Rev 63 | Only display areas with differences | Ignore whitespace | Details | Blame | Last modification | View Log | RSS feed
Rev 63 | Rev 64 | ||
---|---|---|---|
1 | #! /bin/sh /usr/share/dpatch/dpatch-run |
1 | #! /bin/sh /usr/share/dpatch/dpatch-run |
2 | ## blacklist.dpatch by Magnus Holmgren <holmgren@debian.org> |
2 | ## blacklist.dpatch by Magnus Holmgren <holmgren@debian.org> |
3 | ## blacklist.c code copied from OpenSSH's authfile.c and adapted for LSH. |
3 | ## blacklist.c code copied from the openssh package and adapted for LSH. |
4 | ## |
4 | ## |
5 | ## DP: Check keys against openssh-blacklist before accepting for |
5 | ## DP: Check keys against openssh-blacklist before accepting for |
6 | ## DP: pubkey authentication as well as on conversion by lsh-writekey |
6 | ## DP: pubkey authentication as well as on conversion by lsh-writekey |
7 | ## DP: and lsh-decode-key. |
7 | ## DP: and lsh-decode-key. |
8 | 8 | ||
9 | @DPATCH@ |
9 | @DPATCH@ |
10 | diff -urNad trunk~/src/Makefile.am trunk/src/Makefile.am |
10 | diff -urNad trunk~/src/Makefile.am trunk/src/Makefile.am |
11 | --- trunk~/src/Makefile.am 2004-11-18 22:52:16.000000000 +0100 |
11 | --- trunk~/src/Makefile.am 2004-11-18 22:52:16.000000000 +0100 |
12 | +++ trunk/src/Makefile.am 2009-11-0 23:57:07.000000000 +0100 |
12 | +++ trunk/src/Makefile.am 2009-11-0 23:57:07.000000000 +0100 |
13 | @@ -72,7 +72,8 @@ |
13 | @@ -72,7 +72,8 @@ |
14 | unix_interact.c unix_process.c unix_random.c unix_user.c \ |
14 | unix_interact.c unix_process.c unix_random.c unix_user.c \ |
15 | userauth.c \ |
15 | userauth.c \ |
16 | werror.c write_buffer.c write_packet.c \ |
16 | werror.c write_buffer.c write_packet.c \ |
17 | - xalloc.c xauth.c zlib.c |
17 | - xalloc.c xauth.c zlib.c |
18 | + xalloc.c xauth.c zlib.c \ |
18 | + xalloc.c xauth.c zlib.c \ |
19 | + blacklist.c |
19 | + blacklist.c |
20 | 20 | ||
21 | liblsh_a_LIBADD = @LIBOBJS@ |
21 | liblsh_a_LIBADD = @LIBOBJS@ |
22 | 22 | ||
23 | diff -urNad trunk~/src/Makefile.in trunk/src/Makefile.in |
23 | diff -urNad trunk~/src/Makefile.in trunk/src/Makefile.in |
24 | --- trunk~/src/Makefile.in 2009-11-07 23:57:06.000000000 +0100 |
24 | --- trunk~/src/Makefile.in 2009-11-07 23:57:06.000000000 +0100 |
25 | +++ trunk/src/Makefile.in 2009-11-07 23:57:07.000000000 +0100 |
25 | +++ trunk/src/Makefile.in 2009-11-07 23:57:07.000000000 +0100 |
26 | @@ -91,7 +91,8 @@ |
26 | @@ -91,7 +91,8 @@ |
27 | tty.$(OBJEXT) unix_interact.$(OBJEXT) unix_process.$(OBJEXT) \ |
27 | tty.$(OBJEXT) unix_interact.$(OBJEXT) unix_process.$(OBJEXT) \ |
28 | unix_random.$(OBJEXT) unix_user.$(OBJEXT) userauth.$(OBJEXT) \ |
28 | unix_random.$(OBJEXT) unix_user.$(OBJEXT) userauth.$(OBJEXT) \ |
29 | werror.$(OBJEXT) write_buffer.$(OBJEXT) write_packet.$(OBJEXT) \ |
29 | werror.$(OBJEXT) write_buffer.$(OBJEXT) write_packet.$(OBJEXT) \ |
30 | - xalloc.$(OBJEXT) xauth.$(OBJEXT) zlib.$(OBJEXT) |
30 | - xalloc.$(OBJEXT) xauth.$(OBJEXT) zlib.$(OBJEXT) |
31 | + xalloc.$(OBJEXT) xauth.$(OBJEXT) zlib.$(OBJEXT) \ |
31 | + xalloc.$(OBJEXT) xauth.$(OBJEXT) zlib.$(OBJEXT) \ |
32 | + blacklist.$(OBJEXT) |
32 | + blacklist.$(OBJEXT) |
33 | liblsh_a_OBJECTS = $(am_liblsh_a_OBJECTS) |
33 | liblsh_a_OBJECTS = $(am_liblsh_a_OBJECTS) |
34 | am__installdirs = "$(DESTDIR)$(bindir)" "$(DESTDIR)$(sbindir)" \ |
34 | am__installdirs = "$(DESTDIR)$(bindir)" "$(DESTDIR)$(sbindir)" \ |
35 | "$(DESTDIR)$(bindir)" |
35 | "$(DESTDIR)$(bindir)" |
36 | @@ -510,7 +511,8 @@ |
36 | @@ -510,7 +511,8 @@ |
37 | unix_interact.c unix_process.c unix_random.c unix_user.c \ |
37 | unix_interact.c unix_process.c unix_random.c unix_user.c \ |
38 | userauth.c \ |
38 | userauth.c \ |
39 | werror.c write_buffer.c write_packet.c \ |
