Source-Changes-HG archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

[src/trunk]: src/crypto/external/bsd/openssh welcome to openssh-6.2



details:   https://anonhg.NetBSD.org/src/rev/c130357b0693
branches:  trunk
changeset: 785762:c130357b0693
user:      christos <christos%NetBSD.org@localhost>
date:      Fri Mar 29 16:19:44 2013 +0000

description:
welcome to openssh-6.2

diffstat:

 crypto/external/bsd/openssh/dist/PROTOCOL       |   44 +++-
 crypto/external/bsd/openssh/dist/PROTOCOL.agent |    6 +-
 crypto/external/bsd/openssh/dist/auth-options.c |    8 +-
 crypto/external/bsd/openssh/dist/auth-rsa.c     |    8 +-
 crypto/external/bsd/openssh/dist/auth.c         |   78 ++++-
 crypto/external/bsd/openssh/dist/auth.h         |   19 +-
 crypto/external/bsd/openssh/dist/auth1.c        |   17 +-
 crypto/external/bsd/openssh/dist/auth2-chall.c  |   17 +-
 crypto/external/bsd/openssh/dist/auth2-gss.c    |   12 +-
 crypto/external/bsd/openssh/dist/auth2-jpake.c  |    6 +-
 crypto/external/bsd/openssh/dist/auth2-pubkey.c |  210 ++++++++++++++-
 crypto/external/bsd/openssh/dist/auth2.c        |  233 +++++++++++++++-
 crypto/external/bsd/openssh/dist/authfile.c     |   10 +-
 crypto/external/bsd/openssh/dist/channels.c     |   16 +-
 crypto/external/bsd/openssh/dist/cipher.c       |  159 ++++++++---
 crypto/external/bsd/openssh/dist/cipher.h       |   10 +-
 crypto/external/bsd/openssh/dist/clientloop.c   |  149 +++++++---
 crypto/external/bsd/openssh/dist/clientloop.h   |    5 +-
 crypto/external/bsd/openssh/dist/compat.c       |    8 +-
 crypto/external/bsd/openssh/dist/kex.c          |   34 +-
 crypto/external/bsd/openssh/dist/kex.h          |    6 +-
 crypto/external/bsd/openssh/dist/key.c          |   44 ++-
 crypto/external/bsd/openssh/dist/key.h          |    8 +-
 crypto/external/bsd/openssh/dist/krl.c          |   45 ++-
 crypto/external/bsd/openssh/dist/log.c          |   22 +-
 crypto/external/bsd/openssh/dist/log.h          |    6 +-
 crypto/external/bsd/openssh/dist/mac.c          |   54 +++-
 crypto/external/bsd/openssh/dist/monitor.c      |   59 +++-
 crypto/external/bsd/openssh/dist/monitor.h      |   86 +++--
 crypto/external/bsd/openssh/dist/monitor_wrap.c |   45 +-
 crypto/external/bsd/openssh/dist/mux.c          |   12 +-
 crypto/external/bsd/openssh/dist/myproposal.h   |   15 +-
 crypto/external/bsd/openssh/dist/packet.c       |  138 ++++++---
 crypto/external/bsd/openssh/dist/servconf.c     |   86 +++++-
 crypto/external/bsd/openssh/dist/servconf.h     |   21 +-
 crypto/external/bsd/openssh/dist/serverloop.c   |   27 +-
 crypto/external/bsd/openssh/dist/session.c      |   13 +-
 crypto/external/bsd/openssh/dist/sftp-server.8  |   18 +-
 crypto/external/bsd/openssh/dist/sftp-server.c  |   30 +-
 crypto/external/bsd/openssh/dist/sftp.c         |   36 ++-
 crypto/external/bsd/openssh/dist/ssh-add.1      |   16 +-
 crypto/external/bsd/openssh/dist/ssh-add.c      |   42 ++-
 crypto/external/bsd/openssh/dist/ssh-keygen.1   |  127 +++++++++-
 crypto/external/bsd/openssh/dist/ssh-keygen.c   |  323 ++++++++++++++++++++++-
 crypto/external/bsd/openssh/dist/ssh.1          |  113 ++++++--
 crypto/external/bsd/openssh/dist/ssh_config.5   |   22 +-
 crypto/external/bsd/openssh/dist/sshconnect.c   |   70 ++--
 crypto/external/bsd/openssh/dist/sshconnect2.c  |   50 ++-
 crypto/external/bsd/openssh/dist/sshd.8         |    8 +-
 crypto/external/bsd/openssh/dist/sshd.c         |   62 +++-
 crypto/external/bsd/openssh/dist/sshd_config    |    9 +-
 crypto/external/bsd/openssh/dist/sshd_config.5  |   86 +++++-
 crypto/external/bsd/openssh/dist/umac.h         |   10 +-
 crypto/external/bsd/openssh/dist/version.h      |    8 +-
 crypto/external/bsd/openssh/lib/Makefile        |    3 +-
 crypto/external/bsd/openssh/lib/shlib_version   |    4 +-
 56 files changed, 2152 insertions(+), 621 deletions(-)

