From c159d0ce661efc5d3e13a98404a5b8ee19363910ba75598b48730439bed0d19f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Tom=C3=A1=C5=A1=20Chv=C3=A1tal?= Date: Wed, 17 Oct 2018 09:24:31 +0000 Subject: [PATCH 1/9] - Disable ssh1 protocol support as neither RH or Debian enable this protocol by default anymore either. OBS-URL: https://build.opensuse.org/package/show/network/openssh?expand=0&rev=154 --- README.SUSE | 4 ---- openssh.changes | 6 ++++++ openssh.spec | 7 ++----- 3 files changed, 8 insertions(+), 9 deletions(-) diff --git a/README.SUSE b/README.SUSE index d52608c..cd33733 100644 --- a/README.SUSE +++ b/README.SUSE @@ -11,10 +11,6 @@ There are following changes in default settings of ssh client and server: either "prohibit-password" or even better to "no" (which disables direct remote root login entirely). -* SSH protocol version 1 is enabled for maximum compatibility. - NOTE: do not use protocol version 1. It is less secure then v2 and should - generally be phased out. - * DSA authentication is enabled by default for maximum compatibility. NOTE: do not use DSA authentication since it is being phased out for a reason - the size of DSA keys is limited by the standard to 1024 bits which cannot diff --git a/openssh.changes b/openssh.changes index 366ef78..3eafc4d 100644 --- a/openssh.changes +++ b/openssh.changes @@ -1,3 +1,9 @@ +------------------------------------------------------------------- +Wed Oct 17 09:22:36 UTC 2018 - Tomáš Chvátal + +- Disable ssh1 protocol support as neither RH or Debian enable + this protocol by default anymore either. + ------------------------------------------------------------------- Wed Oct 17 08:42:12 UTC 2018 - Tomáš Chvátal diff --git a/openssh.spec b/openssh.spec index 354e64f..a531eaf 100644 --- a/openssh.spec +++ b/openssh.spec @@ -27,8 +27,7 @@ %bcond_without susefirewall %bcond_with tirpc %endif -%define _fwdir %{_sysconfdir}/sysconfig/SuSEfirewall2.d -%define _fwdefdir %{_fwdir}/services +%define _fwdefdir %{_sysconfdir}/sysconfig/SuSEfirewall2.d/services %define _appdefdir %( grep "configdirspec=" $( which xmkmf ) | sed -r 's,^[^=]+=.*-I(.*)/config.*$,\\1/app-defaults,' ) %define CHECKSUM_SUFFIX .hmac %define CHECKSUM_HMAC_KEY "HMAC_KEY:OpenSSH-FIPS@SLE" @@ -197,10 +196,8 @@ export LDFLAGS CFLAGS CXXFLAGS CPPFLAGS --with-ldap \ --with-xauth=%{_bindir}/xauth \ --with-libedit \ - --with-ssh1 \ - --target=%{_target_cpu}-suse-linux \ + --target=%{_target_cpu}-suse-linux -### configure end make %{?_smp_mflags} %install From 704eb5c303ed8c5a671673b7cc1341b4f5910539472befca28758661103c1ce4 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Tom=C3=A1=C5=A1=20Chv=C3=A1tal?= Date: Fri, 19 Oct 2018 08:41:04 +0000 Subject: [PATCH 2/9] - Drop patch openssh-7.7p1-allow_root_password_login.patch * There is no reason to set less secure default value, if users need the behaviour they can still set it up themselves - Drop patch openssh-7.7p1-blocksigalrm.patch * We had a bug way in past about this but it was never reproduced or even confirmed in the ticket, thus rather drop the patch OBS-URL: https://build.opensuse.org/package/show/network/openssh?expand=0&rev=155 --- README.SUSE | 6 -- openssh-7.7p1-allow_root_password_login.patch | 95 ------------------- openssh-7.7p1-blocksigalrm.patch | 75 --------------- openssh.changes | 10 ++ openssh.spec | 2 - 5 files changed, 10 insertions(+), 178 deletions(-) delete mode 100644 openssh-7.7p1-allow_root_password_login.patch delete mode 100644 openssh-7.7p1-blocksigalrm.patch diff --git a/README.SUSE b/README.SUSE index cd33733..cb1f82b 100644 --- a/README.SUSE +++ b/README.SUSE @@ -5,12 +5,6 @@ There are following changes in default settings of ssh client and server: * PAM authentication is enabled and mostly even required, do not turn it off. -* root authentiation with password is enabled by default (PermitRootLogin yes). - NOTE: this has security implications and is only done in order to not change - behaviour of the server in an update. We strongly suggest setting this option - either "prohibit-password" or even better to "no" (which disables direct - remote root login entirely). - * DSA authentication is enabled by default for maximum compatibility. NOTE: do not use DSA authentication since it is being phased out for a reason - the size of DSA keys is limited by the standard to 1024 bits which cannot diff --git a/openssh-7.7p1-allow_root_password_login.patch b/openssh-7.7p1-allow_root_password_login.patch deleted file mode 100644 index 13b0ae7..0000000 --- a/openssh-7.7p1-allow_root_password_login.patch +++ /dev/null @@ -1,95 +0,0 @@ -# HG changeset patch -# Parent 3bf0158be93bd08d60a30a320650ea7f9844ef50 -Allow root login with password by default. While less secure than upstream -default of forbidding access to the root account with a password, we are -temporarily introducing this change to keep the default used in older OpenSSH -versions shipped with SLE. - -diff --git a/openssh-7.7p1/servconf.c b/openssh-7.7p1/servconf.c ---- openssh-7.7p1/servconf.c -+++ openssh-7.7p1/servconf.c -@@ -265,17 +265,17 @@ fill_default_server_options(ServerOption - options->address_family = AF_UNSPEC; - if (options->listen_addrs == NULL) - add_listen_addr(options, NULL, NULL, 0); - if (options->pid_file == NULL) - options->pid_file = xstrdup(_PATH_SSH_DAEMON_PID_FILE); - if (options->login_grace_time == -1) - options->login_grace_time = 120; - if (options->permit_root_login == PERMIT_NOT_SET) -- options->permit_root_login = PERMIT_NO_PASSWD; -+ options->permit_root_login = PERMIT_YES; - if (options->ignore_rhosts == -1) - options->ignore_rhosts = 1; - if (options->ignore_user_known_hosts == -1) - options->ignore_user_known_hosts = 0; - if (options->print_motd == -1) - options->print_motd = 1; - if (options->print_lastlog == -1) - options->print_lastlog = 1; -diff --git a/openssh-7.7p1/sshd_config b/openssh-7.7p1/sshd_config ---- openssh-7.7p1/sshd_config -+++ openssh-7.7p1/sshd_config -@@ -24,17 +24,17 @@ - - # Logging - #SyslogFacility AUTH - #LogLevel INFO - - # Authentication: - - #LoginGraceTime 2m --#PermitRootLogin prohibit-password -+#PermitRootLogin yes - #StrictModes yes - #MaxAuthTries 6 - #MaxSessions 10 - - #PubkeyAuthentication yes - - # The default is to check both .ssh/authorized_keys and .ssh/authorized_keys2 - # but this is overridden so installations will only check .ssh/authorized_keys -diff --git a/openssh-7.7p1/sshd_config.0 b/openssh-7.7p1/sshd_config.0 ---- openssh-7.7p1/sshd_config.0 -+++ openssh-7.7p1/sshd_config.0 -@@ -709,17 +709,17 @@ DESCRIPTION - none can be used to prohibit all forwarding requests. The - wildcard M-bM-^@M-^X*M-bM-^@M-^Y can be used for host or port to allow all hosts or - ports, respectively. By default all port forwarding requests are - permitted. - - PermitRootLogin - Specifies whether root can log in using ssh(1). The argument - must be yes, prohibit-password, forced-commands-only, or no. The -- default is prohibit-password. -+ default is yes. - - If this option is set to prohibit-password (or its deprecated - alias, without-password), password and keyboard-interactive - authentication are disabled for root. - - If this option is set to forced-commands-only, root login with - public key authentication will be allowed, but only if the - command option has been specified (which may be useful for taking -diff --git a/openssh-7.7p1/sshd_config.5 b/openssh-7.7p1/sshd_config.5 ---- openssh-7.7p1/sshd_config.5 -+++ openssh-7.7p1/sshd_config.5 -@@ -1220,17 +1220,17 @@ Specifies whether root can log in using - .Xr ssh 1 . - The argument must be - .Cm yes , - .Cm prohibit-password , - .Cm forced-commands-only , - or - .Cm no . - The default is --.Cm prohibit-password . -+.Cm yes . - .Pp - If this option is set to - .Cm prohibit-password - (or its deprecated alias, - .Cm without-password ) , - password and keyboard-interactive authentication are disabled for root. - .Pp - If this option is set to diff --git a/openssh-7.7p1-blocksigalrm.patch b/openssh-7.7p1-blocksigalrm.patch deleted file mode 100644 index a2a5716..0000000 --- a/openssh-7.7p1-blocksigalrm.patch +++ /dev/null @@ -1,75 +0,0 @@ -# HG changeset patch -# Parent 2e66b48b2212113d9897a58aaada67557b7c4f35 -block SIGALRM while logging through syslog to prevent deadlocks -(through grace_alarm_handler()) - -bnc#57354 - -diff --git a/openssh-7.7p1/log.c b/openssh-7.7p1/log.c ---- openssh-7.7p1/log.c -+++ openssh-7.7p1/log.c -@@ -46,16 +46,17 @@ - #include - #include - #include - #if defined(HAVE_STRNVIS) && defined(HAVE_VIS_H) && !defined(BROKEN_STRNVIS) - # include - #endif - - #include "log.h" -+#include - - static LogLevel log_level = SYSLOG_LEVEL_INFO; - static int log_on_stderr = 1; - static int log_stderr_fd = STDERR_FILENO; - static int log_facility = LOG_AUTH; - static char *argv0; - static log_handler_fn *log_handler; - static void *log_handler_ctx; -@@ -396,16 +397,17 @@ do_log(LogLevel level, const char *fmt, - { - #if defined(HAVE_OPENLOG_R) && defined(SYSLOG_DATA_INIT) - struct syslog_data sdata = SYSLOG_DATA_INIT; - #endif - char msgbuf[MSGBUFSIZ]; - char fmtbuf[MSGBUFSIZ]; - char *txt = NULL; - int pri = LOG_INFO; -+ sigset_t nset, oset; - int saved_errno = errno; - log_handler_fn *tmp_handler; - - if (level > log_level) - return; - - switch (level) { - case SYSLOG_LEVEL_FATAL: -@@ -455,20 +457,28 @@ do_log(LogLevel level, const char *fmt, - log_handler = NULL; - tmp_handler(level, fmtbuf, log_handler_ctx); - log_handler = tmp_handler; - } else if (log_on_stderr) { - snprintf(msgbuf, sizeof msgbuf, "%.*s\r\n", - (int)sizeof msgbuf - 3, fmtbuf); - (void)write(log_stderr_fd, msgbuf, strlen(msgbuf)); - } else { -+ /* Prevent a race between the grace_alarm which writes a -+ * log message and terminates and main sshd code that leads -+ * to deadlock as syslog is not async safe. -+ */ -+ sigemptyset(&nset); -+ sigaddset(&nset, SIGALRM); -+ sigprocmask(SIG_BLOCK, &nset, &oset); - #if defined(HAVE_OPENLOG_R) && defined(SYSLOG_DATA_INIT) - openlog_r(argv0 ? argv0 : __progname, LOG_PID, log_facility, &sdata); - syslog_r(pri, &sdata, "%.500s", fmtbuf); - closelog_r(&sdata); - #else - openlog(argv0 ? argv0 : __progname, LOG_PID, log_facility); - syslog(pri, "%.500s", fmtbuf); - closelog(); - #endif -+ sigprocmask(SIG_SETMASK, &oset, NULL); - } - errno = saved_errno; - } diff --git a/openssh.changes b/openssh.changes index 3eafc4d..3052e64 100644 --- a/openssh.changes +++ b/openssh.changes @@ -1,3 +1,13 @@ +------------------------------------------------------------------- +Fri Oct 19 08:36:52 UTC 2018 - Tomáš Chvátal + +- Drop patch openssh-7.7p1-allow_root_password_login.patch + * There is no reason to set less secure default value, if + users need the behaviour they can still set it up themselves +- Drop patch openssh-7.7p1-blocksigalrm.patch + * We had a bug way in past about this but it was never reproduced + or even confirmed in the ticket, thus rather drop the patch + ------------------------------------------------------------------- Wed Oct 17 09:22:36 UTC 2018 - Tomáš Chvátal diff --git a/openssh.spec b/openssh.spec index a531eaf..ec9bb7e 100644 --- a/openssh.spec +++ b/openssh.spec @@ -55,11 +55,9 @@ Source9: sshd-gen-keys-start Source10: sshd.service Source11: README.FIPS Source12: cavs_driver-ssh.pl -Patch0: openssh-7.7p1-allow_root_password_login.patch Patch1: openssh-7.7p1-X11_trusted_forwarding.patch Patch3: openssh-7.7p1-enable_PAM_by_default.patch Patch4: openssh-7.7p1-eal3.patch -Patch5: openssh-7.7p1-blocksigalrm.patch Patch6: openssh-7.7p1-send_locale.patch Patch7: openssh-7.7p1-hostname_changes_when_forwarding_X.patch Patch8: openssh-7.7p1-remove_xauth_cookies_on_exit.patch From 59e5b4e5de56f68be248185f0e7343d6a1abb935fec83e44d61df11faddc8f4b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Tom=C3=A1=C5=A1=20Chv=C3=A1tal?= Date: Fri, 19 Oct 2018 13:12:48 +0000 Subject: [PATCH 3/9] - Update openssh-7.7p1-sftp_force_permissions.patch from the upstream bug, and mention the bug in the spec OBS-URL: https://build.opensuse.org/package/show/network/openssh?expand=0&rev=156 --- openssh-7.7p1-sftp_force_permissions.patch | 168 ++++++++------------- openssh.changes | 6 + openssh.spec | 1 + 3 files changed, 73 insertions(+), 102 deletions(-) diff --git a/openssh-7.7p1-sftp_force_permissions.patch b/openssh-7.7p1-sftp_force_permissions.patch index 31f2113..9f313c9 100644 --- a/openssh-7.7p1-sftp_force_permissions.patch +++ b/openssh-7.7p1-sftp_force_permissions.patch @@ -1,123 +1,100 @@ -# HG changeset patch -# Parent 37bba3ff816d9ab93ddcf23389a4eb29d7716006 -additional option for sftp-server to force file mode for new files -FATE#312774 -http://lists.mindrot.org/pipermail/openssh-unix-dev/2010-November/029044.html -http://marc.info/?l=openssh-unix-dev&m=128896838930893 - -diff --git a/openssh-7.7p1/sftp-server.8 b/openssh-7.7p1/sftp-server.8 ---- openssh-7.7p1/sftp-server.8 -+++ openssh-7.7p1/sftp-server.8 -@@ -33,16 +33,17 @@ - .Bk -words - .Op Fl ehR - .Op Fl d Ar start_directory - .Op Fl f Ar log_facility - .Op Fl l Ar log_level +--- original/sftp-server.8 2016-12-19 04:59:41.000000000 +0000 ++++ original/sftp-server.8 2017-11-23 08:47:01.267239186 +0000 +@@ -38,6 +38,7 @@ .Op Fl P Ar blacklisted_requests .Op Fl p Ar whitelisted_requests .Op Fl u Ar umask -+.Op Fl m Ar force_file_permissions ++.Op Fl m Ar force_file_dir_perms .Ek .Nm .Fl Q Ar protocol_feature - .Sh DESCRIPTION - .Nm - is a program that speaks the server side of SFTP protocol - to stdout and expects client requests from stdin. - .Nm -@@ -133,16 +134,20 @@ Places this instance of - into a read-only mode. - Attempts to open files for writing, as well as other operations that change - the state of the filesystem, will be denied. - .It Fl u Ar umask - Sets an explicit +@@ -138,6 +139,10 @@ .Xr umask 2 to be applied to newly-created files and directories, instead of the user's default mask. -+.It Fl m Ar force_file_permissions -+Sets explicit file permissions to be applied to newly-created files instead -+of the default or client requested mode. Numeric values include: ++.It Fl m Ar force_file_dir_perms ++Sets explicit permissions to be applied to newly-created files and directories ++instead of the default or client requested mode. Numeric values include: +777, 755, 750, 666, 644, 640, etc. Option -u is ineffective if -m is set. .El .Pp On some systems, - .Nm - must be able to access - .Pa /dev/log - for logging to work, and use of - .Nm -diff --git a/openssh-7.7p1/sftp-server.c b/openssh-7.7p1/sftp-server.c ---- openssh-7.7p1/sftp-server.c -+++ openssh-7.7p1/sftp-server.c -@@ -71,16 +71,20 @@ static u_int version; - static int init_done; +--- original/sftp-server.c 2016-12-19 04:59:41.000000000 +0000 ++++ original/sftp-server.c 2017-11-23 13:07:08.481765581 +0000 +@@ -65,6 +65,10 @@ + /* Version of client */ + static u_int version; - /* Disable writes */ - static int readonly; - - /* Requests that are allowed/denied */ - static char *request_whitelist, *request_blacklist; - -+/* Force file permissions */ ++/* Force file and directory permissions */ +int permforce = 0; +long permforcemode; + - /* portable attributes, etc. */ - typedef struct Stat Stat; + /* SSH2_FXP_INIT received */ + static int init_done; - struct Stat { +@@ -679,6 +683,7 @@ + Attrib a; char *name; - char *long_name; - Attrib attrib; - }; -@@ -685,16 +689,20 @@ process_open(u_int32_t id) + int r, handle, fd, flags, mode, status = SSH2_FX_FAILURE; ++ mode_t old_umask = 0; + if ((r = sshbuf_get_cstring(iqueue, &name, NULL)) != 0 || (r = sshbuf_get_u32(iqueue, &pflags)) != 0 || /* portable flags */ - (r = decode_attrib(iqueue, &a)) != 0) - fatal("%s: buffer error: %s", __func__, ssh_err(r)); - +@@ -688,6 +693,10 @@ debug3("request %u: open flags %d", id, pflags); flags = flags_from_portable(pflags); mode = (a.flags & SSH2_FILEXFER_ATTR_PERMISSIONS) ? a.perm : 0666; -+ if (permforce == 1) { ++ if (permforce == 1) { /* Force perm if -m is set */ + mode = permforcemode; -+ (void)umask(0); /* so umask does not interfere */ ++ old_umask = umask(0); /* so umask does not interfere */ + } logit("open \"%s\" flags %s mode 0%o", name, string_from_portable(pflags), mode); if (readonly && - ((flags & O_ACCMODE) != O_RDONLY || - (flags & (O_CREAT|O_TRUNC)) != 0)) { - verbose("Refusing open request in read-only mode"); - status = SSH2_FX_PERMISSION_DENIED; - } else { -@@ -1487,17 +1495,18 @@ sftp_server_cleanup_exit(int i) - static void - sftp_server_usage(void) - { - extern char *__progname; +@@ -709,6 +718,8 @@ + } + } + } ++ if (permforce == 1) ++ (void) umask(old_umask); /* restore umask to something sane */ + if (status != SSH2_FX_OK) + send_status(id, status); + free(name); +@@ -1110,6 +1121,7 @@ + Attrib a; + char *name; + int r, mode, status = SSH2_FX_FAILURE; ++ mode_t old_umask = 0; + if ((r = sshbuf_get_cstring(iqueue, &name, NULL)) != 0 || + (r = decode_attrib(iqueue, &a)) != 0) +@@ -1117,9 +1129,16 @@ + + mode = (a.flags & SSH2_FILEXFER_ATTR_PERMISSIONS) ? + a.perm & 07777 : 0777; ++ if (permforce == 1) { /* Force perm if -m is set */ ++ mode = permforcemode; ++ old_umask = umask(0); /* so umask does not interfere */ ++ } ++ + debug3("request %u: mkdir", id); + logit("mkdir name \"%s\" mode 0%o", name, mode); + r = mkdir(name, mode); ++ if (permforce == 1) ++ (void) umask(old_umask); /* restore umask to something sane */ + status = (r == -1) ? errno_to_portable(errno) : SSH2_FX_OK; + send_status(id, status); + free(name); +@@ -1490,7 +1509,7 @@ fprintf(stderr, "usage: %s [-ehR] [-d start_directory] [-f log_facility] " "[-l log_level]\n\t[-P blacklisted_requests] " - "[-p whitelisted_requests] [-u umask]\n" -+ "[-p whitelisted_requests] [-u umask]\n\t" -+ "[-m force_file_permissions]\n" ++ "[-p whitelisted_requests] [-u umask] [-m force_file_dir_perms]\n" " %s -Q protocol_feature\n", __progname, __progname); exit(1); - } - - int - sftp_server_main(int argc, char **argv, struct passwd *user_pw) - { -@@ -1516,17 +1525,17 @@ sftp_server_main(int argc, char **argv, - - ssh_malloc_init(); /* must be called before any mallocs */ - __progname = ssh_get_progname(argv[0]); - log_init(__progname, log_level, log_facility, log_stderr); - +@@ -1516,7 +1535,7 @@ pw = pwcopy(user_pw); while (!skipargs && (ch = getopt(argc, argv, @@ -126,32 +103,19 @@ diff --git a/openssh-7.7p1/sftp-server.c b/openssh-7.7p1/sftp-server.c switch (ch) { case 'Q': if (strcasecmp(optarg, "requests") != 0) { - fprintf(stderr, "Invalid query type\n"); - exit(1); - } - for (i = 0; handlers[i].handler != NULL; i++) - printf("%s\n", handlers[i].name); -@@ -1576,16 +1585,23 @@ sftp_server_main(int argc, char **argv, - case 'u': - errno = 0; - mask = strtol(optarg, &cp, 8); - if (mask < 0 || mask > 0777 || *cp != '\0' || - cp == optarg || (mask == 0 && errno != 0)) +@@ -1576,6 +1595,15 @@ fatal("Invalid umask \"%s\"", optarg); (void)umask((mode_t)mask); break; + case 'm': ++ /* Force permissions on file and directory received via sftp */ + permforce = 1; + permforcemode = strtol(optarg, &cp, 8); -+ if (permforcemode < 0 || permforcemode > 0777 || *cp != '\0' || -+ cp == optarg || (permforcemode == 0 && errno != 0)) -+ fatal("Invalid umask \"%s\"", optarg); ++ if (permforcemode < 0 || permforcemode > 0777 || ++ *cp != '\0' || (permforcemode == 0 && ++ errno != 0)) ++ fatal("Invalid file mode \"%s\"", optarg); + break; case 'h': default: sftp_server_usage(); - } - } - - log_init(__progname, log_level, log_facility, log_stderr); - diff --git a/openssh.changes b/openssh.changes index 3052e64..8a37f61 100644 --- a/openssh.changes +++ b/openssh.changes @@ -1,3 +1,9 @@ +------------------------------------------------------------------- +Fri Oct 19 13:11:34 UTC 2018 - Tomáš Chvátal + +- Update openssh-7.7p1-sftp_force_permissions.patch from the + upstream bug, and mention the bug in the spec + ------------------------------------------------------------------- Fri Oct 19 08:36:52 UTC 2018 - Tomáš Chvátal diff --git a/openssh.spec b/openssh.spec index ec9bb7e..9a5a614 100644 --- a/openssh.spec +++ b/openssh.spec @@ -79,6 +79,7 @@ Patch25: openssh-7.7p1-openssl_1.1.0.patch Patch26: openssh-7.7p1-disable_openssl_abi_check.patch Patch27: openssh-7.7p1-no_fork-no_pid_file.patch Patch28: openssh-7.7p1-host_ident.patch +# https://bugzilla.mindrot.org/show_bug.cgi?id=1844 Patch29: openssh-7.7p1-sftp_force_permissions.patch Patch30: openssh-7.7p1-X_forward_with_disabled_ipv6.patch Patch31: openssh-7.7p1-ldap.patch From 1d3b4a412f6c3c9fc6ff49cf42603dd701227403b1de38156e8a51335f3c3711 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Tom=C3=A1=C5=A1=20Chv=C3=A1tal?= Date: Fri, 19 Oct 2018 13:24:01 +0000 Subject: [PATCH 4/9] - Mention upstream bugs on multiple local patches - Adjust service to not spam restart and reload only on fails OBS-URL: https://build.opensuse.org/package/show/network/openssh?expand=0&rev=157 --- openssh.changes | 6 ++++++ openssh.spec | 7 +++++++ sshd.service | 3 ++- 3 files changed, 15 insertions(+), 1 deletion(-) diff --git a/openssh.changes b/openssh.changes index 8a37f61..ae740c5 100644 --- a/openssh.changes +++ b/openssh.changes @@ -1,3 +1,9 @@ +------------------------------------------------------------------- +Fri Oct 19 13:22:10 UTC 2018 - Tomáš Chvátal + +- Mention upstream bugs on multiple local patches +- Adjust service to not spam restart and reload only on fails + ------------------------------------------------------------------- Fri Oct 19 13:11:34 UTC 2018 - Tomáš Chvátal diff --git a/openssh.spec b/openssh.spec index 9a5a614..f2106df 100644 --- a/openssh.spec +++ b/openssh.spec @@ -64,25 +64,32 @@ Patch8: openssh-7.7p1-remove_xauth_cookies_on_exit.patch Patch9: openssh-7.7p1-pts_names_formatting.patch Patch10: openssh-7.7p1-pam_check_locks.patch Patch11: openssh-7.7p1-disable_short_DH_parameters.patch +# https://bugzilla.mindrot.org/show_bug.cgi?id=2752 Patch14: openssh-7.7p1-seccomp_stat.patch +# https://bugzilla.mindrot.org/show_bug.cgi?id=2752 Patch15: openssh-7.7p1-seccomp_ipc_flock.patch +# https://bugzilla.mindrot.org/show_bug.cgi?id=2752 Patch16: openssh-7.7p1-seccomp_ioctl_s390_EP11.patch Patch17: openssh-7.7p1-fips.patch Patch18: openssh-7.7p1-cavstest-ctr.patch Patch19: openssh-7.7p1-cavstest-kdf.patch Patch20: openssh-7.7p1-fips_checks.patch Patch21: openssh-7.7p1-seed-prng.patch +# https://bugzilla.mindrot.org/show_bug.cgi?id=2641 Patch22: openssh-7.7p1-systemd-notify.patch Patch23: openssh-7.7p1-gssapi_key_exchange.patch Patch24: openssh-7.7p1-audit.patch Patch25: openssh-7.7p1-openssl_1.1.0.patch Patch26: openssh-7.7p1-disable_openssl_abi_check.patch +# https://bugzilla.mindrot.org/show_bug.cgi?id=2641 Patch27: openssh-7.7p1-no_fork-no_pid_file.patch Patch28: openssh-7.7p1-host_ident.patch # https://bugzilla.mindrot.org/show_bug.cgi?id=1844 Patch29: openssh-7.7p1-sftp_force_permissions.patch +# https://bugzilla.mindrot.org/show_bug.cgi?id=2143 Patch30: openssh-7.7p1-X_forward_with_disabled_ipv6.patch Patch31: openssh-7.7p1-ldap.patch +# https://bugzilla.mindrot.org/show_bug.cgi?id=2213 Patch32: openssh-7.7p1-IPv6_X_forwarding.patch Patch33: openssh-7.7p1-sftp_print_diagnostic_messages.patch BuildRequires: audit-devel diff --git a/sshd.service b/sshd.service index 1a5cfbd..783df8c 100644 --- a/sshd.service +++ b/sshd.service @@ -10,7 +10,8 @@ ExecStartPre=/usr/sbin/sshd -t $SSHD_OPTS ExecStart=/usr/sbin/sshd -D $SSHD_OPTS ExecReload=/bin/kill -HUP $MAINPID KillMode=process -Restart=always +Restart=on-failure +RestartPreventExitStatus=255 TasksMax=infinity [Install] From c1e40270e4520d1171afd1eb33f1102ec897b5f5a24cc7ce6ac07ff444c909ff Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Tom=C3=A1=C5=A1=20Chv=C3=A1tal?= Date: Fri, 19 Oct 2018 13:44:30 +0000 Subject: [PATCH 5/9] OBS-URL: https://build.opensuse.org/package/show/network/openssh?expand=0&rev=158 --- openssh.spec | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/openssh.spec b/openssh.spec index f2106df..2061888 100644 --- a/openssh.spec +++ b/openssh.spec @@ -70,16 +70,23 @@ Patch14: openssh-7.7p1-seccomp_stat.patch Patch15: openssh-7.7p1-seccomp_ipc_flock.patch # https://bugzilla.mindrot.org/show_bug.cgi?id=2752 Patch16: openssh-7.7p1-seccomp_ioctl_s390_EP11.patch +# Local FIPS patchset Patch17: openssh-7.7p1-fips.patch +# Local cavs patchset Patch18: openssh-7.7p1-cavstest-ctr.patch +# Local cavs patchset Patch19: openssh-7.7p1-cavstest-kdf.patch +# Local FIPS patchset Patch20: openssh-7.7p1-fips_checks.patch Patch21: openssh-7.7p1-seed-prng.patch # https://bugzilla.mindrot.org/show_bug.cgi?id=2641 Patch22: openssh-7.7p1-systemd-notify.patch Patch23: openssh-7.7p1-gssapi_key_exchange.patch +# https://bugzilla.mindrot.org/show_bug.cgi?id=1402 Patch24: openssh-7.7p1-audit.patch +# Upstream patch, already merged Patch25: openssh-7.7p1-openssl_1.1.0.patch +# Local patch to disable runtime abi SSL checks, quite pointless for us Patch26: openssh-7.7p1-disable_openssl_abi_check.patch # https://bugzilla.mindrot.org/show_bug.cgi?id=2641 Patch27: openssh-7.7p1-no_fork-no_pid_file.patch From b21be4c6b44382c14dc425aec1e054687f39cbc5728105bf442ae47eb09137ce Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Tom=C3=A1=C5=A1=20Chv=C3=A1tal?= Date: Mon, 22 Oct 2018 09:08:19 +0000 Subject: [PATCH 6/9] Accepting request 643660 from home:pmonrealgonzalez:branches:network - Version update to 7.9p1 * No actual changes for the askpass * See main package changelog for details - Version update to 7.9p1 * ssh(1), sshd(8): the setting of the new CASignatureAlgorithms option (see below) bans the use of DSA keys as certificate authorities. * sshd(8): the authentication success/failure log message has changed format slightly. It now includes the certificate fingerprint (previously it included only key ID and CA key fingerprint). * ssh(1), sshd(8): allow most port numbers to be specified using service names from getservbyname(3) (typically /etc/services). * sshd(8): support signalling sessions via the SSH protocol. A limited subset of signals is supported and only for login or command sessions (i.e. not subsystems) that were not subject to a forced command via authorized_keys or sshd_config. bz#1424 * ssh(1): support "ssh -Q sig" to list supported signature options. Also "ssh -Q help" to show the full set of supported queries. * ssh(1), sshd(8): add a CASignatureAlgorithms option for the client and server configs to allow control over which signature formats are allowed for CAs to sign certificates. For example, this allows banning CAs that sign certificates using the RSA-SHA1 signature algorithm. * sshd(8), ssh-keygen(1): allow key revocation lists (KRLs) to revoke keys specified by SHA256 hash. * ssh-keygen(1): allow creation of key revocation lists directly from base64-encoded SHA256 fingerprints. This supports revoking keys using only the information contained in sshd(8) OBS-URL: https://build.opensuse.org/request/show/643660 OBS-URL: https://build.opensuse.org/package/show/network/openssh?expand=0&rev=159 --- openssh-7.7p1-audit.patch | 266 +- ...sh-7.7p1-disable_short_DH_parameters.patch | 142 +- openssh-7.7p1-fips.patch | 182 +- openssh-7.7p1-gssapi_key_exchange.patch | 341 +- openssh-7.7p1-openssl_1.1.0.patch | 3102 ----------------- openssh-7.7p1-seccomp_ipc_flock.patch | 31 +- openssh-7.8p1.tar.gz | 3 - openssh-7.8p1.tar.gz.asc | 14 - openssh-7.9p1.tar.gz | 3 + openssh-7.9p1.tar.gz.asc | 14 + openssh-askpass-gnome.changes | 7 + openssh-askpass-gnome.spec | 2 +- openssh.changes | 44 + openssh.spec | 8 +- 14 files changed, 533 insertions(+), 3626 deletions(-) delete mode 100644 openssh-7.7p1-openssl_1.1.0.patch delete mode 100644 openssh-7.8p1.tar.gz delete mode 100644 openssh-7.8p1.tar.gz.asc create mode 100644 openssh-7.9p1.tar.gz create mode 100644 openssh-7.9p1.tar.gz.asc diff --git a/openssh-7.7p1-audit.patch b/openssh-7.7p1-audit.patch index 7acc3eb..3ae385a 100644 --- a/openssh-7.7p1-audit.patch +++ b/openssh-7.7p1-audit.patch @@ -3,10 +3,10 @@ Extended auditing through the Linux Auditing subsystem RH patch from git://pkgs.fedoraproject.org/openssh.git -Index: openssh-7.8p1/Makefile.in +Index: openssh-7.9p1/Makefile.in =================================================================== ---- openssh-7.8p1.orig/Makefile.in -+++ openssh-7.8p1/Makefile.in +--- openssh-7.9p1.orig/Makefile.in ++++ openssh-7.9p1/Makefile.in @@ -110,6 +110,8 @@ LIBSSH_OBJS += fips.o LIBSSH_OBJS += kexgssc.o kexgsss.o @@ -16,10 +16,10 @@ Index: openssh-7.8p1/Makefile.in SSHOBJS= ssh.o readconf.o clientloop.o sshtty.o \ sshconnect.o sshconnect2.o mux.o -Index: openssh-7.8p1/audit-bsm.c +Index: openssh-7.9p1/audit-bsm.c =================================================================== ---- openssh-7.8p1.orig/audit-bsm.c -+++ openssh-7.8p1/audit-bsm.c +--- openssh-7.9p1.orig/audit-bsm.c ++++ openssh-7.9p1/audit-bsm.c @@ -372,10 +372,23 @@ audit_connection_from(const char *host, #endif } @@ -93,10 +93,10 @@ Index: openssh-7.8p1/audit-bsm.c + /* not implemented */ +} #endif /* BSM */ -Index: openssh-7.8p1/audit-linux.c +Index: openssh-7.9p1/audit-linux.c =================================================================== ---- openssh-7.8p1.orig/audit-linux.c -+++ openssh-7.8p1/audit-linux.c +--- openssh-7.9p1.orig/audit-linux.c ++++ openssh-7.9p1/audit-linux.c @@ -33,27 +33,40 @@ #include "log.h" @@ -468,10 +468,10 @@ Index: openssh-7.8p1/audit-linux.c + error("cannot write into audit"); +} #endif /* USE_LINUX_AUDIT */ -Index: openssh-7.8p1/audit.c +Index: openssh-7.9p1/audit.c =================================================================== ---- openssh-7.8p1.orig/audit.c -+++ openssh-7.8p1/audit.c +--- openssh-7.9p1.orig/audit.c ++++ openssh-7.9p1/audit.c @@ -34,13 +34,19 @@ #include "log.h" #include "hostfile.h" @@ -648,10 +648,10 @@ Index: openssh-7.8p1/audit.c } # endif /* !defined CUSTOM_SSH_AUDIT_EVENTS */ #endif /* SSH_AUDIT_EVENTS */ -Index: openssh-7.8p1/audit.h +Index: openssh-7.9p1/audit.h =================================================================== ---- openssh-7.8p1.orig/audit.h -+++ openssh-7.8p1/audit.h +--- openssh-7.9p1.orig/audit.h ++++ openssh-7.9p1/audit.h @@ -26,6 +26,7 @@ # define _SSH_AUDIT_H @@ -694,10 +694,10 @@ Index: openssh-7.8p1/audit.h +void audit_destroy_sensitive_data(const char *, pid_t, uid_t); #endif /* _SSH_AUDIT_H */ -Index: openssh-7.8p1/auditstub.c +Index: openssh-7.9p1/auditstub.c =================================================================== --- /dev/null -+++ openssh-7.8p1/auditstub.c ++++ openssh-7.9p1/auditstub.c @@ -0,0 +1,50 @@ +/* $Id: auditstub.c,v 1.1 jfch Exp $ */ + @@ -749,11 +749,11 @@ Index: openssh-7.8p1/auditstub.c +audit_session_key_free_body(int ctos, pid_t pid, uid_t uid) +{ +} -Index: openssh-7.8p1/auth.c +Index: openssh-7.9p1/auth.c =================================================================== ---- openssh-7.8p1.orig/auth.c -+++ openssh-7.8p1/auth.c -@@ -362,7 +362,7 @@ auth_log(Authctxt *authctxt, int authent +--- openssh-7.9p1.orig/auth.c ++++ openssh-7.9p1/auth.c +@@ -366,7 +366,7 @@ auth_log(Authctxt *authctxt, int authent # endif #endif #ifdef SSH_AUDIT_EVENTS @@ -762,7 +762,7 @@ Index: openssh-7.8p1/auth.c audit_event(audit_classify_auth(method)); #endif } -@@ -601,9 +601,6 @@ getpwnamallow(const char *user) +@@ -605,9 +605,6 @@ getpwnamallow(const char *user) record_failed_login(user, auth_get_canonical_hostname(ssh, options.use_dns), "ssh"); #endif @@ -772,10 +772,10 @@ Index: openssh-7.8p1/auth.c return (NULL); } if (!allowed_user(pw)) -Index: openssh-7.8p1/auth.h +Index: openssh-7.9p1/auth.h =================================================================== ---- openssh-7.8p1.orig/auth.h -+++ openssh-7.8p1/auth.h +--- openssh-7.9p1.orig/auth.h ++++ openssh-7.9p1/auth.h @@ -193,6 +193,8 @@ struct passwd * getpwnamallow(const char char *expand_authorized_keys(const char *, struct passwd *pw); @@ -794,11 +794,11 @@ Index: openssh-7.8p1/auth.h /* Key / cert options linkage to auth layer */ const struct sshauthopt *auth_options(struct ssh *); -Index: openssh-7.8p1/auth2-hostbased.c +Index: openssh-7.9p1/auth2-hostbased.c =================================================================== ---- openssh-7.8p1.orig/auth2-hostbased.c -+++ openssh-7.8p1/auth2-hostbased.c -@@ -141,7 +141,7 @@ userauth_hostbased(struct ssh *ssh) +--- openssh-7.9p1.orig/auth2-hostbased.c ++++ openssh-7.9p1/auth2-hostbased.c +@@ -148,7 +148,7 @@ userauth_hostbased(struct ssh *ssh) /* test for allowed key and correct signature */ authenticated = 0; if (PRIVSEP(hostbased_key_allowed(authctxt->pw, cuser, chost, key)) && @@ -807,7 +807,7 @@ Index: openssh-7.8p1/auth2-hostbased.c sshbuf_ptr(b), sshbuf_len(b), pkalg, ssh->compat)) == 0) authenticated = 1; -@@ -158,6 +158,19 @@ done: +@@ -165,6 +165,19 @@ done: return authenticated; } @@ -827,11 +827,11 @@ Index: openssh-7.8p1/auth2-hostbased.c /* return 1 if given hostkey is allowed */ int hostbased_key_allowed(struct passwd *pw, const char *cuser, char *chost, -Index: openssh-7.8p1/auth2-pubkey.c +Index: openssh-7.9p1/auth2-pubkey.c =================================================================== ---- openssh-7.8p1.orig/auth2-pubkey.c -+++ openssh-7.8p1/auth2-pubkey.c -@@ -187,7 +187,7 @@ userauth_pubkey(struct ssh *ssh) +--- openssh-7.9p1.orig/auth2-pubkey.c ++++ openssh-7.9p1/auth2-pubkey.c +@@ -193,7 +193,7 @@ userauth_pubkey(struct ssh *ssh) /* test for correct signature */ authenticated = 0; if (PRIVSEP(user_key_allowed(ssh, pw, key, 1, &authopts)) && @@ -840,7 +840,7 @@ Index: openssh-7.8p1/auth2-pubkey.c sshbuf_ptr(b), sshbuf_len(b), (ssh->compat & SSH_BUG_SIGTYPE) == 0 ? pkalg : NULL, ssh->compat)) == 0) { -@@ -246,6 +246,19 @@ done: +@@ -252,6 +252,19 @@ done: return authenticated; } @@ -860,7 +860,7 @@ Index: openssh-7.8p1/auth2-pubkey.c static int match_principals_option(const char *principal_list, struct sshkey_cert *cert) { -@@ -767,7 +780,7 @@ user_cert_trusted_ca(struct ssh *ssh, st +@@ -773,7 +786,7 @@ user_cert_trusted_ca(struct ssh *ssh, st found_principal = 1; /* If principals file or command is specified, then require a match */ use_authorized_principals = principals_file != NULL || @@ -869,10 +869,10 @@ Index: openssh-7.8p1/auth2-pubkey.c if (!found_principal && use_authorized_principals) { reason = "Certificate does not contain an authorized principal"; goto fail_reason; -Index: openssh-7.8p1/auth2.c +Index: openssh-7.9p1/auth2.c =================================================================== ---- openssh-7.8p1.orig/auth2.c -+++ openssh-7.8p1/auth2.c +--- openssh-7.9p1.orig/auth2.c ++++ openssh-7.9p1/auth2.c @@ -284,9 +284,6 @@ input_userauth_request(int type, u_int32 } else { /* Invalid user, fake password information */ @@ -883,10 +883,10 @@ Index: openssh-7.8p1/auth2.c } #ifdef USE_PAM if (options.use_pam) -Index: openssh-7.8p1/cipher.c +Index: openssh-7.9p1/cipher.c =================================================================== ---- openssh-7.8p1.orig/cipher.c -+++ openssh-7.8p1/cipher.c +--- openssh-7.9p1.orig/cipher.c ++++ openssh-7.9p1/cipher.c @@ -54,25 +54,6 @@ #include "fips.h" #include "log.h" @@ -922,10 +922,10 @@ Index: openssh-7.8p1/cipher.c return; if ((cc->cipher->flags & CFLAG_CHACHAPOLY) != 0) explicit_bzero(&cc->cp_ctx, sizeof(cc->cp_ctx)); -Index: openssh-7.8p1/cipher.h +Index: openssh-7.9p1/cipher.h =================================================================== ---- openssh-7.8p1.orig/cipher.h -+++ openssh-7.8p1/cipher.h +--- openssh-7.9p1.orig/cipher.h ++++ openssh-7.9p1/cipher.h @@ -45,7 +45,25 @@ #define CIPHER_ENCRYPT 1 #define CIPHER_DECRYPT 0 @@ -953,10 +953,10 @@ Index: openssh-7.8p1/cipher.h struct sshcipher_ctx { int plaintext; int encrypt; -Index: openssh-7.8p1/kex.c +Index: openssh-7.9p1/kex.c =================================================================== ---- openssh-7.8p1.orig/kex.c -+++ openssh-7.8p1/kex.c +--- openssh-7.9p1.orig/kex.c ++++ openssh-7.9p1/kex.c @@ -53,6 +53,7 @@ #include "ssherr.h" #include "sshbuf.h" @@ -1053,10 +1053,10 @@ Index: openssh-7.8p1/kex.c + mac_destroy(&newkeys->mac); + memset(&newkeys->comp, 0, sizeof(newkeys->comp)); +} -Index: openssh-7.8p1/kex.h +Index: openssh-7.9p1/kex.h =================================================================== ---- openssh-7.8p1.orig/kex.h -+++ openssh-7.8p1/kex.h +--- openssh-7.9p1.orig/kex.h ++++ openssh-7.9p1/kex.h @@ -213,6 +213,8 @@ int kexgss_client(struct ssh *); int kexgss_server(struct ssh *); #endif @@ -1066,10 +1066,10 @@ Index: openssh-7.8p1/kex.h int kex_dh_hash(int, const char *, const char *, const u_char *, size_t, const u_char *, size_t, const u_char *, size_t, const BIGNUM *, const BIGNUM *, const BIGNUM *, u_char *, size_t *); -Index: openssh-7.8p1/mac.c +Index: openssh-7.9p1/mac.c =================================================================== ---- openssh-7.8p1.orig/mac.c -+++ openssh-7.8p1/mac.c +--- openssh-7.9p1.orig/mac.c ++++ openssh-7.9p1/mac.c @@ -280,6 +280,20 @@ mac_clear(struct sshmac *mac) mac->umac_ctx = NULL; } @@ -1091,10 +1091,10 @@ Index: openssh-7.8p1/mac.c /* XXX copied from ciphers_valid */ #define MAC_SEP "," int -Index: openssh-7.8p1/mac.h +Index: openssh-7.9p1/mac.h =================================================================== ---- openssh-7.8p1.orig/mac.h -+++ openssh-7.8p1/mac.h +--- openssh-7.9p1.orig/mac.h ++++ openssh-7.9p1/mac.h @@ -49,5 +49,6 @@ int mac_compute(struct sshmac *, u_int3 int mac_check(struct sshmac *, u_int32_t, const u_char *, size_t, const u_char *, size_t); @@ -1102,11 +1102,11 @@ Index: openssh-7.8p1/mac.h +void mac_destroy(struct sshmac *); #endif /* SSHMAC_H */ -Index: openssh-7.8p1/monitor.c +Index: openssh-7.9p1/monitor.c =================================================================== ---- openssh-7.8p1.orig/monitor.c -+++ openssh-7.8p1/monitor.c -@@ -91,6 +91,7 @@ +--- openssh-7.9p1.orig/monitor.c ++++ openssh-7.9p1/monitor.c +@@ -93,6 +93,7 @@ #include "compat.h" #include "ssh2.h" #include "authfd.h" @@ -1114,7 +1114,7 @@ Index: openssh-7.8p1/monitor.c #include "match.h" #include "ssherr.h" -@@ -105,6 +106,8 @@ extern u_char session_id[]; +@@ -107,6 +108,8 @@ extern u_char session_id[]; extern struct sshbuf *loginmsg; extern struct sshauthopt *auth_opts; /* XXX move to permanent ssh->authctxt? */ @@ -1123,7 +1123,7 @@ Index: openssh-7.8p1/monitor.c /* State exported from the child */ static struct sshbuf *child_state; -@@ -150,6 +153,11 @@ int mm_answer_gss_updatecreds(int, struc +@@ -152,6 +155,11 @@ int mm_answer_gss_updatecreds(int, struc #ifdef SSH_AUDIT_EVENTS int mm_answer_audit_event(int, struct sshbuf *); int mm_answer_audit_command(int, struct sshbuf *); @@ -1135,7 +1135,7 @@ Index: openssh-7.8p1/monitor.c #endif static int monitor_read_log(struct monitor *); -@@ -203,6 +211,11 @@ struct mon_table mon_dispatch_proto20[] +@@ -205,6 +213,11 @@ struct mon_table mon_dispatch_proto20[] #endif #ifdef SSH_AUDIT_EVENTS {MONITOR_REQ_AUDIT_EVENT, MON_PERMIT, mm_answer_audit_event}, @@ -1147,7 +1147,7 @@ Index: openssh-7.8p1/monitor.c #endif #ifdef BSD_AUTH {MONITOR_REQ_BSDAUTHQUERY, MON_ISAUTH, mm_answer_bsdauthquery}, -@@ -231,6 +244,11 @@ struct mon_table mon_dispatch_postauth20 +@@ -233,6 +246,11 @@ struct mon_table mon_dispatch_postauth20 #ifdef SSH_AUDIT_EVENTS {MONITOR_REQ_AUDIT_EVENT, MON_PERMIT, mm_answer_audit_event}, {MONITOR_REQ_AUDIT_COMMAND, MON_PERMIT, mm_answer_audit_command}, @@ -1159,7 +1159,7 @@ Index: openssh-7.8p1/monitor.c #endif #ifdef GSSAPI {MONITOR_REQ_GSSSETUP, 0, mm_answer_gss_setup_ctx}, -@@ -1375,6 +1393,7 @@ mm_answer_keyverify(int sock, struct ssh +@@ -1379,6 +1397,7 @@ mm_answer_keyverify(int sock, struct ssh char *sigalg; size_t signaturelen, datalen, bloblen; int r, ret, valid_data = 0, encoded_ret; @@ -1167,7 +1167,7 @@ Index: openssh-7.8p1/monitor.c if ((r = sshbuf_get_string(m, &blob, &bloblen)) != 0 || (r = sshbuf_get_string(m, &signature, &signaturelen)) != 0 || -@@ -1385,6 +1404,8 @@ mm_answer_keyverify(int sock, struct ssh +@@ -1389,6 +1408,8 @@ mm_answer_keyverify(int sock, struct ssh if (hostbased_cuser == NULL || hostbased_chost == NULL || !monitor_allowed_key(blob, bloblen)) fatal("%s: bad key, not previously allowed", __func__); @@ -1176,7 +1176,7 @@ Index: openssh-7.8p1/monitor.c /* Empty signature algorithm means NULL. */ if (*sigalg == '\0') { -@@ -1399,22 +1420,25 @@ mm_answer_keyverify(int sock, struct ssh +@@ -1403,22 +1424,25 @@ mm_answer_keyverify(int sock, struct ssh switch (key_blobtype) { case MM_USERKEY: valid_data = monitor_valid_userblob(data, datalen); @@ -1204,7 +1204,7 @@ Index: openssh-7.8p1/monitor.c debug3("%s: %s %p signature %s", __func__, auth_method, key, (ret == 0) ? "verified" : "unverified"); auth2_record_key(authctxt, ret == 0, key); -@@ -1474,6 +1498,12 @@ mm_session_close(Session *s) +@@ -1478,6 +1502,12 @@ mm_session_close(Session *s) debug3("%s: tty %s ptyfd %d", __func__, s->tty, s->ptyfd); session_pty_cleanup2(s); } @@ -1217,7 +1217,7 @@ Index: openssh-7.8p1/monitor.c session_unused(s->self); } -@@ -1582,6 +1612,8 @@ mm_answer_term(int sock, struct sshbuf * +@@ -1586,6 +1616,8 @@ mm_answer_term(int sock, struct sshbuf * sshpam_cleanup(); #endif @@ -1226,7 +1226,7 @@ Index: openssh-7.8p1/monitor.c while (waitpid(pmonitor->m_pid, &status, 0) == -1) if (errno != EINTR) exit(1); -@@ -1628,14 +1660,50 @@ mm_answer_audit_command(int socket, stru +@@ -1632,14 +1664,50 @@ mm_answer_audit_command(int socket, stru { char *cmd; int r; @@ -1280,7 +1280,7 @@ Index: openssh-7.8p1/monitor.c } #endif /* SSH_AUDIT_EVENTS */ -@@ -1697,6 +1765,7 @@ monitor_apply_keystate(struct monitor *p +@@ -1701,6 +1769,7 @@ monitor_apply_keystate(struct monitor *p void mm_get_keystate(struct monitor *pmonitor) { @@ -1288,7 +1288,7 @@ Index: openssh-7.8p1/monitor.c debug3("%s: Waiting for new keys", __func__); if ((child_state = sshbuf_new()) == NULL) -@@ -1704,6 +1773,19 @@ mm_get_keystate(struct monitor *pmonitor +@@ -1708,6 +1777,19 @@ mm_get_keystate(struct monitor *pmonitor mm_request_receive_expect(pmonitor->m_sendfd, MONITOR_REQ_KEYEXPORT, child_state); debug3("%s: GOT new keys", __func__); @@ -1308,7 +1308,7 @@ Index: openssh-7.8p1/monitor.c } -@@ -1902,19 +1984,19 @@ mm_answer_gss_sign(int socket, struct ss +@@ -1906,19 +1988,19 @@ mm_answer_gss_sign(int socket, struct ss int r; if (!options.gss_authentication && !options.gss_keyex) @@ -1334,7 +1334,7 @@ Index: openssh-7.8p1/monitor.c } major = ssh_gssapi_sign(gsscontext, &data, &hash); -@@ -1962,3 +2044,102 @@ mm_answer_gss_updatecreds(int socket, st +@@ -1966,3 +2048,102 @@ mm_answer_gss_updatecreds(int socket, st } #endif /* GSSAPI */ @@ -1437,10 +1437,10 @@ Index: openssh-7.8p1/monitor.c + return 0; +} +#endif /* SSH_AUDIT_EVENTS */ -Index: openssh-7.8p1/monitor.h +Index: openssh-7.9p1/monitor.h =================================================================== ---- openssh-7.8p1.orig/monitor.h -+++ openssh-7.8p1/monitor.h +--- openssh-7.9p1.orig/monitor.h ++++ openssh-7.9p1/monitor.h @@ -61,7 +61,13 @@ enum monitor_reqtype { MONITOR_REQ_PAM_QUERY = 106, MONITOR_ANS_PAM_QUERY = 107, MONITOR_REQ_PAM_RESPOND = 108, MONITOR_ANS_PAM_RESPOND = 109, @@ -1456,10 +1456,10 @@ Index: openssh-7.8p1/monitor.h MONITOR_REQ_GSSSIGN = 201, MONITOR_ANS_GSSSIGN = 202, MONITOR_REQ_GSSUPCREDS = 203, MONITOR_ANS_GSSUPCREDS = 204, -Index: openssh-7.8p1/monitor_wrap.c +Index: openssh-7.9p1/monitor_wrap.c =================================================================== ---- openssh-7.8p1.orig/monitor_wrap.c -+++ openssh-7.8p1/monitor_wrap.c +--- openssh-7.9p1.orig/monitor_wrap.c ++++ openssh-7.9p1/monitor_wrap.c @@ -497,7 +497,7 @@ mm_key_allowed(enum mm_keytype type, con */ @@ -1637,10 +1637,10 @@ Index: openssh-7.8p1/monitor_wrap.c + sshbuf_free(m); +} +#endif /* SSH_AUDIT_EVENTS */ -Index: openssh-7.8p1/monitor_wrap.h +Index: openssh-7.9p1/monitor_wrap.h =================================================================== ---- openssh-7.8p1.orig/monitor_wrap.h -+++ openssh-7.8p1/monitor_wrap.h +--- openssh-7.9p1.orig/monitor_wrap.h ++++ openssh-7.9p1/monitor_wrap.h @@ -53,7 +53,9 @@ int mm_user_key_allowed(struct ssh *, st struct sshauthopt **); int mm_hostbased_key_allowed(struct passwd *, const char *, @@ -1666,10 +1666,10 @@ Index: openssh-7.8p1/monitor_wrap.h #endif struct Session; -Index: openssh-7.8p1/packet.c +Index: openssh-7.9p1/packet.c =================================================================== ---- openssh-7.8p1.orig/packet.c -+++ openssh-7.8p1/packet.c +--- openssh-7.9p1.orig/packet.c ++++ openssh-7.9p1/packet.c @@ -76,6 +76,7 @@ #include @@ -1829,20 +1829,20 @@ Index: openssh-7.8p1/packet.c /* Reset after_authentication and reset compression in post-auth privsep */ static int ssh_packet_set_postauth(struct ssh *ssh) -Index: openssh-7.8p1/packet.h +Index: openssh-7.9p1/packet.h =================================================================== ---- openssh-7.8p1.orig/packet.h -+++ openssh-7.8p1/packet.h +--- openssh-7.9p1.orig/packet.h ++++ openssh-7.9p1/packet.h @@ -219,4 +219,5 @@ extern struct ssh *active_state; # undef EC_POINT #endif +void packet_destroy_all(int, int); #endif /* PACKET_H */ -Index: openssh-7.8p1/session.c +Index: openssh-7.9p1/session.c =================================================================== ---- openssh-7.8p1.orig/session.c -+++ openssh-7.8p1/session.c +--- openssh-7.9p1.orig/session.c ++++ openssh-7.9p1/session.c @@ -139,7 +139,7 @@ extern char *__progname; extern int debug_flag; extern u_int utmp_len; @@ -1867,7 +1867,7 @@ Index: openssh-7.8p1/session.c /* Enter interactive session. */ s->ptymaster = ptymaster; packet_set_interactive(1, -@@ -739,15 +747,19 @@ do_exec(struct ssh *ssh, Session *s, con +@@ -741,15 +749,19 @@ do_exec(struct ssh *ssh, Session *s, con s->self); #ifdef SSH_AUDIT_EVENTS @@ -1889,7 +1889,7 @@ Index: openssh-7.8p1/session.c #endif if (s->ttyfd != -1) ret = do_exec_pty(ssh, s, command); -@@ -1551,8 +1563,11 @@ do_child(struct ssh *ssh, Session *s, co +@@ -1553,8 +1565,11 @@ do_child(struct ssh *ssh, Session *s, co int r = 0; /* remove hostkey from the child's memory */ @@ -1902,7 +1902,7 @@ Index: openssh-7.8p1/session.c /* Force a password change */ if (s->authctxt->force_pwchange) { -@@ -1759,6 +1774,9 @@ session_unused(int id) +@@ -1761,6 +1776,9 @@ session_unused(int id) sessions[id].ttyfd = -1; sessions[id].ptymaster = -1; sessions[id].x11_chanids = NULL; @@ -1912,7 +1912,7 @@ Index: openssh-7.8p1/session.c sessions[id].next_unused = sessions_first_unused; sessions_first_unused = id; } -@@ -1841,6 +1859,19 @@ session_open(Authctxt *authctxt, int cha +@@ -1843,6 +1861,19 @@ session_open(Authctxt *authctxt, int cha } Session * @@ -1932,7 +1932,7 @@ Index: openssh-7.8p1/session.c session_by_tty(char *tty) { int i; -@@ -2352,6 +2383,32 @@ session_exit_message(struct ssh *ssh, Se +@@ -2428,6 +2459,32 @@ session_exit_message(struct ssh *ssh, Se chan_write_failed(ssh, c); } @@ -1965,7 +1965,7 @@ Index: openssh-7.8p1/session.c void session_close(struct ssh *ssh, Session *s) { -@@ -2393,6 +2450,10 @@ session_close(struct ssh *ssh, Session * +@@ -2469,6 +2526,10 @@ session_close(struct ssh *ssh, Session * if (s->ttyfd != -1) session_pty_cleanup(s); @@ -1976,7 +1976,7 @@ Index: openssh-7.8p1/session.c free(s->term); free(s->display); free(s->x11_chanids); -@@ -2600,6 +2661,15 @@ do_authenticated2(struct ssh *ssh, Authc +@@ -2677,6 +2738,15 @@ do_authenticated2(struct ssh *ssh, Authc server_loop2(ssh, authctxt); } @@ -1992,7 +1992,7 @@ Index: openssh-7.8p1/session.c void do_cleanup(struct ssh *ssh, Authctxt *authctxt) { -@@ -2657,7 +2727,7 @@ do_cleanup(struct ssh *ssh, Authctxt *au +@@ -2734,7 +2804,7 @@ do_cleanup(struct ssh *ssh, Authctxt *au * or if running in monitor. */ if (!use_privsep || mm_is_monitor()) @@ -2001,11 +2001,11 @@ Index: openssh-7.8p1/session.c } /* Return a name for the remote host that fits inside utmp_size */ -Index: openssh-7.8p1/session.h +Index: openssh-7.9p1/session.h =================================================================== ---- openssh-7.8p1.orig/session.h -+++ openssh-7.8p1/session.h -@@ -60,6 +60,12 @@ struct Session { +--- openssh-7.9p1.orig/session.h ++++ openssh-7.9p1/session.h +@@ -61,6 +61,12 @@ struct Session { char *name; char *val; } *env; @@ -2018,7 +2018,7 @@ Index: openssh-7.8p1/session.h }; void do_authenticated(struct ssh *, Authctxt *); -@@ -72,8 +78,10 @@ void session_close_by_pid(struct ssh *s +@@ -73,8 +79,10 @@ void session_close_by_pid(struct ssh *s void session_close_by_channel(struct ssh *, int, void *); void session_destroy_all(struct ssh *, void (*)(Session *)); void session_pty_cleanup2(Session *); @@ -2029,10 +2029,10 @@ Index: openssh-7.8p1/session.h Session *session_by_tty(char *); void session_close(struct ssh *, Session *); void do_setusercontext(struct passwd *); -Index: openssh-7.8p1/sshd.c +Index: openssh-7.9p1/sshd.c =================================================================== ---- openssh-7.8p1.orig/sshd.c -+++ openssh-7.8p1/sshd.c +--- openssh-7.9p1.orig/sshd.c ++++ openssh-7.9p1/sshd.c @@ -124,6 +124,7 @@ #include "ssh-gss.h" #endif @@ -2117,30 +2117,28 @@ Index: openssh-7.8p1/sshd.c sshkey_free(sensitive_data.host_certificates[i]); sensitive_data.host_certificates[i] = NULL; } -@@ -513,9 +551,22 @@ demote_sensitive_data(void) +@@ -513,8 +551,21 @@ demote_sensitive_data(void) struct sshkey *tmp; u_int i; int r; +#ifdef SSH_AUDIT_EVENTS -+ pid_t pid; -+ uid_t uid; - -- for (i = 0; i < options.num_host_key_files; i++) { -+ pid = getpid(); -+ uid = getuid(); ++ pid_t pid; ++ uid_t uid; ++ ++ pid = getpid(); ++ uid = getuid(); +#endif + + for (i = 0; i < options.num_host_key_files; i++) { ++ char *fp; + -+ for (i = 0; i < options.num_host_key_files; i++) { ++ if (sshkey_is_private(sensitive_data.host_keys[i])) ++ fp = sshkey_fingerprint(sensitive_data.host_keys[i], options.fingerprint_hash, SSH_FP_HEX); ++ else ++ fp = NULL; if (sensitive_data.host_keys[i]) { -+ char *fp; -+ -+ if (sshkey_is_private(sensitive_data.host_keys[i])) -+ fp = sshkey_fingerprint(sensitive_data.host_keys[i], options.fingerprint_hash, SSH_FP_HEX); -+ else -+ fp = NULL; - if ((r = sshkey_demote(sensitive_data.host_keys[i], - &tmp)) != 0) - fatal("could not demote host %s key: %s", + if ((r = sshkey_from_private( + sensitive_data.host_keys[i], &tmp)) != 0) @@ -523,6 +574,12 @@ demote_sensitive_data(void) ssh_err(r)); sshkey_free(sensitive_data.host_keys[i]); @@ -2213,11 +2211,11 @@ Index: openssh-7.8p1/sshd.c audit_event(SSH_CONNECTION_ABANDON); #endif _exit(i); -Index: openssh-7.8p1/sshkey.c +Index: openssh-7.9p1/sshkey.c =================================================================== ---- openssh-7.8p1.orig/sshkey.c -+++ openssh-7.8p1/sshkey.c -@@ -326,6 +326,32 @@ sshkey_type_is_valid_ca(int type) +--- openssh-7.9p1.orig/sshkey.c ++++ openssh-7.9p1/sshkey.c +@@ -331,6 +331,32 @@ sshkey_type_is_valid_ca(int type) } int @@ -2250,11 +2248,11 @@ Index: openssh-7.8p1/sshkey.c sshkey_is_cert(const struct sshkey *k) { if (k == NULL) -Index: openssh-7.8p1/sshkey.h +Index: openssh-7.9p1/sshkey.h =================================================================== ---- openssh-7.8p1.orig/sshkey.h -+++ openssh-7.8p1/sshkey.h -@@ -148,6 +148,7 @@ u_int sshkey_size(const struct sshkey +--- openssh-7.9p1.orig/sshkey.h ++++ openssh-7.9p1/sshkey.h +@@ -147,6 +147,7 @@ u_int sshkey_size(const struct sshkey int sshkey_generate(int type, u_int bits, struct sshkey **keyp); int sshkey_from_private(const struct sshkey *, struct sshkey **); int sshkey_type_from_name(const char *); diff --git a/openssh-7.7p1-disable_short_DH_parameters.patch b/openssh-7.7p1-disable_short_DH_parameters.patch index 8347915..d64a17c 100644 --- a/openssh-7.7p1-disable_short_DH_parameters.patch +++ b/openssh-7.7p1-disable_short_DH_parameters.patch @@ -12,23 +12,23 @@ compliant) parameters. CVE-2015-4000 (LOGJAM) bsc#932483 -Index: openssh-7.8p1/dh.c +Index: openssh-7.9p1/dh.c =================================================================== ---- openssh-7.8p1.orig/dh.c -+++ openssh-7.8p1/dh.c -@@ -43,6 +43,8 @@ - #include "misc.h" - #include "ssherr.h" +--- openssh-7.9p1.orig/dh.c ++++ openssh-7.9p1/dh.c +@@ -45,6 +45,8 @@ + + #include "openbsd-compat/openssl-compat.h" +int dh_grp_min = DH_GRP_MIN; + static int parse_prime(int linenum, char *line, struct dhgroup *dhg) { -Index: openssh-7.8p1/dh.h +Index: openssh-7.9p1/dh.h =================================================================== ---- openssh-7.8p1.orig/dh.h -+++ openssh-7.8p1/dh.h +--- openssh-7.9p1.orig/dh.h ++++ openssh-7.9p1/dh.h @@ -50,6 +50,7 @@ u_int dh_estimate(int); * Max value from RFC4419. * Miniumum increased in light of DH precomputation attacks. @@ -37,11 +37,11 @@ Index: openssh-7.8p1/dh.h #define DH_GRP_MIN 2048 #define DH_GRP_MAX 8192 -Index: openssh-7.8p1/kexgexc.c +Index: openssh-7.9p1/kexgexc.c =================================================================== ---- openssh-7.8p1.orig/kexgexc.c -+++ openssh-7.8p1/kexgexc.c -@@ -51,6 +51,9 @@ +--- openssh-7.9p1.orig/kexgexc.c ++++ openssh-7.9p1/kexgexc.c +@@ -53,6 +53,9 @@ #include "sshbuf.h" #include "misc.h" @@ -51,7 +51,7 @@ Index: openssh-7.8p1/kexgexc.c static int input_kex_dh_gex_group(int, u_int32_t, struct ssh *); static int input_kex_dh_gex_reply(int, u_int32_t, struct ssh *); -@@ -63,7 +66,7 @@ kexgex_client(struct ssh *ssh) +@@ -65,7 +68,7 @@ kexgex_client(struct ssh *ssh) nbits = dh_estimate(kex->dh_need * 8); @@ -60,7 +60,7 @@ Index: openssh-7.8p1/kexgexc.c kex->max = DH_GRP_MAX; kex->nbits = nbits; if (datafellows & SSH_BUG_DHGEX_LARGE) -@@ -108,6 +111,12 @@ input_kex_dh_gex_group(int type, u_int32 +@@ -111,6 +114,12 @@ input_kex_dh_gex_group(int type, u_int32 goto out; if ((bits = BN_num_bits(p)) < 0 || (u_int)bits < kex->min || (u_int)bits > kex->max) { @@ -73,11 +73,11 @@ Index: openssh-7.8p1/kexgexc.c r = SSH_ERR_DH_GEX_OUT_OF_RANGE; goto out; } -Index: openssh-7.8p1/kexgexs.c +Index: openssh-7.9p1/kexgexs.c =================================================================== ---- openssh-7.8p1.orig/kexgexs.c -+++ openssh-7.8p1/kexgexs.c -@@ -54,6 +54,9 @@ +--- openssh-7.9p1.orig/kexgexs.c ++++ openssh-7.9p1/kexgexs.c +@@ -56,6 +56,9 @@ #include "sshbuf.h" #include "misc.h" @@ -87,7 +87,7 @@ Index: openssh-7.8p1/kexgexs.c static int input_kex_dh_gex_request(int, u_int32_t, struct ssh *); static int input_kex_dh_gex_init(int, u_int32_t, struct ssh *); -@@ -82,13 +85,19 @@ input_kex_dh_gex_request(int type, u_int +@@ -85,13 +88,19 @@ input_kex_dh_gex_request(int type, u_int kex->nbits = nbits; kex->min = min; kex->max = max; @@ -109,10 +109,10 @@ Index: openssh-7.8p1/kexgexs.c r = SSH_ERR_DH_GEX_OUT_OF_RANGE; goto out; } -Index: openssh-7.8p1/readconf.c +Index: openssh-7.9p1/readconf.c =================================================================== ---- openssh-7.8p1.orig/readconf.c -+++ openssh-7.8p1/readconf.c +--- openssh-7.9p1.orig/readconf.c ++++ openssh-7.9p1/readconf.c @@ -67,6 +67,7 @@ #include "uidswap.h" #include "myproposal.h" @@ -130,7 +130,7 @@ Index: openssh-7.8p1/readconf.c oCanonicalDomains, oCanonicalizeHostname, oCanonicalizeMaxDots, oCanonicalizeFallbackLocal, oCanonicalizePermittedCNAMEs, oStreamLocalBindMask, oStreamLocalBindUnlink, oRevokedHostKeys, -@@ -291,6 +292,7 @@ static struct { +@@ -292,6 +293,7 @@ static struct { { "remotecommand", oRemoteCommand }, { "visualhostkey", oVisualHostKey }, { "kexalgorithms", oKexAlgorithms }, @@ -138,7 +138,7 @@ Index: openssh-7.8p1/readconf.c { "ipqos", oIPQoS }, { "requesttty", oRequestTTY }, { "proxyusefdpass", oProxyUseFdpass }, -@@ -312,6 +314,9 @@ static struct { +@@ -313,6 +315,9 @@ static struct { { NULL, oBadOption } }; @@ -148,7 +148,7 @@ Index: openssh-7.8p1/readconf.c /* * Adds a local TCP/IP port forward to options. Never returns if there is an * error. -@@ -1206,6 +1211,10 @@ parse_int: +@@ -1216,6 +1221,10 @@ parse_int: options->kex_algorithms = xstrdup(arg); break; @@ -159,15 +159,15 @@ Index: openssh-7.8p1/readconf.c case oHostKeyAlgorithms: charptr = &options->hostkeyalgorithms; parse_keytypes: -@@ -1835,6 +1844,7 @@ initialize_options(Options * options) +@@ -1860,6 +1869,7 @@ initialize_options(Options * options) options->ciphers = NULL; options->macs = NULL; options->kex_algorithms = NULL; + options->kex_dhmin = -1; options->hostkeyalgorithms = NULL; + options->ca_sign_algorithms = NULL; options->num_identity_files = 0; - options->num_certificate_files = 0; -@@ -1988,6 +1998,13 @@ fill_default_options(Options * options) +@@ -2014,6 +2024,13 @@ fill_default_options(Options * options) options->connection_attempts = 1; if (options->number_of_password_prompts == -1) options->number_of_password_prompts = 3; @@ -181,22 +181,22 @@ Index: openssh-7.8p1/readconf.c /* options->hostkeyalgorithms, default set in myproposals.h */ if (options->add_keys_to_agent == -1) options->add_keys_to_agent = 0; -Index: openssh-7.8p1/readconf.h +Index: openssh-7.9p1/readconf.h =================================================================== ---- openssh-7.8p1.orig/readconf.h -+++ openssh-7.8p1/readconf.h -@@ -67,6 +67,7 @@ typedef struct { - char *macs; /* SSH2 macs in order of preference. */ +--- openssh-7.9p1.orig/readconf.h ++++ openssh-7.9p1/readconf.h +@@ -68,6 +68,7 @@ typedef struct { char *hostkeyalgorithms; /* SSH2 server key types in order of preference. */ char *kex_algorithms; /* SSH2 kex methods in order of preference. */ -+ int kex_dhmin; /* minimum bit length of the DH group parameter */ + char *ca_sign_algorithms; /* Allowed CA signature algorithms */ ++ int kex_dhmin; /* minimum bit length of the DH group parameter */ char *hostname; /* Real host to connect. */ char *host_key_alias; /* hostname alias for .ssh/known_hosts */ char *proxy_command; /* Proxy command for connecting the host. */ -Index: openssh-7.8p1/servconf.c +Index: openssh-7.9p1/servconf.c =================================================================== ---- openssh-7.8p1.orig/servconf.c -+++ openssh-7.8p1/servconf.c +--- openssh-7.9p1.orig/servconf.c ++++ openssh-7.9p1/servconf.c @@ -64,6 +64,10 @@ #include "auth.h" #include "myproposal.h" @@ -213,10 +213,10 @@ Index: openssh-7.8p1/servconf.c options->macs = NULL; options->kex_algorithms = NULL; + options->kex_dhmin = -1; + options->ca_sign_algorithms = NULL; options->fwd_opts.gateway_ports = -1; options->fwd_opts.streamlocal_bind_mask = (mode_t)-1; - options->fwd_opts.streamlocal_bind_unlink = -1; -@@ -263,6 +268,14 @@ fill_default_server_options(ServerOption +@@ -267,6 +272,14 @@ fill_default_server_options(ServerOption if (options->use_pam_check_locks == -1) options->use_pam_check_locks = 0; @@ -231,16 +231,16 @@ Index: openssh-7.8p1/servconf.c /* Standard Options */ if (options->num_host_key_files == 0) { /* fill default hostkeys for protocols */ -@@ -490,7 +503,7 @@ typedef enum { +@@ -494,7 +507,7 @@ typedef enum { sHostCertificate, sRevokedKeys, sTrustedUserCAKeys, sAuthorizedPrincipalsFile, sAuthorizedPrincipalsCommand, sAuthorizedPrincipalsCommandUser, -- sKexAlgorithms, sIPQoS, sVersionAddendum, -+ sKexAlgorithms, sKexDHMin, sIPQoS, sVersionAddendum, +- sKexAlgorithms, sCASignatureAlgorithms, sIPQoS, sVersionAddendum, ++ sKexAlgorithms, sKexDHMin, sCASignatureAlgorithms, sIPQoS, sVersionAddendum, sAuthorizedKeysCommand, sAuthorizedKeysCommandUser, sAuthenticationMethods, sHostKeyAgent, sPermitUserRC, sStreamLocalBindMask, sStreamLocalBindUnlink, -@@ -631,6 +644,7 @@ static struct { +@@ -635,6 +648,7 @@ static struct { { "trustedusercakeys", sTrustedUserCAKeys, SSHCFG_ALL }, { "authorizedprincipalsfile", sAuthorizedPrincipalsFile, SSHCFG_ALL }, { "kexalgorithms", sKexAlgorithms, SSHCFG_GLOBAL }, @@ -248,7 +248,7 @@ Index: openssh-7.8p1/servconf.c { "ipqos", sIPQoS, SSHCFG_ALL }, { "authorizedkeyscommand", sAuthorizedKeysCommand, SSHCFG_ALL }, { "authorizedkeyscommanduser", sAuthorizedKeysCommandUser, SSHCFG_ALL }, -@@ -1726,6 +1740,10 @@ process_server_config_line(ServerOptions +@@ -1735,6 +1749,10 @@ process_server_config_line(ServerOptions options->kex_algorithms = xstrdup(arg); break; @@ -259,7 +259,7 @@ Index: openssh-7.8p1/servconf.c case sSubsystem: if (options->num_subsystems >= MAX_SUBSYSTEMS) { fatal("%s line %d: too many subsystems defined.", -@@ -2540,6 +2558,7 @@ dump_config(ServerOptions *o) +@@ -2549,6 +2567,7 @@ dump_config(ServerOptions *o) dump_cfg_int(sClientAliveInterval, o->client_alive_interval); dump_cfg_int(sClientAliveCountMax, o->client_alive_count_max); dump_cfg_oct(sStreamLocalBindMask, o->fwd_opts.streamlocal_bind_mask); @@ -267,10 +267,10 @@ Index: openssh-7.8p1/servconf.c /* formatted integer arguments */ dump_cfg_fmtint(sPermitRootLogin, o->permit_root_login); -Index: openssh-7.8p1/servconf.h +Index: openssh-7.9p1/servconf.h =================================================================== ---- openssh-7.8p1.orig/servconf.h -+++ openssh-7.8p1/servconf.h +--- openssh-7.9p1.orig/servconf.h ++++ openssh-7.9p1/servconf.h @@ -103,6 +103,7 @@ typedef struct { char *ciphers; /* Supported SSH2 ciphers. */ char *macs; /* Supported SSH2 macs. */ @@ -279,10 +279,10 @@ Index: openssh-7.8p1/servconf.h struct ForwardOptions fwd_opts; /* forwarding options */ SyslogFacility log_facility; /* Facility for system logging. */ LogLevel log_level; /* Level for system logging. */ -Index: openssh-7.8p1/ssh_config +Index: openssh-7.9p1/ssh_config =================================================================== ---- openssh-7.8p1.orig/ssh_config -+++ openssh-7.8p1/ssh_config +--- openssh-7.9p1.orig/ssh_config ++++ openssh-7.9p1/ssh_config @@ -17,6 +17,11 @@ # list of available options, their meanings and defaults, please see the # ssh_config(5) man page. @@ -295,11 +295,11 @@ Index: openssh-7.8p1/ssh_config Host * # ForwardAgent no # ForwardX11 no -Index: openssh-7.8p1/ssh_config.0 +Index: openssh-7.9p1/ssh_config.0 =================================================================== ---- openssh-7.8p1.orig/ssh_config.0 -+++ openssh-7.8p1/ssh_config.0 -@@ -595,6 +595,23 @@ DESCRIPTION +--- openssh-7.9p1.orig/ssh_config.0 ++++ openssh-7.9p1/ssh_config.0 +@@ -610,6 +610,23 @@ DESCRIPTION The list of available key exchange algorithms may also be obtained using "ssh -Q kex". @@ -323,11 +323,11 @@ Index: openssh-7.8p1/ssh_config.0 LocalCommand Specifies a command to execute on the local machine after successfully connecting to the server. The command string -Index: openssh-7.8p1/ssh_config.5 +Index: openssh-7.9p1/ssh_config.5 =================================================================== ---- openssh-7.8p1.orig/ssh_config.5 -+++ openssh-7.8p1/ssh_config.5 -@@ -1025,6 +1025,22 @@ diffie-hellman-group14-sha1 +--- openssh-7.9p1.orig/ssh_config.5 ++++ openssh-7.9p1/ssh_config.5 +@@ -1047,6 +1047,22 @@ diffie-hellman-group14-sha1 .Pp The list of available key exchange algorithms may also be obtained using .Qq ssh -Q kex . @@ -350,10 +350,10 @@ Index: openssh-7.8p1/ssh_config.5 .It Cm LocalCommand Specifies a command to execute on the local machine after successfully connecting to the server. -Index: openssh-7.8p1/sshd_config +Index: openssh-7.9p1/sshd_config =================================================================== ---- openssh-7.8p1.orig/sshd_config -+++ openssh-7.8p1/sshd_config +--- openssh-7.9p1.orig/sshd_config ++++ openssh-7.9p1/sshd_config @@ -19,6 +19,13 @@ #HostKey /etc/ssh/ssh_host_ecdsa_key #HostKey /etc/ssh/ssh_host_ed25519_key @@ -368,11 +368,11 @@ Index: openssh-7.8p1/sshd_config # Ciphers and keying #RekeyLimit default none -Index: openssh-7.8p1/sshd_config.0 +Index: openssh-7.9p1/sshd_config.0 =================================================================== ---- openssh-7.8p1.orig/sshd_config.0 -+++ openssh-7.8p1/sshd_config.0 -@@ -545,6 +545,23 @@ DESCRIPTION +--- openssh-7.9p1.orig/sshd_config.0 ++++ openssh-7.9p1/sshd_config.0 +@@ -555,6 +555,23 @@ DESCRIPTION The list of available key exchange algorithms may also be obtained using "ssh -Q kex". @@ -396,11 +396,11 @@ Index: openssh-7.8p1/sshd_config.0 ListenAddress Specifies the local addresses sshd(8) should listen on. The following forms may be used: -Index: openssh-7.8p1/sshd_config.5 +Index: openssh-7.9p1/sshd_config.5 =================================================================== ---- openssh-7.8p1.orig/sshd_config.5 -+++ openssh-7.8p1/sshd_config.5 -@@ -912,6 +912,22 @@ diffie-hellman-group14-sha256,diffie-hel +--- openssh-7.9p1.orig/sshd_config.5 ++++ openssh-7.9p1/sshd_config.5 +@@ -923,6 +923,22 @@ diffie-hellman-group14-sha256,diffie-hel .Pp The list of available key exchange algorithms may also be obtained using .Qq ssh -Q kex . diff --git a/openssh-7.7p1-fips.patch b/openssh-7.7p1-fips.patch index 9de361f..538aadd 100644 --- a/openssh-7.7p1-fips.patch +++ b/openssh-7.7p1-fips.patch @@ -3,10 +3,10 @@ FIPS 140-2 compliance. Perform selftests on start and use only FIPS approved algorithms. -Index: openssh-7.8p1/Makefile.in +Index: openssh-7.9p1/Makefile.in =================================================================== ---- openssh-7.8p1.orig/Makefile.in -+++ openssh-7.8p1/Makefile.in +--- openssh-7.9p1.orig/Makefile.in ++++ openssh-7.9p1/Makefile.in @@ -102,6 +102,8 @@ LIBSSH_OBJS=${LIBOPENSSH_OBJS} \ kexdhs.o kexgexs.o kexecdhs.o kexc25519s.o \ platform-pledge.o platform-tracing.o platform-misc.o @@ -16,10 +16,10 @@ Index: openssh-7.8p1/Makefile.in SSHOBJS= ssh.o readconf.o clientloop.o sshtty.o \ sshconnect.o sshconnect2.o mux.o -Index: openssh-7.8p1/cipher-ctr.c +Index: openssh-7.9p1/cipher-ctr.c =================================================================== ---- openssh-7.8p1.orig/cipher-ctr.c -+++ openssh-7.8p1/cipher-ctr.c +--- openssh-7.9p1.orig/cipher-ctr.c ++++ openssh-7.9p1/cipher-ctr.c @@ -27,6 +27,8 @@ #include "xmalloc.h" #include "log.h" @@ -38,10 +38,10 @@ Index: openssh-7.8p1/cipher-ctr.c #endif return (&aes_ctr); } -Index: openssh-7.8p1/cipher.c +Index: openssh-7.9p1/cipher.c =================================================================== ---- openssh-7.8p1.orig/cipher.c -+++ openssh-7.8p1/cipher.c +--- openssh-7.9p1.orig/cipher.c ++++ openssh-7.9p1/cipher.c @@ -51,6 +51,8 @@ #include "openbsd-compat/openssl-compat.h" @@ -131,10 +131,10 @@ Index: openssh-7.8p1/cipher.c if (strcmp(c->name, name) == 0) return c; return NULL; -Index: openssh-7.8p1/dh.h +Index: openssh-7.9p1/dh.h =================================================================== ---- openssh-7.8p1.orig/dh.h -+++ openssh-7.8p1/dh.h +--- openssh-7.9p1.orig/dh.h ++++ openssh-7.9p1/dh.h @@ -52,6 +52,7 @@ u_int dh_estimate(int); */ #define DH_GRP_MIN_RFC 1024 @@ -143,10 +143,10 @@ Index: openssh-7.8p1/dh.h #define DH_GRP_MAX 8192 /* -Index: openssh-7.8p1/fips.c +Index: openssh-7.9p1/fips.c =================================================================== --- /dev/null -+++ openssh-7.8p1/fips.c ++++ openssh-7.9p1/fips.c @@ -0,0 +1,237 @@ +/* + * Copyright (c) 2012 Petr Cerny. All rights reserved. @@ -385,10 +385,10 @@ Index: openssh-7.8p1/fips.c + return dh; +} + -Index: openssh-7.8p1/fips.h +Index: openssh-7.9p1/fips.h =================================================================== --- /dev/null -+++ openssh-7.8p1/fips.h ++++ openssh-7.9p1/fips.h @@ -0,0 +1,45 @@ +/* + * Copyright (c) 2012 Petr Cerny. All rights reserved. @@ -435,10 +435,10 @@ Index: openssh-7.8p1/fips.h + +#endif + -Index: openssh-7.8p1/hmac.c +Index: openssh-7.9p1/hmac.c =================================================================== ---- openssh-7.8p1.orig/hmac.c -+++ openssh-7.8p1/hmac.c +--- openssh-7.9p1.orig/hmac.c ++++ openssh-7.9p1/hmac.c @@ -144,7 +144,7 @@ hmac_test(void *key, size_t klen, void * size_t i; u_char digest[16]; @@ -448,10 +448,10 @@ Index: openssh-7.8p1/hmac.c printf("ssh_hmac_start failed"); if (ssh_hmac_init(ctx, key, klen) < 0 || ssh_hmac_update(ctx, m, mlen) < 0 || -Index: openssh-7.8p1/kex.c +Index: openssh-7.9p1/kex.c =================================================================== ---- openssh-7.8p1.orig/kex.c -+++ openssh-7.8p1/kex.c +--- openssh-7.9p1.orig/kex.c ++++ openssh-7.9p1/kex.c @@ -54,6 +54,8 @@ #include "sshbuf.h" #include "digest.h" @@ -547,11 +547,11 @@ Index: openssh-7.8p1/kex.c free(s); return 0; } -Index: openssh-7.8p1/kexgexc.c +Index: openssh-7.9p1/kexgexc.c =================================================================== ---- openssh-7.8p1.orig/kexgexc.c -+++ openssh-7.8p1/kexgexc.c -@@ -51,8 +51,7 @@ +--- openssh-7.9p1.orig/kexgexc.c ++++ openssh-7.9p1/kexgexc.c +@@ -53,8 +53,7 @@ #include "sshbuf.h" #include "misc.h" @@ -561,7 +561,7 @@ Index: openssh-7.8p1/kexgexc.c static int input_kex_dh_gex_group(int, u_int32_t, struct ssh *); static int input_kex_dh_gex_reply(int, u_int32_t, struct ssh *); -@@ -66,7 +65,7 @@ kexgex_client(struct ssh *ssh) +@@ -68,7 +67,7 @@ kexgex_client(struct ssh *ssh) nbits = dh_estimate(kex->dh_need * 8); @@ -570,11 +570,11 @@ Index: openssh-7.8p1/kexgexc.c kex->max = DH_GRP_MAX; kex->nbits = nbits; if (datafellows & SSH_BUG_DHGEX_LARGE) -Index: openssh-7.8p1/kexgexs.c +Index: openssh-7.9p1/kexgexs.c =================================================================== ---- openssh-7.8p1.orig/kexgexs.c -+++ openssh-7.8p1/kexgexs.c -@@ -54,8 +54,7 @@ +--- openssh-7.9p1.orig/kexgexs.c ++++ openssh-7.9p1/kexgexs.c +@@ -56,8 +56,7 @@ #include "sshbuf.h" #include "misc.h" @@ -584,7 +584,7 @@ Index: openssh-7.8p1/kexgexs.c static int input_kex_dh_gex_request(int, u_int32_t, struct ssh *); static int input_kex_dh_gex_init(int, u_int32_t, struct ssh *); -@@ -85,9 +84,9 @@ input_kex_dh_gex_request(int type, u_int +@@ -88,9 +87,9 @@ input_kex_dh_gex_request(int type, u_int kex->nbits = nbits; kex->min = min; kex->max = max; @@ -596,10 +596,10 @@ Index: openssh-7.8p1/kexgexs.c nbits = MINIMUM(DH_GRP_MAX, nbits); if (kex->max < kex->min || kex->nbits < kex->min || -Index: openssh-7.8p1/mac.c +Index: openssh-7.9p1/mac.c =================================================================== ---- openssh-7.8p1.orig/mac.c -+++ openssh-7.8p1/mac.c +--- openssh-7.9p1.orig/mac.c ++++ openssh-7.9p1/mac.c @@ -40,6 +40,9 @@ #include "openbsd-compat/openssl-compat.h" @@ -679,11 +679,11 @@ Index: openssh-7.8p1/mac.c if (strcmp(name, m->name) != 0) continue; if (mac != NULL) -Index: openssh-7.8p1/myproposal.h +Index: openssh-7.9p1/myproposal.h =================================================================== ---- openssh-7.8p1.orig/myproposal.h -+++ openssh-7.8p1/myproposal.h -@@ -141,6 +141,8 @@ +--- openssh-7.9p1.orig/myproposal.h ++++ openssh-7.9p1/myproposal.h +@@ -151,6 +151,8 @@ #else /* WITH_OPENSSL */ @@ -692,10 +692,10 @@ Index: openssh-7.8p1/myproposal.h #define KEX_SERVER_KEX \ "curve25519-sha256," \ "curve25519-sha256@libssh.org" -Index: openssh-7.8p1/readconf.c +Index: openssh-7.9p1/readconf.c =================================================================== ---- openssh-7.8p1.orig/readconf.c -+++ openssh-7.8p1/readconf.c +--- openssh-7.9p1.orig/readconf.c ++++ openssh-7.9p1/readconf.c @@ -68,6 +68,7 @@ #include "myproposal.h" #include "digest.h" @@ -704,7 +704,7 @@ Index: openssh-7.8p1/readconf.c /* Format of the configuration file: -@@ -1800,6 +1801,23 @@ option_clear_or_none(const char *o) +@@ -1825,6 +1826,23 @@ option_clear_or_none(const char *o) return o == NULL || strcasecmp(o, "none") == 0; } @@ -728,7 +728,7 @@ Index: openssh-7.8p1/readconf.c /* * Initializes options to special values that indicate that they have not yet * been set. Read_config_file will only set options with this value. Options -@@ -1999,9 +2017,9 @@ fill_default_options(Options * options) +@@ -2025,9 +2043,9 @@ fill_default_options(Options * options) if (options->number_of_password_prompts == -1) options->number_of_password_prompts = 3; if (options->kex_dhmin == -1) @@ -740,7 +740,7 @@ Index: openssh-7.8p1/readconf.c options->kex_dhmin = MINIMUM(options->kex_dhmin, DH_GRP_MAX); } dh_grp_min = options->kex_dhmin; -@@ -2086,6 +2104,8 @@ fill_default_options(Options * options) +@@ -2112,6 +2130,8 @@ fill_default_options(Options * options) options->canonicalize_hostname = SSH_CANONICALISE_NO; if (options->fingerprint_hash == -1) options->fingerprint_hash = SSH_FP_HASH_DEFAULT; @@ -749,19 +749,19 @@ Index: openssh-7.8p1/readconf.c if (options->update_hostkeys == -1) options->update_hostkeys = 0; -@@ -2110,6 +2130,7 @@ fill_default_options(Options * options) - free(all_mac); - free(all_kex); +@@ -2594,6 +2614,7 @@ dump_client_config(Options *o, const cha + KEX_DEFAULT_PK_ALG, all_key) != 0) + fatal("%s: kex_assemble_names failed", __func__); free(all_key); + filter_fips_algorithms(options); - #define CLEAR_ON_NONE(v) \ - do { \ -Index: openssh-7.8p1/readconf.h + /* Most interesting options first: user, host, port */ + dump_cfg_string(oUser, o->user); +Index: openssh-7.9p1/readconf.h =================================================================== ---- openssh-7.8p1.orig/readconf.h -+++ openssh-7.8p1/readconf.h -@@ -197,6 +197,7 @@ typedef struct { +--- openssh-7.9p1.orig/readconf.h ++++ openssh-7.9p1/readconf.h +@@ -198,6 +198,7 @@ typedef struct { #define SSH_STRICT_HOSTKEY_YES 2 #define SSH_STRICT_HOSTKEY_ASK 3 @@ -769,10 +769,10 @@ Index: openssh-7.8p1/readconf.h void initialize_options(Options *); void fill_default_options(Options *); void fill_default_options_for_canonicalization(Options *); -Index: openssh-7.8p1/servconf.c +Index: openssh-7.9p1/servconf.c =================================================================== ---- openssh-7.8p1.orig/servconf.c -+++ openssh-7.8p1/servconf.c +--- openssh-7.9p1.orig/servconf.c ++++ openssh-7.9p1/servconf.c @@ -65,6 +65,7 @@ #include "myproposal.h" #include "digest.h" @@ -781,7 +781,7 @@ Index: openssh-7.8p1/servconf.c /* import from dh.c */ extern int dh_grp_min; -@@ -194,6 +195,23 @@ option_clear_or_none(const char *o) +@@ -195,6 +196,23 @@ option_clear_or_none(const char *o) return o == NULL || strcasecmp(o, "none") == 0; } @@ -805,16 +805,16 @@ Index: openssh-7.8p1/servconf.c static void assemble_algorithms(ServerOptions *o) { -@@ -220,6 +238,8 @@ assemble_algorithms(ServerOptions *o) - free(all_mac); +@@ -224,6 +242,8 @@ assemble_algorithms(ServerOptions *o) free(all_kex); free(all_key); + free(all_sig); + + filter_fips_algorithms_s(o); } static void -@@ -269,9 +289,9 @@ fill_default_server_options(ServerOption +@@ -273,9 +293,9 @@ fill_default_server_options(ServerOption options->use_pam_check_locks = 0; if (options->kex_dhmin == -1) @@ -826,7 +826,7 @@ Index: openssh-7.8p1/servconf.c options->kex_dhmin = MINIMUM(options->kex_dhmin, DH_GRP_MAX); } dh_grp_min = options->kex_dhmin; -@@ -419,6 +439,8 @@ fill_default_server_options(ServerOption +@@ -423,6 +443,8 @@ fill_default_server_options(ServerOption options->fwd_opts.streamlocal_bind_unlink = 0; if (options->fingerprint_hash == -1) options->fingerprint_hash = SSH_FP_HASH_DEFAULT; @@ -835,10 +835,10 @@ Index: openssh-7.8p1/servconf.c if (options->disable_forwarding == -1) options->disable_forwarding = 0; if (options->expose_userauth_info == -1) -Index: openssh-7.8p1/ssh-keygen.c +Index: openssh-7.9p1/ssh-keygen.c =================================================================== ---- openssh-7.8p1.orig/ssh-keygen.c -+++ openssh-7.8p1/ssh-keygen.c +--- openssh-7.9p1.orig/ssh-keygen.c ++++ openssh-7.9p1/ssh-keygen.c @@ -61,6 +61,8 @@ #include "utf8.h" #include "authfd.h" @@ -848,7 +848,7 @@ Index: openssh-7.8p1/ssh-keygen.c #ifdef WITH_OPENSSL # define DEFAULT_KEY_TYPE_NAME "rsa" #else -@@ -965,11 +967,13 @@ do_fingerprint(struct passwd *pw) +@@ -996,11 +998,13 @@ do_fingerprint(struct passwd *pw) static void do_gen_all_hostkeys(struct passwd *pw) { @@ -864,7 +864,7 @@ Index: openssh-7.8p1/ssh-keygen.c #ifdef WITH_OPENSSL { "rsa", "RSA" ,_PATH_HOST_RSA_KEY_FILE }, { "dsa", "DSA", _PATH_HOST_DSA_KEY_FILE }, -@@ -984,6 +988,17 @@ do_gen_all_hostkeys(struct passwd *pw) +@@ -1015,6 +1019,17 @@ do_gen_all_hostkeys(struct passwd *pw) { NULL, NULL, NULL } }; @@ -882,7 +882,7 @@ Index: openssh-7.8p1/ssh-keygen.c int first = 0; struct stat st; struct sshkey *private, *public; -@@ -991,6 +1006,12 @@ do_gen_all_hostkeys(struct passwd *pw) +@@ -1022,6 +1037,12 @@ do_gen_all_hostkeys(struct passwd *pw) int i, type, fd, r; FILE *f; @@ -895,7 +895,7 @@ Index: openssh-7.8p1/ssh-keygen.c for (i = 0; key_types[i].key_type; i++) { public = private = NULL; prv_tmp = pub_tmp = prv_file = pub_file = NULL; -@@ -2727,6 +2748,15 @@ main(int argc, char **argv) +@@ -2817,6 +2838,15 @@ main(int argc, char **argv) key_type_name = DEFAULT_KEY_TYPE_NAME; type = sshkey_type_from_name(key_type_name); @@ -911,11 +911,11 @@ Index: openssh-7.8p1/ssh-keygen.c type_bits_valid(type, key_type_name, &bits); if (!quiet) -Index: openssh-7.8p1/ssh_config.0 +Index: openssh-7.9p1/ssh_config.0 =================================================================== ---- openssh-7.8p1.orig/ssh_config.0 -+++ openssh-7.8p1/ssh_config.0 -@@ -343,6 +343,9 @@ DESCRIPTION +--- openssh-7.9p1.orig/ssh_config.0 ++++ openssh-7.9p1/ssh_config.0 +@@ -353,6 +353,9 @@ DESCRIPTION Specifies the hash algorithm used when displaying key fingerprints. Valid options are: md5 and sha256 (the default). @@ -925,7 +925,7 @@ Index: openssh-7.8p1/ssh_config.0 ForwardAgent Specifies whether the connection to the authentication agent (if any) will be forwarded to the remote machine. The argument must -@@ -612,6 +615,9 @@ DESCRIPTION +@@ -627,6 +630,9 @@ DESCRIPTION resort and all efforts should be made to fix the (broken) counterparty. @@ -935,11 +935,11 @@ Index: openssh-7.8p1/ssh_config.0 LocalCommand Specifies a command to execute on the local machine after successfully connecting to the server. The command string -Index: openssh-7.8p1/ssh_config.5 +Index: openssh-7.9p1/ssh_config.5 =================================================================== ---- openssh-7.8p1.orig/ssh_config.5 -+++ openssh-7.8p1/ssh_config.5 -@@ -628,6 +628,8 @@ Valid options are: +--- openssh-7.9p1.orig/ssh_config.5 ++++ openssh-7.9p1/ssh_config.5 +@@ -642,6 +642,8 @@ Valid options are: and .Cm sha256 (the default). @@ -948,7 +948,7 @@ Index: openssh-7.8p1/ssh_config.5 .It Cm ForwardAgent Specifies whether the connection to the authentication agent (if any) will be forwarded to the remote machine. -@@ -1041,6 +1043,9 @@ maximum backward compatibility, using it +@@ -1063,6 +1065,9 @@ maximum backward compatibility, using it security and thus should be viewed as a temporary fix of last resort and all efforts should be made to fix the (broken) counterparty. @@ -958,10 +958,10 @@ Index: openssh-7.8p1/ssh_config.5 .It Cm LocalCommand Specifies a command to execute on the local machine after successfully connecting to the server. -Index: openssh-7.8p1/sshd.c +Index: openssh-7.9p1/sshd.c =================================================================== ---- openssh-7.8p1.orig/sshd.c -+++ openssh-7.8p1/sshd.c +--- openssh-7.9p1.orig/sshd.c ++++ openssh-7.9p1/sshd.c @@ -123,6 +123,8 @@ #include "version.h" #include "ssherr.h" @@ -971,11 +971,11 @@ Index: openssh-7.8p1/sshd.c /* Re-exec fds */ #define REEXEC_DEVCRYPTO_RESERVED_FD (STDERR_FILENO + 1) #define REEXEC_STARTUP_PIPE_FD (STDERR_FILENO + 2) -Index: openssh-7.8p1/sshd_config.0 +Index: openssh-7.9p1/sshd_config.0 =================================================================== ---- openssh-7.8p1.orig/sshd_config.0 -+++ openssh-7.8p1/sshd_config.0 -@@ -338,6 +338,9 @@ DESCRIPTION +--- openssh-7.9p1.orig/sshd_config.0 ++++ openssh-7.9p1/sshd_config.0 +@@ -348,6 +348,9 @@ DESCRIPTION Specifies the hash algorithm used when logging key fingerprints. Valid options are: md5 and sha256. The default is sha256. @@ -985,7 +985,7 @@ Index: openssh-7.8p1/sshd_config.0 ForceCommand Forces the execution of the command specified by ForceCommand, ignoring any command supplied by the client and ~/.ssh/rc if -@@ -562,6 +565,9 @@ DESCRIPTION +@@ -572,6 +575,9 @@ DESCRIPTION resort and all efforts should be made to fix the (broken) counterparty. @@ -995,11 +995,11 @@ Index: openssh-7.8p1/sshd_config.0 ListenAddress Specifies the local addresses sshd(8) should listen on. The following forms may be used: -Index: openssh-7.8p1/sshd_config.5 +Index: openssh-7.9p1/sshd_config.5 =================================================================== ---- openssh-7.8p1.orig/sshd_config.5 -+++ openssh-7.8p1/sshd_config.5 -@@ -592,6 +592,8 @@ and +--- openssh-7.9p1.orig/sshd_config.5 ++++ openssh-7.9p1/sshd_config.5 +@@ -603,6 +603,8 @@ and .Cm sha256 . The default is .Cm sha256 . diff --git a/openssh-7.7p1-gssapi_key_exchange.patch b/openssh-7.7p1-gssapi_key_exchange.patch index eb36435..b6115f3 100644 --- a/openssh-7.7p1-gssapi_key_exchange.patch +++ b/openssh-7.7p1-gssapi_key_exchange.patch @@ -1,10 +1,10 @@ # HG changeset patch # Parent 6a2300496d25e85647e718287d4d9f37170f492a -Index: openssh-7.8p1/Makefile.in +Index: openssh-7.9p1/Makefile.in =================================================================== ---- openssh-7.8p1.orig/Makefile.in -+++ openssh-7.8p1/Makefile.in +--- openssh-7.9p1.orig/Makefile.in ++++ openssh-7.9p1/Makefile.in @@ -108,6 +108,8 @@ LIBSSH_OBJS=${LIBOPENSSH_OBJS} \ LIBSSH_OBJS += fips.o @@ -14,10 +14,10 @@ Index: openssh-7.8p1/Makefile.in SSHOBJS= ssh.o readconf.o clientloop.o sshtty.o \ sshconnect.o sshconnect2.o mux.o -Index: openssh-7.8p1/auth-krb5.c +Index: openssh-7.9p1/auth-krb5.c =================================================================== ---- openssh-7.8p1.orig/auth-krb5.c -+++ openssh-7.8p1/auth-krb5.c +--- openssh-7.9p1.orig/auth-krb5.c ++++ openssh-7.9p1/auth-krb5.c @@ -182,8 +182,13 @@ auth_krb5_password(Authctxt *authctxt, c len = strlen(authctxt->krb5_ticket_file) + 6; @@ -60,11 +60,11 @@ Index: openssh-7.8p1/auth-krb5.c return (krb5_cc_resolve(ctx, ccname, ccache)); } -Index: openssh-7.8p1/auth.c +Index: openssh-7.9p1/auth.c =================================================================== ---- openssh-7.8p1.orig/auth.c -+++ openssh-7.8p1/auth.c -@@ -395,6 +395,7 @@ auth_root_allowed(struct ssh *ssh, const +--- openssh-7.9p1.orig/auth.c ++++ openssh-7.9p1/auth.c +@@ -399,6 +399,7 @@ auth_root_allowed(struct ssh *ssh, const case PERMIT_NO_PASSWD: if (strcmp(method, "publickey") == 0 || strcmp(method, "hostbased") == 0 || @@ -72,10 +72,10 @@ Index: openssh-7.8p1/auth.c strcmp(method, "gssapi-with-mic") == 0) return 1; break; -Index: openssh-7.8p1/auth2-gss.c +Index: openssh-7.9p1/auth2-gss.c =================================================================== ---- openssh-7.8p1.orig/auth2-gss.c -+++ openssh-7.8p1/auth2-gss.c +--- openssh-7.9p1.orig/auth2-gss.c ++++ openssh-7.9p1/auth2-gss.c @@ -31,6 +31,7 @@ #include @@ -162,10 +162,10 @@ Index: openssh-7.8p1/auth2-gss.c Authmethod method_gssapi = { "gssapi-with-mic", userauth_gssapi, -Index: openssh-7.8p1/auth2.c +Index: openssh-7.9p1/auth2.c =================================================================== ---- openssh-7.8p1.orig/auth2.c -+++ openssh-7.8p1/auth2.c +--- openssh-7.9p1.orig/auth2.c ++++ openssh-7.9p1/auth2.c @@ -74,6 +74,7 @@ extern Authmethod method_passwd; extern Authmethod method_kbdint; extern Authmethod method_hostbased; @@ -182,10 +182,10 @@ Index: openssh-7.8p1/auth2.c &method_gssapi, #endif &method_passwd, -Index: openssh-7.8p1/clientloop.c +Index: openssh-7.9p1/clientloop.c =================================================================== ---- openssh-7.8p1.orig/clientloop.c -+++ openssh-7.8p1/clientloop.c +--- openssh-7.9p1.orig/clientloop.c ++++ openssh-7.9p1/clientloop.c @@ -112,6 +112,10 @@ #include "ssherr.h" #include "hostfile.h" @@ -197,7 +197,7 @@ Index: openssh-7.8p1/clientloop.c /* import options */ extern Options options; -@@ -1357,9 +1361,18 @@ client_loop(struct ssh *ssh, int have_pt +@@ -1370,9 +1374,18 @@ client_loop(struct ssh *ssh, int have_pt break; /* Do channel operations unless rekeying in progress. */ @@ -217,11 +217,11 @@ Index: openssh-7.8p1/clientloop.c /* Buffer input from the connection. */ client_process_net_input(readset); -Index: openssh-7.8p1/configure.ac +Index: openssh-7.9p1/configure.ac =================================================================== ---- openssh-7.8p1.orig/configure.ac -+++ openssh-7.8p1/configure.ac -@@ -673,6 +673,30 @@ main() { if (NSVersionOfRunTimeLibrary(" +--- openssh-7.9p1.orig/configure.ac ++++ openssh-7.9p1/configure.ac +@@ -664,6 +664,30 @@ main() { if (NSVersionOfRunTimeLibrary(" [Use tunnel device compatibility to OpenBSD]) AC_DEFINE([SSH_TUN_PREPEND_AF], [1], [Prepend the address family to IP tunnel traffic]) @@ -252,7 +252,7 @@ Index: openssh-7.8p1/configure.ac m4_pattern_allow([AU_IPv]) AC_CHECK_DECL([AU_IPv4], [], AC_DEFINE([AU_IPv4], [0], [System only supports IPv4 audit records]) -@@ -1853,9 +1877,9 @@ AC_RUN_IFELSE( +@@ -1844,9 +1868,9 @@ AC_RUN_IFELSE( ) AC_LINK_IFELSE( @@ -265,7 +265,7 @@ Index: openssh-7.8p1/configure.ac [AC_DEFINE([HAVE_ISBLANK], [1], [Define if you have isblank(3C).]) ]) -@@ -2161,7 +2185,7 @@ int snprintf(char *a, size_t b, const ch +@@ -2175,7 +2199,7 @@ int snprintf(char *a, size_t b, const ch ]])], [AC_MSG_RESULT([yes]) AC_DEFINE([SNPRINTF_CONST], [const], @@ -274,7 +274,7 @@ Index: openssh-7.8p1/configure.ac [AC_MSG_RESULT([no]) AC_DEFINE([SNPRINTF_CONST], [/* not const */])]) -@@ -2176,7 +2200,7 @@ if test "x$ac_cv_func_getpeereid" != "xy +@@ -2190,7 +2214,7 @@ if test "x$ac_cv_func_getpeereid" != "xy AC_DEFINE([HAVE_SO_PEERCRED], [1], [Have PEERCRED socket option]) ], [AC_MSG_RESULT([no]) NO_PEERCHECK=1 @@ -283,23 +283,7 @@ Index: openssh-7.8p1/configure.ac fi dnl see whether mkstemp() requires XXXXXX -@@ -2600,12 +2624,12 @@ if test "x$openssl" = "xyes" ; then - case "$ssl_library_ver" in - 10000*|0*) - AC_MSG_ERROR([OpenSSL >= 1.0.1 required (have "$ssl_library_ver")]) -- ;; -+ ;; - 100*) ;; # 1.0.x - 200*) ;; # LibreSSL -- *) -+ *) - AC_MSG_ERROR([OpenSSL >= 1.1.0 is not yet supported (have "$ssl_library_ver")]) -- ;; -+ ;; - esac - AC_MSG_RESULT([$ssl_library_ver]) - ], -@@ -4473,7 +4497,7 @@ AC_ARG_WITH([maildir], +@@ -4601,7 +4625,7 @@ AC_ARG_WITH([maildir], if test "X$withval" != X && test "x$withval" != xno && \ test "x${withval}" != xyes; then AC_DEFINE_UNQUOTED([MAIL_DIRECTORY], ["$withval"], @@ -308,10 +292,10 @@ Index: openssh-7.8p1/configure.ac fi ],[ if test "X$maildir" != "X"; then -Index: openssh-7.8p1/gss-genr.c +Index: openssh-7.9p1/gss-genr.c =================================================================== ---- openssh-7.8p1.orig/gss-genr.c -+++ openssh-7.8p1/gss-genr.c +--- openssh-7.9p1.orig/gss-genr.c ++++ openssh-7.9p1/gss-genr.c @@ -41,12 +41,169 @@ #include "sshbuf.h" #include "log.h" @@ -657,10 +641,10 @@ Index: openssh-7.8p1/gss-genr.c +} + #endif /* GSSAPI */ -Index: openssh-7.8p1/gss-serv-krb5.c +Index: openssh-7.9p1/gss-serv-krb5.c =================================================================== ---- openssh-7.8p1.orig/gss-serv-krb5.c -+++ openssh-7.8p1/gss-serv-krb5.c +--- openssh-7.9p1.orig/gss-serv-krb5.c ++++ openssh-7.9p1/gss-serv-krb5.c @@ -120,7 +120,7 @@ ssh_gssapi_krb5_storecreds(ssh_gssapi_cl krb5_error_code problem; krb5_principal princ; @@ -788,10 +772,10 @@ Index: openssh-7.8p1/gss-serv-krb5.c }; #endif /* KRB5 */ -Index: openssh-7.8p1/gss-serv.c +Index: openssh-7.9p1/gss-serv.c =================================================================== ---- openssh-7.8p1.orig/gss-serv.c -+++ openssh-7.8p1/gss-serv.c +--- openssh-7.9p1.orig/gss-serv.c ++++ openssh-7.9p1/gss-serv.c @@ -44,17 +44,19 @@ #include "session.h" #include "misc.h" @@ -1073,10 +1057,10 @@ Index: openssh-7.8p1/gss-serv.c } /* Privileged */ -Index: openssh-7.8p1/kex.c +Index: openssh-7.9p1/kex.c =================================================================== ---- openssh-7.8p1.orig/kex.c -+++ openssh-7.8p1/kex.c +--- openssh-7.9p1.orig/kex.c ++++ openssh-7.9p1/kex.c @@ -56,6 +56,10 @@ #include "fips.h" @@ -1124,10 +1108,10 @@ Index: openssh-7.8p1/kex.c } return NULL; } -Index: openssh-7.8p1/kex.h +Index: openssh-7.9p1/kex.h =================================================================== ---- openssh-7.8p1.orig/kex.h -+++ openssh-7.8p1/kex.h +--- openssh-7.9p1.orig/kex.h ++++ openssh-7.9p1/kex.h @@ -100,6 +100,11 @@ enum kex_exchange { KEX_DH_GEX_SHA256, KEX_ECDH_SHA2, @@ -1164,10 +1148,10 @@ Index: openssh-7.8p1/kex.h int kex_dh_hash(int, const char *, const char *, const u_char *, size_t, const u_char *, size_t, const u_char *, size_t, -Index: openssh-7.8p1/kexgssc.c +Index: openssh-7.9p1/kexgssc.c =================================================================== --- /dev/null -+++ openssh-7.8p1/kexgssc.c ++++ openssh-7.9p1/kexgssc.c @@ -0,0 +1,348 @@ +/* + * Copyright (c) 2001-2009 Simon Wilkinson. All rights reserved. @@ -1517,10 +1501,10 @@ Index: openssh-7.8p1/kexgssc.c +} + +#endif /* GSSAPI */ -Index: openssh-7.8p1/kexgsss.c +Index: openssh-7.9p1/kexgsss.c =================================================================== --- /dev/null -+++ openssh-7.8p1/kexgsss.c ++++ openssh-7.9p1/kexgsss.c @@ -0,0 +1,307 @@ +/* + * Copyright (c) 2001-2009 Simon Wilkinson. All rights reserved. @@ -1829,11 +1813,11 @@ Index: openssh-7.8p1/kexgsss.c + return 0; +} +#endif /* GSSAPI */ -Index: openssh-7.8p1/monitor.c +Index: openssh-7.9p1/monitor.c =================================================================== ---- openssh-7.8p1.orig/monitor.c -+++ openssh-7.8p1/monitor.c -@@ -143,6 +143,8 @@ int mm_answer_gss_setup_ctx(int, struct +--- openssh-7.9p1.orig/monitor.c ++++ openssh-7.9p1/monitor.c +@@ -145,6 +145,8 @@ int mm_answer_gss_setup_ctx(int, struct int mm_answer_gss_accept_ctx(int, struct sshbuf *); int mm_answer_gss_userok(int, struct sshbuf *); int mm_answer_gss_checkmic(int, struct sshbuf *); @@ -1842,7 +1826,7 @@ Index: openssh-7.8p1/monitor.c #endif #ifdef SSH_AUDIT_EVENTS -@@ -213,6 +215,7 @@ struct mon_table mon_dispatch_proto20[] +@@ -215,6 +217,7 @@ struct mon_table mon_dispatch_proto20[] {MONITOR_REQ_GSSSTEP, 0, mm_answer_gss_accept_ctx}, {MONITOR_REQ_GSSUSEROK, MON_ONCE|MON_AUTHDECIDE, mm_answer_gss_userok}, {MONITOR_REQ_GSSCHECKMIC, MON_ONCE, mm_answer_gss_checkmic}, @@ -1850,7 +1834,7 @@ Index: openssh-7.8p1/monitor.c #endif {0, 0, NULL} }; -@@ -229,6 +232,12 @@ struct mon_table mon_dispatch_postauth20 +@@ -231,6 +234,12 @@ struct mon_table mon_dispatch_postauth20 {MONITOR_REQ_AUDIT_EVENT, MON_PERMIT, mm_answer_audit_event}, {MONITOR_REQ_AUDIT_COMMAND, MON_PERMIT, mm_answer_audit_command}, #endif @@ -1863,7 +1847,7 @@ Index: openssh-7.8p1/monitor.c {0, 0, NULL} }; -@@ -287,7 +296,10 @@ monitor_child_preauth(Authctxt *_authctx +@@ -289,7 +298,10 @@ monitor_child_preauth(Authctxt *_authctx /* Permit requests for moduli and signatures */ monitor_permit(mon_dispatch, MONITOR_REQ_MODULI, 1); monitor_permit(mon_dispatch, MONITOR_REQ_SIGN, 1); @@ -1875,7 +1859,7 @@ Index: openssh-7.8p1/monitor.c /* The first few requests do not require asynchronous access */ while (!authenticated) { partial = 0; -@@ -399,6 +411,10 @@ monitor_child_postauth(struct monitor *p +@@ -401,6 +413,10 @@ monitor_child_postauth(struct monitor *p monitor_permit(mon_dispatch, MONITOR_REQ_MODULI, 1); monitor_permit(mon_dispatch, MONITOR_REQ_SIGN, 1); monitor_permit(mon_dispatch, MONITOR_REQ_TERM, 1); @@ -1886,7 +1870,7 @@ Index: openssh-7.8p1/monitor.c if (auth_opts->permit_pty_flag) { monitor_permit(mon_dispatch, MONITOR_REQ_PTY, 1); -@@ -605,7 +621,7 @@ mm_answer_moduli(int sock, struct sshbuf +@@ -609,7 +625,7 @@ mm_answer_moduli(int sock, struct sshbuf int mm_answer_sign(int sock, struct sshbuf *m) { @@ -1895,7 +1879,7 @@ Index: openssh-7.8p1/monitor.c extern int auth_sock; /* XXX move to state struct? */ struct sshkey *key; struct sshbuf *sigbuf = NULL; -@@ -1643,7 +1659,7 @@ monitor_apply_keystate(struct monitor *p +@@ -1647,7 +1663,7 @@ monitor_apply_keystate(struct monitor *p debug3("%s: packet_set_state", __func__); if ((r = ssh_packet_set_state(ssh, child_state)) != 0) @@ -1904,7 +1888,7 @@ Index: openssh-7.8p1/monitor.c sshbuf_free(child_state); child_state = NULL; -@@ -1662,6 +1678,13 @@ monitor_apply_keystate(struct monitor *p +@@ -1666,6 +1682,13 @@ monitor_apply_keystate(struct monitor *p # endif #endif /* WITH_OPENSSL */ kex->kex[KEX_C25519_SHA256] = kexc25519_server; @@ -1918,7 +1902,7 @@ Index: openssh-7.8p1/monitor.c kex->load_host_public_key=&get_hostkey_public_by_type; kex->load_host_private_key=&get_hostkey_private_by_type; kex->host_key_index=&get_hostkey_index; -@@ -1752,8 +1775,8 @@ mm_answer_gss_setup_ctx(int sock, struct +@@ -1756,8 +1779,8 @@ mm_answer_gss_setup_ctx(int sock, struct u_char *p; int r; @@ -1929,7 +1913,7 @@ Index: openssh-7.8p1/monitor.c if ((r = sshbuf_get_string(m, &p, &len)) != 0) fatal("%s: buffer error: %s", __func__, ssh_err(r)); -@@ -1785,7 +1808,7 @@ mm_answer_gss_accept_ctx(int sock, struc +@@ -1789,7 +1812,7 @@ mm_answer_gss_accept_ctx(int sock, struc OM_uint32 flags = 0; /* GSI needs this */ int r; @@ -1938,7 +1922,7 @@ Index: openssh-7.8p1/monitor.c fatal("%s: GSSAPI authentication not enabled", __func__); if ((r = ssh_gssapi_get_buffer_desc(m, &in)) != 0) -@@ -1806,6 +1829,7 @@ mm_answer_gss_accept_ctx(int sock, struc +@@ -1810,6 +1833,7 @@ mm_answer_gss_accept_ctx(int sock, struc monitor_permit(mon_dispatch, MONITOR_REQ_GSSSTEP, 0); monitor_permit(mon_dispatch, MONITOR_REQ_GSSUSEROK, 1); monitor_permit(mon_dispatch, MONITOR_REQ_GSSCHECKMIC, 1); @@ -1946,7 +1930,7 @@ Index: openssh-7.8p1/monitor.c } return (0); } -@@ -1817,7 +1841,7 @@ mm_answer_gss_checkmic(int sock, struct +@@ -1821,7 +1845,7 @@ mm_answer_gss_checkmic(int sock, struct OM_uint32 ret; int r; @@ -1955,7 +1939,7 @@ Index: openssh-7.8p1/monitor.c fatal("%s: GSSAPI authentication not enabled", __func__); if ((r = ssh_gssapi_get_buffer_desc(m, &gssbuf)) != 0 || -@@ -1847,10 +1871,11 @@ mm_answer_gss_userok(int sock, struct ss +@@ -1851,10 +1875,11 @@ mm_answer_gss_userok(int sock, struct ss int r, authenticated; const char *displayname; @@ -1969,7 +1953,7 @@ Index: openssh-7.8p1/monitor.c sshbuf_reset(m); if ((r = sshbuf_put_u32(m, authenticated)) != 0) -@@ -1867,5 +1892,73 @@ mm_answer_gss_userok(int sock, struct ss +@@ -1871,5 +1896,73 @@ mm_answer_gss_userok(int sock, struct ss /* Monitor loop will terminate if authenticated */ return (authenticated); } @@ -2044,10 +2028,10 @@ Index: openssh-7.8p1/monitor.c +} + +#endif /* GSSAPI */ -Index: openssh-7.8p1/monitor.h +Index: openssh-7.9p1/monitor.h =================================================================== ---- openssh-7.8p1.orig/monitor.h -+++ openssh-7.8p1/monitor.h +--- openssh-7.9p1.orig/monitor.h ++++ openssh-7.9p1/monitor.h @@ -63,6 +63,9 @@ enum monitor_reqtype { MONITOR_REQ_PAM_FREE_CTX = 110, MONITOR_ANS_PAM_FREE_CTX = 111, MONITOR_REQ_AUDIT_EVENT = 112, MONITOR_REQ_AUDIT_COMMAND = 113, @@ -2058,10 +2042,10 @@ Index: openssh-7.8p1/monitor.h }; struct monitor { -Index: openssh-7.8p1/monitor_wrap.c +Index: openssh-7.9p1/monitor_wrap.c =================================================================== ---- openssh-7.8p1.orig/monitor_wrap.c -+++ openssh-7.8p1/monitor_wrap.c +--- openssh-7.9p1.orig/monitor_wrap.c ++++ openssh-7.9p1/monitor_wrap.c @@ -984,7 +984,7 @@ mm_ssh_gssapi_checkmic(Gssctxt *ctx, gss } @@ -2124,10 +2108,10 @@ Index: openssh-7.8p1/monitor_wrap.c + return (ok); +} #endif /* GSSAPI */ -Index: openssh-7.8p1/monitor_wrap.h +Index: openssh-7.9p1/monitor_wrap.h =================================================================== ---- openssh-7.8p1.orig/monitor_wrap.h -+++ openssh-7.8p1/monitor_wrap.h +--- openssh-7.9p1.orig/monitor_wrap.h ++++ openssh-7.9p1/monitor_wrap.h @@ -60,8 +60,10 @@ int mm_sshkey_verify(const struct sshkey OM_uint32 mm_ssh_gssapi_server_ctx(Gssctxt **, gss_OID); OM_uint32 mm_ssh_gssapi_accept_ctx(Gssctxt *, @@ -2140,10 +2124,10 @@ Index: openssh-7.8p1/monitor_wrap.h #endif #ifdef USE_PAM -Index: openssh-7.8p1/readconf.c +Index: openssh-7.9p1/readconf.c =================================================================== ---- openssh-7.8p1.orig/readconf.c -+++ openssh-7.8p1/readconf.c +--- openssh-7.9p1.orig/readconf.c ++++ openssh-7.9p1/readconf.c @@ -163,6 +163,8 @@ typedef enum { oClearAllForwardings, oNoHostAuthenticationForLocalhost, oEnableSSHKeysign, oRekeyLimit, oVerifyHostKeyDNS, oConnectTimeout, @@ -2174,7 +2158,7 @@ Index: openssh-7.8p1/readconf.c #endif #ifdef ENABLE_PKCS11 { "smartcarddevice", oPKCS11Provider }, -@@ -979,10 +991,30 @@ parse_time: +@@ -980,10 +992,30 @@ parse_time: intptr = &options->gss_authentication; goto parse_flag; @@ -2205,7 +2189,7 @@ Index: openssh-7.8p1/readconf.c case oBatchMode: intptr = &options->batch_mode; goto parse_flag; -@@ -1844,7 +1876,12 @@ initialize_options(Options * options) +@@ -1869,7 +1901,12 @@ initialize_options(Options * options) options->pubkey_authentication = -1; options->challenge_response_authentication = -1; options->gss_authentication = -1; @@ -2218,7 +2202,7 @@ Index: openssh-7.8p1/readconf.c options->password_authentication = -1; options->kbd_interactive_authentication = -1; options->kbd_interactive_devices = NULL; -@@ -1990,8 +2027,14 @@ fill_default_options(Options * options) +@@ -2016,8 +2053,14 @@ fill_default_options(Options * options) options->challenge_response_authentication = 1; if (options->gss_authentication == -1) options->gss_authentication = 0; @@ -2233,10 +2217,10 @@ Index: openssh-7.8p1/readconf.c if (options->password_authentication == -1) options->password_authentication = 1; if (options->kbd_interactive_authentication == -1) -Index: openssh-7.8p1/readconf.h +Index: openssh-7.9p1/readconf.h =================================================================== ---- openssh-7.8p1.orig/readconf.h -+++ openssh-7.8p1/readconf.h +--- openssh-7.9p1.orig/readconf.h ++++ openssh-7.9p1/readconf.h @@ -40,7 +40,12 @@ typedef struct { int challenge_response_authentication; /* Try S/Key or TIS, authentication. */ @@ -2250,10 +2234,10 @@ Index: openssh-7.8p1/readconf.h int password_authentication; /* Try password * authentication. */ int kbd_interactive_authentication; /* Try keyboard-interactive auth. */ -Index: openssh-7.8p1/regress/cert-hostkey.sh +Index: openssh-7.9p1/regress/cert-hostkey.sh =================================================================== ---- openssh-7.8p1.orig/regress/cert-hostkey.sh -+++ openssh-7.8p1/regress/cert-hostkey.sh +--- openssh-7.9p1.orig/regress/cert-hostkey.sh ++++ openssh-7.9p1/regress/cert-hostkey.sh @@ -66,7 +66,7 @@ touch $OBJ/host_revoked_plain touch $OBJ/host_revoked_cert cat $OBJ/host_ca_key.pub $OBJ/host_ca_key2.pub > $OBJ/host_revoked_ca @@ -2263,10 +2247,10 @@ Index: openssh-7.8p1/regress/cert-hostkey.sh if echo "$PLAIN_TYPES" | grep '^rsa$' >/dev/null 2>&1 ; then PLAIN_TYPES="$PLAIN_TYPES rsa-sha2-256 rsa-sha2-512" -Index: openssh-7.8p1/regress/cert-userkey.sh +Index: openssh-7.9p1/regress/cert-userkey.sh =================================================================== ---- openssh-7.8p1.orig/regress/cert-userkey.sh -+++ openssh-7.8p1/regress/cert-userkey.sh +--- openssh-7.9p1.orig/regress/cert-userkey.sh ++++ openssh-7.9p1/regress/cert-userkey.sh @@ -7,7 +7,7 @@ rm -f $OBJ/authorized_keys_$USER $OBJ/us cp $OBJ/sshd_proxy $OBJ/sshd_proxy_bak cp $OBJ/ssh_proxy $OBJ/ssh_proxy_bak @@ -2276,10 +2260,10 @@ Index: openssh-7.8p1/regress/cert-userkey.sh EXTRA_TYPES="" if echo "$PLAIN_TYPES" | grep '^rsa$' >/dev/null 2>&1 ; then -Index: openssh-7.8p1/regress/kextype.sh +Index: openssh-7.9p1/regress/kextype.sh =================================================================== ---- openssh-7.8p1.orig/regress/kextype.sh -+++ openssh-7.8p1/regress/kextype.sh +--- openssh-7.9p1.orig/regress/kextype.sh ++++ openssh-7.9p1/regress/kextype.sh @@ -14,6 +14,9 @@ echo "KexAlgorithms=$KEXOPT" >> $OBJ/ssh tries="1 2 3 4" @@ -2290,10 +2274,10 @@ Index: openssh-7.8p1/regress/kextype.sh verbose "kex $k" for i in $tries; do ${SSH} -F $OBJ/ssh_proxy -o KexAlgorithms=$k x true -Index: openssh-7.8p1/regress/rekey.sh +Index: openssh-7.9p1/regress/rekey.sh =================================================================== ---- openssh-7.8p1.orig/regress/rekey.sh -+++ openssh-7.8p1/regress/rekey.sh +--- openssh-7.9p1.orig/regress/rekey.sh ++++ openssh-7.9p1/regress/rekey.sh @@ -38,6 +38,9 @@ increase_datafile_size 300 opts="" @@ -2314,10 +2298,10 @@ Index: openssh-7.8p1/regress/rekey.sh verbose "client rekey $c $kex" ssh_data_rekeying "KexAlgorithms=$kex" -oRekeyLimit=256k -oCiphers=$c done -Index: openssh-7.8p1/servconf.c +Index: openssh-7.9p1/servconf.c =================================================================== ---- openssh-7.8p1.orig/servconf.c -+++ openssh-7.8p1/servconf.c +--- openssh-7.9p1.orig/servconf.c ++++ openssh-7.9p1/servconf.c @@ -130,8 +130,10 @@ initialize_server_options(ServerOptions options->kerberos_ticket_cleanup = -1; options->kerberos_get_afs_token = -1; @@ -2329,7 +2313,7 @@ Index: openssh-7.8p1/servconf.c options->password_authentication = -1; options->kbd_interactive_authentication = -1; options->challenge_response_authentication = -1; -@@ -369,10 +371,14 @@ fill_default_server_options(ServerOption +@@ -373,10 +375,14 @@ fill_default_server_options(ServerOption options->kerberos_get_afs_token = 0; if (options->gss_authentication == -1) options->gss_authentication = 0; @@ -2344,7 +2328,7 @@ Index: openssh-7.8p1/servconf.c if (options->password_authentication == -1) options->password_authentication = 1; if (options->kbd_interactive_authentication == -1) -@@ -519,6 +525,7 @@ typedef enum { +@@ -523,6 +529,7 @@ typedef enum { sHostKeyAlgorithms, sClientAliveInterval, sClientAliveCountMax, sAuthorizedKeysFile, sGssAuthentication, sGssCleanupCreds, sGssStrictAcceptor, @@ -2352,7 +2336,7 @@ Index: openssh-7.8p1/servconf.c sAcceptEnv, sSetEnv, sPermitTunnel, sMatch, sPermitOpen, sPermitListen, sForceCommand, sChrootDirectory, sUsePrivilegeSeparation, sAllowAgentForwarding, -@@ -596,11 +603,17 @@ static struct { +@@ -600,11 +607,17 @@ static struct { { "gssapiauthentication", sGssAuthentication, SSHCFG_ALL }, { "gssapicleanupcredentials", sGssCleanupCreds, SSHCFG_GLOBAL }, { "gssapistrictacceptorcheck", sGssStrictAcceptor, SSHCFG_GLOBAL }, @@ -2370,7 +2354,7 @@ Index: openssh-7.8p1/servconf.c { "passwordauthentication", sPasswordAuthentication, SSHCFG_ALL }, { "kbdinteractiveauthentication", sKbdInteractiveAuthentication, SSHCFG_ALL }, { "challengeresponseauthentication", sChallengeResponseAuthentication, SSHCFG_GLOBAL }, -@@ -1503,6 +1516,10 @@ process_server_config_line(ServerOptions +@@ -1512,6 +1525,10 @@ process_server_config_line(ServerOptions intptr = &options->gss_authentication; goto parse_flag; @@ -2381,7 +2365,7 @@ Index: openssh-7.8p1/servconf.c case sGssCleanupCreds: intptr = &options->gss_cleanup_creds; goto parse_flag; -@@ -1511,6 +1528,10 @@ process_server_config_line(ServerOptions +@@ -1520,6 +1537,10 @@ process_server_config_line(ServerOptions intptr = &options->gss_strict_acceptor; goto parse_flag; @@ -2392,7 +2376,7 @@ Index: openssh-7.8p1/servconf.c case sPasswordAuthentication: intptr = &options->password_authentication; goto parse_flag; -@@ -2304,6 +2325,10 @@ copy_set_server_options(ServerOptions *d +@@ -2313,6 +2334,10 @@ copy_set_server_options(ServerOptions *d M_CP_INTOPT(password_authentication); M_CP_INTOPT(gss_authentication); @@ -2403,7 +2387,7 @@ Index: openssh-7.8p1/servconf.c M_CP_INTOPT(pubkey_authentication); M_CP_INTOPT(kerberos_authentication); M_CP_INTOPT(hostbased_authentication); -@@ -2600,7 +2625,10 @@ dump_config(ServerOptions *o) +@@ -2609,7 +2634,10 @@ dump_config(ServerOptions *o) #endif #ifdef GSSAPI dump_cfg_fmtint(sGssAuthentication, o->gss_authentication); @@ -2414,10 +2398,10 @@ Index: openssh-7.8p1/servconf.c #endif dump_cfg_fmtint(sPasswordAuthentication, o->password_authentication); dump_cfg_fmtint(sKbdInteractiveAuthentication, -Index: openssh-7.8p1/servconf.h +Index: openssh-7.9p1/servconf.h =================================================================== ---- openssh-7.8p1.orig/servconf.h -+++ openssh-7.8p1/servconf.h +--- openssh-7.9p1.orig/servconf.h ++++ openssh-7.9p1/servconf.h @@ -16,6 +16,8 @@ #ifndef SERVCONF_H #define SERVCONF_H @@ -2427,7 +2411,7 @@ Index: openssh-7.8p1/servconf.h #define MAX_PORTS 256 /* Max # ports. */ #define MAX_SUBSYSTEMS 256 /* Max # subsystems. */ -@@ -125,8 +127,10 @@ typedef struct { +@@ -126,8 +128,10 @@ typedef struct { int kerberos_get_afs_token; /* If true, try to get AFS token if * authenticated with Kerberos. */ int gss_authentication; /* If true, permit GSSAPI authentication */ @@ -2438,10 +2422,10 @@ Index: openssh-7.8p1/servconf.h int password_authentication; /* If true, permit password * authentication. */ int kbd_interactive_authentication; /* If true, permit */ -Index: openssh-7.8p1/ssh-gss.h +Index: openssh-7.9p1/ssh-gss.h =================================================================== ---- openssh-7.8p1.orig/ssh-gss.h -+++ openssh-7.8p1/ssh-gss.h +--- openssh-7.9p1.orig/ssh-gss.h ++++ openssh-7.9p1/ssh-gss.h @@ -61,10 +61,22 @@ #define SSH_GSS_OIDTYPE 0x06 @@ -2532,10 +2516,10 @@ Index: openssh-7.8p1/ssh-gss.h #endif /* GSSAPI */ #endif /* _SSH_GSS_H */ -Index: openssh-7.8p1/ssh_config +Index: openssh-7.9p1/ssh_config =================================================================== ---- openssh-7.8p1.orig/ssh_config -+++ openssh-7.8p1/ssh_config +--- openssh-7.9p1.orig/ssh_config ++++ openssh-7.9p1/ssh_config @@ -45,6 +45,8 @@ Host * # HostbasedAuthentication no # GSSAPIAuthentication no @@ -2545,11 +2529,11 @@ Index: openssh-7.8p1/ssh_config # BatchMode no # CheckHostIP yes # AddressFamily any -Index: openssh-7.8p1/ssh_config.0 +Index: openssh-7.9p1/ssh_config.0 =================================================================== ---- openssh-7.8p1.orig/ssh_config.0 -+++ openssh-7.8p1/ssh_config.0 -@@ -410,9 +410,40 @@ DESCRIPTION +--- openssh-7.9p1.orig/ssh_config.0 ++++ openssh-7.9p1/ssh_config.0 +@@ -422,9 +422,40 @@ DESCRIPTION Specifies whether user authentication based on GSSAPI is allowed. The default is no. @@ -2590,11 +2574,11 @@ Index: openssh-7.8p1/ssh_config.0 HashKnownHosts Indicates that ssh(1) should hash host names and addresses when they are added to ~/.ssh/known_hosts. These hashed names may be -Index: openssh-7.8p1/ssh_config.5 +Index: openssh-7.9p1/ssh_config.5 =================================================================== ---- openssh-7.8p1.orig/ssh_config.5 -+++ openssh-7.8p1/ssh_config.5 -@@ -720,10 +720,40 @@ The default is +--- openssh-7.9p1.orig/ssh_config.5 ++++ openssh-7.9p1/ssh_config.5 +@@ -738,10 +738,40 @@ The default is Specifies whether user authentication based on GSSAPI is allowed. The default is .Cm no . @@ -2635,10 +2619,10 @@ Index: openssh-7.8p1/ssh_config.5 .It Cm HashKnownHosts Indicates that .Xr ssh 1 -Index: openssh-7.8p1/sshconnect2.c +Index: openssh-7.9p1/sshconnect2.c =================================================================== ---- openssh-7.8p1.orig/sshconnect2.c -+++ openssh-7.8p1/sshconnect2.c +--- openssh-7.9p1.orig/sshconnect2.c ++++ openssh-7.9p1/sshconnect2.c @@ -82,6 +82,124 @@ extern char *client_version_string; extern char *server_version_string; extern Options options; @@ -2871,7 +2855,7 @@ Index: openssh-7.8p1/sshconnect2.c {"gssapi-with-mic", userauth_gssapi, NULL, -@@ -657,19 +840,31 @@ userauth_gssapi(Authctxt *authctxt) +@@ -686,19 +869,31 @@ userauth_gssapi(Authctxt *authctxt) static u_int mech = 0; OM_uint32 min; int r, ok = 0; @@ -2905,7 +2889,7 @@ Index: openssh-7.8p1/sshconnect2.c ok = 1; /* Mechanism works */ } else { mech++; -@@ -906,6 +1101,51 @@ input_gssapi_error(int type, u_int32_t p +@@ -935,6 +1130,51 @@ input_gssapi_error(int type, u_int32_t p free(lang); return r; } @@ -2957,7 +2941,7 @@ Index: openssh-7.8p1/sshconnect2.c #endif /* GSSAPI */ int -@@ -1443,8 +1683,8 @@ key_type_allowed_by_config(struct sshkey +@@ -1473,8 +1713,8 @@ key_type_allowed_by_config(struct sshkey /* * try keys in the following order: @@ -2968,10 +2952,10 @@ Index: openssh-7.8p1/sshconnect2.c * 3. agent keys that are found in the config file * 4. other agent keys * 5. keys that are only listed in the config file -Index: openssh-7.8p1/sshd.c +Index: openssh-7.9p1/sshd.c =================================================================== ---- openssh-7.8p1.orig/sshd.c -+++ openssh-7.8p1/sshd.c +--- openssh-7.9p1.orig/sshd.c ++++ openssh-7.9p1/sshd.c @@ -131,6 +131,10 @@ #include "fips.h" @@ -2983,16 +2967,17 @@ Index: openssh-7.8p1/sshd.c /* Re-exec fds */ #define REEXEC_DEVCRYPTO_RESERVED_FD (STDERR_FILENO + 1) #define REEXEC_STARTUP_PIPE_FD (STDERR_FILENO + 2) -@@ -555,7 +559,7 @@ privsep_preauth_child(void) +@@ -555,7 +559,8 @@ privsep_preauth_child(void) #ifdef GSSAPI /* Cache supported mechanism OIDs for later use */ -- if (options.gss_authentication) +- ssh_gssapi_prepare_supported_oids(); + if (options.gss_authentication || options.gss_keyex) - ssh_gssapi_prepare_supported_oids(); ++ ssh_gssapi_prepare_supported_oids(); #endif -@@ -898,8 +902,9 @@ notify_hostkeys(struct ssh *ssh) + reseed_prngs(); +@@ -897,8 +902,9 @@ notify_hostkeys(struct ssh *ssh) } debug3("%s: sent %u hostkeys", __func__, nkeys); if (nkeys == 0) @@ -3004,7 +2989,7 @@ Index: openssh-7.8p1/sshd.c sshbuf_free(buf); } -@@ -1838,7 +1843,12 @@ main(int ac, char **av) +@@ -1837,7 +1843,12 @@ main(int ac, char **av) free(fp); } accumulate_host_timing_secret(cfg, NULL); @@ -3017,7 +3002,7 @@ Index: openssh-7.8p1/sshd.c logit("sshd: no hostkeys available -- exiting."); exit(1); } -@@ -2016,6 +2026,60 @@ main(int ac, char **av) +@@ -2015,6 +2026,60 @@ main(int ac, char **av) /* This is the child processing a new connection. */ setproctitle("%s", "[accepted]"); @@ -3078,7 +3063,7 @@ Index: openssh-7.8p1/sshd.c /* * Create a new session and process group since the 4.4BSD * setlogin() affects the entire process group. We don't -@@ -2137,6 +2201,60 @@ main(int ac, char **av) +@@ -2136,6 +2201,60 @@ main(int ac, char **av) rdomain == NULL ? "" : "\""); free(laddr); @@ -3139,7 +3124,7 @@ Index: openssh-7.8p1/sshd.c /* * We don't want to listen forever unless the other side * successfully authenticates itself. So we set up an alarm which is -@@ -2320,6 +2438,48 @@ do_ssh2_kex(void) +@@ -2319,6 +2438,48 @@ do_ssh2_kex(void) myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = compat_pkalg_proposal( list_hostkey_types()); @@ -3188,7 +3173,7 @@ Index: openssh-7.8p1/sshd.c /* start key exchange */ if ((r = kex_setup(active_state, myproposal)) != 0) fatal("kex_setup: %s", ssh_err(r)); -@@ -2337,6 +2497,13 @@ do_ssh2_kex(void) +@@ -2336,6 +2497,13 @@ do_ssh2_kex(void) # endif #endif kex->kex[KEX_C25519_SHA256] = kexc25519_server; @@ -3202,10 +3187,10 @@ Index: openssh-7.8p1/sshd.c kex->server = 1; kex->client_version_string=client_version_string; kex->server_version_string=server_version_string; -Index: openssh-7.8p1/sshd_config +Index: openssh-7.9p1/sshd_config =================================================================== ---- openssh-7.8p1.orig/sshd_config -+++ openssh-7.8p1/sshd_config +--- openssh-7.9p1.orig/sshd_config ++++ openssh-7.9p1/sshd_config @@ -76,6 +76,8 @@ AuthorizedKeysFile .ssh/authorized_keys # GSSAPI options #GSSAPIAuthentication no @@ -3215,11 +3200,11 @@ Index: openssh-7.8p1/sshd_config # Set this to 'yes' to enable PAM authentication, account processing, # and session processing. If this is enabled, PAM authentication will -Index: openssh-7.8p1/sshd_config.5 +Index: openssh-7.9p1/sshd_config.5 =================================================================== ---- openssh-7.8p1.orig/sshd_config.5 -+++ openssh-7.8p1/sshd_config.5 -@@ -644,6 +644,11 @@ Specifies whether to automatically destr +--- openssh-7.9p1.orig/sshd_config.5 ++++ openssh-7.9p1/sshd_config.5 +@@ -655,6 +655,11 @@ Specifies whether to automatically destr on logout. The default is .Cm yes . @@ -3231,7 +3216,7 @@ Index: openssh-7.8p1/sshd_config.5 .It Cm GSSAPIStrictAcceptorCheck Determines whether to be strict about the identity of the GSSAPI acceptor a client authenticates against. -@@ -658,6 +663,11 @@ machine's default store. +@@ -669,6 +674,11 @@ machine's default store. This facility is provided to assist with operation on multi homed machines. The default is .Cm yes . @@ -3243,7 +3228,7 @@ Index: openssh-7.8p1/sshd_config.5 .It Cm HostbasedAcceptedKeyTypes Specifies the key types that will be accepted for hostbased authentication as a list of comma-separated patterns. -@@ -1632,16 +1642,16 @@ as a non-root user. +@@ -1643,16 +1653,16 @@ as a non-root user. The default is .Cm no . .It Cm UsePAMCheckLocks @@ -3263,11 +3248,11 @@ Index: openssh-7.8p1/sshd_config.5 .Dq no . .It Cm VersionAddendum Optionally specifies additional text to append to the SSH protocol banner -Index: openssh-7.8p1/sshkey.c +Index: openssh-7.9p1/sshkey.c =================================================================== ---- openssh-7.8p1.orig/sshkey.c -+++ openssh-7.8p1/sshkey.c -@@ -140,6 +140,7 @@ static const struct keytype keytypes[] = +--- openssh-7.9p1.orig/sshkey.c ++++ openssh-7.9p1/sshkey.c +@@ -135,6 +135,7 @@ static const struct keytype keytypes[] = # endif /* OPENSSL_HAS_NISTP521 */ # endif /* OPENSSL_HAS_ECC */ #endif /* WITH_OPENSSL */ @@ -3275,11 +3260,11 @@ Index: openssh-7.8p1/sshkey.c { NULL, NULL, NULL, -1, -1, 0, 0 } }; -Index: openssh-7.8p1/sshkey.h +Index: openssh-7.9p1/sshkey.h =================================================================== ---- openssh-7.8p1.orig/sshkey.h -+++ openssh-7.8p1/sshkey.h -@@ -63,6 +63,7 @@ enum sshkey_types { +--- openssh-7.9p1.orig/sshkey.h ++++ openssh-7.9p1/sshkey.h +@@ -64,6 +64,7 @@ enum sshkey_types { KEY_ED25519_CERT, KEY_XMSS, KEY_XMSS_CERT, @@ -3287,11 +3272,11 @@ Index: openssh-7.8p1/sshkey.h KEY_UNSPEC }; -Index: openssh-7.8p1/sshd_config.0 +Index: openssh-7.9p1/sshd_config.0 =================================================================== ---- openssh-7.8p1.orig/sshd_config.0 -+++ openssh-7.8p1/sshd_config.0 -@@ -370,6 +370,12 @@ DESCRIPTION +--- openssh-7.9p1.orig/sshd_config.0 ++++ openssh-7.9p1/sshd_config.0 +@@ -380,6 +380,12 @@ DESCRIPTION Specifies whether user authentication based on GSSAPI is allowed. The default is no. @@ -3304,7 +3289,7 @@ Index: openssh-7.8p1/sshd_config.0 GSSAPICleanupCredentials Specifies whether to automatically destroy the user's credentials cache on logout. The default is yes. -@@ -383,6 +388,12 @@ DESCRIPTION +@@ -393,6 +399,12 @@ DESCRIPTION facility is provided to assist with operation on multi homed machines. The default is yes. diff --git a/openssh-7.7p1-openssl_1.1.0.patch b/openssh-7.7p1-openssl_1.1.0.patch deleted file mode 100644 index 4cedd9a..0000000 --- a/openssh-7.7p1-openssl_1.1.0.patch +++ /dev/null @@ -1,3102 +0,0 @@ -# HG changeset patch -# Parent 6e5e3cb13cb379ca302c54a1f21156364781f8b6 -OpenSSL 1.1.0 API shims and crutches -modified from RH patch - -Index: openssh-7.8p1/Makefile.in -=================================================================== ---- openssh-7.8p1.orig/Makefile.in -+++ openssh-7.8p1/Makefile.in -@@ -112,6 +112,8 @@ LIBSSH_OBJS += kexgssc.o kexgsss.o - - LIBSSH_OBJS += auditstub.o - -+LIBSSH_OBJS += libcrypto-compat.o -+ - SSHOBJS= ssh.o readconf.o clientloop.o sshtty.o \ - sshconnect.o sshconnect2.o mux.o - -Index: openssh-7.8p1/auth-pam.c -=================================================================== ---- openssh-7.8p1.orig/auth-pam.c -+++ openssh-7.8p1/auth-pam.c -@@ -128,6 +128,10 @@ extern u_int utmp_len; - typedef pthread_t sp_pthread_t; - #else - typedef pid_t sp_pthread_t; -+# define pthread_create(a, b, c, d) _ssh_compat_pthread_create(a, b, c, d) -+# define pthread_exit(a) _ssh_compat_pthread_exit(a) -+# define pthread_cancel(a) _ssh_compat_pthread_cancel(a) -+# define pthread_join(a, b) _ssh_compat_pthread_join(a, b) - #endif - - struct pam_ctxt { -Index: openssh-7.8p1/cavstest-ctr.c -=================================================================== ---- openssh-7.8p1.orig/cavstest-ctr.c -+++ openssh-7.8p1/cavstest-ctr.c -@@ -150,7 +150,7 @@ main(int argc, char *argv[]) - usage(); - } - -- SSLeay_add_all_algorithms(); -+ OpenSSL_add_all_algorithms(); - - c = cipher_by_name(algo); - if (c == NULL) { -Index: openssh-7.8p1/cipher.c -=================================================================== ---- openssh-7.8p1.orig/cipher.c -+++ openssh-7.8p1/cipher.c -@@ -299,7 +299,7 @@ cipher_init(struct sshcipher_ctx **ccp, - ret = SSH_ERR_ALLOC_FAIL; - goto out; - } -- if (EVP_CipherInit(cc->evp, type, NULL, (u_char *)iv, -+ if (EVP_CipherInit(cc->evp, type, (u_char *)key, (u_char *)iv, - (do_encrypt == CIPHER_ENCRYPT)) == 0) { - ret = SSH_ERR_LIBCRYPTO_ERROR; - goto out; -@@ -317,10 +317,6 @@ cipher_init(struct sshcipher_ctx **ccp, - goto out; - } - } -- if (EVP_CipherInit(cc->evp, NULL, (u_char *)key, NULL, -1) == 0) { -- ret = SSH_ERR_LIBCRYPTO_ERROR; -- goto out; -- } - ret = 0; - #endif /* WITH_OPENSSL */ - out: -@@ -503,7 +499,7 @@ cipher_get_keyiv(struct sshcipher_ctx *c - len, iv)) - return SSH_ERR_LIBCRYPTO_ERROR; - } else -- memcpy(iv, cc->evp->iv, len); -+ memcpy(iv, EVP_CIPHER_CTX_iv(cc->evp), len); - #endif - return 0; - } -@@ -537,14 +533,14 @@ cipher_set_keyiv(struct sshcipher_ctx *c - EVP_CTRL_GCM_SET_IV_FIXED, -1, (void *)iv)) - return SSH_ERR_LIBCRYPTO_ERROR; - } else -- memcpy(cc->evp->iv, iv, evplen); -+ memcpy(EVP_CIPHER_CTX_iv_noconst(cc->evp), iv, evplen); - #endif - return 0; - } - - #ifdef WITH_OPENSSL --#define EVP_X_STATE(evp) (evp)->cipher_data --#define EVP_X_STATE_LEN(evp) (evp)->cipher->ctx_size -+#define EVP_X_STATE(evp) EVP_CIPHER_CTX_get_cipher_data(evp) -+#define EVP_X_STATE_LEN(evp) EVP_CIPHER_impl_ctx_size(EVP_CIPHER_CTX_cipher(evp)) - #endif - - int -Index: openssh-7.8p1/configure.ac -=================================================================== ---- openssh-7.8p1.orig/configure.ac -+++ openssh-7.8p1/configure.ac -@@ -2626,6 +2626,7 @@ if test "x$openssl" = "xyes" ; then - AC_MSG_ERROR([OpenSSL >= 1.0.1 required (have "$ssl_library_ver")]) - ;; - 100*) ;; # 1.0.x -+ 101*) ;; # 1.1.x is supported by this patch too - 200*) ;; # LibreSSL - *) - AC_MSG_ERROR([OpenSSL >= 1.1.0 is not yet supported (have "$ssl_library_ver")]) -Index: openssh-7.8p1/dh.c -=================================================================== ---- openssh-7.8p1.orig/dh.c -+++ openssh-7.8p1/dh.c -@@ -218,14 +218,15 @@ choose_dh(int min, int wantbits, int max - /* diffie-hellman-groupN-sha1 */ - - int --dh_pub_is_valid(DH *dh, BIGNUM *dh_pub) -+dh_pub_is_valid(const DH *dh, const BIGNUM *dh_pub) - { - int i; - int n = BN_num_bits(dh_pub); - int bits_set = 0; - BIGNUM *tmp; -+ const BIGNUM *p; - -- if (dh_pub->neg) { -+ if (BN_is_negative(dh_pub)) { - logit("invalid public DH value: negative"); - return 0; - } -@@ -238,7 +239,8 @@ dh_pub_is_valid(DH *dh, BIGNUM *dh_pub) - error("%s: BN_new failed", __func__); - return 0; - } -- if (!BN_sub(tmp, dh->p, BN_value_one()) || -+ DH_get0_pqg(dh, &p, NULL, NULL); -+ if (!BN_sub(tmp, p, BN_value_one()) || - BN_cmp(dh_pub, tmp) != -1) { /* pub_exp > p-2 */ - BN_clear_free(tmp); - logit("invalid public DH value: >= p-1"); -@@ -249,14 +251,14 @@ dh_pub_is_valid(DH *dh, BIGNUM *dh_pub) - for (i = 0; i <= n; i++) - if (BN_is_bit_set(dh_pub, i)) - bits_set++; -- debug2("bits set: %d/%d", bits_set, BN_num_bits(dh->p)); -+ debug2("bits set: %d/%d", bits_set, BN_num_bits(p)); - - /* - * if g==2 and bits_set==1 then computing log_g(dh_pub) is trivial - */ - if (bits_set < 4) { - logit("invalid public DH value (%d/%d)", -- bits_set, BN_num_bits(dh->p)); -+ bits_set, BN_num_bits(p)); - return 0; - } - return 1; -@@ -266,9 +268,11 @@ int - dh_gen_key(DH *dh, int need) - { - int pbits; -+ const BIGNUM *p, *pub_key; - -- if (need < 0 || dh->p == NULL || -- (pbits = BN_num_bits(dh->p)) <= 0 || -+ DH_get0_pqg(dh, &p, NULL, NULL); -+ if (need < 0 || p == NULL || -+ (pbits = BN_num_bits(p)) <= 0 || - need > INT_MAX / 2 || 2 * need > pbits) - return SSH_ERR_INVALID_ARGUMENT; - if (need < 256) -@@ -277,11 +281,11 @@ dh_gen_key(DH *dh, int need) - * Pollard Rho, Big step/Little Step attacks are O(sqrt(n)), - * so double requested need here. - */ -- dh->length = MINIMUM(need * 2, pbits - 1); -- if (DH_generate_key(dh) == 0 || -- !dh_pub_is_valid(dh, dh->pub_key)) { -- BN_clear_free(dh->priv_key); -- dh->priv_key = NULL; -+ DH_set_length(dh, MINIMUM(need * 2, pbits - 1)); -+ if (DH_generate_key(dh) == 0) -+ return SSH_ERR_LIBCRYPTO_ERROR; -+ DH_get0_key(dh, &pub_key, NULL); -+ if (!dh_pub_is_valid(dh, pub_key)) { - return SSH_ERR_LIBCRYPTO_ERROR; - } - return 0; -@@ -291,15 +295,22 @@ DH * - dh_new_group_asc(const char *gen, const char *modulus) - { - DH *dh; -+ BIGNUM *p = NULL, *g = NULL; - -- if ((dh = DH_new()) == NULL) -- return NULL; -- if (BN_hex2bn(&dh->p, modulus) == 0 || -- BN_hex2bn(&dh->g, gen) == 0) { -- DH_free(dh); -- return NULL; -- } -+ if ((dh = DH_new()) == NULL || -+ (p = BN_new()) == NULL || -+ (g = BN_new()) == NULL) -+ goto err; -+ if (BN_hex2bn(&p, modulus) == 0 || -+ BN_hex2bn(&g, gen) == 0 || -+ DH_set0_pqg(dh, p, NULL, g) == 0) -+ goto err; - return (dh); -+err: -+ DH_free(dh); -+ BN_free(p); -+ BN_free(g); -+ return NULL; - } - - /* -@@ -314,8 +325,7 @@ dh_new_group(BIGNUM *gen, BIGNUM *modulu - - if ((dh = DH_new()) == NULL) - return NULL; -- dh->p = modulus; -- dh->g = gen; -+ DH_set0_pqg(dh, modulus, NULL, gen); - - return (dh); - } -Index: openssh-7.8p1/dh.h -=================================================================== ---- openssh-7.8p1.orig/dh.h -+++ openssh-7.8p1/dh.h -@@ -42,7 +42,7 @@ DH *dh_new_group18(void); - DH *dh_new_group_fallback(int); - - int dh_gen_key(DH *, int); --int dh_pub_is_valid(DH *, BIGNUM *); -+int dh_pub_is_valid(const DH *, const BIGNUM *); - - u_int dh_estimate(int); - -Index: openssh-7.8p1/digest-openssl.c -=================================================================== ---- openssh-7.8p1.orig/digest-openssl.c -+++ openssh-7.8p1/digest-openssl.c -@@ -43,7 +43,7 @@ - - struct ssh_digest_ctx { - int alg; -- EVP_MD_CTX mdctx; -+ EVP_MD_CTX *mdctx; - }; - - struct ssh_digest { -@@ -106,7 +106,7 @@ ssh_digest_bytes(int alg) - size_t - ssh_digest_blocksize(struct ssh_digest_ctx *ctx) - { -- return EVP_MD_CTX_block_size(&ctx->mdctx); -+ return EVP_MD_CTX_block_size(ctx->mdctx); - } - - struct ssh_digest_ctx * -@@ -118,8 +118,10 @@ ssh_digest_start(int alg) - if (digest == NULL || ((ret = calloc(1, sizeof(*ret))) == NULL)) - return NULL; - ret->alg = alg; -- EVP_MD_CTX_init(&ret->mdctx); -- if (EVP_DigestInit_ex(&ret->mdctx, digest->mdfunc(), NULL) != 1) { -+ ret->mdctx = EVP_MD_CTX_new(); -+ if (ret->mdctx == NULL || -+ EVP_DigestInit_ex(ret->mdctx, digest->mdfunc(), NULL) != 1) { -+ EVP_MD_CTX_free(ret->mdctx); - free(ret); - return NULL; - } -@@ -132,7 +134,7 @@ ssh_digest_copy_state(struct ssh_digest_ - if (from->alg != to->alg) - return SSH_ERR_INVALID_ARGUMENT; - /* we have bcopy-style order while openssl has memcpy-style */ -- if (!EVP_MD_CTX_copy_ex(&to->mdctx, &from->mdctx)) -+ if (!EVP_MD_CTX_copy_ex(to->mdctx, from->mdctx)) - return SSH_ERR_LIBCRYPTO_ERROR; - return 0; - } -@@ -140,7 +142,7 @@ ssh_digest_copy_state(struct ssh_digest_ - int - ssh_digest_update(struct ssh_digest_ctx *ctx, const void *m, size_t mlen) - { -- if (EVP_DigestUpdate(&ctx->mdctx, m, mlen) != 1) -+ if (EVP_DigestUpdate(ctx->mdctx, m, mlen) != 1) - return SSH_ERR_LIBCRYPTO_ERROR; - return 0; - } -@@ -161,7 +163,7 @@ ssh_digest_final(struct ssh_digest_ctx * - return SSH_ERR_INVALID_ARGUMENT; - if (dlen < digest->digest_len) /* No truncation allowed */ - return SSH_ERR_INVALID_ARGUMENT; -- if (EVP_DigestFinal_ex(&ctx->mdctx, d, &l) != 1) -+ if (EVP_DigestFinal_ex(ctx->mdctx, d, &l) != 1) - return SSH_ERR_LIBCRYPTO_ERROR; - if (l != digest->digest_len) /* sanity */ - return SSH_ERR_INTERNAL_ERROR; -@@ -172,7 +174,7 @@ void - ssh_digest_free(struct ssh_digest_ctx *ctx) - { - if (ctx != NULL) { -- EVP_MD_CTX_cleanup(&ctx->mdctx); -+ EVP_MD_CTX_free(ctx->mdctx); - explicit_bzero(ctx, sizeof(*ctx)); - free(ctx); - } -Index: openssh-7.8p1/gss-genr.c -=================================================================== ---- openssh-7.8p1.orig/gss-genr.c -+++ openssh-7.8p1/gss-genr.c -@@ -87,12 +87,12 @@ ssh_gssapi_client_mechanisms(const char - return NULL; - - return(ssh_gssapi_kex_mechs(gss_supported, ssh_gssapi_check_mechanism, -- host, client)); -+ host, client, kex)); - } - - char * - ssh_gssapi_kex_mechs(gss_OID_set gss_supported, ssh_gssapi_check_fn *check, -- const char *host, const char *client) { -+ const char *host, const char *client, const char *kex) { - struct sshbuf *buf; - size_t i; - int oidpos, enclen, r; -@@ -100,7 +100,8 @@ ssh_gssapi_kex_mechs(gss_OID_set gss_sup - u_char digest[EVP_MAX_MD_SIZE]; - char deroid[2]; - const EVP_MD *evp_md = EVP_md5(); -- EVP_MD_CTX md; -+ EVP_MD_CTX *md; -+ char *s, *cp, *p; - - if (gss_enc2oid != NULL) { - for (i = 0; gss_enc2oid[i].encoded != NULL; i++) -@@ -114,7 +115,9 @@ ssh_gssapi_kex_mechs(gss_OID_set gss_sup - if ((buf = sshbuf_new()) == NULL) - fatal("%s: sshbuf_new failed", __func__); - -+ md = EVP_MD_CTX_new(); - oidpos = 0; -+ s = cp = xstrdup(kex); - for (i = 0; i < gss_supported->count; i++) { - if (gss_supported->elements[i].length < 128 && - (*check)(NULL, &(gss_supported->elements[i]), host, client)) { -@@ -122,26 +125,27 @@ ssh_gssapi_kex_mechs(gss_OID_set gss_sup - deroid[0] = SSH_GSS_OIDTYPE; - deroid[1] = gss_supported->elements[i].length; - -- EVP_DigestInit(&md, evp_md); -- EVP_DigestUpdate(&md, deroid, 2); -- EVP_DigestUpdate(&md, -+ EVP_MD_CTX_reset(md); -+ EVP_DigestInit(md, evp_md); -+ EVP_DigestUpdate(md, deroid, 2); -+ EVP_DigestUpdate(md, - gss_supported->elements[i].elements, - gss_supported->elements[i].length); -- EVP_DigestFinal(&md, digest, NULL); -+ EVP_DigestFinal(md, digest, NULL); - - encoded = xmalloc(EVP_MD_size(evp_md) * 2); - enclen = __b64_ntop(digest, EVP_MD_size(evp_md), - encoded, EVP_MD_size(evp_md) * 2); - - cp = strncpy(s, kex, strlen(kex)); -- for ((p = strsep(&cp, ",")); p && *p != '\0'; -+ for ((p = strsep(&cp, ",")); p && *p != '\0'; - (p = strsep(&cp, ","))) { - if (sshbuf_len(buf) != 0) - if ((r = sshbuf_put_u8(buf, ',')) !=0) - fatal("%s: buffer error: %s", - __func__, ssh_err(r)); - if ((r = sshbuf_put(buf, p, strlen(p))) != 0 || -- (r = sshbuf_put(buf, encoded, enclen)) != 0) -+ (r = sshbuf_put(buf, encoded, enclen)) != 0) - fatal("%s: buffer error: %s", - __func__, ssh_err(r)); - } -@@ -151,7 +155,8 @@ ssh_gssapi_kex_mechs(gss_OID_set gss_sup - oidpos++; - } - } -- free(s); -+ free(s); -+ EVP_MD_CTX_free(md); - gss_enc2oid[oidpos].oid = NULL; - gss_enc2oid[oidpos].encoded = NULL; - -Index: openssh-7.8p1/includes.h -=================================================================== ---- openssh-7.8p1.orig/includes.h -+++ openssh-7.8p1/includes.h -@@ -166,6 +166,7 @@ - - #ifdef WITH_OPENSSL - #include /* For OPENSSL_VERSION_NUMBER */ -+#include "libcrypto-compat.h" - #endif - - #include "defines.h" -Index: openssh-7.8p1/kexdhc.c -=================================================================== ---- openssh-7.8p1.orig/kexdhc.c -+++ openssh-7.8p1/kexdhc.c -@@ -56,6 +56,7 @@ kexdh_client(struct ssh *ssh) - { - struct kex *kex = ssh->kex; - int r; -+ const BIGNUM *pub_key; - - /* generate and send 'e', client DH public key */ - switch (kex->kex_type) { -@@ -81,21 +82,27 @@ kexdh_client(struct ssh *ssh) - goto out; - } - debug("sending SSH2_MSG_KEXDH_INIT"); -- if ((r = dh_gen_key(kex->dh, kex->we_need * 8)) != 0 || -- (r = sshpkt_start(ssh, SSH2_MSG_KEXDH_INIT)) != 0 || -- (r = sshpkt_put_bignum2(ssh, kex->dh->pub_key)) != 0 || -+ if ((r = dh_gen_key(kex->dh, kex->we_need * 8)) != 0) -+ goto out; -+ DH_get0_key(kex->dh, &pub_key, NULL); -+ if ((r = sshpkt_start(ssh, SSH2_MSG_KEXDH_INIT)) != 0 || -+ (r = sshpkt_put_bignum2(ssh, pub_key)) != 0 || - (r = sshpkt_send(ssh)) != 0) - goto out; - #ifdef DEBUG_KEXDH - DHparams_print_fp(stderr, kex->dh); - fprintf(stderr, "pub= "); -- BN_print_fp(stderr, kex->dh->pub_key); -+ BN_print_fp(stderr, pub_key); - fprintf(stderr, "\n"); - #endif - debug("expecting SSH2_MSG_KEXDH_REPLY"); - ssh_dispatch_set(ssh, SSH2_MSG_KEXDH_REPLY, &input_kex_dh); - r = 0; - out: -+ if (r != 0) { -+ DH_free(kex->dh); -+ kex->dh = NULL; -+ } - return r; - } - -@@ -109,6 +116,7 @@ input_kex_dh(int type, u_int32_t seq, st - u_char hash[SSH_DIGEST_MAX_LENGTH]; - size_t klen = 0, slen, sbloblen, hashlen; - int kout, r; -+ const BIGNUM *pub_key; - - if (kex->verify_host_key == NULL) { - r = SSH_ERR_INVALID_ARGUMENT; -@@ -168,6 +176,7 @@ input_kex_dh(int type, u_int32_t seq, st - #endif - - /* calc and verify H */ -+ DH_get0_key(kex->dh, &pub_key, NULL); - hashlen = sizeof(hash); - if ((r = kex_dh_hash( - kex->hash_alg, -@@ -176,7 +185,7 @@ input_kex_dh(int type, u_int32_t seq, st - sshbuf_ptr(kex->my), sshbuf_len(kex->my), - sshbuf_ptr(kex->peer), sshbuf_len(kex->peer), - server_host_key_blob, sbloblen, -- kex->dh->pub_key, -+ pub_key, - dh_server_pub, - shared_secret, - hash, &hashlen)) != 0) -Index: openssh-7.8p1/kexdhs.c -=================================================================== ---- openssh-7.8p1.orig/kexdhs.c -+++ openssh-7.8p1/kexdhs.c -@@ -87,6 +87,10 @@ kexdh_server(struct ssh *ssh) - ssh_dispatch_set(ssh, SSH2_MSG_KEXDH_INIT, &input_kex_dh_init); - r = 0; - out: -+ if (r != 0) { -+ DH_free(kex->dh); -+ kex->dh = NULL; -+ } - return r; - } - -@@ -101,6 +105,7 @@ input_kex_dh_init(int type, u_int32_t se - size_t sbloblen, slen; - size_t klen = 0, hashlen; - int kout, r; -+ const BIGNUM *pub_key; - - if (kex->load_host_public_key == NULL || - kex->load_host_private_key == NULL) { -@@ -163,6 +168,7 @@ input_kex_dh_init(int type, u_int32_t se - goto out; - /* calc H */ - hashlen = sizeof(hash); -+ DH_get0_key(kex->dh, &pub_key, NULL); - if ((r = kex_dh_hash( - kex->hash_alg, - kex->client_version_string, -@@ -171,7 +177,7 @@ input_kex_dh_init(int type, u_int32_t se - sshbuf_ptr(kex->my), sshbuf_len(kex->my), - server_host_key_blob, sbloblen, - dh_client_pub, -- kex->dh->pub_key, -+ pub_key, - shared_secret, - hash, &hashlen)) != 0) - goto out; -@@ -197,7 +203,7 @@ input_kex_dh_init(int type, u_int32_t se - /* send server hostkey, DH pubkey 'f' and signed H */ - if ((r = sshpkt_start(ssh, SSH2_MSG_KEXDH_REPLY)) != 0 || - (r = sshpkt_put_string(ssh, server_host_key_blob, sbloblen)) != 0 || -- (r = sshpkt_put_bignum2(ssh, kex->dh->pub_key)) != 0 || /* f */ -+ (r = sshpkt_put_bignum2(ssh, pub_key)) != 0 || /* f */ - (r = sshpkt_put_string(ssh, signature, slen)) != 0 || - (r = sshpkt_send(ssh)) != 0) - goto out; -Index: openssh-7.8p1/kexgexc.c -=================================================================== ---- openssh-7.8p1.orig/kexgexc.c -+++ openssh-7.8p1/kexgexc.c -@@ -96,6 +96,7 @@ input_kex_dh_gex_group(int type, u_int32 - struct kex *kex = ssh->kex; - BIGNUM *p = NULL, *g = NULL; - int r, bits; -+ const BIGNUM *pub_key; - - debug("got SSH2_MSG_KEX_DH_GEX_GROUP"); - -@@ -126,16 +127,18 @@ input_kex_dh_gex_group(int type, u_int32 - p = g = NULL; /* belong to kex->dh now */ - - /* generate and send 'e', client DH public key */ -- if ((r = dh_gen_key(kex->dh, kex->we_need * 8)) != 0 || -- (r = sshpkt_start(ssh, SSH2_MSG_KEX_DH_GEX_INIT)) != 0 || -- (r = sshpkt_put_bignum2(ssh, kex->dh->pub_key)) != 0 || -+ if ((r = dh_gen_key(kex->dh, kex->we_need * 8)) != 0) -+ goto out; -+ DH_get0_key(kex->dh, &pub_key, NULL); -+ if ((r = sshpkt_start(ssh, SSH2_MSG_KEX_DH_GEX_INIT)) != 0 || -+ (r = sshpkt_put_bignum2(ssh, pub_key)) != 0 || - (r = sshpkt_send(ssh)) != 0) - goto out; - debug("SSH2_MSG_KEX_DH_GEX_INIT sent"); - #ifdef DEBUG_KEXDH - DHparams_print_fp(stderr, kex->dh); - fprintf(stderr, "pub= "); -- BN_print_fp(stderr, kex->dh->pub_key); -+ BN_print_fp(stderr, pub_key); - fprintf(stderr, "\n"); - #endif - ssh_dispatch_set(ssh, SSH2_MSG_KEX_DH_GEX_GROUP, NULL); -@@ -144,6 +147,10 @@ input_kex_dh_gex_group(int type, u_int32 - out: - BN_clear_free(p); - BN_clear_free(g); -+ if (r != 0) { -+ DH_free(kex->dh); -+ kex->dh = NULL; -+ } - return r; - } - -@@ -157,6 +164,7 @@ input_kex_dh_gex_reply(int type, u_int32 - u_char hash[SSH_DIGEST_MAX_LENGTH]; - size_t klen = 0, slen, sbloblen, hashlen; - int kout, r; -+ const BIGNUM *p, *g, *pub_key; - - debug("got SSH2_MSG_KEX_DH_GEX_REPLY"); - if (kex->verify_host_key == NULL) { -@@ -219,6 +227,8 @@ input_kex_dh_gex_reply(int type, u_int32 - kex->min = kex->max = -1; - - /* calc and verify H */ -+ DH_get0_pqg(kex->dh, &p, NULL, &g); -+ DH_get0_key(kex->dh, &pub_key, NULL); - hashlen = sizeof(hash); - if ((r = kexgex_hash( - kex->hash_alg, -@@ -228,8 +238,8 @@ input_kex_dh_gex_reply(int type, u_int32 - sshbuf_ptr(kex->peer), sshbuf_len(kex->peer), - server_host_key_blob, sbloblen, - kex->min, kex->nbits, kex->max, -- kex->dh->p, kex->dh->g, -- kex->dh->pub_key, -+ p, g, -+ pub_key, - dh_server_pub, - shared_secret, - hash, &hashlen)) != 0) -Index: openssh-7.8p1/kexgexs.c -=================================================================== ---- openssh-7.8p1.orig/kexgexs.c -+++ openssh-7.8p1/kexgexs.c -@@ -74,6 +74,7 @@ input_kex_dh_gex_request(int type, u_int - struct kex *kex = ssh->kex; - int r; - u_int min = 0, max = 0, nbits = 0; -+ const BIGNUM *p, *g; - - debug("SSH2_MSG_KEX_DH_GEX_REQUEST received"); - if ((r = sshpkt_get_u32(ssh, &min)) != 0 || -@@ -109,9 +110,10 @@ input_kex_dh_gex_request(int type, u_int - goto out; - } - debug("SSH2_MSG_KEX_DH_GEX_GROUP sent"); -+ DH_get0_pqg(kex->dh, &p, NULL, &g); - if ((r = sshpkt_start(ssh, SSH2_MSG_KEX_DH_GEX_GROUP)) != 0 || -- (r = sshpkt_put_bignum2(ssh, kex->dh->p)) != 