Sync from SUSE:ALP:Source:Standard:1.0 openssh revision 54b13796f9b33afe0e9931dcf8f24715

This commit is contained in:
Adrian Schröter 2023-12-21 13:41:09 +01:00
commit 5498cc7816
66 changed files with 21199 additions and 0 deletions

23
.gitattributes vendored Normal file
View File

@ -0,0 +1,23 @@
## Default LFS
*.7z filter=lfs diff=lfs merge=lfs -text
*.bsp filter=lfs diff=lfs merge=lfs -text
*.bz2 filter=lfs diff=lfs merge=lfs -text
*.gem filter=lfs diff=lfs merge=lfs -text
*.gz filter=lfs diff=lfs merge=lfs -text
*.jar filter=lfs diff=lfs merge=lfs -text
*.lz filter=lfs diff=lfs merge=lfs -text
*.lzma filter=lfs diff=lfs merge=lfs -text
*.obscpio filter=lfs diff=lfs merge=lfs -text
*.oxt filter=lfs diff=lfs merge=lfs -text
*.pdf filter=lfs diff=lfs merge=lfs -text
*.png filter=lfs diff=lfs merge=lfs -text
*.rpm filter=lfs diff=lfs merge=lfs -text
*.tbz filter=lfs diff=lfs merge=lfs -text
*.tbz2 filter=lfs diff=lfs merge=lfs -text
*.tgz filter=lfs diff=lfs merge=lfs -text
*.ttf filter=lfs diff=lfs merge=lfs -text
*.txz filter=lfs diff=lfs merge=lfs -text
*.whl filter=lfs diff=lfs merge=lfs -text
*.xz filter=lfs diff=lfs merge=lfs -text
*.zip filter=lfs diff=lfs merge=lfs -text
*.zst filter=lfs diff=lfs merge=lfs -text

64
README.FIPS Normal file
View File

@ -0,0 +1,64 @@
Notes on FIPS mode and OpenSSH
---
SUSE OpenSSH comes with FIPS 140-2 support, and certain versions have been
certified as FIPS compliant by NIST. Apart from other things, this standard
puts restrictions on cryptographic algorithms that may be used.
Important notice: FIPS is not only a matter of functionality. If you want to
claim having a FIPS certified service, you *must* use the certified binaries.
Even binaries built from the same sources in the same environment and running
on a certified system, yet from a package lacking the certification, are
formally not considered to be fulfilling the requirements.
The certified binaries (ssh, sshd, sftp-server) perform mandatory selfcheck at
startup and proceed only when the checks succeed (non-certified binaries may
skip the check). These checks require the cryptographic hashes contained in the
openssh-fips subpackage.
The FIPS mode for OpenSSH is enabled in two ways - either:
1) /proc/sys/crypto/fips_enabled contains a single character '1' - this is a
system-wide setting controlled bu the fips kernel parameter; or
2) the environment variable SSH_FORCE_FIPS - if set (to any value), the
binaries behave as if they were running on a system in FIPS mode.
Since FIPS 140-2 only allows use of certain cryptographic algorithms, both the
client and server will fail if they are requested to use non-approved
algorithms while in FIPS mode. This means that working configurations for FIPS
mode form a proper subset of all working (generic) configurations. Some
configurations may even prevent the binaries from starting at all.
This however should be viewed in the context of FIPS being a security policy
tool - it is not of much use to run the same system both in FIPS mode and
outside of it, since that would defeat the main purpose of FIPS having
guaranteeing standardised minimum restrictions on cryptographic algorithms
(and thus on the overall security of the system).
Unless you specify what cryptographic algorithms you wish to use, both the
client and server should work out of the box in FIPS mode.
For sshd, you can use the `-t` option to check whether the configuration file
is working. Setting the above mentioned environment variable allows testing of
behaviour in FIPS mode (checksum files for both OpenSSH and OpenSSL must be
installed).
In addition to cryptographic algorithms restrictions, sshd performs periodic
PRNG re-seeding. The seed is read from entropy source either /dev/urandom or
/dev/random. By default, the former is used, unless the environment variable
SSH_USE_STRONG_RNG is set to a non-zero value or the binary is running in FIPS
mode. This has two important implications:
1) the selected entropy source must be available, i.e. when running in a
changeroot the device files need to be present there.
2) /dev/random is a blocking interface - unless enough randomness is available,
the process stops until the entropy pool is replenished. Thus on systems where
a long running processes are expected, one should make sure there is always
enough entropy for sshd. Sporadically this may also cause sshd to aborted,
since some versions of OpenSSL (the underlying cryptographic engine) don't
handle gracefully being interrupted while trying to read entropy from the
system source.

16
README.SUSE Normal file
View File

@ -0,0 +1,16 @@
There are following changes in default settings of ssh client and server:
* Accepting and sending of locale environment variables in protocol 2 is
enabled.
* PAM authentication is enabled and mostly even required, do not turn it off.
* DSA authentication is enabled by default for maximum compatibility.
NOTE: do not use DSA authentication since it is being phased out for a reason
- the size of DSA keys is limited by the standard to 1024 bits which cannot
be considered safe any more.
* Accepting all RFC4419 specified DH group parameters. See KexDHMin in
ssh_config and sshd_config manual pages.
For more information on differences in SUSE OpenSSH package see README.FIPS

18
README.kerberos Normal file
View File

@ -0,0 +1,18 @@
This version of the Kerbros/GSSAPI support avoids DNS lookups
for Kerberos-related names. These DNS lookups were problematic
for dialup users because they would lead to excessive delays
if DNS was not reachable.
If you do use Kerberos, please make sure you edit the server and
client configuration files as follows:
/etc/ssh/sshd_config:
GSSAPIAuthentication yes
GSSAPICleanupCredentials yes
/etc/ssh/ssh_config:
Host *
... lots of other options ...
GSSAPIAuthentication yes
GSSAPIDelegateCredentials yes

3
_multibuild Normal file
View File

@ -0,0 +1,3 @@
<multibuild>
<package>openssh-askpass-gnome</package>
</multibuild>

184
cavs_driver-ssh.pl Normal file
View File

@ -0,0 +1,184 @@
#!/usr/bin/perl
#
# CAVS test driver for OpenSSH
#
# Copyright (C) 2015, Stephan Mueller <smueller@chronox.de>
#
# Permission is hereby granted, free of charge, to any person obtaining a copy
# of this software and associated documentation files (the "Software"), to deal
# in the Software without restriction, including without limitation the rights
# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
# copies of the Software, and to permit persons to whom the Software is
# furnished to do so, subject to the following conditions:
#
# The above copyright notice and this permission notice shall be included in
# all copies or substantial portions of the Software.
#
# NO WARRANTY
#
# BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY
# FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN
# OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES
# PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED
# OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS
# TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE
# PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING,
# REPAIR OR CORRECTION.
#
# IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING
# WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR
# REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES,
# INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING
# OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED
# TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY
# YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER
# PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE
# POSSIBILITY OF SUCH DAMAGES.
#
use strict;
use warnings;
use IPC::Open2;
# Executing a program by feeding STDIN and retrieving
# STDOUT
# $1: data string to be piped to the app on STDIN
# rest: program and args
# returns: STDOUT of program as string
sub pipe_through_program($@) {
my $in = shift;
my @args = @_;
my ($CO, $CI);
my $pid = open2($CO, $CI, @args);
my $out = "";
my $len = length($in);
my $first = 1;
while (1) {
my $rin = "";
my $win = "";
# Output of prog is FD that we read
vec($rin,fileno($CO),1) = 1;
# Input of prog is FD that we write
# check for $first is needed because we can have NULL input
# that is to be written to the app
if ( $len > 0 || $first) {
(vec($win,fileno($CI),1) = 1);
$first=0;
}
# Let us wait for 100ms
my $nfound = select(my $rout=$rin, my $wout=$win, undef, 0.1);
if ( $wout ) {
my $written = syswrite($CI, $in, $len);
die "broken pipe" if !defined $written;
$len -= $written;
substr($in, 0, $written) = "";
if ($len <= 0) {
close $CI or die "broken pipe: $!";
}
}
if ( $rout ) {
my $tmp_out = "";
my $bytes_read = sysread($CO, $tmp_out, 4096);
$out .= $tmp_out;
last if ($bytes_read == 0);
}
}
close $CO or die "broken pipe: $!";
waitpid $pid, 0;
return $out;
}
# Parser of CAVS test vector file
# $1: Test vector file
# $2: Output file for test results
# return: nothing
sub parse($$) {
my $infile = shift;
my $outfile = shift;
my $out = "";
my $K = "";
my $H = "";
my $session_id = "";
my $ivlen = 0;
my $eklen = "";
my $iklen = "";
open(IN, "<$infile");
while(<IN>) {
my $line = $_;
chomp($line);
$line =~ s/\r//;
if ($line =~ /\[SHA-1\]/) {
$iklen = 20;
} elsif ($line =~ /\[SHA-256\]/) {
$iklen = 32;
} elsif ($line =~ /\[SHA-384\]/) {
$iklen = 48;
} elsif ($line =~ /\[SHA-512\]/) {
$iklen = 64;
} elsif ($line =~ /^\[IV length\s*=\s*(.*)\]/) {
$ivlen = $1;
$ivlen = $ivlen / 8;
} elsif ($line =~ /^\[encryption key length\s*=\s*(.*)\]/) {
$eklen = $1;
$eklen = $eklen / 8;
} elsif ($line =~ /^K\s*=\s*(.*)/) {
$K = $1;
$K = substr($K, 8);
$K = "00" . $K;
} elsif ($line =~ /^H\s*=\s*(.*)/) {
$H = $1;
} elsif ($line =~ /^session_id\s*=\s*(.*)/) {
$session_id = $1;
}
$out .= $line . "\n";
if ($K ne "" && $H ne "" && $session_id ne "" &&
$ivlen ne "" && $eklen ne "" && $iklen > 0) {
$out .= pipe_through_program("", "@LIBEXECDIR@/ssh/cavstest-kdf -H $H -K $K -s $session_id -i $ivlen -e $eklen -m $iklen");
$K = "";
$H = "";
$session_id = "";
}
}
close IN;
$out =~ s/\n/\r\n/g; # make it a dos file
open(OUT, ">$outfile") or die "Cannot create output file $outfile: $?";
print OUT $out;
close OUT;
}
############################################################
#
# let us pretend to be C :-)
sub main() {
my $infile=$ARGV[0];
die "Error: Test vector file $infile not found" if (! -f $infile);
my $outfile = $infile;
# let us add .rsp regardless whether we could strip .req
$outfile =~ s/\.req$//;
$outfile .= ".rsp";
if (-f $outfile) {
die "Output file $outfile could not be removed: $?"
unless unlink($outfile);
}
print STDERR "Performing tests from source file $infile with results stored in destination file $outfile\n";
# Do the job
parse($infile, $outfile);
}
###########################################
# Call it
main();
1;

25
fix-missing-lz.patch Normal file
View File

@ -0,0 +1,25 @@
Index: openssh-9.3p1/Makefile.in
===================================================================
--- openssh-9.3p1.orig/Makefile.in
+++ openssh-9.3p1/Makefile.in
@@ -250,17 +250,17 @@ ssh-ldap-helper$(EXEEXT): $(LIBCOMPAT) l
$(LD) -o $@ ldapconf.o ldapbody.o ldapmisc.o ldap-helper.o $(LDFLAGS) -lssh -lopenbsd-compat -lssh -lopenbsd-compat $(LIBS)
sftp-server$(EXEEXT): $(LIBCOMPAT) libssh.a ssh-sk.o sk-usbhid.o $(SFTPSERVER_OBJS)
- $(LD) -o $@ $(SFTPSERVER_OBJS) ssh-sk.o sk-usbhid.o $(LDFLAGS) -lssh -lopenbsd-compat -lssh $(LIBS) $(LIBFIDO2)
+ $(LD) -o $@ $(SFTPSERVER_OBJS) ssh-sk.o sk-usbhid.o $(LDFLAGS) -lssh -lopenbsd-compat -lssh $(LIBS) $(LIBFIDO2) -lz
sftp$(EXEEXT): $(LIBCOMPAT) libssh.a $(SFTP_OBJS)
$(LD) -o $@ $(SFTP_OBJS) $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS) $(LIBEDIT)
# FIPS tests
cavstest-ctr$(EXEEXT): $(LIBCOMPAT) libssh.a ssh-sk.o sk-usbhid.o cavstest-ctr.o
- $(LD) -o $@ cavstest-ctr.o ssh-sk.o sk-usbhid.o $(LDFLAGS) -lssh -lopenbsd-compat -lssh $(LIBS) $(LIBFIDO2)
+ $(LD) -o $@ cavstest-ctr.o ssh-sk.o sk-usbhid.o $(LDFLAGS) -lssh -lopenbsd-compat -lssh $(LIBS) $(LIBFIDO2) -lz
cavstest-kdf$(EXEEXT): $(LIBCOMPAT) libssh.a ssh-sk.o sk-usbhid.o cavstest-kdf.o
- $(LD) -o $@ cavstest-kdf.o ssh-sk.o sk-usbhid.o $(LDFLAGS) -lssh -lopenbsd-compat -lssh $(LIBS) $(LIBFIDO2)
+ $(LD) -o $@ cavstest-kdf.o ssh-sk.o sk-usbhid.o $(LDFLAGS) -lssh -lopenbsd-compat -lssh $(LIBS) $(LIBFIDO2) -lz
# test driver for the loginrec code - not built by default
logintest: logintest.o $(LIBCOMPAT) libssh.a loginrec.o

View File

@ -0,0 +1,38 @@
# HG changeset patch
# Parent 8df645ca39d64de025d8838c5713812e72308c92
Correctly parse DISPLAY variable for cases where it contains an IPv6 address
(which should - but not always is - in (square) brackets).
bnc#847710 - https://bugzilla.novell.com/show_bug.cgi?id=847710
Index: openssh-8.8p1/channels.c
===================================================================
--- openssh-8.8p1.orig/channels.c
+++ openssh-8.8p1/channels.c
@@ -4776,9 +4776,10 @@ x11_connect_display(struct ssh *ssh)
/*
* Connect to an inet socket. The DISPLAY value is supposedly
* hostname:d[.s], where hostname may also be numeric IP address.
+ * Note that IPv6 numeric addresses contain colons (e.g. ::1:0)
*/
strlcpy(buf, display, sizeof(buf));
- cp = strchr(buf, ':');
+ cp = strrchr(buf, ':');
if (!cp) {
error("Could not find ':' in DISPLAY: %.100s", display);
return -1;
@@ -4793,6 +4794,14 @@ x11_connect_display(struct ssh *ssh)
display);
return -1;
}
+
+ /* Remove brackets surrounding IPv6 addresses if there are any. */
+ if (buf[0] == '[' && (cp = strchr(buf, ']'))) {
+ *cp = 0;
+ cp = buf + 1;
+ } else {
+ cp = buf;
+ }
/* Look up the host address */
memset(&hints, 0, sizeof(hints));

View File

@ -0,0 +1,47 @@
# HG changeset patch
# Parent d25c96855fd67e997e25ec1198d953af33eb289c
# enable trusted X11 forwarding by default in both sshd and sshsystem-wide
# configuration
# bnc#50836 (was suse #35836)
Enable Trusted X11 forwarding by default, since the security benefits of
having it disabled are negligible these days with XI2 being widely used.
Index: openssh-8.8p1/ssh_config
===================================================================
--- openssh-8.8p1.orig/ssh_config
+++ openssh-8.8p1/ssh_config
@@ -17,9 +17,20 @@
# list of available options, their meanings and defaults, please see the
# ssh_config(5) man page.
-# Host *
+Host *
# ForwardAgent no
# ForwardX11 no
+
+# If you do not trust your remote host (or its administrator), you
+# should not forward X11 connections to your local X11-display for
+# security reasons: Someone stealing the authentification data on the
+# remote side (the "spoofed" X-server by the remote sshd) can read your
+# keystrokes as you type, just like any other X11 client could do.
+# Set this to "no" here for global effect or in your own ~/.ssh/config
+# file if you want to have the remote X11 authentification data to
+# expire after twenty minutes after remote login.
+ ForwardX11Trusted yes
+
# PasswordAuthentication yes
# HostbasedAuthentication no
# GSSAPIAuthentication no
Index: openssh-8.8p1/sshd_config
===================================================================
--- openssh-8.8p1.orig/sshd_config
+++ openssh-8.8p1/sshd_config
@@ -84,7 +84,7 @@ AuthorizedKeysFile .ssh/authorized_keys
#AllowAgentForwarding yes
#AllowTcpForwarding yes
#GatewayPorts no
-#X11Forwarding no
+X11Forwarding yes
#X11DisplayOffset 10
#X11UseLocalhost yes
#PermitTTY yes

View File

@ -0,0 +1,23 @@
# HG changeset patch
# Parent 44592f09f090e74432f608084069d30d808fda69
Do not throw away already open sockets for X11 forwarding if another socket
family is not available for bind()
Index: openssh-8.8p1/channels.c
===================================================================
--- openssh-8.8p1.orig/channels.c
+++ openssh-8.8p1/channels.c
@@ -4607,6 +4607,13 @@ x11_create_display_inet(struct ssh *ssh,
debug2_f("bind port %d: %.100s", port,
strerror(errno));
close(sock);
+ /* do not remove successfully opened sockets if
+ * the request failed because the protocol
+ * IPv4/6 is not available (e.g. IPv6 may be
+ * disabled while being supported)
+ */
+ if (EADDRNOTAVAIL == errno)
+ continue;
for (n = 0; n < num_socks; n++)
close(socks[n]);
num_socks = 0;

View File

@ -0,0 +1,304 @@
# HG changeset patch
# Parent cc1022edba2c5eeb0facba08468f65afc2466b63
CAVS test for OpenSSH's own CTR encryption mode implementation
Index: openssh-8.8p1/Makefile.in
===================================================================
--- openssh-8.8p1.orig/Makefile.in
+++ openssh-8.8p1/Makefile.in
@@ -26,6 +26,7 @@ SFTP_SERVER=$(libexecdir)/sftp-server
SSH_KEYSIGN=$(libexecdir)/ssh-keysign
SSH_PKCS11_HELPER=$(libexecdir)/ssh-pkcs11-helper
SSH_SK_HELPER=$(libexecdir)/ssh-sk-helper
+CAVSTEST_CTR=$(libexecdir)/cavstest-ctr
PRIVSEP_PATH=@PRIVSEP_PATH@
SSH_PRIVSEP_USER=@SSH_PRIVSEP_USER@
STRIP_OPT=@STRIP_OPT@
@@ -69,6 +70,8 @@ MKDIR_P=@MKDIR_P@
TARGETS=ssh$(EXEEXT) sshd$(EXEEXT) ssh-add$(EXEEXT) ssh-keygen$(EXEEXT) ssh-keyscan${EXEEXT} ssh-keysign${EXEEXT} ssh-pkcs11-helper$(EXEEXT) ssh-agent$(EXEEXT) scp$(EXEEXT) sftp-server$(EXEEXT) sftp$(EXEEXT) ssh-sk-helper$(EXEEXT)
+TARGETS += cavstest-ctr$(EXEEXT)
+
XMSS_OBJS=\
ssh-xmss.o \
sshkey-xmss.o \
@@ -245,6 +248,10 @@ sftp-server$(EXEEXT): $(LIBCOMPAT) libss
sftp$(EXEEXT): $(LIBCOMPAT) libssh.a $(SFTP_OBJS)
$(LD) -o $@ $(SFTP_OBJS) $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS) $(LIBEDIT)
+# FIPS tests
+cavstest-ctr$(EXEEXT): $(LIBCOMPAT) libssh.a ssh-sk.o sk-usbhid.o cavstest-ctr.o
+ $(LD) -o $@ cavstest-ctr.o ssh-sk.o sk-usbhid.o $(LDFLAGS) -lssh -lopenbsd-compat -lssh $(LIBS) $(LIBFIDO2)
+
# test driver for the loginrec code - not built by default
logintest: logintest.o $(LIBCOMPAT) libssh.a loginrec.o
$(LD) -o $@ logintest.o $(LDFLAGS) loginrec.o -lopenbsd-compat -lssh $(LIBS)
@@ -407,6 +414,7 @@ install-files:
$(INSTALL) -m 0755 $(STRIP_OPT) ssh-sk-helper$(EXEEXT) $(DESTDIR)$(SSH_SK_HELPER)$(EXEEXT)
$(INSTALL) -m 0755 $(STRIP_OPT) sftp$(EXEEXT) $(DESTDIR)$(bindir)/sftp$(EXEEXT)
$(INSTALL) -m 0755 $(STRIP_OPT) sftp-server$(EXEEXT) $(DESTDIR)$(SFTP_SERVER)$(EXEEXT)
+ $(INSTALL) -m 0755 $(STRIP_OPT) cavstest-ctr$(EXEEXT) $(DESTDIR)$(libexecdir)/cavstest-ctr$(EXEEXT)
$(INSTALL) -m 644 ssh.1.out $(DESTDIR)$(mandir)/$(mansubdir)1/ssh.1
$(INSTALL) -m 644 scp.1.out $(DESTDIR)$(mandir)/$(mansubdir)1/scp.1
$(INSTALL) -m 644 ssh-add.1.out $(DESTDIR)$(mandir)/$(mansubdir)1/ssh-add.1
Index: openssh-8.8p1/cavstest-ctr.c
===================================================================
--- /dev/null
+++ openssh-8.8p1/cavstest-ctr.c
@@ -0,0 +1,214 @@
+/*
+ *
+ * invocation (all of the following are equal):
+ * ./ctr-cavstest --algo aes128-ctr --key 987212980144b6a632e864031f52dacc --mode encrypt --data a6deca405eef2e8e4609abf3c3ccf4a6
+ * ./ctr-cavstest --algo aes128-ctr --key 987212980144b6a632e864031f52dacc --mode encrypt --data a6deca405eef2e8e4609abf3c3ccf4a6 --iv 00000000000000000000000000000000
+ * echo -n a6deca405eef2e8e4609abf3c3ccf4a6 | ./ctr-cavstest --algo aes128-ctr --key 987212980144b6a632e864031f52dacc --mode encrypt
+ */
+
+#include "includes.h"
+
+#include <sys/types.h>
+#include <sys/param.h>
+#include <stdarg.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <ctype.h>
+
+#include "xmalloc.h"
+#include "log.h"
+#include "cipher.h"
+
+/* compatibility with old or broken OpenSSL versions */
+#include "openbsd-compat/openssl-compat.h"
+
+void
+usage(void)
+{
+ fprintf(stderr, "Usage: ctr-cavstest --algo <ssh-crypto-algorithm>\n"
+ " --key <hexadecimal-key> --mode <encrypt|decrypt>\n"
+ " [--iv <hexadecimal-iv>] --data <hexadecimal-data>\n\n"
+ "Hexadecimal output is printed to stdout.\n"
+ "Hexadecimal input data can be alternatively read from stdin.\n");
+ exit(1);
+}
+
+void *
+fromhex(char *hex, size_t * len)
+{
+ unsigned char *bin;
+ char *p;
+ size_t n = 0;
+ int shift = 4;
+ unsigned char out = 0;
+ unsigned char *optr;
+
+ bin = xmalloc(strlen(hex) / 2);
+ optr = bin;
+
+ for (p = hex; *p != '\0'; ++p) {
+ unsigned char c;
+
+ c = *p;
+ if (isspace(c))
+ continue;
+
+ if (c >= '0' && c <= '9') {
+ c = c - '0';
+ } else if (c >= 'A' && c <= 'F') {
+ c = c - 'A' + 10;
+ } else if (c >= 'a' && c <= 'f') {
+ c = c - 'a' + 10;
+ } else {
+ /* truncate on nonhex cipher */
+ break;
+ }
+
+ out |= c << shift;
+ shift = (shift + 4) % 8;
+
+ if (shift) {
+ *(optr++) = out;
+ out = 0;
+ ++n;
+ }
+ }
+
+ *len = n;
+ return bin;
+}
+
+#define READ_CHUNK 4096
+#define MAX_READ_SIZE 1024*1024*100
+char *
+read_stdin(void)
+{
+ char *buf;
+ size_t n, total = 0;
+
+ buf = xmalloc(READ_CHUNK);
+
+ do {
+ n = fread(buf + total, 1, READ_CHUNK, stdin);
+ if (n < READ_CHUNK) /* terminate on short read */
+ break;
+
+ total += n;
+ buf = xreallocarray(buf, total + READ_CHUNK, 1);
+ } while (total < MAX_READ_SIZE);
+ return buf;
+}
+
+int
+main(int argc, char *argv[])
+{
+
+ struct sshcipher *c;
+ struct sshcipher_ctx cc;
+ struct sshcipher_ctx *ccp;
+ char *algo = "aes128-ctr";
+ char *hexkey = NULL;
+ char *hexiv = "00000000000000000000000000000000";
+ char *hexdata = NULL;
+ char *p;
+ int i;
+ int encrypt = 1;
+ void *key;
+ size_t keylen;
+ void *iv;
+ size_t ivlen;
+ void *data;
+ size_t datalen;
+ void *outdata;
+
+ for (i = 1; i < argc; ++i) {
+ if (strcmp(argv[i], "--algo") == 0) {
+ algo = argv[++i];
+ } else if (strcmp(argv[i], "--key") == 0) {
+ hexkey = argv[++i];
+ } else if (strcmp(argv[i], "--mode") == 0) {
+ ++i;
+ if (argv[i] == NULL) {
+ usage();
+ }
+ if (strncmp(argv[i], "enc", 3) == 0) {
+ encrypt = 1;
+ } else if (strncmp(argv[i], "dec", 3) == 0) {
+ encrypt = 0;
+ } else {
+ usage();
+ }
+ } else if (strcmp(argv[i], "--iv") == 0) {
+ hexiv = argv[++i];
+ } else if (strcmp(argv[i], "--data") == 0) {
+ hexdata = argv[++i];
+ }
+ }
+
+ if (hexkey == NULL || algo == NULL) {
+ usage();
+ }
+
+ OpenSSL_add_all_algorithms();
+
+ c = cipher_by_name(algo);
+ if (c == NULL) {
+ fprintf(stderr, "Error: unknown algorithm\n");
+ return 2;
+ }
+
+ if (hexdata == NULL) {
+ hexdata = read_stdin();
+ } else {
+ hexdata = xstrdup(hexdata);
+ }
+
+ key = fromhex(hexkey, &keylen);
+
+ if (keylen != 16 && keylen != 24 && keylen == 32) {
+ fprintf(stderr, "Error: unsupported key length\n");
+ return 2;
+ }
+
+ iv = fromhex(hexiv, &ivlen);
+
+ if (ivlen != 16) {
+ fprintf(stderr, "Error: unsupported iv length\n");
+ return 2;
+ }
+
+ data = fromhex(hexdata, &datalen);
+
+ if (data == NULL || datalen == 0) {
+ fprintf(stderr, "Error: no data to encrypt/decrypt\n");
+ return 2;
+ }
+
+ ccp = &cc;
+ cipher_init(&ccp, c, key, keylen, iv, ivlen, encrypt);
+
+ free(key);
+ free(iv);
+
+ outdata = malloc(datalen);
+ if (outdata == NULL) {
+ fprintf(stderr, "Error: memory allocation failure\n");
+ return 2;
+ }
+
+ cipher_crypt(&cc, 0, outdata, data, datalen, 0, 0);
+
+ free(data);
+
+ cipher_free(&cc);
+
+ for (p = outdata; datalen > 0; ++p, --datalen) {
+ printf("%02X", (unsigned char) *p);
+ }
+
+ free(outdata);
+
+ printf("\n");
+ return 0;
+}
Index: openssh-8.8p1/cipher.c
===================================================================
--- openssh-8.8p1.orig/cipher.c
+++ openssh-8.8p1/cipher.c
@@ -58,15 +58,6 @@
#define EVP_CIPHER_CTX void
#endif
-struct sshcipher_ctx {
- int plaintext;
- int encrypt;
- EVP_CIPHER_CTX *evp;
- struct chachapoly_ctx *cp_ctx;
- struct aesctr_ctx ac_ctx; /* XXX union with evp? */
- const struct sshcipher *cipher;
-};
-
struct sshcipher {
char *name;
u_int block_size;
Index: openssh-8.8p1/cipher.h
===================================================================
--- openssh-8.8p1.orig/cipher.h
+++ openssh-8.8p1/cipher.h
@@ -48,7 +48,15 @@
#define CIPHER_DECRYPT 0
struct sshcipher;
-struct sshcipher_ctx;
+struct sshcipher_ctx {
+ int plaintext;
+ int encrypt;
+ EVP_CIPHER_CTX *evp;
+ struct chachapoly_ctx *cp_ctx; /* XXX union with evp? */
+ struct aesctr_ctx ac_ctx; /* XXX union with evp? */
+ const struct sshcipher *cipher;
+};
+
const struct sshcipher *cipher_by_name(const char *);
const char *cipher_warning_message(const struct sshcipher_ctx *);