diffs (truncated from 5465 to 300 lines):

diff -r cfcd3db81ddb -r c130357b0693 crypto/external/bsd/openssh/dist/PROTOCOL
--- a/crypto/external/bsd/openssh/dist/PROTOCOL Fri Mar 29 14:52:38 2013 +0000
+++ b/crypto/external/bsd/openssh/dist/PROTOCOL Fri Mar 29 16:19:44 2013 +0000
@@ -51,6 +51,46 @@
 curve points encoded using point compression are NOT accepted or
 generated.
 
+1.5 transport: Protocol 2 Encrypt-then-MAC MAC algorithms
+
+OpenSSH supports MAC algorithms, whose names contain "-etm", that
+perform the calculations in a different order to that defined in RFC
+4253. These variants use the so-called "encrypt then MAC" ordering,
+calculating the MAC over the packet ciphertext rather than the
+plaintext. This ordering closes a security flaw in the SSH transport
+protocol, where decryption of unauthenticated ciphertext provided a
+"decryption oracle" that could, in conjunction with cipher flaws, reveal
+session plaintext.
+
+Specifically, the "-etm" MAC algorithms modify the transport protocol
+to calculate the MAC over the packet ciphertext and to send the packet
+length unencrypted. This is necessary for the transport to obtain the
+length of the packet and location of the MAC tag so that it may be
+verified without decrypting unauthenticated data.
+
+As such, the MAC covers:
+
+      mac = MAC(key, sequence_number || packet_length || encrypted_packet)
+
+where "packet_length" is encoded as a uint32 and "encrypted_packet"
+contains:
+
+      byte      padding_length
+      byte[n1]  payload; n1 = packet_length - padding_length - 1
+      byte[n2]  random padding; n2 = padding_length
+
+1.6 transport: AES-GCM
+
+OpenSSH supports the AES-GCM algorithm as specified in RFC 5647.
+Because of problems with the specification of the key exchange
+the behaviour of OpenSSH differs from the RFC as follows:
+
+AES-GCM is only negotiated as the cipher algorithms
+"aes128-gcm%openssh.com@localhost" or "aes256-gcm%openssh.com@localhost" and never as
+an MAC algorithm. Additionally, if AES-GCM is selected as the cipher
+the exchanged MAC algorithms are ignored and there doesn't have to be
+a matching MAC.
+
 2. Connection protocol changes
 
 2.1. connection: Channel write close extension "eow%openssh.com@localhost"
@@ -291,5 +331,5 @@
 This extension is advertised in the SSH_FXP_VERSION hello with version
 "1".
 
