301 |
|
|
static void |
1302 |
|
|
pubkey_prepare(Authctxt *authctxt) |
1303 |
|
|
{ |
1304 |
|
|
struct identity *id, *id2, *tmp; |
1305 |
|
|
struct idlist agent, files, *preferred; |
1306 |
|
|
struct sshkey *key; |
1307 |
|
|
int agent_fd = -1, i, r, found; |
1308 |
|
|
size_t j; |
1309 |
|
|
struct ssh_identitylist *idlist; |
1310 |
|
|
|
1311 |
|
|
TAILQ_INIT(&agent); /* keys from the agent */ |
1312 |
|
|
TAILQ_INIT(&files); /* keys from the config file */ |
1313 |
|
|
preferred = &authctxt->keys; |
1314 |
|
|
TAILQ_INIT(preferred); /* preferred order of keys */ |
1315 |
|
|
|
1316 |
|
|
/* list of keys stored in the filesystem and PKCS#11 */ |
1317 |
|
|
for (i = 0; i < options.num_identity_files; i++) { |
1318 |
|
|
key = options.identity_keys[i]; |
1319 |
|
|
if (key && key->cert && key->cert->type != SSH2_CERT_TYPE_USER) |
1320 |
|
|
continue; |
1321 |
|
|
options.identity_keys[i] = NULL; |
1322 |
|
|
id = xcalloc(1, sizeof(*id)); |
1323 |
|
|
id->agent_fd = -1; |
1324 |
|
|
id->key = key; |
1325 |
|
|
id->filename = xstrdup(options.identity_files[i]); |
1326 |
|
|
id->userprovided = options.identity_file_userprovided[i]; |
1327 |
|
|
TAILQ_INSERT_TAIL(&files, id, next); |
1328 |
|
|
} |
1329 |
|
|
/* list of certificates specified by user */ |
1330 |
|
|
for (i = 0; i < options.num_certificate_files; i++) { |
1331 |
|
|
key = options.certificates[i]; |
1332 |
|
|
if (!key_is_cert(key) || key->cert == NULL || |
1333 |
|
|
key->cert->type != SSH2_CERT_TYPE_USER) |
1334 |
|
|
continue; |
1335 |
|
|
id = xcalloc(1, sizeof(*id)); |
1336 |
|
|
id->agent_fd = -1; |
1337 |
|
|
id->key = key; |
1338 |
|
|
id->filename = xstrdup(options.certificate_files[i]); |
1339 |
|
|
id->userprovided = options.certificate_file_userprovided[i]; |
1340 |
|
|
TAILQ_INSERT_TAIL(preferred, id, next); |
1341 |
|
|
} |
1342 |
|
|
/* list of keys supported by the agent */ |
1343 |
|
|
if ((r = ssh_get_authentication_socket(&agent_fd)) != 0) { |
1344 |
|
|
if (r != SSH_ERR_AGENT_NOT_PRESENT) |
1345 |
|
|
debug("%s: ssh_get_authentication_socket: %s", |
1346 |
|
|
__func__, ssh_err(r)); |
1347 |
|
|
} else if ((r = ssh_fetch_identitylist(agent_fd, &idlist)) != 0) { |
1348 |
|
|
if (r != SSH_ERR_AGENT_NO_IDENTITIES) |
1349 |
|
|
debug("%s: ssh_fetch_identitylist: %s", |
1350 |
|
|
__func__, ssh_err(r)); |
1351 |
|
|
close(agent_fd); |
1352 |
|
|
} else { |
1353 |
|
|
for (j = 0; j < idlist->nkeys; j++) { |
1354 |
|
|
found = 0; |
1355 |
|
|
TAILQ_FOREACH(id, &files, next) { |
1356 |
|
|
/* |
1357 |
|
|
* agent keys from the config file are |
1358 |
|
|
* preferred |
1359 |
|
|
*/ |
1360 |
|
|
if (sshkey_equal(idlist->keys[j], id->key)) { |
1361 |
|
|
TAILQ_REMOVE(&files, id, next); |
1362 |
|
|
TAILQ_INSERT_TAIL(preferred, id, next); |
1363 |
|
|
id->agent_fd = agent_fd; |
1364 |
|
|
found = 1; |
1365 |
|
|
break; |
1366 |
|
|
} |
1367 |
|
|
} |
1368 |
|
|
if (!found && !options.identities_only) { |
1369 |
|
|
id = xcalloc(1, sizeof(*id)); |
1370 |
|
|
/* XXX "steals" key/comment from idlist */ |
1371 |
|
|
id->key = idlist->keys[j]; |
1372 |
|
|
id->filename = idlist->comments[j]; |
1373 |
|
|
idlist->keys[j] = NULL; |
1374 |
|
|
idlist->comments[j] = NULL; |
1375 |
|
|
id->agent_fd = agent_fd; |
1376 |
|
|
TAILQ_INSERT_TAIL(&agent, id, next); |
