diff --git a/README.SUSE b/README.SUSE index d52608c..cb1f82b 100644 --- a/README.SUSE +++ b/README.SUSE @@ -5,16 +5,6 @@ There are following changes in default settings of ssh client and server: * PAM authentication is enabled and mostly even required, do not turn it off. -* root authentiation with password is enabled by default (PermitRootLogin yes). - NOTE: this has security implications and is only done in order to not change - behaviour of the server in an update. We strongly suggest setting this option - either "prohibit-password" or even better to "no" (which disables direct - remote root login entirely). - -* SSH protocol version 1 is enabled for maximum compatibility. - NOTE: do not use protocol version 1. It is less secure then v2 and should - generally be phased out. - * DSA authentication is enabled by default for maximum compatibility. NOTE: do not use DSA authentication since it is being phased out for a reason - the size of DSA keys is limited by the standard to 1024 bits which cannot diff --git a/openssh-7.7p1-allow_root_password_login.patch b/openssh-7.7p1-allow_root_password_login.patch deleted file mode 100644 index 13b0ae7..0000000 --- a/openssh-7.7p1-allow_root_password_login.patch +++ /dev/null @@ -1,95 +0,0 @@ -# HG changeset patch -# Parent 3bf0158be93bd08d60a30a320650ea7f9844ef50 -Allow root login with password by default. While less secure than upstream -default of forbidding access to the root account with a password, we are -temporarily introducing this change to keep the default used in older OpenSSH -versions shipped with SLE. - -diff --git a/openssh-7.7p1/servconf.c b/openssh-7.7p1/servconf.c ---- openssh-7.7p1/servconf.c -+++ openssh-7.7p1/servconf.c -@@ -265,17 +265,17 @@ fill_default_server_options(ServerOption - options->address_family = AF_UNSPEC; - if (options->listen_addrs == NULL) - add_listen_addr(options, NULL, NULL, 0); - if (options->pid_file == NULL) - options->pid_file = xstrdup(_PATH_SSH_DAEMON_PID_FILE); - if (options->login_grace_time == -1) - options->login_grace_time = 120; - if (options->permit_root_login == PERMIT_NOT_SET) -- options->permit_root_login = PERMIT_NO_PASSWD; -+ options->permit_root_login = PERMIT_YES; - if (options->ignore_rhosts == -1) - options->ignore_rhosts = 1; - if (options->ignore_user_known_hosts == -1) - options->ignore_user_known_hosts = 0; - if (options->print_motd == -1) - options->print_motd = 1; - if (options->print_lastlog == -1) - options->print_lastlog = 1; -diff --git a/openssh-7.7p1/sshd_config b/openssh-7.7p1/sshd_config ---- openssh-7.7p1/sshd_config -+++ openssh-7.7p1/sshd_config -@@ -24,17 +24,17 @@ - - # Logging - #SyslogFacility AUTH - #LogLevel INFO - - # Authentication: - - #LoginGraceTime 2m --#PermitRootLogin prohibit-password -+#PermitRootLogin yes - #StrictModes yes - #MaxAuthTries 6 - #MaxSessions 10 - - #PubkeyAuthentication yes - - # The default is to check both .ssh/authorized_keys and .ssh/authorized_keys2 - # but this is overridden so installations will only check .ssh/authorized_keys -diff --git a/openssh-7.7p1/sshd_config.0 b/openssh-7.7p1/sshd_config.0 ---- openssh-7.7p1/sshd_config.0 -+++ openssh-7.7p1/sshd_config.0 -@@ -709,17 +709,17 @@ DESCRIPTION - none can be used to prohibit all forwarding requests. The - wildcard M-bM-^@M-^X*M-bM-^@M-^Y can be used for host or port to allow all hosts or - ports, respectively. By default all port forwarding requests are - permitted. - - PermitRootLogin - Specifies whether root can log in using ssh(1). The argument - must be yes, prohibit-password, forced-commands-only, or no. The -- default is prohibit-password. -+ default is yes. - - If this option is set to prohibit-password (or its deprecated - alias, without-password), password and keyboard-interactive - authentication are disabled for root. - - If this option is set to forced-commands-only, root login with - public key authentication will be allowed, but only if the - command option has been specified (which may be useful for taking -diff --git a/openssh-7.7p1/sshd_config.5 b/openssh-7.7p1/sshd_config.5 ---- openssh-7.7p1/sshd_config.5 -+++ openssh-7.7p1/sshd_config.5 -@@ -1220,17 +1220,17 @@ Specifies whether root can log in using - .Xr ssh 1 . - The argument must be - .Cm yes , - .Cm prohibit-password , - .Cm forced-commands-only , - or - .Cm no . - The default is --.Cm prohibit-password . -+.Cm yes . - .Pp - If this option is set to - .Cm prohibit-password - (or its deprecated alias, - .Cm without-password ) , - password and keyboard-interactive authentication are disabled for root. - .Pp - If this option is set to diff --git a/openssh-7.7p1-audit.patch b/openssh-7.7p1-audit.patch index 7acc3eb..506c82d 100644 --- a/openssh-7.7p1-audit.patch +++ b/openssh-7.7p1-audit.patch @@ -3,11 +3,11 @@ Extended auditing through the Linux Auditing subsystem RH patch from git://pkgs.fedoraproject.org/openssh.git -Index: openssh-7.8p1/Makefile.in +Index: openssh-7.9p1/Makefile.in =================================================================== ---- openssh-7.8p1.orig/Makefile.in -+++ openssh-7.8p1/Makefile.in -@@ -110,6 +110,8 @@ LIBSSH_OBJS += fips.o +--- openssh-7.9p1.orig/Makefile.in ++++ openssh-7.9p1/Makefile.in +@@ -111,6 +111,8 @@ LIBSSH_OBJS += fips.o LIBSSH_OBJS += kexgssc.o kexgsss.o @@ -16,10 +16,10 @@ Index: openssh-7.8p1/Makefile.in SSHOBJS= ssh.o readconf.o clientloop.o sshtty.o \ sshconnect.o sshconnect2.o mux.o -Index: openssh-7.8p1/audit-bsm.c +Index: openssh-7.9p1/audit-bsm.c =================================================================== ---- openssh-7.8p1.orig/audit-bsm.c -+++ openssh-7.8p1/audit-bsm.c +--- openssh-7.9p1.orig/audit-bsm.c ++++ openssh-7.9p1/audit-bsm.c @@ -372,10 +372,23 @@ audit_connection_from(const char *host, #endif } @@ -93,11 +93,11 @@ Index: openssh-7.8p1/audit-bsm.c + /* not implemented */ +} #endif /* BSM */ -Index: openssh-7.8p1/audit-linux.c +Index: openssh-7.9p1/audit-linux.c =================================================================== ---- openssh-7.8p1.orig/audit-linux.c -+++ openssh-7.8p1/audit-linux.c -@@ -33,27 +33,40 @@ +--- openssh-7.9p1.orig/audit-linux.c ++++ openssh-7.9p1/audit-linux.c +@@ -33,27 +33,41 @@ #include "log.h" #include "audit.h" @@ -106,6 +106,7 @@ Index: openssh-7.8p1/audit-linux.c +#include "auth.h" +#include "misc.h" /* servconf.h needs misc.h for struct ForwardOptions */ +#include "servconf.h" ++#include "ssherr.h" #include "canohost.h" #include "packet.h" - @@ -146,7 +147,7 @@ Index: openssh-7.8p1/audit-linux.c saved_errno = errno; close(audit_fd); -@@ -65,9 +78,96 @@ linux_audit_record_event(int uid, const +@@ -65,9 +79,96 @@ linux_audit_record_event(int uid, const rc = 0; errno = saved_errno; @@ -244,7 +245,7 @@ Index: openssh-7.8p1/audit-linux.c /* Below is the sshd audit API code */ void -@@ -76,24 +176,55 @@ audit_connection_from(const char *host, +@@ -76,24 +177,55 @@ audit_connection_from(const char *host, /* not implemented */ } @@ -306,7 +307,7 @@ Index: openssh-7.8p1/audit-linux.c } void -@@ -102,25 +233,155 @@ audit_event(ssh_audit_event_t event) +@@ -102,25 +234,155 @@ audit_event(ssh_audit_event_t event) struct ssh *ssh = active_state; /* XXX */ switch(event) { @@ -468,10 +469,10 @@ Index: openssh-7.8p1/audit-linux.c + error("cannot write into audit"); +} #endif /* USE_LINUX_AUDIT */ -Index: openssh-7.8p1/audit.c +Index: openssh-7.9p1/audit.c =================================================================== ---- openssh-7.8p1.orig/audit.c -+++ openssh-7.8p1/audit.c +--- openssh-7.9p1.orig/audit.c ++++ openssh-7.9p1/audit.c @@ -34,13 +34,19 @@ #include "log.h" #include "hostfile.h" @@ -648,10 +649,10 @@ Index: openssh-7.8p1/audit.c } # endif /* !defined CUSTOM_SSH_AUDIT_EVENTS */ #endif /* SSH_AUDIT_EVENTS */ -Index: openssh-7.8p1/audit.h +Index: openssh-7.9p1/audit.h =================================================================== ---- openssh-7.8p1.orig/audit.h -+++ openssh-7.8p1/audit.h +--- openssh-7.9p1.orig/audit.h ++++ openssh-7.9p1/audit.h @@ -26,6 +26,7 @@ # define _SSH_AUDIT_H @@ -694,10 +695,10 @@ Index: openssh-7.8p1/audit.h +void audit_destroy_sensitive_data(const char *, pid_t, uid_t); #endif /* _SSH_AUDIT_H */ -Index: openssh-7.8p1/auditstub.c +Index: openssh-7.9p1/auditstub.c =================================================================== --- /dev/null -+++ openssh-7.8p1/auditstub.c ++++ openssh-7.9p1/auditstub.c @@ -0,0 +1,50 @@ +/* $Id: auditstub.c,v 1.1 jfch Exp $ */ + @@ -749,11 +750,11 @@ Index: openssh-7.8p1/auditstub.c +audit_session_key_free_body(int ctos, pid_t pid, uid_t uid) +{ +} -Index: openssh-7.8p1/auth.c +Index: openssh-7.9p1/auth.c =================================================================== ---- openssh-7.8p1.orig/auth.c -+++ openssh-7.8p1/auth.c -@@ -362,7 +362,7 @@ auth_log(Authctxt *authctxt, int authent +--- openssh-7.9p1.orig/auth.c ++++ openssh-7.9p1/auth.c +@@ -366,7 +366,7 @@ auth_log(Authctxt *authctxt, int authent # endif #endif #ifdef SSH_AUDIT_EVENTS @@ -762,7 +763,7 @@ Index: openssh-7.8p1/auth.c audit_event(audit_classify_auth(method)); #endif } -@@ -601,9 +601,6 @@ getpwnamallow(const char *user) +@@ -605,9 +605,6 @@ getpwnamallow(const char *user) record_failed_login(user, auth_get_canonical_hostname(ssh, options.use_dns), "ssh"); #endif @@ -772,10 +773,10 @@ Index: openssh-7.8p1/auth.c return (NULL); } if (!allowed_user(pw)) -Index: openssh-7.8p1/auth.h +Index: openssh-7.9p1/auth.h =================================================================== ---- openssh-7.8p1.orig/auth.h -+++ openssh-7.8p1/auth.h +--- openssh-7.9p1.orig/auth.h ++++ openssh-7.9p1/auth.h @@ -193,6 +193,8 @@ struct passwd * getpwnamallow(const char char *expand_authorized_keys(const char *, struct passwd *pw); @@ -794,11 +795,11 @@ Index: openssh-7.8p1/auth.h /* Key / cert options linkage to auth layer */ const struct sshauthopt *auth_options(struct ssh *); -Index: openssh-7.8p1/auth2-hostbased.c +Index: openssh-7.9p1/auth2-hostbased.c =================================================================== ---- openssh-7.8p1.orig/auth2-hostbased.c -+++ openssh-7.8p1/auth2-hostbased.c -@@ -141,7 +141,7 @@ userauth_hostbased(struct ssh *ssh) +--- openssh-7.9p1.orig/auth2-hostbased.c ++++ openssh-7.9p1/auth2-hostbased.c +@@ -148,7 +148,7 @@ userauth_hostbased(struct ssh *ssh) /* test for allowed key and correct signature */ authenticated = 0; if (PRIVSEP(hostbased_key_allowed(authctxt->pw, cuser, chost, key)) && @@ -807,7 +808,7 @@ Index: openssh-7.8p1/auth2-hostbased.c sshbuf_ptr(b), sshbuf_len(b), pkalg, ssh->compat)) == 0) authenticated = 1; -@@ -158,6 +158,19 @@ done: +@@ -165,6 +165,19 @@ done: return authenticated; } @@ -827,11 +828,11 @@ Index: openssh-7.8p1/auth2-hostbased.c /* return 1 if given hostkey is allowed */ int hostbased_key_allowed(struct passwd *pw, const char *cuser, char *chost, -Index: openssh-7.8p1/auth2-pubkey.c +Index: openssh-7.9p1/auth2-pubkey.c =================================================================== ---- openssh-7.8p1.orig/auth2-pubkey.c -+++ openssh-7.8p1/auth2-pubkey.c -@@ -187,7 +187,7 @@ userauth_pubkey(struct ssh *ssh) +--- openssh-7.9p1.orig/auth2-pubkey.c ++++ openssh-7.9p1/auth2-pubkey.c +@@ -193,7 +193,7 @@ userauth_pubkey(struct ssh *ssh) /* test for correct signature */ authenticated = 0; if (PRIVSEP(user_key_allowed(ssh, pw, key, 1, &authopts)) && @@ -840,7 +841,7 @@ Index: openssh-7.8p1/auth2-pubkey.c sshbuf_ptr(b), sshbuf_len(b), (ssh->compat & SSH_BUG_SIGTYPE) == 0 ? pkalg : NULL, ssh->compat)) == 0) { -@@ -246,6 +246,19 @@ done: +@@ -252,6 +252,19 @@ done: return authenticated; } @@ -860,7 +861,7 @@ Index: openssh-7.8p1/auth2-pubkey.c static int match_principals_option(const char *principal_list, struct sshkey_cert *cert) { -@@ -767,7 +780,7 @@ user_cert_trusted_ca(struct ssh *ssh, st +@@ -773,7 +786,7 @@ user_cert_trusted_ca(struct ssh *ssh, st found_principal = 1; /* If principals file or command is specified, then require a match */ use_authorized_principals = principals_file != NULL || @@ -869,10 +870,10 @@ Index: openssh-7.8p1/auth2-pubkey.c if (!found_principal && use_authorized_principals) { reason = "Certificate does not contain an authorized principal"; goto fail_reason; -Index: openssh-7.8p1/auth2.c +Index: openssh-7.9p1/auth2.c =================================================================== ---- openssh-7.8p1.orig/auth2.c -+++ openssh-7.8p1/auth2.c +--- openssh-7.9p1.orig/auth2.c ++++ openssh-7.9p1/auth2.c @@ -284,9 +284,6 @@ input_userauth_request(int type, u_int32 } else { /* Invalid user, fake password information */ @@ -883,10 +884,10 @@ Index: openssh-7.8p1/auth2.c } #ifdef USE_PAM if (options.use_pam) -Index: openssh-7.8p1/cipher.c +Index: openssh-7.9p1/cipher.c =================================================================== ---- openssh-7.8p1.orig/cipher.c -+++ openssh-7.8p1/cipher.c +--- openssh-7.9p1.orig/cipher.c ++++ openssh-7.9p1/cipher.c @@ -54,25 +54,6 @@ #include "fips.h" #include "log.h" @@ -922,10 +923,10 @@ Index: openssh-7.8p1/cipher.c return; if ((cc->cipher->flags & CFLAG_CHACHAPOLY) != 0) explicit_bzero(&cc->cp_ctx, sizeof(cc->cp_ctx)); -Index: openssh-7.8p1/cipher.h +Index: openssh-7.9p1/cipher.h =================================================================== ---- openssh-7.8p1.orig/cipher.h -+++ openssh-7.8p1/cipher.h +--- openssh-7.9p1.orig/cipher.h ++++ openssh-7.9p1/cipher.h @@ -45,7 +45,25 @@ #define CIPHER_ENCRYPT 1 #define CIPHER_DECRYPT 0 @@ -953,10 +954,10 @@ Index: openssh-7.8p1/cipher.h struct sshcipher_ctx { int plaintext; int encrypt; -Index: openssh-7.8p1/kex.c +Index: openssh-7.9p1/kex.c =================================================================== ---- openssh-7.8p1.orig/kex.c -+++ openssh-7.8p1/kex.c +--- openssh-7.9p1.orig/kex.c ++++ openssh-7.9p1/kex.c @@ -53,6 +53,7 @@ #include "ssherr.h" #include "sshbuf.h" @@ -1053,10 +1054,10 @@ Index: openssh-7.8p1/kex.c + mac_destroy(&newkeys->mac); + memset(&newkeys->comp, 0, sizeof(newkeys->comp)); +} -Index: openssh-7.8p1/kex.h +Index: openssh-7.9p1/kex.h =================================================================== ---- openssh-7.8p1.orig/kex.h -+++ openssh-7.8p1/kex.h +--- openssh-7.9p1.orig/kex.h ++++ openssh-7.9p1/kex.h @@ -213,6 +213,8 @@ int kexgss_client(struct ssh *); int kexgss_server(struct ssh *); #endif @@ -1066,10 +1067,10 @@ Index: openssh-7.8p1/kex.h int kex_dh_hash(int, const char *, const char *, const u_char *, size_t, const u_char *, size_t, const u_char *, size_t, const BIGNUM *, const BIGNUM *, const BIGNUM *, u_char *, size_t *); -Index: openssh-7.8p1/mac.c +Index: openssh-7.9p1/mac.c =================================================================== ---- openssh-7.8p1.orig/mac.c -+++ openssh-7.8p1/mac.c +--- openssh-7.9p1.orig/mac.c ++++ openssh-7.9p1/mac.c @@ -280,6 +280,20 @@ mac_clear(struct sshmac *mac) mac->umac_ctx = NULL; } @@ -1091,10 +1092,10 @@ Index: openssh-7.8p1/mac.c /* XXX copied from ciphers_valid */ #define MAC_SEP "," int -Index: openssh-7.8p1/mac.h +Index: openssh-7.9p1/mac.h =================================================================== ---- openssh-7.8p1.orig/mac.h -+++ openssh-7.8p1/mac.h +--- openssh-7.9p1.orig/mac.h ++++ openssh-7.9p1/mac.h @@ -49,5 +49,6 @@ int mac_compute(struct sshmac *, u_int3 int mac_check(struct sshmac *, u_int32_t, const u_char *, size_t, const u_char *, size_t); @@ -1102,11 +1103,11 @@ Index: openssh-7.8p1/mac.h +void mac_destroy(struct sshmac *); #endif /* SSHMAC_H */ -Index: openssh-7.8p1/monitor.c +Index: openssh-7.9p1/monitor.c =================================================================== ---- openssh-7.8p1.orig/monitor.c -+++ openssh-7.8p1/monitor.c -@@ -91,6 +91,7 @@ +--- openssh-7.9p1.orig/monitor.c ++++ openssh-7.9p1/monitor.c +@@ -93,6 +93,7 @@ #include "compat.h" #include "ssh2.h" #include "authfd.h" @@ -1114,7 +1115,7 @@ Index: openssh-7.8p1/monitor.c #include "match.h" #include "ssherr.h" -@@ -105,6 +106,8 @@ extern u_char session_id[]; +@@ -107,6 +108,8 @@ extern u_char session_id[]; extern struct sshbuf *loginmsg; extern struct sshauthopt *auth_opts; /* XXX move to permanent ssh->authctxt? */ @@ -1123,7 +1124,7 @@ Index: openssh-7.8p1/monitor.c /* State exported from the child */ static struct sshbuf *child_state; -@@ -150,6 +153,11 @@ int mm_answer_gss_updatecreds(int, struc +@@ -152,6 +155,11 @@ int mm_answer_gss_updatecreds(int, struc #ifdef SSH_AUDIT_EVENTS int mm_answer_audit_event(int, struct sshbuf *); int mm_answer_audit_command(int, struct sshbuf *); @@ -1135,7 +1136,7 @@ Index: openssh-7.8p1/monitor.c #endif static int monitor_read_log(struct monitor *); -@@ -203,6 +211,11 @@ struct mon_table mon_dispatch_proto20[] +@@ -205,6 +213,11 @@ struct mon_table mon_dispatch_proto20[] #endif #ifdef SSH_AUDIT_EVENTS {MONITOR_REQ_AUDIT_EVENT, MON_PERMIT, mm_answer_audit_event}, @@ -1147,7 +1148,7 @@ Index: openssh-7.8p1/monitor.c #endif #ifdef BSD_AUTH {MONITOR_REQ_BSDAUTHQUERY, MON_ISAUTH, mm_answer_bsdauthquery}, -@@ -231,6 +244,11 @@ struct mon_table mon_dispatch_postauth20 +@@ -233,6 +246,11 @@ struct mon_table mon_dispatch_postauth20 #ifdef SSH_AUDIT_EVENTS {MONITOR_REQ_AUDIT_EVENT, MON_PERMIT, mm_answer_audit_event}, {MONITOR_REQ_AUDIT_COMMAND, MON_PERMIT, mm_answer_audit_command}, @@ -1159,15 +1160,19 @@ Index: openssh-7.8p1/monitor.c #endif #ifdef GSSAPI {MONITOR_REQ_GSSSETUP, 0, mm_answer_gss_setup_ctx}, -@@ -1375,6 +1393,7 @@ mm_answer_keyverify(int sock, struct ssh +@@ -1379,8 +1397,10 @@ mm_answer_keyverify(int sock, struct ssh char *sigalg; size_t signaturelen, datalen, bloblen; int r, ret, valid_data = 0, encoded_ret; + int type = 0; - if ((r = sshbuf_get_string(m, &blob, &bloblen)) != 0 || +- if ((r = sshbuf_get_string(m, &blob, &bloblen)) != 0 || ++ if ((r = sshbuf_get_u32(m, &type)) != 0 || ++ (r = sshbuf_get_string(m, &blob, &bloblen)) != 0 || (r = sshbuf_get_string(m, &signature, &signaturelen)) != 0 || -@@ -1385,6 +1404,8 @@ mm_answer_keyverify(int sock, struct ssh + (r = sshbuf_get_string(m, &data, &datalen)) != 0 || + (r = sshbuf_get_cstring(m, &sigalg, NULL)) != 0) +@@ -1389,6 +1409,8 @@ mm_answer_keyverify(int sock, struct ssh if (hostbased_cuser == NULL || hostbased_chost == NULL || !monitor_allowed_key(blob, bloblen)) fatal("%s: bad key, not previously allowed", __func__); @@ -1176,7 +1181,7 @@ Index: openssh-7.8p1/monitor.c /* Empty signature algorithm means NULL. */ if (*sigalg == '\0') { -@@ -1399,22 +1420,25 @@ mm_answer_keyverify(int sock, struct ssh +@@ -1403,22 +1425,25 @@ mm_answer_keyverify(int sock, struct ssh switch (key_blobtype) { case MM_USERKEY: valid_data = monitor_valid_userblob(data, datalen); @@ -1204,7 +1209,7 @@ Index: openssh-7.8p1/monitor.c debug3("%s: %s %p signature %s", __func__, auth_method, key, (ret == 0) ? "verified" : "unverified"); auth2_record_key(authctxt, ret == 0, key); -@@ -1474,6 +1498,12 @@ mm_session_close(Session *s) +@@ -1478,6 +1503,12 @@ mm_session_close(Session *s) debug3("%s: tty %s ptyfd %d", __func__, s->tty, s->ptyfd); session_pty_cleanup2(s); } @@ -1217,7 +1222,7 @@ Index: openssh-7.8p1/monitor.c session_unused(s->self); } -@@ -1582,6 +1612,8 @@ mm_answer_term(int sock, struct sshbuf * +@@ -1586,6 +1617,8 @@ mm_answer_term(int sock, struct sshbuf * sshpam_cleanup(); #endif @@ -1226,7 +1231,7 @@ Index: openssh-7.8p1/monitor.c while (waitpid(pmonitor->m_pid, &status, 0) == -1) if (errno != EINTR) exit(1); -@@ -1628,14 +1660,50 @@ mm_answer_audit_command(int socket, stru +@@ -1632,14 +1665,50 @@ mm_answer_audit_command(int socket, stru { char *cmd; int r; @@ -1280,7 +1285,7 @@ Index: openssh-7.8p1/monitor.c } #endif /* SSH_AUDIT_EVENTS */ -@@ -1697,6 +1765,7 @@ monitor_apply_keystate(struct monitor *p +@@ -1701,6 +1770,7 @@ monitor_apply_keystate(struct monitor *p void mm_get_keystate(struct monitor *pmonitor) { @@ -1288,7 +1293,7 @@ Index: openssh-7.8p1/monitor.c debug3("%s: Waiting for new keys", __func__); if ((child_state = sshbuf_new()) == NULL) -@@ -1704,6 +1773,19 @@ mm_get_keystate(struct monitor *pmonitor +@@ -1708,6 +1778,19 @@ mm_get_keystate(struct monitor *pmonitor mm_request_receive_expect(pmonitor->m_sendfd, MONITOR_REQ_KEYEXPORT, child_state); debug3("%s: GOT new keys", __func__); @@ -1308,33 +1313,16 @@ Index: openssh-7.8p1/monitor.c } -@@ -1902,19 +1984,19 @@ mm_answer_gss_sign(int socket, struct ss - int r; - - if (!options.gss_authentication && !options.gss_keyex) -- fatal("In GSSAPI monitor when GSSAPI is disabled"); -+ fatal("In GSSAPI monitor when GSSAPI is disabled"); +@@ -1909,7 +1992,7 @@ mm_answer_gss_sign(int socket, struct ss + fatal("In GSSAPI monitor when GSSAPI is disabled"); if ((r = sshbuf_get_string(m, (u_char **)&data.value, &data.length)) != 0) - fatal("%s: buffer error: %s", __func__, ssh_err(r)); +- fatal("%s: buffer error: %s", __func__, ssh_err(r)); ++ fatal("%s: buffer error: %s", __func__, ssh_err(r)); if (data.length != 20) -- fatal("%s: data length incorrect: %d", __func__, -- (int) data.length); -+ fatal("%s: data length incorrect: %d", __func__, -+ (int) data.length); - - /* Save the session ID on the first time around */ - if (session_id2_len == 0) { -- session_id2_len = data.length; -- session_id2 = xmalloc(session_id2_len); -- memcpy(session_id2, data.value, session_id2_len); -+ session_id2_len = data.length; -+ session_id2 = xmalloc(session_id2_len); -+ memcpy(session_id2, data.value, session_id2_len); - } - major = ssh_gssapi_sign(gsscontext, &data, &hash); - -@@ -1962,3 +2044,102 @@ mm_answer_gss_updatecreds(int socket, st + fatal("%s: data length incorrect: %d", __func__, + (int) data.length); +@@ -1966,3 +2049,102 @@ mm_answer_gss_updatecreds(int socket, st } #endif /* GSSAPI */ @@ -1437,10 +1425,10 @@ Index: openssh-7.8p1/monitor.c + return 0; +} +#endif /* SSH_AUDIT_EVENTS */ -Index: openssh-7.8p1/monitor.h +Index: openssh-7.9p1/monitor.h =================================================================== ---- openssh-7.8p1.orig/monitor.h -+++ openssh-7.8p1/monitor.h +--- openssh-7.9p1.orig/monitor.h ++++ openssh-7.9p1/monitor.h @@ -61,7 +61,13 @@ enum monitor_reqtype { MONITOR_REQ_PAM_QUERY = 106, MONITOR_ANS_PAM_QUERY = 107, MONITOR_REQ_PAM_RESPOND = 108, MONITOR_ANS_PAM_RESPOND = 109, @@ -1456,10 +1444,10 @@ Index: openssh-7.8p1/monitor.h MONITOR_REQ_GSSSIGN = 201, MONITOR_ANS_GSSSIGN = 202, MONITOR_REQ_GSSUPCREDS = 203, MONITOR_ANS_GSSUPCREDS = 204, -Index: openssh-7.8p1/monitor_wrap.c +Index: openssh-7.9p1/monitor_wrap.c =================================================================== ---- openssh-7.8p1.orig/monitor_wrap.c -+++ openssh-7.8p1/monitor_wrap.c +--- openssh-7.9p1.orig/monitor_wrap.c ++++ openssh-7.9p1/monitor_wrap.c @@ -497,7 +497,7 @@ mm_key_allowed(enum mm_keytype type, con */ @@ -1637,10 +1625,10 @@ Index: openssh-7.8p1/monitor_wrap.c + sshbuf_free(m); +} +#endif /* SSH_AUDIT_EVENTS */ -Index: openssh-7.8p1/monitor_wrap.h +Index: openssh-7.9p1/monitor_wrap.h =================================================================== ---- openssh-7.8p1.orig/monitor_wrap.h -+++ openssh-7.8p1/monitor_wrap.h +--- openssh-7.9p1.orig/monitor_wrap.h ++++ openssh-7.9p1/monitor_wrap.h @@ -53,7 +53,9 @@ int mm_user_key_allowed(struct ssh *, st struct sshauthopt **); int mm_hostbased_key_allowed(struct passwd *, const char *, @@ -1666,10 +1654,10 @@ Index: openssh-7.8p1/monitor_wrap.h #endif struct Session; -Index: openssh-7.8p1/packet.c +Index: openssh-7.9p1/packet.c =================================================================== ---- openssh-7.8p1.orig/packet.c -+++ openssh-7.8p1/packet.c +--- openssh-7.9p1.orig/packet.c ++++ openssh-7.9p1/packet.c @@ -76,6 +76,7 @@ #include @@ -1829,20 +1817,20 @@ Index: openssh-7.8p1/packet.c /* Reset after_authentication and reset compression in post-auth privsep */ static int ssh_packet_set_postauth(struct ssh *ssh) -Index: openssh-7.8p1/packet.h +Index: openssh-7.9p1/packet.h =================================================================== ---- openssh-7.8p1.orig/packet.h -+++ openssh-7.8p1/packet.h +--- openssh-7.9p1.orig/packet.h ++++ openssh-7.9p1/packet.h @@ -219,4 +219,5 @@ extern struct ssh *active_state; # undef EC_POINT #endif +void packet_destroy_all(int, int); #endif /* PACKET_H */ -Index: openssh-7.8p1/session.c +Index: openssh-7.9p1/session.c =================================================================== ---- openssh-7.8p1.orig/session.c -+++ openssh-7.8p1/session.c +--- openssh-7.9p1.orig/session.c ++++ openssh-7.9p1/session.c @@ -139,7 +139,7 @@ extern char *__progname; extern int debug_flag; extern u_int utmp_len; @@ -1867,7 +1855,7 @@ Index: openssh-7.8p1/session.c /* Enter interactive session. */ s->ptymaster = ptymaster; packet_set_interactive(1, -@@ -739,15 +747,19 @@ do_exec(struct ssh *ssh, Session *s, con +@@ -741,15 +749,19 @@ do_exec(struct ssh *ssh, Session *s, con s->self); #ifdef SSH_AUDIT_EVENTS @@ -1889,7 +1877,7 @@ Index: openssh-7.8p1/session.c #endif if (s->ttyfd != -1) ret = do_exec_pty(ssh, s, command); -@@ -1551,8 +1563,11 @@ do_child(struct ssh *ssh, Session *s, co +@@ -1553,8 +1565,11 @@ do_child(struct ssh *ssh, Session *s, co int r = 0; /* remove hostkey from the child's memory */ @@ -1902,7 +1890,7 @@ Index: openssh-7.8p1/session.c /* Force a password change */ if (s->authctxt->force_pwchange) { -@@ -1759,6 +1774,9 @@ session_unused(int id) +@@ -1761,6 +1776,9 @@ session_unused(int id) sessions[id].ttyfd = -1; sessions[id].ptymaster = -1; sessions[id].x11_chanids = NULL; @@ -1912,7 +1900,7 @@ Index: openssh-7.8p1/session.c sessions[id].next_unused = sessions_first_unused; sessions_first_unused = id; } -@@ -1841,6 +1859,19 @@ session_open(Authctxt *authctxt, int cha +@@ -1843,6 +1861,19 @@ session_open(Authctxt *authctxt, int cha } Session * @@ -1932,7 +1920,7 @@ Index: openssh-7.8p1/session.c session_by_tty(char *tty) { int i; -@@ -2352,6 +2383,32 @@ session_exit_message(struct ssh *ssh, Se +@@ -2428,6 +2459,32 @@ session_exit_message(struct ssh *ssh, Se chan_write_failed(ssh, c); } @@ -1965,7 +1953,7 @@ Index: openssh-7.8p1/session.c void session_close(struct ssh *ssh, Session *s) { -@@ -2393,6 +2450,10 @@ session_close(struct ssh *ssh, Session * +@@ -2469,6 +2526,10 @@ session_close(struct ssh *ssh, Session * if (s->ttyfd != -1) session_pty_cleanup(s); @@ -1976,7 +1964,7 @@ Index: openssh-7.8p1/session.c free(s->term); free(s->display); free(s->x11_chanids); -@@ -2600,6 +2661,15 @@ do_authenticated2(struct ssh *ssh, Authc +@@ -2677,6 +2738,15 @@ do_authenticated2(struct ssh *ssh, Authc server_loop2(ssh, authctxt); } @@ -1992,7 +1980,7 @@ Index: openssh-7.8p1/session.c void do_cleanup(struct ssh *ssh, Authctxt *authctxt) { -@@ -2657,7 +2727,7 @@ do_cleanup(struct ssh *ssh, Authctxt *au +@@ -2734,7 +2804,7 @@ do_cleanup(struct ssh *ssh, Authctxt *au * or if running in monitor. */ if (!use_privsep || mm_is_monitor()) @@ -2001,11 +1989,11 @@ Index: openssh-7.8p1/session.c } /* Return a name for the remote host that fits inside utmp_size */ -Index: openssh-7.8p1/session.h +Index: openssh-7.9p1/session.h =================================================================== ---- openssh-7.8p1.orig/session.h -+++ openssh-7.8p1/session.h -@@ -60,6 +60,12 @@ struct Session { +--- openssh-7.9p1.orig/session.h ++++ openssh-7.9p1/session.h +@@ -61,6 +61,12 @@ struct Session { char *name; char *val; } *env; @@ -2018,7 +2006,7 @@ Index: openssh-7.8p1/session.h }; void do_authenticated(struct ssh *, Authctxt *); -@@ -72,8 +78,10 @@ void session_close_by_pid(struct ssh *s +@@ -73,8 +79,10 @@ void session_close_by_pid(struct ssh *s void session_close_by_channel(struct ssh *, int, void *); void session_destroy_all(struct ssh *, void (*)(Session *)); void session_pty_cleanup2(Session *); @@ -2029,10 +2017,10 @@ Index: openssh-7.8p1/session.h Session *session_by_tty(char *); void session_close(struct ssh *, Session *); void do_setusercontext(struct passwd *); -Index: openssh-7.8p1/sshd.c +Index: openssh-7.9p1/sshd.c =================================================================== ---- openssh-7.8p1.orig/sshd.c -+++ openssh-7.8p1/sshd.c +--- openssh-7.9p1.orig/sshd.c ++++ openssh-7.9p1/sshd.c @@ -124,6 +124,7 @@ #include "ssh-gss.h" #endif @@ -2091,24 +2079,24 @@ Index: openssh-7.8p1/sshd.c for (i = 0; i < options.num_host_key_files; i++) { if (sensitive_data.host_keys[i]) { - sshkey_free(sensitive_data.host_keys[i]); -+ char *fp; ++ char *fp; + -+ if (sshkey_is_private(sensitive_data.host_keys[i])) -+ fp = sshkey_fingerprint(sensitive_data.host_keys[i], options.fingerprint_hash, SSH_FP_HEX); -+ else -+ fp = NULL; -+ sshkey_free(sensitive_data.host_keys[i]); ++ if (sshkey_is_private(sensitive_data.host_keys[i])) ++ fp = sshkey_fingerprint(sensitive_data.host_keys[i], options.fingerprint_hash, SSH_FP_HEX); ++ else ++ fp = NULL; ++ sshkey_free(sensitive_data.host_keys[i]); sensitive_data.host_keys[i] = NULL; + if (fp != NULL) { +#ifdef SSH_AUDIT_EVENTS -+ if (privsep) -+ PRIVSEP(audit_destroy_sensitive_data(fp, -+ pid, uid)); -+ else -+ audit_destroy_sensitive_data(fp, -+ pid, uid); ++ if (privsep) ++ PRIVSEP(audit_destroy_sensitive_data(fp, ++ pid, uid)); ++ else ++ audit_destroy_sensitive_data(fp, ++ pid, uid); +#endif -+ free(fp); ++ free(fp); + } } - if (sensitive_data.host_certificates[i]) { @@ -2117,30 +2105,28 @@ Index: openssh-7.8p1/sshd.c sshkey_free(sensitive_data.host_certificates[i]); sensitive_data.host_certificates[i] = NULL; } -@@ -513,9 +551,22 @@ demote_sensitive_data(void) +@@ -513,8 +551,21 @@ demote_sensitive_data(void) struct sshkey *tmp; u_int i; int r; +#ifdef SSH_AUDIT_EVENTS -+ pid_t pid; -+ uid_t uid; - -- for (i = 0; i < options.num_host_key_files; i++) { -+ pid = getpid(); -+ uid = getuid(); ++ pid_t pid; ++ uid_t uid; ++ ++ pid = getpid(); ++ uid = getuid(); +#endif + + for (i = 0; i < options.num_host_key_files; i++) { ++ char *fp; + -+ for (i = 0; i < options.num_host_key_files; i++) { ++ if (sshkey_is_private(sensitive_data.host_keys[i])) ++ fp = sshkey_fingerprint(sensitive_data.host_keys[i], options.fingerprint_hash, SSH_FP_HEX); ++ else ++ fp = NULL; if (sensitive_data.host_keys[i]) { -+ char *fp; -+ -+ if (sshkey_is_private(sensitive_data.host_keys[i])) -+ fp = sshkey_fingerprint(sensitive_data.host_keys[i], options.fingerprint_hash, SSH_FP_HEX); -+ else -+ fp = NULL; - if ((r = sshkey_demote(sensitive_data.host_keys[i], - &tmp)) != 0) - fatal("could not demote host %s key: %s", + if ((r = sshkey_from_private( + sensitive_data.host_keys[i], &tmp)) != 0) @@ -523,6 +574,12 @@ demote_sensitive_data(void) ssh_err(r)); sshkey_free(sensitive_data.host_keys[i]); @@ -2213,48 +2199,11 @@ Index: openssh-7.8p1/sshd.c audit_event(SSH_CONNECTION_ABANDON); #endif _exit(i); -Index: openssh-7.8p1/sshkey.c +Index: openssh-7.9p1/sshkey.h =================================================================== ---- openssh-7.8p1.orig/sshkey.c -+++ openssh-7.8p1/sshkey.c -@@ -326,6 +326,32 @@ sshkey_type_is_valid_ca(int type) - } - - int -+sshkey_is_private(const struct sshkey *k) -+{ -+ switch (k->type) { -+#ifdef WITH_OPENSSL -+ case KEY_RSA_CERT: -+ case KEY_RSA: -+ return k->rsa->d != NULL; -+ case KEY_DSA_CERT: -+ case KEY_DSA: -+ return k->dsa->priv_key != NULL; -+#ifdef OPENSSL_HAS_ECC -+ case KEY_ECDSA_CERT: -+ case KEY_ECDSA: -+ return EC_KEY_get0_private_key(k->ecdsa) != NULL; -+#endif /* OPENSSL_HAS_ECC */ -+#endif /* WITH_OPENSSL */ -+ case KEY_ED25519_CERT: -+ case KEY_ED25519: -+ return (k->ed25519_pk != NULL); -+ default: -+ /* fatal("key_is_private: bad key type %d", k->type); */ -+ return 0; -+ } -+} -+ -+int - sshkey_is_cert(const struct sshkey *k) - { - if (k == NULL) -Index: openssh-7.8p1/sshkey.h -=================================================================== ---- openssh-7.8p1.orig/sshkey.h -+++ openssh-7.8p1/sshkey.h -@@ -148,6 +148,7 @@ u_int sshkey_size(const struct sshkey +--- openssh-7.9p1.orig/sshkey.h ++++ openssh-7.9p1/sshkey.h +@@ -147,6 +147,7 @@ u_int sshkey_size(const struct sshkey int sshkey_generate(int type, u_int bits, struct sshkey **keyp); int sshkey_from_private(const struct sshkey *, struct sshkey **); int sshkey_type_from_name(const char *); @@ -2262,3 +2211,46 @@ Index: openssh-7.8p1/sshkey.h int sshkey_is_cert(const struct sshkey *); int sshkey_type_is_cert(int); int sshkey_type_plain(int); +Index: openssh-7.9p1/sshkey.c +=================================================================== +--- openssh-7.9p1.orig/sshkey.c ++++ openssh-7.9p1/sshkey.c +@@ -331,6 +331,38 @@ sshkey_type_is_valid_ca(int type) + } + + int ++sshkey_is_private(const struct sshkey *k) ++{ ++ switch (k->type) { ++#ifdef WITH_OPENSSL ++ case KEY_RSA_CERT: ++ case KEY_RSA: { ++ const BIGNUM *d; ++ RSA_get0_key(k->rsa, NULL, NULL, &d); ++ return d != NULL; ++ } ++ case KEY_DSA_CERT: ++ case KEY_DSA: { ++ const BIGNUM *priv_key; ++ DSA_get0_key(k->dsa, NULL, &priv_key); ++ return priv_key != NULL; ++ } ++#ifdef OPENSSL_HAS_ECC ++ case KEY_ECDSA_CERT: ++ case KEY_ECDSA: ++ return EC_KEY_get0_private_key(k->ecdsa) != NULL; ++#endif /* OPENSSL_HAS_ECC */ ++#endif /* WITH_OPENSSL */ ++ case KEY_ED25519_CERT: ++ case KEY_ED25519: ++ return (k->ed25519_pk != NULL); ++ default: ++ /* fatal("key_is_private: bad key type %d", k->type); */ ++ return 0; ++ } ++} ++ ++int + sshkey_is_cert(const struct sshkey *k) + { + if (k == NULL) diff --git a/openssh-7.7p1-blocksigalrm.patch b/openssh-7.7p1-blocksigalrm.patch deleted file mode 100644 index a2a5716..0000000 --- a/openssh-7.7p1-blocksigalrm.patch +++ /dev/null @@ -1,75 +0,0 @@ -# HG changeset patch -# Parent 2e66b48b2212113d9897a58aaada67557b7c4f35 -block SIGALRM while logging through syslog to prevent deadlocks -(through grace_alarm_handler()) - -bnc#57354 - -diff --git a/openssh-7.7p1/log.c b/openssh-7.7p1/log.c ---- openssh-7.7p1/log.c -+++ openssh-7.7p1/log.c -@@ -46,16 +46,17 @@ - #include - #include - #include - #if defined(HAVE_STRNVIS) && defined(HAVE_VIS_H) && !defined(BROKEN_STRNVIS) - # include - #endif - - #include "log.h" -+#include - - static LogLevel log_level = SYSLOG_LEVEL_INFO; - static int log_on_stderr = 1; - static int log_stderr_fd = STDERR_FILENO; - static int log_facility = LOG_AUTH; - static char *argv0; - static log_handler_fn *log_handler; - static void *log_handler_ctx; -@@ -396,16 +397,17 @@ do_log(LogLevel level, const char *fmt, - { - #if defined(HAVE_OPENLOG_R) && defined(SYSLOG_DATA_INIT) - struct syslog_data sdata = SYSLOG_DATA_INIT; - #endif - char msgbuf[MSGBUFSIZ]; - char fmtbuf[MSGBUFSIZ]; - char *txt = NULL; - int pri = LOG_INFO; -+ sigset_t nset, oset; - int saved_errno = errno; - log_handler_fn *tmp_handler; - - if (level > log_level) - return; - - switch (level) { - case SYSLOG_LEVEL_FATAL: -@@ -455,20 +457,28 @@ do_log(LogLevel level, const char *fmt, - log_handler = NULL; - tmp_handler(level, fmtbuf, log_handler_ctx); - log_handler = tmp_handler; - } else if (log_on_stderr) { - snprintf(msgbuf, sizeof msgbuf, "%.