39 | werror.c write_buffer.c write_packet.c \ |
40 | - xalloc.c xauth.c zlib.c |
40 | - xalloc.c xauth.c zlib.c |
41 | + xalloc.c xauth.c zlib.c \ |
41 | + xalloc.c xauth.c zlib.c \ |
42 | + blacklist.c |
42 | + blacklist.c |
43 | 43 | ||
44 | liblsh_a_LIBADD = @LIBOBJS@ |
44 | liblsh_a_LIBADD = @LIBOBJS@ |
45 | 45 | ||
46 | @@ -705,6 +707,7 @@ |
46 | @@ -705,6 +707,7 @@ |
47 | @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/algorithms.Po@am__quote@ |
47 | @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/algorithms.Po@am__quote@ |
48 | @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/alist.Po@am__quote@ |
48 | @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/alist.Po@am__quote@ |
49 | @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/atoms.Po@am__quote@ |
49 | @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/atoms.Po@am__quote@ |
50 | +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/blacklist.Po@am__quote@ |
50 | +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/blacklist.Po@am__quote@ |
51 | @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/channel.Po@am__quote@ |
51 | @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/channel.Po@am__quote@ |
52 | @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/channel_commands.Po@am__quote@ |
52 | @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/channel_commands.Po@am__quote@ |
53 | @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/channel_forward.Po@am__quote@ |
53 | @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/channel_forward.Po@am__quote@ |
54 | diff -urNad trunk~/src/abstract_crypto.h trunk/src/abstract_crypto.h |
54 | diff -urNad trunk~/src/abstract_crypto.h trunk/src/abstract_crypto.h |
55 | --- trunk~/src/abstract_crypto.h 2003-11-16 19:10:30.000000000 +0100 |
55 | --- trunk~/src/abstract_crypto.h 2003-11-16 19:10:30.000000000 +0100 |
56 | +++ trunk/src/abstract_crypto.h 2009-11-07 23:57:37.000000000 +0100 |
56 | +++ trunk/src/abstract_crypto.h 2009-11-07 23:57:37.000000000 +0100 |
57 | @@ -162,7 +162,9 @@ |
57 | @@ -162,7 +162,9 @@ |
58 | (public_key method (string)) |
58 | (public_key method (string)) |
59 | 59 | ||
60 | ; Returns (public-key (<pub-sig-alg-id> <s-expr>*)) |
60 | ; Returns (public-key (<pub-sig-alg-id> <s-expr>*)) |
61 | - (public_spki_key method (string) "int transport"))) |
61 | - (public_spki_key method (string) "int transport"))) |
62 | + (public_spki_key method (string) "int transport") |
62 | + (public_spki_key method (string) "int transport") |
63 | + |
63 | + |
64 | + (key_size method uint32_t))) |
64 | + (key_size method uint32_t))) |
65 | */ |
65 | */ |
66 | 66 | ||
67 | #define VERIFY(verifier, algorithm, length, data, slength, sdata) \ |
67 | #define VERIFY(verifier, algorithm, length, data, slength, sdata) \ |
68 | @@ -170,7 +172,7 @@ |
68 | @@ -170,7 +172,7 @@ |
69 | 69 | ||
70 | #define PUBLIC_KEY(verifier) ((verifier)->public_key((verifier))) |
70 | #define PUBLIC_KEY(verifier) ((verifier)->public_key((verifier))) |
71 | #define PUBLIC_SPKI_KEY(verifier, t) ((verifier)->public_spki_key((verifier), (t))) |
71 | #define PUBLIC_SPKI_KEY(verifier, t) ((verifier)->public_spki_key((verifier), (t))) |
72 | - |
72 | - |
73 | +#define KEY_SIZE(verifier) ((verifier)->key_size((verifier))) |
73 | +#define KEY_SIZE(verifier) ((verifier)->key_size((verifier))) |
74 | 74 | ||
75 | /* GABA: |
75 | /* GABA: |
76 | (class |
76 | (class |
77 | diff -urNad trunk~/src/abstract_crypto.h.x trunk/src/abstract_crypto.h.x |
77 | diff -urNad trunk~/src/abstract_crypto.h.x trunk/src/abstract_crypto.h.x |
78 | --- trunk~/src/abstract_crypto.h.x 2007-06-04 22:18:39.000000000 +0200 |
