summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorMarkus Friedl <markus@cvs.openbsd.org>1999-11-15 20:53:26 +0000
committerMarkus Friedl <markus@cvs.openbsd.org>1999-11-15 20:53:26 +0000
commitcdf893c82de47c89e39f0b6f6b5bd22eccfc1664 (patch)
treec40a03851018c4d29f6538fb42d0e1333f2e201a
parenta19cc305d68e393ccdca98f94032cbf60cd8d364 (diff)
the keysize of rsa-parameter 'n' is passed implizit,
a few more checks and warnings about 'pretended' keysizes.
-rw-r--r--usr.bin/ssh/auth-rh-rsa.c12
-rw-r--r--usr.bin/ssh/auth-rsa.c24
-rw-r--r--usr.bin/ssh/authfd.c20
-rw-r--r--usr.bin/ssh/authfd.h8
-rw-r--r--usr.bin/ssh/hostfile.c45
-rw-r--r--usr.bin/ssh/mpaux.c8
-rw-r--r--usr.bin/ssh/mpaux.h4
-rw-r--r--usr.bin/ssh/ssh-add.c37
-rw-r--r--usr.bin/ssh/ssh-agent.c8
-rw-r--r--usr.bin/ssh/ssh.h15
-rw-r--r--usr.bin/ssh/sshconnect.c22
-rw-r--r--usr.bin/ssh/sshd.c15
12 files changed, 112 insertions, 106 deletions
diff --git a/usr.bin/ssh/auth-rh-rsa.c b/usr.bin/ssh/auth-rh-rsa.c
index 2c3757ed312..77d685ebd48 100644
--- a/usr.bin/ssh/auth-rh-rsa.c
+++ b/usr.bin/ssh/auth-rh-rsa.c
@@ -15,7 +15,7 @@ authentication.
*/
#include "includes.h"
-RCSID("$Id: auth-rh-rsa.c,v 1.5 1999/11/11 23:36:52 markus Exp $");
+RCSID("$Id: auth-rh-rsa.c,v 1.6 1999/11/15 20:53:24 markus Exp $");
#include "packet.h"
#include "ssh.h"
@@ -27,7 +27,6 @@ RCSID("$Id: auth-rh-rsa.c,v 1.5 1999/11/11 23:36:52 markus Exp $");
its host key. Returns true if authentication succeeds. */
int auth_rhosts_rsa(struct passwd *pw, const char *client_user,
- unsigned int client_host_key_bits,
BIGNUM *client_host_key_e, BIGNUM *client_host_key_n)
{
extern ServerOptions options;
@@ -51,8 +50,7 @@ int auth_rhosts_rsa(struct passwd *pw, const char *client_user,
ke = BN_new();
kn = BN_new();
host_status = check_host_in_hostfile(SSH_SYSTEM_HOSTFILE, canonical_hostname,
- client_host_key_bits, client_host_key_e,
- client_host_key_n, ke, kn);
+ client_host_key_e, client_host_key_n, ke, kn);
/* Check user host file unless ignored. */
if (host_status != HOST_OK && !options.ignore_user_known_hosts) {
@@ -70,8 +68,7 @@ int auth_rhosts_rsa(struct passwd *pw, const char *client_user,
/* XXX race between stat and the following open() */
temporarily_use_uid(pw->pw_uid);
host_status = check_host_in_hostfile(user_hostfile, canonical_hostname,
- client_host_key_bits, client_host_key_e,
- client_host_key_n, ke, kn);
+ client_host_key_e, client_host_key_n, ke, kn);
restore_uid();
}
xfree(user_hostfile);
@@ -89,8 +86,7 @@ int auth_rhosts_rsa(struct passwd *pw, const char *client_user,
/* A matching host key was found and is known. */
/* Perform the challenge-response dialog with the client for the host key. */
- if (!auth_rsa_challenge_dialog(client_host_key_bits,
- client_host_key_e, client_host_key_n))
+ if (!auth_rsa_challenge_dialog(client_host_key_e, client_host_key_n))
{
log("Client on %.800s failed to respond correctly to host authentication.",
canonical_hostname);
diff --git a/usr.bin/ssh/auth-rsa.c b/usr.bin/ssh/auth-rsa.c
index 10786a8f5fc..a108d6a2a50 100644
--- a/usr.bin/ssh/auth-rsa.c
+++ b/usr.bin/ssh/auth-rsa.c
@@ -16,7 +16,7 @@ validity of the host key.
