Accepting request 428544 from home:pcerny:factory
- FIPS compatibility (no selfchecks, only crypto restrictions) [openssh-7.2p2-fips.patch] - PRNG re-seeding [openssh-7.2p2-seed-prng.patch] - preliminary version of GSSAPI KEX [openssh-7.2p2-gssapi_key_exchange.patch] OBS-URL: https://build.opensuse.org/request/show/428544 OBS-URL: https://build.opensuse.org/package/show/network/openssh?expand=0&rev=110
This commit is contained in:
parent
a412ed9d8d
commit
e0d7fb0744
@ -1,5 +1,5 @@
|
|||||||
# HG changeset patch
|
# HG changeset patch
|
||||||
# Parent c924f46e3639b3646e42dd7505c206d43d7180fa
|
# Parent c40dce555117c740f3df867e9fc2b07b64b3ad96
|
||||||
|
|
||||||
Raise minimal size of DH group parameters to 2048 bits like upstream did in
|
Raise minimal size of DH group parameters to 2048 bits like upstream did in
|
||||||
7.2. 1024b values are believed to be in breaking range for state adversaries
|
7.2. 1024b values are believed to be in breaking range for state adversaries
|
||||||
@ -101,7 +101,7 @@ diff --git a/openssh-7.2p2/kexgexc.c b/openssh-7.2p2/kexgexc.c
|
|||||||
goto out;
|
goto out;
|
||||||
if ((bits = BN_num_bits(p)) < 0 ||
|
if ((bits = BN_num_bits(p)) < 0 ||
|
||||||
(u_int)bits < kex->min || (u_int)bits > kex->max) {
|
(u_int)bits < kex->min || (u_int)bits > kex->max) {
|
||||||
+ if (bits < kex->min && bits >= DH_GRP_MIN_RFC)
|
+ if ((u_int)bits < kex->min && (u_int)bits >= DH_GRP_MIN_RFC)
|
||||||
+ logit("DH parameter offered by the server (%d bits) "
|
+ logit("DH parameter offered by the server (%d bits) "
|
||||||
+ "is considered insecure. "
|
+ "is considered insecure. "
|
||||||
+ "You can lower the accepted the minimum "
|
+ "You can lower the accepted the minimum "
|
||||||
@ -115,6 +115,61 @@ diff --git a/openssh-7.2p2/kexgexc.c b/openssh-7.2p2/kexgexc.c
|
|||||||
goto out;
|
goto out;
|
||||||
}
|
}
|
||||||
p = g = NULL; /* belong to kex->dh now */
|
p = g = NULL; /* belong to kex->dh now */
|
||||||
|
diff --git a/openssh-7.2p2/kexgexs.c b/openssh-7.2p2/kexgexs.c
|
||||||
|
--- a/openssh-7.2p2/kexgexs.c
|
||||||
|
+++ b/openssh-7.2p2/kexgexs.c
|
||||||
|
@@ -49,16 +49,19 @@
|
||||||
|
#ifdef GSSAPI
|
||||||
|
#include "ssh-gss.h"
|
||||||
|
#endif
|
||||||
|
#include "monitor_wrap.h"
|
||||||
|
#include "dispatch.h"
|
||||||
|
#include "ssherr.h"
|
||||||
|
#include "sshbuf.h"
|
||||||
|
|
||||||
|
+/* import from dh.c */
|
||||||
|
+extern int dh_grp_min;
|
||||||
|
+
|
||||||
|
static int input_kex_dh_gex_request(int, u_int32_t, void *);
|
||||||
|
static int input_kex_dh_gex_init(int, u_int32_t, void *);
|
||||||
|
|
||||||
|
int
|
||||||
|
kexgex_server(struct ssh *ssh)
|
||||||
|
{
|
||||||
|
ssh_dispatch_set(ssh, SSH2_MSG_KEX_DH_GEX_REQUEST,
|
||||||
|
&input_kex_dh_gex_request);
|
||||||
|
@@ -78,23 +81,29 @@ input_kex_dh_gex_request(int type, u_int
|
||||||
|
if ((r = sshpkt_get_u32(ssh, &min)) != 0 ||
|
||||||
|
(r = sshpkt_get_u32(ssh, &nbits)) != 0 ||
|
||||||
|
(r = sshpkt_get_u32(ssh, &max)) != 0 ||
|
||||||
|
(r = sshpkt_get_end(ssh)) != 0)
|
||||||
|
goto out;
|
||||||
|
kex->nbits = nbits;
|
||||||
|
kex->min = min;
|
||||||
|
kex->max = max;
|
||||||
|
- min = MAX(DH_GRP_MIN, min);
|
||||||
|
+ min = MAX(dh_grp_min, min);
|
||||||
|
max = MIN(DH_GRP_MAX, max);
|
||||||
|
- nbits = MAX(DH_GRP_MIN, nbits);
|
||||||
|
+ nbits = MAX(dh_grp_min, nbits);
|
||||||
|
nbits = MIN(DH_GRP_MAX, nbits);
|
||||||
|
|
||||||
|
if (kex->max < kex->min || kex->nbits < kex->min ||
|
||||||
|
kex->max < kex->nbits) {
|
||||||
|
+ if (kex->nbits < kex->min && kex->nbits >= DH_GRP_MIN_RFC)
|
||||||
|
+ logit("DH parameter requested by the client (%d bits) "
|
||||||
|
+ "is considered insecure. "
|
||||||
|
+ "You can lower the accepted minimum "
|
||||||
|
+ "via the KexDHMin option.",
|
||||||
|
+ kex->nbits);
|
||||||
|
r = SSH_ERR_DH_GEX_OUT_OF_RANGE;
|
||||||
|
goto out;
|
||||||
|
}
|
||||||
|
|
||||||
|
/* Contact privileged parent */
|
||||||
|
kex->dh = PRIVSEP(choose_dh(min, nbits, max));
|
||||||
|
if (kex->dh == NULL) {
|
||||||
|
sshpkt_disconnect(ssh, "no matching DH grp found");
|
||||||
diff --git a/openssh-7.2p2/readconf.c b/openssh-7.2p2/readconf.c
|
diff --git a/openssh-7.2p2/readconf.c b/openssh-7.2p2/readconf.c
|
||||||
--- a/openssh-7.2p2/readconf.c
|
--- a/openssh-7.2p2/readconf.c
|
||||||
+++ b/openssh-7.2p2/readconf.c
|
+++ b/openssh-7.2p2/readconf.c
|
||||||
@ -243,7 +298,7 @@ diff --git a/openssh-7.2p2/readconf.c b/openssh-7.2p2/readconf.c
|
|||||||
if (options->cipher == -1)
|
if (options->cipher == -1)
|
||||||
options->cipher = SSH_CIPHER_NOT_SET;
|
options->cipher = SSH_CIPHER_NOT_SET;
|
||||||
+ if (options->kex_dhmin == -1)
|
+ if (options->kex_dhmin == -1)
|
||||||
+ options->kex_dhmin = DH_GRP_MIN;
|
+ options->kex_dhmin = DH_GRP_MIN_RFC;
|
||||||
+ else {
|
+ else {
|
||||||
+ options->kex_dhmin = MAX(options->kex_dhmin, DH_GRP_MIN_RFC);
|
+ options->kex_dhmin = MAX(options->kex_dhmin, DH_GRP_MIN_RFC);
|
||||||
+ options->kex_dhmin = MIN(options->kex_dhmin, DH_GRP_MAX);
|
+ options->kex_dhmin = MIN(options->kex_dhmin, DH_GRP_MAX);
|
||||||
@ -278,10 +333,199 @@ diff --git a/openssh-7.2p2/readconf.h b/openssh-7.2p2/readconf.h
|
|||||||
int escape_char; /* Escape character; -2 = none */
|
int escape_char; /* Escape character; -2 = none */
|
||||||
|
|
||||||
u_int num_system_hostfiles; /* Paths for /etc/ssh/ssh_known_hosts */
|
u_int num_system_hostfiles; /* Paths for /etc/ssh/ssh_known_hosts */
|
||||||
|
diff --git a/openssh-7.2p2/servconf.c b/openssh-7.2p2/servconf.c
|
||||||
|
--- a/openssh-7.2p2/servconf.c
|
||||||
|
+++ b/openssh-7.2p2/servconf.c
|
||||||
|
@@ -52,16 +52,20 @@
|
||||||
|
#include "channels.h"
|
||||||
|
#include "groupaccess.h"
|
||||||
|
#include "canohost.h"
|
||||||
|
#include "packet.h"
|
||||||
|
#include "hostfile.h"
|
||||||
|
#include "auth.h"
|
||||||
|
#include "myproposal.h"
