Attachment #3367 for bug #3132

View | Details | Raw Unified | Return to bug 3132
Collapse All | Expand All




#include "log.h"
#include "digest.h"
#include "bitmap.h"
#include "utf8.h"

#include "krl.h"


		errno = oerrno;
	return r;
}

int
krl_dump(struct ssh_krl *krl, FILE *f)
{
	struct sshkey *key = NULL;
	struct revoked_blob *rb;
	struct revoked_certs *rc;
	struct revoked_serial *rs;
	struct revoked_key_id *rki;
	int r, ret = 0;
	char *fp, timestamp[64];

	/* Try to print in a KRL spec-compatible format */
	format_timestamp(krl->generated_date, timestamp, sizeof(timestamp));
	fprintf(f, "# KRL version %lld\n", krl->krl_version);
	fprintf(f, "# Generated at %s\n", timestamp);
	if (krl->comment != NULL && *krl->comment != '\0') {
		r = INT_MAX;
		asmprintf(&fp, INT_MAX, &r, "%s", krl->comment);
		fprintf(f, "# Comment: %s\n", fp);
		free(fp);
	}
	fputc('\n', f);

	RB_FOREACH(rb, revoked_blob_tree, &krl->revoked_keys) {
		if ((r = sshkey_from_blob(rb->blob, rb->len, &key)) != 0) {
			ret = SSH_ERR_INVALID_FORMAT;
			error("Parse key in KRL: %s", ssh_err(r));
			continue;
		}
		if ((fp = sshkey_fingerprint(key, SSH_FP_HASH_DEFAULT,
		    SSH_FP_DEFAULT)) == NULL) {
			ret = SSH_ERR_INVALID_FORMAT;
			error("sshkey_fingerprint failed");
			continue;
		}
		fprintf(f, "hash: SHA256:%s # %s\n", fp, sshkey_ssh_name(key));
		free(fp);
		free(key);
	}
	RB_FOREACH(rb, revoked_blob_tree, &krl->revoked_sha256s) {
		fp = tohex(rb->blob, rb->len);
		fprintf(f, "hash: SHA256:%s\n", fp);
		free(fp);
	}
	RB_FOREACH(rb, revoked_blob_tree, &krl->revoked_sha1s) {
		/*
		 * There is not KRL spec keyword for raw SHA1 hashes, so
		 * print them as comments.
		 */
		fp = tohex(rb->blob, rb->len);
		fprintf(f, "# hash SHA1:%s\n", fp);
		free(fp);
	}

	TAILQ_FOREACH(rc, &krl->revoked_certs, entry) {
		fputc('\n', f);
		if (rc->ca_key == NULL)
			fprintf(f, "# Wildcard CA\n");
		else {
			if ((fp = sshkey_fingerprint(rc->ca_key,
			    SSH_FP_HASH_DEFAULT, SSH_FP_DEFAULT)) == NULL) {
				ret = SSH_ERR_INVALID_FORMAT;
				error("sshkey_fingerprint failed");
				continue;
			}
			fprintf(f, "# CA key %s %s\n",
			    sshkey_ssh_name(rc->ca_key), fp);
			free(fp);
		}
		RB_FOREACH(rs, revoked_serial_tree, &rc->revoked_serials) {
			if (rs->lo == rs->hi)
				fprintf(f, "serial: %lld\n", rs->lo);
			else {
				fprintf(f, "serial: %lld-%lld\n",
				    rs->lo, rs->hi);
			}
		}
		RB_FOREACH(rki, revoked_key_id_tree, &rc->revoked_key_ids) {
			/*
			 * We don't want key IDs with embedded newlines to
			 * mess up the display.
			 */
			r = INT_MAX;
			asmprintf(&fp, INT_MAX, &r, "%s", rki->key_id);
			fprintf(f, "id: %s\n", fp);
			free(fp);
		}
	}
	return ret;
}

Lines 61-66 int ssh_krl_from_blob(struct sshbuf buf, struct ssh_krl *krlp, Link Here

(-)a/krl.h (+1 lines)
61	const struct sshkey **sign_ca_keys, size_t nsign_ca_keys);	61	const struct sshkey **sign_ca_keys, size_t nsign_ca_keys);
62	int ssh_krl_check_key(struct ssh_krl krl, const struct sshkey key);	62	int ssh_krl_check_key(struct ssh_krl krl, const struct sshkey key);
63	int ssh_krl_file_contains_key(const char path, const struct sshkey key);	63	int ssh_krl_file_contains_key(const char path, const struct sshkey key);
		64	int krl_dump(struct ssh_krl krl, FILE f);
64		65
65	#endif /* _KRL_H */	66	#endif /* _KRL_H */
66		67

