summaryrefslogtreecommitdiff
path: root/usr.bin
diff options
context:
space:
mode:
authorDamien Miller <djm@cvs.openbsd.org>2019-07-16 13:18:40 +0000
committerDamien Miller <djm@cvs.openbsd.org>2019-07-16 13:18:40 +0000
commitb801b220eae1fdb5542417b3ba39a4447af250de (patch)
treeb3a2f496f715a2a32ad052d491c791a30b79e02c /usr.bin
parentd119129fe146c50e0eece307851cdc2314e66472 (diff)
remove mostly vestigal uuencode.[ch]; moving the only unique
functionality there (wrapping of base64-encoded data) to sshbuf functions; feedback and ok markus@
Diffstat (limited to 'usr.bin')
-rw-r--r--usr.bin/ssh/auth2-pubkey.c4
-rw-r--r--usr.bin/ssh/ssh-keygen.c53
-rw-r--r--usr.bin/ssh/ssh-keygen/Makefile4
-rw-r--r--usr.bin/ssh/sshbuf-misc.c57
-rw-r--r--usr.bin/ssh/sshbuf.h5
-rw-r--r--usr.bin/ssh/sshkey.c27
-rw-r--r--usr.bin/ssh/uuencode.c93
-rw-r--r--usr.bin/ssh/uuencode.h29
8 files changed, 85 insertions, 187 deletions
diff --git a/usr.bin/ssh/auth2-pubkey.c b/usr.bin/ssh/auth2-pubkey.c
index 94d283cc4dc..daf4600e57b 100644
--- a/usr.bin/ssh/auth2-pubkey.c
+++ b/usr.bin/ssh/auth2-pubkey.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: auth2-pubkey.c,v 1.90 2019/06/21 03:19:59 djm Exp $ */
+/* $OpenBSD: auth2-pubkey.c,v 1.91 2019/07/16 13:18:39 djm Exp $ */
/*
* Copyright (c) 2000 Markus Friedl. All rights reserved.
*
@@ -106,7 +106,7 @@ userauth_pubkey(struct ssh *ssh)
if ((pkbuf = sshbuf_from(pkblob, blen)) == NULL)
fatal("%s: sshbuf_from failed", __func__);
- if ((keystring = sshbuf_dtob64(pkbuf)) == NULL)
+ if ((keystring = sshbuf_dtob64_string(pkbuf, 0)) == NULL)
fatal("%s: sshbuf_dtob64 failed", __func__);
debug2("%s: %s user %s %s public key %s %s", __func__,
authctxt->valid ? "valid" : "invalid", authctxt->user,
diff --git a/usr.bin/ssh/ssh-keygen.c b/usr.bin/ssh/ssh-keygen.c
index bc999415079..96b0bc6dadc 100644
--- a/usr.bin/ssh/ssh-keygen.c
+++ b/usr.bin/ssh/ssh-keygen.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssh-keygen.c,v 1.336 2019/07/15 13:16:29 djm Exp $ */
+/* $OpenBSD: ssh-keygen.c,v 1.337 2019/07/16 13:18:39 djm Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
* Copyright (c) 1994 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -33,7 +33,6 @@
#include "xmalloc.h"
#include "sshkey.h"
#include "authfile.h"
-#include "uuencode.h"
#include "sshbuf.h"
#include "pathnames.h"
#include "log.h"
@@ -288,25 +287,30 @@ load_identity(char *filename)
static void
do_convert_to_ssh2(struct passwd *pw, struct sshkey *k)
{
- size_t len;
- u_char *blob;
- char comment[61];
+ struct sshbuf *b;
+ char comment[61], *b64;
int r;
- if ((r = sshkey_to_blob(k, &blob, &len)) != 0)
