blob: 2f0a57fac27821b2c670d7f324a0e2d364e90761 [file] [log] [blame]
djm@openbsd.org26074382018-03-03 03:01:50 +00001/* $OpenBSD: sshconnect2.c,v 1.269 2018/03/03 03:01:50 djm Exp $ */
Damien Millereba71ba2000-04-29 23:57:08 +10002/*
3 * Copyright (c) 2000 Markus Friedl. All rights reserved.
Damien Miller01ed2272008-11-05 16:20:46 +11004 * Copyright (c) 2008 Damien Miller. All rights reserved.
Damien Millereba71ba2000-04-29 23:57:08 +10005 *
6 * Redistribution and use in source and binary forms, with or without
7 * modification, are permitted provided that the following conditions
8 * are met:
9 * 1. Redistributions of source code must retain the above copyright
10 * notice, this list of conditions and the following disclaimer.
11 * 2. Redistributions in binary form must reproduce the above copyright
12 * notice, this list of conditions and the following disclaimer in the
13 * documentation and/or other materials provided with the distribution.
Damien Millereba71ba2000-04-29 23:57:08 +100014 *
15 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
16 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
17 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
18 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
19 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
20 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
21 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
22 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
23 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
24 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
25 */
26
27#include "includes.h"
Damien Miller2eb63402006-03-15 11:09:42 +110028
Damien Miller9cf6d072006-03-15 11:29:24 +110029#include <sys/types.h>
Damien Millerd7834352006-08-05 12:39:39 +100030#include <sys/socket.h>
Damien Miller9cf6d072006-03-15 11:29:24 +110031#include <sys/wait.h>
Damien Millerf17883e2006-03-15 11:45:54 +110032#include <sys/stat.h>
Damien Millereba71ba2000-04-29 23:57:08 +100033
Darren Tucker39972492006-07-12 22:22:46 +100034#include <errno.h>
Darren Tucker6e7fe1c2010-01-08 17:07:22 +110035#include <fcntl.h>
Darren Tuckerf520ea12007-05-20 15:11:33 +100036#include <netdb.h>
Damien Millerd7834352006-08-05 12:39:39 +100037#include <pwd.h>
38#include <signal.h>
Damien Millerded319c2006-09-01 15:38:36 +100039#include <stdarg.h>
Damien Millera7a73ee2006-08-05 11:37:59 +100040#include <stdio.h>
Damien Millere3476ed2006-07-24 14:13:33 +100041#include <string.h>
Damien Miller1cdde6f2006-07-24 14:07:35 +100042#include <unistd.h>
Damien Miller63b4bcd2013-03-20 12:55:14 +110043#if defined(HAVE_STRNVIS) && defined(HAVE_VIS_H) && !defined(BROKEN_STRNVIS)
Damien Miller7ba0ca72008-07-17 18:57:06 +100044#include <vis.h>
Damien Miller2e28d862008-07-17 19:15:43 +100045#endif
Darren Tucker39972492006-07-12 22:22:46 +100046
Damien Miller9c617692003-05-14 14:31:11 +100047#include "openbsd-compat/sys-queue.h"
48
Damien Millerd7834352006-08-05 12:39:39 +100049#include "xmalloc.h"
Damien Millereba71ba2000-04-29 23:57:08 +100050#include "ssh.h"
Ben Lindstrom226cfa02001-01-22 05:34:40 +000051#include "ssh2.h"
Damien Millereba71ba2000-04-29 23:57:08 +100052#include "buffer.h"
53#include "packet.h"
Damien Millereba71ba2000-04-29 23:57:08 +100054#include "compat.h"
Ben Lindstrom226cfa02001-01-22 05:34:40 +000055#include "cipher.h"
Damien Millerd7834352006-08-05 12:39:39 +100056#include "key.h"
Damien Millereba71ba2000-04-29 23:57:08 +100057#include "kex.h"
58#include "myproposal.h"
Damien Millereba71ba2000-04-29 23:57:08 +100059#include "sshconnect.h"
60#include "authfile.h"
Ben Lindstromdf221392001-03-29 00:36:16 +000061#include "dh.h"
Damien Millerad833b32000-08-23 10:46:23 +100062#include "authfd.h"
Ben Lindstrom226cfa02001-01-22 05:34:40 +000063#include "log.h"
Darren Tuckere608ca22004-05-13 16:15:47 +100064#include "misc.h"
Damien Miller7acefbb2014-07-18 14:11:24 +100065#include "readconf.h"
Ben Lindstromb9be60a2001-03-11 01:49:19 +000066#include "match.h"
Ben Lindstrom20d7c7b2001-04-04 01:56:17 +000067#include "dispatch.h"
Ben Lindstrom5eabda32001-04-12 23:34:34 +000068#include "canohost.h"
Ben Lindstrom1bad2562002-06-06 19:57:33 +000069#include "msg.h"
70#include "pathnames.h"
Damien Miller6b4069a2006-06-13 13:05:15 +100071#include "uidswap.h"
Damien Millerd925dcd2010-12-01 12:21:51 +110072#include "hostfile.h"
djm@openbsd.org141efe42015-01-14 20:05:27 +000073#include "ssherr.h"
djm@openbsd.org65c6c6b2016-07-17 04:20:16 +000074#include "utf8.h"
Damien Miller874d77b2000-10-14 16:23:11 +110075
Darren Tucker0efd1552003-08-26 11:49:55 +100076#ifdef GSSAPI
77#include "ssh-gss.h"
78#endif
79
Damien Millereba71ba2000-04-29 23:57:08 +100080/* import */
81extern char *client_version_string;
82extern char *server_version_string;
83extern Options options;
84
85/*
86 * SSH2 key exchange
87 */
88
Ben Lindstrom46c16222000-12-22 01:43:59 +000089u_char *session_id2 = NULL;
Darren Tucker502d3842003-06-28 12:38:01 +100090u_int session_id2_len = 0;
Damien Millereba71ba2000-04-29 23:57:08 +100091
Ben Lindstrom20d7c7b2001-04-04 01:56:17 +000092char *xxx_host;
93struct sockaddr *xxx_hostaddr;
94
Ben Lindstrombba81212001-06-25 05:01:22 +000095static int
markus@openbsd.org54d90ac2017-05-30 08:52:19 +000096verify_host_key_callback(struct sshkey *hostkey, struct ssh *ssh)
Ben Lindstrom20d7c7b2001-04-04 01:56:17 +000097{
Ben Lindstromd6481ea2001-06-25 04:37:41 +000098 if (verify_host_key(xxx_host, xxx_hostaddr, hostkey) == -1)
Damien Miller59d9fb92001-10-10 15:03:11 +100099 fatal("Host key verification failed.");
Ben Lindstrom20d7c7b2001-04-04 01:56:17 +0000100 return 0;
101}
102
Damien Millerd925dcd2010-12-01 12:21:51 +1100103static char *
104order_hostkeyalgs(char *host, struct sockaddr *hostaddr, u_short port)
105{
106 char *oavail, *avail, *first, *last, *alg, *hostname, *ret;
107 size_t maxlen;
108 struct hostkeys *hostkeys;
109 int ktype;
Damien Miller295ee632011-05-29 21:42:31 +1000110 u_int i;
Damien Millerd925dcd2010-12-01 12:21:51 +1100111
112 /* Find all hostkeys for this hostname */
113 get_hostfile_hostname_ipaddr(host, hostaddr, port, &hostname, NULL);
114 hostkeys = init_hostkeys();
Damien Miller295ee632011-05-29 21:42:31 +1000115 for (i = 0; i < options.num_user_hostfiles; i++)
116 load_hostkeys(hostkeys, hostname, options.user_hostfiles[i]);
117 for (i = 0; i < options.num_system_hostfiles; i++)
118 load_hostkeys(hostkeys, hostname, options.system_hostfiles[i]);
Damien Millerd925dcd2010-12-01 12:21:51 +1100119
120 oavail = avail = xstrdup(KEX_DEFAULT_PK_ALG);
121 maxlen = strlen(avail) + 1;
122 first = xmalloc(maxlen);
123 last = xmalloc(maxlen);
124 *first = *last = '\0';
125
126#define ALG_APPEND(to, from) \
127 do { \
128 if (*to != '\0') \
129 strlcat(to, ",", maxlen); \
130 strlcat(to, from, maxlen); \
131 } while (0)
132
133 while ((alg = strsep(&avail, ",")) && *alg != '\0') {
djm@openbsd.org141efe42015-01-14 20:05:27 +0000134 if ((ktype = sshkey_type_from_name(alg)) == KEY_UNSPEC)
Damien Millerd925dcd2010-12-01 12:21:51 +1100135 fatal("%s: unknown alg %s", __func__, alg);
136 if (lookup_key_in_hostkeys_by_type(hostkeys,
djm@openbsd.org141efe42015-01-14 20:05:27 +0000137 sshkey_type_plain(ktype), NULL))
Damien Millerd925dcd2010-12-01 12:21:51 +1100138 ALG_APPEND(first, alg);
139 else
140 ALG_APPEND(last, alg);
141 }
142#undef ALG_APPEND
djm@openbsd.org35d60222015-01-18 13:33:34 +0000143 xasprintf(&ret, "%s%s%s", first,
144 (*first == '\0' || *last == '\0') ? "" : ",", last);
Damien Millerd925dcd2010-12-01 12:21:51 +1100145 if (*first != '\0')
146 debug3("%s: prefer hostkeyalgs: %s", __func__, first);
147
Darren Tuckera627d422013-06-02 07:31:17 +1000148 free(first);
149 free(last);
150 free(hostname);
151 free(oavail);
Damien Millerd925dcd2010-12-01 12:21:51 +1100152 free_hostkeys(hostkeys);
153
154 return ret;
155}
156
Damien Millereba71ba2000-04-29 23:57:08 +1000157void
Damien Millerd925dcd2010-12-01 12:21:51 +1100158ssh_kex2(char *host, struct sockaddr *hostaddr, u_short port)
Damien Miller874d77b2000-10-14 16:23:11 +1100159{
Damien Miller9235a032014-04-20 13:17:20 +1000160 char *myproposal[PROPOSAL_MAX] = { KEX_CLIENT };
markus@openbsd.org76c9fbb2015-12-04 16:41:28 +0000161 char *s;
markus@openbsd.org57d10cb2015-01-19 20:16:15 +0000162 struct kex *kex;
markus@openbsd.org57e783c2015-01-20 20:16:21 +0000163 int r;
Ben Lindstrom20d7c7b2001-04-04 01:56:17 +0000164
165 xxx_host = host;
166 xxx_hostaddr = hostaddr;
Damien Miller874d77b2000-10-14 16:23:11 +1100167
markus@openbsd.org76c9fbb2015-12-04 16:41:28 +0000168 if ((s = kex_names_cat(options.kex_algorithms, "ext-info-c")) == NULL)
169 fatal("%s: kex_names_cat", __func__);
170 myproposal[PROPOSAL_KEX_ALGS] = compat_kex_proposal(s);
Damien Millera0ff4662001-03-30 10:49:35 +1000171 myproposal[PROPOSAL_ENC_ALGS_CTOS] =
djm@openbsd.orgf9eca242015-07-30 00:01:34 +0000172 compat_cipher_proposal(options.ciphers);
Damien Millera0ff4662001-03-30 10:49:35 +1000173 myproposal[PROPOSAL_ENC_ALGS_STOC] =
djm@openbsd.orgf9eca242015-07-30 00:01:34 +0000174 compat_cipher_proposal(options.ciphers);
dtucker@openbsd.org8c02e362016-05-24 04:43:45 +0000175 myproposal[PROPOSAL_COMP_ALGS_CTOS] =
176 myproposal[PROPOSAL_COMP_ALGS_STOC] = options.compression ?
djm@openbsd.org4577ade2016-09-28 20:32:42 +0000177 "zlib@openssh.com,zlib,none" : "none,zlib@openssh.com,zlib";
djm@openbsd.orgf9eca242015-07-30 00:01:34 +0000178 myproposal[PROPOSAL_MAC_ALGS_CTOS] =
179 myproposal[PROPOSAL_MAC_ALGS_STOC] = options.macs;
180 if (options.hostkeyalgorithms != NULL) {
181 if (kex_assemble_names(KEX_DEFAULT_PK_ALG,
182 &options.hostkeyalgorithms) != 0)
183 fatal("%s: kex_assemble_namelist", __func__);
Damien Miller9f0f5c62001-12-21 14:45:46 +1100184 myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] =
Damien Miller324541e2013-12-31 12:25:40 +1100185 compat_pkalg_proposal(options.hostkeyalgorithms);
djm@openbsd.orgf9eca242015-07-30 00:01:34 +0000186 } else {
markus@openbsd.org3a1638d2015-07-10 06:21:53 +0000187 /* Enforce default */
188 options.hostkeyalgorithms = xstrdup(KEX_DEFAULT_PK_ALG);
Damien Millerd925dcd2010-12-01 12:21:51 +1100189 /* Prefer algorithms that we already have keys for */
190 myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] =
Damien Miller324541e2013-12-31 12:25:40 +1100191 compat_pkalg_proposal(
192 order_hostkeyalgs(host, hostaddr, port));
Damien Millerd925dcd2010-12-01 12:21:51 +1100193 }
Damien Miller874d77b2000-10-14 16:23:11 +1100194
Darren Tuckerc53c2af2013-05-16 20:28:16 +1000195 if (options.rekey_limit || options.rekey_interval)
dtucker@openbsd.orgc998bf02017-02-03 02:56:00 +0000196 packet_set_rekey_limits(options.rekey_limit,
197 options.rekey_interval);
Damien Millera5539d22003-04-09 20:50:06 +1000198
Ben Lindstrom8ac91062001-04-04 17:57:54 +0000199 /* start key exchange */
markus@openbsd.org57e783c2015-01-20 20:16:21 +0000200 if ((r = kex_setup(active_state, myproposal)) != 0)
201 fatal("kex_setup: %s", ssh_err(r));
markus@openbsd.org57d10cb2015-01-19 20:16:15 +0000202 kex = active_state->kex;
Damien Miller1f0311c2014-05-15 14:24:09 +1000203#ifdef WITH_OPENSSL
Damien Miller8e7fb332003-02-24 12:03:03 +1100204 kex->kex[KEX_DH_GRP1_SHA1] = kexdh_client;
Damien Millerf675fc42004-06-15 10:30:09 +1000205 kex->kex[KEX_DH_GRP14_SHA1] = kexdh_client;
djm@openbsd.org0e8eeec2016-05-02 10:26:04 +0000206 kex->kex[KEX_DH_GRP14_SHA256] = kexdh_client;
207 kex->kex[KEX_DH_GRP16_SHA512] = kexdh_client;
208 kex->kex[KEX_DH_GRP18_SHA512] = kexdh_client;
Damien Miller8e7fb332003-02-24 12:03:03 +1100209 kex->kex[KEX_DH_GEX_SHA1] = kexgex_client;
Damien Millera63128d2006-03-15 12:08:28 +1100210 kex->kex[KEX_DH_GEX_SHA256] = kexgex_client;
Darren Tuckerf2004cd2015-02-23 05:04:21 +1100211# ifdef OPENSSL_HAS_ECC
Damien Millereb8b60e2010-08-31 22:41:14 +1000212 kex->kex[KEX_ECDH_SHA2] = kexecdh_client;
Darren Tuckerf2004cd2015-02-23 05:04:21 +1100213# endif
Damien Miller1f0311c2014-05-15 14:24:09 +1000214#endif
Damien Miller1e124262013-11-04 08:26:52 +1100215 kex->kex[KEX_C25519_SHA256] = kexc25519_client;
Ben Lindstrom20d7c7b2001-04-04 01:56:17 +0000216 kex->client_version_string=client_version_string;
217 kex->server_version_string=server_version_string;
Ben Lindstromd6481ea2001-06-25 04:37:41 +0000218 kex->verify_host_key=&verify_host_key_callback;
