From 6960e6c5d77f5ad02eca98e93fa7df0013713138 Mon Sep 17 00:00:00 2001 From: Mattias Ellert Date: Wed, 1 Dec 2021 17:31:50 +0100 Subject: [PATCH 01/44] Based on openssh-8.8p1-1.fc36 --- gsi-openssh.spec | 14 +- openssh-6.6p1-kuserok.patch | 10 +- openssh-7.3p1-x11-max-displays.patch | 6 +- openssh-7.7p1-fips.patch | 9 +- openssh-7.7p1-gssapi-new-unique.patch | 11 +- openssh-8.0p1-crypto-policies.patch | 25 +- openssh-8.7p1-sftp-default-protocol.patch | 58 +--- openssh-8.7p1-upstream-cve-2021-41617.patch | 31 -- ...gsissh.patch => openssh-8.8p1-gsissh.patch | 268 ++++++++--------- ...h => openssh-8.8p1-hpn-15.2-modified.patch | 282 +++++++++--------- sources | 4 +- 11 files changed, 321 insertions(+), 397 deletions(-) delete mode 100644 openssh-8.7p1-upstream-cve-2021-41617.patch rename openssh-8.7p1-gsissh.patch => openssh-8.8p1-gsissh.patch (90%) rename openssh-8.7p1-hpn-15.2-modified.patch => openssh-8.8p1-hpn-15.2-modified.patch (90%) diff --git a/gsi-openssh.spec b/gsi-openssh.spec index 7e7ccf0..66318cf 100644 --- a/gsi-openssh.spec +++ b/gsi-openssh.spec @@ -27,8 +27,8 @@ # Do we want libedit support %global libedit 1 -%global openssh_ver 8.7p1 -%global openssh_rel 2 +%global openssh_ver 8.8p1 +%global openssh_rel 1 Summary: An implementation of the SSH protocol with GSI authentication Name: gsi-openssh @@ -153,19 +153,17 @@ Patch975: openssh-8.0p1-preserve-pam-errors.patch Patch976: openssh-8.7p1-sftp-default-protocol.patch # Implement kill switch for SCP protocol Patch977: openssh-8.7p1-scp-kill-switch.patch -# CVE-2021-41617 -Patch978: openssh-8.7p1-upstream-cve-2021-41617.patch # Fix issue with read-only ssh buffer during gssapi key exchange (#1938224) # https://github.com/openssh-gsskex/openssh-gsskex/pull/19 Patch97: openssh-8.0p1-sshbuf-readonly.patch # This is the patch that adds GSI support # Based on hpn_isshd-gsi.7.5p1b.patch from Globus upstream -Patch98: openssh-8.7p1-gsissh.patch +Patch98: openssh-8.8p1-gsissh.patch # This is the HPN patch # Based on https://sourceforge.net/projects/hpnssh/files/Patches/HPN-SSH%2015v2%208.5p1/ -Patch99: openssh-8.7p1-hpn-15.2-modified.patch +Patch99: openssh-8.8p1-hpn-15.2-modified.patch License: BSD Requires: /sbin/nologin @@ -305,7 +303,6 @@ gpgv2 --quiet --keyring %{SOURCE3} %{SOURCE1} %{SOURCE0} %patch975 -p1 -b .preserve-pam-errors %patch976 -p1 -b .sftp-by-default %patch977 -p1 -b .kill-scp -%patch978 -p1 -b .cve-2021-41617 %patch200 -p1 -b .audit %patch201 -p1 -b .audit-race @@ -503,6 +500,9 @@ getent passwd sshd >/dev/null || \ %attr(0644,root,root) %{_unitdir}/gsisshd-keygen.target %changelog +* Wed Dec 01 2021 Mattias Ellert - 8.8p1-1 +- Based on openssh-8.8p1-1.fc36 + * Sun Oct 24 2021 Mattias Ellert - 8.7p1-2 - Based on openssh-8.7p1-3.fc36 diff --git a/openssh-6.6p1-kuserok.patch b/openssh-6.6p1-kuserok.patch index 1831f27..f3231f9 100644 --- a/openssh-6.6p1-kuserok.patch +++ b/openssh-6.6p1-kuserok.patch @@ -196,11 +196,11 @@ diff -up openssh-7.4p1/servconf.c.kuserok openssh-7.4p1/servconf.c sPort, sHostKeyFile, sLoginGraceTime, sPermitRootLogin, sLogFacility, sLogLevel, sLogVerbose, sKerberosAuthentication, sKerberosOrLocalPasswd, sKerberosTicketCleanup, -- sKerberosGetAFSToken, sKerberosUniqueCCache, -+ sKerberosGetAFSToken, sKerberosUniqueCCache, sKerberosUseKuserok, - sChallengeResponseAuthentication, - sPasswordAuthentication, sKbdInteractiveAuthentication, - sListenAddress, sAddressFamily, +- sKerberosGetAFSToken, sKerberosUniqueCCache, sPasswordAuthentication, ++ sKerberosGetAFSToken, sKerberosUniqueCCache, sKerberosUseKuserok, sPasswordAuthentication, + sKbdInteractiveAuthentication, sListenAddress, sAddressFamily, + sPrintMotd, sPrintLastLog, sIgnoreRhosts, + sX11Forwarding, sX11DisplayOffset, sX11UseLocalhost, @@ -478,12 +481,14 @@ static struct { { "kerberosgetafstoken", sUnsupported, SSHCFG_GLOBAL }, #endif diff --git a/openssh-7.3p1-x11-max-displays.patch b/openssh-7.3p1-x11-max-displays.patch index c8a147b..5af3e3b 100644 --- a/openssh-7.3p1-x11-max-displays.patch +++ b/openssh-7.3p1-x11-max-displays.patch @@ -110,9 +110,9 @@ diff -up openssh-7.4p1/servconf.c.x11max openssh-7.4p1/servconf.c options->x11_use_localhost = 1; if (options->xauth_location == NULL) @@ -419,7 +422,7 @@ typedef enum { - sPasswordAuthentication, sKbdInteractiveAuthentication, - sListenAddress, sAddressFamily, - sPrintMotd, sPrintLastLog, sIgnoreRhosts, + sKerberosGetAFSToken, sKerberosUniqueCCache, sKerberosUseKuserok, sPasswordAuthentication, + sKbdInteractiveAuthentication, sListenAddress, sAddressFamily, + sPrintMotd, sPrintLastLog, sIgnoreRhosts, - sX11Forwarding, sX11DisplayOffset, sX11UseLocalhost, + sX11Forwarding, sX11DisplayOffset, sX11MaxDisplays, sX11UseLocalhost, sPermitTTY, sStrictModes, sEmptyPasswd, sTCPKeepAlive, diff --git a/openssh-7.7p1-fips.patch b/openssh-7.7p1-fips.patch index d2c5592..72bceb1 100644 --- a/openssh-7.7p1-fips.patch +++ b/openssh-7.7p1-fips.patch @@ -117,9 +117,9 @@ diff -up openssh-8.6p1/kexgexc.c.fips openssh-8.6p1/kexgexc.c diff -up openssh-8.6p1/myproposal.h.fips openssh-8.6p1/myproposal.h --- openssh-8.6p1/myproposal.h.fips 2021-04-16 05:55:25.000000000 +0200 +++ openssh-8.6p1/myproposal.h 2021-04-19 16:53:03.065577869 +0200 -@@ -57,6 +57,20 @@ - "rsa-sha2-256," \ - "ssh-rsa" +@@ -57,6 +57,19 @@ + "rsa-sha2-512," \ + "rsa-sha2-256" +#define KEX_FIPS_PK_ALG \ + "ecdsa-sha2-nistp256-cert-v01@openssh.com," \ @@ -132,8 +132,7 @@ diff -up openssh-8.6p1/myproposal.h.fips openssh-8.6p1/myproposal.h + "ecdsa-sha2-nistp384," \ + "ecdsa-sha2-nistp521," \ + "rsa-sha2-512," \ -+ "rsa-sha2-256," \ -+ "ssh-rsa" ++ "rsa-sha2-256," + #define KEX_SERVER_ENCRYPT \ "chacha20-poly1305@openssh.com," \ diff --git a/openssh-7.7p1-gssapi-new-unique.patch b/openssh-7.7p1-gssapi-new-unique.patch index c130022..544932b 100644 --- a/openssh-7.7p1-gssapi-new-unique.patch +++ b/openssh-7.7p1-gssapi-new-unique.patch @@ -503,16 +503,15 @@ diff -up openssh-8.6p1/servconf.c.ccache_name openssh-8.6p1/servconf.c if (options->gss_authentication == -1) options->gss_authentication = 0; if (options->gss_keyex == -1) -@@ -506,7 +509,8 @@ typedef enum { +@@ -506,7 +509,7 @@ typedef enum { sPort, sHostKeyFile, sLoginGraceTime, sPermitRootLogin, sLogFacility, sLogLevel, sLogVerbose, sKerberosAuthentication, sKerberosOrLocalPasswd, sKerberosTicketCleanup, -- sKerberosGetAFSToken, sChallengeResponseAuthentication, -+ sKerberosGetAFSToken, sKerberosUniqueCCache, -+ sChallengeResponseAuthentication, - sPasswordAuthentication, sKbdInteractiveAuthentication, - sListenAddress, sAddressFamily, +- sKerberosGetAFSToken, sPasswordAuthentication, ++ sKerberosGetAFSToken, sKerberosUniqueCCache, sPasswordAuthentication, + sKbdInteractiveAuthentication, sListenAddress, sAddressFamily, sPrintMotd, sPrintLastLog, sIgnoreRhosts, + sX11Forwarding, sX11DisplayOffset, sX11UseLocalhost, @@ -593,11 +597,13 @@ static struct { #else { "kerberosgetafstoken", sUnsupported, SSHCFG_GLOBAL }, diff --git a/openssh-8.0p1-crypto-policies.patch b/openssh-8.0p1-crypto-policies.patch index 762825e..2ad438c 100644 --- a/openssh-8.0p1-crypto-policies.patch +++ b/openssh-8.0p1-crypto-policies.patch @@ -2,8 +2,8 @@ diff -up openssh-8.7p1/ssh_config.5.crypto-policies openssh-8.7p1/ssh_config.5 --- openssh-8.7p1/ssh_config.5.crypto-policies 2021-08-30 13:29:00.174292872 +0200 +++ openssh-8.7p1/ssh_config.5 2021-08-30 13:31:32.009548808 +0200 @@ -373,17 +373,13 @@ or - .Qq *.c.example.com - domains. + causes no CNAMEs to be considered for canonicalization. + This is the default behaviour. .It Cm CASignatureAlgorithms +The default is handled system-wide by +.Xr crypto-policies 7 . @@ -105,18 +105,18 @@ diff -up openssh-8.7p1/ssh_config.5.crypto-policies openssh-8.7p1/ssh_config.5 Multiple algorithms must be comma-separated. If the specified list begins with a .Sq + --character, then the specified methods will be appended to the default set +-character, then the specified algorithms will be appended to the default set -instead of replacing them. -+character, then the specified methods will be appended to the built-in ++character, then the specified algorithms will be appended to the built-in +openssh default set instead of replacing them. If the specified list begins with a .Sq - - character, then the specified methods (including wildcards) will be removed + character, then the specified algorithms (including wildcards) will be removed -from the default set instead of replacing them. +from the built-in openssh default set instead of replacing them. If the specified list begins with a .Sq ^ - character, then the specified methods will be placed at the head of the + character, then the specified algorithms will be placed at the head of the -default set. -The default is: -.Bd -literal -offset indent @@ -178,7 +178,7 @@ diff -up openssh-8.7p1/ssh_config.5.crypto-policies openssh-8.7p1/ssh_config.5 The list of available MAC algorithms may also be obtained using .Qq ssh -Q mac . .It Cm NoHostAuthenticationForLocalhost -@@ -1553,37 +1542,25 @@ instead of continuing to execute and pas +@@ -1553,36 +1542,25 @@ instead of continuing to execute and pas The default is .Cm no . .It Cm PubkeyAcceptedAlgorithms @@ -214,12 +214,11 @@ diff -up openssh-8.7p1/ssh_config.5.crypto-policies openssh-8.7p1/ssh_config.5 -sk-ecdsa-sha2-nistp256-cert-v01@openssh.com, -rsa-sha2-512-cert-v01@openssh.com, -rsa-sha2-256-cert-v01@openssh.com, --ssh-rsa-cert-v01@openssh.com, -ssh-ed25519, -ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521, -sk-ssh-ed25519@openssh.com, -sk-ecdsa-sha2-nistp256@openssh.com, --rsa-sha2-512,rsa-sha2-256,ssh-rsa +-rsa-sha2-512,rsa-sha2-256 -.Ed +built-in openssh default set. .Pp @@ -373,18 +372,18 @@ diff -up openssh-8.7p1/sshd_config.5.crypto-policies openssh-8.7p1/sshd_config.5 Multiple algorithms must be comma-separated. Alternately if the specified list begins with a .Sq + --character, then the specified methods will be appended to the default set +-character, then the specified algorithms will be appended to the default set -instead of replacing them. -+character, then the specified methods will be appended to the built-in ++character, then the specified algorithms will be appended to the built-in +openssh default set instead of replacing them. If the specified list begins with a .Sq - - character, then the specified methods (including wildcards) will be removed + character, then the specified algorithms (including wildcards) will be removed -from the default set instead of replacing them. +from the built-in openssh default set instead of replacing them. If the specified list begins with a .Sq ^ - character, then the specified methods will be placed at the head of the + character, then the specified algorithms will be placed at the head of the -default set. +built-in openssh default set. The supported algorithms are: diff --git a/openssh-8.7p1-sftp-default-protocol.patch b/openssh-8.7p1-sftp-default-protocol.patch index ec25944..c3527b1 100644 --- a/openssh-8.7p1-sftp-default-protocol.patch +++ b/openssh-8.7p1-sftp-default-protocol.patch @@ -2,18 +2,6 @@ diff --git a/scp.1 b/scp.1 index 68aac04b..a96e95ad 100644 --- a/scp.1 +++ b/scp.1 -@@ -8,9 +8,9 @@ - .\" - .\" Created: Sun May 7 00:14:37 1995 ylo - .\" --.\" $OpenBSD: scp.1,v 1.100 2021/08/11 14:07:54 naddy Exp $ -+.\" $OpenBSD: scp.1,v 1.101 2021/09/08 23:31:39 djm Exp $ - .\" --.Dd $Mdocdate: August 11 2021 $ -+.Dd $Mdocdate: September 8 2021 $ - .Dt SCP 1 - .Os - .Sh NAME @@ -18,7 +18,7 @@ .Nd OpenSSH secure file copy .Sh SYNOPSIS @@ -23,55 +11,31 @@ index 68aac04b..a96e95ad 100644 .Op Fl c Ar cipher .Op Fl D Ar sftp_server_path .Op Fl F Ar ssh_config -@@ -37,9 +37,6 @@ It uses - .Xr ssh 1 - for data transfer, and uses the same authentication and provides the - same security as a login session. --The scp protocol requires execution of the remote user's shell to perform --.Xr glob 3 --pattern matching. - .Pp - .Nm - will ask for passwords or passphrases if they are needed for @@ -79,7 +76,9 @@ The options are as follows: Copies between two remote hosts are transferred through the local host. Without this option the data is copied directly between the two remote hosts. --Note that, when using the legacy SCP protocol (the default), this option -+Note that, when using the legacy SCP protocol (via the +-Note that, when using the original SCP protocol (the default), this option ++Note that, when using the original SCP protocol (via the +.Fl O +flag), this option selects batch mode for the second host as .Nm cannot ask for passwords or passphrases for both hosts. -@@ -146,9 +145,10 @@ Limits the used bandwidth, specified in Kbit/s. - .It Fl O - Use the legacy SCP protocol for file transfers instead of the SFTP protocol. - Forcing the use of the SCP protocol may be necessary for servers that do --not implement SFTP or for backwards-compatibility for particular filename --wildcard patterns. +@@ -146,7 +145,6 @@ Limits the used bandwidth, specified in Kbit/s. + wildcard patterns and for expanding paths with a + .Sq ~ + prefix for older SFTP servers. -This mode is the default. -+not implement SFTP, for backwards-compatibility for particular filename -+wildcard patterns and for expanding paths with a -+.Sq ~ -+prefix for older SFTP servers. .It Fl o Ar ssh_option Can be used to pass options to .Nm ssh -@@ -258,16 +258,6 @@ to use for the encrypted connection. +@@ -258,8 +258,6 @@ to use for the encrypted connection. The program must understand .Xr ssh 1 options. -.It Fl s --Use the SFTP protocol for file transfers instead of the legacy SCP protocol. --Using SFTP avoids invoking a shell on the remote side and provides --more predictable filename handling, as the SCP protocol --relied on the remote shell for expanding --.Xr glob 3 --wildcards. --.Pp --A near-future release of OpenSSH will make the SFTP protocol the default. --This option will be deleted before the end of 2022. +-Use the SFTP protocol for transfers rather than the original scp protocol. .It Fl T Disable strict filename checking. By default when copying files from a remote host to a local directory @@ -103,12 +67,6 @@ diff --git a/scp.c b/scp.c index e039350c..c7cf7529 100644 --- a/scp.c +++ b/scp.c -@@ -1,4 +1,4 @@ --/* $OpenBSD: scp.c,v 1.232 2021/08/11 14:07:54 naddy Exp $ */ -+/* $OpenBSD: scp.c,v 1.233 2021/09/08 23:31:39 djm Exp $ */ - /* - * scp - secure remote copy. This is basically patched BSD rcp which - * uses ssh to do the data transfer (instead of using rcmd). @@ -448,7 +448,7 @@ main(int argc, char **argv) const char *errstr; extern char *optarg; diff --git a/openssh-8.7p1-upstream-cve-2021-41617.patch b/openssh-8.7p1-upstream-cve-2021-41617.patch deleted file mode 100644 index 0bca544..0000000 --- a/openssh-8.7p1-upstream-cve-2021-41617.patch +++ /dev/null @@ -1,31 +0,0 @@ -diff --git a/misc.c b/misc.c -index b8d1040d..0134d694 100644 ---- a/misc.c -+++ b/misc.c -@@ -1,4 +1,4 @@ --/* $OpenBSD: misc.c,v 1.169 2021/08/09 23:47:44 djm Exp $ */ -+/* $OpenBSD: misc.c,v 1.170 2021/09/26 14:01:03 djm Exp $ */ - /* - * Copyright (c) 2000 Markus Friedl. All rights reserved. - * Copyright (c) 2005-2020 Damien Miller. All rights reserved. -@@ -56,6 +56,7 @@ - #ifdef HAVE_PATHS_H - # include - #include -+#include - #endif - #ifdef SSH_TUN_OPENBSD - #include -@@ -2695,6 +2696,12 @@ subprocess(const char *tag, const char *command, - } - closefrom(STDERR_FILENO + 1); - -+ if (geteuid() == 0 && -+ initgroups(pw->pw_name, pw->pw_gid) == -1) { -+ error("%s: initgroups(%s, %u): %s", tag, -+ pw->pw_name, (u_int)pw->pw_gid, strerror(errno)); -+ _exit(1); -+ } - if (setresgid(pw->pw_gid, pw->pw_gid, pw->pw_gid) == -1) { - error("%s: setresgid %u: %s", tag, (u_int)pw->pw_gid, - strerror(errno)); diff --git a/openssh-8.7p1-gsissh.patch b/openssh-8.8p1-gsissh.patch similarity index 90% rename from openssh-8.7p1-gsissh.patch rename to openssh-8.8p1-gsissh.patch index f19161c..04d640a 100644 --- a/openssh-8.7p1-gsissh.patch +++ b/openssh-8.8p1-gsissh.patch @@ -1,6 +1,6 @@ -diff -Nur openssh-8.7p1.orig/auth2.c openssh-8.7p1/auth2.c ---- openssh-8.7p1.orig/auth2.c 2021-10-24 07:32:35.517723813 +0200 -+++ openssh-8.7p1/auth2.c 2021-10-24 07:33:38.862876709 +0200 +diff -Nur openssh-8.8p1.orig/auth2.c openssh-8.8p1/auth2.c +--- openssh-8.8p1.orig/auth2.c 2021-12-01 16:47:29.945987883 +0100 ++++ openssh-8.8p1/auth2.c 2021-12-01 16:48:10.374080945 +0100 @@ -277,7 +277,28 @@ (r = sshpkt_get_cstring(ssh, &service, NULL)) != 0 || (r = sshpkt_get_cstring(ssh, &method, NULL)) != 0) @@ -100,9 +100,9 @@ diff -Nur openssh-8.7p1.orig/auth2.c openssh-8.7p1/auth2.c "not allowed: (%s,%s) -> (%s,%s)", authctxt->user, authctxt->service, user, service); } -diff -Nur openssh-8.7p1.orig/auth2-gss.c openssh-8.7p1/auth2-gss.c ---- openssh-8.7p1.orig/auth2-gss.c 2021-10-24 07:32:35.388723503 +0200 -+++ openssh-8.7p1/auth2-gss.c 2021-10-24 07:33:38.863876712 +0200 +diff -Nur openssh-8.8p1.orig/auth2-gss.c openssh-8.8p1/auth2-gss.c +--- openssh-8.8p1.orig/auth2-gss.c 2021-12-01 16:47:29.832987623 +0100 ++++ openssh-8.8p1/auth2-gss.c 2021-12-01 16:48:10.375080947 +0100 @@ -50,6 +50,7 @@ extern ServerOptions options; @@ -307,9 +307,9 @@ diff -Nur openssh-8.7p1.orig/auth2-gss.c openssh-8.7p1/auth2-gss.c Authmethod method_gsskeyex = { "gssapi-keyex", userauth_gsskeyex, -diff -Nur openssh-8.7p1.orig/auth.c openssh-8.7p1/auth.c ---- openssh-8.7p1.orig/auth.c 2021-10-24 07:32:35.519723818 +0200 -+++ openssh-8.7p1/auth.c 2021-10-24 07:33:38.864876714 +0200 +diff -Nur openssh-8.8p1.orig/auth.c openssh-8.8p1/auth.c +--- openssh-8.8p1.orig/auth.c 2021-12-01 16:47:29.946987886 +0100 ++++ openssh-8.8p1/auth.c 2021-12-01 16:48:10.375080947 +0100 @@ -344,7 +344,8 @@ method, submethod != NULL ? "/" : "", submethod == NULL ? "" : submethod, @@ -340,9 +340,9 @@ diff -Nur openssh-8.7p1.orig/auth.c openssh-8.7p1/auth.c #ifdef CUSTOM_FAILED_LOGIN record_failed_login(ssh, user, auth_get_canonical_hostname(ssh, options.use_dns), "ssh"); -diff -Nur openssh-8.7p1.orig/auth.h openssh-8.7p1/auth.h ---- openssh-8.7p1.orig/auth.h 2021-10-24 07:32:35.519723818 +0200 -+++ openssh-8.7p1/auth.h 2021-10-24 07:33:38.864876714 +0200 +diff -Nur openssh-8.8p1.orig/auth.h openssh-8.8p1/auth.h +--- openssh-8.8p1.orig/auth.h 2021-12-01 16:47:29.946987886 +0100 ++++ openssh-8.8p1/auth.h 2021-12-01 16:48:10.376080950 +0100 @@ -83,6 +83,8 @@ krb5_principal krb5_user; char *krb5_ticket_file; @@ -352,9 +352,9 @@ diff -Nur openssh-8.7p1.orig/auth.h openssh-8.7p1/auth.h int krb5_set_env; #endif struct sshbuf *loginmsg; -diff -Nur openssh-8.7p1.orig/auth-pam.c openssh-8.7p1/auth-pam.c ---- openssh-8.7p1.orig/auth-pam.c 2021-10-24 07:32:35.510723796 +0200 -+++ openssh-8.7p1/auth-pam.c 2021-10-24 07:33:38.865876716 +0200 +diff -Nur openssh-8.8p1.orig/auth-pam.c openssh-8.8p1/auth-pam.c +--- openssh-8.8p1.orig/auth-pam.c 2021-12-01 16:47:29.937987865 +0100 ++++ openssh-8.8p1/auth-pam.c 2021-12-01 16:48:10.376080950 +0100 @@ -253,6 +253,7 @@ static char *sshpam_rhost = NULL; static char *sshpam_laddr = NULL; @@ -486,7 +486,7 @@ diff -Nur openssh-8.7p1.orig/auth-pam.c openssh-8.7p1/auth-pam.c } if (sshpam_rhost != NULL) { debug("PAM: setting PAM_RHOST to \"%s\"", sshpam_rhost); -@@ -1082,6 +1162,18 @@ +@@ -1083,6 +1163,18 @@ debug3("PAM: %s pam_acct_mgmt = %d (%s)", __func__, sshpam_err, pam_strerror(sshpam_handle, sshpam_err)); @@ -505,7 +505,7 @@ diff -Nur openssh-8.7p1.orig/auth-pam.c openssh-8.7p1/auth-pam.c if (sshpam_err != PAM_SUCCESS && sshpam_err != PAM_NEW_AUTHTOK_REQD) { sshpam_account_status = 0; return (sshpam_account_status); -@@ -1370,6 +1462,9 @@ +@@ -1371,6 +1463,9 @@ pam_strerror(sshpam_handle, sshpam_err)); sshpam_err = pam_authenticate(sshpam_handle, flags); @@ -515,9 +515,9 @@ diff -Nur openssh-8.7p1.orig/auth-pam.c openssh-8.7p1/auth-pam.c sshpam_password = NULL; free(fake); if (sshpam_err == PAM_MAXTRIES) -diff -Nur openssh-8.7p1.orig/auth-pam.h openssh-8.7p1/auth-pam.h ---- openssh-8.7p1.orig/auth-pam.h 2021-10-24 07:32:35.356723425 +0200 -+++ openssh-8.7p1/auth-pam.h 2021-10-24 07:33:38.865876716 +0200 +diff -Nur openssh-8.8p1.orig/auth-pam.h openssh-8.8p1/auth-pam.h +--- openssh-8.8p1.orig/auth-pam.h 2021-12-01 16:47:29.797987543 +0100 ++++ openssh-8.8p1/auth-pam.h 2021-12-01 16:48:10.377080952 +0100 @@ -43,5 +43,6 @@ int sshpam_get_maxtries_reached(void); void sshpam_set_maxtries_reached(int); @@ -525,9 +525,9 @@ diff -Nur openssh-8.7p1.orig/auth-pam.h openssh-8.7p1/auth-pam.h +struct passwd *sshpam_getpw(const char *); #endif /* USE_PAM */ -diff -Nur openssh-8.7p1.orig/canohost.c openssh-8.7p1/canohost.c ---- openssh-8.7p1.orig/canohost.c 2021-10-24 07:32:35.388723503 +0200 -+++ openssh-8.7p1/canohost.c 2021-10-24 07:33:38.866876718 +0200 +diff -Nur openssh-8.8p1.orig/canohost.c openssh-8.8p1/canohost.c +--- openssh-8.8p1.orig/canohost.c 2021-12-01 16:47:29.833987626 +0100 ++++ openssh-8.8p1/canohost.c 2021-12-01 16:48:10.377080952 +0100 @@ -17,6 +17,7 @@ #include #include @@ -570,9 +570,9 @@ diff -Nur openssh-8.7p1.orig/canohost.c openssh-8.7p1/canohost.c + } + } +} -diff -Nur openssh-8.7p1.orig/canohost.h openssh-8.7p1/canohost.h ---- openssh-8.7p1.orig/canohost.h 2021-10-24 07:32:35.388723503 +0200 -+++ openssh-8.7p1/canohost.h 2021-10-24 07:33:38.866876718 +0200 +diff -Nur openssh-8.8p1.orig/canohost.h openssh-8.8p1/canohost.h +--- openssh-8.8p1.orig/canohost.h 2021-12-01 16:47:29.833987626 +0100 ++++ openssh-8.8p1/canohost.h 2021-12-01 16:48:10.377080952 +0100 @@ -26,4 +26,6 @@ #endif /* _CANOHOST_H */ @@ -580,10 +580,10 @@ diff -Nur openssh-8.7p1.orig/canohost.h openssh-8.7p1/canohost.h +void resolve_localhost(char **host); + void ipv64_normalise_mapped(struct sockaddr_storage *, socklen_t *); -diff -Nur openssh-8.7p1.orig/configure.ac openssh-8.7p1/configure.ac ---- openssh-8.7p1.orig/configure.ac 2021-10-24 07:32:35.498723767 +0200 -+++ openssh-8.7p1/configure.ac 2021-10-24 07:49:48.431180638 +0200 -@@ -4777,6 +4777,14 @@ +diff -Nur openssh-8.8p1.orig/configure.ac openssh-8.8p1/configure.ac +--- openssh-8.8p1.orig/configure.ac 2021-12-01 16:47:29.928987844 +0100 ++++ openssh-8.8p1/configure.ac 2021-12-01 16:48:10.378080954 +0100 +@@ -4775,6 +4775,14 @@ AC_CHECK_HEADER([gssapi_krb5.h], , [ CPPFLAGS="$oldCPP" ]) @@ -598,7 +598,7 @@ diff -Nur openssh-8.7p1.orig/configure.ac openssh-8.7p1/configure.ac fi fi if test -n "${rpath_opt}" ; then -@@ -4817,6 +4825,40 @@ +@@ -4815,6 +4823,40 @@ AC_SUBST([GSSLIBS]) AC_SUBST([K5LIBS]) @@ -639,9 +639,9 @@ diff -Nur openssh-8.7p1.orig/configure.ac openssh-8.7p1/configure.ac # Check whether user wants systemd support SYSTEMD_MSG="no" AC_ARG_WITH(systemd, -diff -Nur openssh-8.7p1.orig/gss-genr.c openssh-8.7p1/gss-genr.c ---- openssh-8.7p1.orig/gss-genr.c 2021-10-24 07:32:35.551723895 +0200 -+++ openssh-8.7p1/gss-genr.c 2021-10-24 07:33:38.870876728 +0200 +diff -Nur openssh-8.8p1.orig/gss-genr.c openssh-8.8p1/gss-genr.c +--- openssh-8.8p1.orig/gss-genr.c 2021-12-01 16:47:29.973987948 +0100 ++++ openssh-8.8p1/gss-genr.c 2021-12-01 16:48:10.379080957 +0100 @@ -40,6 +40,7 @@ #include "ssherr.h" #include "sshbuf.h" @@ -678,9 +678,9 @@ diff -Nur openssh-8.7p1.orig/gss-genr.c openssh-8.7p1/gss-genr.c free(gssbuf.value); return (ctx->major); } -diff -Nur openssh-8.7p1.orig/gss-serv.c openssh-8.7p1/gss-serv.c ---- openssh-8.7p1.orig/gss-serv.c 2021-10-24 07:32:35.410723555 +0200 -+++ openssh-8.7p1/gss-serv.c 2021-10-24 07:33:38.870876728 +0200 +diff -Nur openssh-8.8p1.orig/gss-serv.c openssh-8.8p1/gss-serv.c +--- openssh-8.8p1.orig/gss-serv.c 2021-12-01 16:47:29.853987672 +0100 ++++ openssh-8.8p1/gss-serv.c 2021-12-01 16:48:10.379080957 +0100 @@ -50,10 +50,12 @@ #include "monitor_wrap.h" @@ -961,9 +961,9 @@ diff -Nur openssh-8.7p1.orig/gss-serv.c openssh-8.7p1/gss-serv.c xasprintf(&envstr, "%s=%s", gssapi_client.store.envvar, gssapi_client.store.envval); -diff -Nur openssh-8.7p1.orig/gss-serv-gsi.c openssh-8.7p1/gss-serv-gsi.c ---- openssh-8.7p1.orig/gss-serv-gsi.c 1970-01-01 01:00:00.000000000 +0100 -+++ openssh-8.7p1/gss-serv-gsi.c 2021-10-24 07:33:38.871876730 +0200 +diff -Nur openssh-8.8p1.orig/gss-serv-gsi.c openssh-8.8p1/gss-serv-gsi.c +--- openssh-8.8p1.orig/gss-serv-gsi.c 1970-01-01 01:00:00.000000000 +0100 ++++ openssh-8.8p1/gss-serv-gsi.c 2021-12-01 16:48:10.380080959 +0100 @@ -0,0 +1,328 @@ +/* + * Copyright (c) 2001-2003 Simon Wilkinson. All rights reserved. @@ -1293,9 +1293,9 @@ diff -Nur openssh-8.7p1.orig/gss-serv-gsi.c openssh-8.7p1/gss-serv-gsi.c + +#endif /* GSI */ +#endif /* GSSAPI */ -diff -Nur openssh-8.7p1.orig/gss-serv-krb5.c openssh-8.7p1/gss-serv-krb5.c ---- openssh-8.7p1.orig/gss-serv-krb5.c 2021-10-24 07:32:35.440723628 +0200 -+++ openssh-8.7p1/gss-serv-krb5.c 2021-10-24 07:33:38.871876730 +0200 +diff -Nur openssh-8.8p1.orig/gss-serv-krb5.c openssh-8.8p1/gss-serv-krb5.c +--- openssh-8.8p1.orig/gss-serv-krb5.c 2021-12-01 16:47:29.878987729 +0100 ++++ openssh-8.8p1/gss-serv-krb5.c 2021-12-01 16:48:10.380080959 +0100 @@ -379,6 +379,34 @@ return found_principal; } @@ -1349,9 +1349,9 @@ diff -Nur openssh-8.7p1.orig/gss-serv-krb5.c openssh-8.7p1/gss-serv-krb5.c &ssh_gssapi_krb5_storecreds, &ssh_gssapi_krb5_updatecreds }; -diff -Nur openssh-8.7p1.orig/kexgsss.c openssh-8.7p1/kexgsss.c ---- openssh-8.7p1.orig/kexgsss.c 2021-10-24 07:32:35.567723933 +0200 -+++ openssh-8.7p1/kexgsss.c 2021-10-24 07:33:38.871876730 +0200 +diff -Nur openssh-8.8p1.orig/kexgsss.c openssh-8.8p1/kexgsss.c +--- openssh-8.8p1.orig/kexgsss.c 2021-12-01 16:47:29.986987978 +0100 ++++ openssh-8.8p1/kexgsss.c 2021-12-01 16:48:10.380080959 +0100 @@ -48,6 +48,7 @@ #include "digest.h" #include "ssherr.h" @@ -1415,9 +1415,9 @@ diff -Nur openssh-8.7p1.orig/kexgsss.c openssh-8.7p1/kexgsss.c + } +} #endif /* defined(GSSAPI) && defined(WITH_OPENSSL) */ -diff -Nur openssh-8.7p1.orig/Makefile.in openssh-8.7p1/Makefile.in ---- openssh-8.7p1.orig/Makefile.in 2021-10-24 07:32:35.522723825 +0200 -+++ openssh-8.7p1/Makefile.in 2021-10-24 07:33:38.872876733 +0200 +diff -Nur openssh-8.8p1.orig/Makefile.in openssh-8.8p1/Makefile.in +--- openssh-8.8p1.orig/Makefile.in 2021-12-01 16:47:29.948987890 +0100 ++++ openssh-8.8p1/Makefile.in 2021-12-01 16:48:10.381080961 +0100 @@ -128,6 +128,7 @@ auth2-none.o auth2-passwd.o auth2-pubkey.o \ monitor.o monitor_wrap.o auth-krb5.o \ @@ -1426,9 +1426,9 @@ diff -Nur openssh-8.7p1.orig/Makefile.in openssh-8.7p1/Makefile.in loginrec.o auth-pam.o auth-shadow.o auth-sia.o md5crypt.o \ srclimit.o sftp-server.o sftp-common.o \ sandbox-null.o sandbox-rlimit.o sandbox-systrace.o sandbox-darwin.o \ -diff -Nur openssh-8.7p1.orig/misc.c openssh-8.7p1/misc.c ---- openssh-8.7p1.orig/misc.c 2021-10-24 07:32:35.553723900 +0200 -+++ openssh-8.7p1/misc.c 2021-10-24 07:33:38.873876735 +0200 +diff -Nur openssh-8.8p1.orig/misc.c openssh-8.8p1/misc.c +--- openssh-8.8p1.orig/misc.c 2021-12-01 16:47:29.975987952 +0100 ++++ openssh-8.8p1/misc.c 2021-12-01 16:48:10.381080961 +0100 @@ -393,11 +393,14 @@ #define WHITESPACE " \t\r\n" #define QUOTE "\"" @@ -1488,9 +1488,9 @@ diff -Nur openssh-8.7p1.orig/misc.c openssh-8.7p1/misc.c /* * Convert ASCII string to TCP/IP port number. * Port must be >=0 and <=65535. -diff -Nur openssh-8.7p1.orig/misc.h openssh-8.7p1/misc.h ---- openssh-8.7p1.orig/misc.h 2021-10-24 07:32:35.466723690 +0200 -+++ openssh-8.7p1/misc.h 2021-10-24 07:33:38.874876737 +0200 +diff -Nur openssh-8.8p1.orig/misc.h openssh-8.8p1/misc.h +--- openssh-8.8p1.orig/misc.h 2021-12-01 16:47:29.902987784 +0100 ++++ openssh-8.8p1/misc.h 2021-12-01 16:48:10.381080961 +0100 @@ -100,6 +100,7 @@ void sock_set_v6only(int); @@ -1499,9 +1499,9 @@ diff -Nur openssh-8.7p1.orig/misc.h openssh-8.7p1/misc.h const char *ssh_gai_strerror(int); typedef void privdrop_fn(struct passwd *); -diff -Nur openssh-8.7p1.orig/monitor.c openssh-8.7p1/monitor.c ---- openssh-8.7p1.orig/monitor.c 2021-10-24 07:32:35.554723902 +0200 -+++ openssh-8.7p1/monitor.c 2021-10-24 07:33:38.875876740 +0200 +diff -Nur openssh-8.8p1.orig/monitor.c openssh-8.8p1/monitor.c +--- openssh-8.8p1.orig/monitor.c 2021-12-01 16:47:29.975987952 +0100 ++++ openssh-8.8p1/monitor.c 2021-12-01 16:48:10.382080964 +0100 @@ -152,6 +152,9 @@ int mm_answer_gss_userok(struct ssh *, int, struct sshbuf *); int mm_answer_gss_checkmic(struct ssh *, int, struct sshbuf *); @@ -1672,9 +1672,9 @@ diff -Nur openssh-8.7p1.orig/monitor.c openssh-8.7p1/monitor.c mm_answer_gss_sign(struct ssh *ssh, int socket, struct sshbuf *m) { gss_buffer_desc data; -diff -Nur openssh-8.7p1.orig/monitor.h openssh-8.7p1/monitor.h ---- openssh-8.7p1.orig/monitor.h 2021-10-24 07:32:35.523723828 +0200 -+++ openssh-8.7p1/monitor.h 2021-10-24 07:33:38.876876743 +0200 +diff -Nur openssh-8.8p1.orig/monitor.h openssh-8.8p1/monitor.h +--- openssh-8.8p1.orig/monitor.h 2021-12-01 16:47:29.951987897 +0100 ++++ openssh-8.8p1/monitor.h 2021-12-01 16:48:10.382080964 +0100 @@ -75,6 +75,10 @@ MONITOR_REQ_GSSSIGN = 150, MONITOR_ANS_GSSSIGN = 151, @@ -1686,9 +1686,9 @@ diff -Nur openssh-8.7p1.orig/monitor.h openssh-8.7p1/monitor.h }; struct ssh; -diff -Nur openssh-8.7p1.orig/monitor_wrap.c openssh-8.7p1/monitor_wrap.c ---- openssh-8.7p1.orig/monitor_wrap.c 2021-10-24 07:32:35.555723904 +0200 -+++ openssh-8.7p1/monitor_wrap.c 2021-10-24 07:33:38.876876743 +0200 +diff -Nur openssh-8.8p1.orig/monitor_wrap.c openssh-8.8p1/monitor_wrap.c +--- openssh-8.8p1.orig/monitor_wrap.c 2021-12-01 16:47:29.976987955 +0100 ++++ openssh-8.8p1/monitor_wrap.c 2021-12-01 16:48:10.383080966 +0100 @@ -1084,6 +1084,94 @@ return (authenticated); } @@ -1784,9 +1784,9 @@ diff -Nur openssh-8.7p1.orig/monitor_wrap.c openssh-8.7p1/monitor_wrap.c OM_uint32 mm_ssh_gssapi_sign(Gssctxt *ctx, gss_buffer_desc *data, gss_buffer_desc *hash) { -diff -Nur openssh-8.7p1.orig/monitor_wrap.h openssh-8.7p1/monitor_wrap.h ---- openssh-8.7p1.orig/monitor_wrap.h 2021-10-24 07:32:35.533723852 +0200 -+++ openssh-8.7p1/monitor_wrap.h 2021-10-24 07:33:38.877876745 +0200 +diff -Nur openssh-8.8p1.orig/monitor_wrap.h openssh-8.8p1/monitor_wrap.h +--- openssh-8.8p1.orig/monitor_wrap.h 2021-12-01 16:47:29.959987916 +0100 ++++ openssh-8.8p1/monitor_wrap.h 2021-12-01 16:48:10.384080968 +0100 @@ -73,6 +73,10 @@ int mm_ssh_gssapi_userok(char *user, struct passwd *, int kex); OM_uint32 mm_ssh_gssapi_checkmic(Gssctxt *, gss_buffer_t, gss_buffer_t); @@ -1798,10 +1798,10 @@ diff -Nur openssh-8.7p1.orig/monitor_wrap.h openssh-8.7p1/monitor_wrap.h int mm_ssh_gssapi_update_creds(ssh_gssapi_ccache *); #endif -diff -Nur openssh-8.7p1.orig/readconf.c openssh-8.7p1/readconf.c ---- openssh-8.7p1.orig/readconf.c 2021-10-24 07:32:35.557723909 +0200 -+++ openssh-8.7p1/readconf.c 2021-10-24 07:33:38.878876747 +0200 -@@ -2516,11 +2516,11 @@ +diff -Nur openssh-8.8p1.orig/readconf.c openssh-8.8p1/readconf.c +--- openssh-8.8p1.orig/readconf.c 2021-12-01 16:47:29.977987957 +0100 ++++ openssh-8.8p1/readconf.c 2021-12-01 16:48:10.384080968 +0100 +@@ -2543,11 +2543,11 @@ if (options->pubkey_authentication == -1) options->pubkey_authentication = 1; if (options->gss_authentication == -1) @@ -1816,9 +1816,9 @@ diff -Nur openssh-8.7p1.orig/readconf.c openssh-8.7p1/readconf.c if (options->gss_trust_dns == -1) options->gss_trust_dns = 0; if (options->gss_renewal_rekey == -1) -diff -Nur openssh-8.7p1.orig/readconf.h openssh-8.7p1/readconf.h ---- openssh-8.7p1.orig/readconf.h 2021-10-24 07:32:35.395723519 +0200 -+++ openssh-8.7p1/readconf.h 2021-10-24 07:33:38.879876750 +0200 +diff -Nur openssh-8.8p1.orig/readconf.h openssh-8.8p1/readconf.h +--- openssh-8.8p1.orig/readconf.h 2021-12-01 16:47:29.840987642 +0100 ++++ openssh-8.8p1/readconf.h 2021-12-01 16:48:10.385080970 +0100 @@ -78,6 +78,8 @@ char *host_key_alias; /* hostname alias for .ssh/known_hosts */ char *proxy_command; /* Proxy command for connecting the host. */ @@ -1828,9 +1828,9 @@ diff -Nur openssh-8.7p1.orig/readconf.h openssh-8.7p1/readconf.h int escape_char; /* Escape character; -2 = none */ u_int num_system_hostfiles; /* Paths for /etc/ssh/ssh_known_hosts */ -diff -Nur openssh-8.7p1.orig/servconf.c openssh-8.7p1/servconf.c ---- openssh-8.7p1.orig/servconf.c 2021-10-24 07:32:35.558723912 +0200 -+++ openssh-8.7p1/servconf.c 2021-10-24 07:33:38.880876752 +0200 +diff -Nur openssh-8.8p1.orig/servconf.c openssh-8.8p1/servconf.c +--- openssh-8.8p1.orig/servconf.c 2021-12-01 16:47:29.978987959 +0100 ++++ openssh-8.8p1/servconf.c 2021-12-01 16:48:10.386080973 +0100 @@ -93,6 +93,7 @@ /* Portable-specific options */ @@ -1889,7 +1889,7 @@ diff -Nur openssh-8.7p1.orig/servconf.c openssh-8.7p1/servconf.c /* Standard Options */ sPort, sHostKeyFile, sLoginGraceTime, sPermitRootLogin, sLogFacility, sLogLevel, sLogVerbose, -@@ -535,6 +544,9 @@ +@@ -533,6 +542,9 @@ sHostbasedUsesNameFromPacketOnly, sHostbasedAcceptedAlgorithms, sHostKeyAlgorithms, sPerSourceMaxStartups, sPerSourceNetBlockSize, sClientAliveInterval, sClientAliveCountMax, sAuthorizedKeysFile, @@ -1899,7 +1899,7 @@ diff -Nur openssh-8.7p1.orig/servconf.c openssh-8.7p1/servconf.c sGssAuthentication, sGssCleanupCreds, sGssEnablek5users, sGssStrictAcceptor, sGssKeyEx, sGssKexAlgorithms, sGssStoreRekey, sAcceptEnv, sSetEnv, sPermitTunnel, -@@ -567,8 +579,10 @@ +@@ -565,8 +577,10 @@ /* Portable-specific options */ #ifdef USE_PAM { "usepam", sUsePAM, SSHCFG_GLOBAL }, @@ -1910,7 +1910,7 @@ diff -Nur openssh-8.7p1.orig/servconf.c openssh-8.7p1/servconf.c #endif { "pamauthenticationviakbdint", sDeprecated, SSHCFG_GLOBAL }, /* Standard Options */ -@@ -621,8 +635,15 @@ +@@ -619,8 +633,15 @@ { "afstokenpassing", sUnsupported, SSHCFG_GLOBAL }, #ifdef GSSAPI { "gssapiauthentication", sGssAuthentication, SSHCFG_ALL }, @@ -1926,7 +1926,7 @@ diff -Nur openssh-8.7p1.orig/servconf.c openssh-8.7p1/servconf.c { "gssapistrictacceptorcheck", sGssStrictAcceptor, SSHCFG_GLOBAL }, { "gssapikeyexchange", sGssKeyEx, SSHCFG_GLOBAL }, { "gssapistorecredentialsonrekey", sGssStoreRekey, SSHCFG_GLOBAL }, -@@ -630,8 +651,11 @@ +@@ -628,8 +649,11 @@ { "gssapienablek5users", sGssEnablek5users, SSHCFG_ALL }, #else { "gssapiauthentication", sUnsupported, SSHCFG_ALL }, @@ -1938,7 +1938,7 @@ diff -Nur openssh-8.7p1.orig/servconf.c openssh-8.7p1/servconf.c { "gssapistrictacceptorcheck", sUnsupported, SSHCFG_GLOBAL }, { "gssapikeyexchange", sUnsupported, SSHCFG_GLOBAL }, { "gssapistorecredentialsonrekey", sUnsupported, SSHCFG_GLOBAL }, -@@ -703,6 +727,8 @@ +@@ -701,6 +725,8 @@ { "permitlisten", sPermitListen, SSHCFG_ALL }, { "forcecommand", sForceCommand, SSHCFG_ALL }, { "chrootdirectory", sChrootDirectory, SSHCFG_ALL }, @@ -1947,7 +1947,7 @@ diff -Nur openssh-8.7p1.orig/servconf.c openssh-8.7p1/servconf.c { "hostcertificate", sHostCertificate, SSHCFG_GLOBAL }, { "revokedkeys", sRevokedKeys, SSHCFG_ALL }, { "trustedusercakeys", sTrustedUserCAKeys, SSHCFG_ALL }, -@@ -1381,6 +1407,10 @@ +@@ -1379,6 +1405,10 @@ intptr = &options->use_pam; goto parse_flag; @@ -1958,7 +1958,7 @@ diff -Nur openssh-8.7p1.orig/servconf.c openssh-8.7p1/servconf.c /* Standard Options */ case sBadOption: goto out; -@@ -1628,6 +1658,10 @@ +@@ -1626,6 +1656,10 @@ intptr = &options->gss_authentication; goto parse_flag; @@ -1969,7 +1969,7 @@ diff -Nur openssh-8.7p1.orig/servconf.c openssh-8.7p1/servconf.c case sGssKeyEx: intptr = &options->gss_keyex; goto parse_flag; -@@ -1636,6 +1670,10 @@ +@@ -1634,6 +1668,10 @@ intptr = &options->gss_cleanup_creds; goto parse_flag; @@ -1980,7 +1980,7 @@ diff -Nur openssh-8.7p1.orig/servconf.c openssh-8.7p1/servconf.c case sGssStrictAcceptor: intptr = &options->gss_strict_acceptor; goto parse_flag; -@@ -1656,6 +1694,12 @@ +@@ -1654,6 +1692,12 @@ options->gss_kex_algorithms = xstrdup(arg); break; @@ -1993,7 +1993,7 @@ diff -Nur openssh-8.7p1.orig/servconf.c openssh-8.7p1/servconf.c case sPasswordAuthentication: intptr = &options->password_authentication; goto parse_flag; -@@ -2661,6 +2705,7 @@ +@@ -2659,6 +2703,7 @@ M_CP_INTOPT(password_authentication); M_CP_INTOPT(gss_authentication); @@ -2001,9 +2001,9 @@ diff -Nur openssh-8.7p1.orig/servconf.c openssh-8.7p1/servconf.c M_CP_INTOPT(pubkey_authentication); M_CP_INTOPT(pubkey_auth_options); M_CP_INTOPT(kerberos_authentication); -diff -Nur openssh-8.7p1.orig/servconf.h openssh-8.7p1/servconf.h ---- openssh-8.7p1.orig/servconf.h 2021-10-24 07:32:35.456723666 +0200 -+++ openssh-8.7p1/servconf.h 2021-10-24 07:33:38.881876754 +0200 +diff -Nur openssh-8.8p1.orig/servconf.h openssh-8.8p1/servconf.h +--- openssh-8.8p1.orig/servconf.h 2021-12-01 16:47:29.894987766 +0100 ++++ openssh-8.8p1/servconf.h 2021-12-01 16:48:10.387080975 +0100 @@ -146,9 +146,12 @@ * be stored in per-session ccache */ int use_kuserok; @@ -2025,10 +2025,10 @@ diff -Nur openssh-8.7p1.orig/servconf.h openssh-8.7p1/servconf.h int permit_tun; -diff -Nur openssh-8.7p1.orig/ssh.1 openssh-8.7p1/ssh.1 ---- openssh-8.7p1.orig/ssh.1 2021-10-24 07:32:35.397723524 +0200 -+++ openssh-8.7p1/ssh.1 2021-10-24 07:33:38.882876757 +0200 -@@ -1492,6 +1492,18 @@ +diff -Nur openssh-8.8p1.orig/ssh.1 openssh-8.8p1/ssh.1 +--- openssh-8.8p1.orig/ssh.1 2021-12-01 16:47:29.843987649 +0100 ++++ openssh-8.8p1/ssh.1 2021-12-01 16:48:10.387080975 +0100 +@@ -1501,6 +1501,18 @@ on to new connections). .It Ev USER Set to the name of the user logging in. @@ -2047,10 +2047,10 @@ diff -Nur openssh-8.7p1.orig/ssh.1 openssh-8.7p1/ssh.1 .El .Pp Additionally, -diff -Nur openssh-8.7p1.orig/ssh.c openssh-8.7p1/ssh.c ---- openssh-8.7p1.orig/ssh.c 2021-10-24 07:32:35.562723921 +0200 -+++ openssh-8.7p1/ssh.c 2021-10-24 07:33:38.883876759 +0200 -@@ -558,6 +558,38 @@ +diff -Nur openssh-8.8p1.orig/ssh.c openssh-8.8p1/ssh.c +--- openssh-8.8p1.orig/ssh.c 2021-12-01 16:47:29.981987966 +0100 ++++ openssh-8.8p1/ssh.c 2021-12-01 16:48:10.388080977 +0100 +@@ -559,6 +559,38 @@ fatal("Can't open user config file %.100s: " "%.100s", config, strerror(errno)); } else { @@ -2089,7 +2089,7 @@ diff -Nur openssh-8.7p1.orig/ssh.c openssh-8.7p1/ssh.c r = snprintf(buf, sizeof buf, "%s/%s", pw->pw_dir, _PATH_SSH_USER_CONFFILE); if (r > 0 && (size_t)r < sizeof(buf)) -@@ -1236,8 +1268,12 @@ +@@ -1237,8 +1269,12 @@ if (fill_default_options(&options) != 0) cleanup_exit(255); @@ -2103,9 +2103,9 @@ diff -Nur openssh-8.7p1.orig/ssh.c openssh-8.7p1/ssh.c /* * If ProxyJump option specified, then construct a ProxyCommand now. -diff -Nur openssh-8.7p1.orig/ssh_config openssh-8.7p1/ssh_config ---- openssh-8.7p1.orig/ssh_config 2021-10-24 07:32:35.398723526 +0200 -+++ openssh-8.7p1/ssh_config 2021-10-24 07:33:38.884876762 +0200 +diff -Nur openssh-8.8p1.orig/ssh_config openssh-8.8p1/ssh_config +--- openssh-8.8p1.orig/ssh_config 2021-12-01 16:47:29.843987649 +0100 ++++ openssh-8.8p1/ssh_config 2021-12-01 16:48:10.388080977 +0100 @@ -22,9 +22,9 @@ # ForwardX11 no # PasswordAuthentication yes @@ -2119,9 +2119,9 @@ diff -Nur openssh-8.7p1.orig/ssh_config openssh-8.7p1/ssh_config # GSSAPITrustDNS no # BatchMode no # CheckHostIP yes -diff -Nur openssh-8.7p1.orig/ssh_config.5 openssh-8.7p1/ssh_config.5 ---- openssh-8.7p1.orig/ssh_config.5 2021-10-24 07:32:35.489723746 +0200 -+++ openssh-8.7p1/ssh_config.5 2021-10-24 07:33:38.885876764 +0200 +diff -Nur openssh-8.8p1.orig/ssh_config.5 openssh-8.8p1/ssh_config.5 +--- openssh-8.8p1.orig/ssh_config.5 2021-12-01 16:47:29.920987826 +0100 ++++ openssh-8.8p1/ssh_config.5 2021-12-01 16:48:10.389080980 +0100 @@ -52,6 +52,12 @@ user's configuration file .Pq Pa ~/.ssh/config @@ -2135,7 +2135,7 @@ diff -Nur openssh-8.7p1.orig/ssh_config.5 openssh-8.7p1/ssh_config.5 system-wide configuration file .Pq Pa /etc/ssh/ssh_config .El -@@ -821,7 +827,7 @@ +@@ -826,7 +832,7 @@ .It Cm GSSAPIAuthentication Specifies whether user authentication based on GSSAPI is allowed. The default is @@ -2144,7 +2144,7 @@ diff -Nur openssh-8.7p1.orig/ssh_config.5 openssh-8.7p1/ssh_config.5 .It Cm GSSAPIClientIdentity If set, specifies the GSSAPI client identity that ssh should use when connecting to the server. The default is unset, which means that the default -@@ -829,12 +835,12 @@ +@@ -834,12 +840,12 @@ .It Cm GSSAPIDelegateCredentials Forward (delegate) credentials to the server. The default is @@ -2159,7 +2159,7 @@ diff -Nur openssh-8.7p1.orig/ssh_config.5 openssh-8.7p1/ssh_config.5 .It Cm GSSAPIRenewalForcesRekey If set to .Dq yes -@@ -1458,7 +1464,7 @@ +@@ -1461,7 +1467,7 @@ .Cm password ) . The default is: .Bd -literal -offset indent @@ -2168,9 +2168,9 @@ diff -Nur openssh-8.7p1.orig/ssh_config.5 openssh-8.7p1/ssh_config.5 keyboard-interactive,password .Ed .It Cm ProxyCommand -diff -Nur openssh-8.7p1.orig/sshconnect2.c openssh-8.7p1/sshconnect2.c ---- openssh-8.7p1.orig/sshconnect2.c 2021-10-24 07:32:35.542723873 +0200 -+++ openssh-8.7p1/sshconnect2.c 2021-10-24 07:33:38.886876767 +0200 +diff -Nur openssh-8.8p1.orig/sshconnect2.c openssh-8.8p1/sshconnect2.c +--- openssh-8.8p1.orig/sshconnect2.c 2021-12-01 16:47:29.966987932 +0100 ++++ openssh-8.8p1/sshconnect2.c 2021-12-01 16:48:10.390080982 +0100 @@ -860,6 +860,11 @@ gss_OID mech = NULL; char *gss_host = NULL; @@ -2238,10 +2238,10 @@ diff -Nur openssh-8.7p1.orig/sshconnect2.c openssh-8.7p1/sshconnect2.c (r = sshpkt_put_cstring(ssh, authctxt->service)) != 0 || (r = sshpkt_put_cstring(ssh, authctxt->method->name)) != 0 || (r = sshpkt_put_string(ssh, mic.value, mic.length)) != 0 || -diff -Nur openssh-8.7p1.orig/sshd.8 openssh-8.7p1/sshd.8 ---- openssh-8.7p1.orig/sshd.8 2021-10-24 07:32:35.418723575 +0200 -+++ openssh-8.7p1/sshd.8 2021-10-24 07:33:38.887876769 +0200 -@@ -818,6 +818,29 @@ +diff -Nur openssh-8.8p1.orig/sshd.8 openssh-8.8p1/sshd.8 +--- openssh-8.8p1.orig/sshd.8 2021-12-01 16:47:29.861987690 +0100 ++++ openssh-8.8p1/sshd.8 2021-12-01 16:48:10.390080982 +0100 +@@ -823,6 +823,29 @@ # A CA key, accepted for any host in *.mydomain.com or *.mydomain.org @cert-authority *.mydomain.org,*.mydomain.com ssh-rsa AAAAB5W... .Ed @@ -2271,9 +2271,9 @@ diff -Nur openssh-8.7p1.orig/sshd.8 openssh-8.7p1/sshd.8 .Sh FILES .Bl -tag -width Ds -compact .It Pa ~/.hushlogin -diff -Nur openssh-8.7p1.orig/sshd.c openssh-8.7p1/sshd.c ---- openssh-8.7p1.orig/sshd.c 2021-10-24 07:32:35.563723924 +0200 -+++ openssh-8.7p1/sshd.c 2021-10-24 07:33:38.888876772 +0200 +diff -Nur openssh-8.8p1.orig/sshd.c openssh-8.8p1/sshd.c +--- openssh-8.8p1.orig/sshd.c 2021-12-01 16:47:29.982987968 +0100 ++++ openssh-8.8p1/sshd.c 2021-12-01 16:48:10.391080984 +0100 @@ -2380,7 +2380,7 @@ #endif @@ -2283,9 +2283,9 @@ diff -Nur openssh-8.7p1.orig/sshd.c openssh-8.7p1/sshd.c temporarily_use_uid(authctxt->pw); authctxt->krb5_set_env = ssh_gssapi_storecreds(); restore_uid(); -diff -Nur openssh-8.7p1.orig/sshd_config openssh-8.7p1/sshd_config ---- openssh-8.7p1.orig/sshd_config 2021-10-24 07:32:35.443723635 +0200 -+++ openssh-8.7p1/sshd_config 2021-10-24 07:33:38.889876774 +0200 +diff -Nur openssh-8.8p1.orig/sshd_config openssh-8.8p1/sshd_config +--- openssh-8.8p1.orig/sshd_config 2021-12-01 16:47:29.880987734 +0100 ++++ openssh-8.8p1/sshd_config 2021-12-01 16:48:10.392080987 +0100 @@ -76,10 +76,11 @@ #KerberosUseKuserok yes @@ -2311,9 +2311,9 @@ diff -Nur openssh-8.7p1.orig/sshd_config openssh-8.7p1/sshd_config #AllowAgentForwarding yes #AllowTcpForwarding yes #GatewayPorts no -diff -Nur openssh-8.7p1.orig/sshd_config.5 openssh-8.7p1/sshd_config.5 ---- openssh-8.7p1.orig/sshd_config.5 2021-10-24 07:32:35.490723748 +0200 -+++ openssh-8.7p1/sshd_config.5 2021-10-24 07:33:38.890876776 +0200 +diff -Nur openssh-8.8p1.orig/sshd_config.5 openssh-8.8p1/sshd_config.5 +--- openssh-8.8p1.orig/sshd_config.5 2021-12-01 16:47:29.920987826 +0100 ++++ openssh-8.8p1/sshd_config.5 2021-12-01 16:48:10.392080987 +0100 @@ -635,15 +635,34 @@ to allow the client to select the address to which the forwarding is bound. The default is @@ -2372,9 +2372,9 @@ diff -Nur openssh-8.7p1.orig/sshd_config.5 openssh-8.7p1/sshd_config.5 .It Cm VersionAddendum Optionally specifies additional text to append to the SSH protocol banner sent by the server upon connection. -diff -Nur openssh-8.7p1.orig/sshd_config_redhat openssh-8.7p1/sshd_config_redhat ---- openssh-8.7p1.orig/sshd_config_redhat 2021-10-24 07:32:35.382723488 +0200 -+++ openssh-8.7p1/sshd_config_redhat 2021-10-24 07:33:38.891876779 +0200 +diff -Nur openssh-8.8p1.orig/sshd_config_redhat openssh-8.8p1/sshd_config_redhat +--- openssh-8.8p1.orig/sshd_config_redhat 2021-12-01 16:47:29.826987609 +0100 ++++ openssh-8.8p1/sshd_config_redhat 2021-12-01 16:48:10.392080987 +0100 @@ -9,9 +9,6 @@ ChallengeResponseAuthentication no @@ -2385,9 +2385,9 @@ diff -Nur openssh-8.7p1.orig/sshd_config_redhat openssh-8.7p1/sshd_config_redhat UsePAM yes X11Forwarding yes -diff -Nur openssh-8.7p1.orig/ssh-gss.h openssh-8.7p1/ssh-gss.h ---- openssh-8.7p1.orig/ssh-gss.h 2021-10-24 07:32:35.415723567 +0200 -+++ openssh-8.7p1/ssh-gss.h 2021-10-24 07:33:38.891876779 +0200 +diff -Nur openssh-8.8p1.orig/ssh-gss.h openssh-8.8p1/ssh-gss.h +--- openssh-8.8p1.orig/ssh-gss.h 2021-12-01 16:47:29.857987681 +0100 ++++ openssh-8.8p1/ssh-gss.h 2021-12-01 16:48:10.393080989 +0100 @@ -97,12 +97,14 @@ } ssh_gssapi_ccache; @@ -2423,12 +2423,12 @@ diff -Nur openssh-8.7p1.orig/ssh-gss.h openssh-8.7p1/ssh-gss.h /* In the server */ typedef int ssh_gssapi_check_fn(Gssctxt **, gss_OID, const char *, const char *); -diff -Nur openssh-8.7p1.orig/version.h openssh-8.7p1/version.h ---- openssh-8.7p1.orig/version.h 2021-08-20 06:03:49.000000000 +0200 -+++ openssh-8.7p1/version.h 2021-10-24 07:33:38.891876779 +0200 +diff -Nur openssh-8.8p1.orig/version.h openssh-8.8p1/version.h +--- openssh-8.8p1.orig/version.h 2021-09-26 16:03:19.000000000 +0200 ++++ openssh-8.8p1/version.h 2021-12-01 16:48:10.393080989 +0100 @@ -2,5 +2,19 @@ - #define SSH_VERSION "OpenSSH_8.7" + #define SSH_VERSION "OpenSSH_8.8" +#ifdef GSI +#define GSI_VERSION " GSI" diff --git a/openssh-8.7p1-hpn-15.2-modified.patch b/openssh-8.8p1-hpn-15.2-modified.patch similarity index 90% rename from openssh-8.7p1-hpn-15.2-modified.patch rename to openssh-8.8p1-hpn-15.2-modified.patch index 75a4908..4f68944 100644 --- a/openssh-8.7p1-hpn-15.2-modified.patch +++ b/openssh-8.8p1-hpn-15.2-modified.patch @@ -1,6 +1,6 @@ -diff -Nur openssh-8.7p1.orig/auth2.c openssh-8.7p1/auth2.c ---- openssh-8.7p1.orig/auth2.c 2021-10-24 07:54:36.863834186 +0200 -+++ openssh-8.7p1/auth2.c 2021-10-24 07:56:04.844029990 +0200 +diff -Nur openssh-8.8p1.orig/auth2.c openssh-8.8p1/auth2.c +--- openssh-8.8p1.orig/auth2.c 2021-12-01 16:50:22.511385558 +0100 ++++ openssh-8.8p1/auth2.c 2021-12-01 16:51:00.919474114 +0100 @@ -53,6 +53,8 @@ #include "dispatch.h" #include "pathnames.h" @@ -31,9 +31,9 @@ diff -Nur openssh-8.7p1.orig/auth2.c openssh-8.7p1/auth2.c debug("attempt %d failures %d", authctxt->attempt, authctxt->failures); #ifdef WITH_SELINUX -diff -Nur openssh-8.7p1.orig/channels.c openssh-8.7p1/channels.c ---- openssh-8.7p1.orig/channels.c 2021-10-24 07:54:36.849834155 +0200 -+++ openssh-8.7p1/channels.c 2021-10-24 07:56:04.845029992 +0200 +diff -Nur openssh-8.8p1.orig/channels.c openssh-8.8p1/channels.c +--- openssh-8.8p1.orig/channels.c 2021-12-01 16:50:22.496385524 +0100 ++++ openssh-8.8p1/channels.c 2021-12-01 16:51:00.921474119 +0100 @@ -220,6 +220,9 @@ /* Setup helper */ static void channel_handler_init(struct ssh_channels *sc); @@ -52,7 +52,7 @@ diff -Nur openssh-8.7p1.orig/channels.c openssh-8.7p1/channels.c c->remote_name = xstrdup(remote_name); c->ctl_chan = -1; c->delayed = 1; /* prevent call to channel_post handler */ -@@ -1108,6 +1112,28 @@ +@@ -1110,6 +1114,28 @@ FD_SET(c->sock, writeset); } @@ -81,7 +81,7 @@ diff -Nur openssh-8.7p1.orig/channels.c openssh-8.7p1/channels.c static void channel_pre_open(struct ssh *ssh, Channel *c, fd_set *readset, fd_set *writeset) -@@ -2147,22 +2173,31 @@ +@@ -2149,22 +2175,31 @@ if (c->type == SSH_CHANNEL_OPEN && !(c->flags & (CHAN_CLOSE_SENT|CHAN_CLOSE_RCVD)) && @@ -118,7 +118,7 @@ diff -Nur openssh-8.7p1.orig/channels.c openssh-8.7p1/channels.c c->local_consumed = 0; } return 1; -@@ -3329,6 +3364,14 @@ +@@ -3331,6 +3366,14 @@ return addr; } @@ -133,7 +133,7 @@ diff -Nur openssh-8.7p1.orig/channels.c openssh-8.7p1/channels.c static int channel_setup_fwd_listener_tcpip(struct ssh *ssh, int type, struct Forward *fwd, int *allocated_listen_port, -@@ -3468,8 +3511,10 @@ +@@ -3470,8 +3513,10 @@ } /* Allocate a channel number for the socket. */ @@ -145,7 +145,7 @@ diff -Nur openssh-8.7p1.orig/channels.c openssh-8.7p1/channels.c 0, "port listener", 1); c->path = xstrdup(host); c->host_port = fwd->connect_port; -@@ -4655,7 +4700,8 @@ +@@ -4657,7 +4702,8 @@ sock = socks[n]; nc = channel_new(ssh, "x11 listener", SSH_CHANNEL_X11_LISTENER, sock, sock, -1, @@ -155,9 +155,9 @@ diff -Nur openssh-8.7p1.orig/channels.c openssh-8.7p1/channels.c 0, "X11 inet listener", 1); nc->single_connection = single_connection; (*chanids)[n] = nc->self; -diff -Nur openssh-8.7p1.orig/channels.h openssh-8.7p1/channels.h ---- openssh-8.7p1.orig/channels.h 2021-10-24 07:54:36.785834012 +0200 -+++ openssh-8.7p1/channels.h 2021-10-24 07:56:04.846029995 +0200 +diff -Nur openssh-8.8p1.orig/channels.h openssh-8.8p1/channels.h +--- openssh-8.8p1.orig/channels.h 2021-12-01 16:50:22.421385351 +0100 ++++ openssh-8.8p1/channels.h 2021-12-01 16:51:00.922474121 +0100 @@ -169,8 +169,10 @@ u_int local_window_max; u_int local_consumed; @@ -186,9 +186,9 @@ diff -Nur openssh-8.7p1.orig/channels.h openssh-8.7p1/channels.h +void channel_set_hpn(int, int); + #endif -diff -Nur openssh-8.7p1.orig/cipher.c openssh-8.7p1/cipher.c ---- openssh-8.7p1.orig/cipher.c 2021-10-24 07:54:36.828834108 +0200 -+++ openssh-8.7p1/cipher.c 2021-10-24 07:56:04.847029997 +0200 +diff -Nur openssh-8.8p1.orig/cipher.c openssh-8.8p1/cipher.c +--- openssh-8.8p1.orig/cipher.c 2021-12-01 16:50:22.475385475 +0100 ++++ openssh-8.8p1/cipher.c 2021-12-01 16:51:00.923474123 +0100 @@ -48,6 +48,7 @@ #include "sshbuf.h" #include "ssherr.h" @@ -269,9 +269,9 @@ diff -Nur openssh-8.7p1.orig/cipher.c openssh-8.7p1/cipher.c free(cipher_list); return 0; } -diff -Nur openssh-8.7p1.orig/cipher-ctr-mt.c openssh-8.7p1/cipher-ctr-mt.c ---- openssh-8.7p1.orig/cipher-ctr-mt.c 1970-01-01 01:00:00.000000000 +0100 -+++ openssh-8.7p1/cipher-ctr-mt.c 2021-10-24 07:56:04.848029999 +0200 +diff -Nur openssh-8.8p1.orig/cipher-ctr-mt.c openssh-8.8p1/cipher-ctr-mt.c +--- openssh-8.8p1.orig/cipher-ctr-mt.c 1970-01-01 01:00:00.000000000 +0100 ++++ openssh-8.8p1/cipher-ctr-mt.c 2021-12-01 16:51:00.923474123 +0100 @@ -0,0 +1,678 @@ +/* + * OpenSSH Multi-threaded AES-CTR Cipher @@ -951,9 +951,9 @@ diff -Nur openssh-8.7p1.orig/cipher-ctr-mt.c openssh-8.7p1/cipher-ctr-mt.c +} + +#endif /* defined(WITH_OPENSSL) */ -diff -Nur openssh-8.7p1.orig/cipher.h openssh-8.7p1/cipher.h ---- openssh-8.7p1.orig/cipher.h 2021-10-24 07:54:36.829834110 +0200 -+++ openssh-8.7p1/cipher.h 2021-10-24 07:56:04.848029999 +0200 +diff -Nur openssh-8.8p1.orig/cipher.h openssh-8.8p1/cipher.h +--- openssh-8.8p1.orig/cipher.h 2021-12-01 16:50:22.475385475 +0100 ++++ openssh-8.8p1/cipher.h 2021-12-01 16:51:00.924474126 +0100 @@ -68,7 +68,9 @@ struct sshcipher_ctx; @@ -974,10 +974,10 @@ diff -Nur openssh-8.7p1.orig/cipher.h openssh-8.7p1/cipher.h u_int cipher_ctx_is_plaintext(struct sshcipher_ctx *); -diff -Nur openssh-8.7p1.orig/clientloop.c openssh-8.7p1/clientloop.c ---- openssh-8.7p1.orig/clientloop.c 2021-10-24 07:54:36.738833908 +0200 -+++ openssh-8.7p1/clientloop.c 2021-10-24 07:56:04.849030001 +0200 -@@ -1582,7 +1582,9 @@ +diff -Nur openssh-8.8p1.orig/clientloop.c openssh-8.8p1/clientloop.c +--- openssh-8.8p1.orig/clientloop.c 2021-12-01 16:50:22.361385212 +0100 ++++ openssh-8.8p1/clientloop.c 2021-12-01 16:51:00.925474128 +0100 +@@ -1583,7 +1583,9 @@ return NULL; c = channel_new(ssh, "x11", SSH_CHANNEL_X11_OPEN, sock, sock, -1, @@ -988,7 +988,7 @@ diff -Nur openssh-8.7p1.orig/clientloop.c openssh-8.7p1/clientloop.c c->force_drain = 1; return c; } -@@ -1611,7 +1613,8 @@ +@@ -1612,7 +1614,8 @@ } c = channel_new(ssh, "authentication agent connection", SSH_CHANNEL_OPEN, sock, sock, -1, @@ -998,7 +998,7 @@ diff -Nur openssh-8.7p1.orig/clientloop.c openssh-8.7p1/clientloop.c "authentication agent connection", 1); c->force_drain = 1; return c; -@@ -1638,7 +1641,8 @@ +@@ -1639,7 +1642,8 @@ debug("Tunnel forwarding using interface %s", ifname); c = channel_new(ssh, "tun", SSH_CHANNEL_OPENING, fd, fd, -1, @@ -1008,10 +1008,10 @@ diff -Nur openssh-8.7p1.orig/clientloop.c openssh-8.7p1/clientloop.c c->datagram = 1; #if defined(SSH_TUN_FILTER) -diff -Nur openssh-8.7p1.orig/compat.c openssh-8.7p1/compat.c ---- openssh-8.7p1.orig/compat.c 2021-10-24 07:54:36.849834155 +0200 -+++ openssh-8.7p1/compat.c 2021-10-24 07:56:04.850030003 +0200 -@@ -151,6 +151,17 @@ +diff -Nur openssh-8.8p1.orig/compat.c openssh-8.8p1/compat.c +--- openssh-8.8p1.orig/compat.c 2021-12-01 16:50:22.497385526 +0100 ++++ openssh-8.8p1/compat.c 2021-12-01 16:51:00.925474128 +0100 +@@ -150,6 +150,17 @@ debug_f("match: %s pat %s compat 0x%08x", version, check[i].pat, check[i].bugs); ssh->compat = check[i].bugs; @@ -1029,9 +1029,9 @@ diff -Nur openssh-8.7p1.orig/compat.c openssh-8.7p1/compat.c return; } } -diff -Nur openssh-8.7p1.orig/compat.h openssh-8.7p1/compat.h ---- openssh-8.7p1.orig/compat.h 2021-08-20 06:03:49.000000000 +0200 -+++ openssh-8.7p1/compat.h 2021-10-24 07:56:04.850030003 +0200 +diff -Nur openssh-8.8p1.orig/compat.h openssh-8.8p1/compat.h +--- openssh-8.8p1.orig/compat.h 2021-09-26 16:03:19.000000000 +0200 ++++ openssh-8.8p1/compat.h 2021-12-01 16:51:00.926474130 +0100 @@ -57,6 +57,7 @@ #define SSH_BUG_CURVE25519PAD 0x10000000 #define SSH_BUG_HOSTKEYS 0x20000000 @@ -1040,9 +1040,9 @@ diff -Nur openssh-8.7p1.orig/compat.h openssh-8.7p1/compat.h struct ssh; -diff -Nur openssh-8.7p1.orig/defines.h openssh-8.7p1/defines.h ---- openssh-8.7p1.orig/defines.h 2021-08-20 06:03:49.000000000 +0200 -+++ openssh-8.7p1/defines.h 2021-10-24 07:56:04.851030005 +0200 +diff -Nur openssh-8.8p1.orig/defines.h openssh-8.8p1/defines.h +--- openssh-8.8p1.orig/defines.h 2021-09-26 16:03:19.000000000 +0200 ++++ openssh-8.8p1/defines.h 2021-12-01 16:51:00.927474132 +0100 @@ -854,7 +854,7 @@ #endif @@ -1052,9 +1052,9 @@ diff -Nur openssh-8.7p1.orig/defines.h openssh-8.7p1/defines.h #endif /* -diff -Nur openssh-8.7p1.orig/digest.h openssh-8.7p1/digest.h ---- openssh-8.7p1.orig/digest.h 2021-10-24 07:54:36.811834070 +0200 -+++ openssh-8.7p1/digest.h 2021-10-24 07:56:04.852030007 +0200 +diff -Nur openssh-8.8p1.orig/digest.h openssh-8.8p1/digest.h +--- openssh-8.8p1.orig/digest.h 2021-12-01 16:50:22.451385420 +0100 ++++ openssh-8.8p1/digest.h 2021-12-01 16:51:00.927474132 +0100 @@ -27,7 +27,8 @@ #define SSH_DIGEST_SHA256 2 #define SSH_DIGEST_SHA384 3 @@ -1065,9 +1065,9 @@ diff -Nur openssh-8.7p1.orig/digest.h openssh-8.7p1/digest.h struct sshbuf; struct ssh_digest_ctx; -diff -Nur openssh-8.7p1.orig/digest-openssl.c openssh-8.7p1/digest-openssl.c ---- openssh-8.7p1.orig/digest-openssl.c 2021-10-24 07:54:36.810834068 +0200 -+++ openssh-8.7p1/digest-openssl.c 2021-10-24 07:56:04.852030007 +0200 +diff -Nur openssh-8.8p1.orig/digest-openssl.c openssh-8.8p1/digest-openssl.c +--- openssh-8.8p1.orig/digest-openssl.c 2021-12-01 16:50:22.451385420 +0100 ++++ openssh-8.8p1/digest-openssl.c 2021-12-01 16:51:00.927474132 +0100 @@ -61,6 +61,7 @@ { SSH_DIGEST_SHA256, "SHA256", 32, EVP_sha256 }, { SSH_DIGEST_SHA384, "SHA384", 48, EVP_sha384 }, @@ -1076,9 +1076,9 @@ diff -Nur openssh-8.7p1.orig/digest-openssl.c openssh-8.7p1/digest-openssl.c { -1, NULL, 0, NULL }, }; -diff -Nur openssh-8.7p1.orig/HPN-README openssh-8.7p1/HPN-README ---- openssh-8.7p1.orig/HPN-README 1970-01-01 01:00:00.000000000 +0100 -+++ openssh-8.7p1/HPN-README 2021-10-24 07:56:04.852030007 +0200 +diff -Nur openssh-8.8p1.orig/HPN-README openssh-8.8p1/HPN-README +--- openssh-8.8p1.orig/HPN-README 1970-01-01 01:00:00.000000000 +0100 ++++ openssh-8.8p1/HPN-README 2021-12-01 16:51:00.928474135 +0100 @@ -0,0 +1,153 @@ +Notes: + @@ -1233,9 +1233,9 @@ diff -Nur openssh-8.7p1.orig/HPN-README openssh-8.7p1/HPN-README + Allan Jude provided the code for the NoneMac and buffer normalization. + This work was financed, in part, by Cisco System, Inc., the National + Library of Medicine, and the National Science Foundation. -diff -Nur openssh-8.7p1.orig/kex.c openssh-8.7p1/kex.c ---- openssh-8.7p1.orig/kex.c 2021-10-24 07:54:36.841834137 +0200 -+++ openssh-8.7p1/kex.c 2021-10-24 07:56:04.853030010 +0200 +diff -Nur openssh-8.8p1.orig/kex.c openssh-8.8p1/kex.c +--- openssh-8.8p1.orig/kex.c 2021-12-01 16:50:22.487385503 +0100 ++++ openssh-8.8p1/kex.c 2021-12-01 16:51:00.929474137 +0100 @@ -64,6 +64,7 @@ #include "ssherr.h" @@ -1321,9 +1321,9 @@ diff -Nur openssh-8.7p1.orig/kex.c openssh-8.7p1/kex.c debug("Remote protocol version %d.%d, remote software version %.100s", remote_major, remote_minor, remote_version); compat_banner(ssh, remote_version); -diff -Nur openssh-8.7p1.orig/log.c openssh-8.7p1/log.c ---- openssh-8.7p1.orig/log.c 2021-10-24 07:54:36.769833977 +0200 -+++ openssh-8.7p1/log.c 2021-10-24 07:56:04.853030010 +0200 +diff -Nur openssh-8.8p1.orig/log.c openssh-8.8p1/log.c +--- openssh-8.8p1.orig/log.c 2021-12-01 16:50:22.401385305 +0100 ++++ openssh-8.8p1/log.c 2021-12-01 16:51:00.929474137 +0100 @@ -46,6 +46,11 @@ #include #include @@ -1345,9 +1345,9 @@ diff -Nur openssh-8.7p1.orig/log.c openssh-8.7p1/log.c #define LOG_SYSLOG_VIS (VIS_CSTYLE|VIS_NL|VIS_TAB|VIS_OCTAL) #define LOG_STDERR_VIS (VIS_SAFE|VIS_OCTAL) -diff -Nur openssh-8.7p1.orig/mac.c openssh-8.7p1/mac.c ---- openssh-8.7p1.orig/mac.c 2021-10-24 07:54:36.830834112 +0200 -+++ openssh-8.7p1/mac.c 2021-10-24 07:56:04.854030012 +0200 +diff -Nur openssh-8.8p1.orig/mac.c openssh-8.8p1/mac.c +--- openssh-8.8p1.orig/mac.c 2021-12-01 16:50:22.476385477 +0100 ++++ openssh-8.8p1/mac.c 2021-12-01 16:51:00.929474137 +0100 @@ -63,6 +63,7 @@ { "hmac-sha2-512", SSH_DIGEST, SSH_DIGEST_SHA512, 0, 0, 0, 0 }, { "hmac-md5", SSH_DIGEST, SSH_DIGEST_MD5, 0, 0, 0, 0 }, @@ -1356,9 +1356,9 @@ diff -Nur openssh-8.7p1.orig/mac.c openssh-8.7p1/mac.c { "umac-64@openssh.com", SSH_UMAC, 0, 0, 128, 64, 0 }, { "umac-128@openssh.com", SSH_UMAC128, 0, 0, 128, 128, 0 }, -diff -Nur openssh-8.7p1.orig/Makefile.in openssh-8.7p1/Makefile.in ---- openssh-8.7p1.orig/Makefile.in 2021-10-24 07:54:36.867834195 +0200 -+++ openssh-8.7p1/Makefile.in 2021-10-24 07:56:04.854030012 +0200 +diff -Nur openssh-8.8p1.orig/Makefile.in openssh-8.8p1/Makefile.in +--- openssh-8.8p1.orig/Makefile.in 2021-12-01 16:50:22.516385570 +0100 ++++ openssh-8.8p1/Makefile.in 2021-12-01 16:51:00.930474139 +0100 @@ -48,7 +48,7 @@ CFLAGS_NOPIE=@CFLAGS_NOPIE@ CPPFLAGS=-I. -I$(srcdir) @CPPFLAGS@ $(PATHS) @DEFS@ @@ -1377,9 +1377,9 @@ diff -Nur openssh-8.7p1.orig/Makefile.in openssh-8.7p1/Makefile.in compat.o fatal.o hostfile.o \ log.o match.o moduli.o nchan.o packet.o \ readpass.o ttymodes.o xmalloc.o addr.o addrmatch.o \ -diff -Nur openssh-8.7p1.orig/packet.c openssh-8.7p1/packet.c ---- openssh-8.7p1.orig/packet.c 2021-10-24 07:54:36.832834117 +0200 -+++ openssh-8.7p1/packet.c 2021-10-24 07:56:04.855030014 +0200 +diff -Nur openssh-8.8p1.orig/packet.c openssh-8.8p1/packet.c +--- openssh-8.8p1.orig/packet.c 2021-12-01 16:50:22.479385484 +0100 ++++ openssh-8.8p1/packet.c 2021-12-01 16:51:00.930474139 +0100 @@ -246,7 +246,7 @@ TAILQ_INIT(&ssh->public_keys); state->connection_in = -1; @@ -1528,9 +1528,9 @@ diff -Nur openssh-8.7p1.orig/packet.c openssh-8.7p1/packet.c +{ + return ssh->state->send_context; +} -diff -Nur openssh-8.7p1.orig/packet.h openssh-8.7p1/packet.h ---- openssh-8.7p1.orig/packet.h 2021-10-24 07:54:36.833834119 +0200 -+++ openssh-8.7p1/packet.h 2021-10-24 07:56:04.856030016 +0200 +diff -Nur openssh-8.8p1.orig/packet.h openssh-8.8p1/packet.h +--- openssh-8.8p1.orig/packet.h 2021-12-01 16:50:22.479385484 +0100 ++++ openssh-8.8p1/packet.h 2021-12-01 16:51:00.931474142 +0100 @@ -86,6 +86,14 @@ /* APP data */ @@ -1569,9 +1569,9 @@ diff -Nur openssh-8.7p1.orig/packet.h openssh-8.7p1/packet.h /* new API */ int sshpkt_start(struct ssh *ssh, u_char type); -diff -Nur openssh-8.7p1.orig/progressmeter.c openssh-8.7p1/progressmeter.c ---- openssh-8.7p1.orig/progressmeter.c 2021-08-20 06:03:49.000000000 +0200 -+++ openssh-8.7p1/progressmeter.c 2021-10-24 07:56:04.857030018 +0200 +diff -Nur openssh-8.8p1.orig/progressmeter.c openssh-8.8p1/progressmeter.c +--- openssh-8.8p1.orig/progressmeter.c 2021-09-26 16:03:19.000000000 +0200 ++++ openssh-8.8p1/progressmeter.c 2021-12-01 16:51:00.931474142 +0100 @@ -68,6 +68,8 @@ static off_t start_pos; /* initial position of transfer */ static off_t end_pos; /* ending position of transfer */ @@ -1633,9 +1633,9 @@ diff -Nur openssh-8.7p1.orig/progressmeter.c openssh-8.7p1/progressmeter.c } /*ARGSUSED*/ -diff -Nur openssh-8.7p1.orig/readconf.c openssh-8.7p1/readconf.c ---- openssh-8.7p1.orig/readconf.c 2021-10-24 07:54:36.870834202 +0200 -+++ openssh-8.7p1/readconf.c 2021-10-24 08:13:34.654331392 +0200 +diff -Nur openssh-8.8p1.orig/readconf.c openssh-8.8p1/readconf.c +--- openssh-8.8p1.orig/readconf.c 2021-12-01 16:50:22.519385577 +0100 ++++ openssh-8.8p1/readconf.c 2021-12-01 16:51:00.932474144 +0100 @@ -67,6 +67,7 @@ #include "uidswap.h" #include "myproposal.h" @@ -1735,7 +1735,7 @@ diff -Nur openssh-8.7p1.orig/readconf.c openssh-8.7p1/readconf.c case oCiphers: arg = argv_next(&ac, &av); if (!arg || *arg == '\0') { -@@ -2440,6 +2497,14 @@ +@@ -2467,6 +2524,14 @@ options->ip_qos_interactive = -1; options->ip_qos_bulk = -1; options->request_tty = -1; @@ -1750,7 +1750,7 @@ diff -Nur openssh-8.7p1.orig/readconf.c openssh-8.7p1/readconf.c options->session_type = -1; options->stdin_null = -1; options->fork_after_authentication = -1; -@@ -2615,6 +2680,43 @@ +@@ -2642,6 +2707,43 @@ options->server_alive_interval = 0; if (options->server_alive_count_max == -1) options->server_alive_count_max = 3; @@ -1794,9 +1794,9 @@ diff -Nur openssh-8.7p1.orig/readconf.c openssh-8.7p1/readconf.c if (options->control_master == -1) options->control_master = 0; if (options->control_persist == -1) { -diff -Nur openssh-8.7p1.orig/readconf.h openssh-8.7p1/readconf.h ---- openssh-8.7p1.orig/readconf.h 2021-10-24 07:54:36.870834202 +0200 -+++ openssh-8.7p1/readconf.h 2021-10-24 07:56:04.860030025 +0200 +diff -Nur openssh-8.8p1.orig/readconf.h openssh-8.8p1/readconf.h +--- openssh-8.8p1.orig/readconf.h 2021-12-01 16:50:22.519385577 +0100 ++++ openssh-8.8p1/readconf.h 2021-12-01 16:51:00.932474144 +0100 @@ -55,6 +55,10 @@ int strict_host_key_checking; /* Strict host key checking. */ int compression; /* Compress packets in both directions. */ @@ -1821,9 +1821,9 @@ diff -Nur openssh-8.7p1.orig/readconf.h openssh-8.7p1/readconf.h int no_host_authentication_for_localhost; int identities_only; int server_alive_interval; -diff -Nur openssh-8.7p1.orig/regress/integrity.sh openssh-8.7p1/regress/integrity.sh ---- openssh-8.7p1.orig/regress/integrity.sh 2021-08-20 06:03:49.000000000 +0200 -+++ openssh-8.7p1/regress/integrity.sh 2021-10-24 07:56:04.860030025 +0200 +diff -Nur openssh-8.8p1.orig/regress/integrity.sh openssh-8.8p1/regress/integrity.sh +--- openssh-8.8p1.orig/regress/integrity.sh 2021-09-26 16:03:19.000000000 +0200 ++++ openssh-8.8p1/regress/integrity.sh 2021-12-01 16:51:00.933474146 +0100 @@ -21,6 +21,12 @@ cmd="$SUDO env SSH_SK_HELPER="$SSH_SK_HELPER" sh ${SRC}/sshd-log-wrapper.sh ${TEST_SSHD_LOGFILE} ${SSHD} -i -f $OBJ/sshd_proxy" @@ -1837,9 +1837,9 @@ diff -Nur openssh-8.7p1.orig/regress/integrity.sh openssh-8.7p1/regress/integrit trace "test $tid: mac $m" elen=0 epad=0 -diff -Nur openssh-8.7p1.orig/sandbox-seccomp-filter.c openssh-8.7p1/sandbox-seccomp-filter.c ---- openssh-8.7p1.orig/sandbox-seccomp-filter.c 2021-10-24 07:54:36.842834139 +0200 -+++ openssh-8.7p1/sandbox-seccomp-filter.c 2021-10-24 07:56:04.861030027 +0200 +diff -Nur openssh-8.8p1.orig/sandbox-seccomp-filter.c openssh-8.8p1/sandbox-seccomp-filter.c +--- openssh-8.8p1.orig/sandbox-seccomp-filter.c 2021-12-01 16:50:22.489385507 +0100 ++++ openssh-8.8p1/sandbox-seccomp-filter.c 2021-12-01 16:51:00.933474146 +0100 @@ -225,6 +225,9 @@ #ifdef __NR_geteuid32 SC_ALLOW(__NR_geteuid32), @@ -1860,10 +1860,10 @@ diff -Nur openssh-8.7p1.orig/sandbox-seccomp-filter.c openssh-8.7p1/sandbox-secc #ifdef __NR_time SC_ALLOW(__NR_time), #endif -diff -Nur openssh-8.7p1.orig/scp.c openssh-8.7p1/scp.c ---- openssh-8.7p1.orig/scp.c 2021-10-24 07:54:36.854834166 +0200 -+++ openssh-8.7p1/scp.c 2021-10-24 07:56:04.861030027 +0200 -@@ -1566,7 +1566,7 @@ +diff -Nur openssh-8.8p1.orig/scp.c openssh-8.8p1/scp.c +--- openssh-8.8p1.orig/scp.c 2021-12-01 16:50:22.502385537 +0100 ++++ openssh-8.8p1/scp.c 2021-12-01 16:51:00.934474149 +0100 +@@ -1576,7 +1576,7 @@ off_t size, statbytes; unsigned long long ull; int setimes, targisdir, wrerr; @@ -1872,9 +1872,9 @@ diff -Nur openssh-8.7p1.orig/scp.c openssh-8.7p1/scp.c char **patterns = NULL; size_t n, npatterns = 0; struct timeval tv[2]; -diff -Nur openssh-8.7p1.orig/servconf.c openssh-8.7p1/servconf.c ---- openssh-8.7p1.orig/servconf.c 2021-10-24 07:54:36.871834204 +0200 -+++ openssh-8.7p1/servconf.c 2021-10-24 07:56:04.863030032 +0200 +diff -Nur openssh-8.8p1.orig/servconf.c openssh-8.8p1/servconf.c +--- openssh-8.8p1.orig/servconf.c 2021-12-01 16:50:22.520385579 +0100 ++++ openssh-8.8p1/servconf.c 2021-12-01 16:51:00.935474151 +0100 @@ -70,6 +70,7 @@ #include "auth.h" #include "myproposal.h" @@ -1959,9 +1959,9 @@ diff -Nur openssh-8.7p1.orig/servconf.c openssh-8.7p1/servconf.c if (options->ip_qos_interactive == -1) options->ip_qos_interactive = IPTOS_DSCP_AF21; if (options->ip_qos_bulk == -1) -@@ -533,6 +589,9 @@ - sPasswordAuthentication, sKbdInteractiveAuthentication, - sListenAddress, sAddressFamily, +@@ -531,6 +587,9 @@ + sKerberosGetAFSToken, sKerberosUniqueCCache, sKerberosUseKuserok, sPasswordAuthentication, + sKbdInteractiveAuthentication, sListenAddress, sAddressFamily, sPrintMotd, sPrintLastLog, sIgnoreRhosts, + sNoneEnabled, sNoneMacEnabled, + sDisableMTAES, @@ -1969,7 +1969,7 @@ diff -Nur openssh-8.7p1.orig/servconf.c openssh-8.7p1/servconf.c sX11Forwarding, sX11DisplayOffset, sX11MaxDisplays, sX11UseLocalhost, sPermitTTY, sStrictModes, sEmptyPasswd, sTCPKeepAlive, sPermitUserEnvironment, sAllowTcpForwarding, sCompression, -@@ -733,6 +792,12 @@ +@@ -731,6 +790,12 @@ { "revokedkeys", sRevokedKeys, SSHCFG_ALL }, { "trustedusercakeys", sTrustedUserCAKeys, SSHCFG_ALL }, { "authorizedprincipalsfile", sAuthorizedPrincipalsFile, SSHCFG_ALL }, @@ -1982,7 +1982,7 @@ diff -Nur openssh-8.7p1.orig/servconf.c openssh-8.7p1/servconf.c { "kexalgorithms", sKexAlgorithms, SSHCFG_GLOBAL }, { "include", sInclude, SSHCFG_ALL }, { "ipqos", sIPQoS, SSHCFG_ALL }, -@@ -791,6 +856,7 @@ +@@ -789,6 +854,7 @@ for (i = 0; keywords[i].name; i++) if (strcasecmp(cp, keywords[i].name) == 0) { @@ -1990,7 +1990,7 @@ diff -Nur openssh-8.7p1.orig/servconf.c openssh-8.7p1/servconf.c *flags = keywords[i].flags; return keywords[i].opcode; } -@@ -1568,12 +1634,36 @@ +@@ -1566,12 +1632,36 @@ multistate_ptr = multistate_ignore_rhosts; goto parse_multistate; @@ -2027,9 +2027,9 @@ diff -Nur openssh-8.7p1.orig/servconf.c openssh-8.7p1/servconf.c case sHostbasedAuthentication: intptr = &options->hostbased_authentication; goto parse_flag; -diff -Nur openssh-8.7p1.orig/servconf.h openssh-8.7p1/servconf.h ---- openssh-8.7p1.orig/servconf.h 2021-10-24 07:54:36.871834204 +0200 -+++ openssh-8.7p1/servconf.h 2021-10-24 07:56:04.864030034 +0200 +diff -Nur openssh-8.8p1.orig/servconf.h openssh-8.8p1/servconf.h +--- openssh-8.8p1.orig/servconf.h 2021-12-01 16:50:22.520385579 +0100 ++++ openssh-8.8p1/servconf.h 2021-12-01 16:51:00.935474151 +0100 @@ -214,6 +214,13 @@ int use_pam; /* Enable auth via PAM */ int permit_pam_user_change; /* Allow PAM to change user name */ @@ -2044,9 +2044,9 @@ diff -Nur openssh-8.7p1.orig/servconf.h openssh-8.7p1/servconf.h int permit_tun; char **permitted_opens; /* May also be one of PERMITOPEN_* */ -diff -Nur openssh-8.7p1.orig/serverloop.c openssh-8.7p1/serverloop.c ---- openssh-8.7p1.orig/serverloop.c 2021-10-24 07:54:36.855834168 +0200 -+++ openssh-8.7p1/serverloop.c 2021-10-24 07:56:04.865030036 +0200 +diff -Nur openssh-8.8p1.orig/serverloop.c openssh-8.8p1/serverloop.c +--- openssh-8.8p1.orig/serverloop.c 2021-12-01 16:50:22.503385540 +0100 ++++ openssh-8.8p1/serverloop.c 2021-12-01 16:51:00.936474153 +0100 @@ -266,7 +266,7 @@ process_input(struct ssh *ssh, fd_set *readset, int connection_in) { @@ -2109,9 +2109,9 @@ diff -Nur openssh-8.7p1.orig/serverloop.c openssh-8.7p1/serverloop.c if (session_open(the_authctxt, c->self) != 1) { debug("session open failed, free channel %d", c->self); channel_free(ssh, c); -diff -Nur openssh-8.7p1.orig/session.c openssh-8.7p1/session.c ---- openssh-8.7p1.orig/session.c 2021-10-24 07:54:36.855834168 +0200 -+++ openssh-8.7p1/session.c 2021-10-24 07:56:04.866030038 +0200 +diff -Nur openssh-8.8p1.orig/session.c openssh-8.8p1/session.c +--- openssh-8.8p1.orig/session.c 2021-12-01 16:50:22.504385542 +0100 ++++ openssh-8.8p1/session.c 2021-12-01 16:51:00.936474153 +0100 @@ -228,6 +228,7 @@ goto authsock_err; @@ -2130,9 +2130,9 @@ diff -Nur openssh-8.7p1.orig/session.c openssh-8.7p1/session.c } /* -diff -Nur openssh-8.7p1.orig/sftp.1 openssh-8.7p1/sftp.1 ---- openssh-8.7p1.orig/sftp.1 2021-08-20 06:03:49.000000000 +0200 -+++ openssh-8.7p1/sftp.1 2021-10-24 07:56:04.867030041 +0200 +diff -Nur openssh-8.8p1.orig/sftp.1 openssh-8.8p1/sftp.1 +--- openssh-8.8p1.orig/sftp.1 2021-09-26 16:03:19.000000000 +0200 ++++ openssh-8.8p1/sftp.1 2021-12-01 16:51:00.937474156 +0100 @@ -295,7 +295,8 @@ Specify how many requests may be outstanding at any one time. Increasing this may slightly improve file transfer speed @@ -2143,9 +2143,9 @@ diff -Nur openssh-8.7p1.orig/sftp.1 openssh-8.7p1/sftp.1 .It Fl r Recursively copy entire directories when uploading and downloading. Note that -diff -Nur openssh-8.7p1.orig/sftp-client.c openssh-8.7p1/sftp-client.c ---- openssh-8.7p1.orig/sftp-client.c 2021-08-20 06:03:49.000000000 +0200 -+++ openssh-8.7p1/sftp-client.c 2021-10-24 07:56:04.868030043 +0200 +diff -Nur openssh-8.8p1.orig/sftp-client.c openssh-8.8p1/sftp-client.c +--- openssh-8.8p1.orig/sftp-client.c 2021-09-26 16:03:19.000000000 +0200 ++++ openssh-8.8p1/sftp-client.c 2021-12-01 16:51:00.937474156 +0100 @@ -72,7 +72,7 @@ #define DEFAULT_COPY_BUFLEN 32768 @@ -2155,9 +2155,9 @@ diff -Nur openssh-8.7p1.orig/sftp-client.c openssh-8.7p1/sftp-client.c /* Minimum amount of data to read at a time */ #define MIN_READ_SIZE 512 -diff -Nur openssh-8.7p1.orig/ssh_api.c openssh-8.7p1/ssh_api.c ---- openssh-8.7p1.orig/ssh_api.c 2021-08-20 06:03:49.000000000 +0200 -+++ openssh-8.7p1/ssh_api.c 2021-10-24 07:56:04.869030045 +0200 +diff -Nur openssh-8.8p1.orig/ssh_api.c openssh-8.8p1/ssh_api.c +--- openssh-8.8p1.orig/ssh_api.c 2021-09-26 16:03:19.000000000 +0200 ++++ openssh-8.8p1/ssh_api.c 2021-12-01 16:51:00.938474158 +0100 @@ -410,7 +410,7 @@ char *cp; int r; @@ -2167,9 +2167,9 @@ diff -Nur openssh-8.7p1.orig/ssh_api.c openssh-8.7p1/ssh_api.c return r; if ((r = sshbuf_putb(ssh_packet_get_output(ssh), banner)) != 0) return r; -diff -Nur openssh-8.7p1.orig/sshbuf.h openssh-8.7p1/sshbuf.h ---- openssh-8.7p1.orig/sshbuf.h 2021-08-20 06:03:49.000000000 +0200 -+++ openssh-8.7p1/sshbuf.h 2021-10-24 07:56:04.870030047 +0200 +diff -Nur openssh-8.8p1.orig/sshbuf.h openssh-8.8p1/sshbuf.h +--- openssh-8.8p1.orig/sshbuf.h 2021-09-26 16:03:19.000000000 +0200 ++++ openssh-8.8p1/sshbuf.h 2021-12-01 16:51:00.938474158 +0100 @@ -28,7 +28,7 @@ # endif /* OPENSSL_HAS_ECC */ #endif /* WITH_OPENSSL */ @@ -2179,10 +2179,10 @@ diff -Nur openssh-8.7p1.orig/sshbuf.h openssh-8.7p1/sshbuf.h #define SSHBUF_REFS_MAX 0x100000 /* Max child buffers */ #define SSHBUF_MAX_BIGNUM (16384 / 8) /* Max bignum *bytes* */ #define SSHBUF_MAX_ECPOINT ((528 * 2 / 8) + 1) /* Max EC point *bytes* */ -diff -Nur openssh-8.7p1.orig/ssh.c openssh-8.7p1/ssh.c ---- openssh-8.7p1.orig/ssh.c 2021-10-24 07:54:36.872834206 +0200 -+++ openssh-8.7p1/ssh.c 2021-10-24 07:56:04.871030049 +0200 -@@ -1056,6 +1056,10 @@ +diff -Nur openssh-8.8p1.orig/ssh.c openssh-8.8p1/ssh.c +--- openssh-8.8p1.orig/ssh.c 2021-12-01 16:50:22.521385581 +0100 ++++ openssh-8.8p1/ssh.c 2021-12-01 16:51:00.939474160 +0100 +@@ -1057,6 +1057,10 @@ break; case 'T': options.request_tty = REQUEST_TTY_NO; @@ -2193,7 +2193,7 @@ diff -Nur openssh-8.7p1.orig/ssh.c openssh-8.7p1/ssh.c break; case 'o': line = xstrdup(optarg); -@@ -1784,6 +1788,8 @@ +@@ -1785,6 +1789,8 @@ setproctitle("%s [mux]", options.control_path); } @@ -2202,7 +2202,7 @@ diff -Nur openssh-8.7p1.orig/ssh.c openssh-8.7p1/ssh.c /* Do fork() after authentication. Used by "ssh -f" */ static void fork_postauth(void) -@@ -2101,6 +2107,79 @@ +@@ -2103,6 +2109,79 @@ NULL, fileno(stdin), command, environ); } @@ -2282,7 +2282,7 @@ diff -Nur openssh-8.7p1.orig/ssh.c openssh-8.7p1/ssh.c /* open new channel for a session */ static int ssh_session2_open(struct ssh *ssh) -@@ -2119,9 +2198,11 @@ +@@ -2121,9 +2200,11 @@ if (in == -1 || out == -1 || err == -1) fatal("dup() in/out/err failed"); @@ -2295,7 +2295,7 @@ diff -Nur openssh-8.7p1.orig/ssh.c openssh-8.7p1/ssh.c window >>= 1; packetmax >>= 1; } -@@ -2132,6 +2213,11 @@ +@@ -2134,6 +2215,11 @@ debug3_f("channel_new: %d", c->self); @@ -2307,7 +2307,7 @@ diff -Nur openssh-8.7p1.orig/ssh.c openssh-8.7p1/ssh.c channel_send_open(ssh, c->self); if (options.session_type != SESSION_TYPE_NONE) channel_register_open_confirm(ssh, c->self, -@@ -2146,6 +2232,13 @@ +@@ -2148,6 +2234,13 @@ int r, id = -1; char *cp, *tun_fwd_ifname = NULL; @@ -2321,9 +2321,9 @@ diff -Nur openssh-8.7p1.orig/ssh.c openssh-8.7p1/ssh.c /* XXX should be pre-session */ if (!options.control_persist) ssh_init_stdio_forwarding(ssh); -diff -Nur openssh-8.7p1.orig/sshconnect2.c openssh-8.7p1/sshconnect2.c ---- openssh-8.7p1.orig/sshconnect2.c 2021-10-24 07:54:36.873834208 +0200 -+++ openssh-8.7p1/sshconnect2.c 2021-10-24 08:06:47.586411958 +0200 +diff -Nur openssh-8.8p1.orig/sshconnect2.c openssh-8.8p1/sshconnect2.c +--- openssh-8.8p1.orig/sshconnect2.c 2021-12-01 16:50:22.523385586 +0100 ++++ openssh-8.8p1/sshconnect2.c 2021-12-01 16:51:00.940474162 +0100 @@ -86,6 +86,13 @@ extern Options options; @@ -2412,9 +2412,9 @@ diff -Nur openssh-8.7p1.orig/sshconnect2.c openssh-8.7p1/sshconnect2.c if (ssh_packet_connection_is_on_socket(ssh)) { verbose("Authenticated to %s ([%s]:%d) using \"%s\".", host, ssh_remote_ipaddr(ssh), ssh_remote_port(ssh), -diff -Nur openssh-8.7p1.orig/sshconnect.c openssh-8.7p1/sshconnect.c ---- openssh-8.7p1.orig/sshconnect.c 2021-10-24 07:54:36.794834032 +0200 -+++ openssh-8.7p1/sshconnect.c 2021-10-24 07:56:04.873030054 +0200 +diff -Nur openssh-8.8p1.orig/sshconnect.c openssh-8.8p1/sshconnect.c +--- openssh-8.8p1.orig/sshconnect.c 2021-12-01 16:50:22.434385381 +0100 ++++ openssh-8.8p1/sshconnect.c 2021-12-01 16:51:00.940474162 +0100 @@ -345,6 +345,30 @@ #endif @@ -2456,9 +2456,9 @@ diff -Nur openssh-8.7p1.orig/sshconnect.c openssh-8.7p1/sshconnect.c /* Use interactive QOS (if specified) until authentication completed */ if (options.ip_qos_interactive != INT_MAX) set_sock_tos(sock, options.ip_qos_interactive); -diff -Nur openssh-8.7p1.orig/sshd.c openssh-8.7p1/sshd.c ---- openssh-8.7p1.orig/sshd.c 2021-10-24 07:54:36.874834211 +0200 -+++ openssh-8.7p1/sshd.c 2021-10-24 08:00:18.185586742 +0200 +diff -Nur openssh-8.8p1.orig/sshd.c openssh-8.8p1/sshd.c +--- openssh-8.8p1.orig/sshd.c 2021-12-01 16:50:22.524385588 +0100 ++++ openssh-8.8p1/sshd.c 2021-12-01 16:51:00.941474165 +0100 @@ -1110,6 +1110,8 @@ int ret, listen_sock; struct addrinfo *ai; @@ -2548,9 +2548,9 @@ diff -Nur openssh-8.7p1.orig/sshd.c openssh-8.7p1/sshd.c myproposal[PROPOSAL_KEX_ALGS] = compat_kex_proposal(ssh, options.kex_algorithms); myproposal[PROPOSAL_ENC_ALGS_CTOS] = compat_cipher_proposal(ssh, -diff -Nur openssh-8.7p1.orig/sshd_config openssh-8.7p1/sshd_config ---- openssh-8.7p1.orig/sshd_config 2021-10-24 07:54:36.874834211 +0200 -+++ openssh-8.7p1/sshd_config 2021-10-24 07:56:04.875030058 +0200 +diff -Nur openssh-8.8p1.orig/sshd_config openssh-8.8p1/sshd_config +--- openssh-8.8p1.orig/sshd_config 2021-12-01 16:50:22.524385588 +0100 ++++ openssh-8.8p1/sshd_config 2021-12-01 16:51:00.941474165 +0100 @@ -127,6 +127,28 @@ # override default of no subsystems Subsystem sftp /usr/libexec/sftp-server @@ -2580,9 +2580,9 @@ diff -Nur openssh-8.7p1.orig/sshd_config openssh-8.7p1/sshd_config # Example of overriding settings on a per-user basis #Match User anoncvs # X11Forwarding no -diff -Nur openssh-8.7p1.orig/version.h openssh-8.7p1/version.h ---- openssh-8.7p1.orig/version.h 2021-10-24 07:54:36.876834215 +0200 -+++ openssh-8.7p1/version.h 2021-10-24 07:56:04.876030061 +0200 +diff -Nur openssh-8.8p1.orig/version.h openssh-8.8p1/version.h +--- openssh-8.8p1.orig/version.h 2021-12-01 16:50:22.525385590 +0100 ++++ openssh-8.8p1/version.h 2021-12-01 16:51:00.941474165 +0100 @@ -16,5 +16,6 @@ #define SSH_PORTABLE "p1" diff --git a/sources b/sources index d393884..1dadfbc 100644 --- a/sources +++ b/sources @@ -1,3 +1,3 @@ -SHA512 (openssh-8.7p1.tar.gz) = 08c81024d9e1248abfda6cc874886ff5ae916669b93cd6aff640e0614ee8cbcbc3fe87a9ce47136b6443ddbb1168b114367c74e117551905994e1a7e3fa2c0c2 -SHA512 (openssh-8.7p1.tar.gz.asc) = 08b4bda855ca3ef202c271f1c0e3486082b93d1009a794d020e7ba223978bc87bf34b1fbccaae3379a47639bd849935fdaaf63bdb781d0a44625066ccf00fbfc +SHA512 (openssh-8.8p1.tar.gz) = d44cd04445f9c8963513b0d5a7e8348985114ff2471e119a6e344498719ef40f09c61c354888a3be9dabcb5870e5cbe5d3aafbb861dfa1d82a4952f3d233a8df +SHA512 (openssh-8.8p1.tar.gz.asc) = 165e025305902f884d04d4444fa3143e4ea1a25a1c65aafe05e113537b3d3e50f7cd5f818bc2ca3404699372ca78f69c46b7452faf2d3998c448a5b80a411ae4 SHA512 (gpgkey-736060BA.gpg) = df44f3fdbcd1d596705348c7f5aed3f738c5f626a55955e0642f7c6c082995cf36a1b1891bb41b8715cb2aff34fef1c877e0eff0d3507dd00a055ba695757a21 From 4dc1dfc1114b065c8f7271cea52b8c29d572d9a5 Mon Sep 17 00:00:00 2001 From: Fedora Release Engineering Date: Thu, 20 Jan 2022 11:51:24 +0000 Subject: [PATCH 02/44] - Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild Signed-off-by: Fedora Release Engineering --- gsi-openssh.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/gsi-openssh.spec b/gsi-openssh.spec index 66318cf..168d66f 100644 --- a/gsi-openssh.spec +++ b/gsi-openssh.spec @@ -33,7 +33,7 @@ Summary: An implementation of the SSH protocol with GSI authentication Name: gsi-openssh Version: %{openssh_ver} -Release: %{openssh_rel}%{?dist} +Release: %{openssh_rel}%{?dist}.1 Provides: gsissh = %{version}-%{release} Obsoletes: gsissh < 5.8p2-2 URL: http://www.openssh.com/portable.html @@ -500,6 +500,9 @@ getent passwd sshd >/dev/null || \ %attr(0644,root,root) %{_unitdir}/gsisshd-keygen.target %changelog +* Thu Jan 20 2022 Fedora Release Engineering - 8.8p1-1.1 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild + * Wed Dec 01 2021 Mattias Ellert - 8.8p1-1 - Based on openssh-8.8p1-1.fc36 From 9e07719d88921afc283f14bc33fcefac004d6fa4 Mon Sep 17 00:00:00 2001 From: Mattias Ellert Date: Sun, 8 May 2022 11:00:52 +0200 Subject: [PATCH 03/44] Based on openssh-8.8p1-2.fc37 --- gsi-openssh.spec | 11 +++++++---- openssh-7.7p1-redhat.patch | 16 ++-------------- 2 files changed, 9 insertions(+), 18 deletions(-) diff --git a/gsi-openssh.spec b/gsi-openssh.spec index 168d66f..5f6cce1 100644 --- a/gsi-openssh.spec +++ b/gsi-openssh.spec @@ -28,12 +28,12 @@ %global libedit 1 %global openssh_ver 8.8p1 -%global openssh_rel 1 +%global openssh_rel 2 Summary: An implementation of the SSH protocol with GSI authentication Name: gsi-openssh Version: %{openssh_ver} -Release: %{openssh_rel}%{?dist}.1 +Release: %{openssh_rel}%{?dist} Provides: gsissh = %{version}-%{release} Obsoletes: gsissh < 5.8p2-2 URL: http://www.openssh.com/portable.html @@ -407,8 +407,8 @@ install -d $RPM_BUILD_ROOT/etc/sysconfig/ install -d $RPM_BUILD_ROOT%{_libexecdir}/gsissh install -m644 %{SOURCE2} $RPM_BUILD_ROOT/etc/pam.d/gsisshd install -m644 %{SOURCE7} $RPM_BUILD_ROOT/etc/sysconfig/gsisshd -install -m644 ssh_config_redhat $RPM_BUILD_ROOT/etc/gsissh/ssh_config.d/50-redhat.conf -install -m644 sshd_config_redhat $RPM_BUILD_ROOT/etc/gsissh/sshd_config.d/50-redhat.conf +install -m644 ssh_config_redhat $RPM_BUILD_ROOT%{_sysconfdir}/gsissh/ssh_config.d/50-redhat.conf +install -m644 sshd_config_redhat $RPM_BUILD_ROOT%{_sysconfdir}/gsissh/sshd_config.d/50-redhat.conf install -d -m755 $RPM_BUILD_ROOT/%{_unitdir} install -m644 %{SOURCE9} $RPM_BUILD_ROOT/%{_unitdir}/gsisshd@.service install -m644 %{SOURCE10} $RPM_BUILD_ROOT/%{_unitdir}/gsisshd.socket @@ -500,6 +500,9 @@ getent passwd sshd >/dev/null || \ %attr(0644,root,root) %{_unitdir}/gsisshd-keygen.target %changelog +* Sun May 8 2022 Mattias Ellert - 8.8p1-2 +- Based on openssh-8.8p1-2.fc37 + * Thu Jan 20 2022 Fedora Release Engineering - 8.8p1-1.1 - Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild diff --git a/openssh-7.7p1-redhat.patch b/openssh-7.7p1-redhat.patch index fcda6c6..85ebc82 100644 --- a/openssh-7.7p1-redhat.patch +++ b/openssh-7.7p1-redhat.patch @@ -15,7 +15,7 @@ diff -up openssh/ssh_config.redhat openssh/ssh_config diff -up openssh/ssh_config_redhat.redhat openssh/ssh_config_redhat --- openssh/ssh_config_redhat.redhat 2020-02-13 18:13:39.180641839 +0100 +++ openssh/ssh_config_redhat 2020-02-13 18:13:39.180641839 +0100 -@@ -0,0 +1,21 @@ +@@ -0,0 +1,15 @@ +# The options here are in the "Match final block" to be applied as the last +# options and could be potentially overwritten by the user configuration +Match final all @@ -29,12 +29,6 @@ diff -up openssh/ssh_config_redhat.redhat openssh/ssh_config_redhat +# mode correctly we set this to yes. + ForwardX11Trusted yes + -+# Send locale-related environment variables -+ SendEnv LANG LC_CTYPE LC_NUMERIC LC_TIME LC_COLLATE LC_MONETARY LC_MESSAGES -+ SendEnv LC_PAPER LC_NAME LC_ADDRESS LC_TELEPHONE LC_MEASUREMENT -+ SendEnv LC_IDENTIFICATION LC_ALL LANGUAGE -+ SendEnv XMODIFIERS -+ +# Uncomment this if you want to use .local domain +# Host *.local diff -up openssh/sshd_config.0.redhat openssh/sshd_config.0 @@ -86,7 +80,7 @@ diff -up openssh/sshd_config.redhat openssh/sshd_config diff -up openssh/sshd_config_redhat.redhat openssh/sshd_config_redhat --- openssh/sshd_config_redhat.redhat 2020-02-13 18:14:02.268006439 +0100 +++ openssh/sshd_config_redhat 2020-02-13 18:19:20.765035947 +0100 -@@ -0,0 +1,28 @@ +@@ -0,0 +1,22 @@ +# This system is following system-wide crypto policy. The changes to +# crypto properties (Ciphers, MACs, ...) will not have any effect in +# this or following included files. To override some configuration option, @@ -109,9 +103,3 @@ diff -up openssh/sshd_config_redhat.redhat openssh/sshd_config_redhat +# as it is more configurable and versatile than the built-in version. +PrintMotd no + -+# Accept locale-related environment variables -+AcceptEnv LANG LC_CTYPE LC_NUMERIC LC_TIME LC_COLLATE LC_MONETARY LC_MESSAGES -+AcceptEnv LC_PAPER LC_NAME LC_ADDRESS LC_TELEPHONE LC_MEASUREMENT -+AcceptEnv LC_IDENTIFICATION LC_ALL LANGUAGE -+AcceptEnv XMODIFIERS -+ From f49266f739eafd9845ed619a0e007e2b2ed6e81f Mon Sep 17 00:00:00 2001 From: Fedora Release Engineering Date: Thu, 21 Jul 2022 13:07:18 +0000 Subject: [PATCH 04/44] Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild Signed-off-by: Fedora Release Engineering --- gsi-openssh.