Lines 3-9 Link Here

(-)a/ssh-add/Makefile (-1 / +1 lines)
3	.PATH: ${.CURDIR}/..	3	.PATH: ${.CURDIR}/..
4		4
5	SRCS= ssh-add.c	5	SRCS= ssh-add.c
6	SRCS+= authfd.c cleanup.c fatal.c readpass.c	6	SRCS+= authfd.c cleanup.c fatal.c readpass.c utf8.c
7	SRCS+= ${SRCS_BASE} ${SRCS_KEY} ${SRCS_KEYP} ${SRCS_KRL} ${SRCS_UTL}	7	SRCS+= ${SRCS_BASE} ${SRCS_KEY} ${SRCS_KEYP} ${SRCS_KRL} ${SRCS_UTL}
8	SRCS+= ${SRCS_SK_CLIENT}	8	SRCS+= ${SRCS_SK_CLIENT}
9		9

Lines 3-9 Link Here

(-)a/ssh-agent/Makefile (-1 / +1 lines)
3	.PATH: ${.CURDIR}/..	3	.PATH: ${.CURDIR}/..
4		4
5	SRCS= ssh-agent.c ${SRCS_PKCS11_CLIENT}	5	SRCS= ssh-agent.c ${SRCS_PKCS11_CLIENT}
6	SRCS+= compat.c fatal.c readpass.c	6	SRCS+= compat.c fatal.c readpass.c utf8.c
7	SRCS+= ${SRCS_BASE} ${SRCS_KEY} ${SRCS_KEYP} ${SRCS_KRL} ${SRCS_UTL}	7	SRCS+= ${SRCS_BASE} ${SRCS_KEY} ${SRCS_KEYP} ${SRCS_KRL} ${SRCS_UTL}
8	SRCS+= ${SRCS_SK_CLIENT}	8	SRCS+= ${SRCS_SK_CLIENT}
9		9

Lines 135-140 Link Here

(-)a/ssh-keygen.1 (+4 lines)
135	.Ar	135	.Ar
136	.Nm ssh-keygen	136	.Nm ssh-keygen
137	.Fl Q	137	.Fl Q
		138	.Op Fl l
138	.Fl f Ar krl_file	139	.Fl f Ar krl_file
139	.Ar	140	.Ar
140	.Nm ssh-keygen	141	.Nm ssh-keygen
Lines 521-526 containing the private key, for the old passphrase, and twice for the Link Here
521	new passphrase.	522	new passphrase.
522	.It Fl Q	523	.It Fl Q
523	Test whether keys have been revoked in a KRL.	524	Test whether keys have been revoked in a KRL.
		525	If the
		526	.Fl l
		527	option is also specified then the contents of the KRL will be printed.
524	.It Fl q	528	.It Fl q
525	Silence	529	Silence
526	.Nm ssh-keygen .	530	.Nm ssh-keygen .

Lines 2417-2423 do_gen_krl(struct passwd pw, int updating, const char ca_key_path, Link Here