Damien Miller874d77b2000-10-14 16:23:11 +1100219
markus@openbsd.org92e9fe62017-05-31 07:00:13 +0000220 ssh_dispatch_run_fatal(active_state, DISPATCH_BLOCK, &kex->done);
Damien Miller874d77b2000-10-14 16:23:11 +1100221
markus@openbsd.org76c9fbb2015-12-04 16:41:28 +0000222 /* remove ext-info from the KEX proposals for rekeying */
223 myproposal[PROPOSAL_KEX_ALGS] =
224 compat_kex_proposal(options.kex_algorithms);
225 if ((r = kex_prop2buf(kex->my, myproposal)) != 0)
226 fatal("kex_prop2buf: %s", ssh_err(r));
Darren Tucker36331b52010-01-08 16:50:41 +1100227
Ben Lindstrom2d90e002001-04-04 02:00:54 +0000228 session_id2 = kex->session_id;
229 session_id2_len = kex->session_id_len;
230
Damien Miller874d77b2000-10-14 16:23:11 +1100231#ifdef DEBUG_KEXDH
232 /* send 1st encrypted/maced/compressed message */
233 packet_start(SSH2_MSG_IGNORE);
234 packet_put_cstring("markus");
235 packet_send();
236 packet_write_wait();
237#endif
Damien Millereba71ba2000-04-29 23:57:08 +1000238}
Damien Millerb1715dc2000-05-30 13:44:51 +1000239
Damien Millereba71ba2000-04-29 23:57:08 +1000240/*
241 * Authenticate user
242 */
Damien Miller62cee002000-09-23 17:15:56 +1100243
djm@openbsd.org141efe42015-01-14 20:05:27 +0000244typedef struct cauthctxt Authctxt;
245typedef struct cauthmethod Authmethod;
Damien Miller280ecfb2003-05-14 13:46:00 +1000246typedef struct identity Identity;
247typedef struct idlist Idlist;
Damien Miller62cee002000-09-23 17:15:56 +1100248
Damien Miller280ecfb2003-05-14 13:46:00 +1000249struct identity {
250 TAILQ_ENTRY(identity) next;
djm@openbsd.org141efe42015-01-14 20:05:27 +0000251 int agent_fd; /* >=0 if agent supports key */
252 struct sshkey *key; /* public/private key */
Damien Miller280ecfb2003-05-14 13:46:00 +1000253 char *filename; /* comment for agent-only keys */
254 int tried;
255 int isprivate; /* key points to the private key */
Damien Miller5ceddc32013-02-15 12:18:32 +1100256 int userprovided;
Damien Miller280ecfb2003-05-14 13:46:00 +1000257};
258TAILQ_HEAD(idlist, identity);
Damien Miller62cee002000-09-23 17:15:56 +1100259
djm@openbsd.org141efe42015-01-14 20:05:27 +0000260struct cauthctxt {
Damien Miller62cee002000-09-23 17:15:56 +1100261 const char *server_user;
Ben Lindstrom5eabda32001-04-12 23:34:34 +0000262 const char *local_user;
Damien Miller62cee002000-09-23 17:15:56 +1100263 const char *host;
264 const char *service;
djm@openbsd.org141efe42015-01-14 20:05:27 +0000265 struct cauthmethod *method;
Damien Miller79442c02010-05-10 11:55:38 +1000266 sig_atomic_t success;
Ben Lindstrom266dfdf2001-03-09 00:12:22 +0000267 char *authlist;
djm@openbsd.org141efe42015-01-14 20:05:27 +0000268 int attempt;
Ben Lindstrom5eabda32001-04-12 23:34:34 +0000269 /* pubkey */
djm@openbsd.org141efe42015-01-14 20:05:27 +0000270 struct idlist keys;
271 int agent_fd;
Ben Lindstrom5eabda32001-04-12 23:34:34 +0000272 /* hostbased */
Ben Lindstrom1bad2562002-06-06 19:57:33 +0000273 Sensitive *sensitive;
djm@openbsd.org46347ed2015-01-30 11:43:14 +0000274 char *oktypes, *ktypes;
275 const char *active_ktype;
Ben Lindstrom7d199962001-09-12 18:29:00 +0000276 /* kbd-interactive */
277 int info_req_seen;
Darren Tucker0efd1552003-08-26 11:49:55 +1000278 /* generic */
279 void *methoddata;
Damien Miller62cee002000-09-23 17:15:56 +1100280};
djm@openbsd.org141efe42015-01-14 20:05:27 +0000281
282struct cauthmethod {
Damien Miller62cee002000-09-23 17:15:56 +1100283 char *name; /* string to compare against server's list */
284 int (*userauth)(Authctxt *authctxt);
Damien Miller01ed2272008-11-05 16:20:46 +1100285 void (*cleanup)(Authctxt *authctxt);
Damien Miller62cee002000-09-23 17:15:56 +1100286 int *enabled; /* flag in option struct that enables method */
287 int *batch_flag; /* flag in option struct that disables method */
288};
289
markus@openbsd.org2ae666a2017-05-30 14:23:52 +0000290int input_userauth_service_accept(int, u_int32_t, struct ssh *);
291int input_userauth_ext_info(int, u_int32_t, struct ssh *);
292int input_userauth_success(int, u_int32_t, struct ssh *);
293int input_userauth_success_unexpected(int, u_int32_t, struct ssh *);
294int input_userauth_failure(int, u_int32_t, struct ssh *);
295int input_userauth_banner(int, u_int32_t, struct ssh *);
296int input_userauth_error(int, u_int32_t, struct ssh *);
297int input_userauth_info_req(int, u_int32_t, struct ssh *);
298int input_userauth_pk_ok(int, u_int32_t, struct ssh *);
299int input_userauth_passwd_changereq(int, u_int32_t, struct ssh *);
Damien Miller874d77b2000-10-14 16:23:11 +1100300
Ben Lindstrom3c36bb22001-12-06 17:55:26 +0000301int userauth_none(Authctxt *);
302int userauth_pubkey(Authctxt *);
303int userauth_passwd(Authctxt *);
304int userauth_kbdint(Authctxt *);
305int userauth_hostbased(Authctxt *);
Damien Miller62cee002000-09-23 17:15:56 +1100306
Darren Tucker0efd1552003-08-26 11:49:55 +1000307#ifdef GSSAPI
308int userauth_gssapi(Authctxt *authctxt);
markus@openbsd.org2ae666a2017-05-30 14:23:52 +0000309int input_gssapi_response(int type, u_int32_t, struct ssh *);
310int input_gssapi_token(int type, u_int32_t, struct ssh *);
311int input_gssapi_hash(int type, u_int32_t, struct ssh *);
312int input_gssapi_error(int, u_int32_t, struct ssh *);
313int input_gssapi_errtok(int, u_int32_t, struct ssh *);
Darren Tucker0efd1552003-08-26 11:49:55 +1000314#endif
315
Ben Lindstrom3c36bb22001-12-06 17:55:26 +0000316void userauth(Authctxt *, char *);
Ben Lindstrom266dfdf2001-03-09 00:12:22 +0000317
Damien Miller280ecfb2003-05-14 13:46:00 +1000318static int sign_and_send_pubkey(Authctxt *, Identity *);
Damien Miller280ecfb2003-05-14 13:46:00 +1000319static void pubkey_prepare(Authctxt *);
320static void pubkey_cleanup(Authctxt *);
djm@openbsd.orgb9844a42016-12-04 23:54:02 +0000321static void pubkey_reset(Authctxt *);
markus@openbsd.org54d90ac2017-05-30 08:52:19 +0000322static struct sshkey *load_identity_file(Identity *);
Ben Lindstrom266dfdf2001-03-09 00:12:22 +0000323
Ben Lindstrombba81212001-06-25 05:01:22 +0000324static Authmethod *authmethod_get(char *authlist);
325static Authmethod *authmethod_lookup(const char *name);
326static char *authmethods_get(void);
Damien Miller62cee002000-09-23 17:15:56 +1100327
328Authmethod authmethods[] = {
Darren Tucker0efd1552003-08-26 11:49:55 +1000329#ifdef GSSAPI
Damien Miller0425d402003-11-17 22:18:21 +1100330 {"gssapi-with-mic",
Darren Tucker0efd1552003-08-26 11:49:55 +1000331 userauth_gssapi,
Damien Miller01ed2272008-11-05 16:20:46 +1100332 NULL,
Darren Tucker0efd1552003-08-26 11:49:55 +1000333 &options.gss_authentication,
334 NULL},
335#endif
Ben Lindstrom1bfe2912001-06-05 19:37:25 +0000336 {"hostbased",
337 userauth_hostbased,
Damien Miller01ed2272008-11-05 16:20:46 +1100338 NULL,
Ben Lindstrom1bfe2912001-06-05 19:37:25 +0000339 &options.hostbased_authentication,
340 NULL},
Ben Lindstrom45350e82001-08-06 20:57:11 +0000341 {"publickey",
342 userauth_pubkey,
Damien Miller01ed2272008-11-05 16:20:46 +1100343 NULL,
Ben Lindstrom45350e82001-08-06 20:57:11 +0000344 &options.pubkey_authentication,
345 NULL},
Damien Miller874d77b2000-10-14 16:23:11 +1100346 {"keyboard-interactive",
347 userauth_kbdint,
Damien Miller01ed2272008-11-05 16:20:46 +1100348 NULL,
Damien Miller874d77b2000-10-14 16:23:11 +1100349 &options.kbd_interactive_authentication,
350 &options.batch_mode},
Ben Lindstrom45350e82001-08-06 20:57:11 +0000351 {"password",
352 userauth_passwd,
Damien Miller01ed2272008-11-05 16:20:46 +1100353 NULL,
Ben Lindstrom45350e82001-08-06 20:57:11 +0000354 &options.password_authentication,
355 &options.batch_mode},
Damien Miller874d77b2000-10-14 16:23:11 +1100356 {"none",
357 userauth_none,
358 NULL,
Damien Miller01ed2272008-11-05 16:20:46 +1100359 NULL,
Damien Miller874d77b2000-10-14 16:23:11 +1100360 NULL},
Damien Miller01ed2272008-11-05 16:20:46 +1100361 {NULL, NULL, NULL, NULL, NULL}
Damien Miller62cee002000-09-23 17:15:56 +1100362};
363
364void
Ben Lindstrom5eabda32001-04-12 23:34:34 +0000365ssh_userauth2(const char *local_user, const char *server_user, char *host,
Ben Lindstrom1bad2562002-06-06 19:57:33 +0000366 Sensitive *sensitive)
Damien Miller62cee002000-09-23 17:15:56 +1100367{
markus@openbsd.org76c9fbb2015-12-04 16:41:28 +0000368 struct ssh *ssh = active_state;
Damien Miller62cee002000-09-23 17:15:56 +1100369 Authctxt authctxt;
markus@openbsd.org76c9fbb2015-12-04 16:41:28 +0000370 int r;
Damien Miller62cee002000-09-23 17:15:56 +1100371
Ben Lindstrom551ea372001-06-05 18:56:16 +0000372 if (options.challenge_response_authentication)
Ben Lindstrom95fb2dd2001-01-23 03:12:10 +0000373 options.kbd_interactive_authentication = 1;
Ben Lindstromb9be60a2001-03-11 01:49:19 +0000374 if (options.preferred_authentications == NULL)
375 options.preferred_authentications = authmethods_get();
376
Damien Miller62cee002000-09-23 17:15:56 +1100377 /* setup authentication context */
Ben Lindstrom7d199962001-09-12 18:29:00 +0000378 memset(&authctxt, 0, sizeof(authctxt));
Damien Miller280ecfb2003-05-14 13:46:00 +1000379 pubkey_prepare(&authctxt);
Damien Miller62cee002000-09-23 17:15:56 +1100380 authctxt.server_user = server_user;
Ben Lindstrom5eabda32001-04-12 23:34:34 +0000381 authctxt.local_user = local_user;
Damien Miller62cee002000-09-23 17:15:56 +1100382 authctxt.host = host;
383 authctxt.service = "ssh-connection"; /* service name */
384 authctxt.success = 0;
Damien Miller874d77b2000-10-14 16:23:11 +1100385 authctxt.method = authmethod_lookup("none");
Ben Lindstrom266dfdf2001-03-09 00:12:22 +0000386 authctxt.authlist = NULL;
Darren Tucker0efd1552003-08-26 11:49:55 +1000387 authctxt.methoddata = NULL;
Ben Lindstrom1bad2562002-06-06 19:57:33 +0000388 authctxt.sensitive = sensitive;
djm@openbsd.org46347ed2015-01-30 11:43:14 +0000389 authctxt.active_ktype = authctxt.oktypes = authctxt.ktypes = NULL;
Ben Lindstrom7d199962001-09-12 18:29:00 +0000390 authctxt.info_req_seen = 0;
djm@openbsd.orgf14564c2015-01-15 11:04:36 +0000391 authctxt.agent_fd = -1;
Damien Miller874d77b2000-10-14 16:23:11 +1100392 if (authctxt.method == NULL)
393 fatal("ssh_userauth2: internal error: cannot send userauth none request");
Damien Miller62cee002000-09-23 17:15:56 +1100394
markus@openbsd.org76c9fbb2015-12-04 16:41:28 +0000395 if ((r = sshpkt_start(ssh, SSH2_MSG_SERVICE_REQUEST)) != 0 ||
396 (r = sshpkt_put_cstring(ssh, "ssh-userauth")) != 0 ||
397 (r = sshpkt_send(ssh)) != 0)
398 fatal("%s: %s", __func__, ssh_err(r));
Damien Miller62cee002000-09-23 17:15:56 +1100399
markus@openbsd.org94583be2017-05-30 14:19:15 +0000400 ssh->authctxt = &authctxt;
markus@openbsd.org76c9fbb2015-12-04 16:41:28 +0000401 ssh_dispatch_init(ssh, &input_userauth_error);
402 ssh_dispatch_set(ssh, SSH2_MSG_EXT_INFO, &input_userauth_ext_info);
403 ssh_dispatch_set(ssh, SSH2_MSG_SERVICE_ACCEPT, &input_userauth_service_accept);
markus@openbsd.org92e9fe62017-05-31 07:00:13 +0000404 ssh_dispatch_run_fatal(ssh, DISPATCH_BLOCK, &authctxt.success); /* loop until success */
markus@openbsd.org94583be2017-05-30 14:19:15 +0000405 ssh->authctxt = NULL;
Damien Miller62cee002000-09-23 17:15:56 +1100406
Damien Miller280ecfb2003-05-14 13:46:00 +1000407 pubkey_cleanup(&authctxt);
markus@openbsd.org76c9fbb2015-12-04 16:41:28 +0000408 ssh_dispatch_range(ssh, SSH2_MSG_USERAUTH_MIN, SSH2_MSG_USERAUTH_MAX, NULL);
Damien Millerf842fcb2003-05-15 12:01:28 +1000409
dtucker@openbsd.orgf31c6542016-09-22 02:29:57 +0000410 if (!authctxt.success)
411 fatal("Authentication failed.");
Ben Lindstrom1d568f92002-12-23 02:44:36 +0000412 debug("Authentication succeeded (%s).", authctxt.method->name);
Damien Miller62cee002000-09-23 17:15:56 +1100413}
Damien Millerf842fcb2003-05-15 12:01:28 +1000414
markus@openbsd.org76c9fbb2015-12-04 16:41:28 +0000415/* ARGSUSED */
416int
markus@openbsd.org2ae666a2017-05-30 14:23:52 +0000417input_userauth_service_accept(int type, u_int32_t seq, struct ssh *ssh)
markus@openbsd.org76c9fbb2015-12-04 16:41:28 +0000418{
markus@openbsd.org94583be2017-05-30 14:19:15 +0000419 Authctxt *authctxt = ssh->authctxt;
markus@openbsd.org76c9fbb2015-12-04 16:41:28 +0000420 int r;
421
422 if (ssh_packet_remaining(ssh) > 0) {
423 char *reply;
424
425 if ((r = sshpkt_get_cstring(ssh, &reply, NULL)) != 0)
426 goto out;
427 debug2("service_accept: %s", reply);
428 free(reply);
429 } else {
