rpms/openssh
7
0
Fork 1
Code Issues Pull Requests Releases Activity

rebase for openssh-6.3p1, remove unused patches (#1007769)

Browse Source
This commit is contained in:
Petr Lautrbach 2013-10-14 15:54:41 +02:00
parent c33ef551ca
commit 84822b5dec
19 changed files with 2100 additions and 3401 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1080
openssh-6.2p1-aarch64.patch
View File

File diff suppressed because it is too large Load Diff

12
openssh-6.2p1-modpipe-cflags.patch
View File

@ -1,12 +0,0 @@
diff -up openssh-6.2p1/Makefile.in.modpipe-pie openssh-6.2p1/Makefile.in
--- openssh-6.2p1/Makefile.in.modpipe-pie 2013-04-04 14:44:26.293745777 +0200
+++ openssh-6.2p1/Makefile.in 2013-04-04 14:44:49.483647020 +0200
@@ -418,7 +418,7 @@ uninstall:
regress/modpipe$(EXEEXT): $(srcdir)/regress/modpipe.c
[ -d `pwd`/regress ] || mkdir -p `pwd`/regress; \
- $(CC) $(CPPFLAGS) -o $@ $? \
+ $(CC) $(CPPFLAGS) $(CFLAGS) -o $@ $? \
$(LDFLAGS) -lopenbsd-compat -lssh -lopenbsd-compat $(LIBS)
tests interop-tests: $(TARGETS) regress/modpipe$(EXEEXT)

64
openssh-6.2p2-sftp-multibyte.patch
View File

@ -1,64 +0,0 @@
diff --git a/ChangeLog b/ChangeLog
index f5e2df0..74a03f8 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,11 @@
+20130605
+ - dtucker@cvs.openbsd.org 2013/06/04 20:42:36
+ [sftp.c]
+ Make sftp's libedit interface marginally multibyte aware by building up
+ the quoted string by character instead of by byte. Prevents failures
+ when linked against a libedit built with wide character support (bz#1990).
+ "looks ok" djm
+
20130516
- (djm) [contrib/ssh-copy-id] Fix bug that could cause "rm *" to be
executed if mktemp failed; bz#2105 ok dtucker@
diff --git a/sftp.c b/sftp.c
index 25c35fa..c9a9919 100644
--- a/sftp.c
+++ b/sftp.c
@@ -38,6 +38,7 @@
#ifdef HAVE_LIBGEN_H
#include <libgen.h>
#endif
+#include <locale.h>
#ifdef USE_LIBEDIT
#include <histedit.h>
#else
@@ -1694,8 +1695,9 @@ complete_match(EditLine *el, struct sftp_conn *conn, char *remote_path,
char *file, int remote, int lastarg, char quote, int terminated)
{
glob_t g;
- char *tmp, *tmp2, ins[3];
+ char *tmp, *tmp2, ins[8];
u_int i, hadglob, pwdlen, len, tmplen, filelen, cesc, isesc, isabs;
+ int clen;
const LineInfo *lf;
/* Glob from "file" location */
@@ -1764,10 +1766,13 @@ complete_match(EditLine *el, struct sftp_conn *conn, char *remote_path,
tmp2 = tmp + filelen - cesc;
len = strlen(tmp2);
/* quote argument on way out */
- for (i = 0; i < len; i++) {
+ for (i = 0; i < len; i += clen) {
+ if ((clen = mblen(tmp2 + i, len - i)) < 0 ||
+ (size_t)clen > sizeof(ins) - 2)
+ fatal("invalid multibyte character");
ins[0] = '\\';
- ins[1] = tmp2[i];
- ins[2] = '\0';
+ memcpy(ins + 1, tmp2 + i, clen);
+ ins[clen + 1] = '\0';
switch (tmp2[i]) {
case '\'':
case '"':
@@ -2112,6 +2117,7 @@ main(int argc, char **argv)
/* Ensure that fds 0, 1 and 2 are open or directed to /dev/null */
sanitise_stdfd();
+ setlocale(LC_CTYPE, "");
__progname = ssh_get_progname(argv[0]);
memset(&args, '\0', sizeof(args));

23
openssh-6.2p2-ssh_gai_strerror.patch
View File

@ -1,23 +0,0 @@
diff -U0 openssh-6.2p2/ChangeLog.ssh_gai_strerror openssh-6.2p2/ChangeLog
--- openssh-6.2p2/ChangeLog.ssh_gai_strerror 2013-07-23 12:03:41.467902339 +0200
+++ openssh-6.2p2/ChangeLog 2013-07-23 12:06:03.414281151 +0200
@@ -0,0 +1,7 @@
+20130718
+ - djm@cvs.openbsd.org 2013/07/12 00:43:50
+ [misc.c]
+ in ssh_gai_strerror() don't fallback to strerror for EAI_SYSTEM when
+ errno == 0. Avoids confusing error message in some broken resolver
+ cases. bz#2122 patch from plautrba AT redhat.com; ok dtucker
+
diff -up openssh-6.2p2/misc.c.ssh_gai_strerror openssh-6.2p2/misc.c
--- openssh-6.2p2/misc.c.ssh_gai_strerror 2013-07-23 12:03:41.321902978 +0200
+++ openssh-6.2p2/misc.c 2013-07-23 12:03:41.467902339 +0200
@@ -127,7 +127,7 @@ unset_nonblock(int fd)
const char *
ssh_gai_strerror(int gaierr)
{
- if (gaierr == EAI_SYSTEM)
+ if (gaierr == EAI_SYSTEM && errno != 0)
return strerror(errno);
return gai_strerror(gaierr);
}

456
openssh-6.2p1-audit.patch → openssh-6.3p1-audit.patch
View File

File diff suppressed because it is too large Load Diff

392
openssh-6.2p1-coverity.patch → openssh-6.3p1-coverity.patch
View File

@ -1,6 +1,6 @@
diff -up openssh-6.2p1/auth-pam.c.coverity openssh-6.2p1/auth-pam.c
--- openssh-6.2p1/auth-pam.c.coverity 2009-07-12 14:07:21.000000000 +0200
+++ openssh-6.2p1/auth-pam.c 2013-03-22 09:49:37.341595458 +0100
diff -up openssh-6.3p1/auth-pam.c.coverity openssh-6.3p1/auth-pam.c
--- openssh-6.3p1/auth-pam.c.coverity 2013-06-02 00:07:32.000000000 +0200
+++ openssh-6.3p1/auth-pam.c 2013-10-07 13:20:36.288298063 +0200
@@ -216,7 +216,12 @@ pthread_join(sp_pthread_t thread, void *
if (sshpam_thread_status != -1)
return (sshpam_thread_status);
@ -15,10 +15,10 @@ diff -up openssh-6.2p1/auth-pam.c.coverity openssh-6.2p1/auth-pam.c
return (status);
}
#endif
diff -up openssh-6.2p1/channels.c.coverity openssh-6.2p1/channels.c
--- openssh-6.2p1/channels.c.coverity 2012-12-02 23:50:55.000000000 +0100
+++ openssh-6.2p1/channels.c 2013-03-22 09:49:37.344595444 +0100
@@ -232,11 +232,11 @@ channel_register_fds(Channel *c, int rfd
diff -up openssh-6.3p1/channels.c.coverity openssh-6.3p1/channels.c
--- openssh-6.3p1/channels.c.coverity 2013-09-13 08:19:31.000000000 +0200
+++ openssh-6.3p1/channels.c 2013-10-07 13:20:36.289298058 +0200
@@ -233,11 +233,11 @@ channel_register_fds(Channel *c, int rfd
channel_max_fd = MAX(channel_max_fd, wfd);
channel_max_fd = MAX(channel_max_fd, efd);
@ -33,7 +33,7 @@ diff -up openssh-6.2p1/channels.c.coverity openssh-6.2p1/channels.c
fcntl(efd, F_SETFD, FD_CLOEXEC);
c->rfd = rfd;
@@ -251,11 +251,11 @@ channel_register_fds(Channel *c, int rfd
@@ -255,11 +255,11 @@ channel_register_fds(Channel *c, int rfd
/* enable nonblocking mode */
if (nonblock) {
@ -48,10 +48,10 @@ diff -up openssh-6.2p1/channels.c.coverity openssh-6.2p1/channels.c
set_nonblock(efd);
}
}
diff -up openssh-6.2p1/clientloop.c.coverity openssh-6.2p1/clientloop.c
--- openssh-6.2p1/clientloop.c.coverity 2013-01-09 05:55:51.000000000 +0100
+++ openssh-6.2p1/clientloop.c 2013-03-22 09:49:37.342595453 +0100
@@ -2061,14 +2061,15 @@ client_input_global_request(int type, u_
diff -up openssh-6.3p1/clientloop.c.coverity openssh-6.3p1/clientloop.c
--- openssh-6.3p1/clientloop.c.coverity 2013-06-10 05:07:12.000000000 +0200
+++ openssh-6.3p1/clientloop.c 2013-10-07 13:20:36.289298058 +0200
@@ -2068,14 +2068,15 @@ client_input_global_request(int type, u_
char *rtype;
int want_reply;
int success = 0;
@ -69,10 +69,10 @@ diff -up openssh-6.2p1/clientloop.c.coverity openssh-6.2p1/clientloop.c
packet_send();
packet_write_wait();
}
diff -up openssh-6.2p1/key.c.coverity openssh-6.2p1/key.c
--- openssh-6.2p1/key.c.coverity 2013-01-18 01:44:05.000000000 +0100
+++ openssh-6.2p1/key.c 2013-03-22 09:49:37.345595440 +0100
@@ -808,8 +808,10 @@ key_read(Key *ret, char **cpp)
diff -up openssh-6.3p1/key.c.coverity openssh-6.3p1/key.c
--- openssh-6.3p1/key.c.coverity 2013-06-01 23:41:51.000000000 +0200
+++ openssh-6.3p1/key.c 2013-10-07 13:20:36.290298054 +0200
@@ -807,8 +807,10 @@ key_read(Key *ret, char **cpp)
success = 1;
/*XXXX*/
key_free(k);
@ -83,9 +83,9 @@ diff -up openssh-6.2p1/key.c.coverity openssh-6.2p1/key.c
/* advance cp: skip whitespace and data */
while (*cp == ' ' || *cp == '\t')
cp++;
diff -up openssh-6.2p1/monitor.c.coverity openssh-6.2p1/monitor.c
--- openssh-6.2p1/monitor.c.coverity 2012-12-12 00:44:39.000000000 +0100
+++ openssh-6.2p1/monitor.c 2013-03-22 12:19:55.189921353 +0100
diff -up openssh-6.3p1/monitor.c.coverity openssh-6.3p1/monitor.c
--- openssh-6.3p1/monitor.c.coverity 2013-07-20 05:21:53.000000000 +0200
+++ openssh-6.3p1/monitor.c 2013-10-07 13:54:36.761314042 +0200
@@ -449,7 +449,7 @@ monitor_child_preauth(Authctxt *_authctx
mm_get_keystate(pmonitor);
@ -95,7 +95,7 @@ diff -up openssh-6.2p1/monitor.c.coverity openssh-6.2p1/monitor.c
;
close(pmonitor->m_sendfd);
@@ -1194,6 +1194,10 @@ mm_answer_keyallowed(int sock, Buffer *m
@@ -1202,6 +1202,10 @@ mm_answer_keyallowed(int sock, Buffer *m
break;
}
}
@ -106,8 +106,8 @@ diff -up openssh-6.2p1/monitor.c.coverity openssh-6.2p1/monitor.c
if (key != NULL)
key_free(key);
@@ -1216,9 +1220,6 @@ mm_answer_keyallowed(int sock, Buffer *m
xfree(chost);
@@ -1223,9 +1227,6 @@ mm_answer_keyallowed(int sock, Buffer *m
free(chost);
}
- debug3("%s: key %p is %s",
@ -116,10 +116,10 @@ diff -up openssh-6.2p1/monitor.c.coverity openssh-6.2p1/monitor.c
buffer_clear(m);
buffer_put_int(m, allowed);
buffer_put_int(m, forced_command != NULL);
diff -up openssh-6.2p1/monitor_wrap.c.coverity openssh-6.2p1/monitor_wrap.c
--- openssh-6.2p1/monitor_wrap.c.coverity 2013-01-09 06:12:19.000000000 +0100
+++ openssh-6.2p1/monitor_wrap.c 2013-03-22 09:49:37.347595431 +0100
@@ -708,10 +708,10 @@ mm_pty_allocate(int *ptyfd, int *ttyfd,
diff -up openssh-6.3p1/monitor_wrap.c.coverity openssh-6.3p1/monitor_wrap.c
--- openssh-6.3p1/monitor_wrap.c.coverity 2013-06-02 00:07:32.000000000 +0200
+++ openssh-6.3p1/monitor_wrap.c 2013-10-07 13:20:36.291298049 +0200
@@ -710,10 +710,10 @@ mm_pty_allocate(int *ptyfd, int *ttyfd,
if ((tmp1 = dup(pmonitor->m_recvfd)) == -1 ||
(tmp2 = dup(pmonitor->m_recvfd)) == -1) {
error("%s: cannot allocate fds for pty", __func__);
@ -133,9 +133,9 @@ diff -up openssh-6.2p1/monitor_wrap.c.coverity openssh-6.2p1/monitor_wrap.c
return 0;
}
close(tmp1);
diff -up openssh-6.2p1/openbsd-compat/bindresvport.c.coverity openssh-6.2p1/openbsd-compat/bindresvport.c
--- openssh-6.2p1/openbsd-compat/bindresvport.c.coverity 2010-12-03 00:50:26.000000000 +0100
+++ openssh-6.2p1/openbsd-compat/bindresvport.c 2013-03-22 09:49:37.347595431 +0100
diff -up openssh-6.3p1/openbsd-compat/bindresvport.c.coverity openssh-6.3p1/openbsd-compat/bindresvport.c
--- openssh-6.3p1/openbsd-compat/bindresvport.c.coverity 2010-12-03 00:50:26.000000000 +0100
+++ openssh-6.3p1/openbsd-compat/bindresvport.c 2013-10-07 13:20:36.291298049 +0200
@@ -58,7 +58,7 @@ bindresvport_sa(int sd, struct sockaddr
struct sockaddr_in6 *in6;
u_int16_t *portp;
@ -145,10 +145,10 @@ diff -up openssh-6.2p1/openbsd-compat/bindresvport.c.coverity openssh-6.2p1/open
int i;
if (sa == NULL) {
diff -up openssh-6.2p1/packet.c.coverity openssh-6.2p1/packet.c
--- openssh-6.2p1/packet.c.coverity 2013-02-12 01:03:59.000000000 +0100
+++ openssh-6.2p1/packet.c 2013-03-22 09:49:37.348595426 +0100
@@ -1192,6 +1192,7 @@ packet_read_poll1(void)
diff -up openssh-6.3p1/packet.c.coverity openssh-6.3p1/packet.c
--- openssh-6.3p1/packet.c.coverity 2013-07-18 08:12:45.000000000 +0200
+++ openssh-6.3p1/packet.c 2013-10-07 13:20:36.291298049 +0200
@@ -1199,6 +1199,7 @@ packet_read_poll1(void)
case DEATTACK_DETECTED:
packet_disconnect("crc32 compensation attack: "
"network attack detected");
@ -156,18 +156,9 @@ diff -up openssh-6.2p1/packet.c.coverity openssh-6.2p1/packet.c
case DEATTACK_DOS_DETECTED:
packet_disconnect("deattack denial of "
"service detected");
@@ -1728,7 +1729,7 @@ void
packet_write_wait(void)
{
fd_set *setp;
- int ret, ms_remain;
+ int ret, ms_remain = 0;
struct timeval start, timeout, *timeoutp = NULL;
setp = (fd_set *)xcalloc(howmany(active_state->connection_out + 1,
diff -up openssh-6.2p1/progressmeter.c.coverity openssh-6.2p1/progressmeter.c
--- openssh-6.2p1/progressmeter.c.coverity 2006-08-05 04:39:40.000000000 +0200
+++ openssh-6.2p1/progressmeter.c 2013-03-22 09:49:37.349595422 +0100
diff -up openssh-6.3p1/progressmeter.c.coverity openssh-6.3p1/progressmeter.c
--- openssh-6.3p1/progressmeter.c.coverity 2013-06-02 15:46:24.000000000 +0200
+++ openssh-6.3p1/progressmeter.c 2013-10-07 13:42:32.377850691 +0200
@@ -65,7 +65,7 @@ static void update_progress_meter(int);
static time_t start; /* start progress */
@ -184,11 +175,11 @@ diff -up openssh-6.2p1/progressmeter.c.coverity openssh-6.2p1/progressmeter.c
-start_progress_meter(char *f, off_t filesize, off_t *ctr)
+start_progress_meter(const char *f, off_t filesize, off_t *ctr)
{
start = last_update = time(NULL);
start = last_update = monotime();
file = f;
diff -up openssh-6.2p1/progressmeter.h.coverity openssh-6.2p1/progressmeter.h
--- openssh-6.2p1/progressmeter.h.coverity 2006-03-26 05:30:02.000000000 +0200
+++ openssh-6.2p1/progressmeter.h 2013-03-22 09:49:37.349595422 +0100
diff -up openssh-6.3p1/progressmeter.h.coverity openssh-6.3p1/progressmeter.h
--- openssh-6.3p1/progressmeter.h.coverity 2006-03-26 05:30:02.000000000 +0200
+++ openssh-6.3p1/progressmeter.h 2013-10-07 13:20:36.292298044 +0200
@@ -23,5 +23,5 @@
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
@ -196,9 +187,9 @@ diff -up openssh-6.2p1/progressmeter.h.coverity openssh-6.2p1/progressmeter.h
-void start_progress_meter(char *, off_t, off_t *);
+void start_progress_meter(const char *, off_t, off_t *);
void stop_progress_meter(void);
diff -up openssh-6.2p1/scp.c.coverity openssh-6.2p1/scp.c
--- openssh-6.2p1/scp.c.coverity 2013-03-20 02:55:15.000000000 +0100
+++ openssh-6.2p1/scp.c 2013-03-22 09:49:37.349595422 +0100
diff -up openssh-6.3p1/scp.c.coverity openssh-6.3p1/scp.c
--- openssh-6.3p1/scp.c.coverity 2013-07-18 08:11:25.000000000 +0200
+++ openssh-6.3p1/scp.c 2013-10-07 13:20:36.292298044 +0200
@@ -155,7 +155,7 @@ killchild(int signo)
{
if (do_cmd_pid > 1) {
@ -208,10 +199,10 @@ diff -up openssh-6.2p1/scp.c.coverity openssh-6.2p1/scp.c
}
if (signo)
diff -up openssh-6.2p1/servconf.c.coverity openssh-6.2p1/servconf.c
--- openssh-6.2p1/servconf.c.coverity 2013-02-12 01:02:08.000000000 +0100
+++ openssh-6.2p1/servconf.c 2013-03-22 09:49:37.350595418 +0100
@@ -1268,7 +1268,7 @@ process_server_config_line(ServerOptions
diff -up openssh-6.3p1/servconf.c.coverity openssh-6.3p1/servconf.c
--- openssh-6.3p1/servconf.c.coverity 2013-07-20 05:21:53.000000000 +0200
+++ openssh-6.3p1/servconf.c 2013-10-07 13:20:36.293298039 +0200
@@ -1323,7 +1323,7 @@ process_server_config_line(ServerOptions
fatal("%s line %d: Missing subsystem name.",
filename, linenum);
if (!*activep) {
@ -220,7 +211,7 @@ diff -up openssh-6.2p1/servconf.c.coverity openssh-6.2p1/servconf.c
break;
}
for (i = 0; i < options->num_subsystems; i++)
@@ -1359,8 +1359,9 @@ process_server_config_line(ServerOptions
@@ -1414,8 +1414,9 @@ process_server_config_line(ServerOptions
if (*activep && *charptr == NULL) {
*charptr = tilde_expand_filename(arg, getuid());
/* increase optional counter */
@ -232,16 +223,16 @@ diff -up openssh-6.2p1/servconf.c.coverity openssh-6.2p1/servconf.c
}
break;
diff -up openssh-6.2p1/serverloop.c.coverity openssh-6.2p1/serverloop.c
--- openssh-6.2p1/serverloop.c.coverity 2012-12-07 03:07:47.000000000 +0100
+++ openssh-6.2p1/serverloop.c 2013-03-22 09:49:37.351595413 +0100
diff -up openssh-6.3p1/serverloop.c.coverity openssh-6.3p1/serverloop.c
--- openssh-6.3p1/serverloop.c.coverity 2013-07-18 08:12:45.000000000 +0200
+++ openssh-6.3p1/serverloop.c 2013-10-07 13:43:36.620537138 +0200
@@ -147,13 +147,13 @@ notify_setup(void)
static void
notify_parent(void)
{
- if (notify_pipe[1] != -1)
+ if (notify_pipe[1] >= 0)
write(notify_pipe[1], "", 1);
(void)write(notify_pipe[1], "", 1);
}
static void
notify_prepare(fd_set *readset)
@ -307,7 +298,7 @@ diff -up openssh-6.2p1/serverloop.c.coverity openssh-6.2p1/serverloop.c
if (fdin != fdout)
close(fdin);
else
@@ -741,15 +741,15 @@ server_loop(pid_t pid, int fdin_arg, int
@@ -739,15 +739,15 @@ server_loop(pid_t pid, int fdin_arg, int
buffer_free(&stderr_buffer);
/* Close the file descriptors. */
@ -326,7 +317,7 @@ diff -up openssh-6.2p1/serverloop.c.coverity openssh-6.2p1/serverloop.c
close(fdin);
fdin = -1;
@@ -943,7 +943,7 @@ server_input_window_size(int type, u_int
@@ -946,7 +946,7 @@ server_input_window_size(int type, u_int
debug("Window change received.");
packet_check_eom();
@ -335,7 +326,7 @@ diff -up openssh-6.2p1/serverloop.c.coverity openssh-6.2p1/serverloop.c
pty_change_window_size(fdin, row, col, xpixel, ypixel);
}
@@ -1003,7 +1003,7 @@ server_request_tun(void)
@@ -1006,7 +1006,7 @@ server_request_tun(void)
}
tun = packet_get_int();
@ -344,111 +335,9 @@ diff -up openssh-6.2p1/serverloop.c.coverity openssh-6.2p1/serverloop.c
if (tun != SSH_TUNID_ANY && forced_tun_device != tun)
goto done;
tun = forced_tun_device;
diff -up openssh-6.2p1/sftp.c.coverity openssh-6.2p1/sftp.c
--- openssh-6.2p1/sftp.c.coverity 2013-02-22 23:12:24.000000000 +0100
+++ openssh-6.2p1/sftp.c 2013-03-22 09:49:37.352595409 +0100
@@ -202,7 +202,7 @@ killchild(int signo)
{
if (sshpid > 1) {
kill(sshpid, SIGTERM);
- waitpid(sshpid, NULL, 0);
+ (void) waitpid(sshpid, NULL, 0);
}
_exit(1);
@@ -312,7 +312,7 @@ local_do_ls(const char *args)
/* Strip one path (usually the pwd) from the start of another */
static char *
-path_strip(char *path, char *strip)
+path_strip(const char *path, const char *strip)
{
size_t len;
@@ -330,7 +330,7 @@ path_strip(char *path, char *strip)
}
static char *
-make_absolute(char *p, char *pwd)
+make_absolute(char *p, const char *pwd)
{
char *abs_str;
@@ -478,7 +478,7 @@ parse_df_flags(const char *cmd, char **a
}
static int
-is_dir(char *path)
+is_dir(const char *path)
{
struct stat sb;
@@ -490,7 +490,7 @@ is_dir(char *path)
}
static int
-remote_is_dir(struct sftp_conn *conn, char *path)
+remote_is_dir(struct sftp_conn *conn, const char *path)
{
Attrib *a;
@@ -504,7 +504,7 @@ remote_is_dir(struct sftp_conn *conn, ch
/* Check whether path returned from glob(..., GLOB_MARK, ...) is a directory */
static int
-pathname_is_dir(char *pathname)
+pathname_is_dir(const char *pathname)
{
size_t l = strlen(pathname);
@@ -512,7 +512,7 @@ pathname_is_dir(char *pathname)
}
static int
-process_get(struct sftp_conn *conn, char *src, char *dst, char *pwd,
+process_get(struct sftp_conn *conn, const char *src, const char *dst, const char *pwd,
int pflag, int rflag)
{
char *abs_src = NULL;
@@ -586,7 +586,7 @@ out:
}
static int
-process_put(struct sftp_conn *conn, char *src, char *dst, char *pwd,
+process_put(struct sftp_conn *conn, const char *src, const char *dst, const char *pwd,
int pflag, int rflag)
{
char *tmp_dst = NULL;
@@ -691,7 +691,7 @@ sdirent_comp(const void *aa, const void
/* sftp ls.1 replacement for directories */
static int
-do_ls_dir(struct sftp_conn *conn, char *path, char *strip_path, int lflag)
+do_ls_dir(struct sftp_conn *conn, const char *path, const char *strip_path, int lflag)
{
int n;
u_int c = 1, colspace = 0, columns = 1;
@@ -776,7 +776,7 @@ do_ls_dir(struct sftp_conn *conn, char *
/* sftp ls.1 replacement which handles path globs */
static int
-do_globbed_ls(struct sftp_conn *conn, char *path, char *strip_path,
+do_globbed_ls(struct sftp_conn *conn, const char *path, const char *strip_path,
int lflag)
{
char *fname, *lname;
@@ -857,7 +857,7 @@ do_globbed_ls(struct sftp_conn *conn, ch
}
static int
-do_df(struct sftp_conn *conn, char *path, int hflag, int iflag)
+do_df(struct sftp_conn *conn, const char *path, int hflag, int iflag)
{
struct sftp_statvfs st;
char s_used[FMT_SCALED_STRSIZE];
diff -up openssh-6.2p1/sftp-client.c.coverity openssh-6.2p1/sftp-client.c
--- openssh-6.2p1/sftp-client.c.coverity 2012-07-02 14:15:39.000000000 +0200
+++ openssh-6.2p1/sftp-client.c 2013-03-22 09:49:37.353595404 +0100
diff -up openssh-6.3p1/sftp-client.c.coverity openssh-6.3p1/sftp-client.c
--- openssh-6.3p1/sftp-client.c.coverity 2013-07-26 00:40:00.000000000 +0200
+++ openssh-6.3p1/sftp-client.c 2013-10-07 13:48:45.885027420 +0200
@@ -149,7 +149,7 @@ get_msg(struct sftp_conn *conn, Buffer *
}
@ -599,28 +488,28 @@ diff -up openssh-6.2p1/sftp-client.c.coverity openssh-6.2p1/sftp-client.c
int
-do_download(struct sftp_conn *conn, char *remote_path, char *local_path,
+do_download(struct sftp_conn *conn, const char *remote_path, const char *local_path,
Attrib *a, int pflag)
Attrib *a, int pflag, int resume)
{
Attrib junk;
@@ -1226,7 +1226,7 @@ do_download(struct sftp_conn *conn, char
@@ -1255,7 +1255,7 @@ do_download(struct sftp_conn *conn, char
}
static int
-download_dir_internal(struct sftp_conn *conn, char *src, char *dst,
+download_dir_internal(struct sftp_conn *conn, const char *src, const char *dst,
Attrib *dirattrib, int pflag, int printflag, int depth)
Attrib *dirattrib, int pflag, int printflag, int depth, int resume)
{
int i, ret = 0;
@@ -1316,7 +1316,7 @@ download_dir_internal(struct sftp_conn *
@@ -1345,7 +1345,7 @@ download_dir_internal(struct sftp_conn *
}
int
-download_dir(struct sftp_conn *conn, char *src, char *dst,
+download_dir(struct sftp_conn *conn, const char *src, const char *dst,
Attrib *dirattrib, int pflag, int printflag)
Attrib *dirattrib, int pflag, int printflag, int resume)
{
char *src_canon;
@@ -1334,7 +1334,7 @@ download_dir(struct sftp_conn *conn, cha
@@ -1363,7 +1363,7 @@ download_dir(struct sftp_conn *conn, cha
}
int
@ -629,7 +518,7 @@ diff -up openssh-6.2p1/sftp-client.c.coverity openssh-6.2p1/sftp-client.c
int pflag)
{
int local_fd;
@@ -1517,7 +1517,7 @@ do_upload(struct sftp_conn *conn, char *
@@ -1548,7 +1548,7 @@ do_upload(struct sftp_conn *conn, char *
}
static int
@ -638,7 +527,7 @@ diff -up openssh-6.2p1/sftp-client.c.coverity openssh-6.2p1/sftp-client.c
int pflag, int printflag, int depth)
{
int ret = 0, status;
@@ -1608,7 +1608,7 @@ upload_dir_internal(struct sftp_conn *co
@@ -1639,7 +1639,7 @@ upload_dir_internal(struct sftp_conn *co
}
int
@ -647,7 +536,7 @@ diff -up openssh-6.2p1/sftp-client.c.coverity openssh-6.2p1/sftp-client.c
int pflag)
{
char *dst_canon;
@@ -1625,7 +1625,7 @@ upload_dir(struct sftp_conn *conn, char
@@ -1656,7 +1656,7 @@ upload_dir(struct sftp_conn *conn, char
}
char *
@ -656,9 +545,9 @@ diff -up openssh-6.2p1/sftp-client.c.coverity openssh-6.2p1/sftp-client.c
{
char *ret;
size_t len = strlen(p1) + strlen(p2) + 2;
diff -up openssh-6.2p1/sftp-client.h.coverity openssh-6.2p1/sftp-client.h
--- openssh-6.2p1/sftp-client.h.coverity 2010-12-04 23:02:48.000000000 +0100
+++ openssh-6.2p1/sftp-client.h 2013-03-22 09:49:37.353595404 +0100
diff -up openssh-6.3p1/sftp-client.h.coverity openssh-6.3p1/sftp-client.h
--- openssh-6.3p1/sftp-client.h.coverity 2013-07-25 03:56:52.000000000 +0200
+++ openssh-6.3p1/sftp-client.h 2013-10-07 13:45:10.108080813 +0200
@@ -56,49 +56,49 @@ struct sftp_conn *do_init(int, int, u_in
u_int sftp_proto_version(struct sftp_conn *);
@ -727,15 +616,15 @@ diff -up openssh-6.2p1/sftp-client.h.coverity openssh-6.2p1/sftp-client.h
* Download 'remote_path' to 'local_path'. Preserve permissions and times
* if 'pflag' is set
*/
-int do_download(struct sftp_conn *, char *, char *, Attrib *, int);
+int do_download(struct sftp_conn *, const char *, const char *, Attrib *, int);
-int do_download(struct sftp_conn *, char *, char *, Attrib *, int, int);
+int do_download(struct sftp_conn *, const char *, const char *, Attrib *, int, int);
/*
* Recursively download 'remote_directory' to 'local_directory'. Preserve
* times if 'pflag' is set
*/
-int download_dir(struct sftp_conn *, char *, char *, Attrib *, int, int);
+int download_dir(struct sftp_conn *, const char *, const char *, Attrib *, int, int);
-int download_dir(struct sftp_conn *, char *, char *, Attrib *, int, int, int);
+int download_dir(struct sftp_conn *, const char *, const char *, Attrib *, int, int, int);
/*
* Upload 'local_path' to 'remote_path'. Preserve permissions and times
@ -756,10 +645,112 @@ diff -up openssh-6.2p1/sftp-client.h.coverity openssh-6.2p1/sftp-client.h
+char *path_append(const char *, const char *);
#endif
diff -up openssh-6.2p1/ssh-agent.c.coverity openssh-6.2p1/ssh-agent.c
--- openssh-6.2p1/ssh-agent.c.coverity 2011-06-03 06:14:16.000000000 +0200
+++ openssh-6.2p1/ssh-agent.c 2013-03-22 09:49:37.354595400 +0100
@@ -1147,8 +1147,8 @@ main(int ac, char **av)
diff -up openssh-6.3p1/sftp.c.coverity openssh-6.3p1/sftp.c
--- openssh-6.3p1/sftp.c.coverity 2013-07-25 03:56:52.000000000 +0200
+++ openssh-6.3p1/sftp.c 2013-10-07 13:49:47.322727449 +0200
@@ -213,7 +213,7 @@ killchild(int signo)
{
if (sshpid > 1) {
kill(sshpid, SIGTERM);
- waitpid(sshpid, NULL, 0);
+ (void) waitpid(sshpid, NULL, 0);
}
_exit(1);
@@ -324,7 +324,7 @@ local_do_ls(const char *args)
/* Strip one path (usually the pwd) from the start of another */
static char *
-path_strip(char *path, char *strip)
+path_strip(const char *path, const char *strip)
{
size_t len;
@@ -342,7 +342,7 @@ path_strip(char *path, char *strip)
}
static char *
-make_absolute(char *p, char *pwd)
+make_absolute(char *p, const char *pwd)
{
char *abs_str;
@@ -493,7 +493,7 @@ parse_df_flags(const char *cmd, char **a
}
static int
-is_dir(char *path)
+is_dir(const char *path)
{
struct stat sb;
@@ -505,7 +505,7 @@ is_dir(char *path)
}
static int
-remote_is_dir(struct sftp_conn *conn, char *path)
+remote_is_dir(struct sftp_conn *conn, const char *path)
{
Attrib *a;
@@ -519,7 +519,7 @@ remote_is_dir(struct sftp_conn *conn, ch
/* Check whether path returned from glob(..., GLOB_MARK, ...) is a directory */
static int
-pathname_is_dir(char *pathname)
+pathname_is_dir(const char *pathname)
{
size_t l = strlen(pathname);
@@ -527,7 +527,7 @@ pathname_is_dir(char *pathname)
}
static int
-process_get(struct sftp_conn *conn, char *src, char *dst, char *pwd,
+process_get(struct sftp_conn *conn, const char *src, const char *dst, const char *pwd,
int pflag, int rflag, int resume)
{
char *abs_src = NULL;
@@ -605,7 +605,7 @@ out:
}
static int
-process_put(struct sftp_conn *conn, char *src, char *dst, char *pwd,
+process_put(struct sftp_conn *conn, const char *src, const char *dst, const char *pwd,
int pflag, int rflag)
{
char *tmp_dst = NULL;
@@ -709,7 +709,7 @@ sdirent_comp(const void *aa, const void
/* sftp ls.1 replacement for directories */
static int
-do_ls_dir(struct sftp_conn *conn, char *path, char *strip_path, int lflag)
+do_ls_dir(struct sftp_conn *conn, const char *path, const char *strip_path, int lflag)
{
int n;
u_int c = 1, colspace = 0, columns = 1;
@@ -794,7 +794,7 @@ do_ls_dir(struct sftp_conn *conn, char *
/* sftp ls.1 replacement which handles path globs */
static int
-do_globbed_ls(struct sftp_conn *conn, char *path, char *strip_path,
+do_globbed_ls(struct sftp_conn *conn, const char *path, const char *strip_path,
int lflag)
{
char *fname, *lname;
@@ -875,7 +875,7 @@ do_globbed_ls(struct sftp_conn *conn, ch
}
static int
-do_df(struct sftp_conn *conn, char *path, int hflag, int iflag)
+do_df(struct sftp_conn *conn, const char *path, int hflag, int iflag)
{
struct sftp_statvfs st;
char s_used[FMT_SCALED_STRSIZE];
diff -up openssh-6.3p1/ssh-agent.c.coverity openssh-6.3p1/ssh-agent.c
--- openssh-6.3p1/ssh-agent.c.coverity 2013-07-20 05:22:49.000000000 +0200
+++ openssh-6.3p1/ssh-agent.c 2013-10-07 13:20:36.296298024 +0200
@@ -1143,8 +1143,8 @@ main(int ac, char **av)
sanitise_stdfd();
/* drop */
@ -770,37 +761,28 @@ diff -up openssh-6.2p1/ssh-agent.c.coverity openssh-6.2p1/ssh-agent.c
#if defined(HAVE_PRCTL) && defined(PR_SET_DUMPABLE)
/* Disable ptrace on Linux without sgid bit */
diff -up openssh-6.2p1/sshd.c.coverity openssh-6.2p1/sshd.c
--- openssh-6.2p1/sshd.c.coverity 2013-02-12 01:04:48.000000000 +0100
+++ openssh-6.2p1/sshd.c 2013-03-22 09:49:37.355595396 +0100
@@ -691,8 +691,10 @@ privsep_preauth(Authctxt *authctxt)
diff -up openssh-6.3p1/sshd.c.coverity openssh-6.3p1/sshd.c
--- openssh-6.3p1/sshd.c.coverity 2013-07-20 05:21:53.000000000 +0200
+++ openssh-6.3p1/sshd.c 2013-10-07 13:20:36.296298024 +0200
@@ -699,8 +699,10 @@ privsep_preauth(Authctxt *authctxt)
if (getuid() == 0 || geteuid() == 0)
privsep_preauth_child();
setproctitle("%s", "[net]");
- if (box != NULL)
+ if (box != NULL) {
ssh_sandbox_child(box);
+ xfree(box);
+ free(box);
+ }
return 0;
}
@@ -1320,6 +1322,9 @@ server_accept_loop(int *sock_in, int *so
@@ -1345,6 +1347,9 @@ server_accept_loop(int *sock_in, int *so
if (num_listen_socks < 0)
break;
}
+
+ if (fdset != NULL)
+ xfree(fdset);
+ free(fdset);
}
@@ -1806,7 +1811,7 @@ main(int ac, char **av)
/* Chdir to the root directory so that the current disk can be
unmounted if desired. */
- chdir("/");
+ (void) chdir("/");
/* ignore SIGPIPE */
signal(SIGPIPE, SIG_IGN);