*s\r\n", - (int)sizeof msgbuf - 3, fmtbuf); - (void)write(log_stderr_fd, msgbuf, strlen(msgbuf)); - } else { -+ /* Prevent a race between the grace_alarm which writes a -+ * log message and terminates and main sshd code that leads -+ * to deadlock as syslog is not async safe. -+ */ -+ sigemptyset(&nset); -+ sigaddset(&nset, SIGALRM); -+ sigprocmask(SIG_BLOCK, &nset, &oset); - #if defined(HAVE_OPENLOG_R) && defined(SYSLOG_DATA_INIT) - openlog_r(argv0 ? argv0 : __progname, LOG_PID, log_facility, &sdata); - syslog_r(pri, &sdata, "%.500s", fmtbuf); - closelog_r(&sdata); - #else - openlog(argv0 ? argv0 : __progname, LOG_PID, log_facility); - syslog(pri, "%.500s", fmtbuf); - closelog(); - #endif -+ sigprocmask(SIG_SETMASK, &oset, NULL); - } - errno = saved_errno; - } diff --git a/openssh-7.7p1-cavstest-ctr.patch b/openssh-7.7p1-cavstest-ctr.patch index 88bb869..5a2f363 100644 --- a/openssh-7.7p1-cavstest-ctr.patch +++ b/openssh-7.7p1-cavstest-ctr.patch @@ -2,15 +2,11 @@ # Parent cc1022edba2c5eeb0facba08468f65afc2466b63 CAVS test for OpenSSH's own CTR encryption mode implementation -diff --git a/openssh-7.7p1/Makefile.in b/openssh-7.7p1/Makefile.in ---- openssh-7.7p1/Makefile.in -+++ openssh-7.7p1/Makefile.in -@@ -19,16 +19,17 @@ top_srcdir=@top_srcdir@ - - DESTDIR= - VPATH=@srcdir@ - SSH_PROGRAM=@bindir@/ssh - ASKPASS_PROGRAM=$(libexecdir)/ssh-askpass +Index: openssh-7.9p1/Makefile.in +=================================================================== +--- openssh-7.9p1.orig/Makefile.in ++++ openssh-7.9p1/Makefile.in +@@ -24,6 +24,7 @@ ASKPASS_PROGRAM=$(libexecdir)/ssh-askpas SFTP_SERVER=$(libexecdir)/sftp-server SSH_KEYSIGN=$(libexecdir)/ssh-keysign SSH_PKCS11_HELPER=$(libexecdir)/ssh-pkcs11-helper @@ -18,17 +14,7 @@ diff --git a/openssh-7.7p1/Makefile.in b/openssh-7.7p1/Makefile.in PRIVSEP_PATH=@PRIVSEP_PATH@ SSH_PRIVSEP_USER=@SSH_PRIVSEP_USER@ STRIP_OPT=@STRIP_OPT@ - TEST_SHELL=@TEST_SHELL@ - - PATHS= -DSSHDIR=\"$(sysconfdir)\" \ - -D_PATH_SSH_PROGRAM=\"$(SSH_PROGRAM)\" \ - -D_PATH_SSH_ASKPASS_DEFAULT=\"$(ASKPASS_PROGRAM)\" \ -@@ -57,16 +58,18 @@ ENT=@ENT@ - XAUTH_PATH=@XAUTH_PATH@ - LDFLAGS=-L. -Lopenbsd-compat/ @LDFLAGS@ - EXEEXT=@EXEEXT@ - MANFMT=@MANFMT@ - MKDIR_P=@MKDIR_P@ +@@ -62,6 +63,8 @@ MKDIR_P=@MKDIR_P@ TARGETS=ssh$(EXEEXT) sshd$(EXEEXT) ssh-add$(EXEEXT) ssh-keygen$(EXEEXT) ssh-keyscan${EXEEXT} ssh-keysign${EXEEXT} ssh-pkcs11-helper$(EXEEXT) ssh-agent$(EXEEXT) scp$(EXEEXT) sftp-server$(EXEEXT) sftp$(EXEEXT) @@ -37,17 +23,7 @@ diff --git a/openssh-7.7p1/Makefile.in b/openssh-7.7p1/Makefile.in XMSS_OBJS=\ ssh-xmss.o \ sshkey-xmss.o \ - xmss_commons.o \ - xmss_fast.o \ - xmss_hash.o \ - xmss_hash_address.o \ - xmss_wots.o -@@ -199,16 +202,20 @@ ssh-keyscan$(EXEEXT): $(LIBCOMPAT) libss - $(LD) -o $@ ssh-keyscan.o $(LDFLAGS) -lssh -lopenbsd-compat -lssh $(LIBS) - - sftp-server$(EXEEXT): $(LIBCOMPAT) libssh.a sftp.o sftp-common.o sftp-server.o sftp-server-main.o - $(LD) -o $@ sftp-server.o sftp-common.o sftp-server-main.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS) - +@@ -204,6 +207,10 @@ sftp-server$(EXEEXT): $(LIBCOMPAT) libss sftp$(EXEEXT): $(LIBCOMPAT) libssh.a sftp.o sftp-client.o sftp-common.o sftp-glob.o progressmeter.o $(LD) -o $@ progressmeter.o sftp.o sftp-client.o sftp-common.o sftp-glob.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS) $(LIBEDIT) @@ -58,17 +34,7 @@ diff --git a/openssh-7.7p1/Makefile.in b/openssh-7.7p1/Makefile.in # test driver for the loginrec code - not built by default logintest: logintest.o $(LIBCOMPAT) libssh.a loginrec.o $(LD) -o $@ logintest.o $(LDFLAGS) loginrec.o -lopenbsd-compat -lssh $(LIBS) - - $(MANPAGES): $(MANPAGES_IN) - if test "$(MANTYPE)" = "cat"; then \ - manpage=$(srcdir)/`echo $@ | sed 's/\.[1-9]\.out$$/\.0/'`; \ - else \ -@@ -339,16 +346,17 @@ install-files: - $(INSTALL) -m 0755 $(STRIP_OPT) ssh-agent$(EXEEXT) $(DESTDIR)$(bindir)/ssh-agent$(EXEEXT) - $(INSTALL) -m 0755 $(STRIP_OPT) ssh-keygen$(EXEEXT) $(DESTDIR)$(bindir)/ssh-keygen$(EXEEXT) - $(INSTALL) -m 0755 $(STRIP_OPT) ssh-keyscan$(EXEEXT) $(DESTDIR)$(bindir)/ssh-keyscan$(EXEEXT) - $(INSTALL) -m 0755 $(STRIP_OPT) sshd$(EXEEXT) $(DESTDIR)$(sbindir)/sshd$(EXEEXT) - $(INSTALL) -m 4711 $(STRIP_OPT) ssh-keysign$(EXEEXT) $(DESTDIR)$(SSH_KEYSIGN)$(EXEEXT) +@@ -348,6 +355,7 @@ install-files: $(INSTALL) -m 0755 $(STRIP_OPT) ssh-pkcs11-helper$(EXEEXT) $(DESTDIR)$(SSH_PKCS11_HELPER)$(EXEEXT) $(INSTALL) -m 0755 $(STRIP_OPT) sftp$(EXEEXT) $(DESTDIR)$(bindir)/sftp$(EXEEXT) $(INSTALL) -m 0755 $(STRIP_OPT) sftp-server$(EXEEXT) $(DESTDIR)$(SFTP_SERVER)$(EXEEXT) @@ -76,15 +42,10 @@ diff --git a/openssh-7.7p1/Makefile.in b/openssh-7.7p1/Makefile.in $(INSTALL) -m 644 ssh.1.out $(DESTDIR)$(mandir)/$(mansubdir)1/ssh.1 $(INSTALL) -m 644 scp.1.out $(DESTDIR)$(mandir)/$(mansubdir)1/scp.1 $(INSTALL) -m 644 ssh-add.1.out $(DESTDIR)$(mandir)/$(mansubdir)1/ssh-add.1 - $(INSTALL) -m 644 ssh-agent.1.out $(DESTDIR)$(mandir)/$(mansubdir)1/ssh-agent.1 - $(INSTALL) -m 644 ssh-keygen.1.out $(DESTDIR)$(mandir)/$(mansubdir)1/ssh-keygen.1 - $(INSTALL) -m 644 ssh-keyscan.1.out $(DESTDIR)$(mandir)/$(mansubdir)1/ssh-keyscan.1 - $(INSTALL) -m 644 moduli.5.out $(DESTDIR)$(mandir)/$(mansubdir)5/moduli.5 - $(INSTALL) -m 644 sshd_config.5.out $(DESTDIR)$(mandir)/$(mansubdir)5/sshd_config.5 -diff --git a/openssh-7.7p1/cavstest-ctr.c b/openssh-7.7p1/cavstest-ctr.c -new file mode 100644 +Index: openssh-7.9p1/cavstest-ctr.c +=================================================================== --- /dev/null -+++ openssh-7.7p1/cavstest-ctr.c ++++ openssh-7.9p1/cavstest-ctr.c @@ -0,0 +1,214 @@ +/* + * @@ -238,7 +199,7 @@ new file mode 100644 + usage(); + } + -+ SSLeay_add_all_algorithms(); ++ OpenSSL_add_all_algorithms(); + + c = cipher_by_name(algo); + if (c == NULL) { @@ -300,15 +261,11 @@ new file mode 100644 + printf("\n"); + return 0; +} -diff --git a/openssh-7.7p1/cipher.c b/openssh-7.7p1/cipher.c ---- openssh-7.7p1/cipher.c -+++ openssh-7.7p1/cipher.c -@@ -49,25 +49,16 @@ - #include "ssherr.h" - #include "digest.h" - - #include "openbsd-compat/openssl-compat.h" - +Index: openssh-7.9p1/cipher.c +=================================================================== +--- openssh-7.9p1.orig/cipher.c ++++ openssh-7.9p1/cipher.c +@@ -54,15 +54,6 @@ #include "fips.h" #include "log.h" @@ -324,20 +281,11 @@ diff --git a/openssh-7.7p1/cipher.c b/openssh-7.7p1/cipher.c struct sshcipher { char *name; u_int block_size; - u_int key_len; - u_int iv_len; /* defaults to block_size */ - u_int auth_len; - u_int flags; - #define CFLAG_CBC (1<<0) -diff --git a/openssh-7.7p1/cipher.h b/openssh-7.7p1/cipher.h ---- openssh-7.7p1/cipher.h -+++ openssh-7.7p1/cipher.h -@@ -41,17 +41,25 @@ - #include - #include "cipher-chachapoly.h" - #include "cipher-aesctr.h" - - #define CIPHER_ENCRYPT 1 +Index: openssh-7.9p1/cipher.h +=================================================================== +--- openssh-7.9p1.orig/cipher.h ++++ openssh-7.9p1/cipher.h +@@ -46,7 +46,15 @@ #define CIPHER_DECRYPT 0 struct sshcipher; @@ -354,8 +302,3 @@ diff --git a/openssh-7.7p1/cipher.h b/openssh-7.7p1/cipher.h const struct sshcipher *cipher_by_name(const char *); const char *cipher_warning_message(const struct sshcipher_ctx *); - int ciphers_valid(const char *); - char *cipher_alg_list(char, int); - int cipher_init(struct sshcipher_ctx **, const struct sshcipher *, - const u_char *, u_int, const u_char *, u_int, int); - int cipher_crypt(struct sshcipher_ctx *, u_int, u_char *, const u_char *, diff --git a/openssh-7.7p1-disable_short_DH_parameters.patch b/openssh-7.7p1-disable_short_DH_parameters.patch index 8347915..d64a17c 100644 --- a/openssh-7.7p1-disable_short_DH_parameters.patch +++ b/openssh-7.7p1-disable_short_DH_parameters.patch @@ -12,23 +12,23 @@ compliant) parameters. CVE-2015-4000 (LOGJAM) bsc#932483 -Index: openssh-7.8p1/dh.c +Index: openssh-7.9p1/dh.c =================================================================== ---- openssh-7.8p1.orig/dh.c -+++ openssh-7.8p1/dh.c -@@ -43,6 +43,8 @@ - #include "misc.h" - #include "ssherr.h" +--- openssh-7.9p1.orig/dh.c ++++ openssh-7.9p1/dh.c +@@ -45,6 +45,8 @@ + + #include "openbsd-compat/openssl-compat.h" +int dh_grp_min = DH_GRP_MIN; + static int parse_prime(int linenum, char *line, struct dhgroup *dhg) { -Index: openssh-7.8p1/dh.h +Index: openssh-7.9p1/dh.h =================================================================== ---- openssh-7.8p1.orig/dh.h -+++ openssh-7.8p1/dh.h +--- openssh-7.9p1.orig/dh.h ++++ openssh-7.9p1/dh.h @@ -50,6 +50,7 @@ u_int dh_estimate(int); * Max value from RFC4419. * Miniumum increased in light of DH precomputation attacks. @@ -37,11 +37,11 @@ Index: openssh-7.8p1/dh.h #define DH_GRP_MIN 2048 #define DH_GRP_MAX 8192 -Index: openssh-7.8p1/kexgexc.c +Index: openssh-7.9p1/kexgexc.c =================================================================== ---- openssh-7.8p1.orig/kexgexc.c -+++ openssh-7.8p1/kexgexc.c -@@ -51,6 +51,9 @@ +--- openssh-7.9p1.orig/kexgexc.c ++++ openssh-7.9p1/kexgexc.c +@@ -53,6 +53,9 @@ #include "sshbuf.h" #include "misc.h" @@ -51,7 +51,7 @@ Index: openssh-7.8p1/kexgexc.c static int input_kex_dh_gex_group(int, u_int32_t, struct ssh *); static int input_kex_dh_gex_reply(int, u_int32_t, struct ssh *); -@@ -63,7 +66,7 @@ kexgex_client(struct ssh *ssh) +@@ -65,7 +68,7 @@ kexgex_client(struct ssh *ssh) nbits = dh_estimate(kex->dh_need * 8); @@ -60,7 +60,7 @@ Index: openssh-7.8p1/kexgexc.c kex->max = DH_GRP_MAX; kex->nbits = nbits; if (datafellows & SSH_BUG_DHGEX_LARGE) -@@ -108,6 +111,12 @@ input_kex_dh_gex_group(int type, u_int32 +@@ -111,6 +114,12 @@ input_kex_dh_gex_group(int type, u_int32 goto out; if ((bits = BN_num_bits(p)) < 0 || (u_int)bits < kex->min || (u_int)bits > kex->max) { @@ -73,11 +73,11 @@ Index: openssh-7.8p1/kexgexc.c r = SSH_ERR_DH_GEX_OUT_OF_RANGE; goto out; } -Index: openssh-7.8p1/kexgexs.c +Index: openssh-7.9p1/kexgexs.c =================================================================== ---- openssh-7.8p1.orig/kexgexs.c -+++ openssh-7.8p1/kexgexs.c -@@ -54,6 +54,9 @@ +--- openssh-7.9p1.orig/kexgexs.c ++++ openssh-7.9p1/kexgexs.c +@@ -56,6 +56,9 @@ #include "sshbuf.h" #include "misc.h" @@ -87,7 +87,7 @@ Index: openssh-7.8p1/kexgexs.c static int input_kex_dh_gex_request(int, u_int32_t, struct ssh *); static int input_kex_dh_gex_init(int, u_int32_t, struct ssh *); -@@ -82,13 +85,19 @@ input_kex_dh_gex_request(int type, u_int +@@ -85,13 +88,19 @@ input_kex_dh_gex_request(int type, u_int kex->nbits = nbits; kex->min = min; kex->max = max; @@ -109,10 +109,10 @@ Index: openssh-7.8p1/kexgexs.c r = SSH_ERR_DH_GEX_OUT_OF_RANGE; goto out; } -Index: openssh-7.8p1/readconf.c +Index: openssh-7.9p1/readconf.c =================================================================== ---- openssh-7.8p1.orig/readconf.c -+++ openssh-7.8p1/readconf.c +--- openssh-7.9p1.orig/readconf.c ++++ openssh-7.9p1/readconf.c @@ -67,6 +67,7 @@ #include "uidswap.h" #include "myproposal.h" @@ -130,7 +130,7 @@ Index: openssh-7.8p1/readconf.c oCanonicalDomains, oCanonicalizeHostname, oCanonicalizeMaxDots, oCanonicalizeFallbackLocal, oCanonicalizePermittedCNAMEs, oStreamLocalBindMask, oStreamLocalBindUnlink, oRevokedHostKeys, -@@ -291,6 +292,7 @@ static struct { +@@ -292,6 +293,7 @@ static struct { { "remotecommand", oRemoteCommand }, { "visualhostkey", oVisualHostKey }, { "kexalgorithms", oKexAlgorithms }, @@ -138,7 +138,7 @@ Index: openssh-7.8p1/readconf.c { "ipqos", oIPQoS }, { "requesttty", oRequestTTY }, { "proxyusefdpass", oProxyUseFdpass }, -@@ -312,6 +314,9 @@ static struct { +@@ -313,6 +315,9 @@ static struct { { NULL, oBadOption } }; @@ -148,7 +148,7 @@ Index: openssh-7.8p1/readconf.c /* * Adds a local TCP/IP port forward to options. Never returns if there is an * error. -@@ -1206,6 +1211,10 @@ parse_int: +@@ -1216,6 +1221,10 @@ parse_int: options->kex_algorithms = xstrdup(arg); break; @@ -159,15 +159,15 @@ Index: openssh-7.8p1/readconf.c case oHostKeyAlgorithms: charptr = &options->hostkeyalgorithms; parse_keytypes: -@@ -1835,6 +1844,7 @@ initialize_options(Options * options) +@@ -1860,6 +1869,7 @@ initialize_options(Options * options) options->ciphers = NULL; options->macs = NULL; options->kex_algorithms = NULL; + options->kex_dhmin = -1; options->hostkeyalgorithms = NULL; + options->ca_sign_algorithms = NULL; options->num_identity_files = 0; - options->num_certificate_files = 0; -@@ -1988,6 +1998,13 @@ fill_default_options(Options * options) +@@ -2014,6 +2024,13 @@ fill_default_options(Options * options) options->connection_attempts = 1; if (options->number_of_password_prompts == -1) options->number_of_password_prompts = 3; @@ -181,22 +181,22 @@ Index: openssh-7.8p1/readconf.c /* options->hostkeyalgorithms, default set in myproposals.h */ if (options->add_keys_to_agent == -1) options->add_keys_to_agent = 0; -Index: openssh-7.8p1/readconf.h +Index: openssh-7.9p1/readconf.h =================================================================== ---- openssh-7.8p1.orig/readconf.h -+++ openssh-7.8p1/readconf.h -@@ -67,6 +67,7 @@ typedef struct { - char *macs; /* SSH2 macs in order of preference. */ +--- openssh-7.9p1.orig/readconf.h ++++ openssh-7.9p1/readconf.h +@@ -68,6 +68,7 @@ typedef struct { char *hostkeyalgorithms; /* SSH2 server key types in order of preference. */ char *kex_algorithms; /* SSH2 kex methods in order of preference. */ -+ int kex_dhmin; /* minimum bit length of the DH group parameter */ + char *ca_sign_algorithms; /* Allowed CA signature algorithms */ ++ int kex_dhmin; /* minimum bit length of the DH group parameter */ char *hostname; /* Real host to connect. */ char *host_key_alias; /* hostname alias for .ssh/known_hosts */ char *proxy_command; /* Proxy command for connecting the host. */ -Index: openssh-7.8p1/servconf.c +Index: openssh-7.9p1/servconf.c =================================================================== ---- openssh-7.8p1.orig/servconf.c -+++ openssh-7.8p1/servconf.c +--- openssh-7.9p1.orig/servconf.c ++++ openssh-7.9p1/servconf.c @@ -64,6 +64,10 @@ #include "auth.h" #include "myproposal.h" @@ -213,10 +213,10 @@ Index: openssh-7.8p1/servconf.c options->macs = NULL; options->kex_algorithms = NULL; + options->kex_dhmin = -1; + options->ca_sign_algorithms = NULL; options->fwd_opts.gateway_ports = -1; options->fwd_opts.streamlocal_bind_mask = (mode_t)-1; - options->fwd_opts.streamlocal_bind_unlink = -1; -@@ -263,6 +268,14 @@ fill_default_server_options(ServerOption +@@ -267,6 +272,14 @@ fill_default_server_options(ServerOption if (options->use_pam_check_locks == -1) options->use_pam_check_locks = 0; @@ -231,16 +231,16 @@ Index: openssh-7.8p1/servconf.c /* Standard Options */ if (options->num_host_key_files == 0) { /* fill default hostkeys for protocols */ -@@ -490,7 +503,7 @@ typedef enum { +@@ -494,7 +507,7 @@ typedef enum { sHostCertificate, sRevokedKeys, sTrustedUserCAKeys, sAuthorizedPrincipalsFile, sAuthorizedPrincipalsCommand, sAuthorizedPrincipalsCommandUser, -- sKexAlgorithms, sIPQoS, sVersionAddendum, -+ sKexAlgorithms, sKexDHMin, sIPQoS, sVersionAddendum, +- sKexAlgorithms, sCASignatureAlgorithms, sIPQoS, sVersionAddendum, ++ sKexAlgorithms, sKexDHMin, sCASignatureAlgorithms, sIPQoS, sVersionAddendum, sAuthorizedKeysCommand, sAuthorizedKeysCommandUser, sAuthenticationMethods, sHostKeyAgent, sPermitUserRC, sStreamLocalBindMask, sStreamLocalBindUnlink, -@@ -631,6 +644,7 @@ static struct { +@@ -635,6 +648,7 @@ static struct { { "trustedusercakeys", sTrustedUserCAKeys, SSHCFG_ALL }, { "authorizedprincipalsfile", sAuthorizedPrincipalsFile, SSHCFG_ALL }, { "kexalgorithms", sKexAlgorithms, SSHCFG_GLOBAL }, @@ -248,7 +248,7 @@ Index: openssh-7.8p1/servconf.c { "ipqos", sIPQoS, SSHCFG_ALL }, { "authorizedkeyscommand", sAuthorizedKeysCommand, SSHCFG_ALL }, { "authorizedkeyscommanduser", sAuthorizedKeysCommandUser, SSHCFG_ALL }, -@@ -1726,6 +1740,10 @@ process_server_config_line(ServerOptions +@@ -1735,6 +1749,10 @@ process_server_config_line(ServerOptions options->kex_algorithms = xstrdup(arg); break; @@ -259,7 +259,7 @@ Index: openssh-7.8p1/servconf.c case sSubsystem: if (options->num_subsystems >= MAX_SUBSYSTEMS) { fatal("%s line %d: too many subsystems defined.", -@@ -2540,6 +2558,7 @@ dump_config(ServerOptions *o) +@@ -2549,6 +2567,7 @@ dump_config(ServerOptions *o) dump_cfg_int(sClientAliveInterval, o->client_alive_interval); dump_cfg_int(sClientAliveCountMax, o->client_alive_count_max); dump_cfg_oct(sStreamLocalBindMask, o->fwd_opts.streamlocal_bind_mask); @@ -267,10 +267,10 @@ Index: openssh-7.8p1/servconf.c /* formatted integer arguments */ dump_cfg_fmtint(sPermitRootLogin, o->permit_root_login); -Index: openssh-7.8p1/servconf.h +Index: openssh-7.9p1/servconf.h =================================================================== ---- openssh-7.8p1.orig/servconf.h -+++ openssh-7.8p1/servconf.h +--- openssh-7.9p1.orig/servconf.h ++++ openssh-7.9p1/servconf.h @@ -103,6 +103,7 @@ typedef struct { char *ciphers; /* Supported SSH2 ciphers. */ char *macs; /* Supported SSH2 macs. */ @@ -279,10 +279,10 @@ Index: openssh-7.8p1/servconf.h struct ForwardOptions fwd_opts; /* forwarding options */ SyslogFacility log_facility; /* Facility for system logging. */ LogLevel log_level; /* Level for system logging. */ -Index: openssh-7.8p1/ssh_config +Index: openssh-7.9p1/ssh_config =================================================================== ---- openssh-7.8p1.orig/ssh_config -+++ openssh-7.8p1/ssh_config +--- openssh-7.9p1.orig/ssh_config ++++ openssh-7.9p1/ssh_config @@ -17,6 +17,11 @@ # list of available options, their meanings and defaults, please see the # ssh_config(5) man page. @@ -295,11 +295,11 @@ Index: openssh-7.8p1/ssh_config Host * # ForwardAgent no # ForwardX11 no -Index: openssh-7.8p1/ssh_config.0 +Index: openssh-7.9p1/ssh_config.0 =================================================================== ---- openssh-7.8p1.orig/ssh_config.0 -+++ openssh-7.8p1/ssh_config.0 -@@ -595,6 +595,23 @@ DESCRIPTION +--- openssh-7.9p1.orig/ssh_config.0 ++++ openssh-7.9p1/ssh_config.0 +@@ -610,6 +610,23 @@ DESCRIPTION The list of available key exchange algorithms may also be obtained using "ssh -Q kex". @@ -323,11 +323,11 @@ Index: openssh-7.8p1/ssh_config.0 LocalCommand Specifies a command to execute on the local machine after successfully connecting to the server. The command string -Index: openssh-7.8p1/ssh_config.5 +Index: openssh-7.9p1/ssh_config.5 =================================================================== ---- openssh-7.8p1.orig/ssh_config.5 -+++ openssh-7.8p1/ssh_config.5 -@@ -1025,6 +1025,22 @@ diffie-hellman-group14-sha1 +--- openssh-7.9p1.orig/ssh_config.5 ++++ openssh-7.9p1/ssh_config.5 +@@ -1047,6 +1047,22 @@ diffie-hellman-group14-sha1 .Pp The list of available key exchange algorithms may also be obtained using .Qq ssh -Q kex . @@ -350,10 +350,10 @@ Index: openssh-7.8p1/ssh_config.5 .It Cm LocalCommand Specifies a command to execute on the local machine after successfully connecting to the server. -Index: openssh-7.8p1/sshd_config +Index: openssh-7.9p1/sshd_config =================================================================== ---- openssh-7.8p1.orig/sshd_config -+++ openssh-7.8p1/sshd_config +--- openssh-7.9p1.orig/sshd_config ++++ openssh-7.9p1/sshd_config @@ -19,6 +19,13 @@ #HostKey /etc/ssh/ssh_host_ecdsa_key #HostKey /etc/ssh/ssh_host_ed25519_key @@ -368,11 +368,11 @@ Index: openssh-7.8p1/sshd_config # Ciphers and keying #RekeyLimit default none -Index: openssh-7.8p1/sshd_config.0 +Index: openssh-7.9p1/sshd_config.0 =================================================================== ---- openssh-7.8p1.orig/sshd_config.0 -+++ openssh-7.8p1/sshd_config.0 -@@ -545,6 +545,23 @@ DESCRIPTION +--- openssh-7.9p1.orig/sshd_config.0 ++++ openssh-7.9p1/sshd_config.0 +@@ -555,6 +555,23 @@ DESCRIPTION The list of available key exchange algorithms may also be obtained using "ssh -Q kex". @@ -396,11 +396,11 @@ Index: openssh-7.8p1/sshd_config.0 ListenAddress Specifies the local addresses sshd(8) should listen on. The following forms may be used: -Index: openssh-7.8p1/sshd_config.5 +Index: openssh-7.9p1/sshd_config.5 =================================================================== ---- openssh-7.8p1.orig/sshd_config.5 -+++ openssh-7.8p1/sshd_config.5 -@@ -912,6 +912,22 @@ diffie-hellman-group14-sha256,diffie-hel +--- openssh-7.9p1.orig/sshd_config.5 ++++ openssh-7.9p1/sshd_config.5 +@@ -923,6 +923,22 @@ diffie-hellman-group14-sha256,diffie-hel .Pp The list of available key exchange algorithms may also be obtained using .Qq ssh -Q kex . diff --git a/openssh-7.7p1-fips.patch b/openssh-7.7p1-fips.patch index 9de361f..51c8900 100644 --- a/openssh-7.7p1-fips.patch +++ b/openssh-7.7p1-fips.patch @@ -3,10 +3,10 @@ FIPS 140-2 compliance. Perform selftests on start and use only FIPS approved algorithms. -Index: openssh-7.8p1/Makefile.in +Index: openssh-7.9p1/Makefile.in =================================================================== ---- openssh-7.8p1.orig/Makefile.in -+++ openssh-7.8p1/Makefile.in +--- openssh-7.9p1.orig/Makefile.in ++++ openssh-7.9p1/Makefile.in @@ -102,6 +102,8 @@ LIBSSH_OBJS=${LIBOPENSSH_OBJS} \ kexdhs.o kexgexs.o kexecdhs.o kexc25519s.o \ platform-pledge.o platform-tracing.o platform-misc.o @@ -16,10 +16,10 @@ Index: openssh-7.8p1/Makefile.in SSHOBJS= ssh.o readconf.o clientloop.o sshtty.o \ sshconnect.o sshconnect2.o mux.o -Index: openssh-7.8p1/cipher-ctr.c +Index: openssh-7.9p1/cipher-ctr.c =================================================================== ---- openssh-7.8p1.orig/cipher-ctr.c -+++ openssh-7.8p1/cipher-ctr.c +--- openssh-7.9p1.orig/cipher-ctr.c ++++ openssh-7.9p1/cipher-ctr.c @@ -27,6 +27,8 @@ #include "xmalloc.h" #include "log.h" @@ -38,10 +38,10 @@ Index: openssh-7.8p1/cipher-ctr.c #endif return (&aes_ctr); } -Index: openssh-7.8p1/cipher.c +Index: openssh-7.9p1/cipher.c =================================================================== ---- openssh-7.8p1.orig/cipher.c -+++ openssh-7.8p1/cipher.c +--- openssh-7.9p1.orig/cipher.c ++++ openssh-7.9p1/cipher.c @@ -51,6 +51,8 @@ #include "openbsd-compat/openssl-compat.h" @@ -131,10 +131,10 @@ Index: openssh-7.8p1/cipher.c if (strcmp(c->name, name) == 0) return c; return NULL; -Index: openssh-7.8p1/dh.h +Index: openssh-7.9p1/dh.h =================================================================== ---- openssh-7.8p1.orig/dh.h -+++ openssh-7.8p1/dh.h +--- openssh-7.9p1.orig/dh.h ++++ openssh-7.9p1/dh.h @@ -52,6 +52,7 @@ u_int dh_estimate(int); */ #define DH_GRP_MIN_RFC 1024 @@ -143,10 +143,10 @@ Index: openssh-7.8p1/dh.h #define DH_GRP_MAX 8192 /* -Index: openssh-7.8p1/fips.c +Index: openssh-7.9p1/fips.c =================================================================== --- /dev/null -+++ openssh-7.8p1/fips.c ++++ openssh-7.9p1/fips.c @@ -0,0 +1,237 @@ +/* + * Copyright (c) 2012 Petr Cerny. All rights reserved. @@ -385,10 +385,10 @@ Index: openssh-7.8p1/fips.c + return dh; +} + -Index: openssh-7.8p1/fips.h +Index: openssh-7.9p1/fips.h =================================================================== --- /dev/null -+++ openssh-7.8p1/fips.h ++++ openssh-7.9p1/fips.h @@ -0,0 +1,45 @@ +/* + * Copyright (c) 2012 Petr Cerny. All rights reserved. @@ -435,10 +435,10 @@ Index: openssh-7.8p1/fips.h + +#endif + -Index: openssh-7.8p1/hmac.c +Index: openssh-7.9p1/hmac.c =================================================================== ---- openssh-7.8p1.orig/hmac.c -+++ openssh-7.8p1/hmac.c +--- openssh-7.9p1.orig/hmac.c ++++ openssh-7.9p1/hmac.c @@ -144,7 +144,7 @@ hmac_test(void *key, size_t klen, void * size_t i; u_char digest[16]; @@ -448,10 +448,10 @@ Index: openssh-7.8p1/hmac.c printf("ssh_hmac_start failed"); if (ssh_hmac_init(ctx, key, klen) < 0 || ssh_hmac_update(ctx, m, mlen) < 0 || -Index: openssh-7.8p1/kex.c +Index: openssh-7.9p1/kex.c =================================================================== ---- openssh-7.8p1.orig/kex.c -+++ openssh-7.8p1/kex.c +--- openssh-7.9p1.orig/kex.c ++++ openssh-7.9p1/kex.c @@ -54,6 +54,8 @@ #include "sshbuf.h" #include "digest.h" @@ -547,11 +547,11 @@ Index: openssh-7.8p1/kex.c free(s); return 0; } -Index: openssh-7.8p1/kexgexc.c +Index: openssh-7.9p1/kexgexc.c =================================================================== ---- openssh-7.8p1.orig/kexgexc.c -+++ openssh-7.8p1/kexgexc.c -@@ -51,8 +51,7 @@ +--- openssh-7.9p1.orig/kexgexc.c ++++ openssh-7.9p1/kexgexc.c +@@ -53,8 +53,7 @@ #include "sshbuf.h" #include "misc.h" @@ -561,7 +561,7 @@ Index: openssh-7.8p1/kexgexc.c static int input_kex_dh_gex_group(int, u_int32_t, struct ssh *); static int input_kex_dh_gex_reply(int, u_int32_t, struct ssh *); -@@ -66,7 +65,7 @@ kexgex_client(struct ssh *ssh) +@@ -68,7 +67,7 @@ kexgex_client(struct ssh *ssh) nbits = dh_estimate(kex->dh_need * 8); @@ -570,11 +570,11 @@ Index: openssh-7.8p1/kexgexc.c kex->max = DH_GRP_MAX; kex->nbits = nbits; if (datafellows & SSH_BUG_DHGEX_LARGE) -Index: openssh-7.8p1/kexgexs.c +Index: openssh-7.9p1/kexgexs.c =================================================================== ---- openssh-7.8p1.orig/kexgexs.c -+++ openssh-7.8p1/kexgexs.c -@@ -54,8 +54,7 @@ +--- openssh-7.9p1.orig/kexgexs.c ++++ openssh-7.9p1/kexgexs.c +@@ -56,8 +56,7 @@ #include "sshbuf.h" #include "misc.h" @@ -584,7 +584,7 @@ Index: openssh-7.8p1/kexgexs.c static int input_kex_dh_gex_request(int, u_int32_t, struct ssh *); static int input_kex_dh_gex_init(int, u_int32_t, struct ssh *); -@@ -85,9 +84,9 @@ input_kex_dh_gex_request(int type, u_int +@@ -88,9 +87,9 @@ input_kex_dh_gex_request(int type, u_int kex->nbits = nbits; kex->min = min; kex->max = max; @@ -596,10 +596,10 @@ Index: openssh-7.8p1/kexgexs.c nbits = MINIMUM(DH_GRP_MAX, nbits); if (kex->max < kex->min || kex->nbits < kex->min || -Index: openssh-7.8p1/mac.c +Index: openssh-7.9p1/mac.c =================================================================== ---- openssh-7.8p1.orig/mac.c -+++ openssh-7.8p1/mac.c +--- openssh-7.9p1.orig/mac.c ++++ openssh-7.9p1/mac.c @@ -40,6 +40,9 @@ #include "openbsd-compat/openssl-compat.h" @@ -679,11 +679,11 @@ Index: openssh-7.8p1/mac.c if (strcmp(name, m->name) != 0) continue; if (mac != NULL) -Index: openssh-7.8p1/myproposal.h +Index: openssh-7.9p1/myproposal.h =================================================================== ---- openssh-7.8p1.orig/myproposal.h -+++ openssh-7.8p1/myproposal.h -@@ -141,6 +141,8 @@ +--- openssh-7.9p1.orig/myproposal.h ++++ openssh-7.9p1/myproposal.h +@@ -151,6 +151,8 @@ #else /* WITH_OPENSSL */ @@ -692,10 +692,10 @@ Index: openssh-7.8p1/myproposal.h #define KEX_SERVER_KEX \ "curve25519-sha256," \ "curve25519-sha256@libssh.org" -Index: openssh-7.8p1/readconf.c +Index: openssh-7.9p1/readconf.c =================================================================== ---- openssh-7.8p1.orig/readconf.c -+++ openssh-7.8p1/readconf.c +--- openssh-7.9p1.orig/readconf.c ++++ openssh-7.9p1/readconf.c @@ -68,6 +68,7 @@ #include "myproposal.h" #include "digest.h" @@ -704,7 +704,7 @@ Index: openssh-7.8p1/readconf.c /* Format of the configuration file: -@@ -1800,6 +1801,23 @@ option_clear_or_none(const char *o) +@@ -1825,6 +1826,23 @@ option_clear_or_none(const char *o) return o == NULL || strcasecmp(o, "none") == 0; } @@ -728,7 +728,7 @@ Index: openssh-7.8p1/readconf.c /* * Initializes options to special values that indicate that they have not yet * been set. Read_config_file will only set options with this value. Options -@@ -1999,9 +2017,9 @@ fill_default_options(Options * options) +@@ -2025,9 +2043,9 @@ fill_default_options(Options * options) if (options->number_of_password_prompts == -1) options->number_of_password_prompts = 3; if (options->kex_dhmin == -1) @@ -740,7 +740,7 @@ Index: openssh-7.8p1/readconf.c options->kex_dhmin = MINIMUM(options->kex_dhmin, DH_GRP_MAX); } dh_grp_min = options->kex_dhmin; -@@ -2086,6 +2104,8 @@ fill_default_options(Options * options) +@@ -2112,6 +2130,8 @@ fill_default_options(Options * options) options->canonicalize_hostname = SSH_CANONICALISE_NO; if (options->fingerprint_hash == -1) options->fingerprint_hash = SSH_FP_HASH_DEFAULT; @@ -749,19 +749,19 @@ Index: openssh-7.8p1/readconf.c if (options->update_hostkeys == -1) options->update_hostkeys = 0; -@@ -2110,6 +2130,7 @@ fill_default_options(Options * options) - free(all_mac); - free(all_kex); +@@ -2594,6 +2614,7 @@ dump_client_config(Options *o, const cha + KEX_DEFAULT_PK_ALG, all_key) != 0) + fatal("%s: kex_assemble_names failed", __func__); free(all_key); -+ filter_fips_algorithms(options); ++ filter_fips_algorithms(o); - #define CLEAR_ON_NONE(v) \ - do { \ -Index: openssh-7.8p1/readconf.h + /* Most interesting options first: user, host, port */ + dump_cfg_string(oUser, o->user); +Index: openssh-7.9p1/readconf.h =================================================================== ---- openssh-7.8p1.orig/readconf.h -+++ openssh-7.8p1/readconf.h -@@ -197,6 +197,7 @@ typedef struct { +--- openssh-7.9p1.orig/readconf.h ++++ openssh-7.9p1/readconf.h +@@ -198,6 +198,7 @@ typedef struct { #define SSH_STRICT_HOSTKEY_YES 2 #define SSH_STRICT_HOSTKEY_ASK 3 @@ -769,10 +769,10 @@ Index: openssh-7.8p1/readconf.h void initialize_options(Options *); void fill_default_options(Options *); void fill_default_options_for_canonicalization(Options *); -Index: openssh-7.8p1/servconf.c +Index: openssh-7.9p1/servconf.c =================================================================== ---- openssh-7.8p1.orig/servconf.c -+++ openssh-7.8p1/servconf.c +--- openssh-7.9p1.orig/servconf.c ++++ openssh-7.9p1/servconf.c @@ -65,6 +65,7 @@ #include "myproposal.h" #include "digest.h" @@ -781,7 +781,7 @@ Index: openssh-7.8p1/servconf.c /* import from dh.c */ extern int dh_grp_min; -@@ -194,6 +195,23 @@ option_clear_or_none(const char *o) +@@ -195,6 +196,23 @@ option_clear_or_none(const char *o) return o == NULL || strcasecmp(o, "none") == 0; } @@ -805,16 +805,16 @@ Index: openssh-7.8p1/servconf.c static void assemble_algorithms(ServerOptions *o) { -@@ -220,6 +238,8 @@ assemble_algorithms(ServerOptions *o) - free(all_mac); +@@ -224,6 +242,8 @@ assemble_algorithms(ServerOptions *o) free(all_kex); free(all_key); + free(all_sig); + + filter_fips_algorithms_s(o); } static void -@@ -269,9 +289,9 @@ fill_default_server_options(ServerOption +@@ -273,9 +293,9 @@ fill_default_server_options(ServerOption options->use_pam_check_locks = 0; if (options->kex_dhmin == -1) @@ -826,7 +826,7 @@ Index: openssh-7.8p1/servconf.c options->kex_dhmin = MINIMUM(options->kex_dhmin, DH_GRP_MAX); } dh_grp_min = options->kex_dhmin; -@@ -419,6 +439,8 @@ fill_default_server_options(ServerOption +@@ -423,6 +443,8 @@ fill_default_server_options(ServerOption options->fwd_opts.streamlocal_bind_unlink = 0; if (options->fingerprint_hash == -1) options->fingerprint_hash = SSH_FP_HASH_DEFAULT; @@ -835,10 +835,10 @@ Index: openssh-7.8p1/servconf.c if (options->disable_forwarding == -1) options->disable_forwarding = 0; if (options->expose_userauth_info == -1) -Index: openssh-7.8p1/ssh-keygen.c +Index: openssh-7.9p1/ssh-keygen.c =================================================================== ---- openssh-7.8p1.orig/ssh-keygen.c -+++ openssh-7.8p1/ssh-keygen.c +--- openssh-7.9p1.orig/ssh-keygen.c ++++ openssh-7.9p1/ssh-keygen.c @@ -61,6 +61,8 @@ #include "utf8.h" #include "authfd.h" @@ -848,7 +848,7 @@ Index: openssh-7.8p1/ssh-keygen.c #ifdef WITH_OPENSSL # define DEFAULT_KEY_TYPE_NAME "rsa" #else -@@ -965,11 +967,13 @@ do_fingerprint(struct passwd *pw) +@@ -996,11 +998,13 @@ do_fingerprint(struct passwd *pw) static void do_gen_all_hostkeys(struct passwd *pw) { @@ -864,7 +864,7 @@ Index: openssh-7.8p1/ssh-keygen.c #ifdef WITH_OPENSSL { "rsa", "RSA" ,_PATH_HOST_RSA_KEY_FILE }, { "dsa", "DSA", _PATH_HOST_DSA_KEY_FILE }, -@@ -984,6 +988,17 @@ do_gen_all_hostkeys(struct passwd *pw) +@@ -1015,6 +1019,17 @@ do_gen_all_hostkeys(struct passwd *pw) { NULL, NULL, NULL } }; @@ -882,7 +882,7 @@ Index: openssh-7.8p1/ssh-keygen.c int first = 0; struct stat st; struct sshkey *private, *public; -@@ -991,6 +1006,12 @@ do_gen_all_hostkeys(struct passwd *pw) +@@ -1022,6 +1037,12 @@ do_gen_all_hostkeys(struct passwd *pw) int i, type, fd, r; FILE *f; @@ -895,7 +895,7 @@ Index: openssh-7.8p1/ssh-keygen.c for (i = 0; key_types[i].key_type; i++) { public = private = NULL; prv_tmp = pub_tmp = prv_file = pub_file = NULL; -@@ -2727,6 +2748,15 @@ main(int argc, char **argv) +@@ -2817,6 +2838,15 @@ main(int argc, char **argv) key_type_name = DEFAULT_KEY_TYPE_NAME; type = sshkey_type_from_name(key_type_name); @@ -911,11 +911,11 @@ Index: openssh-7.8p1/ssh-keygen.c type_bits_valid(type, key_type_name, &bits); if (!quiet) -Index: openssh-7.8p1/ssh_config.0 +Index: openssh-7.9p1/ssh_config.0 =================================================================== ---- openssh-7.8p1.orig/ssh_config.0 -+++ openssh-7.8p1/ssh_config.0 -@@ -343,6 +343,9 @@ DESCRIPTION +--- openssh-7.9p1.orig/ssh_config.0 ++++ openssh-7.9p1/ssh_config.0 +@@ -353,6 +353,9 @@ DESCRIPTION Specifies the hash algorithm used when displaying key fingerprints. Valid options are: md5 and sha256 (the default). @@ -925,7 +925,7 @@ Index: openssh-7.8p1/ssh_config.0 ForwardAgent Specifies whether the connection to the authentication agent (if any) will be forwarded to the remote machine. The argument must -@@ -612,6 +615,9 @@ DESCRIPTION +@@ -627,6 +630,9 @@ DESCRIPTION resort and all efforts should be made to fix the (broken) counterparty. @@ -935,11 +935,11 @@ Index: openssh-7.8p1/ssh_config.0 LocalCommand Specifies a command to execute on the local machine after successfully connecting to the server. The command string -Index: openssh-7.8p1/ssh_config.5 +Index: openssh-7.9p1/ssh_config.5 =================================================================== ---- openssh-7.8p1.orig/ssh_config.5 -+++ openssh-7.8p1/ssh_config.5 -@@ -628,6 +628,8 @@ Valid options are: +--- openssh-7.9p1.orig/ssh_config.5 ++++ openssh-7.9p1/ssh_config.5 +@@ -642,6 +642,8 @@ Valid options are: and .Cm sha256 (the default). @@ -948,7 +948,7 @@ Index: openssh-7.8p1/ssh_config.5 .It Cm ForwardAgent Specifies whether the connection to the authentication agent (if any) will be forwarded to the remote machine. -@@ -1041,6 +1043,9 @@ maximum backward compatibility, using it +@@ -1063,6 +1065,9 @@ maximum backward compatibility, using it security and thus should be viewed as a temporary fix of last resort and all efforts should be made to fix the (broken) counterparty. @@ -958,10 +958,10 @@ Index: openssh-7.8p1/ssh_config.5 .It Cm LocalCommand Specifies a command to execute on the local machine after successfully connecting to the server. -Index: openssh-7.8p1/sshd.c +Index: openssh-7.9p1/sshd.c =================================================================== ---- openssh-7.8p1.orig/sshd.c -+++ openssh-7.8p1/sshd.c +--- openssh-7.9p1.orig/sshd.c ++++ openssh-7.9p1/sshd.c @@ -123,6 +123,8 @@ #include "version.h" #include "ssherr.h" @@ -971,11 +971,11 @@ Index: openssh-7.8p1/sshd.c /* Re-exec fds */ #define REEXEC_DEVCRYPTO_RESERVED_FD (STDERR_FILENO + 1) #define REEXEC_STARTUP_PIPE_FD (STDERR_FILENO + 2) -Index: openssh-7.8p1/sshd_config.0 +Index: openssh-7.9p1/sshd_config.0 =================================================================== ---- openssh-7.8p1.orig/sshd_config.0 -+++ openssh-7.8p1/sshd_config.0 -@@ -338,6 +338,9 @@ DESCRIPTION +--- openssh-7.9p1.orig/sshd_config.0 ++++ openssh-7.9p1/sshd_config.0 +@@ -348,6 +348,9 @@ DESCRIPTION Specifies the hash algorithm used when logging key fingerprints. Valid options are: md5 and sha256. The default is sha256. @@ -985,7 +985,7 @@ Index: openssh-7.8p1/sshd_config.0 ForceCommand Forces the execution of the command specified by ForceCommand, ignoring any command supplied by the client and ~/.ssh/rc if -@@ -562,6 +565,9 @@ DESCRIPTION +@@ -572,6 +575,9 @@ DESCRIPTION resort and all efforts should be made to fix the (broken) counterparty. @@ -995,11 +995,11 @@ Index: openssh-7.8p1/sshd_config.0 ListenAddress Specifies the local addresses sshd(8) should listen on. The following forms may be used: -Index: openssh-7.8p1/sshd_config.5 +Index: openssh-7.9p1/sshd_config.5 =================================================================== ---- openssh-7.8p1.orig/sshd_config.5 -+++ openssh-7.8p1/sshd_config.5 -@@ -592,6 +592,8 @@ and +--- openssh-7.9p1.orig/sshd_config.5 ++++ openssh-7.9p1/sshd_config.5 +@@ -603,6 +603,8 @@ and .Cm sha256 . The default is .Cm sha256 . diff --git a/openssh-7.7p1-gssapi_key_exchange.patch b/openssh-7.7p1-gssapi_key_exchange.patch index eb36435..304bbe2 100644 --- a/openssh-7.7p1-gssapi_key_exchange.patch +++ b/openssh-7.7p1-gssapi_key_exchange.patch @@ -1,11 +1,16 @@ # HG changeset patch # Parent 6a2300496d25e85647e718287d4d9f37170f492a -Index: openssh-7.8p1/Makefile.in +Index: openssh-7.9p1/Makefile.in =================================================================== ---- openssh-7.8p1.orig/Makefile.in -+++ openssh-7.8p1/Makefile.in -@@ -108,6 +108,8 @@ LIBSSH_OBJS=${LIBOPENSSH_OBJS} \ +--- openssh-7.9p1.orig/Makefile.in ++++ openssh-7.9p1/Makefile.in +@@ -104,10 +104,13 @@ LIBSSH_OBJS=${LIBOPENSSH_OBJS} \ + kex.o kexdh.o kexgex.o kexecdh.o kexc25519.o \ + kexdhc.o kexgexc.o kexecdhc.o kexc25519c.o \ + kexdhs.o kexgexs.o kexecdhs.o kexc25519s.o \ ++ kexgssc.o \ + platform-pledge.o platform-tracing.o platform-misc.o LIBSSH_OBJS += fips.o @@ -14,10 +19,19 @@ Index: openssh-7.8p1/Makefile.in SSHOBJS= ssh.o readconf.o clientloop.o sshtty.o \ sshconnect.o sshconnect2.o mux.o -Index: openssh-7.8p1/auth-krb5.c +@@ -119,7 +122,7 @@ SSHDOBJS=sshd.o auth-rhosts.o auth-passw + auth-bsdauth.o auth2-hostbased.o auth2-kbdint.o \ + auth2-none.o auth2-passwd.o auth2-pubkey.o \ + monitor.o monitor_wrap.o auth-krb5.o \ +- auth2-gss.o gss-serv.o gss-serv-krb5.o \ ++ auth2-gss.o gss-serv.o gss-serv-krb5.o kexgsss.o \ + loginrec.o auth-pam.o auth-shadow.o auth-sia.o md5crypt.o \ + sftp-server.o sftp-common.o \ + sandbox-null.o sandbox-rlimit.o sandbox-systrace.o sandbox-darwin.o \ +Index: openssh-7.9p1/auth-krb5.c =================================================================== ---- openssh-7.8p1.orig/auth-krb5.c -+++ openssh-7.8p1/auth-krb5.c +--- openssh-7.9p1.orig/auth-krb5.c ++++ openssh-7.9p1/auth-krb5.c @@ -182,8 +182,13 @@ auth_krb5_password(Authctxt *authctxt, c len = strlen(authctxt->krb5_ticket_file) + 6; @@ -60,11 +74,11 @@ Index: openssh-7.8p1/auth-krb5.c return (krb5_cc_resolve(ctx, ccname, ccache)); } -Index: openssh-7.8p1/auth.c +Index: openssh-7.9p1/auth.c =================================================================== ---- openssh-7.8p1.orig/auth.c -+++ openssh-7.8p1/auth.c -@@ -395,6 +395,7 @@ auth_root_allowed(struct ssh *ssh, const +--- openssh-7.9p1.orig/auth.c ++++ openssh-7.9p1/auth.c +@@ -399,6 +399,7 @@ auth_root_allowed(struct ssh *ssh, const case PERMIT_NO_PASSWD: if (strcmp(method, "publickey") == 0 || strcmp(method, "hostbased") == 0 || @@ -72,10 +86,10 @@ Index: openssh-7.8p1/auth.c strcmp(method, "gssapi-with-mic") == 0) return 1; break; -Index: openssh-7.8p1/auth2-gss.c +Index: openssh-7.9p1/auth2-gss.c =================================================================== ---- openssh-7.8p1.orig/auth2-gss.c -+++ openssh-7.8p1/auth2-gss.c +--- openssh-7.9p1.orig/auth2-gss.c ++++ openssh-7.9p1/auth2-gss.c @@ -31,6 +31,7 @@ #include @@ -105,7 +119,7 @@ Index: openssh-7.8p1/auth2-gss.c + packet_check_eom(); + + if ((b = sshbuf_new()) == NULL) -+ fatal("%s: sshbuf_new failed", __func__); ++ fatal("%s: sshbuf_new failed", __func__); + + ssh_gssapi_buildmic(b, authctxt->user, authctxt->service, + "gssapi-keyex"); @@ -129,7 +143,7 @@ Index: openssh-7.8p1/auth2-gss.c * We only support those mechanisms that we know about (ie ones that we know * how to check local user kuserok and the like) */ -@@ -260,7 +299,8 @@ input_gssapi_exchange_complete(int type, +@@ -260,7 +302,8 @@ input_gssapi_exchange_complete(int type, if ((r = sshpkt_get_end(ssh)) != 0) fatal("%s: %s", __func__, ssh_err(r)); @@ -139,7 +153,7 @@ Index: openssh-7.8p1/auth2-gss.c if ((!use_privsep || mm_is_monitor()) && (displayname = ssh_gssapi_displayname()) != NULL) -@@ -306,7 +346,8 @@ input_gssapi_mic(int type, u_int32_t ple +@@ -306,7 +349,8 @@ input_gssapi_mic(int type, u_int32_t ple gssbuf.length = sshbuf_len(b); if (!GSS_ERROR(PRIVSEP(ssh_gssapi_checkmic(gssctxt, &gssbuf, &mic)))) @@ -149,7 +163,7 @@ Index: openssh-7.8p1/auth2-gss.c else logit("GSSAPI MIC check failed"); -@@ -326,6 +367,12 @@ input_gssapi_mic(int type, u_int32_t ple +@@ -326,6 +370,12 @@ input_gssapi_mic(int type, u_int32_t ple return 0; } @@ -162,10 +176,10 @@ Index: openssh-7.8p1/auth2-gss.c Authmethod method_gssapi = { "gssapi-with-mic", userauth_gssapi, -Index: openssh-7.8p1/auth2.c +Index: openssh-7.9p1/auth2.c =================================================================== ---- openssh-7.8p1.orig/auth2.c -+++ openssh-7.8p1/auth2.c +--- openssh-7.9p1.orig/auth2.c ++++ openssh-7.9p1/auth2.c @@ -74,6 +74,7 @@ extern Authmethod method_passwd; extern Authmethod method_kbdint; extern Authmethod method_hostbased; @@ -182,10 +196,10 @@ Index: openssh-7.8p1/auth2.c &method_gssapi, #endif &method_passwd, -Index: openssh-7.8p1/clientloop.c +Index: openssh-7.9p1/clientloop.c =================================================================== ---- openssh-7.8p1.orig/clientloop.c -+++ openssh-7.8p1/clientloop.c +--- openssh-7.9p1.orig/clientloop.c ++++ openssh-7.9p1/clientloop.c @@ -112,6 +112,10 @@ #include "ssherr.h" #include "hostfile.h" @@ -197,7 +211,7 @@ Index: openssh-7.8p1/clientloop.c /* import options */ extern Options options; -@@ -1357,9 +1361,18 @@ client_loop(struct ssh *ssh, int have_pt +@@ -1370,9 +1374,18 @@ client_loop(struct ssh *ssh, int have_pt break; /* Do channel operations unless rekeying in progress. */ @@ -217,11 +231,11 @@ Index: openssh-7.8p1/clientloop.c /* Buffer input from the connection. */ client_process_net_input(readset); -Index: openssh-7.8p1/configure.ac +Index: openssh-7.9p1/configure.ac =================================================================== ---- openssh-7.8p1.orig/configure.ac -+++ openssh-7.8p1/configure.ac -@@ -673,6 +673,30 @@ main() { if (NSVersionOfRunTimeLibrary(" +--- openssh-7.9p1.orig/configure.ac ++++ openssh-7.9p1/configure.ac +@@ -664,6 +664,30 @@ main() { if (NSVersionOfRunTimeLibrary(" [Use tunnel device compatibility to OpenBSD]) AC_DEFINE([SSH_TUN_PREPEND_AF], [1], [Prepend the address family to IP tunnel traffic]) @@ -252,7 +266,7 @@ Index: openssh-7.8p1/configure.ac m4_pattern_allow([AU_IPv]) AC_CHECK_DECL([AU_IPv4], [], AC_DEFINE([AU_IPv4], [0], [System only supports IPv4 audit records]) -@@ -1853,9 +1877,9 @@ AC_RUN_IFELSE( +@@ -1844,9 +1868,9 @@ AC_RUN_IFELSE( ) AC_LINK_IFELSE( @@ -265,7 +279,7 @@ Index: openssh-7.8p1/configure.ac [AC_DEFINE([HAVE_ISBLANK], [1], [Define if you have isblank(3C).]) ]) -@@ -2161,7 +2185,7 @@ int snprintf(char *a, size_t b, const ch +@@ -2175,7 +2199,7 @@ int snprintf(char *a, size_t b, const ch ]])], [AC_MSG_RESULT([yes]) AC_DEFINE([SNPRINTF_CONST], [const], @@ -274,7 +288,7 @@ Index: openssh-7.8p1/configure.ac [AC_MSG_RESULT([no]) AC_DEFINE([SNPRINTF_CONST], [/* not const */])]) -@@ -2176,7 +2200,7 @@ if test "x$ac_cv_func_getpeereid" != "xy +@@ -2190,7 +2214,7 @@ if test "x$ac_cv_func_getpeereid" != "xy AC_DEFINE([HAVE_SO_PEERCRED], [1], [Have PEERCRED socket option]) ], [AC_MSG_RESULT([no]) NO_PEERCHECK=1 @@ -283,23 +297,7 @@ Index: openssh-7.8p1/configure.ac fi dnl see whether mkstemp() requires XXXXXX -@@ -2600,12 +2624,12 @@ if test "x$openssl" = "xyes" ; then - case "$ssl_library_ver" in - 10000*|0*) - AC_MSG_ERROR([OpenSSL >= 1.0.1 required (have "$ssl_library_ver")]) -- ;; -+ ;; - 100*) ;; # 1.0.x - 200*) ;; # LibreSSL -- *) -+ *) - AC_MSG_ERROR([OpenSSL >= 1.1.0 is not yet supported (have "$ssl_library_ver")]) -- ;; -+ ;; - esac - AC_MSG_RESULT([$ssl_library_ver]) - ], -@@ -4473,7 +4497,7 @@ AC_ARG_WITH([maildir], +@@ -4601,7 +4625,7 @@ AC_ARG_WITH([maildir], if test "X$withval" != X && test "x$withval" != xno && \ test "x${withval}" != xyes; then AC_DEFINE_UNQUOTED([MAIL_DIRECTORY], ["$withval"], @@ -308,11 +306,11 @@ Index: openssh-7.8p1/configure.ac fi ],[ if test "X$maildir" != "X"; then -Index: openssh-7.8p1/gss-genr.c +Index: openssh-7.9p1/gss-genr.c =================================================================== ---- openssh-7.8p1.orig/gss-genr.c -+++ openssh-7.8p1/gss-genr.c -@@ -41,12 +41,169 @@ +--- openssh-7.9p1.orig/gss-genr.c ++++ openssh-7.9p1/gss-genr.c +@@ -41,12 +41,174 @@ #include "sshbuf.h" #include "log.h" #include "ssh2.h" @@ -375,7 +373,7 @@ Index: openssh-7.8p1/gss-genr.c + u_char digest[EVP_MAX_MD_SIZE]; + char deroid[2]; + const EVP_MD *evp_md = EVP_md5(); -+ EVP_MD_CTX md; ++ EVP_MD_CTX *md; + + if (gss_enc2oid != NULL) { + for (i = 0; gss_enc2oid[i].encoded != NULL; i++) @@ -389,6 +387,7 @@ Index: openssh-7.8p1/gss-genr.c + if ((buf = sshbuf_new()) == NULL) + fatal("%s: sshbuf_new failed", __func__); + ++ md = EVP_MD_CTX_new(); + oidpos = 0; + for (i = 0; i < gss_supported->count; i++) { + if (gss_supported->elements[i].length < 128 && @@ -397,36 +396,40 @@ Index: openssh-7.8p1/gss-genr.c + deroid[0] = SSH_GSS_OIDTYPE; + deroid[1] = gss_supported->elements[i].length; + -+ EVP_DigestInit(&md, evp_md); -+ EVP_DigestUpdate(&md, deroid, 2); -+ EVP_DigestUpdate(&md, ++ EVP_DigestInit(md, evp_md); ++ EVP_DigestUpdate(md, deroid, 2); ++ EVP_DigestUpdate(md, + gss_supported->elements[i].elements, + gss_supported->elements[i].length); -+ EVP_DigestFinal(&md, digest, NULL); ++ EVP_DigestFinal(md, digest, NULL); + + encoded = xmalloc(EVP_MD_size(evp_md) * 2); + enclen = __b64_ntop(digest, EVP_MD_size(evp_md), + encoded, EVP_MD_size(evp_md) * 2); + -+ cp = strncpy(s, kex, strlen(kex)); -+ for ((p = strsep(&cp, ",")); p && *p != '\0'; -+ (p = strsep(&cp, ","))) { -+ if (sshbuf_len(buf) != 0) -+ if ((r = sshbuf_put_u8(buf, ',')) !=0) -+ fatal("%s: buffer error: %s", -+ __func__, ssh_err(r)); -+ if ((r = sshbuf_put(buf, p, strlen(p))) != 0 || -+ (r = sshbuf_put(buf, encoded, enclen)) != 0) -+ fatal("%s: buffer error: %s", -+ __func__, ssh_err(r)); -+ } ++ if (oidpos != 0) ++ if ((r = sshbuf_put_u8(buf, ',')) != 0) ++ fatal("%s: buffer error: %s", __func__, ssh_err(r)); ++ ++ if ((r = sshbuf_put(buf, KEX_GSS_GEX_SHA1_ID, ++ sizeof(KEX_GSS_GEX_SHA1_ID) - 1)) != 0 || ++ (r = sshbuf_put(buf, encoded, enclen)) != 0 || ++ (r = sshbuf_put_u8(buf, ',')) != 0 || ++ (r = sshbuf_put(buf, KEX_GSS_GRP1_SHA1_ID, ++ sizeof(KEX_GSS_GRP1_SHA1_ID) - 1)) != 0 || ++ (r = sshbuf_put(buf, encoded, enclen)) != 0 || ++ (r = sshbuf_put_u8(buf, ',')) != 0 || ++ (r = sshbuf_put(buf, KEX_GSS_GRP14_SHA1_ID, ++ sizeof(KEX_GSS_GRP14_SHA1_ID) - 1)) != 0 || ++ (r = sshbuf_put(buf, encoded, enclen)) != 0) ++ fatal("%s: buffer error: %s", __func__, ssh_err(r)); + + gss_enc2oid[oidpos].oid = &(gss_supported->elements[i]); + gss_enc2oid[oidpos].encoded = encoded; + oidpos++; + } + } -+ free(s); ++ EVP_MD_CTX_free(md); + gss_enc2oid[oidpos].oid = NULL; + gss_enc2oid[oidpos].encoded = NULL; + @@ -482,7 +485,7 @@ Index: openssh-7.8p1/gss-genr.c /* sshbuf_get for gss_buffer_desc */ int ssh_gssapi_get_buffer_desc(struct sshbuf *b, gss_buffer_desc *g) -@@ -218,7 +375,7 @@ ssh_gssapi_init_ctx(Gssctxt *ctx, int de +@@ -218,7 +381,7 @@ ssh_gssapi_init_ctx(Gssctxt *ctx, int de } ctx->major = gss_init_sec_context(&ctx->minor, @@ -491,7 +494,7 @@ Index: openssh-7.8p1/gss-genr.c GSS_C_MUTUAL_FLAG | GSS_C_INTEG_FLAG | deleg_flag, 0, NULL, recv_tok, NULL, send_tok, flags, NULL); -@@ -248,8 +405,42 @@ ssh_gssapi_import_name(Gssctxt *ctx, con +@@ -248,8 +411,42 @@ ssh_gssapi_import_name(Gssctxt *ctx, con } OM_uint32 @@ -534,7 +537,7 @@ Index: openssh-7.8p1/gss-genr.c if ((ctx->major = gss_get_mic(&ctx->minor, ctx->context, GSS_C_QOP_DEFAULT, buffer, hash))) ssh_gssapi_error(ctx); -@@ -257,6 +448,19 @@ ssh_gssapi_sign(Gssctxt *ctx, gss_buffer +@@ -257,6 +454,19 @@ ssh_gssapi_sign(Gssctxt *ctx, gss_buffer return (ctx->major); } @@ -554,7 +557,7 @@ Index: openssh-7.8p1/gss-genr.c void ssh_gssapi_buildmic(struct sshbuf *b, const char *user, const char *service, const char *context) -@@ -273,22 +477,31 @@ ssh_gssapi_buildmic(struct sshbuf *b, co +@@ -273,22 +483,31 @@ ssh_gssapi_buildmic(struct sshbuf *b, co } int @@ -589,7 +592,7 @@ Index: openssh-7.8p1/gss-genr.c NULL); gss_release_buffer(&minor, &token); if ((*ctx)->context != GSS_C_NO_CONTEXT) -@@ -296,10 +509,66 @@ ssh_gssapi_check_mechanism(Gssctxt **ctx +@@ -296,10 +515,66 @@ ssh_gssapi_check_mechanism(Gssctxt **ctx GSS_C_NO_BUFFER); } @@ -657,10 +660,10 @@ Index: openssh-7.8p1/gss-genr.c +} + #endif /* GSSAPI */ -Index: openssh-7.8p1/gss-serv-krb5.c +Index: openssh-7.9p1/gss-serv-krb5.c =================================================================== ---- openssh-7.8p1.orig/gss-serv-krb5.c -+++ openssh-7.8p1/gss-serv-krb5.c +--- openssh-7.9p1.orig/gss-serv-krb5.c ++++ openssh-7.9p1/gss-serv-krb5.c @@ -120,7 +120,7 @@ ssh_gssapi_krb5_storecreds(ssh_gssapi_cl krb5_error_code problem; krb5_principal princ; @@ -670,7 +673,7 @@ Index: openssh-7.8p1/gss-serv-krb5.c const char *errmsg; if (client->creds == NULL) { -@@ -180,11 +180,26 @@ ssh_gssapi_krb5_storecreds(ssh_gssapi_cl +@@ -180,11 +180,23 @@ ssh_gssapi_krb5_storecreds(ssh_gssapi_cl return; } @@ -684,7 +687,6 @@ Index: openssh-7.8p1/gss-serv-krb5.c - snprintf(client->store.envval, len, "FILE:%s", client->store.filename); +#ifdef USE_CCAPI + xasprintf(&client->store.envval, "API:%s", new_ccname); -+ client->store.filename = NULL; +#else + if (new_ccname[0] == ':') + new_ccname++; @@ -695,8 +697,6 @@ Index: openssh-7.8p1/gss-serv-krb5.c + if (p) + *p = '\0'; + } -+ if ((strcmp(new_cctype, "FILE") == 0) || (strcmp(new_cctype, "DIR") == 0)) -+ client->store.filename = xstrdup(new_ccname); +#endif #ifdef USE_PAM @@ -788,10 +788,10 @@ Index: openssh-7.8p1/gss-serv-krb5.c }; #endif /* KRB5 */ -Index: openssh-7.8p1/gss-serv.c +Index: openssh-7.9p1/gss-serv.c =================================================================== ---- openssh-7.8p1.orig/gss-serv.c -+++ openssh-7.8p1/gss-serv.c +--- openssh-7.9p1.orig/gss-serv.c ++++ openssh-7.9p1/gss-serv.c @@ -44,17 +44,19 @@ #include "session.h" #include "misc.h" @@ -1073,10 +1073,10 @@ Index: openssh-7.8p1/gss-serv.c } /* Privileged */ -Index: openssh-7.8p1/kex.c +Index: openssh-7.9p1/kex.c =================================================================== ---- openssh-7.8p1.orig/kex.c -+++ openssh-7.8p1/kex.c +--- openssh-7.9p1.orig/kex.c ++++ openssh-7.9p1/kex.c @@ -56,6 +56,10 @@ #include "fips.h" @@ -1124,10 +1124,10 @@ Index: openssh-7.8p1/kex.c } return NULL; } -Index: openssh-7.8p1/kex.h +Index: openssh-7.9p1/kex.h =================================================================== ---- openssh-7.8p1.orig/kex.h -+++ openssh-7.8p1/kex.h +--- openssh-7.9p1.orig/kex.h ++++ openssh-7.9p1/kex.h @@ -100,6 +100,11 @@ enum kex_exchange { KEX_DH_GEX_SHA256, KEX_ECDH_SHA2, @@ -1164,11 +1164,11 @@ Index: openssh-7.8p1/kex.h int kex_dh_hash(int, const char *, const char *, const u_char *, size_t, const u_char *, size_t, const u_char *, size_t, -Index: openssh-7.8p1/kexgssc.c +Index: openssh-7.9p1/kexgssc.c =================================================================== --- /dev/null -+++ openssh-7.8p1/kexgssc.c -@@ -0,0 +1,348 @@ ++++ openssh-7.9p1/kexgssc.c +@@ -0,0 +1,346 @@ +/* + * Copyright (c) 2001-2009 Simon Wilkinson. All rights reserved. + * @@ -1232,13 +1232,12 @@ Index: openssh-7.8p1/kexgssc.c + BIGNUM *shared_secret = NULL; + BIGNUM *p = NULL; + BIGNUM *g = NULL; ++ const BIGNUM *pub_key, *p1, *g1; + u_char *kbuf; + u_char *serverhostkey = NULL; + u_char *empty = ""; + char *msg; -+ /* TODO + char *lang; -+ */ + int type = 0; + int first = 1; + int nbits = 0, min = fips_dh_grp_min(), max = DH_GRP_MAX; @@ -1295,8 +1294,9 @@ Index: openssh-7.8p1/kexgssc.c + fatal("%s: Unexpected KEX type %d", __func__, ssh->kex->kex_type); + } + -+ /* Step 1 - e is dh->pub_key */ ++ /* Step 1 - e is pub_key */ + dh_gen_key(dh, ssh->kex->we_need * 8); ++ DH_get0_key(dh, &pub_key, NULL); + + /* This is f, we initialise it now to make life easier */ + dh_server_pub = BN_new(); @@ -1344,7 +1344,7 @@ Index: openssh-7.8p1/kexgssc.c + packet_start(SSH2_MSG_KEXGSS_INIT); + packet_put_string(send_tok.value, + send_tok.length); -+ packet_put_bignum2(dh->pub_key); ++ packet_put_bignum2((BIGNUM *)pub_key); + first = 0; + } else { + packet_start(SSH2_MSG_KEXGSS_CONTINUE); @@ -1399,9 +1399,7 @@ Index: openssh-7.8p1/kexgssc.c + maj_status = packet_get_int(); + min_status = packet_get_int(); + msg = packet_get_string(NULL); -+ /* TODO + lang = packet_get_string(NULL); -+ */ + fatal("GSSAPI Error: \n%.400s",msg); + default: + packet_disconnect("Protocol error: didn't expect packet type %d", @@ -1431,7 +1429,7 @@ Index: openssh-7.8p1/kexgssc.c + klen = DH_size(dh); + kbuf = xmalloc(klen); + kout = DH_compute_key(kbuf, dh_server_pub, dh); -+ if ((int)kout < 0) ++ if (kout < 0) + fatal("DH_compute_key: failed"); + + shared_secret = BN_new(); @@ -1450,18 +1448,19 @@ Index: openssh-7.8p1/kexgssc.c + case KEX_GSS_GRP14_SHA1: + kex_dh_hash( + ssh->kex->hash_alg, -+ ssh->kex->client_version_string, ++ ssh->kex->client_version_string, + ssh->kex->server_version_string, + sshbuf_ptr(ssh->kex->my), sshbuf_len(ssh->kex->my), + sshbuf_ptr(ssh->kex->peer), sshbuf_len(ssh->kex->peer), + (serverhostkey ? serverhostkey : empty), slen, -+ dh->pub_key, /* e */ ++ pub_key, /* e */ + dh_server_pub, /* f */ + shared_secret, /* K */ + hash, &hashlen + ); + break; + case KEX_GSS_GEX_SHA1: ++ DH_get0_pqg(dh, &p1, NULL, &g1); + kexgex_hash( + ssh->kex->hash_alg, + ssh->kex->client_version_string, @@ -1470,8 +1469,8 @@ Index: openssh-7.8p1/kexgssc.c + sshbuf_ptr(ssh->kex->peer), sshbuf_len(ssh->kex->peer), + (serverhostkey ? serverhostkey : empty), slen, + min, nbits, max, -+ dh->p, dh->g, -+ dh->pub_key, ++ p, g, ++ pub_key, + dh_server_pub, + shared_secret, + hash, &hashlen @@ -1510,18 +1509,17 @@ Index: openssh-7.8p1/kexgssc.c + else + ssh_gssapi_delete_ctx(&ctxt); + -+ /* TODO: check kex_derive_keys_bn return value */ + kex_derive_keys_bn(ssh, hash, hashlen, shared_secret); + BN_clear_free(shared_secret); + return kex_send_newkeys(ssh); +} + +#endif /* GSSAPI */ -Index: openssh-7.8p1/kexgsss.c +Index: openssh-7.9p1/kexgsss.c =================================================================== --- /dev/null -+++ openssh-7.8p1/kexgsss.c -@@ -0,0 +1,307 @@ ++++ openssh-7.9p1/kexgsss.c +@@ -0,0 +1,308 @@ +/* + * Copyright (c) 2001-2009 Simon Wilkinson. All rights reserved. + * @@ -1602,6 +1600,7 @@ Index: openssh-7.8p1/kexgsss.c + char *mechs; + u_char hash[SSH_DIGEST_MAX_LENGTH]; + size_t hashlen; ++ const BIGNUM *p, *g, *pub_key; + + /* Initialise GSSAPI */ + @@ -1654,9 +1653,10 @@ Index: openssh-7.8p1/kexgsss.c + if (dh == NULL) + packet_disconnect("Protocol error: no matching group found"); + ++ DH_set0_pqg(dh, &p, NULL, &g); + packet_start(SSH2_MSG_KEXGSS_GROUP); -+ packet_put_bignum2(dh->p); -+ packet_put_bignum2(dh->g); ++ packet_put_bignum2((BIGNUM *)p); ++ packet_put_bignum2((BIGNUM *)g); + packet_send(); + + packet_write_wait(); @@ -1717,7 +1717,7 @@ Index: openssh-7.8p1/kexgsss.c + if (GSS_ERROR(maj_status)) { + if (send_tok.length > 0) { + packet_start(SSH2_MSG_KEXGSS_CONTINUE); -+ packet_put_string(send_tok.value, send_tok.length); ++ packet_put_string((char *)send_tok.value, send_tok.length); + packet_send(); + } + fatal("accept_ctx died"); @@ -1748,17 +1748,17 @@ Index: openssh-7.8p1/kexgsss.c + memset(kbuf, 0, klen); + free(kbuf); + ++ DH_get0_key(dh, &pub_key, NULL); + hashlen = sizeof(hash); + switch (ssh->kex->kex_type) { + case KEX_GSS_GRP1_SHA1: + case KEX_GSS_GRP14_SHA1: -+ kex_dh_hash( -+ ssh->kex->hash_alg, ++ kex_dh_hash(ssh->kex->hash_alg, + ssh->kex->client_version_string, ssh->kex->server_version_string, + sshbuf_ptr(ssh->kex->peer), sshbuf_len(ssh->kex->peer), + sshbuf_ptr(ssh->kex->my), sshbuf_len(ssh->kex->my), + NULL, 0, /* Change this if we start sending host keys */ -+ dh_client_pub, dh->pub_key, shared_secret, ++ dh_client_pub, pub_key, shared_secret, + hash, &hashlen + ); + break; @@ -1770,9 +1770,9 @@ Index: openssh-7.8p1/kexgsss.c + sshbuf_ptr(ssh->kex->my), sshbuf_len(ssh->kex->my), + NULL, 0, + cmin, nbits, cmax, -+ dh->p, dh->g, ++ p, g, + dh_client_pub, -+ dh->pub_key, ++ pub_key, + shared_secret, + hash, &hashlen + ); @@ -1796,12 +1796,12 @@ Index: openssh-7.8p1/kexgsss.c + fatal("Couldn't get MIC"); + + packet_start(SSH2_MSG_KEXGSS_COMPLETE); -+ packet_put_bignum2(dh->pub_key); ++ packet_put_bignum2(pub_key); + packet_put_string(msg_tok.value,msg_tok.length); + + if (send_tok.length != 0) { + packet_put_char(1); /* true */ -+ packet_put_string(send_tok.value, send_tok.length); ++ packet_put_string((char *)send_tok.value, send_tok.length); + } else { + packet_put_char(0); /* false */ + } @@ -1817,7 +1817,6 @@ Index: openssh-7.8p1/kexgsss.c + + DH_free(dh); + -+ /* TODO: check kex_derive_keys_bn return value */ + kex_derive_keys_bn(ssh, hash, hashlen, shared_secret); + BN_clear_free(shared_secret); + kex_send_newkeys(ssh); @@ -1829,11 +1828,11 @@ Index: openssh-7.8p1/kexgsss.c + return 0; +} +#endif /* GSSAPI */ -Index: openssh-7.8p1/monitor.c +Index: openssh-7.9p1/monitor.c =================================================================== ---- openssh-7.8p1.orig/monitor.c -+++ openssh-7.8p1/monitor.c -@@ -143,6 +143,8 @@ int mm_answer_gss_setup_ctx(int, struct +--- openssh-7.9p1.orig/monitor.c ++++ openssh-7.9p1/monitor.c +@@ -145,6 +145,8 @@ int mm_answer_gss_setup_ctx(int, struct int mm_answer_gss_accept_ctx(int, struct sshbuf *); int