diff --git a/openssh-6.5p1-X_forward_with_disabled_ipv6.patch b/openssh-6.5p1-X_forward_with_disabled_ipv6.patch new file mode 100644 index 0000000..fa5983e --- /dev/null +++ b/openssh-6.5p1-X_forward_with_disabled_ipv6.patch @@ -0,0 +1,34 @@ +# HG changeset patch +# Parent d7526bd96e81981aa3c94b7695a3f4009a2c176b +Do not throw away already open sockets for X11 forwarding if another socket +family is not available for bind() + +diff --git a/openssh-6.5p1/channels.c b/openssh-6.5p1/channels.c +--- a/openssh-6.5p1/channels.c ++++ b/openssh-6.5p1/channels.c +@@ -3475,22 +3475,24 @@ x11_create_display_inet(int x11_display_ + } + if (ai->ai_family == AF_INET6) + sock_set_v6only(sock); + if (x11_use_localhost) + channel_set_reuseaddr(sock); + if (bind(sock, ai->ai_addr, ai->ai_addrlen) < 0) { + debug2("bind port %d: %.100s", port, strerror(errno)); + close(sock); +- ++ continue; ++ /* do not remove successfully opened sockets + for (n = 0; n < num_socks; n++) { + close(socks[n]); + } + num_socks = 0; + break; ++ */ + } + socks[num_socks++] = sock; + if (num_socks == NUM_SOCKS) + break; + } + freeaddrinfo(aitop); + if (num_socks > 0) + break; diff --git a/openssh-6.5p1-audit6-server_key_destruction.patch b/openssh-6.5p1-audit6-server_key_destruction.patch index d6e520c..efd0272 100644 --- a/openssh-6.5p1-audit6-server_key_destruction.patch +++ b/openssh-6.5p1-audit6-server_key_destruction.patch @@ -164,7 +164,7 @@ diff --git a/openssh-6.5p1/audit.h b/openssh-6.5p1/audit.h diff --git a/openssh-6.5p1/key.c b/openssh-6.5p1/key.c --- a/openssh-6.5p1/key.c +++ b/openssh-6.5p1/key.c -@@ -1959,16 +1959,41 @@ key_demote(const Key *k) +@@ -1959,16 +1959,43 @@ key_demote(const Key *k) fatal("key_demote: bad key type %d", k->type); break; } @@ -190,9 +190,11 @@ diff --git a/openssh-6.5p1/key.c b/openssh-6.5p1/key.c + case KEY_ECDSA: + return EC_KEY_get0_private_key(k->ecdsa) != NULL; +#endif ++ case KEY_ED25519_CERT: ++ case KEY_ED25519: ++ return k->ed25519_sk != NULL; + default: -+ /* fatal("key_is_private: bad key type %d", k->type); */ -+ debug2("key_is_private: bad key type %d", k->type); ++ fatal("key_is_private: bad key type %d", k->type); + return 1; + } +} diff --git a/openssh-6.5p1-fips.patch b/openssh-6.5p1-fips.patch index 4b1cf63..729f36d 100644 --- a/openssh-6.5p1-fips.patch +++ b/openssh-6.5p1-fips.patch @@ -2,22 +2,23 @@ # when OpenSSL is detected to be running in FIPS mode # # HG changeset patch -# Parent 6536ed881743cbf05afe962021b985f9b1eab495 +# Parent 2a4df1014f286ec93a3e4dcf036f054745e4fee8 diff --git a/openssh-6.5p1/Makefile.in b/openssh-6.5p1/Makefile.in --- a/openssh-6.5p1/Makefile.in +++ b/openssh-6.5p1/Makefile.in -@@ -72,17 +72,17 @@ LIBSSH_OBJS=authfd.o authfile.o bufaux.o - cipher-bf1.o cipher-ctr.o cipher-3des1.o cleanup.o \ - compat.o compress.o crc32.o deattack.o fatal.o hostfile.o \ - log.o match.o md-sha256.o moduli.o nchan.o packet.o \ - readpass.o rsa.o ttymodes.o xmalloc.o addrmatch.o \ +@@ -72,17 +72,18 @@ LIBSSH_OBJS=authfd.o authfile.o bufaux.o atomicio.o key.o dispatch.o