[src/netbsd-3-0]: src/crypto/dist/ssh Apply patch (requested by adrianp in ti...

[ghen <ghen%NetBSD.org@localhost>]

details:   https://anonhg.NetBSD.org/src/rev/ddbd0b2f420b
branches:  netbsd-3-0
changeset: 579324:ddbd0b2f420b
user:      ghen <ghen%NetBSD.org@localhost>
date:      Thu Oct 26 09:39:38 2006 +0000

description:
Apply patch (requested by adrianp in ticket #1569):
        crypto/dist/ssh/auth.h
        crypto/dist/ssh/deattack.c
        crypto/dist/ssh/deattack.h
        crypto/dist/ssh/log.c
        crypto/dist/ssh/log.h
        crypto/dist/ssh/packet.c
        crypto/dist/ssh/session.c
        crypto/dist/ssh/sshd.c
        crypto/dist/ssh/version.h
Fix CVE-2006-4924 and CVE-2006-5051 (patches backported from OpenSSH 4.4).

diffstat:

 crypto/dist/ssh/auth.h     |   3 ++-
 crypto/dist/ssh/deattack.c |  29 +++++++++++++++++++++++++----
 crypto/dist/ssh/deattack.h |   3 ++-
 crypto/dist/ssh/log.c      |  15 +++++++++++++--
 crypto/dist/ssh/log.h      |   3 ++-
 crypto/dist/ssh/packet.c   |  17 ++++++++++++-----
 crypto/dist/ssh/session.c  |   6 +++---
 crypto/dist/ssh/sshd.c     |   8 +++++---
 crypto/dist/ssh/version.h  |   4 ++--
 9 files changed, 66 insertions(+), 22 deletions(-)

diffs (273 lines):

diff -r f9f915527e5f -r ddbd0b2f420b crypto/dist/ssh/auth.h
--- a/crypto/dist/ssh/auth.h    Wed Oct 25 19:14:24 2006 +0000
+++ b/crypto/dist/ssh/auth.h    Thu Oct 26 09:39:38 2006 +0000
@@ -1,4 +1,4 @@
-/*     $NetBSD: auth.h,v 1.18 2005/02/13 18:14:04 christos Exp $       */
+/*     $NetBSD: auth.h,v 1.18.4.1 2006/10/26 09:39:38 ghen Exp $       */
 /*     $OpenBSD: auth.h,v 1.50 2004/05/23 23:59:53 dtucker Exp $       */
 
 /*
@@ -49,6 +49,7 @@
 
 struct Authctxt {
        int              success;
+       int              authenticated; /* authenticated and alarms cancelled */
        int              postponed;     /* authentication needs another step */
        int              valid;         /* user exists and is allowed to login */
        int              attempt;
diff -r f9f915527e5f -r ddbd0b2f420b crypto/dist/ssh/deattack.c
--- a/crypto/dist/ssh/deattack.c        Wed Oct 25 19:14:24 2006 +0000
+++ b/crypto/dist/ssh/deattack.c        Thu Oct 26 09:39:38 2006 +0000
@@ -1,4 +1,4 @@
-/*     $NetBSD: deattack.c,v 1.14 2005/02/13 05:57:26 christos Exp $   */
+/*     $NetBSD: deattack.c,v 1.14.4.1 2006/10/26 09:39:38 ghen Exp $   */
 /*
  * Cryptographic attack detector for ssh - source code
  *
@@ -20,7 +20,7 @@
 
 #include "includes.h"
 RCSID("$OpenBSD: deattack.c,v 1.19 2003/09/18 08:49:45 markus Exp $");
-__RCSID("$NetBSD: deattack.c,v 1.14 2005/02/13 05:57:26 christos Exp $");
+__RCSID("$NetBSD: deattack.c,v 1.14.4.1 2006/10/26 09:39:38 ghen Exp $");
 
 #include "deattack.h"
 #include "log.h"
@@ -29,6 +29,25 @@
 #include "xmalloc.h"
 #include "deattack.h"
 