View File

@ -0,0 +1,450 @@
# HG changeset patch
# Parent 1e1d5a2ab8bddfc800f570755f9ea1addcc878c1
CAVS test for KDF implementation in OpenSSH
Index: openssh-8.8p1/Makefile.in
===================================================================
--- openssh-8.8p1.orig/Makefile.in
+++ openssh-8.8p1/Makefile.in
@@ -27,6 +27,7 @@ SSH_KEYSIGN=$(libexecdir)/ssh-keysign
SSH_PKCS11_HELPER=$(libexecdir)/ssh-pkcs11-helper
SSH_SK_HELPER=$(libexecdir)/ssh-sk-helper
CAVSTEST_CTR=$(libexecdir)/cavstest-ctr
+CAVSTEST_KDF=$(libexecdir)/cavstest-kdf
PRIVSEP_PATH=@PRIVSEP_PATH@
SSH_PRIVSEP_USER=@SSH_PRIVSEP_USER@
STRIP_OPT=@STRIP_OPT@
@@ -70,7 +71,7 @@ MKDIR_P=@MKDIR_P@
TARGETS=ssh$(EXEEXT) sshd$(EXEEXT) ssh-add$(EXEEXT) ssh-keygen$(EXEEXT) ssh-keyscan${EXEEXT} ssh-keysign${EXEEXT} ssh-pkcs11-helper$(EXEEXT) ssh-agent$(EXEEXT) scp$(EXEEXT) sftp-server$(EXEEXT) sftp$(EXEEXT) ssh-sk-helper$(EXEEXT)
-TARGETS += cavstest-ctr$(EXEEXT)
+TARGETS += cavstest-ctr$(EXEEXT) cavstest-kdf$(EXEEXT)
XMSS_OBJS=\
ssh-xmss.o \
@@ -252,6 +253,9 @@ sftp$(EXEEXT): $(LIBCOMPAT) libssh.a $(S
cavstest-ctr$(EXEEXT): $(LIBCOMPAT) libssh.a ssh-sk.o sk-usbhid.o cavstest-ctr.o
$(LD) -o $@ cavstest-ctr.o ssh-sk.o sk-usbhid.o $(LDFLAGS) -lssh -lopenbsd-compat -lssh $(LIBS) $(LIBFIDO2)
+cavstest-kdf$(EXEEXT): $(LIBCOMPAT) libssh.a ssh-sk.o sk-usbhid.o cavstest-kdf.o
+ $(LD) -o $@ cavstest-kdf.o ssh-sk.o sk-usbhid.o $(LDFLAGS) -lssh -lopenbsd-compat -lssh $(LIBS) $(LIBFIDO2)
+
# test driver for the loginrec code - not built by default
logintest: logintest.o $(LIBCOMPAT) libssh.a loginrec.o
$(LD) -o $@ logintest.o $(LDFLAGS) loginrec.o -lopenbsd-compat -lssh $(LIBS)
@@ -415,6 +419,7 @@ install-files:
$(INSTALL) -m 0755 $(STRIP_OPT) sftp$(EXEEXT) $(DESTDIR)$(bindir)/sftp$(EXEEXT)
$(INSTALL) -m 0755 $(STRIP_OPT) sftp-server$(EXEEXT) $(DESTDIR)$(SFTP_SERVER)$(EXEEXT)
$(INSTALL) -m 0755 $(STRIP_OPT) cavstest-ctr$(EXEEXT) $(DESTDIR)$(libexecdir)/cavstest-ctr$(EXEEXT)
+ $(INSTALL) -m 0755 $(STRIP_OPT) cavstest-kdf$(EXEEXT) $(DESTDIR)$(libexecdir)/cavstest-kdf$(EXEEXT)
$(INSTALL) -m 644 ssh.1.out $(DESTDIR)$(mandir)/$(mansubdir)1/ssh.1
$(INSTALL) -m 644 scp.1.out $(DESTDIR)$(mandir)/$(mansubdir)1/scp.1
$(INSTALL) -m 644 ssh-add.1.out $(DESTDIR)$(mandir)/$(mansubdir)1/ssh-add.1
Index: openssh-8.8p1/cavstest-kdf.c
===================================================================
--- /dev/null
+++ openssh-8.8p1/cavstest-kdf.c
@@ -0,0 +1,402 @@
+/*
+ * Copyright (C) 2015, Stephan Mueller <smueller@chronox.de>
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, and the entire permission notice in its entirety,
+ * including the disclaimer of warranties.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. The name of the author may not be used to endorse or promote
+ * products derived from this software without specific prior
+ * written permission.
+ *
+ * ALTERNATIVELY, this product may be distributed under the terms of
+ * the GNU General Public License, in which case the provisions of the GPL2
+ * are required INSTEAD OF the above restrictions. (This clause is
+ * necessary due to a potential bad interaction between the GPL and
+ * the restrictions contained in a BSD-style copyright.)
+ *
+ * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED
+ * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
+ * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE, ALL OF
+ * WHICH ARE HEREBY DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE
+ * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+ * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT
+ * OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR
+ * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
+ * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE
+ * USE OF THIS SOFTWARE, EVEN IF NOT ADVISED OF THE POSSIBILITY OF SUCH
+ * DAMAGE.
+ */
+
+#include "includes.h"
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <errno.h>
+#include <sys/types.h>
+#include <string.h>
+
+#include <openssl/bn.h>
+
+#include "xmalloc.h"
+#include "ssherr.h"
+#include "sshbuf.h"
+#include "sshkey.h"
+#include "cipher.h"
+#include "kex.h"
+#include "packet.h"
+
+static int bin_char(unsigned char hex)
+{
+ if (48 <= hex && 57 >= hex)
+ return (hex - 48);
+ if (65 <= hex && 70 >= hex)
+ return (hex - 55);
+ if (97 <= hex && 102 >= hex)
+ return (hex - 87);
+ return 0;
+}
+
+/*
+ * Convert hex representation into binary string
+ * @hex input buffer with hex representation
+ * @hexlen length of hex
+ * @bin output buffer with binary data
+ * @binlen length of already allocated bin buffer (should be at least
+ * half of hexlen -- if not, only a fraction of hexlen is converted)
+ */
+static void hex2bin(const char *hex, size_t hexlen,
+ unsigned char *bin, size_t binlen)
+{
+ size_t i = 0;
+ size_t chars = (binlen > (hexlen / 2)) ? (hexlen / 2) : binlen;
+
+ for (i = 0; i < chars; i++) {
+ bin[i] = bin_char(hex[(i*2)]) << 4;
+ bin[i] |= bin_char(hex[((i*2)+1)]);
+ }
+}
+
+/*
+ * Allocate sufficient space for binary representation of hex
+ * and convert hex into bin
+ *
+ * Caller must free bin
+ * @hex input buffer with hex representation
+ * @hexlen length of hex
+ * @bin return value holding the pointer to the newly allocated buffer
+ * @binlen return value holding the allocated size of bin
+ *
+ * return: 0 on success, !0 otherwise
+ */
+static int hex2bin_alloc(const char *hex, size_t hexlen,
+ unsigned char **bin, size_t *binlen)
+{
+ unsigned char *out = NULL;
+ size_t outlen = 0;
+
+ if (!hexlen)
+ return -EINVAL;
+
+ outlen = (hexlen + 1) / 2;
+
+ out = calloc(1, outlen);
+ if (!out)
+ return -errno;
+
+ hex2bin(hex, hexlen, out, outlen);
+ *bin = out;
+ *binlen = outlen;
+ return 0;
+}
+
+static char hex_char_map_l[] = { '0', '1', '2', '3', '4', '5', '6', '7',
+ '8', '9', 'a', 'b', 'c', 'd', 'e', 'f' };
+static char hex_char_map_u[] = { '0', '1', '2', '3', '4', '5', '6', '7',
+ '8', '9', 'A', 'B', 'C', 'D', 'E', 'F' };
+static char hex_char(unsigned int bin, int u)
+{
+ if (bin < sizeof(hex_char_map_l))
+ return (u) ? hex_char_map_u[bin] : hex_char_map_l[bin];
+ return 'X';
+}
+
+/*
+ * Convert binary string into hex representation
+ * @bin input buffer with binary data
+ * @binlen length of bin
+ * @hex output buffer to store hex data
+ * @hexlen length of already allocated hex buffer (should be at least
+ * twice binlen -- if not, only a fraction of binlen is converted)
+ * @u case of hex characters (0=>lower case, 1=>upper case)
+ */
+static void bin2hex(const unsigned char *bin, size_t binlen,
+ char *hex, size_t hexlen, int u)
+{
+ size_t i = 0;
+ size_t chars = (binlen > (hexlen / 2)) ? (hexlen / 2) : binlen;
+
+ for (i = 0; i < chars; i++) {
+ hex[(i*2)] = hex_char((bin[i] >> 4), u);
+ hex[((i*2)+1)] = hex_char((bin[i] & 0x0f), u);
+ }
+}
+
+struct kdf_cavs {
+ unsigned char *K;
+ size_t Klen;
+ unsigned char *H;
+ size_t Hlen;
+ unsigned char *session_id;
+ size_t session_id_len;
+
+ unsigned int iv_len;
+ unsigned int ek_len;
+ unsigned int ik_len;
+};
+
+#ifdef WITH_OPENSSL
+static int
+kex_derive_keys_bn(struct ssh *ssh, u_char *hash, u_int hashlen,
+ const BIGNUM *secret)
+{
+ struct sshbuf *shared_secret;
+ int r;
+
+ if ((shared_secret = sshbuf_new()) == NULL)
+ return SSH_ERR_ALLOC_FAIL;
+ if ((r = sshbuf_put_bignum2(shared_secret, secret)) == 0)
+ r = kex_derive_keys(ssh, hash, hashlen, shared_secret);
+ sshbuf_free(shared_secret);
+ return r;
+}
+#endif
+
+static int sshkdf_cavs(struct kdf_cavs *test)
+{
+ int ret = 0;
+ struct kex kex;
+ BIGNUM *Kbn = NULL;
+ int mode = 0;
+ struct newkeys *keys_client;
+ struct newkeys *keys_server;
+ struct ssh *ssh = NULL;
+
+#define HEXOUTLEN 500
+ char hex[HEXOUTLEN];
+
+ memset(&kex, 0, sizeof(struct kex));
+
+ Kbn = BN_new();
+ BN_bin2bn(test->K, test->Klen, Kbn);
+ if (!Kbn) {
+ printf("cannot convert K into BIGNUM\n");
+ ret = 1;
+ goto out;
+ }
+
+ kex.session_id = sshbuf_new();
+ sshbuf_put(kex.session_id, test->session_id, test->session_id_len);
+
+ /* setup kex */
+
+ /* select the right hash based on struct ssh_digest digests */
+ switch (test->ik_len) {
+ case 20:
+ kex.hash_alg = 2;
+ break;
+ case 32:
+ kex.hash_alg = 3;
+ break;
+ case 48:
+ kex.hash_alg = 4;
+ break;
+ case 64:
+ kex.hash_alg = 5;
+ break;
+ default:
+ printf("Wrong hash type %u\n", test->ik_len);
+ ret = 1;
+ goto out;
+ }
+
+ /* implement choose_enc */
+ for (mode = 0; mode < 2; mode++) {
+ kex.newkeys[mode] = calloc(1, sizeof(struct newkeys));
+ if (!kex.newkeys[mode]) {
+ printf("allocation of newkeys failed\n");
+ ret = 1;
+ goto out;
+ }
+ kex.newkeys[mode]->enc.iv_len = test->iv_len;
+ kex.newkeys[mode]->enc.key_len = test->ek_len;
+ kex.newkeys[mode]->enc.block_size = (test->iv_len == 64) ? 8 : 16;
+ kex.newkeys[mode]->mac.key_len = test->ik_len;
+ }
+
+ /* implement kex_choose_conf */
+ kex.we_need = kex.newkeys[0]->enc.key_len;
+ if (kex.we_need < kex.newkeys[0]->enc.block_size)
+ kex.we_need = kex.newkeys[0]->enc.block_size;
+ if (kex.we_need < kex.newkeys[0]->enc.iv_len)
+ kex.we_need = kex.newkeys[0]->enc.iv_len;
+ if (kex.we_need < kex.newkeys[0]->mac.key_len)
+ kex.we_need = kex.newkeys[0]->mac.key_len;
+
+ /* MODE_OUT (1) -> server to client
+ * MODE_IN (0) -> client to server */
+ kex.server = 1;
+
+ /* do it */
+ if ((ssh = ssh_packet_set_connection(NULL, -1, -1)) == NULL){
+ printf("Allocation error\n");
+ goto out;
+ }
+ ssh->kex = &kex;
+ kex_derive_keys_bn(ssh, test->H, test->Hlen, Kbn);
+
+ keys_client = kex.newkeys[0];
+ keys_server = kex.newkeys[1];
+
+ /* get data */
+ memset(hex, 0, HEXOUTLEN);
+ bin2hex(keys_client->enc.iv, (size_t)keys_client->enc.iv_len,
+ hex, HEXOUTLEN, 0);
+ printf("Initial IV (client to server) = %s\n", hex);
+
+ memset(hex, 0, HEXOUTLEN);
+ bin2hex(keys_server->enc.iv, (size_t)keys_server->enc.iv_len,
+ hex, HEXOUTLEN, 0);
+ printf("Initial IV (server to client) = %s\n", hex);
+
+ memset(hex, 0, HEXOUTLEN);
+ bin2hex(keys_client->enc.key, (size_t)keys_client->enc.key_len,
+ hex, HEXOUTLEN, 0);
+ printf("Encryption key (client to server) = %s\n", hex);
+
+ memset(hex, 0, HEXOUTLEN);
+ bin2hex(keys_server->enc.key, (size_t)keys_server->enc.key_len,
+ hex, HEXOUTLEN, 0);
+ printf("Encryption key (server to client) = %s\n", hex);
+
+ memset(hex, 0, HEXOUTLEN);
+ bin2hex(keys_client->mac.key, (size_t)keys_client->mac.key_len,
+ hex, HEXOUTLEN, 0);
+ printf("Integrity key (client to server) = %s\n", hex);
+
+ memset(hex, 0, HEXOUTLEN);
+ bin2hex(keys_server->mac.key, (size_t)keys_server->mac.key_len,
+ hex, HEXOUTLEN, 0);
+ printf("Integrity key (server to client) = %s\n", hex);
+
+out:
+ if (Kbn)
+ BN_free(Kbn);
+ if (ssh)
+ ssh_packet_close(ssh);
+ if (kex.newkeys[0])
+ free(kex.newkeys[0]);
+ if (kex.newkeys[1])
+ free(kex.newkeys[1]);
+ return ret;
+}
+
+static void usage(void)
+{
+ fprintf(stderr, "\nOpenSSH KDF CAVS Test\n\n");
+ fprintf(stderr, "Usage:\n");
+ fprintf(stderr, "\t-K\tShared secret string\n");
+ fprintf(stderr, "\t-H\tHash string\n");
+ fprintf(stderr, "\t-s\tSession ID string\n");
+ fprintf(stderr, "\t-i\tIV length to be generated\n");
+ fprintf(stderr, "\t-e\tEncryption key length to be generated\n");
+ fprintf(stderr, "\t-m\tMAC key length to be generated\n");
+}
+
+/*
+ * Test command example:
+ * ./ssh-cavs -K 0055d50f2d163cc07cd8a93cc7c3430c30ce786b572c01ad29fec7597000cf8618d664e2ec3dcbc8bb7a1a7eb7ef67f61cdaf291625da879186ac0a5cb27af571b59612d6a6e0627344d846271959fda61c78354aa498773d59762f8ca2d0215ec590d8633de921f920d41e47b3de6ab9a3d0869e1c826d0e4adebf8e3fb646a15dea20a410b44e969f4b791ed6a67f13f1b74234004d5fa5e87eff7abc32d49bbdf44d7b0107e8f10609233b7e2b7eff74a4daf25641de7553975dac6ac1e5117df6f6dbaa1c263d23a6c3e5a3d7d49ae8a828c1e333ac3f85fbbf57b5c1a45be45e43a7be1a4707eac779b8285522d1f531fe23f890fd38a004339932b93eda4 -H d3ab91a850febb417a25d892ec48ed5952c7a5de -s d3ab91a850febb417a25d892ec48ed5952c7a5de -i 8 -e 24 -m 20
+ *
+ * Expected result for example:
+ * Initial IV (client to server) = 4bb320d1679dfd3a
+ * Encryption key (client to server) = 13048cc600b9d3cf9095aa6cf8e2ff9cf1c54ca0520c89ed
+ * Integrity key (client to server) = ecef63a092b0dcc585bdc757e01b2740af57d640
+ * Initial IV (server to client) = 43dea6fdf263a308
+ * Encryption key (server to client) = 1e483c5134e901aa11fc4e0a524e7ec7b75556148a222bb0
+ * Integrity key (server to client) = 7424b05f3c44a72b4ebd281fb71f9cbe7b64d479
+ */
+int main(int argc, char *argv[])
+{
+ struct kdf_cavs test;
+ int ret = 1;
+ int opt = 0;
+
+ memset(&test, 0, sizeof(struct kdf_cavs));
+ while((opt = getopt(argc, argv, "K:H:s:i:e:m:")) != -1)
+ {
+ size_t len = 0;
+ switch(opt)
+ {
+ /*
+ * CAVS K is MPINT
+ * we want a hex (i.e. the caller must ensure the
+ * following transformations already happened):
+ * 1. cut off first four bytes
+ * 2. if most significant bit of value is
+ * 1, prepend 0 byte
+ */
+ case 'K':
+ len = strlen(optarg);
+ ret = hex2bin_alloc(optarg, len,
+ &test.K, &test.Klen);
+ if (ret)
+ goto out;
+ break;
+ case 'H':
+ len = strlen(optarg);
+ ret = hex2bin_alloc(optarg, len,
+ &test.H, &test.Hlen);
+ if (ret)
+ goto out;
+ break;
+ case 's':
+ len = strlen(optarg);
+ ret = hex2bin_alloc(optarg, len,
+ &test.session_id,
+ &test.session_id_len);
+ if (ret)
+ goto out;
+ break;
+ case 'i':
+ test.iv_len = strtoul(optarg, NULL, 10);
+ break;
+ case 'e':
+ test.ek_len = strtoul(optarg, NULL, 10);
+ break;
+ case 'm':
+ test.ik_len = strtoul(optarg, NULL, 10);
+ break;
+ default:
+ usage();
+ goto out;
+ }
+ }
+
+ ret = sshkdf_cavs(&test);
+
+out:
+ if (test.session_id)
+ free(test.session_id);
+ if (test.K)
+ free(test.K);
+ if (test.H)
+ free(test.H);
+ return ret;
+
+}

View File

@ -0,0 +1,48 @@
# HG changeset patch
# Parent b13da8c3e99081cb92ab226d2c512241a82cd0d5
disable run-time check for OpenSSL ABI by version number as that is not a
reliable indicator of ABI changes and doesn't make much sense in a
distribution package
Index: openssh-8.8p1/configure.ac
===================================================================
--- openssh-8.8p1.orig/configure.ac
+++ openssh-8.8p1/configure.ac
@@ -5236,6 +5236,19 @@ AC_ARG_WITH([bsd-auth],
]
)
+# Whether we are using distribution (Open)SSL, so no runtime checks are necessary
+DISTRO_SSL=no
+AC_ARG_WITH([distro-ssl],
+ [ --with-distro-ssl Disable runtime OpenSSL version checks (good for distributions)],
+ [
+ if test "x$withval" != "xno" ; then
+ AC_DEFINE([DISTRO_SSL], [1],
+ [Define if you are using distribution SSL library and don;t expect its API/ABI to change])
+ DISTRO_SSL=yes
+ fi
+ ]
+)
+
# Where to place sshd.pid
piddir=/var/run
# make sure the directory exists
Index: openssh-8.8p1/entropy.c
===================================================================
--- openssh-8.8p1.orig/entropy.c
+++ openssh-8.8p1/entropy.c
@@ -100,11 +100,13 @@ seed_rng(void)
/* Initialise libcrypto */
ssh_libcrypto_init();
+#ifndef DISTRO_SSL
if (!ssh_compatible_openssl(OPENSSL_VERSION_NUMBER,
OpenSSL_version_num()))
fatal("OpenSSL version mismatch. Built against %lx, you "
"have %lx", (u_long)OPENSSL_VERSION_NUMBER,
OpenSSL_version_num());
+#endif
#ifndef OPENSSL_PRNG_ONLY
if (RAND_status() == 1)

18
openssh-7.7p1-eal3.patch Normal file
View File

@ -0,0 +1,18 @@
# HG changeset patch
# Parent 8fd4e445c3a5c823568661a4f71b064cbcb217a9
fix paths and references in sshd man pages
Index: openssh-8.8p1/Makefile.in
===================================================================
--- openssh-8.8p1.orig/Makefile.in
+++ openssh-8.8p1/Makefile.in
@@ -165,7 +165,8 @@ PATHSUBS = \
-e 's|/etc/ssh/ssh_known_hosts|$(sysconfdir)/ssh_known_hosts|g' \
-e 's|/etc/ssh/sshd_config|$(sysconfdir)/sshd_config|g' \
-e 's|/usr/libexec|$(libexecdir)|g' \
- -e 's|/etc/shosts.equiv|$(sysconfdir)/shosts.equiv|g' \
+ -e 's|login\.conf|login.defs|g' \
+ -e 's|/etc/shosts.equiv|$(sysconfdir)/ssh/shosts.equiv|g' \
-e 's|/etc/ssh/ssh_host_key|$(sysconfdir)/ssh_host_key|g' \
-e 's|/etc/ssh/ssh_host_ecdsa_key|$(sysconfdir)/ssh_host_ecdsa_key|g' \
-e 's|/etc/ssh/ssh_host_dsa_key|$(sysconfdir)/ssh_host_dsa_key|g' \

View File

@ -0,0 +1,19 @@
# HG changeset patch
# Parent 5c1e122e31b601de64d81085294216af33f31aed
# force PAM in defaullt install (this was removed from upstream in 3.8p1)
# bnc#46749
# --used to be called '-pam-fix2'
Index: openssh-8.8p1/sshd_config
===================================================================
--- openssh-8.8p1.orig/sshd_config
+++ openssh-8.8p1/sshd_config
@@ -79,7 +79,7 @@ AuthorizedKeysFile .ssh/authorized_keys
# If you just want the PAM account and session checks to run without
# PAM authentication, then enable this but set PasswordAuthentication
# and KbdInteractiveAuthentication to 'no'.
-#UsePAM no
+UsePAM yes
#AllowAgentForwarding yes
#AllowTcpForwarding yes

833
openssh-7.7p1-fips.patch Normal file
View File

@ -0,0 +1,833 @@
# HG changeset patch
# Parent 92d953171b34f6fba18d24085eeeaa24b1d2d5b5
FIPS 140-2 compliance. Perform selftests on start and use only FIPS approved
algorithms.
Index: openssh-8.8p1/Makefile.in
===================================================================
--- openssh-8.8p1.orig/Makefile.in
+++ openssh-8.8p1/Makefile.in
@@ -113,6 +113,8 @@ LIBSSH_OBJS=${LIBOPENSSH_OBJS} \
SKOBJS= ssh-sk-client.o
+LIBSSH_OBJS += fips.o
+
SSHOBJS= ssh.o readconf.o clientloop.o sshtty.o \
sshconnect.o sshconnect2.o mux.o $(SKOBJS)
#Index: openssh-8.8p1/cipher-ctr.c
#===================================================================
#--- openssh-8.8p1.orig/cipher-ctr.c
#+++ openssh-8.8p1/cipher-ctr.c
#@@ -27,6 +27,8 @@
# #include "xmalloc.h"
# #include "log.h"
#
#+#include "fips.h"
#+
# /* compatibility with old or broken OpenSSL versions */
# #include "openbsd-compat/openssl-compat.h"
#
#@@ -139,6 +141,8 @@ evp_aes_128_ctr(void)
# #ifndef SSH_OLD_EVP
# aes_ctr.flags = EVP_CIPH_CBC_MODE | EVP_CIPH_VARIABLE_LENGTH |
# EVP_CIPH_ALWAYS_CALL_INIT | EVP_CIPH_CUSTOM_IV;
#+ if (fips_mode())
#+ aes_ctr.flags |= EVP_CIPH_FLAG_FIPS;
# #endif
# return (&aes_ctr);
# }
Index: openssh-8.8p1/cipher.c
===================================================================
--- openssh-8.8p1.orig/cipher.c
+++ openssh-8.8p1/cipher.c
@@ -51,6 +51,9 @@
#include "openbsd-compat/openssl-compat.h"
+#include "fips.h"
+#include "log.h"
+
#ifndef WITH_OPENSSL
#define EVP_CIPHER_CTX void
#endif
@@ -83,7 +86,7 @@ struct sshcipher {
#endif
};
-static const struct sshcipher ciphers[] = {
+static const struct sshcipher ciphers_all[] = {
#ifdef WITH_OPENSSL
#ifndef OPENSSL_NO_DES
{ "3des-cbc", 8, 24, 0, 0, CFLAG_CBC, EVP_des_ede3_cbc },
@@ -112,8 +115,52 @@ static const struct sshcipher ciphers[]
{ NULL, 0, 0, 0, 0, 0, NULL }
};
+static const struct sshcipher ciphers_fips140_2[] = {
+#ifdef WITH_OPENSSL
+ { "aes128-cbc", 16, 16, 0, 0, CFLAG_CBC, EVP_aes_128_cbc },
+ { "aes192-cbc", 16, 24, 0, 0, CFLAG_CBC, EVP_aes_192_cbc },
+ { "aes256-cbc", 16, 32, 0, 0, CFLAG_CBC, EVP_aes_256_cbc },
+ { "rijndael-cbc@lysator.liu.se",
+ 16, 32, 0, 0, CFLAG_CBC, EVP_aes_256_cbc },
+ { "aes128-ctr", 16, 16, 0, 0, 0, EVP_aes_128_ctr },
+ { "aes192-ctr", 16, 24, 0, 0, 0, EVP_aes_192_ctr },
+ { "aes256-ctr", 16, 32, 0, 0, 0, EVP_aes_256_ctr },
+# ifdef OPENSSL_HAVE_EVPGCM
+ { "aes128-gcm@openssh.com",
+ 16, 16, 12, 16, 0, EVP_aes_128_gcm },
+ { "aes256-gcm@openssh.com",
+ 16, 32, 12, 16, 0, EVP_aes_256_gcm },
+# endif /* OPENSSL_HAVE_EVPGCM */
+#else
+ { "aes128-ctr", 16, 16, 0, 0, CFLAG_AESCTR, NULL },
+ { "aes192-ctr", 16, 24, 0, 0, CFLAG_AESCTR, NULL },
+ { "aes256-ctr", 16, 32, 0, 0, CFLAG_AESCTR, NULL },
+#endif
+ { "none", 8, 0, 0, 0, CFLAG_NONE, NULL },
+
+ { NULL, 0, 0, 0, 0, 0, NULL }
+};
+
/*--*/
+/* Returns array of ciphers available depending on selected FIPS mode */
+static const struct sshcipher *
+fips_select_ciphers(void)
+{
+ int fips = fips_mode();
+ switch (fips) {
+ case 0:
+ return ciphers_all;
+ case 1:
+ return ciphers_fips140_2;
+ default:
+ /* should not be reached */
+ fatal("Fatal error: incorrect FIPS mode '%i' at %s:%u",
+ fips, __FILE__, __LINE__);
+ return NULL;
+ }
+}
+
/* Returns a comma-separated list of supported ciphers. */
char *
cipher_alg_list(char sep, int auth_only)
@@ -122,7 +169,7 @@ cipher_alg_list(char sep, int auth_only)
size_t nlen, rlen = 0;
const struct sshcipher *c;
- for (c = ciphers; c->name != NULL; c++) {
+ for (c = fips_select_ciphers(); c->name != NULL; c++) {
if ((c->flags & CFLAG_INTERNAL) != 0)
continue;
if (auth_only && c->auth_len == 0)
@@ -205,7 +252,7 @@ const struct sshcipher *
cipher_by_name(const char *name)
{
const struct sshcipher *c;
- for (c = ciphers; c->name != NULL; c++)
+ for (c = fips_select_ciphers(); c->name != NULL; c++)
if (strcmp(c->name, name) == 0)
return c;
return NULL;
Index: openssh-8.8p1/fips.c
===================================================================
--- /dev/null
+++ openssh-8.8p1/fips.c
@@ -0,0 +1,212 @@
+/*
+ * Copyright (c) 2012 Petr Cerny. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
+ * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
+ * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
+ * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
+ * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
+ * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include "includes.h"
+
+#include "fips.h"
+
+#include "cipher.h"
+#include "dh.h"
+#include "digest.h"
+#include "kex.h"
+#include "sshkey.h"
+#include "mac.h"
+#include "log.h"
+#include "xmalloc.h"
+
+#include <string.h>
+#include <openssl/crypto.h>
+
+static int fips_state = -1;
+
+static int
+fips_check_required_env(void)
+{
+ int fips_required = 0;
+ char *env = getenv(SSH_FORCE_FIPS_ENV);
+
+ if (env) {
+ errno = 0;
+ fips_required = strtol(env, NULL, 10);
+ if (errno) {
+ debug("bogus value in the %s environment variable, ignoring\n"
+ , SSH_FORCE_FIPS_ENV);
+ fips_required = 0;
+ } else
+ fips_required = 1;
+ }
+ return fips_required;
+}
+
+int
+fips_mode(void)
+{
+ if (-1 == fips_state) {
+ fips_state = FIPS_mode();
+ if (fips_state)
+ debug("FIPS mode initialized");
+ else {
+ if (fips_check_required_env()) {
+ debug("FIPS mode requested through the environment variable '%s'"
+ , SSH_FORCE_FIPS_ENV);
+ if (!FIPS_mode_set(1))
+ fatal("Unable to enter FIPS mode as requested through the environment variable '%s'"
+ , SSH_FORCE_FIPS_ENV);
+ fips_state = 1;
+ }
+ }
+ }
+ return fips_state;
+}
+
+int
+fips_correct_dgst(int digest)
+{
+ int fips;
+ int rv = -1;
+
+ fips = fips_mode();
+ switch (fips) {
+ case 0:
+ rv = digest;
+ break;
+ case 1:
+ switch (digest) {
+ case SSH_DIGEST_MD5:
+ case SSH_DIGEST_SHA1:
+ debug("MD5/RIPEMD160 digests not allowed in FIPS 140-2 mode"
+ "using SHA-256 instead.");
+ rv = SSH_DIGEST_SHA256;
+ break;
+ default:
+ rv = digest;
+ break;
+ }
+ break;
+ default:
+ /* should not be reached */
+ fatal("Fatal error: incorrect FIPS mode '%i' at %s:%u",
+ fips, __FILE__, __LINE__);
+ }
+
+ return rv;
+}
+
+/*
+ * filter out FIPS disallowed algorithms
+ * *crypto MUST be free()-able - it is assigned newly allocated memory and
+ * the previous one is freed
+ *
+ * returns zero if all algorithms were rejected, non-zero otherwise
+ */
+int
+fips_filter_crypto(char **crypto, fips_filters filter)
+{
+ char *token, *tmp, *tmp_sav, *new;
+ int plus = 0;
+ int valid;
+ int comma = 0;
+ int empty = 1;
+ size_t len;
+
+ tmp = tmp_sav = xstrdup(*crypto);
+
+ len = strlen(tmp) + 1;
+ new = xcalloc(1, len);
+
+ if ('+' == *tmp) {
+ plus = 1;
+ tmp++;
+ }
+
+ while ((token = strsep(&tmp, ",")) != NULL) {
+ switch(filter) {
+ case FIPS_FILTER_CIPHERS:
+ valid = ciphers_valid(token);
+ if (!valid)
+ debug("Cipher '%s' is not allowed in FIPS mode",
+ token);
+ break;
+ case FIPS_FILTER_MACS:
+ valid = mac_valid(token);
+ if (!valid)
+ debug("MAC '%s' is not allowed in FIPS mode",
+ token);
+ break;
+ case FIPS_FILTER_KEX_ALGS:
+ valid = kex_names_valid(token);
+ if (!valid)
+ debug("KEX '%s' is not allowed in FIPS mode",
+ token);
+ break;
+ default:
+ /* should not be reached */
+ fatal("Fatal error: incorrect FIPS filter '%i' requested at %s:%u",
+ filter, __FILE__, __LINE__);
+ }
+
+ if (valid) {
+ empty = 0;
+ if (plus) {
+ strlcat(new, "+", len);
+ plus = 0;
+ }
+ if (comma)
+ strlcat(new, ",", len);
+ else
+ comma = 1;
+ strlcat(new, token, len);
+ }
+ }
+
+ /* free tmp and re-allocate shorter buffer for result if necessary */
+ free(tmp_sav);
+ free(*crypto);
+ *crypto = new;
+
+ return (!empty);
+}
+
+int
+fips_dgst_min(void)
+{
+ int fips;
+ int dgst;
+
+ fips = fips_mode();
+ switch (fips) {
+ case 0:
+ dgst = SSH_DIGEST_MD5;
+ break;
+ case 1:
+ dgst = SSH_DIGEST_SHA256;
+ break;
+ default:
+ /* should not be reached */
+ fatal("Fatal error: incorrect FIPS mode '%i' at %s:%u",
+ fips, __FILE__, __LINE__);
+ }
+ return dgst;
+}
+
Index: openssh-8.8p1/fips.h
===================================================================
--- /dev/null
+++ openssh-8.8p1/fips.h
@@ -0,0 +1,44 @@
+/*
+ * Copyright (c) 2012 Petr Cerny. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
+ * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
+ * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
+ * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
+ * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
+ * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+#ifndef FIPS_H
+#define FIPS_H
+
+#include "sshkey.h"
+
+#define SSH_FORCE_FIPS_ENV "SSH_FORCE_FIPS"
+
+typedef enum {
+ FIPS_FILTER_CIPHERS,
+ FIPS_FILTER_MACS,
+ FIPS_FILTER_KEX_ALGS
+} fips_filters;
+
+int fips_mode(void);
+int fips_correct_dgst(int);
+int fips_dgst_min(void);
+enum fp_type fips_correct_fp_type(enum fp_type);
+int fips_filter_crypto(char **, fips_filters);
+
+#endif
+
Index: openssh-8.8p1/hmac.c
===================================================================
--- openssh-8.8p1.orig/hmac.c
+++ openssh-8.8p1/hmac.c
@@ -145,7 +145,7 @@ hmac_test(void *key, size_t klen, void *
size_t i;
u_char digest[16];
- if ((ctx = ssh_hmac_start(SSH_DIGEST_MD5)) == NULL)
+ if ((ctx = ssh_hmac_start(fips_correct_dgst(SSH_DIGEST_MD5))) == NULL)
printf("ssh_hmac_start failed");
if (ssh_hmac_init(ctx, key, klen) < 0 ||
ssh_hmac_update(ctx, m, mlen) < 0 ||
Index: openssh-8.8p1/kex.c
===================================================================
--- openssh-8.8p1.orig/kex.c
+++ openssh-8.8p1/kex.c
@@ -62,6 +62,8 @@
#include "digest.h"
#include "xmalloc.h"
+#include "fips.h"
+
/* prototype */
static int kex_choose_conf(struct ssh *);
static int kex_input_newkeys(int, u_int32_t, struct ssh *);
@@ -85,7 +87,7 @@ struct kexalg {
int ec_nid;
int hash_alg;
};
-static const struct kexalg kexalgs[] = {
+static const struct kexalg kexalgs_all[] = {
#ifdef WITH_OPENSSL
{ KEX_DH1, KEX_DH_GRP1_SHA1, 0, SSH_DIGEST_SHA1 },
{ KEX_DH14_SHA1, KEX_DH_GRP14_SHA1, 0, SSH_DIGEST_SHA1 },
@@ -118,6 +120,47 @@ static const struct kexalg kexalgs[] = {
{ NULL, 0, -1, -1},
};
+static const struct kexalg kexalgs_fips140_2[] = {
+#ifdef WITH_OPENSSL
+ { KEX_DH14_SHA1, KEX_DH_GRP14_SHA1, 0, SSH_DIGEST_SHA1 },
+ { KEX_DH14_SHA256, KEX_DH_GRP14_SHA256, 0, SSH_DIGEST_SHA256 },
+ { KEX_DH16_SHA512, KEX_DH_GRP16_SHA512, 0, SSH_DIGEST_SHA512 },
+ { KEX_DH18_SHA512, KEX_DH_GRP18_SHA512, 0, SSH_DIGEST_SHA512 },
+ { KEX_DHGEX_SHA1, KEX_DH_GEX_SHA1, 0, SSH_DIGEST_SHA1 },
+#ifdef HAVE_EVP_SHA256
+ { KEX_DHGEX_SHA256, KEX_DH_GEX_SHA256, 0, SSH_DIGEST_SHA256 },
+#endif /* HAVE_EVP_SHA256 */
+#ifdef OPENSSL_HAS_ECC
+ { KEX_ECDH_SHA2_NISTP256, KEX_ECDH_SHA2,
+ NID_X9_62_prime256v1, SSH_DIGEST_SHA256 },
+ { KEX_ECDH_SHA2_NISTP384, KEX_ECDH_SHA2, NID_secp384r1,
+ SSH_DIGEST_SHA384 },
+# ifdef OPENSSL_HAS_NISTP521
+ { KEX_ECDH_SHA2_NISTP521, KEX_ECDH_SHA2, NID_secp521r1,
+ SSH_DIGEST_SHA512 },
+# endif /* OPENSSL_HAS_NISTP521 */
+#endif /* OPENSSL_HAS_ECC */
+#endif /* WITH_OPENSSL */
+ { NULL, -1, -1, -1},
+};
+
+/* Returns array of macs available depending on selected FIPS mode */
+static const struct kexalg *
+fips_select_kexalgs(void)
+{
+ int fips = fips_mode();
+ switch (fips) {
+ case 0:
+ return kexalgs_all;
+ case 1:
+ return kexalgs_fips140_2;
+ default:
+ /* should not be reached */
+ fatal("Fatal error: incorrect FIPS mode '%i' at %s:%u",
+ fips, __FILE__, __LINE__);
+ }
+}
+
char *
kex_alg_list(char sep)
{
@@ -125,7 +168,7 @@ kex_alg_list(char sep)
size_t nlen, rlen = 0;
const struct kexalg *k;
- for (k = kexalgs; k->name != NULL; k++) {
+ for (k = fips_select_kexalgs(); k->name != NULL; k++) {
if (ret != NULL)
ret[rlen++] = sep;
nlen = strlen(k->name);
@@ -145,7 +188,7 @@ kex_alg_by_name(const char *name)
{
const struct kexalg *k;
- for (k = kexalgs; k->name != NULL; k++) {
+ for (k = fips_select_kexalgs(); k->name != NULL; k++) {
if (strcmp(k->name, name) == 0)
return k;
}
@@ -165,7 +208,10 @@ kex_names_valid(const char *names)
for ((p = strsep(&cp, ",")); p && *p != '\0';
(p = strsep(&cp, ","))) {
if (kex_alg_by_name(p) == NULL) {
+ /* do not complain here - MACs and ciphers checks
+ * are silent here
error("Unsupported KEX algorithm \"%.100s\"", p);
+ */
free(s);
return 0;
}
Index: openssh-8.8p1/mac.c
===================================================================
--- openssh-8.8p1.orig/mac.c
+++ openssh-8.8p1/mac.c
@@ -41,6 +41,9 @@
#include "openbsd-compat/openssl-compat.h"
+#include "fips.h"
+#include "log.h"
+
#define SSH_DIGEST 1 /* SSH_DIGEST_XXX */
#define SSH_UMAC 2 /* UMAC (not integrated with OpenSSL) */
#define SSH_UMAC128 3
@@ -55,7 +58,7 @@ struct macalg {
int etm; /* Encrypt-then-MAC */
};
-static const struct macalg macs[] = {
+static const struct macalg macs_all[] = {
/* Encrypt-and-MAC (encrypt-and-authenticate) variants */
{ "hmac-sha1", SSH_DIGEST, SSH_DIGEST_SHA1, 0, 0, 0, 0 },
{ "hmac-sha1-96", SSH_DIGEST, SSH_DIGEST_SHA1, 96, 0, 0, 0 },
@@ -79,6 +82,41 @@ static const struct macalg macs[] = {
{ NULL, 0, 0, 0, 0, 0, 0 }
};
+static const struct macalg macs_fips140_2[] = {
+ /* Encrypt-and-MAC (encrypt-and-authenticate) variants */
+ { "hmac-sha1", SSH_DIGEST, SSH_DIGEST_SHA1, 0, 0, 0, 0 },
+#ifdef HAVE_EVP_SHA256
+ { "hmac-sha2-256", SSH_DIGEST, SSH_DIGEST_SHA256, 0, 0, 0, 0 },
+ { "hmac-sha2-512", SSH_DIGEST, SSH_DIGEST_SHA512, 0, 0, 0, 0 },
+#endif
+
+ /* Encrypt-then-MAC variants */
+ { "hmac-sha1-etm@openssh.com", SSH_DIGEST, SSH_DIGEST_SHA1, 0, 0, 0, 1 },
+#ifdef HAVE_EVP_SHA256
+ { "hmac-sha2-256-etm@openssh.com", SSH_DIGEST, SSH_DIGEST_SHA256, 0, 0, 0, 1 },
+ { "hmac-sha2-512-etm@openssh.com", SSH_DIGEST, SSH_DIGEST_SHA512, 0, 0, 0, 1 },
+#endif
+
+ { NULL, 0, 0, 0, 0, 0, 0 }
+};
+
+/* Returns array of macs available depending on selected FIPS mode */
+static const struct macalg *
+fips_select_macs(void)
+{
+ int fips = fips_mode();
+ switch (fips) {
+ case 0:
+ return macs_all;
+ case 1:
+ return macs_fips140_2;
+ default:
+ /* should not be reached */
+ fatal("Fatal error: incorrect FIPS mode '%i' at %s:%u",
+ fips, __FILE__, __LINE__);
+ }
+}
+
/* Returns a list of supported MACs separated by the specified char. */
char *
mac_alg_list(char sep)
@@ -87,7 +125,7 @@ mac_alg_list(char sep)
size_t nlen, rlen = 0;
const struct macalg *m;
- for (m = macs; m->name != NULL; m++) {
+ for (m = fips_select_macs(); m->name != NULL; m++) {
if (ret != NULL)
ret[rlen++] = sep;
nlen = strlen(m->name);
@@ -126,7 +164,7 @@ mac_setup(struct sshmac *mac, char *name
{
const struct macalg *m;
- for (m = macs; m->name != NULL; m++) {
+ for (m = fips_select_macs(); m->name != NULL; m++) {
if (strcmp(name, m->name) != 0)
continue;
if (mac != NULL)
Index: openssh-8.8p1/readconf.c
===================================================================
--- openssh-8.8p1.orig/readconf.c
+++ openssh-8.8p1/readconf.c
@@ -68,6 +68,8 @@
#include "myproposal.h"
#include "digest.h"
+#include "fips.h"
+
/* Format of the configuration file:
# Configuration data is parsed as follows:
@@ -2307,6 +2309,23 @@ config_has_permitted_cnames(Options *opt
return options->num_permitted_cnames > 0;
}
+/* remove algorithms not approved for use in FIPS mode, when running in FIPS
+ * mode
+ */
+void
+filter_fips_algorithms(Options *o)
+{
+ if (fips_mode()) {
+ if (!fips_filter_crypto(&o->ciphers, FIPS_FILTER_CIPHERS))
+ fatal("None of selected ciphers can be used in FIPS mode");
+ if (!fips_filter_crypto(&o->macs, FIPS_FILTER_MACS))
+ fatal("None of selected MAC algorithms can be used in FIPS mode");
+ if (!fips_filter_crypto(&o->kex_algorithms, FIPS_FILTER_KEX_ALGS))
+ fatal("None of selected KEX algorithms can be used in FIPS mode");
+ }
+ return;
+}
+
/*
* Initializes options to special values that indicate that they have not yet
* been set. Read_config_file will only set options with this value. Options
@@ -2618,6 +2637,9 @@ fill_default_options(Options * options)
options->canonicalize_hostname = SSH_CANONICALISE_NO;
if (options->fingerprint_hash == -1)
options->fingerprint_hash = SSH_FP_HASH_DEFAULT;
+ options->fingerprint_hash =
+ fips_correct_dgst(options->fingerprint_hash);
+
#ifdef ENABLE_SK_INTERNAL
if (options->sk_provider == NULL)
options->sk_provider = xstrdup("internal");
@@ -2654,6 +2676,8 @@ fill_default_options(Options * options)
ASSEMBLE(ca_sign_algorithms, def_sig, all_sig);
#undef ASSEMBLE
+ filter_fips_algorithms(options);
+
#define CLEAR_ON_NONE(v) \
do { \
if (option_clear_or_none(v)) { \
Index: openssh-8.8p1/readconf.h
===================================================================
--- openssh-8.8p1.orig/readconf.h
+++ openssh-8.8p1/readconf.h
@@ -212,6 +212,7 @@ typedef struct {
#define SSH_STRICT_HOSTKEY_YES 2
#define SSH_STRICT_HOSTKEY_ASK 3
+void filter_fips_algorithms(Options *o);
const char *kex_default_pk_alg(void);
char *ssh_connection_hash(const char *thishost, const char *host,
const char *portstr, const char *user);
Index: openssh-8.8p1/servconf.c
===================================================================
--- openssh-8.8p1.orig/servconf.c
+++ openssh-8.8p1/servconf.c
@@ -70,6 +70,7 @@
#include "auth.h"
#include "myproposal.h"
#include "digest.h"
+#include "fips.h"
static void add_listen_addr(ServerOptions *, const char *,
const char *, int);
@@ -205,6 +206,23 @@ option_clear_or_none(const char *o)
return o == NULL || strcasecmp(o, "none") == 0;
}
+/* remove algorithms not approved for use in FIPS mode, when running in FIPS
+ * mode
+ */
+static void
+filter_fips_algorithms_s(ServerOptions *o)
+{
+ if (fips_mode()) {
+ if (!fips_filter_crypto(&o->ciphers, FIPS_FILTER_CIPHERS))
+ fatal("None of selected ciphers can be used in FIPS mode");
+ if (!fips_filter_crypto(&o->macs, FIPS_FILTER_MACS))
+ fatal("None of selected MAC algorithms can be used in FIPS mode");
+ if (!fips_filter_crypto(&o->kex_algorithms, FIPS_FILTER_KEX_ALGS))
+ fatal("None of selected KEX algorithms can be used in FIPS mode");
+ }
+ return;
+}
+
static void
assemble_algorithms(ServerOptions *o)
{
@@ -246,6 +264,8 @@ assemble_algorithms(ServerOptions *o)
free(def_kex);
free(def_key);
free(def_sig);
+
+ filter_fips_algorithms_s(o);
}
void
@@ -438,6 +458,8 @@ fill_default_server_options(ServerOption
options->fwd_opts.streamlocal_bind_unlink = 0;
if (options->fingerprint_hash == -1)
options->fingerprint_hash = SSH_FP_HASH_DEFAULT;
+ options->fingerprint_hash =
+ fips_correct_dgst(options->fingerprint_hash);
if (options->disable_forwarding == -1)
options->disable_forwarding = 0;
if (options->expose_userauth_info == -1)
Index: openssh-8.8p1/ssh-keygen.c
===================================================================
--- openssh-8.8p1.orig/ssh-keygen.c
+++ openssh-8.8p1/ssh-keygen.c
@@ -67,6 +67,8 @@
#include "sk-api.h" /* XXX for SSH_SK_USER_PRESENCE_REQD; remove */
#include "cipher.h"
+#include "fips.h"
+
#ifdef WITH_OPENSSL
# define DEFAULT_KEY_TYPE_NAME "rsa"
#else
@@ -1037,11 +1039,13 @@ do_fingerprint(struct passwd *pw)
static void
do_gen_all_hostkeys(struct passwd *pw)
{
- struct {
+ struct Key_types {
char *key_type;
char *key_type_display;
char *path;
- } key_types[] = {
+ };
+
+ struct Key_types key_types_all[] = {
#ifdef WITH_OPENSSL
{ "rsa", "RSA" ,_PATH_HOST_RSA_KEY_FILE },
#ifdef OPENSSL_HAS_ECC
# { "dsa", "DSA", _PATH_HOST_DSA_KEY_FILE },
@@ -1056,6 +1060,17 @@ do_gen_all_hostkeys(struct passwd *pw)
{ NULL, NULL, NULL }
};
+ struct Key_types key_types_fips140_2[] = {
+#ifdef WITH_OPENSSL
+ { "rsa", "RSA" ,_PATH_HOST_RSA_KEY_FILE },
+#ifdef OPENSSL_HAS_ECC
+ { "ecdsa", "ECDSA",_PATH_HOST_ECDSA_KEY_FILE },
+#endif /* OPENSSL_HAS_ECC */
+#endif /* WITH_OPENSSL */
+ { NULL, NULL, NULL }
+ };
+
+ struct Key_types *key_types;
u_int32_t bits = 0;
int first = 0;
struct stat st;
@@ -1063,6 +1078,12 @@ do_gen_all_hostkeys(struct passwd *pw)
char comment[1024], *prv_tmp, *pub_tmp, *prv_file, *pub_file;
int i, type, fd, r;
+ if (fips_mode()) {
+ key_types = key_types_fips140_2;
+ } else {
+ key_types = key_types_all;
+ }
+
for (i = 0; key_types[i].key_type; i++) {
public = private = NULL;
prv_tmp = pub_tmp = prv_file = pub_file = NULL;
@@ -3620,6 +3641,15 @@ main(int argc, char **argv)
key_type_name = DEFAULT_KEY_TYPE_NAME;
type = sshkey_type_from_name(key_type_name);
+
+ /* protocol v1 is not allowed in FIPS mode, DSA is not acceptable because
+ * it has to be 1024 bit due to RFC 4253 using SHA-1 which implies 1024 bit
+ * keys due to FIPS-186 specification for DSS */
+ if (fips_mode() &&
+ (type == KEY_DSA || type == KEY_ED25519 ||
+ type == KEY_DSA_CERT || type == KEY_ED25519_CERT))
+ fatal("Key type %s not alowed in FIPS mode", key_type_name);
+
type_bits_valid(type, key_type_name, &bits);
if (!quiet)
Index: openssh-8.8p1/ssh_config.5
===================================================================
--- openssh-8.8p1.orig/ssh_config.5
+++ openssh-8.8p1/ssh_config.5
@@ -736,6 +736,8 @@ The argument to this keyword must be
option) or
.Cm no
(the default).
+.Pp
+In the FIPS mode the minimum of SHA-1 is enforced (which means sha256).
.It Cm ForwardAgent
Specifies whether the connection to the authentication agent (if any)
will be forwarded to the remote machine.
Index: openssh-8.8p1/sshd.c
===================================================================
--- openssh-8.8p1.orig/sshd.c
+++ openssh-8.8p1/sshd.c
@@ -126,6 +126,8 @@
#include "srclimit.h"
#include "dh.h"
+#include "fips.h"
+
/* Re-exec fds */
#define REEXEC_DEVCRYPTO_RESERVED_FD (STDERR_FILENO + 1)
#define REEXEC_STARTUP_PIPE_FD (STDERR_FILENO + 2)
Index: openssh-8.8p1/sshd_config.5
===================================================================
--- openssh-8.8p1.orig/sshd_config.5
+++ openssh-8.8p1/sshd_config.5
@@ -600,6 +600,8 @@ and
.Cm sha256 .
The default is
.Cm sha256 .
+.Pp
+In the FIPS mode the minimum of SHA-1 is enforced (which means sha256).
.It Cm ForceCommand
Forces the execution of the command specified by
.Cm ForceCommand ,