430 debug2("buggy server: service_accept w/o service");
431 }
432 if ((r = sshpkt_get_end(ssh)) != 0)
433 goto out;
434 debug("SSH2_MSG_SERVICE_ACCEPT received");
435
436 /* initial userauth request */
437 userauth_none(authctxt);
438
439 ssh_dispatch_set(ssh, SSH2_MSG_EXT_INFO, &input_userauth_error);
440 ssh_dispatch_set(ssh, SSH2_MSG_USERAUTH_SUCCESS, &input_userauth_success);
441 ssh_dispatch_set(ssh, SSH2_MSG_USERAUTH_FAILURE, &input_userauth_failure);
442 ssh_dispatch_set(ssh, SSH2_MSG_USERAUTH_BANNER, &input_userauth_banner);
443 r = 0;
444 out:
445 return r;
446}
447
448/* ARGSUSED */
449int
markus@openbsd.org2ae666a2017-05-30 14:23:52 +0000450input_userauth_ext_info(int type, u_int32_t seqnr, struct ssh *ssh)
markus@openbsd.org76c9fbb2015-12-04 16:41:28 +0000451{
markus@openbsd.org2ae666a2017-05-30 14:23:52 +0000452 return kex_input_ext_info(type, seqnr, ssh);
markus@openbsd.org76c9fbb2015-12-04 16:41:28 +0000453}
454
Damien Miller62cee002000-09-23 17:15:56 +1100455void
Ben Lindstrom266dfdf2001-03-09 00:12:22 +0000456userauth(Authctxt *authctxt, char *authlist)
457{
Damien Miller01ed2272008-11-05 16:20:46 +1100458 if (authctxt->method != NULL && authctxt->method->cleanup != NULL)
459 authctxt->method->cleanup(authctxt);
460
Darren Tuckera627d422013-06-02 07:31:17 +1000461 free(authctxt->methoddata);
462 authctxt->methoddata = NULL;
Ben Lindstrom266dfdf2001-03-09 00:12:22 +0000463 if (authlist == NULL) {
464 authlist = authctxt->authlist;
465 } else {
Darren Tuckera627d422013-06-02 07:31:17 +1000466 free(authctxt->authlist);
Ben Lindstrom266dfdf2001-03-09 00:12:22 +0000467 authctxt->authlist = authlist;
468 }
469 for (;;) {
470 Authmethod *method = authmethod_get(authlist);
471 if (method == NULL)
dtucker@openbsd.org4626e392017-06-14 00:31:38 +0000472 fatal("%s@%s: Permission denied (%s).",
473 authctxt->server_user, authctxt->host, authlist);
Ben Lindstrom266dfdf2001-03-09 00:12:22 +0000474 authctxt->method = method;
Damien Millerf842fcb2003-05-15 12:01:28 +1000475
476 /* reset the per method handler */
477 dispatch_range(SSH2_MSG_USERAUTH_PER_METHOD_MIN,
478 SSH2_MSG_USERAUTH_PER_METHOD_MAX, NULL);
479
480 /* and try new method */
Ben Lindstrom266dfdf2001-03-09 00:12:22 +0000481 if (method->userauth(authctxt) != 0) {
482 debug2("we sent a %s packet, wait for reply", method->name);
483 break;
484 } else {
485 debug2("we did not send a packet, disable method");
486 method->enabled = NULL;
487 }
488 }
489}
Ben Lindstrom5c385522002-06-23 21:23:20 +0000490
Damien Millerf7475d72008-11-03 19:26:18 +1100491/* ARGSUSED */
markus@openbsd.org3fdc88a2015-01-19 20:07:45 +0000492int
markus@openbsd.org2ae666a2017-05-30 14:23:52 +0000493input_userauth_error(int type, u_int32_t seq, struct ssh *ssh)
Damien Miller62cee002000-09-23 17:15:56 +1100494{
Ben Lindstromd26dcf32001-01-06 15:18:16 +0000495 fatal("input_userauth_error: bad message during authentication: "
Damien Miller0dc1bef2005-07-17 17:22:45 +1000496 "type %d", type);
markus@openbsd.org3fdc88a2015-01-19 20:07:45 +0000497 return 0;
Ben Lindstromd26dcf32001-01-06 15:18:16 +0000498}
Ben Lindstrom5c385522002-06-23 21:23:20 +0000499
Damien Millerf7475d72008-11-03 19:26:18 +1100500/* ARGSUSED */
markus@openbsd.org3fdc88a2015-01-19 20:07:45 +0000501int
markus@openbsd.org2ae666a2017-05-30 14:23:52 +0000502input_userauth_banner(int type, u_int32_t seq, struct ssh *ssh)
Ben Lindstromd26dcf32001-01-06 15:18:16 +0000503{
djm@openbsd.org65c6c6b2016-07-17 04:20:16 +0000504 char *msg, *lang;
Damien Miller7ba0ca72008-07-17 18:57:06 +1000505 u_int len;
Darren Tucker79644822003-10-08 17:37:58 +1000506
djm@openbsd.org65c6c6b2016-07-17 04:20:16 +0000507 debug3("%s", __func__);
508 msg = packet_get_string(&len);
Ben Lindstromd26dcf32001-01-06 15:18:16 +0000509 lang = packet_get_string(NULL);
djm@openbsd.org65c6c6b2016-07-17 04:20:16 +0000510 if (len > 0 && options.log_level >= SYSLOG_LEVEL_INFO)
511 fmprintf(stderr, "%s", msg);
512 free(msg);
Darren Tuckera627d422013-06-02 07:31:17 +1000513 free(lang);
markus@openbsd.org3fdc88a2015-01-19 20:07:45 +0000514 return 0;
Damien Miller62cee002000-09-23 17:15:56 +1100515}
Ben Lindstrom5c385522002-06-23 21:23:20 +0000516
Damien Millerf7475d72008-11-03 19:26:18 +1100517/* ARGSUSED */
markus@openbsd.org3fdc88a2015-01-19 20:07:45 +0000518int
markus@openbsd.org2ae666a2017-05-30 14:23:52 +0000519input_userauth_success(int type, u_int32_t seq, struct ssh *ssh)
Damien Miller62cee002000-09-23 17:15:56 +1100520{
markus@openbsd.org94583be2017-05-30 14:19:15 +0000521 Authctxt *authctxt = ssh->authctxt;
Darren Tucker2f29a8c2009-10-24 11:47:58 +1100522
Damien Miller62cee002000-09-23 17:15:56 +1100523 if (authctxt == NULL)
524 fatal("input_userauth_success: no authentication context");
Darren Tuckera627d422013-06-02 07:31:17 +1000525 free(authctxt->authlist);
526 authctxt->authlist = NULL;
Darren Tucker2f29a8c2009-10-24 11:47:58 +1100527 if (authctxt->method != NULL && authctxt->method->cleanup != NULL)
528 authctxt->method->cleanup(authctxt);
Darren Tuckera627d422013-06-02 07:31:17 +1000529 free(authctxt->methoddata);
530 authctxt->methoddata = NULL;
Damien Miller62cee002000-09-23 17:15:56 +1100531 authctxt->success = 1; /* break out */
markus@openbsd.org3fdc88a2015-01-19 20:07:45 +0000532 return 0;
Damien Miller62cee002000-09-23 17:15:56 +1100533}
Ben Lindstrom5c385522002-06-23 21:23:20 +0000534
markus@openbsd.org3fdc88a2015-01-19 20:07:45 +0000535int
markus@openbsd.org2ae666a2017-05-30 14:23:52 +0000536input_userauth_success_unexpected(int type, u_int32_t seq, struct ssh *ssh)
Darren Tucker2f29a8c2009-10-24 11:47:58 +1100537{
markus@openbsd.org94583be2017-05-30 14:19:15 +0000538 Authctxt *authctxt = ssh->authctxt;
Darren Tucker2f29a8c2009-10-24 11:47:58 +1100539
540 if (authctxt == NULL)
541 fatal("%s: no authentication context", __func__);
542
543 fatal("Unexpected authentication success during %s.",
544 authctxt->method->name);
markus@openbsd.org3fdc88a2015-01-19 20:07:45 +0000545 return 0;
Darren Tucker2f29a8c2009-10-24 11:47:58 +1100546}
547
Damien Millerf7475d72008-11-03 19:26:18 +1100548/* ARGSUSED */
markus@openbsd.org3fdc88a2015-01-19 20:07:45 +0000549int
markus@openbsd.org2ae666a2017-05-30 14:23:52 +0000550input_userauth_failure(int type, u_int32_t seq, struct ssh *ssh)
Damien Miller62cee002000-09-23 17:15:56 +1100551{
markus@openbsd.org94583be2017-05-30 14:19:15 +0000552 Authctxt *authctxt = ssh->authctxt;
Damien Miller62cee002000-09-23 17:15:56 +1100553 char *authlist = NULL;
554 int partial;
Damien Miller62cee002000-09-23 17:15:56 +1100555
556 if (authctxt == NULL)
557 fatal("input_userauth_failure: no authentication context");
558
Damien Miller874d77b2000-10-14 16:23:11 +1100559 authlist = packet_get_string(NULL);
Damien Miller62cee002000-09-23 17:15:56 +1100560 partial = packet_get_char();
Damien Miller48b03fc2002-01-22 23:11:40 +1100561 packet_check_eom();
Damien Miller62cee002000-09-23 17:15:56 +1100562
Damien Miller62e9c4f2013-04-23 15:15:49 +1000563 if (partial != 0) {
dtucker@openbsd.org83cbca62016-07-22 05:46:11 +0000564 verbose("Authenticated with partial success.");
Damien Miller62e9c4f2013-04-23 15:15:49 +1000565 /* reset state */
djm@openbsd.orgb9844a42016-12-04 23:54:02 +0000566 pubkey_reset(authctxt);
Damien Miller62e9c4f2013-04-23 15:15:49 +1000567 }
Ben Lindstrom1d568f92002-12-23 02:44:36 +0000568 debug("Authentications that can continue: %s", authlist);
Damien Miller62cee002000-09-23 17:15:56 +1100569
Ben Lindstrom266dfdf2001-03-09 00:12:22 +0000570 userauth(authctxt, authlist);
markus@openbsd.org3fdc88a2015-01-19 20:07:45 +0000571 return 0;
Ben Lindstrom266dfdf2001-03-09 00:12:22 +0000572}
Damien Millerf7475d72008-11-03 19:26:18 +1100573
574/* ARGSUSED */
markus@openbsd.org3fdc88a2015-01-19 20:07:45 +0000575int
markus@openbsd.org2ae666a2017-05-30 14:23:52 +0000576input_userauth_pk_ok(int type, u_int32_t seq, struct ssh *ssh)
Ben Lindstrom266dfdf2001-03-09 00:12:22 +0000577{
markus@openbsd.org94583be2017-05-30 14:19:15 +0000578 Authctxt *authctxt = ssh->authctxt;
markus@openbsd.org54d90ac2017-05-30 08:52:19 +0000579 struct sshkey *key = NULL;
Damien Miller280ecfb2003-05-14 13:46:00 +1000580 Identity *id = NULL;
Ben Lindstrom90fd8142002-02-26 18:09:42 +0000581 int pktype, sent = 0;
582 u_int alen, blen;
583 char *pkalg, *fp;
584 u_char *pkblob;
Ben Lindstrom266dfdf2001-03-09 00:12:22 +0000585
586 if (authctxt == NULL)
587 fatal("input_userauth_pk_ok: no authentication context");
djm@openbsd.org14b5c632018-01-23 05:27:21 +0000588
589 pkalg = packet_get_string(&alen);
590 pkblob = packet_get_string(&blen);
Damien Miller48b03fc2002-01-22 23:11:40 +1100591 packet_check_eom();
Ben Lindstrom266dfdf2001-03-09 00:12:22 +0000592
Damien Miller280ecfb2003-05-14 13:46:00 +1000593 debug("Server accepts key: pkalg %s blen %u", pkalg, blen);
Ben Lindstrom266dfdf2001-03-09 00:12:22 +0000594
Damien Miller280ecfb2003-05-14 13:46:00 +1000595 if ((pktype = key_type_from_name(pkalg)) == KEY_UNSPEC) {
596 debug("unknown pkalg %s", pkalg);
597 goto done;
598 }
599 if ((key = key_from_blob(pkblob, blen)) == NULL) {
600 debug("no key from blob. pkalg %s", pkalg);
601 goto done;
602 }
603 if (key->type != pktype) {
604 error("input_userauth_pk_ok: type mismatch "
605 "for decoded key (received %d, expected %d)",
606 key->type, pktype);
607 goto done;
608 }
djm@openbsd.org9ce86c92015-01-28 22:36:00 +0000609 if ((fp = sshkey_fingerprint(key, options.fingerprint_hash,
610 SSH_FP_DEFAULT)) == NULL)
611 goto done;
Damien Miller280ecfb2003-05-14 13:46:00 +1000612 debug2("input_userauth_pk_ok: fp %s", fp);
Darren Tuckera627d422013-06-02 07:31:17 +1000613 free(fp);
Ben Lindstrom266dfdf2001-03-09 00:12:22 +0000614
Darren Tuckerd05b6012003-10-15 15:55:59 +1000615 /*
616 * search keys in the reverse order, because last candidate has been
617 * moved to the end of the queue. this also avoids confusion by
618 * duplicate keys
619 */
Damien Miller0b51a522004-04-20 20:07:19 +1000620 TAILQ_FOREACH_REVERSE(id, &authctxt->keys, idlist, next) {
Damien Miller280ecfb2003-05-14 13:46:00 +1000621 if (key_equal(key, id->key)) {
622 sent = sign_and_send_pubkey(authctxt, id);
623 break;
624 }
625 }
626done:
dtucker@openbsd.orgf1f047f2018-02-07 22:52:45 +0000627 key_free(key);
Darren Tuckera627d422013-06-02 07:31:17 +1000628 free(pkalg);
629 free(pkblob);
Ben Lindstrom266dfdf2001-03-09 00:12:22 +0000630
Ben Lindstroma962c2f2002-07-04 00:14:17 +0000631 /* try another method if we did not send a packet */
Ben Lindstrom266dfdf2001-03-09 00:12:22 +0000632 if (sent == 0)
633 userauth(authctxt, NULL);
markus@openbsd.org3fdc88a2015-01-19 20:07:45 +0000634 return 0;
Damien Miller62cee002000-09-23 17:15:56 +1100635}
636
Darren Tucker0efd1552003-08-26 11:49:55 +1000637#ifdef GSSAPI
Damien Millera8e06ce2003-11-21 23:48:55 +1100638int
Darren Tucker0efd1552003-08-26 11:49:55 +1000639userauth_gssapi(Authctxt *authctxt)
640{
641 Gssctxt *gssctxt = NULL;
Darren Tucker56afe142003-11-03 20:06:14 +1100642 static gss_OID_set gss_supported = NULL;
Damien Millereccb9de2005-06-17 12:59:34 +1000643 static u_int mech = 0;
Darren Tucker0efd1552003-08-26 11:49:55 +1000644 OM_uint32 min;
645 int ok = 0;
646
647 /* Try one GSSAPI method at a time, rather than sending them all at
648 * once. */
649
Darren Tucker56afe142003-11-03 20:06:14 +1100650 if (gss_supported == NULL)
651 gss_indicate_mechs(&min, &gss_supported);
Darren Tucker0efd1552003-08-26 11:49:55 +1000652
653 /* Check to see if the mechanism is usable before we offer it */
Darren Tucker56afe142003-11-03 20:06:14 +1100654 while (mech < gss_supported->count && !ok) {
Darren Tucker0efd1552003-08-26 11:49:55 +1000655 /* My DER encoding requires length<128 */
Darren Tucker56afe142003-11-03 20:06:14 +1100656 if (gss_supported->elements[mech].length < 128 &&
Damien Millera1cb9f32006-08-19 00:33:34 +1000657 ssh_gssapi_check_mechanism(&gssctxt,
658 &gss_supported->elements[mech], authctxt->host)) {
Darren Tucker0efd1552003-08-26 11:49:55 +1000659 ok = 1; /* Mechanism works */
660 } else {
661 mech++;
662 }
663 }
664
Damien Millera1cb9f32006-08-19 00:33:34 +1000665 if (!ok)
Damien Millereccb9de2005-06-17 12:59:34 +1000666 return 0;
Darren Tucker0efd1552003-08-26 11:49:55 +1000667
668 authctxt->methoddata=(void *)gssctxt;
669
670 packet_start(SSH2_MSG_USERAUTH_REQUEST);
