1/* 2 * Copyright 2004 Sun Microsystems, Inc. All rights reserved. 3 * Use is subject to license terms. 4 */ 5/* 6 * Copyright (c) 2002 Markus Friedl. All rights reserved. 7 * 8 * Redistribution and use in source and binary forms, with or without 9 * modification, are permitted provided that the following conditions 10 * are met: 11 * 1. Redistributions of source code must retain the above copyright 12 * notice, this list of conditions and the following disclaimer. 13 * 2. Redistributions in binary form must reproduce the above copyright 14 * notice, this list of conditions and the following disclaimer in the 15 * documentation and/or other materials provided with the distribution. 16 * 17 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR 18 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 19 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 20 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, 21 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 22 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 23 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 24 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 25 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 26 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 27 */ 28#include "includes.h" 29RCSID("$OpenBSD: ssh-keysign.c,v 1.7 2002/07/03 14:21:05 markus Exp $"); 30 31#pragma ident "%Z%%M% %I% %E% SMI" 32 33#include <unistd.h> 34 35#include <openssl/evp.h> 36#include <openssl/rand.h> 37#include <openssl/rsa.h> 38 39#include "log.h" 40#include "key.h" 41#include "ssh.h" 42#include "ssh2.h" 43#include "misc.h" 44#include "xmalloc.h" 45#include "buffer.h" 46#include "bufaux.h" 47#include "authfile.h" 48#include "msg.h" 49#include "canohost.h" 50#include "pathnames.h" 51#include "readconf.h" 52 53uid_t original_real_uid; /* XXX readconf.c needs this */ 54 55#ifdef HAVE___PROGNAME 56extern char *__progname; 57#else 58#ifndef lint 59char *__progname; 60#endif /* lint */ 61#endif 62 63static int 64valid_request(struct passwd *pw, char *host, Key **ret, u_char *data, 65 u_int datalen) 66{ 67 Buffer b; 68 Key *key; 69 u_char *pkblob; 70 u_int blen, len; 71 char *pkalg, *p; 72 int pktype, fail; 73 74 fail = 0; 75 76 buffer_init(&b); 77 buffer_append(&b, data, datalen); 78 79 /* session id, currently limited to SHA1 (20 bytes) */ 80 p = buffer_get_string(&b, &len); 81 if (len != 20) 82 fail++; 83 xfree(p); 84 85 if (buffer_get_char(&b) != SSH2_MSG_USERAUTH_REQUEST) 86 fail++; 87 88 /* server user */ 89 buffer_skip_string(&b); 90 91 /* service */ 92 p = buffer_get_string(&b, NULL); 93 if (strcmp("ssh-connection", p) != 0) 94 fail++; 95 xfree(p); 96 97 /* method */ 98 p = buffer_get_string(&b, NULL); 99 if (strcmp("hostbased", p) != 0) 100 fail++; 101 xfree(p); 102 103 /* pubkey */ 104 pkalg = buffer_get_string(&b, NULL); 105 pkblob = buffer_get_string(&b, &blen); 106 107 pktype = key_type_from_name(pkalg); 108 if (pktype == KEY_UNSPEC) 109 fail++; 110 else if ((key = key_from_blob(pkblob, blen)) == NULL) 111 fail++; 112 else if (key->type != pktype) 113 fail++; 114 xfree(pkalg); 115 xfree(pkblob); 116 117 /* client host name, handle trailing dot */ 118 p = buffer_get_string(&b, &len); 119 debug2("valid_request: check expect chost %s got %s", host, p); 120 if (strlen(host) != len - 1) 121 fail++; 122 else if (p[len - 1] != '.') 