From e8b9919265af5e75d91c6133dc6fb400313b65be26c2e520f8c44844dcde76de Mon Sep 17 00:00:00 2001 From: Petr Cerny Date: Wed, 31 May 2017 23:09:14 +0000 Subject: [PATCH 1/2] Accepting request 500279 from home:pcerny:factory - Fix preauth seccomp separation on mainframes (bsc#1016709) [openssh-7.2p2-s390_hw_crypto_syscalls.patch] [openssh-7.2p2-s390_OpenSSL-ibmpkcs11_syscalls.patch] - enable case-insensitive hostname matching (bsc#1017099) [openssh-7.2p2-ssh_case_insensitive_host_matching.patch] - add CAVS tests [openssh-7.2p2-cavstest-ctr.patch] [openssh-7.2p2-cavstest-kdf.patch] - Adding missing pieces for user matching (bsc#1021626) - Properly verify CIDR masks in configuration (bsc#1005893) [openssh-7.2p2-verify_CIDR_address_ranges.patch] - Remove pre-auth compression support from the server to prevent possible cryptographic attacks. (CVE-2016-10012, bsc#1016370) [openssh-7.2p2-disable_preauth_compression.patch] - limit directories for loading PKCS11 modules (CVE-2016-10009, bsc#1016366) [openssh-7.2p2-restrict_pkcs11-modules.patch] - Prevent possible leaks of host private keys to low-privilege process handling authentication (CVE-2016-10011, bsc#1016369) [openssh-7.2p2-prevent_private_key_leakage.patch] - Do not allow unix socket forwarding when running without privilege separation (CVE-2016-10010, bsc#1016368) [openssh-7.2p2-secure_unix_sockets_forwarding.patch] - prevent resource depletion during key exchange (bsc#1005480, CVE-2016-8858) [openssh-7.2p2-kex_resource_depletion.patch] OBS-URL: https://build.opensuse.org/request/show/500279 OBS-URL: https://build.opensuse.org/package/show/network/openssh?expand=0&rev=117 --- README.SUSE | 3 + README.kerberos | 1 - openssh-7.2p2-IPv6_X_forwarding.patch | 2 +- ...h-7.2p2-X_forward_with_disabled_ipv6.patch | 2 +- openssh-7.2p2-audit.patch | 18 +- openssh-7.2p2-audit_fixes.patch | 28 + openssh-7.2p2-audit_seed_prng.patch | 2 +- openssh-7.2p2-cavstest-ctr.patch | 300 ++++ openssh-7.2p2-cavstest-kdf.patch | 469 ++++++ openssh-7.2p2-disable_openssl_abi_check.patch | 4 +- ...sh-7.2p2-disable_preauth_compression.patch | 1317 +++++++++++++++++ openssh-7.2p2-fips.patch | 13 +- openssh-7.2p2-gssapi_key_exchange.patch | 16 +- openssh-7.2p2-host_ident.patch | 8 +- openssh-7.2p2-ignore_PAM_with_UseLogin.patch | 2 +- openssh-7.2p2-keep_slogin.patch | 66 + openssh-7.2p2-kex_resource_depletion.patch | 30 + openssh-7.2p2-ldap.patch | 44 +- openssh-7.2p2-limit_password_length.patch | 2 +- openssh-7.2p2-login_options.patch | 2 +- openssh-7.2p2-no_fork-no_pid_file.patch | 2 +- ...sh-7.2p2-prevent_private_key_leakage.patch | 188 +++ ....2p2-prevent_timing_user_enumeration.patch | 2 +- openssh-7.2p2-restrict_pkcs11-modules.patch | 297 ++++ ....2p2-s390_OpenSSL-ibmpkcs11_syscalls.patch | 82 + openssh-7.2p2-s390_hw_crypto_syscalls.patch | 100 ++ openssh-7.2p2-seccomp_geteuid.patch | 34 + openssh-7.2p2-seccomp_getuid.patch | 2 +- openssh-7.2p2-seccomp_stat.patch | 2 +- ...7.2p2-secure_unix_sockets_forwarding.patch | 51 + openssh-7.2p2-sftp_force_permissions.patch | 2 +- openssh-7.2p2-sftp_homechroot.patch | 2 +- ...2-ssh_case_insensitive_host_matching.patch | 87 ++ ...ssh-7.2p2-verify_CIDR_address_ranges.patch | 175 +++ openssh-askpass-gnome.spec | 2 +- openssh.changes | 44 + openssh.spec | 77 +- 37 files changed, 3388 insertions(+), 90 deletions(-) create mode 100644 openssh-7.2p2-audit_fixes.patch create mode 100644 openssh-7.2p2-cavstest-ctr.patch create mode 100644 openssh-7.2p2-cavstest-kdf.patch create mode 100644 openssh-7.2p2-disable_preauth_compression.patch create mode 100644 openssh-7.2p2-keep_slogin.patch create mode 100644 openssh-7.2p2-kex_resource_depletion.patch create mode 100644 openssh-7.2p2-prevent_private_key_leakage.patch create mode 100644 openssh-7.2p2-restrict_pkcs11-modules.patch create mode 100644 openssh-7.2p2-s390_OpenSSL-ibmpkcs11_syscalls.patch create mode 100644 openssh-7.2p2-s390_hw_crypto_syscalls.patch create mode 100644 openssh-7.2p2-seccomp_geteuid.patch create mode 100644 openssh-7.2p2-secure_unix_sockets_forwarding.patch create mode 100644 openssh-7.2p2-ssh_case_insensitive_host_matching.patch create mode 100644 openssh-7.2p2-verify_CIDR_address_ranges.patch diff --git a/README.SUSE b/README.SUSE index 1bf2887..ff52c59 100644 --- a/README.SUSE +++ b/README.SUSE @@ -22,5 +22,8 @@ There are following changes in default settings of ssh client and server: - the size of DSA keys is limited by the standard to 1024 bits which cannot be considered safe any more. +* Accepting all RFC4419 specified DH group parameters. See KexDHMin in + ssh_config and sshd_config manual pages. + For more information on differences in SUSE OpenSSH package see README.FIPS diff --git a/README.kerberos b/README.kerberos index 19fa209..d01ccd3 100644 --- a/README.kerberos +++ b/README.kerberos @@ -1,4 +1,3 @@ - This version of the Kerbros/GSSAPI support avoids DNS lookups for Kerberos-related names. These DNS lookups were problematic for dialup users because they would lead to excessive delays diff --git a/openssh-7.2p2-IPv6_X_forwarding.patch b/openssh-7.2p2-IPv6_X_forwarding.patch index 067f644..8cbf2f8 100644 --- a/openssh-7.2p2-IPv6_X_forwarding.patch +++ b/openssh-7.2p2-IPv6_X_forwarding.patch @@ -1,5 +1,5 @@ # HG changeset patch -# Parent 8c4cb20b9633595de68131224b2d434e8dc41e17 +# Parent 9130c9e19c8a076a7f6f214070283cd3e0326894 Correctly parse DISPLAY variable for cases where it contains an IPv6 address (which should - but not always is - in (square) brackets). diff --git a/openssh-7.2p2-X_forward_with_disabled_ipv6.patch b/openssh-7.2p2-X_forward_with_disabled_ipv6.patch index 6b83f3b..eff8ec8 100644 --- a/openssh-7.2p2-X_forward_with_disabled_ipv6.patch +++ b/openssh-7.2p2-X_forward_with_disabled_ipv6.patch @@ -1,5 +1,5 @@ # HG changeset patch -# Parent 28e8840bbf49c6e603bf2b55a08ed9050a60f9fb +# Parent 2afee80335d5ef7efcf64f3a797e9b10ce0de4ae Do not throw away already open sockets for X11 forwarding if another socket family is not available for bind() diff --git a/openssh-7.2p2-audit.patch b/openssh-7.2p2-audit.patch index d8c570a..6394aca 100644 --- a/openssh-7.2p2-audit.patch +++ b/openssh-7.2p2-audit.patch @@ -1,22 +1,20 @@ # HG changeset patch -# Parent af5c4026e36e7aa181c164d2eca72b7e2a8a897a +# Parent 83f18171bc2394ccd39fb176fe110b529da83a78 Extended auditing through the Linux Auditing subsystem diff --git a/openssh-7.2p2/Makefile.in b/openssh-7.2p2/Makefile.in --- a/openssh-7.2p2/Makefile.in +++ b/openssh-7.2p2/Makefile.in -@@ -88,17 +88,18 @@ LIBSSH_OBJS=${LIBOPENSSH_OBJS} \ - ssh-pkcs11.o smult_curve25519_ref.o \ - poly1305.o chacha.o cipher-chachapoly.o \ +@@ -94,16 +94,17 @@ LIBSSH_OBJS=${LIBOPENSSH_OBJS} \ ssh-ed25519.o digest-openssl.o digest-libc.o hmac.o \ sc25519.o ge25519.o fe25519.o ed25519.o verify.o hash.o blocks.o \ kex.o kexdh.o kexgex.o kexecdh.o kexc25519.o \ kexdhc.o kexgexc.o kexecdhc.o kexc25519c.o kexgssc.o \ kexdhs.o kexgexs.o kexecdhs.o kexc25519s.o kexgsss.o \ - platform-pledge.o \ -- fips.o -+ fips.o \ -+ auditstub.o + platform-pledge.o + + LIBSSH_OBJS += fips.o ++LIBSSH_OBJS += auditstub.o SSHOBJS= ssh.o readconf.o clientloop.o sshtty.o \ sshconnect.o sshconnect1.o sshconnect2.o mux.o @@ -2433,8 +2431,8 @@ diff --git a/openssh-7.2p2/packet.h b/openssh-7.2p2/packet.h diff --git a/openssh-7.2p2/sandbox-seccomp-filter.c b/openssh-7.2p2/sandbox-seccomp-filter.c --- a/openssh-7.2p2/sandbox-seccomp-filter.c +++ b/openssh-7.2p2/sandbox-seccomp-filter.c -@@ -157,16 +157,22 @@ static const struct sock_filter preauth_ - SC_ALLOW(getuid32), +@@ -163,16 +163,22 @@ static const struct sock_filter preauth_ + SC_ALLOW(geteuid32), #endif #ifdef __NR_getrandom SC_ALLOW(getrandom), diff --git a/openssh-7.2p2-audit_fixes.patch b/openssh-7.2p2-audit_fixes.patch new file mode 100644 index 0000000..3f93379 --- /dev/null +++ b/openssh-7.2p2-audit_fixes.patch @@ -0,0 +1,28 @@ +# HG changeset patch +# Parent 51a3a8eab1493a799c5a9df95e8e757f872886d0 +Various auditing fixes to be merged into the RH-originated patch. + +diff --git a/openssh-7.2p2/packet.c b/openssh-7.2p2/packet.c +--- a/openssh-7.2p2/packet.c ++++ b/openssh-7.2p2/packet.c +@@ -375,16 +375,20 @@ ssh_packet_start_discard(struct ssh *ssh + + int + ssh_packet_connection_is_on_socket(struct ssh *ssh) + { + struct session_state *state = ssh->state; + struct sockaddr_storage from, to; + socklen_t fromlen, tolen; + ++ /* auditing might get here without valid connection structure when ++ * destroying sensitive data on exit and thus aborting disgracefully */ ++ if (!ssh) ++ return 0; + /* filedescriptors in and out are the same, so it's a socket */ + if (state->connection_in == state->connection_out) + return 1; + fromlen = sizeof(from); + memset(&from, 0, sizeof(from)); + if (getpeername(state->connection_in, (struct sockaddr *)&from, + &fromlen) < 0) + return 0; diff --git a/openssh-7.2p2-audit_seed_prng.patch b/openssh-7.2p2-audit_seed_prng.patch index 372f43e..9346f80 100644 --- a/openssh-7.2p2-audit_seed_prng.patch +++ b/openssh-7.2p2-audit_seed_prng.patch @@ -1,5 +1,5 @@ # HG changeset patch -# Parent 3aad88a155050008275527c0624ae6fa05d0cdad +# Parent e6ff441d171012183f7bd37cb7399473e8376acd Audit PRNG re-seeding diff --git a/openssh-7.2p2/audit-bsm.c b/openssh-7.2p2/audit-bsm.c diff --git a/openssh-7.2p2-cavstest-ctr.patch b/openssh-7.2p2-cavstest-ctr.patch new file mode 100644 index 0000000..6a8763d --- /dev/null +++ b/openssh-7.2p2-cavstest-ctr.patch @@ -0,0 +1,300 @@ +# HG changeset patch +# Parent cb502e7e796ac9289a571167a97ad9ec91562efb +CAVS test for OpenSSH's own CTR encryption mode implementation + +diff --git a/openssh-7.2p2/Makefile.in b/openssh-7.2p2/Makefile.in +--- a/openssh-7.2p2/Makefile.in ++++ b/openssh-7.2p2/Makefile.in +@@ -21,16 +21,17 @@ top_srcdir=@top_srcdir@ + + DESTDIR= + VPATH=@srcdir@ + SSH_PROGRAM=@bindir@/ssh + ASKPASS_PROGRAM=$(libexecdir)/ssh-askpass + SFTP_SERVER=$(libexecdir)/sftp-server + SSH_KEYSIGN=$(libexecdir)/ssh-keysign + SSH_PKCS11_HELPER=$(libexecdir)/ssh-pkcs11-helper ++CAVSTEST_CTR=$(libexecdir)/cavstest-ctr + PRIVSEP_PATH=@PRIVSEP_PATH@ + SSH_PRIVSEP_USER=@SSH_PRIVSEP_USER@ + STRIP_OPT=@STRIP_OPT@ + TEST_SHELL=@TEST_SHELL@ + + PATHS= -DSSHDIR=\"$(sysconfdir)\" \ + -D_PATH_SSH_PROGRAM=\"$(SSH_PROGRAM)\" \ + -D_PATH_SSH_ASKPASS_DEFAULT=\"$(ASKPASS_PROGRAM)\" \ +@@ -59,16 +60,18 @@ SED=@SED@ + ENT=@ENT@ + XAUTH_PATH=@XAUTH_PATH@ + LDFLAGS=-L. -Lopenbsd-compat/ @LDFLAGS@ + EXEEXT=@EXEEXT@ + MANFMT=@MANFMT@ + + TARGETS=ssh$(EXEEXT) sshd$(EXEEXT) ssh-add$(EXEEXT) ssh-keygen$(EXEEXT) ssh-keyscan${EXEEXT} ssh-keysign${EXEEXT} ssh-pkcs11-helper$(EXEEXT) ssh-agent$(EXEEXT) scp$(EXEEXT) sftp-server$(EXEEXT) sftp$(EXEEXT) + ++TARGETS += cavstest-ctr$(EXEEXT) ++ + LIBOPENSSH_OBJS=\ + ssh_api.o \ + ssherr.o \ + sshbuf.o \ + sshkey.o \ + sshbuf-getput-basic.o \ + sshbuf-misc.o \ + sshbuf-getput-crypto.o \ +@@ -190,16 +193,20 @@ ssh-keyscan$(EXEEXT): $(LIBCOMPAT) libss + $(LD) -o $@ ssh-keyscan.o $(LDFLAGS) -lssh -lopenbsd-compat -lssh $(LIBS) + + sftp-server$(EXEEXT): $(LIBCOMPAT) libssh.a sftp.o sftp-common.o sftp-server.o sftp-server-main.o + $(LD) -o $@ sftp-server.o sftp-common.o sftp-server-main.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS) + + sftp$(EXEEXT): $(LIBCOMPAT) libssh.a sftp.o sftp-client.o sftp-common.o sftp-glob.o progressmeter.o + $(LD) -o $@ progressmeter.o sftp.o sftp-client.o sftp-common.o sftp-glob.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS) $(LIBEDIT) + ++# FIPS tests ++cavstest-ctr$(EXEEXT): $(LIBCOMPAT) libssh.a cavstest-ctr.o ++ $(LD) -o $@ cavstest-ctr.o $(LDFLAGS) -lssh -lopenbsd-compat -lssh $(LIBS) ++ + # test driver for the loginrec code - not built by default + logintest: logintest.o $(LIBCOMPAT) libssh.a loginrec.o + $(LD) -o $@ logintest.o $(LDFLAGS) loginrec.o -lopenbsd-compat -lssh $(LIBS) + + $(MANPAGES): $(MANPAGES_IN) + if test "$(MANTYPE)" = "cat"; then \ + manpage=$(srcdir)/`echo $@ | sed 's/\.[1-9]\.out$$/\.0/'`; \ + else \ +@@ -310,16 +317,17 @@ install-files: + $(INSTALL) -m 0755 $(STRIP_OPT) ssh-agent$(EXEEXT) $(DESTDIR)$(bindir)/ssh-agent$(EXEEXT) + $(INSTALL) -m 0755 $(STRIP_OPT) ssh-keygen$(EXEEXT) $(DESTDIR)$(bindir)/ssh-keygen$(EXEEXT) + $(INSTALL) -m 0755 $(STRIP_OPT) ssh-keyscan$(EXEEXT) $(DESTDIR)$(bindir)/ssh-keyscan$(EXEEXT) + $(INSTALL) -m 0755 $(STRIP_OPT) sshd$(EXEEXT) $(DESTDIR)$(sbindir)/sshd$(EXEEXT) + $(INSTALL) -m 4711 $(STRIP_OPT) ssh-keysign$(EXEEXT) $(DESTDIR)$(SSH_KEYSIGN)$(EXEEXT) + $(INSTALL) -m 0755 $(STRIP_OPT) ssh-pkcs11-helper$(EXEEXT) $(DESTDIR)$(SSH_PKCS11_HELPER)$(EXEEXT) + $(INSTALL) -m 0755 $(STRIP_OPT) sftp$(EXEEXT) $(DESTDIR)$(bindir)/sftp$(EXEEXT) + $(INSTALL) -m 0755 $(STRIP_OPT) sftp-server$(EXEEXT) $(DESTDIR)$(SFTP_SERVER)$(EXEEXT) ++ $(INSTALL) -m 0755 $(STRIP_OPT) cavstest-ctr$(EXEEXT) $(DESTDIR)$(libexecdir)/cavstest-ctr$(EXEEXT) + $(INSTALL) -m 644 ssh.1.out $(DESTDIR)$(mandir)/$(mansubdir)1/ssh.1 + $(INSTALL) -m 644 scp.1.out $(DESTDIR)$(mandir)/$(mansubdir)1/scp.1 + $(INSTALL) -m 644 ssh-add.1.out $(DESTDIR)$(mandir)/$(mansubdir)1/ssh-add.1 + $(INSTALL) -m 644 ssh-agent.1.out $(DESTDIR)$(mandir)/$(mansubdir)1/ssh-agent.1 + $(INSTALL) -m 644 ssh-keygen.1.out $(DESTDIR)$(mandir)/$(mansubdir)1/ssh-keygen.1 + $(INSTALL) -m 644 ssh-keyscan.1.out $(DESTDIR)$(mandir)/$(mansubdir)1/ssh-keyscan.1 + $(INSTALL) -m 644 moduli.5.out $(DESTDIR)$(mandir)/$(mansubdir)5/moduli.5 + $(INSTALL) -m 644 sshd_config.5.out $(DESTDIR)$(mandir)/$(mansubdir)5/sshd_config.5 +diff --git a/openssh-7.2p2/cavstest-ctr.c b/openssh-7.2p2/cavstest-ctr.c +new file mode 100644 +--- /dev/null ++++ b/openssh-7.2p2/cavstest-ctr.c +@@ -0,0 +1,212 @@ ++/* ++ * ++ * invocation (all of the following are equal): ++ * ./ctr-cavstest --algo aes128-ctr --key 987212980144b6a632e864031f52dacc --mode encrypt --data a6deca405eef2e8e4609abf3c3ccf4a6 ++ * ./ctr-cavstest --algo aes128-ctr --key 987212980144b6a632e864031f52dacc --mode encrypt --data a6deca405eef2e8e4609abf3c3ccf4a6 --iv 00000000000000000000000000000000 ++ * echo -n a6deca405eef2e8e4609abf3c3ccf4a6 | ./ctr-cavstest --algo aes128-ctr --key 987212980144b6a632e864031f52dacc --mode encrypt ++ */ ++ ++#include "includes.h" ++ ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++ ++#include "xmalloc.h" ++#include "log.h" ++#include "cipher.h" ++ ++/* compatibility with old or broken OpenSSL versions */ ++#include "openbsd-compat/openssl-compat.h" ++ ++void ++usage(void) ++{ ++ fprintf(stderr, "Usage: ctr-cavstest --algo \n" ++ " --key --mode \n" ++ " [--iv ] --data \n\n" ++ "Hexadecimal output is printed to stdout.\n" ++ "Hexadecimal input data can be alternatively read from stdin.