Rebasing OpenSSH from 9.0 to 9.3

This commit is contained in:
Dmitry Belyavskiy 2023-04-27 17:52:26 +02:00
parent b129d6336e
commit f561c68bdb
29 changed files with 463 additions and 1593 deletions

2
.gitignore vendored
View File

@ -56,3 +56,5 @@ pam_ssh_agent_auth-0.9.2.tar.bz2
/openssh-8.8p1.tar.gz.asc /openssh-8.8p1.tar.gz.asc
/openssh-9.0p1.tar.gz /openssh-9.0p1.tar.gz
/openssh-9.0p1.tar.gz.asc /openssh-9.0p1.tar.gz.asc
/openssh-9.3p1.tar.gz
/openssh-9.3p1.tar.gz.asc

View File

@ -1,101 +0,0 @@
diff -up openssh-5.9p1/cipher-ctr.c.ctr-evp openssh-5.9p1/cipher-ctr.c
--- openssh-5.9p1/cipher-ctr.c.ctr-evp 2012-01-11 09:24:06.000000000 +0100
+++ openssh-5.9p1/cipher-ctr.c 2012-01-11 15:54:04.675956600 +0100
@@ -38,7 +38,7 @@ void ssh_aes_ctr_iv(EVP_CIPHER_CTX *, in
struct ssh_aes_ctr_ctx
{
- AES_KEY aes_ctx;
+ EVP_CIPHER_CTX ecbctx;
u_char aes_counter[AES_BLOCK_SIZE];
};
@@ -63,21 +63,42 @@ ssh_aes_ctr(EVP_CIPHER_CTX *ctx, u_char
{
struct ssh_aes_ctr_ctx *c;
size_t n = 0;
- u_char buf[AES_BLOCK_SIZE];
+ u_char ctrbuf[AES_BLOCK_SIZE*256];
+ u_char buf[AES_BLOCK_SIZE*256];
if (len == 0)
return (1);
if ((c = EVP_CIPHER_CTX_get_app_data(ctx)) == NULL)
return (0);
- while ((len--) > 0) {
+ for (; len > 0; len -= sizeof(u_int)) {
+ u_int r,a,b;
+
if (n == 0) {
- AES_encrypt(c->aes_counter, buf, &c->aes_ctx);
- ssh_ctr_inc(c->aes_counter, AES_BLOCK_SIZE);
+ int outl, i, buflen;
+
+ buflen = MIN(len, sizeof(ctrbuf));
+
+ for(i = 0; i < buflen; i += AES_BLOCK_SIZE) {
+ memcpy(&ctrbuf[i], c->aes_counter, AES_BLOCK_SIZE);
+ ssh_ctr_inc(c->aes_counter, AES_BLOCK_SIZE);
+ }
+
+ EVP_EncryptUpdate(&c->ecbctx, buf, &outl,
+ ctrbuf, buflen);
}
- *(dest++) = *(src++) ^ buf[n];
- n = (n + 1) % AES_BLOCK_SIZE;
+
+ memcpy(&a, src, sizeof(a));
+ memcpy(&b, &buf[n], sizeof(b));
+ r = a ^ b;
+ memcpy(dest, &r, sizeof(r));
+ src += sizeof(a);
+ dest += sizeof(r);
+
+ n = (n + sizeof(b)) % sizeof(buf);
}
+ memset(ctrbuf, '\0', sizeof(ctrbuf));
+ memset(buf, '\0', sizeof(buf));
return (1);
}
@@ -91,9 +112,28 @@ ssh_aes_ctr_init(EVP_CIPHER_CTX *ctx, co
c = xmalloc(sizeof(*c));
EVP_CIPHER_CTX_set_app_data(ctx, c);
}
- if (key != NULL)
- AES_set_encrypt_key(key, EVP_CIPHER_CTX_key_length(ctx) * 8,
- &c->aes_ctx);
+
+ EVP_CIPHER_CTX_init(&c->ecbctx);
+
+ if (key != NULL) {
+ const EVP_CIPHER *cipher;
+ switch(EVP_CIPHER_CTX_key_length(ctx)*8) {
+ case 128:
+ cipher = EVP_aes_128_ecb();
+ break;
+ case 192:
+ cipher = EVP_aes_192_ecb();
+ break;
+ case 256:
+ cipher = EVP_aes_256_ecb();
+ break;
+ default:
+ fatal("ssh_aes_ctr_init: wrong aes key length");
+ }
+ if(!EVP_EncryptInit_ex(&c->ecbctx, cipher, NULL, key, NULL))
+ fatal("ssh_aes_ctr_init: cannot initialize aes encryption");
+ EVP_CIPHER_CTX_set_padding(&c->ecbctx, 0);
+ }
if (iv != NULL)
memcpy(c->aes_counter, iv, AES_BLOCK_SIZE);
return (1);
@@ -105,6 +145,7 @@ ssh_aes_ctr_cleanup(EVP_CIPHER_CTX *ctx)
struct ssh_aes_ctr_ctx *c;
if ((c = EVP_CIPHER_CTX_get_app_data(ctx)) != NULL) {
+ EVP_CIPHER_CTX_cleanup(&c->ecbctx);
memset(c, 0, sizeof(*c));
free(c);
EVP_CIPHER_CTX_set_app_data(ctx, NULL);

View File

@ -61,13 +61,13 @@ diff -up openssh/Makefile.in.keycat openssh/Makefile.in
ssh-xmss.o \ ssh-xmss.o \
@@ -190,6 +191,9 @@ ssh-pkcs11-helper$(EXEEXT): $(LIBCOMPAT) @@ -190,6 +191,9 @@ ssh-pkcs11-helper$(EXEEXT): $(LIBCOMPAT)
ssh-sk-helper$(EXEEXT): $(LIBCOMPAT) libssh.a $(SKHELPER_OBJS) ssh-sk-helper$(EXEEXT): $(LIBCOMPAT) libssh.a $(SKHELPER_OBJS)
$(LD) -o $@ $(SKHELPER_OBJS) $(LDFLAGS) -lssh -lopenbsd-compat -lssh -lopenbsd-compat $(LIBS) $(LIBFIDO2) $(LD) -o $@ $(SKHELPER_OBJS) $(LDFLAGS) -lssh -lopenbsd-compat -lssh -lopenbsd-compat $(LIBS) $(LIBFIDO2) $(CHANNELLIBS)
+ssh-keycat$(EXEEXT): $(LIBCOMPAT) $(SSHDOBJS) libssh.a ssh-keycat.o uidswap.o +ssh-keycat$(EXEEXT): $(LIBCOMPAT) $(SSHDOBJS) libssh.a ssh-keycat.o uidswap.o
+ $(LD) -o $@ ssh-keycat.o uidswap.o $(LDFLAGS) -lssh -lopenbsd-compat $(KEYCATLIBS) $(LIBS) + $(LD) -o $@ ssh-keycat.o uidswap.o $(LDFLAGS) -lssh -lopenbsd-compat $(KEYCATLIBS) $(LIBS)
+ +
ssh-keyscan$(EXEEXT): $(LIBCOMPAT) libssh.a $(SSHKEYSCAN_OBJS) ssh-keyscan$(EXEEXT): $(LIBCOMPAT) libssh.a $(SSHKEYSCAN_OBJS)
$(LD) -o $@ $(SSHKEYSCAN_OBJS) $(LDFLAGS) -lssh -lopenbsd-compat -lssh $(LIBS) $(LD) -o $@ $(SSHKEYSCAN_OBJS) $(LDFLAGS) -lssh -lopenbsd-compat -lssh $(LIBS) $(CHANNELLIBS)
@@ -321,6 +325,7 @@ install-files: @@ -321,6 +325,7 @@ install-files:
$(INSTALL) -m 4711 $(STRIP_OPT) ssh-keysign$(EXEEXT) $(DESTDIR)$(SSH_KEYSIGN)$(EXEEXT) $(INSTALL) -m 4711 $(STRIP_OPT) ssh-keysign$(EXEEXT) $(DESTDIR)$(SSH_KEYSIGN)$(EXEEXT)

View File

@ -28,17 +28,6 @@ diff -up openssh-8.5p1/auth-options.c.coverity openssh-8.5p1/auth-options.c
return 0; return 0;
} }
diff -up openssh-8.5p1/dns.c.coverity openssh-8.5p1/dns.c
--- openssh-8.5p1/dns.c.coverity 2021-03-02 11:31:47.000000000 +0100
+++ openssh-8.5p1/dns.c 2021-03-24 12:03:33.783968166 +0100
@@ -282,6 +282,7 @@ verify_host_key_dns(const char *hostname
&hostkey_digest, &hostkey_digest_len, hostkey)) {
error("Error calculating key fingerprint.");
freerrset(fingerprints);
+ free(dnskey_digest);
return -1;
}
diff -up openssh-8.5p1/gss-genr.c.coverity openssh-8.5p1/gss-genr.c diff -up openssh-8.5p1/gss-genr.c.coverity openssh-8.5p1/gss-genr.c
--- openssh-8.5p1/gss-genr.c.coverity 2021-03-26 11:52:46.613942552 +0100 --- openssh-8.5p1/gss-genr.c.coverity 2021-03-26 11:52:46.613942552 +0100
+++ openssh-8.5p1/gss-genr.c 2021-03-26 11:54:37.881726318 +0100 +++ openssh-8.5p1/gss-genr.c 2021-03-26 11:54:37.881726318 +0100
@ -154,17 +143,6 @@ diff -up openssh-8.5p1/misc.c.coverity openssh-8.5p1/misc.c
return ret; return ret;
} }
diff -up openssh-8.5p1/moduli.c.coverity openssh-8.5p1/moduli.c
--- openssh-8.5p1/moduli.c.coverity 2021-03-02 11:31:47.000000000 +0100
+++ openssh-8.5p1/moduli.c 2021-03-24 12:03:33.784968173 +0100
@@ -476,6 +476,7 @@ write_checkpoint(char *cpfile, u_int32_t
else
logit("failed to write to checkpoint file '%s': %s", cpfile,
strerror(errno));
+ /* coverity[leaked_storage : FALSE] */
}
static unsigned long
diff -up openssh-7.4p1/monitor.c.coverity openssh-7.4p1/monitor.c diff -up openssh-7.4p1/monitor.c.coverity openssh-7.4p1/monitor.c
--- openssh-7.4p1/monitor.c.coverity 2016-12-23 16:40:26.888788688 +0100 --- openssh-7.4p1/monitor.c.coverity 2016-12-23 16:40:26.888788688 +0100
+++ openssh-7.4p1/monitor.c 2016-12-23 16:40:26.900788691 +0100 +++ openssh-7.4p1/monitor.c 2016-12-23 16:40:26.900788691 +0100
@ -300,24 +278,6 @@ diff -up openssh-8.7p1/serverloop.c.coverity openssh-8.7p1/serverloop.c
if (tun != SSH_TUNID_ANY && if (tun != SSH_TUNID_ANY &&
auth_opts->force_tun_device != (int)tun) auth_opts->force_tun_device != (int)tun)
goto done; goto done;
diff -up openssh-8.5p1/session.c.coverity openssh-8.5p1/session.c
--- openssh-8.5p1/session.c.coverity 2021-03-24 12:03:33.777968124 +0100
+++ openssh-8.5p1/session.c 2021-03-24 12:03:33.786968187 +0100
@@ -1223,12 +1223,14 @@ do_setup_env(struct ssh *ssh, Session *s
/* Environment specified by admin */
for (i = 0; i < options.num_setenv; i++) {
cp = xstrdup(options.setenv[i]);
+ /* coverity[overwrite_var : FALSE] */
if ((value = strchr(cp, '=')) == NULL) {
/* shouldn't happen; vars are checked in servconf.c */
fatal("Invalid config SetEnv: %s", options.setenv[i]);
}
*value++ = '\0';
child_set_env(&env, &envsize, cp, value);
+ free(cp);
}
/* SSH_CLIENT deprecated */
diff -up openssh-7.4p1/sftp.c.coverity openssh-7.4p1/sftp.c diff -up openssh-7.4p1/sftp.c.coverity openssh-7.4p1/sftp.c
--- openssh-7.4p1/sftp.c.coverity 2016-12-19 05:59:41.000000000 +0100 --- openssh-7.4p1/sftp.c.coverity 2016-12-19 05:59:41.000000000 +0100
+++ openssh-7.4p1/sftp.c 2016-12-23 16:40:26.903788691 +0100 +++ openssh-7.4p1/sftp.c 2016-12-23 16:40:26.903788691 +0100
@ -330,25 +290,6 @@ diff -up openssh-7.4p1/sftp.c.coverity openssh-7.4p1/sftp.c
} }
_exit(1); _exit(1);
@@ -985,6 +987,7 @@ do_globbed_ls(struct sftp_conn *conn, co
if (lflag & LS_LONG_VIEW) {
if (g.gl_statv[i] == NULL) {
error("no stat information for %s", fname);
+ free(fname);
continue;
}
lname = ls_file(fname, g.gl_statv[i], 1,
diff -up openssh-8.5p1/sk-usbhid.c.coverity openssh-8.5p1/sk-usbhid.c
--- openssh-8.5p1/sk-usbhid.c.coverity 2021-03-02 11:31:47.000000000 +0100
+++ openssh-8.5p1/sk-usbhid.c 2021-03-24 12:03:33.786968187 +0100
@@ -1256,6 +1256,7 @@ sk_load_resident_keys(const char *pin, s
freezero(rks[i], sizeof(*rks[i]));
}
free(rks);
+ free(device);
return ret;
}
diff -up openssh-7.4p1/ssh-agent.c.coverity openssh-7.4p1/ssh-agent.c diff -up openssh-7.4p1/ssh-agent.c.coverity openssh-7.4p1/ssh-agent.c
--- openssh-7.4p1/ssh-agent.c.coverity 2016-12-19 05:59:41.000000000 +0100 --- openssh-7.4p1/ssh-agent.c.coverity 2016-12-19 05:59:41.000000000 +0100
+++ openssh-7.4p1/ssh-agent.c 2016-12-23 16:40:26.903788691 +0100 +++ openssh-7.4p1/ssh-agent.c 2016-12-23 16:40:26.903788691 +0100
@ -423,32 +364,3 @@ diff -up openssh-8.5p1/ssh-keygen.c.coverity openssh-8.5p1/ssh-keygen.c
} else { } else {
if (strncasecmp(cp, "key:", 4) == 0) { if (strncasecmp(cp, "key:", 4) == 0) {
cp += 4; cp += 4;
@@ -2879,6 +2882,7 @@ do_moduli_screen(const char *out_file, c
} else if (strncmp(opts[i], "start-line=", 11) == 0) {
start_lineno = strtoul(opts[i]+11, NULL, 10);
} else if (strncmp(opts[i], "checkpoint=", 11) == 0) {
+ free(checkpoint);
checkpoint = xstrdup(opts[i]+11);
} else if (strncmp(opts[i], "generator=", 10) == 0) {
generator_wanted = (u_int32_t)strtonum(
@@ -2920,6 +2924,9 @@ do_moduli_screen(const char *out_file, c
#else /* WITH_OPENSSL */
fatal("Moduli screening is not supported");
#endif /* WITH_OPENSSL */
+ free(checkpoint);
+ if (in != stdin)
+ fclose(in);
}
static char *
diff -up openssh-8.5p1/sshsig.c.coverity openssh-8.5p1/sshsig.c
--- openssh-8.5p1/sshsig.c.coverity 2021-03-02 11:31:47.000000000 +0100
+++ openssh-8.5p1/sshsig.c 2021-03-24 12:03:33.787968194 +0100
@@ -515,6 +515,7 @@ hash_file(int fd, const char *hashalg, s
oerrno = errno;
error_f("read: %s", strerror(errno));
ssh_digest_free(ctx);
+ ctx = NULL;
errno = oerrno;
r = SSH_ERR_SYSTEM_ERROR;
goto out;

View File

@ -82,7 +82,7 @@ diff -up openssh-7.4p1/channels.h.x11max openssh-7.4p1/channels.h
+++ openssh-7.4p1/channels.h 2016-12-23 15:46:32.139506636 +0100 +++ openssh-7.4p1/channels.h 2016-12-23 15:46:32.139506636 +0100
@@ -293,7 +293,7 @@ int permitopen_port(const char *); @@ -293,7 +293,7 @@ int permitopen_port(const char *);
void channel_set_x11_refuse_time(struct ssh *, u_int); void channel_set_x11_refuse_time(struct ssh *, time_t);
int x11_connect_display(struct ssh *); int x11_connect_display(struct ssh *);
-int x11_create_display_inet(struct ssh *, int, int, int, u_int *, int **); -int x11_create_display_inet(struct ssh *, int, int, int, u_int *, int **);
+int x11_create_display_inet(struct ssh *, int, int, int, int, u_int *, int **); +int x11_create_display_inet(struct ssh *, int, int, int, int, u_int *, int **);
@ -191,8 +191,8 @@ diff -up openssh-7.4p1/sshd_config.5.x11max openssh-7.4p1/sshd_config.5
--- openssh-7.4p1/sshd_config.5.x11max 2016-12-23 15:46:32.134506635 +0100 --- openssh-7.4p1/sshd_config.5.x11max 2016-12-23 15:46:32.134506635 +0100
+++ openssh-7.4p1/sshd_config.5 2016-12-23 15:46:32.141506636 +0100 +++ openssh-7.4p1/sshd_config.5 2016-12-23 15:46:32.141506636 +0100
@@ -1133,6 +1133,7 @@ Available keywords are @@ -1133,6 +1133,7 @@ Available keywords are
.Cm StreamLocalBindUnlink ,
.Cm TrustedUserCAKeys , .Cm TrustedUserCAKeys ,
.Cm UnusedConnectionTimeout ,
.Cm X11DisplayOffset , .Cm X11DisplayOffset ,
+.Cm X11MaxDisplays , +.Cm X11MaxDisplays ,
.Cm X11Forwarding .Cm X11Forwarding

View File

@ -9,8 +9,8 @@ index 2ffc369..162ce92 100644
--- a/configure.ac --- a/configure.ac
+++ b/configure.ac +++ b/configure.ac
@@ -4265,6 +4265,30 @@ AC_ARG_WITH([kerberos5], @@ -4265,6 +4265,30 @@ AC_ARG_WITH([kerberos5],
AC_SUBST([GSSLIBS])
AC_SUBST([K5LIBS]) AC_SUBST([K5LIBS])
AC_SUBST([CHANNELLIBS])
+# Check whether user wants systemd support +# Check whether user wants systemd support
+SYSTEMD_MSG="no" +SYSTEMD_MSG="no"

View File

@ -21,7 +21,7 @@ index ca75cc7..6e7de31 100644
+ SC_ALLOW(__NR_flock), + SC_ALLOW(__NR_flock),
+#endif +#endif
#ifdef __NR_futex #ifdef __NR_futex
SC_ALLOW(__NR_futex), SC_FUTEX(__NR_futex),
#endif #endif
@@ -178,6 +181,9 @@ static const struct sock_filter preauth_insns[] = { @@ -178,6 +181,9 @@ static const struct sock_filter preauth_insns[] = {
#ifdef __NR_gettimeofday #ifdef __NR_gettimeofday

View File

@ -802,8 +802,8 @@ diff -up openssh-8.6p1/auth2-pubkey.c.audit openssh-8.6p1/auth2-pubkey.c
+} +}
+ +
static int static int
match_principals_option(const char *principal_list, struct sshkey_cert *cert) match_principals_file(struct passwd *pw, char *file,
{ struct sshkey_cert *cert, struct sshauthopt **authoptsp)
diff -up openssh-8.6p1/auth.c.audit openssh-8.6p1/auth.c diff -up openssh-8.6p1/auth.c.audit openssh-8.6p1/auth.c
--- openssh-8.6p1/auth.c.audit 2021-04-19 16:47:35.681061553 +0200 --- openssh-8.6p1/auth.c.audit 2021-04-19 16:47:35.681061553 +0200
+++ openssh-8.6p1/auth.c 2021-04-19 16:47:35.754062114 +0200 +++ openssh-8.6p1/auth.c 2021-04-19 16:47:35.754062114 +0200
@ -820,15 +820,6 @@ diff -up openssh-8.6p1/auth.c.audit openssh-8.6p1/auth.c
diff -up openssh-8.6p1/auth.h.audit openssh-8.6p1/auth.h diff -up openssh-8.6p1/auth.h.audit openssh-8.6p1/auth.h
--- openssh-8.6p1/auth.h.audit 2021-04-19 16:47:35.697061676 +0200 --- openssh-8.6p1/auth.h.audit 2021-04-19 16:47:35.697061676 +0200
+++ openssh-8.6p1/auth.h 2021-04-19 16:47:35.754062114 +0200 +++ openssh-8.6p1/auth.h 2021-04-19 16:47:35.754062114 +0200
@@ -193,6 +193,8 @@ struct passwd * getpwnamallow(struct ssh
char *expand_authorized_keys(const char *, struct passwd *pw);
char *authorized_principals_file(struct passwd *);
+int user_key_verify(struct ssh *, const struct sshkey *, const u_char *, size_t,
+ const u_char *, size_t, const char *, u_int, struct sshkey_sig_details **);
FILE *auth_openkeyfile(const char *, struct passwd *, int);
FILE *auth_openprincipals(const char *, struct passwd *, int);
@@ -212,6 +214,8 @@ struct sshkey *get_hostkey_private_by_ty @@ -212,6 +214,8 @@ struct sshkey *get_hostkey_private_by_ty
int get_hostkey_index(struct sshkey *, int, struct ssh *); int get_hostkey_index(struct sshkey *, int, struct ssh *);
int sshd_hostkey_sign(struct ssh *, struct sshkey *, struct sshkey *, int sshd_hostkey_sign(struct ssh *, struct sshkey *, struct sshkey *,
@ -838,6 +829,15 @@ diff -up openssh-8.6p1/auth.h.audit openssh-8.6p1/auth.h
/* Key / cert options linkage to auth layer */ /* Key / cert options linkage to auth layer */
const struct sshauthopt *auth_options(struct ssh *); const struct sshauthopt *auth_options(struct ssh *);
@@ -239,6 +241,8 @@ struct passwd * getpwnamallow(struct ssh
char *, const char *, const char *, const char *, struct sshauthopt **);
int auth_check_authkeys_file(struct passwd *, FILE *, char *,
struct sshkey *, const char *, const char *, struct sshauthopt **);
+int user_key_verify(struct ssh *, const struct sshkey *, const u_char *, size_t,
+ const u_char *, size_t, const char *, u_int, struct sshkey_sig_details **);
FILE *auth_openkeyfile(const char *, struct passwd *, int);
FILE *auth_openprincipals(const char *, struct passwd *, int);
diff -up openssh-8.6p1/cipher.c.audit openssh-8.6p1/cipher.c diff -up openssh-8.6p1/cipher.c.audit openssh-8.6p1/cipher.c
--- openssh-8.6p1/cipher.c.audit 2021-04-16 05:55:25.000000000 +0200 --- openssh-8.6p1/cipher.c.audit 2021-04-16 05:55:25.000000000 +0200
+++ openssh-8.6p1/cipher.c 2021-04-19 16:47:35.755062122 +0200 +++ openssh-8.6p1/cipher.c 2021-04-19 16:47:35.755062122 +0200
@ -910,9 +910,9 @@ diff -up openssh-8.6p1/kex.c.audit openssh-8.6p1/kex.c
--- openssh-8.6p1/kex.c.audit 2021-04-19 16:47:35.743062030 +0200 --- openssh-8.6p1/kex.c.audit 2021-04-19 16:47:35.743062030 +0200
+++ openssh-8.6p1/kex.c 2021-04-19 16:47:35.755062122 +0200 +++ openssh-8.6p1/kex.c 2021-04-19 16:47:35.755062122 +0200
@@ -65,6 +65,7 @@ @@ -65,6 +65,7 @@
#include "ssherr.h"
#include "sshbuf.h" #include "sshbuf.h"
#include "digest.h" #include "digest.h"
#include "xmalloc.h"
+#include "audit.h" +#include "audit.h"
#ifdef GSSAPI #ifdef GSSAPI
@ -2006,7 +2006,7 @@ diff -up openssh-8.6p1/session.h.audit openssh-8.6p1/session.h
@@ -71,10 +77,12 @@ void session_unused(int); @@ -71,10 +77,12 @@ void session_unused(int);
int session_input_channel_req(struct ssh *, Channel *, const char *); int session_input_channel_req(struct ssh *, Channel *, const char *);
void session_close_by_pid(struct ssh *ssh, pid_t, int); void session_close_by_pid(struct ssh *ssh, pid_t, int);
void session_close_by_channel(struct ssh *, int, void *); void session_close_by_channel(struct ssh *, int, int, void *);
-void session_destroy_all(struct ssh *, void (*)(Session *)); -void session_destroy_all(struct ssh *, void (*)(Session *));
+void session_destroy_all(struct ssh *, void (*)(struct ssh*, Session *)); +void session_destroy_all(struct ssh *, void (*)(struct ssh*, Session *));
void session_pty_cleanup2(Session *); void session_pty_cleanup2(Session *);