671 packet_put_cstring(authctxt->server_user);
672 packet_put_cstring(authctxt->service);
673 packet_put_cstring(authctxt->method->name);
674
675 packet_put_int(1);
676
Darren Tucker655a5e02003-11-03 20:09:03 +1100677 packet_put_int((gss_supported->elements[mech].length) + 2);
678 packet_put_char(SSH_GSS_OIDTYPE);
679 packet_put_char(gss_supported->elements[mech].length);
680 packet_put_raw(gss_supported->elements[mech].elements,
681 gss_supported->elements[mech].length);
Darren Tucker0efd1552003-08-26 11:49:55 +1000682
683 packet_send();
684
685 dispatch_set(SSH2_MSG_USERAUTH_GSSAPI_RESPONSE, &input_gssapi_response);
686 dispatch_set(SSH2_MSG_USERAUTH_GSSAPI_TOKEN, &input_gssapi_token);
687 dispatch_set(SSH2_MSG_USERAUTH_GSSAPI_ERROR, &input_gssapi_error);
688 dispatch_set(SSH2_MSG_USERAUTH_GSSAPI_ERRTOK, &input_gssapi_errtok);
689
690 mech++; /* Move along to next candidate */
691
692 return 1;
693}
694
Damien Miller91c6aa42003-11-17 21:20:18 +1100695static OM_uint32
djm@openbsd.org39896b72017-05-31 05:08:46 +0000696process_gssapi_token(struct ssh *ssh, gss_buffer_t recv_tok)
Damien Miller91c6aa42003-11-17 21:20:18 +1100697{
markus@openbsd.org94583be2017-05-30 14:19:15 +0000698 Authctxt *authctxt = ssh->authctxt;
Damien Miller91c6aa42003-11-17 21:20:18 +1100699 Gssctxt *gssctxt = authctxt->methoddata;
700 gss_buffer_desc send_tok = GSS_C_EMPTY_BUFFER;
Damien Millerda9984f2005-08-31 19:46:26 +1000701 gss_buffer_desc mic = GSS_C_EMPTY_BUFFER;
702 gss_buffer_desc gssbuf;
Damien Miller0425d402003-11-17 22:18:21 +1100703 OM_uint32 status, ms, flags;
704 Buffer b;
Damien Miller787b2ec2003-11-21 23:56:47 +1100705
Damien Miller91c6aa42003-11-17 21:20:18 +1100706 status = ssh_gssapi_init_ctx(gssctxt, options.gss_deleg_creds,
Damien Miller0425d402003-11-17 22:18:21 +1100707 recv_tok, &send_tok, &flags);
Damien Miller91c6aa42003-11-17 21:20:18 +1100708
709 if (send_tok.length > 0) {
710 if (GSS_ERROR(status))
711 packet_start(SSH2_MSG_USERAUTH_GSSAPI_ERRTOK);
712 else
713 packet_start(SSH2_MSG_USERAUTH_GSSAPI_TOKEN);
Damien Miller787b2ec2003-11-21 23:56:47 +1100714
Damien Miller91c6aa42003-11-17 21:20:18 +1100715 packet_put_string(send_tok.value, send_tok.length);
716 packet_send();
717 gss_release_buffer(&ms, &send_tok);
718 }
Damien Miller787b2ec2003-11-21 23:56:47 +1100719
Damien Miller91c6aa42003-11-17 21:20:18 +1100720 if (status == GSS_S_COMPLETE) {
Damien Miller0425d402003-11-17 22:18:21 +1100721 /* send either complete or MIC, depending on mechanism */
722 if (!(flags & GSS_C_INTEG_FLAG)) {
723 packet_start(SSH2_MSG_USERAUTH_GSSAPI_EXCHANGE_COMPLETE);
724 packet_send();
725 } else {
726 ssh_gssapi_buildmic(&b, authctxt->server_user,
727 authctxt->service, "gssapi-with-mic");
728
729 gssbuf.value = buffer_ptr(&b);
730 gssbuf.length = buffer_len(&b);
Damien Miller787b2ec2003-11-21 23:56:47 +1100731
Damien Miller0425d402003-11-17 22:18:21 +1100732 status = ssh_gssapi_sign(gssctxt, &gssbuf, &mic);
Damien Miller787b2ec2003-11-21 23:56:47 +1100733
Damien Miller0425d402003-11-17 22:18:21 +1100734 if (!GSS_ERROR(status)) {
735 packet_start(SSH2_MSG_USERAUTH_GSSAPI_MIC);
736 packet_put_string(mic.value, mic.length);
Damien Miller787b2ec2003-11-21 23:56:47 +1100737
Damien Miller0425d402003-11-17 22:18:21 +1100738 packet_send();
739 }
Damien Miller787b2ec2003-11-21 23:56:47 +1100740
Damien Miller0425d402003-11-17 22:18:21 +1100741 buffer_free(&b);
742 gss_release_buffer(&ms, &mic);
Damien Miller787b2ec2003-11-21 23:56:47 +1100743 }
Damien Miller91c6aa42003-11-17 21:20:18 +1100744 }
Damien Miller787b2ec2003-11-21 23:56:47 +1100745
Damien Miller91c6aa42003-11-17 21:20:18 +1100746 return status;
747}
748
Damien Millerf7475d72008-11-03 19:26:18 +1100749/* ARGSUSED */
djm@openbsd.org12b5f502015-01-20 07:56:44 +0000750int
markus@openbsd.org2ae666a2017-05-30 14:23:52 +0000751input_gssapi_response(int type, u_int32_t plen, struct ssh *ssh)
Darren Tucker0efd1552003-08-26 11:49:55 +1000752{
markus@openbsd.org94583be2017-05-30 14:19:15 +0000753 Authctxt *authctxt = ssh->authctxt;
Darren Tucker0efd1552003-08-26 11:49:55 +1000754 Gssctxt *gssctxt;
Darren Tucker0efd1552003-08-26 11:49:55 +1000755 int oidlen;
756 char *oidv;
Darren Tucker0efd1552003-08-26 11:49:55 +1000757
758 if (authctxt == NULL)
759 fatal("input_gssapi_response: no authentication context");
760 gssctxt = authctxt->methoddata;
761
762 /* Setup our OID */
763 oidv = packet_get_string(&oidlen);
764
Darren Tucker655a5e02003-11-03 20:09:03 +1100765 if (oidlen <= 2 ||
766 oidv[0] != SSH_GSS_OIDTYPE ||
767 oidv[1] != oidlen - 2) {
Darren Tuckera627d422013-06-02 07:31:17 +1000768 free(oidv);
Darren Tucker655a5e02003-11-03 20:09:03 +1100769 debug("Badly encoded mechanism OID received");
770 userauth(authctxt, NULL);
djm@openbsd.org12b5f502015-01-20 07:56:44 +0000771 return 0;
Darren Tucker0efd1552003-08-26 11:49:55 +1000772 }
773
Darren Tucker655a5e02003-11-03 20:09:03 +1100774 if (!ssh_gssapi_check_oid(gssctxt, oidv + 2, oidlen - 2))
775 fatal("Server returned different OID than expected");
776
Darren Tucker0efd1552003-08-26 11:49:55 +1000777 packet_check_eom();
778
Darren Tuckera627d422013-06-02 07:31:17 +1000779 free(oidv);
Darren Tucker0efd1552003-08-26 11:49:55 +1000780
djm@openbsd.org39896b72017-05-31 05:08:46 +0000781 if (GSS_ERROR(process_gssapi_token(ssh, GSS_C_NO_BUFFER))) {
Darren Tucker0efd1552003-08-26 11:49:55 +1000782 /* Start again with next method on list */
783 debug("Trying to start again");
784 userauth(authctxt, NULL);
djm@openbsd.org12b5f502015-01-20 07:56:44 +0000785 return 0;
Darren Tucker0efd1552003-08-26 11:49:55 +1000786 }
djm@openbsd.org12b5f502015-01-20 07:56:44 +0000787 return 0;
Darren Tucker0efd1552003-08-26 11:49:55 +1000788}
789
Damien Millerf7475d72008-11-03 19:26:18 +1100790/* ARGSUSED */
djm@openbsd.org12b5f502015-01-20 07:56:44 +0000791int
markus@openbsd.org2ae666a2017-05-30 14:23:52 +0000792input_gssapi_token(int type, u_int32_t plen, struct ssh *ssh)
Darren Tucker0efd1552003-08-26 11:49:55 +1000793{
markus@openbsd.org94583be2017-05-30 14:19:15 +0000794 Authctxt *authctxt = ssh->authctxt;
Darren Tucker0efd1552003-08-26 11:49:55 +1000795 gss_buffer_desc recv_tok;
Damien Miller91c6aa42003-11-17 21:20:18 +1100796 OM_uint32 status;
Darren Tucker0efd1552003-08-26 11:49:55 +1000797 u_int slen;
798
799 if (authctxt == NULL)
800 fatal("input_gssapi_response: no authentication context");
Darren Tucker0efd1552003-08-26 11:49:55 +1000801
802 recv_tok.value = packet_get_string(&slen);
803 recv_tok.length = slen; /* safe typecast */
804
805 packet_check_eom();
806
djm@openbsd.org39896b72017-05-31 05:08:46 +0000807 status = process_gssapi_token(ssh, &recv_tok);
Darren Tucker0efd1552003-08-26 11:49:55 +1000808
Darren Tuckera627d422013-06-02 07:31:17 +1000809 free(recv_tok.value);
Darren Tucker0efd1552003-08-26 11:49:55 +1000810
811 if (GSS_ERROR(status)) {
Darren Tucker0efd1552003-08-26 11:49:55 +1000812 /* Start again with the next method in the list */
813 userauth(authctxt, NULL);
djm@openbsd.org12b5f502015-01-20 07:56:44 +0000814 return 0;
Darren Tucker0efd1552003-08-26 11:49:55 +1000815 }
djm@openbsd.org12b5f502015-01-20 07:56:44 +0000816 return 0;
Darren Tucker0efd1552003-08-26 11:49:55 +1000817}
818
Damien Millerf7475d72008-11-03 19:26:18 +1100819/* ARGSUSED */
djm@openbsd.org12b5f502015-01-20 07:56:44 +0000820int
markus@openbsd.org2ae666a2017-05-30 14:23:52 +0000821input_gssapi_errtok(int type, u_int32_t plen, struct ssh *ssh)
Darren Tucker0efd1552003-08-26 11:49:55 +1000822{
markus@openbsd.org94583be2017-05-30 14:19:15 +0000823 Authctxt *authctxt = ssh->authctxt;
Darren Tucker0efd1552003-08-26 11:49:55 +1000824 Gssctxt *gssctxt;
825 gss_buffer_desc send_tok = GSS_C_EMPTY_BUFFER;
826 gss_buffer_desc recv_tok;
Damien Millerd677ad12013-04-23 15:18:51 +1000827 OM_uint32 ms;
Darren Tucker600ad8d2003-08-26 12:10:48 +1000828 u_int len;
Darren Tucker0efd1552003-08-26 11:49:55 +1000829
830 if (authctxt == NULL)
831 fatal("input_gssapi_response: no authentication context");
832 gssctxt = authctxt->methoddata;
833
Darren Tucker600ad8d2003-08-26 12:10:48 +1000834 recv_tok.value = packet_get_string(&len);
835 recv_tok.length = len;
Darren Tucker0efd1552003-08-26 11:49:55 +1000836
837 packet_check_eom();
838
839 /* Stick it into GSSAPI and see what it says */
Damien Millerd677ad12013-04-23 15:18:51 +1000840 (void)ssh_gssapi_init_ctx(gssctxt, options.gss_deleg_creds,
Damien Miller0dc1bef2005-07-17 17:22:45 +1000841 &recv_tok, &send_tok, NULL);
Darren Tucker0efd1552003-08-26 11:49:55 +1000842
Darren Tuckera627d422013-06-02 07:31:17 +1000843 free(recv_tok.value);
Darren Tucker0efd1552003-08-26 11:49:55 +1000844 gss_release_buffer(&ms, &send_tok);
845
846 /* Server will be returning a failed packet after this one */
djm@openbsd.org12b5f502015-01-20 07:56:44 +0000847 return 0;
Darren Tucker0efd1552003-08-26 11:49:55 +1000848}
849
Damien Millerf7475d72008-11-03 19:26:18 +1100850/* ARGSUSED */
djm@openbsd.org12b5f502015-01-20 07:56:44 +0000851int
markus@openbsd.org2ae666a2017-05-30 14:23:52 +0000852input_gssapi_error(int type, u_int32_t plen, struct ssh *ssh)
Darren Tucker0efd1552003-08-26 11:49:55 +1000853{
Darren Tucker0efd1552003-08-26 11:49:55 +1000854 char *msg;
855 char *lang;
856
Damien Millerd677ad12013-04-23 15:18:51 +1000857 /* maj */(void)packet_get_int();
858 /* min */(void)packet_get_int();
Darren Tucker0efd1552003-08-26 11:49:55 +1000859 msg=packet_get_string(NULL);
860 lang=packet_get_string(NULL);
861
862 packet_check_eom();
863
Damien Miller15d72a02005-11-05 15:07:33 +1100864 debug("Server GSSAPI Error:\n%s", msg);
Darren Tuckera627d422013-06-02 07:31:17 +1000865 free(msg);
866 free(lang);
djm@openbsd.org12b5f502015-01-20 07:56:44 +0000867 return 0;
Darren Tucker0efd1552003-08-26 11:49:55 +1000868}
869#endif /* GSSAPI */
870
Damien Millereba71ba2000-04-29 23:57:08 +1000871int
Damien Miller874d77b2000-10-14 16:23:11 +1100872userauth_none(Authctxt *authctxt)
873{
874 /* initial userauth request */
875 packet_start(SSH2_MSG_USERAUTH_REQUEST);
876 packet_put_cstring(authctxt->server_user);
877 packet_put_cstring(authctxt->service);
878 packet_put_cstring(authctxt->method->name);
879 packet_send();
Damien Miller874d77b2000-10-14 16:23:11 +1100880 return 1;
881}
882
883int
Damien Miller62cee002000-09-23 17:15:56 +1100884userauth_passwd(Authctxt *authctxt)
Damien Millereba71ba2000-04-29 23:57:08 +1000885{
Damien Millere247cc42000-05-07 12:03:14 +1000886 static int attempt = 0;
dtucker@openbsd.orga54eb272017-08-27 00:38:41 +0000887 char prompt[256];
Damien Millereba71ba2000-04-29 23:57:08 +1000888 char *password;
Darren Tuckerab791692010-01-08 18:48:02 +1100889 const char *host = options.host_key_alias ? options.host_key_alias :
890 authctxt->host;
Damien Millereba71ba2000-04-29 23:57:08 +1000891
Damien Millerd3a18572000-06-07 19:55:44 +1000892 if (attempt++ >= options.number_of_password_prompts)
Damien Millere247cc42000-05-07 12:03:14 +1000893 return 0;
894
Ben Lindstrom1c37c6a2001-12-06 18:00:18 +0000895 if (attempt != 1)
Damien Millerd3a18572000-06-07 19:55:44 +1000896 error("Permission denied, please try again.");
897
Ben Lindstrom03df5bd2001-02-10 22:16:41 +0000898 snprintf(prompt, sizeof(prompt), "%.30s@%.128s's password: ",
Darren Tuckerab791692010-01-08 18:48:02 +1100899 authctxt->server_user, host);
Damien Millereba71ba2000-04-29 23:57:08 +1000900 password = read_passphrase(prompt, 0);
901 packet_start(SSH2_MSG_USERAUTH_REQUEST);
Damien Miller62cee002000-09-23 17:15:56 +1100902 packet_put_cstring(authctxt->server_user);
903 packet_put_cstring(authctxt->service);
Damien Miller874d77b2000-10-14 16:23:11 +1100904 packet_put_cstring(authctxt->method->name);
Damien Millereba71ba2000-04-29 23:57:08 +1000905 packet_put_char(0);
Ben Lindstrom5699c5f2001-03-05 06:17:49 +0000906 packet_put_cstring(password);
Damien Millera5103f42014-02-04 11:20:14 +1100907 explicit_bzero(password, strlen(password));
Darren Tuckera627d422013-06-02 07:31:17 +1000908 free(password);
Damien Miller9f643902001-11-12 11:02:52 +1100909 packet_add_padding(64);
Damien Millereba71ba2000-04-29 23:57:08 +1000910 packet_send();
Ben Lindstrom38a69e62002-03-27 17:28:46 +0000911
Ben Lindstromcb72e4f2002-06-21 00:41:51 +0000912 dispatch_set(SSH2_MSG_USERAUTH_PASSWD_CHANGEREQ,
