Source-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[src/trunk]: src/crypto/external/bsd/openssh welcome to openssh-6.2
details: https://anonhg.NetBSD.org/src/rev/c130357b0693
branches: trunk
changeset: 785762:c130357b0693
user: christos <christos%NetBSD.org@localhost>
date: Fri Mar 29 16:19:44 2013 +0000
description:
welcome to openssh-6.2
diffstat:
crypto/external/bsd/openssh/dist/PROTOCOL | 44 +++-
crypto/external/bsd/openssh/dist/PROTOCOL.agent | 6 +-
crypto/external/bsd/openssh/dist/auth-options.c | 8 +-
crypto/external/bsd/openssh/dist/auth-rsa.c | 8 +-
crypto/external/bsd/openssh/dist/auth.c | 78 ++++-
crypto/external/bsd/openssh/dist/auth.h | 19 +-
crypto/external/bsd/openssh/dist/auth1.c | 17 +-
crypto/external/bsd/openssh/dist/auth2-chall.c | 17 +-
crypto/external/bsd/openssh/dist/auth2-gss.c | 12 +-
crypto/external/bsd/openssh/dist/auth2-jpake.c | 6 +-
crypto/external/bsd/openssh/dist/auth2-pubkey.c | 210 ++++++++++++++-
crypto/external/bsd/openssh/dist/auth2.c | 233 +++++++++++++++-
crypto/external/bsd/openssh/dist/authfile.c | 10 +-
crypto/external/bsd/openssh/dist/channels.c | 16 +-
crypto/external/bsd/openssh/dist/cipher.c | 159 ++++++++---
crypto/external/bsd/openssh/dist/cipher.h | 10 +-
crypto/external/bsd/openssh/dist/clientloop.c | 149 +++++++---
crypto/external/bsd/openssh/dist/clientloop.h | 5 +-
crypto/external/bsd/openssh/dist/compat.c | 8 +-
crypto/external/bsd/openssh/dist/kex.c | 34 +-
crypto/external/bsd/openssh/dist/kex.h | 6 +-
crypto/external/bsd/openssh/dist/key.c | 44 ++-
crypto/external/bsd/openssh/dist/key.h | 8 +-
crypto/external/bsd/openssh/dist/krl.c | 45 ++-
crypto/external/bsd/openssh/dist/log.c | 22 +-
crypto/external/bsd/openssh/dist/log.h | 6 +-
crypto/external/bsd/openssh/dist/mac.c | 54 +++-
crypto/external/bsd/openssh/dist/monitor.c | 59 +++-
crypto/external/bsd/openssh/dist/monitor.h | 86 +++--
crypto/external/bsd/openssh/dist/monitor_wrap.c | 45 +-
crypto/external/bsd/openssh/dist/mux.c | 12 +-
crypto/external/bsd/openssh/dist/myproposal.h | 15 +-
crypto/external/bsd/openssh/dist/packet.c | 138 ++++++---
crypto/external/bsd/openssh/dist/servconf.c | 86 +++++-
crypto/external/bsd/openssh/dist/servconf.h | 21 +-
crypto/external/bsd/openssh/dist/serverloop.c | 27 +-
crypto/external/bsd/openssh/dist/session.c | 13 +-
crypto/external/bsd/openssh/dist/sftp-server.8 | 18 +-
crypto/external/bsd/openssh/dist/sftp-server.c | 30 +-
crypto/external/bsd/openssh/dist/sftp.c | 36 ++-
crypto/external/bsd/openssh/dist/ssh-add.1 | 16 +-
crypto/external/bsd/openssh/dist/ssh-add.c | 42 ++-
crypto/external/bsd/openssh/dist/ssh-keygen.1 | 127 +++++++++-
crypto/external/bsd/openssh/dist/ssh-keygen.c | 323 ++++++++++++++++++++++-
crypto/external/bsd/openssh/dist/ssh.1 | 113 ++++++--
crypto/external/bsd/openssh/dist/ssh_config.5 | 22 +-
crypto/external/bsd/openssh/dist/sshconnect.c | 70 ++--
crypto/external/bsd/openssh/dist/sshconnect2.c | 50 ++-
crypto/external/bsd/openssh/dist/sshd.8 | 8 +-
crypto/external/bsd/openssh/dist/sshd.c | 62 +++-
crypto/external/bsd/openssh/dist/sshd_config | 9 +-
crypto/external/bsd/openssh/dist/sshd_config.5 | 86 +++++-
crypto/external/bsd/openssh/dist/umac.h | 10 +-
crypto/external/bsd/openssh/dist/version.h | 8 +-
crypto/external/bsd/openssh/lib/Makefile | 3 +-
crypto/external/bsd/openssh/lib/shlib_version | 4 +-
56 files changed, 2152 insertions(+), 621 deletions(-)
diffs (truncated from 5465 to 300 lines):
diff -r cfcd3db81ddb -r c130357b0693 crypto/external/bsd/openssh/dist/PROTOCOL
--- a/crypto/external/bsd/openssh/dist/PROTOCOL Fri Mar 29 14:52:38 2013 +0000
+++ b/crypto/external/bsd/openssh/dist/PROTOCOL Fri Mar 29 16:19:44 2013 +0000
@@ -51,6 +51,46 @@
curve points encoded using point compression are NOT accepted or
generated.
