- add AES-CTR ciphers to the FIPS mode proposal

2009-03-13 10:32:52 +00:00 · 2009-03-13 10:32:52 +00:00 · 0f07b4ad95
commit 0f07b4ad95
parent adad2a814e
2 changed files with 56 additions and 52 deletions
--- a/openssh-5.2p1-fips.patch
+++ b/openssh-5.2p1-fips.patch
@ -1,6 +1,6 @@
 diff -up openssh-5.2p1/ssh-agent.c.fips openssh-5.2p1/ssh-agent.c
--- openssh-5.2p1/ssh-agent.c.fips	2009-02-11 19:01:26.000000000 +0100
-+++ openssh-5.2p1/ssh-agent.c	2009-02-12 13:46:18.000000000 +0100
+--- openssh-5.2p1/ssh-agent.c.fips	2009-03-13 11:23:15.000000000 +0100
+++ openssh-5.2p1/ssh-agent.c	2009-03-13 11:23:15.000000000 +0100
@@ -51,6 +51,8 @@
 
 #include <openssl/evp.h>
@ -36,8 +36,8 @@ diff -up openssh-5.2p1/ssh-agent.c.fips openssh-5.2p1/ssh-agent.c
 	__progname = ssh_get_progname(av[0]);
 	init_rng();
 diff -up openssh-5.2p1/auth2-pubkey.c.fips openssh-5.2p1/auth2-pubkey.c
--- openssh-5.2p1/auth2-pubkey.c.fips	2009-02-11 19:01:25.000000000 +0100
-+++ openssh-5.2p1/auth2-pubkey.c	2009-02-11 19:01:26.000000000 +0100
+--- openssh-5.2p1/auth2-pubkey.c.fips	2009-03-13 11:23:15.000000000 +0100
+++ openssh-5.2p1/auth2-pubkey.c	2009-03-13 11:23:15.000000000 +0100
@@ -33,6 +33,7 @@
 #include <stdio.h>
 #include <stdarg.h>
@ -56,8 +56,8 @@ diff -up openssh-5.2p1/auth2-pubkey.c.fips openssh-5.2p1/auth2-pubkey.c
 			    key_type(found), fp);
 			xfree(fp);
 diff -up openssh-5.2p1/ssh.c.fips openssh-5.2p1/ssh.c
--- openssh-5.2p1/ssh.c.fips	2009-02-11 19:01:26.000000000 +0100
-+++ openssh-5.2p1/ssh.c	2009-02-12 13:48:43.000000000 +0100
+--- openssh-5.2p1/ssh.c.fips	2009-03-13 11:23:15.000000000 +0100
+++ openssh-5.2p1/ssh.c	2009-03-13 11:23:15.000000000 +0100
@@ -71,6 +71,8 @@
 
 #include <openssl/evp.h>
@ -78,7 +78,7 @@ diff -up openssh-5.2p1/ssh.c.fips openssh-5.2p1/ssh.c
 	init_rng();
 
 	/*
-@@ -562,7 +568,6 @@ main(int ac, char **av)
+@@ -550,7 +556,6 @@ main(int ac, char **av)
 	if (!host)
 		usage();
 
@ -87,9 +87,9 @@ diff -up openssh-5.2p1/ssh.c.fips openssh-5.2p1/ssh.c
 
 	/* Initialize the command to execute on remote host. */
 diff -up openssh-5.2p1/sshconnect2.c.fips openssh-5.2p1/sshconnect2.c
--- openssh-5.2p1/sshconnect2.c.fips	2009-02-11 19:01:26.000000000 +0100
-+++ openssh-5.2p1/sshconnect2.c	2009-02-11 19:01:26.000000000 +0100
-@@ -43,6 +43,8 @@
+--- openssh-5.2p1/sshconnect2.c.fips	2009-03-13 11:23:15.000000000 +0100
+++ openssh-5.2p1/sshconnect2.c	2009-03-13 11:23:15.000000000 +0100
+@@ -44,6 +44,8 @@
 #include <vis.h>
 #endif
 
@ -98,7 +98,7 @@ diff -up openssh-5.2p1/sshconnect2.c.fips openssh-5.2p1/sshconnect2.c
 #include "openbsd-compat/sys-queue.h"
 
