packages/openssh
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

!317 [sync] PR-314: backport some upstream patches

Browse Source 
From: @openeuler-sync-bot 
Reviewed-by: @jiangheng12 
Signed-off-by: @jiangheng12
This commit is contained in:
openeuler-ci-bot 2024-11-21 06:28:19 +00:00 committed by Gitee
commit 91dda3cd85
No known key found for this signature in database
GPG Key ID: 173E9B9CA92EEF8F
14 changed files with 1346 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

220
backport-CVE-2021-36368-added-option-to-disable-trivial-auth.patch Normal file
View File

@ -0,0 +1,220 @@
Conflict:NA
Reference:https://github.com/openssh/openssh-portable/pull/258/files
---
readconf.c | 11 ++++++++++-
readconf.h | 2 ++
scp.1 | 1 +
sftp.1 | 1 +
ssh.1 | 1 +
ssh_config | 1 +
ssh_config.5 | 7 +++++++
sshconnect2.c | 13 ++++++++++++-
8 files changed, 35 insertions(+), 2 deletions(-)
diff --git a/readconf.c b/readconf.c
index d25f983..45c1c22 100644
--- a/readconf.c
+++ b/readconf.c
@@ -157,7 +157,7 @@ typedef enum {
oLogFacility, oLogLevel, oLogVerbose, oCiphers, oMacs,
oPubkeyAuthentication,
oKbdInteractiveAuthentication, oKbdInteractiveDevices, oHostKeyAlias,
- oDynamicForward, oPreferredAuthentications, oHostbasedAuthentication,
+ oDynamicForward, oPreferredAuthentications, oHostbasedAuthentication, oDisableTrivialAuth,
oHostKeyAlgorithms, oBindAddress, oBindInterface, oPKCS11Provider,
oClearAllForwardings, oNoHostAuthenticationForLocalhost,
oEnableSSHKeysign, oRekeyLimit, oVerifyHostKeyDNS, oConnectTimeout,
@@ -250,6 +250,7 @@ static struct {
{ "pubkeyauthentication", oPubkeyAuthentication },
{ "dsaauthentication", oPubkeyAuthentication }, /* alias */
{ "hostbasedauthentication", oHostbasedAuthentication },
+ { "disabletrivialauth", oDisableTrivialAuth},
{ "identityfile", oIdentityFile },
{ "identityfile2", oIdentityFile }, /* obsolete */
{ "identitiesonly", oIdentitiesOnly },
@@ -1124,6 +1125,10 @@ parse_time:
intptr = &options->hostbased_authentication;
goto parse_flag;
+ case oDisableTrivialAuth:
+ intptr = &options->disable_trivial_auth;
+ goto parse_flag;
+
case oGssAuthentication:
intptr = &options->gss_authentication;
goto parse_flag;
@@ -2392,6 +2397,7 @@ initialize_options(Options * options)
options->kbd_interactive_authentication = -1;
options->kbd_interactive_devices = NULL;
options->hostbased_authentication = -1;
+ options->disable_trivial_auth = -1;
options->batch_mode = -1;
options->check_host_ip = -1;
options->strict_host_key_checking = -1;
@@ -2562,6 +2568,8 @@ fill_default_options(Options * options)
options->kbd_interactive_authentication = 1;
if (options->hostbased_authentication == -1)
options->hostbased_authentication = 0;
+ if (options->disable_trivial_auth == -1)
+ options->disable_trivial_auth = 0;
if (options->batch_mode == -1)
options->batch_mode = 0;
if (options->check_host_ip == -1)
@@ -3362,6 +3370,7 @@ dump_client_config(Options *o, const char *host)
#endif /* GSSAPI */
dump_cfg_fmtint(oHashKnownHosts, o->hash_known_hosts);
dump_cfg_fmtint(oHostbasedAuthentication, o->hostbased_authentication);
+ dump_cfg_fmtint(oDisableTrivialAuth, o->disable_trivial_auth);
dump_cfg_fmtint(oIdentitiesOnly, o->identities_only);
dump_cfg_fmtint(oKbdInteractiveAuthentication, o->kbd_interactive_authentication);
dump_cfg_fmtint(oNoHostAuthenticationForLocalhost, o->no_host_authentication_for_localhost);
diff --git a/readconf.h b/readconf.h
index 00895ad..b391bd6 100644
--- a/readconf.h
+++ b/readconf.h
@@ -38,6 +38,8 @@ typedef struct {
struct ForwardOptions fwd_opts; /* forwarding options */
int pubkey_authentication; /* Try ssh2 pubkey authentication. */
int hostbased_authentication; /* ssh2's rhosts_rsa */
+
+ int disable_trivial_auth; /* disable trivial authentications */
int gss_authentication; /* Try GSS authentication */
int gss_keyex; /* Try GSS key exchange */
int gss_deleg_creds; /* Delegate GSS credentials */
diff --git a/scp.1 b/scp.1
index 874c5c2..e1f8191 100644
--- a/scp.1
+++ b/scp.1
@@ -187,6 +187,7 @@ For full details of the options listed below, and their possible values, see
.It Host
.It HostbasedAcceptedAlgorithms
.It HostbasedAuthentication
+.It DisableTrivialAuth
.It HostKeyAlgorithms
.It HostKeyAlias
.It Hostname
diff --git a/sftp.1 b/sftp.1
index 7eebeea..89b6773 100644
--- a/sftp.1
+++ b/sftp.1
@@ -247,6 +247,7 @@ For full details of the options listed below, and their possible values, see
.It Host
.It HostbasedAcceptedAlgorithms
.It HostbasedAuthentication
+.It DisableTrivialAuth
.It HostKeyAlgorithms
.It HostKeyAlias
.It Hostname
diff --git a/ssh.1 b/ssh.1
index 975ab39..1cb8d5c 100644
--- a/ssh.1
+++ b/ssh.1
@@ -541,6 +541,7 @@ For full details of the options listed below, and their possible values, see
.It Host
.It HostbasedAcceptedAlgorithms
.It HostbasedAuthentication
+.It DisableTrivialAuth
.It HostKeyAlgorithms
.It HostKeyAlias
.It Hostname
diff --git a/ssh_config b/ssh_config
index b3a4922..169f30c 100644
--- a/ssh_config
+++ b/ssh_config
@@ -22,6 +22,7 @@
# ForwardX11 no
# PasswordAuthentication yes
# HostbasedAuthentication no
+# DisableTrivialAuth no
# GSSAPIAuthentication no
# GSSAPIDelegateCredentials no
# GSSAPIKeyExchange no
diff --git a/ssh_config.5 b/ssh_config.5
index 6735401..fd82e05 100644
--- a/ssh_config.5
+++ b/ssh_config.5
@@ -955,6 +955,13 @@ The argument must be
or
.Cm no
(the default).
+.It Cm DisableTrivialAuth
+Disables trivial or incomplete authentications.
+The argument must be
+.Cm yes
+or
+.Cm no
+(the default).
.It Cm HostKeyAlgorithms
Specifies the host key signature algorithms
that the client wants to use in order of preference.
diff --git a/sshconnect2.c b/sshconnect2.c
index e90eb89..150d419 100644
--- a/sshconnect2.c
+++ b/sshconnect2.c
@@ -403,6 +403,7 @@ struct identity {
TAILQ_HEAD(idlist, identity);
struct cauthctxt {
+ int is_trivial_auth;
const char *server_user;
const char *local_user;
const char *host;
@@ -531,6 +532,7 @@ ssh_userauth2(struct ssh *ssh, const char *local_user,
/* setup authentication context */
memset(&authctxt, 0, sizeof(authctxt));
authctxt.server_user = server_user;
+ authctxt.is_trivial_auth = 1;
authctxt.local_user = local_user;
authctxt.host = host;
authctxt.service = "ssh-connection"; /* service name */
@@ -570,6 +572,10 @@ ssh_userauth2(struct ssh *ssh, const char *local_user,
if (!authctxt.success)
fatal("Authentication failed.");
+ if (authctxt.is_trivial_auth == 1 && options.disable_trivial_auth == 1) {
+ fatal("Trivial authentication disabled.");
+ }
+ debug("Authentication succeeded (%s).", authctxt.method->name);
if (ssh_packet_connection_is_on_socket(ssh)) {
verbose("Authenticated to %s ([%s]:%d) using \"%s\".", host,
ssh_remote_ipaddr(ssh), ssh_remote_port(ssh),
@@ -968,6 +974,7 @@ process_gssapi_token(struct ssh *ssh, gss_buffer_t recv_tok)
fatal_fr(r, "send %u packet", type);
gss_release_buffer(&ms, &send_tok);
+ authctxt->is_trivial_auth = 0;
}
if (status == GSS_S_COMPLETE) {
@@ -1213,6 +1220,7 @@ static int
userauth_passwd(struct ssh *ssh)
{
Authctxt *authctxt = (Authctxt *)ssh->authctxt;
+ authctxt->is_trivial_auth = 0;
char *password, *prompt = NULL;
const char *host = options.host_key_alias ? options.host_key_alias :
authctxt->host;
@@ -2023,8 +2031,10 @@ userauth_pubkey(struct ssh *ssh)
id->isprivate = 0;
}
}
- if (sent)
+ if (sent) {
+ authctxt->is_trivial_auth = 0;
return (sent);
+ }
}
return (0);
}
@@ -2105,6 +2115,7 @@ input_userauth_info_req(int type, u_int32_t seq, struct ssh *ssh)
debug2_f("num_prompts %d", num_prompts);
for (i = 0; i < num_prompts; i++) {
+ authctxt->is_trivial_auth = 0;
if ((r = sshpkt_get_cstring(ssh, &prompt, NULL)) != 0 ||
(r = sshpkt_get_u8(ssh, &echo)) != 0)
goto out;
--
2.27.0

