pool/openssh
SHA256
2
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Accepting request 500279 from home:pcerny:factory

Browse Source 
- Fix preauth seccomp separation on mainframes (bsc#1016709)
  [openssh-7.2p2-s390_hw_crypto_syscalls.patch]
  [openssh-7.2p2-s390_OpenSSL-ibmpkcs11_syscalls.patch]
- enable case-insensitive hostname matching (bsc#1017099)
  [openssh-7.2p2-ssh_case_insensitive_host_matching.patch]
- add CAVS tests 
  [openssh-7.2p2-cavstest-ctr.patch]
  [openssh-7.2p2-cavstest-kdf.patch]
- Adding missing pieces for user matching (bsc#1021626)
- Properly verify CIDR masks in configuration
  (bsc#1005893)
  [openssh-7.2p2-verify_CIDR_address_ranges.patch]
- Remove pre-auth compression support from the server to prevent
  possible cryptographic attacks.
  (CVE-2016-10012, bsc#1016370)
  [openssh-7.2p2-disable_preauth_compression.patch]
- limit directories for loading PKCS11 modules
  (CVE-2016-10009, bsc#1016366)
  [openssh-7.2p2-restrict_pkcs11-modules.patch]
- Prevent possible leaks of host private keys to low-privilege
  process handling authentication
  (CVE-2016-10011, bsc#1016369)
  [openssh-7.2p2-prevent_private_key_leakage.patch]
- Do not allow unix socket forwarding when running without
  privilege separation
  (CVE-2016-10010, bsc#1016368)
  [openssh-7.2p2-secure_unix_sockets_forwarding.patch]
- prevent resource depletion during key exchange
  (bsc#1005480, CVE-2016-8858)
  [openssh-7.2p2-kex_resource_depletion.patch]

OBS-URL: https://build.opensuse.org/request/show/500279
OBS-URL: https://build.opensuse.org/package/show/network/openssh?expand=0&rev=117
This commit is contained in:
Petr Cerny 2017-05-31 23:09:14 +00:00 committed by Git OBS Bridge
parent 5829a44f01
commit e8b9919265
37 changed files with 3388 additions and 90 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
README.SUSE
View File

@ -22,5 +22,8 @@ There are following changes in default settings of ssh client and server:
- the size of DSA keys is limited by the standard to 1024 bits which cannot
be considered safe any more.
* Accepting all RFC4419 specified DH group parameters. See KexDHMin in
ssh_config and sshd_config manual pages.
For more information on differences in SUSE OpenSSH package see README.FIPS

1
README.kerberos
View File

@ -1,4 +1,3 @@
This version of the Kerbros/GSSAPI support avoids DNS lookups
for Kerberos-related names. These DNS lookups were problematic
for dialup users because they would lead to excessive delays

2
openssh-7.2p2-IPv6_X_forwarding.patch
View File

@ -1,5 +1,5 @@
# HG changeset patch
# Parent 8c4cb20b9633595de68131224b2d434e8dc41e17
# Parent 9130c9e19c8a076a7f6f214070283cd3e0326894
Correctly parse DISPLAY variable for cases where it contains an IPv6 address
(which should - but not always is - in (square) brackets).

2
openssh-7.2p2-X_forward_with_disabled_ipv6.patch
View File

@ -1,5 +1,5 @@
# HG changeset patch
# Parent 28e8840bbf49c6e603bf2b55a08ed9050a60f9fb
# Parent 2afee80335d5ef7efcf64f3a797e9b10ce0de4ae
Do not throw away already open sockets for X11 forwarding if another socket
family is not available for bind()

18
openssh-7.2p2-audit.patch
View File

@ -1,22 +1,20 @@
# HG changeset patch
# Parent af5c4026e36e7aa181c164d2eca72b7e2a8a897a
# Parent 83f18171bc2394ccd39fb176fe110b529da83a78
Extended auditing through the Linux Auditing subsystem
diff --git a/openssh-7.2p2/Makefile.in b/openssh-7.2p2/Makefile.in
--- a/openssh-7.2p2/Makefile.in
+++ b/openssh-7.2p2/Makefile.in
@@ -88,17 +88,18 @@ LIBSSH_OBJS=${LIBOPENSSH_OBJS} \
ssh-pkcs11.o smult_curve25519_ref.o \
poly1305.o chacha.o cipher-chachapoly.o \
@@ -94,16 +94,17 @@ LIBSSH_OBJS=${LIBOPENSSH_OBJS} \
ssh-ed25519.o digest-openssl.o digest-libc.o hmac.o \
sc25519.o ge25519.o fe25519.o ed25519.o verify.o hash.o blocks.o \
kex.o kexdh.o kexgex.o kexecdh.o kexc25519.o \
kexdhc.o kexgexc.o kexecdhc.o kexc25519c.o kexgssc.o \
kexdhs.o kexgexs.o kexecdhs.o kexc25519s.o kexgsss.o \
platform-pledge.o \
- fips.o
+ fips.o \
+ auditstub.o
platform-pledge.o
LIBSSH_OBJS += fips.o
+LIBSSH_OBJS += auditstub.o
SSHOBJS= ssh.o readconf.o clientloop.o sshtty.o \
sshconnect.o sshconnect1.o sshconnect2.o mux.o
@ -2433,8 +2431,8 @@ diff --git a/openssh-7.2p2/packet.h b/openssh-7.2p2/packet.h
diff --git a/openssh-7.2p2/sandbox-seccomp-filter.c b/openssh-7.2p2/sandbox-seccomp-filter.c
--- a/openssh-7.2p2/sandbox-seccomp-filter.c
+++ b/openssh-7.2p2/sandbox-seccomp-filter.c
@@ -157,16 +157,22 @@ static const struct sock_filter preauth_
SC_ALLOW(getuid32),
@@ -163,16 +163,22 @@ static const struct sock_filter preauth_
SC_ALLOW(geteuid32),
#endif
#ifdef __NR_getrandom
SC_ALLOW(getrandom),

28
openssh-7.2p2-audit_fixes.patch Normal file
View File

@ -0,0 +1,28 @@
# HG changeset patch
# Parent 51a3a8eab1493a799c5a9df95e8e757f872886d0
Various auditing fixes to be merged into the RH-originated patch.
diff --git a/openssh-7.2p2/packet.c b/openssh-7.2p2/packet.c
--- a/openssh-7.2p2/packet.c
+++ b/openssh-7.2p2/packet.c
@@ -375,16 +375,20 @@ ssh_packet_start_discard(struct ssh *ssh
int
ssh_packet_connection_is_on_socket(struct ssh *ssh)
{
struct session_state *state = ssh->state;
struct sockaddr_storage from, to;
socklen_t fromlen, tolen;
+ /* auditing might get here without valid connection structure when
+ * destroying sensitive data on exit and thus aborting disgracefully */
+ if (!ssh)
+ return 0;
/* filedescriptors in and out are the same, so it's a socket */
if (state->connection_in == state->connection_out)
return 1;
fromlen = sizeof(from);
memset(&from, 0, sizeof(from));
if (getpeername(state->connection_in, (struct sockaddr *)&from,
&fromlen) < 0)
return 0;

2
openssh-7.2p2-audit_seed_prng.patch
View File

@ -1,5 +1,5 @@
# HG changeset patch
# Parent 3aad88a155050008275527c0624ae6fa05d0cdad
# Parent e6ff441d171012183f7bd37cb7399473e8376acd
Audit PRNG re-seeding
diff --git a/openssh-7.2p2/audit-bsm.c b/openssh-7.2p2/audit-bsm.c

300
openssh-7.2p2-cavstest-ctr.patch Normal file
View File

@ -0,0 +1,300 @@
# HG changeset patch
# Parent cb502e7e796ac9289a571167a97ad9ec91562efb
CAVS test for OpenSSH's own CTR encryption mode implementation
diff --git a/openssh-7.2p2/Makefile.in b/openssh-7.2p2/Makefile.in
--- a/openssh-7.2p2/Makefile.in
+++ b/openssh-7.2p2/Makefile.in
@@ -21,16 +21,17 @@ top_srcdir=@top_srcdir@
DESTDIR=
VPATH=@srcdir@
SSH_PROGRAM=@bindir@/ssh
ASKPASS_PROGRAM=$(libexecdir)/ssh-askpass
SFTP_SERVER=$(libexecdir)/sftp-server
SSH_KEYSIGN=$(libexecdir)/ssh-keysign
SSH_PKCS11_HELPER=$(libexecdir)/ssh-pkcs11-helper
+CAVSTEST_CTR=$(libexecdir)/cavstest-ctr
PRIVSEP_PATH=@PRIVSEP_PATH@
SSH_PRIVSEP_USER=@SSH_PRIVSEP_USER@
STRIP_OPT=@STRIP_OPT@
TEST_SHELL=@TEST_SHELL@
PATHS= -DSSHDIR=\"$(sysconfdir)\" \
-D_PATH_SSH_PROGRAM=\"$(SSH_PROGRAM)\" \
-D_PATH_SSH_ASKPASS_DEFAULT=\"$(ASKPASS_PROGRAM)\" \
@@ -59,16 +60,18 @@ SED=@SED@
ENT=@ENT@
XAUTH_PATH=@XAUTH_PATH@
LDFLAGS=-L. -Lopenbsd-compat/ @LDFLAGS@
EXEEXT=@EXEEXT@
MANFMT=@MANFMT@
TARGETS=ssh$(EXEEXT) sshd$(EXEEXT) ssh-add$(EXEEXT) ssh-keygen$(EXEEXT) ssh-keyscan${EXEEXT} ssh-keysign${EXEEXT} ssh-pkcs11-helper$(EXEEXT) ssh-agent$(EXEEXT) scp$(EXEEXT) sftp-server$(EXEEXT) sftp$(EXEEXT)
+TARGETS += cavstest-ctr$(EXEEXT)
+
LIBOPENSSH_OBJS=\
ssh_api.o \
ssherr.o \
sshbuf.o \
sshkey.o \
sshbuf-getput-basic.o \
sshbuf-misc.o \
sshbuf-getput-crypto.o \
@@ -190,16 +193,20 @@ ssh-keyscan$(EXEEXT): $(LIBCOMPAT) libss
$(LD) -o $@ ssh-keyscan.o $(LDFLAGS) -lssh -lopenbsd-compat -lssh $(LIBS)
sftp-server$(EXEEXT): $(LIBCOMPAT) libssh.a sftp.o sftp-common.o sftp-server.o sftp-server-main.o
$(LD) -o $@ sftp-server.o sftp-common.o sftp-server-main.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS)
sftp$(EXEEXT): $(LIBCOMPAT) libssh.a sftp.o sftp-client.o sftp-common.o sftp-glob.o progressmeter.o
$(LD) -o $@ progressmeter.o sftp.o sftp-client.o sftp-common.o sftp-glob.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS) $(LIBEDIT)
+# FIPS tests
+cavstest-ctr$(EXEEXT): $(LIBCOMPAT) libssh.a cavstest-ctr.o
+ $(LD) -o $@ cavstest-ctr.o $(LDFLAGS) -lssh -lopenbsd-compat -lssh $(LIBS)
+
# test driver for the loginrec code - not built by default
logintest: logintest.o $(LIBCOMPAT) libssh.a loginrec.o
$(LD) -o $@ logintest.o $(LDFLAGS) loginrec.o -lopenbsd-compat -lssh $(LIBS)
$(MANPAGES): $(MANPAGES_IN)
if test "$(MANTYPE)" = "cat"; then \
manpage=$(srcdir)/`echo $@ | sed 's/\.[1-9]\.out$$/\.0/'`; \
else \
@@ -310,16 +317,17 @@ install-files:
$(INSTALL) -m 0755 $(STRIP_OPT) ssh-agent$(EXEEXT) $(DESTDIR)$(bindir)/ssh-agent$(EXEEXT)
$(INSTALL) -m 0755 $(STRIP_OPT) ssh-keygen$(EXEEXT) $(DESTDIR)$(bindir)/ssh-keygen$(EXEEXT)
$(INSTALL) -m 0755 $(STRIP_OPT) ssh-keyscan$(EXEEXT) $(DESTDIR)$(bindir)/ssh-keyscan$(EXEEXT)
$(INSTALL) -m 0755 $(STRIP_OPT) sshd$(EXEEXT) $(DESTDIR)$(sbindir)/sshd$(EXEEXT)
$(INSTALL) -m 4711 $(STRIP_OPT) ssh-keysign$(EXEEXT) $(DESTDIR)$(SSH_KEYSIGN)$(EXEEXT)
$(INSTALL) -m 0755 $(STRIP_OPT) ssh-pkcs11-helper$(EXEEXT) $(DESTDIR)$(SSH_PKCS11_HELPER)$(EXEEXT)
$(INSTALL) -m 0755 $(STRIP_OPT) sftp$(EXEEXT) $(DESTDIR)$(bindir)/sftp$(EXEEXT)
$(INSTALL) -m 0755 $(STRIP_OPT) sftp-server$(EXEEXT) $(DESTDIR)$(SFTP_SERVER)$(EXEEXT)
+ $(INSTALL) -m 0755 $(STRIP_OPT) cavstest-ctr$(EXEEXT) $(DESTDIR)$(libexecdir)/cavstest-ctr$(EXEEXT)
$(INSTALL) -m 644 ssh.1.out $(DESTDIR)$(mandir)/$(mansubdir)1/ssh.1
$(INSTALL) -m 644 scp.1.out $(DESTDIR)$(mandir)/$(mansubdir)1/scp.1
$(INSTALL) -m 644 ssh-add.1.out $(DESTDIR)$(mandir)/$(mansubdir)1/ssh-add.1
$(INSTALL) -m 644 ssh-agent.1.out $(DESTDIR)$(mandir)/$(mansubdir)1/ssh-agent.1
$(INSTALL) -m 644 ssh-keygen.1.out $(DESTDIR)$(mandir)/$(mansubdir)1/ssh-keygen.1
$(INSTALL) -m 644 ssh-keyscan.1.out $(DESTDIR)$(mandir)/$(mansubdir)1/ssh-keyscan.1
$(INSTALL) -m 644 moduli.5.out $(DESTDIR)$(mandir)/$(mansubdir)5/moduli.5
$(INSTALL) -m 644 sshd_config.5.out $(DESTDIR)$(mandir)/$(mansubdir)5/sshd_config.5
diff --git a/openssh-7.2p2/cavstest-ctr.c b/openssh-7.2p2/cavstest-ctr.c
new file mode 100644
--- /dev/null
+++ b/openssh-7.2p2/cavstest-ctr.c
@@ -0,0 +1,212 @@
+/*
+ *
+ * invocation (all of the following are equal):
+ * ./ctr-cavstest --algo aes128-ctr --key 987212980144b6a632e864031f52dacc --mode encrypt --data a6deca405eef2e8e4609abf3c3ccf4a6
+ * ./ctr-cavstest --algo aes128-ctr --key 987212980144b6a632e864031f52dacc --mode encrypt --data a6deca405eef2e8e4609abf3c3ccf4a6 --iv 00000000000000000000000000000000
+ * echo -n a6deca405eef2e8e4609abf3c3ccf4a6 | ./ctr-cavstest --algo aes128-ctr --key 987212980144b6a632e864031f52dacc --mode encrypt
+ */
+
+#include "includes.h"
+
+#include <sys/types.h>
+#include <sys/param.h>
+#include <stdarg.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <ctype.h>
+
+#include "xmalloc.h"
+#include "log.h"
+#include "cipher.h"
+
+/* compatibility with old or broken OpenSSL versions */
+#include "openbsd-compat/openssl-compat.h"
+
+void
+usage(void)
+{
+ fprintf(stderr, "Usage: ctr-cavstest --algo <ssh-crypto-algorithm>\n"
+ " --key <hexadecimal-key> --mode <encrypt|decrypt>\n"
+ " [--iv <hexadecimal-iv>] --data <hexadecimal-data>\n\n"
+ "Hexadecimal output is printed to stdout.\n"
+ "Hexadecimal input data can be alternatively read from stdin.\n");
+ exit(1);
+}
+
+void *
+fromhex(char *hex, size_t * len)
+{
+ unsigned char *bin;
+ char *p;
+ size_t n = 0;
+ int shift = 4;
+ unsigned char out = 0;
+ unsigned char *optr;
+
+ bin = xmalloc(strlen(hex) / 2);
+ optr = bin;
+
+ for (p = hex; *p != '\0'; ++p) {
+ unsigned char c;
+
+ c = *p;
+ if (isspace(c))
+ continue;
+
+ if (c >= '0' && c <= '9') {
+ c = c - '0';
+ } else if (c >= 'A' && c <= 'F') {
+ c = c - 'A' + 10;
+ } else if (c >= 'a' && c <= 'f') {
+ c = c - 'a' + 10;
+ } else {
+ /* truncate on nonhex cipher */
+ break;
+ }
+
+ out |= c << shift;
+ shift = (shift + 4) % 8;
+
+ if (shift) {
+ *(optr++) = out;
+ out = 0;
+ ++n;
+ }
+ }
+
+ *len = n;
+ return bin;
+}
+
+#define READ_CHUNK 4096
+#define MAX_READ_SIZE 1024*1024*100
+char *
+read_stdin(void)
+{
+ char *buf;
+ size_t n, total = 0;
+
+ buf = xmalloc(READ_CHUNK);
+
+ do {
+ n = fread(buf + total, 1, READ_CHUNK, stdin);
+ if (n < READ_CHUNK) /* terminate on short read */
+ break;
+
+ total += n;
+ buf = xreallocarray(buf, total + READ_CHUNK, 1);
+ } while (total < MAX_READ_SIZE);
+ return buf;
+}
+
+int
+main(int argc, char *argv[])
+{
+
+ struct sshcipher *c;
+ struct sshcipher_ctx cc;
+ char *algo = "aes128-ctr";
+ char *hexkey = NULL;
+ char *hexiv = "00000000000000000000000000000000";
+ char *hexdata = NULL;
+ char *p;
+ int i;
+ int encrypt = 1;
+ void *key;
+ size_t keylen;
+ void *iv;
+ size_t ivlen;
+ void *data;
+ size_t datalen;
+ void *outdata;
+
+ for (i = 1; i < argc; ++i) {
+ if (strcmp(argv[i], "--algo") == 0) {
+ algo = argv[++i];
+ } else if (strcmp(argv[i], "--key") == 0) {
+ hexkey = argv[++i];
+ } else if (strcmp(argv[i], "--mode") == 0) {
+ ++i;
+ if (argv[i] == NULL) {
+ usage();
+ }
+ if (strncmp(argv[i], "enc", 3) == 0) {
+ encrypt = 1;
+ } else if (strncmp(argv[i], "dec", 3) == 0) {
+ encrypt = 0;
+ } else {
+ usage();
+ }
+ } else if (strcmp(argv[i], "--iv") == 0) {
+ hexiv = argv[++i];
+ } else if (strcmp(argv[i], "--data") == 0) {
+ hexdata = argv[++i];
+ }
+ }
+
+ if (hexkey == NULL || algo == NULL) {
+ usage();
+ }
+
+ SSLeay_add_all_algorithms();
+
+ c = cipher_by_name(algo);
+ if (c == NULL) {
+ fprintf(stderr, "Error: unknown algorithm\n");
+ return 2;
+ }
+
+ if (hexdata == NULL) {
+ hexdata = read_stdin();
+ } else {
+ hexdata = xstrdup(hexdata);
+ }
+
+ key = fromhex(hexkey, &keylen);
+
+ if (keylen != 16 && keylen != 24 && keylen == 32) {
+ fprintf(stderr, "Error: unsupported key length\n");
+ return 2;
+ }
+
+ iv = fromhex(hexiv, &ivlen);
+
+ if (ivlen != 16) {
+ fprintf(stderr, "Error: unsupported iv length\n");
+ return 2;
+ }
+
+ data = fromhex(hexdata, &datalen);
+
+ if (data == NULL || datalen == 0) {
+ fprintf(stderr, "Error: no data to encrypt/decrypt\n");
+ return 2;
+ }
+
+ cipher_init(&cc, c, key, keylen, iv, ivlen, encrypt);
+
+ free(key);
+ free(iv);
+
+ outdata = malloc(datalen);
+ if (outdata == NULL) {
+ fprintf(stderr, "Error: memory allocation failure\n");
+ return 2;
+ }
+
+ cipher_crypt(&cc, 0, outdata, data, datalen, 0, 0);
+
+ free(data);
+
+ cipher_cleanup(&cc);
+
+ for (p = outdata; datalen > 0; ++p, --datalen) {
+ printf("%02X", (unsigned char) *p);
+ }
+
+ free(outdata);
+
+ printf("\n");
+ return 0;
+}

469
openssh-7.2p2-cavstest-kdf.patch Normal file
View File

@ -0,0 +1,469 @@
# HG changeset patch
# Parent f9ffcfb88e5a9d611a61aee3571050dea67e363e
CAVS test for KDF implementation in OpenSSH
diff --git a/openssh-7.2p2/Makefile.in b/openssh-7.2p2/Makefile.in
--- a/openssh-7.2p2/Makefile.in
+++ b/openssh-7.2p2/Makefile.in
@@ -22,16 +22,17 @@ top_srcdir=@top_srcdir@
DESTDIR=
VPATH=@srcdir@
SSH_PROGRAM=@bindir@/ssh
ASKPASS_PROGRAM=$(libexecdir)/ssh-askpass
SFTP_SERVER=$(libexecdir)/sftp-server
SSH_KEYSIGN=$(libexecdir)/ssh-keysign
SSH_PKCS11_HELPER=$(libexecdir)/ssh-pkcs11-helper
CAVSTEST_CTR=$(libexecdir)/cavstest-ctr
+CAVSTEST_KDF=$(libexecdir)/cavstest-kdf
PRIVSEP_PATH=@PRIVSEP_PATH@
SSH_PRIVSEP_USER=@SSH_PRIVSEP_USER@
STRIP_OPT=@STRIP_OPT@
TEST_SHELL=@TEST_SHELL@
PATHS= -DSSHDIR=\"$(sysconfdir)\" \
-D_PATH_SSH_PROGRAM=\"$(SSH_PROGRAM)\" \
-D_PATH_SSH_ASKPASS_DEFAULT=\"$(ASKPASS_PROGRAM)\" \
@@ -60,17 +61,17 @@ SED=@SED@
ENT=@ENT@
XAUTH_PATH=@XAUTH_PATH@
LDFLAGS=-L. -Lopenbsd-compat/ @LDFLAGS@
EXEEXT=@EXEEXT@
MANFMT=@MANFMT@
TARGETS=ssh$(EXEEXT) sshd$(EXEEXT) ssh-add$(EXEEXT) ssh-keygen$(EXEEXT) ssh-keyscan${EXEEXT} ssh-keysign${EXEEXT} ssh-pkcs11-helper$(EXEEXT) ssh-agent$(EXEEXT) scp$(EXEEXT) sftp-server$(EXEEXT) sftp$(EXEEXT)
-TARGETS += cavstest-ctr$(EXEEXT)
+TARGETS += cavstest-ctr$(EXEEXT) cavstest-kdf$(EXEEXT)
LIBOPENSSH_OBJS=\
ssh_api.o \
ssherr.o \
sshbuf.o \
sshkey.o \
sshbuf-getput-basic.o \
sshbuf-misc.o \
@@ -197,16 +198,19 @@ sftp-server$(EXEEXT): $(LIBCOMPAT) libss
sftp$(EXEEXT): $(LIBCOMPAT) libssh.a sftp.o sftp-client.o sftp-common.o sftp-glob.o progressmeter.o
$(LD) -o $@ progressmeter.o sftp.o sftp-client.o sftp-common.o sftp-glob.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS) $(LIBEDIT)
# FIPS tests
cavstest-ctr$(EXEEXT): $(LIBCOMPAT) libssh.a cavstest-ctr.o
$(LD) -o $@ cavstest-ctr.o $(LDFLAGS) -lssh -lopenbsd-compat -lssh $(LIBS)
+cavstest-kdf$(EXEEXT): $(LIBCOMPAT) libssh.a cavstest-kdf.o
+ $(LD) -o $@ cavstest-kdf.o $(LDFLAGS) -lssh -lopenbsd-compat -lssh $(LIBS)
+
# test driver for the loginrec code - not built by default
logintest: logintest.o $(LIBCOMPAT) libssh.a loginrec.o
$(LD) -o $@ logintest.o $(LDFLAGS) loginrec.o -lopenbsd-compat -lssh $(LIBS)
$(MANPAGES): $(MANPAGES_IN)
if test "$(MANTYPE)" = "cat"; then \
manpage=$(srcdir)/`echo $@ | sed 's/\.[1-9]\.out$$/\.0/'`; \
else \
@@ -318,16 +322,17 @@ install-files:
$(INSTALL) -m 0755 $(STRIP_OPT) ssh-keygen$(EXEEXT) $(DESTDIR)$(bindir)/ssh-keygen$(EXEEXT)
$(INSTALL) -m 0755 $(STRIP_OPT) ssh-keyscan$(EXEEXT) $(DESTDIR)$(bindir)/ssh-keyscan$(EXEEXT)
$(INSTALL) -m 0755 $(STRIP_OPT) sshd$(EXEEXT) $(DESTDIR)$(sbindir)/sshd$(EXEEXT)
$(INSTALL) -m 4711 $(STRIP_OPT) ssh-keysign$(EXEEXT) $(DESTDIR)$(SSH_KEYSIGN)$(EXEEXT)
$(INSTALL) -m 0755 $(STRIP_OPT) ssh-pkcs11-helper$(EXEEXT) $(DESTDIR)$(SSH_PKCS11_HELPER)$(EXEEXT)
$(INSTALL) -m 0755 $(STRIP_OPT) sftp$(EXEEXT) $(DESTDIR)$(bindir)/sftp$(EXEEXT)
$(INSTALL) -m 0755 $(STRIP_OPT) sftp-server$(EXEEXT) $(DESTDIR)$(SFTP_SERVER)$(EXEEXT)
$(INSTALL) -m 0755 $(STRIP_OPT) cavstest-ctr$(EXEEXT) $(DESTDIR)$(libexecdir)/cavstest-ctr$(EXEEXT)
+ $(INSTALL) -m 0755 $(STRIP_OPT) cavstest-kdf$(EXEEXT) $(DESTDIR)$(libexecdir)/cavstest-kdf$(EXEEXT)
$(INSTALL) -m 644 ssh.1.out $(DESTDIR)$(mandir)/$(mansubdir)1/ssh.1
$(INSTALL) -m 644 scp.1.out $(DESTDIR)$(mandir)/$(mansubdir)1/scp.1
$(INSTALL) -m 644 ssh-add.1.out $(DESTDIR)$(mandir)/$(mansubdir)1/ssh-add.1
$(INSTALL) -m 644 ssh-agent.1.out $(DESTDIR)$(mandir)/$(mansubdir)1/ssh-agent.1
$(INSTALL) -m 644 ssh-keygen.1.out $(DESTDIR)$(mandir)/$(mansubdir)1/ssh-keygen.1
$(INSTALL) -m 644 ssh-keyscan.1.out $(DESTDIR)$(mandir)/$(mansubdir)1/ssh-keyscan.1
$(INSTALL) -m 644 moduli.5.out $(DESTDIR)$(mandir)/$(mansubdir)5/moduli.5
$(INSTALL) -m 644 sshd_config.5.out $(DESTDIR)$(mandir)/$(mansubdir)5/sshd_config.5
diff --git a/openssh-7.2p2/cavstest-kdf.c b/openssh-7.2p2/cavstest-kdf.c
new file mode 100644
--- /dev/null
+++ b/openssh-7.2p2/cavstest-kdf.c
@@ -0,0 +1,382 @@
+/*
+ * Copyright (C) 2015, Stephan Mueller <smueller@chronox.de>
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, and the entire permission notice in its entirety,
+ * including the disclaimer of warranties.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. The name of the author may not be used to endorse or promote
+ * products derived from this software without specific prior
+ * written permission.
+ *
+ * ALTERNATIVELY, this product may be distributed under the terms of
+ * the GNU General Public License, in which case the provisions of the GPL2
+ * are required INSTEAD OF the above restrictions. (This clause is
+ * necessary due to a potential bad interaction between the GPL and
+ * the restrictions contained in a BSD-style copyright.)
+ *
+ * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED
+ * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
+ * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE, ALL OF
+ * WHICH ARE HEREBY DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE
+ * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+ * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT
+ * OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR
+ * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
+ * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE
+ * USE OF THIS SOFTWARE, EVEN IF NOT ADVISED OF THE POSSIBILITY OF SUCH
+ * DAMAGE.
+ */
+
+#include "includes.h"
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <errno.h>
+#include <sys/types.h>
+#include <string.h>
+
+#include <openssl/bn.h>
+
+#include "xmalloc.h"
+#include "buffer.h"
+#include "key.h"
+#include "cipher.h"
+#include "kex.h"
+#include "packet.h"
+
+static int bin_char(unsigned char hex)
+{
+ if (48 <= hex && 57 >= hex)
+ return (hex - 48);
+ if (65 <= hex && 70 >= hex)
+ return (hex - 55);
+ if (97 <= hex && 102 >= hex)
+ return (hex - 87);
+ return 0;
+}
+
+/*
+ * Convert hex representation into binary string
+ * @hex input buffer with hex representation
+ * @hexlen length of hex
+ * @bin output buffer with binary data
+ * @binlen length of already allocated bin buffer (should be at least
+ * half of hexlen -- if not, only a fraction of hexlen is converted)
+ */
+static void hex2bin(const char *hex, size_t hexlen,
+ unsigned char *bin, size_t binlen)
+{
+ size_t i = 0;
+ size_t chars = (binlen > (hexlen / 2)) ? (hexlen / 2) : binlen;
+
+ for (i = 0; i < chars; i++) {
+ bin[i] = bin_char(hex[(i*2)]) << 4;
+ bin[i] |= bin_char(hex[((i*2)+1)]);
+ }
+}
+
+/*
+ * Allocate sufficient space for binary representation of hex
+ * and convert hex into bin
+ *
+ * Caller must free bin
+ * @hex input buffer with hex representation
+ * @hexlen length of hex
+ * @bin return value holding the pointer to the newly allocated buffer
+ * @binlen return value holding the allocated size of bin
+ *
+ * return: 0 on success, !0 otherwise
+ */
+static int hex2bin_alloc(const char *hex, size_t hexlen,
+ unsigned char **bin, size_t *binlen)
+{
+ unsigned char *out = NULL;
+ size_t outlen = 0;
+
+ if (!hexlen)
+ return -EINVAL;
+
+ outlen = (hexlen + 1) / 2;
+
+ out = calloc(1, outlen);
+ if (!out)
+ return -errno;
+
+ hex2bin(hex, hexlen, out, outlen);
+ *bin = out;
+ *binlen = outlen;
+ return 0;
+}
+
+static char hex_char_map_l[] = { '0', '1', '2', '3', '4', '5', '6', '7',
+ '8', '9', 'a', 'b', 'c', 'd', 'e', 'f' };
+static char hex_char_map_u[] = { '0', '1', '2', '3', '4', '5', '6', '7',
+ '8', '9', 'A', 'B', 'C', 'D', 'E', 'F' };
+static char hex_char(unsigned int bin, int u)
+{
+ if (bin < sizeof(hex_char_map_l))
+ return (u) ? hex_char_map_u[bin] : hex_char_map_l[bin];
+ return 'X';
+}
+
+/*
+ * Convert binary string into hex representation