0 || -- (r = sshpkt_put_bignum2(ssh, kex->dh->g)) != 0 || -+ (r = sshpkt_put_bignum2(ssh, p)) != 0 || -+ (r = sshpkt_put_bignum2(ssh, g)) != 0 || - (r = sshpkt_send(ssh)) != 0) - goto out; - -@@ -123,6 +125,10 @@ input_kex_dh_gex_request(int type, u_int - ssh_dispatch_set(ssh, SSH2_MSG_KEX_DH_GEX_INIT, &input_kex_dh_gex_init); - r = 0; - out: -+ if (r != 0) { -+ DH_free(kex->dh); -+ kex->dh = NULL; -+ } - return r; - } - -@@ -137,6 +143,7 @@ input_kex_dh_gex_init(int type, u_int32_ - size_t sbloblen, slen; - size_t klen = 0, hashlen; - int kout, r; -+ const BIGNUM *p, *g, *pub_key; - - if (kex->load_host_public_key == NULL || - kex->load_host_private_key == NULL) { -@@ -199,6 +206,8 @@ input_kex_dh_gex_init(int type, u_int32_ - goto out; - /* calc H */ - hashlen = sizeof(hash); -+ DH_get0_pqg(kex->dh, &p, NULL, &g); -+ DH_get0_key(kex->dh, &pub_key, NULL); - if ((r = kexgex_hash( - kex->hash_alg, - kex->client_version_string, -@@ -207,9 +216,9 @@ input_kex_dh_gex_init(int type, u_int32_ - sshbuf_ptr(kex->my), sshbuf_len(kex->my), - server_host_key_blob, sbloblen, - kex->min, kex->nbits, kex->max, -- kex->dh->p, kex->dh->g, -+ p, g, - dh_client_pub, -- kex->dh->pub_key, -+ pub_key, - shared_secret, - hash, &hashlen)) != 0) - goto out; -@@ -235,7 +244,7 @@ input_kex_dh_gex_init(int type, u_int32_ - /* send server hostkey, DH pubkey 'f' and signed H */ - if ((r = sshpkt_start(ssh, SSH2_MSG_KEX_DH_GEX_REPLY)) != 0 || - (r = sshpkt_put_string(ssh, server_host_key_blob, sbloblen)) != 0 || -- (r = sshpkt_put_bignum2(ssh, kex->dh->pub_key)) != 0 || /* f */ -+ (r = sshpkt_put_bignum2(ssh, pub_key)) != 0 || /* f */ - (r = sshpkt_put_string(ssh, signature, slen)) != 0 || - (r = sshpkt_send(ssh)) != 0) - goto out; -Index: openssh-7.8p1/kexgssc.c -=================================================================== ---- openssh-7.8p1.orig/kexgssc.c -+++ openssh-7.8p1/kexgssc.c -@@ -61,6 +61,7 @@ kexgss_client(struct ssh *ssh) - BIGNUM *shared_secret = NULL; - BIGNUM *p = NULL; - BIGNUM *g = NULL; -+ const BIGNUM *pub_key, *p1, *g1; - u_char *kbuf; - u_char *serverhostkey = NULL; - u_char *empty = ""; -@@ -126,6 +127,7 @@ kexgss_client(struct ssh *ssh) - - /* Step 1 - e is dh->pub_key */ - dh_gen_key(dh, ssh->kex->we_need * 8); -+ DH_get0_key(dh, &pub_key, NULL); - - /* This is f, we initialise it now to make life easier */ - dh_server_pub = BN_new(); -@@ -173,7 +175,7 @@ kexgss_client(struct ssh *ssh) - packet_start(SSH2_MSG_KEXGSS_INIT); - packet_put_string(send_tok.value, - send_tok.length); -- packet_put_bignum2(dh->pub_key); -+ packet_put_bignum2((BIGNUM *)pub_key); - first = 0; - } else { - packet_start(SSH2_MSG_KEXGSS_CONTINUE); -@@ -284,13 +286,14 @@ kexgss_client(struct ssh *ssh) - sshbuf_ptr(ssh->kex->my), sshbuf_len(ssh->kex->my), - sshbuf_ptr(ssh->kex->peer), sshbuf_len(ssh->kex->peer), - (serverhostkey ? serverhostkey : empty), slen, -- dh->pub_key, /* e */ -+ pub_key, /* e */ - dh_server_pub, /* f */ - shared_secret, /* K */ - hash, &hashlen - ); - break; - case KEX_GSS_GEX_SHA1: -+ DH_get0_pqg(dh, &p1, NULL, &g1); - kexgex_hash( - ssh->kex->hash_alg, - ssh->kex->client_version_string, -@@ -299,8 +302,8 @@ kexgss_client(struct ssh *ssh) - sshbuf_ptr(ssh->kex->peer), sshbuf_len(ssh->kex->peer), - (serverhostkey ? serverhostkey : empty), slen, - min, nbits, max, -- dh->p, dh->g, -- dh->pub_key, -+ p1, g1, -+ pub_key, - dh_server_pub, - shared_secret, - hash, &hashlen -Index: openssh-7.8p1/kexgsss.c -=================================================================== ---- openssh-7.8p1.orig/kexgsss.c -+++ openssh-7.8p1/kexgsss.c -@@ -78,6 +78,7 @@ kexgss_server(struct ssh *ssh) - char *mechs; - u_char hash[SSH_DIGEST_MAX_LENGTH]; - size_t hashlen; -+ const BIGNUM *p, *g, *pub_key; - - /* Initialise GSSAPI */ - -@@ -130,9 +131,10 @@ kexgss_server(struct ssh *ssh) - if (dh == NULL) - packet_disconnect("Protocol error: no matching group found"); - -+ DH_get0_pqg(dh, &p, NULL, &g); - packet_start(SSH2_MSG_KEXGSS_GROUP); -- packet_put_bignum2(dh->p); -- packet_put_bignum2(dh->g); -+ packet_put_bignum2((BIGNUM *)p); -+ packet_put_bignum2((BIGNUM *)g); - packet_send(); - - packet_write_wait(); -@@ -224,6 +226,7 @@ kexgss_server(struct ssh *ssh) - memset(kbuf, 0, klen); - free(kbuf); - -+ DH_get0_key(dh, &pub_key, NULL); - hashlen = sizeof(hash); - switch (ssh->kex->kex_type) { - case KEX_GSS_GRP1_SHA1: -@@ -234,7 +237,7 @@ kexgss_server(struct ssh *ssh) - sshbuf_ptr(ssh->kex->peer), sshbuf_len(ssh->kex->peer), - sshbuf_ptr(ssh->kex->my), sshbuf_len(ssh->kex->my), - NULL, 0, /* Change this if we start sending host keys */ -- dh_client_pub, dh->pub_key, shared_secret, -+ dh_client_pub, pub_key, shared_secret, - hash, &hashlen - ); - break; -@@ -246,9 +249,9 @@ kexgss_server(struct ssh *ssh) - sshbuf_ptr(ssh->kex->my), sshbuf_len(ssh->kex->my), - NULL, 0, - cmin, nbits, cmax, -- dh->p, dh->g, -+ p, g, - dh_client_pub, -- dh->pub_key, -+ pub_key, - shared_secret, - hash, &hashlen - ); -@@ -272,7 +275,7 @@ kexgss_server(struct ssh *ssh) - fatal("Couldn't get MIC"); - - packet_start(SSH2_MSG_KEXGSS_COMPLETE); -- packet_put_bignum2(dh->pub_key); -+ packet_put_bignum2((BIGNUM *)pub_key); - packet_put_string(msg_tok.value,msg_tok.length); - - if (send_tok.length != 0) { -Index: openssh-7.8p1/libcrypto-compat.c -=================================================================== ---- /dev/null -+++ openssh-7.8p1/libcrypto-compat.c -@@ -0,0 +1,428 @@ -+/* -+ * Copyright 2016 The OpenSSL Project Authors. All Rights Reserved. -+ * -+ * Licensed under the OpenSSL license (the "License"). You may not use -+ * this file except in compliance with the License. You can obtain a copy -+ * in the file LICENSE in the source distribution or at -+ * https://www.openssl.org/source/license.html -+ */ -+ -+#include "includes.h" -+ -+#if OPENSSL_VERSION_NUMBER < 0x10100000L -+ -+#include -+#include -+ -+static void *OPENSSL_zalloc(size_t num) -+{ -+ void *ret = OPENSSL_malloc(num); -+ -+ if (ret != NULL) -+ memset(ret, 0, num); -+ return ret; -+} -+ -+int RSA_set0_key(RSA *r, BIGNUM *n, BIGNUM *e, BIGNUM *d) -+{ -+ /* If the fields n and e in r are NULL, the corresponding input -+ * parameters MUST be non-NULL for n and e. d may be -+ * left NULL (in case only the public key is used). -+ */ -+ if ((r->n == NULL && n == NULL) -+ || (r->e == NULL && e == NULL)) -+ return 0; -+ -+ if (n != NULL) { -+ BN_clear_free(r->n); -+ r->n = n; -+ } -+ if (e != NULL) { -+ BN_clear_free(r->e); -+ r->e = e; -+ } -+ if (d != NULL) { -+ BN_clear_free(r->d); -+ r->d = d; -+ } -+ -+ return 1; -+} -+ -+int RSA_set0_factors(RSA *r, BIGNUM *p, BIGNUM *q) -+{ -+ /* If the fields p and q in r are NULL, the corresponding input -+ * parameters MUST be non-NULL. -+ */ -+ if ((r->p == NULL && p == NULL) -+ || (r->q == NULL && q == NULL)) -+ return 0; -+ -+ if (p != NULL) { -+ BN_clear_free(r->p); -+ r->p = p; -+ } -+ if (q != NULL) { -+ BN_clear_free(r->q); -+ r->q = q; -+ } -+ -+ return 1; -+} -+ -+int RSA_set0_crt_params(RSA *r, BIGNUM *dmp1, BIGNUM *dmq1, BIGNUM *iqmp) -+{ -+ /* If the fields dmp1, dmq1 and iqmp in r are NULL, the corresponding input -+ * parameters MUST be non-NULL. -+ */ -+ if ((r->dmp1 == NULL && dmp1 == NULL) -+ || (r->dmq1 == NULL && dmq1 == NULL) -+ || (r->iqmp == NULL && iqmp == NULL)) -+ return 0; -+ -+ if (dmp1 != NULL) { -+ BN_clear_free(r->dmp1); -+ r->dmp1 = dmp1; -+ } -+ if (dmq1 != NULL) { -+ BN_clear_free(r->dmq1); -+ r->dmq1 = dmq1; -+ } -+ if (iqmp != NULL) { -+ BN_clear_free(r->iqmp); -+ r->iqmp = iqmp; -+ } -+ -+ return 1; -+} -+ -+void RSA_get0_key(const RSA *r, -+ const BIGNUM **n, const BIGNUM **e, const BIGNUM **d) -+{ -+ if (n != NULL) -+ *n = r->n; -+ if (e != NULL) -+ *e = r->e; -+ if (d != NULL) -+ *d = r->d; -+} -+ -+void RSA_get0_factors(const RSA *r, const BIGNUM **p, const BIGNUM **q) -+{ -+ if (p != NULL) -+ *p = r->p; -+ if (q != NULL) -+ *q = r->q; -+} -+ -+void RSA_get0_crt_params(const RSA *r, -+ const BIGNUM **dmp1, const BIGNUM **dmq1, -+ const BIGNUM **iqmp) -+{ -+ if (dmp1 != NULL) -+ *dmp1 = r->dmp1; -+ if (dmq1 != NULL) -+ *dmq1 = r->dmq1; -+ if (iqmp != NULL) -+ *iqmp = r->iqmp; -+} -+ -+void DSA_get0_pqg(const DSA *d, -+ const BIGNUM **p, const BIGNUM **q, const BIGNUM **g) -+{ -+ if (p != NULL) -+ *p = d->p; -+ if (q != NULL) -+ *q = d->q; -+ if (g != NULL) -+ *g = d->g; -+} -+ -+int DSA_set0_pqg(DSA *d, BIGNUM *p, BIGNUM *q, BIGNUM *g) -+{ -+ /* If the fields p, q and g in d are NULL, the corresponding input -+ * parameters MUST be non-NULL. -+ */ -+ if ((d->p == NULL && p == NULL) -+ || (d->q == NULL && q == NULL) -+ || (d->g == NULL && g == NULL)) -+ return 0; -+ -+ if (p != NULL) { -+ BN_clear_free(d->p); -+ d->p = p; -+ } -+ if (q != NULL) { -+ BN_clear_free(d->q); -+ d->q = q; -+ } -+ if (g != NULL) { -+ BN_clear_free(d->g); -+ d->g = g; -+ } -+ -+ return 1; -+} -+ -+void DSA_get0_key(const DSA *d, -+ const BIGNUM **pub_key, const BIGNUM **priv_key) -+{ -+ if (pub_key != NULL) -+ *pub_key = d->pub_key; -+ if (priv_key != NULL) -+ *priv_key = d->priv_key; -+} -+ -+int DSA_set0_key(DSA *d, BIGNUM *pub_key, BIGNUM *priv_key) -+{ -+ /* If the field pub_key in d is NULL, the corresponding input -+ * parameters MUST be non-NULL. The priv_key field may -+ * be left NULL. -+ */ -+ if (d->pub_key == NULL && pub_key == NULL) -+ return 0; -+ -+ if (pub_key != NULL) { -+ BN_clear_free(d->pub_key); -+ d->pub_key = pub_key; -+ } -+ if (priv_key != NULL) { -+ BN_clear_free(d->priv_key); -+ d->priv_key = priv_key; -+ } -+ -+ return 1; -+} -+ -+void DSA_SIG_get0(const DSA_SIG *sig, const BIGNUM **pr, const BIGNUM **ps) -+{ -+ if (pr != NULL) -+ *pr = sig->r; -+ if (ps != NULL) -+ *ps = sig->s; -+} -+ -+int DSA_SIG_set0(DSA_SIG *sig, BIGNUM *r, BIGNUM *s) -+{ -+ if (r == NULL || s == NULL) -+ return 0; -+ BN_clear_free(sig->r); -+ BN_clear_free(sig->s); -+ sig->r = r; -+ sig->s = s; -+ return 1; -+} -+ -+void ECDSA_SIG_get0(const ECDSA_SIG *sig, const BIGNUM **pr, const BIGNUM **ps) -+{ -+ if (pr != NULL) -+ *pr = sig->r; -+ if (ps != NULL) -+ *ps = sig->s; -+} -+ -+int ECDSA_SIG_set0(ECDSA_SIG *sig, BIGNUM *r, BIGNUM *s) -+{ -+ if (r == NULL || s == NULL) -+ return 0; -+ BN_clear_free(sig->r); -+ BN_clear_free(sig->s); -+ sig->r = r; -+ sig->s = s; -+ return 1; -+} -+ -+void DH_get0_pqg(const DH *dh, -+ const BIGNUM **p, const BIGNUM **q, const BIGNUM **g) -+{ -+ if (p != NULL) -+ *p = dh->p; -+ if (q != NULL) -+ *q = dh->q; -+ if (g != NULL) -+ *g = dh->g; -+} -+ -+int DH_set0_pqg(DH *dh, BIGNUM *p, BIGNUM *q, BIGNUM *g) -+{ -+ /* If the fields p and g in d are NULL, the corresponding input -+ * parameters MUST be non-NULL. q may remain NULL. -+ */ -+ if ((dh->p == NULL && p == NULL) -+ || (dh->g == NULL && g == NULL)) -+ return 0; -+ -+ if (p != NULL) { -+ BN_clear_free(dh->p); -+ dh->p = p; -+ } -+ if (q != NULL) { -+ BN_clear_free(dh->q); -+ dh->q = q; -+ } -+ if (g != NULL) { -+ BN_clear_free(dh->g); -+ dh->g = g; -+ } -+ -+ if (q != NULL) { -+ dh->length = BN_num_bits(q); -+ } -+ -+ return 1; -+} -+ -+void DH_get0_key(const DH *dh, const BIGNUM **pub_key, const BIGNUM **priv_key) -+{ -+ if (pub_key != NULL) -+ *pub_key = dh->pub_key; -+ if (priv_key != NULL) -+ *priv_key = dh->priv_key; -+} -+ -+int DH_set_length(DH *dh, long length) -+{ -+ dh->length = length; -+ return 1; -+} -+ -+const unsigned char *EVP_CIPHER_CTX_iv(const EVP_CIPHER_CTX *ctx) -+{ -+ return ctx->iv; -+} -+ -+unsigned char *EVP_CIPHER_CTX_iv_noconst(EVP_CIPHER_CTX *ctx) -+{ -+ return ctx->iv; -+} -+ -+EVP_MD_CTX *EVP_MD_CTX_new(void) -+{ -+ return OPENSSL_zalloc(sizeof(EVP_MD_CTX)); -+} -+ -+static void OPENSSL_clear_free(void *str, size_t num) -+{ -+ if (str == NULL) -+ return; -+ if (num) -+ OPENSSL_cleanse(str, num); -+ OPENSSL_free(str); -+} -+ -+/* This call frees resources associated with the context */ -+int EVP_MD_CTX_reset(EVP_MD_CTX *ctx) -+{ -+ if (ctx == NULL) -+ return 1; -+ -+ /* -+ * Don't assume ctx->md_data was cleaned in EVP_Digest_Final, because -+ * sometimes only copies of the context are ever finalised. -+ */ -+ if (ctx->digest && ctx->digest->cleanup -+ && !EVP_MD_CTX_test_flags(ctx, EVP_MD_CTX_FLAG_CLEANED)) -+ ctx->digest->cleanup(ctx); -+ if (ctx->digest && ctx->digest->ctx_size && ctx->md_data -+ && !EVP_MD_CTX_test_flags(ctx, EVP_MD_CTX_FLAG_REUSE)) { -+ OPENSSL_clear_free(ctx->md_data, ctx->digest->ctx_size); -+ } -+ EVP_PKEY_CTX_free(ctx->pctx); -+#ifndef OPENSSL_NO_ENGINE -+ ENGINE_finish(ctx->engine); -+#endif -+ OPENSSL_cleanse(ctx, sizeof(*ctx)); -+ -+ return 1; -+} -+ -+void EVP_MD_CTX_free(EVP_MD_CTX *ctx) -+{ -+ EVP_MD_CTX_reset(ctx); -+ OPENSSL_free(ctx); -+} -+ -+RSA_METHOD *RSA_meth_dup(const RSA_METHOD *meth) -+{ -+ RSA_METHOD *ret; -+ -+ ret = OPENSSL_malloc(sizeof(RSA_METHOD)); -+ -+ if (ret != NULL) { -+ memcpy(ret, meth, sizeof(*meth)); -+ ret->name = OPENSSL_strdup(meth->name); -+ if (ret->name == NULL) { -+ OPENSSL_free(ret); -+ return NULL; -+ } -+ } -+ -+ return ret; -+} -+ -+int RSA_meth_set1_name(RSA_METHOD *meth, const char *name) -+{ -+ char *tmpname; -+ -+ tmpname = OPENSSL_strdup(name); -+ if (tmpname == NULL) { -+ return 0; -+ } -+ -+ OPENSSL_free((char *)meth->name); -+ meth->name = tmpname; -+ -+ return 1; -+} -+ -+int RSA_meth_set_priv_enc(RSA_METHOD *meth, -+ int (*priv_enc) (int flen, const unsigned char *from, -+ unsigned char *to, RSA *rsa, -+ int padding)) -+{ -+ meth->rsa_priv_enc = priv_enc; -+ return 1; -+} -+ -+int RSA_meth_set_priv_dec(RSA_METHOD *meth, -+ int (*priv_dec) (int flen, const unsigned char *from, -+ unsigned char *to, RSA *rsa, -+ int padding)) -+{ -+ meth->rsa_priv_dec = priv_dec; -+ return 1; -+} -+ -+int RSA_meth_set_finish(RSA_METHOD *meth, int (*finish) (RSA *rsa)) -+{ -+ meth->finish = finish; -+ return 1; -+} -+ -+void RSA_meth_free(RSA_METHOD *meth) -+{ -+ if (meth != NULL) { -+ OPENSSL_free((char *)meth->name); -+ OPENSSL_free(meth); -+ } -+} -+ -+int RSA_bits(const RSA *r) -+{ -+ return (BN_num_bits(r->n)); -+} -+ -+int DSA_bits(const DSA *dsa) -+{ -+ return BN_num_bits(dsa->p); -+} -+ -+RSA *EVP_PKEY_get0_RSA(EVP_PKEY *pkey) -+{ -+ if (pkey->type != EVP_PKEY_RSA) { -+ return NULL; -+ } -+ return pkey->pkey.rsa; -+} -+ -+#endif /* OPENSSL_VERSION_NUMBER */ -Index: openssh-7.8p1/libcrypto-compat.h -=================================================================== ---- /dev/null -+++ openssh-7.8p1/libcrypto-compat.h -@@ -0,0 +1,59 @@ -+#ifndef LIBCRYPTO_COMPAT_H -+#define LIBCRYPTO_COMPAT_H -+ -+#if OPENSSL_VERSION_NUMBER < 0x10100000L -+ -+#include -+#include -+#include -+#include -+#include -+ -+int RSA_set0_key(RSA *r, BIGNUM *n, BIGNUM *e, BIGNUM *d); -+int RSA_set0_factors(RSA *r, BIGNUM *p, BIGNUM *q); -+int RSA_set0_crt_params(RSA *r, BIGNUM *dmp1, BIGNUM *dmq1, BIGNUM *iqmp); -+void RSA_get0_key(const RSA *r, const BIGNUM **n, const BIGNUM **e, const BIGNUM **d); -+void RSA_get0_factors(const RSA *r, const BIGNUM **p, const BIGNUM **q); -+void RSA_get0_crt_params(const RSA *r, const BIGNUM **dmp1, const BIGNUM **dmq1, const BIGNUM **iqmp); -+ -+void DSA_get0_pqg(const DSA *d, const BIGNUM **p, const BIGNUM **q, const BIGNUM **g); -+int DSA_set0_pqg(DSA *d, BIGNUM *p, BIGNUM *q, BIGNUM *g); -+void DSA_get0_key(const DSA *d, const BIGNUM **pub_key, const BIGNUM **priv_key); -+int DSA_set0_key(DSA *d, BIGNUM *pub_key, BIGNUM *priv_key); -+ -+void DSA_SIG_get0(const DSA_SIG *sig, const BIGNUM **pr, const BIGNUM **ps); -+int DSA_SIG_set0(DSA_SIG *sig, BIGNUM *r, BIGNUM *s); -+ -+void ECDSA_SIG_get0(const ECDSA_SIG *sig, const BIGNUM **pr, const BIGNUM **ps); -+int ECDSA_SIG_set0(ECDSA_SIG *sig, BIGNUM *r, BIGNUM *s); -+ -+void DH_get0_pqg(const DH *dh, const BIGNUM **p, const BIGNUM **q, const BIGNUM **g); -+int DH_set0_pqg(DH *dh, BIGNUM *p, BIGNUM *q, BIGNUM *g); -+void DH_get0_key(const DH *dh, const BIGNUM **pub_key, const BIGNUM **priv_key); -+int DH_set_length(DH *dh, long length); -+ -+const unsigned char *EVP_CIPHER_CTX_iv(const EVP_CIPHER_CTX *ctx); -+unsigned char *EVP_CIPHER_CTX_iv_noconst(EVP_CIPHER_CTX *ctx); -+int EVP_MD_CTX_reset(EVP_MD_CTX *ctx); -+EVP_MD_CTX *EVP_MD_CTX_new(void); -+void EVP_MD_CTX_free(EVP_MD_CTX *ctx); -+#define EVP_CIPHER_impl_ctx_size(e) e->ctx_size -+#define EVP_CIPHER_CTX_get_cipher_data(ctx) ctx->cipher_data -+ -+RSA_METHOD *RSA_meth_dup(const RSA_METHOD *meth); -+int RSA_meth_set1_name(RSA_METHOD *meth, const char *name); -+#define RSA_meth_get_finish(meth) meth->finish -+int RSA_meth_set_priv_enc(RSA_METHOD *meth, int (*priv_enc) (int flen, const unsigned char *from, unsigned char *to, RSA *rsa, int padding)); -+int RSA_meth_set_priv_dec(RSA_METHOD *meth, int (*priv_dec) (int flen, const unsigned char *from, unsigned char *to, RSA *rsa, int padding)); -+int RSA_meth_set_finish(RSA_METHOD *meth, int (*finish) (RSA *rsa)); -+void RSA_meth_free(RSA_METHOD *meth); -+ -+int RSA_bits(const RSA *r); -+int DSA_bits(const DSA *d); -+ -+RSA *EVP_PKEY_get0_RSA(EVP_PKEY *pkey); -+ -+#endif /* OPENSSL_VERSION_NUMBER */ -+ -+#endif /* LIBCRYPTO_COMPAT_H */ -+ -Index: openssh-7.8p1/monitor.c -=================================================================== ---- openssh-7.8p1.orig/monitor.c -+++ openssh-7.8p1/monitor.c -@@ -624,9 +624,12 @@ mm_answer_moduli(int sock, struct sshbuf - return (0); - } else { - /* Send first bignum */ -+ const BIGNUM *p, *g; -+ -+ DH_get0_pqg(dh, &p, NULL, &g); - if ((r = sshbuf_put_u8(m, 1)) != 0 || -- (r = sshbuf_put_bignum2(m, dh->p)) != 0 || -- (r = sshbuf_put_bignum2(m, dh->g)) != 0) -+ (r = sshbuf_put_bignum2(m, p)) != 0 || -+ (r = sshbuf_put_bignum2(m, g)) != 0) - fatal("%s: buffer error: %s", __func__, ssh_err(r)); - - DH_free(dh); -Index: openssh-7.8p1/openbsd-compat/openssl-compat.c -=================================================================== ---- openssh-7.8p1.orig/openbsd-compat/openssl-compat.c -+++ openssh-7.8p1/openbsd-compat/openssl-compat.c -@@ -70,12 +70,19 @@ ssh_compatible_openssl(long headerver, l - void - ssh_OpenSSL_add_all_algorithms(void) - { -+#if OPENSSL_VERSION_NUMBER < 0x10100000L - OpenSSL_add_all_algorithms(); - - /* Enable use of crypto hardware */ - ENGINE_load_builtin_engines(); -+#if OPENSSL_VERSION_NUMBER < 0x10001000L - ENGINE_register_all_complete(); -+#endif - OPENSSL_config(NULL); -+#else -+ OPENSSL_init_crypto(OPENSSL_INIT_ADD_ALL_DIGESTS | -+ OPENSSL_INIT_ADD_ALL_DIGESTS | OPENSSL_INIT_LOAD_CONFIG, NULL); -+#endif - } - #endif - -Index: openssh-7.8p1/regress/unittests/sshkey/test_file.c -=================================================================== ---- openssh-7.8p1.orig/regress/unittests/sshkey/test_file.c -+++ openssh-7.8p1/regress/unittests/sshkey/test_file.c -@@ -46,6 +46,7 @@ sshkey_file_tests(void) - struct sshbuf *buf, *pw; - BIGNUM *a, *b, *c; - char *cp; -+ const BIGNUM *n, *p, *q, *g, *pub_key, *priv_key; - - TEST_START("load passphrase"); - pw = load_text_file("pw"); -@@ -60,9 +61,11 @@ sshkey_file_tests(void) - a = load_bignum("rsa_1.param.n"); - b = load_bignum("rsa_1.param.p"); - c = load_bignum("rsa_1.param.q"); -- ASSERT_BIGNUM_EQ(k1->rsa->n, a); -- ASSERT_BIGNUM_EQ(k1->rsa->p, b); -- ASSERT_BIGNUM_EQ(k1->rsa->q, c); -+ RSA_get0_key(k1->rsa, &n, NULL, NULL); -+ RSA_get0_factors(k1->rsa, &p, &q); -+ ASSERT_BIGNUM_EQ(n, a); -+ ASSERT_BIGNUM_EQ(p, b); -+ ASSERT_BIGNUM_EQ(q, c); - BN_free(a); - BN_free(b); - BN_free(c); -@@ -151,9 +154,11 @@ sshkey_file_tests(void) - a = load_bignum("dsa_1.param.g"); - b = load_bignum("dsa_1.param.priv"); - c = load_bignum("dsa_1.param.pub"); -- ASSERT_BIGNUM_EQ(k1->dsa->g, a); -- ASSERT_BIGNUM_EQ(k1->dsa->priv_key, b); -- ASSERT_BIGNUM_EQ(k1->dsa->pub_key, c); -+ DSA_get0_pqg(k1->dsa, NULL, NULL, &g); -+ DSA_get0_key(k1->dsa, &pub_key, &priv_key); -+ ASSERT_BIGNUM_EQ(g, a); -+ ASSERT_BIGNUM_EQ(priv_key, b); -+ ASSERT_BIGNUM_EQ(pub_key, c); - BN_free(a); - BN_free(b); - BN_free(c); -Index: openssh-7.8p1/regress/unittests/sshkey/test_sshkey.c -=================================================================== ---- openssh-7.8p1.orig/regress/unittests/sshkey/test_sshkey.c -+++ openssh-7.8p1/regress/unittests/sshkey/test_sshkey.c -@@ -197,9 +197,6 @@ sshkey_tests(void) - k1 = sshkey_new(KEY_RSA); - ASSERT_PTR_NE(k1, NULL); - ASSERT_PTR_NE(k1->rsa, NULL); -- ASSERT_PTR_NE(k1->rsa->n, NULL); -- ASSERT_PTR_NE(k1->rsa->e, NULL); -- ASSERT_PTR_EQ(k1->rsa->p, NULL); - sshkey_free(k1); - TEST_DONE(); - -@@ -207,8 +204,6 @@ sshkey_tests(void) - k1 = sshkey_new(KEY_DSA); - ASSERT_PTR_NE(k1, NULL); - ASSERT_PTR_NE(k1->dsa, NULL); -- ASSERT_PTR_NE(k1->dsa->g, NULL); -- ASSERT_PTR_EQ(k1->dsa->priv_key, NULL); - sshkey_free(k1); - TEST_DONE(); - -@@ -234,9 +229,6 @@ sshkey_tests(void) - k1 = sshkey_new_private(KEY_RSA); - ASSERT_PTR_NE(k1, NULL); - ASSERT_PTR_NE(k1->rsa, NULL); -- ASSERT_PTR_NE(k1->rsa->n, NULL); -- ASSERT_PTR_NE(k1->rsa->e, NULL); -- ASSERT_PTR_NE(k1->rsa->p, NULL); - ASSERT_INT_EQ(sshkey_add_private(k1), 0); - sshkey_free(k1); - TEST_DONE(); -@@ -245,8 +237,6 @@ sshkey_tests(void) - k1 = sshkey_new_private(KEY_DSA); - ASSERT_PTR_NE(k1, NULL); - ASSERT_PTR_NE(k1->dsa, NULL); -- ASSERT_PTR_NE(k1->dsa->g, NULL); -- ASSERT_PTR_NE(k1->dsa->priv_key, NULL); - ASSERT_INT_EQ(sshkey_add_private(k1), 0); - sshkey_free(k1); - TEST_DONE(); -@@ -285,18 +275,13 @@ sshkey_tests(void) - ASSERT_INT_EQ(sshkey_generate(KEY_RSA, 1024, &kr), 0); - ASSERT_PTR_NE(kr, NULL); - ASSERT_PTR_NE(kr->rsa, NULL); -- ASSERT_PTR_NE(kr->rsa->n, NULL); -- ASSERT_PTR_NE(kr->rsa->e, NULL); -- ASSERT_PTR_NE(kr->rsa->p, NULL); -- ASSERT_INT_EQ(BN_num_bits(kr->rsa->n), 1024); -+ ASSERT_INT_EQ(RSA_bits(kr->rsa), 1024); - TEST_DONE(); - - TEST_START("generate KEY_DSA"); - ASSERT_INT_EQ(sshkey_generate(KEY_DSA, 1024, &kd), 0); - ASSERT_PTR_NE(kd, NULL); - ASSERT_PTR_NE(kd->dsa, NULL); -- ASSERT_PTR_NE(kd->dsa->g, NULL); -- ASSERT_PTR_NE(kd->dsa->priv_key, NULL); - TEST_DONE(); - - #ifdef OPENSSL_HAS_ECC -@@ -323,9 +308,6 @@ sshkey_tests(void) - ASSERT_PTR_NE(kr, k1); - ASSERT_INT_EQ(k1->type, KEY_RSA); - ASSERT_PTR_NE(k1->rsa, NULL); -- ASSERT_PTR_NE(k1->rsa->n, NULL); -- ASSERT_PTR_NE(k1->rsa->e, NULL); -- ASSERT_PTR_EQ(k1->rsa->p, NULL); - TEST_DONE(); - - TEST_START("equal KEY_RSA/demoted KEY_RSA"); -@@ -339,8 +321,6 @@ sshkey_tests(void) - ASSERT_PTR_NE(kd, k1); - ASSERT_INT_EQ(k1->type, KEY_DSA); - ASSERT_PTR_NE(k1->dsa, NULL); -- ASSERT_PTR_NE(k1->dsa->g, NULL); -- ASSERT_PTR_EQ(k1->dsa->priv_key, NULL); - TEST_DONE(); - - TEST_START("equal KEY_DSA/demoted KEY_DSA"); -Index: openssh-7.8p1/ssh-dss.c -=================================================================== ---- openssh-7.8p1.orig/ssh-dss.c -+++ openssh-7.8p1/ssh-dss.c -@@ -55,6 +55,7 @@ ssh_dss_sign(const struct sshkey *key, u - size_t rlen, slen, len, dlen = ssh_digest_bytes(SSH_DIGEST_SHA1); - struct sshbuf *b = NULL; - int ret = SSH_ERR_INVALID_ARGUMENT; -+ const BIGNUM *r, *s; - - if (lenp != NULL) - *lenp = 0; -@@ -76,15 +77,16 @@ ssh_dss_sign(const struct sshkey *key, u - goto out; - } - -- rlen = BN_num_bytes(sig->r); -- slen = BN_num_bytes(sig->s); -+ DSA_SIG_get0(sig, &r, &s); -+ rlen = BN_num_bytes(r); -+ slen = BN_num_bytes(s); - if (rlen > INTBLOB_LEN || slen > INTBLOB_LEN) { - ret = SSH_ERR_INTERNAL_ERROR; - goto out; - } - explicit_bzero(sigblob, SIGBLOB_LEN); -- BN_bn2bin(sig->r, sigblob + SIGBLOB_LEN - INTBLOB_LEN - rlen); -- BN_bn2bin(sig->s, sigblob + SIGBLOB_LEN - slen); -+ BN_bn2bin(r, sigblob + SIGBLOB_LEN - INTBLOB_LEN - rlen); -+ BN_bn2bin(s, sigblob + SIGBLOB_LEN - slen); - - if ((b = sshbuf_new()) == NULL) { - ret = SSH_ERR_ALLOC_FAIL; -@@ -123,6 +125,7 @@ ssh_dss_verify(const struct sshkey *key, - int ret = SSH_ERR_INTERNAL_ERROR; - struct sshbuf *b = NULL; - char *ktype = NULL; -+ BIGNUM *r = NULL, *s = NULL; - - if (key == NULL || key->dsa == NULL || - sshkey_type_plain(key->type) != KEY_DSA || -@@ -155,16 +158,19 @@ ssh_dss_verify(const struct sshkey *key, - - /* parse signature */ - if ((sig = DSA_SIG_new()) == NULL || -- (sig->r = BN_new()) == NULL || -- (sig->s = BN_new()) == NULL) { -+ (r = BN_new()) == NULL || -+ (s = BN_new()) == NULL) { - ret = SSH_ERR_ALLOC_FAIL; - goto out; - } -- if ((BN_bin2bn(sigblob, INTBLOB_LEN, sig->r) == NULL) || -- (BN_bin2bn(sigblob+ INTBLOB_LEN, INTBLOB_LEN, sig->s) == NULL)) { -+ if ((BN_bin2bn(sigblob, INTBLOB_LEN, r) == NULL) || -+ (BN_bin2bn(sigblob+ INTBLOB_LEN, INTBLOB_LEN, s) == NULL) || -+ (DSA_SIG_set0(sig, r, s) == 0)) { - ret = SSH_ERR_LIBCRYPTO_ERROR; - goto out; - } -+ r = NULL; -+ s = NULL; - - /* sha1 the data */ - if ((ret = ssh_digest_memory(SSH_DIGEST_SHA1, data, datalen, -@@ -185,6 +191,8 @@ ssh_dss_verify(const struct sshkey *key, - - out: - explicit_bzero(digest, sizeof(digest)); -+ BN_free(r); -+ BN_free(s); - DSA_SIG_free(sig); - sshbuf_free(b); - free(ktype); -Index: openssh-7.8p1/ssh-ecdsa.c -=================================================================== ---- openssh-7.8p1.orig/ssh-ecdsa.c -+++ openssh-7.8p1/ssh-ecdsa.c -@@ -54,6 +54,7 @@ ssh_ecdsa_sign(const struct sshkey *key, - size_t len, dlen; - struct sshbuf *b = NULL, *bb = NULL; - int ret = SSH_ERR_INTERNAL_ERROR; -+ const BIGNUM *r, *s; - - if (lenp != NULL) - *lenp = 0; -@@ -80,8 +81,9 @@ ssh_ecdsa_sign(const struct sshkey *key, - ret = SSH_ERR_ALLOC_FAIL; - goto out; - } -- if ((ret = sshbuf_put_bignum2(bb, sig->r)) != 0 || -- (ret = sshbuf_put_bignum2(bb, sig->s)) != 0) -+ ECDSA_SIG_get0(sig, &r, &s); -+ if ((ret = sshbuf_put_bignum2(bb, r)) != 0 || -+ (ret = sshbuf_put_bignum2(bb, s)) != 0) - goto out; - if ((ret = sshbuf_put_cstring(b, sshkey_ssh_name_plain(key))) != 0 || - (ret = sshbuf_put_stringb(b, bb)) != 0) -@@ -118,6 +120,7 @@ ssh_ecdsa_verify(const struct sshkey *ke - int ret = SSH_ERR_INTERNAL_ERROR; - struct sshbuf *b = NULL, *sigbuf = NULL; - char *ktype = NULL; -+ BIGNUM *r = NULL, *s = NULL; - - if (key == NULL || key->ecdsa == NULL || - sshkey_type_plain(key->type) != KEY_ECDSA || -@@ -146,15 +149,23 @@ ssh_ecdsa_verify(const struct sshkey *ke - } - - /* parse signature */ -- if ((sig = ECDSA_SIG_new()) == NULL) { -+ if ((sig = ECDSA_SIG_new()) == NULL || -+ (r = BN_new()) == NULL || -+ (s = BN_new()) == NULL) { - ret = SSH_ERR_ALLOC_FAIL; - goto out; - } -- if (sshbuf_get_bignum2(sigbuf, sig->r) != 0 || -- sshbuf_get_bignum2(sigbuf, sig->s) != 0) { -+ if (sshbuf_get_bignum2(sigbuf, r) != 0 || -+ sshbuf_get_bignum2(sigbuf, s) != 0) { - ret = SSH_ERR_INVALID_FORMAT; - goto out; - } -+ if (ECDSA_SIG_set0(sig, r, s) == 0) { -+ ret = SSH_ERR_LIBCRYPTO_ERROR; -+ goto out; -+ } -+ r = NULL; -+ s = NULL; - if (sshbuf_len(sigbuf) != 0) { - ret = SSH_ERR_UNEXPECTED_TRAILING_DATA; - goto out; -@@ -179,6 +190,8 @@ ssh_ecdsa_verify(const struct sshkey *ke - explicit_bzero(digest, sizeof(digest)); - sshbuf_free(sigbuf); - sshbuf_free(b); -+ BN_free(r); -+ BN_free(s); - ECDSA_SIG_free(sig); - free(ktype); - return ret; -Index: openssh-7.8p1/ssh-keygen.c -=================================================================== ---- openssh-7.8p1.orig/ssh-keygen.c -+++ openssh-7.8p1/ssh-keygen.c -@@ -495,40 +495,67 @@ do_convert_private_ssh2_from_blob(u_char - free(type); - - switch (key->type) { -- case KEY_DSA: -- buffer_get_bignum_bits(b, key->dsa->p); -- buffer_get_bignum_bits(b, key->dsa->g); -- buffer_get_bignum_bits(b, key->dsa->q); -- buffer_get_bignum_bits(b, key->dsa->pub_key); -- buffer_get_bignum_bits(b, key->dsa->priv_key); -+ case KEY_DSA: { -+ BIGNUM *p = NULL, *g = NULL, *q = NULL, *pub_key = NULL, *priv_key = NULL; -+ -+ if ((p = BN_new()) == NULL || -+ (g = BN_new()) == NULL || -+ (q = BN_new()) == NULL || -+ (pub_key = BN_new()) == NULL || -+ (priv_key = BN_new()) == NULL) -+ fatal("BN_new() failed"); -+ buffer_get_bignum_bits(b, p); -+ buffer_get_bignum_bits(b, g); -+ buffer_get_bignum_bits(b, q); -+ buffer_get_bignum_bits(b, pub_key); -+ buffer_get_bignum_bits(b, priv_key); -+ if (DSA_set0_pqg(key->dsa, p, q, g) == 0 || -+ DSA_set0_key(key->dsa, pub_key, priv_key) == 0) { -+ fatal("failed to set DSA key"); -+ } -+ } - break; -- case KEY_RSA: -- if ((r = sshbuf_get_u8(b, &e1)) != 0 || -- (e1 < 30 && (r = sshbuf_get_u8(b, &e2)) != 0) || -- (e1 < 30 && (r = sshbuf_get_u8(b, &e3)) != 0)) -- fatal("%s: buffer error: %s", __func__, ssh_err(r)); -- e = e1; -- debug("e %lx", e); -- if (e < 30) { -- e <<= 8; -- e += e2; -- debug("e %lx", e); -- e <<= 8; -- e += e3; -+ case KEY_RSA: { -+ BIGNUM *bn_e = NULL, *bn_d = NULL, *bn_n = NULL, *bn_iqmp = NULL, *bn_p = NULL, *bn_q = NULL; -+ -+ if ((bn_e = BN_new()) == NULL || -+ (bn_d = BN_new()) == NULL || -+ (bn_n = BN_new()) == NULL || -+ (bn_iqmp = BN_new()) == NULL || -+ (bn_p = BN_new()) == NULL || -+ (bn_q = BN_new()) == NULL) -+ fatal("BN_new() failed"); -+ -+ if ((r = sshbuf_get_u8(b, &e1)) != 0 || -+ (e1 < 30 && (r = sshbuf_get_u8(b, &e2)) != 0) || -+ (e1 < 30 && (r = sshbuf_get_u8(b, &e3)) != 0)) -+ fatal("%s: buffer error: %s", __func__, ssh_err(r)); -+ e = e1; - debug("e %lx", e); -+ if (e < 30) { -+ e <<= 8; -+ e += e2; -+ debug("e %lx", e); -+ e <<= 8; -+ e += e3; -+ debug("e %lx", e); -+ } -+ if (!BN_set_word(bn_e, e)) { -+ sshbuf_free(b); -+ sshkey_free(key); -+ return NULL; -+ } -+ buffer_get_bignum_bits(b, bn_d); -+ buffer_get_bignum_bits(b, bn_n); -+ buffer_get_bignum_bits(b, bn_iqmp); -+ buffer_get_bignum_bits(b, bn_q); -+ buffer_get_bignum_bits(b, bn_p); -+ if (RSA_set0_key(key->rsa, bn_n, bn_e, bn_d) == 0 || -+ RSA_set0_factors(key->rsa, bn_p, bn_q) == 0) -+ fatal("Failed to set RSA parameters"); -+ if ((r = ssh_rsa_generate_additional_parameters(key, bn_iqmp)) != 0) -+ fatal("generate RSA parameters failed: %s", ssh_err(r)); - } -- if (!BN_set_word(key->rsa->e, e)) { -- sshbuf_free(b); -- sshkey_free(key); -- return NULL; -- } -- buffer_get_bignum_bits(b, key->rsa->d); -- buffer_get_bignum_bits(b, key->rsa->n); -- buffer_get_bignum_bits(b, key->rsa->iqmp); -- buffer_get_bignum_bits(b, key->rsa->q); -- buffer_get_bignum_bits(b, key->rsa->p); -- if ((r = ssh_rsa_generate_additional_parameters(key)) != 0) -- fatal("generate RSA parameters failed: %s", ssh_err(r)); - break; - } - rlen = sshbuf_len(b); -@@ -636,7 +663,7 @@ do_convert_from_pkcs8(struct sshkey **k, - identity_file); - } - fclose(fp); -- switch (EVP_PKEY_type(pubkey->type)) { -+ switch (EVP_PKEY_base_id(pubkey)) { - case EVP_PKEY_RSA: - if ((*k = sshkey_new(KEY_UNSPEC)) == NULL) - fatal("sshkey_new failed"); -@@ -660,7 +687,7 @@ do_convert_from_pkcs8(struct sshkey **k, - #endif - default: - fatal("%s: unsupported pubkey type %d", __func__, -- EVP_PKEY_type(pubkey->type)); -+ EVP_PKEY_base_id(pubkey)); - } - EVP_PKEY_free(pubkey); - return; -@@ -1806,6 +1833,7 @@ do_ca_sign(struct passwd *pw, int argc, - #ifdef ENABLE_PKCS11 - pkcs11_terminate(); - #endif -+ free(ca); - exit(0); - } - -Index: openssh-7.8p1/ssh-pkcs11-client.c -=================================================================== ---- openssh-7.8p1.orig/ssh-pkcs11-client.c -+++ openssh-7.8p1/ssh-pkcs11-client.c -@@ -156,12 +156,16 @@ pkcs11_rsa_private_encrypt(int flen, con - static int - wrap_key(RSA *rsa) - { -- static RSA_METHOD helper_rsa; -+ static RSA_METHOD *helper_rsa; - -- memcpy(&helper_rsa, RSA_get_default_method(), sizeof(helper_rsa)); -- helper_rsa.name = "ssh-pkcs11-helper"; -- helper_rsa.rsa_priv_enc = pkcs11_rsa_private_encrypt; -- RSA_set_method(rsa, &helper_rsa); -+ if (helper_rsa == NULL) { -+ helper_rsa = RSA_meth_dup(RSA_get_default_method()); -+ if (helper_rsa == NULL) -+ error("RSA_meth_dup failed"); -+ RSA_meth_set1_name(helper_rsa, "ssh-pkcs11-helper"); -+ RSA_meth_set_priv_enc(helper_rsa, pkcs11_rsa_private_encrypt); -+ } -+ RSA_set_method(rsa, helper_rsa); - return (0); - } - -Index: openssh-7.8p1/ssh-pkcs11.c -=================================================================== ---- openssh-7.8p1.orig/ssh-pkcs11.c -+++ openssh-7.8p1/ssh-pkcs11.c -@@ -67,7 +67,7 @@ struct pkcs11_key { - struct pkcs11_provider *provider; - CK_ULONG slotidx; - int (*orig_finish)(RSA *rsa); -- RSA_METHOD rsa_method; -+ RSA_METHOD *rsa_method; - char *keyid; - int keyid_len; - }; -@@ -183,6 +183,7 @@ pkcs11_rsa_finish(RSA *rsa) - if (k11->provider) - pkcs11_provider_unref(k11->provider); - free(k11->keyid); -+ RSA_meth_free(k11->rsa_method); - free(k11); - } - return (rv); -@@ -326,13 +327,21 @@ pkcs11_rsa_wrap(struct pkcs11_provider * - k11->keyid = xmalloc(k11->keyid_len); - memcpy(k11->keyid, keyid_attrib->pValue, k11->keyid_len); - } -- k11->orig_finish = def->finish; -- memcpy(&k11->rsa_method, def, sizeof(k11->rsa_method)); -- k11->rsa_method.name = "pkcs11"; -- k11->rsa_method.rsa_priv_enc = pkcs11_rsa_private_encrypt; -- k11->rsa_method.rsa_priv_dec = pkcs11_rsa_private_decrypt; -- k11->rsa_method.finish = pkcs11_rsa_finish; -- RSA_set_method(rsa, &k11->rsa_method); -+ k11->orig_finish = RSA_meth_get_finish(def); -+ if ((k11->rsa_method = RSA_meth_dup(def)) == NULL || -+ RSA_meth_set1_name(k11->rsa_method, "pkcs11") == 0 || -+ RSA_meth_set_priv_enc(k11->rsa_method, pkcs11_rsa_private_encrypt) == 0 || -+ RSA_meth_set_priv_dec(k11->rsa_method, pkcs11_rsa_private_decrypt) == 0 || -+ RSA_meth_set_finish(k11->rsa_method, pkcs11_rsa_finish) == 0) { -+ RSA_meth_free(k11->rsa_method); -+ k11->rsa_method = NULL; -+ pkcs11_provider_unref(k11->provider); -+ free(k11->keyid); -+ free(k11); -+ return (-1); -+ } -+ -+ RSA_set_method(rsa, k11->rsa_method); - RSA_set_app_data(rsa, k11); - return (0); - } -@@ -460,6 +469,7 @@ pkcs11_fetch_keys_filter(struct pkcs11_p - CK_ULONG nfound; - CK_SESSION_HANDLE session; - CK_FUNCTION_LIST *f; -+ const BIGNUM *n, *e; - - f = p->function_list; - session = p->slotinfo[slotidx].session; -@@ -512,10 +522,16 @@ pkcs11_fetch_keys_filter(struct pkcs11_p - if ((rsa = RSA_new()) == NULL) { - error("RSA_new failed"); - } else { -- rsa->n = BN_bin2bn(attribs[1].pValue, -+ BIGNUM *rsa_n, *rsa_e; -+ -+ rsa_n = BN_bin2bn(attribs[1].pValue, - attribs[1].ulValueLen, NULL); -- rsa->e = BN_bin2bn(attribs[2].pValue, -+ rsa_e = BN_bin2bn(attribs[2].pValue, - attribs[2].ulValueLen, NULL); -+ if (rsa_n == NULL || rsa_e == NULL) -+ error("BN_bin2bn failed"); -+ if (RSA_set0_key(rsa, rsa_n, rsa_e, NULL) == 0) -+ error("RSA_set0_key failed"); - } - } else { - cp = attribs[2].pValue; -@@ -525,16 +541,18 @@ pkcs11_fetch_keys_filter(struct pkcs11_p - == NULL) { - error("d2i_X509 failed"); - } else if ((evp = X509_get_pubkey(x509)) == NULL || -- evp->type != EVP_PKEY_RSA || -- evp->pkey.rsa == NULL) { -+ EVP_PKEY_id(evp) != EVP_PKEY_RSA || -+ EVP_PKEY_get0_RSA(evp) == NULL) { - debug("X509_get_pubkey failed or no rsa"); -- } else if ((rsa = RSAPublicKey_dup(evp->pkey.rsa)) -+ } else if ((rsa = RSAPublicKey_dup(EVP_PKEY_get0_RSA(evp))) - == NULL) { - error("RSAPublicKey_dup"); - } - X509_free(x509); - } -- if (rsa && rsa->n && rsa->e && -+ if (rsa) -+ RSA_get0_key(rsa, &n, &e, NULL); -+ if (rsa && n && e && - pkcs11_rsa_wrap(p, slotidx, &attribs[0], rsa) == 0) { - if ((key = sshkey_new(KEY_UNSPEC)) == NULL) - fatal("sshkey_new failed"); -Index: openssh-7.8p1/ssh-rsa.c -=================================================================== ---- openssh-7.8p1.orig/ssh-rsa.c -+++ openssh-7.8p1/ssh-rsa.c -@@ -104,38 +104,50 @@ rsa_hash_alg_nid(int type) - } - - int --ssh_rsa_generate_additional_parameters(struct sshkey *key) -+ssh_rsa_generate_additional_parameters(struct sshkey *key, BIGNUM *iqmp) - { - BIGNUM *aux = NULL; - BN_CTX *ctx = NULL; -- BIGNUM d; -+ BIGNUM *d = NULL; - int r; -+ const BIGNUM *p, *q, *rsa_d; -+ BIGNUM *dmp1 = NULL, *dmq1 = NULL; - - if (key == NULL || key->rsa == NULL || - sshkey_type_plain(key->type) != KEY_RSA) - return SSH_ERR_INVALID_ARGUMENT; - -- if ((ctx = BN_CTX_new()) == NULL) -- return SSH_ERR_ALLOC_FAIL; -- if ((aux = BN_new()) == NULL) { -+ RSA_get0_factors(key->rsa, &p, &q); -+ RSA_get0_key(key->rsa, NULL, NULL, &rsa_d); -+ -+ if ((ctx = BN_CTX_new()) == NULL || -+ (aux = BN_new()) == NULL || -+ (d = BN_new()) == NULL || -+ (dmp1 = BN_new()) == NULL || -+ (dmq1 = BN_new()) == NULL) { - r = SSH_ERR_ALLOC_FAIL; - goto out; - } - BN_set_flags(aux, BN_FLG_CONSTTIME); - -- BN_init(&d); -- BN_with_flags(&d, key->rsa->d, BN_FLG_CONSTTIME); -+ BN_with_flags(d, rsa_d, BN_FLG_CONSTTIME); - -- if ((BN_sub(aux, key->rsa->q, BN_value_one()) == 0) || -- (BN_mod(key->rsa->dmq1, &d, aux, ctx) == 0) || -- (BN_sub(aux, key->rsa->p, BN_value_one()) == 0) || -- (BN_mod(key->rsa->dmp1, &d, aux, ctx) == 0)) { -+ if ((BN_sub(aux, q, BN_value_one()) == 0) || -+ (BN_mod(dmq1, d, aux, ctx) == 0) || -+ (BN_sub(aux, p, BN_value_one()) == 0) || -+ (BN_mod(dmp1, d, aux, ctx) == 0) || -+ (RSA_set0_crt_params(key->rsa, dmp1, dmq1, iqmp) == 0)) { - r = SSH_ERR_LIBCRYPTO_ERROR; - goto out; - } -+ dmp1 = NULL; -+ dmq1 = NULL; - r = 0; - out: -+ BN_free(d); - BN_clear_free(aux); -+ BN_clear_free(dmp1); -+ BN_clear_free(dmq1); - BN_CTX_free(ctx); - return r; - } -@@ -163,7 +175,7 @@ ssh_rsa_sign(const struct sshkey *key, u - if (key == NULL || key->rsa == NULL || hash_alg == -1 || - sshkey_type_plain(key->type) != KEY_RSA) - return SSH_ERR_INVALID_ARGUMENT; -- if (BN_num_bits(key->rsa->n) < SSH_RSA_MINIMUM_MODULUS_SIZE) -+ if (RSA_bits(key->rsa) < SSH_RSA_MINIMUM_MODULUS_SIZE) - return SSH_ERR_KEY_LENGTH; - slen = RSA_size(key->rsa); - if (slen <= 0 || slen > SSHBUF_MAX_BIGNUM) -@@ -235,7 +247,7 @@ ssh_rsa_verify(const struct sshkey *key, - sshkey_type_plain(key->type) != KEY_RSA || - sig == NULL || siglen == 0) - return SSH_ERR_INVALID_ARGUMENT; -- if (BN_num_bits(key->rsa->n) < SSH_RSA_MINIMUM_MODULUS_SIZE) -+ if (RSA_bits(key->rsa) < SSH_RSA_MINIMUM_MODULUS_SIZE) - return SSH_ERR_KEY_LENGTH; - - if ((b = sshbuf_from(sig, siglen)) == NULL) -Index: openssh-7.8p1/sshconnect.c -=================================================================== ---- openssh-7.8p1.orig/sshconnect.c -+++ openssh-7.8p1/sshconnect.c -@@ -1399,6 +1399,7 @@ ssh_login(Sensitive *sensitive, const ch - char *server_user, *local_user; - - local_user = xstrdup(pw->pw_name); -+ free(pw); - server_user = options.user ? options.user : local_user; - - /* Convert the user-supplied hostname into all lowercase. */ -Index: openssh-7.8p1/sshkey.c -=================================================================== ---- openssh-7.8p1.orig/sshkey.c -+++ openssh-7.8p1/sshkey.c -@@ -293,10 +293,10 @@ sshkey_size(const struct sshkey *k) - #ifdef WITH_OPENSSL - case KEY_RSA: - case KEY_RSA_CERT: -- return BN_num_bits(k->rsa->n); -+ return RSA_bits(k->rsa); - case KEY_DSA: - case KEY_DSA_CERT: -- return BN_num_bits(k->dsa->p); -+ return DSA_bits(k->dsa); - case KEY_ECDSA: - case KEY_ECDSA_CERT: - return sshkey_curve_nid_to_bits(k->ecdsa_nid); -@@ -325,6 +325,31 @@ sshkey_type_is_valid_ca(int type) - } - } - -+ -+static int -+sshkey_is_private_rsa(const RSA *r) -+{ -+ const BIGNUM *d; -+ int rv; -+ -+ RSA_get0_key(r, NULL, NULL, &d); -+ rv = (d != NULL); -+ d = NULL; -+ return rv; -+} -+ -+static int -+sshkey_is_private_dsa(const DSA *d) -+{ -+ const BIGNUM *priv_key; -+ int rv; -+ -+ DSA_get0_key(d, NULL, &priv_key); -+ rv = (priv_key != NULL); -+ priv_key = NULL; -+ return rv; -+} -+ - int - sshkey_is_private(const struct sshkey *k) - { -@@ -332,10 +357,10 @@ sshkey_is_private(const struct sshkey *k - #ifdef WITH_OPENSSL - case KEY_RSA_CERT: - case KEY_RSA: -- return k->rsa->d != NULL; -+ return sshkey_is_private_rsa(k->rsa); - case KEY_DSA_CERT: - case KEY_DSA: -- return k->dsa->priv_key != NULL; -+ return sshkey_is_private_dsa(k->dsa); - #ifdef OPENSSL_HAS_ECC - case KEY_ECDSA_CERT: - case KEY_ECDSA: -@@ -527,10 +552,7 @@ sshkey_new(int type) - #ifdef WITH_OPENSSL - case KEY_RSA: - case KEY_RSA_CERT: -- if ((rsa = RSA_new()) == NULL || -- (rsa->n = BN_new()) == NULL || -- (rsa->e = BN_new()) == NULL) { -- RSA_free(rsa); -+ if ((rsa = RSA_new()) == NULL) { - free(k); - return NULL; - } -@@ -538,12 +560,7 @@ sshkey_new(int type) - break; - case KEY_DSA: - case KEY_DSA_CERT: -- if ((dsa = DSA_new()) == NULL || -- (dsa->p = BN_new()) == NULL || -- (dsa->q = BN_new()) == NULL || -- (dsa->g = BN_new()) == NULL || -- (dsa->pub_key = BN_new()) == NULL) { -- DSA_free(dsa); -+ if ((dsa = DSA_new()) == NULL) { - free(k); - return NULL; - } -@@ -584,21 +601,10 @@ sshkey_add_private(struct sshkey *k) - #ifdef WITH_OPENSSL - case KEY_RSA: - case KEY_RSA_CERT: --#define bn_maybe_alloc_failed(p) (p == NULL && (p = BN_new()) == NULL) -- if (bn_maybe_alloc_failed(k->rsa->d) || -- bn_maybe_alloc_failed(k->rsa->iqmp) || -- bn_maybe_alloc_failed(k->rsa->q) || -- bn_maybe_alloc_failed(k->rsa->p) || -- bn_maybe_alloc_failed(k->rsa->dmq1) || -- bn_maybe_alloc_failed(k->rsa->dmp1)) -- return SSH_ERR_ALLOC_FAIL; - break; - case KEY_DSA: - case KEY_DSA_CERT: -- if (bn_maybe_alloc_failed(k->dsa->priv_key)) -- return SSH_ERR_ALLOC_FAIL; - break; --#undef bn_maybe_alloc_failed - case KEY_ECDSA: - case KEY_ECDSA_CERT: - /* Cannot do anything until we know the group */ -@@ -721,17 +727,31 @@ sshkey_equal_public(const struct sshkey - switch (a->type) { - #ifdef WITH_OPENSSL - case KEY_RSA_CERT: -- case KEY_RSA: -- return a->rsa != NULL && b->rsa != NULL && -- BN_cmp(a->rsa->e, b->rsa->e) == 0 && -- BN_cmp(a->rsa->n, b->rsa->n) == 0; -+ case KEY_RSA: { -+ const BIGNUM *a_e, *a_n, *b_e, *b_n; -+ -+ if (a->rsa == NULL || b->rsa == NULL) -+ return 0; -+ RSA_get0_key(a->rsa, &a_n, &a_e, NULL); -+ RSA_get0_key(b->rsa, &b_n, &b_e, NULL); -+ return BN_cmp(a_e, b_e) == 0 && BN_cmp(a_n, b_n) == 0; -+ } - case KEY_DSA_CERT: -- case KEY_DSA: -- return a->dsa != NULL && b->dsa != NULL && -- BN_cmp(a->dsa->p, b->dsa->p) == 0 && -- BN_cmp(a->dsa->q, b->dsa->q) == 0 && -- BN_cmp(a->dsa->g, b->dsa->g) == 0 && -- BN_cmp(a->dsa->pub_key, b->dsa->pub_key) == 0; -+ case KEY_DSA: { -+ const BIGNUM *a_p, *a_q, *a_g, *a_pub_key; -+ const BIGNUM *b_p, *b_q, *b_g, *b_pub_key; -+ -+ if (a->dsa == NULL || b->dsa == NULL) -+ return 0; -+ DSA_get0_pqg(a->dsa, &a_p, &a_q, &a_g); -+ DSA_get0_key(a->dsa, &a_pub_key, NULL); -+ DSA_get0_pqg(b->dsa, &b_p, &b_q, &b_g); -+ DSA_get0_key(b->dsa, &b_pub_key, NULL); -+ return BN_cmp(a_p, b_p) == 0 && -+ BN_cmp(a_q, b_q) == 0 && -+ BN_cmp(a_g, b_g) == 0 && -+ BN_cmp(a_pub_key, b_pub_key) == 0; -+ } - # ifdef OPENSSL_HAS_ECC - case KEY_ECDSA_CERT: - case KEY_ECDSA: -@@ -817,15 +837,21 @@ to_blob_buf(const struct sshkey *key, st - return ret; - break; - #ifdef WITH_OPENSSL -- case KEY_DSA: -- if (key->dsa == NULL) -- return SSH_ERR_INVALID_ARGUMENT; -- if ((ret = sshbuf_put_cstring(b, typename)) != 0 || -- (ret = sshbuf_put_bignum2(b, key->dsa->p)) != 0 || -- (ret = sshbuf_put_bignum2(b, key->dsa->q)) != 0 || -- (ret = sshbuf_put_bignum2(b, key->dsa->g)) != 0 || -- (ret = sshbuf_put_bignum2(b, key->dsa->pub_key)) != 0) -- return ret; -+ case KEY_DSA: { -+ const BIGNUM *p, *q, *g, *pub_key; -+ -+ if (key->dsa == NULL) -+ return SSH_ERR_INVALID_ARGUMENT; -+ -+ DSA_get0_pqg(key->dsa, &p, &q, &g); -+ DSA_get0_key(key->dsa, &pub_key, NULL); -+ if ((ret = sshbuf_put_cstring(b, typename)) != 0 || -+ (ret = sshbuf_put_bignum2(b, p)) != 0 || -+ (ret = sshbuf_put_bignum2(b, q)) != 0 || -+ (ret = sshbuf_put_bignum2(b, g)) != 0 || -+ (ret = sshbuf_put_bignum2(b, pub_key)) != 0) -+ return ret; -+ } - break; - # ifdef OPENSSL_HAS_ECC - case KEY_ECDSA: -@@ -838,13 +864,18 @@ to_blob_buf(const struct sshkey *key, st - return ret; - break; - # endif -- case KEY_RSA: -- if (key->rsa == NULL) -- return SSH_ERR_INVALID_ARGUMENT; -- if ((ret = sshbuf_put_cstring(b, typename)) != 0 || -- (ret = sshbuf_put_bignum2(b, key->rsa->e)) != 0 || -- (ret = sshbuf_put_bignum2(b, key->rsa->n)) != 0) -- return ret; -+ case KEY_RSA: { -+ const BIGNUM *e, *n; -+ -+ if (key->rsa == NULL) -+ return SSH_ERR_INVALID_ARGUMENT; -+ -+ RSA_get0_key(key->rsa, &n, &e, NULL); -+ if ((ret = sshbuf_put_cstring(b, typename)) != 0 || -+ (ret = sshbuf_put_bignum2(b, e)) != 0 || -+ (ret = sshbuf_put_bignum2(b, n)) != 0) -+ return ret; -+ } - break; - #endif /* WITH_OPENSSL */ - case KEY_ED25519: -@@ -1782,15 +1813,32 @@ sshkey_from_private(const struct sshkey - switch (k->type) { - #ifdef WITH_OPENSSL - case KEY_DSA: -- case KEY_DSA_CERT: -- if ((n = sshkey_new(k->type)) == NULL) -- return SSH_ERR_ALLOC_FAIL; -- if ((BN_copy(n->dsa->p, k->dsa->p) == NULL) || -- (BN_copy(n->dsa->q, k->dsa->q) == NULL) || -- (BN_copy(n->dsa->g, k->dsa->g) == NULL) || -- (BN_copy(n->dsa->pub_key, k->dsa->pub_key) == NULL)) { -- sshkey_free(n); -- return SSH_ERR_ALLOC_FAIL; -+ case KEY_DSA_CERT: { -+ const BIGNUM *k_p, *k_q, *k_g, *k_pub_key; -+ BIGNUM *n_p = NULL, *n_q = NULL, *n_g = NULL, *n_pub_key = NULL; -+ -+ if ((n = sshkey_new(k->type)) == NULL) -+ return SSH_ERR_ALLOC_FAIL; -+ -+ DSA_get0_pqg(k->dsa, &k_p, &k_q, &k_g); -+ DSA_get0_key(k->dsa, &k_pub_key, NULL); -+ -+ if (((n_p = BN_dup(k_p)) == NULL) || -+ ((n_q = BN_dup(k_q)) == NULL) || -+ ((n_g = BN_dup(k_g)) == NULL) || -+ (DSA_set0_pqg(n->dsa, n_p, n_q, n_g) == 0)) { -+ sshkey_free(n); -+ BN_free(n_p); -+ BN_free(n_q); -+ BN_free(n_g); -+ return SSH_ERR_ALLOC_FAIL; -+ } -+ if (((n_pub_key = BN_dup(k_pub_key)) == NULL) || -+ (DSA_set0_key(n->dsa, n_pub_key, NULL) == 0)) { -+ sshkey_free(n); -+ BN_free(n_pub_key); -+ return SSH_ERR_ALLOC_FAIL; -+ } - } - break; - # ifdef OPENSSL_HAS_ECC -@@ -1812,13 +1860,22 @@ sshkey_from_private(const struct sshkey - break; - # endif /* OPENSSL_HAS_ECC */ - case KEY_RSA: -- case KEY_RSA_CERT: -- if ((n = sshkey_new(k->type)) == NULL) -- return SSH_ERR_ALLOC_FAIL; -- if ((BN_copy(n->rsa->n, k->rsa->n) == NULL) || -- (BN_copy(n->rsa->e, k->rsa->e) == NULL)) { -- sshkey_free(n); -- return SSH_ERR_ALLOC_FAIL; -+ case KEY_RSA_CERT: { -+ const BIGNUM *k_n, *k_e; -+ BIGNUM *n_n = NULL, *n_e = NULL; -+ -+ if ((n = sshkey_new(k->type)) == NULL) -+ return SSH_ERR_ALLOC_FAIL; -+ -+ RSA_get0_key(k->rsa, &k_n, &k_e, NULL); -+ if (((n_n = BN_dup(k_n)) == NULL) || -+ ((n_e = BN_dup(k_e)) == NULL) || -+ RSA_set0_key(n->rsa, n_n, n_e, NULL) == 0) { -+ sshkey_free(n); -+ BN_free(n_n); -+ BN_free(n_e); -+ return SSH_ERR_ALLOC_FAIL; -+ } - } - break; - #endif /* WITH_OPENSSL */ -@@ -2040,12 +2097,22 @@ sshkey_from_blob_internal(struct sshbuf - ret = SSH_ERR_ALLOC_FAIL; - goto out; - } -- if (sshbuf_get_bignum2(b, key->rsa->e) != 0 || -- sshbuf_get_bignum2(b, key->rsa->n) != 0) { -- ret = SSH_ERR_INVALID_FORMAT; -- goto out; -+ { -+ BIGNUM *e, *n; -+ -+ e = BN_new(); -+ n = BN_new(); -+ if (e == NULL || n == NULL || -+ sshbuf_get_bignum2(b, e) != 0 || -+ sshbuf_get_bignum2(b, n) != 0 || -+ RSA_set0_key(key->rsa, n, e, NULL) == 0) { -+ BN_free(e); -+ BN_free(n); -+ ret = SSH_ERR_ALLOC_FAIL; -+ goto out; -+ } - } -- if (BN_num_bits(key->rsa->n) < SSH_RSA_MINIMUM_MODULUS_SIZE) { -+ if (RSA_bits(key->rsa) < SSH_RSA_MINIMUM_MODULUS_SIZE) { - ret = SSH_ERR_KEY_LENGTH; - goto out; - } -@@ -2065,12 +2132,34 @@ sshkey_from_blob_internal(struct sshbuf - ret = SSH_ERR_ALLOC_FAIL; - goto out; - } -- if (sshbuf_get_bignum2(b, key->dsa->p) != 0 || -- sshbuf_get_bignum2(b, key->dsa->q) != 0 || -- sshbuf_get_bignum2(b, key->dsa->g) != 0 || -- sshbuf_get_bignum2(b, key->dsa->pub_key) != 0) { -- ret = SSH_ERR_INVALID_FORMAT; -- goto out; -+ { -+ BIGNUM *p, *q, *g, *pub_key; -+ -+ p = BN_new(); -+ q = BN_new(); -+ g = BN_new(); -+ pub_key = BN_new(); -+ -+ if (p == NULL || q == NULL || g == NULL || -+ pub_key == NULL || -+ sshbuf_get_bignum2(b, p) != 0 || -+ sshbuf_get_bignum2(b, q) != 0 || -+ sshbuf_get_bignum2(b, g) != 0 || -+ sshbuf_get_bignum2(b, pub_key) != 0 || -+ DSA_set0_pqg(key->dsa, p, q, g) == 0) { -+ BN_free(p); -+ BN_free(q); -+ BN_free(g); -+ BN_free(pub_key); -+ ret = SSH_ERR_ALLOC_FAIL; -+ goto out; -+ } -+ -+ if (DSA_set0_key(key->dsa, pub_key, NULL) == 0) { -+ BN_free(pub_key); -+ ret = SSH_ERR_LIBCRYPTO_ERROR; -+ goto out; -+ } - } - #ifdef DEBUG_PK - DSA_print_fp(stderr, key->dsa, 8); -@@ -2415,26 +2504,53 @@ sshkey_demote(const struct sshkey *k, st - if ((ret = sshkey_cert_copy(k, pk)) != 0) - goto fail; - /* FALLTHROUGH */ -- case KEY_RSA: -- if ((pk->rsa = RSA_new()) == NULL || -- (pk->rsa->e = BN_dup(k->rsa->e)) == NULL || -- (pk->rsa->n = BN_dup(k->rsa->n)) == NULL) { -- ret = SSH_ERR_ALLOC_FAIL; -- goto fail; -+ case KEY_RSA: { -+ const BIGNUM *k_e, *k_n; -+ BIGNUM *pk_e = NULL, *pk_n = NULL; -+ -+ RSA_get0_key(k->rsa, &k_n, &k_e, NULL); -+ if ((pk->rsa = RSA_new()) == NULL || -+ (pk_e = BN_dup(k_e)) == NULL || -+ (pk_n = BN_dup(k_n)) == NULL || -+ RSA_set0_key(pk->rsa, pk_n, pk_e, NULL) == 0) { -+ BN_free(pk_e); -+ BN_free(pk_n); -+ ret = SSH_ERR_ALLOC_FAIL; -+ goto fail; - } -+ } - break; - case KEY_DSA_CERT: - if ((ret = sshkey_cert_copy(k, pk)) != 0) - goto fail; - /* FALLTHROUGH */ -- case KEY_DSA: -- if ((pk->dsa = DSA_new()) == NULL || -- (pk->dsa->p = BN_dup(k->dsa->p)) == NULL || -- (pk->dsa->q = BN_dup(k->dsa->q)) == NULL || -- (pk->dsa->g = BN_dup(k->dsa->g)) == NULL || -- (pk->dsa->pub_key = BN_dup(k->dsa->pub_key)) == NULL) { -- ret = SSH_ERR_ALLOC_FAIL; -- goto fail; -+ case KEY_DSA: { -+ const BIGNUM *k_p, *k_q, *k_g, *k_pub_key; -+ BIGNUM *pk_p = NULL, *pk_q = NULL, *pk_g = NULL; -+ BIGNUM *pk_pub_key = NULL; -+ -+ DSA_get0_pqg(k->dsa, &k_p, &k_q, &k_g); -+ DSA_get0_key(k->dsa, &k_pub_key, NULL); -+ -+ if ((pk->dsa = DSA_new()) == NULL || -+ (pk_p = BN_dup(k_p)) == NULL || -+ (pk_q = BN_dup(k_q)) == NULL || -+ (pk_g = BN_dup(k_g)) == NULL || -+ (pk_pub_key = BN_dup(k_pub_key)) == NULL || -+ DSA_set0_pqg(pk->dsa, pk_p, pk_q, pk_g) == 0) { -+ BN_free(pk_p); -+ BN_free(pk_q); -+ BN_free(pk_g); -+ BN_free(pk_pub_key); -+ ret = SSH_ERR_ALLOC_FAIL; -+ goto fail; -+ } -+ -+ if (DSA_set0_key(pk->dsa, pk_pub_key, NULL) == 0) { -+ BN_free(pk_pub_key); -+ ret = SSH_ERR_LIBCRYPTO_ERROR; -+ goto fail; -+ } - } - break; - case KEY_ECDSA_CERT: -@@ -2584,12 +2700,17 @@ sshkey_certify_custom(struct sshkey *k, - /* XXX this substantially duplicates to_blob(); refactor */ - switch (k->type) { - #ifdef WITH_OPENSSL -- case KEY_DSA_CERT: -- if ((ret = sshbuf_put_bignum2(cert, k->dsa->p)) != 0 || -- (ret = sshbuf_put_bignum2(cert, k->dsa->q)) != 0 || -- (ret = sshbuf_put_bignum2(cert, k->dsa->g)) != 0 || -- (ret = sshbuf_put_bignum2(cert, k->dsa->pub_key)) != 0) -- goto out; -+ case KEY_DSA_CERT: { -+ const BIGNUM *p, *q, *g, *pub_key; -+ -+ DSA_get0_pqg(k->dsa, &p, &q, &g); -+ DSA_get0_key(k->dsa, &pub_key, NULL); -+ if ((ret = sshbuf_put_bignum2(cert, p)) != 0 || -+ (ret = sshbuf_put_bignum2(cert, q)) != 0 || -+ (ret = sshbuf_put_bignum2(cert, g)) != 0 || -+ (ret = sshbuf_put_bignum2(cert, pub_key)) != 0) -+ goto out; -+ } - break; - # ifdef OPENSSL_HAS_ECC - case KEY_ECDSA_CERT: -@@ -2601,10 +2722,15 @@ sshkey_certify_custom(struct sshkey *k, - goto out; - break; - # endif /* OPENSSL_HAS_ECC */ -- case KEY_RSA_CERT: -- if ((ret = sshbuf_put_bignum2(cert, k->rsa->e)) != 0 || -- (ret = sshbuf_put_bignum2(cert, k->rsa->n)) != 0) -- goto out; -+ case KEY_RSA_CERT: { -+ const BIGNUM *e, *n; -+ -+ RSA_get0_key(k->rsa, &n, &e, NULL); -+ if (e == NULL || n == NULL || -+ (ret = sshbuf_put_bignum2(cert, e)) != 0 || -+ (ret = sshbuf_put_bignum2(cert, n)) != 0) -+ goto out; -+ } - break; - #endif /* WITH_OPENSSL */ - case KEY_ED25519_CERT: -@@ -2790,43 +2916,65 @@ sshkey_private_serialize_opt(const struc - goto out; - switch (key->type) { - #ifdef WITH_OPENSSL -- case KEY_RSA: -- if ((r = sshbuf_put_bignum2(b, key->rsa->n)) != 0 || -- (r = sshbuf_put_bignum2(b, key->rsa->e)) != 0 || -- (r = sshbuf_put_bignum2(b, key->rsa->d)) != 0 || -- (r = sshbuf_put_bignum2(b, key->rsa->iqmp)) != 0 || -- (r = sshbuf_put_bignum2(b, key->rsa->p)) != 0 || -- (r = sshbuf_put_bignum2(b, key->rsa->q)) != 0) -- goto out; -+ case KEY_RSA: { -+ const BIGNUM *n, *e, *d, *iqmp, *p, *q; -+ RSA_get0_key(key->rsa, &n, &e, &d); -+ RSA_get0_crt_params(key->rsa, NULL, NULL, &iqmp); -+ RSA_get0_factors(key->rsa, &p, &q); -+ if ((r = sshbuf_put_bignum2(b, n)) != 0 || -+ (r = sshbuf_put_bignum2(b, e)) != 0 || -+ (r = sshbuf_put_bignum2(b, d)) != 0 || -+ (r = sshbuf_put_bignum2(b, iqmp)) != 0 || -+ (r = sshbuf_put_bignum2(b, p)) != 0 || -+ (r = sshbuf_put_bignum2(b, q)) != 0) -+ goto out; -+ } - break; - case KEY_RSA_CERT: - if (key->cert == NULL || sshbuf_len(key->cert->certblob) == 0) { - r = SSH_ERR_INVALID_ARGUMENT; - goto out; - } -- if ((r = sshbuf_put_stringb(b, key->cert->certblob)) != 0 || -- (r = sshbuf_put_bignum2(b, key->rsa->d)) != 0 || -- (r = sshbuf_put_bignum2(b, key->rsa->iqmp)) != 0 || -- (r = sshbuf_put_bignum2(b, key->rsa->p)) != 0 || -- (r = sshbuf_put_bignum2(b, key->rsa->q)) != 0) -- goto out; -+ { -+ const BIGNUM *d, *iqmp, *p, *q; -+ -+ RSA_get0_key(key->rsa, NULL, NULL, &d); -+ RSA_get0_factors(key->rsa, &p, &q); -+ RSA_get0_crt_params(key->rsa, NULL, NULL, &iqmp); -+ if ((r = sshbuf_put_stringb(b, key->cert->certblob)) != 0 || -+ (r = sshbuf_put_bignum2(b, d)) != 0 || -+ (r = sshbuf_put_bignum2(b, iqmp)) != 0 || -+ (r = sshbuf_put_bignum2(b, p)) != 0 || -+ (r = sshbuf_put_bignum2(b, q)) != 0) -+ goto out; -+ } - break; -- case KEY_DSA: -- if ((r = sshbuf_put_bignum2(b, key->dsa->p)) != 0 || -- (r = sshbuf_put_bignum2(b, key->dsa->q)) != 0 || -- (r = sshbuf_put_bignum2(b, key->dsa->g)) != 0 || -- (r = sshbuf_put_bignum2(b, key->dsa->pub_key)) != 0 || -- (r = sshbuf_put_bignum2(b, key->dsa->priv_key)) != 0) -- goto out; -+ case KEY_DSA: { -+ const BIGNUM *p, *q, *g, *pub_key, *priv_key; -+ -+ DSA_get0_pqg(key->dsa, &p, &q, &g); -+ DSA_get0_key(key->dsa, &pub_key, &priv_key); -+ if ((r = sshbuf_put_bignum2(b, p)) != 0 || -+ (r = sshbuf_put_bignum2(b, q)) != 0 || -+ (r = sshbuf_put_bignum2(b, g)) != 0 || -+ (r = sshbuf_put_bignum2(b, pub_key)) != 0 || -+ (r = sshbuf_put_bignum2(b, priv_key)) != 0) -+ goto out; -+ } - break; - case KEY_DSA_CERT: - if (key->cert == NULL || sshbuf_len(key->cert->certblob) == 0) { - r = SSH_ERR_INVALID_ARGUMENT; - goto out; - } -- if ((r = sshbuf_put_stringb(b, key->cert->certblob)) != 0 || -- (r = sshbuf_put_bignum2(b, key->dsa->priv_key)) != 0) -- goto out; -+ { -+ const BIGNUM *priv_key; -+ -+ DSA_get0_key(key->dsa, NULL, &priv_key); -+ if ((r = sshbuf_put_stringb(b, key->cert->certblob)) != 0 || -+ (r = sshbuf_put_bignum2(b, priv_key)) != 0) -+ goto out; -+ } - break; - # ifdef OPENSSL_HAS_ECC - case KEY_ECDSA: -@@ -2940,18 +3088,51 @@ sshkey_private_deserialize(struct sshbuf - r = SSH_ERR_ALLOC_FAIL; - goto out; - } -- if ((r = sshbuf_get_bignum2(buf, k->dsa->p)) != 0 || -- (r = sshbuf_get_bignum2(buf, k->dsa->q)) != 0 || -- (r = sshbuf_get_bignum2(buf, k->dsa->g)) != 0 || -- (r = sshbuf_get_bignum2(buf, k->dsa->pub_key)) != 0 || -- (r = sshbuf_get_bignum2(buf, k->dsa->priv_key)) != 0) -- goto out; -+ { -+ BIGNUM *p, *q, *g, *pub_key, *priv_key; -+ -+ p = BN_new(); -+ q = BN_new(); -+ g = BN_new(); -+ pub_key = BN_new(); -+ priv_key = BN_new(); -+ if (p == NULL || q == NULL || g == NULL || -+ pub_key == NULL || priv_key == NULL || -+ (r = sshbuf_get_bignum2(buf, p)) != 0 || -+ (r = sshbuf_get_bignum2(buf, q)) != 0 || -+ (r = sshbuf_get_bignum2(buf, g)) != 0 || -+ (r = sshbuf_get_bignum2(buf, pub_key)) != 0 || -+ (r = sshbuf_get_bignum2(buf, priv_key)) != 0 || -+ (r = ((DSA_set0_pqg(k->dsa, p, q, g) == 0) -+ ? SSH_ERR_LIBCRYPTO_ERROR : 0)) != 0) { -+ BN_free(p); -+ BN_free(q); -+ BN_free(g); -+ BN_free(pub_key); -+ BN_free(priv_key); -+ goto out; -+ } -+ if (DSA_set0_key(k->dsa, pub_key, priv_key) == 0) { -+ r = SSH_ERR_LIBCRYPTO_ERROR; -+ BN_free(pub_key); -+ BN_free(priv_key); -+ goto out; -+ } -+ } - break; -- case KEY_DSA_CERT: -- if ((r = sshkey_froms(buf, &k)) != 0 || -- (r = sshkey_add_private(k)) != 0 || -- (r = sshbuf_get_bignum2(buf, k->dsa->priv_key)) != 0) -- goto out; -+ case KEY_DSA_CERT: { -+ BIGNUM *priv_key = BN_new(); -+ -+ if (priv_key == NULL || -+ (r = sshkey_froms(buf, &k)) != 0 || -+ (r = sshkey_add_private(k)) != 0 || -+ (r = sshbuf_get_bignum2(buf, priv_key)) != 0 || -+ (r = ((DSA_set0_key(k->dsa, NULL, priv_key) == 0) -+ ? SSH_ERR_LIBCRYPTO_ERROR : 0)) != 0) { -+ BN_free(priv_key); -+ goto out; -+ } -+ } - break; - # ifdef OPENSSL_HAS_ECC - case KEY_ECDSA: -@@ -3010,29 +3191,89 @@ sshkey_private_deserialize(struct sshbuf - r = SSH_ERR_ALLOC_FAIL; - goto out; - } -- if ((r = sshbuf_get_bignum2(buf, k->rsa->n)) != 0 || -- (r = sshbuf_get_bignum2(buf, k->rsa->e)) != 0 || -- (r = sshbuf_get_bignum2(buf, k->rsa->d)) != 0 || -- (r = sshbuf_get_bignum2(buf, k->rsa->iqmp)) != 0 || -- (r = sshbuf_get_bignum2(buf, k->rsa->p)) != 0 || -- (r = sshbuf_get_bignum2(buf, k->rsa->q)) != 0 || -- (r = ssh_rsa_generate_additional_parameters(k)) != 0) -- goto out; -- if (BN_num_bits(k->rsa->n) < SSH_RSA_MINIMUM_MODULUS_SIZE) { -+ { -+ BIGNUM *n, *e, *d, *iqmp, *p, *q; -+ -+ n = BN_new(); -+ e = BN_new(); -+ d = BN_new(); -+ iqmp = BN_new(); -+ p = BN_new(); -+ q = BN_new(); -+ -+ if (n == NULL || e == NULL || d == NULL || -+ iqmp == NULL || p == NULL || q == NULL || -+ (r = sshbuf_get_bignum2(buf, n)) != 0 || -+ (r = sshbuf_get_bignum2(buf, e)) != 0 || -+ (r = sshbuf_get_bignum2(buf, d)) != 0 || -+ (r = sshbuf_get_bignum2(buf, iqmp)) != 0 || -+ (r = sshbuf_get_bignum2(buf, p)) != 0 || -+ (r = sshbuf_get_bignum2(buf, q)) != 0 || -+ (r = ((RSA_set0_key(k->rsa, n, e, d) == 0) -+ ? SSH_ERR_LIBCRYPTO_ERROR : 0)) != 0) { -+ BN_free(n); -+ BN_free(e); -+ BN_free(d); -+ BN_free(iqmp); -+ BN_free(p); -+ BN_free(q); -+ goto out; -+ } -+ if (RSA_set0_factors(k->rsa, p, q) == 0) { -+ r = SSH_ERR_LIBCRYPTO_ERROR; -+ BN_free(iqmp); -+ BN_free(p); -+ BN_free(q); -+ goto out; -+ } -+ if ((r = ssh_rsa_generate_additional_parameters(k, iqmp)) != 0) { -+ BN_free(iqmp); -+ goto out; -+ } -+ } -+ if (RSA_bits(k->rsa) < SSH_RSA_MINIMUM_MODULUS_SIZE) { - r = SSH_ERR_KEY_LENGTH; - goto out; - } - break; -- case KEY_RSA_CERT: -- if ((r = sshkey_froms(buf, &k)) != 0 || -- (r = sshkey_add_private(k)) != 0 || -- (r = sshbuf_get_bignum2(buf, k->rsa->d)) != 0 || -- (r = sshbuf_get_bignum2(buf, k->rsa->iqmp)) != 0 || -- (r = sshbuf_get_bignum2(buf, k->rsa->p)) != 0 || -- (r = sshbuf_get_bignum2(buf, k->rsa->q)) != 0 || -- (r = ssh_rsa_generate_additional_parameters(k)) != 0) -- goto out; -- if (BN_num_bits(k->rsa->n) < SSH_RSA_MINIMUM_MODULUS_SIZE) { -+ case KEY_RSA_CERT: { -+ BIGNUM *d, *iqmp, *p, *q; -+ -+ /* N and E are already set so make sure we will not overwrite them */ -+ d = BN_new(); -+ iqmp = BN_new(); -+ p = BN_new(); -+ q = BN_new(); -+ -+ if (d == NULL || iqmp == NULL || p == NULL || -+ q == NULL || -+ (r = sshkey_froms(buf, &k)) != 0 || -+ (r = sshkey_add_private(k)) != 0 || -+ (r = sshbuf_get_bignum2(buf, d)) != 0 || -+ (r = sshbuf_get_bignum2(buf, iqmp)) != 0 || -+ (r = sshbuf_get_bignum2(buf, p)) != 0 || -+ (r = sshbuf_get_bignum2(buf, q)) != 0 || -+ (r = ((RSA_set0_key(k->rsa, NULL, NULL, d) == 0) -+ ? SSH_ERR_LIBCRYPTO_ERROR : 0)) != 0) { -+ BN_free(d); -+ BN_free(iqmp); -+ BN_free(p); -+ BN_free(q); -+ goto out; -+ } -+ if (RSA_set0_factors(k->rsa, p, q) == 0) { -+ r = SSH_ERR_LIBCRYPTO_ERROR; -+ BN_free(p); -+ BN_free(q); -+ goto out; -+ } -+ if (ssh_rsa_generate_additional_parameters(k, iqmp) != 0) { -+ r = SSH_ERR_LIBCRYPTO_ERROR; -+ free(iqmp); -+ goto out; -+ } -+ } -+ if (RSA_bits(k->rsa) < SSH_RSA_MINIMUM_MODULUS_SIZE) { - r = SSH_ERR_KEY_LENGTH; - goto out; - } -@@ -3796,7 +4037,9 @@ translate_libcrypto_error(unsigned long - switch (pem_reason) { - case EVP_R_BAD_DECRYPT: - return SSH_ERR_KEY_WRONG_PASSPHRASE; -+#ifdef EVP_R_BN_DECODE_ERROR - case EVP_R_BN_DECODE_ERROR: -+#endif - case EVP_R_DECODE_ERROR: - #ifdef EVP_R_PRIVATE_KEY_DECODE_ERROR - case EVP_R_PRIVATE_KEY_DECODE_ERROR: -@@ -3861,7 +4104,7 @@ sshkey_parse_private_pem_fileblob(struct - r = convert_libcrypto_error(); - goto out; - } -- if (pk->type == EVP_PKEY_RSA && -+ if (EVP_PKEY_id(pk) == EVP_PKEY_RSA && - (type == KEY_UNSPEC || type == KEY_RSA)) { - if ((prv = sshkey_new(KEY_UNSPEC)) == NULL) { - r = SSH_ERR_ALLOC_FAIL; -@@ -3876,11 +4119,11 @@ sshkey_parse_private_pem_fileblob(struct - r = SSH_ERR_LIBCRYPTO_ERROR; - goto out; - } -- if (BN_num_bits(prv->rsa->n) < SSH_RSA_MINIMUM_MODULUS_SIZE) { -+ if (RSA_bits(prv->rsa) < SSH_RSA_MINIMUM_MODULUS_SIZE) { - r = SSH_ERR_KEY_LENGTH; - goto out; - } -- } else if (pk->type == EVP_PKEY_DSA && -+ } else if (EVP_PKEY_id(pk) == EVP_PKEY_DSA && - (type == KEY_UNSPEC || type == KEY_DSA)) { - if ((prv = sshkey_new(KEY_UNSPEC)) == NULL) { - r = SSH_ERR_ALLOC_FAIL; -@@ -3892,7 +4135,7 @@ sshkey_parse_private_pem_fileblob(struct - DSA_print_fp(stderr, prv->dsa, 8); - #endif - #ifdef OPENSSL_HAS_ECC -- } else if (pk->type == EVP_PKEY_EC && -+ } else if (EVP_PKEY_id(pk) == EVP_PKEY_EC && - (type == KEY_UNSPEC || type == KEY_ECDSA)) { - if ((prv = sshkey_new(KEY_UNSPEC)) == NULL) { - r = SSH_ERR_ALLOC_FAIL; -Index: openssh-7.8p1/sshkey.h -=================================================================== ---- openssh-7.8p1.orig/sshkey.h -+++ openssh-7.8p1/sshkey.h -@@ -220,7 +220,7 @@ int sshkey_parse_private_fileblob_type(s - const char *passphrase, struct sshkey **keyp, char **commentp); - - /* XXX should be internal, but used by ssh-keygen */ --int ssh_rsa_generate_additional_parameters(struct sshkey *); -+int ssh_rsa_generate_additional_parameters(struct sshkey *, BIGNUM *iqmp); - - /* stateful keys (e.g. XMSS) */ - #ifdef NO_ATTRIBUTE_ON_PROTOTYPE_ARGS -Index: openssh-7.8p1/ssh.c -=================================================================== ---- openssh-7.8p1.orig/ssh.c -+++ openssh-7.8p1/ssh.c -@@ -1332,6 +1332,7 @@ main(int ac, char **av) - (char *)NULL); - free(cp); - } -+ free(host_arg); - - if (config_test) { - dump_client_config(&options, host); -Index: openssh-7.8p1/gss-serv.c -=================================================================== ---- openssh-7.8p1.orig/gss-serv.c -+++ openssh-7.8p1/gss-serv.c -@@ -148,7 +148,8 @@ ssh_gssapi_server_mechanisms() { - if (supported_oids == NULL) - ssh_gssapi_prepare_supported_oids(); - return (ssh_gssapi_kex_mechs(supported_oids, -- &ssh_gssapi_server_check_mech, NULL, NULL)); -+ ssh_gssapi_server_check_mech, NULL, NULL, -+ options.gss_kex_algorithms)); - } - - /* Unprivileged */ -Index: openssh-7.8p1/kex.c -=================================================================== ---- openssh-7.8p1.orig/kex.c -+++ openssh-7.8p1/kex.c -@@ -49,6 +49,7 @@ - #include "misc.h" - #include "dispatch.h" - #include "monitor.h" -+#include "xmalloc.h" - - #include "ssherr.h" - #include "sshbuf.h" -@@ -359,6 +360,28 @@ kex_assemble_names(char **listp, const c - return r; - } - -+/* Validate GSS KEX method name list */ -+int -+gss_kex_names_valid(const char *names) -+{ -+ char *s, *cp, *p; -+ if (names == NULL || *names == '\0') -+ return 0; -+ s = cp = xstrdup(names); -+ for ((p = strsep(&cp, ",")); p && *p != '\0'; -+ (p = strsep(&cp, ","))) { -+ if (strncmp(p, "gss-", 4) != 0 -+ || kex_alg_by_name(p) == NULL) { -+ error("Unsupported KEX algorithm \"%.100s\"", p); -+ free(s); -+ return 0; -+ } -+ } -+ debug3("gss kex names ok: [%s]", names); -+ free(s); -+ return 1; -+} -+ - /* put algorithm proposal into buffer */ - int - kex_prop2buf(struct sshbuf *b, char *proposal[PROPOSAL_MAX]) -@@ -795,7 +818,7 @@ choose_mac(struct ssh *ssh, struct sshma - #ifdef SSH_AUDIT_EVENTS - audit_unsupported(SSH_AUDIT_UNSUPPORTED_MAC); - #endif -- return SSH_ERR_NO_MAC_ALG_MATCH; -+ return SSH_ERR_NO_MAC_ALG_MATCH; - } - if (mac_setup(mac, name) < 0) { - free(name); -Index: openssh-7.8p1/kex.h -=================================================================== ---- openssh-7.8p1.orig/kex.h -+++ openssh-7.8p1/kex.h -@@ -182,6 +182,7 @@ int kex_names_valid(const char *); - char *kex_alg_list(char); - char *kex_names_cat(const char *, const char *); - int kex_assemble_names(char **, const char *, const char *); -+int gss_kex_names_valid(const char *); - - int kex_new(struct ssh *, char *[PROPOSAL_MAX], struct kex **); - int kex_setup(struct ssh *, char *[PROPOSAL_MAX]); -Index: openssh-7.8p1/readconf.c -=================================================================== ---- openssh-7.8p1.orig/readconf.c -+++ openssh-7.8p1/readconf.c -@@ -69,6 +69,7 @@ - #include "digest.h" - #include "dh.h" - #include "fips.h" -+#include "ssh-gss.h" - - /* Format of the configuration file: - -@@ -164,7 +165,7 @@ typedef enum { - oEnableSSHKeysign, oRekeyLimit, oVerifyHostKeyDNS, oConnectTimeout, - oAddressFamily, oGssAuthentication, oGssDelegateCreds, - oGssTrustDns, oGssKeyEx, oGssClientIdentity, oGssRenewalRekey, -- oGssServerIdentity, -+ oGssServerIdentity, oGssKexAlgorithms, - oServerAliveInterval, oServerAliveCountMax, oIdentitiesOnly, - oSendEnv, oSetEnv, oControlPath, oControlMaster, oControlPersist, - oHashKnownHosts, -@@ -211,6 +212,7 @@ static struct { - { "gssapiclientidentity", oGssClientIdentity }, - { "gssapiserveridentity", oGssServerIdentity }, - { "gssapirenewalforcesrekey", oGssRenewalRekey }, -+ { "gssapikexalgorithms", oGssKexAlgorithms }, - # else - { "gssapiauthentication", oUnsupported }, - { "gssapikeyexchange", oUnsupported }, -@@ -219,6 +221,7 @@ static struct { - { "gssapiclientidentity", oUnsupported }, - { "gssapiserveridentity", oUnsupported }, - { "gssapirenewalforcesrekey", oUnsupported }, -+ { "gssapikexalgorithms", oUnsupported }, - #endif - #ifdef ENABLE_PKCS11 - { "smartcarddevice", oPKCS11Provider }, -@@ -1015,6 +1018,18 @@ parse_time: - intptr = &options->gss_renewal_rekey; - goto parse_flag; - -+ case oGssKexAlgorithms: -+ arg = strdelim(&s); -+ if (!arg || *arg == '\0') -+ fatal("%.200s line %d: Missing argument.", -+ filename, linenum); -+ if (!gss_kex_names_valid(arg)) -+ fatal("%.200s line %d: Bad GSSAPI KexAlgorithms '%s'.", -+ filename, linenum, arg ? arg : ""); -+ if (*activep && options->gss_kex_algorithms == NULL) -+ options->gss_kex_algorithms = xstrdup(arg); -+ break; -+ - case oBatchMode: - intptr = &options->batch_mode; - goto parse_flag; -@@ -1879,9 +1894,10 @@ initialize_options(Options * options) - options->gss_keyex = -1; - options->gss_deleg_creds = -1; - options->gss_trust_dns = -1; -- options->gss_renewal_rekey = -1; -- options->gss_client_identity = NULL; -- options->gss_server_identity = NULL; -+ options->gss_renewal_rekey = -1; -+ options->gss_client_identity = NULL; -+ options->gss_server_identity = NULL; -+ options->gss_kex_algorithms = NULL; - options->password_authentication = -1; - options->kbd_interactive_authentication = -1; - options->kbd_interactive_devices = NULL; -@@ -2035,6 +2051,10 @@ fill_default_options(Options * options) - options->gss_trust_dns = 0; - if (options->gss_renewal_rekey == -1) - options->gss_renewal_rekey = 0; -+#ifdef GSSAPI -+ if (options->gss_kex_algorithms == NULL) -+ options->gss_kex_algorithms = strdup(GSS_KEX_DEFAULT_KEX); -+#endif - if (options->password_authentication == -1) - options->password_authentication = 1; - if (options->kbd_interactive_authentication == -1) -Index: openssh-7.8p1/readconf.h -=================================================================== ---- openssh-7.8p1.orig/readconf.h -+++ openssh-7.8p1/readconf.h -@@ -46,6 +46,7 @@ typedef struct { - int gss_renewal_rekey; /* Credential renewal forces rekey */ - char *gss_client_identity; /* Principal to initiate GSSAPI with */ - char *gss_server_identity; /* GSSAPI target principal */ -+ char *gss_kex_algorithms; /* GSSAPI kex methods to be offered by client. */ - int password_authentication; /* Try password - * authentication. */ - int kbd_interactive_authentication; /* Try keyboard-interactive auth. */ -Index: openssh-7.8p1/servconf.c -=================================================================== ---- openssh-7.8p1.orig/servconf.c -+++ openssh-7.8p1/servconf.c -@@ -64,6 +64,7 @@ - #include "auth.h" - #include "myproposal.h" - #include "digest.h" -+#include "ssh-gss.h" - #include "dh.h" - #include "fips.h" - -@@ -134,6 +135,7 @@ initialize_server_options(ServerOptions - options->gss_cleanup_creds = -1; - options->gss_strict_acceptor = -1; - options->gss_store_rekey = -1; -+ options->gss_kex_algorithms = NULL; - options->password_authentication = -1; - options->kbd_interactive_authentication = -1; - options->challenge_response_authentication = -1; -@@ -379,6 +381,10 @@ fill_default_server_options(ServerOption - options->gss_strict_acceptor = 1; - if (options->gss_store_rekey == -1) - options->gss_store_rekey = 0; -+#ifdef GSSAPI -+ if (options->gss_kex_algorithms == NULL) -+ options->gss_kex_algorithms = strdup(GSS_KEX_DEFAULT_KEX); -+#endif - if (options->password_authentication == -1) - options->password_authentication = 1; - if (options->kbd_interactive_authentication == -1) -@@ -525,8 +531,7 @@ typedef enum { - sHostKeyAlgorithms, - sClientAliveInterval, sClientAliveCountMax, sAuthorizedKeysFile, - sGssAuthentication, sGssCleanupCreds, sGssStrictAcceptor, -- sGssKeyEx, sGssStoreRekey, -- sAcceptEnv, sSetEnv, sPermitTunnel, -+ sGssKeyEx, sGssStoreRekey, sGssKexAlgorithms, sAcceptEnv, sSetEnv, sPermitTunnel, - sMatch, sPermitOpen, sPermitListen, sForceCommand, sChrootDirectory, - sUsePrivilegeSeparation, sAllowAgentForwarding, - sHostCertificate, -@@ -605,12 +610,14 @@ static struct { - { "gssapistrictacceptorcheck", sGssStrictAcceptor, SSHCFG_GLOBAL }, - { "gssapikeyexchange", sGssKeyEx, SSHCFG_GLOBAL }, - { "gssapistorecredentialsonrekey", sGssStoreRekey, SSHCFG_GLOBAL }, -+ { "gssapikexalgorithms", sGssKexAlgorithms, SSHCFG_GLOBAL }, - #else - { "gssapiauthentication", sUnsupported, SSHCFG_ALL }, - { "gssapicleanupcredentials", sUnsupported, SSHCFG_GLOBAL }, - { "gssapistrictacceptorcheck", sUnsupported, SSHCFG_GLOBAL }, - { "gssapikeyexchange", sUnsupported, SSHCFG_GLOBAL }, - { "gssapistorecredentialsonrekey", sUnsupported, SSHCFG_GLOBAL }, -+ { "gssapikexalgorithms", sUnsupported, SSHCFG_GLOBAL }, - #endif - { "gssusesessionccache", sUnsupported, SSHCFG_GLOBAL }, - { "gssapiusesessioncredcache", sUnsupported, SSHCFG_GLOBAL }, -@@ -1532,6 +1539,18 @@ process_server_config_line(ServerOptions - intptr = &options->gss_store_rekey; - goto parse_flag; - -+ case sGssKexAlgorithms: -+ arg = strdelim(&cp); -+ if (!arg || *arg == '\0') -+ fatal("%.200s line %d: Missing argument.", -+ filename, linenum); -+ if (!gss_kex_names_valid(arg)) -+ fatal("%.200s line %d: Bad GSSAPI KexAlgorithms '%s'.", -+ filename, linenum, arg ? arg : ""); -+ if (*activep && options->gss_kex_algorithms == NULL) -+ options->gss_kex_algorithms = xstrdup(arg); -+ break; -+ - case sPasswordAuthentication: - intptr = &options->password_authentication; - goto parse_flag; -@@ -2629,6 +2648,7 @@ dump_config(ServerOptions *o) - dump_cfg_fmtint(sGssCleanupCreds, o->gss_cleanup_creds); - dump_cfg_fmtint(sGssStrictAcceptor, o->gss_strict_acceptor); - dump_cfg_fmtint(sGssStoreRekey, o->gss_store_rekey); -+ dump_cfg_string(sGssKexAlgorithms, o->gss_kex_algorithms); - #endif - dump_cfg_fmtint(sPasswordAuthentication, o->password_authentication); - dump_cfg_fmtint(sKbdInteractiveAuthentication, -Index: openssh-7.8p1/servconf.h -=================================================================== ---- openssh-7.8p1.orig/servconf.h -+++ openssh-7.8p1/servconf.h -@@ -131,6 +131,7 @@ typedef struct { - int gss_cleanup_creds; /* If true, destroy cred cache on logout */ - int gss_strict_acceptor; /* If true, restrict the GSSAPI acceptor name */ - int gss_store_rekey; -+ char *gss_kex_algorithms; /* GSSAPI kex methods to be offered by client. */ - int password_authentication; /* If true, permit password - * authentication. */ - int kbd_interactive_authentication; /* If true, permit */ -Index: openssh-7.8p1/ssh-gss.h -=================================================================== ---- openssh-7.8p1.orig/ssh-gss.h -+++ openssh-7.8p1/ssh-gss.h -@@ -72,6 +72,10 @@ - #define KEX_GSS_GRP14_SHA1_ID "gss-group14-sha1-" - #define KEX_GSS_GEX_SHA1_ID "gss-gex-sha1-" - -+#define GSS_KEX_DEFAULT_KEX \ -+ KEX_GSS_GEX_SHA1_ID "," \ -+ KEX_GSS_GRP14_SHA1_ID -+ - typedef struct { - char *filename; - char *envvar; -@@ -148,7 +152,7 @@ int ssh_gssapi_credentials_updated(Gssct - typedef int ssh_gssapi_check_fn(Gssctxt **, gss_OID, const char *, const char *); - char *ssh_gssapi_client_mechanisms(const char *, const char *, const char *); - char *ssh_gssapi_kex_mechs(gss_OID_set, ssh_gssapi_check_fn *, const char *, -- const char *); -+ const char *, const char *); - gss_OID ssh_gssapi_id_kex(Gssctxt *, char *, int); - int ssh_gssapi_server_check_mech(Gssctxt **, gss_OID, const char *, const char *); - OM_uint32 ssh_gssapi_server_ctx(Gssctxt **, gss_OID); -Index: openssh-7.8p1/ssh.1 -=================================================================== ---- openssh-7.8p1.orig/ssh.1 -+++ openssh-7.8p1/ssh.1 -@@ -489,6 +489,7 @@ For full details of the options listed b - .It GlobalKnownHostsFile - .It GSSAPIAuthentication - .It GSSAPIDelegateCredentials -+.It GSSAPIKexAlgorithms - .It HashKnownHosts - .It Host - .It HostbasedAuthentication -Index: openssh-7.8p1/ssh_config.5 -=================================================================== ---- openssh-7.8p1.orig/ssh_config.5 -+++ openssh-7.8p1/ssh_config.5 -@@ -754,6 +754,18 @@ the name of the host being connected to. - command line will be passed untouched to the GSSAPI library. - The default is - .Dq no . -+.It Cm GSSAPIKexAlgorithms -+The list of key exchange algorithms that are offered for GSSAPI -+key exchange. Possible values are -+.Bd -literal -offset 3n -+gss-gex-sha1-, -+gss-group1-sha1-, -+gss-group14-sha1- -+.Ed -+.Pp -+The default is -+.Dq gss-gex-sha1-,gss-group14-sha1- . -+This option only applies to protocol version 2 connections using GSSAPI. - .It Cm HashKnownHosts - Indicates that - .Xr ssh 1 -Index: openssh-7.8p1/sshconnect2.c -=================================================================== ---- openssh-7.8p1.orig/sshconnect2.c -+++ openssh-7.8p1/sshconnect2.c -@@ -301,8 +301,9 @@ ssh_kex2(char *host, struct sockaddr *ho - else - gss_host = host; - -- gss = ssh_gssapi_client_mechanisms(gss_host, options.gss_client_identity, -- options.kex_algorithms); -+ gss = ssh_gssapi_client_mechanisms(gss_host, -+ options.gss_client_identity, -+ options.kex_algorithms); - if (gss) { - debug("Offering GSSAPI proposal: %s", gss); - xasprintf(&options.kex_algorithms, -Index: openssh-7.8p1/sshd_config.5 -=================================================================== ---- openssh-7.8p1.orig/sshd_config.5 -+++ openssh-7.8p1/sshd_config.5 -@@ -668,6 +668,18 @@ Controls whether the user's GSSAPI crede - successful connection rekeying. This option can be used to accepted renewed - or updated credentials from a compatible client. The default is - .Dq no . -+.It Cm GSSAPIKexAlgorithms -+The list of key exchange algorithms that are accepted by GSSAPI -+key exchange. Possible values are -+.Bd -literal -offset 3n -+gss-gex-sha1-, -+gss-group1-sha1-, -+gss-group14-sha1- -+.Ed -+.Pp -+The default is -+.Dq gss-gex-sha1-,gss-group14-sha1- . -+This option only applies to protocol version 2 connections using GSSAPI. - .It Cm HostbasedAcceptedKeyTypes - Specifies the key types that will be accepted for hostbased authentication - as a list of comma-separated patterns. diff --git a/openssh-7.7p1-seccomp_ipc_flock.patch b/openssh-7.7p1-seccomp_ipc_flock.patch index 4607628..2191edb 100644 --- a/openssh-7.7p1-seccomp_ipc_flock.patch +++ b/openssh-7.7p1-seccomp_ipc_flock.patch @@ -15,15 +15,11 @@ this is only need on s390 architecture. Signed-off-by: Eduardo Barretto -diff --git a/openssh-7.7p1/sandbox-seccomp-filter.c b/openssh-7.7p1/sandbox-seccomp-filter.c ---- openssh-7.7p1/sandbox-seccomp-filter.c -+++ openssh-7.7p1/sandbox-seccomp-filter.c -@@ -167,16 +167,19 @@ static const struct sock_filter preauth_ - SC_ALLOW(__NR_exit_group), - #endif - #ifdef __NR_geteuid - SC_ALLOW(__NR_geteuid), - #endif +Index: openssh-7.9p1/sandbox-seccomp-filter.c +=================================================================== +--- openssh-7.9p1.orig/sandbox-seccomp-filter.c ++++ openssh-7.9p1/sandbox-seccomp-filter.c +@@ -175,6 +175,9 @@ static const struct sock_filter preauth_ #ifdef __NR_geteuid32 SC_ALLOW(__NR_geteuid32), #endif @@ -33,17 +29,7 @@ diff --git a/openssh-7.7p1/sandbox-seccomp-filter.c b/openssh-7.7p1/sandbox-secc #ifdef __NR_getpgid SC_ALLOW(__NR_getpgid), #endif - #ifdef __NR_getpid - SC_ALLOW(__NR_getpid), - #endif - #ifdef __NR_getrandom - SC_ALLOW(__NR_getrandom), -@@ -185,16 +188,19 @@ static const struct sock_filter preauth_ - SC_ALLOW(__NR_gettimeofday), - #endif - #ifdef __NR_getuid - SC_ALLOW(__NR_getuid), - #endif +@@ -193,6 +196,9 @@ static const struct sock_filter preauth_ #ifdef __NR_getuid32 SC_ALLOW(__NR_getuid32), #endif @@ -53,8 +39,3 @@ diff --git a/openssh-7.7p1/sandbox-seccomp-filter.c b/openssh-7.7p1/sandbox-secc #ifdef __NR_madvise SC_ALLOW(__NR_madvise), #endif - #ifdef __NR_mmap - SC_ALLOW(__NR_mmap), - #endif - #ifdef __NR_mmap2 - SC_ALLOW(__NR_mmap2), diff --git a/openssh-7.8p1.tar.gz b/openssh-7.8p1.tar.gz deleted file mode 100644 index 754639c..0000000 --- a/openssh-7.8p1.tar.gz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:1a484bb15152c183bb2514e112aa30dd34138c3cfb032eee5490a66c507144ca -size 1548026 diff --git a/openssh-7.8p1.tar.gz.asc b/openssh-7.8p1.tar.gz.asc deleted file mode 100644 index 9942bbf..0000000 --- a/openssh-7.8p1.tar.gz.asc +++ /dev/null @@ -1,14 +0,0 @@ ------BEGIN PGP SIGNATURE----- - -iQHDBAABCgAdFiEEWcIRjtIG2SfmZ+vj0+X1a22SDTAFAlt+Xa8ACgkQ0+X1a22S -DTAJPwx9HIW/obxNJYTU7M8trpalBekdl1SqUjxdDwInIsKTLSOpJCsnynBai/3c -SuvZkBwcKwZZFe+xCvRQDHkf/YYLT+d7slUQolb0OJmzFKbvu6xwuv7q12ag9hQj -/8BUfdYRKb63uemfKuVAHfcnUm9WlwSbif+Au/j1yg/MlETY47ezYA9/q75wignx -3g38JVHVgKDenDd8o9/hgjeQpEHKNdCQo71nN2h3MYRlh4xrR9ENZj7y8x65Kp1j -WoZEhlvjYkka4deSGwj2MIAJnzsc39uppEoEjkB7F9SUo4O7CxbWFein70Ct7Xbs -VDWXQibnJGHKatHIecaPLUYexGWO1XYNZErDhY7fPw0ChfMGbz3+0eDfDJqGY49r -Lo6wzsrgv2kDJMqwciT/D/Zb3ocHnCrq1Isnz/Ug2lW58LMk7Y1HisPteZFQ/pkC -xKeO+K1RkaRUSCrB5iToqF+7i8eRNVROYmkKLgKcMrC0WYEjnbEoFdr4bktAS9QM -BS6aIsh2cyg2H0FjDKmYvcKOUf0IgA== -=ZiYm ------END PGP SIGNATURE----- diff --git a/openssh-7.9p1.tar.gz b/openssh-7.9p1.tar.gz new file mode 100644 index 0000000..c60cf36 --- /dev/null +++ b/openssh-7.9p1.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:6b4b3ba2253d84ed3771c8050728d597c91cfce898713beb7b64a305b6f11aad +size 1565384 diff --git a/openssh-7.9p1.tar.gz.asc b/openssh-7.9p1.tar.gz.asc new file mode 100644 index 0000000..ced7989 --- /dev/null +++ b/openssh-7.9p1.tar.gz.asc @@ -0,0 +1,14 @@ +-----BEGIN PGP SIGNATURE----- + +iQHDBAABCgAdFiEEWcIRjtIG2SfmZ+vj0+X1a22SDTAFAlvJLhsACgkQ0+X1a22S +DTBjHwx/T3EX3EtCzB9I6zHFUgF2/0hEKVYZw2Yl4UbUvgjy/KdEdlJzdH3Hc/yU +jJZzraDY7nJMrCly734FbFGKsKoRkxWMkeuQGOhvpzgTYg+fOa1J0a14xK/ub9Y0 +9Z/4zP0Zs7mn+8MApMS3XOZ+AJgdRiXN9i3PXmbYO9Gcg+QthtgE1DeG0d0vVTP/ +ipCBBg8mMlAANdlu9IUCv4CJPwJjQt2aYsvCiuUQuzrKYsV5noCOBaGRbmPcN9SM +3cvSTZgDbK3kHdL1RnBgWpcO+o+D8sqSW2rm8xpCQv/ILo86/BLBjXDCYLEt0nSn ++dONPytwhwwJWPPYe7+RSYWHS2cKwVTDk7lr2E636SwU1fM1NiNYle9hB6cUT0nU +sypfHOIARAMSqepnaT3WgffM0jlEWrSB0PuDLTLTO5ZPmUijqqT6xGwWSUc4GQZY +WNyGg1w0Ryj2pRd7DlXDDivTCneXFqV7JZiR3R4ZXJJV0uVQOUitCS/DnwSDpIfp +HlVEWeRAszQFKLKttu0/4SY2NVrRBA== +=4Z9x +-----END PGP SIGNATURE----- diff --git a/openssh-askpass-gnome.changes b/openssh-askpass-gnome.changes index aa197b9..d45a82a 100644 --- a/openssh-askpass-gnome.changes +++ b/openssh-askpass-gnome.changes @@ -1,3 +1,10 @@ +------------------------------------------------------------------- +Mon Oct 22 08:59:02 UTC 2018 - Pedro Monreal Gonzalez + +- Version update to 7.9p1 + * No actual changes for the askpass + * See main package changelog for details + ------------------------------------------------------------------- Tue Oct 9 10:52:15 UTC 2018 - Tomáš Chvátal diff --git a/openssh-askpass-gnome.spec b/openssh-askpass-gnome.spec index 05039d0..a77086c 100644 --- a/openssh-askpass-gnome.spec +++ b/openssh-askpass-gnome.spec @@ -18,7 +18,7 @@ %define _name openssh Name: openssh-askpass-gnome -Version: 7.8p1 +Version: 7.9p1 Release: 0 Summary: A GNOME-Based Passphrase Dialog for OpenSSH License: BSD-2-Clause diff --git a/openssh.changes b/openssh.changes index ae740c5..f485d82 100644 --- a/openssh.changes +++ b/openssh.changes @@ -1,3 +1,47 @@ +------------------------------------------------------------------- +Mon Oct 22 08:51:30 UTC 2018 - Pedro Monreal Gonzalez + +- Version update to 7.9p1 + * ssh(1), sshd(8): the setting of the new CASignatureAlgorithms + option (see below) bans the use of DSA keys as certificate + authorities. + * sshd(8): the authentication success/failure log message has + changed format slightly. It now includes the certificate + fingerprint (previously it included only key ID and CA key + fingerprint). + * ssh(1), sshd(8): allow most port numbers to be specified using + service names from getservbyname(3) (typically /etc/services). + * sshd(8): support signalling sessions via the SSH protocol. + A limited subset of signals is supported and only for login or + command sessions (i.e. not subsystems) that were not subject to + a forced command via authorized_keys or sshd_config. bz#1424 + * ssh(1): support "ssh -Q sig" to list supported signature options. + Also "ssh -Q help" to show the full set of supported queries. + * ssh(1), sshd(8): add a CASignatureAlgorithms option for the + client and server configs to allow control over which signature + formats are allowed for CAs to sign certificates. For example, + this allows banning CAs that sign certificates using the RSA-SHA1 + signature algorithm. + * sshd(8), ssh-keygen(1): allow key revocation lists (KRLs) to + revoke keys specified by SHA256 hash. + * ssh-keygen(1): allow creation of key revocation lists directly + from base64-encoded SHA256 fingerprints. This supports revoking + keys using only the information contained in sshd(8) + authentication log messages. + +- Removed obsolete configuration option --with-tcp-wrappers, and + --with-opensc for s390 and s390x. + +- Removed patch merged upstream + * openssh-7.7p1-openssl_1.1.0.patch + +- Refreshed patches + * openssh-7.7p1-audit.patch + * openssh-7.7p1-disable_short_DH_parameters.patch + * openssh-7.7p1-fips.patch + * openssh-7.7p1-gssapi_key_exchange.patch + * openssh-7.7p1-seccomp_ipc_flock.patch + ------------------------------------------------------------------- Fri Oct 19 13:22:10 UTC 2018 - Tomáš Chvátal diff --git a/openssh.spec b/openssh.spec index 2061888..0af7c69 100644 --- a/openssh.spec +++ b/openssh.spec @@ -36,7 +36,7 @@ %define _fillupdir %{_localstatedir}/adm/fillup-templates %endif Name: openssh -Version: 7.8p1 +Version: 7.9p1 Release: 0 Summary: Secure Shell Client and Server (Remote Login Program) License: BSD-2-Clause AND MIT @@ -84,8 +84,6 @@ Patch22: openssh-7.7p1-systemd-notify.patch Patch23: openssh-7.7p1-gssapi_key_exchange.patch # https://bugzilla.mindrot.org/show_bug.cgi?id=1402 Patch24: openssh-7.7p1-audit.patch -# Upstream patch, already merged -Patch25: openssh-7.7p1-openssl_1.1.0.patch # Local patch to disable runtime abi SSL checks, quite pointless for us Patch26: openssh-7.7p1-disable_openssl_abi_check.patch # https://bugzilla.mindrot.org/show_bug.cgi?id=2641 @@ -188,7 +186,6 @@ export LDFLAGS CFLAGS CXXFLAGS CPPFLAGS %configure \ --sysconfdir=%{_sysconfdir}/ssh \ --libexecdir=%{_libexecdir}/ssh \ - --with-tcp-wrappers \ --with-selinux \ --with-pid-dir=/run \ --with-systemd \ @@ -200,9 +197,6 @@ export LDFLAGS CFLAGS CXXFLAGS CPPFLAGS --with-sandbox=seccomp_filter \ %else --with-sandbox=rlimit \ -%endif -%ifnarch s390 s390x - --with-opensc \ %endif --disable-strip \ --with-audit=linux \ From 5f875265047c530c6eaef7b913a9b40a9f87d3ed9f2cb6222a404c191e925d94 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Tom=C3=A1=C5=A1=20Chv=C3=A1tal?= Date: Wed, 24 Oct 2018 17:58:38 +0000 Subject: [PATCH 7/9] Accepting request 644397 from home:pmonrealgonzalez:branches:network * openssh-7.7p1-cavstest-ctr.patch * openssh-7.7p1-ldap.patch OBS-URL: https://build.opensuse.org/request/show/644397 OBS-URL: https://build.opensuse.org/package/show/network/openssh?expand=0&rev=161 --- openssh-7.7p1-audit.patch | 146 +++++++++++------------- openssh-7.7p1-cavstest-ctr.patch | 101 ++++------------ openssh-7.7p1-fips.patch | 2 +- openssh-7.7p1-gssapi_key_exchange.patch | 143 ++++++++++++----------- openssh-7.7p1-ldap.patch | 104 ++++++++--------- openssh.changes | 2 + 6 files changed, 224 insertions(+), 274 deletions(-) diff --git a/openssh-7.7p1-audit.patch b/openssh-7.7p1-audit.patch index 3ae385a..ea7c3c1 100644 --- a/openssh-7.7p1-audit.patch +++ b/openssh-7.7p1-audit.patch @@ -7,7 +7,7 @@ Index: openssh-7.9p1/Makefile.in =================================================================== --- openssh-7.9p1.orig/Makefile.in +++ openssh-7.9p1/Makefile.in -@@ -110,6 +110,8 @@ LIBSSH_OBJS += fips.o +@@ -111,6 +111,8 @@ LIBSSH_OBJS += fips.o LIBSSH_OBJS += kexgssc.o kexgsss.o @@ -97,7 +97,7 @@ Index: openssh-7.9p1/audit-linux.c =================================================================== --- openssh-7.9p1.orig/audit-linux.c +++ openssh-7.9p1/audit-linux.c -@@ -33,27 +33,40 @@ +@@ -33,27 +33,41 @@ #include "log.h" #include "audit.h" @@ -106,6 +106,7 @@ Index: openssh-7.9p1/audit-linux.c +#include "auth.h" +#include "misc.h" /* servconf.h needs misc.h for struct ForwardOptions */ +#include "servconf.h" ++#include "ssherr.h" #include "canohost.h" #include "packet.h" - @@ -146,7 +147,7 @@ Index: openssh-7.9p1/audit-linux.c saved_errno = errno; close(audit_fd); -@@ -65,9 +78,96 @@ linux_audit_record_event(int uid, const +@@ -65,9 +79,96 @@ linux_audit_record_event(int uid, const rc = 0; errno = saved_errno; @@ -244,7 +245,7 @@ Index: openssh-7.9p1/audit-linux.c /* Below is the sshd audit API code */ void -@@ -76,24 +176,55 @@ audit_connection_from(const char *host, +@@ -76,24 +177,55 @@ audit_connection_from(const char *host, /* not implemented */ } @@ -306,7 +307,7 @@ Index: openssh-7.9p1/audit-linux.c } void -@@ -102,25 +233,155 @@ audit_event(ssh_audit_event_t event) +@@ -102,25 +234,155 @@ audit_event(ssh_audit_event_t event) struct ssh *ssh = active_state; /* XXX */ switch(event) { @@ -1308,32 +1309,15 @@ Index: openssh-7.9p1/monitor.c } -@@ -1906,19 +1988,19 @@ mm_answer_gss_sign(int socket, struct ss - int r; - - if (!options.gss_authentication && !options.gss_keyex) -- fatal("In GSSAPI monitor when GSSAPI is disabled"); -+ fatal("In GSSAPI monitor when GSSAPI is disabled"); +@@ -1909,7 +1991,7 @@ mm_answer_gss_sign(int socket, struct ss + fatal("In GSSAPI monitor when GSSAPI is disabled"); if ((r = sshbuf_get_string(m, (u_char **)&data.value, &data.length)) != 0) - fatal("%s: buffer error: %s", __func__, ssh_err(r)); +- fatal("%s: buffer error: %s", __func__, ssh_err(r)); ++ fatal("%s: buffer error: %s", __func__, ssh_err(r)); if (data.length != 20) -- fatal("%s: data length incorrect: %d", __func__, -- (int) data.length); -+ fatal("%s: data length incorrect: %d", __func__, -+ (int) data.length); - - /* Save the session ID on the first time around */ - if (session_id2_len == 0) { -- session_id2_len = data.length; -- session_id2 = xmalloc(session_id2_len); -- memcpy(session_id2, data.value, session_id2_len); -+ session_id2_len = data.length; -+ session_id2 = xmalloc(session_id2_len); -+ memcpy(session_id2, data.value, session_id2_len); - } - major = ssh_gssapi_sign(gsscontext, &data, &hash); - + fatal("%s: data length incorrect: %d", __func__, + (int) data.length); @@ -1966,3 +2048,102 @@ mm_answer_gss_updatecreds(int socket, st } @@ -2091,24 +2075,24 @@ Index: openssh-7.9p1/sshd.c for (i = 0; i < options.num_host_key_files; i++) { if (sensitive_data.host_keys[i]) { - sshkey_free(sensitive_data.host_keys[i]); -+ char *fp; ++ char *fp; + -+ if (sshkey_is_private(sensitive_data.host_keys[i])) -+ fp = sshkey_fingerprint(sensitive_data.host_keys[i], options.fingerprint_hash, SSH_FP_HEX); -+ else -+ fp = NULL; -+ sshkey_free(sensitive_data.host_keys[i]); ++ if (sshkey_is_private(sensitive_data.host_keys[i])) ++ fp = sshkey_fingerprint(sensitive_data.host_keys[i], options.fingerprint_hash, SSH_FP_HEX); ++ else ++ fp = NULL; ++ sshkey_free(sensitive_data.host_keys[i]); sensitive_data.host_keys[i] = NULL; + if (fp != NULL) { +#ifdef SSH_AUDIT_EVENTS -+ if (privsep) -+ PRIVSEP(audit_destroy_sensitive_data(fp, -+ pid, uid)); -+ else -+ audit_destroy_sensitive_data(fp, -+ pid, uid); ++ if (privsep) ++ PRIVSEP(audit_destroy_sensitive_data(fp, ++ pid, uid)); ++ else ++ audit_destroy_sensitive_data(fp, ++ pid, uid); +#endif -+ free(fp); ++ free(fp); + } } - if (sensitive_data.host_certificates[i]) { @@ -2211,43 +2195,6 @@ Index: openssh-7.9p1/sshd.c audit_event(SSH_CONNECTION_ABANDON); #endif _exit(i); -Index: openssh-7.9p1/sshkey.c -=================================================================== ---- openssh-7.9p1.orig/sshkey.c -+++ openssh-7.9p1/sshkey.c -@@ -331,6 +331,32 @@ sshkey_type_is_valid_ca(int type) - } - - int -+sshkey_is_private(const struct sshkey *k) -+{ -+ switch (k->type) { -+#ifdef WITH_OPENSSL -+ case KEY_RSA_CERT: -+ case KEY_RSA: -+ return k->rsa->d != NULL; -+ case KEY_DSA_CERT: -+ case KEY_DSA: -+ return k->dsa->priv_key != NULL; -+#ifdef OPENSSL_HAS_ECC -+ case KEY_ECDSA_CERT: -+ case KEY_ECDSA: -+ return EC_KEY_get0_private_key(k->ecdsa) != NULL; -+#endif /* OPENSSL_HAS_ECC */ -+#endif /* WITH_OPENSSL */ -+ case KEY_ED25519_CERT: -+ case KEY_ED25519: -+ return (k->ed25519_pk != NULL); -+ default: -+ /* fatal("key_is_private: bad key type %d", k->type); */ -+ return 0; -+ } -+} -+ -+int - sshkey_is_cert(const struct sshkey *k) - { - if (k == NULL) Index: openssh-7.9p1/sshkey.h =================================================================== --- openssh-7.9p1.orig/sshkey.h @@ -2260,3 +2207,46 @@ Index: openssh-7.9p1/sshkey.h int sshkey_is_cert(const struct sshkey *); int sshkey_type_is_cert(int); int sshkey_type_plain(int); +Index: openssh-7.9p1/sshkey.c +=================================================================== +--- openssh-7.9p1.orig/sshkey.c ++++ openssh-7.9p1/sshkey.c +@@ -331,6 +331,38 @@ sshkey_type_is_valid_ca(int type) + } + + int ++sshkey_is_private(const struct sshkey *k) ++{ ++ switch (k->type) { ++#ifdef WITH_OPENSSL ++ case KEY_RSA_CERT: ++ case KEY_RSA: { ++ const BIGNUM *d; ++ RSA_get0_key(k->rsa, NULL, NULL, &d); ++ return d != NULL; ++ } ++ case KEY_DSA_CERT: ++ case KEY_DSA: { ++ const BIGNUM *priv_key; ++ DSA_get0_key(k->dsa, NULL, &priv_key); ++ return priv_key != NULL; ++ } ++#ifdef OPENSSL_HAS_ECC ++ case KEY_ECDSA_CERT: ++ case KEY_ECDSA: ++ return EC_KEY_get0_private_key(k->ecdsa) != NULL; ++#endif /* OPENSSL_HAS_ECC */ ++#endif /* WITH_OPENSSL */ ++ case KEY_ED25519_CERT: ++ case KEY_ED25519: ++ return (k->ed25519_pk != NULL); ++ default: ++ /* fatal("key_is_private: bad key type %d", k->type); */ ++ return 0; ++ } ++} ++ ++int + sshkey_is_cert(const struct sshkey *k) + { + if (k == NULL) diff --git a/openssh-7.7p1-cavstest-ctr.patch b/openssh-7.7p1-cavstest-ctr.patch index 88bb869..5a2f363 100644 --- a/openssh-7.7p1-cavstest-ctr.patch +++ b/openssh-7.7p1-cavstest-ctr.patch @@ -2,15 +2,11 @@ # Parent cc1022edba2c5eeb0facba08468f65afc2466b63 CAVS test for OpenSSH's own CTR encryption mode implementation -diff --git a/openssh-7.7p1/Makefile.in b/openssh-7.7p1/Makefile.in ---- openssh-7.7p1/Makefile.in -+++ openssh-7.7p1/Makefile.in -@@ -19,16 +19,17 @@ top_srcdir=@top_srcdir@ - - DESTDIR= - VPATH=@srcdir@ - SSH_PROGRAM=@bindir@/ssh - ASKPASS_PROGRAM=$(libexecdir)/ssh-askpass +Index: openssh-7.9p1/Makefile.in +=================================================================== +--- openssh-7.9p1.orig/Makefile.in ++++ openssh-7.9p1/Makefile.in +@@ -24,6 +24,7 @@ ASKPASS_PROGRAM=$(libexecdir)/ssh-askpas SFTP_SERVER=$(libexecdir)/sftp-server SSH_KEYSIGN=$(libexecdir)/ssh-keysign SSH_PKCS11_HELPER=$(libexecdir)/ssh-pkcs11-helper @@ -18,17 +14,7 @@ diff --git a/openssh-7.7p1/Makefile.in b/openssh-7.7p1/Makefile.in PRIVSEP_PATH=@PRIVSEP_PATH@ SSH_PRIVSEP_USER=@SSH_PRIVSEP_USER@ STRIP_OPT=@STRIP_OPT@ - TEST_SHELL=@TEST_SHELL@ - - PATHS= -DSSHDIR=\"$(sysconfdir)\" \ - -D_PATH_SSH_PROGRAM=\"$(SSH_PROGRAM)\" \ - -D_PATH_SSH_ASKPASS_DEFAULT=\"$(ASKPASS_PROGRAM)\" \ -@@ -57,16 +58,18 @@ ENT=@ENT@ - XAUTH_PATH=@XAUTH_PATH@ - LDFLAGS=-L. -Lopenbsd-compat/ @LDFLAGS@ - EXEEXT=@EXEEXT@ - MANFMT=@MANFMT@ - MKDIR_P=@MKDIR_P@ +@@ -62,6 +63,8 @@ MKDIR_P=@MKDIR_P@ TARGETS=ssh$(EXEEXT) sshd$(EXEEXT) ssh-add$(EXEEXT) ssh-keygen$(EXEEXT) ssh-keyscan${EXEEXT} ssh-keysign${EXEEXT} ssh-pkcs11-helper$(EXEEXT) ssh-agent$(EXEEXT) scp$(EXEEXT) sftp-server$(EXEEXT) sftp$(EXEEXT) @@ -37,17 +23,7 @@ diff --git a/openssh-7.7p1/Makefile.in b/openssh-7.7p1/Makefile.in XMSS_OBJS=\ ssh-xmss.o \ sshkey-xmss.o \ - xmss_commons.o \ - xmss_fast.o \ - xmss_hash.o \ - xmss_hash_address.o \ - xmss_wots.o -@@ -199,16 +202,20 @@ ssh-keyscan$(EXEEXT): $(LIBCOMPAT) libss - $(LD) -o $@ ssh-keyscan.o $(LDFLAGS) -lssh -lopenbsd-compat -lssh $(LIBS) - - sftp-server$(EXEEXT): $(LIBCOMPAT) libssh.a sftp.o sftp-common.o sftp-server.o sftp-server-main.o - $(LD) -o $@ sftp-server.o sftp-common.o sftp-server-main.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS) - +@@ -204,6 +207,10 @@ sftp-server$(EXEEXT): $(LIBCOMPAT) libss sftp$(EXEEXT): $(LIBCOMPAT) libssh.a sftp.o sftp-client.o sftp-common.o sftp-glob.o progressmeter.o $(LD) -o $@ progressmeter.o sftp.o sftp-client.o sftp-common.o sftp-glob.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS) $(LIBEDIT) @@ -58,17 +34,7 @@ diff --git a/openssh-7.7p1/Makefile.in b/openssh-7.7p1/Makefile.in # test driver for the loginrec code - not built by default logintest: logintest.o $(LIBCOMPAT) libssh.a loginrec.o $(LD) -o $@ logintest.o $(LDFLAGS) loginrec.o -lopenbsd-compat -lssh $(LIBS) - - $(MANPAGES): $(MANPAGES_IN) - if test "$(MANTYPE)" = "cat"; then \ - manpage=$(srcdir)/`echo $@ | sed 's/\.[1-9]\.out$$/\.0/'`; \ - else \ -@@ -339,16 +346,17 @@ install-files: - $(INSTALL) -m 0755 $(STRIP_OPT) ssh-agent$(EXEEXT) $(DESTDIR)$(bindir)/ssh-agent$(EXEEXT) - $(INSTALL) -m 0755 $(STRIP_OPT) ssh-keygen$(EXEEXT) $(DESTDIR)$(bindir)/ssh-keygen$(EXEEXT) - $(INSTALL) -m 0755 $(STRIP_OPT) ssh-keyscan$(EXEEXT) $(DESTDIR)$(bindir)/ssh-keyscan$(EXEEXT) - $(INSTALL) -m 0755 $(STRIP_OPT) sshd$(EXEEXT) $(DESTDIR)$(sbindir)/sshd$(EXEEXT) - $(INSTALL) -m 4711 $(STRIP_OPT) ssh-keysign$(EXEEXT) $(DESTDIR)$(SSH_KEYSIGN)$(EXEEXT) +@@ -348,6 +355,7 @@ install-files: $(INSTALL) -m 0755 $(STRIP_OPT) ssh-pkcs11-helper$(EXEEXT) $(DESTDIR)$(SSH_PKCS11_HELPER)$(EXEEXT) $(INSTALL) -m 0755 $(STRIP_OPT) sftp$(EXEEXT) $(DESTDIR)$(bindir)/sftp$(EXEEXT) $(INSTALL) -m 0755 $(STRIP_OPT) sftp-server$(EXEEXT) $(DESTDIR)$(SFTP_SERVER)$(EXEEXT) @@ -76,15 +42,10 @@ diff --git a/openssh-7.7p1/Makefile.in b/openssh-7.7p1/Makefile.in $(INSTALL) -m 644 ssh.1.out $(DESTDIR)$(mandir)/$(mansubdir)1/ssh.1 $(INSTALL) -m 644 scp.1.out $(DESTDIR)$(mandir)/$(mansubdir)1/scp.1 $(INSTALL) -m 644 ssh-add.1.out $(DESTDIR)$(mandir)/$(mansubdir)1/ssh-add.1 - $(INSTALL) -m 644 ssh-agent.1.out $(DESTDIR)$(mandir)/$(mansubdir)1/ssh-agent.1 - $(INSTALL) -m 644 ssh-keygen.1.out $(DESTDIR)$(mandir)/$(mansubdir)1/ssh-keygen.1 - $(INSTALL) -m 644 ssh-keyscan.1.out $(DESTDIR)$(mandir)/$(mansubdir)1/ssh-keyscan.1 - $(INSTALL) -m 644 moduli.5.out $(DESTDIR)$(mandir)/$(mansubdir)5/moduli.5 - $(INSTALL) -m 644 sshd_config.5.out $(DESTDIR)$(mandir)/$(mansubdir)5/sshd_config.5 -diff --git a/openssh-7.7p1/cavstest-ctr.c b/openssh-7.7p1/cavstest-ctr.c -new file mode 100644 +Index: openssh-7.9p1/cavstest-ctr.c +=================================================================== --- /dev/null -+++ openssh-7.7p1/cavstest-ctr.c ++++ openssh-7.9p1/cavstest-ctr.c @@ -0,0 +1,214 @@ +/* + * @@ -238,7 +199,7 @@ new file mode 100644 + usage(); + } + -+ SSLeay_add_all_algorithms(); ++ OpenSSL_add_all_algorithms(); + + c = cipher_by_name(algo); + if (c == NULL) { @@ -300,15 +261,11 @@ new file mode 100644 + printf("\n"); + return 0; +} -diff --git a/openssh-7.7p1/cipher.c b/openssh-7.7p1/cipher.c ---- openssh-7.7p1/cipher.c -+++ openssh-7.7p1/cipher.c -@@ -49,25 +49,16 @@ - #include "ssherr.h" - #include "digest.h" - - #include "openbsd-compat/openssl-compat.h" - +Index: openssh-7.9p1/cipher.c +=================================================================== +--- openssh-7.9p1.orig/cipher.c ++++ openssh-7.9p1/cipher.c +@@ -54,15 +54,6 @@ #include "fips.h" #include "log.h" @@ -324,20 +281,11 @@ diff --git a/openssh-7.7p1/cipher.c b/openssh-7.7p1/cipher.c struct sshcipher { char *name; u_int block_size; - u_int key_len; - u_int iv_len; /* defaults to block_size */ - u_int auth_len; - u_int flags; - #define CFLAG_CBC (1<<0) -diff --git a/openssh-7.7p1/cipher.h b/openssh-7.7p1/cipher.h ---- openssh-7.7p1/cipher.h -+++ openssh-7.7p1/cipher.h -@@ -41,17 +41,25 @@ - #include - #include "cipher-chachapoly.h" - #include "cipher-aesctr.h" - - #define CIPHER_ENCRYPT 1 +Index: openssh-7.9p1/cipher.h +=================================================================== +--- openssh-7.9p1.orig/cipher.h ++++ openssh-7.9p1/cipher.h +@@ -46,7 +46,15 @@ #define CIPHER_DECRYPT 0 struct sshcipher; @@ -354,8 +302,3 @@ diff --git a/openssh-7.7p1/cipher.h b/openssh-7.7p1/cipher.h const struct sshcipher *cipher_by_name(const char *); const char *cipher_warning_message(const struct sshcipher_ctx *); - int ciphers_valid(const char *); - char *cipher_alg_list(char, int); - int cipher_init(struct sshcipher_ctx **, const struct sshcipher *, - const u_char *, u_int, const u_char *, u_int, int); - int cipher_crypt(struct sshcipher_ctx *, u_int, u_char *, const u_char *, diff --git a/openssh-7.7p1-fips.patch b/openssh-7.7p1-fips.patch index 538aadd..51c8900 100644 --- a/openssh-7.7p1-fips.patch +++ b/openssh-7.7p1-fips.patch @@ -753,7 +753,7 @@ Index: openssh-7.9p1/readconf.c KEX_DEFAULT_PK_ALG, all_key) != 0) fatal("%s: kex_assemble_names failed", __func__); free(all_key); -+ filter_fips_algorithms(options); ++ filter_fips_algorithms(o); /* Most interesting options first: user, host, port */ dump_cfg_string(oUser, o->user); diff --git a/openssh-7.7p1-gssapi_key_exchange.patch b/openssh-7.7p1-gssapi_key_exchange.patch index b6115f3..304bbe2 100644 --- a/openssh-7.7p1-gssapi_key_exchange.patch +++ b/openssh-7.7p1-gssapi_key_exchange.patch @@ -5,7 +5,12 @@ Index: openssh-7.9p1/Makefile.in =================================================================== --- openssh-7.9p1.orig/Makefile.in +++ openssh-7.9p1/Makefile.in -@@ -108,6 +108,8 @@ LIBSSH_OBJS=${LIBOPENSSH_OBJS} \ +@@ -104,10 +104,13 @@ LIBSSH_OBJS=${LIBOPENSSH_OBJS} \ + kex.o kexdh.o kexgex.o kexecdh.o kexc25519.o \ + kexdhc.o kexgexc.o kexecdhc.o kexc25519c.o \ + kexdhs.o kexgexs.o kexecdhs.o kexc25519s.o \ ++ kexgssc.o \ + platform-pledge.o platform-tracing.o platform-misc.o LIBSSH_OBJS += fips.o @@ -14,6 +19,15 @@ Index: openssh-7.9p1/Makefile.in SSHOBJS= ssh.o readconf.o clientloop.o sshtty.o \ sshconnect.o sshconnect2.o mux.o +@@ -119,7 +122,7 @@ SSHDOBJS=sshd.o auth-rhosts.o auth-passw + auth-bsdauth.o auth2-hostbased.o auth2-kbdint.o \ + auth2-none.o auth2-passwd.o auth2-pubkey.o \ + monitor.o monitor_wrap.o auth-krb5.o \ +- auth2-gss.o gss-serv.o gss-serv-krb5.o \ ++ auth2-gss.o gss-serv.o gss-serv-krb5.o kexgsss.o \ + loginrec.o auth-pam.o auth-shadow.o auth-sia.o md5crypt.o \ + sftp-server.o sftp-common.o \ + sandbox-null.o sandbox-rlimit.o sandbox-systrace.o sandbox-darwin.o \ Index: openssh-7.9p1/auth-krb5.c =================================================================== --- openssh-7.9p1.orig/auth-krb5.c @@ -105,7 +119,7 @@ Index: openssh-7.9p1/auth2-gss.c + packet_check_eom(); + + if ((b = sshbuf_new()) == NULL) -+ fatal("%s: sshbuf_new failed", __func__); ++ fatal("%s: sshbuf_new failed", __func__); + + ssh_gssapi_buildmic(b, authctxt->user, authctxt->service, + "gssapi-keyex"); @@ -129,7 +143,7 @@ Index: openssh-7.9p1/auth2-gss.c * We only support those mechanisms that we know about (ie ones that we know * how to check local user kuserok and the like) */ -@@ -260,7 +299,8 @@ input_gssapi_exchange_complete(int type, +@@ -260,7 +302,8 @@ input_gssapi_exchange_complete(int type, if ((r = sshpkt_get_end(ssh)) != 0) fatal("%s: %s", __func__, ssh_err(r)); @@ -139,7 +153,7 @@ Index: openssh-7.9p1/auth2-gss.c if ((!use_privsep || mm_is_monitor()) && (displayname = ssh_gssapi_displayname()) != NULL) -@@ -306,7 +346,8 @@ input_gssapi_mic(int type, u_int32_t ple +@@ -306,7 +349,8 @@ input_gssapi_mic(int type, u_int32_t ple gssbuf.length = sshbuf_len(b); if (!GSS_ERROR(PRIVSEP(ssh_gssapi_checkmic(gssctxt, &gssbuf, &mic)))) @@ -149,7 +163,7 @@ Index: openssh-7.9p1/auth2-gss.c else logit("GSSAPI MIC check failed"); -@@ -326,6 +367,12 @@ input_gssapi_mic(int type, u_int32_t ple +@@ -326,6 +370,12 @@ input_gssapi_mic(int type, u_int32_t ple return 0; } @@ -296,7 +310,7 @@ Index: openssh-7.9p1/gss-genr.c =================================================================== --- openssh-7.9p1.orig/gss-genr.c +++ openssh-7.9p1/gss-genr.c -@@ -41,12 +41,169 @@ +@@ -41,12 +41,174 @@ #include "sshbuf.h" #include "log.h" #include "ssh2.h" @@ -359,7 +373,7 @@ Index: openssh-7.9p1/gss-genr.c + u_char digest[EVP_MAX_MD_SIZE]; + char deroid[2]; + const EVP_MD *evp_md = EVP_md5(); -+ EVP_MD_CTX md; ++ EVP_MD_CTX *md; + + if (gss_enc2oid != NULL) { + for (i = 0; gss_enc2oid[i].encoded != NULL; i++) @@ -373,6 +387,7 @@ Index: openssh-7.9p1/gss-genr.c + if ((buf = sshbuf_new()) == NULL) + fatal("%s: sshbuf_new failed", __func__); + ++ md = EVP_MD_CTX_new(); + oidpos = 0; + for (i = 0; i < gss_supported->count; i++) { + if (gss_supported->elements[i].length < 128 && @@ -381,36 +396,40 @@ Index: openssh-7.9p1/gss-genr.c + deroid[0] = SSH_GSS_OIDTYPE; + deroid[1] = gss_supported->elements[i].length; + -+ EVP_DigestInit(&md, evp_md); -+ EVP_DigestUpdate(&md, deroid, 2); -+ EVP_DigestUpdate(&md, ++ EVP_DigestInit(md, evp_md); ++ EVP_DigestUpdate(md, deroid, 2); ++ EVP_DigestUpdate(md, + gss_supported->elements[i].elements, + gss_supported->elements[i].length); -+ EVP_DigestFinal(&md, digest, NULL); ++ EVP_DigestFinal(md, digest, NULL); + + encoded = xmalloc(EVP_MD_size(evp_md) * 2); + enclen = __b64_ntop(digest, EVP_MD_size(evp_md), + encoded, EVP_MD_size(evp_md) * 2); + -+ cp = strncpy(s, kex, strlen(kex)); -+ for ((p = strsep(&cp, ",")); p && *p != '\0'; -+ (p = strsep(&cp, ","))) { -+ if (sshbuf_len(buf) != 0) -+ if ((r = sshbuf_put_u8(buf, ',')) !