Ben Lindstrom38a69e62002-03-27 17:28:46 +0000913 &input_userauth_passwd_changereq);
914
Damien Millereba71ba2000-04-29 23:57:08 +1000915 return 1;
916}
Damien Millerf7475d72008-11-03 19:26:18 +1100917
Ben Lindstrom38a69e62002-03-27 17:28:46 +0000918/*
919 * parse PASSWD_CHANGEREQ, prompt user and send SSH2_MSG_USERAUTH_REQUEST
920 */
Damien Millerf7475d72008-11-03 19:26:18 +1100921/* ARGSUSED */
markus@openbsd.org3fdc88a2015-01-19 20:07:45 +0000922int
markus@openbsd.org2ae666a2017-05-30 14:23:52 +0000923input_userauth_passwd_changereq(int type, u_int32_t seqnr, struct ssh *ssh)
Ben Lindstrom38a69e62002-03-27 17:28:46 +0000924{
markus@openbsd.org94583be2017-05-30 14:19:15 +0000925 Authctxt *authctxt = ssh->authctxt;
Ben Lindstrom38a69e62002-03-27 17:28:46 +0000926 char *info, *lang, *password = NULL, *retype = NULL;
dtucker@openbsd.orga54eb272017-08-27 00:38:41 +0000927 char prompt[256];
djm@openbsd.org3e032a92017-01-30 00:32:03 +0000928 const char *host;
Ben Lindstrom38a69e62002-03-27 17:28:46 +0000929
930 debug2("input_userauth_passwd_changereq");
931
932 if (authctxt == NULL)
933 fatal("input_userauth_passwd_changereq: "
934 "no authentication context");
djm@openbsd.org3e032a92017-01-30 00:32:03 +0000935 host = options.host_key_alias ? options.host_key_alias : authctxt->host;
Ben Lindstrom38a69e62002-03-27 17:28:46 +0000936
937 info = packet_get_string(NULL);
938 lang = packet_get_string(NULL);
939 if (strlen(info) > 0)
Damien Miller996acd22003-04-09 20:59:48 +1000940 logit("%s", info);
Darren Tuckera627d422013-06-02 07:31:17 +1000941 free(info);
942 free(lang);
Ben Lindstrom38a69e62002-03-27 17:28:46 +0000943 packet_start(SSH2_MSG_USERAUTH_REQUEST);
944 packet_put_cstring(authctxt->server_user);
945 packet_put_cstring(authctxt->service);
946 packet_put_cstring(authctxt->method->name);
947 packet_put_char(1); /* additional info */
Ben Lindstromcb72e4f2002-06-21 00:41:51 +0000948 snprintf(prompt, sizeof(prompt),
Ben Lindstrom38a69e62002-03-27 17:28:46 +0000949 "Enter %.30s@%.128s's old password: ",
Darren Tuckerab791692010-01-08 18:48:02 +1100950 authctxt->server_user, host);
Ben Lindstrom38a69e62002-03-27 17:28:46 +0000951 password = read_passphrase(prompt, 0);
952 packet_put_cstring(password);
Damien Millera5103f42014-02-04 11:20:14 +1100953 explicit_bzero(password, strlen(password));
Darren Tuckera627d422013-06-02 07:31:17 +1000954 free(password);
Ben Lindstrom38a69e62002-03-27 17:28:46 +0000955 password = NULL;
956 while (password == NULL) {
Ben Lindstromcb72e4f2002-06-21 00:41:51 +0000957 snprintf(prompt, sizeof(prompt),
Ben Lindstrom38a69e62002-03-27 17:28:46 +0000958 "Enter %.30s@%.128s's new password: ",
Darren Tuckerab791692010-01-08 18:48:02 +1100959 authctxt->server_user, host);
Ben Lindstrom38a69e62002-03-27 17:28:46 +0000960 password = read_passphrase(prompt, RP_ALLOW_EOF);
961 if (password == NULL) {
962 /* bail out */
markus@openbsd.org3fdc88a2015-01-19 20:07:45 +0000963 return 0;
Ben Lindstrom38a69e62002-03-27 17:28:46 +0000964 }
Ben Lindstromcb72e4f2002-06-21 00:41:51 +0000965 snprintf(prompt, sizeof(prompt),
Ben Lindstrom38a69e62002-03-27 17:28:46 +0000966 "Retype %.30s@%.128s's new password: ",
Darren Tuckerab791692010-01-08 18:48:02 +1100967 authctxt->server_user, host);
Ben Lindstrom38a69e62002-03-27 17:28:46 +0000968 retype = read_passphrase(prompt, 0);
969 if (strcmp(password, retype) != 0) {
Damien Millera5103f42014-02-04 11:20:14 +1100970 explicit_bzero(password, strlen(password));
Darren Tuckera627d422013-06-02 07:31:17 +1000971 free(password);
Damien Miller996acd22003-04-09 20:59:48 +1000972 logit("Mismatch; try again, EOF to quit.");
Ben Lindstrom38a69e62002-03-27 17:28:46 +0000973 password = NULL;
974 }
Damien Millera5103f42014-02-04 11:20:14 +1100975 explicit_bzero(retype, strlen(retype));
Darren Tuckera627d422013-06-02 07:31:17 +1000976 free(retype);
Ben Lindstrom38a69e62002-03-27 17:28:46 +0000977 }
978 packet_put_cstring(password);
Damien Millera5103f42014-02-04 11:20:14 +1100979 explicit_bzero(password, strlen(password));
Darren Tuckera627d422013-06-02 07:31:17 +1000980 free(password);
Ben Lindstrom38a69e62002-03-27 17:28:46 +0000981 packet_add_padding(64);
982 packet_send();
Ben Lindstromcb72e4f2002-06-21 00:41:51 +0000983
984 dispatch_set(SSH2_MSG_USERAUTH_PASSWD_CHANGEREQ,
Ben Lindstrom38a69e62002-03-27 17:28:46 +0000985 &input_userauth_passwd_changereq);
markus@openbsd.org3fdc88a2015-01-19 20:07:45 +0000986 return 0;
Ben Lindstrom38a69e62002-03-27 17:28:46 +0000987}
Damien Millereba71ba2000-04-29 23:57:08 +1000988
markus@openbsd.org76c9fbb2015-12-04 16:41:28 +0000989static const char *
djm@openbsd.org1e245522017-03-11 23:40:26 +0000990key_sign_encode(const struct sshkey *key)
markus@openbsd.org76c9fbb2015-12-04 16:41:28 +0000991{
992 struct ssh *ssh = active_state;
993
djm@openbsd.org1e245522017-03-11 23:40:26 +0000994 if (key->type == KEY_RSA) {
markus@openbsd.org76c9fbb2015-12-04 16:41:28 +0000995 switch (ssh->kex->rsa_sha2) {
996 case 256:
997 return "rsa-sha2-256";
998 case 512:
999 return "rsa-sha2-512";
1000 }
1001 }
djm@openbsd.org1e245522017-03-11 23:40:26 +00001002 return key_ssh_name(key);
markus@openbsd.org76c9fbb2015-12-04 16:41:28 +00001003}
1004
djm@openbsd.org26074382018-03-03 03:01:50 +00001005/*
1006 * Some agents will return ssh-rsa signatures when asked to make a
1007 * rsa-sha2-* signature. Check what they actually gave back and warn the
1008 * user if the agent has returned an unexpected type.
1009 */
1010static int
1011check_sigtype(const struct sshkey *key, const u_char *sig, size_t len)
1012{
1013 int r;
1014 char *sigtype = NULL;
1015 const char *alg = key_sign_encode(key);
1016
1017 if ((r = sshkey_sigtype(sig, len, &sigtype)) != 0)
1018 return r;
1019 if (strcmp(sigtype, alg) != 0) {
1020 logit("warning: agent returned different signature type %s "
1021 "(expected %s)", sigtype, alg);
1022 }
1023 free(sigtype);
1024 /* Incorrect signature types aren't an error ... yet */
1025 return 0;
1026}
1027
Ben Lindstrombba81212001-06-25 05:01:22 +00001028static int
djm@openbsd.org141efe42015-01-14 20:05:27 +00001029identity_sign(struct identity *id, u_char **sigp, size_t *lenp,
1030 const u_char *data, size_t datalen, u_int compat)
Damien Miller280ecfb2003-05-14 13:46:00 +10001031{
markus@openbsd.org54d90ac2017-05-30 08:52:19 +00001032 struct sshkey *prv;
djm@openbsd.org26074382018-03-03 03:01:50 +00001033 int r;
Damien Miller280ecfb2003-05-14 13:46:00 +10001034
1035 /* the agent supports this key */
djm@openbsd.org26074382018-03-03 03:01:50 +00001036 if (id->key != NULL && id->agent_fd != -1) {
1037 if ((r = ssh_agent_sign(id->agent_fd, id->key, sigp, lenp,
1038 data, datalen, key_sign_encode(id->key), compat)) != 0 ||
1039 (r = check_sigtype(id->key, *sigp, *lenp)) != 0)
1040 return r;
1041 return 0;
1042 }
djm@openbsd.org141efe42015-01-14 20:05:27 +00001043
Damien Miller280ecfb2003-05-14 13:46:00 +10001044 /*
1045 * we have already loaded the private key or
1046 * the private key is stored in external hardware
1047 */
djm@openbsd.org1e245522017-03-11 23:40:26 +00001048 if (id->key != NULL &&
1049 (id->isprivate || (id->key->flags & SSHKEY_FLAG_EXT)))
1050 return (sshkey_sign(id->key, sigp, lenp, data, datalen,
1051 key_sign_encode(id->key), compat));
1052
Damien Miller280ecfb2003-05-14 13:46:00 +10001053 /* load the private key from the file */
jcs@openbsd.orgf361df42015-11-15 22:26:49 +00001054 if ((prv = load_identity_file(id)) == NULL)
djm@openbsd.org0d1451a2016-02-23 01:34:14 +00001055 return SSH_ERR_KEY_NOT_FOUND;
djm@openbsd.orgc4972d02017-08-11 04:47:12 +00001056 if (id->key != NULL && !sshkey_equal_public(prv, id->key)) {
1057 error("%s: private key %s contents do not match public",
1058 __func__, id->filename);
1059 return SSH_ERR_KEY_NOT_FOUND;
1060 }
djm@openbsd.org26074382018-03-03 03:01:50 +00001061 r = sshkey_sign(prv, sigp, lenp, data, datalen,
djm@openbsd.org1e245522017-03-11 23:40:26 +00001062 key_sign_encode(prv), compat);
djm@openbsd.org141efe42015-01-14 20:05:27 +00001063 sshkey_free(prv);
djm@openbsd.org26074382018-03-03 03:01:50 +00001064 return r;
Damien Miller280ecfb2003-05-14 13:46:00 +10001065}
1066
1067static int
djm@openbsd.org1e245522017-03-11 23:40:26 +00001068id_filename_matches(Identity *id, Identity *private_id)
1069{
1070 const char *suffixes[] = { ".pub", "-cert.pub", NULL };
1071 size_t len = strlen(id->filename), plen = strlen(private_id->filename);
1072 size_t i, slen;
1073
1074 if (strcmp(id->filename, private_id->filename) == 0)
1075 return 1;
1076 for (i = 0; suffixes[i]; i++) {
1077 slen = strlen(suffixes[i]);
1078 if (len > slen && plen == len - slen &&
1079 strcmp(id->filename + (len - slen), suffixes[i]) == 0 &&
1080 memcmp(id->filename, private_id->filename, plen) == 0)
1081 return 1;
1082 }
1083 return 0;
1084}
1085
1086static int
Damien Miller280ecfb2003-05-14 13:46:00 +10001087sign_and_send_pubkey(Authctxt *authctxt, Identity *id)
Damien Millereba71ba2000-04-29 23:57:08 +10001088{
1089 Buffer b;
djm@openbsd.org4e44a792015-09-24 06:15:11 +00001090 Identity *private_id;
Ben Lindstrom46c16222000-12-22 01:43:59 +00001091 u_char *blob, *signature;
djm@openbsd.org141efe42015-01-14 20:05:27 +00001092 size_t slen;
djm@openbsd.org4e44a792015-09-24 06:15:11 +00001093 u_int bloblen, skip = 0;
1094 int matched, ret = -1, have_sig = 1;
Damien Miller4e270b02010-04-16 15:56:21 +10001095 char *fp;
Damien Millereba71ba2000-04-29 23:57:08 +10001096
djm@openbsd.org9ce86c92015-01-28 22:36:00 +00001097 if ((fp = sshkey_fingerprint(id->key, options.fingerprint_hash,
1098 SSH_FP_DEFAULT)) == NULL)
1099 return 0;
djm@openbsd.org4e44a792015-09-24 06:15:11 +00001100 debug3("%s: %s %s", __func__, key_type(id->key), fp);
Darren Tuckera627d422013-06-02 07:31:17 +10001101 free(fp);
Ben Lindstrom266dfdf2001-03-09 00:12:22 +00001102
Damien Miller280ecfb2003-05-14 13:46:00 +10001103 if (key_to_blob(id->key, &blob, &bloblen) == 0) {
Damien Miller0bc1bd82000-11-13 22:57:25 +11001104 /* we cannot handle this key */
Ben Lindstromd121f612000-12-03 17:00:47 +00001105 debug3("sign_and_send_pubkey: cannot handle key");
Damien Miller0bc1bd82000-11-13 22:57:25 +11001106 return 0;
1107 }
Damien Millereba71ba2000-04-29 23:57:08 +10001108 /* data to be signed */
1109 buffer_init(&b);
Damien Miller50a41ed2000-10-16 12:14:42 +11001110 if (datafellows & SSH_OLD_SESSIONID) {
Damien Miller6536c7d2000-06-22 21:32:31 +10001111 buffer_append(&b, session_id2, session_id2_len);
Kevin Stevesef4eea92001-02-05 12:42:17 +00001112 skip = session_id2_len;
Damien Miller50a41ed2000-10-16 12:14:42 +11001113 } else {
1114 buffer_put_string(&b, session_id2, session_id2_len);
1115 skip = buffer_len(&b);
Damien Miller6536c7d2000-06-22 21:32:31 +10001116 }
Damien Millereba71ba2000-04-29 23:57:08 +10001117 buffer_put_char(&b, SSH2_MSG_USERAUTH_REQUEST);
Damien Miller62cee002000-09-23 17:15:56 +11001118 buffer_put_cstring(&b, authctxt->server_user);
djm@openbsd.org14b5c632018-01-23 05:27:21 +00001119 buffer_put_cstring(&b, authctxt->service);
1120 buffer_put_cstring(&b, authctxt->method->name);
1121 buffer_put_char(&b, have_sig);
1122 buffer_put_cstring(&b, key_sign_encode(id->key));
Damien Millereba71ba2000-04-29 23:57:08 +10001123 buffer_put_string(&b, blob, bloblen);
Damien Millereba71ba2000-04-29 23:57:08 +10001124
djm@openbsd.org4e44a792015-09-24 06:15:11 +00001125 /*
1126 * If the key is an certificate, try to find a matching private key
1127 * and use it to complete the signature.
djm@openbsd.org9ee692f2016-04-28 14:30:21 +00001128 * If no such private key exists, fall back to trying the certificate
1129 * key itself in case it has a private half already loaded.
djm@openbsd.org4e44a792015-09-24 06:15:11 +00001130 */
1131 if (key_is_cert(id->key)) {
1132 matched = 0;
1133 TAILQ_FOREACH(private_id, &authctxt->keys, next) {
1134 if (sshkey_equal_public(id->key, private_id->key) &&
1135 id->key->type != private_id->key->type) {
1136 id = private_id;
1137 matched = 1;
1138 break;
1139 }
1140 }
djm@openbsd.org1e245522017-03-11 23:40:26 +00001141 /*
1142 * Exact key matches are preferred, but also allow
1143 * filename matches for non-PKCS#11/agent keys that
1144 * didn't load public keys. This supports the case
1145 * of keeping just a private key file and public
1146 * certificate on disk.
