From 395df2c1aeed253ccaad7978a0cf866c3ef3a738 Mon Sep 17 00:00:00 2001 From: Pekka Riikonen Date: Thu, 8 Nov 2001 21:19:22 +0000 Subject: [PATCH] updates. --- CHANGES | 32 +++++++++ TODO | 8 ++- apps/irssi/src/silc/core/silc-core.c | 4 +- apps/silcd/protocol.c | 15 +++- apps/silcd/silcd.c | 3 +- doc/draft-riikonen-silc-commands-02.nroff | 2 +- doc/draft-riikonen-silc-ke-auth-04.nroff | 30 ++++---- doc/draft-riikonen-silc-pp-04.nroff | 12 ++-- doc/draft-riikonen-silc-spec-04.nroff | 4 +- lib/silcclient/client_keyagr.c | 8 +-- lib/silcclient/protocol.c | 8 ++- lib/silccore/silcauth.c | 2 +- lib/silccore/silcauth.h | 2 +- lib/silcske/silcske.c | 86 ++++++++++++++++++----- lib/silcutil/silclog.c | 11 ++- lib/silcutil/silclog.h | 3 +- lib/silcutil/silcnet.h | 2 +- lib/silcutil/unix/silcunixnet.c | 2 +- lib/silcutil/win32/silcwin32net.c | 2 +- 19 files changed, 175 insertions(+), 61 deletions(-) diff --git a/CHANGES b/CHANGES index d91e3eca..f9a63bd7 100644 --- a/CHANGES +++ b/CHANGES @@ -1,3 +1,35 @@ +Thu Nov 8 22:21:09 EET 2001 Pekka Riikonen + + * Call check_version SKE callback for initiator too. Affected + file lib/silcske/silcske.c. + + * Implemented fix for security hole found in the SKE that was + fixed in the specification few days back; the initiator's + public key is now added to the HASH value computation. + Added backwards support for the old way of doing it too, for + old clients and old servers. Affected file is + lib/silcske/silcske.c. + + * Enabled mutual authentication by default in SKE. If initiator + is not providing mutual authentication the responder will + force it. This will provide the proof of posession of the + private key for responder. The affected files are + lib/silcclient/protocol.c and silcd/protocol.c. + + * Do not cache anymore the server's public key during SKE. + We do mutual authentication so the proof of posession of + private key is done, and if the server is authenticated in + conn auth protocol with public key we must have the public + key already. Affected file silcd/protocol.c. + + * Added new global debug variable: silc_debug_hexdump. If + it is set to TRUE SILC_LOG_HEXDUMP will be printed. Affected + file lib/silcutil/silclog.[ch]. + + * Fixed compilation warning due to char * -> const char *. + Affected files lib/silcutil/silcnet.h, and + lib/silccore/silcauth.[ch]. + Wed Nov 7 20:43:03 EET 2001 Pekka Riikonen * Fixed CMODE command when new channel key was created. If diff --git a/TODO b/TODO index f8506a6d..03544691 100644 --- a/TODO +++ b/TODO @@ -38,10 +38,12 @@ TODO/bugs in Irssi SILC client TODO/bugs In SILC Client Library ================================ - o JOIN command's argument handling is buggy. See the XXX in the code. - o key agreement with itself causes the packet sequence numbers go grazy. + o WHOIS shows the formatted nickname wrong in some circumstances. + + o JOIN command's argument handling is buggy. See the XXX in the code. + TODO/bugs In SILC Server ======================== @@ -193,4 +195,6 @@ TODO After 1.0 nice as SSH is widely used all over the place. SILC Protocol supports SSH2 public keys. + o OpenPGP certificate support. + o Cipher optimizations (asm, that this) at least for i386 would be nice. diff --git