78 | --- trunk~/src/abstract_crypto.h.x 2007-06-04 22:18:39.000000000 +0200 |
79 | +++ trunk/src/abstract_crypto.h.x 2009-11-07 23:57:07.000000000 +0100 |
79 | +++ trunk/src/abstract_crypto.h.x 2009-11-07 23:57:07.000000000 +0100 |
80 | @@ -161,6 +161,7 @@ |
80 | @@ -161,6 +161,7 @@ |
81 | int (*(verify))(struct verifier *self,int algorithm,uint32_t length,const uint8_t *data,uint32_t signature_length,const uint8_t *signature_data); |
81 | int (*(verify))(struct verifier *self,int algorithm,uint32_t length,const uint8_t *data,uint32_t signature_length,const uint8_t *signature_data); |
82 | struct lsh_string *(*(public_key))(struct verifier *self); |
82 | struct lsh_string *(*(public_key))(struct verifier *self); |
83 | struct lsh_string *(*(public_spki_key))(struct verifier *self,int transport); |
83 | struct lsh_string *(*(public_spki_key))(struct verifier *self,int transport); |
84 | + uint32_t *(*(key_size))(struct verifier *self); |
84 | + uint32_t *(*(key_size))(struct verifier *self); |
85 | }; |
85 | }; |
86 | extern struct lsh_class verifier_class; |
86 | extern struct lsh_class verifier_class; |
87 | #endif /* !GABA_DEFINE */ |
87 | #endif /* !GABA_DEFINE */ |
88 | diff -urNad trunk~/src/blacklist.c trunk/src/blacklist.c |
88 | diff -urNad trunk~/src/blacklist.c trunk/src/blacklist.c |
89 | --- trunk~/src/blacklist.c 1970-01-01 01:00:00.000000000 +0100 |
89 | --- trunk~/src/blacklist.c 1970-01-01 01:00:00.000000000 +0100 |
90 | +++ trunk/src/blacklist.c 2009-11-07 23:57:07.000000000 +0100 |
90 | +++ trunk/src/blacklist.c 2009-11-07 23:57:07.000000000 +0100 |
91 | @@ -0,0 +1,150 @@ |
91 | @@ -0,0 +1,150 @@ |
92 | +#if HAVE_CONFIG_H |
92 | +#if HAVE_CONFIG_H |
93 | +#include "config.h" |
93 | +#include "config.h" |
94 | +#endif |
94 | +#endif |
95 | + |
95 | + |
96 | +#include <assert.h> |
96 | +#include <assert.h> |
97 | + |
97 | + |
98 | +#include "atoms.h" |
98 | +#include "atoms.h" |
99 | +#include "format.h" |
99 | +#include "format.h" |
100 | +#include "lsh_string.h" |
100 | +#include "lsh_string.h" |
101 | +#include "werror.h" |
101 | +#include "werror.h" |
102 | +#include "crypto.h" |
102 | +#include "crypto.h" |
103 | + |
103 | + |
104 | +#include <sys/types.h> |
104 | +#include <sys/types.h> |
105 | +#include <sys/stat.h> |
105 | +#include <sys/stat.h> |
106 | +#include <unistd.h> |
106 | +#include <unistd.h> |
107 | +#include <fcntl.h> |
107 | +#include <fcntl.h> |
108 | +#include <string.h> |
108 | +#include <string.h> |
109 | + |
109 | + |
110 | +int blacklisted_key(struct verifier *v, int method); |
110 | +int blacklisted_key(struct verifier *v, int method); |
111 | + |
111 | + |
112 | +/* Scan a blacklist of known-vulnerable keys in blacklist_file. */ |
112 | +/* Scan a blacklist of known-vulnerable keys in blacklist_file. */ |
113 | +static int |
113 | +static int |
114 | +blacklisted_key_in_file(struct lsh_string *lsh_hash, struct lsh_string *blacklist_file) |
114 | +blacklisted_key_in_file(struct lsh_string *lsh_hash, struct lsh_string *blacklist_file) |
115 | +{ |
115 | +{ |
116 | + int fd = -1; |
116 | + int fd = -1; |
117 | + const char *hash = 0; |
117 | + const char *hash = 0; |
118 | + uint32_t line_len; |
118 | + uint32_t line_len; |
119 | + struct stat st; |
119 | + struct stat st; |
120 | + char buf[256]; |
120 | + char buf[256]; |
121 | + off_t start, lower, upper; |
121 | + off_t start, lower, upper; |
122 | + int ret = 0; |
122 | + int ret = 0; |
123 | + |
123 | + |
124 | + debug("Checking blacklist file %S\n", blacklist_file); |
124 | + debug("Checking blacklist file %S\n", blacklist_file); |
125 | + fd = open(lsh_get_cstring(blacklist_file), O_RDONLY); |
