[Bug 2786] New: New OpenSSH fails to parse public keys with bogus whitespace

Thu Sep 28 00:54:32 AEST 2017

https://bugzilla.mindrot.org/show_bug.cgi?id=2786

            Bug ID: 2786
           Summary: New OpenSSH fails to parse public keys with bogus
                    whitespace
           Product: Portable OpenSSH
           Version: 7.5p1
          Hardware: Other
                OS: Linux
            Status: NEW
          Severity: enhancement
          Priority: P5
         Component: sshd
          Assignee: unassigned-bugs at mindrot.org
          Reporter: jjelen at redhat.com

Created attachment 3062
  --> https://bugzilla.mindrot.org/attachment.cgi?id=3062&action=edit
do not be strict about whitespace in public keys

OpenSSH prior 6.7 were more benevolent about whitespace around public
key blob. The first of the following keys is parsed properly, but the
second is not:

ssh-rsa AAAAB3NzaC1yc2EAAAAB.... blah at example.com
ssh-rsa  AAAAB3NzaC1yc2EAAAAB.... blah at example.com

This was changed in the commit [1], which moved away from uudecode()
function (which was skipping bogus whitespace) to sshbuf_b64tod()
function (which is already getting zero-length buffer from
sshkey_read(), because strchr(cp, ' ') returns the immediately
following space in the above example).

The documentation is clear that there should be only single whitespace,
but being benevolent about the whitespace is good, especially in case
of handling public keys, which can come from various sources, for
example users pasting them through web interface (github, gitlab, ...).
The attached one-line patch is skipping the whitespace and returns to
the old behavior.

This bug is based on the Red Hat bugzilla [2].

[1] https://github.com/openssh/openssh-portable/commit/8668706d
[2] https://bugzilla.redhat.com/show_bug.cgi?id=1493406

-- 
You are receiving this mail because:
You are watching the assignee of the bug.