mm_answer_gss_userok(int, struct sshbuf *); int mm_answer_gss_checkmic(int, struct sshbuf *); @@ -1842,7 +1841,7 @@ Index: openssh-7.8p1/monitor.c #endif #ifdef SSH_AUDIT_EVENTS -@@ -213,6 +215,7 @@ struct mon_table mon_dispatch_proto20[] +@@ -215,6 +217,7 @@ struct mon_table mon_dispatch_proto20[] {MONITOR_REQ_GSSSTEP, 0, mm_answer_gss_accept_ctx}, {MONITOR_REQ_GSSUSEROK, MON_ONCE|MON_AUTHDECIDE, mm_answer_gss_userok}, {MONITOR_REQ_GSSCHECKMIC, MON_ONCE, mm_answer_gss_checkmic}, @@ -1850,7 +1849,7 @@ Index: openssh-7.8p1/monitor.c #endif {0, 0, NULL} }; -@@ -229,6 +232,12 @@ struct mon_table mon_dispatch_postauth20 +@@ -231,6 +234,12 @@ struct mon_table mon_dispatch_postauth20 {MONITOR_REQ_AUDIT_EVENT, MON_PERMIT, mm_answer_audit_event}, {MONITOR_REQ_AUDIT_COMMAND, MON_PERMIT, mm_answer_audit_command}, #endif @@ -1863,7 +1862,7 @@ Index: openssh-7.8p1/monitor.c {0, 0, NULL} }; -@@ -287,7 +296,10 @@ monitor_child_preauth(Authctxt *_authctx +@@ -289,7 +298,10 @@ monitor_child_preauth(Authctxt *_authctx /* Permit requests for moduli and signatures */ monitor_permit(mon_dispatch, MONITOR_REQ_MODULI, 1); monitor_permit(mon_dispatch, MONITOR_REQ_SIGN, 1); @@ -1875,7 +1874,7 @@ Index: openssh-7.8p1/monitor.c /* The first few requests do not require asynchronous access */ while (!authenticated) { partial = 0; -@@ -399,6 +411,10 @@ monitor_child_postauth(struct monitor *p +@@ -401,6 +413,10 @@ monitor_child_postauth(struct monitor *p monitor_permit(mon_dispatch, MONITOR_REQ_MODULI, 1); monitor_permit(mon_dispatch, MONITOR_REQ_SIGN, 1); monitor_permit(mon_dispatch, MONITOR_REQ_TERM, 1); @@ -1886,7 +1885,7 @@ Index: openssh-7.8p1/monitor.c if (auth_opts->permit_pty_flag) { monitor_permit(mon_dispatch, MONITOR_REQ_PTY, 1); -@@ -605,7 +621,7 @@ mm_answer_moduli(int sock, struct sshbuf +@@ -609,7 +625,7 @@ mm_answer_moduli(int sock, struct sshbuf int mm_answer_sign(int sock, struct sshbuf *m) { @@ -1895,7 +1894,7 @@ Index: openssh-7.8p1/monitor.c extern int auth_sock; /* XXX move to state struct? */ struct sshkey *key; struct sshbuf *sigbuf = NULL; -@@ -1643,7 +1659,7 @@ monitor_apply_keystate(struct monitor *p +@@ -1647,7 +1663,7 @@ monitor_apply_keystate(struct monitor *p debug3("%s: packet_set_state", __func__); if ((r = ssh_packet_set_state(ssh, child_state)) != 0) @@ -1904,7 +1903,7 @@ Index: openssh-7.8p1/monitor.c sshbuf_free(child_state); child_state = NULL; -@@ -1662,6 +1678,13 @@ monitor_apply_keystate(struct monitor *p +@@ -1666,6 +1682,13 @@ monitor_apply_keystate(struct monitor *p # endif #endif /* WITH_OPENSSL */ kex->kex[KEX_C25519_SHA256] = kexc25519_server; @@ -1918,7 +1917,7 @@ Index: openssh-7.8p1/monitor.c kex->load_host_public_key=&get_hostkey_public_by_type; kex->load_host_private_key=&get_hostkey_private_by_type; kex->host_key_index=&get_hostkey_index; -@@ -1752,8 +1775,8 @@ mm_answer_gss_setup_ctx(int sock, struct +@@ -1756,8 +1779,8 @@ mm_answer_gss_setup_ctx(int sock, struct u_char *p; int r; @@ -1929,7 +1928,7 @@ Index: openssh-7.8p1/monitor.c if ((r = sshbuf_get_string(m, &p, &len)) != 0) fatal("%s: buffer error: %s", __func__, ssh_err(r)); -@@ -1785,7 +1808,7 @@ mm_answer_gss_accept_ctx(int sock, struc +@@ -1789,7 +1812,7 @@ mm_answer_gss_accept_ctx(int sock, struc OM_uint32 flags = 0; /* GSI needs this */ int r; @@ -1938,7 +1937,7 @@ Index: openssh-7.8p1/monitor.c fatal("%s: GSSAPI authentication not enabled", __func__); if ((r = ssh_gssapi_get_buffer_desc(m, &in)) != 0) -@@ -1806,6 +1829,7 @@ mm_answer_gss_accept_ctx(int sock, struc +@@ -1810,6 +1833,7 @@ mm_answer_gss_accept_ctx(int sock, struc monitor_permit(mon_dispatch, MONITOR_REQ_GSSSTEP, 0); monitor_permit(mon_dispatch, MONITOR_REQ_GSSUSEROK, 1); monitor_permit(mon_dispatch, MONITOR_REQ_GSSCHECKMIC, 1); @@ -1946,7 +1945,7 @@ Index: openssh-7.8p1/monitor.c } return (0); } -@@ -1817,7 +1841,7 @@ mm_answer_gss_checkmic(int sock, struct +@@ -1821,7 +1845,7 @@ mm_answer_gss_checkmic(int sock, struct OM_uint32 ret; int r; @@ -1955,7 +1954,7 @@ Index: openssh-7.8p1/monitor.c fatal("%s: GSSAPI authentication not enabled", __func__); if ((r = ssh_gssapi_get_buffer_desc(m, &gssbuf)) != 0 || -@@ -1847,10 +1871,11 @@ mm_answer_gss_userok(int sock, struct ss +@@ -1851,10 +1875,11 @@ mm_answer_gss_userok(int sock, struct ss int r, authenticated; const char *displayname; @@ -1969,7 +1968,7 @@ Index: openssh-7.8p1/monitor.c sshbuf_reset(m); if ((r = sshbuf_put_u32(m, authenticated)) != 0) -@@ -1867,5 +1892,73 @@ mm_answer_gss_userok(int sock, struct ss +@@ -1871,5 +1896,73 @@ mm_answer_gss_userok(int sock, struct ss /* Monitor loop will terminate if authenticated */ return (authenticated); } @@ -1987,7 +1986,7 @@ Index: openssh-7.8p1/monitor.c + fatal("In GSSAPI monitor when GSSAPI is disabled"); + + if ((r = sshbuf_get_string(m, (u_char **)&data.value, &data.length)) != 0) -+ fatal("%s: buffer error: %s", __func__, ssh_err(r)); ++ fatal("%s: buffer error: %s", __func__, ssh_err(r)); + if (data.length != 20) + fatal("%s: data length incorrect: %d", __func__, + (int) data.length); @@ -2004,8 +2003,8 @@ Index: openssh-7.8p1/monitor.c + + sshbuf_reset(m); + if ((r = sshbuf_put_u32(m, major)) != 0 || -+ (r = sshbuf_put_string(m, hash.value, hash.length)) != 0) -+ fatal("%s: buffer error: %s", __func__, ssh_err(r)); ++ (r = sshbuf_put_string(m, hash.value, hash.length)) != 0) ++ fatal("%s: buffer error: %s", __func__, ssh_err(r)); + + mm_request_send(socket, MONITOR_ANS_GSSSIGN, m); + @@ -2044,10 +2043,10 @@ Index: openssh-7.8p1/monitor.c +} + +#endif /* GSSAPI */ -Index: openssh-7.8p1/monitor.h +Index: openssh-7.9p1/monitor.h =================================================================== ---- openssh-7.8p1.orig/monitor.h -+++ openssh-7.8p1/monitor.h +--- openssh-7.9p1.orig/monitor.h ++++ openssh-7.9p1/monitor.h @@ -63,6 +63,9 @@ enum monitor_reqtype { MONITOR_REQ_PAM_FREE_CTX = 110, MONITOR_ANS_PAM_FREE_CTX = 111, MONITOR_REQ_AUDIT_EVENT = 112, MONITOR_REQ_AUDIT_COMMAND = 113, @@ -2058,10 +2057,10 @@ Index: openssh-7.8p1/monitor.h }; struct monitor { -Index: openssh-7.8p1/monitor_wrap.c +Index: openssh-7.9p1/monitor_wrap.c =================================================================== ---- openssh-7.8p1.orig/monitor_wrap.c -+++ openssh-7.8p1/monitor_wrap.c +--- openssh-7.9p1.orig/monitor_wrap.c ++++ openssh-7.9p1/monitor_wrap.c @@ -984,7 +984,7 @@ mm_ssh_gssapi_checkmic(Gssctxt *ctx, gss } @@ -2124,10 +2123,10 @@ Index: openssh-7.8p1/monitor_wrap.c + return (ok); +} #endif /* GSSAPI */ -Index: openssh-7.8p1/monitor_wrap.h +Index: openssh-7.9p1/monitor_wrap.h =================================================================== ---- openssh-7.8p1.orig/monitor_wrap.h -+++ openssh-7.8p1/monitor_wrap.h +--- openssh-7.9p1.orig/monitor_wrap.h ++++ openssh-7.9p1/monitor_wrap.h @@ -60,8 +60,10 @@ int mm_sshkey_verify(const struct sshkey OM_uint32 mm_ssh_gssapi_server_ctx(Gssctxt **, gss_OID); OM_uint32 mm_ssh_gssapi_accept_ctx(Gssctxt *, @@ -2140,10 +2139,10 @@ Index: openssh-7.8p1/monitor_wrap.h #endif #ifdef USE_PAM -Index: openssh-7.8p1/readconf.c +Index: openssh-7.9p1/readconf.c =================================================================== ---- openssh-7.8p1.orig/readconf.c -+++ openssh-7.8p1/readconf.c +--- openssh-7.9p1.orig/readconf.c ++++ openssh-7.9p1/readconf.c @@ -163,6 +163,8 @@ typedef enum { oClearAllForwardings, oNoHostAuthenticationForLocalhost, oEnableSSHKeysign, oRekeyLimit, oVerifyHostKeyDNS, oConnectTimeout, @@ -2174,7 +2173,7 @@ Index: openssh-7.8p1/readconf.c #endif #ifdef ENABLE_PKCS11 { "smartcarddevice", oPKCS11Provider }, -@@ -979,10 +991,30 @@ parse_time: +@@ -980,10 +992,30 @@ parse_time: intptr = &options->gss_authentication; goto parse_flag; @@ -2205,7 +2204,7 @@ Index: openssh-7.8p1/readconf.c case oBatchMode: intptr = &options->batch_mode; goto parse_flag; -@@ -1844,7 +1876,12 @@ initialize_options(Options * options) +@@ -1869,7 +1901,12 @@ initialize_options(Options * options) options->pubkey_authentication = -1; options->challenge_response_authentication = -1; options->gss_authentication = -1; @@ -2218,7 +2217,7 @@ Index: openssh-7.8p1/readconf.c options->password_authentication = -1; options->kbd_interactive_authentication = -1; options->kbd_interactive_devices = NULL; -@@ -1990,8 +2027,14 @@ fill_default_options(Options * options) +@@ -2016,8 +2053,14 @@ fill_default_options(Options * options) options->challenge_response_authentication = 1; if (options->gss_authentication == -1) options->gss_authentication = 0; @@ -2233,10 +2232,10 @@ Index: openssh-7.8p1/readconf.c if (options->password_authentication == -1) options->password_authentication = 1; if (options->kbd_interactive_authentication == -1) -Index: openssh-7.8p1/readconf.h +Index: openssh-7.9p1/readconf.h =================================================================== ---- openssh-7.8p1.orig/readconf.h -+++ openssh-7.8p1/readconf.h +--- openssh-7.9p1.orig/readconf.h ++++ openssh-7.9p1/readconf.h @@ -40,7 +40,12 @@ typedef struct { int challenge_response_authentication; /* Try S/Key or TIS, authentication. */ @@ -2250,10 +2249,10 @@ Index: openssh-7.8p1/readconf.h int password_authentication; /* Try password * authentication. */ int kbd_interactive_authentication; /* Try keyboard-interactive auth. */ -Index: openssh-7.8p1/regress/cert-hostkey.sh +Index: openssh-7.9p1/regress/cert-hostkey.sh =================================================================== ---- openssh-7.8p1.orig/regress/cert-hostkey.sh -+++ openssh-7.8p1/regress/cert-hostkey.sh +--- openssh-7.9p1.orig/regress/cert-hostkey.sh ++++ openssh-7.9p1/regress/cert-hostkey.sh @@ -66,7 +66,7 @@ touch $OBJ/host_revoked_plain touch $OBJ/host_revoked_cert cat $OBJ/host_ca_key.pub $OBJ/host_ca_key2.pub > $OBJ/host_revoked_ca @@ -2263,10 +2262,10 @@ Index: openssh-7.8p1/regress/cert-hostkey.sh if echo "$PLAIN_TYPES" | grep '^rsa$' >/dev/null 2>&1 ; then PLAIN_TYPES="$PLAIN_TYPES rsa-sha2-256 rsa-sha2-512" -Index: openssh-7.8p1/regress/cert-userkey.sh +Index: openssh-7.9p1/regress/cert-userkey.sh =================================================================== ---- openssh-7.8p1.orig/regress/cert-userkey.sh -+++ openssh-7.8p1/regress/cert-userkey.sh +--- openssh-7.9p1.orig/regress/cert-userkey.sh ++++ openssh-7.9p1/regress/cert-userkey.sh @@ -7,7 +7,7 @@ rm -f $OBJ/authorized_keys_$USER $OBJ/us cp $OBJ/sshd_proxy $OBJ/sshd_proxy_bak cp $OBJ/ssh_proxy $OBJ/ssh_proxy_bak @@ -2276,10 +2275,10 @@ Index: openssh-7.8p1/regress/cert-userkey.sh EXTRA_TYPES="" if echo "$PLAIN_TYPES" | grep '^rsa$' >/dev/null 2>&1 ; then -Index: openssh-7.8p1/regress/kextype.sh +Index: openssh-7.9p1/regress/kextype.sh =================================================================== ---- openssh-7.8p1.orig/regress/kextype.sh -+++ openssh-7.8p1/regress/kextype.sh +--- openssh-7.9p1.orig/regress/kextype.sh ++++ openssh-7.9p1/regress/kextype.sh @@ -14,6 +14,9 @@ echo "KexAlgorithms=$KEXOPT" >> $OBJ/ssh tries="1 2 3 4" @@ -2290,10 +2289,10 @@ Index: openssh-7.8p1/regress/kextype.sh verbose "kex $k" for i in $tries; do ${SSH} -F $OBJ/ssh_proxy -o KexAlgorithms=$k x true -Index: openssh-7.8p1/regress/rekey.sh +Index: openssh-7.9p1/regress/rekey.sh =================================================================== ---- openssh-7.8p1.orig/regress/rekey.sh -+++ openssh-7.8p1/regress/rekey.sh +--- openssh-7.9p1.orig/regress/rekey.sh ++++ openssh-7.9p1/regress/rekey.sh @@ -38,6 +38,9 @@ increase_datafile_size 300 opts="" @@ -2314,10 +2313,10 @@ Index: openssh-7.8p1/regress/rekey.sh verbose "client rekey $c $kex" ssh_data_rekeying "KexAlgorithms=$kex" -oRekeyLimit=256k -oCiphers=$c done -Index: openssh-7.8p1/servconf.c +Index: openssh-7.9p1/servconf.c =================================================================== ---- openssh-7.8p1.orig/servconf.c -+++ openssh-7.8p1/servconf.c +--- openssh-7.9p1.orig/servconf.c ++++ openssh-7.9p1/servconf.c @@ -130,8 +130,10 @@ initialize_server_options(ServerOptions options->kerberos_ticket_cleanup = -1; options->kerberos_get_afs_token = -1; @@ -2329,7 +2328,7 @@ Index: openssh-7.8p1/servconf.c options->password_authentication = -1; options->kbd_interactive_authentication = -1; options->challenge_response_authentication = -1; -@@ -369,10 +371,14 @@ fill_default_server_options(ServerOption +@@ -373,10 +375,14 @@ fill_default_server_options(ServerOption options->kerberos_get_afs_token = 0; if (options->gss_authentication == -1) options->gss_authentication = 0; @@ -2344,7 +2343,7 @@ Index: openssh-7.8p1/servconf.c if (options->password_authentication == -1) options->password_authentication = 1; if (options->kbd_interactive_authentication == -1) -@@ -519,6 +525,7 @@ typedef enum { +@@ -523,6 +529,7 @@ typedef enum { sHostKeyAlgorithms, sClientAliveInterval, sClientAliveCountMax, sAuthorizedKeysFile, sGssAuthentication, sGssCleanupCreds, sGssStrictAcceptor, @@ -2352,7 +2351,7 @@ Index: openssh-7.8p1/servconf.c sAcceptEnv, sSetEnv, sPermitTunnel, sMatch, sPermitOpen, sPermitListen, sForceCommand, sChrootDirectory, sUsePrivilegeSeparation, sAllowAgentForwarding, -@@ -596,11 +603,17 @@ static struct { +@@ -600,11 +607,17 @@ static struct { { "gssapiauthentication", sGssAuthentication, SSHCFG_ALL }, { "gssapicleanupcredentials", sGssCleanupCreds, SSHCFG_GLOBAL }, { "gssapistrictacceptorcheck", sGssStrictAcceptor, SSHCFG_GLOBAL }, @@ -2370,7 +2369,7 @@ Index: openssh-7.8p1/servconf.c { "passwordauthentication", sPasswordAuthentication, SSHCFG_ALL }, { "kbdinteractiveauthentication", sKbdInteractiveAuthentication, SSHCFG_ALL }, { "challengeresponseauthentication", sChallengeResponseAuthentication, SSHCFG_GLOBAL }, -@@ -1503,6 +1516,10 @@ process_server_config_line(ServerOptions +@@ -1512,6 +1525,10 @@ process_server_config_line(ServerOptions intptr = &options->gss_authentication; goto parse_flag; @@ -2381,7 +2380,7 @@ Index: openssh-7.8p1/servconf.c case sGssCleanupCreds: intptr = &options->gss_cleanup_creds; goto parse_flag; -@@ -1511,6 +1528,10 @@ process_server_config_line(ServerOptions +@@ -1520,6 +1537,10 @@ process_server_config_line(ServerOptions intptr = &options->gss_strict_acceptor; goto parse_flag; @@ -2392,7 +2391,7 @@ Index: openssh-7.8p1/servconf.c case sPasswordAuthentication: intptr = &options->password_authentication; goto parse_flag; -@@ -2304,6 +2325,10 @@ copy_set_server_options(ServerOptions *d +@@ -2313,6 +2334,10 @@ copy_set_server_options(ServerOptions *d M_CP_INTOPT(password_authentication); M_CP_INTOPT(gss_authentication); @@ -2403,7 +2402,7 @@ Index: openssh-7.8p1/servconf.c M_CP_INTOPT(pubkey_authentication); M_CP_INTOPT(kerberos_authentication); M_CP_INTOPT(hostbased_authentication); -@@ -2600,7 +2625,10 @@ dump_config(ServerOptions *o) +@@ -2609,7 +2634,10 @@ dump_config(ServerOptions *o) #endif #ifdef GSSAPI dump_cfg_fmtint(sGssAuthentication, o->gss_authentication); @@ -2414,10 +2413,10 @@ Index: openssh-7.8p1/servconf.c #endif dump_cfg_fmtint(sPasswordAuthentication, o->password_authentication); dump_cfg_fmtint(sKbdInteractiveAuthentication, -Index: openssh-7.8p1/servconf.h +Index: openssh-7.9p1/servconf.h =================================================================== ---- openssh-7.8p1.orig/servconf.h -+++ openssh-7.8p1/servconf.h +--- openssh-7.9p1.orig/servconf.h ++++ openssh-7.9p1/servconf.h @@ -16,6 +16,8 @@ #ifndef SERVCONF_H #define SERVCONF_H @@ -2427,7 +2426,7 @@ Index: openssh-7.8p1/servconf.h #define MAX_PORTS 256 /* Max # ports. */ #define MAX_SUBSYSTEMS 256 /* Max # subsystems. */ -@@ -125,8 +127,10 @@ typedef struct { +@@ -126,8 +128,10 @@ typedef struct { int kerberos_get_afs_token; /* If true, try to get AFS token if * authenticated with Kerberos. */ int gss_authentication; /* If true, permit GSSAPI authentication */ @@ -2438,10 +2437,10 @@ Index: openssh-7.8p1/servconf.h int password_authentication; /* If true, permit password * authentication. */ int kbd_interactive_authentication; /* If true, permit */ -Index: openssh-7.8p1/ssh-gss.h +Index: openssh-7.9p1/ssh-gss.h =================================================================== ---- openssh-7.8p1.orig/ssh-gss.h -+++ openssh-7.8p1/ssh-gss.h +--- openssh-7.9p1.orig/ssh-gss.h ++++ openssh-7.9p1/ssh-gss.h @@ -61,10 +61,22 @@ #define SSH_GSS_OIDTYPE 0x06 @@ -2532,10 +2531,10 @@ Index: openssh-7.8p1/ssh-gss.h #endif /* GSSAPI */ #endif /* _SSH_GSS_H */ -Index: openssh-7.8p1/ssh_config +Index: openssh-7.9p1/ssh_config =================================================================== ---- openssh-7.8p1.orig/ssh_config -+++ openssh-7.8p1/ssh_config +--- openssh-7.9p1.orig/ssh_config ++++ openssh-7.9p1/ssh_config @@ -45,6 +45,8 @@ Host * # HostbasedAuthentication no # GSSAPIAuthentication no @@ -2545,11 +2544,11 @@ Index: openssh-7.8p1/ssh_config # BatchMode no # CheckHostIP yes # AddressFamily any -Index: openssh-7.8p1/ssh_config.0 +Index: openssh-7.9p1/ssh_config.0 =================================================================== ---- openssh-7.8p1.orig/ssh_config.0 -+++ openssh-7.8p1/ssh_config.0 -@@ -410,9 +410,40 @@ DESCRIPTION +--- openssh-7.9p1.orig/ssh_config.0 ++++ openssh-7.9p1/ssh_config.0 +@@ -422,9 +422,40 @@ DESCRIPTION Specifies whether user authentication based on GSSAPI is allowed. The default is no. @@ -2590,11 +2589,11 @@ Index: openssh-7.8p1/ssh_config.0 HashKnownHosts Indicates that ssh(1) should hash host names and addresses when they are added to ~/.ssh/known_hosts. These hashed names may be -Index: openssh-7.8p1/ssh_config.5 +Index: openssh-7.9p1/ssh_config.5 =================================================================== ---- openssh-7.8p1.orig/ssh_config.5 -+++ openssh-7.8p1/ssh_config.5 -@@ -720,10 +720,40 @@ The default is +--- openssh-7.9p1.orig/ssh_config.5 ++++ openssh-7.9p1/ssh_config.5 +@@ -738,10 +738,40 @@ The default is Specifies whether user authentication based on GSSAPI is allowed. The default is .Cm no . @@ -2635,10 +2634,10 @@ Index: openssh-7.8p1/ssh_config.5 .It Cm HashKnownHosts Indicates that .Xr ssh 1 -Index: openssh-7.8p1/sshconnect2.c +Index: openssh-7.9p1/sshconnect2.c =================================================================== ---- openssh-7.8p1.orig/sshconnect2.c -+++ openssh-7.8p1/sshconnect2.c +--- openssh-7.9p1.orig/sshconnect2.c ++++ openssh-7.9p1/sshconnect2.c @@ -82,6 +82,124 @@ extern char *client_version_string; extern char *server_version_string; extern Options options; @@ -2871,7 +2870,7 @@ Index: openssh-7.8p1/sshconnect2.c {"gssapi-with-mic", userauth_gssapi, NULL, -@@ -657,19 +840,31 @@ userauth_gssapi(Authctxt *authctxt) +@@ -686,19 +869,31 @@ userauth_gssapi(Authctxt *authctxt) static u_int mech = 0; OM_uint32 min; int r, ok = 0; @@ -2905,7 +2904,7 @@ Index: openssh-7.8p1/sshconnect2.c ok = 1; /* Mechanism works */ } else { mech++; -@@ -906,6 +1101,51 @@ input_gssapi_error(int type, u_int32_t p +@@ -935,6 +1130,51 @@ input_gssapi_error(int type, u_int32_t p free(lang); return r; } @@ -2933,7 +2932,7 @@ Index: openssh-7.8p1/sshconnect2.c + ssh_gssapi_buildmic(b, authctxt->server_user, authctxt->service, + "gssapi-keyex"); + -+ gssbuf.value = sshbuf_mutable_ptr(b); ++ gssbuf.value = sshbuf_mutable_ptr(b); + gssbuf.length = sshbuf_len(b); + + if (GSS_ERROR(ssh_gssapi_sign(gss_kex_context, &gssbuf, &mic))) { @@ -2941,7 +2940,7 @@ Index: openssh-7.8p1/sshconnect2.c + return (0); + } + -+ packet_start(SSH2_MSG_USERAUTH_REQUEST); ++ packet_start(SSH2_MSG_USERAUTH_REQUEST); + packet_put_cstring(authctxt->server_user); + packet_put_cstring(authctxt->service); + packet_put_cstring(authctxt->method->name); @@ -2957,7 +2956,7 @@ Index: openssh-7.8p1/sshconnect2.c #endif /* GSSAPI */ int -@@ -1443,8 +1683,8 @@ key_type_allowed_by_config(struct sshkey +@@ -1473,8 +1716,8 @@ key_type_allowed_by_config(struct sshkey /* * try keys in the following order: @@ -2968,10 +2967,10 @@ Index: openssh-7.8p1/sshconnect2.c * 3. agent keys that are found in the config file * 4. other agent keys * 5. keys that are only listed in the config file -Index: openssh-7.8p1/sshd.c +Index: openssh-7.9p1/sshd.c =================================================================== ---- openssh-7.8p1.orig/sshd.c -+++ openssh-7.8p1/sshd.c +--- openssh-7.9p1.orig/sshd.c ++++ openssh-7.9p1/sshd.c @@ -131,6 +131,10 @@ #include "fips.h" @@ -2983,16 +2982,17 @@ Index: openssh-7.8p1/sshd.c /* Re-exec fds */ #define REEXEC_DEVCRYPTO_RESERVED_FD (STDERR_FILENO + 1) #define REEXEC_STARTUP_PIPE_FD (STDERR_FILENO + 2) -@@ -555,7 +559,7 @@ privsep_preauth_child(void) +@@ -555,7 +559,8 @@ privsep_preauth_child(void) #ifdef GSSAPI /* Cache supported mechanism OIDs for later use */ -- if (options.gss_authentication) +- ssh_gssapi_prepare_supported_oids(); + if (options.gss_authentication || options.gss_keyex) - ssh_gssapi_prepare_supported_oids(); ++ ssh_gssapi_prepare_supported_oids(); #endif -@@ -898,8 +902,9 @@ notify_hostkeys(struct ssh *ssh) + reseed_prngs(); +@@ -897,8 +902,9 @@ notify_hostkeys(struct ssh *ssh) } debug3("%s: sent %u hostkeys", __func__, nkeys); if (nkeys == 0) @@ -3004,7 +3004,7 @@ Index: openssh-7.8p1/sshd.c sshbuf_free(buf); } -@@ -1838,7 +1843,12 @@ main(int ac, char **av) +@@ -1837,7 +1843,12 @@ main(int ac, char **av) free(fp); } accumulate_host_timing_secret(cfg, NULL); @@ -3017,7 +3017,7 @@ Index: openssh-7.8p1/sshd.c logit("sshd: no hostkeys available -- exiting."); exit(1); } -@@ -2016,6 +2026,60 @@ main(int ac, char **av) +@@ -2015,6 +2026,60 @@ main(int ac, char **av) /* This is the child processing a new connection. */ setproctitle("%s", "[accepted]"); @@ -3078,7 +3078,7 @@ Index: openssh-7.8p1/sshd.c /* * Create a new session and process group since the 4.4BSD * setlogin() affects the entire process group. We don't -@@ -2137,6 +2201,60 @@ main(int ac, char **av) +@@ -2136,6 +2201,60 @@ main(int ac, char **av) rdomain == NULL ? "" : "\""); free(laddr); @@ -3139,7 +3139,7 @@ Index: openssh-7.8p1/sshd.c /* * We don't want to listen forever unless the other side * successfully authenticates itself. So we set up an alarm which is -@@ -2320,6 +2438,48 @@ do_ssh2_kex(void) +@@ -2319,6 +2438,48 @@ do_ssh2_kex(void) myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = compat_pkalg_proposal( list_hostkey_types()); @@ -3188,7 +3188,7 @@ Index: openssh-7.8p1/sshd.c /* start key exchange */ if ((r = kex_setup(active_state, myproposal)) != 0) fatal("kex_setup: %s", ssh_err(r)); -@@ -2337,6 +2497,13 @@ do_ssh2_kex(void) +@@ -2336,6 +2497,13 @@ do_ssh2_kex(void) # endif #endif kex->kex[KEX_C25519_SHA256] = kexc25519_server; @@ -3202,10 +3202,10 @@ Index: openssh-7.8p1/sshd.c kex->server = 1; kex->client_version_string=client_version_string; kex->server_version_string=server_version_string; -Index: openssh-7.8p1/sshd_config +Index: openssh-7.9p1/sshd_config =================================================================== ---- openssh-7.8p1.orig/sshd_config -+++ openssh-7.8p1/sshd_config +--- openssh-7.9p1.orig/sshd_config ++++ openssh-7.9p1/sshd_config @@ -76,6 +76,8 @@ AuthorizedKeysFile .ssh/authorized_keys # GSSAPI options #GSSAPIAuthentication no @@ -3215,11 +3215,11 @@ Index: openssh-7.8p1/sshd_config # Set this to 'yes' to enable PAM authentication, account processing, # and session processing. If this is enabled, PAM authentication will -Index: openssh-7.8p1/sshd_config.5 +Index: openssh-7.9p1/sshd_config.5 =================================================================== ---- openssh-7.8p1.orig/sshd_config.5 -+++ openssh-7.8p1/sshd_config.5 -@@ -644,6 +644,11 @@ Specifies whether to automatically destr +--- openssh-7.9p1.orig/sshd_config.5 ++++ openssh-7.9p1/sshd_config.5 +@@ -655,6 +655,11 @@ Specifies whether to automatically destr on logout. The default is .Cm yes . @@ -3231,7 +3231,7 @@ Index: openssh-7.8p1/sshd_config.5 .It Cm GSSAPIStrictAcceptorCheck Determines whether to be strict about the identity of the GSSAPI acceptor a client authenticates against. -@@ -658,6 +663,11 @@ machine's default store. +@@ -669,6 +674,11 @@ machine's default store. This facility is provided to assist with operation on multi homed machines. The default is .Cm yes . @@ -3243,7 +3243,7 @@ Index: openssh-7.8p1/sshd_config.5 .It Cm HostbasedAcceptedKeyTypes Specifies the key types that will be accepted for hostbased authentication as a list of comma-separated patterns. -@@ -1632,16 +1642,16 @@ as a non-root user. +@@ -1643,16 +1653,16 @@ as a non-root user. The default is .Cm no . .It Cm UsePAMCheckLocks @@ -3263,11 +3263,11 @@ Index: openssh-7.8p1/sshd_config.5 .Dq no . .It Cm VersionAddendum Optionally specifies additional text to append to the SSH protocol banner -Index: openssh-7.8p1/sshkey.c +Index: openssh-7.9p1/sshkey.c =================================================================== ---- openssh-7.8p1.orig/sshkey.c -+++ openssh-7.8p1/sshkey.c -@@ -140,6 +140,7 @@ static const struct keytype keytypes[] = +--- openssh-7.9p1.orig/sshkey.c ++++ openssh-7.9p1/sshkey.c +@@ -135,6 +135,7 @@ static const struct keytype keytypes[] = # endif /* OPENSSL_HAS_NISTP521 */ # endif /* OPENSSL_HAS_ECC */ #endif /* WITH_OPENSSL */ @@ -3275,11 +3275,11 @@ Index: openssh-7.8p1/sshkey.c { NULL, NULL, NULL, -1, -1, 0, 0 } }; -Index: openssh-7.8p1/sshkey.h +Index: openssh-7.9p1/sshkey.h =================================================================== ---- openssh-7.8p1.orig/sshkey.h -+++ openssh-7.8p1/sshkey.h -@@ -63,6 +63,7 @@ enum sshkey_types { +--- openssh-7.9p1.orig/sshkey.h ++++ openssh-7.9p1/sshkey.h +@@ -64,6 +64,7 @@ enum sshkey_types { KEY_ED25519_CERT, KEY_XMSS, KEY_XMSS_CERT, @@ -3287,11 +3287,11 @@ Index: openssh-7.8p1/sshkey.h KEY_UNSPEC }; -Index: openssh-7.8p1/sshd_config.0 +Index: openssh-7.9p1/sshd_config.0 =================================================================== ---- openssh-7.8p1.orig/sshd_config.0 -+++ openssh-7.8p1/sshd_config.0 -@@ -370,6 +370,12 @@ DESCRIPTION +--- openssh-7.9p1.orig/sshd_config.0 ++++ openssh-7.9p1/sshd_config.0 +@@ -380,6 +380,12 @@ DESCRIPTION Specifies whether user authentication based on GSSAPI is allowed. The default is no. @@ -3304,7 +3304,7 @@ Index: openssh-7.8p1/sshd_config.0 GSSAPICleanupCredentials Specifies whether to automatically destroy the user's credentials cache on logout. The default is yes. -@@ -383,6 +388,12 @@ DESCRIPTION +@@ -393,6 +399,12 @@ DESCRIPTION facility is provided to assist with operation on multi homed machines. The default is yes. diff --git a/openssh-7.7p1-ldap.patch b/openssh-7.7p1-ldap.patch index 5d6aa88..7e8a79d 100644 --- a/openssh-7.7p1-ldap.patch +++ b/openssh-7.7p1-ldap.patch @@ -10,10 +10,10 @@ # internal versions. ssh-keyconverter consequently fails to link as it lacks # the proper flags, and libopenbsd-compat doesn't contain the b64_* functions) -Index: openssh-7.8p1/HOWTO.ldap-keys +Index: openssh-7.9p1/HOWTO.ldap-keys =================================================================== --- /dev/null -+++ openssh-7.8p1/HOWTO.ldap-keys ++++ openssh-7.9p1/HOWTO.ldap-keys @@ -0,0 +1,108 @@ + +HOW TO START @@ -123,10 +123,10 @@ Index: openssh-7.8p1/HOWTO.ldap-keys + - frederic peters. + - Finlay dobbie. + - Stefan Fisher. -Index: openssh-7.8p1/Makefile.in +Index: openssh-7.9p1/Makefile.in =================================================================== ---- openssh-7.8p1.orig/Makefile.in -+++ openssh-7.8p1/Makefile.in +--- openssh-7.9p1.orig/Makefile.in ++++ openssh-7.9p1/Makefile.in @@ -24,6 +24,8 @@ ASKPASS_PROGRAM=$(libexecdir)/ssh-askpas SFTP_SERVER=$(libexecdir)/sftp-server SSH_KEYSIGN=$(libexecdir)/ssh-keysign @@ -146,7 +146,7 @@ Index: openssh-7.8p1/Makefile.in XMSS_OBJS=\ ssh-xmss.o \ sshkey-xmss.o \ -@@ -132,8 +137,8 @@ SSHDOBJS=sshd.o auth-rhosts.o auth-passw +@@ -130,8 +135,8 @@ SSHDOBJS=sshd.o auth-rhosts.o auth-passw sandbox-seccomp-filter.o sandbox-capsicum.o sandbox-pledge.o \ sandbox-solaris.o uidswap.o @@ -157,7 +157,7 @@ Index: openssh-7.8p1/Makefile.in MANTYPE = @MANTYPE@ CONFIGFILES=sshd_config.out ssh_config.out moduli.out -@@ -208,6 +213,9 @@ ssh-pkcs11-helper$(EXEEXT): $(LIBCOMPAT) +@@ -206,6 +211,9 @@ ssh-pkcs11-helper$(EXEEXT): $(LIBCOMPAT) ssh-keyscan$(EXEEXT): $(LIBCOMPAT) libssh.a ssh-keyscan.o $(LD) -o $@ ssh-keyscan.o $(LDFLAGS) -lssh -lopenbsd-compat -lssh $(LIBS) @@ -167,7 +167,7 @@ Index: openssh-7.8p1/Makefile.in sftp-server$(EXEEXT): $(LIBCOMPAT) libssh.a sftp.o sftp-common.o sftp-server.o sftp-server-main.o $(LD) -o $@ sftp-server.o sftp-common.o sftp-server-main.