*/
#include "includes.h"
-RCSID("$Id: auth-rsa.c,v 1.8 1999/11/11 23:36:52 markus Exp $");
+RCSID("$Id: auth-rsa.c,v 1.9 1999/11/15 20:53:24 markus Exp $");
#include "rsa.h"
#include "packet.h"
@@ -55,7 +55,7 @@ extern unsigned char session_id[16];
our challenge; returns zero if the client gives a wrong answer. */
int
-auth_rsa_challenge_dialog(unsigned int bits, BIGNUM *e, BIGNUM *n)
+auth_rsa_challenge_dialog(BIGNUM *e, BIGNUM *n)
{
BIGNUM *challenge, *encrypted_challenge, *aux;
RSA *pk;
@@ -132,7 +132,7 @@ int
auth_rsa(struct passwd *pw, BIGNUM *client_n)
{
extern ServerOptions options;
- char line[8192];
+ char line[8192], file[1024];
int authenticated;
unsigned int bits;
FILE *f;
@@ -144,11 +144,11 @@ auth_rsa(struct passwd *pw, BIGNUM *client_n)
temporarily_use_uid(pw->pw_uid);
/* The authorized keys. */
- snprintf(line, sizeof line, "%.500s/%.100s", pw->pw_dir,
+ snprintf(file, sizeof file, "%.500s/%.100s", pw->pw_dir,
SSH_USER_PERMITTED_KEYS);
/* Fail quietly if file does not exist */
- if (stat(line, &st) < 0)
+ if (stat(file, &st) < 0)
{
/* Restore the privileged uid. */
restore_uid();
@@ -156,12 +156,12 @@ auth_rsa(struct passwd *pw, BIGNUM *client_n)
}
/* Open the file containing the authorized keys. */
- f = fopen(line, "r");
+ f = fopen(file, "r");
if (!f)
{
/* Restore the privileged uid. */
restore_uid();
- packet_send_debug("Could not open %.900s for reading.", line);
+ packet_send_debug("Could not open %.900s for reading.", file);
packet_send_debug("If your home is on an NFS volume, it may need to be world-readable.");
return 0;
}
@@ -174,7 +174,7 @@ auth_rsa(struct passwd *pw, BIGNUM *client_n)
(st.st_uid != 0 && st.st_uid != pw->pw_uid) ||
(st.st_mode & 022) != 0) {
snprintf(buf, sizeof buf, "RSA authentication refused for %.100s: "
- "bad ownership or modes for '%s'.", pw->pw_name, line);
+ "bad ownership or modes for '%s'.", pw->pw_name, file);
fail=1;
}else{
/* Check path to SSH_USER_PERMITTED_KEYS */
@@ -257,6 +257,12 @@ auth_rsa(struct passwd *pw, BIGNUM *client_n)
}
/* cp now points to the comment part. */
+ /* check the real bits */
+ if (bits != BN_num_bits(n))
+ error("Warning: error in %s, line %d: keysize mismatch: "
+ "actual size %d vs. announced %d.",
+ file, linenum, BN_num_bits(n), bits);
+
/* Check if the we have found the desired key (identified by its
modulus). */
if (BN_cmp(n, client_n) != 0)
@@ -265,7 +271,7 @@ auth_rsa(struct passwd *pw, BIGNUM *client_n)
/* We have found the desired key. */
/* Perform the challenge-response dialog for this key. */
- if (!auth_rsa_challenge_dialog(bits, e, n))
+ if (!auth_rsa_challenge_dialog(e, n))
{
/* Wrong response. */
log("Wrong response to RSA authentication challenge.");
diff --git a/usr.bin/ssh/authfd.c b/usr.bin/ssh/authfd.c
index b70a824a2c1..99478e7a054 100644
--- a/usr.bin/ssh/authfd.c
+++ b/usr.bin/ssh/authfd.c
@@ -14,7 +14,7 @@ Functions for connecting the local authentication agent.
