diff --git a/openssh-7.7p1-cavstest-ctr.patch b/openssh-7.7p1-cavstest-ctr.patch index 7d3dda6..e4d6791 100644 --- a/openssh-7.7p1-cavstest-ctr.patch +++ b/openssh-7.7p1-cavstest-ctr.patch @@ -3,29 +3,29 @@ CAVS test for OpenSSH's own CTR encryption mode implementation diff --git a/Makefile.in b/Makefile.in -index 7488595..d426006 100644 +index d5c37b5..5d4fcd2 100644 --- a/Makefile.in +++ b/Makefile.in -@@ -24,6 +24,7 @@ ASKPASS_PROGRAM=$(libexecdir)/ssh-askpass - SFTP_SERVER=$(libexecdir)/sftp-server +@@ -25,6 +25,7 @@ SFTP_SERVER=$(libexecdir)/sftp-server SSH_KEYSIGN=$(libexecdir)/ssh-keysign SSH_PKCS11_HELPER=$(libexecdir)/ssh-pkcs11-helper + SSH_SK_HELPER=$(libexecdir)/ssh-sk-helper +CAVSTEST_CTR=$(libexecdir)/cavstest-ctr PRIVSEP_PATH=@PRIVSEP_PATH@ SSH_PRIVSEP_USER=@SSH_PRIVSEP_USER@ STRIP_OPT=@STRIP_OPT@ -@@ -62,6 +63,8 @@ MKDIR_P=@MKDIR_P@ +@@ -70,6 +71,8 @@ MKDIR_P=@MKDIR_P@ - TARGETS=ssh$(EXEEXT) sshd$(EXEEXT) ssh-add$(EXEEXT) ssh-keygen$(EXEEXT) ssh-keyscan${EXEEXT} ssh-keysign${EXEEXT} ssh-pkcs11-helper$(EXEEXT) ssh-agent$(EXEEXT) scp$(EXEEXT) sftp-server$(EXEEXT) sftp$(EXEEXT) + TARGETS=ssh$(EXEEXT) sshd$(EXEEXT) ssh-add$(EXEEXT) ssh-keygen$(EXEEXT) ssh-keyscan${EXEEXT} ssh-keysign${EXEEXT} ssh-pkcs11-helper$(EXEEXT) ssh-agent$(EXEEXT) scp$(EXEEXT) sftp-server$(EXEEXT) sftp$(EXEEXT) ssh-sk-helper$(EXEEXT) +TARGETS += cavstest-ctr$(EXEEXT) + XMSS_OBJS=\ ssh-xmss.o \ sshkey-xmss.o \ -@@ -210,6 +213,10 @@ sftp-server$(EXEEXT): $(LIBCOMPAT) libssh.a sftp.o sftp-common.o sftp-server.o s - sftp$(EXEEXT): $(LIBCOMPAT) libssh.a sftp.o sftp-client.o sftp-common.o sftp-glob.o progressmeter.o - $(LD) -o $@ progressmeter.o sftp.o sftp-client.o sftp-common.o sftp-glob.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS) $(LIBEDIT) +@@ -244,6 +247,10 @@ sftp-server$(EXEEXT): $(LIBCOMPAT) libssh.a $(SFTPSERVER_OBJS) + sftp$(EXEEXT): $(LIBCOMPAT) libssh.a $(SFTP_OBJS) + $(LD) -o $@ $(SFTP_OBJS) $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS) $(LIBEDIT) +# FIPS tests +cavstest-ctr$(EXEEXT): $(LIBCOMPAT) libssh.a cavstest-ctr.o @@ -34,8 +34,8 @@ index 7488595..d426006 100644 # test driver for the loginrec code - not built by default logintest: logintest.o $(LIBCOMPAT) libssh.a loginrec.o $(LD) -o $@ logintest.o $(LDFLAGS) loginrec.o -lopenbsd-compat -lssh $(LIBS) -@@ -354,6 +361,7 @@ install-files: - $(INSTALL) -m 0755 $(STRIP_OPT) ssh-pkcs11-helper$(EXEEXT) $(DESTDIR)$(SSH_PKCS11_HELPER)$(EXEEXT) +@@ -398,6 +405,7 @@ install-files: + $(INSTALL) -m 0755 $(STRIP_OPT) ssh-sk-helper$(EXEEXT) $(DESTDIR)$(SSH_SK_HELPER)$(EXEEXT) $(INSTALL) -m 0755 $(STRIP_OPT) sftp$(EXEEXT) $(DESTDIR)$(bindir)/sftp$(EXEEXT) $(INSTALL) -m 0755 $(STRIP_OPT) sftp-server$(EXEEXT) $(DESTDIR)$(SFTP_SERVER)$(EXEEXT) + $(INSTALL) -m 0755 $(STRIP_OPT) cavstest-ctr$(EXEEXT) $(DESTDIR)$(libexecdir)/cavstest-ctr$(EXEEXT) @@ -263,7 +263,7 @@ index 0000000..f81cb72 + return 0; +} diff --git a/cipher.c b/cipher.c -index acca752..b67a4ff 100644 +index 2f5430b..599b54a 100644 --- a/cipher.c +++ b/cipher.c @@ -58,15 +58,6 @@ @@ -274,7 +274,7 @@ index acca752..b67a4ff 100644 - int plaintext; - int encrypt; - EVP_CIPHER_CTX *evp; -- struct chachapoly_ctx cp_ctx; /* XXX union with evp? */ +- struct chachapoly_ctx *cp_ctx; - struct aesctr_ctx ac_ctx; /* XXX union with evp? */ - const struct sshcipher *cipher; -}; @@ -283,7 +283,7 @@ index acca752..b67a4ff 100644 char *name; u_int block_size; diff --git a/cipher.h b/cipher.h -index 5843aab..d7d8c89 100644 +index 1a591cd..10ccb28 100644 --- a/cipher.h +++ b/cipher.h @@ -48,7 +48,15 @@ @@ -295,7 +295,7 @@ index 5843aab..d7d8c89 100644 + int plaintext; + int encrypt; + EVP_CIPHER_CTX *evp; -+ struct chachapoly_ctx cp_ctx; /* XXX union with evp? */ ++ struct chachapoly_ctx *cp_ctx; /* XXX union with evp? */ + struct aesctr_ctx ac_ctx; /* XXX union with evp? */ + const struct sshcipher *cipher; +}; diff --git a/openssh-7.7p1-cavstest-kdf.patch b/openssh-7.7p1-cavstest-kdf.patch index 26280d4..1c333f9 100644 --- a/openssh-7.7p1-cavstest-kdf.patch +++ b/openssh-7.7p1-cavstest-kdf.patch @@ -3,27 +3,27 @@ CAVS test for KDF implementation in OpenSSH diff --git a/Makefile.in b/Makefile.in -index d426006..85818f4 100644 +index 5d4fcd2..9eab827 100644 --- a/Makefile.in +++ b/Makefile.in -@@ -25,6 +25,7 @@ SFTP_SERVER=$(libexecdir)/sftp-server - SSH_KEYSIGN=$(libexecdir)/ssh-keysign +@@ -26,6 +26,7 @@ SSH_KEYSIGN=$(libexecdir)/ssh-keysign SSH_PKCS11_HELPER=$(libexecdir)/ssh-pkcs11-helper + SSH_SK_HELPER=$(libexecdir)/ssh-sk-helper CAVSTEST_CTR=$(libexecdir)/cavstest-ctr +CAVSTEST_KDF=$(libexecdir)/cavstest-kdf PRIVSEP_PATH=@PRIVSEP_PATH@ SSH_PRIVSEP_USER=@SSH_PRIVSEP_USER@ STRIP_OPT=@STRIP_OPT@ -@@ -63,7 +64,7 @@ MKDIR_P=@MKDIR_P@ +@@ -71,7 +72,7 @@ MKDIR_P=@MKDIR_P@ - TARGETS=ssh$(EXEEXT) sshd$(EXEEXT) ssh-add$(EXEEXT) ssh-keygen$(EXEEXT) ssh-keyscan${EXEEXT} ssh-keysign${EXEEXT} ssh-pkcs11-helper$(EXEEXT) ssh-agent$(EXEEXT) scp$(EXEEXT) sftp-server$(EXEEXT) sftp$(EXEEXT) + TARGETS=ssh$(EXEEXT) sshd$(EXEEXT) ssh-add$(EXEEXT) ssh-keygen$(EXEEXT) ssh-keyscan${EXEEXT} ssh-keysign${EXEEXT} ssh-pkcs11-helper$(EXEEXT) ssh-agent$(EXEEXT) scp$(EXEEXT) sftp-server$(EXEEXT) sftp$(EXEEXT) ssh-sk-helper$(EXEEXT) -TARGETS += cavstest-ctr$(EXEEXT) +TARGETS += cavstest-ctr$(EXEEXT) cavstest-kdf$(EXEEXT) XMSS_OBJS=\ ssh-xmss.o \ -@@ -217,6 +218,9 @@ sftp$(EXEEXT): $(LIBCOMPAT) libssh.a sftp.o sftp-client.o sftp-common.o sftp-glo +@@ -251,6 +252,9 @@ sftp$(EXEEXT): $(LIBCOMPAT) libssh.a $(SFTP_OBJS) cavstest-ctr$(EXEEXT): $(LIBCOMPAT) libssh.a cavstest-ctr.o $(LD) -o $@ cavstest-ctr.o $(LDFLAGS) -lssh -lopenbsd-compat -lssh $(LIBS) @@ -33,7 +33,7 @@ index d426006..85818f4 100644 # test driver for the loginrec code - not built by default logintest: logintest.o $(LIBCOMPAT) libssh.a loginrec.o $(LD) -o $@ logintest.o $(LDFLAGS) loginrec.o -lopenbsd-compat -lssh $(LIBS) -@@ -362,6 +366,7 @@ install-files: +@@ -406,6 +410,7 @@ install-files: $(INSTALL) -m 0755 $(STRIP_OPT) sftp$(EXEEXT) $(DESTDIR)$(bindir)/sftp$(EXEEXT) $(INSTALL) -m 0755 $(STRIP_OPT) sftp-server$(EXEEXT) $(DESTDIR)$(SFTP_SERVER)$(EXEEXT) $(INSTALL) -m 0755 $(STRIP_OPT) cavstest-ctr$(EXEEXT) $(DESTDIR)$(libexecdir)/cavstest-ctr$(EXEEXT) diff --git a/openssh-7.7p1-fips.patch b/openssh-7.7p1-fips.patch index 41d2379..beaa40d 100644 --- a/openssh-7.7p1-fips.patch +++ b/openssh-7.7p1-fips.patch @@ -4,17 +4,17 @@ FIPS 140-2 compliance. Perform selftests on start and use only FIPS approved algorithms. diff --git a/Makefile.in b/Makefile.in -index 1d2b2d9..7488595 100644 +index 62cd072..d5c37b5 100644 --- a/Makefile.in +++ b/Makefile.in -@@ -103,6 +103,8 @@ LIBSSH_OBJS=${LIBOPENSSH_OBJS} \ - platform-pledge.o platform-tracing.o platform-misc.o +@@ -114,6 +114,8 @@ LIBSSH_OBJS=${LIBOPENSSH_OBJS} \ + SKOBJS= ssh-sk-client.o +LIBSSH_OBJS += fips.o + SSHOBJS= ssh.o readconf.o clientloop.o sshtty.o \ - sshconnect.o sshconnect2.o mux.o + sshconnect.o sshconnect2.o mux.o $(SKOBJS) diff --git a/cipher-ctr.c b/cipher-ctr.c index 32771f2..b66f92f 100644 @@ -39,7 +39,7 @@ index 32771f2..b66f92f 100644 return (&aes_ctr); } diff --git a/cipher.c b/cipher.c -index 25f98ba..acca752 100644 +index 8195199..2f5430b 100644 --- a/cipher.c +++ b/cipher.c @@ -51,6 +51,9 @@ @@ -123,7 +123,7 @@ index 25f98ba..acca752 100644 if ((c->flags & CFLAG_INTERNAL) != 0) continue; if (auth_only && c->auth_len == 0) -@@ -196,7 +243,7 @@ const struct sshcipher * +@@ -207,7 +254,7 @@ const struct sshcipher * cipher_by_name(const char *name) { const struct sshcipher *c; @@ -401,10 +401,10 @@ index 0000000..a115a61 +#endif + diff --git a/hmac.c b/hmac.c -index 3268887..b905a1e 100644 +index 7b58801..5a92074 100644 --- a/hmac.c +++ b/hmac.c -@@ -146,7 +146,7 @@ hmac_test(void *key, size_t klen, void *m, size_t mlen, u_char *e, size_t elen) +@@ -145,7 +145,7 @@ hmac_test(void *key, size_t klen, void *m, size_t mlen, u_char *e, size_t elen) size_t i; u_char digest[16]; @@ -414,10 +414,10 @@ index 3268887..b905a1e 100644 if (ssh_hmac_init(ctx, key, klen) < 0 || ssh_hmac_update(ctx, m, mlen) < 0 || diff --git a/kex.c b/kex.c -index 49d7015..1f82c2e 100644 +index b09fbac..a5e4be7 100644 --- a/kex.c +++ b/kex.c -@@ -60,6 +60,8 @@ +@@ -63,6 +63,8 @@ #include "sshbuf.h" #include "digest.h" @@ -426,7 +426,7 @@ index 49d7015..1f82c2e 100644 /* prototype */ static int kex_choose_conf(struct ssh *); static int kex_input_newkeys(int, u_int32_t, struct ssh *); -@@ -83,7 +85,7 @@ struct kexalg { +@@ -86,7 +88,7 @@ struct kexalg { int ec_nid; int hash_alg; }; @@ -435,7 +435,7 @@ index 49d7015..1f82c2e 100644 #ifdef WITH_OPENSSL { KEX_DH1, KEX_DH_GRP1_SHA1, 0, SSH_DIGEST_SHA1 }, { KEX_DH14_SHA1, KEX_DH_GRP14_SHA1, 0, SSH_DIGEST_SHA1 }, -@@ -114,6 +116,47 @@ static const struct kexalg kexalgs[] = { +@@ -117,6 +119,47 @@ static const struct kexalg kexalgs[] = { { NULL, 0, -1, -1}, }; @@ -483,7 +483,7 @@ index 49d7015..1f82c2e 100644 char * kex_alg_list(char sep) { -@@ -121,7 +164,7 @@ kex_alg_list(char sep) +@@ -124,7 +167,7 @@ kex_alg_list(char sep) size_t nlen, rlen = 0; const struct kexalg *k; @@ -492,7 +492,7 @@ index 49d7015..1f82c2e 100644 if (ret != NULL) ret[rlen++] = sep; nlen = strlen(k->name); -@@ -141,7 +184,7 @@ kex_alg_by_name(const char *name) +@@ -144,7 +187,7 @@ kex_alg_by_name(const char *name) { const struct kexalg *k; @@ -501,7 +501,7 @@ index 49d7015..1f82c2e 100644 if (strcmp(k->name, name) == 0) return k; } -@@ -161,7 +204,10 @@ kex_names_valid(const char *names) +@@ -164,7 +207,10 @@ kex_names_valid(const char *names) for ((p = strsep(&cp, ",")); p && *p != '\0'; (p = strsep(&cp, ","))) { if (kex_alg_by_name(p) == NULL) { @@ -595,21 +595,8 @@ index f3dda66..90d71c8 100644 if (strcmp(name, m->name) != 0) continue; if (mac != NULL) -diff --git a/myproposal.h b/myproposal.h -index 34bd10c..e6be484 100644 ---- a/myproposal.h -+++ b/myproposal.h -@@ -144,6 +144,8 @@ - - #else /* WITH_OPENSSL */ - -+#error "OpenSSL support is needed for FIPS mode to compile" -+ - #define KEX_SERVER_KEX \ - "curve25519-sha256," \ - "curve25519-sha256@libssh.org" diff --git a/readconf.c b/readconf.c -index f78b4d6..228f481 100644 +index 26e80c5..595f053 100644 --- a/readconf.c +++ b/readconf.c @@ -68,6 +68,8 @@ @@ -621,7 +608,7 @@ index f78b4d6..228f481 100644 /* Format of the configuration file: # Configuration data is parsed as follows: -@@ -1837,6 +1839,23 @@ option_clear_or_none(const char *o) +@@ -1908,6 +1910,23 @@ option_clear_or_none(const char *o) return o == NULL || strcasecmp(o, "none") == 0; } @@ -645,40 +632,50 @@ index f78b4d6..228f481 100644 /* * Initializes options to special values that indicate that they have not yet * been set. Read_config_file will only set options with this value. Options -@@ -2116,6 +2135,8 @@ fill_default_options(Options * options) +@@ -2196,6 +2215,9 @@ fill_default_options(Options * options) options->canonicalize_hostname = SSH_CANONICALISE_NO; if (options->fingerprint_hash == -1) options->fingerprint_hash = SSH_FP_HASH_DEFAULT; + options->fingerprint_hash = + fips_correct_dgst(options->fingerprint_hash); - if (options->update_hostkeys == -1) - options->update_hostkeys = 0; - -@@ -2143,6 +2164,7 @@ fill_default_options(Options * options) ++ + #ifdef ENABLE_SK_INTERNAL + if (options->sk_provider == NULL) + options->sk_provider = xstrdup("internal"); +@@ -2229,6 +2251,7 @@ fill_default_options(Options * options) + ASSEMBLE(pubkey_key_types, def_key, all_key); + ASSEMBLE(ca_sign_algorithms, def_sig, all_sig); + #undef ASSEMBLE ++ + free(all_cipher); + free(all_mac); free(all_kex); - free(all_key); - free(all_sig); -+ filter_fips_algorithms(options); +@@ -2240,6 +2263,8 @@ fill_default_options(Options * options) + kex_default_pk_alg_filtered = def_key; /* save for later use */ + free(def_sig); ++ filter_fips_algorithms(options); ++ #define CLEAR_ON_NONE(v) \ do { \ + if (option_clear_or_none(v)) { \ diff --git a/readconf.h b/readconf.h -index 8e36bf3..67111e9 100644 +index e143a10..ef18d5c 100644 --- a/readconf.h +++ b/readconf.h -@@ -197,6 +197,7 @@ typedef struct { +@@ -199,6 +199,7 @@ typedef struct { #define SSH_STRICT_HOSTKEY_YES 2 #define SSH_STRICT_HOSTKEY_ASK 3 +void filter_fips_algorithms(Options *o); - void initialize_options(Options *); - void fill_default_options(Options *); - void fill_default_options_for_canonicalization(Options *); + const char *kex_default_pk_alg(void); + char *ssh_connection_hash(const char *thishost, const char *host, + const char *portstr, const char *user); diff --git a/servconf.c b/servconf.c -index f58fecb..a8833a9 100644 +index 6be7274..9a51bfb 100644 --- a/servconf.c +++ b/servconf.c -@@ -64,6 +64,7 @@ +@@ -69,6 +69,7 @@ #include "auth.h" #include "myproposal.h" #include "digest.h" @@ -686,7 +683,7 @@ index f58fecb..a8833a9 100644 static void add_listen_addr(ServerOptions *, const char *, const char *, int); -@@ -190,6 +191,23 @@ option_clear_or_none(const char *o) +@@ -200,6 +201,23 @@ option_clear_or_none(const char *o) return o == NULL || strcasecmp(o, "none") == 0; } @@ -710,16 +707,16 @@ index f58fecb..a8833a9 100644 static void assemble_algorithms(ServerOptions *o) { -@@ -219,6 +237,8 @@ assemble_algorithms(ServerOptions *o) - free(all_kex); - free(all_key); - free(all_sig); +@@ -241,6 +259,8 @@ assemble_algorithms(ServerOptions *o) + free(def_kex); + free(def_key); + free(def_sig); + + filter_fips_algorithms_s(o); } static void -@@ -424,6 +444,8 @@ fill_default_server_options(ServerOptions *options) +@@ -453,6 +473,8 @@ fill_default_server_options(ServerOptions *options) options->fwd_opts.streamlocal_bind_unlink = 0; if (options->fingerprint_hash == -1) options->fingerprint_hash = SSH_FP_HASH_DEFAULT; @@ -729,19 +726,19 @@ index f58fecb..a8833a9 100644 options->disable_forwarding = 0; if (options->expose_userauth_info == -1) diff --git a/ssh-keygen.c b/ssh-keygen.c -index 8c829ca..da63fb0 100644 +index 944faca..c1ecc54 100644 --- a/ssh-keygen.c +++ b/ssh-keygen.c -@@ -64,6 +64,8 @@ - #include "authfd.h" - #include "sshsig.h" +@@ -66,6 +66,8 @@ + #include "ssh-sk.h" + #include "sk-api.h" /* XXX for SSH_SK_USER_PRESENCE_REQD; remove */ +#include "fips.h" + #ifdef WITH_OPENSSL # define DEFAULT_KEY_TYPE_NAME "rsa" #else -@@ -1002,11 +1004,13 @@ do_fingerprint(struct passwd *pw) +@@ -1032,11 +1034,13 @@ do_fingerprint(struct passwd *pw) static void do_gen_all_hostkeys(struct passwd *pw) { @@ -757,7 +754,7 @@ index 8c829ca..da63fb0 100644 #ifdef WITH_OPENSSL { "rsa", "RSA" ,_PATH_HOST_RSA_KEY_FILE }, { "dsa", "DSA", _PATH_HOST_DSA_KEY_FILE }, -@@ -1021,6 +1025,17 @@ do_gen_all_hostkeys(struct passwd *pw) +@@ -1051,6 +1055,17 @@ do_gen_all_hostkeys(struct passwd *pw) { NULL, NULL, NULL } }; @@ -775,9 +772,9 @@ index 8c829ca..da63fb0 100644 u_int32_t bits = 0; int first = 0; struct stat st; -@@ -1029,6 +1044,12 @@ do_gen_all_hostkeys(struct passwd *pw) +@@ -1058,6 +1073,12 @@ do_gen_all_hostkeys(struct passwd *pw) + char comment[1024], *prv_tmp, *pub_tmp, *prv_file, *pub_file; int i, type, fd, r; - FILE *f; + if (fips_mode()) { + key_types = key_types_fips140_2; @@ -788,7 +785,7 @@ index 8c829ca..da63fb0 100644 for (i = 0; key_types[i].key_type; i++) { public = private = NULL; prv_tmp = pub_tmp = prv_file = pub_file = NULL; -@@ -3215,6 +3236,15 @@ main(int argc, char **argv) +@@ -3532,6 +3553,15 @@ main(int argc, char **argv) key_type_name = DEFAULT_KEY_TYPE_NAME; type = sshkey_type_from_name(key_type_name); @@ -805,10 +802,10 @@ index 8c829ca..da63fb0 100644 if (!quiet) diff --git a/ssh_config.5 b/ssh_config.5 -index 02a8789..f0cb291 100644 +index c45fb8d..55d4b5e 100644 --- a/ssh_config.5 +++ b/ssh_config.5 -@@ -664,6 +664,8 @@ Valid options are: +@@ -669,6 +669,8 @@ Valid options are: and .Cm sha256 (the default). @@ -818,12 +815,12 @@ index 02a8789..f0cb291 100644 Specifies whether the connection to the authentication agent (if any) will be forwarded to the remote machine. diff --git a/sshd.c b/sshd.c -index 6b55ef7..c8086cd 100644 +index a24241c..e18078f 100644 --- a/sshd.c +++ b/sshd.c -@@ -127,6 +127,8 @@ - #include "version.h" +@@ -128,6 +128,8 @@ #include "ssherr.h" + #include "sk-api.h" +#include "fips.h" + @@ -831,10 +828,10 @@ index 6b55ef7..c8086cd 100644 #define REEXEC_DEVCRYPTO_RESERVED_FD (STDERR_FILENO + 1) #define REEXEC_STARTUP_PIPE_FD (STDERR_FILENO + 2) diff --git a/sshd_config.5 b/sshd_config.5 -index 0707b47..8818ea5 100644 +index 52552d2..35affe5 100644 --- a/sshd_config.5 +++ b/sshd_config.5 -@@ -605,6 +605,8 @@ and +@@ -594,6 +594,8 @@ and .Cm sha256 . The default is .Cm sha256 . diff --git a/openssh-7.7p1-fips_checks.patch b/openssh-7.7p1-fips_checks.patch index fc931bc..b1ba434 100644 --- a/openssh-7.7p1-fips_checks.patch +++ b/openssh-7.7p1-fips_checks.patch @@ -7,7 +7,7 @@ # FIPS mode). SHA-2 seems to be a reasonable choice. # # The logic of the checks is as follows: decide whether FIPS mode is mandated -# (either by checking /proc/sys/crypto/fips_enabled or envoroinment variable +# (either by checking /proc/sys/crypto/fips_enabled or environment variable # SSH_FORCE_FIPS. In FIPS mode, checksums are required to match (inability to # retrieve pre-calculated hash is a fatal error). In non-FIPS mode the checks # still must be performed, unless the hashes are not installed. Thus if the hash @@ -410,7 +410,7 @@ index a115a61..3404684 100644 #endif - diff --git a/sftp-server.c b/sftp-server.c -index b133cbc..c3086b6 100644 +index 359204f..d6395fd 100644 --- a/sftp-server.c +++ b/sftp-server.c @@ -53,6 +53,8 @@ @@ -422,7 +422,7 @@ index b133cbc..c3086b6 100644 /* Our verbosity */ static LogLevel log_level = SYSLOG_LEVEL_ERROR; -@@ -1595,6 +1597,9 @@ sftp_server_main(int argc, char **argv, struct passwd *user_pw) +@@ -1576,6 +1578,9 @@ sftp_server_main(int argc, char **argv, struct passwd *user_pw) extern char *optarg; extern char *__progname; @@ -433,7 +433,7 @@ index b133cbc..c3086b6 100644 log_init(__progname, log_level, log_facility, log_stderr); diff --git a/ssh.c b/ssh.c -index ee51823..882d1da 100644 +index 98b6ce7..dce28fd 100644 --- a/ssh.c +++ b/ssh.c @@ -113,6 +113,8 @@ @@ -445,9 +445,9 @@ index ee51823..882d1da 100644 extern char *__progname; /* Saves a copy of argv for setproctitle emulation */ -@@ -596,6 +598,10 @@ main(int ac, char **av) - struct ssh_digest_ctx *md; - u_char conn_hash[SSH_DIGEST_MAX_LENGTH]; +@@ -630,6 +632,10 @@ main(int ac, char **av) + struct addrinfo *addrs = NULL; + size_t n, len; + /* initialize fips - can go before ssh_malloc_init(), since that is a + * OpenBSD-only thing (as of OpenSSH 7.6p1) */ @@ -457,10 +457,10 @@ index ee51823..882d1da 100644 sanitise_stdfd(); diff --git a/sshd.c b/sshd.c -index c8086cd..bb20eec 100644 +index b2146a6..6092f0f 100644 --- a/sshd.c +++ b/sshd.c -@@ -1443,6 +1443,10 @@ main(int ac, char **av) +@@ -1505,6 +1505,10 @@ main(int ac, char **av) Authctxt *authctxt; struct connection_info *connection_info = NULL; diff --git a/openssh-7.7p1-hostname_changes_when_forwarding_X.patch b/openssh-7.7p1-hostname_changes_when_forwarding_X.patch index bb58140..70e16c1 100644 --- a/openssh-7.7p1-hostname_changes_when_forwarding_X.patch +++ b/openssh-7.7p1-hostname_changes_when_forwarding_X.patch @@ -3,14 +3,12 @@ # -- uset do be called '-xauthlocalhostname' handle hostname changes when forwarding X -bnc#98627 - diff --git a/session.c b/session.c -index 94d7438..d81060c 100644 +index 18cdfa8..85a9ee2 100644 --- a/session.c +++ b/session.c -@@ -981,7 +981,7 @@ copy_environment(char **source, char ***env, u_int *envsize) - } +@@ -985,7 +985,7 @@ copy_environment(char **source, char ***env, u_int *envsize) + #endif static char ** -do_setup_env(struct ssh *ssh, Session *s, const char *shell) @@ -18,7 +16,7 @@ index 94d7438..d81060c 100644 { char buf[256]; size_t n; -@@ -1191,6 +1191,8 @@ do_setup_env(struct ssh *ssh, Session *s, const char *shell) +@@ -1195,6 +1195,8 @@ do_setup_env(struct ssh *ssh, Session *s, const char *shell) for (i = 0; env[i]; i++) fprintf(stderr, " %.200s\n", env[i]); } @@ -27,7 +25,7 @@ index 94d7438..d81060c 100644 return env; } -@@ -1199,7 +1201,7 @@ do_setup_env(struct ssh *ssh, Session *s, const char *shell) +@@ -1203,7 +1205,7 @@ do_setup_env(struct ssh *ssh, Session *s, const char *shell) * first in this order). */ static void @@ -36,7 +34,7 @@ index 94d7438..d81060c 100644 { FILE *f = NULL; char cmd[1024]; -@@ -1254,12 +1256,20 @@ do_rc_files(struct ssh *ssh, Session *s, const char *shell) +@@ -1258,12 +1260,20 @@ do_rc_files(struct ssh *ssh, Session *s, const char *shell) options.xauth_location); f = popen(cmd, "w"); if (f) { @@ -57,7 +55,7 @@ index 94d7438..d81060c 100644 } else { fprintf(stderr, "Could not run %s\n", cmd); -@@ -1515,6 +1525,7 @@ do_child(struct ssh *ssh, Session *s, const char *command) +@@ -1519,6 +1529,7 @@ do_child(struct ssh *ssh, Session *s, const char *command) char **env, *argv[ARGV_MAX], remote_id[512]; const char *shell, *shell0; struct passwd *pw = s->pw; @@ -65,7 +63,7 @@ index 94d7438..d81060c 100644 int r = 0; sshpkt_fmt_connection_id(ssh, remote_id, sizeof(remote_id)); -@@ -1571,7 +1582,7 @@ do_child(struct ssh *ssh, Session *s, const char *command) +@@ -1575,7 +1586,7 @@ do_child(struct ssh *ssh, Session *s, const char *command) * Make sure $SHELL points to the shell from the password file, * even if shell is overridden from login.conf */ @@ -74,7 +72,7 @@ index 94d7438..d81060c 100644 #ifdef HAVE_LOGIN_CAP shell = login_getcapstr(lc, "shell", (char *)shell, (char *)shell); -@@ -1635,7 +1646,7 @@ do_child(struct ssh *ssh, Session *s, const char *command) +@@ -1639,7 +1650,7 @@ do_child(struct ssh *ssh, Session *s, const char *command) closefrom(STDERR_FILENO + 1); @@ -82,4 +80,4 @@ index 94d7438..d81060c 100644 + do_rc_files(ssh, s, shell, env, &env_size); /* restore SIGPIPE for child */ - signal(SIGPIPE, SIG_DFL); + ssh_signal(SIGPIPE, SIG_DFL); diff --git a/openssh-7.7p1-ldap.patch b/openssh-7.7p1-ldap.patch index 550bfc3..7459f5a 100644 --- a/openssh-7.7p1-ldap.patch +++ b/openssh-7.7p1-ldap.patch @@ -125,19 +125,19 @@ index 0000000..831d399 + - Finlay dobbie. + - Stefan Fisher. diff --git a/Makefile.in b/Makefile.in -index 750aada..1baf5c6 100644 +index 6010d1c..f54348b 100644 --- a/Makefile.in +++ b/Makefile.in -@@ -24,6 +24,8 @@ ASKPASS_PROGRAM=$(libexecdir)/ssh-askpass - SFTP_SERVER=$(libexecdir)/sftp-server +@@ -25,6 +25,8 @@ SFTP_SERVER=$(libexecdir)/sftp-server SSH_KEYSIGN=$(libexecdir)/ssh-keysign SSH_PKCS11_HELPER=$(libexecdir)/ssh-pkcs11-helper + SSH_SK_HELPER=$(libexecdir)/ssh-sk-helper +SSH_LDAP_HELPER=$(libexecdir)/ssh-ldap-helper +SSH_LDAP_WRAPPER=$(libexecdir)/ssh-ldap-wrapper CAVSTEST_CTR=$(libexecdir)/cavstest-ctr CAVSTEST_KDF=$(libexecdir)/cavstest-kdf PRIVSEP_PATH=@PRIVSEP_PATH@ -@@ -66,6 +68,9 @@ TARGETS=ssh$(EXEEXT) sshd$(EXEEXT) ssh-add$(EXEEXT) ssh-keygen$(EXEEXT) ssh-keys +@@ -74,6 +76,9 @@ TARGETS=ssh$(EXEEXT) sshd$(EXEEXT) ssh-add$(EXEEXT) ssh-keygen$(EXEEXT) ssh-keys TARGETS += cavstest-ctr$(EXEEXT) cavstest-kdf$(EXEEXT) @@ -147,28 +147,28 @@ index 750aada..1baf5c6 100644 XMSS_OBJS=\ ssh-xmss.o \ sshkey-xmss.o \ -@@ -127,8 +132,8 @@ SSHDOBJS=sshd.o auth-rhosts.o auth-passwd.o \ - sandbox-seccomp-filter.o sandbox-capsicum.o sandbox-pledge.o \ - sandbox-solaris.o uidswap.o +@@ -158,8 +163,8 @@ SFTPSERVER_OBJS=sftp-common.o sftp-server.o sftp-server-main.o --MANPAGES = moduli.5.out scp.1.out ssh-add.1.out ssh-agent.1.out ssh-keygen.1.out ssh-keyscan.1.out ssh.1.out sshd.8.out sftp-server.8.out sftp.1.out ssh-keysign.8.out ssh-pkcs11-helper.8.out sshd_config.5.out ssh_config.5.out --MANPAGES_IN = moduli.5 scp.1 ssh-add.1 ssh-agent.1 ssh-keygen.1 ssh-keyscan.1 ssh.1 sshd.8 sftp-server.8 sftp.1 ssh-keysign.8 ssh-pkcs11-helper.8 sshd_config.5 ssh_config.5 -+MANPAGES = moduli.5.out scp.1.out ssh-add.1.out ssh-agent.1.out ssh-keygen.1.out ssh-keyscan.1.out ssh.1.out sshd.8.out sftp-server.8.out sftp.1.out ssh-keysign.8.out ssh-pkcs11-helper.8.out sshd_config.5.out ssh_config.5.out ssh-ldap-helper.8.out ssh-ldap.conf.5.out -+MANPAGES_IN = moduli.5 scp.1 ssh-add.1 ssh-agent.1 ssh-keygen.1 ssh-keyscan.1 ssh.1 sshd.8 sftp-server.8 sftp.1 ssh-keysign.8 ssh-pkcs11-helper.8 sshd_config.5 ssh_config.5 ssh-ldap-helper.8 ssh-ldap.conf.5 + SFTP_OBJS= sftp.o sftp-client.o sftp-common.o sftp-glob.o progressmeter.o + +-MANPAGES = moduli.5.out scp.1.out ssh-add.1.out ssh-agent.1.out ssh-keygen.1.out ssh-keyscan.1.out ssh.1.out sshd.8.out sftp-server.8.out sftp.1.out ssh-keysign.8.out ssh-pkcs11-helper.8.out ssh-sk-helper.8.out sshd_config.5.out ssh_config.5.out +-MANPAGES_IN = moduli.5 scp.1 ssh-add.1 ssh-agent.1 ssh-keygen.1 ssh-keyscan.1 ssh.1 sshd.8 sftp-server.8 sftp.1 ssh-keysign.8 ssh-pkcs11-helper.8 ssh-sk-helper.8 sshd_config.5 ssh_config.5 ++MANPAGES = moduli.5.out scp.1.out ssh-add.1.out ssh-agent.1.out ssh-keygen.1.out ssh-keyscan.1.out ssh.1.out sshd.8.out sftp-server.8.out sftp.1.out ssh-keysign.8.out ssh-pkcs11-helper.8.out ssh-sk-helper.8.out sshd_config.5.out ssh_config.5.out ssh-ldap-helper.8.out ssh-ldap.conf.5.out ++MANPAGES_IN = moduli.5 scp.1 ssh-add.1 ssh-agent.1 ssh-keygen.1 ssh-keyscan.1 ssh.1 sshd.8 sftp-server.8 sftp.1 ssh-keysign.8 ssh-pkcs11-helper.8 ssh-sk-helper.8 sshd_config.5 ssh_config.5 ssh-ldap-helper.8 ssh-ldap.conf.5 MANTYPE = @MANTYPE@ CONFIGFILES=sshd_config.out ssh_config.out moduli.out -@@ -208,6 +213,9 @@ ssh-pkcs11-helper$(EXEEXT): $(LIBCOMPAT) libssh.a ssh-pkcs11-helper.o ssh-pkcs11 - ssh-keyscan$(EXEEXT): $(LIBCOMPAT) libssh.a ssh-keyscan.o - $(LD) -o $@ ssh-keyscan.o $(LDFLAGS) -lssh -lopenbsd-compat -lssh $(LIBS) +@@ -242,6 +247,9 @@ ssh-sk-helper$(EXEEXT): $(LIBCOMPAT) libssh.a $(SKHELPER_OBJS) + ssh-keyscan$(EXEEXT): $(LIBCOMPAT) libssh.a $(SSHKEYSCAN_OBJS) + $(LD) -o $@ $(SSHKEYSCAN_OBJS) $(LDFLAGS) -lssh -lopenbsd-compat -lssh $(LIBS) +ssh-ldap-helper$(EXEEXT): $(LIBCOMPAT) libssh.a ldapconf.o ldapbody.o ldapmisc.o ldap-helper.o + $(LD) -o $@ ldapconf.o ldapbody.o ldapmisc.o ldap-helper.o $(LDFLAGS) -lssh -lopenbsd-compat -lssh -lopenbsd-compat $(LIBS) + - sftp-server$(EXEEXT): $(LIBCOMPAT) libssh.a sftp.o sftp-common.o sftp-server.o sftp-realpath.o sftp-server-main.o - $(LD) -o $@ sftp-server.o sftp-common.o sftp-realpath.o sftp-server-main.o $(LDFLAGS) -lssh -lopenbsd-compat -lssh -lopenbsd-compat $(LIBS) + sftp-server$(EXEEXT): $(LIBCOMPAT) libssh.a $(SFTPSERVER_OBJS) + $(LD) -o $@ $(SFTPSERVER_OBJS) $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS) -@@ -363,6 +371,10 @@ install-files: +@@ -406,6 +414,10 @@ install-files: $(INSTALL) -m 0755 $(STRIP_OPT) sshd$(EXEEXT) $(DESTDIR)$(sbindir)/sshd$(EXEEXT) $(INSTALL) -m 4711 $(STRIP_OPT) ssh-keysign$(EXEEXT) $(DESTDIR)$(SSH_KEYSIGN)$(EXEEXT) $(INSTALL) -m 0755 $(STRIP_OPT) ssh-pkcs11-helper$(EXEEXT) $(DESTDIR)$(SSH_PKCS11_HELPER)$(EXEEXT) @@ -176,10 +176,10 @@ index 750aada..1baf5c6 100644 + $(INSTALL) -m 0755 $(STRIP_OPT) ssh-ldap-helper $(DESTDIR)$(SSH_LDAP_HELPER) ; \ + $(INSTALL) -m 0755 ssh-ldap-wrapper $(DESTDIR)$(SSH_LDAP_WRAPPER) ; \ + fi + $(INSTALL) -m 0755 $(STRIP_OPT) ssh-sk-helper$(EXEEXT) $(DESTDIR)$(SSH_SK_HELPER)$(EXEEXT) $(INSTALL) -m 0755 $(STRIP_OPT) sftp$(EXEEXT) $(DESTDIR)$(bindir)/sftp$(EXEEXT) $(INSTALL) -m 0755 $(STRIP_OPT) sftp-server$(EXEEXT) $(DESTDIR)$(SFTP_SERVER)$(EXEEXT) - $(INSTALL) -m 0755 $(STRIP_OPT) cavstest-ctr$(EXEEXT) $(DESTDIR)$(libexecdir)/cavstest-ctr$(EXEEXT) -@@ -381,6 +393,10 @@ install-files: +@@ -425,6 +437,10 @@ install-files: $(INSTALL) -m 644 sftp-server.8.out $(DESTDIR)$(mandir)/$(mansubdir)8/sftp-server.8 $(INSTALL) -m 644 ssh-keysign.8.out $(DESTDIR)$(mandir)/$(mansubdir)8/ssh-keysign.8 $(INSTALL) -m 644 ssh-pkcs11-helper.8.out $(DESTDIR)$(mandir)/$(mansubdir)8/ssh-pkcs11-helper.8 @@ -187,10 +187,10 @@ index 750aada..1baf5c6 100644 + $(INSTALL) -m 644 ssh-ldap-helper.8.out $(DESTDIR)$(mandir)/$(mansubdir)8/ssh-ldap-helper.8 ; \ + $(INSTALL) -m 644 ssh-ldap.conf.5.out $(DESTDIR)$(mandir)/$(mansubdir)5/ssh-ldap.conf.5 ; \ + fi + $(INSTALL) -m 644 ssh-sk-helper.8.out $(DESTDIR)$(mandir)/$(mansubdir)8/ssh-sk-helper.8 install-sysconf: - $(MKDIR_P) $(DESTDIR)$(sysconfdir) -@@ -404,6 +420,13 @@ install-sysconf: +@@ -449,6 +465,13 @@ install-sysconf: else \ echo "$(DESTDIR)$(sysconfdir)/moduli already exists, install will not overwrite"; \ fi @@ -204,28 +204,28 @@ index 750aada..1baf5c6 100644 host-key: ssh-keygen$(EXEEXT) @if [ -z "$(DESTDIR)" ] ; then \ -@@ -441,6 +464,8 @@ uninstall: - -rm -r $(DESTDIR)$(SFTP_SERVER)$(EXEEXT) +@@ -487,6 +510,8 @@ uninstall: -rm -f $(DESTDIR)$(SSH_KEYSIGN)$(EXEEXT) -rm -f $(DESTDIR)$(SSH_PKCS11_HELPER)$(EXEEXT) + -rm -f $(DESTDIR)$(SSH_SK_HELPER)$(EXEEXT) + -rm -f $(DESTDIR)$(SSH_LDAP_HELPER)$(EXEEXT) + -rm -f $(DESTDIR)$(SSH_LDAP_WRAPPER)$(EXEEXT) -rm -f $(DESTDIR)$(mandir)/$(mansubdir)1/ssh.1 -rm -f $(DESTDIR)$(mandir)/$(mansubdir)1/scp.1 -rm -f $(DESTDIR)$(mandir)/$(mansubdir)1/ssh-add.1 -@@ -452,6 +477,7 @@ uninstall: - -rm -f $(DESTDIR)$(mandir)/$(mansubdir)8/sftp-server.8 +@@ -499,6 +524,7 @@ uninstall: -rm -f $(DESTDIR)$(mandir)/$(mansubdir)8/ssh-keysign.8 -rm -f $(DESTDIR)$(mandir)/$(mansubdir)8/ssh-pkcs11-helper.8 + -rm -f $(DESTDIR)$(mandir)/$(mansubdir)8/ssh-sk-helper.8 + -rm -f $(DESTDIR)$(mandir)/$(mansubdir)8/ssh-ldap-helper.8 regress-prep: $(MKDIR_P) `pwd`/regress/unittests/test_helper diff --git a/configure.ac b/configure.ac -index 20a1884..ff9c11a 100644 +index 4ddf539..1fd0b17 100644 --- a/configure.ac +++ b/configure.ac -@@ -1651,6 +1651,106 @@ AC_ARG_WITH([audit], +@@ -1688,6 +1688,106 @@ AC_ARG_WITH([audit], esac ] ) diff --git a/openssh-7.7p1-no_fork-no_pid_file.patch b/openssh-7.7p1-no_fork-no_pid_file.patch index 75d275c..655870c 100644 --- a/openssh-7.7p1-no_fork-no_pid_file.patch +++ b/openssh-7.7p1-no_fork-no_pid_file.patch @@ -2,15 +2,11 @@ # Parent bad0c8b3b8d72abb6960ed85b57ee42352371738 Do not write a PID file when not daemonizing (e.g. when running from systemd) -diff --git a/openssh-7.7p1/sshd.c b/openssh-7.7p1/sshd.c ---- openssh-7.7p1/sshd.c -+++ openssh-7.7p1/sshd.c -@@ -1996,17 +1996,17 @@ main(int ac, char **av) - signal(SIGCHLD, main_sigchld_handler); - signal(SIGTERM, sigterm_handler); - signal(SIGQUIT, sigterm_handler); - - /* +diff --git a/sshd.c b/sshd.c +index f3ccc3a..eadc1b3 100644 +--- a/sshd.c ++++ b/sshd.c +@@ -2076,7 +2076,7 @@ main(int ac, char **av) * Write out the pid file after the sigterm handler * is setup and the listen sockets are bound */ @@ -19,8 +15,3 @@ diff --git a/openssh-7.7p1/sshd.c b/openssh-7.7p1/sshd.c FILE *f = fopen(options.pid_file, "w"); if (f == NULL) { - error("Couldn't create pid file \"%s\": %s", - options.pid_file, strerror(errno)); - } else { - fprintf(f, "%ld\n", (long) getpid()); - fclose(f); diff --git a/openssh-7.7p1-seed-prng.patch b/openssh-7.7p1-seed-prng.patch deleted file mode 100644 index deb38cf..0000000 --- a/openssh-7.7p1-seed-prng.patch +++ /dev/null @@ -1,379 +0,0 @@ -# HG changeset patch -# Parent e655fcb8e89d19ce9e954d6fc330e5e3e093a848 -# extended support for (re-)seeding the OpenSSL PRNG from /dev/random -# bnc#703221, FATE#312172 - -diff --git a/Makefile.in b/Makefile.in -index 85818f4..750aada 100644 ---- a/Makefile.in -+++ b/Makefile.in -@@ -182,13 +182,13 @@ libssh.a: $(LIBSSH_OBJS) - $(RANLIB) $@ - - ssh$(EXEEXT): $(LIBCOMPAT) libssh.a $(SSHOBJS) -- $(LD) -o $@ $(SSHOBJS) $(LDFLAGS) -lssh -lopenbsd-compat $(SSHLIBS) $(LIBS) $(GSSLIBS) -+ $(LD) -o $@ $(SSHOBJS) $(LDFLAGS) -lssh -lopenbsd-compat -lssh $(SSHLIBS) $(LIBS) $(GSSLIBS) - - sshd$(EXEEXT): libssh.a $(LIBCOMPAT) $(SSHDOBJS) -- $(LD) -o $@ $(SSHDOBJS) $(LDFLAGS) -lssh -lopenbsd-compat $(SSHDLIBS) $(LIBS) $(GSSLIBS) $(K5LIBS) -+ $(LD) -o $@ $(SSHDOBJS) $(LDFLAGS) -lssh -lopenbsd-compat -lssh $(SSHDLIBS) $(LIBS) $(GSSLIBS) $(K5LIBS) - - scp$(EXEEXT): $(LIBCOMPAT) libssh.a scp.o progressmeter.o -- $(LD) -o $@ scp.o progressmeter.