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS) -@@ -363,6 +371,10 @@ install-files: +@@ -361,6 +369,10 @@ install-files: $(INSTALL) -m 0755 $(STRIP_OPT) sshd$(EXEEXT) $(DESTDIR)$(sbindir)/sshd$(EXEEXT) $(INSTALL) -m 4711 $(STRIP_OPT) ssh-keysign$(EXEEXT) $(DESTDIR)$(SSH_KEYSIGN)$(EXEEXT) $(INSTALL) -m 0755 $(STRIP_OPT) ssh-pkcs11-helper$(EXEEXT) $(DESTDIR)$(SSH_PKCS11_HELPER)$(EXEEXT) @@ -178,7 +178,7 @@ Index: openssh-7.8p1/Makefile.in $(INSTALL) -m 0755 $(STRIP_OPT) sftp$(EXEEXT) $(DESTDIR)$(bindir)/sftp$(EXEEXT) $(INSTALL) -m 0755 $(STRIP_OPT) sftp-server$(EXEEXT) $(DESTDIR)$(SFTP_SERVER)$(EXEEXT) $(INSTALL) -m 0755 $(STRIP_OPT) cavstest-ctr$(EXEEXT) $(DESTDIR)$(libexecdir)/cavstest-ctr$(EXEEXT) -@@ -381,6 +393,10 @@ install-files: +@@ -379,6 +391,10 @@ install-files: $(INSTALL) -m 644 sftp-server.8.out $(DESTDIR)$(mandir)/$(mansubdir)8/sftp-server.8 $(INSTALL) -m 644 ssh-keysign.8.out $(DESTDIR)$(mandir)/$(mansubdir)8/ssh-keysign.8 $(INSTALL) -m 644 ssh-pkcs11-helper.8.out $(DESTDIR)$(mandir)/$(mansubdir)8/ssh-pkcs11-helper.8 @@ -189,7 +189,7 @@ Index: openssh-7.8p1/Makefile.in install-sysconf: $(MKDIR_P) $(DESTDIR)$(sysconfdir) -@@ -404,6 +420,13 @@ install-sysconf: +@@ -402,6 +418,13 @@ install-sysconf: else \ echo "$(DESTDIR)$(sysconfdir)/moduli already exists, install will not overwrite"; \ fi @@ -203,7 +203,7 @@ Index: openssh-7.8p1/Makefile.in host-key: ssh-keygen$(EXEEXT) @if [ -z "$(DESTDIR)" ] ; then \ -@@ -441,6 +464,8 @@ uninstall: +@@ -439,6 +462,8 @@ uninstall: -rm -r $(DESTDIR)$(SFTP_SERVER)$(EXEEXT) -rm -f $(DESTDIR)$(SSH_KEYSIGN)$(EXEEXT) -rm -f $(DESTDIR)$(SSH_PKCS11_HELPER)$(EXEEXT) @@ -212,7 +212,7 @@ Index: openssh-7.8p1/Makefile.in -rm -f $(DESTDIR)$(mandir)/$(mansubdir)1/ssh.1 -rm -f $(DESTDIR)$(mandir)/$(mansubdir)1/scp.1 -rm -f $(DESTDIR)$(mandir)/$(mansubdir)1/ssh-add.1 -@@ -452,6 +477,7 @@ uninstall: +@@ -450,6 +475,7 @@ uninstall: -rm -f $(DESTDIR)$(mandir)/$(mansubdir)8/sftp-server.8 -rm -f $(DESTDIR)$(mandir)/$(mansubdir)8/ssh-keysign.8 -rm -f $(DESTDIR)$(mandir)/$(mansubdir)8/ssh-pkcs11-helper.8 @@ -220,11 +220,11 @@ Index: openssh-7.8p1/Makefile.in regress-prep: $(MKDIR_P) `pwd`/regress/unittests/test_helper -Index: openssh-7.8p1/configure.ac +Index: openssh-7.9p1/configure.ac =================================================================== ---- openssh-7.8p1.orig/configure.ac -+++ openssh-7.8p1/configure.ac -@@ -1680,6 +1680,106 @@ AC_ARG_WITH([audit], +--- openssh-7.9p1.orig/configure.ac ++++ openssh-7.9p1/configure.ac +@@ -1671,6 +1671,106 @@ AC_ARG_WITH([audit], esac ] ) @@ -331,10 +331,10 @@ Index: openssh-7.8p1/configure.ac AC_ARG_WITH([pie], [ --with-pie Build Position Independent Executables if possible], [ if test "x$withval" = "xno"; then -Index: openssh-7.8p1/ldap-helper.c +Index: openssh-7.9p1/ldap-helper.c =================================================================== --- /dev/null -+++ openssh-7.8p1/ldap-helper.c ++++ openssh-7.9p1/ldap-helper.c @@ -0,0 +1,155 @@ +/* $OpenBSD: ssh-pka-ldap.c,v 1.1 2009/12/03 03:34:42 jfch Exp $ */ +/* @@ -491,10 +491,10 @@ Index: openssh-7.8p1/ldap-helper.c +void *buffer_get_string(struct sshbuf *b, u_int *l) { return NULL; } +void buffer_put_string(struct sshbuf *b, const void *f, u_int l) {} + -Index: openssh-7.8p1/ldap-helper.h +Index: openssh-7.9p1/ldap-helper.h =================================================================== --- /dev/null -+++ openssh-7.8p1/ldap-helper.h ++++ openssh-7.9p1/ldap-helper.h @@ -0,0 +1,32 @@ +/* $OpenBSD: ldap-helper.h,v 1.1 2009/12/03 03:34:42 jfch Exp $ */ +/* @@ -528,10 +528,10 @@ Index: openssh-7.8p1/ldap-helper.h +extern int config_warning_config_file; + +#endif /* LDAP_HELPER_H */ -Index: openssh-7.8p1/ldap.conf +Index: openssh-7.9p1/ldap.conf =================================================================== --- /dev/null -+++ openssh-7.8p1/ldap.conf ++++ openssh-7.9p1/ldap.conf @@ -0,0 +1,88 @@ +# $Id: openssh-5.5p1-ldap.patch,v 1.3 2010/07/07 13:48:36 jfch2222 Exp $ +# @@ -621,10 +621,10 @@ Index: openssh-7.8p1/ldap.conf +#tls_cert +#tls_key + -Index: openssh-7.8p1/ldapbody.c +Index: openssh-7.9p1/ldapbody.c =================================================================== --- /dev/null -+++ openssh-7.8p1/ldapbody.c ++++ openssh-7.9p1/ldapbody.c @@ -0,0 +1,494 @@ +/* $OpenBSD: ldapbody.c,v 1.1 2009/12/03 03:34:42 jfch Exp $ */ +/* @@ -1120,10 +1120,10 @@ Index: openssh-7.8p1/ldapbody.c + return; +} + -Index: openssh-7.8p1/ldapbody.h +Index: openssh-7.9p1/ldapbody.h =================================================================== --- /dev/null -+++ openssh-7.8p1/ldapbody.h ++++ openssh-7.9p1/ldapbody.h @@ -0,0 +1,37 @@ +/* $OpenBSD: ldapbody.h,v 1.1 2009/12/03 03:34:42 jfch Exp $ */ +/* @@ -1162,10 +1162,10 @@ Index: openssh-7.8p1/ldapbody.h + +#endif /* LDAPBODY_H */ + -Index: openssh-7.8p1/ldapconf.c +Index: openssh-7.9p1/ldapconf.c =================================================================== --- /dev/null -+++ openssh-7.8p1/ldapconf.c ++++ openssh-7.9p1/ldapconf.c @@ -0,0 +1,711 @@ +/* $OpenBSD: ldapconf.c,v 1.1 2009/12/03 03:34:42 jfch Exp $ */ +/* @@ -1878,10 +1878,10 @@ Index: openssh-7.8p1/ldapconf.c + dump_cfg_string(lSSH_Filter, options.ssh_filter); +} + -Index: openssh-7.8p1/ldapconf.h +Index: openssh-7.9p1/ldapconf.h =================================================================== --- /dev/null -+++ openssh-7.8p1/ldapconf.h ++++ openssh-7.9p1/ldapconf.h @@ -0,0 +1,71 @@ +/* $OpenBSD: ldapconf.c,v 1.1 2009/12/03 03:34:42 jfch Exp $ */ +/* @@ -1954,10 +1954,10 @@ Index: openssh-7.8p1/ldapconf.h +void dump_config(void); + +#endif /* LDAPCONF_H */ -Index: openssh-7.8p1/ldapincludes.h +Index: openssh-7.9p1/ldapincludes.h =================================================================== --- /dev/null -+++ openssh-7.8p1/ldapincludes.h ++++ openssh-7.9p1/ldapincludes.h @@ -0,0 +1,41 @@ +/* $OpenBSD: ldapconf.c,v 1.1 2009/12/03 03:34:42 jfch Exp $ */ +/* @@ -2000,10 +2000,10 @@ Index: openssh-7.8p1/ldapincludes.h +#endif + +#endif /* LDAPINCLUDES_H */ -Index: openssh-7.8p1/ldapmisc.c +Index: openssh-7.9p1/ldapmisc.c =================================================================== --- /dev/null -+++ openssh-7.8p1/ldapmisc.c ++++ openssh-7.9p1/ldapmisc.c @@ -0,0 +1,79 @@ + +#include "ldapincludes.h" @@ -2084,10 +2084,10 @@ Index: openssh-7.8p1/ldapmisc.c +} +#endif + -Index: openssh-7.8p1/ldapmisc.h +Index: openssh-7.9p1/ldapmisc.h =================================================================== --- /dev/null -+++ openssh-7.8p1/ldapmisc.h ++++ openssh-7.9p1/ldapmisc.h @@ -0,0 +1,35 @@ +/* $OpenBSD: ldapbody.h,v 1.1 2009/12/03 03:34:42 jfch Exp $ */ +/* @@ -2124,10 +2124,10 @@ Index: openssh-7.8p1/ldapmisc.h + +#endif /* LDAPMISC_H */ + -Index: openssh-7.8p1/openbsd-compat/base64.c +Index: openssh-7.9p1/openbsd-compat/base64.c =================================================================== ---- openssh-7.8p1.orig/openbsd-compat/base64.c -+++ openssh-7.8p1/openbsd-compat/base64.c +--- openssh-7.9p1.orig/openbsd-compat/base64.c ++++ openssh-7.9p1/openbsd-compat/base64.c @@ -46,7 +46,7 @@ #include "includes.h" @@ -2155,10 +2155,10 @@ Index: openssh-7.8p1/openbsd-compat/base64.c /* skips all whitespace anywhere. converts characters, four at a time, starting at (or after) -Index: openssh-7.8p1/openbsd-compat/base64.h +Index: openssh-7.9p1/openbsd-compat/base64.h =================================================================== ---- openssh-7.8p1.orig/openbsd-compat/base64.h -+++ openssh-7.8p1/openbsd-compat/base64.h +--- openssh-7.9p1.orig/openbsd-compat/base64.h ++++ openssh-7.9p1/openbsd-compat/base64.h @@ -45,16 +45,16 @@ #include "includes.h" @@ -2180,10 +2180,10 @@ Index: openssh-7.8p1/openbsd-compat/base64.h int b64_pton(char const *src, u_char *target, size_t targsize); # endif /* !HAVE_B64_PTON */ # define __b64_pton(a,b,c) b64_pton(a,b,c) -Index: openssh-7.8p1/openssh-lpk-openldap.schema +Index: openssh-7.9p1/openssh-lpk-openldap.schema =================================================================== --- /dev/null -+++ openssh-7.8p1/openssh-lpk-openldap.schema ++++ openssh-7.9p1/openssh-lpk-openldap.schema @@ -0,0 +1,21 @@ +# +# LDAP Public Key Patch schema for use with openssh-ldappubkey @@ -2206,10 +2206,10 @@ Index: openssh-7.8p1/openssh-lpk-openldap.schema + DESC 'MANDATORY: OpenSSH LPK objectclass' + MUST ( sshPublicKey $ uid ) + ) -Index: openssh-7.8p1/openssh-lpk-sun.schema +Index: openssh-7.9p1/openssh-lpk-sun.schema =================================================================== --- /dev/null -+++ openssh-7.8p1/openssh-lpk-sun.schema ++++ openssh-7.9p1/openssh-lpk-sun.schema @@ -0,0 +1,23 @@ +# +# LDAP Public Key Patch schema for use with openssh-ldappubkey @@ -2234,10 +2234,10 @@ Index: openssh-7.8p1/openssh-lpk-sun.schema + DESC 'MANDATORY: OpenSSH LPK objectclass' + MUST ( sshPublicKey $ uid ) + ) -Index: openssh-7.8p1/ssh-ldap-helper.8 +Index: openssh-7.9p1/ssh-ldap-helper.8 =================================================================== --- /dev/null -+++ openssh-7.8p1/ssh-ldap-helper.8 ++++ openssh-7.9p1/ssh-ldap-helper.8 @@ -0,0 +1,79 @@ +.\" $OpenBSD: ssh-ldap-helper.8,v 1.1 2010/02/10 23:20:38 markus Exp $ +.\" @@ -2318,19 +2318,19 @@ Index: openssh-7.8p1/ssh-ldap-helper.8 +OpenSSH 5.5 + PKA-LDAP . +.Sh AUTHORS +.An Jan F. Chadima Aq jchadima@redhat.com -Index: openssh-7.8p1/ssh-ldap-wrapper +Index: openssh-7.9p1/ssh-ldap-wrapper =================================================================== --- /dev/null -+++ openssh-7.8p1/ssh-ldap-wrapper ++++ openssh-7.9p1/ssh-ldap-wrapper @@ -0,0 +1,4 @@ +#!/bin/sh + +exec @LIBEXECDIR@/ssh-ldap-helper -s "$1" + -Index: openssh-7.8p1/ssh-ldap.conf.5 +Index: openssh-7.9p1/ssh-ldap.conf.5 =================================================================== --- /dev/null -+++ openssh-7.8p1/ssh-ldap.conf.5 ++++ openssh-7.9p1/ssh-ldap.conf.5 @@ -0,0 +1,376 @@ +.\" $OpenBSD: ssh-ldap.conf.5,v 1.1 2010/02/10 23:20:38 markus Exp $ +.\" diff --git a/openssh-7.7p1-openssl_1.1.0.patch b/openssh-7.7p1-openssl_1.1.0.patch deleted file mode 100644 index 4cedd9a..0000000 --- a/openssh-7.7p1-openssl_1.1.0.patch +++ /dev/null @@ -1,3102 +0,0 @@ -# HG changeset patch -# Parent 6e5e3cb13cb379ca302c54a1f21156364781f8b6 -OpenSSL 1.1.0 API shims and crutches -modified from RH patch - -Index: openssh-7.8p1/Makefile.in -=================================================================== ---- openssh-7.8p1.orig/Makefile.in -+++ openssh-7.8p1/Makefile.in -@@ -112,6 +112,8 @@ LIBSSH_OBJS += kexgssc.o kexgsss.o - - LIBSSH_OBJS += auditstub.o - -+LIBSSH_OBJS += libcrypto-compat.o -+ - SSHOBJS= ssh.o readconf.o clientloop.o sshtty.o \ - sshconnect.o sshconnect2.o mux.o - -Index: openssh-7.8p1/auth-pam.c -=================================================================== ---- openssh-7.8p1.orig/auth-pam.c -+++ openssh-7.8p1/auth-pam.c -@@ -128,6 +128,10 @@ extern u_int utmp_len; - typedef pthread_t sp_pthread_t; - #else - typedef pid_t sp_pthread_t; -+# define pthread_create(a, b, c, d) _ssh_compat_pthread_create(a, b, c, d) -+# define pthread_exit(a) _ssh_compat_pthread_exit(a) -+# define pthread_cancel(a) _ssh_compat_pthread_cancel(a) -+# define pthread_join(a, b) _ssh_compat_pthread_join(a, b) - #endif - - struct pam_ctxt { -Index: openssh-7.8p1/cavstest-ctr.c -=================================================================== ---- openssh-7.8p1.orig/cavstest-ctr.c -+++ openssh-7.8p1/cavstest-ctr.c -@@ -150,7 +150,7 @@ main(int argc, char *argv[]) - usage(); - } - -- SSLeay_add_all_algorithms(); -+ OpenSSL_add_all_algorithms(); - - c = cipher_by_name(algo); - if (c == NULL) { -Index: openssh-7.8p1/cipher.c -=================================================================== ---- openssh-7.8p1.orig/cipher.c -+++ openssh-7.8p1/cipher.c -@@ -299,7 +299,7 @@ cipher_init(struct sshcipher_ctx **ccp, - ret = SSH_ERR_ALLOC_FAIL; - goto out; - } -- if (EVP_CipherInit(cc->evp, type, NULL, (u_char *)iv, -+ if (EVP_CipherInit(cc->evp, type, (u_char *)key, (u_char *)iv, - (do_encrypt == CIPHER_ENCRYPT)) == 0) { - ret = SSH_ERR_LIBCRYPTO_ERROR; - goto out; -@@ -317,10 +317,6 @@ cipher_init(struct sshcipher_ctx **ccp, - goto out; - } - } -- if (EVP_CipherInit(cc->evp, NULL, (u_char *)key, NULL, -1) == 0) { -- ret = SSH_ERR_LIBCRYPTO_ERROR; -- goto out; -- } - ret = 0; - #endif /* WITH_OPENSSL */ - out: -@@ -503,7 +499,7 @@ cipher_get_keyiv(struct sshcipher_ctx *c - len, iv)) - return SSH_ERR_LIBCRYPTO_ERROR; - } else -- memcpy(iv, cc->evp->iv, len); -+ memcpy(iv, EVP_CIPHER_CTX_iv(cc->evp), len); - #endif - return 0; - } -@@ -537,14 +533,14 @@ cipher_set_keyiv(struct sshcipher_ctx *c - EVP_CTRL_GCM_SET_IV_FIXED, -1, (void *)iv)) - return SSH_ERR_LIBCRYPTO_ERROR; - } else -- memcpy(cc->evp->iv, iv, evplen); -+ memcpy(EVP_CIPHER_CTX_iv_noconst(cc->evp), iv, evplen); - #endif - return 0; - } - - #ifdef WITH_OPENSSL --#define EVP_X_STATE(evp) (evp)->cipher_data --#define EVP_X_STATE_LEN(evp) (evp)->cipher->ctx_size -+#define EVP_X_STATE(evp) EVP_CIPHER_CTX_get_cipher_data(evp) -+#define EVP_X_STATE_LEN(evp) EVP_CIPHER_impl_ctx_size(EVP_CIPHER_CTX_cipher(evp)) - #endif - - int -Index: openssh-7.8p1/configure.ac -=================================================================== ---- openssh-7.8p1.orig/configure.ac -+++ openssh-7.8p1/configure.ac -@@ -2626,6 +2626,7 @@ if test "x$openssl" = "xyes" ; then - AC_MSG_ERROR([OpenSSL >= 1.0.1 required (have "$ssl_library_ver")]) - ;; - 100*) ;; # 1.0.x -+ 101*) ;; # 1.1.x is supported by this patch too - 200*) ;; # LibreSSL - *) - AC_MSG_ERROR([OpenSSL >= 1.1.0 is not yet supported (have "$ssl_library_ver")]) -Index: openssh-7.8p1/dh.c -=================================================================== ---- openssh-7.8p1.orig/dh.c -+++ openssh-7.8p1/dh.c -@@ -218,14 +218,15 @@ choose_dh(int min, int wantbits, int max - /* diffie-hellman-groupN-sha1 */ - - int --dh_pub_is_valid(DH *dh, BIGNUM *dh_pub) -+dh_pub_is_valid(const DH *dh, const BIGNUM *dh_pub) - { - int i; - int n = BN_num_bits(dh_pub); - int bits_set = 0; - BIGNUM *tmp; -+ const BIGNUM *p; - -- if (dh_pub->neg) { -+ if (BN_is_negative(dh_pub)) { - logit("invalid public DH value: negative"); - return 0; - } -@@ -238,7 +239,8 @@ dh_pub_is_valid(DH *dh, BIGNUM *dh_pub) - error("%s: BN_new failed", __func__); - return 0; - } -- if (!BN_sub(tmp, dh->p, BN_value_one()) || -+ DH_get0_pqg(dh, &p, NULL, NULL); -+ if (!BN_sub(tmp, p, BN_value_one()) || - BN_cmp(dh_pub, tmp) != -1) { /* pub_exp > p-2 */ - BN_clear_free(tmp); - logit("invalid public DH value: >= p-1"); -@@ -249,14 +251,14 @@ dh_pub_is_valid(DH *dh, BIGNUM *dh_pub) - for (i = 0; i <= n; i++) - if (BN_is_bit_set(dh_pub, i)) - bits_set++; -- debug2("bits set: %d/%d", bits_set, BN_num_bits(dh->p)); -+ debug2("bits set: %d/%d", bits_set, BN_num_bits(p)); - - /* - * if g==2 and bits_set==1 then computing log_g(dh_pub) is trivial - */ - if (bits_set < 4) { - logit("invalid public DH value (%d/%d)", -- bits_set, BN_num_bits(dh->p)); -+ bits_set, BN_num_bits(p)); - return 0; - } - return 1; -@@ -266,9 +268,11 @@ int - dh_gen_key(DH *dh, int need) - { - int pbits; -+ const BIGNUM *p, *pub_key; - -- if (need < 0 || dh->p == NULL || -- (pbits = BN_num_bits(dh->p)) <= 0 || -+ DH_get0_pqg(dh, &p, NULL, NULL); -+ if (need < 0 || p == NULL || -+ (pbits = BN_num_bits(p)) <= 0 || - need > INT_MAX / 2 || 2 * need > pbits) - return SSH_ERR_INVALID_ARGUMENT; - if (need < 256) -@@ -277,11 +281,11 @@ dh_gen_key(DH *dh, int need) - * Pollard Rho, Big step/Little Step attacks are O(sqrt(n)), - * so double requested need here. - */ -- dh->length = MINIMUM(need * 2, pbits - 1); -- if (DH_generate_key(dh) == 0 || -- !dh_pub_is_valid(dh, dh->pub_key)) { -- BN_clear_free(dh->priv_key); -- dh->priv_key = NULL; -+ DH_set_length(dh, MINIMUM(need * 2, pbits - 1)); -+ if (DH_generate_key(dh) == 0) -+ return SSH_ERR_LIBCRYPTO_ERROR; -+ DH_get0_key(dh, &pub_key, NULL); -+ if (!dh_pub_is_valid(dh, pub_key)) { - return SSH_ERR_LIBCRYPTO_ERROR; - } - return 0; -@@ -291,15 +295,22 @@ DH * - dh_new_group_asc(const char *gen, const char *modulus) - { - DH *dh; -+ BIGNUM *p = NULL, *g = NULL; - -- if ((dh = DH_new()) == NULL) -- return NULL; -- if (BN_hex2bn(&dh->p, modulus) == 0 || -- BN_hex2bn(&dh->g, gen) == 0) { -- DH_free(dh); -- return NULL; -- } -+ if ((dh = DH_new()) == NULL || -+ (p = BN_new()) == NULL || -+ (g = BN_new()) == NULL) -+ goto err; -+ if (BN_hex2bn(&p, modulus) == 0 || -+ BN_hex2bn(&g, gen) == 0 || -+ DH_set0_pqg(dh, p, NULL, g) == 0) -+ goto err; - return (dh); -+err: -+ DH_free(dh); -+ BN_free(p); -+ BN_free(g); -+ return NULL; - } - - /* -@@ -314,8 +325,7 @@ dh_new_group(BIGNUM *gen, BIGNUM *modulu - - if ((dh = DH_new()) == NULL) - return NULL; -- dh->p = modulus; -- dh->g = gen; -+ DH_set0_pqg(dh, modulus, NULL, gen); - - return (dh); - } -Index: openssh-7.8p1/dh.h -=================================================================== ---- openssh-7.8p1.orig/dh.h -+++ openssh-7.8p1/dh.h -@@ -42,7 +42,7 @@ DH *dh_new_group18(void); - DH *dh_new_group_fallback(int); - - int dh_gen_key(DH *, int); --int dh_pub_is_valid(DH *, BIGNUM *); -+int dh_pub_is_valid(const DH *, const BIGNUM *); - - u_int dh_estimate(int); - -Index: openssh-7.8p1/digest-openssl.c -=================================================================== ---- openssh-7.8p1.orig/digest-openssl.c -+++ openssh-7.8p1/digest-openssl.c -@@ -43,7 +43,7 @@ - - struct ssh_digest_ctx { - int alg; -- EVP_MD_CTX mdctx; -+ EVP_MD_CTX *mdctx; - }; - - struct ssh_digest { -@@ -106,7 +106,7 @@ ssh_digest_bytes(int alg) - size_t - ssh_digest_blocksize(struct ssh_digest_ctx *ctx) - { -- return EVP_MD_CTX_block_size(&ctx->mdctx); -+ return EVP_MD_CTX_block_size(ctx->mdctx); - } - - struct ssh_digest_ctx * -@@ -118,8 +118,10 @@ ssh_digest_start(int alg) - if (digest == NULL || ((ret = calloc(1, sizeof(*ret))) == NULL)) - return NULL; - ret->alg = alg; -- EVP_MD_CTX_init(&ret->mdctx); -- if (EVP_DigestInit_ex(&ret->mdctx, digest->mdfunc(), NULL) != 1) { -+ ret->mdctx = EVP_MD_CTX_new(); -+ if (ret->mdctx == NULL || -+ EVP_DigestInit_ex(ret->mdctx, digest->mdfunc(), NULL) != 1) { -+ EVP_MD_CTX_free(ret->mdctx); - free(ret); - return NULL; - } -@@ -132,7 +134,7 @@ ssh_digest_copy_state(struct ssh_digest_ - if (from->alg != to->alg) - return SSH_ERR_INVALID_ARGUMENT; - /* we have bcopy-style order while openssl has memcpy-style */ -- if (!EVP_MD_CTX_copy_ex(&to->mdctx, &from->mdctx)) -+ if (!EVP_MD_CTX_copy_ex(to->mdctx, from->mdctx)) - return SSH_ERR_LIBCRYPTO_ERROR; - return 0; - } -@@ -140,7 +142,7 @@ ssh_digest_copy_state(struct ssh_digest_ - int - ssh_digest_update(struct ssh_digest_ctx *ctx, const void *m, size_t mlen) - { -- if (EVP_DigestUpdate(&ctx->mdctx, m, mlen) != 1) -+ if (EVP_DigestUpdate(ctx->mdctx, m, mlen) != 1) - return SSH_ERR_LIBCRYPTO_ERROR; - return 0; - } -@@ -161,7 +163,7 @@ ssh_digest_final(struct ssh_digest_ctx * - return SSH_ERR_INVALID_ARGUMENT; - if (dlen < digest->digest_len) /* No truncation allowed */ - return SSH_ERR_INVALID_ARGUMENT; -- if (EVP_DigestFinal_ex(&ctx->mdctx, d, &l) != 1) -+ if (EVP_DigestFinal_ex(ctx->mdctx, d, &l) != 1) - return SSH_ERR_LIBCRYPTO_ERROR; - if (l != digest->digest_len) /* sanity */ - return SSH_ERR_INTERNAL_ERROR; -@@ -172,7 +174,7 @@ void - ssh_digest_free(struct ssh_digest_ctx *ctx) - { - if (ctx != NULL) { -- EVP_MD_CTX_cleanup(&ctx->mdctx); -+ EVP_MD_CTX_free(ctx->mdctx); - explicit_bzero(ctx, sizeof(*ctx)); - free(ctx); - } -Index: openssh-7.8p1/gss-genr.c -=================================================================== ---- openssh-7.8p1.orig/gss-genr.c -+++ openssh-7.8p1/gss-genr.c -@@ -87,12 +87,12 @@ ssh_gssapi_client_mechanisms(const char - return NULL; - - return(ssh_gssapi_kex_mechs(gss_supported, ssh_gssapi_check_mechanism, -- host, client)); -+ host, client, kex)); - } - - char * - ssh_gssapi_kex_mechs(gss_OID_set gss_supported, ssh_gssapi_check_fn *check, -- const char *host, const char *client) { -+ const char *host, const char *client, const char *kex) { - struct sshbuf *buf; - size_t i; - int oidpos, enclen, r; -@@ -100,7 +100,8 @@ ssh_gssapi_kex_mechs(gss_OID_set gss_sup - u_char digest[EVP_MAX_MD_SIZE]; - char deroid[2]; - const EVP_MD *evp_md = EVP_md5(); -- EVP_MD_CTX md; -+ EVP_MD_CTX *md; -+ char *s, *cp, *p; - - if (gss_enc2oid != NULL) { - for (i = 0; gss_enc2oid[i].encoded != NULL; i++) -@@ -114,7 +115,9 @@ ssh_gssapi_kex_mechs(gss_OID_set gss_sup - if ((buf = sshbuf_new()) == NULL) - fatal("%s: sshbuf_new failed", __func__); - -+ md = EVP_MD_CTX_new(); - oidpos = 0; -+ s = cp = xstrdup(kex); - for (i = 0; i < gss_supported->count; i++) { - if (gss_supported->elements[i].length < 128 && - (*check)(NULL, &(gss_supported->elements[i]), host, client)) { -@@ -122,26 +125,27 @@ ssh_gssapi_kex_mechs(gss_OID_set gss_sup - deroid[0] = SSH_GSS_OIDTYPE; - deroid[1] = gss_supported->elements[i].length; - -- EVP_DigestInit(&md, evp_md); -- EVP_DigestUpdate(&md, deroid, 2); -- EVP_DigestUpdate(&md, -+ EVP_MD_CTX_reset(md); -+ EVP_DigestInit(md, evp_md); -+ EVP_DigestUpdate(md, deroid, 2); -+ EVP_DigestUpdate(md, - gss_supported->elements[i].elements, - gss_supported->elements[i].length); -- EVP_DigestFinal(&md, digest, NULL); -+ EVP_DigestFinal(md, digest, NULL); - - encoded = xmalloc(EVP_MD_size(evp_md) * 2); - enclen = __b64_ntop(digest, EVP_MD_size(evp_md), - encoded, EVP_MD_size(evp_md) * 2); - - cp = strncpy(s, kex, strlen(kex)); -- for ((p = strsep(&cp, ",")); p && *p != '\0'; -+ for ((p = strsep(&cp, ",")); p && *p != '\0'; - (p = strsep(&cp, ","))) { - if (sshbuf_len(buf) != 0) - if ((r = sshbuf_put_u8(buf, ',')) !=0) - fatal("%s: buffer error: %s", - __func__, ssh_err(r)); - if ((r = sshbuf_put(buf, p, strlen(p))) != 0 || -- (r = sshbuf_put(buf, encoded, enclen)) != 0) -+ (r = sshbuf_put(buf, encoded, enclen)) != 0) - fatal("%s: buffer error: %s", - __func__, ssh_err(r)); - } -@@ -151,7 +155,8 @@ ssh_gssapi_kex_mechs(gss_OID_set gss_sup - oidpos++; - } - } -- free(s); -+ free(s); -+ EVP_MD_CTX_free(md); - gss_enc2oid[oidpos].oid = NULL; - gss_enc2oid[oidpos].encoded = NULL; - -Index: openssh-7.8p1/includes.h -=================================================================== ---- openssh-7.8p1.orig/includes.h -+++ openssh-7.8p1/includes.h -@@ -166,6 +166,7 @@ - - #ifdef WITH_OPENSSL - #include /* For OPENSSL_VERSION_NUMBER */ -+#include "libcrypto-compat.h" - #endif - - #include "defines.h" -Index: openssh-7.8p1/kexdhc.c -=================================================================== ---- openssh-7.8p1.orig/kexdhc.c -+++ openssh-7.8p1/kexdhc.c -@@ -56,6 +56,7 @@ kexdh_client(struct ssh *ssh) - { - struct kex *kex = ssh->kex; - int r; -+ const BIGNUM *pub_key; - - /* generate and send 'e', client DH public key */ - switch (kex->kex_type) { -@@ -81,21 +82,27 @@ kexdh_client(struct ssh *ssh) - goto out; - } - debug("sending SSH2_MSG_KEXDH_INIT"); -- if ((r = dh_gen_key(kex->dh, kex->we_need * 8)) != 0 || -- (r = sshpkt_start(ssh, SSH2_MSG_KEXDH_INIT)) != 0 || -- (r = sshpkt_put_bignum2(ssh, kex->dh->pub_key)) != 0 || -+ if ((r = dh_gen_key(kex->dh, kex->we_need * 8)) != 0) -+ goto out; -+ DH_get0_key(kex->dh, &pub_key, NULL); -+ if ((r = sshpkt_start(ssh, SSH2_MSG_KEXDH_INIT)) != 0 || -+ (r = sshpkt_put_bignum2(ssh, pub_key)) != 0 || - (r = sshpkt_send(ssh)) != 0) - goto out; - #ifdef DEBUG_KEXDH - DHparams_print_fp(stderr, kex->dh); - fprintf(stderr, "pub= "); -- BN_print_fp(stderr, kex->dh->pub_key); -+ BN_print_fp(stderr, pub_key); - fprintf(stderr, "\n"); - #endif - debug("expecting SSH2_MSG_KEXDH_REPLY"); - ssh_dispatch_set(ssh, SSH2_MSG_KEXDH_REPLY, &input_kex_dh); - r = 0; - out: -+ if (r != 0) { -+ DH_free(kex->dh); -+ kex->dh = NULL; -+ } - return r; - } - -@@ -109,6 +116,7 @@ input_kex_dh(int type, u_int32_t seq, st - u_char hash[SSH_DIGEST_MAX_LENGTH]; - size_t klen = 0, slen, sbloblen, hashlen; - int kout, r; -+ const BIGNUM *pub_key; - - if (kex->verify_host_key == NULL) { - r = SSH_ERR_INVALID_ARGUMENT; -@@ -168,6 +176,7 @@ input_kex_dh(int type, u_int32_t seq, st - #endif - - /* calc and verify H */ -+ DH_get0_key(kex->dh, &pub_key, NULL); - hashlen = sizeof(hash); - if ((r = kex_dh_hash( - kex->hash_alg, -@@ -176,7 +185,7 @@ input_kex_dh(int type, u_int32_t seq, st - sshbuf_ptr(kex->my), sshbuf_len(kex->my), - sshbuf_ptr(kex->peer), sshbuf_len(kex->peer), - server_host_key_blob, sbloblen, -- kex->dh->pub_key, -+ pub_key, - dh_server_pub, - shared_secret, - hash, &hashlen)) != 0) -Index: openssh-7.8p1/kexdhs.c -=================================================================== ---- openssh-7.8p1.orig/kexdhs.c -+++ openssh-7.8p1/kexdhs.c -@@ -87,6 +87,10 @@ kexdh_server(struct ssh *ssh) - ssh_dispatch_set(ssh, SSH2_MSG_KEXDH_INIT, &input_kex_dh_init); - r = 0; - out: -+ if (r != 0) { -+ DH_free(kex->dh); -+ kex->dh = NULL; -+ } - return r; - } - -@@ -101,6 +105,7 @@ input_kex_dh_init(int type, u_int32_t se - size_t sbloblen, slen; - size_t klen = 0, hashlen; - int kout, r; -+ const BIGNUM *pub_key; - - if (kex->load_host_public_key == NULL || - kex->load_host_private_key == NULL) { -@@ -163,6 +168,7 @@ input_kex_dh_init(int type, u_int32_t se - goto out; - /* calc H */ - hashlen = sizeof(hash); -+ DH_get0_key(kex->dh, &pub_key, NULL); - if ((r = kex_dh_hash( - kex->hash_alg, - kex->client_version_string, -@@ -171,7 +177,7 @@ input_kex_dh_init(int type, u_int32_t se - sshbuf_ptr(kex->my), sshbuf_len(kex->my), - server_host_key_blob, sbloblen, - dh_client_pub, -- kex->dh->pub_key, -+ pub_key, - shared_secret, - hash, &hashlen)) != 0) - goto out; -@@ -197,7 +203,7 @@ input_kex_dh_init(int type, u_int32_t se - /* send server hostkey, DH pubkey 'f' and signed H */ - if ((r = sshpkt_start(ssh, SSH2_MSG_KEXDH_REPLY)) != 0 || - (r = sshpkt_put_string(ssh, server_host_key_blob, sbloblen)) != 0 || -- (r = sshpkt_put_bignum2(ssh, kex->dh->pub_key)) != 0 || /* f */ -+ (r = sshpkt_put_bignum2(ssh, pub_key)) != 0 || /* f */ - (r = sshpkt_put_string(ssh, signature, slen)) != 0 || - (r = sshpkt_send(ssh)) != 0) - goto out; -Index: openssh-7.8p1/kexgexc.c -=================================================================== ---- openssh-7.8p1.orig/kexgexc.c -+++ openssh-7.8p1/kexgexc.c -@@ -96,6 +96,7 @@ input_kex_dh_gex_group(int type, u_int32 - struct kex *kex = ssh->kex; - BIGNUM *p = NULL, *g = NULL; - int r, bits; -+ const BIGNUM *pub_key; - - debug("got SSH2_MSG_KEX_DH_GEX_GROUP"); - -@@ -126,16 +127,18 @@ input_kex_dh_gex_group(int type, u_int32 - p = g = NULL; /* belong to kex->dh now */ - - /* generate and send 'e', client DH public key */ -- if ((r = dh_gen_key(kex->dh, kex->we_need * 8)) != 0 || -- (r = sshpkt_start(ssh, SSH2_MSG_KEX_DH_GEX_INIT)) != 0 || -- (r = sshpkt_put_bignum2(ssh, kex->dh->pub_key)) != 0 || -+ if ((r = dh_gen_key(kex->dh, kex->we_need * 8)) != 0) -+ goto out; -+ DH_get0_key(kex->dh, &pub_key, NULL); -+ if ((r = sshpkt_start(ssh, SSH2_MSG_KEX_DH_GEX_INIT)) != 0 || -+ (r = sshpkt_put_bignum2(ssh, pub_key)) != 0 || - (r = sshpkt_send(ssh)) != 0) - goto out; - debug("SSH2_MSG_KEX_DH_GEX_INIT sent"); - #ifdef DEBUG_KEXDH - DHparams_print_fp(stderr, kex->dh); - fprintf(stderr, "pub= "); -- BN_print_fp(stderr, kex->dh->pub_key); -+ BN_print_fp(stderr, pub_key); - fprintf(stderr, "\n"); - #endif - ssh_dispatch_set(ssh, SSH2_MSG_KEX_DH_GEX_GROUP, NULL); -@@ -144,6 +147,10 @@ input_kex_dh_gex_group(int type, u_int32 - out: - BN_clear_free(p); - BN_clear_free(g); -+ if (r != 0) { -+ DH_free(kex->dh); -+ kex->dh = NULL; -+ } - return r; - } - -@@ -157,6 +164,7 @@ input_kex_dh_gex_reply(int type, u_int32 - u_char hash[SSH_DIGEST_MAX_LENGTH]; - size_t klen = 0, slen, sbloblen, hashlen; - int kout, r; -+ const BIGNUM *p, *g, *pub_key; - - debug("got SSH2_MSG_KEX_DH_GEX_REPLY"); - if (kex->verify_host_key == NULL) { -@@ -219,6 +227,8 @@ input_kex_dh_gex_reply(int type, u_int32 - kex->min = kex->max = -1; - - /* calc and verify H */ -+ DH_get0_pqg(kex->dh, &p, NULL, &g); -+ DH_get0_key(kex->dh, &pub_key, NULL); - hashlen = sizeof(hash); - if ((r = kexgex_hash( - kex->hash_alg, -@@ -228,8 +238,8 @@ input_kex_dh_gex_reply(int type, u_int32 - sshbuf_ptr(kex->peer), sshbuf_len(kex->peer), - server_host_key_blob, sbloblen, - kex->min, kex->nbits, kex->max, -- kex->dh->p, kex->dh->g, -- kex->dh->pub_key, -+ p, g, -+ pub_key, - dh_server_pub, - shared_secret, - hash, &hashlen)) != 0) -Index: openssh-7.8p1/kexgexs.c -=================================================================== ---- openssh-7.8p1.orig/kexgexs.c -+++ openssh-7.8p1/kexgexs.c -@@ -74,6 +74,7 @@ input_kex_dh_gex_request(int type, u_int - struct kex *kex = ssh->kex; - int r; - u_int min = 0, max = 0, nbits = 0; -+ const BIGNUM *p, *g; - - debug("SSH2_MSG_KEX_DH_GEX_REQUEST received"); - if ((r = sshpkt_get_u32(ssh, &min)) != 0 || -@@ -109,9 +110,10 @@ input_kex_dh_gex_request(int type, u_int - goto out; - } - debug("SSH2_MSG_KEX_DH_GEX_GROUP sent"); -+ DH_get0_pqg(kex->dh, &p, NULL, &g); - if ((r = sshpkt_start(ssh, SSH2_MSG_KEX_DH_GEX_GROUP)) != 0 || -- (r = sshpkt_put_bignum2(ssh, kex->dh->p)) != 0 || -- (r = sshpkt_put_bignum2(ssh, kex->dh->g)) != 0 || -+ (r = sshpkt_put_bignum2(ssh, p)) != 0 || -+ (r = sshpkt_put_bignum2(ssh, g)) != 0 || - (r = sshpkt_send(ssh)) != 0) - goto out; - -@@ -123,6 +125,10 @@ input_kex_dh_gex_request(int type, u_int - ssh_dispatch_set(ssh, SSH2_MSG_KEX_DH_GEX_INIT, &input_kex_dh_gex_init); - r = 0; - out: -+ if (r != 0) { -+ DH_free(kex->dh); -+ kex->dh = NULL; -+ } - return r; - } - -@@ -137,6 +143,7 @@ input_kex_dh_gex_init(int type, u_int32_ - size_t sbloblen, slen; - size_t klen = 0, hashlen; - int kout, r; -+ const BIGNUM *p, *g, *pub_key; - - if (kex->load_host_public_key == NULL || - kex->load_host_private_key == NULL) { -@@ -199,6 +206,8 @@ input_kex_dh_gex_init(int type, u_int32_ - goto out; - /* calc H */ - hashlen = sizeof(hash); -+ DH_get0_pqg(kex->dh, &p, NULL, &g); -+ DH_get0_key(kex->dh, &pub_key, NULL); - if ((r = kexgex_hash( - kex->hash_alg, - kex->client_version_string, -@@ -207,9 +216,9 @@ input_kex_dh_gex_init(int type, u_int32_ - sshbuf_ptr(kex->my), sshbuf_len(kex->my), - server_host_key_blob, sbloblen, - kex->min, kex->nbits, kex->max, -- kex->dh->p, kex->dh->g, -+ p, g, - dh_client_pub, -- kex->dh->pub_key, -+ pub_key, - shared_secret, - hash, &hashlen)) != 0) - goto out; -@@ -235,7 +244,7 @@ input_kex_dh_gex_init(int type, u_int32_ - /* send server hostkey, DH pubkey 'f' and signed H */ - if ((r = sshpkt_start(ssh, SSH2_MSG_KEX_DH_GEX_REPLY)) != 0 || - (r = sshpkt_put_string(ssh, server_host_key_blob, sbloblen)) != 0 || -- (r = sshpkt_put_bignum2(ssh, kex->dh->pub_key)) != 0 || /* f */ -+ (r = sshpkt_put_bignum2(ssh, pub_key)) != 0 || /* f */ - (r = sshpkt_put_string(ssh, signature, slen)) != 0 || - (r = sshpkt_send(ssh)) != 0) - goto out; -Index: openssh-7.8p1/kexgssc.c -=================================================================== ---- openssh-7.8p1.orig/kexgssc.c -+++ openssh-7.8p1/kexgssc.c -@@ -61,6 +61,7 @@ kexgss_client(struct ssh *ssh) - BIGNUM *shared_secret = NULL; - BIGNUM *p = NULL; - BIGNUM *g = NULL; -+ const BIGNUM *pub_key, *p1, *g1; - u_char *kbuf; - u_char *serverhostkey = NULL; - u_char *empty = ""; -@@ -126,6 +127,7 @@ kexgss_client(struct ssh *ssh) - - /* Step 1 - e is dh->pub_key */ - dh_gen_key(dh, ssh->kex->we_need * 8); -+ DH_get0_key(dh, &pub_key, NULL); - - /* This is f, we initialise it now to make life easier */ - dh_server_pub = BN_new(); -@@ -173,7 +175,7 @@ kexgss_client(struct ssh *ssh) - packet_start(SSH2_MSG_KEXGSS_INIT); - packet_put_string(send_tok.value, - send_tok.length); -- packet_put_bignum2(dh->pub_key); -+ packet_put_bignum2((BIGNUM *)pub_key); - first = 0; - } else { - packet_start(SSH2_MSG_KEXGSS_CONTINUE); -@@ -284,13 +286,14 @@ kexgss_client(struct ssh *ssh) - sshbuf_ptr(ssh->kex->my), sshbuf_len(ssh->kex->my), - sshbuf_ptr(ssh->kex->peer), sshbuf_len(ssh->kex->peer), - (serverhostkey ? serverhostkey : empty), slen, -- dh->pub_key, /* e */ -+ pub_key, /* e */ - dh_server_pub, /* f */ - shared_secret, /* K */ - hash, &hashlen - ); - break; - case KEX_GSS_GEX_SHA1: -+ DH_get0_pqg(dh, &p1, NULL, &g1); - kexgex_hash( - ssh->kex->hash_alg, - ssh->kex->client_version_string, -@@ -299,8 +302,8 @@ kexgss_client(struct ssh *ssh) - sshbuf_ptr(ssh->kex->peer), sshbuf_len(ssh->kex->peer), - (serverhostkey ? serverhostkey : empty), slen, - min, nbits, max, -- dh->p, dh->g, -- dh->pub_key, -+ p1, g1, -+ pub_key, - dh_server_pub, - shared_secret, - hash, &hashlen -Index: openssh-7.8p1/kexgsss.c -=================================================================== ---- openssh-7.8p1.orig/kexgsss.c -+++ openssh-7.8p1/kexgsss.c -@@ -78,6 +78,7 @@ kexgss_server(struct ssh *ssh) - char *mechs; - u_char hash[SSH_DIGEST_MAX_LENGTH]; - size_t hashlen; -+ const BIGNUM *p, *g, *pub_key; - - /* Initialise GSSAPI */ - -@@ -130,9 +131,10 @@ kexgss_server(struct ssh *ssh) - if (dh == NULL) - packet_disconnect("Protocol error: no matching group found"); - -+ DH_get0_pqg(dh, &p, NULL, &g); - packet_start(SSH2_MSG_KEXGSS_GROUP); -- packet_put_bignum2(dh->p); -- packet_put_bignum2(dh->g); -+ packet_put_bignum2((BIGNUM *)p); -+ packet_put_bignum2((BIGNUM *)g); - packet_send(); - - packet_write_wait(); -@@ -224,6 +226,7 @@ kexgss_server(struct ssh *ssh) - memset(kbuf, 0, klen); - free(kbuf); - -+ DH_get0_key(dh, &pub_key, NULL); - hashlen = sizeof(hash); - switch (ssh->kex->kex_type) { - case KEX_GSS_GRP1_SHA1: -@@ -234,7 +237,7 @@ kexgss_server(struct ssh *ssh) - sshbuf_ptr(ssh->kex->peer), sshbuf_len(ssh->kex->peer), - sshbuf_ptr(ssh->kex->my), sshbuf_len(ssh->kex->my), - NULL, 0, /* Change this if we start sending host keys */ -- dh_client_pub, dh->pub_key, shared_secret, -+ dh_client_pub, pub_key, shared_secret, - hash, &hashlen - ); - break; -@@ -246,9 +249,9 @@ kexgss_server(struct ssh *ssh) - sshbuf_ptr(ssh->kex->my), sshbuf_len(ssh->kex->my), - NULL, 0, - cmin, nbits, cmax, -- dh->p, dh->g, -+ p, g, - dh_client_pub, -- dh->pub_key, -+ pub_key, - shared_secret, - hash, &hashlen - ); -@@ -272,7 +275,7 @@ kexgss_server(struct ssh *ssh) - fatal("Couldn't get MIC"); - - packet_start(SSH2_MSG_KEXGSS_COMPLETE); -- packet_put_bignum2(dh->pub_key); -+ packet_put_bignum2((BIGNUM *)pub_key); - packet_put_string(msg_tok.value,msg_tok.length); - - if (send_tok.length != 0) { -Index: openssh-7.8p1/libcrypto-compat.c -=================================================================== ---- /dev/null -+++ openssh-7.8p1/libcrypto-compat.c -@@ -0,0 +1,428 @@ -+/* -+ * Copyright 2016 The OpenSSL Project Authors. All Rights Reserved. -+ * -+ * Licensed under the OpenSSL license (the "License"). You may not use -+ * this file except in compliance with the License. You can obtain a copy -+ * in the file LICENSE in the source distribution or at -+ * https://www.openssl.org/source/license.html -+ */ -+ -+#include "includes.h" -+ -+#if OPENSSL_VERSION_NUMBER < 0x10100000L -+ -+#include -+#include -+ -+static void *OPENSSL_zalloc(size_t num) -+{ -+ void *ret = OPENSSL_malloc(num); -+ -+ if (ret != NULL) -+ memset(ret, 0, num); -+ return ret; -+} -+ -+int RSA_set0_key(RSA *r, BIGNUM *n, BIGNUM *e, BIGNUM *d) -+{ -+ /* If the fields n and e in r are NULL, the corresponding input -+ * parameters MUST be non-NULL for n and e. d may be -+ * left NULL (in case only the public key is used). -+ */ -+ if ((r->n == NULL && n == NULL) -+ || (r->e == NULL && e == NULL)) -+ return 0; -+ -+ if (n != NULL) { -+ BN_clear_free(r->n); -+ r->n = n; -+ } -+ if (e != NULL) { -+ BN_clear_free(r->e); -+ r->e = e; -+ } -+ if (d != NULL) { -+ BN_clear_free(r->d); -+ r->d = d; -+ } -+ -+ return 1; -+} -+ -+int RSA_set0_factors(RSA *r, BIGNUM *p, BIGNUM *q) -+{ -+ /* If the fields p and q in r are NULL, the corresponding input -+ * parameters MUST be non-NULL. -+ */ -+ if ((r->p == NULL && p == NULL) -+ || (r->q == NULL && q == NULL)) -+ return 0; -+ -+ if (p != NULL) { -+ BN_clear_free(r->p); -+ r->p = p; -+ } -+ if (q != NULL) { -+ BN_clear_free(r->q); -+ r->q = q; -+ } -+ -+ return 1; -+} -+ -+int RSA_set0_crt_params(RSA *r, BIGNUM *dmp1, BIGNUM *dmq1, BIGNUM *iqmp) -+{ -+ /* If the fields dmp1, dmq1 and iqmp in r are NULL, the corresponding input -+ * parameters MUST be non-NULL. -+ */ -+ if ((r->dmp1 == NULL && dmp1 == NULL) -+ || (r->dmq1 == NULL && dmq1 == NULL) -+ || (r->iqmp == NULL && iqmp == NULL)) -+ return 0; -+ -+ if (dmp1 != NULL) { -+ BN_clear_free(r->dmp1); -+ r->dmp1 = dmp1; -+ } -+ if (dmq1 != NULL) { -+ BN_clear_free(r->dmq1); -+ r->dmq1 = dmq1; -+ } -+ if (iqmp != NULL) { -+ BN_clear_free(r->iqmp); -+ r->iqmp = iqmp; -+ } -+ -+ return 1; -+} -+ -+void RSA_get0_key(const RSA *r, -+ const BIGNUM **n, const BIGNUM **e, const BIGNUM **d) -+{ -+ if (n != NULL) -+ *n = r->n; -+ if (e != NULL) -+ *e = r->e; -+ if (d != NULL) -+ *d = r->d; -+} -+ -+void RSA_get0_factors(const RSA *r, const BIGNUM **p, const BIGNUM **q) -+{ -+ if (p != NULL) -+ *p = r->p; -+ if (q != NULL) -+ *q = r->q; -+} -+ -+void RSA_get0_crt_params(const RSA *r, -+ const BIGNUM **dmp1, const BIGNUM **dmq1, -+ const BIGNUM **iqmp) -+{ -+ if (dmp1 != NULL) -+ *dmp1 = r->dmp1; -+ if (dmq1 != NULL) -+ *dmq1 = r->dmq1; -+ if (iqmp != NULL) -+ *iqmp = r->iqmp; -+} -+ -+void DSA_get0_pqg(const DSA *d, -+ const BIGNUM **p, const BIGNUM **q, const BIGNUM **g) -+{ -+ if (p != NULL) -+ *p = d->p; -+ if (q != NULL) -+ *q = d->q; -+ if (g != NULL) -+ *g = d->g; -+} -+ -+int DSA_set0_pqg(DSA *d, BIGNUM *p, BIGNUM *q, BIGNUM *g) -+{ -+ /* If the fields p, q and g in d are NULL, the corresponding input -+ * parameters MUST be non-NULL. -+ */ -+ if ((d->p == NULL && p == NULL) -+ || (d->q == NULL && q == NULL) -+ || (d->g == NULL && g == NULL)) -+ return 0; -+ -+ if (p != NULL) { -+ BN_clear_free(d->p); -+ d->p = p; -+ } -+ if (q != NULL) { -+ BN_clear_free(d->q); -+ d->q = q; -+ } -+ if (g != NULL) { -+ BN_clear_free(d->g); -+ d->g = g; -+ } -+ -+ return 1; -+} -+ -+void DSA_get0_key(const DSA *d, -+ const BIGNUM **pub_key, const BIGNUM **priv_key) -+{ -+ if (pub_key != NULL) -+ *pub_key = d->pub_key; -+ if (priv_key != NULL) -+ *priv_key = d->priv_key; -+} -+ -+int DSA_set0_key(DSA *d, BIGNUM *pub_key, BIGNUM *priv_key) -+{ -+ /* If the field pub_key in d is NULL, the corresponding input -+ * parameters MUST be non-NULL. The priv_key field may -+ * be left NULL. -+ */ -+ if (d->pub_key == NULL && pub_key == NULL) -+ return 0; -+ -+ if (pub_key != NULL) { -+ BN_clear_free(d->pub_key); -+ d->pub_key = pub_key; -+ } -+ if (priv_key != NULL) { -+ BN_clear_free(d->priv_key); -+ d->priv_key = priv_key; -+ } -+ -+ return 1; -+} -+ -+void DSA_SIG_get0(const DSA_SIG *sig, const BIGNUM **pr, const BIGNUM **ps) -+{ -+ if (pr != NULL) -+ *pr = sig->r; -+ if (ps != NULL) -+ *ps = sig->s; -+} -+ -+int DSA_SIG_set0(DSA_SIG *sig, BIGNUM *r, BIGNUM *s) -+{ -+ if (r == NULL || s == NULL) -+ return 0; -+ BN_clear_free(sig->r); -+ BN_clear_free(sig->s); -+ sig->r = r; -+ sig->s = s; -+ return 1; -+} -+ -+void ECDSA_SIG_get0(const ECDSA_SIG *sig, const BIGNUM **pr, const BIGNUM **ps) -+{ -+ if (pr != NULL) -+ *pr = sig->r; -+ if (ps != NULL) -+ *ps = sig->s; -+} -+ -+int ECDSA_SIG_set0(ECDSA_SIG *sig, BIGNUM *r, BIGNUM *s) -+{ -+ if (r == NULL || s == NULL) -+ return 0; -+ BN_clear_free(sig->r); -+ BN_clear_free(sig->s); -+ sig->r = r; -+ sig->s = s; -+ return 1; -+} -+ -+void DH_get0_pqg(const DH *dh, -+ const BIGNUM **p, const BIGNUM **q, const BIGNUM **g) -+{ -+ if (p != NULL) -+ *p = dh->p; -+ if (q != NULL) -+ *q = dh->q; -+ if (g != NULL) -+ *g = dh->g; -+} -+ -+int DH_set0_pqg(DH *dh, BIGNUM *p, BIGNUM *q, BIGNUM *g) -+{ -+ /* If the fields p and g in d are NULL, the corresponding input -+ * parameters MUST be non-NULL. q may remain NULL. -+ */ -+ if ((dh->p == NULL && p == NULL) -+ || (dh->g == NULL && g == NULL)) -+ return 0; -+ -+ if (p != NULL) { -+ BN_clear_free(dh->p); -+ dh->p = p; -+ } -+ if (q != NULL) { -+ BN_clear_free(dh->q); -+ dh->q = q; -+ } -+ if (g != NULL) { -+ BN_clear_free(dh->g); -+ dh->g = g; -+ } -+ -+ if (q != NULL) { -+ dh->length = BN_num_bits(q); -+ } -+ -+ return 1; -+} -+ -+void DH_get0_key(const DH *dh, const BIGNUM **pub_key, const BIGNUM **priv_key) -+{ -+ if (pub_key != NULL) -+ *pub_key = dh->pub_key; -+ if (priv_key != NULL) -+ *priv_key = dh->priv_key; -+} -+ -+int DH_set_length(DH *dh, long length) -+{ -+ dh->length = length; -+ return 1; -+} -+ -+const unsigned char *EVP_CIPHER_CTX_iv(const EVP_CIPHER_CTX *ctx) -+{ -+ return ctx->iv; -+} -+ -+unsigned char *EVP_CIPHER_CTX_iv_noconst(EVP_CIPHER_CTX *ctx) -+{ -+ return ctx->iv; -+} -+ -+EVP_MD_CTX *EVP_MD_CTX_new(void) -+{ -+ return OPENSSL_zalloc(sizeof(EVP_MD_CTX)); -+} -+ -+static void OPENSSL_clear_free(void *str, size_t num) -+{ -+ if (str == NULL) -+ return; -+ if (num) -+ OPENSSL_cleanse(str, num); -+ OPENSSL_free(str); -+} -+ -+/* This call frees resources associated with the context */ -+int EVP_MD_CTX_reset(EVP_MD_CTX *ctx) -+{ -+ if (ctx == NULL) -+ return 1; -+ -+ /* -+ * Don't assume ctx->md_data was cleaned in EVP_Digest_Final, because -+ * sometimes only copies of the context are ever finalised. -+ */ -+ if (ctx->digest && ctx->digest->cleanup -+ && !EVP_MD_CTX_test_flags(ctx, EVP_MD_CTX_FLAG_CLEANED)) -+ ctx->digest->cleanup(ctx); -+ if (ctx->digest && ctx->digest->ctx_size && ctx->md_data -+ && !EVP_MD_CTX_test_flags(ctx, EVP_MD_CTX_FLAG_REUSE)) { -+ OPENSSL_clear_free(ctx->md_data, ctx->digest->ctx_size); -+ } -+ EVP_PKEY_CTX_free(ctx->pctx); -+#ifndef OPENSSL_NO_ENGINE -+ ENGINE_finish(ctx->engine); -+#endif -+ OPENSSL_cleanse(ctx, sizeof(*ctx)); -+ -+ return 1; -+} -+ -+void EVP_MD_CTX_free(EVP_MD_CTX *ctx) -+{ -+ EVP_MD_CTX_reset(ctx); -+ OPENSSL_free(ctx); -+} -+ -+RSA_METHOD *RSA_meth_dup(const RSA_METHOD *meth) -+{ -+ RSA_METHOD *ret; -+ -+ ret = OPENSSL_malloc(sizeof(RSA_METHOD)); -+ -+ if (ret != NULL) { -+ memcpy(ret, meth, sizeof(*meth)); -+ ret->name = OPENSSL_strdup(meth->name); -+ if (ret->name == NULL) { -+ OPENSSL_free(ret); -+ return NULL; -+ } -+ } -+ -+ return ret; -+} -+ -+int RSA_meth_set1_name(RSA_METHOD *meth, const char *name) -+{ -+ char *tmpname; -+ -+ tmpname = OPENSSL_strdup(name); -+ if (tmpname == NULL) { -+ return 0; -+ } -+ -+ OPENSSL_free((char *)meth->name); -+ meth->name = tmpname; -+ -+ return 1; -+} -+ -+int RSA_meth_set_priv_enc(RSA_METHOD *meth, -+ int (*priv_enc) (int flen, const unsigned char *from, -+ unsigned char *to, RSA *rsa, -+ int padding)) -+{ -+ meth->rsa_priv_enc = priv_enc; -+ return 1; -+} -+ -+int RSA_meth_set_priv_dec(RSA_METHOD *meth, -+ int (*priv_dec) (int flen, const unsigned char *from, -+ unsigned char *to, RSA *rsa, -+ int padding)) -+{ -+ meth->rsa_priv_dec = priv_dec; -+ return 1; -+} -+ -+int RSA_meth_set_finish(RSA_METHOD *meth, int (*finish) (RSA *rsa)) -+{ -+ meth->finish = finish; -+ return 1; -+} -+ -+void RSA_meth_free(RSA_METHOD *meth) -+{ -+ if (meth != NULL) { -+ OPENSSL_free((char *)meth->name); -+ OPENSSL_free(meth); -+ } -+} -+ -+int RSA_bits(const RSA *r) -+{ -+ return (BN_num_bits(r->n)); -+} -+ -+int DSA_bits(const DSA *dsa) -+{ -+ return BN_num_bits(dsa->p); -+} -+ -+RSA *EVP_PKEY_get0_RSA(EVP_PKEY *pkey) -+{ -+ if (pkey->type != EVP_PKEY_RSA) { -+ return NULL; -+ } -+ return pkey->pkey.rsa; -+} -+ -+#endif /* OPENSSL_VERSION_NUMBER */ -Index: openssh-7.8p1/libcrypto-compat.h -=================================================================== ---- /dev/null -+++ openssh-7.8p1/libcrypto-compat.h -@@ -0,0 +1,59 @@ -+#ifndef LIBCRYPTO_COMPAT_H -+#define LIBCRYPTO_COMPAT_H -+ -+#if OPENSSL_VERSION_NUMBER < 0x10100000L -+ -+#include -+#include -+#include -+#include -+#include -+ -+int RSA_set0_key(RSA *r, BIGNUM *n, BIGNUM *e, BIGNUM *d); -+int RSA_set0_factors(RSA *r, BIGNUM *p, BIGNUM *q); -+int RSA_set0_crt_params(RSA *r, BIGNUM *dmp1, BIGNUM *dmq1, BIGNUM *iqmp); -+void RSA_get0_key(const RSA *r, const BIGNUM **n, const BIGNUM **e, const BIGNUM **d); -+void RSA_get0_factors(const RSA *r, const BIGNUM **p, const BIGNUM **q); -+void RSA_get0_crt_params(const RSA *r, const BIGNUM **dmp1, const BIGNUM **dmq1, const BIGNUM **iqmp); -+ -+void DSA_get0_pqg(const DSA *d, const BIGNUM **p, const BIGNUM **q, const BIGNUM **g); -+int DSA_set0_pqg(DSA *d, BIGNUM *p, BIGNUM *q, BIGNUM *g); -+void DSA_get0_key(const DSA *d, const BIGNUM **pub_key, const BIGNUM **priv_key); -+int DSA_set0_key(DSA *d, BIGNUM *pub_key, BIGNUM *priv_key); -+ -+void DSA_SIG_get0(const DSA_SIG *sig, const BIGNUM **pr, const BIGNUM **ps); -+int DSA_SIG_set0(DSA_SIG *sig, BIGNUM *r, BIGNUM *s); -+ -+void ECDSA_SIG_get0(const ECDSA_SIG *sig, const BIGNUM **pr, const BIGNUM **ps); -+int ECDSA_SIG_set0(ECDSA_SIG *sig, BIGNUM *r, BIGNUM *s); -+ -+void DH_get0_pqg(const DH *dh, const BIGNUM **p, const BIGNUM **q, const BIGNUM **g); -+int DH_set0_pqg(DH *dh, BIGNUM *p, BIGNUM *q, BIGNUM *g); -+void DH_get0_key(const DH *dh, const BIGNUM **pub_key, const BIGNUM **priv_key); -+int DH_set_length(DH *dh, long length); -+ -+const unsigned char *EVP_CIPHER_CTX_iv(const EVP_CIPHER_CTX *ctx); -+unsigned char *EVP_CIPHER_CTX_iv_noconst(EVP_CIPHER_CTX *ctx); -+int EVP_MD_CTX_reset(EVP_MD_CTX *ctx); -+EVP_MD_CTX *EVP_MD_CTX_new(void); -+void EVP_MD_CTX_free(EVP_MD_CTX *ctx); -+#define EVP_CIPHER_impl_ctx_size(e) e->ctx_size -+#define EVP_CIPHER_CTX_get_cipher_data(ctx) ctx->cipher_data -+ -+RSA_METHOD *RSA_meth_dup(const RSA_METHOD *meth); -+int RSA_meth_set1_name(RSA_METHOD *meth, const char *name); -+#define RSA_meth_get_finish(meth) meth->finish -+int RSA_meth_set_priv_enc(RSA_METHOD *meth, int (*priv_enc) (int flen, const unsigned char *from, unsigned char *to, RSA *rsa, int padding)); -+int RSA_meth_set_priv_dec(RSA_METHOD *meth, int (*priv_dec) (int flen, const unsigned char *from, unsigned char *to, RSA *rsa, int padding)); -+int RSA_meth_set_finish(RSA_METHOD *meth, int (*finish) (RSA *rsa)); -+void RSA_meth_free(RSA_METHOD *meth); -+ -+int RSA_bits(const RSA *r); -+int DSA_bits(const DSA *d); -+ -+RSA *EVP_PKEY_get0_RSA(EVP_PKEY *pkey); -+ -+#endif /* OPENSSL_VERSION_NUMBER */ -+ -+#endif /* LIBCRYPTO_COMPAT_H */ -+ -Index: openssh-7.8p1/monitor.c -=================================================================== ---- openssh-7.8p1.orig/monitor.c -+++ openssh-7.8p1/monitor.c -@@ -624,9 +624,12 @@ mm_answer_moduli(int sock, struct sshbuf - return (0); - } else { - /* Send first bignum */ -+ const BIGNUM *p, *g; -+ -+ DH_get0_pqg(dh, &p, NULL, &g); - if ((r = sshbuf_put_u8(m, 1)) != 0 || -- (r = sshbuf_put_bignum2(m, dh->p)) != 0 || -- (r = sshbuf_put_bignum2(m, dh->g)) != 0) -+ (r = sshbuf_put_bignum2(m, p)) != 0 || -+ (r = sshbuf_put_bignum2(m, g)) != 0) - fatal("%s: buffer error: %s", __func__, ssh_err(r)); - - DH_free(dh); -Index: openssh-7.8p1/openbsd-compat/openssl-compat.c -=================================================================== ---- openssh-7.8p1.orig/openbsd-compat/openssl-compat.c -+++ openssh-7.8p1/openbsd-compat/openssl-compat.c -@@ -70,12 +70,19 @@ ssh_compatible_openssl(long headerver, l - void - ssh_OpenSSL_add_all_algorithms(void) - { -+#if OPENSSL_VERSION_NUMBER < 0x10100000L - OpenSSL_add_all_algorithms(); - - /* Enable use of crypto hardware */ - ENGINE_load_builtin_engines(); -+#if OPENSSL_VERSION_NUMBER < 0x10001000L - ENGINE_register_all_complete(); -+#endif - OPENSSL_config(NULL); -+#else -+ OPENSSL_init_crypto(OPENSSL_INIT_ADD_ALL_DIGESTS | -+ OPENSSL_INIT_ADD_ALL_DIGESTS | OPENSSL_INIT_LOAD_CONFIG, NULL); -+#endif - } - #endif - -Index: openssh-7.8p1/regress/unittests/sshkey/test_file.c -=================================================================== ---- openssh-7.8p1.orig/regress/unittests/sshkey/test_file.c -+++ openssh-7.8p1/regress/unittests/sshkey/test_file.c -@@ -46,6 +46,7 @@ sshkey_file_tests(void) - struct sshbuf *buf, *pw; - BIGNUM *a, *b, *c; - char *cp; -+ const BIGNUM *n, *p, *q, *g, *pub_key, *priv_key; - - TEST_START("load passphrase"); - pw = load_text_file("pw"); -@@ -60,9 +61,11 @@ sshkey_file_tests(void) - a = load_bignum("rsa_1.param.n"); - b = load_bignum("rsa_1.param.p"); - c = load_bignum("rsa_1.param.q"); -- ASSERT_BIGNUM_EQ(k1->rsa->n, a); -- ASSERT_BIGNUM_EQ(k1->rsa->p, b); -- ASSERT_BIGNUM_EQ(k1->rsa->q, c); -+ RSA_get0_key(k1->rsa, &n, NULL, NULL); -+ RSA_get0_factors(k1->rsa, &p, &q); -+ ASSERT_BIGNUM_EQ(n, a); -+ ASSERT_BIGNUM_EQ(p, b); -+ ASSERT_BIGNUM_EQ(q, c); - BN_free(a); - BN_free(b); - BN_free(c); -@@ -151,9 +154,11 @@ sshkey_file_tests(void) - a = load_bignum("dsa_1.param.g"); - b = load_bignum("dsa_1.param.priv"); - c = load_bignum("dsa_1.param.pub"); -- ASSERT_BIGNUM_EQ(k1->dsa->g, a); -- ASSERT_BIGNUM_EQ(k1->dsa->priv_key, b); -- ASSERT_BIGNUM_EQ(k1->dsa->pub_key, c); -+ DSA_get0_pqg(k1->dsa, NULL, NULL, &g); -+ DSA_get0_key(k1->dsa, &pub_key, &priv_key); -+ ASSERT_BIGNUM_EQ(g, a); -+ ASSERT_BIGNUM_EQ(priv_key, b); -+ ASSERT_BIGNUM_EQ(pub_key, c); - BN_free(a); - BN_free(b); - BN_free(c); -Index: openssh-7.8p1/regress/unittests/sshkey/test_sshkey.c -=================================================================== ---- openssh-7.8p1.orig/regress/unittests/sshkey/test_sshkey.c -+++ openssh-7.8p1/regress/unittests/sshkey/test_sshkey.c -@@ -197,9 +197,6 @@ sshkey_tests(void) - k1 = sshkey_new(KEY_RSA); - ASSERT_PTR_NE(k1, NULL); - ASSERT_PTR_NE(k1->rsa, NULL); -- ASSERT_PTR_NE(k1->rsa->n, NULL); -- ASSERT_PTR_NE(k1->rsa->e, NULL); -- ASSERT_PTR_EQ(k1->rsa->p, NULL); - sshkey_free(k1); - TEST_DONE(); - -@@ -207,8 +204,6 @@ sshkey_tests(void) - k1 = sshkey_new(KEY_DSA); - ASSERT_PTR_NE(k1, NULL); - ASSERT_PTR_NE(k1->dsa, NULL); -- ASSERT_PTR_NE(k1->dsa->g, NULL); -- ASSERT_PTR_EQ(k1->dsa->priv_key, NULL); - sshkey_free(k1); - TEST_DONE(); - -@@ -234,9 +229,6 @@ sshkey_tests(void) - k1 = sshkey_new_private(KEY_RSA); - ASSERT_PTR_NE(k1, NULL); - ASSERT_PTR_NE(k1->rsa, NULL); -- ASSERT_PTR_NE(k1->rsa->n, NULL); -- ASSERT_PTR_NE(k1->rsa->e, NULL); -- ASSERT_PTR_NE(k1->rsa->p, NULL); - ASSERT_INT_EQ(sshkey_add_private(k1), 0); - sshkey_free(k1); - TEST_DONE(); -@@ -245,8 +237,6 @@ sshkey_tests(void) - k1 = sshkey_new_private(KEY_DSA); - ASSERT_PTR_NE(k1, NULL); - ASSERT_PTR_NE(k1->dsa, NULL); -- ASSERT_PTR_NE(k1->dsa->g, NULL); -- ASSERT_PTR_NE(k1->dsa->priv_key, NULL); - ASSERT_INT_EQ(sshkey_add_private(k1), 0); - sshkey_free(k1); - TEST_DONE(); -@@ -285,18 +275,13 @@ sshkey_tests(void) - ASSERT_INT_EQ(sshkey_generate(KEY_RSA, 1024, &kr), 0); - ASSERT_PTR_NE(kr, NULL); - ASSERT_PTR_NE(kr->rsa, NULL); -- ASSERT_PTR_NE(kr->rsa->n, NULL); -- ASSERT_PTR_NE(kr->rsa->e, NULL); -- ASSERT_PTR_NE(kr->rsa->p, NULL); -- ASSERT_INT_EQ(BN_num_bits(kr->rsa->n), 1024); -+ ASSERT_INT_EQ(RSA_bits(kr->rsa), 1024); - TEST_DONE(); - - TEST_START("generate KEY_DSA"); - ASSERT_INT_EQ(sshkey_generate(KEY_DSA, 1024, &kd), 0); - ASSERT_PTR_NE(kd, NULL); - ASSERT_PTR_NE(kd->dsa, NULL); -- ASSERT_PTR_NE(kd->dsa->g, NULL); -- ASSERT_PTR_NE(kd->dsa->priv_key, NULL); - TEST_DONE(); - - #ifdef OPENSSL_HAS_ECC -@@ -323,9 +308,6 @@ sshkey_tests(void) - ASSERT_PTR_NE(kr, k1); - ASSERT_INT_EQ(k1->type, KEY_RSA); - ASSERT_PTR_NE(k1->rsa, NULL); -- ASSERT_PTR_NE(k1->rsa->n, NULL); -- ASSERT_PTR_NE(k1->rsa->e, NULL); -- ASSERT_PTR_EQ(k1->rsa->p, NULL); - TEST_DONE(); - - TEST_START("equal KEY_RSA/demoted KEY_RSA"); -@@ -339,8 +321,6 @@ sshkey_tests(void) - ASSERT_PTR_NE(kd, k1); - ASSERT_INT_EQ(k1->type, KEY_DSA); - ASSERT_PTR_NE(k1->dsa, NULL); -- ASSERT_PTR_NE(k1->dsa->g, NULL); -- ASSERT_PTR_EQ(k1->dsa->priv_key, NULL); - TEST_DONE(); - - TEST_START("equal KEY_DSA/demoted KEY_DSA"); -Index: openssh-7.8p1/ssh-dss.c -=================================================================== ---- openssh-7.8p1.orig/ssh-dss.c -+++ openssh-7.8p1/ssh-dss.c -@@ -55,6 +55,7 @@ ssh_dss_sign(const struct sshkey *key, u - size_t rlen, slen, len, dlen = ssh_digest_bytes(SSH_DIGEST_SHA1); - struct sshbuf *b = NULL; - int ret = SSH_ERR_INVALID_ARGUMENT; -+ const BIGNUM *r, *s; - - if (lenp != NULL) - *lenp = 0; -@@ -76,15 +77,16 @@ ssh_dss_sign(const struct sshkey *key, u - goto out; - } - -- rlen = BN_num_bytes(sig->r); -- slen = BN_num_bytes(sig->s); -+ DSA_SIG_get0(sig, &r, &s); -+ rlen = BN_num_bytes(r); -+ slen = BN_num_bytes(s); - if (rlen > INTBLOB_LEN || slen > INTBLOB_LEN) { - ret = SSH_ERR_INTERNAL_ERROR; - goto out; - } - explicit_bzero(sigblob, SIGBLOB_LEN); -- BN_bn2bin(sig->r, sigblob + SIGBLOB_LEN - INTBLOB_LEN - rlen); -- BN_bn2bin(sig->s, sigblob + SIGBLOB_LEN - slen); -+ BN_bn2bin(r, sigblob + SIGBLOB_LEN - INTBLOB_LEN - rlen); -+ BN_bn2bin(s, sigblob + SIGBLOB_LEN - slen); - - if ((b = sshbuf_new()) == NULL) { - ret = SSH_ERR_ALLOC_FAIL; -@@ -123,6 +125,7 @@ ssh_dss_verify(const struct sshkey *key, - int ret = SSH_ERR_INTERNAL_ERROR; - struct sshbuf *b = NULL; - char *ktype = NULL; -+ BIGNUM *r = NULL, *s = NULL; - - if (key == NULL || key->dsa == NULL || - sshkey_type_plain(key->type) != KEY_DSA || -@@ -155,16 +158,19 @@ ssh_dss_verify(const struct sshkey *key, - - /* parse signature */ - if ((sig = DSA_SIG_new()) == NULL || -- (sig->r = BN_new()) == NULL || -- (sig->s = BN_new()) == NULL) { -+ (r = BN_new()) == NULL || -+ (s = BN_new()) == NULL) { - ret = SSH_ERR_ALLOC_FAIL; - goto out; - } -- if ((BN_bin2bn(sigblob, INTBLOB_LEN, sig->r) == NULL) || -- (BN_bin2bn(sigblob+ INTBLOB_LEN, INTBLOB_LEN, sig->s) == NULL)) { -+ if ((BN_bin2bn(sigblob, INTBLOB_LEN, r) == NULL) || -+ (BN_bin2bn(sigblob+ INTBLOB_LEN, INTBLOB_LEN, s) == NULL) || -+ (DSA_SIG_set0(sig, r, s) == 0)) { - ret = SSH_ERR_LIBCRYPTO_ERROR; - goto out; - } -+ r = NULL; -+ s = NULL; - - /* sha1 the data */ - if ((ret = ssh_digest_memory(SSH_DIGEST_SHA1, data, datalen, -@@ -185,6 +191,8 @@ ssh_dss_verify(const struct sshkey *key, - - out: - explicit_bzero(digest, sizeof(digest)); -+ BN_free(r); -+ BN_free(s); - DSA_SIG_free(sig); - sshbuf_free(b); - free(ktype); -Index: openssh-7.8p1/ssh-ecdsa.c -=================================================================== ---- openssh-7.8p1.orig/ssh-ecdsa.c -+++ openssh-7.8p1/ssh-ecdsa.c -@@ -54,6 +54,7 @@ ssh_ecdsa_sign(const struct sshkey *key, - size_t len, dlen; - struct sshbuf *b = NULL, *bb = NULL; - int ret = SSH_ERR_INTERNAL_ERROR; -+ const BIGNUM *r, *s; - - if (lenp != NULL) - *lenp = 0; -@@ -80,8 +81,9 @@ ssh_ecdsa_sign(const struct sshkey *key, - ret = SSH_ERR_ALLOC_FAIL; - goto out; - } -- if ((ret = sshbuf_put_bignum2(bb, sig->r)) != 0 || -- (ret = sshbuf_put_bignum2(bb, sig->s)) != 0) -+ ECDSA_SIG_get0(sig, &r, &s); -+ if ((ret = sshbuf_put_bignum2(bb, r)) != 0 || -+ (ret = sshbuf_put_bignum2(bb, s)) != 0) - goto out; - if ((ret = sshbuf_put_cstring(b, sshkey_ssh_name_plain(key))) != 0 || - (ret = sshbuf_put_stringb(b, bb)) != 0) -@@ -118,6 +120,7 @@ ssh_ecdsa_verify(const struct sshkey *ke - int ret = SSH_ERR_INTERNAL_ERROR; - struct sshbuf *b = NULL, *sigbuf = NULL; - char *ktype = NULL; -+ BIGNUM *r = NULL, *s = NULL; - - if (key == NULL || key->ecdsa == NULL || - sshkey_type_plain(key->type) != KEY_ECDSA || -@@ -146,15 +149,23 @@ ssh_ecdsa_verify(const struct sshkey *ke - } - - /* parse signature */ -- if ((sig = ECDSA_SIG_new()) == NULL) { -+ if ((sig = ECDSA_SIG_new()) == NULL || -+ (r = BN_new()) == NULL || -+ (s = BN_new()) == NULL) { - ret = SSH_ERR_ALLOC_FAIL; - goto out; - } -- if (sshbuf_get_bignum2(sigbuf, sig->r) != 0 || -- sshbuf_get_bignum2(sigbuf, sig->s) != 0) { -+ if (sshbuf_get_bignum2(sigbuf, r) != 0 || -+ sshbuf_get_bignum2(sigbuf, s) != 0) { - ret = SSH_ERR_INVALID_FORMAT; - goto out; - } -+ if (ECDSA_SIG_set0(sig, r, s) == 0) { -+ ret = SSH_ERR_LIBCRYPTO_ERROR; -+ goto out; -+ } -+ r = NULL; -+ s = NULL; - if (sshbuf_len(sigbuf) != 0) { - ret = SSH_ERR_UNEXPECTED_TRAILING_DATA; - goto out; -@@ -179,6 +190,8 @@ ssh_ecdsa_verify(const struct sshkey *ke - explicit_bzero(digest, sizeof(digest)); - sshbuf_free(sigbuf); - sshbuf_free(b); -+ BN_free(r); -+ BN_free(s); - ECDSA_SIG_free(sig); - free(ktype); - return ret; -Index: openssh-7.8p1/ssh-keygen.c -=================================================================== ---- openssh-7.8p1.orig/ssh-keygen.c -+++ openssh-7.8p1/ssh-keygen.c -@@ -495,40 +495,67 @@ do_convert_private_ssh2_from_blob(u_char - free(type); - - switch (key->type) { -- case KEY_DSA: -- buffer_get_bignum_bits(b, key->dsa->p); -- buffer_get_bignum_bits(b, key->dsa->g); -- buffer_get_bignum_bits(b, key->dsa->q); -- buffer_get_bignum_bits(b, key->dsa->pub_key); -- buffer_get_bignum_bits(b, key->dsa->priv_key); -+ case KEY_DSA: { -+ BIGNUM *p = NULL, *g = NULL, *q = NULL, *pub_key = NULL, *priv_key = NULL; -+ -+ if ((p = BN_new()) == NULL || -+ (g = BN_new()) == NULL || -+ (q = BN_new()) == NULL || -+ (pub_key = BN_new()) == NULL || -+ (priv_key = BN_new()) == NULL) -+ fatal("BN_new() failed"); -+ buffer_get_bignum_bits(b, p); -+ buffer_get_bignum_bits(b, g); -+ buffer_get_bignum_bits(b, q); -+ buffer_get_bignum_bits(b, pub_key); -+ buffer_get_bignum_bits(b, priv_key); -+ if (DSA_set0_pqg(key->dsa, p, q, g) == 0 || -+ DSA_set0_key(key->dsa, pub_key, priv_key) == 0) { -+ fatal("failed to set DSA key"); -+ } -+ } - break; -- case KEY_RSA: -- if ((r = sshbuf_get_u8(b, &e1)) != 0 || -- (e1 < 30 && (r = sshbuf_get_u8(b, &e2)) != 0) || -- (e1 < 30 && (r = sshbuf_get_u8(b, &e3)) != 0)) -- fatal("%s: buffer error: %s", __func__, ssh_err(r)); -- e = e1; -- debug("e %lx", e); -- if (e < 30) { -- e <<= 8; -- e += e2; -- debug("e %lx", e); -- e <<= 8; -- e += e3; -+ case KEY_RSA: { -+ BIGNUM *bn_e = NULL, *bn_d = NULL, *bn_n = NULL, *bn_iqmp = NULL, *bn_p = NULL, *bn_q = NULL; -+ -+ if ((bn_e = BN_new()) == NULL || -+ (bn_d = BN_new()) == NULL || -+ (bn_n = BN_new()) == NULL || -+ (bn_iqmp = BN_new()) == NULL || -+ (bn_p = BN_new()) == NULL || -+ (bn_q = BN_new()) == NULL) -+ fatal("BN_new() failed"); -+ -+ if ((r = sshbuf_get_u8(b, &e1)) != 0 || -+ (e1 < 30 && (r = sshbuf_get_u8(b, &e2)) != 0) || -+ (e1 < 30 && (r = sshbuf_get_u8(b, &e3)) != 0)) -+ fatal("%s: buffer error: %s", __func__, ssh_err(r)); -+ e = e1; - debug("e %lx", e); -+ if (e < 30) { -+ e <<= 8; -+ e += e2; -+ debug("e %lx", e); -+ e <<= 8; -+ e += e3; -+ debug("e %lx", e); -+ } -+ if (!BN_set_word(bn_e, e)) { -+ sshbuf_free(b); -+ sshkey_free(key); -+ return NULL; -+ } -+ buffer_get_bignum_bits(b, bn_d); -+ buffer_get_bignum_bits(b, bn_n); -+ buffer_get_bignum_bits(b, bn_iqmp); -+ buffer_get_bignum_bits(b, bn_q); -+ buffer_get_bignum_bits(b, bn_p); -+ if (RSA_set0_key(key->rsa, bn_n, bn_e, bn_d) == 0 || -+ RSA_set0_factors(key->rsa, bn_p, bn_q) == 0) -+ fatal("Failed to set RSA parameters"); -+ if ((r = ssh_rsa_generate_additional_parameters(key, bn_iqmp)) != 0) -+ fatal("generate RSA parameters failed: %s", ssh_err(r)); - } -- if (!BN_set_word(key->rsa->e, e)) { -- sshbuf_free(b); -- sshkey_free(key); -- return NULL; -- } -- buffer_get_bignum_bits(b, key->rsa->d); -- buffer_get_bignum_bits(b, key->rsa->n); -- buffer_get_bignum_bits(b, key->rsa->iqmp); -- buffer_get_bignum_bits(b, key->rsa->q); -- buffer_get_bignum_bits(b, key->rsa->p); -- if ((r = ssh_rsa_generate_additional_parameters(key)) != 0) -- fatal("generate RSA parameters failed: %s", ssh_err(r)); - break; - } - rlen = sshbuf_len(b); -@@ -636,7 +663,7 @@ do_convert_from_pkcs8(struct sshkey **k, - identity_file); - } - fclose(fp); -- switch (EVP_PKEY_type(pubkey->type)) { -+ switch (EVP_PKEY_base_id(pubkey)) { - case EVP_PKEY_RSA: - if ((*k = sshkey_new(KEY_UNSPEC)) == NULL) - fatal("sshkey_new failed"); -@@ -660,7 +687,7 @@ do_convert_from_pkcs8(struct sshkey **k, - #endif - default: - fatal("%s: unsupported pubkey type %d", __func__, -- EVP_PKEY_type(pubkey->type)); -+ EVP_PKEY_base_id(pubkey)); - } - EVP_PKEY_free(pubkey); - return; -@@ -1806,6 +1833,7 @@ do_ca_sign(struct passwd *pw, int argc, - #ifdef ENABLE_PKCS11 - pkcs11_terminate(); - #endif -+ free(ca); - exit(0); - } - -Index: openssh-7.8p1/ssh-pkcs11-client.c -=================================================================== ---- openssh-7.8p1.orig/ssh-pkcs11-client.c -+++ openssh-7.8p1/ssh-pkcs11-client.c -@@ -156,12 +156,16 @@ pkcs11_rsa_private_encrypt(int flen, con - static int - wrap_key(RSA *rsa) - { -- static RSA_METHOD helper_rsa; -+ static RSA_METHOD *helper_rsa; - -- memcpy(&helper_rsa, RSA_get_default_method(), sizeof(helper_rsa)); -- helper_rsa.name = "ssh-pkcs11-helper"; -- helper_rsa.rsa_priv_enc = pkcs11_rsa_private_encrypt; -- RSA_set_method(rsa, &helper_rsa); -+ if (helper_rsa == NULL) { -+ helper_rsa = RSA_meth_dup(RSA_get_default_method()); -+ if (helper_rsa == NULL) -+ error("RSA_meth_dup failed"); -+ RSA_meth_set1_name(helper_rsa, "ssh-pkcs11-helper"); -+ RSA_meth_set_priv_enc(helper_rsa, pkcs11_rsa_private_encrypt); -+ } -+ RSA_set_method(rsa, helper_rsa); - return (0); - } - -Index: openssh-7.8p1/ssh-pkcs11.c -=================================================================== ---- openssh-7.8p1.orig/ssh-pkcs11.c -+++ openssh-7.8p1/ssh-pkcs11.c -@@ -67,7 +67,7 @@ struct pkcs11_key { - struct pkcs11_provider *provider; - CK_ULONG slotidx; - int (*orig_finish)(RSA *rsa); -- RSA_METHOD rsa_method; -+ RSA_METHOD *rsa_method; - char *keyid; - int keyid_len; - }; -@@ -183,6 +183,7 @@ pkcs11_rsa_finish(RSA *rsa) - if (k11->provider) - pkcs11_provider_unref(k11->provider); - free(k11->keyid); -+ RSA_meth_free(k11->rsa_method); - free(k11); - } - return (rv); -@@ -326,13 +327,21 @@ pkcs11_rsa_wrap(struct pkcs11_provider * - k11->keyid = xmalloc(k11->keyid_len); - memcpy(k11->keyid, keyid_attrib->pValue, k11->keyid_len); - } -- k11->orig_finish = def->finish; -- memcpy(&k11->rsa_method, def, sizeof(k11->rsa_method)); -- k11->rsa_method.name = "pkcs11"; -- k11->rsa_method.rsa_priv_enc = pkcs11_rsa_private_encrypt; -- k11->rsa_method.rsa_priv_dec = pkcs11_rsa_private_decrypt; -- k11->rsa_method.finish = pkcs11_rsa_finish; -- RSA_set_method(rsa, &k11->rsa_method); -+ k11->orig_finish = RSA_meth_get_finish(def); -+ if ((k11->rsa_method = RSA_meth_dup(def)) == NULL || -+ RSA_meth_set1_name(k11->rsa_method, "pkcs11") == 0 || -+ RSA_meth_set_priv_enc(k11->rsa_method, pkcs11_rsa_private_encrypt) == 0 || -+ RSA_meth_set_priv_dec(k11->rsa_method, pkcs11_rsa_private_decrypt) == 0 || -+ RSA_meth_set_finish(k11->rsa_method, pkcs11_rsa_finish) == 0) { -+ RSA_meth_free(k11->rsa_method); -+ k11->rsa_method = NULL; -+ pkcs11_provider_unref(k11->provider); -+ free(k11->keyid); -+ free(k11); -+ return (-1); -+ } -+ -+ RSA_set_method(rsa, k11->rsa_method); - RSA_set_app_data(rsa, k11); - return (0); - } -@@ -460,6 +469,7 @@ pkcs11_fetch_keys_filter(struct pkcs11_p - CK_ULONG nfound; - CK_SESSION_HANDLE session; - CK_FUNCTION_LIST *f; -+ const BIGNUM *n, *e; - - f = p->function_list; - session = p->slotinfo[slotidx].session; -@@ -512,10 +522,16 @@ pkcs11_fetch_keys_filter(struct pkcs11_p - if ((rsa = RSA_new()) == NULL) { - error("RSA_new failed"); - } else { -- rsa->n = BN_bin2bn(attribs[1].pValue, -+ BIGNUM *rsa_n, *rsa_e; -+ -+ rsa_n = BN_bin2bn(attribs[1].pValue, - attribs[1].ulValueLen, NULL); -- rsa->e = BN_bin2bn(attribs[2].pValue, -+ rsa_e = BN_bin2bn(attribs[2].pValue, - attribs[2].ulValueLen, NULL); -+ if (rsa_n == NULL || rsa_e == NULL) -+ error("BN_bin2bn failed"); -+ if (RSA_set0_key(rsa, rsa_n, rsa_e, NULL) == 0) -+ error("RSA_set0_key failed"); - } - } else { - cp = attribs[2].pValue; -@@ -525,16 +541,18 @@ pkcs11_fetch_keys_filter(struct pkcs11_p - == NULL) { - error("d2i_X509 failed"); - } else if ((evp = X509_get_pubkey(x509)) == NULL || -- evp->type != EVP_PKEY_RSA || -- evp->pkey.rsa == NULL) { -+ EVP_PKEY_id(evp) != EVP_PKEY_RSA || -+ EVP_PKEY_get0_RSA(evp) == NULL) { - debug("X509_get_pubkey failed or no rsa"); -- } else if ((rsa = RSAPublicKey_dup(evp->pkey.rsa)) -+ } else if ((rsa = RSAPublicKey_dup(EVP_PKEY_get0_RSA(evp))) - == NULL) { - error("RSAPublicKey_dup"); - } - X509_free(x509); - } -- if (rsa && rsa->n && rsa->e && -+ if (rsa) -+ RSA_get0_key(rsa, &n, &e, NULL); -+ if (rsa && n && e && - pkcs11_rsa_wrap(p, slotidx, &attribs[0], rsa) == 0) { - if ((key = sshkey_new(KEY_UNSPEC)) == NULL) - fatal("sshkey_new failed"); -Index: openssh-7.8p1/ssh-rsa.c -=================================================================== ---- openssh-7.8p1.orig/ssh-rsa.c -+++ openssh-7.8p1/ssh-rsa.c -@@ -104,38 +104,50 @@ rsa_hash_alg_nid(int type) - } - - int --ssh_rsa_generate_additional_parameters(struct sshkey *key) -+ssh_rsa_generate_additional_parameters(struct sshkey *key, BIGNUM *iqmp) - { - BIGNUM *aux = NULL; - BN_CTX *ctx = NULL; -- BIGNUM d; -+ BIGNUM *d = NULL; - int r; -+ const BIGNUM *p, *q, *rsa_d; -+ BIGNUM *dmp1 = NULL, *dmq1 = NULL; - - if (key == NULL || key->rsa == NULL || - sshkey_type_plain(key->type) != KEY_RSA) - return SSH_ERR_INVALID_ARGUMENT; - -- if ((ctx = BN_CTX_new()) == NULL) -- return SSH_ERR_ALLOC_FAIL; -- if ((aux = BN_new()) == NULL) { -+ RSA_get0_factors(key->rsa, &p, &q); -+ RSA_get0_key(key->rsa, NULL, NULL, &rsa_d); -+ -+ if ((ctx = BN_CTX_new()) == NULL || -+ (aux = BN_new()) == NULL || -+ (d = BN_new()) == NULL || -+ (dmp1 = BN_new()) == NULL || -+ (dmq1 = BN_new()) == NULL) { - r = SSH_ERR_ALLOC_FAIL; - goto out; - } - BN_set_flags(aux, BN_FLG_CONSTTIME); - -- BN_init(&d); -- BN_with_flags(&d, key->rsa->d, BN_FLG_CONSTTIME); -+ BN_with_flags(d, rsa_d, BN_FLG_CONSTTIME); - -- if ((BN_sub(aux, key->rsa->q, BN_value_one()) == 0) || -- (BN_mod(key->rsa->dmq1, &d, aux, ctx) == 0) || -- (BN_sub(aux, key->rsa->p, BN_value_one()) == 0) || -- (BN_mod(key->rsa->dmp1, &d, aux, ctx) == 0)) { -+ if ((BN_sub(aux, q, BN_value_one()) == 0) || -+ (BN_mod(dmq1, d, aux, ctx) == 0) || -+ (BN_sub(aux, p, BN_value_one()) == 0) || -+ (BN_mod(dmp1, d, aux, ctx) == 0) || -+ (RSA_set0_crt_params(key->rsa, dmp1, dmq1, iqmp) == 0)) { - r = SSH_ERR_LIBCRYPTO_ERROR; - goto out; - } -+ dmp1 = NULL; -+ dmq1 = NULL; - r = 0; - out: -+ BN_free(d); - BN_clear_free(aux); -+ BN_clear_free(dmp1); -+ BN_clear_free(dmq1); - BN_CTX_free(ctx); - return r; - } -@@ -163,7 +175,7 @@ ssh_rsa_sign(const struct sshkey *key, u - if (key == NULL || key->rsa == NULL || hash_alg == -1 || - sshkey_type_plain(key->type) != KEY_RSA) - return SSH_ERR_INVALID_ARGUMENT; -- if (BN_num_bits(key->rsa->n) < SSH_RSA_MINIMUM_MODULUS_SIZE) -+ if (RSA_bits(key->rsa) < SSH_RSA_MINIMUM_MODULUS_SIZE) - return SSH_ERR_KEY_LENGTH; - slen = RSA_size(key->rsa); - if (slen <= 0 || slen > SSHBUF_MAX_BIGNUM) -@@ -235,7 +247,7 @@ ssh_rsa_verify(const struct sshkey *key, - sshkey_type_plain(key->type) != KEY_RSA || - sig == NULL || siglen == 0) - return SSH_ERR_INVALID_ARGUMENT; -- if (BN_num_bits(key->rsa->n) < SSH_RSA_MINIMUM_MODULUS_SIZE) -+ if (RSA_bits(key->rsa) < SSH_RSA_MINIMUM_MODULUS_SIZE) - return SSH_ERR_KEY_LENGTH; - - if ((b = sshbuf_from(sig, siglen)) == NULL) -Index: openssh-7.8p1/sshconnect.c -=================================================================== ---- openssh-7.8p1.orig/sshconnect.c -+++ openssh-7.8p1/sshconnect.c -@@ -1399,6 +1399,7 @@ ssh_login(Sensitive *sensitive, const ch - char *server_user, *local_user; - - local_user = xstrdup(pw->pw_name); -+ free(pw); - server_user = options.user ? options.user : local_user; - - /* Convert the user-supplied hostname into all lowercase. */ -Index: openssh-7.8p1/sshkey.c -=================================================================== ---- openssh-7.8p1.orig/sshkey.c -+++ openssh-7.8p1/sshkey.c -@@ -293,10 +293,10 @@ sshkey_size(const struct sshkey *k) - #ifdef WITH_OPENSSL - case KEY_RSA: - case KEY_RSA_CERT: -- return BN_num_bits(k->rsa->n); -+ return RSA_bits(k->rsa); - case KEY_DSA: - case KEY_DSA_CERT: -- return BN_num_bits(k->dsa->p); -+ return DSA_bits(k->dsa); - case KEY_ECDSA: - case KEY_ECDSA_CERT: - return sshkey_curve_nid_to_bits(k->ecdsa_nid); -@@ -325,6 +325,31 @@ sshkey_type_is_valid_ca(int type) - } - } - -+ -+static int -+sshkey_is_private_rsa(const RSA *r) -+{ -+ const BIGNUM *d; -+ int rv; -+ -+ RSA_get0_key(r, NULL, NULL, &d); -+ rv = (d != NULL); -+ d = NULL; -+ return rv; -+} -+ -+static int -+sshkey_is_private_dsa(const DSA *d) -+{ -+ const BIGNUM *priv_key; -+ int rv; -+ -+ DSA_get0_key(d, NULL, &priv_key); -+ rv = (priv_key != NULL); -+ priv_key = NULL; -+ return rv; -+} -+ - int - sshkey_is_private(const struct sshkey *k) - { -@@ -332,10 +357,10 @@ sshkey_is_private(const struct sshkey *k - #ifdef WITH_OPENSSL - case KEY_RSA_CERT: - case KEY_RSA: -- return k->rsa->d != NULL; -+ return sshkey_is_private_rsa(k->rsa); - case KEY_DSA_CERT: - case KEY_DSA: -- return k->dsa->priv_key != NULL; -+ return sshkey_is_private_dsa(k->dsa); - #ifdef OPENSSL_HAS_ECC - case KEY_ECDSA_CERT: - case KEY_ECDSA: -@@ -527,10 +552,7 @@ sshkey_new(int type) - #ifdef WITH_OPENSSL - case KEY_RSA: - case KEY_RSA_CERT: -- if ((rsa = RSA_new()) == NULL || -- (rsa->n = BN_new()) == NULL || -- (rsa->e = BN_new()) == NULL) { -- RSA_free(rsa); -+ if ((rsa = RSA_new()) == NULL) { - free(k); - return NULL; - } -@@ -538,12 +560,7 @@ sshkey_new(int type) - break; - case KEY_DSA: - case KEY_DSA_CERT: -- if ((dsa = DSA_new()) == NULL || -- (dsa->p = BN_new()) == NULL || -- (dsa->q = BN_new()) == NULL || -- (dsa->g = BN_new()) == NULL || -- (dsa->pub_key = BN_new()) == NULL) { -- DSA_free(dsa); -+ if ((dsa = DSA_new()) == NULL) { - free(k); - return NULL; - } -@@ -584,21 +601,10 @@ sshkey_add_private(struct sshkey *k) - #ifdef WITH_OPENSSL - case KEY_RSA: - case KEY_RSA_CERT: --#define bn_maybe_alloc_failed(p) (p == NULL && (p = BN_new()) == NULL) -- if (bn_maybe_alloc_failed(k->rsa->d) || -- bn_maybe_alloc_failed(k->rsa->iqmp) || -- bn_maybe_alloc_failed(k->rsa->q) || -- bn_maybe_alloc_failed(k->rsa->p) || -- bn_maybe_alloc_failed(k->rsa->dmq1) || -- bn_maybe_alloc_failed(k->rsa->dmp1)) -- return SSH_ERR_ALLOC_FAIL; - break; - case KEY_DSA: - case KEY_DSA_CERT: -- if (bn_maybe_alloc_failed(k->dsa->priv_key)) -- return SSH_ERR_ALLOC_FAIL; - break; --#undef bn_maybe_alloc_failed - case KEY_ECDSA: - case KEY_ECDSA_CERT: - /* Cannot do anything until we know the group */ -@@ -721,17 +727,31 @@ sshkey_equal_public(const struct sshkey - switch (a->type) { - #ifdef WITH_OPENSSL - case KEY_RSA_CERT: -- case KEY_RSA: -- return a->rsa != NULL && b->rsa != NULL && -- BN_cmp(a->rsa->e, b->rsa->e) == 0 && -- BN_cmp(a->rsa->n, b->rsa->n) == 0; -+ case KEY_RSA: { -+ const BIGNUM *a_e, *a_n, *b_e, *b_n; -+ -+ if (a->rsa == NULL || b->rsa == NULL) -+ return 0; -+ RSA_get0_key(a->rsa, &a_n, &a_e, NULL); -+ RSA_get0_key(b->rsa, &b_n, &b_e, NULL); -+ return BN_cmp(a_e, b_e) == 0 && BN_cmp(a_n, b_n) == 0; -+ } - case KEY_DSA_CERT: -- case KEY_DSA: -- return a->dsa != NULL && b->dsa != NULL && -- BN_cmp(a->dsa->p, b->dsa->p) == 0 && -- BN_cmp(a->dsa->q, b->dsa->q) == 0 && -- BN_cmp(a->dsa->g, b->dsa->g) == 0 && -- BN_cmp(a->dsa->pub_key, b->dsa->pub_key) == 0; -+ case KEY_DSA: { -+ const BIGNUM *a_p, *a_q, *a_g, *a_pub_key; -+ const BIGNUM *b_p, *b_q, *b_g, *b_pub_key; -+ -+ if (a->dsa == NULL || b->dsa == NULL) -+ return 0; -+ DSA_get0_pqg(a->dsa, &a_p, &a_q, &a_g); -+ DSA_get0_key(a->dsa, &a_pub_key, NULL); -+ DSA_get0_pqg(b->dsa, &b_p, &b_q, &b_g); -+ DSA_get0_key(b->dsa, &b_pub_key, NULL); -+ return BN_cmp(a_p, b_p) == 0 && -+ BN_cmp(a_q, b_q) == 0 && -+ BN_cmp(a_g, b_g) == 0 && -+ BN_cmp(a_pub_key, b_pub_key) == 0; -+ } - # ifdef OPENSSL_HAS_ECC - case KEY_ECDSA_CERT: - case KEY_ECDSA: -@@ -817,15 +837,21 @@ to_blob_buf(const struct sshkey *key, st - return ret; - break; - #ifdef WITH_OPENSSL -- case KEY_DSA: -- if (key->dsa == NULL) -- return SSH_ERR_INVALID_ARGUMENT; -- if ((ret = sshbuf_put_cstring(b, typename)) != 0 || -- (ret = sshbuf_put_bignum2(b, key->dsa->p)) != 0 || -- (ret = sshbuf_put_bignum2(b, key->dsa->q)) != 0 || -- (ret = sshbuf_put_bignum2(b, key->dsa->g)) != 0 || -- (ret = sshbuf_put_bignum2(b, key->dsa->pub_key)) != 0) -- return ret; -+ case KEY_DSA: { -+ const BIGNUM *p, *q, *g, *pub_key; -+ -+ if (key->dsa == NULL) -+ return SSH_ERR_INVALID_ARGUMENT; -+ -+ DSA_get0_pqg(key->dsa, &p, &q, &g); -+ DSA_get0_key(key->dsa, &pub_key, NULL); -+ if ((ret = sshbuf_put_cstring(b, typename)) != 0 || -+ (ret = sshbuf_put_bignum2(b, p)) != 0 || -+ (ret = sshbuf_put_bignum2(b, q)) != 0 || -+ (ret = sshbuf_put_bignum2(b, g)) != 0 || -+ (ret = sshbuf_put_bignum2(b, pub_key)) != 0) -+ return ret; -+ } - break; - # ifdef OPENSSL_HAS_ECC - case KEY_ECDSA: -@@ -838,13 +864,18 @@ to_blob_buf(const struct sshkey *key, st - return ret; - break; - # endif -- case KEY_RSA: -- if (key->rsa == NULL) -- return SSH_ERR_INVALID_ARGUMENT; -- if ((ret = sshbuf_put_cstring(b, typename)) != 0 || -- (ret = sshbuf_put_bignum2(b, key->rsa->e)) != 0 || -- (ret = sshbuf_put_bignum2(b, key->rsa->n)) != 0) -- return ret; -+ case KEY_RSA: { -+ const BIGNUM *e, *n; -+ -+ if (key->rsa == NULL) -+ return SSH_ERR_INVALID_ARGUMENT; -+ -+ RSA_get0_key(key->rsa, &n, &e, NULL); -+ if ((ret = sshbuf_put_cstring(b, typename)) != 0 || -+ (ret = sshbuf_put_bignum2(b, e)) != 0 || -+ (ret = sshbuf_put_bignum2(b, n)) != 0) -+ return ret; -+ } - break; - #endif /* WITH_OPENSSL */ - case KEY_ED25519: -@@ -1782,15 +1813,32 @@ sshkey_from_private(const struct sshkey - switch (k->type) { - #ifdef WITH_OPENSSL - case KEY_DSA: -- case KEY_DSA_CERT: -- if ((n = sshkey_new(k->type)) == NULL) -- return SSH_ERR_ALLOC_FAIL; -- if ((BN_copy(n->dsa->p, k->dsa->p) == NULL) || -- (BN_copy(n->dsa->q, k->dsa->q) == NULL) || -- (BN_copy(n->dsa->g, k->dsa->g) == NULL) || -- (BN_copy(n->dsa->pub_key, k->dsa->pub_key) == NULL)) { -- sshkey_free(n); -- return SSH_ERR_ALLOC_FAIL; -+ case KEY_DSA_CERT: { -+ const BIGNUM *k_p, *k_q, *k_g, *k_pub_key; -+ BIGNUM *n_p = NULL, *n_q = NULL, *n_g = NULL, *n_pub_key = NULL; -+ -+ if ((n = sshkey_new(k->type)) == NULL) -+ return SSH_ERR_ALLOC_FAIL; -+ -+ DSA_get0_pqg(k->dsa, &k_p, &k_q, &k_g); -+ DSA_get0_key(k->dsa, &k_pub_key, NULL); -+ -+ if (((n_p = BN_dup(k_p)) == NULL) || -+ ((n_q = BN_dup(k_q)) == NULL) || -+ ((n_g = BN_dup(k_g)) == NULL) || -+ (DSA_set0_pqg(n->dsa, n_p, n_q, n_g) == 0)) { -+ sshkey_free(n); -+ BN_free(n_p); -+ BN_free(n_q); -+ BN_free(n_g); -+ return SSH_ERR_ALLOC_FAIL; -+ } -+ if (((n_pub_key = BN_dup(k_pub_key)) == NULL) || -+ (DSA_set0_key(n->dsa, n_pub_key, NULL) == 0)) { -+ sshkey_free(n); -+ BN_free(n_pub_key); -+ return SSH_ERR_ALLOC_FAIL; -+ } - } - break; - # ifdef OPENSSL_HAS_ECC -@@ -1812,13 +1860,22 @@ sshkey_from_private(const struct sshkey - break; - # endif /* OPENSSL_HAS_ECC */ - case KEY_RSA: -- case KEY_RSA_CERT: -- if ((n = sshkey_new(k->type)) == NULL) -- return SSH_ERR_ALLOC_FAIL; -- if ((BN_copy(n->rsa->n, k->rsa->n) == NULL) || -- (BN_copy(n->rsa->e, k->rsa->e) == NULL)) { -- sshkey_free(n); -- return SSH_ERR_ALLOC_FAIL; -+ case KEY_RSA_CERT: { -+ const BIGNUM *k_n, *k_e; -+ BIGNUM *n_n = NULL, *n_e = NULL; -+ -+ if ((n = sshkey_new(k->type)) == NULL) -+ return SSH_ERR_ALLOC_FAIL; -+ -+ RSA_get0_key(k->rsa, &k_n, &k_e, NULL); -+ if (((n_n = BN_dup(k_n)) == NULL) || -+ ((n_e = BN_dup(k_e)) == NULL) || -+ RSA_set0_key(n->rsa, n_n, n_e, NULL) == 0) { -+ sshkey_free(n); -+ BN_free(n_n); -+ BN_free(n_e); -+ return SSH_ERR_ALLOC_FAIL; -+ } - } - break; - #endif /* WITH_OPENSSL */ -@@ -2040,12 +2097,22 @@ sshkey_from_blob_internal(struct sshbuf - ret = SSH_ERR_ALLOC_FAIL; - goto out; - } -- if (sshbuf_get_bignum2(b, key->rsa->e) != 0 || -- sshbuf_get_bignum2(b, key->rsa->n) != 0) { -- ret = SSH_ERR_INVALID_FORMAT; -- goto out; -+ { -+ BIGNUM *e, *n; -+ -+ e = BN_new(); -+ n = BN_new(); -+ if (e == NULL || n == NULL || -+ sshbuf_get_bignum2(b, e) != 0 || -+ sshbuf_get_bignum2(b, n) != 0 || -+ RSA_set0_key(key->rsa, n, e, NULL) == 0) { -+ BN_free(e); -+ BN_free(n); -+ ret = SSH_ERR_ALLOC_FAIL; -+ goto out; -+ } - } -- if (BN_num_bits(key->rsa->n) < SSH_RSA_MINIMUM_MODULUS_SIZE) { -+ if (RSA_bits(key->rsa) < SSH_RSA_MINIMUM_MODULUS_SIZE) { - ret = SSH_ERR_KEY_LENGTH; - goto out; - } -@@ -2065,12 +2132,34 @@ sshkey_from_blob_internal(struct sshbuf - ret = SSH_ERR_ALLOC_FAIL; - goto out; - } -- if (sshbuf_get_bignum2(b, key->dsa->p) != 0 || -- sshbuf_get_bignum2(b, key->dsa->q) != 0 || -- sshbuf_get_bignum2(b, key->dsa->g) != 0 || -- sshbuf_get_bignum2(b, key->dsa->pub_key) != 0) { -- ret = SSH_ERR_INVALID_FORMAT; -- goto out; -+ { -+ BIGNUM *p, *q, *g, *pub_key; -+ -+ p = BN_new(); -+ q = BN_new(); -+ g = BN_new(); -+ pub_key = BN_new(); -+ -+ if (p == NULL || q == NULL || g == NULL || -+ pub_key == NULL || -+ sshbuf_get_bignum2(b, p) != 0 || -+ sshbuf_get_bignum2(b, q) != 0 || -+ sshbuf_get_bignum2(b, g) != 0 || -+ sshbuf_get_bignum2(b, pub_key) != 0 || -+ DSA_set0_pqg(key->dsa, p, q, g) == 0) { -+ BN_free(p); -+ BN_free(q); -+ BN_free(g); -+ BN_free(pub_key); -+ ret = SSH_ERR_ALLOC_FAIL; -+ goto out; -+ } -+ -+ if (DSA_set0_key(key->dsa, pub_key, NULL) == 0) { -+ BN_free(pub_key); -+ ret = SSH_ERR_LIBCRYPTO_ERROR; -+ goto out; -+ } - } - #ifdef DEBUG_PK - DSA_print_fp(stderr, key->dsa, 8); -@@ -2415,26 +2504,53 @@ sshkey_demote(const struct sshkey *k, st - if ((ret = sshkey_cert_copy(k, pk)) != 0) - goto fail; - /* FALLTHROUGH */ -- case KEY_RSA: -- if ((pk->rsa = RSA_new()) == NULL || -- (pk->rsa->e = BN_dup(k->rsa->e)) == NULL || -- (pk->rsa->n = BN_dup(k->rsa->n)) == NULL) { -- ret = SSH_ERR_ALLOC_FAIL; -- goto fail; -+ case KEY_RSA: { -+ const BIGNUM *k_e, *k_n; -+ BIGNUM *pk_e = NULL, *pk_n = NULL; -+ -+ RSA_get0_key(k->rsa, &k_n, &k_e, NULL); -+ if ((pk->rsa = RSA_new()) == NULL || -+ (pk_e = BN_dup(k_e)) == NULL || -+ (pk_n = BN_dup(k_n)) == NULL || -+ RSA_set0_key(pk->rsa, pk_n, pk_e, NULL) == 0) { -+ BN_free(pk_e); -+ BN_free(pk_n); -+ ret = SSH_ERR_ALLOC_FAIL; -+ goto fail; - } -+ } - break; - case KEY_DSA_CERT: - if ((ret = sshkey_cert_copy(k, pk)) != 0) - goto fail; - /* FALLTHROUGH */ -- case KEY_DSA: -- if ((pk->dsa = DSA_new()) == NULL || -- (pk->dsa->p = BN_dup(k->dsa->p)) == NULL || -- (pk->dsa->q = BN_dup(k->dsa->q)) == NULL || -- (pk->dsa->g = BN_dup(k->dsa->g)) == NULL || -- (pk->dsa->pub_key = BN_dup(k->dsa->pub_key)) == NULL) { -- ret = SSH_ERR_ALLOC_FAIL; -- goto fail; -+ case KEY_DSA: { -+ const BIGNUM *k_p, *k_q, *k_g, *k_pub_key; -+ BIGNUM *pk_p = NULL, *pk_q = NULL, *pk_g = NULL; -+ BIGNUM *pk_pub_key = NULL; -+ -+ DSA_get0_pqg(k->dsa, &k_p, &k_q, &k_g); -+ DSA_get0_key(k->dsa, &k_pub_key, NULL); -+ -+ if ((pk->dsa = DSA_new()) == NULL || -+ (pk_p = BN_dup(k_p)) == NULL || -+ (pk_q = BN_dup(k_q)) == NULL || -+ (pk_g = BN_dup(k_g)) == NULL || -+ (pk_pub_key = BN_dup(k_pub_key)) == NULL || -+ DSA_set0_pqg(pk->dsa, pk_p, pk_q, pk_g) == 0) { -+ BN_free(pk_p); -+ BN_free(pk_q); -+ BN_free(pk_g); -+ BN_free(pk_pub_key); -+ ret = SSH_ERR_ALLOC_FAIL; -+ goto fail; -+ } -+ -+ if (DSA_set0_key(pk->dsa, pk_pub_key, NULL) == 0) { -+ BN_free(pk_pub_key); -+ ret = SSH_ERR_LIBCRYPTO_ERROR; -+ goto fail; -+ } - } - break; - case KEY_ECDSA_CERT: -@@ -2584,12 +2700,17 @@ sshkey_certify_custom(struct sshkey *k, - /* XXX this substantially duplicates to_blob(); refactor */ - switch (k->type) { - #ifdef WITH_OPENSSL -- case KEY_DSA_CERT: -- if ((ret = sshbuf_put_bignum2(cert, k->dsa->p)) != 0 || -- (ret = sshbuf_put_bignum2(cert, k->dsa->q)) != 0 || -- (ret = sshbuf_put_bignum2(cert, k->dsa->g)) != 0 || -- (ret = sshbuf_put_bignum2(cert, k->dsa->pub_key)) != 0) -- goto out; -+ case KEY_DSA_CERT: { -+ const BIGNUM *p, *q, *g, *pub_key; -+ -+ DSA_get0_pqg(k->dsa, &p, &q, &g); -+ DSA_get0_key(k->dsa, &pub_key, NULL); -+ if ((ret = sshbuf_put_bignum2(cert, p)) != 0 || -+ (ret = sshbuf_put_bignum2(cert, q)) != 0 || -+ (ret = sshbuf_put_bignum2(cert, g)) != 0 || -+ (ret = sshbuf_put_bignum2(cert, pub_key)) != 0) -+ goto out; -+ } - break; - # ifdef OPENSSL_HAS_ECC - case KEY_ECDSA_CERT: -@@ -2601,10 +2722,15 @@ sshkey_certify_custom(struct sshkey *k, - goto out; - break; - # endif /* OPENSSL_HAS_ECC */ -- case KEY_RSA_CERT: -- if ((ret = sshbuf_put_bignum2(cert, k->rsa->e)) != 0 || -- (ret = sshbuf_put_bignum2(cert, k->rsa->n)) != 0) -- goto out; -+ case KEY_RSA_CERT: { -+ const BIGNUM *e, *n; -+ -+ RSA_get0_key(k->rsa, &n, &e, NULL); -+ if (e == NULL || n == NULL || -+ (ret = sshbuf_put_bignum2(cert, e)) != 0 || -+ (ret = sshbuf_put_bignum2(cert, n)) != 0) -+ goto out; -+ } - break; - #endif /* WITH_OPENSSL */ - case KEY_ED25519_CERT: -@@ -2790,43 +2916,65 @@ sshkey_private_serialize_opt(const struc - goto out; - switch (key->type) { - #ifdef WITH_OPENSSL -- case KEY_RSA: -- if ((r = sshbuf_put_bignum2(b, key->rsa->n)) != 0 || -- (r = sshbuf_put_bignum2(b, key->rsa->e)) != 0 || -- (r = sshbuf_put_bignum2(b, key->rsa->d)) != 0 || -- (r = sshbuf_put_bignum2(b, key->rsa->iqmp)) != 0 || -- (r = sshbuf_put_bignum2(b, key->rsa->p)) != 0 || -- (r = sshbuf_put_bignum2(b, key->rsa->q)) != 0) -- goto out; -+ case KEY_RSA: { -+ const BIGNUM *n, *e, *d, *iqmp, *p, *q; -+ RSA_get0_key(key->rsa, &n, &e, &d); -+ RSA_get0_crt_params(key->rsa, NULL, NULL, &iqmp); -+ RSA_get0_factors(key->rsa, &p, &q); -+ if ((r = sshbuf_put_bignum2(b, n)) != 0 || -+ (r = sshbuf_put_bignum2(b, e)) != 0 || -+ (r = sshbuf_put_bignum2(b, d)) != 0 || -+ (r = sshbuf_put_bignum2(b, iqmp)) != 0 || -+ (r = sshbuf_put_bignum2(b, p)) != 0 || -+ (r = sshbuf_put_bignum2(b, q)) != 0) -+ goto out; -+ } - break; - case KEY_RSA_CERT: - if (key->cert == NULL || sshbuf_len(key->cert->certblob) == 0) { - r = SSH_ERR_INVALID_ARGUMENT; - goto out; - } -- if ((r = sshbuf_put_stringb(b, key->cert->certblob)) != 0 || -- (r = sshbuf_put_bignum2(b, key->rsa->d)) != 0 || -- (r = sshbuf_put_bignum2(b, key->rsa->iqmp)) != 0 || -- (r = sshbuf_put_bignum2(b, key->rsa->p)) != 0 || -- (r = sshbuf_put_bignum2(b, key->rsa->q)) != 0) -- goto out; -+ { -+ const BIGNUM *d, *iqmp, *p, *q; -+ -+ RSA_get0_key(key->rsa, NULL, NULL, &d); -+ RSA_get0_factors(key->rsa, &p, &q); -+ RSA_get0_crt_params(key->rsa, NULL, NULL, &iqmp); -+ if ((r = sshbuf_put_stringb(b, key->cert->certblob)) != 0 || -+ (r = sshbuf_put_bignum2(b, d)) != 0 || -+ (r = sshbuf_put_bignum2(b, iqmp)) != 0 || -+ (r = sshbuf_put_bignum2(b, p)) != 0 || -+ (r = sshbuf_put_bignum2(b, q)) != 0) -+ goto out; -+ } - break; -- case KEY_DSA: -- if ((r = sshbuf_put_bignum2(b, key->dsa->p)) != 0 || -- (r = sshbuf_put_bignum2(b, key->dsa->q)) != 0 || -- (r = sshbuf_put_bignum2(b, key->dsa->g)) != 0 || -- (r = sshbuf_put_bignum2(b, key->dsa->pub_key)) != 0 || -- (r = sshbuf_put_bignum2(b, key->dsa->priv_key)) != 0) -- goto out; -+ case KEY_DSA: { -+ const BIGNUM *p, *q, *g, *pub_key, *priv_key; -+ -+ DSA_get0_pqg(key->dsa, &p, &q, &g); -+ DSA_get0_key(key->dsa, &pub_key, &priv_key); -+ if ((r = sshbuf_put_bignum2(b, p)) != 0 || -+ (r = sshbuf_put_bignum2(b, q)) != 0 || -+ (r = sshbuf_put_bignum2(b, g)) != 0 || -+ (r = sshbuf_put_bignum2(b, pub_key)) != 0 || -+ (r = sshbuf_put_bignum2(b, priv_key)) != 0) -+ goto out; -+ } - break; - case KEY_DSA_CERT: - if (key->cert == NULL || sshbuf_len(key->cert->certblob) == 0) { - r = SSH_ERR_INVALID_ARGUMENT; - goto out; - } -- if ((r = sshbuf_put_stringb(b, key->cert->certblob)) != 0 || -- (r = sshbuf_put_bignum2(b, key->dsa->priv_key)) != 0) -- goto out; -+ { -+ const BIGNUM *priv_key; -+ -+ DSA_get0_key(key->dsa, NULL, &priv_key); -+ if ((r = sshbuf_put_stringb(b, key->cert->certblob)) != 0 || -+ (r = sshbuf_put_bignum2(b, priv_key)) != 0) -+ goto out; -+ } - break; - # ifdef OPENSSL_HAS_ECC - case KEY_ECDSA: -@@ -2940,18 +3088,51 @@ sshkey_private_deserialize(struct sshbuf - r = SSH_ERR_ALLOC_FAIL; - goto out; - } -- if ((r = sshbuf_get_bignum2(buf, k->dsa->p)) != 0 || -- (r = sshbuf_get_bignum2(buf, k->dsa->q)) != 0 || -- (r = sshbuf_get_bignum2(buf, k->dsa->g)) != 0 || -- (r = sshbuf_get_bignum2(buf, k->dsa->pub_key)) != 0 || -- (r = sshbuf_get_bignum2(buf, k->dsa->priv_key)) != 0) -- goto out; -+ { -+ BIGNUM *p, *q, *g, *pub_key, *priv_key; -+ -+ p = BN_new(); -+ q = BN_new(); -+ g = BN_new(); -+ pub_key = BN_new(); -+ priv_key = BN_new(); -+ if (p == NULL || q == NULL || g == NULL || -+ pub_key == NULL || priv_key == NULL || -+ (r = sshbuf_get_bignum2(buf, p)) != 0 || -+ (r = sshbuf_get_bignum2(buf, q)) != 0 || -+ (r = sshbuf_get_bignum2(buf, g)) != 0 || -+ (r = sshbuf_get_bignum2(buf, pub_key)) != 0 || -+ (r = sshbuf_get_bignum2(buf, priv_key)) != 0 || -+ (r = ((DSA_set0_pqg(k->dsa, p, q, g) == 0) -+ ? SSH_ERR_LIBCRYPTO_ERROR : 0)) != 0) { -+ BN_free(p); -+ BN_free(q); -+ BN_free(g); -+ BN_free(pub_key); -+ BN_free(priv_key); -+ goto out; -+ } -+ if (DSA_set0_key(k->dsa, pub_key, priv_key) == 0) { -+ r = SSH_ERR_LIBCRYPTO_ERROR; -+ BN_free(pub_key); -+ BN_free(priv_key); -+ goto out; -+ } -+ } - break; -- case KEY_DSA_CERT: -- if ((r = sshkey_froms(buf, &k)) != 0 || -- (r = sshkey_add_private(k)) != 0 || -- (r = sshbuf_get_bignum2(buf, k->dsa->priv_key)) != 0) -- goto out; -+ case KEY_DSA_CERT: { -+ BIGNUM *priv_key = BN_new(); -+ -+ if (priv_key == NULL || -+ (r = sshkey_froms(buf, &k)) != 0 || -+ (r = sshkey_add_private(k)) != 0 || -+ (r = sshbuf_get_bignum2(buf, priv_key)) != 0 || -+ (r = ((DSA_set0_key(k->dsa, NULL, priv_key) == 0) -+ ? SSH_ERR_LIBCRYPTO_ERROR : 0)) != 0) { -+ BN_free(priv_key); -+ goto out; -+ } -+ } - break; - # ifdef OPENSSL_HAS_ECC - case KEY_ECDSA: -@@ -3010,29 +3191,89 @@ sshkey_private_deserialize(struct sshbuf - r = SSH_ERR_ALLOC_FAIL; - goto out; - } -- if ((r = sshbuf_get_bignum2(buf, k->rsa->n)) != 0 || -- (r = sshbuf_get_bignum2(buf, k->rsa->e)) != 0 || -- (r = sshbuf_get_bignum2(buf, k->rsa->d)) != 0 || -- (r = sshbuf_get_bignum2(buf, k->rsa->iqmp)) != 0 || -- (r = sshbuf_get_bignum2(buf, k->rsa->p)) != 0 || -- (r = sshbuf_get_bignum2(buf, k->rsa->q)) != 0 || -- (r = ssh_rsa_generate_additional_parameters(k)) != 0) -- goto out; -- if (BN_num_bits(k->rsa->n) < SSH_RSA_MINIMUM_MODULUS_SIZE) { -+ { -+ BIGNUM *n, *e, *d, *iqmp, *p, *q; -+ -+ n = BN_new(); -+ e = BN_new(); -+ d = BN_new(); -+ iqmp = BN_new(); -+ p = BN_new(); -+ q = BN_new(); -+ -+ if (n == NULL || e == NULL || d == NULL || -+ iqmp == NULL || p == NULL || q == NULL || -+ (r = sshbuf_get_bignum2(buf, n)) != 0 || -+ (r = sshbuf_get_bignum2(buf, e)) != 0 || -+ (r = sshbuf_get_bignum2(buf, d)) != 0 || -+ (r = sshbuf_get_bignum2(buf, iqmp)) != 0 || -+ (r = sshbuf_get_bignum2(buf, p)) != 0 || -+ (r = sshbuf_get_bignum2(buf, q)) != 0 || -+ (r = ((RSA_set0_key(k->rsa, n, e, d) == 0) -+ ? SSH_ERR_LIBCRYPTO_ERROR : 0)) != 0) { -+ BN_free(n); -+ BN_free(e); -+ BN_free(d); -+ BN_free(iqmp); -+ BN_free(p); -+ BN_free(q); -+ goto out; -+ } -+ if (RSA_set0_factors(k->rsa, p, q) == 0) { -+ r = SSH_ERR_LIBCRYPTO_ERROR; -+ BN_free(iqmp); -+ BN_free(p); -+ BN_free(q); -+ goto out; -+ } -+ if ((r = ssh_rsa_generate_additional_parameters(k, iqmp)) != 0) { -+ BN_free(iqmp); -+ goto out; -+ } -+ } -+ if (RSA_bits(k->rsa) < SSH_RSA_MINIMUM_MODULUS_SIZE) { - r = SSH_ERR_KEY_LENGTH; - goto out; - } - break; -- case KEY_RSA_CERT: -- if ((r = sshkey_froms(buf, &k)) != 0 || -- (r = sshkey_add_private(k)) != 0 || -- (r = sshbuf_get_bignum2(buf, k->rsa->d)) != 0 || -- (r = sshbuf_get_bignum2(buf, k->rsa->iqmp)) != 0 || -- (r = sshbuf_get_bignum2(buf, k->rsa->p)) != 0 || -- (r = sshbuf_get_bignum2(buf, k->rsa->q)) != 0 || -- (r = ssh_rsa_generate_additional_parameters(k)) != 0) -- goto out; -- if (BN_num_bits(k->rsa->n) < SSH_RSA_MINIMUM_MODULUS_SIZE) { -+ case KEY_RSA_CERT: { -+ BIGNUM *d, *iqmp, *p, *q; -+ -+ /* N and E are already set so make sure we will not overwrite them */ -+ d = BN_new(); -+ iqmp = BN_new(); -+ p = BN_new(); -+ q = BN_new(); -+ -+ if (d == NULL || iqmp == NULL || p == NULL || -+ q == NULL || -+ (r = sshkey_froms(buf, &k)) != 0 || -+ (r = sshkey_add_private(k)) != 0 || -+ (r = sshbuf_get_bignum2(buf, d)) != 0 || -+ (r = sshbuf_get_bignum2(buf, iqmp)) != 0 || -+ (r = sshbuf_get_bignum2(buf, p)) != 0 || -+ (r = sshbuf_get_bignum2(buf, q)) != 0 || -+ (r = ((RSA_set0_key(k->rsa, NULL, NULL, d) == 0) -+ ? SSH_ERR_LIBCRYPTO_ERROR : 0)) != 0) { -+ BN_free(d); -+ BN_free(iqmp); -+ BN_free(p); -+ BN_free(q); -+ goto out; -+ } -+ if (RSA_set0_factors(k->rsa, p, q) == 0) { -+ r = SSH_ERR_LIBCRYPTO_ERROR; -+ BN_free(p); -+ BN_free(q); -+ goto out; -+ } -+ if (ssh_rsa_generate_additional_parameters(k, iqmp) != 0) { -+ r = SSH_ERR_LIBCRYPTO_ERROR; -+ free(iqmp); -+ goto out; -+ } -+ } -+ if (RSA_bits(k->rsa) < SSH_RSA_MINIMUM_MODULUS_SIZE) { - r = SSH_ERR_KEY_LENGTH; - goto out; - } -@@ -3796,7 +4037,9 @@ translate_libcrypto_error(unsigned long - switch (pem_reason) { - case EVP_R_BAD_DECRYPT: - return SSH_ERR_KEY_WRONG_PASSPHRASE; -+#ifdef EVP_R_BN_DECODE_ERROR - case EVP_R_BN_DECODE_ERROR: -+#endif - case EVP_R_DECODE_ERROR: - #ifdef EVP_R_PRIVATE_KEY_DECODE_ERROR - case EVP_R_PRIVATE_KEY_DECODE_ERROR: -@@ -3861,7 +4104,7 @@ sshkey_parse_private_pem_fileblob(struct - r = convert_libcrypto_error(); - goto out; - } -- if (pk->type == EVP_PKEY_RSA && -+ if (EVP_PKEY_id(pk) == EVP_PKEY_RSA && - (type == KEY_UNSPEC || type == KEY_RSA)) { - if ((prv = sshkey_new(KEY_UNSPEC)) == NULL) { - r = SSH_ERR_ALLOC_FAIL; -@@ -3876,11 +4119,11 @@ sshkey_parse_private_pem_fileblob(struct - r = SSH_ERR_LIBCRYPTO_ERROR; - goto out; - } -- if (BN_num_bits(prv->rsa->n) < SSH_RSA_MINIMUM_MODULUS_SIZE) { -+ if (RSA_bits(prv->rsa) < SSH_RSA_MINIMUM_MODULUS_SIZE) { - r = SSH_ERR_KEY_LENGTH; - goto out; - } -- } else if (pk->type == EVP_PKEY_DSA && -+ } else if (EVP_PKEY_id(pk) == EVP_PKEY_DSA && - (type == KEY_UNSPEC || type == KEY_DSA)) { - if ((prv = sshkey_new(KEY_UNSPEC)) == NULL) { - r = SSH_ERR_ALLOC_FAIL; -@@ -3892,7 +4135,7 @@ sshkey_parse_private_pem_fileblob(struct - DSA_print_fp(stderr, prv->dsa, 8); - #endif - #ifdef OPENSSL_HAS_ECC -- } else if (pk->type == EVP_PKEY_EC && -+ } else if (EVP_PKEY_id(pk) == EVP_PKEY_EC && - (type == KEY_UNSPEC || type == KEY_ECDSA)) { - if ((prv = sshkey_new(KEY_UNSPEC)) == NULL) { - r = SSH_ERR_ALLOC_FAIL; -Index: openssh-7.8p1/sshkey.h -=================================================================== ---- openssh-7.8p1.orig/sshkey.h -+++ openssh-7.8p1/sshkey.h -@@ -220,7 +220,7 @@ int sshkey_parse_private_fileblob_type(s - const char *passphrase, struct sshkey **keyp, char **commentp); - - /* XXX should be internal, but used by ssh-keygen */ --int ssh_rsa_generate_additional_parameters(struct sshkey *); -+int ssh_rsa_generate_additional_parameters(struct sshkey *, BIGNUM *iqmp); - - /* stateful keys (e.g. XMSS) */ - #ifdef NO_ATTRIBUTE_ON_PROTOTYPE_ARGS -Index: openssh-7.8p1/ssh.c -=================================================================== ---- openssh-7.8p1.orig/ssh.c -+++ openssh-7.8p1/ssh.c -@@ -1332,6 +1332,7 @@ main(int ac, char **av) - (char *)NULL); - free(cp); - } -+ free(host_arg); - - if (config_test) { - dump_client_config(&options, host); -Index: openssh-7.8p1/gss-serv.c -=================================================================== ---- openssh-7.8p1.orig/gss-serv.c -+++ openssh-7.8p1/gss-serv.c -@@ -148,7 +148,8 @@ ssh_gssapi_server_mechanisms() { - if (supported_oids == NULL) - ssh_gssapi_prepare_supported_oids(); - return (ssh_gssapi_kex_mechs(supported_oids, -- &ssh_gssapi_server_check_mech, NULL, NULL)); -+ ssh_gssapi_server_check_mech, NULL, NULL, -+ options.gss_kex_algorithms)); - } - - /* Unprivileged */ -Index: openssh-7.8p1/kex.c -=================================================================== ---- openssh-7.8p1.orig/kex.c -+++ openssh-7.8p1/kex.c -@@ -49,6 +49,7 @@ - #include "misc.h" - #include "dispatch.h" - #include "monitor.h" -+#include "xmalloc.h" - - #include "ssherr.h" - #include "sshbuf.h" -@@ -359,6 +360,28 @@ kex_assemble_names(char **listp, const c - return r; - } - -+/* Validate GSS KEX method name list */ -+int -+gss_kex_names_valid(const char *names) -+{ -+ char *s, *cp, *p; -+ if (names == NULL || *names == '\0') -+ return 0; -+ s = cp = xstrdup(names); -+ for ((p = strsep(&cp, ",")); p && *p != '\0'; -+ (p = strsep(&cp, ","))) { -+ if (strncmp(p, "gss-", 4) != 0 -+ || kex_alg_by_name(p) == NULL) { -+ error("Unsupported KEX algorithm \"%.100s\"", p); -+ free(s); -+ return 0; -+ } -+ } -+ debug3("gss kex names ok: [%s]", names); -+ free(s); -+ return 1; -+} -+ - /* put algorithm proposal into buffer */ - int - kex_prop2buf(struct sshbuf *b, char *proposal[PROPOSAL_MAX]) -@@ -795,7 +818,7 @@ choose_mac(struct ssh *ssh, struct sshma - #ifdef SSH_AUDIT_EVENTS - audit_unsupported(SSH_AUDIT_UNSUPPORTED_MAC); - #endif -- return SSH_ERR_NO_MAC_ALG_MATCH; -+ return SSH_ERR_NO_MAC_ALG_MATCH; - } - if (mac_setup(mac, name) < 0) { - free(name); -Index: openssh-7.8p1/kex.h -=================================================================== ---- openssh-7.8p1.orig/kex.h -+++ openssh-7.8p1/kex.h -@@ -182,6 +182,7 @@ int kex_names_valid(const char *); - char *kex_alg_list(char); - char *kex_names_cat(const char *, const char *); - int kex_assemble_names(char **, const char *, const char *); -+int gss_kex_names_valid(const char *); - - int kex_new(struct ssh *, char *[PROPOSAL_MAX], struct kex **); - int kex_setup(struct ssh *, char *[PROPOSAL_MAX]); -Index: openssh-7.8p1/readconf.c -=================================================================== ---- openssh-7.8p1.orig/readconf.c -+++ openssh-7.8p1/readconf.c -@@ -69,6 +69,7 @@ - #include "digest.h" - #include "dh.h" - #include "fips.h" -+#include "ssh-gss.h" - - /* Format of the configuration file: - -@@ -164,7 +165,7 @@ typedef enum { - oEnableSSHKeysign, oRekeyLimit, oVerifyHostKeyDNS, oConnectTimeout, - oAddressFamily, oGssAuthentication, oGssDelegateCreds, - oGssTrustDns, oGssKeyEx, oGssClientIdentity, oGssRenewalRekey, -- oGssServerIdentity, -+ oGssServerIdentity, oGssKexAlgorithms, - oServerAliveInterval, oServerAliveCountMax, oIdentitiesOnly, - oSendEnv, oSetEnv, oControlPath, oControlMaster, oControlPersist, - oHashKnownHosts, -@@ -211,6 +212,7 @@ static struct { - { "gssapiclientidentity", oGssClientIdentity }, - { "gssapiserveridentity", oGssServerIdentity }, - { "gssapirenewalforcesrekey", oGssRenewalRekey }, -+ { "gssapikexalgorithms", oGssKexAlgorithms }, - # else - { "gssapiauthentication", oUnsupported }, - { "gssapikeyexchange", oUnsupported }, -@@ -219,6 +221,7 @@ static struct { - { "gssapiclientidentity", oUnsupported }, - { "gssapiserveridentity", oUnsupported }, - { "gssapirenewalforcesrekey", oUnsupported }, -+ { "gssapikexalgorithms", oUnsupported }, - #endif - #ifdef ENABLE_PKCS11 - { "smartcarddevice", oPKCS11Provider }, -@@ -1015,6 +1018,18 @@ parse_time: - intptr = &options->gss_renewal_rekey; - goto parse_flag; - -+ case oGssKexAlgorithms: -+ arg = strdelim(&s); -+ if (!arg || *arg == '\0') -+ fatal("%.200s line %d: Missing argument.", -+ filename, linenum); -+ if (!gss_kex_names_valid(arg)) -+ fatal("%.200s line %d: Bad GSSAPI KexAlgorithms '%s'.", -+ filename, linenum, arg ? arg : ""); -+ if (*activep && options->gss_kex_algorithms == NULL) -+ options->gss_kex_algorithms = xstrdup(arg); -+ break; -+ - case oBatchMode: - intptr = &options->batch_mode; - goto parse_flag; -@@ -1879,9 +1894,10 @@ initialize_options(Options * options) - options->gss_keyex = -1; - options->gss_deleg_creds = -1; - options->gss_trust_dns = -1; -- options->gss_renewal_rekey = -1; -- options->gss_client_identity = NULL; -- options->gss_server_identity = NULL; -+ options->gss_renewal_rekey = -1; -+ options->gss_client_identity = NULL; -+ options->gss_server_identity = NULL; -+ options->gss_kex_algorithms = NULL; - options->password_authentication = -1; - options->kbd_interactive_authentication = -1; - options->kbd_interactive_devices = NULL; -@@ -2035,6 +2051,10 @@ fill_default_options(Options * options) - options->gss_trust_dns = 0; - if (options->gss_renewal_rekey == -1) - options->gss_renewal_rekey = 0; -+#ifdef GSSAPI -+ if (options->gss_kex_algorithms == NULL) -+ options->gss_kex_algorithms = strdup(GSS_KEX_DEFAULT_KEX); -+#endif - if (options->password_authentication == -1) - options->password_authentication = 1; - if (options->kbd_interactive_authentication == -1) -Index: openssh-7.8p1/readconf.h -=================================================================== ---- openssh-7.8p1.orig/readconf.h -+++ openssh-7.8p1/readconf.h -@@ -46,6 +46,7 @@ typedef struct { - int gss_renewal_rekey; /* Credential renewal forces rekey */ - char *gss_client_identity; /* Principal to initiate GSSAPI with */ - char *gss_server_identity; /* GSSAPI target principal */ -+ char *gss_kex_algorithms; /* GSSAPI kex methods to be offered by client. */ - int password_authentication; /* Try password - * authentication. */ - int kbd_interactive_authentication; /* Try keyboard-interactive auth. */ -Index: openssh-7.8p1/servconf.c -=================================================================== ---- openssh-7.8p1.orig/servconf.c -+++ openssh-7.8p1/servconf.c -@@ -64,6 +64,7 @@ - #include "auth.h" - #include "myproposal.h" - #include "digest.h" -+#include "ssh-gss.h" - #include "dh.h" - #include "fips.h" - -@@ -134,6 +135,7 @@ initialize_server_options(ServerOptions - options->gss_cleanup_creds = -1; - options->gss_strict_acceptor = -1; - options->gss_store_rekey = -1; -+ options->gss_kex_algorithms = NULL; - options->password_authentication = -1; - options->kbd_interactive_authentication = -1; - options->challenge_response_authentication = -1; -@@ -379,6 +381,10 @@ fill_default_server_options(ServerOption - options->gss_strict_acceptor = 1; - if (options->gss_store_rekey == -1) - options->gss_store_rekey = 0; -+#ifdef GSSAPI -+ if (options->gss_kex_algorithms == NULL) -+ options->gss_kex_algorithms = strdup(GSS_KEX_DEFAULT_KEX); -+#endif - if (options->password_authentication == -1) - options->password_authentication = 1; - if (options->kbd_interactive_authentication == -1) -@@ -525,8 +531,7 @@ typedef enum { - sHostKeyAlgorithms, - sClientAliveInterval, sClientAliveCountMax, sAuthorizedKeysFile, - sGssAuthentication, sGssCleanupCreds, sGssStrictAcceptor, -- sGssKeyEx, sGssStoreRekey, -- sAcceptEnv, sSetEnv, sPermitTunnel, -+ sGssKeyEx, sGssStoreRekey, sGssKexAlgorithms, sAcceptEnv, sSetEnv, sPermitTunnel, - sMatch, sPermitOpen, sPermitListen, sForceCommand, sChrootDirectory, - sUsePrivilegeSeparation, sAllowAgentForwarding, - sHostCertificate, -@@ -605,12 +610,14 @@ static struct { - { "gssapistrictacceptorcheck", sGssStrictAcceptor, SSHCFG_GLOBAL }, - { "gssapikeyexchange", sGssKeyEx, SSHCFG_GLOBAL }, - { "gssapistorecredentialsonrekey", sGssStoreRekey, SSHCFG_GLOBAL }, -+ { "gssapikexalgorithms", sGssKexAlgorithms, SSHCFG_GLOBAL }, - #else - { "gssapiauthentication", sUnsupported, SSHCFG_ALL }, - { "gssapicleanupcredentials", sUnsupported, SSHCFG_GLOBAL }, - { "gssapistrictacceptorcheck", sUnsupported, SSHCFG_GLOBAL }, - { "gssapikeyexchange", sUnsupported, SSHCFG_GLOBAL }, - { "gssapistorecredentialsonrekey", sUnsupported, SSHCFG_GLOBAL }, -+ { "gssapikexalgorithms", sUnsupported, SSHCFG_GLOBAL }, - #endif - { "gssusesessionccache", sUnsupported, SSHCFG_GLOBAL }, - { "gssapiusesessioncredcache", sUnsupported, SSHCFG_GLOBAL }, -@@ -1532,6 +1539,18 @@ process_server_config_line(ServerOptions - intptr = &options->gss_store_rekey; - goto parse_flag; - -+ case sGssKexAlgorithms: -+ arg = strdelim(&cp); -+ if (!arg || *arg == '\0') -+ fatal("%.200s line %d: Missing argument.", -+ filename, linenum); -+ if (!gss_kex_names_valid(arg)) -+ fatal("%.200s line %d: Bad GSSAPI KexAlgorithms '%s'.", -+ filename, linenum, arg ? arg : ""); -+ if (*activep && options->gss_kex_algorithms == NULL) -+ options->gss_kex_algorithms = xstrdup(arg); -+ break; -+ - case sPasswordAuthentication: - intptr = &options->password_authentication; - goto parse_flag; -@@ -2629,6 +2648,7 @@ dump_config(ServerOptions *o) - dump_cfg_fmtint(sGssCleanupCreds, o->gss_cleanup_creds); - dump_cfg_fmtint(sGssStrictAcceptor, o->gss_strict_acceptor); - dump_cfg_fmtint(sGssStoreRekey, o->gss_store_rekey); -+ dump_cfg_string(sGssKexAlgorithms, o->gss_kex_algorithms); - #endif - dump_cfg_fmtint(sPasswordAuthentication, o->password_authentication); - dump_cfg_fmtint(sKbdInteractiveAuthentication, -Index: openssh-7.8p1/servconf.h -=================================================================== ---- openssh-7.8p1.orig/servconf.h -+++ openssh-7.8p1/servconf.h -@@ -131,6 +131,7 @@ typedef struct { - int gss_cleanup_creds; /* If true, destroy cred cache on logout */ - int gss_strict_acceptor; /* If true, restrict the GSSAPI acceptor name */ - int gss_store_rekey; -+ char *gss_kex_algorithms; /* GSSAPI kex methods to be offered by client. */ - int password_authentication; /* If true, permit password - * authentication. */ - int kbd_interactive_authentication; /* If true, permit */ -Index: openssh-7.8p1/ssh-gss.h -=================================================================== ---- openssh-7.8p1.orig/ssh-gss.h -+++ openssh-7.8p1/ssh-gss.h -@@ -72,6 +72,10 @@ - #define KEX_GSS_GRP14_SHA1_ID "gss-group14-sha1-" - #define KEX_GSS_GEX_SHA1_ID "gss-gex-sha1-" - -+#define GSS_KEX_DEFAULT_KEX \ -+ KEX_GSS_GEX_SHA1_ID "," \ -+ KEX_GSS_GRP14_SHA1_ID -+ - typedef struct { - char *filename; - char *envvar; -@@ -148,7 +152,7 @@ int ssh_gssapi_credentials_updated(Gssct - typedef int ssh_gssapi_check_fn(Gssctxt **, gss_OID, const char *, const char *); - char *ssh_gssapi_client_mechanisms(const char *, const char *, const char *); - char *ssh_gssapi_kex_mechs(gss_OID_set, ssh_gssapi_check_fn *, const char *, -- const char *); -+ const char *, const char *); - gss_OID ssh_gssapi_id_kex(Gssctxt *, char *, int); - int ssh_gssapi_server_check_mech(Gssctxt **, gss_OID, const char *, const char *); - OM_uint32 ssh_gssapi_server_ctx(Gssctxt **, gss_OID); -Index: openssh-7.8p1/ssh.1 -=================================================================== ---- openssh-7.8p1.orig/ssh.1 -+++ openssh-7.8p1/ssh.1 -@@ -489,6 +489,7 @@ For full details of the options listed b - .It GlobalKnownHostsFile - .It GSSAPIAuthentication - .It GSSAPIDelegateCredentials -+.It GSSAPIKexAlgorithms - .It HashKnownHosts - .It Host - .It HostbasedAuthentication -Index: openssh-7.8p1/ssh_config.5 -=================================================================== ---- openssh-7.8p1.orig/ssh_config.5 -+++ openssh-7.8p1/ssh_config.5 -@@ -754,6 +754,18 @@ the name of the host being connected to. - command line will be passed untouched to the GSSAPI library. - The default is - .Dq no . -+.It Cm GSSAPIKexAlgorithms -+The list of key exchange algorithms that are offered for GSSAPI -+key exchange. Possible values are -+.Bd -literal -offset 3n -+gss-gex-sha1-, -+gss-group1-sha1-, -+gss-group14-sha1- -+.Ed -+.Pp -+The default is -+.Dq gss-gex-sha1-,gss-group14-sha1- . -+This option only applies to protocol version 2 connections using GSSAPI. - .It Cm HashKnownHosts - Indicates that - .Xr ssh 1 -Index: openssh-7.8p1/sshconnect2.c -=================================================================== ---- openssh-7.8p1.orig/sshconnect2.c -+++ openssh-7.8p1/sshconnect2.c -@@ -301,8 +301,9 @@ ssh_kex2(char *host, struct sockaddr *ho - else - gss_host = host; - -- gss = ssh_gssapi_client_mechanisms(gss_host, options.gss_client_identity, -- options.kex_algorithms); -+ gss = ssh_gssapi_client_mechanisms(gss_host, -+ options.gss_client_identity, -+ options.kex_algorithms); - if (gss) { - debug("Offering GSSAPI proposal: %s", gss); - xasprintf(&options.kex_algorithms, -Index: openssh-7.8p1/sshd_config.5 -=================================================================== ---- openssh-7.8p1.orig/sshd_config.5 -+++ openssh-7.8p1/sshd_config.5 -@@ -668,6 +668,18 @@ Controls whether the user's GSSAPI crede - successful connection rekeying. This option can be used to accepted renewed - or updated credentials from a compatible client. The default is - .Dq no . -+.It Cm GSSAPIKexAlgorithms -+The list of key exchange algorithms that are accepted by GSSAPI -+key exchange. Possible values are -+.Bd -literal -offset 3n -+gss-gex-sha1-, -+gss-group1-sha1-, -+gss-group14-sha1- -+.Ed -+.Pp -+The default is -+.Dq gss-gex-sha1-,gss-group14-sha1- . -+This option only applies to protocol version 2 connections using GSSAPI. - .It Cm HostbasedAcceptedKeyTypes - Specifies the key types that will be accepted for hostbased authentication - as a list of comma-separated patterns. diff --git a/openssh-7.7p1-seccomp_ipc_flock.patch b/openssh-7.7p1-seccomp_ipc_flock.patch index 4607628..2191edb 100644 --- a/openssh-7.7p1-seccomp_ipc_flock.patch +++ b/openssh-7.7p1-seccomp_ipc_flock.patch @@ -15,15 +15,11 @@ this is only need on s390 architecture. Signed-off-by: Eduardo Barretto -diff --git a/openssh-7.7p1/sandbox-seccomp-filter.c b/openssh-7.7p1/sandbox-seccomp-filter.c ---- openssh-7.7p1/sandbox-seccomp-filter.c -+++ openssh-7.7p1/sandbox-seccomp-filter.c -@@ -167,16 +167,19 @@ static const struct sock_filter preauth_ - SC_ALLOW(__NR_exit_group), - #endif - #ifdef __NR_geteuid - SC_ALLOW(__NR_geteuid), - #endif +Index: openssh-7.9p1/sandbox-seccomp-filter.c +=================================================================== +--- openssh-7.9p1.orig/sandbox-seccomp-filter.c ++++ openssh-7.9p1/sandbox-seccomp-filter.c +@@ -175,6 +175,9 @@ static const struct sock_filter preauth_ #ifdef __NR_geteuid32 SC_ALLOW(__NR_geteuid32), #endif @@ -33,17 +29,7 @@ diff --git a/openssh-7.7p1/sandbox-seccomp-filter.c b/openssh-7.7p1/sandbox-secc #ifdef __NR_getpgid SC_ALLOW(__NR_getpgid), #endif - #ifdef __NR_getpid - SC_ALLOW(__NR_getpid), - #endif - #ifdef __NR_getrandom - SC_ALLOW(__NR_getrandom), -@@ -185,16 +188,19 @@ static const struct sock_filter preauth_ - SC_ALLOW(__NR_gettimeofday), - #endif - #ifdef __NR_getuid - SC_ALLOW(__NR_getuid), - #endif +@@ -193,6 +196,9 @@ static const struct sock_filter preauth_ #ifdef __NR_getuid32 SC_ALLOW(__NR_getuid32), #endif @@ -53,8 +39,3 @@ diff --git a/openssh-7.7p1/sandbox-seccomp-filter.c b/openssh-7.7p1/sandbox-secc #ifdef __NR_madvise SC_ALLOW(__NR_madvise), #endif - #ifdef __NR_mmap - SC_ALLOW(__NR_mmap), - #endif - #ifdef __NR_mmap2 - SC_ALLOW(__NR_mmap2), diff --git a/openssh-7.7p1-sftp_force_permissions.patch b/openssh-7.7p1-sftp_force_permissions.patch index 31f2113..9f313c9 100644 --- a/openssh-7.7p1-sftp_force_permissions.patch +++ b/openssh-7.7p1-sftp_force_permissions.patch @@ -1,123 +1,100 @@ -# HG changeset patch -# Parent 37bba3ff816d9ab93ddcf23389a4eb29d7716006 -additional option for sftp-server to force file mode for new files -FATE#312774 -http://lists.mindrot.org/pipermail/openssh-unix-dev/2010-November/029044.html -http://marc.info/?l=openssh-unix-dev&m=128896838930893 - -diff --git a/openssh-7.7p1/sftp-server.8 b/openssh-7.7p1/sftp-server.8 ---- openssh-7.7p1/sftp-server.8 -+++ openssh-7.7p1/sftp-server.8 -@@ -33,16 +33,17 @@ - .Bk -words - .Op Fl ehR - .Op Fl d Ar start_directory - .Op Fl f Ar log_facility - .Op Fl l Ar log_level +--- original/sftp-server.8 2016-12-19 04:59:41.000000000 +0000 ++++ original/sftp-server.8 2017-11-23 08:47:01.267239186 +0000 +@@ -38,6 +38,7 @@ .Op Fl P Ar blacklisted_requests .Op Fl p Ar whitelisted_requests .Op Fl u Ar umask -+.Op Fl m Ar force_file_permissions ++.Op Fl m Ar force_file_dir_perms .Ek .Nm .Fl Q Ar protocol_feature - .Sh DESCRIPTION - .Nm - is a program that speaks the server side of SFTP protocol - to stdout and expects client requests from stdin. - .Nm -@@ -133,16 +134,20 @@ Places this instance of - into a read-only mode. - Attempts to open files for writing, as well as other operations that change - the state of the filesystem, will be denied. - .It Fl u Ar umask - Sets an explicit +@@ -138,6 +139,10 @@ .Xr umask 2 to be applied to newly-created files and directories, instead of the user's default mask. -+.It Fl m Ar force_file_permissions -+Sets explicit file permissions to be applied to newly-created files instead -+of the default or client requested mode. Numeric values include: ++.It Fl m Ar force_file_dir_perms ++Sets explicit permissions to be applied to newly-created files and directories ++instead of the default or client requested mode. Numeric values include: +777, 755, 750, 666, 644, 640, etc. Option -u is ineffective if -m is set. .El .Pp On some systems, - .Nm - must be able to access - .Pa /dev/log - for logging to work, and use of - .Nm -diff --git a/openssh-7.7p1/sftp-server.c b/openssh-7.7p1/sftp-server.c ---- openssh-7.7p1/sftp-server.c -+++ openssh-7.7p1/sftp-server.c -@@ -71,16 +71,20 @@ static u_int version; - static int init_done; +--- original/sftp-server.c 2016-12-19 04:59:41.000000000 +0000 ++++ original/sftp-server.c 2017-11-23 13:07:08.481765581 +0000 +@@ -65,6 +65,10 @@ + /* Version of client */ + static u_int version; - /* Disable writes */ - static int readonly; - - /* Requests that are allowed/denied */ - static char *request_whitelist, *request_blacklist; - -+/* Force file permissions */ ++/* Force file and directory permissions */ +int permforce = 0; +long permforcemode; + - /* portable attributes, etc. */ - typedef struct Stat Stat; + /* SSH2_FXP_INIT received */ + static int init_done; - struct Stat { +@@ -679,6 +683,7 @@ + Attrib a; char *name; - char *long_name; - Attrib attrib; - }; -@@ -685,16 +689,20 @@ process_open(u_int32_t id) + int r, handle, fd, flags, mode, status = SSH2_FX_FAILURE; ++ mode_t old_umask = 0; + if ((r = sshbuf_get_cstring(iqueue, &name, NULL)) != 0 || (r = sshbuf_get_u32(iqueue, &pflags)) != 0 || /* portable flags */ - (r = decode_attrib(iqueue, &a)) != 0) - fatal("%s: buffer error: %s", __func__, ssh_err(r)); - +@@ -688,6 +693,10 @@ debug3("request %u: open flags %d", id, pflags); flags = flags_from_portable(pflags); mode = (a.flags & SSH2_FILEXFER_ATTR_PERMISSIONS) ? a.perm : 0666; -+ if (permforce == 1) { ++ if (permforce == 1) { /* Force perm if -m is set */ + mode = permforcemode; -+ (void)umask(0); /* so umask does not interfere */ ++ old_umask = umask(0); /* so umask does not interfere */ + } logit("open \"%s\" flags %s mode 0%o", name, string_from_portable(pflags), mode); if (readonly && - ((flags & O_ACCMODE) != O_RDONLY || - (flags & (O_CREAT|O_TRUNC)) != 0)) { - verbose("Refusing open request in read-only mode"); - status = SSH2_FX_PERMISSION_DENIED; - } else { -@@ -1487,17 +1495,18 @@ sftp_server_cleanup_exit(int i) - static void - sftp_server_usage(void) - { - extern char *__progname; +@@ -709,6 +718,8 @@ + } + } + } ++ if (permforce == 1) ++ (void) umask(old_umask); /* restore umask to something sane */ + if (status != SSH2_FX_OK) + send_status(id, status); + free(name); +@@ -1110,6 +1121,7 @@ + Attrib a; + char *name; + int r, mode, status = SSH2_FX_FAILURE; ++ mode_t old_umask = 0; + if ((r = sshbuf_get_cstring(iqueue, &name, NULL)) != 0 || + (r = decode_attrib(iqueue, &a)) != 0) +@@ -1117,9 +1129,16 @@ + + mode = (a.flags & SSH2_FILEXFER_ATTR_PERMISSIONS) ? + a.perm & 07777 : 0777; ++ if (permforce == 1) { /* Force perm if -m is set */ ++ mode = permforcemode; ++ old_umask = umask(0); /* so umask does not interfere */ ++ } ++ + debug3("request %u: mkdir", id); + logit("mkdir name \"%s\" mode 0%o", name, mode); + r = mkdir(name, mode); ++ if (permforce == 1) ++ (void) umask(old_umask); /* restore umask to something sane */ + status = (r == -1) ? errno_to_portable(errno) : SSH2_FX_OK; + send_status(id, status); + free(name); +@@ -1490,7 +1509,7 @@ fprintf(stderr, "usage: %s [-ehR] [-d start_directory] [-f log_facility] " "[-l log_level]\n\t[-P blacklisted_requests] " - "[-p whitelisted_requests] [-u umask]\n" -+ "[-p whitelisted_requests] [-u umask]\n\t" -+ "[-m force_file_permissions]\n" ++ "[-p whitelisted_requests] [-u umask] [-m force_file_dir_perms]\n" " %s -Q protocol_feature\n", __progname, __progname); exit(1); - } - - int - sftp_server_main(int argc, char **argv, struct passwd *user_pw) - { -@@ -1516,17 +1525,17 @@ sftp_server_main(int argc, char **argv, - - ssh_malloc_init(); /* must be called before any mallocs */ - __progname = ssh_get_progname(argv[0]); - log_init(__progname, log_level, log_facility, log_stderr); - +@@ -1516,7 +1535,7 @@ pw = pwcopy(user_pw); while (!skipargs && (ch = getopt(argc, argv, @@ -126,32 +103,19 @@ diff --git a/openssh-7.7p1/sftp-server.c b/openssh-7.7p1/sftp-server.c switch (ch) { case 'Q': if (strcasecmp(optarg, "requests") != 0) { - fprintf(stderr, "Invalid query type\n"); - exit(1); - } - for (i = 0; handlers[i].handler != NULL; i++) - printf("%s\n", handlers[i].name); -@@ -1576,16 +1585,23 @@ sftp_server_main(int argc, char **argv, - case 'u': - errno = 0; - mask = strtol(optarg, &cp, 8); - if (mask < 0 || mask > 0777 || *cp != '\0' || - cp == optarg || (mask == 0 && errno != 0)) +@@ -1576,6 +1595,15 @@ fatal("Invalid umask \"%s\"", optarg); (void)umask((mode_t)mask); break; + case 'm': ++ /* Force permissions on file and directory received via sftp */ + permforce = 1; + permforcemode = strtol(optarg, &cp, 8); -+ if (permforcemode < 0 || permforcemode > 0777 || *cp != '\0' || -+ cp == optarg || (permforcemode == 0 && errno != 0)) -+ fatal("Invalid umask \"%s\"", optarg); ++ if (permforcemode < 0 || permforcemode > 0777 || ++ *cp != '\0' || (permforcemode == 0 && ++ errno != 0)) ++ fatal("Invalid file mode \"%s\"", optarg); + break; case 'h': default: sftp_server_usage(); - } - } - - log_init(__progname, log_level, log_facility, log_stderr); - diff --git a/openssh-7.8p1.tar.gz b/openssh-7.8p1.tar.gz deleted file mode 100644 index 754639c..0000000 --- a/openssh-7.8p1.tar.gz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:1a484bb15152c183bb2514e112aa30dd34138c3cfb032eee5490a66c507144ca -size 1548026 diff --git a/openssh-7.8p1.tar.gz.asc b/openssh-7.8p1.tar.gz.asc deleted file mode 100644 index 9942bbf..0000000 --- a/openssh-7.8p1.tar.gz.asc +++ /dev/null @@ -1,14 +0,0 @@ ------BEGIN PGP SIGNATURE----- - -iQHDBAABCgAdFiEEWcIRjtIG2SfmZ+vj0+X1a22SDTAFAlt+Xa8ACgkQ0+X1a22S -DTAJPwx9HIW/obxNJYTU7M8trpalBekdl1SqUjxdDwInIsKTLSOpJCsnynBai/3c -SuvZkBwcKwZZFe+xCvRQDHkf/YYLT+d7slUQolb0OJmzFKbvu6xwuv7q12ag9hQj -/8BUfdYRKb63uemfKuVAHfcnUm9WlwSbif+Au/j1yg/MlETY47ezYA9/q75wignx -3g38JVHVgKDenDd8o9/hgjeQpEHKNdCQo71nN2h3MYRlh4xrR9ENZj7y8x65Kp1j -WoZEhlvjYkka4deSGwj2MIAJnzsc39uppEoEjkB7F9SUo4O7CxbWFein70Ct7Xbs -VDWXQibnJGHKatHIecaPLUYexGWO1XYNZErDhY7fPw0ChfMGbz3+0eDfDJqGY49r -Lo6wzsrgv2kDJMqwciT/D/Zb3ocHnCrq1Isnz/Ug2lW58LMk7Y1HisPteZFQ/pkC -xKeO+K1RkaRUSCrB5iToqF+7i8eRNVROYmkKLgKcMrC0WYEjnbEoFdr4bktAS9QM -BS6aIsh2cyg2H0FjDKmYvcKOUf0IgA== -=ZiYm ------END PGP SIGNATURE----- diff --git a/openssh-7.9p1.tar.gz b/openssh-7.9p1.tar.gz new file mode 100644 index 0000000..c60cf36 --- /dev/null +++ b/openssh-7.9p1.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:6b4b3ba2253d84ed3771c8050728d597c91cfce898713beb7b64a305b6f11aad +size 1565384 diff --git a/openssh-7.9p1.tar.gz.asc b/openssh-7.9p1.tar.gz.asc new file mode 100644 index 0000000..ced7989 --- /dev/null +++ b/openssh-7.9p1.tar.gz.asc @@ -0,0 +1,14 @@ +-----BEGIN PGP SIGNATURE----- + +iQHDBAABCgAdFiEEWcIRjtIG2SfmZ+vj0+X1a22SDTAFAlvJLhsACgkQ0+X1a22S +DTBjHwx/T3EX3EtCzB9I6zHFUgF2/0hEKVYZw2Yl4UbUvgjy/KdEdlJzdH3Hc/yU +jJZzraDY7nJMrCly734FbFGKsKoRkxWMkeuQGOhvpzgTYg+fOa1J0a14xK/ub9Y0 +9Z/4zP0Zs7mn+8MApMS3XOZ+AJgdRiXN9i3PXmbYO9Gcg+QthtgE1DeG0d0vVTP/ +ipCBBg8mMlAANdlu9IUCv4CJPwJjQt2aYsvCiuUQuzrKYsV5noCOBaGRbmPcN9SM +3cvSTZgDbK3kHdL1RnBgWpcO+o+D8sqSW2rm8xpCQv/ILo86/BLBjXDCYLEt0nSn ++dONPytwhwwJWPPYe7+RSYWHS2cKwVTDk7lr2E636SwU1fM1NiNYle9hB6cUT0nU +sypfHOIARAMSqepnaT3WgffM0jlEWrSB0PuDLTLTO5ZPmUijqqT6xGwWSUc4GQZY +WNyGg1w0Ryj2pRd7DlXDDivTCneXFqV7JZiR3R4ZXJJV0uVQOUitCS/DnwSDpIfp +HlVEWeRAszQFKLKttu0/4SY2NVrRBA== +=4Z9x +-----END PGP SIGNATURE----- diff --git a/openssh-askpass-gnome.changes b/openssh-askpass-gnome.changes index aa197b9..d45a82a 100644 --- a/openssh-askpass-gnome.changes +++ b/openssh-askpass-gnome.changes @@ -1,3 +1,10 @@ +------------------------------------------------------------------- +Mon Oct 22 08:59:02 UTC 2018 - Pedro Monreal Gonzalez + +- Version update to 7.9p1 + * No actual changes for the askpass + * See main package changelog for details + ------------------------------------------------------------------- Tue Oct 9 10:52:15 UTC 2018 - Tomáš Chvátal diff --git a/openssh-askpass-gnome.spec b/openssh-askpass-gnome.spec index 05039d0..a77086c 100644 --- a/openssh-askpass-gnome.spec +++ b/openssh-askpass-gnome.spec @@ -18,7 +18,7 @@ %define _name openssh Name: openssh-askpass-gnome -Version: 7.8p1 +Version: 7.9p1 Release: 0 Summary: A GNOME-Based Passphrase Dialog for OpenSSH License: BSD-2-Clause diff --git a/openssh-openssl-1_0_0-compatibility.patch b/openssh-openssl-1_0_0-compatibility.patch new file mode 100644 index 0000000..d715312 --- /dev/null +++ b/openssh-openssl-1_0_0-compatibility.patch @@ -0,0 +1,41 @@ +Index: openssh-7.9p1/openbsd-compat/openssl-compat.c +=================================================================== +--- openssh-7.9p1.orig/openbsd-compat/openssl-compat.c 2018-11-26 11:47:17.417925053 +0100 ++++ openssh-7.9p1/openbsd-compat/openssl-compat.c 2018-11-26 11:52:47.127727580 +0100 +@@ -76,7 +76,7 @@ ssh_OpenSSL_add_all_algorithms(void) + ENGINE_load_builtin_engines(); + ENGINE_register_all_complete(); + +-#if OPENSSL_VERSION_NUMBER < 0x10001000L ++#if OPENSSL_VERSION_NUMBER < 0x10100000L + OPENSSL_config(NULL); + #else + OPENSSL_init_crypto(OPENSSL_INIT_ADD_ALL_CIPHERS | +Index: openssh-7.9p1/gss-genr.c +=================================================================== +--- openssh-7.9p1.orig/gss-genr.c 2018-11-26 11:47:17.417925053 +0100 ++++ openssh-7.9p1/gss-genr.c 2018-11-26 12:01:40.354642746 +0100 +@@ -114,7 +114,11 @@ ssh_gssapi_kex_mechs(gss_OID_set gss_sup + if ((buf = sshbuf_new()) == NULL) + fatal("%s: sshbuf_new failed", __func__); + ++#if OPENSSL_VERSION_NUMBER < 0x10100000L ++ md = EVP_MD_CTX_create(); ++#else + md = EVP_MD_CTX_new(); ++#endif + oidpos = 0; + for (i = 0; i < gss_supported->count; i++) { + if (gss_supported->elements[i].length < 128 && +@@ -156,7 +160,11 @@ ssh_gssapi_kex_mechs(gss_OID_set gss_sup + oidpos++; + } + } ++#if OPENSSL_VERSION_NUMBER < 0x10100000L ++ EVP_MD_CTX_destroy(md); ++#else + EVP_MD_CTX_free(md); ++#endif + gss_enc2oid[oidpos].oid = NULL; + gss_enc2oid[oidpos].encoded = NULL; + diff --git a/openssh.changes b/openssh.changes index 366ef78..6fd31f7 100644 --- a/openssh.changes +++ b/openssh.changes @@ -1,3 +1,89 @@ +------------------------------------------------------------------- +Mon Nov 26 11:07:42 UTC 2018 - Vítězslav Čížek + +- Fix build with openssl < 1.1.0 + * add openssh-openssl-1_0_0-compatibility.patch + +------------------------------------------------------------------- +Wed Oct 31 00:27:41 UTC 2018 - Cristian Rodríguez + +- openssh-7.7p1-audit.patch: fix sshd fatal error in + mm_answer_keyverify: buffer error: incomplete message [bnc#1114008] + +------------------------------------------------------------------- +Mon Oct 22 08:51:30 UTC 2018 - Pedro Monreal Gonzalez + +- Version update to 7.9p1 + * ssh(1), sshd(8): the setting of the new CASignatureAlgorithms + option (see below) bans the use of DSA keys as certificate + authorities. + * sshd(8): the authentication success/failure log message has + changed format slightly. It now includes the certificate + fingerprint (previously it included only key ID and CA key + fingerprint). + * ssh(1), sshd(8): allow most port numbers to be specified using + service names from getservbyname(3) (typically /etc/services). + * sshd(8): support signalling sessions via the SSH protocol. + A limited subset of signals is supported and only for login or + command sessions (i.e. not subsystems) that were not subject to + a forced command via authorized_keys or sshd_config. bz#1424 + * ssh(1): support "ssh -Q sig" to list supported signature options. + Also "ssh -Q help" to show the full set of supported queries. + * ssh(1), sshd(8): add a CASignatureAlgorithms option for the + client and server configs to allow control over which signature + formats are allowed for CAs to sign certificates. For example, + this allows banning CAs that sign certificates using the RSA-SHA1 + signature algorithm. + * sshd(8), ssh-keygen(1): allow key revocation lists (KRLs) to + revoke keys specified by SHA256 hash. + * ssh-keygen(1): allow creation of key revocation lists directly + from base64-encoded SHA256 fingerprints. This supports revoking + keys using only the information contained in sshd(8) + authentication log messages. + +- Removed obsolete configuration option --with-tcp-wrappers, and + --with-opensc for s390 and s390x. + +- Removed patch merged upstream + * openssh-7.7p1-openssl_1.1.0.patch + +- Refreshed patches + * openssh-7.7p1-audit.patch + * openssh-7.7p1-disable_short_DH_parameters.patch + * openssh-7.7p1-fips.patch + * openssh-7.7p1-gssapi_key_exchange.patch + * openssh-7.7p1-seccomp_ipc_flock.patch + * openssh-7.7p1-cavstest-ctr.patch + * openssh-7.7p1-ldap.patch + +------------------------------------------------------------------- +Fri Oct 19 13:22:10 UTC 2018 - Tomáš Chvátal + +- Mention upstream bugs on multiple local patches +- Adjust service to not spam restart and reload only on fails + +------------------------------------------------------------------- +Fri Oct 19 13:11:34 UTC 2018 - Tomáš Chvátal + +- Update openssh-7.7p1-sftp_force_permissions.patch from the + upstream bug, and mention the bug in the spec + +------------------------------------------------------------------- +Fri Oct 19 08:36:52 UTC 2018 - Tomáš Chvátal + +- Drop patch openssh-7.7p1-allow_root_password_login.patch + * There is no reason to set less secure default value, if + users need the behaviour they can still set it up themselves +- Drop patch openssh-7.7p1-blocksigalrm.patch + * We had a bug way in past about this but it was never reproduced + or even confirmed in the ticket, thus rather drop the patch + +------------------------------------------------------------------- +Wed Oct 17 09:22:36 UTC 2018 - Tomáš Chvátal + +- Disable ssh1 protocol support as neither RH or Debian enable + this protocol by default anymore either. + ------------------------------------------------------------------- Wed Oct 17 08:42:12 UTC 2018 - Tomáš Chvátal diff --git a/openssh.spec b/openssh.spec index 354e64f..61701c9 100644 --- a/openssh.spec +++ b/openssh.spec @@ -27,8 +27,7 @@ %bcond_without susefirewall %bcond_with tirpc %endif -%define _fwdir %{_sysconfdir}/sysconfig/SuSEfirewall2.d -%define _fwdefdir %{_fwdir}/services +%define _fwdefdir %{_sysconfdir}/sysconfig/SuSEfirewall2.d/services %define _appdefdir %( grep "configdirspec=" $( which xmkmf ) | sed -r 's,^[^=]+=.*-I(.*)/config.*$,\\1/app-defaults,' ) %define CHECKSUM_SUFFIX .hmac %define CHECKSUM_HMAC_KEY "HMAC_KEY:OpenSSH-FIPS@SLE" @@ -37,7 +36,7 @@ %define _fillupdir %{_localstatedir}/adm/fillup-templates %endif Name: openssh -Version: 7.8p1 +Version: 7.9p1 Release: 0 Summary: Secure Shell Client and Server (Remote Login Program) License: BSD-2-Clause AND MIT @@ -56,37 +55,49 @@ Source9: sshd-gen-keys-start Source10: sshd.service Source11: README.FIPS Source12: cavs_driver-ssh.pl -Patch0: openssh-7.7p1-allow_root_password_login.patch Patch1: openssh-7.7p1-X11_trusted_forwarding.patch Patch3: openssh-7.7p1-enable_PAM_by_default.patch Patch4: openssh-7.7p1-eal3.patch -Patch5: openssh-7.7p1-blocksigalrm.patch Patch6: openssh-7.7p1-send_locale.patch Patch7: openssh-7.7p1-hostname_changes_when_forwarding_X.patch Patch8: openssh-7.7p1-remove_xauth_cookies_on_exit.patch Patch9: openssh-7.7p1-pts_names_formatting.patch Patch10: openssh-7.7p1-pam_check_locks.patch Patch11: openssh-7.7p1-disable_short_DH_parameters.patch +# https://bugzilla.mindrot.org/show_bug.cgi?id=2752 Patch14: openssh-7.7p1-seccomp_stat.patch +# https://bugzilla.mindrot.org/show_bug.cgi?id=2752 Patch15: openssh-7.7p1-seccomp_ipc_flock.patch +# https://bugzilla.mindrot.org/show_bug.cgi?id=2752 Patch16: openssh-7.7p1-seccomp_ioctl_s390_EP11.patch +# Local FIPS patchset Patch17: openssh-7.7p1-fips.patch +# Local cavs patchset Patch18: openssh-7.7p1-cavstest-ctr.patch +# Local cavs patchset Patch19: openssh-7.7p1-cavstest-kdf.patch +# Local FIPS patchset Patch20: openssh-7.7p1-fips_checks.patch Patch21: openssh-7.7p1-seed-prng.patch +# https://bugzilla.mindrot.org/show_bug.cgi?id=2641 Patch22: openssh-7.7p1-systemd-notify.patch Patch23: openssh-7.7p1-gssapi_key_exchange.patch +# https://bugzilla.mindrot.org/show_bug.cgi?id=1402 Patch24: openssh-7.7p1-audit.patch -Patch25: openssh-7.7p1-openssl_1.1.0.patch +# Local patch to disable runtime abi SSL checks, quite pointless for us Patch26: openssh-7.7p1-disable_openssl_abi_check.patch +# https://bugzilla.mindrot.org/show_bug.cgi?id=2641 Patch27: openssh-7.7p1-no_fork-no_pid_file.patch Patch28: openssh-7.7p1-host_ident.patch +# https://bugzilla.mindrot.org/show_bug.cgi?id=1844 Patch29: openssh-7.7p1-sftp_force_permissions.patch +# https://bugzilla.mindrot.org/show_bug.cgi?id=2143 Patch30: openssh-7.7p1-X_forward_with_disabled_ipv6.patch Patch31: openssh-7.7p1-ldap.patch +# https://bugzilla.mindrot.org/show_bug.cgi?id=2213 Patch32: openssh-7.7p1-IPv6_X_forwarding.patch Patch33: openssh-7.7p1-sftp_print_diagnostic_messages.patch +Patch34: openssh-openssl-1_0_0-compatibility.patch BuildRequires: audit-devel BuildRequires: autoconf BuildRequires: groff @@ -176,7 +187,6 @@ export LDFLAGS CFLAGS CXXFLAGS CPPFLAGS %configure \ --sysconfdir=%{_sysconfdir}/ssh \ --libexecdir=%{_libexecdir}/ssh \ - --with-tcp-wrappers \ --with-selinux \ --with-pid-dir=/run \ --with-systemd \ @@ -188,19 +198,14 @@ export LDFLAGS CFLAGS CXXFLAGS CPPFLAGS --with-sandbox=seccomp_filter \ %else --with-sandbox=rlimit \ -%endif -%ifnarch s390 s390x - --with-opensc \ %endif --disable-strip \ --with-audit=linux \ --with-ldap \ --with-xauth=%{_bindir}/xauth \ --with-libedit \ - --with-ssh1 \ - --target=%{_target_cpu}-suse-linux \ + --target=%{_target_cpu}-suse-linux -### configure end make %{?_smp_mflags} %install diff --git a/sshd.service b/sshd.service index 1a5cfbd..783df8c 100644 --- a/sshd.service +++ b/sshd.service @@ -10,7 +10,8 @@ ExecStartPre=/usr/sbin/sshd -t $SSHD_OPTS ExecStart=/usr/sbin/sshd -D $SSHD_OPTS ExecReload=/bin/kill -HUP $MAINPID KillMode=process -Restart=always +Restart=on-failure +RestartPreventExitStatus=255 TasksMax=infinity [Install]