|
||||||
|
#include "digest.h"
|
||||||
|
+#include "dh.h"
|
||||||
|
+
|
||||||
|
+/* import from dh.c */
|
||||||
|
+extern int dh_grp_min;
|
||||||
|
|
||||||
|
static void add_listen_addr(ServerOptions *, char *, int);
|
||||||
|
static void add_one_listen_addr(ServerOptions *, char *, int);
|
||||||
|
|
||||||
|
/* Use of privilege separation or not */
|
||||||
|
extern int use_privsep;
|
||||||
|
extern Buffer cfg;
|
||||||
|
|
||||||
|
@@ -134,16 +138,17 @@ initialize_server_options(ServerOptions
|
||||||
|
options->allow_agent_forwarding = -1;
|
||||||
|
options->num_allow_users = 0;
|
||||||
|
options->num_deny_users = 0;
|
||||||
|
options->num_allow_groups = 0;
|
||||||
|
options->num_deny_groups = 0;
|
||||||
|
options->ciphers = NULL;
|
||||||
|
options->macs = NULL;
|
||||||
|
options->kex_algorithms = NULL;
|
||||||
|
+ options->kex_dhmin = -1;
|
||||||
|
options->protocol = SSH_PROTO_UNKNOWN;
|
||||||
|
options->fwd_opts.gateway_ports = -1;
|
||||||
|
options->fwd_opts.streamlocal_bind_mask = (mode_t)-1;
|
||||||
|
options->fwd_opts.streamlocal_bind_unlink = -1;
|
||||||
|
options->num_subsystems = 0;
|
||||||
|
options->max_startups_begin = -1;
|
||||||
|
options->max_startups_rate = -1;
|
||||||
|
options->max_startups = -1;
|
||||||
|
@@ -199,16 +204,23 @@ fill_default_server_options(ServerOption
|
||||||
|
int i;
|
||||||
|
|
||||||
|
/* Portable-specific options */
|
||||||
|
if (options->use_pam == -1)
|
||||||
|
options->use_pam = 0;
|
||||||
|
if (options->use_pam_check_locks == -1)
|
||||||
|
options->use_pam_check_locks = 0;
|
||||||
|
|
||||||
|
+ if (options->kex_dhmin == -1)
|
||||||
|
+ options->kex_dhmin = DH_GRP_MIN_RFC;
|
||||||
|
+ else {
|
||||||
|
+ options->kex_dhmin = MAX(options->kex_dhmin, DH_GRP_MIN_RFC);
|
||||||
|
+ options->kex_dhmin = MIN(options->kex_dhmin, DH_GRP_MAX);
|
||||||
|
+ }
|
||||||
|
+ dh_grp_min = options->kex_dhmin;
|
||||||
|
/* Standard Options */
|
||||||
|
if (options->protocol == SSH_PROTO_UNKNOWN)
|
||||||
|
options->protocol = SSH_PROTO_2;
|
||||||
|
if (options->num_host_key_files == 0) {
|
||||||
|
/* fill default hostkeys for protocols */
|
||||||
|
if (options->protocol & SSH_PROTO_1)
|
||||||
|
options->host_key_files[options->num_host_key_files++] =
|
||||||
|
_PATH_HOST_KEY_FILE;
|
||||||
|
@@ -423,17 +435,18 @@ typedef enum {
|
||||||
|
sClientAliveInterval, sClientAliveCountMax, sAuthorizedKeysFile,
|
||||||
|
sGssAuthentication, sGssCleanupCreds, sGssStrictAcceptor,
|
||||||
|
sAcceptEnv, sPermitTunnel,
|
||||||
|
sMatch, sPermitOpen, sForceCommand, sChrootDirectory,
|
||||||
|
sUsePrivilegeSeparation, sAllowAgentForwarding,
|
||||||
|
sHostCertificate,
|
||||||
|
sRevokedKeys, sTrustedUserCAKeys, sAuthorizedPrincipalsFile,
|
||||||
|
sAuthorizedPrincipalsCommand, sAuthorizedPrincipalsCommandUser,
|
||||||
|
- sKexAlgorithms, sIPQoS, sVersionAddendum,
|
||||||
|
+ sKexAlgorithms, sKexDHMin,
|
||||||
|
+ sIPQoS, sVersionAddendum,
|
||||||
|
sAuthorizedKeysCommand, sAuthorizedKeysCommandUser,
|
||||||
|
sAuthenticationMethods, sHostKeyAgent, sPermitUserRC,
|
||||||
|
sStreamLocalBindMask, sStreamLocalBindUnlink,
|
||||||
|
sAllowStreamLocalForwarding, sFingerprintHash,
|
||||||
|
sDeprecated, sUnsupported
|
||||||
|
} ServerOpCodes;
|
||||||
|
|
||||||
|
#define SSHCFG_GLOBAL 0x01 /* allowed in main section of sshd_config */
|
||||||
|
@@ -561,16 +574,17 @@ static struct {
|
||||||
|
{ "permitopen", sPermitOpen, SSHCFG_ALL },
|
||||||
|
{ "forcecommand", sForceCommand, SSHCFG_ALL },
|
||||||
|
{ "chrootdirectory", sChrootDirectory, SSHCFG_ALL },
|
||||||
|
{ "hostcertificate", sHostCertificate, SSHCFG_GLOBAL },
|
||||||
|
{ "revokedkeys", sRevokedKeys, SSHCFG_ALL },
|
||||||
|
{ "trustedusercakeys", sTrustedUserCAKeys, SSHCFG_ALL },
|
||||||
|
{ "authorizedprincipalsfile", sAuthorizedPrincipalsFile, SSHCFG_ALL },
|
||||||
|
{ "kexalgorithms", sKexAlgorithms, SSHCFG_GLOBAL },
|
||||||
|
+ { "kexdhmin", sKexDHMin },
|
||||||
|
{ "ipqos", sIPQoS, SSHCFG_ALL },
|
||||||
|
{ "authorizedkeyscommand", sAuthorizedKeysCommand, SSHCFG_ALL },
|
||||||
|
{ "authorizedkeyscommanduser", sAuthorizedKeysCommandUser, SSHCFG_ALL },
|
||||||
|
{ "authorizedprincipalscommand", sAuthorizedPrincipalsCommand, SSHCFG_ALL },
|
||||||
|
{ "authorizedprincipalscommanduser", sAuthorizedPrincipalsCommandUser, SSHCFG_ALL },
|
||||||
|
{ "versionaddendum", sVersionAddendum, SSHCFG_GLOBAL },
|
||||||
|
{ "authenticationmethods", sAuthenticationMethods, SSHCFG_ALL },
|
||||||
|
{ "streamlocalbindmask", sStreamLocalBindMask, SSHCFG_ALL },
|
||||||
|
@@ -1481,16 +1495,20 @@ process_server_config_line(ServerOptions
|
||||||
|
filename, linenum);
|
||||||
|
if (!kex_names_valid(*arg == '+' ? arg + 1 : arg))
|
||||||
|
fatal("%s line %d: Bad SSH2 KexAlgorithms '%s'.",
|
||||||
|
filename, linenum, arg ? arg : "<NONE>");
|
||||||
|
if (options->kex_algorithms == NULL)
|
||||||
|
options->kex_algorithms = xstrdup(arg);
|
||||||
|
break;
|
||||||
|
|
||||||
|
+ case sKexDHMin:
|
||||||
|
+ intptr = &options->kex_dhmin;
|
||||||
|
+ goto parse_int;
|
||||||
|
+
|
||||||
|
case sProtocol:
|
||||||
|
intptr = &options->protocol;
|
||||||
|
arg = strdelim(&cp);
|
||||||
|
if (!arg || *arg == '\0')
|
||||||
|
fatal("%s line %d: Missing argument.", filename, linenum);
|
||||||
|
value = proto_spec(arg);
|
||||||
|
if (value == SSH_PROTO_UNKNOWN)
|
||||||
|
fatal("%s line %d: Bad protocol spec '%s'.",
|
||||||
|
@@ -2247,16 +2265,17 @@ dump_config(ServerOptions *o)
|
||||||
|
dump_cfg_int(sLoginGraceTime, o->login_grace_time);
|
||||||
|
dump_cfg_int(sKeyRegenerationTime, o->key_regeneration_time);
|
||||||
|
dump_cfg_int(sX11DisplayOffset, o->x11_display_offset);
|
||||||
|
dump_cfg_int(sMaxAuthTries, o->max_authtries);
|
||||||
|
dump_cfg_int(sMaxSessions, o->max_sessions);
|
||||||
|
dump_cfg_int(sClientAliveInterval, o->client_alive_interval);
