ssh: report verified signature format to callback
I was advised to create a pull request to fix the following issue:
https://issuetracker.google.com/issues/534434075
Since it may be a security vulnerability, I am not sure if I should
create an issue at golang/go, but I can do that if needed.
diff --git a/ssh/server.go b/ssh/server.go
index 07d2405..e090262 100644
--- a/ssh/server.go
+++ b/ssh/server.go
@@ -229,7 +229,9 @@
// Permissions object can be the same object, optionally modified, or a
// completely new object. If VerifiedPublicKeyCallback is non-nil,
// PublicKeyCallback is not allowed to return a PartialSuccessError, which
- // can instead be returned by VerifiedPublicKeyCallback.
+ // can instead be returned by VerifiedPublicKeyCallback. The
+ // signatureAlgorithm argument is the format of the signature that was
+ // successfully verified.
//
// VerifiedPublicKeyCallback does not affect which authentication methods
// are included in the list of methods that can be attempted by the client.
@@ -891,7 +893,7 @@
// Only call VerifiedPublicKeyCallback after the key has been accepted
// and successfully verified. If authErr is non-nil, the key is not
// considered verified and the callback must not run.
- perms, authErr = config.VerifiedPublicKeyCallback(s, pubKey, perms, algo)
+ perms, authErr = config.VerifiedPublicKeyCallback(s, pubKey, perms, sig.Format)
}
}
case "gssapi-with-mic":
diff --git a/ssh/server_test.go b/ssh/server_test.go
index 0f84616..7116ad4 100644
--- a/ssh/server_test.go
+++ b/ssh/server_test.go
@@ -544,6 +544,62 @@
<-done
}
+func TestVerifiedPublicKeyCallbackSignatureFormat(t *testing.T) {
+ c1, c2, err := netPipe()
+ if err != nil {
+ t.Fatalf("netPipe: %v", err)
+ }
+ defer c1.Close()
+ defer c2.Close()
+
+ var gotSignatureAlgorithm string
+ serverConf := &ServerConfig{
+ PublicKeyCallback: func(conn ConnMetadata, key PublicKey) (*Permissions, error) {
+ return nil, nil
+ },
+ VerifiedPublicKeyCallback: func(conn ConnMetadata, key PublicKey, permissions *Permissions, signatureAlgorithm string) (*Permissions, error) {
+ gotSignatureAlgorithm = signatureAlgorithm
+ return permissions, nil
+ },
+ }
+ serverConf.AddHostKey(testSigners["rsa"])
+
+ serverDone := make(chan error, 1)
+ go func() {
+ conn, _, _, err := NewServerConn(c1, serverConf)
+ if err == nil {
+ conn.Close()
+ }
+ serverDone <- err
+ }()
+
+ clientConf := &ClientConfig{
+ User: "user",
+ Auth: []AuthMethod{
+ // The selected algorithm and signature format differ for
+ // compatibility with old RSA clients.
+ configurablePublicKeyCallback{
+ signer: testSigners["rsa"].(AlgorithmSigner),
+ signatureAlgo: KeyAlgoRSASHA256,
+ signatureFormat: KeyAlgoRSA,
+ },
+ },
+ HostKeyCallback: InsecureIgnoreHostKey(),
+ }
+
+ clientConn, _, _, clientErr := NewClientConn(c2, "", clientConf)
+ if clientErr == nil {
+ clientConn.Close()
+ }
+ serverErr := <-serverDone
+ if clientErr != nil || serverErr != nil {
+ t.Fatalf("connection failed: client error: %v; server error: %v", clientErr, serverErr)
+ }
+ if gotSignatureAlgorithm != KeyAlgoRSA {
+ t.Errorf("signature algorithm = %q; want verified signature format %q", gotSignatureAlgorithm, KeyAlgoRSA)
+ }
+}
+
func TestVerifiedPublicCallbackPartialSuccess(t *testing.T) {
c1, c2, err := netPipe()
if err != nil {
| Inspect html for hidden footers to help with email filtering. To unsubscribe visit settings. |
I spotted some possible problems with your PR:
1. You usually need to reference a bug number for all but trivial or cosmetic fixes. For the crypto repo, the format is usually 'Fixes golang/go#12345' or 'Updates golang/go#12345' at the end of the commit message. Should you have a bug reference?
Please address any problems by updating the GitHub PR.