8
openssh-6.2p1-ctr-cavstest.patch → openssh-6.3p1-ctr-cavstest.patch
View File

@ -185,8 +185,8 @@ diff -up openssh-6.2p1/ctr-cavstest.c.ctr-cavs openssh-6.2p1/ctr-cavstest.c
+
+ cipher_init(&cc, c, key, keylen, iv, ivlen, encrypt);
+
+ xfree(key);
+ xfree(iv);
+ free(key);
+ free(iv);
+
+ outdata = malloc(datalen);
+ if(outdata == NULL) {
@ -196,7 +196,7 @@ diff -up openssh-6.2p1/ctr-cavstest.c.ctr-cavs openssh-6.2p1/ctr-cavstest.c
+
+ cipher_crypt(&cc, outdata, data, datalen, 0, 0);
+
+ xfree(data);
+ free(data);
+
+ cipher_cleanup(&cc);
+
@ -204,7 +204,7 @@ diff -up openssh-6.2p1/ctr-cavstest.c.ctr-cavs openssh-6.2p1/ctr-cavstest.c
+ printf("%02X", (unsigned char)*p);
+ }
+
+ xfree(outdata);
+ free(outdata);
+
+ printf("\n");
+ return 0;

2
openssh-5.9p1-ctr-evp-fast.patch → openssh-6.3p1-ctr-evp-fast.patch
View File

@ -97,5 +97,5 @@ diff -up openssh-5.9p1/cipher-ctr.c.ctr-evp openssh-5.9p1/cipher-ctr.c
if ((c = EVP_CIPHER_CTX_get_app_data(ctx)) != NULL) {
+ EVP_CIPHER_CTX_cleanup(&c->ecbctx);
memset(c, 0, sizeof(*c));
xfree(c);
free(c);
EVP_CIPHER_CTX_set_app_data(ctx, NULL);

