Attachment #2307 for bug #1974





/* hostkey handling */
Key	*get_hostkey_by_index(int);
Key	*get_hostkey_public_by_index(int);
Key	*get_hostkey_public_by_type(int);
Key	*get_hostkey_private_by_type(int);
int	 get_hostkey_index(Key *);
int	 ssh1_session_key(BIGNUM *);
void	 sshd_hostkey_sign(Key *, Key *, u_char **, u_int *, u_char *, u_int);

/* debug messages during authentication */
void	 auth_debug_add(const char *fmt,...) __attribute__((format(printf, 1, 2)));

Lines 136-141 struct Kex { Link Here

(-)kex.h (+1 lines)
136	Key (load_host_public_key)(int);	136	Key (load_host_public_key)(int);
137	Key (load_host_private_key)(int);	137	Key (load_host_private_key)(int);
138	int (host_key_index)(Key );	138	int (host_key_index)(Key );
		139	void (sign)(Key , Key , u_char , u_int , u_char *, u_int);
139	void (kex[KEX_MAX])(Kex );	140	void (kex[KEX_MAX])(Kex );
140	};	141	};
141		142




	if (server_host_public == NULL)
		fatal("Unsupported hostkey type %d", kex->hostkey_type);
	server_host_private = kex->load_host_private_key(kex->hostkey_type);
	if (server_host_private == NULL)
		fatal("Missing private key for hostkey type %d",
		    kex->hostkey_type);

	/* key, cert */
	if ((dh_client_pub = BN_new()) == NULL)

	}

	/* sign H */
	kex->sign(server_host_private, server_host_public, &signature, &slen,
	    hash, hashlen);
		fatal("kexdh_server: key_sign failed");

	/* destroy_sensitive_data(); */





	if (server_host_public == NULL)
		fatal("Unsupported hostkey type %d", kex->hostkey_type);
	server_host_private = kex->load_host_private_key(kex->hostkey_type);
	if (server_host_private == NULL)
		fatal("Missing private key for hostkey type %d",
		    kex->hostkey_type);

	debug("expecting SSH2_MSG_KEX_ECDH_INIT");
	packet_read_expect(SSH2_MSG_KEX_ECDH_INIT);

	}

	/* sign H */
	kex->sign(server_host_private, server_host_public, &signature, &slen,
	    hash, hashlen);
		fatal("kexdh_server: key_sign failed");

	/* destroy_sensitive_data(); */





	if (server_host_public == NULL)
		fatal("Unsupported hostkey type %d", kex->hostkey_type);
	server_host_private = kex->load_host_private_key(kex->hostkey_type);
	if (server_host_private == NULL)
		fatal("Missing private key for hostkey type %d",
		    kex->hostkey_type);


	type = packet_read();
	switch (type) {

	}

	/* sign H */
	kex->sign(server_host_private, server_host_public, &signature, &slen,
	    hash, hashlen);
		fatal("kexgex_server: key_sign failed");

