Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / external / openssh / 43ce2c86a89a512e3c9361b40155db8bbef3f441 / . / ssh-keysign.c
blob: bed2b987488192d3cda86bcb5dbe73ef6d20bca0 [file] [log] [blame]
Ben Lindstrom1bad2562002-06-06 19:57:33 +0000[diff] [blame]1/*
2 * Copyright (c) 2002 Markus Friedl. All rights reserved.
3 *
4 * Redistribution and use in source and binary forms, with or without
5 * modification, are permitted provided that the following conditions
6 * are met:
7 * 1. Redistributions of source code must retain the above copyright
8 * notice, this list of conditions and the following disclaimer.
9 * 2. Redistributions in binary form must reproduce the above copyright
10 * notice, this list of conditions and the following disclaimer in the
11 * documentation and/or other materials provided with the distribution.
12 *
13 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
14 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
15 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
16 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
17 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
18 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
19 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
20 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
21 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
22 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
23 */
24#include "includes.h"
Ben Lindstrom43ce2c82002-07-04 00:17:33 +0000[diff] [blame^]25RCSID("$OpenBSD: ssh-keysign.c,v 1.6 2002/07/03 09:55:38 markus Exp $");
Ben Lindstrom1bad2562002-06-06 19:57:33 +0000[diff] [blame]26
27#include <openssl/evp.h>
Ben Lindstrom43ce2c82002-07-04 00:17:33 +0000[diff] [blame^]28#include <openssl/rand.h>
29#include <openssl/rsa.h>
Ben Lindstrom1bad2562002-06-06 19:57:33 +0000[diff] [blame]30
31#include "log.h"
32#include "key.h"
33#include "ssh2.h"
34#include "misc.h"
35#include "xmalloc.h"
36#include "buffer.h"
37#include "bufaux.h"
38#include "authfile.h"
39#include "msg.h"
40#include "canohost.h"
41#include "pathnames.h"
42
Ben Lindstrom35453522002-06-07 14:37:00 +0000[diff] [blame]43#ifdef HAVE___PROGNAME
44extern char *__progname;
45#else
46char *__progname;
47#endif
48
Ben Lindstrom1bad2562002-06-06 19:57:33 +0000[diff] [blame]49static int
50valid_request(struct passwd *pw, char *host, Key **ret, u_char *data,
51 u_int datalen)
52{
53 Buffer b;
54 Key *key;
55 u_char *pkblob;
56 u_int blen, len;
57 char *pkalg, *p;
58 int pktype, fail;
59
60 fail = 0;
61
62 buffer_init(&b);
63 buffer_append(&b, data, datalen);
Ben Lindstromcb72e4f2002-06-21 00:41:51 +0000[diff] [blame]64
Ben Lindstroma2071572002-06-09 20:01:48 +0000[diff] [blame]65 /* session id, currently limited to SHA1 (20 bytes) */
66 p = buffer_get_string(&b, &len);
67 if (len != 20)
68 fail++;
69 xfree(p);
70
Ben Lindstrom1bad2562002-06-06 19:57:33 +0000[diff] [blame]71 if (buffer_get_char(&b) != SSH2_MSG_USERAUTH_REQUEST)
72 fail++;
73
74 /* server user */
75 buffer_skip_string(&b);
76
77 /* service */
78 p = buffer_get_string(&b, NULL);
79 if (strcmp("ssh-connection", p) != 0)
80 fail++;
81 xfree(p);
82
83 /* method */
84 p = buffer_get_string(&b, NULL);
85 if (strcmp("hostbased", p) != 0)
86 fail++;
87 xfree(p);
88
89 /* pubkey */
90 pkalg = buffer_get_string(&b, NULL);
91 pkblob = buffer_get_string(&b, &blen);
92
93 pktype = key_type_from_name(pkalg);
94 if (pktype == KEY_UNSPEC)
95 fail++;
96 else if ((key = key_from_blob(pkblob, blen)) == NULL)
97 fail++;
98 else if (key->type != pktype)
99 fail++;
100 xfree(pkalg);
101 xfree(pkblob);
102
103 /* client host name, handle trailing dot */
104 p = buffer_get_string(&b, &len);
105 debug2("valid_request: check expect chost %s got %s", host, p);
106 if (strlen(host) != len - 1)
107 fail++;
108 else if (p[len - 1] != '.')