+ * @bin input buffer with binary data
+ * @binlen length of bin
+ * @hex output buffer to store hex data
+ * @hexlen length of already allocated hex buffer (should be at least
+ * twice binlen -- if not, only a fraction of binlen is converted)
+ * @u case of hex characters (0=>lower case, 1=>upper case)
+ */
+static void bin2hex(const unsigned char *bin, size_t binlen,
+ char *hex, size_t hexlen, int u)
+{
+ size_t i = 0;
+ size_t chars = (binlen > (hexlen / 2)) ? (hexlen / 2) : binlen;
+
+ for (i = 0; i < chars; i++) {
+ hex[(i*2)] = hex_char((bin[i] >> 4), u);
+ hex[((i*2)+1)] = hex_char((bin[i] & 0x0f), u);
+ }
+}
+
+struct kdf_cavs {
+ unsigned char *K;
+ size_t Klen;
+ unsigned char *H;
+ size_t Hlen;
+ unsigned char *session_id;
+ size_t session_id_len;
+
+ unsigned int iv_len;
+ unsigned int ek_len;
+ unsigned int ik_len;
+};
+
+static int sshkdf_cavs(struct kdf_cavs *test)
+{
+ int ret = 0;
+ struct kex kex;
+ struct ssh ssh;
+ BIGNUM *Kbn = NULL;
+ int mode = 0;
+ struct newkeys *keys_client;
+ struct newkeys *keys_server;
+
+#define HEXOUTLEN 500
+ char hex[HEXOUTLEN];
+
+ memset(&ssh, 0, sizeof(struct ssh));
+ memset(&kex, 0, sizeof(struct kex));
+ ssh.kex = &kex;
+
+ Kbn = BN_new();
+ BN_bin2bn(test->K, test->Klen, Kbn);
+ if (!Kbn) {
+ printf("cannot convert K into BIGNUM\n");
+ ret = 1;
+ goto out;
+ }
+
+ kex.session_id = test->session_id;
+ kex.session_id_len = test->session_id_len;
+
+ /* setup kex */
+
+ /* select the right hash based on struct ssh_digest digests */
+ switch (test->ik_len) {
+ case 20:
+ kex.hash_alg = 2;
+ break;
+ case 32:
+ kex.hash_alg = 3;
+ break;
+ case 48:
+ kex.hash_alg = 4;
+ break;
+ case 64:
+ kex.hash_alg = 5;
+ break;
+ default:
+ printf("Wrong hash type %u\n", test->ik_len);
+ ret = 1;
+ goto out;
+ }
+
+ /* implement choose_enc */
+ for (mode = 0; mode < 2; mode++) {
+ kex.newkeys[mode] = calloc(1, sizeof(struct newkeys));
+ if (!kex.newkeys[mode]) {
+ printf("allocation of newkeys failed\n");
+ ret = 1;
+ goto out;
+ }
+ kex.newkeys[mode]->enc.iv_len = test->iv_len;
+ kex.newkeys[mode]->enc.key_len = test->ek_len;
+ kex.newkeys[mode]->enc.block_size = (test->iv_len == 64) ? 8 : 16;
+ kex.newkeys[mode]->mac.key_len = test->ik_len;
+ }
+
+ /* implement kex_choose_conf */
+ kex.we_need = kex.newkeys[0]->enc.key_len;
+ if (kex.we_need < kex.newkeys[0]->enc.block_size)
+ kex.we_need = kex.newkeys[0]->enc.block_size;
+ if (kex.we_need < kex.newkeys[0]->enc.iv_len)
+ kex.we_need = kex.newkeys[0]->enc.iv_len;
+ if (kex.we_need < kex.newkeys[0]->mac.key_len)
+ kex.we_need = kex.newkeys[0]->mac.key_len;
+
+ /* MODE_OUT (1) -> server to client
+ * MODE_IN (0) -> client to server */
+ kex.server = 1;
+
+ /* do it */
+ kex_derive_keys_bn(&ssh, test->H, test->Hlen, Kbn);
+
+ keys_client = ssh.kex->newkeys[0];
+ keys_server = ssh.kex->newkeys[1];
+
+ /* get data */
+ memset(hex, 0, HEXOUTLEN);
+ bin2hex(keys_client->enc.iv, (size_t)keys_client->enc.iv_len,
+ hex, HEXOUTLEN, 0);
+ printf("Initial IV (client to server) = %s\n", hex);
+
+ memset(hex, 0, HEXOUTLEN);
+ bin2hex(keys_server->enc.iv, (size_t)keys_server->enc.iv_len,
+ hex, HEXOUTLEN, 0);
+ printf("Initial IV (server to client) = %s\n", hex);
+
+ memset(hex, 0, HEXOUTLEN);
+ bin2hex(keys_client->enc.key, (size_t)keys_client->enc.key_len,
+ hex, HEXOUTLEN, 0);
+ printf("Encryption key (client to server) = %s\n", hex);
+
+ memset(hex, 0, HEXOUTLEN);
+ bin2hex(keys_server->enc.key, (size_t)keys_server->enc.key_len,
+ hex, HEXOUTLEN, 0);
+ printf("Encryption key (server to client) = %s\n", hex);
+
+ memset(hex, 0, HEXOUTLEN);
+ bin2hex(keys_client->mac.key, (size_t)keys_client->mac.key_len,
+ hex, HEXOUTLEN, 0);
+ printf("Integrity key (client to server) = %s\n", hex);
+
+ memset(hex, 0, HEXOUTLEN);
+ bin2hex(keys_server->mac.key, (size_t)keys_server->mac.key_len,
+ hex, HEXOUTLEN, 0);
+ printf("Integrity key (server to client) = %s\n", hex);
+
+ free(keys_client);
+ free(keys_server);
+
+out:
+ if (Kbn)
+ BN_free(Kbn);
+ if (kex.newkeys[0])
+ free(kex.newkeys[0]);
+ if (kex.newkeys[1])
+ free(kex.newkeys[1]);
+ return ret;
+}
+
+static void usage(void)
+{
+ fprintf(stderr, "\nOpenSSH KDF CAVS Test\n\n");
+ fprintf(stderr, "Usage:\n");
+ fprintf(stderr, "\t-K\tShared secret string\n");
+ fprintf(stderr, "\t-H\tHash string\n");
+ fprintf(stderr, "\t-s\tSession ID string\n");
+ fprintf(stderr, "\t-i\tIV length to be generated\n");
+ fprintf(stderr, "\t-e\tEncryption key length to be generated\n");
+ fprintf(stderr, "\t-m\tMAC key length to be generated\n");
+}
+
+/*
+ * Test command example:
+ * ./ssh-cavs -K 0055d50f2d163cc07cd8a93cc7c3430c30ce786b572c01ad29fec7597000cf8618d664e2ec3dcbc8bb7a1a7eb7ef67f61cdaf291625da879186ac0a5cb27af571b59612d6a6e0627344d846271959fda61c78354aa498773d59762f8ca2d0215ec590d8633de921f920d41e47b3de6ab9a3d0869e1c826d0e4adebf8e3fb646a15dea20a410b44e969f4b791ed6a67f13f1b74234004d5fa5e87eff7abc32d49bbdf44d7b0107e8f10609233b7e2b7eff74a4daf25641de7553975dac6ac1e5117df6f6dbaa1c263d23a6c3e5a3d7d49ae8a828c1e333ac3f85fbbf57b5c1a45be45e43a7be1a4707eac779b8285522d1f531fe23f890fd38a004339932b93eda4 -H d3ab91a850febb417a25d892ec48ed5952c7a5de -s d3ab91a850febb417a25d892ec48ed5952c7a5de -i 8 -e 24 -m 20
+ *
+ * Expected result for example:
+ * Initial IV (client to server) = 4bb320d1679dfd3a
+ * Encryption key (client to server) = 13048cc600b9d3cf9095aa6cf8e2ff9cf1c54ca0520c89ed
+ * Integrity key (client to server) = ecef63a092b0dcc585bdc757e01b2740af57d640
+ * Initial IV (server to client) = 43dea6fdf263a308
+ * Encryption key (server to client) = 1e483c5134e901aa11fc4e0a524e7ec7b75556148a222bb0
+ * Integrity key (server to client) = 7424b05f3c44a72b4ebd281fb71f9cbe7b64d479
+ */
+int main(int argc, char *argv[])
+{
+ struct kdf_cavs test;
+ int ret = 1;
+ int opt = 0;
+
+ memset(&test, 0, sizeof(struct kdf_cavs));
+ while((opt = getopt(argc, argv, "K:H:s:i:e:m:")) != -1)
+ {
+ size_t len = 0;
+ switch(opt)
+ {
+ /*
+ * CAVS K is MPINT
+ * we want a hex (i.e. the caller must ensure the
+ * following transformations already happened):
+ * 1. cut off first four bytes
+ * 2. if most significant bit of value is
+ * 1, prepend 0 byte
+ */
+ case 'K':
+ len = strlen(optarg);
+ ret = hex2bin_alloc(optarg, len,
+ &test.K, &test.Klen);
+ if (ret)
+ goto out;
+ break;
+ case 'H':
+ len = strlen(optarg);
+ ret = hex2bin_alloc(optarg, len,
+ &test.H, &test.Hlen);
+ if (ret)
+ goto out;
+ break;
+ case 's':
+ len = strlen(optarg);
+ ret = hex2bin_alloc(optarg, len,
+ &test.session_id,
+ &test.session_id_len);
+ if (ret)
+ goto out;
+ break;
+ case 'i':
+ test.iv_len = strtoul(optarg, NULL, 10);
+ break;
+ case 'e':
+ test.ek_len = strtoul(optarg, NULL, 10);
+ break;
+ case 'm':
+ test.ik_len = strtoul(optarg, NULL, 10);
+ break;
+ default:
+ usage();
+ goto out;
+ }
+ }
+
+ ret = sshkdf_cavs(&test);
+
+out:
+ if (test.session_id)
+ free(test.session_id);
+ if (test.K)
+ free(test.K);
+ if (test.H)
+ free(test.H);
+ return ret;
+
+}

4
openssh-7.2p2-disable_openssl_abi_check.patch
View File

@ -1,5 +1,5 @@
# HG changeset patch
# Parent 16c4937db837ab7cdbe0422b81de0e7a9a8479cd
# Parent 4821397c95e57962905e6d47554bef9e4ea57483
disable run-time check for OpenSSL ABI by version number as that is not a
reliable indicator of ABI changes and doesn't make much sense in a
distribution package
@ -7,7 +7,7 @@ distribution package
diff --git a/openssh-7.2p2/configure.ac b/openssh-7.2p2/configure.ac
--- a/openssh-7.2p2/configure.ac
+++ b/openssh-7.2p2/configure.ac
@@ -4639,16 +4639,29 @@ AC_ARG_WITH([bsd-auth],
@@ -4663,16 +4663,29 @@ AC_ARG_WITH([bsd-auth],
if test "x$withval" != "xno" ; then
AC_DEFINE([BSD_AUTH], [1],
[Define if you have BSD auth support])

1317
openssh-7.2p2-disable_preauth_compression.patch Normal file
View File

File diff suppressed because it is too large Load Diff

13
openssh-7.2p2-fips.patch
View File

@ -1,24 +1,22 @@
# HG changeset patch
# Parent 3e1393b771d6430ae09ae30741a3b9b382e3e041
# Parent 5f2b8faa3b60de28124d9d4a44ffa2635d67f601
FIPS 140-2 compliance. Perform selftests on start and use only FIPS approved
algorithms.
diff --git a/openssh-7.2p2/Makefile.in b/openssh-7.2p2/Makefile.in
--- a/openssh-7.2p2/Makefile.in
+++ b/openssh-7.2p2/Makefile.in
@@ -87,17 +87,18 @@ LIBSSH_OBJS=${LIBOPENSSH_OBJS} \
msg.o progressmeter.o dns.o entropy.o gss-genr.o umac.o umac128.o \
ssh-pkcs11.o smult_curve25519_ref.o \
@@ -89,16 +89,18 @@ LIBSSH_OBJS=${LIBOPENSSH_OBJS} \
poly1305.o chacha.o cipher-chachapoly.o \
ssh-ed25519.o digest-openssl.o digest-libc.o hmac.o \
sc25519.o ge25519.o fe25519.o ed25519.o verify.o hash.o blocks.o \
kex.o kexdh.o kexgex.o kexecdh.o kexc25519.o \
kexdhc.o kexgexc.o kexecdhc.o kexc25519c.o \
kexdhs.o kexgexs.o kexecdhs.o kexc25519s.o \
- platform-pledge.o
+ platform-pledge.o \
+ fips.o
platform-pledge.o
+LIBSSH_OBJS += fips.o
+
SSHOBJS= ssh.o readconf.o clientloop.o sshtty.o \
sshconnect.o sshconnect1.o sshconnect2.o mux.o
@ -26,6 +24,7 @@ diff --git a/openssh-7.2p2/Makefile.in b/openssh-7.2p2/Makefile.in
audit.o audit-bsm.o audit-linux.o platform.o \
sshpty.o sshlogin.o servconf.o serverloop.o \
auth.o auth1.o auth2.o auth-options.o session.o \
auth-chall.o auth2-chall.o groupaccess.o \
diff --git a/openssh-7.2p2/auth-rsa.c b/openssh-7.2p2/auth-rsa.c
--- a/openssh-7.2p2/auth-rsa.c
+++ b/openssh-7.2p2/auth-rsa.c

16
openssh-7.2p2-gssapi_key_exchange.patch
View File

@ -1,5 +1,5 @@
# HG changeset patch
# Parent 84a6252b7ac18855cf188e5911bdf8a757d4460a
# Parent df12d82287e3434a52c21a994b901302bd0c8064
GSSAPI Key Exchange implementation
diff --git a/openssh-7.2p2/ChangeLog.gssapi b/openssh-7.2p2/ChangeLog.gssapi
@ -123,7 +123,7 @@ new file mode 100644
diff --git a/openssh-7.2p2/Makefile.in b/openssh-7.2p2/Makefile.in
--- a/openssh-7.2p2/Makefile.in
+++ b/openssh-7.2p2/Makefile.in
@@ -85,18 +85,18 @@ LIBSSH_OBJS=${LIBOPENSSH_OBJS} \
@@ -89,18 +89,18 @@ LIBSSH_OBJS=${LIBOPENSSH_OBJS} \
atomicio.o key.o dispatch.o mac.o uidswap.o uuencode.o misc.o \
monitor_fdpass.o rijndael.o ssh-dss.o ssh-ecdsa.o ssh-rsa.o dh.o \
msg.o progressmeter.o dns.o entropy.o gss-genr.o umac.o umac128.o \
@ -136,14 +136,14 @@ diff --git a/openssh-7.2p2/Makefile.in b/openssh-7.2p2/Makefile.in
- kexdhs.o kexgexs.o kexecdhs.o kexc25519s.o \
+ kexdhc.o kexgexc.o kexecdhc.o kexc25519c.o kexgssc.o \
+ kexdhs.o kexgexs.o kexecdhs.o kexc25519s.o kexgsss.o \
platform-pledge.o \
fips.o
platform-pledge.o
LIBSSH_OBJS += fips.o
SSHOBJS= ssh.o readconf.o clientloop.o sshtty.o \
sshconnect.o sshconnect1.o sshconnect2.o mux.o
SSHDOBJS=sshd.o auth-rhosts.o auth-passwd.o auth-rsa.o auth-rh-rsa.o \
audit.o audit-bsm.o audit-linux.o platform.o \
diff --git a/openssh-7.2p2/auth-krb5.c b/openssh-7.2p2/auth-krb5.c
--- a/openssh-7.2p2/auth-krb5.c
+++ b/openssh-7.2p2/auth-krb5.c
@ -1279,8 +1279,7 @@ diff --git a/openssh-7.2p2/gss-serv.c b/openssh-7.2p2/gss-serv.c
+ return (PAM_CONV_ERR);
+}
+#endif
- return (ctx->major);
+
+void
+ssh_gssapi_rekey_creds() {
+ int ok;
@ -1302,7 +1301,8 @@ diff --git a/openssh-7.2p2/gss-serv.c b/openssh-7.2p2/gss-serv.c
+ return;
+
+ debug("Rekeyed credentials stored successfully");
+
- return (ctx->major);
+ /* Actually managing to play with the ssh pam stack from here will
+ * be next to impossible. In any case, we may want different options
+ * for rekeying. So, use our own :)

8
openssh-7.2p2-host_ident.patch
View File

@ -1,5 +1,5 @@
# HG changeset patch
# Parent 605a6220fcc2c96e9196681fe480fab16b505ee1
# Parent e2f9b3303b4a4ed5d0e5f01009dd1ebea166890d
Suggest command line for removal of offending keys from known_hosts file
diff --git a/openssh-7.2p2/sshconnect.c b/openssh-7.2p2/sshconnect.c
@ -14,11 +14,11 @@ diff --git a/openssh-7.2p2/sshconnect.c b/openssh-7.2p2/sshconnect.c
user_hostfiles[0]);
error("Offending %s key in %s:%lu", key_type(host_found->key),
host_found->file, host_found->line);
+ error("You can use following command to remove all keys for this IP:");
+ error("You can use following command to remove the offending key:");
+ if (host_found->file)
+ error("ssh-keygen -R %s -f %s", hostname, host_found->file);
+ error("ssh-keygen -R %s -f %s", host, host_found->file);
+ else
+ error("ssh-keygen -R %s", hostname);
+ error("ssh-keygen -R %s", host);
/*
* If strict host key checking is in use, the user will have

2
openssh-7.2p2-ignore_PAM_with_UseLogin.patch
View File

@ -1,5 +1,5 @@
# HG changeset patch
# Parent cb9be7363a9f32133f0d105d515149dd77cc8cd3
# Parent 0f00e960e1069c6a6eec975cc184171343701077
Do not import PAM environment variables when using login, since it may have
security implications.

66
openssh-7.2p2-keep_slogin.patch Normal file
View File

@ -0,0 +1,66 @@
# HG changeset patch
# Parent 7c29b31d3502bbf5b80e01f8d1db8b2733a3c7f4
Add slogin back to the distribution, since it might be used downstreams
Revert of cupstream commit 69fead5d7cdaa73bdece9fcba80f8e8e70b90346
diff --git a/openssh-7.2p2/Makefile.in b/openssh-7.2p2/Makefile.in
--- a/openssh-7.2p2/Makefile.in
+++ b/openssh-7.2p2/Makefile.in
@@ -354,16 +354,20 @@ install-files:
$(INSTALL) -m 644 sftp.1.out $(DESTDIR)$(mandir)/$(mansubdir)1/sftp.1
$(INSTALL) -m 644 sftp-server.8.out $(DESTDIR)$(mandir)/$(mansubdir)8/sftp-server.8
$(INSTALL) -m 644 ssh-keysign.8.out $(DESTDIR)$(mandir)/$(mansubdir)8/ssh-keysign.8
$(INSTALL) -m 644 ssh-pkcs11-helper.8.out $(DESTDIR)$(mandir)/$(mansubdir)8/ssh-pkcs11-helper.8
if test ! -z "$(INSTALL_SSH_LDAP_HELPER)" ; then \
$(INSTALL) -m 644 ssh-ldap-helper.8.out $(DESTDIR)$(mandir)/$(mansubdir)8/ssh-ldap-helper.8 ; \
$(INSTALL) -m 644 ssh-ldap.conf.5.out $(DESTDIR)$(mandir)/$(mansubdir)5/ssh-ldap.conf.5 ; \
fi
+ -rm -f $(DESTDIR)$(bindir)/slogin
+ ln -s ./ssh$(EXEEXT) $(DESTDIR)$(bindir)/slogin
+ -rm -f $(DESTDIR)$(mandir)/$(mansubdir)1/slogin.1
+ ln -s ./ssh.1 $(DESTDIR)$(mandir)/$(mansubdir)1/slogin.1
install-sysconf:
if [ ! -d $(DESTDIR)$(sysconfdir) ]; then \
$(srcdir)/mkinstalldirs $(DESTDIR)$(sysconfdir); \
fi
@if [ ! -f $(DESTDIR)$(sysconfdir)/ssh_config ]; then \
$(INSTALL) -m 644 ssh_config.out $(DESTDIR)$(sysconfdir)/ssh_config; \
else \
@@ -415,16 +419,17 @@ uninstallall: uninstall
-rmdir $(DESTDIR)$(bindir)
-rmdir $(DESTDIR)$(sbindir)
-rmdir $(DESTDIR)$(mandir)/$(mansubdir)1
-rmdir $(DESTDIR)$(mandir)/$(mansubdir)8
-rmdir $(DESTDIR)$(mandir)
-rmdir $(DESTDIR)$(libexecdir)
uninstall:
+ -rm -f $(DESTDIR)$(bindir)/slogin
-rm -f $(DESTDIR)$(bindir)/ssh$(EXEEXT)
-rm -f $(DESTDIR)$(bindir)/scp$(EXEEXT)
-rm -f $(DESTDIR)$(bindir)/ssh-add$(EXEEXT)
-rm -f $(DESTDIR)$(bindir)/ssh-agent$(EXEEXT)
-rm -f $(DESTDIR)$(bindir)/ssh-keygen$(EXEEXT)
-rm -f $(DESTDIR)$(bindir)/ssh-keyscan$(EXEEXT)
-rm -f $(DESTDIR)$(bindir)/sftp$(EXEEXT)
-rm -f $(DESTDIR)$(sbindir)/sshd$(EXEEXT)
@@ -440,16 +445,17 @@ uninstall:
-rm -f $(DESTDIR)$(mandir)/$(mansubdir)1/ssh-keygen.1
-rm -f $(DESTDIR)$(mandir)/$(mansubdir)1/sftp.1
-rm -f $(DESTDIR)$(mandir)/$(mansubdir)1/ssh-keyscan.1
-rm -f $(DESTDIR)$(mandir)/$(mansubdir)8/sshd.8
-rm -f $(DESTDIR)$(mandir)/$(mansubdir)8/sftp-server.8
-rm -f $(DESTDIR)$(mandir)/$(mansubdir)8/ssh-keysign.8
-rm -f $(DESTDIR)$(mandir)/$(mansubdir)8/ssh-pkcs11-helper.8
-rm -f $(DESTDIR)$(mandir)/$(mansubdir)8/ssh-ldap-helper.8
+ -rm -f $(DESTDIR)$(mandir)/$(mansubdir)1/slogin.1
regress-prep:
[ -d `pwd`/regress ] || mkdir -p `pwd`/regress
[ -d `pwd`/regress/unittests ] || mkdir -p `pwd`/regress/unittests
[ -d `pwd`/regress/unittests/test_helper ] || \
mkdir -p `pwd`/regress/unittests/test_helper
[ -d `pwd`/regress/unittests/sshbuf ] || \
mkdir -p `pwd`/regress/unittests/sshbuf

30
openssh-7.2p2-kex_resource_depletion.patch Normal file
View File

@ -0,0 +1,30 @@
# HG changeset patch
# Parent 5d3b620e9c7c42bfb1d8f24eb7e0645a55d967fa
Prevent memory depletion during key exchange
CVE-2016-8858
bsc#1005480
upstream commit ec165c392ca54317dbe3064a8c200de6531e89ad
diff --git a/openssh-7.2p2/kex.c b/openssh-7.2p2/kex.c
--- a/openssh-7.2p2/kex.c
+++ b/openssh-7.2p2/kex.c
@@ -523,16 +523,17 @@ kex_input_kexinit(int type, u_int32_t se
u_int i;
size_t dlen;
int r;
debug("SSH2_MSG_KEXINIT received");
if (kex == NULL)
return SSH_ERR_INVALID_ARGUMENT;
+ ssh_dispatch_set(ssh, SSH2_MSG_KEXINIT, NULL);
ptr = sshpkt_ptr(ssh, &dlen);
if ((r = sshbuf_put(kex->peer, ptr, dlen)) != 0)
return r;
/* discard packet */
for (i = 0; i < KEX_COOKIE_LEN; i++)
if ((r = sshpkt_get_u8(ssh, NULL)) != 0)
return r;

44
openssh-7.2p2-ldap.patch
View File

@ -1,5 +1,5 @@
# HG changeset patch
# Parent b8135c449e59282a8926ff44fcb4670baf8f158e
# Parent a47716db81c68026e9d37db568c2c313acc53f86
# Helper app for retrieving keys from a LDAP server
# by Jan F. Chadima <jchadima@redhat.com>
#
@ -137,28 +137,26 @@ diff --git a/openssh-7.2p2/Makefile.in b/openssh-7.2p2/Makefile.in
SSH_PKCS11_HELPER=$(libexecdir)/ssh-pkcs11-helper
+SSH_LDAP_HELPER=$(libexecdir)/ssh-ldap-helper
+SSH_LDAP_WRAPPER=$(libexecdir)/ssh-ldap-wrapper
CAVSTEST_CTR=$(libexecdir)/cavstest-ctr
CAVSTEST_KDF=$(libexecdir)/cavstest-kdf
PRIVSEP_PATH=@PRIVSEP_PATH@
SSH_PRIVSEP_USER=@SSH_PRIVSEP_USER@
STRIP_OPT=@STRIP_OPT@
TEST_SHELL=@TEST_SHELL@
PATHS= -DSSHDIR=\"$(sysconfdir)\" \
-D_PATH_SSH_PROGRAM=\"$(SSH_PROGRAM)\" \
-D_PATH_SSH_ASKPASS_DEFAULT=\"$(ASKPASS_PROGRAM)\" \
@@ -57,17 +59,19 @@ INSTALL=@INSTALL@
PERL=@PERL@
SED=@SED@
ENT=@ENT@
XAUTH_PATH=@XAUTH_PATH@
@@ -63,16 +65,19 @@ XAUTH_PATH=@XAUTH_PATH@
LDFLAGS=-L. -Lopenbsd-compat/ @LDFLAGS@
EXEEXT=@EXEEXT@
MANFMT=@MANFMT@
-TARGETS=ssh$(EXEEXT) sshd$(EXEEXT) ssh-add$(EXEEXT) ssh-keygen$(EXEEXT) ssh-keyscan${EXEEXT} ssh-keysign${EXEEXT} ssh-pkcs11-helper$(EXEEXT) ssh-agent$(EXEEXT) scp$(EXEEXT) sftp-server$(EXEEXT) sftp$(EXEEXT)
+INSTALL_SSH_LDAP_HELPER=@INSTALL_SSH_LDAP_HELPER@
+
+TARGETS=ssh$(EXEEXT) sshd$(EXEEXT) ssh-add$(EXEEXT) ssh-keygen$(EXEEXT) ssh-keyscan${EXEEXT} ssh-keysign${EXEEXT} ssh-pkcs11-helper$(EXEEXT) ssh-agent$(EXEEXT) scp$(EXEEXT) sftp-server$(EXEEXT) sftp$(EXEEXT) ssh-ldap-helper$(EXEEXT)
TARGETS=ssh$(EXEEXT) sshd$(EXEEXT) ssh-add$(EXEEXT) ssh-keygen$(EXEEXT) ssh-keyscan${EXEEXT} ssh-keysign${EXEEXT} ssh-pkcs11-helper$(EXEEXT) ssh-agent$(EXEEXT) scp$(EXEEXT) sftp-server$(EXEEXT) sftp$(EXEEXT)
TARGETS += cavstest-ctr$(EXEEXT) cavstest-kdf$(EXEEXT)
+INSTALL_SSH_LDAP_HELPER=@INSTALL_SSH_LDAP_HELPER@
+TARGETS += ssh-ldap-helper$(EXEEXT)
+
LIBOPENSSH_OBJS=\
ssh_api.o \
ssherr.o \
@ -166,7 +164,8 @@ diff --git a/openssh-7.2p2/Makefile.in b/openssh-7.2p2/Makefile.in
sshkey.o \
sshbuf-getput-basic.o \
sshbuf-misc.o \
@@ -109,18 +113,18 @@ SSHDOBJS=sshd.o auth-rhosts.o auth-passw
sshbuf-getput-crypto.o \
@@ -114,18 +119,18 @@ SSHDOBJS=sshd.o auth-rhosts.o auth-passw
monitor_mm.o monitor.o monitor_wrap.o auth-krb5.o \
auth2-gss.o gss-serv.o gss-serv-krb5.o \
loginrec.o auth-pam.o auth-shadow.o auth-sia.o md5crypt.o \
@ -187,7 +186,7 @@ diff --git a/openssh-7.2p2/Makefile.in b/openssh-7.2p2/Makefile.in
PATHSUBS = \
-e 's|/etc/ssh/ssh_config|$(sysconfdir)/ssh_config|g' \
-e 's|/etc/ssh/ssh_known_hosts|$(sysconfdir)/ssh_known_hosts|g' \
@@ -184,16 +188,19 @@ ssh-keysign$(EXEEXT): $(LIBCOMPAT) libss
@@ -189,16 +194,19 @@ ssh-keysign$(EXEEXT): $(LIBCOMPAT) libss
$(LD) -o $@ ssh-keysign.o readconf.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS)
ssh-pkcs11-helper$(EXEEXT): $(LIBCOMPAT) libssh.a ssh-pkcs11-helper.o ssh-pkcs11.o
@ -205,9 +204,9 @@ diff --git a/openssh-7.2p2/Makefile.in b/openssh-7.2p2/Makefile.in
sftp$(EXEEXT): $(LIBCOMPAT) libssh.a sftp.o sftp-client.o sftp-common.o sftp-glob.o progressmeter.o
$(LD) -o $@ progressmeter.o sftp.o sftp-client.o sftp-common.o sftp-glob.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS) $(LIBEDIT)
# test driver for the loginrec code - not built by default
logintest: logintest.o $(LIBCOMPAT) libssh.a loginrec.o
@@ -308,32 +315,40 @@ install-files:
# FIPS tests
cavstest-ctr$(EXEEXT): $(LIBCOMPAT) libssh.a cavstest-ctr.o
@@ -320,16 +328,20 @@ install-files:
$(INSTALL) -m 0755 $(STRIP_OPT) scp$(EXEEXT) $(DESTDIR)$(bindir)/scp$(EXEEXT)
$(INSTALL) -m 0755 $(STRIP_OPT) ssh-add$(EXEEXT) $(DESTDIR)$(bindir)/ssh-add$(EXEEXT)
$(INSTALL) -m 0755 $(STRIP_OPT) ssh-agent$(EXEEXT) $(DESTDIR)$(bindir)/ssh-agent$(EXEEXT)
@ -222,12 +221,13 @@ diff --git a/openssh-7.2p2/Makefile.in b/openssh-7.2p2/Makefile.in
+ fi
$(INSTALL) -m 0755 $(STRIP_OPT) sftp$(EXEEXT) $(DESTDIR)$(bindir)/sftp$(EXEEXT)
$(INSTALL) -m 0755 $(STRIP_OPT) sftp-server$(EXEEXT) $(DESTDIR)$(SFTP_SERVER)$(EXEEXT)
$(INSTALL) -m 0755 $(STRIP_OPT) cavstest-ctr$(EXEEXT) $(DESTDIR)$(libexecdir)/cavstest-ctr$(EXEEXT)
$(INSTALL) -m 0755 $(STRIP_OPT) cavstest-kdf$(EXEEXT) $(DESTDIR)$(libexecdir)/cavstest-kdf$(EXEEXT)
$(INSTALL) -m 644 ssh.1.out $(DESTDIR)$(mandir)/$(mansubdir)1/ssh.1
$(INSTALL) -m 644 scp.1.out $(DESTDIR)$(mandir)/$(mansubdir)1/scp.1
$(INSTALL) -m 644 ssh-add.1.out $(DESTDIR)$(mandir)/$(mansubdir)1/ssh-add.1
$(INSTALL) -m 644 ssh-agent.1.out $(DESTDIR)$(mandir)/$(mansubdir)1/ssh-agent.1
$(INSTALL) -m 644 ssh-keygen.1.out $(DESTDIR)$(mandir)/$(mansubdir)1/ssh-keygen.1
$(INSTALL) -m 644 ssh-keyscan.1.out $(DESTDIR)$(mandir)/$(mansubdir)1/ssh-keyscan.1
@@ -338,16 +350,20 @@ install-files:
$(INSTALL) -m 644 moduli.5.out $(DESTDIR)$(mandir)/$(mansubdir)5/moduli.5
$(INSTALL) -m 644 sshd_config.5.out $(DESTDIR)$(mandir)/$(mansubdir)5/sshd_config.5
$(INSTALL) -m 644 ssh_config.5.out $(DESTDIR)$(mandir)/$(mansubdir)5/ssh_config.5
@ -248,7 +248,7 @@ diff --git a/openssh-7.2p2/Makefile.in b/openssh-7.2p2/Makefile.in
@if [ ! -f $(DESTDIR)$(sysconfdir)/ssh_config ]; then \
$(INSTALL) -m 644 ssh_config.out $(DESTDIR)$(sysconfdir)/ssh_config; \
else \
@@ -349,16 +364,23 @@ install-sysconf:
@@ -363,16 +379,23 @@ install-sysconf:
echo "moving $(DESTDIR)$(sysconfdir)/primes to $(DESTDIR)$(sysconfdir)/moduli"; \
mv "$(DESTDIR)$(sysconfdir)/primes" "$(DESTDIR)$(sysconfdir)/moduli"; \
else \
@ -272,7 +272,7 @@ diff --git a/openssh-7.2p2/Makefile.in b/openssh-7.2p2/Makefile.in
host-key-force: ssh-keygen$(EXEEXT) ssh$(EXEEXT)
if ./ssh -Q protocol-version | grep '^1$$' >/dev/null; then \
@@ -389,27 +411,30 @@ uninstall:
@@ -403,27 +426,30 @@ uninstall:
-rm -f $(DESTDIR)$(bindir)/ssh-agent$(EXEEXT)
-rm -f $(DESTDIR)$(bindir)/ssh-keygen$(EXEEXT)
-rm -f $(DESTDIR)$(bindir)/ssh-keyscan$(EXEEXT)
@ -306,7 +306,7 @@ diff --git a/openssh-7.2p2/Makefile.in b/openssh-7.2p2/Makefile.in
diff --git a/openssh-7.2p2/configure.ac b/openssh-7.2p2/configure.ac
--- a/openssh-7.2p2/configure.ac
+++ b/openssh-7.2p2/configure.ac
@@ -1620,16 +1620,116 @@ AC_ARG_WITH([audit],
@@ -1644,16 +1644,116 @@ AC_ARG_WITH([audit],
AC_MSG_RESULT([no])
;;
*)

2
openssh-7.2p2-limit_password_length.patch
View File

@ -1,5 +1,5 @@
# HG changeset patch
# Parent e351203d2784230a3b56b8e3dd6955403ed10ca4
# Parent 9888bc3f536eab9f528d9c96e5e8a2501ed168f5
Limit accepted passwords length to prevent DoS by resource consumption
(via crypt() eating CPU cycles).

2
openssh-7.2p2-login_options.patch
View File

@ -1,5 +1,5 @@
# HG changeset patch
# Parent 295ae9c5f5da12d273f3b91e90145b449984a7dc
# Parent b86c2190c93aeaf958c22fc7b224dcaf87100288
# HG changeset patch
# Parent b262fd34c8ecd55e93d457b3ca5593abce716856
# login-pam cannot handle the option terminator "--" as login from util-linux

2
openssh-7.2p2-no_fork-no_pid_file.patch
View File

@ -1,5 +1,5 @@
# HG changeset patch
# Parent 7ce81a30bb196401c63782b646d8a6d511ddec4b
# Parent 4011d0f5c00b663976c9940dc4ef79642605cf90
Do not write a PID file when not daemonizing (e.g. when running from systemd)
diff --git a/openssh-7.2p2/sshd.c b/openssh-7.2p2/sshd.c

188
openssh-7.2p2-prevent_private_key_leakage.patch Normal file
View File

@ -0,0 +1,188 @@
# HG changeset patch
# Parent e2a8c999f737bca97bbc330ce6683de842ba195e
Pre-allocare buffer for private keys data to prevent leaking of sensitive data
via heap.
CVE-2016-10011
bsc#1016369
backported upstream commit 54d022026aae4f53fa74cc636e4a032d9689b64d
backported upstream commit a9c746088787549bb5b1ae3add7d06a1b6d93d5e
diff --git a/openssh-7.2p2/authfile.c b/openssh-7.2p2/authfile.c
--- a/openssh-7.2p2/authfile.c
+++ b/openssh-7.2p2/authfile.c
@@ -95,23 +95,35 @@ sshkey_save_private(struct sshkey *key,
/* Load a key from a fd into a buffer */
int
sshkey_load_file(int fd, struct sshbuf *blob)
{
u_char buf[1024];
size_t len;
struct stat st;
- int r;
+ int r, dontmax = 0;
if (fstat(fd, &st) < 0)
return SSH_ERR_SYSTEM_ERROR;
if ((st.st_mode & (S_IFSOCK|S_IFCHR|S_IFIFO)) == 0 &&
st.st_size > MAX_KEY_FILE_SIZE)
return SSH_ERR_INVALID_FORMAT;
+ /*
+ * Pre-allocate the buffer used for the key contents and clamp its
+ * maximum size. This ensures that key contents are never leaked via
+ * implicit realloc() in the sshbuf code.
+ */
+ if ((st.st_mode & S_IFREG) == 0 || st.st_size <= 0) {
+ st.st_size = 64*1024; /* 64k should be enough for anyone :) */
+ dontmax = 1;
+ }
+ if ((r = sshbuf_allocate(blob, st.st_size)) != 0 ||
+ (dontmax && (r = sshbuf_set_max_size(blob, st.st_size)) != 0))
+ return r;
for (;;) {
if ((len = atomicio(read, fd, buf, sizeof(buf))) == 0) {
if (errno == EPIPE)
break;
r = SSH_ERR_SYSTEM_ERROR;
goto out;
}
if ((r = sshbuf_put(blob, buf, len)) != 0)
diff --git a/openssh-7.2p2/sshbuf.c b/openssh-7.2p2/sshbuf.c
--- a/openssh-7.2p2/sshbuf.c
+++ b/openssh-7.2p2/sshbuf.c
@@ -311,63 +311,73 @@ sshbuf_check_reserve(const struct sshbuf
SSHBUF_TELL("check");
/* Check that len is reasonable and that max_size + available < len */
if (len > buf->max_size || buf->max_size - len < buf->size - buf->off)
return SSH_ERR_NO_BUFFER_SPACE;
return 0;
}
int
-sshbuf_reserve(struct sshbuf *buf, size_t len, u_char **dpp)
+sshbuf_allocate(struct sshbuf *buf, size_t len)
{
size_t rlen, need;
u_char *dp;
int r;
- if (dpp != NULL)
- *dpp = NULL;
-
- SSHBUF_DBG(("reserve buf = %p len = %zu", buf, len));
+ SSHBUF_DBG(("allocate buf = %p len = %zu", buf, len));
if ((r = sshbuf_check_reserve(buf, len)) != 0)
return r;
/*
* If the requested allocation appended would push us past max_size
* then pack the buffer, zeroing buf->off.
*/
sshbuf_maybe_pack(buf, buf->size + len > buf->max_size);
- SSHBUF_TELL("reserve");
- if (len + buf->size > buf->alloc) {
- /*
- * Prefer to alloc in SSHBUF_SIZE_INC units, but
- * allocate less if doing so would overflow max_size.
- */
- need = len + buf->size - buf->alloc;
- rlen = roundup(buf->alloc + need, SSHBUF_SIZE_INC);
- SSHBUF_DBG(("need %zu initial rlen %zu", need, rlen));
- if (rlen > buf->max_size)
- rlen = buf->alloc + need;
- SSHBUF_DBG(("adjusted rlen %zu", rlen));
- if ((dp = realloc(buf->d, rlen)) == NULL) {
- SSHBUF_DBG(("realloc fail"));
- if (dpp != NULL)
- *dpp = NULL;
- return SSH_ERR_ALLOC_FAIL;
- }
- buf->alloc = rlen;
- buf->cd = buf->d = dp;
- if ((r = sshbuf_check_reserve(buf, len)) < 0) {
- /* shouldn't fail */
- if (dpp != NULL)
- *dpp = NULL;
- return r;
- }
+ SSHBUF_TELL("allocate");
+ if (len + buf->size <= buf->alloc)
+ return 0; /* already have it. */
+
+ /*
+ * Prefer to alloc in SSHBUF_SIZE_INC units, but
+ * allocate less if doing so would overflow max_size.
+ */
+ need = len + buf->size - buf->alloc;
+ rlen = roundup(buf->alloc + need, SSHBUF_SIZE_INC);
+ SSHBUF_DBG(("need %zu initial rlen %zu", need, rlen));
+ if (rlen > buf->max_size)
+ rlen = buf->alloc + need;
+ SSHBUF_DBG(("adjusted rlen %zu", rlen));
+ if ((dp = realloc(buf->d, rlen)) == NULL) {
+ SSHBUF_DBG(("realloc fail"));
+ return SSH_ERR_ALLOC_FAIL;
}
+ buf->alloc = rlen;
+ buf->cd = buf->d = dp;
+ if ((r = sshbuf_check_reserve(buf, len)) < 0) {
+ /* shouldn't fail */
+ return r;
+ }
+ SSHBUF_TELL("done");
+ return 0;
+}
+
+int
+sshbuf_reserve(struct sshbuf *buf, size_t len, u_char **dpp)
+{
+ u_char *dp;
+ int r;
+
+ if (dpp != NULL)
+ *dpp = NULL;
+
+ SSHBUF_DBG(("reserve buf = %p len = %zu", buf, len));
+ if ((r = sshbuf_allocate(buf, len)) != 0)
+ return r;
+
dp = buf->d + buf->size;
buf->size += len;
- SSHBUF_TELL("done");
if (dpp != NULL)
*dpp = dp;
return 0;
}
int
sshbuf_consume(struct sshbuf *buf, size_t len)
{
diff --git a/openssh-7.2p2/sshbuf.h b/openssh-7.2p2/sshbuf.h
--- a/openssh-7.2p2/sshbuf.h
+++ b/openssh-7.2p2/sshbuf.h
@@ -134,16 +134,24 @@ u_char *sshbuf_mutable_ptr(const struct
* Check whether a reservation of size len will succeed in buf
* Safer to use than direct comparisons again sshbuf_avail as it copes
* with unsigned overflows correctly.
* Returns 0 on success, or a negative SSH_ERR_* error code on failure.
*/
int sshbuf_check_reserve(const struct sshbuf *buf, size_t len);
/*
+ * Preallocates len additional bytes in buf.
+ * Useful for cases where the caller knows how many bytes will ultimately be
+ * required to avoid realloc in the buffer code.
+ * Returns 0 on success, or a negative SSH_ERR_* error code on failure.
+ */
+int sshbuf_allocate(struct sshbuf *buf, size_t len);
+
+/*
* Reserve len bytes in buf.
* Returns 0 on success and a pointer to the first reserved byte via the
* optional dpp parameter or a negative * SSH_ERR_* error code on failure.
*/
int sshbuf_reserve(struct sshbuf *buf, size_t len, u_char **dpp);
/*
* Consume len bytes from the start of buf

2
openssh-7.2p2-prevent_timing_user_enumeration.patch
View File

@ -1,5 +1,5 @@
# HG changeset patch
# Parent 323ac0fc20b1d5e9bf7037e020adfd760dd2d5f2
# Parent 4a254abf4ef391358257310ad2fe15c9e12dee34
Prevent user enumeration through password processing timing
CVE-2016-6210
bsc#989363

297
openssh-7.2p2-restrict_pkcs11-modules.patch Normal file
View File

@ -0,0 +1,297 @@
# HG changeset patch
# Parent 22de9aeddbde2b36da9c23475cfa5dcd42e95287
whitelist paths for loading of PKCS#11 modules in ssh-agent
CVE-2016-10009
bsc#1016366
upstream commit 786d5994da79151180cb14a6cf157ebbba61c0cc
diff --git a/openssh-7.2p2/ssh-agent.1 b/openssh-7.2p2/ssh-agent.1
--- a/openssh-7.2p2/ssh-agent.1
+++ b/openssh-7.2p2/ssh-agent.1
@@ -1,9 +1,9 @@
-.\" $OpenBSD: ssh-agent.1,v 1.62 2015/11/15 23:54:15 jmc Exp $
+.\" $OpenBSD: ssh-agent.1,v 1.63 2016/11/30 03:07:37 djm Exp $
.\"
.\" Author: Tatu Ylonen <ylo@cs.hut.fi>
.\" Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
.\" All rights reserved
.\"
.\" As far as I am concerned, the code I have written for this software
.\" can be used freely for any purpose. Any derived versions of this
.\" software must be clearly marked as such, and if the derived work is
@@ -29,29 +29,30 @@
.\" IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
.\" INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
.\" DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
.\" THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
.\"
-.Dd $Mdocdate: November 15 2015 $
+.Dd $Mdocdate: November 30 2016 $
.Dt SSH-AGENT 1
.Os
.Sh NAME
.Nm ssh-agent
.Nd authentication agent
.Sh SYNOPSIS
.Nm ssh-agent
.Op Fl c | s
.Op Fl \&Dd
.Op Fl a Ar bind_address
.Op Fl E Ar fingerprint_hash
.Op Fl t Ar life
+.Op Fl P Ar pkcs11_whitelist
.Op Ar command Op Ar arg ...
.Nm ssh-agent
.Op Fl c | s
.Fl k
.Sh DESCRIPTION
.Nm
is a program to hold private keys used for public key authentication
(RSA, DSA, ECDSA, Ed25519).
@@ -116,16 +117,28 @@ Valid options are:
and
.Dq sha256 .
The default is
.Dq sha256 .
.It Fl k
Kill the current agent (given by the
.Ev SSH_AGENT_PID
environment variable).
+.It Fl P
+Specify a pattern-list of acceptable paths for PKCS#11 shared libraries
+that may be added using the
+.Fl s
+option to
+.Xr ssh-add 1 .
+The default is to allow loading PKCS#11 libraries from
+.Dq /usr/lib/*,/usr/local/lib/* .
+PKCS#11 libraries that do not match the whitelist will be refused.
+See PATTERNS in
+.Xr ssh_config 5
+for a description of pattern-list syntax.
.It Fl s
Generate Bourne shell commands on
.Dv stdout .
This is the default if
.Ev SHELL
does not look like it's a csh style of shell.
.It Fl t Ar life
Set a default value for the maximum lifetime of identities added to the agent.
diff --git a/openssh-7.2p2/ssh-agent.c b/openssh-7.2p2/ssh-agent.c
--- a/openssh-7.2p2/ssh-agent.c
+++ b/openssh-7.2p2/ssh-agent.c
@@ -78,25 +78,30 @@
#include "sshbuf.h"
#include "sshkey.h"
#include "authfd.h"
#include "compat.h"
#include "log.h"
#include "misc.h"
#include "digest.h"
#include "ssherr.h"
+#include "match.h"
#ifdef ENABLE_PKCS11
#include "ssh-pkcs11.h"
#endif
#if defined(HAVE_SYS_PRCTL_H)
#include <sys/prctl.h> /* For prctl() and PR_SET_DUMPABLE */
#endif
+#ifndef DEFAULT_PKCS11_WHITELIST
+# define DEFAULT_PKCS11_WHITELIST "/usr/lib/*,/usr/local/lib/*"
+#endif
+
typedef enum {
AUTH_UNUSED,
AUTH_SOCKET,
AUTH_CONNECTION
} sock_type;
typedef struct {
int fd;
@@ -134,16 +139,19 @@ time_t parent_alive_interval = 0;
/* pid of process for which cleanup_socket is applicable */
pid_t cleanup_pid = 0;
/* pathname and directory for AUTH_SOCKET */
char socket_name[PATH_MAX];
char socket_dir[PATH_MAX];
+/* PKCS#11 path whitelist */
+static char *pkcs11_whitelist;
+
/* locking */
#define LOCK_SIZE 32
#define LOCK_SALT_SIZE 16
#define LOCK_ROUNDS 1
int locked = 0;
char lock_passwd[LOCK_SIZE];
char lock_salt[LOCK_SALT_SIZE];
@@ -736,17 +744,17 @@ no_identities(SocketEntry *e, u_int type
fatal("%s: buffer error: %s", __func__, ssh_err(r));
sshbuf_free(msg);
}
#ifdef ENABLE_PKCS11
static void
process_add_smartcard_key(SocketEntry *e)
{
- char *provider = NULL, *pin;
+ char *provider = NULL, *pin, canonical_provider[PATH_MAX];
int r, i, version, count = 0, success = 0, confirm = 0;
u_int seconds;
time_t death = 0;
u_char type;
struct sshkey **keys = NULL, *k;
Identity *id;
Idtab *tab;
@@ -768,29 +776,40 @@ process_add_smartcard_key(SocketEntry *e
confirm = 1;
break;
default:
error("process_add_smartcard_key: "
"Unknown constraint type %d", type);
goto send;
}
}
+ if (realpath(provider, canonical_provider) == NULL) {
+ verbose("failed PKCS#11 add of \"%.100s\": realpath: %s",
+ provider, strerror(errno));
+ goto send;
+ }
+ if (match_pattern_list(canonical_provider, pkcs11_whitelist, 0) != 1) {
+ verbose("refusing PKCS#11 add of \"%.100s\": "
+ "provider not whitelisted", canonical_provider);
+ goto send;
+ }
+ debug("%s: add %.100s", __func__, canonical_provider);
if (lifetime && !death)
death = monotime() + lifetime;
- count = pkcs11_add_provider(provider, pin, &keys);
+ count = pkcs11_add_provider(canonical_provider, pin, &keys);
for (i = 0; i < count; i++) {
k = keys[i];
version = k->type == KEY_RSA1 ? 1 : 2;
tab = idtab_lookup(version);
if (lookup_identity(k, version) == NULL) {
id = xcalloc(1, sizeof(Identity));
id->key = k;
- id->provider = xstrdup(provider);
- id->comment = xstrdup(provider); /* XXX */
+ id->provider = xstrdup(canonical_provider);
+ id->comment = xstrdup(canonical_provider); /* XXX */
id->death = death;
id->confirm = confirm;
TAILQ_INSERT_TAIL(&tab->idlist, id, next);
tab->nentries++;
success = 1;
} else {
sshkey_free(k);
}
@@ -1171,17 +1190,17 @@ check_parent_exists(void)
}
}
static void
usage(void)
{
fprintf(stderr,
"usage: ssh-agent [-c | -s] [-Dd] [-a bind_address] [-E fingerprint_hash]\n"
- " [-t life] [command [arg ...]]\n"
+ " [-P pkcs11_whitelist] [-t life] [command [arg ...]]\n"
" ssh-agent [-c | -s] -k\n");
exit(1);
}
int
main(int ac, char **av)
{
int c_flag = 0, d_flag = 0, D_flag = 0, k_flag = 0, s_flag = 0;
@@ -1215,31 +1234,36 @@ main(int ac, char **av)
#ifdef WITH_OPENSSL
OpenSSL_add_all_algorithms();
#endif
__progname = ssh_get_progname(av[0]);
seed_rng();
- while ((ch = getopt(ac, av, "cDdksE:a:t:")) != -1) {
+ while ((ch = getopt(ac, av, "cDdksE:a:P:t:")) != -1) {
switch (ch) {
case 'E':
fingerprint_hash = ssh_digest_alg_by_name(optarg);
if (fingerprint_hash == -1)
fatal("Invalid hash algorithm \"%s\"", optarg);
break;
case 'c':
if (s_flag)
usage();
c_flag++;
break;
case 'k':
k_flag++;
break;
+ case 'P':
+ if (pkcs11_whitelist != NULL)
+ fatal("-P option already specified");
+ pkcs11_whitelist = xstrdup(optarg);
+ break;
case 's':
if (c_flag)
usage();
s_flag++;
break;
case 'd':
if (d_flag || D_flag)
usage();
@@ -1264,16 +1288,19 @@ main(int ac, char **av)
}
}
ac -= optind;
av += optind;
if (ac > 0 && (c_flag || k_flag || s_flag || d_flag || D_flag))
usage();
+ if (pkcs11_whitelist == NULL)
+ pkcs11_whitelist = xstrdup(DEFAULT_PKCS11_WHITELIST);
+
if (ac == 0 && !c_flag && !s_flag) {
shell = getenv("SHELL");
if (shell != NULL && (len = strlen(shell)) > 2 &&
strncmp(shell + len - 3, "csh", 3) == 0)
c_flag = 1;
}
if (k_flag) {
const char *errstr = NULL;
@@ -1411,17 +1438,17 @@ skip:
parent_alive_interval = 10;
idtab_init();
signal(SIGPIPE, SIG_IGN);
signal(SIGINT, (d_flag | D_flag) ? cleanup_handler : SIG_IGN);
signal(SIGHUP, cleanup_handler);
signal(SIGTERM, cleanup_handler);
nalloc = 0;
- if (pledge("stdio cpath unix id proc exec", NULL) == -1)
+ if (pledge("stdio rpath cpath unix id proc exec", NULL) == -1)
fatal("%s: pledge: %s", __progname, strerror(errno));
platform_pledge_agent();
while (1) {
prepare_select(&readsetp, &writesetp, &max_fd, &nalloc, &tvp);
result = select(max_fd + 1, readsetp, writesetp, NULL, tvp);
saved_errno = errno;
if (parent_alive_interval != 0)

82
openssh-7.2p2-s390_OpenSSL-ibmpkcs11_syscalls.patch Normal file
View File

@ -0,0 +1,82 @@
# HG changeset patch
# Parent bb92b9f037cc3686a669cd84caa44a2716f34058
Date: Tue, 9 May 2017 14:27:34 -0300
[PATCH 0/3] Allow syscalls for openssl engines
From: Eduardo Barretto <ebarretto@linux.vnet.ibm.com>
To: openssh-unix-dev@mindrot.org
In order to use the OpenSSL-ibmpkcs11 engine it is needed to allow flock
and ipc calls, because this engine calls OpenCryptoki (a PKCS#11
implementation) which calls the libraries that will communicate with the
crypto cards. OpenCryptoki makes use of flock and ipc and, as of now,
this is only need on s390 architecture.
The EP11 crypto card also needs to make an ioctl call, which receives an
specific argument.
Signed-off-by: Eduardo Barretto <ebarretto@linux.vnet.ibm.com>
related to bsc#1016709
diff --git a/openssh-7.2p2/sandbox-seccomp-filter.c b/openssh-7.2p2/sandbox-seccomp-filter.c
--- a/openssh-7.2p2/sandbox-seccomp-filter.c
+++ b/openssh-7.2p2/sandbox-seccomp-filter.c
@@ -150,16 +150,19 @@ static const struct sock_filter preauth_
SC_ALLOW(stat),
#endif
#ifdef __NR_exit
SC_ALLOW(exit),
#endif
#ifdef __NR_exit_group
SC_ALLOW(exit_group),
#endif
+#if defined(__NR_flock) && defined(__s390__)
+ SC_ALLOW(flock),
+#endif
#ifdef __NR_getpgid
SC_ALLOW(getpgid),
#endif
#ifdef __NR_getpid
SC_ALLOW(getpid),
#endif
#ifdef __NR_getuid
SC_ALLOW(getuid),
@@ -180,16 +183,19 @@ static const struct sock_filter preauth_
SC_ALLOW(gettimeofday),
#endif
#ifdef SSH_AUDIT_EVENTS
SC_ALLOW(getuid),
#ifdef __NR_getuid32 /* not defined on x86_64 */
SC_ALLOW(getuid32),
#endif
#endif
+#if defined(__NR_ipc) && defined(__s390__)
+ SC_ALLOW(ipc),
+#endif
#ifdef __NR_madvise
SC_ALLOW(madvise),
#endif
#ifdef __NR_mmap
SC_ALLOW(mmap),
#endif
#ifdef __NR_mmap2
SC_ALLOW(mmap2),
@@ -233,16 +239,18 @@ static const struct sock_filter preauth_
#ifdef __NR_socketcall
SC_ALLOW_ARG(socketcall, 0, SYS_SHUTDOWN),
#endif
#ifdef __NR_ioctl
#ifdef __s390__
SC_ALLOW_ARG(ioctl, 1, Z90STAT_STATUS_MASK),
SC_ALLOW_ARG(ioctl, 1, ICARSAMODEXPO),
SC_ALLOW_ARG(ioctl, 1, ICARSACRT),
+ /* Allow ioctls for EP11 crypto card on s390 */
+ SC_ALLOW_ARG(ioctl, 1, ZSENDEP11CPRB),
#endif
#endif
/* Default deny */
BPF_STMT(BPF_RET+BPF_K, SECCOMP_FILTER_FAIL),
};
static const struct sock_fprog preauth_program = {

100
openssh-7.2p2-s390_hw_crypto_syscalls.patch Normal file
View File

@ -0,0 +1,100 @@
# HG changeset patch
# Parent 6d8637bec747de081eccba9874f640dcbc4fbb68
This patch enables specific ioctl calls for ICA crypto card on s390
platform. Without this patch, users using the IBMCA engine are not able
to perform ssh login as the filter blocks the communication with the
crypto card.
Signed-off-by: Harald Freudenberger <freude@linux.vnet.ibm.com>
Signed-off-by: Eduardo Barretto <ebarretto@linux.vnet.ibm.com>
bsc#1016709
Upstreamed as:
5f1596e11d55539678c41f68aed358628d33d86f
58b8cfa2a062b72139d7229ae8de567f55776f24
diff --git a/openssh-7.2p2/sandbox-seccomp-filter.c b/openssh-7.2p2/sandbox-seccomp-filter.c
--- a/openssh-7.2p2/sandbox-seccomp-filter.c
+++ b/openssh-7.2p2/sandbox-seccomp-filter.c
@@ -54,42 +54,53 @@
#include <errno.h>
#include <signal.h>
#include <stdarg.h>
#include <stddef.h> /* for offsetof */
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <unistd.h>
+#include <endian.h>
+
+#ifdef __s390__
+#include <asm/zcrypt.h>
+#endif
#include "log.h"
#include "ssh-sandbox.h"
#include "xmalloc.h"
/* Linux seccomp_filter sandbox */
#define SECCOMP_FILTER_FAIL SECCOMP_RET_KILL
/* Use a signal handler to emit violations when debugging */
#ifdef SANDBOX_SECCOMP_FILTER_DEBUG
# undef SECCOMP_FILTER_FAIL
# define SECCOMP_FILTER_FAIL SECCOMP_RET_TRAP
#endif /* SANDBOX_SECCOMP_FILTER_DEBUG */
/* Simple helpers to avoid manual errors (but larger BPF programs). */
+#if __BYTE_ORDER == __LITTLE_ENDIAN
+#define LO_ARG(idx) offsetof(struct seccomp_data, args[(idx)])
+#elif __BYTE_ORDER == __BIG_ENDIAN
+#define LO_ARG(idx) offsetof(struct seccomp_data, args[(idx)]) + sizeof(uint32_t)
+#else
+#error "Unknown endianness"
+#endif
#define SC_DENY(_nr, _errno) \
BPF_JUMP(BPF_JMP+BPF_JEQ+BPF_K, __NR_ ## _nr, 0, 1), \
BPF_STMT(BPF_RET+BPF_K, SECCOMP_RET_ERRNO|(_errno))
#define SC_ALLOW(_nr) \
BPF_JUMP(BPF_JMP+BPF_JEQ+BPF_K, __NR_ ## _nr, 0, 1), \
BPF_STMT(BPF_RET+BPF_K, SECCOMP_RET_ALLOW)
#define SC_ALLOW_ARG(_nr, _arg_nr, _arg_val) \
BPF_JUMP(BPF_JMP+BPF_JEQ+BPF_K, __NR_ ## _nr, 0, 4), \
- /* load first syscall argument */ \
- BPF_STMT(BPF_LD+BPF_W+BPF_ABS, \
- offsetof(struct seccomp_data, args[(_arg_nr)])), \
+ /* load the syscall argument to check into accumulator */ \
+ BPF_STMT(BPF_LD+BPF_W+BPF_ABS, LO_ARG(_arg_nr)), \
BPF_JUMP(BPF_JMP+BPF_JEQ+BPF_K, (_arg_val), 0, 1), \
BPF_STMT(BPF_RET+BPF_K, SECCOMP_RET_ALLOW), \
/* reload syscall number; all rules expect it in accumulator */ \
BPF_STMT(BPF_LD+BPF_W+BPF_ABS, \
offsetof(struct seccomp_data, nr))
/* Syscall filtering set for preauth. */
static const struct sock_filter preauth_insns[] = {
@@ -217,16 +228,23 @@ static const struct sock_filter preauth_
SC_ALLOW(time),
#endif
#ifdef __NR_write
SC_ALLOW(write),
#endif
#ifdef __NR_socketcall
SC_ALLOW_ARG(socketcall, 0, SYS_SHUTDOWN),
#endif
+#ifdef __NR_ioctl
+#ifdef __s390__
+ SC_ALLOW_ARG(ioctl, 1, Z90STAT_STATUS_MASK),
+ SC_ALLOW_ARG(ioctl, 1, ICARSAMODEXPO),
+ SC_ALLOW_ARG(ioctl, 1, ICARSACRT),
+#endif
+#endif
/* Default deny */
BPF_STMT(BPF_RET+BPF_K, SECCOMP_FILTER_FAIL),
};
static const struct sock_fprog preauth_program = {
.len = (unsigned short)(sizeof(preauth_insns)/sizeof(preauth_insns[0])),
.filter = (struct sock_filter *)preauth_insns,

34
openssh-7.2p2-seccomp_geteuid.patch Normal file
View File

@ -0,0 +1,34 @@
# HG changeset patch
# Parent b07f00d5d805c043f5bdc7b8cf6701d924879fa6
Add the 'geteuid' syscall to allowed list, since it may becalled on the
mainframes when OpenSSL is using hardware crypto accelerator via libica
(via ibmica)
bsc#1004258
diff --git a/openssh-7.2p2/sandbox-seccomp-filter.c b/openssh-7.2p2/sandbox-seccomp-filter.c
--- a/openssh-7.2p2/sandbox-seccomp-filter.c
+++ b/openssh-7.2p2/sandbox-seccomp-filter.c
@@ -148,16 +148,22 @@ static const struct sock_filter preauth_
SC_ALLOW(getpid),
#endif
#ifdef __NR_getuid
SC_ALLOW(getuid),
#endif
#ifdef __NR_getuid32
SC_ALLOW(getuid32),
#endif
+#ifdef __NR_geteuid
+ SC_ALLOW(geteuid),
+#endif
+#ifdef __NR_geteuid32
+ SC_ALLOW(geteuid32),
+#endif
#ifdef __NR_getrandom
SC_ALLOW(getrandom),
#endif
#ifdef __NR_gettimeofday
SC_ALLOW(gettimeofday),
#endif
#ifdef __NR_madvise
SC_ALLOW(madvise),

2
openssh-7.2p2-seccomp_getuid.patch
View File

@ -1,5 +1,5 @@
# HG changeset patch
# Parent c66097e5e31cd607bf2206b2da95730cce518b7a
# Parent d75417bf0f4d50cabd84299773bab4ac68f68caa
add 'getuid' syscall to list of allowed ones to prevent the sanboxed thread
from being killed by the seccomp filter

2
openssh-7.2p2-seccomp_stat.patch
View File

@ -1,5 +1,5 @@
# HG changeset patch
# Parent def949a57b8101691c79ecce6366cc7ae1685b07
# Parent 2153c4af090728c778931d2fad72d4b260294122
Allow the stat() syscall for OpenSSL re-seed patch
(which causes OpenSSL use stat() on some file)

51
openssh-7.2p2-secure_unix_sockets_forwarding.patch Normal file
View File

@ -0,0 +1,51 @@
# HG changeset patch
# Parent 4e1fd41aaa9cafe8f7b07868ac38ed4dbdf594aa
Do not allow unix socket when running without privilege separation to prevent
privilege escalation through a socket created with root: ownership.
CVE-2016-10010
bsc#1016368
backported upstream commit b737e4d7433577403a31cff6614f6a1b0b5e22f4
diff --git a/openssh-7.2p2/serverloop.c b/openssh-7.2p2/serverloop.c
--- a/openssh-7.2p2/serverloop.c
+++ b/openssh-7.2p2/serverloop.c
@@ -990,17 +990,17 @@ server_request_direct_streamlocal(void)
originator_port = packet_get_int();
packet_check_eom();
debug("server_request_direct_streamlocal: originator %s port %d, target %s",
originator, originator_port, target);
/* XXX fine grained permissions */
if ((options.allow_streamlocal_forwarding & FORWARD_LOCAL) != 0 &&
- !no_port_forwarding_flag) {
+ !no_port_forwarding_flag && use_privsep) {
c = channel_connect_to_path(target,
"direct-streamlocal@openssh.com", "direct-streamlocal");
} else {
logit("refused streamlocal port forward: "
"originator %s port %d, target %s",
originator, originator_port, target);
}
@@ -1274,17 +1274,17 @@ server_input_global_request(int type, u_
memset(&fwd, 0, sizeof(fwd));
fwd.listen_path = packet_get_string(NULL);
debug("server_input_global_request: streamlocal-forward listen path %s",
fwd.listen_path);
/* check permissions */
if ((options.allow_streamlocal_forwarding & FORWARD_REMOTE) == 0
- || no_port_forwarding_flag) {
+ || no_port_forwarding_flag || !use_privsep) {
success = 0;
packet_send_debug("Server has disabled port forwarding.");
} else {
/* Start listening on the socket */
success = channel_setup_remote_fwd_listener(
&fwd, NULL, &options.fwd_opts);
}
free(fwd.listen_path);

2
openssh-7.2p2-sftp_force_permissions.patch
View File

@ -1,5 +1,5 @@
# HG changeset patch
# Parent efa850d8312ceef224dbec0f2ae1002201afabd9
# Parent 7b45c4f3fef6836db00c5b198736cce17290c5cd
additional option for sftp-server to force file mode for new files
FATE#312774
http://lists.mindrot.org/pipermail/openssh-unix-dev/2010-November/029044.html

2
openssh-7.2p2-sftp_homechroot.patch
View File

@ -1,5 +1,5 @@
# HG changeset patch
# Parent 9b1033f35a6cb173fbc13416065ed40c4b14e656
# Parent fc81df6f2bf393e45e703c89976c3a0fe6e0a273
run sftp sessions inside a chroot
diff --git a/openssh-7.2p2/session.c b/openssh-7.2p2/session.c

87
openssh-7.2p2-ssh_case_insensitive_host_matching.patch Normal file
View File

@ -0,0 +1,87 @@
# HG changeset patch
# Parent 1b99f71db584917a37c5e9140bf63dcb860e8b59
Match hostnames in a case-insensitive manner.
bsc#1017099
diff --git a/openssh-7.2p2/readconf.c b/openssh-7.2p2/readconf.c
--- a/openssh-7.2p2/readconf.c
+++ b/openssh-7.2p2/readconf.c
@@ -526,16 +526,17 @@ execute_in_shell(const char *cmd)
* Parse and execute a Match directive.
*/
static int
match_cfg_line(Options *options, char **condition, struct passwd *pw,
const char *host_arg, const char *original_host, int post_canon,
const char *filename, int linenum)
{
char *arg, *oattrib, *attrib, *cmd, *cp = *condition, *host, *criteria;
+ char *hostlc;
const char *ruser;
int r, port, this_result, result = 1, attributes = 0, negate;
char thishost[NI_MAXHOST], shorthost[NI_MAXHOST], portstr[NI_MAXSERV];
/*
* Configuration is likely to be incomplete at this point so we
* must be prepared to use default values.
*/
@@ -546,16 +547,20 @@ match_cfg_line(Options *options, char **
} else if (options->hostname != NULL) {
/* NB. Please keep in sync with ssh.c:main() */
host = percent_expand(options->hostname,
"h", host_arg, (char *)NULL);
} else {
host = xstrdup(host_arg);
}
+ /* match_hostname() requires the hostname to be lowercase */
+ hostlc = xstrdup(host);
+ lowercase(hostlc);
+
debug2("checking match for '%s' host %s originally %s",
cp, host, original_host);
while ((oattrib = attrib = strdelim(&cp)) && *attrib != '\0') {
criteria = NULL;
this_result = 1;
if ((negate = attrib[0] == '!'))
attrib++;
/* criteria "all" and "canonical" have no argument */
@@ -584,18 +589,18 @@ match_cfg_line(Options *options, char **
}
/* All other criteria require an argument */
if ((arg = strdelim(&cp)) == NULL || *arg == '\0') {
error("Missing Match criteria for %s", attrib);
result = -1;
goto out;
}
if (strcasecmp(attrib, "host") == 0) {
- criteria = xstrdup(host);
- r = match_hostname(host, arg) == 1;
+ criteria = xstrdup(hostlc);
+ r = match_hostname(hostlc, arg) == 1;
if (r == (negate ? 1 : 0))
this_result = result = 0;
} else if (strcasecmp(attrib, "originalhost") == 0) {
criteria = xstrdup(original_host);
r = match_hostname(original_host, arg) == 1;
if (r == (negate ? 1 : 0))
this_result = result = 0;
} else if (strcasecmp(attrib, "user") == 0) {
@@ -658,16 +663,17 @@ match_cfg_line(Options *options, char **
error("One or more attributes required for Match");
result = -1;
goto out;
}
out:
if (result != -1)
debug2("match %sfound", result ? "" : "not ");
*condition = cp;
+ free(hostlc);
free(host);
return result;
}
/* Check and prepare a domain name: removes trailing '.' and lowercases */
static void
valid_domain(char *name, const char *filename, int linenum)
{

175
openssh-7.2p2-verify_CIDR_address_ranges.patch Normal file
View File

@ -0,0 +1,175 @@
# HG changeset patch
# Parent 1b2dad1b57b086d094fe09327fcf1c490475a7cd
Check for invalid CIDR adress masks.
bsc#1005893
backported upstream commit: 010359b32659f455fddd2bd85fd7cc4d7a3b994a (7.4)
backported upstream commit: 1a6f9d2e2493d445cd9ee496e6e3c2a2f283f66a
backported upstream commit: fe06b68f824f8f55670442fb31f2c03526dd326c
diff --git a/openssh-7.2p2/auth.c b/openssh-7.2p2/auth.c
--- a/openssh-7.2p2/auth.c
+++ b/openssh-7.2p2/auth.c
@@ -95,16 +95,17 @@ int auth_debug_init;
* Otherwise true is returned.
*/
int
allowed_user(struct passwd * pw)
{
struct stat st;
const char *hostname = NULL, *ipaddr = NULL, *passwd = NULL;
u_int i;
+ int r;
#ifdef USE_SHADOW
struct spwd *spw = NULL;
#endif
/* Shouldn't be called if pw is NULL, but better safe than sorry... */
if (!pw || !pw->pw_name)
return 0;
@@ -183,31 +184,41 @@ allowed_user(struct passwd * pw)
if (options.num_deny_users > 0 || options.num_allow_users > 0 ||
options.num_deny_groups > 0 || options.num_allow_groups > 0) {
hostname = get_canonical_hostname(options.use_dns);
ipaddr = get_remote_ipaddr();
}
/* Return false if user is listed in DenyUsers */
if (options.num_deny_users > 0) {
- for (i = 0; i < options.num_deny_users; i++)
- if (match_user(pw->pw_name, hostname, ipaddr,
- options.deny_users[i])) {
+ for (i = 0; i < options.num_deny_users; i++) {
+ r = match_user(pw->pw_name, hostname, ipaddr,
+ options.deny_users[i]);
+ if (r < 0) {
+ fatal("Invalid DenyUsers pattern \"%.100s\"",
+ options.deny_users[i]);
+ } else if (r != 0) {
logit("User %.100s from %.100s not allowed "
"because listed in DenyUsers",
pw->pw_name, hostname);
return 0;
}
+ }
}
/* Return false if AllowUsers isn't empty and user isn't listed there */
if (options.num_allow_users > 0) {
- for (i = 0; i < options.num_allow_users; i++)
- if (match_user(pw->pw_name, hostname, ipaddr,
- options.allow_users[i]))
+ for (i = 0; i < options.num_allow_users; i++) {
+ r = match_user(pw->pw_name, hostname, ipaddr,
+ options.allow_users[i]);
+ if (r < 0) {
+ fatal("Invalid AllowUsers pattern \"%.100s\"",
+ options.allow_users[i]);
+ } else if (r == 1)
break;
+ }
/* i < options.num_allow_users iff we break for loop */
if (i >= options.num_allow_users) {
logit("User %.100s from %.100s not allowed because "
"not listed in AllowUsers", pw->pw_name, hostname);
return 0;
}
}
if (options.num_deny_groups > 0 || options.num_allow_groups > 0) {
diff --git a/openssh-7.2p2/match.c b/openssh-7.2p2/match.c
--- a/openssh-7.2p2/match.c
+++ b/openssh-7.2p2/match.c
@@ -186,41 +186,50 @@ match_hostname(const char *host, const c
* successful match.
*/
int
match_host_and_ip(const char *host, const char *ipaddr,
const char *patterns)
{
int mhost, mip;
- /* error in ipaddr match */
if ((mip = addr_match_list(ipaddr, patterns)) == -2)
- return -1;
- else if (mip == -1) /* negative ip address match */
- return 0;
+ return -1; /* error in ipaddr match */
+ else if (host == NULL || ipaddr == NULL || mip == -1)
+ return 0; /* negative ip address match, or testing pattern */
/* negative hostname match */
if ((mhost = match_hostname(host, patterns)) == -1)
return 0;
/* no match at all */
if (mhost == 0 && mip == 0)
return 0;
return 1;
}
/*
- * match user, user@host_or_ip, user@host_or_ip_list against pattern
+ * Match user, user@host_or_ip, user@host_or_ip_list against pattern.
+ * If user, host and ipaddr are all NULL then validate pattern/
+ * Returns -1 on invalid pattern, 0 on no match, 1 on match.
*/
int
match_user(const char *user, const char *host, const char *ipaddr,
const char *pattern)
{
char *p, *pat;
int ret;
+ /* test mode */
+ if (user == NULL && host == NULL && ipaddr == NULL) {
+ if ((p = strchr(pattern, '@')) != NULL &&
+ match_host_and_ip(NULL, NULL, p + 1) < 0)
+ return -1;
+ return 0;
+ }
+
if ((p = strchr(pattern,'@')) == NULL)
return match_pattern(user, pattern);
pat = xstrdup(pattern);
p = strchr(pat, '@');
*p++ = '\0';
if ((ret = match_pattern(user, pat)) == 1)
diff --git a/openssh-7.2p2/servconf.c b/openssh-7.2p2/servconf.c
--- a/openssh-7.2p2/servconf.c
+++ b/openssh-7.2p2/servconf.c
@@ -1462,28 +1462,34 @@ process_server_config_line(ServerOptions
multistate_ptr = multistate_privsep;
goto parse_multistate;
case sAllowUsers:
while ((arg = strdelim(&cp)) && *arg != '\0') {
if (options->num_allow_users >= MAX_ALLOW_USERS)
fatal("%s line %d: too many allow users.",
filename, linenum);
+ if (match_user(NULL, NULL, NULL, arg) == -1)
+ fatal("%s line %d: invalid AllowUsers pattern: "
+ "\"%.100s\"", filename, linenum, arg);
if (!*activep)
continue;
options->allow_users[options->num_allow_users++] =
xstrdup(arg);
}
break;
case sDenyUsers:
while ((arg = strdelim(&cp)) && *arg != '\0') {
if (options->num_deny_users >= MAX_DENY_USERS)
fatal("%s line %d: too many deny users.",
filename, linenum);
+ if (match_user(NULL, NULL, NULL, arg) == -1)
+ fatal("%s line %d: invalid DenyUsers pattern: "
+ "\"%.100s\"", filename, linenum, arg);
if (!*activep)
continue;
options->deny_users[options->num_deny_users++] =
xstrdup(arg);
}
break;
case sAllowGroups:

2
openssh-askpass-gnome.spec
View File

@ -1,7 +1,7 @@
#
# spec file for package openssh-askpass-gnome
#
# Copyright (c) 2017 SUSE LINUX GmbH, Nuernberg, Germany.
# Copyright (c) 2017 SUSE LINUX Products GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed

44
openssh.changes
View File

@ -1,3 +1,47 @@
-------------------------------------------------------------------
Mon May 15 20:47:29 UTC 2017 - pcerny@suse.com
- Fix preauth seccomp separation on mainframes (bsc#1016709)
[openssh-7.2p2-s390_hw_crypto_syscalls.patch]
[openssh-7.2p2-s390_OpenSSL-ibmpkcs11_syscalls.patch]
- enable case-insensitive hostname matching (bsc#1017099)
[openssh-7.2p2-ssh_case_insensitive_host_matching.patch]
- add CAVS tests
[openssh-7.2p2-cavstest-ctr.patch]
[openssh-7.2p2-cavstest-kdf.patch]
- Adding missing pieces for user matching (bsc#1021626)
- Properly verify CIDR masks in configuration
(bsc#1005893)
[openssh-7.2p2-verify_CIDR_address_ranges.patch]
- Remove pre-auth compression support from the server to prevent
possible cryptographic attacks.
(CVE-2016-10012, bsc#1016370)
[openssh-7.2p2-disable_preauth_compression.patch]
- limit directories for loading PKCS11 modules
(CVE-2016-10009, bsc#1016366)
[openssh-7.2p2-restrict_pkcs11-modules.patch]
- Prevent possible leaks of host private keys to low-privilege
process handling authentication
(CVE-2016-10011, bsc#1016369)
[openssh-7.2p2-prevent_private_key_leakage.patch]
- Do not allow unix socket forwarding when running without
privilege separation
(CVE-2016-10010, bsc#1016368)
[openssh-7.2p2-secure_unix_sockets_forwarding.patch]
- prevent resource depletion during key exchange
(bsc#1005480, CVE-2016-8858)
[openssh-7.2p2-kex_resource_depletion.patch]
- fix suggested command for removing conflicting server keys from
the known_hosts file (bsc#1006221)
- enable geteuid{,32} syscalls on mainframes, since it may be
called from libica/ibmica on machines with hardware crypto
accelerator (bsc#1004258)
[openssh-7.2p2-seccomp_geteuid.patch]
- fix regression of (bsc#823710)
[openssh-7.2p2-audit_fixes.patch]
- add slogin (removed upstreams)
[openssh-7.2p2-keep_slogin.patch]
-------------------------------------------------------------------
Wed Feb 22 19:31:08 UTC 2017 - crrodriguez@opensuse.org

77
openssh.spec
View File

@ -1,7 +1,7 @@
#
# spec file for package openssh
#
# Copyright (c) 2017 SUSE LINUX GmbH, Nuernberg, Germany.
# Copyright (c) 2017 SUSE LINUX Products GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@ -77,9 +77,12 @@ BuildRequires: libedit-devel
%if %{has_libselinux}
BuildRequires: libselinux-devel
%endif
BuildRequires: openldap2-devel
BuildRequires: openssl
%if %{suse_version} < 1330
BuildRequires: openssl-devel
%else
BuildRequires: libopenssl-1_0_0-devel
%endif
BuildRequires: openldap2-devel
BuildRequires: pam-devel
%if %{uses_systemd}
BuildRequires: pkgconfig(systemd)
@ -125,25 +128,39 @@ Patch11: openssh-7.2p2-pts_names_formatting.patch
Patch12: openssh-7.2p2-pam_check_locks.patch
Patch13: openssh-7.2p2-disable_short_DH_parameters.patch
Patch14: openssh-7.2p2-seccomp_getuid.patch
Patch15: openssh-7.2p2-seccomp_stat.patch
Patch16: openssh-7.2p2-fips.patch
Patch17: openssh-7.2p2-seed-prng.patch
Patch18: openssh-7.2p2-gssapi_key_exchange.patch
Patch19: openssh-7.2p2-audit.patch
Patch20: openssh-7.2p2-audit_seed_prng.patch
Patch21: openssh-7.2p2-login_options.patch
Patch22: openssh-7.2p2-disable_openssl_abi_check.patch
Patch23: openssh-7.2p2-no_fork-no_pid_file.patch
Patch24: openssh-7.2p2-host_ident.patch
Patch25: openssh-7.2p2-sftp_homechroot.patch
Patch26: openssh-7.2p2-sftp_force_permissions.patch
Patch27: openssh-7.2p2-X_forward_with_disabled_ipv6.patch
Patch28: openssh-7.2p2-ldap.patch
Patch29: openssh-7.2p2-additional_seccomp_archs.patch
Patch30: openssh-7.2p2-IPv6_X_forwarding.patch
Patch31: openssh-7.2p2-ignore_PAM_with_UseLogin.patch
Patch32: openssh-7.2p2-prevent_timing_user_enumeration.patch
Patch33: openssh-7.2p2-limit_password_length.patch
Patch15: openssh-7.2p2-seccomp_geteuid.patch
Patch16: openssh-7.2p2-seccomp_stat.patch
Patch17: openssh-7.2p2-additional_seccomp_archs.patch
Patch18: openssh-7.2p2-fips.patch
Patch19: openssh-7.2p2-cavstest-ctr.patch
Patch20: openssh-7.2p2-cavstest-kdf.patch
Patch21: openssh-7.2p2-seed-prng.patch
Patch22: openssh-7.2p2-gssapi_key_exchange.patch
Patch23: openssh-7.2p2-audit.patch
Patch24: openssh-7.2p2-audit_fixes.patch
Patch25: openssh-7.2p2-audit_seed_prng.patch
Patch26: openssh-7.2p2-login_options.patch
Patch27: openssh-7.2p2-disable_openssl_abi_check.patch
Patch28: openssh-7.2p2-no_fork-no_pid_file.patch
Patch29: openssh-7.2p2-host_ident.patch
Patch30: openssh-7.2p2-sftp_homechroot.patch
Patch31: openssh-7.2p2-sftp_force_permissions.patch
Patch32: openssh-7.2p2-X_forward_with_disabled_ipv6.patch
Patch33: openssh-7.2p2-ldap.patch
Patch34: openssh-7.2p2-IPv6_X_forwarding.patch
Patch35: openssh-7.2p2-ignore_PAM_with_UseLogin.patch
Patch36: openssh-7.2p2-prevent_timing_user_enumeration.patch
Patch37: openssh-7.2p2-limit_password_length.patch
Patch38: openssh-7.2p2-keep_slogin.patch
Patch39: openssh-7.2p2-kex_resource_depletion.patch
Patch40: openssh-7.2p2-verify_CIDR_address_ranges.patch
Patch41: openssh-7.2p2-restrict_pkcs11-modules.patch
Patch42: openssh-7.2p2-prevent_private_key_leakage.patch
Patch43: openssh-7.2p2-secure_unix_sockets_forwarding.patch
Patch44: openssh-7.2p2-ssh_case_insensitive_host_matching.patch
Patch45: openssh-7.2p2-disable_preauth_compression.patch
Patch46: openssh-7.2p2-s390_hw_crypto_syscalls.patch
Patch47: openssh-7.2p2-s390_OpenSSL-ibmpkcs11_syscalls.patch
BuildRoot: %{_tmppath}/%{name}-%{version}-build
Conflicts: nonfreessh
Recommends: audit
@ -229,13 +246,27 @@ FIPS140 CAVS tests related parts of the OpenSSH package
%patch31 -p2
%patch32 -p2
%patch33 -p2
%patch34 -p2
%patch35 -p2
%patch36 -p2
%patch37 -p2
%patch38 -p2
%patch39 -p2
%patch40 -p2
%patch41 -p2
%patch42 -p2
%patch43 -p2
%patch44 -p2
%patch45 -p2
%patch46 -p2
%patch47 -p2
cp %{SOURCE3} %{SOURCE4} %{SOURCE11} .
%build
# set libexec dir in the LDAP patch
sed -i.libexec 's,@LIBEXECDIR@,%{_libexecdir}/ssh,' \
$( grep -Rl @LIBEXECDIR@ \
$( grep "^+++" %{PATCH28} | sed -r 's@^.+/([^/\t ]+).*$@\1@' )
$( grep "^+++" %{PATCH33} | sed -r 's@^.+/([^/\t ]+).*$@\1@' )
)
autoreconf -fiv