(-)a/ssh-keygen.c (-3 / +5 lines)
2417	}	2417	}
2418		2418
2419	static void	2419	static void
2420	do_check_krl(struct passwd pw, int argc, char *argv)	2420	do_check_krl(struct passwd pw, int print_krl, int argc, char *argv)
2421	{	2421	{
2422	int i, r, ret = 0;	2422	int i, r, ret = 0;
2423	char *comment;	2423	char *comment;
Lines 2427-2432 do_check_krl(struct passwd pw, int argc, char *argv) Link Here
2427	if (*identity_file == '\0')	2427	if (*identity_file == '\0')
2428	fatal("KRL checking requires an input file");	2428	fatal("KRL checking requires an input file");
2429	load_krl(identity_file, &krl);	2429	load_krl(identity_file, &krl);
		2430	if (print_krl)
		2431	krl_dump(krl, stdout);
2430	for (i = 0; i < argc; i++) {	2432	for (i = 0; i < argc; i++) {
2431	if ((r = sshkey_load_public(argv[i], &k, &comment)) != 0)	2433	if ((r = sshkey_load_public(argv[i], &k, &comment)) != 0)
2432	fatal("Cannot load public key %s: %s",	2434	fatal("Cannot load public key %s: %s",
Lines 3064-3070 usage(void) Link Here
3064	" ssh-keygen -A [-f prefix_path]\n"	3066	" ssh-keygen -A [-f prefix_path]\n"
3065	" ssh-keygen -k -f krl_file [-u] [-s ca_public] [-z version_number]\n"	3067	" ssh-keygen -k -f krl_file [-u] [-s ca_public] [-z version_number]\n"
3066	" file ...\n"	3068	" file ...\n"
3067	" ssh-keygen -Q -f krl_file file ...\n"	3069	" ssh-keygen -Q [-l] -f krl_file [file ...]\n"
3068	" ssh-keygen -Y find-principals -s signature_file -f allowed_signers_file\n"	3070	" ssh-keygen -Y find-principals -s signature_file -f allowed_signers_file\n"
3069	" ssh-keygen -Y check-novalidate -n namespace -s signature_file\n"	3071	" ssh-keygen -Y check-novalidate -n namespace -s signature_file\n"
3070	" ssh-keygen -Y sign -f key_file -n namespace file ...\n"	3072	" ssh-keygen -Y sign -f key_file -n namespace file ...\n"
Lines 3416-3422 main(int argc, char **argv) Link Here
3416	return (0);	3418	return (0);
3417	}	3419	}
3418	if (check_krl) {	3420	if (check_krl) {
3419	do_check_krl(pw, argc, argv);	3421	do_check_krl(pw, print_fingerprint, argc, argv);
3420	return (0);	3422	return (0);
3421	}	3423	}
3422	if (ca_key_path != NULL) {	3424	if (ca_key_path != NULL) {

Lines 4-10 Link Here

(-)a/ssh-keysign/Makefile (-1 / +1 lines)
4		4
5	SRCS= ssh-keysign.c readconf.c compat.c	5	SRCS= ssh-keysign.c readconf.c compat.c
6	SRCS+= cleanup.c fatal.c	6	SRCS+= cleanup.c fatal.c
7	SRCS+= uidswap.c	7	SRCS+= uidswap.c utf8.c
8	SRCS+= ${SRCS_BASE} ${SRCS_KEY} ${SRCS_KEYP} ${SRCS_KRL} ${SRCS_PKT} \	8	SRCS+= ${SRCS_BASE} ${SRCS_KEY} ${SRCS_KEYP} ${SRCS_KRL} ${SRCS_PKT} \
9	${SRCS_UTL} ${SRCS_SK_CLIENT}	9	${SRCS_UTL} ${SRCS_SK_CLIENT}
10	PROG= ssh-keysign	10	PROG= ssh-keysign




	return ret;
}

int
asmprintf(char **outp, size_t sz, int *wp, const char *fmt, ...)
{
	va_list	 ap;
	int	 ret;

	*outp = NULL;
	va_start(ap, fmt);
	ret = vasnmprintf(outp, sz, wp, fmt, ap);
	va_end(ap);

	return ret;
}

/*
 * To stay close to the standard interfaces, the following functions
 * return the number of non-NUL bytes written.

Lines 22-24 int fmprintf(FILE , const char , ...) Link Here

(-)a/utf8.h (-1 / +3 lines)
22	int vfmprintf(FILE , const char , va_list);	22	int vfmprintf(FILE , const char , va_list);
23	int snmprintf(char , size_t, int , const char *, ...)	23	int snmprintf(char , size_t, int , const char *, ...)
24	__attribute__((format(printf, 4, 5)));	24	__attribute__((format(printf, 4, 5)));
25	-	25	int asmprintf(char *, size_t, int , const char *, ...)
		26	__attribute__((format(printf, 4, 5)));
		27