*/
#include "includes.h"
-RCSID("$Id: authfd.c,v 1.8 1999/10/14 18:17:41 markus Exp $");
+RCSID("$Id: authfd.c,v 1.9 1999/11/15 20:53:24 markus Exp $");
#include "ssh.h"
#include "rsa.h"
@@ -112,7 +112,7 @@ void ssh_close_authentication_connection(AuthenticationConnection *ac)
int
ssh_get_first_identity(AuthenticationConnection *auth,
- int *bitsp, BIGNUM *e, BIGNUM *n, char **comment)
+ BIGNUM *e, BIGNUM *n, char **comment)
{
unsigned char msg[8192];
int len, l;
@@ -174,7 +174,7 @@ ssh_get_first_identity(AuthenticationConnection *auth,
fatal("Too many identities in authentication reply: %d\n", auth->howmany);
/* Return the first entry (if any). */
- return ssh_get_next_identity(auth, bitsp, e, n, comment);
+ return ssh_get_next_identity(auth, e, n, comment);
}
/* Returns the next authentication identity for the agent. Other functions
@@ -184,19 +184,25 @@ ssh_get_first_identity(AuthenticationConnection *auth,
int
ssh_get_next_identity(AuthenticationConnection *auth,
- int *bitsp, BIGNUM *e, BIGNUM *n, char **comment)
+ BIGNUM *e, BIGNUM *n, char **comment)
{
+ unsigned int bits;
+
/* Return failure if no more entries. */
if (auth->howmany <= 0)
return 0;
/* Get the next entry from the packet. These will abort with a fatal
error if the packet is too short or contains corrupt data. */
- *bitsp = buffer_get_int(&auth->identities);
+ bits = buffer_get_int(&auth->identities);
buffer_get_bignum(&auth->identities, e);
buffer_get_bignum(&auth->identities, n);
*comment = buffer_get_string(&auth->identities, NULL);
+ if (bits != BN_num_bits(n))
+ error("Warning: keysize mismatch: actual %d, announced %s",
+ BN_num_bits(n), bits);
+
/* Decrement the number of remaining entries. */
auth->howmany--;
@@ -211,7 +217,7 @@ ssh_get_next_identity(AuthenticationConnection *auth,
int
ssh_decrypt_challenge(AuthenticationConnection *auth,
- int bits, BIGNUM *e, BIGNUM *n, BIGNUM *challenge,
+ BIGNUM *e, BIGNUM *n, BIGNUM *challenge,
unsigned char session_id[16],
unsigned int response_type,
unsigned char response[16])
@@ -228,7 +234,7 @@ ssh_decrypt_challenge(AuthenticationConnection *auth,
buf[0] = SSH_AGENTC_RSA_CHALLENGE;
buffer_init(&buffer);
buffer_append(&buffer, (char *)buf, 1);
- buffer_put_int(&buffer, bits);
+ buffer_put_int(&buffer, BN_num_bits(n));
buffer_put_bignum(&buffer, e);
buffer_put_bignum(&buffer, n);
buffer_put_bignum(&buffer, challenge);
diff --git a/usr.bin/ssh/authfd.h b/usr.bin/ssh/authfd.h
index 5f362e02a74..61fc21bc4a4 100644
--- a/usr.bin/ssh/authfd.h
+++ b/usr.bin/ssh/authfd.h
@@ -13,7 +13,7 @@ Functions to interface with the SSH_AUTHENTICATION_FD socket.