View File

@ -0,0 +1,471 @@
# HG changeset patch
# Parent e9b69da9a0f8dca923f8fc2836b38fe6590c791a
#
# Simple implementation of FIPS 140-2 selfchecks. Use OpenSSL to generate and
# verify checksums of binaries. Any hash iused in OpenSSH can be used (MD5 would
# obviously be a poor choice, since OpenSSL would barf and abort immediately in
# FIPS mode). SHA-2 seems to be a reasonable choice.
#
# The logic of the checks is as follows: decide whether FIPS mode is mandated
# (either by checking /proc/sys/crypto/fips_enabled or environment variable
# SSH_FORCE_FIPS. In FIPS mode, checksums are required to match (inability to
# retrieve pre-calculated hash is a fatal error). In non-FIPS mode the checks
# still must be performed, unless the hashes are not installed. Thus if the hash
# file is not found (or the hash matches), proceed in non-FIPS mode and abort
# otherwise.
Index: openssh-8.8p1/fips-check.c
===================================================================
--- /dev/null
+++ openssh-8.8p1/fips-check.c
@@ -0,0 +1,34 @@
+#include "includes.h"
+#include <fcntl.h>
+#include <limits.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <sys/stat.h>
+#include <sys/types.h>
+#include <unistd.h>
+
+#include "digest.h"
+#include "fips.h"
+
+#include <openssl/err.h>
+
+#define PROC_NAME_LEN 64
+
+static const char *argv0;
+
+void
+print_help_exit(int ev)
+{
+ fprintf(stderr, "%s <-c|-w> <file> <checksum_file>\n", argv0);
+ fprintf(stderr, " -c verify hash of 'file' against hash in 'checksum_file'\n");
+ fprintf(stderr, " -w write hash of 'file' into 'checksum_file'\n");
+ exit(ev);
+}
+
+int
+main(int argc, char **argv)
+{
+ fips_ssh_init();
+ return 0;
+}
Index: openssh-8.8p1/fips.c
===================================================================
--- openssh-8.8p1.orig/fips.c
+++ openssh-8.8p1/fips.c
@@ -35,30 +35,293 @@
#include "log.h"
#include "xmalloc.h"
+#include <errno.h>
+#include <fcntl.h>
#include <string.h>
+#include <string.h>
+#include <sys/stat.h>
+#include <sys/types.h>
+#include <unistd.h>
#include <openssl/crypto.h>
+#include <openssl/err.h>
+#include <openssl/hmac.h>
static int fips_state = -1;
+/* calculates HMAC of contents of a file given by filename using the hash
+ * algorithm specified by FIPS_HMAC_EVP in fips.h and placing the result into
+ * newly allacated memory - remember to free it when not needed anymore */
static int
-fips_check_required_env(void)
+hmac_file(const char *filename, u_char **hmac_out)
+{
+ int check = -1;
+ int fd;
+ struct stat fs;
+ void *hmap;
+ unsigned char *hmac;
+ unsigned char *hmac_rv = NULL;
+
+ hmac = xmalloc(FIPS_HMAC_LEN);
+
+ fd = open(filename, O_RDONLY);
+ if (-1 == fd)
+ goto bail_out;
+
+ if (-1 == fstat(fd, &fs))
+ goto bail_out;
+
+ hmap = mmap(NULL, fs.st_size, PROT_READ, MAP_SHARED, fd, 0);
+
+ if ((void *)(-1) != hmap) {
+ hmac_rv = HMAC(FIPS_HMAC_EVP(), FIPS_HMAC_KEY
+ , strlen(FIPS_HMAC_KEY), hmap, fs.st_size, hmac, NULL);
+ check = CHECK_OK;
+ munmap(hmap, fs.st_size);
+ }
+ close(fd);
+
+bail_out:
+ if (hmac_rv) {
+ check = CHECK_OK;
+ *hmac_out = hmac;
+ } else {
+ check = CHECK_FAIL;
+ *hmac_out = NULL;
+ free(hmac);
+ }
+ return check;
+}
+
+/* find pathname of binary of process with PID pid. exe is buffer expected to
+ * be capable of holding at least max_pathlen characters
+ */
+static int
+get_executable_path(pid_t pid, char *exe, int max_pathlen)
+{
+ char exe_sl[PROC_EXE_PATH_LEN];
+ int n;
+ int rv = -1;
+
+ n = snprintf(exe_sl, sizeof(exe_sl), "/proc/%u/exe", pid);
+ if ((n <= 10) || (n >= max_pathlen)) {
+ fatal("error compiling filename of link to executable");
+ }
+
+ exe[0] = 0;
+ n = readlink(exe_sl, exe, max_pathlen);
+ /* the file doesn't need to exist - procfs might not be mounted in
+ * chroot */
+ if (n == -1) {
+ rv = CHECK_MISSING;
+ } else {
+ if (n < max_pathlen) {
+ exe[n] = 0;
+ rv = CHECK_OK;
+ } else {
+ rv = CHECK_FAIL;
+ }
+ }
+ return rv;
+}
+
+/* Read HMAC from file chk, allocating enough memory to hold the HMAC and
+ * return it in *hmac.
+ * Remember to free() it when it's not needed anymore.
+ */
+static int
+read_hmac(const char *chk, u_char **hmac)
+{
+ int check = -1;
+ int fdh, n;
+ u_char *hmac_in;
+
+ *hmac = NULL;
+
+ fdh = open(chk, O_RDONLY);
+ if (-1 == fdh) {
+ switch (errno) {
+ case ENOENT:
+ check = CHECK_MISSING;
+ debug("fips: checksum file %s is missing\n", chk);
+ break;
+ default:
+ check = CHECK_FAIL;
+ debug("fips: ckecksum file %s not accessible\n", chk);
+ break;
+
+ }
+ goto bail_out;
+ }
+
+ hmac_in = xmalloc(FIPS_HMAC_LEN);
+
+ n = read(fdh, (void *)hmac_in, FIPS_HMAC_LEN);
+ if (FIPS_HMAC_LEN != n) {
+ debug("fips: unable to read whole checksum from checksum file\n");
+ free (hmac_in);
+ check = CHECK_FAIL;
+ } else {
+ check = CHECK_OK;
+ *hmac = hmac_in;
+ }
+bail_out:
+ return check;
+}
+
+static int
+fips_hmac_self(void)
+{
+ int check = -1;
+ u_char *hmac = NULL, *hmac_chk = NULL;
+ char *exe, *chk;
+
+ exe = xmalloc(PATH_MAX);
+ chk = xmalloc(PATH_MAX);
+
+ /* we will need to add the suffix and the null terminator */
+ check = get_executable_path(getpid(), exe
+ , PATH_MAX - strlen(CHECKSUM_SUFFIX) - 1);
+ if (CHECK_OK != check)
+ goto cleanup;
+
+ strncpy(chk, exe, PATH_MAX);
+ strlcat(chk, CHECKSUM_SUFFIX, PATH_MAX);
+
+ check = read_hmac(chk, &hmac_chk);
+ if (CHECK_OK != check)
+ goto cleanup;
+
+ check = hmac_file(exe, &hmac);
+ if (CHECK_OK != check)
+ goto cleanup;
+
+ check = memcmp(hmac, hmac_chk, FIPS_HMAC_LEN);
+ if (0 == check) {
+ check = CHECK_OK;
+ debug("fips: checksum matches\n");
+ } else {
+ check = CHECK_FAIL;
+ debug("fips: checksum mismatch!\n");
+ }
+
+cleanup:
+ free(hmac);
+ free(hmac_chk);
+ free(chk);
+ free(exe);
+
+ return check;
+}
+
+static int
+fips_check_required_proc(void)
{
int fips_required = 0;
- char *env = getenv(SSH_FORCE_FIPS_ENV);
+ int fips_fd;
+ char fips_sys = 0;
- if (env) {
- errno = 0;
- fips_required = strtol(env, NULL, 10);
- if (errno) {
- debug("bogus value in the %s environment variable, ignoring\n"
- , SSH_FORCE_FIPS_ENV);
- fips_required = 0;
- } else
- fips_required = 1;
+ struct stat dummy;
+ if (-1 == stat(FIPS_PROC_PATH, &dummy)) {
+ switch (errno) {
+ case ENOENT:
+ case ENOTDIR:
+ break;
+ default:
+ fatal("Check for system-wide FIPS mode is required and %s cannot"
+ " be accessed for reason other than non-existence - aborting"
+ , FIPS_PROC_PATH);
+ break;
+ }
+ } else {
+ if (-1 == (fips_fd = open(FIPS_PROC_PATH, O_RDONLY)))
+ fatal("Check for system-wide FIPS mode is required and %s cannot"
+ " be opened for reading - aborting"
+ , FIPS_PROC_PATH);
+ if (1 > read(fips_fd, &fips_sys, 1))
+ fatal("Check for system-wide FIPS mode is required and %s doesn't"
+ " return at least one character - aborting"
+ , FIPS_PROC_PATH);
+ close(fips_sys);
+ switch (fips_sys) {
+ case '0':
+ case '1':
+ fips_required = fips_sys - '0';
+ break;
+ default:
+ fatal("Bogus character %c found in %s - aborting"
+ , fips_sys, FIPS_PROC_PATH);
+ }
}
return fips_required;
}
+static int
+fips_check_required_env(void)
+{
+ return (NULL != getenv(SSH_FORCE_FIPS_ENV));
+}
+
+static int
+fips_required(void)
+{
+ int fips_requests = 0;
+ fips_requests += fips_check_required_proc();
+ fips_requests += fips_check_required_env();
+ return fips_requests;
+}
+
+/* check whether FIPS mode is required and perform selfchecksum/selftest */
+void
+fips_ssh_init(void)
+{
+ int checksum;
+
+ checksum = fips_hmac_self();
+
+ if (fips_required()) {
+ switch (checksum) {
+ case CHECK_OK:
+ debug("fips: mandatory checksum ok");
+ break;
+ case CHECK_FAIL:
+ fatal("fips: mandatory checksum failed - aborting");
+ break;
+ case CHECK_MISSING:
+ fatal("fips: mandatory checksum data missing - aborting");
+ break;
+ default:
+ fatal("Fatal error: internal error at %s:%u"
+ , __FILE__, __LINE__);
+ break;
+ }
+ fips_state = FIPS_mode_set(1);
+ if (1 != fips_state) {
+ ERR_load_crypto_strings();
+ u_long err = ERR_get_error();
+ error("fips: OpenSSL error %lx: %s"
+ , err, ERR_error_string(err, NULL));
+ fatal("fips: unable to set OpenSSL into FIPS mode - aborting");
+ }
+ } else {
+ switch (checksum) {
+ case CHECK_OK:
+ debug("fips: checksum ok");
+ break;
+ case CHECK_FAIL:
+ fatal("fips: checksum failed - aborting");
+ break;
+ case CHECK_MISSING:
+ debug("fips: checksum data missing, but not required - continuing non-FIPS");
+ break;
+ default:
+ fatal("Fatal error: internal error at %s:%u",
+ __FILE__, __LINE__);
+ break;
+ }
+ }
+ return;
+}
+
int
fips_mode(void)
{
Index: openssh-8.8p1/fips.h
===================================================================
--- openssh-8.8p1.orig/fips.h
+++ openssh-8.8p1/fips.h
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2012 Petr Cerny. All rights reserved.
+ * Copyright (c) 2012-2014 Petr Cerny. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@@ -27,6 +27,15 @@
#include "sshkey.h"
#define SSH_FORCE_FIPS_ENV "SSH_FORCE_FIPS"
+#define FIPS_PROC_PATH "/proc/sys/crypto/fips_enabled"
+
+#define PROC_EXE_PATH_LEN 64
+#define CHECKSUM_SUFFIX ".hmac"
+#define FIPS_HMAC_KEY "HMAC_KEY:OpenSSH-FIPS@SLE"
+#define FIPS_HMAC_EVP EVP_sha256
+#define FIPS_HMAC_LEN 32
+
+void fips_ssh_init(void);
typedef enum {
FIPS_FILTER_CIPHERS,
@@ -34,6 +43,12 @@ typedef enum {
FIPS_FILTER_KEX_ALGS
} fips_filters;
+typedef enum {
+ CHECK_OK = 0,
+ CHECK_FAIL,
+ CHECK_MISSING
+} fips_checksum_status;
+
int fips_mode(void);
int fips_correct_dgst(int);
int fips_dgst_min(void);
@@ -41,4 +56,3 @@ enum fp_type fips_correct_fp_type(enum
int fips_filter_crypto(char **, fips_filters);
#endif
-
Index: openssh-8.8p1/sftp-server.c
===================================================================
--- openssh-8.8p1.orig/sftp-server.c
+++ openssh-8.8p1/sftp-server.c
@@ -57,6 +57,8 @@ char *sftp_realpath(const char *, char *
/* Maximum data read that we are willing to accept */
#define SFTP_MAX_READ_LENGTH (SFTP_MAX_MSG_LENGTH - 1024)
+#include "fips.h"
+
/* Our verbosity */
static LogLevel log_level = SYSLOG_LEVEL_ERROR;
@@ -1717,6 +1719,9 @@ sftp_server_main(int argc, char **argv,
extern char *optarg;
extern char *__progname;
+ /* initialize fips */
+ fips_ssh_init();
+
__progname = ssh_get_progname(argv[0]);
log_init(__progname, log_level, log_facility, log_stderr);
Index: openssh-8.8p1/ssh.c
===================================================================
--- openssh-8.8p1.orig/ssh.c
+++ openssh-8.8p1/ssh.c
@@ -113,6 +113,8 @@
#include "ssh-pkcs11.h"
#endif
+#include "fips.h"
+
extern char *__progname;
/* Saves a copy of argv for setproctitle emulation */
@@ -632,6 +634,10 @@ main(int ac, char **av)
u_int j;
struct ssh_conn_info *cinfo = NULL;
+ /* initialize fips - can go before ssh_malloc_init(), since that is a
+ * OpenBSD-only thing (as of OpenSSH 7.6p1) */
+ fips_ssh_init();
+
/* Ensure that fds 0, 1 and 2 are open or directed to /dev/null */
sanitise_stdfd();
Index: openssh-8.8p1/sshd.c
===================================================================
--- openssh-8.8p1.orig/sshd.c
+++ openssh-8.8p1/sshd.c
@@ -1547,6 +1547,10 @@ main(int ac, char **av)
struct connection_info *connection_info = NULL;
sigset_t sigmask;
+ /* initialize fips - can go before ssh_malloc_init(), since that is a
+ * OpenBSD-only thing (as of OpenSSH 7.6p1) */
+ fips_ssh_init();
+
#ifdef HAVE_SECUREWARE
(void)set_auth_parameters(ac, av);
#endif

View File

@ -0,0 +1,20 @@
# HG changeset patch
# Parent 0f731d0b541b8a919d24ac91098f560a49712822
Suggest command line for removal of offending keys from known_hosts file
Index: openssh-8.8p1/sshconnect.c
===================================================================
--- openssh-8.8p1.orig/sshconnect.c
+++ openssh-8.8p1/sshconnect.c
@@ -1270,6 +1270,11 @@ check_host_key(char *hostname, const str
error("Offending %s key in %s:%lu",
sshkey_type(host_found->key),
host_found->file, host_found->line);
+ error("You can use following command to remove the offending key:");
+ if (host_found->file)
+ error("ssh-keygen -R %s -f %s", host, host_found->file);
+ else
+ error("ssh-keygen -R %s", host);
/*
* If strict host key checking is in use, the user will have

View File

@ -0,0 +1,83 @@
# HG changeset patch
# Parent 5e19a205fa03584bb0d829ecbba7495ce1899b65
# -- uset do be called '-xauthlocalhostname'
handle hostname changes when forwarding X
Index: openssh-8.8p1/session.c
===================================================================
--- openssh-8.8p1.orig/session.c
+++ openssh-8.8p1/session.c
@@ -981,7 +981,7 @@ copy_environment(char **source, char ***
#endif
static char **
-do_setup_env(struct ssh *ssh, Session *s, const char *shell)
+do_setup_env(struct ssh *ssh, Session *s, const char *shell, int *env_size)
{
char buf[256];
size_t n;
@@ -1191,6 +1191,8 @@ do_setup_env(struct ssh *ssh, Session *s
for (i = 0; env[i]; i++)
fprintf(stderr, " %.200s\n", env[i]);
}
+
+ *env_size = envsize;
return env;
}
@@ -1199,7 +1201,7 @@ do_setup_env(struct ssh *ssh, Session *s
* first in this order).
*/
static void
-do_rc_files(struct ssh *ssh, Session *s, const char *shell)
+do_rc_files(struct ssh *ssh, Session *s, const char *shell, char **env, int *env_size)
{
FILE *f = NULL;
char *cmd = NULL, *user_rc = NULL;
@@ -1256,12 +1258,20 @@ do_rc_files(struct ssh *ssh, Session *s,
fatal_f("xasprintf: %s", strerror(errno));
f = popen(cmd, "w");
if (f) {
+ char hostname[MAXHOSTNAMELEN];
+
fprintf(f, "remove %s\n",
s->auth_display);
fprintf(f, "add %s %s %s\n",
s->auth_display, s->auth_proto,
s->auth_data);
pclose(f);
+ if (gethostname(hostname,sizeof(hostname)) >= 0)
+ child_set_env(&env,env_size,"XAUTHLOCALHOSTNAME",
+ hostname);
+ else
+ debug("Cannot set up XAUTHLOCALHOSTNAME %s\n",
+ strerror(errno));
} else {
fprintf(stderr, "Could not run %s\n",
cmd);
@@ -1518,6 +1528,7 @@ do_child(struct ssh *ssh, Session *s, co
char **env, *argv[ARGV_MAX], remote_id[512];
const char *shell, *shell0;
struct passwd *pw = s->pw;
+ int env_size;
int r = 0;
sshpkt_fmt_connection_id(ssh, remote_id, sizeof(remote_id));
@@ -1574,7 +1585,7 @@ do_child(struct ssh *ssh, Session *s, co
* Make sure $SHELL points to the shell from the password file,
* even if shell is overridden from login.conf
*/
- env = do_setup_env(ssh, s, shell);
+ env = do_setup_env(ssh, s, shell, &env_size);
#ifdef HAVE_LOGIN_CAP
shell = login_getcapstr(lc, "shell", (char *)shell, (char *)shell);
@@ -1638,7 +1649,7 @@ do_child(struct ssh *ssh, Session *s, co
closefrom(STDERR_FILENO + 1);
- do_rc_files(ssh, s, shell);
+ do_rc_files(ssh, s, shell, env, &env_size);
/* restore SIGPIPE for child */
ssh_signal(SIGPIPE, SIG_DFL);

2719
openssh-7.7p1-ldap.patch Normal file

File diff suppressed because it is too large Load Diff

View File

@ -0,0 +1,17 @@
# HG changeset patch
# Parent bad0c8b3b8d72abb6960ed85b57ee42352371738
Do not write a PID file when not daemonizing (e.g. when running from systemd)
Index: openssh-8.8p1/sshd.c
===================================================================
--- openssh-8.8p1.orig/sshd.c
+++ openssh-8.8p1/sshd.c
@@ -2129,7 +2129,7 @@ main(int ac, char **av)
* Write out the pid file after the sigterm handler
* is setup and the listen sockets are bound
*/
- if (options.pid_file != NULL && !debug_flag) {
+ if (!no_daemon_flag && options.pid_file != NULL && !debug_flag) {
FILE *f = fopen(options.pid_file, "w");
if (f == NULL) {

View File

@ -0,0 +1,134 @@
# HG changeset patch
# Parent 089f4fba0112d410a1bfa74398941f076681d446
new option UsePAMCheckLocks to enforce checking for locked accounts while
UsePAM is used
bnc#708678, FATE#312033
Index: openssh-8.8p1/auth.c
===================================================================
--- openssh-8.8p1.orig/auth.c
+++ openssh-8.8p1/auth.c
@@ -113,7 +113,7 @@ allowed_user(struct ssh *ssh, struct pas
if (!pw || !pw->pw_name)
return 0;
- if (!options.use_pam && platform_locked_account(pw)) {
+ if ((!options.use_pam || options.use_pam_check_locks) && platform_locked_account(pw)) {
logit("User %.100s not allowed because account is locked",
pw->pw_name);
return 0;
#@@ -133,7 +133,7 @@ allowed_user(struct ssh *ssh, struct pas
# #endif
#
# /* check for locked account */
#- if (!options.use_pam && passwd && *passwd) {
#+ if ((!options.use_pam || options.use_pam_check_locks) && passwd && *passwd) {
# int locked = 0;
#
# #ifdef LOCKED_PASSWD_STRING
Index: openssh-8.8p1/servconf.c
===================================================================
--- openssh-8.8p1.orig/servconf.c
+++ openssh-8.8p1/servconf.c
@@ -92,6 +92,7 @@ initialize_server_options(ServerOptions
/* Portable-specific options */
options->use_pam = -1;
+ options->use_pam_check_locks = -1;
/* Standard Options */
options->num_ports = 0;
@@ -278,6 +279,8 @@ fill_default_server_options(ServerOption
/* Portable-specific options */
if (options->use_pam == -1)
options->use_pam = 0;
+ if (options->use_pam_check_locks == -1)
+ options->use_pam_check_locks = 0;
/* Standard Options */
if (options->num_host_key_files == 0) {
@@ -485,7 +488,7 @@ fill_default_server_options(ServerOption
typedef enum {
sBadOption, /* == unknown option */
/* Portable-specific options */
- sUsePAM,
+ sUsePAM, sUsePAMChecklocks,
/* Standard Options */
sPort, sHostKeyFile, sLoginGraceTime,
sPermitRootLogin, sLogFacility, sLogLevel, sLogVerbose,
@@ -535,8 +538,10 @@ static struct {
/* Portable-specific options */
#ifdef USE_PAM
{ "usepam", sUsePAM, SSHCFG_GLOBAL },
+ { "usepamchecklocks", sUsePAMChecklocks, SSHCFG_GLOBAL },
#else
{ "usepam", sUnsupported, SSHCFG_GLOBAL },
+ { "usepamchecklocks", sUnsupported, SSHCFG_GLOBAL },
#endif
{ "pamauthenticationviakbdint", sDeprecated, SSHCFG_GLOBAL },
/* Standard Options */
@@ -1331,6 +1336,9 @@ process_server_config_line_depth(ServerO
case sUsePAM:
intptr = &options->use_pam;
goto parse_flag;
+ case sUsePAMChecklocks:
+ intptr = &options->use_pam_check_locks;
+ goto parse_flag;
/* Standard Options */
case sBadOption:
Index: openssh-8.8p1/servconf.h
===================================================================
--- openssh-8.8p1.orig/servconf.h
+++ openssh-8.8p1/servconf.h
@@ -200,6 +200,7 @@ typedef struct {
char *adm_forced_command;
int use_pam; /* Enable auth via PAM */
+ int use_pam_check_locks; /* internally check for locked accounts even when using PAM */
int permit_tun;
Index: openssh-8.8p1/sshd_config.0
===================================================================
--- openssh-8.8p1.orig/sshd_config.0
+++ openssh-8.8p1/sshd_config.0
@@ -1074,6 +1074,14 @@ DESCRIPTION
If UsePAM is enabled, you will not be able to run sshd(8) as a
non-root user. The default is no.
+ UsePAMCheckLocks
+ When set to ``yes'', the checks whether the account has been
+ locked with `passwd -l' are performed even when PAM authentication
+ is enabled via UsePAM. This is to ensure that it is not possible
+ to log in with e.g. a public key (in such a case PAM is used only
+ to set up the session and some PAM modules will not check whether
+ the account is locked in this scenario). The default is ``no''.
+
VersionAddendum
Optionally specifies additional text to append to the SSH
protocol banner sent by the server upon connection. The default
Index: openssh-8.8p1/sshd_config.5
===================================================================
--- openssh-8.8p1.orig/sshd_config.5
+++ openssh-8.8p1/sshd_config.5
@@ -1775,6 +1775,18 @@ is enabled, you will not be able to run
as a non-root user.
The default is
.Cm no .
+.It Cm UsePAMCheckLocks
+When set to
+.Dq yes
+, the checks whether the account has been locked with
+.Pa passwd -l
+are performed even when PAM authentication is enabled via
+.Cm UsePAM .
+This is to ensure that it is not possible to log in with e.g. a
+public key (in such a case PAM is used only to set up the session and some PAM
+modules will not check whether the account is locked in this scenario). The
+default is
+.Dq no .
.It Cm VersionAddendum
Optionally specifies additional text to append to the SSH protocol banner
sent by the server upon connection.