+/*
+ * CRC attack detection has a worst-case behaviour that is O(N^3) over
+ * the number of identical blocks in a packet. This behaviour can be 
+ * exploited to create a limited denial of service attack. 
+ * 
+ * However, because we are dealing with encrypted data, identical
+ * blocks should only occur every 2^35 maximally-sized packets or so. 
+ * Consequently, we can detect this DoS by looking for identical blocks
+ * in a packet.
+ *
+ * The parameter below determines how many identical blocks we will
+ * accept in a single packet, trading off between attack detection and
+ * likelihood of terminating a legitimate connection. A value of 32 
+ * corresponds to an average of 2^40 messages before an attack is
+ * misdetected
+ */
+#define MAX_IDENTICAL  32
+
+
 /* SSH Constants */
 #define SSH_MAXBLOCKS  (32 * 1024)
 #define SSH_BLOCKSIZE  (8)
@@ -89,7 +108,7 @@
        static u_int16_t *h = (u_int16_t *) NULL;
        static u_int32_t n = HASH_MINSIZE / HASH_ENTRYSIZE;
        u_int32_t i, j;
-       u_int32_t l;
+       u_int32_t l, same;
        u_char *c;
        u_char *d;
 
@@ -135,7 +154,7 @@
        if (IV)
                h[HASH(IV) & (n - 1)] = HASH_IV;
 
-       for (c = buf, j = 0; c < (buf + len); c += SSH_BLOCKSIZE, j++) {
+       for (c = buf, same = j = 0; c < (buf + len); c += SSH_BLOCKSIZE, j++) {
                for (i = HASH(c) & (n - 1); h[i] != HASH_UNUSED;
                    i = (i + 1) & (n - 1)) {
                        if (h[i] == HASH_IV) {
@@ -146,6 +165,8 @@
                                                break;
                                }
                        } else if (!CMP(c, buf + h[i] * SSH_BLOCKSIZE)) {
+                               if (++same > MAX_IDENTICAL)
+                                       return (DEATTACK_DOS_DETECTED);
                                if (check_crc(c, buf, len, IV))
                                        return (DEATTACK_DETECTED);
                                else
diff -r f9f915527e5f -r ddbd0b2f420b crypto/dist/ssh/deattack.h
--- a/crypto/dist/ssh/deattack.h        Wed Oct 25 19:14:24 2006 +0000
+++ b/crypto/dist/ssh/deattack.h        Thu Oct 26 09:39:38 2006 +0000
@@ -1,4 +1,4 @@
-/*     $NetBSD: deattack.h,v 1.1.1.5 2001/09/27 02:00:42 itojun Exp $  */
+/*     $NetBSD: deattack.h,v 1.1.1.5.12.1 2006/10/26 09:39:38 ghen Exp $       */
 /*     $OpenBSD: deattack.h,v 1.7 2001/06/26 17:27:23 markus Exp $     */
 
 /*
@@ -26,6 +26,7 @@
 /* Return codes */
 #define DEATTACK_OK            0
 #define DEATTACK_DETECTED      1
+#define DEATTACK_DOS_DETECTED  2
 
 int     detect_attack(u_char *, u_int32_t, u_char[8]);
 #endif
diff -r f9f915527e5f -r ddbd0b2f420b crypto/dist/ssh/log.c
--- a/crypto/dist/ssh/log.c     Wed Oct 25 19:14:24 2006 +0000
+++ b/crypto/dist/ssh/log.c     Thu Oct 26 09:39:38 2006 +0000
@@ -1,4 +1,4 @@
-/*     $NetBSD: log.c,v 1.8 2005/02/13 05:57:26 christos Exp $ */
+/*     $NetBSD: log.c,v 1.8.4.1 2006/10/26 09:39:38 ghen Exp $ */
 /*
  * Author: Tatu Ylonen <ylo%cs.hut.fi@localhost>
  * Copyright (c) 1995 Tatu Ylonen <ylo%cs.hut.fi@localhost>, Espoo, Finland
@@ -36,7 +36,7 @@
 
 #include "includes.h"
 RCSID("$OpenBSD: log.c,v 1.29 2003/09/23 20:17:11 markus Exp $");
-__RCSID("$NetBSD: log.c,v 1.8 2005/02/13 05:57:26 christos Exp $");
+__RCSID("$NetBSD: log.c,v 1.8.4.1 2006/10/26 09:39:38 ghen Exp $");
 