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS) -+ $(LD) -o $@ scp.o progressmeter.o $(LDFLAGS) -lssh -lopenbsd-compat -lssh -lopenbsd-compat $(LIBS) - - ssh-add$(EXEEXT): $(LIBCOMPAT) libssh.a ssh-add.o - $(LD) -o $@ ssh-add.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS) -@@ -197,10 +197,10 @@ ssh-agent$(EXEEXT): $(LIBCOMPAT) libssh.a ssh-agent.o ssh-pkcs11-client.o - $(LD) -o $@ ssh-agent.o ssh-pkcs11-client.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS) - - ssh-keygen$(EXEEXT): $(LIBCOMPAT) libssh.a ssh-keygen.o sshsig.o -- $(LD) -o $@ ssh-keygen.o sshsig.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS) -+ $(LD) -o $@ ssh-keygen.o sshsig.o $(LDFLAGS) -lssh -lopenbsd-compat -lssh -lopenbsd-compat $(LIBS) - - ssh-keysign$(EXEEXT): $(LIBCOMPAT) libssh.a ssh-keysign.o readconf.o uidswap.o compat.o -- $(LD) -o $@ ssh-keysign.o readconf.o uidswap.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS) -+ $(LD) -o $@ ssh-keysign.o readconf.o uidswap.o $(LDFLAGS) -lssh -lopenbsd-compat -lssh $(LIBS) - - ssh-pkcs11-helper$(EXEEXT): $(LIBCOMPAT) libssh.a ssh-pkcs11-helper.o ssh-pkcs11.o - $(LD) -o $@ ssh-pkcs11-helper.o ssh-pkcs11.o $(LDFLAGS) -lssh -lopenbsd-compat -lssh -lopenbsd-compat $(LIBS) -@@ -209,10 +209,10 @@ ssh-keyscan$(EXEEXT): $(LIBCOMPAT) libssh.a ssh-keyscan.o - $(LD) -o $@ ssh-keyscan.o $(LDFLAGS) -lssh -lopenbsd-compat -lssh $(LIBS) - - sftp-server$(EXEEXT): $(LIBCOMPAT) libssh.a sftp.o sftp-common.o sftp-server.o sftp-realpath.o sftp-server-main.o -- $(LD) -o $@ sftp-server.o sftp-common.o sftp-realpath.o sftp-server-main.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS) -+ $(LD) -o $@ sftp-server.o sftp-common.o sftp-realpath.o sftp-server-main.o $(LDFLAGS) -lssh -lopenbsd-compat -lssh -lopenbsd-compat $(LIBS) - - sftp$(EXEEXT): $(LIBCOMPAT) libssh.a sftp.o sftp-client.o sftp-common.o sftp-glob.o progressmeter.o -- $(LD) -o $@ progressmeter.o sftp.o sftp-client.o sftp-common.o sftp-glob.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS) $(LIBEDIT) -+ $(LD) -o $@ progressmeter.o sftp.o sftp-client.o sftp-common.o sftp-glob.o $(LDFLAGS) -lssh -lopenbsd-compat -lssh -lopenbsd-compat $(LIBS) $(LIBEDIT) - - # FIPS tests - cavstest-ctr$(EXEEXT): $(LIBCOMPAT) libssh.a cavstest-ctr.o -diff --git a/entropy.c b/entropy.c -index 5de6801..f8b9f42 100644 ---- a/entropy.c -+++ b/entropy.c -@@ -239,6 +239,8 @@ seed_rng(void) - } - #endif /* OPENSSL_PRNG_ONLY */ - -+ linux_seed(); -+ - if (RAND_status() != 1) - fatal("PRNG is not seeded"); - -diff --git a/openbsd-compat/Makefile.in b/openbsd-compat/Makefile.in -index 1162dc5..80fd688 100644 ---- a/openbsd-compat/Makefile.in -+++ b/openbsd-compat/Makefile.in -@@ -91,6 +91,7 @@ COMPAT= arc4random.o \ - PORTS= port-aix.o \ - port-irix.o \ - port-linux.o \ -+ port-linux-prng.o \ - port-solaris.o \ - port-net.o \ - port-uw.o -diff --git a/openbsd-compat/port-linux-prng.c b/openbsd-compat/port-linux-prng.c -new file mode 100644 -index 0000000..dfc4bdb ---- /dev/null -+++ b/openbsd-compat/port-linux-prng.c -@@ -0,0 +1,81 @@ -+/* -+ * Copyright (c) 2011 Jan F. Chadima -+ * (c) 2011 Petr Cerny -+ * -+ * Permission to use, copy, modify, and distribute this software for any -+ * purpose with or without fee is hereby granted, provided that the above -+ * copyright notice and this permission notice appear in all copies. -+ * -+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -+ */ -+ -+/* -+ * Linux-specific portability code - prng support -+ */ -+ -+#include "includes.h" -+#include "defines.h" -+ -+#include -+#include -+#include -+#include -+#include -+ -+#include "log.h" -+#include "port-linux.h" -+#include "fips.h" -+ -+#define RNG_BYTES_DEFAULT 6L -+#define RNG_ENV_VAR "SSH_USE_STRONG_RNG" -+ -+long rand_bytes = 0; -+char *rand_file = NULL; -+ -+static void -+linux_seed_init(void) -+{ -+ long elen = 0; -+ char *env = getenv(RNG_ENV_VAR); -+ -+ if (env) { -+ errno = 0; -+ elen = strtol(env, NULL, 10); -+ if (errno) { -+ elen = RNG_BYTES_DEFAULT; -+ debug("bogus value in the %s environment variable, " -+ "using %li bytes from /dev/random\n", -+ RNG_ENV_VAR, RNG_BYTES_DEFAULT); -+ } -+ } -+ -+ if (elen || fips_mode()) -+ rand_file = "/dev/random"; -+ else -+ rand_file = "/dev/urandom"; -+ -+ rand_bytes = MAX(elen, RNG_BYTES_DEFAULT); -+} -+ -+void -+linux_seed(void) -+{ -+ long len; -+ if (!rand_file) -+ linux_seed_init(); -+ -+ errno = 0; -+ len = RAND_load_file(rand_file, rand_bytes); -+ if (len != rand_bytes) { -+ if (errno) -+ fatal ("cannot read from %s, %s", rand_file, strerror(errno)); -+ else -+ fatal ("EOF reading %s", rand_file); -+ } -+} -diff --git a/openbsd-compat/port-linux.h b/openbsd-compat/port-linux.h -index 3c22a85..2dc1fd0 100644 ---- a/openbsd-compat/port-linux.h -+++ b/openbsd-compat/port-linux.h -@@ -17,6 +17,10 @@ - #ifndef _PORT_LINUX_H - #define _PORT_LINUX_H - -+extern long rand_bytes; -+extern char *rand_file; -+void linux_seed(void); -+ - #ifdef WITH_SELINUX - int ssh_selinux_enabled(void); - void ssh_selinux_setup_pty(char *, const char *); -diff --git a/ssh-add.1 b/ssh-add.1 -index d4e1c60..6f76900 100644 ---- a/ssh-add.1 -+++ b/ssh-add.1 -@@ -189,6 +189,20 @@ to make this work.) - Identifies the path of a - .Ux Ns -domain - socket used to communicate with the agent. -+.It Ev SSH_USE_STRONG_RNG -+The reseeding of the OpenSSL random generator is usually done from -+.Cm /dev/urandom . -+If the -+.Cm SSH_USE_STRONG_RNG -+environment variable is set to value other than -+.Cm 0 -+the OpenSSL random generator is reseeded from -+.Cm /dev/random . -+The number of bytes read is defined by the SSH_USE_STRONG_RNG value. -+Minimum is 6 bytes. -+This setting is not recommended on the computers without the hardware -+random generator because insufficient entropy causes the connection to -+be blocked until enough entropy is available. - .El - .Sh FILES - .Bl -tag -width Ds -diff --git a/ssh-agent.1 b/ssh-agent.1 -index 83b2b41..9e187f2 100644 ---- a/ssh-agent.1 -+++ b/ssh-agent.1 -@@ -214,6 +214,23 @@ sockets used to contain the connection to the authentication agent. - These sockets should only be readable by the owner. - The sockets should get automatically removed when the agent exits. - .El -+.Sh ENVIRONMENT -+.Bl -tag -width Ds -compact -+.Pp -+.It Pa SSH_USE_STRONG_RNG -+The reseeding of the OpenSSL random generator is usually done from -+.Cm /dev/urandom . -+If the -+.Cm SSH_USE_STRONG_RNG -+environment variable is set to value other than -+.Cm 0 -+the OpenSSL random generator is reseeded from -+.Cm /dev/random . -+The number of bytes read is defined by the SSH_USE_STRONG_RNG value. -+Minimum is 6 bytes. -+This setting is not recommended on the computers without the hardware -+random generator because insufficient entropy causes the connection to -+be blocked until enough entropy is available. - .Sh SEE ALSO - .Xr ssh 1 , - .Xr ssh-add 1 , -diff --git a/ssh-keygen.1 b/ssh-keygen.1 -index 957d2f0..70c4a28 100644 ---- a/ssh-keygen.1 -+++ b/ssh-keygen.1 -@@ -1054,6 +1054,23 @@ Contains Diffie-Hellman groups used for DH-GEX. - The file format is described in - .Xr moduli 5 . - .El -+.Sh ENVIRONMENT -+.Bl -tag -width Ds -compact -+.Pp -+.It Pa SSH_USE_STRONG_RNG -+The reseeding of the OpenSSL random generator is usually done from -+.Cm /dev/urandom . -+If the -+.Cm SSH_USE_STRONG_RNG -+environment variable is set to value other than -+.Cm 0 -+the OpenSSL random generator is reseeded from -+.Cm /dev/random . -+The number of bytes read is defined by the SSH_USE_STRONG_RNG value. -+Minimum is 6 bytes. -+This setting is not recommended on the computers without the hardware -+random generator because insufficient entropy causes the connection to -+be blocked until enough entropy is available. - .Sh SEE ALSO - .Xr ssh 1 , - .Xr ssh-add 1 , -diff --git a/ssh-keysign.8 b/ssh-keysign.8 -index 19b0dbc..639b56e 100644 ---- a/ssh-keysign.8 -+++ b/ssh-keysign.8 -@@ -80,6 +80,23 @@ must be set-uid root if host-based authentication is used. - If these files exist they are assumed to contain public certificate - information corresponding with the private keys above. - .El -+.Sh ENVIRONMENT -+.Bl -tag -width Ds -compact -+.Pp -+.It Pa SSH_USE_STRONG_RNG -+The reseeding of the OpenSSL random generator is usually done from -+.Cm /dev/urandom . -+If the -+.Cm SSH_USE_STRONG_RNG -+environment variable is set to value other than -+.Cm 0 -+the OpenSSL random generator is reseeded from -+.Cm /dev/random . -+The number of bytes read is defined by the SSH_USE_STRONG_RNG value. -+Minimum is 6 bytes. -+This setting is not recommended on the computers without the hardware -+random generator because insufficient entropy causes the connection to -+be blocked until enough entropy is available. - .Sh SEE ALSO - .Xr ssh 1 , - .Xr ssh-keygen 1 , -diff --git a/ssh.1 b/ssh.1 -index 424d6c3..899a339 100644 ---- a/ssh.1 -+++ b/ssh.1 -@@ -1433,6 +1433,20 @@ For more information, see the - .Cm PermitUserEnvironment - option in - .Xr sshd_config 5 . -+.It Ev SSH_USE_STRONG_RNG -+The reseeding of the OpenSSL random generator is usually done from -+.Cm /dev/urandom . -+If the -+.Cm SSH_USE_STRONG_RNG -+environment variable is set to value other than -+.Cm 0 -+the OpenSSL random generator is reseeded from -+.Cm /dev/random . -+The number of bytes read is defined by the SSH_USE_STRONG_RNG value. -+Minimum is 6 bytes. -+This setting is not recommended on the computers without the hardware -+random generator because insufficient entropy causes the connection to -+be blocked until enough entropy is available. - .Sh FILES - .Bl -tag -width Ds -compact - .It Pa ~/.rhosts -diff --git a/sshd.8 b/sshd.8 -index fb133c1..2f1d3ab 100644 ---- a/sshd.8 -+++ b/sshd.8 -@@ -966,6 +966,23 @@ concurrently for different ports, this contains the process ID of the one - started last). - The content of this file is not sensitive; it can be world-readable. - .El -+.Sh ENVIRONMENT -+.Bl -tag -width Ds -compact -+.Pp -+.It Pa SSH_USE_STRONG_RNG -+The reseeding of the OpenSSL random generator is usually done from -+.Cm /dev/urandom . -+If the -+.Cm SSH_USE_STRONG_RNG -+environment variable is set to value other than -+.Cm 0 -+the OpenSSL random generator is reseeded from -+.Cm /dev/random . -+The number of bytes read is defined by the SSH_USE_STRONG_RNG value. -+Minimum is 6 bytes. -+This setting is not recommended on the computers without the hardware -+random generator because insufficient entropy causes the connection to -+be blocked until enough entropy is available. - .Sh SEE ALSO - .Xr scp 1 , - .Xr sftp 1 , -diff --git a/sshd.c b/sshd.c -index bb20eec..c562094 100644 ---- a/sshd.c -+++ b/sshd.c -@@ -55,6 +55,8 @@ - #endif - #include "openbsd-compat/sys-tree.h" - #include "openbsd-compat/sys-queue.h" -+#include "openbsd-compat/port-linux.h" -+ - #include - - #include -@@ -205,6 +207,13 @@ struct { - int have_ssh2_key; - } sensitive_data; - -+/* -+ * Every RESEED_AFTERth connection triggers call to linux_seed() to re-seed the -+ * random pool. -+ */ -+#define RESEED_AFTER 100 -+static int re_seeding_counter = RESEED_AFTER; -+ - /* This is set to true when a signal is received. */ - static volatile sig_atomic_t received_sighup = 0; - static volatile sig_atomic_t received_sigterm = 0; -@@ -1201,6 +1210,10 @@ server_accept_loop(int *sock_in, int *sock_out, int *newsock, int *config_s) - startup_flags[j] = 1; - break; - } -+ if(!