125 | + fd = open(lsh_get_cstring(blacklist_file), O_RDONLY); |
126 | + if (fd < 0) { |
126 | + if (fd < 0) { |
127 | + ret = -1; |
127 | + ret = -1; |
128 | + goto out; |
128 | + goto out; |
129 | + } |
129 | + } |
130 | + |
130 | + |
131 | + hash = lsh_get_cstring(lsh_hash) + 12; |
131 | + hash = lsh_get_cstring(lsh_hash) + 12; |
132 | + line_len = strlen(hash); |
132 | + line_len = strlen(hash); |
133 | + if (line_len != 20) |
133 | + if (line_len != 20) |
134 | + goto out; |
134 | + goto out; |
135 | + |
135 | + |
136 | + /* Skip leading comments */ |
136 | + /* Skip leading comments */ |
137 | + start = 0; |
137 | + start = 0; |
138 | + for (;;) { |
138 | + for (;;) { |
139 | + ssize_t r; |
139 | + ssize_t r; |
140 | + char *newline; |
140 | + char *newline; |
141 | + |
141 | + |
142 | + r = read(fd, buf, sizeof(buf)); |
142 | + r = read(fd, buf, sizeof(buf)); |
143 | + if (r <= 0) |
143 | + if (r <= 0) |
144 | + goto out; |
144 | + goto out; |
145 | + if (buf[0] != '#') |
145 | + if (buf[0] != '#') |
146 | + break; |
146 | + break; |
147 | + |
147 | + |
148 | + newline = memchr(buf, '\n', sizeof(buf)); |
148 | + newline = memchr(buf, '\n', sizeof(buf)); |
149 | + if (!newline) |
149 | + if (!newline) |
150 | + goto out; |
150 | + goto out; |
151 | + start += newline + 1 - buf; |
151 | + start += newline + 1 - buf; |
152 | + if (lseek(fd, start, SEEK_SET) < 0) |
152 | + if (lseek(fd, start, SEEK_SET) < 0) |
153 | + goto out; |
153 | + goto out; |
154 | + } |
154 | + } |
155 | + |
155 | + |
156 | + /* Initialise binary search record numbers */ |
156 | + /* Initialise binary search record numbers */ |
157 | + if (fstat(fd, &st) < 0) |
157 | + if (fstat(fd, &st) < 0) |
158 | + goto out; |
158 | + goto out; |
159 | + lower = 0; |
159 | + lower = 0; |
160 | + upper = (st.st_size - start) / (line_len + 1); |
160 | + upper = (st.st_size - start) / (line_len + 1); |
161 | + |
161 | + |
162 | + while (lower != upper) { |
162 | + while (lower != upper) { |
163 | + off_t cur; |
163 | + off_t cur; |
164 | + int cmp; |
164 | + int cmp; |
165 | + |
165 | + |
166 | + cur = lower + (upper - lower) / 2; |
166 | + cur = lower + (upper - lower) / 2; |
167 | + |
167 | + |
168 | + /* Read this line and compare to digest; this is |
168 | + /* Read this line and compare to digest; this is |
169 | + * overflow-safe since cur < max(off_t) / (line_len + 1) */ |
169 | + * overflow-safe since cur < max(off_t) / (line_len + 1) */ |
170 | + if (lseek(fd, start + cur * (line_len + 1), SEEK_SET) < 0) |
170 | + if (lseek(fd, start + cur * (line_len + 1), SEEK_SET) < 0) |
171 | + break; |
171 | + break; |
172 | + if (read(fd, buf, line_len) != line_len) |
172 | + if (read(fd, buf, line_len) != line_len) |
173 | + break; |
173 | + break; |
174 | + cmp = memcmp(buf, hash, line_len); |
174 | + cmp = memcmp(buf, hash, line_len); |
175 | + if (cmp < 0) { |
175 | + if (cmp < 0) { |
176 | + if (cur == lower) |
176 | + if (cur == lower) |
177 | + break; |
177 | + break; |
178 | + lower = cur; |
178 | + lower = cur; |
179 | + } else if (cmp > 0) { |
179 | + } else if (cmp > 0) { |
180 | + if (cur == upper) |
180 | + if (cur == upper) |
181 | + break; |
181 | + break; |
182 | + upper = cur; |
182 | + upper = cur; |
183 | + } else { |
183 | + } else { |
184 | + ret = 1; |
184 | + ret = 1; |
185 | + break; |
185 | + break; |
186 | + } |
186 | + } |
187 | + } |
187 | + } |
188 | + |
188 | + |
189 | +out: |
189 | +out: |
190 | + if (fd >= 0) |
190 | + if (fd >= 0) |
191 | + close(fd); |
191 | + close(fd); |
192 | + return ret; |
192 | + return ret; |
193 | +} |
193 | +} |
194 | + |
194 | + |
195 | +/* |
195 | +/* |
196 | + * Scan blacklists of known-vulnerable keys. If a vulnerable key is found, |