375
openssh-6.2p1-fingerprint.patch → openssh-6.3p1-fingerprint.patch
View File

@ -1,14 +1,31 @@
diff -up openssh-6.2p1/auth2-hostbased.c.fingerprint openssh-6.2p1/auth2-hostbased.c
--- openssh-6.2p1/auth2-hostbased.c.fingerprint 2010-08-05 05:04:50.000000000 +0200
+++ openssh-6.2p1/auth2-hostbased.c 2013-03-22 12:20:49.009685008 +0100
@@ -196,16 +196,18 @@ hostbased_key_allowed(struct passwd *pw,
diff -up openssh-6.3p1/auth-rsa.c.fingerprint openssh-6.3p1/auth-rsa.c
diff -up openssh-6.3p1/auth.c.fingerprint openssh-6.3p1/auth.c
--- openssh-6.3p1/auth.c.fingerprint 2013-10-07 14:02:36.998968153 +0200
+++ openssh-6.3p1/auth.c 2013-10-07 15:42:05.243812405 +0200
@@ -685,9 +685,10 @@ auth_key_is_revoked(Key *key)
case 1:
revoked:
/* Key revoked */
- key_fp = key_fingerprint(key, SSH_FP_MD5, SSH_FP_HEX);
+ key_fp = key_selected_fingerprint(key, SSH_FP_HEX);
error("WARNING: authentication attempt with a revoked "
- "%s key %s ", key_type(key), key_fp);
+ "%s key %s%s ", key_type(key),
+ key_fingerprint_prefix(), key_fp);
free(key_fp);
return 1;
}
diff -up openssh-6.3p1/auth2-hostbased.c.fingerprint openssh-6.3p1/auth2-hostbased.c
--- openssh-6.3p1/auth2-hostbased.c.fingerprint 2013-10-07 14:02:36.998968153 +0200
+++ openssh-6.3p1/auth2-hostbased.c 2013-10-07 15:43:49.747355927 +0200
@@ -200,16 +200,18 @@ hostbased_key_allowed(struct passwd *pw,
if (host_status == HOST_OK) {
if (key_is_cert(key)) {
- fp = key_fingerprint(key->cert->signature_key,
- SSH_FP_MD5, SSH_FP_HEX);
+ fp = key_selected_fingerprint(key->cert->signature_key,
+ SSH_FP_HEX);
+ SSH_FP_HEX);
verbose("Accepted certificate ID \"%s\" signed by "
- "%s CA %s from %s@%s", key->cert->key_id,
- key_type(key->cert->signature_key), fp,
@ -25,12 +42,12 @@ diff -up openssh-6.2p1/auth2-hostbased.c.fingerprint openssh-6.2p1/auth2-hostbas
+ key_type(key), key_fingerprint_prefix(),
+ fp, cuser, lookup);
}
xfree(fp);
free(fp);
}
diff -up openssh-6.2p1/auth2-pubkey.c.fingerprint openssh-6.2p1/auth2-pubkey.c
--- openssh-6.2p1/auth2-pubkey.c.fingerprint 2013-02-15 00:28:56.000000000 +0100
+++ openssh-6.2p1/auth2-pubkey.c 2013-03-22 12:20:49.009685008 +0100
@@ -317,10 +317,10 @@ check_authkeys_file(FILE *f, char *file,
diff -up openssh-6.3p1/auth2-pubkey.c.fingerprint openssh-6.3p1/auth2-pubkey.c
--- openssh-6.3p1/auth2-pubkey.c.fingerprint 2013-07-18 08:10:10.000000000 +0200
+++ openssh-6.3p1/auth2-pubkey.c 2013-10-07 15:50:44.617495624 +0200
@@ -359,10 +359,10 @@ check_authkeys_file(FILE *f, char *file,
continue;
if (!key_is_cert_authority)
continue;
@ -45,20 +62,20 @@ diff -up openssh-6.2p1/auth2-pubkey.c.fingerprint openssh-6.2p1/auth2-pubkey.c
/*
* If the user has specified a list of principals as
* a key option, then prefer that list to matching
@@ -360,9 +360,9 @@ check_authkeys_file(FILE *f, char *file,
@@ -400,9 +400,9 @@ check_authkeys_file(FILE *f, char *file,
if (key_is_cert_authority)
continue;
found_key = 1;
debug("matching key found: file %s, line %lu",
file, linenum);
- fp = key_fingerprint(found, SSH_FP_MD5, SSH_FP_HEX);
- verbose("Found matching %s key: %s",
- key_type(found), fp);
- debug("matching key found: file %s, line %lu %s %s",
- file, linenum, key_type(found), fp);
+ fp = key_selected_fingerprint(found, SSH_FP_HEX);
+ verbose("Found matching %s key: %s%s",
+ key_type(found), key_fingerprint_prefix(), fp);
xfree(fp);
free(fp);
break;
}
@@ -384,13 +384,13 @@ user_cert_trusted_ca(struct passwd *pw,
@@ -425,13 +425,13 @@ user_cert_trusted_ca(struct passwd *pw,
if (!key_is_cert(key) || options.trusted_user_ca_keys == NULL)
return 0;
@ -76,42 +93,10 @@ diff -up openssh-6.2p1/auth2-pubkey.c.fingerprint openssh-6.2p1/auth2-pubkey.c
options.trusted_user_ca_keys);
goto out;
}
diff -up openssh-6.2p1/auth.c.fingerprint openssh-6.2p1/auth.c
--- openssh-6.2p1/auth.c.fingerprint 2013-03-12 01:31:05.000000000 +0100
+++ openssh-6.2p1/auth.c 2013-03-22 12:22:32.515230386 +0100
@@ -663,9 +663,10 @@ auth_key_is_revoked(Key *key)
case 1:
revoked:
/* Key revoked */
- key_fp = key_fingerprint(key, SSH_FP_MD5, SSH_FP_HEX);
+ key_fp = key_selected_fingerprint(key, SSH_FP_HEX);
error("WARNING: authentication attempt with a revoked "
- "%s key %s ", key_type(key), key_fp);
+ "%s key %s%s ", key_type(key),
+ key_fingerprint_prefix(), key_fp);
xfree(key_fp);
return 1;
}
diff -up openssh-6.2p1/auth-rsa.c.fingerprint openssh-6.2p1/auth-rsa.c
--- openssh-6.2p1/auth-rsa.c.fingerprint 2012-10-30 22:58:59.000000000 +0100
+++ openssh-6.2p1/auth-rsa.c 2013-03-22 12:20:49.011684999 +0100
@@ -328,9 +328,9 @@ auth_rsa(Authctxt *authctxt, BIGNUM *cli
* options; this will be reset if the options cause the
* authentication to be rejected.
*/
- fp = key_fingerprint(key, SSH_FP_MD5, SSH_FP_HEX);
- verbose("Found matching %s key: %s",
- key_type(key), fp);
+ fp = key_selected_fingerprint(key, SSH_FP_HEX);
+ verbose("Found matching %s key: %s%s",
+ key_type(key), key_fingerprint_prefix(), fp);
xfree(fp);
key_free(key);
diff -up openssh-6.2p1/key.c.fingerprint openssh-6.2p1/key.c
--- openssh-6.2p1/key.c.fingerprint 2013-03-22 12:20:48.971685175 +0100
+++ openssh-6.2p1/key.c 2013-03-22 12:20:49.012684995 +0100
@@ -599,6 +599,34 @@ key_fingerprint(Key *k, enum fp_type dgs
diff -up openssh-6.3p1/key.c.fingerprint openssh-6.3p1/key.c
--- openssh-6.3p1/key.c.fingerprint 2013-10-07 14:02:36.971968285 +0200
+++ openssh-6.3p1/key.c 2013-10-07 14:02:36.999968148 +0200
@@ -598,6 +598,34 @@ key_fingerprint(const Key *k, enum fp_ty
return retval;
}
@ -146,12 +131,12 @@ diff -up openssh-6.2p1/key.c.fingerprint openssh-6.2p1/key.c
/*
* Reads a multiple-precision integer in decimal from the buffer, and advances
* the pointer. The integer must already be initialized. This function is
diff -up openssh-6.2p1/key.h.fingerprint openssh-6.2p1/key.h
--- openssh-6.2p1/key.h.fingerprint 2013-01-18 01:44:05.000000000 +0100
+++ openssh-6.2p1/key.h 2013-03-22 12:23:35.308954528 +0100
diff -up openssh-6.3p1/key.h.fingerprint openssh-6.3p1/key.h
--- openssh-6.3p1/key.h.fingerprint 2013-10-07 14:02:36.999968148 +0200
+++ openssh-6.3p1/key.h 2013-10-07 15:44:17.574233450 +0200
@@ -97,6 +97,9 @@ int key_equal_public(const Key *, cons
int key_equal(const Key *, const Key *);
char *key_fingerprint(Key *, enum fp_type, enum fp_rep);
char *key_fingerprint(const Key *, enum fp_type, enum fp_rep);
u_char *key_fingerprint_raw(const Key *, enum fp_type, u_int *);
+enum fp_type key_fingerprint_selection(void);
+char *key_selected_fingerprint(Key *, enum fp_rep);
@ -159,9 +144,9 @@ diff -up openssh-6.2p1/key.h.fingerprint openssh-6.2p1/key.h
const char *key_type(const Key *);
const char *key_cert_type(const Key *);
int key_write(const Key *, FILE *);
diff -up openssh-6.2p1/ssh-add.c.fingerprint openssh-6.2p1/ssh-add.c
--- openssh-6.2p1/ssh-add.c.fingerprint 2012-12-07 03:07:03.000000000 +0100
+++ openssh-6.2p1/ssh-add.c 2013-03-22 12:20:49.029684920 +0100
diff -up openssh-6.3p1/ssh-add.c.fingerprint openssh-6.3p1/ssh-add.c
--- openssh-6.3p1/ssh-add.c.fingerprint 2013-10-07 14:02:37.000968143 +0200
+++ openssh-6.3p1/ssh-add.c 2013-10-07 14:44:57.466515766 +0200
@@ -326,10 +326,10 @@ list_identities(AuthenticationConnection
key = ssh_get_next_identity(ac, &comment, version)) {
had_identities = 1;
@ -174,13 +159,13 @@ diff -up openssh-6.2p1/ssh-add.c.fingerprint openssh-6.2p1/ssh-add.c
+ printf("%d %s%s %s (%s)\n",
+ key_size(key), key_fingerprint_prefix(),
+ fp, comment, key_type(key));
xfree(fp);
free(fp);
} else {
if (!key_write(key, stdout))
diff -up openssh-6.2p1/ssh-agent.c.fingerprint openssh-6.2p1/ssh-agent.c
--- openssh-6.2p1/ssh-agent.c.fingerprint 2013-03-22 12:20:48.979685140 +0100
+++ openssh-6.2p1/ssh-agent.c 2013-03-22 12:20:49.030684916 +0100
@@ -199,9 +199,9 @@ confirm_key(Identity *id)
diff -up openssh-6.3p1/ssh-agent.c.fingerprint openssh-6.3p1/ssh-agent.c
--- openssh-6.3p1/ssh-agent.c.fingerprint 2013-10-07 14:02:37.000968143 +0200
+++ openssh-6.3p1/ssh-agent.c 2013-10-07 15:41:11.627044336 +0200
@@ -198,9 +198,9 @@ confirm_key(Identity *id)
char *p;
int ret = -1;
@ -191,134 +176,11 @@ diff -up openssh-6.2p1/ssh-agent.c.fingerprint openssh-6.2p1/ssh-agent.c
+ if (ask_permission("Allow use of key %s?\nKey fingerprint %s%s.",
+ id->comment, key_fingerprint_prefix(), p))
ret = 0;
xfree(p);
free(p);
diff -up openssh-6.2p1/sshconnect2.c.fingerprint openssh-6.2p1/sshconnect2.c
--- openssh-6.2p1/sshconnect2.c.fingerprint 2013-03-20 02:55:15.000000000 +0100
+++ openssh-6.2p1/sshconnect2.c 2013-03-22 12:20:49.031684912 +0100
@@ -592,8 +592,9 @@ input_userauth_pk_ok(int type, u_int32_t
key->type, pktype);
goto done;
}
- fp = key_fingerprint(key, SSH_FP_MD5, SSH_FP_HEX);
- debug2("input_userauth_pk_ok: fp %s", fp);
+ fp = key_selected_fingerprint(key, SSH_FP_HEX);
+ debug2("input_userauth_pk_ok: fp %s%s",
+ key_fingerprint_prefix(), fp);
xfree(fp);
/*
@@ -1205,8 +1206,9 @@ sign_and_send_pubkey(Authctxt *authctxt,
int have_sig = 1;
char *fp;
- fp = key_fingerprint(id->key, SSH_FP_MD5, SSH_FP_HEX);
- debug3("sign_and_send_pubkey: %s %s", key_type(id->key), fp);
+ fp = key_selected_fingerprint(id->key, SSH_FP_HEX);
+ debug3("sign_and_send_pubkey: %s %s%s", key_type(id->key),
+ key_fingerprint_prefix(), fp);
xfree(fp);
if (key_to_blob(id->key, &blob, &bloblen) == 0) {
diff -up openssh-6.2p1/sshconnect.c.fingerprint openssh-6.2p1/sshconnect.c
--- openssh-6.2p1/sshconnect.c.fingerprint 2012-09-17 05:25:44.000000000 +0200
+++ openssh-6.2p1/sshconnect.c 2013-03-22 12:20:49.032684907 +0100
@@ -824,10 +824,10 @@ check_host_key(char *hostname, struct so
"key for IP address '%.128s' to the list "
"of known hosts.", type, ip);
} else if (options.visual_host_key) {
- fp = key_fingerprint(host_key, SSH_FP_MD5, SSH_FP_HEX);
- ra = key_fingerprint(host_key, SSH_FP_MD5,
- SSH_FP_RANDOMART);
- logit("Host key fingerprint is %s\n%s\n", fp, ra);
+ fp = key_selected_fingerprint(host_key, SSH_FP_HEX);
+ ra = key_selected_fingerprint(host_key, SSH_FP_RANDOMART);
+ logit("Host key fingerprint is %s%s\n%s\n",
+ key_fingerprint_prefix(), fp, ra);
xfree(ra);
xfree(fp);
}
@@ -865,9 +865,8 @@ check_host_key(char *hostname, struct so
else
snprintf(msg1, sizeof(msg1), ".");
/* The default */
- fp = key_fingerprint(host_key, SSH_FP_MD5, SSH_FP_HEX);
- ra = key_fingerprint(host_key, SSH_FP_MD5,
- SSH_FP_RANDOMART);
+ fp = key_selected_fingerprint(host_key, SSH_FP_HEX);
+ ra = key_selected_fingerprint(host_key, SSH_FP_RANDOMART);
msg2[0] = '\0';
if (options.verify_host_key_dns) {
if (matching_host_key_dns)
@@ -882,10 +881,11 @@ check_host_key(char *hostname, struct so
snprintf(msg, sizeof(msg),
"The authenticity of host '%.200s (%s)' can't be "
"established%s\n"
- "%s key fingerprint is %s.%s%s\n%s"
+ "%s key fingerprint is %s%s.%s%s\n%s"
"Are you sure you want to continue connecting "
"(yes/no)? ",
- host, ip, msg1, type, fp,
+ host, ip, msg1, type,
+ key_fingerprint_prefix(), fp,
options.visual_host_key ? "\n" : "",
options.visual_host_key ? ra : "",
msg2);
@@ -1130,8 +1130,9 @@ verify_host_key(char *host, struct socka
int flags = 0;
char *fp;
- fp = key_fingerprint(host_key, SSH_FP_MD5, SSH_FP_HEX);
- debug("Server host key: %s %s", key_type(host_key), fp);
+ fp = key_selected_fingerprint(host_key, SSH_FP_HEX);
+ debug("Server host key: %s %s%s", key_type(host_key),
+ key_fingerprint_prefix(), fp);
xfree(fp);
/* XXX certs are not yet supported for DNS */
@@ -1232,14 +1233,15 @@ show_other_keys(struct hostkeys *hostkey
continue;
if (!lookup_key_in_hostkeys_by_type(hostkeys, type[i], &found))
continue;
- fp = key_fingerprint(found->key, SSH_FP_MD5, SSH_FP_HEX);
- ra = key_fingerprint(found->key, SSH_FP_MD5, SSH_FP_RANDOMART);
+ fp = key_selected_fingerprint(found->key, SSH_FP_HEX);
+ ra = key_selected_fingerprint(found->key, SSH_FP_RANDOMART);
logit("WARNING: %s key found for host %s\n"
"in %s:%lu\n"
- "%s key fingerprint %s.",
+ "%s key fingerprint %s%s.",
key_type(found->key),
found->host, found->file, found->line,
- key_type(found->key), fp);
+ key_type(found->key),
+ key_fingerprint_prefix(), fp);
if (options.visual_host_key)
logit("%s", ra);
xfree(ra);
@@ -1254,7 +1256,7 @@ warn_changed_key(Key *host_key)
{
char *fp;
- fp = key_fingerprint(host_key, SSH_FP_MD5, SSH_FP_HEX);
+ fp = key_selected_fingerprint(host_key, SSH_FP_HEX);
error("@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@");
error("@ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @");
@@ -1262,8 +1264,8 @@ warn_changed_key(Key *host_key)
error("IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!");
error("Someone could be eavesdropping on you right now (man-in-the-middle attack)!");
error("It is also possible that a host key has just been changed.");
- error("The fingerprint for the %s key sent by the remote host is\n%s.",
- key_type(host_key), fp);
+ error("The fingerprint for the %s key sent by the remote host is\n%s%s.",
+ key_type(host_key),key_fingerprint_prefix(), fp);
error("Please contact your system administrator.");
xfree(fp);
diff -up openssh-6.2p1/ssh-keygen.c.fingerprint openssh-6.2p1/ssh-keygen.c
--- openssh-6.2p1/ssh-keygen.c.fingerprint 2013-02-12 01:03:36.000000000 +0100
+++ openssh-6.2p1/ssh-keygen.c 2013-03-22 12:20:49.033684903 +0100
diff -up openssh-6.3p1/ssh-keygen.c.fingerprint openssh-6.3p1/ssh-keygen.c
--- openssh-6.3p1/ssh-keygen.c.fingerprint 2013-07-20 05:22:32.000000000 +0200
+++ openssh-6.3p1/ssh-keygen.c 2013-10-07 14:25:52.864145038 +0200
@@ -767,13 +767,14 @@ do_fingerprint(struct passwd *pw)
{
FILE *f;
@ -378,7 +240,7 @@ diff -up openssh-6.2p1/ssh-keygen.c.fingerprint openssh-6.2p1/ssh-keygen.c
key_type(public));
if (log_level >= SYSLOG_LEVEL_VERBOSE)
printf("%s\n", ra);
@@ -1854,16 +1857,17 @@ do_show_cert(struct passwd *pw)
@@ -1855,16 +1858,17 @@ do_show_cert(struct passwd *pw)
fatal("%s is not a certificate", identity_file);
v00 = key->type == KEY_RSA_CERT_V00 || key->type == KEY_DSA_CERT_V00;
@ -402,7 +264,7 @@ diff -up openssh-6.2p1/ssh-keygen.c.fingerprint openssh-6.2p1/ssh-keygen.c
printf(" Key ID: \"%s\"\n", key->cert->key_id);
if (!v00) {
printf(" Serial: %llu\n",
@@ -2651,13 +2655,12 @@ passphrase_again:
@@ -2655,13 +2659,12 @@ passphrase_again:
fclose(f);
if (!quiet) {
@ -418,4 +280,127 @@ diff -up openssh-6.2p1/ssh-keygen.c.fingerprint openssh-6.2p1/ssh-keygen.c
+ printf("%s%s %s\n", key_fingerprint_prefix(), fp, comment);
printf("The key's randomart image is:\n");
printf("%s\n", ra);
xfree(ra);
free(ra);
diff -up openssh-6.3p1/sshconnect.c.fingerprint openssh-6.3p1/sshconnect.c
--- openssh-6.3p1/sshconnect.c.fingerprint 2013-06-01 23:31:19.000000000 +0200
+++ openssh-6.3p1/sshconnect.c 2013-10-07 14:43:54.859822036 +0200
@@ -830,10 +830,10 @@ check_host_key(char *hostname, struct so
"key for IP address '%.128s' to the list "
"of known hosts.", type, ip);
} else if (options.visual_host_key) {
- fp = key_fingerprint(host_key, SSH_FP_MD5, SSH_FP_HEX);
- ra = key_fingerprint(host_key, SSH_FP_MD5,
- SSH_FP_RANDOMART);
- logit("Host key fingerprint is %s\n%s\n", fp, ra);
+ fp = key_selected_fingerprint(host_key, SSH_FP_HEX);
+ ra = key_selected_fingerprint(host_key, SSH_FP_RANDOMART);
+ logit("Host key fingerprint is %s%s\n%s\n",
+ key_fingerprint_prefix(), fp, ra);
free(ra);
free(fp);
}
@@ -871,9 +871,8 @@ check_host_key(char *hostname, struct so
else
snprintf(msg1, sizeof(msg1), ".");
/* The default */
- fp = key_fingerprint(host_key, SSH_FP_MD5, SSH_FP_HEX);
- ra = key_fingerprint(host_key, SSH_FP_MD5,
- SSH_FP_RANDOMART);
+ fp = key_selected_fingerprint(host_key, SSH_FP_HEX);
+ ra = key_selected_fingerprint(host_key, SSH_FP_RANDOMART);
msg2[0] = '\0';
if (options.verify_host_key_dns) {
if (matching_host_key_dns)
@@ -888,10 +887,11 @@ check_host_key(char *hostname, struct so
snprintf(msg, sizeof(msg),
"The authenticity of host '%.200s (%s)' can't be "
"established%s\n"
- "%s key fingerprint is %s.%s%s\n%s"
+ "%s key fingerprint is %s%s.%s%s\n%s"
"Are you sure you want to continue connecting "
"(yes/no)? ",
- host, ip, msg1, type, fp,
+ host, ip, msg1, type,
+ key_fingerprint_prefix(), fp,
options.visual_host_key ? "\n" : "",
options.visual_host_key ? ra : "",
msg2);
@@ -1136,8 +1136,9 @@ verify_host_key(char *host, struct socka
int flags = 0;
char *fp;
- fp = key_fingerprint(host_key, SSH_FP_MD5, SSH_FP_HEX);
- debug("Server host key: %s %s", key_type(host_key), fp);
+ fp = key_selected_fingerprint(host_key, SSH_FP_HEX);
+ debug("Server host key: %s %s%s", key_type(host_key),
+ key_fingerprint_prefix(), fp);
free(fp);
/* XXX certs are not yet supported for DNS */
@@ -1238,14 +1239,15 @@ show_other_keys(struct hostkeys *hostkey
continue;
if (!lookup_key_in_hostkeys_by_type(hostkeys, type[i], &found))
continue;
- fp = key_fingerprint(found->key, SSH_FP_MD5, SSH_FP_HEX);
- ra = key_fingerprint(found->key, SSH_FP_MD5, SSH_FP_RANDOMART);
+ fp = key_selected_fingerprint(found->key, SSH_FP_HEX);
+ ra = key_selected_fingerprint(found->key, SSH_FP_RANDOMART);
logit("WARNING: %s key found for host %s\n"
"in %s:%lu\n"
- "%s key fingerprint %s.",
+ "%s key fingerprint %s%s.",
key_type(found->key),
found->host, found->file, found->line,
- key_type(found->key), fp);
+ key_type(found->key),
+ key_fingerprint_prefix(), fp);
if (options.visual_host_key)
logit("%s", ra);
free(ra);
@@ -1260,7 +1262,7 @@ warn_changed_key(Key *host_key)
{
char *fp;
- fp = key_fingerprint(host_key, SSH_FP_MD5, SSH_FP_HEX);
+ fp = key_selected_fingerprint(host_key, SSH_FP_HEX);
error("@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@");
error("@ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @");
@@ -1268,8 +1270,8 @@ warn_changed_key(Key *host_key)
error("IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!");
error("Someone could be eavesdropping on you right now (man-in-the-middle attack)!");
error("It is also possible that a host key has just been changed.");
- error("The fingerprint for the %s key sent by the remote host is\n%s.",
- key_type(host_key), fp);
+ error("The fingerprint for the %s key sent by the remote host is\n%s%s.",
+ key_type(host_key),key_fingerprint_prefix(), fp);
error("Please contact your system administrator.");
free(fp);
diff -up openssh-6.3p1/sshconnect2.c.fingerprint openssh-6.3p1/sshconnect2.c
--- openssh-6.3p1/sshconnect2.c.fingerprint 2013-10-07 14:02:37.001968139 +0200
+++ openssh-6.3p1/sshconnect2.c 2013-10-07 15:20:09.403234714 +0200
@@ -590,8 +590,9 @@ input_userauth_pk_ok(int type, u_int32_t
key->type, pktype);
goto done;
}
- fp = key_fingerprint(key, SSH_FP_MD5, SSH_FP_HEX);
- debug2("input_userauth_pk_ok: fp %s", fp);
+ fp = key_selected_fingerprint(key, SSH_FP_HEX);
+ debug2("input_userauth_pk_ok: fp %s%s",
+ key_fingerprint_prefix(), fp);
free(fp);
/*
@@ -1202,8 +1203,9 @@ sign_and_send_pubkey(Authctxt *authctxt,
int have_sig = 1;
char *fp;
- fp = key_fingerprint(id->key, SSH_FP_MD5, SSH_FP_HEX);
- debug3("sign_and_send_pubkey: %s %s", key_type(id->key), fp);
+ fp = key_selected_fingerprint(id->key, SSH_FP_HEX);
+ debug3("sign_and_send_pubkey: %s %s%s", key_type(id->key),
+ key_fingerprint_prefix(), fp);
free(fp);
if (key_to_blob(id->key, &blob, &bloblen) == 0) {