1147 */
1148 if (!matched && !id->isprivate && id->agent_fd == -1 &&
1149 (id->key->flags & SSHKEY_FLAG_EXT) == 0) {
1150 TAILQ_FOREACH(private_id, &authctxt->keys, next) {
1151 if (private_id->key == NULL &&
1152 id_filename_matches(id, private_id)) {
1153 id = private_id;
1154 matched = 1;
1155 break;
1156 }
1157 }
1158 }
djm@openbsd.org4e44a792015-09-24 06:15:11 +00001159 if (matched) {
1160 debug2("%s: using private key \"%s\"%s for "
1161 "certificate", __func__, id->filename,
1162 id->agent_fd != -1 ? " from agent" : "");
1163 } else {
djm@openbsd.orgc38905b2016-03-14 16:20:54 +00001164 debug("%s: no separate private key for certificate "
djm@openbsd.org4e44a792015-09-24 06:15:11 +00001165 "\"%s\"", __func__, id->filename);
djm@openbsd.org4e44a792015-09-24 06:15:11 +00001166 }
1167 }
1168
Damien Millereba71ba2000-04-29 23:57:08 +10001169 /* generate signature */
Damien Miller280ecfb2003-05-14 13:46:00 +10001170 ret = identity_sign(id, &signature, &slen,
djm@openbsd.org141efe42015-01-14 20:05:27 +00001171 buffer_ptr(&b), buffer_len(&b), datafellows);
1172 if (ret != 0) {
djm@openbsd.org0d1451a2016-02-23 01:34:14 +00001173 if (ret != SSH_ERR_KEY_NOT_FOUND)
1174 error("%s: signing failed: %s", __func__, ssh_err(ret));
Darren Tuckera627d422013-06-02 07:31:17 +10001175 free(blob);
Damien Millerad833b32000-08-23 10:46:23 +10001176 buffer_free(&b);
1177 return 0;
1178 }
Damien Miller0bc1bd82000-11-13 22:57:25 +11001179#ifdef DEBUG_PK
Damien Millereba71ba2000-04-29 23:57:08 +10001180 buffer_dump(&b);
1181#endif
Darren Tuckera627d422013-06-02 07:31:17 +10001182 free(blob);
Ben Lindstrom266dfdf2001-03-09 00:12:22 +00001183
Damien Millereba71ba2000-04-29 23:57:08 +10001184 /* append signature */
1185 buffer_put_string(&b, signature, slen);
Darren Tuckera627d422013-06-02 07:31:17 +10001186 free(signature);
Damien Millereba71ba2000-04-29 23:57:08 +10001187
1188 /* skip session id and packet type */
Damien Miller6536c7d2000-06-22 21:32:31 +10001189 if (buffer_len(&b) < skip + 1)
Damien Miller62cee002000-09-23 17:15:56 +11001190 fatal("userauth_pubkey: internal error");
Damien Miller6536c7d2000-06-22 21:32:31 +10001191 buffer_consume(&b, skip + 1);
Damien Millereba71ba2000-04-29 23:57:08 +10001192
1193 /* put remaining data from buffer into packet */
1194 packet_start(SSH2_MSG_USERAUTH_REQUEST);
1195 packet_put_raw(buffer_ptr(&b), buffer_len(&b));
1196 buffer_free(&b);
Damien Millereba71ba2000-04-29 23:57:08 +10001197 packet_send();
Damien Millerad833b32000-08-23 10:46:23 +10001198
1199 return 1;
Damien Miller994cf142000-07-21 10:19:44 +10001200}
1201
Ben Lindstrombba81212001-06-25 05:01:22 +00001202static int
Damien Miller280ecfb2003-05-14 13:46:00 +10001203send_pubkey_test(Authctxt *authctxt, Identity *id)
Damien Miller994cf142000-07-21 10:19:44 +10001204{
Ben Lindstrom266dfdf2001-03-09 00:12:22 +00001205 u_char *blob;
Ben Lindstromc58ab022002-02-26 18:15:09 +00001206 u_int bloblen, have_sig = 0;
Damien Miller994cf142000-07-21 10:19:44 +10001207
Ben Lindstrom266dfdf2001-03-09 00:12:22 +00001208 debug3("send_pubkey_test");
1209
Damien Miller280ecfb2003-05-14 13:46:00 +10001210 if (key_to_blob(id->key, &blob, &bloblen) == 0) {
Ben Lindstrom266dfdf2001-03-09 00:12:22 +00001211 /* we cannot handle this key */
1212 debug3("send_pubkey_test: cannot handle key");
Damien Miller994cf142000-07-21 10:19:44 +10001213 return 0;
1214 }
Ben Lindstrom266dfdf2001-03-09 00:12:22 +00001215 /* register callback for USERAUTH_PK_OK message */
Ben Lindstrom266dfdf2001-03-09 00:12:22 +00001216 dispatch_set(SSH2_MSG_USERAUTH_PK_OK, &input_userauth_pk_ok);
Damien Miller994cf142000-07-21 10:19:44 +10001217
Ben Lindstrom266dfdf2001-03-09 00:12:22 +00001218 packet_start(SSH2_MSG_USERAUTH_REQUEST);
1219 packet_put_cstring(authctxt->server_user);
1220 packet_put_cstring(authctxt->service);
1221 packet_put_cstring(authctxt->method->name);
1222 packet_put_char(have_sig);
djm@openbsd.org14b5c632018-01-23 05:27:21 +00001223 packet_put_cstring(key_sign_encode(id->key));
Ben Lindstrom266dfdf2001-03-09 00:12:22 +00001224 packet_put_string(blob, bloblen);
Darren Tuckera627d422013-06-02 07:31:17 +10001225 free(blob);
Ben Lindstrom266dfdf2001-03-09 00:12:22 +00001226 packet_send();
1227 return 1;
1228}
1229
markus@openbsd.org54d90ac2017-05-30 08:52:19 +00001230static struct sshkey *
jcs@openbsd.orgf361df42015-11-15 22:26:49 +00001231load_identity_file(Identity *id)
Ben Lindstrom266dfdf2001-03-09 00:12:22 +00001232{
markus@openbsd.org54d90ac2017-05-30 08:52:19 +00001233 struct sshkey *private = NULL;
jcs@openbsd.orgf361df42015-11-15 22:26:49 +00001234 char prompt[300], *passphrase, *comment;
djm@openbsd.orgf14564c2015-01-15 11:04:36 +00001235 int r, perm_ok = 0, quit = 0, i;
Ben Lindstrom329782e2001-03-10 17:08:59 +00001236 struct stat st;
Ben Lindstrom266dfdf2001-03-09 00:12:22 +00001237
jcs@openbsd.orgf361df42015-11-15 22:26:49 +00001238 if (stat(id->filename, &st) < 0) {
1239 (id->userprovided ? logit : debug3)("no such identity: %s: %s",
1240 id->filename, strerror(errno));
Ben Lindstrom329782e2001-03-10 17:08:59 +00001241 return NULL;
1242 }
djm@openbsd.org141efe42015-01-14 20:05:27 +00001243 snprintf(prompt, sizeof prompt,
jcs@openbsd.orgf361df42015-11-15 22:26:49 +00001244 "Enter passphrase for key '%.100s': ", id->filename);
djm@openbsd.org141efe42015-01-14 20:05:27 +00001245 for (i = 0; i <= options.number_of_password_prompts; i++) {
1246 if (i == 0)
1247 passphrase = "";
1248 else {
Damien Miller62cee002000-09-23 17:15:56 +11001249 passphrase = read_passphrase(prompt, 0);
djm@openbsd.org141efe42015-01-14 20:05:27 +00001250 if (*passphrase == '\0') {
Damien Miller62cee002000-09-23 17:15:56 +11001251 debug2("no passphrase given, try next key");
djm@openbsd.org141efe42015-01-14 20:05:27 +00001252 free(passphrase);
1253 break;
Damien Miller62cee002000-09-23 17:15:56 +11001254 }
djm@openbsd.org141efe42015-01-14 20:05:27 +00001255 }
jcs@openbsd.orgf361df42015-11-15 22:26:49 +00001256 switch ((r = sshkey_load_private_type(KEY_UNSPEC, id->filename,
1257 passphrase, &private, &comment, &perm_ok))) {
djm@openbsd.org141efe42015-01-14 20:05:27 +00001258 case 0:
1259 break;
1260 case SSH_ERR_KEY_WRONG_PASSPHRASE:
1261 if (options.batch_mode) {
1262 quit = 1;
1263 break;
1264 }
djm@openbsd.orgf14564c2015-01-15 11:04:36 +00001265 if (i != 0)
1266 debug2("bad passphrase given, try again...");
djm@openbsd.org141efe42015-01-14 20:05:27 +00001267 break;
1268 case SSH_ERR_SYSTEM_ERROR:
1269 if (errno == ENOENT) {
1270 debug2("Load key \"%s\": %s",
jcs@openbsd.orgf361df42015-11-15 22:26:49 +00001271 id->filename, ssh_err(r));
djm@openbsd.org141efe42015-01-14 20:05:27 +00001272 quit = 1;
1273 break;
1274 }
1275 /* FALLTHROUGH */
1276 default:
jcs@openbsd.orgf361df42015-11-15 22:26:49 +00001277 error("Load key \"%s\": %s", id->filename, ssh_err(r));
djm@openbsd.org141efe42015-01-14 20:05:27 +00001278 quit = 1;
1279 break;
1280 }
djm@openbsd.org6064a8b2015-12-04 00:24:55 +00001281 if (!quit && private != NULL && id->agent_fd == -1 &&
jcs@openbsd.orgf361df42015-11-15 22:26:49 +00001282 !(id->key && id->isprivate))
1283 maybe_add_key_to_agent(id->filename, private, comment,
1284 passphrase);
djm@openbsd.org141efe42015-01-14 20:05:27 +00001285 if (i > 0) {
Damien Millera5103f42014-02-04 11:20:14 +11001286 explicit_bzero(passphrase, strlen(passphrase));
Darren Tuckera627d422013-06-02 07:31:17 +10001287 free(passphrase);
Damien Miller62cee002000-09-23 17:15:56 +11001288 }
mmcc@openbsd.orgd59ce082015-12-10 17:08:40 +00001289 free(comment);
djm@openbsd.org141efe42015-01-14 20:05:27 +00001290 if (private != NULL || quit)
1291 break;
Damien Miller994cf142000-07-21 10:19:44 +10001292 }
Ben Lindstrom266dfdf2001-03-09 00:12:22 +00001293 return private;
1294}
1295
Damien Miller280ecfb2003-05-14 13:46:00 +10001296/*
1297 * try keys in the following order:
djm@openbsd.org4e44a792015-09-24 06:15:11 +00001298 * 1. certificates listed in the config file
1299 * 2. other input certificates
1300 * 3. agent keys that are found in the config file
1301 * 4. other agent keys
1302 * 5. keys that are only listed in the config file
Damien Miller280ecfb2003-05-14 13:46:00 +10001303 */
1304static void
1305pubkey_prepare(Authctxt *authctxt)
Ben Lindstrom266dfdf2001-03-09 00:12:22 +00001306{
djm@openbsd.org141efe42015-01-14 20:05:27 +00001307 struct identity *id, *id2, *tmp;
1308 struct idlist agent, files, *preferred;
1309 struct sshkey *key;
djm@openbsd.org6064a8b2015-12-04 00:24:55 +00001310 int agent_fd = -1, i, r, found;
djm@openbsd.org141efe42015-01-14 20:05:27 +00001311 size_t j;
1312 struct ssh_identitylist *idlist;
Damien Millerad833b32000-08-23 10:46:23 +10001313
Damien Miller280ecfb2003-05-14 13:46:00 +10001314 TAILQ_INIT(&agent); /* keys from the agent */
1315 TAILQ_INIT(&files); /* keys from the config file */
1316 preferred = &authctxt->keys;
1317 TAILQ_INIT(preferred); /* preferred order of keys */
1318
Damien Millercb6b68b2012-12-03 09:49:52 +11001319 /* list of keys stored in the filesystem and PKCS#11 */
Damien Miller280ecfb2003-05-14 13:46:00 +10001320 for (i = 0; i < options.num_identity_files; i++) {
1321 key = options.identity_keys[i];
Damien Miller0a80ca12010-02-27 07:55:05 +11001322 if (key && key->cert && key->cert->type != SSH2_CERT_TYPE_USER)
1323 continue;
Damien Miller280ecfb2003-05-14 13:46:00 +10001324 options.identity_keys[i] = NULL;
Damien Miller07d86be2006-03-26 14:19:21 +11001325 id = xcalloc(1, sizeof(*id));
djm@openbsd.org6064a8b2015-12-04 00:24:55 +00001326 id->agent_fd = -1;
Damien Miller280ecfb2003-05-14 13:46:00 +10001327 id->key = key;
1328 id->filename = xstrdup(options.identity_files[i]);
Darren Tucker19104782013-04-05 11:13:08 +11001329 id->userprovided = options.identity_file_userprovided[i];
Damien Miller280ecfb2003-05-14 13:46:00 +10001330 TAILQ_INSERT_TAIL(&files, id, next);
Damien Millerad833b32000-08-23 10:46:23 +10001331 }
djm@openbsd.org4e44a792015-09-24 06:15:11 +00001332 /* list of certificates specified by user */
1333 for (i = 0; i < options.num_certificate_files; i++) {
1334 key = options.certificates[i];
1335 if (!key_is_cert(key) || key->cert == NULL ||
1336 key->cert->type != SSH2_CERT_TYPE_USER)
1337 continue;
1338 id = xcalloc(1, sizeof(*id));
djm@openbsd.org6064a8b2015-12-04 00:24:55 +00001339 id->agent_fd = -1;
djm@openbsd.org4e44a792015-09-24 06:15:11 +00001340 id->key = key;
1341 id->filename = xstrdup(options.certificate_files[i]);
1342 id->userprovided = options.certificate_file_userprovided[i];
1343 TAILQ_INSERT_TAIL(preferred, id, next);
1344 }
Damien Miller280ecfb2003-05-14 13:46:00 +10001345 /* list of keys supported by the agent */
djm@openbsd.org141efe42015-01-14 20:05:27 +00001346 if ((r = ssh_get_authentication_socket(&agent_fd)) != 0) {
1347 if (r != SSH_ERR_AGENT_NOT_PRESENT)
1348 debug("%s: ssh_get_authentication_socket: %s",
1349 __func__, ssh_err(r));
naddy@openbsd.org3e371bd2017-05-05 10:42:49 +00001350 } else if ((r = ssh_fetch_identitylist(agent_fd, &idlist)) != 0) {
djm@openbsd.org141efe42015-01-14 20:05:27 +00001351 if (r != SSH_ERR_AGENT_NO_IDENTITIES)
1352 debug("%s: ssh_fetch_identitylist: %s",
1353 __func__, ssh_err(r));
markus@openbsd.orgfc77ccd2016-01-14 22:56:56 +00001354 close(agent_fd);
djm@openbsd.org141efe42015-01-14 20:05:27 +00001355 } else {
1356 for (j = 0; j < idlist->nkeys; j++) {
Damien Miller280ecfb2003-05-14 13:46:00 +10001357 found = 0;
1358 TAILQ_FOREACH(id, &files, next) {
djm@openbsd.org141efe42015-01-14 20:05:27 +00001359 /*
1360 * agent keys from the config file are
1361 * preferred
1362 */
1363 if (sshkey_equal(idlist->keys[j], id->key)) {
Damien Miller280ecfb2003-05-14 13:46:00 +10001364 TAILQ_REMOVE(&files, id, next);
1365 TAILQ_INSERT_TAIL(preferred, id, next);
djm@openbsd.org141efe42015-01-14 20:05:27 +00001366 id->agent_fd = agent_fd;
Damien Miller280ecfb2003-05-14 13:46:00 +10001367 found = 1;
1368 break;
1369 }
1370 }
Damien Millerbd394c32004-03-08 23:12:36 +11001371 if (!found && !options.identities_only) {
Damien Miller07d86be2006-03-26 14:19:21 +11001372 id = xcalloc(1, sizeof(*id));
djm@openbsd.org141efe42015-01-14 20:05:27 +00001373 /* XXX "steals" key/comment from idlist */
1374 id->key = idlist->keys[j];
1375 id->filename = idlist->comments[j];
1376 idlist->keys[j] = NULL;
1377 idlist->comments[j] = NULL;
1378 id->agent_fd = agent_fd;
Damien Miller280ecfb2003-05-14 13:46:00 +10001379 TAILQ_INSERT_TAIL(&agent, id, next);
1380 }
1381 }
djm@openbsd.org141efe42015-01-14 20:05:27 +00001382 ssh_free_identitylist(idlist);
Damien Miller280ecfb2003-05-14 13:46:00 +10001383 /* append remaining agent keys */
1384 for (id = TAILQ_FIRST(&agent); id; id = TAILQ_FIRST(&agent)) {
1385 TAILQ_REMOVE(&agent, id, next);
1386 TAILQ_INSERT_TAIL(preferred, id, next);
1387 }
djm@openbsd.org141efe42015-01-14 20:05:27 +00001388 authctxt->agent_fd = agent_fd;
Damien Miller62cee002000-09-23 17:15:56 +11001389 }
djm@openbsd.org82f24c32016-05-23 23:30:50 +00001390 /* Prefer PKCS11 keys that are explicitly listed */
1391 TAILQ_FOREACH_SAFE(id, &files, next, tmp) {
1392 if (id->key == NULL || (id->key->flags & SSHKEY_FLAG_EXT) == 0)
1393 continue;
1394 found = 0;
1395 TAILQ_FOREACH(id2, &files, next) {
1396 if (id2->key == NULL ||
1397 (id2->key->flags & SSHKEY_FLAG_EXT) == 0)
1398 continue;
1399 if (sshkey_equal(id->key, id2->key)) {
1400 TAILQ_REMOVE(&files, id, next);
1401 TAILQ_INSERT_TAIL(preferred, id, next);
1402 found = 1;
1403 break;
1404 }
1405 }
1406 /* If IdentitiesOnly set and key not found then don't use it */
1407 if (!found && options.identities_only) {
1408 TAILQ_REMOVE(&files, id, next);
1409 explicit_bzero(id, sizeof(*id));
1410 free(id);
1411 }
1412 }
Damien Miller280ecfb2003-05-14 13:46:00 +10001413 /* append remaining keys from the config file */
1414 for (id = TAILQ_FIRST(&files); id; id = TAILQ_FIRST(&files)) {
1415 TAILQ_REMOVE(&files, id, next);
1416 TAILQ_INSERT_TAIL(preferred, id, next);
1417 }
djm@openbsd.orge679c092015-10-13 16:15:21 +00001418 /* finally, filter by PubkeyAcceptedKeyTypes */
1419 TAILQ_FOREACH_SAFE(id, preferred, next, id2) {
1420 if (id->key != NULL &&
1421 match_pattern_list(sshkey_ssh_name(id->key),
1422 options.pubkey_key_types, 0) != 1) {
1423 debug("Skipping %s key %s - "
1424 "not in PubkeyAcceptedKeyTypes",
1425 sshkey_ssh_name(id->key), id->filename);
1426 TAILQ_REMOVE(preferred, id, next);
1427 sshkey_free(id->key);
1428 free(id->filename);
1429 memset(id, 0, sizeof(*id));
1430 continue;
1431 }
djm@openbsd.org6064a8b2015-12-04 00:24:55 +00001432 debug2("key: %s (%p)%s%s", id->filename, id->key,
1433 id->userprovided ? ", explicit" : "",
1434 id->agent_fd != -1 ? ", agent" : "");
Damien Miller280ecfb2003-05-14 13:46:00 +10001435 }
1436}
1437