+ if ((b = sshbuf_new()) == NULL)
+ fatal("%s: sshbuf_new failed", __func__);
+ if ((r = sshkey_putb(k, b)) != 0)
fatal("key_to_blob failed: %s", ssh_err(r));
+ if ((b64 = sshbuf_dtob64_string(b, 1)) == NULL)
+ fatal("%s: sshbuf_dtob64_string failed", __func__);
+
/* Comment + surrounds must fit into 72 chars (RFC 4716 sec 3.3) */
snprintf(comment, sizeof(comment),
"%u-bit %s, converted by %s@%s from OpenSSH",
sshkey_size(k), sshkey_type(k),
pw->pw_name, hostname);
+ sshkey_free(k);
+ sshbuf_free(b);
+
fprintf(stdout, "%s\n", SSH_COM_PUBLIC_BEGIN);
- fprintf(stdout, "Comment: \"%s\"\n", comment);
- dump_base64(stdout, blob, len);
+ fprintf(stdout, "Comment: \"%s\"\n%s", comment, b64);
fprintf(stdout, "%s\n", SSH_COM_PUBLIC_END);
- sshkey_free(k);
- free(blob);
+ free(b64);
exit(0);
}
@@ -398,9 +402,8 @@ buffer_get_bignum_bits(struct sshbuf *b, BIGNUM *value)
}
static struct sshkey *
-do_convert_private_ssh2_from_blob(u_char *blob, u_int blen)
+do_convert_private_ssh2(struct sshbuf *b)
{
- struct sshbuf *b;
struct sshkey *key = NULL;
char *type, *cipher;
u_char e1, e2, e3, *sig = NULL, data[] = "abcde12345";
@@ -412,15 +415,13 @@ do_convert_private_ssh2_from_blob(u_char *blob, u_int blen)
BIGNUM *dsa_pub_key = NULL, *dsa_priv_key = NULL;
BIGNUM *rsa_n = NULL, *rsa_e = NULL, *rsa_d = NULL;
BIGNUM *rsa_p = NULL, *rsa_q = NULL, *rsa_iqmp = NULL;
- if ((b = sshbuf_from(blob, blen)) == NULL)
- fatal("%s: sshbuf_from failed", __func__);
+
if ((r = sshbuf_get_u32(b, &magic)) != 0)
fatal("%s: buffer error: %s", __func__, ssh_err(r));
if (magic != SSH_COM_PRIVATE_KEY_MAGIC) {
error("bad magic 0x%x != 0x%x", magic,
SSH_COM_PRIVATE_KEY_MAGIC);
- sshbuf_free(b);
return NULL;
}
if ((r = sshbuf_get_u32(b, &i1)) != 0 ||
@@ -434,7 +435,6 @@ do_convert_private_ssh2_from_blob(u_char *blob, u_int blen)
if (strcmp(cipher, "none") != 0) {
error("unsupported cipher %s", cipher);
free(cipher);
- sshbuf_free(b);
free(type);
return NULL;
}
@@ -445,7 +445,6 @@ do_convert_private_ssh2_from_blob(u_char *blob, u_int blen)
} else if (strstr(type, "rsa")) {
ktype = KEY_RSA;
} else {
- sshbuf_free(b);
free(type);
return NULL;
}
@@ -492,7 +491,6 @@ do_convert_private_ssh2_from_blob(u_char *blob, u_int blen)
fatal("%s: BN_new", __func__);
if (!BN_set_word(rsa_e, e)) {
BN_clear_free(rsa_e);
- sshbuf_free(b);
sshkey_free(key);
return NULL;
}
@@ -520,9 +518,7 @@ do_convert_private_ssh2_from_blob(u_char *blob, u_int blen)
}
rlen = sshbuf_len(b);
if (rlen != 0)
- error("do_convert_private_ssh2_from_blob: "
- "remaining bytes in key blob %d", rlen);
- sshbuf_free(b);
+ error("%s: remaining bytes in key blob %d", __func__, rlen);