(--re_seeding_counter)) { -+ re_seeding_counter = RESEED_AFTER; -+ linux_seed(); -+ } - - /* - * Got connection. Fork a child to handle it, unless diff --git a/openssh-7.7p1-sftp_print_diagnostic_messages.patch b/openssh-7.7p1-sftp_print_diagnostic_messages.patch index 4c4c8de..7be473f 100644 --- a/openssh-7.7p1-sftp_print_diagnostic_messages.patch +++ b/openssh-7.7p1-sftp_print_diagnostic_messages.patch @@ -2,12 +2,11 @@ # Parent 60bdbe6dd8d6bc011883472363d56e1d97f68835 Put back sftp client diagnostic messages in batch mode -bsc#1023275 diff --git a/sftp.1 b/sftp.1 -index a52c1cf..7333de8 100644 +index a305b37..6e802ec 100644 --- a/sftp.1 +++ b/sftp.1 -@@ -278,6 +278,9 @@ Specifies the port to connect to on the remote host. +@@ -282,6 +282,9 @@ Specifies the port to connect to on the remote host. .It Fl p Preserves modification times, access times, and modes from the original files transferred. @@ -18,7 +17,7 @@ index a52c1cf..7333de8 100644 Quiet mode: disables the progress meter as well as warning and diagnostic messages from diff --git a/sftp.c b/sftp.c -index b66037f..6c94a38 100644 +index 2799e4a..52b2c23 100644 --- a/sftp.c +++ b/sftp.c @@ -85,6 +85,9 @@ static volatile pid_t sshpid = -1; @@ -31,16 +30,16 @@ index b66037f..6c94a38 100644 /* This is set to 0 if the progressmeter is not desired. */ int showprogress = 1; -@@ -2406,7 +2409,7 @@ main(int argc, char **argv) +@@ -2409,7 +2412,7 @@ main(int argc, char **argv) infile = stdin; while ((ch = getopt(argc, argv, -- "1246afhpqrvCc:D:i:l:o:s:S:b:B:F:J:P:R:")) != -1) { -+ "1246afhpQqrvCc:D:i:l:o:s:S:b:B:F:J:P:R:")) != -1) { +- "1246afhNpqrvCc:D:i:l:o:s:S:b:B:F:J:P:R:")) != -1) { ++ "1246afhNpQqrvCc:D:i:l:o:s:S:b:B:F:J:P:R:")) != -1) { switch (ch) { /* Passed through to ssh(1) */ case '4': -@@ -2423,6 +2426,9 @@ main(int argc, char **argv) +@@ -2426,6 +2429,9 @@ main(int argc, char **argv) addargs(&args, "-%c", ch); addargs(&args, "%s", optarg); break; @@ -50,7 +49,7 @@ index b66037f..6c94a38 100644 case 'q': ll = SYSLOG_LEVEL_ERROR; quiet = 1; -@@ -2506,6 +2512,8 @@ main(int argc, char **argv) +@@ -2510,6 +2516,8 @@ main(int argc, char **argv) usage(); } } diff --git a/openssh-8.0p1-gssapi-keyex.patch b/openssh-8.0p1-gssapi-keyex.patch index a849032..1f74989 100644 --- a/openssh-8.0p1-gssapi-keyex.patch +++ b/openssh-8.0p1-gssapi-keyex.patch @@ -1,29 +1,29 @@ diff --git a/Makefile.in b/Makefile.in -index 1baf5c6..02bafbc 100644 +index 9eab827..9d3f569 100644 --- a/Makefile.in +++ b/Makefile.in -@@ -109,6 +109,7 @@ LIBSSH_OBJS=${LIBOPENSSH_OBJS} \ +@@ -113,6 +113,7 @@ LIBSSH_OBJS=${LIBOPENSSH_OBJS} \ kex.o kexdh.o kexgex.o kexecdh.o kexc25519.o \ kexgexc.o kexgexs.o \ sntrup4591761.o kexsntrup4591761x25519.o kexgen.o \ + kexgssc.o \ - platform-pledge.o platform-tracing.o platform-misc.o + sftp-realpath.o platform-pledge.o platform-tracing.o platform-misc.o \ + sshbuf-io.o - -@@ -125,7 +126,7 @@ SSHDOBJS=sshd.o auth-rhosts.o auth-passwd.o \ +@@ -131,7 +132,7 @@ SSHDOBJS=sshd.o auth-rhosts.o auth-passwd.o \ auth-bsdauth.o auth2-hostbased.o auth2-kbdint.o \ auth2-none.o auth2-passwd.o auth2-pubkey.o \ monitor.o monitor_wrap.o auth-krb5.o \ - auth2-gss.o gss-serv.o gss-serv-krb5.o \ + auth2-gss.o gss-serv.o gss-serv-krb5.o kexgsss.o \ loginrec.o auth-pam.o auth-shadow.o auth-sia.o md5crypt.o \ - sftp-server.o sftp-common.o sftp-realpath.o \ + sftp-server.o sftp-common.o \ sandbox-null.o sandbox-rlimit.o sandbox-systrace.o sandbox-darwin.o \ diff --git a/auth.c b/auth.c -index 5c58dd1..ab43955 100644 +index 0a2dd3a..779a1af 100644 --- a/auth.c +++ b/auth.c -@@ -399,7 +399,8 @@ auth_root_allowed(struct ssh *ssh, const char *method) +@@ -400,7 +400,8 @@ auth_root_allowed(struct ssh *ssh, const char *method) case PERMIT_NO_PASSWD: if (strcmp(method, "publickey") == 0 || strcmp(method, "hostbased") == 0 || @@ -33,7 +33,7 @@ index 5c58dd1..ab43955 100644 return 1; break; case PERMIT_FORCED_ONLY: -@@ -723,99 +724,6 @@ fakepw(void) +@@ -724,99 +725,6 @@ fakepw(void) return (&fake); } @@ -62,7 +62,7 @@ index 5c58dd1..ab43955 100644 - if (getpeername(ssh_packet_get_connection_in(ssh), - (struct sockaddr *)&from, &fromlen) == -1) { - debug("getpeername failed: %.100s", strerror(errno)); -- return strdup(ntop); +- return xstrdup(ntop); - } - - ipv64_normalise_mapped(&from, &fromlen); @@ -74,7 +74,7 @@ index 5c58dd1..ab43955 100644 - if (getnameinfo((struct sockaddr *)&from, fromlen, name, sizeof(name), - NULL, 0, NI_NAMEREQD) != 0) { - /* Host name not found. Use ip address. */ -- return strdup(ntop); +- return xstrdup(ntop); - } - - /* @@ -89,7 +89,7 @@ index 5c58dd1..ab43955 100644 - logit("Nasty PTR record \"%s\" is set up for %s, ignoring", - name, ntop); - freeaddrinfo(ai); -- return strdup(ntop); +- return xstrdup(ntop); - } - - /* Names are stored in lowercase. */ @@ -110,7 +110,7 @@ index 5c58dd1..ab43955 100644 - if (getaddrinfo(name, NULL, &hints, &aitop) != 0) { - logit("reverse mapping checking getaddrinfo for %.700s " - "[%s] failed.", name, ntop); -- return strdup(ntop); +- return xstrdup(ntop); - } - /* Look for the address from the list of addresses. */ - for (ai = aitop; ai; ai = ai->ai_next) { @@ -125,9 +125,9 @@ index 5c58dd1..ab43955 100644 - /* Address not found for the host name. */ - logit("Address %.100s maps to %.600s, but this does not " - "map back to the address.", ntop, name); -- return strdup(ntop); +- return xstrdup(ntop); - } -- return strdup(name); +- return xstrdup(name); -} - /* @@ -229,7 +229,7 @@ index 9351e04..d6446c0 100644 "gssapi-with-mic", userauth_gssapi, diff --git a/auth2.c b/auth2.c -index 0e77622..1c21726 100644 +index 91aaf34..a4a5e00 100644 --- a/auth2.c +++ b/auth2.c @@ -73,6 +73,7 @@ extern Authmethod method_passwd; @@ -249,7 +249,7 @@ index 0e77622..1c21726 100644 #endif &method_passwd, diff --git a/canohost.c b/canohost.c -index abea9c6..9a00fc2 100644 +index abea9c6..8e81b51 100644 --- a/canohost.c +++ b/canohost.c @@ -35,6 +35,99 @@ @@ -281,7 +281,7 @@ index abea9c6..9a00fc2 100644 + if (getpeername(ssh_packet_get_connection_in(ssh), + (struct sockaddr *)&from, &fromlen) == -1) { + debug("getpeername failed: %.100s", strerror(errno)); -+ return strdup(ntop); ++ return xstrdup(ntop); + } + + ipv64_normalise_mapped(&from, &fromlen); @@ -293,7 +293,7 @@ index abea9c6..9a00fc2 100644 + if (getnameinfo((struct sockaddr *)&from, fromlen, name, sizeof(name), + NULL, 0, NI_NAMEREQD) != 0) { + /* Host name not found. Use ip address. */ -+ return strdup(ntop); ++ return xstrdup(ntop); + } + + /* @@ -308,7 +308,7 @@ index abea9c6..9a00fc2 100644 + logit("Nasty PTR record \"%s\" is set up for %s, ignoring", + name, ntop); + freeaddrinfo(ai); -+ return strdup(ntop); ++ return xstrdup(ntop); + } + + /* Names are stored in lowercase. */ @@ -329,7 +329,7 @@ index abea9c6..9a00fc2 100644 + if (getaddrinfo(name, NULL, &hints, &aitop) != 0) { + logit("reverse mapping checking getaddrinfo for %.700s " + "[%s] failed.", name, ntop); -+ return strdup(ntop); ++ return xstrdup(ntop); + } + /* Look for the address from the list of addresses. */ + for (ai = aitop; ai; ai = ai->ai_next) { @@ -344,9 +344,9 @@ index abea9c6..9a00fc2 100644 + /* Address not found for the host name. */ + logit("Address %.100s maps to %.600s, but this does not " + "map back to the address.", ntop, name); -+ return strdup(ntop); ++ return xstrdup(ntop); + } -+ return strdup(name); ++ return xstrdup(name); +} + void @@ -367,7 +367,7 @@ index 26d6285..0cadc9f 100644 int get_peer_port(int); char *get_local_ipaddr(int); diff --git a/clientloop.c b/clientloop.c -index b5a1f70..9def2a1 100644 +index da396c7..42ace77 100644 --- a/clientloop.c +++ b/clientloop.c @@ -112,6 +112,10 @@ @@ -381,7 +381,7 @@ index b5a1f70..9def2a1 100644 /* import options */ extern Options options; -@@ -1373,9 +1377,18 @@ client_loop(struct ssh *ssh, int have_pty, int escape_char_arg, +@@ -1361,9 +1365,18 @@ client_loop(struct ssh *ssh, int have_pty, int escape_char_arg, break; /* Do channel operations unless rekeying in progress. */ @@ -402,10 +402,10 @@ index b5a1f70..9def2a1 100644 client_process_net_input(ssh, readset); diff --git a/configure.ac b/configure.ac -index ff9c11a..c0db779 100644 +index 82aafe3..8a0e791 100644 --- a/configure.ac +++ b/configure.ac -@@ -666,6 +666,30 @@ main() { if (NSVersionOfRunTimeLibrary("System") >= (60 << 16)) +@@ -676,6 +676,30 @@ main() { if (NSVersionOfRunTimeLibrary("System") >= (60 << 16)) [Use tunnel device compatibility to OpenBSD]) AC_DEFINE([SSH_TUN_PREPEND_AF], [1], [Prepend the address family to IP tunnel traffic]) @@ -959,11 +959,11 @@ index a151bc1..8d2b677 100644 #endif /* KRB5 */ diff --git a/gss-serv.c b/gss-serv.c -index ab3a15f..6ce56e9 100644 +index b5d4bb2..d8010dd 100644 --- a/gss-serv.c +++ b/gss-serv.c @@ -1,7 +1,7 @@ - /* $OpenBSD: gss-serv.c,v 1.31 2018/07/09 21:37:55 markus Exp $ */ + /* $OpenBSD: gss-serv.c,v 1.32 2020/03/13 03:17:07 djm Exp $ */ /* - * Copyright (c) 2001-2003 Simon Wilkinson. All rights reserved. @@ -1259,10 +1259,10 @@ index ab3a15f..6ce56e9 100644 /* Privileged */ diff --git a/kex.c b/kex.c -index 1f82c2e..92d8ee0 100644 +index 53f7ff8..fbb8e4f 100644 --- a/kex.c +++ b/kex.c -@@ -55,11 +55,16 @@ +@@ -57,11 +57,16 @@ #include "misc.h" #include "dispatch.h" #include "monitor.h" @@ -1279,7 +1279,7 @@ index 1f82c2e..92d8ee0 100644 #include "fips.h" /* prototype */ -@@ -115,6 +120,19 @@ static const struct kexalg kexalgs_all[] = { +@@ -117,6 +122,19 @@ static const struct kexalg kexalgs_all[] = { #endif /* HAVE_EVP_SHA256 || !WITH_OPENSSL */ { NULL, 0, -1, -1}, }; @@ -1299,7 +1299,7 @@ index 1f82c2e..92d8ee0 100644 static const struct kexalg kexalgs_fips140_2[] = { #ifdef WITH_OPENSSL -@@ -142,12 +160,12 @@ static const struct kexalg kexalgs_fips140_2[] = { +@@ -144,12 +162,12 @@ static const struct kexalg kexalgs_fips140_2[] = { /* Returns array of macs available depending on selected FIPS mode */ static const struct kexalg * @@ -1314,7 +1314,7 @@ index 1f82c2e..92d8ee0 100644 case 1: return kexalgs_fips140_2; default: -@@ -158,13 +176,13 @@ fips_select_kexalgs(void) +@@ -160,13 +178,13 @@ fips_select_kexalgs(void) } char * @@ -1330,7 +1330,7 @@ index 1f82c2e..92d8ee0 100644 if (ret != NULL) ret[rlen++] = sep; nlen = strlen(k->name); -@@ -179,15 +197,31 @@ kex_alg_list(char sep) +@@ -181,15 +199,31 @@ kex_alg_list(char sep) return ret; } @@ -1363,7 +1363,7 @@ index 1f82c2e..92d8ee0 100644 return NULL; } -@@ -359,6 +393,29 @@ kex_assemble_names(char **listp, const char *def, const char *all) +@@ -361,6 +395,29 @@ kex_assemble_names(char **listp, const char *def, const char *all) return r; } @@ -1393,7 +1393,7 @@ index 1f82c2e..92d8ee0 100644 /* put algorithm proposal into buffer */ int kex_prop2buf(struct sshbuf *b, char *proposal[PROPOSAL_MAX]) -@@ -742,6 +799,9 @@ kex_free(struct kex *kex) +@@ -743,6 +800,9 @@ kex_free(struct kex *kex) sshbuf_free(kex->server_version); sshbuf_free(kex->client_pub); free(kex->session_id); @@ -1502,7 +1502,7 @@ index 67133e3..edaa467 100644 break; case KEX_DH_GRP18_SHA512: diff --git a/kexgen.c b/kexgen.c -index bb996b5..d353ed8 100644 +index 69348b9..c0e8c2f 100644 --- a/kexgen.c +++ b/kexgen.c @@ -44,7 +44,7 @@ @@ -2596,10 +2596,10 @@ index 0000000..60bc02d +} +#endif /* defined(GSSAPI) && defined(WITH_OPENSSL) */ diff --git a/monitor.c b/monitor.c -index 00af44f..20812fa 100644 +index b6e855d..cf775e5 100644 --- a/monitor.c +++ b/monitor.c -@@ -147,6 +147,8 @@ int mm_answer_gss_setup_ctx(struct ssh *, int, struct sshbuf *); +@@ -148,6 +148,8 @@ int mm_answer_gss_setup_ctx(struct ssh *, int, struct sshbuf *); int mm_answer_gss_accept_ctx(struct ssh *, int, struct sshbuf *); int mm_answer_gss_userok(struct ssh *, int, struct sshbuf *); int mm_answer_gss_checkmic(struct ssh *, int, struct sshbuf *); @@ -2608,7 +2608,7 @@ index 00af44f..20812fa 100644 #endif #ifdef SSH_AUDIT_EVENTS -@@ -219,11 +221,18 @@ struct mon_table mon_dispatch_proto20[] = { +@@ -220,11 +222,18 @@ struct mon_table mon_dispatch_proto20[] = { {MONITOR_REQ_GSSSTEP, 0, mm_answer_gss_accept_ctx}, {MONITOR_REQ_GSSUSEROK, MON_ONCE|MON_AUTHDECIDE, mm_answer_gss_userok}, {MONITOR_REQ_GSSCHECKMIC, MON_ONCE, mm_answer_gss_checkmic}, @@ -2627,7 +2627,7 @@ index 00af44f..20812fa 100644 #ifdef WITH_OPENSSL {MONITOR_REQ_MODULI, 0, mm_answer_moduli}, #endif -@@ -292,6 +301,10 @@ monitor_child_preauth(struct ssh *ssh, struct monitor *pmonitor) +@@ -293,6 +302,10 @@ monitor_child_preauth(struct ssh *ssh, struct monitor *pmonitor) /* Permit requests for moduli and signatures */ monitor_permit(mon_dispatch, MONITOR_REQ_MODULI, 1); monitor_permit(mon_dispatch, MONITOR_REQ_SIGN, 1); @@ -2638,7 +2638,7 @@ index 00af44f..20812fa 100644 /* The first few requests do not require asynchronous access */ while (!authenticated) { -@@ -405,6 +418,10 @@ monitor_child_postauth(struct ssh *ssh, struct monitor *pmonitor) +@@ -406,6 +419,10 @@ monitor_child_postauth(struct ssh *ssh, struct monitor *pmonitor) monitor_permit(mon_dispatch, MONITOR_REQ_MODULI, 1); monitor_permit(mon_dispatch, MONITOR_REQ_SIGN, 1); monitor_permit(mon_dispatch, MONITOR_REQ_TERM, 1); @@ -2649,7 +2649,7 @@ index 00af44f..20812fa 100644 if (auth_opts->permit_pty_flag) { monitor_permit(mon_dispatch, MONITOR_REQ_PTY, 1); -@@ -1687,6 +1704,17 @@ monitor_apply_keystate(struct ssh *ssh, struct monitor *pmonitor) +@@ -1712,6 +1729,17 @@ monitor_apply_keystate(struct ssh *ssh, struct monitor *pmonitor) # ifdef OPENSSL_HAS_ECC kex->kex[KEX_ECDH_SHA2] = kex_gen_server; # endif @@ -2667,7 +2667,7 @@ index 00af44f..20812fa 100644 #endif /* WITH_OPENSSL */ kex->kex[KEX_C25519_SHA256] = kex_gen_server; kex->kex[KEX_KEM_SNTRUP4591761X25519_SHA512] = kex_gen_server; -@@ -1780,8 +1808,8 @@ mm_answer_gss_setup_ctx(struct ssh *ssh, int sock, struct sshbuf *m) +@@ -1805,8 +1833,8 @@ mm_answer_gss_setup_ctx(struct ssh *ssh, int sock, struct sshbuf *m) u_char *p; int r; @@ -2678,7 +2678,7 @@ index 00af44f..20812fa 100644 if ((r = sshbuf_get_string(m, &p, &len)) != 0) fatal("%s: buffer error: %s", __func__, ssh_err(r)); -@@ -1813,8 +1841,8 @@ mm_answer_gss_accept_ctx(struct ssh *ssh, int sock, struct sshbuf *m) +@@ -1838,8 +1866,8 @@ mm_answer_gss_accept_ctx(struct ssh *ssh, int sock, struct sshbuf *m) OM_uint32 flags = 0; /* GSI needs this */ int r; @@ -2689,7 +2689,7 @@ index 00af44f..20812fa 100644 if ((r = ssh_gssapi_get_buffer_desc(m, &in)) != 0) fatal("%s: buffer error: %s", __func__, ssh_err(r)); -@@ -1834,6 +1862,7 @@ mm_answer_gss_accept_ctx(struct ssh *ssh, int sock, struct sshbuf *m) +@@ -1859,6 +1887,7 @@ mm_answer_gss_accept_ctx(struct ssh *ssh, int sock, struct sshbuf *m) monitor_permit(mon_dispatch, MONITOR_REQ_GSSSTEP, 0); monitor_permit(mon_dispatch, MONITOR_REQ_GSSUSEROK, 1); monitor_permit(mon_dispatch, MONITOR_REQ_GSSCHECKMIC, 1); @@ -2697,7 +2697,7 @@ index 00af44f..20812fa 100644 } return (0); } -@@ -1845,8 +1874,8 @@ mm_answer_gss_checkmic(struct ssh *ssh, int sock, struct sshbuf *m) +@@ -1870,8 +1899,8 @@ mm_answer_gss_checkmic(struct ssh *ssh, int sock, struct sshbuf *m) OM_uint32 ret; int r; @@ -2708,7 +2708,7 @@ index 00af44f..20812fa 100644 if ((r = ssh_gssapi_get_buffer_desc(m, &gssbuf)) != 0 || (r = ssh_gssapi_get_buffer_desc(m, &mic)) != 0) -@@ -1872,13 +1901,17 @@ mm_answer_gss_checkmic(struct ssh *ssh, int sock, struct sshbuf *m) +@@ -1897,13 +1926,17 @@ mm_answer_gss_checkmic(struct ssh *ssh, int sock, struct sshbuf *m) int mm_answer_gss_userok(struct ssh *ssh, int sock, struct sshbuf *m) { @@ -2730,7 +2730,7 @@ index 00af44f..20812fa 100644 sshbuf_reset(m); if ((r = sshbuf_put_u32(m, authenticated)) != 0) -@@ -1887,7 +1920,11 @@ mm_answer_gss_userok(struct ssh *ssh, int sock, struct sshbuf *m) +@@ -1912,7 +1945,11 @@ mm_answer_gss_userok(struct ssh *ssh, int sock, struct sshbuf *m) debug3("%s: sending result %d", __func__, authenticated); mm_request_send(sock, MONITOR_ANS_GSSUSEROK, m); @@ -2743,7 +2743,7 @@ index 00af44f..20812fa 100644 if ((displayname = ssh_gssapi_displayname()) != NULL) auth2_record_info(authctxt, "%s", displayname); -@@ -1895,5 +1932,85 @@ mm_answer_gss_userok(struct ssh *ssh, int sock, struct sshbuf *m) +@@ -1920,5 +1957,85 @@ mm_answer_gss_userok(struct ssh *ssh, int sock, struct sshbuf *m) /* Monitor loop will terminate if authenticated */ return (authenticated); } @@ -2843,10 +2843,10 @@ index 683e5e0..2b1a2d5 100644 struct ssh; diff --git a/monitor_wrap.c b/monitor_wrap.c -index 4169b76..fdca39a 100644 +index 001a8fa..6edb509 100644 --- a/monitor_wrap.c +++ b/monitor_wrap.c -@@ -978,13 +978,15 @@ mm_ssh_gssapi_checkmic(Gssctxt *ctx, gss_buffer_t gssbuf, gss_buffer_t gssmic) +@@ -993,13 +993,15 @@ mm_ssh_gssapi_checkmic(Gssctxt *ctx, gss_buffer_t gssbuf, gss_buffer_t gssmic) } int @@ -2863,7 +2863,7 @@ index 4169b76..fdca39a 100644 mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_GSSUSEROK, m); mm_request_receive_expect(pmonitor->m_recvfd, -@@ -997,4 +999,57 @@ mm_ssh_gssapi_userok(char *user) +@@ -1012,4 +1014,57 @@ mm_ssh_gssapi_userok(char *user) debug3("%s: user %sauthenticated",__func__, authenticated ? "" : "not "); return (authenticated); } @@ -2922,10 +2922,10 @@ index 4169b76..fdca39a 100644 + #endif /* GSSAPI */ diff --git a/monitor_wrap.h b/monitor_wrap.h -index 191277f..92dda57 100644 +index 23ab096..485590c 100644 --- a/monitor_wrap.h +++ b/monitor_wrap.h -@@ -63,8 +63,10 @@ int mm_sshkey_verify(const struct sshkey *, const u_char *, size_t, +@@ -64,8 +64,10 @@ int mm_sshkey_verify(const struct sshkey *, const u_char *, size_t, OM_uint32 mm_ssh_gssapi_server_ctx(Gssctxt **, gss_OID); OM_uint32 mm_ssh_gssapi_accept_ctx(Gssctxt *, gss_buffer_desc *, gss_buffer_desc *, OM_uint32 *); @@ -2938,7 +2938,7 @@ index 191277f..92dda57 100644 #ifdef USE_PAM diff --git a/readconf.c b/readconf.c -index 228f481..24f2cb1 100644 +index 408a80c..d37658a 100644 --- a/readconf.c +++ b/readconf.c @@ -67,6 +67,7 @@ @@ -2949,7 +2949,7 @@ index 228f481..24f2cb1 100644 #include "fips.h" -@@ -164,6 +165,8 @@ typedef enum { +@@ -162,6 +163,8 @@ typedef enum { oClearAllForwardings, oNoHostAuthenticationForLocalhost, oEnableSSHKeysign, oRekeyLimit, oVerifyHostKeyDNS, oConnectTimeout, oAddressFamily, oGssAuthentication, oGssDelegateCreds, @@ -2958,7 +2958,7 @@ index 228f481..24f2cb1 100644 oServerAliveInterval, oServerAliveCountMax, oIdentitiesOnly, oSendEnv, oSetEnv, oControlPath, oControlMaster, oControlPersist, oHashKnownHosts, -@@ -204,10 +207,22 @@ static struct { +@@ -206,10 +209,22 @@ static struct { /* Sometimes-unsupported options */ #if defined(GSSAPI) { "gssapiauthentication", oGssAuthentication }, @@ -2981,7 +2981,7 @@ index 228f481..24f2cb1 100644 #endif #ifdef ENABLE_PKCS11 { "pkcs11provider", oPKCS11Provider }, -@@ -990,10 +1005,42 @@ parse_time: +@@ -1055,10 +1070,42 @@ parse_time: intptr = &options->gss_authentication; goto parse_flag; @@ -3024,7 +3024,7 @@ index 228f481..24f2cb1 100644 case oBatchMode: intptr = &options->batch_mode; goto parse_flag; -@@ -1882,7 +1929,13 @@ initialize_options(Options * options) +@@ -1954,7 +2001,13 @@ initialize_options(Options * options) options->pubkey_authentication = -1; options->challenge_response_authentication = -1; options->gss_authentication = -1; @@ -3038,7 +3038,7 @@ index 228f481..24f2cb1 100644 options->password_authentication = -1; options->kbd_interactive_authentication = -1; options->kbd_interactive_devices = NULL; -@@ -2028,8 +2081,18 @@ fill_default_options(Options * options) +@@ -2102,8 +2155,18 @@ fill_default_options(Options * options) options->challenge_response_authentication = 1; if (options->gss_authentication == -1) options->gss_authentication = 0; @@ -3057,7 +3057,7 @@ index 228f481..24f2cb1 100644 if (options->password_authentication == -1) options->password_authentication = 1; if (options->kbd_interactive_authentication == -1) -@@ -2647,7 +2710,14 @@ dump_client_config(Options *o, const char *host) +@@ -2751,7 +2814,14 @@ dump_client_config(Options *o, const char *host) dump_cfg_fmtint(oGatewayPorts, o->fwd_opts.gateway_ports); #ifdef GSSAPI dump_cfg_fmtint(oGssAuthentication, o->gss_authentication); @@ -3073,10 +3073,10 @@ index 228f481..24f2cb1 100644 dump_cfg_fmtint(oHashKnownHosts, o->hash_known_hosts); dump_cfg_fmtint(oHostbasedAuthentication, o->hostbased_authentication); diff --git a/readconf.h b/readconf.h -index 67111e9..2617764 100644 +index ef18d5c..c0d797e 100644 --- a/readconf.h +++ b/readconf.h -@@ -40,7 +40,13 @@ typedef struct { +@@ -41,7 +41,13 @@ typedef struct { int challenge_response_authentication; /* Try S/Key or TIS, authentication. */ int gss_authentication; /* Try GSS authentication */ @@ -3091,10 +3091,10 @@ index 67111e9..2617764 100644 * authentication. */ int kbd_interactive_authentication; /* Try keyboard-interactive auth. */ diff --git a/servconf.c b/servconf.c -index a8833a9..13cf154 100644 +index 8a9db25..18b70b6 100644 --- a/servconf.c +++ b/servconf.c -@@ -64,6 +64,7 @@ +@@ -69,6 +69,7 @@ #include "auth.h" #include "myproposal.h" #include "digest.h" @@ -3102,7 +3102,7 @@ index a8833a9..13cf154 100644 #include "fips.h" static void add_listen_addr(ServerOptions *, const char *, -@@ -126,8 +127,11 @@ initialize_server_options(ServerOptions *options) +@@ -135,8 +136,11 @@ initialize_server_options(ServerOptions *options) options->kerberos_ticket_cleanup = -1; options->kerberos_get_afs_token = -1; options->gss_authentication=-1; @@ -3114,7 +3114,7 @@ index a8833a9..13cf154 100644 options->password_authentication = -1; options->kbd_interactive_authentication = -1; options->challenge_response_authentication = -1; -@@ -374,10 +378,18 @@ fill_default_server_options(ServerOptions *options) +@@ -398,10 +402,18 @@ fill_default_server_options(ServerOptions *options) options->kerberos_get_afs_token = 0; if (options->gss_authentication == -1) options->gss_authentication = 0; @@ -3133,7 +3133,7 @@ index a8833a9..13cf154 100644 if (options->password_authentication == -1) options->password_authentication = 1; if (options->kbd_interactive_authentication == -1) -@@ -523,6 +535,7 @@ typedef enum { +@@ -556,6 +568,7 @@ typedef enum { sHostKeyAlgorithms, sClientAliveInterval, sClientAliveCountMax, sAuthorizedKeysFile, sGssAuthentication, sGssCleanupCreds, sGssStrictAcceptor, @@ -3141,7 +3141,7 @@ index a8833a9..13cf154 100644 sAcceptEnv, sSetEnv, sPermitTunnel, sMatch, sPermitOpen, sPermitListen, sForceCommand, sChrootDirectory, sUsePrivilegeSeparation, sAllowAgentForwarding, -@@ -599,12 +612,22 @@ static struct { +@@ -634,12 +647,22 @@ static struct { #ifdef GSSAPI { "gssapiauthentication", sGssAuthentication, SSHCFG_ALL }, { "gssapicleanupcredentials", sGssCleanupCreds, SSHCFG_GLOBAL }, @@ -3164,7 +3164,7 @@ index a8833a9..13cf154 100644 { "passwordauthentication", sPasswordAuthentication, SSHCFG_ALL }, { "kbdinteractiveauthentication", sKbdInteractiveAuthentication, SSHCFG_ALL }, { "challengeresponseauthentication", sChallengeResponseAuthentication, SSHCFG_GLOBAL }, -@@ -1518,6 +1541,10 @@ process_server_config_line(ServerOptions *options, char *line, +@@ -1585,6 +1608,10 @@ process_server_config_line_depth(ServerOptions *options, char *line, intptr = &options->gss_authentication; goto parse_flag; @@ -3175,7 +3175,7 @@ index a8833a9..13cf154 100644 case sGssCleanupCreds: intptr = &options->gss_cleanup_creds; goto parse_flag; -@@ -1526,6 +1553,22 @@ process_server_config_line(ServerOptions *options, char *line, +@@ -1593,6 +1620,22 @@ process_server_config_line_depth(ServerOptions *options, char *line, intptr = &options->gss_strict_acceptor; goto parse_flag; @@ -3198,7 +3198,7 @@ index a8833a9..13cf154 100644 case sPasswordAuthentication: intptr = &options->password_authentication; goto parse_flag; -@@ -2615,6 +2658,10 @@ dump_config(ServerOptions *o) +@@ -2821,6 +2864,10 @@ dump_config(ServerOptions *o) #ifdef GSSAPI dump_cfg_fmtint(sGssAuthentication, o->gss_authentication); dump_cfg_fmtint(sGssCleanupCreds, o->gss_cleanup_creds); @@ -3210,10 +3210,10 @@ index a8833a9..13cf154 100644 dump_cfg_fmtint(sPasswordAuthentication, o->password_authentication); dump_cfg_fmtint(sKbdInteractiveAuthentication, diff --git a/servconf.h b/servconf.h -index 4670a5a..56373e5 100644 +index d24d459..45665df 100644 --- a/servconf.h +++ b/servconf.h -@@ -126,8 +126,11 @@ typedef struct { +@@ -137,8 +137,11 @@ typedef struct { int kerberos_get_afs_token; /* If true, try to get AFS token if * authenticated with Kerberos. */ int gss_authentication; /* If true, permit GSSAPI authentication */ @@ -3226,10 +3226,10 @@ index 4670a5a..56373e5 100644 * authentication. */ int kbd_interactive_authentication; /* If true, permit */ diff --git a/session.c b/session.c -index d81060c..89f9539 100644 +index 501bbdf..530aa26 100644 --- a/session.c +++ b/session.c -@@ -2713,13 +2713,19 @@ do_cleanup(struct ssh *ssh, Authctxt *authctxt) +@@ -2717,13 +2717,19 @@ do_cleanup(struct ssh *ssh, Authctxt *authctxt) #ifdef KRB5 if (options.kerberos_ticket_cleanup && @@ -3372,10 +3372,10 @@ index 36180d0..70dd366 100644 #endif /* _SSH_GSS_H */ diff --git a/ssh.1 b/ssh.1 -index 899a339..70d3017 100644 +index dce5f40..7a3ba31 100644 --- a/ssh.1 +++ b/ssh.1 -@@ -497,7 +497,13 @@ For full details of the options listed below, and their possible values, see +@@ -506,7 +506,13 @@ For full details of the options listed below, and their possible values, see .It GatewayPorts .It GlobalKnownHostsFile .It GSSAPIAuthentication @@ -3389,7 +3389,7 @@ index 899a339..70d3017 100644 .It HashKnownHosts .It Host .It HostbasedAuthentication -@@ -573,6 +579,8 @@ flag), +@@ -582,6 +588,8 @@ flag), (supported message integrity codes), .Ar kex (key exchange algorithms), @@ -3399,25 +3399,25 @@ index 899a339..70d3017 100644 (key types), .Ar key-cert diff --git a/ssh.c b/ssh.c -index 882d1da..5f3ca8d 100644 +index dce28fd..c99e0e4 100644 --- a/ssh.c +++ b/ssh.c -@@ -742,6 +742,8 @@ main(int ac, char **av) - cp = mac_alg_list('\n'); - else if (strcmp(optarg, "kex") == 0) +@@ -779,6 +779,8 @@ main(int ac, char **av) + else if (strcmp(optarg, "kex") == 0 || + strcasecmp(optarg, "KexAlgorithms") == 0) cp = kex_alg_list('\n'); + else if (strcmp(optarg, "kex-gss") == 0) + cp = kex_gss_alg_list('\n'); else if (strcmp(optarg, "key") == 0) cp = sshkey_alg_list(0, 0, 0, '\n'); else if (strcmp(optarg, "key-cert") == 0) -@@ -754,7 +756,7 @@ main(int ac, char **av) - cp = xstrdup("2"); - else if (strcmp(optarg, "help") == 0) { +@@ -803,7 +805,7 @@ main(int ac, char **av) + cp[n] = '\n'; + } else if (strcmp(optarg, "help") == 0) { cp = xstrdup( -- "cipher\ncipher-auth\nkex\nkey\n" -+ "cipher\ncipher-auth\nkex\nkex-gss\nkey\n" - "key-cert\nkey-plain\nmac\n" +- "cipher\ncipher-auth\ncompression\nkex\n" ++ "cipher\ncipher-auth\ncompression\nkex\nkex-gss\n" + "key\nkey-cert\nkey-plain\nkey-sig\nmac\n" "protocol-version\nsig"); } diff --git a/ssh_config b/ssh_config @@ -3434,10 +3434,10 @@ index 3a00f4d..a798a43 100644 # CheckHostIP yes # AddressFamily any diff --git a/ssh_config.5 b/ssh_config.5 -index f0cb291..3bf0502 100644 +index f6c3bdc..30c22e5 100644 --- a/ssh_config.5 +++ b/ssh_config.5 -@@ -760,10 +760,67 @@ The default is +@@ -768,10 +768,67 @@ The default is Specifies whether user authentication based on GSSAPI is allowed. The default is .Cm no . @@ -3506,10 +3506,10 @@ index f0cb291..3bf0502 100644 Indicates that .Xr ssh 1 diff --git a/sshconnect2.c b/sshconnect2.c -index 87fa70a..9e8c3e5 100644 +index 1a6545e..b970198 100644 --- a/sshconnect2.c +++ b/sshconnect2.c -@@ -78,8 +78,6 @@ +@@ -80,8 +80,6 @@ #endif /* import */ @@ -3518,9 +3518,9 @@ index 87fa70a..9e8c3e5 100644 extern Options options; /* -@@ -161,6 +159,11 @@ ssh_kex2(struct ssh *ssh, char *host, struct sockaddr *hostaddr, u_short port) +@@ -163,6 +161,11 @@ ssh_kex2(struct ssh *ssh, char *host, struct sockaddr *hostaddr, u_short port) char *s, *all_key; - int r; + int r, use_known_hosts_order = 0; +#if defined(GSSAPI) && defined(WITH_OPENSSL) + char *orig = NULL, *gss = NULL; @@ -3530,8 +3530,8 @@ index 87fa70a..9e8c3e5 100644 xxx_host = host; xxx_hostaddr = hostaddr; -@@ -193,6 +196,35 @@ ssh_kex2(struct ssh *ssh, char *host, struct sockaddr *hostaddr, u_short port) - order_hostkeyalgs(host, hostaddr, port)); +@@ -206,6 +209,35 @@ ssh_kex2(struct ssh *ssh, char *host, struct sockaddr *hostaddr, u_short port) + compat_pkalg_proposal(options.hostkeyalgorithms); } +#if defined(GSSAPI) && defined(WITH_OPENSSL) @@ -3566,7 +3566,7 @@ index 87fa70a..9e8c3e5 100644 if (options.rekey_limit || options.rekey_interval) ssh_packet_set_rekey_limits(ssh, options.rekey_limit, options.rekey_interval); -@@ -211,16 +243,46 @@ ssh_kex2(struct ssh *ssh, char *host, struct sockaddr *hostaddr, u_short port) +@@ -224,16 +256,46 @@ ssh_kex2(struct ssh *ssh, char *host, struct sockaddr *hostaddr, u_short port) # ifdef OPENSSL_HAS_ECC ssh->kex->kex[KEX_ECDH_SHA2] = kex_gen_client; # endif @@ -3614,7 +3614,7 @@ index 87fa70a..9e8c3e5 100644 if ((r = kex_prop2buf(ssh->kex->my, myproposal)) != 0) fatal("kex_prop2buf: %s", ssh_err(r)); -@@ -317,6 +379,7 @@ static int input_gssapi_response(int type, u_int32_t, struct ssh *); +@@ -330,6 +392,7 @@ static int input_gssapi_response(int type, u_int32_t, struct ssh *); static int input_gssapi_token(int type, u_int32_t, struct ssh *); static int input_gssapi_error(int, u_int32_t, struct ssh *); static int input_gssapi_errtok(int, u_int32_t, struct ssh *); @@ -3622,7 +3622,7 @@ index 87fa70a..9e8c3e5 100644 #endif void userauth(struct ssh *, char *); -@@ -333,6 +396,11 @@ static char *authmethods_get(void); +@@ -346,6 +409,11 @@ static char *authmethods_get(void); Authmethod authmethods[] = { #ifdef GSSAPI @@ -3634,7 +3634,7 @@ index 87fa70a..9e8c3e5 100644 {"gssapi-with-mic", userauth_gssapi, userauth_gssapi_cleanup, -@@ -697,12 +765,23 @@ userauth_gssapi(struct ssh *ssh) +@@ -716,12 +784,23 @@ userauth_gssapi(struct ssh *ssh) OM_uint32 min; int r, ok = 0; gss_OID mech = NULL; @@ -3659,7 +3659,7 @@ index 87fa70a..9e8c3e5 100644 /* Check to see whether the mechanism is usable before we offer it */ while (authctxt->mech_tried < authctxt->gss_supported_mechs->count && -@@ -711,13 +790,15 @@ userauth_gssapi(struct ssh *ssh) +@@ -730,13 +809,15 @@ userauth_gssapi(struct ssh *ssh) elements[authctxt->mech_tried]; /* My DER encoding requires length<128 */ if (mech->length < 128 && ssh_gssapi_check_mechanism(&gssctxt, @@ -3676,7 +3676,7 @@ index 87fa70a..9e8c3e5 100644 if (!ok || mech == NULL) return 0; -@@ -957,6 +1038,55 @@ input_gssapi_error(int type, u_int32_t plen, struct ssh *ssh) +@@ -976,6 +1057,55 @@ input_gssapi_error(int type, u_int32_t plen, struct ssh *ssh) free(lang); return r; } @@ -3733,10 +3733,10 @@ index 87fa70a..9e8c3e5 100644 static int diff --git a/sshd.c b/sshd.c -index c562094..0d5c4c4 100644 +index 1a09e7b..7d23232 100644 --- a/sshd.c +++ b/sshd.c -@@ -815,8 +815,8 @@ notify_hostkeys(struct ssh *ssh) +@@ -826,8 +826,8 @@ notify_hostkeys(struct ssh *ssh) } debug3("%s: sent %u hostkeys", __func__, nkeys); if (nkeys == 0) @@ -3747,7 +3747,7 @@ index c562094..0d5c4c4 100644 sshpkt_fatal(ssh, r, "%s: send", __func__); sshbuf_free(buf); } -@@ -1800,7 +1800,8 @@ main(int ac, char **av) +@@ -1865,7 +1865,8 @@ main(int ac, char **av) free(fp); } accumulate_host_timing_secret(cfg, NULL); @@ -3757,7 +3757,7 @@ index c562094..0d5c4c4 100644 logit("sshd: no hostkeys available -- exiting."); exit(1); } -@@ -2297,6 +2298,48 @@ do_ssh2_kex(struct ssh *ssh) +@@ -2361,6 +2362,48 @@ do_ssh2_kex(struct ssh *ssh) myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = compat_pkalg_proposal( list_hostkey_types()); @@ -3806,7 +3806,7 @@ index c562094..0d5c4c4 100644 /* start key exchange */ if ((r = kex_setup(ssh, myproposal)) != 0) fatal("kex_setup: %s", ssh_err(r)); -@@ -2312,7 +2355,18 @@ do_ssh2_kex(struct ssh *ssh) +@@ -2376,7 +2419,18 @@ do_ssh2_kex(struct ssh *ssh) # ifdef OPENSSL_HAS_ECC kex->kex[KEX_ECDH_SHA2] = kex_gen_server; # endif @@ -3840,10 +3840,10 @@ index 9ae8b05..8c1d1e5 100644 # Set this to 'yes' to enable PAM authentication, account processing, # and session processing. If this is enabled, PAM authentication will diff --git a/sshd_config.5 b/sshd_config.5 -index 8818ea5..50a4917 100644 +index 9c64f41..36696cc 100644 --- a/sshd_config.5 +++ b/sshd_config.5 -@@ -657,6 +657,11 @@ Specifies whether to automatically destroy the user's credentials cache +@@ -646,6 +646,11 @@ Specifies whether to automatically destroy the user's credentials cache on logout. The default is .Cm yes . @@ -3855,7 +3855,7 @@ index 8818ea5..50a4917 100644 .It Cm GSSAPIStrictAcceptorCheck Determines whether to be strict about the identity of the GSSAPI acceptor a client authenticates against. -@@ -671,6 +676,31 @@ machine's default store. +@@ -660,6 +665,31 @@ machine's default store. This facility is provided to assist with operation on multi homed machines. The default is .Cm yes . @@ -3888,18 +3888,18 @@ index 8818ea5..50a4917 100644 Specifies the key types that will be accepted for hostbased authentication as a list of comma-separated patterns. diff --git a/sshkey.c b/sshkey.c -index ef90563..4d2048b 100644 +index 1571e3d..1ac32a0 100644 --- a/sshkey.c +++ b/sshkey.c -@@ -145,6 +145,7 @@ static const struct keytype keytypes[] = { - # endif /* OPENSSL_HAS_NISTP521 */ +@@ -154,6 +154,7 @@ static const struct keytype keytypes[] = { + KEY_ECDSA_SK_CERT, NID_X9_62_prime256v1, 1, 0 }, # endif /* OPENSSL_HAS_ECC */ #endif /* WITH_OPENSSL */ + { "null", "null", NULL, KEY_NULL, 0, 0, 0 }, { NULL, NULL, NULL, -1, -1, 0, 0 } }; -@@ -233,7 +234,7 @@ sshkey_alg_list(int certs_only, int plain_only, int include_sigonly, char sep) +@@ -255,7 +256,7 @@ sshkey_alg_list(int certs_only, int plain_only, int include_sigonly, char sep) const struct keytype *kt; for (kt = keytypes; kt->type != -1; kt++) { @@ -3909,13 +3909,13 @@ index ef90563..4d2048b 100644 if (!include_sigonly && kt->sigonly) continue; diff --git a/sshkey.h b/sshkey.h -index 1119a7b..1bf30d0 100644 +index 9c1d4f6..f586e89 100644 --- a/sshkey.h +++ b/sshkey.h -@@ -65,6 +65,7 @@ enum sshkey_types { - KEY_ED25519_CERT, - KEY_XMSS, - KEY_XMSS_CERT, +@@ -69,6 +69,7 @@ enum sshkey_types { + KEY_ECDSA_SK_CERT, + KEY_ED25519_SK, + KEY_ED25519_SK_CERT, + KEY_NULL, KEY_UNSPEC }; diff --git a/openssh-8.1p1-audit.patch b/openssh-8.1p1-audit.patch index fb1980b..fcf3a91 100644 --- a/openssh-8.1p1-audit.patch +++ b/openssh-8.1p1-audit.patch @@ -1,17 +1,16 @@ diff --git a/Makefile.in b/Makefile.in -index 02bafbc..4ee4ab2 100644 +index 9d3f569..5a0e0b6 100644 --- a/Makefile.in +++ b/Makefile.in -@@ -110,7 +110,8 @@ LIBSSH_OBJS=${LIBOPENSSH_OBJS} \ - kexgexc.o kexgexs.o \ +@@ -115,7 +115,7 @@ LIBSSH_OBJS=${LIBOPENSSH_OBJS} \ sntrup4591761.o kexsntrup4591761x25519.o kexgen.o \ kexgssc.o \ -- platform-pledge.o platform-tracing.o platform-misc.o -+ platform-pledge.o platform-tracing.o platform-misc.o \ -+ auditstub.o + sftp-realpath.o platform-pledge.o platform-tracing.o platform-misc.o \ +- sshbuf-io.o ++ sshbuf-io.o auditstub.o + SKOBJS= ssh-sk-client.o - LIBSSH_OBJS += fips.o diff --git a/audit-bsm.c b/audit-bsm.c index 0ba16c7..d5e9cda 100644 --- a/audit-bsm.c @@ -744,10 +743,10 @@ index 0000000..639a798 +{ +} diff --git a/auth.c b/auth.c -index ab43955..5a4d11a 100644 +index 779a1af..f6f3c86 100644 --- a/auth.c +++ b/auth.c -@@ -366,7 +366,7 @@ auth_log(struct ssh *ssh, int authenticated, int partial, +@@ -367,7 +367,7 @@ auth_log(struct ssh *ssh, int authenticated, int partial, # endif #endif #ifdef SSH_AUDIT_EVENTS @@ -756,7 +755,7 @@ index ab43955..5a4d11a 100644 audit_event(ssh, audit_classify_auth(method)); #endif } -@@ -592,9 +592,6 @@ getpwnamallow(struct ssh *ssh, const char *user) +@@ -593,9 +593,6 @@ getpwnamallow(struct ssh *ssh, const char *user) record_failed_login(ssh, user, auth_get_canonical_hostname(ssh, options.use_dns), "ssh"); #endif @@ -767,7 +766,7 @@ index ab43955..5a4d11a 100644 } if (!allowed_user(ssh, pw)) diff --git a/auth.h b/auth.h -index becc672..84532d0 100644 +index becc672..c8a99fb 100644 --- a/auth.h +++ b/auth.h @@ -189,6 +189,8 @@ struct passwd * getpwnamallow(struct ssh *, const char *user); @@ -775,7 +774,7 @@ index becc672..84532d0 100644 char *expand_authorized_keys(const char *, struct passwd *pw); char *authorized_principals_file(struct passwd *); +int user_key_verify(struct ssh *, const struct sshkey *, const u_char *, size_t, -+ const u_char *, size_t, const char *, u_int); ++ const u_char *, size_t, const char *, u_int, struct sshkey_sig_details **); FILE *auth_openkeyfile(const char *, struct passwd *, int); FILE *auth_openprincipals(const char *, struct passwd *, int); @@ -784,12 +783,12 @@ index becc672..84532d0 100644 int sshd_hostkey_sign(struct ssh *, struct sshkey *, struct sshkey *, u_char **, size_t *, const u_char *, size_t, const char *); +int hostbased_key_verify(struct ssh *, const struct sshkey *, const u_char *, size_t, -+ const u_char *, size_t, const char *, u_int); ++ const u_char *, size_t, const char *, u_int, struct sshkey_sig_details **); /* Key / cert options linkage to auth layer */ const struct sshauthopt *auth_options(struct ssh *); diff --git a/auth2-hostbased.c b/auth2-hostbased.c -index d460470..de26444 100644 +index 5e9b7c6..c0a09a3 100644 --- a/auth2-hostbased.c +++ b/auth2-hostbased.c @@ -150,7 +150,7 @@ userauth_hostbased(struct ssh *ssh) @@ -798,7 +797,7 @@ index d460470..de26444 100644 chost, key)) && - PRIVSEP(sshkey_verify(key, sig, slen, + PRIVSEP(hostbased_key_verify(ssh, key, sig, slen, - sshbuf_ptr(b), sshbuf_len(b), pkalg, ssh->compat)) == 0) + sshbuf_ptr(b), sshbuf_len(b), pkalg, ssh->compat, NULL)) == 0) authenticated = 1; @@ -167,6 +167,19 @@ done: @@ -807,11 +806,11 @@ index d460470..de26444 100644 +int +hostbased_key_verify(struct ssh *ssh, const struct sshkey *key, const u_char *sig, -+ size_t slen, const u_char *data, size_t datalen, const char *pkalg, u_int compat) ++ size_t slen, const u_char *data, size_t datalen, const char *pkalg, u_int compat, struct sshkey_sig_details **sigdet) +{ + int rv; + -+ rv = sshkey_verify(key, sig, slen, data, datalen, pkalg, compat); ++ rv = sshkey_verify(key, sig, slen, data, datalen, pkalg, compat, sigdet); +#ifdef SSH_AUDIT_EVENTS + audit_key(ssh, 0, &rv, key); +#endif @@ -822,10 +821,10 @@ index d460470..de26444 100644 int hostbased_key_allowed(struct ssh *ssh, struct passwd *pw, diff --git a/auth2-pubkey.c b/auth2-pubkey.c -index df12c2c..6062b8b 100644 +index 815ea0f..f8a4325 100644 --- a/auth2-pubkey.c +++ b/auth2-pubkey.c -@@ -210,7 +210,7 @@ userauth_pubkey(struct ssh *ssh) +@@ -212,7 +212,7 @@ userauth_pubkey(struct ssh *ssh) /* test for correct signature */ authenticated = 0; if (PRIVSEP(user_key_allowed(ssh, pw, key, 1, &authopts)) && @@ -833,18 +832,18 @@ index df12c2c..6062b8b 100644 + PRIVSEP(user_key_verify(ssh, key, sig, slen, sshbuf_ptr(b), sshbuf_len(b), (ssh->compat & SSH_BUG_SIGTYPE) == 0 ? pkalg : NULL, - ssh->compat)) == 0) { -@@ -269,6 +269,19 @@ done: + ssh->compat, &sig_details)) == 0) { +@@ -294,6 +294,19 @@ done: return authenticated; } +int +user_key_verify(struct ssh *ssh, const struct sshkey *key, const u_char *sig, -+ size_t slen, const u_char *data, size_t datalen, const char *pkalg, u_int compat) ++ size_t slen, const u_char *data, size_t datalen, const char *pkalg, u_int compat, struct sshkey_sig_details **sigdet) +{ + int rv; + -+ rv = sshkey_verify(key, sig, slen, data, datalen, pkalg, compat); ++ rv = sshkey_verify(key, sig, slen, data, datalen, pkalg, compat, sigdet); +#ifdef SSH_AUDIT_EVENTS + audit_key(ssh, 1, &rv, key); +#endif @@ -855,7 +854,7 @@ index df12c2c..6062b8b 100644 match_principals_option(const char *principal_list, struct sshkey_cert *cert) { diff --git a/auth2.c b/auth2.c -index 1c21726..e54509a 100644 +index a4a5e00..b12d2ac 100644 --- a/auth2.c +++ b/auth2.c @@ -293,9 +293,6 @@ input_userauth_request(int type, u_int32_t seq, struct ssh *ssh) @@ -869,7 +868,7 @@ index 1c21726..e54509a 100644 #ifdef USE_PAM if (options.use_pam) diff --git a/cipher.c b/cipher.c -index b67a4ff..e0d23a5 100644 +index 599b54a..7f25a18 100644 --- a/cipher.c +++ b/cipher.c @@ -58,25 +58,6 @@ @@ -898,17 +897,17 @@ index b67a4ff..e0d23a5 100644 static const struct sshcipher ciphers_all[] = { #ifdef WITH_OPENSSL #ifndef OPENSSL_NO_DES -@@ -451,7 +432,7 @@ cipher_get_length(struct sshcipher_ctx *cc, u_int *plenp, u_int seqnr, +@@ -462,7 +443,7 @@ cipher_get_length(struct sshcipher_ctx *cc, u_int *plenp, u_int seqnr, void cipher_free(struct sshcipher_ctx *cc) { - if (cc == NULL) + if (cc == NULL || cc->cipher == NULL) return; - if ((cc->cipher->flags & CFLAG_CHACHAPOLY) != 0) - explicit_bzero(&cc->cp_ctx, sizeof(cc->cp_ctx)); + if ((cc->cipher->flags & CFLAG_CHACHAPOLY) != 0) { + chachapoly_free(cc->cp_ctx); diff --git a/cipher.h b/cipher.h -index d7d8c89..2341068 100644 +index 626f2f5..b3383a5 100644 --- a/cipher.h +++ b/cipher.h @@ -47,7 +47,25 @@ @@ -939,10 +938,10 @@ index d7d8c89..2341068 100644 int plaintext; int encrypt; diff --git a/kex.c b/kex.c -index 92d8ee0..96e44a5 100644 +index fbb8e4f..39cad99 100644 --- a/kex.c +++ b/kex.c -@@ -60,6 +60,7 @@ +@@ -62,6 +62,7 @@ #include "ssherr.h" #include "sshbuf.h" #include "digest.h" @@ -950,7 +949,7 @@ index 92d8ee0..96e44a5 100644 #ifdef GSSAPI #include "ssh-gss.h" -@@ -856,12 +857,16 @@ kex_start_rekex(struct ssh *ssh) +@@ -857,12 +858,16 @@ kex_start_rekex(struct ssh *ssh) } static int @@ -969,7 +968,7 @@ index 92d8ee0..96e44a5 100644 if ((enc->cipher = cipher_by_name(name)) == NULL) { error("%s: unsupported cipher %s", __func__, name); free(name); -@@ -882,8 +887,12 @@ choose_mac(struct ssh *ssh, struct sshmac *mac, char *client, char *server) +@@ -883,8 +888,12 @@ choose_mac(struct ssh *ssh, struct sshmac *mac, char *client, char *server) { char *name = match_list(client, server, NULL); @@ -983,7 +982,7 @@ index 92d8ee0..96e44a5 100644 if (mac_setup(mac, name) < 0) { error("%s: unsupported MAC %s", __func__, name); free(name); -@@ -896,12 +905,16 @@ choose_mac(struct ssh *ssh, struct sshmac *mac, char *client, char *server) +@@ -897,12 +906,16 @@ choose_mac(struct ssh *ssh, struct sshmac *mac, char *client, char *server) } static int @@ -999,10 +998,10 @@ index 92d8ee0..96e44a5 100644 +#endif return SSH_ERR_NO_COMPRESS_ALG_MATCH; + } + #ifdef WITH_ZLIB if (strcmp(name, "zlib@openssh.com") == 0) { comp->type = COMP_DELAYED; - } else if (strcmp(name, "zlib") == 0) { -@@ -1039,7 +1052,7 @@ kex_choose_conf(struct ssh *ssh) +@@ -1043,7 +1056,7 @@ kex_choose_conf(struct ssh *ssh) nenc = ctos ? PROPOSAL_ENC_ALGS_CTOS : PROPOSAL_ENC_ALGS_STOC; nmac = ctos ? PROPOSAL_MAC_ALGS_CTOS : PROPOSAL_MAC_ALGS_STOC; ncomp = ctos ? PROPOSAL_COMP_ALGS_CTOS : PROPOSAL_COMP_ALGS_STOC; @@ -1011,7 +1010,7 @@ index 92d8ee0..96e44a5 100644 sprop[nenc])) != 0) { kex->failed_choice = peer[nenc]; peer[nenc] = NULL; -@@ -1054,7 +1067,7 @@ kex_choose_conf(struct ssh *ssh) +@@ -1058,7 +1071,7 @@ kex_choose_conf(struct ssh *ssh) peer[nmac] = NULL; goto out; } @@ -1020,7 +1019,7 @@ index 92d8ee0..96e44a5 100644 sprop[ncomp])) != 0) { kex->failed_choice = peer[ncomp]; peer[ncomp] = NULL; -@@ -1077,6 +1090,10 @@ kex_choose_conf(struct ssh *ssh) +@@ -1081,6 +1094,10 @@ kex_choose_conf(struct ssh *ssh) dh_need = MAXIMUM(dh_need, newkeys->enc.block_size); dh_need = MAXIMUM(dh_need, newkeys->enc.iv_len); dh_need = MAXIMUM(dh_need, newkeys->mac.key_len); @@ -1031,7 +1030,7 @@ index 92d8ee0..96e44a5 100644 } /* XXX need runden? */ kex->we_need = need; -@@ -1241,6 +1258,36 @@ dump_digest(const char *msg, const u_char *digest, int len) +@@ -1245,6 +1262,36 @@ dump_digest(const char *msg, const u_char *digest, int len) } #endif @@ -1118,7 +1117,7 @@ index 0b119d7..5fb593b 100644 #endif /* SSHMAC_H */ diff --git a/monitor.c b/monitor.c -index 20812fa..2e421cf 100644 +index cf775e5..fcd8283 100644 --- a/monitor.c +++ b/monitor.c @@ -93,6 +93,7 @@ @@ -1128,8 +1127,8 @@ index 20812fa..2e421cf 100644 +#include "audit.h" #include "match.h" #include "ssherr.h" - -@@ -107,6 +108,8 @@ extern u_char session_id[]; + #include "sk-api.h" +@@ -108,6 +109,8 @@ extern u_char session_id[]; extern struct sshbuf *loginmsg; extern struct sshauthopt *auth_opts; /* XXX move to permanent ssh->authctxt? */ @@ -1138,7 +1137,7 @@ index 20812fa..2e421cf 100644 /* State exported from the child */ static struct sshbuf *child_state; -@@ -154,6 +157,11 @@ int mm_answer_gss_updatecreds(struct ssh*, int, struct sshbuf *); +@@ -155,6 +158,11 @@ int mm_answer_gss_updatecreds(struct ssh*, int, struct sshbuf *); #ifdef SSH_AUDIT_EVENTS int mm_answer_audit_event(struct ssh *, int, struct sshbuf *); int mm_answer_audit_command(struct ssh *, int, struct sshbuf *); @@ -1150,7 +1149,7 @@ index 20812fa..2e421cf 100644 #endif static Authctxt *authctxt; -@@ -209,6 +217,10 @@ struct mon_table mon_dispatch_proto20[] = { +@@ -210,6 +218,10 @@ struct mon_table mon_dispatch_proto20[] = { #endif #ifdef SSH_AUDIT_EVENTS {MONITOR_REQ_AUDIT_EVENT, MON_PERMIT, mm_answer_audit_event}, @@ -1161,7 +1160,7 @@ index 20812fa..2e421cf 100644 #endif #ifdef BSD_AUTH {MONITOR_REQ_BSDAUTHQUERY, MON_ISAUTH, mm_answer_bsdauthquery}, -@@ -243,6 +255,11 @@ struct mon_table mon_dispatch_postauth20[] = { +@@ -244,6 +256,11 @@ struct mon_table mon_dispatch_postauth20[] = { #ifdef SSH_AUDIT_EVENTS {MONITOR_REQ_AUDIT_EVENT, MON_PERMIT, mm_answer_audit_event}, {MONITOR_REQ_AUDIT_COMMAND, MON_PERMIT, mm_answer_audit_command}, @@ -1173,19 +1172,19 @@ index 20812fa..2e421cf 100644 #endif {0, 0, NULL} }; -@@ -1408,8 +1425,10 @@ mm_answer_keyverify(struct ssh *ssh, int sock, struct sshbuf *m) - char *sigalg; +@@ -1406,8 +1423,10 @@ mm_answer_keyverify(struct ssh *ssh, int sock, struct sshbuf *m) size_t signaturelen, datalen, bloblen; - int r, ret, valid_data = 0, encoded_ret; + int r, ret, req_presence = 0, valid_data = 0, encoded_ret; + struct sshkey_sig_details *sig_details = NULL; + int type = 0; -- if ((r = sshbuf_get_string(m, &blob, &bloblen)) != 0 || +- if ((r = sshbuf_get_string_direct(m, &blob, &bloblen)) != 0 || + if ((r = sshbuf_get_u32(m, &type)) != 0 || -+ (r = sshbuf_get_string(m, &blob, &bloblen)) != 0 || - (r = sshbuf_get_string(m, &signature, &signaturelen)) != 0 || - (r = sshbuf_get_string(m, &data, &datalen)) != 0 || ++ (r = sshbuf_get_string_direct(m, &blob, &bloblen)) != 0 || + (r = sshbuf_get_string_direct(m, &signature, &signaturelen)) != 0 || + (r = sshbuf_get_string_direct(m, &data, &datalen)) != 0 || (r = sshbuf_get_cstring(m, &sigalg, NULL)) != 0) -@@ -1418,6 +1437,8 @@ mm_answer_keyverify(struct ssh *ssh, int sock, struct sshbuf *m) +@@ -1416,6 +1435,8 @@ mm_answer_keyverify(struct ssh *ssh, int sock, struct sshbuf *m) if (hostbased_cuser == NULL || hostbased_chost == NULL || !monitor_allowed_key(blob, bloblen)) fatal("%s: bad key, not previously allowed", __func__); @@ -1194,19 +1193,19 @@ index 20812fa..2e421cf 100644 /* Empty signature algorithm means NULL. */ if (*sigalg == '\0') { -@@ -1433,21 +1454,24 @@ mm_answer_keyverify(struct ssh *ssh, int sock, struct sshbuf *m) +@@ -1431,14 +1452,19 @@ mm_answer_keyverify(struct ssh *ssh, int sock, struct sshbuf *m) case MM_USERKEY: valid_data = monitor_valid_userblob(data, datalen); auth_method = "publickey"; + ret = user_key_verify(ssh, key, signature, signaturelen, data, -+ datalen, sigalg, ssh->compat); ++ datalen, sigalg, ssh->compat, &sig_details); break; case