1438static void
1439pubkey_cleanup(Authctxt *authctxt)
1440{
1441 Identity *id;
1442
djm@openbsd.org141efe42015-01-14 20:05:27 +00001443 if (authctxt->agent_fd != -1)
1444 ssh_close_authentication_socket(authctxt->agent_fd);
Damien Miller280ecfb2003-05-14 13:46:00 +10001445 for (id = TAILQ_FIRST(&authctxt->keys); id;
1446 id = TAILQ_FIRST(&authctxt->keys)) {
1447 TAILQ_REMOVE(&authctxt->keys, id, next);
mmcc@openbsd.org89540b62015-12-11 02:31:47 +00001448 sshkey_free(id->key);
Darren Tuckera627d422013-06-02 07:31:17 +10001449 free(id->filename);
1450 free(id);
Damien Miller280ecfb2003-05-14 13:46:00 +10001451 }
Damien Millereba71ba2000-04-29 23:57:08 +10001452}
1453
djm@openbsd.orgb9844a42016-12-04 23:54:02 +00001454static void
1455pubkey_reset(Authctxt *authctxt)
1456{
1457 Identity *id;
1458
1459 TAILQ_FOREACH(id, &authctxt->keys, next)
1460 id->tried = 0;
1461}
1462
markus@openbsd.org3a1638d2015-07-10 06:21:53 +00001463static int
1464try_identity(Identity *id)
1465{
1466 if (!id->key)
1467 return (0);
markus@openbsd.org3a1638d2015-07-10 06:21:53 +00001468 if (key_type_plain(id->key->type) == KEY_RSA &&
1469 (datafellows & SSH_BUG_RSASIGMD5) != 0) {
1470 debug("Skipped %s key %s for RSA/MD5 server",
1471 key_type(id->key), id->filename);
1472 return (0);
1473 }
djm@openbsd.org873d3e72017-04-30 23:18:44 +00001474 return 1;
markus@openbsd.org3a1638d2015-07-10 06:21:53 +00001475}
1476
Damien Miller62cee002000-09-23 17:15:56 +11001477int
1478userauth_pubkey(Authctxt *authctxt)
Damien Millereba71ba2000-04-29 23:57:08 +10001479{
Damien Miller280ecfb2003-05-14 13:46:00 +10001480 Identity *id;
Damien Miller62cee002000-09-23 17:15:56 +11001481 int sent = 0;
djm@openbsd.org6830be92017-04-28 03:24:53 +00001482 char *fp;
Damien Millereba71ba2000-04-29 23:57:08 +10001483
Damien Miller280ecfb2003-05-14 13:46:00 +10001484 while ((id = TAILQ_FIRST(&authctxt->keys))) {
1485 if (id->tried++)
1486 return (0);
Darren Tuckerd05b6012003-10-15 15:55:59 +10001487 /* move key to the end of the queue */
Damien Miller280ecfb2003-05-14 13:46:00 +10001488 TAILQ_REMOVE(&authctxt->keys, id, next);
1489 TAILQ_INSERT_TAIL(&authctxt->keys, id, next);
1490 /*
1491 * send a test message if we have the public key. for
1492 * encrypted keys we cannot do this and have to load the
1493 * private key instead
1494 */
Damien Miller324541e2013-12-31 12:25:40 +11001495 if (id->key != NULL) {
markus@openbsd.org3a1638d2015-07-10 06:21:53 +00001496 if (try_identity(id)) {
djm@openbsd.org6830be92017-04-28 03:24:53 +00001497 if ((fp = sshkey_fingerprint(id->key,
1498 options.fingerprint_hash,
1499 SSH_FP_DEFAULT)) == NULL) {
1500 error("%s: sshkey_fingerprint failed",
1501 __func__);
1502 return 0;
1503 }
1504 debug("Offering public key: %s %s %s",
1505 sshkey_type(id->key), fp, id->filename);
1506 free(fp);
Damien Miller324541e2013-12-31 12:25:40 +11001507 sent = send_pubkey_test(authctxt, id);
1508 }
1509 } else {
Damien Miller280ecfb2003-05-14 13:46:00 +10001510 debug("Trying private key: %s", id->filename);
jcs@openbsd.orgf361df42015-11-15 22:26:49 +00001511 id->key = load_identity_file(id);
Damien Miller280ecfb2003-05-14 13:46:00 +10001512 if (id->key != NULL) {
markus@openbsd.org3a1638d2015-07-10 06:21:53 +00001513 if (try_identity(id)) {
1514 id->isprivate = 1;
Damien Miller324541e2013-12-31 12:25:40 +11001515 sent = sign_and_send_pubkey(
1516 authctxt, id);
1517 }
Damien Miller280ecfb2003-05-14 13:46:00 +10001518 key_free(id->key);
1519 id->key = NULL;
djm@openbsd.orgb9844a42016-12-04 23:54:02 +00001520 id->isprivate = 0;
Ben Lindstrom266dfdf2001-03-09 00:12:22 +00001521 }
Ben Lindstrom266dfdf2001-03-09 00:12:22 +00001522 }
Damien Miller280ecfb2003-05-14 13:46:00 +10001523 if (sent)
1524 return (sent);
Damien Miller0bc1bd82000-11-13 22:57:25 +11001525 }
Damien Miller280ecfb2003-05-14 13:46:00 +10001526 return (0);
Damien Miller62cee002000-09-23 17:15:56 +11001527}
Damien Millereba71ba2000-04-29 23:57:08 +10001528
Damien Miller874d77b2000-10-14 16:23:11 +11001529/*
1530 * Send userauth request message specifying keyboard-interactive method.
1531 */
1532int
1533userauth_kbdint(Authctxt *authctxt)
1534{
1535 static int attempt = 0;
1536
1537 if (attempt++ >= options.number_of_password_prompts)
1538 return 0;
Ben Lindstrom7d199962001-09-12 18:29:00 +00001539 /* disable if no SSH2_MSG_USERAUTH_INFO_REQUEST has been seen */
1540 if (attempt > 1 && !authctxt->info_req_seen) {
1541 debug3("userauth_kbdint: disable: no info_req_seen");
1542 dispatch_set(SSH2_MSG_USERAUTH_INFO_REQUEST, NULL);
1543 return 0;
1544 }
Damien Miller874d77b2000-10-14 16:23:11 +11001545
1546 debug2("userauth_kbdint");
1547 packet_start(SSH2_MSG_USERAUTH_REQUEST);
1548 packet_put_cstring(authctxt->server_user);
1549 packet_put_cstring(authctxt->service);
1550 packet_put_cstring(authctxt->method->name);
1551 packet_put_cstring(""); /* lang */
1552 packet_put_cstring(options.kbd_interactive_devices ?
1553 options.kbd_interactive_devices : "");
1554 packet_send();
Damien Miller874d77b2000-10-14 16:23:11 +11001555
1556 dispatch_set(SSH2_MSG_USERAUTH_INFO_REQUEST, &input_userauth_info_req);
1557 return 1;
1558}
1559
1560/*
Ben Lindstrom03df5bd2001-02-10 22:16:41 +00001561 * parse INFO_REQUEST, prompt user and send INFO_RESPONSE
Damien Miller874d77b2000-10-14 16:23:11 +11001562 */
markus@openbsd.org3fdc88a2015-01-19 20:07:45 +00001563int
markus@openbsd.org2ae666a2017-05-30 14:23:52 +00001564input_userauth_info_req(int type, u_int32_t seq, struct ssh *ssh)
Damien Miller874d77b2000-10-14 16:23:11 +11001565{
markus@openbsd.org94583be2017-05-30 14:19:15 +00001566 Authctxt *authctxt = ssh->authctxt;
Ben Lindstrom03df5bd2001-02-10 22:16:41 +00001567 char *name, *inst, *lang, *prompt, *response;
Ben Lindstrom46c16222000-12-22 01:43:59 +00001568 u_int num_prompts, i;
Damien Miller874d77b2000-10-14 16:23:11 +11001569 int echo = 0;
1570
1571 debug2("input_userauth_info_req");
1572
1573 if (authctxt == NULL)
1574 fatal("input_userauth_info_req: no authentication context");
1575
Ben Lindstrom7d199962001-09-12 18:29:00 +00001576 authctxt->info_req_seen = 1;
1577
Damien Miller874d77b2000-10-14 16:23:11 +11001578 name = packet_get_string(NULL);
1579 inst = packet_get_string(NULL);
1580 lang = packet_get_string(NULL);
Damien Miller874d77b2000-10-14 16:23:11 +11001581 if (strlen(name) > 0)
Damien Miller996acd22003-04-09 20:59:48 +10001582 logit("%s", name);
Damien Miller874d77b2000-10-14 16:23:11 +11001583 if (strlen(inst) > 0)
Damien Miller996acd22003-04-09 20:59:48 +10001584 logit("%s", inst);
Darren Tuckera627d422013-06-02 07:31:17 +10001585 free(name);
1586 free(inst);
1587 free(lang);
Damien Miller874d77b2000-10-14 16:23:11 +11001588
1589 num_prompts = packet_get_int();
1590 /*
1591 * Begin to build info response packet based on prompts requested.
1592 * We commit to providing the correct number of responses, so if
1593 * further on we run into a problem that prevents this, we have to
1594 * be sure and clean this up and send a correct error response.
1595 */
1596 packet_start(SSH2_MSG_USERAUTH_INFO_RESPONSE);
1597 packet_put_int(num_prompts);
1598
Ben Lindstrom551ea372001-06-05 18:56:16 +00001599 debug2("input_userauth_info_req: num_prompts %d", num_prompts);
Damien Miller874d77b2000-10-14 16:23:11 +11001600 for (i = 0; i < num_prompts; i++) {
1601 prompt = packet_get_string(NULL);
1602 echo = packet_get_char();
1603
Ben Lindstrom949974b2001-06-25 05:20:31 +00001604 response = read_passphrase(prompt, echo ? RP_ECHO : 0);
Damien Miller874d77b2000-10-14 16:23:11 +11001605
Ben Lindstrom5699c5f2001-03-05 06:17:49 +00001606 packet_put_cstring(response);
Damien Millera5103f42014-02-04 11:20:14 +11001607 explicit_bzero(response, strlen(response));
Darren Tuckera627d422013-06-02 07:31:17 +10001608 free(response);
1609 free(prompt);
Damien Miller874d77b2000-10-14 16:23:11 +11001610 }
Damien Miller48b03fc2002-01-22 23:11:40 +11001611 packet_check_eom(); /* done with parsing incoming message. */
Damien Miller874d77b2000-10-14 16:23:11 +11001612
Damien Miller9f643902001-11-12 11:02:52 +11001613 packet_add_padding(64);
Damien Miller874d77b2000-10-14 16:23:11 +11001614 packet_send();
markus@openbsd.org3fdc88a2015-01-19 20:07:45 +00001615 return 0;
Damien Miller874d77b2000-10-14 16:23:11 +11001616}
Damien Miller62cee002000-09-23 17:15:56 +11001617
Ben Lindstrom1bad2562002-06-06 19:57:33 +00001618static int
djm@openbsd.org46347ed2015-01-30 11:43:14 +00001619ssh_keysign(struct sshkey *key, u_char **sigp, size_t *lenp,
1620 const u_char *data, size_t datalen)
Ben Lindstrom1bad2562002-06-06 19:57:33 +00001621{
djm@openbsd.org46347ed2015-01-30 11:43:14 +00001622 struct sshbuf *b;
Ben Lindstrom5206b952002-06-06 19:59:29 +00001623 struct stat st;
Ben Lindstrom1bad2562002-06-06 19:57:33 +00001624 pid_t pid;
djm@openbsd.org46347ed2015-01-30 11:43:14 +00001625 int i, r, to[2], from[2], status, sock = packet_get_connection_in();
1626 u_char rversion = 0, version = 2;
1627 void (*osigchld)(int);
Ben Lindstrom1bad2562002-06-06 19:57:33 +00001628
djm@openbsd.org46347ed2015-01-30 11:43:14 +00001629 *sigp = NULL;
1630 *lenp = 0;
Ben Lindstrom1bad2562002-06-06 19:57:33 +00001631
Ben Lindstrom5206b952002-06-06 19:59:29 +00001632 if (stat(_PATH_SSH_KEY_SIGN, &st) < 0) {
djm@openbsd.org46347ed2015-01-30 11:43:14 +00001633 error("%s: not installed: %s", __func__, strerror(errno));
Ben Lindstrom5206b952002-06-06 19:59:29 +00001634 return -1;
1635 }
djm@openbsd.org46347ed2015-01-30 11:43:14 +00001636 if (fflush(stdout) != 0) {
1637 error("%s: fflush: %s", __func__, strerror(errno));
1638 return -1;
1639 }
Ben Lindstrom1bad2562002-06-06 19:57:33 +00001640 if (pipe(to) < 0) {
djm@openbsd.org46347ed2015-01-30 11:43:14 +00001641 error("%s: pipe: %s", __func__, strerror(errno));
Ben Lindstrom1bad2562002-06-06 19:57:33 +00001642 return -1;
1643 }
1644 if (pipe(from) < 0) {
djm@openbsd.org46347ed2015-01-30 11:43:14 +00001645 error("%s: pipe: %s", __func__, strerror(errno));
Ben Lindstrom1bad2562002-06-06 19:57:33 +00001646 return -1;
1647 }
1648 if ((pid = fork()) < 0) {
djm@openbsd.org46347ed2015-01-30 11:43:14 +00001649 error("%s: fork: %s", __func__, strerror(errno));
Ben Lindstrom1bad2562002-06-06 19:57:33 +00001650 return -1;
1651 }
djm@openbsd.org46347ed2015-01-30 11:43:14 +00001652 osigchld = signal(SIGCHLD, SIG_DFL);
Ben Lindstrom1bad2562002-06-06 19:57:33 +00001653 if (pid == 0) {
Darren Tucker6e7fe1c2010-01-08 17:07:22 +11001654 /* keep the socket on exec */
djm@openbsd.org46347ed2015-01-30 11:43:14 +00001655 fcntl(sock, F_SETFD, 0);
Damien Miller2e5fe882006-06-13 13:10:00 +10001656 permanently_drop_suid(getuid());
Ben Lindstrom1bad2562002-06-06 19:57:33 +00001657 close(from[0]);
1658 if (dup2(from[1], STDOUT_FILENO) < 0)
djm@openbsd.org46347ed2015-01-30 11:43:14 +00001659 fatal("%s: dup2: %s", __func__, strerror(errno));
Ben Lindstrom1bad2562002-06-06 19:57:33 +00001660 close(to[1]);
1661 if (dup2(to[0], STDIN_FILENO) < 0)
djm@openbsd.org46347ed2015-01-30 11:43:14 +00001662 fatal("%s: dup2: %s", __func__, strerror(errno));
Ben Lindstromcec2ea82002-06-06 20:51:04 +00001663 close(from[1]);
1664 close(to[0]);
djm@openbsd.org46347ed2015-01-30 11:43:14 +00001665 /* Close everything but stdio and the socket */
1666 for (i = STDERR_FILENO + 1; i < sock; i++)
1667 close(i);
1668 closefrom(sock + 1);
1669 debug3("%s: [child] pid=%ld, exec %s",
1670 __func__, (long)getpid(), _PATH_SSH_KEY_SIGN);
mmcc@openbsd.org94141b72015-12-11 00:20:04 +00001671 execl(_PATH_SSH_KEY_SIGN, _PATH_SSH_KEY_SIGN, (char *)NULL);
djm@openbsd.org46347ed2015-01-30 11:43:14 +00001672 fatal("%s: exec(%s): %s", __func__, _PATH_SSH_KEY_SIGN,
Ben Lindstrom1bad2562002-06-06 19:57:33 +00001673 strerror(errno));
1674 }
1675 close(from[1]);
1676 close(to[0]);
1677
djm@openbsd.org46347ed2015-01-30 11:43:14 +00001678 if ((b = sshbuf_new()) == NULL)
1679 fatal("%s: sshbuf_new failed", __func__);
1680 /* send # of sock, data to be signed */
djm@openbsd.org326e2fa2017-01-30 00:32:28 +00001681 if ((r = sshbuf_put_u32(b, sock)) != 0 ||
djm@openbsd.org46347ed2015-01-30 11:43:14 +00001682 (r = sshbuf_put_string(b, data, datalen)) != 0)
1683 fatal("%s: buffer error: %s", __func__, ssh_err(r));
1684 if (ssh_msg_send(to[1], version, b) == -1)
1685 fatal("%s: couldn't send request", __func__);
1686 sshbuf_reset(b);
1687 r = ssh_msg_recv(from[0], b);
Ben Lindstrom1bad2562002-06-06 19:57:33 +00001688 close(from[0]);
1689 close(to[1]);
djm@openbsd.org46347ed2015-01-30 11:43:14 +00001690 if (r < 0) {
1691 error("%s: no reply", __func__);
1692 goto fail;
1693 }
Ben Lindstrom1bad2562002-06-06 19:57:33 +00001694
djm@openbsd.org46347ed2015-01-30 11:43:14 +00001695 errno = 0;
1696 while (waitpid(pid, &status, 0) < 0) {
1697 if (errno != EINTR) {
1698 error("%s: waitpid %ld: %s",
1699 __func__, (long)pid, strerror(errno));
1700 goto fail;
1701 }
1702 }
1703 if (!WIFEXITED(status)) {
1704 error("%s: exited abnormally", __func__);
1705 goto fail;
1706 }
1707 if (WEXITSTATUS(status) != 0) {
1708 error("%s: exited with status %d",
1709 __func__, WEXITSTATUS(status));
1710 goto fail;
1711 }
1712 if ((r = sshbuf_get_u8(b, &rversion)) != 0) {
1713 error("%s: buffer error: %s", __func__, ssh_err(r));
1714 goto fail;
1715 }
1716 if (rversion != version) {
1717 error("%s: bad version", __func__);
1718 goto fail;
1719 }
1720 if ((r = sshbuf_get_string(b, sigp, lenp)) != 0) {
1721 error("%s: buffer error: %s", __func__, ssh_err(r));
1722 fail:
1723 signal(SIGCHLD, osigchld);
1724 sshbuf_free(b);
Ben Lindstrom5206b952002-06-06 19:59:29 +00001725 return -1;
1726 }
djm@openbsd.org46347ed2015-01-30 11:43:14 +00001727 signal(SIGCHLD, osigchld);
1728 sshbuf_free(b);
Ben Lindstrom5206b952002-06-06 19:59:29 +00001729
Ben Lindstrom1bad2562002-06-06 19:57:33 +00001730 return 0;
1731}
1732
Ben Lindstrom5eabda32001-04-12 23:34:34 +00001733int
1734userauth_hostbased(Authctxt *authctxt)
1735{
djm@openbsd.org46347ed2015-01-30 11:43:14 +00001736 struct ssh *ssh = active_state;
1737 struct sshkey *private = NULL;
1738 struct sshbuf *b = NULL;
djm@openbsd.org46347ed2015-01-30 11:43:14 +00001739 u_char *sig = NULL, *keyblob = NULL;
1740 char *fp = NULL, *chost = NULL, *lname = NULL;
1741 size_t siglen = 0, keylen = 0;
1742 int i, r, success = 0;
Ben Lindstrom5eabda32001-04-12 23:34:34 +00001743
djm@openbsd.org46347ed2015-01-30 11:43:14 +00001744 if (authctxt->ktypes == NULL) {
1745 authctxt->oktypes = xstrdup(options.hostbased_key_types);
1746 authctxt->ktypes = authctxt->oktypes;
1747 }
djm@openbsd.org1195f4c2015-01-08 10:14:08 +00001748
djm@openbsd.org46347ed2015-01-30 11:43:14 +00001749 /*
1750 * Work through each listed type pattern in HostbasedKeyTypes,
1751 * trying each hostkey that matches the type in turn.
