summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--src/responder/ssh/sshsrv_cmd.c4
-rw-r--r--src/sss_client/ssh/sss_ssh.c17
2 files changed, 21 insertions, 0 deletions
diff --git a/src/responder/ssh/sshsrv_cmd.c b/src/responder/ssh/sshsrv_cmd.c
index eea151691..0a182f310 100644
--- a/src/responder/ssh/sshsrv_cmd.c
+++ b/src/responder/ssh/sshsrv_cmd.c
@@ -436,6 +436,10 @@ ssh_cmd_parse_request(struct ssh_cmd_ctx *cmd_ctx)
}
name = (char *)(body+c);
+ if (!sss_utf8_check((const uint8_t *)name, name_len-1)) {
+ DEBUG(SSSDBG_CRIT_FAILURE, ("Supplied data is not valid UTF-8 string\n"));
+ return EINVAL;
+ }
if (strnlen(name, name_len) != name_len-1) {
return EINVAL;
}
diff --git a/src/sss_client/ssh/sss_ssh.c b/src/sss_client/ssh/sss_ssh.c
index 921f002f3..bb76800a4 100644
--- a/src/sss_client/ssh/sss_ssh.c
+++ b/src/sss_client/ssh/sss_ssh.c
@@ -67,6 +67,23 @@ int set_locale(void)
return EOK;
}
+/* SSH public key request:
+ *
+ * 0..3: flags (unsigned int, must be 0)
+ * 4..7: name length (unsigned int)
+ * 8..$: name (null-terminated UTF-8 string)
+ *
+ * SSH public key reply:
+ *
+ * 0..3: number of results (unsigned int)
+ * 4..7: reserved (unsigned int, must be 0)
+ * 8..$: array of results:
+ * 0..3: flags (unsigned int, must be 0)
+ * 4..7: name length (unsigned int)
+ * 8..(X-1): name (null-terminated UTF-8 string)
+ * X..(X+3): key length (unsigned int)
+ * (X+4)..Y: key (public key blob as defined in RFC4253, section 6.6)
+ */
errno_t
sss_ssh_get_pubkeys(TALLOC_CTX *mem_ctx,
enum sss_cli_command command,
generated by cgit (git 2.34.1) at 2024-05-23 07:47:50 +0000