\n"); ++ exit(1); ++} ++ ++void * ++fromhex(char *hex, size_t * len) ++{ ++ unsigned char *bin; ++ char *p; ++ size_t n = 0; ++ int shift = 4; ++ unsigned char out = 0; ++ unsigned char *optr; ++ ++ bin = xmalloc(strlen(hex) / 2); ++ optr = bin; ++ ++ for (p = hex; *p != '\0'; ++p) { ++ unsigned char c; ++ ++ c = *p; ++ if (isspace(c)) ++ continue; ++ ++ if (c >= '0' && c <= '9') { ++ c = c - '0'; ++ } else if (c >= 'A' && c <= 'F') { ++ c = c - 'A' + 10; ++ } else if (c >= 'a' && c <= 'f') { ++ c = c - 'a' + 10; ++ } else { ++ /* truncate on nonhex cipher */ ++ break; ++ } ++ ++ out |= c << shift; ++ shift = (shift + 4) % 8; ++ ++ if (shift) { ++ *(optr++) = out; ++ out = 0; ++ ++n; ++ } ++ } ++ ++ *len = n; ++ return bin; ++} ++ ++#define READ_CHUNK 4096 ++#define MAX_READ_SIZE 1024*1024*100 ++char * ++read_stdin(void) ++{ ++ char *buf; ++ size_t n, total = 0; ++ ++ buf = xmalloc(READ_CHUNK); ++ ++ do { ++ n = fread(buf + total, 1, READ_CHUNK, stdin); ++ if (n < READ_CHUNK) /* terminate on short read */ ++ break; ++ ++ total += n; ++ buf = xreallocarray(buf, total + READ_CHUNK, 1); ++ } while (total < MAX_READ_SIZE); ++ return buf; ++} ++ ++int ++main(int argc, char *argv[]) ++{ ++ ++ struct sshcipher *c; ++ struct sshcipher_ctx cc; ++ char *algo = "aes128-ctr"; ++ char *hexkey = NULL; ++ char *hexiv = "00000000000000000000000000000000"; ++ char *hexdata = NULL; ++ char *p; ++ int i; ++ int encrypt = 1; ++ void *key; ++ size_t keylen; ++ void *iv; ++ size_t ivlen; ++ void *data; ++ size_t datalen; ++ void *outdata; ++ ++ for (i = 1; i < argc; ++i) { ++ if (strcmp(argv[i], "--algo") == 0) { ++ algo = argv[++i]; ++ } else if (strcmp(argv[i], "--key") == 0) { ++ hexkey = argv[++i]; ++ } else if (strcmp(argv[i], "--mode") == 0) { ++ ++i; ++ if (argv[i] == NULL) { ++ usage(); ++ } ++ if (strncmp(argv[i], "enc", 3) == 0) { ++ encrypt = 1; ++ } else if (strncmp(argv[i], "dec", 3) == 0) { ++ encrypt = 0; ++ } else { ++ usage(); ++ } ++ } else if (strcmp(argv[i], "--iv") == 0) { ++ hexiv = argv[++i]; ++ } else if (strcmp(argv[i], "--data") == 0) { ++ hexdata = argv[++i]; ++ } ++ } ++ ++ if (hexkey == NULL || algo == NULL) { ++ usage(); ++ } ++ ++ SSLeay_add_all_algorithms(); ++ ++ c = cipher_by_name(algo); ++ if (c == NULL) { ++ fprintf(stderr, "Error: unknown algorithm\n"); ++ return 2; ++ } ++ ++ if (hexdata == NULL) { ++ hexdata = read_stdin(); ++ } else { ++ hexdata = xstrdup(hexdata); ++ } ++ ++ key = fromhex(hexkey, &keylen); ++ ++ if (keylen != 16 && keylen != 24 && keylen == 32) { ++ fprintf(stderr, "Error: unsupported key length\n"); ++ return 2; ++ } ++ ++ iv = fromhex(hexiv, &ivlen); ++ ++ if (ivlen != 16) { ++ fprintf(stderr, "Error: unsupported iv length\n"); ++ return 2; ++ } ++ ++ data = fromhex(hexdata, &datalen); ++ ++ if (data == NULL || datalen == 0) { ++ fprintf(stderr, "Error: no data to encrypt/decrypt\n"); ++ return 2; ++ } ++ ++ cipher_init(&cc, c, key, keylen, iv, ivlen, encrypt); ++ ++ free(key); ++ free(iv); ++ ++ outdata = malloc(datalen); ++ if (outdata == NULL) { ++ fprintf(stderr, "Error: memory allocation failure\n"); ++ return 2; ++ } ++ ++ cipher_crypt(&cc, 0, outdata, data, datalen, 0, 0); ++ ++ free(data); ++ ++ cipher_cleanup(&cc); ++ ++ for (p = outdata; datalen > 0; ++p, --datalen) { ++ printf("%02X", (unsigned char) *p); ++ } ++ ++ free(outdata); ++ ++ printf("\n"); ++ return 0; ++} diff --git a/openssh-7.2p2-cavstest-kdf.patch b/openssh-7.2p2-cavstest-kdf.patch new file mode 100644 index 0000000..893078b --- /dev/null +++ b/openssh-7.2p2-cavstest-kdf.patch @@ -0,0 +1,469 @@ +# HG changeset patch +# Parent f9ffcfb88e5a9d611a61aee3571050dea67e363e +CAVS test for KDF implementation in OpenSSH + +diff --git a/openssh-7.2p2/Makefile.in b/openssh-7.2p2/Makefile.in +--- a/openssh-7.2p2/Makefile.in ++++ b/openssh-7.2p2/Makefile.in +@@ -22,16 +22,17 @@ top_srcdir=@top_srcdir@ + DESTDIR= + VPATH=@srcdir@ + SSH_PROGRAM=@bindir@/ssh + ASKPASS_PROGRAM=$(libexecdir)/ssh-askpass + SFTP_SERVER=$(libexecdir)/sftp-server + SSH_KEYSIGN=$(libexecdir)/ssh-keysign + SSH_PKCS11_HELPER=$(libexecdir)/ssh-pkcs11-helper + CAVSTEST_CTR=$(libexecdir)/cavstest-ctr ++CAVSTEST_KDF=$(libexecdir)/cavstest-kdf + PRIVSEP_PATH=@PRIVSEP_PATH@ + SSH_PRIVSEP_USER=@SSH_PRIVSEP_USER@ + STRIP_OPT=@STRIP_OPT@ + TEST_SHELL=@TEST_SHELL@ + + PATHS= -DSSHDIR=\"$(sysconfdir)\" \ + -D_PATH_SSH_PROGRAM=\"$(SSH_PROGRAM)\" \ + -D_PATH_SSH_ASKPASS_DEFAULT=\"$(ASKPASS_PROGRAM)\" \ +@@ -60,17 +61,17 @@ SED=@SED@ + ENT=@ENT@ + XAUTH_PATH=@XAUTH_PATH@ + LDFLAGS=-L. -Lopenbsd-compat/ @LDFLAGS@ + EXEEXT=@EXEEXT@ + MANFMT=@MANFMT@ + + TARGETS=ssh$(EXEEXT) sshd$(EXEEXT) ssh-add$(EXEEXT) ssh-keygen$(EXEEXT) ssh-keyscan${EXEEXT} ssh-keysign${EXEEXT} ssh-pkcs11-helper$(EXEEXT) ssh-agent$(EXEEXT) scp$(EXEEXT) sftp-server$(EXEEXT) sftp$(EXEEXT) + +-TARGETS += cavstest-ctr$(EXEEXT) ++TARGETS += cavstest-ctr$(EXEEXT) cavstest-kdf$(EXEEXT) + + LIBOPENSSH_OBJS=\ + ssh_api.o \ + ssherr.o \ + sshbuf.o \ + sshkey.o \ + sshbuf-getput-basic.o \ + sshbuf-misc.o \ +@@ -197,16 +198,19 @@ sftp-server$(EXEEXT): $(LIBCOMPAT) libss + + sftp$(EXEEXT): $(LIBCOMPAT) libssh.a sftp.o sftp-client.o sftp-common.o sftp-glob.o progressmeter.o + $(LD) -o $@ progressmeter.o sftp.o sftp-client.o sftp-common.o sftp-glob.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS) $(LIBEDIT) + + # FIPS tests + cavstest-ctr$(EXEEXT): $(LIBCOMPAT) libssh.a cavstest-ctr.o + $(LD) -o $@ cavstest-ctr.o $(LDFLAGS) -lssh -lopenbsd-compat -lssh $(LIBS) + ++cavstest-kdf$(EXEEXT): $(LIBCOMPAT) libssh.a cavstest-kdf.o ++ $(LD) -o $@ cavstest-kdf.o $(LDFLAGS) -lssh -lopenbsd-compat -lssh $(LIBS) ++ + # test driver for the loginrec code - not built by default + logintest: logintest.o $(LIBCOMPAT) libssh.a loginrec.o + $(LD) -o $@ logintest.o $(LDFLAGS) loginrec.o -lopenbsd-compat -lssh $(LIBS) + + $(MANPAGES): $(MANPAGES_IN) + if test "$(MANTYPE)" = "cat"; then \ + manpage=$(srcdir)/`echo $@ | sed 's/\.[1-9]\.out$$/\.0/'`; \ + else \ +@@ -318,16 +322,17 @@ install-files: + $(INSTALL) -m 0755 $(STRIP_OPT) ssh-keygen$(EXEEXT) $(DESTDIR)$(bindir)/ssh-keygen$(EXEEXT) + $(INSTALL) -m 0755 $(STRIP_OPT) ssh-keyscan$(EXEEXT) $(DESTDIR)$(bindir)/ssh-keyscan$(EXEEXT) + $(INSTALL) -m 0755 $(STRIP_OPT) sshd$(EXEEXT) $(DESTDIR)$(sbindir)/sshd$(EXEEXT) + $(INSTALL) -m 4711 $(STRIP_OPT) ssh-keysign$(EXEEXT) $(DESTDIR)$(SSH_KEYSIGN)$(EXEEXT) + $(INSTALL) -m 0755 $(STRIP_OPT) ssh-pkcs11-helper$(EXEEXT) $(DESTDIR)$(SSH_PKCS11_HELPER)$(EXEEXT) + $(INSTALL) -m 0755 $(STRIP_OPT) sftp$(EXEEXT) $(DESTDIR)$(bindir)/sftp$(EXEEXT) + $(INSTALL) -m 0755 $(STRIP_OPT) sftp-server$(EXEEXT) $(DESTDIR)$(SFTP_SERVER)$(EXEEXT) + $(INSTALL) -m 0755 $(STRIP_OPT) cavstest-ctr$(EXEEXT) $(DESTDIR)$(libexecdir)/cavstest-ctr$(EXEEXT) ++ $(INSTALL) -m 0755 $(STRIP_OPT) cavstest-kdf$(EXEEXT) $(DESTDIR)$(libexecdir)/cavstest-kdf$(EXEEXT) + $(INSTALL) -m 644 ssh.1.out $(DESTDIR)$(mandir)/$(mansubdir)1/ssh.1 + $(INSTALL) -m 644 scp.1.out $(DESTDIR)$(mandir)/$(mansubdir)1/scp.1 + $(INSTALL) -m 644 ssh-add.1.out $(DESTDIR)$(mandir)/$(mansubdir)1/ssh-add.1 + $(INSTALL) -m 644 ssh-agent.1.out $(DESTDIR)$(mandir)/$(mansubdir)1/ssh-agent.1 + $(INSTALL) -m 644 ssh-keygen.1.out $(DESTDIR)$(mandir)/$(mansubdir)1/ssh-keygen.1 + $(INSTALL) -m 644 ssh-keyscan.1.out $(DESTDIR)$(mandir)/$(mansubdir)1/ssh-keyscan.1 + $(INSTALL) -m 644 moduli.5.out $(DESTDIR)$(mandir)/$(mansubdir)5/moduli.5 + $(INSTALL) -m 644 sshd_config.5.out $(DESTDIR)$(mandir)/$(mansubdir)5/sshd_config.5 +diff --git a/openssh-7.2p2/cavstest-kdf.c b/openssh-7.2p2/cavstest-kdf.c +new file mode 100644 +--- /dev/null ++++ b/openssh-7.2p2/cavstest-kdf.c +@@ -0,0 +1,382 @@ ++/* ++ * Copyright (C) 2015, Stephan Mueller ++ * ++ * Redistribution and use in source and binary forms, with or without ++ * modification, are permitted provided that the following conditions ++ * are met: ++ * 1. Redistributions of source code must retain the above copyright ++ * notice, and the entire permission notice in its entirety, ++ * including the disclaimer of warranties. ++ * 2. Redistributions in binary form must reproduce the above copyright ++ * notice, this list of conditions and the following disclaimer in the ++ * documentation and/or other materials provided with the distribution. ++ * 3. The name of the author may not be used to endorse or promote ++ * products derived from this software without specific prior ++ * written permission. ++ * ++ * ALTERNATIVELY, this product may be distributed under the terms of ++ * the GNU General Public License, in which case the provisions of the GPL2 ++ * are required INSTEAD OF the above restrictions. (This clause is ++ * necessary due to a potential bad interaction between the GPL and ++ * the restrictions contained in a BSD-style copyright.) ++ * ++ * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED ++ * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES ++ * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE, ALL OF ++ * WHICH ARE HEREBY DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE ++ * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR ++ * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT ++ * OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR ++ * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF ++ * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT ++ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE ++ * USE OF THIS SOFTWARE, EVEN IF NOT ADVISED OF THE POSSIBILITY OF SUCH ++ * DAMAGE. ++ */ ++ ++#include "includes.h" ++ ++#include ++#include ++#include ++#include ++#include ++ ++#include ++ ++#include "xmalloc.h" ++#include "buffer.h" ++#include "key.h" ++#include "cipher.h" ++#include "kex.h" ++#include "packet.h" ++ ++static int bin_char(unsigned char hex) ++{ ++ if (48 <= hex && 57 >= hex) ++ return (hex - 48); ++ if (65 <= hex && 70 >= hex) ++ return (hex - 55); ++ if (97 <= hex && 102 >= hex) ++ return (hex - 87); ++ return 0; ++} ++ ++/* ++ * Convert hex representation into binary string ++ * @hex input buffer with hex representation ++ * @hexlen length of hex ++ * @bin output buffer with binary data ++ * @binlen length of already allocated bin buffer (should be at least ++ * half of hexlen -- if not, only a fraction of hexlen is converted) ++ */ ++static void hex2bin(const char *hex, size_t hexlen, ++ unsigned char *bin, size_t binlen) ++{ ++ size_t i = 0; ++ size_t chars = (binlen > (hexlen / 2)) ? (hexlen / 2) : binlen; ++ ++ for (i = 0; i < chars; i++) { ++ bin[i] = bin_char(hex[(i*2)]) << 4; ++ bin[i] |= bin_char(hex[((i*2)+1)]); ++ } ++} ++ ++/* ++ * Allocate sufficient space for binary representation of hex ++ * and convert hex into bin ++ * ++ * Caller must free bin ++ * @hex input buffer with hex representation ++ * @hexlen length of hex ++ * @bin return value holding the pointer to the newly allocated buffer ++ * @binlen return value holding the allocated size of bin ++ * ++ * return: 0 on success, !0 otherwise ++ */ ++static int hex2bin_alloc(const char *hex, size_t hexlen, ++ unsigned char **bin, size_t *binlen) ++{ ++ unsigned char *out = NULL; ++ size_t outlen = 0; ++ ++ if (!hexlen) ++ return -EINVAL; ++ ++ outlen = (hexlen + 1) / 2; ++ ++ out = calloc(1, outlen); ++ if (!out) ++ return -errno; ++ ++ hex2bin(hex, hexlen, out, outlen); ++ *bin = out; ++ *binlen = outlen; ++ return 0; ++} ++ ++static char hex_char_map_l[] = { '0', '1', '2', '3', '4', '5', '6', '7', ++ '8', '9', 'a', 'b', 'c', 'd', 'e', 'f' }; ++static char hex_char_map_u[] = { '0', '1', '2', '3', '4', '5', '6', '7', ++ '8', '9', 'A', 'B', 'C', 'D', 'E', 'F' }; ++static char hex_char(unsigned int bin, int u) ++{ ++ if (bin < sizeof(hex_char_map_l)) ++ return (u) ? hex_char_map_u[bin] : hex_char_map_l[bin]; ++ return 'X'; ++} ++ ++/* ++ * Convert binary string into hex representation ++ * @bin input buffer with binary data ++ * @binlen length of bin ++ * @hex output buffer to store hex data ++ * @hexlen length of already allocated hex buffer (should be at least ++ * twice binlen -- if not, only a fraction of binlen is converted) ++ * @u case of hex characters (0=>lower case, 1=>upper case) ++ */ ++static void bin2hex(const unsigned char *bin, size_t binlen, ++ char *hex, size_t hexlen, int u) ++{ ++ size_t i = 0; ++ size_t chars = (binlen > (hexlen / 2)) ? (hexlen / 2) : binlen; ++ ++ for (i = 0; i < chars; i++) { ++ hex[(i*2)] = hex_char((bin[i] >> 4), u); ++ hex[((i*2)+1)] = hex_char((bin[i] & 0x0f), u); ++ } ++} ++ ++struct kdf_cavs { ++ unsigned char *K; ++ size_t Klen; ++ unsigned char *H; ++ size_t Hlen; ++ unsigned char *session_id; ++ size_t session_id_len; ++ ++ unsigned int iv_len; ++ unsigned int ek_len; ++ unsigned int ik_len; ++}; ++ ++static int sshkdf_cavs(struct kdf_cavs *test) ++{ ++ int ret = 0; ++ struct kex kex; ++ struct ssh ssh; ++ BIGNUM *Kbn = NULL; ++ int mode = 0; ++ struct newkeys *keys_client; ++ struct newkeys *keys_server; ++ ++#define HEXOUTLEN 500 ++ char hex[HEXOUTLEN]; ++ ++ memset(&ssh, 0, sizeof(struct ssh)); ++ memset(&kex, 0, sizeof(struct kex)); ++ ssh.kex = &kex; ++ ++ Kbn = BN_new(); ++ BN_bin2bn(test->K, test->Klen, Kbn); ++ if (!Kbn) { ++ printf("cannot convert K into BIGNUM\n"); ++ ret = 1; ++ goto out; ++ } ++ ++ kex.session_id = test->session_id; ++ kex.session_id_len = test->session_id_len; ++ ++ /* setup kex */ ++ ++ /* select the right hash based on struct ssh_digest digests */ ++ switch (test->ik_len) { ++ case 20: ++ kex.hash_alg = 2; ++ break; ++ case 32: ++ kex.hash_alg = 3; ++ break; ++ case 48: ++ kex.hash_alg = 4; ++ break; ++ case 64: ++ kex.hash_alg = 5; ++ break; ++ default: ++ printf("Wrong hash type %u\n", test->ik_len); ++ ret = 1; ++ goto out; ++ } ++ ++ /* implement choose_enc */ ++ for (mode = 0; mode < 2; mode++) { ++ kex.newkeys[mode] = calloc(1, sizeof(struct newkeys)); ++ if (!kex.newkeys[mode]) { ++ printf("allocation of newkeys failed\n"); ++ ret = 1; ++ goto out; ++ } ++ kex.newkeys[mode]->enc.iv_len = test->iv_len; ++ kex.newkeys[mode]->enc.key_len = test->ek_len; ++ kex.newkeys[mode]->enc.block_size = (test->iv_len == 64) ? 8 : 16; ++ kex.newkeys[mode]->mac.key_len = test->ik_len; ++ } ++ ++ /* implement kex_choose_conf */ ++ kex.we_need = kex.newkeys[0]->enc.key_len; ++ if (kex.we_need < kex.newkeys[0]->enc.block_size) ++ kex.we_need = kex.newkeys[0]->enc.block_size; ++ if (kex.we_need < kex.newkeys[0]->enc.iv_len) ++ kex.we_need = kex.newkeys[0]->enc.iv_len; ++ if (kex.we_need < kex.newkeys[0]->mac.key_len) ++ kex.we_need = kex.newkeys[0]->mac.key_len; ++ ++ /* MODE_OUT (1) -> server to client ++ * MODE_IN (0) -> client to server */ ++ kex.server = 1; ++ ++ /* do it */ ++ kex_derive_keys_bn(&ssh, test->H, test->Hlen, Kbn); ++ ++ keys_client = ssh.kex->newkeys[0]; ++ keys_server = ssh.kex->newkeys[1]; ++ ++ /* get data */ ++ memset(hex, 0, HEXOUTLEN); ++ bin2hex(keys_client->enc.iv, (size_t)keys_client->enc.iv_len, ++ hex, HEXOUTLEN, 0); ++ printf("Initial IV (client to server) = %s\n", hex); ++ ++ memset(hex, 0, HEXOUTLEN); ++ bin2hex(keys_server->enc.iv, (size_t)keys_server->enc.iv_len, ++ hex, HEXOUTLEN, 0); ++ printf("Initial IV (server to client) = %s\n", hex); ++ ++ memset(hex, 0, HEXOUTLEN); ++ bin2hex(keys_client->enc.key, (size_t)keys_client->enc.key_len, ++ hex, HEXOUTLEN, 0); ++ printf("Encryption key (client to server) = %s\n", hex); ++ ++ memset(hex, 0, HEXOUTLEN); ++ bin2hex(keys_server->enc.key, (size_t)keys_server->enc.key_len, ++ hex, HEXOUTLEN, 0); ++ printf("Encryption key (server to client) = %s\n", hex); ++ ++ memset(hex, 0, HEXOUTLEN); ++ bin2hex(keys_client->mac.key, (size_t)keys_client->mac.key_len, ++ hex, HEXOUTLEN, 0); ++ printf("Integrity key (client to server) = %s\n", hex); ++ ++ memset(hex, 0, HEXOUTLEN); ++ bin2hex(keys_server->mac.key, (size_t)keys_server->mac.key_len, ++ hex, HEXOUTLEN, 0); ++ printf("Integrity key (server to client) = %s\n", hex); ++ ++ free(keys_client); ++ free(keys_server); ++ ++out: ++ if (Kbn) ++ BN_free(Kbn); ++ if (kex.newkeys[0]) ++ free(kex.newkeys[0]); ++ if (kex.newkeys[1]) ++ free(kex.newkeys[1]); ++ return ret; ++} ++ ++static void usage(void) ++{ ++ fprintf(stderr, "\nOpenSSH KDF CAVS Test\n\n"); ++ fprintf(stderr, "Usage:\n"); ++ fprintf(stderr, "\t-K\tShared secret string\n"); ++ fprintf(stderr, "\t-H\tHash string\n"); ++ fprintf(stderr, "\t-s\tSession ID string\n"); ++ fprintf(stderr, "\t-i\tIV length to be generated\n"); ++ fprintf(stderr, "\t-e\tEncryption key length to be generated\n"); ++ fprintf(stderr, "\t-m\tMAC key length to be generated\n"); ++} ++ ++/* ++ * Test command example: ++ * ./ssh-cavs -K 0055d50f2d163cc07cd8a93cc7c3430c30ce786b572c01ad29fec7597000cf8618d664e2ec3dcbc8bb7a1a7eb7ef67f61cdaf291625da879186ac0a5cb27af571b59612d6a6e0627344d846271959fda61c78354aa498773d59762f8ca2d0215ec590d8633de921f920d41e47b3de6ab9a3d0869e1c826d0e4adebf8e3fb646a15dea20a410b44e969f4b791ed6a67f13f1b74234004d5fa5e87eff7abc32d49bbdf44d7b0107e8f10609233b7e2b7eff74a4daf25641de7553975dac6ac1e5117df6f6dbaa1c263d23a6c3e5a3d7d49ae8a828c1e333ac3f85fbbf57b5c1a45be45e43a7be1a4707eac779b8285522d1f531fe23f890fd38a004339932b93eda4 -H d3ab91a850febb417a25d892ec48ed5952c7a5de -s d3ab91a850febb417a25d892ec48ed5952c7a5de -i 8 -e 24 -m 20 ++ * ++ * Expected result for example: ++ * Initial IV (client to server) = 4bb320d1679dfd3a ++ * Encryption key (client to server) = 13048cc600b9d3cf9095aa6cf8e2ff9cf1c54ca0520c89ed ++ * Integrity key (client to server) = ecef63a092b0dcc585bdc757e01b2740af57d640 ++ * Initial IV (server to client) = 43dea6fdf263a308 ++ * Encryption key (server to client) = 1e483c5134e901aa11fc4e0a524e7ec7b75556148a222bb0 ++ * Integrity key (server to client) = 7424b05f3c44a72b4ebd281fb71f9cbe7b64d479 ++ */ ++int main(int argc, char *argv[]) ++{ ++ struct kdf_cavs test; ++ int ret = 1; ++ int opt = 0; ++ ++ memset(&test, 0, sizeof(struct kdf_cavs)); ++ while((opt = getopt(argc, argv, "K:H:s:i:e:m:")) != -1) ++ { ++ size_t len = 0; ++ switch(opt) ++ { ++ /* ++ * CAVS K is MPINT ++ * we want a hex (i.e. the caller must ensure the ++ * following transformations already happened): ++ * 1. cut off first four bytes ++ * 2. if most significant bit of value is ++ * 1, prepend 0 byte ++ */ ++ case 'K': ++ len = strlen(optarg); ++ ret = hex2bin_alloc(optarg, len, ++ &test.K, &test.Klen); ++ if (ret) ++ goto out; ++ break; ++ case 'H': ++ len = strlen(optarg); ++ ret = hex2bin_alloc(optarg, len, ++ &test.H, &test.Hlen); ++ if (ret) ++ goto out; ++ break; ++ case 's': ++ len = strlen(optarg); ++ ret = hex2bin_alloc(optarg, len, ++ &test.session_id, ++ &test.session_id_len); ++ if (ret) ++ goto out; ++ break; ++ case 'i': ++ test.iv_len = strtoul(optarg, NULL, 10); ++ break; ++ case 'e': ++ test.ek_len = strtoul(optarg, NULL, 10); ++ break; ++ case 'm': ++ test.ik_len = strtoul(optarg, NULL, 10); ++ break; ++ default: ++ usage(); ++ goto out; ++ } ++ } ++ ++ ret = sshkdf_cavs(&test); ++ ++out: ++ if (test.session_id) ++ free(test.session_id); ++ if (test.K) ++ free(test.K); ++ if (test.H) ++ free(test.H); ++ return ret; ++ ++} diff --git a/openssh-7.2p2-disable_openssl_abi_check.patch b/openssh-7.2p2-disable_openssl_abi_check.patch index ff077dd..fbc0932 100644 --- a/openssh-7.2p2-disable_openssl_abi_check.patch +++ b/openssh-7.2p2-disable_openssl_abi_check.patch @@ -1,5 +1,5 @@ # HG changeset patch -# Parent 16c4937db837ab7cdbe0422b81de0e7a9a8479cd +# Parent 4821397c95e57962905e6d47554bef9e4ea57483 disable run-time check for OpenSSL ABI by version number as that is not a reliable indicator of ABI changes and doesn't make much sense in a distribution package @@ -7,7 +7,7 @@ distribution package diff --git a/openssh-7.2p2/configure.ac b/openssh-7.2p2/configure.ac --- a/openssh-7.2p2/configure.ac +++ b/openssh-7.2p2/configure.ac -@@ -4639,16 +4639,29 @@ AC_ARG_WITH([bsd-auth], +@@ -4663,16 +4663,29 @@ AC_ARG_WITH([bsd-auth], if test "x$withval" != "xno" ; then AC_DEFINE([BSD_AUTH], [1], [Define if you have BSD auth support]) diff --git a/openssh-7.2p2-disable_preauth_compression.patch b/openssh-7.2p2-disable_preauth_compression.patch new file mode 100644 index 0000000..8905ec0 --- /dev/null +++ b/openssh-7.2p2-disable_preauth_compression.patch @@ -0,0 +1,1317 @@ +# HG changeset patch +# Parent 37850c481e0e7840bdb6bcf2c07279ed8391335c +Remove preauth compression support for security reasons and cleanup unused +code. + +CVE-2016-10012 - part 1 +bsc#1016370 + +backported upstream commit 0082fba4efdd492f765ed4c53f0d0fbd3bdbdf7f +backported upstream commit 1cfd5c06efb121e58e8b6671548fda77ef4b4455 +backported upstream commit 4577adead6a7d600c8e764619d99477a08192c8f +backported upstream commit b7689155f3f5c4999846c07a852b1c7a43b09cec + +diff --git a/openssh-7.2p2/Makefile.in b/openssh-7.2p2/Makefile.in +--- a/openssh-7.2p2/Makefile.in ++++ b/openssh-7.2p2/Makefile.in +@@ -111,17 +111,17 @@ SSHOBJS= ssh.o readconf.o clientloop.o s + + SSHDOBJS=sshd.o auth-rhosts.o auth-passwd.o auth-rsa.o auth-rh-rsa.o \ + audit.o audit-bsm.o audit-linux.o platform.o \ + sshpty.o sshlogin.o servconf.o serverloop.o \ + auth.o auth1.o auth2.o auth-options.o session.o \ + auth-chall.o auth2-chall.o groupaccess.o \ + auth-skey.o auth-bsdauth.o auth2-hostbased.o auth2-kbdint.o \ + auth2-none.o auth2-passwd.o auth2-pubkey.o \ +- monitor_mm.o monitor.o monitor_wrap.o auth-krb5.o \ ++ monitor.o monitor_wrap.o auth-krb5.o \ + auth2-gss.o gss-serv.o gss-serv-krb5.o \ + loginrec.o auth-pam.o auth-shadow.o auth-sia.o md5crypt.o \ + sftp-server.o sftp-common.o \ + sandbox-null.o sandbox-rlimit.o sandbox-systrace.o sandbox-darwin.o \ + sandbox-seccomp-filter.o sandbox-capsicum.o sandbox-pledge.o \ + sandbox-solaris.o + + MANPAGES = moduli.5.out scp.1.out ssh-add.1.out ssh-agent.1.out ssh-keygen.1.out ssh-keyscan.1.out ssh.1.out sshd.8.out sftp-server.8.out sftp.1.out ssh-keysign.8.out ssh-pkcs11-helper.8.out sshd_config.5.out ssh_config.5.out ssh-ldap-helper.8.out ssh-ldap.conf.5.out +diff --git a/openssh-7.2p2/README.privsep b/openssh-7.2p2/README.privsep +--- a/openssh-7.2p2/README.privsep ++++ b/openssh-7.2p2/README.privsep +@@ -3,20 +3,16 @@ operations that require root privilege a + privileged monitor process. Its purpose is to prevent privilege + escalation by containing corruption to an unprivileged process. + More information is available at: + http://www.citi.umich.edu/u/provos/ssh/privsep.html + + Privilege separation is now enabled by default; see the + UsePrivilegeSeparation option in sshd_config(5). + +-On systems which lack mmap or anonymous (MAP_ANON) memory mapping, +-compression must be disabled in order for privilege separation to +-function. +- + When privsep is enabled, during the pre-authentication phase sshd will + chroot(2) to "/var/empty" and change its privileges to the "sshd" user + and its primary group. sshd is a pseudo-account that should not be + used by other daemons, and must be locked and should contain a + "nologin" or invalid shell. + + You should do something like the following to prepare the privsep + preauth environment: +@@ -30,19 +26,16 @@ preauth environment: + /var/empty should not contain any files. + + configure supports the following options to change the default + privsep user and chroot directory: + + --with-privsep-path=xxx Path for privilege separation chroot + --with-privsep-user=user Specify non-privileged user for privilege separation + +-Privsep requires operating system support for file descriptor passing. +-Compression will be disabled on systems without a working mmap MAP_ANON. +- + PAM-enabled OpenSSH is known to function with privsep on AIX, FreeBSD, + HP-UX (including Trusted Mode), Linux, NetBSD and Solaris. + + On Cygwin, Tru64 Unix, OpenServer, and Unicos only the pre-authentication + part of privsep is supported. Post-authentication privsep is disabled + automatically (so you won't see the additional process mentioned below). + + Note that for a normal interactive login with a shell, enabling privsep +diff --git a/openssh-7.2p2/TODO b/openssh-7.2p2/TODO +--- a/openssh-7.2p2/TODO ++++ b/openssh-7.2p2/TODO +@@ -64,20 +64,16 @@ Clean up configure/makefiles: + similar tests. E.g move all the type detection stuff into one file, + entropy related stuff into another. + + Packaging: + - HP-UX: Provide DEPOT package scripts. + (gilbert.r.loomis@saic.com) + + PrivSep Issues: +-- mmap() issues. +- + /dev/zero solution (Solaris) +- + No/broken MAP_ANON (Irix) +- + broken /dev/zero parse (Linux) + - PAM + + See above PAM notes + - AIX + + usrinfo() does not set TTY, but only required for legacy systems. Works + with PrivSep. + - OSF + + SIA is broken + - Cygwin +diff --git a/openssh-7.2p2/configure.ac b/openssh-7.2p2/configure.ac +--- a/openssh-7.2p2/configure.ac ++++ b/openssh-7.2p2/configure.ac +@@ -1176,17 +1176,16 @@ mips-sony-bsd|mips-sony-newsos4) + *-*-nto-qnx6*) + AC_DEFINE([DISABLE_FD_PASSING]) + ;; + esac + ;; + + *-*-ultrix*) + AC_DEFINE([BROKEN_GETGROUPS], [1], [getgroups(0,NULL) will return -1]) +- AC_DEFINE([BROKEN_MMAP], [1], [Ultrix mmap can't map files]) + AC_DEFINE([NEED_SETPGRP]) + AC_DEFINE([HAVE_SYS_SYSLOG_H], [1], [Force use of sys/syslog.h on Ultrix]) + ;; + + *-*-lynxos) + CFLAGS="$CFLAGS -D__NO_INCLUDE_WARN__" + AC_DEFINE([BROKEN_SETVBUF], [1], [LynxOS has broken setvbuf() implementation]) + ;; +@@ -1842,17 +1841,16 @@ AC_CHECK_FUNCS([ \ + inet_ntop \ + innetgr \ + login_getcapbool \ + mblen \ + md5_crypt \ + memmove \ + memset_s \ + mkdtemp \ +- mmap \ + ngetaddrinfo \ + nsleep \ + ogetaddrinfo \ + openlog_r \ + pledge \ + poll \ + prctl \ + pstat \ +diff --git a/openssh-7.2p2/monitor.c b/openssh-7.2p2/monitor.c +--- a/openssh-7.2p2/monitor.c ++++ b/openssh-7.2p2/monitor.c +@@ -87,17 +87,16 @@ + #include "channels.h" + #include "session.h" + #include "sshlogin.h" + #include "canohost.h" + #include "log.h" + #include "misc.h" + #include "servconf.h" + #include "monitor.h" +-#include "monitor_mm.h" + #ifdef GSSAPI + #include "ssh-gss.h" + #endif + #include "monitor_wrap.h" + #include "monitor_fdpass.h" + #include "compat.h" + #include "ssh2.h" + #include "authfd.h" +@@ -511,41 +510,16 @@ monitor_child_postauth(struct monitor *p + monitor_permit(mon_dispatch, MONITOR_REQ_PTY, 1); + monitor_permit(mon_dispatch, MONITOR_REQ_PTYCLEANUP, 1); + } + + for (;;) + monitor_read(pmonitor, mon_dispatch, NULL); + } + +-void +-monitor_sync(struct monitor *pmonitor) +-{ +- if (options.compression) { +- /* The member allocation is not visible, so sync it */ +- mm_share_sync(&pmonitor->m_zlib, &pmonitor->m_zback); +- } +-} +- +-/* Allocation functions for zlib */ +-static void * +-mm_zalloc(struct mm_master *mm, u_int ncount, u_int size) +-{ +- if (size == 0 || ncount == 0 || ncount > SIZE_MAX / size) +- fatal("%s: mm_zalloc(%u, %u)", __func__, ncount, size); +- +- return mm_malloc(mm, size * ncount); +-} +- +-static void +-mm_zfree(struct mm_master *mm, void *address) +-{ +- mm_free(mm, address); +-} +- + static int + monitor_read_log(struct monitor *pmonitor) + { + Buffer logmsg; + u_int len, level; + char *msg; + + buffer_init(&logmsg); +@@ -1965,23 +1939,16 @@ monitor_apply_keystate(struct monitor *p + kex->kex[KEX_GSS_GEX_SHA1] = kexgss_server; + } + #endif + kex->load_host_public_key=&get_hostkey_public_by_type; + kex->load_host_private_key=&get_hostkey_private_by_type; + kex->host_key_index=&get_hostkey_index; + kex->sign = sshd_hostkey_sign; + } +- +- /* Update with new address */ +- if (options.compression) { +- ssh_packet_set_compress_hooks(ssh, pmonitor->m_zlib, +- (ssh_packet_comp_alloc_func *)mm_zalloc, +- (ssh_packet_comp_free_func *)mm_zfree); +- } + } + + /* This function requries careful sanity checking */ + + void + mm_get_keystate(struct monitor *pmonitor) + { + Buffer m; +@@ -2040,34 +2007,21 @@ monitor_openfds(struct monitor *mon, int + mon->m_log_recvfd = mon->m_log_sendfd = -1; + } + + #define MM_MEMSIZE 65536 + + struct monitor * + monitor_init(void) + { +- struct ssh *ssh = active_state; /* XXX */ + struct monitor *mon; + + mon = xcalloc(1, sizeof(*mon)); +- + monitor_openfds(mon, 1); + +- /* Used to share zlib space across processes */ +- if (options.compression) { +- mon->m_zback = mm_create(NULL, MM_MEMSIZE); +- mon->m_zlib = mm_create(mon->m_zback, 20 * MM_MEMSIZE); +- +- /* Compression needs to share state across borders */ +- ssh_packet_set_compress_hooks(ssh, mon->m_zlib, +- (ssh_packet_comp_alloc_func *)mm_zalloc, +- (ssh_packet_comp_free_func *)mm_zfree); +- } +- + return mon; + } + + void + monitor_reinit(struct monitor *mon) + { + monitor_openfds(mon, 0); + } +diff --git a/openssh-7.2p2/monitor.h b/openssh-7.2p2/monitor.h +--- a/openssh-7.2p2/monitor.h ++++ b/openssh-7.2p2/monitor.h +@@ -1,9 +1,9 @@ +-/* $OpenBSD: monitor.h,v 1.19 2015/01/19 19:52:16 markus Exp $ */ ++/* $OpenBSD: monitor.h,v 1.20 2016/09/28 16:33:07 djm Exp $ */ + + /* + * Copyright 2002 Niels Provos + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: +@@ -71,31 +71,27 @@ enum monitor_reqtype { + MONITOR_REQ_AUDIT_SESSION_KEY_FREE = 122, MONITOR_ANS_AUDIT_SESSION_KEY_FREE = 123, + MONITOR_REQ_AUDIT_SERVER_KEY_FREE = 124, + + MONITOR_REQ_GSSSIGN = 201, MONITOR_ANS_GSSSIGN = 202, + MONITOR_REQ_GSSUPCREDS = 203, MONITOR_ANS_GSSUPCREDS = 204, + + }; + +-struct mm_master; + struct monitor { + int m_recvfd; + int m_sendfd; + int m_log_recvfd; + int m_log_sendfd; +- struct mm_master *m_zback; +- struct mm_master *m_zlib; + struct kex **m_pkex; + pid_t m_pid; + }; + + struct monitor *monitor_init(void); + void monitor_reinit(struct monitor *); +-void monitor_sync(struct monitor *); + + struct Authctxt; + void monitor_child_preauth(struct Authctxt *, struct monitor *); + void monitor_child_postauth(struct monitor *); + + struct mon_table; + int monitor_read(struct monitor*, struct mon_table *, struct mon_table **); + +diff --git a/openssh-7.2p2/monitor_mm.c b/openssh-7.2p2/monitor_mm.c +deleted file mode 100644 +--- a/openssh-7.2p2/monitor_mm.c ++++ /dev/null +@@ -1,357 +0,0 @@ +-/* $OpenBSD: monitor_mm.c,v 1.21 2015/02/06 23:21:59 millert Exp $ */ +-/* +- * Copyright 2002 Niels Provos +- * All rights reserved. +- * +- * Redistribution and use in source and binary forms, with or without +- * modification, are permitted provided that the following conditions +- * are met: +- * 1. Redistributions of source code must retain the above copyright +- * notice, this list of conditions and the following disclaimer. +- * 2. Redistributions in binary form must reproduce the above copyright +- * notice, this list of conditions and the following disclaimer in the +- * documentation and/or other materials provided with the distribution. +- * +- * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR +- * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES +- * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. +- * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, +- * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT +- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, +- * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY +- * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT +- * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF +- * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. +- */ +- +-#include "includes.h" +- +-#include +-#ifdef HAVE_SYS_MMAN_H +-#include +-#endif +-#include "openbsd-compat/sys-tree.h" +- +-#include +-#include +-#include +-#ifdef HAVE_STDINT_H +-#include +-#endif +-#include +-#include +- +-#include "xmalloc.h" +-#include "ssh.h" +-#include "log.h" +-#include "monitor_mm.h" +- +-static int +-mm_compare(struct mm_share *a, struct mm_share *b) +-{ +- ptrdiff_t diff = (char *)a->address - (char *)b->address; +- +- if (diff == 0) +- return (0); +- else if (diff < 0) +- return (-1); +- else +- return (1); +-} +- +-RB_GENERATE(mmtree, mm_share, next, mm_compare) +- +-static struct mm_share * +-mm_make_entry(struct mm_master *mm, struct mmtree *head, +- void *address, size_t size) +-{ +- struct mm_share *tmp, *tmp2; +- +- if (mm->mmalloc == NULL) +- tmp = xcalloc(1, sizeof(struct mm_share)); +- else +- tmp = mm_xmalloc(mm->mmalloc, sizeof(struct mm_share)); +- tmp->address = address; +- tmp->size = size; +- +- tmp2 = RB_INSERT(mmtree, head, tmp); +- if (tmp2 != NULL) +- fatal("mm_make_entry(%p): double address %p->%p(%zu)", +- mm, tmp2, address, size); +- +- return (tmp); +-} +- +-/* Creates a shared memory area of a certain size */ +- +-struct mm_master * +-mm_create(struct mm_master *mmalloc, size_t size) +-{ +- void *address; +- struct mm_master *mm; +- +- if (mmalloc == NULL) +- mm = xcalloc(1, sizeof(struct mm_master)); +- else +- mm = mm_xmalloc(mmalloc, sizeof(struct mm_master)); +- +- /* +- * If the memory map has a mm_master it can be completely +- * shared including authentication between the child +- * and the client. +- */ +- mm->mmalloc = mmalloc; +- +- address = xmmap(size); +- if (address == (void *)MAP_FAILED) +- fatal("mmap(%zu): %s", size, strerror(errno)); +- +- mm->address = address; +- mm->size = size; +- +- RB_INIT(&mm->rb_free); +- RB_INIT(&mm->rb_allocated); +- +- mm_make_entry(mm, &mm->rb_free, address, size); +- +- return (mm); +-} +- +-/* Frees either the allocated or the free list */ +- +-static void +-mm_freelist(struct mm_master *mmalloc, struct mmtree *head) +-{ +- struct mm_share *mms, *next; +- +- for (mms = RB_ROOT(head); mms; mms = next) { +- next = RB_NEXT(mmtree, head, mms); +- RB_REMOVE(mmtree, head, mms); +- if (mmalloc == NULL) +- free(mms); +- else +- mm_free(mmalloc, mms); +- } +-} +- +-/* Destroys a memory mapped area */ +- +-void +-mm_destroy(struct mm_master *mm) +-{ +- mm_freelist(mm->mmalloc, &mm->rb_free); +- mm_freelist(mm->mmalloc, &mm->rb_allocated); +- +-#ifdef HAVE_MMAP +- if (munmap(mm->address, mm->size) == -1) +- fatal("munmap(%p, %zu): %s", mm->address, mm->size, +- strerror(errno)); +-#else +- fatal("%s: UsePrivilegeSeparation=yes and Compression=yes not supported", +- __func__); +-#endif +- if (mm->mmalloc == NULL) +- free(mm); +- else +- mm_free(mm->mmalloc, mm); +-} +- +-void * +-mm_xmalloc(struct mm_master *mm, size_t size) +-{ +- void *address; +- +- address = mm_malloc(mm, size); +- if (address == NULL) +- fatal("%s: mm_malloc(%zu)", __func__, size); +- memset(address, 0, size); +- return (address); +-} +- +- +-/* Allocates data from a memory mapped area */ +- +-void * +-mm_malloc(struct mm_master *mm, size_t size) +-{ +- struct mm_share *mms, *tmp; +- +- if (size == 0) +- fatal("mm_malloc: try to allocate 0 space"); +- if (size > SIZE_MAX - MM_MINSIZE + 1) +- fatal("mm_malloc: size too big"); +- +- size = ((size + (MM_MINSIZE - 1)) / MM_MINSIZE) * MM_MINSIZE; +- +- RB_FOREACH(mms, mmtree, &mm->rb_free) { +- if (mms->size >= size) +- break; +- } +- +- if (mms == NULL) +- return (NULL); +- +- /* Debug */ +- memset(mms->address, 0xd0, size); +- +- tmp = mm_make_entry(mm, &mm->rb_allocated, mms->address, size); +- +- /* Does not change order in RB tree */ +- mms->size -= size; +- mms->address = (char *)mms->address + size; +- +- if (mms->size == 0) { +- RB_REMOVE(mmtree, &mm->rb_free, mms); +- if (mm->mmalloc == NULL) +- free(mms); +- else +- mm_free(mm->mmalloc, mms); +- } +- +- return (tmp->address); +-} +- +-/* Frees memory in a memory mapped area */ +- +-void +-mm_free(struct mm_master *mm, void *address) +-{ +- struct mm_share *mms, *prev, tmp; +- +- tmp.address = address; +- mms = RB_FIND(mmtree, &mm->rb_allocated, &tmp); +- if (mms == NULL) +- fatal("mm_free(%p): can not find %p", mm, address); +- +- /* Debug */ +- memset(mms->address, 0xd0, mms->size); +- +- /* Remove from allocated list and insert in free list */ +- RB_REMOVE(mmtree, &mm->rb_allocated, mms); +- if (RB_INSERT(mmtree, &mm->rb_free, mms) != NULL) +- fatal("mm_free(%p): double address %p", mm, address); +- +- /* Find previous entry */ +- prev = mms; +- if (RB_LEFT(prev, next)) { +- prev = RB_LEFT(prev, next); +- while (RB_RIGHT(prev, next)) +- prev = RB_RIGHT(prev, next); +- } else { +- if (RB_PARENT(prev, next) && +- (prev == RB_RIGHT(RB_PARENT(prev, next), next))) +- prev = RB_PARENT(prev, next); +- else { +- while (RB_PARENT(prev, next) && +- (prev == RB_LEFT(RB_PARENT(prev, next), next))) +- prev = RB_PARENT(prev, next); +- prev = RB_PARENT(prev, next); +- } +- } +- +- /* Check if range does not overlap */ +- if (prev != NULL && MM_ADDRESS_END(prev) > address) +- fatal("mm_free: memory corruption: %p(%zu) > %p", +- prev->address, prev->size, address); +- +- /* See if we can merge backwards */ +- if (prev != NULL && MM_ADDRESS_END(prev) == address) { +- prev->size += mms->size; +- RB_REMOVE(mmtree, &mm->rb_free, mms); +- if (mm->mmalloc == NULL) +- free(mms); +- else +- mm_free(mm->mmalloc, mms); +- } else +- prev = mms; +- +- if (prev == NULL) +- return; +- +- /* Check if we can merge forwards */ +- mms = RB_NEXT(mmtree, &mm->rb_free, prev); +- if (mms == NULL) +- return; +- +- if (MM_ADDRESS_END(prev) > mms->address) +- fatal("mm_free: memory corruption: %p < %p(%zu)", +- mms->address, prev->address, prev->size); +- if (MM_ADDRESS_END(prev) != mms->address) +- return; +- +- prev->size += mms->size; +- RB_REMOVE(mmtree, &mm->rb_free, mms); +- +- if (mm->mmalloc == NULL) +- free(mms); +- else +- mm_free(mm->mmalloc, mms); +-} +- +-static void +-mm_sync_list(struct mmtree *oldtree, struct mmtree *newtree, +- struct mm_master *mm, struct mm_master *mmold) +-{ +- struct mm_master *mmalloc = mm->mmalloc; +- struct mm_share *mms, *new; +- +- /* Sync free list */ +- RB_FOREACH(mms, mmtree, oldtree) { +- /* Check the values */ +- mm_memvalid(mmold, mms, sizeof(struct mm_share)); +- mm_memvalid(mm, mms->address, mms->size); +- +- new = mm_xmalloc(mmalloc, sizeof(struct mm_share)); +- memcpy(new, mms, sizeof(struct mm_share)); +- RB_INSERT(mmtree, newtree, new); +- } +-} +- +-void +-mm_share_sync(struct mm_master **pmm, struct mm_master **pmmalloc) +-{ +- struct mm_master *mm; +- struct mm_master *mmalloc; +- struct mm_master *mmold; +- struct mmtree rb_free, rb_allocated; +- +- debug3("%s: Share sync", __func__); +- +- mm = *pmm; +- mmold = mm->mmalloc; +- mm_memvalid(mmold, mm, sizeof(*mm)); +- +- mmalloc = mm_create(NULL, mm->size); +- mm = mm_xmalloc(mmalloc, sizeof(struct mm_master)); +- memcpy(mm, *pmm, sizeof(struct mm_master)); +- mm->mmalloc = mmalloc; +- +- rb_free = mm->rb_free; +- rb_allocated = mm->rb_allocated; +- +- RB_INIT(&mm->rb_free); +- RB_INIT(&mm->rb_allocated); +- +- mm_sync_list(&rb_free, &mm->rb_free, mm, mmold); +- mm_sync_list(&rb_allocated, &mm->rb_allocated, mm, mmold); +- +- mm_destroy(mmold); +- +- *pmm = mm; +- *pmmalloc = mmalloc; +- +- debug3("%s: Share sync end", __func__); +-} +- +-void +-mm_memvalid(struct mm_master *mm, void *address, size_t size) +-{ +- void *end = (char *)address + size; +- +- if (address < mm->address) +- fatal("mm_memvalid: address too small: %p", address); +- if (end < address) +- fatal("mm_memvalid: end < address: %p < %p", end, address); +- if (end > MM_ADDRESS_END(mm)) +- fatal("mm_memvalid: address too large: %p", address); +-} +diff --git a/openssh-7.2p2/monitor_mm.h b/openssh-7.2p2/monitor_mm.h +deleted file mode 100644 +--- a/openssh-7.2p2/monitor_mm.h ++++ /dev/null +@@ -1,62 +0,0 @@ +-/* $OpenBSD: monitor_mm.h,v 1.6 2014/01/04 17:50:55 tedu Exp $ */ +- +-/* +- * Copyright 2002 Niels Provos +- * All rights reserved. +- * +- * Redistribution and use in source and binary forms, with or without +- * modification, are permitted provided that the following conditions +- * are met: +- * 1. Redistributions of source code must retain the above copyright +- * notice, this list of conditions and the following disclaimer. +- * 2. Redistributions in binary form must reproduce the above copyright +- * notice, this list of conditions and the following disclaimer in the +- * documentation and/or other materials provided with the distribution. +- * +- * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR +- * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES +- * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. +- * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, +- * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT +- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, +- * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY +- * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT +- * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF +- * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. +- */ +- +-#ifndef _MM_H_ +-#define _MM_H_ +- +-struct mm_share { +- RB_ENTRY(mm_share) next; +- void *address; +- size_t size; +-}; +- +-struct mm_master { +- RB_HEAD(mmtree, mm_share) rb_free; +- struct mmtree rb_allocated; +- void *address; +- size_t size; +- +- struct mm_master *mmalloc; /* Used to completely share */ +-}; +- +-RB_PROTOTYPE(mmtree, mm_share, next, mm_compare) +- +-#define MM_MINSIZE 128 +- +-#define MM_ADDRESS_END(x) (void *)((char *)(x)->address + (x)->size) +- +-struct mm_master *mm_create(struct mm_master *, size_t); +-void mm_destroy(struct mm_master *); +- +-void mm_share_sync(struct mm_master **, struct mm_master **); +- +-void *mm_malloc(struct mm_master *, size_t); +-void *mm_xmalloc(struct mm_master *, size_t); +-void mm_free(struct mm_master *, void *); +- +-void mm_memvalid(struct mm_master *, void *, size_t); +-#endif /* _MM_H_ */ +diff --git a/openssh-7.2p2/monitor_wrap.h b/openssh-7.2p2/monitor_wrap.h +--- a/openssh-7.2p2/monitor_wrap.h ++++ b/openssh-7.2p2/monitor_wrap.h +@@ -107,12 +107,9 @@ void mm_send_keystate(struct monitor*); + /* bsdauth */ + int mm_bsdauth_query(void *, char **, char **, u_int *, char ***, u_int **); + int mm_bsdauth_respond(void *, u_int, char **); + + /* skey */ + int mm_skey_query(void *, char **, char **, u_int *, char ***, u_int **); + int mm_skey_respond(void *, u_int, char **); + +-/* zlib allocation hooks */ +-void mm_init_compression(struct mm_master *); +- + #endif /* _MM_WRAP_H_ */ +diff --git a/openssh-7.2p2/myproposal.h b/openssh-7.2p2/myproposal.h +--- a/openssh-7.2p2/myproposal.h ++++ b/openssh-7.2p2/myproposal.h +@@ -156,17 +156,17 @@ + "hmac-sha1" + + #define KEX_CLIENT_KEX KEX_SERVER_KEX + #define KEX_CLIENT_ENCRYPT KEX_SERVER_ENCRYPT + #define KEX_CLIENT_MAC KEX_SERVER_MAC + + #endif /* WITH_OPENSSL */ + +-#define KEX_DEFAULT_COMP "none,zlib@openssh.com,zlib" ++#define KEX_DEFAULT_COMP "none,zlib@openssh.com" + #define KEX_DEFAULT_LANG "" + + #define KEX_CLIENT \ + KEX_CLIENT_KEX, \ + KEX_DEFAULT_PK_ALG, \ + KEX_CLIENT_ENCRYPT, \ + KEX_CLIENT_ENCRYPT, \ + KEX_CLIENT_MAC, \ +diff --git a/openssh-7.2p2/opacket.h b/openssh-7.2p2/opacket.h +--- a/openssh-7.2p2/opacket.h ++++ b/openssh-7.2p2/opacket.h +@@ -128,19 +128,16 @@ void packet_disconnect(const char *, ... + #define packet_set_server() \ + ssh_packet_set_server(active_state) + #define packet_set_authenticated() \ + ssh_packet_set_authenticated(active_state) + #define packet_get_input() \ + ssh_packet_get_input(active_state) + #define packet_get_output() \ + ssh_packet_get_output(active_state) +-#define packet_set_compress_hooks(ctx, allocfunc, freefunc) \ +- ssh_packet_set_compress_hooks(active_state, ctx, \ +- allocfunc, freefunc); + #define packet_check_eom() \ + ssh_packet_check_eom(active_state) + #define set_newkeys(mode) \ + ssh_set_newkeys(active_state, (mode)) + #define packet_get_state(m) \ + ssh_packet_get_state(active_state, m) + #define packet_set_state(m) \ + ssh_packet_set_state(active_state, m) +diff --git a/openssh-7.2p2/openbsd-compat/Makefile.in b/openssh-7.2p2/openbsd-compat/Makefile.in +--- a/openssh-7.2p2/openbsd-compat/Makefile.in ++++ b/openssh-7.2p2/openbsd-compat/Makefile.in +@@ -13,17 +13,17 @@ CPPFLAGS=-I. -I.. -I$(srcdir) -I$(srcdir + LIBS=@LIBS@ + AR=@AR@ + RANLIB=@RANLIB@ + INSTALL=@INSTALL@ + LDFLAGS=-L. @LDFLAGS@ + + OPENBSD=base64.o basename.o bcrypt_pbkdf.o bindresvport.o blowfish.o daemon.o dirname.o fmt_scaled.o getcwd.o getgrouplist.o getopt_long.o getrrsetbyname.o glob.o inet_aton.o inet_ntoa.o inet_ntop.o mktemp.o pwcache.o readpassphrase.o reallocarray.o realpath.o rresvport.o setenv.o setproctitle.o sha1.o sha2.o rmd160.o md5.o sigact.o strlcat.o strlcpy.o strmode.o strnlen.o strptime.o strsep.o strtonum.o strtoll.o strtoul.o strtoull.o timingsafe_bcmp.o vis.o blowfish.o bcrypt_pbkdf.o explicit_bzero.o + +-COMPAT=arc4random.o bsd-asprintf.o bsd-closefrom.o bsd-cray.o bsd-cygwin_util.o bsd-getpeereid.o getrrsetbyname-ldns.o bsd-misc.o bsd-nextstep.o bsd-openpty.o bsd-poll.o bsd-setres_id.o bsd-snprintf.o bsd-statvfs.o bsd-waitpid.o fake-rfc2553.o openssl-compat.o xmmap.o xcrypt.o kludge-fd_set.o ++COMPAT=arc4random.o bsd-asprintf.o bsd-closefrom.o bsd-cray.o bsd-cygwin_util.o bsd-getpeereid.o getrrsetbyname-ldns.o bsd-misc.o bsd-nextstep.o bsd-openpty.o bsd-poll.o bsd-setres_id.o bsd-snprintf.o bsd-statvfs.o bsd-waitpid.o fake-rfc2553.o openssl-compat.o xcrypt.o kludge-fd_set.o + + PORTS=port-aix.o port-irix.o port-linux.o port-linux-prng.o port-solaris.o port-tun.o port-uw.o + + .c.o: + $(CC) $(CFLAGS) $(CPPFLAGS) -c $< + + all: libopenbsd-compat.a + +diff --git a/openssh-7.2p2/openbsd-compat/openbsd-compat.h b/openssh-7.2p2/openbsd-compat/openbsd-compat.h +--- a/openssh-7.2p2/openbsd-compat/openbsd-compat.h ++++ b/openssh-7.2p2/openbsd-compat/openbsd-compat.h +@@ -259,17 +259,16 @@ int timingsafe_bcmp(const void *, const + int bcrypt_pbkdf(const char *, size_t, const u_int8_t *, size_t, + u_int8_t *, size_t, unsigned int); + #endif + + #ifndef HAVE_EXPLICIT_BZERO + void explicit_bzero(void *p, size_t n); + #endif + +-void *xmmap(size_t size); + char *xcrypt(const char *password, const char *salt); + char *shadow_pw(struct passwd *pw); + + /* rfc2553 socket API replacements */ + #include "fake-rfc2553.h" + + /* Routines for a single OS platform */ + #include "bsd-cray.h" +diff --git a/openssh-7.2p2/openbsd-compat/xmmap.c b/openssh-7.2p2/openbsd-compat/xmmap.c +deleted file mode 100644 +--- a/openssh-7.2p2/openbsd-compat/xmmap.c ++++ /dev/null +@@ -1,88 +0,0 @@ +-/* +- * Copyright (c) 2002 Tim Rice. All rights reserved. +- * MAP_FAILED code by Solar Designer. +- * +- * Redistribution and use in source and binary forms, with or without +- * modification, are permitted provided that the following conditions +- * are met: +- * 1. Redistributions of source code must retain the above copyright +- * notice, this list of conditions and the following disclaimer. +- * 2. Redistributions in binary form must reproduce the above copyright +- * notice, this list of conditions and the following disclaimer in the +- * documentation and/or other materials provided with the distribution. +- * +- * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR +- * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES +- * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. +- * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, +- * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT +- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, +- * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY +- * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT +- * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF +- * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. +- */ +- +-/* $Id: xmmap.c,v 1.15 2009/02/16 04:21:40 djm Exp $ */ +- +-#include "includes.h" +- +-#include +-#ifdef HAVE_SYS_MMAN_H +-#include +-#endif +-#include +- +-#ifdef HAVE_FCNTL_H +-# include +-#endif +-#include +-#include +-#include +-#include +-#include +- +-#include "log.h" +- +-void * +-xmmap(size_t size) +-{ +-#ifdef HAVE_MMAP +- void *address; +- +-# ifdef MAP_ANON +- address = mmap(NULL, size, PROT_WRITE|PROT_READ, MAP_ANON|MAP_SHARED, +- -1, (off_t)0); +-# else +- address = mmap(NULL, size, PROT_WRITE|PROT_READ, MAP_SHARED, +- open("/dev/zero", O_RDWR), (off_t)0); +-# endif +- +-#define MM_SWAP_TEMPLATE "/var/run/sshd.mm.XXXXXXXX" +- if (address == (void *)MAP_FAILED) { +- char tmpname[sizeof(MM_SWAP_TEMPLATE)] = MM_SWAP_TEMPLATE; +- int tmpfd; +- mode_t old_umask; +- +- old_umask = umask(0177); +- tmpfd = mkstemp(tmpname); +- umask(old_umask); +- if (tmpfd == -1) +- fatal("mkstemp(\"%s\"): %s", +- MM_SWAP_TEMPLATE, strerror(errno)); +- unlink(tmpname); +- if (ftruncate(tmpfd, size) != 0) +- fatal("%s: ftruncate: %s", __func__, strerror(errno)); +- address = mmap(NULL, size, PROT_WRITE|PROT_READ, MAP_SHARED, +- tmpfd, (off_t)0); +- close(tmpfd); +- } +- +- return (address); +-#else +- fatal("%s: UsePrivilegeSeparation=yes and Compression=yes not supported", +- __func__); +-#endif /* HAVE_MMAP */ +- +-} +- +diff --git a/openssh-7.2p2/packet.c b/openssh-7.2p2/packet.c +--- a/openssh-7.2p2/packet.c ++++ b/openssh-7.2p2/packet.c +@@ -732,96 +732,16 @@ uncompress_buffer(struct ssh *ssh, struc + default: + ssh->state->compression_in_failures++; + return SSH_ERR_INTERNAL_ERROR; + } + } + /* NOTREACHED */ + } + +-/* Serialise compression state into a blob for privsep */ +-static int +-ssh_packet_get_compress_state(struct sshbuf *m, struct ssh *ssh) +-{ +- struct session_state *state = ssh->state; +- struct sshbuf *b; +- int r; +- +- if ((b = sshbuf_new()) == NULL) +- return SSH_ERR_ALLOC_FAIL; +- if (state->compression_in_started) { +- if ((r = sshbuf_put_string(b, &state->compression_in_stream, +- sizeof(state->compression_in_stream))) != 0) +- goto out; +- } else if ((r = sshbuf_put_string(b, NULL, 0)) != 0) +- goto out; +- if (state->compression_out_started) { +- if ((r = sshbuf_put_string(b, &state->compression_out_stream, +- sizeof(state->compression_out_stream))) != 0) +- goto out; +- } else if ((r = sshbuf_put_string(b, NULL, 0)) != 0) +- goto out; +- r = sshbuf_put_stringb(m, b); +- out: +- sshbuf_free(b); +- return r; +-} +- +-/* Deserialise compression state from a blob for privsep */ +-static int +-ssh_packet_set_compress_state(struct ssh *ssh, struct sshbuf *m) +-{ +- struct session_state *state = ssh->state; +- struct sshbuf *b = NULL; +- int r; +- const u_char *inblob, *outblob; +- size_t inl, outl; +- +- if ((r = sshbuf_froms(m, &b)) != 0) +- goto out; +- if ((r = sshbuf_get_string_direct(b, &inblob, &inl)) != 0 || +- (r = sshbuf_get_string_direct(b, &outblob, &outl)) != 0) +- goto out; +- if (inl == 0) +- state->compression_in_started = 0; +- else if (inl != sizeof(state->compression_in_stream)) { +- r = SSH_ERR_INTERNAL_ERROR; +- goto out; +- } else { +- state->compression_in_started = 1; +- memcpy(&state->compression_in_stream, inblob, inl); +- } +- if (outl == 0) +- state->compression_out_started = 0; +- else if (outl != sizeof(state->compression_out_stream)) { +- r = SSH_ERR_INTERNAL_ERROR; +- goto out; +- } else { +- state->compression_out_started = 1; +- memcpy(&state->compression_out_stream, outblob, outl); +- } +- r = 0; +- out: +- sshbuf_free(b); +- return r; +-} +- +-void +-ssh_packet_set_compress_hooks(struct ssh *ssh, void *ctx, +- void *(*allocfunc)(void *, u_int, u_int), +- void (*freefunc)(void *, void *)) +-{ +- ssh->state->compression_out_stream.zalloc = (alloc_func)allocfunc; +- ssh->state->compression_out_stream.zfree = (free_func)freefunc; +- ssh->state->compression_out_stream.opaque = ctx; +- ssh->state->compression_in_stream.zalloc = (alloc_func)allocfunc; +- ssh->state->compression_in_stream.zfree = (free_func)freefunc; +- ssh->state->compression_in_stream.opaque = ctx; +-} +- + /* + * Causes any further packets to be encrypted using the given key. The same + * key is used for both sending and reception. However, both directions are + * encrypted independently of each other. + */ + + void + ssh_packet_set_encryption_key(struct ssh *ssh, const u_char *key, u_int keylen, int number) +@@ -2487,31 +2407,24 @@ packet_destroy_all(int audit_it, int pri + #endif + } + } + + /* Reset after_authentication and reset compression in post-auth privsep */ + static int + ssh_packet_set_postauth(struct ssh *ssh) + { +- struct sshcomp *comp; +- int r, mode; ++ int r; + + debug("%s: called", __func__); + /* This was set in net child, but is not visible in user child */ + ssh->state->after_authentication = 1; + ssh->state->rekeying = 0; +- for (mode = 0; mode < MODE_MAX; mode++) { +- if (ssh->state->newkeys[mode] == NULL) +- continue; +- comp = &ssh->state->newkeys[mode]->comp; +- if (comp && comp->enabled && +- (r = ssh_packet_init_compression(ssh)) != 0) +- return r; +- } ++ if ((r = ssh_packet_enable_delayed_compress(ssh)) != 0) ++ return r; + return 0; + } + + /* Packet state (de-)serialization for privsep */ + + /* turn kex into a blob for packet state serialization */ + static int + kex_to_blob(struct sshbuf *m, struct kex *kex) +@@ -2565,17 +2478,16 @@ newkeys_to_blob(struct sshbuf *m, struct + goto out; + if (cipher_authlen(enc->cipher) == 0) { + if ((r = sshbuf_put_cstring(b, mac->name)) != 0 || + (r = sshbuf_put_u32(b, mac->enabled)) != 0 || + (r = sshbuf_put_string(b, mac->key, mac->key_len)) != 0) + goto out; + } + if ((r = sshbuf_put_u32(b, comp->type)) != 0 || +- (r = sshbuf_put_u32(b, comp->enabled)) != 0 || + (r = sshbuf_put_cstring(b, comp->name)) != 