1377 |
|
|
} |
1378 |
|
|
} |
1379 |
|
|
ssh_free_identitylist(idlist); |
1380 |
|
|
/* append remaining agent keys */ |
1381 |
|
|
for (id = TAILQ_FIRST(&agent); id; id = TAILQ_FIRST(&agent)) { |
1382 |
|
|
TAILQ_REMOVE(&agent, id, next); |
1383 |
|
|
TAILQ_INSERT_TAIL(preferred, id, next); |
1384 |
|
|
} |
1385 |
|
|
authctxt->agent_fd = agent_fd; |
1386 |
|
|
} |
1387 |
|
|
/* Prefer PKCS11 keys that are explicitly listed */ |
1388 |
|
|
TAILQ_FOREACH_SAFE(id, &files, next, tmp) { |
1389 |
|
|
if (id->key == NULL || (id->key->flags & SSHKEY_FLAG_EXT) == 0) |
1390 |
|
|
continue; |
1391 |
|
|
found = 0; |
1392 |
|
|
TAILQ_FOREACH(id2, &files, next) { |
1393 |
|
|
if (id2->key == NULL || |
1394 |
|
|
(id2->key->flags & SSHKEY_FLAG_EXT) == 0) |
1395 |
|
|
continue; |
1396 |
|
|
if (sshkey_equal(id->key, id2->key)) { |
1397 |
|
|
TAILQ_REMOVE(&files, id, next); |
1398 |
|
|
TAILQ_INSERT_TAIL(preferred, id, next); |
1399 |
|
|
found = 1; |
1400 |
|
|
break; |
1401 |
|
|
} |
1402 |
|
|
} |
1403 |
|
|
/* If IdentitiesOnly set and key not found then don't use it */ |
1404 |
|
|
if (!found && options.identities_only) { |
1405 |
|
|
TAILQ_REMOVE(&files, id, next); |
1406 |
|
|
explicit_bzero(id, sizeof(*id)); |
1407 |
|
|
free(id); |
1408 |
|
|
} |
1409 |
|
|
} |
1410 |
|
|
/* append remaining keys from the config file */ |
1411 |
|
|
for (id = TAILQ_FIRST(&files); id; id = TAILQ_FIRST(&files)) { |
1412 |
|
|
TAILQ_REMOVE(&files, id, next); |
1413 |
|
|
TAILQ_INSERT_TAIL(preferred, id, next); |
1414 |
|
|
} |
1415 |
|
|
/* finally, filter by PubkeyAcceptedKeyTypes */ |
1416 |
|
|
TAILQ_FOREACH_SAFE(id, preferred, next, id2) { |
1417 |
|
|
if (id->key != NULL && |
1418 |
|
|
match_pattern_list(sshkey_ssh_name(id->key), |
1419 |
|
|
options.pubkey_key_types, 0) != 1) { |
1420 |
|
|
debug("Skipping %s key %s - " |
1421 |
|
|
"not in PubkeyAcceptedKeyTypes", |
1422 |
|
|
sshkey_ssh_name(id->key), id->filename); |
1423 |
|
|
TAILQ_REMOVE(preferred, id, next); |
1424 |
|
|
sshkey_free(id->key); |
1425 |
|
|
free(id->filename); |
1426 |
|
|
memset(id, 0, sizeof(*id)); |
1427 |
|
|
continue; |
1428 |
|
|
} |
1429 |
|
|
debug2("key: %s (%p)%s%s", id->filename, id->key, |
1430 |
|
|
id->userprovided ? ", explicit" : "", |
1431 |
|
|
id->agent_fd != -1 ? ", agent" : ""); |
1432 |
|
|
} |
1433 |
|
|
} |
1434 |
|
|
|
1435 |
|
|
static void |
1436 |
|
|
pubkey_cleanup(Authctxt *authctxt) |
1437 |
|
|
{ |
1438 |
|
|
Identity *id; |
1439 |
|
|
|
1440 |
|
|
if (authctxt->agent_fd != -1) |
1441 |
|
|
ssh_close_authentication_socket(authctxt->agent_fd); |
1442 |
|
|
for (id = TAILQ_FIRST(&authctxt->keys); id; |
1443 |
|
|
id = TAILQ_FIRST(&authctxt->keys)) { |
1444 |
|
|
TAILQ_REMOVE(&authctxt->keys, id, next); |
1445 |
|
|
sshkey_free(id->key); |
1446 |
|
|
free(id->filename); |
1447 |
|
|
free(id); |
1448 |
|
|
} |
1449 |
|
|
} |
1450 |
|
|
|
1451 |
|
|
static void |
1452 |
|
|
pubkey_reset(Authctxt *authctxt) |
1453 |
|
|
{ |
1454 |
|
|
Identity *id; |
1455 |
|
|
|
1456 |
|
|
TAILQ_FOREACH(id, &authctxt->keys, next) |
1457 |
|
|
id->tried = 0; |
1458 |
|
|
} |
1459 |
|
|
|
1460 |
|
|
static int |
1461 |
|
|
try_identity(Identity *id) |
1462 |
|
|
{ |
1463 |
|
|
if (!id->key) |
1464 |
|
|
return (0); |
1465 |
|
|
if (key_type_plain(id->key->type) == KEY_RSA && |