343
openssh-6.2p1-fips.patch → openssh-6.3p1-fips.patch
View File

@ -1,6 +1,50 @@
diff -up openssh-6.2p1/authfile.c.fips openssh-6.2p1/authfile.c
--- openssh-6.2p1/authfile.c.fips 2013-03-27 13:14:49.164683482 +0100
+++ openssh-6.2p1/authfile.c 2013-03-27 13:14:49.177683431 +0100
diff -up openssh-6.3p1/Makefile.in.fips openssh-6.3p1/Makefile.in
--- openssh-6.3p1/Makefile.in.fips 2013-10-11 22:24:32.850031186 +0200
+++ openssh-6.3p1/Makefile.in 2013-10-11 22:24:32.870031092 +0200
@@ -147,25 +147,25 @@ libssh.a: $(LIBSSH_OBJS)
$(RANLIB) $@
ssh$(EXEEXT): $(LIBCOMPAT) libssh.a $(SSHOBJS)
- $(LD) -o $@ $(SSHOBJS) $(LDFLAGS) -lssh -lopenbsd-compat $(SSHLIBS) $(LIBS) $(GSSLIBS)
+ $(LD) -o $@ $(SSHOBJS) $(LDFLAGS) -lssh -lopenbsd-compat -lfipscheck $(SSHLIBS) $(LIBS) $(GSSLIBS)
sshd$(EXEEXT): libssh.a $(LIBCOMPAT) $(SSHDOBJS)
- $(LD) -o $@ $(SSHDOBJS) $(LDFLAGS) -lssh -lopenbsd-compat $(SSHDLIBS) $(LIBS) $(GSSLIBS) $(K5LIBS)
+ $(LD) -o $@ $(SSHDOBJS) $(LDFLAGS) -lssh -lopenbsd-compat -lfipscheck $(SSHDLIBS) $(LIBS) $(GSSLIBS) $(K5LIBS)
scp$(EXEEXT): $(LIBCOMPAT) libssh.a scp.o progressmeter.o
$(LD) -o $@ scp.o progressmeter.o bufaux.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS)
ssh-add$(EXEEXT): $(LIBCOMPAT) libssh.a ssh-add.o
- $(LD) -o $@ ssh-add.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS)
+ $(LD) -o $@ ssh-add.o $(LDFLAGS) -lssh -lopenbsd-compat -lfipscheck $(LIBS)
ssh-agent$(EXEEXT): $(LIBCOMPAT) libssh.a ssh-agent.o ssh-pkcs11-client.o
- $(LD) -o $@ ssh-agent.o ssh-pkcs11-client.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS)
+ $(LD) -o $@ ssh-agent.o ssh-pkcs11-client.o $(LDFLAGS) -lssh -lopenbsd-compat -lfipscheck $(LIBS)
ssh-keygen$(EXEEXT): $(LIBCOMPAT) libssh.a ssh-keygen.o
- $(LD) -o $@ ssh-keygen.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS)
+ $(LD) -o $@ ssh-keygen.o $(LDFLAGS) -lssh -lopenbsd-compat -lfipscheck $(LIBS)
ssh-keysign$(EXEEXT): $(LIBCOMPAT) libssh.a ssh-keysign.o roaming_dummy.o readconf.o
- $(LD) -o $@ ssh-keysign.o readconf.o roaming_dummy.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS)
+ $(LD) -o $@ ssh-keysign.o readconf.o roaming_dummy.o $(LDFLAGS) -lssh -lopenbsd-compat -lfipscheck $(LIBS)
ssh-pkcs11-helper$(EXEEXT): $(LIBCOMPAT) libssh.a ssh-pkcs11-helper.o ssh-pkcs11.o
$(LD) -o $@ ssh-pkcs11-helper.o ssh-pkcs11.o $(LDFLAGS) -lssh -lopenbsd-compat -lssh -lopenbsd-compat $(LIBS)
@@ -177,7 +177,7 @@ ssh-keycat$(EXEEXT): $(LIBCOMPAT) libssh
$(LD) -o $@ ssh-keycat.o $(LDFLAGS) -lssh -lopenbsd-compat -lssh -lfipscheck $(SSHDLIBS)
ssh-keyscan$(EXEEXT): $(LIBCOMPAT) libssh.a ssh-keyscan.o roaming_dummy.o
- $(LD) -o $@ ssh-keyscan.o roaming_dummy.o $(LDFLAGS) -lssh -lopenbsd-compat -lssh $(LIBS)
+ $(LD) -o $@ ssh-keyscan.o roaming_dummy.o $(LDFLAGS) -lssh -lopenbsd-compat -lssh -lfipscheck $(LIBS)
sftp-server$(EXEEXT): $(LIBCOMPAT) libssh.a sftp.o sftp-common.o sftp-server.o sftp-server-main.o
$(LD) -o $@ sftp-server.o sftp-common.o sftp-server-main.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS)
diff -up openssh-6.3p1/authfile.c.fips openssh-6.3p1/authfile.c
--- openssh-6.3p1/authfile.c.fips 2013-10-11 22:24:32.857031153 +0200
+++ openssh-6.3p1/authfile.c 2013-10-11 22:24:32.870031092 +0200
@@ -148,8 +148,14 @@ key_private_rsa1_to_blob(Key *key, Buffe
/* Allocate space for the private part of the key in the buffer. */
cp = buffer_append_space(&encrypted, buffer_len(&buffer));
@ -34,9 +78,22 @@ diff -up openssh-6.2p1/authfile.c.fips openssh-6.2p1/authfile.c
cipher_crypt(&ciphercontext, cp,
buffer_ptr(&copy), buffer_len(&copy), 0, 0);
cipher_cleanup(&ciphercontext);
diff -up openssh-6.2p1/cipher.c.fips openssh-6.2p1/cipher.c
--- openssh-6.2p1/cipher.c.fips 2013-03-27 13:14:49.087683788 +0100
+++ openssh-6.2p1/cipher.c 2013-03-27 13:14:49.177683431 +0100
diff -up openssh-6.3p1/cipher-ctr.c.fips openssh-6.3p1/cipher-ctr.c
--- openssh-6.3p1/cipher-ctr.c.fips 2013-06-02 00:07:32.000000000 +0200
+++ openssh-6.3p1/cipher-ctr.c 2013-10-11 22:24:32.870031092 +0200
@@ -138,7 +138,8 @@ evp_aes_128_ctr(void)
aes_ctr.do_cipher = ssh_aes_ctr;
#ifndef SSH_OLD_EVP
aes_ctr.flags = EVP_CIPH_CBC_MODE | EVP_CIPH_VARIABLE_LENGTH |
- EVP_CIPH_ALWAYS_CALL_INIT | EVP_CIPH_CUSTOM_IV;
+ EVP_CIPH_ALWAYS_CALL_INIT | EVP_CIPH_CUSTOM_IV |
+ EVP_CIPH_FLAG_FIPS;
#endif
return (&aes_ctr);
}
diff -up openssh-6.3p1/cipher.c.fips openssh-6.3p1/cipher.c
--- openssh-6.3p1/cipher.c.fips 2013-10-11 22:24:32.820031327 +0200
+++ openssh-6.3p1/cipher.c 2013-10-11 22:24:32.871031087 +0200
@@ -40,6 +40,7 @@
#include <sys/types.h>
@ -45,54 +102,63 @@ diff -up openssh-6.2p1/cipher.c.fips openssh-6.2p1/cipher.c
#include <string.h>
#include <stdarg.h>
@@ -89,6 +90,27 @@ struct Cipher ciphers[] = {
@@ -86,6 +87,27 @@ static const struct Cipher ciphers[] = {
{ NULL, SSH_CIPHER_INVALID, 0, 0, 0, 0, 0, 0, NULL }
};
+struct Cipher fips_ciphers[] = {
+ { "none", SSH_CIPHER_NONE, 8, 0, 0, 0, 0, 0, EVP_enc_null },
+ { "3des", SSH_CIPHER_3DES, 8, 16, 0, 0, 0, 1, evp_ssh1_3des },
+
+ { "3des-cbc", SSH_CIPHER_SSH2, 8, 24, 0, 0, 0, 1, EVP_des_ede3_cbc },
+ { "aes128-cbc", SSH_CIPHER_SSH2, 16, 16, 0, 0, 0, 1, EVP_aes_128_cbc },
+ { "aes192-cbc", SSH_CIPHER_SSH2, 16, 24, 0, 0, 0, 1, EVP_aes_192_cbc },
+ { "aes256-cbc", SSH_CIPHER_SSH2, 16, 32, 0, 0, 0, 1, EVP_aes_256_cbc },
+static const struct Cipher fips_ciphers[] = {
+ { "none", SSH_CIPHER_NONE, 8, 0, 0, 0, 0, 0, EVP_enc_null },
+ { "des", SSH_CIPHER_DES, 8, 8, 0, 0, 0, 1, EVP_des_cbc },
+ { "3des", SSH_CIPHER_3DES, 8, 16, 0, 0, 0, 1, evp_ssh1_3des },
+ { "3des-cbc", SSH_CIPHER_SSH2, 8, 24, 0, 0, 0, 1, EVP_des_ede3_cbc },
+ { "aes128-cbc", SSH_CIPHER_SSH2, 16, 16, 0, 0, 0, 1, EVP_aes_128_cbc },
+ { "aes192-cbc", SSH_CIPHER_SSH2, 16, 24, 0, 0, 0, 1, EVP_aes_192_cbc },
+ { "aes256-cbc", SSH_CIPHER_SSH2, 16, 32, 0, 0, 0, 1, EVP_aes_256_cbc },
+ { "rijndael-cbc@lysator.liu.se",
+ SSH_CIPHER_SSH2, 16, 32, 0, 0, 0, 1, EVP_aes_256_cbc },
+ { "aes128-ctr", SSH_CIPHER_SSH2, 16, 16, 0, 0, 0, 0, EVP_aes_128_ctr },
+ { "aes192-ctr", SSH_CIPHER_SSH2, 16, 24, 0, 0, 0, 0, EVP_aes_128_ctr },
+ { "aes256-ctr", SSH_CIPHER_SSH2, 16, 32, 0, 0, 0, 0, EVP_aes_128_ctr },
+ SSH_CIPHER_SSH2, 16, 32, 0, 0, 0, 1, EVP_aes_256_cbc },
+ { "aes128-ctr", SSH_CIPHER_SSH2, 16, 16, 0, 0, 0, 0, EVP_aes_128_ctr },
+ { "aes192-ctr", SSH_CIPHER_SSH2, 16, 24, 0, 0, 0, 0, EVP_aes_192_ctr },
+ { "aes256-ctr", SSH_CIPHER_SSH2, 16, 32, 0, 0, 0, 0, EVP_aes_256_ctr },
+#ifdef OPENSSL_HAVE_EVPGCM
+ { "aes128-gcm@openssh.com",
+ SSH_CIPHER_SSH2, 16, 16, 12, 16, 0, 0, EVP_aes_128_gcm },
+ { "aes256-gcm@openssh.com",
+ SSH_CIPHER_SSH2, 16, 32, 12, 16, 0, 0, EVP_aes_256_gcm },
+#endif
+ { NULL, SSH_CIPHER_INVALID, 0, 0, 0, 0, 0, NULL }
+ { NULL, SSH_CIPHER_INVALID, 0, 0, 0, 0, 0, 0, NULL }
+};
/*--*/
u_int
@@ -143,7 +165,7 @@ Cipher *
/* Returns a comma-separated list of supported ciphers. */
@@ -96,7 +118,7 @@ cipher_alg_list(void)
size_t nlen, rlen = 0;
const Cipher *c;
- for (c = ciphers; c->name != NULL; c++) {
+ for (c = FIPS_mode() ? fips_ciphers : ciphers; c->name != NULL; c++) {
if (c->number != SSH_CIPHER_SSH2)
continue;
if (ret != NULL)
@@ -161,7 +183,7 @@ const Cipher *
cipher_by_name(const char *name)
{
Cipher *c;
const Cipher *c;
- for (c = ciphers; c->name != NULL; c++)
+ for (c = FIPS_mode() ? fips_ciphers : ciphers; c->name != NULL; c++)
if (strcmp(c->name, name) == 0)
return c;
return NULL;
@@ -153,7 +175,7 @@ Cipher *
@@ -171,7 +193,7 @@ const Cipher *
cipher_by_number(int id)
{
Cipher *c;
const Cipher *c;
- for (c = ciphers; c->name != NULL; c++)
+ for (c = FIPS_mode() ? fips_ciphers : ciphers; c->name != NULL; c++)
if (c->number == id)
return c;
return NULL;
@@ -197,7 +219,7 @@ cipher_number(const char *name)
Cipher *c;
@@ -215,7 +237,7 @@ cipher_number(const char *name)
const Cipher *c;
if (name == NULL)
return -1;
- for (c = ciphers; c->name != NULL; c++)
@ -100,13 +166,13 @@ diff -up openssh-6.2p1/cipher.c.fips openssh-6.2p1/cipher.c
if (strcasecmp(c->name, name) == 0)
return c->number;
return -1;
@@ -356,14 +378,15 @@ cipher_cleanup(CipherContext *cc)
@@ -374,14 +396,15 @@ cipher_cleanup(CipherContext *cc)
* passphrase and using the resulting 16 bytes as the key.
*/
-void
+int
cipher_set_key_string(CipherContext *cc, Cipher *cipher,
cipher_set_key_string(CipherContext *cc, const Cipher *cipher,
const char *passphrase, int do_encrypt)
{
MD5_CTX md;
@ -118,7 +184,7 @@ diff -up openssh-6.2p1/cipher.c.fips openssh-6.2p1/cipher.c
MD5_Update(&md, (const u_char *)passphrase, strlen(passphrase));
MD5_Final(digest, &md);
@@ -371,6 +394,7 @@ cipher_set_key_string(CipherContext *cc,
@@ -389,6 +412,7 @@ cipher_set_key_string(CipherContext *cc,
memset(digest, 0, sizeof(digest));
memset(&md, 0, sizeof(md));
@ -126,34 +192,21 @@ diff -up openssh-6.2p1/cipher.c.fips openssh-6.2p1/cipher.c
}
/*
diff -up openssh-6.2p1/cipher-ctr.c.fips openssh-6.2p1/cipher-ctr.c
--- openssh-6.2p1/cipher-ctr.c.fips 2013-01-20 12:31:30.000000000 +0100
+++ openssh-6.2p1/cipher-ctr.c 2013-03-27 13:14:49.177683431 +0100
@@ -138,7 +138,8 @@ evp_aes_128_ctr(void)
aes_ctr.do_cipher = ssh_aes_ctr;
#ifndef SSH_OLD_EVP
aes_ctr.flags = EVP_CIPH_CBC_MODE | EVP_CIPH_VARIABLE_LENGTH |
- EVP_CIPH_ALWAYS_CALL_INIT | EVP_CIPH_CUSTOM_IV;
+ EVP_CIPH_ALWAYS_CALL_INIT | EVP_CIPH_CUSTOM_IV |
+ EVP_CIPH_FLAG_FIPS;
#endif
return (&aes_ctr);
}
diff -up openssh-6.2p1/cipher.h.fips openssh-6.2p1/cipher.h
--- openssh-6.2p1/cipher.h.fips 2013-03-27 13:14:49.088683784 +0100
+++ openssh-6.2p1/cipher.h 2013-03-27 13:14:49.177683431 +0100
@@ -91,7 +91,7 @@ void cipher_init(CipherContext *, Ciphe
diff -up openssh-6.3p1/cipher.h.fips openssh-6.3p1/cipher.h
--- openssh-6.3p1/cipher.h.fips 2013-10-11 22:24:32.820031327 +0200
+++ openssh-6.3p1/cipher.h 2013-10-11 22:24:32.871031087 +0200
@@ -92,7 +92,7 @@ void cipher_init(CipherContext *, const
void cipher_crypt(CipherContext *, u_char *, const u_char *,
u_int, u_int, u_int);
void cipher_cleanup(CipherContext *);
-void cipher_set_key_string(CipherContext *, Cipher *, const char *, int);
+int cipher_set_key_string(CipherContext *, Cipher *, const char *, int);
-void cipher_set_key_string(CipherContext *, const Cipher *, const char *, int);
+int cipher_set_key_string(CipherContext *, const Cipher *, const char *, int);
u_int cipher_blocksize(const Cipher *);
u_int cipher_keylen(const Cipher *);
u_int cipher_authlen(const Cipher *);
diff -up openssh-6.2p1/key.c.fips openssh-6.2p1/key.c
--- openssh-6.2p1/key.c.fips 2013-03-27 13:14:49.100683736 +0100
+++ openssh-6.2p1/key.c 2013-03-27 13:14:49.178683427 +0100
diff -up openssh-6.3p1/key.c.fips openssh-6.3p1/key.c
--- openssh-6.3p1/key.c.fips 2013-10-11 22:24:32.821031322 +0200
+++ openssh-6.3p1/key.c 2013-10-11 22:24:32.871031087 +0200
@@ -40,6 +40,7 @@
#include <sys/types.h>
@ -162,7 +215,7 @@ diff -up openssh-6.2p1/key.c.fips openssh-6.2p1/key.c
#include <openbsd-compat/openssl-compat.h>
#include <stdarg.h>
@@ -607,9 +608,13 @@ key_fingerprint_selection(void)
@@ -606,9 +607,13 @@ key_fingerprint_selection(void)
char *env;
if (!rv_defined) {
@ -179,9 +232,9 @@ diff -up openssh-6.2p1/key.c.fips openssh-6.2p1/key.c
rv_defined = 1;
}
return rv;
diff -up openssh-6.2p1/mac.c.fips openssh-6.2p1/mac.c
--- openssh-6.2p1/mac.c.fips 2013-03-27 13:14:49.093683764 +0100
+++ openssh-6.2p1/mac.c 2013-03-27 13:16:33.524266158 +0100
diff -up openssh-6.3p1/mac.c.fips openssh-6.3p1/mac.c
--- openssh-6.3p1/mac.c.fips 2013-10-11 22:24:32.821031322 +0200
+++ openssh-6.3p1/mac.c 2013-10-11 22:25:35.394737186 +0200
@@ -28,6 +28,7 @@
#include <sys/types.h>
@ -190,102 +243,56 @@ diff -up openssh-6.2p1/mac.c.fips openssh-6.2p1/mac.c
#include <stdarg.h>
#include <string.h>
@@ -50,7 +51,7 @@
#define SSH_UMAC 2 /* UMAC (not integrated with OpenSSL) */
#define SSH_UMAC128 3
-struct {
+struct Macs {
char *name;
int type;
const EVP_MD * (*mdfunc)(void);
@@ -58,7 +59,9 @@ struct {
int key_len; /* just for UMAC */
int len; /* just for UMAC */
@@ -60,7 +61,7 @@ struct macalg {
int etm; /* Encrypt-then-MAC */
-} macs[] = {
+};
+
+struct Macs all_macs[] = {
};
-static const struct macalg macs[] = {
+static const struct macalg all_macs[] = {
/* Encrypt-and-MAC (encrypt-and-authenticate) variants */
{ "hmac-sha1", SSH_EVP, EVP_sha1, 0, 0, 0, 0 },
{ "hmac-sha1-96", SSH_EVP, EVP_sha1, 96, 0, 0, 0 },
@@ -89,9 +92,19 @@ struct {
@@ -91,6 +92,18 @@ static const struct macalg macs[] = {
{ NULL, 0, NULL, 0, 0, 0, 0 }
};
+struct Macs fips_macs[] = {
+ { "hmac-sha1", SSH_EVP, EVP_sha1, 0, 0, 0, 0 },
+static const struct macalg fips_macs[] = {
+ { "hmac-sha1", SSH_EVP, EVP_sha1, 0, 0, 0, 0 },
+ { "hmac-sha1-etm@openssh.com", SSH_EVP, EVP_sha1, 0, 0, 0, 1 },
+#ifdef HAVE_EVP_SHA256
+ { "hmac-sha2-256", SSH_EVP, EVP_sha256, 0, 0, 0, 0 },
+ { "hmac-sha2-512", SSH_EVP, EVP_sha512, 0, 0, 0, 0 },
+ { "hmac-sha2-256", SSH_EVP, EVP_sha256, 0, 0, 0, 0 },
+ { "hmac-sha2-512", SSH_EVP, EVP_sha512, 0, 0, 0, 0 },
+ { "hmac-sha2-256-etm@openssh.com", SSH_EVP, EVP_sha256, 0, 0, 0, 1 },
+ { "hmac-sha2-512-etm@openssh.com", SSH_EVP, EVP_sha512, 0, 0, 0, 1 },
+#endif
+ { NULL, 0, NULL, 0, -1, -1 }
+ { NULL, 0, NULL, 0, 0, 0, 0 }
+};
+
static void
mac_setup_by_id(Mac *mac, int which)
/* Returns a comma-separated list of supported MACs. */
char *
mac_alg_list(void)
@@ -99,7 +112,7 @@ mac_alg_list(void)
size_t nlen, rlen = 0;
const struct macalg *m;
- for (m = macs; m->name != NULL; m++) {
+ for (m = FIPS_mode() ? fips_macs : all_macs; m->name != NULL; m++) {
if (ret != NULL)
ret[rlen++] = '\n';
nlen = strlen(m->name);
@@ -136,7 +149,7 @@ mac_setup(Mac *mac, char *name)
{
+ struct Macs *macs = FIPS_mode() ? fips_macs : all_macs;
int evp_len;
mac->type = macs[which].type;
if (mac->type == SSH_EVP) {
@@ -113,6 +126,7 @@ int
mac_setup(Mac *mac, char *name)
{
int i;
+ struct Macs *macs = FIPS_mode() ? fips_macs : all_macs;
const struct macalg *m;
for (i = 0; macs[i].name; i++) {
if (strcmp(name, macs[i].name) == 0) {
diff -up openssh-6.2p1/Makefile.in.fips openssh-6.2p1/Makefile.in
--- openssh-6.2p1/Makefile.in.fips 2013-03-27 13:14:49.155683518 +0100
+++ openssh-6.2p1/Makefile.in 2013-03-27 13:14:49.178683427 +0100
@@ -145,25 +145,25 @@ libssh.a: $(LIBSSH_OBJS)
$(RANLIB) $@
ssh$(EXEEXT): $(LIBCOMPAT) libssh.a $(SSHOBJS)
- $(LD) -o $@ $(SSHOBJS) $(LDFLAGS) -lssh -lopenbsd-compat $(SSHLIBS) $(LIBS) $(GSSLIBS)
+ $(LD) -o $@ $(SSHOBJS) $(LDFLAGS) -lssh -lopenbsd-compat -lfipscheck $(SSHLIBS) $(LIBS) $(GSSLIBS)
sshd$(EXEEXT): libssh.a $(LIBCOMPAT) $(SSHDOBJS)
- $(LD) -o $@ $(SSHDOBJS) $(LDFLAGS) -lssh -lopenbsd-compat $(SSHDLIBS) $(LIBS) $(GSSLIBS) $(K5LIBS)
+ $(LD) -o $@ $(SSHDOBJS) $(LDFLAGS) -lssh -lopenbsd-compat -lfipscheck $(SSHDLIBS) $(LIBS) $(GSSLIBS) $(K5LIBS)
scp$(EXEEXT): $(LIBCOMPAT) libssh.a scp.o progressmeter.o
$(LD) -o $@ scp.o progressmeter.o bufaux.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS)
ssh-add$(EXEEXT): $(LIBCOMPAT) libssh.a ssh-add.o
- $(LD) -o $@ ssh-add.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS)
+ $(LD) -o $@ ssh-add.o $(LDFLAGS) -lssh -lopenbsd-compat -lfipscheck $(LIBS)
ssh-agent$(EXEEXT): $(LIBCOMPAT) libssh.a ssh-agent.o ssh-pkcs11-client.o
- $(LD) -o $@ ssh-agent.o ssh-pkcs11-client.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS)
+ $(LD) -o $@ ssh-agent.o ssh-pkcs11-client.o $(LDFLAGS) -lssh -lopenbsd-compat -lfipscheck $(LIBS)
ssh-keygen$(EXEEXT): $(LIBCOMPAT) libssh.a ssh-keygen.o
- $(LD) -o $@ ssh-keygen.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS)
+ $(LD) -o $@ ssh-keygen.o $(LDFLAGS) -lssh -lopenbsd-compat -lfipscheck $(LIBS)
ssh-keysign$(EXEEXT): $(LIBCOMPAT) libssh.a ssh-keysign.o roaming_dummy.o readconf.o
- $(LD) -o $@ ssh-keysign.o readconf.o roaming_dummy.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS)
+ $(LD) -o $@ ssh-keysign.o readconf.o roaming_dummy.o $(LDFLAGS) -lssh -lopenbsd-compat -lfipscheck $(LIBS)
ssh-pkcs11-helper$(EXEEXT): $(LIBCOMPAT) libssh.a ssh-pkcs11-helper.o ssh-pkcs11.o
$(LD) -o $@ ssh-pkcs11-helper.o ssh-pkcs11.o $(LDFLAGS) -lssh -lopenbsd-compat -lssh -lopenbsd-compat $(LIBS)
@@ -175,7 +175,7 @@ ssh-keycat$(EXEEXT): $(LIBCOMPAT) libssh
$(LD) -o $@ ssh-keycat.o $(LDFLAGS) -lssh -lopenbsd-compat -lssh -lfipscheck $(SSHDLIBS)
ssh-keyscan$(EXEEXT): $(LIBCOMPAT) libssh.a ssh-keyscan.o roaming_dummy.o
- $(LD) -o $@ ssh-keyscan.o roaming_dummy.o $(LDFLAGS) -lssh -lopenbsd-compat -lssh $(LIBS)
+ $(LD) -o $@ ssh-keyscan.o roaming_dummy.o $(LDFLAGS) -lssh -lopenbsd-compat -lssh -lfipscheck $(LIBS)
sftp-server$(EXEEXT): $(LIBCOMPAT) libssh.a sftp.o sftp-common.o sftp-server.o sftp-server-main.o
$(LD) -o $@ sftp-server.o sftp-common.o sftp-server-main.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS)
diff -up openssh-6.2p1/myproposal.h.fips openssh-6.2p1/myproposal.h
--- openssh-6.2p1/myproposal.h.fips 2013-01-09 06:12:19.000000000 +0100
+++ openssh-6.2p1/myproposal.h 2013-03-27 13:14:49.178683427 +0100
@@ -106,6 +106,19 @@
- for (m = macs; m->name != NULL; m++) {
+ for (m = FIPS_mode() ? fips_macs : all_macs; m->name != NULL; m++) {
if (strcmp(name, m->name) != 0)
continue;
if (mac != NULL)
diff -up openssh-6.3p1/myproposal.h.fips openssh-6.3p1/myproposal.h
--- openssh-6.3p1/myproposal.h.fips 2013-06-11 04:10:02.000000000 +0200
+++ openssh-6.3p1/myproposal.h 2013-10-11 22:24:32.872031082 +0200
@@ -114,6 +114,19 @@
#define KEX_DEFAULT_COMP "none,zlib@openssh.com,zlib"
#define KEX_DEFAULT_LANG ""
@ -305,9 +312,9 @@ diff -up openssh-6.2p1/myproposal.h.fips openssh-6.2p1/myproposal.h
static char *myproposal[PROPOSAL_MAX] = {
KEX_DEFAULT_KEX,
diff -up openssh-6.2p1/openbsd-compat/bsd-arc4random.c.fips openssh-6.2p1/openbsd-compat/bsd-arc4random.c
--- openssh-6.2p1/openbsd-compat/bsd-arc4random.c.fips 2010-03-25 22:52:02.000000000 +0100
+++ openssh-6.2p1/openbsd-compat/bsd-arc4random.c 2013-03-27 13:14:49.179683423 +0100
diff -up openssh-6.3p1/openbsd-compat/bsd-arc4random.c.fips openssh-6.3p1/openbsd-compat/bsd-arc4random.c
--- openssh-6.3p1/openbsd-compat/bsd-arc4random.c.fips 2010-03-25 22:52:02.000000000 +0100
+++ openssh-6.3p1/openbsd-compat/bsd-arc4random.c 2013-10-11 22:24:32.872031082 +0200
@@ -37,25 +37,18 @@
#define REKEY_BYTES (1 << 24)
@ -363,9 +370,9 @@ diff -up openssh-6.2p1/openbsd-compat/bsd-arc4random.c.fips openssh-6.2p1/openbs
}
#endif /* !HAVE_ARC4RANDOM */
diff -up openssh-6.2p2/ssh.c.fips openssh-6.2p2/ssh.c
--- openssh-6.2p2/ssh.c.fips 2013-04-05 02:22:36.000000000 +0200
+++ openssh-6.2p2/ssh.c 2013-10-08 17:21:26.894761211 +0200
diff -up openssh-6.3p1/ssh.c.fips openssh-6.3p1/ssh.c
--- openssh-6.3p1/ssh.c.fips 2013-07-25 03:55:53.000000000 +0200
+++ openssh-6.3p1/ssh.c 2013-10-11 22:24:32.872031082 +0200
@@ -73,6 +73,8 @@
#include <openssl/evp.h>
@ -389,8 +396,8 @@ diff -up openssh-6.2p2/ssh.c.fips openssh-6.2p2/ssh.c
#ifndef HAVE_SETPROCTITLE
/* Prepare for later setproctitle emulation */
@@ -329,6 +338,9 @@ main(int ac, char **av)
"ACD:F:I:KL:MNO:PR:S:TVw:W:XYy")) != -1) {
@@ -330,6 +339,9 @@ main(int ac, char **av)
"ACD:E:F:I:KL:MNO:PQ:R:S:TVw:W:XYy")) != -1) {
switch (opt) {
case '1':
+ if (FIPS_mode()) {
@ -399,7 +406,7 @@ diff -up openssh-6.2p2/ssh.c.fips openssh-6.2p2/ssh.c
options.protocol = SSH_PROTO_1;
break;
case '2':
@@ -628,7 +640,6 @@ main(int ac, char **av)
@@ -647,7 +659,6 @@ main(int ac, char **av)
if (!host)
usage();
@ -407,7 +414,7 @@ diff -up openssh-6.2p2/ssh.c.fips openssh-6.2p2/ssh.c
ERR_load_crypto_strings();
/* Initialize the command to execute on remote host. */
@@ -719,6 +730,10 @@ main(int ac, char **av)
@@ -748,6 +759,10 @@ main(int ac, char **av)
seed_rng();
@ -418,7 +425,7 @@ diff -up openssh-6.2p2/ssh.c.fips openssh-6.2p2/ssh.c
if (options.user == NULL)
options.user = xstrdup(pw->pw_name);
@@ -787,6 +802,12 @@ main(int ac, char **av)
@@ -816,6 +831,12 @@ main(int ac, char **av)
timeout_ms = options.connection_timeout * 1000;
@ -431,9 +438,9 @@ diff -up openssh-6.2p2/ssh.c.fips openssh-6.2p2/ssh.c
/* Open a connection to the remote host. */
if (ssh_connect(host, &hostaddr, options.port,
options.address_family, options.connection_attempts, &timeout_ms,
diff -up openssh-6.2p1/sshconnect2.c.fips openssh-6.2p1/sshconnect2.c
--- openssh-6.2p1/sshconnect2.c.fips 2013-03-27 13:14:49.066683871 +0100
+++ openssh-6.2p1/sshconnect2.c 2013-03-27 13:14:49.179683423 +0100
diff -up openssh-6.3p1/sshconnect2.c.fips openssh-6.3p1/sshconnect2.c
--- openssh-6.3p1/sshconnect2.c.fips 2013-10-11 22:24:32.810031374 +0200
+++ openssh-6.3p1/sshconnect2.c 2013-10-11 22:24:32.873031077 +0200
@@ -44,6 +44,8 @@
#include <vis.h>
#endif
@ -466,9 +473,9 @@ diff -up openssh-6.2p1/sshconnect2.c.fips openssh-6.2p1/sshconnect2.c
if (options.hostkeyalgorithms != NULL)
myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] =
options.hostkeyalgorithms;
diff -up openssh-6.2p2/sshd.c.fips openssh-6.2p2/sshd.c
--- openssh-6.2p2/sshd.c.fips 2013-10-08 17:14:05.455864248 +0200
+++ openssh-6.2p2/sshd.c 2013-10-08 17:22:15.897527827 +0200
diff -up openssh-6.3p1/sshd.c.fips openssh-6.3p1/sshd.c
--- openssh-6.3p1/sshd.c.fips 2013-10-11 22:24:32.842031223 +0200
+++ openssh-6.3p1/sshd.c 2013-10-11 22:24:32.873031077 +0200
@@ -76,6 +76,8 @@
#include <openssl/bn.h>
#include <openssl/md5.h>
@ -478,7 +485,7 @@ diff -up openssh-6.2p2/sshd.c.fips openssh-6.2p2/sshd.c
#include "openbsd-compat/openssl-compat.h"
#ifdef HAVE_SECUREWARE
@@ -1423,6 +1425,14 @@ main(int ac, char **av)
@@ -1450,6 +1452,14 @@ main(int ac, char **av)
#endif
__progname = ssh_get_progname(av[0]);
@ -493,18 +500,18 @@ diff -up openssh-6.2p2/sshd.c.fips openssh-6.2p2/sshd.c
/* Save argv. Duplicate so setproctitle emulation doesn't clobber it */
saved_argc = ac;
rexec_argc = ac;
@@ -1571,8 +1581,6 @@ main(int ac, char **av)
@@ -1601,8 +1611,6 @@ main(int ac, char **av)
else
closefrom(REEXEC_DEVCRYPTO_RESERVED_FD);
- OpenSSL_add_all_algorithms();
-
/*
* Force logging to stderr until we have loaded the private host
* key (unless started from inetd)
@@ -1715,6 +1723,10 @@ main(int ac, char **av)
debug("private host key: #%d type %d %s", i, key->type,
key_type(key));
/* If requested, redirect the logs to the specified logfile. */
if (logfile != NULL) {
log_redirect_stderr_to(logfile);
@@ -1773,6 +1781,10 @@ main(int ac, char **av)
debug("private host key: #%d type %d %s", i, keytype,
key_type(key ? key : pubkey));
}
+ if ((options.protocol & SSH_PROTO_1) && FIPS_mode()) {
+ logit("Disabling protocol version 1. Not allowed in the FIPS mode.");
@ -513,7 +520,7 @@ diff -up openssh-6.2p2/sshd.c.fips openssh-6.2p2/sshd.c
if ((options.protocol & SSH_PROTO_1) && !sensitive_data.have_ssh1_key) {
logit("Disabling protocol version 1. Could not load host key");
options.protocol &= ~SSH_PROTO_1;
@@ -1878,6 +1890,10 @@ main(int ac, char **av)
@@ -1936,6 +1948,10 @@ main(int ac, char **av)
/* Initialize the random number generator. */
arc4random_stir();
@ -523,8 +530,8 @@ diff -up openssh-6.2p2/sshd.c.fips openssh-6.2p2/sshd.c
+
/* Chdir to the root directory so that the current disk can be
unmounted if desired. */
(void) chdir("/");
@@ -2420,6 +2436,9 @@ do_ssh2_kex(void)
if (chdir("/") == -1)
@@ -2498,6 +2514,9 @@ do_ssh2_kex(void)
if (options.ciphers != NULL) {
myproposal[PROPOSAL_ENC_ALGS_CTOS] =
myproposal[PROPOSAL_ENC_ALGS_STOC] = options.ciphers;
@ -534,7 +541,7 @@ diff -up openssh-6.2p2/sshd.c.fips openssh-6.2p2/sshd.c
}
myproposal[PROPOSAL_ENC_ALGS_CTOS] =
compat_cipher_proposal(myproposal[PROPOSAL_ENC_ALGS_CTOS]);
@@ -2429,6 +2448,9 @@ do_ssh2_kex(void)
@@ -2507,6 +2526,9 @@ do_ssh2_kex(void)
if (options.macs != NULL) {
myproposal[PROPOSAL_MAC_ALGS_CTOS] =
myproposal[PROPOSAL_MAC_ALGS_STOC] = options.macs;

90
openssh-6.2p1-force_krb.patch → openssh-6.3p1-force_krb.patch
View File

@ -1,6 +1,6 @@
diff -up openssh-6.2p1/gss-serv-krb5.c.force_krb openssh-6.2p1/gss-serv-krb5.c
--- openssh-6.2p1/gss-serv-krb5.c.force_krb 2013-03-25 20:04:53.807817333 +0100
+++ openssh-6.2p1/gss-serv-krb5.c 2013-03-25 20:04:53.818817403 +0100
diff -up openssh-6.3p1/gss-serv-krb5.c.force_krb openssh-6.3p1/gss-serv-krb5.c
--- openssh-6.3p1/gss-serv-krb5.c.force_krb 2013-10-11 18:58:51.553948159 +0200
+++ openssh-6.3p1/gss-serv-krb5.c 2013-10-11 21:40:49.972337025 +0200
@@ -32,7 +32,9 @@
#include <sys/types.h>
@ -11,7 +11,7 @@ diff -up openssh-6.2p1/gss-serv-krb5.c.force_krb openssh-6.2p1/gss-serv-krb5.c
#include "xmalloc.h"
#include "key.h"
@@ -40,12 +42,11 @@
@@ -40,10 +42,12 @@
#include "auth.h"
#include "log.h"
#include "servconf.h"
@ -20,18 +20,14 @@ diff -up openssh-6.2p1/gss-serv-krb5.c.force_krb openssh-6.2p1/gss-serv-krb5.c
#include "buffer.h"
#include "ssh-gss.h"
-extern ServerOptions options;
-
+extern Authctxt *the_authctxt;
extern ServerOptions options;
#ifdef HEIMDAL
# include <krb5.h>
#else
@@ -56,6 +57,16 @@ extern ServerOptions options;
# endif
@@ -55,6 +59,13 @@ extern ServerOptions options;
# include <gssapi/gssapi_krb5.h>
#endif
+extern Authctxt *the_authctxt;
+extern ServerOptions options;
+
+/* all commands are allowed by default */
+char **k5users_allowed_cmds = NULL;
+
@ -42,21 +38,16 @@ diff -up openssh-6.2p1/gss-serv-krb5.c.force_krb openssh-6.2p1/gss-serv-krb5.c
static krb5_context krb_context = NULL;
/* Initialise the krb5 library, for the stuff that GSSAPI won't do */
@@ -83,10 +94,11 @@ ssh_gssapi_krb5_init(void)
*/
static int
-ssh_gssapi_krb5_userok(ssh_gssapi_client *client, char *name)
+ssh_gssapi_krb5_userok(ssh_gssapi_client *client, char *luser)
{
@@ -87,6 +98,7 @@ ssh_gssapi_krb5_userok(ssh_gssapi_client
krb5_principal princ;
int retval;
const char *errmsg;
+ int k5login_exists;
if (ssh_gssapi_krb5_init() == 0)
return 0;
@@ -97,10 +109,22 @@ ssh_gssapi_krb5_userok(ssh_gssapi_client
krb5_get_err_text(krb_context, retval));
@@ -98,10 +110,22 @@ ssh_gssapi_krb5_userok(ssh_gssapi_client
krb5_free_error_message(krb_context, errmsg);
return 0;
}
- if (krb5_kuserok(krb_context, princ, name)) {
@ -66,21 +57,20 @@ diff -up openssh-6.2p1/gss-serv-krb5.c.force_krb openssh-6.2p1/gss-serv-krb5.c
+ /* NOTE: .k5login and .k5users must opened as root, not the user,
+ * because if they are on a krb5-protected filesystem, user credentials
+ * to access these files aren't available yet. */
+ if (krb5_kuserok(krb_context, princ, luser) && k5login_exists) {
+ if (krb5_kuserok(krb_context, princ, name) && k5login_exists) {
retval = 1;
logit("Authorized to %s, krb5 principal %s (krb5_kuserok)",
- name, (char *)client->displayname.value);
+ luser, (char *)client->displayname.value);
name, (char *)client->displayname.value);
+ } else if (ssh_gssapi_krb5_cmdok(princ, client->exportedname.value,
+ luser, k5login_exists)) {
+ name, k5login_exists)) {
+ retval = 1;
+ logit("Authorized to %s, krb5 principal %s "
+ "(ssh_gssapi_krb5_cmdok)",
+ luser, (char *)client->displayname.value);
+ name, (char *)client->displayname.value);
} else
retval = 0;
@@ -108,6 +132,135 @@ ssh_gssapi_krb5_userok(ssh_gssapi_client
@@ -109,6 +133,135 @@ ssh_gssapi_krb5_userok(ssh_gssapi_client
return retval;
}
@ -216,9 +206,9 @@ diff -up openssh-6.2p1/gss-serv-krb5.c.force_krb openssh-6.2p1/gss-serv-krb5.c
/* This writes out any forwarded credentials from the structure populated
* during userauth. Called after we have setuid to the user */
diff -up openssh-6.2p1/session.c.force_krb openssh-6.2p1/session.c
--- openssh-6.2p1/session.c.force_krb 2013-03-25 20:04:53.724816810 +0100
+++ openssh-6.2p1/session.c 2013-03-25 20:04:53.818817403 +0100
diff -up openssh-6.3p1/session.c.force_krb openssh-6.3p1/session.c
--- openssh-6.3p1/session.c.force_krb 2013-10-11 18:58:51.487948468 +0200
+++ openssh-6.3p1/session.c 2013-10-11 18:58:51.563948112 +0200
@@ -823,6 +823,29 @@ do_exec(Session *s, const char *command)
debug("Forced command (key option) '%.900s'", command);
}
@ -249,10 +239,24 @@ diff -up openssh-6.2p1/session.c.force_krb openssh-6.2p1/session.c
#ifdef SSH_AUDIT_EVENTS
if (s->command != NULL || s->command_handle != -1)
fatal("do_exec: command already set");
diff -up openssh-6.2p1/sshd.8.force_krb openssh-6.2p1/sshd.8
--- openssh-6.2p1/sshd.8.force_krb 2013-03-25 20:04:53.787817207 +0100
+++ openssh-6.2p1/sshd.8 2013-03-25 20:04:53.819817409 +0100
@@ -323,6 +323,7 @@ Finally, the server and the client enter
diff -up openssh-6.3p1/ssh-gss.h.force_krb openssh-6.3p1/ssh-gss.h
--- openssh-6.3p1/ssh-gss.h.force_krb 2013-10-11 18:58:51.558948136 +0200
+++ openssh-6.3p1/ssh-gss.h 2013-10-11 18:58:51.563948112 +0200
@@ -49,6 +49,10 @@
# endif /* !HAVE_DECL_GSS_C_NT_... */
# endif /* !HEIMDAL */
+
+/* .k5users support */
+extern char **k5users_allowed_cmds;
+
#endif /* KRB5 */
/* draft-ietf-secsh-gsskeyex-06 */
diff -up openssh-6.3p1/sshd.8.force_krb openssh-6.3p1/sshd.8
--- openssh-6.3p1/sshd.8.force_krb 2013-10-11 18:58:51.537948234 +0200
+++ openssh-6.3p1/sshd.8 2013-10-11 18:58:51.563948112 +0200
@@ -326,6 +326,7 @@ Finally, the server and the client enter
The client tries to authenticate itself using
host-based authentication,
public key authentication,
@ -260,7 +264,7 @@ diff -up openssh-6.2p1/sshd.8.force_krb openssh-6.2p1/sshd.8
challenge-response authentication,
or password authentication.
.Pp
@@ -796,6 +797,12 @@ This file is used in exactly the same wa
@@ -797,6 +798,12 @@ This file is used in exactly the same wa
but allows host-based authentication without permitting login with
rlogin/rsh.
.Pp
@ -273,17 +277,3 @@ diff -up openssh-6.2p1/sshd.8.force_krb openssh-6.2p1/sshd.8
.It Pa ~/.ssh/
This directory is the default location for all user-specific configuration
and authentication information.
diff -up openssh-6.2p1/ssh-gss.h.force_krb openssh-6.2p1/ssh-gss.h
--- openssh-6.2p1/ssh-gss.h.force_krb 2013-03-25 20:04:53.819817409 +0100
+++ openssh-6.2p1/ssh-gss.h 2013-03-25 20:05:26.463023197 +0100
@@ -49,6 +49,10 @@
# endif /* !HAVE_DECL_GSS_C_NT_... */
# endif /* !HEIMDAL */
+
+/* .k5users support */
+extern char **k5users_allowed_cmds;
+
#endif /* KRB5 */
/* draft-ietf-secsh-gsskeyex-06 */

2039
openssh-6.2p1-gsskex.patch → openssh-6.3p1-gsskex.patch
View File

File diff suppressed because it is too large Load Diff

74
openssh-6.2p1-keycat.patch → openssh-6.3p1-keycat.patch
View File

@ -1,24 +1,6 @@
diff -up openssh-6.2p1/auth2-pubkey.c.keycat openssh-6.2p1/auth2-pubkey.c
--- openssh-6.2p1/auth2-pubkey.c.keycat 2013-03-25 21:34:17.779978851 +0100
+++ openssh-6.2p1/auth2-pubkey.c 2013-03-25 21:34:17.798978973 +0100
@@ -573,6 +573,14 @@ user_key_command_allowed2(struct passwd
_exit(1);
}
+#ifdef WITH_SELINUX
+ if (ssh_selinux_setup_env_variables() < 0) {
+ error ("failed to copy environment: %s",
+ strerror(errno));
+ _exit(127);
+ }
+#endif
+
execl(options.authorized_keys_command,
options.authorized_keys_command, user_pw->pw_name, NULL);
diff -up openssh-6.2p1/HOWTO.ssh-keycat.keycat openssh-6.2p1/HOWTO.ssh-keycat
--- openssh-6.2p1/HOWTO.ssh-keycat.keycat 2013-03-25 21:34:17.798978973 +0100
+++ openssh-6.2p1/HOWTO.ssh-keycat 2013-03-25 21:34:17.798978973 +0100
diff -up openssh-6.3p1/HOWTO.ssh-keycat.keycat openssh-6.3p1/HOWTO.ssh-keycat
--- openssh-6.3p1/HOWTO.ssh-keycat.keycat 2013-10-10 15:16:33.445566916 +0200
+++ openssh-6.3p1/HOWTO.ssh-keycat 2013-10-10 15:16:33.445566916 +0200
@@ -0,0 +1,12 @@
+The ssh-keycat retrieves the content of the ~/.ssh/authorized_keys
+of an user in any environment. This includes environments with
@ -32,9 +14,9 @@ diff -up openssh-6.2p1/HOWTO.ssh-keycat.keycat openssh-6.2p1/HOWTO.ssh-keycat
+ PubkeyAuthentication yes
+
+
diff -up openssh-6.2p1/Makefile.in.keycat openssh-6.2p1/Makefile.in
--- openssh-6.2p1/Makefile.in.keycat 2013-03-25 21:34:17.793978941 +0100
+++ openssh-6.2p1/Makefile.in 2013-03-25 21:35:48.282559562 +0100
diff -up openssh-6.3p1/Makefile.in.keycat openssh-6.3p1/Makefile.in
--- openssh-6.3p1/Makefile.in.keycat 2013-10-10 15:16:33.442566930 +0200
+++ openssh-6.3p1/Makefile.in 2013-10-10 15:16:33.445566916 +0200
@@ -27,6 +27,7 @@ SFTP_SERVER=$(libexecdir)/sftp-server
SSH_KEYSIGN=$(libexecdir)/ssh-keysign
SSH_LDAP_HELPER=$(libexecdir)/ssh-ldap-helper
@ -52,7 +34,7 @@ diff -up openssh-6.2p1/Makefile.in.keycat openssh-6.2p1/Makefile.in
LIBSSH_OBJS=authfd.o authfile.o bufaux.o bufbn.o buffer.o \
canohost.o channels.o cipher.o cipher-aes.o \
@@ -170,6 +171,9 @@ ssh-pkcs11-helper$(EXEEXT): $(LIBCOMPAT)
@@ -172,6 +173,9 @@ ssh-pkcs11-helper$(EXEEXT): $(LIBCOMPAT)
ssh-ldap-helper$(EXEEXT): $(LIBCOMPAT) libssh.a ldapconf.o ldapbody.o ldapmisc.o ldap-helper.o
$(LD) -o $@ ldapconf.o ldapbody.o ldapmisc.o ldap-helper.o $(LDFLAGS) -lssh -lopenbsd-compat -lfipscheck $(LIBS)
@ -62,7 +44,7 @@ diff -up openssh-6.2p1/Makefile.in.keycat openssh-6.2p1/Makefile.in
ssh-keyscan$(EXEEXT): $(LIBCOMPAT) libssh.a ssh-keyscan.o roaming_dummy.o
$(LD) -o $@ ssh-keyscan.o roaming_dummy.o $(LDFLAGS) -lssh -lopenbsd-compat -lssh $(LIBS)
@@ -276,6 +280,7 @@ install-files:
@@ -279,6 +283,7 @@ install-files:
$(INSTALL) -m 0700 $(STRIP_OPT) ssh-ldap-helper $(DESTDIR)$(SSH_LDAP_HELPER) ; \
$(INSTALL) -m 0700 ssh-ldap-wrapper $(DESTDIR)$(SSH_LDAP_WRAPPER) ; \
fi
@ -70,10 +52,28 @@ diff -up openssh-6.2p1/Makefile.in.keycat openssh-6.2p1/Makefile.in
$(INSTALL) -m 0755 $(STRIP_OPT) sftp$(EXEEXT) $(DESTDIR)$(bindir)/sftp$(EXEEXT)
$(INSTALL) -m 0755 $(STRIP_OPT) sftp-server$(EXEEXT) $(DESTDIR)$(SFTP_SERVER)$(EXEEXT)
$(INSTALL) -m 644 ssh.1.out $(DESTDIR)$(mandir)/$(mansubdir)1/ssh.1
diff -up openssh-6.2p1/openbsd-compat/port-linux.c.keycat openssh-6.2p1/openbsd-compat/port-linux.c
--- openssh-6.2p1/openbsd-compat/port-linux.c.keycat 2013-03-25 21:34:17.785978890 +0100
+++ openssh-6.2p1/openbsd-compat/port-linux.c 2013-03-25 21:34:17.800978986 +0100
@@ -315,7 +315,7 @@ ssh_selinux_getctxbyname(char *pwname,
diff -up openssh-6.3p1/auth2-pubkey.c.keycat openssh-6.3p1/auth2-pubkey.c
--- openssh-6.3p1/auth2-pubkey.c.keycat 2013-10-10 15:16:33.429566992 +0200
+++ openssh-6.3p1/auth2-pubkey.c 2013-10-10 15:16:33.445566916 +0200
@@ -606,6 +606,14 @@ user_key_command_allowed2(struct passwd
_exit(1);
}
+#ifdef WITH_SELINUX
+ if (ssh_selinux_setup_env_variables() < 0) {
+ error ("failed to copy environment: %s",
+ strerror(errno));
+ _exit(127);
+ }
+#endif
+
execl(options.authorized_keys_command,
options.authorized_keys_command, user_pw->pw_name, NULL);
diff -up openssh-6.3p1/openbsd-compat/port-linux.c.keycat openssh-6.3p1/openbsd-compat/port-linux.c
--- openssh-6.3p1/openbsd-compat/port-linux.c.keycat 2013-10-10 15:16:33.435566964 +0200
+++ openssh-6.3p1/openbsd-compat/port-linux.c 2013-10-10 15:32:19.946065189 +0200
@@ -313,7 +313,7 @@ ssh_selinux_getctxbyname(char *pwname,
/* Setup environment variables for pam_selinux */
static int
@ -82,13 +82,13 @@ diff -up openssh-6.2p1/openbsd-compat/port-linux.c.keycat openssh-6.2p1/openbsd-
{
const char *reqlvl;
char *role;
@@ -326,16 +326,16 @@ ssh_selinux_setup_pam_variables(void)
@@ -324,16 +324,16 @@ ssh_selinux_setup_pam_variables(void)
ssh_selinux_get_role_level(&role, &reqlvl);
- rv = do_pam_putenv("SELINUX_ROLE_REQUESTED", role ? role : "");
+ rv = set_it("SELINUX_ROLE_REQUESTED", role ? role : "");
if (inetd_flag && !rexeced_flag) {
use_current = "1";
} else {
@ -101,8 +101,8 @@ diff -up openssh-6.2p1/openbsd-compat/port-linux.c.keycat openssh-6.2p1/openbsd-
+ rv = rv || set_it("SELINUX_USE_CURRENT_RANGE", use_current);
if (role != NULL)
xfree(role);
@@ -343,6 +343,24 @@ ssh_selinux_setup_pam_variables(void)
free(role);
@@ -341,6 +341,24 @@ ssh_selinux_setup_pam_variables(void)
return rv;
}
@ -127,9 +127,9 @@ diff -up openssh-6.2p1/openbsd-compat/port-linux.c.keycat openssh-6.2p1/openbsd-
/* Set the execution context to the default for the specified user */
void
ssh_selinux_setup_exec_context(char *pwname)
diff -up openssh-6.2p1/ssh-keycat.c.keycat openssh-6.2p1/ssh-keycat.c
--- openssh-6.2p1/ssh-keycat.c.keycat 2013-03-25 21:34:17.800978986 +0100
+++ openssh-6.2p1/ssh-keycat.c 2013-03-25 21:34:17.800978986 +0100
diff -up openssh-6.3p1/ssh-keycat.c.keycat openssh-6.3p1/ssh-keycat.c
--- openssh-6.3p1/ssh-keycat.c.keycat 2013-10-10 15:16:33.446566911 +0200
+++ openssh-6.3p1/ssh-keycat.c 2013-10-10 15:16:33.446566911 +0200
@@ -0,0 +1,238 @@
+/*
+ * Redistribution and use in source and binary forms, with or without

88
openssh-6.2p1-kuserok.patch → openssh-6.3p1-kuserok.patch
View File

@ -1,6 +1,6 @@
diff -up openssh-6.2p1/auth-krb5.c.kuserok openssh-6.2p1/auth-krb5.c
--- openssh-6.2p1/auth-krb5.c.kuserok 2013-03-25 20:06:51.295558062 +0100
+++ openssh-6.2p1/auth-krb5.c 2013-03-25 20:06:51.318558207 +0100
diff -up openssh-6.3p1/auth-krb5.c.kuserok openssh-6.3p1/auth-krb5.c
--- openssh-6.3p1/auth-krb5.c.kuserok 2013-10-11 21:41:42.889087613 +0200
+++ openssh-6.3p1/auth-krb5.c 2013-10-11 21:41:42.905087537 +0200
@@ -55,6 +55,20 @@
extern ServerOptions options;
@ -22,7 +22,7 @@ diff -up openssh-6.2p1/auth-krb5.c.kuserok openssh-6.2p1/auth-krb5.c
static int
krb5_init(void *context)
{
@@ -147,7 +161,7 @@ auth_krb5_password(Authctxt *authctxt, c
@@ -159,7 +173,7 @@ auth_krb5_password(Authctxt *authctxt, c
if (problem)
goto out;
@ -31,10 +31,10 @@ diff -up openssh-6.2p1/auth-krb5.c.kuserok openssh-6.2p1/auth-krb5.c
problem = -1;
goto out;
}
diff -up openssh-6.2p1/gss-serv-krb5.c.kuserok openssh-6.2p1/gss-serv-krb5.c
--- openssh-6.2p1/gss-serv-krb5.c.kuserok 2013-03-25 20:06:51.311558163 +0100
+++ openssh-6.2p1/gss-serv-krb5.c 2013-03-25 20:06:51.319558214 +0100
@@ -68,6 +68,7 @@ static int ssh_gssapi_krb5_cmdok(krb5_pr
diff -up openssh-6.3p1/gss-serv-krb5.c.kuserok openssh-6.3p1/gss-serv-krb5.c
--- openssh-6.3p1/gss-serv-krb5.c.kuserok 2013-10-11 21:41:42.901087556 +0200
+++ openssh-6.3p1/gss-serv-krb5.c 2013-10-11 21:46:42.898673597 +0200
@@ -67,6 +67,7 @@ static int ssh_gssapi_krb5_cmdok(krb5_pr
int);
static krb5_context krb_context = NULL;
@ -42,19 +42,19 @@ diff -up openssh-6.2p1/gss-serv-krb5.c.kuserok openssh-6.2p1/gss-serv-krb5.c
/* Initialise the krb5 library, for the stuff that GSSAPI won't do */
@@ -115,7 +116,7 @@ ssh_gssapi_krb5_userok(ssh_gssapi_client
@@ -116,7 +117,7 @@ ssh_gssapi_krb5_userok(ssh_gssapi_client
/* NOTE: .k5login and .k5users must opened as root, not the user,
* because if they are on a krb5-protected filesystem, user credentials
* to access these files aren't available yet. */
- if (krb5_kuserok(krb_context, princ, luser) && k5login_exists) {
+ if (ssh_krb5_kuserok(krb_context, princ, luser) && k5login_exists) {
- if (krb5_kuserok(krb_context, princ, name) && k5login_exists) {
+ if (ssh_krb5_kuserok(krb_context, princ, name) && k5login_exists) {
retval = 1;
logit("Authorized to %s, krb5 principal %s (krb5_kuserok)",
luser, (char *)client->displayname.value);
diff -up openssh-6.2p1/servconf.c.kuserok openssh-6.2p1/servconf.c
--- openssh-6.2p1/servconf.c.kuserok 2013-03-25 20:06:51.305558125 +0100
+++ openssh-6.2p1/servconf.c 2013-03-25 20:06:51.319558214 +0100
@@ -150,6 +150,7 @@ initialize_server_options(ServerOptions
name, (char *)client->displayname.value);
diff -up openssh-6.3p1/servconf.c.kuserok openssh-6.3p1/servconf.c
--- openssh-6.3p1/servconf.c.kuserok 2013-10-11 21:41:42.896087580 +0200
+++ openssh-6.3p1/servconf.c 2013-10-11 21:48:24.664194016 +0200
@@ -157,6 +157,7 @@ initialize_server_options(ServerOptions
options->ip_qos_interactive = -1;
options->ip_qos_bulk = -1;
options->version_addendum = NULL;
@ -62,7 +62,7 @@ diff -up openssh-6.2p1/servconf.c.kuserok openssh-6.2p1/servconf.c
}
void
@@ -299,6 +300,8 @@ fill_default_server_options(ServerOption
@@ -310,6 +311,8 @@ fill_default_server_options(ServerOption
options->version_addendum = xstrdup("");
if (options->show_patchlevel == -1)
options->show_patchlevel = 0;
@ -71,7 +71,7 @@ diff -up openssh-6.2p1/servconf.c.kuserok openssh-6.2p1/servconf.c
/* Turn privilege separation on by default */
if (use_privsep == -1)
@@ -325,7 +328,7 @@ typedef enum {
@@ -336,7 +339,7 @@ typedef enum {
sPermitRootLogin, sLogFacility, sLogLevel,
sRhostsRSAAuthentication, sRSAAuthentication,
sKerberosAuthentication, sKerberosOrLocalPasswd, sKerberosTicketCleanup,
@ -80,7 +80,7 @@ diff -up openssh-6.2p1/servconf.c.kuserok openssh-6.2p1/servconf.c
sKerberosTgtPassing, sChallengeResponseAuthentication,
sPasswordAuthentication, sKbdInteractiveAuthentication,
sListenAddress, sAddressFamily,
@@ -397,11 +400,13 @@ static struct {
@@ -409,11 +412,13 @@ static struct {
#else
{ "kerberosgetafstoken", sUnsupported, SSHCFG_GLOBAL },
#endif
@ -94,7 +94,7 @@ diff -up openssh-6.2p1/servconf.c.kuserok openssh-6.2p1/servconf.c
#endif
{ "kerberostgtpassing", sUnsupported, SSHCFG_GLOBAL },
{ "afstokenpassing", sUnsupported, SSHCFG_GLOBAL },
@@ -1460,6 +1465,10 @@ process_server_config_line(ServerOptions
@@ -1515,6 +1520,10 @@ process_server_config_line(ServerOptions
*activep = value;
break;
@ -105,15 +105,15 @@ diff -up openssh-6.2p1/servconf.c.kuserok openssh-6.2p1/servconf.c
case sPermitOpen:
arg = strdelim(&cp);
if (!arg || *arg == '\0')
@@ -1761,6 +1770,7 @@ copy_set_server_options(ServerOptions *d
@@ -1815,6 +1824,7 @@ copy_set_server_options(ServerOptions *d
M_CP_INTOPT(max_authtries);
M_CP_INTOPT(ip_qos_interactive);
M_CP_INTOPT(ip_qos_bulk);
+ M_CP_INTOPT(use_kuserok);
M_CP_INTOPT(rekey_limit);
M_CP_INTOPT(rekey_interval);
/* See comment in servconf.h */
COPY_MATCH_STRING_OPTS();
@@ -1999,6 +2009,7 @@ dump_config(ServerOptions *o)
@@ -2055,6 +2065,7 @@ dump_config(ServerOptions *o)
dump_cfg_fmtint(sUseDNS, o->use_dns);
dump_cfg_fmtint(sAllowTcpForwarding, o->allow_tcp_forwarding);
dump_cfg_fmtint(sUsePrivilegeSeparation, use_privsep);
@ -121,10 +121,10 @@ diff -up openssh-6.2p1/servconf.c.kuserok openssh-6.2p1/servconf.c
/* string arguments */
dump_cfg_string(sPidFile, o->pid_file);
diff -up openssh-6.2p1/servconf.h.kuserok openssh-6.2p1/servconf.h
--- openssh-6.2p1/servconf.h.kuserok 2013-03-25 20:06:51.305558125 +0100
+++ openssh-6.2p1/servconf.h 2013-03-25 20:06:51.320558220 +0100
@@ -173,6 +173,7 @@ typedef struct {
diff -up openssh-6.3p1/servconf.h.kuserok openssh-6.3p1/servconf.h
--- openssh-6.3p1/servconf.h.kuserok 2013-10-11 21:41:42.896087580 +0200
+++ openssh-6.3p1/servconf.h 2013-10-11 21:41:42.907087528 +0200
@@ -174,6 +174,7 @@ typedef struct {
int num_permitted_opens;
@ -132,21 +132,10 @@ diff -up openssh-6.2p1/servconf.h.kuserok openssh-6.2p1/servconf.h
char *chroot_directory;
char *revoked_keys_file;
char *trusted_user_ca_keys;
diff -up openssh-6.2p1/sshd_config.kuserok openssh-6.2p1/sshd_config
--- openssh-6.2p1/sshd_config.kuserok 2013-03-25 20:06:51.308558144 +0100
+++ openssh-6.2p1/sshd_config 2013-03-25 20:06:51.320558220 +0100
@@ -83,6 +83,7 @@ ChallengeResponseAuthentication no
#KerberosOrLocalPasswd yes
#KerberosTicketCleanup yes
#KerberosGetAFSToken no
+#KerberosUseKuserok yes
# GSSAPI options
#GSSAPIAuthentication no
diff -up openssh-6.2p1/sshd_config.5.kuserok openssh-6.2p1/sshd_config.5
--- openssh-6.2p1/sshd_config.5.kuserok 2013-03-25 20:06:51.308558144 +0100
+++ openssh-6.2p1/sshd_config.5 2013-03-25 20:08:34.249207272 +0100
@@ -660,6 +660,10 @@ Specifies whether to automatically destr
diff -up openssh-6.3p1/sshd_config.5.kuserok openssh-6.3p1/sshd_config.5
--- openssh-6.3p1/sshd_config.5.kuserok 2013-10-11 21:41:42.898087571 +0200
+++ openssh-6.3p1/sshd_config.5 2013-10-11 21:41:42.907087528 +0200
@@ -675,6 +675,10 @@ Specifies whether to automatically destr
file on logout.
The default is
.Dq yes .
@ -157,7 +146,7 @@ diff -up openssh-6.2p1/sshd_config.5.kuserok openssh-6.2p1/sshd_config.5
.It Cm KexAlgorithms
Specifies the available KEX (Key Exchange) algorithms.
Multiple algorithms must be comma-separated.
@@ -819,6 +823,7 @@ Available keywords are
@@ -833,6 +837,7 @@ Available keywords are
.Cm HostbasedUsesNameFromPacketOnly ,
.Cm KbdInteractiveAuthentication ,
.Cm KerberosAuthentication ,
@ -165,3 +154,14 @@ diff -up openssh-6.2p1/sshd_config.5.kuserok openssh-6.2p1/sshd_config.5
.Cm MaxAuthTries ,
.Cm MaxSessions ,
.Cm PasswordAuthentication ,
diff -up openssh-6.3p1/sshd_config.kuserok openssh-6.3p1/sshd_config
--- openssh-6.3p1/sshd_config.kuserok 2013-10-11 21:41:42.898087571 +0200
+++ openssh-6.3p1/sshd_config 2013-10-11 21:41:42.907087528 +0200
@@ -86,6 +86,7 @@ ChallengeResponseAuthentication no
#KerberosOrLocalPasswd yes
#KerberosTicketCleanup yes
#KerberosGetAFSToken no
+#KerberosUseKuserok yes
# GSSAPI options
#GSSAPIAuthentication no

6
openssh-6.2p1-ldap.patch → openssh-6.3p1-ldap.patch
View File

@ -383,7 +383,7 @@ diff -up openssh-6.2p1/ldapbody.c.ldap openssh-6.2p1/ldapbody.c
+ if ((logfile = fopen (logfilename, "a")) == NULL)
+ fatal ("cannot append to %s: %s", logfilename, strerror (errno));
+ debug3 ("LDAP debug into %s", logfilename);
+ xfree (logfilename);
+ free (logfilename);
+ ber_set_option (NULL, LBER_OPT_LOG_PRINT_FILE, logfile);
+ }
+#endif
@ -672,12 +672,12 @@ diff -up openssh-6.2p1/ldapbody.c.ldap openssh-6.2p1/ldapbody.c
+ timeout.tv_usec = 0;
+ if ((rc = ldap_search_st(ld, options.base, options.scope, buffer, attrs, 0, &timeout, &res)) != LDAP_SUCCESS) {
+ error ("ldap_search_st(): %s", ldap_err2string (rc));
+ xfree (buffer);
+ free (buffer);
+ return;
+ }
+
+ /* free */
+ xfree (buffer);
+ free (buffer);
+
+ for (e = ldap_first_entry(ld, res); e != NULL; e = ldap_next_entry(ld, e)) {
+ int num;

44
openssh-6.1p1-privsep-selinux.patch → openssh-6.3p1-privsep-selinux.patch
View File

@ -1,8 +1,8 @@
diff -up openssh-6.1p1/openbsd-compat/port-linux.c.privsep-selinux openssh-6.1p1/openbsd-compat/port-linux.c
--- openssh-6.1p1/openbsd-compat/port-linux.c.privsep-selinux 2012-11-05 14:46:39.334809203 +0100
+++ openssh-6.1p1/openbsd-compat/port-linux.c 2012-11-05 14:54:32.614504884 +0100
@@ -505,6 +505,25 @@ ssh_selinux_change_context(const char *n
xfree(newctx);
diff -up openssh-6.3p1/openbsd-compat/port-linux.c.privsep-selinux openssh-6.3p1/openbsd-compat/port-linux.c
--- openssh-6.3p1/openbsd-compat/port-linux.c.privsep-selinux 2013-10-10 14:58:20.634762245 +0200
+++ openssh-6.3p1/openbsd-compat/port-linux.c 2013-10-10 15:13:57.864306950 +0200
@@ -503,6 +503,25 @@ ssh_selinux_change_context(const char *n
free(newctx);
}
+void
@ -27,9 +27,9 @@ diff -up openssh-6.1p1/openbsd-compat/port-linux.c.privsep-selinux openssh-6.1p1
#endif /* WITH_SELINUX */
#ifdef LINUX_OOM_ADJUST
diff -up openssh-6.1p1/openbsd-compat/port-linux.h.privsep-selinux openssh-6.1p1/openbsd-compat/port-linux.h
--- openssh-6.1p1/openbsd-compat/port-linux.h.privsep-selinux 2011-01-25 02:16:18.000000000 +0100
+++ openssh-6.1p1/openbsd-compat/port-linux.h 2012-11-05 14:46:39.339809234 +0100
diff -up openssh-6.3p1/openbsd-compat/port-linux.h.privsep-selinux openssh-6.3p1/openbsd-compat/port-linux.h
--- openssh-6.3p1/openbsd-compat/port-linux.h.privsep-selinux 2011-01-25 02:16:18.000000000 +0100
+++ openssh-6.3p1/openbsd-compat/port-linux.h 2013-10-10 14:58:20.634762245 +0200
@@ -24,6 +24,7 @@ int ssh_selinux_enabled(void);
void ssh_selinux_setup_pty(char *, const char *);
void ssh_selinux_setup_exec_context(char *);
@ -38,10 +38,10 @@ diff -up openssh-6.1p1/openbsd-compat/port-linux.h.privsep-selinux openssh-6.1p1
void ssh_selinux_setfscreatecon(const char *);
#endif
diff -up openssh-6.1p1/session.c.privsep-selinux openssh-6.1p1/session.c
--- openssh-6.1p1/session.c.privsep-selinux 2012-12-03 09:43:11.727505761 +0100
+++ openssh-6.1p1/session.c 2012-12-03 09:54:50.455688902 +0100
@@ -1519,6 +1519,9 @@ do_setusercontext(struct passwd *pw)
diff -up openssh-6.3p1/session.c.privsep-selinux openssh-6.3p1/session.c
--- openssh-6.3p1/session.c.privsep-selinux 2013-10-10 14:58:20.617762326 +0200
+++ openssh-6.3p1/session.c 2013-10-10 15:13:16.520503590 +0200
@@ -1522,6 +1522,9 @@ do_setusercontext(struct passwd *pw)
pw->pw_uid);
chroot_path = percent_expand(tmp, "h", pw->pw_dir,
"u", pw->pw_name, (char *)NULL);
@ -51,7 +51,7 @@ diff -up openssh-6.1p1/session.c.privsep-selinux openssh-6.1p1/session.c
safely_chroot(chroot_path, pw->pw_uid);
free(tmp);
free(chroot_path);
@@ -1533,6 +1536,12 @@ do_setusercontext(struct passwd *pw)
@@ -1544,6 +1547,12 @@ do_setusercontext(struct passwd *pw)
/* Permanently switch to the desired uid. */
permanently_set_uid(pw);
#endif
@ -61,10 +61,10 @@ diff -up openssh-6.1p1/session.c.privsep-selinux openssh-6.1p1/session.c
+ strcasecmp(options.chroot_directory, "none") == 0)
+ ssh_selinux_copy_context();
+#endif
}
if (getuid() != pw->pw_uid || geteuid() != pw->pw_uid)
@@ -1787,9 +1796,6 @@ do_child(Session *s, const char *command
} else if (options.chroot_directory != NULL &&
strcasecmp(options.chroot_directory, "none") != 0) {
fatal("server lacks privileges to chroot to ChrootDirectory");
@@ -1808,9 +1817,6 @@ do_child(Session *s, const char *command
argv[i] = NULL;
optind = optreset = 1;
__progname = argv[0];
@ -74,10 +74,10 @@ diff -up openssh-6.1p1/session.c.privsep-selinux openssh-6.1p1/session.c
exit(sftp_server_main(i, argv, s->pw));
}
diff -up openssh-6.1p1/sshd.c.privsep-selinux openssh-6.1p1/sshd.c
--- openssh-6.1p1/sshd.c.privsep-selinux 2013-02-24 11:29:32.997823377 +0100
+++ openssh-6.1p1/sshd.c 2013-02-24 11:43:34.171182720 +0100
@@ -653,6 +653,10 @@ privsep_preauth_child(void)
diff -up openssh-6.3p1/sshd.c.privsep-selinux openssh-6.3p1/sshd.c
--- openssh-6.3p1/sshd.c.privsep-selinux 2013-10-10 14:58:20.632762255 +0200
+++ openssh-6.3p1/sshd.c 2013-10-10 14:58:20.635762241 +0200
@@ -668,6 +668,10 @@ privsep_preauth_child(void)
/* Demote the private keys to public keys. */
demote_sensitive_data();
@ -88,7 +88,7 @@ diff -up openssh-6.1p1/sshd.c.privsep-selinux openssh-6.1p1/sshd.c
/* Change our root directory */
if (chroot(_PATH_PRIVSEP_CHROOT_DIR) == -1)
fatal("chroot(\"%s\"): %s", _PATH_PRIVSEP_CHROOT_DIR,
@@ -794,6 +798,13 @@ privsep_postauth(Authctxt *authctxt)
@@ -811,6 +815,13 @@ privsep_postauth(Authctxt *authctxt)
do_setusercontext(authctxt->pw);
skip:

46
openssh-6.1p1-redhat.patch → openssh-6.3p1-redhat.patch
View File

@ -1,10 +1,10 @@
diff -up openssh-6.1p1/ssh_config.redhat openssh-6.1p1/ssh_config
--- openssh-6.1p1/ssh_config.redhat 2010-01-12 09:40:27.000000000 +0100
+++ openssh-6.1p1/ssh_config 2012-10-26 16:28:51.820340584 +0200
@@ -45,3 +45,14 @@
# PermitLocalCommand no
diff -up openssh-6.3p1/ssh_config.redhat openssh-6.3p1/ssh_config
--- openssh-6.3p1/ssh_config.redhat 2013-10-11 14:51:18.345876648 +0200
+++ openssh-6.3p1/ssh_config 2013-10-11 15:13:05.429829266 +0200
@@ -46,3 +46,14 @@
# VisualHostKey no
# ProxyCommand ssh -q -W %h:%p gateway.example.com
# RekeyLimit 1G 1h
+Host *
+ GSSAPIAuthentication yes
+# If this option is set to yes then remote X11 clients will have full access
@ -12,14 +12,14 @@ diff -up openssh-6.1p1/ssh_config.redhat openssh-6.1p1/ssh_config
+# mode correctly we set this to yes.
+ ForwardX11Trusted yes
+# Send locale-related environment variables
+ SendEnv LANG LC_CTYPE LC_NUMERIC LC_TIME LC_COLLATE LC_MONETARY LC_MESSAGES
+ SendEnv LC_PAPER LC_NAME LC_ADDRESS LC_TELEPHONE LC_MEASUREMENT
+ SendEnv LANG LC_CTYPE LC_NUMERIC LC_TIME LC_COLLATE LC_MONETARY LC_MESSAGES
+ SendEnv LC_PAPER LC_NAME LC_ADDRESS LC_TELEPHONE LC_MEASUREMENT
+ SendEnv LC_IDENTIFICATION LC_ALL LANGUAGE
+ SendEnv XMODIFIERS
diff -up openssh-6.1p1/sshd_config.0.redhat openssh-6.1p1/sshd_config.0
--- openssh-6.1p1/sshd_config.0.redhat 2012-10-26 16:28:51.762340584 +0200
+++ openssh-6.1p1/sshd_config.0 2012-10-26 16:28:51.821340584 +0200
@@ -583,9 +583,9 @@ DESCRIPTION
diff -up openssh-6.3p1/sshd_config.0.redhat openssh-6.3p1/sshd_config.0
--- openssh-6.3p1/sshd_config.0.redhat 2013-09-13 08:20:43.000000000 +0200
+++ openssh-6.3p1/sshd_config.0 2013-10-11 14:51:18.345876648 +0200
@@ -653,9 +653,9 @@ DESCRIPTION
SyslogFacility
Gives the facility code that is used when logging messages from
@ -32,10 +32,10 @@ diff -up openssh-6.1p1/sshd_config.0.redhat openssh-6.1p1/sshd_config.0
TCPKeepAlive
Specifies whether the system should send TCP keepalive messages
diff -up openssh-6.1p1/sshd_config.5.redhat openssh-6.1p1/sshd_config.5
--- openssh-6.1p1/sshd_config.5.redhat 2012-10-26 16:28:51.763340584 +0200
+++ openssh-6.1p1/sshd_config.5 2012-10-26 16:28:51.822340584 +0200
@@ -1015,7 +1015,7 @@ Note that this option applies to protoco
diff -up openssh-6.3p1/sshd_config.5.redhat openssh-6.3p1/sshd_config.5
--- openssh-6.3p1/sshd_config.5.redhat 2013-07-20 05:21:53.000000000 +0200
+++ openssh-6.3p1/sshd_config.5 2013-10-11 14:51:18.346876643 +0200
@@ -1095,7 +1095,7 @@ Note that this option applies to protoco
.It Cm SyslogFacility
Gives the facility code that is used when logging messages from
.Xr sshd 8 .
@ -44,9 +44,9 @@ diff -up openssh-6.1p1/sshd_config.5.redhat openssh-6.1p1/sshd_config.5
LOCAL3, LOCAL4, LOCAL5, LOCAL6, LOCAL7.
The default is AUTH.
.It Cm TCPKeepAlive
diff -up openssh-6.1p1/sshd_config.redhat openssh-6.1p1/sshd_config
--- openssh-6.1p1/sshd_config.redhat 2012-10-26 16:28:51.819340584 +0200
+++ openssh-6.1p1/sshd_config 2012-10-26 16:31:44.773340564 +0200
diff -up openssh-6.3p1/sshd_config.redhat openssh-6.3p1/sshd_config
--- openssh-6.3p1/sshd_config.redhat 2013-10-11 14:51:18.343876657 +0200
+++ openssh-6.3p1/sshd_config 2013-10-11 14:51:18.346876643 +0200
@@ -10,6 +10,10 @@
# possible, but leave them commented. Uncommented options override the
# default value.
@ -58,7 +58,7 @@ diff -up openssh-6.1p1/sshd_config.redhat openssh-6.1p1/sshd_config
#Port 22
#AddressFamily any
#ListenAddress 0.0.0.0
@@ -32,6 +36,7 @@
@@ -35,6 +39,7 @@
# Logging
# obsoletes QuietMode and FascistLogging
#SyslogFacility AUTH
@ -66,7 +66,7 @@ diff -up openssh-6.1p1/sshd_config.redhat openssh-6.1p1/sshd_config
#LogLevel INFO
# Authentication:
@@ -67,9 +72,11 @@ AuthorizedKeysFile .ssh/authorized_keys
@@ -70,9 +75,11 @@ AuthorizedKeysFile .ssh/authorized_keys
# To disable tunneled clear text passwords, change to no here!
#PasswordAuthentication yes
#PermitEmptyPasswords no
@ -78,7 +78,7 @@ diff -up openssh-6.1p1/sshd_config.redhat openssh-6.1p1/sshd_config
# Kerberos options
#KerberosAuthentication no
@@ -79,7 +86,9 @@ AuthorizedKeysFile .ssh/authorized_keys
@@ -82,7 +89,9 @@ AuthorizedKeysFile .ssh/authorized_keys
# GSSAPI options
#GSSAPIAuthentication no
@ -88,7 +88,7 @@ diff -up openssh-6.1p1/sshd_config.redhat openssh-6.1p1/sshd_config
# Set this to 'yes' to enable PAM authentication, account processing,
# and session processing. If this is enabled, PAM authentication will
@@ -91,11 +100,13 @@ AuthorizedKeysFile .ssh/authorized_keys
@@ -94,11 +103,13 @@ AuthorizedKeysFile .ssh/authorized_keys
# PAM authentication, then enable this but set PasswordAuthentication
# and ChallengeResponseAuthentication to 'no'.
#UsePAM no
@ -102,7 +102,7 @@ diff -up openssh-6.1p1/sshd_config.redhat openssh-6.1p1/sshd_config
#X11DisplayOffset 10
#X11UseLocalhost yes
#PrintMotd yes
@@ -117,6 +128,12 @@ UsePrivilegeSeparation sandbox # Defaul
@@ -120,6 +131,12 @@ UsePrivilegeSeparation sandbox # Defaul
# no default banner path
#Banner none

317
openssh-6.2p1-role-mls.patch → openssh-6.3p1-role-mls.patch
View File

@ -1,20 +1,7 @@
diff -up openssh-6.2p1/auth.h.role-mls openssh-6.2p1/auth.h
--- openssh-6.2p1/auth.h.role-mls 2013-03-25 17:47:00.565746862 +0100
+++ openssh-6.2p1/auth.h 2013-03-25 17:47:00.602747073 +0100
@@ -59,6 +59,9 @@ struct Authctxt {
char *service;
struct passwd *pw; /* set if 'valid' */
char *style;
+#ifdef WITH_SELINUX
+ char *role;
+#endif
void *kbdintctxt;
void *jpake_ctx;
#ifdef BSD_AUTH
diff -up openssh-6.2p1/auth-pam.c.role-mls openssh-6.2p1/auth-pam.c
--- openssh-6.2p1/auth-pam.c.role-mls 2013-03-25 17:47:00.535746690 +0100
+++ openssh-6.2p1/auth-pam.c 2013-03-25 17:47:00.602747073 +0100
@@ -1074,7 +1074,7 @@ is_pam_session_open(void)
diff -up openssh-6.3p1/auth-pam.c.role-mls openssh-6.3p1/auth-pam.c
--- openssh-6.3p1/auth-pam.c.role-mls 2013-10-10 14:34:43.799494546 +0200
+++ openssh-6.3p1/auth-pam.c 2013-10-10 14:34:43.835494375 +0200
@@ -1071,7 +1071,7 @@ is_pam_session_open(void)
* during the ssh authentication process.
*/
int
@ -23,9 +10,9 @@ diff -up openssh-6.2p1/auth-pam.c.role-mls openssh-6.2p1/auth-pam.c
{
int ret = 1;
#ifdef HAVE_PAM_PUTENV
diff -up openssh-6.2p1/auth-pam.h.role-mls openssh-6.2p1/auth-pam.h
--- openssh-6.2p1/auth-pam.h.role-mls 2004-09-11 14:17:26.000000000 +0200
+++ openssh-6.2p1/auth-pam.h 2013-03-25 17:47:00.602747073 +0100
diff -up openssh-6.3p1/auth-pam.h.role-mls openssh-6.3p1/auth-pam.h
--- openssh-6.3p1/auth-pam.h.role-mls 2004-09-11 14:17:26.000000000 +0200
+++ openssh-6.3p1/auth-pam.h 2013-10-10 14:34:43.835494375 +0200
@@ -38,7 +38,7 @@ void do_pam_session(void);
void do_pam_set_tty(const char *);
void do_pam_setcred(int );
@ -35,10 +22,23 @@ diff -up openssh-6.2p1/auth-pam.h.role-mls openssh-6.2p1/auth-pam.h
char ** fetch_pam_environment(void);
char ** fetch_pam_child_environment(void);
void free_pam_environment(char **);
diff -up openssh-6.2p1/auth1.c.role-mls openssh-6.2p1/auth1.c
--- openssh-6.2p1/auth1.c.role-mls 2012-12-02 23:53:20.000000000 +0100
+++ openssh-6.2p1/auth1.c 2013-03-25 17:47:00.600747062 +0100
@@ -386,6 +386,9 @@ do_authentication(Authctxt *authctxt)
diff -up openssh-6.3p1/auth.h.role-mls openssh-6.3p1/auth.h
--- openssh-6.3p1/auth.h.role-mls 2013-10-10 14:34:43.834494379 +0200
+++ openssh-6.3p1/auth.h 2013-10-10 14:38:45.060348227 +0200
@@ -59,6 +59,9 @@ struct Authctxt {
char *service;
struct passwd *pw; /* set if 'valid' */
char *style;
+#ifdef WITH_SELINUX
+ char *role;
+#endif
void *kbdintctxt;
char *info; /* Extra info for next auth_log */
void *jpake_ctx;
diff -up openssh-6.3p1/auth1.c.role-mls openssh-6.3p1/auth1.c
--- openssh-6.3p1/auth1.c.role-mls 2013-06-02 00:01:24.000000000 +0200
+++ openssh-6.3p1/auth1.c 2013-10-10 14:34:43.835494375 +0200
@@ -381,6 +381,9 @@ do_authentication(Authctxt *authctxt)
{
u_int ulen;
char *user, *style = NULL;
@ -48,7 +48,7 @@ diff -up openssh-6.2p1/auth1.c.role-mls openssh-6.2p1/auth1.c
/* Get the name of the user that we wish to log in as. */
packet_read_expect(SSH_CMSG_USER);
@@ -394,11 +397,24 @@ do_authentication(Authctxt *authctxt)
@@ -389,11 +392,24 @@ do_authentication(Authctxt *authctxt)
user = packet_get_cstring(&ulen);
packet_check_eom();
@ -73,52 +73,10 @@ diff -up openssh-6.2p1/auth1.c.role-mls openssh-6.2p1/auth1.c
/* Verify that the user is a valid user. */
if ((authctxt->pw = PRIVSEP(getpwnamallow(user))) != NULL)
diff -up openssh-6.2p1/auth2.c.role-mls openssh-6.2p1/auth2.c
--- openssh-6.2p1/auth2.c.role-mls 2013-03-25 17:47:00.556746810 +0100
+++ openssh-6.2p1/auth2.c 2013-03-25 17:47:00.600747062 +0100
@@ -218,6 +218,9 @@ input_userauth_request(int type, u_int32
Authctxt *authctxt = ctxt;
Authmethod *m = NULL;
char *user, *service, *method, *style = NULL;
+#ifdef WITH_SELINUX
+ char *role = NULL;
+#endif
int authenticated = 0;
if (authctxt == NULL)
@@ -229,6 +232,11 @@ input_userauth_request(int type, u_int32
debug("userauth-request for user %s service %s method %s", user, service, method);
debug("attempt %d failures %d", authctxt->attempt, authctxt->failures);
+#ifdef WITH_SELINUX
+ if ((role = strchr(user, '/')) != NULL)
+ *role++ = 0;
+#endif
+
if ((style = strchr(user, ':')) != NULL)
*style++ = 0;
@@ -251,8 +259,15 @@ input_userauth_request(int type, u_int32
use_privsep ? " [net]" : "");
authctxt->service = xstrdup(service);
authctxt->style = style ? xstrdup(style) : NULL;
- if (use_privsep)
+#ifdef WITH_SELINUX
+ authctxt->role = role ? xstrdup(role) : NULL;
+#endif
+ if (use_privsep) {
mm_inform_authserv(service, style);
+#ifdef WITH_SELINUX
+ mm_inform_authrole(role);
+#endif
+ }
userauth_banner();
if (auth2_setup_methods_lists(authctxt) != 0)
packet_disconnect("no authentication methods enabled");
diff -up openssh-6.2p1/auth2-gss.c.role-mls openssh-6.2p1/auth2-gss.c
--- openssh-6.2p1/auth2-gss.c.role-mls 2012-12-02 23:53:20.000000000 +0100
+++ openssh-6.2p1/auth2-gss.c 2013-03-25 17:47:00.601747067 +0100
@@ -260,6 +260,7 @@ input_gssapi_mic(int type, u_int32_t ple
diff -up openssh-6.3p1/auth2-gss.c.role-mls openssh-6.3p1/auth2-gss.c
--- openssh-6.3p1/auth2-gss.c.role-mls 2013-06-01 23:31:18.000000000 +0200
+++ openssh-6.3p1/auth2-gss.c 2013-10-10 14:34:43.836494370 +0200
@@ -256,6 +256,7 @@ input_gssapi_mic(int type, u_int32_t ple
Authctxt *authctxt = ctxt;
Gssctxt *gssctxt;
int authenticated = 0;
@ -126,7 +84,7 @@ diff -up openssh-6.2p1/auth2-gss.c.role-mls openssh-6.2p1/auth2-gss.c
Buffer b;
gss_buffer_desc mic, gssbuf;
u_int len;
@@ -272,7 +273,13 @@ input_gssapi_mic(int type, u_int32_t ple
@@ -268,7 +269,13 @@ input_gssapi_mic(int type, u_int32_t ple
mic.value = packet_get_string(&len);
mic.length = len;
@ -141,18 +99,18 @@ diff -up openssh-6.2p1/auth2-gss.c.role-mls openssh-6.2p1/auth2-gss.c
"gssapi-with-mic");
gssbuf.value = buffer_ptr(&b);
@@ -284,6 +291,8 @@ input_gssapi_mic(int type, u_int32_t ple
@@ -280,6 +287,8 @@ input_gssapi_mic(int type, u_int32_t ple
logit("GSSAPI MIC check failed");
buffer_free(&b);
+ if (micuser != authctxt->user)
+ xfree(micuser);
xfree(mic.value);
+ free(micuser);
free(mic.value);
authctxt->postponed = 0;
diff -up openssh-6.2p1/auth2-hostbased.c.role-mls openssh-6.2p1/auth2-hostbased.c
--- openssh-6.2p1/auth2-hostbased.c.role-mls 2013-03-25 17:47:00.565746862 +0100
+++ openssh-6.2p1/auth2-hostbased.c 2013-03-25 17:47:00.601747067 +0100
diff -up openssh-6.3p1/auth2-hostbased.c.role-mls openssh-6.3p1/auth2-hostbased.c
--- openssh-6.3p1/auth2-hostbased.c.role-mls 2013-10-10 14:34:43.818494455 +0200
+++ openssh-6.3p1/auth2-hostbased.c 2013-10-10 14:34:43.836494370 +0200
@@ -106,7 +106,15 @@ userauth_hostbased(Authctxt *authctxt)
buffer_put_string(&b, session_id2, session_id2_len);
/* reconstruct packet */
@ -170,30 +128,69 @@ diff -up openssh-6.2p1/auth2-hostbased.c.role-mls openssh-6.2p1/auth2-hostbased.
buffer_put_cstring(&b, service);
buffer_put_cstring(&b, "hostbased");
buffer_put_string(&b, pkalg, alen);
diff -up openssh-6.2p1/auth2-pubkey.c.role-mls openssh-6.2p1/auth2-pubkey.c
--- openssh-6.2p1/auth2-pubkey.c.role-mls 2013-03-25 17:47:00.565746862 +0100
+++ openssh-6.2p1/auth2-pubkey.c 2013-03-25 17:47:00.601747067 +0100
@@ -127,7 +127,15 @@ userauth_pubkey(Authctxt *authctxt)
diff -up openssh-6.3p1/auth2-pubkey.c.role-mls openssh-6.3p1/auth2-pubkey.c
--- openssh-6.3p1/auth2-pubkey.c.role-mls 2013-10-10 14:34:43.836494370 +0200
+++ openssh-6.3p1/auth2-pubkey.c 2013-10-10 14:57:17.452062486 +0200
@@ -127,9 +127,11 @@ userauth_pubkey(Authctxt *authctxt)
}
/* reconstruct packet */
buffer_put_char(&b, SSH2_MSG_USERAUTH_REQUEST);
- buffer_put_cstring(&b, authctxt->user);
+#ifdef WITH_SELINUX
+ if (authctxt->role) {
+ buffer_put_int(&b, strlen(authctxt->user)+strlen(authctxt->role)+1);
+ buffer_append(&b, authctxt->user, strlen(authctxt->user));
+ buffer_put_char(&b, '/');
+ buffer_append(&b, authctxt->role, strlen(authctxt->role));
+ } else
+#endif
+ buffer_put_cstring(&b, authctxt->user);
- xasprintf(&userstyle, "%s%s%s", authctxt->user,
+ xasprintf(&userstyle, "%s%s%s%s%s", authctxt->user,
authctxt->style ? ":" : "",
- authctxt->style ? authctxt->style : "");
+ authctxt->style ? authctxt->style : "",
+ authctxt->role ? "/" : "",
+ authctxt->role ? authctxt->role : "");
buffer_put_cstring(&b, userstyle);
free(userstyle);
buffer_put_cstring(&b,
datafellows & SSH_BUG_PKSERVICE ?
"ssh-userauth" :
diff -up openssh-6.2p1/misc.c.role-mls openssh-6.2p1/misc.c
--- openssh-6.2p1/misc.c.role-mls 2011-09-22 13:34:36.000000000 +0200
+++ openssh-6.2p1/misc.c 2013-03-25 17:47:00.603747079 +0100
@@ -427,6 +427,7 @@ char *
diff -up openssh-6.3p1/auth2.c.role-mls openssh-6.3p1/auth2.c
--- openssh-6.3p1/auth2.c.role-mls 2013-10-10 14:34:43.819494451 +0200
+++ openssh-6.3p1/auth2.c 2013-10-10 14:34:43.835494375 +0200
@@ -221,6 +221,9 @@ input_userauth_request(int type, u_int32
Authctxt *authctxt = ctxt;
Authmethod *m = NULL;
char *user, *service, *method, *style = NULL;
+#ifdef WITH_SELINUX
+ char *role = NULL;
+#endif
int authenticated = 0;
if (authctxt == NULL)
@@ -232,6 +235,11 @@ input_userauth_request(int type, u_int32
debug("userauth-request for user %s service %s method %s", user, service, method);
debug("attempt %d failures %d", authctxt->attempt, authctxt->failures);
+#ifdef WITH_SELINUX
+ if ((role = strchr(user, '/')) != NULL)
+ *role++ = 0;
+#endif
+
if ((style = strchr(user, ':')) != NULL)
*style++ = 0;
@@ -254,8 +262,15 @@ input_userauth_request(int type, u_int32
use_privsep ? " [net]" : "");
authctxt->service = xstrdup(service);
authctxt->style = style ? xstrdup(style) : NULL;
- if (use_privsep)
+#ifdef WITH_SELINUX
+ authctxt->role = role ? xstrdup(role) : NULL;
+#endif
+ if (use_privsep) {
mm_inform_authserv(service, style);
+#ifdef WITH_SELINUX
+ mm_inform_authrole(role);
+#endif
+ }
userauth_banner();
if (auth2_setup_methods_lists(authctxt) != 0)
packet_disconnect("no authentication methods enabled");
diff -up openssh-6.3p1/misc.c.role-mls openssh-6.3p1/misc.c
--- openssh-6.3p1/misc.c.role-mls 2013-08-08 04:50:06.000000000 +0200
+++ openssh-6.3p1/misc.c 2013-10-10 14:34:43.836494370 +0200
@@ -429,6 +429,7 @@ char *
colon(char *cp)
{
int flag = 0;
@ -201,7 +198,7 @@ diff -up openssh-6.2p1/misc.c.role-mls openssh-6.2p1/misc.c
if (*cp == ':') /* Leading colon is part of file name. */
return NULL;
@@ -442,6 +443,13 @@ colon(char *cp)
@@ -444,6 +445,13 @@ colon(char *cp)
return (cp);
if (*cp == '/')
return NULL;
@ -215,10 +212,10 @@ diff -up openssh-6.2p1/misc.c.role-mls openssh-6.2p1/misc.c
}
return NULL;
}
diff -up openssh-6.2p1/monitor.c.role-mls openssh-6.2p1/monitor.c
--- openssh-6.2p1/monitor.c.role-mls 2013-03-25 17:47:00.587746987 +0100
+++ openssh-6.2p1/monitor.c 2013-03-25 17:47:00.604747085 +0100
@@ -148,6 +148,9 @@ int mm_answer_sign(int, Buffer *);
diff -up openssh-6.3p1/monitor.c.role-mls openssh-6.3p1/monitor.c
--- openssh-6.3p1/monitor.c.role-mls 2013-10-10 14:34:43.821494441 +0200
+++ openssh-6.3p1/monitor.c 2013-10-10 14:54:57.933725463 +0200
@@ -149,6 +149,9 @@ int mm_answer_sign(int, Buffer *);
int mm_answer_pwnamallow(int, Buffer *);
int mm_answer_auth2_read_banner(int, Buffer *);
int mm_answer_authserv(int, Buffer *);
@ -228,7 +225,7 @@ diff -up openssh-6.2p1/monitor.c.role-mls openssh-6.2p1/monitor.c
int mm_answer_authpassword(int, Buffer *);
int mm_answer_bsdauthquery(int, Buffer *);
int mm_answer_bsdauthrespond(int, Buffer *);
@@ -232,6 +235,9 @@ struct mon_table mon_dispatch_proto20[]
@@ -233,6 +236,9 @@ struct mon_table mon_dispatch_proto20[]
{MONITOR_REQ_SIGN, MON_ONCE, mm_answer_sign},
{MONITOR_REQ_PWNAM, MON_ONCE, mm_answer_pwnamallow},
{MONITOR_REQ_AUTHSERV, MON_ONCE, mm_answer_authserv},
@ -238,7 +235,7 @@ diff -up openssh-6.2p1/monitor.c.role-mls openssh-6.2p1/monitor.c
{MONITOR_REQ_AUTH2_READ_BANNER, MON_ONCE, mm_answer_auth2_read_banner},
{MONITOR_REQ_AUTHPASSWORD, MON_AUTH, mm_answer_authpassword},
#ifdef USE_PAM
@@ -846,6 +852,9 @@ mm_answer_pwnamallow(int sock, Buffer *m
@@ -853,6 +859,9 @@ mm_answer_pwnamallow(int sock, Buffer *m
else {
/* Allow service/style information on the auth context */
monitor_permit(mon_dispatch, MONITOR_REQ_AUTHSERV, 1);
@ -248,7 +245,7 @@ diff -up openssh-6.2p1/monitor.c.role-mls openssh-6.2p1/monitor.c
monitor_permit(mon_dispatch, MONITOR_REQ_AUTH2_READ_BANNER, 1);
}
#ifdef USE_PAM
@@ -889,6 +898,25 @@ mm_answer_authserv(int sock, Buffer *m)
@@ -894,6 +903,25 @@ mm_answer_authserv(int sock, Buffer *m)
return (0);
}
@ -263,7 +260,7 @@ diff -up openssh-6.2p1/monitor.c.role-mls openssh-6.2p1/monitor.c
+ __func__, authctxt->role);
+
+ if (strlen(authctxt->role) == 0) {
+ xfree(authctxt->role);
+ free(authctxt->role);
+ authctxt->role = NULL;
+ }
+
@ -274,45 +271,45 @@ diff -up openssh-6.2p1/monitor.c.role-mls openssh-6.2p1/monitor.c
int
mm_answer_authpassword(int sock, Buffer *m)
{
@@ -1262,7 +1290,7 @@ static int
@@ -1269,7 +1297,7 @@ static int
monitor_valid_userblob(u_char *data, u_int datalen)
{
Buffer b;
- char *p;
+ char *p, *r;
- char *p, *userstyle;
+ char *p, *r, *userstyle;
u_int len;
int fail = 0;
@@ -1288,6 +1316,8 @@ monitor_valid_userblob(u_char *data, u_i
@@ -1295,6 +1323,8 @@ monitor_valid_userblob(u_char *data, u_i
if (buffer_get_char(&b) != SSH2_MSG_USERAUTH_REQUEST)
fail++;
p = buffer_get_string(&b, NULL);
p = buffer_get_cstring(&b, NULL);
+ if ((r = strchr(p, '/')) != NULL)
+ *r = '\0';
if (strcmp(authctxt->user, p) != 0) {
logit("wrong user name passed to monitor: expected %s != %.100s",
authctxt->user, p);
@@ -1319,7 +1349,7 @@ monitor_valid_hostbasedblob(u_char *data
xasprintf(&userstyle, "%s%s%s", authctxt->user,
authctxt->style ? ":" : "",
authctxt->style ? authctxt->style : "");
@@ -1330,7 +1360,7 @@ monitor_valid_hostbasedblob(u_char *data
char *chost)
{
Buffer b;
- char *p;
+ char *p, *r;
- char *p, *userstyle;
+ char *p, *r, *userstyle;
u_int len;
int fail = 0;
@@ -1336,6 +1366,8 @@ monitor_valid_hostbasedblob(u_char *data
@@ -1347,6 +1377,8 @@ monitor_valid_hostbasedblob(u_char *data
if (buffer_get_char(&b) != SSH2_MSG_USERAUTH_REQUEST)
fail++;
p = buffer_get_string(&b, NULL);
p = buffer_get_cstring(&b, NULL);
+ if ((r = strchr(p, '/')) != NULL)
+ *r = '\0';
if (strcmp(authctxt->user, p) != 0) {
logit("wrong user name passed to monitor: expected %s != %.100s",
authctxt->user, p);
diff -up openssh-6.2p1/monitor.h.role-mls openssh-6.2p1/monitor.h
--- openssh-6.2p1/monitor.h.role-mls 2013-03-25 17:47:00.605747090 +0100
+++ openssh-6.2p1/monitor.h 2013-03-25 17:50:00.824775483 +0100
xasprintf(&userstyle, "%s%s%s", authctxt->user,
authctxt->style ? ":" : "",
authctxt->style ? authctxt->style : "");
diff -up openssh-6.3p1/monitor.h.role-mls openssh-6.3p1/monitor.h
--- openssh-6.3p1/monitor.h.role-mls 2013-10-10 14:34:43.821494441 +0200
+++ openssh-6.3p1/monitor.h 2013-10-10 14:34:43.837494365 +0200
@@ -61,6 +61,9 @@ enum monitor_reqtype {
MONITOR_REQ_JPAKE_STEP2 = 56, MONITOR_ANS_JPAKE_STEP2 = 57,
MONITOR_REQ_JPAKE_KEY_CONFIRM = 58, MONITOR_ANS_JPAKE_KEY_CONFIRM = 59,
@ -323,10 +320,10 @@ diff -up openssh-6.2p1/monitor.h.role-mls openssh-6.2p1/monitor.h
MONITOR_REQ_PAM_START = 100,
MONITOR_REQ_PAM_ACCOUNT = 102, MONITOR_ANS_PAM_ACCOUNT = 103,
diff -up openssh-6.2p1/monitor_wrap.c.role-mls openssh-6.2p1/monitor_wrap.c
--- openssh-6.2p1/monitor_wrap.c.role-mls 2013-03-25 17:47:00.588746993 +0100
+++ openssh-6.2p1/monitor_wrap.c 2013-03-25 17:47:00.605747090 +0100
@@ -336,6 +336,25 @@ mm_inform_authserv(char *service, char *
diff -up openssh-6.3p1/monitor_wrap.c.role-mls openssh-6.3p1/monitor_wrap.c
--- openssh-6.3p1/monitor_wrap.c.role-mls 2013-10-10 14:34:43.822494436 +0200
+++ openssh-6.3p1/monitor_wrap.c 2013-10-10 14:34:43.838494360 +0200
@@ -338,6 +338,25 @@ mm_inform_authserv(char *service, char *
buffer_free(&m);
}
@ -352,9 +349,9 @@ diff -up openssh-6.2p1/monitor_wrap.c.role-mls openssh-6.2p1/monitor_wrap.c
/* Do the password authentication */
int
mm_auth_password(Authctxt *authctxt, char *password)
diff -up openssh-6.2p1/monitor_wrap.h.role-mls openssh-6.2p1/monitor_wrap.h
--- openssh-6.2p1/monitor_wrap.h.role-mls 2013-03-25 17:47:00.588746993 +0100
+++ openssh-6.2p1/monitor_wrap.h 2013-03-25 17:47:00.605747090 +0100
diff -up openssh-6.3p1/monitor_wrap.h.role-mls openssh-6.3p1/monitor_wrap.h
--- openssh-6.3p1/monitor_wrap.h.role-mls 2013-10-10 14:34:43.822494436 +0200
+++ openssh-6.3p1/monitor_wrap.h 2013-10-10 14:34:43.838494360 +0200
@@ -42,6 +42,9 @@ int mm_is_monitor(void);
DH *mm_choose_dh(int, int, int);
int mm_key_sign(Key *, u_char **, u_int *, u_char *, u_int);
@ -365,9 +362,9 @@ diff -up openssh-6.2p1/monitor_wrap.h.role-mls openssh-6.2p1/monitor_wrap.h
struct passwd *mm_getpwnamallow(const char *);
char *mm_auth2_read_banner(void);
int mm_auth_password(struct Authctxt *, char *);
diff -up openssh-6.2p1/openbsd-compat/Makefile.in.role-mls openssh-6.2p1/openbsd-compat/Makefile.in
--- openssh-6.2p1/openbsd-compat/Makefile.in.role-mls 2013-03-25 17:47:00.606747096 +0100
+++ openssh-6.2p1/openbsd-compat/Makefile.in 2013-03-25 17:50:36.024979473 +0100
diff -up openssh-6.3p1/openbsd-compat/Makefile.in.role-mls openssh-6.3p1/openbsd-compat/Makefile.in
--- openssh-6.3p1/openbsd-compat/Makefile.in.role-mls 2013-05-10 08:28:56.000000000 +0200
+++ openssh-6.3p1/openbsd-compat/Makefile.in 2013-10-10 14:34:43.838494360 +0200
@@ -20,7 +20,7 @@ OPENBSD=base64.o basename.o bindresvport
COMPAT=bsd-arc4random.o bsd-asprintf.o bsd-closefrom.o bsd-cray.o bsd-cygwin_util.o bsd-getpeereid.o getrrsetbyname-ldns.o bsd-misc.o bsd-nextstep.o bsd-openpty.o bsd-poll.o bsd-setres_id.o bsd-snprintf.o bsd-statvfs.o bsd-waitpid.o fake-rfc2553.o openssl-compat.o xmmap.o xcrypt.o
@ -377,9 +374,9 @@ diff -up openssh-6.2p1/openbsd-compat/Makefile.in.role-mls openssh-6.2p1/openbsd
.c.o:
$(CC) $(CFLAGS) $(CPPFLAGS) -c $<
diff -up openssh-6.2p1/openbsd-compat/port-linux.c.role-mls openssh-6.2p1/openbsd-compat/port-linux.c
--- openssh-6.2p1/openbsd-compat/port-linux.c.role-mls 2012-03-09 00:25:18.000000000 +0100
+++ openssh-6.2p1/openbsd-compat/port-linux.c 2013-03-25 17:47:00.606747096 +0100
diff -up openssh-6.3p1/openbsd-compat/port-linux.c.role-mls openssh-6.3p1/openbsd-compat/port-linux.c
--- openssh-6.3p1/openbsd-compat/port-linux.c.role-mls 2013-06-02 00:07:32.000000000 +0200
+++ openssh-6.3p1/openbsd-compat/port-linux.c 2013-10-10 14:40:41.841793347 +0200
@@ -31,68 +31,271 @@
#include "log.h"
@ -419,7 +416,8 @@ diff -up openssh-6.2p1/openbsd-compat/port-linux.c.role-mls openssh-6.2p1/openbs
+static int
+send_audit_message(int success, security_context_t default_context,
+ security_context_t selected_context)
+{
{
- static int enabled = -1;
+ int rc=0;
+#ifdef HAVE_LINUX_AUDIT
+ char *msg = NULL;
@ -465,8 +463,7 @@ diff -up openssh-6.2p1/openbsd-compat/port-linux.c.role-mls openssh-6.2p1/openbs
+
+static int
+mls_range_allowed(security_context_t src, security_context_t dst)
{
- static int enabled = -1;
+{
+ struct av_decision avd;
+ int retval;
+ unsigned int bit = CONTEXT__CONTAINS;
@ -683,16 +680,16 @@ diff -up openssh-6.2p1/openbsd-compat/port-linux.c.role-mls openssh-6.2p1/openbs
}
#ifdef HAVE_GETSEUSERBYNAME
@@ -102,7 +305,42 @@ ssh_selinux_getctxbyname(char *pwname)
xfree(lvl);
@@ -100,7 +303,42 @@ ssh_selinux_getctxbyname(char *pwname)
free(lvl);
#endif
- return sc;
+ if (role != NULL)
+ xfree(role);
+ free(role);
+ if (con)
+ context_free(con);
+
+
+ return (r);
+}
+
@ -710,7 +707,7 @@ diff -up openssh-6.2p1/openbsd-compat/port-linux.c.role-mls openssh-6.2p1/openbs
+ ssh_selinux_get_role_level(&role, &reqlvl);
+
+ rv = do_pam_putenv("SELINUX_ROLE_REQUESTED", role ? role : "");
+
+
+ if (inetd_flag && !rexeced_flag) {
+ use_current = "1";
+ } else {
@ -721,13 +718,13 @@ diff -up openssh-6.2p1/openbsd-compat/port-linux.c.role-mls openssh-6.2p1/openbs
+ rv = rv || do_pam_putenv("SELINUX_USE_CURRENT_RANGE", use_current);
+
+ if (role != NULL)
+ xfree(role);
+
+ free(role);
+
+ return rv;
}
/* Set the execution context to the default for the specified user */
@@ -110,28 +348,71 @@ void
@@ -108,28 +346,71 @@ void
ssh_selinux_setup_exec_context(char *pwname)
{
security_context_t user_ctx = NULL;
@ -806,7 +803,7 @@ diff -up openssh-6.2p1/openbsd-compat/port-linux.c.role-mls openssh-6.2p1/openbs
debug3("%s: done", __func__);
}
@@ -149,7 +430,10 @@ ssh_selinux_setup_pty(char *pwname, cons
@@ -147,7 +428,10 @@ ssh_selinux_setup_pty(char *pwname, cons
debug3("%s: setting TTY context on %s", __func__, tty);
@ -818,8 +815,8 @@ diff -up openssh-6.2p1/openbsd-compat/port-linux.c.role-mls openssh-6.2p1/openbs
/* XXX: should these calls fatal() upon failure in enforcing mode? */
@@ -221,21 +505,6 @@ ssh_selinux_change_context(const char *n
xfree(newctx);
@@ -219,21 +503,6 @@ ssh_selinux_change_context(const char *n
free(newctx);
}
-void
@ -840,9 +837,9 @@ diff -up openssh-6.2p1/openbsd-compat/port-linux.c.role-mls openssh-6.2p1/openbs
#endif /* WITH_SELINUX */
#ifdef LINUX_OOM_ADJUST
diff -up openssh-6.2p1/openbsd-compat/port-linux_part_2.c.role-mls openssh-6.2p1/openbsd-compat/port-linux_part_2.c
--- openssh-6.2p1/openbsd-compat/port-linux_part_2.c.role-mls 2013-03-25 17:47:00.607747102 +0100
+++ openssh-6.2p1/openbsd-compat/port-linux_part_2.c 2013-03-25 17:47:00.607747102 +0100
diff -up openssh-6.3p1/openbsd-compat/port-linux_part_2.c.role-mls openssh-6.3p1/openbsd-compat/port-linux_part_2.c
--- openssh-6.3p1/openbsd-compat/port-linux_part_2.c.role-mls 2013-10-10 14:34:43.839494355 +0200
+++ openssh-6.3p1/openbsd-compat/port-linux_part_2.c 2013-10-10 14:34:43.839494355 +0200
@@ -0,0 +1,75 @@
+/* $Id: port-linux.c,v 1.11.4.2 2011/02/04 00:43:08 djm Exp $ */
+
@ -919,10 +916,10 @@ diff -up openssh-6.2p1/openbsd-compat/port-linux_part_2.c.role-mls openssh-6.2p1
+#endif /* WITH_SELINUX */
+
+#endif /* WITH_SELINUX || LINUX_OOM_ADJUST */
diff -up openssh-6.2p1/sshd.c.role-mls openssh-6.2p1/sshd.c
--- openssh-6.2p1/sshd.c.role-mls 2013-03-25 17:47:00.589746999 +0100
+++ openssh-6.2p1/sshd.c 2013-03-25 17:47:00.607747102 +0100
@@ -2118,6 +2118,9 @@ main(int ac, char **av)
diff -up openssh-6.3p1/sshd.c.role-mls openssh-6.3p1/sshd.c
--- openssh-6.3p1/sshd.c.role-mls 2013-10-10 14:34:43.824494427 +0200
+++ openssh-6.3p1/sshd.c 2013-10-10 14:34:43.839494355 +0200
@@ -2179,6 +2179,9 @@ main(int ac, char **av)
restore_uid();
}
#endif

42
openssh.spec
View File

@ -92,9 +92,9 @@ Source13: sshd-keygen
Patch0: openssh-5.9p1-wIm.patch
#?
Patch100: openssh-6.2p1-coverity.patch
Patch100: openssh-6.3p1-coverity.patch
#https://bugzilla.mindrot.org/show_bug.cgi?id=1872
Patch101: openssh-6.2p1-fingerprint.patch
Patch101: openssh-6.3p1-fingerprint.patch
#https://bugzilla.mindrot.org/show_bug.cgi?id=1894
#https://bugzilla.redhat.com/show_bug.cgi?id=735889
Patch102: openssh-5.8p1-getaddrinfo.patch
@ -102,7 +102,7 @@ Patch102: openssh-5.8p1-getaddrinfo.patch
Patch103: openssh-5.8p1-packet.patch
#https://bugzilla.mindrot.org/show_bug.cgi?id=1402
Patch200: openssh-6.2p1-audit.patch
Patch200: openssh-6.3p1-audit.patch
# --- pam_ssh-agent ---
# make it build reusing the openssh sources
@ -112,14 +112,14 @@ Patch301: pam_ssh_agent_auth-0.9.2-seteuid.patch
# explicitly make pam callbacks visible
Patch302: pam_ssh_agent_auth-0.9.2-visibility.patch
#https://bugzilla.mindrot.org/show_bug.cgi?id=1641 (WONTFIX)
Patch400: openssh-6.2p1-role-mls.patch
Patch400: openssh-6.3p1-role-mls.patch
#https://bugzilla.redhat.com/show_bug.cgi?id=781634
Patch404: openssh-6.1p1-privsep-selinux.patch
Patch404: openssh-6.3p1-privsep-selinux.patch
#?-- unwanted child :(
Patch501: openssh-6.2p1-ldap.patch
Patch501: openssh-6.3p1-ldap.patch
#?
Patch502: openssh-6.2p1-keycat.patch
Patch502: openssh-6.3p1-keycat.patch
#http6://bugzilla.mindrot.org/show_bug.cgi?id=1644
Patch601: openssh-5.2p1-allow-ip-opts.patch
@ -141,7 +141,7 @@ Patch608: openssh-6.1p1-askpass-ld.patch
Patch609: openssh-5.5p1-x11.patch
#?
Patch700: openssh-6.2p1-fips.patch
Patch700: openssh-6.3p1-fips.patch
#?
Patch701: openssh-5.6p1-exit-deadlock.patch
#?
@ -155,7 +155,7 @@ Patch705: openssh-5.1p1-scp-manpage.patch
#?
Patch706: openssh-5.8p1-localdomain.patch
#https://bugzilla.mindrot.org/show_bug.cgi?id=1635 (WONTFIX)
Patch707: openssh-6.1p1-redhat.patch
Patch707: openssh-6.3p1-redhat.patch
#https://bugzilla.mindrot.org/show_bug.cgi?id=1890 (WONTFIX) need integration to prng helper which is discontinued :)
Patch708: openssh-6.2p1-entropy.patch
#https://bugzilla.mindrot.org/show_bug.cgi?id=1640 (WONTFIX)
@ -163,29 +163,19 @@ Patch709: openssh-6.2p1-vendor.patch
# warn users for unsupported UsePAM=no (#757545)
Patch711: openssh-6.1p1-log-usepam-no.patch
# make aes-ctr ciphers use EVP engines such as AES-NI from OpenSSL
Patch712: openssh-5.9p1-ctr-evp-fast.patch
Patch712: openssh-6.3p1-ctr-evp-fast.patch
# add cavs test binary for the aes-ctr
Patch713: openssh-6.2p1-ctr-cavstest.patch
Patch713: openssh-6.3p1-ctr-cavstest.patch
#http://www.sxw.org.uk/computing/patches/openssh.html
#changed cache storage type - #848228
Patch800: openssh-6.2p1-gsskex.patch
Patch800: openssh-6.3p1-gsskex.patch
#http://www.mail-archive.com/kerberos@mit.edu/msg17591.html
Patch801: openssh-6.2p1-force_krb.patch
Patch801: openssh-6.3p1-force_krb.patch
Patch900: openssh-6.1p1-gssapi-canohost.patch
#https://bugzilla.mindrot.org/show_bug.cgi?id=1780
Patch901: openssh-6.2p1-kuserok.patch
# build regress/modpipe tests with $(CFLAGS), based on
# http://lists.mindrot.org/pipermail/openssh-unix-dev/2013-March/031167.html
Patch905: openssh-6.2p1-modpipe-cflags.patch
# add latest config.{sub,guess} to support aarch64 (#926284)
Patch907: openssh-6.2p1-aarch64.patch
# make sftp's libedit interface marginally multibyte aware (#841771)
Patch908: openssh-6.2p2-sftp-multibyte.patch
# don't show Success for EAI_SYSTEM (#985964)
Patch909: openssh-6.2p2-ssh_gai_strerror.patch
Patch901: openssh-6.3p1-kuserok.patch
License: BSD
@ -404,10 +394,6 @@ popd
%patch900 -p1 -b .canohost
%patch901 -p1 -b .kuserok
%patch905 -p1 -b .modpipe-cflags
%patch907 -p1 -b .aarch64
%patch908 -p1 -b .sftp-multibyte
%patch909 -p1 -b .ssh_gai_strerror
%if 0
# Nothing here yet