import CS openssh-8.0p1-24.el8
This commit is contained in:
parent
9dbd8185cd
commit
29a5db689e
@ -136,18 +136,6 @@ diff -up openssh-7.4p1/serverloop.c.coverity openssh-7.4p1/serverloop.c
|
||||
if (tun != SSH_TUNID_ANY &&
|
||||
auth_opts->force_tun_device != (int)tun)
|
||||
goto done;
|
||||
diff -up openssh-7.4p1/sftp.c.coverity openssh-7.4p1/sftp.c
|
||||
--- openssh-7.4p1/sftp.c.coverity 2016-12-19 05:59:41.000000000 +0100
|
||||
+++ openssh-7.4p1/sftp.c 2016-12-23 16:40:26.903788691 +0100
|
||||
@@ -224,7 +224,7 @@ killchild(int signo)
|
||||
{
|
||||
if (sshpid > 1) {
|
||||
kill(sshpid, SIGTERM);
|
||||
- waitpid(sshpid, NULL, 0);
|
||||
+ (void) waitpid(sshpid, NULL, 0);
|
||||
}
|
||||
|
||||
_exit(1);
|
||||
diff -up openssh-7.4p1/ssh-agent.c.coverity openssh-7.4p1/ssh-agent.c
|
||||
--- openssh-7.4p1/ssh-agent.c.coverity 2016-12-19 05:59:41.000000000 +0100
|
||||
+++ openssh-7.4p1/ssh-agent.c 2016-12-23 16:40:26.903788691 +0100
|
||||
|
@ -471,6 +471,47 @@ diff -up openssh-7.9p1/sshkey.c.fips openssh-7.9p1/sshkey.c
|
||||
|
||||
#include "xmss_fast.h"
|
||||
|
||||
@@ -392,7 +394,8 @@ sshkey_calculate_signature(EVP_PKEY *pkey
|
||||
{
|
||||
EVP_MD_CTX *ctx = NULL;
|
||||
u_char *sig = NULL;
|
||||
- int ret, slen, len;
|
||||
+ int ret, slen;
|
||||
+ size_t len;
|
||||
|
||||
if (sigp == NULL || lenp == NULL) {
|
||||
return SSH_ERR_INVALID_ARGUMENT;
|
||||
@@ -411,9 +414,10 @@ sshkey_calculate_signature(EVP_PKEY *pkey
|
||||
ret = SSH_ERR_ALLOC_FAIL;
|
||||
goto error;
|
||||
}
|
||||
- if (EVP_SignInit_ex(ctx, ssh_digest_to_md(hash_alg), NULL) <= 0 ||
|
||||
- EVP_SignUpdate(ctx, data, datalen) <= 0 ||
|
||||
- EVP_SignFinal(ctx, sig, &len, pkey) <= 0) {
|
||||
+ if (EVP_DigestSignInit(ctx, NULL, ssh_digest_to_md(hash_alg),
|
||||
+ NULL, pkey) != 1 ||
|
||||
+ EVP_DigestSignUpdate(ctx, data, datalen) != 1 ||
|
||||
+ EVP_DigestSignFinal(ctx, sig, &len) != 1) {
|
||||
ret = SSH_ERR_LIBCRYPTO_ERROR;
|
||||
goto error;
|
||||
}
|
||||
@@ -440,12 +444,13 @@ sshkey_verify_signature(EVP_PKEY *pkey
|
||||
if ((ctx = EVP_MD_CTX_new()) == NULL) {
|
||||
return SSH_ERR_ALLOC_FAIL;
|
||||
}
|
||||
- if (EVP_VerifyInit_ex(ctx, ssh_digest_to_md(hash_alg), NULL) <= 0 ||
|
||||
- EVP_VerifyUpdate(ctx, data, datalen) <= 0) {
|
||||
+ if (EVP_DigestVerifyInit(ctx, NULL, ssh_digest_to_md(hash_alg),
|
||||
+ NULL, pkey) != 1 ||
|
||||
+ EVP_DigestVerifyUpdate(ctx, data, datalen) != 1) {
|
||||
ret = SSH_ERR_LIBCRYPTO_ERROR;
|
||||
goto done;
|
||||
}
|
||||
- ret = EVP_VerifyFinal(ctx, sigbuf, siglen, pkey);
|
||||
+ ret = EVP_DigestVerifyFinal(ctx, sigbuf, siglen);
|
||||
switch (ret) {
|
||||
case 1:
|
||||
ret = 0;
|
||||
@@ -1514,6 +1516,8 @@ rsa_generate_private_key(u_int bits, RSA
|
||||
}
|
||||
if (!BN_set_word(f4, RSA_F4) ||
|
||||
@ -515,3 +556,14 @@ diff -up openssh-7.9p1/ssh-keygen.c.fips openssh-7.9p1/ssh-keygen.c
|
||||
if ((fd = mkstemp(prv_tmp)) == -1) {
|
||||
error("Could not save your public key in %s: %s",
|
||||
prv_tmp, strerror(errno));
|
||||
diff -up openssh-8.0p1/sshd_config.xxx openssh-8.0p1/sshd_config
|
||||
--- openssh-8.0p1/sshd_config.xxx 2023-10-30 13:01:59.150952364 +0100
|
||||
+++ openssh-8.0p1/sshd_config 2023-10-30 13:02:56.662231354 +0100
|
||||
@@ -21,6 +21,7 @@
|
||||
|
||||
HostKey /etc/ssh/ssh_host_rsa_key
|
||||
HostKey /etc/ssh/ssh_host_ecdsa_key
|
||||
+#In FIPS mode Ed25519 keys are not supported, please comment out the next line
|
||||
HostKey /etc/ssh/ssh_host_ed25519_key
|
||||
|
||||
# Ciphers and keying
|
||||
|
20
SOURCES/openssh-8.0p1-avoidkillall.patch
Normal file
20
SOURCES/openssh-8.0p1-avoidkillall.patch
Normal file
@ -0,0 +1,20 @@
|
||||
diff --git a/sftp.c b/sftp.c
|
||||
index b66037f1..54538ff9 100644
|
||||
--- a/sftp.c
|
||||
+++ b/sftp.c
|
||||
@@ -220,9 +220,12 @@ static const struct CMD cmds[] = {
|
||||
static void
|
||||
killchild(int signo)
|
||||
{
|
||||
- if (sshpid > 1) {
|
||||
- kill(sshpid, SIGTERM);
|
||||
- waitpid(sshpid, NULL, 0);
|
||||
+ pid_t pid;
|
||||
+
|
||||
+ pid = sshpid;
|
||||
+ if (pid > 1) {
|
||||
+ kill(pid, SIGTERM);
|
||||
+ (void)waitpid(pid, NULL, 0);
|
||||
}
|
||||
|
||||
_exit(1);
|
13
SOURCES/openssh-8.0p1-bigsshdconfig.patch
Normal file
13
SOURCES/openssh-8.0p1-bigsshdconfig.patch
Normal file
@ -0,0 +1,13 @@
|
||||
diff --git a/msg.c b/msg.c
|
||||
index 99c25cd2..574a566e 100644
|
||||
--- a/msg.c
|
||||
+++ b/msg.c
|
||||
@@ -77,7 +77,7 @@ ssh_msg_recv(int fd, struct sshbuf *m)
|
||||
return (-1);
|
||||
}
|
||||
msg_len = get_u32(buf);
|
||||
- if (msg_len > 256 * 1024) {
|
||||
+ if (msg_len > sshbuf_max_size(m)) {
|
||||
error("ssh_msg_recv: read: bad msg_len %u", msg_len);
|
||||
return (-1);
|
||||
}
|
@ -1509,7 +1509,7 @@ new file mode 100644
|
||||
index 00000000..0b2f6a56
|
||||
--- /dev/null
|
||||
+++ b/kexgssc.c
|
||||
@@ -0,0 +1,595 @@
|
||||
@@ -0,0 +1,618 @@
|
||||
+/*
|
||||
+ * Copyright (c) 2001-2009 Simon Wilkinson. All rights reserved.