1466 |
|
|
(datafellows & SSH_BUG_RSASIGMD5) != 0) { |
1467 |
|
|
debug("Skipped %s key %s for RSA/MD5 server", |
1468 |
|
|
key_type(id->key), id->filename); |
1469 |
|
|
return (0); |
1470 |
|
|
} |
1471 |
|
|
return 1; |
1472 |
|
|
} |
1473 |
|
|
|
1474 |
|
|
int |
1475 |
|
|
userauth_pubkey(Authctxt *authctxt) |
1476 |
|
|
{ |
1477 |
|
|
Identity *id; |
1478 |
|
|
int sent = 0; |
1479 |
|
|
char *fp; |
1480 |
|
|
|
1481 |
|
|
while ((id = TAILQ_FIRST(&authctxt->keys))) { |
1482 |
|
|
if (id->tried++) |
1483 |
|
|
return (0); |
1484 |
|
|
/* move key to the end of the queue */ |
1485 |
|
|
TAILQ_REMOVE(&authctxt->keys, id, next); |
1486 |
|
|
TAILQ_INSERT_TAIL(&authctxt->keys, id, next); |
1487 |
|
|
/* |
1488 |
|
|
* send a test message if we have the public key. for |
1489 |
|
|
* encrypted keys we cannot do this and have to load the |
1490 |
|
|
* private key instead |
1491 |
|
|
*/ |
1492 |
|
|
if (id->key != NULL) { |
1493 |
|
|
if (try_identity(id)) { |
1494 |
|
|
if ((fp = sshkey_fingerprint(id->key, |
1495 |
|
|
options.fingerprint_hash, |
1496 |
|
|
SSH_FP_DEFAULT)) == NULL) { |
1497 |
|
|
error("%s: sshkey_fingerprint failed", |
1498 |
|
|
__func__); |
1499 |
|
|
return 0; |
1500 |
|
|
} |
1501 |
|
|
debug("Offering public key: %s %s %s", |
1502 |
|
|
sshkey_type(id->key), fp, id->filename); |
1503 |
|
|
free(fp); |
1504 |
|
|
sent = send_pubkey_test(authctxt, id); |
1505 |
|
|
} |
1506 |
|
|
} else { |
1507 |
|
|
debug("Trying private key: %s", id->filename); |
1508 |
|
|
id->key = load_identity_file(id); |
1509 |
|
|
if (id->key != NULL) { |
1510 |
|
|
if (try_identity(id)) { |
1511 |
|
|
id->isprivate = 1; |
1512 |
|
|
sent = sign_and_send_pubkey( |
1513 |
|
|
authctxt, id); |
1514 |
|
|
} |
1515 |
|
|
key_free(id->key); |
1516 |
|
|
id->key = NULL; |
1517 |
|
|
id->isprivate = 0; |
1518 |
|
|
} |
1519 |
|
|
} |
1520 |
|
|
if (sent) |
1521 |
|
|
return (sent); |
1522 |
|
|
} |
1523 |
|
|
return (0); |
1524 |
|
|
} |
1525 |
|
|
|
1526 |
|
|
/* |
1527 |
|
|
* Send userauth request message specifying keyboard-interactive method. |
1528 |
|
|
*/ |
1529 |
|
|
int |
1530 |
|
|
userauth_kbdint(Authctxt *authctxt) |
1531 |
|
|
{ |
1532 |
|
|
static int attempt = 0; |
1533 |
|
|
|
1534 |
|
|
if (attempt++ >= options.number_of_password_prompts) |
1535 |
|
|
return 0; |
1536 |
|
|
/* disable if no SSH2_MSG_USERAUTH_INFO_REQUEST has been seen */ |
1537 |
|
|
if (attempt > 1 && !authctxt->info_req_seen) { |
1538 |
|
|
debug3("userauth_kbdint: disable: no info_req_seen"); |
1539 |
|
|
dispatch_set(SSH2_MSG_USERAUTH_INFO_REQUEST, NULL); |
1540 |
|
|
return 0; |
1541 |
|
|
} |
1542 |
|
|
|
1543 |
|
|
debug2("userauth_kbdint"); |
1544 |
|
|
packet_start(SSH2_MSG_USERAUTH_REQUEST); |
1545 |
|
|
packet_put_cstring(authctxt->server_user); |
1546 |
|
|
packet_put_cstring(authctxt->service); |
1547 |
|
|
packet_put_cstring(authctxt->method->name); |
1548 |
|
|
packet_put_cstring(""); /* lang */ |
1549 |
|
|
packet_put_cstring(options.kbd_interactive_devices ? |
1550 |
|
|
options.kbd_interactive_devices : ""); |
1551 |
|
|
packet_send(); |
1552 |
|
|
|
1553 |
|
|
dispatch_set(SSH2_MSG_USERAUTH_INFO_REQUEST, &input_userauth_info_req); |
1554 |
|
|
return 1; |
1555 |
|
|
} |
1556 |
|
|
|
1557 |
|
|
/* |
1558 |
|
|