|
||||||
|
dump_cfg_int(sClientAliveCountMax, o->client_alive_count_max);
|
||||||
|
dump_cfg_oct(sStreamLocalBindMask, o->fwd_opts.streamlocal_bind_mask);
|
||||||
|
+ dump_cfg_int(sKexDHMin, o->kex_dhmin);
|
||||||
|
|
||||||
|
/* formatted integer arguments */
|
||||||
|
dump_cfg_fmtint(sPermitRootLogin, o->permit_root_login);
|
||||||
|
dump_cfg_fmtint(sIgnoreRhosts, o->ignore_rhosts);
|
||||||
|
dump_cfg_fmtint(sIgnoreUserKnownHosts, o->ignore_user_known_hosts);
|
||||||
|
dump_cfg_fmtint(sRhostsRSAAuthentication, o->rhosts_rsa_authentication);
|
||||||
|
dump_cfg_fmtint(sHostbasedAuthentication, o->hostbased_authentication);
|
||||||
|
dump_cfg_fmtint(sHostbasedUsesNameFromPacketOnly,
|
||||||
|
diff --git a/openssh-7.2p2/servconf.h b/openssh-7.2p2/servconf.h
|
||||||
|
--- a/openssh-7.2p2/servconf.h
|
||||||
|
+++ b/openssh-7.2p2/servconf.h
|
||||||
|
@@ -88,16 +88,17 @@ typedef struct {
|
||||||
|
int permit_user_rc; /* If false, deny ~/.ssh/rc execution */
|
||||||
|
int strict_modes; /* If true, require string home dir modes. */
|
||||||
|
int tcp_keep_alive; /* If true, set SO_KEEPALIVE. */
|
||||||
|
int ip_qos_interactive; /* IP ToS/DSCP/class for interactive */
|
||||||
|
int ip_qos_bulk; /* IP ToS/DSCP/class for bulk traffic */
|
||||||
|
char *ciphers; /* Supported SSH2 ciphers. */
|
||||||
|
char *macs; /* Supported SSH2 macs. */
|
||||||
|
char *kex_algorithms; /* SSH2 kex methods in order of preference. */
|
||||||
|
+ int kex_dhmin; /* minimum bit length of the DH group parameter */
|
||||||
|
int protocol; /* Supported protocol versions. */
|
||||||
|
struct ForwardOptions fwd_opts; /* forwarding options */
|
||||||
|
SyslogFacility log_facility; /* Facility for system logging. */
|
||||||
|
LogLevel log_level; /* Level for system logging. */
|
||||||
|
int rhosts_rsa_authentication; /* If true, permit rhosts RSA
|
||||||
|
* authentication. */
|
||||||
|
int hostbased_authentication; /* If true, permit ssh2 hostbased auth */
|
||||||
|
int hostbased_uses_name_from_packet_only; /* experimental */
|
||||||
|
diff --git a/openssh-7.2p2/ssh_config b/openssh-7.2p2/ssh_config
|
||||||
|
--- a/openssh-7.2p2/ssh_config
|
||||||
|
+++ b/openssh-7.2p2/ssh_config
|
||||||
|
@@ -12,16 +12,21 @@
|
||||||
|
# Any configuration value is only changed the first time it is set.
|
||||||
|
# Thus, host-specific definitions should be at the beginning of the
|
||||||
|
# configuration file, and defaults at the end.
|
||||||
|
|
||||||
|
# Site-wide defaults for some commonly used options. For a comprehensive
|
||||||
|
# list of available options, their meanings and defaults, please see the
|
||||||
|
# ssh_config(5) man page.
|
||||||
|
|
||||||
|
+# Minimum accepted size of the DH parameter p. By default this is set to 1024
|
||||||
|
+# to maintain compatibility with RFC4419, but should be set higher.
|
||||||
|
+# Upstream default is identical to setting this to 2048.
|
||||||
|
+#KexDHMin 1024
|
||||||
|
+
|
||||||
|
Host *
|
||||||
|
# ForwardAgent no
|
||||||
|
# ForwardX11 no
|
||||||
|
|
||||||
|
# If you do not trust your remote host (or its administrator), you
|
||||||
|
# should not forward X11 connections to your local X11-display for
|
||||||
|
# security reasons: Someone stealing the authentification data on the
|
||||||
|
# remote side (the "spoofed" X-server by the remote sshd) can read your
|
||||||
diff --git a/openssh-7.2p2/ssh_config.0 b/openssh-7.2p2/ssh_config.0
|
diff --git a/openssh-7.2p2/ssh_config.0 b/openssh-7.2p2/ssh_config.0
|
||||||
--- a/openssh-7.2p2/ssh_config.0
|
--- a/openssh-7.2p2/ssh_config.0
|
||||||
+++ b/openssh-7.2p2/ssh_config.0
|
+++ b/openssh-7.2p2/ssh_config.0
|
||||||
@@ -606,16 +606,29 @@ DESCRIPTION
|
@@ -606,16 +606,33 @@ DESCRIPTION
|
||||||
ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,
|
ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,
|
||||||
diffie-hellman-group-exchange-sha256,
|
diffie-hellman-group-exchange-sha256,
|
||||||
diffie-hellman-group-exchange-sha1,
|
diffie-hellman-group-exchange-sha1,
|
||||||
@ -291,17 +535,21 @@ diff --git a/openssh-7.2p2/ssh_config.0 b/openssh-7.2p2/ssh_config.0
|
|||||||
obtained using the -Q option of ssh(1) with an argument of M-bM-^@M-^\kexM-bM-^@M-^].
|
obtained using the -Q option of ssh(1) with an argument of M-bM-^@M-^\kexM-bM-^@M-^].
|
||||||
|
|
||||||
+ KexDHMin
|
+ KexDHMin
|
||||||
+ Specifies the minimum accepted bit length of the DH group parameter p.
|
+ Specifies the minimum accepted bit length of the DH group
|
||||||
+ As per RFC4419, this is 1024 bits however, this has increasingly
|
+ parameter p.
|
||||||
|
+
|
||||||
|
+ As per RFC4419, this is 1024 bits, however this has increasingly
|
||||||
+ been seen as insecure, which prompted the change to 2048 bits.
|
+ been seen as insecure, which prompted the change to 2048 bits.
|
||||||
+ Setting this option allows the client to accept parameters shorter
|
+ Setting this option allows the client to accept parameters shorter
|
||||||
+ than the current minimum, down to the RFC specified 1024 bits.
|
+ than the current minimum, down to the RFC specified 1024 bits.
|
||||||
+ Using this option may be needed when connecting to servers that
|
+ Using this option may be needed when connecting to servers that
|
||||||
+ only know short DH group parameters.
|
+ only know short DH group parameters.
|
||||||
+
|
+
|
||||||
+ Note that using this option can severly impact security and thus
|
+ Note, that while by default this option is set to 1024 to maintain
|
||||||
+ should be viewed as a temporary fix of last resort and all efforts
|
+ maximum backward compatibility, using it can severly impact
|
||||||
+ should be made to fix the server.
|
+ security and thus should be viewed as a temporary fix of last
|
||||||
|
+ resort and all efforts should be made to fix the (broken)
|
||||||
|
+ counterparty.