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/gsi-openssh.spec b/gsi-openssh.spec index 5f6cce1..58838fc 100644 --- a/gsi-openssh.spec +++ b/gsi-openssh.spec @@ -33,7 +33,7 @@ Summary: An implementation of the SSH protocol with GSI authentication Name: gsi-openssh Version: %{openssh_ver} -Release: %{openssh_rel}%{?dist} +Release: %{openssh_rel}%{?dist}.1 Provides: gsissh = %{version}-%{release} Obsoletes: gsissh < 5.8p2-2 URL: http://www.openssh.com/portable.html @@ -500,6 +500,9 @@ getent passwd sshd >/dev/null || \ %attr(0644,root,root) %{_unitdir}/gsisshd-keygen.target %changelog +* Thu Jul 21 2022 Fedora Release Engineering - 8.8p1-2.1 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild + * Sun May 8 2022 Mattias Ellert - 8.8p1-2 - Based on openssh-8.8p1-2.fc37 From 3c863da50a9bde46bbafff231a4569d3c5474008 Mon Sep 17 00:00:00 2001 From: Mattias Ellert Date: Tue, 30 Aug 2022 18:31:37 +0200 Subject: [PATCH 05/44] Based on openssh-8.8p1-6.fc37 --- gsi-openssh.spec | 84 +++- openssh-6.7p1-coverity.patch | 58 +-- openssh-7.7p1-fips.patch | 230 +++++++++- openssh-8.0p1-crypto-policies.patch | 78 ++-- openssh-8.7p1-evpgenkey.patch | 110 +++++ openssh-8.7p1-gssapi-auth.patch | 20 + openssh-8.7p1-host-based-auth.patch | 151 +++++++ openssh-8.7p1-ibmca.patch | 12 + openssh-8.7p1-mem-leak.patch | 156 +++++++ openssh-8.7p1-minimize-sha1-use.patch | 207 +++++++++ openssh-8.7p1-minrsabits.patch | 437 +++++++++++++++++++ openssh-8.7p1-negotiate-supported-algs.patch | 63 +++ openssh-8.7p1-recursive-scp.patch | 174 ++++++++ openssh-8.7p1-scp-clears-file.patch | 304 +++++++++++++ openssh-8.7p1-sftpscp-dir-create.patch | 135 ++++++ openssh-8.7p1-ssh-manpage.patch | 53 +++ openssh-8.8p1-hpn-15.2-modified.patch | 16 +- openssh-8.8p1-skip-some-tests.patch | 41 ++ 18 files changed, 2223 insertions(+), 106 deletions(-) create mode 100644 openssh-8.7p1-evpgenkey.patch create mode 100644 openssh-8.7p1-gssapi-auth.patch create mode 100644 openssh-8.7p1-host-based-auth.patch create mode 100644 openssh-8.7p1-ibmca.patch create mode 100644 openssh-8.7p1-mem-leak.patch create mode 100644 openssh-8.7p1-minimize-sha1-use.patch create mode 100644 openssh-8.7p1-minrsabits.patch create mode 100644 openssh-8.7p1-negotiate-supported-algs.patch create mode 100644 openssh-8.7p1-recursive-scp.patch create mode 100644 openssh-8.7p1-scp-clears-file.patch create mode 100644 openssh-8.7p1-sftpscp-dir-create.patch create mode 100644 openssh-8.7p1-ssh-manpage.patch create mode 100644 openssh-8.8p1-skip-some-tests.patch diff --git a/gsi-openssh.spec b/gsi-openssh.spec index 58838fc..a7901cd 100644 --- a/gsi-openssh.spec +++ b/gsi-openssh.spec @@ -28,12 +28,12 @@ %global libedit 1 %global openssh_ver 8.8p1 -%global openssh_rel 2 +%global openssh_rel 3 Summary: An implementation of the SSH protocol with GSI authentication Name: gsi-openssh Version: %{openssh_ver} -Release: %{openssh_rel}%{?dist}.1 +Release: %{openssh_rel}%{?dist} Provides: gsissh = %{version}-%{release} Obsoletes: gsissh < 5.8p2-2 URL: http://www.openssh.com/portable.html @@ -145,7 +145,7 @@ Patch964: openssh-8.0p1-openssl-kdf.patch Patch965: openssh-8.2p1-visibility.patch # Do not break X11 without IPv6 Patch966: openssh-8.2p1-x11-without-ipv6.patch -# https://bugzilla.mindrot.org/show_bug.cgi?id=3213 +# ssh-keygen printing fingerprint issue with Windows keys (#1901518) Patch974: openssh-8.0p1-keygen-strip-doseol.patch # sshd provides PAM an incorrect error code (#1879503) Patch975: openssh-8.0p1-preserve-pam-errors.patch @@ -153,6 +153,62 @@ Patch975: openssh-8.0p1-preserve-pam-errors.patch Patch976: openssh-8.7p1-sftp-default-protocol.patch # Implement kill switch for SCP protocol Patch977: openssh-8.7p1-scp-kill-switch.patch +# Create non-existent directories when scp works in sftp mode and some more minor fixes +# upstream commits: +# ba61123eef9c6356d438c90c1199a57a0d7bcb0a +# 63670d4e9030bcee490d5a9cce561373ac5b3b23 +# ac7c9ec894ed0825d04ef69c55babb49bab1d32e +Patch980: openssh-8.7p1-sftpscp-dir-create.patch +# Workaround for lack of sftp_realpath in older versions of RHEL +# https://bugzilla.redhat.com/show_bug.cgi?id=2038854 +# https://github.com/openssh/openssh-portable/pull/299 +# downstream only +Patch981: openssh-8.7p1-recursive-scp.patch +# https://github.com/djmdjm/openssh-wip/pull/13 +Patch982: openssh-8.7p1-minrsabits.patch +# downstream only +Patch983: openssh-8.7p1-evpgenkey.patch +# downstream only, IBMCA tentative fix +# From https://bugzilla.redhat.com/show_bug.cgi?id=1976202#c14 +Patch984: openssh-8.7p1-ibmca.patch + +# Minimize the use of SHA1 as a proof of possession for RSA key (#2031868) +# upstream commits: +# 291721bc7c840d113a49518f3fca70e86248b8e8 +# 0fa33683223c76289470a954404047bc762be84c +Patch1000: openssh-8.7p1-minimize-sha1-use.patch +# Fix for scp clearing file when src and dest are the same (#2056884) +# upstream commits: +# 7b1cbcb7599d9f6a3bbad79d412604aa1203b5ee +Patch1001: openssh-8.7p1-scp-clears-file.patch +# Add missing options from ssh_config into ssh manpage +# upstream bug: +# https://bugzilla.mindrot.org/show_bug.cgi?id=3455 +Patch1002: openssh-8.7p1-ssh-manpage.patch +# Always return allocated strings from the kex filtering so that we can free them +# upstream commits: +# 486c4dc3b83b4b67d663fb0fa62bc24138ec3946 +# 6c31ba10e97b6953c4f325f526f3e846dfea647a +# 322964f8f2e9c321e77ebae1e4d2cd0ccc5c5a0b +Patch1003: openssh-8.7p1-mem-leak.patch +# Reenable MONITOR_REQ_GSSCHECKMIC after gssapi-with-mic failures +# upstream MR: +# https://github.com/openssh-gsskex/openssh-gsskex/pull/21 +Patch1004: openssh-8.7p1-gssapi-auth.patch +# Fix host-based authentication with rsa keys +# upstream commits: +# 7aa7b096cf2bafe2777085abdeed5ce00581f641 +# d9dbb5d9a0326e252d3c7bc13beb9c2434f59409 +# fdb1d58d0d3888b042e5a500f6ce524486aaf782 +Patch1005: openssh-8.7p1-host-based-auth.patch +# Don't propose disallowed algorithms during hostkey negotiation +# upstream MR: +# https://github.com/openssh/openssh-portable/pull/323 +Patch1006: openssh-8.7p1-negotiate-supported-algs.patch + +# downstream only +# we skip some ssh-rsa/ssh-dss tests to make native test suite pass +Patch1100: openssh-8.8p1-skip-some-tests.patch # Fix issue with read-only ssh buffer during gssapi key exchange (#1938224) # https://github.com/openssh-gsskex/openssh-gsskex/pull/19 @@ -303,11 +359,26 @@ gpgv2 --quiet --keyring %{SOURCE3} %{SOURCE1} %{SOURCE0} %patch975 -p1 -b .preserve-pam-errors %patch976 -p1 -b .sftp-by-default %patch977 -p1 -b .kill-scp +%patch980 -p1 -b .sftpdirs +%patch981 -p1 -b .scp-sftpdirs +%patch982 -p1 -b .minrsabits +%patch983 -p1 -b .evpgenrsa +%patch984 -p1 -b .ibmca %patch200 -p1 -b .audit %patch201 -p1 -b .audit-race %patch700 -p1 -b .fips +%patch1000 -p1 -b .minimize-sha1-use +%patch1001 -p1 -b .scp-clears-file +%patch1002 -p1 -b .ssh-manpage +%patch1003 -p1 -b .mem-leak +%patch1004 -p1 -b .gssapi-auth +%patch1005 -p1 -b .host-based-auth +%patch1006 -p1 -b .negotiate-supported-algs + +%patch1100 -p1 -b .skipsshrsadsstests + %patch100 -p1 -b .coverity %patch97 -p1 -b .sshbuf-ro @@ -439,7 +510,7 @@ done perl -pi -e "s|$RPM_BUILD_ROOT||g" $RPM_BUILD_ROOT%{_mandir}/man*/* %pre -getent group ssh_keys >/dev/null || groupadd -r ssh_keys || : +getent group ssh_keys >/dev/null || groupadd -r -g 101 ssh_keys || : %pre server getent group sshd >/dev/null || groupadd -g %{sshd_uid} -r sshd || : @@ -500,10 +571,13 @@ getent passwd sshd >/dev/null || \ %attr(0644,root,root) %{_unitdir}/gsisshd-keygen.target %changelog +* Tue Aug 30 2022 Mattias Ellert - 8.8p1-3 +- Based on openssh-8.8p1-6.fc37 + * Thu Jul 21 2022 Fedora Release Engineering - 8.8p1-2.1 - Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild -* Sun May 8 2022 Mattias Ellert - 8.8p1-2 +* Sun May 08 2022 Mattias Ellert - 8.8p1-2 - Based on openssh-8.8p1-2.fc37 * Thu Jan 20 2022 Fedora Release Engineering - 8.8p1-1.1 diff --git a/openssh-6.7p1-coverity.patch b/openssh-6.7p1-coverity.patch index 930de69..147d90d 100644 --- a/openssh-6.7p1-coverity.patch +++ b/openssh-6.7p1-coverity.patch @@ -101,22 +101,6 @@ diff -up openssh-7.4p1/channels.c.coverity openssh-7.4p1/channels.c return idx; } -diff -up openssh-8.5p1/compat.c.coverity openssh-8.5p1/compat.c ---- openssh-8.5p1/compat.c.coverity 2021-03-24 12:03:33.768968062 +0100 -+++ openssh-8.5p1/compat.c 2021-03-24 12:03:33.783968166 +0100 -@@ -191,10 +191,12 @@ compat_kex_proposal(struct ssh *ssh, cha - return p; - debug2_f("original KEX proposal: %s", p); - if ((ssh->compat & SSH_BUG_CURVE25519PAD) != 0) -+ /* coverity[overwrite_var : FALSE] */ - if ((p = match_filter_denylist(p, - "curve25519-sha256@libssh.org")) == NULL) - fatal("match_filter_denylist failed"); - if ((ssh->compat & SSH_OLD_DHGEX) != 0) { -+ /* coverity[overwrite_var : FALSE] */ - if ((p = match_filter_denylist(p, - "diffie-hellman-group-exchange-sha256," - "diffie-hellman-group-exchange-sha1")) == NULL) diff -up openssh-8.5p1/dns.c.coverity openssh-8.5p1/dns.c --- openssh-8.5p1/dns.c.coverity 2021-03-02 11:31:47.000000000 +0100 +++ openssh-8.5p1/dns.c 2021-03-24 12:03:33.783968166 +0100 @@ -419,15 +403,6 @@ diff -up openssh-7.4p1/sftp.c.coverity openssh-7.4p1/sftp.c } _exit(1); -@@ -762,6 +762,8 @@ process_put(struct sftp_conn *conn, cons - fflag || global_fflag) == -1) - err = -1; - } -+ free(abs_dst); -+ abs_dst = NULL; - } - - out: @@ -985,6 +987,7 @@ do_globbed_ls(struct sftp_conn *conn, co if (lflag & LS_LONG_VIEW) { if (g.gl_statv[i] == NULL) { @@ -436,6 +411,30 @@ diff -up openssh-7.4p1/sftp.c.coverity openssh-7.4p1/sftp.c continue; } lname = ls_file(fname, g.gl_statv[i], 1, +diff --git a/sftp-client.c b/sftp-client.c +index 9de9afa20f..ea98d9f8d0 100644 +--- a/sftp-client.c ++++ b/sftp-client.c +@@ -2195,6 +2195,7 @@ handle_dest_replies(struct sftp_conn *to, const char *to_path, int synchronous, + (*nreqsp)--; + } + debug3_f("done: %u outstanding replies", *nreqsp); ++ sshbuf_free(msg); + } + + int +diff --git a/sftp-server.c b/sftp-server.c +index 18d1949112..6380c4dd23 100644 +--- a/sftp-server.c ++++ b/sftp-server.c +@@ -1553,6 +1553,7 @@ process_extended_expand(u_int32_t id) + npath = xstrdup(path + 2); + free(path); + xasprintf(&path, "%s/%s", cwd, npath); ++ free(npath); + } else { + /* ~user expansions */ + if (tilde_expand(path, pw->pw_uid, &npath) != 0) { diff -up openssh-8.5p1/sk-usbhid.c.coverity openssh-8.5p1/sk-usbhid.c --- openssh-8.5p1/sk-usbhid.c.coverity 2021-03-02 11:31:47.000000000 +0100 +++ openssh-8.5p1/sk-usbhid.c 2021-03-24 12:03:33.786968187 +0100 @@ -505,15 +504,6 @@ diff -up openssh-7.4p1/sshd.c.coverity openssh-7.4p1/sshd.c } /* -@@ -2474,7 +2479,7 @@ do_ssh2_kex(struct ssh *ssh) - if (options.rekey_limit || options.rekey_interval) - ssh_packet_set_rekey_limits(ssh, options.rekey_limit, - options.rekey_interval); -- -+ /* coverity[leaked_storage : FALSE]*/ - myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = compat_pkalg_proposal( - ssh, list_hostkey_types()); - @@ -2519,8 +2524,11 @@ do_ssh2_kex(struct ssh *ssh) if (newstr) diff --git a/openssh-7.7p1-fips.patch b/openssh-7.7p1-fips.patch index 72bceb1..cc513db 100644 --- a/openssh-7.7p1-fips.patch +++ b/openssh-7.7p1-fips.patch @@ -1,16 +1,3 @@ -diff -up openssh-8.6p1/cipher-ctr.c.fips openssh-8.6p1/cipher-ctr.c ---- openssh-8.6p1/cipher-ctr.c.fips 2021-04-19 16:53:02.994577324 +0200 -+++ openssh-8.6p1/cipher-ctr.c 2021-04-19 16:53:03.064577862 +0200 -@@ -179,7 +179,8 @@ evp_aes_128_ctr(void) - aes_ctr.do_cipher = ssh_aes_ctr; - #ifndef SSH_OLD_EVP - aes_ctr.flags = EVP_CIPH_CBC_MODE | EVP_CIPH_VARIABLE_LENGTH | -- EVP_CIPH_ALWAYS_CALL_INIT | EVP_CIPH_CUSTOM_IV; -+ EVP_CIPH_ALWAYS_CALL_INIT | EVP_CIPH_CUSTOM_IV | -+ EVP_CIPH_FLAG_FIPS; - #endif - return (&aes_ctr); - } diff -up openssh-8.6p1/dh.c.fips openssh-8.6p1/dh.c --- openssh-8.6p1/dh.c.fips 2021-04-16 05:55:25.000000000 +0200 +++ openssh-8.6p1/dh.c 2021-04-19 16:58:47.750263410 +0200 @@ -19,7 +6,7 @@ diff -up openssh-8.6p1/dh.c.fips openssh-8.6p1/dh.c struct dhgroup dhg; + if (FIPS_mode()) { -+ logit("Using arbitrary primes is not allowed in FIPS mode." ++ verbose("Using arbitrary primes is not allowed in FIPS mode." + " Falling back to known groups."); + return (dh_new_group_fallback(max)); + } @@ -116,8 +103,8 @@ diff -up openssh-8.6p1/kexgexc.c.fips openssh-8.6p1/kexgexc.c /* generate and send 'e', client DH public key */ diff -up openssh-8.6p1/myproposal.h.fips openssh-8.6p1/myproposal.h --- openssh-8.6p1/myproposal.h.fips 2021-04-16 05:55:25.000000000 +0200 -+++ openssh-8.6p1/myproposal.h 2021-04-19 16:53:03.065577869 +0200 -@@ -57,6 +57,19 @@ ++++ openssh-8.6p1/myproposal.h 2021-05-06 12:08:36.498926877 +0200 +@@ -57,6 +57,18 @@ "rsa-sha2-512," \ "rsa-sha2-256" @@ -127,12 +114,11 @@ diff -up openssh-8.6p1/myproposal.h.fips openssh-8.6p1/myproposal.h + "ecdsa-sha2-nistp521-cert-v01@openssh.com," \ + "rsa-sha2-512-cert-v01@openssh.com," \ + "rsa-sha2-256-cert-v01@openssh.com," \ -+ "ssh-rsa-cert-v01@openssh.com," \ + "ecdsa-sha2-nistp256," \ + "ecdsa-sha2-nistp384," \ + "ecdsa-sha2-nistp521," \ + "rsa-sha2-512," \ -+ "rsa-sha2-256," ++ "rsa-sha2-256" + #define KEX_SERVER_ENCRYPT \ "chacha20-poly1305@openssh.com," \ @@ -358,6 +344,20 @@ diff -up openssh-8.6p1/sshd.c.fips openssh-8.6p1/sshd.c /* Save argv. Duplicate so setproctitle emulation doesn't clobber it */ saved_argc = ac; rexec_argc = ac; +@@ -1931,6 +1931,13 @@ main(int ac, char **av) + &key, NULL)) != 0 && r != SSH_ERR_SYSTEM_ERROR) + do_log2_r(r, ll, "Unable to load host key \"%s\"", + options.host_key_files[i]); ++ if (FIPS_mode() && key != NULL && (sshkey_type_plain(key->type) == KEY_ED25519_SK ++ || sshkey_type_plain(key->type) == KEY_ED25519)) { ++ logit_f("sshd: Ed25519 keys are not allowed in FIPS mode, skipping %s", options.host_key_files[i]); ++ sshkey_free(key); ++ key = NULL; ++ continue; ++ } + if (sshkey_is_sk(key) && + key->sk_flags & SSH_SK_USER_PRESENCE_REQD) { + debug("host key %s requires user presence, ignoring", @@ -2110,6 +2113,10 @@ main(int ac, char **av) /* Reinitialize the log (because of the fork above). */ log_init(__progname, options.log_level, options.log_facility, log_stderr); @@ -407,15 +407,78 @@ diff -up openssh-8.6p1/sshkey.c.fips openssh-8.6p1/sshkey.c #include "ssh-sk.h" #ifdef WITH_XMSS -@@ -1705,6 +1707,8 @@ rsa_generate_private_key(u_int bits, RSA +@@ -285,6 +285,18 @@ sshkey_alg_list(int certs_only, int plai + for (kt = keytypes; kt->type != -1; kt++) { + if (kt->name == NULL || kt->type == KEY_NULL) + continue; ++ if (FIPS_mode()) { ++ switch (kt->type) { ++ case KEY_ED25519: ++ case KEY_ED25519_SK: ++ case KEY_ED25519_CERT: ++ case KEY_ED25519_SK_CERT: ++ continue; ++ break; ++ default: ++ break; ++ } ++ } + if (!include_sigonly && kt->sigonly) + continue; + if ((certs_only && !kt->cert) || (plain_only && kt->cert)) +@@ -1503,6 +1503,20 @@ sshkey_read(struct sshkey *ret, char **c + return SSH_ERR_EC_CURVE_MISMATCH; } - if (!BN_set_word(f4, RSA_F4) || - !RSA_generate_key_ex(private, bits, f4, NULL)) { -+ if (FIPS_mode()) -+ logit_f("the key length might be unsupported by FIPS mode approved key generation method"); + ++ switch (type) { ++ case KEY_ED25519: ++ case KEY_ED25519_SK: ++ case KEY_ED25519_CERT: ++ case KEY_ED25519_SK_CERT: ++ if (FIPS_mode()) { ++ sshkey_free(k); ++ logit_f("Ed25519 keys are not allowed in FIPS mode"); ++ return SSH_ERR_INVALID_ARGUMENT; ++ } ++ break; ++ default: ++ break; ++ } + /* Fill in ret from parsed key */ + ret->type = type; + if (sshkey_is_cert(ret)) { +@@ -1705,6 +1707,8 @@ rsa_generate_private_key(u_int bits, RSA + goto out; + + if (EVP_PKEY_keygen(ctx, &res) <= 0) { ++ if (FIPS_mode()) ++ logit_f("the key length might be unsupported by FIPS mode approved key generation method"); ret = SSH_ERR_LIBCRYPTO_ERROR; goto out; } +@@ -2916,6 +2916,11 @@ sshkey_sign(struct sshkey *key, + break; + case KEY_ED25519_SK: + case KEY_ED25519_SK_CERT: ++ if (FIPS_mode()) { ++ logit_f("Ed25519 keys are not allowed in FIPS mode"); ++ return SSH_ERR_INVALID_ARGUMENT; ++ } ++ /* Fallthrough */ + case KEY_ECDSA_SK_CERT: + case KEY_ECDSA_SK: + r = sshsk_sign(sk_provider, key, sigp, lenp, data, +@@ -2973,6 +2978,10 @@ sshkey_verify(const struct sshkey *key, + return ssh_ed25519_verify(key, sig, siglen, data, dlen, compat); + case KEY_ED25519_SK: + case KEY_ED25519_SK_CERT: ++ if (FIPS_mode()) { ++ logit_f("Ed25519 keys are not allowed in FIPS mode"); ++ return SSH_ERR_INVALID_ARGUMENT; ++ } + return ssh_ed25519_sk_verify(key, sig, siglen, data, dlen, + compat, detailsp); + #ifdef WITH_XMSS diff -up openssh-8.6p1/ssh-keygen.c.fips openssh-8.6p1/ssh-keygen.c --- openssh-8.6p1/ssh-keygen.c.fips 2021-04-19 16:53:03.038577662 +0200 +++ openssh-8.6p1/ssh-keygen.c 2021-04-19 16:53:03.068577892 +0200 @@ -426,7 +489,7 @@ diff -up openssh-8.6p1/ssh-keygen.c.fips openssh-8.6p1/ssh-keygen.c + if (FIPS_mode()) { + if (type == KEY_DSA) + fatal("DSA keys are not allowed in FIPS mode"); -+ if (type == KEY_ED25519) ++ if (type == KEY_ED25519 || type == KEY_ED25519_SK) + fatal("ED25519 keys are not allowed in FIPS mode"); + } switch (type) { @@ -451,3 +514,122 @@ diff -up openssh-8.6p1/ssh-keygen.c.fips openssh-8.6p1/ssh-keygen.c if ((fd = mkstemp(prv_tmp)) == -1) { error("Could not save your private key in %s: %s", prv_tmp, strerror(errno)); +diff -up openssh-8.7p1/kexgen.c.fips3 openssh-8.7p1/kexgen.c +--- openssh-8.7p1/kexgen.c.fips3 2022-07-11 16:11:21.973519913 +0200 ++++ openssh-8.7p1/kexgen.c 2022-07-11 16:25:31.172187365 +0200 +@@ -31,6 +31,7 @@ + #include + #include + #include ++#include + + #include "sshkey.h" + #include "kex.h" +@@ -115,10 +116,20 @@ kex_gen_client(struct ssh *ssh) + break; + #endif + case KEX_C25519_SHA256: +- r = kex_c25519_keypair(kex); ++ if (FIPS_mode()) { ++ logit_f("Key exchange type c25519 is not allowed in FIPS mode"); ++ r = SSH_ERR_INVALID_ARGUMENT; ++ } else { ++ r = kex_c25519_keypair(kex); ++ } + break; + case KEX_KEM_SNTRUP761X25519_SHA512: +- r = kex_kem_sntrup761x25519_keypair(kex); ++ if (FIPS_mode()) { ++ logit_f("Key exchange type sntrup761 is not allowed in FIPS mode"); ++ r = SSH_ERR_INVALID_ARGUMENT; ++ } else { ++ r = kex_kem_sntrup761x25519_keypair(kex); ++ } + break; + default: + r = SSH_ERR_INVALID_ARGUMENT; +@@ -186,11 +197,21 @@ input_kex_gen_reply(int type, u_int32_t + break; + #endif + case KEX_C25519_SHA256: +- r = kex_c25519_dec(kex, server_blob, &shared_secret); ++ if (FIPS_mode()) { ++ logit_f("Key exchange type c25519 is not allowed in FIPS mode"); ++ r = SSH_ERR_INVALID_ARGUMENT; ++ } else { ++ r = kex_c25519_dec(kex, server_blob, &shared_secret); ++ } + break; + case KEX_KEM_SNTRUP761X25519_SHA512: +- r = kex_kem_sntrup761x25519_dec(kex, server_blob, +- &shared_secret); ++ if (FIPS_mode()) { ++ logit_f("Key exchange type sntrup761 is not allowed in FIPS mode"); ++ r = SSH_ERR_INVALID_ARGUMENT; ++ } else { ++ r = kex_kem_sntrup761x25519_dec(kex, server_blob, ++ &shared_secret); ++ } + break; + default: + r = SSH_ERR_INVALID_ARGUMENT; +@@ -285,12 +306,22 @@ input_kex_gen_init(int type, u_int32_t s + break; + #endif + case KEX_C25519_SHA256: +- r = kex_c25519_enc(kex, client_pubkey, &server_pubkey, +- &shared_secret); ++ if (FIPS_mode()) { ++ logit_f("Key exchange type c25519 is not allowed in FIPS mode"); ++ r = SSH_ERR_INVALID_ARGUMENT; ++ } else { ++ r = kex_c25519_enc(kex, client_pubkey, &server_pubkey, ++ &shared_secret); ++ } + break; + case KEX_KEM_SNTRUP761X25519_SHA512: +- r = kex_kem_sntrup761x25519_enc(kex, client_pubkey, +- &server_pubkey, &shared_secret); ++ if (FIPS_mode()) { ++ logit_f("Key exchange type sntrup761 is not allowed in FIPS mode"); ++ r = SSH_ERR_INVALID_ARGUMENT; ++ } else { ++ r = kex_kem_sntrup761x25519_enc(kex, client_pubkey, ++ &server_pubkey, &shared_secret); ++ } + break; + default: + r = SSH_ERR_INVALID_ARGUMENT; +diff -up openssh-8.7p1/ssh-ed25519.c.fips3 openssh-8.7p1/ssh-ed25519.c +--- openssh-8.7p1/ssh-ed25519.c.fips3 2022-07-11 16:53:41.428343304 +0200 ++++ openssh-8.7p1/ssh-ed25519.c 2022-07-11 16:56:09.284663661 +0200 +@@ -24,6 +24,7 @@ + + #include + #include ++#include + + #include "log.h" + #include "sshbuf.h" +@@ -52,6 +53,10 @@ ssh_ed25519_sign(const struct sshkey *ke + key->ed25519_sk == NULL || + datalen >= INT_MAX - crypto_sign_ed25519_BYTES) + return SSH_ERR_INVALID_ARGUMENT; ++ if (FIPS_mode()) { ++ logit_f("Ed25519 keys are not allowed in FIPS mode"); ++ return SSH_ERR_INVALID_ARGUMENT; ++ } + smlen = slen = datalen + crypto_sign_ed25519_BYTES; + if ((sig = malloc(slen)) == NULL) + return SSH_ERR_ALLOC_FAIL; +@@ -108,6 +113,10 @@ ssh_ed25519_verify(const struct sshkey * + datalen >= INT_MAX - crypto_sign_ed25519_BYTES || + signature == NULL || signaturelen == 0) + return SSH_ERR_INVALID_ARGUMENT; ++ if (FIPS_mode()) { ++ logit_f("Ed25519 keys are not allowed in FIPS mode"); ++ return SSH_ERR_INVALID_ARGUMENT; ++ } + + if ((b = sshbuf_from(signature, signaturelen)) == NULL) + return SSH_ERR_ALLOC_FAIL; diff --git a/openssh-8.0p1-crypto-policies.patch b/openssh-8.0p1-crypto-policies.patch index 2ad438c..62616aa 100644 --- a/openssh-8.0p1-crypto-policies.patch +++ b/openssh-8.0p1-crypto-policies.patch @@ -1,13 +1,13 @@ -diff -up openssh-8.7p1/ssh_config.5.crypto-policies openssh-8.7p1/ssh_config.5 ---- openssh-8.7p1/ssh_config.5.crypto-policies 2021-08-30 13:29:00.174292872 +0200 -+++ openssh-8.7p1/ssh_config.5 2021-08-30 13:31:32.009548808 +0200 -@@ -373,17 +373,13 @@ or +diff --color -ru a/ssh_config.5 b/ssh_config.5 +--- a/ssh_config.5 2022-07-12 15:05:22.550013071 +0200 ++++ b/ssh_config.5 2022-07-12 15:17:20.016704545 +0200 +@@ -373,17 +373,13 @@ causes no CNAMEs to be considered for canonicalization. This is the default behaviour. .It Cm CASignatureAlgorithms +The default is handled system-wide by +.Xr crypto-policies 7 . -+To see the defaults and how to modify this default, see manual page ++Information about defaults, how to modify the defaults and how to customize existing policies with sub-policies are present in manual page +.Xr update-crypto-policies 8 . +.Pp Specifies which algorithms are allowed for signing of certificates @@ -24,13 +24,13 @@ diff -up openssh-8.7p1/ssh_config.5.crypto-policies openssh-8.7p1/ssh_config.5 If the specified list begins with a .Sq + character, then the specified algorithms will be appended to the default set -@@ -445,20 +441,25 @@ If the option is set to +@@ -445,20 +441,25 @@ (the default), the check will not be executed. .It Cm Ciphers +The default is handled system-wide by +.Xr crypto-policies 7 . -+To see the defaults and how to modify this default, see manual page ++Information about defaults, how to modify the defaults and how to customize existing policies with sub-policies are present in manual page +.Xr update-crypto-policies 8 . +.Pp Specifies the ciphers allowed and their order of preference. @@ -54,7 +54,7 @@ diff -up openssh-8.7p1/ssh_config.5.crypto-policies openssh-8.7p1/ssh_config.5 .Pp The supported ciphers are: .Bd -literal -offset indent -@@ -474,13 +475,6 @@ aes256-gcm@openssh.com +@@ -474,13 +475,6 @@ chacha20-poly1305@openssh.com .Ed .Pp @@ -68,19 +68,19 @@ diff -up openssh-8.7p1/ssh_config.5.crypto-policies openssh-8.7p1/ssh_config.5 The list of available ciphers may also be obtained using .Qq ssh -Q cipher . .It Cm ClearAllForwardings -@@ -874,6 +868,11 @@ command line will be passed untouched to +@@ -874,6 +868,11 @@ The default is .Dq no . .It Cm GSSAPIKexAlgorithms +The default is handled system-wide by +.Xr crypto-policies 7 . -+To see the defaults and how to modify this default, see manual page ++Information about defaults, how to modify the defaults and how to customize existing policies with sub-policies are present in manual page +.Xr update-crypto-policies 8 . +.Pp The list of key exchange algorithms that are offered for GSSAPI key exchange. Possible values are .Bd -literal -offset 3n -@@ -886,10 +885,8 @@ gss-nistp256-sha256-, +@@ -886,10 +885,8 @@ gss-curve25519-sha256- .Ed .Pp @@ -92,13 +92,13 @@ diff -up openssh-8.7p1/ssh_config.5.crypto-policies openssh-8.7p1/ssh_config.5 .It Cm HashKnownHosts Indicates that .Xr ssh 1 -@@ -1219,29 +1216,25 @@ it may be zero or more of: +@@ -1219,29 +1216,25 @@ and .Cm pam . .It Cm KexAlgorithms +The default is handled system-wide by +.Xr crypto-policies 7 . -+To see the defaults and how to modify this default, see manual page ++Information about defaults, how to modify the defaults and how to customize existing policies with sub-policies are present in manual page +.Xr update-crypto-policies 8 . +.Pp Specifies the available KEX (Key Exchange) algorithms. @@ -107,7 +107,7 @@ diff -up openssh-8.7p1/ssh_config.5.crypto-policies openssh-8.7p1/ssh_config.5 .Sq + -character, then the specified algorithms will be appended to the default set -instead of replacing them. -+character, then the specified algorithms will be appended to the built-in ++character, then the specified methods will be appended to the built-in +openssh default set instead of replacing them. If the specified list begins with a .Sq - @@ -131,13 +131,13 @@ diff -up openssh-8.7p1/ssh_config.5.crypto-policies openssh-8.7p1/ssh_config.5 .Pp The list of available key exchange algorithms may also be obtained using .Qq ssh -Q kex . -@@ -1351,37 +1344,33 @@ function, and all code in the +@@ -1351,37 +1344,33 @@ file. This option is intended for debugging and no overrides are enabled by default. .It Cm MACs +The default is handled system-wide by +.Xr crypto-policies 7 . -+To see the defaults and how to modify this default, see manual page ++Information about defaults, how to modify the defaults and how to customize existing policies with sub-policies are present in manual page +.Xr update-crypto-policies 8 . +.Pp Specifies the MAC (message authentication code) algorithms @@ -178,13 +178,13 @@ diff -up openssh-8.7p1/ssh_config.5.crypto-policies openssh-8.7p1/ssh_config.5 The list of available MAC algorithms may also be obtained using .Qq ssh -Q mac . .It Cm NoHostAuthenticationForLocalhost -@@ -1553,36 +1542,25 @@ instead of continuing to execute and pas +@@ -1553,36 +1542,25 @@ The default is .Cm no . .It Cm PubkeyAcceptedAlgorithms +The default is handled system-wide by +.Xr crypto-policies 7 . -+To see the defaults and how to modify this default, see manual page ++Information about defaults, how to modify the defaults and how to customize existing policies with sub-policies are present in manual page +.Xr update-crypto-policies 8 . +.Pp Specifies the signature algorithms that will be used for public key @@ -224,16 +224,16 @@ diff -up openssh-8.7p1/ssh_config.5.crypto-policies openssh-8.7p1/ssh_config.5 .Pp The list of available signature algorithms may also be obtained using .Qq ssh -Q PubkeyAcceptedAlgorithms . -diff -up openssh-8.7p1/sshd_config.5.crypto-policies openssh-8.7p1/sshd_config.5 ---- openssh-8.7p1/sshd_config.5.crypto-policies 2021-08-30 13:29:00.157292731 +0200 -+++ openssh-8.7p1/sshd_config.5 2021-08-30 13:32:16.263918533 +0200 -@@ -373,17 +373,13 @@ If the argument is +diff --color -ru a/sshd_config.5 b/sshd_config.5 +--- a/sshd_config.5 2022-07-12 15:05:22.535012771 +0200 ++++ b/sshd_config.5 2022-07-12 15:15:33.394809258 +0200 +@@ -373,17 +373,13 @@ then no banner is displayed. By default, no banner is displayed. .It Cm CASignatureAlgorithms +The default is handled system-wide by +.Xr crypto-policies 7 . -+To see the defaults and how to modify this default, see manual page ++Information about defaults, how to modify the defaults and how to customize existing policies with sub-policies are present in manual page +.Xr update-crypto-policies 8 . +.Pp Specifies which algorithms are allowed for signing of certificates @@ -250,13 +250,13 @@ diff -up openssh-8.7p1/sshd_config.5.crypto-policies openssh-8.7p1/sshd_config.5 If the specified list begins with a .Sq + character, then the specified algorithms will be appended to the default set -@@ -450,20 +446,25 @@ The default is +@@ -450,20 +446,25 @@ indicating not to .Xr chroot 2 . .It Cm Ciphers +The default is handled system-wide by +.Xr crypto-policies 7 . -+To see the defaults and how to modify this default, see manual page ++Information about defaults, how to modify the defaults and how to customize existing policies with sub-policies are present in manual page +.Xr update-crypto-policies 8 . +.Pp Specifies the ciphers allowed. @@ -280,7 +280,7 @@ diff -up openssh-8.7p1/sshd_config.5.crypto-policies openssh-8.7p1/sshd_config.5 .Pp The supported ciphers are: .Pp -@@ -490,13 +491,6 @@ aes256-gcm@openssh.com +@@ -490,13 +491,6 @@ chacha20-poly1305@openssh.com .El .Pp @@ -294,13 +294,13 @@ diff -up openssh-8.7p1/sshd_config.5.crypto-policies openssh-8.7p1/sshd_config.5 The list of available ciphers may also be obtained using .Qq ssh -Q cipher . .It Cm ClientAliveCountMax -@@ -685,21 +679,22 @@ For this to work +@@ -685,21 +679,22 @@ .Cm GSSAPIKeyExchange needs to be enabled in the server and also used by the client. .It Cm GSSAPIKexAlgorithms +The default is handled system-wide by +.Xr crypto-policies 7 . -+To see the defaults and how to modify this default, see manual page ++Information about defaults, how to modify the defaults and how to customize existing policies with sub-policies are present in manual page +.Xr update-crypto-policies 8 . +.Pp The list of key exchange algorithms that are accepted by GSSAPI @@ -327,13 +327,13 @@ diff -up openssh-8.7p1/sshd_config.5.crypto-policies openssh-8.7p1/sshd_config.5 This option only applies to connections using GSSAPI. .It Cm HostbasedAcceptedAlgorithms Specifies the signature algorithms that will be accepted for hostbased -@@ -799,26 +794,13 @@ is specified, the location of the socket +@@ -799,26 +794,13 @@ .Ev SSH_AUTH_SOCK environment variable. .It Cm HostKeyAlgorithms +The default is handled system-wide by +.Xr crypto-policies 7 . -+To see the defaults and how to modify this default, see manual page ++Information about defaults, how to modify the defaults and how to customize existing policies with sub-policies are present in manual page +.Xr update-crypto-policies 8 . +.Pp Specifies the host key signature algorithms @@ -359,13 +359,13 @@ diff -up openssh-8.7p1/sshd_config.5.crypto-policies openssh-8.7p1/sshd_config.5 The list of available signature algorithms may also be obtained using .Qq ssh -Q HostKeyAlgorithms . .It Cm IgnoreRhosts -@@ -965,20 +947,25 @@ Specifies whether to look at .k5login fi +@@ -965,20 +947,25 @@ The default is .Cm yes . .It Cm KexAlgorithms +The default is handled system-wide by +.Xr crypto-policies 7 . -+To see the defaults and how to modify this default, see manual page ++Information about defaults, how to modify the defaults and how to customize existing policies with sub-policies are present in manual page +.Xr update-crypto-policies 8 . +.Pp Specifies the available KEX (Key Exchange) algorithms. @@ -374,7 +374,7 @@ diff -up openssh-8.7p1/sshd_config.5.crypto-policies openssh-8.7p1/sshd_config.5 .Sq + -character, then the specified algorithms will be appended to the default set -instead of replacing them. -+character, then the specified algorithms will be appended to the built-in ++character, then the specified methods will be appended to the built-in +openssh default set instead of replacing them. If the specified list begins with a .Sq - @@ -389,7 +389,7 @@ diff -up openssh-8.7p1/sshd_config.5.crypto-policies openssh-8.7p1/sshd_config.5 The supported algorithms are: .Pp .Bl -item -compact -offset indent -@@ -1010,15 +997,6 @@ ecdh-sha2-nistp521 +@@ -1010,15 +997,6 @@ sntrup761x25519-sha512@openssh.com .El .Pp @@ -405,13 +405,13 @@ diff -up openssh-8.7p1/sshd_config.5.crypto-policies openssh-8.7p1/sshd_config.5 The list of available key exchange algorithms may also be obtained using .Qq ssh -Q KexAlgorithms . .It Cm ListenAddress -@@ -1104,21 +1082,26 @@ function, and all code in the +@@ -1104,21 +1082,26 @@ file. This option is intended for debugging and no overrides are enabled by default. .It Cm MACs +The default is handled system-wide by +.Xr crypto-policies 7 . -+To see the defaults and how to modify this default, see manual page ++Information about defaults, how to modify the defaults and how to customize existing policies with sub-policies are present in manual page +.Xr update-crypto-policies 8 . +.Pp Specifies the available MAC (message authentication code) algorithms. @@ -436,7 +436,7 @@ diff -up openssh-8.7p1/sshd_config.5.crypto-policies openssh-8.7p1/sshd_config.5 .Pp The algorithms that contain .Qq -etm -@@ -1161,15 +1144,6 @@ umac-64-etm@openssh.com +@@ -1161,15 +1144,6 @@ umac-128-etm@openssh.com .El .Pp @@ -452,13 +452,13 @@ diff -up openssh-8.7p1/sshd_config.5.crypto-policies openssh-8.7p1/sshd_config.5 The list of available MAC algorithms may also be obtained using .Qq ssh -Q mac . .It Cm Match -@@ -1548,37 +1522,25 @@ or equivalent.) +@@ -1548,37 +1522,25 @@ The default is .Cm yes . .It Cm PubkeyAcceptedAlgorithms +The default is handled system-wide by +.Xr crypto-policies 7 . -+To see the defaults and how to modify this default, see manual page ++Information about defaults, how to modify the defaults and how to customize existing policies with sub-policies are present in manual page +.Xr update-crypto-policies 8 . +.Pp Specifies the signature algorithms that will be accepted for public key diff --git a/openssh-8.7p1-evpgenkey.patch b/openssh-8.7p1-evpgenkey.patch new file mode 100644 index 0000000..1af9b49 --- /dev/null +++ b/openssh-8.7p1-evpgenkey.patch @@ -0,0 +1,110 @@ +diff -up openssh-8.7p1/sshkey.c.evpgenrsa openssh-8.7p1/sshkey.c +--- openssh-8.7p1/sshkey.c.evpgenrsa 2022-06-30 15:14:58.200518353 +0200 ++++ openssh-8.7p1/sshkey.c 2022-06-30 15:24:31.499641196 +0200 +@@ -1657,7 +1657,8 @@ sshkey_cert_type(const struct sshkey *k) + static int + rsa_generate_private_key(u_int bits, RSA **rsap) + { +- RSA *private = NULL; ++ EVP_PKEY_CTX *ctx = NULL; ++ EVP_PKEY *res = NULL; + BIGNUM *f4 = NULL; + int ret = SSH_ERR_INTERNAL_ERROR; + +@@ -1667,20 +1668,42 @@ rsa_generate_private_key(u_int bits, RSA + bits > SSHBUF_MAX_BIGNUM * 8) + return SSH_ERR_KEY_LENGTH; + *rsap = NULL; +- if ((private = RSA_new()) == NULL || (f4 = BN_new()) == NULL) { ++ ++ if ((ctx = EVP_PKEY_CTX_new_from_name(NULL, "RSA", NULL)) == NULL ++ || (f4 = BN_new()) == NULL || !BN_set_word(f4, RSA_F4)) { + ret = SSH_ERR_ALLOC_FAIL; + goto out; + } +- if (!BN_set_word(f4, RSA_F4) || +- !RSA_generate_key_ex(private, bits, f4, NULL)) { ++ ++ if (EVP_PKEY_keygen_init(ctx) <= 0) { ++ ret = SSH_ERR_LIBCRYPTO_ERROR; ++ goto out; ++ } ++ ++ if (EVP_PKEY_CTX_set_rsa_keygen_bits(ctx, bits) <= 0) { ++ ret = SSH_ERR_KEY_LENGTH; ++ goto out; ++ } ++ ++ if (EVP_PKEY_CTX_set1_rsa_keygen_pubexp(ctx, f4) <= 0) ++ goto out; ++ ++ if (EVP_PKEY_keygen(ctx, &res) <= 0) { ++ ret = SSH_ERR_LIBCRYPTO_ERROR; ++ goto out; ++ } ++ ++ /* This function is deprecated in OpenSSL 3.0 but OpenSSH doesn't worry about it*/ ++ *rsap = EVP_PKEY_get1_RSA(res); ++ if (*rsap) { ++ ret = 0; ++ } else { + ret = SSH_ERR_LIBCRYPTO_ERROR; + goto out; + } +- *rsap = private; +- private = NULL; +- ret = 0; + out: +- RSA_free(private); ++ EVP_PKEY_CTX_free(ctx); ++ EVP_PKEY_free(res); + BN_free(f4); + return ret; + } +@@ -1820,7 +1820,8 @@ sshkey_ecdsa_key_to_nid(EC_KEY *k) + static int + ecdsa_generate_private_key(u_int bits, int *nid, EC_KEY **ecdsap) + { +- EC_KEY *private; ++ EVP_PKEY_CTX *ctx = NULL; ++ EVP_PKEY *res = NULL; + int ret = SSH_ERR_INTERNAL_ERROR; + + if (nid == NULL || ecdsap == NULL) +@@ -1828,20 +1829,29 @@ ecdsa_generate_private_key(u_int bits, i + if ((*nid = sshkey_ecdsa_bits_to_nid(bits)) == -1) + return SSH_ERR_KEY_LENGTH; + *ecdsap = NULL; +- if ((private = EC_KEY_new_by_curve_name(*nid)) == NULL) { ++ ++ if ((ctx = EVP_PKEY_CTX_new_from_name(NULL, "EC", NULL)) == NULL) { + ret = SSH_ERR_ALLOC_FAIL; + goto out; + } +- if (EC_KEY_generate_key(private) != 1) { ++ ++ if (EVP_PKEY_keygen_init(ctx) <= 0 || EVP_PKEY_CTX_set_group_name(ctx, OBJ_nid2sn(*nid)) <= 0 ++ || EVP_PKEY_keygen(ctx, &res) <= 0) { ++ ret = SSH_ERR_LIBCRYPTO_ERROR; ++ goto out; ++ } ++ /* This function is deprecated in OpenSSL 3.0 but OpenSSH doesn't worry about it*/ ++ *ecdsap = EVP_PKEY_get1_EC_KEY(res); ++ if (*ecdsap) { ++ EC_KEY_set_asn1_flag(*ecdsap, OPENSSL_EC_NAMED_CURVE); ++ ret = 0; ++ } else { + ret = SSH_ERR_LIBCRYPTO_ERROR; + goto out; + } +- EC_KEY_set_asn1_flag(private, OPENSSL_EC_NAMED_CURVE); +- *ecdsap = private; +- private = NULL; +- ret = 0; + out: +- EC_KEY_free(private); ++ EVP_PKEY_CTX_free(ctx); ++ EVP_PKEY_free(res); + return ret; + } + # endif /* OPENSSL_HAS_ECC */ diff --git a/openssh-8.7p1-gssapi-auth.patch b/openssh-8.7p1-gssapi-auth.patch new file mode 100644 index 0000000..6908cad --- /dev/null +++ b/openssh-8.7p1-gssapi-auth.patch @@ -0,0 +1,20 @@ +diff --color -rup a/monitor.c b/monitor.c +--- a/monitor.c 2022-07-11 15:11:28.146863144 +0200 ++++ b/monitor.c 2022-07-11 15:15:35.726655877 +0200 +@@ -376,8 +376,15 @@ monitor_child_preauth(struct ssh *ssh, s + if (ent->flags & (MON_AUTHDECIDE|MON_ALOG)) { + auth_log(ssh, authenticated, partial, + auth_method, auth_submethod); +- if (!partial && !authenticated) ++ if (!partial && !authenticated) { ++#ifdef GSSAPI ++ /* If gssapi-with-mic failed, MONITOR_REQ_GSSCHECKMIC is disabled. ++ * We have to reenable it to try again for gssapi-keyex */ ++ if (strcmp(auth_method, "gssapi-with-mic") == 0 && options.gss_keyex) ++ monitor_permit(mon_dispatch, MONITOR_REQ_GSSCHECKMIC, 1); ++#endif + authctxt->failures++; ++ } + if (authenticated || partial) { + auth2_update_session_info(authctxt, + auth_method, auth_submethod); diff --git a/openssh-8.7p1-host-based-auth.patch b/openssh-8.7p1-host-based-auth.patch new file mode 100644 index 0000000..23efe91 --- /dev/null +++ b/openssh-8.7p1-host-based-auth.patch @@ -0,0 +1,151 @@ +diff --color -rup a/sshconnect2.c b/sshconnect2.c +--- a/sshconnect2.c 2022-07-11 17:00:02.618575727 +0200 ++++ b/sshconnect2.c 2022-07-11 17:03:05.096085690 +0200 +@@ -2288,9 +2288,9 @@ userauth_hostbased(struct ssh *ssh) + if (authctxt->sensitive->keys[i] == NULL || + authctxt->sensitive->keys[i]->type == KEY_UNSPEC) + continue; +- if (match_pattern_list( ++ if (!sshkey_match_keyname_to_sigalgs( + sshkey_ssh_name(authctxt->sensitive->keys[i]), +- authctxt->active_ktype, 0) != 1) ++ authctxt->active_ktype)) + continue; + /* we take and free the key */ + private = authctxt->sensitive->keys[i]; +@@ -2316,7 +2316,8 @@ userauth_hostbased(struct ssh *ssh) + error_f("sshkey_fingerprint failed"); + goto out; + } +- debug_f("trying hostkey %s %s", sshkey_ssh_name(private), fp); ++ debug_f("trying hostkey %s %s using sigalg %s", ++ sshkey_ssh_name(private), fp, authctxt->active_ktype); + + /* figure out a name for the client host */ + lname = get_local_name(ssh_packet_get_connection_in(ssh)); +diff --color -rup a/sshkey.c b/sshkey.c +--- a/sshkey.c 2022-07-11 17:00:02.609575554 +0200 ++++ b/sshkey.c 2022-07-11 17:12:30.905976443 +0200 +@@ -252,6 +252,29 @@ sshkey_ecdsa_nid_from_name(const char *n + return -1; + } + ++int ++sshkey_match_keyname_to_sigalgs(const char *keyname, const char *sigalgs) ++{ ++ int ktype; ++ ++ if (sigalgs == NULL || *sigalgs == '\0' || ++ (ktype = sshkey_type_from_name(keyname)) == KEY_UNSPEC) ++ return 0; ++ else if (ktype == KEY_RSA) { ++ return match_pattern_list("ssh-rsa", sigalgs, 0) == 1 || ++ match_pattern_list("rsa-sha2-256", sigalgs, 0) == 1 || ++ match_pattern_list("rsa-sha2-512", sigalgs, 0) == 1; ++ } else if (ktype == KEY_RSA_CERT) { ++ return match_pattern_list("ssh-rsa-cert-v01@openssh.com", ++ sigalgs, 0) == 1 || ++ match_pattern_list("rsa-sha2-256-cert-v01@openssh.com", ++ sigalgs, 0) == 1 || ++ match_pattern_list("rsa-sha2-512-cert-v01@openssh.com", ++ sigalgs, 0) == 1; ++ } else ++ return match_pattern_list(keyname, sigalgs, 0) == 1; ++} ++ + char * + sshkey_alg_list(int certs_only, int plain_only, int include_sigonly, char sep) + { +diff --color -rup a/sshkey.h b/sshkey.h +--- a/sshkey.h 2022-07-11 17:00:02.603575438 +0200 ++++ b/sshkey.h 2022-07-11 17:13:01.052556879 +0200 +@@ -194,6 +194,10 @@ int sshkey_is_cert(const struct sshkey + int sshkey_is_sk(const struct sshkey *); + int sshkey_type_is_cert(int); + int sshkey_type_plain(int); ++ ++/* Returns non-zero if key name match sigalgs pattern list. (handles RSA) */ ++int sshkey_match_keyname_to_sigalgs(const char *, const char *); ++ + int sshkey_to_certified(struct sshkey *); + int sshkey_drop_cert(struct sshkey *); + int sshkey_cert_copy(const struct sshkey *, struct sshkey *); +diff --color -rup a/ssh-keysign.c b/ssh-keysign.c +--- a/ssh-keysign.c 2021-08-20 06:03:49.000000000 +0200 ++++ b/ssh-keysign.c 2022-07-11 17:00:23.306973667 +0200 +@@ -62,7 +62,7 @@ + extern char *__progname; + + static int +-valid_request(struct passwd *pw, char *host, struct sshkey **ret, ++valid_request(struct passwd *pw, char *host, struct sshkey **ret, char **pkalgp, + u_char *data, size_t datalen) + { + struct sshbuf *b; +@@ -75,6 +75,8 @@ valid_request(struct passwd *pw, char *h + + if (ret != NULL) + *ret = NULL; ++ if (pkalgp != NULL) ++ *pkalgp = NULL; + fail = 0; + + if ((b = sshbuf_from(data, datalen)) == NULL) +@@ -122,8 +124,6 @@ valid_request(struct passwd *pw, char *h + fail++; + } else if (key->type != pktype) + fail++; +- free(pkalg); +- free(pkblob); + + /* client host name, handle trailing dot */ + if ((r = sshbuf_get_cstring(b, &p, &len)) != 0) +@@ -154,8 +154,19 @@ valid_request(struct passwd *pw, char *h + + if (fail) + sshkey_free(key); +- else if (ret != NULL) +- *ret = key; ++ else { ++ if (ret != NULL) { ++ *ret = key; ++ key = NULL; ++ } ++ if (pkalgp != NULL) { ++ *pkalgp = pkalg; ++ pkalg = NULL; ++ } ++ } ++ sshkey_free(key); ++ free(pkalg); ++ free(pkblob); + + return (fail ? -1 : 0); + } +@@ -170,7 +181,7 @@ main(int argc, char **argv) + struct passwd *pw; + int r, key_fd[NUM_KEYTYPES], i, found, version = 2, fd; + u_char *signature, *data, rver; +- char *host, *fp; ++ char *host, *fp, *pkalg; + size_t slen, dlen; + + if (pledge("stdio rpath getpw dns id", NULL) != 0) +@@ -258,7 +269,7 @@ main(int argc, char **argv) + + if ((r = sshbuf_get_string(b, &data, &dlen)) != 0) + fatal_r(r, "%s: buffer error", __progname); +- if (valid_request(pw, host, &key, data, dlen) < 0) ++ if (valid_request(pw, host, &key, &pkalg, data, dlen) < 0) + fatal("%s: not a valid request", __progname); + free(host); + +@@ -279,7 +290,7 @@ main(int argc, char **argv) + } + + if ((r = sshkey_sign(keys[i], &signature, &slen, data, dlen, +- NULL, NULL, NULL, 0)) != 0) ++ pkalg, NULL, NULL, 0)) != 0) + fatal_r(r, "%s: sshkey_sign failed", __progname); + free(data); + diff --git a/openssh-8.7p1-ibmca.patch b/openssh-8.7p1-ibmca.patch new file mode 100644 index 0000000..c9c12ee --- /dev/null +++ b/openssh-8.7p1-ibmca.patch @@ -0,0 +1,12 @@ +--- openssh-8.7p1/openbsd-compat/bsd-closefrom.c.orig 2022-04-12 15:47:03.815044607 +0200 ++++ openssh-8.7p1/openbsd-compat/bsd-closefrom.c 2022-04-12 15:48:12.464963511 +0200 +@@ -16,7 +16,7 @@ + + #include "includes.h" + +-#ifndef HAVE_CLOSEFROM ++#if (!defined HAVE_CLOSEFROM) || (defined __s390__) + + #include + #include + diff --git a/openssh-8.7p1-mem-leak.patch b/openssh-8.7p1-mem-leak.patch new file mode 100644 index 0000000..8c9ac80 --- /dev/null +++ b/openssh-8.7p1-mem-leak.patch @@ -0,0 +1,156 @@ +diff --color -rup a/compat.c b/compat.c +--- a/compat.c 2021-08-20 06:03:49.000000000 +0200 ++++ b/compat.c 2022-07-14 17:39:23.770268440 +0200 +@@ -157,11 +157,12 @@ compat_banner(struct ssh *ssh, const cha + debug_f("no match: %s", version); + } + ++/* Always returns pointer to allocated memory, caller must free. */ + char * + compat_cipher_proposal(struct ssh *ssh, char *cipher_prop) + { + if (!(ssh->compat & SSH_BUG_BIGENDIANAES)) +- return cipher_prop; ++ return xstrdup(cipher_prop); + debug2_f("original cipher proposal: %s", cipher_prop); + if ((cipher_prop = match_filter_denylist(cipher_prop, "aes*")) == NULL) + fatal("match_filter_denylist failed"); +@@ -171,11 +172,12 @@ compat_cipher_proposal(struct ssh *ssh, + return cipher_prop; + } + ++/* Always returns pointer to allocated memory, caller must free. */ + char * + compat_pkalg_proposal(struct ssh *ssh, char *pkalg_prop) + { + if (!(ssh->compat & SSH_BUG_RSASIGMD5)) +- return pkalg_prop; ++ return xstrdup(pkalg_prop); + debug2_f("original public key proposal: %s", pkalg_prop); + if ((pkalg_prop = match_filter_denylist(pkalg_prop, "ssh-rsa")) == NULL) + fatal("match_filter_denylist failed"); +@@ -185,21 +187,26 @@ compat_pkalg_proposal(struct ssh *ssh, c + return pkalg_prop; + } + ++/* Always returns pointer to allocated memory, caller must free. */ + char * + compat_kex_proposal(struct ssh *ssh, char *p) + { ++ char *cp = NULL; ++ + if ((ssh->compat & (SSH_BUG_CURVE25519PAD|SSH_OLD_DHGEX)) == 0) +- return p; ++ return xstrdup(p); + debug2_f("original KEX proposal: %s", p); + if ((ssh->compat & SSH_BUG_CURVE25519PAD) != 0) + if ((p = match_filter_denylist(p, + "curve25519-sha256@libssh.org")) == NULL) + fatal("match_filter_denylist failed"); + if ((ssh->compat & SSH_OLD_DHGEX) != 0) { ++ cp = p; + if ((p = match_filter_denylist(p, + "diffie-hellman-group-exchange-sha256," + "diffie-hellman-group-exchange-sha1")) == NULL) + fatal("match_filter_denylist failed"); ++ free(cp); + } + debug2_f("compat KEX proposal: %s", p); + if (*p == '\0') +diff --color -rup a/sshconnect2.c b/sshconnect2.c +--- a/sshconnect2.c 2022-07-14 17:38:43.241496549 +0200 ++++ b/sshconnect2.c 2022-07-14 17:39:23.772268479 +0200 +@@ -222,6 +222,7 @@ ssh_kex2(struct ssh *ssh, char *host, st + { + char *myproposal[PROPOSAL_MAX] = { KEX_CLIENT }; + char *s, *all_key; ++ char *prop_kex = NULL, *prop_enc = NULL, *prop_hostkey = NULL; + int r, use_known_hosts_order = 0; + + #if defined(GSSAPI) && defined(WITH_OPENSSL) +@@ -252,10 +253,9 @@ ssh_kex2(struct ssh *ssh, char *host, st + + if ((s = kex_names_cat(options.kex_algorithms, "ext-info-c")) == NULL) + fatal_f("kex_names_cat"); +- myproposal[PROPOSAL_KEX_ALGS] = compat_kex_proposal(ssh, s); ++ myproposal[PROPOSAL_KEX_ALGS] = prop_kex = compat_kex_proposal(ssh, s); + myproposal[PROPOSAL_ENC_ALGS_CTOS] = +- compat_cipher_proposal(ssh, options.ciphers); +- myproposal[PROPOSAL_ENC_ALGS_STOC] = ++ myproposal[PROPOSAL_ENC_ALGS_STOC] = prop_enc = + compat_cipher_proposal(ssh, options.ciphers); + myproposal[PROPOSAL_COMP_ALGS_CTOS] = + myproposal[PROPOSAL_COMP_ALGS_STOC] = +@@ -264,12 +264,12 @@ ssh_kex2(struct ssh *ssh, char *host, st + myproposal[PROPOSAL_MAC_ALGS_STOC] = options.macs; + if (use_known_hosts_order) { + /* Query known_hosts and prefer algorithms that appear there */ +- myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = ++ myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = prop_hostkey = + compat_pkalg_proposal(ssh, + order_hostkeyalgs(host, hostaddr, port, cinfo)); + } else { + /* Use specified HostkeyAlgorithms exactly */ +- myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = ++ myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = prop_hostkey = + compat_pkalg_proposal(ssh, options.hostkeyalgorithms); + } + +@@ -383,6 +383,10 @@ ssh_kex2(struct ssh *ssh, char *host, st + (r = ssh_packet_write_wait(ssh)) != 0) + fatal_fr(r, "send packet"); + #endif ++ /* Free only parts of proposal that were dynamically allocated here. */ ++ free(prop_kex); ++ free(prop_enc); ++ free(prop_hostkey); + } + + /* +diff --color -rup a/sshd.c b/sshd.c +--- a/sshd.c 2022-07-14 17:38:43.242496568 +0200 ++++ b/sshd.c 2022-07-14 17:42:07.616388978 +0200 +@@ -2493,14 +2493,15 @@ do_ssh2_kex(struct ssh *ssh) + { + char *myproposal[PROPOSAL_MAX] = { KEX_SERVER }; + struct kex *kex; ++ char *hostkey_types = NULL; ++ char *prop_kex = NULL, *prop_enc = NULL, *prop_hostkey = NULL; + int r; + +- myproposal[PROPOSAL_KEX_ALGS] = compat_kex_proposal(ssh, ++ myproposal[PROPOSAL_KEX_ALGS] = prop_kex = compat_kex_proposal(ssh, + options.kex_algorithms); +- myproposal[PROPOSAL_ENC_ALGS_CTOS] = compat_cipher_proposal(ssh, +- options.ciphers); +- myproposal[PROPOSAL_ENC_ALGS_STOC] = compat_cipher_proposal(ssh, +- options.ciphers); ++ myproposal[PROPOSAL_ENC_ALGS_CTOS] = ++ myproposal[PROPOSAL_ENC_ALGS_STOC] = prop_enc = ++ compat_cipher_proposal(ssh, options.ciphers); + myproposal[PROPOSAL_MAC_ALGS_CTOS] = + myproposal[PROPOSAL_MAC_ALGS_STOC] = options.macs; + +@@ -2513,8 +2514,10 @@ do_ssh2_kex(struct ssh *ssh) + ssh_packet_set_rekey_limits(ssh, options.rekey_limit, + options.rekey_interval); + +- myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = compat_pkalg_proposal( +- ssh, list_hostkey_types()); ++ hostkey_types = list_hostkey_types(); ++ myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = prop_hostkey = ++ compat_pkalg_proposal(ssh, hostkey_types); ++ free(hostkey_types); + + #if defined(GSSAPI) && defined(WITH_OPENSSL) + { +@@ -2606,6 +2609,9 @@ do_ssh2_kex(struct ssh *ssh) + (r = ssh_packet_write_wait(ssh)) != 0) + fatal_fr(r, "send test"); + #endif ++ free(prop_kex); ++ free(prop_enc); ++ free(prop_hostkey); + debug("KEX done"); + } + diff --git a/openssh-8.7p1-minimize-sha1-use.patch b/openssh-8.7p1-minimize-sha1-use.patch new file mode 100644 index 0000000..fc517da --- /dev/null +++ b/openssh-8.7p1-minimize-sha1-use.patch @@ -0,0 +1,207 @@ +diff --color -ru a/clientloop.c b/clientloop.c +--- a/clientloop.c 2022-06-29 16:35:06.677597259 +0200 ++++ b/clientloop.c 2022-06-29 16:40:29.737926205 +0200 +@@ -116,6 +116,9 @@ + #include "ssh-gss.h" + #endif + ++/* Permitted RSA signature algorithms for UpdateHostkeys proofs */ ++#define HOSTKEY_PROOF_RSA_ALGS "rsa-sha2-512,rsa-sha2-256" ++ + /* import options */ + extern Options options; + +@@ -2110,8 +2113,10 @@ + struct hostkeys_update_ctx *ctx = (struct hostkeys_update_ctx *)_ctx; + size_t i, ndone; + struct sshbuf *signdata; +- int r, kexsigtype, use_kexsigtype; ++ int r, plaintype; + const u_char *sig; ++ const char *rsa_kexalg = NULL; ++ char *alg = NULL; + size_t siglen; + + if (ctx->nnew == 0) +@@ -2122,9 +2127,9 @@ + hostkeys_update_ctx_free(ctx); + return; + } +- kexsigtype = sshkey_type_plain( +- sshkey_type_from_name(ssh->kex->hostkey_alg)); +- ++ if (sshkey_type_plain(sshkey_type_from_name( ++ ssh->kex->hostkey_alg)) == KEY_RSA) ++ rsa_kexalg = ssh->kex->hostkey_alg; + if ((signdata = sshbuf_new()) == NULL) + fatal_f("sshbuf_new failed"); + /* +@@ -2135,6 +2140,7 @@ + for (ndone = i = 0; i < ctx->nkeys; i++) { + if (ctx->keys_match[i]) + continue; ++ plaintype = sshkey_type_plain(ctx->keys[i]->type); + /* Prepare data to be signed: session ID, unique string, key */ + sshbuf_reset(signdata); + if ( (r = sshbuf_put_cstring(signdata, +@@ -2148,19 +2154,33 @@ + error_fr(r, "parse sig"); + goto out; + } ++ if ((r = sshkey_get_sigtype(sig, siglen, &alg)) != 0) { ++ error_fr(r, "server gave unintelligible signature " ++ "for %s key %zu", sshkey_type(ctx->keys[i]), i); ++ goto out; ++ } + /* +- * For RSA keys, prefer to use the signature type negotiated +- * during KEX to the default (SHA1). ++ * Special case for RSA keys: if a RSA hostkey was negotiated, ++ * then use its signature type for verification of RSA hostkey ++ * proofs. Otherwise, accept only RSA-SHA256/512 signatures. + */ +- use_kexsigtype = kexsigtype == KEY_RSA && +- sshkey_type_plain(ctx->keys[i]->type) == KEY_RSA; +- debug3_f("verify %s key %zu using %s sigalg", +- sshkey_type(ctx->keys[i]), i, +- use_kexsigtype ? ssh->kex->hostkey_alg : "default"); ++ if (plaintype == KEY_RSA && rsa_kexalg == NULL && ++ match_pattern_list(alg, HOSTKEY_PROOF_RSA_ALGS, 0) != 1) { ++ debug_f("server used untrusted RSA signature algorithm " ++ "%s for key %zu, disregarding", alg, i); ++ free(alg); ++ /* zap the key from the list */ ++ sshkey_free(ctx->keys[i]); ++ ctx->keys[i] = NULL; ++ ndone++; ++ continue; ++ } ++ debug3_f("verify %s key %zu using sigalg %s", ++ sshkey_type(ctx->keys[i]), i, alg); ++ free(alg); + if ((r = sshkey_verify(ctx->keys[i], sig, siglen, + sshbuf_ptr(signdata), sshbuf_len(signdata), +- use_kexsigtype ? ssh->kex->hostkey_alg : NULL, 0, +- NULL)) != 0) { ++ plaintype == KEY_RSA ? rsa_kexalg : NULL, 0, NULL)) != 0) { + error_fr(r, "server gave bad signature for %s key %zu", + sshkey_type(ctx->keys[i]), i); + goto out; +diff --git a/hostfile.c b/hostfile.c +index a035b381..bd49e3ac 100644 +--- a/hostfile.c ++++ b/hostfile.c +@@ -642,7 +642,7 @@ hostfile_replace_entries(const char *filename, const char *host, const char *ip, + /* Re-add the requested keys */ + want = HKF_MATCH_HOST | (ip == NULL ? 0 : HKF_MATCH_IP); + for (i = 0; i < nkeys; i++) { +- if ((want & ctx.match_keys[i]) == want) ++ if (keys[i] == NULL || (want & ctx.match_keys[i]) == want) + continue; + if ((fp = sshkey_fingerprint(keys[i], hash_alg, + SSH_FP_DEFAULT)) == NULL) { +diff --color -ru a/kex.c b/kex.c +--- a/kex.c 2022-06-29 16:35:06.775599179 +0200 ++++ b/kex.c 2022-06-29 16:42:00.839710940 +0200 +@@ -959,6 +959,18 @@ + return (1); + } + ++/* returns non-zero if proposal contains any algorithm from algs */ ++static int ++has_any_alg(const char *proposal, const char *algs) ++{ ++ char *cp; ++ ++ if ((cp = match_list(proposal, algs, NULL)) == NULL) ++ return 0; ++ free(cp); ++ return 1; ++} ++ + static int + kex_choose_conf(struct ssh *ssh) + { +@@ -994,6 +1006,16 @@ + free(ext); + } + ++ /* Check whether client supports rsa-sha2 algorithms */ ++ if (kex->server && (kex->flags & KEX_INITIAL)) { ++ if (has_any_alg(peer[PROPOSAL_SERVER_HOST_KEY_ALGS], ++ "rsa-sha2-256,rsa-sha2-256-cert-v01@openssh.com")) ++ kex->flags |= KEX_RSA_SHA2_256_SUPPORTED; ++ if (has_any_alg(peer[PROPOSAL_SERVER_HOST_KEY_ALGS], ++ "rsa-sha2-512,rsa-sha2-512-cert-v01@openssh.com")) ++ kex->flags |= KEX_RSA_SHA2_512_SUPPORTED; ++ } ++ + /* Algorithm Negotiation */ + if ((r = choose_kex(kex, cprop[PROPOSAL_KEX_ALGS], + sprop[PROPOSAL_KEX_ALGS])) != 0) { +diff --color -ru a/kex.h b/kex.h +--- a/kex.h 2022-06-29 16:35:06.766599003 +0200 ++++ b/kex.h 2022-06-29 16:42:24.199168567 +0200 +@@ -116,6 +116,8 @@ + + #define KEX_INIT_SENT 0x0001 + #define KEX_INITIAL 0x0002 ++#define KEX_RSA_SHA2_256_SUPPORTED 0x0008 /* only set in server for now */ ++#define KEX_RSA_SHA2_512_SUPPORTED 0x0010 /* only set in server for now */ + + struct sshenc { + char *name; +diff --color -ru a/serverloop.c b/serverloop.c +--- a/serverloop.c 2021-08-20 06:03:49.000000000 +0200 ++++ b/serverloop.c 2022-06-29 16:45:05.902336428 +0200 +@@ -684,16 +684,18 @@ + struct sshbuf *resp = NULL; + struct sshbuf *sigbuf = NULL; + struct sshkey *key = NULL, *key_pub = NULL, *key_prv = NULL; +- int r, ndx, kexsigtype, use_kexsigtype, success = 0; ++ int r, ndx, success = 0; + const u_char *blob; ++ const char *sigalg, *kex_rsa_sigalg = NULL; + u_char *sig = 0; + size_t blen, slen; + + if ((resp = sshbuf_new()) == NULL || (sigbuf = sshbuf_new()) == NULL) + fatal_f("sshbuf_new"); + +- kexsigtype = sshkey_type_plain( +- sshkey_type_from_name(ssh->kex->hostkey_alg)); ++ if (sshkey_type_plain(sshkey_type_from_name( ++ ssh->kex->hostkey_alg)) == KEY_RSA) ++ kex_rsa_sigalg = ssh->kex->hostkey_alg; + while (ssh_packet_remaining(ssh) > 0) { + sshkey_free(key); + key = NULL; +@@ -726,16 +728,24 @@ + * For RSA keys, prefer to use the signature type negotiated + * during KEX to the default (SHA1). + */ +- use_kexsigtype = kexsigtype == KEY_RSA && +- sshkey_type_plain(key->type) == KEY_RSA; ++ sigalg = NULL; ++ if (sshkey_type_plain(key->type) == KEY_RSA) { ++ if (kex_rsa_sigalg != NULL) ++ sigalg = kex_rsa_sigalg; ++ else if (ssh->kex->flags & KEX_RSA_SHA2_512_SUPPORTED) ++ sigalg = "rsa-sha2-512"; ++ else if (ssh->kex->flags & KEX_RSA_SHA2_256_SUPPORTED) ++ sigalg = "rsa-sha2-256"; ++ } ++ debug3_f("sign %s key (index %d) using sigalg %s", ++ sshkey_type(key), ndx, sigalg == NULL ? "default" : sigalg); + if ((r = sshbuf_put_cstring(sigbuf, + "hostkeys-prove-00@openssh.com")) != 0 || + (r = sshbuf_put_stringb(sigbuf, + ssh->kex->session_id)) != 0 || + (r = sshkey_puts(key, sigbuf)) != 0 || + (r = ssh->kex->sign(ssh, key_prv, key_pub, &sig, &slen, +- sshbuf_ptr(sigbuf), sshbuf_len(sigbuf), +- use_kexsigtype ? ssh->kex->hostkey_alg : NULL)) != 0 || ++ sshbuf_ptr(sigbuf), sshbuf_len(sigbuf), sigalg)) != 0 || + (r = sshbuf_put_string(resp, sig, slen)) != 0) { + error_fr(r, "assemble signature"); + goto out; diff --git a/openssh-8.7p1-minrsabits.patch b/openssh-8.7p1-minrsabits.patch new file mode 100644 index 0000000..107fe70 --- /dev/null +++ b/openssh-8.7p1-minrsabits.patch @@ -0,0 +1,437 @@ +diff --git a/auth2-hostbased.c b/auth2-hostbased.c +index 2ab222ed6..4e9437912 100644 +--- a/auth2-hostbased.c ++++ b/auth2-hostbased.c +@@ -118,6 +118,10 @@ userauth_hostbased(struct ssh *ssh, const char *method) + "(null)" : key->cert->signature_type); + goto done; + } ++ if ((r = sshkey_check_rsa_length(key, options.rsa_min_size)) != 0) { ++ logit("refusing %s key", sshkey_type(key)); ++ goto done; ++ } + + if (!authctxt->valid || authctxt->user == NULL) { + debug2_f("disabled because of invalid user"); +diff --git a/auth2-pubkey.c b/auth2-pubkey.c +index daa756a01..68e7dea1f 100644 +--- a/auth2-pubkey.c ++++ b/auth2-pubkey.c +@@ -172,6 +172,10 @@ userauth_pubkey(struct ssh *ssh, const char *method) + "(null)" : key->cert->signature_type); + goto done; + } ++ if ((r = sshkey_check_rsa_length(key, options.rsa_min_size)) != 0) { ++ logit("refusing %s key", sshkey_type(key)); ++ goto done; ++ } + key_s = format_key(key); + if (sshkey_is_cert(key)) + ca_s = format_key(key->cert->signature_key); +diff --git a/readconf.c b/readconf.c +index 5b5afa8e3..5e17abd41 100644 +--- a/readconf.c ++++ b/readconf.c +@@ -160,7 +160,7 @@ typedef enum { + oStreamLocalBindMask, oStreamLocalBindUnlink, oRevokedHostKeys, + oFingerprintHash, oUpdateHostkeys, oHostbasedAcceptedAlgorithms, + oPubkeyAcceptedAlgorithms, oCASignatureAlgorithms, oProxyJump, +- oSecurityKeyProvider, oKnownHostsCommand, ++ oSecurityKeyProvider, oKnownHostsCommand, oRSAMinSize, + oIgnore, oIgnoredUnknownOption, oDeprecated, oUnsupported + } OpCodes; + +@@ -306,6 +306,7 @@ static struct { + { "proxyjump", oProxyJump }, + { "securitykeyprovider", oSecurityKeyProvider }, + { "knownhostscommand", oKnownHostsCommand }, ++ { "rsaminsize", oRSAMinSize }, + + { NULL, oBadOption } + }; +@@ -2162,6 +2163,10 @@ process_config_line_depth(Options *options, struct passwd *pw, const char *host, + *charptr = xstrdup(arg); + break; + ++ case oRSAMinSize: ++ intptr = &options->rsa_min_size; ++ goto parse_int; ++ + case oDeprecated: + debug("%s line %d: Deprecated option \"%s\"", + filename, linenum, keyword); +@@ -2409,6 +2414,7 @@ initialize_options(Options * options) + options->hostbased_accepted_algos = NULL; + options->pubkey_accepted_algos = NULL; + options->known_hosts_command = NULL; ++ options->rsa_min_size = -1; + } + + /* +@@ -2598,6 +2604,8 @@ fill_default_options(Options * options) + if (options->sk_provider == NULL) + options->sk_provider = xstrdup("$SSH_SK_PROVIDER"); + #endif ++ if (options->rsa_min_size == -1) ++ options->rsa_min_size = SSH_RSA_MINIMUM_MODULUS_SIZE; + + /* Expand KEX name lists */ + all_cipher = cipher_alg_list(',', 0); +@@ -3287,6 +3295,7 @@ dump_client_config(Options *o, const char *host) + dump_cfg_int(oNumberOfPasswordPrompts, o->number_of_password_prompts); + dump_cfg_int(oServerAliveCountMax, o->server_alive_count_max); + dump_cfg_int(oServerAliveInterval, o->server_alive_interval); ++ dump_cfg_int(oRSAMinSize, o->rsa_min_size); + + /* String options */ + dump_cfg_string(oBindAddress, o->bind_address); +diff --git a/readconf.h b/readconf.h +index f647bd42a..29db353ab 100644 +--- a/readconf.h ++++ b/readconf.h +@@ -176,6 +176,8 @@ typedef struct { + + char *known_hosts_command; + ++ int rsa_min_size; /* minimum size of RSA keys */ ++ + char *ignored_unknown; /* Pattern list of unknown tokens to ignore */ + } Options; + +diff --git a/servconf.c b/servconf.c +index f7317a5cb..362ff5b67 100644 +--- a/servconf.c ++++ b/servconf.c +@@ -177,6 +177,7 @@ initialize_server_options(ServerOptions *options) + options->fingerprint_hash = -1; + options->disable_forwarding = -1; + options->expose_userauth_info = -1; ++ options->rsa_min_size = -1; + } + + /* Returns 1 if a string option is unset or set to "none" or 0 otherwise. */ +@@ -416,6 +417,8 @@ fill_default_server_options(ServerOptions *options) + options->expose_userauth_info = 0; + if (options->sk_provider == NULL) + options->sk_provider = xstrdup("internal"); ++ if (options->rsa_min_size == -1) ++ options->rsa_min_size = SSH_RSA_MINIMUM_MODULUS_SIZE; + + assemble_algorithms(options); + +@@ -489,6 +492,7 @@ typedef enum { + sStreamLocalBindMask, sStreamLocalBindUnlink, + sAllowStreamLocalForwarding, sFingerprintHash, sDisableForwarding, + sExposeAuthInfo, sRDomain, sPubkeyAuthOptions, sSecurityKeyProvider, ++ sRSAMinSize, + sDeprecated, sIgnore, sUnsupported + } ServerOpCodes; + +@@ -632,6 +636,7 @@ static struct { + { "rdomain", sRDomain, SSHCFG_ALL }, + { "casignaturealgorithms", sCASignatureAlgorithms, SSHCFG_ALL }, + { "securitykeyprovider", sSecurityKeyProvider, SSHCFG_GLOBAL }, ++ { "rsaminsize", sRSAMinSize, SSHCFG_ALL }, + { NULL, sBadOption, 0 } + }; + +@@ -2377,6 +2382,10 @@ process_server_config_line_depth(ServerOptions *options, char *line, + *charptr = xstrdup(arg); + break; + ++ case sRSAMinSize: ++ intptr = &options->rsa_min_size; ++ goto parse_int; ++ + case sDeprecated: + case sIgnore: + case sUnsupported: +@@ -2549,6 +2558,7 @@ copy_set_server_options(ServerOptions *dst, ServerOptions *src, int preauth) + M_CP_INTOPT(rekey_limit); + M_CP_INTOPT(rekey_interval); + M_CP_INTOPT(log_level); ++ M_CP_INTOPT(rsa_min_size); + + /* + * The bind_mask is a mode_t that may be unsigned, so we can't use +@@ -2810,6 +2820,7 @@ dump_config(ServerOptions *o) + dump_cfg_int(sMaxSessions, o->max_sessions); + dump_cfg_int(sClientAliveInterval, o->client_alive_interval); + dump_cfg_int(sClientAliveCountMax, o->client_alive_count_max); ++ dump_cfg_int(sRSAMinSize, o->rsa_min_size); + dump_cfg_oct(sStreamLocalBindMask, o->fwd_opts.streamlocal_bind_mask); + + /* formatted integer arguments */ +diff --git a/servconf.h b/servconf.h +index 115db1e79..2e3486906 100644 +--- a/servconf.h ++++ b/servconf.h +@@ -227,6 +227,7 @@ typedef struct { + int expose_userauth_info; + u_int64_t timing_secret; + char *sk_provider; ++ int rsa_min_size; /* minimum size of RSA keys */ + } ServerOptions; + + /* Information about the incoming connection as used by Match */ +diff --git a/ssh.c b/ssh.c +index a926cc007..cd13fb879 100644 +--- a/ssh.c ++++ b/ssh.c +@@ -500,14 +500,22 @@ resolve_canonicalize(char **hostp, int port) + } + + /* +- * Check the result of hostkey loading, ignoring some errors and +- * fatal()ing for others. ++ * Check the result of hostkey loading, ignoring some errors and either ++ * discarding the key or fatal()ing for others. + */ + static void +-check_load(int r, const char *path, const char *message) ++check_load(int r, struct sshkey **k, const char *path, const char *message) + { + switch (r) { + case 0: ++ /* Check RSA keys size and discard if undersized */ ++ if (k != NULL && *k != NULL && ++ (r = sshkey_check_rsa_length(*k, ++ options.rsa_min_size)) != 0) { ++ error_r(r, "load %s \"%s\"", message, path); ++ free(*k); ++ *k = NULL; ++ } + break; + case SSH_ERR_INTERNAL_ERROR: + case SSH_ERR_ALLOC_FAIL: +@@ -1557,12 +1565,13 @@ main(int ac, char **av) + if ((o) >= sensitive_data.nkeys) \ + fatal_f("pubkey out of array bounds"); \ + check_load(sshkey_load_public(p, &(sensitive_data.keys[o]), NULL), \ +- p, "pubkey"); \ ++ &(sensitive_data.keys[o]), p, "pubkey"); \ + } while (0) + #define L_CERT(p,o) do { \ + if ((o) >= sensitive_data.nkeys) \ + fatal_f("cert out of array bounds"); \ +- check_load(sshkey_load_cert(p, &(sensitive_data.keys[o])), p, "cert"); \ ++ check_load(sshkey_load_cert(p, &(sensitive_data.keys[o])), \ ++ &(sensitive_data.keys[o]), p, "cert"); \ + } while (0) + + if (options.hostbased_authentication == 1) { +@@ -2244,7 +2253,7 @@ load_public_identity_files(const struct ssh_conn_info *cinfo) + filename = default_client_percent_dollar_expand(cp, cinfo); + free(cp); + check_load(sshkey_load_public(filename, &public, NULL), +- filename, "pubkey"); ++ &public, filename, "pubkey"); + debug("identity file %s type %d", filename, + public ? public->type : -1); + free(options.identity_files[i]); +@@ -2263,7 +2272,7 @@ load_public_identity_files(const struct ssh_conn_info *cinfo) + continue; + xasprintf(&cp, "%s-cert", filename); + check_load(sshkey_load_public(cp, &public, NULL), +- filename, "pubkey"); ++ &public, filename, "pubkey"); + debug("identity file %s type %d", cp, + public ? public->type : -1); + if (public == NULL) { +@@ -2294,7 +2303,7 @@ load_public_identity_files(const struct ssh_conn_info *cinfo) + free(cp); + + check_load(sshkey_load_public(filename, &public, NULL), +- filename, "certificate"); ++ &public, filename, "certificate"); + debug("certificate file %s type %d", filename, + public ? public->type : -1); + free(options.certificate_files[i]); +diff --git a/sshconnect2.c b/sshconnect2.c +index 67f8e0309..d050c1656 100644 +--- a/sshconnect2.c ++++ b/sshconnect2.c +@@ -91,6 +91,10 @@ static const struct ssh_conn_info *xxx_conn_info; + static int + verify_host_key_callback(struct sshkey *hostkey, struct ssh *ssh) + { ++ int r; ++ ++ if ((r = sshkey_check_rsa_length(hostkey, options.rsa_min_size)) != 0) ++ fatal_r(r, "Bad server host key"); + if (verify_host_key(xxx_host, xxx_hostaddr, hostkey, + xxx_conn_info) == -1) + fatal("Host key verification failed."); +@@ -1762,6 +1762,12 @@ load_identity_file(Identity *id) + private = NULL; + quit = 1; + } ++ if (r = sshkey_check_rsa_length(private, options.rsa_min_size) != 0) { ++ debug_fr(r, "Skipping key %s", id->filename); ++ sshkey_free(private); ++ private = NULL; ++ quit = 1; ++ } + if (!quit && private != NULL && id->agent_fd == -1 && + !(id->key && id->isprivate)) + maybe_add_key_to_agent(id->filename, private, comment, +@@ -1747,6 +1751,12 @@ pubkey_prepare(struct ssh *ssh, Authctxt *authctxt) + close(agent_fd); + } else { + for (j = 0; j < idlist->nkeys; j++) { ++ if ((r = sshkey_check_rsa_length(idlist->keys[j], ++ options.rsa_min_size)) != 0) { ++ debug_fr(r, "ignoring %s agent key", ++ sshkey_ssh_name(idlist->keys[j])); ++ continue; ++ } + found = 0; + TAILQ_FOREACH(id, &files, next) { + /* +diff --git a/sshd.c b/sshd.c +index d26eb86ae..5f36905a1 100644 +--- a/sshd.c ++++ b/sshd.c +@@ -1746,6 +1746,13 @@ main(int ac, char **av) + fatal_r(r, "Could not demote key: \"%s\"", + options.host_key_files[i]); + } ++ if (pubkey != NULL && (r = sshkey_check_rsa_length(pubkey, ++ options.rsa_min_size)) != 0) { ++ error_fr(r, "Host key %s", options.host_key_files[i]); ++ sshkey_free(pubkey); ++ sshkey_free(key); ++ continue; ++ } + sensitive_data.host_keys[i] = key; + sensitive_data.host_pubkeys[i] = pubkey; + +diff --git a/sshkey.c b/sshkey.c +index 47864e6d8..8bad6bd99 100644 +--- a/sshkey.c ++++ b/sshkey.c +@@ -2319,18 +2319,24 @@ cert_parse(struct sshbuf *b, struct sshkey *key, struct sshbuf *certbuf) + return ret; + } + +-#ifdef WITH_OPENSSL +-static int +-check_rsa_length(const RSA *rsa) ++int ++sshkey_check_rsa_length(const struct sshkey *k, int min_size) + { ++#ifdef WITH_OPENSSL + const BIGNUM *rsa_n; ++ int nbits; + +- RSA_get0_key(rsa, &rsa_n, NULL, NULL); +- if (BN_num_bits(rsa_n) < SSH_RSA_MINIMUM_MODULUS_SIZE) ++ if (k == NULL || k->rsa == NULL || ++ (k->type != KEY_RSA && k->type != KEY_RSA_CERT)) ++ return 0; ++ RSA_get0_key(k->rsa, &rsa_n, NULL, NULL); ++ nbits = BN_num_bits(rsa_n); ++ if (nbits < SSH_RSA_MINIMUM_MODULUS_SIZE || ++ (min_size > 0 && nbits < min_size)) + return SSH_ERR_KEY_LENGTH; ++#endif /* WITH_OPENSSL */ + return 0; + } +-#endif + + static int + sshkey_from_blob_internal(struct sshbuf *b, struct sshkey **keyp, +@@ -2391,7 +2397,7 @@ sshkey_from_blob_internal(struct sshbuf *b, struct sshkey **keyp, + goto out; + } + rsa_n = rsa_e = NULL; /* transferred */ +- if ((ret = check_rsa_length(key->rsa)) != 0) ++ if ((ret = sshkey_check_rsa_length(key, 0)) != 0) + goto out; + #ifdef DEBUG_PK + RSA_print_fp(stderr, key->rsa, 8); +@@ -3580,7 +3586,7 @@ sshkey_private_deserialize(struct sshbuf *buf, struct sshkey **kp) + goto out; + } + rsa_p = rsa_q = NULL; /* transferred */ +- if ((r = check_rsa_length(k->rsa)) != 0) ++ if ((r = sshkey_check_rsa_length(k, 0)) != 0) + goto out; + if ((r = ssh_rsa_complete_crt_parameters(k, rsa_iqmp)) != 0) + goto out; +@@ -4566,7 +4572,7 @@ sshkey_parse_private_pem_fileblob(struct sshbuf *blob, int type, + r = SSH_ERR_LIBCRYPTO_ERROR; + goto out; + } +- if ((r = check_rsa_length(prv->rsa)) != 0) ++ if ((r = sshkey_check_rsa_length(prv, 0)) != 0) + goto out; + } else if (EVP_PKEY_base_id(pk) == EVP_PKEY_DSA && + (type == KEY_UNSPEC || type == KEY_DSA)) { +diff --git a/sshkey.h b/sshkey.h +index 125cadb64..52e879456 100644 +--- a/sshkey.h ++++ b/sshkey.h +@@ -267,6 +267,7 @@ int sshkey_parse_private_fileblob_type(struct sshbuf *blob, int type, + int sshkey_parse_pubkey_from_private_fileblob_type(struct sshbuf *blob, + int type, struct sshkey **pubkeyp); + ++int sshkey_check_rsa_length(const struct sshkey *, int); + /* XXX should be internal, but used by ssh-keygen */ + int ssh_rsa_complete_crt_parameters(struct sshkey *, const BIGNUM *); + +diff --git a/ssh.1 b/ssh.1 +index b4956aec..b1a40ebd 100644 +--- a/ssh.1 ++++ b/ssh.1 +@@ -554,6 +554,7 @@ For full details of the options listed below, and their possible values, see + .It LogLevel + .It MACs + .It Match ++.It RSAMinSize + .It NoHostAuthenticationForLocalhost + .It NumberOfPasswordPrompts + .It PasswordAuthentication +diff --git a/ssh_config.5 b/ssh_config.5 +index 24a46460..68771e4b 100644 +--- a/ssh_config.5 ++++ b/ssh_config.5 +@@ -1322,6 +1322,10 @@ The argument to this keyword must be + or + .Cm no + (the default). ++.It Cm RSAMinSize ++Provides a minimal bits requirement for RSA keys when used for signature and ++verification but not for the key generation. The default value is 1024 and ++can't be reduced. + .It Cm NumberOfPasswordPrompts + Specifies the number of password prompts before giving up. + The argument to this keyword must be an integer. +diff --git a/sshd_config.5 b/sshd_config.5 +index 867a747d..e08811ca 100644 +--- a/sshd_config.5 ++++ b/sshd_config.5 +@@ -1266,6 +1266,10 @@ will refuse connection attempts with a probability of rate/100 (30%) + if there are currently start (10) unauthenticated connections. + The probability increases linearly and all connection attempts + are refused if the number of unauthenticated connections reaches full (60). ++.It Cm RSAMinSize ++Provides a minimal bits requirement for RSA keys when used for signature and ++verification but not for the key generation. The default value is 1024 and ++can't be reduced. + .It Cm ModuliFile + Specifies the + .Xr moduli 5 +diff --git a/sshkey.h b/sshkey.h +index 094815e0..2bb8cb90 100644 +--- a/sshkey.h ++++ b/sshkey.h +@@ -286,6 +286,8 @@ int sshkey_private_serialize_maxsign(struct sshkey *key, + + void sshkey_sig_details_free(struct sshkey_sig_details *); + ++int ssh_set_rsa_min_bits(int minbits); ++ + #ifdef SSHKEY_INTERNAL + int ssh_rsa_sign(const struct sshkey *key, + u_char **sigp, size_t *lenp, const u_char *data, size_t datalen, diff --git a/openssh-8.7p1-negotiate-supported-algs.patch b/openssh-8.7p1-negotiate-supported-algs.patch new file mode 100644 index 0000000..2fb9297 --- /dev/null +++ b/openssh-8.7p1-negotiate-supported-algs.patch @@ -0,0 +1,63 @@ +diff --color -rup a/regress/hostkey-agent.sh b/regress/hostkey-agent.sh +--- a/regress/hostkey-agent.sh 2021-08-20 06:03:49.000000000 +0200 ++++ b/regress/hostkey-agent.sh 2022-07-14 11:58:12.172786060 +0200 +@@ -13,8 +13,12 @@ r=$? + grep -vi 'hostkey' $OBJ/sshd_proxy > $OBJ/sshd_proxy.orig + echo "HostKeyAgent $SSH_AUTH_SOCK" >> $OBJ/sshd_proxy.orig + ++PUBKEY_ACCEPTED_ALGOS=`$SSH -G "example.com" | \ ++ grep -i "PubkeyAcceptedAlgorithms" | cut -d ' ' -f2- | tr "," "|"` ++SSH_ACCEPTED_KEYTYPES=`echo "$SSH_KEYTYPES" | egrep "$PUBKEY_ACCEPTED_ALGOS"` ++ + trace "load hostkeys" +-for k in $SSH_KEYTYPES ; do ++for k in $SSH_ACCEPTED_KEYTYPES ; do + ${SSHKEYGEN} -qt $k -f $OBJ/agent-key.$k -N '' || fatal "ssh-keygen $k" + ( + printf 'localhost-with-alias,127.0.0.1,::1 ' +@@ -31,7 +35,7 @@ cp $OBJ/known_hosts.orig $OBJ/known_host + unset SSH_AUTH_SOCK + + for ps in yes; do +- for k in $SSH_KEYTYPES ; do ++ for k in $SSH_ACCEPTED_KEYTYPES ; do + verbose "key type $k privsep=$ps" + cp $OBJ/sshd_proxy.orig $OBJ/sshd_proxy + echo "UsePrivilegeSeparation $ps" >> $OBJ/sshd_proxy +diff --color -rup a/sshconnect2.c b/sshconnect2.c +--- a/sshconnect2.c 2022-07-14 10:10:07.262975710 +0200 ++++ b/sshconnect2.c 2022-07-14 10:10:32.068452067 +0200 +@@ -222,6 +222,7 @@ ssh_kex2(struct ssh *ssh, char *host, st + { + char *myproposal[PROPOSAL_MAX] = { KEX_CLIENT }; + char *s, *all_key; ++ char *hostkeyalgs = NULL, *pkalg = NULL; + char *prop_kex = NULL, *prop_enc = NULL, *prop_hostkey = NULL; + int r, use_known_hosts_order = 0; + +@@ -264,14 +265,19 @@ ssh_kex2(struct ssh *ssh, char *host, st + myproposal[PROPOSAL_MAC_ALGS_STOC] = options.macs; + if (use_known_hosts_order) { + /* Query known_hosts and prefer algorithms that appear there */ +- myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = prop_hostkey = +- compat_pkalg_proposal(ssh, +- order_hostkeyalgs(host, hostaddr, port, cinfo)); ++ if ((hostkeyalgs = order_hostkeyalgs(host, hostaddr, port, cinfo)) == NULL) ++ fatal_f("order_hostkeyalgs"); ++ pkalg = match_filter_allowlist(hostkeyalgs, options.pubkey_accepted_algos); ++ free(hostkeyalgs); + } else { +- /* Use specified HostkeyAlgorithms exactly */ +- myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = prop_hostkey = +- compat_pkalg_proposal(ssh, options.hostkeyalgorithms); ++ /* Use specified HostkeyAlgorithms */ ++ pkalg = match_filter_allowlist(options.hostkeyalgorithms, options.pubkey_accepted_algos); + } ++ if (pkalg == NULL) ++ fatal_f("match_filter_allowlist"); ++ myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = prop_hostkey = ++ compat_pkalg_proposal(ssh, pkalg); ++ free(pkalg); + + #if defined(GSSAPI) && defined(WITH_OPENSSL) + if (options.gss_keyex) { diff --git a/openssh-8.7p1-recursive-scp.patch b/openssh-8.7p1-recursive-scp.patch new file mode 100644 index 0000000..25765fb --- /dev/null +++ b/openssh-8.7p1-recursive-scp.patch @@ -0,0 +1,174 @@ +diff -up openssh-8.7p1/scp.c.scp-sftpdirs openssh-8.7p1/scp.c +--- openssh-8.7p1/scp.c.scp-sftpdirs 2022-02-07 12:31:07.407740407 +0100 ++++ openssh-8.7p1/scp.c 2022-02-07 12:31:07.409740424 +0100 +@@ -1324,7 +1324,7 @@ source_sftp(int argc, char *src, char *t + + if (src_is_dir && iamrecursive) { + if (upload_dir(conn, src, abs_dst, pflag, +- SFTP_PROGRESS_ONLY, 0, 0, 1) != 0) { ++ SFTP_PROGRESS_ONLY, 0, 0, 1, 1) != 0) { + error("failed to upload directory %s to %s", + src, abs_dst); + errs = 1; +diff -up openssh-8.7p1/sftp-client.c.scp-sftpdirs openssh-8.7p1/sftp-client.c +--- openssh-8.7p1/sftp-client.c.scp-sftpdirs 2021-08-20 06:03:49.000000000 +0200 ++++ openssh-8.7p1/sftp-client.c 2022-02-07 12:47:59.117516131 +0100 +@@ -971,7 +971,7 @@ do_fsetstat(struct sftp_conn *conn, cons + + /* Implements both the realpath and expand-path operations */ + static char * +-do_realpath_expand(struct sftp_conn *conn, const char *path, int expand) ++do_realpath_expand(struct sftp_conn *conn, const char *path, int expand, int create_dir) + { + struct sshbuf *msg; + u_int expected_id, count, id; +@@ -1012,9 +1012,38 @@ do_realpath_expand(struct sftp_conn *con + + if ((r = sshbuf_get_u32(msg, &status)) != 0) + fatal_fr(r, "parse status"); +- error("Couldn't canonicalize: %s", fx2txt(status)); +- sshbuf_free(msg); +- return NULL; ++ if ((status == SSH2_FX_NO_SUCH_FILE) && create_dir) { ++ memset(&a, '\0', sizeof(a)); ++ if ((r = do_mkdir(conn, path, &a, 0)) != 0) { ++ sshbuf_free(msg); ++ return NULL; ++ } ++ ++ send_string_request(conn, id, SSH2_FXP_REALPATH, ++ path, strlen(path)); ++ ++ get_msg(conn, msg); ++ if ((r = sshbuf_get_u8(msg, &type)) != 0 || ++ (r = sshbuf_get_u32(msg, &id)) != 0) ++ fatal_fr(r, "parse"); ++ ++ if (id != expected_id) ++ fatal("ID mismatch (%u != %u)", id, expected_id); ++ ++ if (type == SSH2_FXP_STATUS) { ++ u_int status; ++ ++ if ((r = sshbuf_get_u32(msg, &status)) != 0) ++ fatal_fr(r, "parse status"); ++ error("Couldn't canonicalize: %s", fx2txt(status)); ++ sshbuf_free(msg); ++ return NULL; ++ } ++ } else { ++ error("Couldn't canonicalize: %s", fx2txt(status)); ++ sshbuf_free(msg); ++ return NULL; ++ } + } else if (type != SSH2_FXP_NAME) + fatal("Expected SSH2_FXP_NAME(%u) packet, got %u", + SSH2_FXP_NAME, type); +@@ -1039,9 +1067,9 @@ do_realpath_expand(struct sftp_conn *con + } + + char * +-do_realpath(struct sftp_conn *conn, const char *path) ++do_realpath(struct sftp_conn *conn, const char *path, int create_dir) + { +- return do_realpath_expand(conn, path, 0); ++ return do_realpath_expand(conn, path, 0, create_dir); + } + + int +@@ -1055,9 +1083,9 @@ do_expand_path(struct sftp_conn *conn, c + { + if (!can_expand_path(conn)) { + debug3_f("no server support, fallback to realpath"); +- return do_realpath_expand(conn, path, 0); ++ return do_realpath_expand(conn, path, 0, 0); + } +- return do_realpath_expand(conn, path, 1); ++ return do_realpath_expand(conn, path, 1, 0); + } + + int +@@ -1807,7 +1835,7 @@ download_dir(struct sftp_conn *conn, con + char *src_canon; + int ret; + +- if ((src_canon = do_realpath(conn, src)) == NULL) { ++ if ((src_canon = do_realpath(conn, src, 0)) == NULL) { + error("Unable to canonicalize path \"%s\"", src); + return -1; + } +@@ -2115,12 +2143,12 @@ upload_dir_internal(struct sftp_conn *co + int + upload_dir(struct sftp_conn *conn, const char *src, const char *dst, + int preserve_flag, int print_flag, int resume, int fsync_flag, +- int follow_link_flag) ++ int follow_link_flag, int create_dir) + { + char *dst_canon; + int ret; + +- if ((dst_canon = do_realpath(conn, dst)) == NULL) { ++ if ((dst_canon = do_realpath(conn, dst, create_dir)) == NULL) { + error("Unable to canonicalize path \"%s\"", dst); + return -1; + } +@@ -2557,7 +2585,7 @@ crossload_dir(struct sftp_conn *from, st + char *from_path_canon; + int ret; + +- if ((from_path_canon = do_realpath(from, from_path)) == NULL) { ++ if ((from_path_canon = do_realpath(from, from_path, 0)) == NULL) { + error("Unable to canonicalize path \"%s\"", from_path); + return -1; + } +diff -up openssh-8.7p1/sftp-client.h.scp-sftpdirs openssh-8.7p1/sftp-client.h +--- openssh-8.7p1/sftp-client.h.scp-sftpdirs 2021-08-20 06:03:49.000000000 +0200 ++++ openssh-8.7p1/sftp-client.h 2022-02-07 12:31:07.410740433 +0100 +@@ -111,7 +111,7 @@ int do_fsetstat(struct sftp_conn *, cons + int do_lsetstat(struct sftp_conn *conn, const char *path, Attrib *a); + + /* Canonicalise 'path' - caller must free result */ +-char *do_realpath(struct sftp_conn *, const char *); ++char *do_realpath(struct sftp_conn *, const char *, int); + + /* Canonicalisation with tilde expansion (requires server extension) */ + char *do_expand_path(struct sftp_conn *, const char *); +@@ -159,7 +159,7 @@ int do_upload(struct sftp_conn *, const + * times if 'pflag' is set + */ + int upload_dir(struct sftp_conn *, const char *, const char *, int, int, int, +- int, int); ++ int, int, int); + + /* + * Download a 'from_path' from the 'from' connection and upload it to +diff -up openssh-8.7p1/sftp.c.scp-sftpdirs openssh-8.7p1/sftp.c +--- openssh-8.7p1/sftp.c.scp-sftpdirs 2021-08-20 06:03:49.000000000 +0200 ++++ openssh-8.7p1/sftp.c 2022-02-07 12:31:07.411740442 +0100 +@@ -760,7 +760,7 @@ process_put(struct sftp_conn *conn, cons + if (globpath_is_dir(g.gl_pathv[i]) && (rflag || global_rflag)) { + if (upload_dir(conn, g.gl_pathv[i], abs_dst, + pflag || global_pflag, 1, resume, +- fflag || global_fflag, 0) == -1) ++ fflag || global_fflag, 0, 0) == -1) + err = -1; + } else { + if (do_upload(conn, g.gl_pathv[i], abs_dst, +@@ -1577,7 +1577,7 @@ parse_dispatch_command(struct sftp_conn + if (path1 == NULL || *path1 == '\0') + path1 = xstrdup(startdir); + path1 = make_absolute(path1, *pwd); +- if ((tmp = do_realpath(conn, path1)) == NULL) { ++ if ((tmp = do_realpath(conn, path1, 0)) == NULL) { + err = 1; + break; + } +@@ -2160,7 +2160,7 @@ interactive_loop(struct sftp_conn *conn, + } + #endif /* USE_LIBEDIT */ + +- remote_path = do_realpath(conn, "."); ++ remote_path = do_realpath(conn, ".", 0); + if (remote_path == NULL) + fatal("Need cwd"); + startdir = xstrdup(remote_path); diff --git a/openssh-8.7p1-scp-clears-file.patch b/openssh-8.7p1-scp-clears-file.patch new file mode 100644 index 0000000..4c033da --- /dev/null +++ b/openssh-8.7p1-scp-clears-file.patch @@ -0,0 +1,304 @@ +diff --color -rup a/scp.c b/scp.c +--- a/scp.c 2022-07-26 14:51:40.560120817 +0200 ++++ b/scp.c 2022-07-26 14:52:37.118213004 +0200 +@@ -1324,12 +1324,12 @@ source_sftp(int argc, char *src, char *t + + if (src_is_dir && iamrecursive) { + if (upload_dir(conn, src, abs_dst, pflag, +- SFTP_PROGRESS_ONLY, 0, 0, 1, 1) != 0) { ++ SFTP_PROGRESS_ONLY, 0, 0, 1, 1, 1) != 0) { + error("failed to upload directory %s to %s", + src, abs_dst); + errs = 1; + } +- } else if (do_upload(conn, src, abs_dst, pflag, 0, 0) != 0) { ++ } else if (do_upload(conn, src, abs_dst, pflag, 0, 0, 1) != 0) { + error("failed to upload file %s to %s", src, abs_dst); + errs = 1; + } +@@ -1566,11 +1566,11 @@ sink_sftp(int argc, char *dst, const cha + debug("Fetching %s to %s\n", g.gl_pathv[i], abs_dst); + if (globpath_is_dir(g.gl_pathv[i]) && iamrecursive) { + if (download_dir(conn, g.gl_pathv[i], abs_dst, NULL, +- pflag, SFTP_PROGRESS_ONLY, 0, 0, 1) == -1) ++ pflag, SFTP_PROGRESS_ONLY, 0, 0, 1, 1) == -1) + err = -1; + } else { + if (do_download(conn, g.gl_pathv[i], abs_dst, NULL, +- pflag, 0, 0) == -1) ++ pflag, 0, 0, 1) == -1) + err = -1; + } + free(abs_dst); +diff --color -rup a/sftp.c b/sftp.c +--- a/sftp.c 2022-07-26 14:51:40.561120836 +0200 ++++ b/sftp.c 2022-07-26 14:52:37.119213023 +0200 +@@ -666,12 +666,12 @@ process_get(struct sftp_conn *conn, cons + if (globpath_is_dir(g.gl_pathv[i]) && (rflag || global_rflag)) { + if (download_dir(conn, g.gl_pathv[i], abs_dst, NULL, + pflag || global_pflag, 1, resume, +- fflag || global_fflag, 0) == -1) ++ fflag || global_fflag, 0, 0) == -1) + err = -1; + } else { + if (do_download(conn, g.gl_pathv[i], abs_dst, NULL, + pflag || global_pflag, resume, +- fflag || global_fflag) == -1) ++ fflag || global_fflag, 0) == -1) + err = -1; + } + free(abs_dst); +@@ -760,12 +760,12 @@ process_put(struct sftp_conn *conn, cons + if (globpath_is_dir(g.gl_pathv[i]) && (rflag || global_rflag)) { + if (upload_dir(conn, g.gl_pathv[i], abs_dst, + pflag || global_pflag, 1, resume, +- fflag || global_fflag, 0, 0) == -1) ++ fflag || global_fflag, 0, 0, 0) == -1) + err = -1; + } else { + if (do_upload(conn, g.gl_pathv[i], abs_dst, + pflag || global_pflag, resume, +- fflag || global_fflag) == -1) ++ fflag || global_fflag, 0) == -1) + err = -1; + } + } +diff --color -rup a/sftp-client.c b/sftp-client.c +--- a/sftp-client.c 2022-07-26 14:51:40.561120836 +0200 ++++ b/sftp-client.c 2022-07-26 15:09:54.825295533 +0200 +@@ -1454,7 +1454,7 @@ progress_meter_path(const char *path) + int + do_download(struct sftp_conn *conn, const char *remote_path, + const char *local_path, Attrib *a, int preserve_flag, int resume_flag, +- int fsync_flag) ++ int fsync_flag, int inplace_flag) + { + struct sshbuf *msg; + u_char *handle; +@@ -1498,8 +1498,8 @@ do_download(struct sftp_conn *conn, cons + &handle, &handle_len) != 0) + return -1; + +- local_fd = open(local_path, +- O_WRONLY | O_CREAT | (resume_flag ? 0 : O_TRUNC), mode | S_IWUSR); ++ local_fd = open(local_path, O_WRONLY | O_CREAT | ++ ((resume_flag || inplace_flag) ? 0 : O_TRUNC), mode | S_IWUSR); + if (local_fd == -1) { + error("Couldn't open local file \"%s\" for writing: %s", + local_path, strerror(errno)); +@@ -1661,8 +1661,11 @@ do_download(struct sftp_conn *conn, cons + /* Sanity check */ + if (TAILQ_FIRST(&requests) != NULL) + fatal("Transfer complete, but requests still in queue"); +- /* Truncate at highest contiguous point to avoid holes on interrupt */ +- if (read_error || write_error || interrupted) { ++ /* ++ * Truncate at highest contiguous point to avoid holes on interrupt, ++ * or unconditionally if writing in place. ++ */ ++ if (inplace_flag || read_error || write_error || interrupted) { + if (reordered && resume_flag) { + error("Unable to resume download of \"%s\": " + "server reordered requests", local_path); +@@ -1724,7 +1727,7 @@ do_download(struct sftp_conn *conn, cons + static int + download_dir_internal(struct sftp_conn *conn, const char *src, const char *dst, + int depth, Attrib *dirattrib, int preserve_flag, int print_flag, +- int resume_flag, int fsync_flag, int follow_link_flag) ++ int resume_flag, int fsync_flag, int follow_link_flag, int inplace_flag) + { + int i, ret = 0; + SFTP_DIRENT **dir_entries; +@@ -1781,7 +1784,7 @@ download_dir_internal(struct sftp_conn * + if (download_dir_internal(conn, new_src, new_dst, + depth + 1, &(dir_entries[i]->a), preserve_flag, + print_flag, resume_flag, +- fsync_flag, follow_link_flag) == -1) ++ fsync_flag, follow_link_flag, inplace_flag) == -1) + ret = -1; + } else if (S_ISREG(dir_entries[i]->a.perm) || + (follow_link_flag && S_ISLNK(dir_entries[i]->a.perm))) { +@@ -1793,7 +1796,8 @@ download_dir_internal(struct sftp_conn * + if (do_download(conn, new_src, new_dst, + S_ISLNK(dir_entries[i]->a.perm) ? NULL : + &(dir_entries[i]->a), +- preserve_flag, resume_flag, fsync_flag) == -1) { ++ preserve_flag, resume_flag, fsync_flag, ++ inplace_flag) == -1) { + error("Download of file %s to %s failed", + new_src, new_dst); + ret = -1; +@@ -1831,7 +1835,7 @@ download_dir_internal(struct sftp_conn * + int + download_dir(struct sftp_conn *conn, const char *src, const char *dst, + Attrib *dirattrib, int preserve_flag, int print_flag, int resume_flag, +- int fsync_flag, int follow_link_flag) ++ int fsync_flag, int follow_link_flag, int inplace_flag) + { + char *src_canon; + int ret; +@@ -1843,26 +1847,25 @@ download_dir(struct sftp_conn *conn, con + + ret = download_dir_internal(conn, src_canon, dst, 0, + dirattrib, preserve_flag, print_flag, resume_flag, fsync_flag, +- follow_link_flag); ++ follow_link_flag, inplace_flag); + free(src_canon); + return ret; + } + + int + do_upload(struct sftp_conn *conn, const char *local_path, +- const char *remote_path, int preserve_flag, int resume, int fsync_flag) ++ const char *remote_path, int preserve_flag, int resume, ++ int fsync_flag, int inplace_flag) + { + int r, local_fd; +- u_int status = SSH2_FX_OK; +- u_int id; +- u_char type; ++ u_int openmode, id, status = SSH2_FX_OK, reordered = 0; + off_t offset, progress_counter; +- u_char *handle, *data; ++ u_char type, *handle, *data; + struct sshbuf *msg; + struct stat sb; +- Attrib a, *c = NULL; +- u_int32_t startid; +- u_int32_t ackid; ++ Attrib a, t, *c = NULL; ++ u_int32_t startid, ackid; ++ u_int64_t highwater = 0; + struct request *ack = NULL; + struct requests acks; + size_t handle_len; +@@ -1913,10 +1916,15 @@ do_upload(struct sftp_conn *conn, const + } + } + ++ openmode = SSH2_FXF_WRITE|SSH2_FXF_CREAT; ++ if (resume) ++ openmode |= SSH2_FXF_APPEND; ++ else if (!inplace_flag) ++ openmode |= SSH2_FXF_TRUNC; ++ + /* Send open request */ +- if (send_open(conn, remote_path, "dest", SSH2_FXF_WRITE|SSH2_FXF_CREAT| +- (resume ? SSH2_FXF_APPEND : SSH2_FXF_TRUNC), +- &a, &handle, &handle_len) != 0) { ++ if (send_open(conn, remote_path, "dest", openmode, &a, ++ &handle, &handle_len) != 0) { + close(local_fd); + return -1; + } +@@ -1999,6 +2007,12 @@ do_upload(struct sftp_conn *conn, const + ack->id, ack->len, (unsigned long long)ack->offset); + ++ackid; + progress_counter += ack->len; ++ if (!reordered && ack->offset <= highwater) ++ highwater = ack->offset + ack->len; ++ else if (!reordered && ack->offset > highwater) { ++ debug3_f("server reordered ACKs"); ++ reordered = 1; ++ } + free(ack); + } + offset += len; +@@ -2017,6 +2031,14 @@ do_upload(struct sftp_conn *conn, const + status = SSH2_FX_FAILURE; + } + ++ if (inplace_flag || (resume && (status != SSH2_FX_OK || interrupted))) { ++ debug("truncating at %llu", (unsigned long long)highwater); ++ attrib_clear(&t); ++ t.flags = SSH2_FILEXFER_ATTR_SIZE; ++ t.size = highwater; ++ do_fsetstat(conn, handle, handle_len, &t); ++ } ++ + if (close(local_fd) == -1) { + error("Couldn't close local file \"%s\": %s", local_path, + strerror(errno)); +@@ -2041,7 +2063,7 @@ do_upload(struct sftp_conn *conn, const + static int + upload_dir_internal(struct sftp_conn *conn, const char *src, const char *dst, + int depth, int preserve_flag, int print_flag, int resume, int fsync_flag, +- int follow_link_flag) ++ int follow_link_flag, int inplace_flag) + { + int ret = 0; + DIR *dirp; +@@ -2119,12 +2141,13 @@ upload_dir_internal(struct sftp_conn *co + + if (upload_dir_internal(conn, new_src, new_dst, + depth + 1, preserve_flag, print_flag, resume, +- fsync_flag, follow_link_flag) == -1) ++ fsync_flag, follow_link_flag, inplace_flag) == -1) + ret = -1; + } else if (S_ISREG(sb.st_mode) || + (follow_link_flag && S_ISLNK(sb.st_mode))) { + if (do_upload(conn, new_src, new_dst, +- preserve_flag, resume, fsync_flag) == -1) { ++ preserve_flag, resume, fsync_flag, ++ inplace_flag) == -1) { + error("Uploading of file %s to %s failed!", + new_src, new_dst); + ret = -1; +@@ -2144,7 +2167,7 @@ upload_dir_internal(struct sftp_conn *co + int + upload_dir(struct sftp_conn *conn, const char *src, const char *dst, + int preserve_flag, int print_flag, int resume, int fsync_flag, +- int follow_link_flag, int create_dir) ++ int follow_link_flag, int create_dir, int inplace_flag) + { + char *dst_canon; + int ret; +@@ -2155,7 +2178,7 @@ upload_dir(struct sftp_conn *conn, const + } + + ret = upload_dir_internal(conn, src, dst_canon, 0, preserve_flag, +- print_flag, resume, fsync_flag, follow_link_flag); ++ print_flag, resume, fsync_flag, follow_link_flag, inplace_flag); + + free(dst_canon); + return ret; +diff --color -rup a/sftp-client.h b/sftp-client.h +--- a/sftp-client.h 2022-07-26 14:51:40.561120836 +0200 ++++ b/sftp-client.h 2022-07-26 14:52:37.120213042 +0200 +@@ -138,28 +138,29 @@ int do_fsync(struct sftp_conn *conn, u_c + * Download 'remote_path' to 'local_path'. Preserve permissions and times + * if 'pflag' is set + */ +-int do_download(struct sftp_conn *, const char *, const char *, +- Attrib *, int, int, int); ++int do_download(struct sftp_conn *, const char *, const char *, Attrib *, ++ int, int, int, int); + + /* + * Recursively download 'remote_directory' to 'local_directory'. Preserve + * times if 'pflag' is set + */ +-int download_dir(struct sftp_conn *, const char *, const char *, +- Attrib *, int, int, int, int, int); ++int download_dir(struct sftp_conn *, const char *, const char *, Attrib *, ++ int, int, int, int, int, int); + + /* + * Upload 'local_path' to 'remote_path'. Preserve permissions and times + * if 'pflag' is set + */ +-int do_upload(struct sftp_conn *, const char *, const char *, int, int, int); ++int do_upload(struct sftp_conn *, const char *, const char *, ++ int, int, int, int); + + /* + * Recursively upload 'local_directory' to 'remote_directory'. Preserve + * times if 'pflag' is set + */ +-int upload_dir(struct sftp_conn *, const char *, const char *, int, int, int, +- int, int, int); ++int upload_dir(struct sftp_conn *, const char *, const char *, ++ int, int, int, int, int, int, int); + + /* + * Download a 'from_path' from the 'from' connection and upload it to diff --git a/openssh-8.7p1-sftpscp-dir-create.patch b/openssh-8.7p1-sftpscp-dir-create.patch new file mode 100644 index 0000000..bc504f9 --- /dev/null +++ b/openssh-8.7p1-sftpscp-dir-create.patch @@ -0,0 +1,135 @@ +diff -up openssh-8.7p1/scp.c.sftpdirs openssh-8.7p1/scp.c +--- openssh-8.7p1/scp.c.sftpdirs 2022-02-02 14:11:12.553447509 +0100 ++++ openssh-8.7p1/scp.c 2022-02-02 14:12:56.081316414 +0100 +@@ -130,6 +130,7 @@ + #include "misc.h" + #include "progressmeter.h" + #include "utf8.h" ++#include "sftp.h" + + #include "sftp-common.h" + #include "sftp-client.h" +@@ -1264,13 +1265,18 @@ tolocal(int argc, char **argv, enum scp_ + static char * + prepare_remote_path(struct sftp_conn *conn, const char *path) + { ++ size_t nslash; ++ + /* Handle ~ prefixed paths */ +- if (*path != '~') +- return xstrdup(path); + if (*path == '\0' || strcmp(path, "~") == 0) + return xstrdup("."); +- if (strncmp(path, "~/", 2) == 0) +- return xstrdup(path + 2); ++ if (*path != '~') ++ return xstrdup(path); ++ if (strncmp(path, "~/", 2) == 0) { ++ if ((nslash = strspn(path + 2, "/")) == strlen(path + 2)) ++ return xstrdup("."); ++ return xstrdup(path + 2 + nslash); ++ } + if (can_expand_path(conn)) + return do_expand_path(conn, path); + /* No protocol extension */ +@@ -1282,10 +1288,16 @@ void + source_sftp(int argc, char *src, char *targ, struct sftp_conn *conn) + { + char *target = NULL, *filename = NULL, *abs_dst = NULL; +- int target_is_dir; +- ++ int src_is_dir, target_is_dir; ++ Attrib a; ++ struct stat st; ++ ++ memset(&a, '\0', sizeof(a)); ++ if (stat(src, &st) != 0) ++ fatal("stat local \"%s\": %s", src, strerror(errno)); ++ src_is_dir = S_ISDIR(st.st_mode); + if ((filename = basename(src)) == NULL) +- fatal("basename %s: %s", src, strerror(errno)); ++ fatal("basename \"%s\": %s", src, strerror(errno)); + + /* + * No need to glob here - the local shell already took care of +@@ -1295,8 +1307,12 @@ source_sftp(int argc, char *src, char *t + cleanup_exit(255); + target_is_dir = remote_is_dir(conn, target); + if (targetshouldbedirectory && !target_is_dir) { +- fatal("Target is not a directory, but more files selected " +- "for upload"); ++ debug("target directory \"%s\" does not exist", target); ++ a.flags = SSH2_FILEXFER_ATTR_PERMISSIONS; ++ a.perm = st.st_mode | 0700; /* ensure writable */ ++ if (do_mkdir(conn, target, &a, 1) != 0) ++ cleanup_exit(255); /* error already logged */ ++ target_is_dir = 1; + } + if (target_is_dir) + abs_dst = path_append(target, filename); +@@ -1306,7 +1322,7 @@ source_sftp(int argc, char *src, char *t + } + debug3_f("copying local %s to remote %s", src, abs_dst); + +- if (local_is_dir(src) && iamrecursive) { ++ if (src_is_dir && iamrecursive) { + if (upload_dir(conn, src, abs_dst, pflag, + SFTP_PROGRESS_ONLY, 0, 0, 1) != 0) { + error("failed to upload directory %s to %s", +@@ -1487,14 +1506,15 @@ sink_sftp(int argc, char *dst, const cha + char *abs_dst = NULL; + glob_t g; + char *filename, *tmp = NULL; +- int i, r, err = 0; ++ int i, r, err = 0, dst_is_dir; ++ struct stat st; + + memset(&g, 0, sizeof(g)); ++ + /* + * Here, we need remote glob as SFTP can not depend on remote shell + * expansions + */ +- + if ((abs_src = prepare_remote_path(conn, src)) == NULL) { + err = -1; + goto out; +@@ -1510,11 +1530,24 @@ sink_sftp(int argc, char *dst, const cha + goto out; + } + +- if (g.gl_matchc > 1 && !local_is_dir(dst)) { +- error("Multiple files match pattern, but destination " +- "\"%s\" is not a directory", dst); +- err = -1; +- goto out; ++ if ((r = stat(dst, &st)) != 0) ++ debug2_f("stat local \"%s\": %s", dst, strerror(errno)); ++ dst_is_dir = r == 0 && S_ISDIR(st.st_mode); ++ ++ if (g.gl_matchc > 1 && !dst_is_dir) { ++ if (r == 0) { ++ error("Multiple files match pattern, but destination " ++ "\"%s\" is not a directory", dst); ++ err = -1; ++ goto out; ++ } ++ debug2_f("creating destination \"%s\"", dst); ++ if (mkdir(dst, 0777) != 0) { ++ error("local mkdir \"%s\": %s", dst, strerror(errno)); ++ err = -1; ++ goto out; ++ } ++ dst_is_dir = 1; + } + + for (i = 0; g.gl_pathv[i] && !interrupted; i++) { +@@ -1525,7 +1558,7 @@ sink_sftp(int argc, char *dst, const cha + goto out; + } + +- if (local_is_dir(dst)) ++ if (dst_is_dir) + abs_dst = path_append(dst, filename); + else + abs_dst = xstrdup(dst); diff --git a/openssh-8.7p1-ssh-manpage.patch b/openssh-8.7p1-ssh-manpage.patch new file mode 100644 index 0000000..bd0bdb7 --- /dev/null +++ b/openssh-8.7p1-ssh-manpage.patch @@ -0,0 +1,53 @@ +diff --color -ru a/ssh.1 b/ssh.1 +--- a/ssh.1 2022-07-12 11:47:51.307295880 +0200 ++++ b/ssh.1 2022-07-12 11:50:28.793363263 +0200 +@@ -493,6 +493,7 @@ + .It AddressFamily + .It BatchMode + .It BindAddress ++.It BindInterface + .It CanonicalDomains + .It CanonicalizeFallbackLocal + .It CanonicalizeHostname +@@ -510,6 +511,7 @@ + .It ControlPath + .It ControlPersist + .It DynamicForward ++.It EnableSSHKeysign + .It EscapeChar + .It ExitOnForwardFailure + .It FingerprintHash +@@ -538,6 +540,8 @@ + .It IdentitiesOnly + .It IdentityAgent + .It IdentityFile ++.It IgnoreUnknown ++.It Include + .It IPQoS + .It KbdInteractiveAuthentication + .It KbdInteractiveDevices +@@ -546,6 +550,7 @@ + .It LocalCommand + .It LocalForward + .It LogLevel ++.It LogVerbose + .It MACs + .It Match + .It RSAMinSize +@@ -566,6 +571,8 @@ + .It RemoteCommand + .It RemoteForward + .It RequestTTY ++.It RevokedHostKeys ++.It SecurityKeyProvider + .It SendEnv + .It ServerAliveInterval + .It ServerAliveCountMax +@@ -575,6 +582,7 @@ + .It StreamLocalBindMask + .It StreamLocalBindUnlink + .It StrictHostKeyChecking ++.It SyslogFacility + .It TCPKeepAlive + .It Tunnel + .It TunnelDevice diff --git a/openssh-8.8p1-hpn-15.2-modified.patch b/openssh-8.8p1-hpn-15.2-modified.patch index 4f68944..807c8ef 100644 --- a/openssh-8.8p1-hpn-15.2-modified.patch +++ b/openssh-8.8p1-hpn-15.2-modified.patch @@ -1517,6 +1517,14 @@ diff -Nur openssh-8.8p1.orig/packet.c openssh-8.8p1/packet.c /* * Logs the error plus constructs and sends a disconnect packet, closes the * connection, and exits. This function never returns. The error message +@@ -1991,6 +2047,7 @@ + return SSH_ERR_CONN_CLOSED; + if ((r = sshbuf_consume(state->output, len)) != 0) + return r; ++ ssh->stdin_bytes += len; + } + return 0; + } @@ -2794,3 +2850,10 @@ ssh->state->extra_pad = pad; return 0; @@ -1666,8 +1674,8 @@ diff -Nur openssh-8.8p1.orig/readconf.c openssh-8.8p1/readconf.c { "stdinnull", oStdinNull }, { "forkafterauthentication", oForkAfterAuthentication }, @@ -336,6 +344,11 @@ - { "securitykeyprovider", oSecurityKeyProvider }, { "knownhostscommand", oKnownHostsCommand }, + { "rsaminsize", oRSAMinSize }, + { "tcprcvbufpoll", oTcpRcvBufPoll }, + { "tcprcvbuf", oTcpRcvBuf }, @@ -2537,7 +2545,7 @@ diff -Nur openssh-8.8p1.orig/sshd.c openssh-8.8p1/sshd.c do_authenticated(ssh, authctxt); @@ -2486,6 +2528,11 @@ - struct kex *kex; + char *prop_kex = NULL, *prop_enc = NULL, *prop_hostkey = NULL; int r; + if (options.none_enabled == 1) @@ -2545,9 +2553,9 @@ diff -Nur openssh-8.8p1.orig/sshd.c openssh-8.8p1/sshd.c + if (options.nonemac_enabled == 1) + debug("WARNING: None MAC enabled"); + - myproposal[PROPOSAL_KEX_ALGS] = compat_kex_proposal(ssh, + myproposal[PROPOSAL_KEX_ALGS] = prop_kex = compat_kex_proposal(ssh, options.kex_algorithms); - myproposal[PROPOSAL_ENC_ALGS_CTOS] = compat_cipher_proposal(ssh, + myproposal[PROPOSAL_ENC_ALGS_CTOS] = diff -Nur openssh-8.8p1.orig/sshd_config openssh-8.8p1/sshd_config --- openssh-8.8p1.orig/sshd_config 2021-12-01 16:50:22.524385588 +0100 +++ openssh-8.8p1/sshd_config 2021-12-01 16:51:00.941474165 +0100 diff --git a/openssh-8.8p1-skip-some-tests.patch b/openssh-8.8p1-skip-some-tests.patch new file mode 100644 index 0000000..7268eb3 --- /dev/null +++ b/openssh-8.8p1-skip-some-tests.patch @@ -0,0 +1,41 @@ +diff -up openssh-8.8p1/regress/hostkey-agent.sh.redhat openssh-8.8p1/regress/hostkey-agent.sh +--- openssh-8.8p1/regress/hostkey-agent.sh.redhat 2022-08-10 15:54:42.084777662 +0200 ++++ openssh-8.8p1/regress/hostkey-agent.sh 2022-08-10 17:01:25.651269994 +0200 +@@ -36,6 +36,8 @@ unset SSH_AUTH_SOCK + + for ps in yes; do + for k in $SSH_ACCEPTED_KEYTYPES ; do ++ [ "$k" == "ssh-rsa" ] && continue ++ [ "$k" == "ssh-dss" ] && continue + verbose "key type $k privsep=$ps" + cp $OBJ/sshd_proxy.orig $OBJ/sshd_proxy + echo "UsePrivilegeSeparation $ps" >> $OBJ/sshd_proxy +diff -up openssh-8.8p1/regress/hostkey-rotate.sh.redhat openssh-8.8p1/regress/hostkey-rotate.sh +--- openssh-8.8p1/regress/hostkey-rotate.sh.redhat 2022-08-10 16:57:12.720029146 +0200 ++++ openssh-8.8p1/regress/hostkey-rotate.sh 2022-08-10 17:15:48.274923865 +0200 +@@ -40,6 +40,8 @@ trace "prepare hostkeys" + nkeys=0 + all_algs="" + for k in $SSH_HOSTKEY_TYPES; do ++ [ "$k" == "ssh-rsa" ] && continue ++ [ "$k" == "ssh-dss" ] && continue + ${SSHKEYGEN} -qt $k -f $OBJ/hkr.$k -N '' || fatal "ssh-keygen $k" + echo "Hostkey $OBJ/hkr.