[openssh-commits] [openssh] 18/19: upstream: kerberos/gssapi fixes for buffer removal

git+noreply at mindrot.org git+noreply at mindrot.org
Tue Jul 10 19:46:58 AEST 2018


This is an automated email from the git hooks/post-receive script.

djm pushed a commit to branch master
in repository openssh.

commit 0f3958c1e6ffb8ea4ba27e2a97a00326fce23246
Author: djm at openbsd.org <djm at openbsd.org>
Date:   Tue Jul 10 09:13:30 2018 +0000

    upstream: kerberos/gssapi fixes for buffer removal
    
    OpenBSD-Commit-ID: 1cdf56fec95801e4563c47f21696f04cd8b60c4c
---
 auth2-gss.c    | 17 ++++++++++++-----
 gss-genr.c     | 17 ++++++++++++++++-
 monitor.c      | 15 +++++++++------
 monitor_wrap.c |  4 ++--
 ssh-gss.h      |  5 ++++-
 5 files changed, 43 insertions(+), 15 deletions(-)

diff --git a/auth2-gss.c b/auth2-gss.c
index a6f2a712..47308c5c 100644
--- a/auth2-gss.c
+++ b/auth2-gss.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: auth2-gss.c,v 1.27 2018/07/09 21:37:55 markus Exp $ */
+/* $OpenBSD: auth2-gss.c,v 1.28 2018/07/10 09:13:30 djm Exp $ */
 
 /*
  * Copyright (c) 2001-2003 Simon Wilkinson. All rights reserved.
@@ -204,15 +204,18 @@ input_gssapi_errtok(int type, u_int32_t plen, struct ssh *ssh)
 	gss_buffer_desc recv_tok;
 	OM_uint32 maj_status;
 	int r;
+	u_char *p;
+	size_t len;
 
 	if (authctxt == NULL || (authctxt->methoddata == NULL && !use_privsep))
 		fatal("No authentication or GSSAPI context");
 
 	gssctxt = authctxt->methoddata;
-	if ((r = sshpkt_get_string(ssh,
-	    &recv_tok.value, &recv_tok.length)) != 0 ||
+	if ((r = sshpkt_get_string(ssh, &p, &len)) != 0 ||
 	    (r = sshpkt_get_end(ssh)) != 0)
 		fatal("%s: %s", __func__, ssh_err(r));
+	recv_tok.value = p;
+	recv_tok.length = len;
 
 	/* Push the error token into GSSAPI to see what it says */
 	maj_status = PRIVSEP(ssh_gssapi_accept_ctx(gssctxt, &recv_tok,
@@ -240,7 +243,7 @@ static int
 input_gssapi_exchange_complete(int type, u_int32_t plen, struct ssh *ssh)
 {
 	Authctxt *authctxt = ssh->authctxt;
-	int authenticated;
+	int r, authenticated;
 	const char *displayname;
 
 	if (authctxt == NULL || (authctxt->methoddata == NULL && !use_privsep))
@@ -278,16 +281,20 @@ input_gssapi_mic(int type, u_int32_t plen, struct ssh *ssh)
 	struct sshbuf *b;
 	gss_buffer_desc mic, gssbuf;
 	const char *displayname;
+	u_char *p;
+	size_t len;
 
 	if (authctxt == NULL || (authctxt->methoddata == NULL && !use_privsep))
 		fatal("No authentication or GSSAPI context");
 
 	gssctxt = authctxt->methoddata;
 
-	if ((r = sshpkt_get_string(ssh, &mic.value, &mic.length)) != 0)
+	if ((r = sshpkt_get_string(ssh, &p, &len)) != 0)
 		fatal("%s: %s", __func__, ssh_err(r));
 	if ((b = sshbuf_new()) == NULL)
 		fatal("%s: sshbuf_new failed", __func__);
+	mic.value = p;
+	mic.length = len;
 	ssh_gssapi_buildmic(b, authctxt->user, authctxt->service,
 	    "gssapi-with-mic");
 
diff --git a/gss-genr.c b/gss-genr.c
index f794e05b..d56257b4 100644
--- a/gss-genr.c
+++ b/gss-genr.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: gss-genr.c,v 1.25 2018/07/09 21:37:55 markus Exp $ */
+/* $OpenBSD: gss-genr.c,v 1.26 2018/07/10 09:13:30 djm Exp $ */
 
 /*
  * Copyright (c) 2001-2007 Simon Wilkinson. All rights reserved.
@@ -47,6 +47,21 @@
 extern u_char *session_id2;
 extern u_int session_id2_len;
 
+/* sshbuf_get for gss_buffer_desc */
+int
+ssh_gssapi_get_buffer_desc(struct sshbuf *b, gss_buffer_desc *g)
+{
+	int r;
+	u_char *p;
+	size_t len;
+
+	if ((r = sshbuf_get_string(b, &p, &len)) != 0)
+		return r;
+	g->value = p;
+	g->length = len;
+	return 0;
+}
+
 /* Check that the OID in a data stream matches that in the context */
 int
 ssh_gssapi_check_oid(Gssctxt *ctx, void *data, size_t len)
diff --git a/monitor.c b/monitor.c
index bf83f3b5..de650da2 100644
--- a/monitor.c
+++ b/monitor.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: monitor.c,v 1.183 2018/07/09 21:53:45 markus Exp $ */
+/* $OpenBSD: monitor.c,v 1.184 2018/07/10 09:13:30 djm Exp $ */
 /*
  * Copyright 2002 Niels Provos <provos at citi.umich.edu>
  * Copyright 2002 Markus Friedl <markus at openbsd.org>
@@ -1795,13 +1795,15 @@ mm_answer_gss_setup_ctx(int sock, struct sshbuf *m)
 	gss_OID_desc goid;
 	OM_uint32 major;
 	size_t len;
+	u_char *p;
 	int r;
 
 	if (!options.gss_authentication)
 		fatal("%s: GSSAPI authentication not enabled", __func__);
 