|
||||||
+
|
+
|
||||||
LocalCommand
|
LocalCommand
|
||||||
Specifies a command to execute on the local machine after
|
Specifies a command to execute on the local machine after
|
||||||
@ -314,7 +562,7 @@ diff --git a/openssh-7.2p2/ssh_config.0 b/openssh-7.2p2/ssh_config.0
|
|||||||
diff --git a/openssh-7.2p2/ssh_config.5 b/openssh-7.2p2/ssh_config.5
|
diff --git a/openssh-7.2p2/ssh_config.5 b/openssh-7.2p2/ssh_config.5
|
||||||
--- a/openssh-7.2p2/ssh_config.5
|
--- a/openssh-7.2p2/ssh_config.5
|
||||||
+++ b/openssh-7.2p2/ssh_config.5
|
+++ b/openssh-7.2p2/ssh_config.5
|
||||||
@@ -1092,16 +1092,28 @@ diffie-hellman-group14-sha1
|
@@ -1092,16 +1092,32 @@ diffie-hellman-group14-sha1
|
||||||
.Ed
|
.Ed
|
||||||
.Pp
|
.Pp
|
||||||
The list of available key exchange algorithms may also be obtained using the
|
The list of available key exchange algorithms may also be obtained using the
|
||||||
@ -324,17 +572,21 @@ diff --git a/openssh-7.2p2/ssh_config.5 b/openssh-7.2p2/ssh_config.5
|
|||||||
with an argument of
|
with an argument of
|
||||||
.Dq kex .
|
.Dq kex .
|
||||||
+.It Cm KexDHMin
|
+.It Cm KexDHMin
|
||||||
+Specifies the minimum accepted bit length of the DH group parameter p.
|
+Specifies the minimum accepted bit length of the DH group
|
||||||
+As per RFC4419, this is 1024 bits however, this has increasingly
|
+parameter p.
|
||||||
|
+.Pp
|
||||||
|
+As per RFC4419, this is 1024 bits, however this has increasingly
|
||||||
+been seen as insecure, which prompted the change to 2048 bits.
|
+been seen as insecure, which prompted the change to 2048 bits.
|
||||||
+Setting this option allows the client to accept parameters shorter
|
+Setting this option allows the client to accept parameters shorter
|
||||||
+than the current minimum, down to the RFC specified 1024 bits.
|
+than the current minimum, down to the RFC specified 1024 bits.
|
||||||
+Using this option may be needed when connecting to servers that
|
+Using this option may be needed when connecting to servers that
|
||||||
+only know short DH group parameters.
|
+only know short DH group parameters.
|
||||||
+
|
+.Pp
|
||||||
+Note that using this option can severly impact security and thus
|
+Note, that while by default this option is set to 1024 to maintain
|
||||||
+should be viewed as a temporary fix of last resort and all efforts
|
+maximum backward compatibility, using it can severly impact
|
||||||
+should be made to fix the server.
|
+security and thus should be viewed as a temporary fix of last
|
||||||
|
+resort and all efforts should be made to fix the (broken)
|
||||||
|
+counterparty.
|
||||||
.It Cm LocalCommand
|
.It Cm LocalCommand
|
||||||
Specifies a command to execute on the local machine after successfully
|
Specifies a command to execute on the local machine after successfully
|
||||||
connecting to the server.
|
connecting to the server.
|
||||||
@ -343,3 +595,101 @@ diff --git a/openssh-7.2p2/ssh_config.5 b/openssh-7.2p2/ssh_config.5
|
|||||||
The following escape character substitutions will be performed:
|
The following escape character substitutions will be performed:
|
||||||
.Ql %d
|
.Ql %d
|
||||||
(local user's home directory),
|
(local user's home directory),
|
||||||
|
diff --git a/openssh-7.2p2/sshd_config b/openssh-7.2p2/sshd_config
|
||||||
|
--- a/openssh-7.2p2/sshd_config
|
||||||
|
+++ b/openssh-7.2p2/sshd_config
|
||||||
|
@@ -21,16 +21,21 @@
|
||||||
|
# HostKey for protocol version 1
|
||||||
|
#HostKey /etc/ssh/ssh_host_key
|
||||||
|
# HostKeys for protocol version 2
|
||||||
|
#HostKey /etc/ssh/ssh_host_rsa_key
|
||||||
|
#HostKey /etc/ssh/ssh_host_dsa_key
|
||||||
|
#HostKey /etc/ssh/ssh_host_ecdsa_key
|
||||||
|
#HostKey /etc/ssh/ssh_host_ed25519_key
|
||||||
|
|
||||||
|
+# Minimum accepted size of the DH parameter p. By default this is set to 1024
|
||||||
|
+# to maintain compatibility with RFC4419, but should be set higher.
|
||||||
|
+# Upstream default is identical to setting this to 2048.
|
||||||
|
+#KexDHMin 1024
|
||||||
|
+
|
||||||
|
# Lifetime and size of ephemeral version 1 server key
|
||||||
|
#KeyRegenerationInterval 1h
|
||||||
|
#ServerKeyBits 1024
|
||||||
|
|
||||||
|
# Ciphers and keying
|
||||||
|
#RekeyLimit default none
|
||||||
|
|
||||||
|
# Logging
|
||||||
|
diff --git a/openssh-7.2p2/sshd_config.0 b/openssh-7.2p2/sshd_config.0
|
||||||
|
--- a/openssh-7.2p2/sshd_config.0
|
||||||
|
+++ b/openssh-7.2p2/sshd_config.0
|
||||||
|
@@ -539,16 +539,33 @@ DESCRIPTION
|
||||||
|
curve25519-sha256@libssh.org,
|
||||||
|
ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,
|
||||||
|
diffie-hellman-group-exchange-sha256,
|
||||||
|
diffie-hellman-group14-sha1
|
||||||
|
|
||||||
|
The list of available key exchange algorithms may also be
|
||||||
|
obtained using the -Q option of ssh(1) with an argument of M-bM-^@M-^\kexM-bM-^@M-^].
|
||||||
|
|
||||||
|
+ KexDHMin
|
||||||
|
+ Specifies the minimum accepted bit length of the DH group
|
||||||
|
+ parameter p.
|
||||||
|
+
|
||||||
|
+ As per RFC4419, this is 1024 bits, however this has increasingly
|
||||||
|
+ been seen as insecure, which prompted the change to 2048 bits.
|
||||||
|
+ Setting this option allows the server to accept parameters shorter
|
||||||
|
+ than the current minimum, down to the RFC specified 1024 bits.
|
||||||
|
+ Using this option may be needed when some of the connectiong
|
||||||
|
+ clients only know short DH group parameters.
|
||||||
|
+
|
||||||
|
+ Note, that while by default this option is set to 1024 to maintain
|
||||||
|
+ maximum backward compatibility, using it can severly impact
|
||||||
|
+ security and thus should be viewed as a temporary fix of last
|
||||||
|
+ resort and all efforts should be made to fix the (broken)
|
||||||
|
+ counterparty.
|
||||||
|
+
|
||||||
|
KeyRegenerationInterval
|
||||||
|
In protocol version 1, the ephemeral server key is automatically
|
||||||
|
regenerated after this many seconds (if it has been used). The
|
||||||
|
purpose of regeneration is to prevent decrypting captured
|
||||||
|
sessions by later breaking into the machine and stealing the
|
||||||
|
keys. The key is never stored anywhere. If the value is 0, the
|
||||||
|
key is never regenerated. The default is 3600 (seconds).
|
||||||
|
|
||||||
|
diff --git a/openssh-7.2p2/sshd_config.5 b/openssh-7.2p2/sshd_config.5
|
||||||
|
--- a/openssh-7.2p2/sshd_config.5
|
||||||
|
+++ b/openssh-7.2p2/sshd_config.5
|
||||||
|
@@ -895,16 +895,32 @@ diffie-hellman-group14-sha1
|
||||||
|
.Ed
|
||||||
|
.Pp
|
||||||
|
The list of available key exchange algorithms may also be obtained using the
|
||||||
|
.Fl Q
|
||||||
|
option of
|
||||||
|
.Xr ssh 1
|
||||||
|
with an argument of
|
||||||
|
.Dq kex .
|
||||||
|
+.It Cm KexDHMin
|
||||||
|
+Specifies the minimum accepted bit length of the DH group
|
||||||
|
+parameter p.