*/
-/* RCSID("$Id: authfd.h,v 1.3 1999/10/14 18:17:42 markus Exp $"); */
+/* RCSID("$Id: authfd.h,v 1.4 1999/11/15 20:53:24 markus Exp $"); */
#ifndef AUTHFD_H
#define AUTHFD_H
@@ -62,19 +62,19 @@ void ssh_close_authentication_connection(AuthenticationConnection *ac);
The caller must initialize the integers before the call, and free the
comment after a successful call (before calling ssh_get_next_identity). */
int ssh_get_first_identity(AuthenticationConnection *connection,
- int *bitsp, BIGNUM *e, BIGNUM *n, char **comment);
+ BIGNUM *e, BIGNUM *n, char **comment);
/* Returns the next authentication identity for the agent. Other functions
can be called between this and ssh_get_first_identity or two calls of this
function. This returns 0 if there are no more identities. The caller
must free comment after a successful return. */
int ssh_get_next_identity(AuthenticationConnection *connection,
- int *bitsp, BIGNUM *e, BIGNUM *n, char **comment);
+ BIGNUM *e, BIGNUM *n, char **comment);
/* Requests the agent to decrypt the given challenge. Returns true if
the agent claims it was able to decrypt it. */
int ssh_decrypt_challenge(AuthenticationConnection *auth,
- int bits, BIGNUM *e, BIGNUM *n, BIGNUM *challenge,
+ BIGNUM *e, BIGNUM *n, BIGNUM *challenge,
unsigned char session_id[16],
unsigned int response_type,
unsigned char response[16]);
diff --git a/usr.bin/ssh/hostfile.c b/usr.bin/ssh/hostfile.c
index 5e1dbbe1d57..779f6e77348 100644
--- a/usr.bin/ssh/hostfile.c
+++ b/usr.bin/ssh/hostfile.c
@@ -14,7 +14,7 @@ Functions for manipulating the known hosts files.
*/
#include "includes.h"
-RCSID("$Id: hostfile.c,v 1.4 1999/11/02 19:42:36 markus Exp $");
+RCSID("$Id: hostfile.c,v 1.5 1999/11/15 20:53:24 markus Exp $");
#include "packet.h"
#include "ssh.h"
@@ -166,29 +166,20 @@ match_hostname(const char *host, const char *pattern, unsigned int len)
but used to have a different host key. */
HostStatus
-check_host_in_hostfile(const char *filename,
- const char *host, unsigned int bits,
- BIGNUM *e, BIGNUM *n,
- BIGNUM *ke, BIGNUM *kn)
+check_host_in_hostfile(const char *filename, const char *host,
+ BIGNUM *e, BIGNUM *n, BIGNUM *ke, BIGNUM *kn)
{
FILE *f;
char line[8192];
- unsigned int kbits, hostlen;
+ int linenum = 0;
+ unsigned int bits, kbits, hostlen;
char *cp, *cp2;
HostStatus end_return;
- struct stat st;
/* Open the file containing the list of known hosts. */
f = fopen(filename, "r");
if (!f)
- {
- if (stat(filename, &st) >= 0)
- {
- packet_send_debug("Could not open %.900s for reading.", filename);
- packet_send_debug("If your home directory is on an NFS volume, it may need to be world-readable.");
- }
- return HOST_NEW;
- }
+ return HOST_NEW;
/* Cache the length of the host name. */
hostlen = strlen(host);
@@ -198,10 +189,14 @@ check_host_in_hostfile(const char *filename,
one. */
end_return = HOST_NEW;
+ /* size of modulus 'n' */
+ bits = BN_num_bits(n);
+
/* Go trough the file. */
while (fgets(line, sizeof(line), f))
{
cp = line;
+ linenum++;
/* Skip any leading whitespace. */
for (; *cp == ' ' || *cp == '\t'; cp++)
@@ -227,7 +222,15 @@ check_host_in_hostfile(const char *filename,
if (!auth_rsa_read_key(&cp, &kbits, ke, kn))
continue;
- /* Check if the current key is the same as the previous one. */
+ if (kbits != BN_num_bits(kn)) {