|
||||
+ *
|
||||
@ -1571,7 +1571,7 @@ index 00000000..0b2f6a56
|
||||
+ struct sshbuf *server_blob = NULL;
|
||||
+ struct sshbuf *shared_secret = NULL;
|
||||
+ struct sshbuf *server_host_key_blob = NULL;
|
||||
+ struct sshbuf *empty = sshbuf_new();
|
||||
+ struct sshbuf *empty = NULL;
|
||||
+ u_char *msg;
|
||||
+ int type = 0;
|
||||
+ int first = 1;
|
||||
@ -1610,8 +1610,10 @@ index 00000000..0b2f6a56
|
||||
+ default:
|
||||
+ fatal("%s: Unexpected KEX type %d", __func__, kex->kex_type);
|
||||
+ }
|
||||
+ if (r != 0)
|
||||
+ if (r != 0) {
|
||||
+ ssh_gssapi_delete_ctx(&ctxt);
|
||||
+ return r;
|
||||
+ }
|
||||
+
|
||||
+ token_ptr = GSS_C_NO_BUFFER;
|
||||
+
|
||||
@ -1674,11 +1676,16 @@ index 00000000..0b2f6a56
|
||||
+ do {
|
||||
+ type = ssh_packet_read(ssh);
|
||||
+ if (type == SSH2_MSG_KEXGSS_HOSTKEY) {
|
||||
+ char *tmp = NULL;
|
||||
+ size_t tmp_len = 0;
|
||||
+
|
||||
+ debug("Received KEXGSS_HOSTKEY");
|
||||
+ if (server_host_key_blob)
|
||||
+ fatal("Server host key received more than once");
|
||||
+ if ((r = sshpkt_getb_froms(ssh, &server_host_key_blob)) != 0)
|
||||
+ if ((r = sshpkt_get_string(ssh, &tmp, &tmp_len)) != 0)
|
||||
+ fatal("Failed to read server host key: %s", ssh_err(r));
|
||||
+ if ((server_host_key_blob = sshbuf_from(tmp, tmp_len)) == NULL)
|
||||
+ fatal("sshbuf_from failed");
|
||||
+ }
|
||||
+ } while (type == SSH2_MSG_KEXGSS_HOSTKEY);
|
||||
+
|
||||
@ -1779,6 +1786,11 @@ index 00000000..0b2f6a56
|
||||
+ if (r != 0)
|
||||
+ goto out;
|
||||
+
|
||||
+ if ((empty = sshbuf_new()) == NULL) {
|
||||
+ r = SSH_ERR_ALLOC_FAIL;
|
||||
+ goto out;
|
||||
+ }
|
||||
+
|
||||
+ hashlen = sizeof(hash);
|
||||
+ if ((r = kex_gen_hash(
|
||||
+ kex->hash_alg,
|
||||
@ -1848,7 +1860,7 @@ index 00000000..0b2f6a56
|
||||
+ size_t hashlen;
|
||||
+ const BIGNUM *pub_key, *dh_p, *dh_g;
|
||||
+ int nbits = 0, min = DH_GRP_MIN, max = DH_GRP_MAX;
|
||||
+ struct sshbuf *empty = sshbuf_new();
|
||||
+ struct sshbuf *empty = NULL;
|
||||
+ u_char c;
|
||||
+ int r;
|
||||
+
|
||||
@ -1960,11 +1972,16 @@ index 00000000..0b2f6a56
|
||||
+ do {
|
||||
+ type = ssh_packet_read(ssh);
|
||||
+ if (type == SSH2_MSG_KEXGSS_HOSTKEY) {
|
||||
+ char *tmp = NULL;
|
||||
+ size_t tmp_len = 0;
|
||||
+
|
||||
+ debug("Received KEXGSS_HOSTKEY");
|
||||
+ if (server_host_key_blob)
|
||||
+ fatal("Server host key received more than once");
|
||||
+ if ((r = sshpkt_getb_froms(ssh, &server_host_key_blob)) != 0)
|
||||
+ if ((r = sshpkt_get_string(ssh, &tmp, &tmp_len)) != 0)
|
||||
+ fatal("sshpkt failed: %s", ssh_err(r));
|
||||
+ if ((server_host_key_blob = sshbuf_from(tmp, tmp_len)) == NULL)
|
||||
+ fatal("sshbuf_from failed");
|
||||
+ }
|
||||
+ } while (type == SSH2_MSG_KEXGSS_HOSTKEY);
|
||||
+
|
||||
@ -2040,6 +2057,7 @@ index 00000000..0b2f6a56
|
||||
+ (r = sshbuf_get_bignum2(buf, &dh_server_pub)) != 0)
|
||||
+ goto out;
|
||||
+ sshbuf_free(buf);
|
||||
+ buf = NULL;
|
||||
+
|
||||
+ if ((shared_secret = sshbuf_new()) == NULL) {
|
||||
+ r = SSH_ERR_ALLOC_FAIL;
|
||||
@ -2048,6 +2066,10 @@ index 00000000..0b2f6a56
|
||||
+
|
||||
+ if ((r = kex_dh_compute_key(kex, dh_server_pub, shared_secret)) != 0)
|
||||
+ goto out;
|
||||
+ if ((empty = sshbuf_new()) == NULL) {
|
||||
+ r = SSH_ERR_ALLOC_FAIL;
|
||||
+ goto out;
|
||||
+ }
|
||||
+
|
||||
+ DH_get0_pqg(kex->dh, &dh_p, NULL, &dh_g);
|
||||
+ hashlen = sizeof(hash);
|
||||
@ -2094,6 +2116,7 @@ index 00000000..0b2f6a56
|
||||
+ if ((r = kex_derive_keys(ssh, hash, hashlen, shared_secret)) == 0)
|
||||
+ r = kex_send_newkeys(ssh);
|
||||
+out:
|
||||
+ sshbuf_free(buf);
|
||||
+ sshbuf_free(server_blob);
|
||||
+ sshbuf_free(empty);
|
||||
+ explicit_bzero(hash, sizeof(hash));
|
||||
@ -2110,7 +2133,7 @@ new file mode 100644
|
||||
index 00000000..60bc02de
|
||||
--- /dev/null
|
||||
+++ b/kexgsss.c
|
||||
@@ -0,0 +1,474 @@
|
||||
@@ -0,0 +1,482 @@
|
||||
+/*
|
||||
+ * Copyright (c) 2001-2009 Simon Wilkinson. All rights reserved.
