From 094cd910aa460e8cee720b0f5cea873e4e80f6811ded68e0ff9d020801edf5a7 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Adrian=20Schr=C3=B6ter?= Date: Mon, 4 Nov 2024 17:28:24 +0100 Subject: [PATCH] Sync from SUSE:SLFO:Main openssh revision a671063fcb9bb4733f77682129b431c2 --- ...ients-and-fix-handling-in-ssh-client.patch | 414 ++++++ 0001-fix-utmpx-ifdef.patch | 36 + ...tly-restore-sigprocmask-around-ppoll.patch | 55 - ...iplexing-mode_-broken-when-keystroke.patch | 32 - ...bscureKeystrokeTiming-chaff-packets_.patch | 38 - ...introduced-when-I-switched-the-Match.patch | 291 ++++ ...to-ssh_config-Match_-which-broken-on.patch | 65 + ...KEX-on-big-endian-systems-spotted-by.patch | 94 ++ fix-CVE-2024-6387.patch | 19 - fix-missing-lz.patch | 25 - fix-x11-regression-bsc1229449.patch | 56 + logind_set_tty.patch | 15 +- openssh-6.6.1p1-selinux-contexts.patch | 6 +- openssh-6.6p1-keycat.patch | 704 ++++----- openssh-6.6p1-privsep-selinux.patch | 27 +- openssh-7.6p1-cleanup-selinux.patch | 49 +- openssh-7.7p1-cavstest-ctr.patch | 6 +- openssh-7.7p1-cavstest-kdf.patch | 6 +- openssh-7.7p1-fips.patch | 20 +- openssh-7.7p1-fips_checks.patch | 4 +- openssh-7.7p1-ldap.patch | 4 +- openssh-7.7p1-pam_check_locks.patch | 23 +- openssh-7.7p1-systemd-notify.patch | 4 +- openssh-7.8p1-role-mls.patch | 204 ++- openssh-8.0p1-gssapi-keyex.patch | 1314 +++++++++-------- openssh-8.1p1-audit.patch | 469 +++--- openssh-8.4p1-vendordir.patch | 36 +- openssh-9.6p1-crypto-policies-man.patch | 47 +- openssh-9.6p1.tar.gz | 3 - openssh-9.6p1.tar.gz.asc | 16 - openssh-9.9p1.tar.gz | 3 + openssh-9.9p1.tar.gz.asc | 16 + openssh-askpass-gnome.changes | 14 + openssh-askpass-gnome.spec | 4 +- openssh-mitigate-lingering-secrets.patch | 67 +- ...ssh-reenable-dh-group14-sha1-default.patch | 4 +- openssh.changes | 512 +++++++ openssh.spec | 120 +- sshd-sle.pamd | 1 - sshd.socket | 11 + sshd@.service | 11 + wtmpdb.patch | 10 +- 42 files changed, 3051 insertions(+), 1804 deletions(-) create mode 100644 0001-auth-pam-Immediately-report-instructions-to-clients-and-fix-handling-in-ssh-client.patch create mode 100644 0001-fix-utmpx-ifdef.patch delete mode 100644 0001-upstream-correctly-restore-sigprocmask-around-ppoll.patch delete mode 100644 0001-upstream-fix-proxy-multiplexing-mode_-broken-when-keystroke.patch delete mode 100644 0001-upstream-when-sending-ObscureKeystrokeTiming-chaff-packets_.patch create mode 100644 0002-upstream-fix-regression-introduced-when-I-switched-the-Match.patch create mode 100644 0003-upstream-fix-previous-change-to-ssh_config-Match_-which-broken-on.patch create mode 100644 0004-upstream-fix-ML-KEM768x25519-KEX-on-big-endian-systems-spotted-by.patch delete mode 100644 fix-CVE-2024-6387.patch delete mode 100644 fix-missing-lz.patch create mode 100644 fix-x11-regression-bsc1229449.patch delete mode 100644 openssh-9.6p1.tar.gz delete mode 100644 openssh-9.6p1.tar.gz.asc create mode 100644 openssh-9.9p1.tar.gz create mode 100644 openssh-9.9p1.tar.gz.asc create mode 100644 sshd.socket create mode 100644 sshd@.service diff --git a/0001-auth-pam-Immediately-report-instructions-to-clients-and-fix-handling-in-ssh-client.patch b/0001-auth-pam-Immediately-report-instructions-to-clients-and-fix-handling-in-ssh-client.patch new file mode 100644 index 0000000..70d5b4a --- /dev/null +++ b/0001-auth-pam-Immediately-report-instructions-to-clients-and-fix-handling-in-ssh-client.patch @@ -0,0 +1,414 @@ +From 7c116ef927a8ef14d09065757f75560fa0ab79d0 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Marco=20Trevisan=20=28Trevi=C3=B1o=29?= +Date: Tue, 17 Oct 2023 04:04:13 +0200 +Subject: [PATCH 1/6] auth: Add KbdintResult definition to define result values + explicitly + +kbdint result vfunc may return various values, so use an enum to make it +clearer what each result means without having to dig into the struct +documentation. +--- + auth-bsdauth.c | 2 +- + auth-pam.c | 10 +++++----- + auth.h | 5 +++++ + auth2-chall.c | 4 ++-- + 4 files changed, 13 insertions(+), 8 deletions(-) + +diff --git a/auth-bsdauth.c b/auth-bsdauth.c +index d124e994e77..ca41735debb 100644 +--- a/auth-bsdauth.c ++++ b/auth-bsdauth.c +@@ -111,7 +111,7 @@ bsdauth_respond(void *ctx, u_int numresponses, char **responses) + authctxt->as = NULL; + debug3("bsdauth_respond: <%s> = <%d>", responses[0], authok); + +- return (authok == 0) ? -1 : 0; ++ return (authok == 0) ? KbdintResultFailure : KbdintResultSuccess; + } + + static void +diff --git a/auth-pam.c b/auth-pam.c +index b49d415e7c7..86137a1acdb 100644 +--- a/auth-pam.c ++++ b/auth-pam.c +@@ -990,15 +990,15 @@ sshpam_respond(void *ctx, u_int num, char **resp) + switch (ctxt->pam_done) { + case 1: + sshpam_authenticated = 1; +- return (0); ++ return KbdintResultSuccess; + case 0: + break; + default: +- return (-1); ++ return KbdintResultFailure; + } + if (num != 1) { + error("PAM: expected one response, got %u", num); +- return (-1); ++ return KbdintResultFailure; + } + if ((buffer = sshbuf_new()) == NULL) + fatal("%s: sshbuf_new failed", __func__); +@@ -1015,10 +1015,10 @@ sshpam_respond(void *ctx, u_int num, char **resp) + } + if (ssh_msg_send(ctxt->pam_psock, PAM_AUTHTOK, buffer) == -1) { + sshbuf_free(buffer); +- return (-1); ++ return KbdintResultFailure; + } + sshbuf_free(buffer); +- return (1); ++ return KbdintResultAgain; + } + + static void +diff --git a/auth.h b/auth.h +index 6d2d3976234..aac1e92d9cd 100644 +--- a/auth.h ++++ b/auth.h +@@ -51,6 +51,7 @@ struct sshauthopt; + typedef struct Authctxt Authctxt; + typedef struct Authmethod Authmethod; + typedef struct KbdintDevice KbdintDevice; ++typedef int KbdintResult; + + struct Authctxt { + sig_atomic_t success; +@@ -111,6 +112,10 @@ struct Authmethod { +# int *enabled; + int (*userauth)(struct ssh *, const char *); + }; + ++#define KbdintResultFailure -1 ++#define KbdintResultSuccess 0 ++#define KbdintResultAgain 1 ++ + /* + * Keyboard interactive device: + * init_ctx returns: non NULL upon success +diff --git a/auth2-chall.c b/auth2-chall.c +index 021df829173..047d4e83c33 100644 +--- a/auth2-chall.c ++++ b/auth2-chall.c +@@ -331,11 +331,11 @@ input_userauth_info_response(int type, u_int32_t seq, struct ssh *ssh) + free(response); + + switch (res) { +- case 0: ++ case KbdintResultSuccess: + /* Success! */ + authenticated = authctxt->valid ? 1 : 0; + break; +- case 1: ++ case KbdintResultAgain: + /* Authentication needs further interaction */ + if (send_userauth_info_request(ssh) == 1) + authctxt->postponed = 1; + +From 91ef15e8ed01a7e16d96ba6cb9ed51965dca9641 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Marco=20Trevisan=20=28Trevi=C3=B1o=29?= +Date: Mon, 16 Oct 2023 21:15:45 +0200 +Subject: [PATCH 2/6] auth-pam: Add an enum to define the PAM done status + +Makes things more readable and easier to extend +--- + auth-pam.c | 17 +++++++++++------ + 1 file changed, 11 insertions(+), 6 deletions(-) + +diff --git a/auth-pam.c b/auth-pam.c +index 86137a1acdb..21291631011 100644 +--- a/auth-pam.c ++++ b/auth-pam.c +@@ -136,11 +136,16 @@ typedef pid_t sp_pthread_t; + #define pthread_join fake_pthread_join + #endif + ++typedef int SshPamDone; ++#define SshPamError -1 ++#define SshPamNone 0 ++#define SshPamAuthenticated 1 ++ + struct pam_ctxt { + sp_pthread_t pam_thread; + int pam_psock; + int pam_csock; +- int pam_done; ++ SshPamDone pam_done; + }; + + static void sshpam_free_ctx(void *); +@@ -904,7 +909,7 @@ sshpam_query(void *ctx, char **name, char **info, + **prompts = NULL; + *num = 0; + **echo_on = 0; +- ctxt->pam_done = -1; ++ ctxt->pam_done = SshPamError; + free(msg); + sshbuf_free(buffer); + return 0; +@@ -931,7 +936,7 @@ sshpam_query(void *ctx, char **name, char **info, + import_environments(buffer); + *num = 0; + **echo_on = 0; +- ctxt->pam_done = 1; ++ ctxt->pam_done = SshPamAuthenticated; + free(msg); + sshbuf_free(buffer); + return (0); +@@ -944,7 +949,7 @@ sshpam_query(void *ctx, char **name, char **info, + *num = 0; + **echo_on = 0; + free(msg); +- ctxt->pam_done = -1; ++ ctxt->pam_done = SshPamError; + sshbuf_free(buffer); + return (-1); + } +@@ -988,10 +993,10 @@ sshpam_respond(void *ctx, u_int num, char **resp) + + debug2("PAM: %s entering, %u responses", __func__, num); + switch (ctxt->pam_done) { +- case 1: ++ case SshPamAuthenticated: + sshpam_authenticated = 1; + return KbdintResultSuccess; +- case 0: ++ case SshPamNone: + break; + default: + return KbdintResultFailure; + +From 6fa8934d31cb9925c856f1b992fc5e04dd26da21 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Marco=20Trevisan=20=28Trevi=C3=B1o=29?= +Date: Tue, 17 Oct 2023 04:35:17 +0200 +Subject: [PATCH 3/6] auth-pam: Add debugging information when we receive PAM + messages + +--- + auth-pam.c | 3 +++ + 1 file changed, 3 insertions(+) + +diff --git a/auth-pam.c b/auth-pam.c +index 21291631011..7a72e724adc 100644 +--- a/auth-pam.c ++++ b/auth-pam.c +@@ -450,6 +450,9 @@ sshpam_thread_conv(int n, sshpam_const struct pam_message **msg, + break; + case PAM_ERROR_MSG: + case PAM_TEXT_INFO: ++ debug3("PAM: Got message of type %d: %s", ++ PAM_MSG_MEMBER(msg, i, msg_style), ++ PAM_MSG_MEMBER(msg, i, msg)); + if ((r = sshbuf_put_cstring(buffer, + PAM_MSG_MEMBER(msg, i, msg))) != 0) + fatal("%s: buffer error: %s", + +From 598ee34312b541fa7b3988b4896641bf81996e27 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Marco=20Trevisan=20=28Trevi=C3=B1o=29?= +Date: Tue, 17 Oct 2023 04:27:32 +0200 +Subject: [PATCH 4/6] auth-pam: Immediately report interactive instructions to + clients + +SSH keyboard-interactive authentication method supports instructions but +sshd didn't show them until an user prompt was requested. + +This is quite inconvenient for various PAM modules that need to notify +an user without requiring for their explicit input. + +So, properly implement RFC4256 making instructions to be shown to users +when they are requested from PAM. + +Closes: https://bugzilla.mindrot.org/show_bug.cgi?id=2876 +--- + auth-pam.c | 21 ++++++++++++--------- + 1 file changed, 12 insertions(+), 9 deletions(-) + +diff --git a/auth-pam.c b/auth-pam.c +index 7a72e724adc..b756f0e5221 100644 +--- a/auth-pam.c ++++ b/auth-pam.c +@@ -140,6 +140,7 @@ typedef int SshPamDone; + #define SshPamError -1 + #define SshPamNone 0 + #define SshPamAuthenticated 1 ++#define SshPamAgain 2 + + struct pam_ctxt { + sp_pthread_t pam_thread; +@@ -868,6 +869,8 @@ sshpam_query(void *ctx, char **name, char **info, + **prompts = NULL; + plen = 0; + *echo_on = xmalloc(sizeof(u_int)); ++ ctxt->pam_done = SshPamNone; ++ + while (ssh_msg_recv(ctxt->pam_psock, buffer) == 0) { + if (++nmesg > PAM_MAX_NUM_MSG) + fatal_f("too many query messages"); +@@ -888,15 +891,13 @@ sshpam_query(void *ctx, char **name, char **info, + return (0); + case PAM_ERROR_MSG: + case PAM_TEXT_INFO: +- /* accumulate messages */ +- len = plen + mlen + 2; +- **prompts = xreallocarray(**prompts, 1, len); +- strlcpy(**prompts + plen, msg, len - plen); +- plen += mlen; +- strlcat(**prompts + plen, "\n", len - plen); +- plen++; +- free(msg); +- break; ++ *num = 0; ++ free(*info); ++ *info = msg; /* Steal the message */ ++ msg = NULL; ++ ctxt->pam_done = SshPamAgain; ++ sshbuf_free(buffer); ++ return (0); + case PAM_ACCT_EXPIRED: + case PAM_MAXTRIES: + if (type == PAM_ACCT_EXPIRED) +@@ -1001,6 +1002,8 @@ sshpam_respond(void *ctx, u_int num, char **resp) + return KbdintResultSuccess; + case SshPamNone: + break; ++ case SshPamAgain: ++ return KbdintResultAgain; + default: + return KbdintResultFailure; + } + +From cc14301ce0542cdbb825eff8041ce98a1da9ef08 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Marco=20Trevisan=20=28Trevi=C3=B1o=29?= +Date: Tue, 17 Oct 2023 06:12:03 +0200 +Subject: [PATCH 5/6] sshconnect2: Write kbd-interactive service, info and + instructions as utf-8 +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +As per the previous server change now the keyboard-interactive service +and instruction values could be reported as soon as they are available +and so they're not prompts anymore and not parsed like them. + +While this was already supported by the SSH client, these messages were +not properly written as the escaped sequences they contained were not +correctly reported. + +So for example a message containing "\" was represented as "\\" and +similarly for all the other C escape sequences. + +This was leading to more problems when it come to utf-8 chars, as they +were only represented by their octal representation. + +This was easily testable by adding a line like the one below to the +sshd PAM service: + auth requisite pam_echo.so Hello SSHD! Want some 🍕? + +Which was causing this to be written instead: + Hello SSHD! Want some \360\237\215\225? + +To handle this, instead of simply using fmprintf, we're using the notifier +in a way can be exposed to users in the proper format and UI. +--- + sshconnect2.c | 33 ++++++++++++++++++++++++--------- + 1 file changed, 24 insertions(+), 9 deletions(-) + +diff --git a/sshconnect2.c b/sshconnect2.c +index 5831a00c6d1..543431218c1 100644 +--- a/sshconnect2.c ++++ b/sshconnect2.c +@@ -1091,6 +1091,7 @@ input_userauth_passwd_changereq(int type, u_int32_t seqnr, struct ssh *ssh) + char *info = NULL, *lang = NULL, *password = NULL, *retype = NULL; + char prompt[256]; + const char *host; ++ size_t info_len; + int r; + + debug2("input_userauth_passwd_changereq"); +@@ -1100,11 +1101,15 @@ input_userauth_passwd_changereq(int type, u_int32_t seqnr, struct ssh *ssh) + "no authentication context"); + host = options.host_key_alias ? options.host_key_alias : authctxt->host; + +- if ((r = sshpkt_get_cstring(ssh, &info, NULL)) != 0 || ++ if ((r = sshpkt_get_cstring(ssh, &info, &info_len)) != 0 || + (r = sshpkt_get_cstring(ssh, &lang, NULL)) != 0) + goto out; +- if (strlen(info) > 0) +- logit("%s", info); ++ if (info_len > 0) { ++ struct notifier_ctx *notifier = NULL; ++ debug_f("input_userauth_passwd_changereq info: %s", info); ++ notifier = notify_start(0, "%s", info); ++ notify_complete(notifier, NULL); ++ } + if ((r = sshpkt_start(ssh, SSH2_MSG_USERAUTH_REQUEST)) != 0 || + (r = sshpkt_put_cstring(ssh, authctxt->server_user)) != 0 || + (r = sshpkt_put_cstring(ssh, authctxt->service)) != 0 || +@@ -1938,8 +1943,10 @@ input_userauth_info_req(int type, u_int32_t seq, struct ssh *ssh) + Authctxt *authctxt = ssh->authctxt; + char *name = NULL, *inst = NULL, *lang = NULL, *prompt = NULL; + char *display_prompt = NULL, *response = NULL; ++ struct notifier_ctx *notifier = NULL; + u_char echo = 0; + u_int num_prompts, i; ++ size_t name_len, inst_len; + int r; + + debug2_f("entering"); +@@ -1949,14 +1956,22 @@ input_userauth_info_req(int type, u_int32_t seq, struct ssh *ssh) + + authctxt->info_req_seen = 1; + +- if ((r = sshpkt_get_cstring(ssh, &name, NULL)) != 0 || +- (r = sshpkt_get_cstring(ssh, &inst, NULL)) != 0 || ++ if ((r = sshpkt_get_cstring(ssh, &name, &name_len)) != 0 || ++ (r = sshpkt_get_cstring(ssh, &inst, &inst_len)) != 0 || + (r = sshpkt_get_cstring(ssh, &lang, NULL)) != 0) + goto out; +- if (strlen(name) > 0) +- logit("%s", name); +- if (strlen(inst) > 0) +- logit("%s", inst); ++ if (name_len > 0) { ++ debug_f("kbd int name: %s", name); ++ notifier = notify_start(0, "%s", name); ++ notify_complete(notifier, NULL); ++ notifier = NULL; ++ } ++ if (inst_len > 0) { ++ debug_f("kbd int inst: %s", inst); ++ notifier = notify_start(0, "%s", inst); ++ notify_complete(notifier, NULL); ++ notifier = NULL; ++ } + + if ((r = sshpkt_get_u32(ssh, &num_prompts)) != 0) + goto out; + +From 99656caabc5cff24122e5b9a140e5a38ab418a5d Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Marco=20Trevisan=20=28Trevi=C3=B1o=29?= +Date: Tue, 17 Oct 2023 06:05:59 +0200 +Subject: [PATCH 6/6] auth2-chall: Fix selection of the keyboard-interactive + device + +We were only checking if the prefix of a device name was matching what +we had in the devices list, so if the device list contained "pam", then +also the device "pam-foo" was matching. +--- + auth2-chall.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/auth2-chall.c b/auth2-chall.c +index 047d4e83c33..db658c9b4a7 100644 +--- a/auth2-chall.c ++++ b/auth2-chall.c +@@ -170,7 +170,7 @@ kbdint_next_device(Authctxt *authctxt, KbdintAuthctxt *kbdintctxt) + "keyboard-interactive", devices[i]->name)) + continue; + if (strncmp(kbdintctxt->devices, devices[i]->name, +- len) == 0) { ++ len) == 0 && strlen(devices[i]->name) == len) { + kbdintctxt->device = devices[i]; + kbdintctxt->devices_done |= 1 << i; + } diff --git a/0001-fix-utmpx-ifdef.patch b/0001-fix-utmpx-ifdef.patch new file mode 100644 index 0000000..2472f02 --- /dev/null +++ b/0001-fix-utmpx-ifdef.patch @@ -0,0 +1,36 @@ +From c7fda601186ff28128cfe3eab9c9c0622de096e1 Mon Sep 17 00:00:00 2001 +From: Christoph Ostarek +Date: Wed, 3 Jul 2024 12:46:59 +0200 +Subject: fix utmpx ifdef + +02e16ad95fb1f56ab004b01a10aab89f7103c55d did a copy-paste for +utmpx, but forgot to change the ifdef appropriately +--- + loginrec.c | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/loginrec.c b/loginrec.c +index 7460bb2c..45f13dee 100644 +--- a/loginrec.c ++++ b/loginrec.c +@@ -723,7 +723,7 @@ set_utmpx_time(struct logininfo *li, struct utmpx *utx) + void + construct_utmpx(struct logininfo *li, struct utmpx *utx) + { +-# ifdef HAVE_ADDR_V6_IN_UTMP ++# ifdef HAVE_ADDR_V6_IN_UTMPX + struct sockaddr_in6 *sa6; + # endif + memset(utx, '\0', sizeof(*utx)); +@@ -769,7 +769,7 @@ construct_utmpx(struct logininfo *li, struct utmpx *utx) + if (li->hostaddr.sa.sa_family == AF_INET) + utx->ut_addr = li->hostaddr.sa_in.sin_addr.s_addr; + # endif +-# ifdef HAVE_ADDR_V6_IN_UTMP ++# ifdef HAVE_ADDR_V6_IN_UTMPX + /* this is just a 128-bit IPv6 address */ + if (li->hostaddr.sa.sa_family == AF_INET6) { + sa6 = ((struct sockaddr_in6 *)&li->hostaddr.sa); +-- +cgit v1.2.3 + diff --git a/0001-upstream-correctly-restore-sigprocmask-around-ppoll.patch b/0001-upstream-correctly-restore-sigprocmask-around-ppoll.patch deleted file mode 100644 index 25a13fe..0000000 --- a/0001-upstream-correctly-restore-sigprocmask-around-ppoll.patch +++ /dev/null @@ -1,55 +0,0 @@ -From 66aaa678dbe59aa21d0d9d89a3596ecedde0254b Mon Sep 17 00:00:00 2001 -From: "djm@openbsd.org" -Date: Tue, 30 Apr 2024 02:14:10 +0000 -Subject: [PATCH] upstream: correctly restore sigprocmask around ppoll() - reported -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -by Tõivo Leedjärv; ok deraadt@ - -OpenBSD-Commit-ID: c0c0f89de5294a166578f071eade2501929c4686 ---- - clientloop.c | 4 ++-- - serverloop.c | 4 ++-- - 2 files changed, 4 insertions(+), 4 deletions(-) - -diff --git a/clientloop.c b/clientloop.c -index be8bb5fc1f2..8ea2ada4216 100644 ---- a/clientloop.c -+++ b/clientloop.c -#@@ -1,4 +1,4 @@ -#-/* $OpenBSD: clientloop.c,v 1.404 2024/04/30 02:10:49 djm Exp $ */ -#+/* $OpenBSD: clientloop.c,v 1.405 2024/04/30 02:14:10 djm Exp $ */ -# /* -# * Author: Tatu Ylonen -# * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland -@@ -1585,7 +1585,7 @@ client_loop(struct ssh *ssh, int have_pty, int escape_char_arg, - client_wait_until_can_do_something(ssh, &pfd, &npfd_alloc, - &npfd_active, channel_did_enqueue, &osigset, - &conn_in_ready, &conn_out_ready); -- if (sigprocmask(SIG_UNBLOCK, &bsigset, &osigset) == -1) -+ if (sigprocmask(SIG_SETMASK, &osigset, NULL) == -1) - error_f("osigset sigprocmask: %s", strerror(errno)); - - if (quit_pending) -diff --git a/serverloop.c b/serverloop.c -index f3683c2e4a6..94c8943a616 100644 ---- a/serverloop.c -+++ b/serverloop.c -@@ -1,4 +1,4 @@ --/* $OpenBSD: serverloop.c,v 1.237 2023/08/21 04:59:54 djm Exp $ */ -+/* $OpenBSD: serverloop.c,v 1.238 2024/04/30 02:14:10 djm Exp $ */ - /* - * Author: Tatu Ylonen - * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland -@@ -380,7 +380,7 @@ server_loop2(struct ssh *ssh, Authctxt *authctxt) - wait_until_can_do_something(ssh, connection_in, connection_out, - &pfd, &npfd_alloc, &npfd_active, &osigset, - &conn_in_ready, &conn_out_ready); -- if (sigprocmask(SIG_UNBLOCK, &bsigset, &osigset) == -1) -+ if (sigprocmask(SIG_SETMASK, &osigset, NULL) == -1) - error_f("osigset sigprocmask: %s", strerror(errno)); - - if (received_sigterm) { diff --git a/0001-upstream-fix-proxy-multiplexing-mode_-broken-when-keystroke.patch b/0001-upstream-fix-proxy-multiplexing-mode_-broken-when-keystroke.patch deleted file mode 100644 index feffd9c..0000000 --- a/0001-upstream-fix-proxy-multiplexing-mode_-broken-when-keystroke.patch +++ /dev/null @@ -1,32 +0,0 @@ -From 9844aa2521ccfb1a2d73745680327b79e0574445 Mon Sep 17 00:00:00 2001 -From: "djm@openbsd.org" -Date: Wed, 21 Feb 2024 05:57:34 +0000 -Subject: [PATCH] upstream: fix proxy multiplexing mode, broken when keystroke - timing - -obfuscation was added. GHPR#463 from montag451 - -OpenBSD-Commit-ID: 4e412d59b3f557d431f1d81c715a3bc0491cc677 ---- - clientloop.c | 4 ++-- - 1 file changed, 2 insertions(+), 2 deletions(-) - -diff --git a/clientloop.c b/clientloop.c -index eb4902905fb..8ec36af94b3 100644 ---- a/clientloop.c -+++ b/clientloop.c -@@ -1,4 +1,4 @@ --/* $OpenBSD: clientloop.c,v 1.402 2023/11/24 00:31:30 dtucker Exp $ */ -+/* $OpenBSD: clientloop.c,v 1.403 2024/02/21 05:57:34 djm Exp $ */ - /* - * Author: Tatu Ylonen - * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland -@@ -517,7 +517,7 @@ send_chaff(struct ssh *ssh) - { - int r; - -- if ((ssh->kex->flags & KEX_HAS_PING) == 0) -+ if (ssh->kex == NULL || (ssh->kex->flags & KEX_HAS_PING) == 0) - return 0; - /* XXX probabilistically send chaff? */ - /* diff --git a/0001-upstream-when-sending-ObscureKeystrokeTiming-chaff-packets_.patch b/0001-upstream-when-sending-ObscureKeystrokeTiming-chaff-packets_.patch deleted file mode 100644 index 6229cba..0000000 --- a/0001-upstream-when-sending-ObscureKeystrokeTiming-chaff-packets_.patch +++ /dev/null @@ -1,38 +0,0 @@ -From 146c420d29d055cc75c8606327a1cf8439fe3a08 Mon Sep 17 00:00:00 2001 -From: "djm@openbsd.org" -Date: Mon, 1 Jul 2024 04:31:17 +0000 -Subject: [PATCH] upstream: when sending ObscureKeystrokeTiming chaff packets, - we - -can't rely on channel_did_enqueue to tell that there is data to send. This -flag indicates that the channels code enqueued a packet on _this_ ppoll() -iteration, not that data was enqueued in _any_ ppoll() iteration in the -timeslice. ok markus@ - -OpenBSD-Commit-ID: 009b74fd2769b36b5284a0188ade182f00564136 ---- - clientloop.c | 7 ++++--- - 1 file changed, 4 insertions(+), 3 deletions(-) - -diff --git a/clientloop.c b/clientloop.c -index 0b6f3c9be02..8ed8b1c3449 100644 ---- a/clientloop.c -+++ b/clientloop.c -#@@ -1,4 +1,4 @@ -#-/* $OpenBSD: clientloop.c,v 1.407 2024/05/17 06:42:04 jsg Exp $ */ -#+/* $OpenBSD: clientloop.c,v 1.408 2024/07/01 04:31:17 djm Exp $ */ -# /* -# * Author: Tatu Ylonen -# * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland -@@ -607,8 +607,9 @@ obfuscate_keystroke_timing(struct ssh *ssh, struct timespec *timeout, - if (timespeccmp(&now, &chaff_until, >=)) { - /* Stop if there have been no keystrokes for a while */ - stop_reason = "chaff time expired"; -- } else if (timespeccmp(&now, &next_interval, >=)) { -- /* Otherwise if we were due to send, then send chaff */ -+ } else if (timespeccmp(&now, &next_interval, >=) && -+ !ssh_packet_have_data_to_write(ssh)) { -+ /* If due to send but have no data, then send chaff */ - if (send_chaff(ssh)) - nchaff++; - } diff --git a/0002-upstream-fix-regression-introduced-when-I-switched-the-Match.patch b/0002-upstream-fix-regression-introduced-when-I-switched-the-Match.patch new file mode 100644 index 0000000..f322b30 --- /dev/null +++ b/0002-upstream-fix-regression-introduced-when-I-switched-the-Match.patch @@ -0,0 +1,291 @@ +From 66878e12a207fa9746dee3e2bdcca29b704cf035 Mon Sep 17 00:00:00 2001 +From: "djm@openbsd.org" +Date: Wed, 25 Sep 2024 01:24:04 +0000 +Subject: upstream: fix regression introduced when I switched the "Match" + +criteria tokeniser to a more shell-like one. Apparently the old tokeniser +(accidentally?) allowed "Match criteria=argument" as well as the "Match +criteria argument" syntax that we tested for. + +People were using this syntax so this adds back support for +"Match criteria=argument" + +bz3739 ok dtucker + +OpenBSD-Commit-ID: d1eebedb8c902002b75b75debfe1eeea1801f58a +--- + misc.c | 23 ++++++++++++++++++++++- + misc.h | 3 ++- + readconf.c | 28 +++++++++++++++++++++++----- + servconf.c | 57 ++++++++++++++++++++++++++++++++++++++++++--------------- + 4 files changed, 89 insertions(+), 22 deletions(-) + +diff --git a/misc.c b/misc.c +index afdf5142..1b4b55c5 100644 +--- a/misc.c ++++ b/misc.c +@@ -1,4 +1,4 @@ +-/* $OpenBSD: misc.c,v 1.196 2024/06/06 17:15:25 djm Exp $ */ ++/* $OpenBSD: misc.c,v 1.197 2024/09/25 01:24:04 djm Exp $ */ + /* + * Copyright (c) 2000 Markus Friedl. All rights reserved. + * Copyright (c) 2005-2020 Damien Miller. All rights reserved. +@@ -107,6 +107,27 @@ rtrim(char *s) + } + } + ++/* ++ * returns pointer to character after 'prefix' in 's' or otherwise NULL ++ * if the prefix is not present. ++ */ ++const char * ++strprefix(const char *s, const char *prefix, int ignorecase) ++{ ++ size_t prefixlen; ++ ++ if ((prefixlen = strlen(prefix)) == 0) ++ return s; ++ if (ignorecase) { ++ if (strncasecmp(s, prefix, prefixlen) != 0) ++ return NULL; ++ } else { ++ if (strncmp(s, prefix, prefixlen) != 0) ++ return NULL; ++ } ++ return s + prefixlen; ++} ++ + /* set/unset filedescriptor to non-blocking */ + int + set_nonblock(int fd) +diff --git a/misc.h b/misc.h +index 11340389..efecdf1a 100644 +--- a/misc.h ++++ b/misc.h +@@ -1,4 +1,4 @@ +-/* $OpenBSD: misc.h,v 1.109 2024/06/06 17:15:25 djm Exp $ */ ++/* $OpenBSD: misc.h,v 1.110 2024/09/25 01:24:04 djm Exp $ */ + + /* + * Author: Tatu Ylonen +@@ -56,6 +56,7 @@ struct ForwardOptions { + char *chop(char *); + void rtrim(char *); + void skip_space(char **); ++const char *strprefix(const char *, const char *, int); + char *strdelim(char **); + char *strdelimw(char **); + int set_nonblock(int); +diff --git a/readconf.c b/readconf.c +index 3d9cc6db..de42fb6f 100644 +--- a/readconf.c ++++ b/readconf.c +@@ -1,4 +1,4 @@ +-/* $OpenBSD: readconf.c,v 1.390 2024/09/15 00:57:36 djm Exp $ */ ++/* $OpenBSD: readconf.c,v 1.391 2024/09/25 01:24:04 djm Exp $ */ + /* + * Author: Tatu Ylonen + * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland +@@ -710,7 +710,7 @@ match_cfg_line(Options *options, const char *full_line, int *acp, char ***avp, + struct passwd *pw, const char *host_arg, const char *original_host, + int final_pass, int *want_final_pass, const char *filename, int linenum) + { +- char *arg, *oattrib, *attrib, *cmd, *host, *criteria; ++ char *arg, *oattrib, *attrib = NULL, *cmd, *host, *criteria; + const char *ruser; + int r, this_result, result = 1, attributes = 0, negate; + +@@ -731,7 +731,8 @@ match_cfg_line(Options *options, const char *full_line, int *acp, char ***avp, + + debug2("checking match for '%s' host %s originally %s", + full_line, host, original_host); +- while ((oattrib = attrib = argv_next(acp, avp)) != NULL) { ++ while ((oattrib = argv_next(acp, avp)) != NULL) { ++ attrib = xstrdup(oattrib); + /* Terminate on comment */ + if (*attrib == '#') { + argv_consume(acp); +@@ -777,9 +778,23 @@ match_cfg_line(Options *options, const char *full_line, int *acp, char ***avp, + this_result ? "" : "not ", oattrib); + continue; + } ++ ++ /* Keep this list in sync with below */ ++ if (strprefix(attrib, "host=", 1) != NULL || ++ strprefix(attrib, "originalhost=", 1) != NULL || ++ strprefix(attrib, "user=", 1) != NULL || ++ strprefix(attrib, "localuser=", 1) != NULL || ++ strprefix(attrib, "localnetwork=", 1) != NULL || ++ strprefix(attrib, "tagged=", 1) != NULL || ++ strprefix(attrib, "exec=", 1) != NULL) { ++ arg = strchr(attrib, '='); ++ *(arg++) = '\0'; ++ } else { ++ arg = argv_next(acp, avp); ++ } ++ + /* All other criteria require an argument */ +- if ((arg = argv_next(acp, avp)) == NULL || +- *arg == '\0' || *arg == '#') { ++ if (arg == NULL || *arg == '\0' || *arg == '#') { + error("Missing Match criteria for %s", attrib); + result = -1; + goto out; +@@ -856,6 +871,8 @@ match_cfg_line(Options *options, const char *full_line, int *acp, char ***avp, + criteria == NULL ? "" : criteria, + criteria == NULL ? "" : "\""); + free(criteria); ++ free(attrib); ++ attrib = NULL; + } + if (attributes == 0) { + error("One or more attributes required for Match"); +@@ -865,6 +882,7 @@ match_cfg_line(Options *options, const char *full_line, int *acp, char ***avp, + out: + if (result != -1) + debug2("match %sfound", result ? "" : "not "); ++ free(attrib); + free(host); + return result; + } +diff --git a/servconf.c b/servconf.c +index 89b8413e..dd774f46 100644 +--- a/servconf.c ++++ b/servconf.c +@@ -1,4 +1,4 @@ +-/* $OpenBSD: servconf.c,v 1.418 2024/09/15 03:09:44 djm Exp $ */ ++/* $OpenBSD: servconf.c,v 1.419 2024/09/25 01:24:04 djm Exp $ */ + /* + * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland + * All rights reserved +@@ -1033,7 +1033,7 @@ match_cfg_line(const char *full_line, int *acp, char ***avp, + int line, struct connection_info *ci) + { + int result = 1, attributes = 0, port; +- char *arg, *attrib; ++ char *arg, *attrib = NULL, *oattrib; + + if (ci == NULL) + debug3("checking syntax for 'Match %s'", full_line); +@@ -1047,7 +1047,8 @@ match_cfg_line(const char *full_line, int *acp, char ***avp, + ci->laddress ? ci->laddress : "(null)", ci->lport); + } + +- while ((attrib = argv_next(acp, avp)) != NULL) { ++ while ((oattrib = argv_next(acp, avp)) != NULL) { ++ attrib = xstrdup(oattrib); + /* Terminate on comment */ + if (*attrib == '#') { + argv_consume(acp); /* mark all arguments consumed */ +@@ -1062,11 +1063,13 @@ match_cfg_line(const char *full_line, int *acp, char ***avp, + *arg != '\0' && *arg != '#')) { + error("'all' cannot be combined with other " + "Match attributes"); +- return -1; ++ result = -1; ++ goto out; + } + if (arg != NULL && *arg == '#') + argv_consume(acp); /* consume remaining args */ +- return 1; ++ result = 1; ++ goto out; + } + /* Criterion "invalid-user" also has no argument */ + if (strcasecmp(attrib, "invalid-user") == 0) { +@@ -1078,11 +1081,26 @@ match_cfg_line(const char *full_line, int *acp, char ***avp, + debug("matched invalid-user at line %d", line); + continue; + } ++ ++ /* Keep this list in sync with below */ ++ if (strprefix(attrib, "user=", 1) != NULL || ++ strprefix(attrib, "group=", 1) != NULL || ++ strprefix(attrib, "host=", 1) != NULL || ++ strprefix(attrib, "address=", 1) != NULL || ++ strprefix(attrib, "localaddress=", 1) != NULL || ++ strprefix(attrib, "localport=", 1) != NULL || ++ strprefix(attrib, "rdomain=", 1) != NULL) { ++ arg = strchr(attrib, '='); ++ *(arg++) = '\0'; ++ } else { ++ arg = argv_next(acp, avp); ++ } ++ + /* All other criteria require an argument */ +- if ((arg = argv_next(acp, avp)) == NULL || +- *arg == '\0' || *arg == '#') { ++ if (arg == NULL || *arg == '\0' || *arg == '#') { + error("Missing Match criteria for %s", attrib); +- return -1; ++ result = -1; ++ goto out; + } + if (strcasecmp(attrib, "user") == 0) { + if (ci == NULL || (ci->test && ci->user == NULL)) { +@@ -1105,7 +1123,8 @@ match_cfg_line(const char *full_line, int *acp, char ***avp, + match_test_missing_fatal("Group", "user"); + switch (match_cfg_line_group(arg, line, ci->user)) { + case -1: +- return -1; ++ result = -1; ++ goto out; + case 0: + result = 0; + } +@@ -1141,7 +1160,8 @@ match_cfg_line(const char *full_line, int *acp, char ***avp, + result = 0; + break; + case -2: +- return -1; ++ result = -1; ++ goto out; + } + } else if (strcasecmp(attrib, "localaddress") == 0){ + if (ci == NULL || (ci->test && ci->laddress == NULL)) { +@@ -1166,13 +1186,15 @@ match_cfg_line(const char *full_line, int *acp, char ***avp, + result = 0; + break; + case -2: +- return -1; ++ result = -1; ++ goto out; + } + } else if (strcasecmp(attrib, "localport") == 0) { + if ((port = a2port(arg)) == -1) { + error("Invalid LocalPort '%s' on Match line", + arg); +- return -1; ++ result = -1; ++ goto out; + } + if (ci == NULL || (ci->test && ci->lport == -1)) { + result = 0; +@@ -1200,16 +1222,21 @@ match_cfg_line(const char *full_line, int *acp, char ***avp, + debug("user %.100s matched 'RDomain %.100s' at " + "line %d", ci->rdomain, arg, line); + } else { +- error("Unsupported Match attribute %s", attrib); +- return -1; ++ error("Unsupported Match attribute %s", oattrib); ++ result = -1; ++ goto out; + } ++ free(attrib); ++ attrib = NULL; + } + if (attributes == 0) { + error("One or more attributes required for Match"); + return -1; + } +- if (ci != NULL) ++ out: ++ if (ci != NULL && result != -1) + debug3("match %sfound", result ? "" : "not "); ++ free(attrib); + return result; + } + +-- +cgit v1.2.3 + diff --git a/0003-upstream-fix-previous-change-to-ssh_config-Match_-which-broken-on.patch b/0003-upstream-fix-previous-change-to-ssh_config-Match_-which-broken-on.patch new file mode 100644 index 0000000..48f4059 --- /dev/null +++ b/0003-upstream-fix-previous-change-to-ssh_config-Match_-which-broken-on.patch @@ -0,0 +1,65 @@ +From 19bcb2d90c6caf14abf386b644fb24eb7afab889 Mon Sep 17 00:00:00 2001 +From: "djm@openbsd.org" +Date: Thu, 26 Sep 2024 23:55:08 +0000 +Subject: upstream: fix previous change to ssh_config Match, which broken on + +negated Matches; spotted by phessler@ ok deraadt@ + +OpenBSD-Commit-ID: b1c6acec66cd5bd1252feff1d02ad7129ced37c7 +--- + readconf.c | 14 +++++++------- + 1 file changed, 7 insertions(+), 7 deletions(-) + +diff --git a/readconf.c b/readconf.c +index de42fb6f..9f559269 100644 +--- a/readconf.c ++++ b/readconf.c +@@ -1,4 +1,4 @@ +-/* $OpenBSD: readconf.c,v 1.391 2024/09/25 01:24:04 djm Exp $ */ ++/* $OpenBSD: readconf.c,v 1.392 2024/09/26 23:55:08 djm Exp $ */ + /* + * Author: Tatu Ylonen + * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland +@@ -710,7 +710,7 @@ match_cfg_line(Options *options, const char *full_line, int *acp, char ***avp, + struct passwd *pw, const char *host_arg, const char *original_host, + int final_pass, int *want_final_pass, const char *filename, int linenum) + { +- char *arg, *oattrib, *attrib = NULL, *cmd, *host, *criteria; ++ char *arg, *oattrib = NULL, *attrib = NULL, *cmd, *host, *criteria; + const char *ruser; + int r, this_result, result = 1, attributes = 0, negate; + +@@ -731,8 +731,8 @@ match_cfg_line(Options *options, const char *full_line, int *acp, char ***avp, + + debug2("checking match for '%s' host %s originally %s", + full_line, host, original_host); +- while ((oattrib = argv_next(acp, avp)) != NULL) { +- attrib = xstrdup(oattrib); ++ while ((attrib = argv_next(acp, avp)) != NULL) { ++ attrib = oattrib = xstrdup(attrib); + /* Terminate on comment */ + if (*attrib == '#') { + argv_consume(acp); +@@ -871,8 +871,8 @@ match_cfg_line(Options *options, const char *full_line, int *acp, char ***avp, + criteria == NULL ? "" : criteria, + criteria == NULL ? "" : "\""); + free(criteria); +- free(attrib); +- attrib = NULL; ++ free(oattrib); ++ oattrib = attrib = NULL; + } + if (attributes == 0) { + error("One or more attributes required for Match"); +@@ -882,7 +882,7 @@ match_cfg_line(Options *options, const char *full_line, int *acp, char ***avp, + out: + if (result != -1) + debug2("match %sfound", result ? "" : "not "); +- free(attrib); ++ free(oattrib); + free(host); + return result; + } +-- +cgit v1.2.3 + diff --git a/0004-upstream-fix-ML-KEM768x25519-KEX-on-big-endian-systems-spotted-by.patch b/0004-upstream-fix-ML-KEM768x25519-KEX-on-big-endian-systems-spotted-by.patch new file mode 100644 index 0000000..b9bada1 --- /dev/null +++ b/0004-upstream-fix-ML-KEM768x25519-KEX-on-big-endian-systems-spotted-by.patch @@ -0,0 +1,94 @@ +From 11f348196b3fb51c3d8d1f4f36db9d73f03149ed Mon Sep 17 00:00:00 2001 +From: "djm@openbsd.org" +Date: Sun, 27 Oct 2024 02:06:01 +0000 +Subject: upstream: fix ML-KEM768x25519 KEX on big-endian systems; spotted by + +jsg@ feedback/ok deraadt@ + +OpenBSD-Commit-ID: 26d81a430811672bc762687166986cad40d28cc0 +--- + libcrux_mlkem768_sha3.h | 8 +++++--- + mlkem768.sh | 17 ++++++++++++----- + 2 files changed, 17 insertions(+), 8 deletions(-) + +diff --git a/libcrux_mlkem768_sha3.h b/libcrux_mlkem768_sha3.h +index a82d60e8..b8ac1436 100644 +--- a/libcrux_mlkem768_sha3.h ++++ b/libcrux_mlkem768_sha3.h +@@ -1,4 +1,5 @@ +-/* $OpenBSD: libcrux_mlkem768_sha3.h,v 1.1 2024/09/02 12:13:56 djm Exp $ */ ++/* $OpenBSD: libcrux_mlkem768_sha3.h,v 1.2 2024/10/27 02:06:01 djm Exp $ */ ++ + /* Extracted from libcrux revision 84c5d87b3092c59294345aa269ceefe0eb97cc35 */ + + /* +@@ -160,18 +161,19 @@ static inline void Eurydice_slice_to_array3(uint8_t *dst_tag, char *dst_ok, + // CORE STUFF (conversions, endianness, ...) + + static inline void core_num__u64_9__to_le_bytes(uint64_t v, uint8_t buf[8]) { ++ v = htole64(v); + memcpy(buf, &v, sizeof(v)); + } + static inline uint64_t core_num__u64_9__from_le_bytes(uint8_t buf[8]) { + uint64_t v; + memcpy(&v, buf, sizeof(v)); +- return v; ++ return le64toh(v); + } + + static inline uint32_t core_num__u32_8__from_le_bytes(uint8_t buf[4]) { + uint32_t v; + memcpy(&v, buf, sizeof(v)); +- return v; ++ return le32toh(v); + } + + static inline uint32_t core_num__u8_6__count_ones(uint8_t x0) { +diff --git a/mlkem768.sh b/mlkem768.sh +index 2fdc2831..3d12b2ed 100644 +--- a/mlkem768.sh ++++ b/mlkem768.sh +@@ -1,9 +1,10 @@ + #!