-	if ((r = sshbuf_get_string(m, &goid.elements, &len)) != 0)
+	if ((r = sshbuf_get_string(m, &p, &len)) != 0)
 		fatal("%s: buffer error: %s", __func__, ssh_err(r));
+	goid.elements = p;
 	goid.length = len;
 
 	major = ssh_gssapi_server_ctx(&gsscontext, &goid);
@@ -1832,7 +1834,7 @@ mm_answer_gss_accept_ctx(int sock, struct sshbuf *m)
 	if (!options.gss_authentication)
 		fatal("%s: GSSAPI authentication not enabled", __func__);
 
-	if ((r = sshbuf_get_string(m, &in.value, &in.length)) != 0)
+	if ((r = ssh_gssapi_get_buffer_desc(m, &in)) != 0)
 		fatal("%s: buffer error: %s", __func__, ssh_err(r));
 	major = ssh_gssapi_accept_ctx(gsscontext, &in, &out, &flags);
 	free(in.value);
@@ -1859,12 +1861,13 @@ mm_answer_gss_checkmic(int sock, struct sshbuf *m)
 {
 	gss_buffer_desc gssbuf, mic;
 	OM_uint32 ret;
+	int r;
 
 	if (!options.gss_authentication)
 		fatal("%s: GSSAPI authentication not enabled", __func__);
 
-	if ((r = sshbuf_get_string(m, &gssbuf.value, &gssbuf.length)) != 0 ||
-	    (r = sshbuf_get_string(m, &mic.value, &mic.length)) != 0)
+	if ((r = ssh_gssapi_get_buffer_desc(m, &gssbuf)) != 0 ||
+	    (r = ssh_gssapi_get_buffer_desc(m, &mic)) != 0)
 		fatal("%s: buffer error: %s", __func__, ssh_err(r));
 
 	ret = ssh_gssapi_checkmic(gsscontext, &gssbuf, &mic);
@@ -1887,7 +1890,7 @@ mm_answer_gss_checkmic(int sock, struct sshbuf *m)
 int
 mm_answer_gss_userok(int sock, struct sshbuf *m)
 {
-	int authenticated;
+	int r, authenticated;
 	const char *displayname;
 
 	if (!options.gss_authentication)
diff --git a/monitor_wrap.c b/monitor_wrap.c
index cf38b230..682e39de 100644
--- a/monitor_wrap.c
+++ b/monitor_wrap.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: monitor_wrap.c,v 1.103 2018/07/09 21:53:45 markus Exp $ */
+/* $OpenBSD: monitor_wrap.c,v 1.104 2018/07/10 09:13:30 djm Exp $ */
 /*
  * Copyright 2002 Niels Provos <provos at citi.umich.edu>
  * Copyright 2002 Markus Friedl <markus at openbsd.org>
@@ -989,7 +989,7 @@ mm_ssh_gssapi_accept_ctx(Gssctxt *ctx, gss_buffer_desc *in,
 	mm_request_receive_expect(pmonitor->m_recvfd, MONITOR_ANS_GSSSTEP, m);
 
 	if ((r = sshbuf_get_u32(m, &major)) != 0 ||
-	    (r = sshbuf_get_string(m, &out->value, &out->length)) != 0)
+	    (r = ssh_gssapi_get_buffer_desc(m, out)) != 0)
 		fatal("%s: buffer error: %s", __func__, ssh_err(r));
 	if (flagsp != NULL) {
 		if ((r = sshbuf_get_u32(m, &flags)) != 0)
diff --git a/ssh-gss.h b/ssh-gss.h
index e0905b31..36180d07 100644
--- a/ssh-gss.h
+++ b/ssh-gss.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssh-gss.h,v 1.13 2018/07/10 06:43:52 djm Exp $ */
+/* $OpenBSD: ssh-gss.h,v 1.14 2018/07/10 09:13:30 djm Exp $ */
 /*
  * Copyright (c) 2001-2003 Simon Wilkinson. All rights reserved.
  *
@@ -107,6 +107,9 @@ ssh_gssapi_mech *ssh_gssapi_get_ctype(Gssctxt *);
 void ssh_gssapi_prepare_supported_oids(void);
 OM_uint32 ssh_gssapi_test_oid_supported(OM_uint32 *, gss_OID, int *);
 
+struct sshbuf;
+int ssh_gssapi_get_buffer_desc(struct sshbuf *, gss_buffer_desc *);
+
 OM_uint32 ssh_gssapi_import_name(Gssctxt *, const char *);
 OM_uint32 ssh_gssapi_init_ctx(Gssctxt *, int,
     gss_buffer_desc *, gss_buffer_desc *, OM_uint32 *);

-- 
To stop receiving notification emails like this one, please contact
djm at mindrot.org.


More information about the openssh-commits mailing list