Do not try to use SHA1 for host key ownership proof when we don't support it server-side
Resolves: rhbz#2088750
This commit is contained in:
Dmitry Belyavskiy
parent
5cfb97500b
commit
ebbbfce0aa
100
openssh-8.7p1-nohostsha1proof.patch
Normal file
100
openssh-8.7p1-nohostsha1proof.patch
Normal file
@ -0,0 +1,100 @@
|
||||
diff -up openssh-8.7p1/compat.c.sshrsacheck openssh-8.7p1/compat.c
|
||||
--- openssh-8.7p1/compat.c.sshrsacheck 2023-01-12 13:29:06.338710923 +0100
|
||||
+++ openssh-8.7p1/compat.c 2023-01-12 13:29:06.357711165 +0100
|
||||
@@ -43,6 +43,7 @@ void
|
||||
compat_banner(struct ssh *ssh, const char *version)
|
||||
{
|
||||
int i;
|
||||
+ int forbid_ssh_rsa = 0;
|
||||
static struct {
|
||||
char *pat;
|
||||
int bugs;
|
||||
@@ -145,16 +146,21 @@ compat_banner(struct ssh *ssh, const cha
|
||||
};
|
||||
|
||||
/* process table, return first match */
|
||||
+ forbid_ssh_rsa = (ssh->compat & SSH_RH_RSASIGSHA);
|
||||
ssh->compat = 0;
|
||||
for (i = 0; check[i].pat; i++) {
|
||||
if (match_pattern_list(version, check[i].pat, 0) == 1) {
|
||||
debug_f("match: %s pat %s compat 0x%08x",
|
||||
version, check[i].pat, check[i].bugs);
|
||||
ssh->compat = check[i].bugs;
|
||||
+ if (forbid_ssh_rsa)
|
||||
+ ssh->compat |= SSH_RH_RSASIGSHA;
|
||||
return;
|
||||
}
|
||||
}
|
||||
debug_f("no match: %s", version);
|
||||
+ if (forbid_ssh_rsa)
|
||||
+ ssh->compat |= SSH_RH_RSASIGSHA;
|
||||
}
|
||||
|
||||
/* Always returns pointer to allocated memory, caller must free. */
|
||||
diff -up openssh-8.7p1/compat.h.sshrsacheck openssh-8.7p1/compat.h
|
||||
--- openssh-8.7p1/compat.h.sshrsacheck 2021-08-20 06:03:49.000000000 +0200
|
||||
+++ openssh-8.7p1/compat.h 2023-01-12 13:29:06.358711178 +0100
|
||||
@@ -30,7 +30,7 @@
|
||||
#define SSH_BUG_UTF8TTYMODE 0x00000001
|
||||
#define SSH_BUG_SIGTYPE 0x00000002
|
||||
#define SSH_BUG_SIGTYPE74 0x00000004
|
||||
-/* #define unused 0x00000008 */
|
||||
+#define SSH_RH_RSASIGSHA 0x00000008
|
||||
#define SSH_OLD_SESSIONID 0x00000010
|
||||
/* #define unused 0x00000020 */
|
||||
#define SSH_BUG_DEBUG 0x00000040
|
||||
diff -up openssh-8.7p1/serverloop.c.sshrsacheck openssh-8.7p1/serverloop.c
|
||||
--- openssh-8.7p1/serverloop.c.sshrsacheck 2023-01-12 14:57:08.118400073 +0100
|
||||
+++ openssh-8.7p1/serverloop.c 2023-01-12 14:59:17.330470518 +0100
|
||||
@@ -737,6 +737,10 @@ server_input_hostkeys_prove(struct ssh *
|
||||
else if (ssh->kex->flags & KEX_RSA_SHA2_256_SUPPORTED)
|
||||
sigalg = "rsa-sha2-256";
|
||||
}
|
||||
+ if (ssh->compat & SSH_RH_RSASIGSHA && sigalg == NULL) {
|
||||
+ sigalg = "rsa-sha2-512";
|
||||
+ debug3_f("SHA1 signature is not supported, falling back to %s", sigalg);
|
||||
+ }
|
||||
debug3_f("sign %s key (index %d) using sigalg %s",
|
||||
sshkey_type(key), ndx, sigalg == NULL ? "default" : sigalg);
|
||||
if ((r = sshbuf_put_cstring(sigbuf,
|
||||
diff -up openssh-8.7p1/sshd.c.sshrsacheck openssh-8.7p1/sshd.c
|
||||
--- openssh-8.7p1/sshd.c.sshrsacheck 2023-01-12 13:29:06.355711140 +0100
|
||||
+++ openssh-8.7p1/sshd.c 2023-01-12 13:29:06.358711178 +0100
|
||||
@@ -1640,6 +1651,7 @@ main(int ac, char **av)
|
||||
int keytype;
|
||||
Authctxt *authctxt;
|
||||
struct connection_info *connection_info = NULL;
|
||||
+ int forbid_ssh_rsa = 0;
|
||||
|
||||
#ifdef HAVE_SECUREWARE
|
||||
(void)set_auth_parameters(ac, av);
|
||||
@@ -1938,6 +1950,19 @@ main(int ac, char **av)
|
||||
key = NULL;
|
||||
continue;
|
||||
}
|
||||
+ if (sshkey_type_plain(key->type) == KEY_RSA || sshkey_type_plain(key->type) == KEY_RSA_CERT) {
|
||||
+ size_t sign_size = 0;
|
||||
+ u_char *tmp = NULL;
|
||||
+ u_char data[] = "Test SHA1 vector";
|
||||
+ int res;
|
||||
+
|
||||
+ res = ssh_rsa_sign(key, &tmp, &sign_size, data, sizeof(data), NULL);
|
||||
+ free(tmp);
|
||||
+ if (res == SSH_ERR_LIBCRYPTO_ERROR) {
|
||||
+ logit_f("sshd: ssh-rsa algorithm is disabled");
|
||||
+ forbid_ssh_rsa = 1;
|
||||
+ }
|
||||
+ }
|
||||
if (sshkey_is_sk(key) &&
|
||||
key->sk_flags & SSH_SK_USER_PRESENCE_REQD) {
|
||||
debug("host key %s requires user presence, ignoring",
|
||||
@@ -2275,6 +2306,9 @@ main(int ac, char **av)
|
||||
|
||||
check_ip_options(ssh);
|
||||
|
||||
+ if (forbid_ssh_rsa)
|
||||
+ ssh->compat |= SSH_RH_RSASIGSHA;
|
||||
+
|
||||
/* Prepare the channels layer */
|
||||
channel_init_channels(ssh);
|
||||
channel_set_af(ssh, options.address_family);
|
||||
10
openssh.spec
10
openssh.spec
@ -51,7 +51,7 @@
|
||||
|
||||
# Do not forget to bump pam_ssh_agent_auth release if you rewind the main package release to 1
|
||||
%global openssh_ver 8.7p1
|
||||
%global openssh_rel 27
|
||||
%global openssh_rel 28
|
||||
%global pam_ssh_agent_ver 0.10.4
|
||||
%global pam_ssh_agent_rel 5
|
||||
|
||||
@ -259,6 +259,8 @@ Patch1005: openssh-8.7p1-host-based-auth.patch
|
||||
# upstream MR:
|
||||
# https://github.com/openssh/openssh-portable/pull/323
|
||||
Patch1006: openssh-8.7p1-negotiate-supported-algs.patch
|
||||
#
|
||||
Patch1007: openssh-8.7p1-nohostsha1proof.patch
|
||||
|
||||
License: BSD
|
||||
Requires: /sbin/nologin
|
||||
@ -467,6 +469,8 @@ popd
|
||||
|
||||
%patch100 -p1 -b .coverity
|
||||
|
||||
%patch1007 -p1 -b .sshrsacheck
|
||||
|
||||
autoreconf
|
||||
pushd pam_ssh_agent_auth-pam_ssh_agent_auth-%{pam_ssh_agent_ver}
|
||||
autoreconf
|
||||
@ -752,6 +756,10 @@ test -f %{sysconfig_anaconda} && \
|
||||
%endif
|
||||
|
||||
%changelog
|
||||
* Thu Jan 12 2023 Dmitry Belyavskiy <dbelyavs@redhat.com> - 8.7p1-28
|
||||
- Do not try to use SHA1 for host key ownership proof when we don't support it server-side
|
||||
Resolves: rhbz#2088750
|
||||
|
||||
* Thu Jan 12 2023 Zoltan Fridrich <zfridric@redhat.com> - 8.7p1-27
|
||||
- Add sk-dummy subpackage for test purposes
|
||||
Resolves: rhbz#2092780
|
||||
|
||||
Loading…
Reference in New Issue
Block a user