|
||||||
|
+.Pp
|
||||||
|
+As per RFC4419, this is 1024 bits, however this has increasingly
|
||||||
|
+been seen as insecure, which prompted the change to 2048 bits.
|
||||||
|
+Setting this option allows the server to accept parameters shorter
|
||||||
|
+than the current minimum, down to the RFC specified 1024 bits.
|
||||||
|
+Using this option may be needed when some of the connectiong
|
||||||
|
+clients only know short DH group parameters.
|
||||||
|
+.Pp
|
||||||
|
+Note, that while by default this option is set to 1024 to maintain
|
||||||
|
+maximum backward compatibility, using it can severly impact
|
||||||
|
+security and thus should be viewed as a temporary fix of last
|
||||||
|
+resort and all efforts should be made to fix the (broken)
|
||||||
|
+counterparty.
|
||||||
|
.It Cm KeyRegenerationInterval
|
||||||
|
In protocol version 1, the ephemeral server key is automatically regenerated
|
||||||
|
after this many seconds (if it has been used).
|
||||||
|
The purpose of regeneration is to prevent
|
||||||
|
decrypting captured sessions by later breaking into the machine and
|
||||||
|
stealing the keys.
|
||||||
|
The key is never stored anywhere.
|
||||||
|
If the value is 0, the key is never regenerated.
|
||||||
|
1834
openssh-7.2p2-fips.patch
Normal file
1834
openssh-7.2p2-fips.patch
Normal file
File diff suppressed because it is too large
Load Diff
3963
openssh-7.2p2-gssapi_key_exchange.patch
Normal file
3963
openssh-7.2p2-gssapi_key_exchange.patch
Normal file
File diff suppressed because it is too large
Load Diff
461
openssh-7.2p2-seed-prng.patch
Normal file
461
openssh-7.2p2-seed-prng.patch
Normal file
@ -0,0 +1,461 @@
|
|||||||
|
# HG changeset patch
|
||||||
|
# Parent 36ab4b78afea8cea4e3bed1291a49ba05cbb9115
|
||||||
|
# extended support for (re-)seeding the OpenSSL PRNG from /dev/random
|
||||||
|
# bnc#703221, FATE#312172
|
||||||
|
|
||||||
|
diff --git a/openssh-7.2p2/entropy.c b/openssh-7.2p2/entropy.c
|
||||||
|
--- a/openssh-7.2p2/entropy.c
|
||||||
|
+++ b/openssh-7.2p2/entropy.c
|
||||||
|
@@ -49,16 +49,17 @@
|
||||||
|
|
||||||
|
#include "ssh.h"
|
||||||
|
#include "misc.h"
|
||||||
|
#include "xmalloc.h"
|
||||||
|
#include "atomicio.h"
|
||||||
|
#include "pathnames.h"
|
||||||
|
#include "log.h"
|
||||||
|
#include "buffer.h"
|
||||||
|
+#include "openbsd-compat/port-linux.h"
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Portable OpenSSH PRNG seeding:
|
||||||
|
* If OpenSSL has not "internally seeded" itself (e.g. pulled data from
|
||||||
|
* /dev/random), then collect RANDOM_SEED_SIZE bytes of randomness from
|
||||||
|
* PRNGd.
|
||||||
|
*/
|
||||||
|
#ifndef OPENSSL_PRNG_ONLY
|
||||||
|
@@ -224,16 +225,19 @@ seed_rng(void)
|
||||||
|
}
|
||||||
|
|
||||||
|
if (seed_from_prngd(buf, sizeof(buf)) == -1)
|
||||||
|
fatal("Could not obtain seed from PRNGd");
|
||||||
|
RAND_add(buf, sizeof(buf), sizeof(buf));
|
||||||
|
memset(buf, '\0', sizeof(buf));
|
||||||
|
|
||||||
|
#endif /* OPENSSL_PRNG_ONLY */
|
||||||
|
+
|
||||||
|
+ linux_seed();
|
||||||
|
+
|
||||||
|
if (RAND_status() != 1)
|
||||||
|
fatal("PRNG is not seeded");
|
||||||
|
}
|
||||||
|
|
||||||
|
#else /* WITH_OPENSSL */
|
||||||
|
|
||||||
|
/* Handled in arc4random() */
|
||||||
|
void
|
||||||
|
diff --git a/openssh-7.2p2/openbsd-compat/Makefile.in b/openssh-7.2p2/openbsd-compat/Makefile.in
|
||||||
|
--- a/openssh-7.2p2/openbsd-compat/Makefile.in
|
||||||
|
+++ b/openssh-7.2p2/openbsd-compat/Makefile.in
|
||||||
|
@@ -15,17 +15,17 @@ AR=@AR@
|
||||||
|
RANLIB=@RANLIB@
|
||||||
|
INSTALL=@INSTALL@
|
||||||
|
LDFLAGS=-L. @LDFLAGS@
|
||||||
|
|
||||||
|
OPENBSD=base64.o basename.o bcrypt_pbkdf.o bindresvport.o blowfish.o daemon.o dirname.o fmt_scaled.o getcwd.o getgrouplist.o getopt_long.o getrrsetbyname.o glob.o inet_aton.o inet_ntoa.o inet_ntop.o mktemp.o pwcache.o readpassphrase.o reallocarray.o realpath.o rresvport.o setenv.o setproctitle.o sha1.o sha2.o rmd160.o md5.o sigact.o strlcat.o strlcpy.o strmode.o strnlen.o strptime.o strsep.o strtonum.o strtoll.o strtoul.o strtoull.o timingsafe_bcmp.o vis.o blowfish.o bcrypt_pbkdf.o explicit_bzero.o
|
||||||
|
|
||||||
|
COMPAT=arc4random.o bsd-asprintf.o bsd-closefrom.o bsd-cray.o bsd-cygwin_util.o bsd-getpeereid.o getrrsetbyname-ldns.o bsd-misc.o bsd-nextstep.o bsd-openpty.o bsd-poll.o bsd-setres_id.o bsd-snprintf.o bsd-statvfs.o bsd-waitpid.o fake-rfc2553.o openssl-compat.o xmmap.o xcrypt.o kludge-fd_set.o
|
||||||
|
|
||||||
|
-PORTS=port-aix.o port-irix.o port-linux.o port-solaris.o port-tun.o port-uw.o
|
||||||
|
+PORTS=port-aix.o port-irix.o port-linux.o port-linux-prng.o port-solaris.o port-tun.o port-uw.o
|
||||||
|
|
||||||
|
.c.o:
|
||||||
|
$(CC) $(CFLAGS) $(CPPFLAGS) -c $<
|
||||||
|
|
||||||
|
all: libopenbsd-compat.a
|
||||||
|
|
||||||
|
$(COMPAT): ../config.h
|
||||||
|
$(OPENBSD): ../config.h
|
||||||
|
diff --git a/openssh-7.2p2/openbsd-compat/port-linux-prng.c b/openssh-7.2p2/openbsd-compat/port-linux-prng.c
|
||||||
|
new file mode 100644
|
||||||
|
--- /dev/null
|
||||||
|
+++ b/openssh-7.2p2/openbsd-compat/port-linux-prng.c
|
||||||
|
@@ -0,0 +1,81 @@
|
||||||
|
+/*
|
||||||
|
+ * Copyright (c) 2011 Jan F. Chadima <jchadima@redhat.com>
|
||||||
|
+ * (c) 2011 Petr Cerny <pcerny@suse.cz>
|
||||||
|
+ *
|
||||||
|
+ * Permission to use, copy, modify, and distribute this software for any
|
||||||
|
+ * purpose with or without fee is hereby granted, provided that the above
|
||||||
|
+ * copyright notice and this permission notice appear in all copies.