/* try the key */
if (sshkey_sign(key, &sig, &slen, data, sizeof(data), NULL, 0) != 0 ||
@@ -567,10 +563,12 @@ do_convert_from_ssh2(struct passwd *pw, struct sshkey **k, int *private)
int r, blen, escaped = 0;
u_int len;
char line[1024];
- u_char blob[8096];
+ struct sshbuf *buf;
char encoded[8096];
FILE *fp;
+ if ((buf = sshbuf_new()) == NULL)
+ fatal("sshbuf_new failed");
if ((fp = fopen(identity_file, "r")) == NULL)
fatal("%s: %s: %s", __progname, identity_file, strerror(errno));
encoded[0] = '\0';
@@ -600,12 +598,11 @@ do_convert_from_ssh2(struct passwd *pw, struct sshkey **k, int *private)
(encoded[len-2] == '=') &&
(encoded[len-3] == '='))
encoded[len-3] = '\0';
- blen = uudecode(encoded, blob, sizeof(blob));
- if (blen < 0)
- fatal("uudecode failed.");
+ if ((r = sshbuf_b64tod(buf, encoded)) != 0)
+ fatal("%s: base64 decoding failed: %s", __func__, ssh_err(r));
if (*private)
- *k = do_convert_private_ssh2_from_blob(blob, blen);
- else if ((r = sshkey_from_blob(blob, blen, k)) != 0)
+ *k = do_convert_private_ssh2(buf);
+ else if ((r = sshkey_fromb(buf, k)) != 0)
fatal("decode blob failed: %s", ssh_err(r));
fclose(fp);
}
@@ -1718,7 +1715,7 @@ do_ca_sign(struct passwd *pw, const char *ca_key_path, int prefer_agent,
}
if (n > SSHKEY_CERT_MAX_PRINCIPALS)
fatal("Too many certificate principals specified");
-
+
tmp = tilde_expand_filename(argv[i], pw->pw_uid);
if ((r = sshkey_load_public(tmp, &public, &comment)) != 0)
fatal("%s: unable to open \"%s\": %s",
diff --git a/usr.bin/ssh/ssh-keygen/Makefile b/usr.bin/ssh/ssh-keygen/Makefile
index d6d69b2dcd6..4902803770c 100644
--- a/usr.bin/ssh/ssh-keygen/Makefile
+++ b/usr.bin/ssh/ssh-keygen/Makefile
@@ -1,8 +1,8 @@
-# $OpenBSD: Makefile,v 1.29 2019/07/05 12:35:40 deraadt Exp $
+# $OpenBSD: Makefile,v 1.30 2019/07/16 13:18:39 djm Exp $
.PATH: ${.CURDIR}/..
-SRCS= ssh-keygen.c moduli.c uuencode.c
+SRCS= ssh-keygen.c moduli.c
SRCS+= atomicio.c authfd.c cleanup.c dns.c fatal.c hmac.c hostfile.c \
readpass.c utf8.c
SRCS+= ${SRCS_BASE} ${SRCS_KEY} ${SRCS_KEYP} ${SRCS_KRL} ${SRCS_UTL} \
diff --git a/usr.bin/ssh/sshbuf-misc.c b/usr.bin/ssh/sshbuf-misc.c
index 7f018c86adc..b36c75d9d36 100644
--- a/usr.bin/ssh/sshbuf-misc.c
+++ b/usr.bin/ssh/sshbuf-misc.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: sshbuf-misc.c,v 1.8 2019/07/15 13:11:38 djm Exp $ */
+/* $OpenBSD: sshbuf-misc.c,v 1.9 2019/07/16 13:18:39 djm Exp $ */
/*
* Copyright (c) 2011 Damien Miller
*
@@ -85,23 +85,58 @@ sshbuf_dtob16(struct sshbuf *buf)
return ret;
}
+int
+sshbuf_dtob64(const struct sshbuf *d, struct sshbuf *b64, int wrap)
+{
+ size_t i, slen = 0;
+ char *s = NULL;
+ int r;
+
