- [email protected] 2013/03/07 00:19:59

     [auth2-pubkey.c monitor.c]
     reconstruct the original username that was sent by the client, which may
     have included a style (e.g. "root:skey") when checking public key
     signatures. Fixes public key and hostbased auth when the client specified
     a style; ok markus@

ChangeLog

@@ -13,6 +13,12 @@
    - [email protected] 2013/03/06 23:36:53
      [readconf.c]
      g/c unused variable (-Wunused)
+   - [email protected] 2013/03/07 00:19:59
+     [auth2-pubkey.c monitor.c]
+     reconstruct the original username that was sent by the client, which may
+     have included a style (e.g. "root:skey") when checking public key
+     signatures. Fixes public key and hostbased auth when the client specified
+     a style; ok markus@
 
 20130418
  - (djm) [config.guess config.sub] Update to last versions before they switch

auth2-pubkey.c

@@ -1,4 +1,4 @@
-/* $OpenBSD: auth2-pubkey.c,v 1.34 2013/02/14 21:35:59 djm Exp $ */
+/* $OpenBSD: auth2-pubkey.c,v 1.35 2013/03/07 00:19:59 djm Exp $ */
 /*
  * Copyright (c) 2000 Markus Friedl.  All rights reserved.
  *
@@ -75,7 +75,7 @@ userauth_pubkey(Authctxt *authctxt)
 {
 	Buffer b;
 	Key *key = NULL;
-	char *pkalg;
+	char *pkalg, *userstyle;
 	u_char *pkblob, *sig;
 	u_int alen, blen, slen;
 	int have_sig, pktype;
@@ -127,7 +127,11 @@ userauth_pubkey(Authctxt *authctxt)
 		}
 		/* reconstruct packet */
 		buffer_put_char(&b, SSH2_MSG_USERAUTH_REQUEST);
-		buffer_put_cstring(&b, authctxt->user);
+		xasprintf(&userstyle, "%s%s%s", authctxt->user,
+		    authctxt->style ? ":" : "",
+		    authctxt->style ? authctxt->style : "");
+		buffer_put_cstring(&b, userstyle);
+		free(userstyle);
 		buffer_put_cstring(&b,
 		    datafellows & SSH_BUG_PKSERVICE ?
 		    "ssh-userauth" :

monitor.c

@@ -1,4 +1,4 @@
-/* $OpenBSD: monitor.c,v 1.120 2012/12/11 22:16:21 markus Exp $ */
+/* $OpenBSD: monitor.c,v 1.121 2013/03/07 00:19:59 djm Exp $ */
 /*
  * Copyright 2002 Niels Provos <[email protected]>
  * Copyright 2002 Markus Friedl <[email protected]>
@@ -1237,7 +1237,7 @@ static int
 monitor_valid_userblob(u_char *data, u_int datalen)
 {
 	Buffer b;
-	char *p;
+	char *p, *userstyle;
 	u_int len;
 	int fail = 0;
 
@@ -1262,19 +1262,23 @@ monitor_valid_userblob(u_char *data, u_int datalen)
 	}
 	if (buffer_get_char(&b) != SSH2_MSG_USERAUTH_REQUEST)
 		fail++;
-	p = buffer_get_string(&b, NULL);
-	if (strcmp(authctxt->user, p) != 0) {
+	p = buffer_get_cstring(&b, NULL);
+	xasprintf(&userstyle, "%s%s%s", authctxt->user,
+	    authctxt->style ? ":" : "",
+	    authctxt->style ? authctxt->style : "");
+	if (strcmp(userstyle, p) != 0) {
 		logit("wrong user name passed to monitor: expected %s != %.100s",
-		    authctxt->user, p);
+		    userstyle, p);
 		fail++;
 	}
+	xfree(userstyle);
 	xfree(p);
 	buffer_skip_string(&b);
 	if (datafellows & SSH_BUG_PKAUTH) {
 		if (!buffer_get_char(&b))
 			fail++;
 	} else {
-		p = buffer_get_string(&b, NULL);
+		p = buffer_get_cstring(&b, NULL);
 		if (strcmp("publickey", p) != 0)
 			fail++;
 		xfree(p);
@@ -1294,7 +1298,7 @@ monitor_valid_hostbasedblob(u_char *data, u_int datalen, char *cuser,
     char *chost)
 {
 	Buffer b;
-	char *p;
+	char *p, *userstyle;
 	u_int len;
 	int fail = 0;
 
@@ -1310,15 +1314,19 @@ monitor_valid_hostbasedblob(u_char *data, u_int datalen, char *cuser,
 
 	if (buffer_get_char(&b) != SSH2_MSG_USERAUTH_REQUEST)
 		fail++;
-	p = buffer_get_string(&b, NULL);
-	if (strcmp(authctxt->user, p) != 0) {
+	p = buffer_get_cstring(&b, NULL);
+	xasprintf(&userstyle, "%s%s%s", authctxt->user,
+	    authctxt->style ? ":" : "",
+	    authctxt->style ? authctxt->style : "");
+	if (strcmp(userstyle, p) != 0) {
 		logit("wrong user name passed to monitor: expected %s != %.100s",
-		    authctxt->user, p);
+		    userstyle, p);
 		fail++;
 	}
+	free(userstyle);
 	xfree(p);
 	buffer_skip_string(&b);	/* service */
-	p = buffer_get_string(&b, NULL);
+	p = buffer_get_cstring(&b, NULL);
 	if (strcmp(p, "hostbased") != 0)
 		fail++;
 	xfree(p);