kex.o mac.o uidswap.o uuencode.o misc.o \ monitor_fdpass.o rijndael.o ssh-dss.o ssh-ecdsa.o ssh-rsa.o dh.o \ kexdh.o kexgex.o kexdhc.o kexgexc.o bufec.o kexecdh.o kexecdhc.o \ msg.o progressmeter.o dns.o entropy.o gss-genr.o umac.o umac128.o \ -- jpake.o schnorr.o ssh-pkcs11.o krl.o auditstub.o -+ jpake.o schnorr.o ssh-pkcs11.o krl.o auditstub.o fips.o + jpake.o schnorr.o ssh-pkcs11.o krl.o smult_curve25519_ref.o \ + kexc25519.o kexc25519c.o poly1305.o chacha.o cipher-chachapoly.o \ + ssh-ed25519.o digest.o \ + sc25519.o ge25519.o fe25519.o ed25519.o verify.o hash.o blocks.o \ +- auditstub.o ++ auditstub.o \ ++ fips.o SSHOBJS= ssh.o readconf.o clientloop.o sshtty.o \ sshconnect.o sshconnect1.o sshconnect2.o mux.o \ @@ -211,14 +212,14 @@ diff --git a/openssh-6.5p1/cipher-ctr.c b/openssh-6.5p1/cipher-ctr.c diff --git a/openssh-6.5p1/cipher.c b/openssh-6.5p1/cipher.c --- a/openssh-6.5p1/cipher.c +++ b/openssh-6.5p1/cipher.c -@@ -42,16 +42,17 @@ - #include - +@@ -44,25 +44,26 @@ #include #include + #include #include "xmalloc.h" #include "log.h" + #include "misc.h" #include "cipher.h" +#include "fips.h" @@ -229,12 +230,22 @@ diff --git a/openssh-6.5p1/cipher.c b/openssh-6.5p1/cipher.c extern const EVP_CIPHER *evp_ssh1_3des(void); extern void ssh1_3des_iv(EVP_CIPHER_CTX *, int, u_char *, int); -@@ -81,18 +82,57 @@ struct Cipher ciphers[] = { - { "aes128-gcm@openssh.com", - SSH_CIPHER_SSH2, 16, 16, 12, 16, 0, 0, EVP_aes_128_gcm }, +-struct Cipher ciphers[] = { ++struct Cipher ciphers_all[] = { + { "none", SSH_CIPHER_NONE, 8, 0, 0, 0, 0, 0, EVP_enc_null }, + { "des", SSH_CIPHER_DES, 8, 8, 0, 0, 0, 1, EVP_des_cbc }, + { "3des", SSH_CIPHER_3DES, 8, 16, 0, 0, 0, 1, evp_ssh1_3des }, + { "blowfish", SSH_CIPHER_BLOWFISH, 8, 32, 0, 0, 0, 1, evp_ssh1_bf }, + + { "3des-cbc", SSH_CIPHER_SSH2, 8, 24, 0, 0, 0, 1, EVP_des_ede3_cbc }, + { "blowfish-cbc", + SSH_CIPHER_SSH2, 8, 16, 0, 0, 0, 1, EVP_bf_cbc }, +@@ -85,27 +86,67 @@ struct Cipher ciphers[] = { { "aes256-gcm@openssh.com", SSH_CIPHER_SSH2, 16, 32, 12, 16, 0, 0, EVP_aes_256_gcm }, #endif + { "chacha20-poly1305@openssh.com", + SSH_CIPHER_SSH2, 8, 64, 0, 16, 0, CFLAG_CHACHAPOLY, NULL }, { NULL, SSH_CIPHER_INVALID, 0, 0, 0, 0, 0, 0, NULL } }; @@ -262,40 +273,51 @@ diff --git a/openssh-6.5p1/cipher.c b/openssh-6.5p1/cipher.c + /*--*/ ++/* Returns array of ciphers available depending on selected FIPS mode */ +static struct Cipher * +fips_select_ciphers(void) +{ + int fips = fips_mode(); + switch (fips) { + case 0: -+ return ciphers; ++ return ciphers_all; + case 1: + return ciphers_fips140_2; + default: + /* should not be reached */ + fatal("Fatal error: incorrect FIPS mode '%i' at %s:%u", + fips, __FILE__, __LINE__); -+// return NULL; ++ return NULL; + } +} + - u_int - cipher_blocksize(const Cipher *c) + /* Returns a list of supported ciphers separated by the specified char. */ + char * + cipher_alg_list(char sep, int auth_only) { - return (c->block_size); - } + char *ret = NULL; + size_t nlen, rlen = 0; + const Cipher *c; - u_int - cipher_keylen(const Cipher *c) -@@ -135,27 +175,27 @@ cipher_mask_ssh1(int client) +- for (c = ciphers; c->name != NULL; c++) { ++ for (c = fips_select_ciphers(); c->name != NULL; c++) { + if (c->number != SSH_CIPHER_SSH2) + continue; + if (auth_only && c->auth_len == 0) + continue; + if (ret != NULL) + ret[rlen++] = sep; + nlen = strlen(c->name); + ret = xrealloc(ret, 1, rlen + nlen + 2); +@@ -175,27 +216,27 @@ cipher_mask_ssh1(int client) } return mask; } - Cipher * + const Cipher * cipher_by_name(const char *name) { - Cipher *c; + const Cipher *c; - for (c = ciphers; c->name != NULL; c++) + for (c = fips_select_ciphers(); c->name != NULL; c++) if (strcmp(c->name, name) == 0) @@ -303,10 +325,10 @@ diff --git a/openssh-6.5p1/cipher.c b/openssh-6.5p1/cipher.c return NULL; } - Cipher * + const Cipher * cipher_by_number(int id) { - Cipher *c; + const Cipher *c; - for (c = ciphers; c->name != NULL; c++) + for (c = fips_select_ciphers(); c->name != NULL; c++) if (c->number == id) @@ -317,13 +339,13 @@ diff --git a/openssh-6.5p1/cipher.c b/openssh-6.5p1/cipher.c #define CIPHER_SEP "," int ciphers_valid(const char *names) -@@ -189,17 +229,17 @@ ciphers_valid(const char *names) +@@ -229,17 +270,17 @@ ciphers_valid(const char *names) */ int cipher_number(const char *name) { - Cipher *c; + const Cipher *c; if (name == NULL) return -1; - for (c = ciphers; c->name != NULL; c++) @@ -336,13 +358,13 @@ diff --git a/openssh-6.5p1/cipher.c b/openssh-6.5p1/cipher.c char * cipher_name(int id) { -@@ -352,24 +392,29 @@ cipher_cleanup(CipherContext *cc) +@@ -417,24 +458,29 @@ cipher_cleanup(CipherContext *cc) * Selects the cipher, and keys if by computing the MD5 checksum of the * passphrase and using the resulting 16 bytes as the key. */ void - cipher_set_key_string(CipherContext *cc, Cipher *cipher, + cipher_set_key_string(CipherContext *cc, const Cipher *cipher, const char *passphrase, int do_encrypt) { - MD5_CTX md; @@ -616,8 +638,7 @@ new file mode 100644 diff --git a/openssh-6.5p1/key.c b/openssh-6.5p1/key.c --- a/openssh-6.5p1/key.c +++ b/openssh-6.5p1/key.c -@@ -49,16 +49,17 @@ - #include "xmalloc.h" +@@ -52,16 +52,17 @@ #include "key.h" #include "rsa.h" #include "uuencode.h" @@ -625,16 +646,17 @@ diff --git a/openssh-6.5p1/key.c b/openssh-6.5p1/key.c #include "log.h" #include "misc.h" #include "ssh2.h" + #include "digest.h" +#include "fips.h" static int to_blob(const Key *, u_char **, u_int *, int); + static Key *key_from_blob2(const u_char *, u_int, int); static struct KeyCert * cert_new(void) { struct KeyCert *cert; - -@@ -634,16 +635,19 @@ key_fp_type_select(void) +@@ -664,16 +665,19 @@ key_fp_type_select(void) error("invalid key type in environment variable " SSH_FP_TYPE_ENVVAR ": '%s' - falling back to MD5.", env); @@ -657,7 +679,7 @@ diff --git a/openssh-6.5p1/key.c b/openssh-6.5p1/key.c diff --git a/openssh-6.5p1/mac.c b/openssh-6.5p1/mac.c --- a/openssh-6.5p1/mac.c +++ b/openssh-6.5p1/mac.c -@@ -36,34 +36,35 @@ +@@ -36,16 +36,17 @@ #include "xmalloc.h" #include "log.h" #include "cipher.h" @@ -675,18 +697,17 @@ diff --git a/openssh-6.5p1/mac.c