X-Git-Url: http://andersk.mit.edu/gitweb/openssh.git/blobdiff_plain/c345cf9d1095299a9077386c1188a86090d385a9..d83115683b69af0bc68f101f7494d052b7dd6a44:/authfd.c diff --git a/authfd.c b/authfd.c index a34e111a..78a53c7a 100644 --- a/authfd.c +++ b/authfd.c @@ -1,45 +1,101 @@ +/* $OpenBSD: authfd.c,v 1.81 2009/08/27 17:44:52 djm Exp $ */ /* - * - * authfd.c - * * Author: Tatu Ylonen - * * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland * All rights reserved + * Functions for connecting the local authentication agent. * - * Created: Wed Mar 29 01:30:28 1995 ylo + * As far as I am concerned, the code I have written for this software + * can be used freely for any purpose. Any derived versions of this + * software must be clearly marked as such, and if the derived work is + * incompatible with the protocol description in the RFC file, it must be + * called by a name other than "ssh" or "Secure Shell". * - * Functions for connecting the local authentication agent. + * SSH2 implementation, + * Copyright (c) 2000 Markus Friedl. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR + * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES + * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. + * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, + * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, + * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY + * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT + * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF + * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ #include "includes.h" -RCSID("$OpenBSD: authfd.c,v 1.24 2000/08/15 19:20:46 markus Exp $"); +#include +#include +#include + +#include + +#include +#include +#include +#include +#include +#include +#include + +#include "xmalloc.h" #include "ssh.h" #include "rsa.h" #include "buffer.h" -#include "bufaux.h" -#include "xmalloc.h" -#include "getput.h" - -#include -#include -#include #include "key.h" #include "authfd.h" +#include "cipher.h" #include "kex.h" +#include "compat.h" +#include "log.h" +#include "atomicio.h" +#include "misc.h" + +static int agent_present = 0; /* helper */ int decode_reply(int type); +/* macro to check for "agent failure" message */ +#define agent_failed(x) \ + ((x == SSH_AGENT_FAILURE) || (x == SSH_COM_AGENT2_FAILURE) || \ + (x == SSH2_AGENT_FAILURE)) + +int +ssh_agent_present(void) +{ + int authfd; + + if (agent_present) + return 1; + if ((authfd = ssh_get_authentication_socket()) == -1) + return 0; + else { + ssh_close_authentication_socket(authfd); + return 1; + } +} + /* Returns the number of the authentication fd, or -1 if there is none. */ int -ssh_get_authentication_socket() +ssh_get_authentication_socket(void) { const char *authsocket; - int sock, len; + int sock; struct sockaddr_un sunaddr; authsocket = getenv(SSH_AUTHSOCKET_ENV_NAME); @@ -48,11 +104,6 @@ ssh_get_authentication_socket() sunaddr.sun_family = AF_UNIX; strlcpy(sunaddr.sun_path, authsocket, sizeof(sunaddr.sun_path)); -#ifdef HAVE_SUN_LEN_IN_SOCKADDR_UN - sunaddr.sun_len = len = SUN_LEN(&sunaddr)+1; -#else /* HAVE_SUN_LEN_IN_SOCKADDR_UN */ - len = SUN_LEN(&sunaddr)+1; -#endif /* HAVE_SUN_LEN_IN_SOCKADDR_UN */ sock = socket(AF_UNIX, SOCK_STREAM, 0); if (sock < 0) @@ -63,27 +114,27 @@ ssh_get_authentication_socket() close(sock); return -1; } - if (connect(sock, (struct sockaddr *) & sunaddr, len) < 