summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorJan Cholasta <jcholast@redhat.com>2012-02-13 10:10:40 -0500
committerStephen Gallagher <sgallagh@redhat.com>2012-02-13 11:46:55 -0500
commita39eeeee48e42a91009af5f5c516c9dab98f4261 (patch)
tree76d05da0a7521edba215a583a55804b852f91619
parent129310e872a0a70e721ba59363e518176ef406d6 (diff)
downloadsssd-a39eeeee48e42a91009af5f5c516c9dab98f4261.tar.gz
sssd-a39eeeee48e42a91009af5f5c516c9dab98f4261.tar.xz
sssd-a39eeeee48e42a91009af5f5c516c9dab98f4261.zip
SSH: Verify that names received from client are valid UTF-8 in responder
Also added a comment describing the wire format of client requests and responses. https://fedorahosted.org/sssd/ticket/1177
-rw-r--r--src/responder/ssh/sshsrv_cmd.c4
-rw-r--r--src/sss_client/ssh/sss_ssh.c17
2 files changed, 21 insertions, 0 deletions
diff --git a/src/responder/ssh/sshsrv_cmd.c b/src/responder/ssh/sshsrv_cmd.c
index eea151691..0a182f310 100644
--- a/src/responder/ssh/sshsrv_cmd.c
+++ b/src/responder/ssh/sshsrv_cmd.c
@@ -436,6 +436,10 @@ ssh_cmd_parse_request(struct ssh_cmd_ctx *cmd_ctx)
}
name = (char *)(body+c);
+ if (!sss_utf8_check((const uint8_t *)name, name_len-1)) {
+ DEBUG(SSSDBG_CRIT_FAILURE, ("Supplied data is not valid UTF-8 string\n"));
+ return EINVAL;
+ }
if (strnlen(name, name_len) != name_len-1) {
return EINVAL;
}
diff --git a/src/sss_client/ssh/sss_ssh.c b/src/sss_client/ssh/sss_ssh.c
index 921f002f3..bb76800a4 100644
--- a/src/sss_client/ssh/sss_ssh.c
+++ b/src/sss_client/ssh/sss_ssh.c
@@ -67,6 +67,23 @@ int set_locale(void)
return EOK;
}
+/* SSH public key request:
+ *
+ * 0..3: flags (unsigned int, must be 0)
+ * 4..7: name length (unsigned int)
+ * 8..$: name (null-terminated UTF-8 string)
+ *
+ * SSH public key reply:
+ *
+ * 0..3: number of results (unsigned int)
+ * 4..7: reserved (unsigned int, must be 0)
+ * 8..$: array of results:
+ * 0..3: flags (unsigned int, must be 0)
+ * 4..7: name length (unsigned int)
+ * 8..(X-1): name (null-terminated UTF-8 string)
+ * X..(X+3): key length (unsigned int)
+ * (X+4)..Y: key (public key blob as defined in RFC4253, section 6.6)
+ */
errno_t
sss_ssh_get_pubkeys(TALLOC_CTX *mem_ctx,
enum sss_cli_command command,