/bin/sh +-# $OpenBSD: mlkem768.sh,v 1.2 2024/09/04 05:11:33 djm Exp $ ++# $OpenBSD: mlkem768.sh,v 1.3 2024/10/27 02:06:01 djm Exp $ + # Placed in the Public Domain. + # + +-WANT_LIBCRUX_REVISION="origin/main" ++#WANT_LIBCRUX_REVISION="origin/main" ++WANT_LIBCRUX_REVISION="84c5d87b3092c59294345aa269ceefe0eb97cc35" + + FILES=" + libcrux/libcrux-ml-kem/cg/eurydice_glue.h +@@ -47,6 +48,7 @@ echo '#define KRML_NOINLINE __attribute__((noinline, unused))' + echo '#define KRML_HOST_EPRINTF(...)' + echo '#define KRML_HOST_EXIT(x) fatal_f("internal error")' + echo ++ + for i in $FILES; do + echo "/* from $i */" + # Changes to all files: +@@ -56,11 +58,16 @@ for i in $FILES; do + -e 's/[ ]*$//' \ + $i | \ + case "$i" in +- # XXX per-file handling goes here. ++ */libcrux-ml-kem/cg/eurydice_glue.h) ++ # Replace endian functions with versions that work. ++ perl -0777 -pe 's/(static inline void core_num__u64_9__to_le_bytes.*\n)([^}]*\n)/\1 v = htole64(v);\n\2/' | ++ perl -0777 -pe 's/(static inline uint64_t core_num__u64_9__from_le_bytes.*?)return v;/\1return le64toh(v);/s' | ++ perl -0777 -pe 's/(static inline uint32_t core_num__u32_8__from_le_bytes.*?)return v;/\1return le32toh(v);/s' ++ ;; + # Default: pass through. + *) +- cat +- ;; ++ cat ++ ;; + esac + echo + done +-- +cgit v1.2.3 + diff --git a/fix-CVE-2024-6387.patch b/fix-CVE-2024-6387.patch deleted file mode 100644 index ba9d506..0000000 --- a/fix-CVE-2024-6387.patch +++ /dev/null @@ -1,19 +0,0 @@ -Index: openssh-9.6p1/log.c -=================================================================== ---- openssh-9.6p1.orig/log.c -+++ openssh-9.6p1/log.c -@@ -451,12 +451,14 @@ void - sshsigdie(const char *file, const char *func, int line, int showfunc, - LogLevel level, const char *suffix, const char *fmt, ...) - { -+#if 0 - va_list args; - - va_start(args, fmt); - sshlogv(file, func, line, showfunc, SYSLOG_LEVEL_FATAL, - suffix, fmt, args); - va_end(args); -+#endif - _exit(1); - } - diff --git a/fix-missing-lz.patch b/fix-missing-lz.patch deleted file mode 100644 index bc82afa..0000000 --- a/fix-missing-lz.patch +++ /dev/null @@ -1,25 +0,0 @@ -Index: openssh-9.3p1/Makefile.in -=================================================================== ---- openssh-9.3p1.orig/Makefile.in -+++ openssh-9.3p1/Makefile.in -@@ -250,17 +250,17 @@ ssh-ldap-helper$(EXEEXT): $(LIBCOMPAT) l - $(LD) -o $@ ldapconf.o ldapbody.o ldapmisc.o ldap-helper.o $(LDFLAGS) -lssh -lopenbsd-compat -lssh -lopenbsd-compat $(LIBS) - - sftp-server$(EXEEXT): $(LIBCOMPAT) libssh.a ssh-sk.o sk-usbhid.o $(SFTPSERVER_OBJS) -- $(LD) -o $@ $(SFTPSERVER_OBJS) ssh-sk.o sk-usbhid.o $(LDFLAGS) -lssh -lopenbsd-compat -lssh $(LIBS) $(LIBFIDO2) -+ $(LD) -o $@ $(SFTPSERVER_OBJS) ssh-sk.o sk-usbhid.o $(LDFLAGS) -lssh -lopenbsd-compat -lssh $(LIBS) $(LIBFIDO2) -lz - - sftp$(EXEEXT): $(LIBCOMPAT) libssh.a $(SFTP_OBJS) - $(LD) -o $@ $(SFTP_OBJS) $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS) $(LIBEDIT) - - # FIPS tests - cavstest-ctr$(EXEEXT): $(LIBCOMPAT) libssh.a ssh-sk.o sk-usbhid.o cavstest-ctr.o -- $(LD) -o $@ cavstest-ctr.o ssh-sk.o sk-usbhid.o $(LDFLAGS) -lssh -lopenbsd-compat -lssh $(LIBS) $(LIBFIDO2) -+ $(LD) -o $@ cavstest-ctr.o ssh-sk.o sk-usbhid.o $(LDFLAGS) -lssh -lopenbsd-compat -lssh $(LIBS) $(LIBFIDO2) -lz - - cavstest-kdf$(EXEEXT): $(LIBCOMPAT) libssh.a ssh-sk.o sk-usbhid.o cavstest-kdf.o -- $(LD) -o $@ cavstest-kdf.o ssh-sk.o sk-usbhid.o $(LDFLAGS) -lssh -lopenbsd-compat -lssh $(LIBS) $(LIBFIDO2) -+ $(LD) -o $@ cavstest-kdf.o ssh-sk.o sk-usbhid.o $(LDFLAGS) -lssh -lopenbsd-compat -lssh $(LIBS) $(LIBFIDO2) -lz - - # test driver for the loginrec code - not built by default - logintest: logintest.o $(LIBCOMPAT) libssh.a loginrec.o diff --git a/fix-x11-regression-bsc1229449.patch b/fix-x11-regression-bsc1229449.patch new file mode 100644 index 0000000..a5b6842 --- /dev/null +++ b/fix-x11-regression-bsc1229449.patch @@ -0,0 +1,56 @@ +Index: openssh-9.9p1/clientloop.c +=================================================================== +--- openssh-9.9p1.orig/clientloop.c ++++ openssh-9.9p1/clientloop.c +@@ -663,9 +663,10 @@ obfuscate_keystroke_timing(struct ssh *s + if (just_started) + return 1; + +- /* Don't arm output fd for poll until the timing interval has elapsed */ ++ /* Don't arm output fd for poll until the timing interval has elapsed... */ + if (timespeccmp(&now, &next_interval, <)) +- return 0; ++ /* ...unless there's x11 communicattion happening */ ++ return x11_channel_used_recently(ssh); + + /* Calculate number of intervals missed since the last check */ + n = (now.tv_sec - next_interval.tv_sec) * 1000LL * 1000 * 1000; +Index: openssh-9.9p1/channels.c +=================================================================== +--- openssh-9.9p1.orig/channels.c ++++ openssh-9.9p1/channels.c +@@ -5352,3 +5352,22 @@ x11_request_forwarding_with_spoofing(str + fatal_fr(r, "send x11-req"); + free(new_data); + } ++ ++/* ++ * Returns whether an x11 channel was used recently (less than a second ago) ++ */ ++int ++x11_channel_used_recently(struct ssh *ssh) { ++ u_int i; ++ Channel *c; ++ time_t lastused = 0; ++ ++ for (i = 0; i < ssh->chanctxt->channels_alloc; i++) { ++ c = ssh->chanctxt->channels[i]; ++ if (c == NULL || c->ctype == NULL || c->lastused == 0 || ++ strcmp(c->ctype, "x11-connection")) ++ continue; ++ lastused = c->lastused; ++ } ++ return (lastused != 0 && monotime() < lastused + 1); ++} +Index: openssh-9.9p1/channels.h +=================================================================== +--- openssh-9.9p1.orig/channels.h ++++ openssh-9.9p1/channels.h +@@ -382,6 +382,7 @@ int x11_connect_display(struct ssh *); + int x11_create_display_inet(struct ssh *, int, int, int, u_int *, int **); + void x11_request_forwarding_with_spoofing(struct ssh *, int, + const char *, const char *, const char *, int); ++int x11_channel_used_recently(struct ssh *ssh); + + /* channel close */ + diff --git a/logind_set_tty.patch b/logind_set_tty.patch index 5d3e37c..4e744f9 100644 --- a/logind_set_tty.patch +++ b/logind_set_tty.patch @@ -14,11 +14,11 @@ index f0ea07e7b..35dcf45f1 100644 $(LD) -o $@ $(SSHOBJS) $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS) $(GSSLIBS) $(CHANNELLIBS) sshd$(EXEEXT): libssh.a $(LIBCOMPAT) $(SSHDOBJS) -- $(LD) -o $@ $(SSHDOBJS) $(LDFLAGS) -lssh -lopenbsd-compat $(SSHDLIBS) $(LIBS) $(GSSLIBS) $(K5LIBS) $(CHANNELLIBS) $(LIBWTMPDB) -+ $(LD) -o $@ $(SSHDOBJS) $(LDFLAGS) -lssh -lopenbsd-compat $(SSHDLIBS) $(LIBS) $(GSSLIBS) $(K5LIBS) $(CHANNELLIBS) $(LIBWTMPDB) $(LIBSYSTEMD) +- $(LD) -o $@ $(SSHDOBJS) $(LDFLAGS) -lssh -lopenbsd-compat $(SSHDLIBS) $(LIBS) $(CHANNELLIBS) $(LIBWTMPDB) ++ $(LD) -o $@ $(SSHDOBJS) $(LDFLAGS) -lssh -lopenbsd-compat $(SSHDLIBS) $(LIBS) $(CHANNELLIBS) $(LIBWTMPDB) $(LIBSYSTEMD) - scp$(EXEEXT): $(LIBCOMPAT) libssh.a $(SCP_OBJS) - $(LD) -o $@ $(SCP_OBJS) $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS) + sshd-session$(EXEEXT): libssh.a $(LIBCOMPAT) $(SSHD_SESSION_OBJS) + $(LD) -o $@ $(SSHD_SESSION_OBJS) $(LDFLAGS) -lssh -lopenbsd-compat $(SSHDLIBS) $(LIBS) $(GSSLIBS) $(K5LIBS) $(CHANNELLIBS) $(LIBWTMPDB) diff --git a/configure.ac b/configure.ac index a12c6f7ad..860df3379 100644 --- a/configure.ac @@ -106,7 +106,7 @@ index 86caf83b2..8b413190b 100644 #ifdef CUSTOM_SYS_AUTH_RECORD_LOGIN if (li->type == LTYPE_LOGIN && !sys_auth_record_login(li->username,li->hostname,li->line, -@@ -1476,6 +1486,88 @@ wtmpdb_write_entry(struct logininfo *li) +@@ -1476,6 +1486,91 @@ wtmpdb_write_entry(struct logininfo *li) } #endif @@ -171,9 +171,12 @@ index 86caf83b2..8b413190b 100644 + + free(dbus_path); + -+ if (sd_bus_flush(bus) < 0) ++ if (sd_bus_flush(bus) < 0) { ++ sd_bus_unref(bus); + return (0); ++ } + ++ sd_bus_unref(bus); + return (1); +} + diff --git a/openssh-6.6.1p1-selinux-contexts.patch b/openssh-6.6.1p1-selinux-contexts.patch index 42e43d1..af7730b 100644 --- a/openssh-6.6.1p1-selinux-contexts.patch +++ b/openssh-6.6.1p1-selinux-contexts.patch @@ -104,10 +104,10 @@ Index: openssh-9.6p1/openbsd-compat/port-linux.h #endif #ifdef LINUX_OOM_ADJUST -Index: openssh-9.6p1/sshd.c +Index: openssh-9.6p1/sshd-session.c =================================================================== ---- openssh-9.6p1.orig/sshd.c -+++ openssh-9.6p1/sshd.c +--- openssh-9.6p1.orig/sshd-session.c ++++ openssh-9.6p1/sshd-session.c @@ -511,7 +511,7 @@ privsep_preauth_child(struct ssh *ssh) demote_sensitive_data(ssh); diff --git a/openssh-6.6p1-keycat.patch b/openssh-6.6p1-keycat.patch index f61bb4c..54d5ac1 100644 --- a/openssh-6.6p1-keycat.patch +++ b/openssh-6.6p1-keycat.patch @@ -16,70 +16,70 @@ Index: openssh-9.3p2/misc.c if (env != NULL) execve(av[0], av, env); else -Index: openssh-9.3p2/HOWTO.ssh-keycat -=================================================================== ---- /dev/null -+++ openssh-9.3p2/HOWTO.ssh-keycat -@@ -0,0 +1,12 @@ -+The ssh-keycat retrieves the content of the ~/.ssh/authorized_keys -+of an user in any environment. This includes environments with -+polyinstantiation of home directories and SELinux MLS policy enabled. -+ -+To use ssh-keycat, set these options in /etc/ssh/sshd_config file: -+ AuthorizedKeysCommand /usr/libexec/openssh/ssh-keycat -+ AuthorizedKeysCommandUser root -+ -+Do not forget to enable public key authentication: -+ PubkeyAuthentication yes -+ -+ -Index: openssh-9.3p2/Makefile.in -=================================================================== ---- openssh-9.3p2.orig/Makefile.in -+++ openssh-9.3p2/Makefile.in -@@ -24,6 +24,7 @@ SSH_PROGRAM=@bindir@/ssh - ASKPASS_PROGRAM=$(libexecdir)/ssh-askpass - SFTP_SERVER=$(libexecdir)/sftp-server - SSH_KEYSIGN=$(libexecdir)/ssh-keysign -+SSH_KEYCAT=$(libexecdir)/ssh-keycat - SSH_PKCS11_HELPER=$(libexecdir)/ssh-pkcs11-helper - SSH_SK_HELPER=$(libexecdir)/ssh-sk-helper - SSH_LDAP_HELPER=$(libexecdir)/ssh-ldap-helper -@@ -57,6 +58,7 @@ CHANNELLIBS=@CHANNELLIBS@ - K5LIBS=@K5LIBS@ - GSSLIBS=@GSSLIBS@ - SSHDLIBS=@SSHDLIBS@ -+KEYCATLIBS=@KEYCATLIBS@ - LIBEDIT=@LIBEDIT@ - LIBFIDO2=@LIBFIDO2@ - LIBWTMPDB=@LIBWTMPDB@ -@@ -75,7 +77,7 @@ MKDIR_P=@MKDIR_P@ - - .SUFFIXES: .lo - --TARGETS=ssh$(EXEEXT) sshd$(EXEEXT) ssh-add$(EXEEXT) ssh-keygen$(EXEEXT) ssh-keyscan${EXEEXT} ssh-keysign${EXEEXT} ssh-pkcs11-helper$(EXEEXT) ssh-agent$(EXEEXT) scp$(EXEEXT) sftp-server$(EXEEXT) sftp$(EXEEXT) ssh-sk-helper$(EXEEXT) -+TARGETS=ssh$(EXEEXT) sshd$(EXEEXT) ssh-add$(EXEEXT) ssh-keygen$(EXEEXT) ssh-keyscan${EXEEXT} ssh-keysign${EXEEXT} ssh-pkcs11-helper$(EXEEXT) ssh-agent$(EXEEXT) scp$(EXEEXT) sftp-server$(EXEEXT) sftp$(EXEEXT) ssh-sk-helper$(EXEEXT) ssh-keycat$(EXEEXT) - - TARGETS += cavstest-ctr$(EXEEXT) cavstest-kdf$(EXEEXT) - -@@ -245,6 +247,9 @@ ssh-pkcs11-helper$(EXEEXT): $(LIBCOMPAT) - ssh-sk-helper$(EXEEXT): $(LIBCOMPAT) libssh.a $(SKHELPER_OBJS) - $(LD) -o $@ $(SKHELPER_OBJS) $(LDFLAGS) -lssh -lopenbsd-compat -lssh -lopenbsd-compat $(LIBS) $(LIBFIDO2) $(CHANNELLIBS) - -+ssh-keycat$(EXEEXT): $(LIBCOMPAT) $(SSHDOBJS) libssh.a ssh-keycat.o uidswap.o -+ $(LD) -o $@ ssh-keycat.o uidswap.o $(LDFLAGS) -lssh -lopenbsd-compat $(KEYCATLIBS) $(LIBS) -+ - ssh-keyscan$(EXEEXT): $(LIBCOMPAT) libssh.a $(SSHKEYSCAN_OBJS) - $(LD) -o $@ $(SSHKEYSCAN_OBJS) $(LDFLAGS) -lssh -lopenbsd-compat -lssh $(LIBS) $(CHANNELLIBS) - -@@ -431,6 +436,7 @@ install-files: - $(INSTALL) -m 0755 ssh-ldap-wrapper $(DESTDIR)$(SSH_LDAP_WRAPPER) ; \ - fi - $(INSTALL) -m 0755 $(STRIP_OPT) ssh-sk-helper$(EXEEXT) $(DESTDIR)$(SSH_SK_HELPER)$(EXEEXT) -+ $(INSTALL) -m 0755 $(STRIP_OPT) ssh-keycat$(EXEEXT) $(DESTDIR)$(libexecdir)/ssh-keycat$(EXEEXT) - $(INSTALL) -m 0755 $(STRIP_OPT) sftp$(EXEEXT) $(DESTDIR)$(bindir)/sftp$(EXEEXT) - $(INSTALL) -m 0755 $(STRIP_OPT) sftp-server$(EXEEXT) $(DESTDIR)$(SFTP_SERVER)$(EXEEXT) - $(INSTALL) -m 0755 $(STRIP_OPT) cavstest-ctr$(EXEEXT) $(DESTDIR)$(libexecdir)/cavstest-ctr$(EXEEXT) +#Index: openssh-9.3p2/HOWTO.ssh-keycat +#=================================================================== +#--- /dev/null +#+++ openssh-9.3p2/HOWTO.ssh-keycat +#@@ -0,0 +1,12 @@ +#+The ssh-keycat retrieves the content of the ~/.ssh/authorized_keys +#+of an user in any environment. This includes environments with +#+polyinstantiation of home directories and SELinux MLS policy enabled. +#+ +#+To use ssh-keycat, set these options in /etc/ssh/sshd_config file: +#+ AuthorizedKeysCommand /usr/libexec/openssh/ssh-keycat +#+ AuthorizedKeysCommandUser root +#+ +#+Do not forget to enable public key authentication: +#+ PubkeyAuthentication yes +#+ +#+ +#Index: openssh-9.3p2/Makefile.in +#=================================================================== +#--- openssh-9.3p2.orig/Makefile.in +#+++ openssh-9.3p2/Makefile.in +#@@ -27,6 +27,7 @@ SFTP_SERVER=$(libexecdir)/sftp-server +# ASKPASS_PROGRAM=$(libexecdir)/ssh-askpass +# SFTP_SERVER=$(libexecdir)/sftp-server +# SSH_KEYSIGN=$(libexecdir)/ssh-keysign +#+SSH_KEYCAT=$(libexecdir)/ssh-keycat +# SSHD_SESSION=$(libexecdir)/sshd-session +# SSH_PKCS11_HELPER=$(libexecdir)/ssh-pkcs11-helper +# SSH_SK_HELPER=$(libexecdir)/ssh-sk-helper +#@@ -57,6 +58,7 @@ CHANNELLIBS=@CHANNELLIBS@ +# K5LIBS=@K5LIBS@ +# GSSLIBS=@GSSLIBS@ +# SSHDLIBS=@SSHDLIBS@ +#+KEYCATLIBS=@KEYCATLIBS@ +# LIBEDIT=@LIBEDIT@ +# LIBFIDO2=@LIBFIDO2@ +# LIBWTMPDB=@LIBWTMPDB@ +#@@ -65,7 +66,7 @@ EXEEXT=@EXEEXT@ +# +# .SUFFIXES: .lo +# +#-TARGETS=ssh$(EXEEXT) sshd$(EXEEXT) sshd-session$(EXEEXT) ssh-add$(EXEEXT) ssh-keygen$(EXEEXT) ssh-keyscan${EXEEXT} ssh-keysign${EXEEXT} ssh-pkcs11-helper$(EXEEXT) ssh-agent$(EXEEXT) scp$(EXEEXT) sftp-server$(EXEEXT) sftp$(EXEEXT) ssh-sk-helper$(EXEEXT) +#+TARGETS=ssh$(EXEEXT) sshd$(EXEEXT) sshd-session$(EXEEXT) ssh-add$(EXEEXT) ssh-keygen$(EXEEXT) ssh-keyscan${EXEEXT} ssh-keysign${EXEEXT} ssh-pkcs11-helper$(EXEEXT) ssh-agent$(EXEEXT) scp$(EXEEXT) sftp-server$(EXEEXT) sftp$(EXEEXT) ssh-sk-helper$(EXEEXT) ssh-keycat$(EXEEXT) +# +# TARGETS += cavstest-ctr$(EXEEXT) cavstest-kdf$(EXEEXT) +# +#@@ -245,6 +247,9 @@ ssh-pkcs11-helper$(EXEEXT): $(LIBCOMPAT) +# ssh-sk-helper$(EXEEXT): $(LIBCOMPAT) libssh.a $(SKHELPER_OBJS) +# $(LD) -o $@ $(SKHELPER_OBJS) $(LDFLAGS) -lssh -lopenbsd-compat -lssh -lopenbsd-compat $(LIBS) $(LIBFIDO2) $(CHANNELLIBS) +# +#+ssh-keycat$(EXEEXT): $(LIBCOMPAT) $(SSHDOBJS) libssh.a ssh-keycat.o uidswap.o +#+ $(LD) -o $@ ssh-keycat.o uidswap.o $(LDFLAGS) -lssh -lopenbsd-compat $(KEYCATLIBS) $(LIBS) +#+ +# ssh-keyscan$(EXEEXT): $(LIBCOMPAT) libssh.a $(SSHKEYSCAN_OBJS) +# $(LD) -o $@ $(SSHKEYSCAN_OBJS) $(LDFLAGS) -lssh -lopenbsd-compat -lssh $(LIBS) $(CHANNELLIBS) +# +#@@ -431,6 +436,7 @@ install-files: +# $(INSTALL) -m 0755 ssh-ldap-wrapper $(DESTDIR)$(SSH_LDAP_WRAPPER) ; \ +# fi +# $(INSTALL) -m 0755 $(STRIP_OPT) ssh-sk-helper$(EXEEXT) $(DESTDIR)$(SSH_SK_HELPER)$(EXEEXT) +#+ $(INSTALL) -m 0755 $(STRIP_OPT) ssh-keycat$(EXEEXT) $(DESTDIR)$(libexecdir)/ssh-keycat$(EXEEXT) +# $(INSTALL) -m 0755 $(STRIP_OPT) sftp$(EXEEXT) $(DESTDIR)$(bindir)/sftp$(EXEEXT) +# $(INSTALL) -m 0755 $(STRIP_OPT) sftp-server$(EXEEXT) $(DESTDIR)$(SFTP_SERVER)$(EXEEXT) +# $(INSTALL) -m 0755 $(STRIP_OPT) cavstest-ctr$(EXEEXT) $(DESTDIR)$(libexecdir)/cavstest-ctr$(EXEEXT) Index: openssh-9.3p2/openbsd-compat/port-linux.h =================================================================== --- openssh-9.3p2.orig/openbsd-compat/port-linux.h @@ -99,9 +99,9 @@ Index: openssh-9.3p2/openbsd-compat/port-linux-sshd.c =================================================================== --- openssh-9.3p2.orig/openbsd-compat/port-linux-sshd.c +++ openssh-9.3p2/openbsd-compat/port-linux-sshd.c -@@ -53,6 +53,20 @@ extern Authctxt *the_authctxt; +@@ -54,6 +54,20 @@ extern Authctxt *the_authctxt; + extern Authctxt *the_authctxt; extern int inetd_flag; - extern int rexeced_flag; +/* Wrapper around is_selinux_enabled() to log its return value once only */ +int @@ -129,14 +129,14 @@ Index: openssh-9.3p2/openbsd-compat/port-linux-sshd.c { const char *reqlvl; char *role; -@@ -329,16 +343,16 @@ sshd_selinux_setup_pam_variables(void) +@@ -319,16 +333,16 @@ sshd_selinux_setup_pam_variables(void) ssh_selinux_get_role_level(&role, &reqlvl); - rv = do_pam_putenv("SELINUX_ROLE_REQUESTED", role ? role : ""); + rv = set_it("SELINUX_ROLE_REQUESTED", role ? role : ""); - if (inetd_flag && !rexeced_flag) { + if (inetd_flag) { use_current = "1"; } else { use_current = ""; @@ -205,287 +205,287 @@ Index: openssh-9.3p2/platform.c #endif #ifdef USE_SOLARIS_PROJECTS -Index: openssh-9.3p2/ssh-keycat.c -=================================================================== ---- /dev/null -+++ openssh-9.3p2/ssh-keycat.c -@@ -0,0 +1,241 @@ -+/* -+ * Redistribution and use in source and binary forms, with or without -+ * modification, are permitted provided that the following conditions -+ * are met: -+ * 1. Redistributions of source code must retain the above copyright -+ * notice, and the entire permission notice in its entirety, -+ * including the disclaimer of warranties. -+ * 2. Redistributions in binary form must reproduce the above copyright -+ * notice, this list of conditions and the following disclaimer in the -+ * documentation and/or other materials provided with the distribution. -+ * 3. The name of the author may not be used to endorse or promote -+ * products derived from this software without specific prior -+ * written permission. -+ * -+ * ALTERNATIVELY, this product may be distributed under the terms of -+ * the GNU Public License, in which case the provisions of the GPL are -+ * required INSTEAD OF the above restrictions. (This clause is -+ * necessary due to a potential bad interaction between the GPL and -+ * the restrictions contained in a BSD-style copyright.) -+ * -+ * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED -+ * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES -+ * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE -+ * DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, -+ * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES -+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR -+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -+ * OF THE POSSIBILITY OF SUCH DAMAGE. -+ */ -+ -+/* -+ * Copyright (c) 2011 Red Hat, Inc. -+ * Written by Tomas Mraz -+*/ -+ -+#define _GNU_SOURCE -+ -+#include "config.h" -+#include -+#include -+#include -+#include -+#include -+#include -+#include -+#include -+#ifdef HAVE_STDINT_H -+#include -+#endif -+ -+#include -+ -+#include "uidswap.h" -+#include "misc.h" -+ -+#define ERR_USAGE 1 -+#define ERR_PAM_START 2 -+#define ERR_OPEN_SESSION 3 -+#define ERR_CLOSE_SESSION 4 -+#define ERR_PAM_END 5 -+#define ERR_GETPWNAM 6 -+#define ERR_MEMORY 7 -+#define ERR_OPEN 8 -+#define ERR_FILE_MODE 9 -+#define ERR_FDOPEN 10 -+#define ERR_STAT 11 -+#define ERR_WRITE 12 -+#define ERR_PAM_PUTENV 13 -+#define BUFLEN 4096 -+ -+/* Just ignore the messages in the conversation function */ -+static int -+dummy_conv(int num_msg, const struct pam_message **msgm, -+ struct pam_response **response, void *appdata_ptr) -+{ -+ struct pam_response *rsp; -+ -+ (void)msgm; -+ (void)appdata_ptr; -+ -+ if (num_msg <= 0) -+ return PAM_CONV_ERR; -+ -+ /* Just allocate the array as empty responses */ -+ rsp = calloc (num_msg, sizeof (struct pam_response)); -+ if (rsp == NULL) -+ return PAM_CONV_ERR; -+ -+ *response = rsp; -+ return PAM_SUCCESS; -+} -+ -+static struct pam_conv conv = { -+ dummy_conv, -+ NULL -+}; -+ -+char * -+make_auth_keys_name(const struct passwd *pwd) -+{ -+ char *fname; -+ -+ if (asprintf(&fname, "%s/.ssh/authorized_keys", pwd->pw_dir) < 0) -+ return NULL; -+ -+ return fname; -+} -+ -+int -+dump_keys(const char *user) -+{ -+ struct passwd *pwd; -+ int fd = -1; -+ FILE *f = NULL; -+ char *fname = NULL; -+ int rv = 0; -+ char buf[BUFLEN]; -+ size_t len; -+ struct stat st; -+ -+ if ((pwd = getpwnam(user)) == NULL) { -+ return ERR_GETPWNAM; -+ } -+ -+ if ((fname = make_auth_keys_name(pwd)) == NULL) { -+ return ERR_MEMORY; -+ } -+ -+ temporarily_use_uid(pwd); -+ -+ if ((fd = open(fname, O_RDONLY|O_NONBLOCK|O_NOFOLLOW, 0)) < 0) { -+ rv = ERR_OPEN; -+ goto fail; -+ } -+ -+ if (fstat(fd, &st) < 0) { -+ rv = ERR_STAT; -+ goto fail; -+ } -+ -+ if (!S_ISREG(st.st_mode) || -+ (st.st_uid != pwd->pw_uid && st.st_uid != 0)) { -+ rv = ERR_FILE_MODE; -+ goto fail; -+ } -+ -+ unset_nonblock(fd); -+ -+ if ((f = fdopen(fd, "r")) == NULL) { -+ rv = ERR_FDOPEN; -+ goto fail; -+ } -+ -+ fd = -1; -+ -+ while ((len = fread(buf, 1, sizeof(buf), f)) > 0) { -+ rv = fwrite(buf, 1, len, stdout) != len ? ERR_WRITE : 0; -+ } -+ -+fail: -+ if (fd != -1) -+ close(fd); -+ if (f != NULL) -+ fclose(f); -+ free(fname); -+ restore_uid(); -+ return rv; -+} -+ -+static const char *env_names[] = { "SELINUX_ROLE_REQUESTED", -+ "SELINUX_LEVEL_REQUESTED", -+ "SELINUX_USE_CURRENT_RANGE" -+}; -+ -+extern char **environ; -+ -+int -+set_pam_environment(pam_handle_t *pamh) -+{ -+ int i; -+ size_t j; -+ -+ for (j = 0; j < sizeof(env_names)/sizeof(env_names[0]); ++j) { -+ int len = strlen(env_names[j]); -+ -+ for (i = 0; environ[i] != NULL; ++i) { -+ if (strncmp(env_names[j], environ[i], len) == 0 && -+ environ[i][len] == '=') { -+ if (pam_putenv(pamh, environ[i]) != PAM_SUCCESS) -+ return ERR_PAM_PUTENV; -+ } -+ } -+ } -+ -+ return 0; -+} -+ -+int -+main(int argc, char *argv[]) -+{ -+ pam_handle_t *pamh = NULL; -+ int retval; -+ int ev = 0; -+ -+ if (argc != 2) { -+ fprintf(stderr, "Usage: %s \n", argv[0]); -+ return ERR_USAGE; -+ } -+ -+ retval = pam_start("ssh-keycat", argv[1], &conv, &pamh); -+ if (retval != PAM_SUCCESS) { -+ return ERR_PAM_START; -+ } -+ -+ ev = set_pam_environment(pamh); -+ if (ev != 0) -+ goto finish; -+ -+ retval = pam_open_session(pamh, PAM_SILENT); -+ if (retval != PAM_SUCCESS) { -+ ev = ERR_OPEN_SESSION; -+ goto finish; -+ } -+ -+ ev = dump_keys(argv[1]); -+ -+ retval = pam_close_session(pamh, PAM_SILENT); -+ if (retval != PAM_SUCCESS) { -+ ev = ERR_CLOSE_SESSION; -+ } -+ -+finish: -+ retval = pam_end (pamh,retval); -+ if (retval != PAM_SUCCESS) { -+ ev = ERR_PAM_END; -+ } -+ return ev; -+} -Index: openssh-9.3p2/configure.ac -=================================================================== ---- openssh-9.3p2.orig/configure.ac -+++ openssh-9.3p2/configure.ac -@@ -3632,6 +3632,7 @@ AC_ARG_WITH([pam], - PAM_MSG="yes" - - SSHDLIBS="$SSHDLIBS -lpam" -+ KEYCATLIBS="$KEYCATLIBS -lpam" - AC_DEFINE([USE_PAM], [1], - [Define if you want to enable PAM support]) - -@@ -3642,6 +3643,7 @@ AC_ARG_WITH([pam], - ;; - *) - SSHDLIBS="$SSHDLIBS -ldl" -+ KEYCATLIBS="$KEYCATLIBS -ldl" - ;; - esac - fi -@@ -4875,6 +4877,7 @@ AC_ARG_WITH([selinux], - fi ] - ) - AC_SUBST([SSHDLIBS]) -+AC_SUBST([KEYCATLIBS]) - - # Check whether user wants Kerberos 5 support - KRB5_MSG="no" -@@ -5905,6 +5908,9 @@ fi - if test ! -z "${SSHDLIBS}"; then - echo " +for sshd: ${SSHDLIBS}" - fi -+if test ! -z "${KEYCATLIBS}"; then -+echo " +for ssh-keycat: ${KEYCATLIBS}" -+fi - - echo "" - +#Index: openssh-9.3p2/ssh-keycat.c +#=================================================================== +#--- /dev/null +#+++ openssh-9.3p2/ssh-keycat.c +#@@ -0,0 +1,241 @@ +#+/* +#+ * Redistribution and use in source and binary forms, with or without +#+ * modification, are permitted provided that the following conditions +#+ * are met: +#+ * 1. Redistributions of source code must retain the above copyright +#+ * notice, and the entire permission notice in its entirety, +#+ * including the disclaimer of warranties. +#+ * 2. Redistributions in binary form must reproduce the above copyright +#+ * notice, this list of conditions and the following disclaimer in the +#+ * documentation and/or other materials provided with the distribution. +#+ * 3. The name of the author may not be used to endorse or promote +#+ * products derived from this software without specific prior +#+ * written permission. +#+ * +#+ * ALTERNATIVELY, this product may be distributed under the terms of +#+ * the GNU Public License, in which case the provisions of the GPL are +#+ * required INSTEAD OF the above restrictions. (This clause is +#+ * necessary due to a potential bad interaction between the GPL and +#+ * the restrictions contained in a BSD-style copyright.) +#+ * +#+ * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED +#+ * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES +#+ * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE +#+ * DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, +#+ * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES +#+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR +#+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) +#+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, +#+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) +#+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED +#+ * OF THE POSSIBILITY OF SUCH DAMAGE. +#+ */ +#+ +#+/* +#+ * Copyright (c) 2011 Red Hat, Inc. +#+ * Written by Tomas Mraz +#+*/ +#+ +#+#define _GNU_SOURCE +#+ +#+#include "config.h" +#+#include +#+#include +#+#include +#+#include +#+#include +#+#include +#+#include +#+#include +#+#ifdef HAVE_STDINT_H +#+#include +#+#endif +#+ +#+#include +#+ +#+#include "uidswap.h" +#+#include "misc.h" +#+ +#+#define ERR_USAGE 1 +#+#define ERR_PAM_START 2 +#+#define ERR_OPEN_SESSION 3 +#+#define ERR_CLOSE_SESSION 4 +#+#define ERR_PAM_END 5 +#+#define ERR_GETPWNAM 6 +#+#define ERR_MEMORY 7 +#+#define ERR_OPEN 8 +#+#define ERR_FILE_MODE 9 +#+#define ERR_FDOPEN 10 +#+#define ERR_STAT 11 +#+#define ERR_WRITE 12 +#+#define ERR_PAM_PUTENV 13 +#+#define BUFLEN 4096 +#+ +#+/* Just ignore the messages in the conversation function */ +#+static int +#+dummy_conv(int num_msg, const struct pam_message **msgm, +#+ struct pam_response **response, void *appdata_ptr) +#+{ +#+ struct pam_response *rsp; +#+ +#+ (void)msgm; +#+ (void)appdata_ptr; +#+ +#+ if (num_msg <= 0) +#+ return PAM_CONV_ERR; +#+ +#+ /* Just allocate the array as empty responses */ +#+ rsp = calloc (num_msg, sizeof (struct pam_response)); +#+ if (rsp == NULL) +#+ return PAM_CONV_ERR; +#+ +#+ *response = rsp; +#+ return PAM_SUCCESS; +#+} +#+ +#+static struct pam_conv conv = { +#+ dummy_conv, +#+ NULL +#+}; +#+ +#+char * +#+make_auth_keys_name(const struct passwd *pwd) +#+{ +#+ char *fname; +#+ +#+ if (asprintf(&fname, "%s/.ssh/authorized_keys", pwd->pw_dir) < 0) +#+ return NULL; +#+ +#+ return fname; +#+} +#+ +#+int +#+dump_keys(const char *user) +#+{ +#+ struct passwd *pwd; +#+ int fd = -1; +#+ FILE *f = NULL; +#+ char *fname = NULL; +#+ int rv = 0; +#+ char buf[BUFLEN]; +#+ size_t len; +#+ struct stat st; +#+ +#+ if ((pwd = getpwnam(user)) == NULL) { +#+ return ERR_GETPWNAM; +#+ } +#+ +#+ if ((fname = make_auth_keys_name(pwd)) == NULL) { +#+ return ERR_MEMORY; +#+ } +#+ +#+ temporarily_use_uid(pwd); +#+ +#+ if ((fd = open(fname, O_RDONLY|O_NONBLOCK|O_NOFOLLOW, 0)) < 0) { +#+ rv = ERR_OPEN; +#+ goto fail; +#+ } +#+ +#+ if (fstat(fd, &st) < 0) { +#+ rv = ERR_STAT; +#+ goto fail; +#+ } +#+ +#+ if (!S_ISREG(st.st_mode) || +#+ (st.st_uid != pwd->pw_uid && st.st_uid != 0)) { +#+ rv = ERR_FILE_MODE; +#+ goto fail; +#+ } +#+ +#+ unset_nonblock(fd); +#+ +#+ if ((f = fdopen(fd, "r")) == NULL) { +#+ rv = ERR_FDOPEN; +#+ goto fail; +#+ } +#+ +#+ fd = -1; +#+ +#+ while ((len = fread(buf, 1, sizeof(buf), f)) > 0) { +#+ rv = fwrite(buf, 1, len, stdout) != len ? ERR_WRITE : 0; +#+ } +#+ +#+fail: +#+ if (fd != -1) +#+ close(fd); +#+ if (f != NULL) +#+ fclose(f); +#+ free(fname); +#+ restore_uid(); +#+ return rv; +#+} +#+ +#+static const char *env_names[] = { "SELINUX_ROLE_REQUESTED", +#+ "SELINUX_LEVEL_REQUESTED", +#+ "SELINUX_USE_CURRENT_RANGE" +#+}; +#+ +#+extern char **environ; +#+ +#+int +#+set_pam_environment(pam_handle_t *pamh) +#+{ +#+ int i; +#+ size_t j; +#+ +#+ for (j = 0; j < sizeof(env_names)/sizeof(env_names[0]); ++j) { +#+ int len = strlen(env_names[j]); +#+ +#+ for (i = 0; environ[i] != NULL; ++i) { +#+ if (strncmp(env_names[j], environ[i], len) == 0 && +#+ environ[i][len] == '=') { +#+ if (pam_putenv(pamh, environ[i]) != PAM_SUCCESS) +#+ return ERR_PAM_PUTENV; +#+ } +#+ } +#+ } +#+ +#+ return 0; +#+} +#+ +#+int +#+main(int argc, char *argv[]) +#+{ +#+ pam_handle_t *pamh = NULL; +#+ int retval; +#+ int ev = 0; +#+ +#+ if (argc != 2) { +#+ fprintf(stderr, "Usage: %s \n", argv[0]); +#+ return ERR_USAGE; +#+ } +#+ +#+ retval = pam_start("ssh-keycat", argv[1], &conv, &pamh); +#+ if (retval != PAM_SUCCESS) { +#+ return ERR_PAM_START; +#+ } +#+ +#+ ev = set_pam_environment(pamh); +#+ if (ev != 0) +#+ goto finish; +#+ +#+ retval = pam_open_session(pamh, PAM_SILENT); +#+ if (retval != PAM_SUCCESS) { +#+ ev = ERR_OPEN_SESSION; +#+ goto finish; +#+ } +#+ +#+ ev = dump_keys(argv[1]); +#+ +#+ retval = pam_close_session(pamh, PAM_SILENT); +#+ if (retval != PAM_SUCCESS) { +#+ ev = ERR_CLOSE_SESSION; +#+ } +#+ +#+finish: +#+ retval = pam_end (pamh,retval); +#+ if (retval != PAM_SUCCESS) { +#+ ev = ERR_PAM_END; +#+ } +#+ return ev; +#+} +#Index: openssh-9.3p2/configure.ac +#=================================================================== +#--- openssh-9.3p2.orig/configure.ac +#+++ openssh-9.3p2/configure.ac +#@@ -3632,6 +3632,7 @@ AC_ARG_WITH([pam], +# PAM_MSG="yes" +# +# SSHDLIBS="$SSHDLIBS -lpam" +#+ KEYCATLIBS="$KEYCATLIBS -lpam" +# AC_DEFINE([USE_PAM], [1], +# [Define if you want to enable PAM support]) +# +#@@ -3642,6 +3643,7 @@ AC_ARG_WITH([pam], +# ;; +# *) +# SSHDLIBS="$SSHDLIBS -ldl" +#+ KEYCATLIBS="$KEYCATLIBS -ldl" +# ;; +# esac +# fi +#@@ -4875,6 +4877,7 @@ AC_ARG_WITH([selinux], +# fi ] +# ) +# AC_SUBST([SSHDLIBS]) +#+AC_SUBST([KEYCATLIBS]) +# +# # Check whether user wants Kerberos 5 support +# KRB5_MSG="no" +#@@ -5905,6 +5908,9 @@ fi +# if test ! -z "${SSHDLIBS}"; then +# echo " +for sshd: ${SSHDLIBS}" +# fi +#+if test ! -z "${KEYCATLIBS}"; then +#+echo " +for ssh-keycat: ${KEYCATLIBS}" +#+fi +# +# echo "" +# diff --git a/openssh-6.6p1-privsep-selinux.patch b/openssh-6.6p1-privsep-selinux.patch index 805a0f8..0330f72 100644 --- a/openssh-6.6p1-privsep-selinux.patch +++ b/openssh-6.6p1-privsep-selinux.patch @@ -52,7 +52,7 @@ Index: openssh-9.3p2/session.c platform_setusercontext(pw); - if (platform_privileged_uidswap()) { -+ if (platform_privileged_uidswap() && (!is_child || !use_privsep)) { ++ if (platform_privileged_uidswap() && !is_child) { #ifdef HAVE_LOGIN_CAP if (setusercontext(lc, pw, pw->pw_uid, (LOGIN_SETALL & ~(LOGIN_SETPATH|LOGIN_SETUSER))) < 0) { @@ -98,11 +98,11 @@ Index: openssh-9.3p2/session.c exit(sftp_server_main(i, argv, s->pw)); } -Index: openssh-9.3p2/sshd.c +Index: openssh-9.3p2/sshd-session.c =================================================================== ---- openssh-9.3p2.orig/sshd.c -+++ openssh-9.3p2/sshd.c -@@ -510,6 +510,10 @@ privsep_preauth_child(struct ssh *ssh) +--- openssh-9.3p2.orig/sshd-session.c ++++ openssh-9.3p2/sshd-session.c +@@ -342,6 +342,10 @@ privsep_preauth_child(struct ssh *ssh) /* Demote the private keys to public keys. */ demote_sensitive_data(ssh); @@ -113,13 +113,12 @@ Index: openssh-9.3p2/sshd.c /* Demote the child */ if (privsep_chroot) { /* Change our root directory */ -@@ -602,6 +606,9 @@ privsep_postauth(struct ssh *ssh, Authct - - #ifdef DISABLE_FD_PASSING - if (1) { -+#elif defined(WITH_SELINUX) -+ if (0) { -+ /* even root user can be confined by SELinux */ - #else - if (authctxt->pw->pw_uid == 0) { +@@ -444,7 +448,7 @@ privsep_postauth(struct ssh *ssh, Authct + * fd passing, as AFAIK PTY allocation on this platform doesn't require + * special privileges to begin with. + */ +-#if defined(DISABLE_FD_PASSING) && !defined(HAVE_CYGWIN) ++#if defined(DISABLE_FD_PASSING) && !defined(HAVE_CYGWIN) && !defined(WITH_SELINUX) + skip_privdrop = 1; #endif + diff --git a/openssh-7.6p1-cleanup-selinux.patch b/openssh-7.6p1-cleanup-selinux.patch index 5cf0e8f..04159e1 100644 --- a/openssh-7.6p1-cleanup-selinux.patch +++ b/openssh-7.6p1-cleanup-selinux.patch @@ -9,16 +9,16 @@ Index: openssh-9.3p2/auth2-pubkey.c +extern int inetd_flag; +extern int rexeced_flag; +extern Authctxt *the_authctxt; + extern struct authmethod_cfg methodcfg_pubkey; static char * - format_key(const struct sshkey *key) @@ -459,7 +462,8 @@ match_principals_command(struct passwd * if ((pid = subprocess("AuthorizedPrincipalsCommand", command, ac, av, &f, SSH_SUBPROCESS_STDOUT_CAPTURE|SSH_SUBPROCESS_STDERR_DISCARD, - runas_pw, temporarily_use_uid, restore_uid)) == 0) + runas_pw, temporarily_use_uid, restore_uid, -+ (inetd_flag && !rexeced_flag), the_authctxt)) == 0) ++ inetd_flag, the_authctxt)) == 0) goto out; uid_swapped = 1; @@ -28,7 +28,7 @@ Index: openssh-9.3p2/auth2-pubkey.c SSH_SUBPROCESS_STDOUT_CAPTURE|SSH_SUBPROCESS_STDERR_DISCARD, - runas_pw, temporarily_use_uid, restore_uid)) == 0) + runas_pw, temporarily_use_uid, restore_uid, -+ (inetd_flag && !rexeced_flag), the_authctxt)) == 0) ++ inetd_flag, the_authctxt)) == 0) goto out; uid_swapped = 1; @@ -87,14 +87,13 @@ Index: openssh-9.3p2/openbsd-compat/port-linux-sshd.c =================================================================== --- openssh-9.3p2.orig/openbsd-compat/port-linux-sshd.c +++ openssh-9.3p2/openbsd-compat/port-linux-sshd.c -@@ -49,11 +49,6 @@ +@@ -49,10 +49,6 @@ #include #endif -extern ServerOptions options; -extern Authctxt *the_authctxt; -extern int inetd_flag; --extern int rexeced_flag; - /* Wrapper around is_selinux_enabled() to log its return value once only */ int @@ -133,7 +132,7 @@ Index: openssh-9.3p2/openbsd-compat/port-linux-sshd.c if (r == 0) { /* If launched from xinetd, we must use current level */ -- if (inetd_flag && !rexeced_flag) { +- if (inetd_flag) { + if (inetd) { security_context_t sshdsc=NULL; @@ -157,7 +156,7 @@ Index: openssh-9.3p2/openbsd-compat/port-linux-sshd.c rv = set_it("SELINUX_ROLE_REQUESTED", role ? role : ""); -- if (inetd_flag && !rexeced_flag) { +- if (inetd_flag) { + if (inetd) { use_current = "1"; } else { @@ -222,56 +221,46 @@ Index: openssh-9.3p2/platform.c =================================================================== --- openssh-9.3p2.orig/platform.c +++ openssh-9.3p2/platform.c -@@ -34,6 +34,9 @@ +@@ -34,6 +34,8 @@ + #include "openbsd-compat/openbsd-compat.h" - extern int use_privsep; extern ServerOptions options; +extern int inetd_flag; -+extern int rexeced_flag; +extern Authctxt *the_authctxt; - void - platform_pre_listen(void) -@@ -185,7 +188,9 @@ platform_setusercontext_post_groups(stru + /* return 1 if we are running with privilege to swap UIDs, 0 otherwise */ + int +@@ -185,7 +187,9 @@ platform_setusercontext_post_groups(stru } #endif /* HAVE_SETPCRED */ #ifdef WITH_SELINUX - sshd_selinux_setup_exec_context(pw->pw_name); + sshd_selinux_setup_exec_context(pw->pw_name, -+ (inetd_flag && !rexeced_flag), do_pam_putenv, the_authctxt, ++ inetd_flag, do_pam_putenv, the_authctxt, + options.use_pam); #endif } -Index: openssh-9.3p2/sshd.c +Index: openssh-9.3p2/sshd-session.c =================================================================== ---- openssh-9.3p2.orig/sshd.c -+++ openssh-9.3p2/sshd.c +--- openssh-9.3p2.orig/sshd-session.c ++++ openssh-9.3p2/sshd-session.c @@ -166,7 +166,7 @@ int debug_flag = 0; - static int test_flag = 0; + int debug_flag = 0; /* Flag indicating that the daemon is being started from inetd. */ -static int inetd_flag = 0; +int inetd_flag = 0; - /* Flag indicating that sshd should not detach and become a daemon. */ - static int no_daemon_flag = 0; -@@ -179,7 +179,7 @@ static char **saved_argv; - static int saved_argc; - - /* re-exec */ --static int rexeced_flag = 0; -+int rexeced_flag = 0; - static int rexec_flag = 1; - static int rexec_argc = 0; - static char **rexec_argv; + /* debug goes to stderr unless inetd_flag is set */ + static int log_stderr = 0; @@ -2396,7 +2396,9 @@ main(int ac, char **av) } #endif #ifdef WITH_SELINUX - sshd_selinux_setup_exec_context(authctxt->pw->pw_name); + sshd_selinux_setup_exec_context(authctxt->pw->pw_name, -+ (inetd_flag && !rexeced_flag), do_pam_putenv, the_authctxt, ++ inetd_flag, do_pam_putenv, the_authctxt, + options.use_pam); #endif #ifdef USE_PAM diff --git a/openssh-7.7p1-cavstest-ctr.patch b/openssh-7.7p1-cavstest-ctr.patch index 17b6672..0498b75 100644 --- a/openssh-7.7p1-cavstest-ctr.patch +++ b/openssh-7.7p1-cavstest-ctr.patch @@ -7,7 +7,7 @@ Index: openssh-8.8p1/Makefile.in --- openssh-8.8p1.orig/Makefile.in +++ openssh-8.8p1/Makefile.in @@ -26,6 +26,7 @@ SFTP_SERVER=$(libexecdir)/sftp-server - SSH_KEYSIGN=$(libexecdir)/ssh-keysign + SSHD_SESSION=$(libexecdir)/sshd-session SSH_PKCS11_HELPER=$(libexecdir)/ssh-pkcs11-helper SSH_SK_HELPER=$(libexecdir)/ssh-sk-helper +CAVSTEST_CTR=$(libexecdir)/cavstest-ctr @@ -16,7 +16,7 @@ Index: openssh-8.8p1/Makefile.in STRIP_OPT=@STRIP_OPT@ @@ -69,6 +70,8 @@ MKDIR_P=@MKDIR_P@ - TARGETS=ssh$(EXEEXT) sshd$(EXEEXT) ssh-add$(EXEEXT) ssh-keygen$(EXEEXT) ssh-keyscan${EXEEXT} ssh-keysign${EXEEXT} ssh-pkcs11-helper$(EXEEXT) ssh-agent$(EXEEXT) scp$(EXEEXT) sftp-server$(EXEEXT) sftp$(EXEEXT) ssh-sk-helper$(EXEEXT) + TARGETS=ssh$(EXEEXT) sshd$(EXEEXT) sshd-session$(EXEEXT) ssh-add$(EXEEXT) ssh-keygen$(EXEEXT) ssh-keyscan${EXEEXT} ssh-keysign${EXEEXT} ssh-pkcs11-helper$(EXEEXT) ssh-agent$(EXEEXT) scp$(EXEEXT) sftp-server$(EXEEXT) sftp$(EXEEXT) ssh-sk-helper$(EXEEXT) +TARGETS += cavstest-ctr$(EXEEXT) + @@ -29,7 +29,7 @@ Index: openssh-8.8p1/Makefile.in +# FIPS tests +cavstest-ctr$(EXEEXT): $(LIBCOMPAT) libssh.a ssh-sk.o sk-usbhid.o cavstest-ctr.o -+ $(LD) -o $@ cavstest-ctr.o ssh-sk.o sk-usbhid.o $(LDFLAGS) -lssh -lopenbsd-compat -lssh $(LIBS) $(LIBFIDO2) ++ $(LD) -o $@ cavstest-ctr.o ssh-sk.o sk-usbhid.o $(LDFLAGS) -lssh -lopenbsd-compat -lssh $(LIBS) $(LIBFIDO2) -lz + # test driver for the loginrec code - not built by default logintest: logintest.o $(LIBCOMPAT) libssh.a loginrec.o diff --git a/openssh-7.7p1-cavstest-kdf.patch b/openssh-7.7p1-cavstest-kdf.patch index bc5763e..864be49 100644 --- a/openssh-7.7p1-cavstest-kdf.patch +++ b/openssh-7.7p1-cavstest-kdf.patch @@ -16,7 +16,7 @@ Index: openssh-8.8p1/Makefile.in STRIP_OPT=@STRIP_OPT@ @@ -70,7 +71,7 @@ MKDIR_P=@MKDIR_P@ - TARGETS=ssh$(EXEEXT) sshd$(EXEEXT) ssh-add$(EXEEXT) ssh-keygen$(EXEEXT) ssh-keyscan${EXEEXT} ssh-keysign${EXEEXT} ssh-pkcs11-helper$(EXEEXT) ssh-agent$(EXEEXT) scp$(EXEEXT) sftp-server$(EXEEXT) sftp$(EXEEXT) ssh-sk-helper$(EXEEXT) + TARGETS=ssh$(EXEEXT) sshd$(EXEEXT) sshd-session$(EXEEXT) ssh-add$(EXEEXT) ssh-keygen$(EXEEXT) ssh-keyscan${EXEEXT} ssh-keysign${EXEEXT} ssh-pkcs11-helper$(EXEEXT) ssh-agent$(EXEEXT) scp$(EXEEXT) sftp-server$(EXEEXT) sftp$(EXEEXT) ssh-sk-helper$(EXEEXT) -TARGETS += cavstest-ctr$(EXEEXT) +TARGETS += cavstest-ctr$(EXEEXT) cavstest-kdf$(EXEEXT) @@ -25,10 +25,10 @@ Index: openssh-8.8p1/Makefile.in ssh-xmss.o \ @@ -252,6 +253,9 @@ sftp$(EXEEXT): $(LIBCOMPAT) libssh.a $(S cavstest-ctr$(EXEEXT): $(LIBCOMPAT) libssh.a ssh-sk.o sk-usbhid.o cavstest-ctr.o - $(LD) -o $@ cavstest-ctr.o ssh-sk.o sk-usbhid.o $(LDFLAGS) -lssh -lopenbsd-compat -lssh $(LIBS) $(LIBFIDO2) + $(LD) -o $@ cavstest-ctr.o ssh-sk.o sk-usbhid.o $(LDFLAGS) -lssh -lopenbsd-compat -lssh $(LIBS) $(LIBFIDO2) -lz +cavstest-kdf$(EXEEXT): $(LIBCOMPAT) libssh.a ssh-sk.o sk-usbhid.o cavstest-kdf.o -+ $(LD) -o $@ cavstest-kdf.o ssh-sk.o sk-usbhid.o $(LDFLAGS) -lssh -lopenbsd-compat -lssh $(LIBS) $(LIBFIDO2) ++ $(LD) -o $@ cavstest-kdf.o ssh-sk.o sk-usbhid.o $(LDFLAGS) -lssh -lopenbsd-compat -lssh $(LIBS) $(LIBFIDO2) -lz + # test driver for the loginrec code - not built by default logintest: logintest.o $(LIBCOMPAT) libssh.a loginrec.o diff --git a/openssh-7.7p1-fips.patch b/openssh-7.7p1-fips.patch index 08b9d30..479680f 100644 --- a/openssh-7.7p1-fips.patch +++ b/openssh-7.7p1-fips.patch @@ -389,17 +389,17 @@ Index: openssh-9.6p1/hmac.c ssh_hmac_update(ctx, m, mlen) < 0 || Index: openssh-9.6p1/kex.c =================================================================== ---- openssh-9.6p1.orig/kex.c -+++ openssh-9.6p1/kex.c +--- openssh-9.6p1.orig/kex-names.c ++++ openssh-9.6p1/kex-names.c @@ -64,6 +64,8 @@ - #include "digest.h" + #include "ssherr.h" #include "xmalloc.h" +#include "fips.h" + - /* prototype */ - static int kex_choose_conf(struct ssh *, uint32_t seq); - static int kex_input_newkeys(int, u_int32_t, struct ssh *); + struct kexalg { + char *name; + u_int type; @@ -87,7 +89,7 @@ struct kexalg { int ec_nid; int hash_alg; @@ -647,8 +647,8 @@ Index: openssh-9.6p1/servconf.c #include "digest.h" +#include "fips.h" - static void add_listen_addr(ServerOptions *, const char *, - const char *, int); + #if !defined(SSHD_PAM_SERVICE) + # define SSHD_PAM_SERVICE "sshd" @@ -207,6 +208,23 @@ option_clear_or_none(const char *o) return o == NULL || strcasecmp(o, "none") == 0; } @@ -754,7 +754,7 @@ Index: openssh-9.6p1/ssh-keygen.c @@ -3794,6 +3815,15 @@ main(int argc, char **argv) key_type_name = DEFAULT_KEY_TYPE_NAME; - type = sshkey_type_from_name(key_type_name); + type = sshkey_type_from_shortname(key_type_name); + + /* protocol v1 is not allowed in FIPS mode, DSA is not acceptable because + * it has to be 1024 bit due to RFC 4253 using SHA-1 which implies 1024 bit @@ -785,8 +785,8 @@ Index: openssh-9.6p1/sshd.c --- openssh-9.6p1.orig/sshd.c +++ openssh-9.6p1/sshd.c @@ -128,6 +128,8 @@ + #include "addr.h" #include "srclimit.h" - #include "dh.h" +#include "fips.h" + diff --git a/openssh-7.7p1-fips_checks.patch b/openssh-7.7p1-fips_checks.patch index ebbf1ab..921c1bf 100644 --- a/openssh-7.7p1-fips_checks.patch +++ b/openssh-7.7p1-fips_checks.patch @@ -459,13 +459,13 @@ Index: openssh-8.8p1/sshd.c --- openssh-8.8p1.orig/sshd.c +++ openssh-8.8p1/sshd.c @@ -1547,6 +1547,10 @@ main(int ac, char **av) - struct connection_info *connection_info = NULL; + struct connection_info connection_info; sigset_t sigmask; + /* initialize fips - can go before ssh_malloc_init(), since that is a + * OpenBSD-only thing (as of OpenSSH 7.6p1) */ + fips_ssh_init(); + + memset(&connection_info, 0, sizeof(connection_info)); #ifdef HAVE_SECUREWARE (void)set_auth_parameters(ac, av); - #endif diff --git a/openssh-7.7p1-ldap.patch b/openssh-7.7p1-ldap.patch index cfa9249..3df2a64 100644 --- a/openssh-7.7p1-ldap.patch +++ b/openssh-7.7p1-ldap.patch @@ -128,7 +128,7 @@ Index: openssh-8.9p1/Makefile.in --- openssh-8.9p1.orig/Makefile.in +++ openssh-8.9p1/Makefile.in @@ -27,6 +27,8 @@ SFTP_SERVER=$(libexecdir)/sftp-server - SSH_KEYSIGN=$(libexecdir)/ssh-keysign + SSHD_SESSION=$(libexecdir)/sshd-session SSH_PKCS11_HELPER=$(libexecdir)/ssh-pkcs11-helper SSH_SK_HELPER=$(libexecdir)/ssh-sk-helper +SSH_LDAP_HELPER=$(libexecdir)/ssh-ldap-helper @@ -168,7 +168,7 @@ Index: openssh-8.9p1/Makefile.in $(LD) -o $@ $(SFTPSERVER_OBJS) $(LDFLAGS) -lssh -lopenbsd-compat -lssh $(LIBS) @@ -421,6 +429,10 @@ install-files: - $(INSTALL) -m 0755 $(STRIP_OPT) sshd$(EXEEXT) $(DESTDIR)$(sbindir)/sshd$(EXEEXT) + $(INSTALL) -m 0755 $(STRIP_OPT) sshd-session$(EXEEXT) $(DESTDIR)$(SSHD_SESSION)$(EXEEXT) $(INSTALL) -m 4711 $(STRIP_OPT) ssh-keysign$(EXEEXT) $(DESTDIR)$(SSH_KEYSIGN)$(EXEEXT) $(INSTALL) -m 0755 $(STRIP_OPT) ssh-pkcs11-helper$(EXEEXT) $(DESTDIR)$(SSH_PKCS11_HELPER)$(EXEEXT) + if test ! -z "$(INSTALL_SSH_LDAP_HELPER)" ; then \ diff --git a/openssh-7.7p1-pam_check_locks.patch b/openssh-7.7p1-pam_check_locks.patch index 4186015..42c847d 100644 --- a/openssh-7.7p1-pam_check_locks.patch +++ b/openssh-7.7p1-pam_check_locks.patch @@ -32,17 +32,17 @@ Index: openssh-8.8p1/servconf.c --- openssh-8.8p1.orig/servconf.c +++ openssh-8.8p1/servconf.c @@ -92,6 +92,7 @@ initialize_server_options(ServerOptions - /* Portable-specific options */ options->use_pam = -1; + options->pam_service_name = NULL; + options->use_pam_check_locks = -1; /* Standard Options */ options->num_ports = 0; @@ -278,6 +279,8 @@ fill_default_server_options(ServerOption - /* Portable-specific options */ - if (options->use_pam == -1) options->use_pam = 0; + if (options->pam_service_name == NULL) + options->pam_service_name = xstrdup(SSHD_PAM_SERVICE); + if (options->use_pam_check_locks == -1) + options->use_pam_check_locks = 0; @@ -52,26 +52,27 @@ Index: openssh-8.8p1/servconf.c typedef enum { sBadOption, /* == unknown option */ /* Portable-specific options */ -- sUsePAM, -+ sUsePAM, sUsePAMChecklocks, +- sUsePAM, sPAMServiceName, ++ sUsePAM, sPAMServiceName, sUsePAMChecklocks, /* Standard Options */ sPort, sHostKeyFile, sLoginGraceTime, sPermitRootLogin, sLogFacility, sLogLevel, sLogVerbose, -@@ -535,8 +538,10 @@ static struct { - /* Portable-specific options */ +@@ -535,9 +538,11 @@ static struct { #ifdef USE_PAM { "usepam", sUsePAM, SSHCFG_GLOBAL }, + { "pamservicename", sPAMServiceName, SSHCFG_ALL }, + { "usepamchecklocks", sUsePAMChecklocks, SSHCFG_GLOBAL }, #else { "usepam", sUnsupported, SSHCFG_GLOBAL }, + { "pamservicename", sUnsupported, SSHCFG_ALL }, + { "usepamchecklocks", sUnsupported, SSHCFG_GLOBAL }, #endif { "pamauthenticationviakbdint", sDeprecated, SSHCFG_GLOBAL }, /* Standard Options */ @@ -1331,6 +1336,9 @@ process_server_config_line_depth(ServerO - case sUsePAM: - intptr = &options->use_pam; - goto parse_flag; + if (*activep && *charptr == NULL) + *charptr = xstrdup(arg); + break; + case sUsePAMChecklocks: + intptr = &options->use_pam_check_locks; + goto parse_flag; @@ -83,9 +84,9 @@ Index: openssh-8.8p1/servconf.h --- openssh-8.8p1.orig/servconf.h +++ openssh-8.8p1/servconf.h @@ -200,6 +200,7 @@ typedef struct { - char *adm_forced_command; int use_pam; /* Enable auth via PAM */ + char *pam_service_name; + int use_pam_check_locks; /* internally check for locked accounts even when using PAM */ int permit_tun; diff --git a/openssh-7.7p1-systemd-notify.patch b/openssh-7.7p1-systemd-notify.patch index ae55aae..bb69a3b 100644 --- a/openssh-7.7p1-systemd-notify.patch +++ b/openssh-7.7p1-systemd-notify.patch @@ -61,7 +61,7 @@ Index: openssh-8.8p1/sshd.c + #include "xmalloc.h" #include "ssh.h" - #include "ssh2.h" + #include "sshpty.h" @@ -308,6 +312,10 @@ sighup_handler(int sig) static void sighup_restart(void) @@ -84,4 +84,4 @@ Index: openssh-8.8p1/sshd.c + /* Accept a connection and return in a forked child */ server_accept_loop(&sock_in, &sock_out, - &newsock, config_s); + &newsock, config_s, log_stderr); diff --git a/openssh-7.8p1-role-mls.patch b/openssh-7.8p1-role-mls.patch index a73ca13..a07128e 100644 --- a/openssh-7.8p1-role-mls.patch +++ b/openssh-7.8p1-role-mls.patch @@ -1,8 +1,7 @@ -Index: openssh-9.6p1/auth2.c -=================================================================== ---- openssh-9.6p1.orig/auth2.c -+++ openssh-9.6p1/auth2.c -@@ -273,6 +273,9 @@ input_userauth_request(int type, u_int32 +diff -up openssh/auth2.c.role-mls openssh/auth2.c +--- openssh/auth2.c.role-mls 2018-08-20 07:57:29.000000000 +0200 ++++ openssh/auth2.c 2018-08-22 11:14:56.815430916 +0200 +@@ -256,6 +256,9 @@ input_userauth_request(int type, u_int32 Authctxt *authctxt = ssh->authctxt; Authmethod *m = NULL; char *user = NULL, *service = NULL, *method = NULL, *style = NULL; @@ -12,7 +11,7 @@ Index: openssh-9.6p1/auth2.c int r, authenticated = 0; double tstart = monotime_double(); -@@ -286,6 +289,11 @@ input_userauth_request(int type, u_int32 +@@ -268,6 +271,11 @@ input_userauth_request(int type, u_int32 debug("userauth-request for user %s service %s method %s", user, service, method); debug("attempt %d failures %d", authctxt->attempt, authctxt->failures); @@ -24,36 +23,32 @@ Index: openssh-9.6p1/auth2.c if ((style = strchr(user, ':')) != NULL) *style++ = 0; -@@ -313,8 +321,15 @@ input_userauth_request(int type, u_int32 - use_privsep ? " [net]" : ""); +@@ -314,7 +314,13 @@ input_userauth_request(int type, u_int32 + setproctitle("%s [net]", authctxt->valid ? user : "unknown"); authctxt->service = xstrdup(service); authctxt->style = style ? xstrdup(style) : NULL; -- if (use_privsep) +#ifdef WITH_SELINUX + authctxt->role = role ? xstrdup(role) : NULL; +#endif -+ if (use_privsep) { - mm_inform_authserv(service, style); + mm_inform_authserv(service, style); +#ifdef WITH_SELINUX -+ mm_inform_authrole(role); ++ mm_inform_authrole(role); +#endif -+ } userauth_banner(ssh); if ((r = kex_server_update_ext_info(ssh)) != 0) fatal_fr(r, "kex_server_update_ext_info failed"); -Index: openssh-9.6p1/auth2-gss.c -=================================================================== ---- openssh-9.6p1.orig/auth2-gss.c -+++ openssh-9.6p1/auth2-gss.c -@@ -331,6 +331,7 @@ input_gssapi_mic(int type, u_int32_t ple +diff -up openssh/auth2-gss.c.role-mls openssh/auth2-gss.c +--- openssh/auth2-gss.c.role-mls 2018-08-20 07:57:29.000000000 +0200 ++++ openssh/auth2-gss.c 2018-08-22 11:15:42.459799171 +0200 +@@ -281,6 +281,7 @@ input_gssapi_mic(int type, u_int32_t ple Authctxt *authctxt = ssh->authctxt; Gssctxt *gssctxt; int r, authenticated = 0; + char *micuser; struct sshbuf *b; gss_buffer_desc mic, gssbuf; - const char *displayname; -@@ -348,7 +349,13 @@ input_gssapi_mic(int type, u_int32_t ple + u_char *p; +@@ -298,7 +299,13 @@ input_gssapi_mic(int type, u_int32_t ple fatal_f("sshbuf_new failed"); mic.value = p; mic.length = len; @@ -68,7 +63,7 @@ Index: openssh-9.6p1/auth2-gss.c "gssapi-with-mic", ssh->kex->session_id); if ((gssbuf.value = sshbuf_mutable_ptr(b)) == NULL) -@@ -362,6 +369,8 @@ input_gssapi_mic(int type, u_int32_t ple +@@ -311,6 +318,8 @@ input_gssapi_mic(int type, u_int32_t ple logit("GSSAPI MIC check failed"); sshbuf_free(b); @@ -76,12 +71,11 @@ Index: openssh-9.6p1/auth2-gss.c + free(micuser); free(mic.value); - if ((!use_privsep || mm_is_monitor()) && -Index: openssh-9.6p1/auth2-hostbased.c -=================================================================== ---- openssh-9.6p1.orig/auth2-hostbased.c -+++ openssh-9.6p1/auth2-hostbased.c -@@ -128,7 +128,16 @@ userauth_hostbased(struct ssh *ssh, cons + authctxt->postponed = 0; +diff -up openssh/auth2-hostbased.c.role-mls openssh/auth2-hostbased.c +--- openssh/auth2-hostbased.c.role-mls 2018-08-20 07:57:29.000000000 +0200 ++++ openssh/auth2-hostbased.c 2018-08-22 11:14:56.816430924 +0200 +@@ -123,7 +123,16 @@ userauth_hostbased(struct ssh *ssh) /* reconstruct packet */ if ((r = sshbuf_put_stringb(b, ssh->kex->session_id)) != 0 || (r = sshbuf_put_u8(b, SSH2_MSG_USERAUTH_REQUEST)) != 0 || @@ -98,11 +92,10 @@ Index: openssh-9.6p1/auth2-hostbased.c (r = sshbuf_put_cstring(b, authctxt->service)) != 0 || (r = sshbuf_put_cstring(b, method)) != 0 || (r = sshbuf_put_string(b, pkalg, alen)) != 0 || -Index: openssh-9.6p1/auth2-pubkey.c -=================================================================== ---- openssh-9.6p1.orig/auth2-pubkey.c -+++ openssh-9.6p1/auth2-pubkey.c -@@ -200,9 +200,16 @@ userauth_pubkey(struct ssh *ssh, const c +diff -up openssh/auth2-pubkey.c.role-mls openssh/auth2-pubkey.c +--- openssh/auth2-pubkey.c.role-mls 2018-08-22 11:14:56.816430924 +0200 ++++ openssh/auth2-pubkey.c 2018-08-22 11:17:07.331483958 +0200 +@@ -169,9 +169,16 @@ userauth_pubkey(struct ssh *ssh) goto done; } /* reconstruct packet */ @@ -121,10 +114,9 @@ Index: openssh-9.6p1/auth2-pubkey.c if ((r = sshbuf_put_u8(b, SSH2_MSG_USERAUTH_REQUEST)) != 0 || (r = sshbuf_put_cstring(b, userstyle)) != 0 || (r = sshbuf_put_cstring(b, authctxt->service)) != 0 || -Index: openssh-9.6p1/auth.h -=================================================================== ---- openssh-9.6p1.orig/auth.h -+++ openssh-9.6p1/auth.h +diff -up openssh/auth.h.role-mls openssh/auth.h +--- openssh/auth.h.role-mls 2018-08-20 07:57:29.000000000 +0200 ++++ openssh/auth.h 2018-08-22 11:14:56.816430924 +0200 @@ -65,6 +65,9 @@ struct Authctxt { char *service; struct passwd *pw; /* set if 'valid' */ @@ -135,11 +127,10 @@ Index: openssh-9.6p1/auth.h /* Method lists for multiple authentication */ char **auth_methods; /* modified from server config */ -Index: openssh-9.6p1/auth-pam.c -=================================================================== ---- openssh-9.6p1.orig/auth-pam.c -+++ openssh-9.6p1/auth-pam.c -@@ -1242,7 +1242,7 @@ is_pam_session_open(void) +diff -up openssh/auth-pam.c.role-mls openssh/auth-pam.c +--- openssh/auth-pam.c.role-mls 2018-08-20 07:57:29.000000000 +0200 ++++ openssh/auth-pam.c 2018-08-22 11:14:56.816430924 +0200 +@@ -1172,7 +1172,7 @@ is_pam_session_open(void) * during the ssh authentication process. */ int @@ -148,24 +139,22 @@ Index: openssh-9.6p1/auth-pam.c { int ret = 1; char *compound; -Index: openssh-9.6p1/auth-pam.h -=================================================================== ---- openssh-9.6p1.orig/auth-pam.h -+++ openssh-9.6p1/auth-pam.h +diff -up openssh/auth-pam.h.role-mls openssh/auth-pam.h +--- openssh/auth-pam.h.role-mls 2018-08-20 07:57:29.000000000 +0200 ++++ openssh/auth-pam.h 2018-08-22 11:14:56.817430932 +0200 @@ -33,7 +33,7 @@ u_int do_pam_account(void); void do_pam_session(struct ssh *); - void do_pam_setcred(int ); + void do_pam_setcred(void); void do_pam_chauthtok(void); -int do_pam_putenv(char *, char *); +int do_pam_putenv(char *, const char *); char ** fetch_pam_environment(void); char ** fetch_pam_child_environment(void); void free_pam_environment(char **); -Index: openssh-9.6p1/misc.c -=================================================================== ---- openssh-9.6p1.orig/misc.c -+++ openssh-9.6p1/misc.c -@@ -771,6 +771,7 @@ char * +diff -up openssh/misc.c.role-mls openssh/misc.c +--- openssh/misc.c.role-mls 2018-08-20 07:57:29.000000000 +0200 ++++ openssh/misc.c 2018-08-22 11:14:56.817430932 +0200 +@@ -542,6 +542,7 @@ char * colon(char *cp) { int flag = 0; @@ -173,7 +162,7 @@ Index: openssh-9.6p1/misc.c if (*cp == ':') /* Leading colon is part of file name. */ return NULL; -@@ -786,6 +787,13 @@ colon(char *cp) +@@ -557,6 +558,13 @@ colon(char *cp) return (cp); if (*cp == '/') return NULL; @@ -187,11 +176,10 @@ Index: openssh-9.6p1/misc.c } return NULL; } -Index: openssh-9.6p1/monitor.c -=================================================================== ---- openssh-9.6p1.orig/monitor.c -+++ openssh-9.6p1/monitor.c -@@ -120,6 +120,9 @@ int mm_answer_sign(struct ssh *, int, st +diff -up openssh-8.6p1/monitor.c.role-mls openssh-8.6p1/monitor.c +--- openssh-8.6p1/monitor.c.role-mls 2021-04-16 05:55:25.000000000 +0200 ++++ openssh-8.6p1/monitor.c 2021-05-21 14:21:56.719414087 +0200 +@@ -117,6 +117,9 @@ int mm_answer_sign(struct ssh *, int, st int mm_answer_pwnamallow(struct ssh *, int, struct sshbuf *); int mm_answer_auth2_read_banner(struct ssh *, int, struct sshbuf *); int mm_answer_authserv(struct ssh *, int, struct sshbuf *); @@ -201,7 +189,7 @@ Index: openssh-9.6p1/monitor.c int mm_answer_authpassword(struct ssh *, int, struct sshbuf *); int mm_answer_bsdauthquery(struct ssh *, int, struct sshbuf *); int mm_answer_bsdauthrespond(struct ssh *, int, struct sshbuf *); -@@ -200,6 +203,9 @@ struct mon_table mon_dispatch_proto20[] +@@ -195,6 +198,9 @@ struct mon_table mon_dispatch_proto20[] {MONITOR_REQ_SIGN, MON_ONCE, mm_answer_sign}, {MONITOR_REQ_PWNAM, MON_ONCE, mm_answer_pwnamallow}, {MONITOR_REQ_AUTHSERV, MON_ONCE, mm_answer_authserv}, @@ -211,7 +199,7 @@ Index: openssh-9.6p1/monitor.c {MONITOR_REQ_AUTH2_READ_BANNER, MON_ONCE, mm_answer_auth2_read_banner}, {MONITOR_REQ_AUTHPASSWORD, MON_AUTH, mm_answer_authpassword}, #ifdef USE_PAM -@@ -834,6 +840,9 @@ mm_answer_pwnamallow(struct ssh *ssh, in +@@ -803,6 +809,9 @@ mm_answer_pwnamallow(struct ssh *ssh, in /* Allow service/style information on the auth context */ monitor_permit(mon_dispatch, MONITOR_REQ_AUTHSERV, 1); @@ -221,7 +209,7 @@ Index: openssh-9.6p1/monitor.c monitor_permit(mon_dispatch, MONITOR_REQ_AUTH2_READ_BANNER, 1); #ifdef USE_PAM -@@ -908,6 +917,26 @@ key_base_type_match(const char *method, +@@ -877,6 +886,26 @@ key_base_type_match(const char *method, return found; } @@ -248,16 +236,16 @@ Index: openssh-9.6p1/monitor.c int mm_answer_authpassword(struct ssh *ssh, int sock, struct sshbuf *m) { -@@ -1280,7 +1309,7 @@ monitor_valid_userblob(struct ssh *ssh, +@@ -1251,7 +1280,7 @@ monitor_valid_userblob(struct ssh *ssh, struct sshbuf *b; - struct sshkey *hostkey = NULL; + struct sshkey *hostkey = NULL; const u_char *p; - char *userstyle, *cp; + char *userstyle, *s, *cp; size_t len; u_char type; int hostbound = 0, r, fail = 0; -@@ -1311,6 +1340,8 @@ monitor_valid_userblob(struct ssh *ssh, +@@ -1282,6 +1311,8 @@ monitor_valid_userblob(struct ssh *ssh, fail++; if ((r = sshbuf_get_cstring(b, &cp, NULL)) != 0) fatal_fr(r, "parse userstyle"); @@ -266,7 +254,7 @@ Index: openssh-9.6p1/monitor.c xasprintf(&userstyle, "%s%s%s", authctxt->user, authctxt->style ? ":" : "", authctxt->style ? authctxt->style : ""); -@@ -1361,7 +1392,7 @@ monitor_valid_hostbasedblob(const u_char +@@ -1317,7 +1348,7 @@ monitor_valid_hostbasedblob(const u_char { struct sshbuf *b; const u_char *p; @@ -275,7 +263,7 @@ Index: openssh-9.6p1/monitor.c size_t len; int r, fail = 0; u_char type; -@@ -1382,6 +1413,8 @@ monitor_valid_hostbasedblob(const u_char +@@ -1338,6 +1370,8 @@ monitor_valid_hostbasedblob(const u_char fail++; if ((r = sshbuf_get_cstring(b, &cp, NULL)) != 0) fatal_fr(r, "parse userstyle"); @@ -284,10 +272,9 @@ Index: openssh-9.6p1/monitor.c xasprintf(&userstyle, "%s%s%s", authctxt->user, authctxt->style ? ":" : "", authctxt->style ? authctxt->style : ""); -Index: openssh-9.6p1/monitor.h -=================================================================== ---- openssh-9.6p1.orig/monitor.h -+++ openssh-9.6p1/monitor.h +diff -up openssh/monitor.h.role-mls openssh/monitor.h +--- openssh/monitor.h.role-mls 2018-08-20 07:57:29.000000000 +0200 ++++ openssh/monitor.h 2018-08-22 11:14:56.818430941 +0200 @@ -55,6 +55,10 @@ enum monitor_reqtype { MONITOR_REQ_GSSCHECKMIC = 48, MONITOR_ANS_GSSCHECKMIC = 49, MONITOR_REQ_TERM = 50, @@ -299,11 +286,10 @@ Index: openssh-9.6p1/monitor.h MONITOR_REQ_PAM_START = 100, MONITOR_REQ_PAM_ACCOUNT = 102, MONITOR_ANS_PAM_ACCOUNT = 103, MONITOR_REQ_PAM_INIT_CTX = 104, MONITOR_ANS_PAM_INIT_CTX = 105, -Index: openssh-9.6p1/monitor_wrap.c -=================================================================== ---- openssh-9.6p1.orig/monitor_wrap.c -+++ openssh-9.6p1/monitor_wrap.c -@@ -396,6 +396,27 @@ mm_inform_authserv(char *service, char * +diff -up openssh/monitor_wrap.c.role-mls openssh/monitor_wrap.c +--- openssh/monitor_wrap.c.role-mls 2018-08-22 11:14:56.818430941 +0200 ++++ openssh/monitor_wrap.c 2018-08-22 11:21:47.938747968 +0200 +@@ -390,6 +390,27 @@ mm_inform_authserv(char *service, char * sshbuf_free(m); } @@ -331,11 +317,10 @@ Index: openssh-9.6p1/monitor_wrap.c /* Do the password authentication */ int mm_auth_password(struct ssh *ssh, char *password) -Index: openssh-9.6p1/monitor_wrap.h -=================================================================== ---- openssh-9.6p1.orig/monitor_wrap.h -+++ openssh-9.6p1/monitor_wrap.h -@@ -49,6 +49,9 @@ int mm_sshkey_sign(struct ssh *, struct +diff -up openssh/monitor_wrap.h.role-mls openssh/monitor_wrap.h +--- openssh/monitor_wrap.h.role-mls 2018-08-22 11:14:56.818430941 +0200 ++++ openssh/monitor_wrap.h 2018-08-22 11:22:10.439929513 +0200 +@@ -44,6 +44,9 @@ DH *mm_choose_dh(int, int, int); const u_char *, size_t, const char *, const char *, const char *, u_int compat); void mm_inform_authserv(char *, char *); @@ -345,11 +330,10 @@ Index: openssh-9.6p1/monitor_wrap.h struct passwd *mm_getpwnamallow(struct ssh *, const char *); char *mm_auth2_read_banner(void); int mm_auth_password(struct ssh *, char *); -Index: openssh-9.6p1/openbsd-compat/Makefile.in -=================================================================== ---- openssh-9.6p1.orig/openbsd-compat/Makefile.in -+++ openssh-9.6p1/openbsd-compat/Makefile.in -@@ -100,7 +100,8 @@ PORTS= port-aix.o \ +diff -up openssh/openbsd-compat/Makefile.in.role-mls openssh/openbsd-compat/Makefile.in +--- openssh/openbsd-compat/Makefile.in.role-mls 2018-08-20 07:57:29.000000000 +0200 ++++ openssh/openbsd-compat/Makefile.in 2018-08-22 11:14:56.819430949 +0200 +@@ -92,7 +92,8 @@ PORTS= port-aix.o \ port-prngd.o \ port-solaris.o \ port-net.o \ @@ -359,11 +343,10 @@ Index: openssh-9.6p1/openbsd-compat/Makefile.in .c.o: $(CC) $(CFLAGS_NOPIE) $(PICFLAG) $(CPPFLAGS) -c $< -Index: openssh-9.6p1/openbsd-compat/port-linux.c -=================================================================== ---- openssh-9.6p1.orig/openbsd-compat/port-linux.c -+++ openssh-9.6p1/openbsd-compat/port-linux.c -@@ -101,37 +101,6 @@ ssh_selinux_getctxbyname(char *pwname) +diff -up openssh/openbsd-compat/port-linux.c.role-mls openssh/openbsd-compat/port-linux.c +--- openssh/openbsd-compat/port-linux.c.role-mls 2018-08-20 07:57:29.000000000 +0200 ++++ openssh/openbsd-compat/port-linux.c 2018-08-22 11:14:56.819430949 +0200 +@@ -100,37 +100,6 @@ ssh_selinux_getctxbyname(char *pwname) return sc; } @@ -401,7 +384,7 @@ Index: openssh-9.6p1/openbsd-compat/port-linux.c /* Set the TTY context for the specified user */ void ssh_selinux_setup_pty(char *pwname, const char *tty) -@@ -144,7 +113,11 @@ ssh_selinux_setup_pty(char *pwname, cons +@@ -145,7 +114,11 @@ ssh_selinux_setup_pty(char *pwname, cons debug3("%s: setting TTY context on %s", __func__, tty); @@ -414,10 +397,9 @@ Index: openssh-9.6p1/openbsd-compat/port-linux.c /* XXX: should these calls fatal() upon failure in enforcing mode? */ -Index: openssh-9.6p1/openbsd-compat/port-linux.h -=================================================================== ---- openssh-9.6p1.orig/openbsd-compat/port-linux.h -+++ openssh-9.6p1/openbsd-compat/port-linux.h +diff -up openssh/openbsd-compat/port-linux.h.role-mls openssh/openbsd-compat/port-linux.h +--- openssh/openbsd-compat/port-linux.h.role-mls 2018-08-20 07:57:29.000000000 +0200 ++++ openssh/openbsd-compat/port-linux.h 2018-08-22 11:14:56.819430949 +0200 @@ -20,9 +20,10 @@ #ifdef WITH_SELINUX int ssh_selinux_enabled(void); @@ -430,11 +412,10 @@ Index: openssh-9.6p1/openbsd-compat/port-linux.h #endif #ifdef LINUX_OOM_ADJUST -Index: openssh-9.6p1/openbsd-compat/port-linux-sshd.c -=================================================================== ---- /dev/null -+++ openssh-9.6p1/openbsd-compat/port-linux-sshd.c -@@ -0,0 +1,421 @@ +diff -up openssh/openbsd-compat/port-linux-sshd.c.role-mls openssh/openbsd-compat/port-linux-sshd.c +--- openssh/openbsd-compat/port-linux-sshd.c.role-mls 2018-08-22 11:14:56.819430949 +0200 ++++ openssh/openbsd-compat/port-linux-sshd.c 2018-08-22 11:14:56.819430949 +0200 +@@ -0,0 +1,420 @@ +/* + * Copyright (c) 2005 Daniel Walsh + * Copyright (c) 2014 Petr Lautrbach @@ -488,7 +469,6 @@ Index: openssh-9.6p1/openbsd-compat/port-linux-sshd.c +extern ServerOptions options; +extern Authctxt *the_authctxt; +extern int inetd_flag; -+extern int rexeced_flag; + +/* Send audit message */ +static int @@ -694,7 +674,7 @@ Index: openssh-9.6p1/openbsd-compat/port-linux-sshd.c + + if (r == 0) { + /* If launched from xinetd, we must use current level */ -+ if (inetd_flag && !rexeced_flag) { ++ if (inetd_flag) { + security_context_t sshdsc=NULL; + + if (getcon_raw(&sshdsc) < 0) @@ -768,7 +748,7 @@ Index: openssh-9.6p1/openbsd-compat/port-linux-sshd.c + + rv = do_pam_putenv("SELINUX_ROLE_REQUESTED", role ? role : ""); + -+ if (inetd_flag && !rexeced_flag) { ++ if (inetd_flag) { + use_current = "1"; + } else { + use_current = ""; @@ -856,11 +836,10 @@ Index: openssh-9.6p1/openbsd-compat/port-linux-sshd.c +#endif +#endif + -Index: openssh-9.6p1/platform.c -=================================================================== ---- openssh-9.6p1.orig/platform.c -+++ openssh-9.6p1/platform.c -@@ -185,7 +185,7 @@ platform_setusercontext_post_groups(stru +diff -up openssh/platform.c.role-mls openssh/platform.c +--- openssh/platform.c.role-mls 2018-08-20 07:57:29.000000000 +0200 ++++ openssh/platform.c 2018-08-22 11:14:56.819430949 +0200 +@@ -183,7 +183,7 @@ platform_setusercontext_post_groups(stru } #endif /* HAVE_SETPCRED */ #ifdef WITH_SELINUX @@ -869,11 +848,10 @@ Index: openssh-9.6p1/platform.c #endif } -Index: openssh-9.6p1/sshd.c -=================================================================== ---- openssh-9.6p1.orig/sshd.c -+++ openssh-9.6p1/sshd.c -@@ -2387,6 +2387,9 @@ main(int ac, char **av) +diff -up openssh/sshd.c.role-mls openssh/sshd.c +--- openssh/sshd-session.c.role-mls 2018-08-20 07:57:29.000000000 +0200 ++++ openssh/sshd-session.c 2018-08-22 11:14:56.820430957 +0200 +@@ -2186,6 +2186,9 @@ main(int ac, char **av) restore_uid(); } #endif @@ -882,4 +860,4 @@ Index: openssh-9.6p1/sshd.c +#endif #ifdef USE_PAM if (options.use_pam) { - do_pam_setcred(1); + do_pam_setcred(); diff --git a/openssh-8.0p1-gssapi-keyex.patch b/openssh-8.0p1-gssapi-keyex.patch index 2f949b1..84fa215 100644 --- a/openssh-8.0p1-gssapi-keyex.patch +++ b/openssh-8.0p1-gssapi-keyex.patch @@ -1,29 +1,37 @@ -Index: openssh-9.6p1/Makefile.in -=================================================================== ---- openssh-9.6p1.orig/Makefile.in -+++ openssh-9.6p1/Makefile.in -@@ -114,6 +114,7 @@ LIBSSH_OBJS=${LIBOPENSSH_OBJS} \ - kex.o kexdh.o kexgex.o kexecdh.o kexc25519.o \ +diff --git a/Makefile.in b/Makefile.in +index e7549470..b68c1710 100644 +--- a/Makefile.in ++++ b/Makefile.in +@@ -109,6 +109,7 @@ LIBSSH_OBJS=${LIBOPENSSH_OBJS} \ + kex.o kex-names.o kexdh.o kexgex.o kexecdh.o kexc25519.o \ kexgexc.o kexgexs.o \ - kexsntrup761x25519.o sntrup761.o kexgen.o \ + kexsntrup761x25519.o kexmlkem768x25519.o sntrup761.o kexgen.o \ + kexgssc.o \ sftp-realpath.o platform-pledge.o platform-tracing.o platform-misc.o \ sshbuf-io.o -@@ -132,7 +133,7 @@ SSHDOBJS=sshd.o auth-rhosts.o auth-passw +@@ -125,7 +126,7 @@ SSHDOBJS=sshd.o auth-rhosts.o auth-passwd.o \ + auth2-chall.o groupaccess.o \ auth-bsdauth.o auth2-hostbased.o auth2-kbdint.o \ auth2-none.o auth2-passwd.o auth2-pubkey.o auth2-pubkeyfile.o \ - monitor.o monitor_wrap.o auth-krb5.o \ -- auth2-gss.o gss-serv.o gss-serv-krb5.o \ -+ auth2-gss.o gss-serv.o gss-serv-krb5.o kexgsss.o \ +- monitor.o monitor_wrap.o auth-krb5.o \ ++ monitor.o monitor_wrap.o auth-krb5.o kexgsss.o \ + auth2-gss.o gss-serv.o gss-serv-krb5.o \ loginrec.o auth-pam.o auth-shadow.o auth-sia.o \ - srclimit.o sftp-server.o sftp-common.o \ - sandbox-null.o sandbox-rlimit.o sandbox-systrace.o sandbox-darwin.o \ -Index: openssh-9.6p1/auth.c -=================================================================== ---- openssh-9.6p1.orig/auth.c -+++ openssh-9.6p1/auth.c -@@ -357,7 +357,8 @@ auth_root_allowed(struct ssh *ssh, const + sftp-server.o sftp-common.o \ +@@ -523,7 +523,7 @@ regress-prep: + ln -s `cd $(srcdir) && pwd`/regress/Makefile `pwd`/regress/Makefile + + REGRESSLIBS=libssh.a $(LIBCOMPAT) +-TESTLIBS=$(LIBS) $(CHANNELLIBS) ++TESTLIBS=$(LIBS) $(CHANNELLIBS) $(GSSLIBS) + + regress/modpipe$(EXEEXT): $(srcdir)/regress/modpipe.c $(REGRESSLIBS) + $(CC) $(CFLAGS) $(CPPFLAGS) -o $@ $(srcdir)/regress/modpipe.c \ +diff -up a/auth.c.gsskex b/auth.c +--- a/auth.c.gsskex 2021-08-20 06:03:49.000000000 +0200 ++++ b/auth.c 2021-08-27 12:41:51.262788953 +0200 +@@ -402,7 +402,8 @@ auth_root_allowed(struct ssh *ssh, const case PERMIT_NO_PASSWD: if (strcmp(method, "publickey") == 0 || strcmp(method, "hostbased") == 0 || @@ -33,121 +41,15 @@ Index: openssh-9.6p1/auth.c return 1; break; case PERMIT_FORCED_ONLY: -@@ -638,97 +639,6 @@ fakepw(void) - } - - /* -- * Returns the remote DNS hostname as a string. The returned string must not -- * be freed. NB. this will usually trigger a DNS query the first time it is -- * called. -- * This function does additional checks on the hostname to mitigate some -- * attacks on based on conflation of hostnames and IP addresses. -- */ -- --static char * --remote_hostname(struct ssh *ssh) --{ -- struct sockaddr_storage from; -- socklen_t fromlen; -- struct addrinfo hints, *ai, *aitop; -- char name[NI_MAXHOST], ntop2[NI_MAXHOST]; -- const char *ntop = ssh_remote_ipaddr(ssh); -- -- /* Get IP address of client. */ -- fromlen = sizeof(from); -- memset(&from, 0, sizeof(from)); -- if (getpeername(ssh_packet_get_connection_in(ssh), -- (struct sockaddr *)&from, &fromlen) == -1) { -- debug("getpeername failed: %.100s", strerror(errno)); -- return xstrdup(ntop); -- } -- -- ipv64_normalise_mapped(&from, &fromlen); -- if (from.ss_family == AF_INET6) -- fromlen = sizeof(struct sockaddr_in6); -- -- debug3("Trying to reverse map address %.100s.", ntop); -- /* Map the IP address to a host name. */ -- if (getnameinfo((struct sockaddr *)&from, fromlen, name, sizeof(name), -- NULL, 0, NI_NAMEREQD) != 0) { -- /* Host name not found. Use ip address. */ -- return xstrdup(ntop); -- } -- -- /* -- * if reverse lookup result looks like a numeric hostname, -- * someone is trying to trick us by PTR record like following: -- * 1.1.1.10.in-addr.arpa. IN PTR 2.3.4.5 -- */ -- memset(&hints, 0, sizeof(hints)); -- hints.ai_socktype = SOCK_DGRAM; /*dummy*/ -- hints.ai_flags = AI_NUMERICHOST; -- if (getaddrinfo(name, NULL, &hints, &ai) == 0) { -- logit("Nasty PTR record \"%s\" is set up for %s, ignoring", -- name, ntop); -- freeaddrinfo(ai); -- return xstrdup(ntop); -- } -- -- /* Names are stored in lowercase. */ -- lowercase(name); -- -- /* -- * Map it back to an IP address and check that the given -- * address actually is an address of this host. This is -- * necessary because anyone with access to a name server can -- * define arbitrary names for an IP address. Mapping from -- * name to IP address can be trusted better (but can still be -- * fooled if the intruder has access to the name server of -- * the domain). -- */ -- memset(&hints, 0, sizeof(hints)); -- hints.ai_family = from.ss_family; -- hints.ai_socktype = SOCK_STREAM; -- if (getaddrinfo(name, NULL, &hints, &aitop) != 0) { -- logit("reverse mapping checking getaddrinfo for %.700s " -- "[%s] failed.", name, ntop); -- return xstrdup(ntop); -- } -- /* Look for the address from the list of addresses. */ -- for (ai = aitop; ai; ai = ai->ai_next) { -- if (getnameinfo(ai->ai_addr, ai->ai_addrlen, ntop2, -- sizeof(ntop2), NULL, 0, NI_NUMERICHOST) == 0 && -- (strcmp(ntop, ntop2) == 0)) -- break; -- } -- freeaddrinfo(aitop); -- /* If we reached the end of the list, the address was not there. */ -- if (ai == NULL) { -- /* Address not found for the host name. */ -- logit("Address %.100s maps to %.600s, but this does not " -- "map back to the address.", ntop, name); -- return xstrdup(ntop); -- } -- return xstrdup(name); --} -- --/* - * Return the canonical name of the host in the other side of the current - * connection. The host name is cached, so it is efficient to call this - * several times. -Index: openssh-9.6p1/auth2-gss.c -=================================================================== ---- openssh-9.6p1.orig/auth2-gss.c -+++ openssh-9.6p1/auth2-gss.c -@@ -1,7 +1,7 @@ - /* $OpenBSD: auth2-gss.c,v 1.34 2023/03/31 04:22:27 djm Exp $ */ - - /* -- * Copyright (c) 2001-2003 Simon Wilkinson. All rights reserved. -+ * Copyright (c) 2001-2007 Simon Wilkinson. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions -@@ -58,6 +58,48 @@ static int input_gssapi_exchange_complet +diff --git a/auth2-gss.c b/auth2-gss.c +index 9351e042..d6446c0c 100644 +--- a/auth2-gss.c ++++ b/auth2-gss.c +@@ -54,6 +54,48 @@ static int input_gssapi_mic(int type, u_int32_t plen, struct ssh *ssh); + static int input_gssapi_exchange_complete(int type, u_int32_t plen, struct ssh *ssh); static int input_gssapi_errtok(int, u_int32_t, struct ssh *); - /* ++/* + * The 'gssapi_keyex' userauth mechanism. + */ +static int @@ -162,10 +64,10 @@ Index: openssh-9.6p1/auth2-gss.c + + if ((r = sshpkt_get_string(ssh, &p, &len)) != 0 || + (r = sshpkt_get_end(ssh)) != 0) -+ fatal("%s: %s", __func__, ssh_err(r)); ++ fatal_fr(r, "parsing"); + + if ((b = sshbuf_new()) == NULL) -+ fatal("%s: sshbuf_new failed", __func__); ++ fatal_f("sshbuf_new failed"); + + mic.value = p; + mic.length = len; @@ -174,14 +76,14 @@ Index: openssh-9.6p1/auth2-gss.c + "gssapi-keyex", ssh->kex->session_id); + + if ((gssbuf.value = sshbuf_mutable_ptr(b)) == NULL) -+ fatal("%s: sshbuf_mutable_ptr failed", __func__); ++ fatal_f("sshbuf_mutable_ptr failed"); + gssbuf.length = sshbuf_len(b); + + /* gss_kex_context is NULL with privsep, so we can't check it here */ -+ if (!GSS_ERROR(PRIVSEP(ssh_gssapi_checkmic(gss_kex_context, -+ &gssbuf, &mic)))) -+ authenticated = PRIVSEP(ssh_gssapi_userok(authctxt->user, -+ authctxt->pw, 1)); ++ if (!GSS_ERROR(mm_ssh_gssapi_checkmic(gss_kex_context, ++ &gssbuf, &mic))) ++ authenticated = mm_ssh_gssapi_userok(authctxt->user, ++ authctxt->pw, 1); + + sshbuf_free(b); + free(mic.value); @@ -189,49 +91,50 @@ Index: openssh-9.6p1/auth2-gss.c + return (authenticated); +} + -+/* + /* * We only support those mechanisms that we know about (ie ones that we know * how to check local user kuserok and the like) - */ -@@ -267,7 +309,8 @@ input_gssapi_exchange_complete(int type, +@@ -260,7 +302,7 @@ input_gssapi_exchange_complete(int type, u_int32_t plen, struct ssh *ssh) if ((r = sshpkt_get_end(ssh)) != 0) fatal_fr(r, "parse packet"); -- authenticated = PRIVSEP(ssh_gssapi_userok(authctxt->user)); -+ authenticated = PRIVSEP(ssh_gssapi_userok(authctxt->user, -+ authctxt->pw, 1)); +- authenticated = mm_ssh_gssapi_userok(authctxt->user); ++ authenticated = mm_ssh_gssapi_userok(authctxt->user, authctxt->pw, 1); - if ((!use_privsep || mm_is_monitor()) && - (displayname = ssh_gssapi_displayname()) != NULL) -@@ -313,7 +356,8 @@ input_gssapi_mic(int type, u_int32_t ple + authctxt->postponed = 0; + ssh_dispatch_set(ssh, SSH2_MSG_USERAUTH_GSSAPI_TOKEN, NULL); +@@ -306,7 +349,7 @@ input_gssapi_mic(int type, u_int32_t plen, struct ssh *ssh) gssbuf.length = sshbuf_len(b); - if (!GSS_ERROR(PRIVSEP(ssh_gssapi_checkmic(gssctxt, &gssbuf, &mic)))) -- authenticated = PRIVSEP(ssh_gssapi_userok(authctxt->user)); -+ authenticated = PRIVSEP(ssh_gssapi_userok(authctxt->user, -+ authctxt->pw, 0)); + if (!GSS_ERROR(mm_ssh_gssapi_checkmic(gssctxt, &gssbuf, &mic))) +- authenticated = mm_ssh_gssapi_userok(authctxt->user); ++ authenticated = mm_ssh_gssapi_userok(authctxt->user, authctxt->pw, 0); else logit("GSSAPI MIC check failed"); -@@ -333,6 +377,13 @@ input_gssapi_mic(int type, u_int32_t ple +@@ -326,6 +370,17 @@ input_gssapi_mic(int type, u_int32_t plen, struct ssh *ssh) return 0; } -+Authmethod method_gsskeyex = { ++struct authmethod_cfg methodcfg_gsskeyex = { + "gssapi-keyex", -+ "NULL", -+ userauth_gsskeyex, ++ NULL, + &options.gss_authentication +}; ++ ++Authmethod method_gsskeyex = { ++ &methodcfg_gsskeyex, ++ userauth_gsskeyex, ++}; + Authmethod method_gssapi = { - "gssapi-with-mic", - NULL, -Index: openssh-9.6p1/auth2.c -=================================================================== ---- openssh-9.6p1.orig/auth2.c -+++ openssh-9.6p1/auth2.c -@@ -71,6 +71,7 @@ extern Authmethod method_passwd; + &methodcfg_gssapi, + userauth_gssapi, +diff --git a/auth2.c b/auth2.c +index 0e776224..1c217268 100644 +--- a/auth2.c ++++ b/auth2.c +@@ -73,6 +73,7 @@ extern Authmethod method_passwd; extern Authmethod method_kbdint; extern Authmethod method_hostbased; #ifdef GSSAPI @@ -239,7 +142,7 @@ Index: openssh-9.6p1/auth2.c extern Authmethod method_gssapi; #endif -@@ -78,6 +79,7 @@ Authmethod *authmethods[] = { +@@ -80,6 +81,7 @@ Authmethod *authmethods[] = { &method_none, &method_pubkey, #ifdef GSSAPI @@ -247,10 +150,10 @@ Index: openssh-9.6p1/auth2.c &method_gssapi, #endif &method_passwd, -Index: openssh-9.6p1/canohost.c -=================================================================== ---- openssh-9.6p1.orig/canohost.c -+++ openssh-9.6p1/canohost.c +diff --git a/canohost.c b/canohost.c +index abea9c6e..8e81b519 100644 +--- a/canohost.c ++++ b/canohost.c @@ -35,6 +35,99 @@ #include "canohost.h" #include "misc.h" @@ -351,10 +254,10 @@ Index: openssh-9.6p1/canohost.c void ipv64_normalise_mapped(struct sockaddr_storage *addr, socklen_t *len) { -Index: openssh-9.6p1/canohost.h -=================================================================== ---- openssh-9.6p1.orig/canohost.h -+++ openssh-9.6p1/canohost.h +diff --git a/canohost.h b/canohost.h +index 26d62855..0cadc9f1 100644 +--- a/canohost.h ++++ b/canohost.h @@ -15,6 +15,9 @@ #ifndef _CANOHOST_H #define _CANOHOST_H @@ -365,41 +268,41 @@ Index: openssh-9.6p1/canohost.h char *get_peer_ipaddr(int); int get_peer_port(int); char *get_local_ipaddr(int); -Index: openssh-9.6p1/clientloop.c -=================================================================== ---- openssh-9.6p1.orig/clientloop.c -+++ openssh-9.6p1/clientloop.c -@@ -121,6 +121,10 @@ - /* Uncertainty (in percent) of keystroke timing intervals */ - #define SSH_KEYSTROKE_TIMING_FUZZ 10 +diff --git a/clientloop.c b/clientloop.c +index ebd0dbca..1bdac6a4 100644 +--- a/clientloop.c ++++ b/clientloop.c +@@ -112,6 +112,10 @@ + #include "ssherr.h" + #include "hostfile.h" +#ifdef GSSAPI +#include "ssh-gss.h" +#endif + - /* import options */ - extern Options options; + /* Permitted RSA signature algorithms for UpdateHostkeys proofs */ + #define HOSTKEY_PROOF_RSA_ALGS "rsa-sha2-512,rsa-sha2-256" -@@ -1594,6 +1598,14 @@ client_loop(struct ssh *ssh, int have_pt +@@ -1379,6 +1383,14 @@ client_loop(struct ssh *ssh, int have_pty, int escape_char_arg, /* Do channel operations. */ channel_after_poll(ssh, pfd, npfd_active); +#ifdef GSSAPI -+ if (options.gss_renewal_rekey && -+ ssh_gssapi_credentials_updated(NULL)) { -+ debug("credentials updated - forcing rekey"); -+ need_rekeying = 1; -+ } ++ if (options.gss_renewal_rekey && ++ ssh_gssapi_credentials_updated(NULL)) { ++ debug("credentials updated - forcing rekey"); ++ need_rekeying = 1; ++ } +#endif + /* Buffer input from the connection. */ if (conn_in_ready) client_process_net_input(ssh); -Index: openssh-9.6p1/configure.ac -=================================================================== ---- openssh-9.6p1.orig/configure.ac -+++ openssh-9.6p1/configure.ac -@@ -766,6 +766,30 @@ int main(void) { if (NSVersionOfRunTimeL +diff --git a/configure.ac b/configure.ac +index b689db4b..efafb6bd 100644 +--- a/configure.ac ++++ b/configure.ac +@@ -674,6 +674,30 @@ main() { if (NSVersionOfRunTimeLibrary("System") >= (60 << 16)) [Use tunnel device compatibility to OpenBSD]) AC_DEFINE([SSH_TUN_PREPEND_AF], [1], [Prepend the address family to IP tunnel traffic]) @@ -430,29 +333,20 @@ Index: openssh-9.6p1/configure.ac m4_pattern_allow([AU_IPv]) AC_CHECK_DECL([AU_IPv4], [], AC_DEFINE([AU_IPv4], [0], [System only supports IPv4 audit records]) -Index: openssh-9.6p1/gss-genr.c -=================================================================== ---- openssh-9.6p1.orig/gss-genr.c -+++ openssh-9.6p1/gss-genr.c -@@ -1,7 +1,7 @@ - /* $OpenBSD: gss-genr.c,v 1.28 2021/01/27 10:05:28 djm Exp $ */ - - /* -- * Copyright (c) 2001-2007 Simon Wilkinson. All rights reserved. -+ * Copyright (c) 2001-2009 Simon Wilkinson. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions -@@ -43,8 +43,34 @@ +diff --git a/gss-genr.c b/gss-genr.c +index d56257b4..763a63ff 100644 +--- a/gss-genr.c ++++ b/gss-genr.c +@@ -41,9 +41,33 @@ + #include "sshbuf.h" #include "log.h" #include "ssh2.h" - +#include "cipher.h" +#include "sshkey.h" +#include "kex.h" +#include "digest.h" +#include "packet.h" -+ + #include "ssh-gss.h" +typedef struct { @@ -470,15 +364,14 @@ Index: openssh-9.6p1/gss-genr.c +static ssh_gss_kex_mapping *gss_enc2oid = NULL; + +int -+ssh_gssapi_oid_table_ok(void) -+{ ++ssh_gssapi_oid_table_ok(void) { + return (gss_enc2oid != NULL); +} + /* sshbuf_get for gss_buffer_desc */ int ssh_gssapi_get_buffer_desc(struct sshbuf *b, gss_buffer_desc *g) -@@ -60,6 +86,161 @@ ssh_gssapi_get_buffer_desc(struct sshbuf +@@ -62,6 +86,159 @@ ssh_gssapi_get_buffer_desc(struct sshbuf *b, gss_buffer_desc *g) return 0; } @@ -522,7 +415,8 @@ Index: openssh-9.6p1/gss-genr.c + const char *host, const char *client, const char *kex) { + struct sshbuf *buf = NULL; + size_t i; -+ int r, oidpos, enclen; ++ int r = SSH_ERR_ALLOC_FAIL; ++ int oidpos, enclen; + char *mechs, *encoded; + u_char digest[SSH_DIGEST_MAX_LENGTH]; + char deroid[2]; @@ -539,7 +433,7 @@ Index: openssh-9.6p1/gss-genr.c + (gss_supported->count + 1)); + + if ((buf = sshbuf_new()) == NULL) -+ fatal("%s: sshbuf_new failed", __func__); ++ fatal_f("sshbuf_new failed"); + + oidpos = 0; + s = cp = xstrdup(kex); @@ -556,8 +450,7 @@ Index: openssh-9.6p1/gss-genr.c + gss_supported->elements[i].elements, + gss_supported->elements[i].length)) != 0 || + (r = ssh_digest_final(md, digest, sizeof(digest))) != 0) -+ fatal("%s: digest failed: %s", __func__, -+ ssh_err(r)); ++ fatal_fr(r, "digest failed"); + ssh_digest_free(md); + md = NULL; + @@ -572,12 +465,10 @@ Index: openssh-9.6p1/gss-genr.c + (p = strsep(&cp, ","))) { + if (sshbuf_len(buf) != 0 && + (r = sshbuf_put_u8(buf, ',')) != 0) -+ fatal("%s: sshbuf_put_u8 error: %s", -+ __func__, ssh_err(r)); ++ fatal_fr(r, "sshbuf_put_u8 error"); + if ((r = sshbuf_put(buf, p, strlen(p))) != 0 || + (r = sshbuf_put(buf, encoded, enclen)) != 0) -+ fatal("%s: sshbuf_put error: %s", -+ __func__, ssh_err(r)); ++ fatal_fr(r, "sshbuf_put error"); + } + + gss_enc2oid[oidpos].oid = &(gss_supported->elements[i]); @@ -590,7 +481,7 @@ Index: openssh-9.6p1/gss-genr.c + gss_enc2oid[oidpos].encoded = NULL; + + if ((mechs = sshbuf_dup_string(buf)) == NULL) -+ fatal("%s: sshbuf_dup_string failed", __func__); ++ fatal_f("sshbuf_dup_string failed"); + + sshbuf_free(buf); + @@ -640,7 +531,7 @@ Index: openssh-9.6p1/gss-genr.c /* Check that the OID in a data stream matches that in the context */ int ssh_gssapi_check_oid(Gssctxt *ctx, void *data, size_t len) -@@ -216,7 +397,7 @@ ssh_gssapi_init_ctx(Gssctxt *ctx, int de +@@ -218,7 +398,7 @@ ssh_gssapi_init_ctx(Gssctxt *ctx, int deleg_creds, gss_buffer_desc *recv_tok, } ctx->major = gss_init_sec_context(&ctx->minor, @@ -649,10 +540,11 @@ Index: openssh-9.6p1/gss-genr.c GSS_C_MUTUAL_FLAG | GSS_C_INTEG_FLAG | deleg_flag, 0, NULL, recv_tok, NULL, send_tok, flags, NULL); -@@ -246,8 +427,42 @@ ssh_gssapi_import_name(Gssctxt *ctx, con +@@ -247,9 +427,43 @@ ssh_gssapi_import_name(Gssctxt *ctx, const char *host) + return (ctx->major); } - OM_uint32 ++OM_uint32 +ssh_gssapi_client_identity(Gssctxt *ctx, const char *name) +{ + gss_buffer_desc gssbuf; @@ -683,7 +575,7 @@ Index: openssh-9.6p1/gss-genr.c + return(ctx->major); +} + -+OM_uint32 + OM_uint32 ssh_gssapi_sign(Gssctxt *ctx, gss_buffer_t buffer, gss_buffer_t hash) { + if (ctx == NULL) @@ -692,7 +584,7 @@ Index: openssh-9.6p1/gss-genr.c if ((ctx->major = gss_get_mic(&ctx->minor, ctx->context, GSS_C_QOP_DEFAULT, buffer, hash))) ssh_gssapi_error(ctx); -@@ -255,6 +470,19 @@ ssh_gssapi_sign(Gssctxt *ctx, gss_buffer +@@ -257,6 +471,19 @@ ssh_gssapi_sign(Gssctxt *ctx, gss_buffer_t buffer, gss_buffer_t hash) return (ctx->major); } @@ -712,7 +604,7 @@ Index: openssh-9.6p1/gss-genr.c void ssh_gssapi_buildmic(struct sshbuf *b, const char *user, const char *service, const char *context, const struct sshbuf *session_id) -@@ -271,11 +499,16 @@ ssh_gssapi_buildmic(struct sshbuf *b, co +@@ -273,11 +500,16 @@ ssh_gssapi_buildmic(struct sshbuf *b, const char *user, const char *service, } int @@ -729,8 +621,8 @@ Index: openssh-9.6p1/gss-genr.c + ctx = &intctx; /* RFC 4462 says we MUST NOT do SPNEGO */ - if (oid->length == spnego_oid.length && -@@ -285,6 +518,10 @@ ssh_gssapi_check_mechanism(Gssctxt **ctx + if (oid->length == spnego_oid.length && +@@ -500,6 +500,10 @@ ssh_gssapi_check_mechanism(Gssctxt **ctx, gss_OID oid, const char *host) ssh_gssapi_build_ctx(ctx); ssh_gssapi_set_oid(*ctx, oid); major = ssh_gssapi_import_name(*ctx, host); @@ -739,13 +631,13 @@ Index: openssh-9.6p1/gss-genr.c + major = ssh_gssapi_client_identity(*ctx, client); + if (!GSS_ERROR(major)) { - major = ssh_gssapi_init_ctx(*ctx, 0, GSS_C_NO_BUFFER, &token, + major = ssh_gssapi_init_ctx(*ctx, 0, GSS_C_NO_BUFFER, &token, NULL); -@@ -294,10 +531,66 @@ ssh_gssapi_check_mechanism(Gssctxt **ctx +@@ -527,10 +527,66 @@ ssh_gssapi_check_mechanism(Gssctxt **ctx GSS_C_NO_BUFFER); } -- if (GSS_ERROR(major)) +- if (GSS_ERROR(major)) + if (GSS_ERROR(major) || intctx != NULL) ssh_gssapi_delete_ctx(ctx); @@ -809,10 +701,10 @@ Index: openssh-9.6p1/gss-genr.c +} + #endif /* GSSAPI */ -Index: openssh-9.6p1/gss-serv-krb5.c -=================================================================== ---- openssh-9.6p1.orig/gss-serv-krb5.c -+++ openssh-9.6p1/gss-serv-krb5.c +diff --git a/gss-serv-krb5.c b/gss-serv-krb5.c +index a151bc1e..8d2b677f 100644 +--- a/gss-serv-krb5.c ++++ b/gss-serv-krb5.c @@ -1,7 +1,7 @@ /* $OpenBSD: gss-serv-krb5.c,v 1.9 2018/07/09 21:37:55 markus Exp $ */ @@ -822,7 +714,7 @@ Index: openssh-9.6p1/gss-serv-krb5.c * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions -@@ -120,7 +120,7 @@ ssh_gssapi_krb5_storecreds(ssh_gssapi_cl +@@ -120,7 +120,7 @@ ssh_gssapi_krb5_storecreds(ssh_gssapi_client *client) krb5_error_code problem; krb5_principal princ; OM_uint32 maj_status, min_status; @@ -831,7 +723,7 @@ Index: openssh-9.6p1/gss-serv-krb5.c const char *errmsg; if (client->creds == NULL) { -@@ -180,11 +180,26 @@ ssh_gssapi_krb5_storecreds(ssh_gssapi_cl +@@ -180,11 +180,26 @@ ssh_gssapi_krb5_storecreds(ssh_gssapi_client *client) return; } @@ -862,7 +754,7 @@ Index: openssh-9.6p1/gss-serv-krb5.c #ifdef USE_PAM if (options.use_pam) -@@ -193,9 +208,76 @@ ssh_gssapi_krb5_storecreds(ssh_gssapi_cl +@@ -193,9 +208,76 @@ ssh_gssapi_krb5_storecreds(ssh_gssapi_client *client) krb5_cc_close(krb_context, ccache); @@ -949,10 +841,10 @@ Index: openssh-9.6p1/gss-serv-krb5.c }; #endif /* KRB5 */ -Index: openssh-9.6p1/gss-serv.c -=================================================================== ---- openssh-9.6p1.orig/gss-serv.c -+++ openssh-9.6p1/gss-serv.c +diff --git a/gss-serv.c b/gss-serv.c +index ab3a15f0..6ce56e92 100644 +--- a/gss-serv.c ++++ b/gss-serv.c @@ -1,7 +1,7 @@ /* $OpenBSD: gss-serv.c,v 1.32 2020/03/13 03:17:07 djm Exp $ */ @@ -985,10 +877,11 @@ Index: openssh-9.6p1/gss-serv.c #ifdef KRB5 extern ssh_gssapi_mech gssapi_kerberos_mech; -@@ -141,6 +143,29 @@ ssh_gssapi_server_ctx(Gssctxt **ctx, gss +@@ -140,6 +142,29 @@ ssh_gssapi_server_ctx(Gssctxt **ctx, gss_OID oid) + return (ssh_gssapi_acquire_cred(*ctx)); } - /* Unprivileged */ ++/* Unprivileged */ +char * +ssh_gssapi_server_mechanisms(void) { + if (supported_oids == NULL) @@ -1005,17 +898,16 @@ Index: openssh-9.6p1/gss-serv.c + Gssctxt *ctx = NULL; + int res; + -+ res = !GSS_ERROR(PRIVSEP(ssh_gssapi_server_ctx(&ctx, oid))); ++ res = !GSS_ERROR(mm_ssh_gssapi_server_ctx(&ctx, oid)); + ssh_gssapi_delete_ctx(&ctx); + + return (res); +} + -+/* Unprivileged */ + /* Unprivileged */ void ssh_gssapi_supported_oids(gss_OID_set *oidset) - { -@@ -150,7 +175,9 @@ ssh_gssapi_supported_oids(gss_OID_set *o +@@ -150,7 +175,9 @@ ssh_gssapi_supported_oids(gss_OID_set *oidset) gss_OID_set supported; gss_create_empty_oid_set(&min_status, oidset); @@ -1048,7 +940,8 @@ Index: openssh-9.6p1/gss-serv.c + ssh_gssapi_error(ctx); + return (ctx->major); + } -+ + +- gss_buffer_desc ename; + ctx->major = gss_compare_name(&ctx->minor, client->name, + new_name, &equal); + @@ -1061,8 +954,7 @@ Index: openssh-9.6p1/gss-serv.c + debug("Rekeyed credentials have different name"); + return GSS_S_COMPLETE; + } - -- gss_buffer_desc ename; ++ + debug("Marking rekeyed credentials for export"); + + gss_release_name(&ctx->minor, &client->name); @@ -1076,7 +968,7 @@ Index: openssh-9.6p1/gss-serv.c client->mech = NULL; -@@ -292,6 +359,13 @@ ssh_gssapi_getclient(Gssctxt *ctx, ssh_g +@@ -292,6 +359,13 @@ ssh_gssapi_getclient(Gssctxt *ctx, ssh_gssapi_client *client) if (client->mech == NULL) return GSS_S_FAILURE; @@ -1090,7 +982,7 @@ Index: openssh-9.6p1/gss-serv.c if ((ctx->major = gss_display_name(&ctx->minor, ctx->client, &client->displayname, NULL))) { ssh_gssapi_error(ctx); -@@ -309,6 +383,8 @@ ssh_gssapi_getclient(Gssctxt *ctx, ssh_g +@@ -309,6 +383,8 @@ ssh_gssapi_getclient(Gssctxt *ctx, ssh_gssapi_client *client) return (ctx->major); } @@ -1099,7 +991,7 @@ Index: openssh-9.6p1/gss-serv.c /* We can't copy this structure, so we just move the pointer to it */ client->creds = ctx->client_creds; ctx->client_creds = GSS_C_NO_CREDENTIAL; -@@ -319,11 +395,20 @@ ssh_gssapi_getclient(Gssctxt *ctx, ssh_g +@@ -319,11 +395,20 @@ ssh_gssapi_getclient(Gssctxt *ctx, ssh_gssapi_client *client) void ssh_gssapi_cleanup_creds(void) { @@ -1113,10 +1005,10 @@ Index: openssh-9.6p1/gss-serv.c + + if (gssapi_client.store.data != NULL) { + if ((problem = krb5_cc_resolve(gssapi_client.store.data, gssapi_client.store.envval, &ccache))) { -+ debug("%s: krb5_cc_resolve(): %.100s", __func__, ++ debug_f("krb5_cc_resolve(): %.100s", + krb5_get_err_text(gssapi_client.store.data, problem)); + } else if ((problem = krb5_cc_destroy(gssapi_client.store.data, ccache))) { -+ debug("%s: krb5_cc_destroy(): %.100s", __func__, ++ debug_f("krb5_cc_destroy(): %.100s", + krb5_get_err_text(gssapi_client.store.data, problem)); + } else { + krb5_free_context(gssapi_client.store.data); @@ -1125,7 +1017,7 @@ Index: openssh-9.6p1/gss-serv.c } } -@@ -356,19 +441,23 @@ ssh_gssapi_do_child(char ***envp, u_int +@@ -356,19 +441,23 @@ ssh_gssapi_do_child(char ***envp, u_int *envsizep) /* Privileged */ int @@ -1152,7 +1044,7 @@ Index: openssh-9.6p1/gss-serv.c /* Destroy delegated credentials if userok fails */ gss_release_buffer(&lmin, &gssapi_client.displayname); gss_release_buffer(&lmin, &gssapi_client.exportedname); -@@ -382,14 +471,90 @@ ssh_gssapi_userok(char *user) +@@ -382,14 +471,85 @@ ssh_gssapi_userok(char *user) return (0); } @@ -1195,7 +1087,7 @@ Index: openssh-9.6p1/gss-serv.c + gssapi_client.store.envvar == NULL) + return; + -+ ok = PRIVSEP(ssh_gssapi_update_creds(&gssapi_client.store)); ++ ok = mm_ssh_gssapi_update_creds(&gssapi_client.store); + + if (!ok) + return; @@ -1207,11 +1099,6 @@ Index: openssh-9.6p1/gss-serv.c + * for rekeying. So, use our own :) + */ +#ifdef USE_PAM -+ if (!use_privsep) { -+ debug("Not even going to try and do PAM with privsep disabled"); -+ return; -+ } -+ + ret = pam_start("sshd-rekey", gssapi_client.store.owner->pw_name, + &pamconv, &pamh); + if (ret) @@ -1249,26 +1136,40 @@ Index: openssh-9.6p1/gss-serv.c } /* Privileged */ -Index: openssh-9.6p1/kex.c -=================================================================== ---- openssh-9.6p1.orig/kex.c -+++ openssh-9.6p1/kex.c -@@ -64,6 +64,10 @@ - #include "digest.h" - #include "xmalloc.h" +diff --git a/kex.c b/kex.c +index a5ae6ac0..fe714141 100644 +--- a/kex.c ++++ b/kex.c +@@ -698,6 +755,9 @@ kex_free(struct kex *kex) + sshbuf_free(kex->server_version); + sshbuf_free(kex->client_pub); + sshbuf_free(kex->session_id); ++#ifdef GSSAPI ++ free(kex->gss_host); ++#endif /* GSSAPI */ + sshbuf_free(kex->initial_sig); + sshkey_free(kex->initial_hostkey); + free(kex->failed_choice); +diff --git a/kex-names.c b/kex-names.c +index ce85f043..574c7609 100644 +--- a/kex-names.c ++++ b/kex-names.c +@@ -57,6 +57,10 @@ + + #include "fips.h" +#ifdef GSSAPI +#include "ssh-gss.h" +#endif + - #include "fips.h" - - /* prototype */ -@@ -121,6 +125,19 @@ static const struct kexalg kexalgs_all[] - #endif /* HAVE_EVP_SHA256 || !WITH_OPENSSL */ - { NULL, 0, -1, -1}, + struct kexalg { + char *name; + u_int type; +@@ -110,6 +113,30 @@ static const struct kexalg kexalgs[] = { + #endif /* WITH_OPENSSL */ + { NULL, -1, -1, -1}, }; -+static const struct kexalg gss_kexalgs[] = { ++static const struct kexalg gss_kexalgs_all[] = { +#ifdef GSSAPI + { KEX_GSS_GEX_SHA1_ID, KEX_GSS_GEX_SHA1, 0, SSH_DIGEST_SHA1 }, + { KEX_GSS_GRP1_SHA1_ID, KEX_GSS_GRP1_SHA1, 0, SSH_DIGEST_SHA1 }, @@ -1279,31 +1180,46 @@ Index: openssh-9.6p1/kex.c + NID_X9_62_prime256v1, SSH_DIGEST_SHA256 }, + { KEX_GSS_C25519_SHA256_ID, KEX_GSS_C25519_SHA256, 0, SSH_DIGEST_SHA256 }, +#endif -+ { NULL, 0, -1, -1 }, ++ { NULL, 0, -1, -1}, ++}; ++ ++static const struct kexalg gss_kexalgs_fips140_2[] = { ++#ifdef GSSAPI ++ { KEX_GSS_GRP14_SHA256_ID, KEX_GSS_GRP14_SHA256, 0, SSH_DIGEST_SHA256 }, ++ { KEX_GSS_GRP16_SHA512_ID, KEX_GSS_GRP16_SHA512, 0, SSH_DIGEST_SHA512 }, ++ { KEX_GSS_NISTP256_SHA256_ID, KEX_GSS_NISTP256_SHA256, ++ NID_X9_62_prime256v1, SSH_DIGEST_SHA256 }, ++ { KEX_GSS_C25519_SHA256_ID, KEX_GSS_C25519_SHA256, 0, SSH_DIGEST_SHA256 }, ++#endif ++ { NULL, 0, -1, -1}, +}; - - static const struct kexalg kexalgs_fips140_2[] = { - #ifdef WITH_OPENSSL -@@ -148,12 +165,12 @@ static const struct kexalg kexalgs_fips1 /* Returns array of macs available depending on selected FIPS mode */ static const struct kexalg * --fips_select_kexalgs(void) -+fips_select_kexalgs(const struct kexalg *algs) - { - int fips = fips_mode(); - switch (fips) { - case 0: -- return kexalgs_all; -+ return algs; - case 1: - return kexalgs_fips140_2; - default: -@@ -164,13 +181,13 @@ fips_select_kexalgs(void) +@@ -120,14 +140,31 @@ fips_select_kexalgs(void) + } } - char * ++/* Returns array of macs available depending on selected FIPS mode */ ++static const struct kexalg * ++fips_select_gss_kexalgs(void) ++{ ++ int fips = fips_mode(); ++ switch (fips) { ++ case 0: ++ return gss_kexalgs_all; ++ case 1: ++ return gss_kexalgs_fips140_2; ++ default: ++ /* should not be reached */ ++ fatal("Fatal error: incorrect FIPS mode '%i' at %s:%u", ++ fips, __FILE__, __LINE__); ++ } ++} ++ +-char * -kex_alg_list(char sep) ++static char * +kex_alg_list_internal(char sep, const struct kexalg *algs) { char *ret = NULL, *tmp; @@ -1311,47 +1227,45 @@ Index: openssh-9.6p1/kex.c const struct kexalg *k; - for (k = fips_select_kexalgs(); k->name != NULL; k++) { -+ for (k = fips_select_kexalgs(algs); k->name != NULL; k++) { ++ for (k = algs; k->name != NULL; k++) { if (ret != NULL) ret[rlen++] = sep; nlen = strlen(k->name); -@@ -185,15 +202,31 @@ kex_alg_list(char sep) +@@ -138,6 +156,18 @@ kex_alg_list(char sep) return ret; } +char * +kex_alg_list(char sep) +{ -+ return kex_alg_list_internal(sep, kexalgs_all); ++ return kex_alg_list_internal(sep, fips_select_kexalgs()); +} + +char * +kex_gss_alg_list(char sep) +{ -+ return kex_alg_list_internal(sep, gss_kexalgs); ++ return kex_alg_list_internal(sep, fips_select_gss_kexalgs()); +} + static const struct kexalg * kex_alg_by_name(const char *name) { - const struct kexalg *k; - -- for (k = fips_select_kexalgs(); k->name != NULL; k++) { -+ for (k = fips_select_kexalgs(kexalgs_all); k->name != NULL; k++) { +@@ -147,6 +177,10 @@ kex_alg_by_name(const char *name) if (strcmp(k->name, name) == 0) return k; } -+ for (k = gss_kexalgs; k->name != NULL; k++) { ++ for (k = gss_kexalgs_all; k->name != NULL; k++) { + if (strncmp(k->name, name, strlen(k->name)) == 0) + return k; + } return NULL; } -@@ -375,6 +408,29 @@ kex_assemble_names(char **listp, const c +@@ -315,3 +349,26 @@ kex_assemble_names(char **listp, const char *def, const char *all) + free(ret); return r; } - ++ +/* Validate GSS KEX method name list */ +int +kex_gss_names_valid(const char *names) @@ -1374,28 +1288,14 @@ Index: openssh-9.6p1/kex.c + free(s); + return 1; +} -+ - /* - * Fill out a proposal array with dynamically allocated values, which may - * be modified as required for compatibility reasons. -@@ -1010,6 +1066,9 @@ kex_free(struct kex *kex) - sshbuf_free(kex->session_id); - sshbuf_free(kex->initial_sig); - sshkey_free(kex->initial_hostkey); -+#ifdef GSSAPI -+ free(kex->gss_host); -+#endif /* GSSAPI */ - free(kex->failed_choice); - free(kex->hostkey_alg); - free(kex->name); -Index: openssh-9.6p1/kex.h -=================================================================== ---- openssh-9.6p1.orig/kex.h -+++ openssh-9.6p1/kex.h +diff --git a/kex.h b/kex.h +index a5ae6ac0..fe714141 100644 +--- a/kex.h ++++ b/kex.h @@ -102,6 +102,15 @@ enum kex_exchange { - KEX_ECDH_SHA2, KEX_C25519_SHA256, KEX_KEM_SNTRUP761X25519_SHA512, + KEX_KEM_MLKEM768X25519_SHA256, +#ifdef GSSAPI + KEX_GSS_GRP1_SHA1, + KEX_GSS_GRP14_SHA1, @@ -1408,7 +1308,7 @@ Index: openssh-9.6p1/kex.h KEX_MAX }; -@@ -164,6 +173,12 @@ struct kex { +@@ -153,6 +162,12 @@ struct kex { u_int flags; int hash_alg; int ec_nid; @@ -1421,22 +1321,22 @@ Index: openssh-9.6p1/kex.h char *failed_choice; int (*verify_host_key)(struct sshkey *, struct ssh *); struct sshkey *(*load_host_public_key)(int, int, struct ssh *); -@@ -185,8 +200,10 @@ struct kex { - +@@ -174,8 +189,10 @@ struct kex { + int kex_nid_from_name(const char *); int kex_names_valid(const char *); char *kex_alg_list(char); +char *kex_gss_alg_list(char); char *kex_names_cat(const char *, const char *); - int kex_assemble_names(char **, const char *, const char *); + int kex_has_any_alg(const char *, const char *); +int kex_gss_names_valid(const char *); + int kex_assemble_names(char **, const char *, const char *); void kex_proposal_populate_entries(struct ssh *, char *prop[PROPOSAL_MAX], const char *, const char *, const char *, const char *, const char *); - void kex_proposal_free_entries(char *prop[PROPOSAL_MAX]); -@@ -219,6 +236,12 @@ int kexgex_client(struct ssh *); +@@ -202,6 +219,12 @@ int kexgex_client(struct ssh *); int kexgex_server(struct ssh *); int kex_gen_client(struct ssh *); int kex_gen_server(struct ssh *); -+#ifdef GSSAPI ++#if defined(GSSAPI) && defined(WITH_OPENSSL) +int kexgssgex_client(struct ssh *); +int kexgssgex_server(struct ssh *); +int kexgss_client(struct ssh *); @@ -1445,7 +1345,7 @@ Index: openssh-9.6p1/kex.h int kex_dh_keypair(struct kex *); int kex_dh_enc(struct kex *, const struct sshbuf *, struct sshbuf **, -@@ -251,6 +274,12 @@ int kexgex_hash(int, const struct sshbu +@@ -234,6 +257,12 @@ int kexgex_hash(int, const struct sshbuf *, const struct sshbuf *, const BIGNUM *, const u_char *, size_t, u_char *, size_t *); @@ -1458,11 +1358,11 @@ Index: openssh-9.6p1/kex.h void kexc25519_keygen(u_char key[CURVE25519_SIZE], u_char pub[CURVE25519_SIZE]) __attribute__((__bounded__(__minbytes__, 1, CURVE25519_SIZE))) __attribute__((__bounded__(__minbytes__, 2, CURVE25519_SIZE))); -Index: openssh-9.6p1/kexdh.c -=================================================================== ---- openssh-9.6p1.orig/kexdh.c -+++ openssh-9.6p1/kexdh.c -@@ -49,13 +49,23 @@ kex_dh_keygen(struct kex *kex) +diff --git a/kexdh.c b/kexdh.c +index 67133e33..edaa4676 100644 +--- a/kexdh.c ++++ b/kexdh.c +@@ -48,13 +48,23 @@ kex_dh_keygen(struct kex *kex) { switch (kex->kex_type) { case KEX_DH_GRP1_SHA1: @@ -1486,10 +1386,10 @@ Index: openssh-9.6p1/kexdh.c kex->dh = dh_new_group16(); break; case KEX_DH_GRP18_SHA512: -Index: openssh-9.6p1/kexgen.c -=================================================================== ---- openssh-9.6p1.orig/kexgen.c -+++ openssh-9.6p1/kexgen.c +diff --git a/kexgen.c b/kexgen.c +index 69348b96..c0e8c2f4 100644 +--- a/kexgen.c ++++ b/kexgen.c @@ -44,7 +44,7 @@ static int input_kex_gen_init(int, u_int32_t, struct ssh *); static int input_kex_gen_reply(int type, u_int32_t seq, struct ssh *ssh); @@ -1499,11 +1399,12 @@ Index: openssh-9.6p1/kexgen.c kex_gen_hash( int hash_alg, const struct sshbuf *client_version, -Index: openssh-9.6p1/kexgssc.c -=================================================================== +diff --git a/kexgssc.c b/kexgssc.c +new file mode 100644 +index 00000000..f6e1405e --- /dev/null -+++ openssh-9.6p1/kexgssc.c -@@ -0,0 +1,595 @@ ++++ b/kexgssc.c +@@ -0,0 +1,612 @@ +/* + * Copyright (c) 2001-2009 Simon Wilkinson. All rights reserved. + * @@ -1565,7 +1466,7 @@ Index: openssh-9.6p1/kexgssc.c + struct sshbuf *server_blob = NULL; + struct sshbuf *shared_secret = NULL; + struct sshbuf *server_host_key_blob = NULL; -+ struct sshbuf *empty = sshbuf_new(); ++ struct sshbuf *empty = NULL; + u_char *msg; + int type = 0; + int first = 1; @@ -1602,10 +1503,12 @@ Index: openssh-9.6p1/kexgssc.c + r = kex_c25519_keypair(kex); + break; + default: -+ fatal("%s: Unexpected KEX type %d", __func__, kex->kex_type); ++ fatal_f("Unexpected KEX type %d", kex->kex_type); + } -+ if (r != 0) ++ if (r != 0) { ++ ssh_gssapi_delete_ctx(&ctxt); + return r; ++ } + + token_ptr = GSS_C_NO_BUFFER; + @@ -1668,11 +1571,16 @@ Index: openssh-9.6p1/kexgssc.c + do { + type = ssh_packet_read(ssh); + if (type == SSH2_MSG_KEXGSS_HOSTKEY) { ++ u_char *tmp = NULL; ++ size_t tmp_len = 0; ++ + debug("Received KEXGSS_HOSTKEY"); + if (server_host_key_blob) + fatal("Server host key received more than once"); -+ if ((r = sshpkt_getb_froms(ssh, &server_host_key_blob)) != 0) ++ if ((r = sshpkt_get_string(ssh, &tmp, &tmp_len)) != 0) + fatal("Failed to read server host key: %s", ssh_err(r)); ++ if ((server_host_key_blob = sshbuf_from(tmp, tmp_len)) == NULL) ++ fatal("sshbuf_from failed"); + } + } while (type == SSH2_MSG_KEXGSS_HOSTKEY); + @@ -1773,6 +1681,11 @@ Index: openssh-9.6p1/kexgssc.c + if (r != 0) + goto out; + ++ if ((empty = sshbuf_new()) == NULL) { ++ r = SSH_ERR_ALLOC_FAIL; ++ goto out; ++ } ++ + hashlen = sizeof(hash); + if ((r = kex_gen_hash( + kex->hash_alg, @@ -1785,7 +1698,7 @@ Index: openssh-9.6p1/kexgssc.c + server_blob, + shared_secret, + hash, &hashlen)) != 0) -+ fatal("%s: Unexpected KEX type %d", __func__, kex->kex_type); ++ fatal_f("Unexpected KEX type %d", kex->kex_type); + + gssbuf.value = hash; + gssbuf.length = hashlen; @@ -1842,7 +1755,7 @@ Index: openssh-9.6p1/kexgssc.c + size_t hashlen; + const BIGNUM *pub_key, *dh_p, *dh_g; + int nbits = 0, min = DH_GRP_MIN, max = DH_GRP_MAX; -+ struct sshbuf *empty = sshbuf_new(); ++ struct sshbuf *empty = NULL; + u_char c; + int r; + @@ -1954,11 +1867,16 @@ Index: openssh-9.6p1/kexgssc.c + do { + type = ssh_packet_read(ssh); + if (type == SSH2_MSG_KEXGSS_HOSTKEY) { ++ u_char *tmp = NULL; ++ size_t tmp_len = 0; ++ + debug("Received KEXGSS_HOSTKEY"); + if (server_host_key_blob) + fatal("Server host key received more than once"); -+ if ((r = sshpkt_getb_froms(ssh, &server_host_key_blob)) != 0) ++ if ((r = sshpkt_get_string(ssh, &tmp, &tmp_len)) != 0) + fatal("sshpkt failed: %s", ssh_err(r)); ++ if ((server_host_key_blob = sshbuf_from(tmp, tmp_len)) == NULL) ++ fatal("sshbuf_from failed"); + } + } while (type == SSH2_MSG_KEXGSS_HOSTKEY); + @@ -2034,6 +1952,7 @@ Index: openssh-9.6p1/kexgssc.c + (r = sshbuf_get_bignum2(buf, &dh_server_pub)) != 0) + goto out; + sshbuf_free(buf); ++ buf = NULL; + + if ((shared_secret = sshbuf_new()) == NULL) { + r = SSH_ERR_ALLOC_FAIL; @@ -2042,6 +1961,10 @@ Index: openssh-9.6p1/kexgssc.c + + if ((r = kex_dh_compute_key(kex, dh_server_pub, shared_secret)) != 0) + goto out; ++ if ((empty = sshbuf_new()) == NULL) { ++ r = SSH_ERR_ALLOC_FAIL; ++ goto out; ++ } + + DH_get0_pqg(kex->dh, &dh_p, NULL, &dh_g); + hashlen = sizeof(hash); @@ -2069,13 +1992,6 @@ Index: openssh-9.6p1/kexgssc.c + + gss_release_buffer(&min_status, &msg_tok); + -+ /* save session id */ -+ if (kex->session_id == NULL) { -+ kex->session_id = sshbuf_new (); -+ if ((r = sshbuf_put(kex->session_id, hash, hashlen)) != 0) -+ goto out; -+ } -+ + if (kex->gss_deleg_creds) + ssh_gssapi_credentials_updated(ctxt); + @@ -2088,6 +2004,7 @@ Index: openssh-9.6p1/kexgssc.c + if ((r = kex_derive_keys(ssh, hash, hashlen, shared_secret)) == 0) + r = kex_send_newkeys(ssh); +out: ++ sshbuf_free(buf); + sshbuf_free(server_blob); + sshbuf_free(empty); + explicit_bzero(hash, sizeof(hash)); @@ -2098,12 +2015,14 @@ Index: openssh-9.6p1/kexgssc.c + sshbuf_free(server_host_key_blob); + return r; +} ++ +#endif /* defined(GSSAPI) && defined(WITH_OPENSSL) */ -Index: openssh-9.6p1/kexgsss.c -=================================================================== +diff --git a/kexgsss.c b/kexgsss.c +new file mode 100644 +index 00000000..60bc02de --- /dev/null -+++ openssh-9.6p1/kexgsss.c -@@ -0,0 +1,474 @@ ++++ b/kexgsss.c +@@ -0,0 +1,482 @@ +/* + * Copyright (c) 2001-2009 Simon Wilkinson. All rights reserved. + * @@ -2170,7 +2089,7 @@ Index: openssh-9.6p1/kexgsss.c + */ + + OM_uint32 ret_flags = 0; -+ gss_buffer_desc gssbuf, recv_tok, msg_tok; ++ gss_buffer_desc gssbuf = {0, NULL}, recv_tok, msg_tok; + gss_buffer_desc send_tok = GSS_C_EMPTY_BUFFER; + Gssctxt *ctxt = NULL; + struct sshbuf *shared_secret = NULL; @@ -2195,14 +2114,14 @@ Index: openssh-9.6p1/kexgsss.c + free(mechs); + } + -+ debug2("%s: Identifying %s", __func__, kex->name); ++ debug2_f("Identifying %s", kex->name); + oid = ssh_gssapi_id_kex(NULL, kex->name, kex->kex_type); + if (oid == GSS_C_NO_OID) + fatal("Unknown gssapi mechanism"); + -+ debug2("%s: Acquiring credentials", __func__); ++ debug2_f("Acquiring credentials"); + -+ if (GSS_ERROR(PRIVSEP(ssh_gssapi_server_ctx(&ctxt, oid)))) ++ if (GSS_ERROR(mm_ssh_gssapi_server_ctx(&ctxt, oid))) + fatal("Unable to acquire credentials for the server"); + + do { @@ -2210,7 +2129,7 @@ Index: openssh-9.6p1/kexgsss.c + type = ssh_packet_read(ssh); + switch(type) { + case SSH2_MSG_KEXGSS_INIT: -+ if (client_pubkey != NULL) ++ if (gssbuf.value != NULL) + fatal("Received KEXGSS_INIT after initialising"); + if ((r = ssh_gssapi_sshpkt_get_buffer_desc(ssh, + &recv_tok)) != 0 || @@ -2235,12 +2154,37 @@ Index: openssh-9.6p1/kexgsss.c + &shared_secret); + break; + default: -+ fatal("%s: Unexpected KEX type %d", __func__, kex->kex_type); ++ fatal_f("Unexpected KEX type %d", kex->kex_type); + } + if (r != 0) + goto out; + + /* Send SSH_MSG_KEXGSS_HOSTKEY here, if we want */ ++ ++ /* Calculate the hash early so we can free the ++ * client_pubkey, which has reference to the parent ++ * buffer state->incoming_packet ++ */ ++ hashlen = sizeof(hash); ++ if ((r = kex_gen_hash( ++ kex->hash_alg, ++ kex->client_version, ++ kex->server_version, ++ kex->peer, ++ kex->my, ++ empty, ++ client_pubkey, ++ server_pubkey, ++ shared_secret, ++ hash, &hashlen)) != 0) ++ goto out; ++ ++ gssbuf.value = hash; ++ gssbuf.length = hashlen; ++ ++ sshbuf_free(client_pubkey); ++ client_pubkey = NULL; ++ + break; + case SSH2_MSG_KEXGSS_CONTINUE: + if ((r = ssh_gssapi_sshpkt_get_buffer_desc(ssh, @@ -2254,15 +2198,15 @@ Index: openssh-9.6p1/kexgsss.c + type); + } + -+ maj_status = PRIVSEP(ssh_gssapi_accept_ctx(ctxt, &recv_tok, -+ &send_tok, &ret_flags)); ++ maj_status = mm_ssh_gssapi_accept_ctx(ctxt, &recv_tok, ++ &send_tok, &ret_flags); + + gss_release_buffer(&min_status, &recv_tok); + + if (maj_status != GSS_S_COMPLETE && send_tok.length == 0) + fatal("Zero length token output when incomplete"); + -+ if (client_pubkey == NULL) ++ if (gssbuf.value == NULL) + fatal("No client public key"); + + if (maj_status & GSS_S_CONTINUE_NEEDED) { @@ -2291,24 +2235,7 @@ Index: openssh-9.6p1/kexgsss.c + if (!