 #include "xmalloc.h"
-@@ -113,6 +115,10 @@ ssh_kex2(char *host, struct sockaddr *ho
+@@ -115,6 +117,10 @@ ssh_kex2(char *host, struct sockaddr *ho
 	if (options.ciphers != NULL) {
 		myproposal[PROPOSAL_ENC_ALGS_CTOS] =
 		myproposal[PROPOSAL_ENC_ALGS_STOC] = options.ciphers;
@ -109,7 +109,7 @@ diff -up openssh-5.2p1/sshconnect2.c.fips openssh-5.2p1/sshconnect2.c
 	}
 	myproposal[PROPOSAL_ENC_ALGS_CTOS] =
 	    compat_cipher_proposal(myproposal[PROPOSAL_ENC_ALGS_CTOS]);
-@@ -128,7 +134,11 @@ ssh_kex2(char *host, struct sockaddr *ho
+@@ -130,7 +136,11 @@ ssh_kex2(char *host, struct sockaddr *ho
 	if (options.macs != NULL) {
 		myproposal[PROPOSAL_MAC_ALGS_CTOS] =
 		myproposal[PROPOSAL_MAC_ALGS_STOC] = options.macs;
@ -121,7 +121,7 @@ diff -up openssh-5.2p1/sshconnect2.c.fips openssh-5.2p1/sshconnect2.c
 	if (options.hostkeyalgorithms != NULL)
 		myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] =
 		    options.hostkeyalgorithms;
-@@ -478,8 +488,8 @@ input_userauth_pk_ok(int type, u_int32_t
+@@ -507,8 +517,8 @@ input_userauth_pk_ok(int type, u_int32_t
 		    key->type, pktype);
 		goto done;
 	}
@ -133,8 +133,8 @@ diff -up openssh-5.2p1/sshconnect2.c.fips openssh-5.2p1/sshconnect2.c
 
 	/*
 diff -up openssh-5.2p1/Makefile.in.fips openssh-5.2p1/Makefile.in
--- openssh-5.2p1/Makefile.in.fips	2009-02-11 19:01:26.000000000 +0100
-+++ openssh-5.2p1/Makefile.in	2009-02-12 14:06:25.000000000 +0100
+--- openssh-5.2p1/Makefile.in.fips	2009-03-13 11:23:15.000000000 +0100
+++ openssh-5.2p1/Makefile.in	2009-03-13 11:23:15.000000000 +0100
@@ -134,28 +134,28 @@ libssh.a: $(LIBSSH_OBJS)
 	$(RANLIB) $@
 
@ -172,8 +172,8 @@ diff -up openssh-5.2p1/Makefile.in.fips openssh-5.2p1/Makefile.in
 sftp-server$(EXEEXT): $(LIBCOMPAT) libssh.a sftp.o sftp-common.o sftp-server.o sftp-server-main.o
 	$(LD) -o $@ sftp-server.o sftp-common.o sftp-server-main.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS)
 diff -up openssh-5.2p1/sshd.c.fips openssh-5.2p1/sshd.c
--- openssh-5.2p1/sshd.c.fips	2009-02-11 19:01:25.000000000 +0100
-+++ openssh-5.2p1/sshd.c	2009-02-12 13:51:51.000000000 +0100
+--- openssh-5.2p1/sshd.c.fips	2009-03-13 11:23:15.000000000 +0100
+++ openssh-5.2p1/sshd.c	2009-03-13 11:23:15.000000000 +0100
@@ -76,6 +76,8 @@
 #include <openssl/bn.h>
 #include <openssl/md5.h>
@ -183,7 +183,7 @@ diff -up openssh-5.2p1/sshd.c.fips openssh-5.2p1/sshd.c
 #include "openbsd-compat/openssl-compat.h"
 
 #ifdef HAVE_SECUREWARE
-@@ -1261,6 +1263,12 @@ main(int ac, char **av)
+@@ -1260,6 +1262,12 @@ main(int ac, char **av)
 	(void)set_auth_parameters(ac, av);
 #endif
 	__progname = ssh_get_progname(av[0]);
@ -196,7 +196,7 @@ diff -up openssh-5.2p1/sshd.c.fips openssh-5.2p1/sshd.c
 	init_rng();
 