|
||||
+ *
|
||||
@ -2177,7 +2200,7 @@ index 00000000..60bc02de
|
||||
+ */
|
||||
+
|
||||
+ OM_uint32 ret_flags = 0;
|
||||
+ gss_buffer_desc gssbuf, recv_tok, msg_tok;
|
||||
+ gss_buffer_desc gssbuf = {0, NULL}, recv_tok, msg_tok;
|
||||
+ gss_buffer_desc send_tok = GSS_C_EMPTY_BUFFER;
|
||||
+ Gssctxt *ctxt = NULL;
|
||||
+ struct sshbuf *shared_secret = NULL;
|
||||
@ -2217,7 +2240,7 @@ index 00000000..60bc02de
|
||||
+ type = ssh_packet_read(ssh);
|
||||
+ switch(type) {
|
||||
+ case SSH2_MSG_KEXGSS_INIT:
|
||||
+ if (client_pubkey != NULL)
|
||||
+ if (gssbuf.value != NULL)
|
||||
+ fatal("Received KEXGSS_INIT after initialising");
|
||||
+ if ((r = ssh_gssapi_sshpkt_get_buffer_desc(ssh,
|
||||
+ &recv_tok)) != 0 ||
|
||||
@ -2248,6 +2271,31 @@ index 00000000..60bc02de
|
||||
+ goto out;
|
||||
+
|
||||
+ /* Send SSH_MSG_KEXGSS_HOSTKEY here, if we want */
|
||||
+
|
||||
+ /* Calculate the hash early so we can free the
|
||||
+ * client_pubkey, which has reference to the parent
|
||||
+ * buffer state->incoming_packet
|
||||
+ */
|
||||
+ hashlen = sizeof(hash);
|
||||
+ if ((r = kex_gen_hash(
|
||||
+ kex->hash_alg,
|
||||
+ kex->client_version,
|
||||
+ kex->server_version,
|
||||
+ kex->peer,
|
||||
+ kex->my,
|
||||
+ empty,
|
||||
+ client_pubkey,
|
||||
+ server_pubkey,
|
||||
+ shared_secret,
|
||||
+ hash, &hashlen)) != 0)
|
||||
+ goto out;
|
||||
+
|
||||
+ gssbuf.value = hash;
|
||||
+ gssbuf.length = hashlen;
|
||||
+
|
||||
+ sshbuf_free(client_pubkey);
|
||||
+ client_pubkey = NULL;
|
||||
+
|
||||
+ break;
|
||||
+ case SSH2_MSG_KEXGSS_CONTINUE:
|
||||
+ if ((r = ssh_gssapi_sshpkt_get_buffer_desc(ssh,
|
||||
@ -2269,7 +2317,7 @@ index 00000000..60bc02de
|
||||
+ if (maj_status != GSS_S_COMPLETE && send_tok.length == 0)
|
||||
+ fatal("Zero length token output when incomplete");
|
||||
+
|
||||
+ if (client_pubkey == NULL)
|
||||
+ if (gssbuf.value == NULL)
|
||||
+ fatal("No client public key");
|
||||
+
|
||||
+ if (maj_status & GSS_S_CONTINUE_NEEDED) {
|
||||
@ -2298,23 +2346,6 @@ index 00000000..60bc02de
|
||||
+ if (!(ret_flags & GSS_C_INTEG_FLAG))
|
||||
+ fatal("Integrity flag wasn't set");
|
||||
+
|
||||
+ hashlen = sizeof(hash);
|
||||
+ if ((r = kex_gen_hash(
|
||||
+ kex->hash_alg,
|
||||
+ kex->client_version,
|
||||
+ kex->server_version,
|
||||
+ kex->peer,
|
||||
+ kex->my,
|
||||
+ empty,
|
||||
+ client_pubkey,
|
||||
+ server_pubkey,
|
||||
+ shared_secret,
|
||||
+ hash, &hashlen)) != 0)
|
||||
+ goto out;
|
||||
+
|
||||
+ gssbuf.value = hash;
|
||||
+ gssbuf.length = hashlen;
|
||||
+
|
||||
+ if (GSS_ERROR(PRIVSEP(ssh_gssapi_sign(ctxt, &gssbuf, &msg_tok))))
|
||||
+ fatal("Couldn't get MIC");
|
||||
+
|
||||
|
46
SOURCES/openssh-8.7p1-scp-kill-switch.patch
Normal file
46
SOURCES/openssh-8.7p1-scp-kill-switch.patch
Normal file
@ -0,0 +1,46 @@
|
||||
diff -up openssh-8.7p1/pathnames.h.kill-scp openssh-8.7p1/pathnames.h
|
||||
--- openssh-8.7p1/pathnames.h.kill-scp 2021-09-16 11:37:57.240171687 +0200
|
||||
+++ openssh-8.7p1/pathnames.h 2021-09-16 11:42:29.183427917 +0200
|
||||
@@ -42,6 +42,7 @@
|
||||
#define _PATH_HOST_XMSS_KEY_FILE SSHDIR "/ssh_host_xmss_key"
|
||||
#define _PATH_HOST_RSA_KEY_FILE SSHDIR "/ssh_host_rsa_key"
|
||||
#define _PATH_DH_MODULI SSHDIR "/moduli"
|
||||
+#define _PATH_SCP_KILL_SWITCH SSHDIR "/disable_scp"
|
||||
|
||||
#ifndef _PATH_SSH_PROGRAM
|
||||
#define _PATH_SSH_PROGRAM "/usr/bin/ssh"
|
||||
diff -up openssh-8.7p1/scp.1.kill-scp openssh-8.7p1/scp.1
|
||||
--- openssh-8.7p1/scp.1.kill-scp 2021-09-16 12:09:02.646714578 +0200
|
||||
+++ openssh-8.7p1/scp.1 2021-09-16 12:26:49.978628226 +0200
|
||||
@@ -278,6 +278,13 @@ to print debugging messages about their
|
||||
This is helpful in
|
||||
debugging connection, authentication, and configuration problems.
|
||||
.El
|
||||
+.Pp
|
||||
+Usage of SCP protocol can be blocked by creating a world-readable
|
||||
+.Ar /etc/ssh/disable_scp
|
||||
+file. If this file exists, when SCP protocol is in use (either remotely or
|
||||
+via the
|
||||
+.Fl O
|
||||
+option), the program will exit.