* parse INFO_REQUEST, prompt user and send INFO_RESPONSE |
1559 |
|
|
*/ |
1560 |
|
|
int |
1561 |
|
|
input_userauth_info_req(int type, u_int32_t seq, struct ssh *ssh) |
1562 |
|
|
{ |
1563 |
|
|
Authctxt *authctxt = ssh->authctxt; |
1564 |
|
|
char *name, *inst, *lang, *prompt, *response; |
1565 |
|
|
u_int num_prompts, i; |
1566 |
|
|
int echo = 0; |
1567 |
|
|
|
1568 |
|
|
debug2("input_userauth_info_req"); |
1569 |
|
|
|
1570 |
|
|
if (authctxt == NULL) |
1571 |
|
|
fatal("input_userauth_info_req: no authentication context"); |
1572 |
|
|
|
1573 |
|
|
authctxt->info_req_seen = 1; |
1574 |
|
|
|
1575 |
|
|
name = packet_get_string(NULL); |
1576 |
|
|
inst = packet_get_string(NULL); |
1577 |
|
|
lang = packet_get_string(NULL); |
1578 |
|
|
if (strlen(name) > 0) |
1579 |
|
|
logit("%s", name); |
1580 |
|
|
if (strlen(inst) > 0) |
1581 |
|
|
logit("%s", inst); |
1582 |
|
|
free(name); |
1583 |
|
|
free(inst); |
1584 |
|
|
free(lang); |
1585 |
|
|
|
1586 |
|
|
num_prompts = packet_get_int(); |
1587 |
|
|
/* |
1588 |
|
|
* Begin to build info response packet based on prompts requested. |
1589 |
|
|
* We commit to providing the correct number of responses, so if |
1590 |
|
|
* further on we run into a problem that prevents this, we have to |
1591 |
|
|
* be sure and clean this up and send a correct error response. |
1592 |
|
|
*/ |
1593 |
|
|
packet_start(SSH2_MSG_USERAUTH_INFO_RESPONSE); |
1594 |
|
|
packet_put_int(num_prompts); |
1595 |
|
|
|
1596 |
|
|
debug2("input_userauth_info_req: num_prompts %d", num_prompts); |
1597 |
|
|
for (i = 0; i < num_prompts; i++) { |
1598 |
|
|
prompt = packet_get_string(NULL); |
1599 |
|
|
echo = packet_get_char(); |
1600 |
|
|
|
1601 |
|
|
response = read_passphrase(prompt, echo ? RP_ECHO : 0); |
1602 |
|
|
|
1603 |
|
|
packet_put_cstring(response); |
1604 |
|
|
explicit_bzero(response, strlen(response)); |
1605 |
|
|
free(response); |
1606 |
|
|
free(prompt); |
1607 |
|
|
} |
1608 |
|
|
packet_check_eom(); /* done with parsing incoming message. */ |
1609 |
|
|
|
1610 |
|
|
packet_add_padding(64); |
1611 |
|
|
packet_send(); |
1612 |
|
|
return 0; |
1613 |
|
|
} |
1614 |
|
|
|
1615 |
|
|
static int |
1616 |
|
|
ssh_keysign(struct sshkey *key, u_char **sigp, size_t *lenp, |
1617 |
|
|
const u_char *data, size_t datalen) |
1618 |
|
|
{ |
1619 |
|
|
struct sshbuf *b; |
1620 |
|
|
struct stat st; |
1621 |
|
|
pid_t pid; |
1622 |
|
|
int i, r, to[2], from[2], status, sock = packet_get_connection_in(); |
1623 |
|
|
u_char rversion = 0, version = 2; |
1624 |
|
|
void (*osigchld)(int); |
1625 |
|
|
|
1626 |
|
|
*sigp = NULL; |
1627 |
|
|
*lenp = 0; |
1628 |
|
|
|
1629 |
|
|
if (stat(_PATH_SSH_KEY_SIGN, &st) < 0) { |
1630 |
|
|
error("%s: not installed: %s", __func__, strerror(errno)); |
1631 |
|
|
return -1; |
1632 |
|
|
} |
1633 |
|
|
if (fflush(stdout) != 0) { |
1634 |
|
|
error("%s: fflush: %s", __func__, strerror(errno)); |
1635 |
|
|
return -1; |
1636 |
|
|
} |
1637 |
|
|
if (pipe(to) < 0) { |
1638 |
|
|
error("%s: pipe: %s", __func__, strerror(errno)); |
1639 |
|
|
return -1; |
1640 |
|
|
} |
1641 |
|
|
if (pipe(from) < 0) { |
1642 |
|
|
error("%s: pipe: %s", __func__, strerror(errno)); |
1643 |
|
|
return -1; |
1644 |
|
|
} |
1645 |
|
|
if ((pid = fork()) < 0) { |
1646 |
|
|
