ports/libssh
ports/libssh
1
1
Форкнуть 0
Код Релизы 1 Активность
libssh/src/wrapper.c
debevv 48e7b098f8 wrapper: Fix possible crash in ssh_handle_key_exchange() 
If ssh_handle_key_exchange() fails, when ssh_free() is called
cipher->ctx is NULL.

Signed-off-by: debevv <valerio@sonicpengu.in>
2017-06-06 10:21:55 +02:00

484 строки
14 KiB
C
Исходник Ответственный История

/*
* wrapper.c - wrapper for crytpo functions
*
* This file is part of the SSH Library
*
* Copyright (c) 2003-2013 by Aris Adamantiadis
*
* The SSH Library is free software; you can redistribute it and/or modify
* it under the terms of the GNU Lesser General Public License as published by
* the Free Software Foundation; either version 2.1 of the License, or (at your
* option) any later version.
*
* The SSH Library is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
* or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public
* License for more details.
*
* You should have received a copy of the GNU Lesser General Public License
* along with the SSH Library; see the file COPYING. If not, write to
* the Free Software Foundation, Inc., 59 Temple Place - Suite 330, Boston,
* MA 02111-1307, USA.
*/
/*
* Why a wrapper?
*
* Let's say you want to port libssh from libcrypto of openssl to libfoo
* you are going to spend hours to remove every references to SHA1_Update()
* to libfoo_sha1_update after the work is finished, you're going to have
* only this file to modify it's not needed to say that your modifications
* are welcome.
*/
#include "config.h"
#include <stdlib.h>
#include <stdio.h>
#include <string.h>
#ifdef WITH_ZLIB
#include <zlib.h>
#endif
#include "libssh/priv.h"
#include "libssh/session.h"
#include "libssh/crypto.h"
#include "libssh/wrapper.h"
#include "libssh/pki.h"
static struct ssh_hmac_struct ssh_hmac_tab[] = {
{ "hmac-sha1", SSH_HMAC_SHA1 },
{ "hmac-sha2-256", SSH_HMAC_SHA256 },
{ "hmac-sha2-384", SSH_HMAC_SHA384 },
{ "hmac-sha2-512", SSH_HMAC_SHA512 },
{ "hmac-md5", SSH_HMAC_MD5 },
{ NULL, 0}
};
struct ssh_hmac_struct *ssh_get_hmactab(void) {
return ssh_hmac_tab;
}
size_t hmac_digest_len(enum ssh_hmac_e type) {
switch(type) {
case SSH_HMAC_SHA1:
return SHA_DIGEST_LEN;
case SSH_HMAC_SHA256:
return SHA256_DIGEST_LEN;
case SSH_HMAC_SHA384:
return SHA384_DIGEST_LEN;
case SSH_HMAC_SHA512:
return SHA512_DIGEST_LEN;
case SSH_HMAC_MD5:
return MD5_DIGEST_LEN;
default:
return 0;
}
}
const char *ssh_hmac_type_to_string(enum ssh_hmac_e hmac_type)
{
int i = 0;
struct ssh_hmac_struct *ssh_hmactab = ssh_get_hmactab();
while (ssh_hmactab[i].name && (ssh_hmactab[i].hmac_type != hmac_type)) {
i++;
}
return ssh_hmactab[i].name;
}
/* it allocates a new cipher structure based on its offset into the global table */
static struct ssh_cipher_struct *cipher_new(int offset) {
struct ssh_cipher_struct *cipher = NULL;
cipher = malloc(sizeof(struct ssh_cipher_struct));
if (cipher == NULL) {
return NULL;
}
/* note the memcpy will copy the pointers : so, you shouldn't free them */
memcpy(cipher, &ssh_get_ciphertab()[offset], sizeof(*cipher));
return cipher;
}
void ssh_cipher_clear(struct ssh_cipher_struct *cipher){
#ifdef HAVE_LIBGCRYPT
unsigned int i;
#endif
if (cipher == NULL) {
return;
}
#ifdef HAVE_LIBGCRYPT
if(cipher->key) {
for (i = 0; i < (cipher->keylen / sizeof(gcry_cipher_hd_t)); i++) {