|
||||
.Sh EXIT STATUS
|
||||
.Ex -std scp
|
||||
.Sh SEE ALSO
|
||||
diff -up openssh-8.7p1/scp.c.kill-scp openssh-8.7p1/scp.c
|
||||
--- openssh-8.7p1/scp.c.kill-scp 2021-09-16 11:42:56.013650519 +0200
|
||||
+++ openssh-8.7p1/scp.c 2021-09-16 11:53:03.249713836 +0200
|
||||
@@ -596,6 +596,14 @@ main(int argc, char **argv)
|
||||
argc -= optind;
|
||||
argv += optind;
|
||||
|
||||
+ {
|
||||
+ FILE *f = fopen(_PATH_SCP_KILL_SWITCH, "r");
|
||||
+ if (f != NULL) {
|
||||
+ fclose(f);
|
||||
+ fatal("SCP protocol is forbidden via %s", _PATH_SCP_KILL_SWITCH);
|
||||
+ }
|
||||
+ }
|
||||
+
|
||||
if ((pwd = getpwuid(userid = getuid())) == NULL)
|
||||
fatal("unknown user %u", (u_int) userid);
|
||||
|
17
SOURCES/openssh-9.3p1-upstream-cve-2023-38408.patch
Normal file
17
SOURCES/openssh-9.3p1-upstream-cve-2023-38408.patch
Normal file
@ -0,0 +1,17 @@
|
||||
diff --git a/ssh-pkcs11.c b/ssh-pkcs11.c
|
||||
index 6be647ec..ebddf6c3 100644
|
||||
--- a/ssh-pkcs11.c
|
||||
+++ b/ssh-pkcs11.c
|
||||
@@ -1537,10 +1537,8 @@ pkcs11_register_provider(char *provider_id, char *pin,
|
||||
error("dlopen %s failed: %s", provider_module, dlerror());
|
||||
goto fail;
|
||||
}
|
||||
- if ((getfunctionlist = dlsym(handle, "C_GetFunctionList")) == NULL) {
|
||||
- error("dlsym(C_GetFunctionList) failed: %s", dlerror());
|
||||
- goto fail;
|
||||
- }
|
||||
+ if ((getfunctionlist = dlsym(handle, "C_GetFunctionList")) == NULL)
|
||||
+ fatal("dlsym(C_GetFunctionList) failed: %s", dlerror());
|
||||
|
||||
p->module->handle = handle;
|
||||
/* setup the pkcs11 callbacks */
|
33
SOURCES/openssh-9.4p2-limit-delay.patch
Normal file
33
SOURCES/openssh-9.4p2-limit-delay.patch
Normal file
@ -0,0 +1,33 @@
|
||||
diff -u -p -r1.166 auth2.c
|
||||
--- a/auth2.c 8 Mar 2023 04:43:12 -0000 1.166
|
||||
+++ b/auth2.c 28 Aug 2023 08:32:44 -0000
|
||||
@@ -208,6 +208,7 @@ input_service_request(int type, u_int32_
|
||||
}
|
||||
|
||||
#define MIN_FAIL_DELAY_SECONDS 0.005
|
||||
+#define MAX_FAIL_DELAY_SECONDS 5.0
|
||||
static double
|
||||
user_specific_delay(const char *user)
|
||||
{
|
||||
@@ -233,6 +234,12 @@ ensure_minimum_time_since(double start,
|
||||
struct timespec ts;
|
||||
double elapsed = monotime_double() - start, req = seconds, remain;
|
||||
|
||||
+ if (elapsed > MAX_FAIL_DELAY_SECONDS) {
|
||||
+ debug3("elapsed %0.3lfms exceeded the max delay "
|
||||
+ "requested %0.3lfms)", elapsed*1000, req*1000);
|
||||
+ return;
|
||||
+ }
|
||||
+
|
||||
/* if we've already passed the requested time, scale up */
|
||||
while ((remain = seconds - elapsed) < 0.0)
|
||||
seconds *= 2;
|
||||
@@ -317,7 +324,7 @@ input_userauth_request(int type, u_int32
|
||||
debug2("input_userauth_request: try method %s", method);
|
||||
authenticated = m->userauth(ssh);
|
||||
}
|
||||
- if (!authctxt->authenticated)
|
||||
+ if (!authctxt->authenticated && strcmp(method, "none") != 0)
|
||||
ensure_minimum_time_since(tstart,
|
||||
user_specific_delay(authctxt->user));
|
||||
userauth_finish(ssh, authenticated, method, NULL);
|
447
SOURCES/openssh-9.6p1-CVE-2023-48795.patch
Normal file
447
SOURCES/openssh-9.6p1-CVE-2023-48795.patch
Normal file
@ -0,0 +1,447 @@
|
||||
diff --git a/PROTOCOL b/PROTOCOL
|
||||
index d453c779..ded935eb 100644
|
||||
--- a/PROTOCOL
|
||||
+++ b/PROTOCOL
|
||||
@@ -137,6 +137,32 @@ than as a named global or channel request to allow pings with very
|
||||
described at:
|
||||
http://git.libssh.org/users/aris/libssh.git/plain/doc/curve25519-sha256@libssh.org.txt?h=curve25519
|
||||
|
||||
+1.9 transport: strict key exchange extension
|
||||
+
|
||||
+OpenSSH supports a number of transport-layer hardening measures under
|
||||
+a "strict KEX" feature. This feature is signalled similarly to the
|
||||
+RFC8308 ext-info feature: by including a additional algorithm in the
|
||||
+initiial SSH2_MSG_KEXINIT kex_algorithms field. The client may append
|
||||
+"kex-strict-c-v00@openssh.com" to its kex_algorithms and the server
|
||||
+may append "kex-strict-s-v00@openssh.com". These pseudo-algorithms
|
||||
+are only valid in the initial SSH2_MSG_KEXINIT and MUST be ignored
|
||||
+if they are present in subsequent SSH2_MSG_KEXINIT packets.
|
||||
+
|
||||
+When an endpoint that supports this extension observes this algorithm
|
||||
+name in a peer's KEXINIT packet, it MUST make the following changes to
|
||||
+the the protocol:
|
||||
+
|
||||
+a) During initial KEX, terminate the connection if any unexpected or
|
||||
+ out-of-sequence packet is received. This includes terminating the
|
||||
+ connection if the first packet received is not SSH2_MSG_KEXINIT.
|
||||
+ Unexpected packets for the purpose of strict KEX include messages
|
||||
+ that are otherwise valid at any time during the connection such as
|
||||
+ SSH2_MSG_DEBUG and SSH2_MSG_IGNORE.
|
||||
+b) After sending or receiving a SSH2_MSG_NEWKEYS message, reset the
|
||||
+ packet sequence number to zero. This behaviour persists for the
|
||||
+ duration of the connection (i.e. not just the first
|
||||
+ SSH2_MSG_NEWKEYS).
|
||||
+
|
||||
2. Connection protocol changes
|
||||
|
||||
2.1. connection: Channel write close extension "eow@openssh.com"
|
||||
diff --git a/kex.c b/kex.c
|
||||
index aa5e792d..d478ff6e 100644
|
||||
--- a/kex.c
|
||||
+++ b/kex.c
|
||||
@@ -65,7 +65,7 @@
|
||||
#endif
|
||||
|
||||
/* prototype */
|
||||
-static int kex_choose_conf(struct ssh *);
|
||||
+static int kex_choose_conf(struct ssh *, uint32_t seq);
|
||||
static int kex_input_newkeys(int, u_int32_t, struct ssh *);
|
||||
|
||||
static const char *proposal_names[PROPOSAL_MAX] = {
|
||||
@@ -177,6 +177,18 @@ kex_names_valid(const char *names)
|
||||
return 1;
|
||||
}
|
||||
|
||||
+/* returns non-zero if proposal contains any algorithm from algs */
|
||||
+static int
|
||||
+has_any_alg(const char *proposal, const char *algs)
|
||||
+{
|
||||
+ char *cp;
|
||||
+
|
||||
+ if ((cp = match_list(proposal, algs, NULL)) == NULL)
|
||||
+ return 0;
|
||||
+ free(cp);
|
||||
+ return 1;
|
||||
+}
|
||||
+
|
||||
/*
|
||||
* Concatenate algorithm names, avoiding duplicates in the process.
|
||||
* Caller must free returned string.
