diff --git a/openssh-7.7p1-disable_short_DH_parameters.patch b/openssh-7.7p1-disable_short_DH_parameters.patch deleted file mode 100644 index d64a17c..0000000 --- a/openssh-7.7p1-disable_short_DH_parameters.patch +++ /dev/null @@ -1,425 +0,0 @@ -# HG changeset patch -# Parent 681914438b1a02c1940d19204138e9b8eacfda7b - -Raise minimal size of DH group parameters to 2048 bits like upstream did in -7.2. 1024b values are believed to be in breaking range for state adversaries -and the default moduli shipped with openssh have been around long enough to -make it more likely for them to be broken. - -Also provide an option that allows the client to accept shorter (RFC4419 -compliant) parameters. - -CVE-2015-4000 (LOGJAM) -bsc#932483 - -Index: openssh-7.9p1/dh.c -=================================================================== ---- openssh-7.9p1.orig/dh.c -+++ openssh-7.9p1/dh.c -@@ -45,6 +45,8 @@ - - #include "openbsd-compat/openssl-compat.h" - -+int dh_grp_min = DH_GRP_MIN; -+ - static int - parse_prime(int linenum, char *line, struct dhgroup *dhg) - { -Index: openssh-7.9p1/dh.h -=================================================================== ---- openssh-7.9p1.orig/dh.h -+++ openssh-7.9p1/dh.h -@@ -50,6 +50,7 @@ u_int dh_estimate(int); - * Max value from RFC4419. - * Miniumum increased in light of DH precomputation attacks. - */ -+#define DH_GRP_MIN_RFC 1024 - #define DH_GRP_MIN 2048 - #define DH_GRP_MAX 8192 - -Index: openssh-7.9p1/kexgexc.c -=================================================================== ---- openssh-7.9p1.orig/kexgexc.c -+++ openssh-7.9p1/kexgexc.c -@@ -53,6 +53,9 @@ - #include "sshbuf.h" - #include "misc.h" - -+/* import from dh.c */ -+extern int dh_grp_min; -+ - static int input_kex_dh_gex_group(int, u_int32_t, struct ssh *); - static int input_kex_dh_gex_reply(int, u_int32_t, struct ssh *); - -@@ -65,7 +68,7 @@ kexgex_client(struct ssh *ssh) - - nbits = dh_estimate(kex->dh_need * 8); - -- kex->min = DH_GRP_MIN; -+ kex->min = dh_grp_min; - kex->max = DH_GRP_MAX; - kex->nbits = nbits; - if (datafellows & SSH_BUG_DHGEX_LARGE) -@@ -111,6 +114,12 @@ input_kex_dh_gex_group(int type, u_int32 - goto out; - if ((bits = BN_num_bits(p)) < 0 || - (u_int)bits < kex->min || (u_int)bits > kex->max) { -+ if ((u_int)bits < kex->min && (u_int)bits >= DH_GRP_MIN_RFC) -+ logit("DH parameter offered by the server (%d bits) " -+ "is considered insecure. " -+ "You can lower the accepted the minimum " -+ "via the KexDHMin option.", -+ bits); - r = SSH_ERR_DH_GEX_OUT_OF_RANGE; - goto out; - } -Index: openssh-7.9p1/kexgexs.c -=================================================================== ---- openssh-7.9p1.orig/kexgexs.c -+++ openssh-7.9p1/kexgexs.c -@@ -56,6 +56,9 @@ - #include "sshbuf.h" - #include "misc.h" - -+/* import from dh.c */ -+extern int dh_grp_min; -+ - static int input_kex_dh_gex_request(int, u_int32_t, struct ssh *); - static int input_kex_dh_gex_init(int, u_int32_t, struct ssh *); - -@@ -85,13 +88,19 @@ input_kex_dh_gex_request(int type, u_int - kex->nbits = nbits; - kex->min = min; - kex->max = max; -- min = MAXIMUM(DH_GRP_MIN, min); -+ min = MAXIMUM(dh_grp_min, min); - max = MINIMUM(DH_GRP_MAX, max); -- nbits = MAXIMUM(DH_GRP_MIN, nbits); -+ nbits = MAXIMUM(dh_grp_min, nbits); - nbits = MINIMUM(DH_GRP_MAX, nbits); - - if (kex->max < kex->min || kex->nbits < kex->min || - kex->max < kex->nbits || kex->max < DH_GRP_MIN) { -+ if (kex->nbits < kex->min && kex->nbits >= DH_GRP_MIN_RFC) -+ logit("DH parameter requested by the client (%d bits) " -+ "is considered insecure. " -+ "You can lower the accepted minimum " -+ "via the KexDHMin option.", -+ kex->nbits); - r = SSH_ERR_DH_GEX_OUT_OF_RANGE; - goto out; - } -Index: openssh-7.9p1/readconf.c -=================================================================== ---- openssh-7.9p1.orig/readconf.c -+++ openssh-7.9p1/readconf.c -@@ -67,6 +67,7 @@ - #include "uidswap.h" - #include "myproposal.h" - #include "digest.h" -+#include "dh.h" - - /* Format of the configuration file: - -@@ -167,7 +168,7 @@ typedef enum { - oTunnel, oTunnelDevice, - oLocalCommand, oPermitLocalCommand, oRemoteCommand, - oVisualHostKey, -- oKexAlgorithms, oIPQoS, oRequestTTY, oIgnoreUnknown, oProxyUseFdpass, -+ oKexAlgorithms, oKexDHMin, oIPQoS, oRequestTTY, oIgnoreUnknown, oProxyUseFdpass, - oCanonicalDomains, oCanonicalizeHostname, oCanonicalizeMaxDots, - oCanonicalizeFallbackLocal, oCanonicalizePermittedCNAMEs, - oStreamLocalBindMask, oStreamLocalBindUnlink, oRevokedHostKeys, -@@ -292,6 +293,7 @@ static struct { - { "remotecommand", oRemoteCommand }, - { "visualhostkey", oVisualHostKey }, - { "kexalgorithms", oKexAlgorithms }, -+ { "kexdhmin", oKexDHMin }, - { "ipqos", oIPQoS }, - { "requesttty", oRequestTTY }, - { "proxyusefdpass", oProxyUseFdpass }, -@@ -313,6 +315,9 @@ static struct { - { NULL, oBadOption } - }; - -+/* import from dh.c */ -+extern int dh_grp_min; -+ - /* - * Adds a local TCP/IP port forward to options. Never returns if there is an - * error. -@@ -1216,6 +1221,10 @@ parse_int: - options->kex_algorithms = xstrdup(arg); - break; - -+ case oKexDHMin: -+ intptr = &options->kex_dhmin; -+ goto parse_int; -+ - case oHostKeyAlgorithms: - charptr = &options->hostkeyalgorithms; - parse_keytypes: -@@ -1860,6 +1869,7 @@ initialize_options(Options * options) - options->ciphers = NULL; - options->macs = NULL; - options->kex_algorithms = NULL; -+ options->kex_dhmin = -1; - options->hostkeyalgorithms = NULL; - options->ca_sign_algorithms = NULL; - options->num_identity_files = 0; -@@ -2014,6 +2024,13 @@ fill_default_options(Options * options) - options->connection_attempts = 1; - if (options->number_of_password_prompts == -1) - options->number_of_password_prompts = 3; -+ if (options->kex_dhmin == -1) -+ options->kex_dhmin = DH_GRP_MIN; -+ else { -+ options->kex_dhmin = MAXIMUM(options->kex_dhmin, DH_GRP_MIN_RFC); -+ options->kex_dhmin = MINIMUM(options->kex_dhmin, DH_GRP_MAX); -+ } -+ dh_grp_min = options->kex_dhmin; - /* options->hostkeyalgorithms, default set in myproposals.h */ - if (options->add_keys_to_agent == -1) - options->add_keys_to_agent = 0; -Index: openssh-7.9p1/readconf.h -=================================================================== ---- openssh-7.9p1.orig/readconf.h -+++ openssh-7.9p1/readconf.h -@@ -68,6 +68,7 @@ typedef struct { - char *hostkeyalgorithms; /* SSH2 server key types in order of preference. */ - char *kex_algorithms; /* SSH2 kex methods in order of preference. */ - char *ca_sign_algorithms; /* Allowed CA signature algorithms */ -+ int kex_dhmin; /* minimum bit length of the DH group parameter */ - char *hostname; /* Real host to connect. */ - char *host_key_alias; /* hostname alias for .ssh/known_hosts */ - char *proxy_command; /* Proxy command for connecting the host. */ -Index: openssh-7.9p1/servconf.c -=================================================================== ---- openssh-7.9p1.orig/servconf.c -+++ openssh-7.9p1/servconf.c -@@ -64,6 +64,10 @@ - #include "auth.h" - #include "myproposal.h" - #include "digest.h" -+#include "dh.h" -+ -+/* import from dh.c */ -+extern int dh_grp_min; - - static void add_listen_addr(ServerOptions *, const char *, - const char *, int); -@@ -146,6 +150,7 @@ initialize_server_options(ServerOptions - options->ciphers = NULL; - options->macs = NULL; - options->kex_algorithms = NULL; -+ options->kex_dhmin = -1; - options->ca_sign_algorithms = NULL; - options->fwd_opts.gateway_ports = -1; - options->fwd_opts.streamlocal_bind_mask = (mode_t)-1; -@@ -267,6 +272,14 @@ fill_default_server_options(ServerOption - if (options->use_pam_check_locks == -1) - options->use_pam_check_locks = 0; - -+ if (options->kex_dhmin == -1) -+ options->kex_dhmin = DH_GRP_MIN; -+ else { -+ options->kex_dhmin = MAXIMUM(options->kex_dhmin, DH_GRP_MIN_RFC); -+ options->kex_dhmin = MINIMUM(options->kex_dhmin, DH_GRP_MAX); -+ } -+ dh_grp_min = options->kex_dhmin; -+ - /* Standard Options */ - if (options->num_host_key_files == 0) { - /* fill default hostkeys for protocols */ -@@ -494,7 +507,7 @@ typedef enum { - sHostCertificate, - sRevokedKeys, sTrustedUserCAKeys, sAuthorizedPrincipalsFile, - sAuthorizedPrincipalsCommand, sAuthorizedPrincipalsCommandUser, -- sKexAlgorithms, sCASignatureAlgorithms, sIPQoS, sVersionAddendum, -+ sKexAlgorithms, sKexDHMin, sCASignatureAlgorithms, sIPQoS, sVersionAddendum, - sAuthorizedKeysCommand, sAuthorizedKeysCommandUser, - sAuthenticationMethods, sHostKeyAgent, sPermitUserRC, - sStreamLocalBindMask, sStreamLocalBindUnlink, -@@ -635,6 +648,7 @@ static struct { - { "trustedusercakeys", sTrustedUserCAKeys, SSHCFG_ALL }, - { "authorizedprincipalsfile", sAuthorizedPrincipalsFile, SSHCFG_ALL }, - { "kexalgorithms", sKexAlgorithms, SSHCFG_GLOBAL }, -+ { "kexdhmin", sKexDHMin }, - { "ipqos", sIPQoS, SSHCFG_ALL }, - { "authorizedkeyscommand", sAuthorizedKeysCommand, SSHCFG_ALL }, - { "authorizedkeyscommanduser", sAuthorizedKeysCommandUser, SSHCFG_ALL }, -@@ -1735,6 +1749,10 @@ process_server_config_line(ServerOptions - options->kex_algorithms = xstrdup(arg); - break; - -+ case sKexDHMin: -+ intptr = &options->kex_dhmin; -+ goto parse_int; -+ - case sSubsystem: - if (options->num_subsystems >= MAX_SUBSYSTEMS) { - fatal("%s line %d: too many subsystems defined.", -@@ -2549,6 +2567,7 @@ dump_config(ServerOptions *o) - dump_cfg_int(sClientAliveInterval, o->client_alive_interval); - dump_cfg_int(sClientAliveCountMax, o->client_alive_count_max); - dump_cfg_oct(sStreamLocalBindMask, o->fwd_opts.streamlocal_bind_mask); -+ dump_cfg_int(sKexDHMin, o->kex_dhmin); - - /* formatted integer arguments */ - dump_cfg_fmtint(sPermitRootLogin, o->permit_root_login); -Index: openssh-7.9p1/servconf.h -=================================================================== ---- openssh-7.9p1.orig/servconf.h -+++ openssh-7.9p1/servconf.h -@@ -103,6 +103,7 @@ typedef struct { - char *ciphers; /* Supported SSH2 ciphers. */ - char *macs; /* Supported SSH2 macs. */ - char *kex_algorithms; /* SSH2 kex methods in order of preference. */ -+ int kex_dhmin; /* minimum bit length of the DH group parameter */ - struct ForwardOptions fwd_opts; /* forwarding options */ - SyslogFacility log_facility; /* Facility for system logging. */ - LogLevel log_level; /* Level for system logging. */ -Index: openssh-7.9p1/ssh_config -=================================================================== ---- openssh-7.9p1.orig/ssh_config -+++ openssh-7.9p1/ssh_config -@@ -17,6 +17,11 @@ - # list of available options, their meanings and defaults, please see the - # ssh_config(5) man page. - -+# Minimum accepted size of the DH parameter p. By default this is set to 1024 -+# to maintain compatibility with RFC4419, but should be set higher. -+# Upstream default is identical to setting this to 2048. -+#KexDHMin 1024 -+ - Host * - # ForwardAgent no - # ForwardX11 no -Index: openssh-7.9p1/ssh_config.0 -=================================================================== ---- openssh-7.9p1.orig/ssh_config.0 -+++ openssh-7.9p1/ssh_config.0 -@@ -610,6 +610,23 @@ DESCRIPTION - The list of available key exchange algorithms may also be - obtained using "ssh -Q kex". - -+ KexDHMin -+ Specifies the minimum accepted bit length of the DH group -+ parameter p. -+ -+ As per RFC4419, this is 1024 bits, however this has increasingly -+ been seen as insecure, which prompted the change to 2048 bits. -+ Setting this option allows the client to accept parameters shorter -+ than the current minimum, down to the RFC specified 1024 bits. -+ Using this option may be needed when connecting to servers that -+ only know short DH group parameters. -+ -+ Note, that while by default this option is set to 1024 to maintain -+ maximum backward compatibility, using it can severly impact -+ security and thus should be viewed as a temporary fix of last -+ resort and all efforts should be made to fix the (broken) -+ counterparty. -+ - LocalCommand - Specifies a command to execute on the local machine after - successfully connecting to the server. The command string -Index: openssh-7.9p1/ssh_config.5 -=================================================================== ---- openssh-7.9p1.orig/ssh_config.5 -+++ openssh-7.9p1/ssh_config.5 -@@ -1047,6 +1047,22 @@ diffie-hellman-group14-sha1 - .Pp - The list of available key exchange algorithms may also be obtained using - .Qq ssh -Q kex . -+.It Cm KexDHMin -+Specifies the minimum accepted bit length of the DH group -+parameter p. -+.Pp -+As per RFC4419, this is 1024 bits, however this has increasingly -+been seen as insecure, which prompted the change to 2048 bits. -+Setting this option allows the client to accept parameters shorter -+than the current minimum, down to the RFC specified 1024 bits. -+Using this option may be needed when connecting to servers that -+only know short DH group parameters. -+.Pp -+Note, that while by default this option is set to 1024 to maintain -+maximum backward compatibility, using it can severly impact -+security and thus should be viewed as a temporary fix of last -+resort and all efforts should be made to fix the (broken) -+counterparty. - .It Cm LocalCommand - Specifies a command to execute on the local machine after successfully - connecting to the server. -Index: openssh-7.9p1/sshd_config -=================================================================== ---- openssh-7.9p1.orig/sshd_config -+++ openssh-7.9p1/sshd_config -@@ -19,6 +19,13 @@ - #HostKey /etc/ssh/ssh_host_ecdsa_key - #HostKey /etc/ssh/ssh_host_ed25519_key - -+# Minimum accepted size of the DH parameter p. The default, which replicates -+# upstream behaviour, is 2048. To maintain compatibility with RFC4419 it should -+# be set to 1024. -+# You will also need to add a HostKey directive to load a DSA key (typically -+# located in /etc/ssh/ssh_host_dsa_key), which is not loaded by default. -+#KexDHMin 2048 -+ - # Ciphers and keying - #RekeyLimit default none - -Index: openssh-7.9p1/sshd_config.0 -=================================================================== ---- openssh-7.9p1.orig/sshd_config.0 -+++ openssh-7.9p1/sshd_config.0 -@@ -555,6 +555,23 @@ DESCRIPTION - The list of available key exchange algorithms may also be - obtained using "ssh -Q kex". - -+ KexDHMin -+ Specifies the minimum accepted bit length of the DH group -+ parameter p. -+ -+ As per RFC4419, this is 1024 bits, however this has increasingly -+ been seen as insecure, which prompted the change to 2048 bits. -+ Setting this option allows the server to accept parameters shorter -+ than the current minimum, down to the RFC specified 1024 bits. -+ Using this option may be needed when some of the connectiong -+ clients only know short DH group parameters. -+ -+ Note, that while by default this option is set to 1024 to maintain -+ maximum backward compatibility, using it can severly impact -+ security and thus should be viewed as a temporary fix of last -+ resort and all efforts should be made to fix the (broken) -+ counterparty. -+ - ListenAddress - Specifies the local addresses sshd(8) should listen on. The - following forms may be used: -Index: openssh-7.9p1/sshd_config.5 -=================================================================== ---- openssh-7.9p1.orig/sshd_config.5 -+++ openssh-7.9p1/sshd_config.5 -@@ -923,6 +923,22 @@ diffie-hellman-group14-sha256,diffie-hel - .Pp - The list of available key exchange algorithms may also be obtained using - .Qq ssh -Q kex . -+.It Cm KexDHMin -+Specifies the minimum accepted bit length of the DH group -+parameter p. -+.Pp -+As per RFC4419, this is 1024 bits, however this has increasingly -+been seen as insecure, which prompted the change to 2048 bits. -+Setting this option allows the server to accept parameters shorter -+than the current minimum, down to the RFC specified 1024 bits. -+Using this option may be needed when some of the connectiong -+clients only know short DH group parameters. -+.Pp -+Note, that while by default this option is set to 1024 to maintain -+maximum backward compatibility, using it can severly impact -+security and thus should be viewed as a temporary fix of last -+resort and all efforts should be made to fix the (broken) -+counterparty. - .It Cm ListenAddress - Specifies the local addresses - .Xr sshd 8 diff --git a/openssh-7.7p1-fips.patch