MM_HOSTKEY: valid_data = monitor_valid_hostbasedblob(data, datalen, hostbased_cuser, hostbased_chost); -+ ret = hostbased_key_verify(ssh, key, signature, signaturelen, data, -+ datalen, sigalg, ssh->compat); auth_method = "hostbased"; ++ ret = hostbased_key_verify(ssh, key, signature, signaturelen, data, ++ datalen, sigalg, ssh->compat, &sig_details); break; default: valid_data = 0; @@ -1214,14 +1213,16 @@ index 20812fa..2e421cf 100644 break; } if (!valid_data) - fatal("%s: bad signature data blob", __func__); +@@ -1448,8 +1474,6 @@ mm_answer_keyverify(struct ssh *ssh, int sock, struct sshbuf *m) + SSH_FP_DEFAULT)) == NULL) + fatal("%s: sshkey_fingerprint failed", __func__); - ret = sshkey_verify(key, signature, signaturelen, data, datalen, -- sigalg, ssh->compat); - debug3("%s: %s %p signature %s", __func__, auth_method, key, - (ret == 0) ? "verified" : "unverified"); - auth2_record_key(authctxt, ret == 0, key); -@@ -1499,13 +1523,19 @@ mm_record_login(struct ssh *ssh, Session *s, struct passwd *pw) +- sigalg, ssh->compat, &sig_details); + debug3("%s: %s %p signature %s%s%s", __func__, auth_method, key, + (ret == 0) ? "verified" : "unverified", + (ret != 0) ? ": " : "", (ret != 0) ? ssh_err(ret) : ""); +@@ -1524,13 +1548,19 @@ mm_record_login(struct ssh *ssh, Session *s, struct passwd *pw) } static void @@ -1242,7 +1243,7 @@ index 20812fa..2e421cf 100644 session_unused(s->self); } -@@ -1572,7 +1602,7 @@ mm_answer_pty(struct ssh *ssh, int sock, struct sshbuf *m) +@@ -1597,7 +1627,7 @@ mm_answer_pty(struct ssh *ssh, int sock, struct sshbuf *m) error: if (s != NULL) @@ -1251,7 +1252,7 @@ index 20812fa..2e421cf 100644 if ((r = sshbuf_put_u32(m, 0)) != 0) fatal("%s: buffer error: %s", __func__, ssh_err(r)); mm_request_send(sock, MONITOR_ANS_PTY, m); -@@ -1591,7 +1621,7 @@ mm_answer_pty_cleanup(struct ssh *ssh, int sock, struct sshbuf *m) +@@ -1616,7 +1646,7 @@ mm_answer_pty_cleanup(struct ssh *ssh, int sock, struct sshbuf *m) if ((r = sshbuf_get_cstring(m, &tty, NULL)) != 0) fatal("%s: buffer error: %s", __func__, ssh_err(r)); if ((s = session_by_tty(tty)) != NULL) @@ -1260,7 +1261,7 @@ index 20812fa..2e421cf 100644 sshbuf_reset(m); free(tty); return (0); -@@ -1613,6 +1643,8 @@ mm_answer_term(struct ssh *ssh, int sock, struct sshbuf *req) +@@ -1638,6 +1668,8 @@ mm_answer_term(struct ssh *ssh, int sock, struct sshbuf *req) sshpam_cleanup(); #endif @@ -1269,7 +1270,7 @@ index 20812fa..2e421cf 100644 while (waitpid(pmonitor->m_pid, &status, 0) == -1) if (errno != EINTR) exit(1); -@@ -1659,12 +1691,47 @@ mm_answer_audit_command(struct ssh *ssh, int socket, struct sshbuf *m) +@@ -1684,12 +1716,47 @@ mm_answer_audit_command(struct ssh *ssh, int socket, struct sshbuf *m) { char *cmd; int r; @@ -1318,7 +1319,7 @@ index 20812fa..2e421cf 100644 free(cmd); return (0); } -@@ -1730,6 +1797,7 @@ monitor_apply_keystate(struct ssh *ssh, struct monitor *pmonitor) +@@ -1755,6 +1822,7 @@ monitor_apply_keystate(struct ssh *ssh, struct monitor *pmonitor) void mm_get_keystate(struct ssh *ssh, struct monitor *pmonitor) { @@ -1326,7 +1327,7 @@ index 20812fa..2e421cf 100644 debug3("%s: Waiting for new keys", __func__); if ((child_state = sshbuf_new()) == NULL) -@@ -1737,6 +1805,19 @@ mm_get_keystate(struct ssh *ssh, struct monitor *pmonitor) +@@ -1762,6 +1830,19 @@ mm_get_keystate(struct ssh *ssh, struct monitor *pmonitor) mm_request_receive_expect(pmonitor->m_sendfd, MONITOR_REQ_KEYEXPORT, child_state); debug3("%s: GOT new keys", __func__); @@ -1346,7 +1347,7 @@ index 20812fa..2e421cf 100644 } -@@ -2014,3 +2095,102 @@ mm_answer_gss_updatecreds(struct ssh *ssh, int socket, struct sshbuf *m) { +@@ -2039,3 +2120,102 @@ mm_answer_gss_updatecreds(struct ssh *ssh, int socket, struct sshbuf *m) { #endif /* GSSAPI */ @@ -1469,7 +1470,7 @@ index 2b1a2d5..7817990 100644 MONITOR_REQ_GSSSIGN = 150, MONITOR_ANS_GSSSIGN = 151, MONITOR_REQ_GSSUPCREDS = 152, MONITOR_ANS_GSSUPCREDS = 153, diff --git a/monitor_wrap.c b/monitor_wrap.c -index fdca39a..b427dd6 100644 +index 6edb509..cb5e5f3 100644 --- a/monitor_wrap.c +++ b/monitor_wrap.c @@ -492,7 +492,7 @@ mm_key_allowed(enum mm_keytype type, const char *user, const char *host, @@ -1478,11 +1479,11 @@ index fdca39a..b427dd6 100644 int -mm_sshkey_verify(const struct sshkey *key, const u_char *sig, size_t siglen, +mm_sshkey_verify(enum mm_keytype type, const struct sshkey *key, const u_char *sig, size_t siglen, - const u_char *data, size_t datalen, const char *sigalg, u_int compat) + const u_char *data, size_t datalen, const char *sigalg, u_int compat, + struct sshkey_sig_details **sig_detailsp) { - struct sshbuf *m; -@@ -504,7 +504,8 @@ mm_sshkey_verify(const struct sshkey *key, const u_char *sig, size_t siglen, - +@@ -508,7 +508,8 @@ mm_sshkey_verify(const struct sshkey *key, const u_char *sig, size_t siglen, + *sig_detailsp = NULL; if ((m = sshbuf_new()) == NULL) fatal("%s: sshbuf_new failed", __func__); - if ((r = sshkey_puts(key, m)) != 0 || @@ -1491,28 +1492,28 @@ index fdca39a..b427dd6 100644 (r = sshbuf_put_string(m, sig, siglen)) != 0 || (r = sshbuf_put_string(m, data, datalen)) != 0 || (r = sshbuf_put_cstring(m, sigalg == NULL ? "" : sigalg)) != 0) -@@ -526,6 +527,20 @@ mm_sshkey_verify(const struct sshkey *key, const u_char *sig, size_t siglen, +@@ -541,6 +542,20 @@ mm_sshkey_verify(const struct sshkey *key, const u_char *sig, size_t siglen, return 0; } +int +mm_hostbased_key_verify(struct ssh *ssh, const struct sshkey *key, const u_char *sig, size_t siglen, -+ const u_char *data, size_t datalen, const char *pkalg, u_int compat) ++ const u_char *data, size_t datalen, const char *pkalg, u_int compat, struct sshkey_sig_details **sigdet) +{ -+ return mm_sshkey_verify(MM_HOSTKEY, key, sig, siglen, data, datalen, pkalg, compat); ++ return mm_sshkey_verify(MM_HOSTKEY, key, sig, siglen, data, datalen, pkalg, compat, sigdet); +} + +int +mm_user_key_verify(struct ssh *ssh, const struct sshkey *key, const u_char *sig, size_t siglen, -+ const u_char *data, size_t datalen, const char *pkalg, u_int compat) ++ const u_char *data, size_t datalen, const char *pkalg, u_int compat, struct sshkey_sig_details **sigdet) +{ -+ return mm_sshkey_verify(MM_USERKEY, key, sig, siglen, data, datalen, pkalg, compat); ++ return mm_sshkey_verify(MM_USERKEY, key, sig, siglen, data, datalen, pkalg, compat, sigdet); +} + void mm_send_keystate(struct ssh *ssh, struct monitor *monitor) { -@@ -879,11 +894,12 @@ mm_audit_event(struct ssh *ssh, ssh_audit_event_t event) +@@ -894,11 +909,12 @@ mm_audit_event(struct ssh *ssh, ssh_audit_event_t event) sshbuf_free(m); } @@ -1527,7 +1528,7 @@ index fdca39a..b427dd6 100644 debug3("%s entering command %s", __func__, command); -@@ -893,6 +909,30 @@ mm_audit_run_command(const char *command) +@@ -908,6 +924,30 @@ mm_audit_run_command(const char *command) fatal("%s: buffer error: %s", __func__, ssh_err(r)); mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_AUDIT_COMMAND, m); @@ -1558,7 +1559,7 @@ index fdca39a..b427dd6 100644 sshbuf_free(m); } #endif /* SSH_AUDIT_EVENTS */ -@@ -1053,3 +1093,83 @@ mm_ssh_gssapi_update_creds(ssh_gssapi_ccache *store) +@@ -1068,3 +1108,83 @@ mm_ssh_gssapi_update_creds(ssh_gssapi_ccache *store) } #endif /* GSSAPI */ @@ -1643,21 +1644,21 @@ index fdca39a..b427dd6 100644 +} +#endif /* SSH_AUDIT_EVENTS */ diff --git a/monitor_wrap.h b/monitor_wrap.h -index 92dda57..d413dac 100644 +index 485590c..73c095e 100644 --- a/monitor_wrap.h +++ b/monitor_wrap.h -@@ -56,7 +56,9 @@ int mm_user_key_allowed(struct ssh *, struct passwd *, struct sshkey *, int, +@@ -57,7 +57,9 @@ int mm_user_key_allowed(struct ssh *, struct passwd *, struct sshkey *, int, struct sshauthopt **); int mm_hostbased_key_allowed(struct ssh *, struct passwd *, const char *, const char *, struct sshkey *); -int mm_sshkey_verify(const struct sshkey *, const u_char *, size_t, +int mm_hostbased_key_verify(struct ssh *, const struct sshkey *, const u_char *, size_t, -+ const u_char *, size_t, const char *, u_int); -+int mm_user_key_verify(struct ssh*, const struct sshkey *, const u_char *, size_t, - const u_char *, size_t, const char *, u_int); ++ const u_char *, size_t, const char *, u_int, struct sshkey_sig_details **); ++int mm_user_key_verify(struct ssh *, const struct sshkey *, const u_char *, size_t, + const u_char *, size_t, const char *, u_int, struct sshkey_sig_details **); #ifdef GSSAPI -@@ -81,7 +83,12 @@ void mm_sshpam_free_ctx(void *); +@@ -82,7 +84,12 @@ void mm_sshpam_free_ctx(void *); #ifdef SSH_AUDIT_EVENTS #include "audit.h" void mm_audit_event(struct ssh *, ssh_audit_event_t); @@ -1672,18 +1673,18 @@ index 92dda57..d413dac 100644 struct Session; diff --git a/packet.c b/packet.c -index 817da43..aec02e4 100644 +index e7abb34..3e9c95e 100644 --- a/packet.c +++ b/packet.c -@@ -77,6 +77,7 @@ - #include +@@ -81,6 +81,7 @@ + #endif #include "xmalloc.h" +#include "audit.h" #include "compat.h" #include "ssh2.h" #include "cipher.h" -@@ -509,6 +510,13 @@ ssh_packet_get_connection_out(struct ssh *ssh) +@@ -515,6 +516,13 @@ ssh_packet_get_connection_out(struct ssh *ssh) return ssh->state->connection_out; } @@ -1697,7 +1698,7 @@ index 817da43..aec02e4 100644 /* * Returns the IP-address of the remote host as a string. The returned * string must not be freed. -@@ -586,22 +594,19 @@ ssh_packet_close_internal(struct ssh *ssh, int do_close) +@@ -592,22 +600,19 @@ ssh_packet_close_internal(struct ssh *ssh, int do_close) { struct session_state *state = ssh->state; u_int mode; @@ -1725,8 +1726,8 @@ index 817da43..aec02e4 100644 for (mode = 0; mode < MODE_MAX; mode++) { kex_free_newkeys(state->newkeys[mode]); /* current keys */ state->newkeys[mode] = NULL; -@@ -635,8 +640,18 @@ ssh_packet_close_internal(struct ssh *ssh, int do_close) - } +@@ -643,8 +648,18 @@ ssh_packet_close_internal(struct ssh *ssh, int do_close) + #endif /* WITH_ZLIB */ cipher_free(state->send_context); cipher_free(state->receive_context); + if (had_keys && state->server_side) { @@ -1744,7 +1745,7 @@ index 817da43..aec02e4 100644 free(ssh->local_ipaddr); ssh->local_ipaddr = NULL; free(ssh->remote_ipaddr); -@@ -863,6 +878,7 @@ ssh_set_newkeys(struct ssh *ssh, int mode) +@@ -899,6 +914,7 @@ ssh_set_newkeys(struct ssh *ssh, int mode) (unsigned long long)state->p_send.bytes, (unsigned long long)state->p_send.blocks); kex_free_newkeys(state->newkeys[mode]); @@ -1752,7 +1753,7 @@ index 817da43..aec02e4 100644 state->newkeys[mode] = NULL; } /* note that both bytes and the seqnr are not reset */ -@@ -2166,6 +2182,71 @@ ssh_packet_get_output(struct ssh *ssh) +@@ -2205,6 +2221,71 @@ ssh_packet_get_output(struct ssh *ssh) return (void *)ssh->state->output; } @@ -1825,17 +1826,17 @@ index 817da43..aec02e4 100644 static int ssh_packet_set_postauth(struct ssh *ssh) diff --git a/packet.h b/packet.h -index 8ccfd2e..cfd9ebe 100644 +index c2544bd..239b391 100644 --- a/packet.h +++ b/packet.h -@@ -217,4 +217,5 @@ const u_char *sshpkt_ptr(struct ssh *, size_t *lenp); +@@ -218,4 +218,5 @@ const u_char *sshpkt_ptr(struct ssh *, size_t *lenp); # undef EC_POINT #endif +void packet_destroy_all(struct ssh *, int, int); #endif /* PACKET_H */ diff --git a/session.c b/session.c -index 89f9539..07411f3 100644 +index 530aa26..9e7a8f8 100644 --- a/session.c +++ b/session.c @@ -136,7 +136,7 @@ extern char *__progname; @@ -1884,7 +1885,7 @@ index 89f9539..07411f3 100644 #endif if (s->ttyfd != -1) ret = do_exec_pty(ssh, s, command); -@@ -1531,8 +1543,11 @@ do_child(struct ssh *ssh, Session *s, const char *command) +@@ -1535,8 +1547,11 @@ do_child(struct ssh *ssh, Session *s, const char *command) sshpkt_fmt_connection_id(ssh, remote_id, sizeof(remote_id)); /* remove hostkey from the child's memory */ @@ -1897,7 +1898,7 @@ index 89f9539..07411f3 100644 /* Force a password change */ if (s->authctxt->force_pwchange) { -@@ -1741,6 +1756,9 @@ session_unused(int id) +@@ -1745,6 +1760,9 @@ session_unused(int id) sessions[id].ttyfd = -1; sessions[id].ptymaster = -1; sessions[id].x11_chanids = NULL; @@ -1907,7 +1908,7 @@ index 89f9539..07411f3 100644 sessions[id].next_unused = sessions_first_unused; sessions_first_unused = id; } -@@ -1822,6 +1840,19 @@ session_open(Authctxt *authctxt, int chanid) +@@ -1826,6 +1844,19 @@ session_open(Authctxt *authctxt, int chanid) return 1; } @@ -1927,7 +1928,7 @@ index 89f9539..07411f3 100644 Session * session_by_tty(char *tty) { -@@ -2433,6 +2464,32 @@ session_exit_message(struct ssh *ssh, Session *s, int status) +@@ -2437,6 +2468,32 @@ session_exit_message(struct ssh *ssh, Session *s, int status) chan_write_failed(ssh, c); } @@ -1960,7 +1961,7 @@ index 89f9539..07411f3 100644 void session_close(struct ssh *ssh, Session *s) { -@@ -2474,6 +2531,10 @@ session_close(struct ssh *ssh, Session *s) +@@ -2478,6 +2535,10 @@ session_close(struct ssh *ssh, Session *s) if (s->ttyfd != -1) session_pty_cleanup(s); @@ -1971,7 +1972,7 @@ index 89f9539..07411f3 100644 free(s->term); free(s->display); free(s->x11_chanids); -@@ -2549,14 +2610,14 @@ session_close_by_channel(struct ssh *ssh, int id, void *arg) +@@ -2553,14 +2614,14 @@ session_close_by_channel(struct ssh *ssh, int id, void *arg) } void @@ -1988,7 +1989,7 @@ index 89f9539..07411f3 100644 else session_close(ssh, s); } -@@ -2682,6 +2743,15 @@ do_authenticated2(struct ssh *ssh, Authctxt *authctxt) +@@ -2686,6 +2747,15 @@ do_authenticated2(struct ssh *ssh, Authctxt *authctxt) server_loop2(ssh, authctxt); } @@ -2004,7 +2005,7 @@ index 89f9539..07411f3 100644 void do_cleanup(struct ssh *ssh, Authctxt *authctxt) { -@@ -2745,7 +2815,7 @@ do_cleanup(struct ssh *ssh, Authctxt *authctxt) +@@ -2749,7 +2819,7 @@ do_cleanup(struct ssh *ssh, Authctxt *authctxt) * or if running in monitor. */ if (!use_privsep || mm_is_monitor()) @@ -2045,10 +2046,10 @@ index ce59dab..bcd4b1d 100644 void session_close(struct ssh *, Session *); void do_setusercontext(struct passwd *); diff --git a/sshd.c b/sshd.c -index 0d5c4c4..dca7b1e 100644 +index 7d23232..9c83ce0 100644 --- a/sshd.c +++ b/sshd.c -@@ -124,6 +124,7 @@ +@@ -122,6 +122,7 @@ #include "ssh-gss.h" #endif #include "monitor_wrap.h" @@ -2056,7 +2057,7 @@ index 0d5c4c4..dca7b1e 100644 #include "ssh-sandbox.h" #include "auth-options.h" #include "version.h" -@@ -272,8 +273,8 @@ struct sshbuf *loginmsg; +@@ -267,8 +268,8 @@ struct sshbuf *loginmsg; struct passwd *privsep_pw = NULL; /* Prototypes for various functions defined later in this file. */ @@ -2066,8 +2067,8 @@ index 0d5c4c4..dca7b1e 100644 +void demote_sensitive_data(struct ssh *); static void do_ssh2_kex(struct ssh *); - /* -@@ -289,6 +290,15 @@ close_listen_socks(void) + static char *listener_proctitle; +@@ -286,6 +287,15 @@ close_listen_socks(void) num_listen_socks = -1; } @@ -2083,7 +2084,7 @@ index 0d5c4c4..dca7b1e 100644 static void close_startup_pipes(void) { -@@ -395,18 +405,45 @@ grace_alarm_handler(int sig) +@@ -390,18 +400,45 @@ grace_alarm_handler(int sig) ssh_remote_port(the_active_state)); } @@ -2132,7 +2133,7 @@ index 0d5c4c4..dca7b1e 100644 sshkey_free(sensitive_data.host_certificates[i]); sensitive_data.host_certificates[i] = NULL; } -@@ -415,14 +452,26 @@ destroy_sensitive_data(void) +@@ -410,14 +447,26 @@ destroy_sensitive_data(void) /* Demote private to public keys for network child */ void @@ -2160,7 +2161,7 @@ index 0d5c4c4..dca7b1e 100644 if ((r = sshkey_from_private( sensitive_data.host_keys[i], &tmp)) != 0) fatal("could not demote host %s key: %s", -@@ -430,6 +479,12 @@ demote_sensitive_data(void) +@@ -425,6 +474,12 @@ demote_sensitive_data(void) ssh_err(r)); sshkey_free(sensitive_data.host_keys[i]); sensitive_data.host_keys[i] = tmp; @@ -2173,7 +2174,7 @@ index 0d5c4c4..dca7b1e 100644 } /* Certs do not need demotion */ } -@@ -457,7 +512,7 @@ reseed_prngs(void) +@@ -452,7 +507,7 @@ reseed_prngs(void) } static void @@ -2182,7 +2183,7 @@ index 0d5c4c4..dca7b1e 100644 { gid_t gidset[1]; -@@ -472,7 +527,7 @@ privsep_preauth_child(void) +@@ -467,7 +522,7 @@ privsep_preauth_child(void) reseed_prngs(); /* Demote the private keys to public keys. */ @@ -2191,7 +2192,7 @@ index 0d5c4c4..dca7b1e 100644 /* Demote the child */ if (privsep_chroot) { -@@ -507,7 +562,7 @@ privsep_preauth(struct ssh *ssh) +@@ -502,7 +557,7 @@ privsep_preauth(struct ssh *ssh) if (use_privsep == PRIVSEP_ON) box = ssh_sandbox_init(pmonitor); @@ -2200,7 +2201,7 @@ index 0d5c4c4..dca7b1e 100644 if (pid == -1) { fatal("fork of unprivileged child failed"); } else if (pid != 0) { -@@ -553,7 +608,7 @@ privsep_preauth(struct ssh *ssh) +@@ -548,7 +603,7 @@ privsep_preauth(struct ssh *ssh) /* Arrange for logging to be sent to the monitor */ set_log_handler(mm_log_handler, pmonitor); @@ -2209,7 +2210,7 @@ index 0d5c4c4..dca7b1e 100644 setproctitle("%s", "[net]"); if (box != NULL) ssh_sandbox_child(box); -@@ -597,7 +652,7 @@ privsep_postauth(struct ssh *ssh, Authctxt *authctxt) +@@ -592,7 +647,7 @@ privsep_postauth(struct ssh *ssh, Authctxt *authctxt) pmonitor->m_sendfd = -1; /* Demote the private keys to public keys. */ @@ -2218,7 +2219,7 @@ index 0d5c4c4..dca7b1e 100644 reseed_prngs(); -@@ -1060,7 +1115,7 @@ server_listen(void) +@@ -1101,7 +1156,7 @@ server_listen(void) * from this function are in a forked subprocess. */ static void @@ -2227,7 +2228,7 @@ index 0d5c4c4..dca7b1e 100644 { fd_set *fdset; int i, j, ret, maxfd; -@@ -1115,6 +1170,7 @@ server_accept_loop(int *sock_in, int *sock_out, int *newsock, int *config_s) +@@ -1162,6 +1217,7 @@ server_accept_loop(int *sock_in, int *sock_out, int *newsock, int *config_s) if (received_sigterm) { logit("Received signal %d; terminating.", (int) received_sigterm); @@ -2235,7 +2236,7 @@ index 0d5c4c4..dca7b1e 100644 close_listen_socks(); if (options.pid_file != NULL) unlink(options.pid_file); -@@ -1973,7 +2029,7 @@ main(int ac, char **av) +@@ -2039,7 +2095,7 @@ main(int ac, char **av) #endif /* Accept a connection and return in a forked child */ @@ -2244,7 +2245,7 @@ index 0d5c4c4..dca7b1e 100644 &newsock, config_s); } -@@ -2212,6 +2268,9 @@ main(int ac, char **av) +@@ -2274,6 +2330,9 @@ main(int ac, char **av) do_authenticated(ssh, authctxt); /* The connection has been terminated. */ @@ -2254,7 +2255,7 @@ index 0d5c4c4..dca7b1e 100644 ssh_packet_get_bytes(ssh, &ibytes, &obytes); verbose("Transferred: sent %llu, received %llu bytes", (unsigned long long)obytes, (unsigned long long)ibytes); -@@ -2393,6 +2452,15 @@ do_ssh2_kex(struct ssh *ssh) +@@ -2457,6 +2516,15 @@ do_ssh2_kex(struct ssh *ssh) void cleanup_exit(int i) { @@ -2270,7 +2271,7 @@ index 0d5c4c4..dca7b1e 100644 if (the_active_state != NULL && the_authctxt != NULL) { do_cleanup(the_active_state, the_authctxt); if (use_privsep && privsep_is_preauth && -@@ -2404,9 +2472,16 @@ cleanup_exit(int i) +@@ -2468,9 +2536,16 @@ cleanup_exit(int i) pmonitor->m_pid, strerror(errno)); } } @@ -2289,10 +2290,10 @@ index 0d5c4c4..dca7b1e 100644 #endif _exit(i); diff --git a/sshkey.c b/sshkey.c -index 4d2048b..142dc09 100644 +index 1ac32a0..f579108 100644 --- a/sshkey.c +++ b/sshkey.c -@@ -340,6 +340,38 @@ sshkey_type_is_valid_ca(int type) +@@ -368,6 +368,38 @@ sshkey_type_is_valid_ca(int type) } } @@ -2332,14 +2333,14 @@ index 4d2048b..142dc09 100644 sshkey_is_cert(const struct sshkey *k) { diff --git a/sshkey.h b/sshkey.h -index 1bf30d0..065ef0b 100644 +index f586e89..a08bc65 100644 --- a/sshkey.h +++ b/sshkey.h -@@ -164,6 +164,7 @@ int sshkey_shield_private(struct sshkey *); +@@ -187,6 +187,7 @@ int sshkey_shield_private(struct sshkey *); int sshkey_unshield_private(struct sshkey *); int sshkey_type_from_name(const char *); +int sshkey_is_private(const struct sshkey *); int sshkey_is_cert(const struct sshkey *); + int sshkey_is_sk(const struct sshkey *); int sshkey_type_is_cert(int); - int sshkey_type_plain(int); diff --git a/openssh-8.1p1-seccomp-clock_nanosleep.patch b/openssh-8.1p1-seccomp-clock_nanosleep.patch index 9f2bca5..805b26c 100644 --- a/openssh-8.1p1-seccomp-clock_nanosleep.patch +++ b/openssh-8.1p1-seccomp-clock_nanosleep.patch @@ -1,10 +1,10 @@ -Index: openssh-8.1p1/sandbox-seccomp-filter.c -=================================================================== ---- openssh-8.1p1.orig/sandbox-seccomp-filter.c -+++ openssh-8.1p1/sandbox-seccomp-filter.c -@@ -248,6 +248,9 @@ static const struct sock_filter preauth_ - #ifdef __NR_nanosleep - SC_ALLOW(__NR_nanosleep), +diff --git a/sandbox-seccomp-filter.c b/sandbox-seccomp-filter.c +index c1e689e..74f69bc 100644 +--- a/sandbox-seccomp-filter.c ++++ b/sandbox-seccomp-filter.c +@@ -264,6 +264,9 @@ static const struct sock_filter preauth_insns[] = { + #ifdef __NR_clock_gettime64 + SC_ALLOW(__NR_clock_gettime64), #endif +#ifdef __NR_clock_nanosleep + SC_ALLOW(__NR_clock_nanosleep), diff --git a/openssh-8.1p1.tar.gz b/openssh-8.1p1.tar.gz deleted file mode 100644 index 4bb509b..0000000 --- a/openssh-8.1p1.tar.gz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:02f5dbef3835d0753556f973cd57b4c19b6b1f6cd24c03445e23ac77ca1b93ff -size 1625894 diff --git a/openssh-8.1p1.tar.gz.asc b/openssh-8.1p1.tar.gz.asc deleted file mode 100644 index e70fa8a..0000000 --- a/openssh-8.1p1.tar.gz.asc +++ /dev/null @@ -1,14 +0,0 @@ ------BEGIN PGP SIGNATURE----- - -iQHDBAABCgAdFiEEWcIRjtIG2SfmZ+vj0+X1a22SDTAFAl2dLEgACgkQ0+X1a22S -DTAcUgx7BcRCaH7fb0AeQGvIrxXlyeN3uL6HOyo8MKkryN+y9zpvpcU6T8FBjtoh -zgjonewzodGj+C1ma0O9TgIfnUxdOVL+eQsPYgOWLJt2MzSnY/Ru+20J5ZGwGc+5 -pJcuV+xlAuwae/EL+Pk86CdQ0D6zaf9NBHGTNmrswwhT9B3UWSCbEmmc8jm0DChm -F5+dW1nK0n6YSQ9dVUH17/ujvego5WQkOiaSxjaK29/xS39BD6jrbwfFpL3/iKru -mWVzcNJaX5WL3ZUnyZRcIHzVpBdr2n0pLCnmqIT8LGPwI3razEbZKIDXf+q0ZA88 -wRfCL9aEVWjhG+v56c/NiM/wD3h3A4uh8fZeeeyP3hmgEv8Wp8g7fFxf5MaEJlGL -Oy6LeH0+x/uPySxaEvy4kuo/hapX2ClM16EMCUXHPwGIYRWdbTL7rzMTaoG3thyz -VO04LulI9Xmvadn6k3JR5mFPpIsV+LNwt3g+c+4rBWspOdTHnFqo+OO7Uk8Ee3E0 -/MeuPBtqQq9o7RkoY8wtVOqT8q9/6g== -=mpF6 ------END PGP SIGNATURE----- diff --git a/openssh-8.3p1.tar.gz b/openssh-8.3p1.tar.gz new file mode 100644 index 0000000..958a16b --- /dev/null +++ b/openssh-8.3p1.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:f2befbe0472fe7eb75d23340eb17531cb6b3aac24075e2066b41f814e12387b2 +size 1706358 diff --git a/openssh-8.3p1.tar.gz.asc b/openssh-8.3p1.tar.gz.asc new file mode 100644 index 0000000..23d640c --- /dev/null +++ b/openssh-8.3p1.tar.gz.asc @@ -0,0 +1,14 @@ +-----BEGIN PGP SIGNATURE----- + +iQHDBAABCgAdFiEEWcIRjtIG2SfmZ+vj0+X1a22SDTAFAl7N2TQACgkQ0+X1a22S +DTCXbAx/eycNNXxdVK3JtDQBUuSyup/eXeiuAdfTb77dKhdInk6ivaaKtVZ+3rlu +eEUwAY2Bf/majUUigI5OI/niODMqbYWBBDKRudQlDSGfH8XnRge6dRjIWXU6XvZP +MJpxVZWRorjnuCArWemlJ5QFxSds938Ae+7MFkveQ59UpRDeslYiI6twCXjRiZEL +e8lBfsfZqcOLO8KLVRvDx6sqD8EXlak8fhdjmjKdbvA4oWHLcwUcuaNT/o5I2ZWn +m2sOQcuhwt3+jm+f9SQKLURHcmGC6Hu5YXBq4+Ut7P9Qc9lAf76SDDnsrRQ8pv+Z +tLsXBO+bNe3tSkRbG/AQQRZtGEzlhM8KPyQ6oA0JqlN4Wb5XMWYFyYyJTwJ/95ZI +dluMmpwQTRVQGUNU7kVNe04TwRl+8APqvcnE3/i7MDm6EG5BHGcAneRmZfvt209F +z8yGtKQKCvZm5Rn9V0/Gm3+pq5O2sie90CPW9ebyPsajzQlrYBQPoJ1aQ+Ue4QE6 +gee5eO3TZOJJ3peTqjihGUtpKH+21w== +=lhX0 +-----END PGP SIGNATURE----- diff --git a/openssh-askpass-gnome.spec b/openssh-askpass-gnome.spec index 1f5bfd3..92dfc7e 100644 --- a/openssh-askpass-gnome.spec +++ b/openssh-askpass-gnome.spec @@ -1,7 +1,7 @@ # # spec file for package openssh-askpass-gnome # -# Copyright (c) 2020 SUSE LLC +# Copyright (c) 2020 SUSE LINUX GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -18,7 +18,7 @@ %define _name openssh Name: openssh-askpass-gnome -Version: 8.1p1 +Version: 8.3p1 Release: 0 Summary: A GNOME-Based Passphrase Dialog for OpenSSH License: BSD-2-Clause diff --git a/openssh.changes b/openssh.changes index 04a6e59..6f11825 100644 --- a/openssh.changes +++ b/openssh.changes @@ -1,3 +1,106 @@ +------------------------------------------------------------------- +Fri Jun 5 00:36:08 UTC 2020 - Hans Petter Jansson + +- Version update to 8.3p1: + = Potentially-incompatible changes + * sftp(1): reject an argument of "-1" in the same way as ssh(1) and + scp(1) do instead of accepting and silently ignoring it. + + = New features + * sshd(8): make IgnoreRhosts a tri-state option: "yes" to ignore + rhosts/shosts, "no" allow rhosts/shosts or (new) "shosts-only" + to allow .shosts files but not .rhosts. + * sshd(8): allow the IgnoreRhosts directive to appear anywhere in a + sshd_config, not just before any Match blocks. + * ssh(1): add %TOKEN percent expansion for the LocalFoward and + RemoteForward keywords when used for Unix domain socket forwarding. + * all: allow loading public keys from the unencrypted envelope of a + private key file if no corresponding public key file is present. + * ssh(1), sshd(8): prefer to use chacha20 from libcrypto where + possible instead of the (slower) portable C implementation included + in OpenSSH. + * ssh-keygen(1): add ability to dump the contents of a binary key + revocation list via "ssh-keygen -lQf /path". + +- Additional changes from 8.2p1 release: + = Potentially-incompatible changes + * ssh(1), sshd(8), ssh-keygen(1): this release removes the "ssh-rsa" + (RSA/SHA1) algorithm from those accepted for certificate signatures + (i.e. the client and server CASignatureAlgorithms option) and will + use the rsa-sha2-512 signature algorithm by default when the + ssh-keygen(1) CA signs new certificates. + * ssh(1), sshd(8): this release removes diffie-hellman-group14-sha1 + from the default key exchange proposal for both the client and + server. + * ssh-keygen(1): the command-line options related to the generation + and screening of safe prime numbers used by the + diffie-hellman-group-exchange-* key exchange algorithms have + changed. Most options have been folded under the -O flag. + * sshd(8): the sshd listener process title visible to ps(1) has + changed to include information about the number of connections that + are currently attempting authentication and the limits configured + by MaxStartups. + * ssh-sk-helper(8): this is a new binary. It is used by the FIDO/U2F + support to provide address-space isolation for token middleware + libraries (including the internal one). It needs to be installed + in the expected path, typically under /usr/libexec or similar. + + = New features + * This release adds support for FIDO/U2F hardware authenticators to + OpenSSH. U2F/FIDO are open standards for inexpensive two-factor + authentication hardware that are widely used for website + authentication. In OpenSSH FIDO devices are supported by new public + key types "ecdsa-sk" and "ed25519-sk", along with corresponding + certificate types. + * sshd(8): add an Include sshd_config keyword that allows including + additional configuration files via glob(3) patterns. + * ssh(1)/sshd(8): make the LE (low effort) DSCP code point available + via the IPQoS directive. + * ssh(1): when AddKeysToAgent=yes is set and the key contains no + comment, add the key to the agent with the key's path as the + comment. + * ssh-keygen(1), ssh-agent(1): expose PKCS#11 key labels and X.509 + subjects as key comments, rather than simply listing the PKCS#11 + provider library path. + * ssh-keygen(1): allow PEM export of DSA and ECDSA keys. + * ssh(1), sshd(8): make zlib compile-time optional, available via the + Makefile.inc ZLIB flag on OpenBSD or via the --with-zlib configure + option for OpenSSH portable. + * sshd(8): when clients get denied by MaxStartups, send a + notification prior to the SSH2 protocol banner according to + RFC4253 section 4.2. + * ssh(1), ssh-agent(1): when invoking the $SSH_ASKPASS prompt + program, pass a hint to the program to describe the type of + desired prompt. The possible values are "confirm" (indicating + that a yes/no confirmation dialog with no text entry should be + shown), "none" (to indicate an informational message only), or + blank for the original ssh-askpass behaviour of requesting a + password/phrase. + * ssh(1): allow forwarding a different agent socket to the path + specified by $SSH_AUTH_SOCK, by extending the existing ForwardAgent + option to accepting an explicit path or the name of an environment + variable in addition to yes/no. + * ssh-keygen(1): add a new signature operations "find-principals" to + look up the principal associated with a signature from an allowed- + signers file. + * sshd(8): expose the number of currently-authenticating connections + along with the MaxStartups limit in the process title visible to + "ps". + +- Rebased patches: + * openssh-7.7p1-cavstest-ctr.patch + * openssh-7.7p1-cavstest-kdf.patch + * openssh-7.7p1-fips.patch + * openssh-7.7p1-fips_checks.patch + * openssh-7.7p1-ldap.patch + * openssh-7.7p1-no_fork-no_pid_file.patch + * openssh-7.7p1-sftp_print_diagnostic_messages.patch + * openssh-8.0p1-gssapi-keyex.patch + * openssh-8.1p1-audit.patch + * openssh-8.1p1-seccomp-clock_nanosleep.patch + +- Removed openssh-7.7p1-seed-prng.patch (bsc#1165158). + ------------------------------------------------------------------- Sun May 31 11:25:07 UTC 2020 - Andreas Stieger diff --git a/openssh.spec b/openssh.spec index 6d6c0d0..00b915f 100644 --- a/openssh.spec +++ b/openssh.spec @@ -1,7 +1,7 @@ # # spec file for package openssh # -# Copyright (c) 2020 SUSE LLC +# Copyright (c) 2020 SUSE LINUX GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -35,7 +35,7 @@ %define _fillupdir %{_localstatedir}/adm/fillup-templates %endif Name: openssh -Version: 8.1p1 +Version: 8.3p1 Release: 0 Summary: Secure Shell Client and Server (Remote Login Program) License: BSD-2-Clause AND MIT @@ -77,7 +77,6 @@ Patch18: openssh-7.7p1-cavstest-ctr.patch Patch19: openssh-7.7p1-cavstest-kdf.patch # Local FIPS patchset Patch20: openssh-7.7p1-fips_checks.patch -Patch21: openssh-7.7p1-seed-prng.patch # https://bugzilla.mindrot.org/show_bug.cgi?id=2641 Patch22: openssh-7.7p1-systemd-notify.patch Patch23: openssh-8.0p1-gssapi-keyex.patch @@ -112,6 +111,7 @@ BuildRequires: openssl-devel BuildRequires: pam-devel BuildRequires: pkgconfig BuildRequires: zlib-devel +BuildRequires: pkgconfig(libfido2) BuildRequires: pkgconfig(libsystemd) Requires(post): %fillup_prereq Requires(pre): shadow @@ -211,6 +211,7 @@ export LDFLAGS CFLAGS CXXFLAGS CPPFLAGS --with-ldap \ --with-xauth=%{_bindir}/xauth \ --with-libedit \ + --with-security-key-builtin \ --target=%{_target_cpu}-suse-linux %make_build