-$OpenBSD: PROTOCOL,v 1.17 2010/12/04 00:18:01 djm Exp $
-$NetBSD: PROTOCOL,v 1.2 2011/07/25 03:03:10 christos Exp $
+$OpenBSD: PROTOCOL,v 1.20 2013/01/08 18:49:04 markus Exp $
+$NetBSD: PROTOCOL,v 1.3 2013/03/29 16:19:44 christos Exp $
diff -r cfcd3db81ddb -r c130357b0693 crypto/external/bsd/openssh/dist/PROTOCOL.agent
--- a/crypto/external/bsd/openssh/dist/PROTOCOL.agent   Fri Mar 29 14:52:38 2013 +0000
+++ b/crypto/external/bsd/openssh/dist/PROTOCOL.agent   Fri Mar 29 16:19:44 2013 +0000
@@ -152,7 +152,7 @@
 computation.
 
 "key_constraints" may only be present if the request type is
-SSH_AGENTC_ADD_RSA_IDENTITY.
+SSH_AGENTC_ADD_RSA_ID_CONSTRAINED.
 
 The agent will reply with a SSH_AGENT_SUCCESS if the key has been
 successfully added or a SSH_AGENT_FAILURE if an error occurred.
@@ -557,5 +557,5 @@
        SSH_AGENT_CONSTRAIN_LIFETIME                    1
        SSH_AGENT_CONSTRAIN_CONFIRM                     2
 
-$OpenBSD: PROTOCOL.agent,v 1.6 2010/08/31 11:54:45 djm Exp $
-$NetBSD: PROTOCOL.agent,v 1.2 2011/07/25 03:03:10 christos Exp $
+$OpenBSD: PROTOCOL.agent,v 1.7 2013/01/02 00:33:49 djm Exp $
+$NetBSD: PROTOCOL.agent,v 1.3 2013/03/29 16:19:44 christos Exp $
diff -r cfcd3db81ddb -r c130357b0693 crypto/external/bsd/openssh/dist/auth-options.c
--- a/crypto/external/bsd/openssh/dist/auth-options.c   Fri Mar 29 14:52:38 2013 +0000
+++ b/crypto/external/bsd/openssh/dist/auth-options.c   Fri Mar 29 16:19:44 2013 +0000
@@ -1,5 +1,5 @@
-/*     $NetBSD: auth-options.c,v 1.5 2012/05/02 02:41:08 christos Exp $        */
-/* $OpenBSD: auth-options.c,v 1.56 2011/10/18 04:58:26 djm Exp $ */
+/*     $NetBSD: auth-options.c,v 1.6 2013/03/29 16:19:44 christos Exp $        */
+/* $OpenBSD: auth-options.c,v 1.57 2012/12/02 20:46:11 djm Exp $ */
 /*
  * Author: Tatu Ylonen <ylo%cs.hut.fi@localhost>
  * Copyright (c) 1995 Tatu Ylonen <ylo%cs.hut.fi@localhost>, Espoo, Finland
@@ -12,7 +12,7 @@
  */
 
 #include "includes.h"
-__RCSID("$NetBSD: auth-options.c,v 1.5 2012/05/02 02:41:08 christos Exp $");
+__RCSID("$NetBSD: auth-options.c,v 1.6 2013/03/29 16:19:44 christos Exp $");
 #include <sys/types.h>
 #include <sys/queue.h>
 
