diff --git a/openssh-6.4p1-audit.patch b/openssh-6.6p1-audit.patch similarity index 82% rename from openssh-6.4p1-audit.patch rename to openssh-6.6p1-audit.patch index 77a6fa4..e1b2b98 100644 --- a/openssh-6.4p1-audit.patch +++ b/openssh-6.6p1-audit.patch @@ -1,19 +1,22 @@ -diff -up openssh-6.3p1/Makefile.in.audit openssh-6.3p1/Makefile.in ---- openssh-6.3p1/Makefile.in.audit 2013-06-11 03:26:10.000000000 +0200 -+++ openssh-6.3p1/Makefile.in 2013-10-07 15:53:34.246717277 +0200 -@@ -73,7 +73,7 @@ LIBSSH_OBJS=authfd.o authfile.o bufaux.o - monitor_fdpass.o rijndael.o ssh-dss.o ssh-ecdsa.o ssh-rsa.o dh.o \ - kexdh.o kexgex.o kexdhc.o kexgexc.o bufec.o kexecdh.o kexecdhc.o \ - msg.o progressmeter.o dns.o entropy.o gss-genr.o umac.o umac128.o \ -- jpake.o schnorr.o ssh-pkcs11.o krl.o -+ jpake.o schnorr.o ssh-pkcs11.o krl.o auditstub.o +diff --git a/Makefile.in b/Makefile.in +index 2ad26ff..3bb7f00 100644 +--- a/Makefile.in ++++ b/Makefile.in +@@ -82,7 +82,8 @@ LIBSSH_OBJS=authfd.o authfile.o bufaux.o bufbn.o buffer.o \ + ssh-pkcs11.o krl.o smult_curve25519_ref.o \ + kexc25519.o kexc25519c.o poly1305.o chacha.o cipher-chachapoly.o \ + ssh-ed25519.o digest-openssl.o hmac.o \ +- sc25519.o ge25519.o fe25519.o ed25519.o verify.o hash.o blocks.o ++ sc25519.o ge25519.o fe25519.o ed25519.o verify.o hash.o blocks.o \ ++ auditstub.o SSHOBJS= ssh.o readconf.o clientloop.o sshtty.o \ sshconnect.o sshconnect1.o sshconnect2.o mux.o \ -diff -up openssh-6.3p1/audit-bsm.c.audit openssh-6.3p1/audit-bsm.c ---- openssh-6.3p1/audit-bsm.c.audit 2012-02-24 00:40:43.000000000 +0100 -+++ openssh-6.3p1/audit-bsm.c 2013-10-07 15:53:34.246717277 +0200 -@@ -375,10 +375,23 @@ audit_connection_from(const char *host, +diff --git a/audit-bsm.c b/audit-bsm.c +index 6135591..5160869 100644 +--- a/audit-bsm.c ++++ b/audit-bsm.c +@@ -375,10 +375,23 @@ audit_connection_from(const char *host, int port) #endif } @@ -38,7 +41,7 @@ diff -up openssh-6.3p1/audit-bsm.c.audit openssh-6.3p1/audit-bsm.c } void -@@ -393,6 +406,12 @@ audit_session_close(struct logininfo *li +@@ -393,6 +406,12 @@ audit_session_close(struct logininfo *li) /* not implemented */ } @@ -92,9 +95,10 @@ diff -up openssh-6.3p1/audit-bsm.c.audit openssh-6.3p1/audit-bsm.c + /* not implemented */ +} #endif /* BSM */ -diff -up openssh-6.3p1/audit-linux.c.audit openssh-6.3p1/audit-linux.c ---- openssh-6.3p1/audit-linux.c.audit 2011-01-17 11:15:30.000000000 +0100 -+++ openssh-6.3p1/audit-linux.c 2013-10-07 15:53:34.246717277 +0200 +diff --git a/audit-linux.c b/audit-linux.c +index b3ee2f4..946f7fa 100644 +--- a/audit-linux.c ++++ b/audit-linux.c @@ -35,13 +35,24 @@ #include "log.h" @@ -123,7 +127,7 @@ diff -up openssh-6.3p1/audit-linux.c.audit openssh-6.3p1/audit-linux.c { int audit_fd, rc, saved_errno; -@@ -49,11 +60,11 @@ linux_audit_record_event(int uid, const +@@ -49,11 +60,11 @@ linux_audit_record_event(int uid, const char *username, if (audit_fd < 0) { if (errno == EINVAL || errno == EPROTONOSUPPORT || errno == EAFNOSUPPORT) @@ -138,7 +142,7 @@ diff -up openssh-6.3p1/audit-linux.c.audit openssh-6.3p1/audit-linux.c NULL, "login", username ? username : "(unknown)", username == NULL ? uid : -1, hostname, ip, ttyn, success); saved_errno = errno; -@@ -65,35 +76,150 @@ linux_audit_record_event(int uid, const +@@ -65,35 +76,150 @@ linux_audit_record_event(int uid, const char *username, if ((rc == -EPERM) && (geteuid() != 0)) rc = 0; errno = saved_errno; @@ -481,9 +485,10 @@ diff -up openssh-6.3p1/audit-linux.c.audit openssh-6.3p1/audit-linux.c + error("cannot write into audit"); +} #endif /* USE_LINUX_AUDIT */ -diff -up openssh-6.3p1/audit.c.audit openssh-6.3p1/audit.c ---- openssh-6.3p1/audit.c.audit 2011-01-17 11:15:30.000000000 +0100 -+++ openssh-6.3p1/audit.c 2013-10-07 15:53:34.246717277 +0200 +diff --git a/audit.c b/audit.c +index ced57fa..b806f03 100644 +--- a/audit.c ++++ b/audit.c @@ -28,6 +28,7 @@ #include @@ -561,7 +566,7 @@ diff -up openssh-6.3p1/audit.c.audit openssh-6.3p1/audit.c * Called when a user session is started. Argument is the tty allocated to * the session, or NULL if no tty was allocated. * -@@ -174,13 +223,91 @@ audit_session_close(struct logininfo *li +@@ -174,13 +223,91 @@ audit_session_close(struct logininfo *li) /* * This will be called when a user runs a non-interactive command. Note that * it may be called multiple times for a single connection since SSH2 allows @@ -655,9 +660,10 @@ diff -up openssh-6.3p1/audit.c.audit openssh-6.3p1/audit.c } # endif /* !defined CUSTOM_SSH_AUDIT_EVENTS */ #endif /* SSH_AUDIT_EVENTS */ -diff -up openssh-6.3p1/audit.h.audit openssh-6.3p1/audit.h ---- openssh-6.3p1/audit.h.audit 2011-01-17 11:15:30.000000000 +0100 -+++ openssh-6.3p1/audit.h 2013-10-07 15:53:34.246717277 +0200 +diff --git a/audit.h b/audit.h +index 92ede5b..a2dc3ff 100644 +--- a/audit.h ++++ b/audit.h @@ -28,6 +28,7 @@ # define _SSH_AUDIT_H @@ -693,9 +699,11 @@ diff -up openssh-6.3p1/audit.h.audit openssh-6.3p1/audit.h +void audit_generate_ephemeral_server_key(const char *); #endif /* _SSH_AUDIT_H */ -diff -up openssh-6.3p1/auditstub.c.audit openssh-6.3p1/auditstub.c ---- openssh-6.3p1/auditstub.c.audit 2013-10-07 15:53:34.247717272 +0200 -+++ openssh-6.3p1/auditstub.c 2013-10-07 15:53:34.247717272 +0200 +diff --git a/auditstub.c