gcry_cipher_close(cipher->key[i]);
}
SAFE_FREE(cipher->key);
}
#endif
if (cipher->ctx != NULL) {
if (cipher->cleanup != NULL) {
cipher->cleanup(cipher);
}
#ifdef HAVE_LIBCRYPTO
EVP_CIPHER_CTX_free(cipher->ctx);
#endif
}
}
static void cipher_free(struct ssh_cipher_struct *cipher) {
ssh_cipher_clear(cipher);
SAFE_FREE(cipher);
}
struct ssh_crypto_struct *crypto_new(void) {
struct ssh_crypto_struct *crypto;
crypto = malloc(sizeof(struct ssh_crypto_struct));
if (crypto == NULL) {
return NULL;
}
ZERO_STRUCTP(crypto);
return crypto;
}
void crypto_free(struct ssh_crypto_struct *crypto){
int i;
if (crypto == NULL) {
return;
}
SAFE_FREE(crypto->server_pubkey);
cipher_free(crypto->in_cipher);
cipher_free(crypto->out_cipher);
bignum_free(crypto->e);
bignum_free(crypto->f);
bignum_free(crypto->x);
bignum_free(crypto->y);
bignum_free(crypto->k);
#ifdef HAVE_ECDH
SAFE_FREE(crypto->ecdh_client_pubkey);
SAFE_FREE(crypto->ecdh_server_pubkey);
if(crypto->ecdh_privkey != NULL){
#ifdef HAVE_OPENSSL_ECC
EC_KEY_free(crypto->ecdh_privkey);
#elif defined HAVE_GCRYPT_ECC
gcry_sexp_release(crypto->ecdh_privkey);
#endif
crypto->ecdh_privkey = NULL;
}
#endif
if(crypto->session_id != NULL){
memset(crypto->session_id, '\0', crypto->digest_len);
SAFE_FREE(crypto->session_id);
}
if(crypto->secret_hash != NULL){
memset(crypto->secret_hash, '\0', crypto->digest_len);
SAFE_FREE(crypto->secret_hash);
}
#ifdef WITH_ZLIB
if (crypto->compress_out_ctx &&
(deflateEnd(crypto->compress_out_ctx) != 0)) {
inflateEnd(crypto->compress_out_ctx);
}
SAFE_FREE(crypto->compress_out_ctx);
if (crypto->compress_in_ctx &&
(deflateEnd(crypto->compress_in_ctx) != 0)) {
inflateEnd(crypto->compress_in_ctx);
}
SAFE_FREE(crypto->compress_in_ctx);
#endif /* WITH_ZLIB */
if(crypto->encryptIV)
SAFE_FREE(crypto->encryptIV);
if(crypto->decryptIV)
SAFE_FREE(crypto->decryptIV);
if(crypto->encryptMAC)
SAFE_FREE(crypto->encryptMAC);
if(crypto->decryptMAC)
SAFE_FREE(crypto->decryptMAC);
if(crypto->encryptkey){
memset(crypto->encryptkey, 0, crypto->digest_len);
SAFE_FREE(crypto->encryptkey);
}
if(crypto->decryptkey){
memset(crypto->decryptkey, 0, crypto->digest_len);
SAFE_FREE(crypto->decryptkey);
}
for (i = 0; i < SSH_KEX_METHODS; i++) {
SAFE_FREE(crypto->client_kex.methods[i]);
SAFE_FREE(crypto->server_kex.methods[i]);
SAFE_FREE(crypto->kex_methods[i]);
}
BURN_BUFFER(crypto, sizeof(struct ssh_crypto_struct));
SAFE_FREE(crypto);
}
static int crypt_set_algorithms2(ssh_session session){
const char *wanted;
int i = 0;
struct ssh_cipher_struct *ssh_ciphertab=ssh_get_ciphertab();
struct ssh_hmac_struct *ssh_hmactab=ssh_get_hmactab();
/* we must scan the kex entries to find crypto algorithms and set their appropriate structure */
/* out */
wanted = session->next_crypto->kex_methods[SSH_CRYPT_C_S];
while (ssh_ciphertab[i].name && strcmp(wanted, ssh_ciphertab[i].name)) {
i++;
}
if (ssh_ciphertab[i].name == NULL) {
ssh_set_error(session, SSH_FATAL,
"crypt_set_algorithms2: no crypto algorithm function found for %s",
wanted);
return SSH_ERROR;
}
SSH_LOG(SSH_LOG_PACKET, "Set output algorithm to %s", wanted);
session->next_crypto->out_cipher = cipher_new(i);
if (session->next_crypto->out_cipher == NULL) {
ssh_set_error_oom(session);
return SSH_ERROR;
}
i = 0;