=0) -+ fatal("%s: buffer error: %s", -+ __func__, ssh_err(r)); -+ if ((r = sshbuf_put(buf, p, strlen(p))) != 0 || -+ (r = sshbuf_put(buf, encoded, enclen)) != 0) -+ fatal("%s: buffer error: %s", -+ __func__, ssh_err(r)); -+ } ++ if (oidpos != 0) ++ if ((r = sshbuf_put_u8(buf, ',')) != 0) ++ fatal("%s: buffer error: %s", __func__, ssh_err(r)); ++ ++ if ((r = sshbuf_put(buf, KEX_GSS_GEX_SHA1_ID, ++ sizeof(KEX_GSS_GEX_SHA1_ID) - 1)) != 0 || ++ (r = sshbuf_put(buf, encoded, enclen)) != 0 || ++ (r = sshbuf_put_u8(buf, ',')) != 0 || ++ (r = sshbuf_put(buf, KEX_GSS_GRP1_SHA1_ID, ++ sizeof(KEX_GSS_GRP1_SHA1_ID) - 1)) != 0 || ++ (r = sshbuf_put(buf, encoded, enclen)) != 0 || ++ (r = sshbuf_put_u8(buf, ',')) != 0 || ++ (r = sshbuf_put(buf, KEX_GSS_GRP14_SHA1_ID, ++ sizeof(KEX_GSS_GRP14_SHA1_ID) - 1)) != 0 || ++ (r = sshbuf_put(buf, encoded, enclen)) != 0) ++ fatal("%s: buffer error: %s", __func__, ssh_err(r)); + + gss_enc2oid[oidpos].oid = &(gss_supported->elements[i]); + gss_enc2oid[oidpos].encoded = encoded; + oidpos++; + } + } -+ free(s); ++ EVP_MD_CTX_free(md); + gss_enc2oid[oidpos].oid = NULL; + gss_enc2oid[oidpos].encoded = NULL; + @@ -466,7 +485,7 @@ Index: openssh-7.9p1/gss-genr.c /* sshbuf_get for gss_buffer_desc */ int ssh_gssapi_get_buffer_desc(struct sshbuf *b, gss_buffer_desc *g) -@@ -218,7 +375,7 @@ ssh_gssapi_init_ctx(Gssctxt *ctx, int de +@@ -218,7 +381,7 @@ ssh_gssapi_init_ctx(Gssctxt *ctx, int de } ctx->major = gss_init_sec_context(&ctx->minor, @@ -475,7 +494,7 @@ Index: openssh-7.9p1/gss-genr.c GSS_C_MUTUAL_FLAG | GSS_C_INTEG_FLAG | deleg_flag, 0, NULL, recv_tok, NULL, send_tok, flags, NULL); -@@ -248,8 +405,42 @@ ssh_gssapi_import_name(Gssctxt *ctx, con +@@ -248,8 +411,42 @@ ssh_gssapi_import_name(Gssctxt *ctx, con } OM_uint32 @@ -518,7 +537,7 @@ Index: openssh-7.9p1/gss-genr.c if ((ctx->major = gss_get_mic(&ctx->minor, ctx->context, GSS_C_QOP_DEFAULT, buffer, hash))) ssh_gssapi_error(ctx); -@@ -257,6 +448,19 @@ ssh_gssapi_sign(Gssctxt *ctx, gss_buffer +@@ -257,6 +454,19 @@ ssh_gssapi_sign(Gssctxt *ctx, gss_buffer return (ctx->major); } @@ -538,7 +557,7 @@ Index: openssh-7.9p1/gss-genr.c void ssh_gssapi_buildmic(struct sshbuf *b, const char *user, const char *service, const char *context) -@@ -273,22 +477,31 @@ ssh_gssapi_buildmic(struct sshbuf *b, co +@@ -273,22 +483,31 @@ ssh_gssapi_buildmic(struct sshbuf *b, co } int @@ -573,7 +592,7 @@ Index: openssh-7.9p1/gss-genr.c NULL); gss_release_buffer(&minor, &token); if ((*ctx)->context != GSS_C_NO_CONTEXT) -@@ -296,10 +509,66 @@ ssh_gssapi_check_mechanism(Gssctxt **ctx +@@ -296,10 +515,66 @@ ssh_gssapi_check_mechanism(Gssctxt **ctx GSS_C_NO_BUFFER); } @@ -654,7 +673,7 @@ Index: openssh-7.9p1/gss-serv-krb5.c const char *errmsg; if (client->creds == NULL) { -@@ -180,11 +180,26 @@ ssh_gssapi_krb5_storecreds(ssh_gssapi_cl +@@ -180,11 +180,23 @@ ssh_gssapi_krb5_storecreds(ssh_gssapi_cl return; } @@ -668,7 +687,6 @@ Index: openssh-7.9p1/gss-serv-krb5.c - snprintf(client->store.envval, len, "FILE:%s", client->store.filename); +#ifdef USE_CCAPI + xasprintf(&client->store.envval, "API:%s", new_ccname); -+ client->store.filename = NULL; +#else + if (new_ccname[0] == ':') + new_ccname++; @@ -679,8 +697,6 @@ Index: openssh-7.9p1/gss-serv-krb5.c + if (p) + *p = '\0'; + } -+ if ((strcmp(new_cctype, "FILE") == 0) || (strcmp(new_cctype, "DIR") == 0)) -+ client->store.filename = xstrdup(new_ccname); +#endif #ifdef USE_PAM @@ -1152,7 +1168,7 @@ Index: openssh-7.9p1/kexgssc.c =================================================================== --- /dev/null +++ openssh-7.9p1/kexgssc.c -@@ -0,0 +1,348 @@ +@@ -0,0 +1,346 @@ +/* + * Copyright (c) 2001-2009 Simon Wilkinson. All rights reserved. + * @@ -1216,13 +1232,12 @@ Index: openssh-7.9p1/kexgssc.c + BIGNUM *shared_secret = NULL; + BIGNUM *p = NULL; + BIGNUM *g = NULL; ++ const BIGNUM *pub_key, *p1, *g1; + u_char *kbuf; + u_char *serverhostkey = NULL; + u_char *empty = ""; + char *msg; -+ /* TODO + char *lang; -+ */ + int type = 0; + int first = 1; + int nbits = 0, min = fips_dh_grp_min(), max = DH_GRP_MAX; @@ -1279,8 +1294,9 @@ Index: openssh-7.9p1/kexgssc.c + fatal("%s: Unexpected KEX type %d", __func__, ssh->kex->kex_type); + } + -+ /* Step 1 - e is dh->pub_key */ ++ /* Step 1 - e is pub_key */ + dh_gen_key(dh, ssh->kex->we_need * 8); ++ DH_get0_key(dh, &pub_key, NULL); + + /* This is f, we initialise it now to make life easier */ + dh_server_pub = BN_new(); @@ -1328,7 +1344,7 @@ Index: openssh-7.9p1/kexgssc.c + packet_start(SSH2_MSG_KEXGSS_INIT); + packet_put_string(send_tok.value, + send_tok.length); -+ packet_put_bignum2(dh->pub_key); ++ packet_put_bignum2((BIGNUM *)pub_key); + first = 0; + } else { + packet_start(SSH2_MSG_KEXGSS_CONTINUE); @@ -1383,9 +1399,7 @@ Index: openssh-7.9p1/kexgssc.c + maj_status = packet_get_int(); + min_status = packet_get_int(); + msg = packet_get_string(NULL); -+ /* TODO + lang = packet_get_string(NULL); -+ */ + fatal("GSSAPI Error: \n%.400s",msg); + default: + packet_disconnect("Protocol error: didn't expect packet type %d", @@ -1415,7 +1429,7 @@ Index: openssh-7.9p1/kexgssc.c + klen = DH_size(dh); + kbuf = xmalloc(klen); + kout = DH_compute_key(kbuf, dh_server_pub, dh); -+ if ((int)kout < 0) ++ if (kout < 0) + fatal("DH_compute_key: failed"); + + shared_secret = BN_new(); @@ -1434,18 +1448,19 @@ Index: openssh-7.9p1/kexgssc.c + case KEX_GSS_GRP14_SHA1: + kex_dh_hash( + ssh->kex->hash_alg, -+ ssh->kex->client_version_string, ++ ssh->kex->client_version_string, + ssh->kex->server_version_string, + sshbuf_ptr(ssh->kex->my), sshbuf_len(ssh->kex->my), + sshbuf_ptr(ssh->kex->peer), sshbuf_len(ssh->kex->peer), + (serverhostkey ? serverhostkey : empty), slen, -+ dh->pub_key, /* e */ ++ pub_key, /* e */ + dh_server_pub, /* f */ + shared_secret, /* K */ + hash, &hashlen + ); + break; + case KEX_GSS_GEX_SHA1: ++ DH_get0_pqg(dh, &p1, NULL, &g1); + kexgex_hash( + ssh->kex->hash_alg, + ssh->kex->client_version_string, @@ -1454,8 +1469,8 @@ Index: openssh-7.9p1/kexgssc.c + sshbuf_ptr(ssh->kex->peer), sshbuf_len(ssh->kex->peer), + (serverhostkey ? serverhostkey : empty), slen, + min, nbits, max, -+ dh->p, dh->g, -+ dh->pub_key, ++ p, g, ++ pub_key, + dh_server_pub, + shared_secret, + hash, &hashlen @@ -1494,7 +1509,6 @@ Index: openssh-7.9p1/kexgssc.c + else + ssh_gssapi_delete_ctx(&ctxt); + -+ /* TODO: check kex_derive_keys_bn return value */ + kex_derive_keys_bn(ssh, hash, hashlen, shared_secret); + BN_clear_free(shared_secret); + return kex_send_newkeys(ssh); @@ -1505,7 +1519,7 @@ Index: openssh-7.9p1/kexgsss.c =================================================================== --- /dev/null +++ openssh-7.9p1/kexgsss.c -@@ -0,0 +1,307 @@ +@@ -0,0 +1,308 @@ +/* + * Copyright (c) 2001-2009 Simon Wilkinson. All rights reserved. + * @@ -1586,6 +1600,7 @@ Index: openssh-7.9p1/kexgsss.c + char *mechs; + u_char hash[SSH_DIGEST_MAX_LENGTH]; + size_t hashlen; ++ const BIGNUM *p, *g, *pub_key; + + /* Initialise GSSAPI */ + @@ -1638,9 +1653,10 @@ Index: openssh-7.9p1/kexgsss.c + if (dh == NULL) + packet_disconnect("Protocol error: no matching group found"); + ++ DH_set0_pqg(dh, &p, NULL, &g); + packet_start(SSH2_MSG_KEXGSS_GROUP); -+ packet_put_bignum2(dh->p); -+ packet_put_bignum2(dh->g); ++ packet_put_bignum2((BIGNUM *)p); ++ packet_put_bignum2((BIGNUM *)g); + packet_send(); + + packet_write_wait(); @@ -1701,7 +1717,7 @@ Index: openssh-7.9p1/kexgsss.c + if (GSS_ERROR(maj_status)) { + if (send_tok.length > 0) { + packet_start(SSH2_MSG_KEXGSS_CONTINUE); -+ packet_put_string(send_tok.value, send_tok.length); ++ packet_put_string((char *)send_tok.value, send_tok.length); + packet_send(); + } + fatal("accept_ctx died"); @@ -1732,17 +1748,17 @@ Index: openssh-7.9p1/kexgsss.c + memset(kbuf, 0, klen); + free(kbuf); + ++ DH_get0_key(dh, &pub_key, NULL); + hashlen = sizeof(hash); + switch (ssh->kex->kex_type) { + case KEX_GSS_GRP1_SHA1: + case KEX_GSS_GRP14_SHA1: -+ kex_dh_hash( -+ ssh->kex->hash_alg, ++ kex_dh_hash(ssh->kex->hash_alg, + ssh->kex->client_version_string, ssh->kex->server_version_string, + sshbuf_ptr(ssh->kex->peer), sshbuf_len(ssh->kex->peer), + sshbuf_ptr(ssh->kex->my), sshbuf_len(ssh->kex->my), + NULL, 0, /* Change this if we start sending host keys */ -+ dh_client_pub, dh->pub_key, shared_secret, ++ dh_client_pub, pub_key, shared_secret, + hash, &hashlen + ); + break; @@ -1754,9 +1770,9 @@ Index: openssh-7.9p1/kexgsss.c + sshbuf_ptr(ssh->kex->my), sshbuf_len(ssh->kex->my), + NULL, 0, + cmin, nbits, cmax, -+ dh->p, dh->g, ++ p, g, + dh_client_pub, -+ dh->pub_key, ++ pub_key, + shared_secret, + hash, &hashlen + ); @@ -1780,12 +1796,12 @@ Index: openssh-7.9p1/kexgsss.c + fatal("Couldn't get MIC"); + + packet_start(SSH2_MSG_KEXGSS_COMPLETE); -+ packet_put_bignum2(dh->pub_key); ++ packet_put_bignum2(pub_key); + packet_put_string(msg_tok.value,msg_tok.length); + + if (send_tok.length != 0) { + packet_put_char(1); /* true */ -+ packet_put_string(send_tok.value, send_tok.length); ++ packet_put_string((char *)send_tok.value, send_tok.length); + } else { + packet_put_char(0); /* false */ + } @@ -1801,7 +1817,6 @@ Index: openssh-7.9p1/kexgsss.c + + DH_free(dh); + -+ /* TODO: check kex_derive_keys_bn return value */ + kex_derive_keys_bn(ssh, hash, hashlen, shared_secret); + BN_clear_free(shared_secret); + kex_send_newkeys(ssh); @@ -1971,7 +1986,7 @@ Index: openssh-7.9p1/monitor.c + fatal("In GSSAPI monitor when GSSAPI is disabled"); + + if ((r = sshbuf_get_string(m, (u_char **)&data.value, &data.length)) != 0) -+ fatal("%s: buffer error: %s", __func__, ssh_err(r)); ++ fatal("%s: buffer error: %s", __func__, ssh_err(r)); + if (data.length != 20) + fatal("%s: data length incorrect: %d", __func__, + (int) data.length); @@ -1988,8 +2003,8 @@ Index: openssh-7.9p1/monitor.c + + sshbuf_reset(m); + if ((r = sshbuf_put_u32(m, major)) != 0 || -+ (r = sshbuf_put_string(m, hash.value, hash.length)) != 0) -+ fatal("%s: buffer error: %s", __func__, ssh_err(r)); ++ (r = sshbuf_put_string(m, hash.value, hash.length)) != 0) ++ fatal("%s: buffer error: %s", __func__, ssh_err(r)); + + mm_request_send(socket, MONITOR_ANS_GSSSIGN, m); + @@ -2917,7 +2932,7 @@ Index: openssh-7.9p1/sshconnect2.c + ssh_gssapi_buildmic(b, authctxt->server_user, authctxt->service, + "gssapi-keyex"); + -+ gssbuf.value = sshbuf_mutable_ptr(b); ++ gssbuf.value = sshbuf_mutable_ptr(b); + gssbuf.length = sshbuf_len(b); + + if (GSS_ERROR(ssh_gssapi_sign(gss_kex_context, &gssbuf, &mic))) { @@ -2925,7 +2940,7 @@ Index: openssh-7.9p1/sshconnect2.c + return (0); + } + -+ packet_start(SSH2_MSG_USERAUTH_REQUEST); ++ packet_start(SSH2_MSG_USERAUTH_REQUEST); + packet_put_cstring(authctxt->server_user); + packet_put_cstring(authctxt->service); + packet_put_cstring(authctxt->method->name); @@ -2941,7 +2956,7 @@ Index: openssh-7.9p1/sshconnect2.c #endif /* GSSAPI */ int -@@ -1473,8 +1713,8 @@ key_type_allowed_by_config(struct sshkey +@@ -1473,8 +1716,8 @@ key_type_allowed_by_config(struct sshkey /* * try keys in the following order: diff --git a/openssh-7.7p1-ldap.patch b/openssh-7.7p1-ldap.patch index 5d6aa88..7e8a79d 100644 --- a/openssh-7.7p1-ldap.patch +++ b/openssh-7.7p1-ldap.patch @@ -10,10 +10,10 @@ # internal versions. ssh-keyconverter consequently fails to link as it lacks # the proper flags, and libopenbsd-compat doesn't contain the b64_* functions) -Index: openssh-7.8p1/HOWTO.ldap-keys +Index: openssh-7.9p1/HOWTO.ldap-keys =================================================================== --- /dev/null -+++ openssh-7.8p1/HOWTO.ldap-keys ++++ openssh-7.9p1/HOWTO.ldap-keys @@ -0,0 +1,108 @@ + +HOW TO START @@ -123,10 +123,10 @@ Index: openssh-7.8p1/HOWTO.ldap-keys + - frederic peters. + - Finlay dobbie. + - Stefan Fisher. -Index: openssh-7.8p1/Makefile.in +Index: openssh-7.9p1/Makefile.in =================================================================== ---- openssh-7.8p1.orig/Makefile.in -+++ openssh-7.8p1/Makefile.in +--- openssh-7.9p1.orig/Makefile.in ++++ openssh-7.9p1/Makefile.in @@ -24,6 +24,8 @@ ASKPASS_PROGRAM=$(libexecdir)/ssh-askpas SFTP_SERVER=$(libexecdir)/sftp-server SSH_KEYSIGN=$(libexecdir)/ssh-keysign @@ -146,7 +146,7 @@ Index: openssh-7.8p1/Makefile.in XMSS_OBJS=\ ssh-xmss.o \ sshkey-xmss.o \ -@@ -132,8 +137,8 @@ SSHDOBJS=sshd.o auth-rhosts.o auth-passw +@@ -130,8 +135,8 @@ SSHDOBJS=sshd.o auth-rhosts.o auth-passw sandbox-seccomp-filter.o sandbox-capsicum.o sandbox-pledge.o \ sandbox-solaris.o uidswap.o @@ -157,7 +157,7 @@ Index: openssh-7.8p1/Makefile.in MANTYPE = @MANTYPE@ CONFIGFILES=sshd_config.out ssh_config.out moduli.out -@@ -208,6 +213,9 @@ ssh-pkcs11-helper$(EXEEXT): $(LIBCOMPAT) +@@ -206,6 +211,9 @@ ssh-pkcs11-helper$(EXEEXT): $(LIBCOMPAT) ssh-keyscan$(EXEEXT): $(LIBCOMPAT) libssh.a ssh-keyscan.o $(LD) -o $@ ssh-keyscan.o $(LDFLAGS) -lssh -lopenbsd-compat -lssh $(LIBS) @@ -167,7 +167,7 @@ Index: openssh-7.8p1/Makefile.in sftp-server$(EXEEXT): $(LIBCOMPAT) libssh.a sftp.o sftp-common.o sftp-server.o sftp-server-main.o $(LD) -o $@ sftp-server.o sftp-common.o sftp-server-main.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS) -@@ -363,6 +371,10 @@ install-files: +@@ -361,6 +369,10 @@ install-files: $(INSTALL) -m 0755 $(STRIP_OPT) sshd$(EXEEXT) $(DESTDIR)$(sbindir)/sshd$(EXEEXT) $(INSTALL) -m 4711 $(STRIP_OPT) ssh-keysign$(EXEEXT) $(DESTDIR)$(SSH_KEYSIGN)$(EXEEXT) $(INSTALL) -m 0755 $(STRIP_OPT) ssh-pkcs11-helper$(EXEEXT) $(DESTDIR)$(SSH_PKCS11_HELPER)$(EXEEXT) @@ -178,7 +178,7 @@ Index: openssh-7.8p1/Makefile.in $(INSTALL) -m 0755 $(STRIP_OPT) sftp$(EXEEXT) $(DESTDIR)$(bindir)/sftp$(EXEEXT) $(INSTALL) -m 0755 $(STRIP_OPT) sftp-server$(EXEEXT) $(DESTDIR)$(SFTP_SERVER)$(EXEEXT) $(INSTALL) -m 0755 $(STRIP_OPT) cavstest-ctr$(EXEEXT) $(DESTDIR)$(libexecdir)/cavstest-ctr$(EXEEXT) -@@ -381,6 +393,10 @@ install-files: +@@ -379,6 +391,10 @@ install-files: $(INSTALL) -m 644 sftp-server.8.out $(DESTDIR)$(mandir)/$(mansubdir)8/sftp-server.8 $(INSTALL) -m 644 ssh-keysign.8.out $(DESTDIR)$(mandir)/$(mansubdir)8/ssh-keysign.8 $(INSTALL) -m 644 ssh-pkcs11-helper.8.out $(DESTDIR)$(mandir)/$(mansubdir)8/ssh-pkcs11-helper.8 @@ -189,7 +189,7 @@ Index: openssh-7.8p1/Makefile.in install-sysconf: $(MKDIR_P) $(DESTDIR)$(sysconfdir) -@@ -404,6 +420,13 @@ install-sysconf: +@@ -402,6 +418,13 @@ install-sysconf: else \ echo "$(DESTDIR)$(sysconfdir)/moduli already exists, install will not overwrite"; \ fi @@ -203,7 +203,7 @@ Index: openssh-7.8p1/Makefile.in host-key: ssh-keygen$(EXEEXT) @if [ -z "$(DESTDIR)" ] ; then \ -@@ -441,6 +464,8 @@ uninstall: +@@ -439,6 +462,8 @@ uninstall: -rm -r $(DESTDIR)$(SFTP_SERVER)$(EXEEXT) -rm -f $(DESTDIR)$(SSH_KEYSIGN)$(EXEEXT) -rm -f $(DESTDIR)$(SSH_PKCS11_HELPER)$(EXEEXT) @@ -212,7 +212,7 @@ Index: openssh-7.8p1/Makefile.in -rm -f $(DESTDIR)$(mandir)/$(mansubdir)1/ssh.1 -rm -f $(DESTDIR)$(mandir)/$(mansubdir)1/scp.1 -rm -f $(DESTDIR)$(mandir)/$(mansubdir)1/ssh-add.1 -@@ -452,6 +477,7 @@ uninstall: +@@ -450,6 +475,7 @@ uninstall: -rm -f $(DESTDIR)$(mandir)/$(mansubdir)8/sftp-server.8 -rm -f $(DESTDIR)$(mandir)/$(mansubdir)8/ssh-keysign.8 -rm -f $(DESTDIR)$(mandir)/$(mansubdir)8/ssh-pkcs11-helper.8 @@ -220,11 +220,11 @@ Index: openssh-7.8p1/Makefile.in regress-prep: $(MKDIR_P) `pwd`/regress/unittests/test_helper -Index: openssh-7.8p1/configure.ac +Index: openssh-7.9p1/configure.ac =================================================================== ---- openssh-7.8p1.orig/configure.ac -+++ openssh-7.8p1/configure.ac -@@ -1680,6 +1680,106 @@ AC_ARG_WITH([audit], +--- openssh-7.9p1.orig/configure.ac ++++ openssh-7.9p1/configure.ac +@@ -1671,6 +1671,106 @@ AC_ARG_WITH([audit], esac ] ) @@ -331,10 +331,10 @@ Index: openssh-7.8p1/configure.ac AC_ARG_WITH([pie], [ --with-pie Build Position Independent Executables if possible], [ if test "x$withval" = "xno"; then -Index: openssh-7.8p1/ldap-helper.c +Index: openssh-7.9p1/ldap-helper.c =================================================================== --- /dev/null -+++ openssh-7.8p1/ldap-helper.c ++++ openssh-7.9p1/ldap-helper.c @@ -0,0 +1,155 @@ +/* $OpenBSD: ssh-pka-ldap.c,v 1.1 2009/12/03 03:34:42 jfch Exp $ */ +/* @@ -491,10 +491,10 @@ Index: openssh-7.8p1/ldap-helper.c +void *buffer_get_string(struct sshbuf *b, u_int *l) { return NULL; } +void buffer_put_string(struct sshbuf *b, const void *f, u_int l) {} + -Index: openssh-7.8p1/ldap-helper.h +Index: openssh-7.9p1/ldap-helper.h =================================================================== --- /dev/null -+++ openssh-7.8p1/ldap-helper.h ++++ openssh-7.9p1/ldap-helper.h @@ -0,0 +1,32 @@ +/* $OpenBSD: ldap-helper.h,v 1.1 2009/12/03 03:34:42 jfch Exp $ */ +/* @@ -528,10 +528,10 @@ Index: openssh-7.8p1/ldap-helper.h +extern int config_warning_config_file; + +#endif /* LDAP_HELPER_H */ -Index: openssh-7.8p1/ldap.conf +Index: openssh-7.9p1/ldap.conf =================================================================== --- /dev/null -+++ openssh-7.8p1/ldap.conf ++++ openssh-7.9p1/ldap.conf @@ -0,0 +1,88 @@ +# $Id: openssh-5.5p1-ldap.patch,v 1.3 2010/07/07 13:48:36 jfch2222 Exp $ +# @@ -621,10 +621,10 @@ Index: openssh-7.8p1/ldap.conf +#tls_cert +#tls_key + -Index: openssh-7.8p1/ldapbody.c +Index: openssh-7.9p1/ldapbody.c =================================================================== --- /dev/null -+++ openssh-7.8p1/ldapbody.c ++++ openssh-7.9p1/ldapbody.c @@ -0,0 +1,494 @@ +/* $OpenBSD: ldapbody.c,v 1.1 2009/12/03 03:34:42 jfch Exp $ */ +/* @@ -1120,10 +1120,10 @@ Index: openssh-7.8p1/ldapbody.c + return; +} + -Index: openssh-7.8p1/ldapbody.h +Index: openssh-7.9p1/ldapbody.h =================================================================== --- /dev/null -+++ openssh-7.8p1/ldapbody.h ++++ openssh-7.9p1/ldapbody.h @@ -0,0 +1,37 @@ +/* $OpenBSD: ldapbody.h,v 1.1 2009/12/03 03:34:42 jfch Exp $ */ +/* @@ -1162,10 +1162,10 @@ Index: openssh-7.8p1/ldapbody.h + +#endif /* LDAPBODY_H */ + -Index: openssh-7.8p1/ldapconf.c +Index: openssh-7.9p1/ldapconf.c =================================================================== --- /dev/null -+++ openssh-7.8p1/ldapconf.c ++++ openssh-7.9p1/ldapconf.c @@ -0,0 +1,711 @@ +/* $OpenBSD: ldapconf.c,v 1.1 2009/12/03 03:34:42 jfch Exp $ */ +/* @@ -1878,10 +1878,10 @@ Index: openssh-7.8p1/ldapconf.c + dump_cfg_string(lSSH_Filter, options.ssh_filter); +} + -Index: openssh-7.8p1/ldapconf.h +Index: openssh-7.9p1/ldapconf.h =================================================================== --- /dev/null -+++ openssh-7.8p1/ldapconf.h ++++ openssh-7.9p1/ldapconf.h @@ -0,0 +1,71 @@ +/* $OpenBSD: ldapconf.c,v 1.1 2009/12/03 03:34:42 jfch Exp $ */ +/* @@ -1954,10 +1954,10 @@ Index: openssh-7.8p1/ldapconf.h +void dump_config(void); + +#endif /* LDAPCONF_H */ -Index: openssh-7.8p1/ldapincludes.h +Index: openssh-7.9p1/ldapincludes.h =================================================================== --- /dev/null -+++ openssh-7.8p1/ldapincludes.h ++++ openssh-7.9p1/ldapincludes.h @@ -0,0 +1,41 @@ +/* $OpenBSD: ldapconf.c,v 1.1 2009/12/03 03:34:42 jfch Exp $ */ +/* @@ -2000,10 +2000,10 @@ Index: openssh-7.8p1/ldapincludes.h +#endif + +#endif /* LDAPINCLUDES_H */ -Index: openssh-7.8p1/ldapmisc.c +Index: openssh-7.9p1/ldapmisc.c =================================================================== --- /dev/null -+++ openssh-7.8p1/ldapmisc.c ++++ openssh-7.9p1/ldapmisc.c @@ -0,0 +1,79 @@ + +#include "ldapincludes.h" @@ -2084,10 +2084,10 @@ Index: openssh-7.8p1/ldapmisc.c +} +#endif + -Index: openssh-7.8p1/ldapmisc.h +Index: openssh-7.9p1/ldapmisc.h =================================================================== --- /dev/null -+++ openssh-7.8p1/ldapmisc.h ++++ openssh-7.9p1/ldapmisc.h @@ -0,0 +1,35 @@ +/* $OpenBSD: ldapbody.h,v 1.1 2009/12/03 03:34:42 jfch Exp $ */ +/* @@ -2124,10 +2124,10 @@ Index: openssh-7.8p1/ldapmisc.h + +#endif /* LDAPMISC_H */ + -Index: openssh-7.8p1/openbsd-compat/base64.c +Index: openssh-7.9p1/openbsd-compat/base64.c =================================================================== ---- openssh-7.8p1.orig/openbsd-compat/base64.c -+++ openssh-7.8p1/openbsd-compat/base64.c +--- openssh-7.9p1.orig/openbsd-compat/base64.c ++++ openssh-7.9p1/openbsd-compat/base64.c @@ -46,7 +46,7 @@ #include "includes.h" @@ -2155,10 +2155,10 @@ Index: openssh-7.8p1/openbsd-compat/base64.c /* skips all whitespace anywhere. converts characters, four at a time, starting at (or after) -Index: openssh-7.8p1/openbsd-compat/base64.h +Index: openssh-7.9p1/openbsd-compat/base64.h =================================================================== ---- openssh-7.8p1.orig/openbsd-compat/base64.h -+++ openssh-7.8p1/openbsd-compat/base64.h +--- openssh-7.9p1.orig/openbsd-compat/base64.h ++++ openssh-7.9p1/openbsd-compat/base64.h @@ -45,16 +45,16 @@ #include "includes.h" @@ -2180,10 +2180,10 @@ Index: openssh-7.8p1/openbsd-compat/base64.h int b64_pton(char const *src, u_char *target, size_t targsize); # endif /* !HAVE_B64_PTON */ # define __b64_pton(a,b,c) b64_pton(a,b,c) -Index: openssh-7.8p1/openssh-lpk-openldap.schema +Index: openssh-7.9p1/openssh-lpk-openldap.schema =================================================================== --- /dev/null -+++ openssh-7.8p1/openssh-lpk-openldap.schema ++++ openssh-7.9p1/openssh-lpk-openldap.schema @@ -0,0 +1,21 @@ +# +# LDAP Public Key Patch schema for use with openssh-ldappubkey @@ -2206,10 +2206,10 @@ Index: openssh-7.8p1/openssh-lpk-openldap.schema + DESC 'MANDATORY: OpenSSH LPK objectclass' + MUST ( sshPublicKey $ uid ) + ) -Index: openssh-7.8p1/openssh-lpk-sun.schema +Index: openssh-7.9p1/openssh-lpk-sun.schema =================================================================== --- /dev/null -+++ openssh-7.8p1/openssh-lpk-sun.schema ++++ openssh-7.9p1/openssh-lpk-sun.schema @@ -0,0 +1,23 @@ +# +# LDAP Public Key Patch schema for use with openssh-ldappubkey @@ -2234,10 +2234,10 @@ Index: openssh-7.8p1/openssh-lpk-sun.schema + DESC 'MANDATORY: OpenSSH LPK objectclass' + MUST ( sshPublicKey $ uid ) + ) -Index: openssh-7.8p1/ssh-ldap-helper.8 +Index: openssh-7.9p1/ssh-ldap-helper.8 =================================================================== --- /dev/null -+++ openssh-7.8p1/ssh-ldap-helper.8 ++++ openssh-7.9p1/ssh-ldap-helper.8 @@ -0,0 +1,79 @@ +.\" $OpenBSD: ssh-ldap-helper.8,v 1.1 2010/02/10 23:20:38 markus Exp $ +.\" @@ -2318,19 +2318,19 @@ Index: openssh-7.8p1/ssh-ldap-helper.8 +OpenSSH 5.5 + PKA-LDAP . +.Sh AUTHORS +.An Jan F. Chadima Aq jchadima@redhat.com -Index: openssh-7.8p1/ssh-ldap-wrapper +Index: openssh-7.9p1/ssh-ldap-wrapper =================================================================== --- /dev/null -+++ openssh-7.8p1/ssh-ldap-wrapper ++++ openssh-7.9p1/ssh-ldap-wrapper @@ -0,0 +1,4 @@ +#!/bin/sh + +exec @LIBEXECDIR@/ssh-ldap-helper -s "$1" + -Index: openssh-7.8p1/ssh-ldap.conf.5 +Index: openssh-7.9p1/ssh-ldap.conf.5 =================================================================== --- /dev/null -+++ openssh-7.8p1/ssh-ldap.conf.5 ++++ openssh-7.9p1/ssh-ldap.conf.5 @@ -0,0 +1,376 @@ +.\" $OpenBSD: ssh-ldap.conf.5,v 1.1 2010/02/10 23:20:38 markus Exp $ +.\" diff --git a/openssh.changes b/openssh.changes index f485d82..ac57f53 100644 --- a/openssh.changes +++ b/openssh.changes @@ -41,6 +41,8 @@ Mon Oct 22 08:51:30 UTC 2018 - Pedro Monreal Gonzalez From 81347795a3c63466ae1e785d9dfcf0646322b398781cc82d09af290bc33c777a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Tom=C3=A1=C5=A1=20Chv=C3=A1tal?= Date: Wed, 31 Oct 2018 05:45:24 +0000 Subject: [PATCH 8/9] Accepting request 645609 from home:elvigia:branches:network - openssh-7.7p1-audit.patch: fix sshd fatal error in mm_answer_keyverify: buffer error: incomplete message [bnc#1114008] OBS-URL: https://build.opensuse.org/request/show/645609 OBS-URL: https://build.opensuse.org/package/show/network/openssh?expand=0&rev=162 --- openssh-7.7p1-audit.patch | 26 +++++++++++++++----------- openssh.changes | 6 ++++++ 2 files changed, 21 insertions(+), 11 deletions(-) diff --git a/openssh-7.7p1-audit.patch b/openssh-7.7p1-audit.patch index ea7c3c1..506c82d 100644 --- a/openssh-7.7p1-audit.patch +++ b/openssh-7.7p1-audit.patch @@ -1160,15 +1160,19 @@ Index: openssh-7.9p1/monitor.c #endif #ifdef GSSAPI {MONITOR_REQ_GSSSETUP, 0, mm_answer_gss_setup_ctx}, -@@ -1379,6 +1397,7 @@ mm_answer_keyverify(int sock, struct ssh +@@ -1379,8 +1397,10 @@ mm_answer_keyverify(int sock, struct ssh char *sigalg; size_t signaturelen, datalen, bloblen; int r, ret, valid_data = 0, encoded_ret; + int type = 0; - if ((r = sshbuf_get_string(m, &blob, &bloblen)) != 0 || +- if ((r = sshbuf_get_string(m, &blob, &bloblen)) != 0 || ++ if ((r = sshbuf_get_u32(m, &type)) != 0 || ++ (r = sshbuf_get_string(m, &blob, &bloblen)) != 0 || (r = sshbuf_get_string(m, &signature, &signaturelen)) != 0 || -@@ -1389,6 +1408,8 @@ mm_answer_keyverify(int sock, struct ssh + (r = sshbuf_get_string(m, &data, &datalen)) != 0 || + (r = sshbuf_get_cstring(m, &sigalg, NULL)) != 0) +@@ -1389,6 +1409,8 @@ mm_answer_keyverify(int sock, struct ssh if (hostbased_cuser == NULL || hostbased_chost == NULL || !monitor_allowed_key(blob, bloblen)) fatal("%s: bad key, not previously allowed", __func__); @@ -1177,7 +1181,7 @@ Index: openssh-7.9p1/monitor.c /* Empty signature algorithm means NULL. */ if (*sigalg == '\0') { -@@ -1403,22 +1424,25 @@ mm_answer_keyverify(int sock, struct ssh +@@ -1403,22 +1425,25 @@ mm_answer_keyverify(int sock, struct ssh switch (key_blobtype) { case MM_USERKEY: valid_data = monitor_valid_userblob(data, datalen); @@ -1205,7 +1209,7 @@ Index: openssh-7.9p1/monitor.c debug3("%s: %s %p signature %s", __func__, auth_method, key, (ret == 0) ? "verified" : "unverified"); auth2_record_key(authctxt, ret == 0, key); -@@ -1478,6 +1502,12 @@ mm_session_close(Session *s) +@@ -1478,6 +1503,12 @@ mm_session_close(Session *s) debug3("%s: tty %s ptyfd %d", __func__, s->tty, s->ptyfd); session_pty_cleanup2(s); } @@ -1218,7 +1222,7 @@ Index: openssh-7.9p1/monitor.c session_unused(s->self); } -@@ -1586,6 +1616,8 @@ mm_answer_term(int sock, struct sshbuf * +@@ -1586,6 +1617,8 @@ mm_answer_term(int sock, struct sshbuf * sshpam_cleanup(); #endif @@ -1227,7 +1231,7 @@ Index: openssh-7.9p1/monitor.c while (waitpid(pmonitor->m_pid, &status, 0) == -1) if (errno != EINTR) exit(1); -@@ -1632,14 +1664,50 @@ mm_answer_audit_command(int socket, stru +@@ -1632,14 +1665,50 @@ mm_answer_audit_command(int socket, stru { char *cmd; int r; @@ -1281,7 +1285,7 @@ Index: openssh-7.9p1/monitor.c } #endif /* SSH_AUDIT_EVENTS */ -@@ -1701,6 +1769,7 @@ monitor_apply_keystate(struct monitor *p +@@ -1701,6 +1770,7 @@ monitor_apply_keystate(struct monitor *p void mm_get_keystate(struct monitor *pmonitor) { @@ -1289,7 +1293,7 @@ Index: openssh-7.9p1/monitor.c debug3("%s: Waiting for new keys", __func__); if ((child_state = sshbuf_new()) == NULL) -@@ -1708,6 +1777,19 @@ mm_get_keystate(struct monitor *pmonitor +@@ -1708,6 +1778,19 @@ mm_get_keystate(struct monitor *pmonitor mm_request_receive_expect(pmonitor->m_sendfd, MONITOR_REQ_KEYEXPORT, child_state); debug3("%s: GOT new keys", __func__); @@ -1309,7 +1313,7 @@ Index: openssh-7.9p1/monitor.c } -@@ -1909,7 +1991,7 @@ mm_answer_gss_sign(int socket, struct ss +@@ -1909,7 +1992,7 @@ mm_answer_gss_sign(int socket, struct ss fatal("In GSSAPI monitor when GSSAPI is disabled"); if ((r = sshbuf_get_string(m, (u_char **)&data.value, &data.length)) != 0) @@ -1318,7 +1322,7 @@ Index: openssh-7.9p1/monitor.c if (data.length != 20) fatal("%s: data length incorrect: %d", __func__, (int) data.length); -@@ -1966,3 +2048,102 @@ mm_answer_gss_updatecreds(int socket, st +@@ -1966,3 +2049,102 @@ mm_answer_gss_updatecreds(int socket, st } #endif /* GSSAPI */ diff --git a/openssh.changes b/openssh.changes index ac57f53..0363aaf 100644 --- a/openssh.changes +++ b/openssh.changes @@ -1,3 +1,9 @@ +------------------------------------------------------------------- +Wed Oct 31 00:27:41 UTC 2018 - Cristian Rodríguez + +- openssh-7.7p1-audit.patch: fix sshd fatal error in + mm_answer_keyverify: buffer error: incomplete message [bnc#1114008] + ------------------------------------------------------------------- Mon Oct 22 08:51:30 UTC 2018 - Pedro Monreal Gonzalez From c41fcd05a765a0ee64c9d7b67399d7a335c85f2e09abe7c5923784d08e3b0cc3 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Tom=C3=A1=C5=A1=20Chv=C3=A1tal?= Date: Mon, 26 Nov 2018 14:06:38 +0000 Subject: [PATCH 9/9] Accepting request 651986 from home:vitezslav_cizek:branches:network - Fix build with openssl < 1.1.0 * add openssh-openssl-1_0_0-compatibility.patch OBS-URL: https://build.opensuse.org/request/show/651986 OBS-URL: https://build.opensuse.org/package/show/network/openssh?expand=0&rev=163 --- openssh-openssl-1_0_0-compatibility.patch | 41 +++++++++++++++++++++++ openssh.changes | 6 ++++ openssh.spec | 1 + 3 files changed, 48 insertions(+) create mode 100644 openssh-openssl-1_0_0-compatibility.patch diff --git a/openssh-openssl-1_0_0-compatibility.patch b/openssh-openssl-1_0_0-compatibility.patch new file mode 100644 index 0000000..d715312 --- /dev/null +++ b/openssh-openssl-1_0_0-compatibility.patch @@ -0,0 +1,41 @@ +Index: openssh-7.9p1/openbsd-compat/openssl-compat.c +=================================================================== +--- openssh-7.9p1.orig/openbsd-compat/openssl-compat.c 2018-11-26 11:47:17.417925053 +0100 ++++ openssh-7.9p1/openbsd-compat/openssl-compat.c 2018-11-26 11:52:47.127727580 +0100 +@@ -76,7 +76,7 @@ ssh_OpenSSL_add_all_algorithms(void) + ENGINE_load_builtin_engines(); + ENGINE_register_all_complete(); + +-#if OPENSSL_VERSION_NUMBER < 0x10001000L ++#if OPENSSL_VERSION_NUMBER < 0x10100000L + OPENSSL_config(NULL); + #else + OPENSSL_init_crypto(OPENSSL_INIT_ADD_ALL_CIPHERS | +Index: openssh-7.9p1/gss-genr.c +=================================================================== +--- openssh-7.9p1.orig/gss-genr.c 2018-11-26 11:47:17.417925053 +0100 ++++ openssh-7.9p1/gss-genr.c 2018-11-26 12:01:40.354642746 +0100 +@@ -114,7 +114,11 @@ ssh_gssapi_kex_mechs(gss_OID_set gss_sup + if ((buf = sshbuf_new()) == NULL) + fatal("%s: sshbuf_new failed", __func__); + ++#if OPENSSL_VERSION_NUMBER < 0x10100000L ++ md = EVP_MD_CTX_create(); ++#else + md = EVP_MD_CTX_new(); ++#endif + oidpos = 0; + for (i = 0; i < gss_supported->count; i++) { + if (gss_supported->elements[i].length < 128 && +@@ -156,7 +160,11 @@ ssh_gssapi_kex_mechs(gss_OID_set gss_sup + oidpos++; + } + } ++#if OPENSSL_VERSION_NUMBER < 0x10100000L ++ EVP_MD_CTX_destroy(md); ++#else + EVP_MD_CTX_free(md); ++#endif + gss_enc2oid[oidpos].oid = NULL; + gss_enc2oid[oidpos].encoded = NULL; + diff --git a/openssh.changes b/openssh.changes index 0363aaf..6fd31f7 100644 --- a/openssh.changes +++ b/openssh.changes @@ -1,3 +1,9 @@ +------------------------------------------------------------------- +Mon Nov 26 11:07:42 UTC 2018 - Vítězslav Čížek + +- Fix build with openssl < 1.1.0 + * add openssh-openssl-1_0_0-compatibility.patch + ------------------------------------------------------------------- Wed Oct 31 00:27:41 UTC 2018 - Cristian Rodríguez diff --git a/openssh.spec b/openssh.spec index 0af7c69..61701c9 100644 --- a/openssh.spec +++ b/openssh.spec @@ -97,6 +97,7 @@ Patch31: openssh-7.7p1-ldap.patch # https://bugzilla.mindrot.org/show_bug.cgi?id=2213 Patch32: openssh-7.7p1-IPv6_X_forwarding.patch Patch33: openssh-7.7p1-sftp_print_diagnostic_messages.patch +Patch34: openssh-openssl-1_0_0-compatibility.patch BuildRequires: audit-devel BuildRequires: autoconf BuildRequires: groff