	/* destroy_sensitive_data(); */


Lines 75-80 Link Here

(-)monitor.c (-3 / +13 lines)
75	#include "ssh2.h"	75	#include "ssh2.h"
76	#include "jpake.h"	76	#include "jpake.h"
77	#include "roaming.h"	77	#include "roaming.h"
		78	#include "authfd.h"
78		79
79	#ifdef GSSAPI	80	#ifdef GSSAPI
80	static Gssctxt *gsscontext = NULL;	81	static Gssctxt *gsscontext = NULL;
Lines 594-599 mm_answer_moduli(int sock, Buffer *m) Link Here
594	return (0);	595	return (0);
595	}	596	}
596		597
		598	extern AuthenticationConnection *auth_conn;
		599
597	int	600	int
598	mm_answer_sign(int sock, Buffer *m)	601	mm_answer_sign(int sock, Buffer *m)
599	{	602	{
Lines 622-631 mm_answer_sign(int sock, Buffer *m) Link Here
622	memcpy(session_id2, p, session_id2_len);	625	memcpy(session_id2, p, session_id2_len);
623	}	626	}
624		627
625	if ((key = get_hostkey_by_index(keyid)) == NULL)	628	if ((key = get_hostkey_by_index(keyid)) != NULL) {
		629	if (key_sign(key, &signature, &siglen, p, datlen) < 0)
		630	fatal("%s: key_sign failed", __func__);
		631	} else if ((key = get_hostkey_public_by_index(keyid)) != NULL &&
		632	auth_conn != NULL) {
		633	if (ssh_agent_sign(auth_conn, key, &signature, &siglen, p,
		634	datlen) < 0)
		635	fatal("%s: ssh_agent_sign failed", __func__);
		636	} else
626	fatal("%s: no hostkey from index %d", __func__, keyid);	637	fatal("%s: no hostkey from index %d", __func__, keyid);
627	if (key_sign(key, &signature, &siglen, p, datlen) < 0)
628	fatal("%s: key_sign failed", __func__);
629		638
630	debug3("%s: signature %p(%u)", __func__, signature, siglen);	639	debug3("%s: signature %p(%u)", __func__, signature, siglen);
631		640
Lines 1533-1538 mm_get_kex(Buffer *m) Link Here
1533	kex->load_host_public_key=&get_hostkey_public_by_type;	1542	kex->load_host_public_key=&get_hostkey_public_by_type;
1534	kex->load_host_private_key=&get_hostkey_private_by_type;	1543	kex->load_host_private_key=&get_hostkey_private_by_type;
1535	kex->host_key_index=&get_hostkey_index;	1544	kex->host_key_index=&get_hostkey_index;
		1545	kex->sign = sshd_hostkey_sign;
1536		1546
1537	return (kex);	1547	return (kex);
1538	}	1548	}

Lines 70-75 Link Here

(-)session.c (+8 lines)
70	#include "hostfile.h"	70	#include "hostfile.h"
71	#include "auth.h"	71	#include "auth.h"
72	#include "auth-options.h"	72	#include "auth-options.h"
		73	#include "authfd.h"
73	#include "pathnames.h"	74	#include "pathnames.h"
74	#include "log.h"	75	#include "log.h"
75	#include "servconf.h"	76	#include "servconf.h"
Lines 1261-1266 launch_login(struct passwd pw, const char hostname) Link Here
1261	static void	1262	static void
1262	child_close_fds(void)	1263	child_close_fds(void)
1263	{	1264	{
		1265	extern AuthenticationConnection *auth_conn;
		1266
		1267	if (auth_conn) {
		1268	ssh_close_authentication_connection(auth_conn);
		1269	auth_conn = NULL;
		1270	}
		1271
1264	if (packet_get_connection_in() == packet_get_connection_out())	1272	if (packet_get_connection_in() == packet_get_connection_out())
1265	close(packet_get_connection_in());	1273	close(packet_get_connection_in());
1266	else {	1274	else {