/* we must scan the kex entries to find hmac algorithms and set their appropriate structure */
/* out */
wanted = session->next_crypto->kex_methods[SSH_MAC_C_S];
while (ssh_hmactab[i].name && strcmp(wanted, ssh_hmactab[i].name)) {
i++;
}
if (ssh_hmactab[i].name == NULL) {
ssh_set_error(session, SSH_FATAL,
"crypt_set_algorithms2: no hmac algorithm function found for %s",
wanted);
return SSH_ERROR;
}
SSH_LOG(SSH_LOG_PACKET, "Set HMAC output algorithm to %s", wanted);
session->next_crypto->out_hmac = ssh_hmactab[i].hmac_type;
i = 0;
/* in */
wanted = session->next_crypto->kex_methods[SSH_CRYPT_S_C];
while (ssh_ciphertab[i].name && strcmp(wanted, ssh_ciphertab[i].name)) {
i++;
}
if (ssh_ciphertab[i].name == NULL) {
ssh_set_error(session, SSH_FATAL,
"Crypt_set_algorithms: no crypto algorithm function found for %s",
wanted);
return SSH_ERROR;
}
SSH_LOG(SSH_LOG_PACKET, "Set input algorithm to %s", wanted);
session->next_crypto->in_cipher = cipher_new(i);
if (session->next_crypto->in_cipher == NULL) {
ssh_set_error_oom(session);
return SSH_ERROR;
}
i = 0;
/* we must scan the kex entries to find hmac algorithms and set their appropriate structure */
wanted = session->next_crypto->kex_methods[SSH_MAC_S_C];
while (ssh_hmactab[i].name && strcmp(wanted, ssh_hmactab[i].name)) {
i++;
}
if (ssh_hmactab[i].name == NULL) {
ssh_set_error(session, SSH_FATAL,
"crypt_set_algorithms2: no hmac algorithm function found for %s",
wanted);
return SSH_ERROR;
}
SSH_LOG(SSH_LOG_PACKET, "Set HMAC output algorithm to %s", wanted);
session->next_crypto->in_hmac = ssh_hmactab[i].hmac_type;
i = 0;
/* compression */
if (strcmp(session->next_crypto->kex_methods[SSH_COMP_C_S], "zlib") == 0) {
session->next_crypto->do_compress_out = 1;
}
if (strcmp(session->next_crypto->kex_methods[SSH_COMP_S_C], "zlib") == 0) {
session->next_crypto->do_compress_in = 1;
}
if (strcmp(session->next_crypto->kex_methods[SSH_COMP_C_S], "zlib@openssh.com") == 0) {
session->next_crypto->delayed_compress_out = 1;
}
if (strcmp(session->next_crypto->kex_methods[SSH_COMP_S_C], "zlib@openssh.com") == 0) {
session->next_crypto->delayed_compress_in = 1;
}
return SSH_OK;
}
static int crypt_set_algorithms1(ssh_session session, enum ssh_des_e des_type) {
int i = 0;
struct ssh_cipher_struct *ssh_ciphertab=ssh_get_ciphertab();
/* right now, we force 3des-cbc to be taken */
while (ssh_ciphertab[i].name && strcmp(ssh_ciphertab[i].name,
des_type == SSH_DES ? "des-cbc-ssh1" : "3des-cbc-ssh1")) {
i++;
}
if (ssh_ciphertab[i].name == NULL) {
ssh_set_error(session, SSH_FATAL, "cipher 3des-cbc-ssh1 or des-cbc-ssh1 not found!");
return SSH_ERROR;
}
session->next_crypto->out_cipher = cipher_new(i);
if (session->next_crypto->out_cipher == NULL) {
ssh_set_error_oom(session);
return SSH_ERROR;
}
session->next_crypto->in_cipher = cipher_new(i);
if (session->next_crypto->in_cipher == NULL) {
ssh_set_error_oom(session);
return SSH_ERROR;
}
return SSH_OK;
}
int crypt_set_algorithms(ssh_session session, enum ssh_des_e des_type) {
return (session->version == 1) ? crypt_set_algorithms1(session, des_type) :
crypt_set_algorithms2(session);
}
#ifdef WITH_SERVER
int crypt_set_algorithms_server(ssh_session session){
char *method = NULL;
int i = 0;
struct ssh_cipher_struct *ssh_ciphertab=ssh_get_ciphertab();