123 fail++; 124 else if (strncasecmp(host, p, len - 1) != 0) 125 fail++; 126 xfree(p); 127 128 /* local user */ 129 p = buffer_get_string(&b, NULL); 130 131 if (strcmp(pw->pw_name, p) != 0) 132 fail++; 133 xfree(p); 134 135 /* end of message */ 136 if (buffer_len(&b) != 0) 137 fail++; 138 139 debug3("valid_request: fail %d", fail); 140 141 if (fail && key != NULL) 142 key_free(key); 143 else 144 *ret = key; 145 146 return (fail ? -1 : 0); 147} 148 149int 150main(int argc, char **argv) 151{ 152 Buffer b; 153 Options options; 154 Key *keys[2], *key; 155 struct passwd *pw; 156 int key_fd[2], i, found, version = 2, fd; 157 u_char *signature, *data; 158 char *host; 159 u_int slen, dlen; 160 u_int32_t rnd[256]; 161 162 /* 163 * Since these two open()s are all that's done here before 164 * dropping privileges with setreuid(), and since having been 165 * privileged protects ssh-keysign from core dumps and tracing, 166 * there's no need to use Least Privilege interfaces like 167 * setppriv(2). 168 */ 169 key_fd[0] = open(_PATH_HOST_RSA_KEY_FILE, O_RDONLY); 170 key_fd[1] = open(_PATH_HOST_DSA_KEY_FILE, O_RDONLY); 171 172 (void) setreuid(getuid(), getuid()); 173 174 (void) g11n_setlocale(LC_ALL, ""); 175 176 init_rng(); 177 seed_rng(); 178 arc4random_stir(); 179 180#ifdef DEBUG_SSH_KEYSIGN 181 log_init("ssh-keysign", SYSLOG_LEVEL_DEBUG3, SYSLOG_FACILITY_AUTH, 0); 182#endif 183 184 /* verify that ssh-keysign is enabled by the admin */ 185 original_real_uid = getuid(); /* XXX readconf.c needs this */ 186 initialize_options(&options); 187 (void)read_config_file(_PATH_HOST_CONFIG_FILE, "", &options); 188 fill_default_options(&options); 189 if (options.hostbased_authentication != 1) 190 fatal("Hostbased authentication not enabled in %s", 191 _PATH_HOST_CONFIG_FILE); 192 193 if (key_fd[0] == -1 && key_fd[1] == -1) 194 fatal("could not open any host key"); 195 196 if ((pw = getpwuid(getuid())) == NULL) 197 fatal("getpwuid failed"); 198 pw = pwcopy(pw); 199 200 SSLeay_add_all_algorithms(); 201 for (i = 0; i < 256; i++) 202 rnd[i] = arc4random(); 203 RAND_seed(rnd, sizeof(rnd)); 204 205 found = 0; 206 for (i = 0; i < 2; i++) { 207 keys[i] = NULL; 208 if (key_fd[i] == -1) 209 continue; 210 keys[i] = key_load_private_pem(key_fd[i], KEY_UNSPEC, 211 NULL, NULL); 212 (void) close(key_fd[i]); 213 if (keys[i] != NULL && keys[i]->type == KEY_RSA) { 214 if (RSA_blinding_on(keys[i]->rsa, NULL) != 1) { 215 error("RSA_blinding_on failed"); 216 key_free(keys[i]); 217 keys[i] = NULL; 218 } 219 } 220 if (keys[i] != NULL) 221 found = 1; 222 } 223 if (!found) 224 fatal("no hostkey found"); 225 226 buffer_init(&b); 227 if (ssh_msg_recv(STDIN_FILENO, &b) < 0) 228 fatal("ssh_msg_recv failed"); 229 if (buffer_get_char(&b) != version) 230 fatal("bad version"); 231 fd = buffer_get_int(&b); 232 if ((fd == STDIN_FILENO) || (fd == STDOUT_FILENO)) 233 fatal("bad fd"); 234 if ((host = get_local_name(fd)) == NULL) 235 fatal("cannot get sockname for fd"); 236 237 data = buffer_get_string(&b, &dlen); 238 if (valid_request(pw, host, &key, data, dlen) < 0) 239 fatal("not a valid request"); 240 xfree(host); 241 242 found = 0; 243 for (i = 0; i < 2; i++) { 244 if (keys[i] != NULL && 245 key_equal(key, keys[i])) { 246 found = 1; 247 break; 248 } 249 } 250 if (!found) 251 fatal("no matching hostkey found"); 252 253 if (key_sign(keys[i], &signature, &slen, data, dlen) != 0) 254 fatal("key_sign failed"); 255 xfree(data); 256 257 /* send reply */ 258 buffer_clear(&b); 259 buffer_put_string(&b, signature, slen); 260 ssh_msg_send(STDOUT_FILENO, version, &b); 261 262 return (0); 263} 264