From 8ca4d6f6f47216717c3427b2a5cbaa967e6deae154a113a90ea1a9204861a47b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?V=C3=ADt=C4=9Bzslav=20=C4=8C=C3=AD=C5=BEek?= Date: Tue, 12 Mar 2019 15:19:34 +0000 Subject: [PATCH] Accepting request 684353 from home:vitezslav_cizek:branches:network - Minor clean-up of the fips patches, modified openssh-7.7p1-fips.patch openssh-7.7p1-fips_checks.patch OBS-URL: https://build.opensuse.org/request/show/684353 OBS-URL: https://build.opensuse.org/package/show/network/openssh?expand=0&rev=185 --- openssh-7.7p1-fips.patch | 30 +++++++----------------------- openssh-7.7p1-fips_checks.patch | 27 ++++++++++++--------------- openssh.changes | 7 +++++++ 3 files changed, 26 insertions(+), 38 deletions(-) diff --git a/openssh-7.7p1-fips.patch b/openssh-7.7p1-fips.patch index 7d6bc9d..0b3ba6c 100644 --- a/openssh-7.7p1-fips.patch +++ b/openssh-7.7p1-fips.patch @@ -6,7 +6,7 @@ algorithms. Index: openssh-7.9p1/Makefile.in =================================================================== --- openssh-7.9p1.orig/Makefile.in 2019-02-28 17:20:15.767164591 +0100 -+++ openssh-7.9p1/Makefile.in 2019-02-28 20:18:30.666473978 +0100 ++++ openssh-7.9p1/Makefile.in 2019-03-12 11:41:49.662894934 +0100 @@ -102,6 +102,8 @@ LIBSSH_OBJS=${LIBOPENSSH_OBJS} \ kexdhs.o kexgexs.o kexecdhs.o kexc25519s.o \ platform-pledge.o platform-tracing.o platform-misc.o @@ -41,7 +41,7 @@ Index: openssh-7.9p1/cipher-ctr.c Index: openssh-7.9p1/cipher.c =================================================================== --- openssh-7.9p1.orig/cipher.c 2018-10-17 02:01:20.000000000 +0200 -+++ openssh-7.9p1/cipher.c 2019-02-28 20:18:30.666473978 +0100 ++++ openssh-7.9p1/cipher.c 2019-03-12 11:41:49.662894934 +0100 @@ -51,6 +51,8 @@ #include "openbsd-compat/openssl-compat.h" @@ -134,8 +134,8 @@ Index: openssh-7.9p1/cipher.c Index: openssh-7.9p1/fips.c =================================================================== --- /dev/null 1970-01-01 00:00:00.000000000 +0000 -+++ openssh-7.9p1/fips.c 2019-02-28 20:18:30.534473204 +0100 -@@ -0,0 +1,215 @@ ++++ openssh-7.9p1/fips.c 2019-03-12 11:42:10.971006569 +0100 +@@ -0,0 +1,212 @@ +/* + * Copyright (c) 2012 Petr Cerny. All rights reserved. + * @@ -176,9 +176,6 @@ Index: openssh-7.9p1/fips.c +#include +#include + -+/* import from dh.c */ -+extern int dh_grp_min; -+ +static int fips_state = -1; + +static int @@ -354,7 +351,7 @@ Index: openssh-7.9p1/fips.c Index: openssh-7.9p1/fips.h =================================================================== --- /dev/null 1970-01-01 00:00:00.000000000 +0000 -+++ openssh-7.9p1/fips.h 2019-02-28 20:18:30.534473204 +0100 ++++ openssh-7.9p1/fips.h 2019-03-12 11:41:49.514894158 +0100 @@ -0,0 +1,44 @@ +/* + * Copyright (c) 2012 Petr Cerny. All rights reserved. @@ -512,19 +509,6 @@ Index: openssh-7.9p1/kex.c free(s); return 0; } -Index: openssh-7.9p1/kexgexs.c -=================================================================== ---- openssh-7.9p1.orig/kexgexs.c 2018-10-17 02:01:20.000000000 +0200 -+++ openssh-7.9p1/kexgexs.c 2019-02-28 17:20:15.923165569 +0100 -@@ -56,6 +56,8 @@ - #include "sshbuf.h" - #include "misc.h" - -+#include "fips.h" -+ - static int input_kex_dh_gex_request(int, u_int32_t, struct ssh *); - static int input_kex_dh_gex_init(int, u_int32_t, struct ssh *); - Index: openssh-7.9p1/mac.c =================================================================== --- openssh-7.9p1.orig/mac.c 2018-10-17 02:01:20.000000000 +0200 @@ -624,7 +608,7 @@ Index: openssh-7.9p1/myproposal.h Index: openssh-7.9p1/readconf.c =================================================================== --- openssh-7.9p1.orig/readconf.c 2018-10-17 02:01:20.000000000 +0200 -+++ openssh-7.9p1/readconf.c 2019-02-28 20:18:54.650614520 +0100 ++++ openssh-7.9p1/readconf.c 2019-02-28 20:20:19.619112418 +0100 @@ -68,6 +68,8 @@ #include "myproposal.h" #include "digest.h" @@ -857,7 +841,7 @@ Index: openssh-7.9p1/ssh_config.5 Index: openssh-7.9p1/sshd.c =================================================================== --- openssh-7.9p1.orig/sshd.c 