33
backport-openssh-6.6p1-keyperm.patch Normal file
View File

@ -0,0 +1,33 @@
diff -up openssh-8.2p1/authfile.c.keyperm openssh-8.2p1/authfile.c
--- openssh-8.2p1/authfile.c.keyperm 2020-02-14 01:40:54.000000000 +0100
+++ openssh-8.2p1/authfile.c 2020-02-17 11:55:12.841729758 +0100
Reference:https://src.fedoraproject.org/rpms/openssh/blob/rawhide/f/backport-openssh-6.6p1-keyperm.patch
Conflict:NA
@@ -31,6 +31,7 @@
#include <errno.h>
#include <fcntl.h>
+#include <grp.h>
#include <stdio.h>
#include <stdarg.h>
#include <stdlib.h>
@@ -101,7 +102,19 @@ sshkey_perm_ok(int fd, const char *filen
#ifdef HAVE_CYGWIN
if (check_ntsec(filename))
#endif
+
if ((st.st_uid == getuid()) && (st.st_mode & 077) != 0) {
+ if (st.st_mode & 040) {
+ struct group *gr;
+
+ if ((gr = getgrnam("ssh_keys")) && (st.st_gid == gr->gr_gid)) {
+ /* The only additional bit is read
+ * for ssh_keys group, which is fine */
+ if ((st.st_mode & 077) == 040 ) {
+ return 0;
+ }
+ }
+ }
error("@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@");
error("@ WARNING: UNPROTECTED PRIVATE KEY FILE! @");
error("@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@");

537
backport-openssh-7.7p1-fips.patch Normal file
View File

@ -0,0 +1,537 @@
From 94f3898f43a7ef0c53dd50c60ce6d6f884de28e1 Mon Sep 17 00:00:00 2001
Date: Tue, 20 Aug 2024 20:17:01 +0800
Subject: [PATCH] backport-openssh-7.7p1-fips
Reference:https://src.fedoraproject.org/rpms/openssh/blob/rawhide/f/backport-openssh-7.7p1-fips.patch
Conflict:NA
---
cipher-aes.c | 3 +-
dh.c | 41 +++++++++++++++++++++++++++
dh.h | 1 +
kex.c | 6 +++-
kexgexc.c | 5 ++++
myproposal.h | 33 ++++++++++++++++++++++
readconf.c | 16 +++++++----
sandbox-seccomp-filter.c | 3 ++
servconf.c | 16 +++++++----
ssh-keygen.c | 17 ++++++++++-
ssh-rsa.c | 3 ++
ssh.c | 5 ++++
sshconnect2.c | 61 ++++++++++++++++++++++------------------
sshd.c | 19 ++++++++++---
sshkey.c | 1 +
15 files changed, 186 insertions(+), 44 deletions(-)
diff --git a/cipher-aes.c b/cipher-aes.c
index 8b10172..1a07697 100644
--- a/cipher-aes.c
+++ b/cipher-aes.c
@@ -154,7 +154,8 @@ evp_rijndael(void)
rijndal_cbc.do_cipher = ssh_rijndael_cbc;
#ifndef SSH_OLD_EVP
rijndal_cbc.flags = EVP_CIPH_CBC_MODE | EVP_CIPH_VARIABLE_LENGTH |
- EVP_CIPH_ALWAYS_CALL_INIT | EVP_CIPH_CUSTOM_IV;
+ EVP_CIPH_ALWAYS_CALL_INIT | EVP_CIPH_CUSTOM_IV |
+ EVP_CIPH_FLAG_FIPS;
#endif
return (&rijndal_cbc);
}
diff --git a/dh.c b/dh.c
index ce2eb47..166cb02 100644
--- a/dh.c
+++ b/dh.c
@@ -36,6 +36,7 @@
#include <openssl/bn.h>
#include <openssl/dh.h>
+#include <openssl/fips.h>
#include "dh.h"
#include "pathnames.h"
@@ -164,6 +165,12 @@ choose_dh(int min, int wantbits, int max)
int best, bestcount, which, linenum;
struct dhgroup dhg;
+ if (FIPS_mode()) {
+ logit("Using arbitrary primes is not allowed in FIPS mode."
+ " Falling back to known groups.");
+ return (dh_new_group_fallback(max));
+ }
+
if ((f = fopen(get_moduli_filename(), "r")) == NULL) {
logit("WARNING: could not open %s (%s), using fixed modulus",
get_moduli_filename(), strerror(errno));
@@ -502,4 +509,38 @@ dh_estimate(int bits)
return 8192;
}
+/*
+ * Compares the received DH parameters with known-good groups,
+ * which might be either from group14, group16 or group18.
+ */
+int
+dh_is_known_group(const DH *dh)
+{
+ const BIGNUM *p, *g;
+ const BIGNUM *known_p, *known_g;
+ DH *known = NULL;
+ int bits = 0, rv = 0;
+
+ DH_get0_pqg(dh, &p, NULL, &g);
+ bits = BN_num_bits(p);
+
+ if (bits <= 3072) {
+ known = dh_new_group14();
+ } else if (bits <= 6144) {
+ known = dh_new_group16();
+ } else {
+ known = dh_new_group18();
+ }
+
+ DH_get0_pqg(known, &known_p, NULL, &known_g);
+
+ if (BN_cmp(g, known_g) == 0 &&
+ BN_cmp(p, known_p) == 0) {
+ rv = 1;
+ }
+
+ DH_free(known);
+ return rv;
+}
+
#endif /* WITH_OPENSSL */
diff --git a/dh.h b/dh.h
index c6326a3..e51e292 100644
--- a/dh.h
+++ b/dh.h
@@ -45,6 +45,7 @@ DH *dh_new_group_fallback(int);
int dh_gen_key(DH *, int);
int dh_pub_is_valid(const DH *, const BIGNUM *);
+int dh_is_known_group(const DH *);
u_int dh_estimate(int);
void dh_set_moduli_file(const char *);
diff --git a/kex.c b/kex.c
index 36ae36c..1636f25 100644
--- a/kex.c
+++ b/kex.c
@@ -40,6 +40,7 @@
#ifdef WITH_OPENSSL
#include <openssl/crypto.h>
#include <openssl/dh.h>
+#include <openssl/fips.h>
# ifdef HAVE_EVP_KDF_CTX_NEW_ID
# include <openssl/kdf.h>
# endif
@@ -205,7 +206,10 @@ kex_names_valid(const char *names)
for ((p = strsep(&cp, ",")); p && *p != '\0';
(p = strsep(&cp, ","))) {
if (kex_alg_by_name(p) == NULL) {
- error("Unsupported KEX algorithm \"%.100s\"", p);
+ if (FIPS_mode())
+ error("\"%.100s\" is not allowed in FIPS mode", p);
+ else
+ error("Unsupported KEX algorithm \"%.100s\"", p);
free(s);
return 0;
}
diff --git a/kexgexc.c b/kexgexc.c
index e99e0cf..4c3feae 100644
--- a/kexgexc.c
+++ b/kexgexc.c
@@ -28,6 +28,7 @@
#ifdef WITH_OPENSSL
+#include <openssl/fips.h>
#include <sys/types.h>
#include <openssl/dh.h>
@@ -115,6 +116,10 @@ input_kex_dh_gex_group(int type, u_int32_t seq, struct ssh *ssh)
r = SSH_ERR_ALLOC_FAIL;
goto out;
}
+ if (FIPS_mode() && dh_is_known_group(kex->dh) == 0) {
+ r = SSH_ERR_INVALID_ARGUMENT;
+ goto out;
+ }
p = g = NULL; /* belong to kex->dh now */
/* generate and send 'e', client DH public key */
diff --git a/myproposal.h b/myproposal.h
index ee6e9f7..ff8dfa8 100644
--- a/myproposal.h
+++ b/myproposal.h
@@ -56,6 +56,18 @@
"rsa-sha2-512," \
"rsa-sha2-256"
+#define KEX_FIPS_PK_ALG \
+ "ecdsa-sha2-nistp256-cert-v01@openssh.com," \
+ "ecdsa-sha2-nistp384-cert-v01@openssh.com," \
+ "ecdsa-sha2-nistp521-cert-v01@openssh.com," \
+ "rsa-sha2-512-cert-v01@openssh.com," \
+ "rsa-sha2-256-cert-v01@openssh.com," \
+ "ecdsa-sha2-nistp256," \
+ "ecdsa-sha2-nistp384," \
+ "ecdsa-sha2-nistp521," \
+ "rsa-sha2-512," \
+ "rsa-sha2-256," \
+
#define KEX_SERVER_ENCRYPT \
"chacha20-poly1305@openssh.com," \
"aes128-ctr,aes192-ctr,aes256-ctr," \
@@ -77,6 +89,27 @@
#define KEX_CLIENT_MAC KEX_SERVER_MAC
+#define KEX_FIPS_ENCRYPT \
+ "aes128-ctr,aes192-ctr,aes256-ctr," \
+ "aes128-cbc,3des-cbc," \
+ "aes192-cbc,aes256-cbc,rijndael-cbc@lysator.liu.se," \
+ "aes128-gcm@openssh.com,aes256-gcm@openssh.com"
+#define KEX_DEFAULT_KEX_FIPS \
+ "ecdh-sha2-nistp256," \
+ "ecdh-sha2-nistp384," \
+ "ecdh-sha2-nistp521," \
+ "diffie-hellman-group-exchange-sha256," \
+ "diffie-hellman-group16-sha512," \
+ "diffie-hellman-group18-sha512," \
+ "diffie-hellman-group14-sha256"
+#define KEX_FIPS_MAC \
+ "hmac-sha1," \
+ "hmac-sha2-256," \
+ "hmac-sha2-512," \
+ "hmac-sha1-etm@openssh.com," \
+ "hmac-sha2-256-etm@openssh.com," \
+ "hmac-sha2-512-etm@openssh.com"
+
/* Not a KEX value, but here so all the algorithm defaults are together */
#define SSH_ALLOWED_CA_SIGALGS \
"ssh-ed25519," \
diff --git a/readconf.c b/readconf.c
index bd8627c..dd22c3c 100644
--- a/readconf.c
+++ b/readconf.c
@@ -24,6 +24,7 @@
#include <netinet/in_systm.h>
#include <netinet/ip.h>
#include <arpa/inet.h>
+#include <openssl/fips.h>
#include <ctype.h>
#include <errno.h>
@@ -2711,11 +2712,16 @@ fill_default_options(Options * options)
all_key = sshkey_alg_list(0, 0, 1, ',');
all_sig = sshkey_alg_list(0, 1, 1, ',');
/* remove unsupported algos from default lists */
- def_cipher = match_filter_allowlist(KEX_CLIENT_ENCRYPT, all_cipher);
- def_mac = match_filter_allowlist(KEX_CLIENT_MAC, all_mac);
- def_kex = match_filter_allowlist(KEX_CLIENT_KEX, all_kex);
- def_key = match_filter_allowlist(KEX_DEFAULT_PK_ALG, all_key);
- def_sig = match_filter_allowlist(SSH_ALLOWED_CA_SIGALGS, all_sig);
+ def_cipher = match_filter_allowlist((FIPS_mode() ?
+ KEX_FIPS_ENCRYPT : KEX_CLIENT_ENCRYPT), all_cipher);
+ def_mac = match_filter_allowlist((FIPS_mode() ?
+ KEX_FIPS_MAC : KEX_CLIENT_MAC), all_mac);
+ def_kex = match_filter_allowlist((FIPS_mode() ?
+ KEX_DEFAULT_KEX_FIPS : KEX_CLIENT_KEX), all_kex);
+ def_key = match_filter_allowlist((FIPS_mode() ?
+ KEX_FIPS_PK_ALG : KEX_DEFAULT_PK_ALG), all_key);
+ def_sig = match_filter_allowlist((FIPS_mode() ?
+ KEX_FIPS_PK_ALG : SSH_ALLOWED_CA_SIGALGS), all_sig);
#define ASSEMBLE(what, defaults, all) \
do { \
if ((r = kex_assemble_names(&options->what, \
diff --git a/sandbox-seccomp-filter.c b/sandbox-seccomp-filter.c
index 139b6fb..5376800 100644
--- a/sandbox-seccomp-filter.c
+++ b/sandbox-seccomp-filter.c
@@ -230,6 +230,9 @@ static const struct sock_filter preauth_insns[] = {
#ifdef __NR_open
SC_DENY(__NR_open, EACCES),
#endif
+#ifdef __NR_socket
+ SC_DENY(__NR_socket, EACCES),
+#endif
#ifdef __NR_openat
SC_DENY(__NR_openat, EACCES),
#endif
diff --git a/servconf.c b/servconf.c
index 0dbf90c..24db0cc 100644
--- a/servconf.c
+++ b/servconf.c
@@ -26,6 +26,7 @@
#ifdef HAVE_NET_ROUTE_H
#include <net/route.h>
#endif
+#include <openssl/fips.h>
#include <ctype.h>
#include <netdb.h>
@@ -230,11 +231,16 @@ assemble_algorithms(ServerOptions *o)
all_key = sshkey_alg_list(0, 0, 1, ',');
all_sig = sshkey_alg_list(0, 1, 1, ',');
/* remove unsupported algos from default lists */
- def_cipher = match_filter_allowlist(KEX_SERVER_ENCRYPT, all_cipher);
- def_mac = match_filter_allowlist(KEX_SERVER_MAC, all_mac);
- def_kex = match_filter_allowlist(KEX_SERVER_KEX, all_kex);
- def_key = match_filter_allowlist(KEX_DEFAULT_PK_ALG, all_key);
- def_sig = match_filter_allowlist(SSH_ALLOWED_CA_SIGALGS, all_sig);
+ def_cipher = match_filter_allowlist((FIPS_mode() ?
+ KEX_FIPS_ENCRYPT : KEX_SERVER_ENCRYPT), all_cipher);
+ def_mac = match_filter_allowlist((FIPS_mode() ?
+ KEX_FIPS_MAC : KEX_SERVER_MAC), all_mac);
+ def_kex = match_filter_allowlist((FIPS_mode() ?
+ KEX_DEFAULT_KEX_FIPS : KEX_SERVER_KEX), all_kex);
+ def_key = match_filter_allowlist((FIPS_mode() ?
+ KEX_FIPS_PK_ALG : KEX_DEFAULT_PK_ALG), all_key);
+ def_sig = match_filter_allowlist((FIPS_mode() ?
+ KEX_FIPS_PK_ALG : SSH_ALLOWED_CA_SIGALGS), all_sig);
#define ASSEMBLE(what, defaults, all) \
do { \
if ((r = kex_assemble_names(&o->what, defaults, all)) != 0) \
diff --git a/ssh-keygen.c b/ssh-keygen.c
index 46f4998..5c48ee0 100644
--- a/ssh-keygen.c
+++ b/ssh-keygen.c
@@ -23,6 +23,7 @@
#include <openssl/pem.h>
#include "openbsd-compat/openssl-compat.h"
#endif
+#include <openssl/fips.h>
#ifdef HAVE_STDINT_H
# include <stdint.h>
@@ -207,6 +208,12 @@ type_bits_valid(int type, const char *name, u_int32_t *bitsp)
#endif
}
#ifdef WITH_OPENSSL
+ if (FIPS_mode()) {
+ if (type == KEY_DSA)
+ fatal("DSA keys are not allowed in FIPS mode");
+ if (type == KEY_ED25519)
+ fatal("ED25519 keys are not allowed in FIPS mode");
+ }
switch (type) {
case KEY_DSA:
if (*bitsp != 1024)
@@ -1113,9 +1120,17 @@ do_gen_all_hostkeys(struct passwd *pw)
first = 1;
printf("%s: generating new host keys: ", __progname);
}
+ type = sshkey_type_from_name(key_types[i].key_type);
+
+ /* Skip the keys that are not supported in FIPS mode */
+ if (FIPS_mode() && (type == KEY_DSA || type == KEY_ED25519)) {
+ logit("Skipping %s key in FIPS mode",
+ key_types[i].key_type_display);
+ goto next;
+ }
+
printf("%s ", key_types[i].key_type_display);
fflush(stdout);
- type = sshkey_type_from_name(key_types[i].key_type);
if ((fd = mkstemp(prv_tmp)) == -1) {
error("Could not save your private key in %s: %s",
prv_tmp, strerror(errno));
diff --git a/ssh-rsa.c b/ssh-rsa.c
index 88a98fd..17662be 100644
--- a/ssh-rsa.c
+++ b/ssh-rsa.c
@@ -25,6 +25,7 @@
#include <openssl/err.h>
#include <openssl/core_names.h>
#include <openssl/param_build.h>
+#include <openssl/fips.h>
#include <stdarg.h>
#include <string.h>
@@ -162,6 +163,8 @@ ssh_rsa_generate(struct sshkey *k, int bits)
goto out;
if (EVP_PKEY_keygen(ctx, &res) <= 0) {
+ if (FIPS_mode())
+ logit_f("the key length might be unsupported by FIPS mode approved key generation method");
ret = SSH_ERR_LIBCRYPTO_ERROR;
goto out;
}
diff --git a/ssh.c b/ssh.c
index 4caa6e1..d144a25 100644
--- a/ssh.c
+++ b/ssh.c
@@ -77,6 +77,7 @@
#include <openssl/evp.h>
#include <openssl/err.h>
#endif
+#include <openssl/fips.h>
#include "openbsd-compat/openssl-compat.h"
#include "openbsd-compat/sys-queue.h"
@@ -1564,6 +1565,10 @@ main(int ac, char **av)
exit(0);
}
+ if (FIPS_mode()) {
+ debug("FIPS mode initialized");
+ }
+
/* Expand SecurityKeyProvider if it refers to an environment variable */
if (options.sk_provider != NULL && *options.sk_provider == '$' &&
strlen(options.sk_provider) > 1) {
diff --git a/sshconnect2.c b/sshconnect2.c
index 1e217e4..1d72a91 100644
--- a/sshconnect2.c
+++ b/sshconnect2.c
@@ -45,6 +45,8 @@
#include <vis.h>
#endif
+#include <openssl/fips.h>
+
#include "openbsd-compat/sys-queue.h"
#include "xmalloc.h"
@@ -276,36 +278,41 @@ ssh_kex2(struct ssh *ssh, char *host, struct sockaddr *hostaddr, u_short port,
#if defined(GSSAPI) && defined(WITH_OPENSSL)
if (options.gss_keyex) {
- /* Add the GSSAPI mechanisms currently supported on this
- * client to the key exchange algorithm proposal */
- orig = myproposal[PROPOSAL_KEX_ALGS];
-
- if (options.gss_server_identity) {
- gss_host = xstrdup(options.gss_server_identity);
- } else if (options.gss_trust_dns) {
- gss_host = remote_hostname(ssh);
- /* Fall back to specified host if we are using proxy command
- * and can not use DNS on that socket */
- if (strcmp(gss_host, "UNKNOWN") == 0) {
- free(gss_host);
+ if (FIPS_mode()) {
+ logit("Disabling GSSAPIKeyExchange. Not usable in FIPS mode");
+ options.gss_keyex = 0;
+ } else {
+ /* Add the GSSAPI mechanisms currently supported on this
+ * client to the key exchange algorithm proposal */
+ orig = myproposal[PROPOSAL_KEX_ALGS];
+
+ if (options.gss_server_identity) {
+ gss_host = xstrdup(options.gss_server_identity);
+ } else if (options.gss_trust_dns) {
+ gss_host = remote_hostname(ssh);
+ /* Fall back to specified host if we are using proxy command
+ * and can not use DNS on that socket */
+ if (strcmp(gss_host, "UNKNOWN") == 0) {
+ free(gss_host);
+ gss_host = xstrdup(host);
+ }
+ } else {
gss_host = xstrdup(host);
}
- } else {
- gss_host = xstrdup(host);
- }
- gss = ssh_gssapi_client_mechanisms(gss_host,
- options.gss_client_identity, options.gss_kex_algorithms);
- if (gss) {
- debug("Offering GSSAPI proposal: %s", gss);
- xasprintf(&myproposal[PROPOSAL_KEX_ALGS],
- "%s,%s", gss, orig);
-
- /* If we've got GSSAPI algorithms, then we also support the
- * 'null' hostkey, as a last resort */
- orig = myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS];
- xasprintf(&myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS],
- "%s,null", orig);
+ gss = ssh_gssapi_client_mechanisms(gss_host,
+ options.gss_client_identity, options.gss_kex_algorithms);
+ if (gss) {
+ debug("Offering GSSAPI proposal: %s", gss);
+ xasprintf(&myproposal[PROPOSAL_KEX_ALGS],
+ "%s,%s", gss, orig);
+
+ /* If we've got GSSAPI algorithms, then we also support the
+ * 'null' hostkey, as a last resort */
+ orig = myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS];
+ xasprintf(&myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS],
+ "%s,null", orig);
+ }
}
}
#endif
diff --git a/sshd.c b/sshd.c
index 595e44a..f49e2e5 100644
--- a/sshd.c
+++ b/sshd.c
@@ -69,6 +69,7 @@
#endif
#include <pwd.h>
#include <signal.h>
+#include <syslog.h>
#include <stdarg.h>
#include <stdio.h>
#include <stdlib.h>
@@ -80,6 +81,7 @@
#include <openssl/dh.h>
#include <openssl/bn.h>
#include <openssl/rand.h>
+#include <openssl/fips.h>
#include "openbsd-compat/openssl-compat.h"
#endif
@@ -1665,6 +1667,7 @@ main(int ac, char **av)
sigemptyset(&sigmask);
sigprocmask(SIG_SETMASK, &sigmask, NULL);
+ OpenSSL_add_all_algorithms();
/* Save argv. Duplicate so setproctitle emulation doesn't clobber it */
saved_argc = ac;
rexec_argc = ac;
@@ -2160,6 +2163,10 @@ main(int ac, char **av)
/* Reinitialize the log (because of the fork above). */
log_init(__progname, options.log_level, options.log_facility, log_stderr);
+ if (FIPS_mode()) {
+ debug("FIPS mode initialized");
+ }
+
/*
* Chdir to the root directory so that the current disk can be
* unmounted if desired.
@@ -2535,10 +2542,14 @@ do_ssh2_kex(struct ssh *ssh)
if (strlen(myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS]) == 0)
orig = NULL;
- if (options.gss_keyex)
- gss = ssh_gssapi_server_mechanisms();
- else
- gss = NULL;
+ if (options.gss_keyex) {
+ if (FIPS_mode()) {
+ logit("Disabling GSSAPIKeyExchange. Not usable in FIPS mode");
+ options.gss_keyex = 0;
+ } else {
+ gss = ssh_gssapi_server_mechanisms();
+ }
+ }
if (gss && orig)
xasprintf(&newstr, "%s,%s", gss, orig);
diff --git a/sshkey.c b/sshkey.c
index 1aee244..be2c399 100644
--- a/sshkey.c
+++ b/sshkey.c
@@ -34,6 +34,7 @@
#include <openssl/evp.h>
#include <openssl/err.h>
#include <openssl/pem.h>
+#include <openssl/crypto.h>
#include <openssl/core_names.h>
#include <openssl/param_build.h>
#endif
--
2.33.0

29
backport-upstream-Do-not-apply-authorized_keys-options-when-signature.patch Normal file
View File

@ -0,0 +1,29 @@
From 62bbf8f825cc390ecb0523752ddac1435006f206 Mon Sep 17 00:00:00 2001
From: "djm@openbsd.org" <djm@openbsd.org>
Date: Sun, 15 Sep 2024 00:41:18 +0000
Subject: [PATCH] upstream: Do not apply authorized_keys options when signature
verification fails. Prevents restrictive key options being incorrectly
applied to subsequent keys in authorized_keys.
Conflict:NA
Reference:https://anongit.mindrot.org/openssh.git/commit/62bbf8f825cc390ecb0523752ddac1435006f206
---
monitor.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/monitor.c b/monitor.c
index ceeb035..a2647fd 100644
--- a/monitor.c
+++ b/monitor.c
@@ -1564,7 +1564,7 @@ mm_answer_keyverify(struct ssh *ssh, int sock, struct sshbuf *m)
}
auth2_record_key(authctxt, ret == 0, key);
- if (key_blobtype == MM_USERKEY)
+ if (key_blobtype == MM_USERKEY && ret == 0)
auth_activate_options(ssh, key_opts);
monitor_reset_key_state();
--
2.43.0

157
backport-upstream-Fix-proxy-multiplexing-O-proxy-bug.patch Normal file
View File

@ -0,0 +1,157 @@
From 29fb6f6d46b67770084b4f12bcf8a01bd535041b Mon Sep 17 00:00:00 2001
From: "djm@openbsd.org" <djm@openbsd.org>
Date: Thu, 25 Jul 2024 22:40:08 +0000
Subject: [PATCH] upstream: Fix proxy multiplexing (-O proxy) bug
If a mux started with ControlPersist then later has a forwarding added using
mux proxy connection and the forwarding was used, then when the mux proxy
session terminates, the mux master process will send a channel close to the
server with a bad channel ID and crash the connection.
This was caused by my stupidly reusing c->remote_id for mux channel
associations when I should have just added another member to struct channel.
OpenBSD-Commit-ID: c9f474e0124e3fe456c5e43749b97d75e65b82b2
Reference:https://anongit.mindrot.org/openssh.git/commit/29fb6f6d46b67770084b4f12bcf8a01bd535041b
Conflict:NA
---
channels.c | 6 ++++--
channels.h | 2 ++
mux.c | 26 +++++++++++++-------------
nchan.c | 4 +++-
4 files changed, 22 insertions(+), 16 deletions(-)
diff --git a/channels.c b/channels.c
index 2c0aa65..02f5441 100644
--- a/channels.c
+++ b/channels.c
@@ -964,14 +964,16 @@ channel_format_status(const Channel *c)
{
char *ret = NULL;
- xasprintf(&ret, "t%d [%s] %s%u i%u/%zu o%u/%zu e[%s]/%zu "
- "fd %d/%d/%d sock %d cc %d io 0x%02x/0x%02x",
+ xasprintf(&ret, "t%d [%s] %s%u %s%u i%u/%zu o%u/%zu e[%s]/%zu "
+ "fd %d/%d/%d sock %d cc %d %s%u io 0x%02x/0x%02x",
c->type, c->xctype != NULL ? c->xctype : c->ctype,
c->have_remote_id ? "r" : "nr", c->remote_id,
+ c->mux_ctx != NULL ? "m" : "nm", c->mux_downstream_id,
c->istate, sshbuf_len(c->input),
c->ostate, sshbuf_len(c->output),
channel_format_extended_usage(c), sshbuf_len(c->extended),
c->rfd, c->wfd, c->efd, c->sock, c->ctl_chan,
+ c->have_ctl_child_id ? "c" : "nc", c->ctl_child_id,
c->io_want, c->io_ready);
return ret;
}
diff --git a/channels.h b/channels.h
index 7e59914..f3dd87d 100644
--- a/channels.h
+++ b/channels.h
@@ -140,6 +140,8 @@ struct Channel {
u_int io_ready; /* bitmask of SSH_CHAN_IO_* */
int pfds[4]; /* pollfd entries for rfd/wfd/efd/sock */
int ctl_chan; /* control channel (multiplexed connections) */
+ uint32_t ctl_child_id; /* child session for mux controllers */
+ int have_ctl_child_id; /* non-zero if ctl_child_id is valid */
int isatty; /* rfd is a tty */
#ifdef _AIX
int wfd_isatty; /* wfd is a tty */
diff --git a/mux.c b/mux.c
index b3ffde9..f391892 100644
--- a/mux.c
+++ b/mux.c
@@ -199,8 +199,8 @@ mux_master_session_cleanup_cb(struct ssh *ssh, int cid, int force, void *unused)
fatal_f("channel %d missing control channel %d",
c->self, c->ctl_chan);
c->ctl_chan = -1;
- cc->remote_id = 0;
- cc->have_remote_id = 0;
+ cc->ctl_child_id = 0;
+ cc->have_ctl_child_id = 0;
chan_rcvd_oclose(ssh, cc);
}
channel_cancel_cleanup(ssh, c->self);
@@ -215,12 +215,12 @@ mux_master_control_cleanup_cb(struct ssh *ssh, int cid, int force, void *unused)
debug3_f("entering for channel %d", cid);
if (c == NULL)
fatal_f("channel_by_id(%i) == NULL", cid);
- if (c->have_remote_id) {
- if ((sc = channel_by_id(ssh, c->remote_id)) == NULL)
+ if (c->have_ctl_child_id) {
+ if ((sc = channel_by_id(ssh, c->ctl_child_id)) == NULL)
fatal_f("channel %d missing session channel %u",
- c->self, c->remote_id);
- c->remote_id = 0;
- c->have_remote_id = 0;
+ c->self, c->ctl_child_id);
+ c->ctl_child_id = 0;
+ c->have_ctl_child_id = 0;
sc->ctl_chan = -1;
if (sc->type != SSH_CHANNEL_OPEN &&
sc->type != SSH_CHANNEL_OPENING) {
@@ -416,7 +416,7 @@ mux_master_process_new_session(struct ssh *ssh, u_int rid,
new_fd[0], new_fd[1], new_fd[2]);
/* XXX support multiple child sessions in future */
- if (c->have_remote_id) {
+ if (c->have_ctl_child_id) {
debug2_f("session already open");
reply_error(reply, MUX_S_FAILURE, rid,
"Multiple sessions not supported");
@@ -461,8 +461,8 @@ mux_master_process_new_session(struct ssh *ssh, u_int rid,
CHAN_EXTENDED_WRITE, "client-session", CHANNEL_NONBLOCK_STDIO);
nc->ctl_chan = c->self; /* link session -> control channel */
- c->remote_id = nc->self; /* link control -> session channel */
- c->have_remote_id = 1;
+ c->ctl_child_id = nc->self; /* link control -> session channel */
+ c->have_ctl_child_id = 1;
if (cctx->want_tty && escape_char != 0xffffffff) {
channel_register_filter(ssh, nc->self,
@@ -992,7 +992,7 @@ mux_master_process_stdio_fwd(struct ssh *ssh, u_int rid,
debug3_f("got fds stdin %d, stdout %d", new_fd[0], new_fd[1]);
/* XXX support multiple child sessions in future */
- if (c->have_remote_id) {
+ if (c->have_ctl_child_id) {
debug2_f("session already open");
reply_error(reply, MUX_S_FAILURE, rid,
"Multiple sessions not supported");
@@ -1019,8 +1019,8 @@ mux_master_process_stdio_fwd(struct ssh *ssh, u_int rid,
free(chost);
nc->ctl_chan = c->self; /* link session -> control channel */
- c->remote_id = nc->self; /* link control -> session channel */
- c->have_remote_id = 1;
+ c->ctl_child_id = nc->self; /* link control -> session channel */
+ c->have_ctl_child_id = 1;
debug2_f("channel_new: %d control %d", nc->self, nc->ctl_chan);
diff --git a/nchan.c b/nchan.c
index d33426f..715feeb 100644
--- a/nchan.c
+++ b/nchan.c
@@ -208,7 +208,7 @@ chan_send_close2(struct ssh *ssh, Channel *c)
{
int r;
- debug2("channel %d: send close", c->self);
+ debug2("channel %d: send close2", c->self);
if (c->ostate != CHAN_OUTPUT_CLOSED ||
c->istate != CHAN_INPUT_CLOSED) {
error("channel %d: cannot send close for istate/ostate %d/%d",
@@ -218,6 +218,8 @@ chan_send_close2(struct ssh *ssh, Channel *c)
} else {
if (!c->have_remote_id)
fatal_f("channel %d: no remote_id", c->self);
+ debug2("channel %d: send close for remote id %u", c->self,
+ c->remote_id);
if ((r = sshpkt_start(ssh, SSH2_MSG_CHANNEL_CLOSE)) != 0 ||
(r = sshpkt_put_u32(ssh, c->remote_id)) != 0 ||
(r = sshpkt_send(ssh)) != 0)
--
2.43.0

42
backport-upstream-Make-sure-sftp_get_limits-only-returns-0-if.patch Normal file
View File

@ -0,0 +1,42 @@
From 676377ce67807a24e08a54cd60ec832946cc6cae Mon Sep 17 00:00:00 2001
From: "tobhe@openbsd.org" <tobhe@openbsd.org>
Date: Mon, 13 Nov 2023 09:18:19 +0000
Subject: [PATCH] upstream: Make sure sftp_get_limits() only returns 0 if
'limits'
was initialized. This fixes a potential uninitialized use of 'limits' in
sftp_init() if sftp_get_limits() returned early because of an unexpected
message type.
ok djm@
OpenBSD-Commit-ID: 1c177d7c3becc1d71bc8763eecf61873a1d3884c
Reference:https://github.com/openssh/openssh-portable/commit/676377ce67807a24e08a54cd60ec832946cc6cae
Conflict:2de990142(Rename do_limits to sftp_get_limits)
---
sftp-client.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/sftp-client.c b/sftp-client.c
index 2598029f7..5cc8bb539 100644
--- a/sftp-client.c
+++ b/sftp-client.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: sftp-client.c,v 1.169 2023/03/08 04:43:12 guenther Exp $ */
+/* $OpenBSD: sftp-client.c,v 1.175 2023/11/13 09:18:19 tobhe Exp $ */
/*
* Copyright (c) 2001-2004 Damien Miller <djm@openbsd.org>
*
@@ -656,7 +656,7 @@ do_limits(struct sftp_conn *conn, struct sftp_limits *limits)
/* Disable the limits extension */
conn->exts &= ~SFTP_EXT_LIMITS;
sshbuf_free(msg);
- return 0;
+ return -1;
}
memset(limits, 0, sizeof(*limits));
--
2.33.0

39
backport-upstream-ensure-key_fd-is-filled-when-DSA-is-disable.patch Normal file
View File

@ -0,0 +1,39 @@
From f9311e8921d92c5efca767227a497ab63280ac39 Mon Sep 17 00:00:00 2001
From: "djm@openbsd.org" <djm@openbsd.org>
Date: Thu, 11 Jan 2024 01:51:16 +0000
Subject: upstream: ensure key_fd is filled when DSA is disabled; spotted by
tb@
OpenBSD-Commit-ID: 9dd417b6eec3cf67e870f147464a8d93f076dce7
Reference:https://anongit.mindrot.org/openssh.git/patch/?id=f9311e8921d92c5efca767227a497ab63280ac39
Conflict:4e838120a759(upstream: make DSA key support compile-time optional)
---
ssh-keysign.c | 5 ++++-
1 files changed, 4 insertions(+), 1 deletion(-)
create mode 100644 ssh-keysign.c.rej
diff --git a/ssh-keysign.c b/ssh-keysign.c
index 8b3c9a2..d4f9fd9 100644
--- a/ssh-keysign.c
+++ b/ssh-keysign.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssh-keysign.c,v 1.71 2022/08/01 11:09:26 djm Exp $ */
+/* $OpenBSD: ssh-keysign.c,v 1.73 2024/01/11 01:51:16 djm Exp $ */
/*
* Copyright (c) 2002 Markus Friedl. All rights reserved.
*
@@ -186,6 +186,9 @@ main(int argc, char **argv)
if (fd > 2)
close(fd);
+ for (i = 0; i < NUM_KEYTYPES; i++)
+ key_fd[i] = -1;
+
i = 0;
/* XXX This really needs to read sshd_config for the paths */
key_fd[i++] = open(_PATH_HOST_DSA_KEY_FILE, O_RDONLY);
--
2.33.0

41
backport-upstream-fix-memory-leak-in-mux-proxy-mode-when-requ.patch Normal file
View File

@ -0,0 +1,41 @@
From c47e1c9c7911f38b2fc2fb01b1f6ae3a3121a838 Mon Sep 17 00:00:00 2001
From: "djm@openbsd.org" <djm@openbsd.org>
Date: Wed, 6 Mar 2024 02:59:59 +0000
Subject: [PATCH] upstream: fix memory leak in mux proxy mode when requesting
forwarding.
found by RASU JSC, reported by Maks Mishin in GHPR#467
OpenBSD-Commit-ID: 97d96a166b1ad4b8d229864a553e3e56d3116860
Reference:https://github.com/openssh/openssh-portable/commit/c47e1c9c7911f38b2fc2fb01b1f6ae3a3121a838
Conflict:NA
---
channels.c | 7 +++----
1 file changed, 3 insertions(+), 4 deletions(-)
diff --git a/channels.c b/channels.c
index 6862556be..ece8d30d6 100644
--- a/channels.c
+++ b/channels.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: channels.c,v 1.430 2023/03/10 03:01:51 dtucker Exp $ */
+/* $OpenBSD: channels.c,v 1.437 2024/03/06 02:59:59 djm Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -3245,9 +3245,8 @@ channel_proxy_downstream(struct ssh *ssh, Channel *downstream)
goto out;
}
/* Record that connection to this host/port is permitted. */
- permission_set_add(ssh, FORWARD_USER, FORWARD_LOCAL, "<mux>", -1,
- listen_host, NULL, (int)listen_port, downstream);
- listen_host = NULL;
+ permission_set_add(ssh, FORWARD_USER, FORWARD_LOCAL, "<mux>",
+ -1, listen_host, NULL, (int)listen_port, downstream);
break;
case SSH2_MSG_CHANNEL_CLOSE:
if (have < 4)
--
2.33.0

56
backport-upstream-make-parsing-user-host-consistently-look-for-the-last-in.patch Normal file
View File

@ -0,0 +1,56 @@
From a8ad7a2952111c6ce32949a775df94286550af6b Mon Sep 17 00:00:00 2001
From: "djm@openbsd.org" <djm@openbsd.org>
Date: Fri, 6 Sep 2024 02:30:44 +0000
Subject: [PATCH] upstream: make parsing user@host consistently look for the
last '@' in the string rather than the first. This makes it possible to
use usernames that contain '@' characters.
Conflict:NA
Reference:https://anongit.mindrot.org/openssh.git/commit/a8ad7a2952111c6ce32949a775df94286550af6b
---
match.c | 6 +++---
ssh-add.c | 2 +-
2 files changed, 4 insertions(+), 4 deletions(-)
diff --git a/match.c b/match.c
index 3ac854d..b9a8225 100644
--- a/match.c
+++ b/match.c
@@ -241,17 +241,17 @@ match_user(const char *user, const char *host, const char *ipaddr,
/* test mode */
if (user == NULL && host == NULL && ipaddr == NULL) {
- if ((p = strchr(pattern, '@')) != NULL &&
+ if ((p = strrchr(pattern, '@')) != NULL &&
match_host_and_ip(NULL, NULL, p + 1) < 0)
return -1;
return 0;
}
- if ((p = strchr(pattern, '@')) == NULL)
+ if (strrchr(pattern, '@') == NULL)
return match_pattern(user, pattern);
pat = xstrdup(pattern);
- p = strchr(pat, '@');
+ p = strrchr(pat, '@');
*p++ = '\0';
if ((ret = match_pattern(user, pat)) == 1)
diff --git a/ssh-add.c b/ssh-add.c
index 8cba0a7..2b081d6 100644
--- a/ssh-add.c
+++ b/ssh-add.c
@@ -712,7 +712,7 @@ parse_dest_constraint_hop(const char *s, struct dest_constraint_hop *dch,
memset(dch, '\0', sizeof(*dch));
os = xstrdup(s);
- if ((host = strchr(os, '@')) == NULL)
+ if ((host = strrchr(os, '@')) == NULL)
host = os;
else {
*host++ = '\0';
--
2.43.0

39
backport-upstream-set-errno-EAFNOSUPPORT-when-filtering-addre.patch Normal file
View File

@ -0,0 +1,39 @@
From c52db0114826d73eff6cdbf205e9c1fa4f7ca6c6 Mon Sep 17 00:00:00 2001
From: "djm@openbsd.org" <djm@openbsd.org>
Date: Mon, 20 Nov 2023 02:50:00 +0000
Subject: [PATCH] upstream: set errno=EAFNOSUPPORT when filtering addresses
that don't
match AddressFamily; yields slightly better error message if no address
matches. bz#3526
OpenBSD-Commit-ID: 29cea900ddd8b04a4d1968da5c4a893be2ebd9e6
Reference:https://github.com/openssh/openssh-portable/commit/c52db0114826d73eff6cdbf205e9c1fa4f7ca6c6
Conflict:NA
---
sshconnect.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/sshconnect.c b/sshconnect.c
index ff3d3501f..bd077c75c 100644
--- a/sshconnect.c
+++ b/sshconnect.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: sshconnect.c,v 1.364 2023/11/15 23:03:38 djm Exp $ */
+/* $OpenBSD: sshconnect.c,v 1.365 2023/11/20 02:50:00 djm Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -485,7 +485,7 @@ ssh_connect_direct(struct ssh *ssh, const char *host, struct addrinfo *aitop,
ai->ai_family != options.address_family) {
debug2_f("skipping address [%s]:%s: "
"wrong address family", ntop, strport);
- errno = 0;
+ errno = EAFNOSUPPORT;
continue;
}
--
2.33.0

30
backport-upstream-some-extra-paranoia.patch Normal file
View File

@ -0,0 +1,30 @@
From 9517cc58577f85a0ba5f8bb46778dff625f0688f Mon Sep 17 00:00:00 2001
From: "djm@openbsd.org" <djm@openbsd.org>
Date: Tue, 24 Sep 2024 02:28:17 +0000
Subject: [PATCH] upstream: some extra paranoia, reminded by jsg@
Conflict:NA
Reference:https://anongit.mindrot.org/openssh.git/commit/9517cc58577f85a0ba5f8bb46778dff625f0688f
---
ssh-agent.c | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/ssh-agent.c b/ssh-agent.c
index cc58e6e..3d685e9 100644
--- a/ssh-agent.c
+++ b/ssh-agent.c
@@ -1578,6 +1578,10 @@ process_ext_session_bind(SocketEntry *e)
error_fr(r, "parse");
goto out;
}
+ if (sshbuf_len(sid) > AGENT_MAX_SID_LEN) {
+ error_f("session ID too long");
+ goto out;
+ }
if ((fp = sshkey_fingerprint(key, SSH_FP_HASH_DEFAULT,
SSH_FP_DEFAULT)) == NULL)
fatal_f("fingerprint failed");
--
2.43.0

46
backport-upstream-when-connecting-via-socket-the-default-case.patch Normal file
View File

@ -0,0 +1,46 @@
From 26f3f3bbc69196d908cad6558c8c7dc5beb8d74a Mon Sep 17 00:00:00 2001
From: "djm@openbsd.org" <djm@openbsd.org>
Date: Wed, 15 Nov 2023 23:03:38 +0000
Subject: [PATCH] upstream: when connecting via socket (the default case),
filter
addresses by AddressFamily if one was specified. Fixes the case where, if
CanonicalizeHostname is enabled, ssh may ignore AddressFamily. bz5326; ok
dtucker
OpenBSD-Commit-ID: 6c7d7751f6cd055126b2b268a7b64dcafa447439
Reference:https://github.com/openssh/openssh-portable/commit/26f3f3bbc69196d908cad6558c8c7dc5beb8d74a
Conflict:NA
---
sshconnect.c | 10 +++++++++-
1 file changed, 9 insertions(+), 1 deletion(-)
diff --git a/sshconnect.c b/sshconnect.c
index e6012f01e..ff3d3501f 100644
--- a/sshconnect.c
+++ b/sshconnect.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: sshconnect.c,v 1.363 2023/03/10 07:17:08 dtucker Exp $ */
+/* $OpenBSD: sshconnect.c,v 1.364 2023/11/15 23:03:38 djm Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -481,6 +481,14 @@ ssh_connect_direct(struct ssh *ssh, const char *host, struct addrinfo *aitop,
errno = oerrno;
continue;
}
+ if (options.address_family != AF_UNSPEC &&
+ ai->ai_family != options.address_family) {
+ debug2_f("skipping address [%s]:%s: "
+ "wrong address family", ntop, strport);
+ errno = 0;
+ continue;
+ }
+
debug("Connecting to %.200s [%.100s] port %s.",
host, ntop, strport);
--
2.33.0

44
backport-upstream-when-invoking-KnownHostsCommand-to-determin.patch Normal file
View File

@ -0,0 +1,44 @@
From aa7b21708511a6d4aed3839fc9f6e82e849dd4a1 Mon Sep 17 00:00:00 2001
From: "djm@openbsd.org" <djm@openbsd.org>
Date: Wed, 13 Dec 2023 03:28:19 +0000
Subject: [PATCH] upstream: when invoking KnownHostsCommand to determine the
order of
host key algorithms to request, ensure that the hostname passed to the
command is decorated with the port number for ports other than 22.
This matches the behaviour of KnownHostsCommand when invoked to look
up the actual host key.
bz3643, ok dtucker@
OpenBSD-Commit-ID: 5cfabc0b7c6c7ab473666df314f377b1f15420b1
Reference:https://github.com/openssh/openssh-portable/commit/aa7b21708511a6d4aed3839fc9f6e82e849dd4a1
Conflict:NA
---
sshconnect2.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/sshconnect2.c b/sshconnect2.c
index 5831a00c6..df6caf817 100644
--- a/sshconnect2.c
+++ b/sshconnect2.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: sshconnect2.c,v 1.370 2023/12/18 14:45:17 djm Exp $ */
+/* $OpenBSD: sshconnect2.c,v 1.369 2023/12/13 03:28:19 djm Exp $ */
/*
* Copyright (c) 2000 Markus Friedl. All rights reserved.
* Copyright (c) 2008 Damien Miller. All rights reserved.
@@ -140,7 +140,7 @@ order_hostkeyalgs(char *host, struct sockaddr *hostaddr, u_short port,
}
if (options.known_hosts_command != NULL) {
load_hostkeys_command(hostkeys, options.known_hosts_command,
- "ORDER", cinfo, NULL, host);
+ "ORDER", cinfo, NULL, hostname);
}
/*
* If a plain public key exists that matches the type of the best
--
2.33.0

34
openssh.spec
View File

@ -6,7 +6,7 @@
%{?no_gtk2:%global gtk2 0}
%global sshd_uid 74
%global openssh_release 5
%global openssh_release 6
Name: openssh
Version: 9.3p2
@ -101,6 +101,19 @@ Patch78: backport-CVE-2023-48795-upstream-implement-strict-key-exchange-i
Patch79: backport-CVE-2023-51385-upstream-ban-user-hostnames-with-most-shell-metachar.patch
Patch80: backport-fix-CVE-2024-6387.patch
Patch81: backport-CVE-2023-51384-upstream-apply-destination-constraints-to-all-p11-ke.patch
Patch82: backport-upstream-Make-sure-sftp_get_limits-only-returns-0-if.patch
Patch83: backport-upstream-when-connecting-via-socket-the-default-case.patch
Patch84: backport-upstream-set-errno-EAFNOSUPPORT-when-filtering-addre.patch
Patch85: backport-upstream-when-invoking-KnownHostsCommand-to-determin.patch
Patch86: backport-upstream-ensure-key_fd-is-filled-when-DSA-is-disable.patch
Patch87: backport-upstream-fix-memory-leak-in-mux-proxy-mode-when-requ.patch
Patch88: backport-openssh-7.7p1-fips.patch
Patch89: backport-CVE-2021-36368-added-option-to-disable-trivial-auth.patch
Patch90: backport-upstream-Fix-proxy-multiplexing-O-proxy-bug.patch
Patch91: backport-openssh-6.6p1-keyperm.patch
Patch92: backport-upstream-make-parsing-user-host-consistently-look-for-the-last-in.patch
Patch93: backport-upstream-Do-not-apply-authorized_keys-options-when-signature.patch
Patch94: backport-upstream-some-extra-paranoia.patch
Requires: /sbin/nologin
Requires: libselinux >= 2.3-5 audit-libs >= 1.0.8
@ -251,6 +264,19 @@ popd
%patch79 -p1
%patch80 -p1
%patch81 -p1
%patch82 -p1
%patch83 -p1
%patch84 -p1
%patch85 -p1
%patch86 -p1
%patch87 -p1
%patch88 -p1
%patch89 -p1
%patch90 -p1
%patch91 -p1
%patch92 -p1
%patch93 -p1
%patch94 -p1
autoreconf
pushd pam_ssh_agent_auth-pam_ssh_agent_auth-0.10.4
@ -467,6 +493,12 @@ getent passwd sshd >/dev/null || \
%attr(0644,root,root) %{_mandir}/man8/sftp-server.8*
%changelog
* Tue Oct 29 2024 bitianyuan <bitianyuan@huawei.com> - 9.3p2-6
- Type:bugfix
- ID:NA
- SUG:NA
- DESC:backport some upstream patches
* Fri Jul 12 2024 renmingshuai <renmingshuai@huawei.com> - 9.3p2-5
- Type:CVE
- CVE:CVE-2023-51384