b/openssh-6.5p1/mac.c #define SSH_EVP 1 /* OpenSSL EVP-based MAC */ #define SSH_UMAC 2 /* UMAC (not integrated with OpenSSL) */ #define SSH_UMAC128 3 - --struct { -+struct Macs { - char *name; +@@ -55,17 +56,17 @@ struct macalg { int type; const EVP_MD * (*mdfunc)(void); int truncatebits; /* truncate digest if != 0 */ int key_len; /* just for UMAC */ int len; /* just for UMAC */ int etm; /* Encrypt-then-MAC */ --} macs[] = { -+} macs_all[] = { + }; + +-static const struct macalg macs[] = { ++static const struct macalg macs_all[] = { /* Encrypt-and-MAC (encrypt-and-authenticate) variants */ { "hmac-sha1", SSH_EVP, EVP_sha1, 0, 0, 0, 0 }, { "hmac-sha1-96", SSH_EVP, EVP_sha1, 96, 0, 0, 0 }, @@ -695,7 +716,7 @@ diff --git a/openssh-6.5p1/mac.c b/openssh-6.5p1/mac.c { "hmac-sha2-512", SSH_EVP, EVP_sha512, 0, 0, 0, 0 }, #endif { "hmac-md5", SSH_EVP, EVP_md5, 0, 0, 0, 0 }, -@@ -84,19 +85,46 @@ struct { +@@ -86,25 +87,57 @@ static const struct macalg macs[] = { { "hmac-md5-96-etm@openssh.com", SSH_EVP, EVP_md5, 96, 0, 0, 1 }, { "hmac-ripemd160-etm@openssh.com", SSH_EVP, EVP_ripemd160, 0, 0, 0, 1 }, { "umac-64-etm@openssh.com", SSH_UMAC, NULL, 0, 128, 64, 1 }, @@ -704,15 +725,21 @@ diff --git a/openssh-6.5p1/mac.c b/openssh-6.5p1/mac.c { NULL, 0, NULL, 0, 0, 0, 0 } }; -+struct Macs macs_fips140_2[] = { ++static const struct macalg macs_fips140_2[] = { ++ /* Encrypt-and-MAC (encrypt-and-authenticate) variants */ + { "hmac-sha1", SSH_EVP, EVP_sha1, 0, 0, 0, 0 }, +#ifdef HAVE_EVP_SHA256 + { "hmac-sha2-256", SSH_EVP, EVP_sha256, 0, 0, 0, 0 }, + { "hmac-sha2-512", SSH_EVP, EVP_sha512, 0, 0, 0, 0 }, +#endif ++#ifdef HAVE_EVP_SHA256 ++ { "hmac-sha2-256-etm@openssh.com", SSH_EVP, EVP_sha256, 0, 0, 0, 1 }, ++ { "hmac-sha2-512-etm@openssh.com", SSH_EVP, EVP_sha512, 0, 0, 0, 1 }, ++#endif + { NULL, 0, NULL, 0, 0, 0, 0 } +}; + ++/* Returns array of macs available depending on selected FIPS mode */ +static struct Macs * +fips_select_macs(void) +{ @@ -730,61 +757,68 @@ diff --git a/openssh-6.5p1/mac.c b/openssh-6.5p1/mac.c + } +} + - static void - mac_setup_by_id(Mac *mac, int which) + /* Returns a list of supported MACs separated by the specified char. */ + char * + mac_alg_list(char sep) { -+ struct Macs *macs = fips_select_macs(); - int evp_len; - mac->type = macs[which].type; - if (mac->type == SSH_EVP) { - mac->evp_md = (*macs[which].mdfunc)(); - if ((evp_len = EVP_MD_size(mac->evp_md)) <= 0) - fatal("mac %s len %d", mac->name, evp_len); - mac->key_len = mac->mac_len = (u_int)evp_len; - } else { -@@ -107,16 +135,17 @@ mac_setup_by_id(Mac *mac, int which) - if (macs[which].truncatebits != 0) - mac->mac_len = macs[which].truncatebits / 8; - mac->etm = macs[which].etm; + char *ret = NULL; + size_t nlen, rlen = 0; + const struct macalg *m; + +- for (m = macs; m->name != NULL; m++) { ++ for (m = fips_select_macs(); m->name != NULL; m++) { + if (ret != NULL) + ret[rlen++] = sep; + nlen = strlen(m->name); + ret = xrealloc(ret, 1, rlen + nlen + 2); + memcpy(ret + rlen, m->name, nlen + 1); + rlen += nlen; + } + return