${k}" >> $OBJ/sshd_proxy.orig + nkeys=`expr $nkeys + 1` +@@ -87,11 +89,15 @@ dossh -oStrictHostKeyChecking=yes -oHost + # Check that other keys learned + expect_nkeys $nkeys "learn hostkeys" + for k in $SSH_HOSTKEY_TYPES; do ++ [ "$k" == "ssh-rsa" ] && continue ++ [ "$k" == "ssh-dss" ] && continue + check_key_present $k || fail "didn't learn keytype $k" + done + + # Check each key type + for k in $SSH_HOSTKEY_TYPES; do ++ [ "$k" == "ssh-rsa" ] && continue ++ [ "$k" == "ssh-dss" ] && continue + verbose "learn additional hostkeys, type=$k" + dossh -oStrictHostKeyChecking=yes -oHostKeyAlgorithms=$k,$all_algs + expect_nkeys $nkeys "learn hostkeys $k" + From 66cc7b96c8aabc497dc98e9443ce15a3e28cf408 Mon Sep 17 00:00:00 2001 From: Mattias Ellert Date: Thu, 1 Sep 2022 10:32:01 +0200 Subject: [PATCH 06/44] Based on openssh-9.0p1-3.fc38 --- gsi-openssh.spec | 44 +- openssh-5.8p2-sigpipe.patch | 10 +- openssh-6.6.1p1-log-in-chroot.patch | 4 +- openssh-6.7p1-coverity.patch | 77 ---- openssh-7.3p1-x11-max-displays.patch | 4 +- openssh-7.6p1-audit.patch | 18 +- openssh-7.7p1-fips.patch | 2 +- openssh-7.8p1-UsePAM-warning.patch | 2 +- openssh-7.8p1-role-mls.patch | 6 +- openssh-8.0p1-crypto-policies.patch | 137 +++++- openssh-8.0p1-gssapi-keyex.patch | 24 +- openssh-8.0p1-pkcs11-uri.patch | 49 ++- openssh-8.7p1-host-based-auth.patch | 151 ------- openssh-8.7p1-ibmca.patch | 7 +- openssh-8.7p1-minimize-sha1-use.patch | 207 --------- openssh-8.7p1-minrsabits.patch | 19 +- openssh-8.7p1-negotiate-supported-algs.patch | 22 +- openssh-8.7p1-recursive-scp.patch | 51 ++- openssh-8.7p1-scp-clears-file.patch | 37 +- openssh-8.7p1-sftp-default-protocol.patch | 87 ---- openssh-8.7p1-sftpscp-dir-create.patch | 135 ------ openssh-8.8p1-skip-some-tests.patch | 41 -- ...gsissh.patch => openssh-9.0p1-gsissh.patch | 324 +++++++------- ...h => openssh-9.0p1-hpn-15.2-modified.patch | 404 +++++++++--------- 24 files changed, 625 insertions(+), 1237 deletions(-) delete mode 100644 openssh-8.7p1-host-based-auth.patch delete mode 100644 openssh-8.7p1-minimize-sha1-use.patch delete mode 100644 openssh-8.7p1-sftp-default-protocol.patch delete mode 100644 openssh-8.7p1-sftpscp-dir-create.patch delete mode 100644 openssh-8.8p1-skip-some-tests.patch rename openssh-8.8p1-gsissh.patch => openssh-9.0p1-gsissh.patch (89%) rename openssh-8.8p1-hpn-15.2-modified.patch => openssh-9.0p1-hpn-15.2-modified.patch (88%) diff --git a/gsi-openssh.spec b/gsi-openssh.spec index a7901cd..4c83205 100644 --- a/gsi-openssh.spec +++ b/gsi-openssh.spec @@ -27,8 +27,8 @@ # Do we want libedit support %global libedit 1 -%global openssh_ver 8.8p1 -%global openssh_rel 3 +%global openssh_ver 9.0p1 +%global openssh_rel 1 Summary: An implementation of the SSH protocol with GSI authentication Name: gsi-openssh @@ -149,16 +149,8 @@ Patch966: openssh-8.2p1-x11-without-ipv6.patch Patch974: openssh-8.0p1-keygen-strip-doseol.patch # sshd provides PAM an incorrect error code (#1879503) Patch975: openssh-8.0p1-preserve-pam-errors.patch -# Use SFTP protocol by default for scp command -Patch976: openssh-8.7p1-sftp-default-protocol.patch # Implement kill switch for SCP protocol Patch977: openssh-8.7p1-scp-kill-switch.patch -# Create non-existent directories when scp works in sftp mode and some more minor fixes -# upstream commits: -# ba61123eef9c6356d438c90c1199a57a0d7bcb0a -# 63670d4e9030bcee490d5a9cce561373ac5b3b23 -# ac7c9ec894ed0825d04ef69c55babb49bab1d32e -Patch980: openssh-8.7p1-sftpscp-dir-create.patch # Workaround for lack of sftp_realpath in older versions of RHEL # https://bugzilla.redhat.com/show_bug.cgi?id=2038854 # https://github.com/openssh/openssh-portable/pull/299 @@ -172,11 +164,6 @@ Patch983: openssh-8.7p1-evpgenkey.patch # From https://bugzilla.redhat.com/show_bug.cgi?id=1976202#c14 Patch984: openssh-8.7p1-ibmca.patch -# Minimize the use of SHA1 as a proof of possession for RSA key (#2031868) -# upstream commits: -# 291721bc7c840d113a49518f3fca70e86248b8e8 -# 0fa33683223c76289470a954404047bc762be84c -Patch1000: openssh-8.7p1-minimize-sha1-use.patch # Fix for scp clearing file when src and dest are the same (#2056884) # upstream commits: # 7b1cbcb7599d9f6a3bbad79d412604aa1203b5ee @@ -195,31 +182,21 @@ Patch1003: openssh-8.7p1-mem-leak.patch # upstream MR: # https://github.com/openssh-gsskex/openssh-gsskex/pull/21 Patch1004: openssh-8.7p1-gssapi-auth.patch -# Fix host-based authentication with rsa keys -# upstream commits: -# 7aa7b096cf2bafe2777085abdeed5ce00581f641 -# d9dbb5d9a0326e252d3c7bc13beb9c2434f59409 -# fdb1d58d0d3888b042e5a500f6ce524486aaf782 -Patch1005: openssh-8.7p1-host-based-auth.patch # Don't propose disallowed algorithms during hostkey negotiation # upstream MR: # https://github.com/openssh/openssh-portable/pull/323 Patch1006: openssh-8.7p1-negotiate-supported-algs.patch -# downstream only -# we skip some ssh-rsa/ssh-dss tests to make native test suite pass -Patch1100: openssh-8.8p1-skip-some-tests.patch - # Fix issue with read-only ssh buffer during gssapi key exchange (#1938224) # https://github.com/openssh-gsskex/openssh-gsskex/pull/19 Patch97: openssh-8.0p1-sshbuf-readonly.patch # This is the patch that adds GSI support # Based on hpn_isshd-gsi.7.5p1b.patch from Globus upstream -Patch98: openssh-8.8p1-gsissh.patch +Patch98: openssh-9.0p1-gsissh.patch # This is the HPN patch # Based on https://sourceforge.net/projects/hpnssh/files/Patches/HPN-SSH%2015v2%208.5p1/ -Patch99: openssh-8.8p1-hpn-15.2-modified.patch +Patch99: openssh-9.0p1-hpn-15.2-modified.patch License: BSD Requires: /sbin/nologin @@ -266,7 +243,7 @@ Summary: SSH client applications with GSI authentication Provides: gsissh-clients = %{version}-%{release} Obsoletes: gsissh-clients < 5.8p2-2 Requires: %{name} = %{version}-%{release} -Requires: crypto-policies >= 20200610-1 +Requires: crypto-policies >= 20220824-1 %package server Summary: SSH server daemon with GSI authentication @@ -275,7 +252,7 @@ Obsoletes: gsissh-server < 5.8p2-2 Requires: %{name} = %{version}-%{release} Requires(pre): /usr/sbin/useradd Requires: pam >= 1.0.1-3 -Requires: crypto-policies >= 20200610-1 +Requires: crypto-policies >= 20220824-1 %{?systemd_requires} %description @@ -357,9 +334,7 @@ gpgv2 --quiet --keyring %{SOURCE3} %{SOURCE1} %{SOURCE0} %patch966 -p1 -b .x11-ipv6 %patch974 -p1 -b .keygen-strip-doseol %patch975 -p1 -b .preserve-pam-errors -%patch976 -p1 -b .sftp-by-default %patch977 -p1 -b .kill-scp -%patch980 -p1 -b .sftpdirs %patch981 -p1 -b .scp-sftpdirs %patch982 -p1 -b .minrsabits %patch983 -p1 -b .evpgenrsa @@ -369,16 +344,12 @@ gpgv2 --quiet --keyring %{SOURCE3} %{SOURCE1} %{SOURCE0} %patch201 -p1 -b .audit-race %patch700 -p1 -b .fips -%patch1000 -p1 -b .minimize-sha1-use %patch1001 -p1 -b .scp-clears-file %patch1002 -p1 -b .ssh-manpage %patch1003 -p1 -b .mem-leak %patch1004 -p1 -b .gssapi-auth -%patch1005 -p1 -b .host-based-auth %patch1006 -p1 -b .negotiate-supported-algs -%patch1100 -p1 -b .skipsshrsadsstests - %patch100 -p1 -b .coverity %patch97 -p1 -b .sshbuf-ro @@ -571,6 +542,9 @@ getent passwd sshd >/dev/null || \ %attr(0644,root,root) %{_unitdir}/gsisshd-keygen.target %changelog +* Tue Aug 30 2022 Mattias Ellert - 9.0p1-1 +- Based on openssh-9.0p1-3.fc38 + * Tue Aug 30 2022 Mattias Ellert - 8.8p1-3 - Based on openssh-8.8p1-6.fc37 diff --git a/openssh-5.8p2-sigpipe.patch b/openssh-5.8p2-sigpipe.patch index 56af045..554e346 100644 --- a/openssh-5.8p2-sigpipe.patch +++ b/openssh-5.8p2-sigpipe.patch @@ -1,12 +1,14 @@ diff -up openssh-5.8p2/ssh-keyscan.c.sigpipe openssh-5.8p2/ssh-keyscan.c --- openssh-5.8p2/ssh-keyscan.c.sigpipe 2011-08-23 18:30:33.873025916 +0200 +++ openssh-5.8p2/ssh-keyscan.c 2011-08-23 18:32:24.574025362 +0200 -@@ -715,6 +715,8 @@ main(int argc, char **argv) +@@ -715,6 +715,9 @@ main(int argc, char **argv) + if (maxfd > fdlim_get(0)) fdlim_set(maxfd); fdcon = xcalloc(maxfd, sizeof(con)); - ++ + signal(SIGPIPE, SIG_IGN); + - read_wait_nfdset = howmany(maxfd, NFDBITS); - read_wait = xcalloc(read_wait_nfdset, sizeof(fd_mask)); + read_wait = xcalloc(maxfd, sizeof(struct pollfd)); + for (j = 0; j < maxfd; j++) + read_wait[j].fd = -1; diff --git a/openssh-6.6.1p1-log-in-chroot.patch b/openssh-6.6.1p1-log-in-chroot.patch index 426c172..941c694 100644 --- a/openssh-6.6.1p1-log-in-chroot.patch +++ b/openssh-6.6.1p1-log-in-chroot.patch @@ -207,8 +207,8 @@ diff -up openssh-8.6p1/sftp-server.c.log-in-chroot openssh-8.6p1/sftp-server.c -sftp_server_main(int argc, char **argv, struct passwd *user_pw) +sftp_server_main(int argc, char **argv, struct passwd *user_pw, int reset_handler) { - fd_set *rset, *wset; - int i, r, in, out, max, ch, skipargs = 0, log_stderr = 0; + int i, r, in, out, ch, skipargs = 0, log_stderr = 0; + ssize_t len, olen; @@ -1657,7 +1657,7 @@ sftp_server_main(int argc, char **argv, extern char *__progname; diff --git a/openssh-6.7p1-coverity.patch b/openssh-6.7p1-coverity.patch index 147d90d..1923ac8 100644 --- a/openssh-6.7p1-coverity.patch +++ b/openssh-6.7p1-coverity.patch @@ -1,37 +1,3 @@ -diff -up openssh-8.5p1/addr.c.coverity openssh-8.5p1/addr.c ---- openssh-8.5p1/addr.c.coverity 2021-03-02 11:31:47.000000000 +0100 -+++ openssh-8.5p1/addr.c 2021-03-24 12:03:33.782968159 +0100 -@@ -312,8 +312,10 @@ addr_pton(const char *p, struct xaddr *n - if (p == NULL || getaddrinfo(p, NULL, &hints, &ai) != 0) - return -1; - -- if (ai == NULL || ai->ai_addr == NULL) -+ if (ai == NULL || ai->ai_addr == NULL) { -+ freeaddrinfo(ai); - return -1; -+ } - - if (n != NULL && addr_sa_to_xaddr(ai->ai_addr, ai->ai_addrlen, - n) == -1) { -@@ -336,12 +338,16 @@ addr_sa_pton(const char *h, const char * - if (h == NULL || getaddrinfo(h, s, &hints, &ai) != 0) - return -1; - -- if (ai == NULL || ai->ai_addr == NULL) -+ if (ai == NULL || ai->ai_addr == NULL) { -+ freeaddrinfo(ai); - return -1; -+ } - - if (sa != NULL) { -- if (slen < ai->ai_addrlen) -+ if (slen < ai->ai_addrlen) { -+ freeaddrinfo(ai); - return -1; -+ } - memcpy(sa, &ai->ai_addr, ai->ai_addrlen); - } - diff -up openssh-8.5p1/auth-krb5.c.coverity openssh-8.5p1/auth-krb5.c --- openssh-8.5p1/auth-krb5.c.coverity 2021-03-24 12:03:33.724967756 +0100 +++ openssh-8.5p1/auth-krb5.c 2021-03-24 12:03:33.782968159 +0100 @@ -65,15 +31,6 @@ diff -up openssh-8.5p1/auth-options.c.coverity openssh-8.5p1/auth-options.c diff -up openssh-7.4p1/channels.c.coverity openssh-7.4p1/channels.c --- openssh-7.4p1/channels.c.coverity 2016-12-23 16:40:26.881788686 +0100 +++ openssh-7.4p1/channels.c 2016-12-23 16:42:36.244818763 +0100 -@@ -1875,7 +1875,7 @@ channel_post_connecting(struct ssh *ssh, - debug("channel %d: connection failed: %s", - c->self, strerror(err)); - /* Try next address, if any */ -- if ((sock = connect_next(&c->connect_ctx)) > 0) { -+ if ((sock = connect_next(&c->connect_ctx)) >= 0) { - close(c->sock); - c->sock = c->rfd = c->wfd = sock; - channel_find_maxfd(ssh->chanctxt); @@ -3804,7 +3804,7 @@ int channel_request_remote_forwarding(struct ssh *ssh, struct Forward *fwd) { @@ -411,30 +368,6 @@ diff -up openssh-7.4p1/sftp.c.coverity openssh-7.4p1/sftp.c continue; } lname = ls_file(fname, g.gl_statv[i], 1, -diff --git a/sftp-client.c b/sftp-client.c -index 9de9afa20f..ea98d9f8d0 100644 ---- a/sftp-client.c -+++ b/sftp-client.c -@@ -2195,6 +2195,7 @@ handle_dest_replies(struct sftp_conn *to, const char *to_path, int synchronous, - (*nreqsp)--; - } - debug3_f("done: %u outstanding replies", *nreqsp); -+ sshbuf_free(msg); - } - - int -diff --git a/sftp-server.c b/sftp-server.c -index 18d1949112..6380c4dd23 100644 ---- a/sftp-server.c -+++ b/sftp-server.c -@@ -1553,6 +1553,7 @@ process_extended_expand(u_int32_t id) - npath = xstrdup(path + 2); - free(path); - xasprintf(&path, "%s/%s", cwd, npath); -+ free(npath); - } else { - /* ~user expansions */ - if (tilde_expand(path, pw->pw_uid, &npath) != 0) { diff -up openssh-8.5p1/sk-usbhid.c.coverity openssh-8.5p1/sk-usbhid.c --- openssh-8.5p1/sk-usbhid.c.coverity 2021-03-02 11:31:47.000000000 +0100 +++ openssh-8.5p1/sk-usbhid.c 2021-03-24 12:03:33.786968187 +0100 @@ -494,16 +427,6 @@ diff -up openssh-7.4p1/sshd.c.coverity openssh-7.4p1/sshd.c return 0; } -@@ -1386,6 +1388,9 @@ server_accept_loop(int *sock_in, int *so - explicit_bzero(rnd, sizeof(rnd)); - } - } -+ -+ if (fdset != NULL) -+ free(fdset); - } - - /* @@ -2519,8 +2524,11 @@ do_ssh2_kex(struct ssh *ssh) if (newstr) diff --git a/openssh-7.3p1-x11-max-displays.patch b/openssh-7.3p1-x11-max-displays.patch index 5af3e3b..ad181cb 100644 --- a/openssh-7.3p1-x11-max-displays.patch +++ b/openssh-7.3p1-x11-max-displays.patch @@ -10,8 +10,8 @@ diff -up openssh-7.4p1/channels.c.x11max openssh-7.4p1/channels.c +/* Minimum port number for X11 forwarding */ +#define X11_PORT_MIN 6000 - /* Per-channel callback for pre/post select() actions */ - typedef void chan_fn(struct ssh *, Channel *c, + /* Per-channel callback for pre/post IO actions */ + typedef void chan_fn(struct ssh *, Channel *c); @@ -4228,7 +4228,7 @@ channel_send_window_changes(void) */ int diff --git a/openssh-7.6p1-audit.patch b/openssh-7.6p1-audit.patch index 4473518..2d3aae9 100644 --- a/openssh-7.6p1-audit.patch +++ b/openssh-7.6p1-audit.patch @@ -729,7 +729,7 @@ diff -up openssh-8.6p1/auth2.c.audit openssh-8.6p1/auth2.c --- openssh-8.6p1/auth2.c.audit 2021-04-19 16:47:35.682061561 +0200 +++ openssh-8.6p1/auth2.c 2021-04-19 16:47:35.754062114 +0200 @@ -298,9 +298,6 @@ input_userauth_request(int type, u_int32 - } else { + authctxt->valid = 0; /* Invalid user, fake password information */ authctxt->pw = fakepw(); -#ifdef SSH_AUDIT_EVENTS @@ -1195,9 +1195,9 @@ diff -up openssh-8.6p1/monitor.c.audit openssh-8.6p1/monitor.c - ret = sshkey_verify(key, signature, signaturelen, data, datalen, - sigalg, ssh->compat, &sig_details); - debug3_f("%s %s signature %s%s%s", auth_method, sshkey_type(key), + debug3_f("%s %s signature using %s %s%s%s", auth_method, + sshkey_type(key), sigalg == NULL ? "default" : sigalg, (ret == 0) ? "verified" : "unverified", - (ret != 0) ? ": " : "", (ret != 0) ? ssh_err(ret) : ""); @@ -1576,13 +1600,19 @@ mm_record_login(struct ssh *ssh, Session } @@ -2040,7 +2040,7 @@ diff -up openssh-8.6p1/sshd.c.audit openssh-8.6p1/sshd.c static char *listener_proctitle; @@ -279,6 +280,15 @@ close_listen_socks(void) - num_listen_socks = -1; + num_listen_socks = 0; } +/* @@ -2049,16 +2049,16 @@ diff -up openssh-8.6p1/sshd.c.audit openssh-8.6p1/sshd.c + */ +int listening_for_clients(void) +{ -+ return num_listen_socks >= 0; ++ return num_listen_socks > 0; +} + static void close_startup_pipes(void) { @@ -377,18 +387,45 @@ grace_alarm_handler(int sig) - } + ssh_remote_port(the_active_state)); } - + -/* Destroy the host and server keys. They will no longer be needed. */ +/* + * Destroy the host and server keys. They will no longer be needed. Careful, @@ -2196,8 +2196,8 @@ diff -up openssh-8.6p1/sshd.c.audit openssh-8.6p1/sshd.c -server_accept_loop(int *sock_in, int *sock_out, int *newsock, int *config_s) +server_accept_loop(struct ssh *ssh, int *sock_in, int *sock_out, int *newsock, int *config_s) { - fd_set *fdset; - int i, j, ret, maxfd; + struct pollfd *pfd = NULL; + int i, j, ret, npfd; @@ -1204,6 +1259,7 @@ server_accept_loop(int *sock_in, int *so if (received_sigterm) { logit("Received signal %d; terminating.", diff --git a/openssh-7.7p1-fips.patch b/openssh-7.7p1-fips.patch index cc513db..62468ac 100644 --- a/openssh-7.7p1-fips.patch +++ b/openssh-7.7p1-fips.patch @@ -321,7 +321,7 @@ diff -up openssh-8.6p1/sshd.c.fips openssh-8.6p1/sshd.c --- openssh-8.6p1/sshd.c.fips 2021-04-19 16:53:03.060577831 +0200 +++ openssh-8.6p1/sshd.c 2021-04-19 16:57:45.827769340 +0200 @@ -66,6 +66,7 @@ - #include + #endif #include #include +#include diff --git a/openssh-7.8p1-UsePAM-warning.patch b/openssh-7.8p1-UsePAM-warning.patch index 8560c9f..a94419e 100644 --- a/openssh-7.8p1-UsePAM-warning.patch +++ b/openssh-7.8p1-UsePAM-warning.patch @@ -3,7 +3,7 @@ diff -up openssh-8.6p1/sshd.c.log-usepam-no openssh-8.6p1/sshd.c +++ openssh-8.6p1/sshd.c 2021-04-19 14:03:21.140920974 +0200 @@ -1749,6 +1749,10 @@ main(int ac, char **av) parse_server_config(&options, rexeced_flag ? "rexec" : config_file_name, - cfg, &includes, NULL); + cfg, &includes, NULL, rexeced_flag); + /* 'UsePAM no' is not supported in Fedora */ + if (! options.use_pam) diff --git a/openssh-7.8p1-role-mls.patch b/openssh-7.8p1-role-mls.patch index 48f9f10..4dc460a 100644 --- a/openssh-7.8p1-role-mls.patch +++ b/openssh-7.8p1-role-mls.patch @@ -93,7 +93,7 @@ diff -up openssh/auth2-hostbased.c.role-mls openssh/auth2-hostbased.c (r = sshbuf_put_cstring(b, authctxt->user)) != 0 || +#endif (r = sshbuf_put_cstring(b, authctxt->service)) != 0 || - (r = sshbuf_put_cstring(b, "hostbased")) != 0 || + (r = sshbuf_put_cstring(b, method)) != 0 || (r = sshbuf_put_string(b, pkalg, alen)) != 0 || diff -up openssh/auth2-pubkey.c.role-mls openssh/auth2-pubkey.c --- openssh/auth2-pubkey.c.role-mls 2018-08-22 11:14:56.816430924 +0200 @@ -240,14 +240,14 @@ diff -up openssh-8.6p1/monitor.c.role-mls openssh-8.6p1/monitor.c mm_answer_authpassword(struct ssh *ssh, int sock, struct sshbuf *m) { @@ -1251,7 +1280,7 @@ monitor_valid_userblob(struct ssh *ssh, - { struct sshbuf *b; + struct sshkey *hostkey = NULL; const u_char *p; - char *userstyle, *cp; + char *userstyle, *s, *cp; size_t len; u_char type; - int r, fail = 0; + int hostbound = 0, r, fail = 0; @@ -1282,6 +1311,8 @@ monitor_valid_userblob(struct ssh *ssh, fail++; if ((r = sshbuf_get_cstring(b, &cp, NULL)) != 0) diff --git a/openssh-8.0p1-crypto-policies.patch b/openssh-8.0p1-crypto-policies.patch index 62616aa..d4549f0 100644 --- a/openssh-8.0p1-crypto-policies.patch +++ b/openssh-8.0p1-crypto-policies.patch @@ -92,7 +92,52 @@ diff --color -ru a/ssh_config.5 b/ssh_config.5 .It Cm HashKnownHosts Indicates that .Xr ssh 1 -@@ -1219,29 +1216,25 @@ +@@ -913,36 +910,25 @@ + but may be manually hashed using + .Xr ssh-keygen 1 . + .It Cm HostbasedAcceptedAlgorithms ++The default is handled system-wide by ++.Xr crypto-policies 7 . ++Information about defaults, how to modify the defaults and how to customize existing policies with sub-policies are present in manual page ++.Xr update-crypto-policies 8 . ++.Pp + Specifies the signature algorithms that will be used for hostbased + authentication as a comma-separated list of patterns. + Alternately if the specified list begins with a + .Sq + + character, then the specified signature algorithms will be appended +-to the default set instead of replacing them. ++to the built-in openssh default set instead of replacing them. + If the specified list begins with a + .Sq - + character, then the specified signature algorithms (including wildcards) +-will be removed from the default set instead of replacing them. ++will be removed from the built-in openssh default set instead of replacing them. + If the specified list begins with a + .Sq ^ + character, then the specified signature algorithms will be placed +-at the head of the default set. +-The default for this option is: +-.Bd -literal -offset 3n +-ssh-ed25519-cert-v01@openssh.com, +-ecdsa-sha2-nistp256-cert-v01@openssh.com, +-ecdsa-sha2-nistp384-cert-v01@openssh.com, +-ecdsa-sha2-nistp521-cert-v01@openssh.com, +-sk-ssh-ed25519-cert-v01@openssh.com, +-sk-ecdsa-sha2-nistp256-cert-v01@openssh.com, +-rsa-sha2-512-cert-v01@openssh.com, +-rsa-sha2-256-cert-v01@openssh.com, +-ssh-ed25519, +-ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521, +-sk-ssh-ed25519@openssh.com, +-sk-ecdsa-sha2-nistp256@openssh.com, +-rsa-sha2-512,rsa-sha2-256 +-.Ed ++at the head of the built-in openssh default set. + .Pp + The + .Fl Q +@@ -1219,30 +1216,25 @@ and .Cm pam . .It Cm KexAlgorithms @@ -120,6 +165,7 @@ diff --color -ru a/ssh_config.5 b/ssh_config.5 -default set. -The default is: -.Bd -literal -offset indent +-sntrup761x25519-sha512@openssh.com, -curve25519-sha256,curve25519-sha256@libssh.org, -ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521, -diffie-hellman-group-exchange-sha256, @@ -224,6 +270,17 @@ diff --color -ru a/ssh_config.5 b/ssh_config.5 .Pp The list of available signature algorithms may also be obtained using .Qq ssh -Q PubkeyAcceptedAlgorithms . +@@ -2237,7 +2207,9 @@ for those users who do not have a config + This file must be world-readable. + .El + .Sh SEE ALSO +-.Xr ssh 1 ++.Xr ssh 1 , ++.Xr crypto-policies 7 , ++.Xr update-crypto-policies 8 + .Sh AUTHORS + .An -nosplit + OpenSSH is a derivative of the original and free diff --color -ru a/sshd_config.5 b/sshd_config.5 --- a/sshd_config.5 2022-07-12 15:05:22.535012771 +0200 +++ b/sshd_config.5 2022-07-12 15:15:33.394809258 +0200 @@ -294,7 +351,7 @@ diff --color -ru a/sshd_config.5 b/sshd_config.5 The list of available ciphers may also be obtained using .Qq ssh -Q cipher . .It Cm ClientAliveCountMax -@@ -685,21 +679,22 @@ +@@ -685,53 +679,43 @@ .Cm GSSAPIKeyExchange needs to be enabled in the server and also used by the client. .It Cm GSSAPIKexAlgorithms @@ -326,18 +383,27 @@ diff --color -ru a/sshd_config.5 b/sshd_config.5 -gss-curve25519-sha256-,gss-group14-sha1-,gss-gex-sha1- . This option only applies to connections using GSSAPI. .It Cm HostbasedAcceptedAlgorithms - Specifies the signature algorithms that will be accepted for hostbased -@@ -799,26 +794,13 @@ - .Ev SSH_AUTH_SOCK - environment variable. - .It Cm HostKeyAlgorithms +The default is handled system-wide by +.Xr crypto-policies 7 . +Information about defaults, how to modify the defaults and how to customize existing policies with sub-policies are present in manual page +.Xr update-crypto-policies 8 . +.Pp - Specifies the host key signature algorithms - that the server offers. + Specifies the signature algorithms that will be accepted for hostbased + authentication as a list of comma-separated patterns. + Alternately if the specified list begins with a + .Sq + + character, then the specified signature algorithms will be appended to +-the default set instead of replacing them. ++the built-in openssh default set instead of replacing them. + If the specified list begins with a + .Sq - + character, then the specified signature algorithms (including wildcards) +-will be removed from the default set instead of replacing them. ++will be removed from the built-in openssh default set instead of replacing them. + If the specified list begins with a + .Sq ^ + character, then the specified signature algorithms will be placed at +-the head of the default set. -The default for this option is: -.Bd -literal -offset 3n -ssh-ed25519-cert-v01@openssh.com, @@ -348,12 +414,42 @@ diff --color -ru a/sshd_config.5 b/sshd_config.5 -sk-ecdsa-sha2-nistp256-cert-v01@openssh.com, -rsa-sha2-512-cert-v01@openssh.com, -rsa-sha2-256-cert-v01@openssh.com, --ssh-rsa-cert-v01@openssh.com, -ssh-ed25519, -ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521, -sk-ssh-ed25519@openssh.com, -sk-ecdsa-sha2-nistp256@openssh.com, --rsa-sha2-512,rsa-sha2-256,ssh-rsa +-rsa-sha2-512,rsa-sha2-256 +-.Ed ++the head of the built-in openssh default set. + .Pp + The list of available signature algorithms may also be obtained using + .Qq ssh -Q HostbasedAcceptedAlgorithms . +@@ -799,25 +794,14 @@ + .Ev SSH_AUTH_SOCK + environment variable. + .It Cm HostKeyAlgorithms ++The default is handled system-wide by ++.Xr crypto-policies 7 . ++Information about defaults, how to modify the defaults and how to customize existing policies with sub-policies are present in manual page ++.Xr update-crypto-policies 8 . ++.Pp + Specifies the host key signature algorithms + that the server offers. + The default for this option is: +-.Bd -literal -offset 3n +-ssh-ed25519-cert-v01@openssh.com, +-ecdsa-sha2-nistp256-cert-v01@openssh.com, +-ecdsa-sha2-nistp384-cert-v01@openssh.com, +-ecdsa-sha2-nistp521-cert-v01@openssh.com, +-sk-ssh-ed25519-cert-v01@openssh.com, +-sk-ecdsa-sha2-nistp256-cert-v01@openssh.com, +-rsa-sha2-512-cert-v01@openssh.com, +-rsa-sha2-256-cert-v01@openssh.com, +-ssh-ed25519, +-ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521, +-sk-ssh-ed25519@openssh.com, +-sk-ecdsa-sha2-nistp256@openssh.com, +-rsa-sha2-512,rsa-sha2-256 -.Ed -.Pp The list of available signature algorithms may also be obtained using @@ -389,12 +485,13 @@ diff --color -ru a/sshd_config.5 b/sshd_config.5 The supported algorithms are: .Pp .Bl -item -compact -offset indent -@@ -1010,15 +997,6 @@ +@@ -1010,16 +997,6 @@ sntrup761x25519-sha512@openssh.com .El .Pp -The default is: -.Bd -literal -offset indent +-sntrup761x25519-sha512@openssh.com, -curve25519-sha256,curve25519-sha256@libssh.org, -ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521, -diffie-hellman-group-exchange-sha256, @@ -452,7 +549,7 @@ diff --color -ru a/sshd_config.5 b/sshd_config.5 The list of available MAC algorithms may also be obtained using .Qq ssh -Q mac . .It Cm Match -@@ -1548,37 +1522,25 @@ +@@ -1548,36 +1522,25 @@ The default is .Cm yes . .It Cm PubkeyAcceptedAlgorithms @@ -488,14 +585,24 @@ diff --color -ru a/sshd_config.5 b/sshd_config.5 -sk-ecdsa-sha2-nistp256-cert-v01@openssh.com, -rsa-sha2-512-cert-v01@openssh.com, -rsa-sha2-256-cert-v01@openssh.com, --ssh-rsa-cert-v01@openssh.com, -ssh-ed25519, -ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521, -sk-ssh-ed25519@openssh.com, -sk-ecdsa-sha2-nistp256@openssh.com, --rsa-sha2-512,rsa-sha2-256,ssh-rsa +-rsa-sha2-512,rsa-sha2-256 -.Ed +built-in openssh default set. .Pp The list of available signature algorithms may also be obtained using .Qq ssh -Q PubkeyAcceptedAlgorithms . +@@ -2011,7 +1968,9 @@ This file should be writable by root onl + .El + .Sh SEE ALSO + .Xr sftp-server 8 , +-.Xr sshd 8 ++.Xr sshd 8 , ++.Xr crypto-policies 7 , ++.Xr update-crypto-policies 8 + .Sh AUTHORS + .An -nosplit + OpenSSH is a derivative of the original and free diff --git a/openssh-8.0p1-gssapi-keyex.patch b/openssh-8.0p1-gssapi-keyex.patch index e26bebd..d5dfd7e 100644 --- a/openssh-8.0p1-gssapi-keyex.patch +++ b/openssh-8.0p1-gssapi-keyex.patch @@ -16,7 +16,7 @@ index e7549470..b68c1710 100644 monitor.o monitor_wrap.o auth-krb5.o \ - auth2-gss.o gss-serv.o gss-serv-krb5.o \ + auth2-gss.o gss-serv.o gss-serv-krb5.o kexgsss.o \ - loginrec.o auth-pam.o auth-shadow.o auth-sia.o md5crypt.o \ + loginrec.o auth-pam.o auth-shadow.o auth-sia.o \ srclimit.o sftp-server.o sftp-common.o \ sandbox-null.o sandbox-rlimit.o sandbox-systrace.o sandbox-darwin.o \ diff -up a/auth.c.gsskex b/auth.c @@ -135,7 +135,7 @@ index 9351e042..d6446c0c 100644 --- a/auth2-gss.c +++ b/auth2-gss.c @@ -1,7 +1,7 @@ - /* $OpenBSD: auth2-gss.c,v 1.32 2021/01/27 10:15:08 djm Exp $ */ + /* $OpenBSD: auth2-gss.c,v 1.33 2021/12/19 22:12:07 djm Exp $ */ /* - * Copyright (c) 2001-2003 Simon Wilkinson. All rights reserved. @@ -224,7 +224,7 @@ index 9351e042..d6446c0c 100644 + Authmethod method_gssapi = { "gssapi-with-mic", - userauth_gssapi, + NULL, diff --git a/auth2.c b/auth2.c index 0e776224..1c217268 100644 --- a/auth2.c @@ -375,8 +375,8 @@ index ebd0dbca..1bdac6a4 100644 +#include "ssh-gss.h" +#endif + - /* import options */ - extern Options options; + /* Permitted RSA signature algorithms for UpdateHostkeys proofs */ + #define HOSTKEY_PROOF_RSA_ALGS "rsa-sha2-512,rsa-sha2-256" @@ -1379,9 +1383,18 @@ client_loop(struct ssh *ssh, int have_pty, int escape_char_arg, break; @@ -384,7 +384,7 @@ index ebd0dbca..1bdac6a4 100644 /* Do channel operations unless rekeying in progress. */ - if (!ssh_packet_is_rekeying(ssh)) + if (!ssh_packet_is_rekeying(ssh)) { - channel_after_select(ssh, readset, writeset); + channel_after_poll(ssh, pfd, npfd_active); +#ifdef GSSAPI + if (options.gss_renewal_rekey && @@ -396,8 +396,8 @@ index ebd0dbca..1bdac6a4 100644 + } + /* Buffer input from the connection. */ - client_process_net_input(ssh, readset); - + if (conn_in_ready) + client_process_net_input(ssh); diff --git a/configure.ac b/configure.ac index b689db4b..efafb6bd 100644 --- a/configure.ac @@ -1370,9 +1370,9 @@ index ce85f043..574c7609 100644 +#ifdef GSSAPI + free(kex->gss_host); +#endif /* GSSAPI */ + sshbuf_free(kex->initial_sig); + sshkey_free(kex->initial_hostkey); free(kex->failed_choice); - free(kex->hostkey_alg); - free(kex->name); diff --git a/kex.h b/kex.h index a5ae6ac0..fe714141 100644 --- a/kex.h @@ -3011,7 +3011,7 @@ diff -up a/readconf.c.gsskex b/readconf.c options->kbd_interactive_authentication = -1; options->kbd_interactive_devices = NULL; @@ -2463,8 +2516,18 @@ fill_default_options(Options * options) - options->pubkey_authentication = 1; + options->pubkey_authentication = SSH_PUBKEY_AUTH_ALL; if (options->gss_authentication == -1) options->gss_authentication = 0; + if (options->gss_keyex == -1) @@ -3886,7 +3886,7 @@ index 57995ee6..fd5b7724 100644 --- a/sshkey.c +++ b/sshkey.c @@ -154,6 +154,7 @@ static const struct keytype keytypes[] = { - KEY_ECDSA_SK_CERT, NID_X9_62_prime256v1, 1, 0 }, + # endif /* ENABLE_SK */ # endif /* OPENSSL_HAS_ECC */ #endif /* WITH_OPENSSL */ + { "null", "null", NULL, KEY_NULL, 0, 0, 0 }, diff --git a/openssh-8.0p1-pkcs11-uri.patch b/openssh-8.0p1-pkcs11-uri.patch index 8592607..b3295a9 100644 --- a/openssh-8.0p1-pkcs11-uri.patch +++ b/openssh-8.0p1-pkcs11-uri.patch @@ -92,9 +92,9 @@ diff -up openssh-8.7p1/Makefile.in.pkcs11-uri openssh-8.7p1/Makefile.in rm -f regress/unittests/utf8/test_utf8 + rm -f regress/unittests/pkcs11/*.o + rm -f regress/unittests/pkcs11/test_pkcs11 - (cd openbsd-compat && $(MAKE) distclean) - if test -d pkg ; then \ - rm -fr pkg ; \ + rm -f regress/misc/sk-dummy/*.o + rm -f regress/misc/sk-dummy/*.lo + rm -f regress/misc/sk-dummy/sk-dummy.so @@ -513,6 +517,7 @@ regress-prep: $(MKDIR_P) `pwd`/regress/unittests/sshkey $(MKDIR_P) `pwd`/regress/unittests/sshsig @@ -876,22 +876,23 @@ diff -up openssh-8.7p1/ssh-add.c.pkcs11-uri openssh-8.7p1/ssh-add.c --- openssh-8.7p1/ssh-add.c.pkcs11-uri 2021-08-20 06:03:49.000000000 +0200 +++ openssh-8.7p1/ssh-add.c 2021-08-30 13:07:43.664700104 +0200 @@ -68,6 +68,7 @@ - #include "digest.h" #include "ssh-sk.h" #include "sk-api.h" + #include "hostfile.h" +#include "ssh-pkcs11-uri.h" /* argv0 */ extern char *__progname; -@@ -229,6 +230,32 @@ delete_all(int agent_fd, int qflag) +@@ -229,6 +230,34 @@ delete_all(int agent_fd, int qflag) return ret; } +#ifdef ENABLE_PKCS11 -+static int update_card(int, int, const char *, int, char *); ++static int update_card(int, int, const char *, int, struct dest_constraint **, size_t, char *); + +int -+update_pkcs11_uri(int agent_fd, int adding, const char *pkcs11_uri, int qflag) ++update_pkcs11_uri(int agent_fd, int adding, const char *pkcs11_uri, int qflag, ++ struct dest_constraint **dest_constraints, size_t ndest_constraints) +{ + char *pin = NULL; + struct pkcs11_uri *uri; @@ -909,19 +910,20 @@ diff -up openssh-8.7p1/ssh-add.c.pkcs11-uri openssh-8.7p1/ssh-add.c + } + pkcs11_uri_cleanup(uri); + -+ return update_card(agent_fd, adding, pkcs11_uri, qflag, pin); ++ return update_card(agent_fd, adding, pkcs11_uri, qflag, ++ dest_constraints, ndest_constraints, pin); +} +#endif + static int add_file(int agent_fd, const char *filename, int key_only, int qflag, - const char *skprovider) + const char *skprovider, struct dest_constraint **dest_constraints, @@ -445,12 +472,11 @@ add_file(int agent_fd, const char *filen - } static int --update_card(int agent_fd, int add, const char *id, int qflag) -+update_card(int agent_fd, int add, const char *id, int qflag, char *pin) + update_card(int agent_fd, int add, const char *id, int qflag, +- struct dest_constraint **dest_constraints, size_t ndest_constraints) ++ struct dest_constraint **dest_constraints, size_t ndest_constraints, char *pin) { - char *pin = NULL; int r, ret = -1; @@ -931,15 +933,16 @@ diff -up openssh-8.7p1/ssh-add.c.pkcs11-uri openssh-8.7p1/ssh-add.c if ((pin = read_passphrase("Enter passphrase for PKCS#11: ", RP_ALLOW_STDIN)) == NULL) return -1; -@@ -630,6 +656,13 @@ static int - do_file(int agent_fd, int deleting, int key_only, char *file, int qflag, - const char *skprovider) +@@ -630,6 +656,14 @@ static int + const char *skprovider, struct dest_constraint **dest_constraints, + size_t ndest_constraints) { +#ifdef ENABLE_PKCS11 + if (strlen(file) >= strlen(PKCS11_URI_SCHEME) && + strncmp(file, PKCS11_URI_SCHEME, + strlen(PKCS11_URI_SCHEME)) == 0) { -+ return update_pkcs11_uri(agent_fd, !deleting, file, qflag); ++ return update_pkcs11_uri(agent_fd, !deleting, file, qflag, ++ dest_constraints, ndest_constraints); + } +#endif if (deleting) { @@ -949,8 +952,8 @@ diff -up openssh-8.7p1/ssh-add.c.pkcs11-uri openssh-8.7p1/ssh-add.c } if (pkcs11provider != NULL) { if (update_card(agent_fd, !deleting, pkcs11provider, -- qflag) == -1) -+ qflag, NULL) == -1) +- qflag, dest_constraints, ndest_constraints) == -1) ++ qflag, dest_constraints, ndest_constraints, NULL) == -1) ret = 1; goto done; } @@ -1080,7 +1083,7 @@ diff -up openssh-8.7p1/ssh-agent.c.pkcs11-uri openssh-8.7p1/ssh-agent.c + free(sane_uri); free(keys); free(comments); - send_status(e, success); + free_dest_constraints(dest_constraints, ndest_constraints); @@ -918,7 +976,7 @@ send: static void process_remove_smartcard_key(SocketEntry *e) @@ -1544,7 +1547,7 @@ diff -up openssh-8.7p1/ssh-pkcs11.c.pkcs11-uri openssh-8.7p1/ssh-pkcs11.c static RSA_METHOD *rsa_method; @@ -195,6 +286,55 @@ static EC_KEY_METHOD *ec_key_method; static int ec_key_idx = 0; - #endif + #endif /* OPENSSL_HAS_ECC && HAVE_EC_KEY_METHOD_NEW */ +/* + * This can't be in the ssh-pkcs11-uri, becase we can not depend on @@ -1739,9 +1742,9 @@ diff -up openssh-8.7p1/ssh-pkcs11.c.pkcs11-uri openssh-8.7p1/ssh-pkcs11.c struct pkcs11_key *k11; @@ -614,6 +764,12 @@ pkcs11_ecdsa_wrap(struct pkcs11_provider - k11->keyid = xmalloc(k11->keyid_len); - memcpy(k11->keyid, keyid_attrib->pValue, k11->keyid_len); - + k11->keyid = xmalloc(k11->keyid_len); + memcpy(k11->keyid, keyid_attrib->pValue, k11->keyid_len); + } + if (label_attrib->ulValueLen > 0 ) { + k11->label = xmalloc(label_attrib->ulValueLen+1); + memcpy(k11->label, label_attrib->pValue, label_attrib->ulValueLen); diff --git a/openssh-8.7p1-host-based-auth.patch b/openssh-8.7p1-host-based-auth.patch deleted file mode 100644 index 23efe91..0000000 --- a/openssh-8.7p1-host-based-auth.patch +++ /dev/null @@ -1,151 +0,0 @@ -diff --color -rup a/sshconnect2.c b/sshconnect2.c ---- a/sshconnect2.c 2022-07-11 17:00:02.618575727 +0200 -+++ b/sshconnect2.c 2022-07-11 17:03:05.096085690 +0200 -@@ -2288,9 +2288,9 @@ userauth_hostbased(struct ssh *ssh) - if (authctxt->sensitive->keys[i] == NULL || - authctxt->sensitive->keys[i]->type == KEY_UNSPEC) - continue; -- if (match_pattern_list( -+ if (!sshkey_match_keyname_to_sigalgs( - sshkey_ssh_name(authctxt->sensitive->keys[i]), -- authctxt->active_ktype, 0) != 1) -+ authctxt->active_ktype)) - continue; - /* we take and free the key */ - private = authctxt->sensitive->keys[i]; -@@ -2316,7 +2316,8 @@ userauth_hostbased(struct ssh *ssh) - error_f("sshkey_fingerprint failed"); - goto out; - } -- debug_f("trying hostkey %s %s", sshkey_ssh_name(private), fp); -+ debug_f("trying hostkey %s %s using sigalg %s", -+ sshkey_ssh_name(private), fp, authctxt->active_ktype); - - /* figure out a name for the client host */ - lname = get_local_name(ssh_packet_get_connection_in(ssh)); -diff --color -rup a/sshkey.c b/sshkey.c ---- a/sshkey.c 2022-07-11 17:00:02.609575554 +0200 -+++ b/sshkey.c 2022-07-11 17:12:30.905976443 +0200 -@@ -252,6 +252,29 @@ sshkey_ecdsa_nid_from_name(const char *n - return -1; - } - -+int -+sshkey_match_keyname_to_sigalgs(const char *keyname, const char *sigalgs) -+{ -+ int ktype; -+ -+ if (sigalgs == NULL || *sigalgs == '\0' || -+ (ktype = sshkey_type_from_name(keyname)) == KEY_UNSPEC) -+ return 0; -+ else if (ktype == KEY_RSA) { -+ return match_pattern_list("ssh-rsa", sigalgs, 0) == 1 || -+ match_pattern_list("rsa-sha2-256", sigalgs, 0) == 1 || -+ match_pattern_list("rsa-sha2-512", sigalgs, 0) == 1; -+ } else if (ktype == KEY_RSA_CERT) { -+ return match_pattern_list("ssh-rsa-cert-v01@openssh.com", -+ sigalgs, 0) == 1 || -+ match_pattern_list("rsa-sha2-256-cert-v01@openssh.com", -+ sigalgs, 0) == 1 || -+ match_pattern_list("rsa-sha2-512-cert-v01@openssh.com", -+ sigalgs, 0) == 1; -+ } else -+ return match_pattern_list(keyname, sigalgs, 0) == 1; -+} -+ - char * - sshkey_alg_list(int certs_only, int plain_only, int include_sigonly, char sep) - { -diff --color -rup a/sshkey.h b/sshkey.h ---- a/sshkey.h 2022-07-11 17:00:02.603575438 +0200 -+++ b/sshkey.h 2022-07-11 17:13:01.052556879 +0200 -@@ -194,6 +194,10 @@ int sshkey_is_cert(const struct sshkey - int sshkey_is_sk(const struct sshkey *); - int sshkey_type_is_cert(int); - int sshkey_type_plain(int); -+ -+/* Returns non-zero if key name match sigalgs pattern list. (handles RSA) */ -+int sshkey_match_keyname_to_sigalgs(const char *, const char *); -+ - int sshkey_to_certified(struct sshkey *); - int sshkey_drop_cert(struct sshkey *); - int sshkey_cert_copy(const struct sshkey *, struct sshkey *); -diff --color -rup a/ssh-keysign.c b/ssh-keysign.c ---- a/ssh-keysign.c 2021-08-20 06:03:49.000000000 +0200 -+++ b/ssh-keysign.c 2022-07-11 17:00:23.306973667 +0200 -@@ -62,7 +62,7 @@ - extern char *__progname; - - static int --valid_request(struct passwd *pw, char *host, struct sshkey **ret, -+valid_request(struct passwd *pw, char *host, struct sshkey **ret, char **pkalgp, - u_char *data, size_t datalen) - { - struct sshbuf *b; -@@ -75,6 +75,8 @@ valid_request(struct passwd *pw, char *h - - if (ret != NULL) - *ret = NULL; -+ if (pkalgp != NULL) -+ *pkalgp = NULL; - fail = 0; - - if ((b = sshbuf_from(data, datalen)) == NULL) -@@ -122,8 +124,6 @@ valid_request(struct passwd *pw, char *h - fail++; - } else if (key->type != pktype) - fail++; -- free(pkalg); -- free(pkblob); - - /* client host name, handle trailing dot */ - if ((r = sshbuf_get_cstring(b, &p, &len)) != 0) -@@ -154,8 +154,19 @@ valid_request(struct passwd *pw, char *h - - if (fail) - sshkey_free(key); -- else if (ret != NULL) -- *ret = key; -+ else { -+ if (ret != NULL) { -+ *ret = key; -+ key = NULL; -+ } -+ if (pkalgp != NULL) { -+ *pkalgp = pkalg; -+ pkalg = NULL; -+ } -+ } -+ sshkey_free(key); -+ free(pkalg); -+ free(pkblob); - - return (fail ? -1 : 0); - } -@@ -170,7 +181,7 @@ main(int argc, char **argv) - struct passwd *pw; - int r, key_fd[NUM_KEYTYPES], i, found, version = 2, fd; - u_char *signature, *data, rver; -- char *host, *fp; -+ char *host, *fp, *pkalg; - size_t slen, dlen; - - if (pledge("stdio rpath getpw dns id", NULL) != 0) -@@ -258,7 +269,7 @@ main(int argc, char **argv) - - if ((r = sshbuf_get_string(b, &data, &dlen)) != 0) - fatal_r(r, "%s: buffer error", __progname); -- if (valid_request(pw, host, &key, data, dlen) < 0) -+ if (valid_request(pw, host, &key, &pkalg, data, dlen) < 0) - fatal("%s: not a valid request", __progname); - free(host); - -@@ -279,7 +290,7 @@ main(int argc, char **argv) - } - - if ((r = sshkey_sign(keys[i], &signature, &slen, data, dlen, -- NULL, NULL, NULL, 0)) != 0) -+ pkalg, NULL, NULL, 0)) != 0) - fatal_r(r, "%s: sshkey_sign failed", __progname); - free(data); - diff --git a/openssh-8.7p1-ibmca.patch b/openssh-8.7p1-ibmca.patch index c9c12ee..88914bf 100644 --- a/openssh-8.7p1-ibmca.patch +++ b/openssh-8.7p1-ibmca.patch @@ -4,9 +4,8 @@ #include "includes.h" --#ifndef HAVE_CLOSEFROM -+#if (!defined HAVE_CLOSEFROM) || (defined __s390__) +-#if !defined(HAVE_CLOSEFROM) || defined(BROKEN_CLOSEFROM) ++#if !defined(HAVE_CLOSEFROM) || defined(BROKEN_CLOSEFROM) || (defined __s390__) #include - #include - + #include diff --git a/openssh-8.7p1-minimize-sha1-use.patch b/openssh-8.7p1-minimize-sha1-use.patch deleted file mode 100644 index fc517da..0000000 --- a/openssh-8.7p1-minimize-sha1-use.patch +++ /dev/null @@ -1,207 +0,0 @@ -diff --color -ru a/clientloop.c b/clientloop.c ---- a/clientloop.c 2022-06-29 16:35:06.677597259 +0200 -+++ b/clientloop.c 2022-06-29 16:40:29.737926205 +0200 -@@ -116,6 +116,9 @@ - #include "ssh-gss.h" - #endif - -+/* Permitted RSA signature algorithms for UpdateHostkeys proofs */ -+#define HOSTKEY_PROOF_RSA_ALGS "rsa-sha2-512,rsa-sha2-256" -+ - /* import options */ - extern Options options; - -@@ -2110,8 +2113,10 @@ - struct hostkeys_update_ctx *ctx = (struct hostkeys_update_ctx *)_ctx; - size_t i, ndone; - struct sshbuf *signdata; -- int r, kexsigtype, use_kexsigtype; -+ int r, plaintype; - const u_char *sig; -+ const char *rsa_kexalg = NULL; -+ char *alg = NULL; - size_t siglen; - - if (ctx->nnew == 0) -@@ -2122,9 +2127,9 @@ - hostkeys_update_ctx_free(ctx); - return; - } -- kexsigtype = sshkey_type_plain( -- sshkey_type_from_name(ssh->kex->hostkey_alg)); -- -+ if (sshkey_type_plain(sshkey_type_from_name( -+ ssh->kex->hostkey_alg)) == KEY_RSA) -+ rsa_kexalg = ssh->kex->hostkey_alg; - if ((signdata = sshbuf_new()) == NULL) - fatal_f("sshbuf_new failed"); - /* -@@ -2135,6 +2140,7 @@ - for (ndone = i = 0; i < ctx->nkeys; i++) { - if (ctx->keys_match[i]) - continue; -+ plaintype = sshkey_type_plain(ctx->keys[i]->type); - /* Prepare data to be signed: session ID, unique string, key */ - sshbuf_reset(signdata); - if ( (r = sshbuf_put_cstring(signdata, -@@ -2148,19 +2154,33 @@ - error_fr(r, "parse sig"); - goto out; - } -+ if ((r = sshkey_get_sigtype(sig, siglen, &alg)) != 0) { -+ error_fr(r, "server gave unintelligible signature " -+ "for %s key %zu", sshkey_type(ctx->keys[i]), i); -+ goto out; -+ } - /* -- * For RSA keys, prefer to use the signature type negotiated -- * during KEX to the default (SHA1). -+ * Special case for RSA keys: if a RSA hostkey was negotiated, -+ * then use its signature type for verification of RSA hostkey -+ * proofs. Otherwise, accept only RSA-SHA256/512 signatures. - */ -- use_kexsigtype = kexsigtype == KEY_RSA && -- sshkey_type_plain(ctx->keys[i]->type) == KEY_RSA; -- debug3_f("verify %s key %zu using %s sigalg", -- sshkey_type(ctx->keys[i]), i, -- use_kexsigtype ? ssh->kex->hostkey_alg : "default"); -+ if (plaintype == KEY_RSA && rsa_kexalg == NULL && -+ match_pattern_list(alg, HOSTKEY_PROOF_RSA_ALGS, 0) != 1) { -+ debug_f("server used untrusted RSA signature algorithm " -+ "%s for key %zu, disregarding", alg, i); -+ free(alg); -+ /* zap the key from the list */ -+ sshkey_free(ctx->keys[i]); -+ ctx->keys[i] = NULL; -+ ndone++; -+ continue; -+ } -+ debug3_f("verify %s key %zu using sigalg %s", -+ sshkey_type(ctx->keys[i]), i, alg); -+ free(alg); - if ((r = sshkey_verify(ctx->keys[i], sig, siglen, - sshbuf_ptr(signdata), sshbuf_len(signdata), -- use_kexsigtype ? ssh->kex->hostkey_alg : NULL, 0, -- NULL)) != 0) { -+ plaintype == KEY_RSA ? rsa_kexalg : NULL, 0, NULL)) != 0) { - error_fr(r, "server gave bad signature for %s key %zu", - sshkey_type(ctx->keys[i]), i); - goto out; -diff --git a/hostfile.c b/hostfile.c -index a035b381..bd49e3ac 100644 ---- a/hostfile.c -+++ b/hostfile.c -@@ -642,7 +642,7 @@ hostfile_replace_entries(const char *filename, const char *host, const char *ip, - /* Re-add the requested keys */ - want = HKF_MATCH_HOST | (ip == NULL ? 0 : HKF_MATCH_IP); - for (i = 0; i < nkeys; i++) { -- if ((want & ctx.match_keys[i]) == want) -+ if (keys[i] == NULL || (want & ctx.match_keys[i]) == want) - continue; - if ((fp = sshkey_fingerprint(keys[i], hash_alg, - SSH_FP_DEFAULT)) == NULL) { -diff --color -ru a/kex.c b/kex.c ---- a/kex.c 2022-06-29 16:35:06.775599179 +0200 -+++ b/kex.c 2022-06-29 16:42:00.839710940 +0200 -@@ -959,6 +959,18 @@ - return (1); - } - -+/* returns non-zero if proposal contains any algorithm from algs */ -+static int -+has_any_alg(const char *proposal, const char *algs) -+{ -+ char *cp; -+ -+ if ((cp = match_list(proposal, algs, NULL)) == NULL) -+ return 0; -+ free(cp); -+ return 1; -+} -+ - static int - kex_choose_conf(struct ssh *ssh) - { -@@ -994,6 +1006,16 @@ - free(ext); - } - -+ /* Check whether client supports rsa-sha2 algorithms */ -+ if (kex->server && (kex->flags & KEX_INITIAL)) { -+ if (has_any_alg(peer[PROPOSAL_SERVER_HOST_KEY_ALGS], -+ "rsa-sha2-256,rsa-sha2-256-cert-v01@openssh.com")) -+ kex->flags |= KEX_RSA_SHA2_256_SUPPORTED; -+ if (has_any_alg(peer[PROPOSAL_SERVER_HOST_KEY_ALGS], -+ "rsa-sha2-512,rsa-sha2-512-cert-v01@openssh.com")) -+ kex->flags |= KEX_RSA_SHA2_512_SUPPORTED; -+ } -+ - /* Algorithm Negotiation */ - if ((r = choose_kex(kex, cprop[PROPOSAL_KEX_ALGS], - sprop[PROPOSAL_KEX_ALGS])) != 0) { -diff --color -ru a/kex.h b/kex.h ---- a/kex.h 2022-06-29 16:35:06.766599003 +0200 -+++ b/kex.h 2022-06-29 16:42:24.199168567 +0200 -@@ -116,6 +116,8 @@ - - #define KEX_INIT_SENT 0x0001 - #define KEX_INITIAL 0x0002 -+#define KEX_RSA_SHA2_256_SUPPORTED 0x0008 /* only set in server for now */ -+#define KEX_RSA_SHA2_512_SUPPORTED 0x0010 /* only set in server for now */ - - struct sshenc { - char *name; -diff --color -ru a/serverloop.c b/serverloop.c ---- a/serverloop.c 2021-08-20 06:03:49.000000000 +0200 -+++ b/serverloop.c 2022-06-29 16:45:05.902336428 +0200 -@@ -684,16 +684,18 @@ - struct sshbuf *resp = NULL; - struct sshbuf *sigbuf = NULL; - struct sshkey *key = NULL, *key_pub = NULL, *key_prv = NULL; -- int r, ndx, kexsigtype, use_kexsigtype, success = 0; -+ int r, ndx, success = 0; - const u_char *blob; -+ const char *sigalg, *kex_rsa_sigalg = NULL; - u_char *sig = 0; - size_t blen, slen; - - if ((resp = sshbuf_new()) == NULL || (sigbuf = sshbuf_new()) == NULL) - fatal_f("sshbuf_new"); - -- kexsigtype = sshkey_type_plain( -- sshkey_type_from_name(ssh->kex->hostkey_alg)); -+ if (sshkey_type_plain(sshkey_type_from_name( -+ ssh->kex->hostkey_alg)) == KEY_RSA) -+ kex_rsa_sigalg = ssh->kex->hostkey_alg; - while (ssh_packet_remaining(ssh) > 0) { - sshkey_free(key); - key = NULL; -@@ -726,16 +728,24 @@ - * For RSA keys, prefer to use the signature type negotiated - * during KEX to the default (SHA1). - */ -- use_kexsigtype = kexsigtype == KEY_RSA && -- sshkey_type_plain(key->type) == KEY_RSA; -+ sigalg = NULL; -+ if (sshkey_type_plain(key->type) == KEY_RSA) { -+ if (kex_rsa_sigalg != NULL) -+ sigalg = kex_rsa_sigalg; -+ else if (ssh->kex->flags & KEX_RSA_SHA2_512_SUPPORTED) -+ sigalg = "rsa-sha2-512"; -+ else if (ssh->kex->flags & KEX_RSA_SHA2_256_SUPPORTED) -+ sigalg = "rsa-sha2-256"; -+ } -+ debug3_f("sign %s key (index %d) using sigalg %s", -+ sshkey_type(key), ndx, sigalg == NULL ? "default" : sigalg); - if ((r = sshbuf_put_cstring(sigbuf, - "hostkeys-prove-00@openssh.com")) != 0 || - (r = sshbuf_put_stringb(sigbuf, - ssh->kex->session_id)) != 0 || - (r = sshkey_puts(key, sigbuf)) != 0 || - (r = ssh->kex->sign(ssh, key_prv, key_pub, &sig, &slen, -- sshbuf_ptr(sigbuf), sshbuf_len(sigbuf), -- use_kexsigtype ? ssh->kex->hostkey_alg : NULL)) != 0 || -+ sshbuf_ptr(sigbuf), sshbuf_len(sigbuf), sigalg)) != 0 || - (r = sshbuf_put_string(resp, sig, slen)) != 0) { - error_fr(r, "assemble signature"); - goto out; diff --git a/openssh-8.7p1-minrsabits.patch b/openssh-8.7p1-minrsabits.patch index 107fe70..259129f 100644 --- a/openssh-8.7p1-minrsabits.patch +++ b/openssh-8.7p1-minrsabits.patch @@ -204,22 +204,25 @@ index a926cc007..cd13fb879 100644 break; case SSH_ERR_INTERNAL_ERROR: case SSH_ERR_ALLOC_FAIL: -@@ -1557,12 +1565,13 @@ main(int ac, char **av) +@@ -1565,7 +1573,7 @@ main(int ac, char **av) if ((o) >= sensitive_data.nkeys) \ fatal_f("pubkey out of array bounds"); \ check_load(sshkey_load_public(p, &(sensitive_data.keys[o]), NULL), \ - p, "pubkey"); \ + &(sensitive_data.keys[o]), p, "pubkey"); \ - } while (0) + if (sensitive_data.keys[o] != NULL) \ + debug2("hostbased key %d: %s key from \"%s\"", o, \ + sshkey_ssh_name(sensitive_data.keys[o]), p); \ +@@ -1573,7 +1581,8 @@ main(int ac, char **av) #define L_CERT(p,o) do { \ if ((o) >= sensitive_data.nkeys) \ fatal_f("cert out of array bounds"); \ - check_load(sshkey_load_cert(p, &(sensitive_data.keys[o])), p, "cert"); \ + check_load(sshkey_load_cert(p, &(sensitive_data.keys[o])), \ + &(sensitive_data.keys[o]), p, "cert"); \ - } while (0) - - if (options.hostbased_authentication == 1) { + if (sensitive_data.keys[o] != NULL) \ + debug2("hostbased key %d: %s cert from \"%s\"", o, \ + sshkey_ssh_name(sensitive_data.keys[o]), p); \ @@ -2244,7 +2253,7 @@ load_public_identity_files(const struct ssh_conn_info *cinfo) filename = default_client_percent_dollar_expand(cp, cinfo); free(cp); @@ -276,9 +279,9 @@ index 67f8e0309..d050c1656 100644 !(id->key && id->isprivate)) maybe_add_key_to_agent(id->filename, private, comment, @@ -1747,6 +1751,12 @@ pubkey_prepare(struct ssh *ssh, Authctxt *authctxt) - close(agent_fd); - } else { - for (j = 0; j < idlist->nkeys; j++) { + /* list of keys supported by the agent */ + if ((r = get_agent_identities(ssh, &agent_fd, &idlist)) == 0) { + for (j = 0; j < idlist->nkeys; j++) { + if ((r = sshkey_check_rsa_length(idlist->keys[j], + options.rsa_min_size)) != 0) { + debug_fr(r, "ignoring %s agent key", diff --git a/openssh-8.7p1-negotiate-supported-algs.patch b/openssh-8.7p1-negotiate-supported-algs.patch index 2fb9297..260ddb8 100644 --- a/openssh-8.7p1-negotiate-supported-algs.patch +++ b/openssh-8.7p1-negotiate-supported-algs.patch @@ -2,8 +2,8 @@ diff --color -rup a/regress/hostkey-agent.sh b/regress/hostkey-agent.sh --- a/regress/hostkey-agent.sh 2021-08-20 06:03:49.000000000 +0200 +++ b/regress/hostkey-agent.sh 2022-07-14 11:58:12.172786060 +0200 @@ -13,8 +13,12 @@ r=$? - grep -vi 'hostkey' $OBJ/sshd_proxy > $OBJ/sshd_proxy.orig - echo "HostKeyAgent $SSH_AUTH_SOCK" >> $OBJ/sshd_proxy.orig + + ${SSHKEYGEN} -qt ed25519 -f $OBJ/agent-ca -N '' || fatal "ssh-keygen CA" +PUBKEY_ACCEPTED_ALGOS=`$SSH -G "example.com" | \ + grep -i "PubkeyAcceptedAlgorithms" | cut -d ' ' -f2- | tr "," "|"` @@ -12,18 +12,18 @@ diff --color -rup a/regress/hostkey-agent.sh b/regress/hostkey-agent.sh trace "load hostkeys" -for k in $SSH_KEYTYPES ; do +for k in $SSH_ACCEPTED_KEYTYPES ; do - ${SSHKEYGEN} -qt $k -f $OBJ/agent-key.$k -N '' || fatal "ssh-keygen $k" - ( - printf 'localhost-with-alias,127.0.0.1,::1 ' + ${SSHKEYGEN} -qt $k -f $OBJ/agent-key.$k -N '' || fatal "ssh-keygen $k" + ${SSHKEYGEN} -s $OBJ/agent-ca -qh -n localhost-with-alias \ + -I localhost-with-alias $OBJ/agent-key.$k.pub || \ @@ -31,7 +35,7 @@ cp $OBJ/known_hosts.orig $OBJ/known_host + unset SSH_AUTH_SOCK - for ps in yes; do -- for k in $SSH_KEYTYPES ; do -+ for k in $SSH_ACCEPTED_KEYTYPES ; do - verbose "key type $k privsep=$ps" - cp $OBJ/sshd_proxy.orig $OBJ/sshd_proxy - echo "UsePrivilegeSeparation $ps" >> $OBJ/sshd_proxy +-for k in $SSH_KEYTYPES ; do ++for k in $SSH_ACCEPTED_KEYTYPES ; do + verbose "key type $k" + cp $OBJ/sshd_proxy.orig $OBJ/sshd_proxy + echo "HostKeyAlgorithms $k" >> $OBJ/sshd_proxy diff --color -rup a/sshconnect2.c b/sshconnect2.c --- a/sshconnect2.c 2022-07-14 10:10:07.262975710 +0200 +++ b/sshconnect2.c 2022-07-14 10:10:32.068452067 +0200 diff --git a/openssh-8.7p1-recursive-scp.patch b/openssh-8.7p1-recursive-scp.patch index 25765fb..5b44d92 100644 --- a/openssh-8.7p1-recursive-scp.patch +++ b/openssh-8.7p1-recursive-scp.patch @@ -7,9 +7,9 @@ diff -up openssh-8.7p1/scp.c.scp-sftpdirs openssh-8.7p1/scp.c if (upload_dir(conn, src, abs_dst, pflag, - SFTP_PROGRESS_ONLY, 0, 0, 1) != 0) { + SFTP_PROGRESS_ONLY, 0, 0, 1, 1) != 0) { - error("failed to upload directory %s to %s", - src, abs_dst); - errs = 1; + error("failed to upload directory %s to %s", src, targ); + errs = 1; + } diff -up openssh-8.7p1/sftp-client.c.scp-sftpdirs openssh-8.7p1/sftp-client.c --- openssh-8.7p1/sftp-client.c.scp-sftpdirs 2021-08-20 06:03:49.000000000 +0200 +++ openssh-8.7p1/sftp-client.c 2022-02-07 12:47:59.117516131 +0100 @@ -22,11 +22,13 @@ diff -up openssh-8.7p1/sftp-client.c.scp-sftpdirs openssh-8.7p1/sftp-client.c { struct sshbuf *msg; u_int expected_id, count, id; -@@ -1012,9 +1012,38 @@ do_realpath_expand(struct sftp_conn *con - - if ((r = sshbuf_get_u32(msg, &status)) != 0) +@@ -1033,11 +1033,43 @@ do_realpath_expand(struct sftp_conn *con + if ((r = sshbuf_get_u32(msg, &status)) != 0 || + (r = sshbuf_get_cstring(msg, &errmsg, NULL)) != 0) fatal_fr(r, "parse status"); -- error("Couldn't canonicalize: %s", fx2txt(status)); +- error("%s %s: %s", expand ? "expand" : "realpath", +- path, *errmsg == '\0' ? fx2txt(status) : errmsg); +- free(errmsg); - sshbuf_free(msg); - return NULL; + if ((status == SSH2_FX_NO_SUCH_FILE) && create_dir) { @@ -35,29 +37,34 @@ diff -up openssh-8.7p1/sftp-client.c.scp-sftpdirs openssh-8.7p1/sftp-client.c + sshbuf_free(msg); + return NULL; + } -+ ++ debug2("Sending SSH2_FXP_REALPATH \"%s\" - create dir", path); + send_string_request(conn, id, SSH2_FXP_REALPATH, + path, strlen(path)); + + get_msg(conn, msg); + if ((r = sshbuf_get_u8(msg, &type)) != 0 || -+ (r = sshbuf_get_u32(msg, &id)) != 0) ++ (r = sshbuf_get_u32(msg, &id)) != 0) + fatal_fr(r, "parse"); + + if (id != expected_id) + fatal("ID mismatch (%u != %u)", id, expected_id); + + if (type == SSH2_FXP_STATUS) { -+ u_int status; ++ free(errmsg); + -+ if ((r = sshbuf_get_u32(msg, &status)) != 0) ++ if ((r = sshbuf_get_u32(msg, &status)) != 0 || ++ (r = sshbuf_get_cstring(msg, &errmsg, NULL)) != 0) + fatal_fr(r, "parse status"); -+ error("Couldn't canonicalize: %s", fx2txt(status)); ++ error("%s %s: %s", expand ? "expand" : "realpath", ++ path, *errmsg == '\0' ? fx2txt(status) : errmsg); ++ free(errmsg); + sshbuf_free(msg); + return NULL; + } + } else { -+ error("Couldn't canonicalize: %s", fx2txt(status)); ++ error("%s %s: %s", expand ? "expand" : "realpath", ++ path, *errmsg == '\0' ? fx2txt(status) : errmsg); ++ free(errmsg); + sshbuf_free(msg); + return NULL; + } @@ -94,9 +101,9 @@ diff -up openssh-8.7p1/sftp-client.c.scp-sftpdirs openssh-8.7p1/sftp-client.c - if ((src_canon = do_realpath(conn, src)) == NULL) { + if ((src_canon = do_realpath(conn, src, 0)) == NULL) { - error("Unable to canonicalize path \"%s\"", src); - return -1; - } + error("download \"%s\": path canonicalization failed", src); + return -1; + } @@ -2115,12 +2143,12 @@ upload_dir_internal(struct sftp_conn *co int upload_dir(struct sftp_conn *conn, const char *src, const char *dst, @@ -109,18 +116,18 @@ diff -up openssh-8.7p1/sftp-client.c.scp-sftpdirs openssh-8.7p1/sftp-client.c - if ((dst_canon = do_realpath(conn, dst)) == NULL) { + if ((dst_canon = do_realpath(conn, dst, create_dir)) == NULL) { - error("Unable to canonicalize path \"%s\"", dst); - return -1; - } + error("upload \"%s\": path canonicalization failed", dst); + return -1; + } @@ -2557,7 +2585,7 @@ crossload_dir(struct sftp_conn *from, st char *from_path_canon; int ret; - if ((from_path_canon = do_realpath(from, from_path)) == NULL) { + if ((from_path_canon = do_realpath(from, from_path, 0)) == NULL) { - error("Unable to canonicalize path \"%s\"", from_path); - return -1; - } + error("crossload \"%s\": path canonicalization failed", + from_path); + return -1; diff -up openssh-8.7p1/sftp-client.h.scp-sftpdirs openssh-8.7p1/sftp-client.h --- openssh-8.7p1/sftp-client.h.scp-sftpdirs 2021-08-20 06:03:49.000000000 +0200 +++ openssh-8.7p1/sftp-client.h 2022-02-07 12:31:07.410740433 +0100 diff --git a/openssh-8.7p1-scp-clears-file.patch b/openssh-8.7p1-scp-clears-file.patch index 4c033da..3ecff1e 100644 --- a/openssh-8.7p1-scp-clears-file.patch +++ b/openssh-8.7p1-scp-clears-file.patch @@ -1,21 +1,20 @@ diff --color -rup a/scp.c b/scp.c --- a/scp.c 2022-07-26 14:51:40.560120817 +0200 +++ b/scp.c 2022-07-26 14:52:37.118213004 +0200 -@@ -1324,12 +1324,12 @@ source_sftp(int argc, char *src, char *t - - if (src_is_dir && iamrecursive) { - if (upload_dir(conn, src, abs_dst, pflag, +@@ -1324,11 +1324,11 @@ source_sftp(int argc, char *src, char *t + + if (src_is_dir && iamrecursive) { + if (upload_dir(conn, src, abs_dst, pflag, - SFTP_PROGRESS_ONLY, 0, 0, 1, 1) != 0) { + SFTP_PROGRESS_ONLY, 0, 0, 1, 1, 1) != 0) { - error("failed to upload directory %s to %s", - src, abs_dst); - errs = 1; - } + error("failed to upload directory %s to %s", src, targ); + errs = 1; + } - } else if (do_upload(conn, src, abs_dst, pflag, 0, 0) != 0) { + } else if (do_upload(conn, src, abs_dst, pflag, 0, 0, 1) != 0) { - error("failed to upload file %s to %s", src, abs_dst); - errs = 1; - } + error("failed to upload file %s to %s", src, targ); + errs = 1; + } @@ -1566,11 +1566,11 @@ sink_sftp(int argc, char *dst, const cha debug("Fetching %s to %s\n", g.gl_pathv[i], abs_dst); if (globpath_is_dir(g.gl_pathv[i]) && iamrecursive) { @@ -83,9 +82,9 @@ diff --color -rup a/sftp-client.c b/sftp-client.c - O_WRONLY | O_CREAT | (resume_flag ? 0 : O_TRUNC), mode | S_IWUSR); + local_fd = open(local_path, O_WRONLY | O_CREAT | + ((resume_flag || inplace_flag) ? 0 : O_TRUNC), mode | S_IWUSR); - if (local_fd == -1) { - error("Couldn't open local file \"%s\" for writing: %s", - local_path, strerror(errno)); + if (local_fd == -1) { + error("open local \"%s\": %s", local_path, strerror(errno)); + goto fail; @@ -1661,8 +1661,11 @@ do_download(struct sftp_conn *conn, cons /* Sanity check */ if (TAILQ_FIRST(&requests) != NULL) @@ -217,8 +216,8 @@ diff --color -rup a/sftp-client.c b/sftp-client.c + } + if (close(local_fd) == -1) { - error("Couldn't close local file \"%s\": %s", local_path, - strerror(errno)); + error("close local \"%s\": %s", local_path, strerror(errno)); + status = SSH2_FX_FAILURE; @@ -2041,7 +2063,7 @@ do_upload(struct sftp_conn *conn, const static int upload_dir_internal(struct sftp_conn *conn, const char *src, const char *dst, @@ -241,9 +240,9 @@ diff --color -rup a/sftp-client.c b/sftp-client.c - preserve_flag, resume, fsync_flag) == -1) { + preserve_flag, resume, fsync_flag, + inplace_flag) == -1) { - error("Uploading of file %s to %s failed!", - new_src, new_dst); - ret = -1; + error("upload \"%s\" to \"%s\" failed", + new_src, new_dst); + ret = -1; @@ -2144,7 +2167,7 @@ upload_dir_internal(struct sftp_conn *co int upload_dir(struct sftp_conn *conn, const char *src, const char *dst, diff --git a/openssh-8.7p1-sftp-default-protocol.patch b/openssh-8.7p1-sftp-default-protocol.patch deleted file mode 100644 index c3527b1..0000000 --- a/openssh-8.7p1-sftp-default-protocol.patch +++ /dev/null @@ -1,87 +0,0 @@ -diff --git a/scp.1 b/scp.1 -index 68aac04b..a96e95ad 100644 ---- a/scp.1 -+++ b/scp.1 -@@ -18,7 +18,7 @@ - .Nd OpenSSH secure file copy - .Sh SYNOPSIS - .Nm scp --.Op Fl 346ABCOpqRrsTv -+.Op Fl 346ABCOpqRrTv - .Op Fl c Ar cipher - .Op Fl D Ar sftp_server_path - .Op Fl F Ar ssh_config -@@ -79,7 +76,9 @@ The options are as follows: - Copies between two remote hosts are transferred through the local host. - Without this option the data is copied directly between the two remote - hosts. --Note that, when using the original SCP protocol (the default), this option -+Note that, when using the original SCP protocol (via the -+.Fl O -+flag), this option - selects batch mode for the second host as - .Nm - cannot ask for passwords or passphrases for both hosts. -@@ -146,7 +145,6 @@ Limits the used bandwidth, specified in Kbit/s. - wildcard patterns and for expanding paths with a - .Sq ~ - prefix for older SFTP servers. --This mode is the default. - .It Fl o Ar ssh_option - Can be used to pass options to - .Nm ssh -@@ -258,8 +258,6 @@ to use for the encrypted connection. - The program must understand - .Xr ssh 1 - options. --.It Fl s --Use the SFTP protocol for transfers rather than the original scp protocol. - .It Fl T - Disable strict filename checking. - By default when copying files from a remote host to a local directory -@@ -299,11 +289,23 @@ debugging connection, authentication, and configuration problems. - .Xr ssh_config 5 , - .Xr sftp-server 8 , - .Xr sshd 8 -+.Sh CAVEATS -+The original scp protocol (selected by the -+.Fl O -+flag) requires execution of the remote user's shell to perform -+.Xr glob 3 -+pattern matching. -+This requires careful quoting of any characters that have special meaning to -+the remote shell, such as quote characters. - .Sh HISTORY - .Nm - is based on the rcp program in - .Bx - source code from the Regents of the University of California. -+.Pp -+Since OpenSSH 8.8 (8.7 in Red Hat/Fedora builds), -+.Nm -+has use the SFTP protocol for transfers by default. - .Sh AUTHORS - .An Timo Rinne Aq Mt tri@iki.fi - .An Tatu Ylonen Aq Mt ylo@cs.hut.fi -diff --git a/scp.c b/scp.c -index e039350c..c7cf7529 100644 ---- a/scp.c -+++ b/scp.c -@@ -448,7 +448,7 @@ main(int argc, char **argv) - const char *errstr; - extern char *optarg; - extern int optind; -- enum scp_mode_e mode = MODE_SCP; -+ enum scp_mode_e mode = MODE_SFTP; - char *sftp_direct = NULL; - - /* Ensure that fds 0, 1 and 2 are open or directed to /dev/null */ -@@ -1983,7 +1983,7 @@ void - usage(void) - { - (void) fprintf(stderr, -- "usage: scp [-346ABCOpqRrsTv] [-c cipher] [-D sftp_server_path] [-F ssh_config]\n" -+ "usage: scp [-346ABCOpqRrTv] [-c cipher] [-D sftp_server_path] [-F ssh_config]\n" - " [-i identity_file] [-J destination] [-l limit]\n" - " [-o ssh_option] [-P port] [-S program] source ... target\n"); - exit(1); diff --git a/openssh-8.7p1-sftpscp-dir-create.patch b/openssh-8.7p1-sftpscp-dir-create.patch deleted file mode 100644 index bc504f9..0000000 --- a/openssh-8.7p1-sftpscp-dir-create.patch +++ /dev/null @@ -1,135 +0,0 @@ -diff -up openssh-8.7p1/scp.c.sftpdirs openssh-8.7p1/scp.c ---- openssh-8.7p1/scp.c.sftpdirs 2022-02-02 14:11:12.553447509 +0100 -+++ openssh-8.7p1/scp.c 2022-02-02 14:12:56.081316414 +0100 -@@ -130,6 +130,7 @@ - #include "misc.h" - #include "progressmeter.h" - #include "utf8.h" -+#include "sftp.h" - - #include "sftp-common.h" - #include "sftp-client.h" -@@ -1264,13 +1265,18 @@ tolocal(int argc, char **argv, enum scp_ - static char * - prepare_remote_path(struct sftp_conn *conn, const char *path) - { -+ size_t nslash; -+ - /* Handle ~ prefixed paths */ -- if (*path != '~') -- return xstrdup(path); - if (*path == '\0' || strcmp(path, "~") == 0) - return xstrdup("."); -- if (strncmp(path, "~/", 2) == 0) -- return xstrdup(path + 2); -+ if (*path != '~') -+ return xstrdup(path); -+ if (strncmp(path, "~/", 2) == 0) { -+ if ((nslash = strspn(path + 2, "/")) == strlen(path + 2)) -+ return xstrdup("."); -+ return xstrdup(path + 2 + nslash); -+ } - if (can_expand_path(conn)) - return do_expand_path(conn, path); - /* No protocol extension */ -@@ -1282,10 +1288,16 @@ void - source_sftp(int argc, char *src, char *targ, struct sftp_conn *conn) - { - char *target = NULL, *filename = NULL, *abs_dst = NULL; -- int target_is_dir; -- -+ int src_is_dir, target_is_dir; -+ Attrib a; -+ struct stat st; -+ -+ memset(&a, '\0', sizeof(a)); -+ if (stat(src, &st) != 0) -+ fatal("stat local \"%s\": %s", src, strerror(errno)); -+ src_is_dir = S_ISDIR(st.st_mode); - if ((filename = basename(src)) == NULL) -- fatal("basename %s: %s", src, strerror(errno)); -+ fatal("basename \"%s\": %s", src, strerror(errno)); - - /* - * No need to glob here - the local shell already took care of -@@ -1295,8 +1307,12 @@ source_sftp(int argc, char *src, char *t - cleanup_exit(255); - target_is_dir = remote_is_dir(conn, target); - if (targetshouldbedirectory && !target_is_dir) { -- fatal("Target is not a directory, but more files selected " -- "for upload"); -+ debug("target directory \"%s\" does not exist", target); -+ a.flags = SSH2_FILEXFER_ATTR_PERMISSIONS; -+ a.perm = st.st_mode | 0700; /* ensure writable */ -+ if (do_mkdir(conn, target, &a, 1) != 0) -+ cleanup_exit(255); /* error already logged */ -+ target_is_dir = 1; - } - if (target_is_dir) - abs_dst = path_append(target, filename); -@@ -1306,7 +1322,7 @@ source_sftp(int argc, char *src, char *t - } - debug3_f("copying local %s to remote %s", src, abs_dst); - -- if (local_is_dir(src) && iamrecursive) { -+ if (src_is_dir && iamrecursive) { - if (upload_dir(conn, src, abs_dst, pflag, - SFTP_PROGRESS_ONLY, 0, 0, 1) != 0) { - error("failed to upload directory %s to %s", -@@ -1487,14 +1506,15 @@ sink_sftp(int argc, char *dst, const cha - char *abs_dst = NULL; - glob_t g; - char *filename, *tmp = NULL; -- int i, r, err = 0; -+ int i, r, err = 0, dst_is_dir; -+ struct stat st; - - memset(&g, 0, sizeof(g)); -+ - /* - * Here, we need remote glob as SFTP can not depend on remote shell - * expansions - */ -- - if ((abs_src = prepare_remote_path(conn, src)) == NULL) { - err = -1; - goto out; -@@ -1510,11 +1530,24 @@ sink_sftp(int argc, char *dst, const cha - goto out; - } - -- if (g.gl_matchc > 1 && !local_is_dir(dst)) { -- error("Multiple files match pattern, but destination " -- "\"%s\" is not a directory", dst); -- err = -1; -- goto out; -+ if ((r = stat(dst, &st)) != 0) -+ debug2_f("stat local \"%s\": %s", dst, strerror(errno)); -+ dst_is_dir = r == 0 && S_ISDIR(st.st_mode); -+ -+ if (g.gl_matchc > 1 && !dst_is_dir) { -+ if (r == 0) { -+ error("Multiple files match pattern, but destination " -+ "\"%s\" is not a directory", dst); -+ err = -1; -+ goto out; -+ } -+ debug2_f("creating destination \"%s\"", dst); -+ if (mkdir(dst, 0777) != 0) { -+ error("local mkdir \"%s\": %s", dst, strerror(errno)); -+ err = -1; -+ goto out; -+ } -+ dst_is_dir = 1; - } - - for (i = 0; g.gl_pathv[i] && !interrupted; i++) { -@@ -1525,7 +1558,7 @@ sink_sftp(int argc, char *dst, const cha - goto out; - } - -- if (local_is_dir(dst)) -+ if (dst_is_dir) - abs_dst = path_append(dst, filename); - else - abs_dst = xstrdup(dst); diff --git a/openssh-8.8p1-skip-some-tests.patch b/openssh-8.8p1-skip-some-tests.patch deleted file mode 100644 index 7268eb3..0000000 --- a/openssh-8.8p1-skip-some-tests.patch +++ /dev/null @@ -1,41 +0,0 @@ -diff -up openssh-8.8p1/regress/hostkey-agent.sh.redhat openssh-8.8p1/regress/hostkey-agent.sh ---- openssh-8.8p1/regress/hostkey-agent.sh.redhat 2022-08-10 15:54:42.084777662 +0200 -+++ openssh-8.8p1/regress/hostkey-agent.sh 2022-08-10 17:01:25.651269994 +0200 -@@ -36,6 +36,8 @@ unset SSH_AUTH_SOCK - - for ps in yes; do - for k in $SSH_ACCEPTED_KEYTYPES ; do -+ [ "$k" == "ssh-rsa" ] && continue -+ [ "$k" == "ssh-dss" ] && continue - verbose "key type $k privsep=$ps" - cp $OBJ/sshd_proxy.orig $OBJ/sshd_proxy - echo "UsePrivilegeSeparation $ps" >> $OBJ/sshd_proxy -diff -up openssh-8.8p1/regress/hostkey-rotate.sh.redhat openssh-8.8p1/regress/hostkey-rotate.sh ---- openssh-8.8p1/regress/hostkey-rotate.sh.redhat 2022-08-10 16:57:12.720029146 +0200 -+++ openssh-8.8p1/regress/hostkey-rotate.sh 2022-08-10 17:15:48.274923865 +0200 -@@ -40,6 +40,8 @@ trace "prepare hostkeys" - nkeys=0 - all_algs="" - for k in $SSH_HOSTKEY_TYPES; do -+ [ "$k" == "ssh-rsa" ] && continue -+ [ "$k" == "ssh-dss" ] && continue - ${SSHKEYGEN} -qt $k -f $OBJ/hkr.$k -N '' || fatal "ssh-keygen $k" - echo "Hostkey $OBJ/hkr.${k}" >> $OBJ/sshd_proxy.orig - nkeys=`expr $nkeys + 1` -@@ -87,11 +89,15 @@ dossh -oStrictHostKeyChecking=yes -oHost - # Check that other keys learned - expect_nkeys $nkeys "learn hostkeys" - for k in $SSH_HOSTKEY_TYPES; do -+ [ "$k" == "ssh-rsa" ] && continue -+ [ "$k" == "ssh-dss" ] && continue - check_key_present $k || fail "didn't learn keytype $k" - done - - # Check each key type - for k in $SSH_HOSTKEY_TYPES; do -+ [ "$k" == "ssh-rsa" ] && continue -+ [ "$k" == "ssh-dss" ] && continue - verbose "learn additional hostkeys, type=$k" - dossh -oStrictHostKeyChecking=yes -oHostKeyAlgorithms=$k,$all_algs - expect_nkeys $nkeys "learn hostkeys $k" - diff --git a/openssh-8.8p1-gsissh.patch b/openssh-9.0p1-gsissh.patch similarity index 89% rename from openssh-8.8p1-gsissh.patch rename to openssh-9.0p1-gsissh.patch index 04d640a..0e848a9 100644 --- a/openssh-8.8p1-gsissh.patch +++ b/openssh-9.0p1-gsissh.patch @@ -1,7 +1,7 @@ -diff -Nur openssh-8.8p1.orig/auth2.c openssh-8.8p1/auth2.c ---- openssh-8.8p1.orig/auth2.c 2021-12-01 16:47:29.945987883 +0100 -+++ openssh-8.8p1/auth2.c 2021-12-01 16:48:10.374080945 +0100 -@@ -277,7 +277,28 @@ +diff -Nur openssh-9.0p1.orig/auth2.c openssh-9.0p1/auth2.c +--- openssh-9.0p1.orig/auth2.c 2022-08-30 19:32:35.491051041 +0200 ++++ openssh-9.0p1/auth2.c 2022-08-30 19:41:39.812458921 +0200 +@@ -278,7 +278,28 @@ (r = sshpkt_get_cstring(ssh, &service, NULL)) != 0 || (r = sshpkt_get_cstring(ssh, &method, NULL)) != 0) goto out; @@ -31,10 +31,10 @@ diff -Nur openssh-8.8p1.orig/auth2.c openssh-8.8p1/auth2.c debug("attempt %d failures %d", authctxt->attempt, authctxt->failures); #ifdef WITH_SELINUX -@@ -288,17 +309,42 @@ - if ((style = strchr(user, ':')) != NULL) - *style++ = 0; +@@ -291,11 +312,33 @@ + if (authctxt->attempt >= 1024) + auth_maxtries_exceeded(ssh); - if (authctxt->attempt++ == 0) { - /* setup auth context */ - authctxt->pw = PRIVSEP(getpwnamallow(ssh, user)); @@ -69,6 +69,7 @@ diff -Nur openssh-8.8p1.orig/auth2.c openssh-8.8p1/auth2.c authctxt->valid = 1; debug2_f("setting up authctxt for %s", user); } else { +@@ -303,6 +346,9 @@ /* Invalid user, fake password information */ authctxt->pw = fakepw(); } @@ -78,7 +79,7 @@ diff -Nur openssh-8.8p1.orig/auth2.c openssh-8.8p1/auth2.c #ifdef USE_PAM if (options.use_pam) PRIVSEP(start_pam(ssh)); -@@ -307,6 +353,7 @@ +@@ -311,6 +357,7 @@ authctxt->valid ? "authenticating " : "invalid ", user); setproctitle("%s%s", authctxt->valid ? user : "unknown", use_privsep ? " [net]" : ""); @@ -86,7 +87,7 @@ diff -Nur openssh-8.8p1.orig/auth2.c openssh-8.8p1/auth2.c authctxt->service = xstrdup(service); authctxt->style = style ? xstrdup(style) : NULL; #ifdef WITH_SELINUX -@@ -322,9 +369,10 @@ +@@ -326,9 +373,10 @@ if (auth2_setup_methods_lists(authctxt) != 0) ssh_packet_disconnect(ssh, "no authentication methods enabled"); @@ -100,9 +101,9 @@ diff -Nur openssh-8.8p1.orig/auth2.c openssh-8.8p1/auth2.c "not allowed: (%s,%s) -> (%s,%s)", authctxt->user, authctxt->service, user, service); } -diff -Nur openssh-8.8p1.orig/auth2-gss.c openssh-8.8p1/auth2-gss.c ---- openssh-8.8p1.orig/auth2-gss.c 2021-12-01 16:47:29.832987623 +0100 -+++ openssh-8.8p1/auth2-gss.c 2021-12-01 16:48:10.375080947 +0100 +diff -Nur openssh-9.0p1.orig/auth2-gss.c openssh-9.0p1/auth2-gss.c +--- openssh-9.0p1.orig/auth2-gss.c 2022-08-30 19:32:35.318050592 +0200 ++++ openssh-9.0p1/auth2-gss.c 2022-08-30 19:33:23.884176392 +0200 @@ -50,6 +50,7 @@ extern ServerOptions options; @@ -307,10 +308,10 @@ diff -Nur openssh-8.8p1.orig/auth2-gss.c openssh-8.8p1/auth2-gss.c Authmethod method_gsskeyex = { "gssapi-keyex", userauth_gsskeyex, -diff -Nur openssh-8.8p1.orig/auth.c openssh-8.8p1/auth.c ---- openssh-8.8p1.orig/auth.c 2021-12-01 16:47:29.946987886 +0100 -+++ openssh-8.8p1/auth.c 2021-12-01 16:48:10.375080947 +0100 -@@ -344,7 +344,8 @@ +diff -Nur openssh-9.0p1.orig/auth.c openssh-9.0p1/auth.c +--- openssh-9.0p1.orig/auth.c 2022-08-30 19:32:35.492051043 +0200 ++++ openssh-9.0p1/auth.c 2022-08-30 19:33:23.884176392 +0200 +@@ -300,7 +300,8 @@ method, submethod != NULL ? "/" : "", submethod == NULL ? "" : submethod, authctxt->valid ? "" : "invalid user ", @@ -320,7 +321,7 @@ diff -Nur openssh-8.8p1.orig/auth.c openssh-8.8p1/auth.c ssh_remote_ipaddr(ssh), ssh_remote_port(ssh), extra != NULL ? ": " : "", -@@ -588,13 +589,18 @@ +@@ -544,13 +545,18 @@ #endif pw = getpwnam(user); @@ -340,9 +341,9 @@ diff -Nur openssh-8.8p1.orig/auth.c openssh-8.8p1/auth.c #ifdef CUSTOM_FAILED_LOGIN record_failed_login(ssh, user, auth_get_canonical_hostname(ssh, options.use_dns), "ssh"); -diff -Nur openssh-8.8p1.orig/auth.h openssh-8.8p1/auth.h ---- openssh-8.8p1.orig/auth.h 2021-12-01 16:47:29.946987886 +0100 -+++ openssh-8.8p1/auth.h 2021-12-01 16:48:10.376080950 +0100 +diff -Nur openssh-9.0p1.orig/auth.h openssh-9.0p1/auth.h +--- openssh-9.0p1.orig/auth.h 2022-08-30 19:32:35.493051046 +0200 ++++ openssh-9.0p1/auth.h 2022-08-30 19:33:23.885176394 +0200 @@ -83,6 +83,8 @@ krb5_principal krb5_user; char *krb5_ticket_file; @@ -352,9 +353,9 @@ diff -Nur openssh-8.8p1.orig/auth.h openssh-8.8p1/auth.h int krb5_set_env; #endif struct sshbuf *loginmsg; -diff -Nur openssh-8.8p1.orig/auth-pam.c openssh-8.8p1/auth-pam.c ---- openssh-8.8p1.orig/auth-pam.c 2021-12-01 16:47:29.937987865 +0100 -+++ openssh-8.8p1/auth-pam.c 2021-12-01 16:48:10.376080950 +0100 +diff -Nur openssh-9.0p1.orig/auth-pam.c openssh-9.0p1/auth-pam.c +--- openssh-9.0p1.orig/auth-pam.c 2022-08-30 19:32:35.455050947 +0200 ++++ openssh-9.0p1/auth-pam.c 2022-08-30 19:33:23.886176397 +0200 @@ -253,6 +253,7 @@ static char *sshpam_rhost = NULL; static char *sshpam_laddr = NULL; @@ -515,9 +516,9 @@ diff -Nur openssh-8.8p1.orig/auth-pam.c openssh-8.8p1/auth-pam.c sshpam_password = NULL; free(fake); if (sshpam_err == PAM_MAXTRIES) -diff -Nur openssh-8.8p1.orig/auth-pam.h openssh-8.8p1/auth-pam.h ---- openssh-8.8p1.orig/auth-pam.h 2021-12-01 16:47:29.797987543 +0100 -+++ openssh-8.8p1/auth-pam.h 2021-12-01 16:48:10.377080952 +0100 +diff -Nur openssh-9.0p1.orig/auth-pam.h openssh-9.0p1/auth-pam.h +--- openssh-9.0p1.orig/auth-pam.h 2022-08-30 19:32:35.267050460 +0200 ++++ openssh-9.0p1/auth-pam.h 2022-08-30 19:33:23.886176397 +0200 @@ -43,5 +43,6 @@ int sshpam_get_maxtries_reached(void); void sshpam_set_maxtries_reached(int); @@ -525,9 +526,9 @@ diff -Nur openssh-8.8p1.orig/auth-pam.h openssh-8.8p1/auth-pam.h +struct passwd *sshpam_getpw(const char *); #endif /* USE_PAM */ -diff -Nur openssh-8.8p1.orig/canohost.c openssh-8.8p1/canohost.c ---- openssh-8.8p1.orig/canohost.c 2021-12-01 16:47:29.833987626 +0100 -+++ openssh-8.8p1/canohost.c 2021-12-01 16:48:10.377080952 +0100 +diff -Nur openssh-9.0p1.orig/canohost.c openssh-9.0p1/canohost.c +--- openssh-9.0p1.orig/canohost.c 2022-08-30 19:32:35.318050592 +0200 ++++ openssh-9.0p1/canohost.c 2022-08-30 19:33:23.887176400 +0200 @@ -17,6 +17,7 @@ #include #include @@ -570,9 +571,9 @@ diff -Nur openssh-8.8p1.orig/canohost.c openssh-8.8p1/canohost.c + } + } +} -diff -Nur openssh-8.8p1.orig/canohost.h openssh-8.8p1/canohost.h ---- openssh-8.8p1.orig/canohost.h 2021-12-01 16:47:29.833987626 +0100 -+++ openssh-8.8p1/canohost.h 2021-12-01 16:48:10.377080952 +0100 +diff -Nur openssh-9.0p1.orig/canohost.h openssh-9.0p1/canohost.h +--- openssh-9.0p1.orig/canohost.h 2022-08-30 19:32:35.319050595 +0200 ++++ openssh-9.0p1/canohost.h 2022-08-30 19:33:23.887176400 +0200 @@ -26,4 +26,6 @@ #endif /* _CANOHOST_H */ @@ -580,10 +581,10 @@ diff -Nur openssh-8.8p1.orig/canohost.h openssh-8.8p1/canohost.h +void resolve_localhost(char **host); + void ipv64_normalise_mapped(struct sockaddr_storage *, socklen_t *); -diff -Nur openssh-8.8p1.orig/configure.ac openssh-8.8p1/configure.ac ---- openssh-8.8p1.orig/configure.ac 2021-12-01 16:47:29.928987844 +0100 -+++ openssh-8.8p1/configure.ac 2021-12-01 16:48:10.378080954 +0100 -@@ -4775,6 +4775,14 @@ +diff -Nur openssh-9.0p1.orig/configure.ac openssh-9.0p1/configure.ac +--- openssh-9.0p1.orig/configure.ac 2022-08-30 19:32:35.442050914 +0200 ++++ openssh-9.0p1/configure.ac 2022-08-30 19:33:23.889176405 +0200 +@@ -4832,6 +4832,14 @@ AC_CHECK_HEADER([gssapi_krb5.h], , [ CPPFLAGS="$oldCPP" ]) @@ -598,7 +599,7 @@ diff -Nur openssh-8.8p1.orig/configure.ac openssh-8.8p1/configure.ac fi fi if test -n "${rpath_opt}" ; then -@@ -4815,6 +4823,40 @@ +@@ -4872,6 +4880,40 @@ AC_SUBST([GSSLIBS]) AC_SUBST([K5LIBS]) @@ -639,10 +640,10 @@ diff -Nur openssh-8.8p1.orig/configure.ac openssh-8.8p1/configure.ac # Check whether user wants systemd support SYSTEMD_MSG="no" AC_ARG_WITH(systemd, -diff -Nur openssh-8.8p1.orig/gss-genr.c openssh-8.8p1/gss-genr.c ---- openssh-8.8p1.orig/gss-genr.c 2021-12-01 16:47:29.973987948 +0100 -+++ openssh-8.8p1/gss-genr.c 2021-12-01 16:48:10.379080957 +0100 -@@ -40,6 +40,7 @@ +diff -Nur openssh-9.0p1.orig/gss-genr.c openssh-9.0p1/gss-genr.c +--- openssh-9.0p1.orig/gss-genr.c 2022-08-30 19:32:35.547051186 +0200 ++++ openssh-9.0p1/gss-genr.c 2022-08-30 19:33:23.890176408 +0200 +@@ -41,6 +41,7 @@ #include "ssherr.h" #include "sshbuf.h" #include "log.h" @@ -650,7 +651,7 @@ diff -Nur openssh-8.8p1.orig/gss-genr.c openssh-8.8p1/gss-genr.c #include "ssh2.h" #include "cipher.h" #include "sshkey.h" -@@ -408,9 +409,18 @@ +@@ -409,9 +410,18 @@ ssh_gssapi_import_name(Gssctxt *ctx, const char *host) { gss_buffer_desc gssbuf; @@ -670,7 +671,7 @@ diff -Nur openssh-8.8p1.orig/gss-genr.c openssh-8.8p1/gss-genr.c gssbuf.value = val; gssbuf.length = strlen(gssbuf.value); -@@ -418,6 +428,7 @@ +@@ -419,6 +429,7 @@ &gssbuf, GSS_C_NT_HOSTBASED_SERVICE, &ctx->name))) ssh_gssapi_error(ctx); @@ -678,9 +679,9 @@ diff -Nur openssh-8.8p1.orig/gss-genr.c openssh-8.8p1/gss-genr.c free(gssbuf.value); return (ctx->major); } -diff -Nur openssh-8.8p1.orig/gss-serv.c openssh-8.8p1/gss-serv.c ---- openssh-8.8p1.orig/gss-serv.c 2021-12-01 16:47:29.853987672 +0100 -+++ openssh-8.8p1/gss-serv.c 2021-12-01 16:48:10.379080957 +0100 +diff -Nur openssh-9.0p1.orig/gss-serv.c openssh-9.0p1/gss-serv.c +--- openssh-9.0p1.orig/gss-serv.c 2022-08-30 19:32:35.345050662 +0200 ++++ openssh-9.0p1/gss-serv.c 2022-08-30 19:33:23.891176410 +0200 @@ -50,10 +50,12 @@ #include "monitor_wrap.h" @@ -961,9 +962,9 @@ diff -Nur openssh-8.8p1.orig/gss-serv.c openssh-8.8p1/gss-serv.c xasprintf(&envstr, "%s=%s", gssapi_client.store.envvar, gssapi_client.store.envval); -diff -Nur openssh-8.8p1.orig/gss-serv-gsi.c openssh-8.8p1/gss-serv-gsi.c ---- openssh-8.8p1.orig/gss-serv-gsi.c 1970-01-01 01:00:00.000000000 +0100 -+++ openssh-8.8p1/gss-serv-gsi.c 2021-12-01 16:48:10.380080959 +0100 +diff -Nur openssh-9.0p1.orig/gss-serv-gsi.c openssh-9.0p1/gss-serv-gsi.c +--- openssh-9.0p1.orig/gss-serv-gsi.c 1970-01-01 01:00:00.000000000 +0100 ++++ openssh-9.0p1/gss-serv-gsi.c 2022-08-30 19:33:23.891176410 +0200 @@ -0,0 +1,328 @@ +/* + * Copyright (c) 2001-2003 Simon Wilkinson. All rights reserved. @@ -1293,9 +1294,9 @@ diff -Nur openssh-8.8p1.orig/gss-serv-gsi.c openssh-8.8p1/gss-serv-gsi.c + +#endif /* GSI */ +#endif /* GSSAPI */ -diff -Nur openssh-8.8p1.orig/gss-serv-krb5.c openssh-8.8p1/gss-serv-krb5.c ---- openssh-8.8p1.orig/gss-serv-krb5.c 2021-12-01 16:47:29.878987729 +0100 -+++ openssh-8.8p1/gss-serv-krb5.c 2021-12-01 16:48:10.380080959 +0100 +diff -Nur openssh-9.0p1.orig/gss-serv-krb5.c openssh-9.0p1/gss-serv-krb5.c +--- openssh-9.0p1.orig/gss-serv-krb5.c 2022-08-30 19:32:35.377050745 +0200 ++++ openssh-9.0p1/gss-serv-krb5.c 2022-08-30 19:33:23.892176413 +0200 @@ -379,6 +379,34 @@ return found_principal; } @@ -1349,9 +1350,9 @@ diff -Nur openssh-8.8p1.orig/gss-serv-krb5.c openssh-8.8p1/gss-serv-krb5.c &ssh_gssapi_krb5_storecreds, &ssh_gssapi_krb5_updatecreds }; -diff -Nur openssh-8.8p1.orig/kexgsss.c openssh-8.8p1/kexgsss.c ---- openssh-8.8p1.orig/kexgsss.c 2021-12-01 16:47:29.986987978 +0100 -+++ openssh-8.8p1/kexgsss.c 2021-12-01 16:48:10.380080959 +0100 +diff -Nur openssh-9.0p1.orig/kexgsss.c openssh-9.0p1/kexgsss.c +--- openssh-9.0p1.orig/kexgsss.c 2022-08-30 19:32:35.566051235 +0200 ++++ openssh-9.0p1/kexgsss.c 2022-08-30 19:33:23.892176413 +0200 @@ -48,6 +48,7 @@ #include "digest.h" #include "ssherr.h" @@ -1415,20 +1416,20 @@ diff -Nur openssh-8.8p1.orig/kexgsss.c openssh-8.8p1/kexgsss.c + } +} #endif /* defined(GSSAPI) && defined(WITH_OPENSSL) */ -diff -Nur openssh-8.8p1.orig/Makefile.in openssh-8.8p1/Makefile.in ---- openssh-8.8p1.orig/Makefile.in 2021-12-01 16:47:29.948987890 +0100 -+++ openssh-8.8p1/Makefile.in 2021-12-01 16:48:10.381080961 +0100 -@@ -128,6 +128,7 @@ +diff -Nur openssh-9.0p1.orig/Makefile.in openssh-9.0p1/Makefile.in +--- openssh-9.0p1.orig/Makefile.in 2022-08-30 19:32:35.496051054 +0200 ++++ openssh-9.0p1/Makefile.in 2022-08-30 19:34:46.023388812 +0200 +@@ -129,6 +129,7 @@ auth2-none.o auth2-passwd.o auth2-pubkey.o \ monitor.o monitor_wrap.o auth-krb5.o \ auth2-gss.o gss-serv.o gss-serv-krb5.o kexgsss.o \ + gss-serv-gsi.o \ - loginrec.o auth-pam.o auth-shadow.o auth-sia.o md5crypt.o \ + loginrec.o auth-pam.o auth-shadow.o auth-sia.o \ srclimit.o sftp-server.o sftp-common.o \ sandbox-null.o sandbox-rlimit.o sandbox-systrace.o sandbox-darwin.o \ -diff -Nur openssh-8.8p1.orig/misc.c openssh-8.8p1/misc.c ---- openssh-8.8p1.orig/misc.c 2021-12-01 16:47:29.975987952 +0100 -+++ openssh-8.8p1/misc.c 2021-12-01 16:48:10.381080961 +0100 +diff -Nur openssh-9.0p1.orig/misc.c openssh-9.0p1/misc.c +--- openssh-9.0p1.orig/misc.c 2022-08-30 19:32:35.550051194 +0200 ++++ openssh-9.0p1/misc.c 2022-08-30 19:33:23.894176418 +0200 @@ -393,11 +393,14 @@ #define WHITESPACE " \t\r\n" #define QUOTE "\"" @@ -1488,9 +1489,9 @@ diff -Nur openssh-8.8p1.orig/misc.c openssh-8.8p1/misc.c /* * Convert ASCII string to TCP/IP port number. * Port must be >=0 and <=65535. -diff -Nur openssh-8.8p1.orig/misc.h openssh-8.8p1/misc.h ---- openssh-8.8p1.orig/misc.h 2021-12-01 16:47:29.902987784 +0100 -+++ openssh-8.8p1/misc.h 2021-12-01 16:48:10.381080961 +0100 +diff -Nur openssh-9.0p1.orig/misc.h openssh-9.0p1/misc.h +--- openssh-9.0p1.orig/misc.h 2022-08-30 19:32:35.405050818 +0200 ++++ openssh-9.0p1/misc.h 2022-08-30 19:33:23.895176421 +0200 @@ -100,6 +100,7 @@ void sock_set_v6only(int); @@ -1499,9 +1500,9 @@ diff -Nur openssh-8.8p1.orig/misc.h openssh-8.8p1/misc.h const char *ssh_gai_strerror(int); typedef void privdrop_fn(struct passwd *); -diff -Nur openssh-8.8p1.orig/monitor.c openssh-8.8p1/monitor.c ---- openssh-8.8p1.orig/monitor.c 2021-12-01 16:47:29.975987952 +0100 -+++ openssh-8.8p1/monitor.c 2021-12-01 16:48:10.382080964 +0100 +diff -Nur openssh-9.0p1.orig/monitor.c openssh-9.0p1/monitor.c +--- openssh-9.0p1.orig/monitor.c 2022-08-30 19:32:35.551051196 +0200 ++++ openssh-9.0p1/monitor.c 2022-08-30 19:56:02.622691995 +0200 @@ -152,6 +152,9 @@ int mm_answer_gss_userok(struct ssh *, int, struct sshbuf *); int mm_answer_gss_checkmic(struct ssh *, int, struct sshbuf *); @@ -1561,7 +1562,7 @@ diff -Nur openssh-8.8p1.orig/monitor.c openssh-8.8p1/monitor.c #endif /* The first few requests do not require asynchronous access */ -@@ -444,6 +454,8 @@ +@@ -451,6 +461,8 @@ #ifdef GSSAPI /* and for the GSSAPI key exchange */ monitor_permit(mon_dispatch, MONITOR_REQ_GSSSETUP, 1); @@ -1570,29 +1571,28 @@ diff -Nur openssh-8.8p1.orig/monitor.c openssh-8.8p1/monitor.c #endif if (auth_opts->permit_pty_flag) { -@@ -760,15 +772,18 @@ +@@ -766,14 +778,17 @@ debug3_f("entering"); - if (authctxt->attempt++ != 0) - fatal_f("multiple attempts for getpwnam"); - - if ((r = sshbuf_get_cstring(m, &username, NULL)) != 0) ++ if (authctxt->user) free(authctxt->user); + if ((r = sshbuf_get_cstring(m, &authctxt->user, NULL)) != 0) fatal_fr(r, "parse"); - pwent = getpwnamallow(ssh, username); + pwent = getpwnamallow(ssh, authctxt->user); -+ if (authctxt->user) free(authctxt->user); - authctxt->user = xstrdup(username); +#ifdef USE_PAM + if (options.permit_pam_user_change) + setproctitle("%s [priv]", pwent ? "[pam]" : "unknown"); + else +#endif - setproctitle("%s [priv]", pwent ? username : "unknown"); - free(username); + setproctitle("%s [priv]", pwent ? authctxt->user : "unknown"); -@@ -2109,6 +2124,79 @@ + sshbuf_reset(m); +@@ -2130,6 +2145,79 @@ } int @@ -1672,9 +1672,9 @@ diff -Nur openssh-8.8p1.orig/monitor.c openssh-8.8p1/monitor.c mm_answer_gss_sign(struct ssh *ssh, int socket, struct sshbuf *m) { gss_buffer_desc data; -diff -Nur openssh-8.8p1.orig/monitor.h openssh-8.8p1/monitor.h ---- openssh-8.8p1.orig/monitor.h 2021-12-01 16:47:29.951987897 +0100 -+++ openssh-8.8p1/monitor.h 2021-12-01 16:48:10.382080964 +0100 +diff -Nur openssh-9.0p1.orig/monitor.h openssh-9.0p1/monitor.h +--- openssh-9.0p1.orig/monitor.h 2022-08-30 19:32:35.498051059 +0200 ++++ openssh-9.0p1/monitor.h 2022-08-30 19:33:23.897176426 +0200 @@ -75,6 +75,10 @@ MONITOR_REQ_GSSSIGN = 150, MONITOR_ANS_GSSSIGN = 151, @@ -1686,9 +1686,9 @@ diff -Nur openssh-8.8p1.orig/monitor.h openssh-8.8p1/monitor.h }; struct ssh; -diff -Nur openssh-8.8p1.orig/monitor_wrap.c openssh-8.8p1/monitor_wrap.c ---- openssh-8.8p1.orig/monitor_wrap.c 2021-12-01 16:47:29.976987955 +0100 -+++ openssh-8.8p1/monitor_wrap.c 2021-12-01 16:48:10.383080966 +0100 +diff -Nur openssh-9.0p1.orig/monitor_wrap.c openssh-9.0p1/monitor_wrap.c +--- openssh-9.0p1.orig/monitor_wrap.c 2022-08-30 19:32:35.551051196 +0200 ++++ openssh-9.0p1/monitor_wrap.c 2022-08-30 19:33:23.898176429 +0200 @@ -1084,6 +1084,94 @@ return (authenticated); } @@ -1784,9 +1784,9 @@ diff -Nur openssh-8.8p1.orig/monitor_wrap.c openssh-8.8p1/monitor_wrap.c OM_uint32 mm_ssh_gssapi_sign(Gssctxt *ctx, gss_buffer_desc *data, gss_buffer_desc *hash) { -diff -Nur openssh-8.8p1.orig/monitor_wrap.h openssh-8.8p1/monitor_wrap.h ---- openssh-8.8p1.orig/monitor_wrap.h 2021-12-01 16:47:29.959987916 +0100 -+++ openssh-8.8p1/monitor_wrap.h 2021-12-01 16:48:10.384080968 +0100 +diff -Nur openssh-9.0p1.orig/monitor_wrap.h openssh-9.0p1/monitor_wrap.h +--- openssh-9.0p1.orig/monitor_wrap.h 2022-08-30 19:32:35.508051085 +0200 ++++ openssh-9.0p1/monitor_wrap.h 2022-08-30 19:33:23.898176429 +0200 @@ -73,6 +73,10 @@ int mm_ssh_gssapi_userok(char *user, struct passwd *, int kex); OM_uint32 mm_ssh_gssapi_checkmic(Gssctxt *, gss_buffer_t, gss_buffer_t); @@ -1798,12 +1798,12 @@ diff -Nur openssh-8.8p1.orig/monitor_wrap.h openssh-8.8p1/monitor_wrap.h int mm_ssh_gssapi_update_creds(ssh_gssapi_ccache *); #endif -diff -Nur openssh-8.8p1.orig/readconf.c openssh-8.8p1/readconf.c ---- openssh-8.8p1.orig/readconf.c 2021-12-01 16:47:29.977987957 +0100 -+++ openssh-8.8p1/readconf.c 2021-12-01 16:48:10.384080968 +0100 -@@ -2543,11 +2543,11 @@ +diff -Nur openssh-9.0p1.orig/readconf.c openssh-9.0p1/readconf.c +--- openssh-9.0p1.orig/readconf.c 2022-08-30 19:32:35.553051201 +0200 ++++ openssh-9.0p1/readconf.c 2022-08-30 19:33:23.899176431 +0200 +@@ -2558,11 +2558,11 @@ if (options->pubkey_authentication == -1) - options->pubkey_authentication = 1; + options->pubkey_authentication = SSH_PUBKEY_AUTH_ALL; if (options->gss_authentication == -1) - options->gss_authentication = 0; + options->gss_authentication = 1; @@ -1816,9 +1816,9 @@ diff -Nur openssh-8.8p1.orig/readconf.c openssh-8.8p1/readconf.c if (options->gss_trust_dns == -1) options->gss_trust_dns = 0; if (options->gss_renewal_rekey == -1) -diff -Nur openssh-8.8p1.orig/readconf.h openssh-8.8p1/readconf.h ---- openssh-8.8p1.orig/readconf.h 2021-12-01 16:47:29.840987642 +0100 -+++ openssh-8.8p1/readconf.h 2021-12-01 16:48:10.385080970 +0100 +diff -Nur openssh-9.0p1.orig/readconf.h openssh-9.0p1/readconf.h +--- openssh-9.0p1.orig/readconf.h 2022-08-30 19:32:35.469050984 +0200 ++++ openssh-9.0p1/readconf.h 2022-08-30 19:33:23.900176434 +0200 @@ -78,6 +78,8 @@ char *host_key_alias; /* hostname alias for .ssh/known_hosts */ char *proxy_command; /* Proxy command for connecting the host. */ @@ -1828,9 +1828,9 @@ diff -Nur openssh-8.8p1.orig/readconf.h openssh-8.8p1/readconf.h int escape_char; /* Escape character; -2 = none */ u_int num_system_hostfiles; /* Paths for /etc/ssh/ssh_known_hosts */ -diff -Nur openssh-8.8p1.orig/servconf.c openssh-8.8p1/servconf.c ---- openssh-8.8p1.orig/servconf.c 2021-12-01 16:47:29.978987959 +0100 -+++ openssh-8.8p1/servconf.c 2021-12-01 16:48:10.386080973 +0100 +diff -Nur openssh-9.0p1.orig/servconf.c openssh-9.0p1/servconf.c +--- openssh-9.0p1.orig/servconf.c 2022-08-30 19:32:35.555051206 +0200 ++++ openssh-9.0p1/servconf.c 2022-08-30 19:33:23.902176439 +0200 @@ -93,6 +93,7 @@ /* Portable-specific options */ @@ -1851,7 +1851,7 @@ diff -Nur openssh-8.8p1.orig/servconf.c openssh-8.8p1/servconf.c options->gss_store_rekey = -1; options->gss_kex_algorithms = NULL; options->use_kuserok = -1; -@@ -291,6 +294,8 @@ +@@ -292,6 +295,8 @@ /* Portable-specific options */ if (options->use_pam == -1) options->use_pam = 0; @@ -1860,7 +1860,7 @@ diff -Nur openssh-8.8p1.orig/servconf.c openssh-8.8p1/servconf.c /* Standard Options */ if (options->num_host_key_files == 0) { -@@ -372,13 +377,17 @@ +@@ -373,13 +378,17 @@ if (options->kerberos_unique_ccache == -1) options->kerberos_unique_ccache = 0; if (options->gss_authentication == -1) @@ -1880,7 +1880,7 @@ diff -Nur openssh-8.8p1.orig/servconf.c openssh-8.8p1/servconf.c if (options->gss_store_rekey == -1) options->gss_store_rekey = 0; #ifdef GSSAPI -@@ -514,7 +523,7 @@ +@@ -517,7 +526,7 @@ typedef enum { sBadOption, /* == unknown option */ /* Portable-specific options */ @@ -1889,7 +1889,7 @@ diff -Nur openssh-8.8p1.orig/servconf.c openssh-8.8p1/servconf.c /* Standard Options */ sPort, sHostKeyFile, sLoginGraceTime, sPermitRootLogin, sLogFacility, sLogLevel, sLogVerbose, -@@ -533,6 +542,9 @@ +@@ -536,6 +545,9 @@ sHostbasedUsesNameFromPacketOnly, sHostbasedAcceptedAlgorithms, sHostKeyAlgorithms, sPerSourceMaxStartups, sPerSourceNetBlockSize, sClientAliveInterval, sClientAliveCountMax, sAuthorizedKeysFile, @@ -1899,7 +1899,7 @@ diff -Nur openssh-8.8p1.orig/servconf.c openssh-8.8p1/servconf.c sGssAuthentication, sGssCleanupCreds, sGssEnablek5users, sGssStrictAcceptor, sGssKeyEx, sGssKexAlgorithms, sGssStoreRekey, sAcceptEnv, sSetEnv, sPermitTunnel, -@@ -565,8 +577,10 @@ +@@ -569,8 +581,10 @@ /* Portable-specific options */ #ifdef USE_PAM { "usepam", sUsePAM, SSHCFG_GLOBAL }, @@ -1910,7 +1910,7 @@ diff -Nur openssh-8.8p1.orig/servconf.c openssh-8.8p1/servconf.c #endif { "pamauthenticationviakbdint", sDeprecated, SSHCFG_GLOBAL }, /* Standard Options */ -@@ -619,8 +633,15 @@ +@@ -623,8 +637,15 @@ { "afstokenpassing", sUnsupported, SSHCFG_GLOBAL }, #ifdef GSSAPI { "gssapiauthentication", sGssAuthentication, SSHCFG_ALL }, @@ -1926,7 +1926,7 @@ diff -Nur openssh-8.8p1.orig/servconf.c openssh-8.8p1/servconf.c { "gssapistrictacceptorcheck", sGssStrictAcceptor, SSHCFG_GLOBAL }, { "gssapikeyexchange", sGssKeyEx, SSHCFG_GLOBAL }, { "gssapistorecredentialsonrekey", sGssStoreRekey, SSHCFG_GLOBAL }, -@@ -628,8 +649,11 @@ +@@ -632,8 +653,11 @@ { "gssapienablek5users", sGssEnablek5users, SSHCFG_ALL }, #else { "gssapiauthentication", sUnsupported, SSHCFG_ALL }, @@ -1938,7 +1938,7 @@ diff -Nur openssh-8.8p1.orig/servconf.c openssh-8.8p1/servconf.c { "gssapistrictacceptorcheck", sUnsupported, SSHCFG_GLOBAL }, { "gssapikeyexchange", sUnsupported, SSHCFG_GLOBAL }, { "gssapistorecredentialsonrekey", sUnsupported, SSHCFG_GLOBAL }, -@@ -701,6 +725,8 @@ +@@ -705,6 +729,8 @@ { "permitlisten", sPermitListen, SSHCFG_ALL }, { "forcecommand", sForceCommand, SSHCFG_ALL }, { "chrootdirectory", sChrootDirectory, SSHCFG_ALL }, @@ -1947,7 +1947,7 @@ diff -Nur openssh-8.8p1.orig/servconf.c openssh-8.8p1/servconf.c { "hostcertificate", sHostCertificate, SSHCFG_GLOBAL }, { "revokedkeys", sRevokedKeys, SSHCFG_ALL }, { "trustedusercakeys", sTrustedUserCAKeys, SSHCFG_ALL }, -@@ -1379,6 +1405,10 @@ +@@ -1383,6 +1409,10 @@ intptr = &options->use_pam; goto parse_flag; @@ -1958,7 +1958,7 @@ diff -Nur openssh-8.8p1.orig/servconf.c openssh-8.8p1/servconf.c /* Standard Options */ case sBadOption: goto out; -@@ -1626,6 +1656,10 @@ +@@ -1629,6 +1659,10 @@ intptr = &options->gss_authentication; goto parse_flag; @@ -1969,7 +1969,7 @@ diff -Nur openssh-8.8p1.orig/servconf.c openssh-8.8p1/servconf.c case sGssKeyEx: intptr = &options->gss_keyex; goto parse_flag; -@@ -1634,6 +1668,10 @@ +@@ -1637,6 +1671,10 @@ intptr = &options->gss_cleanup_creds; goto parse_flag; @@ -1980,7 +1980,7 @@ diff -Nur openssh-8.8p1.orig/servconf.c openssh-8.8p1/servconf.c case sGssStrictAcceptor: intptr = &options->gss_strict_acceptor; goto parse_flag; -@@ -1654,6 +1692,12 @@ +@@ -1657,6 +1695,12 @@ options->gss_kex_algorithms = xstrdup(arg); break; @@ -1993,7 +1993,7 @@ diff -Nur openssh-8.8p1.orig/servconf.c openssh-8.8p1/servconf.c case sPasswordAuthentication: intptr = &options->password_authentication; goto parse_flag; -@@ -2659,6 +2703,7 @@ +@@ -2665,6 +2709,7 @@ M_CP_INTOPT(password_authentication); M_CP_INTOPT(gss_authentication); @@ -2001,9 +2001,9 @@ diff -Nur openssh-8.8p1.orig/servconf.c openssh-8.8p1/servconf.c M_CP_INTOPT(pubkey_authentication); M_CP_INTOPT(pubkey_auth_options); M_CP_INTOPT(kerberos_authentication); -diff -Nur openssh-8.8p1.orig/servconf.h openssh-8.8p1/servconf.h ---- openssh-8.8p1.orig/servconf.h 2021-12-01 16:47:29.894987766 +0100 -+++ openssh-8.8p1/servconf.h 2021-12-01 16:48:10.387080975 +0100 +diff -Nur openssh-9.0p1.orig/servconf.h openssh-9.0p1/servconf.h +--- openssh-9.0p1.orig/servconf.h 2022-08-30 19:32:35.471050989 +0200 ++++ openssh-9.0p1/servconf.h 2022-08-30 19:33:23.903176441 +0200 @@ -146,9 +146,12 @@ * be stored in per-session ccache */ int use_kuserok; @@ -2025,10 +2025,10 @@ diff -Nur openssh-8.8p1.orig/servconf.h openssh-8.8p1/servconf.h int permit_tun; -diff -Nur openssh-8.8p1.orig/ssh.1 openssh-8.8p1/ssh.1 ---- openssh-8.8p1.orig/ssh.1 2021-12-01 16:47:29.843987649 +0100 -+++ openssh-8.8p1/ssh.1 2021-12-01 16:48:10.387080975 +0100 -@@ -1501,6 +1501,18 @@ +diff -Nur openssh-9.0p1.orig/ssh.1 openssh-9.0p1/ssh.1 +--- openssh-9.0p1.orig/ssh.1 2022-08-30 19:32:35.531051144 +0200 ++++ openssh-9.0p1/ssh.1 2022-08-30 19:33:23.903176441 +0200 +@@ -1510,6 +1510,18 @@ on to new connections). .It Ev USER Set to the name of the user logging in. @@ -2047,10 +2047,10 @@ diff -Nur openssh-8.8p1.orig/ssh.1 openssh-8.8p1/ssh.1 .El .Pp Additionally, -diff -Nur openssh-8.8p1.orig/ssh.c openssh-8.8p1/ssh.c ---- openssh-8.8p1.orig/ssh.c 2021-12-01 16:47:29.981987966 +0100 -+++ openssh-8.8p1/ssh.c 2021-12-01 16:48:10.388080977 +0100 -@@ -559,6 +559,38 @@ +diff -Nur openssh-9.0p1.orig/ssh.c openssh-9.0p1/ssh.c +--- openssh-9.0p1.orig/ssh.c 2022-08-30 19:32:35.560051220 +0200 ++++ openssh-9.0p1/ssh.c 2022-08-30 19:33:23.905176447 +0200 +@@ -567,6 +567,38 @@ fatal("Can't open user config file %.100s: " "%.100s", config, strerror(errno)); } else { @@ -2089,7 +2089,7 @@ diff -Nur openssh-8.8p1.orig/ssh.c openssh-8.8p1/ssh.c r = snprintf(buf, sizeof buf, "%s/%s", pw->pw_dir, _PATH_SSH_USER_CONFFILE); if (r > 0 && (size_t)r < sizeof(buf)) -@@ -1237,8 +1269,12 @@ +@@ -1245,8 +1277,12 @@ if (fill_default_options(&options) != 0) cleanup_exit(255); @@ -2103,9 +2103,9 @@ diff -Nur openssh-8.8p1.orig/ssh.c openssh-8.8p1/ssh.c /* * If ProxyJump option specified, then construct a ProxyCommand now. -diff -Nur openssh-8.8p1.orig/ssh_config openssh-8.8p1/ssh_config ---- openssh-8.8p1.orig/ssh_config 2021-12-01 16:47:29.843987649 +0100 -+++ openssh-8.8p1/ssh_config 2021-12-01 16:48:10.388080977 +0100 +diff -Nur openssh-9.0p1.orig/ssh_config openssh-9.0p1/ssh_config +--- openssh-9.0p1.orig/ssh_config 2022-08-30 19:32:35.334050634 +0200 ++++ openssh-9.0p1/ssh_config 2022-08-30 19:33:23.905176447 +0200 @@ -22,9 +22,9 @@ # ForwardX11 no # PasswordAuthentication yes @@ -2119,9 +2119,9 @@ diff -Nur openssh-8.8p1.orig/ssh_config openssh-8.8p1/ssh_config # GSSAPITrustDNS no # BatchMode no # CheckHostIP yes -diff -Nur openssh-8.8p1.orig/ssh_config.5 openssh-8.8p1/ssh_config.5 ---- openssh-8.8p1.orig/ssh_config.5 2021-12-01 16:47:29.920987826 +0100 -+++ openssh-8.8p1/ssh_config.5 2021-12-01 16:48:10.389080980 +0100 +diff -Nur openssh-9.0p1.orig/ssh_config.5 openssh-9.0p1/ssh_config.5 +--- openssh-9.0p1.orig/ssh_config.5 2022-08-30 19:32:35.478051007 +0200 ++++ openssh-9.0p1/ssh_config.5 2022-08-30 19:33:23.906176449 +0200 @@ -52,6 +52,12 @@ user's configuration file .Pq Pa ~/.ssh/config @@ -2159,7 +2159,7 @@ diff -Nur openssh-8.8p1.orig/ssh_config.5 openssh-8.8p1/ssh_config.5 .It Cm GSSAPIRenewalForcesRekey If set to .Dq yes -@@ -1461,7 +1467,7 @@ +@@ -1454,7 +1460,7 @@ .Cm password ) . The default is: .Bd -literal -offset indent @@ -2168,10 +2168,10 @@ diff -Nur openssh-8.8p1.orig/ssh_config.5 openssh-8.8p1/ssh_config.5 keyboard-interactive,password .Ed .It Cm ProxyCommand -diff -Nur openssh-8.8p1.orig/sshconnect2.c openssh-8.8p1/sshconnect2.c ---- openssh-8.8p1.orig/sshconnect2.c 2021-12-01 16:47:29.966987932 +0100 -+++ openssh-8.8p1/sshconnect2.c 2021-12-01 16:48:10.390080982 +0100 -@@ -860,6 +860,11 @@ +diff -Nur openssh-9.0p1.orig/sshconnect2.c openssh-9.0p1/sshconnect2.c +--- openssh-9.0p1.orig/sshconnect2.c 2022-08-30 19:32:35.541051170 +0200 ++++ openssh-9.0p1/sshconnect2.c 2022-08-30 19:33:23.908176455 +0200 +@@ -874,6 +874,11 @@ gss_OID mech = NULL; char *gss_host = NULL; @@ -2183,7 +2183,7 @@ diff -Nur openssh-8.8p1.orig/sshconnect2.c openssh-8.8p1/sshconnect2.c if (options.gss_server_identity) { gss_host = xstrdup(options.gss_server_identity); } else if (options.gss_trust_dns) { -@@ -971,7 +976,8 @@ +@@ -985,7 +990,8 @@ if (status == GSS_S_COMPLETE) { /* send either complete or MIC, depending on mechanism */ @@ -2193,7 +2193,7 @@ diff -Nur openssh-8.8p1.orig/sshconnect2.c openssh-8.8p1/sshconnect2.c if ((r = sshpkt_start(ssh, SSH2_MSG_USERAUTH_GSSAPI_EXCHANGE_COMPLETE)) != 0 || (r = sshpkt_send(ssh)) != 0) -@@ -1142,6 +1148,20 @@ +@@ -1156,6 +1162,20 @@ return r; } @@ -2214,7 +2214,7 @@ diff -Nur openssh-8.8p1.orig/sshconnect2.c openssh-8.8p1/sshconnect2.c int userauth_gsskeyex(struct ssh *ssh) { -@@ -1164,6 +1184,12 @@ +@@ -1178,6 +1198,12 @@ if ((b = sshbuf_new()) == NULL) fatal_f("sshbuf_new failed"); @@ -2227,7 +2227,7 @@ diff -Nur openssh-8.8p1.orig/sshconnect2.c openssh-8.8p1/sshconnect2.c ssh_gssapi_buildmic(b, authctxt->server_user, authctxt->service, "gssapi-keyex", ssh->kex->session_id); -@@ -1177,7 +1203,9 @@ +@@ -1191,7 +1217,9 @@ } if ((r = sshpkt_start(ssh, SSH2_MSG_USERAUTH_REQUEST)) != 0 || @@ -2238,9 +2238,9 @@ diff -Nur openssh-8.8p1.orig/sshconnect2.c openssh-8.8p1/sshconnect2.c (r = sshpkt_put_cstring(ssh, authctxt->service)) != 0 || (r = sshpkt_put_cstring(ssh, authctxt->method->name)) != 0 || (r = sshpkt_put_string(ssh, mic.value, mic.length)) != 0 || -diff -Nur openssh-8.8p1.orig/sshd.8 openssh-8.8p1/sshd.8 ---- openssh-8.8p1.orig/sshd.8 2021-12-01 16:47:29.861987690 +0100 -+++ openssh-8.8p1/sshd.8 2021-12-01 16:48:10.390080982 +0100 +diff -Nur openssh-9.0p1.orig/sshd.8 openssh-9.0p1/sshd.8 +--- openssh-9.0p1.orig/sshd.8 2022-08-30 19:32:35.352050680 +0200 ++++ openssh-9.0p1/sshd.8 2022-08-30 19:33:23.909176457 +0200 @@ -823,6 +823,29 @@ # A CA key, accepted for any host in *.mydomain.com or *.mydomain.org @cert-authority *.mydomain.org,*.mydomain.com ssh-rsa AAAAB5W... @@ -2271,10 +2271,10 @@ diff -Nur openssh-8.8p1.orig/sshd.8 openssh-8.8p1/sshd.8 .Sh FILES .Bl -tag -width Ds -compact .It Pa ~/.hushlogin -diff -Nur openssh-8.8p1.orig/sshd.c openssh-8.8p1/sshd.c ---- openssh-8.8p1.orig/sshd.c 2021-12-01 16:47:29.982987968 +0100 -+++ openssh-8.8p1/sshd.c 2021-12-01 16:48:10.391080984 +0100 -@@ -2380,7 +2380,7 @@ +diff -Nur openssh-9.0p1.orig/sshd.c openssh-9.0p1/sshd.c +--- openssh-9.0p1.orig/sshd.c 2022-08-30 19:32:35.561051222 +0200 ++++ openssh-9.0p1/sshd.c 2022-08-30 19:33:23.910176460 +0200 +@@ -2390,7 +2390,7 @@ #endif #ifdef GSSAPI @@ -2283,9 +2283,9 @@ diff -Nur openssh-8.8p1.orig/sshd.c openssh-8.8p1/sshd.c temporarily_use_uid(authctxt->pw); authctxt->krb5_set_env = ssh_gssapi_storecreds(); restore_uid(); -diff -Nur openssh-8.8p1.orig/sshd_config openssh-8.8p1/sshd_config ---- openssh-8.8p1.orig/sshd_config 2021-12-01 16:47:29.880987734 +0100 -+++ openssh-8.8p1/sshd_config 2021-12-01 16:48:10.392080987 +0100 +diff -Nur openssh-9.0p1.orig/sshd_config openssh-9.0p1/sshd_config +--- openssh-9.0p1.orig/sshd_config 2022-08-30 19:32:35.380050753 +0200 ++++ openssh-9.0p1/sshd_config 2022-08-30 19:33:23.911176462 +0200 @@ -76,10 +76,11 @@ #KerberosUseKuserok yes @@ -2311,9 +2311,9 @@ diff -Nur openssh-8.8p1.orig/sshd_config openssh-8.8p1/sshd_config #AllowAgentForwarding yes #AllowTcpForwarding yes #GatewayPorts no -diff -Nur openssh-8.8p1.orig/sshd_config.5 openssh-8.8p1/sshd_config.5 ---- openssh-8.8p1.orig/sshd_config.5 2021-12-01 16:47:29.920987826 +0100 -+++ openssh-8.8p1/sshd_config.5 2021-12-01 16:48:10.392080987 +0100 +diff -Nur openssh-9.0p1.orig/sshd_config.5 openssh-9.0p1/sshd_config.5 +--- openssh-9.0p1.orig/sshd_config.5 2022-08-30 19:32:35.479051009 +0200 ++++ openssh-9.0p1/sshd_config.5 2022-08-30 19:33:23.912176465 +0200 @@ -635,15 +635,34 @@ to allow the client to select the address to which the forwarding is bound. The default is @@ -2359,7 +2359,7 @@ diff -Nur openssh-8.8p1.orig/sshd_config.5 openssh-8.8p1/sshd_config.5 .It Cm GSSAPIStrictAcceptorCheck Determines whether to be strict about the identity of the GSSAPI acceptor a client authenticates against. -@@ -1788,6 +1807,12 @@ +@@ -1784,6 +1803,12 @@ as a non-root user. The default is .Cm no . @@ -2372,9 +2372,9 @@ diff -Nur openssh-8.8p1.orig/sshd_config.5 openssh-8.8p1/sshd_config.5 .It Cm VersionAddendum Optionally specifies additional text to append to the SSH protocol banner sent by the server upon connection. -diff -Nur openssh-8.8p1.orig/sshd_config_redhat openssh-8.8p1/sshd_config_redhat ---- openssh-8.8p1.orig/sshd_config_redhat 2021-12-01 16:47:29.826987609 +0100 -+++ openssh-8.8p1/sshd_config_redhat 2021-12-01 16:48:10.392080987 +0100 +diff -Nur openssh-9.0p1.orig/sshd_config_redhat openssh-9.0p1/sshd_config_redhat +--- openssh-9.0p1.orig/sshd_config_redhat 2022-08-30 19:32:35.308050566 +0200 ++++ openssh-9.0p1/sshd_config_redhat 2022-08-30 19:33:23.912176465 +0200 @@ -9,9 +9,6 @@ ChallengeResponseAuthentication no @@ -2385,9 +2385,9 @@ diff -Nur openssh-8.8p1.orig/sshd_config_redhat openssh-8.8p1/sshd_config_redhat UsePAM yes X11Forwarding yes -diff -Nur openssh-8.8p1.orig/ssh-gss.h openssh-8.8p1/ssh-gss.h ---- openssh-8.8p1.orig/ssh-gss.h 2021-12-01 16:47:29.857987681 +0100 -+++ openssh-8.8p1/ssh-gss.h 2021-12-01 16:48:10.393080989 +0100 +diff -Nur openssh-9.0p1.orig/ssh-gss.h openssh-9.0p1/ssh-gss.h +--- openssh-9.0p1.orig/ssh-gss.h 2022-08-30 19:32:35.349050673 +0200 ++++ openssh-9.0p1/ssh-gss.h 2022-08-30 19:33:23.913176467 +0200 @@ -97,12 +97,14 @@ } ssh_gssapi_ccache; @@ -2423,12 +2423,12 @@ diff -Nur openssh-8.8p1.orig/ssh-gss.h openssh-8.8p1/ssh-gss.h /* In the server */ typedef int ssh_gssapi_check_fn(Gssctxt **, gss_OID, const char *, const char *); -diff -Nur openssh-8.8p1.orig/version.h openssh-8.8p1/version.h ---- openssh-8.8p1.orig/version.h 2021-09-26 16:03:19.000000000 +0200 -+++ openssh-8.8p1/version.h 2021-12-01 16:48:10.393080989 +0100 +diff -Nur openssh-9.0p1.orig/version.h openssh-9.0p1/version.h +--- openssh-9.0p1.orig/version.h 2022-04-06 02:47:48.000000000 +0200 ++++ openssh-9.0p1/version.h 2022-08-30 19:33:23.913176467 +0200 @@ -2,5 +2,19 @@ - #define SSH_VERSION "OpenSSH_8.8" + #define SSH_VERSION "OpenSSH_9.0" +#ifdef GSI +#define GSI_VERSION " GSI" diff --git a/openssh-8.8p1-hpn-15.2-modified.patch b/openssh-9.0p1-hpn-15.2-modified.patch similarity index 88% rename from openssh-8.8p1-hpn-15.2-modified.patch rename to openssh-9.0p1-hpn-15.2-modified.patch index 807c8ef..5700e43 100644 --- a/openssh-8.8p1-hpn-15.2-modified.patch +++ b/openssh-9.0p1-hpn-15.2-modified.patch @@ -1,6 +1,6 @@ -diff -Nur openssh-8.8p1.orig/auth2.c openssh-8.8p1/auth2.c ---- openssh-8.8p1.orig/auth2.c 2021-12-01 16:50:22.511385558 +0100 -+++ openssh-8.8p1/auth2.c 2021-12-01 16:51:00.919474114 +0100 +diff -Nur openssh-9.0p1.orig/auth2.c openssh-9.0p1/auth2.c +--- openssh-9.0p1.orig/auth2.c 2022-08-30 20:22:42.458819942 +0200 ++++ openssh-9.0p1/auth2.c 2022-08-30 20:23:49.877993046 +0200 @@ -53,6 +53,8 @@ #include "dispatch.h" #include "pathnames.h" @@ -19,7 +19,7 @@ diff -Nur openssh-8.8p1.orig/auth2.c openssh-8.8p1/auth2.c Authmethod *authmethods[] = { &method_none, &method_pubkey, -@@ -299,6 +303,11 @@ +@@ -300,6 +304,11 @@ debug("userauth-request for user %s service %s method %s", user[0] ? user : "", service, method); @@ -31,10 +31,10 @@ diff -Nur openssh-8.8p1.orig/auth2.c openssh-8.8p1/auth2.c debug("attempt %d failures %d", authctxt->attempt, authctxt->failures); #ifdef WITH_SELINUX -diff -Nur openssh-8.8p1.orig/channels.c openssh-8.8p1/channels.c ---- openssh-8.8p1.orig/channels.c 2021-12-01 16:50:22.496385524 +0100 -+++ openssh-8.8p1/channels.c 2021-12-01 16:51:00.921474119 +0100 -@@ -220,6 +220,9 @@ +diff -Nur openssh-9.0p1.orig/channels.c openssh-9.0p1/channels.c +--- openssh-9.0p1.orig/channels.c 2022-08-30 20:22:42.436819885 +0200 ++++ openssh-9.0p1/channels.c 2022-08-30 20:23:49.879993051 +0200 +@@ -219,6 +219,9 @@ /* Setup helper */ static void channel_handler_init(struct ssh_channels *sc); @@ -44,7 +44,7 @@ diff -Nur openssh-8.8p1.orig/channels.c openssh-8.8p1/channels.c /* -- channel core */ void -@@ -415,6 +418,7 @@ +@@ -407,6 +410,7 @@ c->local_window = window; c->local_window_max = window; c->local_maxpacket = maxpack; @@ -52,8 +52,8 @@ diff -Nur openssh-8.8p1.orig/channels.c openssh-8.8p1/channels.c c->remote_name = xstrdup(remote_name); c->ctl_chan = -1; c->delayed = 1; /* prevent call to channel_post handler */ -@@ -1110,6 +1114,28 @@ - FD_SET(c->sock, writeset); +@@ -1104,6 +1108,28 @@ + c->io_want = SSH_CHAN_IO_SOCK_W; } +static int @@ -79,9 +79,9 @@ diff -Nur openssh-8.8p1.orig/channels.c openssh-8.8p1/channels.c +} + static void - channel_pre_open(struct ssh *ssh, Channel *c, - fd_set *readset, fd_set *writeset) -@@ -2149,22 +2175,31 @@ + channel_pre_open(struct ssh *ssh, Channel *c) + { +@@ -2170,22 +2196,31 @@ if (c->type == SSH_CHANNEL_OPEN && !