0) { + if (connect(sock, (struct sockaddr *)&sunaddr, sizeof sunaddr) < 0) { close(sock); return -1; } + agent_present = 1; return sock; } -int -ssh_request_reply(AuthenticationConnection *auth, - Buffer *request, Buffer *reply) +static int +ssh_request_reply(AuthenticationConnection *auth, Buffer *request, Buffer *reply) { - int l, len; + u_int l, len; char buf[1024]; /* Get the length of the message, and format it in the buffer. */ len = buffer_len(request); - PUT_32BIT(buf, len); + put_u32(buf, len); /* Send the length and then the packet to the agent. */ - if (atomicio(write, auth->fd, buf, 4) != 4 || - atomicio(write, auth->fd, buffer_ptr(request), + if (atomicio(vwrite, auth->fd, buf, 4) != 4 || + atomicio(vwrite, auth->fd, buffer_ptr(request), buffer_len(request)) != buffer_len(request)) { error("Error writing to authentication socket."); return 0; @@ -92,20 +143,15 @@ ssh_request_reply(AuthenticationConnection *auth, * Wait for response from the agent. First read the length of the * response packet. */ - len = 4; - while (len > 0) { - l = read(auth->fd, buf + 4 - len, len); - if (l <= 0) { - error("Error reading response length from authentication socket."); - return 0; - } - len -= l; + if (atomicio(read, auth->fd, buf, 4) != 4) { + error("Error reading response length from authentication socket."); + return 0; } /* Extract the length, and check it for sanity. */ - len = GET_32BIT(buf); + len = get_u32(buf); if (len > 256 * 1024) - fatal("Authentication response too long: %d", len); + fatal("Authentication response too long: %u", len); /* Read the rest of the response in to the buffer. */ buffer_clear(reply); @@ -113,12 +159,11 @@ ssh_request_reply(AuthenticationConnection *auth, l = len; if (l > sizeof(buf)) l = sizeof(buf); - l = read(auth->fd, buf, l); - if (l <= 0) { + if (atomicio(read, auth->fd, buf, l) != l) { error("Error reading response from authentication socket."); return 0; } - buffer_append(reply, (char *) buf, l); + buffer_append(reply, buf, l); len -= l; } return 1; @@ -146,7 +191,7 @@ ssh_close_authentication_socket(int sock) */ AuthenticationConnection * -ssh_get_authentication_connection() +ssh_get_authentication_connection(void) { AuthenticationConnection *auth; int sock; @@ -162,7 +207,6 @@ ssh_get_authentication_connection() auth = xmalloc(sizeof(*auth)); auth->fd = sock; - buffer_init(&auth->packet); buffer_init(&auth->identities); auth->howmany = 0; @@ -175,34 +219,62 @@ ssh_get_authentication_connection() */ void -ssh_close_authentication_connection(AuthenticationConnection *ac) +ssh_close_authentication_connection(AuthenticationConnection *auth) +{ + buffer_free(&auth->identities); + close(auth->fd); + xfree(auth); +} + +/* Lock/unlock agent */ +int +ssh_lock_agent(AuthenticationConnection *auth, int lock, const char *password) { - buffer_free(&ac->packet); - buffer_free(&ac->identities); - close(ac->fd); - xfree(ac); + int type; + Buffer msg; + + buffer_init(&msg); + buffer_put_char(&msg, lock ? SSH_AGENTC_LOCK : SSH_AGENTC_UNLOCK); + buffer_put_cstring(&msg, password); + + if (ssh_request_reply(auth, &msg, &msg) == 0) { + buffer_free(&msg); + return 0; + } + type = buffer_get_char(&msg); + buffer_free(&msg); + return decode_reply(type); } /* * Returns the first authentication identity held by the agent. - * Returns true if an identity is available, 0 otherwise. - * The