|
||||
@@ -184,7 +196,7 @@ kex_names_valid(const char *names)
|
||||
char *
|
||||
kex_names_cat(const char *a, const char *b)
|
||||
{
|
||||
- char *ret = NULL, *tmp = NULL, *cp, *p, *m;
|
||||
+ char *ret = NULL, *tmp = NULL, *cp, *p;
|
||||
size_t len;
|
||||
|
||||
if (a == NULL || *a == '\0')
|
||||
@@ -201,10 +213,8 @@ kex_names_cat(const char *a, const char *b)
|
||||
}
|
||||
strlcpy(ret, a, len);
|
||||
for ((p = strsep(&cp, ",")); p && *p != '\0'; (p = strsep(&cp, ","))) {
|
||||
- if ((m = match_list(ret, p, NULL)) != NULL) {
|
||||
- free(m);
|
||||
+ if (has_any_alg(ret, p))
|
||||
continue; /* Algorithm already present */
|
||||
- }
|
||||
if (strlcat(ret, ",", len) >= len ||
|
||||
strlcat(ret, p, len) >= len) {
|
||||
free(tmp);
|
||||
@@ -466,7 +485,12 @@ kex_protocol_error(int type, u_int32_t seq, struct ssh *ssh)
|
||||
{
|
||||
int r;
|
||||
|
||||
- error("kex protocol error: type %d seq %u", type, seq);
|
||||
+ /* If in strict mode, any unexpected message is an error */
|
||||
+ if ((ssh->kex->flags & KEX_INITIAL) && ssh->kex->kex_strict) {
|
||||
+ ssh_packet_disconnect(ssh, "strict KEX violation: "
|
||||
+ "unexpected packet type %u (seqnr %u)", type, seq);
|
||||
+ }
|
||||
+ error("type %u seq %u", type, seq);
|
||||
if ((r = sshpkt_start(ssh, SSH2_MSG_UNIMPLEMENTED)) != 0 ||
|
||||
(r = sshpkt_put_u32(ssh, seq)) != 0 ||
|
||||
(r = sshpkt_send(ssh)) != 0)
|
||||
@@ -548,6 +572,11 @@ kex_input_ext_info(int type, u_int32_t seq, struct ssh *ssh)
|
||||
ssh_dispatch_set(ssh, SSH2_MSG_EXT_INFO, &kex_protocol_error);
|
||||
if ((r = sshpkt_get_u32(ssh, &ninfo)) != 0)
|
||||
return r;
|
||||
+ if (ninfo >= 1024) {
|
||||
+ error("SSH2_MSG_EXT_INFO with too many entries, expected "
|
||||
+ "<=1024, received %u", ninfo);
|
||||
+ return dispatch_protocol_error(type, seq, ssh);
|
||||
+ }
|
||||
for (i = 0; i < ninfo; i++) {
|
||||
if ((r = sshpkt_get_cstring(ssh, &name, NULL)) != 0)
|
||||
return r;
|
||||
@@ -681,7 +705,7 @@ kex_input_kexinit(int type, u_int32_t seq, struct ssh *ssh)
|
||||
if (kex == NULL)
|
||||
return SSH_ERR_INVALID_ARGUMENT;
|
||||
|
||||
- ssh_dispatch_set(ssh, SSH2_MSG_KEXINIT, NULL);
|
||||
+ ssh_dispatch_set(ssh, SSH2_MSG_KEXINIT, &kex_protocol_error);
|
||||
ptr = sshpkt_ptr(ssh, &dlen);
|
||||
if ((r = sshbuf_put(kex->peer, ptr, dlen)) != 0)
|
||||
return r;
|
||||
@@ -717,7 +741,7 @@ kex_input_kexinit(int type, u_int32_t seq, struct ssh *ssh)
|
||||
if (!(kex->flags & KEX_INIT_SENT))
|
||||
if ((r = kex_send_kexinit(ssh)) != 0)
|
||||
return r;
|
||||
- if ((r = kex_choose_conf(ssh)) != 0)
|
||||
+ if ((r = kex_choose_conf(ssh, seq)) != 0)
|
||||
return r;
|
||||
|
||||
if (kex->kex_type < KEX_MAX && kex->kex[kex->kex_type] != NULL)
|
||||
@@ -981,20 +1005,14 @@ proposals_match(char *my[PROPOSAL_MAX], char *peer[PROPOSAL_MAX])
|
||||
return (1);
|
||||
}
|
||||
|
||||
-/* returns non-zero if proposal contains any algorithm from algs */
|
||||
static int
|
||||
-has_any_alg(const char *proposal, const char *algs)
|
||||
+kexalgs_contains(char **peer, const char *ext)
|
||||
{
|
||||
- char *cp;
|
||||
-
|
||||
- if ((cp = match_list(proposal, algs, NULL)) == NULL)
|
||||
- return 0;
|
||||
- free(cp);
|
||||
- return 1;
|
||||
+ return has_any_alg(peer[PROPOSAL_KEX_ALGS], ext);
|
||||
}
|
||||
|
||||
static int
|
||||
-kex_choose_conf(struct ssh *ssh)
|
||||
+kex_choose_conf(struct ssh *ssh, uint32_t seq)
|
||||
{
|
||||
struct kex *kex = ssh->kex;
|
||||
struct newkeys *newkeys;
|
||||
@@ -1019,13 +1037,23 @@ kex_choose_conf(struct ssh *ssh)
|
||||
sprop=peer;
|
||||
}
|
||||
|
||||
- /* Check whether client supports ext_info_c */
|
||||
- if (kex->server && (kex->flags & KEX_INITIAL)) {
|
||||
- char *ext;
|
||||
-
|
||||
- ext = match_list("ext-info-c", peer[PROPOSAL_KEX_ALGS], NULL);
|
||||
- kex->ext_info_c = (ext != NULL);
|
||||
- free(ext);
|
||||
+ /* Check whether peer supports ext_info/kex_strict */
|
||||
+ if ((kex->flags & KEX_INITIAL) != 0) {
|
||||
+ if (kex->server) {
|
||||
+ kex->ext_info_c = kexalgs_contains(peer, "ext-info-c");
|
||||
+ kex->kex_strict = kexalgs_contains(peer,
|
||||
+ "kex-strict-c-v00@openssh.com");
|
||||
+ } else {
|
||||
+ kex->kex_strict = kexalgs_contains(peer,
|
||||
+ "kex-strict-s-v00@openssh.com");
|
||||
+ }
|
||||
+ if (kex->kex_strict) {
|
||||
+ debug3("will use strict KEX ordering");
|
||||
+ if (seq != 0)
|
||||
+ ssh_packet_disconnect(ssh,
|
||||
+ "strict KEX violation: "
|
||||
+ "KEXINIT was not the first packet");
|
||||
+ }
|
||||
}
|
||||
|
||||
/* Check whether client supports rsa-sha2 algorithms */
|
||||
diff --git a/kex.h b/kex.h
|
||||
index 5f7ef784..272ebb43 100644
|
||||
--- a/kex.h
|
||||
+++ b/kex.h
|
||||
@@ -149,6 +149,7 @@ struct kex {
|
||||
u_int kex_type;
|
||||
char *server_sig_algs;
|
||||
int ext_info_c;
|
||||
+ int kex_strict;
|
||||
struct sshbuf *my;
|
||||
struct sshbuf *peer;
|
||||
struct sshbuf *client_version;
|
||||
diff --git a/packet.c b/packet.c
|
||||
index 52017def..beb214f9 100644
|
||||
--- a/packet.c
|
||||
+++ b/packet.c
|
||||
@@ -1207,8 +1207,13 @@ ssh_packet_send2_wrapped(struct ssh *ssh)
|
||||
sshbuf_dump(state->output, stderr);
|
||||
#endif
|
||||
/* increment sequence number for outgoing packets */
|
||||
- if (++state->p_send.seqnr == 0)
|
||||
+ if (++state->p_send.seqnr == 0) {
|
||||
+ if ((ssh->kex->flags & KEX_INITIAL) != 0) {
|
||||
+ ssh_packet_disconnect(ssh, "outgoing sequence number "
|
||||
+ "wrapped during initial key exchange");
|
||||
+ }
|
||||
logit("outgoing seqnr wraps around");
|
||||
+ }
|
||||
if (++state->p_send.packets == 0)
|
||||
if (!(ssh->compat & SSH_BUG_NOREKEY))
|
||||
return SSH_ERR_NEED_REKEY;
|
||||