(c->flags & (CHAN_CLOSE_SENT|CHAN_CLOSE_RCVD)) && @@ -118,7 +118,7 @@ diff -Nur openssh-8.8p1.orig/channels.c openssh-8.8p1/channels.c c->local_consumed = 0; } return 1; -@@ -3331,6 +3366,14 @@ +@@ -3571,6 +3606,14 @@ return addr; } @@ -133,7 +133,7 @@ diff -Nur openssh-8.8p1.orig/channels.c openssh-8.8p1/channels.c static int channel_setup_fwd_listener_tcpip(struct ssh *ssh, int type, struct Forward *fwd, int *allocated_listen_port, -@@ -3470,8 +3513,10 @@ +@@ -3710,8 +3753,10 @@ } /* Allocate a channel number for the socket. */ @@ -145,7 +145,7 @@ diff -Nur openssh-8.8p1.orig/channels.c openssh-8.8p1/channels.c 0, "port listener", 1); c->path = xstrdup(host); c->host_port = fwd->connect_port; -@@ -4657,7 +4702,8 @@ +@@ -4897,7 +4942,8 @@ sock = socks[n]; nc = channel_new(ssh, "x11 listener", SSH_CHANNEL_X11_LISTENER, sock, sock, -1, @@ -155,10 +155,10 @@ diff -Nur openssh-8.8p1.orig/channels.c openssh-8.8p1/channels.c 0, "X11 inet listener", 1); nc->single_connection = single_connection; (*chanids)[n] = nc->self; -diff -Nur openssh-8.8p1.orig/channels.h openssh-8.8p1/channels.h ---- openssh-8.8p1.orig/channels.h 2021-12-01 16:50:22.421385351 +0100 -+++ openssh-8.8p1/channels.h 2021-12-01 16:51:00.922474121 +0100 -@@ -169,8 +169,10 @@ +diff -Nur openssh-9.0p1.orig/channels.h openssh-9.0p1/channels.h +--- openssh-9.0p1.orig/channels.h 2022-08-30 20:22:42.315819575 +0200 ++++ openssh-9.0p1/channels.h 2022-08-30 20:23:49.880993054 +0200 +@@ -172,8 +172,10 @@ u_int local_window_max; u_int local_consumed; u_int local_maxpacket; @@ -169,16 +169,16 @@ diff -Nur openssh-8.8p1.orig/channels.h openssh-8.8p1/channels.h char *ctype; /* type */ -@@ -232,7 +234,7 @@ - #define CHAN_LOCAL 0x10 +@@ -245,7 +247,7 @@ + #define SSH_CHAN_IO_SOCK (SSH_CHAN_IO_SOCK_R|SSH_CHAN_IO_SOCK_W) /* Read buffer size */ -#define CHAN_RBUF (16*1024) +#define CHAN_RBUF CHAN_SES_PACKET_DEFAULT - /* Maximum channel input buffer size */ - #define CHAN_INPUT_MAX (16*1024*1024) -@@ -363,4 +365,7 @@ + /* Maximum size for direct reads to buffers */ + #define CHANNEL_MAX_READ CHAN_SES_PACKET_DEFAULT +@@ -380,4 +382,7 @@ void chan_write_failed(struct ssh *, Channel *); void chan_obuf_empty(struct ssh *, Channel *); @@ -186,9 +186,9 @@ diff -Nur openssh-8.8p1.orig/channels.h openssh-8.8p1/channels.h +void channel_set_hpn(int, int); + #endif -diff -Nur openssh-8.8p1.orig/cipher.c openssh-8.8p1/cipher.c ---- openssh-8.8p1.orig/cipher.c 2021-12-01 16:50:22.475385475 +0100 -+++ openssh-8.8p1/cipher.c 2021-12-01 16:51:00.923474123 +0100 +diff -Nur openssh-9.0p1.orig/cipher.c openssh-9.0p1/cipher.c +--- openssh-9.0p1.orig/cipher.c 2022-08-30 20:22:42.382819747 +0200 ++++ openssh-9.0p1/cipher.c 2022-08-30 20:23:49.881993056 +0200 @@ -48,6 +48,7 @@ #include "sshbuf.h" #include "ssherr.h" @@ -269,9 +269,9 @@ diff -Nur openssh-8.8p1.orig/cipher.c openssh-8.8p1/cipher.c free(cipher_list); return 0; } -diff -Nur openssh-8.8p1.orig/cipher-ctr-mt.c openssh-8.8p1/cipher-ctr-mt.c ---- openssh-8.8p1.orig/cipher-ctr-mt.c 1970-01-01 01:00:00.000000000 +0100 -+++ openssh-8.8p1/cipher-ctr-mt.c 2021-12-01 16:51:00.923474123 +0100 +diff -Nur openssh-9.0p1.orig/cipher-ctr-mt.c openssh-9.0p1/cipher-ctr-mt.c +--- openssh-9.0p1.orig/cipher-ctr-mt.c 1970-01-01 01:00:00.000000000 +0100 ++++ openssh-9.0p1/cipher-ctr-mt.c 2022-08-30 20:23:49.882993059 +0200 @@ -0,0 +1,678 @@ +/* + * OpenSSH Multi-threaded AES-CTR Cipher @@ -951,9 +951,9 @@ diff -Nur openssh-8.8p1.orig/cipher-ctr-mt.c openssh-8.8p1/cipher-ctr-mt.c +} + +#endif /* defined(WITH_OPENSSL) */ -diff -Nur openssh-8.8p1.orig/cipher.h openssh-8.8p1/cipher.h ---- openssh-8.8p1.orig/cipher.h 2021-12-01 16:50:22.475385475 +0100 -+++ openssh-8.8p1/cipher.h 2021-12-01 16:51:00.924474126 +0100 +diff -Nur openssh-9.0p1.orig/cipher.h openssh-9.0p1/cipher.h +--- openssh-9.0p1.orig/cipher.h 2022-08-30 20:22:42.382819747 +0200 ++++ openssh-9.0p1/cipher.h 2022-08-30 20:23:49.882993059 +0200 @@ -68,7 +68,9 @@ struct sshcipher_ctx; @@ -974,10 +974,10 @@ diff -Nur openssh-8.8p1.orig/cipher.h openssh-8.8p1/cipher.h u_int cipher_ctx_is_plaintext(struct sshcipher_ctx *); -diff -Nur openssh-8.8p1.orig/clientloop.c openssh-8.8p1/clientloop.c ---- openssh-8.8p1.orig/clientloop.c 2021-12-01 16:50:22.361385212 +0100 -+++ openssh-8.8p1/clientloop.c 2021-12-01 16:51:00.925474128 +0100 -@@ -1583,7 +1583,9 @@ +diff -Nur openssh-9.0p1.orig/clientloop.c openssh-9.0p1/clientloop.c +--- openssh-9.0p1.orig/clientloop.c 2022-08-30 20:22:42.263819441 +0200 ++++ openssh-9.0p1/clientloop.c 2022-08-30 20:23:49.883993061 +0200 +@@ -1586,7 +1586,9 @@ return NULL; c = channel_new(ssh, "x11", SSH_CHANNEL_X11_OPEN, sock, sock, -1, @@ -988,8 +988,8 @@ diff -Nur openssh-8.8p1.orig/clientloop.c openssh-8.8p1/clientloop.c c->force_drain = 1; return c; } -@@ -1612,7 +1614,8 @@ - } +@@ -1621,7 +1623,8 @@ + c = channel_new(ssh, "authentication agent connection", SSH_CHANNEL_OPEN, sock, sock, -1, - CHAN_X11_WINDOW_DEFAULT, CHAN_TCP_PACKET_DEFAULT, 0, @@ -998,7 +998,7 @@ diff -Nur openssh-8.8p1.orig/clientloop.c openssh-8.8p1/clientloop.c "authentication agent connection", 1); c->force_drain = 1; return c; -@@ -1639,7 +1642,8 @@ +@@ -1648,7 +1651,8 @@ debug("Tunnel forwarding using interface %s", ifname); c = channel_new(ssh, "tun", SSH_CHANNEL_OPENING, fd, fd, -1, @@ -1008,9 +1008,9 @@ diff -Nur openssh-8.8p1.orig/clientloop.c openssh-8.8p1/clientloop.c c->datagram = 1; #if defined(SSH_TUN_FILTER) -diff -Nur openssh-8.8p1.orig/compat.c openssh-8.8p1/compat.c ---- openssh-8.8p1.orig/compat.c 2021-12-01 16:50:22.497385526 +0100 -+++ openssh-8.8p1/compat.c 2021-12-01 16:51:00.925474128 +0100 +diff -Nur openssh-9.0p1.orig/compat.c openssh-9.0p1/compat.c +--- openssh-9.0p1.orig/compat.c 2022-08-30 20:22:42.423819852 +0200 ++++ openssh-9.0p1/compat.c 2022-08-30 20:23:49.884993064 +0200 @@ -150,6 +150,17 @@ debug_f("match: %s pat %s compat 0x%08x", version, check[i].pat, check[i].bugs); @@ -1029,9 +1029,9 @@ diff -Nur openssh-8.8p1.orig/compat.c openssh-8.8p1/compat.c return; } } -diff -Nur openssh-8.8p1.orig/compat.h openssh-8.8p1/compat.h ---- openssh-8.8p1.orig/compat.h 2021-09-26 16:03:19.000000000 +0200 -+++ openssh-8.8p1/compat.h 2021-12-01 16:51:00.926474130 +0100 +diff -Nur openssh-9.0p1.orig/compat.h openssh-9.0p1/compat.h +--- openssh-9.0p1.orig/compat.h 2022-04-06 02:47:48.000000000 +0200 ++++ openssh-9.0p1/compat.h 2022-08-30 20:23:49.884993064 +0200 @@ -57,6 +57,7 @@ #define SSH_BUG_CURVE25519PAD 0x10000000 #define SSH_BUG_HOSTKEYS 0x20000000 @@ -1040,10 +1040,10 @@ diff -Nur openssh-8.8p1.orig/compat.h openssh-8.8p1/compat.h struct ssh; -diff -Nur openssh-8.8p1.orig/defines.h openssh-8.8p1/defines.h ---- openssh-8.8p1.orig/defines.h 2021-09-26 16:03:19.000000000 +0200 -+++ openssh-8.8p1/defines.h 2021-12-01 16:51:00.927474132 +0100 -@@ -854,7 +854,7 @@ +diff -Nur openssh-9.0p1.orig/defines.h openssh-9.0p1/defines.h +--- openssh-9.0p1.orig/defines.h 2022-04-06 02:47:48.000000000 +0200 ++++ openssh-9.0p1/defines.h 2022-08-30 20:23:49.885993067 +0200 +@@ -889,7 +889,7 @@ #endif #ifndef SSH_IOBUFSZ @@ -1052,9 +1052,9 @@ diff -Nur openssh-8.8p1.orig/defines.h openssh-8.8p1/defines.h #endif /* -diff -Nur openssh-8.8p1.orig/digest.h openssh-8.8p1/digest.h ---- openssh-8.8p1.orig/digest.h 2021-12-01 16:50:22.451385420 +0100 -+++ openssh-8.8p1/digest.h 2021-12-01 16:51:00.927474132 +0100 +diff -Nur openssh-9.0p1.orig/digest.h openssh-9.0p1/digest.h +--- openssh-9.0p1.orig/digest.h 2022-08-30 20:22:42.344819649 +0200 ++++ openssh-9.0p1/digest.h 2022-08-30 20:23:49.886993069 +0200 @@ -27,7 +27,8 @@ #define SSH_DIGEST_SHA256 2 #define SSH_DIGEST_SHA384 3 @@ -1065,9 +1065,9 @@ diff -Nur openssh-8.8p1.orig/digest.h openssh-8.8p1/digest.h struct sshbuf; struct ssh_digest_ctx; -diff -Nur openssh-8.8p1.orig/digest-openssl.c openssh-8.8p1/digest-openssl.c ---- openssh-8.8p1.orig/digest-openssl.c 2021-12-01 16:50:22.451385420 +0100 -+++ openssh-8.8p1/digest-openssl.c 2021-12-01 16:51:00.927474132 +0100 +diff -Nur openssh-9.0p1.orig/digest-openssl.c openssh-9.0p1/digest-openssl.c +--- openssh-9.0p1.orig/digest-openssl.c 2022-08-30 20:22:42.344819649 +0200 ++++ openssh-9.0p1/digest-openssl.c 2022-08-30 20:23:49.886993069 +0200 @@ -61,6 +61,7 @@ { SSH_DIGEST_SHA256, "SHA256", 32, EVP_sha256 }, { SSH_DIGEST_SHA384, "SHA384", 48, EVP_sha384 }, @@ -1076,9 +1076,9 @@ diff -Nur openssh-8.8p1.orig/digest-openssl.c openssh-8.8p1/digest-openssl.c { -1, NULL, 0, NULL }, }; -diff -Nur openssh-8.8p1.orig/HPN-README openssh-8.8p1/HPN-README ---- openssh-8.8p1.orig/HPN-README 1970-01-01 01:00:00.000000000 +0100 -+++ openssh-8.8p1/HPN-README 2021-12-01 16:51:00.928474135 +0100 +diff -Nur openssh-9.0p1.orig/HPN-README openssh-9.0p1/HPN-README +--- openssh-9.0p1.orig/HPN-README 1970-01-01 01:00:00.000000000 +0100 ++++ openssh-9.0p1/HPN-README 2022-08-30 20:23:49.887993072 +0200 @@ -0,0 +1,153 @@ +Notes: + @@ -1233,9 +1233,9 @@ diff -Nur openssh-8.8p1.orig/HPN-README openssh-8.8p1/HPN-README + Allan Jude provided the code for the NoneMac and buffer normalization. + This work was financed, in part, by Cisco System, Inc., the National + Library of Medicine, and the National Science Foundation. -diff -Nur openssh-8.8p1.orig/kex.c openssh-8.8p1/kex.c ---- openssh-8.8p1.orig/kex.c 2021-12-01 16:50:22.487385503 +0100 -+++ openssh-8.8p1/kex.c 2021-12-01 16:51:00.929474137 +0100 +diff -Nur openssh-9.0p1.orig/kex.c openssh-9.0p1/kex.c +--- openssh-9.0p1.orig/kex.c 2022-08-30 20:22:42.402819798 +0200 ++++ openssh-9.0p1/kex.c 2022-08-30 20:23:49.887993072 +0200 @@ -64,6 +64,7 @@ #include "ssherr.h" @@ -1244,7 +1244,7 @@ diff -Nur openssh-8.8p1.orig/kex.c openssh-8.8p1/kex.c #include "digest.h" #include "audit.h" -@@ -969,6 +970,11 @@ +@@ -1001,6 +1002,11 @@ int nenc, nmac, ncomp; u_int mode, ctos, need, dh_need, authlen; int r, first_kex_follows; @@ -1256,7 +1256,7 @@ diff -Nur openssh-8.8p1.orig/kex.c openssh-8.8p1/kex.c debug2("local %s KEXINIT proposal", kex->server ? "server" : "client"); if ((r = kex_buf2prop(kex->my, NULL, &my)) != 0) -@@ -1039,11 +1045,40 @@ +@@ -1081,11 +1087,40 @@ peer[ncomp] = NULL; goto out; } @@ -1297,7 +1297,7 @@ diff -Nur openssh-8.8p1.orig/kex.c openssh-8.8p1/kex.c } need = dh_need = 0; for (mode = 0; mode < MODE_MAX; mode++) { -@@ -1391,7 +1426,7 @@ +@@ -1433,7 +1468,7 @@ if (version_addendum != NULL && *version_addendum == '\0') version_addendum = NULL; if ((r = sshbuf_putf(our_version, "SSH-%d.%d-%.100s%s%s\r\n", @@ -1306,7 +1306,7 @@ diff -Nur openssh-8.8p1.orig/kex.c openssh-8.8p1/kex.c version_addendum == NULL ? "" : " ", version_addendum == NULL ? "" : version_addendum)) != 0) { oerrno = errno; -@@ -1527,6 +1562,14 @@ +@@ -1569,6 +1604,14 @@ r = SSH_ERR_INVALID_FORMAT; goto out; } @@ -1321,9 +1321,9 @@ diff -Nur openssh-8.8p1.orig/kex.c openssh-8.8p1/kex.c debug("Remote protocol version %d.%d, remote software version %.100s", remote_major, remote_minor, remote_version); compat_banner(ssh, remote_version); -diff -Nur openssh-8.8p1.orig/log.c openssh-8.8p1/log.c ---- openssh-8.8p1.orig/log.c 2021-12-01 16:50:22.401385305 +0100 -+++ openssh-8.8p1/log.c 2021-12-01 16:51:00.929474137 +0100 +diff -Nur openssh-9.0p1.orig/log.c openssh-9.0p1/log.c +--- openssh-9.0p1.orig/log.c 2022-08-30 20:22:42.298819531 +0200 ++++ openssh-9.0p1/log.c 2022-08-30 20:23:49.888993074 +0200 @@ -46,6 +46,11 @@ #include #include @@ -1345,9 +1345,9 @@ diff -Nur openssh-8.8p1.orig/log.c openssh-8.8p1/log.c #define LOG_SYSLOG_VIS (VIS_CSTYLE|VIS_NL|VIS_TAB|VIS_OCTAL) #define LOG_STDERR_VIS (VIS_SAFE|VIS_OCTAL) -diff -Nur openssh-8.8p1.orig/mac.c openssh-8.8p1/mac.c ---- openssh-8.8p1.orig/mac.c 2021-12-01 16:50:22.476385477 +0100 -+++ openssh-8.8p1/mac.c 2021-12-01 16:51:00.929474137 +0100 +diff -Nur openssh-9.0p1.orig/mac.c openssh-9.0p1/mac.c +--- openssh-9.0p1.orig/mac.c 2022-08-30 20:22:42.384819752 +0200 ++++ openssh-9.0p1/mac.c 2022-08-30 20:23:49.888993074 +0200 @@ -63,6 +63,7 @@ { "hmac-sha2-512", SSH_DIGEST, SSH_DIGEST_SHA512, 0, 0, 0, 0 }, { "hmac-md5", SSH_DIGEST, SSH_DIGEST_MD5, 0, 0, 0, 0 }, @@ -1356,10 +1356,10 @@ diff -Nur openssh-8.8p1.orig/mac.c openssh-8.8p1/mac.c { "umac-64@openssh.com", SSH_UMAC, 0, 0, 128, 64, 0 }, { "umac-128@openssh.com", SSH_UMAC128, 0, 0, 128, 128, 0 }, -diff -Nur openssh-8.8p1.orig/Makefile.in openssh-8.8p1/Makefile.in ---- openssh-8.8p1.orig/Makefile.in 2021-12-01 16:50:22.516385570 +0100 -+++ openssh-8.8p1/Makefile.in 2021-12-01 16:51:00.930474139 +0100 -@@ -48,7 +48,7 @@ +diff -Nur openssh-9.0p1.orig/Makefile.in openssh-9.0p1/Makefile.in +--- openssh-9.0p1.orig/Makefile.in 2022-08-30 20:22:42.466819962 +0200 ++++ openssh-9.0p1/Makefile.in 2022-08-30 20:23:49.889993077 +0200 +@@ -49,7 +49,7 @@ CFLAGS_NOPIE=@CFLAGS_NOPIE@ CPPFLAGS=-I. -I$(srcdir) @CPPFLAGS@ $(PATHS) @DEFS@ PICFLAG=@PICFLAG@ @@ -1368,7 +1368,7 @@ diff -Nur openssh-8.8p1.orig/Makefile.in openssh-8.8p1/Makefile.in K5LIBS=@K5LIBS@ GSSLIBS=@GSSLIBS@ SSHDLIBS=@SSHDLIBS@ -@@ -95,7 +95,7 @@ +@@ -96,7 +96,7 @@ LIBSSH_OBJS=${LIBOPENSSH_OBJS} \ authfd.o authfile.o \ canohost.o channels.o cipher.o cipher-aes.o cipher-aesctr.o \ @@ -1377,9 +1377,9 @@ diff -Nur openssh-8.8p1.orig/Makefile.in openssh-8.8p1/Makefile.in compat.o fatal.o hostfile.o \ log.o match.o moduli.o nchan.o packet.o \ readpass.o ttymodes.o xmalloc.o addr.o addrmatch.o \ -diff -Nur openssh-8.8p1.orig/packet.c openssh-8.8p1/packet.c ---- openssh-8.8p1.orig/packet.c 2021-12-01 16:50:22.479385484 +0100 -+++ openssh-8.8p1/packet.c 2021-12-01 16:51:00.930474139 +0100 +diff -Nur openssh-9.0p1.orig/packet.c openssh-9.0p1/packet.c +--- openssh-9.0p1.orig/packet.c 2022-08-30 20:22:42.389819765 +0200 ++++ openssh-9.0p1/packet.c 2022-08-31 13:43:18.798517271 +0200 @@ -246,7 +246,7 @@ TAILQ_INIT(&ssh->public_keys); state->connection_in = -1; @@ -1464,13 +1464,22 @@ diff -Nur openssh-8.8p1.orig/packet.c openssh-8.8p1/packet.c @@ -1342,7 +1376,7 @@ struct session_state *state = ssh->state; int len, r, ms_remain; - fd_set *setp; + struct pollfd pfd; - char buf[8192]; + char buf[SSH_IOBUFSZ]; - struct timeval timeout, start, *timeoutp = NULL; + struct timeval start; + struct timespec timespec, *timespecp = NULL; - DBG(debug("packet_read()")); -@@ -1870,17 +1904,21 @@ +@@ -1822,6 +1856,8 @@ + state->packet_discard -= rlen; + return 0; + } ++ ++ ssh->fdout_bytes += rlen; + return 0; + } + +@@ -1887,17 +1923,21 @@ switch (r) { case SSH_ERR_CONN_CLOSED: ssh_packet_clear_keys(ssh); @@ -1492,7 +1501,7 @@ diff -Nur openssh-8.8p1.orig/packet.c openssh-8.8p1/packet.c logdie("Connection reset by %s", remote_id); } /* FALLTHROUGH */ -@@ -1922,6 +1960,24 @@ +@@ -1939,6 +1979,24 @@ logdie_f("should have exited"); } @@ -1517,7 +1526,7 @@ diff -Nur openssh-8.8p1.orig/packet.c openssh-8.8p1/packet.c /* * Logs the error plus constructs and sends a disconnect packet, closes the * connection, and exits. This function never returns. The error message -@@ -1991,6 +2047,7 @@ +@@ -2008,6 +2066,7 @@ return SSH_ERR_CONN_CLOSED; if ((r = sshbuf_consume(state->output, len)) != 0) return r; @@ -1525,7 +1534,7 @@ diff -Nur openssh-8.8p1.orig/packet.c openssh-8.8p1/packet.c } return 0; } -@@ -2794,3 +2850,10 @@ +@@ -2799,3 +2858,10 @@ ssh->state->extra_pad = pad; return 0; } @@ -1536,9 +1545,9 @@ diff -Nur openssh-8.8p1.orig/packet.c openssh-8.8p1/packet.c +{ + return ssh->state->send_context; +} -diff -Nur openssh-8.8p1.orig/packet.h openssh-8.8p1/packet.h ---- openssh-8.8p1.orig/packet.h 2021-12-01 16:50:22.479385484 +0100 -+++ openssh-8.8p1/packet.h 2021-12-01 16:51:00.931474142 +0100 +diff -Nur openssh-9.0p1.orig/packet.h openssh-9.0p1/packet.h +--- openssh-9.0p1.orig/packet.h 2022-08-30 20:22:42.390819767 +0200 ++++ openssh-9.0p1/packet.h 2022-08-30 20:23:49.892993084 +0200 @@ -86,6 +86,14 @@ /* APP data */ @@ -1554,7 +1563,7 @@ diff -Nur openssh-8.8p1.orig/packet.h openssh-8.8p1/packet.h }; typedef int (ssh_packet_hook_fn)(struct ssh *, struct sshbuf *, -@@ -156,6 +164,8 @@ +@@ -157,6 +165,8 @@ int ssh_packet_set_maxsize(struct ssh *, u_int); u_int ssh_packet_get_maxsize(struct ssh *); @@ -1563,7 +1572,7 @@ diff -Nur openssh-8.8p1.orig/packet.h openssh-8.8p1/packet.h int ssh_packet_get_state(struct ssh *, struct sshbuf *); int ssh_packet_set_state(struct ssh *, struct sshbuf *); -@@ -170,6 +180,13 @@ +@@ -171,6 +181,13 @@ void *ssh_packet_get_input(struct ssh *); void *ssh_packet_get_output(struct ssh *); @@ -1577,9 +1586,9 @@ diff -Nur openssh-8.8p1.orig/packet.h openssh-8.8p1/packet.h /* new API */ int sshpkt_start(struct ssh *ssh, u_char type); -diff -Nur openssh-8.8p1.orig/progressmeter.c openssh-8.8p1/progressmeter.c ---- openssh-8.8p1.orig/progressmeter.c 2021-09-26 16:03:19.000000000 +0200 -+++ openssh-8.8p1/progressmeter.c 2021-12-01 16:51:00.931474142 +0100 +diff -Nur openssh-9.0p1.orig/progressmeter.c openssh-9.0p1/progressmeter.c +--- openssh-9.0p1.orig/progressmeter.c 2022-04-06 02:47:48.000000000 +0200 ++++ openssh-9.0p1/progressmeter.c 2022-08-30 20:23:49.893993087 +0200 @@ -68,6 +68,8 @@ static off_t start_pos; /* initial position of transfer */ static off_t end_pos; /* ending position of transfer */ @@ -1641,9 +1650,9 @@ diff -Nur openssh-8.8p1.orig/progressmeter.c openssh-8.8p1/progressmeter.c } /*ARGSUSED*/ -diff -Nur openssh-8.8p1.orig/readconf.c openssh-8.8p1/readconf.c ---- openssh-8.8p1.orig/readconf.c 2021-12-01 16:50:22.519385577 +0100 -+++ openssh-8.8p1/readconf.c 2021-12-01 16:51:00.932474144 +0100 +diff -Nur openssh-9.0p1.orig/readconf.c openssh-9.0p1/readconf.c +--- openssh-9.0p1.orig/readconf.c 2022-08-30 20:22:42.471819975 +0200 ++++ openssh-9.0p1/readconf.c 2022-08-30 20:23:49.894993090 +0200 @@ -67,6 +67,7 @@ #include "uidswap.h" #include "myproposal.h" @@ -1673,7 +1682,7 @@ diff -Nur openssh-8.8p1.orig/readconf.c openssh-8.8p1/readconf.c { "sessiontype", oSessionType }, { "stdinnull", oStdinNull }, { "forkafterauthentication", oForkAfterAuthentication }, -@@ -336,6 +344,11 @@ +@@ -337,6 +345,11 @@ { "knownhostscommand", oKnownHostsCommand }, { "rsaminsize", oRSAMinSize }, @@ -1685,7 +1694,7 @@ diff -Nur openssh-8.8p1.orig/readconf.c openssh-8.8p1/readconf.c { NULL, oBadOption } }; -@@ -1172,6 +1185,46 @@ +@@ -1183,6 +1196,46 @@ intptr = &options->check_host_ip; goto parse_flag; @@ -1732,7 +1741,7 @@ diff -Nur openssh-8.8p1.orig/readconf.c openssh-8.8p1/readconf.c case oVerifyHostKeyDNS: intptr = &options->verify_host_key_dns; multistate_ptr = multistate_yesnoask; -@@ -1426,6 +1479,10 @@ +@@ -1437,6 +1490,10 @@ *intptr = value; break; @@ -1743,7 +1752,7 @@ diff -Nur openssh-8.8p1.orig/readconf.c openssh-8.8p1/readconf.c case oCiphers: arg = argv_next(&ac, &av); if (!arg || *arg == '\0') { -@@ -2467,6 +2524,14 @@ +@@ -2481,6 +2538,14 @@ options->ip_qos_interactive = -1; options->ip_qos_bulk = -1; options->request_tty = -1; @@ -1758,7 +1767,7 @@ diff -Nur openssh-8.8p1.orig/readconf.c openssh-8.8p1/readconf.c options->session_type = -1; options->stdin_null = -1; options->fork_after_authentication = -1; -@@ -2642,6 +2707,43 @@ +@@ -2657,6 +2722,43 @@ options->server_alive_interval = 0; if (options->server_alive_count_max == -1) options->server_alive_count_max = 3; @@ -1802,9 +1811,9 @@ diff -Nur openssh-8.8p1.orig/readconf.c openssh-8.8p1/readconf.c if (options->control_master == -1) options->control_master = 0; if (options->control_persist == -1) { -diff -Nur openssh-8.8p1.orig/readconf.h openssh-8.8p1/readconf.h ---- openssh-8.8p1.orig/readconf.h 2021-12-01 16:50:22.519385577 +0100 -+++ openssh-8.8p1/readconf.h 2021-12-01 16:51:00.932474144 +0100 +diff -Nur openssh-9.0p1.orig/readconf.h openssh-9.0p1/readconf.h +--- openssh-9.0p1.orig/readconf.h 2022-08-30 20:22:42.471819975 +0200 ++++ openssh-9.0p1/readconf.h 2022-08-30 20:23:49.895993092 +0200 @@ -55,6 +55,10 @@ int strict_host_key_checking; /* Strict host key checking. */ int compression; /* Compress packets in both directions. */ @@ -1829,9 +1838,9 @@ diff -Nur openssh-8.8p1.orig/readconf.h openssh-8.8p1/readconf.h int no_host_authentication_for_localhost; int identities_only; int server_alive_interval; -diff -Nur openssh-8.8p1.orig/regress/integrity.sh openssh-8.8p1/regress/integrity.sh ---- openssh-8.8p1.orig/regress/integrity.sh 2021-09-26 16:03:19.000000000 +0200 -+++ openssh-8.8p1/regress/integrity.sh 2021-12-01 16:51:00.933474146 +0100 +diff -Nur openssh-9.0p1.orig/regress/integrity.sh openssh-9.0p1/regress/integrity.sh +--- openssh-9.0p1.orig/regress/integrity.sh 2022-04-06 02:47:48.000000000 +0200 ++++ openssh-9.0p1/regress/integrity.sh 2022-08-30 20:23:49.895993092 +0200 @@ -21,6 +21,12 @@ cmd="$SUDO env SSH_SK_HELPER="$SSH_SK_HELPER" sh ${SRC}/sshd-log-wrapper.sh ${TEST_SSHD_LOGFILE} ${SSHD} -i -f $OBJ/sshd_proxy" @@ -1845,9 +1854,9 @@ diff -Nur openssh-8.8p1.orig/regress/integrity.sh openssh-8.8p1/regress/integrit trace "test $tid: mac $m" elen=0 epad=0 -diff -Nur openssh-8.8p1.orig/sandbox-seccomp-filter.c openssh-8.8p1/sandbox-seccomp-filter.c ---- openssh-8.8p1.orig/sandbox-seccomp-filter.c 2021-12-01 16:50:22.489385507 +0100 -+++ openssh-8.8p1/sandbox-seccomp-filter.c 2021-12-01 16:51:00.933474146 +0100 +diff -Nur openssh-9.0p1.orig/sandbox-seccomp-filter.c openssh-9.0p1/sandbox-seccomp-filter.c +--- openssh-9.0p1.orig/sandbox-seccomp-filter.c 2022-08-30 20:22:42.405819806 +0200 ++++ openssh-9.0p1/sandbox-seccomp-filter.c 2022-08-30 20:23:49.896993095 +0200 @@ -225,6 +225,9 @@ #ifdef __NR_geteuid32 SC_ALLOW(__NR_geteuid32), @@ -1858,7 +1867,7 @@ diff -Nur openssh-8.8p1.orig/sandbox-seccomp-filter.c openssh-8.8p1/sandbox-secc #ifdef __NR_getpgid SC_ALLOW(__NR_getpgid), #endif -@@ -318,6 +321,9 @@ +@@ -327,6 +330,9 @@ #ifdef __NR_sigprocmask SC_ALLOW(__NR_sigprocmask), #endif @@ -1868,10 +1877,10 @@ diff -Nur openssh-8.8p1.orig/sandbox-seccomp-filter.c openssh-8.8p1/sandbox-secc #ifdef __NR_time SC_ALLOW(__NR_time), #endif -diff -Nur openssh-8.8p1.orig/scp.c openssh-8.8p1/scp.c ---- openssh-8.8p1.orig/scp.c 2021-12-01 16:50:22.502385537 +0100 -+++ openssh-8.8p1/scp.c 2021-12-01 16:51:00.934474149 +0100 -@@ -1576,7 +1576,7 @@ +diff -Nur openssh-9.0p1.orig/scp.c openssh-9.0p1/scp.c +--- openssh-9.0p1.orig/scp.c 2022-08-30 20:22:42.444819906 +0200 ++++ openssh-9.0p1/scp.c 2022-08-30 20:23:49.897993097 +0200 +@@ -1605,7 +1605,7 @@ off_t size, statbytes; unsigned long long ull; int setimes, targisdir, wrerr; @@ -1880,9 +1889,9 @@ diff -Nur openssh-8.8p1.orig/scp.c openssh-8.8p1/scp.c char **patterns = NULL; size_t n, npatterns = 0; struct timeval tv[2]; -diff -Nur openssh-8.8p1.orig/servconf.c openssh-8.8p1/servconf.c ---- openssh-8.8p1.orig/servconf.c 2021-12-01 16:50:22.520385579 +0100 -+++ openssh-8.8p1/servconf.c 2021-12-01 16:51:00.935474151 +0100 +diff -Nur openssh-9.0p1.orig/servconf.c openssh-9.0p1/servconf.c +--- openssh-9.0p1.orig/servconf.c 2022-08-30 20:22:42.473819980 +0200 ++++ openssh-9.0p1/servconf.c 2022-08-30 20:23:49.899993103 +0200 @@ -70,6 +70,7 @@ #include "auth.h" #include "myproposal.h" @@ -1904,7 +1913,7 @@ diff -Nur openssh-8.8p1.orig/servconf.c openssh-8.8p1/servconf.c options->ip_qos_interactive = -1; options->ip_qos_bulk = -1; options->version_addendum = NULL; -@@ -290,6 +297,10 @@ +@@ -291,6 +298,10 @@ fill_default_server_options(ServerOptions *options) { u_int i; @@ -1915,7 +1924,7 @@ diff -Nur openssh-8.8p1.orig/servconf.c openssh-8.8p1/servconf.c /* Portable-specific options */ if (options->use_pam == -1) -@@ -461,6 +472,51 @@ +@@ -462,6 +473,51 @@ } if (options->permit_tun == -1) options->permit_tun = SSH_TUNMODE_NO; @@ -1967,7 +1976,7 @@ diff -Nur openssh-8.8p1.orig/servconf.c openssh-8.8p1/servconf.c if (options->ip_qos_interactive == -1) options->ip_qos_interactive = IPTOS_DSCP_AF21; if (options->ip_qos_bulk == -1) -@@ -531,6 +587,9 @@ +@@ -534,6 +590,9 @@ sKerberosGetAFSToken, sKerberosUniqueCCache, sKerberosUseKuserok, sPasswordAuthentication, sKbdInteractiveAuthentication, sListenAddress, sAddressFamily, sPrintMotd, sPrintLastLog, sIgnoreRhosts, @@ -1977,7 +1986,7 @@ diff -Nur openssh-8.8p1.orig/servconf.c openssh-8.8p1/servconf.c sX11Forwarding, sX11DisplayOffset, sX11MaxDisplays, sX11UseLocalhost, sPermitTTY, sStrictModes, sEmptyPasswd, sTCPKeepAlive, sPermitUserEnvironment, sAllowTcpForwarding, sCompression, -@@ -731,6 +790,12 @@ +@@ -735,6 +794,12 @@ { "revokedkeys", sRevokedKeys, SSHCFG_ALL }, { "trustedusercakeys", sTrustedUserCAKeys, SSHCFG_ALL }, { "authorizedprincipalsfile", sAuthorizedPrincipalsFile, SSHCFG_ALL }, @@ -1990,7 +1999,7 @@ diff -Nur openssh-8.8p1.orig/servconf.c openssh-8.8p1/servconf.c { "kexalgorithms", sKexAlgorithms, SSHCFG_GLOBAL }, { "include", sInclude, SSHCFG_ALL }, { "ipqos", sIPQoS, SSHCFG_ALL }, -@@ -789,6 +854,7 @@ +@@ -794,6 +859,7 @@ for (i = 0; keywords[i].name; i++) if (strcasecmp(cp, keywords[i].name) == 0) { @@ -1998,7 +2007,7 @@ diff -Nur openssh-8.8p1.orig/servconf.c openssh-8.8p1/servconf.c *flags = keywords[i].flags; return keywords[i].opcode; } -@@ -1566,12 +1632,36 @@ +@@ -1569,12 +1635,36 @@ multistate_ptr = multistate_ignore_rhosts; goto parse_multistate; @@ -2035,9 +2044,9 @@ diff -Nur openssh-8.8p1.orig/servconf.c openssh-8.8p1/servconf.c case sHostbasedAuthentication: intptr = &options->hostbased_authentication; goto parse_flag; -diff -Nur openssh-8.8p1.orig/servconf.h openssh-8.8p1/servconf.h ---- openssh-8.8p1.orig/servconf.h 2021-12-01 16:50:22.520385579 +0100 -+++ openssh-8.8p1/servconf.h 2021-12-01 16:51:00.935474151 +0100 +diff -Nur openssh-9.0p1.orig/servconf.h openssh-9.0p1/servconf.h +--- openssh-9.0p1.orig/servconf.h 2022-08-30 20:22:42.473819980 +0200 ++++ openssh-9.0p1/servconf.h 2022-08-30 20:23:49.900993105 +0200 @@ -214,6 +214,13 @@ int use_pam; /* Enable auth via PAM */ int permit_pam_user_change; /* Allow PAM to change user name */ @@ -2052,27 +2061,10 @@ diff -Nur openssh-8.8p1.orig/servconf.h openssh-8.8p1/servconf.h int permit_tun; char **permitted_opens; /* May also be one of PERMITOPEN_* */ -diff -Nur openssh-8.8p1.orig/serverloop.c openssh-8.8p1/serverloop.c ---- openssh-8.8p1.orig/serverloop.c 2021-12-01 16:50:22.503385540 +0100 -+++ openssh-8.8p1/serverloop.c 2021-12-01 16:51:00.936474153 +0100 -@@ -266,7 +266,7 @@ - process_input(struct ssh *ssh, fd_set *readset, int connection_in) - { - int r, len; -- char buf[16384]; -+ char buf[SSH_IOBUFSZ]; - - /* Read and buffer any input data from the client. */ - if (FD_ISSET(connection_in, readset)) { -@@ -287,6 +287,7 @@ - /* Buffer any received data. */ - if ((r = ssh_packet_process_incoming(ssh, buf, len)) != 0) - fatal_fr(r, "ssh_packet_process_incoming"); -+ ssh->fdout_bytes += len; - } - return 0; - } -@@ -340,6 +341,7 @@ +diff -Nur openssh-9.0p1.orig/serverloop.c openssh-9.0p1/serverloop.c +--- openssh-9.0p1.orig/serverloop.c 2022-08-30 20:22:42.446819911 +0200 ++++ openssh-9.0p1/serverloop.c 2022-08-30 20:23:49.900993105 +0200 +@@ -342,6 +342,7 @@ sigset_t bsigset, osigset; debug("Entering interactive session for SSH2."); @@ -2080,7 +2072,7 @@ diff -Nur openssh-8.8p1.orig/serverloop.c openssh-8.8p1/serverloop.c if (sigemptyset(&bsigset) == -1 || sigaddset(&bsigset, SIGCHLD) == -1) error_f("bsigset setup: %s", strerror(errno)); -@@ -388,6 +390,7 @@ +@@ -388,6 +389,7 @@ if (received_sigterm) { logit("Exiting on signal %d", (int)received_sigterm); @@ -2088,7 +2080,7 @@ diff -Nur openssh-8.8p1.orig/serverloop.c openssh-8.8p1/serverloop.c /* Clean up sessions, utmp, etc. */ cleanup_exit(255); } -@@ -409,6 +412,9 @@ +@@ -409,6 +411,9 @@ /* free all channels, no more reads and writes */ channel_free_all(ssh); @@ -2098,7 +2090,7 @@ diff -Nur openssh-8.8p1.orig/serverloop.c openssh-8.8p1/serverloop.c /* free remaining sessions, e.g. remove wtmp entries */ session_destroy_all(ssh, NULL); } -@@ -559,7 +565,8 @@ +@@ -559,7 +564,8 @@ debug("Tunnel forwarding using interface %s", ifname); c = channel_new(ssh, "tun", SSH_CHANNEL_OPEN, sock, sock, -1, @@ -2108,7 +2100,7 @@ diff -Nur openssh-8.8p1.orig/serverloop.c openssh-8.8p1/serverloop.c c->datagram = 1; #if defined(SSH_TUN_FILTER) if (mode == SSH_TUNMODE_POINTOPOINT) -@@ -610,6 +617,8 @@ +@@ -610,6 +616,8 @@ c = channel_new(ssh, "session", SSH_CHANNEL_LARVAL, -1, -1, -1, /*window size*/0, CHAN_SES_PACKET_DEFAULT, 0, "server-session", 1); @@ -2117,10 +2109,10 @@ diff -Nur openssh-8.8p1.orig/serverloop.c openssh-8.8p1/serverloop.c if (session_open(the_authctxt, c->self) != 1) { debug("session open failed, free channel %d", c->self); channel_free(ssh, c); -diff -Nur openssh-8.8p1.orig/session.c openssh-8.8p1/session.c ---- openssh-8.8p1.orig/session.c 2021-12-01 16:50:22.504385542 +0100 -+++ openssh-8.8p1/session.c 2021-12-01 16:51:00.936474153 +0100 -@@ -228,6 +228,7 @@ +diff -Nur openssh-9.0p1.orig/session.c openssh-9.0p1/session.c +--- openssh-9.0p1.orig/session.c 2022-08-30 20:22:42.447819914 +0200 ++++ openssh-9.0p1/session.c 2022-08-30 20:23:49.902993110 +0200 +@@ -227,6 +227,7 @@ goto authsock_err; /* Allocate a channel for the authentication agent socket. */ @@ -2128,7 +2120,7 @@ diff -Nur openssh-8.8p1.orig/session.c openssh-8.8p1/session.c nc = channel_new(ssh, "auth socket", SSH_CHANNEL_AUTH_SOCKET, sock, sock, -1, CHAN_X11_WINDOW_DEFAULT, CHAN_X11_PACKET_DEFAULT, -@@ -2363,7 +2364,8 @@ +@@ -2362,7 +2363,8 @@ channel_set_fds(ssh, s->chanid, fdout, fdin, fderr, ignore_fderr ? CHAN_EXTENDED_IGNORE : CHAN_EXTENDED_READ, @@ -2138,9 +2130,9 @@ diff -Nur openssh-8.8p1.orig/session.c openssh-8.8p1/session.c } /* -diff -Nur openssh-8.8p1.orig/sftp.1 openssh-8.8p1/sftp.1 ---- openssh-8.8p1.orig/sftp.1 2021-09-26 16:03:19.000000000 +0200 -+++ openssh-8.8p1/sftp.1 2021-12-01 16:51:00.937474156 +0100 +diff -Nur openssh-9.0p1.orig/sftp.1 openssh-9.0p1/sftp.1 +--- openssh-9.0p1.orig/sftp.1 2022-04-06 02:47:48.000000000 +0200 ++++ openssh-9.0p1/sftp.1 2022-08-30 20:23:49.903993113 +0200 @@ -295,7 +295,8 @@ Specify how many requests may be outstanding at any one time. Increasing this may slightly improve file transfer speed @@ -2151,9 +2143,9 @@ diff -Nur openssh-8.8p1.orig/sftp.1 openssh-8.8p1/sftp.1 .It Fl r Recursively copy entire directories when uploading and downloading. Note that -diff -Nur openssh-8.8p1.orig/sftp-client.c openssh-8.8p1/sftp-client.c ---- openssh-8.8p1.orig/sftp-client.c 2021-09-26 16:03:19.000000000 +0200 -+++ openssh-8.8p1/sftp-client.c 2021-12-01 16:51:00.937474156 +0100 +diff -Nur openssh-9.0p1.orig/sftp-client.c openssh-9.0p1/sftp-client.c +--- openssh-9.0p1.orig/sftp-client.c 2022-08-30 20:22:42.417819836 +0200 ++++ openssh-9.0p1/sftp-client.c 2022-08-30 20:23:49.904993115 +0200 @@ -72,7 +72,7 @@ #define DEFAULT_COPY_BUFLEN 32768 @@ -2163,9 +2155,9 @@ diff -Nur openssh-8.8p1.orig/sftp-client.c openssh-8.8p1/sftp-client.c /* Minimum amount of data to read at a time */ #define MIN_READ_SIZE 512 -diff -Nur openssh-8.8p1.orig/ssh_api.c openssh-8.8p1/ssh_api.c ---- openssh-8.8p1.orig/ssh_api.c 2021-09-26 16:03:19.000000000 +0200 -+++ openssh-8.8p1/ssh_api.c 2021-12-01 16:51:00.938474158 +0100 +diff -Nur openssh-9.0p1.orig/ssh_api.c openssh-9.0p1/ssh_api.c +--- openssh-9.0p1.orig/ssh_api.c 2022-04-06 02:47:48.000000000 +0200 ++++ openssh-9.0p1/ssh_api.c 2022-08-30 20:23:49.904993115 +0200 @@ -410,7 +410,7 @@ char *cp; int r; @@ -2175,9 +2167,9 @@ diff -Nur openssh-8.8p1.orig/ssh_api.c openssh-8.8p1/ssh_api.c return r; if ((r = sshbuf_putb(ssh_packet_get_output(ssh), banner)) != 0) return r; -diff -Nur openssh-8.8p1.orig/sshbuf.h openssh-8.8p1/sshbuf.h ---- openssh-8.8p1.orig/sshbuf.h 2021-09-26 16:03:19.000000000 +0200 -+++ openssh-8.8p1/sshbuf.h 2021-12-01 16:51:00.938474158 +0100 +diff -Nur openssh-9.0p1.orig/sshbuf.h openssh-9.0p1/sshbuf.h +--- openssh-9.0p1.orig/sshbuf.h 2022-04-06 02:47:48.000000000 +0200 ++++ openssh-9.0p1/sshbuf.h 2022-08-30 20:23:49.905993118 +0200 @@ -28,7 +28,7 @@ # endif /* OPENSSL_HAS_ECC */ #endif /* WITH_OPENSSL */ @@ -2187,10 +2179,10 @@ diff -Nur openssh-8.8p1.orig/sshbuf.h openssh-8.8p1/sshbuf.h #define SSHBUF_REFS_MAX 0x100000 /* Max child buffers */ #define SSHBUF_MAX_BIGNUM (16384 / 8) /* Max bignum *bytes* */ #define SSHBUF_MAX_ECPOINT ((528 * 2 / 8) + 1) /* Max EC point *bytes* */ -diff -Nur openssh-8.8p1.orig/ssh.c openssh-8.8p1/ssh.c ---- openssh-8.8p1.orig/ssh.c 2021-12-01 16:50:22.521385581 +0100 -+++ openssh-8.8p1/ssh.c 2021-12-01 16:51:00.939474160 +0100 -@@ -1057,6 +1057,10 @@ +diff -Nur openssh-9.0p1.orig/ssh.c openssh-9.0p1/ssh.c +--- openssh-9.0p1.orig/ssh.c 2022-08-30 20:22:42.475819985 +0200 ++++ openssh-9.0p1/ssh.c 2022-08-30 20:23:49.906993121 +0200 +@@ -1065,6 +1065,10 @@ break; case 'T': options.request_tty = REQUEST_TTY_NO; @@ -2201,7 +2193,7 @@ diff -Nur openssh-8.8p1.orig/ssh.c openssh-8.8p1/ssh.c break; case 'o': line = xstrdup(optarg); -@@ -1785,6 +1789,8 @@ +@@ -1801,6 +1805,8 @@ setproctitle("%s [mux]", options.control_path); } @@ -2210,7 +2202,7 @@ diff -Nur openssh-8.8p1.orig/ssh.c openssh-8.8p1/ssh.c /* Do fork() after authentication. Used by "ssh -f" */ static void fork_postauth(void) -@@ -2103,6 +2109,79 @@ +@@ -2118,6 +2124,79 @@ NULL, fileno(stdin), command, environ); } @@ -2290,7 +2282,7 @@ diff -Nur openssh-8.8p1.orig/ssh.c openssh-8.8p1/ssh.c /* open new channel for a session */ static int ssh_session2_open(struct ssh *ssh) -@@ -2121,9 +2200,11 @@ +@@ -2136,9 +2215,11 @@ if (in == -1 || out == -1 || err == -1) fatal("dup() in/out/err failed"); @@ -2303,7 +2295,7 @@ diff -Nur openssh-8.8p1.orig/ssh.c openssh-8.8p1/ssh.c window >>= 1; packetmax >>= 1; } -@@ -2134,6 +2215,11 @@ +@@ -2149,6 +2230,11 @@ debug3_f("channel_new: %d", c->self); @@ -2315,7 +2307,7 @@ diff -Nur openssh-8.8p1.orig/ssh.c openssh-8.8p1/ssh.c channel_send_open(ssh, c->self); if (options.session_type != SESSION_TYPE_NONE) channel_register_open_confirm(ssh, c->self, -@@ -2148,6 +2234,13 @@ +@@ -2163,6 +2249,13 @@ int r, id = -1; char *cp, *tun_fwd_ifname = NULL; @@ -2329,9 +2321,9 @@ diff -Nur openssh-8.8p1.orig/ssh.c openssh-8.8p1/ssh.c /* XXX should be pre-session */ if (!options.control_persist) ssh_init_stdio_forwarding(ssh); -diff -Nur openssh-8.8p1.orig/sshconnect2.c openssh-8.8p1/sshconnect2.c ---- openssh-8.8p1.orig/sshconnect2.c 2021-12-01 16:50:22.523385586 +0100 -+++ openssh-8.8p1/sshconnect2.c 2021-12-01 16:51:00.940474162 +0100 +diff -Nur openssh-9.0p1.orig/sshconnect2.c openssh-9.0p1/sshconnect2.c +--- openssh-9.0p1.orig/sshconnect2.c 2022-08-30 20:22:42.477819991 +0200 ++++ openssh-9.0p1/sshconnect2.c 2022-08-30 20:23:49.907993123 +0200 @@ -86,6 +86,13 @@ extern Options options; @@ -2346,7 +2338,7 @@ diff -Nur openssh-8.8p1.orig/sshconnect2.c openssh-8.8p1/sshconnect2.c * SSH2 key exchange */ -@@ -212,6 +219,8 @@ +@@ -216,6 +223,8 @@ return ret; } @@ -2355,7 +2347,7 @@ diff -Nur openssh-8.8p1.orig/sshconnect2.c openssh-8.8p1/sshconnect2.c void ssh_kex2(struct ssh *ssh, char *host, struct sockaddr *hostaddr, u_short port, const struct ssh_conn_info *cinfo) -@@ -225,6 +234,10 @@ +@@ -231,6 +240,10 @@ char *gss_host = NULL; #endif @@ -2366,7 +2358,7 @@ diff -Nur openssh-8.8p1.orig/sshconnect2.c openssh-8.8p1/sshconnect2.c xxx_host = host; xxx_hostaddr = hostaddr; xxx_conn_info = cinfo; -@@ -569,6 +582,53 @@ +@@ -583,6 +596,53 @@ if (!authctxt.success) fatal("Authentication failed."); @@ -2420,9 +2412,9 @@ diff -Nur openssh-8.8p1.orig/sshconnect2.c openssh-8.8p1/sshconnect2.c if (ssh_packet_connection_is_on_socket(ssh)) { verbose("Authenticated to %s ([%s]:%d) using \"%s\".", host, ssh_remote_ipaddr(ssh), ssh_remote_port(ssh), -diff -Nur openssh-8.8p1.orig/sshconnect.c openssh-8.8p1/sshconnect.c ---- openssh-8.8p1.orig/sshconnect.c 2021-12-01 16:50:22.434385381 +0100 -+++ openssh-8.8p1/sshconnect.c 2021-12-01 16:51:00.940474162 +0100 +diff -Nur openssh-9.0p1.orig/sshconnect.c openssh-9.0p1/sshconnect.c +--- openssh-9.0p1.orig/sshconnect.c 2022-08-30 20:22:42.325819600 +0200 ++++ openssh-9.0p1/sshconnect.c 2022-08-30 20:23:49.909993128 +0200 @@ -345,6 +345,30 @@ #endif @@ -2464,10 +2456,10 @@ diff -Nur openssh-8.8p1.orig/sshconnect.c openssh-8.8p1/sshconnect.c /* Use interactive QOS (if specified) until authentication completed */ if (options.ip_qos_interactive != INT_MAX) set_sock_tos(sock, options.ip_qos_interactive); -diff -Nur openssh-8.8p1.orig/sshd.c openssh-8.8p1/sshd.c ---- openssh-8.8p1.orig/sshd.c 2021-12-01 16:50:22.524385588 +0100 -+++ openssh-8.8p1/sshd.c 2021-12-01 16:51:00.941474165 +0100 -@@ -1110,6 +1110,8 @@ +diff -Nur openssh-9.0p1.orig/sshd.c openssh-9.0p1/sshd.c +--- openssh-9.0p1.orig/sshd.c 2022-08-30 20:22:42.478819993 +0200 ++++ openssh-9.0p1/sshd.c 2022-08-30 20:23:49.910993131 +0200 +@@ -1106,6 +1106,8 @@ int ret, listen_sock; struct addrinfo *ai; char ntop[NI_MAXHOST], strport[NI_MAXSERV]; @@ -2476,7 +2468,7 @@ diff -Nur openssh-8.8p1.orig/sshd.c openssh-8.8p1/sshd.c for (ai = la->addrs; ai; ai = ai->ai_next) { if (ai->ai_family != AF_INET && ai->ai_family != AF_INET6) -@@ -1155,6 +1157,11 @@ +@@ -1151,6 +1153,11 @@ debug("Bind to port %s on %s.", strport, ntop); @@ -2488,7 +2480,7 @@ diff -Nur openssh-8.8p1.orig/sshd.c openssh-8.8p1/sshd.c /* Bind the socket to the desired port. */ if (bind(listen_sock, ai->ai_addr, ai->ai_addrlen) == -1) { error("Bind to port %s on %s failed: %.200s.", -@@ -1854,6 +1861,19 @@ +@@ -1857,6 +1864,19 @@ /* Fill in default values for those options not explicitly set. */ fill_default_server_options(&options); @@ -2508,7 +2500,7 @@ diff -Nur openssh-8.8p1.orig/sshd.c openssh-8.8p1/sshd.c /* Check that options are sensible */ if (options.authorized_keys_command_user == NULL && (options.authorized_keys_command != NULL && -@@ -2301,6 +2321,9 @@ +@@ -2311,6 +2331,9 @@ rdomain == NULL ? "" : "\""); free(laddr); @@ -2518,7 +2510,7 @@ diff -Nur openssh-8.8p1.orig/sshd.c openssh-8.8p1/sshd.c /* * We don't want to listen forever unless the other side * successfully authenticates itself. So we set up an alarm which is -@@ -2413,6 +2436,25 @@ +@@ -2423,6 +2446,25 @@ /* Try to send all our hostkeys to the client */ notify_hostkeys(ssh); @@ -2544,7 +2536,7 @@ diff -Nur openssh-8.8p1.orig/sshd.c openssh-8.8p1/sshd.c /* Start session. */ do_authenticated(ssh, authctxt); -@@ -2486,6 +2528,11 @@ +@@ -2498,6 +2540,11 @@ char *prop_kex = NULL, *prop_enc = NULL, *prop_hostkey = NULL; int r; @@ -2556,9 +2548,9 @@ diff -Nur openssh-8.8p1.orig/sshd.c openssh-8.8p1/sshd.c myproposal[PROPOSAL_KEX_ALGS] = prop_kex = compat_kex_proposal(ssh, options.kex_algorithms); myproposal[PROPOSAL_ENC_ALGS_CTOS] = -diff -Nur openssh-8.8p1.orig/sshd_config openssh-8.8p1/sshd_config ---- openssh-8.8p1.orig/sshd_config 2021-12-01 16:50:22.524385588 +0100 -+++ openssh-8.8p1/sshd_config 2021-12-01 16:51:00.941474165 +0100 +diff -Nur openssh-9.0p1.orig/sshd_config openssh-9.0p1/sshd_config +--- openssh-9.0p1.orig/sshd_config 2022-08-30 20:22:42.478819993 +0200 ++++ openssh-9.0p1/sshd_config 2022-08-30 20:23:49.911993133 +0200 @@ -127,6 +127,28 @@ # override default of no subsystems Subsystem sftp /usr/libexec/sftp-server @@ -2588,9 +2580,9 @@ diff -Nur openssh-8.8p1.orig/sshd_config openssh-8.8p1/sshd_config # Example of overriding settings on a per-user basis #Match User anoncvs # X11Forwarding no -diff -Nur openssh-8.8p1.orig/version.h openssh-8.8p1/version.h ---- openssh-8.8p1.orig/version.h 2021-12-01 16:50:22.525385590 +0100 -+++ openssh-8.8p1/version.h 2021-12-01 16:51:00.941474165 +0100 +diff -Nur openssh-9.0p1.orig/version.h openssh-9.0p1/version.h +--- openssh-9.0p1.orig/version.h 2022-08-30 20:22:42.480819998 +0200 ++++ openssh-9.0p1/version.h 2022-08-30 20:23:49.911993133 +0200 @@ -16,5 +16,6 @@ #define SSH_PORTABLE "p1" From 05c1b1980c7ca7460b19687a16ca6973320a7768 Mon Sep 17 00:00:00 2001 From: Mattias Ellert Date: Thu, 1 Sep 2022 16:16:32 +0200 Subject: [PATCH 07/44] Update sources file --- sources | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/sources b/sources index 1dadfbc..82d7797 100644 --- a/sources +++ b/sources @@ -1,3 +1,3 @@ -SHA512 (openssh-8.8p1.tar.gz) = d44cd04445f9c8963513b0d5a7e8348985114ff2471e119a6e344498719ef40f09c61c354888a3be9dabcb5870e5cbe5d3aafbb861dfa1d82a4952f3d233a8df -SHA512 (openssh-8.8p1.tar.gz.asc) = 165e025305902f884d04d4444fa3143e4ea1a25a1c65aafe05e113537b3d3e50f7cd5f818bc2ca3404699372ca78f69c46b7452faf2d3998c448a5b80a411ae4 +SHA512 (openssh-9.0p1.tar.gz) = 613ae95317e734868c6a60d9cc5af47a889baa3124bbdd2b31bb51dd6b57b136f4cfcb5604cca78a03bd500baab9b9b45eaf77e038b1ed776c86dce0437449a9 +SHA512 (openssh-9.0p1.tar.gz.asc) = 7b1445764058435d2fa8a9c7553643983650d4232036c088e46e44beeb538d32cba88f775b1be9da5f21a01d6caea59b3dc4714507781e9cb946546fa54f169f SHA512 (gpgkey-736060BA.gpg) = df44f3fdbcd1d596705348c7f5aed3f738c5f626a55955e0642f7c6c082995cf36a1b1891bb41b8715cb2aff34fef1c877e0eff0d3507dd00a055ba695757a21 From a8b9dae4de38ea46bf133295cf1e486d1a0fc1cd Mon Sep 17 00:00:00 2001 From: Mattias Ellert Date: Sat, 8 Oct 2022 09:55:00 +0200 Subject: [PATCH 08/44] Based on openssh-9.0p1-6.fc38 --- gsi-openssh-server-systemd-sysusers.conf | 2 + gsi-openssh-systemd-sysusers.conf | 2 + gsi-openssh.spec | 22 +- openssh-8.7p1-minrsabits.patch | 256 ++++++++++++----------- openssh-8.7p1-ssh-manpage.patch | 4 +- openssh-9.0p1-hpn-15.2-modified.patch | 4 +- 6 files changed, 151 insertions(+), 139 deletions(-) create mode 100644 gsi-openssh-server-systemd-sysusers.conf create mode 100644 gsi-openssh-systemd-sysusers.conf diff --git a/gsi-openssh-server-systemd-sysusers.conf b/gsi-openssh-server-systemd-sysusers.conf new file mode 100644 index 0000000..419c529 --- /dev/null +++ b/gsi-openssh-server-systemd-sysusers.conf @@ -0,0 +1,2 @@ +#Type Name ID GECOS Home directory Shell +u sshd 74 "Privilege-separated SSH" /usr/share/empty.sshd - diff --git a/gsi-openssh-systemd-sysusers.conf b/gsi-openssh-systemd-sysusers.conf new file mode 100644 index 0000000..1192c0b --- /dev/null +++ b/gsi-openssh-systemd-sysusers.conf @@ -0,0 +1,2 @@ +#Type Name ID +g ssh_keys 101 diff --git a/gsi-openssh.spec b/gsi-openssh.spec index 4c83205..352c093 100644 --- a/gsi-openssh.spec +++ b/gsi-openssh.spec @@ -10,10 +10,6 @@ %global _hardened_build 1 -# OpenSSH privilege separation requires a user & group ID -%global sshd_uid 74 -%global sshd_gid 74 - # Build position-independent executables (requires toolchain support)? %global pie 1 @@ -28,7 +24,7 @@ %global libedit 1 %global openssh_ver 9.0p1 -%global openssh_rel 1 +%global openssh_rel 2 Summary: An implementation of the SSH protocol with GSI authentication Name: gsi-openssh @@ -48,6 +44,8 @@ Source11: gsisshd.service Source12: gsisshd-keygen@.service Source13: gsisshd-keygen Source15: gsisshd-keygen.target +Source18: %{name}-systemd-sysusers.conf +Source19: %{name}-server-systemd-sysusers.conf Source99: README.sshd-and-gsisshd #https://bugzilla.mindrot.org/show_bug.cgi?id=2581 @@ -459,6 +457,8 @@ install -m644 %{SOURCE12} $RPM_BUILD_ROOT/%{_unitdir}/gsisshd-keygen@.service install -m644 %{SOURCE15} $RPM_BUILD_ROOT/%{_unitdir}/gsisshd-keygen.target install -m755 %{SOURCE13} $RPM_BUILD_ROOT/%{_libexecdir}/gsissh/sshd-keygen install -d -m711 ${RPM_BUILD_ROOT}/%{_datadir}/empty.sshd +install -p -D -m 0644 %{SOURCE18} $RPM_BUILD_ROOT%{_sysusersdir}/%{name}.conf +install -p -D -m 0644 %{SOURCE19} $RPM_BUILD_ROOT%{_sysusersdir}/%{name}-server.conf rm $RPM_BUILD_ROOT%{_bindir}/ssh-add rm $RPM_BUILD_ROOT%{_bindir}/ssh-agent @@ -481,13 +481,10 @@ done perl -pi -e "s|$RPM_BUILD_ROOT||g" $RPM_BUILD_ROOT%{_mandir}/man*/* %pre -getent group ssh_keys >/dev/null || groupadd -r -g 101 ssh_keys || : +%sysusers_create_compat %{SOURCE18} %pre server -getent group sshd >/dev/null || groupadd -g %{sshd_uid} -r sshd || : -getent passwd sshd >/dev/null || \ - useradd -c "Privilege-separated SSH" -u %{sshd_uid} -g sshd \ - -s /sbin/nologin -r -d /usr/share/empty.sshd sshd 2> /dev/null || : +%sysusers_create_compat %{SOURCE19} %post server %systemd_post gsisshd.service gsisshd.socket @@ -508,6 +505,7 @@ getent passwd sshd >/dev/null || \ %attr(0755,root,root) %dir %{_libexecdir}/gsissh %attr(2755,root,ssh_keys) %{_libexecdir}/gsissh/ssh-keysign %attr(0644,root,root) %{_mandir}/man8/gsissh-keysign.8* +%attr(0644,root,root) %{_sysusersdir}/%{name}.conf %files clients %attr(0755,root,root) %{_bindir}/gsissh @@ -540,8 +538,12 @@ getent passwd sshd >/dev/null || \ %attr(0644,root,root) %{_unitdir}/gsisshd.socket %attr(0644,root,root) %{_unitdir}/gsisshd-keygen@.service %attr(0644,root,root) %{_unitdir}/gsisshd-keygen.target +%attr(0644,root,root) %{_sysusersdir}/%{name}-server.conf %changelog +* Tue Oct 04 2022 Mattias Ellert - 9.0p1-2 +- Based on openssh-9.0p1-5.fc38 + * Tue Aug 30 2022 Mattias Ellert - 9.0p1-1 - Based on openssh-9.0p1-3.fc38 diff --git a/openssh-8.7p1-minrsabits.patch b/openssh-8.7p1-minrsabits.patch index 259129f..ad91fe7 100644 --- a/openssh-8.7p1-minrsabits.patch +++ b/openssh-8.7p1-minrsabits.patch @@ -1,184 +1,188 @@ diff --git a/auth2-hostbased.c b/auth2-hostbased.c -index 2ab222ed6..4e9437912 100644 +index 36b9d2f5..6b517db4 100644 --- a/auth2-hostbased.c +++ b/auth2-hostbased.c -@@ -118,6 +118,10 @@ userauth_hostbased(struct ssh *ssh, const char *method) +@@ -119,6 +119,11 @@ userauth_hostbased(struct ssh *ssh, const char *method) "(null)" : key->cert->signature_type); goto done; } -+ if ((r = sshkey_check_rsa_length(key, options.rsa_min_size)) != 0) { -+ logit("refusing %s key", sshkey_type(key)); ++ if ((r = sshkey_check_rsa_length(key, ++ options.required_rsa_size)) != 0) { ++ logit_r(r, "refusing %s key", sshkey_type(key)); + goto done; + } if (!authctxt->valid || authctxt->user == NULL) { debug2_f("disabled because of invalid user"); diff --git a/auth2-pubkey.c b/auth2-pubkey.c -index daa756a01..68e7dea1f 100644 +index 962fd342..5d59febc 100644 --- a/auth2-pubkey.c +++ b/auth2-pubkey.c -@@ -172,6 +172,10 @@ userauth_pubkey(struct ssh *ssh, const char *method) +@@ -175,6 +175,11 @@ userauth_pubkey(struct ssh *ssh, const char *method) "(null)" : key->cert->signature_type); goto done; } -+ if ((r = sshkey_check_rsa_length(key, options.rsa_min_size)) != 0) { -+ logit("refusing %s key", sshkey_type(key)); ++ if ((r = sshkey_check_rsa_length(key, ++ options.required_rsa_size)) != 0) { ++ logit_r(r, "refusing %s key", sshkey_type(key)); + goto done; + } key_s = format_key(key); if (sshkey_is_cert(key)) ca_s = format_key(key->cert->signature_key); diff --git a/readconf.c b/readconf.c -index 5b5afa8e3..5e17abd41 100644 +index 7f26c680..42be690b 100644 --- a/readconf.c +++ b/readconf.c -@@ -160,7 +160,7 @@ typedef enum { +@@ -174,7 +174,7 @@ typedef enum { oStreamLocalBindMask, oStreamLocalBindUnlink, oRevokedHostKeys, oFingerprintHash, oUpdateHostkeys, oHostbasedAcceptedAlgorithms, oPubkeyAcceptedAlgorithms, oCASignatureAlgorithms, oProxyJump, - oSecurityKeyProvider, oKnownHostsCommand, -+ oSecurityKeyProvider, oKnownHostsCommand, oRSAMinSize, ++ oSecurityKeyProvider, oKnownHostsCommand, oRequiredRSASize, oIgnore, oIgnoredUnknownOption, oDeprecated, oUnsupported } OpCodes; -@@ -306,6 +306,7 @@ static struct { +@@ -320,6 +320,8 @@ static struct { { "proxyjump", oProxyJump }, { "securitykeyprovider", oSecurityKeyProvider }, { "knownhostscommand", oKnownHostsCommand }, -+ { "rsaminsize", oRSAMinSize }, ++ { "requiredrsasize", oRequiredRSASize }, ++ { "rsaminsize", oRequiredRSASize }, /* alias */ { NULL, oBadOption } }; -@@ -2162,6 +2163,10 @@ process_config_line_depth(Options *options, struct passwd *pw, const char *host, +@@ -2176,6 +2177,10 @@ parse_pubkey_algos: *charptr = xstrdup(arg); break; -+ case oRSAMinSize: -+ intptr = &options->rsa_min_size; ++ case oRequiredRSASize: ++ intptr = &options->required_rsa_size; + goto parse_int; + case oDeprecated: debug("%s line %d: Deprecated option \"%s\"", filename, linenum, keyword); -@@ -2409,6 +2414,7 @@ initialize_options(Options * options) +@@ -2423,6 +2428,7 @@ initialize_options(Options * options) options->hostbased_accepted_algos = NULL; options->pubkey_accepted_algos = NULL; options->known_hosts_command = NULL; -+ options->rsa_min_size = -1; ++ options->required_rsa_size = -1; } /* -@@ -2598,6 +2604,8 @@ fill_default_options(Options * options) +@@ -2619,6 +2625,8 @@ fill_default_options(Options * options) if (options->sk_provider == NULL) options->sk_provider = xstrdup("$SSH_SK_PROVIDER"); #endif -+ if (options->rsa_min_size == -1) -+ options->rsa_min_size = SSH_RSA_MINIMUM_MODULUS_SIZE; ++ if (options->required_rsa_size == -1) ++ options->required_rsa_size = SSH_RSA_MINIMUM_MODULUS_SIZE; /* Expand KEX name lists */ all_cipher = cipher_alg_list(',', 0); -@@ -3287,6 +3295,7 @@ dump_client_config(Options *o, const char *host) +@@ -3308,6 +3316,7 @@ dump_client_config(Options *o, const char *host) dump_cfg_int(oNumberOfPasswordPrompts, o->number_of_password_prompts); dump_cfg_int(oServerAliveCountMax, o->server_alive_count_max); dump_cfg_int(oServerAliveInterval, o->server_alive_interval); -+ dump_cfg_int(oRSAMinSize, o->rsa_min_size); ++ dump_cfg_int(oRequiredRSASize, o->required_rsa_size); /* String options */ dump_cfg_string(oBindAddress, o->bind_address); diff --git a/readconf.h b/readconf.h -index f647bd42a..29db353ab 100644 +index f647bd42..ffb5ec4f 100644 --- a/readconf.h +++ b/readconf.h @@ -176,6 +176,8 @@ typedef struct { char *known_hosts_command; -+ int rsa_min_size; /* minimum size of RSA keys */ ++ int required_rsa_size; /* minimum size of RSA keys */ + char *ignored_unknown; /* Pattern list of unknown tokens to ignore */ } Options; diff --git a/servconf.c b/servconf.c -index f7317a5cb..362ff5b67 100644 +index 29df0463..423772b1 100644 --- a/servconf.c +++ b/servconf.c -@@ -177,6 +177,7 @@ initialize_server_options(ServerOptions *options) +@@ -195,6 +195,7 @@ initialize_server_options(ServerOptions *options) options->fingerprint_hash = -1; options->disable_forwarding = -1; options->expose_userauth_info = -1; -+ options->rsa_min_size = -1; ++ options->required_rsa_size = -1; } /* Returns 1 if a string option is unset or set to "none" or 0 otherwise. */ -@@ -416,6 +417,8 @@ fill_default_server_options(ServerOptions *options) +@@ -441,6 +442,8 @@ fill_default_server_options(ServerOptions *options) options->expose_userauth_info = 0; if (options->sk_provider == NULL) options->sk_provider = xstrdup("internal"); -+ if (options->rsa_min_size == -1) -+ options->rsa_min_size = SSH_RSA_MINIMUM_MODULUS_SIZE; ++ if (options->required_rsa_size == -1) ++ options->required_rsa_size = SSH_RSA_MINIMUM_MODULUS_SIZE; assemble_algorithms(options); -@@ -489,6 +492,7 @@ typedef enum { +@@ -517,6 +520,7 @@ typedef enum { sStreamLocalBindMask, sStreamLocalBindUnlink, sAllowStreamLocalForwarding, sFingerprintHash, sDisableForwarding, sExposeAuthInfo, sRDomain, sPubkeyAuthOptions, sSecurityKeyProvider, -+ sRSAMinSize, ++ sRequiredRSASize, sDeprecated, sIgnore, sUnsupported } ServerOpCodes; -@@ -632,6 +636,7 @@ static struct { +@@ -676,6 +680,8 @@ static struct { { "rdomain", sRDomain, SSHCFG_ALL }, { "casignaturealgorithms", sCASignatureAlgorithms, SSHCFG_ALL }, { "securitykeyprovider", sSecurityKeyProvider, SSHCFG_GLOBAL }, -+ { "rsaminsize", sRSAMinSize, SSHCFG_ALL }, ++ { "requiredrsasize", sRequiredRSASize, SSHCFG_ALL }, ++ { "rsaminsize", sRequiredRSASize, SSHCFG_ALL }, /* alias */ { NULL, sBadOption, 0 } }; -@@ -2377,6 +2382,10 @@ process_server_config_line_depth(ServerOptions *options, char *line, +@@ -2438,6 +2443,10 @@ process_server_config_line_depth(ServerOptions *options, char *line, *charptr = xstrdup(arg); break; -+ case sRSAMinSize: -+ intptr = &options->rsa_min_size; ++ case sRequiredRSASize: ++ intptr = &options->required_rsa_size; + goto parse_int; + case sDeprecated: case sIgnore: case sUnsupported: -@@ -2549,6 +2558,7 @@ copy_set_server_options(ServerOptions *dst, ServerOptions *src, int preauth) +@@ -2610,6 +2619,7 @@ copy_set_server_options(ServerOptions *dst, ServerOptions *src, int preauth) M_CP_INTOPT(rekey_limit); M_CP_INTOPT(rekey_interval); M_CP_INTOPT(log_level); -+ M_CP_INTOPT(rsa_min_size); ++ M_CP_INTOPT(required_rsa_size); /* * The bind_mask is a mode_t that may be unsigned, so we can't use -@@ -2810,6 +2820,7 @@ dump_config(ServerOptions *o) +@@ -2874,6 +2884,7 @@ dump_config(ServerOptions *o) dump_cfg_int(sMaxSessions, o->max_sessions); dump_cfg_int(sClientAliveInterval, o->client_alive_interval); dump_cfg_int(sClientAliveCountMax, o->client_alive_count_max); -+ dump_cfg_int(sRSAMinSize, o->rsa_min_size); ++ dump_cfg_int(sRequiredRSASize, o->required_rsa_size); dump_cfg_oct(sStreamLocalBindMask, o->fwd_opts.streamlocal_bind_mask); /* formatted integer arguments */ diff --git a/servconf.h b/servconf.h -index 115db1e79..2e3486906 100644 +index 8a04463e..9346155c 100644 --- a/servconf.h +++ b/servconf.h -@@ -227,6 +227,7 @@ typedef struct { +@@ -229,6 +229,7 @@ typedef struct { int expose_userauth_info; u_int64_t timing_secret; char *sk_provider; -+ int rsa_min_size; /* minimum size of RSA keys */ ++ int required_rsa_size; /* minimum size of RSA keys */ } ServerOptions; /* Information about the incoming connection as used by Match */ diff --git a/ssh.c b/ssh.c -index a926cc007..cd13fb879 100644 +index 559bf2af..25be53d5 100644 --- a/ssh.c +++ b/ssh.c -@@ -500,14 +500,22 @@ resolve_canonicalize(char **hostp, int port) +@@ -516,14 +516,22 @@ resolve_canonicalize(char **hostp, int port) } /* @@ -196,7 +200,7 @@ index a926cc007..cd13fb879 100644 + /* Check RSA keys size and discard if undersized */ + if (k != NULL && *k != NULL && + (r = sshkey_check_rsa_length(*k, -+ options.rsa_min_size)) != 0) { ++ options.required_rsa_size)) != 0) { + error_r(r, "load %s \"%s\"", message, path); + free(*k); + *k = NULL; @@ -204,26 +208,26 @@ index a926cc007..cd13fb879 100644 break; case SSH_ERR_INTERNAL_ERROR: case SSH_ERR_ALLOC_FAIL: -@@ -1565,7 +1573,7 @@ main(int ac, char **av) +@@ -1578,7 +1586,7 @@ main(int ac, char **av) if ((o) >= sensitive_data.nkeys) \ fatal_f("pubkey out of array bounds"); \ check_load(sshkey_load_public(p, &(sensitive_data.keys[o]), NULL), \ - p, "pubkey"); \ + &(sensitive_data.keys[o]), p, "pubkey"); \ - if (sensitive_data.keys[o] != NULL) \ - debug2("hostbased key %d: %s key from \"%s\"", o, \ - sshkey_ssh_name(sensitive_data.keys[o]), p); \ -@@ -1573,7 +1581,8 @@ main(int ac, char **av) + if (sensitive_data.keys[o] != NULL) \ + debug2("hostbased key %d: %s key from \"%s\"", o, \ + sshkey_ssh_name(sensitive_data.keys[o]), p); \ +@@ -1586,7 +1594,8 @@ main(int ac, char **av) #define L_CERT(p,o) do { \ if ((o) >= sensitive_data.nkeys) \ fatal_f("cert out of array bounds"); \ - check_load(sshkey_load_cert(p, &(sensitive_data.keys[o])), p, "cert"); \ + check_load(sshkey_load_cert(p, &(sensitive_data.keys[o])), \ + &(sensitive_data.keys[o]), p, "cert"); \ - if (sensitive_data.keys[o] != NULL) \ - debug2("hostbased key %d: %s cert from \"%s\"", o, \ - sshkey_ssh_name(sensitive_data.keys[o]), p); \ -@@ -2244,7 +2253,7 @@ load_public_identity_files(const struct ssh_conn_info *cinfo) + if (sensitive_data.keys[o] != NULL) \ + debug2("hostbased key %d: %s cert from \"%s\"", o, \ + sshkey_ssh_name(sensitive_data.keys[o]), p); \ +@@ -2265,7 +2274,7 @@ load_public_identity_files(const struct ssh_conn_info *cinfo) filename = default_client_percent_dollar_expand(cp, cinfo); free(cp); check_load(sshkey_load_public(filename, &public, NULL), @@ -232,7 +236,7 @@ index a926cc007..cd13fb879 100644 debug("identity file %s type %d", filename, public ? public->type : -1); free(options.identity_files[i]); -@@ -2263,7 +2272,7 @@ load_public_identity_files(const struct ssh_conn_info *cinfo) +@@ -2284,7 +2293,7 @@ load_public_identity_files(const struct ssh_conn_info *cinfo) continue; xasprintf(&cp, "%s-cert", filename); check_load(sshkey_load_public(cp, &public, NULL), @@ -241,7 +245,7 @@ index a926cc007..cd13fb879 100644 debug("identity file %s type %d", cp, public ? public->type : -1); if (public == NULL) { -@@ -2294,7 +2303,7 @@ load_public_identity_files(const struct ssh_conn_info *cinfo) +@@ -2315,7 +2324,7 @@ load_public_identity_files(const struct ssh_conn_info *cinfo) free(cp); check_load(sshkey_load_public(filename, &public, NULL), @@ -251,25 +255,27 @@ index a926cc007..cd13fb879 100644 public ? public->type : -1); free(options.certificate_files[i]); diff --git a/sshconnect2.c b/sshconnect2.c -index 67f8e0309..d050c1656 100644 +index f9bd19ea..58fe98db 100644 --- a/sshconnect2.c +++ b/sshconnect2.c -@@ -91,6 +91,10 @@ static const struct ssh_conn_info *xxx_conn_info; +@@ -96,6 +96,11 @@ static const struct ssh_conn_info *xxx_conn_info; static int verify_host_key_callback(struct sshkey *hostkey, struct ssh *ssh) { + int r; + -+ if ((r = sshkey_check_rsa_length(hostkey, options.rsa_min_size)) != 0) ++ if ((r = sshkey_check_rsa_length(hostkey, ++ options.required_rsa_size)) != 0) + fatal_r(r, "Bad server host key"); if (verify_host_key(xxx_host, xxx_hostaddr, hostkey, xxx_conn_info) == -1) fatal("Host key verification failed."); -@@ -1762,6 +1762,12 @@ load_identity_file(Identity *id) +@@ -1606,6 +1611,13 @@ load_identity_file(Identity *id) private = NULL; quit = 1; } -+ if (r = sshkey_check_rsa_length(private, options.rsa_min_size) != 0) { ++ if (!quit && (r = sshkey_check_rsa_length(private, ++ options.required_rsa_size)) != 0) { + debug_fr(r, "Skipping key %s", id->filename); + sshkey_free(private); + private = NULL; @@ -278,12 +284,12 @@ index 67f8e0309..d050c1656 100644 if (!quit && private != NULL && id->agent_fd == -1 && !(id->key && id->isprivate)) maybe_add_key_to_agent(id->filename, private, comment, -@@ -1747,6 +1751,12 @@ pubkey_prepare(struct ssh *ssh, Authctxt *authctxt) - /* list of keys supported by the agent */ - if ((r = get_agent_identities(ssh, &agent_fd, &idlist)) == 0) { - for (j = 0; j < idlist->nkeys; j++) { +@@ -1752,6 +1764,12 @@ pubkey_prepare(struct ssh *ssh, Authctxt *authctxt) + /* list of keys supported by the agent */ + if ((r = get_agent_identities(ssh, &agent_fd, &idlist)) == 0) { + for (j = 0; j < idlist->nkeys; j++) { + if ((r = sshkey_check_rsa_length(idlist->keys[j], -+ options.rsa_min_size)) != 0) { ++ options.required_rsa_size)) != 0) { + debug_fr(r, "ignoring %s agent key", + sshkey_ssh_name(idlist->keys[j])); + continue; @@ -292,15 +298,15 @@ index 67f8e0309..d050c1656 100644 TAILQ_FOREACH(id, &files, next) { /* diff --git a/sshd.c b/sshd.c -index d26eb86ae..5f36905a1 100644 +index 17eee9d8..395ef493 100644 --- a/sshd.c +++ b/sshd.c -@@ -1746,6 +1746,13 @@ main(int ac, char **av) +@@ -1870,6 +1870,13 @@ main(int ac, char **av) fatal_r(r, "Could not demote key: \"%s\"", options.host_key_files[i]); } + if (pubkey != NULL && (r = sshkey_check_rsa_length(pubkey, -+ options.rsa_min_size)) != 0) { ++ options.required_rsa_size)) != 0) { + error_fr(r, "Host key %s", options.host_key_files[i]); + sshkey_free(pubkey); + sshkey_free(key); @@ -310,10 +316,10 @@ index d26eb86ae..5f36905a1 100644 sensitive_data.host_pubkeys[i] = pubkey; diff --git a/sshkey.c b/sshkey.c -index 47864e6d8..8bad6bd99 100644 +index ed2b5dff..77093235 100644 --- a/sshkey.c +++ b/sshkey.c -@@ -2319,18 +2319,24 @@ cert_parse(struct sshbuf *b, struct sshkey *key, struct sshbuf *certbuf) +@@ -2365,18 +2365,24 @@ cert_parse(struct sshbuf *b, struct sshkey *key, struct sshbuf *certbuf) return ret; } @@ -344,7 +350,7 @@ index 47864e6d8..8bad6bd99 100644 static int sshkey_from_blob_internal(struct sshbuf *b, struct sshkey **keyp, -@@ -2391,7 +2397,7 @@ sshkey_from_blob_internal(struct sshbuf *b, struct sshkey **keyp, +@@ -2439,7 +2445,7 @@ sshkey_from_blob_internal(struct sshbuf *b, struct sshkey **keyp, goto out; } rsa_n = rsa_e = NULL; /* transferred */ @@ -353,7 +359,7 @@ index 47864e6d8..8bad6bd99 100644 goto out; #ifdef DEBUG_PK RSA_print_fp(stderr, key->rsa, 8); -@@ -3580,7 +3586,7 @@ sshkey_private_deserialize(struct sshbuf *buf, struct sshkey **kp) +@@ -3642,7 +3648,7 @@ sshkey_private_deserialize(struct sshbuf *buf, struct sshkey **kp) goto out; } rsa_p = rsa_q = NULL; /* transferred */ @@ -362,7 +368,7 @@ index 47864e6d8..8bad6bd99 100644 goto out; if ((r = ssh_rsa_complete_crt_parameters(k, rsa_iqmp)) != 0) goto out; -@@ -4566,7 +4572,7 @@ sshkey_parse_private_pem_fileblob(struct sshbuf *blob, int type, +@@ -4644,7 +4650,7 @@ sshkey_parse_private_pem_fileblob(struct sshbuf *blob, int type, r = SSH_ERR_LIBCRYPTO_ERROR; goto out; } @@ -372,10 +378,10 @@ index 47864e6d8..8bad6bd99 100644 } else if (EVP_PKEY_base_id(pk) == EVP_PKEY_DSA && (type == KEY_UNSPEC || type == KEY_DSA)) { diff --git a/sshkey.h b/sshkey.h -index 125cadb64..52e879456 100644 +index 094815e0..be254e6b 100644 --- a/sshkey.h +++ b/sshkey.h -@@ -267,6 +267,7 @@ int sshkey_parse_private_fileblob_type(struct sshbuf *blob, int type, +@@ -273,6 +273,7 @@ int sshkey_parse_private_fileblob_type(struct sshbuf *blob, int type, int sshkey_parse_pubkey_from_private_fileblob_type(struct sshbuf *blob, int type, struct sshkey **pubkeyp); @@ -384,57 +390,57 @@ index 125cadb64..52e879456 100644 int ssh_rsa_complete_crt_parameters(struct sshkey *, const BIGNUM *); diff --git a/ssh.1 b/ssh.1 -index b4956aec..b1a40ebd 100644 +index b4956aec..e255b9b9 100644 --- a/ssh.1 +++ b/ssh.1 -@@ -554,6 +554,7 @@ For full details of the options listed below, and their possible values, see - .It LogLevel - .It MACs - .It Match -+.It RSAMinSize - .It NoHostAuthenticationForLocalhost - .It NumberOfPasswordPrompts - .It PasswordAuthentication +@@ -571,6 +571,7 @@ For full details of the options listed below, and their possible values, see + .It RemoteCommand + .It RemoteForward + .It RequestTTY ++.It RequiredRSASize + .It SendEnv + .It ServerAliveInterval + .It ServerAliveCountMax diff --git a/ssh_config.5 b/ssh_config.5 -index 24a46460..68771e4b 100644 +index 24a46460..d1ede18e 100644 --- a/ssh_config.5 +++ b/ssh_config.5 -@@ -1322,6 +1322,10 @@ The argument to this keyword must be - or - .Cm no - (the default). -+.It Cm RSAMinSize -+Provides a minimal bits requirement for RSA keys when used for signature and -+verification but not for the key generation. The default value is 1024 and -+can't be reduced. - .It Cm NumberOfPasswordPrompts - Specifies the number of password prompts before giving up. - The argument to this keyword must be an integer. +@@ -1634,6 +1634,17 @@ and + .Fl T + flags for + .Xr ssh 1 . ++.It Cm RequiredRSASize ++Specifies the minimum RSA key size (in bits) that ++.Xr ssh 1 ++will accept. ++User authentication keys smaller than this limit will be ignored. ++Servers that present host keys smaller than this limit will cause the ++connection to be terminated. ++The default is ++.Cm 1024 ++bits. ++Note that this limit may only be raised from the default. + .It Cm RevokedHostKeys + Specifies revoked host public keys. + Keys listed in this file will be refused for host authentication. diff --git a/sshd_config.5 b/sshd_config.5 -index 867a747d..e08811ca 100644 +index 867a747d..f5a06637 100644 --- a/sshd_config.5 +++ b/sshd_config.5 -@@ -1266,6 +1266,10 @@ will refuse connection attempts with a probability of rate/100 (30%) - if there are currently start (10) unauthenticated connections. - The probability increases linearly and all connection attempts - are refused if the number of unauthenticated connections reaches full (60). -+.It Cm RSAMinSize -+Provides a minimal bits requirement for RSA keys when used for signature and -+verification but not for the key generation. The default value is 1024 and -+can't be reduced. - .It Cm ModuliFile - Specifies the - .Xr moduli 5 -diff --git a/sshkey.h b/sshkey.h -index 094815e0..2bb8cb90 100644 ---- a/sshkey.h -+++ b/sshkey.h -@@ -286,6 +286,8 @@ int sshkey_private_serialize_maxsign(struct sshkey *key, - - void sshkey_sig_details_free(struct sshkey_sig_details *); - -+int ssh_set_rsa_min_bits(int minbits); -+ - #ifdef SSHKEY_INTERNAL - int ssh_rsa_sign(const struct sshkey *key, - u_char **sigp, size_t *lenp, const u_char *data, size_t datalen, +@@ -1596,6 +1596,16 @@ is + .Cm default none , + which means that rekeying is performed after the cipher's default amount + of data has been sent or received and no time based rekeying is done. ++.It Cm RequiredRSASize ++Specifies the minimum RSA key size (in bits) that ++.Xr sshd 8 ++will accept. ++User and host-based authentication keys smaller than this limit will be ++refused. ++The default is ++.Cm 1024 ++bits. ++Note that this limit may only be raised from the default. + .It Cm RevokedKeys + Specifies revoked public keys file, or + .Cm none diff --git a/openssh-8.7p1-ssh-manpage.patch b/openssh-8.7p1-ssh-manpage.patch index bd0bdb7..04e4c06 100644 --- a/openssh-8.7p1-ssh-manpage.patch +++ b/openssh-8.7p1-ssh-manpage.patch @@ -33,16 +33,16 @@ diff --color -ru a/ssh.1 b/ssh.1 +.It LogVerbose .It MACs .It Match - .It RSAMinSize + .It NoHostAuthenticationForLocalhost @@ -566,6 +571,8 @@ .It RemoteCommand .It RemoteForward .It RequestTTY +.It RevokedHostKeys +.It SecurityKeyProvider + .It RequiredRSASize .It SendEnv .It ServerAliveInterval - .It ServerAliveCountMax @@ -575,6 +582,7 @@ .It StreamLocalBindMask .It StreamLocalBindUnlink diff --git a/openssh-9.0p1-hpn-15.2-modified.patch b/openssh-9.0p1-hpn-15.2-modified.patch index 5700e43..24605cb 100644 --- a/openssh-9.0p1-hpn-15.2-modified.patch +++ b/openssh-9.0p1-hpn-15.2-modified.patch @@ -1683,8 +1683,8 @@ diff -Nur openssh-9.0p1.orig/readconf.c openssh-9.0p1/readconf.c { "stdinnull", oStdinNull }, { "forkafterauthentication", oForkAfterAuthentication }, @@ -337,6 +345,11 @@ - { "knownhostscommand", oKnownHostsCommand }, - { "rsaminsize", oRSAMinSize }, + { "requiredrsasize", oRequiredRSASize }, + { "rsaminsize", oRequiredRSASize }, /* alias */ + { "tcprcvbufpoll", oTcpRcvBufPoll }, + { "tcprcvbuf", oTcpRcvBuf }, From 06837d883b326eb5c42f43615bc54527db9e330b Mon Sep 17 00:00:00 2001 From: Mattias Ellert Date: Wed, 9 Nov 2022 13:47:29 +0100 Subject: [PATCH 09/44] Based on openssh-9.0p1-7.fc38 --- gsi-openssh.spec | 5 ++++- openssh-6.6p1-allow-ip-opts.patch | 11 +++++++---- 2 files changed, 11 insertions(+), 5 deletions(-) diff --git a/gsi-openssh.spec b/gsi-openssh.spec index 352c093..48a127a 100644 --- a/gsi-openssh.spec +++ b/gsi-openssh.spec @@ -24,7 +24,7 @@ %global libedit 1 %global openssh_ver 9.0p1 -%global openssh_rel 2 +%global openssh_rel 3 Summary: An implementation of the SSH protocol with GSI authentication Name: gsi-openssh @@ -541,6 +541,9 @@ perl -pi -e "s|$RPM_BUILD_ROOT||g" $RPM_BUILD_ROOT%{_mandir}/man*/* %attr(0644,root,root) %{_sysusersdir}/%{name}-server.conf %changelog +* Wed Nov 09 2022 Mattias Ellert - 9.0p1-3 +- Based on openssh-9.0p1-7.fc38 + * Tue Oct 04 2022 Mattias Ellert - 9.0p1-2 - Based on openssh-9.0p1-5.fc38 diff --git a/openssh-6.6p1-allow-ip-opts.patch b/openssh-6.6p1-allow-ip-opts.patch index 953d613..be8d340 100644 --- a/openssh-6.6p1-allow-ip-opts.patch +++ b/openssh-6.6p1-allow-ip-opts.patch @@ -1,7 +1,7 @@ diff -up openssh/sshd.c.ip-opts openssh/sshd.c --- openssh/sshd.c.ip-opts 2016-07-25 13:58:48.998507834 +0200 +++ openssh/sshd.c 2016-07-25 14:01:28.346469878 +0200 -@@ -1507,12 +1507,29 @@ check_ip_options(struct ssh *ssh) +@@ -1507,12 +1507,32 @@ check_ip_options(struct ssh *ssh) if (getsockopt(sock_in, IPPROTO_IP, IP_OPTIONS, opts, &option_size) >= 0 && option_size != 0) { @@ -21,11 +21,14 @@ diff -up openssh/sshd.c.ip-opts openssh/sshd.c + case 130: + case 133: + case 134: -+ i += opts[i + 1]; -+ break; ++ if (i + 1 < option_size && opts[i + 1] >= 2) { ++ i += opts[i + 1]; ++ break; ++ } ++ /* FALLTHROUGH */ + default: + /* Fail, fatally, if we detect either loose or strict -+ * source routing options. */ ++ * or incorrect source routing options. */ + text[0] = '\0'; + for (i = 0; i < option_size; i++) + snprintf(text + i*3, sizeof(text) - i*3, From 82ba7b5b8b4daf8b5c078c30aeb2bc57cdb88979 Mon Sep 17 00:00:00 2001 From: Mattias Ellert Date: Tue, 10 Jan 2023 20:54:37 +0100 Subject: [PATCH 10/44] Based on openssh-9.0p1-9.fc38 --- gsi-openssh.spec | 5 +- openssh-7.7p1-fips.patch | 98 ++++++++++++++++++++++++++++------------ 2 files changed, 73 insertions(+), 30 deletions(-) diff --git a/gsi-openssh.spec b/gsi-openssh.spec index 48a127a..78deb92 100644 --- a/gsi-openssh.spec +++ b/gsi-openssh.spec @@ -24,7 +24,7 @@ %global libedit 1 %global openssh_ver 9.0p1 -%global openssh_rel 3 +%global openssh_rel 4 Summary: An implementation of the SSH protocol with GSI authentication Name: gsi-openssh @@ -541,6 +541,9 @@ perl -pi -e "s|$RPM_BUILD_ROOT||g" $RPM_BUILD_ROOT%{_mandir}/man*/* %attr(0644,root,root) %{_sysusersdir}/%{name}-server.conf %changelog +* Tue Jan 10 2023 Mattias Ellert - 9.0p1-4 +- Based on openssh-9.0p1-9.fc38 + * Wed Nov 09 2022 Mattias Ellert - 9.0p1-3 - Based on openssh-9.0p1-7.fc38 diff --git a/openssh-7.7p1-fips.patch b/openssh-7.7p1-fips.patch index 62468ac..d1e44b0 100644 --- a/openssh-7.7p1-fips.patch +++ b/openssh-7.7p1-fips.patch @@ -1,6 +1,14 @@ diff -up openssh-8.6p1/dh.c.fips openssh-8.6p1/dh.c --- openssh-8.6p1/dh.c.fips 2021-04-16 05:55:25.000000000 +0200 -+++ openssh-8.6p1/dh.c 2021-04-19 16:58:47.750263410 +0200 ++++ openssh-8.6p1/dh.c 2021-05-06 12:12:10.107634472 +0200 +@@ -36,6 +36,7 @@ + + #include + #include ++#include + + #include "dh.h" + #include "pathnames.h" @@ -164,6 +164,12 @@ choose_dh(int min, int wantbits, int max int best, bestcount, which, linenum; struct dhgroup dhg; @@ -54,8 +62,8 @@ diff -up openssh-8.6p1/dh.c.fips openssh-8.6p1/dh.c + #endif /* WITH_OPENSSL */ diff -up openssh-8.6p1/dh.h.fips openssh-8.6p1/dh.h ---- openssh-8.6p1/dh.h.fips 2021-04-19 16:53:03.064577862 +0200 -+++ openssh-8.6p1/dh.h 2021-04-19 16:59:31.951616078 +0200 +--- openssh-8.6p1/dh.h.fips 2021-05-06 12:08:36.498926877 +0200 ++++ openssh-8.6p1/dh.h 2021-05-06 12:11:28.393298005 +0200 @@ -45,6 +45,7 @@ DH *dh_new_group_fallback(int); int dh_gen_key(DH *, int); @@ -65,8 +73,16 @@ diff -up openssh-8.6p1/dh.h.fips openssh-8.6p1/dh.h u_int dh_estimate(int); void dh_set_moduli_file(const char *); diff -up openssh-8.6p1/kex.c.fips openssh-8.6p1/kex.c ---- openssh-8.6p1/kex.c.fips 2021-04-19 16:53:03.058577815 +0200 -+++ openssh-8.6p1/kex.c 2021-04-19 16:53:03.065577869 +0200 +--- openssh-8.6p1/kex.c.fips 2021-05-06 12:08:36.489926807 +0200 ++++ openssh-8.6p1/kex.c 2021-05-06 12:08:36.498926877 +0200 +@@ -39,6 +39,7 @@ + + #ifdef WITH_OPENSSL + #include ++#include + #include + # ifdef HAVE_EVP_KDF_CTX_NEW_ID + # include @@ -203,7 +203,10 @@ kex_names_valid(const char *names) for ((p = strsep(&cp, ",")); p && *p != '\0'; (p = strsep(&cp, ","))) { @@ -81,12 +97,12 @@ diff -up openssh-8.6p1/kex.c.fips openssh-8.6p1/kex.c } diff -up openssh-8.6p1/kexgexc.c.fips openssh-8.6p1/kexgexc.c --- openssh-8.6p1/kexgexc.c.fips 2021-04-16 05:55:25.000000000 +0200 -+++ openssh-8.6p1/kexgexc.c 2021-04-19 16:53:03.065577869 +0200 ++++ openssh-8.6p1/kexgexc.c 2021-05-06 12:08:36.498926877 +0200 @@ -28,6 +28,7 @@ #ifdef WITH_OPENSSL -+#include ++#include #include #include @@ -152,8 +168,16 @@ diff -up openssh-8.6p1/myproposal.h.fips openssh-8.6p1/myproposal.h #define SSH_ALLOWED_CA_SIGALGS \ "ssh-ed25519," \ diff -up openssh-8.6p1/readconf.c.fips openssh-8.6p1/readconf.c ---- openssh-8.6p1/readconf.c.fips 2021-04-19 16:53:02.999577362 +0200 -+++ openssh-8.6p1/readconf.c 2021-04-19 16:53:03.065577869 +0200 +--- openssh-8.6p1/readconf.c.fips 2021-05-06 12:08:36.428926336 +0200 ++++ openssh-8.6p1/readconf.c 2021-05-06 12:08:36.499926885 +0200 +@@ -39,6 +39,7 @@ + #include + #include + #include ++#include + #ifdef USE_SYSTEM_GLOB + # include + #else @@ -2538,11 +2538,16 @@ fill_default_options(Options * options) all_key = sshkey_alg_list(0, 0, 1, ','); all_sig = sshkey_alg_list(0, 1, 1, ','); @@ -177,8 +201,8 @@ diff -up openssh-8.6p1/readconf.c.fips openssh-8.6p1/readconf.c do { \ if ((r = kex_assemble_names(&options->what, \ diff -up openssh-8.6p1/sandbox-seccomp-filter.c.fips openssh-8.6p1/sandbox-seccomp-filter.c ---- openssh-8.6p1/sandbox-seccomp-filter.c.fips 2021-04-19 16:53:03.034577631 +0200 -+++ openssh-8.6p1/sandbox-seccomp-filter.c 2021-04-19 16:53:03.065577869 +0200 +--- openssh-8.6p1/sandbox-seccomp-filter.c.fips 2021-05-06 12:08:36.463926606 +0200 ++++ openssh-8.6p1/sandbox-seccomp-filter.c 2021-05-06 12:08:36.499926885 +0200 @@ -160,6 +160,9 @@ static const struct sock_filter preauth_ #ifdef __NR_open SC_DENY(__NR_open, EACCES), @@ -190,8 +214,16 @@ diff -up openssh-8.6p1/sandbox-seccomp-filter.c.fips openssh-8.6p1/sandbox-secco SC_DENY(__NR_openat, EACCES), #endif diff -up openssh-8.6p1/servconf.c.fips openssh-8.6p1/servconf.c ---- openssh-8.6p1/servconf.c.fips 2021-04-19 16:53:03.027577577 +0200 -+++ openssh-8.6p1/servconf.c 2021-04-19 16:53:03.066577877 +0200 +--- openssh-8.6p1/servconf.c.fips 2021-05-06 12:08:36.455926545 +0200 ++++ openssh-8.6p1/servconf.c 2021-05-06 12:08:36.500926893 +0200 +@@ -38,6 +38,7 @@ + #include + #include + #include ++#include + #ifdef HAVE_UTIL_H + #include + #endif @@ -226,11 +226,16 @@ assemble_algorithms(ServerOptions *o) all_key = sshkey_alg_list(0, 0, 1, ','); all_sig = sshkey_alg_list(0, 1, 1, ','); @@ -215,13 +247,13 @@ diff -up openssh-8.6p1/servconf.c.fips openssh-8.6p1/servconf.c do { \ if ((r = kex_assemble_names(&o->what, defaults, all)) != 0) \ diff -up openssh-8.6p1/ssh.c.fips openssh-8.6p1/ssh.c ---- openssh-8.6p1/ssh.c.fips 2021-04-19 16:53:03.038577662 +0200 -+++ openssh-8.6p1/ssh.c 2021-04-19 16:53:03.066577877 +0200 +--- openssh-8.6p1/ssh.c.fips 2021-05-06 12:08:36.467926637 +0200 ++++ openssh-8.6p1/ssh.c 2021-05-06 12:08:36.500926893 +0200 @@ -77,6 +77,7 @@ #include #include #endif -+#include ++#include #include "openbsd-compat/openssl-compat.h" #include "openbsd-compat/sys-queue.h" @@ -237,13 +269,13 @@ diff -up openssh-8.6p1/ssh.c.fips openssh-8.6p1/ssh.c if (options.sk_provider != NULL && *options.sk_provider == '$' && strlen(options.sk_provider) > 1) { diff -up openssh-8.6p1/sshconnect2.c.fips openssh-8.6p1/sshconnect2.c ---- openssh-8.6p1/sshconnect2.c.fips 2021-04-19 16:53:03.055577792 +0200 -+++ openssh-8.6p1/sshconnect2.c 2021-04-19 16:53:03.066577877 +0200 +--- openssh-8.6p1/sshconnect2.c.fips 2021-05-06 12:08:36.485926777 +0200 ++++ openssh-8.6p1/sshconnect2.c 2021-05-06 12:08:36.501926900 +0200 @@ -45,6 +45,8 @@ #include #endif -+#include ++#include + #include "openbsd-compat/sys-queue.h" @@ -318,8 +350,8 @@ diff -up openssh-8.6p1/sshconnect2.c.fips openssh-8.6p1/sshconnect2.c } #endif diff -up openssh-8.6p1/sshd.c.fips openssh-8.6p1/sshd.c ---- openssh-8.6p1/sshd.c.fips 2021-04-19 16:53:03.060577831 +0200 -+++ openssh-8.6p1/sshd.c 2021-04-19 16:57:45.827769340 +0200 +--- openssh-8.6p1/sshd.c.fips 2021-05-06 12:08:36.493926838 +0200 ++++ openssh-8.6p1/sshd.c 2021-05-06 12:13:56.501492639 +0200 @@ -66,6 +66,7 @@ #endif #include @@ -332,7 +364,7 @@ diff -up openssh-8.6p1/sshd.c.fips openssh-8.6p1/sshd.c #include #include #include -+#include ++#include #include "openbsd-compat/openssl-compat.h" #endif @@ -389,13 +421,13 @@ diff -up openssh-8.6p1/sshd.c.fips openssh-8.6p1/sshd.c if (gss && orig) xasprintf(&newstr, "%s,%s", gss, orig); diff -up openssh-8.6p1/sshkey.c.fips openssh-8.6p1/sshkey.c ---- openssh-8.6p1/sshkey.c.fips 2021-04-19 16:53:03.061577838 +0200 -+++ openssh-8.6p1/sshkey.c 2021-04-19 16:53:03.067577885 +0200 +--- openssh-8.6p1/sshkey.c.fips 2021-05-06 12:08:36.493926838 +0200 ++++ openssh-8.6p1/sshkey.c 2021-05-06 12:08:36.502926908 +0200 @@ -34,6 +34,7 @@ #include #include #include -+#include ++#include #endif #include "crypto_api.h" @@ -480,8 +512,16 @@ diff -up openssh-8.6p1/sshkey.c.fips openssh-8.6p1/sshkey.c compat, detailsp); #ifdef WITH_XMSS diff -up openssh-8.6p1/ssh-keygen.c.fips openssh-8.6p1/ssh-keygen.c ---- openssh-8.6p1/ssh-keygen.c.fips 2021-04-19 16:53:03.038577662 +0200 -+++ openssh-8.6p1/ssh-keygen.c 2021-04-19 16:53:03.068577892 +0200 +--- openssh-8.6p1/ssh-keygen.c.fips 2021-05-06 12:08:36.467926637 +0200 ++++ openssh-8.6p1/ssh-keygen.c 2021-05-06 12:08:36.503926916 +0200 +@@ -20,6 +20,7 @@ + + #ifdef WITH_OPENSSL + #include ++#include + #include + #include "openbsd-compat/openssl-compat.h" + #endif @@ -205,6 +205,12 @@ type_bits_valid(int type, const char *na #endif } @@ -521,7 +561,7 @@ diff -up openssh-8.7p1/kexgen.c.fips3 openssh-8.7p1/kexgen.c #include #include #include -+#include ++#include #include "sshkey.h" #include "kex.h" @@ -607,7 +647,7 @@ diff -up openssh-8.7p1/ssh-ed25519.c.fips3 openssh-8.7p1/ssh-ed25519.c #include #include -+#include ++#include #include "log.h" #include "sshbuf.h" From 4e50d957c8363fc387ca938fe82a3f04872ef2ac Mon Sep 17 00:00:00 2001 From: Fedora Release Engineering Date: Thu, 19 Jan 2023 11:37:02 +0000 Subject: [PATCH 11/44] Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild Signed-off-by: Fedora Release Engineering --- gsi-openssh.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/gsi-openssh.spec b/gsi-openssh.spec index 78deb92..9ffbe1b 100644 --- a/gsi-openssh.spec +++ b/gsi-openssh.spec @@ -29,7 +29,7 @@ Summary: An implementation of the SSH protocol with GSI authentication Name: gsi-openssh Version: %{openssh_ver} -Release: %{openssh_rel}%{?dist} +Release: %{openssh_rel}%{?dist}.1 Provides: gsissh = %{version}-%{release} Obsoletes: gsissh < 5.8p2-2 URL: http://www.openssh.com/portable.html @@ -541,6 +541,9 @@ perl -pi -e "s|$RPM_BUILD_ROOT||g" $RPM_BUILD_ROOT%{_mandir}/man*/* %attr(0644,root,root) %{_sysusersdir}/%{name}-server.conf %changelog +* Thu Jan 19 2023 Fedora Release Engineering - 9.0p1-4.1 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild + * Tue Jan 10 2023 Mattias Ellert - 9.0p1-4 - Based on openssh-9.0p1-9.fc38 From f21cbd932cde97351e5fea832caf6b93c2451567 Mon Sep 17 00:00:00 2001 From: Mattias Ellert Date: Sun, 12 Mar 2023 04:47:25 +0100 Subject: [PATCH 12/44] Based on openssh-9.0p1-12.fc38 --- gsi-openssh-systemd-sysusers.conf | 2 -- gsi-openssh.spec | 28 +++++++++++++----------- gsissh-host-keys-migration.sh | 36 +++++++++++++++++++++++++++++++ gsisshd-keygen | 3 +-- openssh-6.6p1-keyperm.patch | 31 -------------------------- 5 files changed, 53 insertions(+), 47 deletions(-) delete mode 100644 gsi-openssh-systemd-sysusers.conf create mode 100644 gsissh-host-keys-migration.sh delete mode 100644 openssh-6.6p1-keyperm.patch diff --git a/gsi-openssh-systemd-sysusers.conf b/gsi-openssh-systemd-sysusers.conf deleted file mode 100644 index 1192c0b..0000000 --- a/gsi-openssh-systemd-sysusers.conf +++ /dev/null @@ -1,2 +0,0 @@ -#Type Name ID -g ssh_keys 101 diff --git a/gsi-openssh.spec b/gsi-openssh.spec index 9ffbe1b..9e37b19 100644 --- a/gsi-openssh.spec +++ b/gsi-openssh.spec @@ -24,12 +24,12 @@ %global libedit 1 %global openssh_ver 9.0p1 -%global openssh_rel 4 +%global openssh_rel 5 Summary: An implementation of the SSH protocol with GSI authentication Name: gsi-openssh Version: %{openssh_ver} -Release: %{openssh_rel}%{?dist}.1 +Release: %{openssh_rel}%{?dist} Provides: gsissh = %{version}-%{release} Obsoletes: gsissh < 5.8p2-2 URL: http://www.openssh.com/portable.html @@ -44,8 +44,8 @@ Source11: gsisshd.service Source12: gsisshd-keygen@.service Source13: gsisshd-keygen Source15: gsisshd-keygen.target -Source18: %{name}-systemd-sysusers.conf Source19: %{name}-server-systemd-sysusers.conf +Source20: gsissh-host-keys-migration.sh Source99: README.sshd-and-gsisshd #https://bugzilla.mindrot.org/show_bug.cgi?id=2581 @@ -67,8 +67,6 @@ Patch502: openssh-6.6p1-keycat.patch #https://bugzilla.mindrot.org/show_bug.cgi?id=1644 Patch601: openssh-6.6p1-allow-ip-opts.patch -#https://bugzilla.mindrot.org/show_bug.cgi?id=1893 (WONTFIX) -Patch604: openssh-6.6p1-keyperm.patch #(drop?) https://bugzilla.mindrot.org/show_bug.cgi?id=1925 Patch606: openssh-5.9p1-ipv6man.patch #? @@ -294,7 +292,6 @@ gpgv2 --quiet --keyring %{SOURCE3} %{SOURCE1} %{SOURCE0} %patch502 -p1 -b .keycat %patch601 -p1 -b .ip-opts -%patch604 -p1 -b .keyperm %patch606 -p1 -b .ipv6man %patch607 -p1 -b .sigpipe %patch609 -p1 -b .x11 @@ -457,8 +454,10 @@ install -m644 %{SOURCE12} $RPM_BUILD_ROOT/%{_unitdir}/gsisshd-keygen@.service install -m644 %{SOURCE15} $RPM_BUILD_ROOT/%{_unitdir}/gsisshd-keygen.target install -m755 %{SOURCE13} $RPM_BUILD_ROOT/%{_libexecdir}/gsissh/sshd-keygen install -d -m711 ${RPM_BUILD_ROOT}/%{_datadir}/empty.sshd -install -p -D -m 0644 %{SOURCE18} $RPM_BUILD_ROOT%{_sysusersdir}/%{name}.conf install -p -D -m 0644 %{SOURCE19} $RPM_BUILD_ROOT%{_sysusersdir}/%{name}-server.conf +# Migration script for Fedora 38 change to remove group ownership for standard host keys +# See https://fedoraproject.org/wiki/Changes/SSHKeySignSuidBit +install -m744 %{SOURCE20} $RPM_BUILD_ROOT/%{_libexecdir}/gsissh/ssh-host-keys-migration.sh rm $RPM_BUILD_ROOT%{_bindir}/ssh-add rm $RPM_BUILD_ROOT%{_bindir}/ssh-agent @@ -480,13 +479,15 @@ done perl -pi -e "s|$RPM_BUILD_ROOT||g" $RPM_BUILD_ROOT%{_mandir}/man*/* -%pre -%sysusers_create_compat %{SOURCE18} - %pre server %sysusers_create_compat %{SOURCE19} %post server +if [ $1 -gt 1 ]; then + # In the case of an upgrade run the migration + # script for Fedora 38 to remove group ownership for host keys. + %{_libexecdir}/gsissh/ssh-host-keys-migration.sh +fi %systemd_post gsisshd.service gsisshd.socket %preun server @@ -503,9 +504,8 @@ perl -pi -e "s|$RPM_BUILD_ROOT||g" $RPM_BUILD_ROOT%{_mandir}/man*/* %attr(0755,root,root) %{_bindir}/gsissh-keygen %attr(0644,root,root) %{_mandir}/man1/gsissh-keygen.1* %attr(0755,root,root) %dir %{_libexecdir}/gsissh -%attr(2755,root,ssh_keys) %{_libexecdir}/gsissh/ssh-keysign +%attr(4755,root,root) %{_libexecdir}/gsissh/ssh-keysign %attr(0644,root,root) %{_mandir}/man8/gsissh-keysign.8* -%attr(0644,root,root) %{_sysusersdir}/%{name}.conf %files clients %attr(0755,root,root) %{_bindir}/gsissh @@ -539,8 +539,12 @@ perl -pi -e "s|$RPM_BUILD_ROOT||g" $RPM_BUILD_ROOT%{_mandir}/man*/* %attr(0644,root,root) %{_unitdir}/gsisshd-keygen@.service %attr(0644,root,root) %{_unitdir}/gsisshd-keygen.target %attr(0644,root,root) %{_sysusersdir}/%{name}-server.conf +%attr(0744,root,root) %{_libexecdir}/gsissh/ssh-host-keys-migration.sh %changelog +* Sat Mar 11 2023 Mattias Ellert - 9.0p1-5 +- Based on openssh-9.0p1-12.fc38 + * Thu Jan 19 2023 Fedora Release Engineering - 9.0p1-4.1 - Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild diff --git a/gsissh-host-keys-migration.sh b/gsissh-host-keys-migration.sh new file mode 100644 index 0000000..775cf39 --- /dev/null +++ b/gsissh-host-keys-migration.sh @@ -0,0 +1,36 @@ +#!