2018-10-17 02:01:20.000000000 +0200 -+++ openssh-7.9p1/sshd.c 2019-02-28 20:18:30.534473204 +0100 ++++ openssh-7.9p1/sshd.c 2019-03-12 11:41:49.514894158 +0100 @@ -123,6 +123,8 @@ #include "version.h" #include "ssherr.h" diff --git a/openssh-7.7p1-fips_checks.patch b/openssh-7.7p1-fips_checks.patch index dd5f62b..548574f 100644 --- a/openssh-7.7p1-fips_checks.patch +++ b/openssh-7.7p1-fips_checks.patch @@ -17,7 +17,7 @@ Index: openssh-7.9p1/fips-check.c =================================================================== --- /dev/null 1970-01-01 00:00:00.000000000 +0000 -+++ openssh-7.9p1/fips-check.c 2019-02-27 14:03:03.383988170 +0100 ++++ openssh-7.9p1/fips-check.c 2019-03-12 11:42:19.299050200 +0100 @@ -0,0 +1,34 @@ +#include "includes.h" +#include @@ -55,9 +55,9 @@ Index: openssh-7.9p1/fips-check.c +} Index: openssh-7.9p1/fips.c =================================================================== ---- openssh-7.9p1.orig/fips.c 2019-02-27 14:03:03.323987792 +0100 -+++ openssh-7.9p1/fips.c 2019-02-27 14:03:03.383988170 +0100 -@@ -35,33 +35,296 @@ +--- openssh-7.9p1.orig/fips.c 2019-03-12 11:42:19.299050200 +0100 ++++ openssh-7.9p1/fips.c 2019-03-12 11:43:02.363275819 +0100 +@@ -35,30 +35,293 @@ #include "log.h" #include "xmalloc.h" @@ -72,9 +72,6 @@ Index: openssh-7.9p1/fips.c +#include +#include - /* import from dh.c */ - extern int dh_grp_min; - static int fips_state = -1; +/* calculates HMAC of contents of a file given by filename using the hash @@ -367,8 +364,8 @@ Index: openssh-7.9p1/fips.c { Index: openssh-7.9p1/fips.h =================================================================== ---- openssh-7.9p1.orig/fips.h 2019-02-27 14:03:03.323987792 +0100 -+++ openssh-7.9p1/fips.h 2019-02-27 14:03:03.383988170 +0100 +--- openssh-7.9p1.orig/fips.h 2019-03-12 11:42:13.819021490 +0100 ++++ openssh-7.9p1/fips.h 2019-03-12 11:42:19.303050221 +0100 @@ -1,5 +1,5 @@ /* - * Copyright (c) 2012 Petr Cerny. All rights reserved. @@ -412,8 +409,8 @@ Index: openssh-7.9p1/fips.h - Index: openssh-7.9p1/sftp-server.c =================================================================== ---- openssh-7.9p1.orig/sftp-server.c 2018-10-17 02:01:20.000000000 +0200 -+++ openssh-7.9p1/sftp-server.c 2019-02-27 14:03:03.383988170 +0100 +--- openssh-7.9p1.orig/sftp-server.c 2019-03-12 11:42:13.819021490 +0100 ++++ openssh-7.9p1/sftp-server.c 2019-03-12 11:42:19.303050221 +0100 @@ -51,6 +51,8 @@ #include "sftp.h" #include "sftp-common.h" @@ -435,8 +432,8 @@ Index: openssh-7.9p1/sftp-server.c log_init(__progname, log_level, log_facility, log_stderr); Index: openssh-7.9p1/ssh.c =================================================================== ---- openssh-7.9p1.orig/ssh.c 2018-10-17 02:01:20.000000000 +0200 -+++ openssh-7.9p1/ssh.c 2019-02-27 14:03:03.387988194 +0100 +--- openssh-7.9p1.orig/ssh.c 2019-03-12 11:42:13.823021511 +0100 ++++ openssh-7.9p1/ssh.c 2019-03-12 11:42:19.303050221 +0100 @@ -113,6 +113,8 @@ #include "ssh-pkcs11.h" #endif @@ -459,8 +456,8 @@ Index: openssh-7.9p1/ssh.c sanitise_stdfd(); Index: openssh-7.9p1/sshd.c =================================================================== ---- openssh-7.9p1.orig/sshd.c 2019-02-27 14:03:03.327987816 +0100 -+++ openssh-7.9p1/sshd.c 2019-02-27 14:03:03.387988194 +0100 +--- openssh-7.9p1.orig/sshd.c 2019-03-12 11:42:13.823021511 +0100 ++++ openssh-7.9p1/sshd.c 2019-03-12 11:42:19.303050221 +0100 @@ -1485,6 +1485,10 @@ main(int ac, char **av) Authctxt *authctxt; struct connection_info *connection_info = NULL; diff --git a/openssh.changes b/openssh.changes index fe819f5..47ed038 100644 --- a/openssh.changes +++ b/openssh.changes @@ -1,3 +1,10 @@ +------------------------------------------------------------------- +Tue Mar 12 15:16:20 UTC 2019 - Vítězslav Čížek + +- Minor clean-up of the fips patches, modified + openssh-7.7p1-fips.patch + openssh-7.7p1-fips_checks.patch + ------------------------------------------------------------------- Mon Mar 11 15:06:17 UTC 2019 - Vítězslav Čížek