[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#742513: [PATCH] Attempt SSHFP lookup even if server presents a certificate



From: Matthew Vernon <mcv21@cam.ac.uk>

If an ssh server presents a certificate to the client, then the client
does not check the DNS for SSHFP records. This means that a malicious
server can essentially disable DNS-host-key-checking, which means the
client will fall back to asking the user (who will just say "yes" to
the fingerprint, sadly).

This patch means that the ssh client will, if necessary, extract the
server key from the proffered certificate, and attempt to verify it
against the DNS. The patch was written by Mark Wooding
<mdw@distorted.org.uk>. I modified it to add one debug2 call, reviewed
it, and tested it.

Signed-off-by: Matthew Vernon <matthew@debian.org>
Bug-Debian: http://bugs.debian.org/742513
---
 sshconnect.c |   67 ++++++++++++++++++++++++++++++++++++++++------------------
 1 file changed, 47 insertions(+), 20 deletions(-)

diff --git a/sshconnect.c b/sshconnect.c
index 87c3770..b8510d2 100644
--- a/sshconnect.c
+++ b/sshconnect.c
@@ -1218,36 +1218,63 @@ fail:
 	return -1;
 }
 
+static int
+check_host_key_sshfp(char *host, struct sockaddr *hostaddr, Key *host_key)
+{
+	int rc = -1;
+	int flags = 0;
+	Key *raw_key = NULL;
+
+	if (!options.verify_host_key_dns)
+		goto done;
+
+	/* XXX certs are not yet supported for DNS; try looking the raw key
+	 * up in the DNS anyway.
+	 */
+	if (key_is_cert(host_key)) {
+	  debug2("Extracting key from cert for SSHFP lookup");
+		raw_key = key_from_private(host_key);
+		if (key_drop_cert(raw_key))
+			fatal("Couldn't drop certificate");
+		host_key = raw_key;
+	}
+
+	if (verify_host_key_dns(host, hostaddr, host_key, &flags))
+		goto done;
+
+	if (flags & DNS_VERIFY_FOUND) {
+
+		if (options.verify_host_key_dns == 1 &&
+		    flags & DNS_VERIFY_MATCH &&
+		    flags & DNS_VERIFY_SECURE) {
+			rc = 0;
+		} else if (flags & DNS_VERIFY_MATCH) {
+			matching_host_key_dns = 1;
+		} else {
+			warn_changed_key(host_key);
+			error("Update the SSHFP RR in DNS with the new "
+			      "host key to get rid of this message.");
+		}
+	}
+
+done:
+	if (raw_key)
+		key_free(raw_key);
+	return rc;
+}
+
 /* returns 0 if key verifies or -1 if key does NOT verify */
 int
 verify_host_key(char *host, struct sockaddr *hostaddr, Key *host_key)
 {
-	int flags = 0;
 	char *fp;
 
 	fp = key_fingerprint(host_key, SSH_FP_MD5, SSH_FP_HEX);
 	debug("Server host key: %s %s", key_type(host_key), fp);
 	free(fp);
 
-	/* XXX certs are not yet supported for DNS */
-	if (!key_is_cert(host_key) && options.verify_host_key_dns &&
-	    verify_host_key_dns(host, hostaddr, host_key, &flags) == 0) {
-		if (flags & DNS_VERIFY_FOUND) {
-
-			if (options.verify_host_key_dns == 1 &&
-			    flags & DNS_VERIFY_MATCH &&
-			    flags & DNS_VERIFY_SECURE)
-				return 0;
-
-			if (flags & DNS_VERIFY_MATCH) {
-				matching_host_key_dns = 1;
-			} else {
-				warn_changed_key(host_key);
-				error("Update the SSHFP RR in DNS with the new "
-				    "host key to get rid of this message.");
-			}
-		}
-	}
+	if (check_host_key_sshfp(host, hostaddr, host_key) == 0)
+		return 0;
 
 	return check_host_key(host, hostaddr, options.port, host_key, RDRW,
 	    options.user_hostfiles, options.num_user_hostfiles,
-- 
1.7.10.4


Reply to: