rpms
/
openssh
7
0
Fork 0
Code Issues Pull Requests Releases Activity

Compare commits

base: rpms:cee487f1adf24bab3b379e8193555722e7923127
Branches Tags
rpms:c8
rpms:c9s
rpms:c9
rpms:c9-beta
rpms:c8-beta
rpms:c9s_cve_2023_38408
rpms:c8s
rpms:imports/c9/openssh-8.7p1-38.el9
rpms:imports/c9/openssh-8.7p1-34.el9_3.3
rpms:imports/c8/openssh-8.0p1-19.el8_9.2
rpms:imports/c9/openssh-8.7p1-34.el9
rpms:imports/c9-beta/openssh-8.7p1-34.el9
rpms:imports/c9/openssh-8.7p1-30.el9_2
rpms:imports/c8/openssh-8.0p1-19.el8_8
rpms:imports/c9/openssh-8.7p1-29.el9_2
rpms:imports/c9/openssh-8.7p1-28.el9
rpms:imports/c9-beta/openssh-8.7p1-28.el9
rpms:imports/c8-beta/openssh-8.0p1-17.el8
rpms:imports/c8/openssh-8.0p1-17.el8
rpms:imports/c8/openssh-8.0p1-17.el8_7
rpms:imports/c8s/openssh-8.0p1-17.el8
rpms:imports/c9/openssh-8.7p1-24.el9_1
rpms:imports/c8/openssh-8.0p1-16.el8
rpms:imports/c9-beta/openssh-8.7p1-22.el9
rpms:imports/c8-beta/openssh-8.0p1-16.el8
rpms:imports/c9/openssh-8.7p1-10.el9_0
rpms:imports/c8s/openssh-8.0p1-16.el8
rpms:imports/c9/openssh-8.7p1-8.el9
rpms:imports/c8/openssh-8.0p1-13.el8
rpms:imports/c9-beta/openssh-8.7p1-8.el9
rpms:imports/c8-beta/openssh-8.0p1-13.el8
rpms:imports/c9-beta/openssh-8.7p1-7.el9
rpms:imports/c9-beta/openssh-8.7p1-6.el9
rpms:imports/c9-beta/openssh-8.7p1-4.el9
rpms:imports/c9-beta/openssh-8.6p1-7.el9.1
rpms:imports/c8/openssh-8.0p1-10.el8
rpms:imports/c8s/openssh-8.0p1-13.el8
rpms:imports/c8s/openssh-8.0p1-12.el8
rpms:imports/c8-beta/openssh-8.0p1-10.el8
rpms:imports/c8-beta/openssh-8.0p1-5.el8
rpms:imports/c8-beta/openssh-8.0p1-3.el8
rpms:imports/c8-beta/openssh-8.0p1-2.el8
rpms:imports/c8s/openssh-8.0p1-10.el8
rpms:imports/c8s/openssh-8.0p1-9.el8
rpms:imports/c8s/openssh-8.0p1-8.el8
rpms:imports/c8s/openssh-8.0p1-7.el8
rpms:imports/c8s/openssh-8.0p1-5.el8
rpms:imports/c8/openssh-8.0p1-6.el8_4.2
rpms:imports/c8/openssh-8.0p1-5.el8
rpms:imports/c8/openssh-8.0p1-4.el8_1
rpms:imports/c8/openssh-8.0p1-3.el8
rpms:imports/c8/openssh-7.8p1-4.el8
...
compare: rpms:b9359b0e06c1cb404e201865bd9139fdfaaba62b
Branches Tags
rpms:c9s
rpms:c9
rpms:c9-beta
rpms:c8-beta
rpms:c8
rpms:c9s_cve_2023_38408
rpms:c8s
rpms:imports/c9/openssh-8.7p1-38.el9
rpms:imports/c9/openssh-8.7p1-34.el9_3.3
rpms:imports/c8/openssh-8.0p1-19.el8_9.2
rpms:imports/c9/openssh-8.7p1-34.el9
rpms:imports/c9-beta/openssh-8.7p1-34.el9
rpms:imports/c9/openssh-8.7p1-30.el9_2
rpms:imports/c8/openssh-8.0p1-19.el8_8
rpms:imports/c9/openssh-8.7p1-29.el9_2
rpms:imports/c9/openssh-8.7p1-28.el9
rpms:imports/c9-beta/openssh-8.7p1-28.el9
rpms:imports/c8-beta/openssh-8.0p1-17.el8
rpms:imports/c8/openssh-8.0p1-17.el8
rpms:imports/c8/openssh-8.0p1-17.el8_7
rpms:imports/c8s/openssh-8.0p1-17.el8
rpms:imports/c9/openssh-8.7p1-24.el9_1
rpms:imports/c8/openssh-8.0p1-16.el8
rpms:imports/c9-beta/openssh-8.7p1-22.el9
rpms:imports/c8-beta/openssh-8.0p1-16.el8
rpms:imports/c9/openssh-8.7p1-10.el9_0
rpms:imports/c8s/openssh-8.0p1-16.el8
rpms:imports/c9/openssh-8.7p1-8.el9
rpms:imports/c8/openssh-8.0p1-13.el8
rpms:imports/c9-beta/openssh-8.7p1-8.el9
rpms:imports/c8-beta/openssh-8.0p1-13.el8
rpms:imports/c9-beta/openssh-8.7p1-7.el9
rpms:imports/c9-beta/openssh-8.7p1-6.el9
rpms:imports/c9-beta/openssh-8.7p1-4.el9
rpms:imports/c9-beta/openssh-8.6p1-7.el9.1
rpms:imports/c8/openssh-8.0p1-10.el8
rpms:imports/c8s/openssh-8.0p1-13.el8
rpms:imports/c8s/openssh-8.0p1-12.el8
rpms:imports/c8-beta/openssh-8.0p1-10.el8
rpms:imports/c8-beta/openssh-8.0p1-5.el8
rpms:imports/c8-beta/openssh-8.0p1-3.el8
rpms:imports/c8-beta/openssh-8.0p1-2.el8
rpms:imports/c8s/openssh-8.0p1-10.el8
rpms:imports/c8s/openssh-8.0p1-9.el8
rpms:imports/c8s/openssh-8.0p1-8.el8
rpms:imports/c8s/openssh-8.0p1-7.el8
rpms:imports/c8s/openssh-8.0p1-5.el8
rpms:imports/c8/openssh-8.0p1-6.el8_4.2
rpms:imports/c8/openssh-8.0p1-5.el8
rpms:imports/c8/openssh-8.0p1-4.el8_1
rpms:imports/c8/openssh-8.0p1-3.el8
rpms:imports/c8/openssh-7.8p1-4.el8

2 Commits
cee487f1ad ... b9359b0e06

Author SHA1 Message Date
Dmitry Belyavskiy b9359b0e06 Use FIPS-compatible API for key derivation 2024-04-26 03:19:23 +00:00
Dmitry Belyavskiy 2c2ea1d489 Fix Terrapin attack 
Resolves: CVE-2023-48795
 2024-01-05 14:43:26 +01:00
4 changed files with 74 additions and 43 deletions
Show Stats Expand all files Collapse all files

4
.openssh.metadata Normal file
View File

@ -0,0 +1,4 @@
8719032c1e47732c8fdb14adfb24b5e9e71de802 openssh-8.7p1.tar.gz
d0d0d2442bed150073213a0ce46f21944da22664 openssh-8.7p1.tar.gz.asc
66dd8274346fd006ff40f525c082cfb701085b5f pam_ssh_agent_auth-0.10.4.tar.gz
dbb35b4e9ae3f72b930a82c6fd5e83e9dcd7b193 gpgkey-736060BA.gpg

2
openssh-7.7p1-fips.patch
View File

@ -81,7 +81,7 @@ diff -up openssh-8.6p1/kex.c.fips openssh-8.6p1/kex.c
#include <openssl/crypto.h> #include <openssl/crypto.h>
+#include <openssl/fips.h> +#include <openssl/fips.h>
#include <openssl/dh.h> #include <openssl/dh.h>
# ifdef HAVE_EVP_KDF_CTX_NEW_ID # ifdef HAVE_EVP_KDF_CTX_NEW
# include <openssl/kdf.h> # include <openssl/kdf.h>
@@ -203,7 +203,10 @@ kex_names_valid(const char *names) @@ -203,7 +203,10 @@ kex_names_valid(const char *names)
for ((p = strsep(&cp, ",")); p && *p != '\0'; for ((p = strsep(&cp, ",")); p && *p != '\0';

101
openssh-8.0p1-openssl-kdf.patch
View File

@ -12,7 +12,7 @@ index 2a455e4e..e01c3d43 100644
HMAC_CTX_init \ HMAC_CTX_init \
RSA_generate_key_ex \ RSA_generate_key_ex \
RSA_get_default_method \ RSA_get_default_method \
+ EVP_KDF_CTX_new_id \ + EVP_KDF_CTX_new \
]) ])
# OpenSSL_add_all_algorithms may be a macro. # OpenSSL_add_all_algorithms may be a macro.
@ -20,33 +20,35 @@ diff --git a/kex.c b/kex.c
index b6f041f4..1fbce2bb 100644 index b6f041f4..1fbce2bb 100644
--- a/kex.c --- a/kex.c
+++ b/kex.c +++ b/kex.c
@@ -38,6 +38,9 @@ @@ -38,6 +38,11 @@
#ifdef WITH_OPENSSL #ifdef WITH_OPENSSL
#include <openssl/crypto.h> #include <openssl/crypto.h>
#include <openssl/dh.h> #include <openssl/dh.h>
+# ifdef HAVE_EVP_KDF_CTX_NEW_ID +# ifdef HAVE_EVP_KDF_CTX_NEW
+# include <openssl/kdf.h> +# include <openssl/kdf.h>
+# include <openssl/param_build.h>
+# include <openssl/core_names.h>
+# endif +# endif
#endif #endif
#include "ssh.h" #include "ssh.h"
@@ -942,6 +945,95 @@ kex_choose_conf(struct ssh *ssh) @@ -942,6 +945,112 @@ kex_choose_conf(struct ssh *ssh)
return r; return r;
} }
+#ifdef HAVE_EVP_KDF_CTX_NEW_ID +#ifdef HAVE_EVP_KDF_CTX_NEW
+static const EVP_MD * +static const char *
+digest_to_md(int digest_type) +digest_to_md(int digest_type)
+{ +{
+ switch (digest_type) { + switch (digest_type) {
+ case SSH_DIGEST_SHA1: + case SSH_DIGEST_SHA1:
+ return EVP_sha1(); + return SN_sha1;
+ case SSH_DIGEST_SHA256: + case SSH_DIGEST_SHA256:
+ return EVP_sha256(); + return SN_sha256;
+ case SSH_DIGEST_SHA384: + case SSH_DIGEST_SHA384:
+ return EVP_sha384(); + return SN_sha384;
+ case SSH_DIGEST_SHA512: + case SSH_DIGEST_SHA512:
+ return EVP_sha512(); + return SN_sha512;
+ } + }
+ return NULL; + return NULL;
+} +}
@ -56,52 +58,67 @@ index b6f041f4..1fbce2bb 100644
+ const struct sshbuf *shared_secret, u_char **keyp) + const struct sshbuf *shared_secret, u_char **keyp)
+{ +{
+ struct kex *kex = ssh->kex; + struct kex *kex = ssh->kex;
+ EVP_KDF_CTX *ctx = NULL;
+ u_char *key = NULL; + u_char *key = NULL;
+ int r, key_len; + int r, key_len;
+ +
+ if ((key_len = ssh_digest_bytes(kex->hash_alg)) == 0) + EVP_KDF *kdf = EVP_KDF_fetch(NULL, "SSHKDF", NULL);
+ return SSH_ERR_INVALID_ARGUMENT; + EVP_KDF_CTX *ctx = NULL;
+ OSSL_PARAM_BLD *param_bld = OSSL_PARAM_BLD_new();
+ OSSL_PARAM *params = NULL;
+ const char *md = digest_to_md(kex->hash_alg);
+ char keytype = (char)id;
+
+ if (!kdf) {
+ r = SSH_ERR_LIBCRYPTO_ERROR;
+ goto out;
+ }
+ ctx = EVP_KDF_CTX_new(kdf);
+ EVP_KDF_free(kdf);
+ if (!ctx) {
+ r = SSH_ERR_LIBCRYPTO_ERROR;
+ goto out;
+ }
+ if (md == NULL) {
+ r = SSH_ERR_INVALID_ARGUMENT;
+ goto out;
+ }
+
+ if (param_bld == NULL) {
+ EVP_KDF_CTX_free(ctx);
+ return -1;
+ }
+ if ((key_len = ssh_digest_bytes(kex->hash_alg)) == 0) {
+ r = SSH_ERR_INVALID_ARGUMENT;
+ goto out;
+ }
+
+ key_len = ROUNDUP(need, key_len); + key_len = ROUNDUP(need, key_len);
+ if ((key = calloc(1, key_len)) == NULL) { + if ((key = calloc(1, key_len)) == NULL) {
+ r = SSH_ERR_ALLOC_FAIL; + r = SSH_ERR_ALLOC_FAIL;
+ goto out; + goto out;
+ } + }
+ +
+ ctx = EVP_KDF_CTX_new_id(EVP_KDF_SSHKDF); + r = OSSL_PARAM_BLD_push_utf8_string(param_bld, OSSL_KDF_PARAM_DIGEST,
+ if (!ctx) { + md, strlen(md)) && /* SN */
+ OSSL_PARAM_BLD_push_octet_string(param_bld, OSSL_KDF_PARAM_KEY,
+ sshbuf_ptr(shared_secret), sshbuf_len(shared_secret)) &&
+ OSSL_PARAM_BLD_push_octet_string(param_bld, OSSL_KDF_PARAM_SSHKDF_XCGHASH,
+ hash, hashlen) &&
+ OSSL_PARAM_BLD_push_octet_string(param_bld, OSSL_KDF_PARAM_SSHKDF_SESSION_ID,
+ sshbuf_ptr(kex->session_id), sshbuf_len(kex->session_id)) &&
+ OSSL_PARAM_BLD_push_utf8_string(param_bld, OSSL_KDF_PARAM_SSHKDF_TYPE,
+ &keytype, 1);
+ if (r != 1) {
+ r = SSH_ERR_LIBCRYPTO_ERROR; + r = SSH_ERR_LIBCRYPTO_ERROR;
+ goto out; + goto out;
+ } + }
+ +
+ r = EVP_KDF_ctrl(ctx, EVP_KDF_CTRL_SET_MD, digest_to_md(kex->hash_alg)); + params = OSSL_PARAM_BLD_to_param(param_bld);
+ if (r != 1) { + if (params == NULL) {
+ r = SSH_ERR_LIBCRYPTO_ERROR; + r = SSH_ERR_LIBCRYPTO_ERROR;
+ goto out; + goto out;
+ } + }
+ r = EVP_KDF_ctrl(ctx, EVP_KDF_CTRL_SET_KEY, + r = EVP_KDF_derive(ctx, key, key_len, params);
+ sshbuf_ptr(shared_secret), sshbuf_len(shared_secret));
+ if (r != 1) {
+ r = SSH_ERR_LIBCRYPTO_ERROR;
+ goto out;
+ }
+ r = EVP_KDF_ctrl(ctx, EVP_KDF_CTRL_SET_SSHKDF_XCGHASH, hash, hashlen);
+ if (r != 1) {
+ r = SSH_ERR_LIBCRYPTO_ERROR;
+ goto out;
+ }
+ r = EVP_KDF_ctrl(ctx, EVP_KDF_CTRL_SET_SSHKDF_TYPE, id);
+ if (r != 1) {
+ r = SSH_ERR_LIBCRYPTO_ERROR;
+ goto out;
+ }
+ r = EVP_KDF_ctrl(ctx, EVP_KDF_CTRL_SET_SSHKDF_SESSION_ID,
+ sshbuf_ptr(kex->session_id), sshbuf_len(kex->session_id));
+ if (r != 1) {
+ r = SSH_ERR_LIBCRYPTO_ERROR;
+ goto out;
+ }
+ r = EVP_KDF_derive(ctx, key, key_len);
+ if (r != 1) { + if (r != 1) {
+ r = SSH_ERR_LIBCRYPTO_ERROR; + r = SSH_ERR_LIBCRYPTO_ERROR;
+ goto out; + goto out;
@ -115,6 +132,8 @@ index b6f041f4..1fbce2bb 100644
+ r = 0; + r = 0;
+ +
+out: +out:
+ OSSL_PARAM_BLD_free(param_bld);
+ OSSL_PARAM_free(params);
+ free (key); + free (key);
+ EVP_KDF_CTX_free(ctx); + EVP_KDF_CTX_free(ctx);
+ if (r < 0) { + if (r < 0) {
@ -130,7 +149,7 @@ index b6f041f4..1fbce2bb 100644
ssh_digest_free(hashctx); ssh_digest_free(hashctx);
return r; return r;
} }
+#endif /* HAVE_OPENSSL_EVP_KDF_CTX_NEW_ID */ +#endif /* HAVE_OPENSSL_EVP_KDF_CTX_NEW */
#define NKEYS 6 #define NKEYS 6
int int

10
openssh.spec
View File

@ -47,7 +47,7 @@
# Do not forget to bump pam_ssh_agent_auth release if you rewind the main package release to 1 # Do not forget to bump pam_ssh_agent_auth release if you rewind the main package release to 1
%global openssh_ver 8.7p1 %global openssh_ver 8.7p1
%global openssh_rel 36 %global openssh_rel 39
%global pam_ssh_agent_ver 0.10.4 %global pam_ssh_agent_ver 0.10.4
%global pam_ssh_agent_rel 5 %global pam_ssh_agent_rel 5
@ -798,6 +798,14 @@ test -f %{sysconfig_anaconda} && \
%endif %endif
%changelog %changelog
* Wed Apr 24 2024 Dmitry Belyavskiy <dbelyavs@redhat.com> - 8.7p1-39
- Use FIPS-compatible API for key derivation
Resolves: RHEL-32809
* Fri Jan 05 2024 Dmitry Belyavskiy <dbelyavs@redhat.com> - 8.7p1-38
- Fix Terrapin attack
Resolves: CVE-2023-48795
* Fri Jan 05 2024 Dmitry Belyavskiy <dbelyavs@redhat.com> - 8.7p1-37 * Fri Jan 05 2024 Dmitry Belyavskiy <dbelyavs@redhat.com> - 8.7p1-37
- Fix Terrapin attack - Fix Terrapin attack
Resolves: CVE-2023-48795 Resolves: CVE-2023-48795