Ben Lindstromcb72e4f2002-06-21 00:41:51 +0000[diff] [blame]109 fail++;
Ben Lindstrom1bad2562002-06-06 19:57:33 +0000[diff] [blame]110 else if (strncasecmp(host, p, len - 1) != 0)
Ben Lindstromcb72e4f2002-06-21 00:41:51 +0000[diff] [blame]111 fail++;
Ben Lindstrom1bad2562002-06-06 19:57:33 +0000[diff] [blame]112 xfree(p);
113
114 /* local user */
115 p = buffer_get_string(&b, NULL);
116
117 if (strcmp(pw->pw_name, p) != 0)
118 fail++;
119 xfree(p);
120
121 /* end of message */
122 if (buffer_len(&b) != 0)
123 fail++;
124
125 debug3("valid_request: fail %d", fail);
126
127 if (fail && key != NULL)
128 key_free(key);
129 else
130 *ret = key;
131
132 return (fail ? -1 : 0);
133}
134
135int
136main(int argc, char **argv)
137{
138 Buffer b;
139 Key *keys[2], *key;
140 struct passwd *pw;
141 int key_fd[2], i, found, version = 2, fd;
142 u_char *signature, *data;
143 char *host;
144 u_int slen, dlen;
Ben Lindstrom43ce2c82002-07-04 00:17:33 +0000[diff] [blame^]145 u_int32_t rnd[256];
Ben Lindstrom1bad2562002-06-06 19:57:33 +0000[diff] [blame]146
147 key_fd[0] = open(_PATH_HOST_RSA_KEY_FILE, O_RDONLY);
148 key_fd[1] = open(_PATH_HOST_DSA_KEY_FILE, O_RDONLY);
149
150 seteuid(getuid());
151 setuid(getuid());
152
Ben Lindstrom5a6abda2002-06-09 19:41:48 +0000[diff] [blame]153 init_rng();
154 seed_rng();
155 arc4random_stir();
Ben Lindstromdb41d232002-06-07 03:11:38 +0000[diff] [blame]156
Ben Lindstrom1bad2562002-06-06 19:57:33 +0000[diff] [blame]157#ifdef DEBUG_SSH_KEYSIGN
158 log_init("ssh-keysign", SYSLOG_LEVEL_DEBUG3, SYSLOG_FACILITY_AUTH, 0);
Ben Lindstromcb72e4f2002-06-21 00:41:51 +0000[diff] [blame]159#endif
Ben Lindstrom1bad2562002-06-06 19:57:33 +0000[diff] [blame]160
161 if (key_fd[0] == -1 && key_fd[1] == -1)
162 fatal("could not open any host key");
163
164 if ((pw = getpwuid(getuid())) == NULL)
165 fatal("getpwuid failed");
Ben Lindstromcb72e4f2002-06-21 00:41:51 +0000[diff] [blame]166 pw = pwcopy(pw);
Ben Lindstrom1bad2562002-06-06 19:57:33 +0000[diff] [blame]167
168 SSLeay_add_all_algorithms();
Ben Lindstrom43ce2c82002-07-04 00:17:33 +0000[diff] [blame^]169 for (i = 0; i < 256; i++)
170 rnd[i] = arc4random();
171 RAND_seed(rnd, sizeof(rnd));
Ben Lindstrom1bad2562002-06-06 19:57:33 +0000[diff] [blame]172
173 found = 0;
174 for (i = 0; i < 2; i++) {
175 keys[i] = NULL;
176 if (key_fd[i] == -1)
177 continue;
178 keys[i] = key_load_private_pem(key_fd[i], KEY_UNSPEC,
179 NULL, NULL);
180 close(key_fd[i]);
Ben Lindstrom43ce2c82002-07-04 00:17:33 +0000[diff] [blame^]181 if (keys[i] != NULL && keys[i]->type == KEY_RSA) {
182 if (RSA_blinding_on(keys[i]->rsa, NULL) != 1) {
183 error("RSA_blinding_on failed");
184 key_free(keys[i]);
185 keys[i] = NULL;
186 }
187 }
Ben Lindstrom1bad2562002-06-06 19:57:33 +0000[diff] [blame]188 if (keys[i] != NULL)
189 found = 1;
190 }
191 if (!found)
192 fatal("no hostkey found");
193
194 buffer_init(&b);
195 if (msg_recv(STDIN_FILENO, &b) < 0)
196 fatal("msg_recv failed");
197 if (buffer_get_char(&b) != version)
198 fatal("bad version");
199 fd = buffer_get_int(&b);
200 if ((fd == STDIN_FILENO) || (fd == STDOUT_FILENO))
201 fatal("bad fd");
202 if ((host = get_local_name(fd)) == NULL)
203 fatal("cannot get sockname for fd");
Ben Lindstromcb72e4f2002-06-21 00:41:51 +0000[diff] [blame]204
Ben Lindstrom1bad2562002-06-06 19:57:33 +0000[diff] [blame]205 data = buffer_get_string(&b, &dlen);
206 if (valid_request(pw, host, &key, data, dlen) < 0)
207 fatal("not a valid request");
Ben Lindstrom1bad2562002-06-06 19:57:33 +0000[diff] [blame]208 xfree(host);
209
210 found = 0;
211 for (i = 0; i < 2; i++) {
212 if (keys[i] != NULL &&
213 key_equal(key, keys[i])) {
214 found = 1;
215 break;
216 }
217 }
218 if (!found)
219 fatal("no matching hostkey found");
220
221 if (key_sign(keys[i], &signature, &slen, data, dlen) != 0)
222 fatal("key_sign failed");
Ben Lindstromfe275982002-06-27 00:25:07 +0000[diff] [blame]223 xfree(data);
Ben Lindstromcb72e4f2002-06-21 00:41:51 +0000[diff] [blame]224
Ben Lindstrom1bad2562002-06-06 19:57:33 +0000[diff] [blame]225 /* send reply */
226 buffer_clear(&b);
227 buffer_put_string(&b, signature, slen);
228 msg_send(STDOUT_FILENO, version, &b);
229
230 return (0);
231}