error("%s: fork: %s", __func__, strerror(errno)); |
1647 |
|
|
return -1; |
1648 |
|
|
} |
1649 |
|
|
osigchld = signal(SIGCHLD, SIG_DFL); |
1650 |
|
|
if (pid == 0) { |
1651 |
|
|
/* keep the socket on exec */ |
1652 |
|
|
fcntl(sock, F_SETFD, 0); |
1653 |
|
|
permanently_drop_suid(getuid()); |
1654 |
|
|
close(from[0]); |
1655 |
|
|
if (dup2(from[1], STDOUT_FILENO) < 0) |
1656 |
|
|
fatal("%s: dup2: %s", __func__, strerror(errno)); |
1657 |
|
|
close(to[1]); |
1658 |
|
|
if (dup2(to[0], STDIN_FILENO) < 0) |
1659 |
|
|
fatal("%s: dup2: %s", __func__, strerror(errno)); |
1660 |
|
|
close(from[1]); |
1661 |
|
|
close(to[0]); |
1662 |
|
|
/* Close everything but stdio and the socket */ |
1663 |
|
|
for (i = STDERR_FILENO + 1; i < sock; i++) |
1664 |
|
|
close(i); |
1665 |
|
|
closefrom(sock + 1); |
1666 |
|
|
debug3("%s: [child] pid=%ld, exec %s", |
1667 |
|
|
__func__, (long)getpid(), _PATH_SSH_KEY_SIGN); |
1668 |
|
|
execl(_PATH_SSH_KEY_SIGN, _PATH_SSH_KEY_SIGN, (char *)NULL); |
1669 |
|
|
fatal("%s: exec(%s): %s", __func__, _PATH_SSH_KEY_SIGN, |
1670 |
|
|
strerror(errno)); |
1671 |
|
|
} |
1672 |
|
|
close(from[1]); |
1673 |
|
|
close(to[0]); |
1674 |
|
|
|
1675 |
|
|
if ((b = sshbuf_new()) == NULL) |
1676 |
|
|
fatal("%s: sshbuf_new failed", __func__); |
1677 |
|
|
/* send # of sock, data to be signed */ |
1678 |
|
|
if ((r = sshbuf_put_u32(b, sock)) != 0 || |
1679 |
|
|
(r = sshbuf_put_string(b, data, datalen)) != 0) |
1680 |
|
|
fatal("%s: buffer error: %s", __func__, ssh_err(r)); |
1681 |
|
|
if (ssh_msg_send(to[1], version, b) == -1) |
1682 |
|
|
fatal("%s: couldn't send request", __func__); |
1683 |
|
|
sshbuf_reset(b); |
1684 |
|
|
r = ssh_msg_recv(from[0], b); |
1685 |
|
|
close(from[0]); |
1686 |
|
|
close(to[1]); |
1687 |
|
|
if (r < 0) { |
1688 |
|
|
error("%s: no reply", __func__); |
1689 |
|
|
goto fail; |
1690 |
|
|
} |
1691 |
|
|
|
1692 |
|
|
errno = 0; |
1693 |
|
|
while (waitpid(pid, &status, 0) < 0) { |
1694 |
|
|
if (errno != EINTR) { |
1695 |
|
|
error("%s: waitpid %ld: %s", |
1696 |
|
|
__func__, (long)pid, strerror(errno)); |
1697 |
|
|
goto fail; |
1698 |
|
|
} |
1699 |
|
|
} |
1700 |
|
|
if (!WIFEXITED(status)) { |
1701 |
|
|
error("%s: exited abnormally", __func__); |
1702 |
|
|
goto fail; |
1703 |
|
|
} |
1704 |
|
|
if (WEXITSTATUS(status) != 0) { |
1705 |
|
|
error("%s: exited with status %d", |
1706 |
|
|
__func__, WEXITSTATUS(status)); |
1707 |
|
|
goto fail; |
1708 |
|
|
} |
1709 |
|
|
if ((r = sshbuf_get_u8(b, &rversion)) != 0) { |
1710 |
|
|
error("%s: buffer error: %s", __func__, ssh_err(r)); |
1711 |
|
|
goto fail; |
1712 |
|
|
} |
1713 |
|
|
if (rversion != version) { |
1714 |
|
|
error("%s: bad version", __func__); |
1715 |
|
|
goto fail; |
1716 |
|
|
} |
1717 |
|
|
if ((r = sshbuf_get_string(b, sigp, lenp)) != 0) { |
1718 |
|
|
error("%s: buffer error: %s", __func__, ssh_err(r)); |
1719 |
|
|
fail: |
1720 |
|
|
signal(SIGCHLD, osigchld); |
1721 |
|
|
sshbuf_free(b); |
1722 |
|
|
return -1; |
1723 |
|
|
} |
1724 |
|
|
signal(SIGCHLD, osigchld); |
1725 |
|
|
sshbuf_free(b); |
1726 |
|
|
|
1727 |
|
|
return 0; |
1728 |
|
|
} |
1729 |
|
|
|
1730 |
|
|
int |
1731 |
|
|
userauth_hostbased(Authctxt *authctxt) |
1732 |
|
|
{ |
1733 |
|
|
struct ssh *ssh = active_state; |
1734 |
|
|
struct sshkey *private = NULL; |
