/* * Dropbear - a SSH2 server * * Copyright (c) 2002,2003 Matt Johnston * All rights reserved. * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal * in the Software without restriction, including without limitation the rights * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell * copies of the Software, and to permit persons to whom the Software is * furnished to do so, subject to the following conditions: * * The above copyright notice and this permission notice shall be included in * all copies or substantial portions of the Software. * * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE * SOFTWARE. */ /* Process a pubkey auth request */ #include "includes.h" #include "session.h" #include "dbutil.h" #include "buffer.h" #include "signkey.h" #include "auth.h" #include "authpubkey.h" #include "ssh.h" #include "packet.h" #include "algo.h" #ifdef DROPBEAR_PUBKEY_AUTH #define MIN_AUTHKEYS_LINE 10 /* "ssh-rsa AB" - short but doesn't matter */ #define MAX_AUTHKEYS_LINE 1000 /* max length of a line in authkeys */ static int checkpubkey(unsigned char* algo, unsigned int algolen, unsigned char* keyblob, unsigned int keybloblen); static int checkpubkeyperms(); static void send_msg_userauth_pk_ok(unsigned char* algo, unsigned int algolen, unsigned char* keyblob, unsigned int keybloblen); static int checkfileperm(char * filename); static int getauthline(buffer * line, FILE * authfile); /* process a pubkey auth request, sending success or failure message as * appropriate */ void svr_auth_pubkey() { unsigned char testkey; /* whether we're just checking if a key is usable */ unsigned char* algo = NULL; /* pubkey algo */ unsigned int algolen; unsigned char* keyblob; unsigned int keybloblen; buffer * signbuf = NULL; sign_key * key = NULL; char* fp = NULL; int type = -1; TRACE(("enter pubkeyauth")); /* 0 indicates user just wants to check if key can be used, 1 is an * actual attempt*/ testkey = (buf_getbyte(ses.payload) == 0); algo = buf_getstring(ses.payload, &algolen); keybloblen = buf_getint(ses.payload); keyblob = buf_getptr(ses.payload, keybloblen); /* check if the key is valid */ if (checkpubkey(algo, algolen, keyblob, keybloblen) == DROPBEAR_FAILURE) { send_msg_userauth_failure(0, 0); goto out; } /* let them know that the key is ok to use */ if (testkey) { send_msg_userauth_pk_ok(algo, algolen, keyblob, keybloblen); goto out; } /* now we can actually verify the signature */ /* get the key */ key = new_sign_key(); type = DROPBEAR_SIGNKEY_ANY; if (buf_get_pub_key(ses.payload, key, &type) == DROPBEAR_FAILURE) { send_msg_userauth_failure(0, 1); goto out; } /* create the data which has been signed - this a string containing * session_id, concatenated with the payload packet up to the signature */ signbuf = buf_new(ses.payload->pos + 4 + SHA1_HASH_SIZE); buf_putstring(signbuf, ses.session_id, SHA1_HASH_SIZE); buf_putbytes(signbuf, ses.payload->data, ses.payload->pos); buf_setpos(signbuf, 0); /* ... and finally verify the signature */ fp = sign_key_fingerprint(key, type); if (buf_verify(ses.payload, key, buf_getptr(signbuf, signbuf->len), signbuf->len) == DROPBEAR_SUCCESS) { dropbear_log(LOG_NOTICE, "pubkey auth succeeded for '%s' with key %s", ses.authstate.printableuser, fp); send_msg_userauth_success(); } else { dropbear_log(LOG_WARNING, "pubkey auth bad signature for '%s' with key %s", ses.authstate.printableuser, fp); send_msg_userauth_failure(0, 1); } m_free(fp); out: /* cleanup stuff */ if (signbuf) { buf_free(signbuf); } if (algo) { m_free(algo); } if (key) { sign_key_free(key); key = NULL; } TRACE(("leave pubkeyauth")); } /* Reply