+ if (d == NULL || b64 == NULL || sshbuf_len(d) >= SIZE_MAX / 2)
+ return SSH_ERR_INVALID_ARGUMENT;
+ if (sshbuf_len(d) == 0)
+ return 0;
+ slen = ((sshbuf_len(d) + 2) / 3) * 4 + 1;
+ if ((s = malloc(slen)) == NULL)
+ return SSH_ERR_ALLOC_FAIL;
+ if (b64_ntop(sshbuf_ptr(d), sshbuf_len(d), s, slen) == -1) {
+ r = SSH_ERR_INTERNAL_ERROR;
+ goto fail;
+ }
+ if (wrap) {
+ for (i = 0; s[i] != '\0'; i++) {
+ if ((r = sshbuf_put_u8(b64, s[i])) != 0)
+ goto fail;
+ if (i % 70 == 69 && (r = sshbuf_put_u8(b64, '\n')) != 0)
+ goto fail;
+ }
+ if (i % 70 != 69 && (r = sshbuf_put_u8(b64, '\n')) != 0)
+ goto fail;
+ } else {
+ if ((r = sshbuf_put(b64, s, strlen(s))) != 0)
+ goto fail;
+ }
+ /* Success */
+ r = 0;
+ fail:
+ freezero(s, slen);
+ return r;
+}
+
char *
-sshbuf_dtob64(struct sshbuf *buf)
+sshbuf_dtob64_string(const struct sshbuf *buf, int wrap)
{
- size_t len = sshbuf_len(buf), plen;
- const u_char *p = sshbuf_ptr(buf);
+ struct sshbuf *tmp;
char *ret;
- if (len == 0)
- return strdup("");
- plen = ((len + 2) / 3) * 4 + 1;
- if (SIZE_MAX / 2 <= len || (ret = malloc(plen)) == NULL)
+ if ((tmp = sshbuf_new()) == NULL)
return NULL;
- if (b64_ntop(p, len, ret, plen) == -1) {
- explicit_bzero(ret, plen);
- free(ret);
+ if (sshbuf_dtob64(buf, tmp, wrap) != 0) {
+ sshbuf_free(tmp);
return NULL;
}
+ ret = sshbuf_dup_string(tmp);
+ sshbuf_free(tmp);
return ret;
}
diff --git a/usr.bin/ssh/sshbuf.h b/usr.bin/ssh/sshbuf.h
index 608a9845ec2..045ac3deece 100644
--- a/usr.bin/ssh/sshbuf.h
+++ b/usr.bin/ssh/sshbuf.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: sshbuf.h,v 1.15 2019/07/15 13:11:38 djm Exp $ */
+/* $OpenBSD: sshbuf.h,v 1.16 2019/07/16 13:18:39 djm Exp $ */
/*
* Copyright (c) 2011 Damien Miller
*
@@ -243,7 +243,8 @@ void sshbuf_dump_data(const void *s, size_t len, FILE *f);
char *sshbuf_dtob16(struct sshbuf *buf);
/* Encode the contents of the buffer as base64 */
-char *sshbuf_dtob64(struct sshbuf *buf);
+char *sshbuf_dtob64_string(const struct sshbuf *buf, int wrap);
+int sshbuf_dtob64(const struct sshbuf *d, struct sshbuf *b64, int wrap);
/* Decode base64 data and append it to the buffer */
int sshbuf_b64tod(struct sshbuf *buf, const char *b64);
diff --git a/usr.bin/ssh/sshkey.c b/usr.bin/ssh/sshkey.c
index e814f6e917f..a2b0a1d1527 100644
--- a/usr.bin/ssh/sshkey.c
+++ b/usr.bin/ssh/sshkey.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: sshkey.c,v 1.80 2019/07/15 13:16:29 djm Exp $ */
+/* $OpenBSD: sshkey.c,v 1.81 2019/07/16 13:18:39 djm Exp $ */
/*
* Copyright (c) 2000, 2001 Markus Friedl. All rights reserved.
* Copyright (c) 2008 Alexander von Gernler. All rights reserved.