+ error("Warning: error in %s, line %d: keysize mismatch for host %s: "
+ "actual size %d vs. announced %d.",
+ filename, linenum, host, BN_num_bits(kn), kbits);
+ error("Warning: replace %d with %d in %s, line %d.",
+ kbits, BN_num_bits(kn), filename, linenum);
+ }
+
+ /* Check if the current key is the same as the given key. */
if (kbits == bits && BN_cmp(ke, e) == 0 && BN_cmp(kn, n) == 0)
{
/* Ok, they match. */
@@ -252,21 +255,25 @@ check_host_in_hostfile(const char *filename,
int
add_host_to_hostfile(const char *filename, const char *host,
- unsigned int bits, BIGNUM *e, BIGNUM *n)
+ BIGNUM *e, BIGNUM *n)
{
FILE *f;
char *buf;
+ unsigned int bits;
/* Open the file for appending. */
f = fopen(filename, "a");
if (!f)
return 0;
+ /* size of modulus 'n' */
+ bits = BN_num_bits(n);
+
/* Print the host name and key to the file. */
fprintf(f, "%s %u ", host, bits);
buf = BN_bn2dec(e);
if (buf == NULL) {
- error("add_host_to_hostfile: BN_bn2dec #1 failed");
+ error("add_host_to_hostfile: BN_bn2dec(e) failed");
fclose(f);
return 0;
}
@@ -274,7 +281,7 @@ add_host_to_hostfile(const char *filename, const char *host,
free (buf);
buf = BN_bn2dec(n);
if (buf == NULL) {
- error("add_host_to_hostfile: BN_bn2dec #2 failed");
+ error("add_host_to_hostfile: BN_bn2dec(n) failed");
fclose(f);
return 0;
}
diff --git a/usr.bin/ssh/mpaux.c b/usr.bin/ssh/mpaux.c
index c1ed36ca2ad..75a6cf30fb7 100644
--- a/usr.bin/ssh/mpaux.c
+++ b/usr.bin/ssh/mpaux.c
@@ -15,7 +15,7 @@ precision integers.
*/
#include "includes.h"
-RCSID("$Id: mpaux.c,v 1.5 1999/11/11 23:46:09 markus Exp $");
+RCSID("$Id: mpaux.c,v 1.6 1999/11/15 20:53:24 markus Exp $");
#include <ssl/bn.h>
#include "getput.h"
@@ -26,15 +26,15 @@ RCSID("$Id: mpaux.c,v 1.5 1999/11/11 23:46:09 markus Exp $");
void
compute_session_id(unsigned char session_id[16],
unsigned char cookie[8],
- unsigned int host_key_bits,
BIGNUM *host_key_n,
- unsigned int session_key_bits,
BIGNUM *session_key_n)
{
+ unsigned int host_key_bits = BN_num_bits(host_key_n);
+ unsigned int session_key_bits = BN_num_bits(session_key_n);
unsigned int bytes = (host_key_bits + 7) / 8 + (session_key_bits + 7) / 8 + 8;
unsigned char *buf = xmalloc(bytes);
MD5_CTX md;
-
+
BN_bn2bin(host_key_n, buf);
BN_bn2bin(session_key_n, buf + (host_key_bits + 7 ) / 8);
memcpy(buf + (host_key_bits + 7) / 8 + (session_key_bits + 7) / 8,
diff --git a/usr.bin/ssh/mpaux.h b/usr.bin/ssh/mpaux.h
index 96bb68d3030..b8f6522d46e 100644
--- a/usr.bin/ssh/mpaux.h
+++ b/usr.bin/ssh/mpaux.h
@@ -14,7 +14,7 @@ precision integers.
*/
-/* RCSID("$Id: mpaux.h,v 1.2 1999/09/28 04:45:36 provos Exp $"); */
+/* RCSID("$Id: mpaux.h,v 1.3 1999/11/15 20:53:24 markus Exp $"); */
#ifndef MPAUX_H
#define MPAUX_H
@@ -24,9 +24,7 @@ precision integers.
first representations of host_key_n, session_key_n, and the cookie. */
void compute_session_id(unsigned char session_id[16],
unsigned char cookie[8],
- unsigned int host_key_bits,
BIGNUM *host_key_n,
- unsigned int session_key_bits,
BIGNUM *session_key_n);
#endif /* MPAUX_H */
diff --git a/usr.bin/ssh/ssh-add.c b/usr.bin/ssh/ssh-add.c
index ca3afa5d4a3..75e584b2cdd 100644
--- a/usr.bin/ssh/ssh-add.c
+++ b/usr.bin/ssh/ssh-add.c
@@ -14,7 +14,7 @@ Adds an identity to the authentication server, or removes an identity.