(ret_flags & GSS_C_INTEG_FLAG)) + fatal("Integrity flag wasn't set"); + -+ hashlen = sizeof(hash); -+ if ((r = kex_gen_hash( -+ kex->hash_alg, -+ kex->client_version, -+ kex->server_version, -+ kex->peer, -+ kex->my, -+ empty, -+ client_pubkey, -+ server_pubkey, -+ shared_secret, -+ hash, &hashlen)) != 0) -+ goto out; -+ -+ gssbuf.value = hash; -+ gssbuf.length = hashlen; -+ -+ if (GSS_ERROR(PRIVSEP(ssh_gssapi_sign(ctxt, &gssbuf, &msg_tok)))) ++ if (GSS_ERROR(mm_ssh_gssapi_sign(ctxt, &gssbuf, &msg_tok))) + fatal("Couldn't get MIC"); + + if ((r = sshpkt_start(ssh, SSH2_MSG_KEXGSS_COMPLETE)) != 0 || @@ -2391,14 +2318,14 @@ Index: openssh-9.6p1/kexgsss.c + if ((mechs = ssh_gssapi_server_mechanisms())) + free(mechs); + -+ debug2("%s: Identifying %s", __func__, kex->name); ++ debug2_f("Identifying %s", kex->name); + oid = ssh_gssapi_id_kex(NULL, kex->name, kex->kex_type); + if (oid == GSS_C_NO_OID) + fatal("Unknown gssapi mechanism"); + -+ debug2("%s: Acquiring credentials", __func__); ++ debug2_f("Acquiring credentials"); + -+ if (GSS_ERROR(PRIVSEP(ssh_gssapi_server_ctx(&ctxt, oid)))) ++ if (GSS_ERROR(mm_ssh_gssapi_server_ctx(&ctxt, oid))) + fatal("Unable to acquire credentials for the server"); + + /* 5. S generates an ephemeral key pair (do the allocations early) */ @@ -2420,7 +2347,7 @@ Index: openssh-9.6p1/kexgsss.c + if (max < min || nbits < min || max < nbits) + fatal("GSS_GEX, bad parameters: %d !< %d !< %d", + min, nbits, max); -+ kex->dh = PRIVSEP(choose_dh(min, nbits, max)); ++ kex->dh = mm_choose_dh(min, nbits, max); + if (kex->dh == NULL) { + sshpkt_disconnect(ssh, "Protocol error: no matching group found"); + fatal("Protocol error: no matching group found"); @@ -2467,8 +2394,8 @@ Index: openssh-9.6p1/kexgsss.c + type); + } + -+ maj_status = PRIVSEP(ssh_gssapi_accept_ctx(ctxt, &recv_tok, -+ &send_tok, &ret_flags)); ++ maj_status = mm_ssh_gssapi_accept_ctx(ctxt, &recv_tok, ++ &send_tok, &ret_flags); + + gss_release_buffer(&min_status, &recv_tok); + @@ -2533,7 +2460,7 @@ Index: openssh-9.6p1/kexgsss.c + gssbuf.value = hash; + gssbuf.length = hashlen; + -+ if (GSS_ERROR(PRIVSEP(ssh_gssapi_sign(ctxt, &gssbuf, &msg_tok)))) ++ if (GSS_ERROR(mm_ssh_gssapi_sign(ctxt, &gssbuf, &msg_tok))) + fatal("Couldn't get MIC"); + + if ((r = sshpkt_start(ssh, SSH2_MSG_KEXGSS_COMPLETE)) != 0 || @@ -2578,20 +2505,20 @@ Index: openssh-9.6p1/kexgsss.c + return r; +} +#endif /* defined(GSSAPI) && defined(WITH_OPENSSL) */ -Index: openssh-9.6p1/monitor.c -=================================================================== ---- openssh-9.6p1.orig/monitor.c -+++ openssh-9.6p1/monitor.c -@@ -142,6 +142,8 @@ int mm_answer_gss_setup_ctx(struct ssh * +diff --git a/monitor.c b/monitor.c +index 2ce89fe9..ebf76c7f 100644 +--- a/monitor.c ++++ b/monitor.c +@@ -148,6 +148,8 @@ int mm_answer_gss_setup_ctx(struct ssh *, int, struct sshbuf *); int mm_answer_gss_accept_ctx(struct ssh *, int, struct sshbuf *); int mm_answer_gss_userok(struct ssh *, int, struct sshbuf *); int mm_answer_gss_checkmic(struct ssh *, int, struct sshbuf *); -+int mm_answer_gss_sign(struct ssh*, int, struct sshbuf *); -+int mm_answer_gss_updatecreds(struct ssh*, int, struct sshbuf *); ++int mm_answer_gss_sign(struct ssh *, int, struct sshbuf *); ++int mm_answer_gss_updatecreds(struct ssh *, int, struct sshbuf *); #endif #ifdef SSH_AUDIT_EVENTS -@@ -214,11 +216,18 @@ struct mon_table mon_dispatch_proto20[] +@@ -220,11 +222,18 @@ struct mon_table mon_dispatch_proto20[] = { {MONITOR_REQ_GSSSTEP, 0, mm_answer_gss_accept_ctx}, {MONITOR_REQ_GSSUSEROK, MON_ONCE|MON_AUTHDECIDE, mm_answer_gss_userok}, {MONITOR_REQ_GSSCHECKMIC, MON_ONCE, mm_answer_gss_checkmic}, @@ -2610,7 +2537,7 @@ Index: openssh-9.6p1/monitor.c #ifdef WITH_OPENSSL {MONITOR_REQ_MODULI, 0, mm_answer_moduli}, #endif -@@ -287,6 +296,10 @@ monitor_child_preauth(struct ssh *ssh, s +@@ -293,6 +302,10 @@ monitor_child_preauth(struct ssh *ssh, struct monitor *pmonitor) /* Permit requests for moduli and signatures */ monitor_permit(mon_dispatch, MONITOR_REQ_MODULI, 1); monitor_permit(mon_dispatch, MONITOR_REQ_SIGN, 1); @@ -2621,7 +2548,24 @@ Index: openssh-9.6p1/monitor.c /* The first few requests do not require asynchronous access */ while (!authenticated) { -@@ -403,6 +416,10 @@ monitor_child_postauth(struct ssh *ssh, +@@ -376,8 +376,15 @@ monitor_child_preauth(struct ssh *ssh, s + if (ent->flags & (MON_AUTHDECIDE|MON_ALOG)) { + auth_log(ssh, authenticated, partial, + auth_method, auth_submethod); +- if (!partial && !authenticated) ++ if (!partial && !authenticated) { ++#ifdef GSSAPI ++ /* If gssapi-with-mic failed, MONITOR_REQ_GSSCHECKMIC is disabled. ++ * We have to reenable it to try again for gssapi-keyex */ ++ if (strcmp(auth_method, "gssapi-with-mic") == 0 && options.gss_keyex) ++ monitor_permit(mon_dispatch, MONITOR_REQ_GSSCHECKMIC, 1); ++#endif + authctxt->failures++; ++ } + if (authenticated || partial) { + auth2_update_session_info(authctxt, + auth_method, auth_submethod); +@@ -406,6 +419,10 @@ monitor_child_postauth(struct ssh *ssh, struct monitor *pmonitor) monitor_permit(mon_dispatch, MONITOR_REQ_MODULI, 1); monitor_permit(mon_dispatch, MONITOR_REQ_SIGN, 1); monitor_permit(mon_dispatch, MONITOR_REQ_TERM, 1); @@ -2632,25 +2576,25 @@ Index: openssh-9.6p1/monitor.c if (auth_opts->permit_pty_flag) { monitor_permit(mon_dispatch, MONITOR_REQ_PTY, 1); -@@ -1745,6 +1762,17 @@ monitor_apply_keystate(struct ssh *ssh, +@@ -1713,6 +1730,17 @@ monitor_apply_keystate(struct ssh *ssh, struct monitor *pmonitor) # ifdef OPENSSL_HAS_ECC kex->kex[KEX_ECDH_SHA2] = kex_gen_server; # endif +# ifdef GSSAPI -+ if (options.gss_keyex) { -+ kex->kex[KEX_GSS_GRP1_SHA1] = kexgss_server; -+ kex->kex[KEX_GSS_GRP14_SHA1] = kexgss_server; -+ kex->kex[KEX_GSS_GRP14_SHA256] = kexgss_server; -+ kex->kex[KEX_GSS_GRP16_SHA512] = kexgss_server; -+ kex->kex[KEX_GSS_GEX_SHA1] = kexgssgex_server; -+ kex->kex[KEX_GSS_NISTP256_SHA256] = kexgss_server; -+ kex->kex[KEX_GSS_C25519_SHA256] = kexgss_server; -+ } ++ if (options.gss_keyex) { ++ kex->kex[KEX_GSS_GRP1_SHA1] = kexgss_server; ++ kex->kex[KEX_GSS_GRP14_SHA1] = kexgss_server; ++ kex->kex[KEX_GSS_GRP14_SHA256] = kexgss_server; ++ kex->kex[KEX_GSS_GRP16_SHA512] = kexgss_server; ++ kex->kex[KEX_GSS_GEX_SHA1] = kexgssgex_server; ++ kex->kex[KEX_GSS_NISTP256_SHA256] = kexgss_server; ++ kex->kex[KEX_GSS_C25519_SHA256] = kexgss_server; ++ } +# endif #endif /* WITH_OPENSSL */ kex->kex[KEX_C25519_SHA256] = kex_gen_server; kex->kex[KEX_KEM_SNTRUP761X25519_SHA512] = kex_gen_server; -@@ -1837,8 +1865,8 @@ mm_answer_gss_setup_ctx(struct ssh *ssh, +@@ -1806,8 +1834,8 @@ mm_answer_gss_setup_ctx(struct ssh *ssh, int sock, struct sshbuf *m) u_char *p; int r; @@ -2661,7 +2605,7 @@ Index: openssh-9.6p1/monitor.c if ((r = sshbuf_get_string(m, &p, &len)) != 0) fatal_fr(r, "parse"); -@@ -1870,8 +1898,8 @@ mm_answer_gss_accept_ctx(struct ssh *ssh +@@ -1839,8 +1867,8 @@ mm_answer_gss_accept_ctx(struct ssh *ssh, int sock, struct sshbuf *m) OM_uint32 flags = 0; /* GSI needs this */ int r; @@ -2672,7 +2616,7 @@ Index: openssh-9.6p1/monitor.c if ((r = ssh_gssapi_get_buffer_desc(m, &in)) != 0) fatal_fr(r, "ssh_gssapi_get_buffer_desc"); -@@ -1891,6 +1919,7 @@ mm_answer_gss_accept_ctx(struct ssh *ssh +@@ -1860,6 +1888,7 @@ mm_answer_gss_accept_ctx(struct ssh *ssh, int sock, struct sshbuf *m) monitor_permit(mon_dispatch, MONITOR_REQ_GSSSTEP, 0); monitor_permit(mon_dispatch, MONITOR_REQ_GSSUSEROK, 1); monitor_permit(mon_dispatch, MONITOR_REQ_GSSCHECKMIC, 1); @@ -2680,7 +2624,7 @@ Index: openssh-9.6p1/monitor.c } return (0); } -@@ -1902,8 +1931,8 @@ mm_answer_gss_checkmic(struct ssh *ssh, +@@ -1871,8 +1900,8 @@ mm_answer_gss_checkmic(struct ssh *ssh, int sock, struct sshbuf *m) OM_uint32 ret; int r; @@ -2691,7 +2635,7 @@ Index: openssh-9.6p1/monitor.c if ((r = ssh_gssapi_get_buffer_desc(m, &gssbuf)) != 0 || (r = ssh_gssapi_get_buffer_desc(m, &mic)) != 0) -@@ -1929,13 +1958,17 @@ mm_answer_gss_checkmic(struct ssh *ssh, +@@ -1898,13 +1927,17 @@ mm_answer_gss_checkmic(struct ssh *ssh, int sock, struct sshbuf *m) int mm_answer_gss_userok(struct ssh *ssh, int sock, struct sshbuf *m) { @@ -2706,14 +2650,14 @@ Index: openssh-9.6p1/monitor.c - authenticated = authctxt->valid && ssh_gssapi_userok(authctxt->user); + if ((r = sshbuf_get_u32(m, &kex)) != 0) -+ fatal("%s: buffer error: %s", __func__, ssh_err(r)); ++ fatal_fr(r, "buffer error"); + + authenticated = authctxt->valid && + ssh_gssapi_userok(authctxt->user, authctxt->pw, kex); sshbuf_reset(m); if ((r = sshbuf_put_u32(m, authenticated)) != 0) -@@ -1944,7 +1977,11 @@ mm_answer_gss_userok(struct ssh *ssh, in +@@ -1913,7 +1946,11 @@ mm_answer_gss_userok(struct ssh *ssh, int sock, struct sshbuf *m) debug3_f("sending result %d", authenticated); mm_request_send(sock, MONITOR_ANS_GSSUSEROK, m); @@ -2726,7 +2670,7 @@ Index: openssh-9.6p1/monitor.c if ((displayname = ssh_gssapi_displayname()) != NULL) auth2_record_info(authctxt, "%s", displayname); -@@ -1952,5 +1989,85 @@ mm_answer_gss_userok(struct ssh *ssh, in +@@ -1921,5 +1958,84 @@ mm_answer_gss_userok(struct ssh *ssh, int sock, struct sshbuf *m) /* Monitor loop will terminate if authenticated */ return (authenticated); } @@ -2742,16 +2686,15 @@ Index: openssh-9.6p1/monitor.c + int r; + + if (!options.gss_authentication && !options.gss_keyex) -+ fatal("%s: GSSAPI not enabled", __func__); ++ fatal_f("GSSAPI not enabled"); + + if ((r = sshbuf_get_string(m, &p, &len)) != 0) -+ fatal("%s: buffer error: %s", __func__, ssh_err(r)); ++ fatal_fr(r, "buffer error"); + data.value = p; + data.length = len; + /* Lengths of SHA-1, SHA-256 and SHA-512 hashes that are used */ + if (data.length != 20 && data.length != 32 && data.length != 64) -+ fatal("%s: data length incorrect: %d", __func__, -+ (int) data.length); ++ fatal_f("data length incorrect: %d", (int) data.length); + + /* Save the session ID on the first time around */ + if (session_id2_len == 0) { @@ -2767,7 +2710,7 @@ Index: openssh-9.6p1/monitor.c + + if ((r = sshbuf_put_u32(m, major)) != 0 || + (r = sshbuf_put_string(m, hash.value, hash.length)) != 0) -+ fatal("%s: buffer error: %s", __func__, ssh_err(r)); ++ fatal_fr(r, "buffer error"); + + mm_request_send(socket, MONITOR_ANS_GSSSIGN, m); + @@ -2788,12 +2731,12 @@ Index: openssh-9.6p1/monitor.c + int r, ok; + + if (!options.gss_authentication && !options.gss_keyex) -+ fatal("%s: GSSAPI not enabled", __func__); ++ fatal_f("GSSAPI not enabled"); + + if ((r = sshbuf_get_string(m, (u_char **)&store.filename, NULL)) != 0 || + (r = sshbuf_get_string(m, (u_char **)&store.envvar, NULL)) != 0 || + (r = sshbuf_get_string(m, (u_char **)&store.envval, NULL)) != 0) -+ fatal("%s: buffer error: %s", __func__, ssh_err(r)); ++ fatal_fr(r, "buffer error"); + + ok = ssh_gssapi_update_creds(&store); + @@ -2803,7 +2746,7 @@ Index: openssh-9.6p1/monitor.c + + sshbuf_reset(m); + if ((r = sshbuf_put_u32(m, ok)) != 0) -+ fatal("%s: buffer error: %s", __func__, ssh_err(r)); ++ fatal_fr(r, "buffer error"); + + mm_request_send(socket, MONITOR_ANS_GSSUPCREDS, m); + @@ -2812,10 +2755,10 @@ Index: openssh-9.6p1/monitor.c + #endif /* GSSAPI */ -Index: openssh-9.6p1/monitor.h -=================================================================== ---- openssh-9.6p1.orig/monitor.h -+++ openssh-9.6p1/monitor.h +diff --git a/monitor.h b/monitor.h +index 683e5e07..2b1a2d59 100644 +--- a/monitor.h ++++ b/monitor.h @@ -63,6 +63,8 @@ enum monitor_reqtype { MONITOR_REQ_PAM_FREE_CTX = 110, MONITOR_ANS_PAM_FREE_CTX = 111, MONITOR_REQ_AUDIT_EVENT = 112, MONITOR_REQ_AUDIT_COMMAND = 113, @@ -2825,11 +2768,11 @@ Index: openssh-9.6p1/monitor.h }; struct ssh; -Index: openssh-9.6p1/monitor_wrap.c -=================================================================== ---- openssh-9.6p1.orig/monitor_wrap.c -+++ openssh-9.6p1/monitor_wrap.c -@@ -998,13 +998,15 @@ mm_ssh_gssapi_checkmic(Gssctxt *ctx, gss +diff --git a/monitor_wrap.c b/monitor_wrap.c +index 001a8fa1..6edb509a 100644 +--- a/monitor_wrap.c ++++ b/monitor_wrap.c +@@ -993,13 +993,15 @@ mm_ssh_gssapi_checkmic(Gssctxt *ctx, gss_buffer_t gssbuf, gss_buffer_t gssmic) } int @@ -2842,11 +2785,11 @@ Index: openssh-9.6p1/monitor_wrap.c if ((m = sshbuf_new()) == NULL) fatal_f("sshbuf_new failed"); + if ((r = sshbuf_put_u32(m, kex)) != 0) -+ fatal("%s: buffer error: %s", __func__, ssh_err(r)); ++ fatal_fr(r, "buffer error"); mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_GSSUSEROK, m); mm_request_receive_expect(pmonitor->m_recvfd, -@@ -1017,4 +1019,57 @@ mm_ssh_gssapi_userok(char *user) +@@ -1012,6 +1014,59 @@ mm_ssh_gssapi_userok(char *user) debug3_f("user %sauthenticated", authenticated ? "" : "not "); return (authenticated); } @@ -2859,16 +2802,16 @@ Index: openssh-9.6p1/monitor_wrap.c + int r; + + if ((m = sshbuf_new()) == NULL) -+ fatal("%s: sshbuf_new failed", __func__); ++ fatal_f("sshbuf_new failed"); + if ((r = sshbuf_put_string(m, data->value, data->length)) != 0) -+ fatal("%s: buffer error: %s", __func__, ssh_err(r)); ++ fatal_fr(r, "buffer error"); + + mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_GSSSIGN, m); + mm_request_receive_expect(pmonitor->m_recvfd, MONITOR_ANS_GSSSIGN, m); + + if ((r = sshbuf_get_u32(m, &major)) != 0 || + (r = ssh_gssapi_get_buffer_desc(m, hash)) != 0) -+ fatal("%s: buffer error: %s", __func__, ssh_err(r)); ++ fatal_fr(r, "buffer error"); + + sshbuf_free(m); + @@ -2882,7 +2825,7 @@ Index: openssh-9.6p1/monitor_wrap.c + int r, ok; + + if ((m = sshbuf_new()) == NULL) -+ fatal("%s: sshbuf_new failed", __func__); ++ fatal_f("sshbuf_new failed"); + + if ((r = sshbuf_put_cstring(m, + store->filename ? store->filename : "")) != 0 || @@ -2890,13 +2833,13 @@ Index: openssh-9.6p1/monitor_wrap.c + store->envvar ? store->envvar : "")) != 0 || + (r = sshbuf_put_cstring(m, + store->envval ? store->envval : "")) != 0) -+ fatal("%s: buffer error: %s", __func__, ssh_err(r)); ++ fatal_fr(r, "buffer error"); + + mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_GSSUPCREDS, m); + mm_request_receive_expect(pmonitor->m_recvfd, MONITOR_ANS_GSSUPCREDS, m); + + if ((r = sshbuf_get_u32(m, &ok)) != 0) -+ fatal("%s: buffer error: %s", __func__, ssh_err(r)); ++ fatal_fr(r, "buffer error"); + + sshbuf_free(m); + @@ -2904,11 +2847,13 @@ Index: openssh-9.6p1/monitor_wrap.c +} + #endif /* GSSAPI */ -Index: openssh-9.6p1/monitor_wrap.h -=================================================================== ---- openssh-9.6p1.orig/monitor_wrap.h -+++ openssh-9.6p1/monitor_wrap.h -@@ -65,8 +65,10 @@ int mm_sshkey_verify(const struct sshkey + + /* +diff --git a/monitor_wrap.h b/monitor_wrap.h +index 23ab096a..485590c1 100644 +--- a/monitor_wrap.h ++++ b/monitor_wrap.h +@@ -64,8 +64,10 @@ int mm_sshkey_verify(const struct sshkey *, const u_char *, size_t, OM_uint32 mm_ssh_gssapi_server_ctx(Gssctxt **, gss_OID); OM_uint32 mm_ssh_gssapi_accept_ctx(Gssctxt *, gss_buffer_desc *, gss_buffer_desc *, OM_uint32 *); @@ -2920,11 +2865,10 @@ Index: openssh-9.6p1/monitor_wrap.h #endif #ifdef USE_PAM -Index: openssh-9.6p1/readconf.c -=================================================================== ---- openssh-9.6p1.orig/readconf.c -+++ openssh-9.6p1/readconf.c -@@ -70,6 +70,7 @@ +diff -up a/readconf.c.gsskex b/readconf.c +--- a/readconf.c.gsskex 2021-08-20 06:03:49.000000000 +0200 ++++ b/readconf.c 2021-08-27 12:25:42.556421509 +0200 +@@ -67,6 +67,7 @@ #include "uidswap.h" #include "myproposal.h" #include "digest.h" @@ -2932,7 +2876,7 @@ Index: openssh-9.6p1/readconf.c #include "fips.h" -@@ -166,6 +167,8 @@ typedef enum { +@@ -161,6 +162,8 @@ typedef enum { oClearAllForwardings, oNoHostAuthenticationForLocalhost, oEnableSSHKeysign, oRekeyLimit, oVerifyHostKeyDNS, oConnectTimeout, oAddressFamily, oGssAuthentication, oGssDelegateCreds, @@ -2941,7 +2885,7 @@ Index: openssh-9.6p1/readconf.c oServerAliveInterval, oServerAliveCountMax, oIdentitiesOnly, oSendEnv, oSetEnv, oControlPath, oControlMaster, oControlPersist, oHashKnownHosts, -@@ -212,10 +215,22 @@ static struct { +@@ -206,10 +209,22 @@ static struct { /* Sometimes-unsupported options */ #if defined(GSSAPI) { "gssapiauthentication", oGssAuthentication }, @@ -2964,7 +2908,7 @@ Index: openssh-9.6p1/readconf.c #endif #ifdef ENABLE_PKCS11 { "pkcs11provider", oPKCS11Provider }, -@@ -1212,10 +1227,42 @@ parse_time: +@@ -1113,10 +1128,42 @@ parse_time: intptr = &options->gss_authentication; goto parse_flag; @@ -3007,7 +2951,7 @@ Index: openssh-9.6p1/readconf.c case oBatchMode: intptr = &options->batch_mode; goto parse_flag; -@@ -2524,7 +2571,13 @@ initialize_options(Options * options) +@@ -2306,7 +2353,13 @@ initialize_options(Options * options) options->fwd_opts.streamlocal_bind_unlink = -1; options->pubkey_authentication = -1; options->gss_authentication = -1; @@ -3021,7 +2965,7 @@ Index: openssh-9.6p1/readconf.c options->password_authentication = -1; options->kbd_interactive_authentication = -1; options->kbd_interactive_devices = NULL; -@@ -2687,8 +2740,18 @@ fill_default_options(Options * options) +@@ -2463,8 +2516,18 @@ fill_default_options(Options * options) options->pubkey_authentication = SSH_PUBKEY_AUTH_ALL; if (options->gss_authentication == -1) options->gss_authentication = 0; @@ -3040,7 +2984,7 @@ Index: openssh-9.6p1/readconf.c if (options->password_authentication == -1) options->password_authentication = 1; if (options->kbd_interactive_authentication == -1) -@@ -3518,7 +3581,14 @@ dump_client_config(Options *o, const cha +@@ -3246,7 +3309,14 @@ dump_client_config(Options *o, const cha dump_cfg_fmtint(oGatewayPorts, o->fwd_opts.gateway_ports); #ifdef GSSAPI dump_cfg_fmtint(oGssAuthentication, o->gss_authentication); @@ -3055,11 +2999,10 @@ Index: openssh-9.6p1/readconf.c #endif /* GSSAPI */ dump_cfg_fmtint(oHashKnownHosts, o->hash_known_hosts); dump_cfg_fmtint(oHostbasedAuthentication, o->hostbased_authentication); -Index: openssh-9.6p1/readconf.h -=================================================================== ---- openssh-9.6p1.orig/readconf.h -+++ openssh-9.6p1/readconf.h -@@ -40,7 +40,13 @@ typedef struct { +diff -up a/readconf.h.gsskex b/readconf.h +--- a/readconf.h.gsskex 2021-08-27 12:05:29.248142431 +0200 ++++ b/readconf.h 2021-08-27 12:22:19.270679852 +0200 +@@ -39,7 +39,13 @@ typedef struct { int pubkey_authentication; /* Try ssh2 pubkey authentication. */ int hostbased_authentication; /* ssh2's rhosts_rsa */ int gss_authentication; /* Try GSS authentication */ @@ -3073,18 +3016,17 @@ Index: openssh-9.6p1/readconf.h int password_authentication; /* Try password * authentication. */ int kbd_interactive_authentication; /* Try keyboard-interactive auth. */ -Index: openssh-9.6p1/servconf.c -=================================================================== ---- openssh-9.6p1.orig/servconf.c -+++ openssh-9.6p1/servconf.c -@@ -68,6 +68,7 @@ +diff -up a/servconf.c.gsskex b/servconf.c +--- a/servconf.c.gsskex 2021-08-20 06:03:49.000000000 +0200 ++++ b/servconf.c 2021-08-27 12:28:15.887735189 +0200 +@@ -70,6 +70,7 @@ #include "auth.h" #include "myproposal.h" #include "digest.h" +#include "ssh-gss.h" #include "fips.h" - static void add_listen_addr(ServerOptions *, const char *, + #if !defined(SSHD_PAM_SERVICE) @@ -136,8 +137,11 @@ initialize_server_options(ServerOptions options->kerberos_ticket_cleanup = -1; options->kerberos_get_afs_token = -1; @@ -3097,7 +3039,7 @@ Index: openssh-9.6p1/servconf.c options->password_authentication = -1; options->kbd_interactive_authentication = -1; options->permit_empty_passwd = -1; -@@ -381,10 +385,18 @@ fill_default_server_options(ServerOption +@@ -356,10 +360,18 @@ fill_default_server_options(ServerOption options->kerberos_get_afs_token = 0; if (options->gss_authentication == -1) options->gss_authentication = 0; @@ -3116,15 +3058,15 @@ Index: openssh-9.6p1/servconf.c if (options->password_authentication == -1) options->password_authentication = 1; if (options->kbd_interactive_authentication == -1) -@@ -543,6 +555,7 @@ typedef enum { - sHostKeyAlgorithms, sPerSourceMaxStartups, sPerSourceNetBlockSize, +@@ -506,6 +518,7 @@ typedef enum { + sPerSourcePenalties, sPerSourcePenaltyExemptList, sClientAliveInterval, sClientAliveCountMax, sAuthorizedKeysFile, sGssAuthentication, sGssCleanupCreds, sGssStrictAcceptor, + sGssKeyEx, sGssKexAlgorithms, sGssStoreRekey, sAcceptEnv, sSetEnv, sPermitTunnel, sMatch, sPermitOpen, sPermitListen, sForceCommand, sChrootDirectory, sUsePrivilegeSeparation, sAllowAgentForwarding, -@@ -627,12 +640,22 @@ static struct { +@@ -587,12 +600,22 @@ static struct { #ifdef GSSAPI { "gssapiauthentication", sGssAuthentication, SSHCFG_ALL }, { "gssapicleanupcredentials", sGssCleanupCreds, SSHCFG_GLOBAL }, @@ -3147,7 +3089,7 @@ Index: openssh-9.6p1/servconf.c { "passwordauthentication", sPasswordAuthentication, SSHCFG_ALL }, { "kbdinteractiveauthentication", sKbdInteractiveAuthentication, SSHCFG_ALL }, { "challengeresponseauthentication", sKbdInteractiveAuthentication, SSHCFG_ALL }, /* alias */ -@@ -1646,6 +1669,10 @@ process_server_config_line_depth(ServerO +@@ -1576,6 +1599,10 @@ process_server_config_line_depth(ServerO intptr = &options->gss_authentication; goto parse_flag; @@ -3158,7 +3100,7 @@ Index: openssh-9.6p1/servconf.c case sGssCleanupCreds: intptr = &options->gss_cleanup_creds; goto parse_flag; -@@ -1654,6 +1681,22 @@ process_server_config_line_depth(ServerO +@@ -1584,6 +1611,22 @@ process_server_config_line_depth(ServerO intptr = &options->gss_strict_acceptor; goto parse_flag; @@ -3181,7 +3123,7 @@ Index: openssh-9.6p1/servconf.c case sPasswordAuthentication: intptr = &options->password_authentication; goto parse_flag; -@@ -3088,6 +3131,10 @@ dump_config(ServerOptions *o) +@@ -2892,6 +2935,10 @@ dump_config(ServerOptions *o) #ifdef GSSAPI dump_cfg_fmtint(sGssAuthentication, o->gss_authentication); dump_cfg_fmtint(sGssCleanupCreds, o->gss_cleanup_creds); @@ -3192,11 +3134,11 @@ Index: openssh-9.6p1/servconf.c #endif dump_cfg_fmtint(sPasswordAuthentication, o->password_authentication); dump_cfg_fmtint(sKbdInteractiveAuthentication, -Index: openssh-9.6p1/servconf.h -=================================================================== ---- openssh-9.6p1.orig/servconf.h -+++ openssh-9.6p1/servconf.h -@@ -139,8 +139,11 @@ typedef struct { +diff --git a/servconf.h b/servconf.h +index 4202a2d0..3f47ea25 100644 +--- a/servconf.h ++++ b/servconf.h +@@ -132,8 +132,11 @@ typedef struct { int kerberos_get_afs_token; /* If true, try to get AFS token if * authenticated with Kerberos. */ int gss_authentication; /* If true, permit GSSAPI authentication */ @@ -3208,11 +3150,11 @@ Index: openssh-9.6p1/servconf.h int password_authentication; /* If true, permit password * authentication. */ int kbd_interactive_authentication; /* If true, permit */ -Index: openssh-9.6p1/session.c -=================================================================== ---- openssh-9.6p1.orig/session.c -+++ openssh-9.6p1/session.c -@@ -2726,13 +2726,19 @@ do_cleanup(struct ssh *ssh, Authctxt *au +diff --git a/session.c b/session.c +index 8c0e54f7..06a33442 100644 +--- a/session.c ++++ b/session.c +@@ -2678,13 +2678,19 @@ do_cleanup(struct ssh *ssh, Authctxt *authctxt) #ifdef KRB5 if (options.kerberos_ticket_cleanup && @@ -3234,19 +3176,11 @@ Index: openssh-9.6p1/session.c #endif /* remove agent socket */ -Index: openssh-9.6p1/ssh-gss.h -=================================================================== ---- openssh-9.6p1.orig/ssh-gss.h -+++ openssh-9.6p1/ssh-gss.h -@@ -1,6 +1,6 @@ - /* $OpenBSD: ssh-gss.h,v 1.15 2021/01/27 10:05:28 djm Exp $ */ - /* -- * Copyright (c) 2001-2003 Simon Wilkinson. All rights reserved. -+ * Copyright (c) 2001-2009 Simon Wilkinson. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions -@@ -61,10 +61,30 @@ +diff --git a/ssh-gss.h b/ssh-gss.h +index 36180d07..70dd3665 100644 +--- a/ssh-gss.h ++++ b/ssh-gss.h +@@ -61,10 +61,34 @@ #define SSH_GSS_OIDTYPE 0x06 @@ -3266,8 +3200,12 @@ Index: openssh-9.6p1/ssh-gss.h +#define KEX_GSS_C25519_SHA256_ID "gss-curve25519-sha256-" + +#define GSS_KEX_DEFAULT_KEX \ -+ KEX_GSS_GEX_SHA1_ID "," \ -+ KEX_GSS_GRP14_SHA1_ID ++ KEX_GSS_GRP14_SHA256_ID "," \ ++ KEX_GSS_GRP16_SHA512_ID "," \ ++ KEX_GSS_NISTP256_SHA256_ID "," \ ++ KEX_GSS_C25519_SHA256_ID "," \ ++ KEX_GSS_GRP14_SHA1_ID "," \ ++ KEX_GSS_GEX_SHA1_ID + typedef struct { char *filename; @@ -3310,7 +3248,7 @@ Index: openssh-9.6p1/ssh-gss.h int ssh_gssapi_check_oid(Gssctxt *, void *, size_t); void ssh_gssapi_set_oid_data(Gssctxt *, void *, size_t); -@@ -109,6 +134,7 @@ OM_uint32 ssh_gssapi_test_oid_supported( +@@ -109,6 +134,7 @@ OM_uint32 ssh_gssapi_test_oid_supported(OM_uint32 *, gss_OID, int *); struct sshbuf; int ssh_gssapi_get_buffer_desc(struct sshbuf *, gss_buffer_desc *); @@ -3338,7 +3276,7 @@ Index: openssh-9.6p1/ssh-gss.h + const char *); OM_uint32 ssh_gssapi_server_ctx(Gssctxt **, gss_OID); -int ssh_gssapi_userok(char *name); -+int ssh_gssapi_userok(char *, struct passwd *, int kex); ++int ssh_gssapi_userok(char *name, struct passwd *, int kex); OM_uint32 ssh_gssapi_checkmic(Gssctxt *, gss_buffer_t, gss_buffer_t); void ssh_gssapi_do_child(char ***, u_int *); void ssh_gssapi_cleanup_creds(void); @@ -3354,11 +3292,11 @@ Index: openssh-9.6p1/ssh-gss.h #endif /* GSSAPI */ #endif /* _SSH_GSS_H */ -Index: openssh-9.6p1/ssh.1 -=================================================================== ---- openssh-9.6p1.orig/ssh.1 -+++ openssh-9.6p1/ssh.1 -@@ -536,7 +536,13 @@ For full details of the options listed b +diff --git a/ssh.1 b/ssh.1 +index 60de6087..db5c65bc 100644 +--- a/ssh.1 ++++ b/ssh.1 +@@ -503,7 +503,13 @@ For full details of the options listed below, and their possible values, see .It GatewayPorts .It GlobalKnownHostsFile .It GSSAPIAuthentication @@ -3372,7 +3310,7 @@ Index: openssh-9.6p1/ssh.1 .It HashKnownHosts .It Host .It HostbasedAcceptedAlgorithms -@@ -624,6 +630,8 @@ flag), +@@ -624,6 +624,8 @@ (supported message integrity codes), .Ar kex (key exchange algorithms), @@ -3381,11 +3319,11 @@ Index: openssh-9.6p1/ssh.1 .Ar key (key types), .Ar key-ca-sign -Index: openssh-9.6p1/ssh.c -=================================================================== ---- openssh-9.6p1.orig/ssh.c -+++ openssh-9.6p1/ssh.c -@@ -833,6 +833,8 @@ main(int ac, char **av) +diff --git a/ssh.c b/ssh.c +index 15aee569..110cf9c1 100644 +--- a/ssh.c ++++ b/ssh.c +@@ -747,6 +747,8 @@ main(int ac, char **av) else if (strcmp(optarg, "kex") == 0 || strcasecmp(optarg, "KexAlgorithms") == 0) cp = kex_alg_list('\n'); @@ -3394,20 +3332,22 @@ Index: openssh-9.6p1/ssh.c else if (strcmp(optarg, "key") == 0) cp = sshkey_alg_list(0, 0, 0, '\n'); else if (strcmp(optarg, "key-cert") == 0) -@@ -862,7 +864,7 @@ main(int ac, char **av) - cp[n] = '\n'; +@@ -772,8 +774,8 @@ main(int ac, char **av) } else if (strcmp(optarg, "help") == 0) { cp = xstrdup( -- "cipher\ncipher-auth\ncompression\nkex\n" -+ "cipher\ncipher-auth\ncompression\nkex\nkex-gss\n" - "key\nkey-cert\nkey-plain\nkey-sig\nmac\n" - "protocol-version\nsig"); + "cipher\ncipher-auth\ncompression\nkex\n" +- "key\nkey-cert\nkey-plain\nkey-sig\nmac\n" +- "protocol-version\nsig"); ++ "kex-gss\nkey\nkey-cert\nkey-plain\n" ++ "key-sig\nmac\nprotocol-version\nsig"); } -Index: openssh-9.6p1/ssh_config -=================================================================== ---- openssh-9.6p1.orig/ssh_config -+++ openssh-9.6p1/ssh_config -@@ -40,6 +40,8 @@ Host * + if (cp == NULL) + fatal("Unsupported query \"%s\"", optarg); +diff --git a/ssh_config b/ssh_config +index 5e8ef548..1ff999b6 100644 +--- a/ssh_config ++++ b/ssh_config +@@ -24,6 +24,8 @@ # HostbasedAuthentication no # GSSAPIAuthentication no # GSSAPIDelegateCredentials no @@ -3416,11 +3356,11 @@ Index: openssh-9.6p1/ssh_config # BatchMode no # CheckHostIP no # AddressFamily any -Index: openssh-9.6p1/ssh_config.5 -=================================================================== ---- openssh-9.6p1.orig/ssh_config.5 -+++ openssh-9.6p1/ssh_config.5 -@@ -930,10 +930,67 @@ The default is +diff --git a/ssh_config.5 b/ssh_config.5 +index 06a32d31..3f490697 100644 +--- a/ssh_config.5 ++++ b/ssh_config.5 +@@ -766,10 +766,68 @@ The default is Specifies whether user authentication based on GSSAPI is allowed. The default is .Cm no . @@ -3483,26 +3423,18 @@ Index: openssh-9.6p1/ssh_config.5 +.Ed +.Pp +The default is -+.Dq gss-gex-sha1-,gss-group14-sha1- . -+This option only applies to protocol version 2 connections using GSSAPI. ++.Dq gss-group14-sha256-,gss-group16-sha512-,gss-nistp256-sha256-, ++gss-curve25519-sha256-,gss-group14-sha1-,gss-gex-sha1- . ++This option only applies to connections using GSSAPI. .It Cm HashKnownHosts Indicates that .Xr ssh 1 -Index: openssh-9.6p1/sshconnect2.c -=================================================================== ---- openssh-9.6p1.orig/sshconnect2.c -+++ openssh-9.6p1/sshconnect2.c -@@ -80,8 +80,6 @@ - #endif - - /* import */ --extern char *client_version_string; --extern char *server_version_string; - extern Options options; - - /* -@@ -224,10 +222,44 @@ ssh_kex2(struct ssh *ssh, char *host, st - char *s, *all_key, *hkalgs = NULL; +diff --git a/sshconnect2.c b/sshconnect2.c +index af00fb30..03bc87eb 100644 +--- a/sshconnect2.c ++++ b/sshconnect2.c +@@ -163,6 +161,11 @@ ssh_kex2(struct ssh *ssh, char *host, struct sockaddr *hostaddr, u_short port) + char *all_key, *hkalgs = NULL; int r, use_known_hosts_order = 0; +#if defined(GSSAPI) && defined(WITH_OPENSSL) @@ -3513,19 +3445,30 @@ Index: openssh-9.6p1/sshconnect2.c xxx_host = host; xxx_hostaddr = hostaddr; xxx_conn_info = cinfo; - +@@ -206,6 +209,42 @@ ssh_kex2(struct ssh *ssh, char *host, struct sockaddr *hostaddr, u_short port) + options.kex_algorithms, options.ciphers, options.macs, + compression_alg_list(options.compression), + hkalgs ? hkalgs : options.hostkeyalgorithms); ++ +#if defined(GSSAPI) && defined(WITH_OPENSSL) + if (options.gss_keyex) { + /* Add the GSSAPI mechanisms currently supported on this + * client to the key exchange algorithm proposal */ + orig = myproposal[PROPOSAL_KEX_ALGS]; + -+ if (options.gss_server_identity) ++ if (options.gss_server_identity) { + gss_host = xstrdup(options.gss_server_identity); -+ else if (options.gss_trust_dns) ++ } else if (options.gss_trust_dns) { + gss_host = remote_hostname(ssh); -+ else ++ /* Fall back to specified host if we are using proxy command ++ * and can not use DNS on that socket */ ++ if (strcmp(gss_host, "UNKNOWN") == 0) { ++ free(gss_host); ++ gss_host = xstrdup(host); ++ } ++ } else { + gss_host = xstrdup(host); ++ } + + gss = ssh_gssapi_client_mechanisms(gss_host, + options.gss_client_identity, options.gss_kex_algorithms); @@ -3542,11 +3485,10 @@ Index: openssh-9.6p1/sshconnect2.c + } + } +#endif -+ - if (options.rekey_limit || options.rekey_interval) - ssh_packet_set_rekey_limits(ssh, options.rekey_limit, - options.rekey_interval); -@@ -275,17 +307,47 @@ ssh_kex2(struct ssh *ssh, char *host, st + + free(hkalgs); + +@@ -224,15 +256,45 @@ ssh_kex2(struct ssh *ssh, char *host, struct sockaddr *hostaddr, u_short port) # ifdef OPENSSL_HAS_ECC ssh->kex->kex[KEX_ECDH_SHA2] = kex_gen_client; # endif @@ -3565,6 +3507,7 @@ Index: openssh-9.6p1/sshconnect2.c +#endif /* WITH_OPENSSL */ ssh->kex->kex[KEX_C25519_SHA256] = kex_gen_client; ssh->kex->kex[KEX_KEM_SNTRUP761X25519_SHA512] = kex_gen_client; + ssh->kex->kex[KEX_KEM_MLKEM768X25519_SHA256] = kex_gen_client; ssh->kex->verify_host_key=&verify_host_key_callback; +#if defined(GSSAPI) && defined(WITH_OPENSSL) @@ -3577,11 +3520,8 @@ Index: openssh-9.6p1/sshconnect2.c +#endif + ssh_dispatch_run_fatal(ssh, DISPATCH_BLOCK, &ssh->kex->done); + kex_proposal_free_entries(myproposal); - /* remove ext-info from the KEX proposals for rekeying */ - free(myproposal[PROPOSAL_KEX_ALGS]); - myproposal[PROPOSAL_KEX_ALGS] = - compat_kex_proposal(ssh, options.kex_algorithms); +#if defined(GSSAPI) && defined(WITH_OPENSSL) + /* repair myproposal after it was crumpled by the */ + /* ext-info removal above */ @@ -3592,10 +3532,10 @@ Index: openssh-9.6p1/sshconnect2.c + free(gss); + } +#endif - if ((r = kex_prop2buf(ssh->kex->my, myproposal)) != 0) - fatal_r(r, "kex_prop2buf"); - -@@ -379,6 +441,7 @@ static int input_gssapi_response(int typ + #ifdef DEBUG_KEXDH + /* send 1st encrypted/maced/compressed message */ + if ((r = sshpkt_start(ssh, SSH2_MSG_IGNORE)) != 0 || +@@ -330,6 +392,7 @@ static int input_gssapi_response(int type, u_int32_t, struct ssh *); static int input_gssapi_token(int type, u_int32_t, struct ssh *); static int input_gssapi_error(int, u_int32_t, struct ssh *); static int input_gssapi_errtok(int, u_int32_t, struct ssh *); @@ -3603,7 +3543,7 @@ Index: openssh-9.6p1/sshconnect2.c #endif void userauth(struct ssh *, char *); -@@ -395,6 +458,11 @@ static char *authmethods_get(void); +@@ -346,6 +409,11 @@ static char *authmethods_get(void); Authmethod authmethods[] = { #ifdef GSSAPI @@ -3615,32 +3555,41 @@ Index: openssh-9.6p1/sshconnect2.c {"gssapi-with-mic", userauth_gssapi, userauth_gssapi_cleanup, -@@ -766,12 +834,23 @@ userauth_gssapi(struct ssh *ssh) +@@ -716,12 +784,32 @@ userauth_gssapi(struct ssh *ssh) OM_uint32 min; int r, ok = 0; gss_OID mech = NULL; -+ char *gss_host; ++ char *gss_host = NULL; + -+ if (options.gss_server_identity) ++ if (options.gss_server_identity) { + gss_host = xstrdup(options.gss_server_identity); -+ else if (options.gss_trust_dns) ++ } else if (options.gss_trust_dns) { + gss_host = remote_hostname(ssh); -+ else ++ /* Fall back to specified host if we are using proxy command ++ * and can not use DNS on that socket */ ++ if (strcmp(gss_host, "UNKNOWN") == 0) { ++ free(gss_host); ++ gss_host = xstrdup(authctxt->host); ++ } ++ } else { + gss_host = xstrdup(authctxt->host); ++ } /* Try one GSSAPI method at a time, rather than sending them all at * once. */ if (authctxt->gss_supported_mechs == NULL) - gss_indicate_mechs(&min, &authctxt->gss_supported_mechs); -+ if (GSS_ERROR(gss_indicate_mechs(&min, &authctxt->gss_supported_mechs))) { ++ if (GSS_ERROR(gss_indicate_mechs(&min, ++ &authctxt->gss_supported_mechs))) { ++ authctxt->gss_supported_mechs = NULL; + free(gss_host); + return 0; + } /* Check to see whether the mechanism is usable before we offer it */ while (authctxt->mech_tried < authctxt->gss_supported_mechs->count && -@@ -780,13 +859,15 @@ userauth_gssapi(struct ssh *ssh) +@@ -730,13 +811,15 @@ userauth_gssapi(struct ssh *ssh) elements[authctxt->mech_tried]; /* My DER encoding requires length<128 */ if (mech->length < 128 && ssh_gssapi_check_mechanism(&gssctxt, @@ -3657,7 +3606,7 @@ Index: openssh-9.6p1/sshconnect2.c if (!ok || mech == NULL) return 0; -@@ -1020,6 +1101,55 @@ input_gssapi_error(int type, u_int32_t p +@@ -976,6 +1059,55 @@ input_gssapi_error(int type, u_int32_t plen, struct ssh *ssh) free(lang); return r; } @@ -3682,13 +3631,13 @@ Index: openssh-9.6p1/sshconnect2.c + } + + if ((b = sshbuf_new()) == NULL) -+ fatal("%s: sshbuf_new failed", __func__); ++ fatal_f("sshbuf_new failed"); + + ssh_gssapi_buildmic(b, authctxt->server_user, authctxt->service, + "gssapi-keyex", ssh->kex->session_id); + + if ((gssbuf.value = sshbuf_mutable_ptr(b)) == NULL) -+ fatal("%s: sshbuf_mutable_ptr failed", __func__); ++ fatal_f("sshbuf_mutable_ptr failed"); + gssbuf.length = sshbuf_len(b); + + if (GSS_ERROR(ssh_gssapi_sign(gss_kex_context, &gssbuf, &mic))) { @@ -3702,7 +3651,7 @@ Index: openssh-9.6p1/sshconnect2.c + (r = sshpkt_put_cstring(ssh, authctxt->method->name)) != 0 || + (r = sshpkt_put_string(ssh, mic.value, mic.length)) != 0 || + (r = sshpkt_send(ssh)) != 0) -+ fatal("%s: %s", __func__, ssh_err(r)); ++ fatal_fr(r, "parsing"); + + sshbuf_free(b); + gss_release_buffer(&ms, &mic); @@ -3713,22 +3662,11 @@ Index: openssh-9.6p1/sshconnect2.c #endif /* GSSAPI */ static int -Index: openssh-9.6p1/sshd.c -=================================================================== ---- openssh-9.6p1.orig/sshd.c -+++ openssh-9.6p1/sshd.c -@@ -808,8 +808,8 @@ notify_hostkeys(struct ssh *ssh) - } - debug3_f("sent %u hostkeys", nkeys); - if (nkeys == 0) -- fatal_f("no hostkeys"); -- if ((r = sshpkt_send(ssh)) != 0) -+ debug3("%s: no hostkeys", __func__); -+ else if ((r = sshpkt_send(ssh)) != 0) - sshpkt_fatal(ssh, r, "%s: send", __func__); - sshbuf_free(buf); - } -@@ -1944,7 +1944,8 @@ main(int ac, char **av) +diff --git a/sshd.c b/sshd.c +index 60b2aaf7..d92f03aa 100644 +--- a/sshd.c ++++ b/sshd.c +@@ -1852,7 +1852,8 @@ main(int ac, char **av) free(fp); } accumulate_host_timing_secret(cfg, NULL); @@ -3738,7 +3676,22 @@ Index: openssh-9.6p1/sshd.c logit("sshd: no hostkeys available -- exiting."); exit(1); } -@@ -2421,6 +2422,48 @@ do_ssh2_kex(struct ssh *ssh) +diff --git a/sshd-session.c b/sshd-session.c +index 60b2aaf7..d92f03aa 100644 +--- a/sshd-session.c ++++ b/sshd-session.c +@@ -817,8 +817,8 @@ notify_hostkeys(struct ssh *ssh) + } + debug3_f("sent %u hostkeys", nkeys); + if (nkeys == 0) +- fatal_f("no hostkeys"); +- if ((r = sshpkt_send(ssh)) != 0) ++ debug3_f("no hostkeys"); ++ else if ((r = sshpkt_send(ssh)) != 0) + sshpkt_fatal(ssh, r, "%s: send", __func__); + sshbuf_free(buf); + } +@@ -2347,6 +2348,48 @@ do_ssh2_kex(struct ssh *ssh) free(hkalgs); @@ -3787,10 +3740,10 @@ Index: openssh-9.6p1/sshd.c /* start key exchange */ if ((r = kex_setup(ssh, myproposal)) != 0) fatal_r(r, "kex_setup"); -@@ -2438,7 +2481,18 @@ do_ssh2_kex(struct ssh *ssh) - # ifdef OPENSSL_HAS_ECC +@@ -2362,7 +2405,18 @@ do_ssh2_kex(struct ssh *ssh) + #ifdef OPENSSL_HAS_ECC kex->kex[KEX_ECDH_SHA2] = kex_gen_server; - # endif + #endif -#endif +# ifdef GSSAPI + if (options.gss_keyex) { @@ -3806,11 +3759,11 @@ Index: openssh-9.6p1/sshd.c +#endif /* WITH_OPENSSL */ kex->kex[KEX_C25519_SHA256] = kex_gen_server; kex->kex[KEX_KEM_SNTRUP761X25519_SHA512] = kex_gen_server; - kex->load_host_public_key=&get_hostkey_public_by_type; -Index: openssh-9.6p1/sshd_config -=================================================================== ---- openssh-9.6p1.orig/sshd_config -+++ openssh-9.6p1/sshd_config + kex->kex[KEX_KEM_MLKEM768X25519_SHA256] = kex_gen_server; +diff --git a/sshd_config b/sshd_config +index 19b7c91a..2c48105f 100644 +--- a/sshd_config ++++ b/sshd_config @@ -69,6 +69,8 @@ AuthorizedKeysFile .ssh/authorized_keys # GSSAPI options #GSSAPIAuthentication no @@ -3820,11 +3773,11 @@ Index: openssh-9.6p1/sshd_config # Set this to 'yes' to enable PAM authentication, account processing, # and session processing. If this is enabled, PAM authentication will -Index: openssh-9.6p1/sshd_config.5 -=================================================================== ---- openssh-9.6p1.orig/sshd_config.5 -+++ openssh-9.6p1/sshd_config.5 -@@ -733,6 +733,11 @@ Specifies whether to automatically destr +diff --git a/sshd_config.5 b/sshd_config.5 +index 70ccea44..f6b41a2f 100644 +--- a/sshd_config.5 ++++ b/sshd_config.5 +@@ -646,6 +646,11 @@ Specifies whether to automatically destroy the user's credentials cache on logout. The default is .Cm yes . @@ -3836,7 +3789,7 @@ Index: openssh-9.6p1/sshd_config.5 .It Cm GSSAPIStrictAcceptorCheck Determines whether to be strict about the identity of the GSSAPI acceptor a client authenticates against. -@@ -747,6 +752,31 @@ machine's default store. +@@ -660,6 +665,32 @@ machine's default store. This facility is provided to assist with operation on multi homed machines. The default is .Cm yes . @@ -3863,20 +3816,79 @@ Index: openssh-9.6p1/sshd_config.5 +.Ed +.Pp +The default is -+.Dq gss-gex-sha1-,gss-group14-sha1- . -+This option only applies to protocol version 2 connections using GSSAPI. ++.Dq gss-group14-sha256-,gss-group16-sha512-,gss-nistp256-sha256-, ++gss-curve25519-sha256-,gss-group14-sha1-,gss-gex-sha1- . ++This option only applies to connections using GSSAPI. .It Cm HostbasedAcceptedAlgorithms Specifies the signature algorithms that will be accepted for hostbased authentication as a list of comma-separated patterns. -Index: openssh-9.6p1/sshkey.c -=================================================================== ---- openssh-9.6p1.orig/sshkey.c -+++ openssh-9.6p1/sshkey.c -@@ -128,6 +128,17 @@ extern const struct sshkey_impl sshkey_d +diff --git a/sshkey.c b/sshkey.c +index 57995ee6..fd5b7724 100644 +--- a/sshkey.c ++++ b/sshkey.c +@@ -127,6 +127,75 @@ static const struct keytype keytypes[] = { extern const struct sshkey_impl sshkey_xmss_impl; extern const struct sshkey_impl sshkey_xmss_cert_impl; #endif -+const struct sshkey_impl sshkey_null_impl = { ++ ++static int ssh_gss_equal(const struct sshkey *, const struct sshkey *) ++{ ++ return SSH_ERR_FEATURE_UNSUPPORTED; ++} ++ ++static int ssh_gss_serialize_public(const struct sshkey *, struct sshbuf *, ++ enum sshkey_serialize_rep) ++{ ++ return SSH_ERR_FEATURE_UNSUPPORTED; ++} ++ ++static int ssh_gss_deserialize_public(const char *, struct sshbuf *, ++ struct sshkey *) ++{ ++ return SSH_ERR_FEATURE_UNSUPPORTED; ++} ++ ++static int ssh_gss_serialize_private(const struct sshkey *, struct sshbuf *, ++ enum sshkey_serialize_rep) ++{ ++ return SSH_ERR_FEATURE_UNSUPPORTED; ++} ++ ++static int ssh_gss_deserialize_private(const char *, struct sshbuf *, ++ struct sshkey *) ++{ ++ return SSH_ERR_FEATURE_UNSUPPORTED; ++} ++ ++static int ssh_gss_copy_public(const struct sshkey *, struct sshkey *) ++{ ++ return SSH_ERR_FEATURE_UNSUPPORTED; ++} ++ ++static int ssh_gss_verify(const struct sshkey *, const u_char *, size_t, ++ const u_char *, size_t, const char *, u_int, ++ struct sshkey_sig_details **) ++{ ++ return SSH_ERR_FEATURE_UNSUPPORTED; ++} ++ ++static const struct sshkey_impl_funcs sshkey_gss_funcs = { ++ /* .size = */ NULL, ++ /* .alloc = */ NULL, ++ /* .cleanup = */ NULL, ++ /* .equal = */ ssh_gss_equal, ++ /* .ssh_serialize_public = */ ssh_gss_serialize_public, ++ /* .ssh_deserialize_public = */ ssh_gss_deserialize_public, ++ /* .ssh_serialize_private = */ ssh_gss_serialize_private, ++ /* .ssh_deserialize_private = */ ssh_gss_deserialize_private, ++ /* .generate = */ NULL, ++ /* .copy_public = */ ssh_gss_copy_public, ++ /* .sign = */ NULL, ++ /* .verify = */ ssh_gss_verify, ++}; ++ ++/* The struct is intentionally dummy and has no gss calls */ ++static const struct sshkey_impl sshkey_gss_kex_impl = { + /* .name = */ "null", + /* .shortname = */ "null", + /* .sigalg = */ NULL, @@ -3884,21 +3896,21 @@ Index: openssh-9.6p1/sshkey.c + /* .nid = */ 0, + /* .cert = */ 0, + /* .sigonly = */ 0, -+ /* .keybits = */ 0, -+ /* .funcs = */ NULL, ++ /* .keybits = */ 0, /* FIXME */ ++ /* .funcs = */ &sshkey_gss_funcs, +}; const struct sshkey_impl * const keyimpls[] = { &sshkey_ed25519_impl, -@@ -165,6 +176,7 @@ const struct sshkey_impl * const keyimpl +@@ -154,6 +154,7 @@ static const struct keytype keytypes[] = { &sshkey_xmss_impl, &sshkey_xmss_cert_impl, #endif -+ &sshkey_null_impl, ++ &sshkey_gss_kex_impl, NULL }; -@@ -320,7 +332,7 @@ sshkey_alg_list(int certs_only, int plai +@@ -255,7 +256,7 @@ sshkey_alg_list(int certs_only, int plain_only, int include_sigonly, char sep) for (i = 0; keyimpls[i] != NULL; i++) { impl = keyimpls[i]; @@ -3907,11 +3919,11 @@ Index: openssh-9.6p1/sshkey.c continue; if (!include_sigonly && impl->sigonly) continue; -Index: openssh-9.6p1/sshkey.h -=================================================================== ---- openssh-9.6p1.orig/sshkey.h -+++ openssh-9.6p1/sshkey.h -@@ -71,6 +71,7 @@ enum sshkey_types { +diff --git a/sshkey.h b/sshkey.h +index 71a3fddc..37a43a67 100644 +--- a/sshkey.h ++++ b/sshkey.h +@@ -69,6 +69,7 @@ enum sshkey_types { KEY_ECDSA_SK_CERT, KEY_ED25519_SK, KEY_ED25519_SK_CERT, @@ -3919,14 +3931,24 @@ Index: openssh-9.6p1/sshkey.h KEY_UNSPEC }; -Index: openssh-9.6p1/packet.c -=================================================================== ---- openssh-9.6p1.orig/packet.c -+++ openssh-9.6p1/packet.c -@@ -1425,6 +1425,29 @@ ssh_packet_read(struct ssh *ssh) +diff --git a/packet.h b/packet.h +--- a/packet.h (revision 8241b9c0529228b4b86d88b1a6076fb9f97e4a99) ++++ b/packet.h (date 1703172586447) +@@ -124,6 +124,7 @@ + int ssh_packet_send2(struct ssh *); + + int ssh_packet_read(struct ssh *); ++int ssh_packet_read_expect(struct ssh *, u_int type); + int ssh_packet_read_poll2(struct ssh *, u_char *, u_int32_t *seqnr_p); + int ssh_packet_process_incoming(struct ssh *, const char *buf, u_int len); + int ssh_packet_process_read(struct ssh *, int); +diff --git a/packet.c b/packet.c +--- a/packet.c (revision 8241b9c0529228b4b86d88b1a6076fb9f97e4a99) ++++ b/packet.c (date 1703172586447) +@@ -1425,6 +1416,29 @@ return type; } - + +/* + * Waits until a packet has been received, verifies that its type matches + * that given, and gives a fatal error and exits if there is a mismatch. @@ -3953,15 +3975,3 @@ Index: openssh-9.6p1/packet.c static int ssh_packet_read_poll2_mux(struct ssh *ssh, u_char *typep, u_int32_t *seqnr_p) { -Index: openssh-9.6p1/packet.h -=================================================================== ---- openssh-9.6p1.orig/packet.h -+++ openssh-9.6p1/packet.h -@@ -124,6 +124,7 @@ int ssh_packet_send2_wrapped(struct ssh - int ssh_packet_send2(struct ssh *); - - int ssh_packet_read(struct ssh *); -+int ssh_packet_read_expect(struct ssh *, u_int type); - int ssh_packet_read_poll(struct ssh *); - int ssh_packet_read_poll2(struct ssh *, u_char *, u_int32_t *seqnr_p); - int ssh_packet_process_incoming(struct ssh *, const char *buf, u_int len); diff --git a/openssh-8.1p1-audit.patch b/openssh-8.1p1-audit.patch index 6479633..e875747 100644 --- a/openssh-8.1p1-audit.patch +++ b/openssh-8.1p1-audit.patch @@ -3,7 +3,7 @@ Index: openssh-8.9p1/Makefile.in --- openssh-8.9p1.orig/Makefile.in +++ openssh-8.9p1/Makefile.in @@ -116,7 +116,7 @@ LIBSSH_OBJS=${LIBOPENSSH_OBJS} \ - kexsntrup761x25519.o sntrup761.o kexgen.o \ + kexsntrup761x25519.o kexmlkem768x25519.o sntrup761.o kexgen.o \ kexgssc.o \ sftp-realpath.o platform-pledge.o platform-tracing.o platform-misc.o \ - sshbuf-io.o @@ -236,7 +236,7 @@ Index: openssh-8.9p1/audit-linux.c /* Below is the sshd audit API code */ void -@@ -76,49 +176,210 @@ audit_connection_from(const char *host, +@@ -76,49 +176,211 @@ audit_connection_from(const char *host, /* not implemented */ } @@ -315,6 +315,7 @@ Index: openssh-8.9p1/audit-linux.c case SSH_AUTH_FAIL_PASSWD: + if (options.use_pam) + break; ++ /* Fallthrough */ + case SSH_LOGIN_EXCEED_MAXTRIES: case SSH_AUTH_FAIL_KBDINT: case SSH_AUTH_FAIL_PUBKEY: @@ -451,7 +452,7 @@ Index: openssh-8.9p1/audit-linux.c + } + audit_ok = audit_log_user_message(audit_fd, AUDIT_CRYPTO_KEY_USER, + buf, NULL, -+ listening_for_clients() ? NULL : ssh_remote_ipaddr(ssh), ++ ssh_remote_ipaddr(ssh), /*FIXME listening_for_clients() ? NULL : ssh_remote_ipaddr(ssh) */ + NULL, 1); + audit_close(audit_fd); + /* do not abort if the error is EPERM and sshd is run as non root user */ @@ -518,19 +519,19 @@ Index: openssh-8.9p1/audit.c +void +audit_unsupported(struct ssh *ssh, int what) +{ -+ PRIVSEP(audit_unsupported_body(ssh, what)); ++ mm_audit_unsupported_body(ssh, what); +} + +void +audit_kex(struct ssh *ssh, int ctos, char *enc, char *mac, char *comp, char *pfs) +{ -+ PRIVSEP(audit_kex_body(ssh, ctos, enc, mac, comp, pfs, getpid(), getuid())); ++ mm_audit_kex_body(ssh, ctos, enc, mac, comp, pfs, getpid(), getuid()); +} + +void +audit_session_key_free(struct ssh *ssh, int ctos) +{ -+ PRIVSEP(audit_session_key_free_body(ssh, ctos, getpid(), getuid())); ++ mm_audit_session_key_free_body(ssh, ctos, getpid(), getuid()); +} + # ifndef CUSTOM_SSH_AUDIT_EVENTS @@ -778,18 +779,18 @@ Index: openssh-8.9p1/auth.h + const u_char *, size_t, const char *, u_int, struct sshkey_sig_details **); /* Key / cert options linkage to auth layer */ - const struct sshauthopt *auth_options(struct ssh *); + int auth_activate_options(struct ssh *, struct sshauthopt *); Index: openssh-8.9p1/auth2-hostbased.c =================================================================== --- openssh-8.9p1.orig/auth2-hostbased.c +++ openssh-8.9p1/auth2-hostbased.c @@ -149,7 +149,7 @@ userauth_hostbased(struct ssh *ssh, cons authenticated = 0; - if (PRIVSEP(hostbased_key_allowed(ssh, authctxt->pw, cuser, - chost, key)) && -- PRIVSEP(sshkey_verify(key, sig, slen, -+ PRIVSEP(hostbased_key_verify(ssh, key, sig, slen, - sshbuf_ptr(b), sshbuf_len(b), pkalg, ssh->compat, NULL)) == 0) + if (mm_hostbased_key_allowed(ssh, authctxt->pw, cuser, + chost, key) && +- mm_sshkey_verify(key, sig, slen, ++ mm_hostbased_key_verify(ssh, key, sig, slen, + sshbuf_ptr(b), sshbuf_len(b), pkalg, ssh->compat, NULL) == 0) authenticated = 1; @@ -166,6 +166,19 @@ done: @@ -819,12 +820,12 @@ Index: openssh-8.9p1/auth2-pubkey.c @@ -223,7 +223,7 @@ userauth_pubkey(struct ssh *ssh, const c /* test for correct signature */ authenticated = 0; - if (PRIVSEP(user_key_allowed(ssh, pw, key, 1, &authopts)) && -- PRIVSEP(sshkey_verify(key, sig, slen, -+ PRIVSEP(user_key_verify(ssh, key, sig, slen, + if (mm_user_key_allowed(ssh, pw, key, 1, &authopts) && +- mm_sshkey_verify(key, sig, slen, ++ mm_user_key_verify(ssh, key, sig, slen, sshbuf_ptr(b), sshbuf_len(b), (ssh->compat & SSH_BUG_SIGTYPE) == 0 ? pkalg : NULL, - ssh->compat, &sig_details)) == 0) { + ssh->compat, &sig_details) == 0) { @@ -316,6 +316,19 @@ done: return authenticated; } @@ -854,7 +855,7 @@ Index: openssh-8.9p1/auth2.c /* Invalid user, fake password information */ authctxt->pw = fakepw(); -#ifdef SSH_AUDIT_EVENTS -- PRIVSEP(audit_event(ssh, SSH_INVALID_USER)); +- mm_audit_event(ssh, SSH_INVALID_USER); -#endif } #ifdef USE_PAM @@ -939,8 +940,8 @@ Index: openssh-8.9p1/kex.c #include "xmalloc.h" +#include "audit.h" - #ifdef GSSAPI - #include "ssh-gss.h" + /* prototype */ + static int kex_choose_conf(struct ssh *, uint32_t seq); @@ -879,12 +880,16 @@ kex_start_rekex(struct ssh *ssh) } @@ -1124,7 +1125,7 @@ Index: openssh-8.9p1/monitor.c extern struct sshbuf *loginmsg; extern struct sshauthopt *auth_opts; /* XXX move to permanent ssh->authctxt? */ -+extern void destroy_sensitive_data(struct ssh *, int); ++extern void destroy_sensitive_data(struct ssh *); + /* State exported from the child */ static struct sshbuf *child_state; @@ -1257,7 +1258,7 @@ Index: openssh-8.9p1/monitor.c sshpam_cleanup(); #endif -+ destroy_sensitive_data(ssh, 0); ++ destroy_sensitive_data(ssh); + while (waitpid(pmonitor->m_pid, &status, 0) == -1) if (errno != EINTR) @@ -1301,12 +1302,12 @@ Index: openssh-8.9p1/monitor.c + debug3("%s entering", __func__); + if ((r = sshbuf_get_u32(m, &handle)) != 0 || + (r = sshbuf_get_string(m, &cmd, &len)) != 0) -+ fatal("%s: buffer error: %s", __func__, ssh_err(r)); ++ fatal_fr(r, "buffer error"); + + s = session_by_id(handle); + if (s == NULL || s->ttyfd != -1 || s->command == NULL || + strcmp(s->command, cmd) != 0) -+ fatal("%s: invalid handle", __func__); ++ fatal_f("invalid handle"); + mm_session_close(ssh, s); free(cmd); return (0); @@ -1349,7 +1350,7 @@ Index: openssh-8.9p1/monitor.c + int what, r; + + if ((r = sshbuf_get_u32(m, &what)) != 0) -+ fatal("%s: buffer error: %s", __func__, ssh_err(r)); ++ fatal_fr(r, "buffer error"); + + audit_unsupported_body(ssh, what); + @@ -1374,10 +1375,10 @@ Index: openssh-8.9p1/monitor.c + (r = sshbuf_get_cstring(m, &compress, NULL)) != 0 || + (r = sshbuf_get_cstring(m, &pfs, NULL)) != 0 || + (r = sshbuf_get_u64(m, &tmp)) != 0) -+ fatal("%s: buffer error: %s", __func__, ssh_err(r)); ++ fatal_fr(r, "buffer error"); + pid = (pid_t) tmp; + if ((r = sshbuf_get_u64(m, &tmp)) != 0) -+ fatal("%s: buffer error: %s", __func__, ssh_err(r)); ++ fatal_fr(r, "buffer error"); + uid = (pid_t) tmp; + + audit_kex_body(ssh, ctos, cipher, mac, compress, pfs, pid, uid); @@ -1402,10 +1403,10 @@ Index: openssh-8.9p1/monitor.c + + if ((r = sshbuf_get_u32(m, &ctos)) != 0 || + (r = sshbuf_get_u64(m, &tmp)) != 0) -+ fatal("%s: buffer error: %s", __func__, ssh_err(r)); ++ fatal_fr(r, "buffer error"); + pid = (pid_t) tmp; + if ((r = sshbuf_get_u64(m, &tmp)) != 0) -+ fatal("%s: buffer error: %s", __func__, ssh_err(r)); ++ fatal_fr(r, "buffer error"); + uid = (uid_t) tmp; + + audit_session_key_free_body(ssh, ctos, pid, uid); @@ -1427,10 +1428,10 @@ Index: openssh-8.9p1/monitor.c + + if ((r = sshbuf_get_cstring(m, &fp, &len)) != 0 || + (r = sshbuf_get_u64(m, &tmp)) != 0) -+ fatal("%s: buffer error: %s", __func__, ssh_err(r)); ++ fatal_fr(r, "buffer error"); + pid = (pid_t) tmp; + if ((r = sshbuf_get_u64(m, &tmp)) != 0) -+ fatal("%s: buffer error: %s", __func__, ssh_err(r)); ++ fatal_fr(r, "buffer error"); + uid = (uid_t) tmp; + + audit_destroy_sensitive_data(ssh, fp, pid, uid); @@ -1526,7 +1527,7 @@ Index: openssh-8.9p1/monitor_wrap.c + mm_request_receive_expect(pmonitor->m_recvfd, MONITOR_ANS_AUDIT_COMMAND, m); + + if ((r = sshbuf_get_u32(m, &handle)) != 0) -+ fatal("%s: buffer error: %s", __func__, ssh_err(r)); ++ fatal_fr(r, "buffer error"); + sshbuf_free(m); + + return (handle); @@ -1541,19 +1542,19 @@ Index: openssh-8.9p1/monitor_wrap.c + debug3("%s entering command %s", __func__, command); + + if ((m = sshbuf_new()) == NULL) -+ fatal("%s: sshbuf_new failed", __func__); ++ fatal_f("sshbuf_new failed"); + if ((r = sshbuf_put_u32(m, handle)) != 0 || + (r = sshbuf_put_cstring(m, command)) != 0) -+ fatal("%s: buffer error: %s", __func__, ssh_err(r)); ++ fatal_fr(r, "buffer error"); + + mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_AUDIT_END_COMMAND, m); sshbuf_free(m); } #endif /* SSH_AUDIT_EVENTS */ -@@ -1074,3 +1114,130 @@ mm_ssh_gssapi_update_creds(ssh_gssapi_cc +@@ -1217,3 +1257,83 @@ mm_ssh_gssapi_update_creds(ssh_gssapi_cc + return &ci; } - #endif /* GSSAPI */ +#ifdef SSH_AUDIT_EVENTS +void +mm_audit_unsupported_body(struct ssh *ssh, int what) @@ -1562,9 +1563,9 @@ Index: openssh-8.9p1/monitor_wrap.c + struct sshbuf *m; + + if ((m = sshbuf_new()) == NULL) -+ fatal("%s: sshbuf_new failed", __func__); ++ fatal_f("sshbuf_new failed"); + if ((r = sshbuf_put_u32(m, what)) != 0) -+ fatal("%s: buffer error: %s", __func__, ssh_err(r)); ++ fatal_fr(r, "buffer error"); + + mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_AUDIT_UNSUPPORTED, m); + mm_request_receive_expect(pmonitor->m_recvfd, MONITOR_ANS_AUDIT_UNSUPPORTED, @@ -1581,7 +1582,7 @@ Index: openssh-8.9p1/monitor_wrap.c + struct sshbuf *m; + + if ((m = sshbuf_new()) == NULL) -+ fatal("%s: sshbuf_new failed", __func__); ++ fatal_f("sshbuf_new failed"); + if ((r = sshbuf_put_u32(m, ctos)) != 0 || + (r = sshbuf_put_cstring(m, cipher)) != 0 || + (r = sshbuf_put_cstring(m, (mac ? mac : ""))) != 0 || @@ -1589,7 +1590,7 @@ Index: openssh-8.9p1/monitor_wrap.c + (r = sshbuf_put_cstring(m, fps)) != 0 || + (r = sshbuf_put_u64(m, pid)) != 0 || + (r = sshbuf_put_u64(m, uid)) != 0) -+ fatal("%s: buffer error: %s", __func__, ssh_err(r)); ++ fatal_fr(r, "buffer error"); + + mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_AUDIT_KEX, m); + mm_request_receive_expect(pmonitor->m_recvfd, MONITOR_ANS_AUDIT_KEX, @@ -1605,11 +1606,11 @@ Index: openssh-8.9p1/monitor_wrap.c + struct sshbuf *m; + + if ((m = sshbuf_new()) == NULL) -+ fatal("%s: sshbuf_new failed", __func__); ++ fatal_f("sshbuf_new failed"); + if ((r = sshbuf_put_u32(m, ctos)) != 0 || + (r = sshbuf_put_u64(m, pid)) != 0 || + (r = sshbuf_put_u64(m, uid)) != 0) -+ fatal("%s: buffer error: %s", __func__, ssh_err(r)); ++ fatal_fr(r, "buffer error"); + + mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_AUDIT_SESSION_KEY_FREE, m); + mm_request_receive_expect(pmonitor->m_recvfd, MONITOR_ANS_AUDIT_SESSION_KEY_FREE, @@ -1624,62 +1625,15 @@ Index: openssh-8.9p1/monitor_wrap.c + struct sshbuf *m; + + if ((m = sshbuf_new()) == NULL) -+ fatal("%s: sshbuf_new failed", __func__); ++ fatal_f("sshbuf_new failed"); + if ((r = sshbuf_put_cstring(m, fp)) != 0 || + (r = sshbuf_put_u64(m, pid)) != 0 || + (r = sshbuf_put_u64(m, uid)) != 0) -+ fatal("%s: buffer error: %s", __func__, ssh_err(r)); ++ fatal_fr(r, "buffer error"); + + mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_AUDIT_SERVER_KEY_FREE, m); + sshbuf_free(m); +} -+ -+int mm_forward_audit_messages(int fdin) -+{ -+ u_char buf[4]; -+ u_int blen, msg_len; -+ struct sshbuf *m; -+ int ret = 0; -+ -+ debug3("%s: entering", __func__); -+ m = sshbuf_new(); -+ do { -+ int r; -+ -+ blen = atomicio(read, fdin, buf, sizeof(buf)); -+ if (blen == 0) /* closed pipe */ -+ break; -+ if (blen != sizeof(buf)) { -+ error("%s: Failed to read the buffer from child", __func__); -+ ret = -1; -+ break; -+ } -+ -+ msg_len = get_u32(buf); -+ if (msg_len > 256 * 1024) -+ fatal("%s: read: bad msg_len %d", __func__, msg_len); -+ sshbuf_reset(m); -+ if ((r = sshbuf_reserve(m, msg_len, NULL)) != 0) -+ fatal("%s: buffer error: %s", __func__, ssh_err(r)); -+ if (atomicio(read, fdin, sshbuf_mutable_ptr(m), msg_len) != msg_len) { -+ error("%s: Failed to read the the buffer conent from the child", __func__); -+ ret = -1; -+ break; -+ } -+ if (atomicio(vwrite, pmonitor->m_recvfd, buf, blen) != blen || -+ atomicio(vwrite, pmonitor->m_recvfd, sshbuf_mutable_ptr(m), msg_len) != msg_len) { -+ error("%s: Failed to write the messag to the monitor", __func__); -+ ret = -1; -+ break; -+ } -+ } while (1); -+ sshbuf_free(m); -+ return ret; -+} -+void mm_set_monitor_pipe(int fd) -+{ -+ pmonitor->m_recvfd = fd; -+} +#endif /* SSH_AUDIT_EVENTS */ Index: openssh-8.9p1/monitor_wrap.h =================================================================== @@ -1695,8 +1649,8 @@ Index: openssh-8.9p1/monitor_wrap.h +int mm_user_key_verify(struct ssh *, const struct sshkey *, const u_char *, size_t, const u_char *, size_t, const char *, u_int, struct sshkey_sig_details **); - #ifdef GSSAPI -@@ -83,7 +85,14 @@ void mm_sshpam_free_ctx(void *); + void mm_decode_activate_server_options(struct ssh *ssh, struct sshbuf *m); +@@ -83,7 +85,12 @@ void mm_sshpam_free_ctx(void *); #ifdef SSH_AUDIT_EVENTS #include "audit.h" void mm_audit_event(struct ssh *, ssh_audit_event_t); @@ -1707,8 +1661,6 @@ Index: openssh-8.9p1/monitor_wrap.h +void mm_audit_kex_body(struct ssh *, int, char *, char *, char *, char *, pid_t, uid_t); +void mm_audit_session_key_free_body(struct ssh *, int, pid_t, uid_t); +void mm_audit_destroy_sensitive_data(struct ssh *, const char *, pid_t, uid_t); -+int mm_forward_audit_messages(int); -+void mm_set_monitor_pipe(int); #endif struct Session; @@ -1738,12 +1690,7 @@ Index: openssh-8.9p1/packet.c /* * Returns the IP-address of the remote host as a string. The returned * string must not be freed. -@@ -579,26 +587,23 @@ ssh_packet_rdomain_in(struct ssh *ssh) - /* Closes the connection and clears and frees internal data structures. */ - - static void --ssh_packet_close_internal(struct ssh *ssh, int do_close) -+ssh_packet_close_internal(struct ssh *ssh, int do_close, int do_audit) +@@ -579,22 +587,19 @@ ssh_packet_rdomain_in(struct ssh *ssh) { struct session_state *state = ssh->state; u_int mode; @@ -1775,7 +1722,7 @@ Index: openssh-8.9p1/packet.c #endif /* WITH_ZLIB */ cipher_free(state->send_context); cipher_free(state->receive_context); -+ if (do_audit && had_keys && state->server_side) { ++ if (had_keys && state->server_side) { + /* Assuming this is called only from privsep child */ + audit_session_key_free(ssh, MODE_MAX); + } @@ -1790,28 +1737,6 @@ Index: openssh-8.9p1/packet.c free(ssh->local_ipaddr); ssh->local_ipaddr = NULL; free(ssh->remote_ipaddr); -@@ -650,13 +665,19 @@ ssh_packet_close_internal(struct ssh *ss - void - ssh_packet_close(struct ssh *ssh) - { -- ssh_packet_close_internal(ssh, 1); -+ ssh_packet_close_internal(ssh, 1, 1); - } - - void - ssh_packet_clear_keys(struct ssh *ssh) - { -- ssh_packet_close_internal(ssh, 0); -+ ssh_packet_close_internal(ssh, 0, 1); -+} -+ -+void -+ssh_packet_clear_keys_noaudit(struct ssh *ssh) -+{ -+ ssh_packet_close_internal(ssh, 0, 0); - } - - /* Sets remote side protocol flags. */ @@ -892,6 +913,7 @@ ssh_set_newkeys(struct ssh *ssh, int mod (unsigned long long)state->p_send.bytes, (unsigned long long)state->p_send.blocks); @@ -1820,7 +1745,7 @@ Index: openssh-8.9p1/packet.c state->newkeys[mode] = NULL; } /* note that both bytes and the seqnr are not reset */ -@@ -2183,6 +2205,73 @@ ssh_packet_get_output(struct ssh *ssh) +@@ -2183,6 +2205,72 @@ ssh_packet_get_output(struct ssh *ssh) return (void *)ssh->state->output; } @@ -1850,9 +1775,8 @@ Index: openssh-8.9p1/packet.c + return; + + cipher_free(state->receive_context); -+ state->receive_context = NULL; + cipher_free(state->send_context); -+ state->send_context = NULL; ++ state->send_context = state->receive_context = NULL; + + sshbuf_free(state->input); + state->input = NULL; @@ -1898,14 +1822,6 @@ Index: openssh-8.9p1/packet.h =================================================================== --- openssh-8.9p1.orig/packet.h +++ openssh-8.9p1/packet.h -@@ -102,6 +102,7 @@ int ssh_packet_get_connection_out(s - void ssh_packet_close(struct ssh *); - void ssh_packet_set_input_hook(struct ssh *, ssh_packet_hook_fn *, void *); - void ssh_packet_clear_keys(struct ssh *); -+void ssh_packet_clear_keys_noaudit(struct ssh *); - void ssh_clear_newkeys(struct ssh *, int); - - int ssh_packet_is_rekeying(struct ssh *); @@ -220,4 +221,5 @@ const u_char *sshpkt_ptr(struct ssh *, s # undef EC_POINT #endif @@ -1921,22 +1837,11 @@ Index: openssh-8.9p1/session.c extern u_int utmp_len; extern int startup_pipe; -extern void destroy_sensitive_data(void); -+extern void destroy_sensitive_data(struct ssh *, int); ++extern void destroy_sensitive_data(struct ssh *); extern struct sshbuf *loginmsg; extern struct sshauthopt *auth_opts; extern char *tun_fwd_ifnames; /* serverloop.c */ -@@ -157,6 +157,10 @@ static Session *sessions = NULL; - login_cap_t *lc; - #endif - -+#ifdef SSH_AUDIT_EVENTS -+int paudit[2]; -+#endif -+ - static int is_child = 0; - static int in_chroot = 0; - -@@ -642,6 +646,14 @@ do_exec_pty(struct ssh *ssh, Session *s, +@@ -644,6 +644,14 @@ do_exec_pty(struct ssh *ssh, Session *s, /* Parent. Close the slave side of the pseudo tty. */ close(ttyfd); @@ -1951,85 +1856,42 @@ Index: openssh-8.9p1/session.c /* Enter interactive session. */ s->ptymaster = ptymaster; ssh_packet_set_interactive(ssh, 1, -@@ -706,15 +718,21 @@ do_exec(struct ssh *ssh, Session *s, con +@@ -736,15 +744,19 @@ do_exec(struct ssh *ssh, Session *s, con s->self); #ifdef SSH_AUDIT_EVENTS + if (s->command != NULL || s->command_handle != -1) + fatal("do_exec: command already set"); if (command != NULL) -- PRIVSEP(audit_run_command(command)); +- mm_audit_run_command(command); + s->command = xstrdup(command); else if (s->ttyfd == -1) { char *shell = s->pw->pw_shell; if (shell[0] == '\0') /* empty shell means /bin/sh */ shell =_PATH_BSHELL; -- PRIVSEP(audit_run_command(shell)); +- mm_audit_run_command(shell); + s->command = xstrdup(shell); } + if (s->command != NULL && s->ptyfd == -1) -+ s->command_handle = PRIVSEP(audit_run_command(ssh, s->command)); -+ if (pipe(paudit) < 0) -+ fatal("pipe: %s", strerror(errno)); ++ s->command_handle = mm_audit_run_command(ssh, s->command); #endif if (s->ttyfd != -1) ret = do_exec_pty(ssh, s, command); -@@ -730,6 +748,20 @@ do_exec(struct ssh *ssh, Session *s, con - */ - sshbuf_reset(loginmsg); - -+#ifdef SSH_AUDIT_EVENTS -+ close(paudit[1]); -+ if (use_privsep && ret == 0) { -+ /* -+ * Read the audit messages from forked child and send them -+ * back to monitor. We don't want to communicate directly, -+ * because the messages might get mixed up. -+ * Continue after the pipe gets closed (all messages sent). -+ */ -+ ret = mm_forward_audit_messages(paudit[0]); -+ } -+ close(paudit[0]); -+#endif /* SSH_AUDIT_EVENTS */ -+ - return ret; - } - -@@ -1530,11 +1562,30 @@ do_child(struct ssh *ssh, Session *s, co - int env_size; - int r = 0; - -+#ifdef SSH_AUDIT_EVENTS -+ int pparent = paudit[1]; -+ close(paudit[0]); -+ /* Hack the monitor pipe to avoid race condition with parent */ -+ if (use_privsep) -+ mm_set_monitor_pipe(pparent); -+#endif -+ +@@ -1550,8 +1562,11 @@ do_child(struct ssh *ssh, Session *s, co sshpkt_fmt_connection_id(ssh, remote_id, sizeof(remote_id)); /* remove hostkey from the child's memory */ - destroy_sensitive_data(); -- ssh_packet_clear_keys(ssh); -+ destroy_sensitive_data(ssh, use_privsep); -+ ssh_packet_clear_keys_noaudit(ssh); -+ /* -+ * We can audit this, because we hacked the pipe to direct the -+ * messages over postauth child. But this message requires an answer -+ * which we can't do using a one-way pipe. -+ */ ++ destroy_sensitive_data(ssh); + ssh_packet_clear_keys(ssh); ++ /* Don't audit this - both us and the parent would be talking to the ++ monitor over a single socket, with no synchronization. */ + packet_destroy_all(ssh, 0, 1); -+ -+#ifdef SSH_AUDIT_EVENTS -+ /* Notify parent that we are done */ -+ close(pparent); -+#endif /* Force a password change */ if (s->authctxt->force_pwchange) { -@@ -1743,6 +1794,9 @@ session_unused(int id) +@@ -1763,6 +1778,9 @@ session_unused(int id) sessions[id].ttyfd = -1; sessions[id].ptymaster = -1; sessions[id].x11_chanids = NULL; @@ -2039,7 +1901,7 @@ Index: openssh-8.9p1/session.c