1735 |
|
|
struct sshbuf *b = NULL; |
1736 |
|
|
const char *service; |
1737 |
|
|
u_char *sig = NULL, *keyblob = NULL; |
1738 |
|
|
char *fp = NULL, *chost = NULL, *lname = NULL; |
1739 |
|
|
size_t siglen = 0, keylen = 0; |
1740 |
|
|
int i, r, success = 0; |
1741 |
|
|
|
1742 |
|
|
if (authctxt->ktypes == NULL) { |
1743 |
|
|
authctxt->oktypes = xstrdup(options.hostbased_key_types); |
1744 |
|
|
authctxt->ktypes = authctxt->oktypes; |
1745 |
|
|
} |
1746 |
|
|
|
1747 |
|
|
/* |
1748 |
|
|
* Work through each listed type pattern in HostbasedKeyTypes, |
1749 |
|
|
* trying each hostkey that matches the type in turn. |
1750 |
|
|
*/ |
1751 |
|
|
for (;;) { |
1752 |
|
|
if (authctxt->active_ktype == NULL) |
1753 |
|
|
authctxt->active_ktype = strsep(&authctxt->ktypes, ","); |
1754 |
|
|
if (authctxt->active_ktype == NULL || |
1755 |
|
|
*authctxt->active_ktype == '\0') |
1756 |
|
|
break; |
1757 |
|
|
debug3("%s: trying key type %s", __func__, |
1758 |
|
|
authctxt->active_ktype); |
1759 |
|
|
|
1760 |
|
|
/* check for a useful key */ |
1761 |
|
|
private = NULL; |
1762 |
|
|
for (i = 0; i < authctxt->sensitive->nkeys; i++) { |
1763 |
|
|
if (authctxt->sensitive->keys[i] == NULL || |
1764 |
|
|
authctxt->sensitive->keys[i]->type == KEY_UNSPEC) |
1765 |
|
|
continue; |
1766 |
|
|
if (match_pattern_list( |
1767 |
|
|
sshkey_ssh_name(authctxt->sensitive->keys[i]), |
1768 |
|
|
authctxt->active_ktype, 0) != 1) |
1769 |
|
|
continue; |
1770 |
|
|
/* we take and free the key */ |
1771 |
|
|
private = authctxt->sensitive->keys[i]; |
1772 |
|
|
authctxt->sensitive->keys[i] = NULL; |
1773 |
|
|
break; |
1774 |
|
|
} |
1775 |
|
|
/* Found one */ |
1776 |
|
|
if (private != NULL) |
1777 |
|
|
break; |
1778 |
|
|
/* No more keys of this type; advance */ |
1779 |
|
|
authctxt->active_ktype = NULL; |
1780 |
|
|
} |
1781 |
|
|
if (private == NULL) { |
1782 |
|
|
free(authctxt->oktypes); |
1783 |
|
|
authctxt->oktypes = authctxt->ktypes = NULL; |
1784 |
|
|
authctxt->active_ktype = NULL; |
1785 |
|
|
debug("No more client hostkeys for hostbased authentication."); |
1786 |
|
|
goto out; |
1787 |
|
|
} |
1788 |
|
|
|
1789 |
|
|
if ((fp = sshkey_fingerprint(private, options.fingerprint_hash, |
1790 |
|
|
SSH_FP_DEFAULT)) == NULL) { |
1791 |
|
|
error("%s: sshkey_fingerprint failed", __func__); |
1792 |
|
|
goto out; |
1793 |
|
|
} |
1794 |
|
|
debug("%s: trying hostkey %s %s", |
1795 |
|
|
__func__, sshkey_ssh_name(private), fp); |
1796 |
|
|
|
1797 |
|
|
/* figure out a name for the client host */ |
1798 |
|
|
if ((lname = get_local_name(packet_get_connection_in())) == NULL) { |
1799 |
|
|
error("%s: cannot get local ipaddr/name", __func__); |
1800 |
|
|
goto out; |
1801 |
|
|
} |
1802 |
|
|
|
1803 |
|
|
/* XXX sshbuf_put_stringf? */ |
1804 |
|
|
xasprintf(&chost, "%s.", lname); |
1805 |
|
|
debug2("%s: chost %s", __func__, chost); |
1806 |
|
|
|
1807 |
|
|
service = datafellows & SSH_BUG_HBSERVICE ? "ssh-userauth" : |
1808 |
|
|
authctxt->service; |
1809 |
|
|
|
1810 |
|
|
/* construct data */ |
1811 |
|
|
if ((b = sshbuf_new()) == NULL) { |
1812 |
|
|
error("%s: sshbuf_new failed", __func__); |
1813 |
|
|
goto out; |
1814 |
|
|
} |
1815 |
|
|
if ((r = sshkey_to_blob(private, &keyblob, &keylen)) != 0) { |
1816 |
|
|
