diff options
Diffstat (limited to 'usr.bin/ssh')
-rw-r--r-- | usr.bin/ssh/auth-rsa.c | 5 | ||||
-rw-r--r-- | usr.bin/ssh/bufaux.c | 6 | ||||
-rw-r--r-- | usr.bin/ssh/channels.c | 18 | ||||
-rw-r--r-- | usr.bin/ssh/cipher.c | 10 | ||||
-rw-r--r-- | usr.bin/ssh/deattack.c | 9 | ||||
-rw-r--r-- | usr.bin/ssh/hostfile.c | 14 | ||||
-rw-r--r-- | usr.bin/ssh/packet.c | 12 | ||||
-rw-r--r-- | usr.bin/ssh/rsa.c | 6 | ||||
-rw-r--r-- | usr.bin/ssh/ssh-add.c | 20 | ||||
-rw-r--r-- | usr.bin/ssh/ssh-agent.c | 11 | ||||
-rw-r--r-- | usr.bin/ssh/sshconnect.c | 27 | ||||
-rw-r--r-- | usr.bin/ssh/sshd.c | 27 |
12 files changed, 115 insertions, 50 deletions
diff --git a/usr.bin/ssh/auth-rsa.c b/usr.bin/ssh/auth-rsa.c index 2de81c8d242..3e47e9f2ac4 100644 --- a/usr.bin/ssh/auth-rsa.c +++ b/usr.bin/ssh/auth-rsa.c @@ -16,7 +16,7 @@ validity of the host key. */ #include "includes.h" -RCSID("$Id: auth-rsa.c,v 1.6 1999/10/27 16:37:45 deraadt Exp $"); +RCSID("$Id: auth-rsa.c,v 1.7 1999/11/02 19:42:34 markus Exp $"); #include "rsa.h" #include "packet.h" @@ -91,7 +91,8 @@ auth_rsa_challenge_dialog(unsigned int bits, BIGNUM *e, BIGNUM *n) /* The response is MD5 of decrypted challenge plus session id. */ len = BN_num_bytes(challenge); - assert(len <= 32 && len); + if (len <= 0 || len > 32) + fatal("auth_rsa_challenge_dialog: bad challenge length %d", len); memset(buf, 0, 32); BN_bn2bin(challenge, buf + 32 - len); MD5_Init(&md); diff --git a/usr.bin/ssh/bufaux.c b/usr.bin/ssh/bufaux.c index 040a730af5a..390431d1887 100644 --- a/usr.bin/ssh/bufaux.c +++ b/usr.bin/ssh/bufaux.c @@ -15,7 +15,7 @@ Buffers. */ #include "includes.h" -RCSID("$Id: bufaux.c,v 1.2 1999/09/28 04:45:36 provos Exp $"); +RCSID("$Id: bufaux.c,v 1.3 1999/11/02 19:42:35 markus Exp $"); #include "ssh.h" #include <ssl/bn.h> @@ -37,7 +37,9 @@ buffer_put_bignum(Buffer *buffer, BIGNUM *value) /* Get the value of in binary */ oi = BN_bn2bin(value, buf); - assert(oi == bin_size); + if (oi != bin_size) + fatal("buffer_put_bignum: BN_bn2bin() failed: oi %d != bin_size %d", + oi, bin_size); /* Store the number of bits in the buffer in two bytes, msb first. */ PUT_16BIT(msg, bits); diff --git a/usr.bin/ssh/channels.c b/usr.bin/ssh/channels.c index 8717ffa7bb3..25bba4a782f 100644 --- a/usr.bin/ssh/channels.c +++ b/usr.bin/ssh/channels.c @@ -16,7 +16,7 @@ arbitrary tcp/ip connections, and the authentication agent connection. */ #include "includes.h" -RCSID("$Id: channels.c,v 1.18 1999/10/28 21:26:09 markus Exp $"); +RCSID("$Id: channels.c,v 1.19 1999/11/02 19:42:35 markus Exp $"); #include "ssh.h" #include "packet.h" @@ -166,8 +166,10 @@ int channel_allocate(int type, int sock, char *remote_name) void channel_free(int channel) { - assert(channel >= 0 && channel < channels_alloc && - channels[channel].type != SSH_CHANNEL_FREE); + if (channel < 0 || channel >= channels_alloc || + channels[channel].type == SSH_CHANNEL_FREE) + packet_disconnect("channel free: bad local channel %d", channel); + if(compat13) shutdown(channels[channel].sock, SHUT_RDWR); close(channels[channel].sock); @@ -307,9 +309,17 @@ void channel_prepare_select(fd_set *readset, fd_set *writeset) goto reject; } + /* Check fake data length */ + if (x11_fake_data_len != x11_saved_data_len) + { + error("X11 fake_data_len %d != saved_data_len %d", + x11_fake_data_len, x11_saved_data_len); + ch->type = SSH_CHANNEL_OPEN; + goto reject; + } + /* Received authentication protocol and data match our fake data. Substitute the fake data with real data. */ - assert(x11_fake_data_len == x11_saved_data_len); memcpy(ucp + 12 + ((proto_len + 3) & ~3), x11_saved_data, x11_saved_data_len); diff --git a/usr.bin/ssh/cipher.c b/usr.bin/ssh/cipher.c index 2de0351d022..c66d31cf458 100644 --- a/usr.bin/ssh/cipher.c +++ b/usr.bin/ssh/cipher.c @@ -12,7 +12,7 @@ Created: Wed Apr 19 17:41:39 1995 ylo */ #include "includes.h" -RCSID("$Id: cipher.c,v 1.12 1999/10/27 16:37:45 deraadt Exp $"); +RCSID("$Id: cipher.c,v 1.13 1999/11/02 19:42:35 markus Exp $"); #include "ssh.h" #include "cipher.h" @@ -87,8 +87,6 @@ swap_bytes(const unsigned char *src, unsigned char *dst_, int n) char c[4]; } t; - /* assert((n & 7) == 0); */ - /* Process 8 bytes every lap. */ for (n = n / 8; n > 0; n--) { @@ -242,7 +240,8 @@ void cipher_set_key(CipherContext *context, int cipher, void cipher_encrypt(CipherContext *context, unsigned char *dest, const unsigned char *src, unsigned int len) { - assert((len & 7) == 0); + if ((len & 7) != 0) + fatal("cipher_encrypt: bad plaintext length %d", len); switch (context->type) { @@ -274,7 +273,8 @@ void cipher_encrypt(CipherContext *context, unsigned char *dest, void cipher_decrypt(CipherContext *context, unsigned char *dest, const unsigned char *src, unsigned int len) { - assert((len & 7) == 0); + if ((len & 7) != 0) + fatal("cipher_decrypt: bad ciphertext length %d", len); switch (context->type) { diff --git a/usr.bin/ssh/deattack.c b/usr.bin/ssh/deattack.c index f961e8feb02..413e8e820d3 100644 --- a/usr.bin/ssh/deattack.c +++ b/usr.bin/ssh/deattack.c @@ -1,5 +1,5 @@ /* - * $Id: deattack.c,v 1.3 1999/10/05 22:18:52 markus Exp $ + * $Id: deattack.c,v 1.4 1999/11/02 19:42:35 markus Exp $ * Cryptographic attack detector for ssh - source code * * Copyright (c) 1998 CORE SDI S.A., Buenos Aires, Argentina. @@ -100,9 +100,10 @@ detect_attack(unsigned char *buf, u_int32_t len, unsigned char *IV) register unsigned char *c; unsigned char *d; - - assert(len <= (SSH_MAXBLOCKS * SSH_BLOCKSIZE)); - assert(len % SSH_BLOCKSIZE == 0); + if (len > (SSH_MAXBLOCKS * SSH_BLOCKSIZE) || + len % SSH_BLOCKSIZE != 0) { + fatal("detect_attack: bad length %d", len); + } for (l = n; l < HASH_FACTOR(len / SSH_BLOCKSIZE); l = l << 2); diff --git a/usr.bin/ssh/hostfile.c b/usr.bin/ssh/hostfile.c index 6982899dec6..5e1dbbe1d57 100644 --- a/usr.bin/ssh/hostfile.c +++ b/usr.bin/ssh/hostfile.c @@ -14,7 +14,7 @@ Functions for manipulating the known hosts files. */ #include "includes.h" -RCSID("$Id: hostfile.c,v 1.3 1999/10/03 21:50:03 provos Exp $"); +RCSID("$Id: hostfile.c,v 1.4 1999/11/02 