From d271e022960c924903f1b81fa684da3055152d88 Mon Sep 17 00:00:00 2001 From: Petr Lautrbach Date: Wed, 14 May 2014 18:04:10 +0200 Subject: [PATCH] prevent a server from skipping SSHFP lookup (#1081338) CVE-2014-2653 --- openssh-6.4p1-CVE-2014-2653.patch | 80 +++++++++++++++++++++++++++++++ openssh.spec | 4 ++ 2 files changed, 84 insertions(+) create mode 100644 openssh-6.4p1-CVE-2014-2653.patch diff --git a/openssh-6.4p1-CVE-2014-2653.patch b/openssh-6.4p1-CVE-2014-2653.patch new file mode 100644 index 0000000..27f3fa3 --- /dev/null +++ b/openssh-6.4p1-CVE-2014-2653.patch @@ -0,0 +1,80 @@ +diff --git a/ChangeLog b/ChangeLog +index 29d70ec..a0fb67e 100644 +--- a/ChangeLog ++++ b/ChangeLog +@@ -1,3 +1,14 @@ ++20140420 ++ - djm@cvs.openbsd.org 2014/04/01 03:34:10 ++ [sshconnect.c] ++ When using VerifyHostKeyDNS with a DNSSEC resolver, down-convert any ++ certificate keys to plain keys and attempt SSHFP resolution. ++ ++ Prevents a server from skipping SSHFP lookup and forcing a new-hostkey ++ dialog by offering only certificate keys. ++ ++ Reported by mcv21 AT cam.ac.uk ++ + 20131010 + - dtucker@cvs.openbsd.org 2013/10/08 11:42:13 + [dh.c dh.h] +diff --git a/sshconnect.c b/sshconnect.c +index ddc167e..4d8c718 100644 +--- a/sshconnect.c ++++ b/sshconnect.c +@@ -1136,30 +1136,40 @@ verify_host_key(char *host, struct sockaddr *hostaddr, Key *host_key) + { + int flags = 0; + char *fp; ++ Key *plain = NULL; + + fp = key_selected_fingerprint(host_key, SSH_FP_HEX); + debug("Server host key: %s %s%s", key_type(host_key), + key_fingerprint_prefix(), fp); + free(fp); + +- /* XXX certs are not yet supported for DNS */ +- if (!key_is_cert(host_key) && options.verify_host_key_dns && +- verify_host_key_dns(host, hostaddr, host_key, &flags) == 0) { +- if (flags & DNS_VERIFY_FOUND) { +- +- if (options.verify_host_key_dns == 1 && +- flags & DNS_VERIFY_MATCH && +- flags & DNS_VERIFY_SECURE) +- return 0; +- +- if (flags & DNS_VERIFY_MATCH) { +- matching_host_key_dns = 1; +- } else { +- warn_changed_key(host_key); +- error("Update the SSHFP RR in DNS with the new " +- "host key to get rid of this message."); ++ if (options.verify_host_key_dns) { ++ /* ++ * XXX certs are not yet supported for DNS, so downgrade ++ * them and try the plain key. ++ */ ++ plain = key_from_private(host_key); ++ if (key_is_cert(plain)) ++ key_drop_cert(plain); ++ if (verify_host_key_dns(host, hostaddr, plain, &flags) == 0) { ++ if (flags & DNS_VERIFY_FOUND) { ++ if (options.verify_host_key_dns == 1 && ++ flags & DNS_VERIFY_MATCH && ++ flags & DNS_VERIFY_SECURE) { ++ key_free(plain); ++ return 0; ++ } ++ if (flags & DNS_VERIFY_MATCH) { ++ matching_host_key_dns = 1; ++ } else { ++ warn_changed_key(plain); ++ error("Update the SSHFP RR in DNS " ++ "with the new host key to get rid " ++ "of this message."); ++ } + } + } ++ key_free(plain); + } + + return check_host_key(host, hostaddr, options.port, host_key, RDRW, diff --git a/openssh.spec b/openssh.spec index 3e75f2c..5b78b54 100644 --- a/openssh.spec +++ b/openssh.spec @@ -190,6 +190,9 @@ Patch905: openssh-6.4p1-legacy-ssh-copy-id.patch Patch906: openssh-6.4p1-fromto-remote.patch # Try CLOCK_BOOTTIME with fallback (#1091992) Patch907: openssh-6.4p1-CLOCK_BOOTTIME.patch +# Prevents a server from skipping SSHFP lookup and forcing a new-hostkey +# dialog by offering only certificate keys. (#1081338) +Patch908: openssh-6.4p1-CVE-2014-2653.patch License: BSD @@ -416,6 +419,7 @@ popd %patch905 -p1 -b .legacy-ssh-copy-id %patch906 -p1 -b .fromto-remote %patch907 -p1 -b .CLOCK_BOOTTIME +%patch908 -p1 -b .CVE-2014-2653 %if 0 # Nothing here yet