196 | + * Scan blacklists of known-vulnerable keys. If a vulnerable key is found, |
197 | + * its fingerprint is returned in *fp, unless fp is NULL. |
197 | + * its fingerprint is returned in *fp, unless fp is NULL. |
198 | + */ |
198 | + */ |
199 | +int |
199 | +int |
200 | +blacklisted_key(struct verifier *v, int method) |
200 | +blacklisted_key(struct verifier *v, int method) |
201 | +{ |
201 | +{ |
202 | + const char *keytype; |
202 | + const char *keytype; |
203 | + int ret = -1; |
203 | + int ret = -1; |
204 | + const char *paths[] = { "/usr/share/ssh/blacklist", "/etc/ssh/blacklist", NULL }; |
204 | + const char *paths[] = { "/usr/share/ssh/blacklist", "/etc/ssh/blacklist", NULL }; |
205 | + const char **pp; |
205 | + const char **pp; |
206 | + struct lsh_string *lsh_hash = ssh_format("%lfxS", |
206 | + struct lsh_string *lsh_hash = ssh_format("%lfxS", |
207 | + hash_string(&crypto_md5_algorithm, |
207 | + hash_string(&crypto_md5_algorithm, |
208 | + PUBLIC_KEY(v), 1)); |
208 | + PUBLIC_KEY(v), 1)); |
209 | + uint32_t keysize = KEY_SIZE(v); |
209 | + uint32_t keysize = KEY_SIZE(v); |
210 | + |
210 | + |
211 | + switch (method) |
211 | + switch (method) |
212 | + { |
212 | + { |
213 | + case ATOM_SSH_DSS: |
213 | + case ATOM_SSH_DSS: |
214 | + case ATOM_DSA: |
214 | + case ATOM_DSA: |
215 | + keytype = "DSA"; |
215 | + keytype = "DSA"; |
216 | + break; |
216 | + break; |
217 | + case ATOM_SSH_RSA: |
217 | + case ATOM_SSH_RSA: |
218 | + case ATOM_RSA_PKCS1_SHA1: |
218 | + case ATOM_RSA_PKCS1_SHA1: |
219 | + case ATOM_RSA_PKCS1_MD5: |
219 | + case ATOM_RSA_PKCS1_MD5: |
220 | + case ATOM_RSA_PKCS1: |
220 | + case ATOM_RSA_PKCS1: |
221 | + keytype = "RSA"; |
221 | + keytype = "RSA"; |
222 | + break; |
222 | + break; |
223 | + default: |
223 | + default: |
224 | + werror("Unrecognized key type"); |
224 | + werror("Unrecognized key type"); |
225 | + return -1; |
225 | + return -1; |
226 | + } |
226 | + } |
227 | + |
227 | + |
228 | + for (pp = paths; *pp && ret <= 0; pp++) { |
228 | + for (pp = paths; *pp && ret <= 0; pp++) { |
229 | + struct lsh_string *blacklist_file = ssh_format("%lz.%lz-%di", |
229 | + struct lsh_string *blacklist_file = ssh_format("%lz.%lz-%di", |
230 | + *pp, keytype, keysize); |
230 | + *pp, keytype, keysize); |
231 | + int r = blacklisted_key_in_file(lsh_hash, blacklist_file); |
231 | + int r = blacklisted_key_in_file(lsh_hash, blacklist_file); |
232 | + lsh_string_free(blacklist_file); |
232 | + lsh_string_free(blacklist_file); |
233 | + if (r > ret) ret = r; |
233 | + if (r > ret) ret = r; |
234 | + } |
234 | + } |
235 | + |
235 | + |
236 | + if (ret > 0) { |
236 | + if (ret > 0) { |
237 | + werror("Key is compromised: %z %i %fS\n", keytype, keysize, |
237 | + werror("Key is compromised: %z %i %fS\n", keytype, keysize, |
238 | + lsh_string_colonize(lsh_hash, 2, 0)); |
238 | + lsh_string_colonize(lsh_hash, 2, 0)); |
239 | + } |
239 | + } |
240 | + return ret; |
240 | + return ret; |
241 | +} |
241 | +} |
242 | diff -urNad trunk~/src/dsa.c trunk/src/dsa.c |
242 | diff -urNad trunk~/src/dsa.c trunk/src/dsa.c |
243 | --- trunk~/src/dsa.c 2004-06-08 20:00:45.000000000 +0200 |
243 | --- trunk~/src/dsa.c 2004-06-08 20:00:45.000000000 +0200 |
244 | +++ trunk/src/dsa.c 2009-11-07 23:57:07.000000000 +0100 |
244 | +++ trunk/src/dsa.c 2009-11-07 23:57:07.000000000 +0100 |
245 | @@ -189,6 +189,14 @@ |
245 | @@ -189,6 +189,14 @@ |
246 | "y", self->key.y); |
246 | "y", self->key.y); |
247 | } |
247 | } |
248 | 248 | ||
249 | +static uint32_t |
249 | +static uint32_t |
250 | +do_dsa_key_size(struct verifier *v) |
250 | +do_dsa_key_size(struct verifier *v) |
251 | +{ |
251 | +{ |