caller must initialize the integers before the call, and free the - * comment after a successful call (before calling ssh_get_next_identity). */ int -ssh_get_first_identity(AuthenticationConnection *auth, - BIGNUM *e, BIGNUM *n, char **comment) +ssh_get_num_identities(AuthenticationConnection *auth, int version) { + int type, code1 = 0, code2 = 0; Buffer request; - int type; + + switch (version) { + case 1: + code1 = SSH_AGENTC_REQUEST_RSA_IDENTITIES; + code2 = SSH_AGENT_RSA_IDENTITIES_ANSWER; + break; + case 2: + code1 = SSH2_AGENTC_REQUEST_IDENTITIES; + code2 = SSH2_AGENT_IDENTITIES_ANSWER; + break; + default: + return 0; + } /* * Send a message to the agent requesting for a list of the * identities it can represent. */ buffer_init(&request); - buffer_put_char(&request, SSH_AGENTC_REQUEST_RSA_IDENTITIES); + buffer_put_char(&request, code1); buffer_clear(&auth->identities); if (ssh_request_reply(auth, &request, &auth->identities) == 0) { @@ -213,53 +285,71 @@ ssh_get_first_identity(AuthenticationConnection *auth, /* Get message type, and verify that we got a proper answer. */ type = buffer_get_char(&auth->identities); - if (type != SSH_AGENT_RSA_IDENTITIES_ANSWER) + if (agent_failed(type)) { + return 0; + } else if (type != code2) { fatal("Bad authentication reply message type: %d", type); + } /* Get the number of entries in the response and check it for sanity. */ auth->howmany = buffer_get_int(&auth->identities); - if (auth->howmany > 1024) - fatal("Too many identities in authentication reply: %d\n", + if ((u_int)auth->howmany > 1024) + fatal("Too many identities in authentication reply: %d", auth->howmany); - /* Return the first entry (if any). */ - return ssh_get_next_identity(auth, e, n, comment); + return auth->howmany; } -/* - * Returns the next authentication identity for the agent. Other functions - * can be called between this and ssh_get_first_identity or two calls of this - * function. This returns 0 if there are no more identities. The caller - * must free comment after a successful return. - */ +Key * +ssh_get_first_identity(AuthenticationConnection *auth, char **comment, int version) +{ + /* get number of identities and return the first entry (if any). */ + if (ssh_get_num_identities(auth, version) > 0) + return ssh_get_next_identity(auth, comment, version); + return NULL; +} -int -ssh_get_next_identity(AuthenticationConnection *auth, - BIGNUM *e, BIGNUM *n, char **comment) +Key * +ssh_get_next_identity(AuthenticationConnection *auth, char **comment, int version) { - unsigned int bits; + int keybits; + u_int bits; + u_char *blob; + u_int blen; + Key *key = NULL; /* Return failure if no more entries. */ if (auth->howmany <= 0) - return 0; + return NULL; /* * Get the next entry from the packet. These will abort with a fatal * error if the packet is too short or contains corrupt data. */ - bits = buffer_get_int(&auth->identities); - buffer_get_bignum(&auth->identities, e); - buffer_get_bignum(&auth->identities, n); - *comment = buffer_get_string(&auth->identities, NULL); - - if (bits != BN_num_bits(n)) - log("Warning: identity keysize mismatch: actual %d, announced %u", - BN_num_bits(n), bits); - + switch (version) { + case 1: + key = key_new(KEY_RSA1); + bits = buffer_get_int(&auth->identities); + buffer_get_bignum(&auth->identities, key->rsa->e); + buffer_get_bignum(&auth->identities, key->rsa->n); + *comment = buffer_get_string(&auth->identities, NULL); + keybits = BN_num_bits(key->rsa->n); + if (keybits < 0 || bits != (u_int)keybits) + logit("Warning: identity keysize mismatch: actual %d, announced %u", + BN_num_bits(key->rsa->n), bits); + break; + case 2: + blob = buffer_get_string(&auth->identities, &blen); + *comment = buffer_get_string(&auth->identities, NULL); + key = key_from_blob(blob, blen); + xfree(blob); + break; + default: + return NULL; + } /* Decrement the number of remaining entries. */ auth->howmany--; - - return 1; + return key; } /* @@ -272,27 +362,29 @@ ssh_get_next_identity(AuthenticationConnection *auth, int ssh_decrypt_challenge(AuthenticationConnection *auth, - BIGNUM* e, BIGNUM *n, BIGNUM *challenge, - unsigned char session_id[16], - unsigned int response_type, - unsigned char response[16]) + Key* key, BIGNUM *challenge, + u_char session_id[16], + u_int response_type, + u_char response[16]) { Buffer buffer; int success = 0; int i; int type; - if (response_type == 0) - fatal("Compatibility with ssh protocol version " - "1.0 no longer supported."); - + if (key->type != KEY_RSA1) + return 0; + if (response_type == 0) { + logit("Compatibility with ssh protocol version 1.0 no longer supported."); + return 0; + } buffer_init(&buffer); buffer_put_char(&buffer, SSH_AGENTC_RSA_CHALLENGE); - buffer_put_int(&buffer, BN_num_bits(n)); - buffer_put_bignum(&buffer, e); - buffer_put_bignum(&buffer, n); + buffer_put_int(&buffer, BN_num_bits(key->rsa->n)); + buffer_put_bignum(&buffer, key->rsa->e); + buffer_put_bignum(&buffer, key->rsa->n); buffer_put_bignum(&buffer, challenge); - buffer_append(&buffer, (char *) session_id, 16); + buffer_append(&buffer, session_id, 16); buffer_put_int(&buffer, response_type); if (ssh_request_reply(auth, &buffer, &buffer) == 0) { @@ -301,8 +393,8 @@ ssh_decrypt_challenge(AuthenticationConnection *auth, } type = buffer_get_char(&buffer); - if (type == SSH_AGENT_FAILURE) { - log("Agent admitted failure to authenticate using the key."); + if (agent_failed(type)) { + logit("Agent admitted failure to authenticate using the key."); } else if (type != SSH_AGENT_RSA_RESPONSE) { fatal("Bad authentication response: %d", type); } else { @@ -312,19 +404,61 @@ ssh_decrypt_challenge(AuthenticationConnection *auth, * fatal error if the packet is corrupt. */ for (i = 0; i < 16; i++) - response[i] = buffer_get_char(&buffer); + response[i] = (u_char)buffer_get_char(&buffer); } buffer_free(&buffer); return success; } +/* ask agent to sign data, returns -1 on error, 0 on success */ +int +ssh_agent_sign(AuthenticationConnection *auth, + Key *key, + u_char **sigp, u_int *lenp, + u_char *data, u_int datalen) +{ + extern int datafellows; + Buffer msg; + u_char *blob; + u_int blen; + int type, flags = 0; + int ret = -1; + + if (key_to_blob(key, &blob, &blen) == 0) + return -1; + + if (datafellows & SSH_BUG_SIGBLOB) + flags = SSH_AGENT_OLD_SIGNATURE; + + buffer_init(&msg); + buffer_put_char(&msg, SSH2_AGENTC_SIGN_REQUEST); + buffer_put_string(&msg, blob, blen); + buffer_put_string(&msg, data, datalen); + buffer_put_int(&msg, flags); + xfree(blob); + + if (ssh_request_reply(auth, &msg, &msg) == 0) { + buffer_free(&msg); + return -1; + } + type = buffer_get_char(&msg); + if (agent_failed(type)) { + logit("Agent admitted failure to sign using the key."); + } else if (type != SSH2_AGENT_SIGN_RESPONSE) { + fatal("Bad