 	/* Save argv. Duplicate so setproctitle emulation doesn't clobber it */
-@@ -1413,8 +1421,6 @@ main(int ac, char **av)
+@@ -1412,8 +1420,6 @@ main(int ac, char **av)
 	else
 		closefrom(REEXEC_DEVCRYPTO_RESERVED_FD);
 
@ -205,7 +205,7 @@ diff -up openssh-5.2p1/sshd.c.fips openssh-5.2p1/sshd.c
 	/*
 	 * Force logging to stderr until we have loaded the private host
 	 * key (unless started from inetd)
-@@ -2183,6 +2189,9 @@ do_ssh2_kex(void)
+@@ -2182,6 +2188,9 @@ do_ssh2_kex(void)
 	if (options.ciphers != NULL) {
 		myproposal[PROPOSAL_ENC_ALGS_CTOS] =
 		myproposal[PROPOSAL_ENC_ALGS_STOC] = options.ciphers;
@ -215,7 +215,7 @@ diff -up openssh-5.2p1/sshd.c.fips openssh-5.2p1/sshd.c
 	}
 	myproposal[PROPOSAL_ENC_ALGS_CTOS] =
 	    compat_cipher_proposal(myproposal[PROPOSAL_ENC_ALGS_CTOS]);
-@@ -2192,6 +2201,9 @@ do_ssh2_kex(void)
+@@ -2191,6 +2200,9 @@ do_ssh2_kex(void)
 	if (options.macs != NULL) {
 		myproposal[PROPOSAL_MAC_ALGS_CTOS] =
 		myproposal[PROPOSAL_MAC_ALGS_STOC] = options.macs;
@ -227,7 +227,7 @@ diff -up openssh-5.2p1/sshd.c.fips openssh-5.2p1/sshd.c
 		myproposal[PROPOSAL_COMP_ALGS_CTOS] =
 diff -up openssh-5.2p1/mac.c.fips openssh-5.2p1/mac.c
 --- openssh-5.2p1/mac.c.fips	2008-06-13 02:58:50.000000000 +0200
-+++ openssh-5.2p1/mac.c	2009-02-11 19:01:26.000000000 +0100
+++ openssh-5.2p1/mac.c	2009-03-13 11:23:15.000000000 +0100
@@ -28,6 +28,7 @@
 #include <sys/types.h>
 
@ -278,8 +278,8 @@ diff -up openssh-5.2p1/mac.c.fips openssh-5.2p1/mac.c
 	for (i = 0; macs[i].name; i++) {
 		if (strcmp(name, macs[i].name) == 0) {
 diff -up openssh-5.2p1/ssh-keygen.c.fips openssh-5.2p1/ssh-keygen.c
--- openssh-5.2p1/ssh-keygen.c.fips	2009-02-11 19:01:26.000000000 +0100
-+++ openssh-5.2p1/ssh-keygen.c	2009-02-12 13:46:00.000000000 +0100
+--- openssh-5.2p1/ssh-keygen.c.fips	2009-03-13 11:23:15.000000000 +0100
+++ openssh-5.2p1/ssh-keygen.c	2009-03-13 11:23:15.000000000 +0100
@@ -21,6 +21,8 @@
 
 #include <openssl/evp.h>
@ -332,8 +332,8 @@ diff -up openssh-5.2p1/ssh-keygen.c.fips openssh-5.2p1/ssh-keygen.c
 		xfree(ra);
 		xfree(fp);
 diff -up openssh-5.2p1/nsskeys.c.fips openssh-5.2p1/nsskeys.c
--- openssh-5.2p1/nsskeys.c.fips	2009-02-11 19:01:26.000000000 +0100
-+++ openssh-5.2p1/nsskeys.c	2009-02-11 19:01:26.000000000 +0100
+--- openssh-5.2p1/nsskeys.c.fips	2009-03-13 11:23:15.000000000 +0100
+++ openssh-5.2p1/nsskeys.c	2009-03-13 11:23:15.000000000 +0100
@@ -183,8 +183,8 @@ nss_convert_pubkey(Key *k)
 			break;
 	}
@ -346,8 +346,8 @@ diff -up openssh-5.2p1/nsskeys.c.fips openssh-5.2p1/nsskeys.c
 