252 | + CAST(dsa_verifier, self, v); |
252 | + CAST(dsa_verifier, self, v); |
253 | + |
253 | + |
254 | + return mpz_sizeinbase(self->key.p, 2); |
254 | + return mpz_sizeinbase(self->key.p, 2); |
255 | +} |
255 | +} |
256 | + |
256 | + |
257 | static void |
257 | static void |
258 | init_dsa_verifier(struct dsa_verifier *self) |
258 | init_dsa_verifier(struct dsa_verifier *self) |
259 | { |
259 | { |
260 | @@ -199,6 +207,7 @@ |
260 | @@ -199,6 +207,7 @@ |
261 | self->super.verify = do_dsa_verify; |
261 | self->super.verify = do_dsa_verify; |
262 | self->super.public_spki_key = do_dsa_public_spki_key; |
262 | self->super.public_spki_key = do_dsa_public_spki_key; |
263 | self->super.public_key = do_dsa_public_key; |
263 | self->super.public_key = do_dsa_public_key; |
264 | + self->super.key_size = do_dsa_key_size; |
264 | + self->super.key_size = do_dsa_key_size; |
265 | } |
265 | } |
266 | 266 | ||
267 | 267 | ||
268 | diff -urNad trunk~/src/lsh-decode-key.c trunk/src/lsh-decode-key.c |
268 | diff -urNad trunk~/src/lsh-decode-key.c trunk/src/lsh-decode-key.c |
269 | --- trunk~/src/lsh-decode-key.c 2005-09-06 14:43:15.000000000 +0200 |
269 | --- trunk~/src/lsh-decode-key.c 2005-09-06 14:43:15.000000000 +0200 |
270 | +++ trunk/src/lsh-decode-key.c 2009-11-07 23:57:07.000000000 +0100 |
270 | +++ trunk/src/lsh-decode-key.c 2009-11-07 23:57:07.000000000 +0100 |
271 | @@ -133,6 +133,10 @@ |
271 | @@ -133,6 +133,10 @@ |
272 | werror("Invalid dsa key.\n"); |
272 | werror("Invalid dsa key.\n"); |
273 | return NULL; |
273 | return NULL; |
274 | } |
274 | } |
275 | + else if (blacklisted_key(v, type)) |
275 | + else if (blacklisted_key(v, type)) |
276 | + { |
276 | + { |
277 | + return NULL; |
277 | + return NULL; |
278 | + } |
278 | + } |
279 | else |
279 | else |
280 | return PUBLIC_SPKI_KEY(v, 1); |
280 | return PUBLIC_SPKI_KEY(v, 1); |
281 | } |
281 | } |
282 | @@ -150,6 +154,10 @@ |
282 | @@ -150,6 +154,10 @@ |
283 | werror("Invalid rsa key.\n"); |
283 | werror("Invalid rsa key.\n"); |
284 | return NULL; |
284 | return NULL; |
285 | } |
285 | } |
286 | + else if (blacklisted_key(v, type)) |
286 | + else if (blacklisted_key(v, type)) |
287 | + { |
287 | + { |
288 | + return NULL; |
288 | + return NULL; |
289 | + } |
289 | + } |
290 | else |
290 | else |
291 | return PUBLIC_SPKI_KEY(v, 1); |
291 | return PUBLIC_SPKI_KEY(v, 1); |
292 | } |
292 | } |
293 | diff -urNad trunk~/src/lsh-writekey.c trunk/src/lsh-writekey.c |
293 | diff -urNad trunk~/src/lsh-writekey.c trunk/src/lsh-writekey.c |
294 | --- trunk~/src/lsh-writekey.c 2004-11-17 11:55:11.000000000 +0100 |
294 | --- trunk~/src/lsh-writekey.c 2004-11-17 11:55:11.000000000 +0100 |
295 | +++ trunk/src/lsh-writekey.c 2009-11-07 23:57:07.000000000 +0100 |
295 | +++ trunk/src/lsh-writekey.c 2009-11-07 23:57:07.000000000 +0100 |
296 | @@ -397,14 +397,18 @@ |
296 | @@ -397,14 +397,18 @@ |
297 | { |
297 | { |
298 | struct signer *s; |
298 | struct signer *s; |
299 | struct verifier *v; |
299 | struct verifier *v; |
300 | + int algorithm_name; |
300 | + int algorithm_name; |
301 | 301 | ||
302 | - s = spki_make_signer(options->signature_algorithms, key, NULL); |
302 | - s = spki_make_signer(options->signature_algorithms, key, NULL); |
303 | + s = spki_make_signer(options->signature_algorithms, key, &algorithm_name); |
303 | + s = spki_make_signer(options->signature_algorithms, key, &algorithm_name); |
304 | 304 | ||
305 | if (!s) |
305 | if (!s) |
306 | return NULL; |
306 | return NULL; |
307 | 307 | ||
308 | v = SIGNER_GET_VERIFIER(s); |
308 | v = SIGNER_GET_VERIFIER(s); |
309 | assert(v); |
309 | assert(v); |
310 | + if (blacklisted_key(v, algorithm_name)) { |