0) + goto out; + r = sshbuf_put_stringb(m, b); + out: + sshbuf_free(b); + return r; + } + +@@ -2626,19 +2538,17 @@ ssh_packet_get_state(struct ssh *ssh, st + return r; + if (cipher_get_keycontext(&state->send_context, p) != (int)slen) + return SSH_ERR_INTERNAL_ERROR; + if ((r = sshbuf_put_u32(m, rlen)) != 0 || + (r = sshbuf_reserve(m, rlen, &p)) != 0) + return r; + if (cipher_get_keycontext(&state->receive_context, p) != (int)rlen) + return SSH_ERR_INTERNAL_ERROR; +- +- if ((r = ssh_packet_get_compress_state(m, ssh)) != 0 || +- (r = sshbuf_put_stringb(m, state->input)) != 0 || ++ if ((r = sshbuf_put_stringb(m, state->input)) != 0 || + (r = sshbuf_put_stringb(m, state->output)) != 0) + return r; + + return 0; + } + + /* restore key exchange results from blob for packet state de-serialization */ + static int +@@ -2682,17 +2592,16 @@ newkeys_from_blob(struct sshbuf *m, stru + goto out; + if (maclen > mac->key_len) { + r = SSH_ERR_INVALID_FORMAT; + goto out; + } + mac->key_len = maclen; + } + if ((r = sshbuf_get_u32(b, &comp->type)) != 0 || +- (r = sshbuf_get_u32(b, (u_int *)&comp->enabled)) != 0 || + (r = sshbuf_get_cstring(b, &comp->name, NULL)) != 0) + goto out; + if (enc->name == NULL || + cipher_by_name(enc->name) != enc->cipher) { + r = SSH_ERR_INVALID_FORMAT; + goto out; + } + if (sshbuf_len(b) != 0) { +@@ -2810,18 +2719,17 @@ ssh_packet_set_state(struct ssh *ssh, st + (r = sshbuf_get_string_direct(m, &keyin, &rlen)) != 0) + return r; + if (cipher_get_keycontext(&state->send_context, NULL) != (int)slen || + cipher_get_keycontext(&state->receive_context, NULL) != (int)rlen) + return SSH_ERR_INVALID_FORMAT; + cipher_set_keycontext(&state->send_context, keyout); + cipher_set_keycontext(&state->receive_context, keyin); + +- if ((r = ssh_packet_set_compress_state(ssh, m)) != 0 || +- (r = ssh_packet_set_postauth(ssh)) != 0) ++ if ((r = ssh_packet_set_postauth(ssh)) != 0) + return r; + + sshbuf_reset(state->input); + sshbuf_reset(state->output); + if ((r = sshbuf_get_string_direct(m, &input, &ilen)) != 0 || + (r = sshbuf_get_string_direct(m, &output, &olen)) != 0 || + (r = sshbuf_put(state->input, input, ilen)) != 0 || + (r = sshbuf_put(state->output, output, olen)) != 0) +diff --git a/openssh-7.2p2/packet.h b/openssh-7.2p2/packet.h +--- a/openssh-7.2p2/packet.h ++++ b/openssh-7.2p2/packet.h +@@ -113,21 +113,16 @@ const void *ssh_packet_get_string_ptr(st + void ssh_packet_disconnect(struct ssh *, const char *fmt, ...) + __attribute__((format(printf, 2, 3))) + __attribute__((noreturn)); + void ssh_packet_send_debug(struct ssh *, const char *fmt, ...) __attribute__((format(printf, 2, 3))); + + int ssh_set_newkeys(struct ssh *, int mode); + void ssh_packet_get_bytes(struct ssh *, u_int64_t *, u_int64_t *); + +-typedef void *(ssh_packet_comp_alloc_func)(void *, u_int, u_int); +-typedef void (ssh_packet_comp_free_func)(void *, void *); +-void ssh_packet_set_compress_hooks(struct ssh *, void *, +- ssh_packet_comp_alloc_func *, ssh_packet_comp_free_func *); +- + int ssh_packet_write_poll(struct ssh *); + int ssh_packet_write_wait(struct ssh *); + int ssh_packet_have_data_to_write(struct ssh *); + int ssh_packet_not_very_much_data_to_write(struct ssh *); + + int ssh_packet_connection_is_on_socket(struct ssh *); + int ssh_packet_remaining(struct ssh *); + void ssh_packet_send_ignore(struct ssh *, int); +diff --git a/openssh-7.2p2/servconf.c b/openssh-7.2p2/servconf.c +--- a/openssh-7.2p2/servconf.c ++++ b/openssh-7.2p2/servconf.c +@@ -984,18 +984,18 @@ static const struct multistate multistat + { "without-password", PERMIT_NO_PASSWD }, + { "prohibit-password", PERMIT_NO_PASSWD }, + { "forced-commands-only", PERMIT_FORCED_ONLY }, + { "yes", PERMIT_YES }, + { "no", PERMIT_NO }, + { NULL, -1 } + }; + static const struct multistate multistate_compression[] = { ++ { "yes", COMP_DELAYED }, + { "delayed", COMP_DELAYED }, +- { "yes", COMP_ZLIB }, + { "no", COMP_NONE }, + { NULL, -1 } + }; + static const struct multistate multistate_gatewayports[] = { + { "clientspecified", 2 }, + { "yes", 1 }, + { "no", 0 }, + { NULL, -1 } +diff --git a/openssh-7.2p2/sshconnect2.c b/openssh-7.2p2/sshconnect2.c +--- a/openssh-7.2p2/sshconnect2.c ++++ b/openssh-7.2p2/sshconnect2.c +@@ -192,20 +192,20 @@ ssh_kex2(char *host, struct sockaddr *ho + fatal("%s: kex_names_cat", __func__); + myproposal[PROPOSAL_KEX_ALGS] = compat_kex_proposal(s); + myproposal[PROPOSAL_ENC_ALGS_CTOS] = + compat_cipher_proposal(options.ciphers); + myproposal[PROPOSAL_ENC_ALGS_STOC] = + compat_cipher_proposal(options.ciphers); + if (options.compression) { + myproposal[PROPOSAL_COMP_ALGS_CTOS] = +- myproposal[PROPOSAL_COMP_ALGS_STOC] = "zlib@openssh.com,zlib,none"; ++ myproposal[PROPOSAL_COMP_ALGS_STOC] = "zlib@openssh.com,none"; + } else { + myproposal[PROPOSAL_COMP_ALGS_CTOS] = +- myproposal[PROPOSAL_COMP_ALGS_STOC] = "none,zlib@openssh.com,zlib"; ++ myproposal[PROPOSAL_COMP_ALGS_STOC] = "none,zlib@openssh.com"; + } + myproposal[PROPOSAL_MAC_ALGS_CTOS] = + myproposal[PROPOSAL_MAC_ALGS_STOC] = options.macs; + if (options.hostkeyalgorithms != NULL) { + if (kex_assemble_names(KEX_DEFAULT_PK_ALG, + &options.hostkeyalgorithms) != 0) + fatal("%s: kex_assemble_namelist", __func__); + myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = +diff --git a/openssh-7.2p2/sshd.c b/openssh-7.2p2/sshd.c +--- a/openssh-7.2p2/sshd.c ++++ b/openssh-7.2p2/sshd.c +@@ -112,17 +112,16 @@ + #include "canohost.h" + #include "hostfile.h" + #include "auth.h" + #include "authfd.h" + #include "msg.h" + #include "dispatch.h" + #include "channels.h" + #include "session.h" +-#include "monitor_mm.h" + #include "monitor.h" + #ifdef GSSAPI + #include "ssh-gss.h" + #endif + #include "monitor_wrap.h" + #include "audit.h" + #include "ssh-sandbox.h" + #include "version.h" +@@ -748,19 +747,16 @@ privsep_preauth(Authctxt *authctxt) + ssh_err(r)); + have_agent = 0; + } + } + if (box != NULL) + ssh_sandbox_parent_preauth(box, pid); + monitor_child_preauth(authctxt, pmonitor); + +- /* Sync memory */ +- monitor_sync(pmonitor); +- + /* Wait for the child's exit status */ + while (waitpid(pid, &status, 0) < 0) { + if (errno == EINTR) + continue; + pmonitor->m_pid = -1; + fatal("%s: waitpid: %s", __func__, strerror(errno)); + } + privsep_is_preauth = 0; +@@ -2761,19 +2757,16 @@ do_ssh2_kex(void) + myproposal[PROPOSAL_ENC_ALGS_STOC] = compat_cipher_proposal( + options.ciphers); + myproposal[PROPOSAL_MAC_ALGS_CTOS] = + myproposal[PROPOSAL_MAC_ALGS_STOC] = options.macs; + + if (options.compression == COMP_NONE) { + myproposal[PROPOSAL_COMP_ALGS_CTOS] = + myproposal[PROPOSAL_COMP_ALGS_STOC] = "none"; +- } else if (options.compression == COMP_DELAYED) { +- myproposal[PROPOSAL_COMP_ALGS_CTOS] = +- myproposal[PROPOSAL_COMP_ALGS_STOC] = "none,zlib@openssh.com"; + } + + if (options.rekey_limit || options.rekey_interval) + packet_set_rekey_limits(options.rekey_limit, + (time_t)options.rekey_interval); + + myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = compat_pkalg_proposal( + list_hostkey_types()); +diff --git a/openssh-7.2p2/sshd_config.5 b/openssh-7.2p2/sshd_config.5 +--- a/openssh-7.2p2/sshd_config.5 ++++ b/openssh-7.2p2/sshd_config.5 +@@ -530,25 +530,27 @@ will be disconnected after approximately + Sets a timeout interval in seconds after which if no data has been received + from the client, + .Xr sshd 8 + will send a message through the encrypted + channel to request a response from the client. + The default + is 0, indicating that these messages will not be sent to the client. + .It Cm Compression +-Specifies whether compression is allowed, or delayed until ++Specifies whether compression is enabled after + the user has authenticated successfully. + The argument must be + .Dq yes , +-.Dq delayed , ++.Dq delayed ++(a legacy synonym for ++.Dq yes ) + or + .Dq no . + The default is +-.Dq delayed . ++.Dq yes . + .It Cm DenyGroups + This keyword can be followed by a list of group name patterns, separated + by spaces. + Login is disallowed for users whose primary group or supplementary + group list matches one of the patterns. + Only group names are valid; a numerical group ID is not recognized. + By default, login is allowed for all groups. + The allow/deny directives are processed in the following order: diff --git a/openssh-7.2p2-fips.patch b/openssh-7.2p2-fips.patch index 8df737a..2ab69d7 100644 --- a/openssh-7.2p2-fips.patch +++ b/openssh-7.2p2-fips.patch @@ -1,24 +1,22 @@ # HG changeset patch -# Parent 3e1393b771d6430ae09ae30741a3b9b382e3e041 +# Parent 5f2b8faa3b60de28124d9d4a44ffa2635d67f601 FIPS 140-2 compliance. Perform selftests on start and use only FIPS approved algorithms. diff --git a/openssh-7.2p2/Makefile.in b/openssh-7.2p2/Makefile.in --- a/openssh-7.2p2/Makefile.in +++ b/openssh-7.2p2/Makefile.in -@@ -87,17 +87,18 @@ LIBSSH_OBJS=${LIBOPENSSH_OBJS} \ - msg.o progressmeter.o dns.o entropy.o gss-genr.o umac.o umac128.o \ - ssh-pkcs11.o smult_curve25519_ref.o \ +@@ -89,16 +89,18 @@ LIBSSH_OBJS=${LIBOPENSSH_OBJS} \ poly1305.o chacha.o cipher-chachapoly.o \ ssh-ed25519.o digest-openssl.o digest-libc.o hmac.o \ sc25519.o ge25519.o fe25519.o ed25519.o verify.o hash.o blocks.o \ kex.o kexdh.o kexgex.o kexecdh.o kexc25519.o \ kexdhc.o kexgexc.o kexecdhc.o kexc25519c.o \ kexdhs.o kexgexs.o kexecdhs.o kexc25519s.o \ -- platform-pledge.o -+ platform-pledge.o \ -+ fips.o + platform-pledge.o ++LIBSSH_OBJS += fips.o ++ SSHOBJS= ssh.o readconf.o clientloop.o sshtty.o \ sshconnect.o sshconnect1.o sshconnect2.o mux.o @@ -26,6 +24,7 @@ diff --git a/openssh-7.2p2/Makefile.in b/openssh-7.2p2/Makefile.in audit.o audit-bsm.o audit-linux.o platform.o \ sshpty.o sshlogin.o servconf.o serverloop.o \ auth.o auth1.o auth2.o auth-options.o session.o \ + auth-chall.o auth2-chall.o groupaccess.o \ diff --git a/openssh-7.2p2/auth-rsa.c b/openssh-7.2p2/auth-rsa.c --- a/openssh-7.2p2/auth-rsa.c +++ b/openssh-7.2p2/auth-rsa.c diff --git a/openssh-7.2p2-gssapi_key_exchange.patch b/openssh-7.2p2-gssapi_key_exchange.patch index 7bc2da3..ebefacb 100644 --- a/openssh-7.2p2-gssapi_key_exchange.patch +++ b/openssh-7.2p2-gssapi_key_exchange.patch @@ -1,5 +1,5 @@ # HG changeset patch -# Parent 84a6252b7ac18855cf188e5911bdf8a757d4460a +# Parent df12d82287e3434a52c21a994b901302bd0c8064 GSSAPI Key Exchange implementation diff --git a/openssh-7.2p2/ChangeLog.gssapi b/openssh-7.2p2/ChangeLog.gssapi @@ -123,7 +123,7 @@ new file mode 100644 diff --git a/openssh-7.2p2/Makefile.in b/openssh-7.2p2/Makefile.in --- a/openssh-7.2p2/Makefile.in +++ b/openssh-7.2p2/Makefile.in -@@ -85,18 +85,18 @@ LIBSSH_OBJS=${LIBOPENSSH_OBJS} \ +@@ -89,18 +89,18 @@ LIBSSH_OBJS=${LIBOPENSSH_OBJS} \ atomicio.o key.o dispatch.o mac.o uidswap.o uuencode.o misc.o \ monitor_fdpass.o rijndael.o ssh-dss.o ssh-ecdsa.o ssh-rsa.o dh.o \ msg.o progressmeter.o dns.o entropy.o gss-genr.o umac.o umac128.o \ @@ -136,14 +136,14 @@ diff --git a/openssh-7.2p2/Makefile.in b/openssh-7.2p2/Makefile.in - kexdhs.o kexgexs.o kexecdhs.o kexc25519s.o \ + kexdhc.o kexgexc.o kexecdhc.o kexc25519c.o kexgssc.o \ + kexdhs.o kexgexs.o kexecdhs.o kexc25519s.o kexgsss.o \ - platform-pledge.o \ - fips.o + platform-pledge.o + + LIBSSH_OBJS += fips.o SSHOBJS= ssh.o readconf.o clientloop.o sshtty.o \ sshconnect.o sshconnect1.o sshconnect2.o mux.o SSHDOBJS=sshd.o auth-rhosts.o auth-passwd.o auth-rsa.o auth-rh-rsa.o \ - audit.o audit-bsm.o audit-linux.o platform.o \ diff --git a/openssh-7.2p2/auth-krb5.c b/openssh-7.2p2/auth-krb5.c --- a/openssh-7.2p2/auth-krb5.c +++ b/openssh-7.2p2/auth-krb5.c @@ -1279,8 +1279,7 @@ diff --git a/openssh-7.2p2/gss-serv.c b/openssh-7.2p2/gss-serv.c + return (PAM_CONV_ERR); +} +#endif - -- return (ctx->major); ++ +void +ssh_gssapi_rekey_creds() { + int ok; @@ -1302,7 +1301,8 @@ diff --git a/openssh-7.2p2/gss-serv.c b/openssh-7.2p2/gss-serv.c + return; + + debug("Rekeyed credentials stored successfully"); -+ + +- return (ctx->major); + /* Actually managing to play with the ssh pam stack from here will + * be next to impossible. In any case, we may want different options + * for rekeying. So, use our own :) diff --git a/openssh-7.2p2-host_ident.patch b/openssh-7.2p2-host_ident.patch index 5800abd..844ddb1 100644 --- a/openssh-7.2p2-host_ident.patch +++ b/openssh-7.2p2-host_ident.patch @@ -1,5 +1,5 @@ # HG changeset patch -# Parent 605a6220fcc2c96e9196681fe480fab16b505ee1 +# Parent e2f9b3303b4a4ed5d0e5f01009dd1ebea166890d Suggest command line for removal of offending keys from known_hosts file diff --git a/openssh-7.2p2/sshconnect.c b/openssh-7.2p2/sshconnect.c @@ -14,11 +14,11 @@ diff --git a/openssh-7.2p2/sshconnect.c b/openssh-7.2p2/sshconnect.c user_hostfiles[0]); error("Offending %s key in %s:%lu", key_type(host_found->key), host_found->file, host_found->line); -+ error("You can use following command to remove all keys for this IP:"); ++ error("You can use following command to remove the offending key:"); + if (host_found->file) -+ error("ssh-keygen -R %s -f %s", hostname, host_found->file); ++ error("ssh-keygen -R %s -f %s", host, host_found->file); + else -+ error("ssh-keygen -R %s", hostname); ++ error("ssh-keygen -R %s", host); /* * If strict host key checking is in use, the user will have diff --git a/openssh-7.2p2-ignore_PAM_with_UseLogin.patch b/openssh-7.2p2-ignore_PAM_with_UseLogin.patch index 78bd3e8..2c65bb2 100644 --- a/openssh-7.2p2-ignore_PAM_with_UseLogin.patch +++ b/openssh-7.2p2-ignore_PAM_with_UseLogin.patch @@ -1,5 +1,5 @@ # HG changeset patch -# Parent cb9be7363a9f32133f0d105d515149dd77cc8cd3 +# Parent 0f00e960e1069c6a6eec975cc184171343701077 Do not import PAM environment variables when using login, since it may have security implications. diff --git a/openssh-7.2p2-keep_slogin.patch b/openssh-7.2p2-keep_slogin.patch new file mode 100644 index 0000000..6304aff --- /dev/null +++ b/openssh-7.2p2-keep_slogin.patch @@ -0,0 +1,66 @@ +# HG changeset patch +# Parent 7c29b31d3502bbf5b80e01f8d1db8b2733a3c7f4 +Add slogin back to the distribution, since it might be used downstreams + +Revert of cupstream commit 69fead5d7cdaa73bdece9fcba80f8e8e70b90346 + +diff --git a/openssh-7.2p2/Makefile.in b/openssh-7.2p2/Makefile.in +--- a/openssh-7.2p2/Makefile.in ++++ b/openssh-7.2p2/Makefile.in +@@ -354,16 +354,20 @@ install-files: + $(INSTALL) -m 644 sftp.1.out $(DESTDIR)$(mandir)/$(mansubdir)1/sftp.1 + $(INSTALL) -m 644 sftp-server.8.out $(DESTDIR)$(mandir)/$(mansubdir)8/sftp-server.8 + $(INSTALL) -m 644 ssh-keysign.8.out $(DESTDIR)$(mandir)/$(mansubdir)8/ssh-keysign.8 + $(INSTALL) -m 644 ssh-pkcs11-helper.8.out $(DESTDIR)$(mandir)/$(mansubdir)8/ssh-pkcs11-helper.8 + if test ! -z "$(INSTALL_SSH_LDAP_HELPER)" ; then \ + $(INSTALL) -m 644 ssh-ldap-helper.8.out $(DESTDIR)$(mandir)/$(mansubdir)8/ssh-ldap-helper.8 ; \ + $(INSTALL) -m 644 ssh-ldap.conf.5.out $(DESTDIR)$(mandir)/$(mansubdir)5/ssh-ldap.conf.5 ; \ + fi ++ -rm -f $(DESTDIR)$(bindir)/slogin ++ ln -s ./ssh$(EXEEXT) $(DESTDIR)$(bindir)/slogin ++ -rm -f $(DESTDIR)$(mandir)/$(mansubdir)1/slogin.1 ++ ln -s ./ssh.1 $(DESTDIR)$(mandir)/$(mansubdir)1/slogin.1 + + install-sysconf: + if [ ! -d $(DESTDIR)$(sysconfdir) ]; then \ + $(srcdir)/mkinstalldirs $(DESTDIR)$(sysconfdir); \ + fi + @if [ ! -f $(DESTDIR)$(sysconfdir)/ssh_config ]; then \ + $(INSTALL) -m 644 ssh_config.out $(DESTDIR)$(sysconfdir)/ssh_config; \ + else \ +@@ -415,16 +419,17 @@ uninstallall: uninstall + -rmdir $(DESTDIR)$(bindir) + -rmdir $(DESTDIR)$(sbindir) + -rmdir $(DESTDIR)$(mandir)/$(mansubdir)1 + -rmdir $(DESTDIR)$(mandir)/$(mansubdir)8 + -rmdir $(DESTDIR)$(mandir) + -rmdir $(DESTDIR)$(libexecdir) + + uninstall: ++ -rm -f $(DESTDIR)$(bindir)/slogin + -rm -f $(DESTDIR)$(bindir)/ssh$(EXEEXT) + -rm -f $(DESTDIR)$(bindir)/scp$(EXEEXT) + -rm -f $(DESTDIR)$(bindir)/ssh-add$(EXEEXT) + -rm -f $(DESTDIR)$(bindir)/ssh-agent$(EXEEXT) + -rm -f $(DESTDIR)$(bindir)/ssh-keygen$(EXEEXT) + -rm -f $(DESTDIR)$(bindir)/ssh-keyscan$(EXEEXT) + -rm -f $(DESTDIR)$(bindir)/sftp$(EXEEXT) + -rm -f $(DESTDIR)$(sbindir)/sshd$(EXEEXT) +@@ -440,16 +445,17 @@ uninstall: + -rm -f $(DESTDIR)$(mandir)/$(mansubdir)1/ssh-keygen.1 + -rm -f $(DESTDIR)$(mandir)/$(mansubdir)1/sftp.1 + -rm -f $(DESTDIR)$(mandir)/$(mansubdir)1/ssh-keyscan.1 + -rm -f $(DESTDIR)$(mandir)/$(mansubdir)8/sshd.8 + -rm -f $(DESTDIR)$(mandir)/$(mansubdir)8/sftp-server.8 + -rm -f $(DESTDIR)$(mandir)/$(mansubdir)8/ssh-keysign.8 + -rm -f $(DESTDIR)$(mandir)/$(mansubdir)8/ssh-pkcs11-helper.8 + -rm -f $(DESTDIR)$(mandir)/$(mansubdir)8/ssh-ldap-helper.8 ++ -rm -f $(DESTDIR)$(mandir)/$(mansubdir)1/slogin.1 + + regress-prep: + [ -d `pwd`/regress ] || mkdir -p `pwd`/regress + [ -d `pwd`/regress/unittests ] || mkdir -p `pwd`/regress/unittests + [ -d `pwd`/regress/unittests/test_helper ] || \ + mkdir -p `pwd`/regress/unittests/test_helper + [ -d `pwd`/regress/unittests/sshbuf ] || \ + mkdir -p `pwd`/regress/unittests/sshbuf diff --git a/openssh-7.2p2-kex_resource_depletion.patch