Lines 90-95 Link Here

(-)sshd.c (-7 / +68 lines)
90	#include "canohost.h"	90	#include "canohost.h"
91	#include "hostfile.h"	91	#include "hostfile.h"
92	#include "auth.h"	92	#include "auth.h"
		93	#include "authfd.h"
93	#include "misc.h"	94	#include "misc.h"
94	#include "msg.h"	95	#include "msg.h"
95	#include "dispatch.h"	96	#include "dispatch.h"
Lines 177-182 char *server_version_string = NULL; Link Here
177	/* for rekeying XXX fixme */	178	/* for rekeying XXX fixme */
178	Kex *xxx_kex;	179	Kex *xxx_kex;
179		180
		181	/* Daemon's agent connection */
		182	AuthenticationConnection *auth_conn = NULL;
		183
180	/*	184	/*
181	* Any really sensitive data in the application is contained in this	185	* Any really sensitive data in the application is contained in this
182	* structure. The idea is that this structure could be locked into memory so	186	* structure. The idea is that this structure could be locked into memory so
Lines 189-194 struct { Link Here
189	Key server_key; / ephemeral server key */	193	Key server_key; / ephemeral server key */
190	Key ssh1_host_key; / ssh1 host key */	194	Key ssh1_host_key; / ssh1 host key */
191	Key *host_keys; / all private host keys */	195	Key *host_keys; / all private host keys */
		196	Key *host_pubkeys; / all public host keys */
192	Key *host_certificates; / all public host certificates */	197	Key *host_certificates; / all public host certificates */
193	int have_ssh1_key;	198	int have_ssh1_key;
194	int have_ssh2_key;	199	int have_ssh2_key;
Lines 639-644 privsep_preauth(Authctxt *authctxt) Link Here
639	} else if (pid != 0) {	644	} else if (pid != 0) {
640	debug2("Network child is on pid %ld", (long)pid);	645	debug2("Network child is on pid %ld", (long)pid);
641		646
		647	auth_conn = ssh_get_authentication_connection();
		648
642	pmonitor->m_pid = pid;	649	pmonitor->m_pid = pid;
643	if (box != NULL)	650	if (box != NULL)
644	ssh_sandbox_parent_preauth(box, pid);	651	ssh_sandbox_parent_preauth(box, pid);
Lines 750-755 list_hostkey_types(void) Link Here
750	for (i = 0; i < options.num_host_key_files; i++) {	757	for (i = 0; i < options.num_host_key_files; i++) {
751	key = sensitive_data.host_keys[i];	758	key = sensitive_data.host_keys[i];
752	if (key == NULL)	759	if (key == NULL)
		760	key = sensitive_data.host_pubkeys[i];
		761	if (key == NULL)
753	continue;	762	continue;
754	switch (key->type) {	763	switch (key->type) {
755	case KEY_RSA:	764	case KEY_RSA:
Lines 802-807 get_hostkey_by_type(int type, int need_private) Link Here
802	break;	811	break;
803	default:	812	default:
804	key = sensitive_data.host_keys[i];	813	key = sensitive_data.host_keys[i];
		814	if (key == NULL && !need_private)
		815	key = sensitive_data.host_pubkeys[i];
805	break;	816	break;
806	}	817	}
807	if (key != NULL && key->type == type)	818	if (key != NULL && key->type == type)
Lines 831-836 get_hostkey_by_index(int ind) Link Here
831	return (sensitive_data.host_keys[ind]);	842	return (sensitive_data.host_keys[ind]);