@@ -1216,6 +1221,11 @@ ssh_packet_send2_wrapped(struct ssh *ssh)
|
||||
state->p_send.bytes += len;
|
||||
sshbuf_reset(state->outgoing_packet);
|
||||
|
||||
+ if (type == SSH2_MSG_NEWKEYS && ssh->kex->kex_strict) {
|
||||
+ debug("resetting send seqnr %u", state->p_send.seqnr);
|
||||
+ state->p_send.seqnr = 0;
|
||||
+ }
|
||||
+
|
||||
if (type == SSH2_MSG_NEWKEYS)
|
||||
r = ssh_set_newkeys(ssh, MODE_OUT);
|
||||
else if (type == SSH2_MSG_USERAUTH_SUCCESS && state->server_side)
|
||||
@@ -1344,8 +1354,7 @@ ssh_packet_read_seqnr(struct ssh *ssh, u_char *typep, u_int32_t *seqnr_p)
|
||||
/* Stay in the loop until we have received a complete packet. */
|
||||
for (;;) {
|
||||
/* Try to read a packet from the buffer. */
|
||||
- r = ssh_packet_read_poll_seqnr(ssh, typep, seqnr_p);
|
||||
- if (r != 0)
|
||||
+ if ((r = ssh_packet_read_poll_seqnr(ssh, typep, seqnr_p)) != 0)
|
||||
break;
|
||||
/* If we got a packet, return it. */
|
||||
if (*typep != SSH_MSG_NONE)
|
||||
@@ -1629,10 +1615,16 @@ ssh_packet_read_poll2(struct ssh *ssh, u_char *typep, u_int32_t *seqnr_p)
|
||||
if ((r = sshbuf_consume(state->input, mac->mac_len)) != 0)
|
||||
goto out;
|
||||
}
|
||||
+
|
||||
if (seqnr_p != NULL)
|
||||
*seqnr_p = state->p_read.seqnr;
|
||||
- if (++state->p_read.seqnr == 0)
|
||||
+ if (++state->p_read.seqnr == 0) {
|
||||
+ if ((ssh->kex->flags & KEX_INITIAL) != 0) {
|
||||
+ ssh_packet_disconnect(ssh, "incoming sequence number "
|
||||
+ "wrapped during initial key exchange");
|
||||
+ }
|
||||
logit("incoming seqnr wraps around");
|
||||
+ }
|
||||
if (++state->p_read.packets == 0)
|
||||
if (!(ssh->compat & SSH_BUG_NOREKEY))
|
||||
return SSH_ERR_NEED_REKEY;
|
||||
@@ -1698,6 +1690,10 @@ ssh_packet_read_poll2(struct ssh *ssh, u_char *typep, u_int32_t *seqnr_p)
|
||||
#endif
|
||||
/* reset for next packet */
|
||||
state->packlen = 0;
|
||||
+ if (*typep == SSH2_MSG_NEWKEYS && ssh->kex->kex_strict) {
|
||||
+ debug("resetting read seqnr %u", state->p_read.seqnr);
|
||||
+ state->p_read.seqnr = 0;
|
||||
+ }
|
||||
|
||||
/* do we need to rekey? */
|
||||
if (ssh_packet_need_rekeying(ssh, 0)) {
|
||||
@@ -1720,10 +1716,39 @@ ssh_packet_read_poll_seqnr(struct ssh *ssh, u_char *typep, u_int32_t *seqnr_p)
|
||||
r = ssh_packet_read_poll2(ssh, typep, seqnr_p);
|
||||
if (r != 0)
|
||||
return r;
|
||||
- if (*typep) {
|
||||
- state->keep_alive_timeouts = 0;
|
||||
- DBG(debug("received packet type %d", *typep));
|
||||
+ if (*typep == 0) {
|
||||
+ /* no message ready */
|
||||
+ return 0;
|
||||
}
|
||||
+ state->keep_alive_timeouts = 0;
|
||||
+ DBG(debug("received packet type %d", *typep));
|
||||
+
|
||||
+ /* Always process disconnect messages */
|
||||
+ if (*typep == SSH2_MSG_DISCONNECT) {
|
||||
+ if ((r = sshpkt_get_u32(ssh, &reason)) != 0 ||
|
||||
+ (r = sshpkt_get_string(ssh, &msg, NULL)) != 0)
|
||||
+ return r;
|
||||
+ /* Ignore normal client exit notifications */
|
||||
+ do_log2(ssh->state->server_side &&
|
||||
+ reason == SSH2_DISCONNECT_BY_APPLICATION ?
|
||||
+ SYSLOG_LEVEL_INFO : SYSLOG_LEVEL_ERROR,
|
||||
+ "Received disconnect from %s port %d:"
|
||||
+ "%u: %.400s", ssh_remote_ipaddr(ssh),
|
||||
+ ssh_remote_port(ssh), reason, msg);
|
||||
+ free(msg);
|
||||
+ return SSH_ERR_DISCONNECTED;
|
||||
+ }
|
||||
+
|
||||
+ /*
|
||||
+ * Do not implicitly handle any messages here during initial
|
||||
+ * KEX when in strict mode. They will be need to be allowed
|
||||
+ * explicitly by the KEX dispatch table or they will generate
|
||||
+ * protocol errors.
|
||||
+ */
|
||||
+ if (ssh->kex != NULL &&
|
||||
+ (ssh->kex->flags & KEX_INITIAL) && ssh->kex->kex_strict)
|
||||
+ return 0;
|
||||
+ /* Implicitly handle transport-level messages */
|
||||
switch (*typep) {
|
||||
case SSH2_MSG_IGNORE:
|
||||
debug3("Received SSH2_MSG_IGNORE");
|
||||
@@ -1738,19 +1763,6 @@ ssh_packet_read_poll_seqnr(struct ssh *ssh, u_char *typep, u_int32_t *seqnr_p)
|
||||
debug("Remote: %.900s", msg);
|
||||
free(msg);
|
||||
break;
|
||||
- case SSH2_MSG_DISCONNECT:
|
||||
- if ((r = sshpkt_get_u32(ssh, &reason)) != 0 ||
|
||||
- (r = sshpkt_get_string(ssh, &msg, NULL)) != 0)
|
||||
- return r;
|
||||
- /* Ignore normal client exit notifications */
|
||||
- do_log2(ssh->state->server_side &&
|
||||
- reason == SSH2_DISCONNECT_BY_APPLICATION ?
|
||||
- SYSLOG_LEVEL_INFO : SYSLOG_LEVEL_ERROR,
|
||||
- "Received disconnect from %s port %d:"
|
||||
- "%u: %.400s", ssh_remote_ipaddr(ssh),
|
||||
- ssh_remote_port(ssh), reason, msg);
|
||||
- free(msg);
|
||||
- return SSH_ERR_DISCONNECTED;
|
||||
case SSH2_MSG_UNIMPLEMENTED:
|
||||
if ((r = sshpkt_get_u32(ssh, &seqnr)) != 0)
|
||||
return r;
|
||||
@@ -2242,6 +2254,7 @@ kex_to_blob(struct sshbuf *m, struct kex *kex)
|
||||
(r = sshbuf_put_u32(m, kex->hostkey_type)) != 0 ||
|
||||
(r = sshbuf_put_u32(m, kex->hostkey_nid)) != 0 ||
|
||||
(r = sshbuf_put_u32(m, kex->kex_type)) != 0 ||
|
||||
+ (r = sshbuf_put_u32(m, kex->kex_strict)) != 0 ||
|
||||
(r = sshbuf_put_stringb(m, kex->my)) != 0 ||
|
||||
(r = sshbuf_put_stringb(m, kex->peer)) != 0 ||
|
||||
(r = sshbuf_put_stringb(m, kex->client_version)) != 0 ||
|
||||
@@ -2404,6 +2417,7 @@ kex_from_blob(struct sshbuf *m, struct kex **kexp)
|
||||
(r = sshbuf_get_u32(m, (u_int *)&kex->hostkey_type)) != 0 ||
|
||||
(r = sshbuf_get_u32(m, (u_int *)&kex->hostkey_nid)) != 0 ||
|
||||
(r = sshbuf_get_u32(m, &kex->kex_type)) != 0 ||
|
||||
+ (r = sshbuf_get_u32(m, &kex->kex_strict)) != 0 ||
|
||||
(r = sshbuf_get_stringb(m, kex->my)) != 0 ||
|
||||
(r = sshbuf_get_stringb(m, kex->peer)) != 0 ||
|
||||
(r = sshbuf_get_stringb(m, kex->client_version)) != 0 ||
|
||||
@@ -2732,6 +2746,7 @@ sshpkt_disconnect(struct ssh *ssh, const char *fmt,...)
|
||||
vsnprintf(buf, sizeof(buf), fmt, args);
|
||||
va_end(args);
|
||||
|
||||
+ debug2("sending SSH2_MSG_DISCONNECT: %s", buf);
|
||||
if ((r = sshpkt_start(ssh, SSH2_MSG_DISCONNECT)) != 0 ||
|
||||
(r = sshpkt_put_u32(ssh, SSH2_DISCONNECT_PROTOCOL_ERROR)) != 0 ||
|
||||
(r = sshpkt_put_cstring(ssh, buf)) != 0 ||
|
||||
diff --git a/sshconnect2.c b/sshconnect2.c
|
||||
index df6caf81..0cccbcc4 100644
|
||||
--- a/sshconnect2.c
|
||||
+++ b/sshconnect2.c
|
||||
@@ -253,7 +253,8 @@ ssh_kex2(struct ssh *ssh, char *host, st
|
||||
xxx_host = host;
|
||||
xxx_hostaddr = hostaddr;
|
||||
|
||||
- if ((s = kex_names_cat(options.kex_algorithms, "ext-info-c")) == NULL)
|
||||
+ if ((s = kex_names_cat(options.kex_algorithms,
|
||||
+ "ext-info-c,kex-strict-c-v00@openssh.com")) == NULL)
|
||||
fatal("%s: kex_names_cat", __func__);
|
||||
myproposal[PROPOSAL_KEX_ALGS] = compat_kex_proposal(s);
|
||||
myproposal[PROPOSAL_ENC_ALGS_CTOS] =
|
||||
@@ -358,7 +358,6 @@ struct cauthmethod {
|
||||
};
|
||||
|
||||
static int input_userauth_service_accept(int, u_int32_t, struct ssh *);
|
||||
-static int input_userauth_ext_info(int, u_int32_t, struct ssh *);
|
||||
static int input_userauth_success(int, u_int32_t, struct ssh *);
|
||||
static int input_userauth_failure(int, u_int32_t, struct ssh *);
|
||||
static int input_userauth_banner(int, u_int32_t, struct ssh *);
|
||||
@@ -472,7 +471,7 @@ ssh_userauth2(struct ssh *ssh, const char *local_user,
|
||||
|
||||
ssh->authctxt = &authctxt;
|
||||
ssh_dispatch_init(ssh, &input_userauth_error);
|
||||
- ssh_dispatch_set(ssh, SSH2_MSG_EXT_INFO, &input_userauth_ext_info);
|
||||
+ ssh_dispatch_set(ssh, SSH2_MSG_EXT_INFO, kex_input_ext_info);
|
||||
ssh_dispatch_set(ssh, SSH2_MSG_SERVICE_ACCEPT, &input_userauth_service_accept);
|
||||
ssh_dispatch_run_fatal(ssh, DISPATCH_BLOCK, &authctxt.success); /* loop until success */
|
||||
pubkey_cleanup(ssh);
|
||||
@@ -531,12 +530,6 @@ input_userauth_service_accept(int type, u_int32_t seq, struct ssh *ssh)
|
||||
}
|
||||
|
||||
/* ARGSUSED */
|
||||
-static int
|
||||
-input_userauth_ext_info(int type, u_int32_t seqnr, struct ssh *ssh)
|
||||
-{
|
||||
- return kex_input_ext_info(type, seqnr, ssh);
|
||||
-}
|
||||
-
|
||||
void
|
||||
userauth(struct ssh *ssh, char *authlist)
|
||||
{
|
||||
@@ -615,6 +608,7 @@ input_userauth_success(int type, u_int32_t seq, struct ssh *ssh)
|
||||
free(authctxt->methoddata);
|
||||
authctxt->methoddata = NULL;
|
||||
authctxt->success = 1; /* break out */
|
||||
+ ssh_dispatch_set(ssh, SSH2_MSG_EXT_INFO, dispatch_protocol_error);
|
||||
return 0;
|
||||
}
|
||||
|
||||
diff -up openssh-8.7p1/sshd.c.kexstrict openssh-8.7p1/sshd.c
|
||||
--- openssh-8.7p1/sshd.c.kexstrict 2023-11-27 13:19:18.855433602 +0100
|
||||
+++ openssh-8.7p1/sshd.c 2023-11-27 13:28:10.441325314 +0100
|
||||
@@ -2531,10 +2531,14 @@ do_ssh2_kex(struct ssh *ssh)
|
||||
{
|
||||
char *myproposal[PROPOSAL_MAX] = { KEX_SERVER };
|
||||
struct kex *kex;
|
||||
+ char *cp;
|
||||
int r;
|
||||
|
||||
- myproposal[PROPOSAL_KEX_ALGS] = compat_kex_proposal(
|
||||
- options.kex_algorithms);
|
||||
+ if ((cp = kex_names_cat(options.kex_algorithms,
|
||||
+ "kex-strict-s-v00@openssh.com")) == NULL)
|
||||
+ fatal("kex_names_cat");
|
||||
+
|
||||
+ myproposal[PROPOSAL_KEX_ALGS] = compat_kex_proposal(cp);
|
||||
myproposal[PROPOSAL_ENC_ALGS_CTOS] = compat_cipher_proposal(
|
||||
options.ciphers);
|
||||
myproposal[PROPOSAL_ENC_ALGS_STOC] = compat_cipher_proposal(
|
||||
@@ -2586,7 +2586,7 @@ do_ssh2_kex(struct ssh *ssh)
|
||||
if (gss && orig)
|
||||
xasprintf(&newstr, "%s,%s", gss, orig);
|
||||
else if (gss)
|
||||
- newstr = gss;
|
||||
+ xasprintf(&newstr, "%s,%s", gss, "kex-strict-s-v00@openssh.com");
|
||||
else if (orig)
|
||||
newstr = orig;
|
||||
|
||||
@@ -2650,6 +2654,7 @@ do_ssh2_kex(struct ssh *ssh)
|
||||
packet_send();
|
||||
packet_write_wait();
|
||||
#endif
|
||||
+ free(cp);
|
||||
debug("KEX done");
|
||||
}
|
||||
|
57
SOURCES/openssh-9.6p1-CVE-2023-51385.patch
Normal file
57
SOURCES/openssh-9.6p1-CVE-2023-51385.patch
Normal file
@ -0,0 +1,57 @@
|
||||
diff --git a/ssh.c b/ssh.c
|
||||
index 35c48e62..48d93ddf 100644
|
||||
--- a/ssh.c
|
||||
+++ b/ssh.c
|
||||
@@ -626,6 +626,41 @@ ssh_conn_info_free(struct ssh_conn_info *cinfo)
|
||||
}
|
||||
}
|
||||
|
||||
+static int
|
||||
+valid_hostname(const char *s)
|
||||
+{
|
||||
+ size_t i;
|
||||
+
|
||||
+ if (*s == '-')
|
||||
+ return 0;
|
||||
+ for (i = 0; s[i] != 0; i++) {
|
||||
+ if (strchr("'`\"$\\;&<>|(){}", s[i]) != NULL ||
|
||||
+ isspace((u_char)s[i]) || iscntrl((u_char)s[i]))
|
||||
+ return 0;
|
||||
+ }
|
||||
+ return 1;
|
||||
+}
|
||||
+
|
||||
+static int
|
||||
+valid_ruser(const char *s)
|
||||
+{
|
||||
+ size_t i;
|
||||
+
|
||||
+ if (*s == '-')
|
||||
+ return 0;
|
||||
+ for (i = 0; s[i] != 0; i++) {
|
||||
+ if (strchr("'`\";&<>|(){}", s[i]) != NULL)
|
||||
+ return 0;
|
||||
+ /* Disallow '-' after whitespace */
|
||||
+ if (isspace((u_char)s[i]) && s[i + 1] == '-')
|
||||
+ return 0;
|
||||
+ /* Disallow \ in last position */
|
||||
+ if (s[i] == '\\' && s[i + 1] == '\0')
|
||||
+ return 0;
|
||||
+ }
|
||||
+ return 1;
|
||||
+}
|
||||
+
|
||||
/*
|
||||
* Main program for the ssh client.