+1.5 transport: Protocol 2 Encrypt-then-MAC MAC algorithms
+
+OpenSSH supports MAC algorithms, whose names contain "-etm", that
+perform the calculations in a different order to that defined in RFC
+4253. These variants use the so-called "encrypt then MAC" ordering,
+calculating the MAC over the packet ciphertext rather than the
+plaintext. This ordering closes a security flaw in the SSH transport
+protocol, where decryption of unauthenticated ciphertext provided a
+"decryption oracle" that could, in conjunction with cipher flaws, reveal
+session plaintext.
+
+Specifically, the "-etm" MAC algorithms modify the transport protocol
+to calculate the MAC over the packet ciphertext and to send the packet
+length unencrypted. This is necessary for the transport to obtain the
+length of the packet and location of the MAC tag so that it may be
+verified without decrypting unauthenticated data.
+
+As such, the MAC covers:
+
+ mac = MAC(key, sequence_number || packet_length || encrypted_packet)
+
+where "packet_length" is encoded as a uint32 and "encrypted_packet"
+contains:
+
+ byte padding_length
+ byte[n1] payload; n1 = packet_length - padding_length - 1
+ byte[n2] random padding; n2 = padding_length
+
+1.6 transport: AES-GCM
+
+OpenSSH supports the AES-GCM algorithm as specified in RFC 5647.
+Because of problems with the specification of the key exchange
+the behaviour of OpenSSH differs from the RFC as follows:
+
+AES-GCM is only negotiated as the cipher algorithms
+"aes128-gcm%openssh.com@localhost" or "aes256-gcm%openssh.com@localhost" and never as
+an MAC algorithm. Additionally, if AES-GCM is selected as the cipher
+the exchanged MAC algorithms are ignored and there doesn't have to be
+a matching MAC.
+
2. Connection protocol changes
2.1. connection: Channel write close extension "eow%openssh.com@localhost"
@@ -291,5 +331,5 @@
This extension is advertised in the SSH_FXP_VERSION hello with version
"1".
-$OpenBSD: PROTOCOL,v 1.17 2010/12/04 00:18:01 djm Exp $
-$NetBSD: PROTOCOL,v 1.2 2011/07/25 03:03:10 christos Exp $
+$OpenBSD: PROTOCOL,v 1.20 2013/01/08 18:49:04 markus Exp $
+$NetBSD: PROTOCOL,v 1.3 2013/03/29 16:19:44 christos Exp $
diff -r cfcd3db81ddb -r c130357b0693 crypto/external/bsd/openssh/dist/PROTOCOL.agent
--- a/crypto/external/bsd/openssh/dist/PROTOCOL.agent Fri Mar 29 14:52:38 2013 +0000
+++ b/crypto/external/bsd/openssh/dist/PROTOCOL.agent Fri Mar 29 16:19:44 2013 +0000
@@ -152,7 +152,7 @@
computation.
"key_constraints" may only be present if the request type is
-SSH_AGENTC_ADD_RSA_IDENTITY.
+SSH_AGENTC_ADD_RSA_ID_CONSTRAINED.
The agent will reply with a SSH_AGENT_SUCCESS if the key has been
successfully added or a SSH_AGENT_FAILURE if an error occurred.