Return to bug 3132

Lines 36-41 Link Here

(-)a/krl.c (+92 lines)
36	#include "log.h"	36	#include "log.h"
37	#include "digest.h"	37	#include "digest.h"
38	#include "bitmap.h"	38	#include "bitmap.h"
		39	#include "utf8.h"
39		40
40	#include "krl.h"	41	#include "krl.h"
41		42
Lines 1353-1355 ssh_krl_file_contains_key(const char path, const struct sshkey key) Link Here
1353	errno = oerrno;	1354	errno = oerrno;
1354	return r;	1355	return r;
1355	}	1356	}
		1357
		1358	int
		1359	krl_dump(struct ssh_krl krl, FILE f)
		1360	{
		1361	struct sshkey *key = NULL;
		1362	struct revoked_blob *rb;
		1363	struct revoked_certs *rc;
		1364	struct revoked_serial *rs;
		1365	struct revoked_key_id *rki;
		1366	int r, ret = 0;
		1367	char *fp, timestamp[64];
		1368
		1369	/* Try to print in a KRL spec-compatible format */
		1370	format_timestamp(krl->generated_date, timestamp, sizeof(timestamp));
		1371	fprintf(f, "# KRL version %lld\n", krl->krl_version);
		1372	fprintf(f, "# Generated at %s\n", timestamp);
		1373	if (krl->comment != NULL && *krl->comment != '\0') {
		1374	r = INT_MAX;
		1375	asmprintf(&fp, INT_MAX, &r, "%s", krl->comment);
		1376	fprintf(f, "# Comment: %s\n", fp);
		1377	free(fp);
		1378	}
		1379	fputc('\n', f);
		1380
		1381	RB_FOREACH(rb, revoked_blob_tree, &krl->revoked_keys) {
		1382	if ((r = sshkey_from_blob(rb->blob, rb->len, &key)) != 0) {
		1383	ret = SSH_ERR_INVALID_FORMAT;
		1384	error("Parse key in KRL: %s", ssh_err(r));
		1385	continue;
		1386	}
		1387	if ((fp = sshkey_fingerprint(key, SSH_FP_HASH_DEFAULT,
		1388	SSH_FP_DEFAULT)) == NULL) {
		1389	ret = SSH_ERR_INVALID_FORMAT;
		1390	error("sshkey_fingerprint failed");
		1391	continue;
		1392	}
		1393	fprintf(f, "hash: SHA256:%s # %s\n", fp, sshkey_ssh_name(key));
		1394	free(fp);
		1395	free(key);
		1396	}
		1397	RB_FOREACH(rb, revoked_blob_tree, &krl->revoked_sha256s) {
		1398	fp = tohex(rb->blob, rb->len);
		1399	fprintf(f, "hash: SHA256:%s\n", fp);
		1400	free(fp);
		1401	}
		1402	RB_FOREACH(rb, revoked_blob_tree, &krl->revoked_sha1s) {
		1403	/*
		1404	* There is not KRL spec keyword for raw SHA1 hashes, so
		1405	* print them as comments.
		1406	*/
		1407	fp = tohex(rb->blob, rb->len);
		1408	fprintf(f, "# hash SHA1:%s\n", fp);
		1409	free(fp);
		1410	}
		1411
		1412	TAILQ_FOREACH(rc, &krl->revoked_certs, entry) {
		1413	fputc('\n', f);
		1414	if (rc->ca_key == NULL)
		1415	fprintf(f, "# Wildcard CA\n");
		1416	else {
		1417	if ((fp = sshkey_fingerprint(rc->ca_key,
		1418	SSH_FP_HASH_DEFAULT, SSH_FP_DEFAULT)) == NULL) {
		1419	ret = SSH_ERR_INVALID_FORMAT;
		1420	error("sshkey_fingerprint failed");
1421	continue;
1422	}
1423	fprintf(f, "# CA key %s %s\n",
1424	sshkey_ssh_name(rc->ca_key), fp);
1425	free(fp);
1426	}
1427	RB_FOREACH(rs, revoked_serial_tree, &rc->revoked_serials) {
1428	if (rs->lo == rs->hi)
1429	fprintf(f, "serial: %lld\n", rs->lo);
1430	else {
1431	fprintf(f, "serial: %lld-%lld\n",
1432	rs->lo, rs->hi);
1433	}
1434	}
1435	RB_FOREACH(rki, revoked_key_id_tree, &rc->revoked_key_ids) {
1436	/*
1437	* We don't want key IDs with embedded newlines to
1438	* mess up the display.
1439	*/
1440	r = INT_MAX;
1441	asmprintf(&fp, INT_MAX, &r, "%s", rki->key_id);
1442	fprintf(f, "id: %s\n", fp);
1443	free(fp);
1444	}
1445	}
1446	return ret;
1447	}

Lines 246-251 snmprintf(char str, size_t sz, int wp, const char *fmt, ...) Link Here

(-)a/utf8.c (+14 lines)
246	return ret;	246	return ret;
247	}	247	}
248		248
		249	int
		250	asmprintf(char *outp, size_t sz, int wp, const char *fmt, ...)
		251	{
		252	va_list ap;
		253	int ret;
		254
		255	*outp = NULL;
		256	va_start(ap, fmt);
		257	ret = vasnmprintf(outp, sz, wp, fmt, ap);
		258	va_end(ap);
		259
		260	return ret;
		261	}
		262
249	/*	263	/*
250	* To stay close to the standard interfaces, the following functions	264	* To stay close to the standard interfaces, the following functions
251	* return the number of non-NUL bytes written.	265	* return the number of non-NUL bytes written.