struct ssh_hmac_struct *ssh_hmactab=ssh_get_hmactab();
if (session == NULL) {
return SSH_ERROR;
}
/*
* We must scan the kex entries to find crypto algorithms and set their
* appropriate structure
*/
/* out */
method = session->next_crypto->kex_methods[SSH_CRYPT_S_C];
while(ssh_ciphertab[i].name && strcmp(method,ssh_ciphertab[i].name))
i++;
if(!ssh_ciphertab[i].name){
ssh_set_error(session,SSH_FATAL,"crypt_set_algorithms_server : "
"no crypto algorithm function found for %s",method);
return SSH_ERROR;
}
SSH_LOG(SSH_LOG_PACKET,"Set output algorithm %s",method);
session->next_crypto->out_cipher = cipher_new(i);
if (session->next_crypto->out_cipher == NULL) {
ssh_set_error_oom(session);
return SSH_ERROR;
}
i=0;
/* in */
method = session->next_crypto->kex_methods[SSH_CRYPT_C_S];
while(ssh_ciphertab[i].name && strcmp(method,ssh_ciphertab[i].name))
i++;
if(!ssh_ciphertab[i].name){
ssh_set_error(session,SSH_FATAL,"Crypt_set_algorithms_server :"
"no crypto algorithm function found for %s",method);
return SSH_ERROR;
}
SSH_LOG(SSH_LOG_PACKET,"Set input algorithm %s",method);
session->next_crypto->in_cipher = cipher_new(i);
if (session->next_crypto->in_cipher == NULL) {
ssh_set_error_oom(session);
return SSH_ERROR;
}
i=0;
/* HMAC algorithm selection */
method = session->next_crypto->kex_methods[SSH_MAC_S_C];
while (ssh_hmactab[i].name && strcmp(method, ssh_hmactab[i].name)) {
i++;
}
if (ssh_hmactab[i].name == NULL) {
ssh_set_error(session, SSH_FATAL,
"crypt_set_algorithms_server: no hmac algorithm function found for %s",
method);
return SSH_ERROR;
}
SSH_LOG(SSH_LOG_PACKET, "Set HMAC output algorithm to %s", method);
session->next_crypto->out_hmac = ssh_hmactab[i].hmac_type;
i=0;
method = session->next_crypto->kex_methods[SSH_MAC_C_S];
while (ssh_hmactab[i].name && strcmp(method, ssh_hmactab[i].name)) {
i++;
}
if (ssh_hmactab[i].name == NULL) {
ssh_set_error(session, SSH_FATAL,
"crypt_set_algorithms_server: no hmac algorithm function found for %s",
method);
return SSH_ERROR;
}
SSH_LOG(SSH_LOG_PACKET, "Set HMAC input algorithm to %s", method);
session->next_crypto->in_hmac = ssh_hmactab[i].hmac_type;
i=0;
/* compression */
method = session->next_crypto->kex_methods[SSH_COMP_C_S];
if(strcmp(method,"zlib") == 0){
SSH_LOG(SSH_LOG_PACKET,"enabling C->S compression");
session->next_crypto->do_compress_in=1;
}
if(strcmp(method,"zlib@openssh.com") == 0){
SSH_LOG(SSH_LOG_PACKET,"enabling C->S delayed compression");
if (session->flags & SSH_SESSION_FLAG_AUTHENTICATED) {
session->next_crypto->do_compress_in = 1;
} else {
session->next_crypto->delayed_compress_in = 1;
}
}
method = session->next_crypto->kex_methods[SSH_COMP_S_C];
if(strcmp(method,"zlib") == 0){
SSH_LOG(SSH_LOG_PACKET, "enabling S->C compression");
session->next_crypto->do_compress_out=1;
}
if(strcmp(method,"zlib@openssh.com") == 0){
SSH_LOG(SSH_LOG_PACKET,"enabling S->C delayed compression");
if (session->flags & SSH_SESSION_FLAG_AUTHENTICATED) {
session->next_crypto->do_compress_out = 1;
} else {
session->next_crypto->delayed_compress_out = 1;
}
}
method = session->next_crypto->kex_methods[SSH_HOSTKEYS];
session->srv.hostkey = ssh_key_type_from_name(method);
return SSH_OK;
}
#endif /* WITH_SERVER */
/* vim: set ts=2 sw=2 et cindent: */
Показать git blame Копировать постоянную ссылку