View File

@ -0,0 +1,30 @@
# HG changeset patch
# Parent 7cd948c83939479d1ba88a3161991cb561306f3f
# use same lines naming as utempter (prevents problems with using different
# formats in ?tmp? files)
# --used to be called '-pts'
Index: openssh-8.8p1/loginrec.c
===================================================================
--- openssh-8.8p1.orig/loginrec.c
+++ openssh-8.8p1/loginrec.c
@@ -549,7 +549,7 @@ getlast_entry(struct logininfo *li)
* 1. The full filename (including '/dev')
* 2. The stripped name (excluding '/dev')
* 3. The abbreviated name (e.g. /dev/ttyp00 -> yp00
- * /dev/pts/1 -> ts/1 )
+ * /dev/pts/1 -> /1 )
*
* Form 3 is used on some systems to identify a .tmp.? entry when
* attempting to remove it. Typically both addition and removal is
@@ -610,6 +610,10 @@ line_abbrevname(char *dst, const char *s
if (strncmp(src, "tty", 3) == 0)
src += 3;
#endif
+ if (strncmp(src, "pts/", 4) == 0) {
+ src += 3;
+ if (strlen(src) > 4) src++;
+ }
len = strlen(src);

View File

@ -0,0 +1,46 @@
# HG changeset patch
# Parent a60c0d88667efe0a64c030168950b69476af1622
# --used to be called '-xauth'
try to remove xauth cookies on logout
bnc#98815
Index: openssh-8.8p1/session.c
===================================================================
--- openssh-8.8p1.orig/session.c
+++ openssh-8.8p1/session.c
@@ -2441,6 +2441,34 @@ session_close(struct ssh *ssh, Session *
ssh_remote_port(ssh),
s->self);
+ if ((s->display != NULL) && (s->auth_proto != NULL) &&
+ (s->auth_data != NULL) && (options.xauth_location != NULL)) {
+ pid_t pid;
+ FILE *f;
+ char cmd[1024];
+ struct passwd * pw = s->pw;
+
+ if (!(pid = fork())) {
+ permanently_set_uid(pw);
+
+ /* Remove authority data from .Xauthority if appropriate. */
+ debug("Running %.500s remove %.100s\n",
+ options.xauth_location, s->auth_display);
+
+ snprintf(cmd, sizeof cmd, "unset XAUTHORITY && HOME=\"%.200s\" %s -q -",
+ s->pw->pw_dir, options.xauth_location);
+ f = popen(cmd, "w");
+ if (f) {
+ fprintf(f, "remove %s\n", s->auth_display);
+ pclose(f);
+ } else
+ error("Could not run %s\n", cmd);
+ exit(0);
+ } else if (pid > 0) {
+ waitpid(pid, NULL, 0);
+ }
+ }
+
if (s->ttyfd != -1)
session_pty_cleanup(s);
free(s->term);

View File

@ -0,0 +1,41 @@
# HG changeset patch
# Parent 9d38b7292619a6d5faf554b1a88888fdfa535de7
Patch from IBM enabling the use of OpenCryptoki, submitted upstreams:
From: Eduardo Barretto <ebarretto@linux.vnet.ibm.com>
To: openssh-unix-dev@mindrot.org
Subject: [PATCH 1/3] Allow flock and ipc syscall for s390 architecture
Date: Tue, 9 May 2017 14:27:13 -0300
In order to use the OpenSSL-ibmpkcs11 engine it is needed to allow flock
and ipc calls, because this engine calls OpenCryptoki (a PKCS#11
implementation) which calls the libraries that will communicate with the
crypto cards. OpenCryptoki makes use of flock and ipc and, as of now,
this is only need on s390 architecture.
Signed-off-by: Eduardo Barretto <ebarretto@linux.vnet.ibm.com>
Index: openssh-8.8p1/sandbox-seccomp-filter.c
===================================================================
--- openssh-8.8p1.orig/sandbox-seccomp-filter.c
+++ openssh-8.8p1/sandbox-seccomp-filter.c
@@ -219,6 +219,9 @@ static const struct sock_filter preauth_
#ifdef __NR_geteuid32
SC_ALLOW(__NR_geteuid32),
#endif
+#if defined(__NR_flock) && defined(__s390__)
+ SC_ALLOW(__NR_flock),
+#endif
#ifdef __NR_getpgid
SC_ALLOW(__NR_getpgid),
#endif
@@ -237,6 +240,9 @@ static const struct sock_filter preauth_
#ifdef __NR_getuid32
SC_ALLOW(__NR_getuid32),
#endif
+#if defined(__NR_ipc) && defined(__s390__)
+ SC_ALLOW(__NR_ipc),
+#endif
#ifdef __NR_madvise
SC_ALLOW_ARG(__NR_madvise, 2, MADV_NORMAL),
# ifdef MADV_FREE

View File

@ -0,0 +1,21 @@
# HG changeset patch
# Parent 5034ae16f6a5c9c7151d931dc1cce2a541fe010e
Allow the stat() syscall for OpenSSL re-seed patch
(which causes OpenSSL use stat() on some file)
bnc#912436
Index: openssh-8.8p1/sandbox-seccomp-filter.c
===================================================================
--- openssh-8.8p1.orig/sandbox-seccomp-filter.c
+++ openssh-8.8p1/sandbox-seccomp-filter.c
@@ -294,6 +294,9 @@ static const struct sock_filter preauth_
#ifdef __NR_sigprocmask
SC_ALLOW(__NR_sigprocmask),
#endif
+#ifdef __NR_stat
+ SC_ALLOW(__NR_stat),
+#endif
#ifdef __NR_time
SC_ALLOW(__NR_time),
#endif

View File

@ -0,0 +1,37 @@
# HG changeset patch
# Parent db426aecefd1f4f8a7f9b9b6e8936cd8dd2f17fa
send locales in default configuration
bnc#65747
Index: openssh-8.8p1/ssh_config
===================================================================
--- openssh-8.8p1.orig/ssh_config
+++ openssh-8.8p1/ssh_config
@@ -31,6 +31,11 @@ Host *
# expire after twenty minutes after remote login.
ForwardX11Trusted yes
+# This enables sending locale enviroment variables LC_* LANG, see ssh_config(5).
+ SendEnv LANG LC_CTYPE LC_NUMERIC LC_TIME LC_COLLATE LC_MONETARY LC_MESSAGES
+ SendEnv LC_PAPER LC_NAME LC_ADDRESS LC_TELEPHONE LC_MEASUREMENT
+ SendEnv LC_IDENTIFICATION LC_ALL
+
# PasswordAuthentication yes
# HostbasedAuthentication no
# GSSAPIAuthentication no
Index: openssh-8.8p1/sshd_config
===================================================================
--- openssh-8.8p1.orig/sshd_config
+++ openssh-8.8p1/sshd_config
@@ -108,6 +108,11 @@ X11Forwarding yes
# override default of no subsystems
Subsystem sftp /usr/libexec/sftp-server
+# This enables accepting locale enviroment variables LC_* LANG, see sshd_config(5).
+AcceptEnv LANG LC_CTYPE LC_NUMERIC LC_TIME LC_COLLATE LC_MONETARY LC_MESSAGES
+AcceptEnv LC_PAPER LC_NAME LC_ADDRESS LC_TELEPHONE LC_MEASUREMENT
+AcceptEnv LC_IDENTIFICATION LC_ALL
+
# Example of overriding settings on a per-user basis
#Match User anoncvs
# X11Forwarding no

View File

@ -0,0 +1,125 @@
Index: openssh-8.8p1/sftp-server.8
===================================================================
--- openssh-8.8p1.orig/sftp-server.8
+++ openssh-8.8p1/sftp-server.8
@@ -38,6 +38,7 @@
.Op Fl P Ar denied_requests
.Op Fl p Ar allowed_requests
.Op Fl u Ar umask
+.Op Fl m Ar force_file_dir_perms
.Ek
.Nm
.Fl Q Ar protocol_feature
@@ -138,6 +139,10 @@ Sets an explicit
.Xr umask 2
to be applied to newly-created files and directories, instead of the
user's default mask.
+.It Fl m Ar force_file_dir_perms
+Sets explicit permissions to be applied to newly-created files and directories
+instead of the default or client requested mode. Numeric values include:
+777, 755, 750, 666, 644, 640, etc. Option -u is ineffective if -m is set.
.El
.Pp
On some systems,
Index: openssh-8.8p1/sftp-server.c
===================================================================
--- openssh-8.8p1.orig/sftp-server.c
+++ openssh-8.8p1/sftp-server.c
@@ -73,6 +73,10 @@ struct sshbuf *oqueue;
/* Version of client */
static u_int version;
+/* Force file and directory permissions */
+int permforce = 0;
+long permforcemode;
+
/* SSH2_FXP_INIT received */
static int init_done;
@@ -724,6 +728,7 @@ process_open(u_int32_t id)
Attrib a;
char *name;
int r, handle, fd, flags, mode, status = SSH2_FX_FAILURE;
+ mode_t old_umask = 0;
if ((r = sshbuf_get_cstring(iqueue, &name, NULL)) != 0 ||
(r = sshbuf_get_u32(iqueue, &pflags)) != 0 || /* portable flags */
@@ -733,6 +738,10 @@ process_open(u_int32_t id)
debug3("request %u: open flags %d", id, pflags);
flags = flags_from_portable(pflags);
mode = (a.flags & SSH2_FILEXFER_ATTR_PERMISSIONS) ? a.perm : 0666;
+ if (permforce == 1) { /* Force perm if -m is set */
+ mode = permforcemode;
+ old_umask = umask(0); /* so umask does not interfere */
+ }
logit("open \"%s\" flags %s mode 0%o",
name, string_from_portable(pflags), mode);
if (readonly &&
@@ -754,6 +763,8 @@ process_open(u_int32_t id)
}
}
}
+ if (permforce == 1)
+ (void) umask(old_umask); /* restore umask to something sane */
if (status != SSH2_FX_OK)
send_status(id, status);
free(name);
@@ -1183,6 +1194,7 @@ process_mkdir(u_int32_t id)
Attrib a;
char *name;
int r, mode, status = SSH2_FX_FAILURE;
+ mode_t old_umask = 0;
if ((r = sshbuf_get_cstring(iqueue, &name, NULL)) != 0 ||
(r = decode_attrib(iqueue, &a)) != 0)
@@ -1190,9 +1202,16 @@ process_mkdir(u_int32_t id)
mode = (a.flags & SSH2_FILEXFER_ATTR_PERMISSIONS) ?
a.perm & 07777 : 0777;
+ if (permforce == 1) { /* Force perm if -m is set */
+ mode = permforcemode;
+ old_umask = umask(0); /* so umask does not interfere */
+ }
+
debug3("request %u: mkdir", id);
logit("mkdir name \"%s\" mode 0%o", name, mode);
r = mkdir(name, mode);
+ if (permforce == 1)
+ (void) umask(old_umask); /* restore umask to something sane */
status = (r == -1) ? errno_to_portable(errno) : SSH2_FX_OK;
send_status(id, status);
free(name);
@@ -1700,7 +1719,7 @@ sftp_server_usage(void)
fprintf(stderr,
"usage: %s [-ehR] [-d start_directory] [-f log_facility] "
"[-l log_level]\n\t[-P denied_requests] "
- "[-p allowed_requests] [-u umask]\n"
+ "[-p allowed_requests] [-u umask] [-m force_file_dir_perms]\n"
" %s -Q protocol_feature\n",
__progname, __progname);
exit(1);
@@ -1728,7 +1747,7 @@ sftp_server_main(int argc, char **argv,
pw = pwcopy(user_pw);
while (!skipargs && (ch = getopt(argc, argv,
- "d:f:l:P:p:Q:u:cehR")) != -1) {
+ "d:f:l:P:p:Q:u:m:cehR")) != -1) {
switch (ch) {
case 'Q':
if (strcasecmp(optarg, "requests") != 0) {
@@ -1790,6 +1809,15 @@ sftp_server_main(int argc, char **argv,
fatal("Invalid umask \"%s\"", optarg);
(void)umask((mode_t)mask);
break;
+ case 'm':
+ /* Force permissions on file and directory received via sftp */
+ permforce = 1;
+ permforcemode = strtol(optarg, &cp, 8);
+ if (permforcemode < 0 || permforcemode > 0777 ||
+ *cp != '\0' || (permforcemode == 0 &&
+ errno != 0))
+ fatal("Invalid file mode \"%s\"", optarg);
+ break;
case 'h':
default:
sftp_server_usage();

View File

@ -0,0 +1,60 @@
# HG changeset patch
# Parent 60bdbe6dd8d6bc011883472363d56e1d97f68835
Put back sftp client diagnostic messages in batch mode
Index: openssh-8.8p1/sftp.1
===================================================================
--- openssh-8.8p1.orig/sftp.1
+++ openssh-8.8p1/sftp.1
@@ -287,6 +287,9 @@ Specifies the port to connect to on the
.It Fl p
Preserves modification times, access times, and modes from the
original files transferred.
+.It Fl Q
+Not-so-quiet batch mode: forces printing of diagnostic messages
+in batch mode.
.It Fl q
Quiet mode: disables the progress meter as well as warning and
diagnostic messages from
Index: openssh-8.8p1/sftp.c
===================================================================
--- openssh-8.8p1.orig/sftp.c
+++ openssh-8.8p1/sftp.c
@@ -82,6 +82,9 @@ static volatile pid_t sshpid = -1;
/* Suppress diagnostic messages */
int quiet = 0;
+/* Force diagnositic messages in batch mode */
+int loud = 0;
+
/* This is set to 0 if the progressmeter is not desired. */
int showprogress = 1;
@@ -2381,7 +2384,7 @@ main(int argc, char **argv)
infile = stdin;
while ((ch = getopt(argc, argv,
- "1246AafhNpqrvCc:D:i:l:o:s:S:b:B:F:J:P:R:X:")) != -1) {
+ "1246AafhNpQqrvCc:D:i:l:o:s:S:b:B:F:J:P:R:X:")) != -1) {
switch (ch) {
/* Passed through to ssh(1) */
case 'A':
@@ -2399,6 +2402,9 @@ main(int argc, char **argv)
addargs(&args, "-%c", ch);
addargs(&args, "%s", optarg);
break;
+ case 'Q':
+ loud = 1;
+ break;
case 'q':
ll = SYSLOG_LEVEL_ERROR;
quiet = 1;
@@ -2483,6 +2489,8 @@ main(int argc, char **argv)
usage();
}
}
+ if (batchmode && loud)
+ quiet = 0;
/* Do this last because we want the user to be able to override it */
addargs(&args, "-oForwardAgent no");

View File

@ -0,0 +1,87 @@
# HG changeset patch
# Parent d296e85dc414b8cd1b4b55ad03d8216feb26531a
Send signals to systemd to prevent various race conditions
bsc#1048367
Index: openssh-8.8p1/configure.ac
===================================================================
--- openssh-8.8p1.orig/configure.ac
+++ openssh-8.8p1/configure.ac
@@ -4751,6 +4751,30 @@ AC_ARG_WITH([kerberos5],
# AC_SUBST([GSSLIBS])
AC_SUBST([K5LIBS])
AC_SUBST([CHANNELLIBS])
+# Check whether user wants systemd support
+SYSTEMD_MSG="no"
+AC_ARG_WITH(systemd,
+ [ --with-systemd Enable systemd support],
+ [ if test "x$withval" != "xno" ; then
+ AC_PATH_TOOL([PKGCONFIG], [pkg-config], [no])
+ if test "$PKGCONFIG" != "no"; then
+ AC_MSG_CHECKING([for libsystemd])
+ if $PKGCONFIG --exists libsystemd; then
+ SYSTEMD_CFLAGS=`$PKGCONFIG --cflags libsystemd`
+ SYSTEMD_LIBS=`$PKGCONFIG --libs libsystemd`
+ CPPFLAGS="$CPPFLAGS $SYSTEMD_CFLAGS"
+ SSHDLIBS="$SSHDLIBS $SYSTEMD_LIBS"
+ AC_MSG_RESULT([yes])
+ AC_DEFINE(HAVE_SYSTEMD, 1, [Define if you want systemd support.])
+ SYSTEMD_MSG="yes"
+ else
+ AC_MSG_RESULT([no])
+ fi
+ fi
+ fi ]
+)
+
+
# Looking for programs, paths and files
PRIVSEP_PATH=/var/empty
@@ -5564,6 +5588,7 @@ echo " libldns support
echo " Solaris process contract support: $SPC_MSG"
echo " Solaris project support: $SP_MSG"
echo " Solaris privilege support: $SPP_MSG"
+echo " systemd support: $SYSTEMD_MSG"
echo " IP address in \$DISPLAY hack: $DISPLAY_HACK_MSG"
echo " Translate v4 in v6 hack: $IPV4_IN6_HACK_MSG"
echo " BSD Auth support: $BSD_AUTH_MSG"
Index: openssh-8.8p1/sshd.c
===================================================================
--- openssh-8.8p1.orig/sshd.c
+++ openssh-8.8p1/sshd.c
@@ -85,6 +85,10 @@
#include <prot.h>
#endif
+#ifdef HAVE_SYSTEMD
+#include <systemd/sd-daemon.h>
+#endif
+
#include "xmalloc.h"
#include "ssh.h"
#include "ssh2.h"
@@ -308,6 +312,10 @@ sighup_handler(int sig)
static void
sighup_restart(void)
{
+#ifdef HAVE_SYSTEMD
+ /* Signal systemd that we are reloading */
+ sd_notify(0, "RELOADING=1");
+#endif
logit("Received SIGHUP; restarting.");
if (options.pid_file != NULL)
unlink(options.pid_file);
@@ -2076,6 +2084,11 @@ main(int ac, char **av)
}
}
+#ifdef HAVE_SYSTEMD
+ /* Signal systemd that we are ready to accept connections */
+ sd_notify(0, "READY=1");
+#endif
+
/* Accept a connection and return in a forked child */
server_accept_loop(&sock_in, &sock_out,
&newsock, config_s);

View File

@ -0,0 +1,39 @@
commit 07ffb49749c310b82e44278ae05e081d6f4a82bf
Author: Hans Petter Jansson <hpj@cl.no>
Date: Fri Sep 27 01:57:16 2019 +0200
ssh-keygen: Preserve known_hosts permissions on rewrite
Transfer the permissions of the old known_hosts file instead of
just going with what mkstemp() gives us. This is useful in corner
cases where known_hosts is shared between users.
Index: openssh-8.8p1/ssh-keygen.c
===================================================================
--- openssh-8.8p1.orig/ssh-keygen.c
+++ openssh-8.8p1/ssh-keygen.c
@@ -1384,6 +1384,11 @@ do_known_hosts(struct passwd *pw, const
if (inplace)
unlink(tmp);
} else if (inplace) {
+ struct stat st;
+
+ /* Get metadata for existing file */
+ r = stat(identity_file, &st);
+
/* Backup existing file */
if (unlink(old) == -1 && errno != ENOENT)
fatal("unlink %.100s: %s", old, strerror(errno));
@@ -1398,6 +1403,12 @@ do_known_hosts(struct passwd *pw, const
unlink(old);
exit(1);
}
+ /* Preserve permissions; non-critical */
+ if (r != -1)
+ r = chown(identity_file, st.st_uid, st.st_gid);
+ if (r != -1)
+ chmod(identity_file,
+ st.st_mode & (S_IRWXU | S_IRWXG | S_IRWXO));
printf("%s updated.\n", identity_file);
printf("Original contents retained as %s\n", old);

View File

@ -0,0 +1,76 @@
commit 101aa2f70c937abb428c9433c39ba0fd9a91fe6b
Author: Hans Petter Jansson <hpj@cl.no>
Date: Thu Jun 20 23:54:11 2019 +0200
Revert IPQoS DSCP AF21/CS1 from upstream due to bugs in other software
Reverts OpenBSD-Commit-ID: d11d2a4484f461524ef0c20870523dfcdeb52181
Index: openssh-8.8p1/readconf.c
===================================================================
--- openssh-8.8p1.orig/readconf.c
+++ openssh-8.8p1/readconf.c
@@ -2679,9 +2679,9 @@ fill_default_options(Options * options)
if (options->visual_host_key == -1)
options->visual_host_key = 0;
if (options->ip_qos_interactive == -1)
- options->ip_qos_interactive = IPTOS_DSCP_AF21;
+ options->ip_qos_interactive = IPTOS_LOWDELAY;
if (options->ip_qos_bulk == -1)
- options->ip_qos_bulk = IPTOS_DSCP_CS1;
+ options->ip_qos_bulk = IPTOS_THROUGHPUT;
if (options->request_tty == -1)
options->request_tty = REQUEST_TTY_AUTO;
if (options->session_type == -1)
Index: openssh-8.8p1/servconf.c
===================================================================
--- openssh-8.8p1.orig/servconf.c
+++ openssh-8.8p1/servconf.c
@@ -459,9 +459,9 @@ fill_default_server_options(ServerOption
if (options->permit_tun == -1)
options->permit_tun = SSH_TUNMODE_NO;
if (options->ip_qos_interactive == -1)
- options->ip_qos_interactive = IPTOS_DSCP_AF21;
+ options->ip_qos_interactive = IPTOS_LOWDELAY;
if (options->ip_qos_bulk == -1)
- options->ip_qos_bulk = IPTOS_DSCP_CS1;
+ options->ip_qos_bulk = IPTOS_THROUGHPUT;
if (options->version_addendum == NULL)
options->version_addendum = xstrdup("");
if (options->fwd_opts.streamlocal_bind_mask == (mode_t)-1)
Index: openssh-8.8p1/ssh_config.5
===================================================================
--- openssh-8.8p1.orig/ssh_config.5
+++ openssh-8.8p1/ssh_config.5
@@ -1182,11 +1182,9 @@ If one argument is specified, it is used
If two values are specified, the first is automatically selected for
interactive sessions and the second for non-interactive sessions.
The default is
-.Cm af21
-(Low-Latency Data)
+.Cm lowdelay
for interactive sessions and
-.Cm cs1
-(Lower Effort)
+.Cm throughput
for non-interactive sessions.
.It Cm KbdInteractiveAuthentication
Specifies whether to use keyboard-interactive authentication.
Index: openssh-8.8p1/sshd_config.5
===================================================================
--- openssh-8.8p1.orig/sshd_config.5
+++ openssh-8.8p1/sshd_config.5
@@ -903,11 +903,9 @@ If one argument is specified, it is used
If two values are specified, the first is automatically selected for
interactive sessions and the second for non-interactive sessions.
The default is
-.Cm af21
-(Low-Latency Data)
+.Cm lowdelay
for interactive sessions and
-.Cm cs1
-(Lower Effort)
+.Cm throughput
for non-interactive sessions.
.It Cm KbdInteractiveAuthentication
Specifies whether to allow keyboard-interactive authentication.

File diff suppressed because it is too large Load Diff

2476
openssh-8.1p1-audit.patch Normal file

File diff suppressed because it is too large Load Diff

View File

@ -0,0 +1,74 @@
commit d281831d887044ede45d458c3dda74be9ae017e3
Author: Hans Petter Jansson <hpj@hpjansson.org>
Date: Fri Sep 25 23:26:58 2020 +0200
Use OpenSSL's FIPS approved RAND_bytes() to get randomness for Ed25519
diff --git a/ed25519.c b/ed25519.c
index 767ec24..5d506a9 100644
--- a/ed25519.c
+++ b/ed25519.c
@@ -9,6 +9,13 @@
#include "crypto_api.h"
+#ifdef WITH_OPENSSL
+#include <openssl/rand.h>
+#include <openssl/err.h>
+#endif
+
+#include "log.h"
+
#define int8 crypto_int8
#define uint8 crypto_uint8
#define int16 crypto_int16
@@ -33,7 +40,15 @@ int crypto_sign_ed25519_keypair(
sc25519 scsk;
ge25519 gepk;
+#ifdef WITH_OPENSSL
+ /* Use FIPS approved RNG */
+ if (RAND_bytes(sk, 32) <= 0)
+ fatal("Couldn't obtain random bytes (error 0x%lx)",
+ (unsigned long)ERR_get_error());
+#else
randombytes(sk,32);
+#endif
+
crypto_hash_sha512(az,sk,32);
az[0] &= 248;
az[31] &= 127;
diff --git a/kexc25519.c b/kexc25519.c
index f13d766..2604eda 100644
--- a/kexc25519.c
+++ b/kexc25519.c
@@ -33,6 +33,13 @@
#include <string.h>
#include <signal.h>
+#ifdef WITH_OPENSSL
+#include <openssl/rand.h>
+#include <openssl/err.h>
+#endif
+
+#include "log.h"
+
#include "sshkey.h"
#include "kex.h"
#include "sshbuf.h"
@@ -51,7 +58,15 @@ kexc25519_keygen(u_char key[CURVE25519_SIZE], u_char pub[CURVE25519_SIZE])
{
static const u_char basepoint[CURVE25519_SIZE] = {9};
+#ifdef WITH_OPENSSL
+ /* Use FIPS approved RNG */
+ if (RAND_bytes(key, CURVE25519_SIZE) <= 0)
+ fatal("Couldn't obtain random bytes (error 0x%lx)",
+ (unsigned long)ERR_get_error());
+#else
arc4random_buf(key, CURVE25519_SIZE);
+#endif
+
crypto_scalarmult_curve25519(pub, key, basepoint);
}

View File

@ -0,0 +1,25 @@
From b110cefdfbf5a20f49b774a55062d6ded2fb6e22 Mon Sep 17 00:00:00 2001
From: Khem Raj <raj.khem@gmail.com>
Date: Tue, 7 Jan 2020 16:26:45 -0800
Subject: [PATCH] seccomp: Allow clock_gettime64() in sandbox.
This helps sshd accept connections on mips platforms with
upcoming glibc ( 2.31 )
---
sandbox-seccomp-filter.c | 3 +++
1 file changed, 3 insertions(+)
Index: openssh-8.8p1/sandbox-seccomp-filter.c
===================================================================
--- openssh-8.8p1.orig/sandbox-seccomp-filter.c
+++ openssh-8.8p1/sandbox-seccomp-filter.c
@@ -279,6 +279,9 @@ static const struct sock_filter preauth_
#ifdef __NR_clock_nanosleep_time64
SC_ALLOW(__NR_clock_nanosleep_time64),
#endif
+#ifdef __NR_clock_gettime64
+ SC_ALLOW(__NR_clock_gettime64),
+#endif
#ifdef __NR__newselect
SC_ALLOW(__NR__newselect),
#endif

View File

@ -0,0 +1,14 @@
Index: openssh-8.8p1/sandbox-seccomp-filter.c
===================================================================
--- openssh-8.8p1.orig/sandbox-seccomp-filter.c
+++ openssh-8.8p1/sandbox-seccomp-filter.c
@@ -273,6 +273,9 @@ static const struct sock_filter preauth_
#ifdef __NR_clock_gettime64
SC_ALLOW(__NR_clock_gettime64),
#endif
+#ifdef __NR_clock_nanosleep
+ SC_ALLOW(__NR_clock_nanosleep),
+#endif
#ifdef __NR__newselect
SC_ALLOW(__NR__newselect),
#endif

View File

@ -0,0 +1,24 @@
From 5af6fd5461bb709304e6979c8b7856c7af921c9e Mon Sep 17 00:00:00 2001
From: Darren Tucker <dtucker@dtucker.net>
Date: Mon, 16 Dec 2019 13:55:56 +1100
Subject: [PATCH] Allow clock_nanosleep_time64 in seccomp sandbox.
Needed on Linux ARM. bz#3100, patch from jjelen@redhat.com.
---
sandbox-seccomp-filter.c | 3 +++
1 file changed, 3 insertions(+)
Index: openssh-8.8p1/sandbox-seccomp-filter.c
===================================================================
--- openssh-8.8p1.orig/sandbox-seccomp-filter.c
+++ openssh-8.8p1/sandbox-seccomp-filter.c
@@ -276,6 +276,9 @@ static const struct sock_filter preauth_
#ifdef __NR_clock_nanosleep
SC_ALLOW(__NR_clock_nanosleep),
#endif
+#ifdef __NR_clock_nanosleep_time64
+ SC_ALLOW(__NR_clock_nanosleep_time64),
+#endif
#ifdef __NR__newselect
SC_ALLOW(__NR__newselect),
#endif

View File

@ -0,0 +1,158 @@
Index: openssh-8.8p1/kex.c
===================================================================
--- openssh-8.8p1.orig/kex.c
+++ openssh-8.8p1/kex.c
@@ -40,6 +40,7 @@
#ifdef WITH_OPENSSL
#include <openssl/crypto.h>
#include <openssl/dh.h>
+#include <openssl/kdf.h>
#endif
#include "ssh.h"
@@ -1115,8 +1116,93 @@ kex_choose_conf(struct ssh *ssh)
return r;
}
+#ifdef WITH_OPENSSL
+
+static const EVP_MD *
+get_openssl_md_for_hash_alg (int hash_alg)
+{
+ if (hash_alg < 0 || hash_alg >= SSH_DIGEST_MAX)
+ return NULL;
+
+ switch (hash_alg)
+ {
+ case SSH_DIGEST_MD5:
+ return EVP_md5();
+ case SSH_DIGEST_SHA1:
+ return EVP_sha1();
+ case SSH_DIGEST_SHA256:
+ return EVP_sha256();
+ case SSH_DIGEST_SHA384:
+ return EVP_sha384();
+ case SSH_DIGEST_SHA512:
+ return EVP_sha512();
+ default:
+ break;
+ }
+
+ return NULL;
+}
+
static int
-derive_key(struct ssh *ssh, int id, u_int need, u_char *hash, u_int hashlen,
+derive_key_via_openssl(struct ssh *ssh, int id, u_int need, u_char *hash, u_int hashlen,
+ const struct sshbuf *shared_secret, u_char **keyp)
+{
+ struct kex *kex = ssh->kex;
+ EVP_KDF_CTX *hashctx = NULL;
+ const EVP_MD *md = NULL;
+ u_char *digest = NULL;
+ int r = SSH_ERR_LIBCRYPTO_ERROR;
+
+ hashctx = EVP_KDF_CTX_new_id (EVP_KDF_SSHKDF);
+ if (!hashctx)
+ goto out;
+
+ md = get_openssl_md_for_hash_alg (kex->hash_alg);
+ if (!md)
+ goto out;
+
+ if (EVP_KDF_ctrl (hashctx, EVP_KDF_CTRL_SET_MD,
+ md) != 1
+ || EVP_KDF_ctrl (hashctx, EVP_KDF_CTRL_SET_KEY,
+ sshbuf_ptr(shared_secret), sshbuf_len(shared_secret)) != 1
+ || EVP_KDF_ctrl (hashctx, EVP_KDF_CTRL_SET_SSHKDF_TYPE,
+ (int) id) != 1
+ || EVP_KDF_ctrl (hashctx, EVP_KDF_CTRL_SET_SSHKDF_XCGHASH,
+ hash, (size_t) hashlen) != 1
+ || EVP_KDF_ctrl (hashctx, EVP_KDF_CTRL_SET_SSHKDF_SESSION_ID,
+ sshbuf_ptr(kex->session_id),
+ (size_t) sshbuf_len(kex->session_id)) != 1)
+ goto out;
+
+ digest = calloc (1, need);
+ if (!digest) {
+ r = SSH_ERR_ALLOC_FAIL;
+ goto out;
+ }
+
+ if (EVP_KDF_derive (hashctx, digest, need) != 1)
+ goto out;
+
+ *keyp = digest;
+ digest = NULL;
+ r = 0;
+
+ out:
+ if (hashctx)
+ EVP_KDF_CTX_free(hashctx);
+
+ if (digest)
+ free(digest);
+
+ return r;
+}
+
+#else
+# error This version of openssh must be built with openssl to benefit from FIPS certification.
+#endif
+
+static int
+derive_key_via_internal(struct ssh *ssh, int id, u_int need, u_char *hash, u_int hashlen,
const struct sshbuf *shared_secret, u_char **keyp)
{
struct kex *kex = ssh->kex;
@@ -1179,6 +1265,50 @@ derive_key(struct ssh *ssh, int id, u_in
return r;
}
+/* Belt and suspenders; we want the output from openssl because it's FIPS certified. However,
+ * if there's a bug in the implementation, we should not proceed. Minimize risk by requiring
+ * the implementations agree. */
+static int
+derive_key(struct ssh *ssh, int id, u_int need, u_char *hash, u_int hashlen,
+ const struct sshbuf *shared_secret, u_char **keyp)
+{
+#ifdef WITH_OPENSSL
+
+ u_char *buf_openssl = NULL, *buf_internal = NULL;
+ int r;
+
+ r = derive_key_via_openssl (ssh, id, need, hash, hashlen, shared_secret, &buf_openssl);
+ if (r != 0)
+ goto out;
+
+ r = derive_key_via_internal (ssh, id, need, hash, hashlen, shared_secret, &buf_internal);
+ if (r != 0)
+ goto out;
+
+ if (memcmp (buf_openssl, buf_internal, need))
+ {
+ r = SSH_ERR_LIBCRYPTO_ERROR;
+ goto out;
+ }
+
+ *keyp = buf_openssl;
+ buf_openssl = NULL;
+
+ out:
+ if (buf_openssl)
+ free (buf_openssl);
+ if (buf_internal)
+ free (buf_internal);
+
+ return r;
+
+#else
+
+ return derive_key_via_internal (ssh, id, need, hash, hashlen, shared_secret, keyp);
+
+#endif
+}
+
#define NKEYS 6
int
kex_derive_keys(struct ssh *ssh, u_char *hash, u_int hashlen,

View File

@ -0,0 +1,19 @@
Gemeinsame Unterverzeichnisse: openssh-8.4p1.orig/contrib und openssh-8.4p1/contrib.
Gemeinsame Unterverzeichnisse: openssh-8.4p1.orig/.github und openssh-8.4p1/.github.
Gemeinsame Unterverzeichnisse: openssh-8.4p1.orig/m4 und openssh-8.4p1/m4.
Gemeinsame Unterverzeichnisse: openssh-8.4p1.orig/openbsd-compat und openssh-8.4p1/openbsd-compat.
Gemeinsame Unterverzeichnisse: openssh-8.4p1.orig/regress und openssh-8.4p1/regress.
diff -u openssh-8.4p1.orig/sshd_config openssh-8.4p1/sshd_config
--- openssh-8.4p1.orig/sshd_config 2020-09-27 09:25:01.000000000 +0200
+++ openssh-8.4p1/sshd_config 2021-05-18 19:15:39.190701511 +0200
@@ -88,8 +88,8 @@
#X11DisplayOffset 10
#X11UseLocalhost yes
#PermitTTY yes
-#PrintMotd yes
-#PrintLastLog yes
+PrintMotd no
+PrintLastLog no
#TCPKeepAlive yes
#PermitUserEnvironment no
#Compression delayed

View File

@ -0,0 +1,40 @@
Index: openssh-8.9p1/ssh_config
===================================================================
--- openssh-8.9p1.orig/ssh_config
+++ openssh-8.9p1/ssh_config
@@ -17,6 +17,13 @@
# list of available options, their meanings and defaults, please see the
# ssh_config(5) man page.
+# To modify the system-wide ssh configuration, create a "*.conf" file under
+# "/etc/ssh/ssh_config.d/" which will be automatically included below.
+# Don't edit this configuration file itself if possible to avoid update
+# problems.
+Include /etc/ssh/ssh_config.d/*.conf
+Include /usr/etc/ssh/ssh_config.d/*.conf
+
Host *
# ForwardAgent no
# ForwardX11 no
Index: openssh-8.9p1/sshd_config
===================================================================
--- openssh-8.9p1.orig/sshd_config
+++ openssh-8.9p1/sshd_config
@@ -5,10 +5,17 @@
# This sshd was compiled with PATH=/usr/bin:/bin:/usr/sbin:/sbin
+# To modify the system-wide sshd configuration, create a "*.conf" file under
+# "/etc/ssh/sshd_config.d/" which will be automatically included below.
+# Don't edit this configuration file itself if possible to avoid update
+# problems.
+Include /etc/ssh/sshd_config.d/*.conf
+
# The strategy used for options in the default sshd_config shipped with
# OpenSSH is to specify options with their default value where
# possible, but leave them commented. Uncommented options override the
# default value.
+Include /usr/etc/ssh/sshd_config.d/*.conf
#Port 22
#AddressFamily any