View File

@ -368,14 +368,6 @@ diff -up openssh-8.6p1/sshd.c.fips openssh-8.6p1/sshd.c
#include "openbsd-compat/openssl-compat.h" #include "openbsd-compat/openssl-compat.h"
#endif #endif
@@ -1619,6 +1621,7 @@ main(int ac, char **av)
#endif
__progname = ssh_get_progname(av[0]);
+ OpenSSL_add_all_algorithms();
/* Save argv. Duplicate so setproctitle emulation doesn't clobber it */
saved_argc = ac;
rexec_argc = ac;
@@ -1931,6 +1931,13 @@ main(int ac, char **av) @@ -1931,6 +1931,13 @@ main(int ac, char **av)
&key, NULL)) != 0 && r != SSH_ERR_SYSTEM_ERROR) &key, NULL)) != 0 && r != SSH_ERR_SYSTEM_ERROR)
do_log2_r(r, ll, "Unable to load host key \"%s\"", do_log2_r(r, ll, "Unable to load host key \"%s\"",
@ -440,11 +432,11 @@ diff -up openssh-8.6p1/sshkey.c.fips openssh-8.6p1/sshkey.c
#ifdef WITH_XMSS #ifdef WITH_XMSS
@@ -285,6 +285,18 @@ sshkey_alg_list(int certs_only, int plai @@ -285,6 +285,18 @@ sshkey_alg_list(int certs_only, int plai
for (kt = keytypes; kt->type != -1; kt++) { impl = keyimpls[i];
if (kt->name == NULL || kt->type == KEY_NULL) if (impl->name == NULL || impl->type == KEY_NULL)
continue; continue;
+ if (FIPS_mode()) { + if (FIPS_mode()) {
+ switch (kt->type) { + switch (impl->type) {
+ case KEY_ED25519: + case KEY_ED25519:
+ case KEY_ED25519_SK: + case KEY_ED25519_SK:
+ case KEY_ED25519_CERT: + case KEY_ED25519_CERT:
@ -455,9 +447,9 @@ diff -up openssh-8.6p1/sshkey.c.fips openssh-8.6p1/sshkey.c
+ break; + break;
+ } + }
+ } + }
if (!include_sigonly && kt->sigonly) if (!include_sigonly && impl->sigonly)
continue; continue;
if ((certs_only && !kt->cert) || (plain_only && kt->cert)) if ((certs_only && !impl->cert) || (plain_only && impl->cert))
@@ -1503,6 +1503,20 @@ sshkey_read(struct sshkey *ret, char **c @@ -1503,6 +1503,20 @@ sshkey_read(struct sshkey *ret, char **c
return SSH_ERR_EC_CURVE_MISMATCH; return SSH_ERR_EC_CURVE_MISMATCH;
} }
@ -477,40 +469,31 @@ diff -up openssh-8.6p1/sshkey.c.fips openssh-8.6p1/sshkey.c
+ break; + break;
+ } + }
/* Fill in ret from parsed key */ /* Fill in ret from parsed key */
ret->type = type; sshkey_free_contents(ret);
if (sshkey_is_cert(ret)) { *ret = *k;
@@ -1705,6 +1707,8 @@ rsa_generate_private_key(u_int bits, RSA
goto out;
if (EVP_PKEY_keygen(ctx, &res) <= 0) {
+ if (FIPS_mode())
+ logit_f("the key length might be unsupported by FIPS mode approved key generation method");
ret = SSH_ERR_LIBCRYPTO_ERROR;
goto out;
}
@@ -2916,6 +2916,11 @@ sshkey_sign(struct sshkey *key, @@ -2916,6 +2916,11 @@ sshkey_sign(struct sshkey *key,
break; *lenp = 0;
case KEY_ED25519_SK: if (datalen > SSH_KEY_MAX_SIGN_DATA_SIZE)
case KEY_ED25519_SK_CERT: return SSH_ERR_INVALID_ARGUMENT;
+ if (FIPS_mode()) { + if (FIPS_mode() && ((key->type == KEY_ED25519_SK) || (key->type == KEY_ED25519_SK_CERT))) {
+ logit_f("Ed25519 keys are not allowed in FIPS mode"); + logit_f("Ed25519 keys are not allowed in FIPS mode");
+ return SSH_ERR_INVALID_ARGUMENT; + return SSH_ERR_INVALID_ARGUMENT;
+ } + }
+ /* Fallthrough */ + /* Fallthrough */
case KEY_ECDSA_SK_CERT: if ((impl = sshkey_impl_from_key(key)) == NULL)
case KEY_ECDSA_SK: return SSH_ERR_KEY_TYPE_UNKNOWN;
r = sshsk_sign(sk_provider, key, sigp, lenp, data, if ((r = sshkey_unshield_private(key)) != 0)
@@ -2973,6 +2978,10 @@ sshkey_verify(const struct sshkey *key, @@ -2973,6 +2978,10 @@ sshkey_verify(const struct sshkey *key,
return ssh_ed25519_verify(key, sig, siglen, data, dlen, compat); *detailsp = NULL;
case KEY_ED25519_SK: if (siglen == 0 || dlen > SSH_KEY_MAX_SIGN_DATA_SIZE)
case KEY_ED25519_SK_CERT: return SSH_ERR_INVALID_ARGUMENT;
+ if (FIPS_mode()) { + if (FIPS_mode() && ((key->type == KEY_ED25519_SK) || (key->type == KEY_ED25519_SK_CERT))) {
+ logit_f("Ed25519 keys are not allowed in FIPS mode"); + logit_f("Ed25519 keys are not allowed in FIPS mode");
+ return SSH_ERR_INVALID_ARGUMENT; + return SSH_ERR_INVALID_ARGUMENT;
+ } + }
return ssh_ed25519_sk_verify(key, sig, siglen, data, dlen, if ((impl = sshkey_impl_from_key(key)) == NULL)
compat, detailsp); return SSH_ERR_KEY_TYPE_UNKNOWN;
#ifdef WITH_XMSS return impl->funcs->verify(key, sig, siglen, data, dlen,
diff -up openssh-8.6p1/ssh-keygen.c.fips openssh-8.6p1/ssh-keygen.c diff -up openssh-8.6p1/ssh-keygen.c.fips openssh-8.6p1/ssh-keygen.c
--- openssh-8.6p1/ssh-keygen.c.fips 2021-05-06 12:08:36.467926637 +0200 --- openssh-8.6p1/ssh-keygen.c.fips 2021-05-06 12:08:36.467926637 +0200
+++ openssh-8.6p1/ssh-keygen.c 2021-05-06 12:08:36.503926916 +0200 +++ openssh-8.6p1/ssh-keygen.c 2021-05-06 12:08:36.503926916 +0200
@ -554,6 +537,26 @@ diff -up openssh-8.6p1/ssh-keygen.c.fips openssh-8.6p1/ssh-keygen.c
if ((fd = mkstemp(prv_tmp)) == -1) { if ((fd = mkstemp(prv_tmp)) == -1) {
error("Could not save your private key in %s: %s", error("Could not save your private key in %s: %s",
prv_tmp, strerror(errno)); prv_tmp, strerror(errno));
diff -up openssh-9.3p1/ssh-rsa.c.evpgenrsa openssh-9.3p1/ssh-rsa.c
--- openssh-9.3p1/ssh-rsa.c.evpgenrsa 2022-06-30 15:14:58.200518353 +0200
+++ openssh-9.3p1/ssh-rsa.c 2022-06-30 15:24:31.499641196 +0200
@@ -31,6 +31,7 @@
#include <openssl/evp.h>
#include <openssl/err.h>
+#include <openssl/fips.h>
#include <stdarg.h>
#include <string.h>
@@ -1705,6 +1707,8 @@ ssh_rsa_generate(u_int bits, RSA
goto out;
if (EVP_PKEY_keygen(ctx, &res) <= 0) {
+ if (FIPS_mode())
+ logit_f("the key length might be unsupported by FIPS mode approved key generation method");
ret = SSH_ERR_LIBCRYPTO_ERROR;
goto out;
}
diff -up openssh-8.7p1/kexgen.c.fips3 openssh-8.7p1/kexgen.c diff -up openssh-8.7p1/kexgen.c.fips3 openssh-8.7p1/kexgen.c
--- openssh-8.7p1/kexgen.c.fips3 2022-07-11 16:11:21.973519913 +0200 --- openssh-8.7p1/kexgen.c.fips3 2022-07-11 16:11:21.973519913 +0200
+++ openssh-8.7p1/kexgen.c 2022-07-11 16:25:31.172187365 +0200 +++ openssh-8.7p1/kexgen.c 2022-07-11 16:25:31.172187365 +0200
@ -663,13 +666,13 @@ diff -up openssh-8.7p1/ssh-ed25519.c.fips3 openssh-8.7p1/ssh-ed25519.c
if ((sig = malloc(slen)) == NULL) if ((sig = malloc(slen)) == NULL)
return SSH_ERR_ALLOC_FAIL; return SSH_ERR_ALLOC_FAIL;
@@ -108,6 +113,10 @@ ssh_ed25519_verify(const struct sshkey * @@ -108,6 +113,10 @@ ssh_ed25519_verify(const struct sshkey *
datalen >= INT_MAX - crypto_sign_ed25519_BYTES || dlen >= INT_MAX - crypto_sign_ed25519_BYTES ||
signature == NULL || signaturelen == 0) sig == NULL || siglen == 0)
return SSH_ERR_INVALID_ARGUMENT; return SSH_ERR_INVALID_ARGUMENT;
+ if (FIPS_mode()) { + if (FIPS_mode()) {
+ logit_f("Ed25519 keys are not allowed in FIPS mode"); + logit_f("Ed25519 keys are not allowed in FIPS mode");
+ return SSH_ERR_INVALID_ARGUMENT; + return SSH_ERR_INVALID_ARGUMENT;
+ } + }
if ((b = sshbuf_from(signature, signaturelen)) == NULL) if ((b = sshbuf_from(sig, siglen)) == NULL)
return SSH_ERR_ALLOC_FAIL; return SSH_ERR_ALLOC_FAIL;

View File

@ -12,13 +12,22 @@ index e7549470..b68c1710 100644
@@ -125,7 +126,7 @@ SSHDOBJS=sshd.o auth-rhosts.o auth-passwd.o \ @@ -125,7 +126,7 @@ SSHDOBJS=sshd.o auth-rhosts.o auth-passwd.o \
auth-bsdauth.o auth2-hostbased.o auth2-kbdint.o \ auth-bsdauth.o auth2-hostbased.o auth2-kbdint.o \
auth2-none.o auth2-passwd.o auth2-pubkey.o \ auth2-none.o auth2-passwd.o auth2-pubkey.o auth2-pubkeyfile.o \
monitor.o monitor_wrap.o auth-krb5.o \ monitor.o monitor_wrap.o auth-krb5.o \
- auth2-gss.o gss-serv.o gss-serv-krb5.o \ - auth2-gss.o gss-serv.o gss-serv-krb5.o \
+ auth2-gss.o gss-serv.o gss-serv-krb5.o kexgsss.o \ + auth2-gss.o gss-serv.o gss-serv-krb5.o kexgsss.o \
loginrec.o auth-pam.o auth-shadow.o auth-sia.o \ loginrec.o auth-pam.o auth-shadow.o auth-sia.o \
srclimit.o sftp-server.o sftp-common.o \ srclimit.o sftp-server.o sftp-common.o \
sandbox-null.o sandbox-rlimit.o sandbox-systrace.o sandbox-darwin.o \ sandbox-null.o sandbox-rlimit.o sandbox-systrace.o sandbox-darwin.o \
@@ -523,7 +523,7 @@ regress-prep:
ln -s `cd $(srcdir) && pwd`/regress/Makefile `pwd`/regress/Makefile
REGRESSLIBS=libssh.a $(LIBCOMPAT)
-TESTLIBS=$(LIBS) $(CHANNELLIBS)
+TESTLIBS=$(LIBS) $(CHANNELLIBS) $(GSSLIBS)
regress/modpipe$(EXEEXT): $(srcdir)/regress/modpipe.c $(REGRESSLIBS)
$(CC) $(CFLAGS) $(CPPFLAGS) -o $@ $(srcdir)/regress/modpipe.c \
diff -up a/auth.c.gsskex b/auth.c diff -up a/auth.c.gsskex b/auth.c
--- a/auth.c.gsskex 2021-08-20 06:03:49.000000000 +0200 --- a/auth.c.gsskex 2021-08-20 06:03:49.000000000 +0200
+++ b/auth.c 2021-08-27 12:41:51.262788953 +0200 +++ b/auth.c 2021-08-27 12:41:51.262788953 +0200
@ -378,12 +387,8 @@ index ebd0dbca..1bdac6a4 100644
/* Permitted RSA signature algorithms for UpdateHostkeys proofs */ /* Permitted RSA signature algorithms for UpdateHostkeys proofs */
#define HOSTKEY_PROOF_RSA_ALGS "rsa-sha2-512,rsa-sha2-256" #define HOSTKEY_PROOF_RSA_ALGS "rsa-sha2-512,rsa-sha2-256"
@@ -1379,9 +1383,18 @@ client_loop(struct ssh *ssh, int have_pty, int escape_char_arg, @@ -1379,6 +1383,14 @@ client_loop(struct ssh *ssh, int have_pty, int escape_char_arg,
break; /* Do channel operations. */
/* Do channel operations unless rekeying in progress. */
- if (!ssh_packet_is_rekeying(ssh))
+ if (!ssh_packet_is_rekeying(ssh)) {
channel_after_poll(ssh, pfd, npfd_active); channel_after_poll(ssh, pfd, npfd_active);
+#ifdef GSSAPI +#ifdef GSSAPI
@ -393,7 +398,6 @@ index ebd0dbca..1bdac6a4 100644
+ need_rekeying = 1; + need_rekeying = 1;
+ } + }
+#endif +#endif
+ }
+ +
/* Buffer input from the connection. */ /* Buffer input from the connection. */
if (conn_in_ready) if (conn_in_ready)
@ -1254,15 +1258,9 @@ diff --git a/kex.c b/kex.c
index ce85f043..574c7609 100644 index ce85f043..574c7609 100644
--- a/kex.c --- a/kex.c
+++ b/kex.c +++ b/kex.c
@@ -57,11 +57,16 @@ @@ -57,6 +57,10 @@
#include "misc.h"
#include "dispatch.h"
#include "monitor.h"
+#include "xmalloc.h"
#include "ssherr.h"
#include "sshbuf.h"
#include "digest.h" #include "digest.h"
#include "xmalloc.h"
+#ifdef GSSAPI +#ifdef GSSAPI
+#include "ssh-gss.h" +#include "ssh-gss.h"
@ -1360,9 +1358,9 @@ index ce85f043..574c7609 100644
+ return 1; + return 1;
+} +}
+ +
/* put algorithm proposal into buffer */ /*
int * Fill out a proposal array with dynamically allocated values, which may
kex_prop2buf(struct sshbuf *b, char *proposal[PROPOSAL_MAX]) * be modified as required for compatibility reasons.
@@ -698,6 +755,9 @@ kex_free(struct kex *kex) @@ -698,6 +755,9 @@ kex_free(struct kex *kex)
sshbuf_free(kex->server_version); sshbuf_free(kex->server_version);
sshbuf_free(kex->client_pub); sshbuf_free(kex->client_pub);
@ -1414,9 +1412,9 @@ index a5ae6ac0..fe714141 100644
char *kex_names_cat(const char *, const char *); char *kex_names_cat(const char *, const char *);
int kex_assemble_names(char **, const char *, const char *); int kex_assemble_names(char **, const char *, const char *);
+int kex_gss_names_valid(const char *); +int kex_gss_names_valid(const char *);
void kex_proposal_populate_entries(struct ssh *, char *prop[PROPOSAL_MAX],
int kex_exchange_identification(struct ssh *, int, const char *); const char *, const char *, const char *, const char *, const char *);
void kex_proposal_free_entries(char *prop[PROPOSAL_MAX]);
@@ -202,6 +219,12 @@ int kexgex_client(struct ssh *); @@ -202,6 +219,12 @@ int kexgex_client(struct ssh *);
int kexgex_server(struct ssh *); int kexgex_server(struct ssh *);
int kex_gen_client(struct ssh *); int kex_gen_client(struct ssh *);
@ -1489,7 +1487,7 @@ new file mode 100644
index 00000000..f6e1405e index 00000000..f6e1405e
--- /dev/null --- /dev/null
+++ b/kexgssc.c +++ b/kexgssc.c
@@ -0,0 +1,599 @@ @@ -0,0 +1,600 @@
+/* +/*
+ * Copyright (c) 2001-2009 Simon Wilkinson. All rights reserved. + * Copyright (c) 2001-2009 Simon Wilkinson. All rights reserved.
+ * + *
@ -2088,6 +2086,7 @@ index 00000000..f6e1405e
+ sshbuf_free(server_host_key_blob); + sshbuf_free(server_host_key_blob);
+ return r; + return r;
+} +}
+
+#endif /* defined(GSSAPI) && defined(WITH_OPENSSL) */ +#endif /* defined(GSSAPI) && defined(WITH_OPENSSL) */
diff --git a/kexgsss.c b/kexgsss.c diff --git a/kexgsss.c b/kexgsss.c
new file mode 100644 new file mode 100644
@ -3496,7 +3495,7 @@ index af00fb30..03bc87eb 100644
/* /*
@@ -163,6 +161,11 @@ ssh_kex2(struct ssh *ssh, char *host, struct sockaddr *hostaddr, u_short port) @@ -163,6 +161,11 @@ ssh_kex2(struct ssh *ssh, char *host, struct sockaddr *hostaddr, u_short port)
char *s, *all_key; char *s, *all_key, *hkalgs = NULL;
int r, use_known_hosts_order = 0; int r, use_known_hosts_order = 0;
+#if defined(GSSAPI) && defined(WITH_OPENSSL) +#if defined(GSSAPI) && defined(WITH_OPENSSL)
@ -3508,9 +3507,10 @@ index af00fb30..03bc87eb 100644
xxx_hostaddr = hostaddr; xxx_hostaddr = hostaddr;
xxx_conn_info = cinfo; xxx_conn_info = cinfo;
@@ -206,6 +209,42 @@ ssh_kex2(struct ssh *ssh, char *host, struct sockaddr *hostaddr, u_short port) @@ -206,6 +209,42 @@ ssh_kex2(struct ssh *ssh, char *host, struct sockaddr *hostaddr, u_short port)
compat_pkalg_proposal(ssh, options.hostkeyalgorithms); kex_proposal_populate_entries(ssh, myproposal, s, options.ciphers,
} options.macs, compression_alg_list(options.compression),
hkalgs ? hkalgs : options.hostkeyalgorithms);
+
+#if defined(GSSAPI) && defined(WITH_OPENSSL) +#if defined(GSSAPI) && defined(WITH_OPENSSL)
+ if (options.gss_keyex) { + if (options.gss_keyex) {
+ /* Add the GSSAPI mechanisms currently supported on this + /* Add the GSSAPI mechanisms currently supported on this
@ -3546,11 +3546,10 @@ index af00fb30..03bc87eb 100644
+ } + }
+ } + }
+#endif +#endif
+
if (options.rekey_limit || options.rekey_interval) free(hkalgs);
ssh_packet_set_rekey_limits(ssh, options.rekey_limit,
options.rekey_interval); @@ -224,17 +256,47 @@ ssh_kex2(struct ssh *ssh, char *host, struct sockaddr *hostaddr, u_short port)
@@ -224,16 +256,46 @@ ssh_kex2(struct ssh *ssh, char *host, struct sockaddr *hostaddr, u_short port)
# ifdef OPENSSL_HAS_ECC # ifdef OPENSSL_HAS_ECC
ssh->kex->kex[KEX_ECDH_SHA2] = kex_gen_client; ssh->kex->kex[KEX_ECDH_SHA2] = kex_gen_client;
# endif # endif
@ -3583,6 +3582,7 @@ index af00fb30..03bc87eb 100644
ssh_dispatch_run_fatal(ssh, DISPATCH_BLOCK, &ssh->kex->done); ssh_dispatch_run_fatal(ssh, DISPATCH_BLOCK, &ssh->kex->done);
/* remove ext-info from the KEX proposals for rekeying */ /* remove ext-info from the KEX proposals for rekeying */
free(myproposal[PROPOSAL_KEX_ALGS]);
myproposal[PROPOSAL_KEX_ALGS] = myproposal[PROPOSAL_KEX_ALGS] =
compat_kex_proposal(ssh, options.kex_algorithms); compat_kex_proposal(ssh, options.kex_algorithms);
+#if defined(GSSAPI) && defined(WITH_OPENSSL) +#if defined(GSSAPI) && defined(WITH_OPENSSL)
@ -3751,8 +3751,8 @@ index 60b2aaf7..d92f03aa 100644
exit(1); exit(1);
} }
@@ -2347,6 +2348,48 @@ do_ssh2_kex(struct ssh *ssh) @@ -2347,6 +2348,48 @@ do_ssh2_kex(struct ssh *ssh)
myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = compat_pkalg_proposal(
ssh, list_hostkey_types()); free(hkalgs);
+#if defined(GSSAPI) && defined(WITH_OPENSSL) +#if defined(GSSAPI) && defined(WITH_OPENSSL)
+ { + {
@ -3885,22 +3885,98 @@ diff --git a/sshkey.c b/sshkey.c
index 57995ee6..fd5b7724 100644 index 57995ee6..fd5b7724 100644
--- a/sshkey.c --- a/sshkey.c
+++ b/sshkey.c +++ b/sshkey.c
@@ -127,6 +127,75 @@ static const struct keytype keytypes[] = {
extern const struct sshkey_impl sshkey_xmss_impl;
extern const struct sshkey_impl sshkey_xmss_cert_impl;
#endif
+
+static int ssh_gss_equal(const struct sshkey *, const struct sshkey *)
+{
+ return SSH_ERR_FEATURE_UNSUPPORTED;
+}
+
+static int ssh_gss_serialize_public(const struct sshkey *, struct sshbuf *,
+ enum sshkey_serialize_rep)
+{
+ return SSH_ERR_FEATURE_UNSUPPORTED;
+}
+
+static int ssh_gss_deserialize_public(const char *, struct sshbuf *,
+ struct sshkey *)
+{
+ return SSH_ERR_FEATURE_UNSUPPORTED;
+}
+
+static int ssh_gss_serialize_private(const struct sshkey *, struct sshbuf *,
+ enum sshkey_serialize_rep)
+{
+ return SSH_ERR_FEATURE_UNSUPPORTED;
+}
+
+static int ssh_gss_deserialize_private(const char *, struct sshbuf *,
+ struct sshkey *)
+{
+ return SSH_ERR_FEATURE_UNSUPPORTED;
+}
+
+static int ssh_gss_copy_public(const struct sshkey *, struct sshkey *)
+{
+ return SSH_ERR_FEATURE_UNSUPPORTED;
+}
+
+static int ssh_gss_verify(const struct sshkey *, const u_char *, size_t,
+ const u_char *, size_t, const char *, u_int,
+ struct sshkey_sig_details **)
+{
+ return SSH_ERR_FEATURE_UNSUPPORTED;
+}
+
+static const struct sshkey_impl_funcs sshkey_gss_funcs = {
+ /* .size = */ NULL,
+ /* .alloc = */ NULL,
+ /* .cleanup = */ NULL,
+ /* .equal = */ ssh_gss_equal,
+ /* .ssh_serialize_public = */ ssh_gss_serialize_public,
+ /* .ssh_deserialize_public = */ ssh_gss_deserialize_public,
+ /* .ssh_serialize_private = */ ssh_gss_serialize_private,
+ /* .ssh_deserialize_private = */ ssh_gss_deserialize_private,
+ /* .generate = */ NULL,
+ /* .copy_public = */ ssh_gss_copy_public,
+ /* .sign = */ NULL,
+ /* .verify = */ ssh_gss_verify,
+};
+
+/* The struct is intentionally dummy and has no gss calls */
+static const struct sshkey_impl sshkey_gss_kex_impl = {
+ /* .name = */ "null",
+ /* .shortname = */ "null",
+ /* .sigalg = */ NULL,
+ /* .type = */ KEY_NULL,
+ /* .nid = */ 0,
+ /* .cert = */ 0,
+ /* .sigonly = */ 0,
+ /* .keybits = */ 0, /* FIXME */
+ /* .funcs = */ &sshkey_gss_funcs,
+};
const struct sshkey_impl * const keyimpls[] = {
&sshkey_ed25519_impl,
@@ -154,6 +154,7 @@ static const struct keytype keytypes[] = { @@ -154,6 +154,7 @@ static const struct keytype keytypes[] = {
# endif /* ENABLE_SK */ &sshkey_xmss_impl,
# endif /* OPENSSL_HAS_ECC */ &sshkey_xmss_cert_impl,
#endif /* WITH_OPENSSL */ #endif
+ { "null", "null", NULL, KEY_NULL, 0, 0, 0 }, + &sshkey_gss_kex_impl,
{ NULL, NULL, NULL, -1, -1, 0, 0 } NULL
}; };
@@ -255,7 +256,7 @@ sshkey_alg_list(int certs_only, int plain_only, int include_sigonly, char sep) @@ -255,7 +256,7 @@ sshkey_alg_list(int certs_only, int plain_only, int include_sigonly, char sep)
const struct keytype *kt;
for (kt = keytypes; kt->type != -1; kt++) { for (i = 0; keyimpls[i] != NULL; i++) {
- if (kt->name == NULL) impl = keyimpls[i];
+ if (kt->name == NULL || kt->type == KEY_NULL) - if (impl->name == NULL)
+ if (impl->name == NULL || impl->type == KEY_NULL)
continue; continue;
if (!include_sigonly && kt->sigonly) if (!include_sigonly && impl->sigonly)
continue; continue;
diff --git a/sshkey.h b/sshkey.h diff --git a/sshkey.h b/sshkey.h
index 71a3fddc..37a43a67 100644 index 71a3fddc..37a43a67 100644

View File

@ -62,8 +62,8 @@ index a23c383dc..ea45e7275 100644
--- a/ssh-dss.c --- a/ssh-dss.c
+++ b/ssh-dss.c +++ b/ssh-dss.c
@@ -52,11 +52,15 @@ int @@ -52,11 +52,15 @@ int
ssh_dss_sign(const struct sshkey *key, u_char **sigp, size_t *lenp, const u_char *data, size_t datalen,
const u_char *data, size_t datalen, u_int compat) const char *alg, const char *sk_provider, const char *sk_pin, u_int compat)
{ {
+ EVP_PKEY *pkey = NULL; + EVP_PKEY *pkey = NULL;
DSA_SIG *sig = NULL; DSA_SIG *sig = NULL;
@ -119,14 +119,14 @@ index a23c383dc..ea45e7275 100644
sshbuf_free(b); sshbuf_free(b);
return ret; return ret;
@@ -121,20 +132,20 @@ ssh_dss_verify(const struct sshkey *key, @@ -121,20 +132,20 @@ ssh_dss_verify(const struct sshkey *key,
const u_char *signature, size_t signaturelen, const u_char *data, size_t dlen, const char *alg, u_int compat,
const u_char *data, size_t datalen, u_int compat) struct sshkey_sig_details **detailsp)
{ {
+ EVP_PKEY *pkey = NULL; + EVP_PKEY *pkey = NULL;
DSA_SIG *sig = NULL; DSA_SIG *dsig = NULL;
BIGNUM *sig_r = NULL, *sig_s = NULL; BIGNUM *sig_r = NULL, *sig_s = NULL;
- u_char digest[SSH_DIGEST_MAX_LENGTH], *sigblob = NULL; - u_char digest[SSH_DIGEST_MAX_LENGTH], *sigblob = NULL;
- size_t len, dlen = ssh_digest_bytes(SSH_DIGEST_SHA1); - size_t len, hlen = ssh_digest_bytes(SSH_DIGEST_SHA1);
+ u_char *sigblob = NULL; + u_char *sigblob = NULL;
+ size_t len, slen; + size_t len, slen;
int ret = SSH_ERR_INTERNAL_ERROR; int ret = SSH_ERR_INTERNAL_ERROR;
@ -136,25 +136,25 @@ index a23c383dc..ea45e7275 100644
if (key == NULL || key->dsa == NULL || if (key == NULL || key->dsa == NULL ||
sshkey_type_plain(key->type) != KEY_DSA || sshkey_type_plain(key->type) != KEY_DSA ||
signature == NULL || signaturelen == 0) sig == NULL || siglen == 0)
return SSH_ERR_INVALID_ARGUMENT; return SSH_ERR_INVALID_ARGUMENT;
- if (dlen == 0) - if (hlen == 0)
- return SSH_ERR_INTERNAL_ERROR; - return SSH_ERR_INTERNAL_ERROR;
/* fetch signature */ /* fetch signature */
if ((b = sshbuf_from(signature, signaturelen)) == NULL) if ((b = sshbuf_from(sig, siglen)) == NULL)
@@ -176,25 +187,31 @@ ssh_dss_verify(const struct sshkey *key, @@ -176,25 +187,31 @@ ssh_dss_verify(const struct sshkey *key,
} }
sig_r = sig_s = NULL; /* transferred */ sig_r = sig_s = NULL; /* transferred */
- /* sha1 the data */ - /* sha1 the data */
- if ((ret = ssh_digest_memory(SSH_DIGEST_SHA1, data, datalen, - if ((ret = ssh_digest_memory(SSH_DIGEST_SHA1, data, dlen,
- digest, sizeof(digest))) != 0) - digest, sizeof(digest))) != 0)
+ if ((slen = i2d_DSA_SIG(sig, NULL)) == 0) { + if ((slen = i2d_DSA_SIG(sig, NULL)) == 0) {
+ ret = SSH_ERR_LIBCRYPTO_ERROR; + ret = SSH_ERR_LIBCRYPTO_ERROR;
goto out; goto out;
- -
- switch (DSA_do_verify(digest, dlen, sig, key->dsa)) { - switch (DSA_do_verify(digest, hlen, dsig, key->dsa)) {
- case 1: - case 1:
- ret = 0; - ret = 0;
- break; - break;
@ -177,14 +177,14 @@ index a23c383dc..ea45e7275 100644
+ ret = SSH_ERR_ALLOC_FAIL; + ret = SSH_ERR_ALLOC_FAIL;
+ goto out; + goto out;
+ } + }
+ ret = sshkey_verify_signature(pkey, SSH_DIGEST_SHA1, data, datalen, + ret = sshkey_verify_signature(pkey, SSH_DIGEST_SHA1, data, dlen,
+ sigb, slen); + sigb, slen);
+ EVP_PKEY_free(pkey); + EVP_PKEY_free(pkey);
+ +
out: out:
- explicit_bzero(digest, sizeof(digest)); - explicit_bzero(digest, sizeof(digest));
+ free(sigb); + free(sigb);
DSA_SIG_free(sig); DSA_SIG_free(dsig);
BN_clear_free(sig_r); BN_clear_free(sig_r);
BN_clear_free(sig_s); BN_clear_free(sig_s);
diff --git a/ssh-ecdsa.c b/ssh-ecdsa.c diff --git a/ssh-ecdsa.c b/ssh-ecdsa.c
@ -192,17 +192,17 @@ index 599c7199d..b036796e8 100644
--- a/ssh-ecdsa.c --- a/ssh-ecdsa.c
+++ b/ssh-ecdsa.c +++ b/ssh-ecdsa.c
@@ -50,11 +50,13 @@ int @@ -50,11 +50,13 @@ int
ssh_ecdsa_sign(const struct sshkey *key, u_char **sigp, size_t *lenp, const u_char *data, size_t dlen,
const u_char *data, size_t datalen, u_int compat) const char *alg, const char *sk_provider, const char *sk_pin, u_int compat)
{ {
+ EVP_PKEY *pkey = NULL; + EVP_PKEY *pkey = NULL;
ECDSA_SIG *sig = NULL; ECDSA_SIG *esig = NULL;
+ unsigned char *sigb = NULL; + unsigned char *sigb = NULL;
+ const unsigned char *psig; + const unsigned char *psig;
const BIGNUM *sig_r, *sig_s; const BIGNUM *sig_r, *sig_s;
int hash_alg; int hash_alg;
- u_char digest[SSH_DIGEST_MAX_LENGTH]; - u_char digest[SSH_DIGEST_MAX_LENGTH];
- size_t len, dlen; - size_t len, hlen;
+ int len; + int len;
struct sshbuf *b = NULL, *bb = NULL; struct sshbuf *b = NULL, *bb = NULL;
int ret = SSH_ERR_INTERNAL_ERROR; int ret = SSH_ERR_INTERNAL_ERROR;
@ -212,25 +212,25 @@ index 599c7199d..b036796e8 100644
return SSH_ERR_INVALID_ARGUMENT; return SSH_ERR_INVALID_ARGUMENT;
- if ((hash_alg = sshkey_ec_nid_to_hash_alg(key->ecdsa_nid)) == -1 || - if ((hash_alg = sshkey_ec_nid_to_hash_alg(key->ecdsa_nid)) == -1 ||
- (dlen = ssh_digest_bytes(hash_alg)) == 0) - (hlen = ssh_digest_bytes(hash_alg)) == 0)
+ if ((hash_alg = sshkey_ec_nid_to_hash_alg(key->ecdsa_nid)) == -1) + if ((hash_alg = sshkey_ec_nid_to_hash_alg(key->ecdsa_nid)) == -1)
return SSH_ERR_INTERNAL_ERROR; return SSH_ERR_INTERNAL_ERROR;
- if ((ret = ssh_digest_memory(hash_alg, data, datalen, - if ((ret = ssh_digest_memory(hash_alg, data, dlen,
- digest, sizeof(digest))) != 0) - digest, sizeof(digest))) != 0)
+ +
+ if ((pkey = EVP_PKEY_new()) == NULL || + if ((pkey = EVP_PKEY_new()) == NULL ||
+ EVP_PKEY_set1_EC_KEY(pkey, key->ecdsa) != 1) + EVP_PKEY_set1_EC_KEY(pkey, key->ecdsa) != 1)
+ return SSH_ERR_ALLOC_FAIL; + return SSH_ERR_ALLOC_FAIL;
+ ret = sshkey_calculate_signature(pkey, hash_alg, &sigb, &len, data, + ret = sshkey_calculate_signature(pkey, hash_alg, &sigb, &len, data,
+ datalen); + dlen);
+ EVP_PKEY_free(pkey); + EVP_PKEY_free(pkey);
+ if (ret < 0) { + if (ret < 0) {
goto out; goto out;
+ } + }
- if ((sig = ECDSA_do_sign(digest, dlen, key->ecdsa)) == NULL) { - if ((esig = ECDSA_do_sign(digest, hlen, key->ecdsa)) == NULL) {
+ psig = sigb; + psig = sigb;
+ if ((sig = d2i_ECDSA_SIG(NULL, &psig, len)) == NULL) { + if (d2i_ECDSA_SIG(&esig, &psig, len) == NULL) {
ret = SSH_ERR_LIBCRYPTO_ERROR; ret = SSH_ERR_LIBCRYPTO_ERROR;
goto out; goto out;
} }
@ -246,17 +246,17 @@ index 599c7199d..b036796e8 100644
+ free(sigb); + free(sigb);
sshbuf_free(b); sshbuf_free(b);
sshbuf_free(bb); sshbuf_free(bb);
ECDSA_SIG_free(sig); ECDSA_SIG_free(esig);
@@ -115,22 +123,21 @@ ssh_ecdsa_verify(const struct sshkey *key, @@ -115,22 +123,21 @@ ssh_ecdsa_verify(const struct sshkey *key,
const u_char *signature, size_t signaturelen, const u_char *data, size_t dlen, const char *alg, u_int compat,
const u_char *data, size_t datalen, u_int compat) struct sshkey_sig_details **detailsp)
{ {
+ EVP_PKEY *pkey = NULL; + EVP_PKEY *pkey = NULL;
ECDSA_SIG *sig = NULL; ECDSA_SIG *esig = NULL;
BIGNUM *sig_r = NULL, *sig_s = NULL; BIGNUM *sig_r = NULL, *sig_s = NULL;
- int hash_alg; - int hash_alg;
- u_char digest[SSH_DIGEST_MAX_LENGTH]; - u_char digest[SSH_DIGEST_MAX_LENGTH];
- size_t dlen; - size_t hlen;
+ int hash_alg, len; + int hash_alg, len;
int ret = SSH_ERR_INTERNAL_ERROR; int ret = SSH_ERR_INTERNAL_ERROR;
struct sshbuf *b = NULL, *sigbuf = NULL; struct sshbuf *b = NULL, *sigbuf = NULL;
@ -265,11 +265,11 @@ index 599c7199d..b036796e8 100644
if (key == NULL || key->ecdsa == NULL || if (key == NULL || key->ecdsa == NULL ||
sshkey_type_plain(key->type) != KEY_ECDSA || sshkey_type_plain(key->type) != KEY_ECDSA ||
signature == NULL || signaturelen == 0) sig == NULL || siglen == 0)
return SSH_ERR_INVALID_ARGUMENT; return SSH_ERR_INVALID_ARGUMENT;
- if ((hash_alg = sshkey_ec_nid_to_hash_alg(key->ecdsa_nid)) == -1 || - if ((hash_alg = sshkey_ec_nid_to_hash_alg(key->ecdsa_nid)) == -1 ||
- (dlen = ssh_digest_bytes(hash_alg)) == 0) - (hlen = ssh_digest_bytes(hash_alg)) == 0)
+ if ((hash_alg = sshkey_ec_nid_to_hash_alg(key->ecdsa_nid)) == -1) + if ((hash_alg = sshkey_ec_nid_to_hash_alg(key->ecdsa_nid)) == -1)
return SSH_ERR_INTERNAL_ERROR; return SSH_ERR_INTERNAL_ERROR;
@ -281,7 +281,7 @@ index 599c7199d..b036796e8 100644
- if (sshbuf_len(sigbuf) != 0) { - if (sshbuf_len(sigbuf) != 0) {
- ret = SSH_ERR_UNEXPECTED_TRAILING_DATA; - ret = SSH_ERR_UNEXPECTED_TRAILING_DATA;
+ /* Figure out the length */ + /* Figure out the length */
+ if ((len = i2d_ECDSA_SIG(sig, NULL)) == 0) { + if ((len = i2d_ECDSA_SIG(esig, NULL)) == 0) {
+ ret = SSH_ERR_LIBCRYPTO_ERROR; + ret = SSH_ERR_LIBCRYPTO_ERROR;
+ goto out; + goto out;
+ } + }
@ -289,15 +289,15 @@ index 599c7199d..b036796e8 100644
+ ret = SSH_ERR_ALLOC_FAIL; + ret = SSH_ERR_ALLOC_FAIL;
goto out; goto out;
} }
- if ((ret = ssh_digest_memory(hash_alg, data, datalen, - if ((ret = ssh_digest_memory(hash_alg, data, dlen,
- digest, sizeof(digest))) != 0) - digest, sizeof(digest))) != 0)
+ psig = sigb; + psig = sigb;
+ if ((len = i2d_ECDSA_SIG(sig, &psig)) == 0) { + if ((len = i2d_ECDSA_SIG(esig, &psig)) == 0) {
+ ret = SSH_ERR_LIBCRYPTO_ERROR; + ret = SSH_ERR_LIBCRYPTO_ERROR;
goto out; goto out;
+ } + }
- switch (ECDSA_do_verify(digest, dlen, sig, key->ecdsa)) { - switch (ECDSA_do_verify(digest, hlen, esig, key->ecdsa)) {
- case 1: - case 1:
- ret = 0; - ret = 0;
- break; - break;
@ -315,7 +315,7 @@ index 599c7199d..b036796e8 100644
+ ret = SSH_ERR_ALLOC_FAIL; + ret = SSH_ERR_ALLOC_FAIL;
goto out; goto out;
} }
+ ret = sshkey_verify_signature(pkey, hash_alg, data, datalen, sigb, len); + ret = sshkey_verify_signature(pkey, hash_alg, data, dlen, sigb, len);
+ EVP_PKEY_free(pkey); + EVP_PKEY_free(pkey);
out: out:
@ -323,7 +323,7 @@ index 599c7199d..b036796e8 100644
+ free(sigb); + free(sigb);
sshbuf_free(sigbuf); sshbuf_free(sigbuf);
sshbuf_free(b); sshbuf_free(b);
ECDSA_SIG_free(sig); ECDSA_SIG_free(esig);
diff --git a/ssh-rsa.c b/ssh-rsa.c diff --git a/ssh-rsa.c b/ssh-rsa.c
index 9b14f9a9a..8ef3a6aca 100644 index 9b14f9a9a..8ef3a6aca 100644
--- a/ssh-rsa.c --- a/ssh-rsa.c
@ -335,8 +335,8 @@ index 9b14f9a9a..8ef3a6aca 100644
-static int openssh_RSA_verify(int, u_char *, size_t, u_char *, size_t, RSA *); -static int openssh_RSA_verify(int, u_char *, size_t, u_char *, size_t, RSA *);
+static int openssh_RSA_verify(int, const u_char *, size_t, u_char *, size_t, EVP_PKEY *); +static int openssh_RSA_verify(int, const u_char *, size_t, u_char *, size_t, EVP_PKEY *);
static const char * static u_int
rsa_hash_alg_ident(int hash_alg) ssh_rsa_size(const struct sshkey *key)
@@ -90,21 +90,6 @@ rsa_hash_id_from_keyname(const char *alg) @@ -90,21 +90,6 @@ rsa_hash_id_from_keyname(const char *alg)
return -1; return -1;
} }
@ -360,13 +360,13 @@ index 9b14f9a9a..8ef3a6aca 100644
ssh_rsa_complete_crt_parameters(struct sshkey *key, const BIGNUM *iqmp) ssh_rsa_complete_crt_parameters(struct sshkey *key, const BIGNUM *iqmp)
{ {
@@ -164,11 +149,10 @@ int @@ -164,11 +149,10 @@ int
ssh_rsa_sign(const struct sshkey *key, u_char **sigp, size_t *lenp, const u_char *data, size_t datalen,
const u_char *data, size_t datalen, const char *alg_ident) const char *alg, const char *sk_provider, const char *sk_pin, u_int compat)
{ {
- const BIGNUM *rsa_n; - const BIGNUM *rsa_n;
- u_char digest[SSH_DIGEST_MAX_LENGTH], *sig = NULL; - u_char digest[SSH_DIGEST_MAX_LENGTH], *sig = NULL;
- size_t slen = 0; - size_t slen = 0;
- u_int dlen, len; - u_int hlen, len;
- int nid, hash_alg, ret = SSH_ERR_INTERNAL_ERROR; - int nid, hash_alg, ret = SSH_ERR_INTERNAL_ERROR;
+ EVP_PKEY *pkey = NULL; + EVP_PKEY *pkey = NULL;
+ u_char *sig = NULL; + u_char *sig = NULL;
@ -378,7 +378,7 @@ index 9b14f9a9a..8ef3a6aca 100644
@@ -180,33 +164,24 @@ ssh_rsa_sign(const struct sshkey *key, u_char **sigp, size_t *lenp, @@ -180,33 +164,24 @@ ssh_rsa_sign(const struct sshkey *key, u_char **sigp, size_t *lenp,
hash_alg = SSH_DIGEST_SHA1; hash_alg = SSH_DIGEST_SHA1;
else else
hash_alg = rsa_hash_id_from_keyname(alg_ident); hash_alg = rsa_hash_id_from_keyname(alg);
+ +
if (key == NULL || key->rsa == NULL || hash_alg == -1 || if (key == NULL || key->rsa == NULL || hash_alg == -1 ||
sshkey_type_plain(key->type) != KEY_RSA) sshkey_type_plain(key->type) != KEY_RSA)
@ -392,7 +392,7 @@ index 9b14f9a9a..8ef3a6aca 100644
- -
- /* hash the data */ - /* hash the data */
- nid = rsa_hash_alg_nid(hash_alg); - nid = rsa_hash_alg_nid(hash_alg);
- if ((dlen = ssh_digest_bytes(hash_alg)) == 0) - if ((hlen = ssh_digest_bytes(hash_alg)) == 0)
- return SSH_ERR_INTERNAL_ERROR; - return SSH_ERR_INTERNAL_ERROR;
- if ((ret = ssh_digest_memory(hash_alg, data, datalen, - if ((ret = ssh_digest_memory(hash_alg, data, datalen,
- digest, sizeof(digest))) != 0) - digest, sizeof(digest))) != 0)
@ -412,7 +412,7 @@ index 9b14f9a9a..8ef3a6aca 100644
goto out; goto out;
} }
- if (RSA_sign(nid, digest, dlen, sig, &len, key->rsa) != 1) { - if (RSA_sign(nid, digest, hlen, sig, &len, key->rsa) != 1) {
- ret = SSH_ERR_LIBCRYPTO_ERROR; - ret = SSH_ERR_LIBCRYPTO_ERROR;
- goto out; - goto out;
- } - }
@ -436,14 +436,14 @@ index 9b14f9a9a..8ef3a6aca 100644
sshbuf_free(b); sshbuf_free(b);
return ret; return ret;
@@ -246,10 +221,10 @@ ssh_rsa_verify(const struct sshkey *key, @@ -246,10 +221,10 @@ ssh_rsa_verify(const struct sshkey *key,
const u_char *sig, size_t siglen, const u_char *data, size_t datalen, const u_char *data, size_t dlen, const char *alg, u_int compat,
const char *alg) struct sshkey_sig_details **detailsp)
{ {
- const BIGNUM *rsa_n; - const BIGNUM *rsa_n;
+ EVP_PKEY *pkey = NULL; + EVP_PKEY *pkey = NULL;
char *sigtype = NULL; char *sigtype = NULL;
int hash_alg, want_alg, ret = SSH_ERR_INTERNAL_ERROR; int hash_alg, want_alg, ret = SSH_ERR_INTERNAL_ERROR;
- size_t len = 0, diff, modlen, dlen; - size_t len = 0, diff, modlen, hlen;
+ size_t len = 0, diff, modlen; + size_t len = 0, diff, modlen;
struct sshbuf *b = NULL; struct sshbuf *b = NULL;
u_char digest[SSH_DIGEST_MAX_LENGTH], *osigblob, *sigblob = NULL; u_char digest[SSH_DIGEST_MAX_LENGTH], *osigblob, *sigblob = NULL;
@ -462,7 +462,7 @@ index 9b14f9a9a..8ef3a6aca 100644
explicit_bzero(sigblob, diff); explicit_bzero(sigblob, diff);
len = modlen; len = modlen;
} }
- if ((dlen = ssh_digest_bytes(hash_alg)) == 0) { - if ((hlen = ssh_digest_bytes(hash_alg)) == 0) {
- ret = SSH_ERR_INTERNAL_ERROR; - ret = SSH_ERR_INTERNAL_ERROR;
+ +
+ if ((pkey = EVP_PKEY_new()) == NULL || + if ((pkey = EVP_PKEY_new()) == NULL ||
@ -470,13 +470,13 @@ index 9b14f9a9a..8ef3a6aca 100644
+ ret = SSH_ERR_ALLOC_FAIL; + ret = SSH_ERR_ALLOC_FAIL;
goto out; goto out;
} }
- if ((ret = ssh_digest_memory(hash_alg, data, datalen, - if ((ret = ssh_digest_memory(hash_alg, data, dlen,
- digest, sizeof(digest))) != 0) - digest, sizeof(digest))) != 0)
- goto out; - goto out;
+ ret = openssh_RSA_verify(hash_alg, data, datalen, sigblob, len, pkey); + ret = openssh_RSA_verify(hash_alg, data, dlen, sigblob, len, pkey);
+ EVP_PKEY_free(pkey); + EVP_PKEY_free(pkey);
- ret = openssh_RSA_verify(hash_alg, digest, dlen, sigblob, len, - ret = openssh_RSA_verify(hash_alg, digest, hlen, sigblob, len,
- key->rsa); - key->rsa);
out: out:
freezero(sigblob, len); freezero(sigblob, len);
@ -613,7 +613,7 @@ index 9b14f9a9a..8ef3a6aca 100644
- freezero(decrypted, rsasize); - freezero(decrypted, rsasize);
return ret; return ret;
} }
#endif /* WITH_OPENSSL */
diff --git a/sshkey.c b/sshkey.c diff --git a/sshkey.c b/sshkey.c
index ad1957762..b95ed0b10 100644 index ad1957762..b95ed0b10 100644
--- a/sshkey.c --- a/sshkey.c

View File

@ -76,7 +76,7 @@ diff -up openssh-8.7p1/Makefile.in.pkcs11-uri openssh-8.7p1/Makefile.in
+ ssh-pkcs11.o ssh-pkcs11-uri.o smult_curve25519_ref.o \ + ssh-pkcs11.o ssh-pkcs11-uri.o smult_curve25519_ref.o \
poly1305.o chacha.o cipher-chachapoly.o cipher-chachapoly-libcrypto.o \ poly1305.o chacha.o cipher-chachapoly.o cipher-chachapoly-libcrypto.o \
ssh-ed25519.o digest-openssl.o digest-libc.o \ ssh-ed25519.o digest-openssl.o digest-libc.o \
hmac.o sc25519.o ge25519.o fe25519.o ed25519.o verify.o hash.o \ hmac.o ed25519.o hash.o \
@@ -302,6 +302,8 @@ clean: regressclean @@ -302,6 +302,8 @@ clean: regressclean
rm -f regress/unittests/sshsig/test_sshsig$(EXEEXT) rm -f regress/unittests/sshsig/test_sshsig$(EXEEXT)
rm -f regress/unittests/utf8/*.o rm -f regress/unittests/utf8/*.o
@ -105,7 +105,7 @@ diff -up openssh-8.7p1/Makefile.in.pkcs11-uri openssh-8.7p1/Makefile.in
ln -s `cd $(srcdir) && pwd`/regress/Makefile `pwd`/regress/Makefile ln -s `cd $(srcdir) && pwd`/regress/Makefile `pwd`/regress/Makefile
@@ -677,6 +682,16 @@ regress/unittests/utf8/test_utf8$(EXEEXT @@ -677,6 +682,16 @@ regress/unittests/utf8/test_utf8$(EXEEXT
regress/unittests/test_helper/libtest_helper.a \ regress/unittests/test_helper/libtest_helper.a \
-lssh -lopenbsd-compat -lssh -lopenbsd-compat $(LIBS) -lssh -lopenbsd-compat -lssh -lopenbsd-compat $(TESTLIBS)
+UNITTESTS_TEST_PKCS11_OBJS=\ +UNITTESTS_TEST_PKCS11_OBJS=\
+ regress/unittests/pkcs11/tests.o + regress/unittests/pkcs11/tests.o
@ -115,7 +115,7 @@ diff -up openssh-8.7p1/Makefile.in.pkcs11-uri openssh-8.7p1/Makefile.in
+ regress/unittests/test_helper/libtest_helper.a libssh.a + regress/unittests/test_helper/libtest_helper.a libssh.a
+ $(LD) -o $@ $(LDFLAGS) $(UNITTESTS_TEST_PKCS11_OBJS) \ + $(LD) -o $@ $(LDFLAGS) $(UNITTESTS_TEST_PKCS11_OBJS) \
+ regress/unittests/test_helper/libtest_helper.a \ + regress/unittests/test_helper/libtest_helper.a \
+ -lssh -lopenbsd-compat -lssh -lopenbsd-compat $(LIBS) + -lssh -lopenbsd-compat -lcrypto $(LIBS)
+ +
# These all need to be compiled -fPIC, so they are treated differently. # These all need to be compiled -fPIC, so they are treated differently.
SK_DUMMY_OBJS=\ SK_DUMMY_OBJS=\

View File

@ -1,9 +1,9 @@
diff -up openssh-8.7p1/sshkey.c.evpgenrsa openssh-8.7p1/sshkey.c diff -up openssh-9.3p1/ssh-rsa.c.evpgenrsa openssh-9.3p1/ssh-rsa.c
--- openssh-8.7p1/sshkey.c.evpgenrsa 2022-06-30 15:14:58.200518353 +0200 --- openssh-9.3p1/ssh-rsa.c.evpgenrsa 2022-06-30 15:14:58.200518353 +0200
+++ openssh-8.7p1/sshkey.c 2022-06-30 15:24:31.499641196 +0200 +++ openssh-9.3p1/ssh-rsa.c 2022-06-30 15:24:31.499641196 +0200
@@ -1657,7 +1657,8 @@ sshkey_cert_type(const struct sshkey *k) @@ -1657,7 +1657,8 @@ sshkey_cert_type(const struct sshkey *k)
static int static int
rsa_generate_private_key(u_int bits, RSA **rsap) ssh_rsa_generate(struct sshkey *k, int bits)
{ {
- RSA *private = NULL; - RSA *private = NULL;
+ EVP_PKEY_CTX *ctx = NULL; + EVP_PKEY_CTX *ctx = NULL;
@ -11,10 +11,10 @@ diff -up openssh-8.7p1/sshkey.c.evpgenrsa openssh-8.7p1/sshkey.c
BIGNUM *f4 = NULL; BIGNUM *f4 = NULL;
int ret = SSH_ERR_INTERNAL_ERROR; int ret = SSH_ERR_INTERNAL_ERROR;
@@ -1667,20 +1668,42 @@ rsa_generate_private_key(u_int bits, RSA @@ -1667,20 +1668,42 @@ ssh_rsa_generate(u_int bits, RSA
if (bits < SSH_RSA_MINIMUM_MODULUS_SIZE ||
bits > SSHBUF_MAX_BIGNUM * 8) bits > SSHBUF_MAX_BIGNUM * 8)
return SSH_ERR_KEY_LENGTH; return SSH_ERR_KEY_LENGTH;
*rsap = NULL;
- if ((private = RSA_new()) == NULL || (f4 = BN_new()) == NULL) { - if ((private = RSA_new()) == NULL || (f4 = BN_new()) == NULL) {
+ +
+ if ((ctx = EVP_PKEY_CTX_new_from_name(NULL, "RSA", NULL)) == NULL + if ((ctx = EVP_PKEY_CTX_new_from_name(NULL, "RSA", NULL)) == NULL
@ -44,14 +44,14 @@ diff -up openssh-8.7p1/sshkey.c.evpgenrsa openssh-8.7p1/sshkey.c
+ } + }
+ +
+ /* This function is deprecated in OpenSSL 3.0 but OpenSSH doesn't worry about it*/ + /* This function is deprecated in OpenSSL 3.0 but OpenSSH doesn't worry about it*/
+ *rsap = EVP_PKEY_get1_RSA(res); + k->rsa = EVP_PKEY_get1_RSA(res);
+ if (*rsap) { + if (k->rsa) {
+ ret = 0; + ret = 0;
+ } else { + } else {
ret = SSH_ERR_LIBCRYPTO_ERROR; ret = SSH_ERR_LIBCRYPTO_ERROR;
goto out; goto out;
} }
- *rsap = private; - k->rsa = private;
- private = NULL; - private = NULL;
- ret = 0; - ret = 0;
out: out:
@ -61,50 +61,49 @@ diff -up openssh-8.7p1/sshkey.c.evpgenrsa openssh-8.7p1/sshkey.c
BN_free(f4); BN_free(f4);
return ret; return ret;
} }
diff -up openssh-9.3p1/ssh-ecdsa.c.evpgenrsa openssh-9.3p1/ssh-ecdsa.c
--- openssh-9.3p1/ssh-ecdsa.c.evpgenrsa 2022-06-30 15:14:58.200518353 +0200
+++ openssh-9.3p1/ssh-ecdsa.c 2022-06-30 15:24:31.499641196 +0200
@@ -1820,7 +1820,8 @@ sshkey_ecdsa_key_to_nid(EC_KEY *k) @@ -1820,7 +1820,8 @@ sshkey_ecdsa_key_to_nid(EC_KEY *k)
static int static int
ecdsa_generate_private_key(u_int bits, int *nid, EC_KEY **ecdsap) ssh_ecdsa_generate(struct sshkey *k, int bits)
{ {
- EC_KEY *private; - EC_KEY *private;
+ EVP_PKEY_CTX *ctx = NULL; + EVP_PKEY_CTX *ctx = NULL;
+ EVP_PKEY *res = NULL; + EVP_PKEY *res = NULL;
int ret = SSH_ERR_INTERNAL_ERROR;
if (nid == NULL || ecdsap == NULL) if ((k->ecdsa_nid = sshkey_ecdsa_bits_to_nid(bits)) == -1)
@@ -1828,20 +1829,29 @@ ecdsa_generate_private_key(u_int bits, i
if ((*nid = sshkey_ecdsa_bits_to_nid(bits)) == -1)
return SSH_ERR_KEY_LENGTH; return SSH_ERR_KEY_LENGTH;
*ecdsap = NULL; @@ -1828,15 +1829,24 @@ ssh_ecdsa_generate(u_int bits, i
- if ((private = EC_KEY_new_by_curve_name(*nid)) == NULL) {
if ((k->ecdsa_nid = sshkey_ecdsa_bits_to_nid(bits)) == -1)
return SSH_ERR_KEY_LENGTH;
- if ((private = EC_KEY_new_by_curve_name(k->ecdsa_nid)) == NULL)
+ +
+ if ((ctx = EVP_PKEY_CTX_new_from_name(NULL, "EC", NULL)) == NULL) { + if ((ctx = EVP_PKEY_CTX_new_from_name(NULL, "EC", NULL)) == NULL)
ret = SSH_ERR_ALLOC_FAIL; return SSH_ERR_ALLOC_FAIL;
goto out;
}
- if (EC_KEY_generate_key(private) != 1) { - if (EC_KEY_generate_key(private) != 1) {
+
+ if (EVP_PKEY_keygen_init(ctx) <= 0 || EVP_PKEY_CTX_set_group_name(ctx, OBJ_nid2sn(*nid)) <= 0
+ || EVP_PKEY_keygen(ctx, &res) <= 0) {
+ ret = SSH_ERR_LIBCRYPTO_ERROR;
+ goto out;
+ }
+ /* This function is deprecated in OpenSSL 3.0 but OpenSSH doesn't worry about it*/
+ *ecdsap = EVP_PKEY_get1_EC_KEY(res);
+ if (*ecdsap) {
+ EC_KEY_set_asn1_flag(*ecdsap, OPENSSL_EC_NAMED_CURVE);
+ ret = 0;
+ } else {
ret = SSH_ERR_LIBCRYPTO_ERROR;
goto out;
}
- EC_KEY_set_asn1_flag(private, OPENSSL_EC_NAMED_CURVE);
- *ecdsap = private;
- private = NULL;
- ret = 0;
out:
- EC_KEY_free(private); - EC_KEY_free(private);
- return SSH_ERR_LIBCRYPTO_ERROR;
- }
+
+ if (EVP_PKEY_keygen_init(ctx) <= 0 || EVP_PKEY_CTX_set_group_name(ctx, OBJ_nid2sn(k->ecdsa_nid)) <= 0
+ || EVP_PKEY_keygen(ctx, &res) <= 0) {
+ EVP_PKEY_CTX_free(ctx); + EVP_PKEY_CTX_free(ctx);
+ EVP_PKEY_free(res); + EVP_PKEY_free(res);
return ret; + return SSH_ERR_LIBCRYPTO_ERROR;
+ }
+ /* This function is deprecated in OpenSSL 3.0 but OpenSSH doesn't worry about it*/
+ k->ecdsa = EVP_PKEY_get1_EC_KEY(res);
+ if (k->ecdsa)
+ EC_KEY_set_asn1_flag(k->ecdsa, OPENSSL_EC_NAMED_CURVE);
+
- EC_KEY_set_asn1_flag(private, OPENSSL_EC_NAMED_CURVE);
- k->ecdsa = private;
- return 0;
+ EVP_PKEY_CTX_free(ctx);
+ EVP_PKEY_free(res);
+ return (k->ecdsa) ? 0 : SSH_ERR_LIBCRYPTO_ERROR;
} }
# endif /* OPENSSL_HAS_ECC */
static int

View File

@ -1,156 +0,0 @@
diff --color -rup a/compat.c b/compat.c
--- a/compat.c 2021-08-20 06:03:49.000000000 +0200
+++ b/compat.c 2022-07-14 17:39:23.770268440 +0200
@@ -157,11 +157,12 @@ compat_banner(struct ssh *ssh, const cha
debug_f("no match: %s", version);
}
+/* Always returns pointer to allocated memory, caller must free. */
char *
compat_cipher_proposal(struct ssh *ssh, char *cipher_prop)
{
if (!(ssh->compat & SSH_BUG_BIGENDIANAES))
- return cipher_prop;
+ return xstrdup(cipher_prop);
debug2_f("original cipher proposal: %s", cipher_prop);
if ((cipher_prop = match_filter_denylist(cipher_prop, "aes*")) == NULL)
fatal("match_filter_denylist failed");
@@ -171,11 +172,12 @@ compat_cipher_proposal(struct ssh *ssh,
return cipher_prop;
}
+/* Always returns pointer to allocated memory, caller must free. */
char *
compat_pkalg_proposal(struct ssh *ssh, char *pkalg_prop)
{
if (!(ssh->compat & SSH_BUG_RSASIGMD5))
- return pkalg_prop;
+ return xstrdup(pkalg_prop);
debug2_f("original public key proposal: %s", pkalg_prop);
if ((pkalg_prop = match_filter_denylist(pkalg_prop, "ssh-rsa")) == NULL)
fatal("match_filter_denylist failed");
@@ -185,21 +187,26 @@ compat_pkalg_proposal(struct ssh *ssh, c
return pkalg_prop;
}
+/* Always returns pointer to allocated memory, caller must free. */
char *
compat_kex_proposal(struct ssh *ssh, char *p)
{
+ char *cp = NULL;
+
if ((ssh->compat & (SSH_BUG_CURVE25519PAD|SSH_OLD_DHGEX)) == 0)
- return p;
+ return xstrdup(p);
debug2_f("original KEX proposal: %s", p);
if ((ssh->compat & SSH_BUG_CURVE25519PAD) != 0)
if ((p = match_filter_denylist(p,
"curve25519-sha256@libssh.org")) == NULL)
fatal("match_filter_denylist failed");
if ((ssh->compat & SSH_OLD_DHGEX) != 0) {
+ cp = p;
if ((p = match_filter_denylist(p,
"diffie-hellman-group-exchange-sha256,"
"diffie-hellman-group-exchange-sha1")) == NULL)
fatal("match_filter_denylist failed");
+ free(cp);
}
debug2_f("compat KEX proposal: %s", p);
if (*p == '\0')
diff --color -rup a/sshconnect2.c b/sshconnect2.c
--- a/sshconnect2.c 2022-07-14 17:38:43.241496549 +0200
+++ b/sshconnect2.c 2022-07-14 17:39:23.772268479 +0200
@@ -222,6 +222,7 @@ ssh_kex2(struct ssh *ssh, char *host, st
{
char *myproposal[PROPOSAL_MAX] = { KEX_CLIENT };
char *s, *all_key;
+ char *prop_kex = NULL, *prop_enc = NULL, *prop_hostkey = NULL;
int r, use_known_hosts_order = 0;
#if defined(GSSAPI) && defined(WITH_OPENSSL)
@@ -252,10 +253,9 @@ ssh_kex2(struct ssh *ssh, char *host, st
if ((s = kex_names_cat(options.kex_algorithms, "ext-info-c")) == NULL)
fatal_f("kex_names_cat");
- myproposal[PROPOSAL_KEX_ALGS] = compat_kex_proposal(ssh, s);
+ myproposal[PROPOSAL_KEX_ALGS] = prop_kex = compat_kex_proposal(ssh, s);
myproposal[PROPOSAL_ENC_ALGS_CTOS] =
- compat_cipher_proposal(ssh, options.ciphers);
- myproposal[PROPOSAL_ENC_ALGS_STOC] =
+ myproposal[PROPOSAL_ENC_ALGS_STOC] = prop_enc =
compat_cipher_proposal(ssh, options.ciphers);
myproposal[PROPOSAL_COMP_ALGS_CTOS] =
myproposal[PROPOSAL_COMP_ALGS_STOC] =
@@ -264,12 +264,12 @@ ssh_kex2(struct ssh *ssh, char *host, st
myproposal[PROPOSAL_MAC_ALGS_STOC] = options.macs;
if (use_known_hosts_order) {
/* Query known_hosts and prefer algorithms that appear there */
- myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] =
+ myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = prop_hostkey =
compat_pkalg_proposal(ssh,
order_hostkeyalgs(host, hostaddr, port, cinfo));
} else {
/* Use specified HostkeyAlgorithms exactly */
- myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] =
+ myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = prop_hostkey =
compat_pkalg_proposal(ssh, options.hostkeyalgorithms);
}
@@ -383,6 +383,10 @@ ssh_kex2(struct ssh *ssh, char *host, st
(r = ssh_packet_write_wait(ssh)) != 0)
fatal_fr(r, "send packet");
#endif
+ /* Free only parts of proposal that were dynamically allocated here. */
+ free(prop_kex);
+ free(prop_enc);
+ free(prop_hostkey);
}
/*
diff --color -rup a/sshd.c b/sshd.c
--- a/sshd.c 2022-07-14 17:38:43.242496568 +0200
+++ b/sshd.c 2022-07-14 17:42:07.616388978 +0200
@@ -2493,14 +2493,15 @@ do_ssh2_kex(struct ssh *ssh)
{
char *myproposal[PROPOSAL_MAX] = { KEX_SERVER };
struct kex *kex;
+ char *hostkey_types = NULL;
+ char *prop_kex = NULL, *prop_enc = NULL, *prop_hostkey = NULL;
int r;
- myproposal[PROPOSAL_KEX_ALGS] = compat_kex_proposal(ssh,
+ myproposal[PROPOSAL_KEX_ALGS] = prop_kex = compat_kex_proposal(ssh,
options.kex_algorithms);
- myproposal[PROPOSAL_ENC_ALGS_CTOS] = compat_cipher_proposal(ssh,
- options.ciphers);
- myproposal[PROPOSAL_ENC_ALGS_STOC] = compat_cipher_proposal(ssh,
- options.ciphers);
+ myproposal[PROPOSAL_ENC_ALGS_CTOS] =
+ myproposal[PROPOSAL_ENC_ALGS_STOC] = prop_enc =
+ compat_cipher_proposal(ssh, options.ciphers);
myproposal[PROPOSAL_MAC_ALGS_CTOS] =
myproposal[PROPOSAL_MAC_ALGS_STOC] = options.macs;
@@ -2513,8 +2514,10 @@ do_ssh2_kex(struct ssh *ssh)
ssh_packet_set_rekey_limits(ssh, options.rekey_limit,
options.rekey_interval);
- myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = compat_pkalg_proposal(
- ssh, list_hostkey_types());
+ hostkey_types = list_hostkey_types();
+ myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = prop_hostkey =
+ compat_pkalg_proposal(ssh, hostkey_types);
+ free(hostkey_types);
#if defined(GSSAPI) && defined(WITH_OPENSSL)
{
@@ -2606,6 +2609,9 @@ do_ssh2_kex(struct ssh *ssh)
(r = ssh_packet_write_wait(ssh)) != 0)
fatal_fr(r, "send test");
#endif
+ free(prop_kex);
+ free(prop_enc);
+ free(prop_hostkey);
debug("KEX done");
}

View File

@ -1,446 +1,24 @@
diff --git a/auth2-hostbased.c b/auth2-hostbased.c
index 36b9d2f5..6b517db4 100644
--- a/auth2-hostbased.c
+++ b/auth2-hostbased.c
@@ -119,6 +119,11 @@ userauth_hostbased(struct ssh *ssh, const char *method)
"(null)" : key->cert->signature_type);
goto done;
}
+ if ((r = sshkey_check_rsa_length(key,
+ options.required_rsa_size)) != 0) {
+ logit_r(r, "refusing %s key", sshkey_type(key));
+ goto done;
+ }
if (!authctxt->valid || authctxt->user == NULL) {
debug2_f("disabled because of invalid user");
diff --git a/auth2-pubkey.c b/auth2-pubkey.c
index 962fd342..5d59febc 100644
--- a/auth2-pubkey.c
+++ b/auth2-pubkey.c
@@ -175,6 +175,11 @@ userauth_pubkey(struct ssh *ssh, const char *method)
"(null)" : key->cert->signature_type);
goto done;
}
+ if ((r = sshkey_check_rsa_length(key,
+ options.required_rsa_size)) != 0) {
+ logit_r(r, "refusing %s key", sshkey_type(key));
+ goto done;
+ }
key_s = format_key(key);
if (sshkey_is_cert(key))
ca_s = format_key(key->cert->signature_key);
diff --git a/readconf.c b/readconf.c diff --git a/readconf.c b/readconf.c
index 7f26c680..42be690b 100644 index 7f26c680..42be690b 100644
--- a/readconf.c --- a/readconf.c
+++ b/readconf.c +++ b/readconf.c
@@ -174,7 +174,7 @@ typedef enum { @@ -320,6 +320,7 @@ static struct {
oStreamLocalBindMask, oStreamLocalBindUnlink, oRevokedHostKeys,
oFingerprintHash, oUpdateHostkeys, oHostbasedAcceptedAlgorithms,
oPubkeyAcceptedAlgorithms, oCASignatureAlgorithms, oProxyJump,
- oSecurityKeyProvider, oKnownHostsCommand,
+ oSecurityKeyProvider, oKnownHostsCommand, oRequiredRSASize,
oIgnore, oIgnoredUnknownOption, oDeprecated, oUnsupported
} OpCodes;
@@ -320,6 +320,8 @@ static struct {
{ "proxyjump", oProxyJump },
{ "securitykeyprovider", oSecurityKeyProvider }, { "securitykeyprovider", oSecurityKeyProvider },
{ "knownhostscommand", oKnownHostsCommand }, { "knownhostscommand", oKnownHostsCommand },
+ { "requiredrsasize", oRequiredRSASize }, { "requiredrsasize", oRequiredRSASize },
+ { "rsaminsize", oRequiredRSASize }, /* alias */ + { "rsaminsize", oRequiredRSASize }, /* alias */
{ "enableescapecommandline", oEnableEscapeCommandline },
{ NULL, oBadOption } { NULL, oBadOption }
};
@@ -2176,6 +2177,10 @@ parse_pubkey_algos:
*charptr = xstrdup(arg);
break;
+ case oRequiredRSASize:
+ intptr = &options->required_rsa_size;
+ goto parse_int;
+
case oDeprecated:
debug("%s line %d: Deprecated option \"%s\"",
filename, linenum, keyword);
@@ -2423,6 +2428,7 @@ initialize_options(Options * options)
options->hostbased_accepted_algos = NULL;
options->pubkey_accepted_algos = NULL;
options->known_hosts_command = NULL;
+ options->required_rsa_size = -1;
}
/*
@@ -2619,6 +2625,8 @@ fill_default_options(Options * options)
if (options->sk_provider == NULL)
options->sk_provider = xstrdup("$SSH_SK_PROVIDER");
#endif
+ if (options->required_rsa_size == -1)
+ options->required_rsa_size = SSH_RSA_MINIMUM_MODULUS_SIZE;
/* Expand KEX name lists */
all_cipher = cipher_alg_list(',', 0);
@@ -3308,6 +3316,7 @@ dump_client_config(Options *o, const char *host)
dump_cfg_int(oNumberOfPasswordPrompts, o->number_of_password_prompts);
dump_cfg_int(oServerAliveCountMax, o->server_alive_count_max);
dump_cfg_int(oServerAliveInterval, o->server_alive_interval);
+ dump_cfg_int(oRequiredRSASize, o->required_rsa_size);
/* String options */
dump_cfg_string(oBindAddress, o->bind_address);
diff --git a/readconf.h b/readconf.h
index f647bd42..ffb5ec4f 100644
--- a/readconf.h
+++ b/readconf.h
@@ -176,6 +176,8 @@ typedef struct {
char *known_hosts_command;
+ int required_rsa_size; /* minimum size of RSA keys */
+
char *ignored_unknown; /* Pattern list of unknown tokens to ignore */
} Options;
diff --git a/servconf.c b/servconf.c diff --git a/servconf.c b/servconf.c
index 29df0463..423772b1 100644 index 29df0463..423772b1 100644
--- a/servconf.c --- a/servconf.c
+++ b/servconf.c +++ b/servconf.c
@@ -195,6 +195,7 @@ initialize_server_options(ServerOptions *options) @@ -676,6 +680,7 @@ static struct {
options->fingerprint_hash = -1;
options->disable_forwarding = -1;
options->expose_userauth_info = -1;
+ options->required_rsa_size = -1;
}
/* Returns 1 if a string option is unset or set to "none" or 0 otherwise. */
@@ -441,6 +442,8 @@ fill_default_server_options(ServerOptions *options)
options->expose_userauth_info = 0;
if (options->sk_provider == NULL)
options->sk_provider = xstrdup("internal");
+ if (options->required_rsa_size == -1)
+ options->required_rsa_size = SSH_RSA_MINIMUM_MODULUS_SIZE;
assemble_algorithms(options);
@@ -517,6 +520,7 @@ typedef enum {
sStreamLocalBindMask, sStreamLocalBindUnlink,
sAllowStreamLocalForwarding, sFingerprintHash, sDisableForwarding,
sExposeAuthInfo, sRDomain, sPubkeyAuthOptions, sSecurityKeyProvider,
+ sRequiredRSASize,
sDeprecated, sIgnore, sUnsupported
} ServerOpCodes;
@@ -676,6 +680,8 @@ static struct {
{ "rdomain", sRDomain, SSHCFG_ALL },
{ "casignaturealgorithms", sCASignatureAlgorithms, SSHCFG_ALL }, { "casignaturealgorithms", sCASignatureAlgorithms, SSHCFG_ALL },
{ "securitykeyprovider", sSecurityKeyProvider, SSHCFG_GLOBAL }, { "securitykeyprovider", sSecurityKeyProvider, SSHCFG_GLOBAL },
+ { "requiredrsasize", sRequiredRSASize, SSHCFG_ALL }, { "requiredrsasize", sRequiredRSASize, SSHCFG_ALL },
+ { "rsaminsize", sRequiredRSASize, SSHCFG_ALL }, /* alias */ + { "rsaminsize", sRequiredRSASize, SSHCFG_ALL }, /* alias */
{ "channeltimeout", sChannelTimeout, SSHCFG_ALL },
{ "unusedconnectiontimeout", sUnusedConnectionTimeout, SSHCFG_ALL },
{ NULL, sBadOption, 0 } { NULL, sBadOption, 0 }
};
@@ -2438,6 +2443,10 @@ process_server_config_line_depth(ServerOptions *options, char *line,
*charptr = xstrdup(arg);
break;
+ case sRequiredRSASize:
+ intptr = &options->required_rsa_size;
+ goto parse_int;
+
case sDeprecated:
case sIgnore:
case sUnsupported:
@@ -2610,6 +2619,7 @@ copy_set_server_options(ServerOptions *dst, ServerOptions *src, int preauth)
M_CP_INTOPT(rekey_limit);
M_CP_INTOPT(rekey_interval);
M_CP_INTOPT(log_level);
+ M_CP_INTOPT(required_rsa_size);
/*
* The bind_mask is a mode_t that may be unsigned, so we can't use
@@ -2874,6 +2884,7 @@ dump_config(ServerOptions *o)
dump_cfg_int(sMaxSessions, o->max_sessions);
dump_cfg_int(sClientAliveInterval, o->client_alive_interval);
dump_cfg_int(sClientAliveCountMax, o->client_alive_count_max);
+ dump_cfg_int(sRequiredRSASize, o->required_rsa_size);
dump_cfg_oct(sStreamLocalBindMask, o->fwd_opts.streamlocal_bind_mask);
/* formatted integer arguments */
diff --git a/servconf.h b/servconf.h
index 8a04463e..9346155c 100644
--- a/servconf.h
+++ b/servconf.h
@@ -229,6 +229,7 @@ typedef struct {
int expose_userauth_info;
u_int64_t timing_secret;
char *sk_provider;
+ int required_rsa_size; /* minimum size of RSA keys */
} ServerOptions;
/* Information about the incoming connection as used by Match */
diff --git a/ssh.c b/ssh.c
index 559bf2af..25be53d5 100644
--- a/ssh.c
+++ b/ssh.c
@@ -516,14 +516,22 @@ resolve_canonicalize(char **hostp, int port)
}
/*
- * Check the result of hostkey loading, ignoring some errors and
- * fatal()ing for others.
+ * Check the result of hostkey loading, ignoring some errors and either
+ * discarding the key or fatal()ing for others.
*/
static void
-check_load(int r, const char *path, const char *message)
+check_load(int r, struct sshkey **k, const char *path, const char *message)
{
switch (r) {
case 0:
+ /* Check RSA keys size and discard if undersized */
+ if (k != NULL && *k != NULL &&
+ (r = sshkey_check_rsa_length(*k,
+ options.required_rsa_size)) != 0) {
+ error_r(r, "load %s \"%s\"", message, path);
+ free(*k);
+ *k = NULL;
+ }
break;
case SSH_ERR_INTERNAL_ERROR:
case SSH_ERR_ALLOC_FAIL:
@@ -1578,7 +1586,7 @@ main(int ac, char **av)
if ((o) >= sensitive_data.nkeys) \
fatal_f("pubkey out of array bounds"); \
check_load(sshkey_load_public(p, &(sensitive_data.keys[o]), NULL), \
- p, "pubkey"); \
+ &(sensitive_data.keys[o]), p, "pubkey"); \
if (sensitive_data.keys[o] != NULL) \
debug2("hostbased key %d: %s key from \"%s\"", o, \
sshkey_ssh_name(sensitive_data.keys[o]), p); \
@@ -1586,7 +1594,8 @@ main(int ac, char **av)
#define L_CERT(p,o) do { \
if ((o) >= sensitive_data.nkeys) \
fatal_f("cert out of array bounds"); \
- check_load(sshkey_load_cert(p, &(sensitive_data.keys[o])), p, "cert"); \
+ check_load(sshkey_load_cert(p, &(sensitive_data.keys[o])), \
+ &(sensitive_data.keys[o]), p, "cert"); \
if (sensitive_data.keys[o] != NULL) \
debug2("hostbased key %d: %s cert from \"%s\"", o, \
sshkey_ssh_name(sensitive_data.keys[o]), p); \
@@ -2265,7 +2274,7 @@ load_public_identity_files(const struct ssh_conn_info *cinfo)
filename = default_client_percent_dollar_expand(cp, cinfo);
free(cp);
check_load(sshkey_load_public(filename, &public, NULL),
- filename, "pubkey");
+ &public, filename, "pubkey");
debug("identity file %s type %d", filename,
public ? public->type : -1);
free(options.identity_files[i]);
@@ -2284,7 +2293,7 @@ load_public_identity_files(const struct ssh_conn_info *cinfo)
continue;
xasprintf(&cp, "%s-cert", filename);
check_load(sshkey_load_public(cp, &public, NULL),
- filename, "pubkey");
+ &public, filename, "pubkey");
debug("identity file %s type %d", cp,
public ? public->type : -1);
if (public == NULL) {
@@ -2315,7 +2324,7 @@ load_public_identity_files(const struct ssh_conn_info *cinfo)
free(cp);
check_load(sshkey_load_public(filename, &public, NULL),
- filename, "certificate");
+ &public, filename, "certificate");
debug("certificate file %s type %d", filename,
public ? public->type : -1);
free(options.certificate_files[i]);
diff --git a/sshconnect2.c b/sshconnect2.c
index f9bd19ea..58fe98db 100644
--- a/sshconnect2.c
+++ b/sshconnect2.c
@@ -96,6 +96,11 @@ static const struct ssh_conn_info *xxx_conn_info;
static int
verify_host_key_callback(struct sshkey *hostkey, struct ssh *ssh)
{
+ int r;
+
+ if ((r = sshkey_check_rsa_length(hostkey,
+ options.required_rsa_size)) != 0)
+ fatal_r(r, "Bad server host key");
if (verify_host_key(xxx_host, xxx_hostaddr, hostkey,
xxx_conn_info) == -1)
fatal("Host key verification failed.");
@@ -1606,6 +1611,13 @@ load_identity_file(Identity *id)
private = NULL;
quit = 1;
}
+ if (!quit && (r = sshkey_check_rsa_length(private,
+ options.required_rsa_size)) != 0) {
+ debug_fr(r, "Skipping key %s", id->filename);
+ sshkey_free(private);
+ private = NULL;
+ quit = 1;
+ }
if (!quit && private != NULL && id->agent_fd == -1 &&
!(id->key && id->isprivate))
maybe_add_key_to_agent(id->filename, private, comment,
@@ -1752,6 +1764,12 @@ pubkey_prepare(struct ssh *ssh, Authctxt *authctxt)
/* list of keys supported by the agent */
if ((r = get_agent_identities(ssh, &agent_fd, &idlist)) == 0) {
for (j = 0; j < idlist->nkeys; j++) {
+ if ((r = sshkey_check_rsa_length(idlist->keys[j],
+ options.required_rsa_size)) != 0) {
+ debug_fr(r, "ignoring %s agent key",
+ sshkey_ssh_name(idlist->keys[j]));
+ continue;
+ }
found = 0;
TAILQ_FOREACH(id, &files, next) {
/*
diff --git a/sshd.c b/sshd.c
index 17eee9d8..395ef493 100644
--- a/sshd.c
+++ b/sshd.c
@@ -1870,6 +1870,13 @@ main(int ac, char **av)
fatal_r(r, "Could not demote key: \"%s\"",
options.host_key_files[i]);
}
+ if (pubkey != NULL && (r = sshkey_check_rsa_length(pubkey,
+ options.required_rsa_size)) != 0) {
+ error_fr(r, "Host key %s", options.host_key_files[i]);
+ sshkey_free(pubkey);
+ sshkey_free(key);
+ continue;
+ }
sensitive_data.host_keys[i] = key;
sensitive_data.host_pubkeys[i] = pubkey;
diff --git a/sshkey.c b/sshkey.c
index ed2b5dff..77093235 100644
--- a/sshkey.c
+++ b/sshkey.c
@@ -2365,18 +2365,24 @@ cert_parse(struct sshbuf *b, struct sshkey *key, struct sshbuf *certbuf)
return ret;
}
-#ifdef WITH_OPENSSL
-static int
-check_rsa_length(const RSA *rsa)
+int
+sshkey_check_rsa_length(const struct sshkey *k, int min_size)
{
+#ifdef WITH_OPENSSL
const BIGNUM *rsa_n;
+ int nbits;
- RSA_get0_key(rsa, &rsa_n, NULL, NULL);
- if (BN_num_bits(rsa_n) < SSH_RSA_MINIMUM_MODULUS_SIZE)
+ if (k == NULL || k->rsa == NULL ||
+ (k->type != KEY_RSA && k->type != KEY_RSA_CERT))
+ return 0;
+ RSA_get0_key(k->rsa, &rsa_n, NULL, NULL);
+ nbits = BN_num_bits(rsa_n);
+ if (nbits < SSH_RSA_MINIMUM_MODULUS_SIZE ||
+ (min_size > 0 && nbits < min_size))
return SSH_ERR_KEY_LENGTH;
+#endif /* WITH_OPENSSL */
return 0;
}
-#endif
static int
sshkey_from_blob_internal(struct sshbuf *b, struct sshkey **keyp,
@@ -2439,7 +2445,7 @@ sshkey_from_blob_internal(struct sshbuf *b, struct sshkey **keyp,
goto out;
}
rsa_n = rsa_e = NULL; /* transferred */
- if ((ret = check_rsa_length(key->rsa)) != 0)
+ if ((ret = sshkey_check_rsa_length(key, 0)) != 0)
goto out;
#ifdef DEBUG_PK
RSA_print_fp(stderr, key->rsa, 8);
@@ -3642,7 +3648,7 @@ sshkey_private_deserialize(struct sshbuf *buf, struct sshkey **kp)
goto out;
}
rsa_p = rsa_q = NULL; /* transferred */
- if ((r = check_rsa_length(k->rsa)) != 0)
+ if ((r = sshkey_check_rsa_length(k, 0)) != 0)
goto out;
if ((r = ssh_rsa_complete_crt_parameters(k, rsa_iqmp)) != 0)
goto out;
@@ -4644,7 +4650,7 @@ sshkey_parse_private_pem_fileblob(struct sshbuf *blob, int type,
r = SSH_ERR_LIBCRYPTO_ERROR;
goto out;
}
- if ((r = check_rsa_length(prv->rsa)) != 0)
+ if ((r = sshkey_check_rsa_length(prv, 0)) != 0)
goto out;
} else if (EVP_PKEY_base_id(pk) == EVP_PKEY_DSA &&
(type == KEY_UNSPEC || type == KEY_DSA)) {
diff --git a/sshkey.h b/sshkey.h
index 094815e0..be254e6b 100644
--- a/sshkey.h
+++ b/sshkey.h
@@ -273,6 +273,7 @@ int sshkey_parse_private_fileblob_type(struct sshbuf *blob, int type,
int sshkey_parse_pubkey_from_private_fileblob_type(struct sshbuf *blob,
int type, struct sshkey **pubkeyp);
+int sshkey_check_rsa_length(const struct sshkey *, int);
/* XXX should be internal, but used by ssh-keygen */
int ssh_rsa_complete_crt_parameters(struct sshkey *, const BIGNUM *);
diff --git a/ssh.1 b/ssh.1
index b4956aec..e255b9b9 100644
--- a/ssh.1
+++ b/ssh.1
@@ -571,6 +571,7 @@ For full details of the options listed below, and their possible values, see
.It RemoteCommand
.It RemoteForward
.It RequestTTY
+.It RequiredRSASize
.It SendEnv
.It ServerAliveInterval
.It ServerAliveCountMax
diff --git a/ssh_config.5 b/ssh_config.5
index 24a46460..d1ede18e 100644
--- a/ssh_config.5
+++ b/ssh_config.5
@@ -1634,6 +1634,17 @@ and
.Fl T
flags for
.Xr ssh 1 .
+.It Cm RequiredRSASize
+Specifies the minimum RSA key size (in bits) that
+.Xr ssh 1
+will accept.
+User authentication keys smaller than this limit will be ignored.
+Servers that present host keys smaller than this limit will cause the
+connection to be terminated.
+The default is
+.Cm 1024
+bits.
+Note that this limit may only be raised from the default.
.It Cm RevokedHostKeys
Specifies revoked host public keys.
Keys listed in this file will be refused for host authentication.
diff --git a/sshd_config.5 b/sshd_config.5
index 867a747d..f5a06637 100644
--- a/sshd_config.5
+++ b/sshd_config.5
@@ -1596,6 +1596,16 @@ is
.Cm default none ,
which means that rekeying is performed after the cipher's default amount
of data has been sent or received and no time based rekeying is done.
+.It Cm RequiredRSASize
+Specifies the minimum RSA key size (in bits) that
+.Xr sshd 8
+will accept.
+User and host-based authentication keys smaller than this limit will be
+refused.
+The default is
+.Cm 1024
+bits.
+Note that this limit may only be raised from the default.
.It Cm RevokedKeys
Specifies revoked public keys file, or
.Cm none

View File

@ -1,13 +1,22 @@
diff --color -rup a/regress/hostkey-agent.sh b/regress/hostkey-agent.sh diff -up openssh-9.3p1/regress/hostkey-agent.sh.xxx openssh-9.3p1/regress/hostkey-agent.sh
--- a/regress/hostkey-agent.sh 2021-08-20 06:03:49.000000000 +0200 --- openssh-9.3p1/regress/hostkey-agent.sh.xxx 2023-05-29 18:15:56.311236887 +0200
+++ b/regress/hostkey-agent.sh 2022-07-14 11:58:12.172786060 +0200 +++ openssh-9.3p1/regress/hostkey-agent.sh 2023-05-29 18:16:07.598503551 +0200
@@ -13,8 +13,12 @@ r=$? @@ -17,8 +17,21 @@ trace "make CA key"
${SSHKEYGEN} -qt ed25519 -f $OBJ/agent-ca -N '' || fatal "ssh-keygen CA" ${SSHKEYGEN} -qt ed25519 -f $OBJ/agent-ca -N '' || fatal "ssh-keygen CA"
+PUBKEY_ACCEPTED_ALGOS=`$SSH -G "example.com" | \ +PUBKEY_ACCEPTED_ALGOS=`$SSH -G "example.com" | \
+ grep -i "PubkeyAcceptedAlgorithms" | cut -d ' ' -f2- | tr "," "|"` + grep -i "PubkeyAcceptedAlgorithms" | cut -d ' ' -f2- | tr "," "|"`
+SSH_ACCEPTED_KEYTYPES=`echo "$SSH_KEYTYPES" | egrep "$PUBKEY_ACCEPTED_ALGOS"` +SSH_ACCEPTED_KEYTYPES=`echo "$SSH_KEYTYPES" | egrep "$PUBKEY_ACCEPTED_ALGOS"`
+echo $PUBKEY_ACCEPTED_ALGOS | grep "rsa"
+r=$?
+if [ $r == 0 ]; then
+echo $SSH_ACCEPTED_KEYTYPES | grep "rsa"
+r=$?
+if [ $r -ne 0 ]; then
+SSH_ACCEPTED_KEYTYPES="$SSH_ACCEPTED_KEYTYPES ssh-rsa"
+fi
+fi
+ +
trace "load hostkeys" trace "load hostkeys"
-for k in $SSH_KEYTYPES ; do -for k in $SSH_KEYTYPES ; do
@ -15,49 +24,94 @@ diff --color -rup a/regress/hostkey-agent.sh b/regress/hostkey-agent.sh
${SSHKEYGEN} -qt $k -f $OBJ/agent-key.$k -N '' || fatal "ssh-keygen $k" ${SSHKEYGEN} -qt $k -f $OBJ/agent-key.$k -N '' || fatal "ssh-keygen $k"
${SSHKEYGEN} -s $OBJ/agent-ca -qh -n localhost-with-alias \ ${SSHKEYGEN} -s $OBJ/agent-ca -qh -n localhost-with-alias \
-I localhost-with-alias $OBJ/agent-key.$k.pub || \ -I localhost-with-alias $OBJ/agent-key.$k.pub || \
@@ -31,7 +35,7 @@ cp $OBJ/known_hosts.orig $OBJ/known_host @@ -32,12 +48,16 @@ rm $OBJ/agent-ca # Don't need CA private
unset SSH_AUTH_SOCK unset SSH_AUTH_SOCK
-for k in $SSH_KEYTYPES ; do -for k in $SSH_KEYTYPES ; do
+for k in $SSH_ACCEPTED_KEYTYPES ; do +for k in $SSH_ACCEPTED_KEYTYPES ; do
verbose "key type $k" verbose "key type $k"
+ hka=$k
+ if [ $k = "ssh-rsa" ]; then
+ hka="rsa-sha2-512"
+ fi
cp $OBJ/sshd_proxy.orig $OBJ/sshd_proxy cp $OBJ/sshd_proxy.orig $OBJ/sshd_proxy
echo "HostKeyAlgorithms $k" >> $OBJ/sshd_proxy - echo "HostKeyAlgorithms $k" >> $OBJ/sshd_proxy
diff --color -rup a/sshconnect2.c b/sshconnect2.c + echo "HostKeyAlgorithms $hka" >> $OBJ/sshd_proxy
--- a/sshconnect2.c 2022-07-14 10:10:07.262975710 +0200 echo "Hostkey $OBJ/agent-key.${k}" >> $OBJ/sshd_proxy
+++ b/sshconnect2.c 2022-07-14 10:10:32.068452067 +0200 - opts="-oHostKeyAlgorithms=$k -F $OBJ/ssh_proxy"
@@ -222,6 +222,7 @@ ssh_kex2(struct ssh *ssh, char *host, st + opts="-oHostKeyAlgorithms=$hka -F $OBJ/ssh_proxy"
( printf 'localhost-with-alias,127.0.0.1,::1 ' ;
cat $OBJ/agent-key.$k.pub) > $OBJ/known_hosts
SSH_CONNECTION=`${SSH} $opts host 'echo $SSH_CONNECTION'`
@@ -50,15 +70,16 @@ for k in $SSH_KEYTYPES ; do
done
SSH_CERTTYPES=`ssh -Q key-sig | grep 'cert-v01@openssh.com'`
+SSH_ACCEPTED_CERTTYPES=`echo "$SSH_CERTTYPES" | egrep "$PUBKEY_ACCEPTED_ALGOS"`
# Prepare sshd_proxy for certificates.
cp $OBJ/sshd_proxy.orig $OBJ/sshd_proxy
HOSTKEYALGS=""
-for k in $SSH_CERTTYPES ; do
+for k in $SSH_ACCEPTED_CERTTYPES ; do
test -z "$HOSTKEYALGS" || HOSTKEYALGS="${HOSTKEYALGS},"
HOSTKEYALGS="${HOSTKEYALGS}${k}"
done
-for k in $SSH_KEYTYPES ; do
+for k in $SSH_ACCEPTED_KEYTYPES ; do
echo "Hostkey $OBJ/agent-key.${k}.pub" >> $OBJ/sshd_proxy
echo "HostCertificate $OBJ/agent-key.${k}-cert.pub" >> $OBJ/sshd_proxy
test -f $OBJ/agent-key.${k}.pub || fatal "no $k key"
@@ -70,7 +93,7 @@ echo "HostKeyAlgorithms $HOSTKEYALGS" >>
( printf '@cert-authority localhost-with-alias ' ;
cat $OBJ/agent-ca.pub) > $OBJ/known_hosts
-for k in $SSH_CERTTYPES ; do
+for k in $SSH_ACCEPTED_CERTTYPES ; do
verbose "cert type $k"
opts="-oHostKeyAlgorithms=$k -F $OBJ/ssh_proxy"
SSH_CONNECTION=`${SSH} $opts host 'echo $SSH_CONNECTION'`
diff -up openssh-9.3p1/sshconnect2.c.xxx openssh-9.3p1/sshconnect2.c
--- openssh-9.3p1/sshconnect2.c.xxx 2023-04-26 17:37:35.100827792 +0200
+++ openssh-9.3p1/sshconnect2.c 2023-04-26 17:50:31.860748877 +0200
@@ -221,7 +221,7 @@ ssh_kex2(struct ssh *ssh, char *host, st
const struct ssh_conn_info *cinfo)
{ {
char *myproposal[PROPOSAL_MAX] = { KEX_CLIENT }; char *myproposal[PROPOSAL_MAX];
char *s, *all_key; - char *s, *all_key, *hkalgs = NULL;
+ char *hostkeyalgs = NULL, *pkalg = NULL; + char *s, *all_key, *hkalgs = NULL, *filtered_algs = NULL;
char *prop_kex = NULL, *prop_enc = NULL, *prop_hostkey = NULL;
int r, use_known_hosts_order = 0; int r, use_known_hosts_order = 0;
@@ -264,14 +265,19 @@ ssh_kex2(struct ssh *ssh, char *host, st #if defined(GSSAPI) && defined(WITH_OPENSSL)
myproposal[PROPOSAL_MAC_ALGS_STOC] = options.macs; @@ -260,9 +260,21 @@ ssh_kex2(struct ssh *ssh, char *host, st
if (use_known_hosts_order) { if (use_known_hosts_order)
/* Query known_hosts and prefer algorithms that appear there */ hkalgs = order_hostkeyalgs(host, hostaddr, port, cinfo);
- myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = prop_hostkey =
- compat_pkalg_proposal(ssh, + filtered_algs = hkalgs ? match_filter_allowlist(hkalgs, options.pubkey_accepted_algos)
- order_hostkeyalgs(host, hostaddr, port, cinfo)); + : match_filter_allowlist(options.hostkeyalgorithms,
+ if ((hostkeyalgs = order_hostkeyalgs(host, hostaddr, port, cinfo)) == NULL) + options.pubkey_accepted_algos);
+ fatal_f("order_hostkeyalgs"); + if (filtered_algs == NULL) {
+ pkalg = match_filter_allowlist(hostkeyalgs, options.pubkey_accepted_algos); + if (hkalgs)
+ free(hostkeyalgs); + fatal_f("No match between algorithms for %s (host %s) and pubkey accepted algorithms %s",
} else { + hkalgs, host, options.pubkey_accepted_algos);
- /* Use specified HostkeyAlgorithms exactly */ + else
- myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = prop_hostkey = + fatal_f("No match between host key algorithms %s and pubkey accepted algorithms %s",
- compat_pkalg_proposal(ssh, options.hostkeyalgorithms); + options.hostkeyalgorithms, options.pubkey_accepted_algos);
+ /* Use specified HostkeyAlgorithms */ + }
+ pkalg = match_filter_allowlist(options.hostkeyalgorithms, options.pubkey_accepted_algos); +
} kex_proposal_populate_entries(ssh, myproposal, s, options.ciphers,
+ if (pkalg == NULL) options.macs, compression_alg_list(options.compression),
+ fatal_f("match_filter_allowlist"); - hkalgs ? hkalgs : options.hostkeyalgorithms);
+ myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = prop_hostkey = + filtered_algs);
+ compat_pkalg_proposal(ssh, pkalg);
+ free(pkalg);
#if defined(GSSAPI) && defined(WITH_OPENSSL) #if defined(GSSAPI) && defined(WITH_OPENSSL)
if (options.gss_keyex) { if (options.gss_keyex) {
@@ -303,6 +315,7 @@ ssh_kex2(struct ssh *ssh, char *host, st
#endif
free(hkalgs);
+ free(filtered_algs);
/* start key exchange */
if ((r = kex_setup(ssh, myproposal)) != 0)

View File

@ -295,6 +295,14 @@ diff -up openssh-8.7p1/regress/unittests/sshsig/tests.c.sshrsacheck openssh-8.7p
diff -up openssh-8.7p1/serverloop.c.sshrsacheck openssh-8.7p1/serverloop.c diff -up openssh-8.7p1/serverloop.c.sshrsacheck openssh-8.7p1/serverloop.c
--- openssh-8.7p1/serverloop.c.sshrsacheck 2023-01-12 14:57:08.118400073 +0100 --- openssh-8.7p1/serverloop.c.sshrsacheck 2023-01-12 14:57:08.118400073 +0100
+++ openssh-8.7p1/serverloop.c 2023-01-12 14:59:17.330470518 +0100 +++ openssh-8.7p1/serverloop.c 2023-01-12 14:59:17.330470518 +0100
@@ -80,6 +80,7 @@
#include "auth-options.h"
#include "serverloop.h"
#include "ssherr.h"
+#include "compat.h"
extern ServerOptions options;
@@ -737,6 +737,10 @@ server_input_hostkeys_prove(struct ssh * @@ -737,6 +737,10 @@ server_input_hostkeys_prove(struct ssh *
else if (ssh->kex->flags & KEX_RSA_SHA2_256_SUPPORTED) else if (ssh->kex->flags & KEX_RSA_SHA2_256_SUPPORTED)
sigalg = "rsa-sha2-256"; sigalg = "rsa-sha2-256";
@ -328,9 +336,9 @@ diff -up openssh-8.7p1/sshd.c.sshrsacheck openssh-8.7p1/sshd.c
--- openssh-8.7p1/sshd.c.sshrsacheck 2023-01-12 13:29:06.355711140 +0100 --- openssh-8.7p1/sshd.c.sshrsacheck 2023-01-12 13:29:06.355711140 +0100
+++ openssh-8.7p1/sshd.c 2023-01-12 13:29:06.358711178 +0100 +++ openssh-8.7p1/sshd.c 2023-01-12 13:29:06.358711178 +0100
@@ -1640,6 +1651,7 @@ main(int ac, char **av) @@ -1640,6 +1651,7 @@ main(int ac, char **av)
int keytype;
Authctxt *authctxt; Authctxt *authctxt;
struct connection_info *connection_info = NULL; struct connection_info *connection_info = NULL;
sigset_t sigmask;
+ int forbid_ssh_rsa = 0; + int forbid_ssh_rsa = 0;
#ifdef HAVE_SECUREWARE #ifdef HAVE_SECUREWARE
@ -379,38 +387,6 @@ diff -up openssh-8.7p1/sshd.c.sshrsacheck openssh-8.7p1/sshd.c
/* Prepare the channels layer */ /* Prepare the channels layer */
channel_init_channels(ssh); channel_init_channels(ssh);
channel_set_af(ssh, options.address_family); channel_set_af(ssh, options.address_family);
diff -Nur openssh-8.7p1/ssh-keygen.c openssh-8.7p1_patched/ssh-keygen.c
--- openssh-8.7p1/ssh-keygen.c 2023-01-18 17:41:47.894515779 +0100
+++ openssh-8.7p1_patched/ssh-keygen.c 2023-01-18 17:41:44.500488818 +0100
@@ -491,6 +491,8 @@
BIGNUM *dsa_pub_key = NULL, *dsa_priv_key = NULL;
BIGNUM *rsa_n = NULL, *rsa_e = NULL, *rsa_d = NULL;
BIGNUM *rsa_p = NULL, *rsa_q = NULL, *rsa_iqmp = NULL;
+ char rsa_safe_alg[] = "rsa-sha2-256";
+ char *alg = NULL;
if ((r = sshbuf_get_u32(b, &magic)) != 0)
fatal_fr(r, "parse magic");
@@ -590,6 +592,7 @@ do_convert_private_ssh2(struct sshbuf *b
if ((r = ssh_rsa_complete_crt_parameters(key, rsa_iqmp)) != 0)
fatal_fr(r, "generate RSA parameters");
BN_clear_free(rsa_iqmp);
+ alg = rsa_safe_alg;
break;
}
rlen = sshbuf_len(b);
@@ -598,9 +601,9 @@ do_convert_private_ssh2(struct sshbuf *b
/* try the key */
if (sshkey_sign(key, &sig, &slen, data, sizeof(data),
- NULL, NULL, NULL, 0) != 0 ||
+ alg, NULL, NULL, 0) != 0 ||
sshkey_verify(key, sig, slen, data, sizeof(data),
- NULL, 0, NULL) != 0) {
+ alg, 0, NULL) != 0) {
sshkey_free(key);
free(sig);
return NULL;
diff -up openssh-8.7p1/ssh-rsa.c.sshrsacheck openssh-8.7p1/ssh-rsa.c diff -up openssh-8.7p1/ssh-rsa.c.sshrsacheck openssh-8.7p1/ssh-rsa.c
--- openssh-8.7p1/ssh-rsa.c.sshrsacheck 2023-01-20 13:07:54.180676144 +0100 --- openssh-8.7p1/ssh-rsa.c.sshrsacheck 2023-01-20 13:07:54.180676144 +0100
+++ openssh-8.7p1/ssh-rsa.c 2023-01-20 13:07:54.290677074 +0100 +++ openssh-8.7p1/ssh-rsa.c 2023-01-20 13:07:54.290677074 +0100

View File

@ -5,8 +5,8 @@ diff -up openssh-8.7p1/scp.c.scp-sftpdirs openssh-8.7p1/scp.c
if (src_is_dir && iamrecursive) { if (src_is_dir && iamrecursive) {
if (upload_dir(conn, src, abs_dst, pflag, if (upload_dir(conn, src, abs_dst, pflag,
- SFTP_PROGRESS_ONLY, 0, 0, 1) != 0) { - SFTP_PROGRESS_ONLY, 0, 0, 1, 1) != 0) {
+ SFTP_PROGRESS_ONLY, 0, 0, 1, 1) != 0) { + SFTP_PROGRESS_ONLY, 0, 0, 1, 1, 1) != 0) {
error("failed to upload directory %s to %s", src, targ); error("failed to upload directory %s to %s", src, targ);
errs = 1; errs = 1;
} }
@ -108,8 +108,8 @@ diff -up openssh-8.7p1/sftp-client.c.scp-sftpdirs openssh-8.7p1/sftp-client.c
int int
upload_dir(struct sftp_conn *conn, const char *src, const char *dst, upload_dir(struct sftp_conn *conn, const char *src, const char *dst,
int preserve_flag, int print_flag, int resume, int fsync_flag, int preserve_flag, int print_flag, int resume, int fsync_flag,
- int follow_link_flag) - int follow_link_flag, int inplace_flag)
+ int follow_link_flag, int create_dir) + int follow_link_flag, int inplace_flag, int create_dir)
{ {
char *dst_canon; char *dst_canon;
int ret; int ret;
@ -143,9 +143,9 @@ diff -up openssh-8.7p1/sftp-client.h.scp-sftpdirs openssh-8.7p1/sftp-client.h
@@ -159,7 +159,7 @@ int do_upload(struct sftp_conn *, const @@ -159,7 +159,7 @@ int do_upload(struct sftp_conn *, const
* times if 'pflag' is set * times if 'pflag' is set
*/ */
int upload_dir(struct sftp_conn *, const char *, const char *, int, int, int, int upload_dir(struct sftp_conn *, const char *, const char *,
- int, int); - int, int, int, int, int, int);
+ int, int, int); + int, int, int, int, int, int, int);
/* /*
* Download a 'from_path' from the 'from' connection and upload it to * Download a 'from_path' from the 'from' connection and upload it to
@ -156,8 +156,8 @@ diff -up openssh-8.7p1/sftp.c.scp-sftpdirs openssh-8.7p1/sftp.c
if (globpath_is_dir(g.gl_pathv[i]) && (rflag || global_rflag)) { if (globpath_is_dir(g.gl_pathv[i]) && (rflag || global_rflag)) {
if (upload_dir(conn, g.gl_pathv[i], abs_dst, if (upload_dir(conn, g.gl_pathv[i], abs_dst,
pflag || global_pflag, 1, resume, pflag || global_pflag, 1, resume,
- fflag || global_fflag, 0) == -1) - fflag || global_fflag, 0, 0) == -1)
+ fflag || global_fflag, 0, 0) == -1) + fflag || global_fflag, 0, 0, 0) == -1)
err = -1; err = -1;
} else { } else {
if (do_upload(conn, g.gl_pathv[i], abs_dst, if (do_upload(conn, g.gl_pathv[i], abs_dst,

View File

@ -1,303 +0,0 @@
diff --color -rup a/scp.c b/scp.c
--- a/scp.c 2022-07-26 14:51:40.560120817 +0200
+++ b/scp.c 2022-07-26 14:52:37.118213004 +0200
@@ -1324,11 +1324,11 @@ source_sftp(int argc, char *src, char *t
if (src_is_dir && iamrecursive) {
if (upload_dir(conn, src, abs_dst, pflag,
- SFTP_PROGRESS_ONLY, 0, 0, 1, 1) != 0) {
+ SFTP_PROGRESS_ONLY, 0, 0, 1, 1, 1) != 0) {
error("failed to upload directory %s to %s", src, targ);
errs = 1;
}
- } else if (do_upload(conn, src, abs_dst, pflag, 0, 0) != 0) {
+ } else if (do_upload(conn, src, abs_dst, pflag, 0, 0, 1) != 0) {
error("failed to upload file %s to %s", src, targ);
errs = 1;
}
@@ -1566,11 +1566,11 @@ sink_sftp(int argc, char *dst, const cha
debug("Fetching %s to %s\n", g.gl_pathv[i], abs_dst);
if (globpath_is_dir(g.gl_pathv[i]) && iamrecursive) {
if (download_dir(conn, g.gl_pathv[i], abs_dst, NULL,
- pflag, SFTP_PROGRESS_ONLY, 0, 0, 1) == -1)
+ pflag, SFTP_PROGRESS_ONLY, 0, 0, 1, 1) == -1)
err = -1;
} else {
if (do_download(conn, g.gl_pathv[i], abs_dst, NULL,
- pflag, 0, 0) == -1)
+ pflag, 0, 0, 1) == -1)
err = -1;
}
free(abs_dst);
diff --color -rup a/sftp.c b/sftp.c
--- a/sftp.c 2022-07-26 14:51:40.561120836 +0200
+++ b/sftp.c 2022-07-26 14:52:37.119213023 +0200
@@ -666,12 +666,12 @@ process_get(struct sftp_conn *conn, cons
if (globpath_is_dir(g.gl_pathv[i]) && (rflag || global_rflag)) {
if (download_dir(conn, g.gl_pathv[i], abs_dst, NULL,
pflag || global_pflag, 1, resume,
- fflag || global_fflag, 0) == -1)
+ fflag || global_fflag, 0, 0) == -1)
err = -1;
} else {
if (do_download(conn, g.gl_pathv[i], abs_dst, NULL,
pflag || global_pflag, resume,
- fflag || global_fflag) == -1)
+ fflag || global_fflag, 0) == -1)
err = -1;
}
free(abs_dst);
@@ -760,12 +760,12 @@ process_put(struct sftp_conn *conn, cons
if (globpath_is_dir(g.gl_pathv[i]) && (rflag || global_rflag)) {
if (upload_dir(conn, g.gl_pathv[i], abs_dst,
pflag || global_pflag, 1, resume,
- fflag || global_fflag, 0, 0) == -1)
+ fflag || global_fflag, 0, 0, 0) == -1)
err = -1;
} else {
if (do_upload(conn, g.gl_pathv[i], abs_dst,
pflag || global_pflag, resume,
- fflag || global_fflag) == -1)
+ fflag || global_fflag, 0) == -1)
err = -1;
}
}
diff --color -rup a/sftp-client.c b/sftp-client.c
--- a/sftp-client.c 2022-07-26 14:51:40.561120836 +0200
+++ b/sftp-client.c 2022-07-26 15:09:54.825295533 +0200
@@ -1454,7 +1454,7 @@ progress_meter_path(const char *path)
int
do_download(struct sftp_conn *conn, const char *remote_path,
const char *local_path, Attrib *a, int preserve_flag, int resume_flag,
- int fsync_flag)
+ int fsync_flag, int inplace_flag)
{
struct sshbuf *msg;
u_char *handle;
@@ -1498,8 +1498,8 @@ do_download(struct sftp_conn *conn, cons
&handle, &handle_len) != 0)
return -1;
- local_fd = open(local_path,
- O_WRONLY | O_CREAT | (resume_flag ? 0 : O_TRUNC), mode | S_IWUSR);
+ local_fd = open(local_path, O_WRONLY | O_CREAT |
+ ((resume_flag || inplace_flag) ? 0 : O_TRUNC), mode | S_IWUSR);
if (local_fd == -1) {
error("open local \"%s\": %s", local_path, strerror(errno));
goto fail;
@@ -1661,8 +1661,11 @@ do_download(struct sftp_conn *conn, cons
/* Sanity check */
if (TAILQ_FIRST(&requests) != NULL)
fatal("Transfer complete, but requests still in queue");
- /* Truncate at highest contiguous point to avoid holes on interrupt */
- if (read_error || write_error || interrupted) {
+ /*
+ * Truncate at highest contiguous point to avoid holes on interrupt,
+ * or unconditionally if writing in place.
+ */
+ if (inplace_flag || read_error || write_error || interrupted) {
if (reordered && resume_flag) {
error("Unable to resume download of \"%s\": "
"server reordered requests", local_path);
@@ -1724,7 +1727,7 @@ do_download(struct sftp_conn *conn, cons
static int
download_dir_internal(struct sftp_conn *conn, const char *src, const char *dst,
int depth, Attrib *dirattrib, int preserve_flag, int print_flag,
- int resume_flag, int fsync_flag, int follow_link_flag)
+ int resume_flag, int fsync_flag, int follow_link_flag, int inplace_flag)
{
int i, ret = 0;
SFTP_DIRENT **dir_entries;
@@ -1781,7 +1784,7 @@ download_dir_internal(struct sftp_conn *
if (download_dir_internal(conn, new_src, new_dst,
depth + 1, &(dir_entries[i]->a), preserve_flag,
print_flag, resume_flag,
- fsync_flag, follow_link_flag) == -1)
+ fsync_flag, follow_link_flag, inplace_flag) == -1)
ret = -1;
} else if (S_ISREG(dir_entries[i]->a.perm) ||
(follow_link_flag && S_ISLNK(dir_entries[i]->a.perm))) {
@@ -1793,7 +1796,8 @@ download_dir_internal(struct sftp_conn *
if (do_download(conn, new_src, new_dst,
S_ISLNK(dir_entries[i]->a.perm) ? NULL :
&(dir_entries[i]->a),
- preserve_flag, resume_flag, fsync_flag) == -1) {
+ preserve_flag, resume_flag, fsync_flag,
+ inplace_flag) == -1) {
error("Download of file %s to %s failed",
new_src, new_dst);
ret = -1;
@@ -1831,7 +1835,7 @@ download_dir_internal(struct sftp_conn *
int
download_dir(struct sftp_conn *conn, const char *src, const char *dst,
Attrib *dirattrib, int preserve_flag, int print_flag, int resume_flag,
- int fsync_flag, int follow_link_flag)
+ int fsync_flag, int follow_link_flag, int inplace_flag)
{
char *src_canon;
int ret;
@@ -1843,26 +1847,25 @@ download_dir(struct sftp_conn *conn, con
ret = download_dir_internal(conn, src_canon, dst, 0,
dirattrib, preserve_flag, print_flag, resume_flag, fsync_flag,
- follow_link_flag);
+ follow_link_flag, inplace_flag);
free(src_canon);
return ret;
}
int
do_upload(struct sftp_conn *conn, const char *local_path,
- const char *remote_path, int preserve_flag, int resume, int fsync_flag)
+ const char *remote_path, int preserve_flag, int resume,
+ int fsync_flag, int inplace_flag)
{
int r, local_fd;
- u_int status = SSH2_FX_OK;
- u_int id;
- u_char type;
+ u_int openmode, id, status = SSH2_FX_OK, reordered = 0;
off_t offset, progress_counter;
- u_char *handle, *data;
+ u_char type, *handle, *data;
struct sshbuf *msg;
struct stat sb;
- Attrib a, *c = NULL;
- u_int32_t startid;
- u_int32_t ackid;
+ Attrib a, t, *c = NULL;
+ u_int32_t startid, ackid;
+ u_int64_t highwater = 0;
struct request *ack = NULL;
struct requests acks;
size_t handle_len;
@@ -1913,10 +1916,15 @@ do_upload(struct sftp_conn *conn, const
}
}
+ openmode = SSH2_FXF_WRITE|SSH2_FXF_CREAT;
+ if (resume)
+ openmode |= SSH2_FXF_APPEND;
+ else if (!inplace_flag)
+ openmode |= SSH2_FXF_TRUNC;
+
/* Send open request */
- if (send_open(conn, remote_path, "dest", SSH2_FXF_WRITE|SSH2_FXF_CREAT|
- (resume ? SSH2_FXF_APPEND : SSH2_FXF_TRUNC),
- &a, &handle, &handle_len) != 0) {
+ if (send_open(conn, remote_path, "dest", openmode, &a,
+ &handle, &handle_len) != 0) {
close(local_fd);
return -1;
}
@@ -1999,6 +2007,12 @@ do_upload(struct sftp_conn *conn, const
ack->id, ack->len, (unsigned long long)ack->offset);
++ackid;
progress_counter += ack->len;
+ if (!reordered && ack->offset <= highwater)
+ highwater = ack->offset + ack->len;
+ else if (!reordered && ack->offset > highwater) {
+ debug3_f("server reordered ACKs");
+ reordered = 1;
+ }
free(ack);
}
offset += len;
@@ -2017,6 +2031,14 @@ do_upload(struct sftp_conn *conn, const
status = SSH2_FX_FAILURE;
}
+ if (inplace_flag || (resume && (status != SSH2_FX_OK || interrupted))) {
+ debug("truncating at %llu", (unsigned long long)highwater);
+ attrib_clear(&t);
+ t.flags = SSH2_FILEXFER_ATTR_SIZE;
+ t.size = highwater;
+ do_fsetstat(conn, handle, handle_len, &t);
+ }
+
if (close(local_fd) == -1) {
error("close local \"%s\": %s", local_path, strerror(errno));
status = SSH2_FX_FAILURE;
@@ -2041,7 +2063,7 @@ do_upload(struct sftp_conn *conn, const
static int
upload_dir_internal(struct sftp_conn *conn, const char *src, const char *dst,
int depth, int preserve_flag, int print_flag, int resume, int fsync_flag,
- int follow_link_flag)
+ int follow_link_flag, int inplace_flag)
{
int ret = 0;
DIR *dirp;
@@ -2119,12 +2141,13 @@ upload_dir_internal(struct sftp_conn *co
if (upload_dir_internal(conn, new_src, new_dst,
depth + 1, preserve_flag, print_flag, resume,
- fsync_flag, follow_link_flag) == -1)
+ fsync_flag, follow_link_flag, inplace_flag) == -1)
ret = -1;
} else if (S_ISREG(sb.st_mode) ||
(follow_link_flag && S_ISLNK(sb.st_mode))) {
if (do_upload(conn, new_src, new_dst,
- preserve_flag, resume, fsync_flag) == -1) {
+ preserve_flag, resume, fsync_flag,
+ inplace_flag) == -1) {
error("upload \"%s\" to \"%s\" failed",
new_src, new_dst);
ret = -1;
@@ -2144,7 +2167,7 @@ upload_dir_internal(struct sftp_conn *co
int
upload_dir(struct sftp_conn *conn, const char *src, const char *dst,
int preserve_flag, int print_flag, int resume, int fsync_flag,
- int follow_link_flag, int create_dir)
+ int follow_link_flag, int create_dir, int inplace_flag)
{
char *dst_canon;
int ret;
@@ -2155,7 +2178,7 @@ upload_dir(struct sftp_conn *conn, const
}
ret = upload_dir_internal(conn, src, dst_canon, 0, preserve_flag,
- print_flag, resume, fsync_flag, follow_link_flag);
+ print_flag, resume, fsync_flag, follow_link_flag, inplace_flag);
free(dst_canon);
return ret;
diff --color -rup a/sftp-client.h b/sftp-client.h
--- a/sftp-client.h 2022-07-26 14:51:40.561120836 +0200
+++ b/sftp-client.h 2022-07-26 14:52:37.120213042 +0200
@@ -138,28 +138,29 @@ int do_fsync(struct sftp_conn *conn, u_c
* Download 'remote_path' to 'local_path'. Preserve permissions and times
* if 'pflag' is set
*/
-int do_download(struct sftp_conn *, const char *, const char *,
- Attrib *, int, int, int);
+int do_download(struct sftp_conn *, const char *, const char *, Attrib *,
+ int, int, int, int);
/*
* Recursively download 'remote_directory' to 'local_directory'. Preserve
* times if 'pflag' is set
*/
-int download_dir(struct sftp_conn *, const char *, const char *,
- Attrib *, int, int, int, int, int);
+int download_dir(struct sftp_conn *, const char *, const char *, Attrib *,
+ int, int, int, int, int, int);
/*
* Upload 'local_path' to 'remote_path'. Preserve permissions and times
* if 'pflag' is set
*/
-int do_upload(struct sftp_conn *, const char *, const char *, int, int, int);
+int do_upload(struct sftp_conn *, const char *, const char *,
+ int, int, int, int);
/*
* Recursively upload 'local_directory' to 'remote_directory'. Preserve
* times if 'pflag' is set
*/
-int upload_dir(struct sftp_conn *, const char *, const char *, int, int, int,
- int, int, int);
+int upload_dir(struct sftp_conn *, const char *, const char *,
+ int, int, int, int, int, int, int);
/*
* Download a 'from_path' from the 'from' connection and upload it to

View File

@ -13,8 +13,8 @@ diff -up openssh-8.7p1/scp.1.kill-scp openssh-8.7p1/scp.1
--- openssh-8.7p1/scp.1.kill-scp 2021-09-16 12:09:02.646714578 +0200 --- openssh-8.7p1/scp.1.kill-scp 2021-09-16 12:09:02.646714578 +0200
+++ openssh-8.7p1/scp.1 2021-09-16 12:26:49.978628226 +0200 +++ openssh-8.7p1/scp.1 2021-09-16 12:26:49.978628226 +0200
@@ -278,6 +278,13 @@ to print debugging messages about their @@ -278,6 +278,13 @@ to print debugging messages about their
This is helpful in By default a 32KB buffer is used.
debugging connection, authentication, and configuration problems. .El
.El .El
+.Pp +.Pp
+Usage of SCP protocol can be blocked by creating a world-readable +Usage of SCP protocol can be blocked by creating a world-readable

View File

@ -14,9 +14,9 @@ diff --color -ru a/ssh.1 b/ssh.1
.It ControlPersist .It ControlPersist
.It DynamicForward .It DynamicForward
+.It EnableSSHKeysign +.It EnableSSHKeysign
.It EnableEscapeCommandline
.It EscapeChar .It EscapeChar
.It ExitOnForwardFailure .It ExitOnForwardFailure
.It FingerprintHash
@@ -538,6 +540,8 @@ @@ -538,6 +540,8 @@
.It IdentitiesOnly .It IdentitiesOnly
.It IdentityAgent .It IdentityAgent

View File

@ -1,41 +0,0 @@
diff -up openssh-8.8p1/regress/hostkey-agent.sh.redhat openssh-8.8p1/regress/hostkey-agent.sh
--- openssh-8.8p1/regress/hostkey-agent.sh.redhat 2022-08-10 15:54:42.084777662 +0200
+++ openssh-8.8p1/regress/hostkey-agent.sh 2022-08-10 17:01:25.651269994 +0200
@@ -36,6 +36,8 @@ unset SSH_AUTH_SOCK
unset SSH_AUTH_SOCK
for k in $SSH_ACCEPTED_KEYTYPES ; do
+ [ "$k" == "ssh-rsa" ] && continue
+ [ "$k" == "ssh-dss" ] && continue
verbose "key type $k"
cp $OBJ/sshd_proxy.orig $OBJ/sshd_proxy
echo "HostKeyAlgorithms $k" >> $OBJ/sshd_proxy
diff -up openssh-8.8p1/regress/hostkey-rotate.sh.redhat openssh-8.8p1/regress/hostkey-rotate.sh
--- openssh-8.8p1/regress/hostkey-rotate.sh.redhat 2022-08-10 16:57:12.720029146 +0200
+++ openssh-8.8p1/regress/hostkey-rotate.sh 2022-08-10 17:15:48.274923865 +0200
@@ -40,6 +40,8 @@ trace "prepare hostkeys"
nkeys=0
all_algs=""
for k in $SSH_HOSTKEY_TYPES; do
+ [ "$k" == "ssh-rsa" ] && continue
+ [ "$k" == "ssh-dss" ] && continue
${SSHKEYGEN} -qt $k -f $OBJ/hkr.$k -N '' || fatal "ssh-keygen $k"
echo "Hostkey $OBJ/hkr.${k}" >> $OBJ/sshd_proxy.orig
nkeys=`expr $nkeys + 1`
@@ -87,11 +89,15 @@ dossh -oStrictHostKeyChecking=yes -oHost
# Check that other keys learned
expect_nkeys $nkeys "learn hostkeys"
for k in $SSH_HOSTKEY_TYPES; do
+ [ "$k" == "ssh-rsa" ] && continue
+ [ "$k" == "ssh-dss" ] && continue
check_key_present $k || fail "didn't learn keytype $k"
done
# Check each key type
for k in $SSH_HOSTKEY_TYPES; do
+ [ "$k" == "ssh-rsa" ] && continue
+ [ "$k" == "ssh-dss" ] && continue
verbose "learn additional hostkeys, type=$k"
dossh -oStrictHostKeyChecking=yes -oHostKeyAlgorithms=$k,$all_algs
expect_nkeys $nkeys "learn hostkeys $k"

View File

@ -1,6 +1,6 @@
diff --color -ru -x regress -x autom4te.cache -x '*.o' -x '*.lo' -x Makefile -x config.status -x configure~ -x configure.ac ../../openssh-8.7p1/ssh-dss.c ./ssh-dss.c diff -up openssh-9.3p1/ssh-dss.c.evp-fips-sign openssh-9.3p1/ssh-dss.c
--- ../../openssh-8.7p1/ssh-dss.c 2023-03-08 15:35:14.669943335 +0100 --- openssh-9.3p1/ssh-dss.c.evp-fips-sign 2023-04-27 16:46:17.115809116 +0200
+++ ./ssh-dss.c 2023-03-08 15:34:33.508578129 +0100 +++ openssh-9.3p1/ssh-dss.c 2023-04-27 17:07:40.117253665 +0200
@@ -32,6 +32,8 @@ @@ -32,6 +32,8 @@
#include <openssl/bn.h> #include <openssl/bn.h>
#include <openssl/dsa.h> #include <openssl/dsa.h>
@ -10,7 +10,7 @@ diff --color -ru -x regress -x autom4te.cache -x '*.o' -x '*.lo' -x Makefile -x
#include <stdarg.h> #include <stdarg.h>
#include <string.h> #include <string.h>
@@ -72,9 +74,8 @@ @@ -281,9 +283,8 @@ ssh_dss_sign(struct sshkey *key,
sshkey_type_plain(key->type) != KEY_DSA) sshkey_type_plain(key->type) != KEY_DSA)
return SSH_ERR_INVALID_ARGUMENT; return SSH_ERR_INVALID_ARGUMENT;
@ -22,7 +22,7 @@ diff --color -ru -x regress -x autom4te.cache -x '*.o' -x '*.lo' -x Makefile -x
ret = sshkey_calculate_signature(pkey, SSH_DIGEST_SHA1, &sigb, &len, ret = sshkey_calculate_signature(pkey, SSH_DIGEST_SHA1, &sigb, &len,
data, datalen); data, datalen);
EVP_PKEY_free(pkey); EVP_PKEY_free(pkey);
@@ -201,11 +202,8 @@ @@ -411,11 +412,8 @@ ssh_dss_verify(const struct sshkey *key,
goto out; goto out;
} }
@ -32,14 +32,13 @@ diff --color -ru -x regress -x autom4te.cache -x '*.o' -x '*.lo' -x Makefile -x
+ if ((ret = ssh_create_evp_dss(key, &pkey)) != 0) + if ((ret = ssh_create_evp_dss(key, &pkey)) != 0)
goto out; goto out;
- } - }
ret = sshkey_verify_signature(pkey, SSH_DIGEST_SHA1, data, datalen, ret = sshkey_verify_signature(pkey, SSH_DIGEST_SHA1, data, dlen,
sigb, slen); sigb, slen);
EVP_PKEY_free(pkey); EVP_PKEY_free(pkey);
@@ -221,4 +219,63 @@ @@ -432,6 +430,65 @@ ssh_dss_verify(const struct sshkey *key,
freezero(sigblob, len);
return ret; return ret;
} }
+
+int +int
+ssh_create_evp_dss(const struct sshkey *k, EVP_PKEY **pkey) +ssh_create_evp_dss(const struct sshkey *k, EVP_PKEY **pkey)
+{ +{
@ -98,10 +97,13 @@ diff --color -ru -x regress -x autom4te.cache -x '*.o' -x '*.lo' -x Makefile -x
+ EVP_PKEY_CTX_free(ctx); + EVP_PKEY_CTX_free(ctx);
+ return ret; + return ret;
+} +}
#endif /* WITH_OPENSSL */ +
diff --color -ru -x regress -x autom4te.cache -x '*.o' -x '*.lo' -x Makefile -x config.status -x configure~ -x configure.ac ../../openssh-8.7p1/ssh-ecdsa.c ./ssh-ecdsa.c static const struct sshkey_impl_funcs sshkey_dss_funcs = {
--- ../../openssh-8.7p1/ssh-ecdsa.c 2023-03-08 15:35:14.669943335 +0100 /* .size = */ ssh_dss_size,
+++ ./ssh-ecdsa.c 2023-03-08 15:40:52.628201267 +0100 /* .alloc = */ ssh_dss_alloc,
diff -up openssh-9.3p1/ssh-ecdsa.c.evp-fips-sign openssh-9.3p1/ssh-ecdsa.c
--- openssh-9.3p1/ssh-ecdsa.c.evp-fips-sign 2023-04-27 16:46:17.127809401 +0200
+++ openssh-9.3p1/ssh-ecdsa.c 2023-04-27 17:08:28.557396513 +0200
@@ -34,6 +34,8 @@ @@ -34,6 +34,8 @@
#include <openssl/ec.h> #include <openssl/ec.h>
#include <openssl/ecdsa.h> #include <openssl/ecdsa.h>
@ -111,7 +113,7 @@ diff --color -ru -x regress -x autom4te.cache -x '*.o' -x '*.lo' -x Makefile -x
#include <string.h> #include <string.h>
@@ -72,9 +74,8 @@ @@ -260,9 +262,8 @@ ssh_ecdsa_sign(struct sshkey *key,
if ((hash_alg = sshkey_ec_nid_to_hash_alg(key->ecdsa_nid)) == -1) if ((hash_alg = sshkey_ec_nid_to_hash_alg(key->ecdsa_nid)) == -1)
return SSH_ERR_INTERNAL_ERROR; return SSH_ERR_INTERNAL_ERROR;
@ -121,9 +123,9 @@ diff --color -ru -x regress -x autom4te.cache -x '*.o' -x '*.lo' -x Makefile -x
+ if ((ret = ssh_create_evp_ec(key->ecdsa, key->ecdsa_nid, &pkey)) != 0) + if ((ret = ssh_create_evp_ec(key->ecdsa, key->ecdsa_nid, &pkey)) != 0)
+ return ret; + return ret;
ret = sshkey_calculate_signature(pkey, hash_alg, &sigb, &len, data, ret = sshkey_calculate_signature(pkey, hash_alg, &sigb, &len, data,
datalen); dlen);
EVP_PKEY_free(pkey); EVP_PKEY_free(pkey);
@@ -193,11 +194,8 @@ @@ -381,11 +382,8 @@ ssh_ecdsa_verify(const struct sshkey *ke
goto out; goto out;
} }
@ -133,10 +135,10 @@ diff --color -ru -x regress -x autom4te.cache -x '*.o' -x '*.lo' -x Makefile -x
+ if (ssh_create_evp_ec(key->ecdsa, key->ecdsa_nid, &pkey) != 0) + if (ssh_create_evp_ec(key->ecdsa, key->ecdsa_nid, &pkey) != 0)
goto out; goto out;
- } - }
ret = sshkey_verify_signature(pkey, hash_alg, data, datalen, sigb, len); ret = sshkey_verify_signature(pkey, hash_alg, data, dlen, sigb, len);
EVP_PKEY_free(pkey); EVP_PKEY_free(pkey);
@@ -212,4 +210,76 @@ @@ -400,6 +398,79 @@ ssh_ecdsa_verify(const struct sshkey *ke
return ret; return ret;
} }
@ -212,10 +214,13 @@ diff --color -ru -x regress -x autom4te.cache -x '*.o' -x '*.lo' -x Makefile -x
+ free(pub_ser); + free(pub_ser);
+ return ret; + return ret;
+} +}
#endif /* WITH_OPENSSL && OPENSSL_HAS_ECC */ +
diff --color -ru -x regress -x autom4te.cache -x '*.o' -x '*.lo' -x Makefile -x config.status -x configure~ -x configure.ac ../../openssh-8.7p1/sshkey.c ./sshkey.c /* NB. not static; used by ECDSA-SK */
--- ../../openssh-8.7p1/sshkey.c 2023-03-08 15:35:14.702943628 +0100 const struct sshkey_impl_funcs sshkey_ecdsa_funcs = {
+++ ./sshkey.c 2023-03-08 15:39:03.354082015 +0100 /* .size = */ ssh_ecdsa_size,
diff -up openssh-9.3p1/sshkey.c.evp-fips-sign openssh-9.3p1/sshkey.c
--- openssh-9.3p1/sshkey.c.evp-fips-sign 2023-04-27 16:46:17.139809686 +0200
+++ openssh-9.3p1/sshkey.c 2023-04-27 16:46:17.144809804 +0200
@@ -35,6 +35,8 @@ @@ -35,6 +35,8 @@
#include <openssl/err.h> #include <openssl/err.h>
#include <openssl/pem.h> #include <openssl/pem.h>
@ -225,7 +230,7 @@ diff --color -ru -x regress -x autom4te.cache -x '*.o' -x '*.lo' -x Makefile -x
#endif #endif
#include "crypto_api.h" #include "crypto_api.h"
@@ -492,13 +494,14 @@ @@ -527,13 +529,14 @@ sshkey_calculate_signature(EVP_PKEY *pke
{ {
EVP_MD_CTX *ctx = NULL; EVP_MD_CTX *ctx = NULL;
u_char *sig = NULL; u_char *sig = NULL;
@ -242,7 +247,7 @@ diff --color -ru -x regress -x autom4te.cache -x '*.o' -x '*.lo' -x Makefile -x
if (slen <= 0 || slen > SSHBUF_MAX_BIGNUM) if (slen <= 0 || slen > SSHBUF_MAX_BIGNUM)
return SSH_ERR_INVALID_ARGUMENT; return SSH_ERR_INVALID_ARGUMENT;
@@ -511,9 +514,10 @@ @@ -546,9 +549,10 @@ sshkey_calculate_signature(EVP_PKEY *pke
ret = SSH_ERR_ALLOC_FAIL; ret = SSH_ERR_ALLOC_FAIL;
goto error; goto error;
} }
@ -256,7 +261,7 @@ diff --color -ru -x regress -x autom4te.cache -x '*.o' -x '*.lo' -x Makefile -x
ret = SSH_ERR_LIBCRYPTO_ERROR; ret = SSH_ERR_LIBCRYPTO_ERROR;
goto error; goto error;
} }
@@ -540,12 +544,13 @@ @@ -575,12 +579,13 @@ sshkey_verify_signature(EVP_PKEY *pkey,
if ((ctx = EVP_MD_CTX_new()) == NULL) { if ((ctx = EVP_MD_CTX_new()) == NULL) {
return SSH_ERR_ALLOC_FAIL; return SSH_ERR_ALLOC_FAIL;
} }
@ -273,7 +278,7 @@ diff --color -ru -x regress -x autom4te.cache -x '*.o' -x '*.lo' -x Makefile -x
switch (ret) { switch (ret) {
case 1: case 1:
ret = 0; ret = 0;
@@ -5038,3 +5043,27 @@ @@ -3809,3 +3814,27 @@ sshkey_set_filename(struct sshkey *k, co
return 0; return 0;
} }
#endif /* WITH_XMSS */ #endif /* WITH_XMSS */
@ -301,9 +306,9 @@ diff --color -ru -x regress -x autom4te.cache -x '*.o' -x '*.lo' -x Makefile -x
+ return ret; + return ret;
+} +}
+#endif /* WITH_OPENSSL */ +#endif /* WITH_OPENSSL */
diff --color -ru -x regress -x autom4te.cache -x '*.o' -x '*.lo' -x Makefile -x config.status -x configure~ -x configure.ac ../../openssh-8.7p1/sshkey.h ./sshkey.h diff -up openssh-9.3p1/sshkey.h.evp-fips-sign openssh-9.3p1/sshkey.h
--- ../../openssh-8.7p1/sshkey.h 2023-03-08 15:35:14.702943628 +0100 --- openssh-9.3p1/sshkey.h.evp-fips-sign 2023-04-27 16:46:17.133809543 +0200
+++ ./sshkey.h 2023-03-08 15:34:33.509578138 +0100 +++ openssh-9.3p1/sshkey.h 2023-04-27 16:46:17.144809804 +0200
@@ -31,6 +31,9 @@ @@ -31,6 +31,9 @@
#ifdef WITH_OPENSSL #ifdef WITH_OPENSSL
#include <openssl/rsa.h> #include <openssl/rsa.h>
@ -314,7 +319,7 @@ diff --color -ru -x regress -x autom4te.cache -x '*.o' -x '*.lo' -x Makefile -x
# ifdef OPENSSL_HAS_ECC # ifdef OPENSSL_HAS_ECC
# include <openssl/ec.h> # include <openssl/ec.h>
# include <openssl/ecdsa.h> # include <openssl/ecdsa.h>
@@ -293,6 +295,13 @@ @@ -328,6 +331,13 @@ int sshkey_private_serialize_maxsign(st
void sshkey_sig_details_free(struct sshkey_sig_details *); void sshkey_sig_details_free(struct sshkey_sig_details *);
@ -326,21 +331,21 @@ diff --color -ru -x regress -x autom4te.cache -x '*.o' -x '*.lo' -x Makefile -x
+#endif /* WITH_OPENSSL */ +#endif /* WITH_OPENSSL */
+ +
#ifdef SSHKEY_INTERNAL #ifdef SSHKEY_INTERNAL
int ssh_rsa_sign(const struct sshkey *key, int sshkey_sk_fields_equal(const struct sshkey *a, const struct sshkey *b);
u_char **sigp, size_t *lenp, const u_char *data, size_t datalen, void sshkey_sk_cleanup(struct sshkey *k);
diff --color -ru -x regress -x autom4te.cache -x '*.o' -x '*.lo' -x Makefile -x config.status -x configure~ -x configure.ac ../../openssh-8.7p1/ssh-rsa.c ./ssh-rsa.c diff -up openssh-9.3p1/ssh-rsa.c.evp-fips-sign openssh-9.3p1/ssh-rsa.c
--- ../../openssh-8.7p1/ssh-rsa.c 2023-03-08 15:35:14.669943335 +0100 --- openssh-9.3p1/ssh-rsa.c.evp-fips-sign 2023-04-27 16:46:17.139809686 +0200
+++ ./ssh-rsa.c 2023-03-08 15:34:33.509578138 +0100 +++ openssh-9.3p1/ssh-rsa.c 2023-04-27 17:10:30.376270565 +0200
@@ -23,6 +23,8 @@ @@ -23,6 +23,8 @@
#include <openssl/evp.h> #include <openssl/evp.h>
#include <openssl/err.h> #include <openssl/err.h>
#include <openssl/fips.h>
+#include <openssl/core_names.h> +#include <openssl/core_names.h>
+#include <openssl/param_build.h> +#include <openssl/param_build.h>
#include <stdarg.h> #include <stdarg.h>
#include <string.h> #include <string.h>
@@ -172,9 +174,8 @@ @@ -426,9 +428,8 @@ ssh_rsa_sign(struct sshkey *key,
if (RSA_bits(key->rsa) < SSH_RSA_MINIMUM_MODULUS_SIZE) if (RSA_bits(key->rsa) < SSH_RSA_MINIMUM_MODULUS_SIZE)
return SSH_ERR_KEY_LENGTH; return SSH_ERR_KEY_LENGTH;
@ -352,7 +357,7 @@ diff --color -ru -x regress -x autom4te.cache -x '*.o' -x '*.lo' -x Makefile -x
ret = sshkey_calculate_signature(pkey, hash_alg, &sig, &len, data, ret = sshkey_calculate_signature(pkey, hash_alg, &sig, &len, data,
datalen); datalen);
EVP_PKEY_free(pkey); EVP_PKEY_free(pkey);
@@ -285,11 +286,8 @@ @@ -540,11 +541,9 @@ ssh_rsa_verify(const struct sshkey *key,
len = modlen; len = modlen;
} }
@ -362,10 +367,11 @@ diff --color -ru -x regress -x autom4te.cache -x '*.o' -x '*.lo' -x Makefile -x
+ if ((ret = ssh_create_evp_rsa(key, &pkey)) != 0) + if ((ret = ssh_create_evp_rsa(key, &pkey)) != 0)
goto out; goto out;
- } - }
ret = openssh_RSA_verify(hash_alg, data, datalen, sigblob, len, pkey); +
ret = openssh_RSA_verify(hash_alg, data, dlen, sigblob, len, pkey);
EVP_PKEY_free(pkey); EVP_PKEY_free(pkey);
@@ -306,11 +304,9 @@ @@ -561,11 +560,9 @@ openssh_RSA_verify(int hash_alg, const u
u_char *sigbuf, size_t siglen, EVP_PKEY *pkey) u_char *sigbuf, size_t siglen, EVP_PKEY *pkey)
{ {
size_t rsasize = 0; size_t rsasize = 0;
@ -378,11 +384,10 @@ diff --color -ru -x regress -x autom4te.cache -x '*.o' -x '*.lo' -x Makefile -x
if (rsasize <= 0 || rsasize > SSHBUF_MAX_BIGNUM || if (rsasize <= 0 || rsasize > SSHBUF_MAX_BIGNUM ||
siglen == 0 || siglen > rsasize) { siglen == 0 || siglen > rsasize) {
ret = SSH_ERR_INVALID_ARGUMENT; ret = SSH_ERR_INVALID_ARGUMENT;
@@ -323,4 +319,87 @@ @@ -579,6 +576,89 @@ done:
done:
return ret; return ret;
} }
+
+int +int
+ssh_create_evp_rsa(const struct sshkey *k, EVP_PKEY **pkey) +ssh_create_evp_rsa(const struct sshkey *k, EVP_PKEY **pkey)
+{ +{
@ -465,4 +470,7 @@ diff --color -ru -x regress -x autom4te.cache -x '*.o' -x '*.lo' -x Makefile -x
+ EVP_PKEY_CTX_free(ctx); + EVP_PKEY_CTX_free(ctx);
+ return ret; + return ret;
+} +}
#endif /* WITH_OPENSSL */ +
static const struct sshkey_impl_funcs sshkey_rsa_funcs = {
/* .size = */ ssh_rsa_size,
/* .alloc = */ ssh_rsa_alloc,