b/openssh-7.7p1-fips.patch index 51c8900..7d6bc9d 100644 --- a/openssh-7.7p1-fips.patch +++ b/openssh-7.7p1-fips.patch @@ -5,8 +5,8 @@ algorithms. Index: openssh-7.9p1/Makefile.in =================================================================== ---- openssh-7.9p1.orig/Makefile.in -+++ openssh-7.9p1/Makefile.in +--- openssh-7.9p1.orig/Makefile.in 2019-02-28 17:20:15.767164591 +0100 ++++ openssh-7.9p1/Makefile.in 2019-02-28 20:18:30.666473978 +0100 @@ -102,6 +102,8 @@ LIBSSH_OBJS=${LIBOPENSSH_OBJS} \ kexdhs.o kexgexs.o kexecdhs.o kexc25519s.o \ platform-pledge.o platform-tracing.o platform-misc.o @@ -18,8 +18,8 @@ Index: openssh-7.9p1/Makefile.in Index: openssh-7.9p1/cipher-ctr.c =================================================================== ---- openssh-7.9p1.orig/cipher-ctr.c -+++ openssh-7.9p1/cipher-ctr.c +--- openssh-7.9p1.orig/cipher-ctr.c 2018-10-17 02:01:20.000000000 +0200 ++++ openssh-7.9p1/cipher-ctr.c 2019-02-28 17:20:15.919165544 +0100 @@ -27,6 +27,8 @@ #include "xmalloc.h" #include "log.h" @@ -40,8 +40,8 @@ Index: openssh-7.9p1/cipher-ctr.c } Index: openssh-7.9p1/cipher.c =================================================================== ---- openssh-7.9p1.orig/cipher.c -+++ openssh-7.9p1/cipher.c +--- openssh-7.9p1.orig/cipher.c 2018-10-17 02:01:20.000000000 +0200 ++++ openssh-7.9p1/cipher.c 2019-02-28 20:18:30.666473978 +0100 @@ -51,6 +51,8 @@ #include "openbsd-compat/openssl-compat.h" @@ -131,23 +131,11 @@ Index: openssh-7.9p1/cipher.c if (strcmp(c->name, name) == 0) return c; return NULL; -Index: openssh-7.9p1/dh.h -=================================================================== ---- openssh-7.9p1.orig/dh.h -+++ openssh-7.9p1/dh.h -@@ -52,6 +52,7 @@ u_int dh_estimate(int); - */ - #define DH_GRP_MIN_RFC 1024 - #define DH_GRP_MIN 2048 -+#define DH_GRP_MIN_FIPS 2048 - #define DH_GRP_MAX 8192 - - /* Index: openssh-7.9p1/fips.c =================================================================== ---- /dev/null -+++ openssh-7.9p1/fips.c -@@ -0,0 +1,237 @@ +--- /dev/null 1970-01-01 00:00:00.000000000 +0000 ++++ openssh-7.9p1/fips.c 2019-02-28 20:18:30.534473204 +0100 +@@ -0,0 +1,215 @@ +/* + * Copyright (c) 2012 Petr Cerny. All rights reserved. + * @@ -363,33 +351,11 @@ Index: openssh-7.9p1/fips.c + return dgst; +} + -+int -+fips_dh_grp_min(void) -+{ -+ int fips; -+ int dh; -+ -+ fips = fips_mode(); -+ switch (fips) { -+ case 0: -+ dh = dh_grp_min; -+ break; -+ case 1: -+ dh = DH_GRP_MIN_FIPS; -+ break; -+ default: -+ /* should not be reached */ -+ fatal("Fatal error: incorrect FIPS mode '%i' at %s:%u", -+ fips, __FILE__, __LINE__); -+ } -+ return dh; -+} -+ Index: openssh-7.9p1/fips.h =================================================================== ---- /dev/null -+++ openssh-7.9p1/fips.h -@@ -0,0 +1,45 @@ +--- /dev/null 1970-01-01 00:00:00.000000000 +0000 ++++ openssh-7.9p1/fips.h 2019-02-28 20:18:30.534473204 +0100 +@@ -0,0 +1,44 @@ +/* + * Copyright (c) 2012 Petr Cerny. All rights reserved. + * @@ -429,7 +395,6 @@ Index: openssh-7.9p1/fips.h +int fips_mode(void); +int fips_correct_dgst(int); +int fips_dgst_min(void); -+int fips_dh_grp_min(void); +enum fp_type fips_correct_fp_type(enum fp_type); +int fips_filter_crypto(char **, fips_filters); + @@ -437,8 +402,8 @@ Index: openssh-7.9p1/fips.h + Index: openssh-7.9p1/hmac.c =================================================================== ---- openssh-7.9p1.orig/hmac.c -+++ openssh-7.9p1/hmac.c +--- openssh-7.9p1.orig/hmac.c 2018-10-17 02:01:20.000000000 +0200 ++++ openssh-7.9p1/hmac.c 2019-02-28 17:20:15.919165544 +0100 @@ -144,7 +144,7 @@ hmac_test(void *key, size_t klen, void * size_t i; u_char digest[16]; @@ -450,8 +415,8 @@ Index: openssh-7.9p1/hmac.c ssh_hmac_update(ctx, m, mlen) < 0 || Index: openssh-7.9p1/kex.c =================================================================== ---- openssh-7.9p1.orig/kex.c -+++ openssh-7.9p1/kex.c +--- openssh-7.9p1.orig/kex.c 2018-10-17 02:01:20.000000000 +0200 ++++ openssh-7.9p1/kex.c 2019-02-28 17:20:15.919165544 +0100 @@ -54,6 +54,8 @@ #include "sshbuf.h" #include "digest.h" @@ -547,59 +512,23 @@ Index: openssh-7.9p1/kex.c free(s); return 0; } -Index: openssh-7.9p1/kexgexc.c -=================================================================== ---- openssh-7.9p1.orig/kexgexc.c -+++ openssh-7.9p1/kexgexc.c -@@ -53,8 +53,7 @@ - #include "sshbuf.h" - #include "misc.h" - --/* import from dh.c */ --extern int dh_grp_min; -+#include "fips.h" - - static int input_kex_dh_gex_group(int, u_int32_t, struct ssh *); - static int input_kex_dh_gex_reply(int, u_int32_t, struct ssh *); -@@ -68,7 +67,7 @@ kexgex_client(struct ssh *ssh) - - nbits = dh_estimate(kex->dh_need * 8); - -- kex->min = dh_grp_min; -+ kex->min = fips_dh_grp_min(); - kex->max = DH_GRP_MAX; - kex->nbits = nbits; - if (datafellows & SSH_BUG_DHGEX_LARGE) Index: openssh-7.9p1/kexgexs.c =================================================================== ---- openssh-7.9p1.orig/kexgexs.c -+++ openssh-7.9p1/kexgexs.c -@@ -56,8 +56,7 @@ +--- openssh-7.9p1.orig/kexgexs.c 2018-10-17 02:01:20.000000000 +0200 ++++ openssh-7.9p1/kexgexs.c 2019-02-28 17:20:15.923165569 +0100 +@@ -56,6 +56,8 @@ #include "sshbuf.h" #include "misc.h" --/* import from dh.c */ --extern int dh_grp_min; +#include "fips.h" - ++ static int input_kex_dh_gex_request(int, u_int32_t, struct ssh *); static int input_kex_dh_gex_init(int, u_int32_t, struct ssh *); -@@ -88,9 +87,9 @@ input_kex_dh_gex_request(int type, u_int - kex->nbits = nbits; - kex->min = min; - kex->max = max; -- min = MAXIMUM(dh_grp_min, min); -+ min = MAXIMUM(fips_dh_grp_min(), min); - max = MINIMUM(DH_GRP_MAX, max); -- nbits = MAXIMUM(dh_grp_min, nbits); -+ nbits = MAXIMUM(fips_dh_grp_min(), nbits); - nbits = MINIMUM(DH_GRP_MAX, nbits); - if (kex->max < kex->min || kex->nbits < kex->min || Index: openssh-7.9p1/mac.c =================================================================== ---- openssh-7.9p1.orig/mac.c -+++ openssh-7.9p1/mac.c +--- openssh-7.9p1.orig/mac.c 2018-10-17 02:01:20.000000000 +0200 ++++ openssh-7.9p1/mac.c 2019-02-28 17:20:15.923165569 +0100 @@ -40,6 +40,9 @@ #include "openbsd-compat/openssl-compat.h" @@ -681,8 +610,8 @@ Index: openssh-7.9p1/mac.c if (mac != NULL) Index: openssh-7.9p1/myproposal.h =================================================================== ---- openssh-7.9p1.orig/myproposal.h -+++ openssh-7.9p1/myproposal.h +--- openssh-7.9p1.orig/myproposal.h 2018-10-17 02:01:20.000000000 +0200 ++++ openssh-7.9p1/myproposal.h 2019-02-28 17:20:15.923165569 +0100 @@ -151,6 +151,8 @@ #else /* WITH_OPENSSL */ @@ -694,17 +623,18 @@ Index: openssh-7.9p1/myproposal.h "curve25519-sha256@libssh.org" Index: openssh-7.9p1/readconf.c =================================================================== ---- openssh-7.9p1.orig/readconf.c -+++ openssh-7.9p1/readconf.c -@@ -68,6 +68,7 @@ +--- openssh-7.9p1.orig/readconf.c 2018-10-17 02:01:20.000000000 +0200 ++++ openssh-7.9p1/readconf.c 2019-02-28 20:18:54.650614520 +0100 +@@ -68,6 +68,8 @@ #include "myproposal.h" #include "digest.h" - #include "dh.h" -+#include "fips.h" ++#include "fips.h" ++ /* Format of the configuration file: -@@ -1825,6 +1826,23 @@ option_clear_or_none(const char *o) + # Configuration data is parsed as follows: +@@ -1816,6 +1818,23 @@ option_clear_or_none(const char *o) return o == NULL || strcasecmp(o, "none") == 0; } @@ -728,19 +658,7 @@ Index: openssh-7.9p1/readconf.c /* * Initializes options to special values that indicate that they have not yet * been set. Read_config_file will only set options with this value. Options -@@ -2025,9 +2043,9 @@ fill_default_options(Options * options) - if (options->number_of_password_prompts == -1) - options->number_of_password_prompts = 3; - if (options->kex_dhmin == -1) -- options->kex_dhmin = DH_GRP_MIN; -+ options->kex_dhmin = fips_dh_grp_min(); - else { -- options->kex_dhmin = MAXIMUM(options->kex_dhmin, DH_GRP_MIN_RFC); -+ options->kex_dhmin = MAXIMUM(options->kex_dhmin, fips_dh_grp_min()); - options->kex_dhmin = MINIMUM(options->kex_dhmin, DH_GRP_MAX); - } - dh_grp_min = options->kex_dhmin; -@@ -2112,6 +2130,8 @@ fill_default_options(Options * options) +@@ -2095,6 +2114,8 @@ fill_default_options(Options * options) options->canonicalize_hostname = SSH_CANONICALISE_NO; if (options->fingerprint_hash == -1) options->fingerprint_hash = SSH_FP_HASH_DEFAULT; @@ -749,19 +667,19 @@ Index: openssh-7.9p1/readconf.c if (options->update_hostkeys == -1) options->update_hostkeys = 0; -@@ -2594,6 +2614,7 @@ dump_client_config(Options *o, const cha - KEX_DEFAULT_PK_ALG, all_key) != 0) - fatal("%s: kex_assemble_names failed", __func__); +@@ -2122,6 +2143,7 @@ fill_default_options(Options * options) + free(all_kex); free(all_key); -+ filter_fips_algorithms(o); + free(all_sig); ++ filter_fips_algorithms(options); - /* Most interesting options first: user, host, port */ - dump_cfg_string(oUser, o->user); + #define CLEAR_ON_NONE(v) \ + do { \ Index: openssh-7.9p1/readconf.h =================================================================== ---- openssh-7.9p1.orig/readconf.h -+++ openssh-7.9p1/readconf.h -@@ -198,6 +198,7 @@ typedef struct { +--- openssh-7.9p1.orig/readconf.h 2018-10-17 02:01:20.000000000 +0200 ++++ openssh-7.9p1/readconf.h 2019-02-28 17:20:15.923165569 +0100 +@@ -197,6 +197,7 @@ typedef struct { #define SSH_STRICT_HOSTKEY_YES 2 #define SSH_STRICT_HOSTKEY_ASK 3 @@ -771,17 +689,17 @@ Index: openssh-7.9p1/readconf.h void fill_default_options_for_canonicalization(Options *); Index: openssh-7.9p1/servconf.c =================================================================== ---- openssh-7.9p1.orig/servconf.c -+++ openssh-7.9p1/servconf.c -@@ -65,6 +65,7 @@ +--- openssh-7.9p1.orig/servconf.c 2019-02-28 17:20:15.851165117 +0100 ++++ openssh-7.9p1/servconf.c 2019-02-28 17:20:15.923165569 +0100 +@@ -64,6 +64,7 @@ + #include "auth.h" #include "myproposal.h" #include "digest.h" - #include "dh.h" +#include "fips.h" - /* import from dh.c */ - extern int dh_grp_min; -@@ -195,6 +196,23 @@ option_clear_or_none(const char *o) + static void add_listen_addr(ServerOptions *, const char *, + const char *, int); +@@ -190,6 +191,23 @@ option_clear_or_none(const char *o) return o == NULL || strcasecmp(o, "none") == 0; } @@ -805,7 +723,7 @@ Index: openssh-7.9p1/servconf.c static void assemble_algorithms(ServerOptions *o) { -@@ -224,6 +242,8 @@ assemble_algorithms(ServerOptions *o) +@@ -219,6 +237,8 @@ assemble_algorithms(ServerOptions *o) free(all_kex); free(all_key); free(all_sig); @@ -814,19 +732,7 @@ Index: openssh-7.9p1/servconf.c } static void -@@ -273,9 +293,9 @@ fill_default_server_options(ServerOption - options->use_pam_check_locks = 0; - - if (options->kex_dhmin == -1) -- options->kex_dhmin = DH_GRP_MIN; -+ options->kex_dhmin = fips_dh_grp_min(); - else { -- options->kex_dhmin = MAXIMUM(options->kex_dhmin, DH_GRP_MIN_RFC); -+ options->kex_dhmin = MAXIMUM(options->kex_dhmin, fips_dh_grp_min()); - options->kex_dhmin = MINIMUM(options->kex_dhmin, DH_GRP_MAX); - } - dh_grp_min = options->kex_dhmin; -@@ -423,6 +443,8 @@ fill_default_server_options(ServerOption +@@ -410,6 +430,8 @@ fill_default_server_options(ServerOption options->fwd_opts.streamlocal_bind_unlink = 0; if (options->fingerprint_hash == -1) options->fingerprint_hash = SSH_FP_HASH_DEFAULT; @@ -837,8 +743,8 @@ Index: openssh-7.9p1/servconf.c if (options->expose_userauth_info == -1) Index: openssh-7.9p1/ssh-keygen.c =================================================================== ---- openssh-7.9p1.orig/ssh-keygen.c -+++ openssh-7.9p1/ssh-keygen.c +--- openssh-7.9p1.orig/ssh-keygen.c 2018-10-17 02:01:20.000000000 +0200 ++++ openssh-7.9p1/ssh-keygen.c 2019-02-28 17:20:15.923165569 +0100 @@ -61,6 +61,8 @@ #include "utf8.h" #include "authfd.h" @@ -913,8 +819,8 @@ Index: openssh-7.9p1/ssh-keygen.c if (!quiet) Index: openssh-7.9p1/ssh_config.0 =================================================================== ---- openssh-7.9p1.orig/ssh_config.0 -+++ openssh-7.9p1/ssh_config.0 +--- openssh-7.9p1.orig/ssh_config.0 2018-10-19 03:06:19.000000000 +0200 ++++ openssh-7.9p1/ssh_config.0 2019-02-28 17:20:15.923165569 +0100 @@ -353,6 +353,9 @@ DESCRIPTION Specifies the hash algorithm used when displaying key fingerprints. Valid options are: md5 and sha256 (the default). @@ -925,9 +831,9 @@ Index: openssh-7.9p1/ssh_config.0 ForwardAgent Specifies whether the connection to the authentication agent (if any) will be forwarded to the remote machine. The argument must -@@ -627,6 +630,9 @@ DESCRIPTION - resort and all efforts should be made to fix the (broken) - counterparty. +@@ -610,6 +613,9 @@ DESCRIPTION + The list of available key exchange algorithms may also be + obtained using "ssh -Q kex". + In the FIPS mode the FIPS standard takes precedence over RFC and + forces the minimum to a higher value, currently 2048 bits. @@ -937,8 +843,8 @@ Index: openssh-7.9p1/ssh_config.0 successfully connecting to the server. The command string Index: openssh-7.9p1/ssh_config.5 =================================================================== ---- openssh-7.9p1.orig/ssh_config.5 -+++ openssh-7.9p1/ssh_config.5 +--- openssh-7.9p1.orig/ssh_config.5 2018-10-17 02:01:20.000000000 +0200 ++++ openssh-7.9p1/ssh_config.5 2019-02-28 17:20:15.923165569 +0100 @@ -642,6 +642,8 @@ Valid options are: and .Cm sha256 @@ -948,20 +854,10 @@ Index: openssh-7.9p1/ssh_config.5 .It Cm ForwardAgent Specifies whether the connection to the authentication agent (if any) will be forwarded to the remote machine. -@@ -1063,6 +1065,9 @@ maximum backward compatibility, using it - security and thus should be viewed as a temporary fix of last - resort and all efforts should be made to fix the (broken) - counterparty. -+.Pp -+In the FIPS mode the FIPS standard takes precedence over RFC and -+forces the minimum to a higher value, currently 2048 bits. - .It Cm LocalCommand - Specifies a command to execute on the local machine after successfully - connecting to the server. Index: openssh-7.9p1/sshd.c =================================================================== ---- openssh-7.9p1.orig/sshd.c -+++ openssh-7.9p1/sshd.c +--- openssh-7.9p1.orig/sshd.c 2018-10-17 02:01:20.000000000 +0200 ++++ openssh-7.9p1/sshd.c 2019-02-28 20:18:30.534473204 +0100 @@ -123,6 +123,8 @@ #include "version.h" #include "ssherr.h" @@ -973,8 +869,8 @@ Index: openssh-7.9p1/sshd.c #define REEXEC_STARTUP_PIPE_FD (STDERR_FILENO + 2) Index: openssh-7.9p1/sshd_config.0 =================================================================== ---- openssh-7.9p1.orig/sshd_config.0 -+++ openssh-7.9p1/sshd_config.0 +--- openssh-7.9p1.orig/sshd_config.0 2019-02-28 17:20:15.851165117 +0100 ++++ openssh-7.9p1/sshd_config.0 2019-02-28 17:20:15.927165594 +0100 @@ -348,6 +348,9 @@ DESCRIPTION Specifies the hash algorithm used when logging key fingerprints. Valid options are: md5 and sha256. The default is sha256. @@ -985,9 +881,9 @@ Index: openssh-7.9p1/sshd_config.0 ForceCommand Forces the execution of the command specified by ForceCommand, ignoring any command supplied by the client and ~/.ssh/rc if -@@ -572,6 +575,9 @@ DESCRIPTION - resort and all efforts should be made to fix the (broken) - counterparty. +@@ -555,6 +558,9 @@ DESCRIPTION + The list of available key exchange algorithms may also be + obtained using "ssh -Q kex". + In the FIPS mode the FIPS standard takes precedence over RFC and + forces the minimum to a higher value, currently 2048 bits. @@ -997,8 +893,8 @@ Index: openssh-7.9p1/sshd_config.0 following forms may be used: Index: openssh-7.9p1/sshd_config.5 =================================================================== ---- openssh-7.9p1.orig/sshd_config.5 -+++ openssh-7.9p1/sshd_config.5 +--- openssh-7.9p1.orig/sshd_config.5 2019-02-28 17:20:15.851165117 +0100 ++++ openssh-7.9p1/sshd_config.5 2019-02-28 17:20:15.927165594 +0100 @@ -603,6 +603,8 @@ and .Cm sha256 . The default is diff --git a/openssh-7.7p1-fips_checks.patch b/openssh-7.7p1-fips_checks.patch index 9a13bd0..dd5f62b 100644 --- a/openssh-7.7p1-fips_checks.patch +++ b/openssh-7.7p1-fips_checks.patch @@ -14,10 +14,10 @@ # file is not found (or the hash matches), proceed in non-FIPS mode and abort # otherwise. -Index: openssh-7.8p1/fips-check.c +Index: openssh-7.9p1/fips-check.c =================================================================== ---- /dev/null -+++ openssh-7.8p1/fips-check.c +--- /dev/null 1970-01-01 00:00:00.000000000 +0000 ++++ openssh-7.9p1/fips-check.c 2019-02-27 14:03:03.383988170 +0100 @@ -0,0 +1,34 @@ +#include "includes.h" +#include @@ -53,10 +53,10 @@ Index: openssh-7.8p1/fips-check.c + fips_ssh_init(); + return 0; +} -Index: openssh-7.8p1/fips.c +Index: openssh-7.9p1/fips.c =================================================================== ---- openssh-7.8p1.orig/fips.c -+++ openssh-7.8p1/fips.c +--- openssh-7.9p1.orig/fips.c 2019-02-27 14:03:03.323987792 +0100 ++++ openssh-7.9p1/fips.c 2019-02-27 14:03:03.383988170 +0100 @@ -35,33 +35,296 @@ #include "log.h" #include "xmalloc.h" @@ -365,15 +365,10 @@ Index: openssh-7.8p1/fips.c int fips_mode(void) { -@@ -234,4 +497,3 @@ fips_dh_grp_min(void) - } - return dh; - } -- -Index: openssh-7.8p1/fips.h +Index: openssh-7.9p1/fips.h =================================================================== ---- openssh-7.8p1.orig/fips.h -+++ openssh-7.8p1/fips.h +--- openssh-7.9p1.orig/fips.h 2019-02-27 14:03:03.323987792 +0100 ++++ openssh-7.9p1/fips.h 2019-02-27 14:03:03.383988170 +0100 @@ -1,5 +1,5 @@ /* - * Copyright (c) 2012 Petr Cerny. All rights reserved. @@ -410,15 +405,15 @@ Index: openssh-7.8p1/fips.h int fips_mode(void); int fips_correct_dgst(int); int fips_dgst_min(void); -@@ -42,4 +57,3 @@ enum fp_type fips_correct_fp_type(enum +@@ -41,4 +56,3 @@ enum fp_type fips_correct_fp_type(enum int fips_filter_crypto(char **, fips_filters); #endif - -Index: openssh-7.8p1/sftp-server.c +Index: openssh-7.9p1/sftp-server.c =================================================================== ---- openssh-7.8p1.orig/sftp-server.c -+++ openssh-7.8p1/sftp-server.c +--- openssh-7.9p1.orig/sftp-server.c 2018-10-17 02:01:20.000000000 +0200 ++++ openssh-7.9p1/sftp-server.c 2019-02-27 14:03:03.383988170 +0100 @@ -51,6 +51,8 @@ #include "sftp.h" #include "sftp-common.h" @@ -438,10 +433,10 @@ Index: openssh-7.8p1/sftp-server.c ssh_malloc_init(); /* must be called before any mallocs */ __progname = ssh_get_progname(argv[0]); log_init(__progname, log_level, log_facility, log_stderr); -Index: openssh-7.8p1/ssh.c +Index: openssh-7.9p1/ssh.c =================================================================== ---- openssh-7.8p1.orig/ssh.c -+++ openssh-7.8p1/ssh.c +--- openssh-7.9p1.orig/ssh.c 2018-10-17 02:01:20.000000000 +0200 ++++ openssh-7.9p1/ssh.c 2019-02-27 14:03:03.387988194 +0100 @@ -113,6 +113,8 @@ #include "ssh-pkcs11.h" #endif @@ -462,11 +457,11 @@ Index: openssh-7.8p1/ssh.c ssh_malloc_init(); /* must be called before any mallocs */ /* Ensure that fds 0, 1 and 2 are open or directed to /dev/null */ sanitise_stdfd(); -Index: openssh-7.8p1/sshd.c +Index: openssh-7.9p1/sshd.c =================================================================== ---- openssh-7.8p1.orig/sshd.c -+++ openssh-7.8p1/sshd.c -@@ -1486,6 +1486,10 @@ main(int ac, char **av) +--- openssh-7.9p1.orig/sshd.c 2019-02-27 14:03:03.327987816 +0100 ++++ openssh-7.9p1/sshd.c 2019-02-27 14:03:03.387988194 +0100 +@@ -1485,6 +1485,10 @@ main(int ac, char **av) Authctxt *authctxt; struct connection_info *connection_info = NULL; diff --git a/openssh-7.7p1-gssapi_key_exchange.patch b/openssh-7.7p1-gssapi_key_exchange.patch index 304bbe2..02cc099 100644 --- a/openssh-7.7p1-gssapi_key_exchange.patch +++ b/openssh-7.7p1-gssapi_key_exchange.patch @@ -3,8 +3,8 @@ Index: openssh-7.9p1/Makefile.in =================================================================== ---- openssh-7.9p1.orig/Makefile.in -+++ openssh-7.9p1/Makefile.in +--- openssh-7.9p1.orig/Makefile.in 2019-02-27 15:43:51.360515721 +0100 ++++ openssh-7.9p1/Makefile.in 2019-02-27 15:43:55.360539487 +0100 @@ -104,10 +104,13 @@ LIBSSH_OBJS=${LIBOPENSSH_OBJS} \ kex.o kexdh.o kexgex.o kexecdh.o kexc25519.o \ kexdhc.o kexgexc.o kexecdhc.o kexc25519c.o \ @@ -30,8 +30,8 @@ Index: openssh-7.9p1/Makefile.in sandbox-null.o sandbox-rlimit.o sandbox-systrace.o sandbox-darwin.o \ Index: openssh-7.9p1/auth-krb5.c =================================================================== ---- openssh-7.9p1.orig/auth-krb5.c -+++ openssh-7.9p1/auth-krb5.c +--- openssh-7.9p1.orig/auth-krb5.c 2018-10-17 02:01:20.000000000 +0200 ++++ openssh-7.9p1/auth-krb5.c 2019-02-27 15:43:51.428516125 +0100 @@ -182,8 +182,13 @@ auth_krb5_password(Authctxt *authctxt, c len = strlen(authctxt->krb5_ticket_file) + 6; @@ -76,8 +76,8 @@ Index: openssh-7.9p1/auth-krb5.c } Index: openssh-7.9p1/auth.c =================================================================== ---- openssh-7.9p1.orig/auth.c -+++ openssh-7.9p1/auth.c +--- openssh-7.9p1.orig/auth.c 2019-02-27 15:43:51.228514936 +0100 ++++ openssh-7.9p1/auth.c 2019-02-27 15:43:55.360539487 +0100 @@ -399,6 +399,7 @@ auth_root_allowed(struct ssh *ssh, const case PERMIT_NO_PASSWD: if (strcmp(method, "publickey") == 0 || @@ -88,8 +88,8 @@ Index: openssh-7.9p1/auth.c break; Index: openssh-7.9p1/auth2-gss.c =================================================================== ---- openssh-7.9p1.orig/auth2-gss.c -+++ openssh-7.9p1/auth2-gss.c +--- openssh-7.9p1.orig/auth2-gss.c 2018-10-17 02:01:20.000000000 +0200 ++++ openssh-7.9p1/auth2-gss.c 2019-02-27 15:43:51.428516125 +0100 @@ -31,6 +31,7 @@ #include @@ -143,7 +143,7 @@ Index: openssh-7.9p1/auth2-gss.c * We only support those mechanisms that we know about (ie ones that we know * how to check local user kuserok and the like) */ -@@ -260,7 +302,8 @@ input_gssapi_exchange_complete(int type, +@@ -260,7 +299,8 @@ input_gssapi_exchange_complete(int type, if ((r = sshpkt_get_end(ssh)) != 0) fatal("%s: %s", __func__, ssh_err(r)); @@ -153,7 +153,7 @@ Index: openssh-7.9p1/auth2-gss.c if ((!use_privsep || mm_is_monitor()) && (displayname = ssh_gssapi_displayname()) != NULL) -@@ -306,7 +349,8 @@ input_gssapi_mic(int type, u_int32_t ple +@@ -306,7 +346,8 @@ input_gssapi_mic(int type, u_int32_t ple gssbuf.length = sshbuf_len(b); if (!GSS_ERROR(PRIVSEP(ssh_gssapi_checkmic(gssctxt, &gssbuf, &mic)))) @@ -163,7 +163,7 @@ Index: openssh-7.9p1/auth2-gss.c else logit("GSSAPI MIC check failed"); -@@ -326,6 +370,12 @@ input_gssapi_mic(int type, u_int32_t ple +@@ -326,6 +367,12 @@ input_gssapi_mic(int type, u_int32_t ple return 0; } @@ -178,8 +178,8 @@ Index: openssh-7.9p1/auth2-gss.c userauth_gssapi, Index: openssh-7.9p1/auth2.c =================================================================== ---- openssh-7.9p1.orig/auth2.c -+++ openssh-7.9p1/auth2.c +--- openssh-7.9p1.orig/auth2.c 2018-10-17 02:01:20.000000000 +0200 ++++ openssh-7.9p1/auth2.c 2019-02-27 15:43:55.360539487 +0100 @@ -74,6 +74,7 @@ extern Authmethod method_passwd; extern Authmethod method_kbdint; extern Authmethod method_hostbased; @@ -198,8 +198,8 @@ Index: openssh-7.9p1/auth2.c &method_passwd, Index: openssh-7.9p1/clientloop.c =================================================================== ---- openssh-7.9p1.orig/clientloop.c -+++ openssh-7.9p1/clientloop.c +--- openssh-7.9p1.orig/clientloop.c 2018-10-17 02:01:20.000000000 +0200 ++++ openssh-7.9p1/clientloop.c 2019-02-27 15:43:51.428516125 +0100 @@ -112,6 +112,10 @@ #include "ssherr.h" #include "hostfile.h" @@ -233,8 +233,8 @@ Index: openssh-7.9p1/clientloop.c Index: openssh-7.9p1/configure.ac =================================================================== ---- openssh-7.9p1.orig/configure.ac -+++ openssh-7.9p1/configure.ac +--- openssh-7.9p1.orig/configure.ac 2019-02-27 15:43:51.412516029 +0100 ++++ openssh-7.9p1/configure.ac 2019-02-27 15:43:55.192538489 +0100 @@ -664,6 +664,30 @@ main() { if (NSVersionOfRunTimeLibrary(" [Use tunnel device compatibility to OpenBSD]) AC_DEFINE([SSH_TUN_PREPEND_AF], [1], @@ -308,8 +308,8 @@ Index: openssh-7.9p1/configure.ac if test "X$maildir" != "X"; then Index: openssh-7.9p1/gss-genr.c =================================================================== ---- openssh-7.9p1.orig/gss-genr.c -+++ openssh-7.9p1/gss-genr.c +--- openssh-7.9p1.orig/gss-genr.c 2018-10-17 02:01:20.000000000 +0200 ++++ openssh-7.9p1/gss-genr.c 2019-02-27 15:43:54.528534543 +0100 @@ -41,12 +41,174 @@ #include "sshbuf.h" #include "log.h" @@ -485,7 +485,7 @@ Index: openssh-7.9p1/gss-genr.c /* sshbuf_get for gss_buffer_desc */ int ssh_gssapi_get_buffer_desc(struct sshbuf *b, gss_buffer_desc *g) -@@ -218,7 +381,7 @@ ssh_gssapi_init_ctx(Gssctxt *ctx, int de +@@ -218,7 +380,7 @@ ssh_gssapi_init_ctx(Gssctxt *ctx, int de } ctx->major = gss_init_sec_context(&ctx->minor, @@ -494,7 +494,7 @@ Index: openssh-7.9p1/gss-genr.c GSS_C_MUTUAL_FLAG | GSS_C_INTEG_FLAG | deleg_flag, 0, NULL, recv_tok, NULL, send_tok, flags, NULL); -@@ -248,8 +411,42 @@ ssh_gssapi_import_name(Gssctxt *ctx, con +@@ -248,8 +410,42 @@ ssh_gssapi_import_name(Gssctxt *ctx, con } OM_uint32 @@ -537,7 +537,7 @@ Index: openssh-7.9p1/gss-genr.c if ((ctx->major = gss_get_mic(&ctx->minor, ctx->context, GSS_C_QOP_DEFAULT, buffer, hash))) ssh_gssapi_error(ctx); -@@ -257,6 +454,19 @@ ssh_gssapi_sign(Gssctxt *ctx, gss_buffer +@@ -257,6 +453,19 @@ ssh_gssapi_sign(Gssctxt *ctx, gss_buffer return (ctx->major); } @@ -557,7 +557,7 @@ Index: openssh-7.9p1/gss-genr.c void ssh_gssapi_buildmic(struct sshbuf *b, const char *user, const char *service, const char *context) -@@ -273,22 +483,31 @@ ssh_gssapi_buildmic(struct sshbuf *b, co +@@ -273,22 +482,31 @@ ssh_gssapi_buildmic(struct sshbuf *b, co } int @@ -592,7 +592,7 @@ Index: openssh-7.9p1/gss-genr.c NULL); gss_release_buffer(&minor, &token); if ((*ctx)->context != GSS_C_NO_CONTEXT) -@@ -296,10 +515,66 @@ ssh_gssapi_check_mechanism(Gssctxt **ctx +@@ -296,10 +514,66 @@ ssh_gssapi_check_mechanism(Gssctxt **ctx GSS_C_NO_BUFFER); } @@ -662,8 +662,8 @@ Index: openssh-7.9p1/gss-genr.c #endif /* GSSAPI */ Index: openssh-7.9p1/gss-serv-krb5.c =================================================================== ---- openssh-7.9p1.orig/gss-serv-krb5.c -+++ openssh-7.9p1/gss-serv-krb5.c +--- openssh-7.9p1.orig/gss-serv-krb5.c 2018-10-17 02:01:20.000000000 +0200 ++++ openssh-7.9p1/gss-serv-krb5.c 2019-02-27 15:43:51.432516148 +0100 @@ -120,7 +120,7 @@ ssh_gssapi_krb5_storecreds(ssh_gssapi_cl krb5_error_code problem; krb5_principal princ; @@ -701,7 +701,7 @@ Index: openssh-7.9p1/gss-serv-krb5.c #ifdef USE_PAM if (options.use_pam) -@@ -193,9 +208,76 @@ ssh_gssapi_krb5_storecreds(ssh_gssapi_cl +@@ -193,9 +205,76 @@ ssh_gssapi_krb5_storecreds(ssh_gssapi_cl krb5_cc_close(krb_context, ccache); @@ -778,7 +778,7 @@ Index: openssh-7.9p1/gss-serv-krb5.c ssh_gssapi_mech gssapi_kerberos_mech = { "toWM5Slw5Ew8Mqkay+al2g==", "Kerberos", -@@ -203,7 +285,8 @@ ssh_gssapi_mech gssapi_kerberos_mech = { +@@ -203,7 +282,8 @@ ssh_gssapi_mech gssapi_kerberos_mech = { NULL, &ssh_gssapi_krb5_userok, NULL, @@ -790,8 +790,8 @@ Index: openssh-7.9p1/gss-serv-krb5.c #endif /* KRB5 */ Index: openssh-7.9p1/gss-serv.c =================================================================== ---- openssh-7.9p1.orig/gss-serv.c -+++ openssh-7.9p1/gss-serv.c +--- openssh-7.9p1.orig/gss-serv.c 2018-10-17 02:01:20.000000000 +0200 ++++ openssh-7.9p1/gss-serv.c 2019-02-27 15:43:51.432516148 +0100 @@ -44,17 +44,19 @@ #include "session.h" #include "misc.h" @@ -1075,8 +1075,8 @@ Index: openssh-7.9p1/gss-serv.c /* Privileged */ Index: openssh-7.9p1/kex.c =================================================================== ---- openssh-7.9p1.orig/kex.c -+++ openssh-7.9p1/kex.c +--- openssh-7.9p1.orig/kex.c 2019-02-27 15:43:51.296515340 +0100 ++++ openssh-7.9p1/kex.c 2019-02-27 15:43:55.360539487 +0100 @@ -56,6 +56,10 @@ #include "fips.h" @@ -1126,8 +1126,8 @@ Index: openssh-7.9p1/kex.c } Index: openssh-7.9p1/kex.h =================================================================== ---- openssh-7.9p1.orig/kex.h -+++ openssh-7.9p1/kex.h +--- openssh-7.9p1.orig/kex.h 2018-10-17 02:01:20.000000000 +0200 ++++ openssh-7.9p1/kex.h 2019-02-27 15:43:55.360539487 +0100 @@ -100,6 +100,11 @@ enum kex_exchange { KEX_DH_GEX_SHA256, KEX_ECDH_SHA2, @@ -1166,8 +1166,8 @@ Index: openssh-7.9p1/kex.h const u_char *, size_t, const u_char *, size_t, const u_char *, size_t, Index: openssh-7.9p1/kexgssc.c =================================================================== ---- /dev/null -+++ openssh-7.9p1/kexgssc.c +--- /dev/null 1970-01-01 00:00:00.000000000 +0000 ++++ openssh-7.9p1/kexgssc.c 2019-02-27 15:44:14.792654941 +0100 @@ -0,0 +1,346 @@ +/* + * Copyright (c) 2001-2009 Simon Wilkinson. All rights reserved. @@ -1240,7 +1240,7 @@ Index: openssh-7.9p1/kexgssc.c + char *lang; + int type = 0; + int first = 1; -+ int nbits = 0, min = fips_dh_grp_min(), max = DH_GRP_MAX; ++ int nbits = 0, min = DH_GRP_MIN, max = DH_GRP_MAX; + u_char hash[SSH_DIGEST_MAX_LENGTH]; + size_t hashlen; + @@ -1517,9 +1517,9 @@ Index: openssh-7.9p1/kexgssc.c +#endif /* GSSAPI */ Index: openssh-7.9p1/kexgsss.c =================================================================== ---- /dev/null -+++ openssh-7.9p1/kexgsss.c -@@ -0,0 +1,308 @@ +--- /dev/null 1970-01-01 00:00:00.000000000 +0000 ++++ openssh-7.9p1/kexgsss.c 2019-02-27 15:43:51.432516148 +0100 +@@ -0,0 +1,302 @@ +/* + * Copyright (c) 2001-2009 Simon Wilkinson. All rights reserved. + * @@ -1636,16 +1636,10 @@ Index: openssh-7.9p1/kexgsss.c + cmin = packet_get_int(); + nbits = packet_get_int(); + cmax = packet_get_int(); -+ min = MAX(fips_dh_grp_min(), cmin); ++ min = MAX(DH_GRP_MIN, cmin); + max = MIN(DH_GRP_MAX, cmax); + packet_check_eom(); + if (max < min || nbits < min || max < nbits) { -+ if (nbits < min && nbits >= DH_GRP_MIN_RFC) -+ logit("DH parameter requested by the client (%d bits) " -+ "is considered insecure. " -+ "You can lower the accepted minimum " -+ "via the KexDHMin option.", -+ nbits); + fatal("GSS_GEX, bad parameters: %d !< %d !< %d", + min, nbits, max); + } @@ -1830,8 +1824,8 @@ Index: openssh-7.9p1/kexgsss.c +#endif /* GSSAPI */ Index: openssh-7.9p1/monitor.c =================================================================== ---- openssh-7.9p1.orig/monitor.c -+++ openssh-7.9p1/monitor.c +--- openssh-7.9p1.orig/monitor.c 2018-10-17 02:01:20.000000000 +0200 ++++ openssh-7.9p1/monitor.c 2019-02-27 15:43:55.360539487 +0100 @@ -145,6 +145,8 @@ int mm_answer_gss_setup_ctx(int, struct int mm_answer_gss_accept_ctx(int, struct sshbuf *); int mm_answer_gss_userok(int, struct sshbuf *); @@ -2045,8 +2039,8 @@ Index: openssh-7.9p1/monitor.c +#endif /* GSSAPI */ Index: openssh-7.9p1/monitor.h =================================================================== ---- openssh-7.9p1.orig/monitor.h -+++ openssh-7.9p1/monitor.h +--- openssh-7.9p1.orig/monitor.h 2018-10-17 02:01:20.000000000 +0200 ++++ openssh-7.9p1/monitor.h 2019-02-27 15:43:55.360539487 +0100 @@ -63,6 +63,9 @@ enum monitor_reqtype { MONITOR_REQ_PAM_FREE_CTX = 110, MONITOR_ANS_PAM_FREE_CTX = 111, MONITOR_REQ_AUDIT_EVENT = 112, MONITOR_REQ_AUDIT_COMMAND = 113, @@ -2059,8 +2053,8 @@ Index: openssh-7.9p1/monitor.h struct monitor { Index: openssh-7.9p1/monitor_wrap.c =================================================================== ---- openssh-7.9p1.orig/monitor_wrap.c -+++ openssh-7.9p1/monitor_wrap.c +--- openssh-7.9p1.orig/monitor_wrap.c 2018-10-17 02:01:20.000000000 +0200 ++++ openssh-7.9p1/monitor_wrap.c 2019-02-27 15:43:55.360539487 +0100 @@ -984,7 +984,7 @@ mm_ssh_gssapi_checkmic(Gssctxt *ctx, gss } @@ -2125,8 +2119,8 @@ Index: openssh-7.9p1/monitor_wrap.c #endif /* GSSAPI */ Index: openssh-7.9p1/monitor_wrap.h =================================================================== ---- openssh-7.9p1.orig/monitor_wrap.h -+++ openssh-7.9p1/monitor_wrap.h +--- openssh-7.9p1.orig/monitor_wrap.h 2018-10-17 02:01:20.000000000 +0200 ++++ openssh-7.9p1/monitor_wrap.h 2019-02-27 15:43:55.360539487 +0100 @@ -60,8 +60,10 @@ int mm_sshkey_verify(const struct sshkey OM_uint32 mm_ssh_gssapi_server_ctx(Gssctxt **, gss_OID); OM_uint32 mm_ssh_gssapi_accept_ctx(Gssctxt *, @@ -2141,8 +2135,8 @@ Index: openssh-7.9p1/monitor_wrap.h #ifdef USE_PAM Index: openssh-7.9p1/readconf.c =================================================================== ---- openssh-7.9p1.orig/readconf.c -+++ openssh-7.9p1/readconf.c +--- openssh-7.9p1.orig/readconf.c 2019-02-27 15:43:51.296515340 +0100 ++++ openssh-7.9p1/readconf.c 2019-02-27 15:43:51.432516148 +0100 @@ -163,6 +163,8 @@ typedef enum { oClearAllForwardings, oNoHostAuthenticationForLocalhost, oEnableSSHKeysign, oRekeyLimit, oVerifyHostKeyDNS, oConnectTimeout, @@ -2173,7 +2167,7 @@ Index: openssh-7.9p1/readconf.c #endif #ifdef ENABLE_PKCS11 { "smartcarddevice", oPKCS11Provider }, -@@ -980,10 +992,30 @@ parse_time: +@@ -976,10 +988,30 @@ parse_time: intptr = &options->gss_authentication; goto parse_flag; @@ -2204,7 +2198,7 @@ Index: openssh-7.9p1/readconf.c case oBatchMode: intptr = &options->batch_mode; goto parse_flag; -@@ -1869,7 +1901,12 @@ initialize_options(Options * options) +@@ -1861,7 +1893,12 @@ initialize_options(Options * options) options->pubkey_authentication = -1; options->challenge_response_authentication = -1; options->gss_authentication = -1; @@ -2217,7 +2211,7 @@ Index: openssh-7.9p1/readconf.c options->password_authentication = -1; options->kbd_interactive_authentication = -1; options->kbd_interactive_devices = NULL; -@@ -2016,8 +2053,14 @@ fill_default_options(Options * options) +@@ -2007,8 +2044,14 @@ fill_default_options(Options * options) options->challenge_response_authentication = 1; if (options->gss_authentication == -1) options->gss_authentication = 0; @@ -2234,8 +2228,8 @@ Index: openssh-7.9p1/readconf.c if (options->kbd_interactive_authentication == -1) Index: openssh-7.9p1/readconf.h =================================================================== ---- openssh-7.9p1.orig/readconf.h -+++ openssh-7.9p1/readconf.h +--- openssh-7.9p1.orig/readconf.h 2019-02-27 15:43:51.296515340 +0100 ++++ openssh-7.9p1/readconf.h 2019-02-27 15:43:51.432516148 +0100 @@ -40,7 +40,12 @@ typedef struct { int challenge_response_authentication; /* Try S/Key or TIS, authentication. */ @@ -2251,8 +2245,8 @@ Index: openssh-7.9p1/readconf.h int kbd_interactive_authentication; /* Try keyboard-interactive auth. */ Index: openssh-7.9p1/regress/cert-hostkey.sh =================================================================== ---- openssh-7.9p1.orig/regress/cert-hostkey.sh -+++ openssh-7.9p1/regress/cert-hostkey.sh +--- openssh-7.9p1.orig/regress/cert-hostkey.sh 2018-10-17 02:01:20.000000000 +0200 ++++ openssh-7.9p1/regress/cert-hostkey.sh 2019-02-27 15:43:51.432516148 +0100 @@ -66,7 +66,7 @@ touch $OBJ/host_revoked_plain touch $OBJ/host_revoked_cert cat $OBJ/host_ca_key.pub $OBJ/host_ca_key2.pub > $OBJ/host_revoked_ca @@ -2264,8 +2258,8 @@ Index: openssh-7.9p1/regress/cert-hostkey.sh PLAIN_TYPES="$PLAIN_TYPES rsa-sha2-256 rsa-sha2-512" Index: openssh-7.9p1/regress/cert-userkey.sh =================================================================== ---- openssh-7.9p1.orig/regress/cert-userkey.sh -+++ openssh-7.9p1/regress/cert-userkey.sh +--- openssh-7.9p1.orig/regress/cert-userkey.sh 2018-10-17 02:01:20.000000000 +0200 ++++ openssh-7.9p1/regress/cert-userkey.sh 2019-02-27 15:43:51.432516148 +0100 @@ -7,7 +7,7 @@ rm -f $OBJ/authorized_keys_$USER $OBJ/us cp $OBJ/sshd_proxy $OBJ/sshd_proxy_bak cp $OBJ/ssh_proxy $OBJ/ssh_proxy_bak @@ -2277,8 +2271,8 @@ Index: openssh-7.9p1/regress/cert-userkey.sh if echo "$PLAIN_TYPES" | grep '^rsa$' >/dev/null 2>&1 ; then Index: openssh-7.9p1/regress/kextype.sh =================================================================== ---- openssh-7.9p1.orig/regress/kextype.sh -+++ openssh-7.9p1/regress/kextype.sh +--- openssh-7.9p1.orig/regress/kextype.sh 2018-10-17 02:01:20.000000000 +0200 ++++ openssh-7.9p1/regress/kextype.sh 2019-02-27 15:43:51.432516148 +0100 @@ -14,6 +14,9 @@ echo "KexAlgorithms=$KEXOPT" >> $OBJ/ssh tries="1 2 3 4" @@ -2291,8 +2285,8 @@ Index: openssh-7.9p1/regress/kextype.sh ${SSH} -F $OBJ/ssh_proxy -o KexAlgorithms=$k x true Index: openssh-7.9p1/regress/rekey.sh =================================================================== ---- openssh-7.9p1.orig/regress/rekey.sh -+++ openssh-7.9p1/regress/rekey.sh +--- openssh-7.9p1.orig/regress/rekey.sh 2018-10-17 02:01:20.000000000 +0200 ++++ openssh-7.9p1/regress/rekey.sh 2019-02-27 15:43:51.436516173 +0100 @@ -38,6 +38,9 @@ increase_datafile_size 300 opts="" @@ -2315,9 +2309,9 @@ Index: openssh-7.9p1/regress/rekey.sh done Index: openssh-7.9p1/servconf.c =================================================================== ---- openssh-7.9p1.orig/servconf.c -+++ openssh-7.9p1/servconf.c -@@ -130,8 +130,10 @@ initialize_server_options(ServerOptions +--- openssh-7.9p1.orig/servconf.c 2019-02-27 15:43:51.296515340 +0100 ++++ openssh-7.9p1/servconf.c 2019-02-27 15:43:51.436516173 +0100 +@@ -126,8 +126,10 @@ initialize_server_options(ServerOptions options->kerberos_ticket_cleanup = -1; options->kerberos_get_afs_token = -1; options->gss_authentication=-1; @@ -2328,7 +2322,7 @@ Index: openssh-7.9p1/servconf.c options->password_authentication = -1; options->kbd_interactive_authentication = -1; options->challenge_response_authentication = -1; -@@ -373,10 +375,14 @@ fill_default_server_options(ServerOption +@@ -360,10 +362,14 @@ fill_default_server_options(ServerOption options->kerberos_get_afs_token = 0; if (options->gss_authentication == -1) options->gss_authentication = 0; @@ -2343,7 +2337,7 @@ Index: openssh-7.9p1/servconf.c if (options->password_authentication == -1) options->password_authentication = 1; if (options->kbd_interactive_authentication == -1) -@@ -523,6 +529,7 @@ typedef enum { +@@ -510,6 +516,7 @@ typedef enum { sHostKeyAlgorithms, sClientAliveInterval, sClientAliveCountMax, sAuthorizedKeysFile, sGssAuthentication, sGssCleanupCreds, sGssStrictAcceptor, @@ -2351,7 +2345,7 @@ Index: openssh-7.9p1/servconf.c sAcceptEnv, sSetEnv, sPermitTunnel, sMatch, sPermitOpen, sPermitListen, sForceCommand, sChrootDirectory, sUsePrivilegeSeparation, sAllowAgentForwarding, -@@ -600,11 +607,17 @@ static struct { +@@ -587,11 +594,17 @@ static struct { { "gssapiauthentication", sGssAuthentication, SSHCFG_ALL }, { "gssapicleanupcredentials", sGssCleanupCreds, SSHCFG_GLOBAL }, { "gssapistrictacceptorcheck", sGssStrictAcceptor, SSHCFG_GLOBAL }, @@ -2369,7 +2363,7 @@ Index: openssh-7.9p1/servconf.c { "passwordauthentication", sPasswordAuthentication, SSHCFG_ALL }, { "kbdinteractiveauthentication", sKbdInteractiveAuthentication, SSHCFG_ALL }, { "challengeresponseauthentication", sChallengeResponseAuthentication, SSHCFG_GLOBAL }, -@@ -1512,6 +1525,10 @@ process_server_config_line(ServerOptions +@@ -1498,6 +1511,10 @@ process_server_config_line(ServerOptions intptr = &options->gss_authentication; goto parse_flag; @@ -2380,7 +2374,7 @@ Index: openssh-7.9p1/servconf.c case sGssCleanupCreds: intptr = &options->gss_cleanup_creds; goto parse_flag; -@@ -1520,6 +1537,10 @@ process_server_config_line(ServerOptions +@@ -1506,6 +1523,10 @@ process_server_config_line(ServerOptions intptr = &options->gss_strict_acceptor; goto parse_flag; @@ -2391,7 +2385,7 @@ Index: openssh-7.9p1/servconf.c case sPasswordAuthentication: intptr = &options->password_authentication; goto parse_flag; -@@ -2313,6 +2334,10 @@ copy_set_server_options(ServerOptions *d +@@ -2295,6 +2316,10 @@ copy_set_server_options(ServerOptions *d M_CP_INTOPT(password_authentication); M_CP_INTOPT(gss_authentication); @@ -2402,7 +2396,7 @@ Index: openssh-7.9p1/servconf.c M_CP_INTOPT(pubkey_authentication); M_CP_INTOPT(kerberos_authentication); M_CP_INTOPT(hostbased_authentication); -@@ -2609,7 +2634,10 @@ dump_config(ServerOptions *o) +@@ -2590,7 +2615,10 @@ dump_config(ServerOptions *o) #endif #ifdef GSSAPI dump_cfg_fmtint(sGssAuthentication, o->gss_authentication); @@ -2415,8 +2409,8 @@ Index: openssh-7.9p1/servconf.c dump_cfg_fmtint(sKbdInteractiveAuthentication, Index: openssh-7.9p1/servconf.h =================================================================== ---- openssh-7.9p1.orig/servconf.h -+++ openssh-7.9p1/servconf.h +--- openssh-7.9p1.orig/servconf.h 2019-02-27 15:43:51.232514961 +0100 ++++ openssh-7.9p1/servconf.h 2019-02-27 15:43:51.436516173 +0100 @@ -16,6 +16,8 @@ #ifndef SERVCONF_H #define SERVCONF_H @@ -2426,7 +2420,7 @@ Index: openssh-7.9p1/servconf.h #define MAX_PORTS 256 /* Max # ports. */ #define MAX_SUBSYSTEMS 256 /* Max # subsystems. */ -@@ -126,8 +128,10 @@ typedef struct { +@@ -125,8 +127,10 @@ typedef struct { int kerberos_get_afs_token; /* If true, try to get AFS token if * authenticated with Kerberos. */ int gss_authentication; /* If true, permit GSSAPI authentication */ @@ -2439,8 +2433,8 @@ Index: openssh-7.9p1/servconf.h int kbd_interactive_authentication; /* If true, permit */ Index: openssh-7.9p1/ssh-gss.h =================================================================== ---- openssh-7.9p1.orig/ssh-gss.h -+++ openssh-7.9p1/ssh-gss.h +--- openssh-7.9p1.orig/ssh-gss.h 2018-10-17 02:01:20.000000000 +0200 ++++ openssh-7.9p1/ssh-gss.h 2019-02-27 15:43:51.436516173 +0100 @@ -61,10 +61,22 @@ #define SSH_GSS_OIDTYPE 0x06 @@ -2533,9 +2527,9 @@ Index: openssh-7.9p1/ssh-gss.h #endif /* _SSH_GSS_H */ Index: openssh-7.9p1/ssh_config =================================================================== ---- openssh-7.9p1.orig/ssh_config -+++ openssh-7.9p1/ssh_config -@@ -45,6 +45,8 @@ Host * +--- openssh-7.9p1.orig/ssh_config 2019-02-27 15:43:51.172514604 +0100 ++++ openssh-7.9p1/ssh_config 2019-02-27 15:43:51.436516173 +0100 +@@ -40,6 +40,8 @@ Host * # HostbasedAuthentication no # GSSAPIAuthentication no # GSSAPIDelegateCredentials no @@ -2546,8 +2540,8 @@ Index: openssh-7.9p1/ssh_config # AddressFamily any Index: openssh-7.9p1/ssh_config.0 =================================================================== ---- openssh-7.9p1.orig/ssh_config.0 -+++ openssh-7.9p1/ssh_config.0 +--- openssh-7.9p1.orig/ssh_config.0 2019-02-27 15:43:51.300515365 +0100 ++++ openssh-7.9p1/ssh_config.0 2019-02-27 15:43:51.436516173 +0100 @@ -422,9 +422,40 @@ DESCRIPTION Specifies whether user authentication based on GSSAPI is allowed. The default is no. @@ -2591,8 +2585,8 @@ Index: openssh-7.9p1/ssh_config.0 they are added to ~/.ssh/known_hosts. These hashed names may be Index: openssh-7.9p1/ssh_config.5 =================================================================== ---- openssh-7.9p1.orig/ssh_config.5 -+++ openssh-7.9p1/ssh_config.5 +--- openssh-7.9p1.orig/ssh_config.5 2019-02-27 15:43:51.300515365 +0100 ++++ openssh-7.9p1/ssh_config.5 2019-02-27 15:43:51.436516173 +0100 @@ -738,10 +738,40 @@ The default is Specifies whether user authentication based on GSSAPI is allowed. The default is @@ -2636,8 +2630,8 @@ Index: openssh-7.9p1/ssh_config.5 .Xr ssh 1 Index: openssh-7.9p1/sshconnect2.c =================================================================== ---- openssh-7.9p1.orig/sshconnect2.c -+++ openssh-7.9p1/sshconnect2.c +--- openssh-7.9p1.orig/sshconnect2.c 2018-10-17 02:01:20.000000000 +0200 ++++ openssh-7.9p1/sshconnect2.c 2019-02-27 15:43:51.436516173 +0100 @@ -82,6 +82,124 @@ extern char *client_version_string; extern char *server_version_string; extern Options options; @@ -2956,7 +2950,7 @@ Index: openssh-7.9p1/sshconnect2.c #endif /* GSSAPI */ int -@@ -1473,8 +1716,8 @@ key_type_allowed_by_config(struct sshkey +@@ -1473,8 +1713,8 @@ key_type_allowed_by_config(struct sshkey /* * try keys in the following order: @@ -2969,8 +2963,8 @@ Index: openssh-7.9p1/sshconnect2.c * 5. keys that are only listed in the config file Index: openssh-7.9p1/sshd.c =================================================================== ---- openssh-7.9p1.orig/sshd.c -+++ openssh-7.9p1/sshd.c +--- openssh-7.9p1.orig/sshd.c 2019-02-27 15:43:51.412516029 +0100 ++++ openssh-7.9p1/sshd.c 2019-02-27 15:43:55.360539487 +0100 @@ -131,6 +131,10 @@ #include "fips.h" @@ -3204,9 +3198,9 @@ Index: openssh-7.9p1/sshd.c kex->server_version_string=server_version_string; Index: openssh-7.9p1/sshd_config =================================================================== ---- openssh-7.9p1.orig/sshd_config -+++ openssh-7.9p1/sshd_config -@@ -76,6 +76,8 @@ AuthorizedKeysFile .ssh/authorized_keys +--- openssh-7.9p1.orig/sshd_config 2019-02-27 15:43:51.172514604 +0100 ++++ openssh-7.9p1/sshd_config 2019-02-27 15:43:51.436516173 +0100 +@@ -69,6 +69,8 @@ AuthorizedKeysFile .ssh/authorized_keys # GSSAPI options #GSSAPIAuthentication no #GSSAPICleanupCredentials yes @@ -3217,8 +3211,8 @@ Index: openssh-7.9p1/sshd_config # and session processing. If this is enabled, PAM authentication will Index: openssh-7.9p1/sshd_config.5 =================================================================== ---- openssh-7.9p1.orig/sshd_config.5 -+++ openssh-7.9p1/sshd_config.5 +--- openssh-7.9p1.orig/sshd_config.5 2019-02-27 15:43:51.300515365 +0100 ++++ openssh-7.9p1/sshd_config.5 2019-02-27 15:43:51.436516173 +0100 @@ -655,6 +655,11 @@ Specifies whether to automatically destr on logout. The default is @@ -3243,7 +3237,7 @@ Index: openssh-7.9p1/sshd_config.5 .It Cm HostbasedAcceptedKeyTypes Specifies the key types that will be accepted for hostbased authentication as a list of comma-separated patterns. -@@ -1643,16 +1653,16 @@ as a non-root user. +@@ -1627,16 +1637,16 @@ as a non-root user. The default is .Cm no . .It Cm UsePAMCheckLocks @@ -3265,8 +3259,8 @@ Index: openssh-7.9p1/sshd_config.5 Optionally specifies additional text to append to the SSH protocol banner Index: openssh-7.9p1/sshkey.c =================================================================== ---- openssh-7.9p1.orig/sshkey.c -+++ openssh-7.9p1/sshkey.c +--- openssh-7.9p1.orig/sshkey.c 2018-10-17 02:01:20.000000000 +0200 ++++ openssh-7.9p1/sshkey.c 2019-02-27 15:43:55.360539487 +0100 @@ -135,6 +135,7 @@ static const struct keytype keytypes[] = # endif /* OPENSSL_HAS_NISTP521 */ # endif /* OPENSSL_HAS_ECC */ @@ -3277,8 +3271,8 @@ Index: openssh-7.9p1/sshkey.c Index: openssh-7.9p1/sshkey.h =================================================================== ---- openssh-7.9p1.orig/sshkey.h -+++ openssh-7.9p1/sshkey.h +--- openssh-7.9p1.orig/sshkey.h 2018-10-17 02:01:20.000000000 +0200 ++++ openssh-7.9p1/sshkey.h 2019-02-27 15:43:55.360539487 +0100 @@ -64,6 +64,7 @@ enum sshkey_types { KEY_ED25519_CERT, KEY_XMSS, @@ -3289,8 +3283,8 @@ Index: openssh-7.9p1/sshkey.h Index: openssh-7.9p1/sshd_config.0 =================================================================== ---- openssh-7.9p1.orig/sshd_config.0 -+++ openssh-7.9p1/sshd_config.0 +--- openssh-7.9p1.orig/sshd_config.0 2019-02-27 15:43:51.300515365 +0100 ++++ openssh-7.9p1/sshd_config.0 2019-02-27 15:43:51.436516173 +0100 @@ -380,6 +380,12 @@ DESCRIPTION Specifies whether user authentication based on GSSAPI is allowed. The default is no. diff --git a/openssh.changes b/openssh.changes index c5888e4..420fc0a 100644 --- a/openssh.changes +++ b/openssh.changes @@ -1,3 +1,30 @@ +------------------------------------------------------------------- +Thu Feb 28 19:20:58 UTC 2019 - Vítězslav Čížek + +- Correctly filter out non-compliant algorithms when in FIPS mode + (bsc#1126397) + * A hunk was applied to a wrong place due to a patch fuzz when + the fips patch was being ported to openssh 7.9p1 +- update openssh-7.7p1-fips.patch + +------------------------------------------------------------------- +Wed Feb 27 12:29:05 UTC 2019 - Vítězslav Čížek + +- Remove the "KexDHMin" config keyword (bsc#1127180) + It used to allow lowering of the minimal allowed DH group size, + which was increased to 2048 by upstream in the light of the Logjam + attack. + The code was broken since the upgrade to 7.6p1, but nobody noticed. + As apparently no one needs the functionality any more, let's drop + the patch. + It's still possible to use the fixed 1024-bit diffie-hellman-group1-sha1 + key exchange method when working with legacy systems. +- drop openssh-7.7p1-disable_short_DH_parameters.patch +- updated patches: + openssh-7.7p1-fips.patch + openssh-7.7p1-fips_checks.patch + openssh-7.7p1-gssapi_key_exchange.patch + ------------------------------------------------------------------- Mon Feb 18 10:01:45 UTC 2019 - Pedro Monreal Gonzalez diff --git a/openssh.spec b/openssh.spec index 59e28d8..88e3725 100644 --- a/openssh.spec +++ b/openssh.spec @@ -65,7 +65,6 @@ Patch7: openssh-7.7p1-hostname_changes_when_forwarding_X.patch Patch8: openssh-7.7p1-remove_xauth_cookies_on_exit.patch Patch9: openssh-7.7p1-pts_names_formatting.patch Patch10: openssh-7.7p1-pam_check_locks.patch -Patch11: openssh-7.7p1-disable_short_DH_parameters.patch # https://bugzilla.mindrot.org/show_bug.cgi?id=2752 Patch14: openssh-7.7p1-seccomp_stat.patch # https://bugzilla.mindrot.org/show_bug.cgi?id=2752