 #include "log.h"
 #include "xmalloc.h"
@@ -124,6 +124,17 @@
        va_end(args);
 }
 
+void
+sigdie(const char *fmt,...)
+{
+       va_list args;
+
+       va_start(args, fmt);
+       do_log(SYSLOG_LEVEL_FATAL, fmt, args);
+       va_end(args);
+       _exit(1);
+}
+
 /* Log this message (information that usually should go to the log). */
 
 void
diff -r f9f915527e5f -r ddbd0b2f420b crypto/dist/ssh/log.h
--- a/crypto/dist/ssh/log.h     Wed Oct 25 19:14:24 2006 +0000
+++ b/crypto/dist/ssh/log.h     Thu Oct 26 09:39:38 2006 +0000
@@ -1,4 +1,4 @@
-/*     $NetBSD: log.h,v 1.9 2005/02/13 05:57:26 christos Exp $ */
+/*     $NetBSD: log.h,v 1.9.4.1 2006/10/26 09:39:38 ghen Exp $ */
 /*     $OpenBSD: log.h,v 1.11 2004/06/21 22:02:58 djm Exp $    */
 
 /*
@@ -51,6 +51,7 @@
 
 void     fatal(const char *, ...) __dead __attribute__((format(printf, 1, 2)));
 void     error(const char *, ...) __attribute__((format(printf, 1, 2)));
+void     sigdie(const char *, ...) __attribute__((format(printf, 1, 2)));
 void     logit(const char *, ...) __attribute__((format(printf, 1, 2)));
 void     verbose(const char *, ...) __attribute__((format(printf, 1, 2)));
 void     debug(const char *, ...) __attribute__((format(printf, 1, 2)));
diff -r f9f915527e5f -r ddbd0b2f420b crypto/dist/ssh/packet.c
--- a/crypto/dist/ssh/packet.c  Wed Oct 25 19:14:24 2006 +0000
+++ b/crypto/dist/ssh/packet.c  Thu Oct 26 09:39:38 2006 +0000
@@ -1,4 +1,4 @@
-/*     $NetBSD: packet.c,v 1.22 2005/02/13 05:57:26 christos Exp $     */
+/*     $NetBSD: packet.c,v 1.22.4.1 2006/10/26 09:39:38 ghen Exp $     */
 /*
  * Author: Tatu Ylonen <ylo%cs.hut.fi@localhost>
  * Copyright (c) 1995 Tatu Ylonen <ylo%cs.hut.fi@localhost>, Espoo, Finland
@@ -39,7 +39,7 @@
 
 #include "includes.h"
 RCSID("$OpenBSD: packet.c,v 1.115 2004/06/21 17:36:31 avsm Exp $");
-__RCSID("$NetBSD: packet.c,v 1.22 2005/02/13 05:57:26 christos Exp $");
+__RCSID("$NetBSD: packet.c,v 1.22.4.1 2006/10/26 09:39:38 ghen Exp $");
 
 #include <sys/queue.h>
 
@@ -936,9 +936,16 @@
         * (C)1998 CORE-SDI, Buenos Aires Argentina
         * Ariel Futoransky(futo%core-sdi.com@localhost)
         */
-       if (!receive_context.plaintext &&
-           detect_attack(buffer_ptr(&input), padded_len, NULL) == DEATTACK_DETECTED)
-               packet_disconnect("crc32 compensation attack: network attack detected");
+       if (!receive_context.plaintext) {
+               switch (detect_attack(buffer_ptr(&input), padded_len, NULL)) {
+               case DEATTACK_DETECTED:
+                       packet_disconnect("crc32 compensation attack: "
+                               "network attack detected");
+               case DEATTACK_DOS_DETECTED:
+                       packet_disconnect("deattack denial of "
+                               "service detected");
+               }
+       }
 