1752 */
1753 for (;;) {
1754 if (authctxt->active_ktype == NULL)
1755 authctxt->active_ktype = strsep(&authctxt->ktypes, ",");
1756 if (authctxt->active_ktype == NULL ||
1757 *authctxt->active_ktype == '\0')
1758 break;
1759 debug3("%s: trying key type %s", __func__,
1760 authctxt->active_ktype);
1761
1762 /* check for a useful key */
1763 private = NULL;
1764 for (i = 0; i < authctxt->sensitive->nkeys; i++) {
1765 if (authctxt->sensitive->keys[i] == NULL ||
djm@openbsd.org46347ed2015-01-30 11:43:14 +00001766 authctxt->sensitive->keys[i]->type == KEY_UNSPEC)
1767 continue;
1768 if (match_pattern_list(
1769 sshkey_ssh_name(authctxt->sensitive->keys[i]),
djm@openbsd.orge661a862015-05-04 06:10:48 +00001770 authctxt->active_ktype, 0) != 1)
djm@openbsd.org46347ed2015-01-30 11:43:14 +00001771 continue;
Ben Lindstrom5eabda32001-04-12 23:34:34 +00001772 /* we take and free the key */
djm@openbsd.org46347ed2015-01-30 11:43:14 +00001773 private = authctxt->sensitive->keys[i];
1774 authctxt->sensitive->keys[i] = NULL;
Ben Lindstrom5eabda32001-04-12 23:34:34 +00001775 break;
1776 }
djm@openbsd.org46347ed2015-01-30 11:43:14 +00001777 /* Found one */
1778 if (private != NULL)
1779 break;
1780 /* No more keys of this type; advance */
1781 authctxt->active_ktype = NULL;
Ben Lindstrom5eabda32001-04-12 23:34:34 +00001782 }
djm@openbsd.org46347ed2015-01-30 11:43:14 +00001783 if (private == NULL) {
1784 free(authctxt->oktypes);
1785 authctxt->oktypes = authctxt->ktypes = NULL;
1786 authctxt->active_ktype = NULL;
Ben Lindstrom1d568f92002-12-23 02:44:36 +00001787 debug("No more client hostkeys for hostbased authentication.");
djm@openbsd.org46347ed2015-01-30 11:43:14 +00001788 goto out;
Ben Lindstrom5eabda32001-04-12 23:34:34 +00001789 }
djm@openbsd.org17bf3d82014-12-11 05:13:28 +00001790
djm@openbsd.org46347ed2015-01-30 11:43:14 +00001791 if ((fp = sshkey_fingerprint(private, options.fingerprint_hash,
1792 SSH_FP_DEFAULT)) == NULL) {
1793 error("%s: sshkey_fingerprint failed", __func__);
1794 goto out;
Ben Lindstrom5eabda32001-04-12 23:34:34 +00001795 }
djm@openbsd.org46347ed2015-01-30 11:43:14 +00001796 debug("%s: trying hostkey %s %s",
1797 __func__, sshkey_ssh_name(private), fp);
djm@openbsd.org17bf3d82014-12-11 05:13:28 +00001798
Damien Miller91c18472001-11-12 11:02:03 +11001799 /* figure out a name for the client host */
djm@openbsd.org46347ed2015-01-30 11:43:14 +00001800 if ((lname = get_local_name(packet_get_connection_in())) == NULL) {
1801 error("%s: cannot get local ipaddr/name", __func__);
1802 goto out;
Damien Miller91c18472001-11-12 11:02:03 +11001803 }
djm@openbsd.org46347ed2015-01-30 11:43:14 +00001804
1805 /* XXX sshbuf_put_stringf? */
1806 xasprintf(&chost, "%s.", lname);
1807 debug2("%s: chost %s", __func__, chost);
Damien Miller91c18472001-11-12 11:02:03 +11001808
djm@openbsd.org46347ed2015-01-30 11:43:14 +00001809 /* construct data */
1810 if ((b = sshbuf_new()) == NULL) {
1811 error("%s: sshbuf_new failed", __func__);
1812 goto out;
1813 }
1814 if ((r = sshkey_to_blob(private, &keyblob, &keylen)) != 0) {
1815 error("%s: sshkey_to_blob: %s", __func__, ssh_err(r));
1816 goto out;
1817 }
1818 if ((r = sshbuf_put_string(b, session_id2, session_id2_len)) != 0 ||
1819 (r = sshbuf_put_u8(b, SSH2_MSG_USERAUTH_REQUEST)) != 0 ||
1820 (r = sshbuf_put_cstring(b, authctxt->server_user)) != 0 ||
djm@openbsd.org14b5c632018-01-23 05:27:21 +00001821 (r = sshbuf_put_cstring(b, authctxt->service)) != 0 ||
djm@openbsd.org46347ed2015-01-30 11:43:14 +00001822 (r = sshbuf_put_cstring(b, authctxt->method->name)) != 0 ||
1823 (r = sshbuf_put_cstring(b, key_ssh_name(private))) != 0 ||
1824 (r = sshbuf_put_string(b, keyblob, keylen)) != 0 ||
1825 (r = sshbuf_put_cstring(b, chost)) != 0 ||
1826 (r = sshbuf_put_cstring(b, authctxt->local_user)) != 0) {
1827 error("%s: buffer error: %s", __func__, ssh_err(r));
1828 goto out;
1829 }
1830
1831#ifdef DEBUG_PK
1832 sshbuf_dump(b, stderr);
1833#endif
1834 if (authctxt->sensitive->external_keysign)
1835 r = ssh_keysign(private, &sig, &siglen,
1836 sshbuf_ptr(b), sshbuf_len(b));
1837 else if ((r = sshkey_sign(private, &sig, &siglen,
markus@openbsd.org76c9fbb2015-12-04 16:41:28 +00001838 sshbuf_ptr(b), sshbuf_len(b), NULL, datafellows)) != 0)
djm@openbsd.org46347ed2015-01-30 11:43:14 +00001839 debug("%s: sshkey_sign: %s", __func__, ssh_err(r));
1840 if (r != 0) {
1841 error("sign using hostkey %s %s failed",
1842 sshkey_ssh_name(private), fp);
1843 goto out;
1844 }
1845 if ((r = sshpkt_start(ssh, SSH2_MSG_USERAUTH_REQUEST)) != 0 ||
1846 (r = sshpkt_put_cstring(ssh, authctxt->server_user)) != 0 ||
1847 (r = sshpkt_put_cstring(ssh, authctxt->service)) != 0 ||
1848 (r = sshpkt_put_cstring(ssh, authctxt->method->name)) != 0 ||
1849 (r = sshpkt_put_cstring(ssh, key_ssh_name(private))) != 0 ||
1850 (r = sshpkt_put_string(ssh, keyblob, keylen)) != 0 ||
1851 (r = sshpkt_put_cstring(ssh, chost)) != 0 ||
1852 (r = sshpkt_put_cstring(ssh, authctxt->local_user)) != 0 ||
1853 (r = sshpkt_put_string(ssh, sig, siglen)) != 0 ||
1854 (r = sshpkt_send(ssh)) != 0) {
1855 error("%s: packet error: %s", __func__, ssh_err(r));
1856 goto out;
1857 }
1858 success = 1;
1859
1860 out:
1861 if (sig != NULL) {
1862 explicit_bzero(sig, siglen);
1863 free(sig);
1864 }
1865 free(keyblob);
1866 free(lname);
1867 free(fp);
1868 free(chost);
1869 sshkey_free(private);
1870 sshbuf_free(b);
1871
1872 return success;
Ben Lindstrom5eabda32001-04-12 23:34:34 +00001873}
1874
Damien Miller62cee002000-09-23 17:15:56 +11001875/* find auth method */
1876
Damien Miller62cee002000-09-23 17:15:56 +11001877/*
1878 * given auth method name, if configurable options permit this method fill
1879 * in auth_ident field and return true, otherwise return false.
1880 */
Ben Lindstrombba81212001-06-25 05:01:22 +00001881static int
Damien Miller62cee002000-09-23 17:15:56 +11001882authmethod_is_enabled(Authmethod *method)
1883{
1884 if (method == NULL)
1885 return 0;
1886 /* return false if options indicate this method is disabled */
1887 if (method->enabled == NULL || *method->enabled == 0)
1888 return 0;
1889 /* return false if batch mode is enabled but method needs interactive mode */
1890 if (method->batch_flag != NULL && *method->batch_flag != 0)
1891 return 0;
1892 return 1;
1893}
1894
Ben Lindstrombba81212001-06-25 05:01:22 +00001895static Authmethod *
Damien Miller62cee002000-09-23 17:15:56 +11001896authmethod_lookup(const char *name)
1897{
1898 Authmethod *method = NULL;
1899 if (name != NULL)
1900 for (method = authmethods; method->name != NULL; method++)
1901 if (strcmp(name, method->name) == 0)
1902 return method;
1903 debug2("Unrecognized authentication method name: %s", name ? name : "NULL");
1904 return NULL;
1905}
1906
Ben Lindstromb9be60a2001-03-11 01:49:19 +00001907/* XXX internal state */
1908static Authmethod *current = NULL;
1909static char *supported = NULL;
1910static char *preferred = NULL;
Ben Lindstrom5c385522002-06-23 21:23:20 +00001911
Damien Miller62cee002000-09-23 17:15:56 +11001912/*
1913 * Given the authentication method list sent by the server, return the
1914 * next method we should try. If the server initially sends a nil list,
Ben Lindstroma3700052001-04-05 23:26:32 +00001915 * use a built-in default list.
Kevin Stevesef4eea92001-02-05 12:42:17 +00001916 */
Ben Lindstrombba81212001-06-25 05:01:22 +00001917static Authmethod *
Damien Miller62cee002000-09-23 17:15:56 +11001918authmethod_get(char *authlist)
1919{
Ben Lindstromb9be60a2001-03-11 01:49:19 +00001920 char *name = NULL;
Ben Lindstromc58ab022002-02-26 18:15:09 +00001921 u_int next;
Kevin Stevesef4eea92001-02-05 12:42:17 +00001922
Damien Miller62cee002000-09-23 17:15:56 +11001923 /* Use a suitable default if we're passed a nil list. */
1924 if (authlist == NULL || strlen(authlist) == 0)
Ben Lindstromb9be60a2001-03-11 01:49:19 +00001925 authlist = options.preferred_authentications;
Damien Miller62cee002000-09-23 17:15:56 +11001926
Ben Lindstromb9be60a2001-03-11 01:49:19 +00001927 if (supported == NULL || strcmp(authlist, supported) != 0) {
1928 debug3("start over, passed a different list %s", authlist);
Darren Tuckera627d422013-06-02 07:31:17 +10001929 free(supported);
Ben Lindstromb9be60a2001-03-11 01:49:19 +00001930 supported = xstrdup(authlist);
1931 preferred = options.preferred_authentications;
1932 debug3("preferred %s", preferred);
1933 current = NULL;
1934 } else if (current != NULL && authmethod_is_enabled(current))
1935 return current;
Damien Millereba71ba2000-04-29 23:57:08 +10001936
Ben Lindstromb9be60a2001-03-11 01:49:19 +00001937 for (;;) {
1938 if ((name = match_list(preferred, supported, &next)) == NULL) {
Ben Lindstrom1d568f92002-12-23 02:44:36 +00001939 debug("No more authentication methods to try.");
Ben Lindstromb9be60a2001-03-11 01:49:19 +00001940 current = NULL;
1941 return NULL;
Damien Miller874d77b2000-10-14 16:23:11 +11001942 }
Ben Lindstromb9be60a2001-03-11 01:49:19 +00001943 preferred += next;
1944 debug3("authmethod_lookup %s", name);
1945 debug3("remaining preferred: %s", preferred);
1946 if ((current = authmethod_lookup(name)) != NULL &&
1947 authmethod_is_enabled(current)) {
1948 debug3("authmethod_is_enabled %s", name);
Ben Lindstrom1d568f92002-12-23 02:44:36 +00001949 debug("Next authentication method: %s", name);
Darren Tuckera627d422013-06-02 07:31:17 +10001950 free(name);
Ben Lindstromb9be60a2001-03-11 01:49:19 +00001951 return current;
1952 }
Darren Tuckere52a2602013-06-06 08:22:05 +10001953 free(name);
Damien Millereba71ba2000-04-29 23:57:08 +10001954 }
Ben Lindstromb9be60a2001-03-11 01:49:19 +00001955}
Damien Miller62cee002000-09-23 17:15:56 +11001956
Ben Lindstrom79073822001-07-04 03:42:30 +00001957static char *
Ben Lindstromb9be60a2001-03-11 01:49:19 +00001958authmethods_get(void)
1959{
1960 Authmethod *method = NULL;
Damien Miller0e3b8722002-01-22 23:26:38 +11001961 Buffer b;
1962 char *list;
Ben Lindstromb9be60a2001-03-11 01:49:19 +00001963
Damien Miller0e3b8722002-01-22 23:26:38 +11001964 buffer_init(&b);
Ben Lindstromb9be60a2001-03-11 01:49:19 +00001965 for (method = authmethods; method->name != NULL; method++) {
1966 if (authmethod_is_enabled(method)) {
Damien Miller0e3b8722002-01-22 23:26:38 +11001967 if (buffer_len(&b) > 0)
1968 buffer_append(&b, ",", 1);
1969 buffer_append(&b, method->name, strlen(method->name));
Ben Lindstromb9be60a2001-03-11 01:49:19 +00001970 }
Damien Miller62cee002000-09-23 17:15:56 +11001971 }
djm@openbsd.org1a31d022016-05-02 08:49:03 +00001972 if ((list = sshbuf_dup_string(&b)) == NULL)
1973 fatal("%s: sshbuf_dup_string failed", __func__);
Damien Miller0e3b8722002-01-22 23:26:38 +11001974 buffer_free(&b);
1975 return list;
Damien Millereba71ba2000-04-29 23:57:08 +10001976}
Damien Miller01ed2272008-11-05 16:20:46 +11001977