sessions[id].next_unused = sessions_first_unused; sessions_first_unused = id; } -@@ -1822,6 +1876,19 @@ session_open(Authctxt *authctxt, int cha +@@ -1843,6 +1861,19 @@ session_open(Authctxt *authctxt, int cha } Session * @@ -2050,7 +1912,7 @@ Index: openssh-8.9p1/session.c + if (s->used) + return s; + } -+ debug("%s: unknown id %d", __func__, id); ++ debug_f("unknown id %d", id); + session_dump(); + return NULL; +} @@ -2059,7 +1921,7 @@ Index: openssh-8.9p1/session.c session_by_tty(char *tty) { int i; -@@ -2429,6 +2496,32 @@ session_exit_message(struct ssh *ssh, Se +@@ -2450,6 +2481,32 @@ session_exit_message(struct ssh *ssh, Se chan_write_failed(ssh, c); } @@ -2081,7 +1943,7 @@ Index: openssh-8.9p1/session.c +{ + if (s->command != NULL) { + if (s->command_handle != -1) -+ PRIVSEP(audit_end_command(ssh, s->command_handle, s->command)); ++ mm_audit_end_command(ssh, s->command_handle, s->command); + free(s->command); + s->command = NULL; + s->command_handle = -1; @@ -2092,7 +1954,7 @@ Index: openssh-8.9p1/session.c void session_close(struct ssh *ssh, Session *s) { -@@ -2470,6 +2563,10 @@ session_close(struct ssh *ssh, Session * +@@ -2463,6 +2520,10 @@ session_close(struct ssh *ssh, Session * if (s->ttyfd != -1) session_pty_cleanup(s); @@ -2103,7 +1965,7 @@ Index: openssh-8.9p1/session.c free(s->term); free(s->display); free(s->x11_chanids); -@@ -2544,14 +2641,14 @@ session_close_by_channel(struct ssh *ssh +@@ -2537,14 +2598,14 @@ session_close_by_channel(struct ssh *ssh } void @@ -2120,7 +1982,7 @@ Index: openssh-8.9p1/session.c else session_close(ssh, s); } -@@ -2677,6 +2774,15 @@ do_authenticated2(struct ssh *ssh, Authc +@@ -2671,6 +2732,15 @@ do_authenticated2(struct ssh *ssh, Authc server_loop2(ssh, authctxt); } @@ -2136,10 +1998,10 @@ Index: openssh-8.9p1/session.c void do_cleanup(struct ssh *ssh, Authctxt *authctxt) { -@@ -2740,7 +2846,7 @@ do_cleanup(struct ssh *ssh, Authctxt *au +@@ -2734,7 +2804,7 @@ do_cleanup(struct ssh *ssh, Authctxt *au * or if running in monitor. */ - if (!use_privsep || mm_is_monitor()) + if (mm_is_monitor()) - session_destroy_all(ssh, session_pty_cleanup2); + session_destroy_all(ssh, do_cleanup_one_session); } @@ -2180,26 +2042,7 @@ Index: openssh-8.9p1/sshd.c =================================================================== --- openssh-8.9p1.orig/sshd.c +++ openssh-8.9p1/sshd.c -@@ -125,6 +125,7 @@ - #include "ssh-gss.h" - #endif - #include "monitor_wrap.h" -+#include "audit.h" - #include "ssh-sandbox.h" - #include "auth-options.h" - #include "version.h" -@@ -265,8 +266,8 @@ struct sshbuf *loginmsg; - struct passwd *privsep_pw = NULL; - - /* Prototypes for various functions defined later in this file. */ --void destroy_sensitive_data(void); --void demote_sensitive_data(void); -+void destroy_sensitive_data(struct ssh *, int); -+void demote_sensitive_data(struct ssh *); - static void do_ssh2_kex(struct ssh *); - - static char *listener_proctitle; -@@ -284,6 +285,15 @@ close_listen_socks(void) +@@ -219,6 +219,15 @@ close_listen_socks(void) num_listen_socks = 0; } @@ -2209,14 +2052,45 @@ Index: openssh-8.9p1/sshd.c + */ +int listening_for_clients(void) +{ -+ return num_listen_socks >= 0; ++ return num_listen_socks > 0; +} + + /* Allocate and initialise the children array */ static void - close_startup_pipes(void) - { -@@ -382,18 +392,45 @@ grace_alarm_handler(int sig) - ssh_remote_port(the_active_state)); + child_alloc(void) +@@ -897,6 +906,7 @@ server_accept_loop(int *sock_in, int *so + if (received_sigterm) { + logit("Received signal %d; terminating.", + (int) received_sigterm); ++ /* destroy_sensitive_data(ssh, 0); FIXME */ + close_listen_socks(); + if (options.pid_file != NULL) + unlink(options.pid_file); +Index: openssh-8.9p1/sshd-session.c +=================================================================== +--- openssh-8.9p1.orig/sshd-session.c ++++ openssh-8.9p1/sshd-session.c +@@ -125,6 +125,7 @@ + #include "ssh-gss.h" + #endif + #include "monitor_wrap.h" ++#include "audit.h" + #include "ssh-sandbox.h" + #include "auth-options.h" + #include "version.h" +@@ -265,8 +266,8 @@ struct sshbuf *loginmsg; + struct sshbuf *loginmsg; + + /* Prototypes for various functions defined later in this file. */ +-void destroy_sensitive_data(void); +-void demote_sensitive_data(void); ++void destroy_sensitive_data(struct ssh *); ++void demote_sensitive_data(struct ssh *); + static void do_ssh2_kex(struct ssh *); + + /* +@@ -382,18 +383,40 @@ grace_alarm_handler(int sig) + _exit(EXIT_LOGIN_GRACE); } -/* Destroy the host and server keys. They will no longer be needed. */ @@ -2226,7 +2100,7 @@ Index: openssh-8.9p1/sshd.c + */ void -destroy_sensitive_data(void) -+destroy_sensitive_data(struct ssh *ssh, int privsep) ++destroy_sensitive_data(struct ssh *ssh) { u_int i; +#ifdef SSH_AUDIT_EVENTS @@ -2248,12 +2122,7 @@ Index: openssh-8.9p1/sshd.c sensitive_data.host_keys[i] = NULL; + if (fp != NULL) { +#ifdef SSH_AUDIT_EVENTS -+ if (privsep) -+ PRIVSEP(audit_destroy_sensitive_data(ssh, fp, -+ pid, uid)); -+ else -+ audit_destroy_sensitive_data(ssh, fp, -+ pid, uid); ++ audit_destroy_sensitive_data(ssh, fp, pid, uid); +#endif + free(fp); + } @@ -2264,7 +2133,7 @@ Index: openssh-8.9p1/sshd.c sshkey_free(sensitive_data.host_certificates[i]); sensitive_data.host_certificates[i] = NULL; } -@@ -402,20 +439,38 @@ destroy_sensitive_data(void) +@@ -402,20 +430,38 @@ destroy_sensitive_data(void) /* Demote private to public keys for network child */ void @@ -2304,7 +2173,7 @@ Index: openssh-8.9p1/sshd.c } /* Certs do not need demotion */ } -@@ -443,7 +498,7 @@ reseed_prngs(void) +@@ -443,7 +489,7 @@ reseed_prngs(void) } static void @@ -2313,7 +2182,7 @@ Index: openssh-8.9p1/sshd.c { gid_t gidset[1]; -@@ -458,7 +513,7 @@ privsep_preauth_child(void) +@@ -458,7 +504,7 @@ privsep_preauth_child(void) reseed_prngs(); /* Demote the private keys to public keys. */ @@ -2322,16 +2191,16 @@ Index: openssh-8.9p1/sshd.c /* Demote the child */ if (privsep_chroot) { -@@ -493,7 +548,7 @@ privsep_preauth(struct ssh *ssh) +@@ -493,7 +539,7 @@ privsep_preauth(struct ssh *ssh) + pmonitor->m_pkex = &ssh->kex; - if (use_privsep == PRIVSEP_ON) - box = ssh_sandbox_init(pmonitor); + box = ssh_sandbox_init(pmonitor); - pid = fork(); + pmonitor->m_pid = pid = fork(); if (pid == -1) { fatal("fork of unprivileged child failed"); } else if (pid != 0) { -@@ -538,7 +593,7 @@ privsep_preauth(struct ssh *ssh) +@@ -538,7 +584,7 @@ privsep_preauth(struct ssh *ssh) /* Arrange for logging to be sent to the monitor */ set_log_handler(mm_log_handler, pmonitor); @@ -2340,7 +2209,7 @@ Index: openssh-8.9p1/sshd.c setproctitle("%s", "[net]"); if (box != NULL) ssh_sandbox_child(box); -@@ -582,7 +637,7 @@ privsep_postauth(struct ssh *ssh, Authct +@@ -582,7 +628,7 @@ privsep_postauth(struct ssh *ssh, Authct pmonitor->m_sendfd = -1; /* Demote the private keys to public keys. */ @@ -2349,43 +2218,17 @@ Index: openssh-8.9p1/sshd.c reseed_prngs(); -@@ -1136,7 +1191,7 @@ server_listen(void) - * from this function are in a forked subprocess. - */ - static void --server_accept_loop(int *sock_in, int *sock_out, int *newsock, int *config_s) -+server_accept_loop(struct ssh *ssh, int *sock_in, int *sock_out, int *newsock, int *config_s) - { - struct pollfd *pfd = NULL; - int i, j, ret, npfd; -@@ -1179,6 +1234,7 @@ server_accept_loop(int *sock_in, int *so - if (received_sigterm) { - logit("Received signal %d; terminating.", - (int) received_sigterm); -+ destroy_sensitive_data(ssh, 0); - close_listen_socks(); - if (options.pid_file != NULL) - unlink(options.pid_file); -@@ -2088,7 +2144,7 @@ main(int ac, char **av) - #endif - - /* Accept a connection and return in a forked child */ -- server_accept_loop(&sock_in, &sock_out, -+ server_accept_loop(ssh, &sock_in, &sock_out, - &newsock, config_s); - } - -@@ -2311,6 +2367,9 @@ main(int ac, char **av) +@@ -2311,6 +2358,9 @@ main(int ac, char **av) do_authenticated(ssh, authctxt); /* The connection has been terminated. */ + packet_destroy_all(ssh, 1, 1); -+ destroy_sensitive_data(ssh, 1); ++ destroy_sensitive_data(ssh); + ssh_packet_get_bytes(ssh, &ibytes, &obytes); verbose("Transferred: sent %llu, received %llu bytes", (unsigned long long)obytes, (unsigned long long)ibytes); -@@ -2491,6 +2550,15 @@ do_ssh2_kex(struct ssh *ssh) +@@ -2491,6 +2541,15 @@ do_ssh2_kex(struct ssh *ssh) void cleanup_exit(int i) { @@ -2398,32 +2241,35 @@ Index: openssh-8.9p1/sshd.c + if (in_cleanup) + _exit(i); + in_cleanup = 1; + extern int auth_attempted; /* monitor.c */ + if (the_active_state != NULL && the_authctxt != NULL) { - do_cleanup(the_active_state, the_authctxt); - if (use_privsep && privsep_is_preauth && -@@ -2503,9 +2571,16 @@ cleanup_exit(int i) - } - } +@@ -2525,7 +2593,9 @@ cleanup_exit(int i) } -+ is_privsep_child = use_privsep && pmonitor != NULL && pmonitor->m_pid == 0; -+ if (sensitive_data.host_keys != NULL && the_active_state != NULL) -+ destroy_sensitive_data(the_active_state, is_privsep_child); -+ if (the_active_state != NULL) -+ packet_destroy_all(the_active_state, 1, is_privsep_child); #ifdef SSH_AUDIT_EVENTS /* done after do_cleanup so it can cancel the PAM auth 'thread' */ -- if (the_active_state != NULL && (!use_privsep || mm_is_monitor())) -+ if (the_active_state != NULL && -+ (the_authctxt == NULL || !the_authctxt->authenticated) && -+ (!use_privsep || mm_is_monitor())) +- if (the_active_state != NULL && mm_is_monitor()) ++ if (the_active_state != NULL && ++ (the_authctxt == NULL || !the_authctxt->authenticated) && ++ mm_is_monitor()) audit_event(the_active_state, SSH_CONNECTION_ABANDON); #endif - _exit(i); + /* Override default fatal exit value when auth was attempted */ Index: openssh-8.9p1/sshkey.c =================================================================== --- openssh-8.9p1.orig/sshkey.c +++ openssh-8.9p1/sshkey.c -@@ -400,6 +400,38 @@ sshkey_type_is_valid_ca(int type) +@@ -35,6 +35,9 @@ sshkey_type_is_valid_ca(int type) + #include + #include + #include ++# if (OPENSSL_VERSION_NUMBER >= 0x30000000L) ++# include ++# endif + #endif + + #include "crypto_api.h" +@@ -400,6 +403,53 @@ sshkey_type_is_valid_ca(int type) } int @@ -2431,23 +2277,38 @@ Index: openssh-8.9p1/sshkey.c +{ + switch (k->type) { +#ifdef WITH_OPENSSL ++# if (OPENSSL_VERSION_NUMBER >= 0x30000000L) + case KEY_RSA_CERT: -+ case KEY_RSA: { -+ const BIGNUM *d; -+ RSA_get0_key(k->rsa, NULL, NULL, &d); ++ case KEY_RSA: ++ case KEY_ECDSA_CERT: ++ case KEY_ECDSA: { ++ BIGNUM *d = NULL; ++ EVP_PKEY_get_bn_param(k->pkey, OSSL_PKEY_PARAM_PRIV_KEY, &d); + return d != NULL; + } ++# else /* OPENSSL < 3.0.0 */ ++ case KEY_RSA_CERT: ++ case KEY_RSA: { ++ const BIGNUM *d = NULL; ++ RSA *rsakey = EVP_PKEY_get0_RSA(k->pkey); ++ if (rsakey) ++ RSA_get0_key(rsakey, NULL, NULL, &d); ++ return d != NULL; ++ } ++# ifdef OPENSSL_HAS_ECC ++ case KEY_ECDSA_CERT: ++ case KEY_ECDSA: { ++ EC_KEY *eckey = EVP_PKEY_get0_EC_KEY(k->pkey); ++ return (eckey != NULL) && (EC_KEY_get0_private_key(eckey) != NULL); ++ } ++# endif /* OPENSSL_HAS_ECC */ ++# endif /* OPENSSL < 3.0.0 */ + case KEY_DSA_CERT: + case KEY_DSA: { -+ const BIGNUM *priv_key; ++ const BIGNUM *priv_key = NULL; + DSA_get0_key(k->dsa, NULL, &priv_key); + return priv_key != NULL; + } -+#ifdef OPENSSL_HAS_ECC -+ case KEY_ECDSA_CERT: -+ case KEY_ECDSA: -+ return EC_KEY_get0_private_key(k->ecdsa) != NULL; -+#endif /* OPENSSL_HAS_ECC */ +#endif /* WITH_OPENSSL */ + case KEY_ED25519_CERT: + case KEY_ED25519: @@ -2467,9 +2328,9 @@ Index: openssh-8.9p1/sshkey.h --- openssh-8.9p1.orig/sshkey.h +++ openssh-8.9p1/sshkey.h @@ -189,6 +189,7 @@ int sshkey_shield_private(struct sshke - int sshkey_unshield_private(struct sshkey *); int sshkey_type_from_name(const char *); + int sshkey_type_from_shortname(const char *); +int sshkey_is_private(const struct sshkey *); int sshkey_is_cert(const struct sshkey *); int sshkey_is_sk(const struct sshkey *); diff --git a/openssh-8.4p1-vendordir.patch b/openssh-8.4p1-vendordir.patch index 3b38457..60644db 100644 --- a/openssh-8.4p1-vendordir.patch +++ b/openssh-8.4p1-vendordir.patch @@ -123,28 +123,21 @@ Index: openssh-8.9p1/sshd.c =================================================================== --- openssh-8.9p1.orig/sshd.c +++ openssh-8.9p1/sshd.c -@@ -148,7 +148,7 @@ extern char *__progname; - ServerOptions options; - - /* Name of the server configuration file. */ --char *config_file_name = _PATH_SERVER_CONFIG_FILE; -+char *config_file_name = NULL; - - /* - * Debug mode flag. This can be set on the command line. If debug -@@ -1591,6 +1591,7 @@ prepare_proctitle(int ac, char **av) - int - main(int ac, char **av) - { -+ struct stat st; - struct ssh *ssh = NULL; +@@ -1201,7 +1201,8 @@ prepare_proctitle(int ac, char **av) extern char *optarg; extern int optind; + int log_stderr = 0, inetd_flag = 0, test_flag = 0, no_daemon_flag = 0; +- char *config_file_name = _PATH_SERVER_CONFIG_FILE; ++ char *config_file_name = NULL; ++ struct stat st; + int r, opt, do_dump_cfg = 0, keytype, already_daemon, have_agent = 0; + int sock_in = -1, sock_out = -1, newsock = -1, rexec_argc = 0; + int devnull, config_s[2] = { -1 , -1 }, have_connection_info = 0; @@ -1806,7 +1807,21 @@ main(int ac, char **av) - */ - (void)atomicio(vwrite, startup_pipe, "\0", 1); - } -+ } else if (config_file_name == NULL) { + /* Fetch our configuration */ + if ((cfg = sshbuf_new()) == NULL) + fatal("sshbuf_new config failed"); ++ if (config_file_name == NULL) { + /* If only the vendor configuration file exists, use that. + * Else use the standard configuration file. + */ @@ -157,11 +150,12 @@ Index: openssh-8.9p1/sshd.c + config_file_name = _PATH_SERVER_CONFIG_FILE; + } + load_server_config(config_file_name, cfg); - } else if (strcasecmp(config_file_name, "none") != 0) +- if (strcasecmp(config_file_name, "none") != 0) ++ } else if (strcasecmp(config_file_name, "none") != 0) + /* load config specified on commandline */ load_server_config(config_file_name, cfg); - parse_server_config(&options, rexeced_flag ? "rexec" : config_file_name, + parse_server_config(&options, config_file_name, cfg, Index: openssh-8.9p1/sshd_config.5 =================================================================== --- openssh-8.9p1.orig/sshd_config.5 diff --git a/openssh-9.6p1-crypto-policies-man.patch b/openssh-9.6p1-crypto-policies-man.patch index 5c386f0..2e6a925 100644 --- a/openssh-9.6p1-crypto-policies-man.patch +++ b/openssh-9.6p1-crypto-policies-man.patch @@ -84,13 +84,14 @@ Index: openssh-9.6p1/ssh_config.5 The list of key exchange algorithms that are offered for GSSAPI key exchange. Possible values are .Bd -literal -offset 3n -@@ -991,9 +993,8 @@ gss-nistp256-sha256-, +@@ -991,10 +993,8 @@ gss-nistp256-sha256-, gss-curve25519-sha256- .Ed .Pp -The default is --.Dq gss-gex-sha1-,gss-group14-sha1- . - This option only applies to protocol version 2 connections using GSSAPI. +-.Dq gss-group14-sha256-,gss-group16-sha512-,gss-nistp256-sha256-, +-gss-curve25519-sha256-,gss-group14-sha1-,gss-gex-sha1- . + This option only applies to connections using GSSAPI. +.Pp .It Cm HashKnownHosts Indicates that @@ -159,7 +160,7 @@ Index: openssh-9.6p1/ssh_config.5 .It Cm HostKeyAlias Specifies an alias that should be used instead of the real host name when looking up or saving the host key -@@ -1311,31 +1313,26 @@ it may be zero or more of: +@@ -1311,37 +1313,30 @@ it may be zero or more of: and .Cm pam . .It Cm KexAlgorithms @@ -169,8 +170,12 @@ Index: openssh-9.6p1/ssh_config.5 +existing policies with sub-policies are present in manual page +.Xr update-crypto-policies 8 . +.Pp - Specifies the available KEX (Key Exchange) algorithms. + Specifies the permitted KEX (Key Exchange) algorithms that will be used and + their preference order. + The selected algorithm will be the first algorithm in this list that + the server also supports. Multiple algorithms must be comma-separated. + .Pp If the specified list begins with a .Sq + -character, then the specified algorithms will be appended to the default set @@ -186,9 +191,11 @@ Index: openssh-9.6p1/ssh_config.5 .Sq ^ character, then the specified algorithms will be placed at the head of the -default set. +-.Pp -The default is: -.Bd -literal -offset indent --sntrup761x25519-sha512@openssh.com, +-sntrup761x25519-sha512,sntrup761x25519-sha512@openssh.com, +-mlkem768x25519-sha256, -curve25519-sha256,curve25519-sha256@libssh.org, -ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521, -diffie-hellman-group-exchange-sha256, @@ -199,7 +206,7 @@ Index: openssh-9.6p1/ssh_config.5 -.Ed +built-in openssh default set. .Pp - The list of available key exchange algorithms may also be obtained using + The list of supported key exchange algorithms may also be obtained using .Qq ssh -Q kex . @@ -1445,37 +1442,34 @@ function, and all code in the file. @@ -386,7 +393,7 @@ Index: openssh-9.6p1/sshd_config.5 The list of available ciphers may also be obtained using .Qq ssh -Q cipher . .It Cm ClientAliveCountMax -@@ -764,52 +760,45 @@ For this to work +@@ -764,53 +760,45 @@ For this to work .Cm GSSAPIKeyExchange needs to be enabled in the server and also used by the client. .It Cm GSSAPIKexAlgorithms @@ -415,8 +422,9 @@ Index: openssh-9.6p1/sshd_config.5 .Ed -.Pp -The default is --.Dq gss-gex-sha1-,gss-group14-sha1- . - This option only applies to protocol version 2 connections using GSSAPI. +-.Dq gss-group14-sha256-,gss-group16-sha512-,gss-nistp256-sha256-, +-gss-curve25519-sha256-,gss-group14-sha1-,gss-gex-sha1- . + This option only applies to connections using GSSAPI. .It Cm HostbasedAcceptedAlgorithms +The default is handled system-wide by +.Xr crypto-policies 7 . @@ -492,7 +500,7 @@ Index: openssh-9.6p1/sshd_config.5 The list of available signature algorithms may also be obtained using .Qq ssh -Q HostKeyAlgorithms . .It Cm IgnoreRhosts -@@ -1027,20 +1006,26 @@ file on logout. +@@ -1027,24 +1006,30 @@ file on logout. The default is .Cm yes . .It Cm KexAlgorithms @@ -502,9 +510,13 @@ Index: openssh-9.6p1/sshd_config.5 +existing policies with sub-policies are present in manual page +.Xr update-crypto-policies 8 . +.Pp - Specifies the available KEX (Key Exchange) algorithms. + Specifies the permitted KEX (Key Exchange) algorithms that the server will + offer to clients. + The ordering of this list is not important, as the client specifies the + preference order. Multiple algorithms must be comma-separated. - Alternately if the specified list begins with a + .Pp + If the specified list begins with a .Sq + -character, then the specified algorithms will be appended to the default set -instead of replacing them. @@ -520,16 +532,17 @@ Index: openssh-9.6p1/sshd_config.5 character, then the specified algorithms will be placed at the head of the -default set. +built-in openssh default set. + .Pp The supported algorithms are: .Pp - .Bl -item -compact -offset indent -@@ -1072,16 +1057,6 @@ ecdh-sha2-nistp521 +@@ -1072,17 +1057,6 @@ ecdh-sha2-nistp521 sntrup761x25519-sha512@openssh.com .El .Pp -The default is: -.Bd -literal -offset indent --sntrup761x25519-sha512@openssh.com, +-sntrup761x25519-sha512,sntrup761x25519-sha512@openssh.com, +-mlkem768x25519-sha256, -curve25519-sha256,curve25519-sha256@libssh.org, -ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521, -diffie-hellman-group-exchange-sha256, @@ -537,7 +550,7 @@ Index: openssh-9.6p1/sshd_config.5 -diffie-hellman-group14-sha256,diffie-hellman-group14-sha1 -.Ed -.Pp - The list of available key exchange algorithms may also be obtained using + The list of supported key exchange algorithms may also be obtained using .Qq ssh -Q KexAlgorithms . .It Cm ListenAddress @@ -1167,21 +1142,27 @@ function, and all code in the diff --git a/openssh-9.6p1.tar.gz b/openssh-9.6p1.tar.gz deleted file mode 100644 index d753ff2..0000000 --- a/openssh-9.6p1.tar.gz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:910211c07255a8c5ad654391b40ee59800710dd8119dd5362de09385aa7a777c -size 1857862 diff --git a/openssh-9.6p1.tar.gz.asc b/openssh-9.6p1.tar.gz.asc deleted file mode 100644 index 1b20242..0000000 --- a/openssh-9.6p1.tar.gz.asc +++ /dev/null @@ -1,16 +0,0 @@ ------BEGIN PGP SIGNATURE----- - -iQIzBAABCgAdFiEEcWi5g4FaXu9ZpK39Kj9BTnNgYLoFAmWAXvAACgkQKj9BTnNg -YLrypA/6A1O8e80XnzVWIFhXkbv/biGL10Q5ZMvjQvND6mbkphNWZ4G4QOEh0nBG -rseD3Fce7me9pfeLYVhaNXO9R3OYAXxjbWfQwI7FpBU4QUCnbH53PG32B6ESq7pl -0vlDqdqI7aBAyMpp+8WFD+EvHWUVA77JtfU4MFw7myKJacrVrDUygDaZkJKOhqKf -N1Nurz4YppdQ5zIK1ElL0jlRJXm08flLFRg8fD5/5rwabpUbZIY9b5qZzGKgnR7I -sxUBlDkfLnvKIlKzUXbRvOHazvFAHYH1ltJZGlJUc/+H/ZaPigWf4IR+E1FB9c2O -zxaZhlbwGKyD+p7l08F9n8T21taxpBCW1Uxkx7MLTz8k9huPNpdX5l8VM4Gotmn8 -I4V3Fevyx+M3XJYeKtkspa51h0GqF3gNFPLxW7ERGaIuqwoxuHxIEKwYE+JPmQag -UDma5LDrSrasa8Rw8g5urGE48PeDQ5muPy8Bi9eIGZU5JLqX6TNgz7QDDs/dQsHB -iny4wQOLmdIA78IGttiCo0rqikEvFtFDFR4mCUTC8K0nQKzWwGewO3gRTcHttzyU -xMalxw+wt9cUJ8gb1E9p7OeMUuXdaHMmem8/PcFCar/vKx1mdV/On6evnp3P8yQA -la8WnbcP0+zJg0GGwGszpFlOMjWCDB0kUTBCT+MR+IWbj/pVZVA= -=G9YA ------END PGP SIGNATURE----- diff --git a/openssh-9.9p1.tar.gz b/openssh-9.9p1.tar.gz new file mode 100644 index 0000000..0f3a5a1 --- /dev/null +++ b/openssh-9.9p1.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:b343fbcdbff87f15b1986e6e15d6d4fc9a7d36066be6b7fb507087ba8f966c02 +size 1964864 diff --git a/openssh-9.9p1.tar.gz.asc b/openssh-9.9p1.tar.gz.asc new file mode 100644 index 0000000..a5b34f0 --- /dev/null +++ b/openssh-9.9p1.tar.gz.asc @@ -0,0 +1,16 @@ +-----BEGIN PGP SIGNATURE----- + +iQIzBAABCgAdFiEEcWi5g4FaXu9ZpK39Kj9BTnNgYLoFAmbspccACgkQKj9BTnNg +YLppxRAAv7eU/Xd2w9MX9vWQdhugiPByEcKg7KuKXUUs9xJGy+HbLqPqUCvn1UW6 +qodKoSAdeBuSB7AjzuIQ1lTVX7C67OmZaVPRq25ar5b+Wq4SSlv23KMRq0b4EVyw +pOW6R9tsxqYBwYaiXQ50APcYL8SpepnGU+b/iR15f7q3SU2XMVVtkVb149UdLOqK +smfurbDGwUKFb2Q009MUfEV/d9zq31tdSjphvkqAXCcmxc8siuOYWYcByuysie+m +NpaOpee0047L5JIxNSLsa2yZrJZhClP8LbTCH1Vfwr7l0KE5nvL2qAtPKI2XxGQC +3jXrDLzp10RFxV8sCym+QlY9pZyzGj9d3G7vCHtxWGQ1Y0Qt+xs18OeBpjiehRhl +WM3Y+cjoN35jBaGhOoHdh3ePZQdTUyZ16aSv0h/cUHOohiM7i/4XW+dQtkqsJsw4 +a81O0E64WrL8ho3Ju9mwcVZ9A0aEaftJsmJPDB+qYBjF/i7xcnH32LginzP5pel7 +/W0aS2C1ZNo3QKHezI6IA9MyENMZiAMy2ybvfmN0HgLBaBY1plJ8a5GvMwJc+Qwh +iCHLCQ6Qgf/1hh+F6liTXnhtedtFHneJdyqvd7XOoardDEipZjxcnGa4HthbDFU+ +8XdHKnWWhn4BLA+y7KB3ZGURniQK+qibwkF6J63CuMU+LmG+bvQ= +=Ukrb +-----END PGP SIGNATURE----- diff --git a/openssh-askpass-gnome.changes b/openssh-askpass-gnome.changes index edbc3d4..219c422 100644 --- a/openssh-askpass-gnome.changes +++ b/openssh-askpass-gnome.changes @@ -1,3 +1,17 @@ +------------------------------------------------------------------- +Mon Sep 23 06:16:59 UTC 2024 - Antonio Larrosa + +- Update to openssh 9.9p1: + * No changes for askpass, see main package changelog for + details. + +------------------------------------------------------------------- +Thu Aug 1 09:17:11 UTC 2024 - Antonio Larrosa + +- Update to openssh 9.8p1: + * No changes for askpass, see main package changelog for + details. + ------------------------------------------------------------------- Sun Feb 25 18:26:23 UTC 2024 - Hans Petter Jansson diff --git a/openssh-askpass-gnome.spec b/openssh-askpass-gnome.spec index bf91659..32cd998 100644 --- a/openssh-askpass-gnome.spec +++ b/openssh-askpass-gnome.spec @@ -1,7 +1,7 @@ # # spec file for package openssh-askpass-gnome # -# Copyright (c) 2020 SUSE LLC +# Copyright (c) 2024 SUSE LLC # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -18,7 +18,7 @@ %define _name openssh Name: openssh-askpass-gnome -Version: 9.6p1 +Version: 9.9p1 Release: 0 Summary: A GNOME-Based Passphrase Dialog for OpenSSH License: BSD-2-Clause diff --git a/openssh-mitigate-lingering-secrets.patch b/openssh-mitigate-lingering-secrets.patch index 9422abd..5d57bf5 100644 --- a/openssh-mitigate-lingering-secrets.patch +++ b/openssh-mitigate-lingering-secrets.patch @@ -207,9 +207,9 @@ Index: openssh-9.3p2/packet.h --- openssh-9.3p2.orig/packet.h +++ openssh-9.3p2/packet.h @@ -103,6 +103,7 @@ void ssh_packet_close(struct ssh *); + void ssh_packet_close(struct ssh *); void ssh_packet_set_input_hook(struct ssh *, ssh_packet_hook_fn *, void *); void ssh_packet_clear_keys(struct ssh *); - void ssh_packet_clear_keys_noaudit(struct ssh *); +void ssh_clear_curkeys(struct ssh *, int); void ssh_clear_newkeys(struct ssh *, int); @@ -264,12 +264,12 @@ Index: openssh-9.3p2/sshbuf.h /* Macros for decoding/encoding integers */ #define PEEK_U64(p) \ (((u_int64_t)(((const u_char *)(p))[0]) << 56) | \ -Index: openssh-9.3p2/sshd.c +Index: openssh-9.3p2/sshd-session.c =================================================================== ---- openssh-9.3p2.orig/sshd.c -+++ openssh-9.3p2/sshd.c -@@ -272,6 +272,19 @@ static void do_ssh2_kex(struct ssh *); - static char *listener_proctitle; +--- openssh-9.3p2.orig/sshd-session.c ++++ openssh-9.3p2/sshd-session.c +@@ -197,6 +197,19 @@ static void do_ssh2_kex(struct ssh *); + static void do_ssh2_kex(struct ssh *); /* + * Clear some stack space. This is a bit naive, but hopefully helps mitigate @@ -285,10 +285,10 @@ Index: openssh-9.3p2/sshd.c +} + +/* - * Close all listening sockets - */ - static void -@@ -430,6 +443,8 @@ destroy_sensitive_data(struct ssh *ssh, + * Signal handler for the alarm after the login grace period has expired. + * As usual, this may only take signal-safe actions, even though it is + * terminal. +@@ -260,6 +260,8 @@ destroy_sensitive_data(struct ssh *ssh, sensitive_data.host_certificates[i] = NULL; } } @@ -297,32 +297,32 @@ Index: openssh-9.3p2/sshd.c } /* Demote private to public keys for network child */ -@@ -600,6 +615,8 @@ privsep_preauth(struct ssh *ssh) - static void - privsep_postauth(struct ssh *ssh, Authctxt *authctxt) +@@ -431,6 +432,8 @@ privsep_preauth(struct ssh *ssh) { + int skip_privdrop = 0; + + clobber_stack(); + - #ifdef DISABLE_FD_PASSING - if (1) { - #else -@@ -2360,6 +2377,7 @@ main(int ac, char **av) - if (use_privsep) { - mm_send_keystate(ssh, pmonitor); - ssh_packet_clear_keys(ssh); -+ clobber_stack(); - exit(0); - } + /* + * Hack for systems that don't support FD passing: retain privileges + * in the post-auth privsep process so it can allocate PTYs directly. +@@ -1354,6 +1356,7 @@ main(int ac, char **av) + */ + mm_send_keystate(ssh, pmonitor); + ssh_packet_clear_keys(ssh); ++ clobber_stack(); + exit(0); -@@ -2436,6 +2454,7 @@ main(int ac, char **av) - if (use_privsep) - mm_terminate(); + authenticated: +@@ -1431,6 +1434,7 @@ main(int ac, char **av) + + mm_terminate(); + clobber_stack(); exit(0); } -@@ -2596,8 +2615,10 @@ cleanup_exit(int i) +@@ -1577,8 +1581,10 @@ cleanup_exit(int i) /* cleanup_exit can be called at the very least from the privsep wrappers used for auditing. Make sure we don't recurse indefinitely. */ @@ -332,13 +332,14 @@ Index: openssh-9.3p2/sshd.c _exit(i); + } in_cleanup = 1; - if (the_active_state != NULL && the_authctxt != NULL) { - do_cleanup(the_active_state, the_authctxt); -@@ -2623,5 +2644,7 @@ cleanup_exit(int i) - (!use_privsep || mm_is_monitor())) + extern int auth_attempted; /* monitor.c */ + +@@ -1604,6 +1610,8 @@ cleanup_exit(int i) + mm_is_monitor()) audit_event(the_active_state, SSH_CONNECTION_ABANDON); #endif + + clobber_stack(); - _exit(i); - } + /* Override default fatal exit value when auth was attempted */ + if (i == 255 && auth_attempted) + _exit(EXIT_AUTH_ATTEMPTED); diff --git a/openssh-reenable-dh-group14-sha1-default.patch b/openssh-reenable-dh-group14-sha1-default.patch index 8a2293a..ac01baa 100644 --- a/openssh-reenable-dh-group14-sha1-default.patch +++ b/openssh-reenable-dh-group14-sha1-default.patch @@ -25,7 +25,7 @@ Index: openssh-8.9p1/ssh_config.5 +diffie-hellman-group14-sha1 .Ed .Pp - The list of available key exchange algorithms may also be obtained using + The list of supported key exchange algorithms may also be obtained using Index: openssh-8.9p1/sshd_config.5 =================================================================== --- openssh-8.9p1.orig/sshd_config.5 @@ -38,4 +38,4 @@ Index: openssh-8.9p1/sshd_config.5 +diffie-hellman-group14-sha256,diffie-hellman-group14-sha1 .Ed .Pp - The list of available key exchange algorithms may also be obtained using + The list of supported key exchange algorithms may also be obtained using diff --git a/openssh.changes b/openssh.changes index db6ea98..d47964e 100644 --- a/openssh.changes +++ b/openssh.changes @@ -1,3 +1,515 @@ +------------------------------------------------------------------- +Mon Oct 28 11:18:04 UTC 2024 - Antonio Larrosa + +- Don't force using gcc11 on SLFO/ALP which have a newer version. + +------------------------------------------------------------------- +Mon Oct 28 10:29:33 UTC 2024 - Antonio Larrosa + +- Add patches from upstream: + - To fix a copy&paste oversight in an ifdef : + * 0001-fix-utmpx-ifdef.patch + - To fix a regression introduced when the "Match" criteria + tokenizer was modified since it stopped supporting the + "Match criteria=argument" format: + * 0002-upstream-fix-regression-introduced-when-I-switched-the-Match.patch + - To fix the previous patch which broke on negated Matches: + * 0003-upstream-fix-previous-change-to-ssh_config-Match_-which-broken-on.patch + - To fix the ML-KEM768x25519 kex algorithm on big-endian systems: + * 0004-upstream-fix-ML-KEM768x25519-KEX-on-big-endian-systems-spotted-by.patch + +------------------------------------------------------------------- +Mon Oct 14 15:06:19 UTC 2024 - Antonio Larrosa + +- Use %{with ...} instead of 0%{with ...} + +------------------------------------------------------------------- +Fri Oct 11 09:28:30 UTC 2024 - Antonio Larrosa + +- Add a patch to fix a regression introduced in 9.6 that makes X11 + forwarding very slow. Submitted to upstream in + https://bugzilla.mindrot.org/show_bug.cgi?id=3655#c4 . Fixes + bsc#1229449: + * fix-x11-regression-bsc1229449.patch +- Remove empty line at the end of sshd-sle.pamd (bsc#1227456) + +------------------------------------------------------------------- +Wed Sep 25 10:45:17 UTC 2024 - Antonio Larrosa + +- Add a const to the openssl 1.1/RSA section of sshkey_is_private + to keep it similar to what it used before the 9.9 rebase: + * openssh-8.1p1-audit.patch +- Add a openssl11 bcond to the spec file for the SLE12 case + instead of checking suse_version in different parts. +- Move conditional patches to a number >= 1000. + +------------------------------------------------------------------- +Mon Sep 23 06:16:59 UTC 2024 - Antonio Larrosa + +- Update to openssh 9.9p1: + = Future deprecation notice + * OpenSSH plans to remove support for the DSA signature algorithm + in early 2025. This release disables DSA by default at compile + time. DSA, as specified in the SSHv2 protocol, is inherently + weak - being limited to a 160 bit private key and use of the + SHA1 digest. Its estimated security level is only 80 bits + symmetric equivalent. + OpenSSH has disabled DSA keys by default since 2015 but has + retained run-time optional support for them. DSA was the only + mandatory-to-implement algorithm in the SSHv2 RFCs, mostly + because alternative algorithms were encumbered by patents when + the SSHv2 protocol was specified. + This has not been the case for decades at this point and better + algorithms are well supported by all actively-maintained SSH + implementations. We do not consider the costs of maintaining + DSA in OpenSSH to be justified and hope that removing it from + OpenSSH can accelerate its wider deprecation in supporting + cryptography libraries. + + = Potentially-incompatible changes + * ssh(1): remove support for pre-authentication compression. + OpenSSH has only supported post-authentication compression in + the server for some years. Compression before authentication + significantly increases the attack surface of SSH servers and + risks creating oracles that reveal information about + information sent during authentication. + * ssh(1), sshd(8): processing of the arguments to the "Match" + configuration directive now follows more shell-like rules for + quoted strings, including allowing nested quotes and \-escaped + characters. If configurations contained workarounds for the + previous simplistic quote handling then they may need to be + adjusted. If this is the case, it's most likely to be in the + arguments to a "Match exec" confition. In this case, moving the + command to be evaluated from the Match line to an external + shell script is easiest way to preserve compatibility with both + the old and new versions. + + = New features + * ssh(1), sshd(8): add support for a new hybrid post-quantum key + exchange based on the FIPS 203 Module-Lattice Key Enapsulation + mechanism (ML-KEM) combined with X25519 ECDH as described by + https://datatracker.ietf.org/doc/html/draft-kampanakis-curdle-ssh-pq-ke-03 + This algorithm "mlkem768x25519-sha256" is available by default. + * ssh(1): the ssh_config "Include" directive can now expand + environment as well as the same set of %-tokens "Match Exec" + supports. + * sshd(8): add a sshd_config "RefuseConnection" option that, if + set will terminate the connection at the first authentication + request. + * sshd(8): add a "refuseconnection" penalty class to sshd_config + PerSourcePenalties that is applied when a connection is dropped + by the new RefuseConnection keyword. + * sshd(8): add a "Match invalid-user" predicate to sshd_config + Match options that matches when the target username is not + valid on the server. + * ssh(1), sshd(8): update the Streamlined NTRUPrime code to a + substantially faster implementation. + * ssh(1), sshd(8): the hybrid Streamlined NTRUPrime/X25519 key + exchange algorithm now has an IANA-assigned name in addition to + the "@openssh.com" vendor extension name. This algorithm is now + also available under this name "sntrup761x25519-sha512" + * ssh(1), sshd(8), ssh-agent(1): prevent private keys from being + included in core dump files for most of their lifespans. This + is in addition to pre-existing controls in ssh-agent(1) and + sshd(8) that prevented coredumps. This feature is supported on + OpenBSD, Linux and FreeBSD. + * All: convert key handling to use the libcrypto EVP_PKEY API, + with the exception of DSA. + * sshd(8): add a random amount of jitter (up to 4 seconds) to the + grace login time to make its expiry unpredictable. + + = Bugfixes + * sshd(8): relax absolute path requirement back to what it was + prior to OpenSSH 9.8, which incorrectly required that sshd was + started with an absolute path in inetd mode. bz3717 + * sshd(8): fix regression introduced in openssh-9.8 that swapped + the order of source and destination addresses in some sshd log + messages. + * sshd(8): do not apply authorized_keys options when signature + verification fails. Prevents more restrictive key options