 	return 0;
 diff -up openssh-5.2p1/ssh-add.c.fips openssh-5.2p1/ssh-add.c
--- openssh-5.2p1/ssh-add.c.fips	2009-02-11 19:01:26.000000000 +0100
-+++ openssh-5.2p1/ssh-add.c	2009-02-12 13:46:31.000000000 +0100
+--- openssh-5.2p1/ssh-add.c.fips	2009-03-13 11:23:15.000000000 +0100
+++ openssh-5.2p1/ssh-add.c	2009-03-13 11:23:15.000000000 +0100
@@ -42,6 +42,8 @@
 #include <sys/param.h>
 
@ -387,7 +387,7 @@ diff -up openssh-5.2p1/ssh-add.c.fips openssh-5.2p1/ssh-add.c
 	if (ac == NULL) {
 diff -up openssh-5.2p1/openbsd-compat/bsd-arc4random.c.fips openssh-5.2p1/openbsd-compat/bsd-arc4random.c
 --- openssh-5.2p1/openbsd-compat/bsd-arc4random.c.fips	2008-06-04 02:54:00.000000000 +0200
-+++ openssh-5.2p1/openbsd-compat/bsd-arc4random.c	2009-02-11 19:01:26.000000000 +0100
+++ openssh-5.2p1/openbsd-compat/bsd-arc4random.c	2009-03-13 11:23:15.000000000 +0100
@@ -39,6 +39,7 @@
 static int rc4_ready = 0;
 static RC4_KEY rc4;
@ -430,14 +430,15 @@ diff -up openssh-5.2p1/openbsd-compat/bsd-arc4random.c.fips openssh-5.2p1/openbs
 
 #ifndef ARC4RANDOM_BUF
 diff -up openssh-5.2p1/myproposal.h.fips openssh-5.2p1/myproposal.h
--- openssh-5.2p1/myproposal.h.fips	2007-06-11 06:01:42.000000000 +0200
-+++ openssh-5.2p1/myproposal.h	2009-02-11 19:01:26.000000000 +0100
-@@ -52,7 +52,11 @@
+--- openssh-5.2p1/myproposal.h.fips	2009-01-28 06:33:31.000000000 +0100
+++ openssh-5.2p1/myproposal.h	2009-03-13 11:27:49.000000000 +0100
+@@ -53,7 +53,12 @@
 	"hmac-sha1-96,hmac-md5-96"
 #define	KEX_DEFAULT_COMP	"none,zlib@openssh.com,zlib"
 #define	KEX_DEFAULT_LANG	""
 -
 +#define	KEX_FIPS_ENCRYPT \
+	"aes128-ctr,aes192-ctr,aes256-ctr," \
 +	"aes128-cbc,3des-cbc," \
 +	"aes192-cbc,aes256-cbc,rijndael-cbc@lysator.liu.se"
 +#define	KEX_FIPS_MAC \
@ -447,7 +448,7 @@ diff -up openssh-5.2p1/myproposal.h.fips openssh-5.2p1/myproposal.h
 	KEX_DEFAULT_KEX,
 diff -up openssh-5.2p1/ssh-keysign.c.fips openssh-5.2p1/ssh-keysign.c
 --- openssh-5.2p1/ssh-keysign.c.fips	2006-09-01 07:38:37.000000000 +0200
-+++ openssh-5.2p1/ssh-keysign.c	2009-02-12 13:44:41.000000000 +0100
+++ openssh-5.2p1/ssh-keysign.c	2009-03-13 11:23:15.000000000 +0100
@@ -38,6 +38,8 @@
 #include <openssl/evp.h>
 #include <openssl/rand.h>
@ -478,8 +479,8 @@ diff -up openssh-5.2p1/ssh-keysign.c.fips openssh-5.2p1/ssh-keysign.c
 		rnd[i] = arc4random();
 	RAND_seed(rnd, sizeof(rnd));
 diff -up openssh-5.2p1/cipher.c.fips openssh-5.2p1/cipher.c
--- openssh-5.2p1/cipher.c.fips	2008-07-23 14:03:19.000000000 +0200
-+++ openssh-5.2p1/cipher.c	2009-02-11 19:01:26.000000000 +0100
+--- openssh-5.2p1/cipher.c.fips	2009-03-06 18:23:21.000000000 +0100
+++ openssh-5.2p1/cipher.c	2009-03-13 11:23:15.000000000 +0100
@@ -40,6 +40,7 @@
 #include <sys/types.h>
 