b/auditstub.c +new file mode 100644 +index 0000000..45817e0 +--- /dev/null ++++ b/auditstub.c @@ -0,0 +1,50 @@ +/* $Id: auditstub.c,v 1.1 jfch Exp $ */ + @@ -747,13 +755,14 @@ diff -up openssh-6.3p1/auditstub.c.audit openssh-6.3p1/auditstub.c +audit_session_key_free_body(int ctos, pid_t pid, uid_t uid) +{ +} -diff -up openssh-6.3p1/auth-rsa.c.audit openssh-6.3p1/auth-rsa.c ---- openssh-6.3p1/auth-rsa.c.audit 2013-07-18 08:12:44.000000000 +0200 -+++ openssh-6.3p1/auth-rsa.c 2013-10-07 15:53:34.247717272 +0200 -@@ -92,7 +92,10 @@ auth_rsa_verify_response(Key *key, BIGNU +diff --git a/auth-rsa.c b/auth-rsa.c +index 5dad6c3..f225b0b 100644 +--- a/auth-rsa.c ++++ b/auth-rsa.c +@@ -93,7 +93,10 @@ auth_rsa_verify_response(Key *key, BIGNUM *challenge, u_char response[16]) { u_char buf[32], mdbuf[16]; - MD5_CTX md; + struct ssh_digest_ctx *md; - int len; + int len, rv; +#ifdef SSH_AUDIT_EVENTS @@ -762,8 +771,8 @@ diff -up openssh-6.3p1/auth-rsa.c.audit openssh-6.3p1/auth-rsa.c /* don't allow short keys */ if (BN_num_bits(key->rsa->n) < SSH_RSA_MINIMUM_MODULUS_SIZE) { -@@ -113,12 +116,18 @@ auth_rsa_verify_response(Key *key, BIGNU - MD5_Final(mdbuf, &md); +@@ -117,12 +120,18 @@ auth_rsa_verify_response(Key *key, BIGNUM *challenge, u_char response[16]) + ssh_digest_free(md); /* Verify that the response is the original challenge. */ - if (timingsafe_bcmp(response, mdbuf, 16) != 0) { @@ -786,10 +795,11 @@ diff -up openssh-6.3p1/auth-rsa.c.audit openssh-6.3p1/auth-rsa.c } /* -diff -up openssh-6.3p1/auth.h.audit openssh-6.3p1/auth.h ---- openssh-6.3p1/auth.h.audit 2013-07-20 05:21:53.000000000 +0200 -+++ openssh-6.3p1/auth.h 2013-10-07 16:02:38.629171107 +0200 -@@ -187,6 +187,7 @@ void abandon_challenge_response(Authctxt +diff --git a/auth.h b/auth.h +index 4605588..f9d191c 100644 +--- a/auth.h ++++ b/auth.h +@@ -186,6 +186,7 @@ void abandon_challenge_response(Authctxt *); char *expand_authorized_keys(const char *, struct passwd *pw); char *authorized_principals_file(struct passwd *); @@ -797,7 +807,7 @@ diff -up openssh-6.3p1/auth.h.audit openssh-6.3p1/auth.h FILE *auth_openkeyfile(const char *, struct passwd *, int); FILE *auth_openprincipals(const char *, struct passwd *, int); -@@ -204,6 +205,7 @@ Key *get_hostkey_private_by_type(int); +@@ -203,6 +204,7 @@ Key *get_hostkey_private_by_type(int); int get_hostkey_index(Key *); int ssh1_session_key(BIGNUM *); void sshd_hostkey_sign(Key *, Key *, u_char **, u_int *, u_char *, u_int); @@ -805,10 +815,11 @@ diff -up openssh-6.3p1/auth.h.audit openssh-6.3p1/auth.h /* debug messages during authentication */ void auth_debug_add(const char *fmt,...) __attribute__((format(printf, 1, 2))); -diff -up openssh-6.3p1/auth2-hostbased.c.audit openssh-6.3p1/auth2-hostbased.c ---- openssh-6.3p1/auth2-hostbased.c.audit 2013-10-07 15:53:34.223717384 +0200 -+++ openssh-6.3p1/auth2-hostbased.c 2013-10-07 15:53:34.247717272 +0200 -@@ -123,7 +123,7 @@ userauth_hostbased(Authctxt *authctxt) +diff --git a/auth2-hostbased.c b/auth2-hostbased.c +index 95d678e..48aede4 100644 +--- a/auth2-hostbased.c ++++ b/auth2-hostbased.c +@@ -137,7 +137,7 @@ userauth_hostbased(Authctxt *authctxt) /* test for allowed key and correct signature */ authenticated = 0; if (PRIVSEP(hostbased_key_allowed(authctxt->pw, cuser, chost, key)) && @@ -817,7 +828,7 @@ diff -up openssh-6.3p1/auth2-hostbased.c.audit openssh-6.3p1/auth2-hostbased.c buffer_len(&b))) == 1) authenticated = 1; -@@ -140,6 +140,18 @@ done: +@@ -154,6 +154,18 @@ done: return authenticated; } @@ -836,10 +847,11 @@ diff -up openssh-6.3p1/auth2-hostbased.c.audit openssh-6.3p1/auth2-hostbased.c /* return 1 if given hostkey is allowed */ int hostbased_key_allowed(struct passwd *pw, const char *cuser, char *chost, -diff -up openssh-6.3p1/auth2-pubkey.c.audit openssh-6.3p1/auth2-pubkey.c ---- openssh-6.3p1/auth2-pubkey.c.audit 2013-10-07 15:53:34.224717379 +0200 -+++ openssh-6.3p1/auth2-pubkey.c 2013-10-08 15:11:42.282436972 +0200 -@@ -152,7 +152,7 @@ userauth_pubkey(Authctxt *authctxt) +diff --git a/auth2-pubkey.c b/auth2-pubkey.c +index cb0f931..6d1c872 100644 +--- a/auth2-pubkey.c ++++ b/auth2-pubkey.c +@@ -160,7 +160,7 @@ userauth_pubkey(Authctxt *authctxt) /* test for correct signature */ authenticated = 0; if (PRIVSEP(user_key_allowed(authctxt->pw, key)) && @@ -848,7 +860,7 @@ diff -up openssh-6.3p1/auth2-pubkey.c.audit openssh-6.3p1/auth2-pubkey.c buffer_len(&b))) == 1) authenticated = 1; buffer_free(&b); -@@ -223,6 +223,18 @@ pubkey_auth_info(Authctxt *authctxt, con +@@ -231,6 +231,18 @@ pubkey_auth_info(Authctxt *authctxt, const Key *key, const char *fmt, ...) free(extra); } @@ -867,10 +879,11 @@ diff -up openssh-6.3p1/auth2-pubkey.c.audit openssh-6.3p1/auth2-pubkey.c static int match_principals_option(const char *principal_list, struct KeyCert *cert) { -diff -up openssh-6.3p1/auth2.c.audit openssh-6.3p1/auth2.c ---- openssh-6.3p1/auth2.c.audit 2013-06-01 23:41:51.000000000 +0200 -+++ openssh-6.3p1/auth2.c 2013-10-07 15:53:34.248717268 +0200 -@@ -245,9 +245,6 @@ input_userauth_request(int type, u_int32 +diff --git a/auth2.c b/auth2.c +index 0f52b68..472a5b2 100644 +--- a/auth2.c ++++ b/auth2.c +@@ -249,9 +249,6 @@ input_userauth_request(int type, u_int32_t seq, void *ctxt) } else { logit("input_userauth_request: invalid user %s", user); authctxt->pw = fakepw(); @@ -880,32 +893,31 @@ diff -up openssh-6.3p1/auth2.c.audit openssh-6.3p1/auth2.c } #ifdef USE_PAM if (options.use_pam) -diff -up openssh-6.3p1/cipher.c.audit openssh-6.3p1/cipher.c ---- openssh-6.3p1/cipher.c.audit 2013-10-07 15:53:34.248717268 +0200 -+++ openssh-6.3p1/cipher.c 2013-10-07 16:06:51.117971891 +0200 -@@ -55,18 +55,6 @@ extern const EVP_CIPHER *evp_ssh1_bf(voi +diff --git a/cipher.c b/cipher.c +index 53d9b4f..87317ab 100644 +--- a/cipher.c ++++ b/cipher.c +@@ -57,6 +57,7 @@ extern const EVP_CIPHER *evp_ssh1_bf(void); extern const EVP_CIPHER *evp_ssh1_3des(void); extern void ssh1_3des_iv(EVP_CIPHER_CTX *, int, u_char *, int); --struct Cipher { -- char *name; -- int number; /* for ssh1 only */ -- u_int block_size; -- u_int key_len; -- u_int iv_len; /* defaults to block_size */ -- u_int auth_len; -- u_int discard_len; -- u_int cbc_mode; -- const EVP_CIPHER *(*evptype)(void); --}; -- ++#if 0 + struct Cipher { + char *name; + int number; /* for ssh1 only */ +@@ -70,6 +71,7 @@ struct Cipher { + #define CFLAG_CHACHAPOLY (1<<1) + const EVP_CIPHER *(*evptype)(void); + }; ++#endif + static const struct Cipher ciphers[] = { { "none", SSH_CIPHER_NONE, 8, 0, 0, 0, 0, 0, EVP_enc_null }, - { "des", SSH_CIPHER_DES, 8, 8, 0, 0, 0, 1, EVP_des_cbc }, -diff -up openssh-6.3p1/cipher.h.audit openssh-6.3p1/cipher.h ---- openssh-6.3p1/cipher.h.audit 2013-04-23 11:24:32.000000000 +0200 -+++ openssh-6.3p1/cipher.h 2013-10-07 15:53:34.248717268 +0200 -@@ -61,7 +61,18 @@ +diff --git a/cipher.h b/cipher.h +index 133d2e7..d41758e 100644 +--- a/cipher.h ++++ b/cipher.h +@@ -63,7 +63,20 @@ typedef struct Cipher Cipher; typedef struct CipherContext CipherContext; @@ -918,25 +930,28 @@ diff -up openssh-6.3p1/cipher.h.audit openssh-6.3p1/cipher.h + u_int iv_len; /* defaults to block_size */ + u_int auth_len; + u_int discard_len; -+ u_int cbc_mode; ++ u_int flags; ++#define CFLAG_CBC (1<<0) ++#define CFLAG_CHACHAPOLY (1<<1) + const EVP_CIPHER *(*evptype)(void); +}; + struct CipherContext { int plaintext; int encrypt; -diff -up openssh-6.3p1/kex.c.audit openssh-6.3p1/kex.c ---- openssh-6.3p1/kex.c.audit 2013-06-01 23:31:18.000000000 +0200 -+++ openssh-6.3p1/kex.c 2013-10-07 15:53:34.249717264 +0200 -@@ -49,6 +49,7 @@ - #include "dispatch.h" +diff --git a/kex.c b/kex.c +index bce2ab8..bc3e53e 100644 +--- a/kex.c ++++ b/kex.c +@@ -50,6 +50,7 @@ #include "monitor.h" #include "roaming.h" + #include "digest.h" +#include "audit.h" - #if OPENSSL_VERSION_NUMBER >= 0x00907000L - # if defined(HAVE_EVP_SHA256) -@@ -341,9 +342,13 @@ static void + #ifdef GSSAPI + #include "ssh-gss.h" +@@ -366,9 +367,13 @@ static void choose_enc(Enc *enc, char *client, char *server) { char *name = match_list(client, server, NULL); @@ -951,7 +966,7 @@ diff -up openssh-6.3p1/kex.c.audit openssh-6.3p1/kex.c if ((enc->cipher = cipher_by_name(name)) == NULL) fatal("matching cipher is not supported: %s", name); enc->name = name; -@@ -359,9 +364,13 @@ static void +@@ -384,9 +389,13 @@ static void choose_mac(Mac *mac, char *client, char *server) { char *name = match_list(client, server, NULL); @@ -966,7 +981,7 @@ diff -up openssh-6.3p1/kex.c.audit openssh-6.3p1/kex.c if (mac_setup(mac, name) < 0) fatal("unsupported mac %s", name); /* truncate the key */ -@@ -376,8 +385,12 @@ static void +@@ -401,8 +410,12 @@ static void choose_comp(Comp *comp, char *client, char *server) { char *name = match_list(client, server, NULL); @@ -980,7 +995,7 @@ diff -up openssh-6.3p1/kex.c.audit openssh-6.3p1/kex.c if (strcmp(name, "zlib@openssh.com") == 0) { comp->type = COMP_DELAYED; } else if (strcmp(name, "zlib") == 0) { -@@ -492,6 +505,9 @@ kex_choose_conf(Kex *kex) +@@ -517,6 +530,9 @@ kex_choose_conf(Kex *kex) newkeys->enc.name, authlen == 0 ? newkeys->mac.name : "", newkeys->comp.name); @@ -990,7 +1005,7 @@ diff -up openssh-6.3p1/kex.c.audit openssh-6.3p1/kex.c } choose_kex(kex, cprop[PROPOSAL_KEX_ALGS], sprop[PROPOSAL_KEX_ALGS]); choose_hostkeyalg(kex, cprop[PROPOSAL_SERVER_HOST_KEY_ALGS], -@@ -656,3 +672,34 @@ dump_digest(char *msg, u_char *digest, i +@@ -702,3 +718,34 @@ dump_digest(char *msg, u_char *digest, int len) fprintf(stderr, "\n"); } #endif @@ -1025,22 +1040,24 @@ diff -up openssh-6.3p1/kex.c.audit openssh-6.3p1/kex.c + memset(&newkeys->comp, 0, sizeof(newkeys->comp)); +} + -diff -up openssh-6.3p1/kex.h.audit openssh-6.3p1/kex.h ---- openssh-6.3p1/kex.h.audit 2013-07-20 05:21:53.000000000 +0200 -+++ openssh-6.3p1/kex.h 2013-10-07 15:53:34.249717264 +0200 -@@ -162,6 +162,8 @@ void kexgex_server(Kex *); - void kexecdh_client(Kex *); - void kexecdh_server(Kex *); +diff --git a/kex.h b/kex.h +index 313bb51..c643250 100644 +--- a/kex.h ++++ b/kex.h +@@ -182,6 +182,8 @@ void kexgss_client(Kex *); + void kexgss_server(Kex *); + #endif +void newkeys_destroy(Newkeys *newkeys); + void kex_dh_hash(char *, char *, char *, int, char *, int, u_char *, int, BIGNUM *, BIGNUM *, BIGNUM *, u_char **, u_int *); -diff -up openssh-6.3p1/key.c.audit openssh-6.3p1/key.c ---- openssh-6.3p1/key.c.audit 2013-10-07 15:53:34.224717379 +0200 -+++ openssh-6.3p1/key.c 2013-10-07 15:53:34.249717264 +0200 -@@ -1773,6 +1773,30 @@ key_demote(const Key *k) +diff --git a/key.c b/key.c +index 900b9e3..62f3edb 100644 +--- a/key.c ++++ b/key.c +@@ -1925,6 +1925,33 @@ key_demote(const Key *k) } int @@ -1061,6 +1078,9 @@ diff -up openssh-6.3p1/key.c.audit openssh-6.3p1/key.c + case KEY_ECDSA: + return EC_KEY_get0_private_key(k->ecdsa) != NULL; +#endif ++ case KEY_ED25519_CERT: ++ case KEY_ED25519: ++ return (k->ed25519_pk != NULL); + default: + fatal("key_is_private: bad key type %d", k->type); + return 1; @@ -1071,21 +1091,23 @@ diff -up openssh-6.3p1/key.c.audit openssh-6.3p1/key.c key_is_cert(const Key *k) { if (k == NULL) -diff -up openssh-6.3p1/key.h.audit openssh-6.3p1/key.h ---- openssh-6.3p1/key.h.audit 2013-10-07 15:53:34.224717379 +0200 -+++ openssh-6.3p1/key.h 2013-10-07 15:53:34.249717264 +0200 -@@ -110,6 +110,7 @@ Key *key_generate(int, u_int); +diff --git a/key.h b/key.h +index d51ed81..8f61605 100644 +--- a/key.h ++++ b/key.h +@@ -118,6 +118,7 @@ Key *key_generate(int, u_int); Key *key_from_private(const Key *); int key_type_from_name(char *); int key_is_cert(const Key *); +int key_is_private(const Key *k); + int key_type_is_cert(int); int key_type_plain(int); int key_to_certified(Key *, int); - int key_drop_cert(Key *); -diff -up openssh-6.3p1/mac.c.audit openssh-6.3p1/mac.c ---- openssh-6.3p1/mac.c.audit 2013-06-06 00:12:37.000000000 +0200 -+++ openssh-6.3p1/mac.c 2013-10-07 15:53:34.250717259 +0200 -@@ -224,6 +224,20 @@ mac_clear(Mac *mac) +diff --git a/mac.c b/mac.c +index 0977572..9388af4 100644 +--- a/mac.c ++++ b/mac.c +@@ -222,6 +222,20 @@ mac_clear(Mac *mac) mac->umac_ctx = NULL; } @@ -1106,26 +1128,28 @@ diff -up openssh-6.3p1/mac.c.audit openssh-6.3p1/mac.c /* XXX copied from ciphers_valid */ #define MAC_SEP "," int -diff -up openssh-6.3p1/mac.h.audit openssh-6.3p1/mac.h ---- openssh-6.3p1/mac.h.audit 2013-04-23 11:24:32.000000000 +0200 -+++ openssh-6.3p1/mac.h 2013-10-07 15:53:34.250717259 +0200 +diff --git a/mac.h b/mac.h +index fbe18c4..7dc7f43 100644 +--- a/mac.h ++++ b/mac.h @@ -29,3 +29,4 @@ int mac_setup(Mac *, char *); int mac_init(Mac *); u_char *mac_compute(Mac *, u_int32_t, u_char *, int); void mac_clear(Mac *); +void mac_destroy(Mac *); -diff -up openssh-6.3p1/monitor.c.audit openssh-6.3p1/monitor.c ---- openssh-6.3p1/monitor.c.audit 2013-10-07 15:53:34.217717411 +0200 -+++ openssh-6.3p1/monitor.c 2013-10-08 15:10:38.270726936 +0200 -@@ -98,6 +98,7 @@ - #include "jpake.h" +diff --git a/monitor.c b/monitor.c +index aa70945..bdabe21 100644 +--- a/monitor.c ++++ b/monitor.c +@@ -97,6 +97,7 @@ + #include "ssh2.h" #include "roaming.h" #include "authfd.h" +#include "audit.h" #ifdef GSSAPI static Gssctxt *gsscontext = NULL; -@@ -114,6 +115,8 @@ extern Buffer auth_debug; +@@ -113,6 +114,8 @@ extern Buffer auth_debug; extern int auth_debug_init; extern Buffer loginmsg; @@ -1134,7 +1158,7 @@ diff -up openssh-6.3p1/monitor.c.audit openssh-6.3p1/monitor.c /* State exported from the child */ struct { -@@ -186,6 +189,11 @@ int mm_answer_gss_checkmic(int, Buffer * +@@ -185,6 +188,11 @@ int mm_answer_gss_updatecreds(int, Buffer *); #ifdef SSH_AUDIT_EVENTS int mm_answer_audit_event(int, Buffer *); int mm_answer_audit_command(int, Buffer *); @@ -1146,7 +1170,7 @@ diff -up openssh-6.3p1/monitor.c.audit openssh-6.3p1/monitor.c #endif static int monitor_read_log(struct monitor *); -@@ -237,6 +245,10 @@ struct mon_table mon_dispatch_proto20[] +@@ -239,6 +247,10 @@ struct mon_table mon_dispatch_proto20[] = { #endif #ifdef SSH_AUDIT_EVENTS {MONITOR_REQ_AUDIT_EVENT, MON_PERMIT, mm_answer_audit_event}, @@ -1157,7 +1181,7 @@ diff -up openssh-6.3p1/monitor.c.audit openssh-6.3p1/monitor.c #endif #ifdef BSD_AUTH {MONITOR_REQ_BSDAUTHQUERY, MON_ISAUTH, mm_answer_bsdauthquery}, -@@ -273,6 +285,11 @@ struct mon_table mon_dispatch_postauth20 +@@ -274,6 +286,11 @@ struct mon_table mon_dispatch_postauth20[] = { #ifdef SSH_AUDIT_EVENTS {MONITOR_REQ_AUDIT_EVENT, MON_PERMIT, mm_answer_audit_event}, {MONITOR_REQ_AUDIT_COMMAND, MON_PERMIT, mm_answer_audit_command}, @@ -1169,7 +1193,7 @@ diff -up openssh-6.3p1/monitor.c.audit openssh-6.3p1/monitor.c #endif {0, 0, NULL} }; -@@ -304,6 +321,10 @@ struct mon_table mon_dispatch_proto15[] +@@ -305,6 +322,10 @@ struct mon_table mon_dispatch_proto15[] = { #endif #ifdef SSH_AUDIT_EVENTS {MONITOR_REQ_AUDIT_EVENT, MON_PERMIT, mm_answer_audit_event}, @@ -1180,7 +1204,7 @@ diff -up openssh-6.3p1/monitor.c.audit openssh-6.3p1/monitor.c #endif {0, 0, NULL} }; -@@ -315,6 +336,11 @@ struct mon_table mon_dispatch_postauth15 +@@ -316,6 +337,11 @@ struct mon_table mon_dispatch_postauth15[] = { #ifdef SSH_AUDIT_EVENTS {MONITOR_REQ_AUDIT_EVENT, MON_PERMIT, mm_answer_audit_event}, {MONITOR_REQ_AUDIT_COMMAND, MON_PERMIT|MON_ONCE, mm_answer_audit_command}, @@ -1192,7 +1216,7 @@ diff -up openssh-6.3p1/monitor.c.audit openssh-6.3p1/monitor.c #endif {0, 0, NULL} }; -@@ -1365,9 +1391,11 @@ mm_answer_keyverify(int sock, Buffer *m) +@@ -1390,9 +1416,11 @@ mm_answer_keyverify(int sock, Buffer *m) Key *key; u_char *signature, *data, *blob; u_int signaturelen, datalen, bloblen; @@ -1204,7 +1228,7 @@ diff -up openssh-6.3p1/monitor.c.audit openssh-6.3p1/monitor.c blob = buffer_get_string(m, &bloblen); signature = buffer_get_string(m, &signaturelen); data = buffer_get_string(m, &datalen); -@@ -1375,6 +1403,8 @@ mm_answer_keyverify(int sock, Buffer *m) +@@ -1400,6 +1428,8 @@ mm_answer_keyverify(int sock, Buffer *m) if (hostbased_cuser == NULL || hostbased_chost == NULL || !monitor_allowed_key(blob, bloblen)) fatal("%s: bad key, not previously allowed", __func__); @@ -1213,7 +1237,7 @@ diff -up openssh-6.3p1/monitor.c.audit openssh-6.3p1/monitor.c key = key_from_blob(blob, bloblen); if (key == NULL) -@@ -1395,7 +1425,17 @@ mm_answer_keyverify(int sock, Buffer *m) +@@ -1420,7 +1450,17 @@ mm_answer_keyverify(int sock, Buffer *m) if (!valid_data) fatal("%s: bad signature data blob", __func__); @@ -1232,7 +1256,7 @@ diff -up openssh-6.3p1/monitor.c.audit openssh-6.3p1/monitor.c debug3("%s: key %p signature %s", __func__, key, (verified == 1) ? "verified" : "unverified"); -@@ -1448,6 +1488,12 @@ mm_session_close(Session *s) +@@ -1473,6 +1513,12 @@ mm_session_close(Session *s) debug3("%s: tty %s ptyfd %d", __func__, s->tty, s->ptyfd); session_pty_cleanup2(s); } @@ -1245,7 +1269,7 @@ diff -up openssh-6.3p1/monitor.c.audit openssh-6.3p1/monitor.c session_unused(s->self); } -@@ -1728,6 +1774,8 @@ mm_answer_term(int sock, Buffer *req) +@@ -1753,6 +1799,8 @@ mm_answer_term(int sock, Buffer *req) sshpam_cleanup(); #endif @@ -1254,7 +1278,7 @@ diff -up openssh-6.3p1/monitor.c.audit openssh-6.3p1/monitor.c while (waitpid(pmonitor->m_pid, &status, 0) == -1) if (errno != EINTR) exit(1); -@@ -1770,11 +1818,43 @@ mm_answer_audit_command(int socket, Buff +@@ -1795,11 +1843,43 @@ mm_answer_audit_command(int socket, Buffer *m) { u_int len; char *cmd; @@ -1299,7 +1323,7 @@ diff -up openssh-6.3p1/monitor.c.audit openssh-6.3p1/monitor.c free(cmd); return (0); } -@@ -1910,11 +1990,13 @@ mm_get_keystate(struct monitor *pmonitor +@@ -1943,11 +2023,13 @@ mm_get_keystate(struct monitor *pmonitor) blob = buffer_get_string(&m, &bloblen); current_keys[MODE_OUT] = mm_newkeys_from_blob(blob, bloblen); @@ -1313,7 +1337,7 @@ diff -up openssh-6.3p1/monitor.c.audit openssh-6.3p1/monitor.c free(blob); /* Now get sequence numbers for the packets */ -@@ -1960,6 +2042,21 @@ mm_get_keystate(struct monitor *pmonitor +@@ -1993,6 +2075,21 @@ mm_get_keystate(struct monitor *pmonitor) } buffer_free(&m); @@ -1335,11 +1359,10 @@ diff -up openssh-6.3p1/monitor.c.audit openssh-6.3p1/monitor.c } -@@ -2361,3 +2458,86 @@ mm_answer_jpake_check_confirm(int sock, - } +@@ -2274,3 +2371,85 @@ mm_answer_gss_updatecreds(int socket, Buffer *m) { + + #endif /* GSSAPI */ - #endif /* JPAKE */ -+ +#ifdef SSH_AUDIT_EVENTS +int +mm_answer_audit_unsupported_body(int sock, Buffer *m) @@ -1422,10 +1445,11 @@ diff -up openssh-6.3p1/monitor.c.audit openssh-6.3p1/monitor.c + return 0; +} +#endif /* SSH_AUDIT_EVENTS */ -diff -up openssh-6.3p1/monitor.h.audit openssh-6.3p1/monitor.h ---- openssh-6.3p1/monitor.h.audit 2012-12-02 23:53:21.000000000 +0100 -+++ openssh-6.3p1/monitor.h 2013-10-07 15:53:34.251717254 +0200 -@@ -68,7 +68,13 @@ enum monitor_reqtype { +diff --git a/monitor.h b/monitor.h +index ff79fbb..6dfb234 100644 +--- a/monitor.h ++++ b/monitor.h +@@ -69,7 +69,13 @@ enum monitor_reqtype { MONITOR_REQ_PAM_QUERY = 106, MONITOR_ANS_PAM_QUERY = 107, MONITOR_REQ_PAM_RESPOND = 108, MONITOR_ANS_PAM_RESPOND = 109, MONITOR_REQ_PAM_FREE_CTX = 110, MONITOR_ANS_PAM_FREE_CTX = 111, @@ -1440,10 +1464,11 @@ diff -up openssh-6.3p1/monitor.h.audit openssh-6.3p1/monitor.h }; -diff -up openssh-6.4p1/monitor_wrap.c.audit openssh-6.4p1/monitor_wrap.c ---- openssh-6.4p1/monitor_wrap.c.audit 2013-11-08 13:26:47.062595006 +0100 -+++ openssh-6.4p1/monitor_wrap.c 2013-11-08 13:26:47.089594877 +0100 -@@ -433,7 +433,7 @@ mm_key_allowed(enum mm_keytype type, cha +diff --git a/monitor_wrap.c b/monitor_wrap.c +index d1e1caa..6df236a 100644 +--- a/monitor_wrap.c ++++ b/monitor_wrap.c +@@ -450,7 +450,7 @@ mm_key_allowed(enum mm_keytype type, char *user, char *host, Key *key) */ int @@ -1452,7 +1477,7 @@ diff -up openssh-6.4p1/monitor_wrap.c.audit openssh-6.4p1/monitor_wrap.c { Buffer m; u_char *blob; -@@ -447,6 +447,7 @@ mm_key_verify(Key *key, u_char *sig, u_i +@@ -464,6 +464,7 @@ mm_key_verify(Key *key, u_char *sig, u_int siglen, u_char *data, u_int datalen) return (0); buffer_init(&m); @@ -1460,7 +1485,7 @@ diff -up openssh-6.4p1/monitor_wrap.c.audit openssh-6.4p1/monitor_wrap.c buffer_put_string(&m, blob, len); buffer_put_string(&m, sig, siglen); buffer_put_string(&m, data, datalen); -@@ -464,6 +465,19 @@ mm_key_verify(Key *key, u_char *sig, u_i +@@ -481,6 +482,19 @@ mm_key_verify(Key *key, u_char *sig, u_int siglen, u_char *data, u_int datalen) return (verified); } @@ -1480,7 +1505,7 @@ diff -up openssh-6.4p1/monitor_wrap.c.audit openssh-6.4p1/monitor_wrap.c /* Export key state after authentication */ Newkeys * mm_newkeys_from_blob(u_char *blob, int blen) -@@ -642,12 +656,14 @@ mm_send_keystate(struct monitor *monitor +@@ -659,12 +673,14 @@ mm_send_keystate(struct monitor *monitor) fatal("%s: conversion of newkeys failed", __func__); buffer_put_string(&m, blob, bloblen); @@ -1495,7 +1520,7 @@ diff -up openssh-6.4p1/monitor_wrap.c.audit openssh-6.4p1/monitor_wrap.c free(blob); packet_get_state(MODE_OUT, &seqnr, &blocks, &packets, &bytes); -@@ -1191,10 +1207,11 @@ mm_audit_event(ssh_audit_event_t event) +@@ -1208,10 +1224,11 @@ mm_audit_event(ssh_audit_event_t event) buffer_free(&m); } @@ -1508,7 +1533,7 @@ diff -up openssh-6.4p1/monitor_wrap.c.audit