being + incorrectly applied to subsequent keys in authorized_keys. + bz3733 + * ssh-keygen(1): include pathname in some of ssh-keygen's + passphrase prompts. Helps the user know what's going on when + ssh-keygen is invoked via other tools. Requested in GHPR503 + * ssh(1), ssh-add(1): make parsing user@host consistently look + for the last '@' in the string rather than the first. This + makes it possible to more consistently use usernames that + contain '@' characters. + * ssh(1), sshd(8): be more strict in parsing key type names. Only + allow short names (e.g "rsa") in user-interface code and + require full SSH protocol names (e.g. "ssh-rsa") everywhere + else. bz3725 + * regress: many performance and correctness improvements to the + re-keying regression test. + * ssh-keygen(1): clarify that ed25519 is the default key type + generated and clarify that rsa-sha2-512 is the default + signature scheme when RSA is in use. GHPR505 + * sshd(8): fix minor memory leak in Subsystem option parsing; + GHPR515 + * All: additional hardening and consistency checks for the sshbuf + code. + * sshd(8): reduce default logingrace penalty to ensure that a + single forgotton login that times out will be below the penalty + threshold. + * ssh(1): fix proxy multiplexing (-O proxy) bug. If a mux started + with ControlPersist then later has a forwarding added using mux + proxy connection and the forwarding was used, then when the mux + proxy session terminated, the mux master process would issue a + bad message that terminated the connection. + + = Portability + * sync contrib/ssh-copy-id to the latest upstream version. + * regress: improve portablility for some awk(1) usage + (e.g. Solaris) + * In the contrib/redhat RPM spec file, without_openssl was + previously incorrectly enabled unconditionally. + * sshd(8) restore audit call before exit that regressed in + openssh-9.8. Fixes an issue where the SSH_CONNECTION_ABANDON + event was not recorded. + * sshd(8): add support for class-imposed loging restrictions on + FreeBSD. Allowing auth_hostok(3) and auth_timeok(3) to control + logins. + * Build fixes for Musl libc. + * Fix detection of setres*id on GNU/Hurd + +- Drop patches that were already merged by upstream: + * fix-memleak-in-process_server_config_line_depth.patch + * fix-audit-fail-attempt.patch +- Rebase patch with significant changes: + * openssh-8.1p1-audit.patch +- Rebase patches with context or trivial changes: + * openssh-7.7p1-fips.patch + * openssh-8.0p1-gssapi-keyex.patch + * openssh-9.6p1-crypto-policies-man.patch + * openssh-mitigate-lingering-secrets.patch +- Several spec file fixes so the package builds and can be + installed in SLE 15 SP5 and SLE 12 SP5 +- Use gcc11 when building in SLE12 and SLE15. + +------------------------------------------------------------------- +Thu Sep 12 07:43:18 UTC 2024 - Antonio Larrosa + +- Drop most of openssh-6.6p1-keycat.patch (actually, it was just + commented out). The keycat binary isn't really installed nor + supported, so we can drop it, except for the code that is used + by other SELinux patches, which is what I kept from that patch + (boo#1229072). +- Add patch submitted to upstream to fix RFC4256 implementation + so that keyboard-interactive authentication method can send + instructions and sshd shows them to users even before a prompt + is requested. This fixes MFA push notifications (boo#1229010). + * 0001-auth-pam-Immediately-report-instructions-to-clients-and-fix-handling-in-ssh-client.patch + +------------------------------------------------------------------- +Fri Aug 23 12:10:00 UTC 2024 - Antonio Larrosa + +- Add patch to fix sshd not logging in the audit failed login + attempts (submitted to upstream in + https://github.com/openssh/openssh-portable/pull/516): + * fix-audit-fail-attempt.patch +- Use --enable-dsa-keys when building openssh. It's required if + the user sets the crypto-policy mode to LEGACY, where DSA keys + should be allowed. The option was added by upstream in 9.7 and + set to disabled by default. +- These two changes fix 2 of the 3 issues reported in bsc#1229650. + +------------------------------------------------------------------- +Mon Aug 12 08:55:38 UTC 2024 - Antonio Larrosa + +- Fix a dbus connection leaked in the logind patch that was + missing a sd_bus_unref call (found by Matthias Gerstner): + * logind_set_tty.patch +- Add a patch that fixes a small memory leak when parsing the + subsystem configuration option: + * fix-memleak-in-process_server_config_line_depth.patch + +------------------------------------------------------------------- +Thu Aug 1 09:17:11 UTC 2024 - Antonio Larrosa + +- Update to openssh 9.8p1: + = Security + * 1) Race condition in sshd(8) (bsc#1226642, CVE-2024-6387). + A critical vulnerability in sshd(8) was present in Portable + OpenSSH versions between 8.5p1 and 9.7p1 (inclusive) that may + allow arbitrary code execution with root privileges. + Successful exploitation has been demonstrated on 32-bit + Linux/glibc systems with ASLR. Under lab conditions, the attack + requires on average 6-8 hours of continuous connections up to + the maximum the server will accept. Exploitation on 64-bit + systems is believed to be possible but has not been + demonstrated at this time. It's likely that these attacks will + be improved upon. + Exploitation on non-glibc systems is conceivable but has not + been examined. Systems that lack ASLR or users of downstream + Linux distributions that have modified OpenSSH to disable + per-connection ASLR re-randomisation (yes - this is a thing, no + - we don't understand why) may potentially have an easier path + to exploitation. OpenBSD is not vulnerable. + We thank the Qualys Security Advisory Team for discovering, + reporting and demonstrating exploitability of this problem, and + for providing detailed feedback on additional mitigation + measures. + * 2) Logic error in ssh(1) ObscureKeystrokeTiming (bsc#1227318, + CVE-2024-39894). + In OpenSSH version 9.5 through 9.7 (inclusive), when connected + to an OpenSSH server version 9.5 or later, a logic error in the + ssh(1) ObscureKeystrokeTiming feature (on by default) rendered + this feature ineffective - a passive observer could still + detect which network packets contained real keystrokes when the + countermeasure was active because both fake and real keystroke + packets were being sent unconditionally. + This bug was found by Philippos Giavridis and also + independently by Jacky Wei En Kung, Daniel Hugenroth and + Alastair Beresford of the University of Cambridge Computer Lab. + Worse, the unconditional sending of both fake and real + keystroke packets broke another long-standing timing attack + mitigation. Since OpenSSH 2.9.9 sshd(8) has sent fake keystoke + echo packets for traffic received on TTYs in echo-off mode, + such as when entering a password into su(8) or sudo(8). This + bug rendered these fake keystroke echoes ineffective and could + allow a passive observer of a SSH session to once again detect + when echo was off and obtain fairly limited timing information + about keystrokes in this situation (20ms granularity by + default). + This additional implication of the bug was identified by + Jacky Wei En Kung, Daniel Hugenroth and Alastair Beresford and + we thank them for their detailed analysis. + This bug does not affect connections when + ObscureKeystrokeTiming was disabled or sessions where no TTY + was requested. + + = Future deprecation notice + * OpenSSH plans to remove support for the DSA signature algorithm + in early 2025. This release disables DSA by default at compile + time. + DSA, as specified in the SSHv2 protocol, is inherently weak - + being limited to a 160 bit private key and use of the SHA1 + digest. Its estimated security level is only 80 bits symmetric + equivalent. + OpenSSH has disabled DSA keys by default since 2015 but has + retained run-time optional support for them. DSA was the only + mandatory-to-implement algorithm in the SSHv2 RFCs, mostly + because alternative algorithms were encumbered by patents when + the SSHv2 protocol was specified. + This has not been the case for decades at this point and better + algorithms are well supported by all actively-maintained SSH + implementations. We do not consider the costs of maintaining + DSA in OpenSSH to be justified and hope that removing it from + OpenSSH can accelerate its wider deprecation in supporting + cryptography libraries. + This release, and its deactivation of DSA by default at + compile-time, marks the second step in our timeline to finally + deprecate DSA. The final step of removing DSA support entirely + is planned for the first OpenSSH release of 2025. + DSA support may be re-enabled in OpenBSD by setting + "DSAKEY=yes" in Makefile.inc. To enable DSA support in + portable OpenSSH, pass the "--enable-dsa-keys" option to + configure. + + = Potentially-incompatible changes + * all: as mentioned above, the DSA signature algorithm is now + disabled at compile time. + * sshd(8): the server will now block client addresses that + repeatedly fail authentication, repeatedly connect without ever + completing authentication or that crash the server. See the + discussion of PerSourcePenalties below for more information. + Operators of servers that accept connections from many users, + or servers that accept connections from addresses behind NAT or + proxies may need to consider these settings. + * sshd(8): the server has been split into a listener binary, + sshd(8), and a per-session binary "sshd-session". This allows + for a much smaller listener binary, as it no longer needs to + support the SSH protocol. As part of this work, support for + disabling privilege separation (which previously required code + changes to disable) and disabling re-execution of sshd(8) has + been removed. Further separation of sshd-session into + additional, minimal binaries is planned for the future. + * sshd(8): several log messages have changed. In particular, some + log messages will be tagged with as originating from a process + named "sshd-session" rather than "sshd". + * ssh-keyscan(1): this tool previously emitted comment lines + containing the hostname and SSH protocol banner to standard + error. This release now emits them to standard output, but adds + a new "-q" flag to silence them altogether. + * sshd(8): (portable OpenSSH only) sshd will no longer use + argv[0] as the PAM service name. A new "PAMServiceName" + sshd_config(5) directive allows selecting the service name at + runtime. This defaults to "sshd". bz2101 + * (portable OpenSSH only) Automatically-generated files, such as + configure, config.h.in, etc will now be checked in to the + portable OpenSSH git release branch (e.g. V_9_8). This should + ensure that the contents of the signed release branch exactly + match the contents of the signed release tarball. + + = New features + * sshd(8): as described above, sshd(8) will now penalise client + addresses that, for various reasons, do not successfully + complete authentication. This feature is controlled by a new + sshd_config(5) PerSourcePenalties option and is on by default. + sshd(8) will now identify situations where the session did not + authenticate as expected. These conditions include when the + client repeatedly attempted authentication unsucessfully + (possibly indicating an attack against one or more accounts, + e.g. password guessing), or when client behaviour caused sshd + to crash (possibly indicating attempts to exploit bugs in + sshd). + When such a condition is observed, sshd will record a penalty + of some duration (e.g. 30 seconds) against the client's + address. If this time is above a minimum configurable + threshold, then all connections from the client address will be + refused (along with any others in the same + PerSourceNetBlockSize CIDR range) until the penalty expire. + Repeated offenses by the same client address will accrue + greater penalties, up to a configurable maximum. Address ranges + may be fully exempted from penalties, e.g. to guarantee access + from a set of trusted management addresses, using the new + sshd_config(5) PerSourcePenaltyExemptList option. + We hope these options will make it significantly more difficult + for attackers to find accounts with weak/guessable passwords or + exploit bugs in sshd(8) itself. This option is enabled by + default. + * ssh(8): allow the HostkeyAlgorithms directive to disable the + implicit fallback from certificate host key to plain host keys. + + = Bugfixes + * misc: fix a number of inaccuracies in the PROTOCOL.* + documentation files. GHPR430 GHPR487 + * all: switch to strtonum(3) for more robust integer parsing in + most places. + * ssh(1), sshd(8): correctly restore sigprocmask around ppoll() + * ssh-keysign(8): stricter validation of messaging socket fd + GHPR492 + * sftp(1): flush stdout after writing "sftp>" prompt when not + using editline. GHPR480 + * sftp-server(8): fix home-directory extension implementation, + it previously always returned the current user's home directory + contrary to the spec. GHPR477 + * ssh-keyscan(1): do not close stdin to prevent error messages + when stdin is read multiple times. E.g. + echo localhost | ssh-keyscan -f - -f - + * regression tests: fix rekey test that was testing the same KEX + algorithm repeatedly instead of testing all of them. bz3692 + * ssh_config(5), sshd_config(5): clarify the KEXAlgorithms + directive documentation, especially around what is supported + vs available. bz3701. + + = Portability + * sshd(8): expose SSH_AUTH_INFO_0 always to PAM auth modules + unconditionally. The previous behaviour was to expose it only + when particular authentication methods were in use. + * build: fix OpenSSL ED25519 support detection. An incorrect + function signature in configure.ac previously prevented + enabling the recently added support for ED25519 private keys in + PEM PKCS8 format. + * ssh(1), ssh-agent(8): allow the presence of the WAYLAND_DISPLAY + environment variable to enable SSH_ASKPASS, similarly to the + X11 DISPLAY environment variable. GHPR479 + * build: improve detection of the -fzero-call-used-regs compiler + flag. bz3673. + * build: relax OpenSSL version check to accept all OpenSSL 3.x + versions. + * sshd(8): add support for notifying systemd on server listen and + reload, using a standalone implementation that doesn't depend + on libsystemd. bz2641 + +- Update to openssh 9.7p1: + + = New features + * ssh(1), sshd(8): add a "global" ChannelTimeout type that + watches all open channels and will close all open channels if + there is no traffic on any of them for the specified interval. + This is in addition to the existing per-channel timeouts added + recently. + This supports situations like having both session and x11 + forwarding channels open where one may be idle for an extended + period but the other is actively used. The global timeout could + close both channels when both have been idle for too long. + * All: make DSA key support compile-time optional, defaulting to + on. + + = Bugfixes + * sshd(8): don't append an unnecessary space to the end of + subsystem arguments (bz3667) + * ssh(1): fix the multiplexing "channel proxy" mode, broken when + keystroke timing obfuscation was added. (GHPR#463) + * ssh(1), sshd(8): fix spurious configuration parsing errors when + options that accept array arguments are overridden (bz3657). + * ssh-agent(1): fix potential spin in signal handler (bz3670) + * Many fixes to manual pages and other documentation, including + GHPR#462, GHPR#454, GHPR#442 and GHPR#441. + * Greatly improve interop testing against PuTTY. + + = Portability + * Improve the error message when the autoconf OpenSSL header + check fails (bz#3668) + * Improve detection of broken toolchain -fzero-call-used-regs + support (bz3645). + * Fix regress/misc/fuzz-harness fuzzers and make them compile + without warnings when using clang16 +- Use gcc-11 in SLE to avoid a "parameter name omitted" error +- Rebase patches: + * logind_set_tty.patch + * openssh-6.6.1p1-selinux-contexts.patch + * openssh-6.6p1-keycat.patch + * openssh-6.6p1-privsep-selinux.patch + * openssh-7.6p1-cleanup-selinux.patch + * openssh-7.7p1-cavstest-ctr.patch + * openssh-7.7p1-cavstest-kdf.patch + * openssh-7.7p1-fips.patch + * openssh-7.7p1-fips_checks.patch + * openssh-7.7p1-ldap.patch + * openssh-7.7p1-pam_check_locks.patch + * openssh-7.7p1-systemd-notify.patch + * openssh-7.8p1-role-mls.patch + * openssh-8.0p1-gssapi-keyex.patch + * openssh-8.1p1-audit.patch + * openssh-8.4p1-vendordir.patch + * openssh-9.6p1-crypto-policies-man.patch + * openssh-mitigate-lingering-secrets.patch + * openssh-reenable-dh-group14-sha1-default.patch + * wtmpdb.patch +- Thanks to Fedora developers for an initial version of the + rebase of the following patches: + * openssh-8.0p1-gssapi-keyex.patch + * openssh-7.8p1-role-mls.patch + * openssh-8.1p1-audit.patch +- Remove patches that are already included in 9.8p1: + * fix-CVE-2024-6387.patch + * 0001-upstream-fix-proxy-multiplexing-mode_-broken-when-keystroke.patch + * 0001-upstream-correctly-restore-sigprocmask-around-ppoll.patch + * 0001-upstream-when-sending-ObscureKeystrokeTiming-chaff-packets_.patch +- Remove patch that is now merged into + openssh-7.7p1-cavstest-ctr.patch and + openssh-7.7p1-cavstest-kdf.patch where it belongs: + * fix-missing-lz.patch + +------------------------------------------------------------------- +Mon Jul 15 17:49:06 UTC 2024 - Antonio Larrosa + +- Add sshd.socket and sshd@.service units as alternative to the + sshd.service that makes systemd listen to the ssh port + and run sshd per incoming connection. To enable this, + disable sshd.service and enable sshd.socket . If you want to + use a non standard sshd port with sshd.socket you can do + "systemctl edit sshd.socket" and add something like: + + [Socket] + ListenStream=8022 + + which listens on port 8022 as well as on port 22. If you want + to reset the list of listened ports and just use 8022, use: + + [Socket] + ListenStream= + ListenStream=8022 +- To enable a vsock listener in sshd (which allows to connect to + libvirt VMs), the systemd-experimental package needs to be + installed in the guest system, the libvirt-ssh-proxy package + needs to be installed in the host and the vm needs to have + vsock support (in virt-manager, click in "Add hardware" and + add "VSOCK VirtIO"). + ------------------------------------------------------------------- Fri Jul 5 17:49:06 UTC 2024 - Antonio Larrosa diff --git a/openssh.spec b/openssh.spec index e1f899b..8b89726 100644 --- a/openssh.spec +++ b/openssh.spec @@ -1,7 +1,7 @@ # # spec file for package openssh # -# Copyright (c) 2020 SUSE LLC +# Copyright (c) 2024 SUSE LLC # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -34,12 +34,24 @@ %bcond_without allow_root_password_login_by_default %endif +%if 0%{?suse_version} >= 1550 || 0%{?sle_version} >= 150600 +%bcond_without crypto_policies +%else +%bcond_with crypto_policies +%endif + +%if 0%{?suse_version} < 1500 +%bcond_without openssl11 +%else +%bcond_with openssl11 +%endif + #Compat macro for new _fillupdir macro introduced in Nov 2017 %if ! %{defined _fillupdir} %define _fillupdir %{_localstatedir}/adm/fillup-templates %endif Name: openssh -Version: 9.6p1 +Version: 9.9p1 Release: 0 Summary: Secure Shell Client and Server (Remote Login Program) License: BSD-2-Clause AND MIT @@ -61,6 +73,8 @@ Source12: cavs_driver-ssh.pl Source13: https://ftp.openbsd.org/pub/OpenBSD/OpenSSH/RELEASE_KEY.asc#/openssh.keyring Source14: sysusers-sshd.conf Source15: sshd-sle.pamd +Source16: sshd@.service +Source17: sshd.socket Patch1: openssh-7.7p1-X11_trusted_forwarding.patch Patch3: openssh-7.7p1-enable_PAM_by_default.patch Patch4: openssh-7.7p1-eal3.patch @@ -119,35 +133,53 @@ Patch50: openssh-openssl-3.patch Patch51: wtmpdb.patch Patch52: logind_set_tty.patch Patch54: openssh-mitigate-lingering-secrets.patch -Patch100: fix-missing-lz.patch Patch102: openssh-7.8p1-role-mls.patch Patch103: openssh-6.6p1-privsep-selinux.patch Patch104: openssh-6.6p1-keycat.patch Patch105: openssh-6.6.1p1-selinux-contexts.patch Patch106: openssh-7.6p1-cleanup-selinux.patch + +# 200 - 300 -- Patches submitted to upstream +# PATCH-FIX-UPSTREAM -- https://github.com/openssh/openssh-portable/pull/452 boo#1229010 +Patch200: 0001-auth-pam-Immediately-report-instructions-to-clients-and-fix-handling-in-ssh-client.patch +# PATCH-FIX-UPSTREAM -- https://bugzilla.mindrot.org/show_bug.cgi?id=3655#c4 +Patch201: fix-x11-regression-bsc1229449.patch +# PATCH-FIX-UPSTREAM -- From the V_9_9 branch +Patch202: 0001-fix-utmpx-ifdef.patch +# PATCH-FIX-UPSTREAM -- From the V_9_9 branch +Patch203: 0002-upstream-fix-regression-introduced-when-I-switched-the-Match.patch +# PATCH-FIX-UPSTREAM -- From the V_9_9 branch +Patch204: 0003-upstream-fix-previous-change-to-ssh_config-Match_-which-broken-on.patch +# PATCH-FIX-UPSTREAM -- From the V_9_9 branch +Patch205: 0004-upstream-fix-ML-KEM768x25519-KEX-on-big-endian-systems-spotted-by.patch + +# 1000 - 2000 -- Conditional patches +%if %{with crypto_policies} # PATCH-FIX-OPENSUSE bsc#1211301 Add crypto-policies support -Patch107: openssh-9.6p1-crypto-policies.patch -Patch108: openssh-9.6p1-crypto-policies-man.patch -# PATCH-FIX-UPSTREAM bsc#1226642 fix CVE-2024-6387 -Patch109: fix-CVE-2024-6387.patch -# PATCH-FIX-UPSTREAM -Patch110: 0001-upstream-fix-proxy-multiplexing-mode_-broken-when-keystroke.patch -# PATCH-FIX-UPSTREAM -Patch111: 0001-upstream-correctly-restore-sigprocmask-around-ppoll.patch -# PATCH-FIX-UPSTREAM bsc#1227318 CVE-2024-39894 -Patch112: 0001-upstream-when-sending-ObscureKeystrokeTiming-chaff-packets_.patch -%if 0%{with allow_root_password_login_by_default} -Patch1000: openssh-7.7p1-allow_root_password_login.patch +Patch1000: openssh-9.6p1-crypto-policies.patch +Patch1001: openssh-9.6p1-crypto-policies-man.patch +%endif +%if %{with allow_root_password_login_by_default} +# PATCH-FIX-SLE Allow root login with password by default (for SLE12 and SLE15) +Patch1002: openssh-7.7p1-allow_root_password_login.patch %endif BuildRequires: audit-devel BuildRequires: automake +%if 0%{?suse_version} < 1600 +BuildRequires: gcc11 +%endif BuildRequires: groff BuildRequires: libedit-devel BuildRequires: libselinux-devel %if %{with ldap} BuildRequires: openldap2-devel %endif +%if %{with openssl11} +BuildRequires: libopenssl-1_1-devel +BuildRequires: openssl-1_1 +%else BuildRequires: openssl-devel +%endif BuildRequires: pam-devel BuildRequires: pkgconfig BuildRequires: zlib-devel @@ -157,7 +189,7 @@ BuildRequires: sysuser-shadow BuildRequires: sysuser-tools Requires: %{name}-clients = %{version}-%{release} Requires: %{name}-server = %{version}-%{release} -%if 0%{?suse_version} >= 1550 +%if 0%{?suse_version} >= 1550 || 0%{?suse_version} < 1500 BuildRequires: pkgconfig(krb5) %else BuildRequires: krb5-mini-devel @@ -203,14 +235,16 @@ clients. Summary: SSH (Secure Shell) server Group: Productivity/Networking/SSH Requires: %{name}-common = %{version}-%{release} +%if %{with crypto_policies} Requires: crypto-policies >= 20220824 +%endif Recommends: audit Requires(pre): findutils Requires(pre): grep Requires(post): %fillup_prereq Requires(post): permissions Provides: openssh:%{_sbindir}/sshd -%if 0%{with allow_root_password_login_by_default} +%if %{with allow_root_password_login_by_default} # For a brief period of time this package existed in SLE/Leap. # It was removed before GM but some people might have it from # a beta distribution version (boo#1227350) @@ -230,7 +264,7 @@ also be forwarded over the secure channel. This package contains the Secure Shell daemon, which allows clients to securely connect to your server. -%if 0%{with allow_root_password_login_by_default} +%if %{with allow_root_password_login_by_default} %package server-config-disallow-rootlogin Summary: Config to disallow password root logins to sshd Group: Productivity/Networking/SSH @@ -259,7 +293,9 @@ ssh-copy-id(1). %package clients Summary: SSH (Secure Shell) client applications Group: Productivity/Networking/SSH +%if %{with crypto_policies} Requires: crypto-policies >= 20220824 +%endif Requires: %{name}-common = %{version}-%{release} Provides: openssh:%{_bindir}/ssh @@ -328,6 +364,9 @@ sed -i.libexec 's,@LIBEXECDIR@,%{_libexecdir}/ssh,' \ ) %build +%if 0%{?suse_version} < 1600 +export CC=gcc-11 +%endif autoreconf -fiv %ifarch s390 s390x %{sparc} PIEFLAGS="-fPIE" @@ -368,6 +407,7 @@ export LDFLAGS CFLAGS CXXFLAGS CPPFLAGS --disable-lastlog \ --with-logind \ %endif + --enable-dsa-keys \ --with-security-key-builtin \ --target=%{_target_cpu}-suse-linux @@ -392,6 +432,8 @@ install -d -m 755 %{buildroot}%{_sysconfdir}/slp.reg.d/ install -m 644 %{SOURCE5} %{buildroot}%{_sysconfdir}/slp.reg.d/ %endif install -D -m 0644 %{SOURCE10} %{buildroot}%{_unitdir}/sshd.service +install -D -m 0644 %{SOURCE16} %{buildroot}%{_unitdir}/sshd@.service +install -D -m 0644 %{SOURCE17} %{buildroot}%{_unitdir}/sshd.socket ln -s service %{buildroot}%{_sbindir}/rcsshd install -d -m 755 %{buildroot}%{_fillupdir} install -m 644 %{SOURCE8} %{buildroot}%{_fillupdir} @@ -400,7 +442,7 @@ install -m 755 contrib/ssh-copy-id %{buildroot}%{_bindir} install -m 644 contrib/ssh-copy-id.1 %{buildroot}%{_mandir}/man1 sed -i -e s@%{_prefix}/libexec@%{_libexecdir}@g %{buildroot}%{_sysconfdir}/ssh/sshd_config -%if 0%{with allow_root_password_login_by_default} +%if %{with allow_root_password_login_by_default} echo "PermitRootLogin prohibit-password" > %{buildroot}%{_sysconfdir}/ssh/sshd_config.d/51-permit-root-login.conf %else echo "PermitRootLogin yes" > %{buildroot}%{_sysconfdir}/ssh/sshd_config.d/50-permit-root-login.conf @@ -412,19 +454,21 @@ mkdir -p %{buildroot}%{_distconfdir}/ssh/ssh{,d}_config.d mv %{buildroot}%{_sysconfdir}/ssh/moduli %{buildroot}%{_distconfdir}/ssh/ mv %{buildroot}%{_sysconfdir}/ssh/ssh_config %{buildroot}%{_distconfdir}/ssh/ mv %{buildroot}%{_sysconfdir}/ssh/sshd_config %{buildroot}%{_distconfdir}/ssh/ -%if 0%{with allow_root_password_login_by_default} +%if %{with allow_root_password_login_by_default} mv %{buildroot}%{_sysconfdir}/ssh/sshd_config.d/51-permit-root-login.conf %{buildroot}%{_distconfdir}/ssh/sshd_config.d/51-permit-root-login.conf %else mv %{buildroot}%{_sysconfdir}/ssh/sshd_config.d/50-permit-root-login.conf %{buildroot}%{_distconfdir}/ssh/sshd_config.d/50-permit-root-login.conf %endif %endif +%if %{with crypto_policies} install -m 644 ssh_config_suse %{buildroot}%{_sysconfdir}/ssh/ssh_config.d/50-suse.conf %if %{defined _distconfdir} install -m 644 sshd_config_suse_cp %{buildroot}%{_distconfdir}/ssh/sshd_config.d/40-suse-crypto-policies.conf %else install -m 644 sshd_config_suse_cp %{buildroot}%{_sysconfdir}/ssh/sshd_config.d/40-suse-crypto-policies.conf %endif +%endif %if 0%{?suse_version} < 1550 # install firewall definitions @@ -443,9 +487,6 @@ install -D -m 0755 %{SOURCE9} %{buildroot}%{_sbindir}/sshd-gen-keys-start mkdir -p %{buildroot}%{_sysusersdir} install -m 644 %{SOURCE14} %{buildroot}%{_sysusersdir}/sshd.conf -rm %{buildroot}%{_libexecdir}/ssh/ssh-keycat -#rm -r %{buildroot}/usr/lib/debug/.build-id - # the hmac hashes - taken from openssl # # re-define the __os_install_post macro: the macro strips @@ -453,13 +494,19 @@ rm %{buildroot}%{_libexecdir}/ssh/ssh-keycat # # this shows up earlier because otherwise the %%expand of # the macro is too late. +%if %{with openssl11} +%define opensslbin openssl-1_1 +%else +%define opensslbin openssl +%endif + %{expand:%%global __os_install_post {%__os_install_post for b in \ %{_bindir}/ssh \ %{_sbindir}/sshd \ %{_libexecdir}/ssh/sftp-server \ ; do - openssl dgst -sha256 -binary -hmac %{CHECKSUM_HMAC_KEY} < %{buildroot}$b > %{buildroot}$b%{CHECKSUM_SUFFIX} + %{opensslbin} dgst -sha256 -binary -hmac %{CHECKSUM_HMAC_KEY} < %{buildroot}$b > %{buildroot}$b%{CHECKSUM_SUFFIX} done }} @@ -471,12 +518,13 @@ test -f /etc/pam.d/sshd.rpmsave && mv -v /etc/pam.d/sshd.rpmsave /etc/pam.d/sshd test -f /etc/ssh/sshd_config.rpmsave && mv -v /etc/ssh/sshd_config.rpmsave /etc/ssh/sshd_config.rpmsave.old ||: %endif -%service_add_pre sshd.service +%service_add_pre sshd.service sshd.socket %post server %{fillup_only -n ssh} -%service_add_post sshd.service +%service_add_post sshd.service sshd.socket +%if %{with crypto_policies} %if ! %{defined _distconfdir} test -f /etc/ssh/sshd_config && (grep -q "^Include /etc/ssh/sshd_config\.d/\*\.conf" /etc/ssh/sshd_config || ( \ echo "WARNING: /etc/ssh/sshd_config doesn't include config files from" @@ -485,20 +533,22 @@ test -f /etc/ssh/sshd_config && (grep -q "^Include /etc/ssh/sshd_config\.d/\*\.c echo "/etc/ssh/sshd_config :" echo "Include /etc/ssh/sshd_config.d/*.conf" ) ) ||: %endif +%endif %preun server -%service_del_preun sshd.service +%service_del_preun sshd.service sshd.socket %postun server # The openssh-fips trigger script for openssh will normally restart sshd once # it gets installed, so only restart the service here if openssh-fips is not # present. if rpm -q openssh-fips >/dev/null 2>/dev/null; then -%service_del_postun_without_restart sshd.service +%service_del_postun_without_restart sshd.service sshd.socket else -%service_del_postun sshd.service +%service_del_postun sshd.service sshd.socket fi +%if %{with crypto_policies} %if ! %{defined _distconfdir} %post server-config-disallow-rootlogin test -f /etc/ssh/sshd_config && (grep -q "^Include /etc/ssh/sshd_config\.d/\*\.conf" /etc/ssh/sshd_config || ( \ @@ -508,6 +558,7 @@ test -f /etc/ssh/sshd_config && (grep -q "^Include /etc/ssh/sshd_config\.d/\*\.c echo "the following line is added at the start of /etc/ssh/sshd_config :" echo "Include /etc/ssh/sshd_config.d/*.conf" ) ) ||: %endif +%endif %if %{defined _distconfdir} %posttrans server @@ -522,6 +573,7 @@ test -f /etc/ssh/sshd_config.rpmsave && mv -v /etc/ssh/sshd_config.rpmsave /etc/ test -f /etc/ssh/ssh_config.rpmsave && mv -v /etc/ssh/ssh_config.rpmsave /etc/ssh/ssh_config.rpmsave.old ||: %endif +%if %{with crypto_policies} %if ! %{defined _distconfdir} %post clients test -f /etc/ssh/ssh_config && (grep -q "^Include /etc/ssh/ssh_config\.d/\*\.conf" /etc/ssh/ssh_config || ( \ @@ -531,6 +583,7 @@ test -f /etc/ssh/ssh_config && (grep -q "^Include /etc/ssh/ssh_config\.d/\*\.con echo "/etc/ssh/ssh_config :" echo "Include /etc/ssh/ssh_config.d/*.conf" ) ) ||: %endif +%endif %if %{defined _distconfdir} %posttrans clients @@ -578,17 +631,22 @@ test -f /etc/ssh/ssh_config.rpmsave && mv -v /etc/ssh/ssh_config.rpmsave /etc/ss %attr(0640,root,root) %config(noreplace) %{_sysconfdir}/ssh/sshd_config %attr(0644,root,root) %config(noreplace) %{_sysconfdir}/pam.d/sshd %endif +%if %{with crypto_policies} %if %{defined _distconfdir} %attr(0600,root,root) %config(noreplace) %{_distconfdir}/ssh/sshd_config.d/40-suse-crypto-policies.conf %else %attr(0600,root,root) %config(noreplace) %{_sysconfdir}/ssh/sshd_config.d/40-suse-crypto-policies.conf %endif +%endif %attr(0644,root,root) %{_unitdir}/sshd.service +%attr(0644,root,root) %{_unitdir}/sshd@.service +%attr(0644,root,root) %{_unitdir}/sshd.socket %attr(0644,root,root) %{_sysusersdir}/sshd.conf %attr(0444,root,root) %{_mandir}/man5/sshd_config* %attr(0444,root,root) %{_mandir}/man8/sftp-server.8* %attr(0444,root,root) %{_mandir}/man8/sshd.8* %attr(0755,root,root) %{_libexecdir}/ssh/sftp-server +%attr(0755,root,root) %{_libexecdir}/ssh/sshd-session %if 0%{?suse_version} < 1600 %dir %{_sysconfdir}/slp.reg.d %config %{_sysconfdir}/slp.reg.d/ssh.reg @@ -600,7 +658,7 @@ test -f /etc/ssh/ssh_config.rpmsave && mv -v /etc/ssh/ssh_config.rpmsave /etc/ss %config %{_fwdefdir}/sshd %endif -%if 0%{with allow_root_password_login_by_default} +%if %{with allow_root_password_login_by_default} %files server-config-disallow-rootlogin %if %{defined _distconfdir} %{_distconfdir}/ssh/sshd_config.d/51-permit-root-login.conf @@ -617,8 +675,10 @@ test -f /etc/ssh/ssh_config.rpmsave && mv -v /etc/ssh/ssh_config.rpmsave /etc/ss %endif %files clients +%if %{with crypto_policies} %dir %attr(0755,root,root) %{_sysconfdir}/ssh/ssh_config.d %attr(0644,root,root) %config(noreplace) %{_sysconfdir}/ssh/ssh_config.d/50-suse.conf +%endif %if %{defined _distconfdir} %attr(0644,root,root) %{_distconfdir}/ssh/ssh_config %else diff --git a/sshd-sle.pamd b/sshd-sle.pamd index efe67cb..9309745 100644 --- a/sshd-sle.pamd +++ b/sshd-sle.pamd @@ -8,4 +8,3 @@ session required pam_loginuid.so session optional pam_keyinit.so force revoke session include common-session session optional pam_motd.so - diff --git a/sshd.socket b/sshd.socket new file mode 100644 index 0000000..302de42 --- /dev/null +++ b/sshd.socket @@ -0,0 +1,11 @@ +[Unit] +Description=OpenSSH Server Socket +Conflicts=sshd.service + +[Socket] +ListenStream=22 +Accept=yes + +[Install] +WantedBy=sockets.target + diff --git a/sshd@.service b/sshd@.service new file mode 100644 index 0000000..9f8d816 --- /dev/null +++ b/sshd@.service @@ -0,0 +1,11 @@ +[Unit] +Description=OpenSSH Per-Connection Server Daemon +Documentation=man:systemd-ssh-generator(8) man:sshd(8) +After=network.target + +[Service] +EnvironmentFile=-/etc/sysconfig/ssh +ExecStartPre=/usr/sbin/sshd-gen-keys-start +ExecStartPre=/usr/sbin/sshd -t $SSHD_OPTS +ExecStart=-/usr/sbin/sshd -i $SSHD_OPTS +StandardInput=socket diff --git a/wtmpdb.patch b/wtmpdb.patch index bf5bca9..de6f80c 100644 --- a/wtmpdb.patch +++ b/wtmpdb.patch @@ -174,12 +174,16 @@ diff -ur openssh-8.9p1.old/Makefile.in openssh-8.9p1/Makefile.in AR=@AR@ AWK=@AWK@ RANLIB=@RANLIB@ -@@ -212,7 +213,7 @@ +@@ -212,10 +213,10 @@ $(LD) -o $@ $(SSHOBJS) $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS) $(GSSLIBS) $(CHANNELLIBS) sshd$(EXEEXT): libssh.a $(LIBCOMPAT) $(SSHDOBJS) -- $(LD) -o $@ $(SSHDOBJS) $(LDFLAGS) -lssh -lopenbsd-compat $(SSHDLIBS) $(LIBS) $(GSSLIBS) $(K5LIBS) $(CHANNELLIBS) -+ $(LD) -o $@ $(SSHDOBJS) $(LDFLAGS) -lssh -lopenbsd-compat $(SSHDLIBS) $(LIBS) $(GSSLIBS) $(K5LIBS) $(CHANNELLIBS) $(LIBWTMPDB) +- $(LD) -o $@ $(SSHDOBJS) $(LDFLAGS) -lssh -lopenbsd-compat $(SSHDLIBS) $(LIBS) $(CHANNELLIBS) ++ $(LD) -o $@ $(SSHDOBJS) $(LDFLAGS) -lssh -lopenbsd-compat $(SSHDLIBS) $(LIBS) $(CHANNELLIBS) $(LIBWTMPDB) + + sshd-session$(EXEEXT): libssh.a $(LIBCOMPAT) $(SSHD_SESSION_OBJS) +- $(LD) -o $@ $(SSHD_SESSION_OBJS) $(LDFLAGS) -lssh -lopenbsd-compat $(SSHDLIBS) $(LIBS) $(GSSLIBS) $(K5LIBS) $(CHANNELLIBS) ++ $(LD) -o $@ $(SSHD_SESSION_OBJS) $(LDFLAGS) -lssh -lopenbsd-compat $(SSHDLIBS) $(LIBS) $(GSSLIBS) $(K5LIBS) $(CHANNELLIBS) $(LIBWTMPDB) scp$(EXEEXT): $(LIBCOMPAT) libssh.a $(SCP_OBJS) $(LD) -o $@ $(SCP_OBJS) $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS)