From 381c46818ffa4605d0ca39818fe317de445eb6de Mon Sep 17 00:00:00 2001 From: Daniel Kahn Gillmor Date: Mon, 9 Apr 2018 18:06:38 -0400 Subject: [PATCH] agent: unknown flags on ssh signing requests cause an error. * agent/command-ssh.c (ssh_handler_sign_request): if a flag is passed during an signature request that we do not know how to apply, return GPG_ERR_UNKNOWN_OPTION. -- https://tools.ietf.org/html/draft-miller-ssh-agent-02#section-4.5 says: If the agent does not support the requested flags, or is otherwise unable or unwilling to generate the signature (e.g. because it doesn't have the specified key, or the user refused confirmation of a constrained key), it must reply with a SSH_AGENT_FAILURE message. Signed-off-by: Daniel Kahn Gillmor GnuPG-bug-id: 3880 --- agent/command-ssh.c | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) diff --git a/agent/command-ssh.c b/agent/command-ssh.c index 5317df58a..ac67dd092 100644 --- a/agent/command-ssh.c +++ b/agent/command-ssh.c @@ -2864,7 +2864,7 @@ ssh_handler_sign_request (ctrl_t ctrl, estream_t request, estream_t response) unsigned char *sig = NULL; size_t sig_n; u32 data_size; - u32 flags; + u32 flags, known_flags = 0; gpg_error_t err; gpg_error_t ret_err; int hash_algo; @@ -2890,6 +2890,7 @@ ssh_handler_sign_request (ctrl_t ctrl, estream_t request, estream_t response) if (spec.algo == GCRY_PK_RSA) { + known_flags = SSH_AGENT_RSA_SHA2_256 | SSH_AGENT_RSA_SHA2_512; if ((flags & SSH_AGENT_RSA_SHA2_256)) { spec.ssh_identifier = "rsa-sha2-256"; @@ -2902,6 +2903,13 @@ ssh_handler_sign_request (ctrl_t ctrl, estream_t request, estream_t response) } } + /* some flag is present that we do not know about. */ + if (flags & ~known_flags) + { + err = gpg_error (GPG_ERR_UNKNOWN_OPTION); + goto out; + } + hash_algo = spec.hash_algo; if (!hash_algo) hash_algo = GCRY_MD_SHA1; /* Use the default. */