diff options
| author | Damien Miller <djm@cvs.openbsd.org> | 2024-09-04 05:33:35 +0000 |
|---|---|---|
| committer | Damien Miller <djm@cvs.openbsd.org> | 2024-09-04 05:33:35 +0000 |
| commit | 8366e566b1e2eda7bac1877e8b4e7d66cdad760b (patch) | |
| tree | 3c54c0f5c28b34cc8cfb65db13d61d1be86ccf1f /usr.bin | |
| parent | 9029e3e86dfe12228b2b30ebd30a2de293637833 (diff) | |
be more strict in parsing key type names. Only allow shortnames (e.g
"rsa") in user-interface code and require full SSH protocol names (e.g.
"ssh-rsa") everywhere else.
Prompted by bz3725; ok markus@
Diffstat (limited to 'usr.bin')
| -rw-r--r-- | usr.bin/ssh/ssh-keygen.c | 10 | ||||
| -rw-r--r-- | usr.bin/ssh/ssh-keyscan.c | 4 | ||||
| -rw-r--r-- | usr.bin/ssh/sshkey.c | 24 | ||||
| -rw-r--r-- | usr.bin/ssh/sshkey.h | 3 |
4 files changed, 28 insertions, 13 deletions
diff --git a/usr.bin/ssh/ssh-keygen.c b/usr.bin/ssh/ssh-keygen.c index 4a95c5515ac..71ad9a39199 100644 --- a/usr.bin/ssh/ssh-keygen.c +++ b/usr.bin/ssh/ssh-keygen.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh-keygen.c,v 1.473 2024/08/15 00:51:51 djm Exp $ */ +/* $OpenBSD: ssh-keygen.c,v 1.474 2024/09/04 05:33:34 djm Exp $ */ /* * Author: Tatu Ylonen <ylo@cs.hut.fi> * Copyright (c) 1994 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland @@ -250,7 +250,7 @@ ask_filename(struct passwd *pw, const char *prompt) if (key_type_name == NULL) name = _PATH_SSH_CLIENT_ID_ED25519; else { - switch (sshkey_type_from_name(key_type_name)) { + switch (sshkey_type_from_shortname(key_type_name)) { #ifdef WITH_DSA case KEY_DSA_CERT: case KEY_DSA: @@ -1117,7 +1117,7 @@ do_gen_all_hostkeys(struct passwd *pw) } printf("%s ", key_types[i].key_type_display); fflush(stdout); - type = sshkey_type_from_name(key_types[i].key_type); + type = sshkey_type_from_shortname(key_types[i].key_type); if ((fd = mkstemp(prv_tmp)) == -1) { error("Could not save your private key in %s: %s", prv_tmp, strerror(errno)); @@ -1823,7 +1823,7 @@ do_ca_sign(struct passwd *pw, const char *ca_key_path, int prefer_agent, free(tmp); if (key_type_name != NULL) { - if (sshkey_type_from_name(key_type_name) != ca->type) { + if (sshkey_type_from_shortname(key_type_name) != ca->type) { fatal("CA key type %s doesn't match specified %s", sshkey_ssh_name(ca), key_type_name); } @@ -3810,7 +3810,7 @@ main(int argc, char **argv) if (key_type_name == NULL) key_type_name = DEFAULT_KEY_TYPE_NAME; - type = sshkey_type_from_name(key_type_name); + type = sshkey_type_from_shortname(key_type_name); type_bits_valid(type, key_type_name, &bits); if (!quiet) diff --git a/usr.bin/ssh/ssh-keyscan.c b/usr.bin/ssh/ssh-keyscan.c index e941c2149f7..a2043912634 100644 --- a/usr.bin/ssh/ssh-keyscan.c +++ b/usr.bin/ssh/ssh-keyscan.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh-keyscan.c,v 1.159 2024/09/02 12:13:56 djm Exp $ */ +/* $OpenBSD: ssh-keyscan.c,v 1.160 2024/09/04 05:33:34 djm Exp $ */ /* * Copyright 1995, 1996 by David Mazieres <dm@lcs.mit.edu>. * @@ -726,7 +726,7 @@ main(int argc, char **argv) get_keytypes = 0; tname = strtok(optarg, ","); while (tname) { - int type = sshkey_type_from_name(tname); + int type = sshkey_type_from_shortname(tname); switch (type) { #ifdef WITH_DSA diff --git a/usr.bin/ssh/sshkey.c b/usr.bin/ssh/sshkey.c index d04cc522cee..1ebcd1c8871 100644 --- a/usr.bin/ssh/sshkey.c +++ b/usr.bin/ssh/sshkey.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sshkey.c,v 1.145 2024/08/20 11:10:04 djm Exp $ */ +/* $OpenBSD: sshkey.c,v 1.146 2024/09/04 05:33:34 djm Exp $ */ /* * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. * Copyright (c) 2008 Alexander von Gernler. All rights reserved. @@ -228,22 +228,36 @@ sshkey_ssh_name_plain(const struct sshkey *k) k->ecdsa_nid); } -int -sshkey_type_from_name(const char *name) +static int +type_from_name(const char *name, int allow_short) { int i; const struct sshkey_impl *impl; for (i = 0; keyimpls[i] != NULL; i++) { impl = keyimpls[i]; + if (impl->name != NULL && strcmp(name, impl->name) == 0) + return impl->type; /* Only allow shortname matches for plain key types */ - if ((impl->name != NULL && strcmp(name, impl->name) == 0) || - (!impl->cert && strcasecmp(impl->shortname, name) == 0)) + if (allow_short && !impl->cert && impl->shortname != NULL && + strcasecmp(impl->shortname, name) == 0) return impl->type; } return KEY_UNSPEC; } +int +sshkey_type_from_name(const char *name) +{ + return type_from_name(name, 0); +} + +int +sshkey_type_from_shortname(const char *name) +{ + return type_from_name(name, 1); +} + static int key_type_is_ecdsa_variant(int type) { diff --git a/usr.bin/ssh/sshkey.h b/usr.bin/ssh/sshkey.h index 21298c6f2ef..eddd23bbd4c 100644 --- a/usr.bin/ssh/sshkey.h +++ b/usr.bin/ssh/sshkey.h @@ -1,4 +1,4 @@ -/* $OpenBSD: sshkey.h,v 1.64 2024/08/15 00:51:51 djm Exp $ */ +/* $OpenBSD: sshkey.h,v 1.65 2024/09/04 05:33:34 djm Exp $ */ /* * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. @@ -218,6 +218,7 @@ int sshkey_shield_private(struct sshkey *); int sshkey_unshield_private(struct sshkey *); int sshkey_type_from_name(const char *); +int sshkey_type_from_shortname(const char *); int sshkey_is_cert(const struct sshkey *); int sshkey_is_sk(const struct sshkey *); int sshkey_type_is_cert(int); |