832	}	843	}
833		844
		845	Key *
		846	get_hostkey_public_by_index(int ind)
		847	{
		848	if (ind < 0 \|\| ind >= options.num_host_key_files)
		849	return (NULL);
		850	return (sensitive_data.host_pubkeys[ind]);
		851	}
		852
834	int	853	int
835	get_hostkey_index(Key *key)	854	get_hostkey_index(Key *key)
836	{	855	{
Lines 843-848 get_hostkey_index(Key *key) Link Here
843	} else {	862	} else {
844	if (key == sensitive_data.host_keys[i])	863	if (key == sensitive_data.host_keys[i])
845	return (i);	864	return (i);
		865	if (key == sensitive_data.host_pubkeys[i])
		866	return (i);
846	}	867	}
847	}	868	}
848	return (-1);	869	return (-1);
Lines 1310-1315 main(int ac, char **av) Link Here
1310	u_int64_t ibytes, obytes;	1331	u_int64_t ibytes, obytes;
1311	mode_t new_umask;	1332	mode_t new_umask;
1312	Key *key;	1333	Key *key;
		1334	Key *pubkey;
		1335	int have_agent, keytype;
1313	Authctxt *authctxt;	1336	Authctxt *authctxt;
1314	struct connection_info *connection_info = get_connection_info(0, 0);	1337	struct connection_info *connection_info = get_connection_info(0, 0);
1315		1338
Lines 1542-1563 main(int ac, char **av) Link Here
1542	debug("sshd version %s, %s", SSH_VERSION,	1565	debug("sshd version %s, %s", SSH_VERSION,
1543	SSLeay_version(SSLEAY_VERSION));	1566	SSLeay_version(SSLEAY_VERSION));
1544		1567
1545	/* load private host keys */	1568	/* load host keys */
1546	sensitive_data.host_keys = xcalloc(options.num_host_key_files,	1569	sensitive_data.host_keys = xcalloc(options.num_host_key_files,
1547	sizeof(Key *));	1570	sizeof(Key *));
1548	for (i = 0; i < options.num_host_key_files; i++)	1571	sensitive_data.host_pubkeys = xcalloc(options.num_host_key_files,
		1572	sizeof(Key *));
		1573	for (i = 0; i < options.num_host_key_files; i++) {
1549	sensitive_data.host_keys[i] = NULL;	1574	sensitive_data.host_keys[i] = NULL;
		1575	sensitive_data.host_pubkeys[i] = NULL;
		1576	}
		1577
		1578	have_agent = ssh_agent_present();
1550		1579
1551	for (i = 0; i < options.num_host_key_files; i++) {	1580	for (i = 0; i < options.num_host_key_files; i++) {
1552	key = key_load_private(options.host_key_files[i], "", NULL);	1581	key = key_load_private(options.host_key_files[i], "", NULL);
		1582	pubkey = key_load_public(options.host_key_files[i], NULL);
1553	sensitive_data.host_keys[i] = key;	1583	sensitive_data.host_keys[i] = key;
1554	if (key == NULL) {	1584	sensitive_data.host_pubkeys[i] = pubkey;
		1585
		1586	if (key == NULL && pubkey != NULL && pubkey->type != KEY_RSA1 &&
		1587	have_agent) {
		1588	debug("will rely on agent for hostkey %s",
		1589	options.host_key_files[i]);
		1590	keytype = pubkey->type;
		1591	} else if (key != NULL) {
		1592	keytype = key->type;
		1593	} else {
1555	error("Could not load host key: %s",	1594	error("Could not load host key: %s",
1556	options.host_key_files[i]);	1595	options.host_key_files[i]);
1557	sensitive_data.host_keys[i] = NULL;	1596	sensitive_data.host_keys[i] = NULL;