*/
#include "includes.h"
-RCSID("$Id: ssh-add.c,v 1.9 1999/11/14 17:53:48 markus Exp $");
+RCSID("$Id: ssh-add.c,v 1.10 1999/11/15 20:53:24 markus Exp $");
#include "rsa.h"
#include "ssh.h"
@@ -106,33 +106,32 @@ void
list_identities(AuthenticationConnection *ac)
{
BIGNUM *e, *n;
- int bits, status;
+ int status;
char *comment;
int had_identities;
e = BN_new();
n = BN_new();
had_identities = 0;
- for (status = ssh_get_first_identity(ac, &bits, e, n, &comment);
+ for (status = ssh_get_first_identity(ac, e, n, &comment);
status;
- status = ssh_get_next_identity(ac, &bits, e, n, &comment))
+ status = ssh_get_next_identity(ac, e, n, &comment))
{
- char *buf;
+ char *ebuf, *nbuf;
had_identities = 1;
- printf("%d ", bits);
- buf = BN_bn2dec(e);
- if (buf != NULL) {
- printf("%s ", buf);
- free (buf);
- } else {
- error("list_identities: BN_bn2dec #1 failed.");
- }
- buf = BN_bn2dec(n);
- if (buf != NULL) {
- printf("%s %s\n", buf, comment);
- free (buf);
- } else {
- error("list_identities: BN_bn2dec #2 failed.");
+ ebuf = BN_bn2dec(e);
+ if (ebuf == NULL) {
+ error("list_identities: BN_bn2dec(e) failed.");
+ }else{
+ nbuf = BN_bn2dec(n);
+ if (nbuf == NULL) {
+ error("list_identities: BN_bn2dec(n) failed.");
+ }else{
+ unsigned int bits = BN_num_bits(n);
+ printf("%d %s %s %s\n", bits, ebuf, nbuf, comment);
+ free(nbuf);
+ }
+ free(ebuf);
}
xfree(comment);
}
diff --git a/usr.bin/ssh/ssh-agent.c b/usr.bin/ssh/ssh-agent.c
index 87d787dbd08..e105fb1acbd 100644
--- a/usr.bin/ssh/ssh-agent.c
+++ b/usr.bin/ssh/ssh-agent.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssh-agent.c,v 1.17 1999/11/02 19:42:36 markus Exp $ */
+/* $OpenBSD: ssh-agent.c,v 1.18 1999/11/15 20:53:24 markus Exp $ */
/*
@@ -16,7 +16,7 @@ The authentication agent program.
*/
#include "includes.h"
-RCSID("$OpenBSD: ssh-agent.c,v 1.17 1999/11/02 19:42:36 markus Exp $");
+RCSID("$OpenBSD: ssh-agent.c,v 1.18 1999/11/15 20:53:24 markus Exp $");
#include "ssh.h"
#include "rsa.h"
@@ -184,6 +184,10 @@ process_remove_identity(SocketEntry *e)
bits = buffer_get_int(&e->input);
buffer_get_bignum(&e->input, dummy);
buffer_get_bignum(&e->input, n);
+
+ if (bits != BN_num_bits(n))
+ error("Warning: keysize mismatch: actual %d, announced %s",
+ BN_num_bits(n), bits);
/* Check if we have the key. */
for (i = 0; i < num_identities; i++)
diff --git a/usr.bin/ssh/ssh.h b/usr.bin/ssh/ssh.h
index 3c9be45e506..b8d103de333 100644
--- a/usr.bin/ssh/ssh.h
+++ b/usr.bin/ssh/ssh.h
@@ -13,7 +13,7 @@ Generic header file for ssh.
