upstream: agent support for parsing hostkey-bound signatures

Allow parse_userauth_request() to work with blobs from publickey-hostbound-v00@openssh.com userauth attempts. Extract hostkey from these blobs. ok markus@ OpenBSD-Commit-ID: 81c064255634c1109477dc65c3e983581d336df8
2021-12-19 22:13:33 +00:00 · 2021-12-19 22:13:33 +00:00 · baaff0ff43
parent 3e16365a79
commit baaff0ff43
1 changed files with 17 additions and 7 deletions
--- a/ssh-agent.c
+++ b/ssh-agent.c
@ -1,4 +1,4 @@
-/* $OpenBSD: ssh-agent.c,v 1.281 2021/12/19 22:11:39 djm Exp $ */
+/* $OpenBSD: ssh-agent.c,v 1.282 2021/12/19 22:13:33 djm Exp $ */
 /*
 * Author: Tatu Ylonen <ylo@cs.hut.fi>
 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@ -567,22 +567,24 @@ agent_decode_alg(struct sshkey *key, u_int flags)
 * request, checking its contents for consistency and matching the embedded
 * key against the one that is being used for signing.
 * Note: does not modify msg buffer.
- * Optionally extract the username and session ID from the request.
+ * Optionally extract the username, session ID and/or hostkey from the request.
 */
 static int
 parse_userauth_request(struct sshbuf *msg, const struct sshkey *expected_key,
-    char **userp, struct sshbuf **sess_idp)
+    char **userp, struct sshbuf **sess_idp, struct sshkey **hostkeyp)
 {
 	struct sshbuf *b = NULL, *sess_id = NULL;
 	char *user = NULL, *service = NULL, *method = NULL, *pkalg = NULL;
 	int r;
 	u_char t, sig_follows;
-	struct sshkey *mkey = NULL;
+	struct sshkey *mkey = NULL, *hostkey = NULL;
 	if (userp != NULL)
 		*userp = NULL;
 	if (sess_idp != NULL)
 		*sess_idp = NULL;
 	if (hostkeyp != NULL)
 		*hostkeyp = NULL;
 	if ((b = sshbuf_fromb(msg)) == NULL)
 		fatal_f("sshbuf_fromb");
@ -609,7 +611,10 @@ parse_userauth_request(struct sshbuf *msg, const struct sshkey *expected_key,
 		r = SSH_ERR_INVALID_FORMAT;
 		goto out;
 	}
-	if (strcmp(method, "publickey") != 0) {
+	if (strcmp(method, "publickey-hostbound-v00@openssh.com") == 0) {
 		if ((r = sshkey_froms(b, &hostkey)) != 0)
 			goto out;
 	} else if (strcmp(method, "publickey") != 0) {
 		r = SSH_ERR_INVALID_FORMAT;
 		goto out;
 	}
@ -628,6 +633,10 @@ parse_userauth_request(struct sshbuf *msg, const struct sshkey *expected_key,
 		*sess_idp = sess_id;
 		sess_id = NULL;
 	}
 	if (hostkeyp != NULL) {
 		*hostkeyp = hostkey;
 		hostkey = NULL;
 	}
 out:
 	sshbuf_free(b);
 	sshbuf_free(sess_id);
@ -636,6 +645,7 @@ parse_userauth_request(struct sshbuf *msg, const struct sshkey *expected_key,
 	free(method);
 	free(pkalg);
 	sshkey_free(mkey);
 	sshkey_free(hostkey);
 	return r;
 }
@ -680,7 +690,7 @@ parse_sshsig_request(struct sshbuf *msg)
 static int
 check_websafe_message_contents(struct sshkey *key, struct sshbuf *data)
 {
-	if (parse_userauth_request(data, key, NULL, NULL) == 0) {
+	if (parse_userauth_request(data, key, NULL, NULL, NULL) == 0) {
 		debug_f("signed data matches public key userauth request");
 		return 1;
 	}
@ -747,7 +757,7 @@ process_sign_request2(SocketEntry *e)
 			    "to sign on unbound connection");
 			goto send;
 		}
-		if (parse_userauth_request(data, key, &user, &sid) != 0) {
+		if (parse_userauth_request(data, key, &user, &sid, NULL) != 0) {
 			logit_f("refusing use of destination-constrained key "
 			   "to sign an unidentified signature");
 			goto send;