@ -488,7 +489,7 @@ diff -up openssh-5.2p1/cipher.c.fips openssh-5.2p1/cipher.c
 
 #include <string.h>
 #include <stdarg.h>
-@@ -91,6 +92,22 @@ struct Cipher {
+@@ -93,6 +94,22 @@ struct Cipher {
 	{ NULL,			SSH_CIPHER_INVALID, 0, 0, 0, 0, NULL }
 };
 
@ -511,7 +512,7 @@ diff -up openssh-5.2p1/cipher.c.fips openssh-5.2p1/cipher.c
 /*--*/
 
 u_int
-@@ -133,7 +150,7 @@ Cipher *
+@@ -135,7 +152,7 @@ Cipher *
 cipher_by_name(const char *name)
 {
 	Cipher *c;
@ -520,7 +521,7 @@ diff -up openssh-5.2p1/cipher.c.fips openssh-5.2p1/cipher.c
 		if (strcmp(c->name, name) == 0)
 			return c;
 	return NULL;
-@@ -143,7 +160,7 @@ Cipher *
+@@ -145,7 +162,7 @@ Cipher *
 cipher_by_number(int id)
 {
 	Cipher *c;
@ -529,7 +530,7 @@ diff -up openssh-5.2p1/cipher.c.fips openssh-5.2p1/cipher.c
 		if (c->number == id)
 			return c;
 	return NULL;
-@@ -187,7 +204,7 @@ cipher_number(const char *name)
+@@ -189,7 +206,7 @@ cipher_number(const char *name)
 	Cipher *c;
 	if (name == NULL)
 		return -1;
@ -539,8 +540,8 @@ diff -up openssh-5.2p1/cipher.c.fips openssh-5.2p1/cipher.c
 			return c->number;
 	return -1;
 diff -up openssh-5.2p1/ssh-keyscan.c.fips openssh-5.2p1/ssh-keyscan.c
--- openssh-5.2p1/ssh-keyscan.c.fips	2008-07-04 15:10:49.000000000 +0200
-+++ openssh-5.2p1/ssh-keyscan.c	2009-02-12 13:44:21.000000000 +0100
+--- openssh-5.2p1/ssh-keyscan.c.fips	2009-01-28 06:31:23.000000000 +0100
+++ openssh-5.2p1/ssh-keyscan.c	2009-03-13 11:23:15.000000000 +0100
@@ -19,6 +19,8 @@
 #include <arpa/inet.h>
 
@ -550,7 +551,7 @@ diff -up openssh-5.2p1/ssh-keyscan.c.fips openssh-5.2p1/ssh-keyscan.c
 
 #include <netdb.h>
 #include <errno.h>
-@@ -730,6 +732,13 @@ main(int argc, char **argv)
+@@ -731,6 +733,13 @@ main(int argc, char **argv)
 	extern char *optarg;
 
 	__progname = ssh_get_progname(argv[0]);
@ -565,8 +566,8 @@ diff -up openssh-5.2p1/ssh-keyscan.c.fips openssh-5.2p1/ssh-keyscan.c
 	seed_rng();
 	TAILQ_INIT(&tq);
 diff -up openssh-5.2p1/sshconnect.c.fips openssh-5.2p1/sshconnect.c
--- openssh-5.2p1/sshconnect.c.fips	2009-02-11 19:01:26.000000000 +0100
-+++ openssh-5.2p1/sshconnect.c	2009-02-11 19:01:26.000000000 +0100
+--- openssh-5.2p1/sshconnect.c.fips	2009-03-13 11:23:15.000000000 +0100
+++ openssh-5.2p1/sshconnect.c	2009-03-13 11:23:15.000000000 +0100
@@ -40,6 +40,8 @@
 #include <unistd.h>
 #include <fcntl.h>
@ -576,7 +577,7 @@ diff -up openssh-5.2p1/sshconnect.c.fips openssh-5.2p1/sshconnect.c
 #include "xmalloc.h"
 #include "key.h"
 #include "hostfile.h"
-@@ -765,6 +767,7 @@ check_host_key(char *hostname, struct so
+@@ -761,6 +763,7 @@ check_host_key(char *hostname, struct so
 			goto fail;
 		} else if (options.strict_host_key_checking == 2) {
 			char msg1[1024], msg2[1024];
@ -584,7 +585,7 @@ diff -up openssh-5.2p1/sshconnect.c.fips openssh-5.2p1/sshconnect.c
 