310 | + if (blacklisted_key(v, algorithm_name)) { |
311 | + return NULL; |
311 | + return NULL; |
312 | + } |
312 | + } |
313 | 313 | ||
314 | return PUBLIC_SPKI_KEY(v, 1); |
314 | return PUBLIC_SPKI_KEY(v, 1); |
315 | } |
315 | } |
316 | @@ -416,7 +420,8 @@ |
316 | @@ -416,7 +420,8 @@ |
317 | int private_fd; |
317 | int private_fd; |
318 | int public_fd; |
318 | int public_fd; |
319 | struct lsh_string *input; |
319 | struct lsh_string *input; |
320 | - struct lsh_string *output; |
320 | - struct lsh_string *output; |
321 | + struct lsh_string *priv_output; |
321 | + struct lsh_string *priv_output; |
322 | + struct lsh_string *pub_output; |
322 | + struct lsh_string *pub_output; |
323 | const struct exception *e; |
323 | const struct exception *e; |
324 | 324 | ||
325 | argp_parse(&main_argp, argc, argv, 0, NULL, options); |
325 | argp_parse(&main_argp, argc, argv, 0, NULL, options); |
326 | @@ -439,16 +444,22 @@ |
326 | @@ -439,16 +444,22 @@ |
327 | return EXIT_FAILURE; |
327 | return EXIT_FAILURE; |
328 | } |
328 | } |
329 | 329 | ||
330 | - output = process_private(input, options); |
330 | - output = process_private(input, options); |
331 | - if (!output) |
331 | - if (!output) |
332 | + pub_output = process_public(input, options); |
332 | + pub_output = process_public(input, options); |
333 | + if (!pub_output) |
333 | + if (!pub_output) |
334 | + return EXIT_FAILURE; |
334 | + return EXIT_FAILURE; |
335 | + |
335 | + |
336 | + priv_output = process_private(input, options); |
336 | + priv_output = process_private(input, options); |
337 | + if (!priv_output) |
337 | + if (!priv_output) |
338 | return EXIT_FAILURE; |
338 | return EXIT_FAILURE; |
339 | 339 | ||
340 | + lsh_string_free(input); |
340 | + lsh_string_free(input); |
341 | + |
341 | + |
342 | private_fd = open_file(options->private_file); |
342 | private_fd = open_file(options->private_file); |
343 | if (private_fd < 0) |
343 | if (private_fd < 0) |
344 | return EXIT_FAILURE; |
344 | return EXIT_FAILURE; |
345 | 345 | ||
346 | - e = write_raw(private_fd, STRING_LD(output)); |
346 | - e = write_raw(private_fd, STRING_LD(output)); |
347 | - lsh_string_free(output); |
347 | - lsh_string_free(output); |
348 | + e = write_raw(private_fd, STRING_LD(priv_output)); |
348 | + e = write_raw(private_fd, STRING_LD(priv_output)); |
349 | + lsh_string_free(priv_output); |
349 | + lsh_string_free(priv_output); |
350 | 350 | ||
351 | if (e) |
351 | if (e) |
352 | { |
352 | { |
353 | @@ -457,18 +468,12 @@ |
353 | @@ -457,18 +468,12 @@ |
354 | return EXIT_FAILURE; |
354 | return EXIT_FAILURE; |
355 | } |
355 | } |
356 | 356 | ||
357 | - output = process_public(input, options); |
357 | - output = process_public(input, options); |
358 | - lsh_string_free(input); |
358 | - lsh_string_free(input); |
359 | - |
359 | - |
360 | - if (!output) |
360 | - if (!output) |
361 | - return EXIT_FAILURE; |
361 | - return EXIT_FAILURE; |
362 | - |
362 | - |
363 | public_fd = open_file(options->public_file); |
363 | public_fd = open_file(options->public_file); |
364 | if (public_fd < 0) |
364 | if (public_fd < 0) |
365 | return EXIT_FAILURE; |
365 | return EXIT_FAILURE; |
366 | 366 | ||
367 | - e = write_raw(public_fd, STRING_LD(output)); |
367 | - e = write_raw(public_fd, STRING_LD(output)); |
368 | - lsh_string_free(output); |
368 | - lsh_string_free(output); |
369 | + e = write_raw(public_fd, STRING_LD(pub_output)); |
369 | + e = write_raw(public_fd, STRING_LD(pub_output)); |
370 | + lsh_string_free(pub_output); |
370 | + lsh_string_free(pub_output); |
371 | 371 | ||
372 | if (e) |
372 | if (e) |
373 | { |
373 | { |
374 | diff -urNad trunk~/src/publickey_crypto.h trunk/src/publickey_crypto.h |