|
||||||
|
+ *
|
||||||
|
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
|
||||||
|
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
|
||||||
|
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
|
||||||
|
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
|
||||||
|
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
|
||||||
|
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
|
||||||
|
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
|
||||||
|
+ */
|
||||||
|
+
|
||||||
|
+/*
|
||||||
|
+ * Linux-specific portability code - prng support
|
||||||
|
+ */
|
||||||
|
+
|
||||||
|
+#include "includes.h"
|
||||||
|
+#include "defines.h"
|
||||||
|
+
|
||||||
|
+#include <errno.h>
|
||||||
|
+#include <stdarg.h>
|
||||||
|
+#include <string.h>
|
||||||
|
+#include <stdio.h>
|
||||||
|
+#include <openssl/rand.h>
|
||||||
|
+
|
||||||
|
+#include "log.h"
|
||||||
|
+#include "port-linux.h"
|
||||||
|
+#include "fips.h"
|
||||||
|
+
|
||||||
|
+#define RNG_BYTES_DEFAULT 6L
|
||||||
|
+#define RNG_ENV_VAR "SSH_USE_STRONG_RNG"
|
||||||
|
+
|
||||||
|
+long rand_bytes = 0;
|
||||||
|
+char *rand_file = NULL;
|
||||||
|
+
|
||||||
|
+static void
|
||||||
|
+linux_seed_init(void)
|
||||||
|
+{
|
||||||
|
+ long elen = 0;
|
||||||
|
+ char *env = getenv(RNG_ENV_VAR);
|
||||||
|
+
|
||||||
|
+ if (env) {
|
||||||
|
+ errno = 0;
|
||||||
|
+ elen = strtol(env, NULL, 10);
|
||||||
|
+ if (errno) {
|
||||||
|
+ elen = RNG_BYTES_DEFAULT;
|
||||||
|
+ debug("bogus value in the %s environment variable, "
|
||||||
|
+ "using %li bytes from /dev/random\n",
|
||||||
|
+ RNG_ENV_VAR, RNG_BYTES_DEFAULT);
|
||||||
|
+ }
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ if (elen || fips_mode())
|
||||||
|
+ rand_file = "/dev/random";
|
||||||
|
+ else
|
||||||
|
+ rand_file = "/dev/urandom";
|
||||||
|
+
|
||||||
|
+ rand_bytes = MAX(elen, RNG_BYTES_DEFAULT);
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
+void
|
||||||
|
+linux_seed(void)
|
||||||
|
+{
|
||||||
|
+ long len;
|
||||||
|
+ if (!rand_file)
|
||||||
|
+ linux_seed_init();
|
||||||
|
+
|
||||||
|
+ errno = 0;
|
||||||
|
+ len = RAND_load_file(rand_file, rand_bytes);
|
||||||
|
+ if (len != rand_bytes) {
|
||||||
|
+ if (errno)
|
||||||
|
+ fatal ("cannot read from %s, %s", rand_file, strerror(errno));
|
||||||
|
+ else
|
||||||
|
+ fatal ("EOF reading %s", rand_file);
|
||||||
|
+ }
|
||||||
|
+}
|
||||||
|
diff --git a/openssh-7.2p2/openbsd-compat/port-linux.h b/openssh-7.2p2/openbsd-compat/port-linux.h
|
||||||
|
--- a/openssh-7.2p2/openbsd-compat/port-linux.h
|
||||||
|
+++ b/openssh-7.2p2/openbsd-compat/port-linux.h
|
||||||
|
@@ -14,16 +14,20 @@
|
||||||
|
* WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
|
||||||
|
* ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
|
||||||
|
* OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
|
||||||
|
*/
|
||||||
|
|
||||||
|
#ifndef _PORT_LINUX_H
|
||||||
|
#define _PORT_LINUX_H
|
||||||
|
|
||||||
|
+extern long rand_bytes;
|
||||||
|
+extern char *rand_file;
|
||||||
|
+void linux_seed(void);
|
||||||
|
+
|
||||||
|
#ifdef WITH_SELINUX
|
||||||
|
int ssh_selinux_enabled(void);
|
||||||
|
void ssh_selinux_setup_pty(char *, const char *);
|
||||||
|
void ssh_selinux_setup_exec_context(char *);
|
||||||
|
void ssh_selinux_change_context(const char *);
|
||||||
|
void ssh_selinux_setfscreatecon(const char *);
|
||||||
|
#endif
|
||||||
|
|
||||||
|
diff --git a/openssh-7.2p2/ssh-add.1 b/openssh-7.2p2/ssh-add.1
|
||||||
|
--- a/openssh-7.2p2/ssh-add.1
|
||||||
|
+++ b/openssh-7.2p2/ssh-add.1
|
||||||
|
@@ -166,16 +166,30 @@ or related script.
|
||||||
|
(Note that on some machines it
|
||||||
|
may be necessary to redirect the input from
|
||||||
|
.Pa /dev/null
|
||||||
|
to make this work.)
|
||||||
|
.It Ev SSH_AUTH_SOCK
|
||||||
|
Identifies the path of a
|
||||||
|
.Ux Ns -domain
|
||||||
|
socket used to communicate with the agent.
|
||||||
|
+.It Ev SSH_USE_STRONG_RNG
|
||||||
|
+The reseeding of the OpenSSL random generator is usually done from
|
||||||
|
+.Cm /dev/urandom .
|
||||||
|
+If the
|
||||||
|
+.Cm SSH_USE_STRONG_RNG
|
||||||
|
+environment variable is set to value other than
|
||||||
|
+.Cm 0
|
||||||
|
+the OpenSSL random generator is reseeded from
|
||||||
|
+.Cm /dev/random .
|
||||||
|
+The number of bytes read is defined by the SSH_USE_STRONG_RNG value.
|
||||||
|
+Minimum is 6 bytes.
|
||||||
|
+This setting is not recommended on the computers without the hardware
|
||||||
|
+random generator because insufficient entropy causes the connection to
|
||||||
|
+be blocked until enough entropy is available.
|
||||||
|
.El
|
||||||
|
.Sh FILES
|
||||||
|
.Bl -tag -width Ds
|
||||||
|
.It Pa ~/.ssh/identity
|
||||||
|
Contains the protocol version 1 RSA authentication identity of the user.
|
||||||
|
.It Pa ~/.ssh/id_dsa
|
||||||
|
Contains the protocol version 2 DSA authentication identity of the user.
|
||||||
|
.It Pa ~/.ssh/id_ecdsa
|
||||||
|
diff --git a/openssh-7.2p2/ssh-agent.1 b/openssh-7.2p2/ssh-agent.1
|
||||||
|
--- a/openssh-7.2p2/ssh-agent.1
|
||||||
|
+++ b/openssh-7.2p2/ssh-agent.1
|
||||||
|
@@ -196,16 +196,33 @@ line terminates.
|
||||||
|
.Sh FILES
|
||||||
|
.Bl -tag -width Ds
|
||||||
|
.It Pa $TMPDIR/ssh-XXXXXXXXXX/agent.\*(Ltppid\*(Gt
|
||||||
|
.Ux Ns -domain
|
||||||
|
sockets used to contain the connection to the authentication agent.
|
||||||
|
These sockets should only be readable by the owner.
|
||||||
|
The sockets should get automatically removed when the agent exits.
|
||||||
|
.El
|
||||||
|
+.Sh ENVIRONMENT
|
||||||
|
+.Bl -tag -width Ds -compact
|
||||||
|
+.Pp
|
||||||
|
+.It Pa SSH_USE_STRONG_RNG
|
||||||
|
+The reseeding of the OpenSSL random generator is usually done from
|
||||||
|
+.Cm /dev/urandom .
|
||||||
|
+If the
|
||||||
|
+.Cm SSH_USE_STRONG_RNG
|
||||||
|
+environment variable is set to value other than
|
||||||
|
+.Cm 0
|
||||||
|
+the OpenSSL random generator is reseeded from
|
||||||
|
+.Cm /dev/random .
|
||||||
|
+The number of bytes read is defined by the SSH_USE_STRONG_RNG value.
|
||||||
|
+Minimum is 6 bytes.
|
||||||
|
+This setting is not recommended on the computers without the hardware
|
||||||
|
+random generator because insufficient entropy causes the connection to
|
||||||
|
+be blocked until enough entropy is available.
|
||||||
|
.Sh SEE ALSO
|
||||||
|
.Xr ssh 1 ,
|
||||||
|
.Xr ssh-add 1 ,
|
||||||
|
.Xr ssh-keygen 1 ,
|
||||||
|
.Xr sshd 8
|
||||||
|
.Sh AUTHORS
|
||||||
|
OpenSSH is a derivative of the original and free
|
||||||
|
ssh 1.2.12 release by Tatu Ylonen.