openssh-6.4p1/monitor_wrap.c debug3("%s entering command %s", __func__, command); -@@ -1202,6 +1219,26 @@ mm_audit_run_command(const char *command +@@ -1219,6 +1236,26 @@ mm_audit_run_command(const char *command) buffer_put_cstring(&m, command); mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_AUDIT_COMMAND, &m); @@ -1535,11 +1560,10 @@ diff -up openssh-6.4p1/monitor_wrap.c.audit openssh-6.4p1/monitor_wrap.c buffer_free(&m); } #endif /* SSH_AUDIT_EVENTS */ -@@ -1453,3 +1490,72 @@ mm_jpake_check_confirm(const BIGNUM *k, - return success; - } - #endif /* JPAKE */ -+ +@@ -1354,3 +1391,71 @@ mm_ssh_gssapi_update_creds(ssh_gssapi_ccache *store) + + #endif /* GSSAPI */ + +#ifdef SSH_AUDIT_EVENTS +void +mm_audit_unsupported_body(int what) @@ -1608,10 +1632,11 @@ diff -up openssh-6.4p1/monitor_wrap.c.audit openssh-6.4p1/monitor_wrap.c + buffer_free(&m); +} +#endif /* SSH_AUDIT_EVENTS */ -diff -up openssh-6.3p1/monitor_wrap.h.audit openssh-6.3p1/monitor_wrap.h ---- openssh-6.3p1/monitor_wrap.h.audit 2011-06-20 06:42:23.000000000 +0200 -+++ openssh-6.3p1/monitor_wrap.h 2013-10-07 15:53:34.252717250 +0200 -@@ -49,7 +49,8 @@ int mm_key_allowed(enum mm_keytype, char +diff --git a/monitor_wrap.h b/monitor_wrap.h +index 93929e0..4cf0c78 100644 +--- a/monitor_wrap.h ++++ b/monitor_wrap.h +@@ -52,7 +52,8 @@ int mm_key_allowed(enum mm_keytype, char *, char *, Key *); int mm_user_key_allowed(struct passwd *, Key *); int mm_hostbased_key_allowed(struct passwd *, char *, char *, Key *); int mm_auth_rhosts_rsa_key_allowed(struct passwd *, char *, char *, Key *); @@ -1621,7 +1646,7 @@ diff -up openssh-6.3p1/monitor_wrap.h.audit openssh-6.3p1/monitor_wrap.h int mm_auth_rsa_key_allowed(struct passwd *, BIGNUM *, Key **); int mm_auth_rsa_verify_response(Key *, BIGNUM *, u_char *); BIGNUM *mm_auth_rsa_generate_challenge(Key *); -@@ -74,7 +75,12 @@ void mm_sshpam_free_ctx(void *); +@@ -79,7 +80,12 @@ void mm_sshpam_free_ctx(void *); #ifdef SSH_AUDIT_EVENTS #include "audit.h" void mm_audit_event(ssh_audit_event_t); @@ -1635,9 +1660,10 @@ diff -up openssh-6.3p1/monitor_wrap.h.audit openssh-6.3p1/monitor_wrap.h #endif struct Session; -diff -up openssh-6.3p1/packet.c.audit openssh-6.3p1/packet.c ---- openssh-6.3p1/packet.c.audit 2013-10-07 15:53:34.231717347 +0200 -+++ openssh-6.3p1/packet.c 2013-10-07 16:08:00.764639577 +0200 +diff --git a/packet.c b/packet.c +index 660a9fc..f5b122b 100644 +--- a/packet.c ++++ b/packet.c @@ -61,6 +61,7 @@ #include @@ -1695,7 +1721,7 @@ diff -up openssh-6.3p1/packet.c.audit openssh-6.3p1/packet.c } /* Sets remote side protocol flags. */ -@@ -735,6 +746,25 @@ packet_send1(void) +@@ -736,6 +747,25 @@ packet_send1(void) */ } @@ -1721,31 +1747,15 @@ diff -up openssh-6.3p1/packet.c.audit openssh-6.3p1/packet.c void set_newkeys(int mode) { -@@ -760,21 +790,9 @@ set_newkeys(int mode) +@@ -761,6 +791,7 @@ set_newkeys(int mode) } if (active_state->newkeys[mode] != NULL) { debug("set_newkeys: rekeying"); + audit_session_key_free(mode); cipher_cleanup(cc); -- enc = &active_state->newkeys[mode]->enc; -- mac = &active_state->newkeys[mode]->mac; -- comp = &active_state->newkeys[mode]->comp; -- mac_clear(mac); -- memset(enc->iv, 0, enc->iv_len); -- memset(enc->key, 0, enc->key_len); -- memset(mac->key, 0, mac->key_len); -- free(enc->name); -- free(enc->iv); -- free(enc->key); -- free(mac->name); -- free(mac->key); -- free(comp->name); -- free(active_state->newkeys[mode]); -+ newkeys_destroy_and_free(active_state->newkeys[mode]); - } - active_state->newkeys[mode] = kex_get_newkeys(mode); - if (active_state->newkeys[mode] == NULL) -@@ -2003,6 +2021,47 @@ packet_get_newkeys(int mode) + enc = &active_state->newkeys[mode]->enc; + mac = &active_state->newkeys[mode]->mac; +@@ -2011,6 +2042,47 @@ packet_get_newkeys(int mode) return (void *)active_state->newkeys[mode]; } @@ -1793,7 +1803,7 @@ diff -up openssh-6.3p1/packet.c.audit openssh-6.3p1/packet.c /* * Save the state for the real connection, and use a separate state when * resuming a suspended connection. -@@ -2010,18 +2069,12 @@ packet_get_newkeys(int mode) +@@ -2018,18 +2090,12 @@ packet_get_newkeys(int mode) void packet_backup_state(void) { @@ -1813,7 +1823,7 @@ diff -up openssh-6.3p1/packet.c.audit openssh-6.3p1/packet.c } /* -@@ -2038,9 +2091,7 @@ packet_restore_state(void) +@@ -2046,9 +2112,7 @@ packet_restore_state(void) backup_state = active_state; active_state = tmp; active_state->connection_in = backup_state->connection_in; @@ -1823,7 +1833,7 @@ diff -up openssh-6.3p1/packet.c.audit openssh-6.3p1/packet.c len = buffer_len(&backup_state->input); if (len > 0) { buf = buffer_ptr(&backup_state->input); -@@ -2048,4 +2099,10 @@ packet_restore_state(void) +@@ -2056,4 +2120,10 @@ packet_restore_state(void) buffer_clear(&backup_state->input); add_recv_bytes(len); } @@ -1834,18 +1844,20 @@ diff -up openssh-6.3p1/packet.c.audit openssh-6.3p1/packet.c + backup_state = NULL; } + -diff -up openssh-6.3p1/packet.h.audit openssh-6.3p1/packet.h ---- openssh-6.3p1/packet.h.audit 2013-07-18 08:12:45.000000000 +0200 -+++ openssh-6.3p1/packet.h 2013-10-07 15:53:34.252717250 +0200 +diff --git a/packet.h b/packet.h +index f8edf85..c36c812 100644 +--- a/packet.h ++++ b/packet.h @@ -124,4 +124,5 @@ void packet_restore_state(void); void *packet_get_input(void); void *packet_get_output(void); +void packet_destroy_all(int, int); #endif /* PACKET_H */ -diff -up openssh-6.3p1/session.c.audit openssh-6.3p1/session.c ---- openssh-6.3p1/session.c.audit 2013-07-20 05:21:53.000000000 +0200 -+++ openssh-6.3p1/session.c 2013-10-07 16:03:43.975861636 +0200 +diff --git a/session.c b/session.c +index ba4589b..4a297f1 100644 +--- a/session.c ++++ b/session.c @@ -137,7 +137,7 @@ extern int log_stderr; extern int debug_flag; extern u_int utmp_len; @@ -1855,7 +1867,7 @@ diff -up openssh-6.3p1/session.c.audit openssh-6.3p1/session.c extern Buffer loginmsg; /* original command from peer. */ -@@ -745,6 +745,14 @@ do_exec_pty(Session *s, const char *comm +@@ -745,6 +745,14 @@ do_exec_pty(Session *s, const char *command) /* Parent. Close the slave side of the pseudo tty. */ close(ttyfd); @@ -1870,8 +1882,8 @@ diff -up openssh-6.3p1/session.c.audit openssh-6.3p1/session.c /* Enter interactive session. */ s->ptymaster = ptymaster; packet_set_interactive(1, -@@ -816,15 +824,19 @@ do_exec(Session *s, const char *command) - } +@@ -862,15 +870,19 @@ do_exec(Session *s, const char *command) + get_remote_port()); #ifdef SSH_AUDIT_EVENTS + if (s->command != NULL || s->command_handle != -1) @@ -1892,7 +1904,7 @@ diff -up openssh-6.3p1/session.c.audit openssh-6.3p1/session.c #endif if (s->ttyfd != -1) ret = do_exec_pty(s, command); -@@ -1642,7 +1654,10 @@ do_child(Session *s, const char *command +@@ -1707,7 +1719,10 @@ do_child(Session *s, const char *command) int r = 0; /* remove hostkey from the child's memory */ @@ -1904,7 +1916,7 @@ diff -up openssh-6.3p1/session.c.audit openssh-6.3p1/session.c /* Force a password change */ if (s->authctxt->force_pwchange) { -@@ -1869,6 +1884,7 @@ session_unused(int id) +@@ -1931,6 +1946,7 @@ session_unused(int id) sessions[id].ttyfd = -1; sessions[id].ptymaster = -1; sessions[id].x11_chanids = NULL; @@ -1912,7 +1924,7 @@ diff -up openssh-6.3p1/session.c.audit openssh-6.3p1/session.c sessions[id].next_unused = sessions_first_unused; sessions_first_unused = id; } -@@ -1951,6 +1967,19 @@ session_open(Authctxt *authctxt, int cha +@@ -2013,6 +2029,19 @@ session_open(Authctxt *authctxt, int chanid) } Session * @@ -1932,7 +1944,7 @@ diff -up openssh-6.3p1/session.c.audit openssh-6.3p1/session.c session_by_tty(char *tty) { int i; -@@ -2467,6 +2496,30 @@ session_exit_message(Session *s, int sta +@@ -2529,6 +2558,30 @@ session_exit_message(Session *s, int status) chan_write_failed(c); } @@ -1963,7 +1975,7 @@ diff -up openssh-6.3p1/session.c.audit openssh-6.3p1/session.c void session_close(Session *s) { -@@ -2475,6 +2528,10 @@ session_close(Session *s) +@@ -2537,6 +2590,10 @@ session_close(Session *s) debug("session_close: session %d pid %ld", s->self, (long)s->pid); if (s->ttyfd != -1) session_pty_cleanup(s); @@ -1974,7 +1986,7 @@ diff -up openssh-6.3p1/session.c.audit openssh-6.3p1/session.c free(s->term); free(s->display); free(s->x11_chanids); -@@ -2688,6 +2745,15 @@ do_authenticated2(Authctxt *authctxt) +@@ -2751,6 +2808,15 @@ do_authenticated2(Authctxt *authctxt) server_loop2(authctxt); } @@ -1990,17 +2002,18 @@ diff -up openssh-6.3p1/session.c.audit openssh-6.3p1/session.c void do_cleanup(Authctxt *authctxt) { -@@ -2736,5 +2802,5 @@ do_cleanup(Authctxt *authctxt) +@@ -2799,5 +2865,5 @@ do_cleanup(Authctxt *authctxt) * or if running in monitor. */ if (!use_privsep || mm_is_monitor()) - session_destroy_all(session_pty_cleanup2); + session_destroy_all(do_cleanup_one_session); } -diff -up openssh-6.3p1/session.h.audit openssh-6.3p1/session.h ---- openssh-6.3p1/session.h.audit 2008-05-19 07:34:50.000000000 +0200 -+++ openssh-6.3p1/session.h 2013-10-07 15:53:34.253717245 +0200 -@@ -60,6 +60,12 @@ struct Session { +diff --git a/session.h b/session.h +index 6a2f35e..e9b312e 100644 +--- a/session.h ++++ b/session.h +@@ -61,6 +61,12 @@ struct Session { char *name; char *val; } *env; @@ -2013,7 +2026,7 @@ diff -up openssh-6.3p1/session.h.audit openssh-6.3p1/session.h }; void do_authenticated(Authctxt *); -@@ -72,8 +78,10 @@ void session_close_by_pid(pid_t, int); +@@ -73,8 +79,10 @@ void session_close_by_pid(pid_t, int); void session_close_by_channel(int, void *); void session_destroy_all(void (*)(Session *)); void session_pty_cleanup2(Session *); @@ -2024,9 +2037,10 @@ diff -up openssh-6.3p1/session.h.audit openssh-6.3p1/session.h Session *session_by_tty(char *); void session_close(Session *); void do_setusercontext(struct passwd *); -diff -up openssh-6.3p1/sshd.c.audit openssh-6.3p1/sshd.c ---- openssh-6.3p1/sshd.c.audit 2013-10-07 15:53:34.221717393 +0200 -+++ openssh-6.3p1/sshd.c 2013-10-07 15:53:34.254717240 +0200 +diff --git a/sshd.c b/sshd.c +index 512c7ed..be1171b 100644 +--- a/sshd.c ++++ b/sshd.c @@ -119,6 +119,7 @@ #endif #include "monitor_wrap.h" @@ -2035,7 +2049,7 @@ diff -up openssh-6.3p1/sshd.c.audit openssh-6.3p1/sshd.c #include "ssh-sandbox.h" #include "version.h" -@@ -260,7 +261,7 @@ Buffer loginmsg; +@@ -264,7 +265,7 @@ Buffer loginmsg; struct passwd *privsep_pw = NULL; /* Prototypes for various functions defined later in this file. */ @@ -2044,7 +2058,7 @@ diff -up openssh-6.3p1/sshd.c.audit openssh-6.3p1/sshd.c void demote_sensitive_data(void); static void do_ssh1_kex(void); -@@ -279,6 +280,15 @@ close_listen_socks(void) +@@ -283,6 +284,15 @@ close_listen_socks(void) num_listen_socks = -1; } @@ -2060,7 +2074,7 @@ diff -up openssh-6.3p1/sshd.c.audit openssh-6.3p1/sshd.c static void close_startup_pipes(void) { -@@ -550,22 +560,47 @@ sshd_exchange_identification(int sock_in +@@ -562,22 +572,47 @@ sshd_exchange_identification(int sock_in, int sock_out) } } @@ -2111,7 +2125,7 @@ diff -up openssh-6.3p1/sshd.c.audit openssh-6.3p1/sshd.c key_free(sensitive_data.host_certificates[i]); sensitive_data.host_certificates[i] = NULL; } -@@ -579,6 +614,8 @@ void +@@ -591,6 +626,8 @@ void demote_sensitive_data(void) { Key *tmp; @@ -2120,7 +2134,7 @@ diff -up openssh-6.3p1/sshd.c.audit openssh-6.3p1/sshd.c int i; if (sensitive_data.server_key) { -@@ -587,13 +624,27 @@ demote_sensitive_data(void) +@@ -599,13 +636,27 @@ demote_sensitive_data(void) sensitive_data.server_key = tmp; } @@ -2148,16 +2162,16 @@ diff -up openssh-6.3p1/sshd.c.audit openssh-6.3p1/sshd.c } /* Certs do not need demotion */ } -@@ -652,7 +703,7 @@ privsep_preauth(Authctxt *authctxt) +@@ -675,7 +726,7 @@ privsep_preauth(Authctxt *authctxt) if (use_privsep == PRIVSEP_ON) - box = ssh_sandbox_init(); + box = ssh_sandbox_init(pmonitor); - pid = fork(); + pmonitor->m_pid = pid = fork(); if (pid == -1) { fatal("fork of unprivileged child failed"); } else if (pid != 0) { -@@ -708,6 +759,8 @@ privsep_preauth(Authctxt *authctxt) +@@ -729,6 +780,8 @@ privsep_preauth(Authctxt *authctxt) } } @@ -2166,7 +2180,7 @@ diff -up openssh-6.3p1/sshd.c.audit openssh-6.3p1/sshd.c static void privsep_postauth(Authctxt *authctxt) { -@@ -732,6 +785,10 @@ privsep_postauth(Authctxt *authctxt) +@@ -753,6 +806,10 @@ privsep_postauth(Authctxt *authctxt) else if (pmonitor->m_pid != 0) { verbose("User child is on pid %ld", (long)pmonitor->m_pid); buffer_clear(&loginmsg); @@ -2177,7 +2191,7 @@ diff -up openssh-6.3p1/sshd.c.audit openssh-6.3p1/sshd.c monitor_child_postauth(pmonitor); /* NEVERREACHED */ -@@ -1178,6 +1235,7 @@ server_accept_loop(int *sock_in, int *so +@@ -1211,6 +1268,7 @@ server_accept_loop(int *sock_in, int *sock_out, int *newsock, int *config_s) if (received_sigterm) { logit("Received signal %d; terminating.", (int) received_sigterm); @@ -2185,7 +2199,7 @@ diff -up openssh-6.3p1/sshd.c.audit openssh-6.3p1/sshd.c close_listen_socks(); unlink(options.pid_file); exit(received_sigterm == SIGTERM ? 0 : 255); -@@ -2093,6 +2151,7 @@ main(int ac, char **av) +@@ -2134,6 +2192,7 @@ main(int ac, char **av) */ if (use_privsep) { mm_send_keystate(pmonitor); @@ -2193,7 +2207,7 @@ diff -up openssh-6.3p1/sshd.c.audit openssh-6.3p1/sshd.c exit(0); } -@@ -2135,7 +2194,7 @@ main(int ac, char **av) +@@ -2179,7 +2238,7 @@ main(int ac, char **av) privsep_postauth(authctxt); /* the monitor process [priv] will not return */ if (!compat20) @@ -2202,7 +2216,7 @@ diff -up openssh-6.3p1/sshd.c.audit openssh-6.3p1/sshd.c } packet_set_timeout(options.client_alive_interval, -@@ -2145,6 +2204,9 @@ main(int ac, char **av) +@@ -2189,6 +2248,9 @@ main(int ac, char **av) do_authenticated(authctxt); /* The connection has been terminated. */ @@ -2212,7 +2226,7 @@ diff -up openssh-6.3p1/sshd.c.audit openssh-6.3p1/sshd.c packet_get_state(MODE_IN, NULL, NULL, NULL, &ibytes); packet_get_state(MODE_OUT, NULL, NULL, NULL, &obytes); verbose("Transferred: sent %llu, received %llu bytes", -@@ -2302,6 +2364,10 @@ do_ssh1_kex(void) +@@ -2346,6 +2408,10 @@ do_ssh1_kex(void) if (cookie[i] != packet_get_char()) packet_disconnect("IP Spoofing check bytes do not match."); @@ -2223,7 +2237,7 @@ diff -up openssh-6.3p1/sshd.c.audit openssh-6.3p1/sshd.c debug("Encryption type: %.200s", cipher_name(cipher_type)); /* Get the encrypted integer. */ -@@ -2368,7 +2434,7 @@ do_ssh1_kex(void) +@@ -2418,7 +2484,7 @@ do_ssh1_kex(void) session_id[i] = session_key[i] ^ session_key[i + 16]; } /* Destroy the private and public keys. No longer. */ @@ -2232,7 +2246,7 @@ diff -up openssh-6.3p1/sshd.c.audit openssh-6.3p1/sshd.c if (use_privsep) mm_ssh1_session_id(session_id); -@@ -2480,6 +2546,16 @@ do_ssh2_kex(void) +@@ -2584,6 +2650,16 @@ do_ssh2_kex(void) void cleanup_exit(int i) { @@ -2249,7 +2263,7 @@ diff -up openssh-6.3p1/sshd.c.audit openssh-6.3p1/sshd.c if (the_authctxt) { do_cleanup(the_authctxt); if (use_privsep && privsep_is_preauth && pmonitor->m_pid > 1) { -@@ -2490,9 +2566,14 @@ cleanup_exit(int i) +@@ -2594,9 +2670,14 @@ cleanup_exit(int i) pmonitor->m_pid, strerror(errno)); } } diff --git a/openssh.spec b/openssh.spec index 87cdd6d..cb5f1c5 100644 --- a/openssh.spec +++ b/openssh.spec @@ -103,7 +103,7 @@ Patch102: openssh-5.8p1-getaddrinfo.patch Patch103: openssh-5.8p1-packet.patch #https://bugzilla.mindrot.org/show_bug.cgi?id=1402 -Patch200: openssh-6.4p1-audit.patch +Patch200: openssh-6.6p1-audit.patch # --- pam_ssh-agent --- # make it build reusing the openssh sources @@ -342,8 +342,6 @@ The module is most useful for su and sudo service stacks. # investigate %patch102 -p1 -b .getaddrinfo %patch103 -p1 -b .packet -# rework %patch200 -p1 -b .audit - %if %{pam_ssh_agent} pushd pam_ssh_agent_auth-%{pam_ssh_agent_ver} %patch300 -p1 -b .psaa-build @@ -403,6 +401,8 @@ popd %patch908 -p1 -b .CVE-2014-2653 %patch909 -p1 -b .6.6.1 +%patch200 -p1 -b .audit + %if 0 # Nothing here yet %endif