зеркало из https://github.com/Azure/sonic-openssh.git
upstream: kerberos/gssapi fixes for buffer removal
OpenBSD-Commit-ID: 1cdf56fec95801e4563c47f21696f04cd8b60c4c
This commit is contained in:
djm@openbsd.org
Damien Miller
Родитель
c74ae8e7c4
Коммит
0f3958c1e6
17
auth2-gss.c
17
auth2-gss.c
|
|
@ -1,4 +1,4 @@
|
|||
/* $OpenBSD: auth2-gss.c,v 1.27 2018/07/09 21:37:55 markus Exp $ */
|
||||
/* $OpenBSD: auth2-gss.c,v 1.28 2018/07/10 09:13:30 djm Exp $ */
|
||||
|
||||
/*
|
||||
* Copyright (c) 2001-2003 Simon Wilkinson. All rights reserved.
|
||||
|
|
@ -204,15 +204,18 @@ input_gssapi_errtok(int type, u_int32_t plen, struct ssh *ssh)
|
|||
gss_buffer_desc recv_tok;
|
||||
OM_uint32 maj_status;
|
||||
int r;
|
||||
u_char *p;
|
||||
size_t len;
|
||||
|
||||
if (authctxt == NULL || (authctxt->methoddata == NULL && !use_privsep))
|
||||
fatal("No authentication or GSSAPI context");
|
||||
|
||||
gssctxt = authctxt->methoddata;
|
||||
if ((r = sshpkt_get_string(ssh,
|
||||
&recv_tok.value, &recv_tok.length)) != 0 ||
|
||||
if ((r = sshpkt_get_string(ssh, &p, &len)) != 0 ||
|
||||
(r = sshpkt_get_end(ssh)) != 0)
|
||||
fatal("%s: %s", __func__, ssh_err(r));
|
||||
recv_tok.value = p;
|
||||
recv_tok.length = len;
|
||||
|
||||
/* Push the error token into GSSAPI to see what it says */
|
||||
maj_status = PRIVSEP(ssh_gssapi_accept_ctx(gssctxt, &recv_tok,
|
||||
|
|
@ -240,7 +243,7 @@ static int
|
|||
input_gssapi_exchange_complete(int type, u_int32_t plen, struct ssh *ssh)
|
||||
{
|
||||
Authctxt *authctxt = ssh->authctxt;
|
||||
int authenticated;
|
||||
int r, authenticated;
|
||||
const char *displayname;
|
||||
|
||||
if (authctxt == NULL || (authctxt->methoddata == NULL && !use_privsep))
|
||||
|
|
@ -278,16 +281,20 @@ input_gssapi_mic(int type, u_int32_t plen, struct ssh *ssh)
|
|||
struct sshbuf *b;
|
||||
gss_buffer_desc mic, gssbuf;
|
||||
const char *displayname;
|
||||
u_char *p;
|
||||
size_t len;
|
||||
|
||||
if (authctxt == NULL || (authctxt->methoddata == NULL && !use_privsep))
|
||||
fatal("No authentication or GSSAPI context");
|
||||
|
||||
gssctxt = authctxt->methoddata;
|
||||
|
||||
if ((r = sshpkt_get_string(ssh, &mic.value, &mic.length)) != 0)
|
||||
if ((r = sshpkt_get_string(ssh, &p, &len)) != 0)
|
||||
fatal("%s: %s", __func__, ssh_err(r));
|
||||
if ((b = sshbuf_new()) == NULL)
|
||||
fatal("%s: sshbuf_new failed", __func__);
|
||||
mic.value = p;
|
||||
mic.length = len;
|
||||
ssh_gssapi_buildmic(b, authctxt->user, authctxt->service,
|
||||
"gssapi-with-mic");
|
||||
|
||||
|
|
|
|||
17
gss-genr.c
17
gss-genr.c
|
|
@ -1,4 +1,4 @@
|
|||
/* $OpenBSD: gss-genr.c,v 1.25 2018/07/09 21:37:55 markus Exp $ */
|
||||
/* $OpenBSD: gss-genr.c,v 1.26 2018/07/10 09:13:30 djm Exp $ */
|
||||
|
||||
/*
|
||||
* Copyright (c) 2001-2007 Simon Wilkinson. All rights reserved.