@@ -557,5 +557,5 @@
SSH_AGENT_CONSTRAIN_LIFETIME 1
SSH_AGENT_CONSTRAIN_CONFIRM 2
-$OpenBSD: PROTOCOL.agent,v 1.6 2010/08/31 11:54:45 djm Exp $
-$NetBSD: PROTOCOL.agent,v 1.2 2011/07/25 03:03:10 christos Exp $
+$OpenBSD: PROTOCOL.agent,v 1.7 2013/01/02 00:33:49 djm Exp $
+$NetBSD: PROTOCOL.agent,v 1.3 2013/03/29 16:19:44 christos Exp $
diff -r cfcd3db81ddb -r c130357b0693 crypto/external/bsd/openssh/dist/auth-options.c
--- a/crypto/external/bsd/openssh/dist/auth-options.c Fri Mar 29 14:52:38 2013 +0000
+++ b/crypto/external/bsd/openssh/dist/auth-options.c Fri Mar 29 16:19:44 2013 +0000
@@ -1,5 +1,5 @@
-/* $NetBSD: auth-options.c,v 1.5 2012/05/02 02:41:08 christos Exp $ */
-/* $OpenBSD: auth-options.c,v 1.56 2011/10/18 04:58:26 djm Exp $ */
+/* $NetBSD: auth-options.c,v 1.6 2013/03/29 16:19:44 christos Exp $ */
+/* $OpenBSD: auth-options.c,v 1.57 2012/12/02 20:46:11 djm Exp $ */
/*
* Author: Tatu Ylonen <ylo%cs.hut.fi@localhost>
* Copyright (c) 1995 Tatu Ylonen <ylo%cs.hut.fi@localhost>, Espoo, Finland
@@ -12,7 +12,7 @@
*/
#include "includes.h"
-__RCSID("$NetBSD: auth-options.c,v 1.5 2012/05/02 02:41:08 christos Exp $");
+__RCSID("$NetBSD: auth-options.c,v 1.6 2013/03/29 16:19:44 christos Exp $");
#include <sys/types.h>
#include <sys/queue.h>
@@ -352,7 +352,7 @@
xfree(patterns);
goto bad_option;
}
- if (options.allow_tcp_forwarding)
+ if ((options.allow_tcp_forwarding & FORWARD_LOCAL) != 0)
channel_add_permitted_opens(host, port);
xfree(patterns);
goto next_option;
diff -r cfcd3db81ddb -r c130357b0693 crypto/external/bsd/openssh/dist/auth-rsa.c
--- a/crypto/external/bsd/openssh/dist/auth-rsa.c Fri Mar 29 14:52:38 2013 +0000
+++ b/crypto/external/bsd/openssh/dist/auth-rsa.c Fri Mar 29 16:19:44 2013 +0000
@@ -1,5 +1,5 @@
-/* $NetBSD: auth-rsa.c,v 1.6 2011/09/07 17:49:19 christos Exp $ */
-/* $OpenBSD: auth-rsa.c,v 1.80 2011/05/23 03:30:07 djm Exp $ */
+/* $NetBSD: auth-rsa.c,v 1.7 2013/03/29 16:19:44 christos Exp $ */
+/* $OpenBSD: auth-rsa.c,v 1.81 2012/10/30 21:29:54 djm Exp $ */
/*
* Author: Tatu Ylonen <ylo%cs.hut.fi@localhost>
* Copyright (c) 1995 Tatu Ylonen <ylo%cs.hut.fi@localhost>, Espoo, Finland
@@ -16,7 +16,7 @@
*/
#include "includes.h"
-__RCSID("$NetBSD: auth-rsa.c,v 1.6 2011/09/07 17:49:19 christos Exp $");
+__RCSID("$NetBSD: auth-rsa.c,v 1.7 2013/03/29 16:19:44 christos Exp $");
#include <sys/types.h>
#include <sys/stat.h>
@@ -361,6 +361,8 @@
#endif
for (i = 0; !allowed && i < options.num_authkeys_files; i++) {
+ if (strcasecmp(options.authorized_keys_files[i], "none") == 0)
+ continue;
file = expand_authorized_keys(
options.authorized_keys_files[i], pw);
allowed = rsa_key_allowed_in_file(pw, file, client_n, rkey);
diff -r cfcd3db81ddb -r c130357b0693 crypto/external/bsd/openssh/dist/auth.c
--- a/crypto/external/bsd/openssh/dist/auth.c Fri Mar 29 14:52:38 2013 +0000
+++ b/crypto/external/bsd/openssh/dist/auth.c Fri Mar 29 16:19:44 2013 +0000
@@ -1,5 +1,5 @@
-/* $NetBSD: auth.c,v 1.6 2012/12/12 17:42:39 christos Exp $ */
-/* $OpenBSD: auth.c,v 1.96 2012/05/13 01:42:32 dtucker Exp $ */
+/* $NetBSD: auth.c,v 1.7 2013/03/29 16:19:44 christos Exp $ */
+/* $OpenBSD: auth.c,v 1.101 2013/02/06 00:22:21 dtucker Exp $ */
/*
* Copyright (c) 2000 Markus Friedl. All rights reserved.