a/apps/irssi/src/silc/core/silc-core.c b/apps/irssi/src/silc/core/silc-core.c index ffc5e2a7..d66a0595 100644 --- a/apps/irssi/src/silc/core/silc-core.c +++ b/apps/irssi/src/silc/core/silc-core.c @@ -57,7 +57,8 @@ static int idletag; SilcClient silc_client = NULL; SilcClientConfig silc_config = NULL; extern SilcClientOperations ops; -extern int silc_debug; +extern bool silc_debug; +extern bool silc_debug_hexdump; #ifdef SILC_SIM /* SIM (SILC Module) table */ SilcSimContext **sims = NULL; @@ -270,6 +271,7 @@ void silc_core_init_finish(void) if (opt_debug) { silc_debug = TRUE; + silc_debug_hexdump = TRUE; silc_log_set_debug_string(opt_debug); silc_log_set_callbacks(silc_log_info, silc_log_warning, silc_log_error, NULL); diff --git a/apps/silcd/protocol.c b/apps/silcd/protocol.c index c78ff8e2..061894be 100644 --- a/apps/silcd/protocol.c +++ b/apps/silcd/protocol.c @@ -56,6 +56,13 @@ silc_verify_public_key_internal(SilcServer server, SilcSocketConnection sock, return TRUE; } + /* XXX For now, accept server keys without verification too. We are + currently always doing mutual authentication so the proof of posession + of the private key is verified, and if server is authenticated in + conn auth protocol with public key we MUST have the key already. */ + return TRUE; + /* Rest is unreachable code! */ + memset(filename, 0, sizeof(filename)); memset(file, 0, sizeof(file)); snprintf(file, sizeof(file) - 1, "serverkey_%s_%d.pub", sock->hostname, @@ -364,6 +371,10 @@ SilcSKEStatus silc_ske_check_version(SilcSKE ske, unsigned char *version, if (maj == 0 && min < 5) status = SILC_SKE_STATUS_BAD_VERSION; + /* XXX backward support for 0.6.1 */ + if (maj == 0 && min == 6 && build < 2) + ske->backward_version = 1; + return status; } @@ -455,12 +466,12 @@ SILC_TASK_CALLBACK(silc_server_protocol_key_exchange) properties packet from initiator. */ status = silc_ske_responder_start(ske, ctx->rng, ctx->sock, silc_version_string, - ctx->packet->buffer, FALSE); + ctx->packet->buffer, TRUE); } else { SilcSKEStartPayload *start_payload; /* Assemble security properties. */ - silc_ske_assemble_security_properties(ske, SILC_SKE_SP_FLAG_NONE, + silc_ske_assemble_security_properties(ske, SILC_SKE_SP_FLAG_MUTUAL, silc_version_string, &start_payload); diff --git a/apps/silcd/silcd.c b/apps/silcd/silcd.c index 7b0122c4..a6f76db1 100644 --- a/apps/silcd/silcd.c +++ b/apps/silcd/silcd.c @@ -70,7 +70,7 @@ Usage: silcd [options]\n\ \n\ Generic Options:\n\ -f --config-file=FILE Alternate configuration file\n\ - -d --debug Enable debugging (no daemon)\n\ + -d --debug=string Enable debugging (no daemon)\n\ -h --help Display this message\n\ -V --version Display version\n\ \n\ @@ -125,6 +125,7 @@ int main(int argc, char **argv) break; case 'd': silc_debug = TRUE; + silc_debug_hexdump = TRUE; silc_log_set_debug_string(optarg); break; case 'f': diff --git a/doc/draft-riikonen-silc-commands-02.nroff b/doc/draft-riikonen-silc-commands-02.nroff index 3b3d7d55..0d9dd30c 100644 --- a/doc/draft-riikonen-silc-commands-02.nroff +++ b/doc/draft-riikonen-silc-commands-02.nroff @@ -14,7 +14,7 @@ .hy 0 .in 0 .nf -Network Working Group P. Riikonen +Network Working Group P. Riikonen Internet-Draft draft-riikonen-silc-commands-02.txt XXX Expires: XXX diff --git a/doc/draft-riikonen-silc-ke-auth-04.nroff b/doc/draft-riikonen-silc-ke-auth-04.nroff index ff32d17b..da93c623 100644 --- a/doc/draft-riikonen-silc-ke-auth-04.nroff +++ b/doc/draft-riikonen-silc-ke-auth-04.nroff @@ -8,16 +8,16 @@ .ds RF FORMFEED[Page %] .ds CF .ds LH Internet-Draft -.ds RH XXX +.ds RH 13 November 2001 .ds CH .na .hy 0 .in 0 .nf -Network Working Group P. Riikonen +Network Working Group P. Riikonen Internet-Draft -draft-riikonen-silc-ke-auth-04.txt XXX -Expires: XXX +draft-riikonen-silc-ke-auth-04.txt 13 November 2001 +Expires: 13 May 2002 .in 3 @@ -87,13 +87,13 @@ Table of Contents 2.5 Key Exchange Status Types ................................. 15 3 SILC Connection Authentication Protocol ....................... 16 3.1 Connection Auth Payload ................................... 18 - 3.2 Connection Authentication Types ........................... 18 + 3.2 Connection Authentication Types ........................... 19 3.2.1 Passphrase Authentication ........................... 19 3.2.2 Public Key Authentication ........................... 19 - 3.3 Connection Authentication Status Types .................... 19 + 3.3 Connection Authentication Status Types .................... 20 4 Security Considerations ....................................... 20 5 References .................................................... 20 -6 Author's Address .............................................. 21 +6 Author's Address .............................................. 22 .ti 0 @@ -939,6 +939,8 @@ o Authentication Data (variable length) - The actual .in 3 + + .ti 0 3.2 Connection Authentication Types @@ -987,14 +989,14 @@ which is then signed. auth_hash = hash(HASH | Key Exchange Start Payload); signature = sign(auth_hash); -The hash() function used to compute the value is the hash function negotiated -in the SKE protocol. The server MUST verify the data, thus it must keep -the HASH and the Key Exchange Start Payload saved during SKE and -authentication protocols. +The hash() function used to compute the value is the hash function +negotiated in the SKE protocol. The server MUST verify the data, thus +it must keep the HASH and the Key Exchange Start Payload saved during +SKE and authentication protocols. If the verified signature matches the sent signature, the authentication -were successful and SILC_PACKET_SUCCESS is sent. If it failed the protocol -execution is stopped and SILC_PACKET_FAILURE is sent. +were successful and SILC_PACKET_SUCCESS is sent. If it failed the +protocol execution is stopped and SILC_PACKET_FAILURE is sent. This is REQUIRED authentication method to be supported by all SILC implementations. @@ -1109,4 +1111,4 @@ Finland EMail: priikone@silcnet.org -This Internet-Draft expires XXX +This Internet-Draft expires 13 May 2002 diff --git a/doc/draft-riikonen-silc-pp-04.nroff b/doc/draft-riikonen-silc-pp-04.nroff index e16ee17f..1b0666c4 100644 --- a/doc/draft-riikonen-silc-pp-04.nroff +++ b/doc/draft-riikonen-silc-pp-04.nroff @@ -8,16 +8,16 @@ .ds RF FORMFEED[Page %] .ds CF .ds LH Internet Draft -.ds RH XXX +.ds RH 13 November 2001 .ds CH .na .hy 0 .in 0 .nf -Network Working Group P. Riikonen +Network Working Group P. Riikonen Internet-Draft -draft-riikonen-silc-pp-04.txt XXX -Expires: XXX +draft-riikonen-silc-pp-04.txt 13 November 2001 +Expires: 13 May 2002 .in 3 @@ -2774,6 +2774,8 @@ security of this protocol. [RFC2119] Bradner, S., "Key Words for use in RFCs to Indicate Requirement Levels", BCP 14, RFC 2119, March 1997. +[SFTP] Ylonen T., and Lehtinen S., "Secure Shell File Transfer + Protocol", Internet Draft, March 2001. .ti 0 5 Author's Address @@ -2786,4 +2788,4 @@ Finland EMail: priikone@silcnet.org -This Internet-Draft expires XXX +This Internet-Draft expires 13 May 2002 diff --git a/doc/draft-riikonen-silc-spec-04.nroff b/doc/draft-riikonen-silc-spec-04.nroff index 3696f21d..3ba65ff2 100644 --- a/doc/draft-riikonen-silc-spec-04.nroff +++ b/doc/draft-riikonen-silc-spec-04.nroff @@ -14,9 +14,9 @@ .hy 0 .in 0 .nf -Network Working Group P. Riikonen +Network Working Group P. Riikonen Internet-Draft -draft-riikonen-silc-spec-04.txt 13 November 2001 +draft-riikonen-silc-spec-04.txt 13 November 2001 Expires: 13 May 2002 .in 3 diff --git a/lib/silcclient/client_keyagr.c b/lib/silcclient/client_keyagr.c index d584baef..20bb4b34 100644 --- a/lib/silcclient/client_keyagr.c +++ b/lib/silcclient/client_keyagr.c @@ -318,12 +318,10 @@ void silc_client_send_key_agreement(SilcClient client, if (hostname) { ke = silc_calloc(1, sizeof(*ke)); - if (bindhost) { + if (bindhost) ke->fd = silc_net_create_server(port, bindhost); - } - else { - ke->fd = silc_net_create_server(port, hostname); - } + else + ke->fd = silc_net_create_server(port, hostname); if (ke->fd < 0) { client->ops->say(client, conn, SILC_CLIENT_MESSAGE_ERROR, diff --git a/lib/silcclient/protocol.c b/lib/silcclient/protocol.c index 9721497f..991d8653 100644 --- a/lib/silcclient/protocol.c +++ b/lib/silcclient/protocol.c @@ -213,8 +213,10 @@ SilcSKEStatus silc_ske_check_version(SilcSKE ske, unsigned char *version, if (maj != maj2) status = SILC_SKE_STATUS_BAD_VERSION; - if (min < min2) - status = SILC_SKE_STATUS_BAD_VERSION; + + /* XXX backward support for 0.6.1 */ + if (maj == 0 && min == 6 && build < 2) + ske->backward_version = 1; if (status != SILC_SKE_STATUS_OK) client->ops->say(client, conn, SILC_CLIENT_MESSAGE_AUDIT, @@ -328,7 +330,7 @@ SILC_TASK_CALLBACK(silc_client_protocol_key_exchange) SilcSKEStartPayload *start_payload; /* Assemble security properties. */ - silc_ske_assemble_security_properties(ske, SILC_SKE_SP_FLAG_NONE, + silc_ske_assemble_security_properties(ske, SILC_SKE_SP_FLAG_MUTUAL, client->silc_client_version, &start_payload); diff --git a/lib/silccore/silcauth.c b/lib/silccore/silcauth.c index 7ac372d3..ef3512ec 100644 --- a/lib/silccore/silcauth.c +++ b/lib/silccore/silcauth.c @@ -441,7 +441,7 @@ SilcKeyAgreementPayload silc_key_agreement_payload_parse(SilcBuffer buffer) /* Encodes the Key Agreement protocol and returns the encoded buffer */ -SilcBuffer silc_key_agreement_payload_encode(char *hostname, +SilcBuffer silc_key_agreement_payload_encode(const char *hostname, uint32 port) { SilcBuffer buffer; diff --git a/lib/silccore/silcauth.h b/lib/silccore/silcauth.h index 5f15f8a6..a42c60fc 100644 --- a/lib/silccore/silcauth.h +++ b/lib/silccore/silcauth.h @@ -314,7 +314,7 @@ SilcKeyAgreementPayload silc_key_agreement_payload_parse(SilcBuffer buffer); * Encodes