		1597	sensitive_data.host_pubkeys[i] = NULL;
1558	continue;	1598	continue;
1559	}	1599	}
1560	switch (key->type) {	1600
		1601	switch (keytype) {
1561	case KEY_RSA1:	1602	case KEY_RSA1:
1562	sensitive_data.ssh1_host_key = key;	1603	sensitive_data.ssh1_host_key = key;
1563	sensitive_data.have_ssh1_key = 1;	1604	sensitive_data.have_ssh1_key = 1;
Lines 1568-1575 main(int ac, char **av) Link Here
1568	sensitive_data.have_ssh2_key = 1;	1609	sensitive_data.have_ssh2_key = 1;
1569	break;	1610	break;
1570	}	1611	}
1571	debug("private host key: #%d type %d %s", i, key->type,	1612	debug("private host key: #%d type %d %s", i, keytype,
1572	key_type(key));	1613	key_type(key ? key : pubkey));
1573	}	1614	}
1574	if ((options.protocol & SSH_PROTO_1) && !sensitive_data.have_ssh1_key) {	1615	if ((options.protocol & SSH_PROTO_1) && !sensitive_data.have_ssh1_key) {
1575	logit("Disabling protocol version 1. Could not load host key");	1616	logit("Disabling protocol version 1. Could not load host key");
Lines 1906-1914 main(int ac, char **av) Link Here
1906	buffer_init(&loginmsg);	1947	buffer_init(&loginmsg);
1907	auth_debug_reset();	1948	auth_debug_reset();
1908		1949
1909	if (use_privsep)	1950	if (use_privsep) {
1910	if (privsep_preauth(authctxt) == 1)	1951	if (privsep_preauth(authctxt) == 1)
1911	goto authenticated;	1952	goto authenticated;
		1953	} else if (compat20)
		1954	auth_conn = ssh_get_authentication_connection();
1912		1955
1913	/* perform the key exchange */	1956	/* perform the key exchange */
1914	/* authenticate user and start session */	1957	/* authenticate user and start session */
Lines 2194-2199 do_ssh1_kex(void) Link Here
2194	packet_write_wait();	2237	packet_write_wait();
2195	}	2238	}
2196		2239
		2240	void
		2241	sshd_hostkey_sign(Key privkey, Key pubkey, u_char *signature, u_int slen,
		2242	u_char *data, u_int dlen)
		2243	{
		2244	if (privkey) {
		2245	if (PRIVSEP(key_sign(privkey, signature, slen, data, dlen) < 0))
		2246	fatal("%s: key_sign failed", __func__);
		2247	} else if (use_privsep) {
		2248	if (mm_key_sign(pubkey, signature, slen, data, dlen) < 0)
		2249	fatal("%s: pubkey_sign failed", __func__);
		2250	} else {
		2251	if (ssh_agent_sign(auth_conn, pubkey, signature, slen, data,
		2252	dlen))
		2253	fatal("%s: ssh_agent_sign failed", __func__);
		2254	}
		2255	}
		2256
2197	/*	2257	/*
2198	* SSH2 key exchange: diffie-hellman-group1-sha1	2258	* SSH2 key exchange: diffie-hellman-group1-sha1
2199	*/	2259	*/
Lines 2244-2249 do_ssh2_kex(void) Link Here
2244	kex->load_host_public_key=&get_hostkey_public_by_type;	2304	kex->load_host_public_key=&get_hostkey_public_by_type;
2245	kex->load_host_private_key=&get_hostkey_private_by_type;	2305	kex->load_host_private_key=&get_hostkey_private_by_type;
2246	kex->host_key_index=&get_hostkey_index;	2306	kex->host_key_index=&get_hostkey_index;
		2307	kex->sign = sshd_hostkey_sign;
2247		2308
2248	xxx_kex = kex;	2309	xxx_kex = kex;
2249		2310