ret; +@@ -131,17 +164,17 @@ mac_setup_by_alg(Mac *mac, const struct + mac->etm = macalg->etm; } int mac_setup(Mac *mac, char *name) { -+ struct Macs *macs = fips_select_macs(); - int i; + const struct macalg *m; - for (i = 0; macs[i].name; i++) { - if (strcmp(name, macs[i].name) == 0) { - if (mac != NULL) - mac_setup_by_id(mac, i); - debug2("mac_setup: found %s", name); - return (0); +- for (m = macs; m->name != NULL; m++) { ++ for (m = fips_select_macs(); m->name != NULL; m++) { + if (strcmp(name, m->name) != 0) + continue; + if (mac != NULL) + mac_setup_by_alg(mac, m); + debug2("mac_setup: found %s", name); + return (0); + } + debug2("mac_setup: unknown %s", name); diff --git a/openssh-6.5p1/myproposal.h b/openssh-6.5p1/myproposal.h --- a/openssh-6.5p1/myproposal.h +++ b/openssh-6.5p1/myproposal.h -@@ -71,16 +71,20 @@ - "ssh-dss" +@@ -104,16 +104,20 @@ #define KEX_DEFAULT_ENCRYPT \ "aes128-ctr,aes192-ctr,aes256-ctr," \ "arcfour256,arcfour128," \ - "aes128-gcm@openssh.com,aes256-gcm@openssh.com," \ + AESGCM_CIPHER_MODES \ + "chacha20-poly1305@openssh.com," \ "aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc," \ "aes192-cbc,aes256-cbc,arcfour,rijndael-cbc@lysator.liu.se" +#define KEX_FIPS_140_2_ENCRYPT \ + "aes128-ctr,aes192-ctr,aes256-ctr," \ + "aes128-cbc,3des-cbc," \ + "aes192-cbc,aes256-cbc,rijndael-cbc@lysator.liu.se" - #ifdef HAVE_EVP_SHA256 - #define SHA2_HMAC_MODES \ - "hmac-sha2-256," \ - "hmac-sha2-512," - #else - # define SHA2_HMAC_MODES - #endif + #define KEX_DEFAULT_MAC \ -@@ -97,16 +101,19 @@ + "hmac-md5-etm@openssh.com," \ + "hmac-sha1-etm@openssh.com," \ + "umac-64-etm@openssh.com," \ + "umac-128-etm@openssh.com," \ + "hmac-sha2-256-etm@openssh.com," \ + "hmac-sha2-512-etm@openssh.com," \ +@@ -124,16 +128,19 @@ "hmac-sha1," \ "umac-64@openssh.com," \ "umac-128@openssh.com," \ @@ -804,189 +838,6 @@ diff --git a/openssh-6.5p1/myproposal.h b/openssh-6.5p1/myproposal.h static char *myproposal[PROPOSAL_MAX] = { KEX_DEFAULT_KEX, KEX_DEFAULT_PK_ALG, -diff --git a/openssh-6.5p1/openbsd-compat/bsd-arc4random.c b/openssh-6.5p1/openbsd-compat/bsd-arc4random.c ---- a/openssh-6.5p1/openbsd-compat/bsd-arc4random.c -+++ b/openssh-6.5p1/openbsd-compat/bsd-arc4random.c -@@ -18,34 +18,35 @@ - - #include - - #include - #include - #include - - #include "log.h" -+#include "fips.h" - - #ifndef HAVE_ARC4RANDOM - - #include - #include - #include - - /* Size of key to use */ - #define SEED_SIZE 20 - - /* Number of bytes to reseed after */ - #define REKEY_BYTES (1 << 24) - - static int rc4_ready = 0; - static RC4_KEY rc4; - --unsigned int --arc4random(void) -+static unsigned int -+arc4random_bsd(void) - { - unsigned int r = 0; - static int first_time = 1; - - if (rc4_ready <= 0) { - if (first_time) - seed_rng(); - first_time = 0; -@@ -54,18 +55,18 @@ arc4random(void) - - RC4(&rc4, sizeof(r), (unsigned char *)&r, (unsigned char *)&r); - - rc4_ready -= sizeof(r); - - return(r); - } - --void --arc4random_stir(void) -+static void -+arc4random_stir_bsd(void) - { - unsigned char rand_buf[SEED_SIZE]; - int