[openssh-commits] [openssh] 01/01: upstream: fix two PIN entry bugs on FIDO keygen: 1) it would allow more

git+noreply at mindrot.org git+noreply at mindrot.org
Fri Feb 7 14:31:08 AEDT 2020 

This is an automated email from the git hooks/post-receive script.

djm pushed a commit to branch master
in repository openssh.

commit fd68dc27864b099b552a6d9d507ca4b83afd6a76
Author: djm at openbsd.org <djm at openbsd.org>
Date:   Fri Feb 7 03:27:54 2020 +0000

    upstream: fix two PIN entry bugs on FIDO keygen: 1) it would allow more
    
    than the intended number of prompts (3) and 2) it would SEGV too many
    incorrect PINs were entered; based on patch by Gabriel Kihlman
    
    OpenBSD-Commit-ID: 9c0011f28ba8bd8adf2014424b64960333da1718
---
 ssh-keygen.c | 18 ++++++++++++------
 1 file changed, 12 insertions(+), 6 deletions(-)

diff --git a/ssh-keygen.c b/ssh-keygen.c
index a6ba6cc7..0d6ed1ff 100644
--- a/ssh-keygen.c
+++ b/ssh-keygen.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssh-keygen.c,v 1.397 2020/02/06 22:30:54 naddy Exp $ */
+/* $OpenBSD: ssh-keygen.c,v 1.398 2020/02/07 03:27:54 djm Exp $ */
 /*
  * Author: Tatu Ylonen <ylo at cs.hut.fi>
  * Copyright (c) 1994 Tatu Ylonen <ylo at cs.hut.fi>, Espoo, Finland
@@ -3588,7 +3588,7 @@ main(int argc, char **argv)
 		passphrase = NULL;
 		if ((attest = sshbuf_new()) == NULL)
 			fatal("sshbuf_new failed");
-		for (i = 0 ; i < 3; i++) {
+		for (i = 0 ; ; i++) {
 			fflush(stdout);
 			r = sshsk_enroll(type, sk_provider, sk_device,
 			    sk_application == NULL ? "ssh:" : sk_application,
@@ -3598,15 +3598,21 @@ main(int argc, char **argv)
 				break;
 			if (r != SSH_ERR_KEY_WRONG_PASSPHRASE)
 				fatal("Key enrollment failed: %s", ssh_err(r));
-			if (passphrase != NULL)
+			else if (i > 0)
+				error("PIN incorrect");
+			if (passphrase != NULL) {
 				freezero(passphrase, strlen(passphrase));
+				passphrase = NULL;
+			}
+			if (i >= 3)
+				fatal("Too many incorrect PINs");
 			passphrase = read_passphrase("Enter PIN for "
 			    "authenticator: ", RP_ALLOW_STDIN);
 		}
-		if (passphrase != NULL)
+		if (passphrase != NULL) {
 			freezero(passphrase, strlen(passphrase));
-		if (i > 3)
-			fatal("Too many incorrect PINs");
+			passphrase = NULL;
+		}
 		break;
 	default:
 		if ((r = sshkey_generate(type, bits, &private)) != 0)

-- 
To stop receiving notification emails like this one, please contact
djm at mindrot.org.

More information about the openssh-commits mailing list