View File

@ -0,0 +1,208 @@
Gemeinsame Unterverzeichnisse: openssh-8.4p1/contrib und openssh-8.4p1-vendor/contrib.
Index: openssh-8.9p1/dh.c
===================================================================
--- openssh-8.9p1.orig/dh.c
+++ openssh-8.9p1/dh.c
@@ -54,7 +54,17 @@ void dh_set_moduli_file(const char *file
static const char * get_moduli_filename(void)
{
- return moduli_filename ? moduli_filename : _PATH_DH_MODULI;
+ struct stat st;
+
+ if (moduli_filename)
+ return moduli_filename;
+
+ if (stat(_PATH_VENDOR_DH_MODULI, &st) == 0 &&
+ stat(_PATH_DH_MODULI, &st) == -1) {
+ return _PATH_VENDOR_DH_MODULI;
+ }
+
+ return _PATH_DH_MODULI;
}
static int
Index: openssh-8.9p1/pathnames.h
===================================================================
--- openssh-8.9p1.orig/pathnames.h
+++ openssh-8.9p1/pathnames.h
@@ -18,6 +18,8 @@
#define SSHDIR ETCDIR "/ssh"
#endif
+#define VENDORDIR "/usr/etc/ssh"
+
#ifndef _PATH_SSH_PIDDIR
#define _PATH_SSH_PIDDIR "/var/run"
#endif
@@ -35,13 +37,17 @@
* should be world-readable.
*/
#define _PATH_SERVER_CONFIG_FILE SSHDIR "/sshd_config"
+#define _PATH_SERVER_VENDOR_CONFIG_FILE VENDORDIR "/sshd_config"
#define _PATH_HOST_CONFIG_FILE SSHDIR "/ssh_config"
+#define _PATH_HOST_VENDOR_CONFIG_FILE VENDORDIR "/ssh_config"
#define _PATH_HOST_DSA_KEY_FILE SSHDIR "/ssh_host_dsa_key"
#define _PATH_HOST_ECDSA_KEY_FILE SSHDIR "/ssh_host_ecdsa_key"
#define _PATH_HOST_ED25519_KEY_FILE SSHDIR "/ssh_host_ed25519_key"
#define _PATH_HOST_XMSS_KEY_FILE SSHDIR "/ssh_host_xmss_key"
#define _PATH_HOST_RSA_KEY_FILE SSHDIR "/ssh_host_rsa_key"
#define _PATH_DH_MODULI SSHDIR "/moduli"
+#define _PATH_VENDOR_DH_MODULI VENDORDIR "/moduli"
+
#ifndef _PATH_SSH_PROGRAM
#define _PATH_SSH_PROGRAM "/usr/bin/ssh"
Index: openssh-8.9p1/ssh.c
===================================================================
--- openssh-8.9p1.orig/ssh.c
+++ openssh-8.9p1/ssh.c
@@ -549,6 +549,7 @@ static void
process_config_files(const char *host_name, struct passwd *pw, int final_pass,
int *want_final_pass)
{
+ struct stat st;
char buf[PATH_MAX];
int r;
@@ -567,10 +568,23 @@ process_config_files(const char *host_na
&options, SSHCONF_CHECKPERM | SSHCONF_USERCONF |
(final_pass ? SSHCONF_FINAL : 0), want_final_pass);
- /* Read systemwide configuration file after user config. */
- (void)read_config_file(_PATH_HOST_CONFIG_FILE, pw,
- host, host_name, &options,
- final_pass ? SSHCONF_FINAL : 0, want_final_pass);
+ /* If only the vendor configuration file exists, use that.
+ * Else use the standard configuration file.
+ */
+ if (stat(_PATH_HOST_VENDOR_CONFIG_FILE, &st) == 0 &&
+ stat(_PATH_HOST_CONFIG_FILE, &st) == -1) {
+ /* Read vendor distributed configuration file. */
+ (void)read_config_file(_PATH_HOST_VENDOR_CONFIG_FILE,
+ pw, host, host_name, &options,
+ final_pass ? SSHCONF_FINAL : 0,
+ want_final_pass);
+ } else {
+ /* Read systemwide configuration file after user config. */
+ (void)read_config_file(_PATH_HOST_CONFIG_FILE, pw,
+ host, host_name, &options,
+ final_pass ? SSHCONF_FINAL : 0,
+ want_final_pass);
+ }
}
}
Index: openssh-8.9p1/ssh_config.5
===================================================================
--- openssh-8.9p1.orig/ssh_config.5
+++ openssh-8.9p1/ssh_config.5
@@ -54,6 +54,9 @@ user's configuration file
.It
system-wide configuration file
.Pq Pa /etc/ssh/ssh_config
+.It
+vendor configuration file
+.Pq Pa /usr/etc/ssh/ssh_config
.El
.Pp
Unless noted otherwise, for each parameter, the first obtained value
@@ -2220,6 +2223,11 @@ This file provides defaults for those
values that are not specified in the user's configuration file, and
for those users who do not have a configuration file.
This file must be world-readable.
+.It Pa /usr/etc/ssh/ssh_config
+Vendor specific configuraiton file.
+This file provides the vendor defaults and is used as fallback if the
+.Ic /etc/ssh/ssh_config
+configuration file does not exist.
.El
.Sh SEE ALSO
.Xr ssh 1
Index: openssh-8.9p1/sshd.c
===================================================================
--- openssh-8.9p1.orig/sshd.c
+++ openssh-8.9p1/sshd.c
@@ -148,7 +148,7 @@ extern char *__progname;
ServerOptions options;
/* Name of the server configuration file. */
-char *config_file_name = _PATH_SERVER_CONFIG_FILE;
+char *config_file_name = NULL;
/*
* Debug mode flag. This can be set on the command line. If debug
@@ -1591,6 +1591,7 @@ prepare_proctitle(int ac, char **av)
int
main(int ac, char **av)
{
+ struct stat st;
struct ssh *ssh = NULL;
extern char *optarg;
extern int optind;
@@ -1806,7 +1807,21 @@ main(int ac, char **av)
*/
(void)atomicio(vwrite, startup_pipe, "\0", 1);
}
+ } else if (config_file_name == NULL) {
+ /* If only the vendor configuration file exists, use that.
+ * Else use the standard configuration file.
+ */
+ if (stat(_PATH_SERVER_VENDOR_CONFIG_FILE, &st) == 0 &&
+ stat(_PATH_SERVER_CONFIG_FILE, &st) == -1) {
+ /* fill with global distributor settings */
+ config_file_name = _PATH_SERVER_VENDOR_CONFIG_FILE;
+ } else {
+ /* load global admin settings */
+ config_file_name = _PATH_SERVER_CONFIG_FILE;
+ }
+ load_server_config(config_file_name, cfg);
} else if (strcasecmp(config_file_name, "none") != 0)
+ /* load config specified on commandline */
load_server_config(config_file_name, cfg);
parse_server_config(&options, rexeced_flag ? "rexec" : config_file_name,
Index: openssh-8.9p1/sshd_config.5
===================================================================
--- openssh-8.9p1.orig/sshd_config.5
+++ openssh-8.9p1/sshd_config.5
@@ -44,7 +44,9 @@
.Xr sshd 8
reads configuration data from
.Pa /etc/ssh/sshd_config
-(or the file specified with
+(
+.Pa /usr/etc/ssh/sshd_config
+if the file does not exist or the file specified with
.Fl f
on the command line).
The file contains keyword-argument pairs, one per line.
Index: openssh-8.9p1/ssh-keysign.c
===================================================================
--- openssh-8.9p1.orig/ssh-keysign.c
+++ openssh-8.9p1/ssh-keysign.c
@@ -186,6 +186,7 @@ main(int argc, char **argv)
u_char *signature, *data, rver;
char *host, *fp, *pkalg;
size_t slen, dlen;
+ struct stat st;
if (pledge("stdio rpath getpw dns id", NULL) != 0)
fatal("%s: pledge: %s", __progname, strerror(errno));
@@ -219,8 +220,14 @@ main(int argc, char **argv)
/* verify that ssh-keysign is enabled by the admin */
initialize_options(&options);
- (void)read_config_file(_PATH_HOST_CONFIG_FILE, pw, "", "",
- &options, 0, NULL);
+
+ if (stat(_PATH_HOST_CONFIG_FILE, &st) == 0)
+ (void)read_config_file(_PATH_HOST_CONFIG_FILE, pw, "", "",
+ &options, 0, NULL);
+ else
+ (void)read_config_file(_PATH_HOST_VENDOR_CONFIG_FILE, pw, "", "",
+ &options, 0, NULL);
+
(void)fill_default_options(&options);
if (options.enable_ssh_keysign != 1)
fatal("ssh-keysign not enabled in %s",

BIN
openssh-9.3p2.tar.gz (Stored with Git LFS) Normal file

Binary file not shown.

16
openssh-9.3p2.tar.gz.asc Normal file
View File

@ -0,0 +1,16 @@
-----BEGIN PGP SIGNATURE-----
iQIzBAABCgAdFiEEcWi5g4FaXu9ZpK39Kj9BTnNgYLoFAmS3g5wACgkQKj9BTnNg
YLrMYw//evjl0mlSnycb85tWASdBWQh28xQCouuqYhDhY+8kt6YpEx34r4zuXvL3
pEN/F1ancNXwvlRPct/tF3OEQVpKHZqiRyfWuHHURSBLaGf9V1b+gQgfM4lEQNtH
8PqRj+ur8E2GMGxvxuDKPcfduCTFrjbPJ/0OCgquuEteSM6dgcClT7q5SKKpTVSa
jV0PaXeYgnaa+u+4GsH01oUteyJNmhvEa4T+fC1RDrct1DiieUQNkaw3pwMqYXA5
8PldGatn/npNM5ZFW4uxTjbib2yJXNIEhUIzo2A00XWRG3jIArtRJwJ6ZSBahUE4
PyasPMhJVIxIaKy5OL4s4FAd1goe2hBlPzmDhUJOhpFniLIZ9dS5AGaX4i2TjsZl
iaIwtE2VLIn3peKZPvm7SCBqyBoiPKC0BfHmVOYs8c1W5Q30jE+kCcTDrJhHl32/
kN5khCHIg6bUc3JzFZM7Ib0tshNP5AY0pyduSEF7SPOB5Zz2E+EwkDmkrnw9FoMh
LCvSERDkBdxWD7okUdb0ARr564lShRjd2UTFZqv3Py4nVfvnP19RgCfakNg0CZ3w
VoLytn8OQ/joAx4GMWox6g5ieYqeQ2kLzXYfXObTlDIjxirFeiBYPh6Ln5oGl81/
jx/172HqCzRDgUogtZ/BTwiLDEzTHG7YS5RDIUYkqEGkkjjj6gg=
=yVD2
-----END PGP SIGNATURE-----

View File

@ -0,0 +1,327 @@
-------------------------------------------------------------------
Fri Jul 21 05:13:56 UTC 2023 - Simon Lees <sflees@suse.de>
- Update to openssh 9.3p2
* No changes for askpass, see main package changelog for
details
-------------------------------------------------------------------
Sun May 28 09:16:44 UTC 2023 - Andreas Stieger <andreas.stieger@gmx.de>
- openssh-askpass-gnome: require only openssh-clients, not the full
openssh (including -server), to avoid pulling in excessive
dependencies when installing git on Gnome (boo#1211446)
-------------------------------------------------------------------
Thu May 11 07:01:54 UTC 2023 - Antonio Larrosa <alarrosa@suse.com>
- Update to openssh 9.3p1
* No changes for askpass, see main package changelog for
details
-------------------------------------------------------------------
Tue Sep 28 19:05:15 UTC 2021 - Hans Petter Jansson <hpj@suse.com>
- Version upgrade to 8.8p1
* No changes for askpass, see main package changelog for
details
-------------------------------------------------------------------
Thu Sep 17 20:41:39 UTC 2020 - Jan Engelhardt <jengelh@inai.de>
- Upgrade some old specfile constructs/macros.
-------------------------------------------------------------------
Thu Sep 10 22:44:00 UTC 2020 - Hans Petter Jansson <hpj@suse.com>
- Supplement openssh-clients instead of openssh (bsc#1176434).
-------------------------------------------------------------------
Thu Jul 18 14:07:56 UTC 2019 - Fabian Vogt <fvogt@suse.com>
- Supplement libgtk-3-0 instead to avoid installation on a textmode install
(boo#1142000)
-------------------------------------------------------------------
Thu Feb 14 10:36:03 UTC 2019 - Tomáš Chvátal <tchvatal@suse.com>
- Supplement the openssh and libx11 together to ensure this package
is installed on machines where there is X stack
-------------------------------------------------------------------
Mon Oct 22 08:59:02 UTC 2018 - Pedro Monreal Gonzalez <pmonrealgonzalez@suse.com>
- Version update to 7.9p1
* No actual changes for the askpass
* See main package changelog for details
-------------------------------------------------------------------
Tue Oct 9 10:52:15 UTC 2018 - Tomáš Chvátal <tchvatal@suse.com>
- Update to 7.8p1:
* no actual changes for the askpass
- Format with spec-cleaner
- Respect cflags
- Use gtk3 rather than gtk2 which is being phased out
-------------------------------------------------------------------
Mon May 21 15:19:03 UTC 2018 - pcerny@suse.com
- Upgrade to 7.7p1 (bsc#1094068)
-------------------------------------------------------------------
Wed Jan 31 22:54:55 UTC 2018 - pcerny@suse.com
- .spec file cleanup
-------------------------------------------------------------------
Fri Nov 3 12:27:18 UTC 2017 - pcerny@suse.com
- upgrade to 7.6p1
see main package changelog for details
-------------------------------------------------------------------
Mon Jul 25 13:45:53 UTC 2016 - meissner@suse.com
- fixed url
-------------------------------------------------------------------
Sun Apr 17 23:27:51 UTC 2016 - pcerny@suse.com
- upgrade to 7.2p2
-------------------------------------------------------------------
Tue Feb 10 13:28:56 UTC 2015 - pcerny@suse.com
- changing license to 2-clause BSD to match source
-------------------------------------------------------------------
Fri Apr 11 21:50:51 UTC 2014 - pcerny@suse.com
- Update of the underlying OpenSSH to 6.6p1
-------------------------------------------------------------------
Wed Feb 12 01:24:16 UTC 2014 - pcerny@suse.com
- Update of the underlying OpenSSH to 6.5p1
-------------------------------------------------------------------
Fri Jan 24 15:13:09 UTC 2014 - pcerny@suse.com
- Update of the underlying OpenSSH to 6.4p1
-------------------------------------------------------------------
Thu Sep 19 02:02:56 UTC 2013 - pcerny@suse.com
- spec file cleanup (don't pointelssly build whole OpenSSH)
-------------------------------------------------------------------
Sat Aug 3 18:12:20 UTC 2013 - crrodriguez@opensuse.org
- Update for 6.2p2
-------------------------------------------------------------------
Tue Nov 13 10:51:12 UTC 2012 - meissner@suse.com
- Updated to 6.1p1, a bugfix release
Features:
* sshd(8): This release turns on pre-auth sandboxing sshd by default for
new installs, by setting UsePrivilegeSeparation=sandbox in sshd_config.
* ssh-keygen(1): Add options to specify starting line number and number of
lines to process when screening moduli candidates, allowing processing
of different parts of a candidate moduli file in parallel
* sshd(8): The Match directive now supports matching on the local (listen)
address and port upon which the incoming connection was received via
LocalAddress and LocalPort clauses.
* sshd(8): Extend sshd_config Match directive to allow setting AcceptEnv
and {Allow,Deny}{Users,Groups}
* Add support for RFC6594 SSHFP DNS records for ECDSA key types. bz#1978
* ssh-keygen(1): Allow conversion of RSA1 keys to public PEM and PKCS8
* sshd(8): Allow the sshd_config PermitOpen directive to accept "none" as
an argument to refuse all port-forwarding requests.
* sshd(8): Support "none" as an argument for AuthorizedPrincipalsFile
* ssh-keyscan(1): Look for ECDSA keys by default. bz#1971
* sshd(8): Add "VersionAddendum" to sshd_config to allow server operators
to append some arbitrary text to the server SSH protocol banner.
Bugfixes:
* ssh(1)/sshd(8): Don't spin in accept() in situations of file
descriptor exhaustion. Instead back off for a while.
* ssh(1)/sshd(8): Remove hmac-sha2-256-96 and hmac-sha2-512-96 MACs as
they were removed from the specification. bz#2023,
* sshd(8): Handle long comments in config files better. bz#2025
* ssh(1): Delay setting tty_flag so RequestTTY options are correctly
picked up. bz#1995
* sshd(8): Fix handling of /etc/nologin incorrectly being applied to root
on platforms that use login_cap.
Portable OpenSSH:
* sshd(8): Allow sshd pre-auth sandboxing to fall-back to the rlimit
sandbox from the Linux SECCOMP filter sandbox when the latter is
not available in the kernel.
* ssh(1): Fix NULL dereference when built with LDNS and using DNSSEC to
retrieve a CNAME SSHFP record.
* Fix cross-compilation problems related to pkg-config. bz#1996
-------------------------------------------------------------------
Wed Jun 27 09:51:19 UTC 2012 - coolo@suse.com
- the gnome askpass does not require the x11 askpass - especially not
in the version of openssh (it's at 1.X)
-------------------------------------------------------------------
Tue May 29 07:14:53 UTC 2012 - meissner@suse.com
- use correct tarball url
- update to 6.0p1.
-------------------------------------------------------------------
Wed Mar 28 11:42:32 UTC 2012 - aj@suse.de
- Add build require on autoconf and automake.
-------------------------------------------------------------------
Wed Dec 21 10:31:42 UTC 2011 - coolo@suse.com
- remove call to suse_update_config (very old work around)
-------------------------------------------------------------------
Wed Oct 19 00:40:15 UTC 2011 - pcerny@suse.com
- Update to 5.9p1
-------------------------------------------------------------------
Fri Feb 4 11:19:14 UTC 2011 - lchiquitto@novell.com
- Update to 5.8p1
-------------------------------------------------------------------
Mon Jan 24 11:51:10 UTC 2011 - lchiquitto@novell.com
- Update to 5.7p1
-------------------------------------------------------------------
Wed Jan 12 13:37:38 CET 2011 - sbrabec@suse.cz
- Removed relics of no more implemented opensc support.
-------------------------------------------------------------------
Tue Aug 24 15:50:17 CEST 2010 - anicka@suse.cz
- update to 5.6p1
-------------------------------------------------------------------
Fri Mar 26 11:04:59 CET 2010 - anicka@suse.cz
- update to 5.4p1
- remove -pam-fix4.diff (in upstream now)
-------------------------------------------------------------------
Mon Feb 23 17:27:22 CET 2009 - anicka@suse.cz
- update to 5.2p1
-------------------------------------------------------------------
Wed Apr 9 14:35:42 CEST 2008 - anicka@suse.cz
- update to 5.0p1
-------------------------------------------------------------------
Wed Apr 2 15:06:01 CEST 2008 - anicka@suse.cz
- update to 4.9p1
-------------------------------------------------------------------
Wed Dec 5 10:56:07 CET 2007 - anicka@suse.cz
- - update to 4.7p1
* Add "-K" flag for ssh to set GSSAPIAuthentication=yes and
GSSAPIDelegateCredentials=yes. This is symmetric with -k
* make scp try to skip FIFOs rather than blocking when nothing is
listening.
* increase default channel windows
* put the MAC list into a display
* many bugfixes
-------------------------------------------------------------------
Tue Dec 12 14:44:41 CET 2006 - anicka@suse.cz
- update to 4.5p1
* Use privsep_pw if we have it, but only require it if we
absolutely need it.
* Correctly check for bad signatures in the monitor, otherwise
the monitor and the unpriv process can get out of sync.
* Clear errno before calling the strtol functions.
* exit instead of doing a blocking tcp send if we detect
a client/server timeout, since the tcp sendqueue might
be already full (of alive requests)
* include signal.h, errno.h, sys/in.h
* some more bugfixes
-------------------------------------------------------------------
Wed Oct 4 12:56:40 CEST 2006 - postadal@suse.cz
- updated to version 4.4p1 [#208662]
* fixed pre-authentication DoS, that would cause sshd(8) to spin
until the login grace time expired
* fixed unsafe signal hander, which was vulnerable to a race condition
that could be exploited to perform a pre-authentication DoS
* fixed a GSSAPI authentication abort that could be used to determine
the validity of usernames on some platforms
* implemented conditional configuration in sshd_config(5) using the
"Match" directive
* added support for Diffie-Hellman group exchange key agreement with a
final hash of SHA256
* added a "ForceCommand", "PermitOpen" directive to sshd_config(5)
* added optional logging of transactions to sftp-server(8)
* ssh(1) will now record port numbers for hosts stored in
~/.ssh/authorized_keys when a non-standard port has been requested
* added an "ExitOnForwardFailure" option to cause ssh(1) to exit (with
a non-zero exit code) when requested port forwardings could not be
established
* extended sshd_config(5) "SubSystem" declarations to allow the
specification of command-line arguments
- removed obsoleted patches: autoconf-fix.patch
-------------------------------------------------------------------
Tue Jul 25 13:40:10 CEST 2006 - schwab@suse.de
- Fix syntax error in configure script.
-------------------------------------------------------------------
Wed Jan 25 21:39:06 CET 2006 - mls@suse.de
- converted neededforbuild to BuildRequires
-------------------------------------------------------------------
Tue Jan 3 15:54:49 CET 2006 - postadal@suse.cz
- updated to version 4.2p1
- removed obsoleted patches: upstream_fixes.diff, gssapi-secfix.patch
-------------------------------------------------------------------
Thu Sep 8 16:20:06 CEST 2005 - postadal@suse.cz
- don't strip
-------------------------------------------------------------------
Thu Aug 4 11:30:18 CEST 2005 - uli@suse.de
- parallelize build
-------------------------------------------------------------------
Fri Jun 10 16:24:22 CEST 2005 - postadal@suse.cz
- updated to version 4.1p1
- removed obsoleted patches: restore_terminal, pam-returnfromsession,
timing-attacks-fix, krb5ccname, gssapi-pam, logdenysource,
sendenv-fix, documentation-fix
-------------------------------------------------------------------
Wed Jan 19 18:25:29 CET 2005 - postadal@suse.cz
- renamed askpass-gnome package to openssh-askpass-gnome
-------------------------------------------------------------------
Wed Jan 19 15:58:07 CET 2005 - postadal@suse.cz
- splited spec file to decreas number of build dependencies

View File

@ -0,0 +1,66 @@
#
# spec file for package openssh-askpass-gnome
#
# Copyright (c) 2020 SUSE LLC
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
# upon. The license for this file, and modifications and additions to the
# file, is the same license as for the pristine package itself (unless the
# license for the pristine package is not an Open Source License, in which
# case the license is the MIT License). An "Open Source License" is a
# license that conforms to the Open Source Definition (Version 1.9)
# published by the Open Source Initiative.
# Please submit bugfixes or comments via https://bugs.opensuse.org/
#
%define _name openssh
Name: openssh-askpass-gnome
Version: 9.3p2
Release: 0
Summary: A GNOME-Based Passphrase Dialog for OpenSSH
License: BSD-2-Clause
Group: Productivity/Networking/SSH
URL: https://www.openssh.com/
Source: https://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/%{_name}-%{version}.tar.gz
Source42: https://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/%{_name}-%{version}.tar.gz.asc
Requires: %{_name}-clients = %{version}
Supplements: packageand(openssh-clients:libgtk-3-0)
%if 0%{?suse_version} >= 1550
BuildRequires: gtk3-devel
%else
BuildRequires: gtk2-devel
%endif
%description
SSH (Secure Shell) is a program for logging into a remote machine and
for executing commands on a remote machine. This package contains a
GNOME-based passphrase dialog for OpenSSH.
%prep
%autosetup -p1 -n %{_name}-%{version}
%build
cd contrib
export CFLAGS="%{optflags}"
%if 0%{?suse_version} >= 1550
%make_build gnome-ssh-askpass3
%else
%make_build gnome-ssh-askpass2
%endif
%install
install -d -m 755 %{buildroot}%{_libexecdir}/ssh/
%if 0%{?suse_version} >= 1550
install contrib/gnome-ssh-askpass3 %{buildroot}%{_libexecdir}/ssh/gnome-ssh-askpass
%else
install contrib/gnome-ssh-askpass2 %{buildroot}%{_libexecdir}/ssh/gnome-ssh-askpass
%endif
%files
%dir %{_libexecdir}/ssh
%attr(0755,root,root) %{_libexecdir}/ssh/gnome-ssh-askpass
%changelog

View File

@ -0,0 +1,399 @@
Index: openssh-9.3p2/PROTOCOL
===================================================================
--- openssh-9.3p2.orig/PROTOCOL
+++ openssh-9.3p2/PROTOCOL
@@ -104,6 +104,25 @@ http://git.libssh.org/users/aris/libssh.
This is identical to curve25519-sha256 as later published in RFC8731.
+1.9 transport: strict key exchange extension
+
+OpenSSH supports a number of transport-layer hardening measures under
+a "strict KEX" feature. This feature is signalled similarly to the
+RFC8305 ext-info feature: by including a additional algorithm in the
+SSH2_MSG_KEXINIT kex_algorithms field. The client may append
+"kex-strict-c-v00@openssh.com" to its kex_algorithms and the server
+may append "kex-strict-s-v00@openssh.com".
+
+When endpoint that supports this extension observes this algorithm
+name in a peer's KEXINIT packet, it MUST make the following changes to
+the the protocol:
+
+a) During initial KEX, terminate the connection if any unexpected or
+ out-of-sequence packet is received. This includes terminating the
+ connection if the first packet received is not SSH2_MSG_KEXINIT.
+b) At each SSH2_MSG_NEWKEYS message, reset the packet sequence number
+ to zero.
+
2. Connection protocol changes
2.1. connection: Channel write close extension "eow@openssh.com"
Index: openssh-9.3p2/kex.c
===================================================================
--- openssh-9.3p2.orig/kex.c
+++ openssh-9.3p2/kex.c
@@ -76,7 +76,7 @@
#include "fips.h"
/* prototype */
-static int kex_choose_conf(struct ssh *);
+static int kex_choose_conf(struct ssh *, uint32_t seq);
static int kex_input_newkeys(int, u_int32_t, struct ssh *);
static const char * const proposal_names[PROPOSAL_MAX] = {
@@ -261,6 +261,18 @@ kex_names_valid(const char *names)
return 1;
}
+/* returns non-zero if proposal contains any algorithm from algs */
+static int
+has_any_alg(const char *proposal, const char *algs)
+{
+ char *cp;
+
+ if ((cp = match_list(proposal, algs, NULL)) == NULL)
+ return 0;
+ free(cp);
+ return 1;
+}
+
/*
* Concatenate algorithm names, avoiding duplicates in the process.
* Caller must free returned string.
@@ -268,7 +280,7 @@ kex_names_valid(const char *names)
char *
kex_names_cat(const char *a, const char *b)
{
- char *ret = NULL, *tmp = NULL, *cp, *p, *m;
+ char *ret = NULL, *tmp = NULL, *cp, *p;
size_t len;
if (a == NULL || *a == '\0')
@@ -285,10 +297,8 @@ kex_names_cat(const char *a, const char
}
strlcpy(ret, a, len);
for ((p = strsep(&cp, ",")); p && *p != '\0'; (p = strsep(&cp, ","))) {
- if ((m = match_list(ret, p, NULL)) != NULL) {
- free(m);
+ if (has_any_alg(ret, p))
continue; /* Algorithm already present */
- }
if (strlcat(ret, ",", len) >= len ||
strlcat(ret, p, len) >= len) {
free(tmp);
@@ -441,15 +451,23 @@ kex_proposal_populate_entries(struct ssh
const char *defpropclient[PROPOSAL_MAX] = { KEX_CLIENT };
const char **defprop = ssh->kex->server ? defpropserver : defpropclient;
u_int i;
+ char *cp;
if (prop == NULL)
fatal_f("proposal missing");
+ /* Append EXT_INFO signalling to KexAlgorithms */
+ if (kexalgos == NULL)
+ kexalgos = defprop[PROPOSAL_KEX_ALGS];
+ if ((cp = kex_names_cat(kexalgos, ssh->kex->server ?
+ "kex-strict-s-v00@openssh.com" :
+ "ext-info-c,kex-strict-c-v00@openssh.com")) == NULL)
+ fatal_f("kex_names_cat");
+
for (i = 0; i < PROPOSAL_MAX; i++) {
switch(i) {
case PROPOSAL_KEX_ALGS:
- prop[i] = compat_kex_proposal(ssh,
- kexalgos ? kexalgos : defprop[i]);
+ prop[i] = compat_kex_proposal(ssh, cp);
break;
case PROPOSAL_ENC_ALGS_CTOS:
case PROPOSAL_ENC_ALGS_STOC:
@@ -470,6 +488,7 @@ kex_proposal_populate_entries(struct ssh
prop[i] = xstrdup(defprop[i]);
}
}
+ free(cp);
}
void
@@ -573,7 +592,12 @@ kex_protocol_error(int type, u_int32_t s
{
int r;
- error("kex protocol error: type %d seq %u", type, seq);
+ /* If in strict mode, any unexpected message is an error */
+ if ((ssh->kex->flags & KEX_INITIAL) && ssh->kex->kex_strict) {
+ ssh_packet_disconnect(ssh, "strict KEX violation: "
+ "unexpected packet type %u (seqnr %u)", type, seq);
+ }
+ error_f("type %u seq %u", type, seq);
if ((r = sshpkt_start(ssh, SSH2_MSG_UNIMPLEMENTED)) != 0 ||
(r = sshpkt_put_u32(ssh, seq)) != 0 ||
(r = sshpkt_send(ssh)) != 0)
@@ -651,7 +675,7 @@ kex_input_ext_info(int type, u_int32_t s
if (ninfo >= 1024) {
error("SSH2_MSG_EXT_INFO with too many entries, expected "
"<=1024, received %u", ninfo);
- return SSH_ERR_INVALID_FORMAT;
+ return dispatch_protocol_error(type, seq, ssh);
}
for (i = 0; i < ninfo; i++) {
if ((r = sshpkt_get_cstring(ssh, &name, NULL)) != 0)
@@ -767,7 +791,7 @@ kex_input_kexinit(int type, u_int32_t se
error_f("no kex");
return SSH_ERR_INTERNAL_ERROR;
}
- ssh_dispatch_set(ssh, SSH2_MSG_KEXINIT, NULL);
+ ssh_dispatch_set(ssh, SSH2_MSG_KEXINIT, &kex_protocol_error);
ptr = sshpkt_ptr(ssh, &dlen);
if ((r = sshbuf_put(kex->peer, ptr, dlen)) != 0)
return r;
@@ -803,7 +827,7 @@ kex_input_kexinit(int type, u_int32_t se
if (!(kex->flags & KEX_INIT_SENT))
if ((r = kex_send_kexinit(ssh)) != 0)
return r;
- if ((r = kex_choose_conf(ssh)) != 0)
+ if ((r = kex_choose_conf(ssh, seq)) != 0)
return r;
if (kex->kex_type < KEX_MAX && kex->kex[kex->kex_type] != NULL)
@@ -1082,20 +1106,14 @@ proposals_match(char *my[PROPOSAL_MAX],
return (1);
}
-/* returns non-zero if proposal contains any algorithm from algs */
static int
-has_any_alg(const char *proposal, const char *algs)
+kexalgs_contains(char **peer, const char *ext)
{
- char *cp;
-
- if ((cp = match_list(proposal, algs, NULL)) == NULL)
- return 0;
- free(cp);
- return 1;
+ return has_any_alg(peer[PROPOSAL_KEX_ALGS], ext);
}
static int
-kex_choose_conf(struct ssh *ssh)
+kex_choose_conf(struct ssh *ssh, uint32_t seq)
{
struct kex *kex = ssh->kex;
struct newkeys *newkeys;
@@ -1120,13 +1138,23 @@ kex_choose_conf(struct ssh *ssh)
sprop=peer;
}
- /* Check whether client supports ext_info_c */
- if (kex->server && (kex->flags & KEX_INITIAL)) {
- char *ext;
-
- ext = match_list("ext-info-c", peer[PROPOSAL_KEX_ALGS], NULL);
- kex->ext_info_c = (ext != NULL);
- free(ext);
+ /* Check whether peer supports ext_info/kex_strict */
+ if ((kex->flags & KEX_INITIAL) != 0) {
+ if (kex->server) {
+ kex->ext_info_c = kexalgs_contains(peer, "ext-info-c");
+ kex->kex_strict = kexalgs_contains(peer,
+ "kex-strict-c-v00@openssh.com");
+ } else {
+ kex->kex_strict = kexalgs_contains(peer,
+ "kex-strict-s-v00@openssh.com");
+ }
+ if (kex->kex_strict) {
+ debug3_f("will use strict KEX ordering");
+ if (seq != 0)
+ ssh_packet_disconnect(ssh,
+ "strict KEX violation: "
+ "KEXINIT was not the first packet");
+ }
}
/* Check whether client supports rsa-sha2 algorithms */
Index: openssh-9.3p2/kex.h
===================================================================
--- openssh-9.3p2.orig/kex.h
+++ openssh-9.3p2/kex.h
@@ -157,6 +157,7 @@ struct kex {
u_int kex_type;
char *server_sig_algs;
int ext_info_c;
+ int kex_strict;
struct sshbuf *my;
struct sshbuf *peer;
struct sshbuf *client_version;
Index: openssh-9.3p2/packet.c
===================================================================
--- openssh-9.3p2.orig/packet.c
+++ openssh-9.3p2/packet.c
@@ -1236,6 +1236,11 @@ ssh_packet_send2_wrapped(struct ssh *ssh
state->p_send.bytes += len;
sshbuf_reset(state->outgoing_packet);
+ if (type == SSH2_MSG_NEWKEYS && ssh->kex->kex_strict) {
+ debug_f("resetting send seqnr %u", state->p_send.seqnr);
+ state->p_send.seqnr = 0;
+ }
+
if (type == SSH2_MSG_NEWKEYS)
r = ssh_set_newkeys(ssh, MODE_OUT);
else if (type == SSH2_MSG_USERAUTH_SUCCESS && state->server_side)
@@ -1364,8 +1369,7 @@ ssh_packet_read_seqnr(struct ssh *ssh, u
/* Stay in the loop until we have received a complete packet. */
for (;;) {
/* Try to read a packet from the buffer. */
- r = ssh_packet_read_poll_seqnr(ssh, typep, seqnr_p);
- if (r != 0)
+ if ((r = ssh_packet_read_poll_seqnr(ssh, typep, seqnr_p)) != 0)
break;
/* If we got a packet, return it. */
if (*typep != SSH_MSG_NONE)
@@ -1649,6 +1630,7 @@ ssh_packet_read_poll2(struct ssh *ssh, u
if ((r = sshbuf_consume(state->input, mac->mac_len)) != 0)
goto out;
}
+
if (seqnr_p != NULL)
*seqnr_p = state->p_read.seqnr;
if (++state->p_read.seqnr == 0)
@@ -1718,6 +1700,10 @@ ssh_packet_read_poll2(struct ssh *ssh, u
#endif
/* reset for next packet */
state->packlen = 0;
+ if (*typep == SSH2_MSG_NEWKEYS && ssh->kex->kex_strict) {
+ debug_f("resetting read seqnr %u", state->p_read.seqnr);
+ state->p_read.seqnr = 0;
+ }
if ((r = ssh_packet_check_rekey(ssh)) != 0)
return r;
@@ -1738,10 +1724,39 @@ ssh_packet_read_poll_seqnr(struct ssh *s
r = ssh_packet_read_poll2(ssh, typep, seqnr_p);
if (r != 0)
return r;
- if (*typep) {
- state->keep_alive_timeouts = 0;
- DBG(debug("received packet type %d", *typep));
+ if (*typep == 0) {
+ /* no message ready */
+ return 0;
}
+ state->keep_alive_timeouts = 0;
+ DBG(debug("received packet type %d", *typep));
+
+ /* Always process disconnect messages */
+ if (*typep == SSH2_MSG_DISCONNECT) {
+ if ((r = sshpkt_get_u32(ssh, &reason)) != 0 ||
+ (r = sshpkt_get_string(ssh, &msg, NULL)) != 0)
+ return r;
+ /* Ignore normal client exit notifications */
+ do_log2(ssh->state->server_side &&
+ reason == SSH2_DISCONNECT_BY_APPLICATION ?
+ SYSLOG_LEVEL_INFO : SYSLOG_LEVEL_ERROR,
+ "Received disconnect from %s port %d:"
+ "%u: %.400s", ssh_remote_ipaddr(ssh),
+ ssh_remote_port(ssh), reason, msg);
+ free(msg);
+ return SSH_ERR_DISCONNECTED;
+ }
+
+ /*
+ * Do not implicitly handle any messages here during initial
+ * KEX when in strict mode. They will be need to be allowed
+ * explicitly by the KEX dispatch table or they will generate
+ * protocol errors.
+ */
+ if (ssh->kex != NULL &&
+ (ssh->kex->flags & KEX_INITIAL) && ssh->kex->kex_strict)
+ return 0;
+ /* Implicitly handle transport-level messages */
switch (*typep) {
case SSH2_MSG_IGNORE:
debug3("Received SSH2_MSG_IGNORE");
@@ -1756,19 +1771,6 @@ ssh_packet_read_poll_seqnr(struct ssh *s
debug("Remote: %.900s", msg);
free(msg);
break;
- case SSH2_MSG_DISCONNECT:
- if ((r = sshpkt_get_u32(ssh, &reason)) != 0 ||
- (r = sshpkt_get_string(ssh, &msg, NULL)) != 0)
- return r;
- /* Ignore normal client exit notifications */
- do_log2(ssh->state->server_side &&
- reason == SSH2_DISCONNECT_BY_APPLICATION ?
- SYSLOG_LEVEL_INFO : SYSLOG_LEVEL_ERROR,
- "Received disconnect from %s port %d:"
- "%u: %.400s", ssh_remote_ipaddr(ssh),
- ssh_remote_port(ssh), reason, msg);
- free(msg);
- return SSH_ERR_DISCONNECTED;
case SSH2_MSG_UNIMPLEMENTED:
if ((r = sshpkt_get_u32(ssh, &seqnr)) != 0)
return r;
@@ -2300,6 +2302,7 @@ kex_to_blob(struct sshbuf *m, struct kex
(r = sshbuf_put_u32(m, kex->hostkey_type)) != 0 ||
(r = sshbuf_put_u32(m, kex->hostkey_nid)) != 0 ||
(r = sshbuf_put_u32(m, kex->kex_type)) != 0 ||
+ (r = sshbuf_put_u32(m, kex->kex_strict)) != 0 ||
(r = sshbuf_put_stringb(m, kex->my)) != 0 ||
(r = sshbuf_put_stringb(m, kex->peer)) != 0 ||
(r = sshbuf_put_stringb(m, kex->client_version)) != 0 ||
@@ -2462,6 +2465,7 @@ kex_from_blob(struct sshbuf *m, struct k
(r = sshbuf_get_u32(m, (u_int *)&kex->hostkey_type)) != 0 ||
(r = sshbuf_get_u32(m, (u_int *)&kex->hostkey_nid)) != 0 ||
(r = sshbuf_get_u32(m, &kex->kex_type)) != 0 ||
+ (r = sshbuf_get_u32(m, &kex->kex_strict)) != 0 ||
(r = sshbuf_get_stringb(m, kex->my)) != 0 ||
(r = sshbuf_get_stringb(m, kex->peer)) != 0 ||
(r = sshbuf_get_stringb(m, kex->client_version)) != 0 ||
@@ -2790,6 +2794,7 @@ sshpkt_disconnect(struct ssh *ssh, const
vsnprintf(buf, sizeof(buf), fmt, args);
va_end(args);
+ debug2_f("sending SSH2_MSG_DISCONNECT: %s", buf);
if ((r = sshpkt_start(ssh, SSH2_MSG_DISCONNECT)) != 0 ||
(r = sshpkt_put_u32(ssh, SSH2_DISCONNECT_PROTOCOL_ERROR)) != 0 ||
(r = sshpkt_put_cstring(ssh, buf)) != 0 ||
Index: openssh-9.3p2/sshconnect2.c
===================================================================
--- openssh-9.3p2.orig/sshconnect2.c
+++ openssh-9.3p2/sshconnect2.c
@@ -420,7 +420,6 @@ struct cauthmethod {
};
static int input_userauth_service_accept(int, u_int32_t, struct ssh *);
-static int input_userauth_ext_info(int, u_int32_t, struct ssh *);
static int input_userauth_success(int, u_int32_t, struct ssh *);
static int input_userauth_failure(int, u_int32_t, struct ssh *);
static int input_userauth_banner(int, u_int32_t, struct ssh *);
@@ -540,7 +539,7 @@ ssh_userauth2(struct ssh *ssh, const cha
ssh->authctxt = &authctxt;
ssh_dispatch_init(ssh, &input_userauth_error);
- ssh_dispatch_set(ssh, SSH2_MSG_EXT_INFO, &input_userauth_ext_info);
+ ssh_dispatch_set(ssh, SSH2_MSG_EXT_INFO, kex_input_ext_info);
ssh_dispatch_set(ssh, SSH2_MSG_SERVICE_ACCEPT, &input_userauth_service_accept);
ssh_dispatch_run_fatal(ssh, DISPATCH_BLOCK, &authctxt.success); /* loop until success */
pubkey_cleanup(ssh);
@@ -591,12 +590,6 @@ input_userauth_service_accept(int type,
return r;
}
-static int
-input_userauth_ext_info(int type, u_int32_t seqnr, struct ssh *ssh)
-{
- return kex_input_ext_info(type, seqnr, ssh);
-}
-
void
userauth(struct ssh *ssh, char *authlist)
{
@@ -675,6 +668,7 @@ input_userauth_success(int type, u_int32
free(authctxt->methoddata);
authctxt->methoddata = NULL;
authctxt->success = 1; /* break out */
+ ssh_dispatch_set(ssh, SSH2_MSG_EXT_INFO, dispatch_protocol_error);
return 0;
}