*
@@ -25,7 +25,7 @@
*/
#include "includes.h"
-__RCSID("$NetBSD: auth.c,v 1.6 2012/12/12 17:42:39 christos Exp $");
+__RCSID("$NetBSD: auth.c,v 1.7 2013/03/29 16:19:44 christos Exp $");
#include <sys/types.h>
#include <sys/stat.h>
#include <sys/param.h>
@@ -60,6 +60,7 @@
#endif
#include "authfile.h"
#include "monitor_wrap.h"
+#include "krl.h"
#ifdef HAVE_LOGIN_CAP
#include <login_cap.h>
@@ -309,8 +310,8 @@
}
void
-auth_log(Authctxt *authctxt, int authenticated, const char *method,
- const char *info)
+auth_log(Authctxt *authctxt, int authenticated, int partial,
+ const char *method, const char *submethod, const char *info)
{
void (*authlog) (const char *fmt,...) = verbose;
const char *authmsg;
@@ -327,12 +328,15 @@
if (authctxt->postponed)
authmsg = "Postponed";
+ else if (partial)
+ authmsg = "Partial";
else
authmsg = authenticated ? "Accepted" : "Failed";
- authlog("%s %s for %s%.100s from %.200s port %d%s",
+ authlog("%s %s%s%s for %s%.100s from %.200s port %d%s",
authmsg,
method,
+ submethod != NULL ? "/" : "", submethod == NULL ? "" : submethod,
authctxt->valid ? "" : "invalid user ",
authctxt->user,
get_remote_ipaddr(),
@@ -450,41 +454,42 @@
return host_status;
}
-
/*
- * Check a given file for security. This is defined as all components
+ * Check a given path for security. This is defined as all components
* of the path to the file must be owned by either the owner of
* of the file or root and no directories must be group or world writable.
*
* XXX Should any specific check be done for sym links ?
*
- * Takes an open file descriptor, the file name, a uid and and
+ * Takes a file name, its stat information (preferably from fstat() to
+ * avoid races), the uid of the expected owner, their home directory and an
* error buffer plus max size as arguments.
*
* Returns 0 on success and -1 on failure
*/
-static int
-secure_filename(FILE *f, const char *file, struct passwd *pw,
- char *err, size_t errlen)
+int
+auth_secure_path(const char *name, struct stat *stp, const char *pw_dir,
+ uid_t uid, char *err, size_t errlen)
{
- uid_t uid = pw->pw_uid;
char buf[MAXPATHLEN], homedir[MAXPATHLEN];
char *cp;
int comparehome = 0;
struct stat st;
- if (realpath(file, buf) == NULL) {
- snprintf(err, errlen, "realpath %s failed: %s", file,
+ if (realpath(name, buf) == NULL) {
+ snprintf(err, errlen, "realpath %s failed: %s", name,
strerror(errno));
return -1;
}
- if (realpath(pw->pw_dir, homedir) != NULL)
+ if (pw_dir != NULL && realpath(pw_dir, homedir) != NULL)
comparehome = 1;
- /* check the open file to avoid races */
- if (fstat(fileno(f), &st) < 0 ||
- (st.st_uid != 0 && st.st_uid != uid) ||
- (st.st_mode & 022) != 0) {
+ if (!S_ISREG(stp->st_mode)) {
+ snprintf(err, errlen, "%s is not a regular file", buf);
+ return -1;
+ }
+ if ((stp->st_uid != 0 && stp->st_uid != uid) ||
+ (stp->st_mode & 022) != 0) {
snprintf(err, errlen, "bad ownership or modes for file %s",
buf);
return -1;
@@ -520,6 +525,27 @@
return 0;
}
+/*
+ * Version of secure_path() that accepts an open file descriptor to
+ * avoid races.
+ *
+ * Returns 0 on success and -1 on failure
+ */
+static int
+secure_filename(FILE *f, const char *file, struct passwd *pw,
+ char *err, size_t errlen)
+{
+ struct stat st;
+
+ /* check the open file to avoid races */
+ if (fstat(fileno(f), &st) < 0) {
+ snprintf(err, errlen, "cannot stat file %s: %s",
+ file, strerror(errno));
+ return -1;
+ }
+ return auth_secure_path(file, &st, pw->pw_dir, pw->pw_uid, err, errlen);
+}
+
static FILE *
auth_openfile(const char *file, struct passwd *pw, int strict_modes,
int log_missing, const char *file_type)
@@ -627,7 +653,16 @@
if (options.revoked_keys_file == NULL)
return 0;
-
+ switch (ssh_krl_file_contains_key(options.revoked_keys_file, key)) {
+ case 0:
+ return 0; /* Not revoked */
+ case -2:
+ break; /* Not a KRL */
+ default:
+ goto revoked;
+ }
+ debug3("%s: treating %s as a key list", __func__,
+ options.revoked_keys_file);
switch (key_in_file(key, options.revoked_keys_file, 0)) {
case 0:
/* key not revoked */
@@ -638,6 +673,7 @@
"authentication");
return 1;
case 1:
+ revoked:
Home |
Main Index |
Thread Index |
Old Index