b/openssh-7.2p2-kex_resource_depletion.patch new file mode 100644 index 0000000..5679548 --- /dev/null +++ b/openssh-7.2p2-kex_resource_depletion.patch @@ -0,0 +1,30 @@ +# HG changeset patch +# Parent 5d3b620e9c7c42bfb1d8f24eb7e0645a55d967fa +Prevent memory depletion during key exchange + +CVE-2016-8858 +bsc#1005480 + +upstream commit ec165c392ca54317dbe3064a8c200de6531e89ad + +diff --git a/openssh-7.2p2/kex.c b/openssh-7.2p2/kex.c +--- a/openssh-7.2p2/kex.c ++++ b/openssh-7.2p2/kex.c +@@ -523,16 +523,17 @@ kex_input_kexinit(int type, u_int32_t se + u_int i; + size_t dlen; + int r; + + debug("SSH2_MSG_KEXINIT received"); + if (kex == NULL) + return SSH_ERR_INVALID_ARGUMENT; + ++ ssh_dispatch_set(ssh, SSH2_MSG_KEXINIT, NULL); + ptr = sshpkt_ptr(ssh, &dlen); + if ((r = sshbuf_put(kex->peer, ptr, dlen)) != 0) + return r; + + /* discard packet */ + for (i = 0; i < KEX_COOKIE_LEN; i++) + if ((r = sshpkt_get_u8(ssh, NULL)) != 0) + return r; diff --git a/openssh-7.2p2-ldap.patch b/openssh-7.2p2-ldap.patch index db4613a..42a8f34 100644 --- a/openssh-7.2p2-ldap.patch +++ b/openssh-7.2p2-ldap.patch @@ -1,5 +1,5 @@ # HG changeset patch -# Parent b8135c449e59282a8926ff44fcb4670baf8f158e +# Parent a47716db81c68026e9d37db568c2c313acc53f86 # Helper app for retrieving keys from a LDAP server # by Jan F. Chadima # @@ -137,28 +137,26 @@ diff --git a/openssh-7.2p2/Makefile.in b/openssh-7.2p2/Makefile.in SSH_PKCS11_HELPER=$(libexecdir)/ssh-pkcs11-helper +SSH_LDAP_HELPER=$(libexecdir)/ssh-ldap-helper +SSH_LDAP_WRAPPER=$(libexecdir)/ssh-ldap-wrapper + CAVSTEST_CTR=$(libexecdir)/cavstest-ctr + CAVSTEST_KDF=$(libexecdir)/cavstest-kdf PRIVSEP_PATH=@PRIVSEP_PATH@ SSH_PRIVSEP_USER=@SSH_PRIVSEP_USER@ STRIP_OPT=@STRIP_OPT@ TEST_SHELL=@TEST_SHELL@ PATHS= -DSSHDIR=\"$(sysconfdir)\" \ - -D_PATH_SSH_PROGRAM=\"$(SSH_PROGRAM)\" \ - -D_PATH_SSH_ASKPASS_DEFAULT=\"$(ASKPASS_PROGRAM)\" \ -@@ -57,17 +59,19 @@ INSTALL=@INSTALL@ - PERL=@PERL@ - SED=@SED@ - ENT=@ENT@ - XAUTH_PATH=@XAUTH_PATH@ +@@ -63,16 +65,19 @@ XAUTH_PATH=@XAUTH_PATH@ LDFLAGS=-L. -Lopenbsd-compat/ @LDFLAGS@ EXEEXT=@EXEEXT@ MANFMT=@MANFMT@ --TARGETS=ssh$(EXEEXT) sshd$(EXEEXT) ssh-add$(EXEEXT) ssh-keygen$(EXEEXT) ssh-keyscan${EXEEXT} ssh-keysign${EXEEXT} ssh-pkcs11-helper$(EXEEXT) ssh-agent$(EXEEXT) scp$(EXEEXT) sftp-server$(EXEEXT) sftp$(EXEEXT) -+INSTALL_SSH_LDAP_HELPER=@INSTALL_SSH_LDAP_HELPER@ -+ -+TARGETS=ssh$(EXEEXT) sshd$(EXEEXT) ssh-add$(EXEEXT) ssh-keygen$(EXEEXT) ssh-keyscan${EXEEXT} ssh-keysign${EXEEXT} ssh-pkcs11-helper$(EXEEXT) ssh-agent$(EXEEXT) scp$(EXEEXT) sftp-server$(EXEEXT) sftp$(EXEEXT) ssh-ldap-helper$(EXEEXT) + TARGETS=ssh$(EXEEXT) sshd$(EXEEXT) ssh-add$(EXEEXT) ssh-keygen$(EXEEXT) ssh-keyscan${EXEEXT} ssh-keysign${EXEEXT} ssh-pkcs11-helper$(EXEEXT) ssh-agent$(EXEEXT) scp$(EXEEXT) sftp-server$(EXEEXT) sftp$(EXEEXT) + TARGETS += cavstest-ctr$(EXEEXT) cavstest-kdf$(EXEEXT) + ++INSTALL_SSH_LDAP_HELPER=@INSTALL_SSH_LDAP_HELPER@ ++TARGETS += ssh-ldap-helper$(EXEEXT) ++ LIBOPENSSH_OBJS=\ ssh_api.o \ ssherr.o \ @@ -166,7 +164,8 @@ diff --git a/openssh-7.2p2/Makefile.in b/openssh-7.2p2/Makefile.in sshkey.o \ sshbuf-getput-basic.o \ sshbuf-misc.o \ -@@ -109,18 +113,18 @@ SSHDOBJS=sshd.o auth-rhosts.o auth-passw + sshbuf-getput-crypto.o \ +@@ -114,18 +119,18 @@ SSHDOBJS=sshd.o auth-rhosts.o auth-passw monitor_mm.o monitor.o monitor_wrap.o auth-krb5.o \ auth2-gss.o gss-serv.o gss-serv-krb5.o \ loginrec.o auth-pam.o auth-shadow.o auth-sia.o md5crypt.o \ @@ -187,7 +186,7 @@ diff --git a/openssh-7.2p2/Makefile.in b/openssh-7.2p2/Makefile.in PATHSUBS = \ -e 's|/etc/ssh/ssh_config|$(sysconfdir)/ssh_config|g' \ -e 's|/etc/ssh/ssh_known_hosts|$(sysconfdir)/ssh_known_hosts|g' \ -@@ -184,16 +188,19 @@ ssh-keysign$(EXEEXT): $(LIBCOMPAT) libss +@@ -189,16 +194,19 @@ ssh-keysign$(EXEEXT): $(LIBCOMPAT) libss $(LD) -o $@ ssh-keysign.o readconf.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS) ssh-pkcs11-helper$(EXEEXT): $(LIBCOMPAT) libssh.a ssh-pkcs11-helper.o ssh-pkcs11.o @@ -205,9 +204,9 @@ diff --git a/openssh-7.2p2/Makefile.in b/openssh-7.2p2/Makefile.in sftp$(EXEEXT): $(LIBCOMPAT) libssh.a sftp.o sftp-client.o sftp-common.o sftp-glob.o progressmeter.o $(LD) -o $@ progressmeter.o sftp.o sftp-client.o sftp-common.o sftp-glob.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS) $(LIBEDIT) - # test driver for the loginrec code - not built by default - logintest: logintest.o $(LIBCOMPAT) libssh.a loginrec.o -@@ -308,32 +315,40 @@ install-files: + # FIPS tests + cavstest-ctr$(EXEEXT): $(LIBCOMPAT) libssh.a cavstest-ctr.o +@@ -320,16 +328,20 @@ install-files: $(INSTALL) -m 0755 $(STRIP_OPT) scp$(EXEEXT) $(DESTDIR)$(bindir)/scp$(EXEEXT) $(INSTALL) -m 0755 $(STRIP_OPT) ssh-add$(EXEEXT) $(DESTDIR)$(bindir)/ssh-add$(EXEEXT) $(INSTALL) -m 0755 $(STRIP_OPT) ssh-agent$(EXEEXT) $(DESTDIR)$(bindir)/ssh-agent$(EXEEXT) @@ -222,12 +221,13 @@ diff --git a/openssh-7.2p2/Makefile.in b/openssh-7.2p2/Makefile.in + fi $(INSTALL) -m 0755 $(STRIP_OPT) sftp$(EXEEXT) $(DESTDIR)$(bindir)/sftp$(EXEEXT) $(INSTALL) -m 0755 $(STRIP_OPT) sftp-server$(EXEEXT) $(DESTDIR)$(SFTP_SERVER)$(EXEEXT) + $(INSTALL) -m 0755 $(STRIP_OPT) cavstest-ctr$(EXEEXT) $(DESTDIR)$(libexecdir)/cavstest-ctr$(EXEEXT) + $(INSTALL) -m 0755 $(STRIP_OPT) cavstest-kdf$(EXEEXT) $(DESTDIR)$(libexecdir)/cavstest-kdf$(EXEEXT) $(INSTALL) -m 644 ssh.1.out $(DESTDIR)$(mandir)/$(mansubdir)1/ssh.1 $(INSTALL) -m 644 scp.1.out $(DESTDIR)$(mandir)/$(mansubdir)1/scp.1 $(INSTALL) -m 644 ssh-add.1.out $(DESTDIR)$(mandir)/$(mansubdir)1/ssh-add.1 $(INSTALL) -m 644 ssh-agent.1.out $(DESTDIR)$(mandir)/$(mansubdir)1/ssh-agent.1 - $(INSTALL) -m 644 ssh-keygen.1.out $(DESTDIR)$(mandir)/$(mansubdir)1/ssh-keygen.1 - $(INSTALL) -m 644 ssh-keyscan.1.out $(DESTDIR)$(mandir)/$(mansubdir)1/ssh-keyscan.1 +@@ -338,16 +350,20 @@ install-files: $(INSTALL) -m 644 moduli.5.out $(DESTDIR)$(mandir)/$(mansubdir)5/moduli.5 $(INSTALL) -m 644 sshd_config.5.out $(DESTDIR)$(mandir)/$(mansubdir)5/sshd_config.5 $(INSTALL) -m 644 ssh_config.5.out $(DESTDIR)$(mandir)/$(mansubdir)5/ssh_config.5 @@ -248,7 +248,7 @@ diff --git a/openssh-7.2p2/Makefile.in b/openssh-7.2p2/Makefile.in @if [ ! -f $(DESTDIR)$(sysconfdir)/ssh_config ]; then \ $(INSTALL) -m 644 ssh_config.out $(DESTDIR)$(sysconfdir)/ssh_config; \ else \ -@@ -349,16 +364,23 @@ install-sysconf: +@@ -363,16 +379,23 @@ install-sysconf: echo "moving $(DESTDIR)$(sysconfdir)/primes to $(DESTDIR)$(sysconfdir)/moduli"; \ mv "$(DESTDIR)$(sysconfdir)/primes" "$(DESTDIR)$(sysconfdir)/moduli"; \ else \ @@ -272,7 +272,7 @@ diff --git a/openssh-7.2p2/Makefile.in b/openssh-7.2p2/Makefile.in host-key-force: ssh-keygen$(EXEEXT) ssh$(EXEEXT) if ./ssh -Q protocol-version | grep '^1$$' >/dev/null; then \ -@@ -389,27 +411,30 @@ uninstall: +@@ -403,27 +426,30 @@ uninstall: -rm -f $(DESTDIR)$(bindir)/ssh-agent$(EXEEXT) -rm -f $(DESTDIR)$(bindir)/ssh-keygen$(EXEEXT) -rm -f $(DESTDIR)$(bindir)/ssh-keyscan$(EXEEXT) @@ -306,7 +306,7 @@ diff --git a/openssh-7.2p2/Makefile.in b/openssh-7.2p2/Makefile.in diff --git a/openssh-7.2p2/configure.ac b/openssh-7.2p2/configure.ac --- a/openssh-7.2p2/configure.ac +++ b/openssh-7.2p2/configure.ac -@@ -1620,16 +1620,116 @@ AC_ARG_WITH([audit], +@@ -1644,16 +1644,116 @@ AC_ARG_WITH([audit], AC_MSG_RESULT([no]) ;; *) diff --git a/openssh-7.2p2-limit_password_length.patch b/openssh-7.2p2-limit_password_length.patch index c600b4a..b7e00ee 100644 --- a/openssh-7.2p2-limit_password_length.patch +++ b/openssh-7.2p2-limit_password_length.patch @@ -1,5 +1,5 @@ # HG changeset patch -# Parent e351203d2784230a3b56b8e3dd6955403ed10ca4 +# Parent 9888bc3f536eab9f528d9c96e5e8a2501ed168f5 Limit accepted passwords length to prevent DoS by resource consumption (via crypt() eating CPU cycles). diff --git a/openssh-7.2p2-login_options.patch b/openssh-7.2p2-login_options.patch index 23abf8c..cb4d1f1 100644 --- a/openssh-7.2p2-login_options.patch +++ b/openssh-7.2p2-login_options.patch @@ -1,5 +1,5 @@ # HG changeset patch -# Parent 295ae9c5f5da12d273f3b91e90145b449984a7dc +# Parent b86c2190c93aeaf958c22fc7b224dcaf87100288 # HG changeset patch # Parent b262fd34c8ecd55e93d457b3ca5593abce716856 # login-pam cannot handle the option terminator "--" as login from util-linux diff --git a/openssh-7.2p2-no_fork-no_pid_file.patch b/openssh-7.2p2-no_fork-no_pid_file.patch index 8ae51d6..4c331a9 100644 --- a/openssh-7.2p2-no_fork-no_pid_file.patch +++ b/openssh-7.2p2-no_fork-no_pid_file.patch @@ -1,5 +1,5 @@ # HG changeset patch -# Parent 7ce81a30bb196401c63782b646d8a6d511ddec4b +# Parent 4011d0f5c00b663976c9940dc4ef79642605cf90 Do not write a PID file when not daemonizing (e.g. when running from systemd) diff --git a/openssh-7.2p2/sshd.c b/openssh-7.2p2/sshd.c diff --git a/openssh-7.2p2-prevent_private_key_leakage.patch b/openssh-7.2p2-prevent_private_key_leakage.patch new file mode 100644 index 0000000..e3e035b --- /dev/null +++ b/openssh-7.2p2-prevent_private_key_leakage.patch @@ -0,0 +1,188 @@ +# HG changeset patch +# Parent e2a8c999f737bca97bbc330ce6683de842ba195e +Pre-allocare buffer for private keys data to prevent leaking of sensitive data +via heap. + +CVE-2016-10011 +bsc#1016369 + +backported upstream commit 54d022026aae4f53fa74cc636e4a032d9689b64d +backported upstream commit a9c746088787549bb5b1ae3add7d06a1b6d93d5e + +diff --git a/openssh-7.2p2/authfile.c b/openssh-7.2p2/authfile.c +--- a/openssh-7.2p2/authfile.c ++++ b/openssh-7.2p2/authfile.c +@@ -95,23 +95,35 @@ sshkey_save_private(struct sshkey *key, + + /* Load a key from a fd into a buffer */ + int + sshkey_load_file(int fd, struct sshbuf *blob) + { + u_char buf[1024]; + size_t len; + struct stat st; +- int r; ++ int r, dontmax = 0; + + if (fstat(fd, &st) < 0) + return SSH_ERR_SYSTEM_ERROR; + if ((st.st_mode & (S_IFSOCK|S_IFCHR|S_IFIFO)) == 0 && + st.st_size > MAX_KEY_FILE_SIZE) + return SSH_ERR_INVALID_FORMAT; ++ /* ++ * Pre-allocate the buffer used for the key contents and clamp its ++ * maximum size. This ensures that key contents are never leaked via ++ * implicit realloc() in the sshbuf code. ++ */ ++ if ((st.st_mode & S_IFREG) == 0 || st.st_size <= 0) { ++ st.st_size = 64*1024; /* 64k should be enough for anyone :) */ ++ dontmax = 1; ++ } ++ if ((r = sshbuf_allocate(blob, st.st_size)) != 0 || ++ (dontmax && (r = sshbuf_set_max_size(blob, st.st_size)) != 0)) ++ return r; + for (;;) { + if ((len = atomicio(read, fd, buf, sizeof(buf))) == 0) { + if (errno == EPIPE) + break; + r = SSH_ERR_SYSTEM_ERROR; + goto out; + } + if ((r = sshbuf_put(blob, buf, len)) != 0) +diff --git a/openssh-7.2p2/sshbuf.c b/openssh-7.2p2/sshbuf.c +--- a/openssh-7.2p2/sshbuf.c ++++ b/openssh-7.2p2/sshbuf.c +@@ -311,63 +311,73 @@ sshbuf_check_reserve(const struct sshbuf + SSHBUF_TELL("check"); + /* Check that len is reasonable and that max_size + available < len */ + if (len > buf->max_size || buf->max_size - len < buf->size - buf->off) + return SSH_ERR_NO_BUFFER_SPACE; + return 0; + } + + int +-sshbuf_reserve(struct sshbuf *buf, size_t len, u_char **dpp) ++sshbuf_allocate(struct sshbuf *buf, size_t len) + { + size_t rlen, need; + u_char *dp; + int r; + +- if (dpp != NULL) +- *dpp = NULL; +- +- SSHBUF_DBG(("reserve buf = %p len = %zu", buf, len)); ++ SSHBUF_DBG(("allocate buf = %p len = %zu", buf, len)); + if ((r = sshbuf_check_reserve(buf, len)) != 0) + return r; + /* + * If the requested allocation appended would push us past max_size + * then pack the buffer, zeroing buf->off. + */ + sshbuf_maybe_pack(buf, buf->size + len > buf->max_size); +- SSHBUF_TELL("reserve"); +- if (len + buf->size > buf->alloc) { +- /* +- * Prefer to alloc in SSHBUF_SIZE_INC units, but +- * allocate less if doing so would overflow max_size. +- */ +- need = len + buf->size - buf->alloc; +- rlen = roundup(buf->alloc + need, SSHBUF_SIZE_INC); +- SSHBUF_DBG(("need %zu initial rlen %zu", need, rlen)); +- if (rlen > buf->max_size) +- rlen = buf->alloc + need; +- SSHBUF_DBG(("adjusted rlen %zu", rlen)); +- if ((dp = realloc(buf->d, rlen)) == NULL) { +- SSHBUF_DBG(("realloc fail")); +- if (dpp != NULL) +- *dpp = NULL; +- return SSH_ERR_ALLOC_FAIL; +- } +- buf->alloc = rlen; +- buf->cd = buf->d = dp; +- if ((r = sshbuf_check_reserve(buf, len)) < 0) { +- /* shouldn't fail */ +- if (dpp != NULL) +- *dpp = NULL; +- return r; +- } ++ SSHBUF_TELL("allocate"); ++ if (len + buf->size <= buf->alloc) ++ return 0; /* already have it. */ ++ ++ /* ++ * Prefer to alloc in SSHBUF_SIZE_INC units, but ++ * allocate less if doing so would overflow max_size. ++ */ ++ need = len + buf->size - buf->alloc; ++ rlen = roundup(buf->alloc + need, SSHBUF_SIZE_INC); ++ SSHBUF_DBG(("need %zu initial rlen %zu", need, rlen)); ++ if (rlen > buf->max_size) ++ rlen = buf->alloc + need; ++ SSHBUF_DBG(("adjusted rlen %zu", rlen)); ++ if ((dp = realloc(buf->d, rlen)) == NULL) { ++ SSHBUF_DBG(("realloc fail")); ++ return SSH_ERR_ALLOC_FAIL; + } ++ buf->alloc = rlen; ++ buf->cd = buf->d = dp; ++ if ((r = sshbuf_check_reserve(buf, len)) < 0) { ++ /* shouldn't fail */ ++ return r; ++ } ++ SSHBUF_TELL("done"); ++ return 0; ++} ++ ++int ++sshbuf_reserve(struct sshbuf *buf, size_t len, u_char **dpp) ++{ ++ u_char *dp; ++ int r; ++ ++ if (dpp != NULL) ++ *dpp = NULL; ++ ++ SSHBUF_DBG(("reserve buf = %p len = %zu", buf, len)); ++ if ((r = sshbuf_allocate(buf, len)) != 0) ++ return r; ++ + dp = buf->d + buf->size; + buf->size += len; +- SSHBUF_TELL("done"); + if (dpp != NULL) + *dpp = dp; + return 0; + } + + int + sshbuf_consume(struct sshbuf *buf, size_t len) + { +diff --git a/openssh-7.2p2/sshbuf.h b/openssh-7.2p2/sshbuf.h +--- a/openssh-7.2p2/sshbuf.h ++++ b/openssh-7.2p2/sshbuf.h +@@ -134,16 +134,24 @@ u_char *sshbuf_mutable_ptr(const struct + * Check whether a reservation of size len will succeed in buf + * Safer to use than direct comparisons again sshbuf_avail as it copes + * with unsigned overflows correctly. + * Returns 0 on success, or a negative SSH_ERR_* error code on failure. + */ + int sshbuf_check_reserve(const struct sshbuf *buf, size_t len); + + /* ++ * Preallocates len additional bytes in buf. ++ * Useful for cases where the caller knows how many bytes will ultimately be ++ * required to avoid realloc in the buffer code. ++ * Returns 0 on success, or a negative SSH_ERR_* error code on failure. ++ */ ++int sshbuf_allocate(struct sshbuf *buf, size_t len); ++ ++/* + * Reserve len bytes in buf. + * Returns 0 on success and a pointer to the first reserved byte via the + * optional dpp parameter or a negative * SSH_ERR_* error code on failure. + */ + int sshbuf_reserve(struct sshbuf *buf, size_t len, u_char **dpp); + + /* + * Consume len bytes from the start of buf diff --git a/openssh-7.2p2-prevent_timing_user_enumeration.patch b/openssh-7.2p2-prevent_timing_user_enumeration.patch index 857749f..c16e3c2 100644 --- a/openssh-7.2p2-prevent_timing_user_enumeration.patch +++ b/openssh-7.2p2-prevent_timing_user_enumeration.patch @@ -1,5 +1,5 @@ # HG changeset patch -# Parent 323ac0fc20b1d5e9bf7037e020adfd760dd2d5f2 +# Parent 4a254abf4ef391358257310ad2fe15c9e12dee34 Prevent user enumeration through password processing timing CVE-2016-6210 bsc#989363 diff --git a/openssh-7.2p2-restrict_pkcs11-modules.patch b/openssh-7.2p2-restrict_pkcs11-modules.patch new file mode 100644 index 0000000..0b4204c --- /dev/null +++ b/openssh-7.2p2-restrict_pkcs11-modules.patch @@ -0,0 +1,297 @@ +# HG changeset patch +# Parent 22de9aeddbde2b36da9c23475cfa5dcd42e95287 +whitelist paths for loading of PKCS#11 modules in ssh-agent + +CVE-2016-10009 +bsc#1016366 + +upstream commit 786d5994da79151180cb14a6cf157ebbba61c0cc + +diff --git a/openssh-7.2p2/ssh-agent.1 b/openssh-7.2p2/ssh-agent.1 +--- a/openssh-7.2p2/ssh-agent.1 ++++ b/openssh-7.2p2/ssh-agent.1 +@@ -1,9 +1,9 @@ +-.\" $OpenBSD: ssh-agent.1,v 1.62 2015/11/15 23:54:15 jmc Exp $ ++.\" $OpenBSD: ssh-agent.1,v 1.63 2016/11/30 03:07:37 djm Exp $ + .\" + .\" Author: Tatu Ylonen + .\" Copyright (c) 1995 Tatu Ylonen , Espoo, Finland + .\" All rights reserved + .\" + .\" As far as I am concerned, the code I have written for this software + .\" can be used freely for any purpose. Any derived versions of this + .\" software must be clearly marked as such, and if the derived work is +@@ -29,29 +29,30 @@ + .\" IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, + .\" INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + .\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, + .\" DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY + .\" THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT + .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF + .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + .\" +-.Dd $Mdocdate: November 15 2015 $ ++.Dd $Mdocdate: November 30 2016 $ + .Dt SSH-AGENT 1 + .Os + .Sh NAME + .Nm ssh-agent + .Nd authentication agent + .Sh SYNOPSIS + .Nm ssh-agent + .Op Fl c | s + .Op Fl \&Dd + .Op Fl a Ar bind_address + .Op Fl E Ar fingerprint_hash + .Op Fl t Ar life ++.Op Fl P Ar pkcs11_whitelist + .Op Ar command Op Ar arg ... + .Nm ssh-agent + .Op Fl c | s + .Fl k + .Sh DESCRIPTION + .Nm + is a program to hold private keys used for public key authentication + (RSA, DSA, ECDSA, Ed25519). +@@ -116,16 +117,28 @@ Valid options are: + and + .Dq sha256 . + The default is + .Dq sha256 . + .It Fl k + Kill the current agent (given by the + .Ev SSH_AGENT_PID + environment variable). ++.It Fl P ++Specify a pattern-list of acceptable paths for PKCS#11 shared libraries ++that may be added using the ++.Fl s ++option to ++.Xr ssh-add 1 . ++The default is to allow loading PKCS#11 libraries from ++.Dq /usr/lib/*,/usr/local/lib/* . ++PKCS#11 libraries that do not match the whitelist will be refused. ++See PATTERNS in ++.Xr ssh_config 5 ++for a description of pattern-list syntax. + .It Fl s + Generate Bourne shell commands on + .Dv stdout . + This is the default if + .Ev SHELL + does not look like it's a csh style of shell. + .It Fl t Ar life + Set a default value for the maximum lifetime of identities added to the agent. +diff --git a/openssh-7.2p2/ssh-agent.c b/openssh-7.2p2/ssh-agent.c +--- a/openssh-7.2p2/ssh-agent.c ++++ b/openssh-7.2p2/ssh-agent.c +@@ -78,25 +78,30 @@ + #include "sshbuf.h" + #include "sshkey.h" + #include "authfd.h" + #include "compat.h" + #include "log.h" + #include "misc.h" + #include "digest.h" + #include "ssherr.h" ++#include "match.h" + + #ifdef ENABLE_PKCS11 + #include "ssh-pkcs11.h" + #endif + + #if defined(HAVE_SYS_PRCTL_H) + #include /* For prctl() and PR_SET_DUMPABLE */ + #endif + ++#ifndef DEFAULT_PKCS11_WHITELIST ++# define DEFAULT_PKCS11_WHITELIST "/usr/lib/*,/usr/local/lib/*" ++#endif ++ + typedef enum { + AUTH_UNUSED, + AUTH_SOCKET, + AUTH_CONNECTION + } sock_type; + + typedef struct { + int fd; +@@ -134,16 +139,19 @@ time_t parent_alive_interval = 0; + + /* pid of process for which cleanup_socket is applicable */ + pid_t cleanup_pid = 0; + + /* pathname and directory for AUTH_SOCKET */ + char socket_name[PATH_MAX]; + char socket_dir[PATH_MAX]; + ++/* PKCS#11 path whitelist */ ++static char *pkcs11_whitelist; ++ + /* locking */ + #define LOCK_SIZE 32 + #define LOCK_SALT_SIZE 16 + #define LOCK_ROUNDS 1 + int locked = 0; + char lock_passwd[LOCK_SIZE]; + char lock_salt[LOCK_SALT_SIZE]; + +@@ -736,17 +744,17 @@ no_identities(SocketEntry *e, u_int type + fatal("%s: buffer error: %s", __func__, ssh_err(r)); + sshbuf_free(msg); + } + + #ifdef ENABLE_PKCS11 + static void + process_add_smartcard_key(SocketEntry *e) + { +- char *provider = NULL, *pin; ++ char *provider = NULL, *pin, canonical_provider[PATH_MAX]; + int r, i, version, count = 0, success = 0, confirm = 0; + u_int seconds; + time_t death = 0; + u_char type; + struct sshkey **keys = NULL, *k; + Identity *id; + Idtab *tab; + +@@ -768,29 +776,40 @@ process_add_smartcard_key(SocketEntry *e + confirm = 1; + break; + default: + error("process_add_smartcard_key: " + "Unknown constraint type %d", type); + goto send; + } + } ++ if (realpath(provider, canonical_provider) == NULL) { ++ verbose("failed PKCS#11 add of \"%.100s\": realpath: %s", ++ provider, strerror(errno)); ++ goto send; ++ } ++ if (match_pattern_list(canonical_provider, pkcs11_whitelist, 0) != 1) { ++ verbose("refusing PKCS#11 add of \"%.100s\": " ++ "provider not whitelisted", canonical_provider); ++ goto send; ++ } ++ debug("%s: add %.100s", __func__, canonical_provider); + if (lifetime && !death) + death = monotime() + lifetime; + +- count = pkcs11_add_provider(provider, pin, &keys); ++ count = pkcs11_add_provider(canonical_provider, pin, &keys); + for (i = 0; i < count; i++) { + k = keys[i]; + version = k->type == KEY_RSA1 ? 1 : 2; + tab = idtab_lookup(version); + if (lookup_identity(k, version) == NULL) { + id = xcalloc(1, sizeof(Identity)); + id->key = k; +- id->provider = xstrdup(provider); +- id->comment = xstrdup(provider); /* XXX */ ++ id->provider = xstrdup(canonical_provider); ++ id->comment = xstrdup(canonical_provider); /* XXX */ + id->death = death; + id->confirm = confirm; + TAILQ_INSERT_TAIL(&tab->idlist, id, next); + tab->nentries++; + success = 1; + } else { + sshkey_free(k); + } +@@ -1171,17 +1190,17 @@ check_parent_exists(void) + } + } + + static void + usage(void) + { + fprintf(stderr, + "usage: ssh-agent [-c | -s] [-Dd] [-a bind_address] [-E fingerprint_hash]\n" +- " [-t life] [command [arg ...]]\n" ++ " [-P pkcs11_whitelist] [-t life] [command [arg ...]]\n" + " ssh-agent [-c | -s] -k\n"); + exit(1); + } + + int + main(int ac, char **av) + { + int c_flag = 0, d_flag = 0, D_flag = 0, k_flag = 0, s_flag = 0; +@@ -1215,31 +1234,36 @@ main(int ac, char **av) + + #ifdef WITH_OPENSSL + OpenSSL_add_all_algorithms(); + #endif + + __progname = ssh_get_progname(av[0]); + seed_rng(); + +- while ((ch = getopt(ac, av, "cDdksE:a:t:")) != -1) { ++ while ((ch = getopt(ac, av, "cDdksE:a:P:t:")) != -1) { + switch (ch) { + case 'E': + fingerprint_hash = ssh_digest_alg_by_name(optarg); + if (fingerprint_hash == -1) + fatal("Invalid hash algorithm \"%s\"", optarg); + break; + case 'c': + if (s_flag) + usage(); + c_flag++; + break; + case 'k': + k_flag++; + break; ++ case 'P': ++ if (pkcs11_whitelist != NULL) ++ fatal("-P option already specified"); ++ pkcs11_whitelist = xstrdup(optarg); ++ break; + case 's': + if (c_flag) + usage(); + s_flag++; + break; + case 'd': + if (d_flag || D_flag) + usage(); +@@ -1264,16 +1288,19 @@ main(int ac, char **av) + } + } + ac -= optind; + av += optind; + + if (ac > 0 && (c_flag || k_flag || s_flag || d_flag || D_flag)) + usage(); + ++ if (pkcs11_whitelist == NULL) ++ pkcs11_whitelist = xstrdup(DEFAULT_PKCS11_WHITELIST); ++ + if (ac == 0 && !c_flag && !s_flag) { + shell = getenv("SHELL"); + if (shell != NULL && (len = strlen(shell)) > 2 && + strncmp(shell + len - 3, "csh", 3) == 0) + c_flag = 1; + } + if (k_flag) { + const char *errstr = NULL; +@@ -1411,17 +1438,17 @@ skip: + parent_alive_interval = 10; + idtab_init(); + signal(SIGPIPE, SIG_IGN); + signal(SIGINT, (d_flag | D_flag) ? cleanup_handler : SIG_IGN); + signal(SIGHUP, cleanup_handler); + signal(SIGTERM, cleanup_handler); + nalloc = 0; + +- if (pledge("stdio cpath unix id proc exec", NULL) == -1) ++ if (pledge("stdio rpath cpath unix id proc exec", NULL) == -1) + fatal("%s: pledge: %s", __progname, strerror(errno)); + platform_pledge_agent(); + + while (1) { + prepare_select(&readsetp, &writesetp, &max_fd, &nalloc, &tvp); + result = select(max_fd + 1, readsetp, writesetp, NULL, tvp); + saved_errno = errno; + if (parent_alive_interval != 0) diff --git a/openssh-7.2p2-s390_OpenSSL-ibmpkcs11_syscalls.patch b/openssh-7.2p2-s390_OpenSSL-ibmpkcs11_syscalls.patch new file mode 100644 index 0000000..6a6fdc3 --- /dev/null +++ b/openssh-7.2p2-s390_OpenSSL-ibmpkcs11_syscalls.patch @@ -0,0 +1,82 @@ +# HG changeset patch +# Parent bb92b9f037cc3686a669cd84caa44a2716f34058 +Date: Tue, 9 May 2017 14:27:34 -0300 + +[PATCH 0/3] Allow syscalls for openssl engines +From: Eduardo Barretto +To: openssh-unix-dev@mindrot.org +In order to use the OpenSSL-ibmpkcs11 engine it is needed to allow flock +and ipc calls, because this engine calls OpenCryptoki (a PKCS#11 +implementation) which calls the libraries that will communicate with the +crypto cards. OpenCryptoki makes use of flock and ipc and, as of now, +this is only need on s390 architecture. + +The EP11 crypto card also needs to make an ioctl call, which receives an +specific argument. + +Signed-off-by: Eduardo Barretto + +related to bsc#1016709 + +diff --git a/openssh-7.2p2/sandbox-seccomp-filter.c b/openssh-7.2p2/sandbox-seccomp-filter.c +--- a/openssh-7.2p2/sandbox-seccomp-filter.c ++++ b/openssh-7.2p2/sandbox-seccomp-filter.c +@@ -150,16 +150,19 @@ static const struct sock_filter preauth_ + SC_ALLOW(stat), + #endif + #ifdef __NR_exit + SC_ALLOW(exit), + #endif + #ifdef __NR_exit_group + SC_ALLOW(exit_group), + #endif ++#if defined(__NR_flock) && defined(__s390__) ++ SC_ALLOW(flock), ++#endif + #ifdef __NR_getpgid + SC_ALLOW(getpgid), + #endif + #ifdef __NR_getpid + SC_ALLOW(getpid), + #endif + #ifdef __NR_getuid + SC_ALLOW(getuid), +@@ -180,16 +183,19 @@ static const struct sock_filter preauth_ + SC_ALLOW(gettimeofday), + #endif + #ifdef SSH_AUDIT_EVENTS + SC_ALLOW(getuid), + #ifdef __NR_getuid32 /* not defined on x86_64 */ + SC_ALLOW(getuid32), + #endif + #endif ++#if defined(__NR_ipc) && defined(__s390__) ++ SC_ALLOW(ipc), ++#endif + #ifdef __NR_madvise + SC_ALLOW(madvise), + #endif + #ifdef __NR_mmap + SC_ALLOW(mmap), + #endif + #ifdef __NR_mmap2 + SC_ALLOW(mmap2), +@@ -233,16 +239,18 @@ static const struct sock_filter preauth_ + #ifdef __NR_socketcall + SC_ALLOW_ARG(socketcall, 0, SYS_SHUTDOWN), + #endif + #ifdef __NR_ioctl + #ifdef __s390__ + SC_ALLOW_ARG(ioctl, 1, Z90STAT_STATUS_MASK), + SC_ALLOW_ARG(ioctl, 1, ICARSAMODEXPO), + SC_ALLOW_ARG(ioctl, 1, ICARSACRT), ++ /* Allow ioctls for EP11 crypto card on s390 */ ++ SC_ALLOW_ARG(ioctl, 1, ZSENDEP11CPRB), + #endif + #endif + + /* Default deny */ + BPF_STMT(BPF_RET+BPF_K, SECCOMP_FILTER_FAIL), + }; + + static const struct sock_fprog preauth_program = { diff --git a/openssh-7.2p2-s390_hw_crypto_syscalls.patch b/openssh-7.2p2-s390_hw_crypto_syscalls.patch new file mode 100644 index 0000000..9bd1dcb --- /dev/null +++ b/openssh-7.2p2-s390_hw_crypto_syscalls.patch @@ -0,0 +1,100 @@ +# HG changeset patch +# Parent 6d8637bec747de081eccba9874f640dcbc4fbb68 +This patch enables specific ioctl calls for ICA crypto card on s390 +platform. Without this patch, users using the IBMCA engine are not able +to perform ssh login as the filter blocks the communication with the +crypto card. + +Signed-off-by: Harald Freudenberger +Signed-off-by: Eduardo Barretto + +bsc#1016709 + +Upstreamed as: +5f1596e11d55539678c41f68aed358628d33d86f +58b8cfa2a062b72139d7229ae8de567f55776f24 + +diff --git a/openssh-7.2p2/sandbox-seccomp-filter.c b/openssh-7.2p2/sandbox-seccomp-filter.c +--- a/openssh-7.2p2/sandbox-seccomp-filter.c ++++ b/openssh-7.2p2/sandbox-seccomp-filter.c +@@ -54,42 +54,53 @@ + #include + #include + #include + #include /* for offsetof */ + #include + #include + #include + #include ++#include ++ ++#ifdef __s390__ ++#include ++#endif + + #include "log.h" + #include "ssh-sandbox.h" + #include "xmalloc.h" + + /* Linux seccomp_filter sandbox */ + #define SECCOMP_FILTER_FAIL SECCOMP_RET_KILL + + /* Use a signal handler to emit violations when debugging */ + #ifdef SANDBOX_SECCOMP_FILTER_DEBUG + # undef SECCOMP_FILTER_FAIL + # define SECCOMP_FILTER_FAIL SECCOMP_RET_TRAP + #endif /* SANDBOX_SECCOMP_FILTER_DEBUG */ + + /* Simple helpers to avoid manual errors (but larger BPF programs). */ ++#if __BYTE_ORDER == __LITTLE_ENDIAN ++#define LO_ARG(idx) offsetof(struct seccomp_data, args[(idx)]) ++#elif __BYTE_ORDER == __BIG_ENDIAN ++#define LO_ARG(idx) offsetof(struct seccomp_data, args[(idx)]) + sizeof(uint32_t) ++#else ++#error "Unknown endianness" ++#endif + #define SC_DENY(_nr, _errno) \ + BPF_JUMP(BPF_JMP+BPF_JEQ+BPF_K, __NR_ ## _nr, 0, 1), \ + BPF_STMT(BPF_RET+BPF_K, SECCOMP_RET_ERRNO|(_errno)) + #define SC_ALLOW(_nr) \ + BPF_JUMP(BPF_JMP+BPF_JEQ+BPF_K, __NR_ ## _nr, 0, 1), \ + BPF_STMT(BPF_RET+BPF_K, SECCOMP_RET_ALLOW) + #define SC_ALLOW_ARG(_nr, _arg_nr, _arg_val) \ + BPF_JUMP(BPF_JMP+BPF_JEQ+BPF_K, __NR_ ## _nr, 0, 4), \ +- /* load first syscall argument */ \ +- BPF_STMT(BPF_LD+BPF_W+BPF_ABS, \ +- offsetof(struct seccomp_data, args[(_arg_nr)])), \ ++ /* load the syscall argument to check into accumulator */ \ ++ BPF_STMT(BPF_LD+BPF_W+BPF_ABS, LO_ARG(_arg_nr)), \ + BPF_JUMP(BPF_JMP+BPF_JEQ+BPF_K, (_arg_val), 0, 1), \ + BPF_STMT(BPF_RET+BPF_K, SECCOMP_RET_ALLOW), \ + /* reload syscall number; all rules expect it in accumulator */ \ + BPF_STMT(BPF_LD+BPF_W+BPF_ABS, \ + offsetof(struct seccomp_data, nr)) + + /* Syscall filtering set for preauth. */ + static const struct sock_filter preauth_insns[] = { +@@ -217,16 +228,23 @@ static const struct sock_filter preauth_ + SC_ALLOW(time), + #endif + #ifdef __NR_write + SC_ALLOW(write), + #endif + #ifdef __NR_socketcall + SC_ALLOW_ARG(socketcall, 0, SYS_SHUTDOWN), + #endif ++#ifdef __NR_ioctl ++#ifdef __s390__ ++ SC_ALLOW_ARG(ioctl, 1, Z90STAT_STATUS_MASK), ++ SC_ALLOW_ARG(ioctl, 1, ICARSAMODEXPO), ++ SC_ALLOW_ARG(ioctl, 1, ICARSACRT), ++#endif ++#endif + + /* Default deny */ + BPF_STMT(BPF_RET+BPF_K, SECCOMP_FILTER_FAIL), + }; + + static const struct sock_fprog preauth_program = { + .len = (unsigned short)(sizeof(preauth_insns)/sizeof(preauth_insns[0])), + .filter = (struct sock_filter *)preauth_insns, diff --git a/openssh-7.2p2-seccomp_geteuid.patch b/openssh-7.2p2-seccomp_geteuid.patch new file mode 100644 index 0000000..d6a9ae6 --- /dev/null +++ b/openssh-7.2p2-seccomp_geteuid.patch @@ -0,0 +1,34 @@ +# HG changeset patch +# Parent b07f00d5d805c043f5bdc7b8cf6701d924879fa6 +Add the 'geteuid' syscall to allowed list, since it may becalled on the +mainframes when OpenSSL is using hardware crypto accelerator via libica +(via ibmica) + +bsc#1004258 + +diff --git a/openssh-7.2p2/sandbox-seccomp-filter.c b/openssh-7.2p2/sandbox-seccomp-filter.c +--- a/openssh-7.2p2/sandbox-seccomp-filter.c ++++ b/openssh-7.2p2/sandbox-seccomp-filter.c +@@ -148,16 +148,22 @@ static const struct sock_filter preauth_ + SC_ALLOW(getpid), + #endif + #ifdef __NR_getuid + SC_ALLOW(getuid), + #endif + #ifdef __NR_getuid32 + SC_ALLOW(getuid32), + #endif ++#ifdef __NR_geteuid ++ SC_ALLOW(geteuid), ++#endif ++#ifdef __NR_geteuid32 ++ SC_ALLOW(geteuid32), ++#endif + #ifdef __NR_getrandom + SC_ALLOW(getrandom), + #endif + #ifdef __NR_gettimeofday + SC_ALLOW(gettimeofday), + #endif + #ifdef __NR_madvise + SC_ALLOW(madvise), diff --git a/openssh-7.2p2-seccomp_getuid.patch b/openssh-7.2p2-seccomp_getuid.patch index 05acb22..a5c51c4 100644 --- a/openssh-7.2p2-seccomp_getuid.patch +++ b/openssh-7.2p2-seccomp_getuid.patch @@ -1,5 +1,5 @@ # HG changeset patch -# Parent c66097e5e31cd607bf2206b2da95730cce518b7a +# Parent d75417bf0f4d50cabd84299773bab4ac68f68caa add 'getuid' syscall to list of allowed ones to prevent the sanboxed thread from being killed by the seccomp filter diff --git a/openssh-7.2p2-seccomp_stat.patch b/openssh-7.2p2-seccomp_stat.patch index 2926ff2..a50add4 100644 --- a/openssh-7.2p2-seccomp_stat.patch +++ b/openssh-7.2p2-seccomp_stat.patch @@ -1,5 +1,5 @@ # HG changeset patch -# Parent def949a57b8101691c79ecce6366cc7ae1685b07 +# Parent 2153c4af090728c778931d2fad72d4b260294122 Allow the stat() syscall for OpenSSL re-seed patch (which causes OpenSSL use stat() on some file) diff --git a/openssh-7.2p2-secure_unix_sockets_forwarding.patch b/openssh-7.2p2-secure_unix_sockets_forwarding.patch new file mode 100644 index 0000000..ea7dad2 --- /dev/null +++ b/openssh-7.2p2-secure_unix_sockets_forwarding.patch @@ -0,0 +1,51 @@ +# HG changeset patch +# Parent 4e1fd41aaa9cafe8f7b07868ac38ed4dbdf594aa +Do not allow unix socket when running without privilege separation to prevent +privilege escalation through a socket created with root: ownership. + +CVE-2016-10010 +bsc#1016368 + +backported upstream commit b737e4d7433577403a31cff6614f6a1b0b5e22f4 + +diff --git a/openssh-7.2p2/serverloop.c b/openssh-7.2p2/serverloop.c +--- a/openssh-7.2p2/serverloop.c ++++ b/openssh-7.2p2/serverloop.c +@@ -990,17 +990,17 @@ server_request_direct_streamlocal(void) + originator_port = packet_get_int(); + packet_check_eom(); + + debug("server_request_direct_streamlocal: originator %s port %d, target %s", + originator, originator_port, target); + + /* XXX fine grained permissions */ + if ((options.allow_streamlocal_forwarding & FORWARD_LOCAL) != 0 && +- !no_port_forwarding_flag) { ++ !no_port_forwarding_flag && use_privsep) { + c = channel_connect_to_path(target, + "direct-streamlocal@openssh.com", "direct-streamlocal"); + } else { + logit("refused streamlocal port forward: " + "originator %s port %d, target %s", + originator, originator_port, target); + } + +@@ -1274,17 +1274,17 @@ server_input_global_request(int type, u_ + + memset(&fwd, 0, sizeof(fwd)); + fwd.listen_path = packet_get_string(NULL); + debug("server_input_global_request: streamlocal-forward listen path %s", + fwd.listen_path); + + /* check permissions */ + if ((options.allow_streamlocal_forwarding & FORWARD_REMOTE) == 0 +- || no_port_forwarding_flag) { ++ || no_port_forwarding_flag || !use_privsep) { + success = 0; + packet_send_debug("Server has disabled port forwarding."); + } else { + /* Start listening on the socket */ + success = channel_setup_remote_fwd_listener( + &fwd, NULL, &options.fwd_opts); + } + free(fwd.listen_path); diff --git a/openssh-7.2p2-sftp_force_permissions.patch b/openssh-7.2p2-sftp_force_permissions.patch index c419220..36aae5d 100644 --- a/openssh-7.2p2-sftp_force_permissions.patch +++ b/openssh-7.2p2-sftp_force_permissions.patch @@ -1,5 +1,5 @@ # HG changeset patch -# Parent efa850d8312ceef224dbec0f2ae1002201afabd9 +# Parent 7b45c4f3fef6836db00c5b198736cce17290c5cd