View File

@ -20,13 +20,13 @@ diff --color -ru -x regress -x autom4te.cache -x '*.o' -x '*.lo' -x Makefile -x
+ } + }
+#endif +#endif
ret = sshkey_calculate_signature(pkey, hash_alg, &sigb, &len, data, ret = sshkey_calculate_signature(pkey, hash_alg, &sigb, &len, data,
datalen); dlen);
EVP_PKEY_free(pkey); EVP_PKEY_free(pkey);
diff --color -ru -x regress -x autom4te.cache -x '*.o' -x '*.lo' -x Makefile -x config.status -x configure~ -x configure.ac openssh-9.0p1/sshkey.h openssh-9.0p1-patched/sshkey.h diff --color -ru -x regress -x autom4te.cache -x '*.o' -x '*.lo' -x Makefile -x config.status -x configure~ -x configure.ac openssh-9.0p1/sshkey.h openssh-9.0p1-patched/sshkey.h
--- openssh-9.0p1/sshkey.h 2023-05-24 08:54:03.926443958 +0200 --- openssh-9.0p1/sshkey.h 2023-05-24 08:54:03.926443958 +0200
+++ openssh-9.0p1-patched/sshkey.h 2023-05-24 08:57:22.930642788 +0200 +++ openssh-9.0p1-patched/sshkey.h 2023-05-24 08:57:22.930642788 +0200
@@ -340,6 +340,10 @@ @@ -340,6 +340,10 @@
const u_char *data, size_t datalen, u_int compat); #endif
#endif #endif
+#ifdef ENABLE_PKCS11 +#ifdef ENABLE_PKCS11

View File

@ -1,26 +0,0 @@
commit 40b0a5eb6e3edfa2886b60c09c7803353b0cc7f5
Author: Sam James <sam@gentoo.org>
Date: Sun Nov 6 04:47:35 2022 +0000
configure.ac: Add <pty.h> include for openpty
Another Clang 16ish fix (which makes -Wimplicit-function-declaration
an error by default). github PR#355.
See: 2efd71da49b9cfeab7987058cf5919e473ff466b
See: be197635329feb839865fdc738e34e24afd1fca8
diff --git a/configure.ac b/configure.ac
index 1e77ecfc..1866aea5 100644
--- a/configure.ac
+++ b/configure.ac
@@ -2373,6 +2373,9 @@ if test ! -z "$check_for_openpty_ctty_bug"; then
#include <stdio.h>
#include <stdlib.h>
#include <unistd.h>
+#ifdef HAVE_PTY_H
+# include <pty.h>
+#endif
#include <sys/fcntl.h>
#include <sys/types.h>
#include <sys/wait.h>

View File

@ -1,47 +0,0 @@
commit 32fddb982fd61b11a2f218a115975a87ab126d43
Author: Darren Tucker <dtucker@dtucker.net>
Date: Mon Nov 7 10:39:01 2022 +1100
Fix setres*id checks to work with clang-16.
glibc has the prototypes for setresuid and setresgid behind _GNU_SOURCE,
and clang 16 will error out on implicit function definitions, so add
_GNU_SOURCE and the required headers to the configure checks. From
sam at @gentoo.org via bz#3497.
diff --git a/configure.ac b/configure.ac
index 4bf758ac..e172540a 100644
--- a/configure.ac
+++ b/configure.ac
@@ -863,7 +863,8 @@ int main(void) { if (NSVersionOfRunTimeLibrary("System") >= (60 << 16))
check_for_openpty_ctty_bug=1
dnl Target SUSv3/POSIX.1-2001 plus BSD specifics.
dnl _DEFAULT_SOURCE is the new name for _BSD_SOURCE
- CPPFLAGS="$CPPFLAGS -D_XOPEN_SOURCE=600 -D_BSD_SOURCE -D_DEFAULT_SOURCE"
+ dnl _GNU_SOURCE is needed for setres*id prototypes.
+ CPPFLAGS="$CPPFLAGS -D_XOPEN_SOURCE=600 -D_BSD_SOURCE -D_DEFAULT_SOURCE -D_GNU_SOURCE"
AC_DEFINE([BROKEN_CLOSEFROM], [1], [broken in chroots on older kernels])
AC_DEFINE([PAM_TTY_KLUDGE], [1],
[Work around problematic Linux PAM modules handling of PAM_TTY])
@@ -2168,8 +2169,9 @@ AC_CHECK_FUNCS([setresuid], [
AC_MSG_CHECKING([if setresuid seems to work])
AC_RUN_IFELSE(
[AC_LANG_PROGRAM([[
-#include <stdlib.h>
#include <errno.h>
+#include <stdlib.h>
+#include <unistd.h>
]], [[
errno=0;
setresuid(0,0,0);
@@ -2191,8 +2193,9 @@ AC_CHECK_FUNCS([setresgid], [
AC_MSG_CHECKING([if setresgid seems to work])
AC_RUN_IFELSE(
[AC_LANG_PROGRAM([[
-#include <stdlib.h>
#include <errno.h>
+#include <stdlib.h>
+#include <unistd.h>
]], [[
errno=0;
setresgid(0,0,0);

View File

@ -1,41 +0,0 @@
commit 5eb796a369c64f18d55a6ae9b1fa9b35eea237fb
Author: Harmen Stoppels <harmenstoppels@gmail.com>
Date: Thu Oct 13 16:08:46 2022 +0200
Fix snprintf configure test for clang 15
Clang 15 -Wimplicit-int defaults to an error in C99 mode and above.
A handful of tests have "main(..." and not "int main(..." which caused
the tests to produce incorrect results.
diff --git a/configure.ac b/configure.ac
index de60a1b1..165c49de 100644
--- a/configure.ac
+++ b/configure.ac
@@ -713,7 +713,7 @@ case "$host" in
AC_RUN_IFELSE([AC_LANG_SOURCE([[
#include <mach-o/dyld.h>
#include <stdlib.h>
-main() { if (NSVersionOfRunTimeLibrary("System") >= (60 << 16))
+int main() { if (NSVersionOfRunTimeLibrary("System") >= (60 << 16))
exit(0);
else
exit(1);
@@ -4259,7 +4259,7 @@ dnl test snprintf (broken on SCO w/gcc)
#include <stdlib.h>
#include <string.h>
#ifdef HAVE_SNPRINTF
-main()
+int main()
{
char buf[50];
char expected_out[50];
@@ -4276,7 +4276,7 @@ main()
exit(0);
}
#else
-main() { exit(0); }
+int main() { exit(0); }
#endif
]])], [ true ], [ AC_DEFINE([BROKEN_SNPRINTF]) ],
AC_MSG_WARN([cross compiling: Assuming working snprintf()])

View File

@ -46,10 +46,10 @@
%{?static_openssl:%global static_libcrypto 1} %{?static_openssl:%global static_libcrypto 1}
# Do not forget to bump pam_ssh_agent_auth release if you rewind the main package release to 1 # Do not forget to bump pam_ssh_agent_auth release if you rewind the main package release to 1
%global openssh_ver 9.0p1 %global openssh_ver 9.3p1
%global openssh_rel 18 %global openssh_rel 1
%global pam_ssh_agent_ver 0.10.4 %global pam_ssh_agent_ver 0.10.4
%global pam_ssh_agent_rel 8 %global pam_ssh_agent_rel 9
Summary: An open source implementation of SSH protocol version 2 Summary: An open source implementation of SSH protocol version 2
Name: openssh Name: openssh
@ -134,8 +134,6 @@ Patch703: openssh-4.3p2-askpass-grab-info.patch
Patch707: openssh-7.7p1-redhat.patch Patch707: openssh-7.7p1-redhat.patch
# warn users for unsupported UsePAM=no (#757545) # warn users for unsupported UsePAM=no (#757545)
Patch711: openssh-7.8p1-UsePAM-warning.patch Patch711: openssh-7.8p1-UsePAM-warning.patch
# make aes-ctr ciphers use EVP engines such as AES-NI from OpenSSL
Patch712: openssh-6.3p1-ctr-evp-fast.patch
# GSSAPI Key Exchange (RFC 4462 + RFC 8732) # GSSAPI Key Exchange (RFC 4462 + RFC 8732)
# from https://github.com/openssh-gsskex/openssh-gsskex/tree/fedora/master # from https://github.com/openssh-gsskex/openssh-gsskex/tree/fedora/master
@ -213,20 +211,10 @@ Patch983: openssh-8.7p1-evpgenkey.patch
# From https://bugzilla.redhat.com/show_bug.cgi?id=1976202#c14 # From https://bugzilla.redhat.com/show_bug.cgi?id=1976202#c14
Patch984: openssh-8.7p1-ibmca.patch Patch984: openssh-8.7p1-ibmca.patch
# Fix for scp clearing file when src and dest are the same (#2056884)
# upstream commits:
# 7b1cbcb7599d9f6a3bbad79d412604aa1203b5ee
Patch1001: openssh-8.7p1-scp-clears-file.patch
# Add missing options from ssh_config into ssh manpage # Add missing options from ssh_config into ssh manpage
# upstream bug: # upstream bug:
# https://bugzilla.mindrot.org/show_bug.cgi?id=3455 # https://bugzilla.mindrot.org/show_bug.cgi?id=3455
Patch1002: openssh-8.7p1-ssh-manpage.patch Patch1002: openssh-8.7p1-ssh-manpage.patch
# Always return allocated strings from the kex filtering so that we can free them
# upstream commits:
# 486c4dc3b83b4b67d663fb0fa62bc24138ec3946
# 6c31ba10e97b6953c4f325f526f3e846dfea647a
# 322964f8f2e9c321e77ebae1e4d2cd0ccc5c5a0b
Patch1003: openssh-8.7p1-mem-leak.patch
# Reenable MONITOR_REQ_GSSCHECKMIC after gssapi-with-mic failures # Reenable MONITOR_REQ_GSSCHECKMIC after gssapi-with-mic failures
# upstream MR: # upstream MR:
# https://github.com/openssh-gsskex/openssh-gsskex/pull/21 # https://github.com/openssh-gsskex/openssh-gsskex/pull/21
@ -237,12 +225,6 @@ Patch1004: openssh-8.7p1-gssapi-auth.patch
# https://github.com/openssh/openssh-portable/pull/323 # https://github.com/openssh/openssh-portable/pull/323
Patch1006: openssh-8.7p1-negotiate-supported-algs.patch Patch1006: openssh-8.7p1-negotiate-supported-algs.patch
Patch1007: openssh-configure-c99-1.patch
Patch1008: openssh-configure-c99-2.patch
Patch1009: openssh-configure-c99-3.patch
Patch1010: openssh-8.7p1-CVE-2023-25136.patch
Patch1011: openssh-9.0p1-evp-fips-sign.patch Patch1011: openssh-9.0p1-evp-fips-sign.patch
Patch1012: openssh-9.0p1-evp-fips-dh.patch Patch1012: openssh-9.0p1-evp-fips-dh.patch
Patch1013: openssh-9.0p1-evp-fips-ecdh.patch Patch1013: openssh-9.0p1-evp-fips-ecdh.patch
@ -406,7 +388,6 @@ popd
%patch703 -p1 -b .grab-info %patch703 -p1 -b .grab-info
%patch707 -p1 -b .redhat %patch707 -p1 -b .redhat
%patch711 -p1 -b .log-usepam-no %patch711 -p1 -b .log-usepam-no
%patch712 -p1 -b .evp-ctr
# #
%patch800 -p1 -b .gsskex %patch800 -p1 -b .gsskex
%patch801 -p1 -b .force_krb %patch801 -p1 -b .force_krb
@ -448,18 +429,11 @@ popd
%patch202 -p1 -b .audit-log %patch202 -p1 -b .audit-log
%patch700 -p1 -b .fips %patch700 -p1 -b .fips
%patch1001 -p1 -b .scp-clears-file
%patch1002 -p1 -b .ssh-manpage %patch1002 -p1 -b .ssh-manpage
%patch1003 -p1 -b .mem-leak
%patch1004 -p1 -b .gssapi-auth %patch1004 -p1 -b .gssapi-auth
%patch1006 -p1 -b .negotiate-supported-algs %patch1006 -p1 -b .negotiate-supported-algs
%patch1007 -p1 -b .configure-c99-1
%patch1008 -p1 -b .configure-c99-2
%patch1009 -p1 -b .configure-c99-3
%patch1010 -p1 -b .cve-2023-25136
%patch1011 -p1 -b .evp-fips-sign %patch1011 -p1 -b .evp-fips-sign
%patch1012 -p1 -b .evp-fips-dh %patch1012 -p1 -b .evp-fips-dh
%patch1013 -p1 -b .evp-fips-ecdh %patch1013 -p1 -b .evp-fips-ecdh
@ -774,6 +748,9 @@ test -f %{sysconfig_anaconda} && \
%endif %endif
%changelog %changelog
* Fri Apr 21 2023 Dmitry Belyavskiy <dbelyavs@redhat.com> - 9.3p1-1 + 0.10.4-9
- Rebase OpenSSH to 9.3p1
* Wed May 24 2023 Norbert Pocs <npocs@redhat.com> - 9.0p1-18 * Wed May 24 2023 Norbert Pocs <npocs@redhat.com> - 9.0p1-18
- Fix pkcs11 issue with the recent changes - Fix pkcs11 issue with the recent changes
- Add support for 'serial' in PKCS#11 URI - Add support for 'serial' in PKCS#11 URI

View File

@ -1,4 +1,4 @@
SHA512 (openssh-9.0p1.tar.gz) = 613ae95317e734868c6a60d9cc5af47a889baa3124bbdd2b31bb51dd6b57b136f4cfcb5604cca78a03bd500baab9b9b45eaf77e038b1ed776c86dce0437449a9 SHA512 (openssh-9.3p1.tar.gz) = 087ff6fe5f6caab4c6c3001d906399e02beffad7277280f11187420c2939fd4befdcb14643862a657ce4cad2f115b82a0a1a2c99df6ee54dcd76b53647637c19
SHA512 (openssh-9.0p1.tar.gz.asc) = 7b1445764058435d2fa8a9c7553643983650d4232036c088e46e44beeb538d32cba88f775b1be9da5f21a01d6caea59b3dc4714507781e9cb946546fa54f169f SHA512 (openssh-9.3p1.tar.gz.asc) = 6222378eb24a445c6c1db255392b405f5369b1af0e92f558d4ba05b0d83ab0d084cb8f4b91d7ae8636f333d970638a6635e2bc7af885135dd34992d87f2ef1f4
SHA512 (pam_ssh_agent_auth-0.10.4.tar.gz) = caccf72174d15e43f4c86a459ac6448682e62116557cf1e1e828955f3d1731595b238df42adec57860e7f341e92daf5d8285020bcb5018f3b8a5145aa32ee1c2 SHA512 (pam_ssh_agent_auth-0.10.4.tar.gz) = caccf72174d15e43f4c86a459ac6448682e62116557cf1e1e828955f3d1731595b238df42adec57860e7f341e92daf5d8285020bcb5018f3b8a5145aa32ee1c2
SHA512 (gpgkey-736060BA.gpg) = df44f3fdbcd1d596705348c7f5aed3f738c5f626a55955e0642f7c6c082995cf36a1b1891bb41b8715cb2aff34fef1c877e0eff0d3507dd00a055ba695757a21 SHA512 (gpgkey-736060BA.gpg) = df44f3fdbcd1d596705348c7f5aed3f738c5f626a55955e0642f7c6c082995cf36a1b1891bb41b8715cb2aff34fef1c877e0eff0d3507dd00a055ba695757a21