|
||||||
|
diff --git a/openssh-7.2p2/ssh-keygen.1 b/openssh-7.2p2/ssh-keygen.1
|
||||||
|
--- a/openssh-7.2p2/ssh-keygen.1
|
||||||
|
+++ b/openssh-7.2p2/ssh-keygen.1
|
||||||
|
@@ -841,16 +841,33 @@ on all machines
|
||||||
|
where the user wishes to log in using public key authentication.
|
||||||
|
There is no need to keep the contents of this file secret.
|
||||||
|
.Pp
|
||||||
|
.It Pa /etc/moduli
|
||||||
|
Contains Diffie-Hellman groups used for DH-GEX.
|
||||||
|
The file format is described in
|
||||||
|
.Xr moduli 5 .
|
||||||
|
.El
|
||||||
|
+.Sh ENVIRONMENT
|
||||||
|
+.Bl -tag -width Ds -compact
|
||||||
|
+.Pp
|
||||||
|
+.It Pa SSH_USE_STRONG_RNG
|
||||||
|
+The reseeding of the OpenSSL random generator is usually done from
|
||||||
|
+.Cm /dev/urandom .
|
||||||
|
+If the
|
||||||
|
+.Cm SSH_USE_STRONG_RNG
|
||||||
|
+environment variable is set to value other than
|
||||||
|
+.Cm 0
|
||||||
|
+the OpenSSL random generator is reseeded from
|
||||||
|
+.Cm /dev/random .
|
||||||
|
+The number of bytes read is defined by the SSH_USE_STRONG_RNG value.
|
||||||
|
+Minimum is 6 bytes.
|
||||||
|
+This setting is not recommended on the computers without the hardware
|
||||||
|
+random generator because insufficient entropy causes the connection to
|
||||||
|
+be blocked until enough entropy is available.
|
||||||
|
.Sh SEE ALSO
|
||||||
|
.Xr ssh 1 ,
|
||||||
|
.Xr ssh-add 1 ,
|
||||||
|
.Xr ssh-agent 1 ,
|
||||||
|
.Xr moduli 5 ,
|
||||||
|
.Xr sshd 8
|
||||||
|
.Rs
|
||||||
|
.%R RFC 4716
|
||||||
|
diff --git a/openssh-7.2p2/ssh-keysign.8 b/openssh-7.2p2/ssh-keysign.8
|
||||||
|
--- a/openssh-7.2p2/ssh-keysign.8
|
||||||
|
+++ b/openssh-7.2p2/ssh-keysign.8
|
||||||
|
@@ -75,16 +75,33 @@ must be set-uid root if host-based authe
|
||||||
|
.Pp
|
||||||
|
.It Pa /etc/ssh/ssh_host_dsa_key-cert.pub
|
||||||
|
.It Pa /etc/ssh/ssh_host_ecdsa_key-cert.pub
|
||||||
|
.It Pa /etc/ssh/ssh_host_ed25519_key-cert.pub
|
||||||
|
.It Pa /etc/ssh/ssh_host_rsa_key-cert.pub
|
||||||
|
If these files exist they are assumed to contain public certificate
|
||||||
|
information corresponding with the private keys above.
|
||||||
|
.El
|
||||||
|
+.Sh ENVIRONMENT
|
||||||
|
+.Bl -tag -width Ds -compact
|
||||||
|
+.Pp
|
||||||
|
+.It Pa SSH_USE_STRONG_RNG
|
||||||
|
+The reseeding of the OpenSSL random generator is usually done from
|
||||||
|
+.Cm /dev/urandom .
|
||||||
|
+If the
|
||||||
|
+.Cm SSH_USE_STRONG_RNG
|
||||||
|
+environment variable is set to value other than
|
||||||
|
+.Cm 0
|
||||||
|
+the OpenSSL random generator is reseeded from
|
||||||
|
+.Cm /dev/random .
|
||||||
|
+The number of bytes read is defined by the SSH_USE_STRONG_RNG value.
|
||||||
|
+Minimum is 6 bytes.
|
||||||
|
+This setting is not recommended on the computers without the hardware
|
||||||
|
+random generator because insufficient entropy causes the connection to
|
||||||
|
+be blocked until enough entropy is available.
|
||||||
|
.Sh SEE ALSO
|
||||||
|
.Xr ssh 1 ,
|
||||||
|
.Xr ssh-keygen 1 ,
|
||||||
|
.Xr ssh_config 5 ,
|
||||||
|
.Xr sshd 8
|
||||||
|
.Sh HISTORY
|
||||||
|
.Nm
|
||||||
|
first appeared in
|
||||||
|
diff --git a/openssh-7.2p2/ssh.1 b/openssh-7.2p2/ssh.1
|
||||||
|
--- a/openssh-7.2p2/ssh.1
|
||||||
|
+++ b/openssh-7.2p2/ssh.1
|
||||||
|
@@ -1411,16 +1411,30 @@ reads
|
||||||
|
and adds lines of the format
|
||||||
|
.Dq VARNAME=value
|
||||||
|
to the environment if the file exists and users are allowed to
|
||||||
|
change their environment.
|
||||||
|
For more information, see the
|
||||||
|
.Cm PermitUserEnvironment
|
||||||
|
option in
|
||||||
|
.Xr sshd_config 5 .
|
||||||
|
+.It Ev SSH_USE_STRONG_RNG
|
||||||
|
+The reseeding of the OpenSSL random generator is usually done from
|
||||||
|
+.Cm /dev/urandom .
|
||||||
|
+If the
|
||||||
|
+.Cm SSH_USE_STRONG_RNG
|
||||||
|
+environment variable is set to value other than
|
||||||
|
+.Cm 0
|
||||||
|
+the OpenSSL random generator is reseeded from
|
||||||
|
+.Cm /dev/random .
|
||||||
|
+The number of bytes read is defined by the SSH_USE_STRONG_RNG value.
|
||||||
|
+Minimum is 6 bytes.
|
||||||
|
+This setting is not recommended on the computers without the hardware
|
||||||
|
+random generator because insufficient entropy causes the connection to
|
||||||
|
+be blocked until enough entropy is available.
|
||||||
|
.Sh FILES
|
||||||
|
.Bl -tag -width Ds -compact
|
||||||
|
.It Pa ~/.rhosts
|
||||||
|
This file is used for host-based authentication (see above).
|
||||||
|
On some machines this file may need to be
|
||||||
|
world-readable if the user's home directory is on an NFS partition,
|
||||||
|
because
|
||||||
|
.Xr sshd 8
|
||||||
|
diff --git a/openssh-7.2p2/sshd.8 b/openssh-7.2p2/sshd.8
|
||||||
|
--- a/openssh-7.2p2/sshd.8
|
||||||
|
+++ b/openssh-7.2p2/sshd.8
|
||||||
|
@@ -972,16 +972,33 @@ and not group or world-writable.
|
||||||
|
.It Pa /var/run/sshd.pid
|
||||||
|
Contains the process ID of the
|
||||||
|
.Nm
|
||||||
|
listening for connections (if there are several daemons running
|
||||||
|
concurrently for different ports, this contains the process ID of the one
|
||||||
|
started last).
|
||||||
|
The content of this file is not sensitive; it can be world-readable.
|
||||||
|
.El
|
||||||
|
+.Sh ENVIRONMENT
|
||||||
|
+.Bl -tag -width Ds -compact
|
||||||
|
+.Pp
|
||||||
|
+.It Pa SSH_USE_STRONG_RNG
|
||||||
|
+The reseeding of the OpenSSL random generator is usually done from
|
||||||
|
+.Cm /dev/urandom .
|
||||||
|
+If the
|
||||||
|
+.Cm SSH_USE_STRONG_RNG
|
||||||
|
+environment variable is set to value other than
|
||||||
|
+.Cm 0
|
||||||
|
+the OpenSSL random generator is reseeded from
|
||||||
|
+.Cm /dev/random .
|
||||||
|
+The number of bytes read is defined by the SSH_USE_STRONG_RNG value.
|
||||||
|
+Minimum is 6 bytes.