View File

@ -0,0 +1,19 @@
--- openssh-8.4p1.orig/auth-pam.c 2020-09-27 09:25:01.000000000 +0200
+++ openssh-8.4p1/auth-pam.c 2022-03-04 13:02:23.447712697 +0100
@@ -638,10 +638,12 @@
switch (PAM_MSG_MEMBER(msg, i, msg_style)) {
case PAM_ERROR_MSG:
case PAM_TEXT_INFO:
- if ((r = sshbuf_putf(loginmsg, "%s\n",
- PAM_MSG_MEMBER(msg, i, msg))) != 0)
- fatal("%s: buffer error: %s",
- __func__, ssh_err(r));
+ if (strlen(PAM_MSG_MEMBER(msg, i, msg)) != 0) {
+ if ((r = sshbuf_putf(loginmsg, "%s\n",
+ PAM_MSG_MEMBER(msg, i, msg))) != 0)
+ fatal("%s: buffer error: %s",
+ __func__, ssh_err(r));
+ }
reply[i].resp_retcode = PAM_SUCCESS;
break;
default:

View File

@ -0,0 +1,78 @@
commit 15c95d6eb2e8bc549719578c9a16541015363360
Author: Hans Petter Jansson <hpj@hpjansson.org>
Date: Mon Oct 26 22:26:46 2020 +0100
Ensure DHGs are approved in FIPS mode using OpenSSL's DH_check_params()
Index: openssh-8.8p1/dh.c
===================================================================
--- openssh-8.8p1.orig/dh.c
+++ openssh-8.8p1/dh.c
@@ -155,6 +155,28 @@ parse_prime(int linenum, char *line, str
return 0;
}
+static int
+dhg_is_approved(const struct dhgroup *dhg)
+{
+ BIGNUM *g, *p;
+ DH *dh;
+ int dh_status;
+ int is_ok = 0;
+
+ /* DH_set0_pqg() transfers ownership of the bignums, so we
+ * make temporary copies here for simplicity. */
+ g = BN_dup(dhg->g);
+ p = BN_dup(dhg->p);
+ dh = dh_new_group(g, p);
+
+ if (dh) {
+ is_ok = DH_check_params(dh, &dh_status);
+ }
+
+ DH_free(dh);
+ return is_ok;
+}
+
DH *
choose_dh(int min, int wantbits, int max)
{
@@ -173,12 +195,20 @@ choose_dh(int min, int wantbits, int max
linenum = 0;
best = bestcount = 0;
while (getline(&line, &linesize, f) != -1) {
+ int dhg_is_ok;
+
linenum++;
if (!parse_prime(linenum, line, &dhg))
continue;
+
+ dhg_is_ok = dhg_is_approved(&dhg);
+
BN_clear_free(dhg.g);
BN_clear_free(dhg.p);
+ if (!dhg_is_ok)
+ continue;
+
if (dhg.size > max || dhg.size < min)
continue;
@@ -206,10 +236,16 @@ choose_dh(int min, int wantbits, int max
linenum = 0;
bestcount = 0;
while (getline(&line, &linesize, f) != -1) {
+ int dhg_is_ok;
+
linenum++;
if (!parse_prime(linenum, line, &dhg))
continue;
- if ((dhg.size > max || dhg.size < min) ||
+
+ dhg_is_ok = dhg_is_approved(&dhg);
+
+ if (!dhg_is_ok ||
+ (dhg.size > max || dhg.size < min) ||
dhg.size != best ||
bestcount++ != which) {
BN_clear_free(dhg.g);

View File

@ -0,0 +1,15 @@
Index: openssh-8.8p1/Makefile.in
===================================================================
--- openssh-8.8p1.orig/Makefile.in
+++ openssh-8.8p1/Makefile.in
@@ -252,8 +252,8 @@ ssh-keyscan$(EXEEXT): $(LIBCOMPAT) libss
ssh-ldap-helper$(EXEEXT): $(LIBCOMPAT) libssh.a ldapconf.o ldapbody.o ldapmisc.o ldap-helper.o
$(LD) -o $@ ldapconf.o ldapbody.o ldapmisc.o ldap-helper.o $(LDFLAGS) -lssh -lopenbsd-compat -lssh -lopenbsd-compat $(LIBS)
-sftp-server$(EXEEXT): $(LIBCOMPAT) libssh.a $(SFTPSERVER_OBJS)
- $(LD) -o $@ $(SFTPSERVER_OBJS) $(LDFLAGS) -lssh -lopenbsd-compat -lssh $(LIBS)
+sftp-server$(EXEEXT): $(LIBCOMPAT) libssh.a ssh-sk.o sk-usbhid.o $(SFTPSERVER_OBJS)
+ $(LD) -o $@ $(SFTPSERVER_OBJS) ssh-sk.o sk-usbhid.o $(LDFLAGS) -lssh -lopenbsd-compat -lssh $(LIBS) $(LIBFIDO2)
sftp$(EXEEXT): $(LIBCOMPAT) libssh.a $(SFTP_OBJS)
$(LD) -o $@ $(SFTP_OBJS) $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS) $(LIBEDIT)

125
openssh-openssl-3.patch Normal file
View File

@ -0,0 +1,125 @@
---
fips.c | 5 +++++
kex.c | 61 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++-
2 files changed, 65 insertions(+), 1 deletion(-)
--- a/fips.c
+++ b/fips.c
@@ -48,6 +48,11 @@
static int fips_state = -1;
+#if (OPENSSL_VERSION_NUMBER >= 0x30000000L)
+# define FIPS_mode() EVP_default_properties_is_fips_enabled(NULL)
+# define FIPS_mode_set(x) EVP_default_properties_enable_fips(NULL,x)
+#endif
+
/* calculates HMAC of contents of a file given by filename using the hash
* algorithm specified by FIPS_HMAC_EVP in fips.h and placing the result into
* newly allacated memory - remember to free it when not needed anymore */
--- a/kex.c
+++ b/kex.c
@@ -41,6 +41,9 @@
#include <openssl/crypto.h>
#include <openssl/dh.h>
#include <openssl/kdf.h>
+# if (OPENSSL_VERSION_NUMBER >= 0x30000000L)
+# include <openssl/core_names.h>
+# endif
#endif
#include "ssh.h"
@@ -1191,14 +1194,61 @@ derive_key_via_openssl(struct ssh *ssh,
{
struct kex *kex = ssh->kex;
EVP_KDF_CTX *hashctx = NULL;
- const EVP_MD *md = NULL;
u_char *digest = NULL;
int r = SSH_ERR_LIBCRYPTO_ERROR;
+# if (OPENSSL_VERSION_NUMBER >= 0x30000000L)
+ OSSL_PARAM params[6], *p = params;
+ char type = (char) id;
+ EVP_KDF *kdf = EVP_KDF_fetch (NULL, "SSHKDF", NULL);
+ if (!kdf)
+ goto out;
+ hashctx = EVP_KDF_CTX_new (kdf);
+# else
+ const EVP_MD *md = NULL;
hashctx = EVP_KDF_CTX_new_id (EVP_KDF_SSHKDF);
+# endif
if (!hashctx)
goto out;
+# if (OPENSSL_VERSION_NUMBER >= 0x30000000L)
+ switch (kex->hash_alg)
+ {
+ case SSH_DIGEST_MD5:
+ *p++ = OSSL_PARAM_construct_utf8_string(OSSL_KDF_PARAM_DIGEST,
+ SN_md5, strlen(SN_md5));
+ break;
+ case SSH_DIGEST_SHA1:
+ *p++ = OSSL_PARAM_construct_utf8_string(OSSL_KDF_PARAM_DIGEST,
+ SN_sha1, strlen(SN_sha1));
+ break;
+ case SSH_DIGEST_SHA256:
+ *p++ = OSSL_PARAM_construct_utf8_string(OSSL_KDF_PARAM_DIGEST,
+ SN_sha256, strlen(SN_sha256));
+ break;
+ case SSH_DIGEST_SHA384:
+ *p++ = OSSL_PARAM_construct_utf8_string(OSSL_KDF_PARAM_DIGEST,
+ SN_sha384, strlen(SN_sha384));
+ break;
+ case SSH_DIGEST_SHA512:
+ *p++ = OSSL_PARAM_construct_utf8_string(OSSL_KDF_PARAM_DIGEST,
+ SN_sha512, strlen(SN_sha512));
+ break;
+ default:
+ goto out;
+ }
+
+ *p++ = OSSL_PARAM_construct_octet_string(OSSL_KDF_PARAM_KEY,
+ sshbuf_ptr(shared_secret), sshbuf_len(shared_secret));
+ *p++ = OSSL_PARAM_construct_octet_string(OSSL_KDF_PARAM_SSHKDF_XCGHASH,
+ hash, (size_t) hashlen);
+ *p++ = OSSL_PARAM_construct_octet_string(OSSL_KDF_PARAM_SSHKDF_SESSION_ID,
+ sshbuf_ptr(kex->session_id), (size_t) sshbuf_len(kex->session_id));
+ *p++ = OSSL_PARAM_construct_utf8_string(OSSL_KDF_PARAM_SSHKDF_TYPE,
+ &type, sizeof(type));
+ *p = OSSL_PARAM_construct_end();
+
+# else
md = get_openssl_md_for_hash_alg (kex->hash_alg);
if (!md)
goto out;
@@ -1215,6 +1265,7 @@ derive_key_via_openssl(struct ssh *ssh,
sshbuf_ptr(kex->session_id),
(size_t) sshbuf_len(kex->session_id)) != 1)
goto out;
+# endif
digest = calloc (1, need);
if (!digest) {
@@ -1222,7 +1273,11 @@ derive_key_via_openssl(struct ssh *ssh,
goto out;
}
+# if (OPENSSL_VERSION_NUMBER >= 0x30000000L)
+ if (EVP_KDF_derive (hashctx, digest, need, params) != 1)
+# else
if (EVP_KDF_derive (hashctx, digest, need) != 1)
+# endif
goto out;
*keyp = digest;
@@ -1233,6 +1288,10 @@ derive_key_via_openssl(struct ssh *ssh,
if (hashctx)
EVP_KDF_CTX_free(hashctx);
+# if (OPENSSL_VERSION_NUMBER >= 0x30000000L)
+ EVP_KDF_free(kdf);
+# endif
+
if (digest)
free(digest);

View File

@ -0,0 +1,41 @@
Index: openssh-8.9p1/myproposal.h
===================================================================
--- openssh-8.9p1.orig/myproposal.h
+++ openssh-8.9p1/myproposal.h
@@ -34,7 +34,8 @@
"diffie-hellman-group-exchange-sha256," \
"diffie-hellman-group16-sha512," \
"diffie-hellman-group18-sha512," \
- "diffie-hellman-group14-sha256"
+ "diffie-hellman-group14-sha256," \
+ "diffie-hellman-group14-sha1"
#define KEX_CLIENT_KEX KEX_SERVER_KEX
Index: openssh-8.9p1/ssh_config.5
===================================================================
--- openssh-8.9p1.orig/ssh_config.5
+++ openssh-8.9p1/ssh_config.5
@@ -1228,7 +1228,8 @@ sntrup761x25519-sha512@openssh.com,
diffie-hellman-group-exchange-sha256,
diffie-hellman-group16-sha512,
diffie-hellman-group18-sha512,
-diffie-hellman-group14-sha256
+diffie-hellman-group14-sha256,
+diffie-hellman-group14-sha1
.Ed
.Pp
The list of available key exchange algorithms may also be obtained using
Index: openssh-8.9p1/sshd_config.5
===================================================================
--- openssh-8.9p1.orig/sshd_config.5
+++ openssh-8.9p1/sshd_config.5
@@ -996,7 +996,7 @@ ecdh-sha2-nistp256,ecdh-sha2-nistp384,ec
ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,
diffie-hellman-group-exchange-sha256,
diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,
-diffie-hellman-group14-sha256
+diffie-hellman-group14-sha256,diffie-hellman-group14-sha1
.Ed
.Pp
The list of available key exchange algorithms may also be obtained using

View File

@ -0,0 +1,34 @@
Index: openssh-8.8p1/sandbox-seccomp-filter.c
===================================================================
--- openssh-8.8p1.orig/sandbox-seccomp-filter.c
+++ openssh-8.8p1/sandbox-seccomp-filter.c
@@ -201,6 +201,9 @@ static const struct sock_filter preauth_
#ifdef __NR_close
SC_ALLOW(__NR_close),
#endif
+#ifdef __NR_close_range
+ SC_ALLOW(__NR_close_range),
+#endif
#ifdef __NR_exit
SC_ALLOW(__NR_exit),
#endif
@@ -213,6 +216,9 @@ static const struct sock_filter preauth_
#ifdef __NR_futex_time64
SC_FUTEX(__NR_futex_time64),
#endif
+#ifdef __NR_futex_time64
+ SC_ALLOW(__NR_futex_time64),
+#endif
#ifdef __NR_geteuid
SC_ALLOW(__NR_geteuid),
#endif
@@ -293,6 +299,9 @@ static const struct sock_filter preauth_
#endif
#ifdef __NR_pselect6_time64
SC_ALLOW(__NR_pselect6_time64),
+#endif
+#ifdef __NR_pselect6_time64
+ SC_ALLOW(__NR_pselect6_time64),
#endif
#ifdef __NR_read
SC_ALLOW(__NR_read),