that the key is valid for auth, this is sent when the user sends * a straight copy of their pubkey to test, to avoid having to perform * expensive signing operations with a worthless key */ static void send_msg_userauth_pk_ok(unsigned char* algo, unsigned int algolen, unsigned char* keyblob, unsigned int keybloblen) { TRACE(("enter send_msg_userauth_pk_ok")); CHECKCLEARTOWRITE(); buf_putbyte(ses.writepayload, SSH_MSG_USERAUTH_PK_OK); buf_putstring(ses.writepayload, algo, algolen); buf_putstring(ses.writepayload, keyblob, keybloblen); encrypt_packet(); TRACE(("leave send_msg_userauth_pk_ok")); } /* Checks whether a specified publickey (and associated algorithm) is an * acceptable key for authentication */ /* Returns DROPBEAR_SUCCESS if key is ok for auth, DROPBEAR_FAILURE otherwise */ static int checkpubkey(unsigned char* algo, unsigned int algolen, unsigned char* keyblob, unsigned int keybloblen) { FILE * authfile = NULL; char * filename = NULL; int ret = DROPBEAR_FAILURE; buffer * line = NULL; buffer * decodekey = NULL; unsigned long decodekeylen; unsigned char* filealgo = NULL; unsigned int filealgolen; unsigned int len, pos; TRACE(("enter checkpubkey")); /* check that we can use the algo */ if (have_algo(algo, algolen, sshhostkey) == DROPBEAR_FAILURE) { dropbear_log(LOG_WARNING, "pubkey auth attempt with unknown algo for '%s'", ses.authstate.printableuser); goto out; } /* check file permissions, also whether file exists */ if (checkpubkeyperms() == DROPBEAR_FAILURE) { TRACE(("bad authorized_keys permissions, or file doesn't exist")); goto out; } /* we don't need to check pw and pw_dir for validity, since * its been done in checkpubkeyperms. */ len = strlen(ses.authstate.pw->pw_dir); /* allocate max required pathname storage, * = path + "/.ssh/authorized_keys" + '\0' = pathlen + 22 */ filename = m_malloc(len + 22); snprintf(filename, len + 22, "%s/.ssh/authorized_keys", ses.authstate.pw->pw_dir); /* open the file */ authfile = fopen(filename, "r"); if (authfile == NULL) { goto out; } TRACE(("checkpubkey: opened authorized_keys OK")); line = buf_new(MAX_AUTHKEYS_LINE); /* iterate through the lines */ do { /* free reused vars */ if (decodekey) { buf_free(decodekey); decodekey = NULL; } m_free(filealgo); if (getauthline(line, authfile) == DROPBEAR_FAILURE) { /* EOF reached */ TRACE(("checkpubkey: authorized_keys EOF reached")); break; } if (line->len < MIN_AUTHKEYS_LINE) { TRACE(("checkpubkey: line too short")); continue; /* line is too short for it to be a valid key */ } /* check the key type - this also stops us from using keys * which have options with them */ if (strncmp(buf_getptr(line, algolen), algo, algolen) != 0) { continue; } buf_incrpos(line, algolen); /* check for space (' ') character */ if (buf_getbyte(line) != ' ') { TRACE(("checkpubkey: space character expected, isn't there")); continue; } /* truncate the line at the space after the base64 data */ pos = line->pos; for (len = 0; line->pos < line->len; len++) { if (buf_getbyte(line) == ' ') break; } buf_setpos(line, pos); buf_setlen(line, line->pos + len); TRACE(("checkpubkey: line pos = %d len = %d", line->pos, line->len)); /* now we have the actual data */ decodekeylen = (line->len - line->pos) * 2; decodekey = buf_new(decodekeylen); if (base64_decode(buf_getptr(line, line->len - line->pos), line->len - line->pos, buf_getwriteptr(decodekey, decodekey->size), &decodekeylen) != CRYPT_OK) { TRACE(("checkpubkey: base64 decode failed")); continue; } TRACE(("checkpubkey: base64_decode success")); buf_incrlen(decodekey, decodekeylen); /* compare the keys */ if (decodekeylen != keybloblen || memcmp( buf_getptr(decodekey, decodekey->len), keyblob, decodekey->len) != 0) { TRACE(("checkpubkey: compare failed")); continue; } /* and also check that the algo specified and the algo in the key * itself match */ filealgo = buf_getstring(decodekey, &filealgolen); if (filealgolen != algolen || memcmp(filealgo, algo, algolen) != 0) { TRACE(("checkpubkey: algo match failed")); continue; } /* now we know this key is good */ ret = DROPBEAR_SUCCESS; break; } while (1); out: if (authfile) { fclose(authfile); } if (line) { buf_free(line); } if (decodekey) { buf_free(decodekey); } m_free(filename); m_free(filealgo); TRACE(("leave checkpubkey: ret=%d", ret)); return ret; } /* get a line from the file into buffer in the style expected for an * authkeys file. * Will return DROPBEAR_SUCCESS if data is read, or DROPBEAR_FAILURE on EOF.*/ static int getauthline(buffer * line, FILE * authfile) { int c = EOF; TRACE(("enter getauthline")); buf_setpos(line, 0); buf_setlen(line, 0); while (line->pos < line->size) { c = fgetc(authfile); /*getc() is weird with some uClibc systems*/ if (c == EOF || c == '\n' || c == '\r') { goto out; } buf_putbyte(line, (unsigned char)c); } TRACE(("leave getauthline: line too long")); return DROPBEAR_FAILURE; out: buf_setpos(line, 0); /* if we didn't read anything before EOF or error, exit */ if (c == EOF && line->pos == 0) { TRACE(("leave getauthline: failure")); return DROPBEAR_FAILURE; } else { TRACE(("leave getauthline: success")); return DROPBEAR_SUCCESS; } TRACE(("leave getauthline")); } /* Returns DROPBEAR_SUCCESS if file permissions for pubkeys are ok, * DROPBEAR_FAILURE otherwise. * Checks that the user's homedir, ~/.ssh, and * ~/.ssh/authorized_keys are all owned by either root or the user, and are * g-w, o-w */ static int checkpubkeyperms() { char* filename = NULL; int ret = DROPBEAR_FAILURE; unsigned int len; TRACE(("enter checkpubkeyperms")); assert(ses.authstate.pw); if (ses.authstate.pw->pw_dir == NULL) { goto out; } if ((len = strlen(ses.authstate.pw->pw_dir)) == 0) { goto out; } /* allocate max required pathname storage, * = path + "/.ssh/authorized_keys" + '\0' = pathlen + 22 */ filename = m_malloc(len + 22); strncpy(filename, ses.authstate.pw->pw_dir, len+1); /* check ~ */ if (checkfileperm(filename) != DROPBEAR_SUCCESS) { goto out; } /* check ~/.ssh */ strncat(filename, "/.ssh", 5); /* strlen("/.ssh") == 5 */ if (checkfileperm(filename) != DROPBEAR_SUCCESS) { goto out; } /* now check ~/.ssh/authorized_keys */ strncat(filename, "/authorized_keys", 16); if (checkfileperm(filename) != DROPBEAR_SUCCESS) { goto out; } /* file looks ok, return success */ ret = DROPBEAR_SUCCESS; out: m_free(filename); TRACE(("leave checkpubkeyperms")); return ret; } /* Checks that a file is owned by the user or root, and isn't writable by * group or other */ /* returns DROPBEAR_SUCCESS or DROPBEAR_FAILURE */ static int checkfileperm(char * filename) { struct stat filestat; TRACE(("enter checkfileperm(%s)", filename)); if (stat(filename, &filestat) != 0) { TRACE(("leave checkfileperm: stat() != 0")); return DROPBEAR_FAILURE; } /* check ownership - user or root only*/ if (filestat.st_uid != ses.authstate.pw->pw_uid && filestat.st_uid != 0) { TRACE(("leave checkfileperm: wrong ownership")); return DROPBEAR_FAILURE; } /* check permissions - don't want group or others +w */ if (filestat.st_mode & (S_IWGRP | S_IWOTH)) { TRACE(("leave checkfileperm: wrong perms")); return DROPBEAR_FAILURE; } TRACE(("leave checkfileperm: success")); return DROPBEAR_SUCCESS; } #endif /* DROPBEAR_PUBKEY_AUTH */