Return to bug 1974

Lines 174-183 check_key_in_hostfiles(struct passwd , Key , const char *, Link Here

(-)auth.h (+2 lines)
174		174
175	/* hostkey handling */	175	/* hostkey handling */
176	Key *get_hostkey_by_index(int);	176	Key *get_hostkey_by_index(int);
		177	Key *get_hostkey_public_by_index(int);
177	Key *get_hostkey_public_by_type(int);	178	Key *get_hostkey_public_by_type(int);
178	Key *get_hostkey_private_by_type(int);	179	Key *get_hostkey_private_by_type(int);
179	int get_hostkey_index(Key *);	180	int get_hostkey_index(Key *);
180	int ssh1_session_key(BIGNUM *);	181	int ssh1_session_key(BIGNUM *);
		182	void sshd_hostkey_sign(Key , Key , u_char *, u_int , u_char *, u_int);
181		183
182	/* debug messages during authentication */	184	/* debug messages during authentication */
183	void auth_debug_add(const char *fmt,...) __attribute__((format(printf, 1, 2)));	185	void auth_debug_add(const char *fmt,...) __attribute__((format(printf, 1, 2)));

Lines 77-85 kexdh_server(Kex *kex) Link Here

(-)kexdhs.c (-6 / +2 lines)
77	if (server_host_public == NULL)	77	if (server_host_public == NULL)
78	fatal("Unsupported hostkey type %d", kex->hostkey_type);	78	fatal("Unsupported hostkey type %d", kex->hostkey_type);
79	server_host_private = kex->load_host_private_key(kex->hostkey_type);	79	server_host_private = kex->load_host_private_key(kex->hostkey_type);
80	if (server_host_private == NULL)
81	fatal("Missing private key for hostkey type %d",
82	kex->hostkey_type);
83		80
84	/* key, cert */	81	/* key, cert */
85	if ((dh_client_pub = BN_new()) == NULL)	82	if ((dh_client_pub = BN_new()) == NULL)
Lines 141-149 kexdh_server(Kex *kex) Link Here
141	}	138	}
142		139
143	/* sign H */	140	/* sign H */
144	if (PRIVSEP(key_sign(server_host_private, &signature, &slen, hash,	141	kex->sign(server_host_private, server_host_public, &signature, &slen,
145	hashlen)) < 0)	142	hash, hashlen);
146	fatal("kexdh_server: key_sign failed");
147		143
148	/* destroy_sensitive_data(); */	144	/* destroy_sensitive_data(); */
149		145

Lines 74-82 kexecdh_server(Kex *kex) Link Here

(-)kexecdhs.c (-6 / +2 lines)
74	if (server_host_public == NULL)	74	if (server_host_public == NULL)
75	fatal("Unsupported hostkey type %d", kex->hostkey_type);	75	fatal("Unsupported hostkey type %d", kex->hostkey_type);
76	server_host_private = kex->load_host_private_key(kex->hostkey_type);	76	server_host_private = kex->load_host_private_key(kex->hostkey_type);
77	if (server_host_private == NULL)
78	fatal("Missing private key for hostkey type %d",
79	kex->hostkey_type);
80		77
81	debug("expecting SSH2_MSG_KEX_ECDH_INIT");	78	debug("expecting SSH2_MSG_KEX_ECDH_INIT");
82	packet_read_expect(SSH2_MSG_KEX_ECDH_INIT);	79	packet_read_expect(SSH2_MSG_KEX_ECDH_INIT);
Lines 135-143 kexecdh_server(Kex *kex) Link Here
135	}	132	}
136		133
137	/* sign H */	134	/* sign H */
138	if (PRIVSEP(key_sign(server_host_private, &signature, &slen,	135	kex->sign(server_host_private, server_host_public, &signature, &slen,
139	hash, hashlen)) < 0)	136	hash, hashlen);
140	fatal("kexdh_server: key_sign failed");
141		137
142	/* destroy_sensitive_data(); */	138	/* destroy_sensitive_data(); */
143		139

Lines 65-74 kexgex_server(Kex *kex) Link Here

(-)kexgexs.c (-7 / +2 lines)
65	if (server_host_public == NULL)	65	if (server_host_public == NULL)
66	fatal("Unsupported hostkey type %d", kex->hostkey_type);	66	fatal("Unsupported hostkey type %d", kex->hostkey_type);
67	server_host_private = kex->load_host_private_key(kex->hostkey_type);	67	server_host_private = kex->load_host_private_key(kex->hostkey_type);
68	if (server_host_private == NULL)
69	fatal("Missing private key for hostkey type %d",
70	kex->hostkey_type);
71
72		68
73	type = packet_read();	69	type = packet_read();
74	switch (type) {	70	switch (type) {
Lines 184-192 kexgex_server(Kex *kex) Link Here
184	}	180	}
185		181
186	/* sign H */	182	/* sign H */
187	if (PRIVSEP(key_sign(server_host_private, &signature, &slen, hash,	183	kex->sign(server_host_private, server_host_public, &signature, &slen,
188	hashlen)) < 0)	184	hash, hashlen);
189	fatal("kexgex_server: key_sign failed");
190		185
191	/* destroy_sensitive_data(); */	186	/* destroy_sensitive_data(); */
192		187