/usr/bin/bash +set -eu -o pipefail +# Detect existing non-conforming host keys and perform the permissions migration +# https://fedoraproject.org/wiki/Changes/SSHKeySignSuidBit +# +# Example output looks like: +# @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ +# @ WARNING: UNPROTECTED PRIVATE KEY FILE! @ +# @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ +# Permissions 0640 for '/etc/ssh/ssh_host_rsa_key' are too open. +# It is required that your private key files are NOT accessible by others. +# This private key will be ignored. +# @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ +# @ WARNING: UNPROTECTED PRIVATE KEY FILE! @ +# @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ +# Permissions 0640 for '/etc/ssh/ssh_host_ecdsa_key' are too open. +# It is required that your private key files are NOT accessible by others. +# This private key will be ignored. +# @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ +# @ WARNING: UNPROTECTED PRIVATE KEY FILE! @ +# @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ +# Permissions 0640 for '/etc/ssh/ssh_host_ed25519_key' are too open. +# It is required that your private key files are NOT accessible by others. +# This private key will be ignored. +# gsisshd: no hostkeys available -- exiting. +# +output="$(gsisshd -T 2>&1 || true)" # expected to fail +while read line; do + if [[ $line =~ ^Permissions\ [0-9]+\ for\ \'(.*)\'\ are\ too\ open. ]]; then + keyfile=${BASH_REMATCH[1]} + echo $line + echo -e "\t-> changing permissions on $keyfile" + chmod --verbose g-r $keyfile + chown --verbose root:root $keyfile + fi +done <<< "$output" diff --git a/gsisshd-keygen b/gsisshd-keygen index af0a740..772550e 100644 --- a/gsisshd-keygen +++ b/gsisshd-keygen @@ -30,8 +30,7 @@ if ! $KEYGEN -q -t $KEYTYPE -f $KEY -C '' -N '' >&/dev/null; then fi # sanitize permissions -/usr/bin/chgrp ssh_keys $KEY -/usr/bin/chmod 640 $KEY +/usr/bin/chmod 600 $KEY /usr/bin/chmod 644 $KEY.pub if [[ -x /usr/sbin/restorecon ]]; then /usr/sbin/restorecon $KEY{,.pub} diff --git a/openssh-6.6p1-keyperm.patch b/openssh-6.6p1-keyperm.patch deleted file mode 100644 index 5e06940..0000000 --- a/openssh-6.6p1-keyperm.patch +++ /dev/null @@ -1,31 +0,0 @@ -diff -up openssh-8.2p1/authfile.c.keyperm openssh-8.2p1/authfile.c ---- openssh-8.2p1/authfile.c.keyperm 2020-02-14 01:40:54.000000000 +0100 -+++ openssh-8.2p1/authfile.c 2020-02-17 11:55:12.841729758 +0100 -@@ -31,6 +31,7 @@ - - #include - #include -+#include - #include - #include - #include -@@ -101,7 +102,19 @@ sshkey_perm_ok(int fd, const char *filen - #ifdef HAVE_CYGWIN - if (check_ntsec(filename)) - #endif -+ - if ((st.st_uid == getuid()) && (st.st_mode & 077) != 0) { -+ if (st.st_mode & 040) { -+ struct group *gr; -+ -+ if ((gr = getgrnam("ssh_keys")) && (st.st_gid == gr->gr_gid)) { -+ /* The only additional bit is read -+ * for ssh_keys group, which is fine */ -+ if ((st.st_mode & 077) == 040 ) { -+ return 0; -+ } -+ } -+ } - error("@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@"); - error("@ WARNING: UNPROTECTED PRIVATE KEY FILE! @"); - error("@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@"); From b6fce45c3ea8ecb69a130a9c8dc93094c929065b Mon Sep 17 00:00:00 2001 From: Florian Weimer Date: Wed, 12 Apr 2023 13:22:12 +0200 Subject: [PATCH 13/44] C99 compatibility fixes Apply patches from the upstream portable OpenSSH project to fix C99 compatibility issues in the configure script. Related to: --- gsi-openssh.spec | 11 +++++++- openssh-configure-c99-1.patch | 26 +++++++++++++++++++ openssh-configure-c99-2.patch | 47 +++++++++++++++++++++++++++++++++++ openssh-configure-c99-3.patch | 41 ++++++++++++++++++++++++++++++ 4 files changed, 124 insertions(+), 1 deletion(-) create mode 100644 openssh-configure-c99-1.patch create mode 100644 openssh-configure-c99-2.patch create mode 100644 openssh-configure-c99-3.patch diff --git a/gsi-openssh.spec b/gsi-openssh.spec index 9e37b19..a93d8ba 100644 --- a/gsi-openssh.spec +++ b/gsi-openssh.spec @@ -29,7 +29,7 @@ Summary: An implementation of the SSH protocol with GSI authentication Name: gsi-openssh Version: %{openssh_ver} -Release: %{openssh_rel}%{?dist} +Release: %{openssh_rel}%{?dist}.1 Provides: gsissh = %{version}-%{release} Obsoletes: gsissh < 5.8p2-2 URL: http://www.openssh.com/portable.html @@ -182,6 +182,9 @@ Patch1004: openssh-8.7p1-gssapi-auth.patch # upstream MR: # https://github.com/openssh/openssh-portable/pull/323 Patch1006: openssh-8.7p1-negotiate-supported-algs.patch +Patch1007: openssh-configure-c99-1.patch +Patch1008: openssh-configure-c99-2.patch +Patch1009: openssh-configure-c99-3.patch # Fix issue with read-only ssh buffer during gssapi key exchange (#1938224) # https://github.com/openssh-gsskex/openssh-gsskex/pull/19 @@ -344,6 +347,9 @@ gpgv2 --quiet --keyring %{SOURCE3} %{SOURCE1} %{SOURCE0} %patch1003 -p1 -b .mem-leak %patch1004 -p1 -b .gssapi-auth %patch1006 -p1 -b .negotiate-supported-algs +%patch1007 -p1 -b .configure-c99-1 +%patch1008 -p1 -b .configure-c99-2 +%patch1009 -p1 -b .configure-c99-3 %patch100 -p1 -b .coverity @@ -542,6 +548,9 @@ fi %attr(0744,root,root) %{_libexecdir}/gsissh/ssh-host-keys-migration.sh %changelog +* Wed Apr 12 2023 Florian Weimer - 9.0p1-5.1 +- C99 compatiblity fixes + * Sat Mar 11 2023 Mattias Ellert - 9.0p1-5 - Based on openssh-9.0p1-12.fc38 diff --git a/openssh-configure-c99-1.patch b/openssh-configure-c99-1.patch new file mode 100644 index 0000000..a2c69aa --- /dev/null +++ b/openssh-configure-c99-1.patch @@ -0,0 +1,26 @@ +commit 40b0a5eb6e3edfa2886b60c09c7803353b0cc7f5 +Author: Sam James +Date: Sun Nov 6 04:47:35 2022 +0000 + + configure.ac: Add include for openpty + + Another Clang 16ish fix (which makes -Wimplicit-function-declaration + an error by default). github PR#355. + + See: 2efd71da49b9cfeab7987058cf5919e473ff466b + See: be197635329feb839865fdc738e34e24afd1fca8 + +diff --git a/configure.ac b/configure.ac +index 1e77ecfc..1866aea5 100644 +--- a/configure.ac ++++ b/configure.ac +@@ -2373,6 +2373,9 @@ if test ! -z "$check_for_openpty_ctty_bug"; then + #include + #include + #include ++#ifdef HAVE_PTY_H ++# include ++#endif + #include + #include + #include diff --git a/openssh-configure-c99-2.patch b/openssh-configure-c99-2.patch new file mode 100644 index 0000000..693e64f --- /dev/null +++ b/openssh-configure-c99-2.patch @@ -0,0 +1,47 @@ +commit 32fddb982fd61b11a2f218a115975a87ab126d43 +Author: Darren Tucker +Date: Mon Nov 7 10:39:01 2022 +1100 + + Fix setres*id checks to work with clang-16. + + glibc has the prototypes for setresuid and setresgid behind _GNU_SOURCE, + and clang 16 will error out on implicit function definitions, so add + _GNU_SOURCE and the required headers to the configure checks. From + sam at @gentoo.org via bz#3497. + +diff --git a/configure.ac b/configure.ac +index 4bf758ac..e172540a 100644 +--- a/configure.ac ++++ b/configure.ac +@@ -863,7 +863,8 @@ int main(void) { if (NSVersionOfRunTimeLibrary("System") >= (60 << 16)) + check_for_openpty_ctty_bug=1 + dnl Target SUSv3/POSIX.1-2001 plus BSD specifics. + dnl _DEFAULT_SOURCE is the new name for _BSD_SOURCE +- CPPFLAGS="$CPPFLAGS -D_XOPEN_SOURCE=600 -D_BSD_SOURCE -D_DEFAULT_SOURCE" ++ dnl _GNU_SOURCE is needed for setres*id prototypes. ++ CPPFLAGS="$CPPFLAGS -D_XOPEN_SOURCE=600 -D_BSD_SOURCE -D_DEFAULT_SOURCE -D_GNU_SOURCE" + AC_DEFINE([BROKEN_CLOSEFROM], [1], [broken in chroots on older kernels]) + AC_DEFINE([PAM_TTY_KLUDGE], [1], + [Work around problematic Linux PAM modules handling of PAM_TTY]) +@@ -2168,8 +2169,9 @@ AC_CHECK_FUNCS([setresuid], [ + AC_MSG_CHECKING([if setresuid seems to work]) + AC_RUN_IFELSE( + [AC_LANG_PROGRAM([[ +-#include + #include ++#include ++#include + ]], [[ + errno=0; + setresuid(0,0,0); +@@ -2191,8 +2193,9 @@ AC_CHECK_FUNCS([setresgid], [ + AC_MSG_CHECKING([if setresgid seems to work]) + AC_RUN_IFELSE( + [AC_LANG_PROGRAM([[ +-#include + #include ++#include ++#include + ]], [[ + errno=0; + setresgid(0,0,0); diff --git a/openssh-configure-c99-3.patch b/openssh-configure-c99-3.patch new file mode 100644 index 0000000..48ab14a --- /dev/null +++ b/openssh-configure-c99-3.patch @@ -0,0 +1,41 @@ +commit 5eb796a369c64f18d55a6ae9b1fa9b35eea237fb +Author: Harmen Stoppels +Date: Thu Oct 13 16:08:46 2022 +0200 + + Fix snprintf configure test for clang 15 + + Clang 15 -Wimplicit-int defaults to an error in C99 mode and above. + A handful of tests have "main(..." and not "int main(..." which caused + the tests to produce incorrect results. + +diff --git a/configure.ac b/configure.ac +index de60a1b1..165c49de 100644 +--- a/configure.ac ++++ b/configure.ac +@@ -713,7 +713,7 @@ case "$host" in + AC_RUN_IFELSE([AC_LANG_SOURCE([[ + #include + #include +-main() { if (NSVersionOfRunTimeLibrary("System") >= (60 << 16)) ++int main() { if (NSVersionOfRunTimeLibrary("System") >= (60 << 16)) + exit(0); + else + exit(1); +@@ -4259,7 +4259,7 @@ dnl test snprintf (broken on SCO w/gcc) + #include + #include + #ifdef HAVE_SNPRINTF +-main() ++int main() + { + char buf[50]; + char expected_out[50]; +@@ -4276,7 +4276,7 @@ main() + exit(0); + } + #else +-main() { exit(0); } ++int main() { exit(0); } + #endif + ]])], [ true ], [ AC_DEFINE([BROKEN_SNPRINTF]) ], + AC_MSG_WARN([cross compiling: Assuming working snprintf()]) From 1b534648ec2e097cbc7ed90dba5e596bd7434fda Mon Sep 17 00:00:00 2001 From: Mattias Ellert Date: Sun, 16 Apr 2023 05:19:44 +0200 Subject: [PATCH 14/44] Based on openssh-9.0p1-17.fc39 --- gsi-openssh.spec | 22 +- openssh-6.7p1-coverity.patch | 30 -- openssh-8.7p1-CVE-2023-25136.patch | 38 +++ openssh-8.7p1-nohostsha1proof.patch | 426 +++++++++++++++++++++++ openssh-9.0p1-audit-log.patch | 119 +++++++ openssh-9.0p1-evp-fips-dh.patch | 266 +++++++++++++++ openssh-9.0p1-evp-fips-ecdh.patch | 207 ++++++++++++ openssh-9.0p1-evp-fips-sign.patch | 468 ++++++++++++++++++++++++++ openssh-9.0p1-hpn-15.2-modified.patch | 4 +- 9 files changed, 1546 insertions(+), 34 deletions(-) create mode 100644 openssh-8.7p1-CVE-2023-25136.patch create mode 100644 openssh-8.7p1-nohostsha1proof.patch create mode 100644 openssh-9.0p1-audit-log.patch create mode 100644 openssh-9.0p1-evp-fips-dh.patch create mode 100644 openssh-9.0p1-evp-fips-ecdh.patch create mode 100644 openssh-9.0p1-evp-fips-sign.patch diff --git a/gsi-openssh.spec b/gsi-openssh.spec index a93d8ba..7f17562 100644 --- a/gsi-openssh.spec +++ b/gsi-openssh.spec @@ -24,12 +24,12 @@ %global libedit 1 %global openssh_ver 9.0p1 -%global openssh_rel 5 +%global openssh_rel 6 Summary: An implementation of the SSH protocol with GSI authentication Name: gsi-openssh Version: %{openssh_ver} -Release: %{openssh_rel}%{?dist}.1 +Release: %{openssh_rel}%{?dist} Provides: gsissh = %{version}-%{release} Obsoletes: gsissh < 5.8p2-2 URL: http://www.openssh.com/portable.html @@ -57,6 +57,8 @@ Patch100: openssh-6.7p1-coverity.patch Patch200: openssh-7.6p1-audit.patch # Audit race condition in forked child (#1310684) Patch201: openssh-7.1p2-audit-race-condition.patch +# https://bugzilla.redhat.com/show_bug.cgi?id=2049947 +Patch202: openssh-9.0p1-audit-log.patch #https://bugzilla.mindrot.org/show_bug.cgi?id=1641 (WONTFIX) Patch400: openssh-7.8p1-role-mls.patch @@ -186,6 +188,13 @@ Patch1007: openssh-configure-c99-1.patch Patch1008: openssh-configure-c99-2.patch Patch1009: openssh-configure-c99-3.patch +Patch1010: openssh-8.7p1-CVE-2023-25136.patch + +Patch1011: openssh-9.0p1-evp-fips-sign.patch +Patch1012: openssh-9.0p1-evp-fips-dh.patch +Patch1013: openssh-9.0p1-evp-fips-ecdh.patch +Patch1014: openssh-8.7p1-nohostsha1proof.patch + # Fix issue with read-only ssh buffer during gssapi key exchange (#1938224) # https://github.com/openssh-gsskex/openssh-gsskex/pull/19 Patch97: openssh-8.0p1-sshbuf-readonly.patch @@ -340,6 +349,7 @@ gpgv2 --quiet --keyring %{SOURCE3} %{SOURCE1} %{SOURCE0} %patch200 -p1 -b .audit %patch201 -p1 -b .audit-race +%patch202 -p1 -b .audit-log %patch700 -p1 -b .fips %patch1001 -p1 -b .scp-clears-file @@ -350,6 +360,11 @@ gpgv2 --quiet --keyring %{SOURCE3} %{SOURCE1} %{SOURCE0} %patch1007 -p1 -b .configure-c99-1 %patch1008 -p1 -b .configure-c99-2 %patch1009 -p1 -b .configure-c99-3 +%patch1010 -p1 -b .cve-2023-25136 +%patch1011 -p1 -b .evp-fips-sign +%patch1012 -p1 -b .evp-fips-dh +%patch1013 -p1 -b .evp-fips-ecdh +%patch1014 -p1 -b .nosha1hostproof %patch100 -p1 -b .coverity @@ -548,6 +563,9 @@ fi %attr(0744,root,root) %{_libexecdir}/gsissh/ssh-host-keys-migration.sh %changelog +* Sun Apr 16 2023 Mattias Ellert - 9.0p1-6 +- Based on openssh-9.0p1-17.fc39 + * Wed Apr 12 2023 Florian Weimer - 9.0p1-5.1 - C99 compatiblity fixes diff --git a/openssh-6.7p1-coverity.patch b/openssh-6.7p1-coverity.patch index 1923ac8..08d6b99 100644 --- a/openssh-6.7p1-coverity.patch +++ b/openssh-6.7p1-coverity.patch @@ -28,36 +28,6 @@ diff -up openssh-8.5p1/auth-options.c.coverity openssh-8.5p1/auth-options.c return 0; } -diff -up openssh-7.4p1/channels.c.coverity openssh-7.4p1/channels.c ---- openssh-7.4p1/channels.c.coverity 2016-12-23 16:40:26.881788686 +0100 -+++ openssh-7.4p1/channels.c 2016-12-23 16:42:36.244818763 +0100 -@@ -3804,7 +3804,7 @@ int - channel_request_remote_forwarding(struct ssh *ssh, struct Forward *fwd) - { - int r, success = 0, idx = -1; -- char *host_to_connect, *listen_host, *listen_path; -+ char *host_to_connect = NULL, *listen_host = NULL, *listen_path = NULL; - int port_to_connect, listen_port; - - /* Send the forward request to the remote side. */ -@@ -3832,7 +3832,6 @@ channel_request_remote_forwarding(struct - success = 1; - if (success) { - /* Record that connection to this host/port is permitted. */ -- host_to_connect = listen_host = listen_path = NULL; - port_to_connect = listen_port = 0; - if (fwd->connect_path != NULL) { - host_to_connect = xstrdup(fwd->connect_path); -@@ -3853,6 +3852,9 @@ channel_request_remote_forwarding(struct - host_to_connect, port_to_connect, - listen_host, listen_path, listen_port, NULL); - } -+ free(host_to_connect); -+ free(listen_host); -+ free(listen_path); - return idx; - } - diff -up openssh-8.5p1/dns.c.coverity openssh-8.5p1/dns.c --- openssh-8.5p1/dns.c.coverity 2021-03-02 11:31:47.000000000 +0100 +++ openssh-8.5p1/dns.c 2021-03-24 12:03:33.783968166 +0100 diff --git a/openssh-8.7p1-CVE-2023-25136.patch b/openssh-8.7p1-CVE-2023-25136.patch new file mode 100644 index 0000000..ca661ee --- /dev/null +++ b/openssh-8.7p1-CVE-2023-25136.patch @@ -0,0 +1,38 @@ +diff --git a/compat.c b/compat.c +index 46dfe3a9c2e..478a9403eea 100644 +--- a/compat.c ++++ b/compat.c +@@ -190,26 +190,26 @@ compat_pkalg_proposal(struct ssh *ssh, char *pkalg_prop) + char * + compat_kex_proposal(struct ssh *ssh, char *p) + { +- char *cp = NULL; ++ char *cp = NULL, *cp2 = NULL; + + if ((ssh->compat & (SSH_BUG_CURVE25519PAD|SSH_OLD_DHGEX)) == 0) + return xstrdup(p); + debug2_f("original KEX proposal: %s", p); + if ((ssh->compat & SSH_BUG_CURVE25519PAD) != 0) +- if ((p = match_filter_denylist(p, ++ if ((cp = match_filter_denylist(p, + "curve25519-sha256@libssh.org")) == NULL) + fatal("match_filter_denylist failed"); + if ((ssh->compat & SSH_OLD_DHGEX) != 0) { +- cp = p; +- if ((p = match_filter_denylist(p, ++ if ((cp2 = match_filter_denylist(cp ? cp : p, + "diffie-hellman-group-exchange-sha256," + "diffie-hellman-group-exchange-sha1")) == NULL) + fatal("match_filter_denylist failed"); + free(cp); ++ cp = cp2; + } +- debug2_f("compat KEX proposal: %s", p); +- if (*p == '\0') ++ if (cp == NULL || *cp == '\0') + fatal("No supported key exchange algorithms found"); +- return p; ++ debug2_f("compat KEX proposal: %s", cp); ++ return cp; + } + diff --git a/openssh-8.7p1-nohostsha1proof.patch b/openssh-8.7p1-nohostsha1proof.patch new file mode 100644 index 0000000..ab51204 --- /dev/null +++ b/openssh-8.7p1-nohostsha1proof.patch @@ -0,0 +1,426 @@ +diff -up openssh-8.7p1/compat.c.sshrsacheck openssh-8.7p1/compat.c +--- openssh-8.7p1/compat.c.sshrsacheck 2023-01-12 13:29:06.338710923 +0100 ++++ openssh-8.7p1/compat.c 2023-01-12 13:29:06.357711165 +0100 +@@ -43,6 +43,7 @@ void + compat_banner(struct ssh *ssh, const char *version) + { + int i; ++ int forbid_ssh_rsa = 0; + static struct { + char *pat; + int bugs; +@@ -145,16 +146,21 @@ compat_banner(struct ssh *ssh, const cha + }; + + /* process table, return first match */ ++ forbid_ssh_rsa = (ssh->compat & SSH_RH_RSASIGSHA); + ssh->compat = 0; + for (i = 0; check[i].pat; i++) { + if (match_pattern_list(version, check[i].pat, 0) == 1) { + debug_f("match: %s pat %s compat 0x%08x", + version, check[i].pat, check[i].bugs); + ssh->compat = check[i].bugs; ++ if (forbid_ssh_rsa) ++ ssh->compat |= SSH_RH_RSASIGSHA; + return; + } + } + debug_f("no match: %s", version); ++ if (forbid_ssh_rsa) ++ ssh->compat |= SSH_RH_RSASIGSHA; + } + + /* Always returns pointer to allocated memory, caller must free. */ +diff -up openssh-8.7p1/compat.h.sshrsacheck openssh-8.7p1/compat.h +--- openssh-8.7p1/compat.h.sshrsacheck 2021-08-20 06:03:49.000000000 +0200 ++++ openssh-8.7p1/compat.h 2023-01-12 13:29:06.358711178 +0100 +@@ -30,7 +30,7 @@ + #define SSH_BUG_UTF8TTYMODE 0x00000001 + #define SSH_BUG_SIGTYPE 0x00000002 + #define SSH_BUG_SIGTYPE74 0x00000004 +-/* #define unused 0x00000008 */ ++#define SSH_RH_RSASIGSHA 0x00000008 + #define SSH_OLD_SESSIONID 0x00000010 + /* #define unused 0x00000020 */ + #define SSH_BUG_DEBUG 0x00000040 +diff -up openssh-8.7p1/monitor.c.sshrsacheck openssh-8.7p1/monitor.c +--- openssh-8.7p1/monitor.c.sshrsacheck 2023-01-20 13:07:54.279676981 +0100 ++++ openssh-8.7p1/monitor.c 2023-01-20 15:01:07.007821379 +0100 +@@ -660,11 +660,12 @@ mm_answer_sign(struct ssh *ssh, int sock + struct sshkey *key; + struct sshbuf *sigbuf = NULL; + u_char *p = NULL, *signature = NULL; +- char *alg = NULL; ++ char *alg = NULL, *effective_alg; + size_t datlen, siglen, alglen; + int r, is_proof = 0; + u_int keyid, compat; + const char proof_req[] = "hostkeys-prove-00@openssh.com"; ++ const char safe_rsa[] = "rsa-sha2-256"; + + debug3_f("entering"); + +@@ -719,18 +720,30 @@ mm_answer_sign(struct ssh *ssh, int sock + } + + if ((key = get_hostkey_by_index(keyid)) != NULL) { +- if ((r = sshkey_sign(key, &signature, &siglen, p, datlen, alg, ++ if (ssh->compat & SSH_RH_RSASIGSHA && strcmp(alg, "ssh-rsa") == 0 ++ && (sshkey_type_plain(key->type) == KEY_RSA)) { ++ effective_alg = safe_rsa; ++ } else { ++ effective_alg = alg; ++ } ++ if ((r = sshkey_sign(key, &signature, &siglen, p, datlen, effective_alg, + options.sk_provider, NULL, compat)) != 0) + fatal_fr(r, "sign"); + } else if ((key = get_hostkey_public_by_index(keyid, ssh)) != NULL && + auth_sock > 0) { ++ if (ssh->compat & SSH_RH_RSASIGSHA && strcmp(alg, "ssh-rsa") == 0 ++ && (sshkey_type_plain(key->type) == KEY_RSA)) { ++ effective_alg = safe_rsa; ++ } else { ++ effective_alg = alg; ++ } + if ((r = ssh_agent_sign(auth_sock, key, &signature, &siglen, +- p, datlen, alg, compat)) != 0) ++ p, datlen, effective_alg, compat)) != 0) + fatal_fr(r, "agent sign"); + } else + fatal_f("no hostkey from index %d", keyid); + +- debug3_f("%s %s signature len=%zu", alg, ++ debug3_f("%s (effective: %s) %s signature len=%zu", alg, effective_alg, + is_proof ? "hostkey proof" : "KEX", siglen); + + sshbuf_reset(m); +diff -up openssh-8.7p1/regress/cert-userkey.sh.sshrsacheck openssh-8.7p1/regress/cert-userkey.sh +--- openssh-8.7p1/regress/cert-userkey.sh.sshrsacheck 2023-01-25 14:26:52.885963113 +0100 ++++ openssh-8.7p1/regress/cert-userkey.sh 2023-01-25 14:27:25.757219800 +0100 +@@ -7,7 +7,8 @@ rm -f $OBJ/authorized_keys_$USER $OBJ/us + cp $OBJ/sshd_proxy $OBJ/sshd_proxy_bak + cp $OBJ/ssh_proxy $OBJ/ssh_proxy_bak + +-PLAIN_TYPES=`$SSH -Q key-plain | maybe_filter_sk | sed 's/^ssh-dss/ssh-dsa/;s/^ssh-//'` ++#ssh-dss keys are incompatible with DEFAULT crypto policy ++PLAIN_TYPES=`$SSH -Q key-plain | maybe_filter_sk | grep -v 'ssh-dss' | sed 's/^ssh-dss/ssh-dsa/;s/^ssh-//'` + EXTRA_TYPES="" + rsa="" + +diff -up openssh-8.7p1/regress/Makefile.sshrsacheck openssh-8.7p1/regress/Makefile +--- openssh-8.7p1/regress/Makefile.sshrsacheck 2023-01-20 13:07:54.169676051 +0100 ++++ openssh-8.7p1/regress/Makefile 2023-01-20 13:07:54.290677074 +0100 +@@ -2,7 +2,8 @@ + + tests: prep file-tests t-exec unit + +-REGRESS_TARGETS= t1 t2 t3 t4 t5 t6 t7 t8 t9 t10 t11 t12 ++#ssh-dss tests will not pass on DEFAULT crypto-policy because of SHA1, skipping ++REGRESS_TARGETS= t1 t2 t3 t4 t5 t7 t8 t9 t10 t11 t12 + + # File based tests + file-tests: $(REGRESS_TARGETS) +diff -up openssh-8.7p1/regress/test-exec.sh.sshrsacheck openssh-8.7p1/regress/test-exec.sh +--- openssh-8.7p1/regress/test-exec.sh.sshrsacheck 2023-01-25 14:24:54.778040819 +0100 ++++ openssh-8.7p1/regress/test-exec.sh 2023-01-25 14:26:39.500858590 +0100 +@@ -581,8 +581,9 @@ maybe_filter_sk() { + fi + } + +-SSH_KEYTYPES=`$SSH -Q key-plain | maybe_filter_sk` +-SSH_HOSTKEY_TYPES=`$SSH -Q key-plain | maybe_filter_sk` ++#ssh-dss keys are incompatible with DEFAULT crypto policy ++SSH_KEYTYPES=`$SSH -Q key-plain | maybe_filter_sk | grep -v 'ssh-dss'` ++SSH_HOSTKEY_TYPES=`$SSH -Q key-plain | maybe_filter_sk | grep -v 'ssh-dss'` + + for t in ${SSH_KEYTYPES}; do + # generate user key +diff -up openssh-8.7p1/regress/unittests/kex/test_kex.c.sshrsacheck openssh-8.7p1/regress/unittests/kex/test_kex.c +--- openssh-8.7p1/regress/unittests/kex/test_kex.c.sshrsacheck 2023-01-26 13:34:52.645743677 +0100 ++++ openssh-8.7p1/regress/unittests/kex/test_kex.c 2023-01-26 13:36:56.220745823 +0100 +@@ -97,7 +97,8 @@ do_kex_with_key(char *kex, int keytype, + memcpy(kex_params.proposal, myproposal, sizeof(myproposal)); + if (kex != NULL) + kex_params.proposal[PROPOSAL_KEX_ALGS] = kex; +- keyname = strdup(sshkey_ssh_name(private)); ++ keyname = (strcmp(sshkey_ssh_name(private), "ssh-rsa")) ? ++ strdup(sshkey_ssh_name(private)) : strdup("rsa-sha2-256"); + ASSERT_PTR_NE(keyname, NULL); + kex_params.proposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = keyname; + ASSERT_INT_EQ(ssh_init(&client, 0, &kex_params), 0); +@@ -180,7 +181,7 @@ do_kex(char *kex) + { + #ifdef WITH_OPENSSL + do_kex_with_key(kex, KEY_RSA, 2048); +- do_kex_with_key(kex, KEY_DSA, 1024); ++ /* do_kex_with_key(kex, KEY_DSA, 1024); */ + #ifdef OPENSSL_HAS_ECC + do_kex_with_key(kex, KEY_ECDSA, 256); + #endif /* OPENSSL_HAS_ECC */ +diff -up openssh-8.7p1/regress/unittests/sshkey/test_file.c.sshrsacheck openssh-8.7p1/regress/unittests/sshkey/test_file.c +--- openssh-8.7p1/regress/unittests/sshkey/test_file.c.sshrsacheck 2023-01-26 12:04:55.946343408 +0100 ++++ openssh-8.7p1/regress/unittests/sshkey/test_file.c 2023-01-26 12:06:35.235164432 +0100 +@@ -110,6 +110,7 @@ sshkey_file_tests(void) + sshkey_free(k2); + TEST_DONE(); + ++ /* Skip this test, SHA1 signatures are not supported + TEST_START("load RSA cert with SHA1 signature"); + ASSERT_INT_EQ(sshkey_load_cert(test_data_file("rsa_1_sha1"), &k2), 0); + ASSERT_PTR_NE(k2, NULL); +@@ -117,7 +118,7 @@ sshkey_file_tests(void) + ASSERT_INT_EQ(sshkey_equal_public(k1, k2), 1); + ASSERT_STRING_EQ(k2->cert->signature_type, "ssh-rsa"); + sshkey_free(k2); +- TEST_DONE(); ++ TEST_DONE(); */ + + TEST_START("load RSA cert with SHA512 signature"); + ASSERT_INT_EQ(sshkey_load_cert(test_data_file("rsa_1_sha512"), &k2), 0); +diff -up openssh-8.7p1/regress/unittests/sshkey/test_fuzz.c.sshrsacheck openssh-8.7p1/regress/unittests/sshkey/test_fuzz.c +--- openssh-8.7p1/regress/unittests/sshkey/test_fuzz.c.sshrsacheck 2023-01-26 12:10:37.533168013 +0100 ++++ openssh-8.7p1/regress/unittests/sshkey/test_fuzz.c 2023-01-26 12:15:35.637631860 +0100 +@@ -333,13 +333,14 @@ sshkey_fuzz_tests(void) + TEST_DONE(); + + #ifdef WITH_OPENSSL ++ /* Skip this test, SHA1 signatures are not supported + TEST_START("fuzz RSA sig"); + buf = load_file("rsa_1"); + ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", &k1, NULL), 0); + sshbuf_free(buf); + sig_fuzz(k1, "ssh-rsa"); + sshkey_free(k1); +- TEST_DONE(); ++ TEST_DONE();*/ + + TEST_START("fuzz RSA SHA256 sig"); + buf = load_file("rsa_1"); +@@ -357,6 +358,7 @@ sshkey_fuzz_tests(void) + sshkey_free(k1); + TEST_DONE(); + ++ /* Skip this test, SHA1 signatures are not supported + TEST_START("fuzz DSA sig"); + buf = load_file("dsa_1"); + ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", &k1, NULL), 0); +@@ -364,6 +366,7 @@ sshkey_fuzz_tests(void) + sig_fuzz(k1, NULL); + sshkey_free(k1); + TEST_DONE(); ++ */ + + #ifdef OPENSSL_HAS_ECC + TEST_START("fuzz ECDSA sig"); +diff -up openssh-8.7p1/regress/unittests/sshkey/test_sshkey.c.sshrsacheck openssh-8.7p1/regress/unittests/sshkey/test_sshkey.c +--- openssh-8.7p1/regress/unittests/sshkey/test_sshkey.c.sshrsacheck 2023-01-26 11:02:52.339413463 +0100 ++++ openssh-8.7p1/regress/unittests/sshkey/test_sshkey.c 2023-01-26 11:58:42.324253896 +0100 +@@ -60,6 +60,9 @@ build_cert(struct sshbuf *b, struct sshk + u_char *sigblob; + size_t siglen; + ++ /* ssh-rsa implies SHA1, forbidden in DEFAULT cp */ ++ int expected = (sig_alg == NULL || strcmp(sig_alg, "ssh-rsa") == 0) ? SSH_ERR_LIBCRYPTO_ERROR : 0; ++ + ca_buf = sshbuf_new(); + ASSERT_PTR_NE(ca_buf, NULL); + ASSERT_INT_EQ(sshkey_putb(ca_key, ca_buf), 0); +@@ -101,8 +104,9 @@ build_cert(struct sshbuf *b, struct sshk + ASSERT_INT_EQ(sshbuf_put_string(b, NULL, 0), 0); /* reserved */ + ASSERT_INT_EQ(sshbuf_put_stringb(b, ca_buf), 0); /* signature key */ + ASSERT_INT_EQ(sshkey_sign(sign_key, &sigblob, &siglen, +- sshbuf_ptr(b), sshbuf_len(b), sig_alg, NULL, NULL, 0), 0); +- ASSERT_INT_EQ(sshbuf_put_string(b, sigblob, siglen), 0); /* signature */ ++ sshbuf_ptr(b), sshbuf_len(b), sig_alg, NULL, NULL, 0), expected); ++ if (expected == 0) ++ ASSERT_INT_EQ(sshbuf_put_string(b, sigblob, siglen), 0); /* signature */ + + free(sigblob); + sshbuf_free(ca_buf); +@@ -119,16 +123,22 @@ signature_test(struct sshkey *k, struct + { + size_t len; + u_char *sig; ++ /* ssh-rsa implies SHA1, forbidden in DEFAULT cp */ ++ int expected = (sig_alg && strcmp(sig_alg, "ssh-rsa") == 0) ? SSH_ERR_LIBCRYPTO_ERROR : 0; ++ if (k && (sshkey_type_plain(k->type) == KEY_DSA || sshkey_type_plain(k->type) == KEY_DSA_CERT)) ++ expected = SSH_ERR_LIBCRYPTO_ERROR; + + ASSERT_INT_EQ(sshkey_sign(k, &sig, &len, d, l, sig_alg, +- NULL, NULL, 0), 0); +- ASSERT_SIZE_T_GT(len, 8); +- ASSERT_PTR_NE(sig, NULL); +- ASSERT_INT_EQ(sshkey_verify(k, sig, len, d, l, NULL, 0, NULL), 0); +- ASSERT_INT_NE(sshkey_verify(bad, sig, len, d, l, NULL, 0, NULL), 0); +- /* Fuzz test is more comprehensive, this is just a smoke test */ +- sig[len - 5] ^= 0x10; +- ASSERT_INT_NE(sshkey_verify(k, sig, len, d, l, NULL, 0, NULL), 0); ++ NULL, NULL, 0), expected); ++ if (expected == 0) { ++ ASSERT_SIZE_T_GT(len, 8); ++ ASSERT_PTR_NE(sig, NULL); ++ ASSERT_INT_EQ(sshkey_verify(k, sig, len, d, l, NULL, 0, NULL), 0); ++ ASSERT_INT_NE(sshkey_verify(bad, sig, len, d, l, NULL, 0, NULL), 0); ++ /* Fuzz test is more comprehensive, this is just a smoke test */ ++ sig[len - 5] ^= 0x10; ++ ASSERT_INT_NE(sshkey_verify(k, sig, len, d, l, NULL, 0, NULL), 0); ++ } + free(sig); + } + +@@ -514,7 +524,7 @@ sshkey_tests(void) + ASSERT_INT_EQ(sshkey_load_public(test_data_file("rsa_1.pub"), &k2, + NULL), 0); + k3 = get_private("rsa_1"); +- build_cert(b, k2, "ssh-rsa-cert-v01@openssh.com", k3, k1, NULL); ++ build_cert(b, k2, "ssh-rsa-cert-v01@openssh.com", k3, k1, "rsa-sha2-256"); + ASSERT_INT_EQ(sshkey_from_blob(sshbuf_ptr(b), sshbuf_len(b), &k4), + SSH_ERR_KEY_CERT_INVALID_SIGN_KEY); + ASSERT_PTR_EQ(k4, NULL); +diff -up openssh-8.7p1/regress/unittests/sshsig/tests.c.sshrsacheck openssh-8.7p1/regress/unittests/sshsig/tests.c +--- openssh-8.7p1/regress/unittests/sshsig/tests.c.sshrsacheck 2023-01-26 12:19:23.659513651 +0100 ++++ openssh-8.7p1/regress/unittests/sshsig/tests.c 2023-01-26 12:20:28.021044803 +0100 +@@ -102,9 +102,11 @@ tests(void) + check_sig("rsa.pub", "rsa.sig", msg, namespace); + TEST_DONE(); + ++ /* Skip this test, SHA1 signatures are not supported + TEST_START("check DSA signature"); + check_sig("dsa.pub", "dsa.sig", msg, namespace); + TEST_DONE(); ++ */ + + #ifdef OPENSSL_HAS_ECC + TEST_START("check ECDSA signature"); +diff -up openssh-8.7p1/serverloop.c.sshrsacheck openssh-8.7p1/serverloop.c +--- openssh-8.7p1/serverloop.c.sshrsacheck 2023-01-12 14:57:08.118400073 +0100 ++++ openssh-8.7p1/serverloop.c 2023-01-12 14:59:17.330470518 +0100 +@@ -737,6 +737,10 @@ server_input_hostkeys_prove(struct ssh * + else if (ssh->kex->flags & KEX_RSA_SHA2_256_SUPPORTED) + sigalg = "rsa-sha2-256"; + } ++ if (ssh->compat & SSH_RH_RSASIGSHA && sigalg == NULL) { ++ sigalg = "rsa-sha2-512"; ++ debug3_f("SHA1 signature is not supported, falling back to %s", sigalg); ++ } + debug3_f("sign %s key (index %d) using sigalg %s", + sshkey_type(key), ndx, sigalg == NULL ? "default" : sigalg); + if ((r = sshbuf_put_cstring(sigbuf, +diff -up openssh-8.7p1/sshconnect2.c.sshrsacheck openssh-8.7p1/sshconnect2.c +--- openssh-8.7p1/sshconnect2.c.sshrsacheck 2023-01-25 15:33:29.140353651 +0100 ++++ openssh-8.7p1/sshconnect2.c 2023-01-25 15:59:34.225364883 +0100 +@@ -1461,6 +1464,14 @@ identity_sign(struct identity *id, u_cha + retried = 1; + goto retry_pin; + } ++ if ((r == SSH_ERR_LIBCRYPTO_ERROR) && strcmp("ssh-rsa", alg)) { ++ char rsa_safe_alg[] = "rsa-sha2-512"; ++ debug3_f("trying to fallback to algorithm %s", rsa_safe_alg); ++ ++ if ((r = sshkey_sign(sign_key, sigp, lenp, data, datalen, ++ rsa_safe_alg, options.sk_provider, pin, compat)) != 0) ++ debug_fr(r, "sshkey_sign - RSA fallback"); ++ } + goto out; + } + +diff -up openssh-8.7p1/sshd.c.sshrsacheck openssh-8.7p1/sshd.c +--- openssh-8.7p1/sshd.c.sshrsacheck 2023-01-12 13:29:06.355711140 +0100 ++++ openssh-8.7p1/sshd.c 2023-01-12 13:29:06.358711178 +0100 +@@ -1640,6 +1651,7 @@ main(int ac, char **av) + int keytype; + Authctxt *authctxt; + struct connection_info *connection_info = NULL; ++ int forbid_ssh_rsa = 0; + + #ifdef HAVE_SECUREWARE + (void)set_auth_parameters(ac, av); +@@ -1938,6 +1950,33 @@ main(int ac, char **av) + key = NULL; + continue; + } ++ if (key && (sshkey_type_plain(key->type) == KEY_RSA || sshkey_type_plain(key->type) == KEY_RSA_CERT)) { ++ size_t sign_size = 0; ++ u_char *tmp = NULL; ++ u_char data[] = "Test SHA1 vector"; ++ int res; ++ ++ res = sshkey_sign(key, &tmp, &sign_size, data, sizeof(data), NULL, NULL, NULL, 0); ++ free(tmp); ++ if (res == SSH_ERR_LIBCRYPTO_ERROR) { ++ verbose_f("sshd: SHA1 in signatures is disabled for RSA keys"); ++ forbid_ssh_rsa = 1; ++ } ++ } ++ if (key && (sshkey_type_plain(key->type) == KEY_DSA || sshkey_type_plain(key->type) == KEY_DSA_CERT)) { ++ size_t sign_size = 0; ++ u_char *tmp = NULL; ++ u_char data[] = "Test SHA1 vector"; ++ int res; ++ ++ res = sshkey_sign(key, &tmp, &sign_size, data, sizeof(data), NULL, NULL, NULL, 0); ++ free(tmp); ++ if (res == SSH_ERR_LIBCRYPTO_ERROR) { ++ logit_f("sshd: ssh-dss is disabled, skipping key file %s", options.host_key_files[i]); ++ key = NULL; ++ continue; ++ } ++ } + if (sshkey_is_sk(key) && + key->sk_flags & SSH_SK_USER_PRESENCE_REQD) { + debug("host key %s requires user presence, ignoring", +@@ -2275,6 +2306,9 @@ main(int ac, char **av) + + check_ip_options(ssh); + ++ if (forbid_ssh_rsa) ++ ssh->compat |= SSH_RH_RSASIGSHA; ++ + /* Prepare the channels layer */ + channel_init_channels(ssh); + channel_set_af(ssh, options.address_family); +diff -Nur openssh-8.7p1/ssh-keygen.c openssh-8.7p1_patched/ssh-keygen.c +--- openssh-8.7p1/ssh-keygen.c 2023-01-18 17:41:47.894515779 +0100 ++++ openssh-8.7p1_patched/ssh-keygen.c 2023-01-18 17:41:44.500488818 +0100 +@@ -491,6 +491,8 @@ + BIGNUM *dsa_pub_key = NULL, *dsa_priv_key = NULL; + BIGNUM *rsa_n = NULL, *rsa_e = NULL, *rsa_d = NULL; + BIGNUM *rsa_p = NULL, *rsa_q = NULL, *rsa_iqmp = NULL; ++ char rsa_safe_alg[] = "rsa-sha2-256"; ++ char *alg = NULL; + + if ((r = sshbuf_get_u32(b, &magic)) != 0) + fatal_fr(r, "parse magic"); +@@ -590,6 +592,7 @@ do_convert_private_ssh2(struct sshbuf *b + if ((r = ssh_rsa_complete_crt_parameters(key, rsa_iqmp)) != 0) + fatal_fr(r, "generate RSA parameters"); + BN_clear_free(rsa_iqmp); ++ alg = rsa_safe_alg; + break; + } + rlen = sshbuf_len(b); +@@ -598,9 +601,9 @@ do_convert_private_ssh2(struct sshbuf *b + + /* try the key */ + if (sshkey_sign(key, &sig, &slen, data, sizeof(data), +- NULL, NULL, NULL, 0) != 0 || ++ alg, NULL, NULL, 0) != 0 || + sshkey_verify(key, sig, slen, data, sizeof(data), +- NULL, 0, NULL) != 0) { ++ alg, 0, NULL) != 0) { + sshkey_free(key); + free(sig); + return NULL; +diff -up openssh-8.7p1/ssh-rsa.c.sshrsacheck openssh-8.7p1/ssh-rsa.c +--- openssh-8.7p1/ssh-rsa.c.sshrsacheck 2023-01-20 13:07:54.180676144 +0100 ++++ openssh-8.7p1/ssh-rsa.c 2023-01-20 13:07:54.290677074 +0100 +@@ -254,7 +254,8 @@ ssh_rsa_verify(const struct sshkey *key, + ret = SSH_ERR_INVALID_ARGUMENT; + goto out; + } +- if (hash_alg != want_alg) { ++ if (hash_alg != want_alg && want_alg != SSH_DIGEST_SHA1) { ++ debug_f("Unexpected digest algorithm: got %d, wanted %d", hash_alg, want_alg); + ret = SSH_ERR_SIGNATURE_INVALID; + goto out; + } diff --git a/openssh-9.0p1-audit-log.patch b/openssh-9.0p1-audit-log.patch new file mode 100644 index 0000000..fbf5094 --- /dev/null +++ b/openssh-9.0p1-audit-log.patch @@ -0,0 +1,119 @@ +diff -up openssh-9.0p1/audit-bsm.c.patch openssh-9.0p1/audit-bsm.c +--- openssh-9.0p1/audit-bsm.c.patch 2022-10-24 15:02:16.544858331 +0200 ++++ openssh-9.0p1/audit-bsm.c 2022-10-24 14:51:43.685766639 +0200 +@@ -405,7 +405,7 @@ audit_session_close(struct logininfo *li + } + + int +-audit_keyusage(struct ssh *ssh, int host_user, char *fp, int rv) ++audit_keyusage(struct ssh *ssh, int host_user, char *key_fp, const struct sshkey_cert *cert, const char *issuer_fp, int rv) + { + /* not implemented */ + } +diff -up openssh-9.0p1/audit.c.patch openssh-9.0p1/audit.c +--- openssh-9.0p1/audit.c.patch 2022-10-24 15:02:16.544858331 +0200 ++++ openssh-9.0p1/audit.c 2022-10-24 15:20:38.854548226 +0200 +@@ -116,12 +116,22 @@ audit_event_lookup(ssh_audit_event_t ev) + void + audit_key(struct ssh *ssh, int host_user, int *rv, const struct sshkey *key) + { +- char *fp; ++ char *key_fp = NULL; ++ char *issuer_fp = NULL; ++ struct sshkey_cert *cert = NULL; + +- fp = sshkey_fingerprint(key, options.fingerprint_hash, SSH_FP_HEX); +- if (audit_keyusage(ssh, host_user, fp, (*rv == 0)) == 0) ++ key_fp = sshkey_fingerprint(key, options.fingerprint_hash, SSH_FP_HEX); ++ if (sshkey_is_cert(key) && key->cert != NULL && key->cert->signature_key != NULL) { ++ cert = key->cert; ++ issuer_fp = sshkey_fingerprint(cert->signature_key, ++ options.fingerprint_hash, SSH_FP_DEFAULT); ++ } ++ if (audit_keyusage(ssh, host_user, key_fp, cert, issuer_fp, (*rv == 0)) == 0) + *rv = -SSH_ERR_INTERNAL_ERROR; +- free(fp); ++ if (key_fp) ++ free(key_fp); ++ if (issuer_fp) ++ free(issuer_fp); + } + + void +diff -up openssh-9.0p1/audit.h.patch openssh-9.0p1/audit.h +--- openssh-9.0p1/audit.h.patch 2022-10-24 15:02:16.544858331 +0200 ++++ openssh-9.0p1/audit.h 2022-10-24 14:58:20.887565518 +0200 +@@ -64,7 +64,7 @@ void audit_session_close(struct logininf + int audit_run_command(struct ssh *, const char *); + void audit_end_command(struct ssh *, int, const char *); + ssh_audit_event_t audit_classify_auth(const char *); +-int audit_keyusage(struct ssh *, int, char *, int); ++int audit_keyusage(struct ssh *, int, const char *, const struct sshkey_cert *, const char *, int); + void audit_key(struct ssh *, int, int *, const struct sshkey *); + void audit_unsupported(struct ssh *, int); + void audit_kex(struct ssh *, int, char *, char *, char *, char *); +diff -up openssh-9.0p1/audit-linux.c.patch openssh-9.0p1/audit-linux.c +--- openssh-9.0p1/audit-linux.c.patch 2022-10-24 15:02:16.544858331 +0200 ++++ openssh-9.0p1/audit-linux.c 2022-10-24 15:21:58.165303951 +0200 +@@ -137,10 +137,12 @@ fatal_report: + } + + int +-audit_keyusage(struct ssh *ssh, int host_user, char *fp, int rv) ++audit_keyusage(struct ssh *ssh, int host_user, const char *key_fp, const struct sshkey_cert *cert, const char *issuer_fp, int rv) + { + char buf[AUDIT_LOG_SIZE]; + int audit_fd, rc, saved_errno; ++ const char *rip; ++ u_int i; + + audit_fd = audit_open(); + if (audit_fd < 0) { +@@ -150,14 +152,44 @@ audit_keyusage(struct ssh *ssh, int host + else + return 0; /* Must prevent login */ + } ++ rip = ssh_remote_ipaddr(ssh); + snprintf(buf, sizeof(buf), "%s_auth grantors=auth-key", host_user ? "pubkey" : "hostbased"); + rc = audit_log_acct_message(audit_fd, AUDIT_USER_AUTH, NULL, +- buf, audit_username(), -1, NULL, ssh_remote_ipaddr(ssh), NULL, rv); ++ buf, audit_username(), -1, NULL, rip, NULL, rv); + if ((rc < 0) && ((rc != -1) || (getuid() == 0))) + goto out; +- snprintf(buf, sizeof(buf), "op=negotiate kind=auth-key fp=%s", fp); ++ snprintf(buf, sizeof(buf), "op=negotiate kind=auth-key fp=%s", key_fp); + rc = audit_log_user_message(audit_fd, AUDIT_CRYPTO_KEY_USER, buf, NULL, +- ssh_remote_ipaddr(ssh), NULL, rv); ++ rip, NULL, rv); ++ if ((rc < 0) && ((rc != -1) || (getuid() == 0))) ++ goto out; ++ ++ if (cert) { ++ char *pbuf; ++ ++ pbuf = audit_encode_nv_string("key_id", cert->key_id, 0); ++ if (pbuf == NULL) ++ goto out; ++ snprintf(buf, sizeof(buf), "cert %s cert_serial=%llu cert_issuer_alg=\"%s\" cert_issuer_fp=\"%s\"", ++ pbuf, (unsigned long long)cert->serial, sshkey_type(cert->signature_key), issuer_fp); ++ free(pbuf); ++ rc = audit_log_acct_message(audit_fd, AUDIT_USER_AUTH, NULL, ++ buf, audit_username(), -1, NULL, rip, NULL, rv); ++ if ((rc < 0) && ((rc != -1) || (getuid() == 0))) ++ goto out; ++ ++ for (i = 0; cert->principals != NULL && i < cert->nprincipals; i++) { ++ pbuf = audit_encode_nv_string("cert_principal", cert->principals[i], 0); ++ if (pbuf == NULL) ++ goto out; ++ snprintf(buf, sizeof(buf), "principal %s", pbuf); ++ free(pbuf); ++ rc = audit_log_acct_message(audit_fd, AUDIT_USER_AUTH, NULL, ++ buf, audit_username(), -1, NULL, rip, NULL, rv); ++ if ((rc < 0) && ((rc != -1) || (getuid() == 0))) ++ goto out; ++ } ++ } + out: + saved_errno = errno; + audit_close(audit_fd); diff --git a/openssh-9.0p1-evp-fips-dh.patch b/openssh-9.0p1-evp-fips-dh.patch new file mode 100644 index 0000000..7494245 --- /dev/null +++ b/openssh-9.0p1-evp-fips-dh.patch @@ -0,0 +1,266 @@ +diff --color -ru -x regress -x autom4te.cache -x '*.o' -x '*.lo' -x Makefile -x config.status -x configure~ -x configure.ac ../../openssh-8.7p1/dh.c ./dh.c +--- ../../openssh-8.7p1/dh.c 2023-03-01 14:26:52.504445780 +0100 ++++ ./dh.c 2023-03-01 14:20:09.823193384 +0100 +@@ -37,6 +37,9 @@ + #include + #include + #include ++#include ++#include ++#include + + #include "dh.h" + #include "pathnames.h" +@@ -289,10 +292,15 @@ + int + dh_gen_key(DH *dh, int need) + { +- int pbits; +- const BIGNUM *dh_p, *pub_key; ++ const BIGNUM *dh_p, *dh_g; ++ BIGNUM *pub_key = NULL, *priv_key = NULL; ++ EVP_PKEY *pkey = NULL; ++ EVP_PKEY_CTX *ctx = NULL; ++ OSSL_PARAM_BLD *param_bld = NULL; ++ OSSL_PARAM *params = NULL; ++ int pbits, r = 0; + +- DH_get0_pqg(dh, &dh_p, NULL, NULL); ++ DH_get0_pqg(dh, &dh_p, NULL, &dh_g); + + if (need < 0 || dh_p == NULL || + (pbits = BN_num_bits(dh_p)) <= 0 || +@@ -300,19 +308,85 @@ + return SSH_ERR_INVALID_ARGUMENT; + if (need < 256) + need = 256; ++ ++ if ((param_bld = OSSL_PARAM_BLD_new()) == NULL || ++ (ctx = EVP_PKEY_CTX_new_from_name(NULL, "DH", NULL)) == NULL) { ++ OSSL_PARAM_BLD_free(param_bld); ++ return SSH_ERR_ALLOC_FAIL; ++ } ++ ++ if (OSSL_PARAM_BLD_push_BN(param_bld, ++ OSSL_PKEY_PARAM_FFC_P, dh_p) != 1 || ++ OSSL_PARAM_BLD_push_BN(param_bld, ++ OSSL_PKEY_PARAM_FFC_G, dh_g) != 1) { ++ error_f("Could not set p,q,g parameters"); ++ r = SSH_ERR_LIBCRYPTO_ERROR; ++ goto out; ++ } + /* + * Pollard Rho, Big step/Little Step attacks are O(sqrt(n)), + * so double requested need here. + */ +- if (!DH_set_length(dh, MINIMUM(need * 2, pbits - 1))) +- return SSH_ERR_LIBCRYPTO_ERROR; +- +- if (DH_generate_key(dh) == 0) +- return SSH_ERR_LIBCRYPTO_ERROR; +- DH_get0_key(dh, &pub_key, NULL); +- if (!dh_pub_is_valid(dh, pub_key)) +- return SSH_ERR_INVALID_FORMAT; +- return 0; ++ if (OSSL_PARAM_BLD_push_int(param_bld, ++ OSSL_PKEY_PARAM_DH_PRIV_LEN, ++ MINIMUM(need * 2, pbits - 1)) != 1 || ++ (params = OSSL_PARAM_BLD_to_param(param_bld)) == NULL) { ++ r = SSH_ERR_LIBCRYPTO_ERROR; ++ goto out; ++ } ++ if (EVP_PKEY_fromdata_init(ctx) != 1) { ++ r = SSH_ERR_LIBCRYPTO_ERROR; ++ goto out; ++ } ++ if (EVP_PKEY_fromdata(ctx, &pkey, ++ EVP_PKEY_KEY_PARAMETERS, params) != 1) { ++ error_f("Failed key generation"); ++ r = SSH_ERR_LIBCRYPTO_ERROR; ++ goto out; ++ } ++ ++ /* reuse context for key generation */ ++ EVP_PKEY_CTX_free(ctx); ++ ctx = NULL; ++ ++ if ((ctx = EVP_PKEY_CTX_new_from_pkey(NULL, pkey, NULL)) == NULL || ++ EVP_PKEY_keygen_init(ctx) != 1) { ++ error_f("Could not create or init context"); ++ r = SSH_ERR_LIBCRYPTO_ERROR; ++ goto out; ++ } ++ if (EVP_PKEY_generate(ctx, &pkey) != 1) { ++ error_f("Could not generate keys"); ++ r = SSH_ERR_LIBCRYPTO_ERROR; ++ goto out; ++ } ++ if (EVP_PKEY_public_check(ctx) != 1) { ++ error_f("The public key is incorrect"); ++ r = SSH_ERR_LIBCRYPTO_ERROR; ++ goto out; ++ } ++ ++ if (EVP_PKEY_get_bn_param(pkey, OSSL_PKEY_PARAM_PUB_KEY, ++ &pub_key) != 1 || ++ EVP_PKEY_get_bn_param(pkey, OSSL_PKEY_PARAM_PRIV_KEY, ++ &priv_key) != 1 || ++ DH_set0_key(dh, pub_key, priv_key) != 1) { ++ error_f("Could not set pub/priv keys to DH struct"); ++ r = SSH_ERR_LIBCRYPTO_ERROR; ++ goto out; ++ } ++ ++ /* transferred */ ++ pub_key = NULL; ++ priv_key = NULL; ++out: ++ OSSL_PARAM_free(params); ++ OSSL_PARAM_BLD_free(param_bld); ++ EVP_PKEY_CTX_free(ctx); ++ EVP_PKEY_free(pkey); ++ BN_clear_free(pub_key); ++ BN_clear_free(priv_key); ++ return r; + } + + DH * +diff --color -ru -x regress -x autom4te.cache -x '*.o' -x '*.lo' -x Makefile -x config.status -x configure~ -x configure.ac ../../openssh-8.7p1/kex.c ./kex.c +--- ../../openssh-8.7p1/kex.c 2023-03-01 14:26:52.508445832 +0100 ++++ ./kex.c 2023-02-28 14:09:27.164743771 +0100 +@@ -1602,3 +1602,47 @@ + return r; + } + ++#ifdef WITH_OPENSSL ++/* ++ * Creates an EVP_PKEY from the given parameters and keys. ++ * The private key can be omitted. ++ */ ++int ++kex_create_evp_dh(EVP_PKEY **pkey, const BIGNUM *p, const BIGNUM *q, ++ const BIGNUM *g, const BIGNUM *pub, const BIGNUM *priv) ++{ ++ OSSL_PARAM_BLD *param_bld = NULL; ++ EVP_PKEY_CTX *ctx = NULL; ++ int r = 0; ++ ++ /* create EVP_PKEY-DH key */ ++ if ((ctx = EVP_PKEY_CTX_new_from_name(NULL, "DH", NULL)) == NULL || ++ (param_bld = OSSL_PARAM_BLD_new()) == NULL) { ++ error_f("EVP_PKEY_CTX or PARAM_BLD init failed"); ++ r = SSH_ERR_ALLOC_FAIL; ++ goto out; ++ } ++ if (OSSL_PARAM_BLD_push_BN(param_bld, OSSL_PKEY_PARAM_FFC_P, p) != 1 || ++ OSSL_PARAM_BLD_push_BN(param_bld, OSSL_PKEY_PARAM_FFC_Q, q) != 1 || ++ OSSL_PARAM_BLD_push_BN(param_bld, OSSL_PKEY_PARAM_FFC_G, g) != 1 || ++ OSSL_PARAM_BLD_push_BN(param_bld, ++ OSSL_PKEY_PARAM_PUB_KEY, pub) != 1) { ++ error_f("Failed pushing params to OSSL_PARAM_BLD"); ++ r = SSH_ERR_LIBCRYPTO_ERROR; ++ goto out; ++ } ++ if (priv != NULL && ++ OSSL_PARAM_BLD_push_BN(param_bld, ++ OSSL_PKEY_PARAM_PRIV_KEY, priv) != 1) { ++ error_f("Failed pushing private key to OSSL_PARAM_BLD"); ++ r = SSH_ERR_LIBCRYPTO_ERROR; ++ goto out; ++ } ++ if ((*pkey = sshkey_create_evp(param_bld, ctx)) == NULL) ++ r = SSH_ERR_LIBCRYPTO_ERROR; ++out: ++ OSSL_PARAM_BLD_free(param_bld); ++ EVP_PKEY_CTX_free(ctx); ++ return r; ++} ++#endif /* WITH_OPENSSL */ +diff --color -ru -x regress -x autom4te.cache -x '*.o' -x '*.lo' -x Makefile -x config.status -x configure~ -x configure.ac ../../openssh-8.7p1/kexdh.c ./kexdh.c +--- ../../openssh-8.7p1/kexdh.c 2023-03-01 14:26:52.448445050 +0100 ++++ ./kexdh.c 2023-02-28 14:05:00.700902124 +0100 +@@ -35,6 +35,9 @@ + + #include "openbsd-compat/openssl-compat.h" + #include ++#include ++#include ++#include + + #include "sshkey.h" + #include "kex.h" +@@ -83,6 +86,9 @@ + kex_dh_compute_key(struct kex *kex, BIGNUM *dh_pub, struct sshbuf *out) + { + BIGNUM *shared_secret = NULL; ++ const BIGNUM *pub, *priv, *p, *q, *g; ++ EVP_PKEY *pkey = NULL, *dh_pkey = NULL; ++ EVP_PKEY_CTX *ctx = NULL; + u_char *kbuf = NULL; + size_t klen = 0; + int kout, r; +@@ -106,18 +112,39 @@ + r = SSH_ERR_ALLOC_FAIL; + goto out; + } +- if ((kout = DH_compute_key(kbuf, dh_pub, kex->dh)) < 0 || +- BN_bin2bn(kbuf, kout, shared_secret) == NULL) { ++ ++ DH_get0_key(kex->dh, &pub, &priv); ++ DH_get0_pqg(kex->dh, &p, &q, &g); ++ /* import key */ ++ kex_create_evp_dh(&pkey, p, q, g, pub, priv); ++ /* import peer key ++ * the parameters should be the same as with pkey ++ */ ++ kex_create_evp_dh(&dh_pkey, p, q, g, dh_pub, NULL); ++ ++ if ((ctx = EVP_PKEY_CTX_new_from_pkey(NULL, pkey, NULL)) == NULL) { ++ error_f("Could not init EVP_PKEY_CTX for dh"); ++ r = SSH_ERR_ALLOC_FAIL; ++ goto out; ++ } ++ if (EVP_PKEY_derive_init(ctx) != 1 || ++ EVP_PKEY_derive_set_peer(ctx, dh_pkey) != 1 || ++ EVP_PKEY_derive(ctx, kbuf, &klen) != 1 || ++ BN_bin2bn(kbuf, klen, shared_secret) == NULL) { ++ error_f("Could not derive key"); + r = SSH_ERR_LIBCRYPTO_ERROR; + goto out; + } + #ifdef DEBUG_KEXDH +- dump_digest("shared secret", kbuf, kout); ++ dump_digest("shared secret", kbuf, klen); + #endif + r = sshbuf_put_bignum2(out, shared_secret); + out: + freezero(kbuf, klen); + BN_clear_free(shared_secret); ++ EVP_PKEY_free(pkey); ++ EVP_PKEY_free(dh_pkey); ++ EVP_PKEY_CTX_free(ctx); + return r; + } + +diff --color -ru -x regress -x autom4te.cache -x '*.o' -x '*.lo' -x Makefile -x config.status -x configure~ -x configure.ac ../../openssh-8.7p1/kex.h ./kex.h +--- ../../openssh-8.7p1/kex.h 2023-03-01 14:26:52.508445832 +0100 ++++ ./kex.h 2023-02-28 13:16:49.811047554 +0100 +@@ -33,6 +33,9 @@ + # include + # include + # include ++# include ++# include ++# include + # ifdef OPENSSL_HAS_ECC + # include + # else /* OPENSSL_HAS_ECC */ +@@ -278,6 +281,8 @@ + const u_char pub[CURVE25519_SIZE], struct sshbuf *out, int) + __attribute__((__bounded__(__minbytes__, 1, CURVE25519_SIZE))) + __attribute__((__bounded__(__minbytes__, 2, CURVE25519_SIZE))); ++int kex_create_evp_dh(EVP_PKEY **, const BIGNUM *, const BIGNUM *, ++ const BIGNUM *, const BIGNUM *, const BIGNUM *); + + #if defined(DEBUG_KEX) || defined(DEBUG_KEXDH) || defined(DEBUG_KEXECDH) + void dump_digest(const char *, const u_char *, int); diff --git a/openssh-9.0p1-evp-fips-ecdh.patch b/openssh-9.0p1-evp-fips-ecdh.patch new file mode 100644 index 0000000..0313c6f --- /dev/null +++ b/openssh-9.0p1-evp-fips-ecdh.patch @@ -0,0 +1,207 @@ +diff --color -ru -x regress -x autom4te.cache -x '*.o' -x '*.lo' -x Makefile -x config.status -x configure~ -x configure.ac ../openssh-8.7p1/kexecdh.c ./kexecdh.c +--- ../openssh-8.7p1/kexecdh.c 2021-08-20 06:03:49.000000000 +0200 ++++ ./kexecdh.c 2023-04-13 14:30:14.882449593 +0200 +@@ -35,17 +35,57 @@ + #include + + #include ++#include ++#include ++#include ++#include + + #include "sshkey.h" + #include "kex.h" + #include "sshbuf.h" + #include "digest.h" + #include "ssherr.h" ++#include "log.h" + + static int + kex_ecdh_dec_key_group(struct kex *, const struct sshbuf *, EC_KEY *key, + const EC_GROUP *, struct sshbuf **); + ++static EC_KEY * ++generate_ec_keys(int ec_nid) ++{ ++ EC_KEY *client_key = NULL; ++ EVP_PKEY *pkey = NULL; ++ EVP_PKEY_CTX *ctx = NULL; ++ OSSL_PARAM_BLD *param_bld = NULL; ++ OSSL_PARAM *params = NULL; ++ const char *group_name; ++ ++ if ((ctx = EVP_PKEY_CTX_new_from_name(NULL, "EC", NULL)) == NULL || ++ (param_bld = OSSL_PARAM_BLD_new()) == NULL) ++ goto out; ++ if ((group_name = OSSL_EC_curve_nid2name(ec_nid)) == NULL || ++ OSSL_PARAM_BLD_push_utf8_string(param_bld, ++ OSSL_PKEY_PARAM_GROUP_NAME, group_name, 0) != 1 || ++ (params = OSSL_PARAM_BLD_to_param(param_bld)) == NULL) { ++ error_f("Could not create OSSL_PARAM"); ++ goto out; ++ } ++ if (EVP_PKEY_keygen_init(ctx) != 1 || ++ EVP_PKEY_CTX_set_params(ctx, params) != 1 || ++ EVP_PKEY_generate(ctx, &pkey) != 1 || ++ (client_key = EVP_PKEY_get1_EC_KEY(pkey)) == NULL) { ++ error_f("Could not generate ec keys"); ++ goto out; ++ } ++out: ++ EVP_PKEY_free(pkey); ++ EVP_PKEY_CTX_free(ctx); ++ OSSL_PARAM_BLD_free(param_bld); ++ OSSL_PARAM_free(params); ++ return client_key; ++} ++ + int + kex_ecdh_keypair(struct kex *kex) + { +@@ -55,11 +95,7 @@ + struct sshbuf *buf = NULL; + int r; + +- if ((client_key = EC_KEY_new_by_curve_name(kex->ec_nid)) == NULL) { +- r = SSH_ERR_ALLOC_FAIL; +- goto out; +- } +- if (EC_KEY_generate_key(client_key) != 1) { ++ if ((client_key = generate_ec_keys(kex->ec_nid)) == NULL) { + r = SSH_ERR_LIBCRYPTO_ERROR; + goto out; + } +@@ -101,11 +137,7 @@ + *server_blobp = NULL; + *shared_secretp = NULL; + +- if ((server_key = EC_KEY_new_by_curve_name(kex->ec_nid)) == NULL) { +- r = SSH_ERR_ALLOC_FAIL; +- goto out; +- } +- if (EC_KEY_generate_key(server_key) != 1) { ++ if ((server_key = generate_ec_keys(kex->ec_nid)) == NULL) { + r = SSH_ERR_LIBCRYPTO_ERROR; + goto out; + } +@@ -140,11 +172,21 @@ + { + struct sshbuf *buf = NULL; + BIGNUM *shared_secret = NULL; +- EC_POINT *dh_pub = NULL; +- u_char *kbuf = NULL; +- size_t klen = 0; ++ EVP_PKEY_CTX *ctx = NULL; ++ EVP_PKEY *pkey = NULL, *dh_pkey = NULL; ++ OSSL_PARAM_BLD *param_bld = NULL; ++ OSSL_PARAM *params = NULL; ++ u_char *kbuf = NULL, *pub = NULL; ++ size_t klen = 0, publen; ++ const char *group_name; + int r; + ++ /* import EC_KEY to EVP_PKEY */ ++ if ((r = ssh_create_evp_ec(key, kex->ec_nid, &pkey)) != 0) { ++ error_f("Could not create EVP_PKEY"); ++ goto out; ++ } ++ + *shared_secretp = NULL; + + if ((buf = sshbuf_new()) == NULL) { +@@ -153,45 +195,82 @@ + } + if ((r = sshbuf_put_stringb(buf, ec_blob)) != 0) + goto out; +- if ((dh_pub = EC_POINT_new(group)) == NULL) { ++ ++ /* the public key is in the buffer in octet string UNCOMPRESSED ++ * format. See sshbuf_put_ec */ ++ if ((r = sshbuf_get_string(buf, &pub, &publen)) != 0) ++ goto out; ++ sshbuf_reset(buf); ++ if ((ctx = EVP_PKEY_CTX_new_from_pkey(NULL, pkey, NULL)) == NULL || ++ (param_bld = OSSL_PARAM_BLD_new()) == NULL) { + r = SSH_ERR_ALLOC_FAIL; + goto out; + } +- if ((r = sshbuf_get_ec(buf, dh_pub, group)) != 0) { ++ if ((group_name = OSSL_EC_curve_nid2name(kex->ec_nid)) == NULL) { ++ r = SSH_ERR_LIBCRYPTO_ERROR; ++ goto out; ++ } ++ if (OSSL_PARAM_BLD_push_octet_string(param_bld, ++ OSSL_PKEY_PARAM_PUB_KEY, pub, publen) != 1 || ++ OSSL_PARAM_BLD_push_utf8_string(param_bld, ++ OSSL_PKEY_PARAM_GROUP_NAME, group_name, 0) != 1 || ++ (params = OSSL_PARAM_BLD_to_param(param_bld)) == NULL) { ++ error_f("Failed to set params for dh_pkey"); ++ r = SSH_ERR_LIBCRYPTO_ERROR; ++ goto out; ++ } ++ if (EVP_PKEY_fromdata_init(ctx) != 1 || ++ EVP_PKEY_fromdata(ctx, &dh_pkey, ++ EVP_PKEY_PUBLIC_KEY, params) != 1 || ++ EVP_PKEY_public_check(ctx) != 1) { ++ error_f("Peer public key import failed"); ++ r = SSH_ERR_LIBCRYPTO_ERROR; + goto out; + } +- sshbuf_reset(buf); + + #ifdef DEBUG_KEXECDH + fputs("public key:\n", stderr); +- sshkey_dump_ec_point(group, dh_pub); ++ EVP_PKEY_print_public_fp(stderr, dh_pkey, 0, NULL); + #endif +- if (sshkey_ec_validate_public(group, dh_pub) != 0) { +- r = SSH_ERR_MESSAGE_INCOMPLETE; ++ EVP_PKEY_CTX_free(ctx); ++ ctx = NULL; ++ if ((ctx = EVP_PKEY_CTX_new_from_pkey(NULL, pkey, NULL)) == NULL || ++ EVP_PKEY_derive_init(ctx) != 1 || ++ EVP_PKEY_derive_set_peer(ctx, dh_pkey) != 1 || ++ EVP_PKEY_derive(ctx, NULL, &klen) != 1) { ++ error_f("Failed to get derive information"); ++ r = SSH_ERR_LIBCRYPTO_ERROR; + goto out; + } +- klen = (EC_GROUP_get_degree(group) + 7) / 8; +- if ((kbuf = malloc(klen)) == NULL || +- (shared_secret = BN_new()) == NULL) { ++ if ((kbuf = malloc(klen)) == NULL) { + r = SSH_ERR_ALLOC_FAIL; + goto out; + } +- if (ECDH_compute_key(kbuf, klen, dh_pub, key, NULL) != (int)klen || +- BN_bin2bn(kbuf, klen, shared_secret) == NULL) { ++ if (EVP_PKEY_derive(ctx, kbuf, &klen) != 1) { + r = SSH_ERR_LIBCRYPTO_ERROR; + goto out; + } + #ifdef DEBUG_KEXECDH + dump_digest("shared secret", kbuf, klen); + #endif ++ if ((shared_secret = BN_new()) == NULL || ++ (BN_bin2bn(kbuf, klen, shared_secret) == NULL)) { ++ r = SSH_ERR_ALLOC_FAIL; ++ goto out; ++ } + if ((r = sshbuf_put_bignum2(buf, shared_secret)) != 0) + goto out; + *shared_secretp = buf; + buf = NULL; + out: +- EC_POINT_clear_free(dh_pub); ++ EVP_PKEY_CTX_free(ctx); ++ EVP_PKEY_free(pkey); ++ EVP_PKEY_free(dh_pkey); ++ OSSL_PARAM_BLD_free(param_bld); ++ OSSL_PARAM_free(params); + BN_clear_free(shared_secret); + freezero(kbuf, klen); ++ freezero(pub, publen); + sshbuf_free(buf); + return r; + } diff --git a/openssh-9.0p1-evp-fips-sign.patch b/openssh-9.0p1-evp-fips-sign.patch new file mode 100644 index 0000000..fc71678 --- /dev/null +++ b/openssh-9.0p1-evp-fips-sign.patch @@ -0,0 +1,468 @@ +diff --color -ru -x regress -x autom4te.cache -x '*.o' -x '*.lo' -x Makefile -x config.status -x configure~ -x configure.ac ../../openssh-8.7p1/ssh-dss.c ./ssh-dss.c +--- ../../openssh-8.7p1/ssh-dss.c 2023-03-08 15:35:14.669943335 +0100 ++++ ./ssh-dss.c 2023-03-08 15:34:33.508578129 +0100 +@@ -32,6 +32,8 @@ + #include + #include + #include ++#include ++#include + + #include + #include +@@ -72,9 +74,8 @@ + sshkey_type_plain(key->type) != KEY_DSA) + return SSH_ERR_INVALID_ARGUMENT; + +- if ((pkey = EVP_PKEY_new()) == NULL || +- EVP_PKEY_set1_DSA(pkey, key->dsa) != 1) +- return SSH_ERR_ALLOC_FAIL; ++ if ((ret = ssh_create_evp_dss(key, &pkey)) != 0) ++ return ret; + ret = sshkey_calculate_signature(pkey, SSH_DIGEST_SHA1, &sigb, &len, + data, datalen); + EVP_PKEY_free(pkey); +@@ -201,11 +202,8 @@ + goto out; + } + +- if ((pkey = EVP_PKEY_new()) == NULL || +- EVP_PKEY_set1_DSA(pkey, key->dsa) != 1) { +- ret = SSH_ERR_ALLOC_FAIL; ++ if ((ret = ssh_create_evp_dss(key, &pkey)) != 0) + goto out; +- } + ret = sshkey_verify_signature(pkey, SSH_DIGEST_SHA1, data, datalen, + sigb, slen); + EVP_PKEY_free(pkey); +@@ -221,4 +219,63 @@ + freezero(sigblob, len); + return ret; + } ++ ++int ++ssh_create_evp_dss(const struct sshkey *k, EVP_PKEY **pkey) ++{ ++ OSSL_PARAM_BLD *param_bld = NULL; ++ EVP_PKEY_CTX *ctx = NULL; ++ const BIGNUM *p = NULL, *q = NULL, *g = NULL, *pub = NULL, *priv = NULL; ++ int ret = 0; ++ ++ if (k == NULL) ++ return SSH_ERR_INVALID_ARGUMENT; ++ if ((ctx = EVP_PKEY_CTX_new_from_name(NULL, "DSA", NULL)) == NULL || ++ (param_bld = OSSL_PARAM_BLD_new()) == NULL) { ++ ret = SSH_ERR_ALLOC_FAIL; ++ goto out; ++ } ++ ++ DSA_get0_pqg(k->dsa, &p, &q, &g); ++ DSA_get0_key(k->dsa, &pub, &priv); ++ ++ if (p != NULL && ++ OSSL_PARAM_BLD_push_BN(param_bld, OSSL_PKEY_PARAM_FFC_P, p) != 1) { ++ ret = SSH_ERR_LIBCRYPTO_ERROR; ++ goto out; ++ } ++ if (q != NULL && ++ OSSL_PARAM_BLD_push_BN(param_bld, OSSL_PKEY_PARAM_FFC_Q, q) != 1) { ++ ret = SSH_ERR_LIBCRYPTO_ERROR; ++ goto out; ++ } ++ if (g != NULL && ++ OSSL_PARAM_BLD_push_BN(param_bld, OSSL_PKEY_PARAM_FFC_G, g) != 1) { ++ ret = SSH_ERR_LIBCRYPTO_ERROR; ++ goto out; ++ } ++ if (pub != NULL && ++ OSSL_PARAM_BLD_push_BN(param_bld, ++ OSSL_PKEY_PARAM_PUB_KEY, ++ pub) != 1) { ++ ret = SSH_ERR_LIBCRYPTO_ERROR; ++ goto out; ++ } ++ if (priv != NULL && ++ OSSL_PARAM_BLD_push_BN(param_bld, ++ OSSL_PKEY_PARAM_PRIV_KEY, ++ priv) != 1) { ++ ret = SSH_ERR_LIBCRYPTO_ERROR; ++ goto out; ++ } ++ if ((*pkey = sshkey_create_evp(param_bld, ctx)) == NULL) { ++ ret = SSH_ERR_LIBCRYPTO_ERROR; ++ goto out; ++ } ++ ++out: ++ OSSL_PARAM_BLD_free(param_bld); ++ EVP_PKEY_CTX_free(ctx); ++ return ret; ++} + #endif /* WITH_OPENSSL */ +diff --color -ru -x regress -x autom4te.cache -x '*.o' -x '*.lo' -x Makefile -x config.status -x configure~ -x configure.ac ../../openssh-8.7p1/ssh-ecdsa.c ./ssh-ecdsa.c +--- ../../openssh-8.7p1/ssh-ecdsa.c 2023-03-08 15:35:14.669943335 +0100 ++++ ./ssh-ecdsa.c 2023-03-08 15:40:52.628201267 +0100 +@@ -34,6 +34,8 @@ + #include + #include + #include ++#include ++#include + + #include + +@@ -72,9 +74,8 @@ + if ((hash_alg = sshkey_ec_nid_to_hash_alg(key->ecdsa_nid)) == -1) + return SSH_ERR_INTERNAL_ERROR; + +- if ((pkey = EVP_PKEY_new()) == NULL || +- EVP_PKEY_set1_EC_KEY(pkey, key->ecdsa) != 1) +- return SSH_ERR_ALLOC_FAIL; ++ if ((ret = ssh_create_evp_ec(key->ecdsa, key->ecdsa_nid, &pkey)) != 0) ++ return ret; + ret = sshkey_calculate_signature(pkey, hash_alg, &sigb, &len, data, + datalen); + EVP_PKEY_free(pkey); +@@ -193,11 +194,8 @@ + goto out; + } + +- if ((pkey = EVP_PKEY_new()) == NULL || +- EVP_PKEY_set1_EC_KEY(pkey, key->ecdsa) != 1) { +- ret = SSH_ERR_ALLOC_FAIL; ++ if (ssh_create_evp_ec(key->ecdsa, key->ecdsa_nid, &pkey) != 0) + goto out; +- } + ret = sshkey_verify_signature(pkey, hash_alg, data, datalen, sigb, len); + EVP_PKEY_free(pkey); + +@@ -212,4 +210,76 @@ + return ret; + } + ++int ++ssh_create_evp_ec(EC_KEY *k, int ecdsa_nid, EVP_PKEY **pkey) ++{ ++ OSSL_PARAM_BLD *param_bld = NULL; ++ EVP_PKEY_CTX *ctx = NULL; ++ BN_CTX *bn_ctx = NULL; ++ uint8_t *pub_ser = NULL; ++ const char *group_name; ++ const EC_POINT *pub = NULL; ++ const BIGNUM *priv = NULL; ++ int ret = 0; ++ ++ if (k == NULL) ++ return SSH_ERR_INVALID_ARGUMENT; ++ if ((ctx = EVP_PKEY_CTX_new_from_name(NULL, "EC", NULL)) == NULL || ++ (param_bld = OSSL_PARAM_BLD_new()) == NULL || ++ (bn_ctx = BN_CTX_new()) == NULL) { ++ ret = SSH_ERR_ALLOC_FAIL; ++ goto out; ++ } ++ ++ if ((group_name = OSSL_EC_curve_nid2name(ecdsa_nid)) == NULL || ++ OSSL_PARAM_BLD_push_utf8_string(param_bld, ++ OSSL_PKEY_PARAM_GROUP_NAME, ++ group_name, ++ strlen(group_name)) != 1) { ++ ret = SSH_ERR_LIBCRYPTO_ERROR; ++ goto out; ++ } ++ if ((pub = EC_KEY_get0_public_key(k)) != NULL) { ++ const EC_GROUP *group; ++ size_t len; ++ ++ group = EC_KEY_get0_group(k); ++ len = EC_POINT_point2oct(group, pub, ++ POINT_CONVERSION_UNCOMPRESSED, NULL, 0, NULL); ++ if ((pub_ser = malloc(len)) == NULL) { ++ ret = SSH_ERR_ALLOC_FAIL; ++ goto out; ++ } ++ EC_POINT_point2oct(group, ++ pub, ++ POINT_CONVERSION_UNCOMPRESSED, ++ pub_ser, ++ len, ++ bn_ctx); ++ if (OSSL_PARAM_BLD_push_octet_string(param_bld, ++ OSSL_PKEY_PARAM_PUB_KEY, ++ pub_ser, ++ len) != 1) { ++ ret = SSH_ERR_LIBCRYPTO_ERROR; ++ goto out; ++ } ++ } ++ if ((priv = EC_KEY_get0_private_key(k)) != NULL && ++ OSSL_PARAM_BLD_push_BN(param_bld, ++ OSSL_PKEY_PARAM_PRIV_KEY, priv) != 1) { ++ ret = SSH_ERR_LIBCRYPTO_ERROR; ++ goto out; ++ } ++ if ((*pkey = sshkey_create_evp(param_bld, ctx)) == NULL) { ++ ret = SSH_ERR_LIBCRYPTO_ERROR; ++ goto out; ++ } ++ ++out: ++ OSSL_PARAM_BLD_free(param_bld); ++ EVP_PKEY_CTX_free(ctx); ++ BN_CTX_free(bn_ctx); ++ free(pub_ser); ++ return ret; ++} + #endif /* WITH_OPENSSL && OPENSSL_HAS_ECC */ +diff --color -ru -x regress -x autom4te.cache -x '*.o' -x '*.lo' -x Makefile -x config.status -x configure~ -x configure.ac ../../openssh-8.7p1/sshkey.c ./sshkey.c +--- ../../openssh-8.7p1/sshkey.c 2023-03-08 15:35:14.702943628 +0100 ++++ ./sshkey.c 2023-03-08 15:39:03.354082015 +0100 +@@ -35,6 +35,8 @@ + #include + #include + #include ++#include ++#include + #endif + + #include "crypto_api.h" +@@ -492,13 +494,14 @@ + { + EVP_MD_CTX *ctx = NULL; + u_char *sig = NULL; +- int ret, slen, len; ++ int ret, slen; ++ size_t len; + + if (sigp == NULL || lenp == NULL) { + return SSH_ERR_INVALID_ARGUMENT; + } + +- slen = EVP_PKEY_size(pkey); ++ slen = EVP_PKEY_get_size(pkey); + if (slen <= 0 || slen > SSHBUF_MAX_BIGNUM) + return SSH_ERR_INVALID_ARGUMENT; + +@@ -511,9 +514,10 @@ + ret = SSH_ERR_ALLOC_FAIL; + goto error; + } +- if (EVP_SignInit_ex(ctx, ssh_digest_to_md(hash_alg), NULL) <= 0 || +- EVP_SignUpdate(ctx, data, datalen) <= 0 || +- EVP_SignFinal(ctx, sig, &len, pkey) <= 0) { ++ if (EVP_DigestSignInit(ctx, NULL, ssh_digest_to_md(hash_alg), ++ NULL, pkey) != 1 || ++ EVP_DigestSignUpdate(ctx, data, datalen) != 1 || ++ EVP_DigestSignFinal(ctx, sig, &len) != 1) { + ret = SSH_ERR_LIBCRYPTO_ERROR; + goto error; + } +@@ -540,12 +544,13 @@ + if ((ctx = EVP_MD_CTX_new()) == NULL) { + return SSH_ERR_ALLOC_FAIL; + } +- if (EVP_VerifyInit_ex(ctx, ssh_digest_to_md(hash_alg), NULL) <= 0 || +- EVP_VerifyUpdate(ctx, data, datalen) <= 0) { ++ if (EVP_DigestVerifyInit(ctx, NULL, ssh_digest_to_md(hash_alg), ++ NULL, pkey) != 1 || ++ EVP_DigestVerifyUpdate(ctx, data, datalen) != 1) { + ret = SSH_ERR_LIBCRYPTO_ERROR; + goto done; + } +- ret = EVP_VerifyFinal(ctx, sigbuf, siglen, pkey); ++ ret = EVP_DigestVerifyFinal(ctx, sigbuf, siglen); + switch (ret) { + case 1: + ret = 0; +@@ -5038,3 +5043,27 @@ + return 0; + } + #endif /* WITH_XMSS */ ++ ++#ifdef WITH_OPENSSL ++EVP_PKEY * ++sshkey_create_evp(OSSL_PARAM_BLD *param_bld, EVP_PKEY_CTX *ctx) ++{ ++ EVP_PKEY *ret = NULL; ++ OSSL_PARAM *params = NULL; ++ if (param_bld == NULL || ctx == NULL) { ++ debug2_f("param_bld or ctx is NULL"); ++ return NULL; ++ } ++ if ((params = OSSL_PARAM_BLD_to_param(param_bld)) == NULL) { ++ debug2_f("Could not build param list"); ++ return NULL; ++ } ++ if (EVP_PKEY_fromdata_init(ctx) != 1 || ++ EVP_PKEY_fromdata(ctx, &ret, EVP_PKEY_KEYPAIR, params) != 1) { ++ debug2_f("EVP_PKEY_fromdata failed"); ++ OSSL_PARAM_free(params); ++ return NULL; ++ } ++ return ret; ++} ++#endif /* WITH_OPENSSL */ +diff --color -ru -x regress -x autom4te.cache -x '*.o' -x '*.lo' -x Makefile -x config.status -x configure~ -x configure.ac ../../openssh-8.7p1/sshkey.h ./sshkey.h +--- ../../openssh-8.7p1/sshkey.h 2023-03-08 15:35:14.702943628 +0100 ++++ ./sshkey.h 2023-03-08 15:34:33.509578138 +0100 +@@ -31,6 +31,9 @@ + #ifdef WITH_OPENSSL + #include + #include ++#include ++#include ++#include + # ifdef OPENSSL_HAS_ECC + # include + # include +@@ -293,6 +295,13 @@ + + void sshkey_sig_details_free(struct sshkey_sig_details *); + ++#ifdef WITH_OPENSSL ++EVP_PKEY *sshkey_create_evp(OSSL_PARAM_BLD *, EVP_PKEY_CTX *); ++int ssh_create_evp_dss(const struct sshkey *, EVP_PKEY **); ++int ssh_create_evp_rsa(const struct sshkey *, EVP_PKEY **); ++int ssh_create_evp_ec(EC_KEY *, int, EVP_PKEY **); ++#endif /* WITH_OPENSSL */ ++ + #ifdef SSHKEY_INTERNAL + int ssh_rsa_sign(const struct sshkey *key, + u_char **sigp, size_t *lenp, const u_char *data, size_t datalen, +diff --color -ru -x regress -x autom4te.cache -x '*.o' -x '*.lo' -x Makefile -x config.status -x configure~ -x configure.ac ../../openssh-8.7p1/ssh-rsa.c ./ssh-rsa.c +--- ../../openssh-8.7p1/ssh-rsa.c 2023-03-08 15:35:14.669943335 +0100 ++++ ./ssh-rsa.c 2023-03-08 15:34:33.509578138 +0100 +@@ -23,6 +23,8 @@ + + #include + #include ++#include ++#include + + #include + #include +@@ -172,9 +174,8 @@ + if (RSA_bits(key->rsa) < SSH_RSA_MINIMUM_MODULUS_SIZE) + return SSH_ERR_KEY_LENGTH; + +- if ((pkey = EVP_PKEY_new()) == NULL || +- EVP_PKEY_set1_RSA(pkey, key->rsa) != 1) +- return SSH_ERR_ALLOC_FAIL; ++ if ((ret = ssh_create_evp_rsa(key, &pkey)) != 0) ++ return ret; + ret = sshkey_calculate_signature(pkey, hash_alg, &sig, &len, data, + datalen); + EVP_PKEY_free(pkey); +@@ -285,11 +286,8 @@ + len = modlen; + } + +- if ((pkey = EVP_PKEY_new()) == NULL || +- EVP_PKEY_set1_RSA(pkey, key->rsa) != 1) { +- ret = SSH_ERR_ALLOC_FAIL; ++ if ((ret = ssh_create_evp_rsa(key, &pkey)) != 0) + goto out; +- } + ret = openssh_RSA_verify(hash_alg, data, datalen, sigblob, len, pkey); + EVP_PKEY_free(pkey); + +@@ -306,11 +304,9 @@ + u_char *sigbuf, size_t siglen, EVP_PKEY *pkey) + { + size_t rsasize = 0; +- const RSA *rsa; + int ret; + +- rsa = EVP_PKEY_get0_RSA(pkey); +- rsasize = RSA_size(rsa); ++ rsasize = EVP_PKEY_get_size(pkey); + if (rsasize <= 0 || rsasize > SSHBUF_MAX_BIGNUM || + siglen == 0 || siglen > rsasize) { + ret = SSH_ERR_INVALID_ARGUMENT; +@@ -323,4 +319,87 @@ + done: + return ret; + } ++ ++int ++ssh_create_evp_rsa(const struct sshkey *k, EVP_PKEY **pkey) ++{ ++ OSSL_PARAM_BLD *param_bld = NULL; ++ EVP_PKEY_CTX *ctx = NULL; ++ int ret = 0; ++ const BIGNUM *n = NULL, *e = NULL, *d = NULL, *p = NULL, *q = NULL; ++ const BIGNUM *dmp1 = NULL, *dmq1 = NULL, *iqmp = NULL; ++ ++ if (k == NULL) ++ return SSH_ERR_INVALID_ARGUMENT; ++ if ((ctx = EVP_PKEY_CTX_new_from_name(NULL, "RSA", NULL)) == NULL || ++ (param_bld = OSSL_PARAM_BLD_new()) == NULL) { ++ ret = SSH_ERR_ALLOC_FAIL; ++ goto out; ++ } ++ ++ RSA_get0_key(k->rsa, &n, &e, &d); ++ RSA_get0_factors(k->rsa, &p, &q); ++ RSA_get0_crt_params(k->rsa, &dmp1, &dmq1, &iqmp); ++ ++ if (n != NULL && ++ OSSL_PARAM_BLD_push_BN(param_bld, OSSL_PKEY_PARAM_RSA_N, n) != 1) { ++ ret = SSH_ERR_LIBCRYPTO_ERROR; ++ goto out; ++ } ++ if (e != NULL && ++ OSSL_PARAM_BLD_push_BN(param_bld, OSSL_PKEY_PARAM_RSA_E, e) != 1) { ++ ret = SSH_ERR_LIBCRYPTO_ERROR; ++ goto out; ++ } ++ if (d != NULL && ++ OSSL_PARAM_BLD_push_BN(param_bld, OSSL_PKEY_PARAM_RSA_D, d) != 1) { ++ ret = SSH_ERR_LIBCRYPTO_ERROR; ++ goto out; ++ } ++ ++ if ((*pkey = sshkey_create_evp(param_bld, ctx)) == NULL) { ++ ret = SSH_ERR_LIBCRYPTO_ERROR; ++ goto out; ++ } ++ ++ /* setting this to param_build makes the creation process fail */ ++ if (p != NULL && ++ EVP_PKEY_set_bn_param(*pkey, OSSL_PKEY_PARAM_RSA_FACTOR1, p) != 1) { ++ debug2_f("failed to add 'p' param"); ++ ret = SSH_ERR_LIBCRYPTO_ERROR; ++ goto out; ++ } ++ if (q != NULL && ++ EVP_PKEY_set_bn_param(*pkey, OSSL_PKEY_PARAM_RSA_FACTOR2, q) != 1) { ++ debug2_f("failed to add 'q' param"); ++ ret = SSH_ERR_LIBCRYPTO_ERROR; ++ goto out; ++ } ++ if (dmp1 != NULL && ++ EVP_PKEY_set_bn_param(*pkey, ++ OSSL_PKEY_PARAM_RSA_EXPONENT1, dmp1) != 1) { ++ debug2_f("failed to add 'dmp1' param"); ++ ret = SSH_ERR_LIBCRYPTO_ERROR; ++ goto out; ++ } ++ if (dmq1 != NULL && ++ EVP_PKEY_set_bn_param(*pkey, ++ OSSL_PKEY_PARAM_RSA_EXPONENT2, dmq1) != 1) { ++ debug2_f("failed to add 'dmq1' param"); ++ ret = SSH_ERR_LIBCRYPTO_ERROR; ++ goto out; ++ } ++ if (iqmp != NULL && ++ EVP_PKEY_set_bn_param(*pkey, ++ OSSL_PKEY_PARAM_RSA_COEFFICIENT1, iqmp) != 1) { ++ debug2_f("failed to add 'iqmp' param"); ++ ret = SSH_ERR_LIBCRYPTO_ERROR; ++ goto out; ++ } ++ ++out: ++ OSSL_PARAM_BLD_free(param_bld); ++ EVP_PKEY_CTX_free(ctx); ++ return ret; ++} + #endif /* WITH_OPENSSL */ diff --git a/openssh-9.0p1-hpn-15.2-modified.patch b/openssh-9.0p1-hpn-15.2-modified.patch index 24605cb..cf04605 100644 --- a/openssh-9.0p1-hpn-15.2-modified.patch +++ b/openssh-9.0p1-hpn-15.2-modified.patch @@ -1012,9 +1012,9 @@ diff -Nur openssh-9.0p1.orig/compat.c openssh-9.0p1/compat.c --- openssh-9.0p1.orig/compat.c 2022-08-30 20:22:42.423819852 +0200 +++ openssh-9.0p1/compat.c 2022-08-30 20:23:49.884993064 +0200 @@ -150,6 +150,17 @@ - debug_f("match: %s pat %s compat 0x%08x", - version, check[i].pat, check[i].bugs); ssh->compat = check[i].bugs; + if (forbid_ssh_rsa) + ssh->compat |= SSH_RH_RSASIGSHA; + /* Check to see if the remote side is OpenSSH and not HPN */ + /* TODO: See if we can work this into the new method for bug checks */ + if (strstr(version, "OpenSSH") != NULL) { From b26b3e1a8b4ecac2c8059dfe0e0817ff6827e7b8 Mon Sep 17 00:00:00 2001 From: Mattias Ellert Date: Wed, 19 Jul 2023 17:05:44 +0200 Subject: [PATCH 15/44] Based on openssh-9.3p1-3.fc39 Fix keyex patch --- gsi-openssh.spec | 42 +- openssh-6.3p1-ctr-evp-fast.patch | 101 ---- openssh-6.6p1-keycat.patch | 4 +- openssh-6.7p1-coverity.patch | 88 ---- openssh-7.3p1-x11-max-displays.patch | 4 +- openssh-7.4p1-systemd.patch | 2 +- openssh-7.5p1-sandbox.patch | 2 +- openssh-7.6p1-audit.patch | 26 +- openssh-7.7p1-fips.patch | 85 ++-- openssh-8.0p1-gssapi-keyex.patch | 183 +++++-- openssh-8.0p1-openssl-evp.patch | 106 ++-- openssh-8.0p1-pkcs11-uri.patch | 106 ++-- openssh-8.7p1-CVE-2023-25136.patch | 38 -- openssh-8.7p1-evpgenkey.patch | 75 ++- openssh-8.7p1-mem-leak.patch | 156 ------ openssh-8.7p1-minrsabits.patch | 436 +--------------- openssh-8.7p1-negotiate-supported-algs.patch | 138 ++++-- openssh-8.7p1-nohostsha1proof.patch | 42 +- openssh-8.7p1-recursive-scp.patch | 18 +- openssh-8.7p1-scp-clears-file.patch | 303 ------------ openssh-8.7p1-scp-kill-switch.patch | 4 +- openssh-8.7p1-ssh-manpage.patch | 2 +- openssh-9.0p1-evp-fips-dh.patch | 80 ++- openssh-9.0p1-evp-fips-sign.patch | 96 ++-- openssh-9.0p1-evp-pkcs11.patch | 145 ++++++ openssh-9.0p1-man-hostkeyalgos.patch | 16 + ...gsissh.patch => openssh-9.3p1-gsissh.patch | 348 ++++++------- ...h => openssh-9.3p1-hpn-15.2-modified.patch | 466 +++++++++--------- openssh-configure-c99-1.patch | 26 - openssh-configure-c99-2.patch | 47 -- openssh-configure-c99-3.patch | 41 -- sources | 4 +- 32 files changed, 1166 insertions(+), 2064 deletions(-) delete mode 100644 openssh-6.3p1-ctr-evp-fast.patch delete mode 100644 openssh-8.7p1-CVE-2023-25136.patch delete mode 100644 openssh-8.7p1-mem-leak.patch delete mode 100644 openssh-8.7p1-scp-clears-file.patch create mode 100644 openssh-9.0p1-evp-pkcs11.patch create mode 100644 openssh-9.0p1-man-hostkeyalgos.patch rename openssh-9.0p1-gsissh.patch => openssh-9.3p1-gsissh.patch (88%) rename openssh-9.0p1-hpn-15.2-modified.patch => openssh-9.3p1-hpn-15.2-modified.patch (87%) delete mode 100644 openssh-configure-c99-1.patch delete mode 100644 openssh-configure-c99-2.patch delete mode 100644 openssh-configure-c99-3.patch diff --git a/gsi-openssh.spec b/gsi-openssh.spec index 7f17562..297581a 100644 --- a/gsi-openssh.spec +++ b/gsi-openssh.spec @@ -23,8 +23,8 @@ # Do we want libedit support %global libedit 1 -%global openssh_ver 9.0p1 -%global openssh_rel 6 +%global openssh_ver 9.3p1 +%global openssh_rel 1 Summary: An implementation of the SSH protocol with GSI authentication Name: gsi-openssh @@ -86,8 +86,6 @@ Patch703: openssh-4.3p2-askpass-grab-info.patch Patch707: openssh-7.7p1-redhat.patch # warn users for unsupported UsePAM=no (#757545) Patch711: openssh-7.8p1-UsePAM-warning.patch -# make aes-ctr ciphers use EVP engines such as AES-NI from OpenSSL -Patch712: openssh-6.3p1-ctr-evp-fast.patch # GSSAPI Key Exchange (RFC 4462 + RFC 8732) # from https://github.com/openssh-gsskex/openssh-gsskex/tree/fedora/master @@ -162,20 +160,10 @@ Patch983: openssh-8.7p1-evpgenkey.patch # From https://bugzilla.redhat.com/show_bug.cgi?id=1976202#c14 Patch984: openssh-8.7p1-ibmca.patch -# Fix for scp clearing file when src and dest are the same (#2056884) -# upstream commits: -# 7b1cbcb7599d9f6a3bbad79d412604aa1203b5ee -Patch1001: openssh-8.7p1-scp-clears-file.patch # Add missing options from ssh_config into ssh manpage # upstream bug: # https://bugzilla.mindrot.org/show_bug.cgi?id=3455 Patch1002: openssh-8.7p1-ssh-manpage.patch -# Always return allocated strings from the kex filtering so that we can free them -# upstream commits: -# 486c4dc3b83b4b67d663fb0fa62bc24138ec3946 -# 6c31ba10e97b6953c4f325f526f3e846dfea647a -# 322964f8f2e9c321e77ebae1e4d2cd0ccc5c5a0b -Patch1003: openssh-8.7p1-mem-leak.patch # Reenable MONITOR_REQ_GSSCHECKMIC after gssapi-with-mic failures # upstream MR: # https://github.com/openssh-gsskex/openssh-gsskex/pull/21 @@ -184,27 +172,26 @@ Patch1004: openssh-8.7p1-gssapi-auth.patch # upstream MR: # https://github.com/openssh/openssh-portable/pull/323 Patch1006: openssh-8.7p1-negotiate-supported-algs.patch -Patch1007: openssh-configure-c99-1.patch -Patch1008: openssh-configure-c99-2.patch -Patch1009: openssh-configure-c99-3.patch - -Patch1010: openssh-8.7p1-CVE-2023-25136.patch Patch1011: openssh-9.0p1-evp-fips-sign.patch Patch1012: openssh-9.0p1-evp-fips-dh.patch Patch1013: openssh-9.0p1-evp-fips-ecdh.patch Patch1014: openssh-8.7p1-nohostsha1proof.patch +Patch1015: openssh-9.0p1-evp-pkcs11.patch + +# clarify rhbz#2068423 on the man page of ssh_config +Patch1016: openssh-9.0p1-man-hostkeyalgos.patch # Fix issue with read-only ssh buffer during gssapi key exchange (#1938224) # https://github.com/openssh-gsskex/openssh-gsskex/pull/19 Patch97: openssh-8.0p1-sshbuf-readonly.patch # This is the patch that adds GSI support # Based on hpn_isshd-gsi.7.5p1b.patch from Globus upstream -Patch98: openssh-9.0p1-gsissh.patch +Patch98: openssh-9.3p1-gsissh.patch # This is the HPN patch # Based on https://sourceforge.net/projects/hpnssh/files/Patches/HPN-SSH%2015v2%208.5p1/ -Patch99: openssh-9.0p1-hpn-15.2-modified.patch +Patch99: openssh-9.3p1-hpn-15.2-modified.patch License: BSD Requires: /sbin/nologin @@ -312,7 +299,6 @@ gpgv2 --quiet --keyring %{SOURCE3} %{SOURCE1} %{SOURCE0} %patch703 -p1 -b .grab-info %patch707 -p1 -b .redhat %patch711 -p1 -b .log-usepam-no -%patch712 -p1 -b .evp-ctr %patch800 -p1 -b .gsskex %patch801 -p1 -b .force_krb @@ -352,19 +338,15 @@ gpgv2 --quiet --keyring %{SOURCE3} %{SOURCE1} %{SOURCE0} %patch202 -p1 -b .audit-log %patch700 -p1 -b .fips -%patch1001 -p1 -b .scp-clears-file %patch1002 -p1 -b .ssh-manpage -%patch1003 -p1 -b .mem-leak %patch1004 -p1 -b .gssapi-auth %patch1006 -p1 -b .negotiate-supported-algs -%patch1007 -p1 -b .configure-c99-1 -%patch1008 -p1 -b .configure-c99-2 -%patch1009 -p1 -b .configure-c99-3 -%patch1010 -p1 -b .cve-2023-25136 %patch1011 -p1 -b .evp-fips-sign %patch1012 -p1 -b .evp-fips-dh %patch1013 -p1 -b .evp-fips-ecdh %patch1014 -p1 -b .nosha1hostproof +%patch1015 -p1 -b .evp-pkcs11 +%patch1016 -p1 -b .man-hostkeyalgos %patch100 -p1 -b .coverity @@ -563,6 +545,10 @@ fi %attr(0744,root,root) %{_libexecdir}/gsissh/ssh-host-keys-migration.sh %changelog +* Wed Jul 19 2023 Mattias Ellert - 9.3p1-1 +- Based on openssh-9.3p1-3.fc39 +- Fix keyex patch + * Sun Apr 16 2023 Mattias Ellert - 9.0p1-6 - Based on openssh-9.0p1-17.fc39 diff --git a/openssh-6.3p1-ctr-evp-fast.patch b/openssh-6.3p1-ctr-evp-fast.patch deleted file mode 100644 index ddcb7f1..0000000 --- a/openssh-6.3p1-ctr-evp-fast.patch +++ /dev/null @@ -1,101 +0,0 @@ -diff -up openssh-5.9p1/cipher-ctr.c.ctr-evp openssh-5.9p1/cipher-ctr.c ---- openssh-5.9p1/cipher-ctr.c.ctr-evp 2012-01-11 09:24:06.000000000 +0100 -+++ openssh-5.9p1/cipher-ctr.c 2012-01-11 15:54:04.675956600 +0100 -@@ -38,7 +38,7 @@ void ssh_aes_ctr_iv(EVP_CIPHER_CTX *, in - - struct ssh_aes_ctr_ctx - { -- AES_KEY aes_ctx; -+ EVP_CIPHER_CTX ecbctx; - u_char aes_counter[AES_BLOCK_SIZE]; - }; - -@@ -63,21 +63,42 @@ ssh_aes_ctr(EVP_CIPHER_CTX *ctx, u_char - { - struct ssh_aes_ctr_ctx *c; - size_t n = 0; -- u_char buf[AES_BLOCK_SIZE]; -+ u_char ctrbuf[AES_BLOCK_SIZE*256]; -+ u_char buf[AES_BLOCK_SIZE*256]; - - if (len == 0) - return (1); - if ((c = EVP_CIPHER_CTX_get_app_data(ctx)) == NULL) - return (0); - -- while ((len--) > 0) { -+ for (; len > 0; len -= sizeof(u_int)) { -+ u_int r,a,b; -+ - if (n == 0) { -- AES_encrypt(c->aes_counter, buf, &c->aes_ctx); -- ssh_ctr_inc(c->aes_counter, AES_BLOCK_SIZE); -+ int outl, i, buflen; -+ -+ buflen = MIN(len, sizeof(ctrbuf)); -+ -+ for(i = 0; i < buflen; i += AES_BLOCK_SIZE) { -+ memcpy(&ctrbuf[i], c->aes_counter, AES_BLOCK_SIZE); -+ ssh_ctr_inc(c->aes_counter, AES_BLOCK_SIZE); -+ } -+ -+ EVP_EncryptUpdate(&c->ecbctx, buf, &outl, -+ ctrbuf, buflen); - } -- *(dest++) = *(src++) ^ buf[n]; -- n = (n + 1) % AES_BLOCK_SIZE; -+ -+ memcpy(&a, src, sizeof(a)); -+ memcpy(&b, &buf[n], sizeof(b)); -+ r = a ^ b; -+ memcpy(dest, &r, sizeof(r)); -+ src += sizeof(a); -+ dest += sizeof(r); -+ -+ n = (n + sizeof(b)) % sizeof(buf); - } -+ memset(ctrbuf, '\0', sizeof(ctrbuf)); -+ memset(buf, '\0', sizeof(buf)); - return (1); - } - -@@ -91,9 +112,28 @@ ssh_aes_ctr_init(EVP_CIPHER_CTX *ctx, co - c = xmalloc(sizeof(*c)); - EVP_CIPHER_CTX_set_app_data(ctx, c); - } -- if (key != NULL) -- AES_set_encrypt_key(key, EVP_CIPHER_CTX_key_length(ctx) * 8, -- &c->aes_ctx); -+ -+ EVP_CIPHER_CTX_init(&c->ecbctx); -+ -+ if (key != NULL) { -+ const EVP_CIPHER *cipher; -+ switch(EVP_CIPHER_CTX_key_length(ctx)*8) { -+ case 128: -+ cipher = EVP_aes_128_ecb(); -+ break; -+ case 192: -+ cipher = EVP_aes_192_ecb(); -+ break; -+ case 256: -+ cipher = EVP_aes_256_ecb(); -+ break; -+ default: -+ fatal("ssh_aes_ctr_init: wrong aes key length"); -+ } -+ if(!EVP_EncryptInit_ex(&c->ecbctx, cipher, NULL, key, NULL)) -+ fatal("ssh_aes_ctr_init: cannot initialize aes encryption"); -+ EVP_CIPHER_CTX_set_padding(&c->ecbctx, 0); -+ } - if (iv != NULL) - memcpy(c->aes_counter, iv, AES_BLOCK_SIZE); - return (1); -@@ -105,6 +145,7 @@ ssh_aes_ctr_cleanup(EVP_CIPHER_CTX *ctx) - struct ssh_aes_ctr_ctx *c; - - if ((c = EVP_CIPHER_CTX_get_app_data(ctx)) != NULL) { -+ EVP_CIPHER_CTX_cleanup(&c->ecbctx); - memset(c, 0, sizeof(*c)); - free(c); - EVP_CIPHER_CTX_set_app_data(ctx, NULL); diff --git a/openssh-6.6p1-keycat.patch b/openssh-6.6p1-keycat.patch index 2aa14bd..529b508 100644 --- a/openssh-6.6p1-keycat.patch +++ b/openssh-6.6p1-keycat.patch @@ -61,13 +61,13 @@ diff -up openssh/Makefile.in.keycat openssh/Makefile.in ssh-xmss.o \ @@ -190,6 +191,9 @@ ssh-pkcs11-helper$(EXEEXT): $(LIBCOMPAT) ssh-sk-helper$(EXEEXT): $(LIBCOMPAT) libssh.a $(SKHELPER_OBJS) - $(LD) -o $@ $(SKHELPER_OBJS) $(LDFLAGS) -lssh -lopenbsd-compat -lssh -lopenbsd-compat $(LIBS) $(LIBFIDO2) + $(LD) -o $@ $(SKHELPER_OBJS) $(LDFLAGS) -lssh -lopenbsd-compat -lssh -lopenbsd-compat $(LIBS) $(LIBFIDO2) $(CHANNELLIBS) +ssh-keycat$(EXEEXT): $(LIBCOMPAT) $(SSHDOBJS) libssh.a ssh-keycat.o uidswap.o + $(LD) -o $@ ssh-keycat.o uidswap.o $(LDFLAGS) -lssh -lopenbsd-compat $(KEYCATLIBS) $(LIBS) + ssh-keyscan$(EXEEXT): $(LIBCOMPAT) libssh.a $(SSHKEYSCAN_OBJS) - $(LD) -o $@ $(SSHKEYSCAN_OBJS) $(LDFLAGS) -lssh -lopenbsd-compat -lssh $(LIBS) + $(LD) -o $@ $(SSHKEYSCAN_OBJS) $(LDFLAGS) -lssh -lopenbsd-compat -lssh $(LIBS) $(CHANNELLIBS) @@ -321,6 +325,7 @@ install-files: $(INSTALL) -m 4711 $(STRIP_OPT) ssh-keysign$(EXEEXT) $(DESTDIR)$(SSH_KEYSIGN)$(EXEEXT) diff --git a/openssh-6.7p1-coverity.patch b/openssh-6.7p1-coverity.patch index 08d6b99..494f4c6 100644 --- a/openssh-6.7p1-coverity.patch +++ b/openssh-6.7p1-coverity.patch @@ -28,17 +28,6 @@ diff -up openssh-8.5p1/auth-options.c.coverity openssh-8.5p1/auth-options.c return 0; } -diff -up openssh-8.5p1/dns.c.coverity openssh-8.5p1/dns.c ---- openssh-8.5p1/dns.c.coverity 2021-03-02 11:31:47.000000000 +0100 -+++ openssh-8.5p1/dns.c 2021-03-24 12:03:33.783968166 +0100 -@@ -282,6 +282,7 @@ verify_host_key_dns(const char *hostname - &hostkey_digest, &hostkey_digest_len, hostkey)) { - error("Error calculating key fingerprint."); - freerrset(fingerprints); -+ free(dnskey_digest); - return -1; - } - diff -up openssh-8.5p1/gss-genr.c.coverity openssh-8.5p1/gss-genr.c --- openssh-8.5p1/gss-genr.c.coverity 2021-03-26 11:52:46.613942552 +0100 +++ openssh-8.5p1/gss-genr.c 2021-03-26 11:54:37.881726318 +0100 @@ -154,17 +143,6 @@ diff -up openssh-8.5p1/misc.c.coverity openssh-8.5p1/misc.c return ret; } -diff -up openssh-8.5p1/moduli.c.coverity openssh-8.5p1/moduli.c ---- openssh-8.5p1/moduli.c.coverity 2021-03-02 11:31:47.000000000 +0100 -+++ openssh-8.5p1/moduli.c 2021-03-24 12:03:33.784968173 +0100 -@@ -476,6 +476,7 @@ write_checkpoint(char *cpfile, u_int32_t - else - logit("failed to write to checkpoint file '%s': %s", cpfile, - strerror(errno)); -+ /* coverity[leaked_storage : FALSE] */ - } - - static unsigned long diff -up openssh-7.4p1/monitor.c.coverity openssh-7.4p1/monitor.c --- openssh-7.4p1/monitor.c.coverity 2016-12-23 16:40:26.888788688 +0100 +++ openssh-7.4p1/monitor.c 2016-12-23 16:40:26.900788691 +0100 @@ -300,24 +278,6 @@ diff -up openssh-8.7p1/serverloop.c.coverity openssh-8.7p1/serverloop.c if (tun != SSH_TUNID_ANY && auth_opts->force_tun_device != (int)tun) goto done; -diff -up openssh-8.5p1/session.c.coverity openssh-8.5p1/session.c ---- openssh-8.5p1/session.c.coverity 2021-03-24 12:03:33.777968124 +0100 -+++ openssh-8.5p1/session.c 2021-03-24 12:03:33.786968187 +0100 -@@ -1223,12 +1223,14 @@ do_setup_env(struct ssh *ssh, Session *s - /* Environment specified by admin */ - for (i = 0; i < options.num_setenv; i++) { - cp = xstrdup(options.setenv[i]); -+ /* coverity[overwrite_var : FALSE] */ - if ((value = strchr(cp, '=')) == NULL) { - /* shouldn't happen; vars are checked in servconf.c */ - fatal("Invalid config SetEnv: %s", options.setenv[i]); - } - *value++ = '\0'; - child_set_env(&env, &envsize, cp, value); -+ free(cp); - } - - /* SSH_CLIENT deprecated */ diff -up openssh-7.4p1/sftp.c.coverity openssh-7.4p1/sftp.c --- openssh-7.4p1/sftp.c.coverity 2016-12-19 05:59:41.000000000 +0100 +++ openssh-7.4p1/sftp.c 2016-12-23 16:40:26.903788691 +0100 @@ -330,25 +290,6 @@ diff -up openssh-7.4p1/sftp.c.coverity openssh-7.4p1/sftp.c } _exit(1); -@@ -985,6 +987,7 @@ do_globbed_ls(struct sftp_conn *conn, co - if (lflag & LS_LONG_VIEW) { - if (g.gl_statv[i] == NULL) { - error("no stat information for %s", fname); -+ free(fname); - continue; - } - lname = ls_file(fname, g.gl_statv[i], 1, -diff -up openssh-8.5p1/sk-usbhid.c.coverity openssh-8.5p1/sk-usbhid.c ---- openssh-8.5p1/sk-usbhid.c.coverity 2021-03-02 11:31:47.000000000 +0100 -+++ openssh-8.5p1/sk-usbhid.c 2021-03-24 12:03:33.786968187 +0100 -@@ -1256,6 +1256,7 @@ sk_load_resident_keys(const char *pin, s - freezero(rks[i], sizeof(*rks[i])); - } - free(rks); -+ free(device); - return ret; - } - diff -up openssh-7.4p1/ssh-agent.c.coverity openssh-7.4p1/ssh-agent.c --- openssh-7.4p1/ssh-agent.c.coverity 2016-12-19 05:59:41.000000000 +0100 +++ openssh-7.4p1/ssh-agent.c 2016-12-23 16:40:26.903788691 +0100 @@ -423,32 +364,3 @@ diff -up openssh-8.5p1/ssh-keygen.c.coverity openssh-8.5p1/ssh-keygen.c } else { if (strncasecmp(cp, "key:", 4) == 0) { cp += 4; -@@ -2879,6 +2882,7 @@ do_moduli_screen(const char *out_file, c - } else if (strncmp(opts[i], "start-line=", 11) == 0) { - start_lineno = strtoul(opts[i]+11, NULL, 10); - } else if (strncmp(opts[i], "checkpoint=", 11) == 0) { -+ free(checkpoint); - checkpoint = xstrdup(opts[i]+11); - } else if (strncmp(opts[i], "generator=", 10) == 0) { - generator_wanted = (u_int32_t)strtonum( -@@ -2920,6 +2924,9 @@ do_moduli_screen(const char *out_file, c - #else /* WITH_OPENSSL */ - fatal("Moduli screening is not supported"); - #endif /* WITH_OPENSSL */ -+ free(checkpoint); -+ if (in != stdin) -+ fclose(in); - } - - static char * -diff -up openssh-8.5p1/sshsig.c.coverity openssh-8.5p1/sshsig.c ---- openssh-8.5p1/sshsig.c.coverity 2021-03-02 11:31:47.000000000 +0100 -+++ openssh-8.5p1/sshsig.c 2021-03-24 12:03:33.787968194 +0100 -@@ -515,6 +515,7 @@ hash_file(int fd, const char *hashalg, s - oerrno = errno; - error_f("read: %s", strerror(errno)); - ssh_digest_free(ctx); -+ ctx = NULL; - errno = oerrno; - r = SSH_ERR_SYSTEM_ERROR; - goto out; diff --git a/openssh-7.3p1-x11-max-displays.patch b/openssh-7.3p1-x11-max-displays.patch index ad181cb..2b702d4 100644 --- a/openssh-7.3p1-x11-max-displays.patch +++ b/openssh-7.3p1-x11-max-displays.patch @@ -82,7 +82,7 @@ diff -up openssh-7.4p1/channels.h.x11max openssh-7.4p1/channels.h +++ openssh-7.4p1/channels.h 2016-12-23 15:46:32.139506636 +0100 @@ -293,7 +293,7 @@ int permitopen_port(const char *); - void channel_set_x11_refuse_time(struct ssh *, u_int); + void channel_set_x11_refuse_time(struct ssh *, time_t); int x11_connect_display(struct ssh *); -int x11_create_display_inet(struct ssh *, int, int, int, u_int *, int **); +int x11_create_display_inet(struct ssh *, int, int, int, int, u_int *, int **); @@ -191,8 +191,8 @@ diff -up openssh-7.4p1/sshd_config.5.x11max openssh-7.4p1/sshd_config.5 --- openssh-7.4p1/sshd_config.5.x11max 2016-12-23 15:46:32.134506635 +0100 +++ openssh-7.4p1/sshd_config.5 2016-12-23 15:46:32.141506636 +0100 @@ -1133,6 +1133,7 @@ Available keywords are - .Cm StreamLocalBindUnlink , .Cm TrustedUserCAKeys , + .Cm UnusedConnectionTimeout , .Cm X11DisplayOffset , +.Cm X11MaxDisplays , .Cm X11Forwarding diff --git a/openssh-7.4p1-systemd.patch b/openssh-7.4p1-systemd.patch index 4f9e58a..1242aac 100644 --- a/openssh-7.4p1-systemd.patch +++ b/openssh-7.4p1-systemd.patch @@ -9,8 +9,8 @@ index 2ffc369..162ce92 100644 --- a/configure.ac +++ b/configure.ac @@ -4265,6 +4265,30 @@ AC_ARG_WITH([kerberos5], - AC_SUBST([GSSLIBS]) AC_SUBST([K5LIBS]) + AC_SUBST([CHANNELLIBS]) +# Check whether user wants systemd support +SYSTEMD_MSG="no" diff --git a/openssh-7.5p1-sandbox.patch b/openssh-7.5p1-sandbox.patch index 7217c64..90640a0 100644 --- a/openssh-7.5p1-sandbox.patch +++ b/openssh-7.5p1-sandbox.patch @@ -21,7 +21,7 @@ index ca75cc7..6e7de31 100644 + SC_ALLOW(__NR_flock), +#endif #ifdef __NR_futex - SC_ALLOW(__NR_futex), + SC_FUTEX(__NR_futex), #endif @@ -178,6 +181,9 @@ static const struct sock_filter preauth_insns[] = { #ifdef __NR_gettimeofday diff --git a/openssh-7.6p1-audit.patch b/openssh-7.6p1-audit.patch index 2d3aae9..748c4b6 100644 --- a/openssh-7.6p1-audit.patch +++ b/openssh-7.6p1-audit.patch @@ -802,8 +802,8 @@ diff -up openssh-8.6p1/auth2-pubkey.c.audit openssh-8.6p1/auth2-pubkey.c +} + static int - match_principals_option(const char *principal_list, struct sshkey_cert *cert) - { + match_principals_file(struct passwd *pw, char *file, + struct sshkey_cert *cert, struct sshauthopt **authoptsp) diff -up openssh-8.6p1/auth.c.audit openssh-8.6p1/auth.c --- openssh-8.6p1/auth.c.audit 2021-04-19 16:47:35.681061553 +0200 +++ openssh-8.6p1/auth.c 2021-04-19 16:47:35.754062114 +0200 @@ -820,15 +820,6 @@ diff -up openssh-8.6p1/auth.c.audit openssh-8.6p1/auth.c diff -up openssh-8.6p1/auth.h.audit openssh-8.6p1/auth.h --- openssh-8.6p1/auth.h.audit 2021-04-19 16:47:35.697061676 +0200 +++ openssh-8.6p1/auth.h 2021-04-19 16:47:35.754062114 +0200 -@@ -193,6 +193,8 @@ struct passwd * getpwnamallow(struct ssh - - char *expand_authorized_keys(const char *, struct passwd *pw); - char *authorized_principals_file(struct passwd *); -+int user_key_verify(struct ssh *, const struct sshkey *, const u_char *, size_t, -+ const u_char *, size_t, const char *, u_int, struct sshkey_sig_details **); - - FILE *auth_openkeyfile(const char *, struct passwd *, int); - FILE *auth_openprincipals(const char *, struct passwd *, int); @@ -212,6 +214,8 @@ struct sshkey *get_hostkey_private_by_ty int get_hostkey_index(struct sshkey *, int, struct ssh *); int sshd_hostkey_sign(struct ssh *, struct sshkey *, struct sshkey *, @@ -838,6 +829,15 @@ diff -up openssh-8.6p1/auth.h.audit openssh-8.6p1/auth.h /* Key / cert options linkage to auth layer */ const struct sshauthopt *auth_options(struct ssh *); +@@ -239,6 +241,8 @@ struct passwd * getpwnamallow(struct ssh + char *, const char *, const char *, const char *, struct sshauthopt **); + int auth_check_authkeys_file(struct passwd *, FILE *, char *, + struct sshkey *, const char *, const char *, struct sshauthopt **); ++int user_key_verify(struct ssh *, const struct sshkey *, const u_char *, size_t, ++ const u_char *, size_t, const char *, u_int, struct sshkey_sig_details **); + FILE *auth_openkeyfile(const char *, struct passwd *, int); + FILE *auth_openprincipals(const char *, struct passwd *, int); + diff -up openssh-8.6p1/cipher.c.audit openssh-8.6p1/cipher.c --- openssh-8.6p1/cipher.c.audit 2021-04-16 05:55:25.000000000 +0200 +++ openssh-8.6p1/cipher.c 2021-04-19 16:47:35.755062122 +0200 @@ -910,9 +910,9 @@ diff -up openssh-8.6p1/kex.c.audit openssh-8.6p1/kex.c --- openssh-8.6p1/kex.c.audit 2021-04-19 16:47:35.743062030 +0200 +++ openssh-8.6p1/kex.c 2021-04-19 16:47:35.755062122 +0200 @@ -65,6 +65,7 @@ - #include "ssherr.h" #include "sshbuf.h" #include "digest.h" + #include "xmalloc.h" +#include "audit.h" #ifdef GSSAPI @@ -2006,7 +2006,7 @@ diff -up openssh-8.6p1/session.h.audit openssh-8.6p1/session.h @@ -71,10 +77,12 @@ void session_unused(int); int session_input_channel_req(struct ssh *, Channel *, const char *); void session_close_by_pid(struct ssh *ssh, pid_t, int); - void session_close_by_channel(struct ssh *, int, void *); + void session_close_by_channel(struct ssh *, int, int, void *); -void session_destroy_all(struct ssh *, void (*)(Session *)); +void session_destroy_all(struct ssh *, void (*)(struct ssh*, Session *)); void session_pty_cleanup2(Session *); diff --git a/openssh-7.7p1-fips.patch b/openssh-7.7p1-fips.patch index d1e44b0..180f13e 100644 --- a/openssh-7.7p1-fips.patch +++ b/openssh-7.7p1-fips.patch @@ -368,14 +368,6 @@ diff -up openssh-8.6p1/sshd.c.fips openssh-8.6p1/sshd.c #include "openbsd-compat/openssl-compat.h" #endif -@@ -1619,6 +1621,7 @@ main(int ac, char **av) - #endif - __progname = ssh_get_progname(av[0]); - -+ OpenSSL_add_all_algorithms(); - /* Save argv. Duplicate so setproctitle emulation doesn't clobber it */ - saved_argc = ac; - rexec_argc = ac; @@ -1931,6 +1931,13 @@ main(int ac, char **av) &key, NULL)) != 0 && r != SSH_ERR_SYSTEM_ERROR) do_log2_r(r, ll, "Unable to load host key \"%s\"", @@ -440,11 +432,11 @@ diff -up openssh-8.6p1/sshkey.c.fips openssh-8.6p1/sshkey.c #ifdef WITH_XMSS @@ -285,6 +285,18 @@ sshkey_alg_list(int certs_only, int plai - for (kt = keytypes; kt->type != -1; kt++) { - if (kt->name == NULL || kt->type == KEY_NULL) + impl = keyimpls[i]; + if (impl->name == NULL || impl->type == KEY_NULL) continue; + if (FIPS_mode()) { -+ switch (kt->type) { ++ switch (impl->type) { + case KEY_ED25519: + case KEY_ED25519_SK: + case KEY_ED25519_CERT: @@ -455,9 +447,9 @@ diff -up openssh-8.6p1/sshkey.c.fips openssh-8.6p1/sshkey.c + break; + } + } - if (!include_sigonly && kt->sigonly) + if (!include_sigonly && impl->sigonly) continue; - if ((certs_only && !kt->cert) || (plain_only && kt->cert)) + if ((certs_only && !impl->cert) || (plain_only && impl->cert)) @@ -1503,6 +1503,20 @@ sshkey_read(struct sshkey *ret, char **c return SSH_ERR_EC_CURVE_MISMATCH; } @@ -477,40 +469,31 @@ diff -up openssh-8.6p1/sshkey.c.fips openssh-8.6p1/sshkey.c + break; + } /* Fill in ret from parsed key */ - ret->type = type; - if (sshkey_is_cert(ret)) { -@@ -1705,6 +1707,8 @@ rsa_generate_private_key(u_int bits, RSA - goto out; - - if (EVP_PKEY_keygen(ctx, &res) <= 0) { -+ if (FIPS_mode()) -+ logit_f("the key length might be unsupported by FIPS mode approved key generation method"); - ret = SSH_ERR_LIBCRYPTO_ERROR; - goto out; - } + sshkey_free_contents(ret); + *ret = *k; @@ -2916,6 +2916,11 @@ sshkey_sign(struct sshkey *key, - break; - case KEY_ED25519_SK: - case KEY_ED25519_SK_CERT: -+ if (FIPS_mode()) { + *lenp = 0; + if (datalen > SSH_KEY_MAX_SIGN_DATA_SIZE) + return SSH_ERR_INVALID_ARGUMENT; ++ if (FIPS_mode() && ((key->type == KEY_ED25519_SK) || (key->type == KEY_ED25519_SK_CERT))) { + logit_f("Ed25519 keys are not allowed in FIPS mode"); + return SSH_ERR_INVALID_ARGUMENT; + } + /* Fallthrough */ - case KEY_ECDSA_SK_CERT: - case KEY_ECDSA_SK: - r = sshsk_sign(sk_provider, key, sigp, lenp, data, + if ((impl = sshkey_impl_from_key(key)) == NULL) + return SSH_ERR_KEY_TYPE_UNKNOWN; + if ((r = sshkey_unshield_private(key)) != 0) @@ -2973,6 +2978,10 @@ sshkey_verify(const struct sshkey *key, - return ssh_ed25519_verify(key, sig, siglen, data, dlen, compat); - case KEY_ED25519_SK: - case KEY_ED25519_SK_CERT: -+ if (FIPS_mode()) { + *detailsp = NULL; + if (siglen == 0 || dlen > SSH_KEY_MAX_SIGN_DATA_SIZE) + return SSH_ERR_INVALID_ARGUMENT; ++ if (FIPS_mode() && ((key->type == KEY_ED25519_SK) || (key->type == KEY_ED25519_SK_CERT))) { + logit_f("Ed25519 keys are not allowed in FIPS mode"); + return SSH_ERR_INVALID_ARGUMENT; + } - return ssh_ed25519_sk_verify(key, sig, siglen, data, dlen, - compat, detailsp); - #ifdef WITH_XMSS + if ((impl = sshkey_impl_from_key(key)) == NULL) + return SSH_ERR_KEY_TYPE_UNKNOWN; + return impl->funcs->verify(key, sig, siglen, data, dlen, diff -up openssh-8.6p1/ssh-keygen.c.fips openssh-8.6p1/ssh-keygen.c --- openssh-8.6p1/ssh-keygen.c.fips 2021-05-06 12:08:36.467926637 +0200 +++ openssh-8.6p1/ssh-keygen.c 2021-05-06 12:08:36.503926916 +0200 @@ -554,6 +537,26 @@ diff -up openssh-8.6p1/ssh-keygen.c.fips openssh-8.6p1/ssh-keygen.c if ((fd = mkstemp(prv_tmp)) == -1) { error("Could not save your private key in %s: %s", prv_tmp, strerror(errno)); +diff -up openssh-9.3p1/ssh-rsa.c.evpgenrsa openssh-9.3p1/ssh-rsa.c +--- openssh-9.3p1/ssh-rsa.c.evpgenrsa 2022-06-30 15:14:58.200518353 +0200 ++++ openssh-9.3p1/ssh-rsa.c 2022-06-30 15:24:31.499641196 +0200 +@@ -31,6 +31,7 @@ + + #include + #include ++#include + + #include + #include +@@ -1705,6 +1707,8 @@ ssh_rsa_generate(u_int bits, RSA + goto out; + + if (EVP_PKEY_keygen(ctx, &res) <= 0) { ++ if (FIPS_mode()) ++ logit_f("the key length might be unsupported by FIPS mode approved key generation method"); + ret = SSH_ERR_LIBCRYPTO_ERROR; + goto out; + } diff -up openssh-8.7p1/kexgen.c.fips3 openssh-8.7p1/kexgen.c --- openssh-8.7p1/kexgen.c.fips3 2022-07-11 16:11:21.973519913 +0200 +++ openssh-8.7p1/kexgen.c 2022-07-11 16:25:31.172187365 +0200 @@ -663,13 +666,13 @@ diff -up openssh-8.7p1/ssh-ed25519.c.fips3 openssh-8.7p1/ssh-ed25519.c if ((sig = malloc(slen)) == NULL) return SSH_ERR_ALLOC_FAIL; @@ -108,6 +113,10 @@ ssh_ed25519_verify(const struct sshkey * - datalen >= INT_MAX - crypto_sign_ed25519_BYTES || - signature == NULL || signaturelen == 0) + dlen >= INT_MAX - crypto_sign_ed25519_BYTES || + sig == NULL || siglen == 0) return SSH_ERR_INVALID_ARGUMENT; + if (FIPS_mode()) { + logit_f("Ed25519 keys are not allowed in FIPS mode"); + return SSH_ERR_INVALID_ARGUMENT; + } - if ((b = sshbuf_from(signature, signaturelen)) == NULL) + if ((b = sshbuf_from(sig, siglen)) == NULL) return SSH_ERR_ALLOC_FAIL; diff --git a/openssh-8.0p1-gssapi-keyex.patch b/openssh-8.0p1-gssapi-keyex.patch index d5dfd7e..3e79581 100644 --- a/openssh-8.0p1-gssapi-keyex.patch +++ b/openssh-8.0p1-gssapi-keyex.patch @@ -12,13 +12,22 @@ index e7549470..b68c1710 100644 @@ -125,7 +126,7 @@ SSHDOBJS=sshd.o auth-rhosts.o auth-passwd.o \ auth-bsdauth.o auth2-hostbased.o auth2-kbdint.o \ - auth2-none.o auth2-passwd.o auth2-pubkey.o \ + auth2-none.o auth2-passwd.o auth2-pubkey.o auth2-pubkeyfile.o \ monitor.o monitor_wrap.o auth-krb5.o \ - auth2-gss.o gss-serv.o gss-serv-krb5.o \ + auth2-gss.o gss-serv.o gss-serv-krb5.o