authentication response: %d", type); + } else { + ret = 0; + *sigp = buffer_get_string(&msg, lenp); + } + buffer_free(&msg); + return ret; +} + /* Encode key for a message to the agent. */ -void -ssh_encode_identity_rsa(Buffer *b, RSA *key, const char *comment) +static void +ssh_encode_identity_rsa1(Buffer *b, RSA *key, const char *comment) { - buffer_clear(b); - buffer_put_char(b, SSH_AGENTC_ADD_RSA_IDENTITY); buffer_put_int(b, BN_num_bits(key->n)); buffer_put_bignum(b, key->n); buffer_put_bignum(b, key->e); @@ -333,21 +467,31 @@ ssh_encode_identity_rsa(Buffer *b, RSA *key, const char *comment) buffer_put_bignum(b, key->iqmp); /* ssh key->u */ buffer_put_bignum(b, key->q); /* ssh key->p, SSL key->q */ buffer_put_bignum(b, key->p); /* ssh key->q, SSL key->p */ - buffer_put_string(b, comment, strlen(comment)); + buffer_put_cstring(b, comment); } -void -ssh_encode_identity_dsa(Buffer *b, DSA *key, const char *comment) +static void +ssh_encode_identity_ssh2(Buffer *b, Key *key, const char *comment) { - buffer_clear(b); - buffer_put_char(b, SSH2_AGENTC_ADD_IDENTITY); - buffer_put_cstring(b, KEX_DSS); - buffer_put_bignum2(b, key->p); - buffer_put_bignum2(b, key->q); - buffer_put_bignum2(b, key->g); - buffer_put_bignum2(b, key->pub_key); - buffer_put_bignum2(b, key->priv_key); - buffer_put_string(b, comment, strlen(comment)); + buffer_put_cstring(b, key_ssh_name(key)); + switch (key->type) { + case KEY_RSA: + buffer_put_bignum2(b, key->rsa->n); + buffer_put_bignum2(b, key->rsa->e); + buffer_put_bignum2(b, key->rsa->d); + buffer_put_bignum2(b, key->rsa->iqmp); + buffer_put_bignum2(b, key->rsa->p); + buffer_put_bignum2(b, key->rsa->q); + break; + case KEY_DSA: + buffer_put_bignum2(b, key->dsa->p); + buffer_put_bignum2(b, key->dsa->q); + buffer_put_bignum2(b, key->dsa->g); + buffer_put_bignum2(b, key->dsa->pub_key); + buffer_put_bignum2(b, key->dsa->priv_key); + break; + } + buffer_put_cstring(b, comment); } /* @@ -356,31 +500,48 @@ ssh_encode_identity_dsa(Buffer *b, DSA *key, const char *comment) */ int -ssh_add_identity(AuthenticationConnection *auth, Key *key, const char *comment) +ssh_add_identity_constrained(AuthenticationConnection *auth, Key *key, + const char *comment, u_int life, u_int confirm) { - Buffer buffer; - int type; + Buffer msg; + int type, constrained = (life || confirm); - buffer_init(&buffer); + buffer_init(&msg); switch (key->type) { - case KEY_RSA: - ssh_encode_identity_rsa(&buffer, key->rsa, comment); + case KEY_RSA1: + type = constrained ? + SSH_AGENTC_ADD_RSA_ID_CONSTRAINED : + SSH_AGENTC_ADD_RSA_IDENTITY; + buffer_put_char(&msg, type); + ssh_encode_identity_rsa1(&msg, key->rsa, comment); break; + case KEY_RSA: case KEY_DSA: - ssh_encode_identity_dsa(&buffer, key->dsa, comment); + type = constrained ? + SSH2_AGENTC_ADD_ID_CONSTRAINED : + SSH2_AGENTC_ADD_IDENTITY; + buffer_put_char(&msg, type); + ssh_encode_identity_ssh2(&msg, key, comment); break; default: - buffer_free(&buffer); + buffer_free(&msg); return 0; - break; } - if (ssh_request_reply(auth, &buffer, &buffer) == 0) { - buffer_free(&buffer); + if (constrained) { + if (life != 0) { + buffer_put_char(&msg, SSH_AGENT_CONSTRAIN_LIFETIME); + buffer_put_int(&msg, life); + } + if (confirm != 0) + buffer_put_char(&msg, SSH_AGENT_CONSTRAIN_CONFIRM); + } + if (ssh_request_reply(auth, &msg, &msg) == 0) { + buffer_free(&msg); return 