@@ -1370,7 +1370,7 @@ sshkey_to_base64(const struct sshkey *key, char **b64p)
return SSH_ERR_ALLOC_FAIL;
if ((r = sshkey_putb(key, b)) != 0)
goto out;
- if ((uu = sshbuf_dtob64(b)) == NULL) {
+ if ((uu = sshbuf_dtob64_string(b, 0)) == NULL) {
r = SSH_ERR_ALLOC_FAIL;
goto out;
}
@@ -3649,25 +3649,12 @@ sshkey_private_to_blob2(struct sshkey *prv, struct sshbuf *blob,
sshbuf_ptr(encrypted), sshbuf_len(encrypted), 0, authlen)) != 0)
goto out;
- /* uuencode */
- if ((b64 = sshbuf_dtob64(encoded)) == NULL) {
- r = SSH_ERR_ALLOC_FAIL;
- goto out;
- }
-
sshbuf_reset(blob);
- if ((r = sshbuf_put(blob, MARK_BEGIN, MARK_BEGIN_LEN)) != 0)
- goto out;
- for (i = 0; i < strlen(b64); i++) {
- if ((r = sshbuf_put_u8(blob, b64[i])) != 0)
- goto out;
- /* insert line breaks */
- if (i % 70 == 69 && (r = sshbuf_put_u8(blob, '\n')) != 0)
- goto out;
- }
- if (i % 70 != 69 && (r = sshbuf_put_u8(blob, '\n')) != 0)
- goto out;
- if ((r = sshbuf_put(blob, MARK_END, MARK_END_LEN)) != 0)
+
+ /* assemble uuencoded key */
+ if ((r = sshbuf_put(blob, MARK_BEGIN, MARK_BEGIN_LEN)) != 0 ||
+ (r = sshbuf_dtob64(encoded, blob, 1)) != 0 ||
+ (r = sshbuf_put(blob, MARK_END, MARK_END_LEN)) != 0)
goto out;
/* success */
diff --git a/usr.bin/ssh/uuencode.c b/usr.bin/ssh/uuencode.c
deleted file mode 100644
index ade379d6aed..00000000000
--- a/usr.bin/ssh/uuencode.c
+++ /dev/null
@@ -1,93 +0,0 @@
-/* $OpenBSD: uuencode.c,v 1.28 2015/04/24 01:36:24 deraadt Exp $ */
-/*
- * Copyright (c) 2000 Markus Friedl. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- *
- * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
- * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
- * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
- * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
- * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
- * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
- * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
- * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
- * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
- */
-
-#include <sys/types.h>
-#include <netinet/in.h>
-#include <resolv.h>
-#include <stdio.h>
-#include <stdlib.h>
-
-#include "xmalloc.h"
-#include "uuencode.h"
-
-/*
- * Encode binary 'src' of length 'srclength', writing base64-encoded text
- * to 'target' of size 'targsize'. Will always nul-terminate 'target'.
- * Returns the number of bytes stored in 'target' or -1 on error (inc.
- * 'targsize' too small).
- */
-int
-uuencode(const u_char *src, u_int srclength,
- char *target, size_t targsize)
-{
- return __b64_ntop(src, srclength, target, targsize);
-}
-
-/*
- * Decode base64-encoded 'src' into buffer 'target' of 'targsize' bytes.
- * Will skip leading and trailing whitespace. Returns the number of bytes
- * stored in 'target' or -1 on error (inc. targsize too small).
- */
-int
-uudecode(const char *src, u_char *target, size_t targsize)
-{
- int len;
- char *encoded, *p;
-
- /* copy the 'readonly' source */
- encoded = xstrdup(src);
- /* skip whitespace and data */
- for (p = encoded; *p == ' ' || *p == '\t'; p++)
- ;
- for (; *p != '\0' && *p != ' ' && *p != '\t'; p++)
- ;
- /* and remove trailing whitespace because __b64_pton needs this */
- *p = '\0';
- len = __b64_pton(encoded, target, targsize);
- free(encoded);
- return len;
-}
-
-void
-dump_base64(FILE *fp, const u_char *data, u_int len)
-{
- char *buf;
- int i, n;
-
- if (len > 65536) {
- fprintf(fp, "dump_base64: len > 65536\n");
- return;
- }
- buf = xreallocarray(NULL, 2, len);
- n = uuencode(data, len, buf, 2*len);
- for (i = 0; i < n; i++) {
- fprintf(fp, "%c", buf[i]);
- if (i % 70 == 69)
- fprintf(fp, "\n");
- }
- if (i % 70 != 69)
- fprintf(fp, "\n");
- free(buf);
-}
diff --git a/usr.bin/ssh/uuencode.h b/usr.bin/ssh/uuencode.h
deleted file mode 100644
index 4d9888126cd..00000000000
--- a/usr.bin/ssh/uuencode.h
+++ /dev/null
@@ -1,29 +0,0 @@
-/* $OpenBSD: uuencode.h,v 1.14 2010/08/31 11:54:45 djm Exp $ */
-
-/*
- * Copyright (c) 2000 Markus Friedl. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- *
- * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
- * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
- * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
- * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
- * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
- * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
- * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
- * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
- * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
- */
-
-int uuencode(const u_char *, u_int, char *, size_t);
-int uudecode(const char *, u_char *, size_t);
-void dump_base64(FILE *, const u_char *, u_int);