the Key Agreement protocol and returns the encoded buffer * ***/ -SilcBuffer silc_key_agreement_payload_encode(char *hostname, +SilcBuffer silc_key_agreement_payload_encode(const char *hostname, uint32 port); /****f* silccore/SilcAuthAPI/silc_key_agreement_payload_free diff --git a/lib/silcske/silcske.c b/lib/silcske/silcske.c index 1e25f554..a7747bba 100644 --- a/lib/silcske/silcske.c +++ b/lib/silcske/silcske.c @@ -229,6 +229,18 @@ SilcSKEStatus silc_ske_initiator_phase_1(SilcSKE ske, return status; } + /* Check version string */ + if (ske->callbacks->check_version) { + status = ske->callbacks->check_version(ske, payload->version, + payload->version_len, + ske->callbacks->context); + if (status != SILC_SKE_STATUS_OK) { + ske->status = status; + silc_ske_payload_start_free(ske->start_payload); + return status; + } + } + /* Free our KE Start Payload context, we don't need it anymore. */ silc_ske_payload_start_free(ske->start_payload); @@ -720,7 +732,7 @@ SilcSKEStatus silc_ske_responder_phase_1(SilcSKE ske, /* Send the packet. */ if (ske->callbacks->send_packet) (*ske->callbacks->send_packet)(ske, payload_buf, SILC_PACKET_KEY_EXCHANGE, - ske->callbacks->context); + ske->callbacks->context); silc_buffer_free(payload_buf); @@ -1573,22 +1585,64 @@ SilcSKEStatus silc_ske_make_hash(SilcSKE ske, f = silc_mp_mp2bin(&ske->ke2_payload->x, 0, &f_len); KEY = silc_mp_mp2bin(ske->KEY, 0, &KEY_len); - buf = silc_buffer_alloc(ske->start_payload_copy->len + - ske->ke2_payload->pk_len + e_len + - f_len + KEY_len); - silc_buffer_pull_tail(buf, SILC_BUFFER_END(buf)); - /* Format the buffer used to compute the hash value */ - ret = - silc_buffer_format(buf, - SILC_STR_UI_XNSTRING(ske->start_payload_copy->data, - ske->start_payload_copy->len), - SILC_STR_UI_XNSTRING(ske->ke2_payload->pk_data, - ske->ke2_payload->pk_len), - SILC_STR_UI_XNSTRING(e, e_len), - SILC_STR_UI_XNSTRING(f, f_len), - SILC_STR_UI_XNSTRING(KEY, KEY_len), - SILC_STR_END); + /* XXX Backward support for 0.6.1 */ + if (ske->backward_version == 1) { + SILC_LOG_DEBUG(("*********** Using old KE payload")); + buf = silc_buffer_alloc(ske->start_payload_copy->len + + ske->ke2_payload->pk_len + e_len + + f_len + KEY_len); + silc_buffer_pull_tail(buf, SILC_BUFFER_END(buf)); + + ret = + silc_buffer_format(buf, + SILC_STR_UI_XNSTRING(ske->start_payload_copy->data, + ske->start_payload_copy->len), + SILC_STR_UI_XNSTRING(ske->ke2_payload->pk_data, + ske->ke2_payload->pk_len), + SILC_STR_UI_XNSTRING(e, e_len), + SILC_STR_UI_XNSTRING(f, f_len), + SILC_STR_UI_XNSTRING(KEY, KEY_len), + SILC_STR_END); + } else { + /* Initiator is not required to send its public key */ + SILC_LOG_DEBUG(("*********** Using new KE payload")); + buf = silc_buffer_alloc(ske->start_payload_copy->len + + ske->ke2_payload->pk_len + + ske->ke1_payload->pk_len + + e_len + f_len + KEY_len); + silc_buffer_pull_tail(buf, SILC_BUFFER_END(buf)); + + if (!ske->ke1_payload->pk_data) { + ret = + silc_buffer_format(buf, + SILC_STR_UI_XNSTRING(ske->start_payload_copy-> + data, + ske->start_payload_copy-> + len), + SILC_STR_UI_XNSTRING(ske->ke2_payload->pk_data, + ske->ke2_payload->pk_len), + SILC_STR_UI_XNSTRING(e, e_len), + SILC_STR_UI_XNSTRING(f, f_len), + SILC_STR_UI_XNSTRING(KEY, KEY_len), + SILC_STR_END); + } else { + ret = + silc_buffer_format(buf, + SILC_STR_UI_XNSTRING(ske->start_payload_copy-> + data, + ske->start_payload_copy-> + len), + SILC_STR_UI_XNSTRING(ske->ke2_payload->pk_data, + ske->ke2_payload->pk_len), + SILC_STR_UI_XNSTRING(ske->ke1_payload->pk_data, + ske->ke1_payload->pk_len), + SILC_STR_UI_XNSTRING(e, e_len), + SILC_STR_UI_XNSTRING(f, f_len), + SILC_STR_UI_XNSTRING(KEY, KEY_len), + SILC_STR_END); + } + } if (ret == -1) { silc_buffer_free(buf); memset(e, 0, e_len); diff --git a/lib/silcutil/silclog.c b/lib/silcutil/silclog.c index 3d3fc84b..0ffb3694 100644 --- a/lib/silcutil/silclog.c +++ b/lib/silcutil/silclog.c @@ -22,7 +22,8 @@ #include "silcincludes.h" /* Set TRUE/FALSE to enable/disable debugging */ -int silc_debug = FALSE; +bool silc_debug = FALSE; +bool silc_debug_hexdump = FALSE; char *silc_debug_string = NULL; /* SILC Log name strings. These strings are printed to the log file. */ @@ -178,7 +179,7 @@ void silc_log_output_hexdump(char *file, char *function, int off, pos, count; unsigned char *data = (unsigned char *)data_in; - if (!silc_debug) { + if (!silc_debug_hexdump) { silc_free(string); return; } @@ -315,5 +316,9 @@ void silc_log_reset_debug_callbacks() void silc_log_set_debug_string(const char *debug_string) { silc_free(silc_debug_string); - silc_debug_string = silc_string_regexify(debug_string); + if (strchr(debug_string, '(') && + strchr(debug_string, ')')) + silc_debug_string = strdup(debug_string); + else + silc_debug_string = silc_string_regexify(debug_string); } diff --git a/lib/silcutil/silclog.h b/lib/silcutil/silclog.h index 97a870a3..6dca78c6 100644 --- a/lib/silcutil/silclog.h +++ b/lib/silcutil/silclog.h @@ -22,7 +22,8 @@ #define SILCLOG_H /* Set TRUE/FALSE to enable/disable debugging */ -extern int silc_debug; +extern bool silc_debug; +extern bool silc_debug_hexdump; extern char *silc_debug_string; /* SILC Log types */ diff --git a/lib/silcutil/silcnet.h b/lib/silcutil/silcnet.h index 124fcbf7..8659cc54 100644 --- a/lib/silcutil/silcnet.h +++ b/lib/silcutil/silcnet.h @@ -53,7 +53,7 @@ * the created socket or -1 on error. * ***/ -int silc_net_create_server(int port, char *ip_addr); +int silc_net_create_server(int port, const char *ip_addr); /****f* silcutil/SilcNetAPI/silc_net_close_server * diff --git a/lib/silcutil/unix/silcunixnet.c b/lib/silcutil/unix/silcunixnet.c index cc8a26b6..12b28b77 100644 --- a/lib/silcutil/unix/silcunixnet.c +++ b/lib/silcutil/unix/silcunixnet.c @@ -28,7 +28,7 @@ If argument `ip_addr' is NULL `any' address will be used. Returns the created socket or -1 on error. */ -int silc_net_create_server(int port, char *ip_addr) +int silc_net_create_server(int port, const char *ip_addr) { int sock, rval; struct sockaddr_in server; diff --git a/lib/silcutil/win32/silcwin32net.c b/lib/silcutil/win32/silcwin32net.c index e8fcc26a..0ff72b33 100644 --- a/lib/silcutil/win32/silcwin32net.c +++ b/lib/silcutil/win32/silcwin32net.c @@ -28,7 +28,7 @@ If argument `ip_addr' is NULL `any' address will be used. Returns the created socket or -1 on error. */ -int silc_net_create_server(int port, char *ip_addr) +int silc_net_create_server(int port, const char *ip_addr) { SOCKET sock; int rval; -- 2.24.0