19:42:36 markus Exp $"); #include "packet.h" #include "ssh.h" @@ -265,11 +265,19 @@ add_host_to_hostfile(const char *filename, const char *host, /* Print the host name and key to the file. */ fprintf(f, "%s %u ", host, bits); buf = BN_bn2dec(e); - assert(buf != NULL); + if (buf == NULL) { + error("add_host_to_hostfile: BN_bn2dec #1 failed"); + fclose(f); + return 0; + } fprintf(f, "%s ", buf); free (buf); buf = BN_bn2dec(n); - assert(buf != NULL); + if (buf == NULL) { + error("add_host_to_hostfile: BN_bn2dec #2 failed"); + fclose(f); + return 0; + } fprintf(f, "%s\n", buf); free (buf); diff --git a/usr.bin/ssh/packet.c b/usr.bin/ssh/packet.c index a37a09055e1..66d3595fce4 100644 --- a/usr.bin/ssh/packet.c +++ b/usr.bin/ssh/packet.c @@ -15,7 +15,7 @@ with the other side. This same code is used both on client and server side. */ #include "includes.h" -RCSID("$Id: packet.c,v 1.9 1999/10/05 01:23:54 dugsong Exp $"); +RCSID("$Id: packet.c,v 1.10 1999/11/02 19:42:36 markus Exp $"); #include "xmalloc.h" #include "buffer.h" @@ -194,7 +194,6 @@ void packet_encrypt(CipherContext *cc, void *dest, void *src, unsigned int bytes) { - assert((bytes % 8) == 0); cipher_encrypt(cc, dest, src, bytes); } @@ -207,7 +206,8 @@ packet_decrypt(CipherContext *cc, void *dest, void *src, { int i; - assert((bytes % 8) == 0); + if ((bytes % 8) != 0) + fatal("packet_decrypt: bad ciphertext length %d", bytes); /* Cryptographic attack detector for ssh - Modifications for packet.c @@ -500,7 +500,11 @@ packet_read_poll(int *payload_len_ptr) buffer_consume(&incoming_packet, 8 - len % 8); /* Test check bytes. */ - assert(len == buffer_len(&incoming_packet)); + + if (len != buffer_len(&incoming_packet)) + packet_disconnect("packet_read_poll: len %d != buffer_len %d.", + len, buffer_len(&incoming_packet)); + ucp = (unsigned char *)buffer_ptr(&incoming_packet) + len - 4; stored_checksum = GET_32BIT(ucp); if (checksum != stored_checksum) diff --git a/usr.bin/ssh/rsa.c b/usr.bin/ssh/rsa.c index f2e5d5f1212..9bdde7d1049 100644 --- a/usr.bin/ssh/rsa.c +++ b/usr.bin/ssh/rsa.c @@ -35,7 +35,7 @@ Description of the RSA algorithm can be found e.g. from the following sources: */ #include "includes.h" -RCSID("$Id: rsa.c,v 1.5 1999/10/16 23:54:12 provos Exp $"); +RCSID("$Id: rsa.c,v 1.6 1999/11/02 19:42:36 markus Exp $"); #include "rsa.h" #include "ssh.h" @@ -70,8 +70,8 @@ rsa_generate_key(RSA *prv, RSA *pub, unsigned int bits) } key = RSA_generate_key(bits, 35, NULL, NULL); - - assert(key != NULL); + if (key == NULL) + fatal("rsa_generate_key: key generation failed."); /* Copy public key parameters */ pub->n = BN_new(); diff --git a/usr.bin/ssh/ssh-add.c b/usr.bin/ssh/ssh-add.c index 5c314e97eb8..7ac8b98b32b 100644 --- a/usr.bin/ssh/ssh-add.c +++ b/usr.bin/ssh/ssh-add.c @@ -14,7 +14,7 @@ Adds an identity to the authentication server, or removes an identity. */ #include "includes.h" -RCSID("$Id: ssh-add.c,v 1.7 1999/10/27 23:35:32 markus Exp $"); +RCSID("$Id: ssh-add.c,v 1.8 1999/11/02 19:42:36 markus Exp $"); #include "rsa.h" #include "ssh.h" @@ -131,13 +131,19 @@ list_identities(AuthenticationConnection *ac) had_identities = 1; printf("%d ", bits); buf = BN_bn2dec(e); - assert(buf != NULL); - printf("%s ", buf); - free (buf); + if (buf != NULL) { + printf("%s ", buf); + free (buf); + } else { + error("list_identities: BN_bn2dec #1 failed."); + } buf = BN_bn2dec(n); - assert(buf != NULL); - printf("%s %s\n", buf, comment); - free (buf); + if (buf != NULL) { + printf("%s %s\n", buf, comment); + free (buf); + } else { + error("list_identities: BN_bn2dec #2 failed."); + } xfree(comment); } BN_clear_free(e); diff --git a/usr.bin/ssh/ssh-agent.c b/usr.bin/ssh/ssh-agent.c index d304e7a670b..87d787dbd08 100644 --- a/usr.bin/ssh/ssh-agent.c +++ b/usr.bin/ssh/ssh-agent.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh-agent.c,v 1.16 1999/10/28 20:41:23 markus Exp $ */ +/* $OpenBSD: ssh-agent.c,v 1.17 1999/11/02 19:42:36 markus Exp $ */ /* @@ -16,7 +16,7 @@ The authentication agent program. */ #include "includes.h" -RCSID("$OpenBSD: ssh-agent.c,v 1.16 1999/10/28 20:41:23 markus Exp $"); +RCSID("$OpenBSD: ssh-agent.c,v 1.17 1999/11/02 19:42:36 markus Exp $"); #include "ssh.h" #include "rsa.h" @@ -131,7 +131,12 @@ process_authentication_challenge(SocketEntry *e) case 1: /* As of protocol 1.1 */ /* The response is MD5 of decrypted challenge plus session id. */ len = BN_num_bytes(challenge); - assert(len <= 32 && len); + + if (len <= 0 || len > 32) { + fatal("process_authentication_challenge: " + "bad challenge length %d", len); + } + memset(buf, 0, 32); BN_bn2bin(challenge, buf + 32 - len); MD5_Init(&md); diff --git a/usr.bin/ssh/sshconnect.c b/usr.bin/ssh/sshconnect.c index 6ec8c4abfe9..eba68ca8c59 100644 --- a/usr.bin/ssh/sshconnect.c +++ b/usr.bin/ssh/sshconnect.c @@ -15,7 +15,7 @@ login (authentication) dialog. */ #include "includes.h" -RCSID("$Id: sshconnect.c,v 1.24 1999/10/27 16:37:46 deraadt Exp $"); +RCSID("$Id: sshconnect.c,v 1.25 1999/11/02 19:42:36 markus Exp $"); #include <ssl/bn.h> #include "xmalloc.h" @@ -449,7 +449,10 @@ respond_to_rsa_challenge(BIGNUM *challenge, RSA *prv) /* Compute the response. */ /* The response is MD5 of decrypted challenge plus session id. */ len = BN_num_bytes(challenge); - assert(len <= sizeof(buf) && len); + if (len <= 0 || len > sizeof(buf)) + packet_disconnect("respond_to_rsa_challenge: bad challenge length %d", + len); + memset(buf, 0, sizeof(buf)); BN_bn2bin(challenge, buf + sizeof(buf) - len); MD5_Init(&md); @@ -1290,8 +1293,14 @@ void ssh_login(int host_key_valid, if (BN_cmp(public_key->n, host_key->n) < 0) { /* Public key has smaller modulus. */ - assert(BN_num_bits(host_key->n) >= - BN_num_bits(public_key->n) + SSH_KEY_BITS_RESERVED); + if (BN_num_bits(host_key->n) < + BN_num_bits(public_key->n) + SSH_KEY_BITS_RESERVED) { + fatal("respond_to_rsa_challenge: host_key %d < public_key %d + " + "SSH_KEY_BITS_RESERVED %d", + BN_num_bits(host_key->n), + BN_num_bits(public_key->n), + SSH_KEY_BITS_RESERVED); + } rsa_public_encrypt(key, key, public_key); rsa_public_encrypt(key, key, host_key); @@ -1299,8 +1308,14 @@ void ssh_login(int host_key_valid, else { /* Host key has smaller modulus (or they are equal). */ - assert(BN_num_bits(public_key->n) >= - BN_num_bits(host_key->n) + SSH_KEY_BITS_RESERVED); + if (BN_num_bits(public_key->n) < + BN_num_bits(host_key->n) + SSH_KEY_BITS_RESERVED) { + fatal("respond_to_rsa_challenge: public_key %d < host_key %d + " + "SSH_KEY_BITS_RESERVED %d", + BN_num_bits(public_key->n), + BN_num_bits(host_key->n), + SSH_KEY_BITS_RESERVED); + } rsa_public_encrypt(key, key, host_key); rsa_public_encrypt(key, key, public_key); diff --git a/usr.bin/ssh/sshd.c b/usr.bin/ssh/sshd.c index 78fb2a25c73..f5ccd5991b5 100644 --- a/usr.bin/ssh/sshd.c +++ b/usr.bin/ssh/sshd.c @@ -18,7 +18,7 @@ agent connections. */ #include "includes.h" -RCSID("$Id: sshd.c,v 1.43 1999/11/02 19:10:15 markus Exp $"); +RCSID("$Id: sshd.c,v 1.44 1999/11/02 19:42:37 markus Exp $"); #include "xmalloc.h" #include "rsa.h" @@ -823,8 +823,14 @@ void do_connection(int privileged_port) if (BN_cmp(sensitive_data.private_key->n, sensitive_data.host_key->n) > 0) { /* Private key has bigger modulus. */ - assert(BN_num_bits(sensitive_data.private_key->n) >= - BN_num_bits(sensitive_data.host_key->n) + SSH_KEY_BITS_RESERVED); + if (BN_num_bits(sensitive_data.private_key->n) < + BN_num_bits(sensitive_data.host_key->n) + SSH_KEY_BITS_RESERVED) { + fatal("do_connection: private_key %d < host_key %d + SSH_KEY_BITS_RESERVED %d", + BN_num_bits(sensitive_data.private_key->n), + BN_num_bits(sensitive_data.host_key->n), + SSH_KEY_BITS_RESERVED); + } + rsa_private_decrypt(session_key_int, session_key_int, sensitive_data.private_key); rsa_private_decrypt(session_key_int, session_key_int, @@ -833,9 +839,13 @@ void do_connection(int privileged_port) else { /* Host key has bigger modulus (or they are equal). */ - assert(BN_num_bits(sensitive_data.host_key->n) >= - BN_num_bits(sensitive_data.private_key->n) + - SSH_KEY_BITS_RESERVED); + if (BN_num_bits(sensitive_data.host_key->n) < + BN_num_bits(sensitive_data.private_key->n) + SSH_KEY_BITS_RESERVED) { + fatal("do_connection: host_key %d < private_key %d + SSH_KEY_BITS_RESERVED %d", + BN_num_bits(sensitive_data.host_key->n), + BN_num_bits(sensitive_data.private_key->n), + SSH_KEY_BITS_RESERVED); + } rsa_private_decrypt(session_key_int, session_key_int, sensitive_data.host_key); rsa_private_decrypt(session_key_int, session_key_int, @@ -853,7 +863,10 @@ void do_connection(int privileged_port) least significant 256 bits of the integer; the first byte of the key is in the highest bits. */ BN_mask_bits(session_key_int, sizeof(session_key) * 8); - assert(BN_num_bytes(session_key_int) == sizeof(session_key)); + if (BN_num_bytes(session_key_int) != sizeof(session_key)){ + fatal("do_connection: session_key_int %d != sizeof(session_key) %d", + BN_num_bytes(session_key_int), sizeof(session_key)); + } BN_bn2bin(session_key_int, session_key); /* Xor the first 16 bytes of the session key with the session id. */ |