|
||||||
|
+This setting is not recommended on the computers without the hardware
|
||||||
|
+random generator because insufficient entropy causes the connection to
|
||||||
|
+be blocked until enough entropy is available.
|
||||||
|
.Sh SEE ALSO
|
||||||
|
.Xr scp 1 ,
|
||||||
|
.Xr sftp 1 ,
|
||||||
|
.Xr ssh 1 ,
|
||||||
|
.Xr ssh-add 1 ,
|
||||||
|
.Xr ssh-agent 1 ,
|
||||||
|
.Xr ssh-keygen 1 ,
|
||||||
|
.Xr ssh-keyscan 1 ,
|
||||||
|
diff --git a/openssh-7.2p2/sshd.c b/openssh-7.2p2/sshd.c
|
||||||
|
--- a/openssh-7.2p2/sshd.c
|
||||||
|
+++ b/openssh-7.2p2/sshd.c
|
||||||
|
@@ -50,16 +50,18 @@
|
||||||
|
#ifdef HAVE_SYS_STAT_H
|
||||||
|
# include <sys/stat.h>
|
||||||
|
#endif
|
||||||
|
#ifdef HAVE_SYS_TIME_H
|
||||||
|
# include <sys/time.h>
|
||||||
|
#endif
|
||||||
|
#include "openbsd-compat/sys-tree.h"
|
||||||
|
#include "openbsd-compat/sys-queue.h"
|
||||||
|
+#include "openbsd-compat/port-linux.h"
|
||||||
|
+
|
||||||
|
#include <sys/wait.h>
|
||||||
|
|
||||||
|
#include <errno.h>
|
||||||
|
#include <fcntl.h>
|
||||||
|
#include <netdb.h>
|
||||||
|
#ifdef HAVE_PATHS_H
|
||||||
|
#include <paths.h>
|
||||||
|
#endif
|
||||||
|
@@ -209,16 +211,23 @@ struct {
|
||||||
|
Key **host_pubkeys; /* all public host keys */
|
||||||
|
Key **host_certificates; /* all public host certificates */
|
||||||
|
int have_ssh1_key;
|
||||||
|
int have_ssh2_key;
|
||||||
|
u_char ssh1_cookie[SSH_SESSION_KEY_LENGTH];
|
||||||
|
} sensitive_data;
|
||||||
|
|
||||||
|
/*
|
||||||
|
+ * Every RESEED_AFTERth connection triggers call to linux_seed() to re-seed the
|
||||||
|
+ * random pool.
|
||||||
|
+ */
|
||||||
|
+#define RESEED_AFTER 100
|
||||||
|
+static int re_seeding_counter = RESEED_AFTER;
|
||||||
|
+
|
||||||
|
+/*
|
||||||
|
* Flag indicating whether the RSA server key needs to be regenerated.
|
||||||
|
* Is set in the SIGALRM handler and cleared when the key is regenerated.
|
||||||
|
*/
|
||||||
|
static volatile sig_atomic_t key_do_regen = 0;
|
||||||
|
|
||||||
|
/* This is set to true when a signal is received. */
|
||||||
|
static volatile sig_atomic_t received_sighup = 0;
|
||||||
|
static volatile sig_atomic_t received_sigterm = 0;
|
||||||
|
@@ -1343,16 +1352,20 @@ server_accept_loop(int *sock_in, int *so
|
||||||
|
for (j = 0; j < options.max_startups; j++)
|
||||||
|
if (startup_pipes[j] == -1) {
|
||||||
|
startup_pipes[j] = startup_p[0];
|
||||||
|
if (maxfd < startup_p[0])
|
||||||
|
maxfd = startup_p[0];
|
||||||
|
startups++;
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
+ if(!(--re_seeding_counter)) {
|
||||||
|
+ re_seeding_counter = RESEED_AFTER;
|
||||||
|
+ linux_seed();
|
||||||
|
+ }
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Got connection. Fork a child to handle it, unless
|
||||||
|
* we are in debugging mode.
|
||||||
|
*/
|
||||||
|
if (debug_flag) {
|
||||||
|
/*
|
||||||
|
* In debugging mode. Close the listening
|
@ -1,7 +1,7 @@
|
|||||||
#
|
#
|
||||||
# spec file for package openssh-askpass-gnome
|
# spec file for package openssh-askpass-gnome
|
||||||
#
|
#
|
||||||
# Copyright (c) 2016 SUSE LINUX GmbH, Nuernberg, Germany.
|
# Copyright (c) 2016 SUSE LINUX Products GmbH, Nuernberg, Germany.
|
||||||
#
|
#
|
||||||
# All modifications and additions to the file contributed by third parties
|
# All modifications and additions to the file contributed by third parties
|
||||||
# remain the property of their copyright owners, unless otherwise agreed
|
# remain the property of their copyright owners, unless otherwise agreed
|
||||||
|
@ -1,3 +1,13 @@
|
|||||||
|
-------------------------------------------------------------------
|
||||||
|
Fri Sep 16 12:45:11 UTC 2016 - pcerny@suse.com
|
||||||
|
|
||||||
|
- FIPS compatibility (no selfchecks, only crypto restrictions)
|
||||||
|
[openssh-7.2p2-fips.patch]
|
||||||
|
- PRNG re-seeding
|
||||||
|
[openssh-7.2p2-seed-prng.patch]
|
||||||
|
- preliminary version of GSSAPI KEX
|
||||||
|
[openssh-7.2p2-gssapi_key_exchange.patch]
|
||||||
|
|
||||||
-------------------------------------------------------------------
|
-------------------------------------------------------------------
|
||||||
Mon Jul 25 13:46:06 UTC 2016 - meissner@suse.com
|
Mon Jul 25 13:46:06 UTC 2016 - meissner@suse.com
|
||||||
|
|
||||||
|
@ -1,7 +1,7 @@
|
|||||||
#
|
#
|
||||||
# spec file for package openssh
|
# spec file for package openssh
|
||||||
#
|
#
|
||||||
# Copyright (c) 2016 SUSE LINUX GmbH, Nuernberg, Germany.
|
# Copyright (c) 2016 SUSE LINUX Products GmbH, Nuernberg, Germany.
|
||||||
#
|
#
|
||||||
# All modifications and additions to the file contributed by third parties
|
# All modifications and additions to the file contributed by third parties
|
||||||
# remain the property of their copyright owners, unless otherwise agreed
|
# remain the property of their copyright owners, unless otherwise agreed
|
||||||
@ -125,6 +125,9 @@ Patch12: openssh-7.2p2-pam_check_locks.patch
|
|||||||
Patch13: openssh-7.2p2-disable_short_DH_parameters.patch
|
Patch13: openssh-7.2p2-disable_short_DH_parameters.patch
|
||||||
Patch14: openssh-7.2p2-seccomp_getuid.patch
|
Patch14: openssh-7.2p2-seccomp_getuid.patch
|
||||||
Patch15: openssh-7.2p2-seccomp_stat.patch
|
Patch15: openssh-7.2p2-seccomp_stat.patch
|
||||||
|
Patch16: openssh-7.2p2-fips.patch
|
||||||
|
Patch17: openssh-7.2p2-seed-prng.patch
|
||||||
|
Patch18: openssh-7.2p2-gssapi_key_exchange.patch
|
||||||
BuildRoot: %{_tmppath}/%{name}-%{version}-build
|
BuildRoot: %{_tmppath}/%{name}-%{version}-build
|
||||||
Conflicts: nonfreessh
|
Conflicts: nonfreessh
|
||||||
Recommends: audit
|
Recommends: audit
|
||||||
@ -192,6 +195,9 @@ FIPS140 CAVS tests related parts of the OpenSSH package
|
|||||||
%patch13 -p2
|
%patch13 -p2
|
||||||
%patch14 -p2
|
%patch14 -p2
|
||||||
%patch15 -p2
|
%patch15 -p2
|
||||||
|
%patch16 -p2
|
||||||
|
%patch17 -p2
|
||||||
|
%patch18 -p2
|
||||||
cp %{SOURCE3} %{SOURCE4} %{SOURCE11} .
|
cp %{SOURCE3} %{SOURCE4} %{SOURCE11} .
|
||||||
|
|
||||||
%build
|
%build
|
||||||
|
Loading…
Reference in New Issue
Block a user