additional option for sftp-server to force file mode for new files FATE#312774 http://lists.mindrot.org/pipermail/openssh-unix-dev/2010-November/029044.html diff --git a/openssh-7.2p2-sftp_homechroot.patch b/openssh-7.2p2-sftp_homechroot.patch index 8c59d75..f60ac68 100644 --- a/openssh-7.2p2-sftp_homechroot.patch +++ b/openssh-7.2p2-sftp_homechroot.patch @@ -1,5 +1,5 @@ # HG changeset patch -# Parent 9b1033f35a6cb173fbc13416065ed40c4b14e656 +# Parent fc81df6f2bf393e45e703c89976c3a0fe6e0a273 run sftp sessions inside a chroot diff --git a/openssh-7.2p2/session.c b/openssh-7.2p2/session.c diff --git a/openssh-7.2p2-ssh_case_insensitive_host_matching.patch b/openssh-7.2p2-ssh_case_insensitive_host_matching.patch new file mode 100644 index 0000000..0705af7 --- /dev/null +++ b/openssh-7.2p2-ssh_case_insensitive_host_matching.patch @@ -0,0 +1,87 @@ +# HG changeset patch +# Parent 1b99f71db584917a37c5e9140bf63dcb860e8b59 +Match hostnames in a case-insensitive manner. + +bsc#1017099 + +diff --git a/openssh-7.2p2/readconf.c b/openssh-7.2p2/readconf.c +--- a/openssh-7.2p2/readconf.c ++++ b/openssh-7.2p2/readconf.c +@@ -526,16 +526,17 @@ execute_in_shell(const char *cmd) + * Parse and execute a Match directive. + */ + static int + match_cfg_line(Options *options, char **condition, struct passwd *pw, + const char *host_arg, const char *original_host, int post_canon, + const char *filename, int linenum) + { + char *arg, *oattrib, *attrib, *cmd, *cp = *condition, *host, *criteria; ++ char *hostlc; + const char *ruser; + int r, port, this_result, result = 1, attributes = 0, negate; + char thishost[NI_MAXHOST], shorthost[NI_MAXHOST], portstr[NI_MAXSERV]; + + /* + * Configuration is likely to be incomplete at this point so we + * must be prepared to use default values. + */ +@@ -546,16 +547,20 @@ match_cfg_line(Options *options, char ** + } else if (options->hostname != NULL) { + /* NB. Please keep in sync with ssh.c:main() */ + host = percent_expand(options->hostname, + "h", host_arg, (char *)NULL); + } else { + host = xstrdup(host_arg); + } + ++ /* match_hostname() requires the hostname to be lowercase */ ++ hostlc = xstrdup(host); ++ lowercase(hostlc); ++ + debug2("checking match for '%s' host %s originally %s", + cp, host, original_host); + while ((oattrib = attrib = strdelim(&cp)) && *attrib != '\0') { + criteria = NULL; + this_result = 1; + if ((negate = attrib[0] == '!')) + attrib++; + /* criteria "all" and "canonical" have no argument */ +@@ -584,18 +589,18 @@ match_cfg_line(Options *options, char ** + } + /* All other criteria require an argument */ + if ((arg = strdelim(&cp)) == NULL || *arg == '\0') { + error("Missing Match criteria for %s", attrib); + result = -1; + goto out; + } + if (strcasecmp(attrib, "host") == 0) { +- criteria = xstrdup(host); +- r = match_hostname(host, arg) == 1; ++ criteria = xstrdup(hostlc); ++ r = match_hostname(hostlc, arg) == 1; + if (r == (negate ? 1 : 0)) + this_result = result = 0; + } else if (strcasecmp(attrib, "originalhost") == 0) { + criteria = xstrdup(original_host); + r = match_hostname(original_host, arg) == 1; + if (r == (negate ? 1 : 0)) + this_result = result = 0; + } else if (strcasecmp(attrib, "user") == 0) { +@@ -658,16 +663,17 @@ match_cfg_line(Options *options, char ** + error("One or more attributes required for Match"); + result = -1; + goto out; + } + out: + if (result != -1) + debug2("match %sfound", result ? "" : "not "); + *condition = cp; ++ free(hostlc); + free(host); + return result; + } + + /* Check and prepare a domain name: removes trailing '.' and lowercases */ + static void + valid_domain(char *name, const char *filename, int linenum) + { diff --git a/openssh-7.2p2-verify_CIDR_address_ranges.patch b/openssh-7.2p2-verify_CIDR_address_ranges.patch new file mode 100644 index 0000000..b4102cd --- /dev/null +++ b/openssh-7.2p2-verify_CIDR_address_ranges.patch @@ -0,0 +1,175 @@ +# HG changeset patch +# Parent 1b2dad1b57b086d094fe09327fcf1c490475a7cd +Check for invalid CIDR adress masks. +bsc#1005893 + +backported upstream commit: 010359b32659f455fddd2bd85fd7cc4d7a3b994a (7.4) +backported upstream commit: 1a6f9d2e2493d445cd9ee496e6e3c2a2f283f66a +backported upstream commit: fe06b68f824f8f55670442fb31f2c03526dd326c + +diff --git a/openssh-7.2p2/auth.c b/openssh-7.2p2/auth.c +--- a/openssh-7.2p2/auth.c ++++ b/openssh-7.2p2/auth.c +@@ -95,16 +95,17 @@ int auth_debug_init; + * Otherwise true is returned. + */ + int + allowed_user(struct passwd * pw) + { + struct stat st; + const char *hostname = NULL, *ipaddr = NULL, *passwd = NULL; + u_int i; ++ int r; + #ifdef USE_SHADOW + struct spwd *spw = NULL; + #endif + + /* Shouldn't be called if pw is NULL, but better safe than sorry... */ + if (!pw || !pw->pw_name) + return 0; + +@@ -183,31 +184,41 @@ allowed_user(struct passwd * pw) + if (options.num_deny_users > 0 || options.num_allow_users > 0 || + options.num_deny_groups > 0 || options.num_allow_groups > 0) { + hostname = get_canonical_hostname(options.use_dns); + ipaddr = get_remote_ipaddr(); + } + + /* Return false if user is listed in DenyUsers */ + if (options.num_deny_users > 0) { +- for (i = 0; i < options.num_deny_users; i++) +- if (match_user(pw->pw_name, hostname, ipaddr, +- options.deny_users[i])) { ++ for (i = 0; i < options.num_deny_users; i++) { ++ r = match_user(pw->pw_name, hostname, ipaddr, ++ options.deny_users[i]); ++ if (r < 0) { ++ fatal("Invalid DenyUsers pattern \"%.100s\"", ++ options.deny_users[i]); ++ } else if (r != 0) { + logit("User %.100s from %.100s not allowed " + "because listed in DenyUsers", + pw->pw_name, hostname); + return 0; + } ++ } + } + /* Return false if AllowUsers isn't empty and user isn't listed there */ + if (options.num_allow_users > 0) { +- for (i = 0; i < options.num_allow_users; i++) +- if (match_user(pw->pw_name, hostname, ipaddr, +- options.allow_users[i])) ++ for (i = 0; i < options.num_allow_users; i++) { ++ r = match_user(pw->pw_name, hostname, ipaddr, ++ options.allow_users[i]); ++ if (r < 0) { ++ fatal("Invalid AllowUsers pattern \"%.100s\"", ++ options.allow_users[i]); ++ } else if (r == 1) + break; ++ } + /* i < options.num_allow_users iff we break for loop */ + if (i >= options.num_allow_users) { + logit("User %.100s from %.100s not allowed because " + "not listed in AllowUsers", pw->pw_name, hostname); + return 0; + } + } + if (options.num_deny_groups > 0 || options.num_allow_groups > 0) { +diff --git a/openssh-7.2p2/match.c b/openssh-7.2p2/match.c +--- a/openssh-7.2p2/match.c ++++ b/openssh-7.2p2/match.c +@@ -186,41 +186,50 @@ match_hostname(const char *host, const c + * successful match. + */ + int + match_host_and_ip(const char *host, const char *ipaddr, + const char *patterns) + { + int mhost, mip; + +- /* error in ipaddr match */ + if ((mip = addr_match_list(ipaddr, patterns)) == -2) +- return -1; +- else if (mip == -1) /* negative ip address match */ +- return 0; ++ return -1; /* error in ipaddr match */ ++ else if (host == NULL || ipaddr == NULL || mip == -1) ++ return 0; /* negative ip address match, or testing pattern */ + + /* negative hostname match */ + if ((mhost = match_hostname(host, patterns)) == -1) + return 0; + /* no match at all */ + if (mhost == 0 && mip == 0) + return 0; + return 1; + } + + /* +- * match user, user@host_or_ip, user@host_or_ip_list against pattern ++ * Match user, user@host_or_ip, user@host_or_ip_list against pattern. ++ * If user, host and ipaddr are all NULL then validate pattern/ ++ * Returns -1 on invalid pattern, 0 on no match, 1 on match. + */ + int + match_user(const char *user, const char *host, const char *ipaddr, + const char *pattern) + { + char *p, *pat; + int ret; + ++ /* test mode */ ++ if (user == NULL && host == NULL && ipaddr == NULL) { ++ if ((p = strchr(pattern, '@')) != NULL && ++ match_host_and_ip(NULL, NULL, p + 1) < 0) ++ return -1; ++ return 0; ++ } ++ + if ((p = strchr(pattern,'@')) == NULL) + return match_pattern(user, pattern); + + pat = xstrdup(pattern); + p = strchr(pat, '@'); + *p++ = '\0'; + + if ((ret = match_pattern(user, pat)) == 1) +diff --git a/openssh-7.2p2/servconf.c b/openssh-7.2p2/servconf.c +--- a/openssh-7.2p2/servconf.c ++++ b/openssh-7.2p2/servconf.c +@@ -1462,28 +1462,34 @@ process_server_config_line(ServerOptions + multistate_ptr = multistate_privsep; + goto parse_multistate; + + case sAllowUsers: + while ((arg = strdelim(&cp)) && *arg != '\0') { + if (options->num_allow_users >= MAX_ALLOW_USERS) + fatal("%s line %d: too many allow users.", + filename, linenum); ++ if (match_user(NULL, NULL, NULL, arg) == -1) ++ fatal("%s line %d: invalid AllowUsers pattern: " ++ "\"%.100s\"", filename, linenum, arg); + if (!*activep) + continue; + options->allow_users[options->num_allow_users++] = + xstrdup(arg); + } + break; + + case sDenyUsers: + while ((arg = strdelim(&cp)) && *arg != '\0') { + if (options->num_deny_users >= MAX_DENY_USERS) + fatal("%s line %d: too many deny users.", + filename, linenum); ++ if (match_user(NULL, NULL, NULL, arg) == -1) ++ fatal("%s line %d: invalid DenyUsers pattern: " ++ "\"%.100s\"", filename, linenum, arg); + if (!*activep) + continue; + options->deny_users[options->num_deny_users++] = + xstrdup(arg); + } + break; + + case sAllowGroups: diff --git a/openssh-askpass-gnome.spec b/openssh-askpass-gnome.spec index f64bb63..5e8fb63 100644 --- a/openssh-askpass-gnome.spec +++ b/openssh-askpass-gnome.spec @@ -1,7 +1,7 @@ # # spec file for package openssh-askpass-gnome # -# Copyright (c) 2017 SUSE LINUX GmbH, Nuernberg, Germany. +# Copyright (c) 2017 SUSE LINUX Products GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed diff --git a/openssh.changes b/openssh.changes index ba740ee..fd51b73 100644 --- a/openssh.changes +++ b/openssh.changes @@ -1,3 +1,47 @@ +------------------------------------------------------------------- +Mon May 15 20:47:29 UTC 2017 - pcerny@suse.com + +- Fix preauth seccomp separation on mainframes (bsc#1016709) + [openssh-7.2p2-s390_hw_crypto_syscalls.patch] + [openssh-7.2p2-s390_OpenSSL-ibmpkcs11_syscalls.patch] +- enable case-insensitive hostname matching (bsc#1017099) + [openssh-7.2p2-ssh_case_insensitive_host_matching.patch] +- add CAVS tests + [openssh-7.2p2-cavstest-ctr.patch] + [openssh-7.2p2-cavstest-kdf.patch] +- Adding missing pieces for user matching (bsc#1021626) +- Properly verify CIDR masks in configuration + (bsc#1005893) + [openssh-7.2p2-verify_CIDR_address_ranges.patch] +- Remove pre-auth compression support from the server to prevent + possible cryptographic attacks. + (CVE-2016-10012, bsc#1016370) + [openssh-7.2p2-disable_preauth_compression.patch] +- limit directories for loading PKCS11 modules + (CVE-2016-10009, bsc#1016366) + [openssh-7.2p2-restrict_pkcs11-modules.patch] +- Prevent possible leaks of host private keys to low-privilege + process handling authentication + (CVE-2016-10011, bsc#1016369) + [openssh-7.2p2-prevent_private_key_leakage.patch] +- Do not allow unix socket forwarding when running without + privilege separation + (CVE-2016-10010, bsc#1016368) + [openssh-7.2p2-secure_unix_sockets_forwarding.patch] +- prevent resource depletion during key exchange + (bsc#1005480, CVE-2016-8858) + [openssh-7.2p2-kex_resource_depletion.patch] +- fix suggested command for removing conflicting server keys from + the known_hosts file (bsc#1006221) +- enable geteuid{,32} syscalls on mainframes, since it may be + called from libica/ibmica on machines with hardware crypto + accelerator (bsc#1004258) + [openssh-7.2p2-seccomp_geteuid.patch] +- fix regression of (bsc#823710) + [openssh-7.2p2-audit_fixes.patch] +- add slogin (removed upstreams) + [openssh-7.2p2-keep_slogin.patch] + ------------------------------------------------------------------- Wed Feb 22 19:31:08 UTC 2017 - crrodriguez@opensuse.org diff --git a/openssh.spec b/openssh.spec index 0f3fab6..42492dd 100644 --- a/openssh.spec +++ b/openssh.spec @@ -1,7 +1,7 @@ # # spec file for package openssh # -# Copyright (c) 2017 SUSE LINUX GmbH, Nuernberg, Germany. +# Copyright (c) 2017 SUSE LINUX Products GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -77,9 +77,12 @@ BuildRequires: libedit-devel %if %{has_libselinux} BuildRequires: libselinux-devel %endif -BuildRequires: openldap2-devel -BuildRequires: openssl +%if %{suse_version} < 1330 BuildRequires: openssl-devel +%else +BuildRequires: libopenssl-1_0_0-devel +%endif +BuildRequires: openldap2-devel BuildRequires: pam-devel %if %{uses_systemd} BuildRequires: pkgconfig(systemd) @@ -125,25 +128,39 @@ Patch11: openssh-7.2p2-pts_names_formatting.patch Patch12: openssh-7.2p2-pam_check_locks.patch Patch13: openssh-7.2p2-disable_short_DH_parameters.patch Patch14: openssh-7.2p2-seccomp_getuid.patch -Patch15: openssh-7.2p2-seccomp_stat.patch -Patch16: openssh-7.2p2-fips.patch -Patch17: openssh-7.2p2-seed-prng.patch -Patch18: openssh-7.2p2-gssapi_key_exchange.patch -Patch19: openssh-7.2p2-audit.patch -Patch20: openssh-7.2p2-audit_seed_prng.patch -Patch21: openssh-7.2p2-login_options.patch -Patch22: openssh-7.2p2-disable_openssl_abi_check.patch -Patch23: openssh-7.2p2-no_fork-no_pid_file.patch -Patch24: openssh-7.2p2-host_ident.patch -Patch25: openssh-7.2p2-sftp_homechroot.patch -Patch26: openssh-7.2p2-sftp_force_permissions.patch -Patch27: openssh-7.2p2-X_forward_with_disabled_ipv6.patch -Patch28: openssh-7.2p2-ldap.patch -Patch29: openssh-7.2p2-additional_seccomp_archs.patch -Patch30: openssh-7.2p2-IPv6_X_forwarding.patch -Patch31: openssh-7.2p2-ignore_PAM_with_UseLogin.patch -Patch32: openssh-7.2p2-prevent_timing_user_enumeration.patch -Patch33: openssh-7.2p2-limit_password_length.patch +Patch15: openssh-7.2p2-seccomp_geteuid.patch +Patch16: openssh-7.2p2-seccomp_stat.patch +Patch17: openssh-7.2p2-additional_seccomp_archs.patch +Patch18: openssh-7.2p2-fips.patch +Patch19: openssh-7.2p2-cavstest-ctr.patch +Patch20: openssh-7.2p2-cavstest-kdf.patch +Patch21: openssh-7.2p2-seed-prng.patch +Patch22: openssh-7.2p2-gssapi_key_exchange.patch +Patch23: openssh-7.2p2-audit.patch +Patch24: openssh-7.2p2-audit_fixes.patch +Patch25: openssh-7.2p2-audit_seed_prng.patch +Patch26: openssh-7.2p2-login_options.patch +Patch27: openssh-7.2p2-disable_openssl_abi_check.patch +Patch28: openssh-7.2p2-no_fork-no_pid_file.patch +Patch29: openssh-7.2p2-host_ident.patch +Patch30: openssh-7.2p2-sftp_homechroot.patch +Patch31: openssh-7.2p2-sftp_force_permissions.patch +Patch32: openssh-7.2p2-X_forward_with_disabled_ipv6.patch +Patch33: openssh-7.2p2-ldap.patch +Patch34: openssh-7.2p2-IPv6_X_forwarding.patch +Patch35: openssh-7.2p2-ignore_PAM_with_UseLogin.patch +Patch36: openssh-7.2p2-prevent_timing_user_enumeration.patch +Patch37: openssh-7.2p2-limit_password_length.patch +Patch38: openssh-7.2p2-keep_slogin.patch +Patch39: openssh-7.2p2-kex_resource_depletion.patch +Patch40: openssh-7.2p2-verify_CIDR_address_ranges.patch +Patch41: openssh-7.2p2-restrict_pkcs11-modules.patch +Patch42: openssh-7.2p2-prevent_private_key_leakage.patch +Patch43: openssh-7.2p2-secure_unix_sockets_forwarding.patch +Patch44: openssh-7.2p2-ssh_case_insensitive_host_matching.patch +Patch45: openssh-7.2p2-disable_preauth_compression.patch +Patch46: openssh-7.2p2-s390_hw_crypto_syscalls.patch +Patch47: openssh-7.2p2-s390_OpenSSL-ibmpkcs11_syscalls.patch BuildRoot: %{_tmppath}/%{name}-%{version}-build Conflicts: nonfreessh Recommends: audit @@ -229,13 +246,27 @@ FIPS140 CAVS tests related parts of the OpenSSH package %patch31 -p2 %patch32 -p2 %patch33 -p2 +%patch34 -p2 +%patch35 -p2 +%patch36 -p2 +%patch37 -p2 +%patch38 -p2 +%patch39 -p2 +%patch40 -p2 +%patch41 -p2 +%patch42 -p2 +%patch43 -p2 +%patch44 -p2 +%patch45 -p2 +%patch46 -p2 +%patch47 -p2 cp %{SOURCE3} %{SOURCE4} %{SOURCE11} . %build # set libexec dir in the LDAP patch sed -i.libexec 's,@LIBEXECDIR@,%{_libexecdir}/ssh,' \ $( grep -Rl @LIBEXECDIR@ \ - $( grep "^+++" %{PATCH28} | sed -r 's@^.+/([^/\t ]+).*$@\1@' ) + $( grep "^+++" %{PATCH33} | sed -r 's@^.+/([^/\t ]+).*$@\1@' ) ) autoreconf -fiv From a1a66bf54b94b8b77ea05482a8178f5c85d0fbfa1f5ea93de323094bc2e4d382 Mon Sep 17 00:00:00 2001 From: Petr Cerny Date: Wed, 31 May 2017 23:14:37 +0000 Subject: [PATCH 2/2] Accepting request 500281 from home:pcerny:factory - require OpenSSL < 1.1 where that one is a default OBS-URL: https://build.opensuse.org/request/show/500281 OBS-URL: https://build.opensuse.org/package/show/network/openssh?expand=0&rev=118 --- openssh.changes | 1 + 1 file changed, 1 insertion(+) diff --git a/openssh.changes b/openssh.changes index fd51b73..df72db5 100644 --- a/openssh.changes +++ b/openssh.changes @@ -41,6 +41,7 @@ Mon May 15 20:47:29 UTC 2017 - pcerny@suse.com [openssh-7.2p2-audit_fixes.patch] - add slogin (removed upstreams) [openssh-7.2p2-keep_slogin.patch] +- require OpenSSL < 1.1 where that one is a default ------------------------------------------------------------------- Wed Feb 22 19:31:08 UTC 2017 - crrodriguez@opensuse.org