*/
-/* RCSID("$Id: ssh.h,v 1.20 1999/11/11 23:36:53 markus Exp $"); */
+/* RCSID("$Id: ssh.h,v 1.21 1999/11/15 20:53:25 markus Exp $"); */
#ifndef SSH_H
#define SSH_H
@@ -256,8 +256,7 @@ int auth_rhosts(struct passwd *pw, const char *client_user);
/* Tries to authenticate the user using the .rhosts file and the host using
its host key. Returns true if authentication succeeds. */
int auth_rhosts_rsa(struct passwd *pw, const char *client_user,
- unsigned int bits, BIGNUM *client_host_key_e,
- BIGNUM *client_host_key_n);
+ BIGNUM *client_host_key_e, BIGNUM *client_host_key_n);
/* Tries to authenticate the user using password. Returns true if
authentication succeeds. */
@@ -302,20 +301,18 @@ int match_hostname(const char *host, const char *pattern, unsigned int len);
HOST_NEW if the host is not known, and HOST_CHANGED if the host is known
but used to have a different host key. The host must be in all lowercase. */
typedef enum { HOST_OK, HOST_NEW, HOST_CHANGED } HostStatus;
-HostStatus check_host_in_hostfile(const char *filename,
- const char *host, unsigned int bits,
- BIGNUM *e, BIGNUM *n,
- BIGNUM *ke, BIGNUM *kn);
+HostStatus check_host_in_hostfile(const char *filename, const char *host,
+ BIGNUM *e, BIGNUM *n, BIGNUM *ke, BIGNUM *kn);
/* Appends an entry to the host file. Returns false if the entry
could not be appended. */
int add_host_to_hostfile(const char *filename, const char *host,
- unsigned int bits, BIGNUM *e, BIGNUM *n);
+ BIGNUM *e, BIGNUM *n);
/* Performs the RSA authentication challenge-response dialog with the client,
and returns true (non-zero) if the client gave the correct answer to
our challenge; returns zero if the client gives a wrong answer. */
-int auth_rsa_challenge_dialog(unsigned int bits, BIGNUM *e, BIGNUM *n);
+int auth_rsa_challenge_dialog(BIGNUM *e, BIGNUM *n);
/* Reads a passphrase from /dev/tty with echo turned off. Returns the
passphrase (allocated with xmalloc). Exits if EOF is encountered.
diff --git a/usr.bin/ssh/sshconnect.c b/usr.bin/ssh/sshconnect.c
index 83e8f4b899e..ee15bbfa6a3 100644
--- a/usr.bin/ssh/sshconnect.c
+++ b/usr.bin/ssh/sshconnect.c
@@ -15,7 +15,7 @@ login (authentication) dialog.
*/
#include "includes.h"
-RCSID("$Id: sshconnect.c,v 1.28 1999/11/15 00:42:01 markus Exp $");
+RCSID("$Id: sshconnect.c,v 1.29 1999/11/15 20:53:25 markus Exp $");
#include <ssl/bn.h>
#include "xmalloc.h"
@@ -333,7 +333,7 @@ int ssh_connect(const char *host, struct sockaddr_in *hostaddr,
int
try_agent_authentication()
{
- int status, type, bits;
+ int status, type;
char *comment;
AuthenticationConnection *auth;
unsigned char response[16];
@@ -350,9 +350,9 @@ try_agent_authentication()
challenge = BN_new();
/* Loop through identities served by the agent. */
- for (status = ssh_get_first_identity(auth, &bits, e, n, &comment);
+ for (status = ssh_get_first_identity(auth, e, n, &comment);
status;
- status = ssh_get_next_identity(auth, &bits, e, n, &comment))
+ status = ssh_get_next_identity(auth, e, n, &comment))
{
int plen, clen;
@@ -389,7 +389,7 @@ try_agent_authentication()
debug("Received RSA challenge from server.");
/* Ask the agent to decrypt the challenge. */
- if (!ssh_decrypt_challenge(auth, bits, e, n, challenge,
+ if (!ssh_decrypt_challenge(auth, e, n, challenge,
session_id, 1, response))
{
/* The agent failed to authenticate this identifier although it
@@ -1122,19 +1122,15 @@ void ssh_login(int host_key_valid,
SSH_SMSG_PUBLIC_KEY);
/* Compute the session id. */
- compute_session_id(session_id, check_bytes,
- BN_num_bits(host_key->n), host_key->n,
- BN_num_bits(public_key->n), public_key->n);
+ compute_session_id(session_id, check_bytes, host_key->n, public_key->n);
/* Check if the host key is present in the user\'s list of known hosts
or in the systemwide list. */
- host_status = check_host_in_hostfile(options.user_hostfile,
- host, BN_num_bits(host_key->n),
+ host_status = check_host_in_hostfile(options.user_hostfile, host,
host_key->e, host_key->n,
file_key->e, file_key->n);
if (host_status == HOST_NEW)
host_status = check_host_in_hostfile(options.system_hostfile, host,
- BN_num_bits(host_key->n),
host_key->e, host_key->n,
file_key->e, file_key->n);
/* Force accepting of the host key for localhost and 127.0.0.1.