When complete, mark this comment as 'Done' and click the [blue 'Reply' button](https://go.dev/wiki/GerritBot#i-left-a-reply-to-a-comment-in-gerrit-but-no-one-but-me-can-see-it) above. These findings are based on heuristics; if a finding does not apply, briefly reply here saying so.
To update the commit title or commit message body shown here in Gerrit, you must edit the GitHub PR title and PR description (the first comment) in the GitHub web interface using the 'Edit' button or 'Edit' menu entry there. Note: pushing a new commit to the PR will not automatically update the commit message used by Gerrit.
For more details, see:
(In general for Gerrit code reviews, the change author is expected to [log in to Gerrit](https://go-review.googlesource.com/login/) with a Gmail or other Google account and then close out each piece of feedback by marking it as 'Done' if implemented as suggested or otherwise reply to each review comment. See the [Review](https://go.dev/doc/contribute#review) section of the Contributing Guide for details.)
| Inspect html for hidden footers to help with email filtering. To unsubscribe visit settings. |
Congratulations on opening your first change. Thank you for your contribution!
Next steps:
A maintainer will review your change and provide feedback. See
https://go.dev/doc/contribute#review for more info and tips to get your
patch through code review.
Most changes in the Go project go through a few rounds of revision. This can be
surprising to people new to the project. The careful, iterative review process
is our way of helping mentor contributors and ensuring that their contributions
have a lasting impact.
During May-July and Nov-Jan the Go project is in a code freeze, during which
little code gets reviewed or merged. If a reviewer responds with a comment like
R=go1.11 or adds a tag like "wait-release", it means that this CL will be
reviewed as part of the next development cycle. See https://go.dev/s/release
for more details.
| Inspect html for hidden footers to help with email filtering. To unsubscribe visit settings. |
| Inspect html for hidden footers to help with email filtering. To unsubscribe visit settings. |
I spotted some possible problems with your PR:
1. You usually need to reference a bug number for all but trivial or cosmetic fixes. For the crypto repo, the format is usually 'Fixes golang/go#12345' or 'Updates golang/go#12345' at the end of the commit message. Should you have a bug reference?Please address any problems by updating the GitHub PR.
When complete, mark this comment as 'Done' and click the [blue 'Reply' button](https://go.dev/wiki/GerritBot#i-left-a-reply-to-a-comment-in-gerrit-but-no-one-but-me-can-see-it) above. These findings are based on heuristics; if a finding does not apply, briefly reply here saying so.
To update the commit title or commit message body shown here in Gerrit, you must edit the GitHub PR title and PR description (the first comment) in the GitHub web interface using the 'Edit' button or 'Edit' menu entry there. Note: pushing a new commit to the PR will not automatically update the commit message used by Gerrit.
For more details, see:
- [how to update commit messages](https://go.dev/wiki/GerritBot/#how-does-gerritbot-determine-the-final-commit-message) for PRs imported into Gerrit.
- the Go project's [conventions for commit messages](https://go.dev/doc/contribute#commit_messages) that you should follow.
(In general for Gerrit code reviews, the change author is expected to [log in to Gerrit](https://go-review.googlesource.com/login/) with a Gmail or other Google account and then close out each piece of feedback by marking it as 'Done' if implemented as suggested or otherwise reply to each review comment. See the [Review](https://go.dev/doc/contribute#review) section of the Contributing Guide for details.)
Done
| Inspect html for hidden footers to help with email filtering. To unsubscribe visit settings. |
| Inspect html for hidden footers to help with email filtering. To unsubscribe visit settings. |
| Inspect html for hidden footers to help with email filtering. To unsubscribe visit settings. |
| Auto-Submit | +1 |
| Code-Review | +1 |
| Inspect html for hidden footers to help with email filtering. To unsubscribe visit settings. |
| Code-Review | +1 |
| Inspect html for hidden footers to help with email filtering. To unsubscribe visit settings. |
ssh: report verified signature format to callback
VerifiedPublicKeyCallback currently receives the public-key algorithm
declared in the outer authentication request. For RSA authentication,
that value can differ from the format of the signature that was
successfully verified because compatible RSA algorithm combinations are
accepted.
This can cause post-verification policy or audit decisions to use the
request algorithm instead of the signature format actually verified.
Pass sig.Format to VerifiedPublicKeyCallback so signatureAlgorithm
identifies the successfully verified signature format. Clarify the
callback documentation and add a regression test covering compatible
but different RSA request algorithms and signature formats.
Fixes golang/go#80411
| Inspect html for hidden footers to help with email filtering. To unsubscribe visit settings. |