|
||||
|
|
@ -47,6 +47,21 @@
|
|||
extern u_char *session_id2;
|
||||
extern u_int session_id2_len;
|
||||
|
||||
/* sshbuf_get for gss_buffer_desc */
|
||||
int
|
||||
ssh_gssapi_get_buffer_desc(struct sshbuf *b, gss_buffer_desc *g)
|
||||
{
|
||||
int r;
|
||||
u_char *p;
|
||||
size_t len;
|
||||
|
||||
if ((r = sshbuf_get_string(b, &p, &len)) != 0)
|
||||
return r;
|
||||
g->value = p;
|
||||
g->length = len;
|
||||
return 0;
|
||||
}
|
||||
|
||||
/* Check that the OID in a data stream matches that in the context */
|
||||
int
|
||||
ssh_gssapi_check_oid(Gssctxt *ctx, void *data, size_t len)
|
||||
|
|
|
|||
15
monitor.c
15
monitor.c
|
|
@ -1,4 +1,4 @@
|
|||
/* $OpenBSD: monitor.c,v 1.183 2018/07/09 21:53:45 markus Exp $ */
|
||||
/* $OpenBSD: monitor.c,v 1.184 2018/07/10 09:13:30 djm Exp $ */
|
||||
/*
|
||||
* Copyright 2002 Niels Provos <provos@citi.umich.edu>
|
||||
* Copyright 2002 Markus Friedl <markus@openbsd.org>
|
||||
|
|
@ -1795,13 +1795,15 @@ mm_answer_gss_setup_ctx(int sock, struct sshbuf *m)
|
|||
gss_OID_desc goid;
|
||||
OM_uint32 major;
|
||||
size_t len;
|
||||
u_char *p;
|
||||
int r;
|
||||
|
||||
if (!options.gss_authentication)
|
||||
fatal("%s: GSSAPI authentication not enabled", __func__);
|
||||
|
||||
if ((r = sshbuf_get_string(m, &goid.elements, &len)) != 0)
|
||||
if ((r = sshbuf_get_string(m, &p, &len)) != 0)
|
||||
fatal("%s: buffer error: %s", __func__, ssh_err(r));
|
||||
goid.elements = p;
|
||||
goid.length = len;
|
||||
|
||||
major = ssh_gssapi_server_ctx(&gsscontext, &goid);
|
||||
|
|
@ -1832,7 +1834,7 @@ mm_answer_gss_accept_ctx(int sock, struct sshbuf *m)
|
|||
if (!options.gss_authentication)
|
||||
fatal("%s: GSSAPI authentication not enabled", __func__);
|
||||
|
||||
if ((r = sshbuf_get_string(m, &in.value, &in.length)) != 0)
|
||||
if ((r = ssh_gssapi_get_buffer_desc(m, &in)) != 0)
|
||||
fatal("%s: buffer error: %s", __func__, ssh_err(r));
|
||||
major = ssh_gssapi_accept_ctx(gsscontext, &in, &out, &flags);
|
||||
free(in.value);
|
||||
|
|
@ -1859,12 +1861,13 @@ mm_answer_gss_checkmic(int sock, struct sshbuf *m)
|
|||
{
|
||||
gss_buffer_desc gssbuf, mic;
|
||||
OM_uint32 ret;
|
||||
int r;
|
||||
|
||||
if (!options.gss_authentication)
|
||||
fatal("%s: GSSAPI authentication not enabled", __func__);
|
||||
|
||||
if ((r = sshbuf_get_string(m, &gssbuf.value, &gssbuf.length)) != 0 ||
|
||||
(r = sshbuf_get_string(m, &mic.value, &mic.length)) != 0)
|
||||
if ((r = ssh_gssapi_get_buffer_desc(m, &gssbuf)) != 0 ||
|
||||
(r = ssh_gssapi_get_buffer_desc(m, &mic)) != 0)
|
||||
fatal("%s: buffer error: %s", __func__, ssh_err(r));
|
||||
|
||||
ret = ssh_gssapi_checkmic(gsscontext, &gssbuf, &mic);
|
||||
|
|
@ -1887,7 +1890,7 @@ mm_answer_gss_checkmic(int sock, struct sshbuf *m)
|
|||
int
|
||||
mm_answer_gss_userok(int sock, struct sshbuf *m)
|
||||
{
|
||||
int authenticated;
|
||||
int r, authenticated;
|
||||
const char *displayname;
|
||||
|
||||
if (!options.gss_authentication)
|
||||
|
|
|
|||
|
|
@ -1,4 +1,4 @@
|
|||
/* $OpenBSD: monitor_wrap.c,v 1.103 2018/07/09 21:53:45 markus Exp $ */
|
||||
/* $OpenBSD: monitor_wrap.c,v 1.104 2018/07/10 09:13:30 djm Exp $ */
|
||||
/*
|
||||
* Copyright 2002 Niels Provos <provos@citi.umich.edu>
|
||||
* Copyright 2002 Markus Friedl <markus@openbsd.org>
|
||||
|
|
@ -989,7 +989,7 @@ mm_ssh_gssapi_accept_ctx(Gssctxt *ctx, gss_buffer_desc *in,
|
|||
mm_request_receive_expect(pmonitor->m_recvfd, MONITOR_ANS_GSSSTEP, m);
|
||||
|
||||
if ((r = sshbuf_get_u32(m, &major)) != 0 ||
|
||||
(r = sshbuf_get_string(m, &out->value, &out->length)) != 0)
|
||||
(r = ssh_gssapi_get_buffer_desc(m, out)) != 0)
|
||||
fatal("%s: buffer error: %s", __func__, ssh_err(r));
|
||||
if (flagsp != NULL) {
|
||||
if ((r = sshbuf_get_u32(m, &flags)) != 0)
|
||||
|
|
|
|||
|
|
@ -1,4 +1,4 @@
|
|||
/* $OpenBSD: ssh-gss.h,v 1.13 2018/07/10 06:43:52 djm Exp $ */
|
||||
/* $OpenBSD: ssh-gss.h,v 1.14 2018/07/10 09:13:30 djm Exp $ */
|
||||
/*
|
||||
* Copyright (c) 2001-2003 Simon Wilkinson. All rights reserved.
|
||||
*
|
||||
|
|
@ -107,6 +107,9 @@ ssh_gssapi_mech *ssh_gssapi_get_ctype(Gssctxt *);
|
|||
void ssh_gssapi_prepare_supported_oids(void);
|
||||
OM_uint32 ssh_gssapi_test_oid_supported(OM_uint32 *, gss_OID, int *);
|
||||
|
||||
struct sshbuf;
|
||||
int ssh_gssapi_get_buffer_desc(struct sshbuf *, gss_buffer_desc *);
|
||||
|
||||
OM_uint32 ssh_gssapi_import_name(Gssctxt *, const char *);
|
||||
OM_uint32 ssh_gssapi_init_ctx(Gssctxt *, int,
|
||||
gss_buffer_desc *, gss_buffer_desc *, OM_uint32 *);
|
||||
|
|
|
|||
Загрузка…
Ссылка в новой задаче