0; } - type = buffer_get_char(&buffer); - buffer_free(&buffer); + type = buffer_get_char(&msg); + buffer_free(&msg); return decode_reply(type); } @@ -390,23 +551,72 @@ ssh_add_identity(AuthenticationConnection *auth, Key *key, const char *comment) */ int -ssh_remove_identity(AuthenticationConnection *auth, RSA *key) +ssh_remove_identity(AuthenticationConnection *auth, Key *key) { - Buffer buffer; + Buffer msg; int type; + u_char *blob; + u_int blen; + + buffer_init(&msg); + + if (key->type == KEY_RSA1) { + buffer_put_char(&msg, SSH_AGENTC_REMOVE_RSA_IDENTITY); + buffer_put_int(&msg, BN_num_bits(key->rsa->n)); + buffer_put_bignum(&msg, key->rsa->e); + buffer_put_bignum(&msg, key->rsa->n); + } else if (key->type == KEY_DSA || key->type == KEY_RSA) { + key_to_blob(key, &blob, &blen); + buffer_put_char(&msg, SSH2_AGENTC_REMOVE_IDENTITY); + buffer_put_string(&msg, blob, blen); + xfree(blob); + } else { + buffer_free(&msg); + return 0; + } + if (ssh_request_reply(auth, &msg, &msg) == 0) { + buffer_free(&msg); + return 0; + } + type = buffer_get_char(&msg); + buffer_free(&msg); + return decode_reply(type); +} - buffer_init(&buffer); - buffer_put_char(&buffer, SSH_AGENTC_REMOVE_RSA_IDENTITY); - buffer_put_int(&buffer, BN_num_bits(key->n)); - buffer_put_bignum(&buffer, key->e); - buffer_put_bignum(&buffer, key->n); +int +ssh_update_card(AuthenticationConnection *auth, int add, + const char *reader_id, const char *pin, u_int life, u_int confirm) +{ + Buffer msg; + int type, constrained = (life || confirm); + + if (add) { + type = constrained ? + SSH_AGENTC_ADD_SMARTCARD_KEY_CONSTRAINED : + SSH_AGENTC_ADD_SMARTCARD_KEY; + } else + type = SSH_AGENTC_REMOVE_SMARTCARD_KEY; + + buffer_init(&msg); + buffer_put_char(&msg, type); + buffer_put_cstring(&msg, reader_id); + buffer_put_cstring(&msg, pin); + + if (constrained) { + if (life != 0) { + buffer_put_char(&msg, SSH_AGENT_CONSTRAIN_LIFETIME); + buffer_put_int(&msg, life); + } + if (confirm != 0) + buffer_put_char(&msg, SSH_AGENT_CONSTRAIN_CONFIRM); + } - if (ssh_request_reply(auth, &buffer, &buffer) == 0) { - buffer_free(&buffer); + if (ssh_request_reply(auth, &msg, &msg) == 0) { + buffer_free(&msg); return 0; } - type = buffer_get_char(&buffer); - buffer_free(&buffer); + type = buffer_get_char(&msg); + buffer_free(&msg); return decode_reply(type); } @@ -416,29 +626,34 @@ ssh_remove_identity(AuthenticationConnection *auth, RSA *key) */ int -ssh_remove_all_identities(AuthenticationConnection *auth) +ssh_remove_all_identities(AuthenticationConnection *auth, int version) { - Buffer buffer; + Buffer msg; int type; + int code = (version==1) ? + SSH_AGENTC_REMOVE_ALL_RSA_IDENTITIES : + SSH2_AGENTC_REMOVE_ALL_IDENTITIES; - buffer_init(&buffer); - buffer_put_char(&buffer, SSH_AGENTC_REMOVE_ALL_RSA_IDENTITIES); + buffer_init(&msg); + buffer_put_char(&msg, code); - if (ssh_request_reply(auth, &buffer, &buffer) == 0) { - buffer_free(&buffer); + if (ssh_request_reply(auth, &msg, &msg) == 0) { + buffer_free(&msg); return 0; } - type = buffer_get_char(&buffer); - buffer_free(&buffer); + type = buffer_get_char(&msg); + buffer_free(&msg); return decode_reply(type); } -int +int decode_reply(int type) { switch (type) { case SSH_AGENT_FAILURE: - log("SSH_AGENT_FAILURE"); + case SSH_COM_AGENT2_FAILURE: + case SSH2_AGENT_FAILURE: + logit("SSH_AGENT_FAILURE"); return 0; case SSH_AGENT_SUCCESS: return 1;