i; - - memset(&rc4, 0, sizeof(rc4)); - if (RAND_bytes(rand_buf, sizeof(rand_buf)) <= 0) - fatal("Couldn't obtain random bytes (error %ld)", - ERR_get_error()); -@@ -77,16 +78,63 @@ arc4random_stir(void) - */ - for(i = 0; i <= 256; i += sizeof(rand_buf)) - RC4(&rc4, sizeof(rand_buf), rand_buf, rand_buf); - - memset(rand_buf, 0, sizeof(rand_buf)); - - rc4_ready = REKEY_BYTES; - } -+ -+static unsigned int -+arc4random_fips(void) -+{ -+ unsigned int r = 0; -+ void *rp = &r; -+ static int first_time = 1; -+ -+ if (first_time) { -+ seed_rng(); -+ first_time = 0; -+ } -+ if (!rc4_ready) -+ arc4random_stir(); -+ RAND_bytes(rp, sizeof(r)); -+ -+ return(r); -+} -+ -+static void -+arc4random_stir_fips(void) -+{ -+ unsigned char rand_buf[SEED_SIZE]; -+ -+ if (RAND_bytes(rand_buf, sizeof(rand_buf)) <= 0) -+ fatal("Couldn't obtain random bytes (error %ld)", -+ ERR_get_error()); -+ rc4_ready = 1; -+} -+ -+unsigned int -+arc4random(void) -+{ -+ if (fips_mode()) -+ return arc4random_fips(); -+ else -+ return arc4random_bsd(); -+} -+ -+void -+arc4random_stir(void) -+{ -+ if (fips_mode()) -+ return arc4random_stir_fips(); -+ else -+ return arc4random_stir_bsd(); -+} - #endif /* !HAVE_ARC4RANDOM */ - - #ifndef HAVE_ARC4RANDOM_BUF - void - arc4random_buf(void *_buf, size_t n) - { - size_t i; - u_int32_t r = 0; -diff --git a/openssh-6.5p1/ssh-rsa.c b/openssh-6.5p1/ssh-rsa.c ---- a/openssh-6.5p1/ssh-rsa.c -+++ b/openssh-6.5p1/ssh-rsa.c -@@ -27,16 +27,17 @@ - - #include "xmalloc.h" - #include "log.h" - #include "buffer.h" - #include "key.h" - #include "compat.h" - #include "misc.h" - #include "ssh.h" -+#include "fips.h" - - static int openssh_RSA_verify(int, u_char *, u_int, u_char *, u_int, RSA *); - - /* RSASSA-PKCS1-v1_5 (PKCS #1 v2.0 signature) with SHA1 */ - int - ssh_rsa_sign(const Key *key, u_char **sigp, u_int *lenp, - const u_char *data, u_int datalen) - { -@@ -48,16 +49,17 @@ ssh_rsa_sign(const Key *key, u_char **si - Buffer b; - - if (key == NULL || key->rsa == NULL || (key->type != KEY_RSA && - key->type != KEY_RSA_CERT && key->type != KEY_RSA_CERT_V00)) { - error("ssh_rsa_sign: no RSA key"); - return -1; - } - nid = (datafellows & SSH_BUG_RSASIGMD5) ? NID_md5 : NID_sha1; -+ fips_correct_nid(&nid); - if ((evp_md = EVP_get_digestbynid(nid)) == NULL) { - error("ssh_rsa_sign: EVP_get_digestbynid %d failed", nid); - return -1; - } - EVP_DigestInit(&md, evp_md); - EVP_DigestUpdate(&md, data, datalen); - EVP_DigestFinal(&md, digest, &dlen); - -@@ -154,16 +156,17 @@ ssh_rsa_verify(const Key *key, const u_c - debug("ssh_rsa_verify: add padding: modlen %u > len %u", - modlen, len); - sigblob = xrealloc(sigblob, 1, modlen); - memmove(sigblob + diff, sigblob, len); - memset(sigblob, 0, diff); - len = modlen; - } - nid = (datafellows & SSH_BUG_RSASIGMD5) ? NID_md5 : NID_sha1; -+ fips_correct_nid(&nid); - if ((evp_md = EVP_get_digestbynid(nid)) == NULL) { - error("ssh_rsa_verify: EVP_get_digestbynid %d failed", nid); - free(sigblob); - return -1; - } - EVP_DigestInit(&md, evp_md); - EVP_DigestUpdate(&md, data, datalen); - EVP_DigestFinal(&md, digest, &dlen); diff --git a/openssh-6.5p1/ssh.c b/openssh-6.5p1/ssh.c --- a/openssh-6.5p1/ssh.c +++ b/openssh-6.5p1/ssh.c @@ -1008,13 +859,13 @@ diff --git a/openssh-6.5p1/ssh.c b/openssh-6.5p1/ssh.c extern char *__progname; /* Saves a copy of argv for setproctitle emulation */ -@@ -324,16 +325,18 @@ main(int ac, char **av) - use_syslog = 0; +@@ -453,16 +454,18 @@ main(int ac, char **av) + logfile = NULL; argv0 = av[0]; again: while ((opt = getopt(ac, av, "1246ab:c:e:fgi:kl:m:no:p:qstvx" - "ACD:F:I:KL:MNO:PR:S:TVw:W:XYy")) != -1) { + "ACD:E:F:I:KL:MNO:PQ:R:S:TVw:W:XYy")) != -1) { switch (opt) { case '1': + if (fips_mode()) @@ -1027,8 +878,7 @@ diff --git a/openssh-6.5p1/ssh.c b/openssh-6.5p1/ssh.c case '4': options.address_family = AF_INET; break; -@@ -781,17 +784,22 @@ main(int ac, char **av) - free(cp); +@@ -959,16 +962,22 @@ main(int ac, char **av) } if (muxclient_command != 0 && options.control_path == NULL) fatal("No ControlPath specified for \"-O\" command"); @@ -1036,21 +886,21 @@ diff --git a/openssh-6.5p1/ssh.c b/openssh-6.5p1/ssh.c muxclient(options.control_path); timeout_ms = options.connection_timeout * 1000; -- + + if (FIPS_mode()) { + options.protocol &= SSH_PROTO_2; + if (options.protocol == 0) + fatal("Protocol 2 disabled by configuration but required in the FIPS mode"); + } -+ ++ /* Open a connection to the remote host. */ - if (ssh_connect(host, &hostaddr, options.port, - options.address_family, options.connection_attempts, &timeout_ms, - options.tcp_keep_alive, - #ifdef HAVE_CYGWIN - options.use_privileged_port, - #else - original_effective_uid == 0 && options.use_privileged_port, + if (ssh_connect(host, addrs, &hostaddr, options.port, + options.address_family, options.connection_attempts, + &timeout_ms, options.tcp_keep_alive, + options.use_privileged_port) != 0) + exit(255); + + if (addrs != NULL) diff --git a/openssh-6.5p1/sshconnect2.c b/openssh-6.5p1/sshconnect2.c --- a/openssh-6.5p1/sshconnect2.c +++ b/openssh-6.5p1/sshconnect2.c @@ -1072,7 +922,7 @@ diff --git a/openssh-6.5p1/sshconnect2.c b/openssh-6.5p1/sshconnect2.c /* import */ extern char *client_version_string; extern char *server_version_string; -@@ -165,31 +166,37 @@ ssh_kex2(char *host, struct sockaddr *ho +@@ -165,31 +166,41 @@ ssh_kex2(char *host, struct sockaddr *ho if (options.ciphers == (char *)-1) { logit("No valid ciphers for protocol version 2 given, using defaults."); @@ -1082,6 +932,8 @@ diff --git a/openssh-6.5p1/sshconnect2.c b/openssh-6.5p1/sshconnect2.c myproposal[PROPOSAL_ENC_ALGS_CTOS] = myproposal[PROPOSAL_ENC_ALGS_STOC] = options.ciphers; + } else if (fips_mode()) { ++ /* TODO: use intersection of FIPS ciphers and those requested in ++ * configuration */ + myproposal[PROPOSAL_ENC_ALGS_CTOS] = + myproposal[PROPOSAL_ENC_ALGS_STOC] = KEX_FIPS_140_2_ENCRYPT; } @@ -1100,20 +952,22 @@ diff --git a/openssh-6.5p1/sshconnect2.c b/openssh-6.5p1/sshconnect2.c myproposal[PROPOSAL_MAC_ALGS_CTOS] = myproposal[PROPOSAL_MAC_ALGS_STOC] = options.macs; + } else if (fips_mode()) { ++ /* TODO: use intersection of FIPS macs and those requested in ++ * configuration */ + myproposal[PROPOSAL_MAC_ALGS_CTOS] = + myproposal[PROPOSAL_MAC_ALGS_STOC] = KEX_FIPS_140_2_MAC; } if (options.hostkeyalgorithms != NULL) myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = - options.hostkeyalgorithms; + compat_pkalg_proposal(options.hostkeyalgorithms); else { /* Prefer algorithms that we already have keys for */ myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = - order_hostkeyalgs(host, hostaddr, port); + compat_pkalg_proposal( diff --git a/openssh-6.5p1/sshd.c b/openssh-6.5p1/sshd.c --- a/openssh-6.5p1/sshd.c +++ b/openssh-6.5p1/sshd.c -@@ -118,16 +118,17 @@ +@@ -119,16 +119,17 @@ #ifdef GSSAPI #include "ssh-gss.h" #endif @@ -1131,14 +985,14 @@ diff --git a/openssh-6.5p1/sshd.c b/openssh-6.5p1/sshd.c int deny_severity; #endif /* LIBWRAP */ -@@ -1711,16 +1712,20 @@ main(int ac, char **av) - case KEY_DSA: +@@ -1786,16 +1787,20 @@ main(int ac, char **av) case KEY_ECDSA: + case KEY_ED25519: sensitive_data.have_ssh2_key = 1; break; } - debug("private host key: #%d type %d %s", i, key->type, - key_type(key)); + debug("private host key: #%d type %d %s", i, keytype, + key_type(key ? key : pubkey)); } + if ((options.protocol & SSH_PROTO_1) && fips_mode()) { + logit("Disabling protocol version 1. Not allowed in the FIPS mode."); @@ -1152,7 +1006,7 @@ diff --git a/openssh-6.5p1/sshd.c b/openssh-6.5p1/sshd.c logit("Disabling protocol version 2. Could not load host key"); options.protocol &= ~SSH_PROTO_2; } -@@ -2413,25 +2418,31 @@ do_ssh1_kex(void) +@@ -2506,25 +2511,31 @@ sshd_hostkey_sign(Key *privkey, Key *pub static void do_ssh2_kex(void) { diff --git a/openssh.changes b/openssh.changes index 18287b1..b8b8c1d 100644 --- a/openssh.changes +++ b/openssh.changes @@ -1,3 +1,10 @@ +------------------------------------------------------------------- +Fri Feb 28 12:59:27 UTC 2014 - pcerny@suse.com + +- re-enabling FIPS-enablement patch +- enable X11 forwarding when IPv6 is present but disabled on server + (bnc#712683, FATE#31503; -X_forward_with_disabled_ipv6.patch) + ------------------------------------------------------------------- Tue Feb 18 12:56:31 UTC 2014 - pcerny@suse.com diff --git a/openssh.spec b/openssh.spec index a39f50e..1d1d1c5 100644 --- a/openssh.spec +++ b/openssh.spec @@ -143,6 +143,7 @@ Patch32: openssh-6.5p1-host_ident.patch Patch33: openssh-6.5p1-sftp_homechroot.patch Patch34: openssh-6.5p1-sftp_force_permissions.patch Patch35: openssh-6.5p1-seccomp_getuid.patch +Patch36: openssh-6.5p1-X_forward_with_disabled_ipv6.patch BuildRoot: %{_tmppath}/%{name}-%{version}-build @@ -194,7 +195,9 @@ Helper applications for OpenSSH which retrieve keys from various sources. %patch24 -p2 %patch25 -p2 %patch26 -p2 -#patch27 -p2 +%if 0%{?suse_version} > 1310 +%patch27 -p2 +%endif #patch28 -p2 %patch29 -p2 %patch30 -p2 @@ -203,6 +206,7 @@ Helper applications for OpenSSH which retrieve keys from various sources. %patch33 -p2 %patch34 -p2 %patch35 -p2 +%patch36 -p2 cp %{SOURCE3} %{SOURCE4} . %build