error("%s: sshkey_to_blob: %s", __func__, ssh_err(r)); |
1817 |
|
|
goto out; |
1818 |
|
|
} |
1819 |
|
|
if ((r = sshbuf_put_string(b, session_id2, session_id2_len)) != 0 || |
1820 |
|
|
(r = sshbuf_put_u8(b, SSH2_MSG_USERAUTH_REQUEST)) != 0 || |
1821 |
|
|
(r = sshbuf_put_cstring(b, authctxt->server_user)) != 0 || |
1822 |
|
|
(r = sshbuf_put_cstring(b, service)) != 0 || |
1823 |
|
|
(r = sshbuf_put_cstring(b, authctxt->method->name)) != 0 || |
1824 |
|
|
(r = sshbuf_put_cstring(b, key_ssh_name(private))) != 0 || |
1825 |
|
|
(r = sshbuf_put_string(b, keyblob, keylen)) != 0 || |
1826 |
|
|
(r = sshbuf_put_cstring(b, chost)) != 0 || |
1827 |
|
|
(r = sshbuf_put_cstring(b, authctxt->local_user)) != 0) { |
1828 |
|
|
error("%s: buffer error: %s", __func__, ssh_err(r)); |
1829 |
|
|
goto out; |
1830 |
|
|
} |
1831 |
|
|
|
1832 |
|
|
#ifdef DEBUG_PK |
1833 |
|
|
sshbuf_dump(b, stderr); |
1834 |
|
|
#endif |
1835 |
|
|
if (authctxt->sensitive->external_keysign) |
1836 |
|
|
r = ssh_keysign(private, &sig, &siglen, |
1837 |
|
|
sshbuf_ptr(b), sshbuf_len(b)); |
1838 |
|
|
else if ((r = sshkey_sign(private, &sig, &siglen, |
1839 |
|
|
sshbuf_ptr(b), sshbuf_len(b), NULL, datafellows)) != 0) |
1840 |
|
|
debug("%s: sshkey_sign: %s", __func__, ssh_err(r)); |
1841 |
|
|
if (r != 0) { |
1842 |
|
|
error("sign using hostkey %s %s failed", |
1843 |
|
|
sshkey_ssh_name(private), fp); |
1844 |
|
|
goto out; |
1845 |
|
|
} |
1846 |
|
|
if ((r = sshpkt_start(ssh, SSH2_MSG_USERAUTH_REQUEST)) != 0 || |
1847 |
|
|
(r = sshpkt_put_cstring(ssh, authctxt->server_user)) != 0 || |
1848 |
|
|
(r = sshpkt_put_cstring(ssh, authctxt->service)) != 0 || |
1849 |
|
|
(r = sshpkt_put_cstring(ssh, authctxt->method->name)) != 0 || |
1850 |
|
|
(r = sshpkt_put_cstring(ssh, key_ssh_name(private))) != 0 || |
1851 |
|
|
(r = sshpkt_put_string(ssh, keyblob, keylen)) != 0 || |
1852 |
|
|
(r = sshpkt_put_cstring(ssh, chost)) != 0 || |
1853 |
|
|
(r = sshpkt_put_cstring(ssh, authctxt->local_user)) != 0 || |
1854 |
|
|
(r = sshpkt_put_string(ssh, sig, siglen)) != 0 || |
1855 |
|
|
(r = sshpkt_send(ssh)) != 0) { |
1856 |
|
|
error("%s: packet error: %s", __func__, ssh_err(r)); |
1857 |
|
|
goto out; |
1858 |
|
|
} |
1859 |
|
|
success = 1; |
1860 |
|
|
|
1861 |
|
|
out: |
1862 |
|
|
if (sig != NULL) { |
1863 |
|
|
explicit_bzero(sig, siglen); |
1864 |
|
|
free(sig); |
1865 |
|
|
} |
1866 |
|
|
free(keyblob); |
1867 |
|
|
free(lname); |
1868 |
|
|
free(fp); |
1869 |
|
|
free(chost); |
1870 |
|
|
sshkey_free(private); |
1871 |
|
|
sshbuf_free(b); |
1872 |
|
|
|
1873 |
|
|
return success; |
1874 |
|
|
} |
1875 |
|
|
|
1876 |
|
|
/* find auth method */ |
1877 |
|
|
|
1878 |
|
|
/* |
1879 |
|
|
* given auth method name, if configurable options permit this method fill |
1880 |
|
|
* in auth_ident field and return true, otherwise return false. |
1881 |
|
|
*/ |
1882 |
|
|
static int |
1883 |
|
|
authmethod_is_enabled(Authmethod *method) |
1884 |
|
|
{ |
1885 |
|
|
if (method == NULL) |
1886 |
|
|
return 0; |
1887 |
|
|
/* return false if options indicate this method is disabled */ |
1888 |
|
|
if (method->enabled == NULL || *method->enabled == 0) |
1889 |
|
|
return 0; |
1890 |
|
|
/* return false if batch mode is enabled but method needs interactive mode */ |
1891 |
|
|
if (method->batch_flag != NULL && *method->batch_flag != 0) |
1892 |
|
|
return 0; |
1893 |
|
|
return 1; |
1894 |
|
|
} |
1895 |
|
|
|
1896 |
|
|
static Authmethod * |
1897 |
|
|
authmethod_lookup(const char *name) |
1898 |
|
|
{ |
1899 |
|
|
Authmethod *method = NULL; |
1900 |
|
|
if (name != NULL) |
1901 |
|
|
for (method = authmethods; method->name != NULL; method++) |
1902 |
|
|
if (strcmp(name, method->name) == 0) |
1903 |
|
|
return method; |
1904 |
|
|
debug2("Unrecognized authentication method name: %s", name ? name : "NULL"); |
1905 |
|
|
return NULL; |
1906 |
|
|
} |
1907 |
|
|
|
1908 |
|
|
/* XXX internal state */ |
1909 |
|
|
static Authmethod *current = NULL; |
1910 |
|
|
static char *supported = NULL; |
1911 |
|
|
static char *preferred = NULL; |
1912 |
|
|
|
1913 |
|
|
/* |
1914 |
|
|
* Given the authentication method list sent by the server, return the |
1915 |
|
|
* next method we should try. If the server initially sends a nil list, |
1916 |
|
|
* use a built-in default list. |
1917 |
|
|
*/ |
1918 |
|
|
static Authmethod * |
1919 |
|
|
authmethod_get(char *authlist) |
1920 |
|
|
{ |
1921 |
|
|
char *name = NULL; |
1922 |
|
|
u_int next; |
1923 |
|
|
|
1924 |
|
|
/* Use a suitable default if we're passed a nil list. */ |
1925 |
|
|
if (authlist == NULL || strlen(authlist) == 0) |
1926 |
|
|
authlist = options.preferred_authentications; |
1927 |
|
|
|
1928 |
|
|
if (supported == NULL || strcmp(authlist, supported) != 0) { |
1929 |
|
|
debug3("start over, passed a different list %s", authlist); |
1930 |
|
|
free(supported); |
1931 |
|
|
supported = xstrdup(authlist); |
1932 |
|
|
preferred = options.preferred_authentications; |
1933 |
|
|
debug3("preferred %s", preferred); |
1934 |
|
|
current = NULL; |
1935 |
|
|
} else if (current != NULL && authmethod_is_enabled(current)) |
1936 |
|
|
return current; |
1937 |
|
|
|
1938 |
|
|
for (;;) { |
1939 |
|
|
if ((name = match_list(preferred, supported, &next)) == NULL) { |
1940 |
|
|
debug("No more authentication methods to try."); |
1941 |
|
|
current = NULL; |
1942 |
|
|
return NULL; |
1943 |
|
|
} |
1944 |
|
|
preferred += next; |
1945 |
|
|
debug3("authmethod_lookup %s", name); |
1946 |
|
|
debug3("remaining preferred: %s", preferred); |
1947 |
|
|
if ((current = authmethod_lookup(name)) != NULL && |
1948 |
|
|
authmethod_is_enabled(current)) { |
1949 |
|
|
debug3("authmethod_is_enabled %s", name); |
1950 |
|
|
debug("Next authentication method: %s", name); |
1951 |
|
|
free(name); |
1952 |
|
|
return current; |
1953 |
|
|
} |
1954 |
|
|
free(name); |
1955 |
|
|
} |
1956 |
|
|
} |
1957 |
|
|
|
1958 |
|
|
static char * |
1959 |
|
|
authmethods_get(void) |
1960 |
|
|
{ |
1961 |
|
|
Authmethod *method = NULL; |
1962 |
|
|
Buffer b; |
1963 |
|
|
char *list; |
1964 |
|
|
|
1965 |
|
|
buffer_init(&b); |
1966 |
|
|
for (method = authmethods; method->name != NULL; method++) { |
1967 |
|
|
if (authmethod_is_enabled(method)) { |
1968 |
|
|
if (buffer_len(&b) > 0) |
1969 |
|
|
buffer_append(&b, ",", 1); |
1970 |
|
|
buffer_append(&b, method->name, strlen(method->name)); |
1971 |
|
|
} |
1972 |
|
|
} |
1973 |
|
|
if ((list = sshbuf_dup_string(&b)) == NULL) |
1974 |
|
|
fatal("%s: sshbuf_dup_string failed", __func__); |
1975 |
|
|
buffer_free(&b); |
1976 |
|
|
return list; |
1977 |
|
|
} |
1978 |
|
|
|