@@ -1155,13 +1151,11 @@ void ssh_login(int host_key_valid,
ip_key->n = BN_new();
ip_key->e = BN_new();
ip_status = check_host_in_hostfile(options.user_hostfile, ip,
- BN_num_bits(host_key->n),
host_key->e, host_key->n,
ip_key->e, ip_key->n);
if (ip_status == HOST_NEW)
ip_status = check_host_in_hostfile(options.system_hostfile, ip,
- BN_num_bits(host_key->n),
host_key->e, host_key->n,
ip_key->e, ip_key->n);
if (host_status == HOST_CHANGED &&
@@ -1182,7 +1176,6 @@ void ssh_login(int host_key_valid,
if (options.check_host_ip) {
if (ip_status == HOST_NEW) {
if (!add_host_to_hostfile(options.user_hostfile, ip,
- BN_num_bits(host_key->n),
host_key->e, host_key->n))
log("Failed to add the host ip to the list of known hosts (%.30s).",
options.user_hostfile);
@@ -1220,7 +1213,6 @@ void ssh_login(int host_key_valid,
/* If not in strict mode, add the key automatically to the local
known_hosts file. */
if (!add_host_to_hostfile(options.user_hostfile, hostp,
- BN_num_bits(host_key->n),
host_key->e, host_key->n))
log("Failed to add the host to the list of known hosts (%.500s).",
options.user_hostfile);
diff --git a/usr.bin/ssh/sshd.c b/usr.bin/ssh/sshd.c
index 3f418e6b236..ce1e1d4f7d9 100644
--- a/usr.bin/ssh/sshd.c
+++ b/usr.bin/ssh/sshd.c
@@ -18,7 +18,7 @@ agent connections.
*/
#include "includes.h"
-RCSID("$Id: sshd.c,v 1.53 1999/11/15 00:42:01 markus Exp $");
+RCSID("$Id: sshd.c,v 1.54 1999/11/15 20:53:25 markus Exp $");
#include "xmalloc.h"
#include "rsa.h"
@@ -869,9 +869,7 @@ do_connection()
/* Compute session id for this session. */
compute_session_id(session_id, check_bytes,
- BN_num_bits(sensitive_data.host_key->n),
sensitive_data.host_key->n,
- BN_num_bits(sensitive_data.private_key->n),
sensitive_data.private_key->n);
/* Extract session key from the decrypted integer. The key is in the
@@ -1089,7 +1087,7 @@ void
do_authloop(struct passwd *pw)
{
int authentication_failures = 0;
- unsigned int client_host_key_bits;
+ unsigned int bits;
BIGNUM *client_host_key_e, *client_host_key_n;
BIGNUM *n;
char *client_user, *password;
@@ -1212,13 +1210,16 @@ do_authloop(struct passwd *pw)
/* Get the client host key. */
client_host_key_e = BN_new();
client_host_key_n = BN_new();
- client_host_key_bits = packet_get_int();
+ bits = packet_get_int();
packet_get_bignum(client_host_key_e, &elen);
packet_get_bignum(client_host_key_n, &nlen);
-
+
+ if (bits != BN_num_bits(client_host_key_n))
+ error("Warning: keysize mismatch for client_host_key: "
+ "actual %d, announced %s", BN_num_bits(client_host_key_n), bits);
packet_integrity_check(plen, (4 + ulen) + 4 + elen + nlen, type);
- authenticated = auth_rhosts_rsa(pw, client_user, client_host_key_bits,
+ authenticated = auth_rhosts_rsa(pw, client_user,
client_host_key_e, client_host_key_n);
log("Rhosts authentication %s for %.100s, remote %.100s.",
authenticated ? "accepted" : "failed",