374 | diff -urNad trunk~/src/publickey_crypto.h trunk/src/publickey_crypto.h |
375 | --- trunk~/src/publickey_crypto.h 2004-06-15 13:32:51.000000000 +0200 |
375 | --- trunk~/src/publickey_crypto.h 2004-06-15 13:32:51.000000000 +0200 |
376 | +++ trunk/src/publickey_crypto.h 2009-11-07 23:57:07.000000000 +0100 |
376 | +++ trunk/src/publickey_crypto.h 2009-11-07 23:57:07.000000000 +0100 |
377 | @@ -203,5 +203,7 @@ |
377 | @@ -203,5 +203,7 @@ |
378 | struct verifier * |
378 | struct verifier * |
379 | make_ssh_dss_verifier(const struct lsh_string *public); |
379 | make_ssh_dss_verifier(const struct lsh_string *public); |
380 | 380 | ||
381 | +int |
381 | +int |
382 | +blacklisted_key(struct verifier *v, int method); |
382 | +blacklisted_key(struct verifier *v, int method); |
383 | 383 | ||
384 | #endif /* LSH_PUBLICKEY_CRYPTO_H_INCLUDED */ |
384 | #endif /* LSH_PUBLICKEY_CRYPTO_H_INCLUDED */ |
385 | diff -urNad trunk~/src/rsa.c trunk/src/rsa.c |
385 | diff -urNad trunk~/src/rsa.c trunk/src/rsa.c |
386 | --- trunk~/src/rsa.c 2003-11-16 19:49:12.000000000 +0100 |
386 | --- trunk~/src/rsa.c 2003-11-16 19:49:12.000000000 +0100 |
387 | +++ trunk/src/rsa.c 2009-11-07 23:57:07.000000000 +0100 |
387 | +++ trunk/src/rsa.c 2009-11-07 23:57:07.000000000 +0100 |
388 | @@ -167,6 +167,14 @@ |
388 | @@ -167,6 +167,14 @@ |
389 | self->key.n, self->key.e); |
389 | self->key.n, self->key.e); |
390 | } |
390 | } |
391 | 391 | ||
392 | +static uint32_t |
392 | +static uint32_t |
393 | +do_rsa_key_size(struct verifier *v) |
393 | +do_rsa_key_size(struct verifier *v) |
394 | +{ |
394 | +{ |
395 | + CAST(rsa_verifier, self, v); |
395 | + CAST(rsa_verifier, self, v); |
396 | + |
396 | + |
397 | + return mpz_sizeinbase(self->key.n, 2); |
397 | + return mpz_sizeinbase(self->key.n, 2); |
398 | +} |
398 | +} |
399 | + |
399 | + |
400 | 400 | ||
401 | /* NOTE: To initialize an rsa verifier, one must |
401 | /* NOTE: To initialize an rsa verifier, one must |
402 | * |
402 | * |
403 | @@ -184,6 +192,7 @@ |
403 | @@ -184,6 +192,7 @@ |
404 | self->super.verify = do_rsa_verify; |
404 | self->super.verify = do_rsa_verify; |
405 | self->super.public_key = do_rsa_public_key; |
405 | self->super.public_key = do_rsa_public_key; |
406 | self->super.public_spki_key = do_rsa_public_spki_key; |
406 | self->super.public_spki_key = do_rsa_public_spki_key; |
407 | + self->super.key_size = do_rsa_key_size; |
407 | + self->super.key_size = do_rsa_key_size; |
408 | } |
408 | } |
409 | 409 | ||
410 | /* Alternative constructor using a key of type ssh-rsa, when the atom |
410 | /* Alternative constructor using a key of type ssh-rsa, when the atom |
411 | diff -urNad trunk~/src/server_authorization.c trunk/src/server_authorization.c |
411 | diff -urNad trunk~/src/server_authorization.c trunk/src/server_authorization.c |
412 | --- trunk~/src/server_authorization.c 2004-06-08 20:01:15.000000000 +0200 |
412 | --- trunk~/src/server_authorization.c 2004-06-08 20:01:15.000000000 +0200 |
413 | +++ trunk/src/server_authorization.c 2009-11-07 23:57:07.000000000 +0100 |
413 | +++ trunk/src/server_authorization.c 2009-11-07 23:57:07.000000000 +0100 |
414 | @@ -93,7 +93,8 @@ |
414 | @@ -93,7 +93,8 @@ |
415 | PUBLIC_SPKI_KEY(v, 0), |
415 | PUBLIC_SPKI_KEY(v, 0), |
416 | 1)); |
416 | 1)); |
417 | 417 | ||
418 | - if (USER_FILE_EXISTS(keyholder, filename, 1)) |
418 | - if (USER_FILE_EXISTS(keyholder, filename, 1)) |
419 | + if (USER_FILE_EXISTS(keyholder, filename, 1) |
419 | + if (USER_FILE_EXISTS(keyholder, filename, 1) |
420 | + && blacklisted_key(v, method) < 1) |
420 | + && blacklisted_key(v, method) < 1) |
421 | return v; |
421 | return v; |
422 | 422 | ||
423 | return NULL; |
423 | return NULL; |