@@ -352,7 +352,7 @@
                                xfree(patterns);
                                goto bad_option;
                        }
-                       if (options.allow_tcp_forwarding)
+                       if ((options.allow_tcp_forwarding & FORWARD_LOCAL) != 0)
                                channel_add_permitted_opens(host, port);
                        xfree(patterns);
                        goto next_option;
diff -r cfcd3db81ddb -r c130357b0693 crypto/external/bsd/openssh/dist/auth-rsa.c
--- a/crypto/external/bsd/openssh/dist/auth-rsa.c       Fri Mar 29 14:52:38 2013 +0000
+++ b/crypto/external/bsd/openssh/dist/auth-rsa.c       Fri Mar 29 16:19:44 2013 +0000
@@ -1,5 +1,5 @@
-/*     $NetBSD: auth-rsa.c,v 1.6 2011/09/07 17:49:19 christos Exp $    */
-/* $OpenBSD: auth-rsa.c,v 1.80 2011/05/23 03:30:07 djm Exp $ */
+/*     $NetBSD: auth-rsa.c,v 1.7 2013/03/29 16:19:44 christos Exp $    */
+/* $OpenBSD: auth-rsa.c,v 1.81 2012/10/30 21:29:54 djm Exp $ */
 /*
  * Author: Tatu Ylonen <ylo%cs.hut.fi@localhost>
  * Copyright (c) 1995 Tatu Ylonen <ylo%cs.hut.fi@localhost>, Espoo, Finland
@@ -16,7 +16,7 @@
  */
 
 #include "includes.h"
-__RCSID("$NetBSD: auth-rsa.c,v 1.6 2011/09/07 17:49:19 christos Exp $");
+__RCSID("$NetBSD: auth-rsa.c,v 1.7 2013/03/29 16:19:44 christos Exp $");
 #include <sys/types.h>
 #include <sys/stat.h>
 
@@ -361,6 +361,8 @@
 #endif
 
        for (i = 0; !allowed && i < options.num_authkeys_files; i++) {
+               if (strcasecmp(options.authorized_keys_files[i], "none") == 0)
+                       continue;
                file = expand_authorized_keys(
                    options.authorized_keys_files[i], pw);
                allowed = rsa_key_allowed_in_file(pw, file, client_n, rkey);
diff -r cfcd3db81ddb -r c130357b0693 crypto/external/bsd/openssh/dist/auth.c
--- a/crypto/external/bsd/openssh/dist/auth.c   Fri Mar 29 14:52:38 2013 +0000
+++ b/crypto/external/bsd/openssh/dist/auth.c   Fri Mar 29 16:19:44 2013 +0000
@@ -1,5 +1,5 @@
-/*     $NetBSD: auth.c,v 1.6 2012/12/12 17:42:39 christos Exp $        */
-/* $OpenBSD: auth.c,v 1.96 2012/05/13 01:42:32 dtucker Exp $ */
+/*     $NetBSD: auth.c,v 1.7 2013/03/29 16:19:44 christos Exp $        */
+/* $OpenBSD: auth.c,v 1.101 2013/02/06 00:22:21 dtucker Exp $ */
 /*
  * Copyright (c) 2000 Markus Friedl.  All rights reserved.
  *
@@ -25,7 +25,7 @@
  */
 
 #include "includes.h"
-__RCSID("$NetBSD: auth.c,v 1.6 2012/12/12 17:42:39 christos Exp $");
+__RCSID("$NetBSD: auth.c,v 1.7 2013/03/29 16:19:44 christos Exp $");
 #include <sys/types.h>
 #include <sys/stat.h>
 #include <sys/param.h>
@@ -60,6 +60,7 @@
 #endif
 #include "authfile.h"
 #include "monitor_wrap.h"
+#include "krl.h"
 
 #ifdef HAVE_LOGIN_CAP
 #include <login_cap.h>
@@ -309,8 +310,8 @@
 }
 
 void
-auth_log(Authctxt *authctxt, int authenticated, const char *method,
-    const char *info)
+auth_log(Authctxt *authctxt, int authenticated, int partial,
+    const char *method, const char *submethod, const char *info)
 {
        void (*authlog) (const char *fmt,...) = verbose;
        const char *authmsg;
@@ -327,12 +328,15 @@
 
        if (authctxt->postponed)
                authmsg = "Postponed";
+       else if (partial)
+               authmsg = "Partial";
        else
                authmsg = authenticated ? "Accepted" : "Failed";
 
-       authlog("%s %s for %s%.100s from %.200s port %d%s",
+       authlog("%s %s%s%s for %s%.100s from %.200s port %d%s",
            authmsg,
            method,
+           submethod != NULL ? "/" : "", submethod == NULL ? "" : submethod,
            authctxt->valid ? "" : "invalid user ",
            authctxt->user,
            get_remote_ipaddr(),
@@ -450,41 +454,42 @@
        return host_status;
 }
 
-
 /*
- * Check a given file for security. This is defined as all components
+ * Check a given path for security. This is defined as all components
  * of the path to the file must be owned by either the owner of
  * of the file or root and no directories must be group or world writable.
  *
  * XXX Should any specific check be done for sym links ?
  *
- * Takes an open file descriptor, the file name, a uid and and
+ * Takes a file name, its stat information (preferably from fstat() to
+ * avoid races), the uid of the expected owner, their home directory and an
  * error buffer plus max size as arguments.
  *
  * Returns 0 on success and -1 on failure
  */
-static int
-secure_filename(FILE *f, const char *file, struct passwd *pw,
-    char *err, size_t errlen)
+int
+auth_secure_path(const char *name, struct stat *stp, const char *pw_dir,
+    uid_t uid, char *err, size_t errlen)
 {
-       uid_t uid = pw->pw_uid;
        char buf[MAXPATHLEN], homedir[MAXPATHLEN];
        char *cp;
        int comparehome = 0;
        struct stat st;
 
-       if (realpath(file, buf) == NULL) {
-               snprintf(err, errlen, "realpath %s failed: %s", file,
+       if (realpath(name, buf) == NULL) {
+               snprintf(err, errlen, "realpath %s failed: %s", name,
                    strerror(errno));
                return -1;
        }
-       if (realpath(pw->pw_dir, homedir) != NULL)
+       if (pw_dir != NULL && realpath(pw_dir, homedir) != NULL)
                comparehome = 1;
 
-       /* check the open file to avoid races */
-       if (fstat(fileno(f), &st) < 0 ||
-           (st.st_uid != 0 && st.st_uid != uid) ||
-           (st.st_mode & 022) != 0) {
+       if (!S_ISREG(stp->st_mode)) {
+               snprintf(err, errlen, "%s is not a regular file", buf);
+               return -1;
+       }
+       if ((stp->st_uid != 0 && stp->st_uid != uid) ||
+           (stp->st_mode & 022) != 0) {
                snprintf(err, errlen, "bad ownership or modes for file %s",
                    buf);
                return -1;
@@ -520,6 +525,27 @@
        return 0;
 }
 
+/*
+ * Version of secure_path() that accepts an open file descriptor to
+ * avoid races.
+ *
+ * Returns 0 on success and -1 on failure
+ */
+static int
+secure_filename(FILE *f, const char *file, struct passwd *pw,
+    char *err, size_t errlen)
+{
+       struct stat st;
+
+       /* check the open file to avoid races */
+       if (fstat(fileno(f), &st) < 0) {
+               snprintf(err, errlen, "cannot stat file %s: %s",
+                   file, strerror(errno));
+               return -1;
+       }
+       return auth_secure_path(file, &st, pw->pw_dir, pw->pw_uid, err, errlen);
+}
+
 static FILE *
 auth_openfile(const char *file, struct passwd *pw, int strict_modes,
     int log_missing, const char *file_type)
@@ -627,7 +653,16 @@
 
        if (options.revoked_keys_file == NULL)
                return 0;
-
+       switch (ssh_krl_file_contains_key(options.revoked_keys_file, key)) {
+       case 0:
+               return 0;       /* Not revoked */
+       case -2:
+               break;          /* Not a KRL */
+       default:
+               goto revoked;
+       }
+       debug3("%s: treating %s as a key list", __func__,
+           options.revoked_keys_file);
        switch (key_in_file(key, options.revoked_keys_file, 0)) {
        case 0:
                /* key not revoked */
@@ -638,6 +673,7 @@
                    "authentication");
                return 1;
        case 1:
+ revoked:



Home | Main Index | Thread Index | Old Index