|
||||
*/
|
||||
@@ -1118,6 +1153,10 @@ main(int ac, char **av)
|
||||
if (!host)
|
||||
usage();
|
||||
|
||||
+ if (!valid_hostname(host))
|
||||
+ fatal("hostname contains invalid characters");
|
||||
+ if (options.user != NULL && !valid_ruser(options.user))
|
||||
+ fatal("remote username contains invalid characters");
|
||||
host_arg = xstrdup(host);
|
||||
|
||||
/* Initialize the command to execute on remote host. */
|
@ -66,7 +66,7 @@
|
||||
|
||||
# Do not forget to bump pam_ssh_agent_auth release if you rewind the main package release to 1
|
||||
%global openssh_ver 8.0p1
|
||||
%global openssh_rel 17
|
||||
%global openssh_rel 24
|
||||
%global pam_ssh_agent_ver 0.10.3
|
||||
%global pam_ssh_agent_rel 7
|
||||
|
||||
@ -277,6 +277,21 @@ Patch985: openssh-8.7p1-minimize-sha1-use.patch
|
||||
Patch986: openssh-9.1p1-sshbanner.patch
|
||||
# Upstream 25e3bccbaa63d27b9d5e09c123f1eb28594d2bd6
|
||||
Patch987: openssh-8.0p1-ipv6-process.patch
|
||||
# Upstream 4332b4fe49360679647a8705bc08f4e81323f6b4
|
||||
Patch988: openssh-8.0p1-avoidkillall.patch
|
||||
# Upstream 89b54900ac61986760452f132bbe3fb7249cfdac
|
||||
Patch989: openssh-8.0p1-bigsshdconfig.patch
|
||||
# upsream commit
|
||||
# b23fe83f06ee7e721033769cfa03ae840476d280
|
||||
Patch1015: openssh-9.3p1-upstream-cve-2023-38408.patch
|
||||
#upstream commit 01dbf3d46651b7d6ddf5e45d233839bbfffaeaec
|
||||
Patch1017: openssh-9.4p2-limit-delay.patch
|
||||
#upstream commit 1edb00c58f8a6875fad6a497aa2bacf37f9e6cd5
|
||||
Patch1018: openssh-9.6p1-CVE-2023-48795.patch
|
||||
#upstream commit 7ef3787c84b6b524501211b11a26c742f829af1a
|
||||
Patch1019: openssh-9.6p1-CVE-2023-51385.patch
|
||||
# SCP kill switch
|
||||
Patch1020: openssh-8.7p1-scp-kill-switch.patch
|
||||
|
||||
License: BSD
|
||||
Group: Applications/Internet
|
||||
@ -510,6 +525,8 @@ popd
|
||||
%patch985 -p1 -b .minimize-sha1-use
|
||||
%patch986 -p1 -b .banner
|
||||
%patch987 -p1 -b .sftp_ipv6
|
||||
%patch988 -p1 -b .killall
|
||||
%patch989 -p1 -b .bigsshdconfig
|
||||
|
||||
%patch200 -p1 -b .audit
|
||||
%patch201 -p1 -b .audit-race
|
||||
@ -517,6 +534,12 @@ popd
|
||||
|
||||
%patch100 -p1 -b .coverity
|
||||
|
||||
%patch1015 -p1 -b .cve-2023-38408
|
||||
%patch1017 -p1 -b .limitdelay
|
||||
%patch1018 -p1 -b .cve-2023-48795
|
||||
%patch1019 -p1 -b .cve-2023-51385
|
||||
%patch1020 -p1 -b .scp-kill-switch
|
||||
|
||||
autoreconf
|
||||
pushd pam_ssh_agent_auth-%{pam_ssh_agent_ver}
|
||||
autoreconf
|
||||
@ -801,6 +824,46 @@ getent passwd sshd >/dev/null || \
|
||||
%endif
|
||||
|
||||
%changelog
|
||||
* Tue Feb 06 2024 Dmitry Belyavskiy <dbelyavs@redhat.com> - 8.0p1-24
|
||||
- Providing a kill switch for scp to deal with CVE-2020-15778
|
||||
Resolves: RHEL-22870
|
||||
|
||||
* Fri Jan 05 2024 Dmitry Belyavskiy <dbelyavs@redhat.com> - 8.0p1-23
|
||||
- Fix Terrapin attack
|
||||
Resolves: RHEL-19308
|
||||
|
||||
* Thu Dec 21 2023 Dmitry Belyavskiy <dbelyavs@redhat.com> - 8.0p1-22
|
||||
- Fix Terrapin attack
|
||||
Resolves: RHEL-19308
|
||||
- Forbid shell metasymbols in username/hostname
|
||||
Resolves: RHEL-19788
|
||||
|
||||
* Tue Nov 07 2023 Dmitry Belyavskiy <dbelyavs@redhat.com> - 8.0p1-21
|
||||
- Using DigestSign/DigestVerify functions for better FIPS compatibility
|
||||
Resolves: RHEL-5217
|
||||
|
||||
* Mon Oct 30 2023 Dmitry Belyavskiy <dbelyavs@redhat.com> - 8.0p1-20
|
||||
- Limit artificial delays in sshd while login using AD user
|
||||
Resolves: RHEL-1684
|
||||
- Add comment to OpenSSH server config about FIPS-incompatible key
|
||||
Resolves: RHEL-5221
|
||||
- Avoid killing all processes on system in case of race condition
|
||||
Resolves: RHEL-11548
|
||||
- Avoid sshd_config 256K limit
|
||||
Resolves: RHEL-5279
|
||||
- Using DigestSign/DigestVerify functions for better FIPS compatibility
|
||||
Resolves: RHEL-5217
|
||||
- Fix GSS KEX causing ssh failures when connecting to WinSSHD
|
||||
Resolves: RHEL-5321
|
||||
|
||||
* Thu Aug 24 2023 Dmitry Belyavskiy <dbelyavs@redhat.com> - 8.0p1-19
|
||||
- rebuilt
|
||||
Related: CVE-2023-38408
|
||||
|
||||
* Thu Jul 20 2023 Dmitry Belyavskiy <dbelyavs@redhat.com> - 8.0p1-18
|
||||
- Avoid remote code execution in ssh-agent PKCS#11 support
|
||||
Resolves: CVE-2023-38408
|
||||
|
||||
* Tue Dec 20 2022 Dmitry Belyavskiy - 8.0p1-17
|
||||
- Fix parsing of IPv6 IPs in sftp client (#2151334)
|
||||
- Avoid ssh banner one-byte overflow (#2138344)
|
||||
|
Loading…
Reference in New Issue
Block a user