5762
openssh.changes Normal file

File diff suppressed because it is too large Load Diff

353
openssh.keyring Normal file
View File

@ -0,0 +1,353 @@
-----BEGIN PGP PUBLIC KEY BLOCK-----
mQGiBDqa5pwRBADJSEyXXsgXiyytN93prDPTPmrueRP9lQQfgaQvCvqK0bN0AF1Z
Vxxk9wlSXQp3+Qw5+qqsN5ovzsn39r9pqGslfCqQn9ACTmsn42+VCyW4hdwUGSBS
5myh65ZJTK1ufWCZFssxQ0EiALagu4DlH6Z2O7tFDnJNagF55vlnK0uMQwCg/8RU
QYDmisEHjkarAapPaupxjhkD/j9riCVasWPYJwAuhiQWAKxGRwp/ZyTaWCSERUBR
4Dg9QxpuwHKIT8BeDA3hJa/9Yxu5jec2NVKbtVSZvRkgUfRNOkrcH2eiY8Iz6est
J64dGWuGMKQW0GEqW+OXpRTTPJZ0mgPmU16qDzLPdx6F3BAk2LG+TTwlKUPuGqOt
6u2EA/4+1CBYZ8mXq9GJnLRBPAoYwSJJzbQnMm9Jat/yg9N6nigSIiFyG8ixh167
gGGKfzvpjY7DeJzDI0Cub+tRova8gFg+T15AcPMST5v7v6O/ug9aYWERZ0zjUhRH
ybtYLYhUUbdYM29PwGBNfZhGIOYwfFE9UpPS5LeXHs28oVLlH4jcBCARAgCcBQJS
ppQ+lR0BVGhpcyBrZXkgaGFzIGJlZW4gc3VwZXJzZWRlZCBieSBrZXkgSUQgNkQ5
MjBEMzAKS2V5IGZpbmdlcnByaW50ID0gNTlDMiAxMThFIEQyMDYgRDkyNyBFNjY3
ICBFQkUzIEQzRTUgRjU2QiA2RDkyIDBEMzAKUGxlYXNlIHVwZGF0ZSB0byB0aGlz
IG5ldyBrZXkuAAoJEM6OywOG/5xIWdMAoJZA/6ls+J6YIpVDFHkb4/8fl0w4AJ90
K3I7hssc7QuWHfPlq3EozRtjIbQuRGFtaWVuIE1pbGxlciAoUGVyc29uYWwgS2V5
KSA8ZGptQG1pbmRyb3Qub3JnPohXBBMRAgAXBQI6muacBQsHCgMEAxUDAgMWAgEC
F4AACgkQzo7LA4b/nEiDMgCZAUzKq241h5GTJxC0guS6ht9i9ZsAoL/oXCmFsofA
RehZF6AakIdasvS9iEYEExECAAYFAj77h64ACgkQmD+U6HbiLS3r4ACfclqiFP6E
TBkTbjqC328yXlT2rlEAnR6Wv3SNayY4jOgfxCMxi61S2CkAiQGsBBABAgAGBQJS
ppEIAAoJENPl9Wttkg0wMMsMf0tC6QkZnCkTiEVSar2Bd0gJWRCZOGgWwYnXVXif
5UaQhRgfXyXDxADWi76UYl4v8UFrH9yODXhZM0hoNbt6T98stHmw3dIvrYfhRgQ0
83p/N7II3i1iDJDUZ9PA8n4c5BWXirOUXPxtp23WgsEqG5DaN3CGo99YZO8aB3AH
hWd8xvGGDOKOMpAPQekgG/CZw3pcdaSOsZvOEOnbk/VuI2DVjTu/hX0PmRKkfeVf
aafi6bcDkm8Vs7Sw4TIrNmGJTKIDhwXSrFlDfs/CmZJUxzP/S7W+dZ4kvESDSWia
wmxQFMIxRqgHeLiRHYXCL5Fg+WYFv+EMj/ta5PVot86/iWfrj0MRKZFCpRfDjqTv
t0G0ziOW9kTFK8TpxBacJR7n4whM6SNf6L9onHn7xqx2r0J8TLcua9hTvapuNPdL
y1cxAKMZO8q10AMGkYd03qLlHxtgKXBeWkV/UYAc1zArv4JFdWTraLbIHmi8jpvE
NM3qcNWuNVyiTi4Kxum+CFd8V7b4X/6yBLRD/U6/dMUy4LiIVwQTEQIAFwUCOprm
nAULBwoDBAMVAwIDFgIBAheAAAoJEM6OywOG/5xIgzIAnjRm47SkL5RQ9lDvVdm5
SmNw0HX0AKC+AssIfepBFkPIFBSLcNoSWiTkzrkCDQQ6mubUEAgA8/15wnMpXvYZ
sYMp7a9+WUCSsfYOn7QcNe/CUsDNzuyTThqd/fBIeEPa5BKeTR9alXnBvedxbnnU
/SAF6q/KY6ebXajGAnGisvmidEsNc1Q9lTmN4e0sn1NuaXGIhxGtYK3yj1aFpudy
MFhlVbarheXYpgHu+fg9Gl8lQjr9BM/cICUeh+vZaeP3A9hsjWhmq8GPRy7xxb1z
jWNqpvxleTo8jlDuNYJkOKcl0IfoKHBRR6zNAM73iLMIDaSdMTVl1/IlxrK92Ar6
puyaCFPSSsQ1fvem8Qy303SqaC2Cm+vFnbZgMpbIqOfomX1rXTm/16ZNmMeS3Wnc
vf/p95unLwAFEQgAq76FUm3dDEdBVl/mwWdDY0nDQaN5D0kgp0Oo0R6JJM+ea/jB
3u3asQid6Zru2kTpdn4LoOsKG/u/ql3ypHv03U+sLgm+AnRUurT4D632FfosKtjQ
fwWrXjxoO2elAC2lC0NJvNwwhFSyTZ43phHSKLkoXpYpAADu0AyjK+7wIx/J9M8D
KcETF57wjOs2JUvYtZDpvC1QE5NFsooaUBkmk7pHT4ypRu7CsDLttLLCvQxlaT4L
pU2e6x6l5eI7mPC0No+HTzWj6ClhvCbgVQrMn9g+hjVvez3ykEpMxXmbG1QeEkUK
1U3IYAUmKMUVVt3y5P8nN0wuQG4ehqY+Is2sFIhGBBgRAgAGBQI6mubUAAoJEM6O
ywOG/5xIH7YAnRyGVA1QFg0WubIkovAKLPiIsgIAAJ9NsBjpdVqP2CfkWPnOijef
E5gDxJkBogQ3R/zyEQQAsWguKhytuM/8IwqKRSQBPaHRTyVMjsvLr7uUIoW2qf0V
VDVxuSXy4K/k43Q/ssw2nDipUkS74vMgGzgUQk4BI0LkoPSIVoXo+v65KCSbrMNY
m7lGGN7ZkFg5zWDfdVFiN5P/tUg91UfmCI71zp78SltyBM+FLPJhBYE0dvkHDjMA
oN744XCDTRMARJLK8DH1O3eTkE+1A/9brypK8VFX1+J3jfZmz7nD2St9+6/rkcM+
P8V7bHHttSVLswhTZ8bMZv5aJjsyyPrnFFLmlPddaQDND1fVFevrHOTbSnMjt8lK
Ksh4z+FFCQTB8wtpXbs2xHjny1Oy8kwiCnYCtDr3fOYnoqFkCMwT2ulbcKGZ3L6k
neUGSvWOhAQArqhDaGwsZfkvzirG9vo/PFBwdeKNj/tDOE+1SQasDT0L3gd/tfmZ
LBCed2yQ7axppQlQRIcNL24+GHefTY5Y92T7GLVIg2cK5JUtMKMmgWj3szyXi5Oc
QKxQdhmBgsWutyJj6SlAHSDrjFhVabIeJKuyuZzxhyvmSzzjBsugsayIUQQgEQIA
CQUCOprFaAIdAQASCRCiuYn1EbV0jwdlR1BHAAEB6xwAn3FxEH2wPVFlzVKf09Sh
uwEfspiYAKCkKEhT4qVjGQ2D4cwgtoZ03pQgELQlRGFtaWVuIE1pbGxlciA8ZG1p
bGxlckBpbG9naWMuY29tLmF1PohfBBMRAgAXBQI6JFsGBQsHCgMEAxUDAgMWAgEC
F4AAEgkQormJ9RG1dI8HZUdQRwABAU4BAKCFIZWrqfMjc8zKhnfoTSEAt/ojUwCf
eqkKspOp6Uqq1tlr1oyYmN5P5Y6IRgQQEQIABgUCODCW/wAKCRB9nsJ2HENBrF/D
AJ48befkKUUGogX4tPfIAzbu+auUPwCgp41iiMRqeqgWbsG1ujpDnVQRp/y0H0Rh
bWllbiBNaWxsZXIgPGRqbUBtaW5kcm90Lm9yZz6IXwQTEQIAFwUCOiRbLwULBwoD
BAMVAwIDFgIBAheAABIJEKK5ifURtXSPB2VHUEcAAQG/QQCcD+0bmcV5aYRb8JQ9
Q+DeKi2fqfwAoJ0g1TDjN+ZpKAaOI95waVgGjYAhiEYEEBECAAYFAjgwlwgACgkQ
fZ7CdhxDQazdMwCcCWb+3Ehg/wK6nrIebHYlDBwcYLAAoMXIboTxrdRh71R3/4Pd
zTR9g2vQtCVEYW1pZW4gTWlsbGVyIDxkbWlsbGVyQHZpdG5ldC5jb20uc2c+iF8E
ExECABcFAjokWy8FCwcKAwQDFQMCAxYCAQIXgAASCRCiuYn1EbV0jwdlR1BHAAEB
9qQAnAzpzF24V7K84PQTKQ0V5a1EiGmBAKDIg1wPX7ZSRDHBrAaLKpEirnj1MIhG
BBARAgAGBQI4MJcIAAoJEH2ewnYcQ0GsnfYAmwZq27x3h0EV0t+0i3j7dClD5eMX
AJwP4AvyuGuyz3qGOYxXG/1RuhqoubkBDQQ3R/0CEAQA35tSeji8z1JVaQApKuEK
VhZAm2zaZLFiAusKqS+/RXUhIFTI7Du/dJTPODm3pLQEnF4evo3qgokSP5rf5Y++
JPUfkS6NTons29mnCVyWPl8+3yJaTPbX708e+r5ZWuN30c9dl8Br7mHzJrsTRumT
9qSVPUklzv77JOAxBGTEhAcAAwUD/0MelpnyrZNVFja/xObo/OL4r6mwwO0pyK1Q
qE8AuGO37Ug0WO6QNxgFLKR8l+9sod6q4KAEBxhA0DiVrJFNkTuza6HR5i22Y4ei
VNbPC8IqRuF6o4KC3zejZgpPpApqrO0mMmo7GXcBpkpCS8vzJ09EvfExbALB0Jku
GQn7SImsiEkEKBECAAkFAjqaxBECHQEACgkQormJ9RG1dI9+GwCfTEqyOILSu5Nz
DhcUrqpknPlXX/YAoI/vfDq8kQG0QldbtWsC+MWQH9zsiFQEGBECAAwFAjdH/QIF
CQLH6gAAEgkQormJ9RG1dI8HZUdQRwABAfKmAJ9EMdNbg94wSQrHb8oKVAKfjFZt
TACgusXeU8duOaTgSb89XrAGCTb3THu5AQ0EOiRfFRQEAOelb5M0Hjb87WcPiIy2
UAsxOwDno7H7vR9WLfpfKjPwk7Xoa05qyThF2L96keXZZAm54yapyeXhNPGquFyq
YMOwxX+aQyUr13uH3KTkAaDKMkC5jAAkcZwTk+tENsB/StqyqbH5/KVOoCfxEFFA
MVgTbXQnEGpqUL+WGz4Ay6IPAAUXBAChhg+rFXcsAMne7QK2816p64Lm44BB46n6
WdZoST84rOq0ZNd+fYSqfRcaPJHHjO4lAEH+1dgQjpqxkEveodKPsixoLQdHd76s
SRDcX15IhWG+OBNCD4k6Y1DLLYhPE5bUToQYm8kPhVS3yuMLuNhtDntNQURfQL7B
JxQM0A8/b4hJBCgRAgAJBQI6msQVAh0BAAoJEKK5ifURtXSP1O8AnA3CcDJd1ZUD
2Kr86Q9DSuimSMuAAKCX77M6fadIiy415K3vIfadl/nsq4hOBBgRAgAGBQI6JF8V
ABIJEKK5ifURtXSPB2VHUEcAAQHXmQCdEbOoH3DE+L9keE5ODJ7j6CvHPRgAoJZm
54r/EPzKnu9gTsI0J+7oIh7emQGiBDqa3UERBACPhKenaTumEld5L06d5z4yl4AC
f+VsVD98Im0slZfKTcqMb3Y9Vzq4CduOVb6p4M9yX2bjxCk2mtmg5iunPuteGmVb
YSNcd7yjm9giqe6EnxXkxXmCP/AVA0kB09XYcsjmMFbRFahXo3xpdExAjyU6JVxC
/61kX8h4oYxjtWw/BwCgzf2qjNPEXshE0lwpoGwcwxk5cnUEAILKVk6G+rcususo
b2AiPjzcQnCZYNzoHpNOSkwInV/MqN6Pb1reKcJQ44RFyh6+fsdeNM2+7ifF+5DS
ZB13+5fhmtNtryIeMgfH0nYVu7YllPEmSmPOdERpjibxXbxEjWM8n4qKBe7iYVHW
tB+j9O6HyAB36mHcorYIs9NvHl76A/9kl+eBT4i2/jjPQQ4V4rrYXl7M5EWxpgMS
yUwzqM/YPZZCXJTqzv6FxUUc7LprdOEIbzQOyJqugKqHzQCekii7bcyAwu1NrV/z
amTherN+l0UqIArjWVh0IVagpXptGooVq7snoef8W/KzZQRVC1rcEQ3zV3TD3IQZ
mjx8ZgWCqbQuRGFtaWVuIE1pbGxlciAoUGVyc29uYWwgS2V5KSA8ZGptQG1pbmRy
b3Qub3JnPohfBBMRAgAXBQI6mt1BBQsHCgMEAxUDAgMWAgECF4AAEgkQqBmi2Gke
+NoHZUdQRwABAVy9AJ9RqC+W+xZCok3gcEZMiHy1lboyvgCeMSO/ld6brLcz4o8/
OMMwNne2IZeJAawEEAECAAYFAlKmjbQACgkQ0+X1a22SDTCk7wx/TLjgpMrFa/tg
k+/boARaFlsAJ/4OgyiY6314YbTyqatq1RVwWHTln1QJn8zXWpHUi9scfboxFYqz
vKT1g6TXAkg1fu5muiBCTMVVCuawXEDr0iVxfsFoCDjLKecMUxqwfj9gL3kitkbj
Ga7YcZnUcAOoLOWxsXNs5QZmKl/+E26iKGAB1sy/wMU40KjrOEg12fvIoDemeGfV
gPdeChkhpDkm7upB32UvzDbZsKO7eHxoBYW1sRJy04Tyl/hwXnNCfqYJ42BuITrk
EOSDr35MTYuLzC5l5l1uQXiCaJZxLGiM+ngkT76dkVQ4OcCgojuDih8aeT+TkM7H
YkCoVje/6Z45wNzsG1lTxE9AKTBzpi0ZKGv5/WVSQ1anuC56bgdfD9jjMrhsVwWf
mICN8zrOtYLcOJV6sUa+hZy8edEqZRkt93b8r0F2XDEVYId80debcFWExuil2TDO
Z0nfkgxRDq+wtwem51rrRc3gLH1UR/NWsSmC2Mvj7jSDGeA+gIbRFNE6+a2YG1aj
fxNdMBZ/OrkBDQQ6mt1DEAQAp/JyP+Brxt7T5vTTJSUMWSjOC+aBNZNFFHbG9KW3
x8qoE7d/SYLGIqHXscGQ0a6gzoe01DFiDovtipM6g/FarCPjRVMN72SEju2pv7hl
Gr/fcyHhKOYwcxaCVFOQetlnKq4zVrJvc0OZD/nsbRCH2ze3T5xtSQ7IlJ/rDUf/
2JsAAwYD/2h2esQEPQy8MRpFhcBZ8Z3iVaAZ0LSgvoap8RKBSmzS9QHYgk/U4N9k
W6BFQBfmG02aGMLN+WHy8oMMNVEaJxkQvXU7evd2vPIk9mW8JSeqAGa7dmZRjVkK
PBDy79eSoM/Z8Gb1TFnKJ9ju+s+pqdi0bJPsDty+yA+96MFOy5epiE4EGBECAAYF
Ajqa3UMAEgkQqBmi2Gke+NoHZUdQRwABAVDHAJ40H81xz0kVSd6/NVHLDEd7+98X
tACfZmBzmbxbQ1dhnKg3hxACZvKwMKuZAZ0EUqaCBQEMgJQ2qbhw2Hu10RvBo2Fu
fCouIekgt5dPqx10YjRK3Pmh8HW68geb2RdgbldRTCVznLCMhmbYl64qqt3/rADP
mVotqAUDqTzoRnPO4ETdvkXFJDgQ3grldkQmjrXEBIQXvPWZAKKqgDr8XjTuG3uc
2iJUT3mQ6aomW/hypukLDefx/ZVb6ZVQfoxhFlWtgAL02cla/bit6bZ+OAWE1PX9
vHjgbsf1tUmovuEwQZr7FhAEjdhP+6US70diYsVV6JmbWAHV4pdbuNLhy0uXm4+v
FrIDkNf+o0HbKqBVWUgoXBSbyAY8Y86ew0qjTEGx4TsTQX8p4alpPlpL3IWA+b0D
rnYnH196ViBvR70im3eXGuI9DCAX9zEsa4/9YRs3l+lYWe5XRWKSW6y5UjZ7wYck
ZTltAPkCXO9a7hK/qgE5wMJptJzJ1jsjE8GT9cFYIX1AMhraprfYxz11hzwScmzM
95UIdfmEbbeiYNGZ0sYvAfsX4K4G8LEAoLKZm0mXkOFGaeF3NGD137RUbiEsXs7T
oA0AEQEAAbQfRGFtaWVuIE1pbGxlciA8ZGptQG1pbmRyb3Qub3JnPokBzQQTAQIA
JwIbAwUJDUfrsQIeAQIXgAUCUqaMnAQLCQgHBhUKCQgLAgUWAgMBAAAKCRDT5fVr
bZINMHZMDH0TWjM8kpQZYk9l5+qxKvwqw7oOndC4+vDZnCCjZB94JP67M0DkAoIM
gBpgSlVtCy+7iwPLx0BbX4cQ0LFWsxdYb5IfjWVx0B0jiKjQ8YdVAOXjZHmNfd72
l+NgJAAtW/kENd10rrTnifLESa51DcgIUJhchypBsDWd+PdSTTqMaG4z30Hb9qRv
EKgVKJRf24cNko1gAalTv8UIX3EJkXgp31PC/LLXuMMiDuSbf9DgnL75U/wXK8Tk
mMF0tFBIHNIb0YKO/1/IpZbtLRsxjgPdIoq38mbVdyEQyClGvh4GmAKzevE7WFeP
Oqbe173u7Lr+rwK4lS26kmw8pz1aHj6iBRmJ8LS1rtSvFmnzJlNG89JTFiuW8PMz
fZUMtDcVfpjaLhU2jjw9IkwD4E9THsNNxkohe3jnvOwsPiMXixF3A6T9AX8ZcKQf
YYDIodYI9cg576MheCK5qNypmb1wBaMveGJ1KiEp95+8qTOyDvmYOaOG8C0Odwhu
YiYk2Nch7Y9BTiJj1WrmLS+VpUqAGApKiEYEEBECAAYFAlKmi98ACgkQzo7LA4b/
nEid/wCfQDsw+t8kjPZ7rjdURXgBfd0734gAn0w6xCIHgueq1Nxz00Ewd/1UsTjo
iQIcBBABAgAGBQJTFsNwAAoJEOX6rNyYiqSg3ZwQAKMYW9GCRVKwd8fxBIovohsD
oYOK/psUp8f8/IK1+aW9EsYcgnzpd8YuOcEa9PWd7/U+70/2fx4qyIkcJ/ofKP9U
zButogqdW1b4VISDP0t5cO9+DE4nSKod0hQdjJNM3611mr6lIhw2D56BdIzWuJl5
eCSDnyQQd6iDt5j3wELnBJt8YnYC4TytJFzg9R7iFfkONKJZWpZlgj+ChSuMVMjM
qa9l6+mYZKy4FU2mZks4EvLiWYnGQAHPjU9h+KWgoIbTXLv3Rc+NYlgXErECpZaG
B89oiEIHqH7Na4e+gtxML2/RgoLgWEsMPJBnv6AnuX8cVX1EqGJT5AzmHVmWlJHq
pSXw8g7yIRjtHZ9UKJOIamtHhDfcLpI8lSGwb0quyF/OwBcpbyWkFdOhHfTV+6Vj
tLwHbiPDJIEVkCfcyItW9s9l78U42zqyXFsgUNcjrvR09OMf0eXREVRGgo0O6glY
XRwUDFG/StCsKYFDUz2IEe4a9MjzGCSB0bUR5nKFVxomSNNQVw6Qo7oeGfXtyEG/
/KzhkDHsVWKU6qKSTK5fumQIUJHGJCCiQa6a0/6BXdoC/IVPbFgM/MHwAj030hyY
gb525l0BVD9+NEYs4Z7ZXkrdEHSIj2bTaDV2WywIYXcbxwovJlQT+gxeBxMoMJf9
zzAY5iVBn985M85NNXvpiEYEEBEIAAYFAlLp6B4ACgkQyYKAx4/0+mkA8QCdFdv8
9LNkAe1WK2gpjdW4mxXVCsUAmwf9+GFVwx69yKTXwcrvv29glD1WiQIcBBABAgAG
BQJTFqe/AAoJEEu0T4MGAI+Frd8P/0NxkhUMOo7PVWKAYEA15JQ6mvfhUkNI8MCl
PP2r0oDm3hf/sDdhi7P1pI/Wqlc/XAVQLZDtJZfZFvU4q0eF3Zs9uX3jvZjOGGQo
vVTnioQIV1JxHTriucFbkUEaMqdaQiFFAlb09qIbQaClKrbSa1d8oP+G8A7NIKxq
wwQMDk0I1UKus2QN4p0cBEuFdntlbkwwnyse7WrZS/7KcNGiHeFk8B/D63Vy2ISS
yORmeBTkA7r8qs4GAB+qrNTs+xsEQTC7Dx4Nz2FtgEmpXOifE0Txc3n761aAfNao
8bYukIbbF7Sw2ZvfwnEXikiL3m4uYFPcLsGfT3KFSKra69Vrm/DdZVGODJwALqo1
CpPdV69qpq/e6q6SKTdJrc6YKeFZMyjHRFT4IhVG7KvUAjQkt0RcG17JinOlJ26F
MH9nosU2RlVJuESUJH9xzMgWugF5Uj6jQlm5h/PWKNEtX/PjFCFjkacffWzRGOEg
1mqB8B6O7UttATbt4mNV/BMZFGqNH0Jq64RM0n3Q5TaIhUIW/0jsES1TKrJ96W+M
m/JiBd6tTXjAlk7B+m9eI7fEA7y6dugm0Qpw1+C4aIopQayaguPf/hicQqRr/ggu
tKsO+vhJ9ie6cB1Zdc+BNGCrmpPrALmMbKmgw7i9ZI1iWE0pijX8kiBJoZaTb4Rq
PT8tKiYLiQIcBBABAgAGBQJTF2LJAAoJENaX3zJH9H8fPQMP/0MRl17h9QMdSRvU
T0Hy/cVCUwNs4hWhjA5k+eWKZe3LxOjnZEEA7S0Oi07cyOlKH7qNg8xA42KM3NPD
tEM8U6CvkdJ7Bctr1OOMUIdLq4485BDsPccoVc5J8MRf+4BFQodd8B8jekTv/rfn
/eXie3M12pjiy8ZryeBFod/3C/VLCQwMG4eMzga6+anuc66U6zteEnG0QyS4uckJ
iAlcxYqLK3Sm6WB/FlR8LmSPPAEl9xH5W8gSrAGZRg9w5tOVnOOsDWU3yfBxzi8X
ZnMRc7+22XOuzkQlQDDRM/r8L5aM6rGjLTRUpbv3JU11gf0+5yUAqrWD+KumgyGd
cxWnfEHRQZA7jV3eEXpoE2mKOiZ3zaA0gZRmG745+E+MS964jTOdEy3ZEITuSCOt
aPjiySebYSpxhuoqdA5sIgC/qLfigTEDQiY4LnrTxZp1uQGhcbzBKEAScLK6mFHj
MTnTFm9hChnD8UmjfBFpHNhvvXS6h+ZdpgLuG2XEv3DtLs8N/E7uh0zN38lupX5M
r9GC3EOrTXte/TWGQVlXU4j60J2FiUk38ORryyDMd3LS5bjTqaERkqd+uw7utuM7
dTU8cohcMgM+vw6l3fNg8+I31Mpy9N6QLS26qP0b+uYKZpX5UG2H9j+ekrZ7ReBr
LB4s2VIDHBoc6qRbXTI7I6Sf/Ez9iQIcBBABAgAGBQJTF5i3AAoJECPNT7oMAX3y
AaoP/jSWlN++0Sms0WgN67JHDZhXpU+uiumaKS2VXXakIeAKu8kra6KIqmTadmm1
zSJ83yhr6q3TjnCaOMLcSCEaCeizeMHeUbLPiM1zlcXH3jqpZxIPJ2lZTsySeAEA
QwT30NIjySlOX5Ba/ZknQ8iiqqkZM1PBxqYIcjN8ijOY59L4NQnTsdn0m6pAe1m1
6zD3sGljVvJeQuvoyaqxnOEQhzfnYjziFIkTbRKh0bk2jq3GjpYKjm0H0yDzr1xc
G5R31DZb+n5tWDKDYUX+PtDh8ypgzobTBQ1JTl7e2qeu/EpbFccRqsu1S9kJyC3j
yYzpk2Bf8mfsfH6Z+FUR8AEKW67vBQQFRIV0H4WCBazI2k1/ibNoaLqKJNDh0j3p
89XAdlXdie8Cr+kd0XQJ/ExqaBPpTiVWGFeEVxo9cC18zFv8N8ZvOnEBwJZ77uai
KYAjNUEfE8W7RX0bZgkIS5gXcuFRgLDcHqWEhFTasSObmNx8rrbmkZUnyuctCFu3
iYAAOvpBZNEXXnwU5S//G19gjfNlLQSBcCn6A4fJo1szPhC9VD9suf21FkZYZ2dG
T1U1CYmw46wsb6ZyG8hd56fD3VkMF6fs123NuCmKJwdv4dCAtKXeizm3KwuqfiIt
Pr+CZlF7fgBSvxSllErP3fRio6w6ueu/2nMdxq/+VqSSfi0jiQIcBBABAgAGBQJT
GxrFAAoJEGXrljbwLFcEA1wQALFhneSP944km15LMqr4AGOaStxSWv+Fr3NcDv/L
XOZ9olMHGZIrAV2yl6hW0vPOiQXJGM2+t1H5Q2gbktPt/F5LD/lR8cxMOCfDbVA5
nUzi52mY7J6rv15AmJNzlxOrUsOxGIp2AuBFI+NLcmzW1vA4VN8oY22zePYSsAyA
NODpYLwzmLvWh/n6Gkb9Dcr5d5M6clPJlvyCjT3HOkmLCPBTv/I4lm004pLW+pep
wfmHi1XoXDXLChrBU0caV63+KdIKaSkZafGhhdOSeMT2ti6squ+9VBm6g207ZaU4
6wzATdVfCJkhAPk8HMi/853vqXPhl06VFi3KYrL6tsSie0X6vNlMfkQ1obdh2KHV
tqSFhO+0pwjLQ6Ei5X0MIYk2M8XFUIV1RPmQ4RdvfbMuJpyXLBxTY2ItB70ZHvEm
XOTYLYAhAH+UvSODocIP24I/mdyPbiTxgpYVa8pMFw70aA/1zPWftZCYWe0l98im
cUW2YPknLl3bxOV+CI4g5XFW/84qxS1Ty228vIK7GmnZx2AMyaSA0w84d9wQnxJc
rNSS1M3uYvHLICEr4HWP+lTj8wFd3kd0URnB8Ybc7zsy/Rroy/KPKArhbCHb9O+w
+KuC5f1Bu4uZc/o2Zckp5zfKI7xtUbW914PB9hbo+TXkTBre9nZkSQjODL6wPLIa
nYFviQIcBBABAgAGBQJTH7siAAoJEPTXp5Fd6nib42oP/0RJLp8X945IPFd1AMoM
Q23cy74qBAvh+c+k2pFEPrU+W9nJ2w3Mqwn8ja9MDewUjSq9ZLZxlTz+M8idYpoN
46VtZLCxpaLXH3Uv8T++Vwdi143UMPipJqf50mWqqciDsl9LbQZR2XolfzM9WTVU
Vt9ynNVZG+ij4tbeobViZrifY07dfR8y0TZ2LF7mah5lnDAAwSVEUOg/YX7jIgxS
fP9oD5buD2SYH/4rZFzkN3fCZQiV4uwCMIJl+fDR/adBvOaZrUVnM661vmGcsgOq
qRUE+hSZ/ih8Jsox65UAfPHdx/SEptBFgoyIpdxR4NPxpgeHZbNnstJ1R/cyKmww
hMgF11WUJbm1RN1vDPwAZNAcSzDAZhnOmtOsPtiLXDMNm7dufgYWFFxjZUxo87+W
eHgWG8ACki+AuYJgjW0gXMghVdkVQJYcLxcbZBPcHu2eUJLI83QhVQxUg5IjdOGv
OS3SuMhtDYx04zEdGB3FSVRwfyIqImjEbyXnMAT0RDhFoWvrhAy/jGsrH4tO9hg5
1AS4EJ2pwdYme7yCA0h2s1ZG+WHF4lTJ21fvx4H352Ah5tckpmmbpJbB+ZBz+uWv
rYmQP/W+06kP1axNmjSDcMID7rqoITn7emPJYLpc4vszoGxxl3yFbWM7IL8kLT2P
QC1FMP5L9SY95T3L9xciMnFTiEYEEBECAAYFAlMkhq8ACgkQi9gubzC5S1zAmwCg
gBsG5xTQsPG3Ro8GpItuIJBGmZsAoJMRnRC62mQKL700dHk49IFL7sH6iQEcBBAB
AgAGBQJUmgqLAAoJEF+OLmRrT7LQnV0H+gMxUdmn+eZUN+6fyAf1TMHifp3qvqdK
05sL2NIY4rz7GgYbb3L7wH45w+ztuE6pmdg4JwCGijp3V8quyICbvU94YTbu/n7E
3r5U9H4JXUuW99GtML6v0Jnmp7AthmsMVwTFoMj8fzszRTjh0LWxbMIP/BXbr91t
hf0A9L2OBFeHCXtpr8JnTK4lkDtwRw5PKZHQPUlP07R2Ki6pva96ePgtGnpnL8n9
Zlwvg5mCSsQOQv8R7+7GcmGqSWOEcUB67GF4AVsGMqEj/9BRYsdjWozE7oq60FwG
rg+HEaTO7To3EKWI31pZU+u3WgGE7cH82/YgtCQdgKYzDAT9AQFADRCJAhwEEAEC
AAYFAlS3/EIACgkQni8RbMiXM6uvYBAAoDMezX0JkRWg7GlsHJyF9mneaUMmhLiJ
+yO8Jd9JkJcSsDvy56X0mszyqL3e/mcrSow71fGeAnJbKcTsdMX8T7JpWL26LApb
PxiO/wo1vGczwJ+bBMDQAGIQgY9OinCL8OEw1C1saM6rLIa3z9vySBmbQA30TXdG
kRBQETcHGZfDAe7BdzBgqBK+ZlCwoCUoiprP+kidiumZ88cQmmR0LFyB72GDeT2q
H0E1WOlKRhm0hwqB+Tc7E/wvX3YlufA65azQDjeSC7skDGljHxIl+ze2DSED8p99
1bbjE5MESIySX7VdJHpp6mJ/Syh0wdiOKBn5Ff8+DxmymtzyBHGYzdYWs/UOVRIw
VSgjn+BJVpbRPqtlhpAC6PLSots7Mm6f194qJv9SDLfi/HDrKP62PG7p6zYM+zjD
j5FQBdBdMWK84/fTUT9iQsnCkmrSeaXzIlTRCBH1OUByeIbUaxcngZzGwSzsF4S3
fOhYpnsaHW/uBzYRvgui4W2bzcoUui0QU87gGEXg5jnJtUhCtVgD3jvVov+pIQCO
eMMUTSTWzg7w/7uPY8B4+tXf95J7vSJcjYnjr+yM21DrIwjhKbzjmcvsk13FR7tZ
5f7R9vTuO0CJewIXuCJ0NLaahn/s+8V9RXoNa3TA+R+ZW/KFR/awXrq7SOJ2SbTV
JQk037siPOaJAhwEEAECAAYFAlS3/GQACgkQxfSDrd7oY4DKLA/+Kncf9t8FLms1
fo1cflBb9UGgG6YceRx2+O3VZXiCqJSsHFj1Ywk+MyH44mD/JDM/YTKazT8mpnny
2/lDEzFdfbryZdA0p3pyrFp+8sx4pzKNPZxOubAOqefZ1k/SoTbTa35f3V+L926O
zIl2ZdU4WOysa13RhoRvUKjekWl94J0jECcBlkBiOI7uL64Rz4WG4VYhXJGV/LRz
OBot27Umh0sCmb3i24b9FmOu8tvAwf//zlh97ykEH1nLiVz+QU054nmbqVACp2W/
02Z6cnfWqoLsQIg2Y+6oeCrjCldzlHcOjvE6VwXJpAde7mZfQCw66G9ndEs8Xoa7
I4D06uGoewKVMJKU5AaFT4Wf69KXDI9YBRSuyZbww+rxESAB9HGfR3O8quDgsmV3
BKsNRJT7rOPm+Z+UoHS12alJmVcuv+ioh1GpmeWoKiRgjlJOQcXy/TIvTMvGb8oF
ZN9MEMCZ09x3JoYTiXvx6phrxpW82DLXPqCD7mEHR3/u9898VRWMrSP1WKpNeeyC
6Wf8Urz1ySinr/wMbafrQu0Z0nycFFbUXLRO8MwJupt0/S0kA0c2WVzlZwYrbWZ4
XGIxl6G9i+G1D5USOKbLC/bXnZlLERiQbD/85UHpt37s0T2K48lGUhSjCxclGyG7
UpFf+mzEYbQcNMTkjr1RVURd/DtLeXeJAhwEEAECAAYFAlS3/vcACgkQMn7oMPR2
HNgGtxAAiQy29MXY+Ljs3V4ZSE9kuhpV9jruyvNQD3y+vGa2fYXvwZbzqvDQIo/N
TRR+hZngz6Qo7i8NUYfzIp/GHI3nqoZll9idWdWjeg+ioD08XzmoTnTJwJAPTOVp
2WREzTyRc/FZCD8vW51iFV0xpWZA8a+/Foc1q/P9B/zvBx5UQfYCjMCcKpR3Xkuh
oRh6vdxSi9M+QuyATk1mXoniOQKhIvAzLTH2DSoAudI3V4E3GSc1NruGt35WDfvP
cwvcXk7iI4outPfyrG9mEIkiZDukB6MrKG3VKegD0fFIFouQ/eoodWKICY0S3QaP
HRL3rTOtCNtVEEaVDoaT6jDUvsfOpXreev1UriH24cawD4HmMaOs0p9e+FDTkvJx
OLErDBvODG/4Pfqai7BFaLrElnjQ6vI1e42fd+XQJlZPbDqjZkk3PD1DGNeWxXfe
VbQVK3O4G7z9Puj/YTcNyygVxwJPuZQrYX7mSjfetG7J/ZjoSSBKqJSzCyCb529o
sf2cS5JV/U5e+LQCrq+6i6fXWuUGsTu4ceJpskPahjCvcYVWMtbtBf7XhseJk97k
g/Qg01zLg8ff4np1nDCExSd8ak7DPEPOOnbedTNtmUpzaQJ1hAEsIHH23scuJMOZ
WdBHXB8j0l+w7Ssd/Up0+WR6KhYc+7D+U+mRlupXcvtXBgxzeK2JAhwEEAEIAAYF
AlS4CCsACgkQpLsVjWJqnRcPzg//R1PXrcHYVGO5tMkCpd2EdTEN2KsixMzbQAeW
C0LCvCgwuNZz5vXRrO8AIf9d5GvGx1xxr7w/aQHdA3fTwQH4VYz5Diya0OgXDWew
u0+P7AhHJbBTFxikPbX7Pe5J9ri2h9W2QGlNg9xZraF86yjdTOavrDYuc+Ly2OD1
Ln4xGr1x0LbVLCS9Th8v7rzQMjVpZQghpVUBcZ0Jgk2NFTu4ODMpC40CM7iVX4Nc
gzPecBTGRO0UJkU9L1ta/DjTh+TWWSif0gQJB396zeX7P9d9vOXbfYwYwVgvNc5x
rt71agaL6RIRiSR0nVOUu5w7M+rtqw2Goc6rVWk97GaMBxq0hCZvunr2SA5IsGDM
rFlfLb93/a4up+Tcw+4SeKwoLyRIYMcenPRxjsyYni4bVG9W34uwahQe5It875hT
ZWdZob/0uHYpEWOH2w+qzmQUtTsquD+W78J3H3SiojLiPHlsRbAk4nr0SN+EX5R3
+YW7jLRrVhrfvr+vYobH1664P7b1LX2Yi2u7ktZcWKVxLr6vZqNVXgdhgQmNyAOX
VhJurUc7EryV1tnt+EYRj0ruTdi0Je0fE6cNabrkKTnMUHTUbrpJDxJcq0q34SP+
nnqaHmdtfDvuFVMlAynQrfD7nJOY/fm+l6FY9UvNJCvid71afBV9DdbPtivn0oP9
L63+pSCJAhwEEwECAAYFAlS3/okACgkQxodfNUHO/eAexBAAl+zTx7FFagVHNlDe
tN31ErMvImw1oDVyoTAKCJbVK4YOT0AEL/GRM6nbQb2HAW26iWw0tehoKCJjw9uJ
y0m+1o/psE0nRl97sfZX5VCuFiAaRCyboEu49+KUSoCAQnkOc+r2vEPEvO0pNgZU
hUsRIwPRP67aDIfb61T9CSwZXmAkukDTuDq+sTGJ0fUpT59aM398O7BBqVnXZoTa
LHkXAd1sXGbWXNy7vNVXuHEAvebeQDzmAiiTp/RLxlUNrp4nB6bcAK5wn7kaAPJj
jREXeVk4lEGuUE1QpfdtvSAQ+8Qd47A700z4g7XFwHfXN0kX5JmeScVjrghkOCA5
sjM9P6uxgCb54iSGnCrNJf57LddvSrI4UNAvFrYHVkek5VvC48xeUME/ldUT+eQv
1Xs2CJwtX9mxQg8hvuGDr03PP1LfKoxVvAZcJ4iJ+gxD+q7KHae127X0FCbzxrz5
JQtTXep9UO5L9YskX9jKFH2+t+BrLEpxo6EQ2UsY5zmR3FFpvXu8Dryc28nI7MFl
uvNj+HPwNlvGt4/jLDxNUr1/qfny4nmH+F0GwJSbvvOysngGZ2R4XtyBOE7MvxEg
jsspXuLqm1TRyQCidUUOreramtPUUMQ8kbH66T75GAEnD862nlArSTZ76rbTGJ/4
JN+Tb0gCoT3+8rsFFLIbjbi+SBCJAc8EEwECACkFAlKmggUCGwMFCQ1H67EHCwkI
BwMCAQYVCAIJCgsEFgIDAQIeAQIXgAAKCRDT5fVrbZINMHp/DH911etPzwZZetcw
8cKb7UY4UHFHQJ8rQIF91mY1PHpX/fh0VG+kXizlHEZxHpwXHXbJWUevYovymo8D
hbHB/VKV4kSQLMOR/jVtnbFRRhpkzzGSZhypd85NRODfxqqyFd5M6CPH8+vRikLs
QbJTV1OxLUhtlm4/3+W4O+h7pl8Q5pFw8HQRESPFrOeugU7z5nB6h3q0XdE+/2kD
Rf0G2eF+oLrvTBvi16u6ftGYc2Qqzbr4W5D3beWn+9eEvVJrxIb7ZR2iQGn19rV+
92qB87bADM9yddmiAD0fP0ITDz7DOKxTAw7uMr0pfHaN27C1GCv7duqoHdM8BxR6
oSxg/Jm0rsCE52uA1t5EbvFwfWJZ/wSiqv03BUlRTnawlQi0W/fFM3wgq2myWDa7
aU+U+bRUBgt00qb5vtXDeBhS1wFLpKlyrlALsq5g6DStrjKT54pYQfaVnXUjxzxx
u20yI55QygiKhg7foFNgw6vTPwfo2OSid2XQDm3Hjjee4kSovrtn9jL5h27V0HcY
YED6vLNauQGdBFKmggUBDIDU53B+nBcpyH47TRbUWxBIxwSNqEaajzhZOugz+qNN
3tiyV3fTQ8y/fCRCfZZ2HJNxr8SaRbR9VMZJiztne/lKk9/SmthKOZ+7xaVejPrg
Cl1eoYeOP0oB6rY65S1avChuCJATNTgfGXP3hf/rkGAbmTs5PITcnpuBFwzAkKAK
TCMrznBtsGQYf4mj2j9nD1M9zNBwTsGYZiSQs0BdvDuiYoE4vhnrD2xdOjP1SdDQ
QH2zhO8BscYpf3LY8RCNk37CTNHcNq9YHuqXy8dkhGaykCwMAm8NPWh+w227wwHz
AlzG9lqhnuP3BQtimdo1jH3HESGBsH2jWYFxix0OPfHPmOuC2r9yl2AYLpuD5rAN
z/KVDWY2CUp9jw/2EUiEgA1mKWeYCWTkZKhZyU//r2b67fgoqgdThhzcjWk81wvo
3KLRuHyYep71Z50p+h3tjjIzVLbR9dpLi+ssiUqDFuwOlaJauTSW1XTe7ILt6oN7
efPMZb/YYtMePnGwDb4fAa0+ibmabOO9Xk8U2lLtr3QlABEBAAGJAbUEGAECAA8F
AlKmggUCGwwFCQ1H67EACgkQ0+X1a22SDTARJwx/ZCMNabddrAnE0DymqrGsV5MS
j4YRLOdVFNR6mutQV3UYfDfepoC+ouLFn7Hxyv7UaP98l3l6IhUl9EthteULyy7w
lleeB9fRWG4xxShv8VOKR+lyhiRHOuJSwkQHf86aOUuMaCdCbkbP1NXWK3IXdvOg
eRHyy9YQoorM2ggQ8ctTfLtupKQ6uOdjdtl91VGHrXxduNXbw0y6hmxXwTik65Cj
L7ezkiOYh/+aRKIUTdUnB1o96bbdSxdq0Vv96gL8CGLSIJ3/yKgXCL6gdPY+e30e
vNUXoTyAFU7e8qjpQmANOv1C3bs1zp4cvQ7mPnSKez2hv/cOg4Lc/kDTzOGX7Djr
rIYS/n4Sz+6xQCz/ieDiSwjcNMsr1iCPvSXmgG4wVh3dvkoZV8AiUZzmbAg4gbjV
gsjNlOsa465PKaPAJ0L1xRknpHYK/9XHSG1nSGoN3JoM7Qij04b9bazZPvXrS1j2
JzgzAEIV6bPAUQsgEggc1j+f/CybFAaQjc6Pzomk5VWBHmVdZH4GsZwGORITKJkC
DQRf7mYNARAAz2vrsO3Cz8vYpaXvc5tN9uloHBpeMl7Fb5A5U4XB36ux3JE03mxI
WgpVaCtKgwPAwaOprywMBee3jJh2xBIuv3cy1JSB/zCl12erUEQhSqk8wc4SWou/
h9ecl5L0b3255lbayeTWJaaz2EjVzezbiROqeHTXkd8Agrjbr6IzcdycOZiVK8SL
jdpCN8A9VzqjD7FLsQ+i4MN9sE+V7QjUASnTEPBgvVhrEX10xQTagoyF2230XlcY
SKv2rLpgk7J2LzjFWrNZ/m2AriMMg1jQGKijYMHV1f5PQ/DSye/9QTUPLwHziRZe
k7A3pZGTjv4bq1Tywc8d0VmvE56IfVIsn1cYhYq4mBm2IeWTO+IcxVjAS2ufN8RU
u8MnFnFHohzKVB6Q7Cg4HhiUgmNn6xnRE59NxuTd30OcTDxQ0SNgJjSRfMMq8nl0
upQCDH5ksrVSCUPB95GLeO2WtSgMOBsefeZcQU3y0QyxRkBX1sB1H84u9vF25FZH
HzMJmd+PhWW+V8n00wnr8zpUdvmBzIGz3C91Y0DjJxewmfYvgoBD80cSF9SJQ5Hw
vk1M/125sfUBN1rBvh08ON3mMvfxds4deT8Gtc8N74ggWYRGgJUkYvTEc8Ho0FGW
kg/VTNeRTEY7tIzVm2XojWMvdK1733sf1b3mEV3NTyqYuDnnxjoDa0cAEQEAAbQf
RGFtaWVuIE1pbGxlciA8ZGptQG1pbmRyb3Qub3JnPokCTgQTAQgAOBYhBHFouYOB
Wl7vWaSt/So/QU5zYGC6BQJf7mYNAhsDBQsJCAcCBhUKCQgLAgQWAgMBAh4BAheA
AAoJECo/QU5zYGC6kI4P/AxEYU8XTuZHYzAim7sHRr+Z1HnknrgN9mGL3HuCy8H8
cdOZkQLnHSOmYjGfOKRNTzWibr36Cd4ERCXP+blDCtkrFw1QLoLRICZ5nJCcFSr5
CanrU87wUwCQ0xfkkPl8iF8j1dorIDZOetAKumn87wKYnNphGQifPZF5GS0NS+Xp
7vmg+R+abTTCSTnxFNPwiQJwRm/lXO+A4bCHcuPL/X1vfVEYOARS+n3l29gpnHUo
roiWKC/F+HRvr6o4dIAml+jMq6xBMB6j9yYsyzNrq96GMxXDLvPCUkEad96+gR2v
RJJvFMUMa9tzc4C9n/Ks8t5s7um63l3eSYlHuVL6adI9SlVLbzyudBr7P+mU3r0z
xvYozTzPALwgohs4bYiWqdtE9y+qLsJrg5zM1g5gFJWAFWNhXkfB10NeoYN0L8Iy
RZMaBq4154fg99eaQBETzh1qoyAE1wZ5DFzzGMn0Z5gqyYd6pTxYol+6UIFvkuIb
hvzo7AnEQb9CMzCceJcPaSDoWJn8MXibgcR8zQ+bJL9BoOwevTuPBRRg4dW6IOBD
EqBjzZysSI7ET36R99WsBq0kxtPjmrbo5G66DkrwDBps7sggRg2Y23tgmrOssDVs
zN+erC+80XClDTBz8myB3y6d4VU+dWG4n0ZDGJE+w6YNZN/2pCKESlgU8e5K5qUt
iQHDBBABCAAdFiEEWcIRjtIG2SfmZ+vj0+X1a22SDTAFAl/uZjAACgkQ0+X1a22S
DTC/XwyAkFkZcqk56SuA4a4Q1PZydNNkQMKMJME2Kt5L8GB07jQPiTUoCDCEKW7v
SV5Vxl94HLQs0Wt4G+UhEmI74ZzKU0FZfF+Smnw9PQ/chVdXVAeekeBxQgDP++Mp
Lur34YveVeQkIBlQ8fbxrvd3RVI6LJ8DSxTUZ+MT34DgTs6+ryJkyA62mcSy5QL2
ZMH82uZ/1KRN6P2YOUV7UmvWPta5kZ+ocfSoTcYCx/Ms4XOx6g6DbfDZ5AkRfY7c
qUXwJEA5bEooZXxMIVX3cN6O8CVjhl0lzNyeppoCmsuHBg1/YErsLbyphKzIuY0E
8Ng5nSKKefZA3+2OlwvRNN4FPVXcf618s+LkMPdedRxuxOj5Lg0m8I33t//4U8xJ
CjgItN27+C8C+3uAb+oG0JP592z+zweVVjbqgfKKQ0XWJBV8YrdQ7CC65WTBkSKK
Fk9uVDjfftrsWkkyWttGk1As9yAvPbupZ2swoMEcQLAhyaTLmBYrgIW6g6OMhCHv
k4BIGUZ0EQmzi11G5Bu7OEKN2/KIlLkCDQRf7mYNARAA2iZs8bBisxr5aQE1gTVX
wvgtnIOjQ6aDOh9bminaAQtg+ntvNFi6HUzSvB0XTjAw8sH2Bz38CkczuDfd4YfZ
OzAJRJTG58NAubAMDjJ3yHrfP/uXn+KVEUdDYv+wTbbA4cPztMLhNxNJwgPKjVLj
9FGkdYLCe+xTD3POiwMOtazpW4udynNCcQ1P+DIPzHuOisJ1AkYqDrShclEUcitO
44/+8JzhiKH9HxwomOLku7lwjF1nEyvVC6zJXlxqXImbeFFRbKLlItcbrVD1SJWB
F6EstFgSCFcjG0+KN86LRABfp9804OjHiSBiDOTT0W4W5icDnKOzj+ZlsdSdSIcw
AnLz7nsgobgjUaRPos013ddcMDFSIS+SNtAE/si4JHdLGUVCKH5RgHyWMjK2MQGx
3LCaHPVT/Ei0uLdSbKtpLpSsYsNokliw84Czd6sUjjR/IhHjJ7ryD4eJSyXt7vuZ
6e9twyJumcPJvWw3feFjGqGKmhwpw6viKkYEqDSkS7IJRqdS8My1PMm38Ew61WaS
YYehueH1yO//Wtlo2hYfFh4N4Hcu9E6NeJBNEc20gz6tTkkybuIuCsZdRr9MEZgc
EEwH+Mf386Lp+/VqfpmykUaT4XATkzhSHiFFx3y1jD/gClN4zATmS9s21df8Nooc
qWTJjOjLmKn9nevp4Jrf5NEAEQEAAYkCNgQYAQgAIBYhBHFouYOBWl7vWaSt/So/
QU5zYGC6BQJf7mYNAhsMAAoJECo/QU5zYGC6a/oQAKjogHiQqRKLsaRj5yipy52i
s8vXjsDdhv29GTFV/0aLrPcFx5NkHPf5mQsN/k1fYfwHaq2uwGuL/YB6Ra6eZBOP
/xd0i7JpULrSPTDBWEgqF5UzuabQJY8oYK8RdA5RS6Tc4Q38L9f9RbHYPGvRgDeb
ZngMVOUQOD0s4EkAYwofOOE/a5S+Ty+12o7t+BTFucjgF/RiogO38HyeUepKiJFU
vuSRcluIvHaooLvDMvfmZT/nZhZsqAa3nT780Og9aopI36tmUuZSR1fJ5jYgj5dU
3JA11HWaiwbZiVXEnNDh/WPrzM8k+KGf/dxymLuCbROc+wwjhqiWGn7cKJcVLHzS
CO0rPVaJvrliTui0ytRLQ5F3A8+nsq84lbHXDZWnYMcGVF0iluQksbQkc9VPunRI
VA3UfPt7O/rK8LkZlJttKPZL042IC7vrPFZIHDbYl5OEQwohO55v/0MgtaDzc/Pk
7mnVkcLyvaL1yl8FWe+fKY4Jk8SUCygwxCCjtCv7TWYaNGepelQonwRWxCyf+xUa
nErOxgAHhLfgrzFW31qU2nrd2Ubbtj6jXwtJNMeP1ZCBL5BgcUpypYUh9DyxsjdS
mjhmFk4UXBCppf5Po/1qSpr5KPmwuWTd0KGCEnosU9RSpJtE78phxqkKaB8A3HmR
ePJgyS4h2BL0NgQRIRVW
=OOF9
-----END PGP PUBLIC KEY BLOCK-----