        /* Decrypt data to incoming_packet. */
        buffer_clear(&incoming_packet);
diff -r f9f915527e5f -r ddbd0b2f420b crypto/dist/ssh/session.c
--- a/crypto/dist/ssh/session.c Wed Oct 25 19:14:24 2006 +0000
+++ b/crypto/dist/ssh/session.c Thu Oct 26 09:39:38 2006 +0000
@@ -1,4 +1,4 @@
-/*     $NetBSD: session.c,v 1.39 2005/02/22 02:29:32 elric Exp $       */
+/*     $NetBSD: session.c,v 1.39.4.1 2006/10/26 09:39:38 ghen Exp $    */
 /*
  * Copyright (c) 1995 Tatu Ylonen <ylo%cs.hut.fi@localhost>, Espoo, Finland
  *                    All rights reserved
@@ -35,7 +35,7 @@
 
 #include "includes.h"
 RCSID("$OpenBSD: session.c,v 1.180 2004/07/28 09:40:29 markus Exp $");
-__RCSID("$NetBSD: session.c,v 1.39 2005/02/22 02:29:32 elric Exp $");
+__RCSID("$NetBSD: session.c,v 1.39.4.1 2006/10/26 09:39:38 ghen Exp $");
 
 #include "ssh.h"
 #include "ssh1.h"
@@ -2157,7 +2157,7 @@
                return;
        called = 1;
 
-       if (authctxt == NULL)
+       if (authctxt == NULL || !authctxt->authenticated)
                return;
 #ifdef KRB4
        if (options.kerberos_ticket_cleanup)
diff -r f9f915527e5f -r ddbd0b2f420b crypto/dist/ssh/sshd.c
--- a/crypto/dist/ssh/sshd.c    Wed Oct 25 19:14:24 2006 +0000
+++ b/crypto/dist/ssh/sshd.c    Thu Oct 26 09:39:38 2006 +0000
@@ -1,4 +1,4 @@
-/*     $NetBSD: sshd.c,v 1.37 2005/02/22 02:29:32 elric Exp $  */
+/*     $NetBSD: sshd.c,v 1.37.4.1 2006/10/26 09:39:39 ghen Exp $       */
 /*
  * Author: Tatu Ylonen <ylo%cs.hut.fi@localhost>
  * Copyright (c) 1995 Tatu Ylonen <ylo%cs.hut.fi@localhost>, Espoo, Finland
@@ -44,7 +44,7 @@
 
 #include "includes.h"
 RCSID("$OpenBSD: sshd.c,v 1.301 2004/08/11 11:50:09 dtucker Exp $");
-__RCSID("$NetBSD: sshd.c,v 1.37 2005/02/22 02:29:32 elric Exp $");
+__RCSID("$NetBSD: sshd.c,v 1.37.4.1 2006/10/26 09:39:39 ghen Exp $");
 
 #include <openssl/dh.h>
 #include <openssl/bn.h>
@@ -315,7 +315,7 @@
                kill(pmonitor->m_pid, SIGALRM);
 
        /* Log error and exit. */
-       fatal("Timeout before authentication for %s", get_remote_ipaddr());
+       sigdie("Timeout before authentication for %s", get_remote_ipaddr());
 }
 
 /*
@@ -1635,6 +1635,8 @@
        }
 
  authenticated:
+       authctxt->authenticated = 1;
+
        /*
         * In privilege separation, we fork another child and prepare
         * file descriptor passing.
diff -r f9f915527e5f -r ddbd0b2f420b crypto/dist/ssh/version.h
--- a/crypto/dist/ssh/version.h Wed Oct 25 19:14:24 2006 +0000
+++ b/crypto/dist/ssh/version.h Thu Oct 26 09:39:38 2006 +0000
@@ -1,8 +1,8 @@
-/*     $NetBSD: version.h,v 1.33 2005/02/13 05:57:27 christos Exp $    */
+/*     $NetBSD: version.h,v 1.33.4.1 2006/10/26 09:39:39 ghen Exp $    */
 /* $OpenBSD: version.h,v 1.42 2004/08/16 08:17:01 markus Exp $ */
 
 #define __OPENSSH_VERSION      "OpenSSH_3.9"
-#define __NETBSDSSH_VERSION    "NetBSD_Secure_Shell-20050213"
+#define __NETBSDSSH_VERSION    "NetBSD_Secure_Shell-20061016"
 
 /*
  * it is important to retain OpenSSH version identification part, it is