 			if (show_other_keys(host, host_key))
 				snprintf(msg1, sizeof(msg1),
-@@ -773,8 +776,8 @@ check_host_key(char *hostname, struct so
+@@ -769,8 +772,8 @@ check_host_key(char *hostname, struct so
 			else
 				snprintf(msg1, sizeof(msg1), ".");
 			/* The default */
@ -595,7 +596,7 @@ diff -up openssh-5.2p1/sshconnect.c.fips openssh-5.2p1/sshconnect.c
 			    SSH_FP_RANDOMART);
 			msg2[0] = '\0';
 			if (options.verify_host_key_dns) {
-@@ -790,10 +793,10 @@ check_host_key(char *hostname, struct so
+@@ -786,10 +789,10 @@ check_host_key(char *hostname, struct so
 			snprintf(msg, sizeof(msg),
 			    "The authenticity of host '%.200s (%s)' can't be "
 			    "established%s\n"
@ -608,7 +609,7 @@ diff -up openssh-5.2p1/sshconnect.c.fips openssh-5.2p1/sshconnect.c
 			    options.visual_host_key ? "\n" : "",
 			    options.visual_host_key ? ra : "",
 			    msg2);
-@@ -1081,17 +1084,18 @@ show_key_from_file(const char *file, con
+@@ -1077,17 +1080,18 @@ show_key_from_file(const char *file, con
 	Key *found;
 	char *fp, *ra;
 	int line, ret;
@ -631,7 +632,7 @@ diff -up openssh-5.2p1/sshconnect.c.fips openssh-5.2p1/sshconnect.c
 		xfree(ra);
 		xfree(fp);
 	}
-@@ -1137,8 +1141,9 @@ warn_changed_key(Key *host_key)
+@@ -1133,8 +1137,9 @@ warn_changed_key(Key *host_key)
 {
 	char *fp;
 	const char *type = key_type(host_key);
@ -642,7 +643,7 @@ diff -up openssh-5.2p1/sshconnect.c.fips openssh-5.2p1/sshconnect.c
 
 	error("@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@");
 	error("@    WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED!     @");
-@@ -1146,8 +1151,8 @@ warn_changed_key(Key *host_key)
+@@ -1142,8 +1147,8 @@ warn_changed_key(Key *host_key)
 	error("IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!");
 	error("Someone could be eavesdropping on you right now (man-in-the-middle attack)!");
 	error("It is also possible that the %s host key has just been changed.", type);
--- a/openssh.spec
+++ b/openssh.spec
@ -63,7 +63,7 @@
 Summary: An open source implementation of SSH protocol versions 1 and 2
 Name: openssh
 Version: 5.2p1
-Release: 1%{?dist}%{?rescue_rel}
+Release: 2%{?dist}%{?rescue_rel}
 URL: http://www.openssh.com/portable.html
 #Source0: ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-%{version}.tar.gz
 #Source1: ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-%{version}.tar.gz.asc
@ -472,7 +472,10 @@ fi
 %endif

 %changelog
-* Thu Mar  9 2009 Jan F. Chadima <jchadima@redhat.com> - 5.2p1-1
+* Fri Mar 13 2009 Tomas Mraz <tmraz@redhat.com> - 5.2p1-2
+- add AES-CTR ciphers to the FIPS mode proposal
+
+* Mon Mar  9 2009 Jan F. Chadima <jchadima@redhat.com> - 5.2p1-1
 - upgrade to new upstream release

 * Thu Feb 26 2009 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 5.1p1-8