555
openssh.spec Normal file
View File

@ -0,0 +1,555 @@
#
# spec file for package openssh
#
# Copyright (c) 2020 SUSE LLC
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
# upon. The license for this file, and modifications and additions to the
# file, is the same license as for the pristine package itself (unless the
# license for the pristine package is not an Open Source License, in which
# case the license is the MIT License). An "Open Source License" is a
# license that conforms to the Open Source Definition (Version 1.9)
# published by the Open Source Initiative.
# Please submit bugfixes or comments via https://bugs.opensuse.org/
#
%define sandbox_seccomp 0
%ifnarch ppc
%define sandbox_seccomp 1
%endif
%define _fwdir %{_sysconfdir}/sysconfig/SuSEfirewall2.d
%define _fwdefdir %{_fwdir}/services
%define _appdefdir %( grep "configdirspec=" $( which xmkmf ) | sed -r 's,^[^=]+=.*-I(.*)/config.*$,\\1/app-defaults,' )
%define CHECKSUM_SUFFIX .hmac
%define CHECKSUM_HMAC_KEY "HMAC_KEY:OpenSSH-FIPS@SLE"
%bcond_without ldap
%if 0%{?suse_version} >= 1550
%bcond_without wtmpdb
%else
%bcond_with wtmpdb
%endif
#Compat macro for new _fillupdir macro introduced in Nov 2017
%if ! %{defined _fillupdir}
%define _fillupdir %{_localstatedir}/adm/fillup-templates
%endif
Name: openssh
Version: 9.3p2
Release: 0
Summary: Secure Shell Client and Server (Remote Login Program)
License: BSD-2-Clause AND MIT
Group: Productivity/Networking/SSH
URL: https://www.openssh.com/
Source0: https://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-%{version}.tar.gz
Source1: https://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-%{version}.tar.gz.asc
Source2: sshd.pamd
Source3: README.SUSE
Source4: README.kerberos
Source5: ssh.reg
Source6: ssh-askpass
Source7: sshd.fw
Source8: sysconfig.ssh
Source9: sshd-gen-keys-start
Source10: sshd.service
Source11: README.FIPS
Source12: cavs_driver-ssh.pl
Source13: https://ftp.openbsd.org/pub/OpenBSD/OpenSSH/RELEASE_KEY.asc#/openssh.keyring
Source14: sysusers-sshd.conf
Source15: sshd-sle.pamd
Patch1: openssh-7.7p1-X11_trusted_forwarding.patch
Patch3: openssh-7.7p1-enable_PAM_by_default.patch
Patch4: openssh-7.7p1-eal3.patch
Patch6: openssh-7.7p1-send_locale.patch
Patch7: openssh-7.7p1-hostname_changes_when_forwarding_X.patch
Patch8: openssh-7.7p1-remove_xauth_cookies_on_exit.patch
Patch9: openssh-7.7p1-pts_names_formatting.patch
Patch10: openssh-7.7p1-pam_check_locks.patch
# https://bugzilla.mindrot.org/show_bug.cgi?id=2752
Patch14: openssh-7.7p1-seccomp_stat.patch
# https://bugzilla.mindrot.org/show_bug.cgi?id=2752
Patch15: openssh-7.7p1-seccomp_ipc_flock.patch
# https://bugzilla.mindrot.org/show_bug.cgi?id=2752
# Local FIPS patchset
Patch17: openssh-7.7p1-fips.patch
# Local cavs patchset
Patch18: openssh-7.7p1-cavstest-ctr.patch
# Local cavs patchset
Patch19: openssh-7.7p1-cavstest-kdf.patch
# Local FIPS patchset
Patch20: openssh-7.7p1-fips_checks.patch
# https://bugzilla.mindrot.org/show_bug.cgi?id=2641
Patch22: openssh-7.7p1-systemd-notify.patch
Patch23: openssh-8.0p1-gssapi-keyex.patch
# https://bugzilla.mindrot.org/show_bug.cgi?id=1402
Patch24: openssh-8.1p1-audit.patch
# Local patch to disable runtime abi SSL checks, quite pointless for us
Patch26: openssh-7.7p1-disable_openssl_abi_check.patch
# https://bugzilla.mindrot.org/show_bug.cgi?id=2641
Patch27: openssh-7.7p1-no_fork-no_pid_file.patch
Patch28: openssh-7.7p1-host_ident.patch
# https://bugzilla.mindrot.org/show_bug.cgi?id=1844
Patch29: openssh-7.7p1-sftp_force_permissions.patch
# https://bugzilla.mindrot.org/show_bug.cgi?id=2143
Patch30: openssh-7.7p1-X_forward_with_disabled_ipv6.patch
Patch31: openssh-7.7p1-ldap.patch
# https://bugzilla.mindrot.org/show_bug.cgi?id=2213
Patch32: openssh-7.7p1-IPv6_X_forwarding.patch
Patch33: openssh-7.7p1-sftp_print_diagnostic_messages.patch
Patch34: openssh-7.9p1-keygen-preserve-perms.patch
Patch35: openssh-7.9p1-revert-new-qos-defaults.patch
Patch36: openssh-8.1p1-seccomp-clock_nanosleep.patch
Patch37: openssh-8.1p1-seccomp-clock_nanosleep_time64.patch
Patch38: openssh-8.1p1-seccomp-clock_gettime64.patch
Patch39: openssh-8.1p1-use-openssl-kdf.patch
Patch40: openssh-8.1p1-ed25519-use-openssl-rng.patch
Patch41: openssh-fips-ensure-approved-moduli.patch
Patch42: openssh-link-with-sk.patch
Patch43: openssh-reenable-dh-group14-sha1-default.patch
Patch45: openssh-8.4p1-ssh_config_d.patch
Patch46: openssh-whitelist-syscalls.patch
Patch47: openssh-8.4p1-vendordir.patch
Patch48: openssh-8.4p1-pam_motd.patch
Patch49: openssh-do-not-send-empty-message.patch
Patch50: openssh-openssl-3.patch
Patch51: wtmpdb.patch
Patch52: openssh-cve-2023-48795.patch
Patch100: fix-missing-lz.patch
BuildRequires: audit-devel
BuildRequires: automake
BuildRequires: groff
BuildRequires: libedit-devel
BuildRequires: libselinux-devel
%if %{with ldap}
BuildRequires: openldap2-devel
%endif
BuildRequires: openssl-devel
BuildRequires: pam-devel
BuildRequires: pkgconfig
BuildRequires: zlib-devel
BuildRequires: pkgconfig(libfido2) >= 1.2.0
BuildRequires: pkgconfig(libsystemd)
BuildRequires: sysuser-shadow
BuildRequires: sysuser-tools
Requires: %{name}-clients = %{version}-%{release}
Requires: %{name}-server = %{version}-%{release}
%if 0%{?suse_version} >= 1550
BuildRequires: pkgconfig(krb5)
%else
BuildRequires: krb5-mini-devel
%endif
%if %{with wtmpdb}
BuildRequires: pkgconfig(libwtmpdb)
%endif
Requires(pre): findutils
Requires(pre): grep
%description
SSH (Secure Shell) is a program for logging into and executing commands
on a remote machine. It replaces rsh (rlogin and rsh) and
provides secure encrypted communication between two untrusted
hosts over an insecure network.
xorg-x11 (X Window System) connections and arbitrary TCP/IP ports can
also be forwarded over the secure channel.
This is a dummy package that pulls in both the client and server
components.
%package common
Summary: SSH (Secure Shell) common files
Group: Productivity/Networking/SSH
Conflicts: nonfreessh
Conflicts: %{name}-fips < %{version}-%{release}
Conflicts: %{name}-fips > %{version}-%{release}
%description common
SSH (Secure Shell) is a program for logging into and executing commands
on a remote machine. It replaces rsh (rlogin and rsh) and
provides secure encrypted communication between two untrusted
hosts over an insecure network.
xorg-x11 (X Window System) connections and arbitrary TCP/IP ports can
also be forwarded over the secure channel.
This package contains common files for the Secure Shell server and
clients.
%package server
Summary: SSH (Secure Shell) server
Group: Productivity/Networking/SSH
Requires: %{name}-common = %{version}-%{release}
Recommends: audit
Requires(pre): findutils
Requires(pre): grep
Requires(post): %fillup_prereq
Requires(post): permissions
Provides: openssh:%{_sbindir}/sshd
%sysusers_requires
%description server
SSH (Secure Shell) is a program for logging into and executing commands
on a remote machine. It replaces rsh (rlogin and rsh) and
provides secure encrypted communication between two untrusted
hosts over an insecure network.
xorg-x11 (X Window System) connections and arbitrary TCP/IP ports can
also be forwarded over the secure channel.
This package contains the Secure Shell daemon, which allows clients to
securely connect to your server.
%package server-config-rootlogin
Summary: Config to permit root logins to sshd
Group: Productivity/Networking/SSH
Requires: %{name}-server = %{version}-%{release}
%description server-config-rootlogin
The openssh-server package by default disallows password based
root logins. This package provides a config that does. It's useful
to temporarily have a password based login to be able to use
ssh-copy-id(1).
%package clients
Summary: SSH (Secure Shell) client applications
Group: Productivity/Networking/SSH
Requires: %{name}-common = %{version}-%{release}
Provides: openssh:%{_bindir}/ssh
%description clients
SSH (Secure Shell) is a program for logging into and executing commands
on a remote machine. It replaces rsh (rlogin and rsh) and
provides secure encrypted communication between two untrusted
hosts over an insecure network.
xorg-x11 (X Window System) connections and arbitrary TCP/IP ports can
also be forwarded over the secure channel.
This package contains clients for making secure connections to Secure
Shell servers.
%if %{with ldap}
%package helpers
Summary: OpenSSH AuthorizedKeysCommand helpers
Group: Productivity/Networking/SSH
Requires: %{name}-common = %{version}-%{release}
%description helpers
SSH (Secure Shell) is a program for logging into and executing commands
on a remote machine. It replaces rsh (rlogin and rsh) and
provides secure encrypted communication between two untrusted
hosts over an insecure network.
xorg-x11 (X Window System) connections and arbitrary TCP/IP ports can
also be forwarded over the secure channel.
This package contains helper applications for OpenSSH which retrieve
keys from various sources.
%endif
%package fips
Summary: OpenSSH FIPS crypto module HMACs
Group: Productivity/Networking/SSH
Requires: %{name}-common = %{version}-%{release}
Conflicts: %{name}-common < %{version}-%{release}
Conflicts: %{name}-common > %{version}-%{release}
Obsoletes: %{name}-hmac
%description fips
This package contains hashes that, together with the main openssh packages,
form the FIPS certifiable crypto module.
%package cavs
Summary: OpenSSH FIPS crypto module CAVS tests
Group: Productivity/Networking/SSH
Requires: %{name}-common = %{version}-%{release}
%description cavs
This package contains the FIPS-140 CAVS (Cryptographic Algorithm
Validation Program/Suite) related tests of OpenSSH.
%prep
%setup -q
cp %{SOURCE3} %{SOURCE4} %{SOURCE11} .
%autopatch -p1
# set libexec dir in the LDAP patch
sed -i.libexec 's,@LIBEXECDIR@,%{_libexecdir}/ssh,' \
$( grep -Rl @LIBEXECDIR@ \
$( grep "^+++" %{PATCH31} | sed -r 's@^.+/([^/\t ]+).*$@\1@' )
)
%build
autoreconf -fiv
%ifarch s390 s390x %{sparc}
PIEFLAGS="-fPIE"
%else
PIEFLAGS="-fpie"
%endif
CFLAGS="%{optflags} $PIEFLAGS -fstack-protector"
CXXFLAGS="%{optflags} $PIEFLAGS -fstack-protector"
LDFLAGS="-pie -Wl,--as-needed"
#CPPFLAGS="%%{optflags} -DUSE_INTERNAL_B64"
export LDFLAGS CFLAGS CXXFLAGS CPPFLAGS
%configure \
--sysconfdir=%{_sysconfdir}/ssh \
--libexecdir=%{_libexecdir}/ssh \
--with-selinux \
--with-pid-dir=/run \
--with-systemd \
--with-ssl-engine \
--with-pam \
--with-kerberos5=%{_prefix} \
--with-privsep-path=%{_localstatedir}/lib/empty \
%if %{sandbox_seccomp}
--with-sandbox=seccomp_filter \
%else
--with-sandbox=rlimit \
%endif
--disable-strip \
--with-audit=linux \
%if %{with ldap}
--with-ldap \
%endif
--with-xauth=%{_bindir}/xauth \
--with-libedit \
%if %{with wtmpdb}
--with-wtmpdb \
%endif
--with-security-key-builtin \
--target=%{_target_cpu}-suse-linux
%make_build
%sysusers_generate_pre %{SOURCE14} sshd sshd.conf
%install
%make_install
%if %{defined _distconfdir}
install -d -m 755 %{buildroot}%{_pam_vendordir}
install -m 644 %{SOURCE2} %{buildroot}%{_pam_vendordir}/sshd
%else
# SLE has no distconfdir, so use sle PAM config
install -d -m 755 %{buildroot}%{_sysconfdir}/pam.d
install -m 644 %{SOURCE15} %{buildroot}%{_sysconfdir}/pam.d/sshd
%endif
install -d -m 755 %{buildroot}%{_localstatedir}/lib/sshd
install -d -m 755 %{buildroot}%{_sysconfdir}/ssh/ssh_config.d
install -d -m 755 %{buildroot}%{_sysconfdir}/ssh/sshd_config.d
install -d -m 755 %{buildroot}%{_sysconfdir}/slp.reg.d/
install -m 644 %{SOURCE5} %{buildroot}%{_sysconfdir}/slp.reg.d/
install -D -m 0644 %{SOURCE10} %{buildroot}%{_unitdir}/sshd.service
ln -s service %{buildroot}%{_sbindir}/rcsshd
install -d -m 755 %{buildroot}%{_fillupdir}
install -m 644 %{SOURCE8} %{buildroot}%{_fillupdir}
# install shell script to automate the process of adding your public key to a remote machine
install -m 755 contrib/ssh-copy-id %{buildroot}%{_bindir}
install -m 644 contrib/ssh-copy-id.1 %{buildroot}%{_mandir}/man1
sed -i -e s@%{_prefix}/libexec@%{_libexecdir}@g %{buildroot}%{_sysconfdir}/ssh/sshd_config
echo "PermitRootLogin yes" > %{buildroot}%{_sysconfdir}/ssh/sshd_config.d/50-permit-root-login.conf
# Move /etc to /usr/etc/ssh
%if %{defined _distconfdir}
mkdir -p %{buildroot}%{_distconfdir}/ssh/ssh{,d}_config.d
mv %{buildroot}%{_sysconfdir}/ssh/moduli %{buildroot}%{_distconfdir}/ssh/
mv %{buildroot}%{_sysconfdir}/ssh/ssh_config %{buildroot}%{_distconfdir}/ssh/
mv %{buildroot}%{_sysconfdir}/ssh/sshd_config %{buildroot}%{_distconfdir}/ssh/
mv %{buildroot}%{_sysconfdir}/ssh/sshd_config.d/50-permit-root-login.conf %{buildroot}%{_distconfdir}/ssh/sshd_config.d/50-permit-root-login.conf
%endif
%if 0%{?suse_version} < 1550
# install firewall definitions
mkdir -p %{buildroot}%{_fwdefdir}
install -m 644 %{SOURCE7} %{buildroot}%{_fwdefdir}/sshd
%endif
# askpass wrapper
sed -e "s,@LIBEXECDIR@,%{_libexecdir},g" < %{SOURCE6} > %{buildroot}%{_libexecdir}/ssh/ssh-askpass
sed -e "s,@LIBEXECDIR@,%{_libexecdir},g" < %{SOURCE12} > %{buildroot}%{_libexecdir}/ssh/cavs_driver-ssh.pl
rm -f %{buildroot}%{_datadir}/Ssh.bin
# sshd keys generator wrapper
install -D -m 0755 %{SOURCE9} %{buildroot}%{_sbindir}/sshd-gen-keys-start
# Install sysusers.d config for sshd user
mkdir -p %{buildroot}%{_sysusersdir}
install -m 644 %{SOURCE14} %{buildroot}%{_sysusersdir}/sshd.conf
# the hmac hashes - taken from openssl
#
# re-define the __os_install_post macro: the macro strips
# the binaries and thereby invalidates any hashes created earlier.
#
# this shows up earlier because otherwise the %%expand of
# the macro is too late.
%{expand:%%global __os_install_post {%__os_install_post
for b in \
%{_bindir}/ssh \
%{_sbindir}/sshd \
%{_libexecdir}/ssh/sftp-server \
; do
openssl dgst -sha256 -binary -hmac %{CHECKSUM_HMAC_KEY} < %{buildroot}$b > %{buildroot}$b%{CHECKSUM_SUFFIX}
done
}}
%pre server -f sshd.pre
%if %{defined _distconfdir}
# Prepare for migration to /usr/etc.
test -f /etc/pam.d/sshd.rpmsave && mv -v /etc/pam.d/sshd.rpmsave /etc/pam.d/sshd.rpmsave.old ||:
test -f /etc/ssh/sshd_config.rpmsave && mv -v /etc/ssh/sshd_config.rpmsave /etc/ssh/sshd_config.rpmsave.old ||:
%endif
%service_add_pre sshd.service
%post server
%{fillup_only -n ssh}
%service_add_post sshd.service
%preun server
%service_del_preun sshd.service
%postun server
# The openssh-fips trigger script for openssh will normally restart sshd once
# it gets installed, so only restart the service here if openssh-fips is not
# present.
if rpm -q openssh-fips >/dev/null 2>/dev/null; then
%service_del_postun_without_restart sshd.service
else
%service_del_postun sshd.service
fi
%if %{defined _distconfdir}
%posttrans server
# Migration to /usr/etc.
test -f /etc/pam.d/sshd.rpmsave && mv -v /etc/pam.d/sshd.rpmsave /etc/pam.d/sshd ||:
test -f /etc/ssh/sshd_config.rpmsave && mv -v /etc/ssh/sshd_config.rpmsave /etc/ssh/sshd_config ||:
%endif
%if %{defined _distconfdir}
%pre clients
# Prepare for migration to /usr/etc.
test -f /etc/ssh/ssh_config.rpmsave && mv -v /etc/ssh/ssh_config.rpmsave /etc/ssh/ssh_config.rpmsave.old ||:
%endif
%if %{defined _distconfdir}
%posttrans clients
# Migration to /usr/etc.
test -f /etc/ssh/ssh_config.rpmsave && mv -v /etc/ssh/ssh_config.rpmsave /etc/ssh/ssh_config ||:
%endif
%triggerin -n openssh-fips -- %{name} = %{version}-%{release}
%restart_on_update sshd
%files
# openssh is an empty package that depends on -clients and -server,
# resulting in a clean upgrade path from prior to the split even when
# recommends are disabled.
%files common
%license LICENCE
%doc README.SUSE README.kerberos README.FIPS ChangeLog OVERVIEW README TODO CREDITS
%attr(0755,root,root) %dir %{_sysconfdir}/ssh
%if %{defined _distconfdir}
%attr(0755,root,root) %dir %{_distconfdir}/ssh
%attr(0600,root,root) %{_distconfdir}/ssh/moduli
%attr(0755,root,root) %dir %{_distconfdir}/ssh/ssh_config.d
%else
%attr(0755,root,root) %dir %{_sysconfdir}/ssh
%attr(0600,root,root) %{_sysconfdir}/ssh/moduli
%attr(0755,root,root) %dir %{_sysconfdir}/ssh/ssh_config.d
%endif
%attr(0444,root,root) %{_mandir}/man1/ssh-keygen.1*
%attr(0444,root,root) %{_mandir}/man5/moduli.5*
%attr(0755,root,root) %{_bindir}/ssh-keygen*
%files server
%attr(0755,root,root) %{_sbindir}/sshd
%attr(0755,root,root) %{_sbindir}/rcsshd
%attr(0755,root,root) %{_sbindir}/sshd-gen-keys-start
%dir %attr(0755,root,root) %{_localstatedir}/lib/sshd
%dir %attr(0755,root,root) %{_sysconfdir}/ssh/sshd_config.d
%if %{defined _distconfdir}
%attr(0755,root,root) %dir %{_distconfdir}/ssh
%attr(0755,root,root) %dir %{_distconfdir}/ssh/sshd_config.d
%attr(0640,root,root) %{_distconfdir}/ssh/sshd_config
%attr(0644,root,root) %{_pam_vendordir}/sshd
%else
%attr(0640,root,root) %{_sysconfdir}/ssh/sshd_config
%attr(0644,root,root) %config(noreplace) %{_sysconfdir}/pam.d/sshd
%endif
%attr(0644,root,root) %{_unitdir}/sshd.service
%attr(0644,root,root) %{_sysusersdir}/sshd.conf
%attr(0444,root,root) %{_mandir}/man5/sshd_config*
%attr(0444,root,root) %{_mandir}/man8/sftp-server.8*
%attr(0444,root,root) %{_mandir}/man8/sshd.8*
%attr(0755,root,root) %{_libexecdir}/ssh/sftp-server
%dir %{_sysconfdir}/slp.reg.d
%config %{_sysconfdir}/slp.reg.d/ssh.reg
%{_fillupdir}/sysconfig.ssh
%if 0%{?suse_version} < 1550
%dir %{_fwdir}
%dir %{_fwdefdir}
%config %{_fwdefdir}/sshd
%endif
%files server-config-rootlogin
%if %{defined _distconfdir}
%{_distconfdir}/ssh/sshd_config.d/50-permit-root-login.conf
%else
%{_sysconfdir}/ssh/sshd_config.d/50-permit-root-login.conf
%endif
%files clients
%dir %attr(0755,root,root) %{_sysconfdir}/ssh/ssh_config.d
%if %{defined _distconfdir}
%attr(0644,root,root) %{_distconfdir}/ssh/ssh_config
%else
%attr(0644,root,root) %{_sysconfdir}/ssh/ssh_config
%endif
%attr(0755,root,root) %{_bindir}/ssh
%attr(0755,root,root) %{_bindir}/scp*
%attr(0755,root,root) %{_bindir}/sftp*
%attr(0755,root,root) %{_bindir}/ssh-add*
%attr(0755,root,root) %{_bindir}/ssh-agent*
%attr(0755,root,root) %{_bindir}/ssh-copy-id*
%attr(0755,root,root) %{_bindir}/ssh-keyscan*
%attr(0755,root,root) %dir %{_libexecdir}/ssh
%attr(0755,root,root) %{_libexecdir}/ssh/ssh-askpass*
%attr(0755,root,root) %{_libexecdir}/ssh/ssh-keysign*
%attr(0755,root,root) %{_libexecdir}/ssh/ssh-pkcs11-helper*
%attr(0755,root,root) %{_libexecdir}/ssh/ssh-sk-helper*
%attr(0444,root,root) %{_mandir}/man1/scp.1*
%attr(0444,root,root) %{_mandir}/man1/sftp.1*
%attr(0444,root,root) %{_mandir}/man1/ssh-add.1*
%attr(0444,root,root) %{_mandir}/man1/ssh-agent.1*
%attr(0444,root,root) %{_mandir}/man1/ssh-keyscan.1*
%attr(0444,root,root) %{_mandir}/man1/ssh.1*
%attr(0444,root,root) %{_mandir}/man1/ssh-copy-id.1*
%attr(0444,root,root) %{_mandir}/man5/ssh_config.5*
%attr(0444,root,root) %{_mandir}/man8/ssh-pkcs11-helper.8*
%attr(0444,root,root) %{_mandir}/man8/ssh-sk-helper.8*
%attr(0444,root,root) %{_mandir}/man8/ssh-keysign.8*
%if %{with ldap}
%files helpers
%attr(0755,root,root) %dir %{_sysconfdir}/ssh
%verify(not mode) %attr(0644,root,root) %config(noreplace) %{_sysconfdir}/ssh/ldap.conf
%attr(0755,root,root) %dir %{_libexecdir}/ssh
%attr(0755,root,root) %{_libexecdir}/ssh/ssh-ldap*
%attr(0444,root,root) %{_mandir}/man5/ssh-ldap*
%attr(0444,root,root) %{_mandir}/man8/ssh-ldap*
%doc HOWTO.ldap-keys openssh-lpk-openldap.schema openssh-lpk-sun.schema
%endif
%files fips
%attr(0444,root,root) %{_bindir}/ssh%{CHECKSUM_SUFFIX}
%attr(0444,root,root) %{_sbindir}/sshd%{CHECKSUM_SUFFIX}
%attr(0444,root,root) %{_libexecdir}/ssh/sftp-server%{CHECKSUM_SUFFIX}
%files cavs
%attr(0755,root,root) %{_libexecdir}/ssh/cavs*
%changelog

26
ssh-askpass Normal file
View File

@ -0,0 +1,26 @@
#!/bin/bash
SESSION=
if [ -n "$KDE_FULL_SESSION" ] ; then
SESSION=kde
fi
if [ "$DESKTOP_SESSION" = "lxqt" ]; then
SESSION=kde
fi
GNOME_SSH_ASKPASS="@LIBEXECDIR@/ssh/gnome-ssh-askpass"
KDE_SSH_ASKPASS="@LIBEXECDIR@/ssh/ksshaskpass"
case "$SESSION" in
kde)
[ -e $KDE_SSH_ASKPASS ] && exec $KDE_SSH_ASKPASS ${1+"$@"}
exec $GNOME_SSH_ASKPASS ${1+"$@"}
;;
*)
[ -e $GNOME_SSH_ASKPASS ] && exec $GNOME_SSH_ASKPASS ${1+"$@"}
exec $KDE_SSH_ASKPASS ${1+"$@"}
;;
esac

18
ssh.reg Normal file
View File

@ -0,0 +1,18 @@
#############################################################################
#
# OpenSLP registration file
#
# register SSH daemon
#
#############################################################################
# Register the usual sshd, if it is running
service:ssh://$HOSTNAME:22,en,65535
tcp-port=22
description=Secure Shell Daemon
# ssh can get used to copy files with konqueror using the fish:/ protocol
service:fish://$HOSTNAME:22,en,65535
tcp-port=22
description=KDE file transfer via SSH

9
sshd-gen-keys-start Normal file
View File

@ -0,0 +1,9 @@
#!/bin/sh
test -f /etc/sysconfig/ssh && . /etc/sysconfig/ssh
if [ "x$SSHD_AUTO_KEYGEN" != "xno" ]; then
echo "Checking for missing server keys in /etc/ssh"
test -d /etc/ssh || mkdir -p /etc/ssh
ssh-keygen -A
fi

11
sshd-sle.pamd Normal file
View File

@ -0,0 +1,11 @@
#%PAM-1.0
auth requisite pam_nologin.so
auth include common-auth
account requisite pam_nologin.so
account include common-account
password include common-password
session required pam_loginuid.so
session optional pam_keyinit.so force revoke
session include common-session
session optional pam_motd.so

5
sshd.fw Normal file
View File

@ -0,0 +1,5 @@
## Name: Secure Shell Server
## Description: Open ports for Secure Shell Server
# space separated list of allowed TCP ports
TCP="ssh"

14
sshd.pamd Normal file
View File

@ -0,0 +1,14 @@
#%PAM-1.0
auth requisite pam_nologin.so
auth substack common-auth
auth include postlogin-auth
account requisite pam_nologin.so
account substack common-account
account include postlogin-account
password substack common-password
password include postlogin-password
session required pam_loginuid.so
session optional pam_keyinit.so force revoke
session substack common-session
session include postlogin-session
session optional pam_motd.so

18
sshd.service Normal file
View File

@ -0,0 +1,18 @@
[Unit]
Description=OpenSSH Daemon
After=network.target
[Service]
Type=notify
EnvironmentFile=-/etc/sysconfig/ssh
ExecStartPre=/usr/sbin/sshd-gen-keys-start
ExecStartPre=/usr/sbin/sshd -t $SSHD_OPTS
ExecStart=/usr/sbin/sshd -D $SSHD_OPTS
ExecReload=/bin/kill -HUP $MAINPID
KillMode=process
Restart=on-failure
RestartPreventExitStatus=255
TasksMax=infinity
[Install]
WantedBy=multi-user.target

14
sysconfig.ssh Normal file
View File

@ -0,0 +1,14 @@
## Path: Network/Remote access/SSH
## Description: SSH server settings
## Type: string
## Default: ""
## ServiceRestart: sshd
#
# Options for sshd
#
SSHD_OPTS=""
#
# Whether to run ssh-keygen -A
#
SSHD_AUTO_KEYGEN="yes"

2
sysusers-sshd.conf Normal file
View File

@ -0,0 +1,2 @@
# Type Name ID GECOS [HOME]
u sshd - "SSH daemon" /var/lib/sshd

185
wtmpdb.patch Normal file
View File

@ -0,0 +1,185 @@
diff -ur openssh-8.9p1.old/configure.ac openssh-8.9p1/configure.ac
--- openssh-8.9p1.old/configure.ac 2022-02-23 12:31:11.000000000 +0100
+++ openssh-8.9p1/configure.ac 2023-04-17 14:52:21.499002203 +0200
@@ -1703,6 +1703,49 @@
fi ]
)
+# Check whether user wants wtmpdb support
+WTMPDB_MSG="no"
+AC_ARG_WITH([wtmpdb],
+ [ --with-wtmpdb[[=PATH]] Enable wtmpdb support for sshd],
+ [ if test "x$withval" != "xno" ; then
+ if test "x$withval" = "xyes" ; then
+ AC_PATH_TOOL([PKGCONFIG], [pkg-config], [no])
+ if test "x$PKGCONFIG" != "xno"; then
+ AC_MSG_CHECKING([if $PKGCONFIG knows about wtmpdb])
+ if "$PKGCONFIG" libwtmpdb; then
+ AC_MSG_RESULT([yes])
+ use_pkgconfig_for_libwtmpdb=yes
+ else
+ AC_MSG_RESULT([no])
+ fi
+ fi
+ else
+ CPPFLAGS="$CPPFLAGS -I${withval}/include"
+ if test -n "${rpath_opt}"; then
+ LDFLAGS="-L${withval}/lib ${rpath_opt}${withval}/lib ${LDFLAGS}"
+ else
+ LDFLAGS="-L${withval}/lib ${LDFLAGS}"
+ fi
+ fi
+ if test "x$use_pkgconfig_for_libwtmpdb" = "xyes"; then
+ LIBWTMPDB=`$PKGCONFIG --libs libwtmpdb`
+ CPPFLAGS="$CPPFLAGS `$PKGCONFIG --cflags libwtmpdb`"
+ else
+ LIBWTMPDB="-lwtmpdb"
+ fi
+ OTHERLIBS=`echo $LIBWTMPDB | sed 's/-lwtmpdb//'`
+ AC_CHECK_LIB([wtmpdb], [wtmpdb_login],
+ [ AC_DEFINE([USE_WTMPDB], [1], [Use libwtmpdb for sshd])
+ WTMPDB_MSG="yes"
+ AC_SUBST([LIBWTMPDB])
+ ],
+ [ AC_MSG_ERROR([libwtmpdb not found]) ],
+ [ $OTHERLIBS ]
+ )
+ fi ]
+)
+
+
AUDIT_MODULE=none
AC_ARG_WITH([audit],
[ --with-audit=module Enable audit support (modules=debug,bsm,linux)],
diff -ur openssh-8.9p1.old/loginrec.c openssh-8.9p1/loginrec.c
--- openssh-8.9p1.old/loginrec.c 2022-02-23 12:31:11.000000000 +0100
+++ openssh-8.9p1/loginrec.c 2023-04-18 10:05:04.311193333 +0200
@@ -187,6 +187,10 @@
# include <util.h>
#endif
+#ifdef USE_WTMPDB
+# include <wtmpdb.h>
+#endif
+
/**
** prototypes for helper functions in this file
**/
@@ -207,6 +211,9 @@
int wtmpx_write_entry(struct logininfo *li);
int lastlog_write_entry(struct logininfo *li);
int syslogin_write_entry(struct logininfo *li);
+#ifdef USE_WTMPDB
+int wtmpdb_write_entry(struct logininfo *li);
+#endif
int getlast_entry(struct logininfo *li);
int lastlog_get_entry(struct logininfo *li);
@@ -467,6 +474,9 @@
#ifdef USE_WTMPX
wtmpx_write_entry(li);
#endif
+#ifdef USE_WTMPDB
+ wtmpdb_write_entry(li);
+#endif
#ifdef CUSTOM_SYS_AUTH_RECORD_LOGIN
if (li->type == LTYPE_LOGIN &&
!sys_auth_record_login(li->username,li->hostname,li->line,
@@ -1409,6 +1419,64 @@
}
#endif /* USE_WTMPX */
+#ifdef USE_WTMPDB
+static int
+wtmpdb_perform_login(struct logininfo *li)
+{
+ uint64_t login_time = li->tv_sec * ((uint64_t) 1000000ULL) + li->tv_usec;
+ const char *tty;
+
+ if (strncmp(li->line, "/dev/", 5) == 0)
+ tty = &(li->line[5]);
+ else
+ tty = li->line;
+
+ li->wtmpdb_id = wtmpdb_login(NULL, USER_PROCESS, li->username,
+ login_time, tty, li->hostname, 0, 0);
+ if (li->wtmpdb_id < 0)
+ return (0);
+
+ return (1);
+}
+
+
+static int
+wtmpdb_perform_logout(struct logininfo *li)
+{
+ uint64_t logout_time = li->tv_sec * ((uint64_t) 1000000ULL) + li->tv_usec;
+
+ if (li->wtmpdb_id == 0) {
+ const char *tty;
+
+ if (strncmp(li->line, "/dev/", 5) == 0)
+ tty = &(li->line[5]);
+ else
+ tty = li->line;
+
+ li->wtmpdb_id = wtmpdb_get_id(NULL, tty, NULL);
+ }
+ wtmpdb_logout(NULL, li->wtmpdb_id, logout_time, NULL);
+
+ return (1);
+}
+
+
+int
+wtmpdb_write_entry(struct logininfo *li)
+{
+ switch(li->type) {
+ case LTYPE_LOGIN:
+ return (wtmpdb_perform_login(li));
+ case LTYPE_LOGOUT:
+ return (wtmpdb_perform_logout(li));
+ default:
+ logit("%s: invalid type field", __func__);
+ return (0);
+ }
+}
+#endif
+
+
/**
** Low-level libutil login() functions
**/
diff -ur openssh-8.9p1.old/loginrec.h openssh-8.9p1/loginrec.h
--- openssh-8.9p1.old/loginrec.h 2022-02-23 12:31:11.000000000 +0100
+++ openssh-8.9p1/loginrec.h 2023-04-17 14:58:20.808850750 +0200
@@ -79,6 +79,9 @@
unsigned int tv_sec;
unsigned int tv_usec;
union login_netinfo hostaddr; /* caller's host address(es) */
+#ifdef USE_WTMPDB
+ int64_t wtmpdb_id; /* ID for wtmpdb_logout */
+#endif
}; /* struct logininfo */
/*
diff -ur openssh-8.9p1.old/Makefile.in openssh-8.9p1/Makefile.in
--- openssh-8.9p1.old/Makefile.in 2022-02-23 12:31:11.000000000 +0100
+++ openssh-8.9p1/Makefile.in 2023-04-17 14:44:32.156538001 +0200
@@ -55,6 +55,7 @@
SSHDLIBS=@SSHDLIBS@
LIBEDIT=@LIBEDIT@
LIBFIDO2=@LIBFIDO2@
+LIBWTMPDB=@LIBWTMPDB@
AR=@AR@
AWK=@AWK@
RANLIB=@RANLIB@
@@ -212,7 +213,7 @@
$(LD) -o $@ $(SSHOBJS) $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS) $(GSSLIBS) $(CHANNELLIBS)
sshd$(EXEEXT): libssh.a $(LIBCOMPAT) $(SSHDOBJS)
- $(LD) -o $@ $(SSHDOBJS) $(LDFLAGS) -lssh -lopenbsd-compat $(SSHDLIBS) $(LIBS) $(GSSLIBS) $(K5LIBS) $(CHANNELLIBS)
+ $(LD) -o $@ $(SSHDOBJS) $(LDFLAGS) -lssh -lopenbsd-compat $(SSHDLIBS) $(LIBS) $(GSSLIBS) $(K5LIBS) $(CHANNELLIBS) $(LIBWTMPDB)
scp$(EXEEXT): $(LIBCOMPAT) libssh.a $(SCP_OBJS)
$(LD) -o $@ $(SCP_OBJS) $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS)