efb05e6527
- Update of the underlying OpenSSH to 6.6p1
- update to 6.6p1
Security:
* sshd(8): when using environment passing with a sshd_config(5)
AcceptEnv pattern with a wildcard. OpenSSH prior to 6.6 could
be tricked into accepting any enviornment variable that
contains the characters before the wildcard character.
Features since 6.5p1:
* ssh(1), sshd(8): removal of the J-PAKE authentication code,
which was experimental, never enabled and has been
unmaintained for some time.
* ssh(1): skip 'exec' clauses other clauses predicates failed
to match while processing Match blocks.
* ssh(1): if hostname canonicalisation is enabled and results
in the destination hostname being changed, then re-parse
ssh_config(5) files using the new destination hostname. This
gives 'Host' and 'Match' directives that use the expanded
hostname a chance to be applied.
Bugfixes:
* ssh(1): avoid spurious "getsockname failed: Bad file
descriptor" in ssh -W. bz#2200, debian#738692
* sshd(8): allow the shutdown(2) syscall in seccomp-bpf and
systrace sandbox modes, as it is reachable if the connection
is terminated during the pre-auth phase.
* ssh(1), sshd(8): fix unsigned overflow that in SSH protocol 1
bignum parsing. Minimum key length checks render this bug
unexploitable to compromise SSH 1 sessions.
* sshd_config(5): clarify behaviour of a keyword that appears
in multiple matching Match blocks. bz#2184
OBS-URL: https://build.opensuse.org/request/show/230097
OBS-URL: https://build.opensuse.org/package/show/network/openssh?expand=0&rev=76
62 lines
1.8 KiB
Diff
62 lines
1.8 KiB
Diff
# HG changeset patch
|
|
# Parent c487e15d91bc5cdfb0aedcf4d3c7fe4d0f309a73
|
|
|
|
diff --git a/openssh-6.6p1/auth-rsa.c b/openssh-6.6p1/auth-rsa.c
|
|
--- a/openssh-6.6p1/auth-rsa.c
|
|
+++ b/openssh-6.6p1/auth-rsa.c
|
|
@@ -94,16 +94,20 @@ int
|
|
auth_rsa_verify_response(Key *key, BIGNUM *challenge,
|
|
u_char response[SSH_DIGEST_MAX_LENGTH])
|
|
{
|
|
u_char buf[2 * SSH_DIGEST_MAX_LENGTH], mdbuf[SSH_DIGEST_MAX_LENGTH];
|
|
struct ssh_digest_ctx *md;
|
|
int len;
|
|
int dgst;
|
|
size_t dgst_len;
|
|
+ int rv;
|
|
+#ifdef SSH_AUDIT_EVENTS
|
|
+ char *fp;
|
|
+#endif
|
|
|
|
/* don't allow short keys */
|
|
if (BN_num_bits(key->rsa->n) < SSH_RSA_MINIMUM_MODULUS_SIZE) {
|
|
error("%s: RSA modulus too small: %d < minimum %d bits",
|
|
__func__,
|
|
BN_num_bits(key->rsa->n), SSH_RSA_MINIMUM_MODULUS_SIZE);
|
|
return (0);
|
|
}
|
|
@@ -121,22 +125,28 @@ auth_rsa_verify_response(Key *key, BIGNU
|
|
if ((md = ssh_digest_start(dgst)) == NULL ||
|
|
ssh_digest_update(md, buf, 2 * dgst_len) < 0 ||
|
|
ssh_digest_update(md, session_id, dgst_len) < 0 ||
|
|
ssh_digest_final(md, mdbuf, sizeof(mdbuf)) < 0)
|
|
fatal("%s: md5 failed", __func__);
|
|
ssh_digest_free(md);
|
|
|
|
/* Verify that the response is the original challenge. */
|
|
- if (timingsafe_bcmp(response, mdbuf, dgst_len) != 0) {
|
|
- /* Wrong answer. */
|
|
- return (0);
|
|
+ rv = timingsafe_bcmp(response, mdbuf, dgst_len) == 0;
|
|
+
|
|
+#ifdef SSH_AUDIT_EVENTS
|
|
+ fp = key_fingerprint(key, key_fp_type_select(), SSH_FP_HEX);
|
|
+ if (audit_keyusage(1, "ssh-rsa1", RSA_size(key->rsa) * 8, fp, rv) == 0) {
|
|
+ debug("unsuccessful audit");
|
|
+ rv = 0;
|
|
}
|
|
- /* Correct answer. */
|
|
- return (1);
|
|
+ free(fp);
|
|
+#endif
|
|
+
|
|
+ return rv;
|
|
}
|
|
|
|
/*
|
|
* Performs the RSA authentication challenge-response dialog with the client,
|
|
* and returns true (non-zero) if the client gave the correct answer to
|
|
* our challenge; returns zero if the client gives a wrong answer.
|
|
*/
|
|
|