kexgsss.o \ loginrec.o auth-pam.o auth-shadow.o auth-sia.o \ srclimit.o sftp-server.o sftp-common.o \ sandbox-null.o sandbox-rlimit.o sandbox-systrace.o sandbox-darwin.o \ +@@ -523,7 +523,7 @@ regress-prep: + ln -s `cd $(srcdir) && pwd`/regress/Makefile `pwd`/regress/Makefile + + REGRESSLIBS=libssh.a $(LIBCOMPAT) +-TESTLIBS=$(LIBS) $(CHANNELLIBS) ++TESTLIBS=$(LIBS) $(CHANNELLIBS) $(GSSLIBS) + + regress/modpipe$(EXEEXT): $(srcdir)/regress/modpipe.c $(REGRESSLIBS) + $(CC) $(CFLAGS) $(CPPFLAGS) -o $@ $(srcdir)/regress/modpipe.c \ diff -up a/auth.c.gsskex b/auth.c --- a/auth.c.gsskex 2021-08-20 06:03:49.000000000 +0200 +++ b/auth.c 2021-08-27 12:41:51.262788953 +0200 @@ -151,7 +160,7 @@ index 9351e042..d6446c0c 100644 + * The 'gssapi_keyex' userauth mechanism. + */ +static int -+userauth_gsskeyex(struct ssh *ssh) ++userauth_gsskeyex(struct ssh *ssh, const char *method) +{ + Authctxt *authctxt = ssh->authctxt; + int r, authenticated = 0; @@ -212,19 +221,20 @@ index 9351e042..d6446c0c 100644 else logit("GSSAPI MIC check failed"); -@@ -326,6 +370,12 @@ input_gssapi_mic(int type, u_int32_t plen, struct ssh *ssh) +@@ -326,6 +370,13 @@ input_gssapi_mic(int type, u_int32_t plen, struct ssh *ssh) return 0; } +Authmethod method_gsskeyex = { + "gssapi-keyex", ++ NULL, + userauth_gsskeyex, + &options.gss_authentication +}; + Authmethod method_gssapi = { "gssapi-with-mic", - NULL, + NULL, diff --git a/auth2.c b/auth2.c index 0e776224..1c217268 100644 --- a/auth2.c @@ -378,13 +388,9 @@ index ebd0dbca..1bdac6a4 100644 /* Permitted RSA signature algorithms for UpdateHostkeys proofs */ #define HOSTKEY_PROOF_RSA_ALGS "rsa-sha2-512,rsa-sha2-256" -@@ -1379,9 +1383,18 @@ client_loop(struct ssh *ssh, int have_pty, int escape_char_arg, - break; - - /* Do channel operations unless rekeying in progress. */ -- if (!ssh_packet_is_rekeying(ssh)) -+ if (!ssh_packet_is_rekeying(ssh)) { - channel_after_poll(ssh, pfd, npfd_active); +@@ -1379,6 +1383,14 @@ client_loop(struct ssh *ssh, int have_pty, int escape_char_arg, + /* Do channel operations. */ + channel_after_poll(ssh, pfd, npfd_active); +#ifdef GSSAPI + if (options.gss_renewal_rekey && @@ -393,11 +399,10 @@ index ebd0dbca..1bdac6a4 100644 + need_rekeying = 1; + } +#endif -+ } + /* Buffer input from the connection. */ - if (conn_in_ready) - client_process_net_input(ssh); + if (conn_in_ready) + client_process_net_input(ssh); diff --git a/configure.ac b/configure.ac index b689db4b..efafb6bd 100644 --- a/configure.ac @@ -1254,15 +1259,9 @@ diff --git a/kex.c b/kex.c index ce85f043..574c7609 100644 --- a/kex.c +++ b/kex.c -@@ -57,11 +57,16 @@ - #include "misc.h" - #include "dispatch.h" - #include "monitor.h" -+#include "xmalloc.h" - - #include "ssherr.h" - #include "sshbuf.h" +@@ -57,6 +57,10 @@ #include "digest.h" + #include "xmalloc.h" +#ifdef GSSAPI +#include "ssh-gss.h" @@ -1360,9 +1359,9 @@ index ce85f043..574c7609 100644 + return 1; +} + - /* put algorithm proposal into buffer */ - int - kex_prop2buf(struct sshbuf *b, char *proposal[PROPOSAL_MAX]) + /* + * Fill out a proposal array with dynamically allocated values, which may + * be modified as required for compatibility reasons. @@ -698,6 +755,9 @@ kex_free(struct kex *kex) sshbuf_free(kex->server_version); sshbuf_free(kex->client_pub); @@ -1370,8 +1369,8 @@ index ce85f043..574c7609 100644 +#ifdef GSSAPI + free(kex->gss_host); +#endif /* GSSAPI */ - sshbuf_free(kex->initial_sig); - sshkey_free(kex->initial_hostkey); + sshbuf_free(kex->initial_sig); + sshkey_free(kex->initial_hostkey); free(kex->failed_choice); diff --git a/kex.h b/kex.h index a5ae6ac0..fe714141 100644 @@ -1414,9 +1413,9 @@ index a5ae6ac0..fe714141 100644 char *kex_names_cat(const char *, const char *); int kex_assemble_names(char **, const char *, const char *); +int kex_gss_names_valid(const char *); - - int kex_exchange_identification(struct ssh *, int, const char *); - + void kex_proposal_populate_entries(struct ssh *, char *prop[PROPOSAL_MAX], + const char *, const char *, const char *, const char *, const char *); + void kex_proposal_free_entries(char *prop[PROPOSAL_MAX]); @@ -202,6 +219,12 @@ int kexgex_client(struct ssh *); int kexgex_server(struct ssh *); int kex_gen_client(struct ssh *); @@ -1489,7 +1488,7 @@ new file mode 100644 index 00000000..f6e1405e --- /dev/null +++ b/kexgssc.c -@@ -0,0 +1,599 @@ +@@ -0,0 +1,600 @@ +/* + * Copyright (c) 2001-2009 Simon Wilkinson. All rights reserved. + * @@ -2088,6 +2087,7 @@ index 00000000..f6e1405e + sshbuf_free(server_host_key_blob); + return r; +} ++ +#endif /* defined(GSSAPI) && defined(WITH_OPENSSL) */ diff --git a/kexgsss.c b/kexgsss.c new file mode 100644 @@ -3496,7 +3496,7 @@ index af00fb30..03bc87eb 100644 /* @@ -163,6 +161,11 @@ ssh_kex2(struct ssh *ssh, char *host, struct sockaddr *hostaddr, u_short port) - char *s, *all_key; + char *s, *all_key, *hkalgs = NULL; int r, use_known_hosts_order = 0; +#if defined(GSSAPI) && defined(WITH_OPENSSL) @@ -3508,9 +3508,10 @@ index af00fb30..03bc87eb 100644 xxx_hostaddr = hostaddr; xxx_conn_info = cinfo; @@ -206,6 +209,42 @@ ssh_kex2(struct ssh *ssh, char *host, struct sockaddr *hostaddr, u_short port) - compat_pkalg_proposal(ssh, options.hostkeyalgorithms); - } - + kex_proposal_populate_entries(ssh, myproposal, s, options.ciphers, + options.macs, compression_alg_list(options.compression), + hkalgs ? hkalgs : options.hostkeyalgorithms); ++ +#if defined(GSSAPI) && defined(WITH_OPENSSL) + if (options.gss_keyex) { + /* Add the GSSAPI mechanisms currently supported on this @@ -3546,11 +3547,10 @@ index af00fb30..03bc87eb 100644 + } + } +#endif -+ - if (options.rekey_limit || options.rekey_interval) - ssh_packet_set_rekey_limits(ssh, options.rekey_limit, - options.rekey_interval); -@@ -224,16 +256,46 @@ ssh_kex2(struct ssh *ssh, char *host, struct sockaddr *hostaddr, u_short port) + + free(hkalgs); + +@@ -224,17 +256,47 @@ ssh_kex2(struct ssh *ssh, char *host, struct sockaddr *hostaddr, u_short port) # ifdef OPENSSL_HAS_ECC ssh->kex->kex[KEX_ECDH_SHA2] = kex_gen_client; # endif @@ -3568,7 +3568,7 @@ index af00fb30..03bc87eb 100644 +# endif +#endif /* WITH_OPENSSL */ ssh->kex->kex[KEX_C25519_SHA256] = kex_gen_client; - ssh->kex->kex[KEX_KEM_SNTRUP761X25519_SHA512] = kex_gen_client; + ssh->kex->kex[KEX_KEM_SNTRUP761X25519_SHA512] = kex_gen_client; ssh->kex->verify_host_key=&verify_host_key_callback; +#if defined(GSSAPI) && defined(WITH_OPENSSL) @@ -3583,6 +3583,7 @@ index af00fb30..03bc87eb 100644 ssh_dispatch_run_fatal(ssh, DISPATCH_BLOCK, &ssh->kex->done); /* remove ext-info from the KEX proposals for rekeying */ + free(myproposal[PROPOSAL_KEX_ALGS]); myproposal[PROPOSAL_KEX_ALGS] = compat_kex_proposal(ssh, options.kex_algorithms); +#if defined(GSSAPI) && defined(WITH_OPENSSL) @@ -3751,8 +3752,8 @@ index 60b2aaf7..d92f03aa 100644 exit(1); } @@ -2347,6 +2348,48 @@ do_ssh2_kex(struct ssh *ssh) - myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = compat_pkalg_proposal( - ssh, list_hostkey_types()); + + free(hkalgs); +#if defined(GSSAPI) && defined(WITH_OPENSSL) + { @@ -3885,22 +3886,98 @@ diff --git a/sshkey.c b/sshkey.c index 57995ee6..fd5b7724 100644 --- a/sshkey.c +++ b/sshkey.c +@@ -127,6 +127,75 @@ static const struct keytype keytypes[] = { + extern const struct sshkey_impl sshkey_xmss_impl; + extern const struct sshkey_impl sshkey_xmss_cert_impl; + #endif ++ ++static int ssh_gss_equal(const struct sshkey *, const struct sshkey *) ++{ ++ return SSH_ERR_FEATURE_UNSUPPORTED; ++} ++ ++static int ssh_gss_serialize_public(const struct sshkey *, struct sshbuf *, ++ enum sshkey_serialize_rep) ++{ ++ return SSH_ERR_FEATURE_UNSUPPORTED; ++} ++ ++static int ssh_gss_deserialize_public(const char *, struct sshbuf *, ++ struct sshkey *) ++{ ++ return SSH_ERR_FEATURE_UNSUPPORTED; ++} ++ ++static int ssh_gss_serialize_private(const struct sshkey *, struct sshbuf *, ++ enum sshkey_serialize_rep) ++{ ++ return SSH_ERR_FEATURE_UNSUPPORTED; ++} ++ ++static int ssh_gss_deserialize_private(const char *, struct sshbuf *, ++ struct sshkey *) ++{ ++ return SSH_ERR_FEATURE_UNSUPPORTED; ++} ++ ++static int ssh_gss_copy_public(const struct sshkey *, struct sshkey *) ++{ ++ return SSH_ERR_FEATURE_UNSUPPORTED; ++} ++ ++static int ssh_gss_verify(const struct sshkey *, const u_char *, size_t, ++ const u_char *, size_t, const char *, u_int, ++ struct sshkey_sig_details **) ++{ ++ return SSH_ERR_FEATURE_UNSUPPORTED; ++} ++ ++static const struct sshkey_impl_funcs sshkey_gss_funcs = { ++ /* .size = */ NULL, ++ /* .alloc = */ NULL, ++ /* .cleanup = */ NULL, ++ /* .equal = */ ssh_gss_equal, ++ /* .ssh_serialize_public = */ ssh_gss_serialize_public, ++ /* .ssh_deserialize_public = */ ssh_gss_deserialize_public, ++ /* .ssh_serialize_private = */ ssh_gss_serialize_private, ++ /* .ssh_deserialize_private = */ ssh_gss_deserialize_private, ++ /* .generate = */ NULL, ++ /* .copy_public = */ ssh_gss_copy_public, ++ /* .sign = */ NULL, ++ /* .verify = */ ssh_gss_verify, ++}; ++ ++/* The struct is intentionally dummy and has no gss calls */ ++static const struct sshkey_impl sshkey_gss_kex_impl = { ++ /* .name = */ "null", ++ /* .shortname = */ "null", ++ /* .sigalg = */ NULL, ++ /* .type = */ KEY_NULL, ++ /* .nid = */ 0, ++ /* .cert = */ 0, ++ /* .sigonly = */ 0, ++ /* .keybits = */ 0, /* FIXME */ ++ /* .funcs = */ &sshkey_gss_funcs, ++}; + + const struct sshkey_impl * const keyimpls[] = { + &sshkey_ed25519_impl, @@ -154,6 +154,7 @@ static const struct keytype keytypes[] = { - # endif /* ENABLE_SK */ - # endif /* OPENSSL_HAS_ECC */ - #endif /* WITH_OPENSSL */ -+ { "null", "null", NULL, KEY_NULL, 0, 0, 0 }, - { NULL, NULL, NULL, -1, -1, 0, 0 } + &sshkey_xmss_impl, + &sshkey_xmss_cert_impl, + #endif ++ &sshkey_gss_kex_impl, + NULL }; @@ -255,7 +256,7 @@ sshkey_alg_list(int certs_only, int plain_only, int include_sigonly, char sep) - const struct keytype *kt; - for (kt = keytypes; kt->type != -1; kt++) { -- if (kt->name == NULL) -+ if (kt->name == NULL || kt->type == KEY_NULL) + for (i = 0; keyimpls[i] != NULL; i++) { + impl = keyimpls[i]; +- if (impl->name == NULL) ++ if (impl->name == NULL || impl->type == KEY_NULL) continue; - if (!include_sigonly && kt->sigonly) + if (!include_sigonly && impl->sigonly) continue; diff --git a/sshkey.h b/sshkey.h index 71a3fddc..37a43a67 100644 diff --git a/openssh-8.0p1-openssl-evp.patch b/openssh-8.0p1-openssl-evp.patch index ade0bbb..a17dbbc 100644 --- a/openssh-8.0p1-openssl-evp.patch +++ b/openssh-8.0p1-openssl-evp.patch @@ -62,8 +62,8 @@ index a23c383dc..ea45e7275 100644 --- a/ssh-dss.c +++ b/ssh-dss.c @@ -52,11 +52,15 @@ int - ssh_dss_sign(const struct sshkey *key, u_char **sigp, size_t *lenp, - const u_char *data, size_t datalen, u_int compat) + const u_char *data, size_t datalen, + const char *alg, const char *sk_provider, const char *sk_pin, u_int compat) { + EVP_PKEY *pkey = NULL; DSA_SIG *sig = NULL; @@ -119,14 +119,14 @@ index a23c383dc..ea45e7275 100644 sshbuf_free(b); return ret; @@ -121,20 +132,20 @@ ssh_dss_verify(const struct sshkey *key, - const u_char *signature, size_t signaturelen, - const u_char *data, size_t datalen, u_int compat) + const u_char *data, size_t dlen, const char *alg, u_int compat, + struct sshkey_sig_details **detailsp) { + EVP_PKEY *pkey = NULL; - DSA_SIG *sig = NULL; + DSA_SIG *dsig = NULL; BIGNUM *sig_r = NULL, *sig_s = NULL; - u_char digest[SSH_DIGEST_MAX_LENGTH], *sigblob = NULL; -- size_t len, dlen = ssh_digest_bytes(SSH_DIGEST_SHA1); +- size_t len, hlen = ssh_digest_bytes(SSH_DIGEST_SHA1); + u_char *sigblob = NULL; + size_t len, slen; int ret = SSH_ERR_INTERNAL_ERROR; @@ -136,25 +136,25 @@ index a23c383dc..ea45e7275 100644 if (key == NULL || key->dsa == NULL || sshkey_type_plain(key->type) != KEY_DSA || - signature == NULL || signaturelen == 0) + sig == NULL || siglen == 0) return SSH_ERR_INVALID_ARGUMENT; -- if (dlen == 0) +- if (hlen == 0) - return SSH_ERR_INTERNAL_ERROR; /* fetch signature */ - if ((b = sshbuf_from(signature, signaturelen)) == NULL) + if ((b = sshbuf_from(sig, siglen)) == NULL) @@ -176,25 +187,31 @@ ssh_dss_verify(const struct sshkey *key, } sig_r = sig_s = NULL; /* transferred */ - /* sha1 the data */ -- if ((ret = ssh_digest_memory(SSH_DIGEST_SHA1, data, datalen, +- if ((ret = ssh_digest_memory(SSH_DIGEST_SHA1, data, dlen, - digest, sizeof(digest))) != 0) -+ if ((slen = i2d_DSA_SIG(sig, NULL)) == 0) { ++ if ((slen = i2d_DSA_SIG(dsig, NULL)) == 0) { + ret = SSH_ERR_LIBCRYPTO_ERROR; goto out; - -- switch (DSA_do_verify(digest, dlen, sig, key->dsa)) { +- switch (DSA_do_verify(digest, hlen, dsig, key->dsa)) { - case 1: - ret = 0; - break; @@ -167,7 +167,7 @@ index a23c383dc..ea45e7275 100644 - default: + } + psig = sigb; -+ if ((slen = i2d_DSA_SIG(sig, &psig)) == 0) { ++ if ((slen = i2d_DSA_SIG(dsig, &psig)) == 0) { ret = SSH_ERR_LIBCRYPTO_ERROR; goto out; } @@ -177,14 +177,14 @@ index a23c383dc..ea45e7275 100644 + ret = SSH_ERR_ALLOC_FAIL; + goto out; + } -+ ret = sshkey_verify_signature(pkey, SSH_DIGEST_SHA1, data, datalen, ++ ret = sshkey_verify_signature(pkey, SSH_DIGEST_SHA1, data, dlen, + sigb, slen); + EVP_PKEY_free(pkey); + out: - explicit_bzero(digest, sizeof(digest)); + free(sigb); - DSA_SIG_free(sig); + DSA_SIG_free(dsig); BN_clear_free(sig_r); BN_clear_free(sig_s); diff --git a/ssh-ecdsa.c b/ssh-ecdsa.c @@ -192,17 +192,17 @@ index 599c7199d..b036796e8 100644 --- a/ssh-ecdsa.c +++ b/ssh-ecdsa.c @@ -50,11 +50,13 @@ int - ssh_ecdsa_sign(const struct sshkey *key, u_char **sigp, size_t *lenp, - const u_char *data, size_t datalen, u_int compat) + const u_char *data, size_t dlen, + const char *alg, const char *sk_provider, const char *sk_pin, u_int compat) { + EVP_PKEY *pkey = NULL; - ECDSA_SIG *sig = NULL; + ECDSA_SIG *esig = NULL; + unsigned char *sigb = NULL; + const unsigned char *psig; const BIGNUM *sig_r, *sig_s; int hash_alg; - u_char digest[SSH_DIGEST_MAX_LENGTH]; -- size_t len, dlen; +- size_t len, hlen; + int len; struct sshbuf *b = NULL, *bb = NULL; int ret = SSH_ERR_INTERNAL_ERROR; @@ -212,25 +212,25 @@ index 599c7199d..b036796e8 100644 return SSH_ERR_INVALID_ARGUMENT; - if ((hash_alg = sshkey_ec_nid_to_hash_alg(key->ecdsa_nid)) == -1 || -- (dlen = ssh_digest_bytes(hash_alg)) == 0) +- (hlen = ssh_digest_bytes(hash_alg)) == 0) + if ((hash_alg = sshkey_ec_nid_to_hash_alg(key->ecdsa_nid)) == -1) return SSH_ERR_INTERNAL_ERROR; -- if ((ret = ssh_digest_memory(hash_alg, data, datalen, +- if ((ret = ssh_digest_memory(hash_alg, data, dlen, - digest, sizeof(digest))) != 0) + + if ((pkey = EVP_PKEY_new()) == NULL || + EVP_PKEY_set1_EC_KEY(pkey, key->ecdsa) != 1) + return SSH_ERR_ALLOC_FAIL; + ret = sshkey_calculate_signature(pkey, hash_alg, &sigb, &len, data, -+ datalen); ++ dlen); + EVP_PKEY_free(pkey); + if (ret < 0) { goto out; + } -- if ((sig = ECDSA_do_sign(digest, dlen, key->ecdsa)) == NULL) { +- if ((esig = ECDSA_do_sign(digest, hlen, key->ecdsa)) == NULL) { + psig = sigb; -+ if ((sig = d2i_ECDSA_SIG(NULL, &psig, len)) == NULL) { ++ if (d2i_ECDSA_SIG(&esig, &psig, len) == NULL) { ret = SSH_ERR_LIBCRYPTO_ERROR; goto out; } @@ -246,17 +246,17 @@ index 599c7199d..b036796e8 100644 + free(sigb); sshbuf_free(b); sshbuf_free(bb); - ECDSA_SIG_free(sig); + ECDSA_SIG_free(esig); @@ -115,22 +123,21 @@ ssh_ecdsa_verify(const struct sshkey *key, - const u_char *signature, size_t signaturelen, - const u_char *data, size_t datalen, u_int compat) + const u_char *data, size_t dlen, const char *alg, u_int compat, + struct sshkey_sig_details **detailsp) { + EVP_PKEY *pkey = NULL; - ECDSA_SIG *sig = NULL; + ECDSA_SIG *esig = NULL; BIGNUM *sig_r = NULL, *sig_s = NULL; - int hash_alg; - u_char digest[SSH_DIGEST_MAX_LENGTH]; -- size_t dlen; +- size_t hlen; + int hash_alg, len; int ret = SSH_ERR_INTERNAL_ERROR; struct sshbuf *b = NULL, *sigbuf = NULL; @@ -265,11 +265,11 @@ index 599c7199d..b036796e8 100644 if (key == NULL || key->ecdsa == NULL || sshkey_type_plain(key->type) != KEY_ECDSA || - signature == NULL || signaturelen == 0) + sig == NULL || siglen == 0) return SSH_ERR_INVALID_ARGUMENT; - if ((hash_alg = sshkey_ec_nid_to_hash_alg(key->ecdsa_nid)) == -1 || -- (dlen = ssh_digest_bytes(hash_alg)) == 0) +- (hlen = ssh_digest_bytes(hash_alg)) == 0) + if ((hash_alg = sshkey_ec_nid_to_hash_alg(key->ecdsa_nid)) == -1) return SSH_ERR_INTERNAL_ERROR; @@ -281,7 +281,7 @@ index 599c7199d..b036796e8 100644 - if (sshbuf_len(sigbuf) != 0) { - ret = SSH_ERR_UNEXPECTED_TRAILING_DATA; + /* Figure out the length */ -+ if ((len = i2d_ECDSA_SIG(sig, NULL)) == 0) { ++ if ((len = i2d_ECDSA_SIG(esig, NULL)) == 0) { + ret = SSH_ERR_LIBCRYPTO_ERROR; + goto out; + } @@ -289,15 +289,15 @@ index 599c7199d..b036796e8 100644 + ret = SSH_ERR_ALLOC_FAIL; goto out; } -- if ((ret = ssh_digest_memory(hash_alg, data, datalen, +- if ((ret = ssh_digest_memory(hash_alg, data, dlen, - digest, sizeof(digest))) != 0) + psig = sigb; -+ if ((len = i2d_ECDSA_SIG(sig, &psig)) == 0) { ++ if ((len = i2d_ECDSA_SIG(esig, &psig)) == 0) { + ret = SSH_ERR_LIBCRYPTO_ERROR; goto out; + } -- switch (ECDSA_do_verify(digest, dlen, sig, key->ecdsa)) { +- switch (ECDSA_do_verify(digest, hlen, esig, key->ecdsa)) { - case 1: - ret = 0; - break; @@ -315,7 +315,7 @@ index 599c7199d..b036796e8 100644 + ret = SSH_ERR_ALLOC_FAIL; goto out; } -+ ret = sshkey_verify_signature(pkey, hash_alg, data, datalen, sigb, len); ++ ret = sshkey_verify_signature(pkey, hash_alg, data, dlen, sigb, len); + EVP_PKEY_free(pkey); out: @@ -323,7 +323,7 @@ index 599c7199d..b036796e8 100644 + free(sigb); sshbuf_free(sigbuf); sshbuf_free(b); - ECDSA_SIG_free(sig); + ECDSA_SIG_free(esig); diff --git a/ssh-rsa.c b/ssh-rsa.c index 9b14f9a9a..8ef3a6aca 100644 --- a/ssh-rsa.c @@ -335,8 +335,8 @@ index 9b14f9a9a..8ef3a6aca 100644 -static int openssh_RSA_verify(int, u_char *, size_t, u_char *, size_t, RSA *); +static int openssh_RSA_verify(int, const u_char *, size_t, u_char *, size_t, EVP_PKEY *); - static const char * - rsa_hash_alg_ident(int hash_alg) + static u_int + ssh_rsa_size(const struct sshkey *key) @@ -90,21 +90,6 @@ rsa_hash_id_from_keyname(const char *alg) return -1; } @@ -360,13 +360,13 @@ index 9b14f9a9a..8ef3a6aca 100644 ssh_rsa_complete_crt_parameters(struct sshkey *key, const BIGNUM *iqmp) { @@ -164,11 +149,10 @@ int - ssh_rsa_sign(const struct sshkey *key, u_char **sigp, size_t *lenp, - const u_char *data, size_t datalen, const char *alg_ident) + const u_char *data, size_t datalen, + const char *alg, const char *sk_provider, const char *sk_pin, u_int compat) { - const BIGNUM *rsa_n; - u_char digest[SSH_DIGEST_MAX_LENGTH], *sig = NULL; - size_t slen = 0; -- u_int dlen, len; +- u_int hlen, len; - int nid, hash_alg, ret = SSH_ERR_INTERNAL_ERROR; + EVP_PKEY *pkey = NULL; + u_char *sig = NULL; @@ -378,7 +378,7 @@ index 9b14f9a9a..8ef3a6aca 100644 @@ -180,33 +164,24 @@ ssh_rsa_sign(const struct sshkey *key, u_char **sigp, size_t *lenp, hash_alg = SSH_DIGEST_SHA1; else - hash_alg = rsa_hash_id_from_keyname(alg_ident); + hash_alg = rsa_hash_id_from_keyname(alg); + if (key == NULL || key->rsa == NULL || hash_alg == -1 || sshkey_type_plain(key->type) != KEY_RSA) @@ -392,7 +392,7 @@ index 9b14f9a9a..8ef3a6aca 100644 - - /* hash the data */ - nid = rsa_hash_alg_nid(hash_alg); -- if ((dlen = ssh_digest_bytes(hash_alg)) == 0) +- if ((hlen = ssh_digest_bytes(hash_alg)) == 0) - return SSH_ERR_INTERNAL_ERROR; - if ((ret = ssh_digest_memory(hash_alg, data, datalen, - digest, sizeof(digest))) != 0) @@ -412,7 +412,7 @@ index 9b14f9a9a..8ef3a6aca 100644 goto out; } -- if (RSA_sign(nid, digest, dlen, sig, &len, key->rsa) != 1) { +- if (RSA_sign(nid, digest, hlen, sig, &len, key->rsa) != 1) { - ret = SSH_ERR_LIBCRYPTO_ERROR; - goto out; - } @@ -436,14 +436,14 @@ index 9b14f9a9a..8ef3a6aca 100644 sshbuf_free(b); return ret; @@ -246,10 +221,10 @@ ssh_rsa_verify(const struct sshkey *key, - const u_char *sig, size_t siglen, const u_char *data, size_t datalen, - const char *alg) + const u_char *data, size_t dlen, const char *alg, u_int compat, + struct sshkey_sig_details **detailsp) { - const BIGNUM *rsa_n; + EVP_PKEY *pkey = NULL; char *sigtype = NULL; int hash_alg, want_alg, ret = SSH_ERR_INTERNAL_ERROR; -- size_t len = 0, diff, modlen, dlen; +- size_t len = 0, diff, modlen, hlen; + size_t len = 0, diff, modlen; struct sshbuf *b = NULL; u_char digest[SSH_DIGEST_MAX_LENGTH], *osigblob, *sigblob = NULL; @@ -462,7 +462,7 @@ index 9b14f9a9a..8ef3a6aca 100644 explicit_bzero(sigblob, diff); len = modlen; } -- if ((dlen = ssh_digest_bytes(hash_alg)) == 0) { +- if ((hlen = ssh_digest_bytes(hash_alg)) == 0) { - ret = SSH_ERR_INTERNAL_ERROR; + + if ((pkey = EVP_PKEY_new()) == NULL || @@ -470,13 +470,13 @@ index 9b14f9a9a..8ef3a6aca 100644 + ret = SSH_ERR_ALLOC_FAIL; goto out; } -- if ((ret = ssh_digest_memory(hash_alg, data, datalen, +- if ((ret = ssh_digest_memory(hash_alg, data, dlen, - digest, sizeof(digest))) != 0) - goto out; -+ ret = openssh_RSA_verify(hash_alg, data, datalen, sigblob, len, pkey); ++ ret = openssh_RSA_verify(hash_alg, data, dlen, sigblob, len, pkey); + EVP_PKEY_free(pkey); -- ret = openssh_RSA_verify(hash_alg, digest, dlen, sigblob, len, +- ret = openssh_RSA_verify(hash_alg, digest, hlen, sigblob, len, - key->rsa); out: freezero(sigblob, len); @@ -613,7 +613,7 @@ index 9b14f9a9a..8ef3a6aca 100644 - freezero(decrypted, rsasize); return ret; } - #endif /* WITH_OPENSSL */ + diff --git a/sshkey.c b/sshkey.c index ad1957762..b95ed0b10 100644 --- a/sshkey.c diff --git a/openssh-8.0p1-pkcs11-uri.patch b/openssh-8.0p1-pkcs11-uri.patch index b3295a9..be38500 100644 --- a/openssh-8.0p1-pkcs11-uri.patch +++ b/openssh-8.0p1-pkcs11-uri.patch @@ -76,7 +76,7 @@ diff -up openssh-8.7p1/Makefile.in.pkcs11-uri openssh-8.7p1/Makefile.in + ssh-pkcs11.o ssh-pkcs11-uri.o smult_curve25519_ref.o \ poly1305.o chacha.o cipher-chachapoly.o cipher-chachapoly-libcrypto.o \ ssh-ed25519.o digest-openssl.o digest-libc.o \ - hmac.o sc25519.o ge25519.o fe25519.o ed25519.o verify.o hash.o \ + hmac.o ed25519.o hash.o \ @@ -302,6 +302,8 @@ clean: regressclean rm -f regress/unittests/sshsig/test_sshsig$(EXEEXT) rm -f regress/unittests/utf8/*.o @@ -105,7 +105,7 @@ diff -up openssh-8.7p1/Makefile.in.pkcs11-uri openssh-8.7p1/Makefile.in ln -s `cd $(srcdir) && pwd`/regress/Makefile `pwd`/regress/Makefile @@ -677,6 +682,16 @@ regress/unittests/utf8/test_utf8$(EXEEXT regress/unittests/test_helper/libtest_helper.a \ - -lssh -lopenbsd-compat -lssh -lopenbsd-compat $(LIBS) + -lssh -lopenbsd-compat -lssh -lopenbsd-compat $(TESTLIBS) +UNITTESTS_TEST_PKCS11_OBJS=\ + regress/unittests/pkcs11/tests.o @@ -115,7 +115,7 @@ diff -up openssh-8.7p1/Makefile.in.pkcs11-uri openssh-8.7p1/Makefile.in + regress/unittests/test_helper/libtest_helper.a libssh.a + $(LD) -o $@ $(LDFLAGS) $(UNITTESTS_TEST_PKCS11_OBJS) \ + regress/unittests/test_helper/libtest_helper.a \ -+ -lssh -lopenbsd-compat -lssh -lopenbsd-compat $(LIBS) ++ -lssh -lopenbsd-compat -lcrypto $(LIBS) + # These all need to be compiled -fPIC, so they are treated differently. SK_DUMMY_OBJS=\ @@ -534,7 +534,7 @@ diff -up openssh-8.7p1/regress/unittests/Makefile.pkcs11-uri openssh-8.7p1/regre diff -up openssh-8.7p1/regress/unittests/pkcs11/tests.c.pkcs11-uri openssh-8.7p1/regress/unittests/pkcs11/tests.c --- openssh-8.7p1/regress/unittests/pkcs11/tests.c.pkcs11-uri 2021-08-30 13:07:43.664700104 +0200 +++ openssh-8.7p1/regress/unittests/pkcs11/tests.c 2021-08-30 13:07:43.664700104 +0200 -@@ -0,0 +1,337 @@ +@@ -0,0 +1,342 @@ +/* + * Copyright (c) 2017 Red Hat + * @@ -563,7 +563,7 @@ diff -up openssh-8.7p1/regress/unittests/pkcs11/tests.c.pkcs11-uri openssh-8.7p1 +#include "sshbuf.h" +#include "ssh-pkcs11-uri.h" + -+#define EMPTY_URI compose_uri(NULL, 0, NULL, NULL, NULL, NULL, NULL, NULL) ++#define EMPTY_URI compose_uri(NULL, 0, NULL, NULL, NULL, NULL, NULL, NULL, NULL) + +/* prototypes are not public -- specify them here internally for tests */ +struct sshbuf *percent_encode(const char *, size_t, char *); @@ -596,6 +596,10 @@ diff -up openssh-8.7p1/regress/unittests/pkcs11/tests.c.pkcs11-uri openssh-8.7p1 + ASSERT_STRING_EQ(a->lib_manuf, b->lib_manuf); + else /* both should be null */ + ASSERT_PTR_EQ(a->lib_manuf, b->lib_manuf); ++ if (b->serial != NULL) ++ ASSERT_STRING_EQ(a->serial, b->serial); ++ else /* both should be null */ ++ ASSERT_PTR_EQ(a->serial, b->serial); +} + +void @@ -630,7 +634,7 @@ diff -up openssh-8.7p1/regress/unittests/pkcs11/tests.c.pkcs11-uri openssh-8.7p1 + +struct pkcs11_uri * +compose_uri(unsigned char *id, size_t id_len, char *token, char *lib_manuf, -+ char *manuf, char *module_path, char *object, char *pin) ++ char *manuf, char *serial, char *module_path, char *object, char *pin) +{ + struct pkcs11_uri *uri = pkcs11_uri_init(); + if (id_len > 0) { @@ -641,6 +645,7 @@ diff -up openssh-8.7p1/regress/unittests/pkcs11/tests.c.pkcs11-uri openssh-8.7p1 + uri->token = token; + uri->lib_manuf = lib_manuf; + uri->manuf = manuf; ++ uri->serial = serial; + uri->object = object; + uri->pin = pin; + return uri; @@ -651,47 +656,47 @@ diff -up openssh-8.7p1/regress/unittests/pkcs11/tests.c.pkcs11-uri openssh-8.7p1 +{ + /* path arguments */ + check_parse("pkcs11:id=%01", -+ compose_uri("\x01", 1, NULL, NULL, NULL, NULL, NULL, NULL)); ++ compose_uri("\x01", 1, NULL, NULL, NULL, NULL, NULL, NULL, NULL)); + check_parse("pkcs11:id=%00%01", -+ compose_uri("\x00\x01", 2, NULL, NULL, NULL, NULL, NULL, NULL)); ++ compose_uri("\x00\x01", 2, NULL, NULL, NULL, NULL, NULL, NULL, NULL)); + check_parse("pkcs11:token=SSH%20Keys", -+ compose_uri(NULL, 0, "SSH Keys", NULL, NULL, NULL, NULL, NULL)); ++ compose_uri(NULL, 0, "SSH Keys", NULL, NULL, NULL, NULL, NULL, NULL)); + check_parse("pkcs11:library-manufacturer=OpenSC", -+ compose_uri(NULL, 0, NULL, "OpenSC", NULL, NULL, NULL, NULL)); ++ compose_uri(NULL, 0, NULL, "OpenSC", NULL, NULL, NULL, NULL, NULL)); + check_parse("pkcs11:manufacturer=piv_II", -+ compose_uri(NULL, 0, NULL, NULL, "piv_II", NULL, NULL, NULL)); ++ compose_uri(NULL, 0, NULL, NULL, "piv_II", NULL, NULL, NULL, NULL)); + check_parse("pkcs11:object=SIGN%20Key", -+ compose_uri(NULL, 0, NULL, NULL, NULL, NULL, "SIGN Key", NULL)); ++ compose_uri(NULL, 0, NULL, NULL, NULL, NULL, NULL, "SIGN Key", NULL)); + /* query arguments */ + check_parse("pkcs11:?module-path=/usr/lib64/p11-kit-proxy.so", -+ compose_uri(NULL, 0, NULL, NULL, NULL, "/usr/lib64/p11-kit-proxy.so", NULL, NULL)); ++ compose_uri(NULL, 0, NULL, NULL, NULL, NULL, "/usr/lib64/p11-kit-proxy.so", NULL, NULL)); + check_parse("pkcs11:?pin-value=123456", -+ compose_uri(NULL, 0, NULL, NULL, NULL, NULL, NULL, "123456")); ++ compose_uri(NULL, 0, NULL, NULL, NULL, NULL, NULL, NULL, "123456")); + + /* combinations */ + /* ID SHOULD be percent encoded */ + check_parse("pkcs11:token=SSH%20Key;id=0", -+ compose_uri("0", 1, "SSH Key", NULL, NULL, NULL, NULL, NULL)); ++ compose_uri("0", 1, "SSH Key", NULL, NULL, NULL, NULL, NULL, NULL)); + check_parse( + "pkcs11:manufacturer=CAC?module-path=/usr/lib64/p11-kit-proxy.so", -+ compose_uri(NULL, 0, NULL, NULL, "CAC", ++ compose_uri(NULL, 0, NULL, NULL, "CAC", NULL, + "/usr/lib64/p11-kit-proxy.so", NULL, NULL)); + check_parse( + "pkcs11:object=RSA%20Key?module-path=/usr/lib64/pkcs11/opencryptoki.so", -+ compose_uri(NULL, 0, NULL, NULL, NULL, ++ compose_uri(NULL, 0, NULL, NULL, NULL, NULL, + "/usr/lib64/pkcs11/opencryptoki.so", "RSA Key", NULL)); + check_parse("pkcs11:?module-path=/usr/lib64/p11-kit-proxy.so&pin-value=123456", -+ compose_uri(NULL, 0, NULL, NULL, NULL, "/usr/lib64/p11-kit-proxy.so", NULL, "123456")); ++ compose_uri(NULL, 0, NULL, NULL, NULL, NULL, "/usr/lib64/p11-kit-proxy.so", NULL, "123456")); + + /* empty path component matches everything */ + check_parse("pkcs11:", EMPTY_URI); + + /* empty string is a valid to match against (and different from NULL) */ + check_parse("pkcs11:token=", -+ compose_uri(NULL, 0, "", NULL, NULL, NULL, NULL, NULL)); ++ compose_uri(NULL, 0, "", NULL, NULL, NULL, NULL, NULL, NULL)); + /* Percent character needs to be percent-encoded */ + check_parse("pkcs11:token=%25", -+ compose_uri(NULL, 0, "%", NULL, NULL, NULL, NULL, NULL)); ++ compose_uri(NULL, 0, "%", NULL, NULL, NULL, NULL, NULL, NULL)); +} + +static void @@ -703,7 +708,7 @@ diff -up openssh-8.7p1/regress/unittests/pkcs11/tests.c.pkcs11-uri openssh-8.7p1 + check_parse_rv("pkcs11:id=%ZZ", EMPTY_URI, -1); + /* Space MUST be percent encoded -- XXX not enforced yet */ + check_parse("pkcs11:token=SSH Keys", -+ compose_uri(NULL, 0, "SSH Keys", NULL, NULL, NULL, NULL, NULL)); ++ compose_uri(NULL, 0, "SSH Keys", NULL, NULL, NULL, NULL, NULL, NULL)); + /* MUST NOT contain duplicate attributes of the same name */ + check_parse_rv("pkcs11:id=%01;id=%02", EMPTY_URI, -1); + /* MUST NOT contain duplicate attributes of the same name */ @@ -734,29 +739,29 @@ diff -up openssh-8.7p1/regress/unittests/pkcs11/tests.c.pkcs11-uri openssh-8.7p1 +{ + /* path arguments */ + check_gen("pkcs11:id=%01", -+ compose_uri("\x01", 1, NULL, NULL, NULL, NULL, NULL, NULL)); ++ compose_uri("\x01", 1, NULL, NULL, NULL, NULL, NULL, NULL, NULL)); + check_gen("pkcs11:id=%00%01", -+ compose_uri("\x00\x01", 2, NULL, NULL, NULL, NULL, NULL, NULL)); ++ compose_uri("\x00\x01", 2, NULL, NULL, NULL, NULL, NULL, NULL, NULL)); + check_gen("pkcs11:token=SSH%20Keys", /* space must be percent encoded */ -+ compose_uri(NULL, 0, "SSH Keys", NULL, NULL, NULL, NULL, NULL)); ++ compose_uri(NULL, 0, "SSH Keys", NULL, NULL, NULL, NULL, NULL, NULL)); + /* library-manufacturer is not implmented now */ + /*check_gen("pkcs11:library-manufacturer=OpenSC", -+ compose_uri(NULL, 0, NULL, "OpenSC", NULL, NULL, NULL, NULL));*/ ++ compose_uri(NULL, 0, NULL, "OpenSC", NULL, NULL, NULL, NULL, NULL));*/ + check_gen("pkcs11:manufacturer=piv_II", -+ compose_uri(NULL, 0, NULL, NULL, "piv_II", NULL, NULL, NULL)); ++ compose_uri(NULL, 0, NULL, NULL, "piv_II", NULL, NULL, NULL, NULL)); + check_gen("pkcs11:object=RSA%20Key", -+ compose_uri(NULL, 0, NULL, NULL, NULL, NULL, "RSA Key", NULL)); ++ compose_uri(NULL, 0, NULL, NULL, NULL, NULL, NULL, "RSA Key", NULL)); + /* query arguments */ + check_gen("pkcs11:?module-path=/usr/lib64/p11-kit-proxy.so", -+ compose_uri(NULL, 0, NULL, NULL, NULL, "/usr/lib64/p11-kit-proxy.so", NULL, NULL)); ++ compose_uri(NULL, 0, NULL, NULL, NULL, NULL, "/usr/lib64/p11-kit-proxy.so", NULL, NULL)); + + /* combinations */ + check_gen("pkcs11:id=%02;token=SSH%20Keys", -+ compose_uri("\x02", 1, "SSH Keys", NULL, NULL, NULL, NULL, NULL)); ++ compose_uri("\x02", 1, "SSH Keys", NULL, NULL, NULL, NULL, NULL, NULL)); + check_gen("pkcs11:id=%EE%02?module-path=/usr/lib64/p11-kit-proxy.so", -+ compose_uri("\xEE\x02", 2, NULL, NULL, NULL, "/usr/lib64/p11-kit-proxy.so", NULL, NULL)); ++ compose_uri("\xEE\x02", 2, NULL, NULL, NULL, NULL, "/usr/lib64/p11-kit-proxy.so", NULL, NULL)); + check_gen("pkcs11:object=Encryption%20Key;manufacturer=piv_II", -+ compose_uri(NULL, 0, NULL, NULL, "piv_II", NULL, "Encryption Key", NULL)); ++ compose_uri(NULL, 0, NULL, NULL, "piv_II", NULL, NULL, "Encryption Key", NULL)); + + /* empty path component matches everything */ + check_gen("pkcs11:", EMPTY_URI); @@ -1545,7 +1550,7 @@ diff -up openssh-8.7p1/ssh-pkcs11.c.pkcs11-uri openssh-8.7p1/ssh-pkcs11.c } static RSA_METHOD *rsa_method; -@@ -195,6 +286,55 @@ static EC_KEY_METHOD *ec_key_method; +@@ -195,6 +286,56 @@ static EC_KEY_METHOD *ec_key_method; static int ec_key_idx = 0; #endif /* OPENSSL_HAS_ECC && HAVE_EC_KEY_METHOD_NEW */ @@ -1587,6 +1592,7 @@ diff -up openssh-8.7p1/ssh-pkcs11.c.pkcs11-uri openssh-8.7p1/ssh-pkcs11.c + uri.module_path = k11->provider->module->module_path; + uri.lib_manuf = k11->provider->module->info.manufacturerID; + uri.manuf = k11->provider->module->slotinfo[k11->slotidx].token.manufacturerID; ++ uri.serial = k11->provider->module->slotinfo[k11->slotidx].token.serialNumber; + + p = pkcs11_uri_get(&uri); + /* do not cleanup -- we do not allocate here, only reference */ @@ -2157,7 +2163,7 @@ diff -up openssh-8.7p1/ssh-pkcs11.c.pkcs11-uri openssh-8.7p1/ssh-pkcs11.c int ret = -1; struct pkcs11_provider *p = NULL; void *handle = NULL; -@@ -1517,164 +1702,298 @@ pkcs11_register_provider(char *provider_ +@@ -1517,164 +1702,305 @@ pkcs11_register_provider(char *provider_ CK_FUNCTION_LIST *f = NULL; CK_TOKEN_INFO *token; CK_ULONG i; @@ -2401,6 +2407,13 @@ diff -up openssh-8.7p1/ssh-pkcs11.c.pkcs11-uri openssh-8.7p1/ssh-pkcs11.c + "manufacturerID (%s) specified by PKCS#11 URI in " + "slot %lu", token->manufacturerID, (unsigned long)i); + continue; ++ } ++ if (uri->serial != NULL && ++ strcmp(token->serialNumber, uri->serial) != 0) { ++ debug2_f("ignoring token not matching requrested " ++ "serialNumber (%s) specified by PKCS#11 URI in " ++ "slot %lu", token->serialNumber, (unsigned long)i); ++ continue; + } debug("provider %s slot %lu: label <%s> manufacturerID <%s> " "model <%s> serial <%s> flags 0x%lx", @@ -2591,7 +2604,7 @@ diff -up openssh-8.7p1/ssh-pkcs11.h.pkcs11-uri openssh-8.7p1/ssh-pkcs11.h diff -up openssh-8.7p1/ssh-pkcs11-uri.c.pkcs11-uri openssh-8.7p1/ssh-pkcs11-uri.c --- openssh-8.7p1/ssh-pkcs11-uri.c.pkcs11-uri 2021-08-30 13:07:43.667700130 +0200 +++ openssh-8.7p1/ssh-pkcs11-uri.c 2021-08-30 13:07:43.667700130 +0200 -@@ -0,0 +1,419 @@ +@@ -0,0 +1,437 @@ +/* + * Copyright (c) 2017 Red Hat + * @@ -2634,13 +2647,14 @@ diff -up openssh-8.7p1/ssh-pkcs11-uri.c.pkcs11-uri openssh-8.7p1/ssh-pkcs11-uri. +#define PKCS11_URI_OBJECT "object" +#define PKCS11_URI_LIB_MANUF "library-manufacturer" +#define PKCS11_URI_MANUF "manufacturer" ++#define PKCS11_URI_SERIAL "serial" +#define PKCS11_URI_MODULE_PATH "module-path" +#define PKCS11_URI_PIN_VALUE "pin-value" + +/* Keyword tokens. */ +typedef enum { -+ pId, pToken, pObject, pLibraryManufacturer, pManufacturer, pModulePath, -+ pPinValue, pBadOption ++ pId, pToken, pObject, pLibraryManufacturer, pManufacturer, pSerial, ++ pModulePath, pPinValue, pBadOption +} pkcs11uriOpCodes; + +/* Textual representation of the tokens. */ @@ -2653,6 +2667,7 @@ diff -up openssh-8.7p1/ssh-pkcs11-uri.c.pkcs11-uri openssh-8.7p1/ssh-pkcs11-uri. + { PKCS11_URI_OBJECT, pObject }, + { PKCS11_URI_LIB_MANUF, pLibraryManufacturer }, + { PKCS11_URI_MANUF, pManufacturer }, ++ { PKCS11_URI_SERIAL, pSerial }, + { PKCS11_URI_MODULE_PATH, pModulePath }, + { PKCS11_URI_PIN_VALUE, pPinValue }, + { NULL, pBadOption } @@ -2811,6 +2826,16 @@ diff -up openssh-8.7p1/ssh-pkcs11-uri.c.pkcs11-uri openssh-8.7p1/ssh-pkcs11-uri. + goto err; + } + ++ /* Write serial */ ++ if (uri->serial) { ++ struct sshbuf *serial = percent_encode(uri->serial, ++ strlen(uri->serial), PKCS11_URI_WHITELIST); ++ path = pkcs11_uri_append(path, PKCS11_URI_PATH_SEPARATOR, ++ PKCS11_URI_SERIAL, serial); ++ if (path == NULL) ++ goto err; ++ } ++ + /* Write module_path */ + if (uri->module_path) { + struct sshbuf *module = percent_encode(uri->module_path, @@ -2853,6 +2878,7 @@ diff -up openssh-8.7p1/ssh-pkcs11-uri.c.pkcs11-uri openssh-8.7p1/ssh-pkcs11-uri. + free(pkcs11->object); + free(pkcs11->lib_manuf); + free(pkcs11->manuf); ++ free(pkcs11->serial); + if (pkcs11->pin) + freezero(pkcs11->pin, strlen(pkcs11->pin)); + free(pkcs11); @@ -2948,6 +2974,11 @@ diff -up openssh-8.7p1/ssh-pkcs11-uri.c.pkcs11-uri openssh-8.7p1/ssh-pkcs11-uri. + charptr = &pkcs11->manuf; + goto parse_string; + ++ case pSerial: ++ /* CK_TOKEN_INFO -> serialNumber */ ++ charptr = &pkcs11->serial; ++ goto parse_string; ++ + case pLibraryManufacturer: + /* CK_INFO -> manufacturerID */ + charptr = &pkcs11->lib_manuf; @@ -3014,7 +3045,7 @@ diff -up openssh-8.7p1/ssh-pkcs11-uri.c.pkcs11-uri openssh-8.7p1/ssh-pkcs11-uri. diff -up openssh-8.7p1/ssh-pkcs11-uri.h.pkcs11-uri openssh-8.7p1/ssh-pkcs11-uri.h --- openssh-8.7p1/ssh-pkcs11-uri.h.pkcs11-uri 2021-08-30 13:07:43.667700130 +0200 +++ openssh-8.7p1/ssh-pkcs11-uri.h 2021-08-30 13:07:43.667700130 +0200 -@@ -0,0 +1,42 @@ +@@ -0,0 +1,43 @@ +/* + * Copyright (c) 2017 Red Hat + * @@ -3046,6 +3077,7 @@ diff -up openssh-8.7p1/ssh-pkcs11-uri.h.pkcs11-uri openssh-8.7p1/ssh-pkcs11-uri. + char *object; + char *lib_manuf; + char *manuf; ++ char *serial; + /* query */ + char *module_path; + char *pin; /* Only parsed, but not printed */ diff --git a/openssh-8.7p1-CVE-2023-25136.patch b/openssh-8.7p1-CVE-2023-25136.patch deleted file mode 100644 index ca661ee..0000000 --- a/openssh-8.7p1-CVE-2023-25136.patch +++ /dev/null @@ -1,38 +0,0 @@ -diff --git a/compat.c b/compat.c -index 46dfe3a9c2e..478a9403eea 100644 ---- a/compat.c -+++ b/compat.c -@@ -190,26 +190,26 @@ compat_pkalg_proposal(struct ssh *ssh, char *pkalg_prop) - char * - compat_kex_proposal(struct ssh *ssh, char *p) - { -- char *cp = NULL; -+ char *cp = NULL, *cp2 = NULL; - - if ((ssh->compat & (SSH_BUG_CURVE25519PAD|SSH_OLD_DHGEX)) == 0) - return xstrdup(p); - debug2_f("original KEX proposal: %s", p); - if ((ssh->compat & SSH_BUG_CURVE25519PAD) != 0) -- if ((p = match_filter_denylist(p, -+ if ((cp = match_filter_denylist(p, - "curve25519-sha256@libssh.org")) == NULL) - fatal("match_filter_denylist failed"); - if ((ssh->compat & SSH_OLD_DHGEX) != 0) { -- cp = p; -- if ((p = match_filter_denylist(p, -+ if ((cp2 = match_filter_denylist(cp ? cp : p, - "diffie-hellman-group-exchange-sha256," - "diffie-hellman-group-exchange-sha1")) == NULL) - fatal("match_filter_denylist failed"); - free(cp); -+ cp = cp2; - } -- debug2_f("compat KEX proposal: %s", p); -- if (*p == '\0') -+ if (cp == NULL || *cp == '\0') - fatal("No supported key exchange algorithms found"); -- return p; -+ debug2_f("compat KEX proposal: %s", cp); -+ return cp; - } - diff --git a/openssh-8.7p1-evpgenkey.patch b/openssh-8.7p1-evpgenkey.patch index 1af9b49..c8703d9 100644 --- a/openssh-8.7p1-evpgenkey.patch +++ b/openssh-8.7p1-evpgenkey.patch @@ -1,9 +1,9 @@ -diff -up openssh-8.7p1/sshkey.c.evpgenrsa openssh-8.7p1/sshkey.c ---- openssh-8.7p1/sshkey.c.evpgenrsa 2022-06-30 15:14:58.200518353 +0200 -+++ openssh-8.7p1/sshkey.c 2022-06-30 15:24:31.499641196 +0200 +diff -up openssh-9.3p1/ssh-rsa.c.evpgenrsa openssh-9.3p1/ssh-rsa.c +--- openssh-9.3p1/ssh-rsa.c.evpgenrsa 2022-06-30 15:14:58.200518353 +0200 ++++ openssh-9.3p1/ssh-rsa.c 2022-06-30 15:24:31.499641196 +0200 @@ -1657,7 +1657,8 @@ sshkey_cert_type(const struct sshkey *k) static int - rsa_generate_private_key(u_int bits, RSA **rsap) + ssh_rsa_generate(struct sshkey *k, int bits) { - RSA *private = NULL; + EVP_PKEY_CTX *ctx = NULL; @@ -11,10 +11,10 @@ diff -up openssh-8.7p1/sshkey.c.evpgenrsa openssh-8.7p1/sshkey.c BIGNUM *f4 = NULL; int ret = SSH_ERR_INTERNAL_ERROR; -@@ -1667,20 +1668,42 @@ rsa_generate_private_key(u_int bits, RSA +@@ -1667,20 +1668,42 @@ ssh_rsa_generate(u_int bits, RSA + if (bits < SSH_RSA_MINIMUM_MODULUS_SIZE || bits > SSHBUF_MAX_BIGNUM * 8) return SSH_ERR_KEY_LENGTH; - *rsap = NULL; - if ((private = RSA_new()) == NULL || (f4 = BN_new()) == NULL) { + + if ((ctx = EVP_PKEY_CTX_new_from_name(NULL, "RSA", NULL)) == NULL @@ -44,14 +44,14 @@ diff -up openssh-8.7p1/sshkey.c.evpgenrsa openssh-8.7p1/sshkey.c + } + + /* This function is deprecated in OpenSSL 3.0 but OpenSSH doesn't worry about it*/ -+ *rsap = EVP_PKEY_get1_RSA(res); -+ if (*rsap) { ++ k->rsa = EVP_PKEY_get1_RSA(res); ++ if (k->rsa) { + ret = 0; + } else { ret = SSH_ERR_LIBCRYPTO_ERROR; goto out; } -- *rsap = private; +- k->rsa = private; - private = NULL; - ret = 0; out: @@ -61,50 +61,49 @@ diff -up openssh-8.7p1/sshkey.c.evpgenrsa openssh-8.7p1/sshkey.c BN_free(f4); return ret; } +diff -up openssh-9.3p1/ssh-ecdsa.c.evpgenrsa openssh-9.3p1/ssh-ecdsa.c +--- openssh-9.3p1/ssh-ecdsa.c.evpgenrsa 2022-06-30 15:14:58.200518353 +0200 ++++ openssh-9.3p1/ssh-ecdsa.c 2022-06-30 15:24:31.499641196 +0200 @@ -1820,7 +1820,8 @@ sshkey_ecdsa_key_to_nid(EC_KEY *k) static int - ecdsa_generate_private_key(u_int bits, int *nid, EC_KEY **ecdsap) + ssh_ecdsa_generate(struct sshkey *k, int bits) { - EC_KEY *private; + EVP_PKEY_CTX *ctx = NULL; + EVP_PKEY *res = NULL; - int ret = SSH_ERR_INTERNAL_ERROR; - if (nid == NULL || ecdsap == NULL) -@@ -1828,20 +1829,29 @@ ecdsa_generate_private_key(u_int bits, i - if ((*nid = sshkey_ecdsa_bits_to_nid(bits)) == -1) + if ((k->ecdsa_nid = sshkey_ecdsa_bits_to_nid(bits)) == -1) return SSH_ERR_KEY_LENGTH; - *ecdsap = NULL; -- if ((private = EC_KEY_new_by_curve_name(*nid)) == NULL) { +@@ -1828,15 +1829,24 @@ ssh_ecdsa_generate(u_int bits, i + + if ((k->ecdsa_nid = sshkey_ecdsa_bits_to_nid(bits)) == -1) + return SSH_ERR_KEY_LENGTH; +- if ((private = EC_KEY_new_by_curve_name(k->ecdsa_nid)) == NULL) + -+ if ((ctx = EVP_PKEY_CTX_new_from_name(NULL, "EC", NULL)) == NULL) { - ret = SSH_ERR_ALLOC_FAIL; - goto out; - } ++ if ((ctx = EVP_PKEY_CTX_new_from_name(NULL, "EC", NULL)) == NULL) + return SSH_ERR_ALLOC_FAIL; - if (EC_KEY_generate_key(private) != 1) { +- EC_KEY_free(private); +- return SSH_ERR_LIBCRYPTO_ERROR; +- } + -+ if (EVP_PKEY_keygen_init(ctx) <= 0 || EVP_PKEY_CTX_set_group_name(ctx, OBJ_nid2sn(*nid)) <= 0 ++ if (EVP_PKEY_keygen_init(ctx) <= 0 || EVP_PKEY_CTX_set_group_name(ctx, OBJ_nid2sn(k->ecdsa_nid)) <= 0 + || EVP_PKEY_keygen(ctx, &res) <= 0) { -+ ret = SSH_ERR_LIBCRYPTO_ERROR; -+ goto out; ++ EVP_PKEY_CTX_free(ctx); ++ EVP_PKEY_free(res); ++ return SSH_ERR_LIBCRYPTO_ERROR; + } + /* This function is deprecated in OpenSSL 3.0 but OpenSSH doesn't worry about it*/ -+ *ecdsap = EVP_PKEY_get1_EC_KEY(res); -+ if (*ecdsap) { -+ EC_KEY_set_asn1_flag(*ecdsap, OPENSSL_EC_NAMED_CURVE); -+ ret = 0; -+ } else { - ret = SSH_ERR_LIBCRYPTO_ERROR; - goto out; - } ++ k->ecdsa = EVP_PKEY_get1_EC_KEY(res); ++ if (k->ecdsa) ++ EC_KEY_set_asn1_flag(k->ecdsa, OPENSSL_EC_NAMED_CURVE); ++ - EC_KEY_set_asn1_flag(private, OPENSSL_EC_NAMED_CURVE); -- *ecdsap = private; -- private = NULL; -- ret = 0; - out: -- EC_KEY_free(private); +- k->ecdsa = private; +- return 0; + EVP_PKEY_CTX_free(ctx); + EVP_PKEY_free(res); - return ret; ++ return (k->ecdsa) ? 0 : SSH_ERR_LIBCRYPTO_ERROR; } - # endif /* OPENSSL_HAS_ECC */ + + static int diff --git a/openssh-8.7p1-mem-leak.patch b/openssh-8.7p1-mem-leak.patch deleted file mode 100644 index 8c9ac80..0000000 --- a/openssh-8.7p1-mem-leak.patch +++ /dev/null @@ -1,156 +0,0 @@ -diff --color -rup a/compat.c b/compat.c ---- a/compat.c 2021-08-20 06:03:49.000000000 +0200 -+++ b/compat.c 2022-07-14 17:39:23.770268440 +0200 -@@ -157,11 +157,12 @@ compat_banner(struct ssh *ssh, const cha - debug_f("no match: %s", version); - } - -+/* Always returns pointer to allocated memory, caller must free. */ - char * - compat_cipher_proposal(struct ssh *ssh, char *cipher_prop) - { - if (!(ssh->compat & SSH_BUG_BIGENDIANAES)) -- return cipher_prop; -+ return xstrdup(cipher_prop); - debug2_f("original cipher proposal: %s", cipher_prop); - if ((cipher_prop = match_filter_denylist(cipher_prop, "aes*")) == NULL) - fatal("match_filter_denylist failed"); -@@ -171,11 +172,12 @@ compat_cipher_proposal(struct ssh *ssh, - return cipher_prop; - } - -+/* Always returns pointer to allocated memory, caller must free. */ - char * - compat_pkalg_proposal(struct ssh *ssh, char *pkalg_prop) - { - if (!(ssh->compat & SSH_BUG_RSASIGMD5)) -- return pkalg_prop; -+ return xstrdup(pkalg_prop); - debug2_f("original public key proposal: %s", pkalg_prop); - if ((pkalg_prop = match_filter_denylist(pkalg_prop, "ssh-rsa")) == NULL) - fatal("match_filter_denylist failed"); -@@ -185,21 +187,26 @@ compat_pkalg_proposal(struct ssh *ssh, c - return pkalg_prop; - } - -+/* Always returns pointer to allocated memory, caller must free. */ - char * - compat_kex_proposal(struct ssh *ssh, char *p) - { -+ char *cp = NULL; -+ - if ((ssh->compat & (SSH_BUG_CURVE25519PAD|SSH_OLD_DHGEX)) == 0) -- return p; -+ return xstrdup(p); - debug2_f("original KEX proposal: %s", p); - if ((ssh->compat & SSH_BUG_CURVE25519PAD) != 0) - if ((p = match_filter_denylist(p, - "curve25519-sha256@libssh.org")) == NULL) - fatal("match_filter_denylist failed"); - if ((ssh->compat & SSH_OLD_DHGEX) != 0) { -+ cp = p; - if ((p = match_filter_denylist(p, - "diffie-hellman-group-exchange-sha256," - "diffie-hellman-group-exchange-sha1")) == NULL) - fatal("match_filter_denylist failed"); -+ free(cp); - } - debug2_f("compat KEX proposal: %s", p); - if (*p == '\0') -diff --color -rup a/sshconnect2.c b/sshconnect2.c ---- a/sshconnect2.c 2022-07-14 17:38:43.241496549 +0200 -+++ b/sshconnect2.c 2022-07-14 17:39:23.772268479 +0200 -@@ -222,6 +222,7 @@ ssh_kex2(struct ssh *ssh, char *host, st - { - char *myproposal[PROPOSAL_MAX] = { KEX_CLIENT }; - char *s, *all_key; -+ char *prop_kex = NULL, *prop_enc = NULL, *prop_hostkey = NULL; - int r, use_known_hosts_order = 0; - - #if defined(GSSAPI) && defined(WITH_OPENSSL) -@@ -252,10 +253,9 @@ ssh_kex2(struct ssh *ssh, char *host, st - - if ((s = kex_names_cat(options.kex_algorithms, "ext-info-c")) == NULL) - fatal_f("kex_names_cat"); -- myproposal[PROPOSAL_KEX_ALGS] = compat_kex_proposal(ssh, s); -+ myproposal[PROPOSAL_KEX_ALGS] = prop_kex = compat_kex_proposal(ssh, s); - myproposal[PROPOSAL_ENC_ALGS_CTOS] = -- compat_cipher_proposal(ssh, options.ciphers); -- myproposal[PROPOSAL_ENC_ALGS_STOC] = -+ myproposal[PROPOSAL_ENC_ALGS_STOC] = prop_enc = - compat_cipher_proposal(ssh, options.ciphers); - myproposal[PROPOSAL_COMP_ALGS_CTOS] = - myproposal[PROPOSAL_COMP_ALGS_STOC] = -@@ -264,12 +264,12 @@ ssh_kex2(struct ssh *ssh, char *host, st - myproposal[PROPOSAL_MAC_ALGS_STOC] = options.macs; - if (use_known_hosts_order) { - /* Query known_hosts and prefer algorithms that appear there */ -- myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = -+ myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = prop_hostkey = - compat_pkalg_proposal(ssh, - order_hostkeyalgs(host, hostaddr, port, cinfo)); - } else { - /* Use specified HostkeyAlgorithms exactly */ -- myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = -+ myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = prop_hostkey = - compat_pkalg_proposal(ssh, options.hostkeyalgorithms); - } - -@@ -383,6 +383,10 @@ ssh_kex2(struct ssh *ssh, char *host, st - (r = ssh_packet_write_wait(ssh)) != 0) - fatal_fr(r, "send packet"); - #endif -+ /* Free only parts of proposal that were dynamically allocated here. */ -+ free(prop_kex); -+ free(prop_enc); -+ free(prop_hostkey); - } - - /* -diff --color -rup a/sshd.c b/sshd.c ---- a/sshd.c 2022-07-14 17:38:43.242496568 +0200 -+++ b/sshd.c 2022-07-14 17:42:07.616388978 +0200 -@@ -2493,14 +2493,15 @@ do_ssh2_kex(struct ssh *ssh) - { - char *myproposal[PROPOSAL_MAX] = { KEX_SERVER }; - struct kex *kex; -+ char *hostkey_types = NULL; -+ char *prop_kex = NULL, *prop_enc = NULL, *prop_hostkey = NULL; - int r; - -- myproposal[PROPOSAL_KEX_ALGS] = compat_kex_proposal(ssh, -+ myproposal[PROPOSAL_KEX_ALGS] = prop_kex = compat_kex_proposal(ssh, - options.kex_algorithms); -- myproposal[PROPOSAL_ENC_ALGS_CTOS] = compat_cipher_proposal(ssh, -- options.ciphers); -- myproposal[PROPOSAL_ENC_ALGS_STOC] = compat_cipher_proposal(ssh, -- options.ciphers); -+ myproposal[PROPOSAL_ENC_ALGS_CTOS] = -+ myproposal[PROPOSAL_ENC_ALGS_STOC] = prop_enc = -+ compat_cipher_proposal(ssh, options.ciphers); - myproposal[PROPOSAL_MAC_ALGS_CTOS] = - myproposal[PROPOSAL_MAC_ALGS_STOC] = options.macs; - -@@ -2513,8 +2514,10 @@ do_ssh2_kex(struct ssh *ssh) - ssh_packet_set_rekey_limits(ssh, options.rekey_limit, - options.rekey_interval); - -- myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = compat_pkalg_proposal( -- ssh, list_hostkey_types()); -+ hostkey_types = list_hostkey_types(); -+ myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = prop_hostkey = -+ compat_pkalg_proposal(ssh, hostkey_types); -+ free(hostkey_types); - - #if defined(GSSAPI) && defined(WITH_OPENSSL) - { -@@ -2606,6 +2609,9 @@ do_ssh2_kex(struct ssh *ssh) - (r = ssh_packet_write_wait(ssh)) != 0) - fatal_fr(r, "send test"); - #endif -+ free(prop_kex); -+ free(prop_enc); -+ free(prop_hostkey); - debug("KEX done"); - } - diff --git a/openssh-8.7p1-minrsabits.patch b/openssh-8.7p1-minrsabits.patch index ad91fe7..2ed59a3 100644 --- a/openssh-8.7p1-minrsabits.patch +++ b/openssh-8.7p1-minrsabits.patch @@ -1,446 +1,24 @@ -diff --git a/auth2-hostbased.c b/auth2-hostbased.c -index 36b9d2f5..6b517db4 100644 ---- a/auth2-hostbased.c -+++ b/auth2-hostbased.c -@@ -119,6 +119,11 @@ userauth_hostbased(struct ssh *ssh, const char *method) - "(null)" : key->cert->signature_type); - goto done; - } -+ if ((r = sshkey_check_rsa_length(key, -+ options.required_rsa_size)) != 0) { -+ logit_r(r, "refusing %s key", sshkey_type(key)); -+ goto done; -+ } - - if (!authctxt->valid || authctxt->user == NULL) { - debug2_f("disabled because of invalid user"); -diff --git a/auth2-pubkey.c b/auth2-pubkey.c -index 962fd342..5d59febc 100644 ---- a/auth2-pubkey.c -+++ b/auth2-pubkey.c -@@ -175,6 +175,11 @@ userauth_pubkey(struct ssh *ssh, const char *method) - "(null)" : key->cert->signature_type); - goto done; - } -+ if ((r = sshkey_check_rsa_length(key, -+ options.required_rsa_size)) != 0) { -+ logit_r(r, "refusing %s key", sshkey_type(key)); -+ goto done; -+ } - key_s = format_key(key); - if (sshkey_is_cert(key)) - ca_s = format_key(key->cert->signature_key); diff --git a/readconf.c b/readconf.c index 7f26c680..42be690b 100644 --- a/readconf.c +++ b/readconf.c -@@ -174,7 +174,7 @@ typedef enum { - oStreamLocalBindMask, oStreamLocalBindUnlink, oRevokedHostKeys, - oFingerprintHash, oUpdateHostkeys, oHostbasedAcceptedAlgorithms, - oPubkeyAcceptedAlgorithms, oCASignatureAlgorithms, oProxyJump, -- oSecurityKeyProvider, oKnownHostsCommand, -+ oSecurityKeyProvider, oKnownHostsCommand, oRequiredRSASize, - oIgnore, oIgnoredUnknownOption, oDeprecated, oUnsupported - } OpCodes; - -@@ -320,6 +320,8 @@ static struct { - { "proxyjump", oProxyJump }, +@@ -320,6 +320,7 @@ static struct { { "securitykeyprovider", oSecurityKeyProvider }, { "knownhostscommand", oKnownHostsCommand }, -+ { "requiredrsasize", oRequiredRSASize }, + { "requiredrsasize", oRequiredRSASize }, + { "rsaminsize", oRequiredRSASize }, /* alias */ + { "enableescapecommandline", oEnableEscapeCommandline }, { NULL, oBadOption } - }; -@@ -2176,6 +2177,10 @@ parse_pubkey_algos: - *charptr = xstrdup(arg); - break; - -+ case oRequiredRSASize: -+ intptr = &options->required_rsa_size; -+ goto parse_int; -+ - case oDeprecated: - debug("%s line %d: Deprecated option \"%s\"", - filename, linenum, keyword); -@@ -2423,6 +2428,7 @@ initialize_options(Options * options) - options->hostbased_accepted_algos = NULL; - options->pubkey_accepted_algos = NULL; - options->known_hosts_command = NULL; -+ options->required_rsa_size = -1; - } - - /* -@@ -2619,6 +2625,8 @@ fill_default_options(Options * options) - if (options->sk_provider == NULL) - options->sk_provider = xstrdup("$SSH_SK_PROVIDER"); - #endif -+ if (options->required_rsa_size == -1) -+ options->required_rsa_size = SSH_RSA_MINIMUM_MODULUS_SIZE; - - /* Expand KEX name lists */ - all_cipher = cipher_alg_list(',', 0); -@@ -3308,6 +3316,7 @@ dump_client_config(Options *o, const char *host) - dump_cfg_int(oNumberOfPasswordPrompts, o->number_of_password_prompts); - dump_cfg_int(oServerAliveCountMax, o->server_alive_count_max); - dump_cfg_int(oServerAliveInterval, o->server_alive_interval); -+ dump_cfg_int(oRequiredRSASize, o->required_rsa_size); - - /* String options */ - dump_cfg_string(oBindAddress, o->bind_address); -diff --git a/readconf.h b/readconf.h -index f647bd42..ffb5ec4f 100644 ---- a/readconf.h -+++ b/readconf.h -@@ -176,6 +176,8 @@ typedef struct { - - char *known_hosts_command; - -+ int required_rsa_size; /* minimum size of RSA keys */ -+ - char *ignored_unknown; /* Pattern list of unknown tokens to ignore */ - } Options; - diff --git a/servconf.c b/servconf.c index 29df0463..423772b1 100644 --- a/servconf.c +++ b/servconf.c -@@ -195,6 +195,7 @@ initialize_server_options(ServerOptions *options) - options->fingerprint_hash = -1; - options->disable_forwarding = -1; - options->expose_userauth_info = -1; -+ options->required_rsa_size = -1; - } - - /* Returns 1 if a string option is unset or set to "none" or 0 otherwise. */ -@@ -441,6 +442,8 @@ fill_default_server_options(ServerOptions *options) - options->expose_userauth_info = 0; - if (options->sk_provider == NULL) - options->sk_provider = xstrdup("internal"); -+ if (options->required_rsa_size == -1) -+ options->required_rsa_size = SSH_RSA_MINIMUM_MODULUS_SIZE; - - assemble_algorithms(options); - -@@ -517,6 +520,7 @@ typedef enum { - sStreamLocalBindMask, sStreamLocalBindUnlink, - sAllowStreamLocalForwarding, sFingerprintHash, sDisableForwarding, - sExposeAuthInfo, sRDomain, sPubkeyAuthOptions, sSecurityKeyProvider, -+ sRequiredRSASize, - sDeprecated, sIgnore, sUnsupported - } ServerOpCodes; - -@@ -676,6 +680,8 @@ static struct { - { "rdomain", sRDomain, SSHCFG_ALL }, +@@ -676,6 +680,7 @@ static struct { { "casignaturealgorithms", sCASignatureAlgorithms, SSHCFG_ALL }, { "securitykeyprovider", sSecurityKeyProvider, SSHCFG_GLOBAL }, -+ { "requiredrsasize", sRequiredRSASize, SSHCFG_ALL }, + { "requiredrsasize", sRequiredRSASize, SSHCFG_ALL }, + { "rsaminsize", sRequiredRSASize, SSHCFG_ALL }, /* alias */ + { "channeltimeout", sChannelTimeout, SSHCFG_ALL }, + { "unusedconnectiontimeout", sUnusedConnectionTimeout, SSHCFG_ALL }, { NULL, sBadOption, 0 } - }; - -@@ -2438,6 +2443,10 @@ process_server_config_line_depth(ServerOptions *options, char *line, - *charptr = xstrdup(arg); - break; - -+ case sRequiredRSASize: -+ intptr = &options->required_rsa_size; -+ goto parse_int; -+ - case sDeprecated: - case sIgnore: - case sUnsupported: -@@ -2610,6 +2619,7 @@ copy_set_server_options(ServerOptions *dst, ServerOptions *src, int preauth) - M_CP_INTOPT(rekey_limit); - M_CP_INTOPT(rekey_interval); - M_CP_INTOPT(log_level); -+ M_CP_INTOPT(required_rsa_size); - - /* - * The bind_mask is a mode_t that may be unsigned, so we can't use -@@ -2874,6 +2884,7 @@ dump_config(ServerOptions *o) - dump_cfg_int(sMaxSessions, o->max_sessions); - dump_cfg_int(sClientAliveInterval, o->client_alive_interval); - dump_cfg_int(sClientAliveCountMax, o->client_alive_count_max); -+ dump_cfg_int(sRequiredRSASize, o->required_rsa_size); - dump_cfg_oct(sStreamLocalBindMask, o->fwd_opts.streamlocal_bind_mask); - - /* formatted integer arguments */ -diff --git a/servconf.h b/servconf.h -index 8a04463e..9346155c 100644 ---- a/servconf.h -+++ b/servconf.h -@@ -229,6 +229,7 @@ typedef struct { - int expose_userauth_info; - u_int64_t timing_secret; - char *sk_provider; -+ int required_rsa_size; /* minimum size of RSA keys */ - } ServerOptions; - - /* Information about the incoming connection as used by Match */ -diff --git a/ssh.c b/ssh.c -index 559bf2af..25be53d5 100644 ---- a/ssh.c -+++ b/ssh.c -@@ -516,14 +516,22 @@ resolve_canonicalize(char **hostp, int port) - } - - /* -- * Check the result of hostkey loading, ignoring some errors and -- * fatal()ing for others. -+ * Check the result of hostkey loading, ignoring some errors and either -+ * discarding the key or fatal()ing for others. - */ - static void --check_load(int r, const char *path, const char *message) -+check_load(int r, struct sshkey **k, const char *path, const char *message) - { - switch (r) { - case 0: -+ /* Check RSA keys size and discard if undersized */ -+ if (k != NULL && *k != NULL && -+ (r = sshkey_check_rsa_length(*k, -+ options.required_rsa_size)) != 0) { -+ error_r(r, "load %s \"%s\"", message, path); -+ free(*k); -+ *k = NULL; -+ } - break; - case SSH_ERR_INTERNAL_ERROR: - case SSH_ERR_ALLOC_FAIL: -@@ -1578,7 +1586,7 @@ main(int ac, char **av) - if ((o) >= sensitive_data.nkeys) \ - fatal_f("pubkey out of array bounds"); \ - check_load(sshkey_load_public(p, &(sensitive_data.keys[o]), NULL), \ -- p, "pubkey"); \ -+ &(sensitive_data.keys[o]), p, "pubkey"); \ - if (sensitive_data.keys[o] != NULL) \ - debug2("hostbased key %d: %s key from \"%s\"", o, \ - sshkey_ssh_name(sensitive_data.keys[o]), p); \ -@@ -1586,7 +1594,8 @@ main(int ac, char **av) - #define L_CERT(p,o) do { \ - if ((o) >= sensitive_data.nkeys) \ - fatal_f("cert out of array bounds"); \ -- check_load(sshkey_load_cert(p, &(sensitive_data.keys[o])), p, "cert"); \ -+ check_load(sshkey_load_cert(p, &(sensitive_data.keys[o])), \ -+ &(sensitive_data.keys[o]), p, "cert"); \ - if (sensitive_data.keys[o] != NULL) \ - debug2("hostbased key %d: %s cert from \"%s\"", o, \ - sshkey_ssh_name(sensitive_data.keys[o]), p); \ -@@ -2265,7 +2274,7 @@ load_public_identity_files(const struct ssh_conn_info *cinfo) - filename = default_client_percent_dollar_expand(cp, cinfo); - free(cp); - check_load(sshkey_load_public(filename, &public, NULL), -- filename, "pubkey"); -+ &public, filename, "pubkey"); - debug("identity file %s type %d", filename, - public ? public->type : -1); - free(options.identity_files[i]); -@@ -2284,7 +2293,7 @@ load_public_identity_files(const struct ssh_conn_info *cinfo) - continue; - xasprintf(&cp, "%s-cert", filename); - check_load(sshkey_load_public(cp, &public, NULL), -- filename, "pubkey"); -+ &public, filename, "pubkey"); - debug("identity file %s type %d", cp, - public ? public->type : -1); - if (public == NULL) { -@@ -2315,7 +2324,7 @@ load_public_identity_files(const struct ssh_conn_info *cinfo) - free(cp); - - check_load(sshkey_load_public(filename, &public, NULL), -- filename, "certificate"); -+ &public, filename, "certificate"); - debug("certificate file %s type %d", filename, - public ? public->type : -1); - free(options.certificate_files[i]); -diff --git a/sshconnect2.c b/sshconnect2.c -index f9bd19ea..58fe98db 100644 ---- a/sshconnect2.c -+++ b/sshconnect2.c -@@ -96,6 +96,11 @@ static const struct ssh_conn_info *xxx_conn_info; - static int - verify_host_key_callback(struct sshkey *hostkey, struct ssh *ssh) - { -+ int r; -+ -+ if ((r = sshkey_check_rsa_length(hostkey, -+ options.required_rsa_size)) != 0) -+ fatal_r(r, "Bad server host key"); - if (verify_host_key(xxx_host, xxx_hostaddr, hostkey, - xxx_conn_info) == -1) - fatal("Host key verification failed."); -@@ -1606,6 +1611,13 @@ load_identity_file(Identity *id) - private = NULL; - quit = 1; - } -+ if (!quit && (r = sshkey_check_rsa_length(private, -+ options.required_rsa_size)) != 0) { -+ debug_fr(r, "Skipping key %s", id->filename); -+ sshkey_free(private); -+ private = NULL; -+ quit = 1; -+ } - if (!quit && private != NULL && id->agent_fd == -1 && - !(id->key && id->isprivate)) - maybe_add_key_to_agent(id->filename, private, comment, -@@ -1752,6 +1764,12 @@ pubkey_prepare(struct ssh *ssh, Authctxt *authctxt) - /* list of keys supported by the agent */ - if ((r = get_agent_identities(ssh, &agent_fd, &idlist)) == 0) { - for (j = 0; j < idlist->nkeys; j++) { -+ if ((r = sshkey_check_rsa_length(idlist->keys[j], -+ options.required_rsa_size)) != 0) { -+ debug_fr(r, "ignoring %s agent key", -+ sshkey_ssh_name(idlist->keys[j])); -+ continue; -+ } - found = 0; - TAILQ_FOREACH(id, &files, next) { - /* -diff --git a/sshd.c b/sshd.c -index 17eee9d8..395ef493 100644 ---- a/sshd.c -+++ b/sshd.c -@@ -1870,6 +1870,13 @@ main(int ac, char **av) - fatal_r(r, "Could not demote key: \"%s\"", - options.host_key_files[i]); - } -+ if (pubkey != NULL && (r = sshkey_check_rsa_length(pubkey, -+ options.required_rsa_size)) != 0) { -+ error_fr(r, "Host key %s", options.host_key_files[i]); -+ sshkey_free(pubkey); -+ sshkey_free(key); -+ continue; -+ } - sensitive_data.host_keys[i] = key; - sensitive_data.host_pubkeys[i] = pubkey; - -diff --git a/sshkey.c b/sshkey.c -index ed2b5dff..77093235 100644 ---- a/sshkey.c -+++ b/sshkey.c -@@ -2365,18 +2365,24 @@ cert_parse(struct sshbuf *b, struct sshkey *key, struct sshbuf *certbuf) - return ret; - } - --#ifdef WITH_OPENSSL --static int --check_rsa_length(const RSA *rsa) -+int -+sshkey_check_rsa_length(const struct sshkey *k, int min_size) - { -+#ifdef WITH_OPENSSL - const BIGNUM *rsa_n; -+ int nbits; - -- RSA_get0_key(rsa, &rsa_n, NULL, NULL); -- if (BN_num_bits(rsa_n) < SSH_RSA_MINIMUM_MODULUS_SIZE) -+ if (k == NULL || k->rsa == NULL || -+ (k->type != KEY_RSA && k->type != KEY_RSA_CERT)) -+ return 0; -+ RSA_get0_key(k->rsa, &rsa_n, NULL, NULL); -+ nbits = BN_num_bits(rsa_n); -+ if (nbits < SSH_RSA_MINIMUM_MODULUS_SIZE || -+ (min_size > 0 && nbits < min_size)) - return SSH_ERR_KEY_LENGTH; -+#endif /* WITH_OPENSSL */ - return 0; - } --#endif - - static int - sshkey_from_blob_internal(struct sshbuf *b, struct sshkey **keyp, -@@ -2439,7 +2445,7 @@ sshkey_from_blob_internal(struct sshbuf *b, struct sshkey **keyp, - goto out; - } - rsa_n = rsa_e = NULL; /* transferred */ -- if ((ret = check_rsa_length(key->rsa)) != 0) -+ if ((ret = sshkey_check_rsa_length(key, 0)) != 0) - goto out; - #ifdef DEBUG_PK - RSA_print_fp(stderr, key->rsa, 8); -@@ -3642,7 +3648,7 @@ sshkey_private_deserialize(struct sshbuf *buf, struct sshkey **kp) - goto out; - } - rsa_p = rsa_q = NULL; /* transferred */ -- if ((r = check_rsa_length(k->rsa)) != 0) -+ if ((r = sshkey_check_rsa_length(k, 0)) != 0) - goto out; - if ((r = ssh_rsa_complete_crt_parameters(k, rsa_iqmp)) != 0) - goto out; -@@ -4644,7 +4650,7 @@ sshkey_parse_private_pem_fileblob(struct sshbuf *blob, int type, - r = SSH_ERR_LIBCRYPTO_ERROR; - goto out; - } -- if ((r = check_rsa_length(prv->rsa)) != 0) -+ if ((r = sshkey_check_rsa_length(prv, 0)) != 0) - goto out; - } else if (EVP_PKEY_base_id(pk) == EVP_PKEY_DSA && - (type == KEY_UNSPEC || type == KEY_DSA)) { -diff --git a/sshkey.h b/sshkey.h -index 094815e0..be254e6b 100644 ---- a/sshkey.h -+++ b/sshkey.h -@@ -273,6 +273,7 @@ int sshkey_parse_private_fileblob_type(struct sshbuf *blob, int type, - int sshkey_parse_pubkey_from_private_fileblob_type(struct sshbuf *blob, - int type, struct sshkey **pubkeyp); - -+int sshkey_check_rsa_length(const struct sshkey *, int); - /* XXX should be internal, but used by ssh-keygen */ - int ssh_rsa_complete_crt_parameters(struct sshkey *, const BIGNUM *); - -diff --git a/ssh.1 b/ssh.1 -index b4956aec..e255b9b9 100644 ---- a/ssh.1 -+++ b/ssh.1 -@@ -571,6 +571,7 @@ For full details of the options listed below, and their possible values, see - .It RemoteCommand - .It RemoteForward - .It RequestTTY -+.It RequiredRSASize - .It SendEnv - .It ServerAliveInterval - .It ServerAliveCountMax -diff --git a/ssh_config.5 b/ssh_config.5 -index 24a46460..d1ede18e 100644 ---- a/ssh_config.5 -+++ b/ssh_config.5 -@@ -1634,6 +1634,17 @@ and - .Fl T - flags for - .Xr ssh 1 . -+.It Cm RequiredRSASize -+Specifies the minimum RSA key size (in bits) that -+.Xr ssh 1 -+will accept. -+User authentication keys smaller than this limit will be ignored. -+Servers that present host keys smaller than this limit will cause the -+connection to be terminated. -+The default is -+.Cm 1024 -+bits. -+Note that this limit may only be raised from the default. - .It Cm RevokedHostKeys - Specifies revoked host public keys. - Keys listed in this file will be refused for host authentication. -diff --git a/sshd_config.5 b/sshd_config.5 -index 867a747d..f5a06637 100644 ---- a/sshd_config.5 -+++ b/sshd_config.5 -@@ -1596,6 +1596,16 @@ is - .Cm default none , - which means that rekeying is performed after the cipher's default amount - of data has been sent or received and no time based rekeying is done. -+.It Cm RequiredRSASize -+Specifies the minimum RSA key size (in bits) that -+.Xr sshd 8 -+will accept. -+User and host-based authentication keys smaller than this limit will be -+refused. -+The default is -+.Cm 1024 -+bits. -+Note that this limit may only be raised from the default. - .It Cm RevokedKeys - Specifies revoked public keys file, or - .Cm none diff --git a/openssh-8.7p1-negotiate-supported-algs.patch b/openssh-8.7p1-negotiate-supported-algs.patch index 260ddb8..ee3637f 100644 --- a/openssh-8.7p1-negotiate-supported-algs.patch +++ b/openssh-8.7p1-negotiate-supported-algs.patch @@ -1,63 +1,117 @@ -diff --color -rup a/regress/hostkey-agent.sh b/regress/hostkey-agent.sh ---- a/regress/hostkey-agent.sh 2021-08-20 06:03:49.000000000 +0200 -+++ b/regress/hostkey-agent.sh 2022-07-14 11:58:12.172786060 +0200 -@@ -13,8 +13,12 @@ r=$? +diff -up openssh-9.3p1/regress/hostkey-agent.sh.xxx openssh-9.3p1/regress/hostkey-agent.sh +--- openssh-9.3p1/regress/hostkey-agent.sh.xxx 2023-05-29 18:15:56.311236887 +0200 ++++ openssh-9.3p1/regress/hostkey-agent.sh 2023-05-29 18:16:07.598503551 +0200 +@@ -17,8 +17,21 @@ trace "make CA key" ${SSHKEYGEN} -qt ed25519 -f $OBJ/agent-ca -N '' || fatal "ssh-keygen CA" +PUBKEY_ACCEPTED_ALGOS=`$SSH -G "example.com" | \ + grep -i "PubkeyAcceptedAlgorithms" | cut -d ' ' -f2- | tr "," "|"` +SSH_ACCEPTED_KEYTYPES=`echo "$SSH_KEYTYPES" | egrep "$PUBKEY_ACCEPTED_ALGOS"` ++echo $PUBKEY_ACCEPTED_ALGOS | grep "rsa" ++r=$? ++if [ $r == 0 ]; then ++echo $SSH_ACCEPTED_KEYTYPES | grep "rsa" ++r=$? ++if [ $r -ne 0 ]; then ++SSH_ACCEPTED_KEYTYPES="$SSH_ACCEPTED_KEYTYPES ssh-rsa" ++fi ++fi + trace "load hostkeys" -for k in $SSH_KEYTYPES ; do +for k in $SSH_ACCEPTED_KEYTYPES ; do - ${SSHKEYGEN} -qt $k -f $OBJ/agent-key.$k -N '' || fatal "ssh-keygen $k" - ${SSHKEYGEN} -s $OBJ/agent-ca -qh -n localhost-with-alias \ - -I localhost-with-alias $OBJ/agent-key.$k.pub || \ -@@ -31,7 +35,7 @@ cp $OBJ/known_hosts.orig $OBJ/known_host + ${SSHKEYGEN} -qt $k -f $OBJ/agent-key.$k -N '' || fatal "ssh-keygen $k" + ${SSHKEYGEN} -s $OBJ/agent-ca -qh -n localhost-with-alias \ + -I localhost-with-alias $OBJ/agent-key.$k.pub || \ +@@ -32,12 +48,16 @@ rm $OBJ/agent-ca # Don't need CA private unset SSH_AUTH_SOCK -for k in $SSH_KEYTYPES ; do +for k in $SSH_ACCEPTED_KEYTYPES ; do - verbose "key type $k" - cp $OBJ/sshd_proxy.orig $OBJ/sshd_proxy - echo "HostKeyAlgorithms $k" >> $OBJ/sshd_proxy -diff --color -rup a/sshconnect2.c b/sshconnect2.c ---- a/sshconnect2.c 2022-07-14 10:10:07.262975710 +0200 -+++ b/sshconnect2.c 2022-07-14 10:10:32.068452067 +0200 -@@ -222,6 +222,7 @@ ssh_kex2(struct ssh *ssh, char *host, st + verbose "key type $k" ++ hka=$k ++ if [ $k = "ssh-rsa" ]; then ++ hka="rsa-sha2-512" ++ fi + cp $OBJ/sshd_proxy.orig $OBJ/sshd_proxy +- echo "HostKeyAlgorithms $k" >> $OBJ/sshd_proxy ++ echo "HostKeyAlgorithms $hka" >> $OBJ/sshd_proxy + echo "Hostkey $OBJ/agent-key.${k}" >> $OBJ/sshd_proxy +- opts="-oHostKeyAlgorithms=$k -F $OBJ/ssh_proxy" ++ opts="-oHostKeyAlgorithms=$hka -F $OBJ/ssh_proxy" + ( printf 'localhost-with-alias,127.0.0.1,::1 ' ; + cat $OBJ/agent-key.$k.pub) > $OBJ/known_hosts + SSH_CONNECTION=`${SSH} $opts host 'echo $SSH_CONNECTION'` +@@ -50,15 +70,16 @@ for k in $SSH_KEYTYPES ; do + done + + SSH_CERTTYPES=`ssh -Q key-sig | grep 'cert-v01@openssh.com'` ++SSH_ACCEPTED_CERTTYPES=`echo "$SSH_CERTTYPES" | egrep "$PUBKEY_ACCEPTED_ALGOS"` + + # Prepare sshd_proxy for certificates. + cp $OBJ/sshd_proxy.orig $OBJ/sshd_proxy + HOSTKEYALGS="" +-for k in $SSH_CERTTYPES ; do ++for k in $SSH_ACCEPTED_CERTTYPES ; do + test -z "$HOSTKEYALGS" || HOSTKEYALGS="${HOSTKEYALGS}," + HOSTKEYALGS="${HOSTKEYALGS}${k}" + done +-for k in $SSH_KEYTYPES ; do ++for k in $SSH_ACCEPTED_KEYTYPES ; do + echo "Hostkey $OBJ/agent-key.${k}.pub" >> $OBJ/sshd_proxy + echo "HostCertificate $OBJ/agent-key.${k}-cert.pub" >> $OBJ/sshd_proxy + test -f $OBJ/agent-key.${k}.pub || fatal "no $k key" +@@ -70,7 +93,7 @@ echo "HostKeyAlgorithms $HOSTKEYALGS" >> + ( printf '@cert-authority localhost-with-alias ' ; + cat $OBJ/agent-ca.pub) > $OBJ/known_hosts + +-for k in $SSH_CERTTYPES ; do ++for k in $SSH_ACCEPTED_CERTTYPES ; do + verbose "cert type $k" + opts="-oHostKeyAlgorithms=$k -F $OBJ/ssh_proxy" + SSH_CONNECTION=`${SSH} $opts host 'echo $SSH_CONNECTION'` +diff -up openssh-9.3p1/sshconnect2.c.xxx openssh-9.3p1/sshconnect2.c +--- openssh-9.3p1/sshconnect2.c.xxx 2023-04-26 17:37:35.100827792 +0200 ++++ openssh-9.3p1/sshconnect2.c 2023-04-26 17:50:31.860748877 +0200 +@@ -221,7 +221,7 @@ ssh_kex2(struct ssh *ssh, char *host, st + const struct ssh_conn_info *cinfo) { - char *myproposal[PROPOSAL_MAX] = { KEX_CLIENT }; - char *s, *all_key; -+ char *hostkeyalgs = NULL, *pkalg = NULL; - char *prop_kex = NULL, *prop_enc = NULL, *prop_hostkey = NULL; + char *myproposal[PROPOSAL_MAX]; +- char *s, *all_key, *hkalgs = NULL; ++ char *s, *all_key, *hkalgs = NULL, *filtered_algs = NULL; int r, use_known_hosts_order = 0; -@@ -264,14 +265,19 @@ ssh_kex2(struct ssh *ssh, char *host, st - myproposal[PROPOSAL_MAC_ALGS_STOC] = options.macs; - if (use_known_hosts_order) { - /* Query known_hosts and prefer algorithms that appear there */ -- myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = prop_hostkey = -- compat_pkalg_proposal(ssh, -- order_hostkeyalgs(host, hostaddr, port, cinfo)); -+ if ((hostkeyalgs = order_hostkeyalgs(host, hostaddr, port, cinfo)) == NULL) -+ fatal_f("order_hostkeyalgs"); -+ pkalg = match_filter_allowlist(hostkeyalgs, options.pubkey_accepted_algos); -+ free(hostkeyalgs); - } else { -- /* Use specified HostkeyAlgorithms exactly */ -- myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = prop_hostkey = -- compat_pkalg_proposal(ssh, options.hostkeyalgorithms); -+ /* Use specified HostkeyAlgorithms */ -+ pkalg = match_filter_allowlist(options.hostkeyalgorithms, options.pubkey_accepted_algos); - } -+ if (pkalg == NULL) -+ fatal_f("match_filter_allowlist"); -+ myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = prop_hostkey = -+ compat_pkalg_proposal(ssh, pkalg); -+ free(pkalg); + #if defined(GSSAPI) && defined(WITH_OPENSSL) +@@ -260,9 +260,21 @@ ssh_kex2(struct ssh *ssh, char *host, st + if (use_known_hosts_order) + hkalgs = order_hostkeyalgs(host, hostaddr, port, cinfo); + ++ filtered_algs = hkalgs ? match_filter_allowlist(hkalgs, options.pubkey_accepted_algos) ++ : match_filter_allowlist(options.hostkeyalgorithms, ++ options.pubkey_accepted_algos); ++ if (filtered_algs == NULL) { ++ if (hkalgs) ++ fatal_f("No match between algorithms for %s (host %s) and pubkey accepted algorithms %s", ++ hkalgs, host, options.pubkey_accepted_algos); ++ else ++ fatal_f("No match between host key algorithms %s and pubkey accepted algorithms %s", ++ options.hostkeyalgorithms, options.pubkey_accepted_algos); ++ } ++ + kex_proposal_populate_entries(ssh, myproposal, s, options.ciphers, + options.macs, compression_alg_list(options.compression), +- hkalgs ? hkalgs : options.hostkeyalgorithms); ++ filtered_algs); #if defined(GSSAPI) && defined(WITH_OPENSSL) if (options.gss_keyex) { +@@ -303,6 +315,7 @@ ssh_kex2(struct ssh *ssh, char *host, st + #endif + + free(hkalgs); ++ free(filtered_algs); + + /* start key exchange */ + if ((r = kex_setup(ssh, myproposal)) != 0) diff --git a/openssh-8.7p1-nohostsha1proof.patch b/openssh-8.7p1-nohostsha1proof.patch index ab51204..7fea800 100644 --- a/openssh-8.7p1-nohostsha1proof.patch +++ b/openssh-8.7p1-nohostsha1proof.patch @@ -295,6 +295,14 @@ diff -up openssh-8.7p1/regress/unittests/sshsig/tests.c.sshrsacheck openssh-8.7p diff -up openssh-8.7p1/serverloop.c.sshrsacheck openssh-8.7p1/serverloop.c --- openssh-8.7p1/serverloop.c.sshrsacheck 2023-01-12 14:57:08.118400073 +0100 +++ openssh-8.7p1/serverloop.c 2023-01-12 14:59:17.330470518 +0100 +@@ -80,6 +80,7 @@ + #include "auth-options.h" + #include "serverloop.h" + #include "ssherr.h" ++#include "compat.h" + + extern ServerOptions options; + @@ -737,6 +737,10 @@ server_input_hostkeys_prove(struct ssh * else if (ssh->kex->flags & KEX_RSA_SHA2_256_SUPPORTED) sigalg = "rsa-sha2-256"; @@ -328,9 +336,9 @@ diff -up openssh-8.7p1/sshd.c.sshrsacheck openssh-8.7p1/sshd.c --- openssh-8.7p1/sshd.c.sshrsacheck 2023-01-12 13:29:06.355711140 +0100 +++ openssh-8.7p1/sshd.c 2023-01-12 13:29:06.358711178 +0100 @@ -1640,6 +1651,7 @@ main(int ac, char **av) - int keytype; Authctxt *authctxt; struct connection_info *connection_info = NULL; + sigset_t sigmask; + int forbid_ssh_rsa = 0; #ifdef HAVE_SECUREWARE @@ -379,38 +387,6 @@ diff -up openssh-8.7p1/sshd.c.sshrsacheck openssh-8.7p1/sshd.c /* Prepare the channels layer */ channel_init_channels(ssh); channel_set_af(ssh, options.address_family); -diff -Nur openssh-8.7p1/ssh-keygen.c openssh-8.7p1_patched/ssh-keygen.c ---- openssh-8.7p1/ssh-keygen.c 2023-01-18 17:41:47.894515779 +0100 -+++ openssh-8.7p1_patched/ssh-keygen.c 2023-01-18 17:41:44.500488818 +0100 -@@ -491,6 +491,8 @@ - BIGNUM *dsa_pub_key = NULL, *dsa_priv_key = NULL; - BIGNUM *rsa_n = NULL, *rsa_e = NULL, *rsa_d = NULL; - BIGNUM *rsa_p = NULL, *rsa_q = NULL, *rsa_iqmp = NULL; -+ char rsa_safe_alg[] = "rsa-sha2-256"; -+ char *alg = NULL; - - if ((r = sshbuf_get_u32(b, &magic)) != 0) - fatal_fr(r, "parse magic"); -@@ -590,6 +592,7 @@ do_convert_private_ssh2(struct sshbuf *b - if ((r = ssh_rsa_complete_crt_parameters(key, rsa_iqmp)) != 0) - fatal_fr(r, "generate RSA parameters"); - BN_clear_free(rsa_iqmp); -+ alg = rsa_safe_alg; - break; - } - rlen = sshbuf_len(b); -@@ -598,9 +601,9 @@ do_convert_private_ssh2(struct sshbuf *b - - /* try the key */ - if (sshkey_sign(key, &sig, &slen, data, sizeof(data), -- NULL, NULL, NULL, 0) != 0 || -+ alg, NULL, NULL, 0) != 0 || - sshkey_verify(key, sig, slen, data, sizeof(data), -- NULL, 0, NULL) != 0) { -+ alg, 0, NULL) != 0) { - sshkey_free(key); - free(sig); - return NULL; diff -up openssh-8.7p1/ssh-rsa.c.sshrsacheck openssh-8.7p1/ssh-rsa.c --- openssh-8.7p1/ssh-rsa.c.sshrsacheck 2023-01-20 13:07:54.180676144 +0100 +++ openssh-8.7p1/ssh-rsa.c 2023-01-20 13:07:54.290677074 +0100 diff --git a/openssh-8.7p1-recursive-scp.patch b/openssh-8.7p1-recursive-scp.patch index 5b44d92..f0d9b0f 100644 --- a/openssh-8.7p1-recursive-scp.patch +++ b/openssh-8.7p1-recursive-scp.patch @@ -5,8 +5,8 @@ diff -up openssh-8.7p1/scp.c.scp-sftpdirs openssh-8.7p1/scp.c if (src_is_dir && iamrecursive) { if (upload_dir(conn, src, abs_dst, pflag, -- SFTP_PROGRESS_ONLY, 0, 0, 1) != 0) { -+ SFTP_PROGRESS_ONLY, 0, 0, 1, 1) != 0) { +- SFTP_PROGRESS_ONLY, 0, 0, 1, 1) != 0) { ++ SFTP_PROGRESS_ONLY, 0, 0, 1, 1, 1) != 0) { error("failed to upload directory %s to %s", src, targ); errs = 1; } @@ -108,8 +108,8 @@ diff -up openssh-8.7p1/sftp-client.c.scp-sftpdirs openssh-8.7p1/sftp-client.c int upload_dir(struct sftp_conn *conn, const char *src, const char *dst, int preserve_flag, int print_flag, int resume, int fsync_flag, -- int follow_link_flag) -+ int follow_link_flag, int create_dir) +- int follow_link_flag, int inplace_flag) ++ int follow_link_flag, int inplace_flag, int create_dir) { char *dst_canon; int ret; @@ -143,9 +143,9 @@ diff -up openssh-8.7p1/sftp-client.h.scp-sftpdirs openssh-8.7p1/sftp-client.h @@ -159,7 +159,7 @@ int do_upload(struct sftp_conn *, const * times if 'pflag' is set */ - int upload_dir(struct sftp_conn *, const char *, const char *, int, int, int, -- int, int); -+ int, int, int); + int upload_dir(struct sftp_conn *, const char *, const char *, +- int, int, int, int, int, int); ++ int, int, int, int, int, int, int); /* * Download a 'from_path' from the 'from' connection and upload it to @@ -156,8 +156,8 @@ diff -up openssh-8.7p1/sftp.c.scp-sftpdirs openssh-8.7p1/sftp.c if (globpath_is_dir(g.gl_pathv[i]) && (rflag || global_rflag)) { if (upload_dir(conn, g.gl_pathv[i], abs_dst, pflag || global_pflag, 1, resume, -- fflag || global_fflag, 0) == -1) -+ fflag || global_fflag, 0, 0) == -1) +- fflag || global_fflag, 0, 0) == -1) ++ fflag || global_fflag, 0, 0, 0) == -1) err = -1; } else { if (do_upload(conn, g.gl_pathv[i], abs_dst, diff --git a/openssh-8.7p1-scp-clears-file.patch b/openssh-8.7p1-scp-clears-file.patch deleted file mode 100644 index 3ecff1e..0000000 --- a/openssh-8.7p1-scp-clears-file.patch +++ /dev/null @@ -1,303 +0,0 @@ -diff --color -rup a/scp.c b/scp.c ---- a/scp.c 2022-07-26 14:51:40.560120817 +0200 -+++ b/scp.c 2022-07-26 14:52:37.118213004 +0200 -@@ -1324,11 +1324,11 @@ source_sftp(int argc, char *src, char *t - - if (src_is_dir && iamrecursive) { - if (upload_dir(conn, src, abs_dst, pflag, -- SFTP_PROGRESS_ONLY, 0, 0, 1, 1) != 0) { -+ SFTP_PROGRESS_ONLY, 0, 0, 1, 1, 1) != 0) { - error("failed to upload directory %s to %s", src, targ); - errs = 1; - } -- } else if (do_upload(conn, src, abs_dst, pflag, 0, 0) != 0) { -+ } else if (do_upload(conn, src, abs_dst, pflag, 0, 0, 1) != 0) { - error("failed to upload file %s to %s", src, targ); - errs = 1; - } -@@ -1566,11 +1566,11 @@ sink_sftp(int argc, char *dst, const cha - debug("Fetching %s to %s\n", g.gl_pathv[i], abs_dst); - if (globpath_is_dir(g.gl_pathv[i]) && iamrecursive) { - if (download_dir(conn, g.gl_pathv[i], abs_dst, NULL, -- pflag, SFTP_PROGRESS_ONLY, 0, 0, 1) == -1) -+ pflag, SFTP_PROGRESS_ONLY, 0, 0, 1, 1) == -1) - err = -1; - } else { - if (do_download(conn, g.gl_pathv[i], abs_dst, NULL, -- pflag, 0, 0) == -1) -+ pflag, 0, 0, 1) == -1) - err = -1; - } - free(abs_dst); -diff --color -rup a/sftp.c b/sftp.c ---- a/sftp.c 2022-07-26 14:51:40.561120836 +0200 -+++ b/sftp.c 2022-07-26 14:52:37.119213023 +0200 -@@ -666,12 +666,12 @@ process_get(struct sftp_conn *conn, cons - if (globpath_is_dir(g.gl_pathv[i]) && (rflag || global_rflag)) { - if (download_dir(conn, g.gl_pathv[i], abs_dst, NULL, - pflag || global_pflag, 1, resume, -- fflag || global_fflag, 0) == -1) -+ fflag || global_fflag, 0, 0) == -1) - err = -1; - } else { - if (do_download(conn, g.gl_pathv[i], abs_dst, NULL, - pflag || global_pflag, resume, -- fflag || global_fflag) == -1) -+ fflag || global_fflag, 0) == -1) - err = -1; - } - free(abs_dst); -@@ -760,12 +760,12 @@ process_put(struct sftp_conn *conn, cons - if (globpath_is_dir(g.gl_pathv[i]) && (rflag || global_rflag)) { - if (upload_dir(conn, g.gl_pathv[i], abs_dst, - pflag || global_pflag, 1, resume, -- fflag || global_fflag, 0, 0) == -1) -+ fflag || global_fflag, 0, 0, 0) == -1) - err = -1; - } else { - if (do_upload(conn, g.gl_pathv[i], abs_dst, - pflag || global_pflag, resume, -- fflag || global_fflag) == -1) -+ fflag || global_fflag, 0) == -1) - err = -1; - } - } -diff --color -rup a/sftp-client.c b/sftp-client.c ---- a/sftp-client.c 2022-07-26 14:51:40.561120836 +0200 -+++ b/sftp-client.c 2022-07-26 15:09:54.825295533 +0200 -@@ -1454,7 +1454,7 @@ progress_meter_path(const char *path) - int - do_download(struct sftp_conn *conn, const char *remote_path, - const char *local_path, Attrib *a, int preserve_flag, int resume_flag, -- int fsync_flag) -+ int fsync_flag, int inplace_flag) - { - struct sshbuf *msg; - u_char *handle; -@@ -1498,8 +1498,8 @@ do_download(struct sftp_conn *conn, cons - &handle, &handle_len) != 0) - return -1; - -- local_fd = open(local_path, -- O_WRONLY | O_CREAT | (resume_flag ? 0 : O_TRUNC), mode | S_IWUSR); -+ local_fd = open(local_path, O_WRONLY | O_CREAT | -+ ((resume_flag || inplace_flag) ? 0 : O_TRUNC), mode | S_IWUSR); - if (local_fd == -1) { - error("open local \"%s\": %s", local_path, strerror(errno)); - goto fail; -@@ -1661,8 +1661,11 @@ do_download(struct sftp_conn *conn, cons - /* Sanity check */ - if (TAILQ_FIRST(&requests) != NULL) - fatal("Transfer complete, but requests still in queue"); -- /* Truncate at highest contiguous point to avoid holes on interrupt */ -- if (read_error || write_error || interrupted) { -+ /* -+ * Truncate at highest contiguous point to avoid holes on interrupt, -+ * or unconditionally if writing in place. -+ */ -+ if (inplace_flag || read_error || write_error || interrupted) { - if (reordered && resume_flag) { - error("Unable to resume download of \"%s\": " - "server reordered requests", local_path); -@@ -1724,7 +1727,7 @@ do_download(struct sftp_conn *conn, cons - static int - download_dir_internal(struct sftp_conn *conn, const char *src, const char *dst, - int depth, Attrib *dirattrib, int preserve_flag, int print_flag, -- int resume_flag, int fsync_flag, int follow_link_flag) -+ int resume_flag, int fsync_flag, int follow_link_flag, int inplace_flag) - { - int i, ret = 0; - SFTP_DIRENT **dir_entries; -@@ -1781,7 +1784,7 @@ download_dir_internal(struct sftp_conn * - if (download_dir_internal(conn, new_src, new_dst, - depth + 1, &(dir_entries[i]->a), preserve_flag, - print_flag, resume_flag, -- fsync_flag, follow_link_flag) == -1) -+ fsync_flag, follow_link_flag, inplace_flag) == -1) - ret = -1; - } else if (S_ISREG(dir_entries[i]->a.perm) || - (follow_link_flag && S_ISLNK(dir_entries[i]->a.perm))) { -@@ -1793,7 +1796,8 @@ download_dir_internal(struct sftp_conn * - if (do_download(conn, new_src, new_dst, - S_ISLNK(dir_entries[i]->a.perm) ? NULL : - &(dir_entries[i]->a), -- preserve_flag, resume_flag, fsync_flag) == -1) { -+ preserve_flag, resume_flag, fsync_flag, -+ inplace_flag) == -1) { - error("Download of file %s to %s failed", - new_src, new_dst); - ret = -1; -@@ -1831,7 +1835,7 @@ download_dir_internal(struct sftp_conn * - int - download_dir(struct sftp_conn *conn, const char *src, const char *dst, - Attrib *dirattrib, int preserve_flag, int print_flag, int resume_flag, -- int fsync_flag, int follow_link_flag) -+ int fsync_flag, int follow_link_flag, int inplace_flag) - { - char *src_canon; - int ret; -@@ -1843,26 +1847,25 @@ download_dir(struct sftp_conn *conn, con - - ret = download_dir_internal(conn, src_canon, dst, 0, - dirattrib, preserve_flag, print_flag, resume_flag, fsync_flag, -- follow_link_flag); -+ follow_link_flag, inplace_flag); - free(src_canon); - return ret; - } - - int - do_upload(struct sftp_conn *conn, const char *local_path, -- const char *remote_path, int preserve_flag, int resume, int fsync_flag) -+ const char *remote_path, int preserve_flag, int resume, -+ int fsync_flag, int inplace_flag) - { - int r, local_fd; -- u_int status = SSH2_FX_OK; -- u_int id; -- u_char type; -+ u_int openmode, id, status = SSH2_FX_OK, reordered = 0; - off_t offset, progress_counter; -- u_char *handle, *data; -+ u_char type, *handle, *data; - struct sshbuf *msg; - struct stat sb; -- Attrib a, *c = NULL; -- u_int32_t startid; -- u_int32_t ackid; -+ Attrib a, t, *c = NULL; -+ u_int32_t startid, ackid; -+ u_int64_t highwater = 0; - struct request *ack = NULL; - struct requests acks; - size_t handle_len; -@@ -1913,10 +1916,15 @@ do_upload(struct sftp_conn *conn, const - } - } - -+ openmode = SSH2_FXF_WRITE|SSH2_FXF_CREAT; -+ if (resume) -+ openmode |= SSH2_FXF_APPEND; -+ else if (!inplace_flag) -+ openmode |= SSH2_FXF_TRUNC; -+ - /* Send open request */ -- if (send_open(conn, remote_path, "dest", SSH2_FXF_WRITE|SSH2_FXF_CREAT| -- (resume ? SSH2_FXF_APPEND : SSH2_FXF_TRUNC), -- &a, &handle, &handle_len) != 0) { -+ if (send_open(conn, remote_path, "dest", openmode, &a, -+ &handle, &handle_len) != 0) { - close(local_fd); - return -1; - } -@@ -1999,6 +2007,12 @@ do_upload(struct sftp_conn *conn, const - ack->id, ack->len, (unsigned long long)ack->offset); - ++ackid; - progress_counter += ack->len; -+ if (!reordered && ack->offset <= highwater) -+ highwater = ack->offset + ack->len; -+ else if (!reordered && ack->offset > highwater) { -+ debug3_f("server reordered ACKs"); -+ reordered = 1; -+ } - free(ack); - } - offset += len; -@@ -2017,6 +2031,14 @@ do_upload(struct sftp_conn *conn, const - status = SSH2_FX_FAILURE; - } - -+ if (inplace_flag || (resume && (status != SSH2_FX_OK || interrupted))) { -+ debug("truncating at %llu", (unsigned long long)highwater); -+ attrib_clear(&t); -+ t.flags = SSH2_FILEXFER_ATTR_SIZE; -+ t.size = highwater; -+ do_fsetstat(conn, handle, handle_len, &t); -+ } -+ - if (close(local_fd) == -1) { - error("close local \"%s\": %s", local_path, strerror(errno)); - status = SSH2_FX_FAILURE; -@@ -2041,7 +2063,7 @@ do_upload(struct sftp_conn *conn, const - static int - upload_dir_internal(struct sftp_conn *conn, const char *src, const char *dst, - int depth, int preserve_flag, int print_flag, int resume, int fsync_flag, -- int follow_link_flag) -+ int follow_link_flag, int inplace_flag) - { - int ret = 0; - DIR *dirp; -@@ -2119,12 +2141,13 @@ upload_dir_internal(struct sftp_conn *co - - if (upload_dir_internal(conn, new_src, new_dst, - depth + 1, preserve_flag, print_flag, resume, -- fsync_flag, follow_link_flag) == -1) -+ fsync_flag, follow_link_flag, inplace_flag) == -1) - ret = -1; - } else if (S_ISREG(sb.st_mode) || - (follow_link_flag && S_ISLNK(sb.st_mode))) { - if (do_upload(conn, new_src, new_dst, -- preserve_flag, resume, fsync_flag) == -1) { -+ preserve_flag, resume, fsync_flag, -+ inplace_flag) == -1) { - error("upload \"%s\" to \"%s\" failed", - new_src, new_dst); - ret = -1; -@@ -2144,7 +2167,7 @@ upload_dir_internal(struct sftp_conn *co - int - upload_dir(struct sftp_conn *conn, const char *src, const char *dst, - int preserve_flag, int print_flag, int resume, int fsync_flag, -- int follow_link_flag, int create_dir) -+ int follow_link_flag, int create_dir, int inplace_flag) - { - char *dst_canon; - int ret; -@@ -2155,7 +2178,7 @@ upload_dir(struct sftp_conn *conn, const - } - - ret = upload_dir_internal(conn, src, dst_canon, 0, preserve_flag, -- print_flag, resume, fsync_flag, follow_link_flag); -+ print_flag, resume, fsync_flag, follow_link_flag, inplace_flag); - - free(dst_canon); - return ret; -diff --color -rup a/sftp-client.h b/sftp-client.h ---- a/sftp-client.h 2022-07-26 14:51:40.561120836 +0200 -+++ b/sftp-client.h 2022-07-26 14:52:37.120213042 +0200 -@@ -138,28 +138,29 @@ int do_fsync(struct sftp_conn *conn, u_c - * Download 'remote_path' to 'local_path'. Preserve permissions and times - * if 'pflag' is set - */ --int do_download(struct sftp_conn *, const char *, const char *, -- Attrib *, int, int, int); -+int do_download(struct sftp_conn *, const char *, const char *, Attrib *, -+ int, int, int, int); - - /* - * Recursively download 'remote_directory' to 'local_directory'. Preserve - * times if 'pflag' is set - */ --int download_dir(struct sftp_conn *, const char *, const char *, -- Attrib *, int, int, int, int, int); -+int download_dir(struct sftp_conn *, const char *, const char *, Attrib *, -+ int, int, int, int, int, int); - - /* - * Upload 'local_path' to 'remote_path'. Preserve permissions and times - * if 'pflag' is set - */ --int do_upload(struct sftp_conn *, const char *, const char *, int, int, int); -+int do_upload(struct sftp_conn *, const char *, const char *, -+ int, int, int, int); - - /* - * Recursively upload 'local_directory' to 'remote_directory'. Preserve - * times if 'pflag' is set - */ --int upload_dir(struct sftp_conn *, const char *, const char *, int, int, int, -- int, int, int); -+int upload_dir(struct sftp_conn *, const char *, const char *, -+ int, int, int, int, int, int, int); - - /* - * Download a 'from_path' from the 'from' connection and upload it to diff --git a/openssh-8.7p1-scp-kill-switch.patch b/openssh-8.7p1-scp-kill-switch.patch index 6710304..161ab2d 100644 --- a/openssh-8.7p1-scp-kill-switch.patch +++ b/openssh-8.7p1-scp-kill-switch.patch @@ -13,8 +13,8 @@ diff -up openssh-8.7p1/scp.1.kill-scp openssh-8.7p1/scp.1 --- openssh-8.7p1/scp.1.kill-scp 2021-09-16 12:09:02.646714578 +0200 +++ openssh-8.7p1/scp.1 2021-09-16 12:26:49.978628226 +0200 @@ -278,6 +278,13 @@ to print debugging messages about their - This is helpful in - debugging connection, authentication, and configuration problems. + By default a 32KB buffer is used. + .El .El +.Pp +Usage of SCP protocol can be blocked by creating a world-readable diff --git a/openssh-8.7p1-ssh-manpage.patch b/openssh-8.7p1-ssh-manpage.patch index 04e4c06..c7f6f1e 100644 --- a/openssh-8.7p1-ssh-manpage.patch +++ b/openssh-8.7p1-ssh-manpage.patch @@ -14,9 +14,9 @@ diff --color -ru a/ssh.1 b/ssh.1 .It ControlPersist .It DynamicForward +.It EnableSSHKeysign + .It EnableEscapeCommandline .It EscapeChar .It ExitOnForwardFailure - .It FingerprintHash @@ -538,6 +540,8 @@ .It IdentitiesOnly .It IdentityAgent diff --git a/openssh-9.0p1-evp-fips-dh.patch b/openssh-9.0p1-evp-fips-dh.patch index 7494245..d0470d9 100644 --- a/openssh-9.0p1-evp-fips-dh.patch +++ b/openssh-9.0p1-evp-fips-dh.patch @@ -1,7 +1,7 @@ -diff --color -ru -x regress -x autom4te.cache -x '*.o' -x '*.lo' -x Makefile -x config.status -x configure~ -x configure.ac ../../openssh-8.7p1/dh.c ./dh.c ---- ../../openssh-8.7p1/dh.c 2023-03-01 14:26:52.504445780 +0100 -+++ ./dh.c 2023-03-01 14:20:09.823193384 +0100 -@@ -37,6 +37,9 @@ +diff --color -ru -x regress -x autom4te.cache -x '*.o' -x '*.lo' -x Makefile -x config.status -x configure~ -x configure.ac openssh-9.0p1/dh.c openssh-9.0p1-patched/dh.c +--- openssh-9.0p1/dh.c 2023-05-25 09:24:28.730868316 +0200 ++++ openssh-9.0p1-patched/dh.c 2023-05-25 09:23:44.841379532 +0200 +@@ -37,6 +37,9 @@ #include #include #include @@ -11,7 +11,7 @@ diff --color -ru -x regress -x autom4te.cache -x '*.o' -x '*.lo' -x Makefile -x #include "dh.h" #include "pathnames.h" -@@ -289,10 +292,15 @@ +@@ -290,10 +293,15 @@ int dh_gen_key(DH *dh, int need) { @@ -30,7 +30,7 @@ diff --color -ru -x regress -x autom4te.cache -x '*.o' -x '*.lo' -x Makefile -x if (need < 0 || dh_p == NULL || (pbits = BN_num_bits(dh_p)) <= 0 || -@@ -300,19 +308,85 @@ +@@ -301,19 +309,85 @@ return SSH_ERR_INVALID_ARGUMENT; if (need < 256) need = 256; @@ -125,10 +125,10 @@ diff --color -ru -x regress -x autom4te.cache -x '*.o' -x '*.lo' -x Makefile -x } DH * -diff --color -ru -x regress -x autom4te.cache -x '*.o' -x '*.lo' -x Makefile -x config.status -x configure~ -x configure.ac ../../openssh-8.7p1/kex.c ./kex.c ---- ../../openssh-8.7p1/kex.c 2023-03-01 14:26:52.508445832 +0100 -+++ ./kex.c 2023-02-28 14:09:27.164743771 +0100 -@@ -1602,3 +1602,47 @@ +diff --color -ru -x regress -x autom4te.cache -x '*.o' -x '*.lo' -x Makefile -x config.status -x configure~ -x configure.ac openssh-9.0p1/kex.c openssh-9.0p1-patched/kex.c +--- openssh-9.0p1/kex.c 2023-05-25 09:24:28.731868327 +0200 ++++ openssh-9.0p1-patched/kex.c 2023-05-25 09:23:44.841379532 +0200 +@@ -1623,3 +1623,47 @@ return r; } @@ -176,20 +176,21 @@ diff --color -ru -x regress -x autom4te.cache -x '*.o' -x '*.lo' -x Makefile -x + return r; +} +#endif /* WITH_OPENSSL */ -diff --color -ru -x regress -x autom4te.cache -x '*.o' -x '*.lo' -x Makefile -x config.status -x configure~ -x configure.ac ../../openssh-8.7p1/kexdh.c ./kexdh.c ---- ../../openssh-8.7p1/kexdh.c 2023-03-01 14:26:52.448445050 +0100 -+++ ./kexdh.c 2023-02-28 14:05:00.700902124 +0100 -@@ -35,6 +35,9 @@ +diff --color -ru -x regress -x autom4te.cache -x '*.o' -x '*.lo' -x Makefile -x config.status -x configure~ -x configure.ac openssh-9.0p1/kexdh.c openssh-9.0p1-patched/kexdh.c +--- openssh-9.0p1/kexdh.c 2023-05-25 09:24:28.674867692 +0200 ++++ openssh-9.0p1-patched/kexdh.c 2023-05-25 09:25:28.494533889 +0200 +@@ -35,6 +35,10 @@ #include "openbsd-compat/openssl-compat.h" #include ++#include +#include +#include +#include #include "sshkey.h" #include "kex.h" -@@ -83,6 +86,9 @@ +@@ -83,9 +87,12 @@ kex_dh_compute_key(struct kex *kex, BIGNUM *dh_pub, struct sshbuf *out) { BIGNUM *shared_secret = NULL; @@ -198,22 +199,35 @@ diff --color -ru -x regress -x autom4te.cache -x '*.o' -x '*.lo' -x Makefile -x + EVP_PKEY_CTX *ctx = NULL; u_char *kbuf = NULL; size_t klen = 0; - int kout, r; -@@ -106,18 +112,39 @@ - r = SSH_ERR_ALLOC_FAIL; +- int kout, r; ++ int kout, r = 0; + + #ifdef DEBUG_KEXDH + fprintf(stderr, "dh_pub= "); +@@ -100,24 +107,59 @@ + r = SSH_ERR_MESSAGE_INCOMPLETE; goto out; } -- if ((kout = DH_compute_key(kbuf, dh_pub, kex->dh)) < 0 || -- BN_bin2bn(kbuf, kout, shared_secret) == NULL) { +- klen = DH_size(kex->dh); + + DH_get0_key(kex->dh, &pub, &priv); + DH_get0_pqg(kex->dh, &p, &q, &g); + /* import key */ -+ kex_create_evp_dh(&pkey, p, q, g, pub, priv); ++ r = kex_create_evp_dh(&pkey, p, q, g, pub, priv); ++ if (r != 0) { ++ error_f("Could not create EVP_PKEY for dh"); ++ ERR_print_errors_fp(stderr); ++ goto out; ++ } + /* import peer key + * the parameters should be the same as with pkey + */ -+ kex_create_evp_dh(&dh_pkey, p, q, g, dh_pub, NULL); ++ r = kex_create_evp_dh(&dh_pkey, p, q, g, dh_pub, NULL); ++ if (r != 0) { ++ error_f("Could not import peer key for dh"); ++ ERR_print_errors_fp(stderr); ++ goto out; ++ } + + if ((ctx = EVP_PKEY_CTX_new_from_pkey(NULL, pkey, NULL)) == NULL) { + error_f("Could not init EVP_PKEY_CTX for dh"); @@ -222,7 +236,19 @@ diff --color -ru -x regress -x autom4te.cache -x '*.o' -x '*.lo' -x Makefile -x + } + if (EVP_PKEY_derive_init(ctx) != 1 || + EVP_PKEY_derive_set_peer(ctx, dh_pkey) != 1 || -+ EVP_PKEY_derive(ctx, kbuf, &klen) != 1 || ++ EVP_PKEY_derive(ctx, NULL, &klen) != 1) { ++ error_f("Could not get key size"); ++ r = SSH_ERR_LIBCRYPTO_ERROR; ++ goto out; ++ } + if ((kbuf = malloc(klen)) == NULL || + (shared_secret = BN_new()) == NULL) { + r = SSH_ERR_ALLOC_FAIL; + goto out; + } +- if ((kout = DH_compute_key(kbuf, dh_pub, kex->dh)) < 0 || +- BN_bin2bn(kbuf, kout, shared_secret) == NULL) { ++ if (EVP_PKEY_derive(ctx, kbuf, &klen) != 1 || + BN_bin2bn(kbuf, klen, shared_secret) == NULL) { + error_f("Could not derive key"); r = SSH_ERR_LIBCRYPTO_ERROR; @@ -242,9 +268,9 @@ diff --color -ru -x regress -x autom4te.cache -x '*.o' -x '*.lo' -x Makefile -x return r; } -diff --color -ru -x regress -x autom4te.cache -x '*.o' -x '*.lo' -x Makefile -x config.status -x configure~ -x configure.ac ../../openssh-8.7p1/kex.h ./kex.h ---- ../../openssh-8.7p1/kex.h 2023-03-01 14:26:52.508445832 +0100 -+++ ./kex.h 2023-02-28 13:16:49.811047554 +0100 +diff --color -ru -x regress -x autom4te.cache -x '*.o' -x '*.lo' -x Makefile -x config.status -x configure~ -x configure.ac openssh-9.0p1/kex.h openssh-9.0p1-patched/kex.h +--- openssh-9.0p1/kex.h 2023-05-25 09:24:28.725868260 +0200 ++++ openssh-9.0p1-patched/kex.h 2023-05-25 09:23:44.841379532 +0200 @@ -33,6 +33,9 @@ # include # include @@ -255,7 +281,7 @@ diff --color -ru -x regress -x autom4te.cache -x '*.o' -x '*.lo' -x Makefile -x # ifdef OPENSSL_HAS_ECC # include # else /* OPENSSL_HAS_ECC */ -@@ -278,6 +281,8 @@ +@@ -283,6 +286,8 @@ const u_char pub[CURVE25519_SIZE], struct sshbuf *out, int) __attribute__((__bounded__(__minbytes__, 1, CURVE25519_SIZE))) __attribute__((__bounded__(__minbytes__, 2, CURVE25519_SIZE))); diff --git a/openssh-9.0p1-evp-fips-sign.patch b/openssh-9.0p1-evp-fips-sign.patch index fc71678..40cc374 100644 --- a/openssh-9.0p1-evp-fips-sign.patch +++ b/openssh-9.0p1-evp-fips-sign.patch @@ -1,6 +1,6 @@ -diff --color -ru -x regress -x autom4te.cache -x '*.o' -x '*.lo' -x Makefile -x config.status -x configure~ -x configure.ac ../../openssh-8.7p1/ssh-dss.c ./ssh-dss.c ---- ../../openssh-8.7p1/ssh-dss.c 2023-03-08 15:35:14.669943335 +0100 -+++ ./ssh-dss.c 2023-03-08 15:34:33.508578129 +0100 +diff -up openssh-9.3p1/ssh-dss.c.evp-fips-sign openssh-9.3p1/ssh-dss.c +--- openssh-9.3p1/ssh-dss.c.evp-fips-sign 2023-04-27 16:46:17.115809116 +0200 ++++ openssh-9.3p1/ssh-dss.c 2023-04-27 17:07:40.117253665 +0200 @@ -32,6 +32,8 @@ #include #include @@ -10,7 +10,7 @@ diff --color -ru -x regress -x autom4te.cache -x '*.o' -x '*.lo' -x Makefile -x #include #include -@@ -72,9 +74,8 @@ +@@ -281,9 +283,8 @@ ssh_dss_sign(struct sshkey *key, sshkey_type_plain(key->type) != KEY_DSA) return SSH_ERR_INVALID_ARGUMENT; @@ -22,7 +22,7 @@ diff --color -ru -x regress -x autom4te.cache -x '*.o' -x '*.lo' -x Makefile -x ret = sshkey_calculate_signature(pkey, SSH_DIGEST_SHA1, &sigb, &len, data, datalen); EVP_PKEY_free(pkey); -@@ -201,11 +202,8 @@ +@@ -411,11 +412,8 @@ ssh_dss_verify(const struct sshkey *key, goto out; } @@ -32,14 +32,13 @@ diff --color -ru -x regress -x autom4te.cache -x '*.o' -x '*.lo' -x Makefile -x + if ((ret = ssh_create_evp_dss(key, &pkey)) != 0) goto out; - } - ret = sshkey_verify_signature(pkey, SSH_DIGEST_SHA1, data, datalen, + ret = sshkey_verify_signature(pkey, SSH_DIGEST_SHA1, data, dlen, sigb, slen); EVP_PKEY_free(pkey); -@@ -221,4 +219,63 @@ - freezero(sigblob, len); +@@ -432,6 +430,65 @@ ssh_dss_verify(const struct sshkey *key, return ret; } -+ + +int +ssh_create_evp_dss(const struct sshkey *k, EVP_PKEY **pkey) +{ @@ -98,10 +97,13 @@ diff --color -ru -x regress -x autom4te.cache -x '*.o' -x '*.lo' -x Makefile -x + EVP_PKEY_CTX_free(ctx); + return ret; +} - #endif /* WITH_OPENSSL */ -diff --color -ru -x regress -x autom4te.cache -x '*.o' -x '*.lo' -x Makefile -x config.status -x configure~ -x configure.ac ../../openssh-8.7p1/ssh-ecdsa.c ./ssh-ecdsa.c ---- ../../openssh-8.7p1/ssh-ecdsa.c 2023-03-08 15:35:14.669943335 +0100 -+++ ./ssh-ecdsa.c 2023-03-08 15:40:52.628201267 +0100 ++ + static const struct sshkey_impl_funcs sshkey_dss_funcs = { + /* .size = */ ssh_dss_size, + /* .alloc = */ ssh_dss_alloc, +diff -up openssh-9.3p1/ssh-ecdsa.c.evp-fips-sign openssh-9.3p1/ssh-ecdsa.c +--- openssh-9.3p1/ssh-ecdsa.c.evp-fips-sign 2023-04-27 16:46:17.127809401 +0200 ++++ openssh-9.3p1/ssh-ecdsa.c 2023-04-27 17:08:28.557396513 +0200 @@ -34,6 +34,8 @@ #include #include @@ -111,7 +113,7 @@ diff --color -ru -x regress -x autom4te.cache -x '*.o' -x '*.lo' -x Makefile -x #include -@@ -72,9 +74,8 @@ +@@ -260,9 +262,8 @@ ssh_ecdsa_sign(struct sshkey *key, if ((hash_alg = sshkey_ec_nid_to_hash_alg(key->ecdsa_nid)) == -1) return SSH_ERR_INTERNAL_ERROR; @@ -121,9 +123,9 @@ diff --color -ru -x regress -x autom4te.cache -x '*.o' -x '*.lo' -x Makefile -x + if ((ret = ssh_create_evp_ec(key->ecdsa, key->ecdsa_nid, &pkey)) != 0) + return ret; ret = sshkey_calculate_signature(pkey, hash_alg, &sigb, &len, data, - datalen); + dlen); EVP_PKEY_free(pkey); -@@ -193,11 +194,8 @@ +@@ -381,11 +382,8 @@ ssh_ecdsa_verify(const struct sshkey *ke goto out; } @@ -133,10 +135,10 @@ diff --color -ru -x regress -x autom4te.cache -x '*.o' -x '*.lo' -x Makefile -x + if (ssh_create_evp_ec(key->ecdsa, key->ecdsa_nid, &pkey) != 0) goto out; - } - ret = sshkey_verify_signature(pkey, hash_alg, data, datalen, sigb, len); + ret = sshkey_verify_signature(pkey, hash_alg, data, dlen, sigb, len); EVP_PKEY_free(pkey); -@@ -212,4 +210,76 @@ +@@ -400,6 +398,79 @@ ssh_ecdsa_verify(const struct sshkey *ke return ret; } @@ -212,10 +214,13 @@ diff --color -ru -x regress -x autom4te.cache -x '*.o' -x '*.lo' -x Makefile -x + free(pub_ser); + return ret; +} - #endif /* WITH_OPENSSL && OPENSSL_HAS_ECC */ -diff --color -ru -x regress -x autom4te.cache -x '*.o' -x '*.lo' -x Makefile -x config.status -x configure~ -x configure.ac ../../openssh-8.7p1/sshkey.c ./sshkey.c ---- ../../openssh-8.7p1/sshkey.c 2023-03-08 15:35:14.702943628 +0100 -+++ ./sshkey.c 2023-03-08 15:39:03.354082015 +0100 ++ + /* NB. not static; used by ECDSA-SK */ + const struct sshkey_impl_funcs sshkey_ecdsa_funcs = { + /* .size = */ ssh_ecdsa_size, +diff -up openssh-9.3p1/sshkey.c.evp-fips-sign openssh-9.3p1/sshkey.c +--- openssh-9.3p1/sshkey.c.evp-fips-sign 2023-04-27 16:46:17.139809686 +0200 ++++ openssh-9.3p1/sshkey.c 2023-04-27 16:46:17.144809804 +0200 @@ -35,6 +35,8 @@ #include #include @@ -225,7 +230,7 @@ diff --color -ru -x regress -x autom4te.cache -x '*.o' -x '*.lo' -x Makefile -x #endif #include "crypto_api.h" -@@ -492,13 +494,14 @@ +@@ -527,13 +529,14 @@ sshkey_calculate_signature(EVP_PKEY *pke { EVP_MD_CTX *ctx = NULL; u_char *sig = NULL; @@ -242,7 +247,7 @@ diff --color -ru -x regress -x autom4te.cache -x '*.o' -x '*.lo' -x Makefile -x if (slen <= 0 || slen > SSHBUF_MAX_BIGNUM) return SSH_ERR_INVALID_ARGUMENT; -@@ -511,9 +514,10 @@ +@@ -546,9 +549,10 @@ sshkey_calculate_signature(EVP_PKEY *pke ret = SSH_ERR_ALLOC_FAIL; goto error; } @@ -256,7 +261,7 @@ diff --color -ru -x regress -x autom4te.cache -x '*.o' -x '*.lo' -x Makefile -x ret = SSH_ERR_LIBCRYPTO_ERROR; goto error; } -@@ -540,12 +544,13 @@ +@@ -575,12 +579,13 @@ sshkey_verify_signature(EVP_PKEY *pkey, if ((ctx = EVP_MD_CTX_new()) == NULL) { return SSH_ERR_ALLOC_FAIL; } @@ -273,7 +278,7 @@ diff --color -ru -x regress -x autom4te.cache -x '*.o' -x '*.lo' -x Makefile -x switch (ret) { case 1: ret = 0; -@@ -5038,3 +5043,27 @@ +@@ -3809,3 +3814,27 @@ sshkey_set_filename(struct sshkey *k, co return 0; } #endif /* WITH_XMSS */ @@ -301,9 +306,9 @@ diff --color -ru -x regress -x autom4te.cache -x '*.o' -x '*.lo' -x Makefile -x + return ret; +} +#endif /* WITH_OPENSSL */ -diff --color -ru -x regress -x autom4te.cache -x '*.o' -x '*.lo' -x Makefile -x config.status -x configure~ -x configure.ac ../../openssh-8.7p1/sshkey.h ./sshkey.h ---- ../../openssh-8.7p1/sshkey.h 2023-03-08 15:35:14.702943628 +0100 -+++ ./sshkey.h 2023-03-08 15:34:33.509578138 +0100 +diff -up openssh-9.3p1/sshkey.h.evp-fips-sign openssh-9.3p1/sshkey.h +--- openssh-9.3p1/sshkey.h.evp-fips-sign 2023-04-27 16:46:17.133809543 +0200 ++++ openssh-9.3p1/sshkey.h 2023-04-27 16:46:17.144809804 +0200 @@ -31,6 +31,9 @@ #ifdef WITH_OPENSSL #include @@ -314,7 +319,7 @@ diff --color -ru -x regress -x autom4te.cache -x '*.o' -x '*.lo' -x Makefile -x # ifdef OPENSSL_HAS_ECC # include # include -@@ -293,6 +295,13 @@ +@@ -328,6 +331,13 @@ int sshkey_private_serialize_maxsign(st void sshkey_sig_details_free(struct sshkey_sig_details *); @@ -326,21 +331,21 @@ diff --color -ru -x regress -x autom4te.cache -x '*.o' -x '*.lo' -x Makefile -x +#endif /* WITH_OPENSSL */ + #ifdef SSHKEY_INTERNAL - int ssh_rsa_sign(const struct sshkey *key, - u_char **sigp, size_t *lenp, const u_char *data, size_t datalen, -diff --color -ru -x regress -x autom4te.cache -x '*.o' -x '*.lo' -x Makefile -x config.status -x configure~ -x configure.ac ../../openssh-8.7p1/ssh-rsa.c ./ssh-rsa.c ---- ../../openssh-8.7p1/ssh-rsa.c 2023-03-08 15:35:14.669943335 +0100 -+++ ./ssh-rsa.c 2023-03-08 15:34:33.509578138 +0100 + int sshkey_sk_fields_equal(const struct sshkey *a, const struct sshkey *b); + void sshkey_sk_cleanup(struct sshkey *k); +diff -up openssh-9.3p1/ssh-rsa.c.evp-fips-sign openssh-9.3p1/ssh-rsa.c +--- openssh-9.3p1/ssh-rsa.c.evp-fips-sign 2023-04-27 16:46:17.139809686 +0200 ++++ openssh-9.3p1/ssh-rsa.c 2023-04-27 17:10:30.376270565 +0200 @@ -23,6 +23,8 @@ - #include #include + #include +#include +#include #include #include -@@ -172,9 +174,8 @@ +@@ -426,9 +428,8 @@ ssh_rsa_sign(struct sshkey *key, if (RSA_bits(key->rsa) < SSH_RSA_MINIMUM_MODULUS_SIZE) return SSH_ERR_KEY_LENGTH; @@ -352,7 +357,7 @@ diff --color -ru -x regress -x autom4te.cache -x '*.o' -x '*.lo' -x Makefile -x ret = sshkey_calculate_signature(pkey, hash_alg, &sig, &len, data, datalen); EVP_PKEY_free(pkey); -@@ -285,11 +286,8 @@ +@@ -540,11 +541,9 @@ ssh_rsa_verify(const struct sshkey *key, len = modlen; } @@ -362,10 +367,11 @@ diff --color -ru -x regress -x autom4te.cache -x '*.o' -x '*.lo' -x Makefile -x + if ((ret = ssh_create_evp_rsa(key, &pkey)) != 0) goto out; - } - ret = openssh_RSA_verify(hash_alg, data, datalen, sigblob, len, pkey); ++ + ret = openssh_RSA_verify(hash_alg, data, dlen, sigblob, len, pkey); EVP_PKEY_free(pkey); -@@ -306,11 +304,9 @@ +@@ -561,11 +560,9 @@ openssh_RSA_verify(int hash_alg, const u u_char *sigbuf, size_t siglen, EVP_PKEY *pkey) { size_t rsasize = 0; @@ -378,11 +384,10 @@ diff --color -ru -x regress -x autom4te.cache -x '*.o' -x '*.lo' -x Makefile -x if (rsasize <= 0 || rsasize > SSHBUF_MAX_BIGNUM || siglen == 0 || siglen > rsasize) { ret = SSH_ERR_INVALID_ARGUMENT; -@@ -323,4 +319,87 @@ - done: +@@ -579,6 +576,89 @@ done: return ret; } -+ + +int +ssh_create_evp_rsa(const struct sshkey *k, EVP_PKEY **pkey) +{ @@ -465,4 +470,7 @@ diff --color -ru -x regress -x autom4te.cache -x '*.o' -x '*.lo' -x Makefile -x + EVP_PKEY_CTX_free(ctx); + return ret; +} - #endif /* WITH_OPENSSL */ ++ + static const struct sshkey_impl_funcs sshkey_rsa_funcs = { + /* .size = */ ssh_rsa_size, + /* .alloc = */ ssh_rsa_alloc, diff --git a/openssh-9.0p1-evp-pkcs11.patch b/openssh-9.0p1-evp-pkcs11.patch new file mode 100644 index 0000000..325332d --- /dev/null +++ b/openssh-9.0p1-evp-pkcs11.patch @@ -0,0 +1,145 @@ +diff --color -ru -x regress -x autom4te.cache -x '*.o' -x '*.lo' -x Makefile -x config.status -x configure~ -x configure.ac openssh-9.0p1/ssh-ecdsa.c openssh-9.0p1-patched/ssh-ecdsa.c +--- openssh-9.0p1/ssh-ecdsa.c 2023-05-24 08:54:03.926443958 +0200 ++++ openssh-9.0p1-patched/ssh-ecdsa.c 2023-05-24 09:46:19.082925921 +0200 +@@ -74,8 +74,18 @@ + if ((hash_alg = sshkey_ec_nid_to_hash_alg(key->ecdsa_nid)) == -1) + return SSH_ERR_INTERNAL_ERROR; + +- if ((ret = ssh_create_evp_ec(key->ecdsa, key->ecdsa_nid, &pkey)) != 0) +- return ret; ++#ifdef ENABLE_PKCS11 ++ if (is_ecdsa_pkcs11(key->ecdsa)) { ++ if ((pkey = EVP_PKEY_new()) == NULL || ++ EVP_PKEY_set1_EC_KEY(pkey, key->ecdsa) != 1) ++ return SSH_ERR_ALLOC_FAIL; ++ } else { ++#endif ++ if ((ret = ssh_create_evp_ec(key->ecdsa, key->ecdsa_nid, &pkey)) != 0) ++ return ret; ++#ifdef ENABLE_PKCS11 ++ } ++#endif + ret = sshkey_calculate_signature(pkey, hash_alg, &sigb, &len, data, + dlen); + EVP_PKEY_free(pkey); +diff --color -ru -x regress -x autom4te.cache -x '*.o' -x '*.lo' -x Makefile -x config.status -x configure~ -x configure.ac openssh-9.0p1/sshkey.h openssh-9.0p1-patched/sshkey.h +--- openssh-9.0p1/sshkey.h 2023-05-24 08:54:03.926443958 +0200 ++++ openssh-9.0p1-patched/sshkey.h 2023-05-24 08:57:22.930642788 +0200 +@@ -340,6 +340,10 @@ + #endif + #endif + ++#ifdef ENABLE_PKCS11 ++int pkcs11_get_ecdsa_idx(void); ++#endif ++ + #if !defined(WITH_OPENSSL) + # undef RSA + # undef DSA +diff --color -ru -x regress -x autom4te.cache -x '*.o' -x '*.lo' -x Makefile -x config.status -x configure~ -x configure.ac openssh-9.0p1/ssh-pkcs11.c openssh-9.0p1-patched/ssh-pkcs11.c +--- openssh-9.0p1/ssh-pkcs11.c 2023-05-24 08:54:03.888443542 +0200 ++++ openssh-9.0p1-patched/ssh-pkcs11.c 2023-05-24 09:48:13.101168512 +0200 +@@ -776,8 +776,24 @@ + + return (0); + } ++ ++int ++is_ecdsa_pkcs11(EC_KEY *ecdsa) ++{ ++ if (EC_KEY_get_ex_data(ecdsa, ec_key_idx) != NULL) ++ return 1; ++ return 0; ++} + #endif /* OPENSSL_HAS_ECC && HAVE_EC_KEY_METHOD_NEW */ + ++int ++is_rsa_pkcs11(RSA *rsa) ++{ ++ if (RSA_get_ex_data(rsa, rsa_idx) != NULL) ++ return 1; ++ return 0; ++} ++ + /* remove trailing spaces */ + static void + rmspace(u_char *buf, size_t len) +diff --color -ru -x regress -x autom4te.cache -x '*.o' -x '*.lo' -x Makefile -x config.status -x configure~ -x configure.ac openssh-9.0p1/ssh-pkcs11-client.c openssh-9.0p1-patched/ssh-pkcs11-client.c +--- openssh-9.0p1/ssh-pkcs11-client.c 2023-05-24 08:54:03.887443531 +0200 ++++ openssh-9.0p1-patched/ssh-pkcs11-client.c 2023-05-24 09:49:41.741134514 +0200 +@@ -225,8 +225,36 @@ + static RSA_METHOD *helper_rsa; + #if defined(OPENSSL_HAS_ECC) && defined(HAVE_EC_KEY_METHOD_NEW) + static EC_KEY_METHOD *helper_ecdsa; ++ ++int ++is_ecdsa_pkcs11(EC_KEY *ecdsa) ++{ ++ const EC_KEY_METHOD *meth; ++ ECDSA_SIG *(*sign_sig)(const unsigned char *dgst, int dgstlen, ++ const BIGNUM *kinv, const BIGNUM *rp, EC_KEY *eckey) = NULL; ++ ++ meth = EC_KEY_get_method(ecdsa); ++ EC_KEY_METHOD_get_sign(meth, NULL, NULL, &sign_sig); ++ if (sign_sig == ecdsa_do_sign) ++ return 1; ++ return 0; ++} + #endif /* OPENSSL_HAS_ECC && HAVE_EC_KEY_METHOD_NEW */ + ++int ++is_rsa_pkcs11(RSA *rsa) ++{ ++ const RSA_METHOD *meth; ++ int (*priv_enc)(int flen, const unsigned char *from, ++ unsigned char *to, RSA *rsa, int padding) = NULL; ++ ++ meth = RSA_get_method(rsa); ++ priv_enc = RSA_meth_get_priv_enc(meth); ++ if (priv_enc == rsa_encrypt) ++ return 1; ++ return 0; ++} ++ + /* redirect private key crypto operations to the ssh-pkcs11-helper */ + static void + wrap_key(struct sshkey *k) +diff --color -ru -x regress -x autom4te.cache -x '*.o' -x '*.lo' -x Makefile -x config.status -x configure~ -x configure.ac openssh-9.0p1/ssh-pkcs11.h openssh-9.0p1-patched/ssh-pkcs11.h +--- openssh-9.0p1/ssh-pkcs11.h 2023-05-24 08:54:03.888443542 +0200 ++++ openssh-9.0p1-patched/ssh-pkcs11.h 2023-05-24 09:50:03.981376886 +0200 +@@ -39,6 +39,11 @@ + u_int32_t *); + #endif + ++#ifdef HAVE_EC_KEY_METHOD_NEW ++int is_ecdsa_pkcs11(EC_KEY *ecdsa); ++#endif ++int is_rsa_pkcs11(RSA *rsa); ++ + #if !defined(WITH_OPENSSL) && defined(ENABLE_PKCS11) + #undef ENABLE_PKCS11 + #endif +diff --color -ru -x regress -x autom4te.cache -x '*.o' -x '*.lo' -x Makefile -x config.status -x configure~ -x configure.ac openssh-9.0p1/ssh-rsa.c openssh-9.0p1-patched/ssh-rsa.c +--- openssh-9.0p1/ssh-rsa.c 2023-05-24 08:54:03.927443969 +0200 ++++ openssh-9.0p1-patched/ssh-rsa.c 2023-05-24 09:51:50.358536178 +0200 +@@ -174,8 +174,18 @@ + if (RSA_bits(key->rsa) < SSH_RSA_MINIMUM_MODULUS_SIZE) + return SSH_ERR_KEY_LENGTH; + +- if ((ret = ssh_create_evp_rsa(key, &pkey)) != 0) +- return ret; ++#ifdef ENABLE_PKCS11 ++ if (is_rsa_pkcs11(key->rsa)) { ++ if ((pkey = EVP_PKEY_new()) == NULL || ++ EVP_PKEY_set1_RSA(pkey, key->rsa) != 1) ++ return SSH_ERR_ALLOC_FAIL; ++ } else { ++#endif ++ if ((ret = ssh_create_evp_rsa(key, &pkey)) != 0) ++ return ret; ++#ifdef ENABLE_PKCS11 ++ } ++#endif + ret = sshkey_calculate_signature(pkey, hash_alg, &sig, &len, data, + datalen); + EVP_PKEY_free(pkey); diff --git a/openssh-9.0p1-man-hostkeyalgos.patch b/openssh-9.0p1-man-hostkeyalgos.patch new file mode 100644 index 0000000..2b16c2b --- /dev/null +++ b/openssh-9.0p1-man-hostkeyalgos.patch @@ -0,0 +1,16 @@ +diff --color -ru -x regress -x autom4te.cache -x '*.o' -x '*.lo' -x Makefile -x config.status -x configure~ -x configure.ac openssh-8.7p1/ssh_config.5 openssh-8.7p1-patched/ssh_config.5 +--- openssh-8.7p1/ssh_config.5 2023-05-29 13:41:19.731835097 +0200 ++++ openssh-8.7p1-patched/ssh_config.5 2023-05-29 13:40:58.806604144 +0200 +@@ -989,6 +989,12 @@ + .Pp + The list of available signature algorithms may also be obtained using + .Qq ssh -Q HostKeyAlgorithms . ++.Pp ++.Xr crypto_policies 7 does not handle the list of algorithms as doing so ++would break the order given by the ++.Pa known_hosts ++file. Therefore the list is filtered by ++.Cm PubkeyAcceptedAlgorithms. + .It Cm HostKeyAlias + Specifies an alias that should be used instead of the + real host name when looking up or saving the host key diff --git a/openssh-9.0p1-gsissh.patch b/openssh-9.3p1-gsissh.patch similarity index 88% rename from openssh-9.0p1-gsissh.patch rename to openssh-9.3p1-gsissh.patch index 0e848a9..acf160d 100644 --- a/openssh-9.0p1-gsissh.patch +++ b/openssh-9.3p1-gsissh.patch @@ -1,7 +1,7 @@ -diff -Nur openssh-9.0p1.orig/auth2.c openssh-9.0p1/auth2.c ---- openssh-9.0p1.orig/auth2.c 2022-08-30 19:32:35.491051041 +0200 -+++ openssh-9.0p1/auth2.c 2022-08-30 19:41:39.812458921 +0200 -@@ -278,7 +278,28 @@ +diff -Nur openssh-9.3p1.orig/auth2.c openssh-9.3p1/auth2.c +--- openssh-9.3p1.orig/auth2.c 2023-06-26 17:34:46.576956191 +0200 ++++ openssh-9.3p1/auth2.c 2023-06-26 17:36:05.807175554 +0200 +@@ -275,7 +275,28 @@ (r = sshpkt_get_cstring(ssh, &service, NULL)) != 0 || (r = sshpkt_get_cstring(ssh, &method, NULL)) != 0) goto out; @@ -31,7 +31,7 @@ diff -Nur openssh-9.0p1.orig/auth2.c openssh-9.0p1/auth2.c debug("attempt %d failures %d", authctxt->attempt, authctxt->failures); #ifdef WITH_SELINUX -@@ -291,11 +312,33 @@ +@@ -288,11 +309,33 @@ if (authctxt->attempt >= 1024) auth_maxtries_exceeded(ssh); @@ -69,7 +69,7 @@ diff -Nur openssh-9.0p1.orig/auth2.c openssh-9.0p1/auth2.c authctxt->valid = 1; debug2_f("setting up authctxt for %s", user); } else { -@@ -303,6 +346,9 @@ +@@ -300,6 +343,9 @@ /* Invalid user, fake password information */ authctxt->pw = fakepw(); } @@ -79,7 +79,7 @@ diff -Nur openssh-9.0p1.orig/auth2.c openssh-9.0p1/auth2.c #ifdef USE_PAM if (options.use_pam) PRIVSEP(start_pam(ssh)); -@@ -311,6 +357,7 @@ +@@ -308,6 +354,7 @@ authctxt->valid ? "authenticating " : "invalid ", user); setproctitle("%s%s", authctxt->valid ? user : "unknown", use_privsep ? " [net]" : ""); @@ -87,7 +87,7 @@ diff -Nur openssh-9.0p1.orig/auth2.c openssh-9.0p1/auth2.c authctxt->service = xstrdup(service); authctxt->style = style ? xstrdup(style) : NULL; #ifdef WITH_SELINUX -@@ -326,9 +373,10 @@ +@@ -323,9 +370,10 @@ if (auth2_setup_methods_lists(authctxt) != 0) ssh_packet_disconnect(ssh, "no authentication methods enabled"); @@ -101,9 +101,9 @@ diff -Nur openssh-9.0p1.orig/auth2.c openssh-9.0p1/auth2.c "not allowed: (%s,%s) -> (%s,%s)", authctxt->user, authctxt->service, user, service); } -diff -Nur openssh-9.0p1.orig/auth2-gss.c openssh-9.0p1/auth2-gss.c ---- openssh-9.0p1.orig/auth2-gss.c 2022-08-30 19:32:35.318050592 +0200 -+++ openssh-9.0p1/auth2-gss.c 2022-08-30 19:33:23.884176392 +0200 +diff -Nur openssh-9.3p1.orig/auth2-gss.c openssh-9.3p1/auth2-gss.c +--- openssh-9.3p1.orig/auth2-gss.c 2023-06-26 17:34:46.462955875 +0200 ++++ openssh-9.3p1/auth2-gss.c 2023-06-26 17:36:05.808175557 +0200 @@ -50,6 +50,7 @@ extern ServerOptions options; @@ -307,11 +307,11 @@ diff -Nur openssh-9.0p1.orig/auth2-gss.c openssh-9.0p1/auth2-gss.c + Authmethod method_gsskeyex = { "gssapi-keyex", - userauth_gsskeyex, -diff -Nur openssh-9.0p1.orig/auth.c openssh-9.0p1/auth.c ---- openssh-9.0p1.orig/auth.c 2022-08-30 19:32:35.492051043 +0200 -+++ openssh-9.0p1/auth.c 2022-08-30 19:33:23.884176392 +0200 -@@ -300,7 +300,8 @@ + NULL, +diff -Nur openssh-9.3p1.orig/auth.c openssh-9.3p1/auth.c +--- openssh-9.3p1.orig/auth.c 2023-06-26 17:34:46.577956193 +0200 ++++ openssh-9.3p1/auth.c 2023-06-26 17:36:05.808175557 +0200 +@@ -299,7 +299,8 @@ method, submethod != NULL ? "/" : "", submethod == NULL ? "" : submethod, authctxt->valid ? "" : "invalid user ", @@ -321,7 +321,7 @@ diff -Nur openssh-9.0p1.orig/auth.c openssh-9.0p1/auth.c ssh_remote_ipaddr(ssh), ssh_remote_port(ssh), extra != NULL ? ": " : "", -@@ -544,13 +545,18 @@ +@@ -487,13 +488,18 @@ #endif pw = getpwnam(user); @@ -341,10 +341,10 @@ diff -Nur openssh-9.0p1.orig/auth.c openssh-9.0p1/auth.c #ifdef CUSTOM_FAILED_LOGIN record_failed_login(ssh, user, auth_get_canonical_hostname(ssh, options.use_dns), "ssh"); -diff -Nur openssh-9.0p1.orig/auth.h openssh-9.0p1/auth.h ---- openssh-9.0p1.orig/auth.h 2022-08-30 19:32:35.493051046 +0200 -+++ openssh-9.0p1/auth.h 2022-08-30 19:33:23.885176394 +0200 -@@ -83,6 +83,8 @@ +diff -Nur openssh-9.3p1.orig/auth.h openssh-9.3p1/auth.h +--- openssh-9.3p1.orig/auth.h 2023-06-26 17:34:46.578956196 +0200 ++++ openssh-9.3p1/auth.h 2023-06-26 17:36:05.809175560 +0200 +@@ -85,6 +85,8 @@ krb5_principal krb5_user; char *krb5_ticket_file; char *krb5_ccname; @@ -353,18 +353,18 @@ diff -Nur openssh-9.0p1.orig/auth.h openssh-9.0p1/auth.h int krb5_set_env; #endif struct sshbuf *loginmsg; -diff -Nur openssh-9.0p1.orig/auth-pam.c openssh-9.0p1/auth-pam.c ---- openssh-9.0p1.orig/auth-pam.c 2022-08-30 19:32:35.455050947 +0200 -+++ openssh-9.0p1/auth-pam.c 2022-08-30 19:33:23.886176397 +0200 -@@ -253,6 +253,7 @@ +diff -Nur openssh-9.3p1.orig/auth-pam.c openssh-9.3p1/auth-pam.c +--- openssh-9.3p1.orig/auth-pam.c 2023-06-26 17:34:46.562956152 +0200 ++++ openssh-9.3p1/auth-pam.c 2023-06-26 17:45:46.130781404 +0200 +@@ -252,6 +252,7 @@ + static const char *sshpam_password = NULL; static char *sshpam_rhost = NULL; static char *sshpam_laddr = NULL; - static char *sshpam_conninfo = NULL; +static struct ssh *sshpam_ssh = NULL; /* Some PAM implementations don't implement this */ #ifndef HAVE_PAM_GETENVLIST -@@ -301,6 +302,56 @@ +@@ -300,6 +301,56 @@ # define pam_chauthtok(a,b) (sshpam_chauthtok_ruid((a), (b))) #endif @@ -421,7 +421,7 @@ diff -Nur openssh-9.0p1.orig/auth-pam.c openssh-9.0p1/auth-pam.c static void sshpam_password_change_required(int reqd) { -@@ -332,7 +383,7 @@ +@@ -331,7 +382,7 @@ static void import_environments(struct sshbuf *b) { @@ -430,7 +430,7 @@ diff -Nur openssh-9.0p1.orig/auth-pam.c openssh-9.0p1/auth-pam.c u_int n, i, num_env; int r; -@@ -348,6 +399,19 @@ +@@ -347,6 +398,19 @@ if ((r = sshbuf_get_u32(b, &n)) != 0) fatal("%s: buffer error: %s", __func__, ssh_err(r)); sshpam_password_change_required(n != 0); @@ -450,7 +450,7 @@ diff -Nur openssh-9.0p1.orig/auth-pam.c openssh-9.0p1/auth-pam.c /* Import environment from subprocess */ if ((r = sshbuf_get_u32(b, &num_env)) != 0) -@@ -522,6 +586,13 @@ +@@ -526,6 +590,13 @@ if (sshpam_err != PAM_SUCCESS) goto auth_fail; @@ -464,7 +464,7 @@ diff -Nur openssh-9.0p1.orig/auth-pam.c openssh-9.0p1/auth-pam.c if (!do_pam_account()) { /* Preserve PAM_PERM_DENIED and PAM_USER_UNKNOWN. * Backward compatibility for other errors. */ -@@ -546,6 +617,13 @@ +@@ -550,6 +621,13 @@ if ((r = sshbuf_put_u32(buffer, sshpam_account_status)) != 0 || (r = sshbuf_put_u32(buffer, sshpam_authctxt->force_pwchange)) != 0) fatal("%s: buffer error: %s", __func__, ssh_err(r)); @@ -478,16 +478,16 @@ diff -Nur openssh-9.0p1.orig/auth-pam.c openssh-9.0p1/auth-pam.c /* Export any environment strings set in child */ for (i = 0; environ[i] != NULL; i++) { -@@ -738,6 +816,8 @@ - xasprintf(&sshpam_conninfo, "SSH_CONNECTION=%.50s %d %.50s %d", - ssh_remote_ipaddr(ssh), ssh_remote_port(ssh), - sshpam_laddr, ssh_local_port(ssh)); +@@ -740,6 +818,8 @@ + options.use_dns)); + sshpam_laddr = get_local_ipaddr( + ssh_packet_get_connection_in(ssh)); + /* Save so allowed_user can be called later */ + sshpam_ssh = ssh; } if (sshpam_rhost != NULL) { debug("PAM: setting PAM_RHOST to \"%s\"", sshpam_rhost); -@@ -1083,6 +1163,18 @@ +@@ -1094,6 +1174,18 @@ debug3("PAM: %s pam_acct_mgmt = %d (%s)", __func__, sshpam_err, pam_strerror(sshpam_handle, sshpam_err)); @@ -506,7 +506,7 @@ diff -Nur openssh-9.0p1.orig/auth-pam.c openssh-9.0p1/auth-pam.c if (sshpam_err != PAM_SUCCESS && sshpam_err != PAM_NEW_AUTHTOK_REQD) { sshpam_account_status = 0; return (sshpam_account_status); -@@ -1371,6 +1463,9 @@ +@@ -1382,6 +1474,9 @@ pam_strerror(sshpam_handle, sshpam_err)); sshpam_err = pam_authenticate(sshpam_handle, flags); @@ -516,9 +516,9 @@ diff -Nur openssh-9.0p1.orig/auth-pam.c openssh-9.0p1/auth-pam.c sshpam_password = NULL; free(fake); if (sshpam_err == PAM_MAXTRIES) -diff -Nur openssh-9.0p1.orig/auth-pam.h openssh-9.0p1/auth-pam.h ---- openssh-9.0p1.orig/auth-pam.h 2022-08-30 19:32:35.267050460 +0200 -+++ openssh-9.0p1/auth-pam.h 2022-08-30 19:33:23.886176397 +0200 +diff -Nur openssh-9.3p1.orig/auth-pam.h openssh-9.3p1/auth-pam.h +--- openssh-9.3p1.orig/auth-pam.h 2023-06-26 17:34:46.430955786 +0200 ++++ openssh-9.3p1/auth-pam.h 2023-06-26 17:36:05.812175568 +0200 @@ -43,5 +43,6 @@ int sshpam_get_maxtries_reached(void); void sshpam_set_maxtries_reached(int); @@ -526,9 +526,9 @@ diff -Nur openssh-9.0p1.orig/auth-pam.h openssh-9.0p1/auth-pam.h +struct passwd *sshpam_getpw(const char *); #endif /* USE_PAM */ -diff -Nur openssh-9.0p1.orig/canohost.c openssh-9.0p1/canohost.c ---- openssh-9.0p1.orig/canohost.c 2022-08-30 19:32:35.318050592 +0200 -+++ openssh-9.0p1/canohost.c 2022-08-30 19:33:23.887176400 +0200 +diff -Nur openssh-9.3p1.orig/canohost.c openssh-9.3p1/canohost.c +--- openssh-9.3p1.orig/canohost.c 2023-06-26 17:34:46.463955878 +0200 ++++ openssh-9.3p1/canohost.c 2023-06-26 17:36:05.812175568 +0200 @@ -17,6 +17,7 @@ #include #include @@ -537,7 +537,7 @@ diff -Nur openssh-9.0p1.orig/canohost.c openssh-9.0p1/canohost.c #include #include -@@ -295,3 +296,33 @@ +@@ -298,3 +299,33 @@ { return get_sock_port(sock, 1); } @@ -571,9 +571,9 @@ diff -Nur openssh-9.0p1.orig/canohost.c openssh-9.0p1/canohost.c + } + } +} -diff -Nur openssh-9.0p1.orig/canohost.h openssh-9.0p1/canohost.h ---- openssh-9.0p1.orig/canohost.h 2022-08-30 19:32:35.319050595 +0200 -+++ openssh-9.0p1/canohost.h 2022-08-30 19:33:23.887176400 +0200 +diff -Nur openssh-9.3p1.orig/canohost.h openssh-9.3p1/canohost.h +--- openssh-9.3p1.orig/canohost.h 2023-06-26 17:34:46.463955878 +0200 ++++ openssh-9.3p1/canohost.h 2023-06-26 17:36:05.813175570 +0200 @@ -26,4 +26,6 @@ #endif /* _CANOHOST_H */ @@ -581,10 +581,10 @@ diff -Nur openssh-9.0p1.orig/canohost.h openssh-9.0p1/canohost.h +void resolve_localhost(char **host); + void ipv64_normalise_mapped(struct sockaddr_storage *, socklen_t *); -diff -Nur openssh-9.0p1.orig/configure.ac openssh-9.0p1/configure.ac ---- openssh-9.0p1.orig/configure.ac 2022-08-30 19:32:35.442050914 +0200 -+++ openssh-9.0p1/configure.ac 2022-08-30 19:33:23.889176405 +0200 -@@ -4832,6 +4832,14 @@ +diff -Nur openssh-9.3p1.orig/configure.ac openssh-9.3p1/configure.ac +--- openssh-9.3p1.orig/configure.ac 2023-06-26 17:34:46.553956127 +0200 ++++ openssh-9.3p1/configure.ac 2023-06-26 17:36:05.814175573 +0200 +@@ -4858,6 +4858,14 @@ AC_CHECK_HEADER([gssapi_krb5.h], , [ CPPFLAGS="$oldCPP" ]) @@ -599,9 +599,9 @@ diff -Nur openssh-9.0p1.orig/configure.ac openssh-9.0p1/configure.ac fi fi if test -n "${rpath_opt}" ; then -@@ -4872,6 +4880,40 @@ - AC_SUBST([GSSLIBS]) +@@ -4899,6 +4907,40 @@ AC_SUBST([K5LIBS]) + AC_SUBST([CHANNELLIBS]) +# Check whether the user wants GSI (Globus) support +gsi="no" @@ -640,9 +640,9 @@ diff -Nur openssh-9.0p1.orig/configure.ac openssh-9.0p1/configure.ac # Check whether user wants systemd support SYSTEMD_MSG="no" AC_ARG_WITH(systemd, -diff -Nur openssh-9.0p1.orig/gss-genr.c openssh-9.0p1/gss-genr.c ---- openssh-9.0p1.orig/gss-genr.c 2022-08-30 19:32:35.547051186 +0200 -+++ openssh-9.0p1/gss-genr.c 2022-08-30 19:33:23.890176408 +0200 +diff -Nur openssh-9.3p1.orig/gss-genr.c openssh-9.3p1/gss-genr.c +--- openssh-9.3p1.orig/gss-genr.c 2023-06-26 17:34:46.623956321 +0200 ++++ openssh-9.3p1/gss-genr.c 2023-06-26 17:36:05.815175576 +0200 @@ -41,6 +41,7 @@ #include "ssherr.h" #include "sshbuf.h" @@ -679,9 +679,9 @@ diff -Nur openssh-9.0p1.orig/gss-genr.c openssh-9.0p1/gss-genr.c free(gssbuf.value); return (ctx->major); } -diff -Nur openssh-9.0p1.orig/gss-serv.c openssh-9.0p1/gss-serv.c ---- openssh-9.0p1.orig/gss-serv.c 2022-08-30 19:32:35.345050662 +0200 -+++ openssh-9.0p1/gss-serv.c 2022-08-30 19:33:23.891176410 +0200 +diff -Nur openssh-9.3p1.orig/gss-serv.c openssh-9.3p1/gss-serv.c +--- openssh-9.3p1.orig/gss-serv.c 2023-06-26 17:34:46.483955933 +0200 ++++ openssh-9.3p1/gss-serv.c 2023-06-26 17:36:05.816175578 +0200 @@ -50,10 +50,12 @@ #include "monitor_wrap.h" @@ -962,9 +962,9 @@ diff -Nur openssh-9.0p1.orig/gss-serv.c openssh-9.0p1/gss-serv.c xasprintf(&envstr, "%s=%s", gssapi_client.store.envvar, gssapi_client.store.envval); -diff -Nur openssh-9.0p1.orig/gss-serv-gsi.c openssh-9.0p1/gss-serv-gsi.c ---- openssh-9.0p1.orig/gss-serv-gsi.c 1970-01-01 01:00:00.000000000 +0100 -+++ openssh-9.0p1/gss-serv-gsi.c 2022-08-30 19:33:23.891176410 +0200 +diff -Nur openssh-9.3p1.orig/gss-serv-gsi.c openssh-9.3p1/gss-serv-gsi.c +--- openssh-9.3p1.orig/gss-serv-gsi.c 1970-01-01 01:00:00.000000000 +0100 ++++ openssh-9.3p1/gss-serv-gsi.c 2023-06-26 17:36:05.816175578 +0200 @@ -0,0 +1,328 @@ +/* + * Copyright (c) 2001-2003 Simon Wilkinson. All rights reserved. @@ -1294,9 +1294,9 @@ diff -Nur openssh-9.0p1.orig/gss-serv-gsi.c openssh-9.0p1/gss-serv-gsi.c + +#endif /* GSI */ +#endif /* GSSAPI */ -diff -Nur openssh-9.0p1.orig/gss-serv-krb5.c openssh-9.0p1/gss-serv-krb5.c ---- openssh-9.0p1.orig/gss-serv-krb5.c 2022-08-30 19:32:35.377050745 +0200 -+++ openssh-9.0p1/gss-serv-krb5.c 2022-08-30 19:33:23.892176413 +0200 +diff -Nur openssh-9.3p1.orig/gss-serv-krb5.c openssh-9.3p1/gss-serv-krb5.c +--- openssh-9.3p1.orig/gss-serv-krb5.c 2023-06-26 17:34:46.506955997 +0200 ++++ openssh-9.3p1/gss-serv-krb5.c 2023-06-26 17:36:05.817175581 +0200 @@ -379,6 +379,34 @@ return found_principal; } @@ -1350,9 +1350,9 @@ diff -Nur openssh-9.0p1.orig/gss-serv-krb5.c openssh-9.0p1/gss-serv-krb5.c &ssh_gssapi_krb5_storecreds, &ssh_gssapi_krb5_updatecreds }; -diff -Nur openssh-9.0p1.orig/kexgsss.c openssh-9.0p1/kexgsss.c ---- openssh-9.0p1.orig/kexgsss.c 2022-08-30 19:32:35.566051235 +0200 -+++ openssh-9.0p1/kexgsss.c 2022-08-30 19:33:23.892176413 +0200 +diff -Nur openssh-9.3p1.orig/kexgsss.c openssh-9.3p1/kexgsss.c +--- openssh-9.3p1.orig/kexgsss.c 2023-06-26 17:34:46.634956351 +0200 ++++ openssh-9.3p1/kexgsss.c 2023-06-26 17:36:05.817175581 +0200 @@ -48,6 +48,7 @@ #include "digest.h" #include "ssherr.h" @@ -1416,20 +1416,20 @@ diff -Nur openssh-9.0p1.orig/kexgsss.c openssh-9.0p1/kexgsss.c + } +} #endif /* defined(GSSAPI) && defined(WITH_OPENSSL) */ -diff -Nur openssh-9.0p1.orig/Makefile.in openssh-9.0p1/Makefile.in ---- openssh-9.0p1.orig/Makefile.in 2022-08-30 19:32:35.496051054 +0200 -+++ openssh-9.0p1/Makefile.in 2022-08-30 19:34:46.023388812 +0200 -@@ -129,6 +129,7 @@ - auth2-none.o auth2-passwd.o auth2-pubkey.o \ +diff -Nur openssh-9.3p1.orig/Makefile.in openssh-9.3p1/Makefile.in +--- openssh-9.3p1.orig/Makefile.in 2023-06-26 17:34:46.580956202 +0200 ++++ openssh-9.3p1/Makefile.in 2023-06-26 17:36:05.818175584 +0200 +@@ -130,6 +130,7 @@ + auth2-none.o auth2-passwd.o auth2-pubkey.o auth2-pubkeyfile.o \ monitor.o monitor_wrap.o auth-krb5.o \ auth2-gss.o gss-serv.o gss-serv-krb5.o kexgsss.o \ + gss-serv-gsi.o \ loginrec.o auth-pam.o auth-shadow.o auth-sia.o \ srclimit.o sftp-server.o sftp-common.o \ sandbox-null.o sandbox-rlimit.o sandbox-systrace.o sandbox-darwin.o \ -diff -Nur openssh-9.0p1.orig/misc.c openssh-9.0p1/misc.c ---- openssh-9.0p1.orig/misc.c 2022-08-30 19:32:35.550051194 +0200 -+++ openssh-9.0p1/misc.c 2022-08-30 19:33:23.894176418 +0200 +diff -Nur openssh-9.3p1.orig/misc.c openssh-9.3p1/misc.c +--- openssh-9.3p1.orig/misc.c 2023-06-26 17:34:46.625956326 +0200 ++++ openssh-9.3p1/misc.c 2023-06-26 17:36:05.819175586 +0200 @@ -393,11 +393,14 @@ #define WHITESPACE " \t\r\n" #define QUOTE "\"" @@ -1489,9 +1489,9 @@ diff -Nur openssh-9.0p1.orig/misc.c openssh-9.0p1/misc.c /* * Convert ASCII string to TCP/IP port number. * Port must be >=0 and <=65535. -diff -Nur openssh-9.0p1.orig/misc.h openssh-9.0p1/misc.h ---- openssh-9.0p1.orig/misc.h 2022-08-30 19:32:35.405050818 +0200 -+++ openssh-9.0p1/misc.h 2022-08-30 19:33:23.895176421 +0200 +diff -Nur openssh-9.3p1.orig/misc.h openssh-9.3p1/misc.h +--- openssh-9.3p1.orig/misc.h 2023-06-26 17:34:46.526956052 +0200 ++++ openssh-9.3p1/misc.h 2023-06-26 17:36:05.820175589 +0200 @@ -100,6 +100,7 @@ void sock_set_v6only(int); @@ -1500,9 +1500,9 @@ diff -Nur openssh-9.0p1.orig/misc.h openssh-9.0p1/misc.h const char *ssh_gai_strerror(int); typedef void privdrop_fn(struct passwd *); -diff -Nur openssh-9.0p1.orig/monitor.c openssh-9.0p1/monitor.c ---- openssh-9.0p1.orig/monitor.c 2022-08-30 19:32:35.551051196 +0200 -+++ openssh-9.0p1/monitor.c 2022-08-30 19:56:02.622691995 +0200 +diff -Nur openssh-9.3p1.orig/monitor.c openssh-9.3p1/monitor.c +--- openssh-9.3p1.orig/monitor.c 2023-06-26 17:34:46.625956326 +0200 ++++ openssh-9.3p1/monitor.c 2023-06-26 17:36:05.821175592 +0200 @@ -152,6 +152,9 @@ int mm_answer_gss_userok(struct ssh *, int, struct sshbuf *); int mm_answer_gss_checkmic(struct ssh *, int, struct sshbuf *); @@ -1571,7 +1571,7 @@ diff -Nur openssh-9.0p1.orig/monitor.c openssh-9.0p1/monitor.c #endif if (auth_opts->permit_pty_flag) { -@@ -766,14 +778,17 @@ +@@ -779,14 +791,17 @@ debug3_f("entering"); @@ -1592,7 +1592,7 @@ diff -Nur openssh-9.0p1.orig/monitor.c openssh-9.0p1/monitor.c setproctitle("%s [priv]", pwent ? authctxt->user : "unknown"); sshbuf_reset(m); -@@ -2130,6 +2145,79 @@ +@@ -2142,6 +2157,79 @@ } int @@ -1672,9 +1672,9 @@ diff -Nur openssh-9.0p1.orig/monitor.c openssh-9.0p1/monitor.c mm_answer_gss_sign(struct ssh *ssh, int socket, struct sshbuf *m) { gss_buffer_desc data; -diff -Nur openssh-9.0p1.orig/monitor.h openssh-9.0p1/monitor.h ---- openssh-9.0p1.orig/monitor.h 2022-08-30 19:32:35.498051059 +0200 -+++ openssh-9.0p1/monitor.h 2022-08-30 19:33:23.897176426 +0200 +diff -Nur openssh-9.3p1.orig/monitor.h openssh-9.3p1/monitor.h +--- openssh-9.3p1.orig/monitor.h 2023-06-26 17:34:46.581956204 +0200 ++++ openssh-9.3p1/monitor.h 2023-06-26 17:36:05.821175592 +0200 @@ -75,6 +75,10 @@ MONITOR_REQ_GSSSIGN = 150, MONITOR_ANS_GSSSIGN = 151, @@ -1686,10 +1686,10 @@ diff -Nur openssh-9.0p1.orig/monitor.h openssh-9.0p1/monitor.h }; struct ssh; -diff -Nur openssh-9.0p1.orig/monitor_wrap.c openssh-9.0p1/monitor_wrap.c ---- openssh-9.0p1.orig/monitor_wrap.c 2022-08-30 19:32:35.551051196 +0200 -+++ openssh-9.0p1/monitor_wrap.c 2022-08-30 19:33:23.898176429 +0200 -@@ -1084,6 +1084,94 @@ +diff -Nur openssh-9.3p1.orig/monitor_wrap.c openssh-9.3p1/monitor_wrap.c +--- openssh-9.3p1.orig/monitor_wrap.c 2023-06-26 17:34:46.626956329 +0200 ++++ openssh-9.3p1/monitor_wrap.c 2023-06-26 17:36:05.822175594 +0200 +@@ -1085,6 +1085,94 @@ return (authenticated); } @@ -1784,9 +1784,9 @@ diff -Nur openssh-9.0p1.orig/monitor_wrap.c openssh-9.0p1/monitor_wrap.c OM_uint32 mm_ssh_gssapi_sign(Gssctxt *ctx, gss_buffer_desc *data, gss_buffer_desc *hash) { -diff -Nur openssh-9.0p1.orig/monitor_wrap.h openssh-9.0p1/monitor_wrap.h ---- openssh-9.0p1.orig/monitor_wrap.h 2022-08-30 19:32:35.508051085 +0200 -+++ openssh-9.0p1/monitor_wrap.h 2022-08-30 19:33:23.898176429 +0200 +diff -Nur openssh-9.3p1.orig/monitor_wrap.h openssh-9.3p1/monitor_wrap.h +--- openssh-9.3p1.orig/monitor_wrap.h 2023-06-26 17:34:46.588956224 +0200 ++++ openssh-9.3p1/monitor_wrap.h 2023-06-26 17:36:05.823175597 +0200 @@ -73,6 +73,10 @@ int mm_ssh_gssapi_userok(char *user, struct passwd *, int kex); OM_uint32 mm_ssh_gssapi_checkmic(Gssctxt *, gss_buffer_t, gss_buffer_t); @@ -1798,10 +1798,10 @@ diff -Nur openssh-9.0p1.orig/monitor_wrap.h openssh-9.0p1/monitor_wrap.h int mm_ssh_gssapi_update_creds(ssh_gssapi_ccache *); #endif -diff -Nur openssh-9.0p1.orig/readconf.c openssh-9.0p1/readconf.c ---- openssh-9.0p1.orig/readconf.c 2022-08-30 19:32:35.553051201 +0200 -+++ openssh-9.0p1/readconf.c 2022-08-30 19:33:23.899176431 +0200 -@@ -2558,11 +2558,11 @@ +diff -Nur openssh-9.3p1.orig/readconf.c openssh-9.3p1/readconf.c +--- openssh-9.3p1.orig/readconf.c 2023-06-26 17:34:46.627956332 +0200 ++++ openssh-9.3p1/readconf.c 2023-06-26 17:36:05.824175600 +0200 +@@ -2554,11 +2554,11 @@ if (options->pubkey_authentication == -1) options->pubkey_authentication = SSH_PUBKEY_AUTH_ALL; if (options->gss_authentication == -1) @@ -1816,10 +1816,10 @@ diff -Nur openssh-9.0p1.orig/readconf.c openssh-9.0p1/readconf.c if (options->gss_trust_dns == -1) options->gss_trust_dns = 0; if (options->gss_renewal_rekey == -1) -diff -Nur openssh-9.0p1.orig/readconf.h openssh-9.0p1/readconf.h ---- openssh-9.0p1.orig/readconf.h 2022-08-30 19:32:35.469050984 +0200 -+++ openssh-9.0p1/readconf.h 2022-08-30 19:33:23.900176434 +0200 -@@ -78,6 +78,8 @@ +diff -Nur openssh-9.3p1.orig/readconf.h openssh-9.3p1/readconf.h +--- openssh-9.3p1.orig/readconf.h 2023-06-26 17:34:46.470955897 +0200 ++++ openssh-9.3p1/readconf.h 2023-06-26 17:36:05.825175603 +0200 +@@ -79,6 +79,8 @@ char *host_key_alias; /* hostname alias for .ssh/known_hosts */ char *proxy_command; /* Proxy command for connecting the host. */ char *user; /* User to log in as. */ @@ -1828,9 +1828,9 @@ diff -Nur openssh-9.0p1.orig/readconf.h openssh-9.0p1/readconf.h int escape_char; /* Escape character; -2 = none */ u_int num_system_hostfiles; /* Paths for /etc/ssh/ssh_known_hosts */ -diff -Nur openssh-9.0p1.orig/servconf.c openssh-9.0p1/servconf.c ---- openssh-9.0p1.orig/servconf.c 2022-08-30 19:32:35.555051206 +0200 -+++ openssh-9.0p1/servconf.c 2022-08-30 19:33:23.902176439 +0200 +diff -Nur openssh-9.3p1.orig/servconf.c openssh-9.3p1/servconf.c +--- openssh-9.3p1.orig/servconf.c 2023-06-26 17:34:46.628956335 +0200 ++++ openssh-9.3p1/servconf.c 2023-06-26 17:36:05.826175605 +0200 @@ -93,6 +93,7 @@ /* Portable-specific options */ @@ -1851,7 +1851,7 @@ diff -Nur openssh-9.0p1.orig/servconf.c openssh-9.0p1/servconf.c options->gss_store_rekey = -1; options->gss_kex_algorithms = NULL; options->use_kuserok = -1; -@@ -292,6 +295,8 @@ +@@ -295,6 +298,8 @@ /* Portable-specific options */ if (options->use_pam == -1) options->use_pam = 0; @@ -1860,7 +1860,7 @@ diff -Nur openssh-9.0p1.orig/servconf.c openssh-9.0p1/servconf.c /* Standard Options */ if (options->num_host_key_files == 0) { -@@ -373,13 +378,17 @@ +@@ -376,13 +381,17 @@ if (options->kerberos_unique_ccache == -1) options->kerberos_unique_ccache = 0; if (options->gss_authentication == -1) @@ -1880,7 +1880,7 @@ diff -Nur openssh-9.0p1.orig/servconf.c openssh-9.0p1/servconf.c if (options->gss_store_rekey == -1) options->gss_store_rekey = 0; #ifdef GSSAPI -@@ -517,7 +526,7 @@ +@@ -529,7 +538,7 @@ typedef enum { sBadOption, /* == unknown option */ /* Portable-specific options */ @@ -1889,7 +1889,7 @@ diff -Nur openssh-9.0p1.orig/servconf.c openssh-9.0p1/servconf.c /* Standard Options */ sPort, sHostKeyFile, sLoginGraceTime, sPermitRootLogin, sLogFacility, sLogLevel, sLogVerbose, -@@ -536,6 +545,9 @@ +@@ -548,6 +557,9 @@ sHostbasedUsesNameFromPacketOnly, sHostbasedAcceptedAlgorithms, sHostKeyAlgorithms, sPerSourceMaxStartups, sPerSourceNetBlockSize, sClientAliveInterval, sClientAliveCountMax, sAuthorizedKeysFile, @@ -1899,7 +1899,7 @@ diff -Nur openssh-9.0p1.orig/servconf.c openssh-9.0p1/servconf.c sGssAuthentication, sGssCleanupCreds, sGssEnablek5users, sGssStrictAcceptor, sGssKeyEx, sGssKexAlgorithms, sGssStoreRekey, sAcceptEnv, sSetEnv, sPermitTunnel, -@@ -569,8 +581,10 @@ +@@ -581,8 +593,10 @@ /* Portable-specific options */ #ifdef USE_PAM { "usepam", sUsePAM, SSHCFG_GLOBAL }, @@ -1910,7 +1910,7 @@ diff -Nur openssh-9.0p1.orig/servconf.c openssh-9.0p1/servconf.c #endif { "pamauthenticationviakbdint", sDeprecated, SSHCFG_GLOBAL }, /* Standard Options */ -@@ -623,8 +637,15 @@ +@@ -635,8 +649,15 @@ { "afstokenpassing", sUnsupported, SSHCFG_GLOBAL }, #ifdef GSSAPI { "gssapiauthentication", sGssAuthentication, SSHCFG_ALL }, @@ -1926,7 +1926,7 @@ diff -Nur openssh-9.0p1.orig/servconf.c openssh-9.0p1/servconf.c { "gssapistrictacceptorcheck", sGssStrictAcceptor, SSHCFG_GLOBAL }, { "gssapikeyexchange", sGssKeyEx, SSHCFG_GLOBAL }, { "gssapistorecredentialsonrekey", sGssStoreRekey, SSHCFG_GLOBAL }, -@@ -632,8 +653,11 @@ +@@ -644,8 +665,11 @@ { "gssapienablek5users", sGssEnablek5users, SSHCFG_ALL }, #else { "gssapiauthentication", sUnsupported, SSHCFG_ALL }, @@ -1938,7 +1938,7 @@ diff -Nur openssh-9.0p1.orig/servconf.c openssh-9.0p1/servconf.c { "gssapistrictacceptorcheck", sUnsupported, SSHCFG_GLOBAL }, { "gssapikeyexchange", sUnsupported, SSHCFG_GLOBAL }, { "gssapistorecredentialsonrekey", sUnsupported, SSHCFG_GLOBAL }, -@@ -705,6 +729,8 @@ +@@ -717,6 +741,8 @@ { "permitlisten", sPermitListen, SSHCFG_ALL }, { "forcecommand", sForceCommand, SSHCFG_ALL }, { "chrootdirectory", sChrootDirectory, SSHCFG_ALL }, @@ -1947,7 +1947,7 @@ diff -Nur openssh-9.0p1.orig/servconf.c openssh-9.0p1/servconf.c { "hostcertificate", sHostCertificate, SSHCFG_GLOBAL }, { "revokedkeys", sRevokedKeys, SSHCFG_ALL }, { "trustedusercakeys", sTrustedUserCAKeys, SSHCFG_ALL }, -@@ -1383,6 +1409,10 @@ +@@ -1450,6 +1476,10 @@ intptr = &options->use_pam; goto parse_flag; @@ -1958,7 +1958,7 @@ diff -Nur openssh-9.0p1.orig/servconf.c openssh-9.0p1/servconf.c /* Standard Options */ case sBadOption: goto out; -@@ -1629,6 +1659,10 @@ +@@ -1696,6 +1726,10 @@ intptr = &options->gss_authentication; goto parse_flag; @@ -1969,7 +1969,7 @@ diff -Nur openssh-9.0p1.orig/servconf.c openssh-9.0p1/servconf.c case sGssKeyEx: intptr = &options->gss_keyex; goto parse_flag; -@@ -1637,6 +1671,10 @@ +@@ -1704,6 +1738,10 @@ intptr = &options->gss_cleanup_creds; goto parse_flag; @@ -1980,7 +1980,7 @@ diff -Nur openssh-9.0p1.orig/servconf.c openssh-9.0p1/servconf.c case sGssStrictAcceptor: intptr = &options->gss_strict_acceptor; goto parse_flag; -@@ -1657,6 +1695,12 @@ +@@ -1724,6 +1762,12 @@ options->gss_kex_algorithms = xstrdup(arg); break; @@ -1993,7 +1993,7 @@ diff -Nur openssh-9.0p1.orig/servconf.c openssh-9.0p1/servconf.c case sPasswordAuthentication: intptr = &options->password_authentication; goto parse_flag; -@@ -2665,6 +2709,7 @@ +@@ -2776,6 +2820,7 @@ M_CP_INTOPT(password_authentication); M_CP_INTOPT(gss_authentication); @@ -2001,9 +2001,9 @@ diff -Nur openssh-9.0p1.orig/servconf.c openssh-9.0p1/servconf.c M_CP_INTOPT(pubkey_authentication); M_CP_INTOPT(pubkey_auth_options); M_CP_INTOPT(kerberos_authentication); -diff -Nur openssh-9.0p1.orig/servconf.h openssh-9.0p1/servconf.h ---- openssh-9.0p1.orig/servconf.h 2022-08-30 19:32:35.471050989 +0200 -+++ openssh-9.0p1/servconf.h 2022-08-30 19:33:23.903176441 +0200 +diff -Nur openssh-9.3p1.orig/servconf.h openssh-9.3p1/servconf.h +--- openssh-9.3p1.orig/servconf.h 2023-06-26 17:34:46.519956033 +0200 ++++ openssh-9.3p1/servconf.h 2023-06-26 17:36:05.827175608 +0200 @@ -146,9 +146,12 @@ * be stored in per-session ccache */ int use_kuserok; @@ -2025,10 +2025,10 @@ diff -Nur openssh-9.0p1.orig/servconf.h openssh-9.0p1/servconf.h int permit_tun; -diff -Nur openssh-9.0p1.orig/ssh.1 openssh-9.0p1/ssh.1 ---- openssh-9.0p1.orig/ssh.1 2022-08-30 19:32:35.531051144 +0200 -+++ openssh-9.0p1/ssh.1 2022-08-30 19:33:23.903176441 +0200 -@@ -1510,6 +1510,18 @@ +diff -Nur openssh-9.3p1.orig/ssh.1 openssh-9.3p1/ssh.1 +--- openssh-9.3p1.orig/ssh.1 2023-06-26 17:34:46.606956274 +0200 ++++ openssh-9.3p1/ssh.1 2023-06-26 17:36:05.828175611 +0200 +@@ -1514,6 +1514,18 @@ on to new connections). .It Ev USER Set to the name of the user logging in. @@ -2047,10 +2047,10 @@ diff -Nur openssh-9.0p1.orig/ssh.1 openssh-9.0p1/ssh.1 .El .Pp Additionally, -diff -Nur openssh-9.0p1.orig/ssh.c openssh-9.0p1/ssh.c ---- openssh-9.0p1.orig/ssh.c 2022-08-30 19:32:35.560051220 +0200 -+++ openssh-9.0p1/ssh.c 2022-08-30 19:33:23.905176447 +0200 -@@ -567,6 +567,38 @@ +diff -Nur openssh-9.3p1.orig/ssh.c openssh-9.3p1/ssh.c +--- openssh-9.3p1.orig/ssh.c 2023-06-26 17:34:46.630956340 +0200 ++++ openssh-9.3p1/ssh.c 2023-06-26 17:36:05.829175614 +0200 +@@ -571,6 +571,38 @@ fatal("Can't open user config file %.100s: " "%.100s", config, strerror(errno)); } else { @@ -2089,7 +2089,7 @@ diff -Nur openssh-9.0p1.orig/ssh.c openssh-9.0p1/ssh.c r = snprintf(buf, sizeof buf, "%s/%s", pw->pw_dir, _PATH_SSH_USER_CONFFILE); if (r > 0 && (size_t)r < sizeof(buf)) -@@ -1245,8 +1277,12 @@ +@@ -1251,8 +1283,12 @@ if (fill_default_options(&options) != 0) cleanup_exit(255); @@ -2103,9 +2103,9 @@ diff -Nur openssh-9.0p1.orig/ssh.c openssh-9.0p1/ssh.c /* * If ProxyJump option specified, then construct a ProxyCommand now. -diff -Nur openssh-9.0p1.orig/ssh_config openssh-9.0p1/ssh_config ---- openssh-9.0p1.orig/ssh_config 2022-08-30 19:32:35.334050634 +0200 -+++ openssh-9.0p1/ssh_config 2022-08-30 19:33:23.905176447 +0200 +diff -Nur openssh-9.3p1.orig/ssh_config openssh-9.3p1/ssh_config +--- openssh-9.3p1.orig/ssh_config 2023-06-26 17:34:46.473955906 +0200 ++++ openssh-9.3p1/ssh_config 2023-06-26 17:36:05.830175617 +0200 @@ -22,9 +22,9 @@ # ForwardX11 no # PasswordAuthentication yes @@ -2119,9 +2119,9 @@ diff -Nur openssh-9.0p1.orig/ssh_config openssh-9.0p1/ssh_config # GSSAPITrustDNS no # BatchMode no # CheckHostIP yes -diff -Nur openssh-9.0p1.orig/ssh_config.5 openssh-9.0p1/ssh_config.5 ---- openssh-9.0p1.orig/ssh_config.5 2022-08-30 19:32:35.478051007 +0200 -+++ openssh-9.0p1/ssh_config.5 2022-08-30 19:33:23.906176449 +0200 +diff -Nur openssh-9.3p1.orig/ssh_config.5 openssh-9.3p1/ssh_config.5 +--- openssh-9.3p1.orig/ssh_config.5 2023-06-26 17:34:46.544956102 +0200 ++++ openssh-9.3p1/ssh_config.5 2023-06-26 17:36:05.831175620 +0200 @@ -52,6 +52,12 @@ user's configuration file .Pq Pa ~/.ssh/config @@ -2135,7 +2135,7 @@ diff -Nur openssh-9.0p1.orig/ssh_config.5 openssh-9.0p1/ssh_config.5 system-wide configuration file .Pq Pa /etc/ssh/ssh_config .El -@@ -826,7 +832,7 @@ +@@ -832,7 +838,7 @@ .It Cm GSSAPIAuthentication Specifies whether user authentication based on GSSAPI is allowed. The default is @@ -2144,7 +2144,7 @@ diff -Nur openssh-9.0p1.orig/ssh_config.5 openssh-9.0p1/ssh_config.5 .It Cm GSSAPIClientIdentity If set, specifies the GSSAPI client identity that ssh should use when connecting to the server. The default is unset, which means that the default -@@ -834,12 +840,12 @@ +@@ -840,12 +846,12 @@ .It Cm GSSAPIDelegateCredentials Forward (delegate) credentials to the server. The default is @@ -2159,7 +2159,7 @@ diff -Nur openssh-9.0p1.orig/ssh_config.5 openssh-9.0p1/ssh_config.5 .It Cm GSSAPIRenewalForcesRekey If set to .Dq yes -@@ -1454,7 +1460,7 @@ +@@ -1471,7 +1477,7 @@ .Cm password ) . The default is: .Bd -literal -offset indent @@ -2168,10 +2168,10 @@ diff -Nur openssh-9.0p1.orig/ssh_config.5 openssh-9.0p1/ssh_config.5 keyboard-interactive,password .Ed .It Cm ProxyCommand -diff -Nur openssh-9.0p1.orig/sshconnect2.c openssh-9.0p1/sshconnect2.c ---- openssh-9.0p1.orig/sshconnect2.c 2022-08-30 19:32:35.541051170 +0200 -+++ openssh-9.0p1/sshconnect2.c 2022-08-30 19:33:23.908176455 +0200 -@@ -874,6 +874,11 @@ +diff -Nur openssh-9.3p1.orig/sshconnect2.c openssh-9.3p1/sshconnect2.c +--- openssh-9.3p1.orig/sshconnect2.c 2023-06-26 17:34:46.619956310 +0200 ++++ openssh-9.3p1/sshconnect2.c 2023-06-26 17:36:05.832175622 +0200 +@@ -861,6 +861,11 @@ gss_OID mech = NULL; char *gss_host = NULL; @@ -2183,7 +2183,7 @@ diff -Nur openssh-9.0p1.orig/sshconnect2.c openssh-9.0p1/sshconnect2.c if (options.gss_server_identity) { gss_host = xstrdup(options.gss_server_identity); } else if (options.gss_trust_dns) { -@@ -985,7 +990,8 @@ +@@ -972,7 +977,8 @@ if (status == GSS_S_COMPLETE) { /* send either complete or MIC, depending on mechanism */ @@ -2193,7 +2193,7 @@ diff -Nur openssh-9.0p1.orig/sshconnect2.c openssh-9.0p1/sshconnect2.c if ((r = sshpkt_start(ssh, SSH2_MSG_USERAUTH_GSSAPI_EXCHANGE_COMPLETE)) != 0 || (r = sshpkt_send(ssh)) != 0) -@@ -1156,6 +1162,20 @@ +@@ -1139,6 +1145,20 @@ return r; } @@ -2214,7 +2214,7 @@ diff -Nur openssh-9.0p1.orig/sshconnect2.c openssh-9.0p1/sshconnect2.c int userauth_gsskeyex(struct ssh *ssh) { -@@ -1178,6 +1198,12 @@ +@@ -1161,6 +1181,12 @@ if ((b = sshbuf_new()) == NULL) fatal_f("sshbuf_new failed"); @@ -2227,7 +2227,7 @@ diff -Nur openssh-9.0p1.orig/sshconnect2.c openssh-9.0p1/sshconnect2.c ssh_gssapi_buildmic(b, authctxt->server_user, authctxt->service, "gssapi-keyex", ssh->kex->session_id); -@@ -1191,7 +1217,9 @@ +@@ -1174,7 +1200,9 @@ } if ((r = sshpkt_start(ssh, SSH2_MSG_USERAUTH_REQUEST)) != 0 || @@ -2238,10 +2238,10 @@ diff -Nur openssh-9.0p1.orig/sshconnect2.c openssh-9.0p1/sshconnect2.c (r = sshpkt_put_cstring(ssh, authctxt->service)) != 0 || (r = sshpkt_put_cstring(ssh, authctxt->method->name)) != 0 || (r = sshpkt_put_string(ssh, mic.value, mic.length)) != 0 || -diff -Nur openssh-9.0p1.orig/sshd.8 openssh-9.0p1/sshd.8 ---- openssh-9.0p1.orig/sshd.8 2022-08-30 19:32:35.352050680 +0200 -+++ openssh-9.0p1/sshd.8 2022-08-30 19:33:23.909176457 +0200 -@@ -823,6 +823,29 @@ +diff -Nur openssh-9.3p1.orig/sshd.8 openssh-9.3p1/sshd.8 +--- openssh-9.3p1.orig/sshd.8 2023-06-26 17:34:46.488955947 +0200 ++++ openssh-9.3p1/sshd.8 2023-06-26 17:36:05.833175625 +0200 +@@ -839,6 +839,29 @@ # A CA key, accepted for any host in *.mydomain.com or *.mydomain.org @cert-authority *.mydomain.org,*.mydomain.com ssh-rsa AAAAB5W... .Ed @@ -2271,10 +2271,10 @@ diff -Nur openssh-9.0p1.orig/sshd.8 openssh-9.0p1/sshd.8 .Sh FILES .Bl -tag -width Ds -compact .It Pa ~/.hushlogin -diff -Nur openssh-9.0p1.orig/sshd.c openssh-9.0p1/sshd.c ---- openssh-9.0p1.orig/sshd.c 2022-08-30 19:32:35.561051222 +0200 -+++ openssh-9.0p1/sshd.c 2022-08-30 19:33:23.910176460 +0200 -@@ -2390,7 +2390,7 @@ +diff -Nur openssh-9.3p1.orig/sshd.c openssh-9.3p1/sshd.c +--- openssh-9.3p1.orig/sshd.c 2023-06-26 17:34:46.631956343 +0200 ++++ openssh-9.3p1/sshd.c 2023-06-26 17:36:05.835175630 +0200 +@@ -2438,7 +2438,7 @@ #endif #ifdef GSSAPI @@ -2283,9 +2283,9 @@ diff -Nur openssh-9.0p1.orig/sshd.c openssh-9.0p1/sshd.c temporarily_use_uid(authctxt->pw); authctxt->krb5_set_env = ssh_gssapi_storecreds(); restore_uid(); -diff -Nur openssh-9.0p1.orig/sshd_config openssh-9.0p1/sshd_config ---- openssh-9.0p1.orig/sshd_config 2022-08-30 19:32:35.380050753 +0200 -+++ openssh-9.0p1/sshd_config 2022-08-30 19:33:23.911176462 +0200 +diff -Nur openssh-9.3p1.orig/sshd_config openssh-9.3p1/sshd_config +--- openssh-9.3p1.orig/sshd_config 2023-06-26 17:34:46.508956002 +0200 ++++ openssh-9.3p1/sshd_config 2023-06-26 17:36:05.835175630 +0200 @@ -76,10 +76,11 @@ #KerberosUseKuserok yes @@ -2311,10 +2311,10 @@ diff -Nur openssh-9.0p1.orig/sshd_config openssh-9.0p1/sshd_config #AllowAgentForwarding yes #AllowTcpForwarding yes #GatewayPorts no -diff -Nur openssh-9.0p1.orig/sshd_config.5 openssh-9.0p1/sshd_config.5 ---- openssh-9.0p1.orig/sshd_config.5 2022-08-30 19:32:35.479051009 +0200 -+++ openssh-9.0p1/sshd_config.5 2022-08-30 19:33:23.912176465 +0200 -@@ -635,15 +635,34 @@ +diff -Nur openssh-9.3p1.orig/sshd_config.5 openssh-9.3p1/sshd_config.5 +--- openssh-9.3p1.orig/sshd_config.5 2023-06-26 17:34:46.545956105 +0200 ++++ openssh-9.3p1/sshd_config.5 2023-06-26 17:36:05.836175633 +0200 +@@ -716,15 +716,34 @@ to allow the client to select the address to which the forwarding is bound. The default is .Cm no . @@ -2350,7 +2350,7 @@ diff -Nur openssh-9.0p1.orig/sshd_config.5 openssh-9.0p1/sshd_config.5 .It Cm GSSAPIEnablek5users Specifies whether to look at .k5users file for GSSAPI authentication access control. Further details are described in -@@ -654,7 +673,7 @@ +@@ -735,7 +754,7 @@ Specifies whether key exchange based on GSSAPI is allowed. GSSAPI key exchange doesn't rely on ssh keys to verify host identity. The default is @@ -2359,7 +2359,7 @@ diff -Nur openssh-9.0p1.orig/sshd_config.5 openssh-9.0p1/sshd_config.5 .It Cm GSSAPIStrictAcceptorCheck Determines whether to be strict about the identity of the GSSAPI acceptor a client authenticates against. -@@ -1784,6 +1803,12 @@ +@@ -1900,6 +1919,12 @@ as a non-root user. The default is .Cm no . @@ -2372,9 +2372,9 @@ diff -Nur openssh-9.0p1.orig/sshd_config.5 openssh-9.0p1/sshd_config.5 .It Cm VersionAddendum Optionally specifies additional text to append to the SSH protocol banner sent by the server upon connection. -diff -Nur openssh-9.0p1.orig/sshd_config_redhat openssh-9.0p1/sshd_config_redhat ---- openssh-9.0p1.orig/sshd_config_redhat 2022-08-30 19:32:35.308050566 +0200 -+++ openssh-9.0p1/sshd_config_redhat 2022-08-30 19:33:23.912176465 +0200 +diff -Nur openssh-9.3p1.orig/sshd_config_redhat openssh-9.3p1/sshd_config_redhat +--- openssh-9.3p1.orig/sshd_config_redhat 2023-06-26 17:34:46.457955861 +0200 ++++ openssh-9.3p1/sshd_config_redhat 2023-06-26 17:36:05.837175636 +0200 @@ -9,9 +9,6 @@ ChallengeResponseAuthentication no @@ -2385,9 +2385,9 @@ diff -Nur openssh-9.0p1.orig/sshd_config_redhat openssh-9.0p1/sshd_config_redhat UsePAM yes X11Forwarding yes -diff -Nur openssh-9.0p1.orig/ssh-gss.h openssh-9.0p1/ssh-gss.h ---- openssh-9.0p1.orig/ssh-gss.h 2022-08-30 19:32:35.349050673 +0200 -+++ openssh-9.0p1/ssh-gss.h 2022-08-30 19:33:23.913176467 +0200 +diff -Nur openssh-9.3p1.orig/ssh-gss.h openssh-9.3p1/ssh-gss.h +--- openssh-9.3p1.orig/ssh-gss.h 2023-06-26 17:34:46.486955941 +0200 ++++ openssh-9.3p1/ssh-gss.h 2023-06-26 17:36:05.837175636 +0200 @@ -97,12 +97,14 @@ } ssh_gssapi_ccache; @@ -2423,12 +2423,12 @@ diff -Nur openssh-9.0p1.orig/ssh-gss.h openssh-9.0p1/ssh-gss.h /* In the server */ typedef int ssh_gssapi_check_fn(Gssctxt **, gss_OID, const char *, const char *); -diff -Nur openssh-9.0p1.orig/version.h openssh-9.0p1/version.h ---- openssh-9.0p1.orig/version.h 2022-04-06 02:47:48.000000000 +0200 -+++ openssh-9.0p1/version.h 2022-08-30 19:33:23.913176467 +0200 +diff -Nur openssh-9.3p1.orig/version.h openssh-9.3p1/version.h +--- openssh-9.3p1.orig/version.h 2023-03-15 22:28:19.000000000 +0100 ++++ openssh-9.3p1/version.h 2023-06-26 17:36:05.838175639 +0200 @@ -2,5 +2,19 @@ - #define SSH_VERSION "OpenSSH_9.0" + #define SSH_VERSION "OpenSSH_9.3" +#ifdef GSI +#define GSI_VERSION " GSI" diff --git a/openssh-9.0p1-hpn-15.2-modified.patch b/openssh-9.3p1-hpn-15.2-modified.patch similarity index 87% rename from openssh-9.0p1-hpn-15.2-modified.patch rename to openssh-9.3p1-hpn-15.2-modified.patch index cf04605..d348911 100644 --- a/openssh-9.0p1-hpn-15.2-modified.patch +++ b/openssh-9.3p1-hpn-15.2-modified.patch @@ -1,7 +1,7 @@ -diff -Nur openssh-9.0p1.orig/auth2.c openssh-9.0p1/auth2.c ---- openssh-9.0p1.orig/auth2.c 2022-08-30 20:22:42.458819942 +0200 -+++ openssh-9.0p1/auth2.c 2022-08-30 20:23:49.877993046 +0200 -@@ -53,6 +53,8 @@ +diff -Nur openssh-9.3p1.orig/auth2.c openssh-9.3p1/auth2.c +--- openssh-9.3p1.orig/auth2.c 2023-06-26 17:56:58.794634874 +0200 ++++ openssh-9.3p1/auth2.c 2023-06-26 17:59:24.993036944 +0200 +@@ -52,6 +52,8 @@ #include "dispatch.h" #include "pathnames.h" #include "ssherr.h" @@ -10,7 +10,7 @@ diff -Nur openssh-9.0p1.orig/auth2.c openssh-9.0p1/auth2.c #ifdef GSSAPI #include "ssh-gss.h" #endif -@@ -75,6 +77,8 @@ +@@ -74,6 +76,8 @@ extern Authmethod method_gssapi; #endif @@ -19,7 +19,7 @@ diff -Nur openssh-9.0p1.orig/auth2.c openssh-9.0p1/auth2.c Authmethod *authmethods[] = { &method_none, &method_pubkey, -@@ -300,6 +304,11 @@ +@@ -297,6 +301,11 @@ debug("userauth-request for user %s service %s method %s", user[0] ? user : "", service, method); @@ -31,10 +31,10 @@ diff -Nur openssh-9.0p1.orig/auth2.c openssh-9.0p1/auth2.c debug("attempt %d failures %d", authctxt->attempt, authctxt->failures); #ifdef WITH_SELINUX -diff -Nur openssh-9.0p1.orig/channels.c openssh-9.0p1/channels.c ---- openssh-9.0p1.orig/channels.c 2022-08-30 20:22:42.436819885 +0200 -+++ openssh-9.0p1/channels.c 2022-08-30 20:23:49.879993051 +0200 -@@ -219,6 +219,9 @@ +diff -Nur openssh-9.3p1.orig/channels.c openssh-9.3p1/channels.c +--- openssh-9.3p1.orig/channels.c 2023-06-26 17:56:58.689634585 +0200 ++++ openssh-9.3p1/channels.c 2023-06-26 18:26:41.719517151 +0200 +@@ -229,6 +229,9 @@ /* Setup helper */ static void channel_handler_init(struct ssh_channels *sc); @@ -44,7 +44,7 @@ diff -Nur openssh-9.0p1.orig/channels.c openssh-9.0p1/channels.c /* -- channel core */ void -@@ -407,6 +410,7 @@ +@@ -495,6 +498,7 @@ c->local_window = window; c->local_window_max = window; c->local_maxpacket = maxpack; @@ -52,7 +52,7 @@ diff -Nur openssh-9.0p1.orig/channels.c openssh-9.0p1/channels.c c->remote_name = xstrdup(remote_name); c->ctl_chan = -1; c->delayed = 1; /* prevent call to channel_post handler */ -@@ -1104,6 +1108,28 @@ +@@ -1203,6 +1207,28 @@ c->io_want = SSH_CHAN_IO_SOCK_W; } @@ -81,7 +81,7 @@ diff -Nur openssh-9.0p1.orig/channels.c openssh-9.0p1/channels.c static void channel_pre_open(struct ssh *ssh, Channel *c) { -@@ -2170,22 +2196,31 @@ +@@ -2305,22 +2331,31 @@ if (c->type == SSH_CHANNEL_OPEN && !(c->flags & (CHAN_CLOSE_SENT|CHAN_CLOSE_RCVD)) && @@ -118,7 +118,7 @@ diff -Nur openssh-9.0p1.orig/channels.c openssh-9.0p1/channels.c c->local_consumed = 0; } return 1; -@@ -3571,6 +3606,14 @@ +@@ -3717,6 +3752,14 @@ return addr; } @@ -133,21 +133,21 @@ diff -Nur openssh-9.0p1.orig/channels.c openssh-9.0p1/channels.c static int channel_setup_fwd_listener_tcpip(struct ssh *ssh, int type, struct Forward *fwd, int *allocated_listen_port, -@@ -3710,8 +3753,10 @@ +@@ -3856,8 +3899,10 @@ } /* Allocate a channel number for the socket. */ + /* explicitly test for hpn disabled option. if true use smaller window size */ - c = channel_new(ssh, "port listener", type, sock, sock, -1, + c = channel_new(ssh, "port-listener", type, sock, sock, -1, - CHAN_TCP_WINDOW_DEFAULT, CHAN_TCP_PACKET_DEFAULT, + hpn_disabled ? CHAN_TCP_WINDOW_DEFAULT : hpn_buffer_size, + CHAN_TCP_PACKET_DEFAULT, 0, "port listener", 1); c->path = xstrdup(host); c->host_port = fwd->connect_port; -@@ -4897,7 +4942,8 @@ +@@ -5041,7 +5086,8 @@ sock = socks[n]; - nc = channel_new(ssh, "x11 listener", + nc = channel_new(ssh, "x11-listener", SSH_CHANNEL_X11_LISTENER, sock, sock, -1, - CHAN_X11_WINDOW_DEFAULT, CHAN_X11_PACKET_DEFAULT, + hpn_disabled ? CHAN_X11_WINDOW_DEFAULT : hpn_buffer_size, @@ -155,10 +155,10 @@ diff -Nur openssh-9.0p1.orig/channels.c openssh-9.0p1/channels.c 0, "X11 inet listener", 1); nc->single_connection = single_connection; (*chanids)[n] = nc->self; -diff -Nur openssh-9.0p1.orig/channels.h openssh-9.0p1/channels.h ---- openssh-9.0p1.orig/channels.h 2022-08-30 20:22:42.315819575 +0200 -+++ openssh-9.0p1/channels.h 2022-08-30 20:23:49.880993054 +0200 -@@ -172,8 +172,10 @@ +diff -Nur openssh-9.3p1.orig/channels.h openssh-9.3p1/channels.h +--- openssh-9.3p1.orig/channels.h 2023-06-26 17:56:58.638634445 +0200 ++++ openssh-9.3p1/channels.h 2023-06-26 17:59:24.996036952 +0200 +@@ -173,8 +173,10 @@ u_int local_window_max; u_int local_consumed; u_int local_maxpacket; @@ -167,9 +167,9 @@ diff -Nur openssh-9.0p1.orig/channels.h openssh-9.0p1/channels.h int single_connection; + u_int tcpwinsz; - char *ctype; /* type */ - -@@ -245,7 +247,7 @@ + char *ctype; /* const type - NB. not freed on channel_free */ + char *xctype; /* extended type */ +@@ -254,7 +256,7 @@ #define SSH_CHAN_IO_SOCK (SSH_CHAN_IO_SOCK_R|SSH_CHAN_IO_SOCK_W) /* Read buffer size */ @@ -178,7 +178,7 @@ diff -Nur openssh-9.0p1.orig/channels.h openssh-9.0p1/channels.h /* Maximum size for direct reads to buffers */ #define CHANNEL_MAX_READ CHAN_SES_PACKET_DEFAULT -@@ -380,4 +382,7 @@ +@@ -396,4 +398,7 @@ void chan_write_failed(struct ssh *, Channel *); void chan_obuf_empty(struct ssh *, Channel *); @@ -186,9 +186,9 @@ diff -Nur openssh-9.0p1.orig/channels.h openssh-9.0p1/channels.h +void channel_set_hpn(int, int); + #endif -diff -Nur openssh-9.0p1.orig/cipher.c openssh-9.0p1/cipher.c ---- openssh-9.0p1.orig/cipher.c 2022-08-30 20:22:42.382819747 +0200 -+++ openssh-9.0p1/cipher.c 2022-08-30 20:23:49.881993056 +0200 +diff -Nur openssh-9.3p1.orig/cipher.c openssh-9.3p1/cipher.c +--- openssh-9.3p1.orig/cipher.c 2023-06-26 17:56:58.717634662 +0200 ++++ openssh-9.3p1/cipher.c 2023-06-26 17:59:24.997036955 +0200 @@ -48,6 +48,7 @@ #include "sshbuf.h" #include "ssherr.h" @@ -216,7 +216,7 @@ diff -Nur openssh-9.0p1.orig/cipher.c openssh-9.0p1/cipher.c #ifdef WITH_OPENSSL #ifndef OPENSSL_NO_DES { "3des-cbc", 8, 24, 0, 0, CFLAG_CBC, EVP_des_ede3_cbc }, -@@ -133,6 +137,29 @@ +@@ -131,6 +135,29 @@ #endif } @@ -246,7 +246,7 @@ diff -Nur openssh-9.0p1.orig/cipher.c openssh-9.0p1/cipher.c u_int cipher_blocksize(const struct sshcipher *c) { -@@ -182,10 +209,10 @@ +@@ -180,10 +207,10 @@ return cc->plaintext; } @@ -259,7 +259,7 @@ diff -Nur openssh-9.0p1.orig/cipher.c openssh-9.0p1/cipher.c for (c = ciphers; c->name != NULL; c++) if (strcmp(c->name, name) == 0) return c; -@@ -207,7 +234,8 @@ +@@ -205,7 +232,8 @@ for ((p = strsep(&cp, CIPHER_SEP)); p && *p != '\0'; (p = strsep(&cp, CIPHER_SEP))) { c = cipher_by_name(p); @@ -269,9 +269,9 @@ diff -Nur openssh-9.0p1.orig/cipher.c openssh-9.0p1/cipher.c free(cipher_list); return 0; } -diff -Nur openssh-9.0p1.orig/cipher-ctr-mt.c openssh-9.0p1/cipher-ctr-mt.c ---- openssh-9.0p1.orig/cipher-ctr-mt.c 1970-01-01 01:00:00.000000000 +0100 -+++ openssh-9.0p1/cipher-ctr-mt.c 2022-08-30 20:23:49.882993059 +0200 +diff -Nur openssh-9.3p1.orig/cipher-ctr-mt.c openssh-9.3p1/cipher-ctr-mt.c +--- openssh-9.3p1.orig/cipher-ctr-mt.c 1970-01-01 01:00:00.000000000 +0100 ++++ openssh-9.3p1/cipher-ctr-mt.c 2023-06-26 17:59:24.998036958 +0200 @@ -0,0 +1,678 @@ +/* + * OpenSSH Multi-threaded AES-CTR Cipher @@ -951,9 +951,9 @@ diff -Nur openssh-9.0p1.orig/cipher-ctr-mt.c openssh-9.0p1/cipher-ctr-mt.c +} + +#endif /* defined(WITH_OPENSSL) */ -diff -Nur openssh-9.0p1.orig/cipher.h openssh-9.0p1/cipher.h ---- openssh-9.0p1.orig/cipher.h 2022-08-30 20:22:42.382819747 +0200 -+++ openssh-9.0p1/cipher.h 2022-08-30 20:23:49.882993059 +0200 +diff -Nur openssh-9.3p1.orig/cipher.h openssh-9.3p1/cipher.h +--- openssh-9.3p1.orig/cipher.h 2023-06-26 17:56:58.717634662 +0200 ++++ openssh-9.3p1/cipher.h 2023-06-26 17:59:24.999036961 +0200 @@ -68,7 +68,9 @@ struct sshcipher_ctx; @@ -974,10 +974,10 @@ diff -Nur openssh-9.0p1.orig/cipher.h openssh-9.0p1/cipher.h u_int cipher_ctx_is_plaintext(struct sshcipher_ctx *); -diff -Nur openssh-9.0p1.orig/clientloop.c openssh-9.0p1/clientloop.c ---- openssh-9.0p1.orig/clientloop.c 2022-08-30 20:22:42.263819441 +0200 -+++ openssh-9.0p1/clientloop.c 2022-08-30 20:23:49.883993061 +0200 -@@ -1586,7 +1586,9 @@ +diff -Nur openssh-9.3p1.orig/clientloop.c openssh-9.3p1/clientloop.c +--- openssh-9.3p1.orig/clientloop.c 2023-06-26 17:56:58.584634296 +0200 ++++ openssh-9.3p1/clientloop.c 2023-06-26 17:59:25.000036964 +0200 +@@ -1646,7 +1646,9 @@ return NULL; c = channel_new(ssh, "x11", SSH_CHANNEL_X11_OPEN, sock, sock, -1, @@ -988,7 +988,7 @@ diff -Nur openssh-9.0p1.orig/clientloop.c openssh-9.0p1/clientloop.c c->force_drain = 1; return c; } -@@ -1621,7 +1623,8 @@ +@@ -1681,7 +1683,8 @@ c = channel_new(ssh, "authentication agent connection", SSH_CHANNEL_OPEN, sock, sock, -1, @@ -998,7 +998,7 @@ diff -Nur openssh-9.0p1.orig/clientloop.c openssh-9.0p1/clientloop.c "authentication agent connection", 1); c->force_drain = 1; return c; -@@ -1648,7 +1651,8 @@ +@@ -1708,7 +1711,8 @@ debug("Tunnel forwarding using interface %s", ifname); c = channel_new(ssh, "tun", SSH_CHANNEL_OPENING, fd, fd, -1, @@ -1008,10 +1008,10 @@ diff -Nur openssh-9.0p1.orig/clientloop.c openssh-9.0p1/clientloop.c c->datagram = 1; #if defined(SSH_TUN_FILTER) -diff -Nur openssh-9.0p1.orig/compat.c openssh-9.0p1/compat.c ---- openssh-9.0p1.orig/compat.c 2022-08-30 20:22:42.423819852 +0200 -+++ openssh-9.0p1/compat.c 2022-08-30 20:23:49.884993064 +0200 -@@ -150,6 +150,17 @@ +diff -Nur openssh-9.3p1.orig/compat.c openssh-9.3p1/compat.c +--- openssh-9.3p1.orig/compat.c 2023-06-26 17:56:58.764634791 +0200 ++++ openssh-9.3p1/compat.c 2023-06-26 17:59:25.001036966 +0200 +@@ -135,6 +135,17 @@ ssh->compat = check[i].bugs; if (forbid_ssh_rsa) ssh->compat |= SSH_RH_RSASIGSHA; @@ -1029,9 +1029,9 @@ diff -Nur openssh-9.0p1.orig/compat.c openssh-9.0p1/compat.c return; } } -diff -Nur openssh-9.0p1.orig/compat.h openssh-9.0p1/compat.h ---- openssh-9.0p1.orig/compat.h 2022-04-06 02:47:48.000000000 +0200 -+++ openssh-9.0p1/compat.h 2022-08-30 20:23:49.884993064 +0200 +diff -Nur openssh-9.3p1.orig/compat.h openssh-9.3p1/compat.h +--- openssh-9.3p1.orig/compat.h 2023-06-26 17:56:58.765634794 +0200 ++++ openssh-9.3p1/compat.h 2023-06-26 17:59:25.001036966 +0200 @@ -57,6 +57,7 @@ #define SSH_BUG_CURVE25519PAD 0x10000000 #define SSH_BUG_HOSTKEYS 0x20000000 @@ -1040,9 +1040,9 @@ diff -Nur openssh-9.0p1.orig/compat.h openssh-9.0p1/compat.h struct ssh; -diff -Nur openssh-9.0p1.orig/defines.h openssh-9.0p1/defines.h ---- openssh-9.0p1.orig/defines.h 2022-04-06 02:47:48.000000000 +0200 -+++ openssh-9.0p1/defines.h 2022-08-30 20:23:49.885993067 +0200 +diff -Nur openssh-9.3p1.orig/defines.h openssh-9.3p1/defines.h +--- openssh-9.3p1.orig/defines.h 2023-03-15 22:28:19.000000000 +0100 ++++ openssh-9.3p1/defines.h 2023-06-26 17:59:25.002036969 +0200 @@ -889,7 +889,7 @@ #endif @@ -1052,9 +1052,9 @@ diff -Nur openssh-9.0p1.orig/defines.h openssh-9.0p1/defines.h #endif /* -diff -Nur openssh-9.0p1.orig/digest.h openssh-9.0p1/digest.h ---- openssh-9.0p1.orig/digest.h 2022-08-30 20:22:42.344819649 +0200 -+++ openssh-9.0p1/digest.h 2022-08-30 20:23:49.886993069 +0200 +diff -Nur openssh-9.3p1.orig/digest.h openssh-9.3p1/digest.h +--- openssh-9.3p1.orig/digest.h 2023-06-26 17:56:58.672634538 +0200 ++++ openssh-9.3p1/digest.h 2023-06-26 17:59:25.002036969 +0200 @@ -27,7 +27,8 @@ #define SSH_DIGEST_SHA256 2 #define SSH_DIGEST_SHA384 3 @@ -1065,9 +1065,9 @@ diff -Nur openssh-9.0p1.orig/digest.h openssh-9.0p1/digest.h struct sshbuf; struct ssh_digest_ctx; -diff -Nur openssh-9.0p1.orig/digest-openssl.c openssh-9.0p1/digest-openssl.c ---- openssh-9.0p1.orig/digest-openssl.c 2022-08-30 20:22:42.344819649 +0200 -+++ openssh-9.0p1/digest-openssl.c 2022-08-30 20:23:49.886993069 +0200 +diff -Nur openssh-9.3p1.orig/digest-openssl.c openssh-9.3p1/digest-openssl.c +--- openssh-9.3p1.orig/digest-openssl.c 2023-06-26 17:56:58.672634538 +0200 ++++ openssh-9.3p1/digest-openssl.c 2023-06-26 17:59:25.002036969 +0200 @@ -61,6 +61,7 @@ { SSH_DIGEST_SHA256, "SHA256", 32, EVP_sha256 }, { SSH_DIGEST_SHA384, "SHA384", 48, EVP_sha384 }, @@ -1076,9 +1076,9 @@ diff -Nur openssh-9.0p1.orig/digest-openssl.c openssh-9.0p1/digest-openssl.c { -1, NULL, 0, NULL }, }; -diff -Nur openssh-9.0p1.orig/HPN-README openssh-9.0p1/HPN-README ---- openssh-9.0p1.orig/HPN-README 1970-01-01 01:00:00.000000000 +0100 -+++ openssh-9.0p1/HPN-README 2022-08-30 20:23:49.887993072 +0200 +diff -Nur openssh-9.3p1.orig/HPN-README openssh-9.3p1/HPN-README +--- openssh-9.3p1.orig/HPN-README 1970-01-01 01:00:00.000000000 +0100 ++++ openssh-9.3p1/HPN-README 2023-06-26 17:59:25.003036972 +0200 @@ -0,0 +1,153 @@ +Notes: + @@ -1233,18 +1233,18 @@ diff -Nur openssh-9.0p1.orig/HPN-README openssh-9.0p1/HPN-README + Allan Jude provided the code for the NoneMac and buffer normalization. + This work was financed, in part, by Cisco System, Inc., the National + Library of Medicine, and the National Science Foundation. -diff -Nur openssh-9.0p1.orig/kex.c openssh-9.0p1/kex.c ---- openssh-9.0p1.orig/kex.c 2022-08-30 20:22:42.402819798 +0200 -+++ openssh-9.0p1/kex.c 2022-08-30 20:23:49.887993072 +0200 -@@ -64,6 +64,7 @@ +diff -Nur openssh-9.3p1.orig/kex.c openssh-9.3p1/kex.c +--- openssh-9.3p1.orig/kex.c 2023-06-26 17:56:58.759634778 +0200 ++++ openssh-9.3p1/kex.c 2023-06-26 17:59:25.004036975 +0200 +@@ -65,6 +65,7 @@ #include "ssherr.h" #include "sshbuf.h" +#include "canohost.h" #include "digest.h" + #include "xmalloc.h" #include "audit.h" - -@@ -1001,6 +1002,11 @@ +@@ -1061,6 +1062,11 @@ int nenc, nmac, ncomp; u_int mode, ctos, need, dh_need, authlen; int r, first_kex_follows; @@ -1256,7 +1256,7 @@ diff -Nur openssh-9.0p1.orig/kex.c openssh-9.0p1/kex.c debug2("local %s KEXINIT proposal", kex->server ? "server" : "client"); if ((r = kex_buf2prop(kex->my, NULL, &my)) != 0) -@@ -1081,11 +1087,40 @@ +@@ -1141,11 +1147,40 @@ peer[ncomp] = NULL; goto out; } @@ -1297,7 +1297,7 @@ diff -Nur openssh-9.0p1.orig/kex.c openssh-9.0p1/kex.c } need = dh_need = 0; for (mode = 0; mode < MODE_MAX; mode++) { -@@ -1433,7 +1468,7 @@ +@@ -1493,7 +1528,7 @@ if (version_addendum != NULL && *version_addendum == '\0') version_addendum = NULL; if ((r = sshbuf_putf(our_version, "SSH-%d.%d-%.100s%s%s\r\n", @@ -1306,7 +1306,7 @@ diff -Nur openssh-9.0p1.orig/kex.c openssh-9.0p1/kex.c version_addendum == NULL ? "" : " ", version_addendum == NULL ? "" : version_addendum)) != 0) { oerrno = errno; -@@ -1569,6 +1604,14 @@ +@@ -1629,6 +1664,14 @@ r = SSH_ERR_INVALID_FORMAT; goto out; } @@ -1321,9 +1321,9 @@ diff -Nur openssh-9.0p1.orig/kex.c openssh-9.0p1/kex.c debug("Remote protocol version %d.%d, remote software version %.100s", remote_major, remote_minor, remote_version); compat_banner(ssh, remote_version); -diff -Nur openssh-9.0p1.orig/log.c openssh-9.0p1/log.c ---- openssh-9.0p1.orig/log.c 2022-08-30 20:22:42.298819531 +0200 -+++ openssh-9.0p1/log.c 2022-08-30 20:23:49.888993074 +0200 +diff -Nur openssh-9.3p1.orig/log.c openssh-9.3p1/log.c +--- openssh-9.3p1.orig/log.c 2023-06-26 17:56:58.620634395 +0200 ++++ openssh-9.3p1/log.c 2023-06-26 17:59:25.005036978 +0200 @@ -46,6 +46,11 @@ #include #include @@ -1345,9 +1345,9 @@ diff -Nur openssh-9.0p1.orig/log.c openssh-9.0p1/log.c #define LOG_SYSLOG_VIS (VIS_CSTYLE|VIS_NL|VIS_TAB|VIS_OCTAL) #define LOG_STDERR_VIS (VIS_SAFE|VIS_OCTAL) -diff -Nur openssh-9.0p1.orig/mac.c openssh-9.0p1/mac.c ---- openssh-9.0p1.orig/mac.c 2022-08-30 20:22:42.384819752 +0200 -+++ openssh-9.0p1/mac.c 2022-08-30 20:23:49.888993074 +0200 +diff -Nur openssh-9.3p1.orig/mac.c openssh-9.3p1/mac.c +--- openssh-9.3p1.orig/mac.c 2023-06-26 17:56:58.719634668 +0200 ++++ openssh-9.3p1/mac.c 2023-06-26 17:59:25.005036978 +0200 @@ -63,6 +63,7 @@ { "hmac-sha2-512", SSH_DIGEST, SSH_DIGEST_SHA512, 0, 0, 0, 0 }, { "hmac-md5", SSH_DIGEST, SSH_DIGEST_MD5, 0, 0, 0, 0 }, @@ -1356,30 +1356,30 @@ diff -Nur openssh-9.0p1.orig/mac.c openssh-9.0p1/mac.c { "umac-64@openssh.com", SSH_UMAC, 0, 0, 128, 64, 0 }, { "umac-128@openssh.com", SSH_UMAC128, 0, 0, 128, 128, 0 }, -diff -Nur openssh-9.0p1.orig/Makefile.in openssh-9.0p1/Makefile.in ---- openssh-9.0p1.orig/Makefile.in 2022-08-30 20:22:42.466819962 +0200 -+++ openssh-9.0p1/Makefile.in 2022-08-30 20:23:49.889993077 +0200 +diff -Nur openssh-9.3p1.orig/Makefile.in openssh-9.3p1/Makefile.in +--- openssh-9.3p1.orig/Makefile.in 2023-06-26 17:56:58.801634893 +0200 ++++ openssh-9.3p1/Makefile.in 2023-06-26 18:05:19.227009623 +0200 @@ -49,7 +49,7 @@ CFLAGS_NOPIE=@CFLAGS_NOPIE@ CPPFLAGS=-I. -I$(srcdir) @CPPFLAGS@ $(PATHS) @DEFS@ PICFLAG=@PICFLAG@ -LIBS=@LIBS@ +LIBS=@LIBS@ -lpthread + CHANNELLIBS=@CHANNELLIBS@ K5LIBS=@K5LIBS@ GSSLIBS=@GSSLIBS@ - SSHDLIBS=@SSHDLIBS@ -@@ -96,7 +96,7 @@ +@@ -97,7 +97,7 @@ LIBSSH_OBJS=${LIBOPENSSH_OBJS} \ authfd.o authfile.o \ canohost.o channels.o cipher.o cipher-aes.o cipher-aesctr.o \ -- cipher-ctr.o cleanup.o \ -+ cipher-ctr.o cleanup.o cipher-ctr-mt.o \ +- cleanup.o \ ++ cipher-ctr-mt.o cleanup.o \ compat.o fatal.o hostfile.o \ log.o match.o moduli.o nchan.o packet.o \ readpass.o ttymodes.o xmalloc.o addr.o addrmatch.o \ -diff -Nur openssh-9.0p1.orig/packet.c openssh-9.0p1/packet.c ---- openssh-9.0p1.orig/packet.c 2022-08-30 20:22:42.389819765 +0200 -+++ openssh-9.0p1/packet.c 2022-08-31 13:43:18.798517271 +0200 +diff -Nur openssh-9.3p1.orig/packet.c openssh-9.3p1/packet.c +--- openssh-9.3p1.orig/packet.c 2023-06-26 17:56:58.723634679 +0200 ++++ openssh-9.3p1/packet.c 2023-06-26 17:59:25.007036983 +0200 @@ -246,7 +246,7 @@ TAILQ_INIT(&ssh->public_keys); state->connection_in = -1; @@ -1463,7 +1463,7 @@ diff -Nur openssh-9.0p1.orig/packet.c openssh-9.0p1/packet.c (int64_t)state->rekey_time + state->rekey_interval <= monotime()) @@ -1342,7 +1376,7 @@ struct session_state *state = ssh->state; - int len, r, ms_remain; + int len, r, ms_remain = 0; struct pollfd pfd; - char buf[8192]; + char buf[SSH_IOBUFSZ]; @@ -1545,9 +1545,9 @@ diff -Nur openssh-9.0p1.orig/packet.c openssh-9.0p1/packet.c +{ + return ssh->state->send_context; +} -diff -Nur openssh-9.0p1.orig/packet.h openssh-9.0p1/packet.h ---- openssh-9.0p1.orig/packet.h 2022-08-30 20:22:42.390819767 +0200 -+++ openssh-9.0p1/packet.h 2022-08-30 20:23:49.892993084 +0200 +diff -Nur openssh-9.3p1.orig/packet.h openssh-9.3p1/packet.h +--- openssh-9.3p1.orig/packet.h 2023-06-26 17:56:58.724634681 +0200 ++++ openssh-9.3p1/packet.h 2023-06-26 17:59:25.008036986 +0200 @@ -86,6 +86,14 @@ /* APP data */ @@ -1586,10 +1586,10 @@ diff -Nur openssh-9.0p1.orig/packet.h openssh-9.0p1/packet.h /* new API */ int sshpkt_start(struct ssh *ssh, u_char type); -diff -Nur openssh-9.0p1.orig/progressmeter.c openssh-9.0p1/progressmeter.c ---- openssh-9.0p1.orig/progressmeter.c 2022-04-06 02:47:48.000000000 +0200 -+++ openssh-9.0p1/progressmeter.c 2022-08-30 20:23:49.893993087 +0200 -@@ -68,6 +68,8 @@ +diff -Nur openssh-9.3p1.orig/progressmeter.c openssh-9.3p1/progressmeter.c +--- openssh-9.3p1.orig/progressmeter.c 2023-03-15 22:28:19.000000000 +0100 ++++ openssh-9.3p1/progressmeter.c 2023-07-05 10:45:57.895329810 +0200 +@@ -67,6 +67,8 @@ static off_t start_pos; /* initial position of transfer */ static off_t end_pos; /* ending position of transfer */ static off_t cur_pos; /* transfer position as of last refresh */ @@ -1598,15 +1598,15 @@ diff -Nur openssh-9.0p1.orig/progressmeter.c openssh-9.0p1/progressmeter.c static volatile off_t *counter; /* progress counter */ static long stalled; /* how long we have been stalled */ static int bytes_per_second; /* current speed in bytes per second */ -@@ -127,6 +129,7 @@ +@@ -133,6 +135,7 @@ int cur_speed; int hours, minutes, seconds; - int file_len; + int file_len, cols; + off_t delta_pos; if ((!force_update && !alarm_fired && !win_resized) || !can_output()) return; -@@ -142,6 +145,10 @@ +@@ -148,6 +151,10 @@ now = monotime_double(); bytes_left = end_pos - cur_pos; @@ -1617,42 +1617,38 @@ diff -Nur openssh-9.0p1.orig/progressmeter.c openssh-9.0p1/progressmeter.c if (bytes_left > 0) elapsed = now - last_update; else { -@@ -166,7 +173,7 @@ +@@ -171,13 +178,14 @@ + bytes_per_second = cur_speed; + + last_update = now; ++ last_pos = cur_pos; + + /* Don't bother if we can't even display the completion percentage */ + if (win_size < 4) + return; /* filename */ - buf[0] = '\0'; -- file_len = win_size - 36; -+ file_len = win_size - 45; +- file_len = cols = win_size - 36; ++ file_len = cols = win_size - 45; if (file_len > 0) { - buf[0] = '\r'; - snmprintf(buf+1, sizeof(buf)-1, &file_len, "%-*s", -@@ -191,6 +198,15 @@ - (off_t)bytes_per_second); - strlcat(buf, "/s ", win_size); + asmprintf(&buf, INT_MAX, &cols, "%-*s", file_len, file); + /* If we used fewer columns than expected then pad */ +@@ -194,6 +202,12 @@ + xextendf(&buf, NULL, " %3d%% %s %s/s ", percent, format_size(cur_pos), + format_rate((off_t)bytes_per_second)); + /* instantaneous rate */ + if (bytes_left > 0) -+ format_rate(buf + strlen(buf), win_size - strlen(buf), -+ delta_pos); ++ xextendf(&buf, NULL, "%s/s ", format_rate(delta_pos)); + else -+ format_rate(buf + strlen(buf), win_size - strlen(buf), -+ max_delta_pos); -+ strlcat(buf, "/s ", win_size); ++ xextendf(&buf, NULL, "%s/s ", format_rate(max_delta_pos)); + /* ETA */ if (!transferred) stalled += elapsed; -@@ -227,6 +243,7 @@ - - atomicio(vwrite, STDOUT_FILENO, buf, win_size - 1); - last_update = now; -+ last_pos = cur_pos; - } - - /*ARGSUSED*/ -diff -Nur openssh-9.0p1.orig/readconf.c openssh-9.0p1/readconf.c ---- openssh-9.0p1.orig/readconf.c 2022-08-30 20:22:42.471819975 +0200 -+++ openssh-9.0p1/readconf.c 2022-08-30 20:23:49.894993090 +0200 +diff -Nur openssh-9.3p1.orig/readconf.c openssh-9.3p1/readconf.c +--- openssh-9.3p1.orig/readconf.c 2023-06-26 17:56:58.806634907 +0200 ++++ openssh-9.3p1/readconf.c 2023-06-26 17:59:25.011036994 +0200 @@ -67,6 +67,7 @@ #include "uidswap.h" #include "myproposal.h" @@ -1671,7 +1667,7 @@ diff -Nur openssh-9.0p1.orig/readconf.c openssh-9.0p1/readconf.c oVisualHostKey, oKexAlgorithms, oIPQoS, oRequestTTY, oSessionType, oStdinNull, oForkAfterAuthentication, oIgnoreUnknown, oProxyUseFdpass, -@@ -313,6 +317,10 @@ +@@ -314,6 +318,10 @@ { "kexalgorithms", oKexAlgorithms }, { "ipqos", oIPQoS }, { "requesttty", oRequestTTY }, @@ -1682,9 +1678,9 @@ diff -Nur openssh-9.0p1.orig/readconf.c openssh-9.0p1/readconf.c { "sessiontype", oSessionType }, { "stdinnull", oStdinNull }, { "forkafterauthentication", oForkAfterAuthentication }, -@@ -337,6 +345,11 @@ - { "requiredrsasize", oRequiredRSASize }, +@@ -340,6 +348,11 @@ { "rsaminsize", oRequiredRSASize }, /* alias */ + { "enableescapecommandline", oEnableEscapeCommandline }, + { "tcprcvbufpoll", oTcpRcvBufPoll }, + { "tcprcvbuf", oTcpRcvBuf }, @@ -1694,7 +1690,7 @@ diff -Nur openssh-9.0p1.orig/readconf.c openssh-9.0p1/readconf.c { NULL, oBadOption } }; -@@ -1183,6 +1196,46 @@ +@@ -1182,6 +1195,46 @@ intptr = &options->check_host_ip; goto parse_flag; @@ -1741,7 +1737,7 @@ diff -Nur openssh-9.0p1.orig/readconf.c openssh-9.0p1/readconf.c case oVerifyHostKeyDNS: intptr = &options->verify_host_key_dns; multistate_ptr = multistate_yesnoask; -@@ -1437,6 +1490,10 @@ +@@ -1436,6 +1489,10 @@ *intptr = value; break; @@ -1752,7 +1748,7 @@ diff -Nur openssh-9.0p1.orig/readconf.c openssh-9.0p1/readconf.c case oCiphers: arg = argv_next(&ac, &av); if (!arg || *arg == '\0') { -@@ -2481,6 +2538,14 @@ +@@ -2476,6 +2533,14 @@ options->ip_qos_interactive = -1; options->ip_qos_bulk = -1; options->request_tty = -1; @@ -1767,7 +1763,7 @@ diff -Nur openssh-9.0p1.orig/readconf.c openssh-9.0p1/readconf.c options->session_type = -1; options->stdin_null = -1; options->fork_after_authentication = -1; -@@ -2657,6 +2722,43 @@ +@@ -2653,6 +2718,43 @@ options->server_alive_interval = 0; if (options->server_alive_count_max == -1) options->server_alive_count_max = 3; @@ -1811,10 +1807,10 @@ diff -Nur openssh-9.0p1.orig/readconf.c openssh-9.0p1/readconf.c if (options->control_master == -1) options->control_master = 0; if (options->control_persist == -1) { -diff -Nur openssh-9.0p1.orig/readconf.h openssh-9.0p1/readconf.h ---- openssh-9.0p1.orig/readconf.h 2022-08-30 20:22:42.471819975 +0200 -+++ openssh-9.0p1/readconf.h 2022-08-30 20:23:49.895993092 +0200 -@@ -55,6 +55,10 @@ +diff -Nur openssh-9.3p1.orig/readconf.h openssh-9.3p1/readconf.h +--- openssh-9.3p1.orig/readconf.h 2023-06-26 17:56:58.806634907 +0200 ++++ openssh-9.3p1/readconf.h 2023-06-26 17:59:25.012036996 +0200 +@@ -56,6 +56,10 @@ int strict_host_key_checking; /* Strict host key checking. */ int compression; /* Compress packets in both directions. */ int tcp_keep_alive; /* Set SO_KEEPALIVE. */ @@ -1825,7 +1821,7 @@ diff -Nur openssh-9.0p1.orig/readconf.h openssh-9.0p1/readconf.h int ip_qos_interactive; /* IP ToS/DSCP/class for interactive */ int ip_qos_bulk; /* IP ToS/DSCP/class for bulk traffic */ SyslogFacility log_facility; /* Facility for system logging. */ -@@ -126,7 +130,12 @@ +@@ -127,7 +131,12 @@ int enable_ssh_keysign; int64_t rekey_limit; @@ -1838,11 +1834,11 @@ diff -Nur openssh-9.0p1.orig/readconf.h openssh-9.0p1/readconf.h int no_host_authentication_for_localhost; int identities_only; int server_alive_interval; -diff -Nur openssh-9.0p1.orig/regress/integrity.sh openssh-9.0p1/regress/integrity.sh ---- openssh-9.0p1.orig/regress/integrity.sh 2022-04-06 02:47:48.000000000 +0200 -+++ openssh-9.0p1/regress/integrity.sh 2022-08-30 20:23:49.895993092 +0200 +diff -Nur openssh-9.3p1.orig/regress/integrity.sh openssh-9.3p1/regress/integrity.sh +--- openssh-9.3p1.orig/regress/integrity.sh 2023-03-15 22:28:19.000000000 +0100 ++++ openssh-9.3p1/regress/integrity.sh 2023-06-26 17:59:25.013036999 +0200 @@ -21,6 +21,12 @@ - cmd="$SUDO env SSH_SK_HELPER="$SSH_SK_HELPER" sh ${SRC}/sshd-log-wrapper.sh ${TEST_SSHD_LOGFILE} ${SSHD} -i -f $OBJ/sshd_proxy" + cmd="$SUDO env SSH_SK_HELPER="$SSH_SK_HELPER" sh ${OBJ}/sshd-log-wrapper.sh -i -f $OBJ/sshd_proxy" for m in $macs; do + # the none mac is now valid but tests against it will succeed when we expect it to @@ -1854,10 +1850,10 @@ diff -Nur openssh-9.0p1.orig/regress/integrity.sh openssh-9.0p1/regress/integrit trace "test $tid: mac $m" elen=0 epad=0 -diff -Nur openssh-9.0p1.orig/sandbox-seccomp-filter.c openssh-9.0p1/sandbox-seccomp-filter.c ---- openssh-9.0p1.orig/sandbox-seccomp-filter.c 2022-08-30 20:22:42.405819806 +0200 -+++ openssh-9.0p1/sandbox-seccomp-filter.c 2022-08-30 20:23:49.896993095 +0200 -@@ -225,6 +225,9 @@ +diff -Nur openssh-9.3p1.orig/sandbox-seccomp-filter.c openssh-9.3p1/sandbox-seccomp-filter.c +--- openssh-9.3p1.orig/sandbox-seccomp-filter.c 2023-06-26 17:56:58.742634731 +0200 ++++ openssh-9.3p1/sandbox-seccomp-filter.c 2023-06-26 17:59:25.013036999 +0200 +@@ -295,6 +295,9 @@ #ifdef __NR_geteuid32 SC_ALLOW(__NR_geteuid32), #endif @@ -1867,7 +1863,7 @@ diff -Nur openssh-9.0p1.orig/sandbox-seccomp-filter.c openssh-9.0p1/sandbox-secc #ifdef __NR_getpgid SC_ALLOW(__NR_getpgid), #endif -@@ -327,6 +330,9 @@ +@@ -413,6 +416,9 @@ #ifdef __NR_sigprocmask SC_ALLOW(__NR_sigprocmask), #endif @@ -1877,10 +1873,10 @@ diff -Nur openssh-9.0p1.orig/sandbox-seccomp-filter.c openssh-9.0p1/sandbox-secc #ifdef __NR_time SC_ALLOW(__NR_time), #endif -diff -Nur openssh-9.0p1.orig/scp.c openssh-9.0p1/scp.c ---- openssh-9.0p1.orig/scp.c 2022-08-30 20:22:42.444819906 +0200 -+++ openssh-9.0p1/scp.c 2022-08-30 20:23:49.897993097 +0200 -@@ -1605,7 +1605,7 @@ +diff -Nur openssh-9.3p1.orig/scp.c openssh-9.3p1/scp.c +--- openssh-9.3p1.orig/scp.c 2023-06-26 17:56:58.782634841 +0200 ++++ openssh-9.3p1/scp.c 2023-06-26 17:59:25.015037005 +0200 +@@ -1670,7 +1670,7 @@ off_t size, statbytes; unsigned long long ull; int setimes, targisdir, wrerr; @@ -1889,9 +1885,9 @@ diff -Nur openssh-9.0p1.orig/scp.c openssh-9.0p1/scp.c char **patterns = NULL; size_t n, npatterns = 0; struct timeval tv[2]; -diff -Nur openssh-9.0p1.orig/servconf.c openssh-9.0p1/servconf.c ---- openssh-9.0p1.orig/servconf.c 2022-08-30 20:22:42.473819980 +0200 -+++ openssh-9.0p1/servconf.c 2022-08-30 20:23:49.899993103 +0200 +diff -Nur openssh-9.3p1.orig/servconf.c openssh-9.3p1/servconf.c +--- openssh-9.3p1.orig/servconf.c 2023-06-26 17:56:58.807634910 +0200 ++++ openssh-9.3p1/servconf.c 2023-06-26 17:59:25.016037008 +0200 @@ -70,6 +70,7 @@ #include "auth.h" #include "myproposal.h" @@ -1913,7 +1909,7 @@ diff -Nur openssh-9.0p1.orig/servconf.c openssh-9.0p1/servconf.c options->ip_qos_interactive = -1; options->ip_qos_bulk = -1; options->version_addendum = NULL; -@@ -291,6 +298,10 @@ +@@ -294,6 +301,10 @@ fill_default_server_options(ServerOptions *options) { u_int i; @@ -1924,7 +1920,7 @@ diff -Nur openssh-9.0p1.orig/servconf.c openssh-9.0p1/servconf.c /* Portable-specific options */ if (options->use_pam == -1) -@@ -462,6 +473,51 @@ +@@ -465,6 +476,51 @@ } if (options->permit_tun == -1) options->permit_tun = SSH_TUNMODE_NO; @@ -1976,7 +1972,7 @@ diff -Nur openssh-9.0p1.orig/servconf.c openssh-9.0p1/servconf.c if (options->ip_qos_interactive == -1) options->ip_qos_interactive = IPTOS_DSCP_AF21; if (options->ip_qos_bulk == -1) -@@ -534,6 +590,9 @@ +@@ -546,6 +602,9 @@ sKerberosGetAFSToken, sKerberosUniqueCCache, sKerberosUseKuserok, sPasswordAuthentication, sKbdInteractiveAuthentication, sListenAddress, sAddressFamily, sPrintMotd, sPrintLastLog, sIgnoreRhosts, @@ -1986,7 +1982,7 @@ diff -Nur openssh-9.0p1.orig/servconf.c openssh-9.0p1/servconf.c sX11Forwarding, sX11DisplayOffset, sX11MaxDisplays, sX11UseLocalhost, sPermitTTY, sStrictModes, sEmptyPasswd, sTCPKeepAlive, sPermitUserEnvironment, sAllowTcpForwarding, sCompression, -@@ -735,6 +794,12 @@ +@@ -747,6 +806,12 @@ { "revokedkeys", sRevokedKeys, SSHCFG_ALL }, { "trustedusercakeys", sTrustedUserCAKeys, SSHCFG_ALL }, { "authorizedprincipalsfile", sAuthorizedPrincipalsFile, SSHCFG_ALL }, @@ -1999,7 +1995,7 @@ diff -Nur openssh-9.0p1.orig/servconf.c openssh-9.0p1/servconf.c { "kexalgorithms", sKexAlgorithms, SSHCFG_GLOBAL }, { "include", sInclude, SSHCFG_ALL }, { "ipqos", sIPQoS, SSHCFG_ALL }, -@@ -794,6 +859,7 @@ +@@ -809,6 +874,7 @@ for (i = 0; keywords[i].name; i++) if (strcasecmp(cp, keywords[i].name) == 0) { @@ -2007,7 +2003,7 @@ diff -Nur openssh-9.0p1.orig/servconf.c openssh-9.0p1/servconf.c *flags = keywords[i].flags; return keywords[i].opcode; } -@@ -1569,12 +1635,36 @@ +@@ -1636,12 +1702,36 @@ multistate_ptr = multistate_ignore_rhosts; goto parse_multistate; @@ -2044,9 +2040,9 @@ diff -Nur openssh-9.0p1.orig/servconf.c openssh-9.0p1/servconf.c case sHostbasedAuthentication: intptr = &options->hostbased_authentication; goto parse_flag; -diff -Nur openssh-9.0p1.orig/servconf.h openssh-9.0p1/servconf.h ---- openssh-9.0p1.orig/servconf.h 2022-08-30 20:22:42.473819980 +0200 -+++ openssh-9.0p1/servconf.h 2022-08-30 20:23:49.900993105 +0200 +diff -Nur openssh-9.3p1.orig/servconf.h openssh-9.3p1/servconf.h +--- openssh-9.3p1.orig/servconf.h 2023-06-26 17:56:58.808634912 +0200 ++++ openssh-9.3p1/servconf.h 2023-06-26 17:59:25.017037010 +0200 @@ -214,6 +214,13 @@ int use_pam; /* Enable auth via PAM */ int permit_pam_user_change; /* Allow PAM to change user name */ @@ -2061,10 +2057,10 @@ diff -Nur openssh-9.0p1.orig/servconf.h openssh-9.0p1/servconf.h int permit_tun; char **permitted_opens; /* May also be one of PERMITOPEN_* */ -diff -Nur openssh-9.0p1.orig/serverloop.c openssh-9.0p1/serverloop.c ---- openssh-9.0p1.orig/serverloop.c 2022-08-30 20:22:42.446819911 +0200 -+++ openssh-9.0p1/serverloop.c 2022-08-30 20:23:49.900993105 +0200 -@@ -342,6 +342,7 @@ +diff -Nur openssh-9.3p1.orig/serverloop.c openssh-9.3p1/serverloop.c +--- openssh-9.3p1.orig/serverloop.c 2023-06-26 17:56:58.784634846 +0200 ++++ openssh-9.3p1/serverloop.c 2023-06-26 17:59:25.018037013 +0200 +@@ -347,6 +347,7 @@ sigset_t bsigset, osigset; debug("Entering interactive session for SSH2."); @@ -2072,7 +2068,7 @@ diff -Nur openssh-9.0p1.orig/serverloop.c openssh-9.0p1/serverloop.c if (sigemptyset(&bsigset) == -1 || sigaddset(&bsigset, SIGCHLD) == -1) error_f("bsigset setup: %s", strerror(errno)); -@@ -388,6 +389,7 @@ +@@ -386,6 +387,7 @@ if (received_sigterm) { logit("Exiting on signal %d", (int)received_sigterm); @@ -2080,7 +2076,7 @@ diff -Nur openssh-9.0p1.orig/serverloop.c openssh-9.0p1/serverloop.c /* Clean up sessions, utmp, etc. */ cleanup_exit(255); } -@@ -409,6 +411,9 @@ +@@ -406,6 +408,9 @@ /* free all channels, no more reads and writes */ channel_free_all(ssh); @@ -2090,7 +2086,7 @@ diff -Nur openssh-9.0p1.orig/serverloop.c openssh-9.0p1/serverloop.c /* free remaining sessions, e.g. remove wtmp entries */ session_destroy_all(ssh, NULL); } -@@ -559,7 +564,8 @@ +@@ -556,7 +561,8 @@ debug("Tunnel forwarding using interface %s", ifname); c = channel_new(ssh, "tun", SSH_CHANNEL_OPEN, sock, sock, -1, @@ -2100,7 +2096,7 @@ diff -Nur openssh-9.0p1.orig/serverloop.c openssh-9.0p1/serverloop.c c->datagram = 1; #if defined(SSH_TUN_FILTER) if (mode == SSH_TUNMODE_POINTOPOINT) -@@ -610,6 +616,8 @@ +@@ -607,6 +613,8 @@ c = channel_new(ssh, "session", SSH_CHANNEL_LARVAL, -1, -1, -1, /*window size*/0, CHAN_SES_PACKET_DEFAULT, 0, "server-session", 1); @@ -2109,18 +2105,18 @@ diff -Nur openssh-9.0p1.orig/serverloop.c openssh-9.0p1/serverloop.c if (session_open(the_authctxt, c->self) != 1) { debug("session open failed, free channel %d", c->self); channel_free(ssh, c); -diff -Nur openssh-9.0p1.orig/session.c openssh-9.0p1/session.c ---- openssh-9.0p1.orig/session.c 2022-08-30 20:22:42.447819914 +0200 -+++ openssh-9.0p1/session.c 2022-08-30 20:23:49.902993110 +0200 -@@ -227,6 +227,7 @@ +diff -Nur openssh-9.3p1.orig/session.c openssh-9.3p1/session.c +--- openssh-9.3p1.orig/session.c 2023-06-26 17:56:58.732634703 +0200 ++++ openssh-9.3p1/session.c 2023-07-05 10:50:50.184150123 +0200 +@@ -226,6 +226,7 @@ goto authsock_err; /* Allocate a channel for the authentication agent socket. */ + /* this shouldn't matter if its hpn or not - cjr */ - nc = channel_new(ssh, "auth socket", + nc = channel_new(ssh, "auth-listener", SSH_CHANNEL_AUTH_SOCKET, sock, sock, -1, CHAN_X11_WINDOW_DEFAULT, CHAN_X11_PACKET_DEFAULT, -@@ -2362,7 +2363,8 @@ +@@ -2369,7 +2370,8 @@ channel_set_fds(ssh, s->chanid, fdout, fdin, fderr, ignore_fderr ? CHAN_EXTENDED_IGNORE : CHAN_EXTENDED_READ, @@ -2130,10 +2126,10 @@ diff -Nur openssh-9.0p1.orig/session.c openssh-9.0p1/session.c } /* -diff -Nur openssh-9.0p1.orig/sftp.1 openssh-9.0p1/sftp.1 ---- openssh-9.0p1.orig/sftp.1 2022-04-06 02:47:48.000000000 +0200 -+++ openssh-9.0p1/sftp.1 2022-08-30 20:23:49.903993113 +0200 -@@ -295,7 +295,8 @@ +diff -Nur openssh-9.3p1.orig/sftp.1 openssh-9.3p1/sftp.1 +--- openssh-9.3p1.orig/sftp.1 2023-03-15 22:28:19.000000000 +0100 ++++ openssh-9.3p1/sftp.1 2023-06-26 17:59:25.021037021 +0200 +@@ -299,7 +299,8 @@ Specify how many requests may be outstanding at any one time. Increasing this may slightly improve file transfer speed but will increase memory usage. @@ -2143,21 +2139,21 @@ diff -Nur openssh-9.0p1.orig/sftp.1 openssh-9.0p1/sftp.1 .It Fl r Recursively copy entire directories when uploading and downloading. Note that -diff -Nur openssh-9.0p1.orig/sftp-client.c openssh-9.0p1/sftp-client.c ---- openssh-9.0p1.orig/sftp-client.c 2022-08-30 20:22:42.417819836 +0200 -+++ openssh-9.0p1/sftp-client.c 2022-08-30 20:23:49.904993115 +0200 +diff -Nur openssh-9.3p1.orig/sftp-client.c openssh-9.3p1/sftp-client.c +--- openssh-9.3p1.orig/sftp-client.c 2023-06-26 17:56:58.702634621 +0200 ++++ openssh-9.3p1/sftp-client.c 2023-06-26 18:01:56.954454674 +0200 @@ -72,7 +72,7 @@ #define DEFAULT_COPY_BUFLEN 32768 - /* Default number of concurrent outstanding requests */ + /* Default number of concurrent xfer requests (fix sftp.1 scp.1 if changed) */ -#define DEFAULT_NUM_REQUESTS 64 +#define DEFAULT_NUM_REQUESTS 256 /* Minimum amount of data to read at a time */ #define MIN_READ_SIZE 512 -diff -Nur openssh-9.0p1.orig/ssh_api.c openssh-9.0p1/ssh_api.c ---- openssh-9.0p1.orig/ssh_api.c 2022-04-06 02:47:48.000000000 +0200 -+++ openssh-9.0p1/ssh_api.c 2022-08-30 20:23:49.904993115 +0200 +diff -Nur openssh-9.3p1.orig/ssh_api.c openssh-9.3p1/ssh_api.c +--- openssh-9.3p1.orig/ssh_api.c 2023-03-15 22:28:19.000000000 +0100 ++++ openssh-9.3p1/ssh_api.c 2023-06-26 17:59:25.024037030 +0200 @@ -410,7 +410,7 @@ char *cp; int r; @@ -2167,9 +2163,9 @@ diff -Nur openssh-9.0p1.orig/ssh_api.c openssh-9.0p1/ssh_api.c return r; if ((r = sshbuf_putb(ssh_packet_get_output(ssh), banner)) != 0) return r; -diff -Nur openssh-9.0p1.orig/sshbuf.h openssh-9.0p1/sshbuf.h ---- openssh-9.0p1.orig/sshbuf.h 2022-04-06 02:47:48.000000000 +0200 -+++ openssh-9.0p1/sshbuf.h 2022-08-30 20:23:49.905993118 +0200 +diff -Nur openssh-9.3p1.orig/sshbuf.h openssh-9.3p1/sshbuf.h +--- openssh-9.3p1.orig/sshbuf.h 2023-03-15 22:28:19.000000000 +0100 ++++ openssh-9.3p1/sshbuf.h 2023-06-26 17:59:25.024037030 +0200 @@ -28,7 +28,7 @@ # endif /* OPENSSL_HAS_ECC */ #endif /* WITH_OPENSSL */ @@ -2179,10 +2175,10 @@ diff -Nur openssh-9.0p1.orig/sshbuf.h openssh-9.0p1/sshbuf.h #define SSHBUF_REFS_MAX 0x100000 /* Max child buffers */ #define SSHBUF_MAX_BIGNUM (16384 / 8) /* Max bignum *bytes* */ #define SSHBUF_MAX_ECPOINT ((528 * 2 / 8) + 1) /* Max EC point *bytes* */ -diff -Nur openssh-9.0p1.orig/ssh.c openssh-9.0p1/ssh.c ---- openssh-9.0p1.orig/ssh.c 2022-08-30 20:22:42.475819985 +0200 -+++ openssh-9.0p1/ssh.c 2022-08-30 20:23:49.906993121 +0200 -@@ -1065,6 +1065,10 @@ +diff -Nur openssh-9.3p1.orig/ssh.c openssh-9.3p1/ssh.c +--- openssh-9.3p1.orig/ssh.c 2023-06-26 17:56:58.809634915 +0200 ++++ openssh-9.3p1/ssh.c 2023-06-26 17:59:25.025037033 +0200 +@@ -1069,6 +1069,10 @@ break; case 'T': options.request_tty = REQUEST_TTY_NO; @@ -2193,7 +2189,7 @@ diff -Nur openssh-9.0p1.orig/ssh.c openssh-9.0p1/ssh.c break; case 'o': line = xstrdup(optarg); -@@ -1801,6 +1805,8 @@ +@@ -1815,6 +1819,8 @@ setproctitle("%s [mux]", options.control_path); } @@ -2202,7 +2198,7 @@ diff -Nur openssh-9.0p1.orig/ssh.c openssh-9.0p1/ssh.c /* Do fork() after authentication. Used by "ssh -f" */ static void fork_postauth(void) -@@ -2118,6 +2124,79 @@ +@@ -2132,6 +2138,79 @@ NULL, fileno(stdin), command, environ); } @@ -2282,7 +2278,7 @@ diff -Nur openssh-9.0p1.orig/ssh.c openssh-9.0p1/ssh.c /* open new channel for a session */ static int ssh_session2_open(struct ssh *ssh) -@@ -2136,9 +2215,11 @@ +@@ -2150,9 +2229,11 @@ if (in == -1 || out == -1 || err == -1) fatal("dup() in/out/err failed"); @@ -2295,7 +2291,7 @@ diff -Nur openssh-9.0p1.orig/ssh.c openssh-9.0p1/ssh.c window >>= 1; packetmax >>= 1; } -@@ -2149,6 +2230,11 @@ +@@ -2163,6 +2244,11 @@ debug3_f("channel_new: %d", c->self); @@ -2307,7 +2303,7 @@ diff -Nur openssh-9.0p1.orig/ssh.c openssh-9.0p1/ssh.c channel_send_open(ssh, c->self); if (options.session_type != SESSION_TYPE_NONE) channel_register_open_confirm(ssh, c->self, -@@ -2163,6 +2249,13 @@ +@@ -2177,6 +2263,13 @@ int r, id = -1; char *cp, *tun_fwd_ifname = NULL; @@ -2321,10 +2317,18 @@ diff -Nur openssh-9.0p1.orig/ssh.c openssh-9.0p1/ssh.c /* XXX should be pre-session */ if (!options.control_persist) ssh_init_stdio_forwarding(ssh); -diff -Nur openssh-9.0p1.orig/sshconnect2.c openssh-9.0p1/sshconnect2.c ---- openssh-9.0p1.orig/sshconnect2.c 2022-08-30 20:22:42.477819991 +0200 -+++ openssh-9.0p1/sshconnect2.c 2022-08-30 20:23:49.907993123 +0200 -@@ -86,6 +86,13 @@ +diff -Nur openssh-9.3p1.orig/sshconnect2.c openssh-9.3p1/sshconnect2.c +--- openssh-9.3p1.orig/sshconnect2.c 2023-06-26 17:56:58.811634921 +0200 ++++ openssh-9.3p1/sshconnect2.c 2023-07-05 04:58:43.822783207 +0200 +@@ -76,6 +76,7 @@ + #include "utf8.h" + #include "ssh-sk.h" + #include "sk-api.h" ++#include "myproposal.h" + + #ifdef GSSAPI + #include "ssh-gss.h" +@@ -85,6 +86,13 @@ extern Options options; /* @@ -2338,7 +2342,7 @@ diff -Nur openssh-9.0p1.orig/sshconnect2.c openssh-9.0p1/sshconnect2.c * SSH2 key exchange */ -@@ -216,6 +223,8 @@ +@@ -216,6 +224,8 @@ return ret; } @@ -2347,18 +2351,16 @@ diff -Nur openssh-9.0p1.orig/sshconnect2.c openssh-9.0p1/sshconnect2.c void ssh_kex2(struct ssh *ssh, char *host, struct sockaddr *hostaddr, u_short port, const struct ssh_conn_info *cinfo) -@@ -231,6 +240,10 @@ +@@ -229,6 +239,8 @@ char *gss_host = NULL; #endif -+ memcpy(&myproposal, &myproposal_default, sizeof(myproposal)); -+ + memcpy(&myproposal, &myproposal_default, sizeof(myproposal)); + xxx_host = host; xxx_hostaddr = hostaddr; xxx_conn_info = cinfo; -@@ -583,6 +596,53 @@ +@@ -577,6 +589,53 @@ if (!authctxt.success) fatal("Authentication failed."); @@ -2412,10 +2414,10 @@ diff -Nur openssh-9.0p1.orig/sshconnect2.c openssh-9.0p1/sshconnect2.c if (ssh_packet_connection_is_on_socket(ssh)) { verbose("Authenticated to %s ([%s]:%d) using \"%s\".", host, ssh_remote_ipaddr(ssh), ssh_remote_port(ssh), -diff -Nur openssh-9.0p1.orig/sshconnect.c openssh-9.0p1/sshconnect.c ---- openssh-9.0p1.orig/sshconnect.c 2022-08-30 20:22:42.325819600 +0200 -+++ openssh-9.0p1/sshconnect.c 2022-08-30 20:23:49.909993128 +0200 -@@ -345,6 +345,30 @@ +diff -Nur openssh-9.3p1.orig/sshconnect.c openssh-9.3p1/sshconnect.c +--- openssh-9.3p1.orig/sshconnect.c 2023-06-26 17:56:58.650634478 +0200 ++++ openssh-9.3p1/sshconnect.c 2023-06-26 17:59:25.028037041 +0200 +@@ -344,6 +344,30 @@ #endif /* @@ -2446,9 +2448,9 @@ diff -Nur openssh-9.0p1.orig/sshconnect.c openssh-9.0p1/sshconnect.c * Creates a socket for use as the ssh connection. */ static int -@@ -366,6 +390,9 @@ +@@ -365,6 +389,9 @@ } - fcntl(sock, F_SETFD, FD_CLOEXEC); + (void)fcntl(sock, F_SETFD, FD_CLOEXEC); + if (options.tcp_rcv_buf > 0) + ssh_set_socket_recvbuf(sock); @@ -2456,10 +2458,10 @@ diff -Nur openssh-9.0p1.orig/sshconnect.c openssh-9.0p1/sshconnect.c /* Use interactive QOS (if specified) until authentication completed */ if (options.ip_qos_interactive != INT_MAX) set_sock_tos(sock, options.ip_qos_interactive); -diff -Nur openssh-9.0p1.orig/sshd.c openssh-9.0p1/sshd.c ---- openssh-9.0p1.orig/sshd.c 2022-08-30 20:22:42.478819993 +0200 -+++ openssh-9.0p1/sshd.c 2022-08-30 20:23:49.910993131 +0200 -@@ -1106,6 +1106,8 @@ +diff -Nur openssh-9.3p1.orig/sshd.c openssh-9.3p1/sshd.c +--- openssh-9.3p1.orig/sshd.c 2023-06-26 17:56:58.812634923 +0200 ++++ openssh-9.3p1/sshd.c 2023-07-05 11:08:30.843125617 +0200 +@@ -1093,6 +1093,8 @@ int ret, listen_sock; struct addrinfo *ai; char ntop[NI_MAXHOST], strport[NI_MAXSERV]; @@ -2468,7 +2470,7 @@ diff -Nur openssh-9.0p1.orig/sshd.c openssh-9.0p1/sshd.c for (ai = la->addrs; ai; ai = ai->ai_next) { if (ai->ai_family != AF_INET && ai->ai_family != AF_INET6) -@@ -1151,6 +1153,11 @@ +@@ -1138,6 +1140,11 @@ debug("Bind to port %s on %s.", strport, ntop); @@ -2480,7 +2482,7 @@ diff -Nur openssh-9.0p1.orig/sshd.c openssh-9.0p1/sshd.c /* Bind the socket to the desired port. */ if (bind(listen_sock, ai->ai_addr, ai->ai_addrlen) == -1) { error("Bind to port %s on %s failed: %.200s.", -@@ -1857,6 +1864,19 @@ +@@ -1876,6 +1883,19 @@ /* Fill in default values for those options not explicitly set. */ fill_default_server_options(&options); @@ -2500,7 +2502,7 @@ diff -Nur openssh-9.0p1.orig/sshd.c openssh-9.0p1/sshd.c /* Check that options are sensible */ if (options.authorized_keys_command_user == NULL && (options.authorized_keys_command != NULL && -@@ -2311,6 +2331,9 @@ +@@ -2359,6 +2379,9 @@ rdomain == NULL ? "" : "\""); free(laddr); @@ -2510,7 +2512,7 @@ diff -Nur openssh-9.0p1.orig/sshd.c openssh-9.0p1/sshd.c /* * We don't want to listen forever unless the other side * successfully authenticates itself. So we set up an alarm which is -@@ -2423,6 +2446,25 @@ +@@ -2471,6 +2494,25 @@ /* Try to send all our hostkeys to the client */ notify_hostkeys(ssh); @@ -2536,8 +2538,8 @@ diff -Nur openssh-9.0p1.orig/sshd.c openssh-9.0p1/sshd.c /* Start session. */ do_authenticated(ssh, authctxt); -@@ -2498,6 +2540,11 @@ - char *prop_kex = NULL, *prop_enc = NULL, *prop_hostkey = NULL; +@@ -2545,6 +2587,11 @@ + struct kex *kex; int r; + if (options.none_enabled == 1) @@ -2545,12 +2547,12 @@ diff -Nur openssh-9.0p1.orig/sshd.c openssh-9.0p1/sshd.c + if (options.nonemac_enabled == 1) + debug("WARNING: None MAC enabled"); + - myproposal[PROPOSAL_KEX_ALGS] = prop_kex = compat_kex_proposal(ssh, - options.kex_algorithms); - myproposal[PROPOSAL_ENC_ALGS_CTOS] = -diff -Nur openssh-9.0p1.orig/sshd_config openssh-9.0p1/sshd_config ---- openssh-9.0p1.orig/sshd_config 2022-08-30 20:22:42.478819993 +0200 -+++ openssh-9.0p1/sshd_config 2022-08-30 20:23:49.911993133 +0200 + if (options.rekey_limit || options.rekey_interval) + ssh_packet_set_rekey_limits(ssh, options.rekey_limit, + options.rekey_interval); +diff -Nur openssh-9.3p1.orig/sshd_config openssh-9.3p1/sshd_config +--- openssh-9.3p1.orig/sshd_config 2023-06-26 17:56:58.813634926 +0200 ++++ openssh-9.3p1/sshd_config 2023-06-26 17:59:25.030037046 +0200 @@ -127,6 +127,28 @@ # override default of no subsystems Subsystem sftp /usr/libexec/sftp-server @@ -2580,9 +2582,9 @@ diff -Nur openssh-9.0p1.orig/sshd_config openssh-9.0p1/sshd_config # Example of overriding settings on a per-user basis #Match User anoncvs # X11Forwarding no -diff -Nur openssh-9.0p1.orig/version.h openssh-9.0p1/version.h ---- openssh-9.0p1.orig/version.h 2022-08-30 20:22:42.480819998 +0200 -+++ openssh-9.0p1/version.h 2022-08-30 20:23:49.911993133 +0200 +diff -Nur openssh-9.3p1.orig/version.h openssh-9.3p1/version.h +--- openssh-9.3p1.orig/version.h 2023-06-26 17:56:58.814634929 +0200 ++++ openssh-9.3p1/version.h 2023-06-26 17:59:25.031037049 +0200 @@ -16,5 +16,6 @@ #define SSH_PORTABLE "p1" diff --git a/openssh-configure-c99-1.patch b/openssh-configure-c99-1.patch deleted file mode 100644 index a2c69aa..0000000 --- a/openssh-configure-c99-1.patch +++ /dev/null @@ -1,26 +0,0 @@ -commit 40b0a5eb6e3edfa2886b60c09c7803353b0cc7f5 -Author: Sam James -Date: Sun Nov 6 04:47:35 2022 +0000 - - configure.ac: Add include for openpty - - Another Clang 16ish fix (which makes -Wimplicit-function-declaration - an error by default). github PR#355. - - See: 2efd71da49b9cfeab7987058cf5919e473ff466b - See: be197635329feb839865fdc738e34e24afd1fca8 - -diff --git a/configure.ac b/configure.ac -index 1e77ecfc..1866aea5 100644 ---- a/configure.ac -+++ b/configure.ac -@@ -2373,6 +2373,9 @@ if test ! -z "$check_for_openpty_ctty_bug"; then - #include - #include - #include -+#ifdef HAVE_PTY_H -+# include -+#endif - #include - #include - #include diff --git a/openssh-configure-c99-2.patch b/openssh-configure-c99-2.patch deleted file mode 100644 index 693e64f..0000000 --- a/openssh-configure-c99-2.patch +++ /dev/null @@ -1,47 +0,0 @@ -commit 32fddb982fd61b11a2f218a115975a87ab126d43 -Author: Darren Tucker -Date: Mon Nov 7 10:39:01 2022 +1100 - - Fix setres*id checks to work with clang-16. - - glibc has the prototypes for setresuid and setresgid behind _GNU_SOURCE, - and clang 16 will error out on implicit function definitions, so add - _GNU_SOURCE and the required headers to the configure checks. From - sam at @gentoo.org via bz#3497. - -diff --git a/configure.ac b/configure.ac -index 4bf758ac..e172540a 100644 ---- a/configure.ac -+++ b/configure.ac -@@ -863,7 +863,8 @@ int main(void) { if (NSVersionOfRunTimeLibrary("System") >= (60 << 16)) - check_for_openpty_ctty_bug=1 - dnl Target SUSv3/POSIX.1-2001 plus BSD specifics. - dnl _DEFAULT_SOURCE is the new name for _BSD_SOURCE -- CPPFLAGS="$CPPFLAGS -D_XOPEN_SOURCE=600 -D_BSD_SOURCE -D_DEFAULT_SOURCE" -+ dnl _GNU_SOURCE is needed for setres*id prototypes. -+ CPPFLAGS="$CPPFLAGS -D_XOPEN_SOURCE=600 -D_BSD_SOURCE -D_DEFAULT_SOURCE -D_GNU_SOURCE" - AC_DEFINE([BROKEN_CLOSEFROM], [1], [broken in chroots on older kernels]) - AC_DEFINE([PAM_TTY_KLUDGE], [1], - [Work around problematic Linux PAM modules handling of PAM_TTY]) -@@ -2168,8 +2169,9 @@ AC_CHECK_FUNCS([setresuid], [ - AC_MSG_CHECKING([if setresuid seems to work]) - AC_RUN_IFELSE( - [AC_LANG_PROGRAM([[ --#include - #include -+#include -+#include - ]], [[ - errno=0; - setresuid(0,0,0); -@@ -2191,8 +2193,9 @@ AC_CHECK_FUNCS([setresgid], [ - AC_MSG_CHECKING([if setresgid seems to work]) - AC_RUN_IFELSE( - [AC_LANG_PROGRAM([[ --#include - #include -+#include -+#include - ]], [[ - errno=0; - setresgid(0,0,0); diff --git a/openssh-configure-c99-3.patch b/openssh-configure-c99-3.patch deleted file mode 100644 index 48ab14a..0000000 --- a/openssh-configure-c99-3.patch +++ /dev/null @@ -1,41 +0,0 @@ -commit 5eb796a369c64f18d55a6ae9b1fa9b35eea237fb -Author: Harmen Stoppels -Date: Thu Oct 13 16:08:46 2022 +0200 - - Fix snprintf configure test for clang 15 - - Clang 15 -Wimplicit-int defaults to an error in C99 mode and above. - A handful of tests have "main(..." and not "int main(..." which caused - the tests to produce incorrect results. - -diff --git a/configure.ac b/configure.ac -index de60a1b1..165c49de 100644 ---- a/configure.ac -+++ b/configure.ac -@@ -713,7 +713,7 @@ case "$host" in - AC_RUN_IFELSE([AC_LANG_SOURCE([[ - #include - #include --main() { if (NSVersionOfRunTimeLibrary("System") >= (60 << 16)) -+int main() { if (NSVersionOfRunTimeLibrary("System") >= (60 << 16)) - exit(0); - else - exit(1); -@@ -4259,7 +4259,7 @@ dnl test snprintf (broken on SCO w/gcc) - #include - #include - #ifdef HAVE_SNPRINTF --main() -+int main() - { - char buf[50]; - char expected_out[50]; -@@ -4276,7 +4276,7 @@ main() - exit(0); - } - #else --main() { exit(0); } -+int main() { exit(0); } - #endif - ]])], [ true ], [ AC_DEFINE([BROKEN_SNPRINTF]) ], - AC_MSG_WARN([cross compiling: Assuming working snprintf()]) diff --git a/sources b/sources index 82d7797..c322d35 100644 --- a/sources +++ b/sources @@ -1,3 +1,3 @@ -SHA512 (openssh-9.0p1.tar.gz) = 613ae95317e734868c6a60d9cc5af47a889baa3124bbdd2b31bb51dd6b57b136f4cfcb5604cca78a03bd500baab9b9b45eaf77e038b1ed776c86dce0437449a9 -SHA512 (openssh-9.0p1.tar.gz.asc) = 7b1445764058435d2fa8a9c7553643983650d4232036c088e46e44beeb538d32cba88f775b1be9da5f21a01d6caea59b3dc4714507781e9cb946546fa54f169f +SHA512 (openssh-9.3p1.tar.gz) = 087ff6fe5f6caab4c6c3001d906399e02beffad7277280f11187420c2939fd4befdcb14643862a657ce4cad2f115b82a0a1a2c99df6ee54dcd76b53647637c19 +SHA512 (openssh-9.3p1.tar.gz.asc) = 6222378eb24a445c6c1db255392b405f5369b1af0e92f558d4ba05b0d83ab0d084cb8f4b91d7ae8636f333d970638a6635e2bc7af885135dd34992d87f2ef1f4 SHA512 (gpgkey-736060BA.gpg) = df44f3fdbcd1d596705348c7f5aed3f738c5f626a55955e0642f7c6c082995cf36a1b1891bb41b8715cb2aff34fef1c877e0eff0d3507dd00a055ba695757a21 From 0172aacf0aecee61b3b7d2ca8bfb9e0dcff4edda Mon Sep 17 00:00:00 2001 From: Mattias Ellert Date: Sun, 23 Jul 2023 08:40:50 +0200 Subject: [PATCH 16/44] Based on openssh-9.3p1-5.fc39.1 --- gsi-openssh.spec | 139 +-- openssh-7.7p1-fips.patch | 12 +- openssh-8.0p1-crypto-policies.patch | 78 +- openssh-8.0p1-gssapi-keyex.patch | 17 + openssh-8.0p1-openssl-evp.patch | 720 ----------- openssh-8.0p1-pkcs11-uri.patch | 100 +- openssh-8.7p1-evpgenkey.patch | 109 -- openssh-8.7p1-gssapi-auth.patch | 20 - openssh-9.0p1-evp-fips-sign.patch | 476 -------- openssh-9.0p1-evp-pkcs11.patch | 145 --- openssh-9.0p1-man-hostkeyalgos.patch | 16 - openssh-9.3p1-merged-openssl-evp.patch | 1220 +++++++++++++++++++ openssh-9.3p1-upstream-cve-2023-38408.patch | 130 ++ 13 files changed, 1525 insertions(+), 1657 deletions(-) delete mode 100644 openssh-8.0p1-openssl-evp.patch delete mode 100644 openssh-8.7p1-evpgenkey.patch delete mode 100644 openssh-8.7p1-gssapi-auth.patch delete mode 100644 openssh-9.0p1-evp-fips-sign.patch delete mode 100644 openssh-9.0p1-evp-pkcs11.patch delete mode 100644 openssh-9.0p1-man-hostkeyalgos.patch create mode 100644 openssh-9.3p1-merged-openssl-evp.patch create mode 100644 openssh-9.3p1-upstream-cve-2023-38408.patch diff --git a/gsi-openssh.spec b/gsi-openssh.spec index 297581a..0bd49a9 100644 --- a/gsi-openssh.spec +++ b/gsi-openssh.spec @@ -24,7 +24,7 @@ %global libedit 1 %global openssh_ver 9.3p1 -%global openssh_rel 1 +%global openssh_rel 2 Summary: An implementation of the SSH protocol with GSI authentication Name: gsi-openssh @@ -89,6 +89,10 @@ Patch711: openssh-7.8p1-UsePAM-warning.patch # GSSAPI Key Exchange (RFC 4462 + RFC 8732) # from https://github.com/openssh-gsskex/openssh-gsskex/tree/fedora/master +# and +# Reenable MONITOR_REQ_GSSCHECKMIC after gssapi-with-mic failures +# upstream MR: +# https://github.com/openssh-gsskex/openssh-gsskex/pull/21 Patch800: openssh-8.0p1-gssapi-keyex.patch #http://www.mail-archive.com/kerberos@mit.edu/msg17591.html Patch801: openssh-6.6p1-force_krb.patch @@ -132,9 +136,11 @@ Patch951: openssh-8.0p1-pkcs11-uri.patch # Unbreak scp between two IPv6 hosts (#1620333) Patch953: openssh-7.8p1-scp-ipv6.patch # Mention crypto-policies in manual pages (#1668325) +# clarify rhbz#2068423 on the man page of ssh_config Patch962: openssh-8.0p1-crypto-policies.patch # Use OpenSSL high-level API to produce and verify signatures (#1707485) -Patch963: openssh-8.0p1-openssl-evp.patch +# TODO fix the comment above ^ +Patch963: openssh-9.3p1-merged-openssl-evp.patch # Use OpenSSL KDF (#1631761) Patch964: openssh-8.0p1-openssl-kdf.patch # sk-dummy.so built with -fvisibility=hidden does not work @@ -154,8 +160,6 @@ Patch977: openssh-8.7p1-scp-kill-switch.patch Patch981: openssh-8.7p1-recursive-scp.patch # https://github.com/djmdjm/openssh-wip/pull/13 Patch982: openssh-8.7p1-minrsabits.patch -# downstream only -Patch983: openssh-8.7p1-evpgenkey.patch # downstream only, IBMCA tentative fix # From https://bugzilla.redhat.com/show_bug.cgi?id=1976202#c14 Patch984: openssh-8.7p1-ibmca.patch @@ -164,23 +168,15 @@ Patch984: openssh-8.7p1-ibmca.patch # upstream bug: # https://bugzilla.mindrot.org/show_bug.cgi?id=3455 Patch1002: openssh-8.7p1-ssh-manpage.patch -# Reenable MONITOR_REQ_GSSCHECKMIC after gssapi-with-mic failures -# upstream MR: -# https://github.com/openssh-gsskex/openssh-gsskex/pull/21 -Patch1004: openssh-8.7p1-gssapi-auth.patch # Don't propose disallowed algorithms during hostkey negotiation # upstream MR: # https://github.com/openssh/openssh-portable/pull/323 Patch1006: openssh-8.7p1-negotiate-supported-algs.patch -Patch1011: openssh-9.0p1-evp-fips-sign.patch Patch1012: openssh-9.0p1-evp-fips-dh.patch Patch1013: openssh-9.0p1-evp-fips-ecdh.patch Patch1014: openssh-8.7p1-nohostsha1proof.patch -Patch1015: openssh-9.0p1-evp-pkcs11.patch - -# clarify rhbz#2068423 on the man page of ssh_config -Patch1016: openssh-9.0p1-man-hostkeyalgos.patch +Patch1015: openssh-9.3p1-upstream-cve-2023-38408.patch # Fix issue with read-only ssh buffer during gssapi key exchange (#1938224) # https://github.com/openssh-gsskex/openssh-gsskex/pull/19 @@ -285,74 +281,70 @@ This version of OpenSSH has been modified to support GSI authentication. gpgv2 --quiet --keyring %{SOURCE3} %{SOURCE1} %{SOURCE0} %setup -q -n openssh-%{version} -%patch400 -p1 -b .role-mls -%patch404 -p1 -b .privsep-selinux +%patch -P 400 -p1 -b .role-mls +%patch -P 404 -p1 -b .privsep-selinux -%patch502 -p1 -b .keycat +%patch -P 502 -p1 -b .keycat -%patch601 -p1 -b .ip-opts -%patch606 -p1 -b .ipv6man -%patch607 -p1 -b .sigpipe -%patch609 -p1 -b .x11 +%patch -P 601 -p1 -b .ip-opts +%patch -P 606 -p1 -b .ipv6man +%patch -P 607 -p1 -b .sigpipe +%patch -P 609 -p1 -b .x11 -%patch702 -p1 -b .progress -%patch703 -p1 -b .grab-info -%patch707 -p1 -b .redhat -%patch711 -p1 -b .log-usepam-no +%patch -P 702 -p1 -b .progress +%patch -P 703 -p1 -b .grab-info +%patch -P 707 -p1 -b .redhat +%patch -P 711 -p1 -b .log-usepam-no -%patch800 -p1 -b .gsskex -%patch801 -p1 -b .force_krb -%patch804 -p1 -b .ccache_name -%patch805 -p1 -b .k5login +%patch -P 800 -p1 -b .gsskex +%patch -P 801 -p1 -b .force_krb +%patch -P 804 -p1 -b .ccache_name +%patch -P 805 -p1 -b .k5login -%patch901 -p1 -b .kuserok -%patch906 -p1 -b .fromto-remote -%patch916 -p1 -b .contexts -%patch918 -p1 -b .log-in-chroot -%patch919 -p1 -b .scp -%patch802 -p1 -b .GSSAPIEnablek5users -%patch922 -p1 -b .sshdt -%patch926 -p1 -b .sftp-force-mode -%patch939 -p1 -b .s390-dev -%patch944 -p1 -b .x11max -%patch948 -p1 -b .systemd -%patch949 -p1 -b .refactor -%patch950 -p1 -b .sandbox -%patch951 -p1 -b .pkcs11-uri -%patch953 -p1 -b .scp-ipv6 -%patch962 -p1 -b .crypto-policies -%patch963 -p1 -b .openssl-evp -%patch964 -p1 -b .openssl-kdf -%patch965 -p1 -b .visibility -%patch966 -p1 -b .x11-ipv6 -%patch974 -p1 -b .keygen-strip-doseol -%patch975 -p1 -b .preserve-pam-errors -%patch977 -p1 -b .kill-scp -%patch981 -p1 -b .scp-sftpdirs -%patch982 -p1 -b .minrsabits -%patch983 -p1 -b .evpgenrsa -%patch984 -p1 -b .ibmca +%patch -P 901 -p1 -b .kuserok +%patch -P 906 -p1 -b .fromto-remote +%patch -P 916 -p1 -b .contexts +%patch -P 918 -p1 -b .log-in-chroot +%patch -P 919 -p1 -b .scp +%patch -P 802 -p1 -b .GSSAPIEnablek5users +%patch -P 922 -p1 -b .sshdt +%patch -P 926 -p1 -b .sftp-force-mode +%patch -P 939 -p1 -b .s390-dev +%patch -P 944 -p1 -b .x11max +%patch -P 948 -p1 -b .systemd +%patch -P 949 -p1 -b .refactor +%patch -P 950 -p1 -b .sandbox +%patch -P 951 -p1 -b .pkcs11-uri +%patch -P 953 -p1 -b .scp-ipv6 +%patch -P 962 -p1 -b .crypto-policies +%patch -P 963 -p1 -b .openssl-evp +%patch -P 964 -p1 -b .openssl-kdf +%patch -P 965 -p1 -b .visibility +%patch -P 966 -p1 -b .x11-ipv6 +%patch -P 974 -p1 -b .keygen-strip-doseol +%patch -P 975 -p1 -b .preserve-pam-errors +%patch -P 977 -p1 -b .kill-scp +%patch -P 981 -p1 -b .scp-sftpdirs +%patch -P 982 -p1 -b .minrsabits +%patch -P 984 -p1 -b .ibmca -%patch200 -p1 -b .audit -%patch201 -p1 -b .audit-race -%patch202 -p1 -b .audit-log -%patch700 -p1 -b .fips +%patch -P 200 -p1 -b .audit +%patch -P 201 -p1 -b .audit-race +%patch -P 202 -p1 -b .audit-log +%patch -P 700 -p1 -b .fips -%patch1002 -p1 -b .ssh-manpage -%patch1004 -p1 -b .gssapi-auth -%patch1006 -p1 -b .negotiate-supported-algs -%patch1011 -p1 -b .evp-fips-sign -%patch1012 -p1 -b .evp-fips-dh -%patch1013 -p1 -b .evp-fips-ecdh -%patch1014 -p1 -b .nosha1hostproof -%patch1015 -p1 -b .evp-pkcs11 -%patch1016 -p1 -b .man-hostkeyalgos +%patch -P 1002 -p1 -b .ssh-manpage +%patch -P 1006 -p1 -b .negotiate-supported-algs +%patch -P 1012 -p1 -b .evp-fips-dh +%patch -P 1013 -p1 -b .evp-fips-ecdh +%patch -P 1014 -p1 -b .nosha1hostproof +%patch -P 1015 -p1 -b .cve-2023-38408 -%patch100 -p1 -b .coverity +%patch -P 100 -p1 -b .coverity -%patch97 -p1 -b .sshbuf-ro -%patch98 -p1 -b .gsi -%patch99 -p1 -b .hpn +%patch -P 97 -p1 -b .sshbuf-ro +%patch -P 98 -p1 -b .gsi +%patch -P 99 -p1 -b .hpn sed 's/sshd.pid/gsisshd.pid/' -i pathnames.h sed 's!$(piddir)/sshd.pid!$(piddir)/gsisshd.pid!' -i Makefile.in @@ -545,6 +537,9 @@ fi %attr(0744,root,root) %{_libexecdir}/gsissh/ssh-host-keys-migration.sh %changelog +* Sun Jul 23 2023 Mattias Ellert - 9.3p1-2 +- Based on openssh-9.3p1-5.fc39.1 + * Wed Jul 19 2023 Mattias Ellert - 9.3p1-1 - Based on openssh-9.3p1-3.fc39 - Fix keyex patch diff --git a/openssh-7.7p1-fips.patch b/openssh-7.7p1-fips.patch index 180f13e..5351571 100644 --- a/openssh-7.7p1-fips.patch +++ b/openssh-7.7p1-fips.patch @@ -415,10 +415,10 @@ diff -up openssh-8.6p1/sshd.c.fips openssh-8.6p1/sshd.c diff -up openssh-8.6p1/sshkey.c.fips openssh-8.6p1/sshkey.c --- openssh-8.6p1/sshkey.c.fips 2021-05-06 12:08:36.493926838 +0200 +++ openssh-8.6p1/sshkey.c 2021-05-06 12:08:36.502926908 +0200 -@@ -34,6 +34,7 @@ - #include - #include +@@ -36,6 +36,7 @@ #include + #include + #include +#include #endif @@ -540,10 +540,10 @@ diff -up openssh-8.6p1/ssh-keygen.c.fips openssh-8.6p1/ssh-keygen.c diff -up openssh-9.3p1/ssh-rsa.c.evpgenrsa openssh-9.3p1/ssh-rsa.c --- openssh-9.3p1/ssh-rsa.c.evpgenrsa 2022-06-30 15:14:58.200518353 +0200 +++ openssh-9.3p1/ssh-rsa.c 2022-06-30 15:24:31.499641196 +0200 -@@ -31,6 +31,7 @@ - - #include +@@ -33,6 +33,7 @@ #include + #include + #include +#include #include diff --git a/openssh-8.0p1-crypto-policies.patch b/openssh-8.0p1-crypto-policies.patch index d4549f0..86c08db 100644 --- a/openssh-8.0p1-crypto-policies.patch +++ b/openssh-8.0p1-crypto-policies.patch @@ -1,7 +1,7 @@ -diff --color -ru a/ssh_config.5 b/ssh_config.5 ---- a/ssh_config.5 2022-07-12 15:05:22.550013071 +0200 -+++ b/ssh_config.5 2022-07-12 15:17:20.016704545 +0200 -@@ -373,17 +373,13 @@ +diff --color -ru -x regress -x autom4te.cache -x '*.o' -x '*.lo' -x Makefile -x config.status -x configure~ -x configure.ac openssh-9.3p1/ssh_config.5 openssh-9.3p1-patched/ssh_config.5 +--- openssh-9.3p1/ssh_config.5 2023-06-07 10:26:48.284590156 +0200 ++++ openssh-9.3p1-patched/ssh_config.5 2023-06-07 10:26:00.623052194 +0200 +@@ -378,17 +378,13 @@ causes no CNAMEs to be considered for canonicalization. This is the default behaviour. .It Cm CASignatureAlgorithms @@ -24,7 +24,7 @@ diff --color -ru a/ssh_config.5 b/ssh_config.5 If the specified list begins with a .Sq + character, then the specified algorithms will be appended to the default set -@@ -445,20 +441,25 @@ +@@ -450,20 +446,25 @@ (the default), the check will not be executed. .It Cm Ciphers @@ -54,7 +54,7 @@ diff --color -ru a/ssh_config.5 b/ssh_config.5 .Pp The supported ciphers are: .Bd -literal -offset indent -@@ -474,13 +475,6 @@ +@@ -479,13 +480,6 @@ chacha20-poly1305@openssh.com .Ed .Pp @@ -68,7 +68,7 @@ diff --color -ru a/ssh_config.5 b/ssh_config.5 The list of available ciphers may also be obtained using .Qq ssh -Q cipher . .It Cm ClearAllForwardings -@@ -874,6 +868,11 @@ +@@ -885,6 +879,11 @@ The default is .Dq no . .It Cm GSSAPIKexAlgorithms @@ -80,7 +80,7 @@ diff --color -ru a/ssh_config.5 b/ssh_config.5 The list of key exchange algorithms that are offered for GSSAPI key exchange. Possible values are .Bd -literal -offset 3n -@@ -886,10 +885,8 @@ +@@ -897,10 +896,8 @@ gss-curve25519-sha256- .Ed .Pp @@ -92,7 +92,7 @@ diff --color -ru a/ssh_config.5 b/ssh_config.5 .It Cm HashKnownHosts Indicates that .Xr ssh 1 -@@ -913,36 +910,25 @@ +@@ -919,36 +916,25 @@ but may be manually hashed using .Xr ssh-keygen 1 . .It Cm HostbasedAcceptedAlgorithms @@ -137,7 +137,25 @@ diff --color -ru a/ssh_config.5 b/ssh_config.5 .Pp The .Fl Q -@@ -1219,30 +1216,25 @@ +@@ -1001,6 +987,17 @@ + .Pp + The list of available signature algorithms may also be obtained using + .Qq ssh -Q HostKeyAlgorithms . ++.Pp ++The proposed ++.Cm HostKeyAlgorithms ++during KEX are limited to the set of algorithms that is defined in ++.Cm PubkeyAcceptedAlgorithms ++and therefore they are indirectly affected by system-wide ++.Xr crypto_policies 7 . ++.Xr crypto_policies 7 can not handle the list of host key algorithms directly as doing so ++would break the order given by the ++.Pa known_hosts ++file. + .It Cm HostKeyAlias + Specifies an alias that should be used instead of the + real host name when looking up or saving the host key +@@ -1232,30 +1229,25 @@ and .Cm pam . .It Cm KexAlgorithms @@ -177,7 +195,7 @@ diff --color -ru a/ssh_config.5 b/ssh_config.5 .Pp The list of available key exchange algorithms may also be obtained using .Qq ssh -Q kex . -@@ -1351,37 +1344,33 @@ +@@ -1365,37 +1357,33 @@ file. This option is intended for debugging and no overrides are enabled by default. .It Cm MACs @@ -224,7 +242,7 @@ diff --color -ru a/ssh_config.5 b/ssh_config.5 The list of available MAC algorithms may also be obtained using .Qq ssh -Q mac . .It Cm NoHostAuthenticationForLocalhost -@@ -1553,36 +1542,25 @@ +@@ -1567,39 +1555,31 @@ The default is .Cm no . .It Cm PubkeyAcceptedAlgorithms @@ -270,7 +288,13 @@ diff --color -ru a/ssh_config.5 b/ssh_config.5 .Pp The list of available signature algorithms may also be obtained using .Qq ssh -Q PubkeyAcceptedAlgorithms . -@@ -2237,7 +2207,9 @@ for those users who do not have a config ++.Pp ++This option affects also ++.Cm HostKeyAlgorithms + .It Cm PubkeyAuthentication + Specifies whether to try public key authentication. + The argument to this keyword must be +@@ -2265,7 +2245,9 @@ This file must be world-readable. .El .Sh SEE ALSO @@ -281,10 +305,10 @@ diff --color -ru a/ssh_config.5 b/ssh_config.5 .Sh AUTHORS .An -nosplit OpenSSH is a derivative of the original and free -diff --color -ru a/sshd_config.5 b/sshd_config.5 ---- a/sshd_config.5 2022-07-12 15:05:22.535012771 +0200 -+++ b/sshd_config.5 2022-07-12 15:15:33.394809258 +0200 -@@ -373,17 +373,13 @@ +diff --color -ru -x regress -x autom4te.cache -x '*.o' -x '*.lo' -x Makefile -x config.status -x configure~ -x configure.ac openssh-9.3p1/sshd_config.5 openssh-9.3p1-patched/sshd_config.5 +--- openssh-9.3p1/sshd_config.5 2023-06-07 10:26:48.277590077 +0200 ++++ openssh-9.3p1-patched/sshd_config.5 2023-06-07 10:26:00.592051845 +0200 +@@ -379,17 +379,13 @@ then no banner is displayed. By default, no banner is displayed. .It Cm CASignatureAlgorithms @@ -307,7 +331,7 @@ diff --color -ru a/sshd_config.5 b/sshd_config.5 If the specified list begins with a .Sq + character, then the specified algorithms will be appended to the default set -@@ -450,20 +446,25 @@ +@@ -525,20 +521,25 @@ indicating not to .Xr chroot 2 . .It Cm Ciphers @@ -337,7 +361,7 @@ diff --color -ru a/sshd_config.5 b/sshd_config.5 .Pp The supported ciphers are: .Pp -@@ -490,13 +491,6 @@ +@@ -565,13 +566,6 @@ chacha20-poly1305@openssh.com .El .Pp @@ -351,7 +375,7 @@ diff --color -ru a/sshd_config.5 b/sshd_config.5 The list of available ciphers may also be obtained using .Qq ssh -Q cipher . .It Cm ClientAliveCountMax -@@ -685,53 +679,43 @@ +@@ -766,53 +760,43 @@ .Cm GSSAPIKeyExchange needs to be enabled in the server and also used by the client. .It Cm GSSAPIKexAlgorithms @@ -424,7 +448,7 @@ diff --color -ru a/sshd_config.5 b/sshd_config.5 .Pp The list of available signature algorithms may also be obtained using .Qq ssh -Q HostbasedAcceptedAlgorithms . -@@ -799,25 +794,14 @@ +@@ -879,25 +863,14 @@ .Ev SSH_AUTH_SOCK environment variable. .It Cm HostKeyAlgorithms @@ -455,7 +479,7 @@ diff --color -ru a/sshd_config.5 b/sshd_config.5 The list of available signature algorithms may also be obtained using .Qq ssh -Q HostKeyAlgorithms . .It Cm IgnoreRhosts -@@ -965,20 +947,25 @@ +@@ -1044,20 +1017,25 @@ The default is .Cm yes . .It Cm KexAlgorithms @@ -485,7 +509,7 @@ diff --color -ru a/sshd_config.5 b/sshd_config.5 The supported algorithms are: .Pp .Bl -item -compact -offset indent -@@ -1010,16 +997,6 @@ +@@ -1089,16 +1067,6 @@ sntrup761x25519-sha512@openssh.com .El .Pp @@ -502,7 +526,7 @@ diff --color -ru a/sshd_config.5 b/sshd_config.5 The list of available key exchange algorithms may also be obtained using .Qq ssh -Q KexAlgorithms . .It Cm ListenAddress -@@ -1104,21 +1082,26 @@ +@@ -1184,21 +1152,26 @@ file. This option is intended for debugging and no overrides are enabled by default. .It Cm MACs @@ -533,7 +557,7 @@ diff --color -ru a/sshd_config.5 b/sshd_config.5 .Pp The algorithms that contain .Qq -etm -@@ -1161,15 +1144,6 @@ +@@ -1241,15 +1214,6 @@ umac-128-etm@openssh.com .El .Pp @@ -549,7 +573,7 @@ diff --color -ru a/sshd_config.5 b/sshd_config.5 The list of available MAC algorithms may also be obtained using .Qq ssh -Q mac . .It Cm Match -@@ -1548,36 +1522,25 @@ +@@ -1633,36 +1597,25 @@ The default is .Cm yes . .It Cm PubkeyAcceptedAlgorithms @@ -595,7 +619,7 @@ diff --color -ru a/sshd_config.5 b/sshd_config.5 .Pp The list of available signature algorithms may also be obtained using .Qq ssh -Q PubkeyAcceptedAlgorithms . -@@ -2011,7 +1968,9 @@ This file should be writable by root onl +@@ -2131,7 +2084,9 @@ .El .Sh SEE ALSO .Xr sftp-server 8 , diff --git a/openssh-8.0p1-gssapi-keyex.patch b/openssh-8.0p1-gssapi-keyex.patch index 3e79581..d1d914d 100644 --- a/openssh-8.0p1-gssapi-keyex.patch +++ b/openssh-8.0p1-gssapi-keyex.patch @@ -2612,6 +2612,23 @@ index 2ce89fe9..ebf76c7f 100644 /* The first few requests do not require asynchronous access */ while (!authenticated) { +@@ -376,8 +376,15 @@ monitor_child_preauth(struct ssh *ssh, s + if (ent->flags & (MON_AUTHDECIDE|MON_ALOG)) { + auth_log(ssh, authenticated, partial, + auth_method, auth_submethod); +- if (!partial && !authenticated) ++ if (!partial && !authenticated) { ++#ifdef GSSAPI ++ /* If gssapi-with-mic failed, MONITOR_REQ_GSSCHECKMIC is disabled. ++ * We have to reenable it to try again for gssapi-keyex */ ++ if (strcmp(auth_method, "gssapi-with-mic") == 0 && options.gss_keyex) ++ monitor_permit(mon_dispatch, MONITOR_REQ_GSSCHECKMIC, 1); ++#endif + authctxt->failures++; ++ } + if (authenticated || partial) { + auth2_update_session_info(authctxt, + auth_method, auth_submethod); @@ -406,6 +419,10 @@ monitor_child_postauth(struct ssh *ssh, struct monitor *pmonitor) monitor_permit(mon_dispatch, MONITOR_REQ_MODULI, 1); monitor_permit(mon_dispatch, MONITOR_REQ_SIGN, 1); diff --git a/openssh-8.0p1-openssl-evp.patch b/openssh-8.0p1-openssl-evp.patch deleted file mode 100644 index a17dbbc..0000000 --- a/openssh-8.0p1-openssl-evp.patch +++ /dev/null @@ -1,720 +0,0 @@ -From ed7ec0cdf577ffbb0b15145340cf51596ca3eb89 Mon Sep 17 00:00:00 2001 -From: Jakub Jelen -Date: Tue, 14 May 2019 10:45:45 +0200 -Subject: [PATCH] Use high-level OpenSSL API for signatures - ---- - digest-openssl.c | 16 ++++ - digest.h | 6 ++ - ssh-dss.c | 65 ++++++++++------ - ssh-ecdsa.c | 69 ++++++++++------- - ssh-rsa.c | 193 +++++++++-------------------------------------- - sshkey.c | 77 +++++++++++++++++++ - sshkey.h | 4 + - 7 files changed, 221 insertions(+), 209 deletions(-) - -diff --git a/digest-openssl.c b/digest-openssl.c -index da7ed72bc..6a21d8adb 100644 ---- a/digest-openssl.c -+++ b/digest-openssl.c -@@ -63,6 +63,22 @@ const struct ssh_digest digests[] = { - { -1, NULL, 0, NULL }, - }; - -+const EVP_MD * -+ssh_digest_to_md(int digest_type) -+{ -+ switch (digest_type) { -+ case SSH_DIGEST_SHA1: -+ return EVP_sha1(); -+ case SSH_DIGEST_SHA256: -+ return EVP_sha256(); -+ case SSH_DIGEST_SHA384: -+ return EVP_sha384(); -+ case SSH_DIGEST_SHA512: -+ return EVP_sha512(); -+ } -+ return NULL; -+} -+ - static const struct ssh_digest * - ssh_digest_by_alg(int alg) - { -diff --git a/digest.h b/digest.h -index 274574d0e..c7ceeb36f 100644 ---- a/digest.h -+++ b/digest.h -@@ -32,6 +32,12 @@ - struct sshbuf; - struct ssh_digest_ctx; - -+#ifdef WITH_OPENSSL -+#include -+/* Converts internal digest representation to the OpenSSL one */ -+const EVP_MD *ssh_digest_to_md(int digest_type); -+#endif -+ - /* Looks up a digest algorithm by name */ - int ssh_digest_alg_by_name(const char *name); - -diff --git a/ssh-dss.c b/ssh-dss.c -index a23c383dc..ea45e7275 100644 ---- a/ssh-dss.c -+++ b/ssh-dss.c -@@ -52,11 +52,15 @@ int - const u_char *data, size_t datalen, - const char *alg, const char *sk_provider, const char *sk_pin, u_int compat) - { -+ EVP_PKEY *pkey = NULL; - DSA_SIG *sig = NULL; - const BIGNUM *sig_r, *sig_s; -- u_char digest[SSH_DIGEST_MAX_LENGTH], sigblob[SIGBLOB_LEN]; -- size_t rlen, slen, len, dlen = ssh_digest_bytes(SSH_DIGEST_SHA1); -+ u_char sigblob[SIGBLOB_LEN]; -+ size_t rlen, slen; -+ int len; - struct sshbuf *b = NULL; -+ u_char *sigb = NULL; -+ const u_char *psig = NULL; - int ret = SSH_ERR_INVALID_ARGUMENT; - - if (lenp != NULL) -@@ -67,17 +71,24 @@ ssh_dss_sign(const struct sshkey *key, u_char **sigp, size_t *lenp, - if (key == NULL || key->dsa == NULL || - sshkey_type_plain(key->type) != KEY_DSA) - return SSH_ERR_INVALID_ARGUMENT; -- if (dlen == 0) -- return SSH_ERR_INTERNAL_ERROR; - -- if ((ret = ssh_digest_memory(SSH_DIGEST_SHA1, data, datalen, -- digest, sizeof(digest))) != 0) -+ if ((pkey = EVP_PKEY_new()) == NULL || -+ EVP_PKEY_set1_DSA(pkey, key->dsa) != 1) -+ return SSH_ERR_ALLOC_FAIL; -+ ret = sshkey_calculate_signature(pkey, SSH_DIGEST_SHA1, &sigb, &len, -+ data, datalen); -+ EVP_PKEY_free(pkey); -+ if (ret < 0) { - goto out; -+ } - -- if ((sig = DSA_do_sign(digest, dlen, key->dsa)) == NULL) { -+ psig = sigb; -+ if ((sig = d2i_DSA_SIG(NULL, &psig, len)) == NULL) { - ret = SSH_ERR_LIBCRYPTO_ERROR; - goto out; - } -+ free(sigb); -+ sigb = NULL; - - DSA_SIG_get0(sig, &sig_r, &sig_s); - rlen = BN_num_bytes(sig_r); -@@ -110,7 +121,7 @@ ssh_dss_sign(const struct sshkey *key, u_char **sigp, size_t *lenp, - *lenp = len; - ret = 0; - out: -- explicit_bzero(digest, sizeof(digest)); -+ free(sigb); - DSA_SIG_free(sig); - sshbuf_free(b); - return ret; -@@ -121,20 +132,20 @@ ssh_dss_verify(const struct sshkey *key, - const u_char *data, size_t dlen, const char *alg, u_int compat, - struct sshkey_sig_details **detailsp) - { -+ EVP_PKEY *pkey = NULL; - DSA_SIG *dsig = NULL; - BIGNUM *sig_r = NULL, *sig_s = NULL; -- u_char digest[SSH_DIGEST_MAX_LENGTH], *sigblob = NULL; -- size_t len, hlen = ssh_digest_bytes(SSH_DIGEST_SHA1); -+ u_char *sigblob = NULL; -+ size_t len, slen; - int ret = SSH_ERR_INTERNAL_ERROR; - struct sshbuf *b = NULL; - char *ktype = NULL; -+ u_char *sigb = NULL, *psig = NULL; - - if (key == NULL || key->dsa == NULL || - sshkey_type_plain(key->type) != KEY_DSA || - sig == NULL || siglen == 0) - return SSH_ERR_INVALID_ARGUMENT; -- if (hlen == 0) -- return SSH_ERR_INTERNAL_ERROR; - - /* fetch signature */ - if ((b = sshbuf_from(sig, siglen)) == NULL) -@@ -176,25 +187,31 @@ ssh_dss_verify(const struct sshkey *key, - } - sig_r = sig_s = NULL; /* transferred */ - -- /* sha1 the data */ -- if ((ret = ssh_digest_memory(SSH_DIGEST_SHA1, data, dlen, -- digest, sizeof(digest))) != 0) -+ if ((slen = i2d_DSA_SIG(dsig, NULL)) == 0) { -+ ret = SSH_ERR_LIBCRYPTO_ERROR; - goto out; -- -- switch (DSA_do_verify(digest, hlen, dsig, key->dsa)) { -- case 1: -- ret = 0; -- break; -- case 0: -- ret = SSH_ERR_SIGNATURE_INVALID; -+ } -+ if ((sigb = malloc(slen)) == NULL) { -+ ret = SSH_ERR_ALLOC_FAIL; - goto out; -- default: -+ } -+ psig = sigb; -+ if ((slen = i2d_DSA_SIG(dsig, &psig)) == 0) { - ret = SSH_ERR_LIBCRYPTO_ERROR; - goto out; - } - -+ if ((pkey = EVP_PKEY_new()) == NULL || -+ EVP_PKEY_set1_DSA(pkey, key->dsa) != 1) { -+ ret = SSH_ERR_ALLOC_FAIL; -+ goto out; -+ } -+ ret = sshkey_verify_signature(pkey, SSH_DIGEST_SHA1, data, dlen, -+ sigb, slen); -+ EVP_PKEY_free(pkey); -+ - out: -- explicit_bzero(digest, sizeof(digest)); -+ free(sigb); - DSA_SIG_free(dsig); - BN_clear_free(sig_r); - BN_clear_free(sig_s); -diff --git a/ssh-ecdsa.c b/ssh-ecdsa.c -index 599c7199d..b036796e8 100644 ---- a/ssh-ecdsa.c -+++ b/ssh-ecdsa.c -@@ -50,11 +50,13 @@ int - const u_char *data, size_t dlen, - const char *alg, const char *sk_provider, const char *sk_pin, u_int compat) - { -+ EVP_PKEY *pkey = NULL; - ECDSA_SIG *esig = NULL; -+ unsigned char *sigb = NULL; -+ const unsigned char *psig; - const BIGNUM *sig_r, *sig_s; - int hash_alg; -- u_char digest[SSH_DIGEST_MAX_LENGTH]; -- size_t len, hlen; -+ int len; - struct sshbuf *b = NULL, *bb = NULL; - int ret = SSH_ERR_INTERNAL_ERROR; - -@@ -67,18 +69,24 @@ ssh_ecdsa_sign(const struct sshkey *key, u_char **sigp, size_t *lenp, - sshkey_type_plain(key->type) != KEY_ECDSA) - return SSH_ERR_INVALID_ARGUMENT; - -- if ((hash_alg = sshkey_ec_nid_to_hash_alg(key->ecdsa_nid)) == -1 || -- (hlen = ssh_digest_bytes(hash_alg)) == 0) -+ if ((hash_alg = sshkey_ec_nid_to_hash_alg(key->ecdsa_nid)) == -1) - return SSH_ERR_INTERNAL_ERROR; -- if ((ret = ssh_digest_memory(hash_alg, data, dlen, -- digest, sizeof(digest))) != 0) -+ -+ if ((pkey = EVP_PKEY_new()) == NULL || -+ EVP_PKEY_set1_EC_KEY(pkey, key->ecdsa) != 1) -+ return SSH_ERR_ALLOC_FAIL; -+ ret = sshkey_calculate_signature(pkey, hash_alg, &sigb, &len, data, -+ dlen); -+ EVP_PKEY_free(pkey); -+ if (ret < 0) { - goto out; -+ } - -- if ((esig = ECDSA_do_sign(digest, hlen, key->ecdsa)) == NULL) { -+ psig = sigb; -+ if (d2i_ECDSA_SIG(&esig, &psig, len) == NULL) { - ret = SSH_ERR_LIBCRYPTO_ERROR; - goto out; - } -- - if ((bb = sshbuf_new()) == NULL || (b = sshbuf_new()) == NULL) { - ret = SSH_ERR_ALLOC_FAIL; - goto out; -@@ -102,7 +110,7 @@ ssh_ecdsa_sign(const struct sshkey *key, u_char **sigp, size_t *lenp, - *lenp = len; - ret = 0; - out: -- explicit_bzero(digest, sizeof(digest)); -+ free(sigb); - sshbuf_free(b); - sshbuf_free(bb); - ECDSA_SIG_free(esig); -@@ -115,22 +123,21 @@ ssh_ecdsa_verify(const struct sshkey *key, - const u_char *data, size_t dlen, const char *alg, u_int compat, - struct sshkey_sig_details **detailsp) - { -+ EVP_PKEY *pkey = NULL; - ECDSA_SIG *esig = NULL; - BIGNUM *sig_r = NULL, *sig_s = NULL; -- int hash_alg; -- u_char digest[SSH_DIGEST_MAX_LENGTH]; -- size_t hlen; -+ int hash_alg, len; - int ret = SSH_ERR_INTERNAL_ERROR; - struct sshbuf *b = NULL, *sigbuf = NULL; - char *ktype = NULL; -+ unsigned char *sigb = NULL, *psig = NULL; - - if (key == NULL || key->ecdsa == NULL || - sshkey_type_plain(key->type) != KEY_ECDSA || - sig == NULL || siglen == 0) - return SSH_ERR_INVALID_ARGUMENT; - -- if ((hash_alg = sshkey_ec_nid_to_hash_alg(key->ecdsa_nid)) == -1 || -- (hlen = ssh_digest_bytes(hash_alg)) == 0) -+ if ((hash_alg = sshkey_ec_nid_to_hash_alg(key->ecdsa_nid)) == -1) - return SSH_ERR_INTERNAL_ERROR; - - /* fetch signature */ -@@ -166,28 +173,36 @@ ssh_ecdsa_verify(const struct sshkey *key, - } - sig_r = sig_s = NULL; /* transferred */ - -- if (sshbuf_len(sigbuf) != 0) { -- ret = SSH_ERR_UNEXPECTED_TRAILING_DATA; -+ /* Figure out the length */ -+ if ((len = i2d_ECDSA_SIG(esig, NULL)) == 0) { -+ ret = SSH_ERR_LIBCRYPTO_ERROR; -+ goto out; -+ } -+ if ((sigb = malloc(len)) == NULL) { -+ ret = SSH_ERR_ALLOC_FAIL; - goto out; - } -- if ((ret = ssh_digest_memory(hash_alg, data, dlen, -- digest, sizeof(digest))) != 0) -+ psig = sigb; -+ if ((len = i2d_ECDSA_SIG(esig, &psig)) == 0) { -+ ret = SSH_ERR_LIBCRYPTO_ERROR; - goto out; -+ } - -- switch (ECDSA_do_verify(digest, hlen, esig, key->ecdsa)) { -- case 1: -- ret = 0; -- break; -- case 0: -- ret = SSH_ERR_SIGNATURE_INVALID; -+ if (sshbuf_len(sigbuf) != 0) { -+ ret = SSH_ERR_UNEXPECTED_TRAILING_DATA; - goto out; -- default: -- ret = SSH_ERR_LIBCRYPTO_ERROR; -+ } -+ -+ if ((pkey = EVP_PKEY_new()) == NULL || -+ EVP_PKEY_set1_EC_KEY(pkey, key->ecdsa) != 1) { -+ ret = SSH_ERR_ALLOC_FAIL; - goto out; - } -+ ret = sshkey_verify_signature(pkey, hash_alg, data, dlen, sigb, len); -+ EVP_PKEY_free(pkey); - - out: -- explicit_bzero(digest, sizeof(digest)); -+ free(sigb); - sshbuf_free(sigbuf); - sshbuf_free(b); - ECDSA_SIG_free(esig); -diff --git a/ssh-rsa.c b/ssh-rsa.c -index 9b14f9a9a..8ef3a6aca 100644 ---- a/ssh-rsa.c -+++ b/ssh-rsa.c -@@ -37,7 +37,7 @@ - - #include "openbsd-compat/openssl-compat.h" - --static int openssh_RSA_verify(int, u_char *, size_t, u_char *, size_t, RSA *); -+static int openssh_RSA_verify(int, const u_char *, size_t, u_char *, size_t, EVP_PKEY *); - - static u_int - ssh_rsa_size(const struct sshkey *key) -@@ -90,21 +90,6 @@ rsa_hash_id_from_keyname(const char *alg) - return -1; - } - --static int --rsa_hash_alg_nid(int type) --{ -- switch (type) { -- case SSH_DIGEST_SHA1: -- return NID_sha1; -- case SSH_DIGEST_SHA256: -- return NID_sha256; -- case SSH_DIGEST_SHA512: -- return NID_sha512; -- default: -- return -1; -- } --} -- - int - ssh_rsa_complete_crt_parameters(struct sshkey *key, const BIGNUM *iqmp) - { -@@ -164,11 +149,10 @@ int - const u_char *data, size_t datalen, - const char *alg, const char *sk_provider, const char *sk_pin, u_int compat) - { -- const BIGNUM *rsa_n; -- u_char digest[SSH_DIGEST_MAX_LENGTH], *sig = NULL; -- size_t slen = 0; -- u_int hlen, len; -- int nid, hash_alg, ret = SSH_ERR_INTERNAL_ERROR; -+ EVP_PKEY *pkey = NULL; -+ u_char *sig = NULL; -+ int len, slen = 0; -+ int hash_alg, ret = SSH_ERR_INTERNAL_ERROR; - struct sshbuf *b = NULL; - - if (lenp != NULL) -@@ -180,33 +164,24 @@ ssh_rsa_sign(const struct sshkey *key, u_char **sigp, size_t *lenp, - hash_alg = SSH_DIGEST_SHA1; - else - hash_alg = rsa_hash_id_from_keyname(alg); -+ - if (key == NULL || key->rsa == NULL || hash_alg == -1 || - sshkey_type_plain(key->type) != KEY_RSA) - return SSH_ERR_INVALID_ARGUMENT; -- RSA_get0_key(key->rsa, &rsa_n, NULL, NULL); -- if (BN_num_bits(rsa_n) < SSH_RSA_MINIMUM_MODULUS_SIZE) -- return SSH_ERR_KEY_LENGTH; - slen = RSA_size(key->rsa); -- if (slen <= 0 || slen > SSHBUF_MAX_BIGNUM) -- return SSH_ERR_INVALID_ARGUMENT; -- -- /* hash the data */ -- nid = rsa_hash_alg_nid(hash_alg); -- if ((hlen = ssh_digest_bytes(hash_alg)) == 0) -- return SSH_ERR_INTERNAL_ERROR; -- if ((ret = ssh_digest_memory(hash_alg, data, datalen, -- digest, sizeof(digest))) != 0) -- goto out; -+ if (RSA_bits(key->rsa) < SSH_RSA_MINIMUM_MODULUS_SIZE) -+ return SSH_ERR_KEY_LENGTH; - -- if ((sig = malloc(slen)) == NULL) { -- ret = SSH_ERR_ALLOC_FAIL; -+ if ((pkey = EVP_PKEY_new()) == NULL || -+ EVP_PKEY_set1_RSA(pkey, key->rsa) != 1) -+ return SSH_ERR_ALLOC_FAIL; -+ ret = sshkey_calculate_signature(pkey, hash_alg, &sig, &len, data, -+ datalen); -+ EVP_PKEY_free(pkey); -+ if (ret < 0) { - goto out; - } - -- if (RSA_sign(nid, digest, hlen, sig, &len, key->rsa) != 1) { -- ret = SSH_ERR_LIBCRYPTO_ERROR; -- goto out; -- } - if (len < slen) { - size_t diff = slen - len; - memmove(sig + diff, sig, len); -@@ -215,6 +190,7 @@ ssh_rsa_sign(const struct sshkey *key, u_char **sigp, size_t *lenp, - ret = SSH_ERR_INTERNAL_ERROR; - goto out; - } -+ - /* encode signature */ - if ((b = sshbuf_new()) == NULL) { - ret = SSH_ERR_ALLOC_FAIL; -@@ -235,7 +211,6 @@ ssh_rsa_sign(const struct sshkey *key, u_char **sigp, size_t *lenp, - *lenp = len; - ret = 0; - out: -- explicit_bzero(digest, sizeof(digest)); - freezero(sig, slen); - sshbuf_free(b); - return ret; -@@ -246,10 +221,10 @@ ssh_rsa_verify(const struct sshkey *key, - const u_char *data, size_t dlen, const char *alg, u_int compat, - struct sshkey_sig_details **detailsp) - { -- const BIGNUM *rsa_n; -+ EVP_PKEY *pkey = NULL; - char *sigtype = NULL; - int hash_alg, want_alg, ret = SSH_ERR_INTERNAL_ERROR; -- size_t len = 0, diff, modlen, hlen; -+ size_t len = 0, diff, modlen; - struct sshbuf *b = NULL; - u_char digest[SSH_DIGEST_MAX_LENGTH], *osigblob, *sigblob = NULL; - -@@ -257,8 +232,7 @@ ssh_rsa_verify(const struct sshkey *key, - sshkey_type_plain(key->type) != KEY_RSA || - sig == NULL || siglen == 0) - return SSH_ERR_INVALID_ARGUMENT; -- RSA_get0_key(key->rsa, &rsa_n, NULL, NULL); -- if (BN_num_bits(rsa_n) < SSH_RSA_MINIMUM_MODULUS_SIZE) -+ if (RSA_bits(key->rsa) < SSH_RSA_MINIMUM_MODULUS_SIZE) - return SSH_ERR_KEY_LENGTH; - - if ((b = sshbuf_from(sig, siglen)) == NULL) -@@ -310,16 +284,15 @@ ssh_rsa_verify(const struct sshkey *key, - explicit_bzero(sigblob, diff); - len = modlen; - } -- if ((hlen = ssh_digest_bytes(hash_alg)) == 0) { -- ret = SSH_ERR_INTERNAL_ERROR; -+ -+ if ((pkey = EVP_PKEY_new()) == NULL || -+ EVP_PKEY_set1_RSA(pkey, key->rsa) != 1) { -+ ret = SSH_ERR_ALLOC_FAIL; - goto out; - } -- if ((ret = ssh_digest_memory(hash_alg, data, dlen, -- digest, sizeof(digest))) != 0) -- goto out; -+ ret = openssh_RSA_verify(hash_alg, data, dlen, sigblob, len, pkey); -+ EVP_PKEY_free(pkey); - -- ret = openssh_RSA_verify(hash_alg, digest, hlen, sigblob, len, -- key->rsa); - out: - freezero(sigblob, len); - free(sigtype); -@@ -328,122 +301,26 @@ ssh_rsa_verify(const struct sshkey *key, - return ret; - } - --/* -- * See: -- * http://www.rsasecurity.com/rsalabs/pkcs/pkcs-1/ -- * ftp://ftp.rsasecurity.com/pub/pkcs/pkcs-1/pkcs-1v2-1.asn -- */ -- --/* -- * id-sha1 OBJECT IDENTIFIER ::= { iso(1) identified-organization(3) -- * oiw(14) secsig(3) algorithms(2) 26 } -- */ --static const u_char id_sha1[] = { -- 0x30, 0x21, /* type Sequence, length 0x21 (33) */ -- 0x30, 0x09, /* type Sequence, length 0x09 */ -- 0x06, 0x05, /* type OID, length 0x05 */ -- 0x2b, 0x0e, 0x03, 0x02, 0x1a, /* id-sha1 OID */ -- 0x05, 0x00, /* NULL */ -- 0x04, 0x14 /* Octet string, length 0x14 (20), followed by sha1 hash */ --}; -- --/* -- * See http://csrc.nist.gov/groups/ST/crypto_apps_infra/csor/algorithms.html -- * id-sha256 OBJECT IDENTIFIER ::= { joint-iso-itu-t(2) country(16) us(840) -- * organization(1) gov(101) csor(3) nistAlgorithm(4) hashAlgs(2) -- * id-sha256(1) } -- */ --static const u_char id_sha256[] = { -- 0x30, 0x31, /* type Sequence, length 0x31 (49) */ -- 0x30, 0x0d, /* type Sequence, length 0x0d (13) */ -- 0x06, 0x09, /* type OID, length 0x09 */ -- 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x01, /* id-sha256 */ -- 0x05, 0x00, /* NULL */ -- 0x04, 0x20 /* Octet string, length 0x20 (32), followed by sha256 hash */ --}; -- --/* -- * See http://csrc.nist.gov/groups/ST/crypto_apps_infra/csor/algorithms.html -- * id-sha512 OBJECT IDENTIFIER ::= { joint-iso-itu-t(2) country(16) us(840) -- * organization(1) gov(101) csor(3) nistAlgorithm(4) hashAlgs(2) -- * id-sha256(3) } -- */ --static const u_char id_sha512[] = { -- 0x30, 0x51, /* type Sequence, length 0x51 (81) */ -- 0x30, 0x0d, /* type Sequence, length 0x0d (13) */ -- 0x06, 0x09, /* type OID, length 0x09 */ -- 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x03, /* id-sha512 */ -- 0x05, 0x00, /* NULL */ -- 0x04, 0x40 /* Octet string, length 0x40 (64), followed by sha512 hash */ --}; -- - static int --rsa_hash_alg_oid(int hash_alg, const u_char **oidp, size_t *oidlenp) -+openssh_RSA_verify(int hash_alg, const u_char *data, size_t datalen, -+ u_char *sigbuf, size_t siglen, EVP_PKEY *pkey) - { -- switch (hash_alg) { -- case SSH_DIGEST_SHA1: -- *oidp = id_sha1; -- *oidlenp = sizeof(id_sha1); -- break; -- case SSH_DIGEST_SHA256: -- *oidp = id_sha256; -- *oidlenp = sizeof(id_sha256); -- break; -- case SSH_DIGEST_SHA512: -- *oidp = id_sha512; -- *oidlenp = sizeof(id_sha512); -- break; -- default: -- return SSH_ERR_INVALID_ARGUMENT; -- } -- return 0; --} -+ size_t rsasize = 0; -+ const RSA *rsa; -+ int ret; - --static int --openssh_RSA_verify(int hash_alg, u_char *hash, size_t hashlen, -- u_char *sigbuf, size_t siglen, RSA *rsa) --{ -- size_t rsasize = 0, oidlen = 0, hlen = 0; -- int ret, len, oidmatch, hashmatch; -- const u_char *oid = NULL; -- u_char *decrypted = NULL; -- -- if ((ret = rsa_hash_alg_oid(hash_alg, &oid, &oidlen)) != 0) -- return ret; -- ret = SSH_ERR_INTERNAL_ERROR; -- hlen = ssh_digest_bytes(hash_alg); -- if (hashlen != hlen) { -- ret = SSH_ERR_INVALID_ARGUMENT; -- goto done; -- } -+ rsa = EVP_PKEY_get0_RSA(pkey); - rsasize = RSA_size(rsa); - if (rsasize <= 0 || rsasize > SSHBUF_MAX_BIGNUM || - siglen == 0 || siglen > rsasize) { - ret = SSH_ERR_INVALID_ARGUMENT; - goto done; - } -- if ((decrypted = malloc(rsasize)) == NULL) { -- ret = SSH_ERR_ALLOC_FAIL; -- goto done; -- } -- if ((len = RSA_public_decrypt(siglen, sigbuf, decrypted, rsa, -- RSA_PKCS1_PADDING)) < 0) { -- ret = SSH_ERR_LIBCRYPTO_ERROR; -- goto done; -- } -- if (len < 0 || (size_t)len != hlen + oidlen) { -- ret = SSH_ERR_INVALID_FORMAT; -- goto done; -- } -- oidmatch = timingsafe_bcmp(decrypted, oid, oidlen) == 0; -- hashmatch = timingsafe_bcmp(decrypted + oidlen, hash, hlen) == 0; -- if (!oidmatch || !hashmatch) { -- ret = SSH_ERR_SIGNATURE_INVALID; -- goto done; -- } -- ret = 0; -+ -+ ret = sshkey_verify_signature(pkey, hash_alg, data, datalen, -+ sigbuf, siglen); -+ - done: -- freezero(decrypted, rsasize); - return ret; - } - -diff --git a/sshkey.c b/sshkey.c -index ad1957762..b95ed0b10 100644 ---- a/sshkey.c -+++ b/sshkey.c -@@ -358,6 +358,83 @@ sshkey_type_plain(int type) - } - - #ifdef WITH_OPENSSL -+int -+sshkey_calculate_signature(EVP_PKEY *pkey, int hash_alg, u_char **sigp, -+ int *lenp, const u_char *data, size_t datalen) -+{ -+ EVP_MD_CTX *ctx = NULL; -+ u_char *sig = NULL; -+ int ret, slen, len; -+ -+ if (sigp == NULL || lenp == NULL) { -+ return SSH_ERR_INVALID_ARGUMENT; -+ } -+ -+ slen = EVP_PKEY_size(pkey); -+ if (slen <= 0 || slen > SSHBUF_MAX_BIGNUM) -+ return SSH_ERR_INVALID_ARGUMENT; -+ -+ len = slen; -+ if ((sig = malloc(slen)) == NULL) { -+ return SSH_ERR_ALLOC_FAIL; -+ } -+ -+ if ((ctx = EVP_MD_CTX_new()) == NULL) { -+ ret = SSH_ERR_ALLOC_FAIL; -+ goto error; -+ } -+ if (EVP_SignInit_ex(ctx, ssh_digest_to_md(hash_alg), NULL) <= 0 || -+ EVP_SignUpdate(ctx, data, datalen) <= 0 || -+ EVP_SignFinal(ctx, sig, &len, pkey) <= 0) { -+ ret = SSH_ERR_LIBCRYPTO_ERROR; -+ goto error; -+ } -+ -+ *sigp = sig; -+ *lenp = len; -+ /* Now owned by the caller */ -+ sig = NULL; -+ ret = 0; -+ -+error: -+ EVP_MD_CTX_free(ctx); -+ free(sig); -+ return ret; -+} -+ -+int -+sshkey_verify_signature(EVP_PKEY *pkey, int hash_alg, const u_char *data, -+ size_t datalen, u_char *sigbuf, int siglen) -+{ -+ EVP_MD_CTX *ctx = NULL; -+ int ret; -+ -+ if ((ctx = EVP_MD_CTX_new()) == NULL) { -+ return SSH_ERR_ALLOC_FAIL; -+ } -+ if (EVP_VerifyInit_ex(ctx, ssh_digest_to_md(hash_alg), NULL) <= 0 || -+ EVP_VerifyUpdate(ctx, data, datalen) <= 0) { -+ ret = SSH_ERR_LIBCRYPTO_ERROR; -+ goto done; -+ } -+ ret = EVP_VerifyFinal(ctx, sigbuf, siglen, pkey); -+ switch (ret) { -+ case 1: -+ ret = 0; -+ break; -+ case 0: -+ ret = SSH_ERR_SIGNATURE_INVALID; -+ break; -+ default: -+ ret = SSH_ERR_LIBCRYPTO_ERROR; -+ break; -+ } -+ -+done: -+ EVP_MD_CTX_free(ctx); -+ return ret; -+} -+ - /* XXX: these are really begging for a table-driven approach */ - int - sshkey_curve_name_to_nid(const char *name) -diff --git a/sshkey.h b/sshkey.h -index a91e60436..270901a87 100644 ---- a/sshkey.h -+++ b/sshkey.h -@@ -179,6 +179,10 @@ const char *sshkey_ssh_name(const struct sshkey *); - const char *sshkey_ssh_name_plain(const struct sshkey *); - int sshkey_names_valid2(const char *, int); - char *sshkey_alg_list(int, int, int, char); -+int sshkey_calculate_signature(EVP_PKEY*, int, u_char **, -+ int *, const u_char *, size_t); -+int sshkey_verify_signature(EVP_PKEY *, int, const u_char *, -+ size_t, u_char *, int); - - int sshkey_from_blob(const u_char *, size_t, struct sshkey **); - int sshkey_fromb(struct sshbuf *, struct sshkey **); - diff --git a/openssh-8.0p1-pkcs11-uri.patch b/openssh-8.0p1-pkcs11-uri.patch index be38500..affdd72 100644 --- a/openssh-8.0p1-pkcs11-uri.patch +++ b/openssh-8.0p1-pkcs11-uri.patch @@ -534,7 +534,7 @@ diff -up openssh-8.7p1/regress/unittests/Makefile.pkcs11-uri openssh-8.7p1/regre diff -up openssh-8.7p1/regress/unittests/pkcs11/tests.c.pkcs11-uri openssh-8.7p1/regress/unittests/pkcs11/tests.c --- openssh-8.7p1/regress/unittests/pkcs11/tests.c.pkcs11-uri 2021-08-30 13:07:43.664700104 +0200 +++ openssh-8.7p1/regress/unittests/pkcs11/tests.c 2021-08-30 13:07:43.664700104 +0200 -@@ -0,0 +1,342 @@ +@@ -0,0 +1,337 @@ +/* + * Copyright (c) 2017 Red Hat + * @@ -563,7 +563,7 @@ diff -up openssh-8.7p1/regress/unittests/pkcs11/tests.c.pkcs11-uri openssh-8.7p1 +#include "sshbuf.h" +#include "ssh-pkcs11-uri.h" + -+#define EMPTY_URI compose_uri(NULL, 0, NULL, NULL, NULL, NULL, NULL, NULL, NULL) ++#define EMPTY_URI compose_uri(NULL, 0, NULL, NULL, NULL, NULL, NULL, NULL) + +/* prototypes are not public -- specify them here internally for tests */ +struct sshbuf *percent_encode(const char *, size_t, char *); @@ -596,10 +596,6 @@ diff -up openssh-8.7p1/regress/unittests/pkcs11/tests.c.pkcs11-uri openssh-8.7p1 + ASSERT_STRING_EQ(a->lib_manuf, b->lib_manuf); + else /* both should be null */ + ASSERT_PTR_EQ(a->lib_manuf, b->lib_manuf); -+ if (b->serial != NULL) -+ ASSERT_STRING_EQ(a->serial, b->serial); -+ else /* both should be null */ -+ ASSERT_PTR_EQ(a->serial, b->serial); +} + +void @@ -634,7 +630,7 @@ diff -up openssh-8.7p1/regress/unittests/pkcs11/tests.c.pkcs11-uri openssh-8.7p1 + +struct pkcs11_uri * +compose_uri(unsigned char *id, size_t id_len, char *token, char *lib_manuf, -+ char *manuf, char *serial, char *module_path, char *object, char *pin) ++ char *manuf, char *module_path, char *object, char *pin) +{ + struct pkcs11_uri *uri = pkcs11_uri_init(); + if (id_len > 0) { @@ -645,7 +641,6 @@ diff -up openssh-8.7p1/regress/unittests/pkcs11/tests.c.pkcs11-uri openssh-8.7p1 + uri->token = token; + uri->lib_manuf = lib_manuf; + uri->manuf = manuf; -+ uri->serial = serial; + uri->object = object; + uri->pin = pin; + return uri; @@ -656,47 +651,47 @@ diff -up openssh-8.7p1/regress/unittests/pkcs11/tests.c.pkcs11-uri openssh-8.7p1 +{ + /* path arguments */ + check_parse("pkcs11:id=%01", -+ compose_uri("\x01", 1, NULL, NULL, NULL, NULL, NULL, NULL, NULL)); ++ compose_uri("\x01", 1, NULL, NULL, NULL, NULL, NULL, NULL)); + check_parse("pkcs11:id=%00%01", -+ compose_uri("\x00\x01", 2, NULL, NULL, NULL, NULL, NULL, NULL, NULL)); ++ compose_uri("\x00\x01", 2, NULL, NULL, NULL, NULL, NULL, NULL)); + check_parse("pkcs11:token=SSH%20Keys", -+ compose_uri(NULL, 0, "SSH Keys", NULL, NULL, NULL, NULL, NULL, NULL)); ++ compose_uri(NULL, 0, "SSH Keys", NULL, NULL, NULL, NULL, NULL)); + check_parse("pkcs11:library-manufacturer=OpenSC", -+ compose_uri(NULL, 0, NULL, "OpenSC", NULL, NULL, NULL, NULL, NULL)); ++ compose_uri(NULL, 0, NULL, "OpenSC", NULL, NULL, NULL, NULL)); + check_parse("pkcs11:manufacturer=piv_II", -+ compose_uri(NULL, 0, NULL, NULL, "piv_II", NULL, NULL, NULL, NULL)); ++ compose_uri(NULL, 0, NULL, NULL, "piv_II", NULL, NULL, NULL)); + check_parse("pkcs11:object=SIGN%20Key", -+ compose_uri(NULL, 0, NULL, NULL, NULL, NULL, NULL, "SIGN Key", NULL)); ++ compose_uri(NULL, 0, NULL, NULL, NULL, NULL, "SIGN Key", NULL)); + /* query arguments */ + check_parse("pkcs11:?module-path=/usr/lib64/p11-kit-proxy.so", -+ compose_uri(NULL, 0, NULL, NULL, NULL, NULL, "/usr/lib64/p11-kit-proxy.so", NULL, NULL)); ++ compose_uri(NULL, 0, NULL, NULL, NULL, "/usr/lib64/p11-kit-proxy.so", NULL, NULL)); + check_parse("pkcs11:?pin-value=123456", -+ compose_uri(NULL, 0, NULL, NULL, NULL, NULL, NULL, NULL, "123456")); ++ compose_uri(NULL, 0, NULL, NULL, NULL, NULL, NULL, "123456")); + + /* combinations */ + /* ID SHOULD be percent encoded */ + check_parse("pkcs11:token=SSH%20Key;id=0", -+ compose_uri("0", 1, "SSH Key", NULL, NULL, NULL, NULL, NULL, NULL)); ++ compose_uri("0", 1, "SSH Key", NULL, NULL, NULL, NULL, NULL)); + check_parse( + "pkcs11:manufacturer=CAC?module-path=/usr/lib64/p11-kit-proxy.so", -+ compose_uri(NULL, 0, NULL, NULL, "CAC", NULL, ++ compose_uri(NULL, 0, NULL, NULL, "CAC", + "/usr/lib64/p11-kit-proxy.so", NULL, NULL)); + check_parse( + "pkcs11:object=RSA%20Key?module-path=/usr/lib64/pkcs11/opencryptoki.so", -+ compose_uri(NULL, 0, NULL, NULL, NULL, NULL, ++ compose_uri(NULL, 0, NULL, NULL, NULL, + "/usr/lib64/pkcs11/opencryptoki.so", "RSA Key", NULL)); + check_parse("pkcs11:?module-path=/usr/lib64/p11-kit-proxy.so&pin-value=123456", -+ compose_uri(NULL, 0, NULL, NULL, NULL, NULL, "/usr/lib64/p11-kit-proxy.so", NULL, "123456")); ++ compose_uri(NULL, 0, NULL, NULL, NULL, "/usr/lib64/p11-kit-proxy.so", NULL, "123456")); + + /* empty path component matches everything */ + check_parse("pkcs11:", EMPTY_URI); + + /* empty string is a valid to match against (and different from NULL) */ + check_parse("pkcs11:token=", -+ compose_uri(NULL, 0, "", NULL, NULL, NULL, NULL, NULL, NULL)); ++ compose_uri(NULL, 0, "", NULL, NULL, NULL, NULL, NULL)); + /* Percent character needs to be percent-encoded */ + check_parse("pkcs11:token=%25", -+ compose_uri(NULL, 0, "%", NULL, NULL, NULL, NULL, NULL, NULL)); ++ compose_uri(NULL, 0, "%", NULL, NULL, NULL, NULL, NULL)); +} + +static void @@ -708,7 +703,7 @@ diff -up openssh-8.7p1/regress/unittests/pkcs11/tests.c.pkcs11-uri openssh-8.7p1 + check_parse_rv("pkcs11:id=%ZZ", EMPTY_URI, -1); + /* Space MUST be percent encoded -- XXX not enforced yet */ + check_parse("pkcs11:token=SSH Keys", -+ compose_uri(NULL, 0, "SSH Keys", NULL, NULL, NULL, NULL, NULL, NULL)); ++ compose_uri(NULL, 0, "SSH Keys", NULL, NULL, NULL, NULL, NULL)); + /* MUST NOT contain duplicate attributes of the same name */ + check_parse_rv("pkcs11:id=%01;id=%02", EMPTY_URI, -1); + /* MUST NOT contain duplicate attributes of the same name */ @@ -739,29 +734,29 @@ diff -up openssh-8.7p1/regress/unittests/pkcs11/tests.c.pkcs11-uri openssh-8.7p1 +{ + /* path arguments */ + check_gen("pkcs11:id=%01", -+ compose_uri("\x01", 1, NULL, NULL, NULL, NULL, NULL, NULL, NULL)); ++ compose_uri("\x01", 1, NULL, NULL, NULL, NULL, NULL, NULL)); + check_gen("pkcs11:id=%00%01", -+ compose_uri("\x00\x01", 2, NULL, NULL, NULL, NULL, NULL, NULL, NULL)); ++ compose_uri("\x00\x01", 2, NULL, NULL, NULL, NULL, NULL, NULL)); + check_gen("pkcs11:token=SSH%20Keys", /* space must be percent encoded */ -+ compose_uri(NULL, 0, "SSH Keys", NULL, NULL, NULL, NULL, NULL, NULL)); ++ compose_uri(NULL, 0, "SSH Keys", NULL, NULL, NULL, NULL, NULL)); + /* library-manufacturer is not implmented now */ + /*check_gen("pkcs11:library-manufacturer=OpenSC", -+ compose_uri(NULL, 0, NULL, "OpenSC", NULL, NULL, NULL, NULL, NULL));*/ ++ compose_uri(NULL, 0, NULL, "OpenSC", NULL, NULL, NULL, NULL));*/ + check_gen("pkcs11:manufacturer=piv_II", -+ compose_uri(NULL, 0, NULL, NULL, "piv_II", NULL, NULL, NULL, NULL)); ++ compose_uri(NULL, 0, NULL, NULL, "piv_II", NULL, NULL, NULL)); + check_gen("pkcs11:object=RSA%20Key", -+ compose_uri(NULL, 0, NULL, NULL, NULL, NULL, NULL, "RSA Key", NULL)); ++ compose_uri(NULL, 0, NULL, NULL, NULL, NULL, "RSA Key", NULL)); + /* query arguments */ + check_gen("pkcs11:?module-path=/usr/lib64/p11-kit-proxy.so", -+ compose_uri(NULL, 0, NULL, NULL, NULL, NULL, "/usr/lib64/p11-kit-proxy.so", NULL, NULL)); ++ compose_uri(NULL, 0, NULL, NULL, NULL, "/usr/lib64/p11-kit-proxy.so", NULL, NULL)); + + /* combinations */ + check_gen("pkcs11:id=%02;token=SSH%20Keys", -+ compose_uri("\x02", 1, "SSH Keys", NULL, NULL, NULL, NULL, NULL, NULL)); ++ compose_uri("\x02", 1, "SSH Keys", NULL, NULL, NULL, NULL, NULL)); + check_gen("pkcs11:id=%EE%02?module-path=/usr/lib64/p11-kit-proxy.so", -+ compose_uri("\xEE\x02", 2, NULL, NULL, NULL, NULL, "/usr/lib64/p11-kit-proxy.so", NULL, NULL)); ++ compose_uri("\xEE\x02", 2, NULL, NULL, NULL, "/usr/lib64/p11-kit-proxy.so", NULL, NULL)); + check_gen("pkcs11:object=Encryption%20Key;manufacturer=piv_II", -+ compose_uri(NULL, 0, NULL, NULL, "piv_II", NULL, NULL, "Encryption Key", NULL)); ++ compose_uri(NULL, 0, NULL, NULL, "piv_II", NULL, "Encryption Key", NULL)); + + /* empty path component matches everything */ + check_gen("pkcs11:", EMPTY_URI); @@ -1550,7 +1545,7 @@ diff -up openssh-8.7p1/ssh-pkcs11.c.pkcs11-uri openssh-8.7p1/ssh-pkcs11.c } static RSA_METHOD *rsa_method; -@@ -195,6 +286,56 @@ static EC_KEY_METHOD *ec_key_method; +@@ -195,6 +286,55 @@ static EC_KEY_METHOD *ec_key_method; static int ec_key_idx = 0; #endif /* OPENSSL_HAS_ECC && HAVE_EC_KEY_METHOD_NEW */ @@ -1592,7 +1587,6 @@ diff -up openssh-8.7p1/ssh-pkcs11.c.pkcs11-uri openssh-8.7p1/ssh-pkcs11.c + uri.module_path = k11->provider->module->module_path; + uri.lib_manuf = k11->provider->module->info.manufacturerID; + uri.manuf = k11->provider->module->slotinfo[k11->slotidx].token.manufacturerID; -+ uri.serial = k11->provider->module->slotinfo[k11->slotidx].token.serialNumber; + + p = pkcs11_uri_get(&uri); + /* do not cleanup -- we do not allocate here, only reference */ @@ -2163,7 +2157,7 @@ diff -up openssh-8.7p1/ssh-pkcs11.c.pkcs11-uri openssh-8.7p1/ssh-pkcs11.c int ret = -1; struct pkcs11_provider *p = NULL; void *handle = NULL; -@@ -1517,164 +1702,305 @@ pkcs11_register_provider(char *provider_ +@@ -1517,164 +1702,298 @@ pkcs11_register_provider(char *provider_ CK_FUNCTION_LIST *f = NULL; CK_TOKEN_INFO *token; CK_ULONG i; @@ -2407,13 +2401,6 @@ diff -up openssh-8.7p1/ssh-pkcs11.c.pkcs11-uri openssh-8.7p1/ssh-pkcs11.c + "manufacturerID (%s) specified by PKCS#11 URI in " + "slot %lu", token->manufacturerID, (unsigned long)i); + continue; -+ } -+ if (uri->serial != NULL && -+ strcmp(token->serialNumber, uri->serial) != 0) { -+ debug2_f("ignoring token not matching requrested " -+ "serialNumber (%s) specified by PKCS#11 URI in " -+ "slot %lu", token->serialNumber, (unsigned long)i); -+ continue; + } debug("provider %s slot %lu: label <%s> manufacturerID <%s> " "model <%s> serial <%s> flags 0x%lx", @@ -2604,7 +2591,7 @@ diff -up openssh-8.7p1/ssh-pkcs11.h.pkcs11-uri openssh-8.7p1/ssh-pkcs11.h diff -up openssh-8.7p1/ssh-pkcs11-uri.c.pkcs11-uri openssh-8.7p1/ssh-pkcs11-uri.c --- openssh-8.7p1/ssh-pkcs11-uri.c.pkcs11-uri 2021-08-30 13:07:43.667700130 +0200 +++ openssh-8.7p1/ssh-pkcs11-uri.c 2021-08-30 13:07:43.667700130 +0200 -@@ -0,0 +1,437 @@ +@@ -0,0 +1,419 @@ +/* + * Copyright (c) 2017 Red Hat + * @@ -2647,14 +2634,13 @@ diff -up openssh-8.7p1/ssh-pkcs11-uri.c.pkcs11-uri openssh-8.7p1/ssh-pkcs11-uri. +#define PKCS11_URI_OBJECT "object" +#define PKCS11_URI_LIB_MANUF "library-manufacturer" +#define PKCS11_URI_MANUF "manufacturer" -+#define PKCS11_URI_SERIAL "serial" +#define PKCS11_URI_MODULE_PATH "module-path" +#define PKCS11_URI_PIN_VALUE "pin-value" + +/* Keyword tokens. */ +typedef enum { -+ pId, pToken, pObject, pLibraryManufacturer, pManufacturer, pSerial, -+ pModulePath, pPinValue, pBadOption ++ pId, pToken, pObject, pLibraryManufacturer, pManufacturer, pModulePath, ++ pPinValue, pBadOption +} pkcs11uriOpCodes; + +/* Textual representation of the tokens. */ @@ -2667,7 +2653,6 @@ diff -up openssh-8.7p1/ssh-pkcs11-uri.c.pkcs11-uri openssh-8.7p1/ssh-pkcs11-uri. + { PKCS11_URI_OBJECT, pObject }, + { PKCS11_URI_LIB_MANUF, pLibraryManufacturer }, + { PKCS11_URI_MANUF, pManufacturer }, -+ { PKCS11_URI_SERIAL, pSerial }, + { PKCS11_URI_MODULE_PATH, pModulePath }, + { PKCS11_URI_PIN_VALUE, pPinValue }, + { NULL, pBadOption } @@ -2826,16 +2811,6 @@ diff -up openssh-8.7p1/ssh-pkcs11-uri.c.pkcs11-uri openssh-8.7p1/ssh-pkcs11-uri. + goto err; + } + -+ /* Write serial */ -+ if (uri->serial) { -+ struct sshbuf *serial = percent_encode(uri->serial, -+ strlen(uri->serial), PKCS11_URI_WHITELIST); -+ path = pkcs11_uri_append(path, PKCS11_URI_PATH_SEPARATOR, -+ PKCS11_URI_SERIAL, serial); -+ if (path == NULL) -+ goto err; -+ } -+ + /* Write module_path */ + if (uri->module_path) { + struct sshbuf *module = percent_encode(uri->module_path, @@ -2878,7 +2853,6 @@ diff -up openssh-8.7p1/ssh-pkcs11-uri.c.pkcs11-uri openssh-8.7p1/ssh-pkcs11-uri. + free(pkcs11->object); + free(pkcs11->lib_manuf); + free(pkcs11->manuf); -+ free(pkcs11->serial); + if (pkcs11->pin) + freezero(pkcs11->pin, strlen(pkcs11->pin)); + free(pkcs11); @@ -2974,11 +2948,6 @@ diff -up openssh-8.7p1/ssh-pkcs11-uri.c.pkcs11-uri openssh-8.7p1/ssh-pkcs11-uri. + charptr = &pkcs11->manuf; + goto parse_string; + -+ case pSerial: -+ /* CK_TOKEN_INFO -> serialNumber */ -+ charptr = &pkcs11->serial; -+ goto parse_string; -+ + case pLibraryManufacturer: + /* CK_INFO -> manufacturerID */ + charptr = &pkcs11->lib_manuf; @@ -3045,7 +3014,7 @@ diff -up openssh-8.7p1/ssh-pkcs11-uri.c.pkcs11-uri openssh-8.7p1/ssh-pkcs11-uri. diff -up openssh-8.7p1/ssh-pkcs11-uri.h.pkcs11-uri openssh-8.7p1/ssh-pkcs11-uri.h --- openssh-8.7p1/ssh-pkcs11-uri.h.pkcs11-uri 2021-08-30 13:07:43.667700130 +0200 +++ openssh-8.7p1/ssh-pkcs11-uri.h 2021-08-30 13:07:43.667700130 +0200 -@@ -0,0 +1,43 @@ +@@ -0,0 +1,42 @@ +/* + * Copyright (c) 2017 Red Hat + * @@ -3077,7 +3046,6 @@ diff -up openssh-8.7p1/ssh-pkcs11-uri.h.pkcs11-uri openssh-8.7p1/ssh-pkcs11-uri. + char *object; + char *lib_manuf; + char *manuf; -+ char *serial; + /* query */ + char *module_path; + char *pin; /* Only parsed, but not printed */ diff --git a/openssh-8.7p1-evpgenkey.patch b/openssh-8.7p1-evpgenkey.patch deleted file mode 100644 index c8703d9..0000000 --- a/openssh-8.7p1-evpgenkey.patch +++ /dev/null @@ -1,109 +0,0 @@ -diff -up openssh-9.3p1/ssh-rsa.c.evpgenrsa openssh-9.3p1/ssh-rsa.c ---- openssh-9.3p1/ssh-rsa.c.evpgenrsa 2022-06-30 15:14:58.200518353 +0200 -+++ openssh-9.3p1/ssh-rsa.c 2022-06-30 15:24:31.499641196 +0200 -@@ -1657,7 +1657,8 @@ sshkey_cert_type(const struct sshkey *k) - static int - ssh_rsa_generate(struct sshkey *k, int bits) - { -- RSA *private = NULL; -+ EVP_PKEY_CTX *ctx = NULL; -+ EVP_PKEY *res = NULL; - BIGNUM *f4 = NULL; - int ret = SSH_ERR_INTERNAL_ERROR; - -@@ -1667,20 +1668,42 @@ ssh_rsa_generate(u_int bits, RSA - if (bits < SSH_RSA_MINIMUM_MODULUS_SIZE || - bits > SSHBUF_MAX_BIGNUM * 8) - return SSH_ERR_KEY_LENGTH; -- if ((private = RSA_new()) == NULL || (f4 = BN_new()) == NULL) { -+ -+ if ((ctx = EVP_PKEY_CTX_new_from_name(NULL, "RSA", NULL)) == NULL -+ || (f4 = BN_new()) == NULL || !BN_set_word(f4, RSA_F4)) { - ret = SSH_ERR_ALLOC_FAIL; - goto out; - } -- if (!BN_set_word(f4, RSA_F4) || -- !RSA_generate_key_ex(private, bits, f4, NULL)) { -+ -+ if (EVP_PKEY_keygen_init(ctx) <= 0) { -+ ret = SSH_ERR_LIBCRYPTO_ERROR; -+ goto out; -+ } -+ -+ if (EVP_PKEY_CTX_set_rsa_keygen_bits(ctx, bits) <= 0) { -+ ret = SSH_ERR_KEY_LENGTH; -+ goto out; -+ } -+ -+ if (EVP_PKEY_CTX_set1_rsa_keygen_pubexp(ctx, f4) <= 0) -+ goto out; -+ -+ if (EVP_PKEY_keygen(ctx, &res) <= 0) { -+ ret = SSH_ERR_LIBCRYPTO_ERROR; -+ goto out; -+ } -+ -+ /* This function is deprecated in OpenSSL 3.0 but OpenSSH doesn't worry about it*/ -+ k->rsa = EVP_PKEY_get1_RSA(res); -+ if (k->rsa) { -+ ret = 0; -+ } else { - ret = SSH_ERR_LIBCRYPTO_ERROR; - goto out; - } -- k->rsa = private; -- private = NULL; -- ret = 0; - out: -- RSA_free(private); -+ EVP_PKEY_CTX_free(ctx); -+ EVP_PKEY_free(res); - BN_free(f4); - return ret; - } -diff -up openssh-9.3p1/ssh-ecdsa.c.evpgenrsa openssh-9.3p1/ssh-ecdsa.c ---- openssh-9.3p1/ssh-ecdsa.c.evpgenrsa 2022-06-30 15:14:58.200518353 +0200 -+++ openssh-9.3p1/ssh-ecdsa.c 2022-06-30 15:24:31.499641196 +0200 -@@ -1820,7 +1820,8 @@ sshkey_ecdsa_key_to_nid(EC_KEY *k) - static int - ssh_ecdsa_generate(struct sshkey *k, int bits) - { -- EC_KEY *private; -+ EVP_PKEY_CTX *ctx = NULL; -+ EVP_PKEY *res = NULL; - - if ((k->ecdsa_nid = sshkey_ecdsa_bits_to_nid(bits)) == -1) - return SSH_ERR_KEY_LENGTH; -@@ -1828,15 +1829,24 @@ ssh_ecdsa_generate(u_int bits, i - - if ((k->ecdsa_nid = sshkey_ecdsa_bits_to_nid(bits)) == -1) - return SSH_ERR_KEY_LENGTH; -- if ((private = EC_KEY_new_by_curve_name(k->ecdsa_nid)) == NULL) -+ -+ if ((ctx = EVP_PKEY_CTX_new_from_name(NULL, "EC", NULL)) == NULL) - return SSH_ERR_ALLOC_FAIL; -- if (EC_KEY_generate_key(private) != 1) { -- EC_KEY_free(private); -- return SSH_ERR_LIBCRYPTO_ERROR; -- } -+ -+ if (EVP_PKEY_keygen_init(ctx) <= 0 || EVP_PKEY_CTX_set_group_name(ctx, OBJ_nid2sn(k->ecdsa_nid)) <= 0 -+ || EVP_PKEY_keygen(ctx, &res) <= 0) { -+ EVP_PKEY_CTX_free(ctx); -+ EVP_PKEY_free(res); -+ return SSH_ERR_LIBCRYPTO_ERROR; -+ } -+ /* This function is deprecated in OpenSSL 3.0 but OpenSSH doesn't worry about it*/ -+ k->ecdsa = EVP_PKEY_get1_EC_KEY(res); -+ if (k->ecdsa) -+ EC_KEY_set_asn1_flag(k->ecdsa, OPENSSL_EC_NAMED_CURVE); -+ -- EC_KEY_set_asn1_flag(private, OPENSSL_EC_NAMED_CURVE); -- k->ecdsa = private; -- return 0; -+ EVP_PKEY_CTX_free(ctx); -+ EVP_PKEY_free(res); -+ return (k->ecdsa) ? 0 : SSH_ERR_LIBCRYPTO_ERROR; - } - - static int diff --git a/openssh-8.7p1-gssapi-auth.patch b/openssh-8.7p1-gssapi-auth.patch deleted file mode 100644 index 6908cad..0000000 --- a/openssh-8.7p1-gssapi-auth.patch +++ /dev/null @@ -1,20 +0,0 @@ -diff --color -rup a/monitor.c b/monitor.c ---- a/monitor.c 2022-07-11 15:11:28.146863144 +0200 -+++ b/monitor.c 2022-07-11 15:15:35.726655877 +0200 -@@ -376,8 +376,15 @@ monitor_child_preauth(struct ssh *ssh, s - if (ent->flags & (MON_AUTHDECIDE|MON_ALOG)) { - auth_log(ssh, authenticated, partial, - auth_method, auth_submethod); -- if (!partial && !authenticated) -+ if (!partial && !authenticated) { -+#ifdef GSSAPI -+ /* If gssapi-with-mic failed, MONITOR_REQ_GSSCHECKMIC is disabled. -+ * We have to reenable it to try again for gssapi-keyex */ -+ if (strcmp(auth_method, "gssapi-with-mic") == 0 && options.gss_keyex) -+ monitor_permit(mon_dispatch, MONITOR_REQ_GSSCHECKMIC, 1); -+#endif - authctxt->failures++; -+ } - if (authenticated || partial) { - auth2_update_session_info(authctxt, - auth_method, auth_submethod); diff --git a/openssh-9.0p1-evp-fips-sign.patch b/openssh-9.0p1-evp-fips-sign.patch deleted file mode 100644 index 40cc374..0000000 --- a/openssh-9.0p1-evp-fips-sign.patch +++ /dev/null @@ -1,476 +0,0 @@ -diff -up openssh-9.3p1/ssh-dss.c.evp-fips-sign openssh-9.3p1/ssh-dss.c ---- openssh-9.3p1/ssh-dss.c.evp-fips-sign 2023-04-27 16:46:17.115809116 +0200 -+++ openssh-9.3p1/ssh-dss.c 2023-04-27 17:07:40.117253665 +0200 -@@ -32,6 +32,8 @@ - #include - #include - #include -+#include -+#include - - #include - #include -@@ -281,9 +283,8 @@ ssh_dss_sign(struct sshkey *key, - sshkey_type_plain(key->type) != KEY_DSA) - return SSH_ERR_INVALID_ARGUMENT; - -- if ((pkey = EVP_PKEY_new()) == NULL || -- EVP_PKEY_set1_DSA(pkey, key->dsa) != 1) -- return SSH_ERR_ALLOC_FAIL; -+ if ((ret = ssh_create_evp_dss(key, &pkey)) != 0) -+ return ret; - ret = sshkey_calculate_signature(pkey, SSH_DIGEST_SHA1, &sigb, &len, - data, datalen); - EVP_PKEY_free(pkey); -@@ -411,11 +412,8 @@ ssh_dss_verify(const struct sshkey *key, - goto out; - } - -- if ((pkey = EVP_PKEY_new()) == NULL || -- EVP_PKEY_set1_DSA(pkey, key->dsa) != 1) { -- ret = SSH_ERR_ALLOC_FAIL; -+ if ((ret = ssh_create_evp_dss(key, &pkey)) != 0) - goto out; -- } - ret = sshkey_verify_signature(pkey, SSH_DIGEST_SHA1, data, dlen, - sigb, slen); - EVP_PKEY_free(pkey); -@@ -432,6 +430,65 @@ ssh_dss_verify(const struct sshkey *key, - return ret; - } - -+int -+ssh_create_evp_dss(const struct sshkey *k, EVP_PKEY **pkey) -+{ -+ OSSL_PARAM_BLD *param_bld = NULL; -+ EVP_PKEY_CTX *ctx = NULL; -+ const BIGNUM *p = NULL, *q = NULL, *g = NULL, *pub = NULL, *priv = NULL; -+ int ret = 0; -+ -+ if (k == NULL) -+ return SSH_ERR_INVALID_ARGUMENT; -+ if ((ctx = EVP_PKEY_CTX_new_from_name(NULL, "DSA", NULL)) == NULL || -+ (param_bld = OSSL_PARAM_BLD_new()) == NULL) { -+ ret = SSH_ERR_ALLOC_FAIL; -+ goto out; -+ } -+ -+ DSA_get0_pqg(k->dsa, &p, &q, &g); -+ DSA_get0_key(k->dsa, &pub, &priv); -+ -+ if (p != NULL && -+ OSSL_PARAM_BLD_push_BN(param_bld, OSSL_PKEY_PARAM_FFC_P, p) != 1) { -+ ret = SSH_ERR_LIBCRYPTO_ERROR; -+ goto out; -+ } -+ if (q != NULL && -+ OSSL_PARAM_BLD_push_BN(param_bld, OSSL_PKEY_PARAM_FFC_Q, q) != 1) { -+ ret = SSH_ERR_LIBCRYPTO_ERROR; -+ goto out; -+ } -+ if (g != NULL && -+ OSSL_PARAM_BLD_push_BN(param_bld, OSSL_PKEY_PARAM_FFC_G, g) != 1) { -+ ret = SSH_ERR_LIBCRYPTO_ERROR; -+ goto out; -+ } -+ if (pub != NULL && -+ OSSL_PARAM_BLD_push_BN(param_bld, -+ OSSL_PKEY_PARAM_PUB_KEY, -+ pub) != 1) { -+ ret = SSH_ERR_LIBCRYPTO_ERROR; -+ goto out; -+ } -+ if (priv != NULL && -+ OSSL_PARAM_BLD_push_BN(param_bld, -+ OSSL_PKEY_PARAM_PRIV_KEY, -+ priv) != 1) { -+ ret = SSH_ERR_LIBCRYPTO_ERROR; -+ goto out; -+ } -+ if ((*pkey = sshkey_create_evp(param_bld, ctx)) == NULL) { -+ ret = SSH_ERR_LIBCRYPTO_ERROR; -+ goto out; -+ } -+ -+out: -+ OSSL_PARAM_BLD_free(param_bld); -+ EVP_PKEY_CTX_free(ctx); -+ return ret; -+} -+ - static const struct sshkey_impl_funcs sshkey_dss_funcs = { - /* .size = */ ssh_dss_size, - /* .alloc = */ ssh_dss_alloc, -diff -up openssh-9.3p1/ssh-ecdsa.c.evp-fips-sign openssh-9.3p1/ssh-ecdsa.c ---- openssh-9.3p1/ssh-ecdsa.c.evp-fips-sign 2023-04-27 16:46:17.127809401 +0200 -+++ openssh-9.3p1/ssh-ecdsa.c 2023-04-27 17:08:28.557396513 +0200 -@@ -34,6 +34,8 @@ - #include - #include - #include -+#include -+#include - - #include - -@@ -260,9 +262,8 @@ ssh_ecdsa_sign(struct sshkey *key, - if ((hash_alg = sshkey_ec_nid_to_hash_alg(key->ecdsa_nid)) == -1) - return SSH_ERR_INTERNAL_ERROR; - -- if ((pkey = EVP_PKEY_new()) == NULL || -- EVP_PKEY_set1_EC_KEY(pkey, key->ecdsa) != 1) -- return SSH_ERR_ALLOC_FAIL; -+ if ((ret = ssh_create_evp_ec(key->ecdsa, key->ecdsa_nid, &pkey)) != 0) -+ return ret; - ret = sshkey_calculate_signature(pkey, hash_alg, &sigb, &len, data, - dlen); - EVP_PKEY_free(pkey); -@@ -381,11 +382,8 @@ ssh_ecdsa_verify(const struct sshkey *ke - goto out; - } - -- if ((pkey = EVP_PKEY_new()) == NULL || -- EVP_PKEY_set1_EC_KEY(pkey, key->ecdsa) != 1) { -- ret = SSH_ERR_ALLOC_FAIL; -+ if (ssh_create_evp_ec(key->ecdsa, key->ecdsa_nid, &pkey) != 0) - goto out; -- } - ret = sshkey_verify_signature(pkey, hash_alg, data, dlen, sigb, len); - EVP_PKEY_free(pkey); - -@@ -400,6 +398,79 @@ ssh_ecdsa_verify(const struct sshkey *ke - return ret; - } - -+int -+ssh_create_evp_ec(EC_KEY *k, int ecdsa_nid, EVP_PKEY **pkey) -+{ -+ OSSL_PARAM_BLD *param_bld = NULL; -+ EVP_PKEY_CTX *ctx = NULL; -+ BN_CTX *bn_ctx = NULL; -+ uint8_t *pub_ser = NULL; -+ const char *group_name; -+ const EC_POINT *pub = NULL; -+ const BIGNUM *priv = NULL; -+ int ret = 0; -+ -+ if (k == NULL) -+ return SSH_ERR_INVALID_ARGUMENT; -+ if ((ctx = EVP_PKEY_CTX_new_from_name(NULL, "EC", NULL)) == NULL || -+ (param_bld = OSSL_PARAM_BLD_new()) == NULL || -+ (bn_ctx = BN_CTX_new()) == NULL) { -+ ret = SSH_ERR_ALLOC_FAIL; -+ goto out; -+ } -+ -+ if ((group_name = OSSL_EC_curve_nid2name(ecdsa_nid)) == NULL || -+ OSSL_PARAM_BLD_push_utf8_string(param_bld, -+ OSSL_PKEY_PARAM_GROUP_NAME, -+ group_name, -+ strlen(group_name)) != 1) { -+ ret = SSH_ERR_LIBCRYPTO_ERROR; -+ goto out; -+ } -+ if ((pub = EC_KEY_get0_public_key(k)) != NULL) { -+ const EC_GROUP *group; -+ size_t len; -+ -+ group = EC_KEY_get0_group(k); -+ len = EC_POINT_point2oct(group, pub, -+ POINT_CONVERSION_UNCOMPRESSED, NULL, 0, NULL); -+ if ((pub_ser = malloc(len)) == NULL) { -+ ret = SSH_ERR_ALLOC_FAIL; -+ goto out; -+ } -+ EC_POINT_point2oct(group, -+ pub, -+ POINT_CONVERSION_UNCOMPRESSED, -+ pub_ser, -+ len, -+ bn_ctx); -+ if (OSSL_PARAM_BLD_push_octet_string(param_bld, -+ OSSL_PKEY_PARAM_PUB_KEY, -+ pub_ser, -+ len) != 1) { -+ ret = SSH_ERR_LIBCRYPTO_ERROR; -+ goto out; -+ } -+ } -+ if ((priv = EC_KEY_get0_private_key(k)) != NULL && -+ OSSL_PARAM_BLD_push_BN(param_bld, -+ OSSL_PKEY_PARAM_PRIV_KEY, priv) != 1) { -+ ret = SSH_ERR_LIBCRYPTO_ERROR; -+ goto out; -+ } -+ if ((*pkey = sshkey_create_evp(param_bld, ctx)) == NULL) { -+ ret = SSH_ERR_LIBCRYPTO_ERROR; -+ goto out; -+ } -+ -+out: -+ OSSL_PARAM_BLD_free(param_bld); -+ EVP_PKEY_CTX_free(ctx); -+ BN_CTX_free(bn_ctx); -+ free(pub_ser); -+ return ret; -+} -+ - /* NB. not static; used by ECDSA-SK */ - const struct sshkey_impl_funcs sshkey_ecdsa_funcs = { - /* .size = */ ssh_ecdsa_size, -diff -up openssh-9.3p1/sshkey.c.evp-fips-sign openssh-9.3p1/sshkey.c ---- openssh-9.3p1/sshkey.c.evp-fips-sign 2023-04-27 16:46:17.139809686 +0200 -+++ openssh-9.3p1/sshkey.c 2023-04-27 16:46:17.144809804 +0200 -@@ -35,6 +35,8 @@ - #include - #include - #include -+#include -+#include - #endif - - #include "crypto_api.h" -@@ -527,13 +529,14 @@ sshkey_calculate_signature(EVP_PKEY *pke - { - EVP_MD_CTX *ctx = NULL; - u_char *sig = NULL; -- int ret, slen, len; -+ int ret, slen; -+ size_t len; - - if (sigp == NULL || lenp == NULL) { - return SSH_ERR_INVALID_ARGUMENT; - } - -- slen = EVP_PKEY_size(pkey); -+ slen = EVP_PKEY_get_size(pkey); - if (slen <= 0 || slen > SSHBUF_MAX_BIGNUM) - return SSH_ERR_INVALID_ARGUMENT; - -@@ -546,9 +549,10 @@ sshkey_calculate_signature(EVP_PKEY *pke - ret = SSH_ERR_ALLOC_FAIL; - goto error; - } -- if (EVP_SignInit_ex(ctx, ssh_digest_to_md(hash_alg), NULL) <= 0 || -- EVP_SignUpdate(ctx, data, datalen) <= 0 || -- EVP_SignFinal(ctx, sig, &len, pkey) <= 0) { -+ if (EVP_DigestSignInit(ctx, NULL, ssh_digest_to_md(hash_alg), -+ NULL, pkey) != 1 || -+ EVP_DigestSignUpdate(ctx, data, datalen) != 1 || -+ EVP_DigestSignFinal(ctx, sig, &len) != 1) { - ret = SSH_ERR_LIBCRYPTO_ERROR; - goto error; - } -@@ -575,12 +579,13 @@ sshkey_verify_signature(EVP_PKEY *pkey, - if ((ctx = EVP_MD_CTX_new()) == NULL) { - return SSH_ERR_ALLOC_FAIL; - } -- if (EVP_VerifyInit_ex(ctx, ssh_digest_to_md(hash_alg), NULL) <= 0 || -- EVP_VerifyUpdate(ctx, data, datalen) <= 0) { -+ if (EVP_DigestVerifyInit(ctx, NULL, ssh_digest_to_md(hash_alg), -+ NULL, pkey) != 1 || -+ EVP_DigestVerifyUpdate(ctx, data, datalen) != 1) { - ret = SSH_ERR_LIBCRYPTO_ERROR; - goto done; - } -- ret = EVP_VerifyFinal(ctx, sigbuf, siglen, pkey); -+ ret = EVP_DigestVerifyFinal(ctx, sigbuf, siglen); - switch (ret) { - case 1: - ret = 0; -@@ -3809,3 +3814,27 @@ sshkey_set_filename(struct sshkey *k, co - return 0; - } - #endif /* WITH_XMSS */ -+ -+#ifdef WITH_OPENSSL -+EVP_PKEY * -+sshkey_create_evp(OSSL_PARAM_BLD *param_bld, EVP_PKEY_CTX *ctx) -+{ -+ EVP_PKEY *ret = NULL; -+ OSSL_PARAM *params = NULL; -+ if (param_bld == NULL || ctx == NULL) { -+ debug2_f("param_bld or ctx is NULL"); -+ return NULL; -+ } -+ if ((params = OSSL_PARAM_BLD_to_param(param_bld)) == NULL) { -+ debug2_f("Could not build param list"); -+ return NULL; -+ } -+ if (EVP_PKEY_fromdata_init(ctx) != 1 || -+ EVP_PKEY_fromdata(ctx, &ret, EVP_PKEY_KEYPAIR, params) != 1) { -+ debug2_f("EVP_PKEY_fromdata failed"); -+ OSSL_PARAM_free(params); -+ return NULL; -+ } -+ return ret; -+} -+#endif /* WITH_OPENSSL */ -diff -up openssh-9.3p1/sshkey.h.evp-fips-sign openssh-9.3p1/sshkey.h ---- openssh-9.3p1/sshkey.h.evp-fips-sign 2023-04-27 16:46:17.133809543 +0200 -+++ openssh-9.3p1/sshkey.h 2023-04-27 16:46:17.144809804 +0200 -@@ -31,6 +31,9 @@ - #ifdef WITH_OPENSSL - #include - #include -+#include -+#include -+#include - # ifdef OPENSSL_HAS_ECC - # include - # include -@@ -328,6 +331,13 @@ int sshkey_private_serialize_maxsign(st - - void sshkey_sig_details_free(struct sshkey_sig_details *); - -+#ifdef WITH_OPENSSL -+EVP_PKEY *sshkey_create_evp(OSSL_PARAM_BLD *, EVP_PKEY_CTX *); -+int ssh_create_evp_dss(const struct sshkey *, EVP_PKEY **); -+int ssh_create_evp_rsa(const struct sshkey *, EVP_PKEY **); -+int ssh_create_evp_ec(EC_KEY *, int, EVP_PKEY **); -+#endif /* WITH_OPENSSL */ -+ - #ifdef SSHKEY_INTERNAL - int sshkey_sk_fields_equal(const struct sshkey *a, const struct sshkey *b); - void sshkey_sk_cleanup(struct sshkey *k); -diff -up openssh-9.3p1/ssh-rsa.c.evp-fips-sign openssh-9.3p1/ssh-rsa.c ---- openssh-9.3p1/ssh-rsa.c.evp-fips-sign 2023-04-27 16:46:17.139809686 +0200 -+++ openssh-9.3p1/ssh-rsa.c 2023-04-27 17:10:30.376270565 +0200 -@@ -23,6 +23,8 @@ - #include - #include - #include -+#include -+#include - - #include - #include -@@ -426,9 +428,8 @@ ssh_rsa_sign(struct sshkey *key, - if (RSA_bits(key->rsa) < SSH_RSA_MINIMUM_MODULUS_SIZE) - return SSH_ERR_KEY_LENGTH; - -- if ((pkey = EVP_PKEY_new()) == NULL || -- EVP_PKEY_set1_RSA(pkey, key->rsa) != 1) -- return SSH_ERR_ALLOC_FAIL; -+ if ((ret = ssh_create_evp_rsa(key, &pkey)) != 0) -+ return ret; - ret = sshkey_calculate_signature(pkey, hash_alg, &sig, &len, data, - datalen); - EVP_PKEY_free(pkey); -@@ -540,11 +541,9 @@ ssh_rsa_verify(const struct sshkey *key, - len = modlen; - } - -- if ((pkey = EVP_PKEY_new()) == NULL || -- EVP_PKEY_set1_RSA(pkey, key->rsa) != 1) { -- ret = SSH_ERR_ALLOC_FAIL; -+ if ((ret = ssh_create_evp_rsa(key, &pkey)) != 0) - goto out; -- } -+ - ret = openssh_RSA_verify(hash_alg, data, dlen, sigblob, len, pkey); - EVP_PKEY_free(pkey); - -@@ -561,11 +560,9 @@ openssh_RSA_verify(int hash_alg, const u - u_char *sigbuf, size_t siglen, EVP_PKEY *pkey) - { - size_t rsasize = 0; -- const RSA *rsa; - int ret; - -- rsa = EVP_PKEY_get0_RSA(pkey); -- rsasize = RSA_size(rsa); -+ rsasize = EVP_PKEY_get_size(pkey); - if (rsasize <= 0 || rsasize > SSHBUF_MAX_BIGNUM || - siglen == 0 || siglen > rsasize) { - ret = SSH_ERR_INVALID_ARGUMENT; -@@ -579,6 +576,89 @@ done: - return ret; - } - -+int -+ssh_create_evp_rsa(const struct sshkey *k, EVP_PKEY **pkey) -+{ -+ OSSL_PARAM_BLD *param_bld = NULL; -+ EVP_PKEY_CTX *ctx = NULL; -+ int ret = 0; -+ const BIGNUM *n = NULL, *e = NULL, *d = NULL, *p = NULL, *q = NULL; -+ const BIGNUM *dmp1 = NULL, *dmq1 = NULL, *iqmp = NULL; -+ -+ if (k == NULL) -+ return SSH_ERR_INVALID_ARGUMENT; -+ if ((ctx = EVP_PKEY_CTX_new_from_name(NULL, "RSA", NULL)) == NULL || -+ (param_bld = OSSL_PARAM_BLD_new()) == NULL) { -+ ret = SSH_ERR_ALLOC_FAIL; -+ goto out; -+ } -+ -+ RSA_get0_key(k->rsa, &n, &e, &d); -+ RSA_get0_factors(k->rsa, &p, &q); -+ RSA_get0_crt_params(k->rsa, &dmp1, &dmq1, &iqmp); -+ -+ if (n != NULL && -+ OSSL_PARAM_BLD_push_BN(param_bld, OSSL_PKEY_PARAM_RSA_N, n) != 1) { -+ ret = SSH_ERR_LIBCRYPTO_ERROR; -+ goto out; -+ } -+ if (e != NULL && -+ OSSL_PARAM_BLD_push_BN(param_bld, OSSL_PKEY_PARAM_RSA_E, e) != 1) { -+ ret = SSH_ERR_LIBCRYPTO_ERROR; -+ goto out; -+ } -+ if (d != NULL && -+ OSSL_PARAM_BLD_push_BN(param_bld, OSSL_PKEY_PARAM_RSA_D, d) != 1) { -+ ret = SSH_ERR_LIBCRYPTO_ERROR; -+ goto out; -+ } -+ -+ if ((*pkey = sshkey_create_evp(param_bld, ctx)) == NULL) { -+ ret = SSH_ERR_LIBCRYPTO_ERROR; -+ goto out; -+ } -+ -+ /* setting this to param_build makes the creation process fail */ -+ if (p != NULL && -+ EVP_PKEY_set_bn_param(*pkey, OSSL_PKEY_PARAM_RSA_FACTOR1, p) != 1) { -+ debug2_f("failed to add 'p' param"); -+ ret = SSH_ERR_LIBCRYPTO_ERROR; -+ goto out; -+ } -+ if (q != NULL && -+ EVP_PKEY_set_bn_param(*pkey, OSSL_PKEY_PARAM_RSA_FACTOR2, q) != 1) { -+ debug2_f("failed to add 'q' param"); -+ ret = SSH_ERR_LIBCRYPTO_ERROR; -+ goto out; -+ } -+ if (dmp1 != NULL && -+ EVP_PKEY_set_bn_param(*pkey, -+ OSSL_PKEY_PARAM_RSA_EXPONENT1, dmp1) != 1) { -+ debug2_f("failed to add 'dmp1' param"); -+ ret = SSH_ERR_LIBCRYPTO_ERROR; -+ goto out; -+ } -+ if (dmq1 != NULL && -+ EVP_PKEY_set_bn_param(*pkey, -+ OSSL_PKEY_PARAM_RSA_EXPONENT2, dmq1) != 1) { -+ debug2_f("failed to add 'dmq1' param"); -+ ret = SSH_ERR_LIBCRYPTO_ERROR; -+ goto out; -+ } -+ if (iqmp != NULL && -+ EVP_PKEY_set_bn_param(*pkey, -+ OSSL_PKEY_PARAM_RSA_COEFFICIENT1, iqmp) != 1) { -+ debug2_f("failed to add 'iqmp' param"); -+ ret = SSH_ERR_LIBCRYPTO_ERROR; -+ goto out; -+ } -+ -+out: -+ OSSL_PARAM_BLD_free(param_bld); -+ EVP_PKEY_CTX_free(ctx); -+ return ret; -+} -+ - static const struct sshkey_impl_funcs sshkey_rsa_funcs = { - /* .size = */ ssh_rsa_size, - /* .alloc = */ ssh_rsa_alloc, diff --git a/openssh-9.0p1-evp-pkcs11.patch b/openssh-9.0p1-evp-pkcs11.patch deleted file mode 100644 index 325332d..0000000 --- a/openssh-9.0p1-evp-pkcs11.patch +++ /dev/null @@ -1,145 +0,0 @@ -diff --color -ru -x regress -x autom4te.cache -x '*.o' -x '*.lo' -x Makefile -x config.status -x configure~ -x configure.ac openssh-9.0p1/ssh-ecdsa.c openssh-9.0p1-patched/ssh-ecdsa.c ---- openssh-9.0p1/ssh-ecdsa.c 2023-05-24 08:54:03.926443958 +0200 -+++ openssh-9.0p1-patched/ssh-ecdsa.c 2023-05-24 09:46:19.082925921 +0200 -@@ -74,8 +74,18 @@ - if ((hash_alg = sshkey_ec_nid_to_hash_alg(key->ecdsa_nid)) == -1) - return SSH_ERR_INTERNAL_ERROR; - -- if ((ret = ssh_create_evp_ec(key->ecdsa, key->ecdsa_nid, &pkey)) != 0) -- return ret; -+#ifdef ENABLE_PKCS11 -+ if (is_ecdsa_pkcs11(key->ecdsa)) { -+ if ((pkey = EVP_PKEY_new()) == NULL || -+ EVP_PKEY_set1_EC_KEY(pkey, key->ecdsa) != 1) -+ return SSH_ERR_ALLOC_FAIL; -+ } else { -+#endif -+ if ((ret = ssh_create_evp_ec(key->ecdsa, key->ecdsa_nid, &pkey)) != 0) -+ return ret; -+#ifdef ENABLE_PKCS11 -+ } -+#endif - ret = sshkey_calculate_signature(pkey, hash_alg, &sigb, &len, data, - dlen); - EVP_PKEY_free(pkey); -diff --color -ru -x regress -x autom4te.cache -x '*.o' -x '*.lo' -x Makefile -x config.status -x configure~ -x configure.ac openssh-9.0p1/sshkey.h openssh-9.0p1-patched/sshkey.h ---- openssh-9.0p1/sshkey.h 2023-05-24 08:54:03.926443958 +0200 -+++ openssh-9.0p1-patched/sshkey.h 2023-05-24 08:57:22.930642788 +0200 -@@ -340,6 +340,10 @@ - #endif - #endif - -+#ifdef ENABLE_PKCS11 -+int pkcs11_get_ecdsa_idx(void); -+#endif -+ - #if !defined(WITH_OPENSSL) - # undef RSA - # undef DSA -diff --color -ru -x regress -x autom4te.cache -x '*.o' -x '*.lo' -x Makefile -x config.status -x configure~ -x configure.ac openssh-9.0p1/ssh-pkcs11.c openssh-9.0p1-patched/ssh-pkcs11.c ---- openssh-9.0p1/ssh-pkcs11.c 2023-05-24 08:54:03.888443542 +0200 -+++ openssh-9.0p1-patched/ssh-pkcs11.c 2023-05-24 09:48:13.101168512 +0200 -@@ -776,8 +776,24 @@ - - return (0); - } -+ -+int -+is_ecdsa_pkcs11(EC_KEY *ecdsa) -+{ -+ if (EC_KEY_get_ex_data(ecdsa, ec_key_idx) != NULL) -+ return 1; -+ return 0; -+} - #endif /* OPENSSL_HAS_ECC && HAVE_EC_KEY_METHOD_NEW */ - -+int -+is_rsa_pkcs11(RSA *rsa) -+{ -+ if (RSA_get_ex_data(rsa, rsa_idx) != NULL) -+ return 1; -+ return 0; -+} -+ - /* remove trailing spaces */ - static void - rmspace(u_char *buf, size_t len) -diff --color -ru -x regress -x autom4te.cache -x '*.o' -x '*.lo' -x Makefile -x config.status -x configure~ -x configure.ac openssh-9.0p1/ssh-pkcs11-client.c openssh-9.0p1-patched/ssh-pkcs11-client.c ---- openssh-9.0p1/ssh-pkcs11-client.c 2023-05-24 08:54:03.887443531 +0200 -+++ openssh-9.0p1-patched/ssh-pkcs11-client.c 2023-05-24 09:49:41.741134514 +0200 -@@ -225,8 +225,36 @@ - static RSA_METHOD *helper_rsa; - #if defined(OPENSSL_HAS_ECC) && defined(HAVE_EC_KEY_METHOD_NEW) - static EC_KEY_METHOD *helper_ecdsa; -+ -+int -+is_ecdsa_pkcs11(EC_KEY *ecdsa) -+{ -+ const EC_KEY_METHOD *meth; -+ ECDSA_SIG *(*sign_sig)(const unsigned char *dgst, int dgstlen, -+ const BIGNUM *kinv, const BIGNUM *rp, EC_KEY *eckey) = NULL; -+ -+ meth = EC_KEY_get_method(ecdsa); -+ EC_KEY_METHOD_get_sign(meth, NULL, NULL, &sign_sig); -+ if (sign_sig == ecdsa_do_sign) -+ return 1; -+ return 0; -+} - #endif /* OPENSSL_HAS_ECC && HAVE_EC_KEY_METHOD_NEW */ - -+int -+is_rsa_pkcs11(RSA *rsa) -+{ -+ const RSA_METHOD *meth; -+ int (*priv_enc)(int flen, const unsigned char *from, -+ unsigned char *to, RSA *rsa, int padding) = NULL; -+ -+ meth = RSA_get_method(rsa); -+ priv_enc = RSA_meth_get_priv_enc(meth); -+ if (priv_enc == rsa_encrypt) -+ return 1; -+ return 0; -+} -+ - /* redirect private key crypto operations to the ssh-pkcs11-helper */ - static void - wrap_key(struct sshkey *k) -diff --color -ru -x regress -x autom4te.cache -x '*.o' -x '*.lo' -x Makefile -x config.status -x configure~ -x configure.ac openssh-9.0p1/ssh-pkcs11.h openssh-9.0p1-patched/ssh-pkcs11.h ---- openssh-9.0p1/ssh-pkcs11.h 2023-05-24 08:54:03.888443542 +0200 -+++ openssh-9.0p1-patched/ssh-pkcs11.h 2023-05-24 09:50:03.981376886 +0200 -@@ -39,6 +39,11 @@ - u_int32_t *); - #endif - -+#ifdef HAVE_EC_KEY_METHOD_NEW -+int is_ecdsa_pkcs11(EC_KEY *ecdsa); -+#endif -+int is_rsa_pkcs11(RSA *rsa); -+ - #if !defined(WITH_OPENSSL) && defined(ENABLE_PKCS11) - #undef ENABLE_PKCS11 - #endif -diff --color -ru -x regress -x autom4te.cache -x '*.o' -x '*.lo' -x Makefile -x config.status -x configure~ -x configure.ac openssh-9.0p1/ssh-rsa.c openssh-9.0p1-patched/ssh-rsa.c ---- openssh-9.0p1/ssh-rsa.c 2023-05-24 08:54:03.927443969 +0200 -+++ openssh-9.0p1-patched/ssh-rsa.c 2023-05-24 09:51:50.358536178 +0200 -@@ -174,8 +174,18 @@ - if (RSA_bits(key->rsa) < SSH_RSA_MINIMUM_MODULUS_SIZE) - return SSH_ERR_KEY_LENGTH; - -- if ((ret = ssh_create_evp_rsa(key, &pkey)) != 0) -- return ret; -+#ifdef ENABLE_PKCS11 -+ if (is_rsa_pkcs11(key->rsa)) { -+ if ((pkey = EVP_PKEY_new()) == NULL || -+ EVP_PKEY_set1_RSA(pkey, key->rsa) != 1) -+ return SSH_ERR_ALLOC_FAIL; -+ } else { -+#endif -+ if ((ret = ssh_create_evp_rsa(key, &pkey)) != 0) -+ return ret; -+#ifdef ENABLE_PKCS11 -+ } -+#endif - ret = sshkey_calculate_signature(pkey, hash_alg, &sig, &len, data, - datalen); - EVP_PKEY_free(pkey); diff --git a/openssh-9.0p1-man-hostkeyalgos.patch b/openssh-9.0p1-man-hostkeyalgos.patch deleted file mode 100644 index 2b16c2b..0000000 --- a/openssh-9.0p1-man-hostkeyalgos.patch +++ /dev/null @@ -1,16 +0,0 @@ -diff --color -ru -x regress -x autom4te.cache -x '*.o' -x '*.lo' -x Makefile -x config.status -x configure~ -x configure.ac openssh-8.7p1/ssh_config.5 openssh-8.7p1-patched/ssh_config.5 ---- openssh-8.7p1/ssh_config.5 2023-05-29 13:41:19.731835097 +0200 -+++ openssh-8.7p1-patched/ssh_config.5 2023-05-29 13:40:58.806604144 +0200 -@@ -989,6 +989,12 @@ - .Pp - The list of available signature algorithms may also be obtained using - .Qq ssh -Q HostKeyAlgorithms . -+.Pp -+.Xr crypto_policies 7 does not handle the list of algorithms as doing so -+would break the order given by the -+.Pa known_hosts -+file. Therefore the list is filtered by -+.Cm PubkeyAcceptedAlgorithms. - .It Cm HostKeyAlias - Specifies an alias that should be used instead of the - real host name when looking up or saving the host key diff --git a/openssh-9.3p1-merged-openssl-evp.patch b/openssh-9.3p1-merged-openssl-evp.patch new file mode 100644 index 0000000..28d281c --- /dev/null +++ b/openssh-9.3p1-merged-openssl-evp.patch @@ -0,0 +1,1220 @@ +diff --color -ru -x regress -x autom4te.cache -x '*.o' -x '*.lo' -x Makefile -x config.status -x configure~ -x configure.ac openssh-9.3p1/digest.h openssh-9.3p1-patched/digest.h +--- openssh-9.3p1/digest.h 2023-03-15 22:28:19.000000000 +0100 ++++ openssh-9.3p1-patched/digest.h 2023-06-06 15:52:25.602551466 +0200 +@@ -32,6 +32,12 @@ + struct sshbuf; + struct ssh_digest_ctx; + ++#ifdef WITH_OPENSSL ++#include ++/* Converts internal digest representation to the OpenSSL one */ ++const EVP_MD *ssh_digest_to_md(int digest_type); ++#endif ++ + /* Looks up a digest algorithm by name */ + int ssh_digest_alg_by_name(const char *name); + +diff --color -ru -x regress -x autom4te.cache -x '*.o' -x '*.lo' -x Makefile -x config.status -x configure~ -x configure.ac openssh-9.3p1/digest-openssl.c openssh-9.3p1-patched/digest-openssl.c +--- openssh-9.3p1/digest-openssl.c 2023-03-15 22:28:19.000000000 +0100 ++++ openssh-9.3p1-patched/digest-openssl.c 2023-06-06 15:52:25.601551454 +0200 +@@ -64,6 +64,22 @@ + { -1, NULL, 0, NULL }, + }; + ++const EVP_MD * ++ssh_digest_to_md(int digest_type) ++{ ++ switch (digest_type) { ++ case SSH_DIGEST_SHA1: ++ return EVP_sha1(); ++ case SSH_DIGEST_SHA256: ++ return EVP_sha256(); ++ case SSH_DIGEST_SHA384: ++ return EVP_sha384(); ++ case SSH_DIGEST_SHA512: ++ return EVP_sha512(); ++ } ++ return NULL; ++} ++ + static const struct ssh_digest * + ssh_digest_by_alg(int alg) + { +diff --color -ru -x regress -x autom4te.cache -x '*.o' -x '*.lo' -x Makefile -x config.status -x configure~ -x configure.ac openssh-9.3p1/ssh-dss.c openssh-9.3p1-patched/ssh-dss.c +--- openssh-9.3p1/ssh-dss.c 2023-03-15 22:28:19.000000000 +0100 ++++ openssh-9.3p1-patched/ssh-dss.c 2023-06-06 15:52:25.624551743 +0200 +@@ -32,6 +32,8 @@ + #include + #include + #include ++#include ++#include + + #include + #include +@@ -261,11 +263,15 @@ + const u_char *data, size_t datalen, + const char *alg, const char *sk_provider, const char *sk_pin, u_int compat) + { ++ EVP_PKEY *pkey = NULL; + DSA_SIG *sig = NULL; + const BIGNUM *sig_r, *sig_s; +- u_char digest[SSH_DIGEST_MAX_LENGTH], sigblob[SIGBLOB_LEN]; +- size_t rlen, slen, len, dlen = ssh_digest_bytes(SSH_DIGEST_SHA1); ++ u_char sigblob[SIGBLOB_LEN]; ++ size_t rlen, slen; ++ int len; + struct sshbuf *b = NULL; ++ u_char *sigb = NULL; ++ const u_char *psig = NULL; + int ret = SSH_ERR_INVALID_ARGUMENT; + + if (lenp != NULL) +@@ -276,17 +282,23 @@ + if (key == NULL || key->dsa == NULL || + sshkey_type_plain(key->type) != KEY_DSA) + return SSH_ERR_INVALID_ARGUMENT; +- if (dlen == 0) +- return SSH_ERR_INTERNAL_ERROR; + +- if ((ret = ssh_digest_memory(SSH_DIGEST_SHA1, data, datalen, +- digest, sizeof(digest))) != 0) ++ if ((ret = ssh_create_evp_dss(key, &pkey)) != 0) ++ return ret; ++ ret = sshkey_calculate_signature(pkey, SSH_DIGEST_SHA1, &sigb, &len, ++ data, datalen); ++ EVP_PKEY_free(pkey); ++ if (ret < 0) { + goto out; ++ } + +- if ((sig = DSA_do_sign(digest, dlen, key->dsa)) == NULL) { ++ psig = sigb; ++ if ((sig = d2i_DSA_SIG(NULL, &psig, len)) == NULL) { + ret = SSH_ERR_LIBCRYPTO_ERROR; + goto out; + } ++ free(sigb); ++ sigb = NULL; + + DSA_SIG_get0(sig, &sig_r, &sig_s); + rlen = BN_num_bytes(sig_r); +@@ -319,7 +331,7 @@ + *lenp = len; + ret = 0; + out: +- explicit_bzero(digest, sizeof(digest)); ++ free(sigb); + DSA_SIG_free(sig); + sshbuf_free(b); + return ret; +@@ -331,20 +343,20 @@ + const u_char *data, size_t dlen, const char *alg, u_int compat, + struct sshkey_sig_details **detailsp) + { ++ EVP_PKEY *pkey = NULL; + DSA_SIG *dsig = NULL; + BIGNUM *sig_r = NULL, *sig_s = NULL; +- u_char digest[SSH_DIGEST_MAX_LENGTH], *sigblob = NULL; +- size_t len, hlen = ssh_digest_bytes(SSH_DIGEST_SHA1); ++ u_char *sigblob = NULL; ++ size_t len, slen; + int ret = SSH_ERR_INTERNAL_ERROR; + struct sshbuf *b = NULL; + char *ktype = NULL; ++ u_char *sigb = NULL, *psig = NULL; + + if (key == NULL || key->dsa == NULL || + sshkey_type_plain(key->type) != KEY_DSA || + sig == NULL || siglen == 0) + return SSH_ERR_INVALID_ARGUMENT; +- if (hlen == 0) +- return SSH_ERR_INTERNAL_ERROR; + + /* fetch signature */ + if ((b = sshbuf_from(sig, siglen)) == NULL) +@@ -386,25 +398,28 @@ + } + sig_r = sig_s = NULL; /* transferred */ + +- /* sha1 the data */ +- if ((ret = ssh_digest_memory(SSH_DIGEST_SHA1, data, dlen, +- digest, sizeof(digest))) != 0) ++ if ((slen = i2d_DSA_SIG(dsig, NULL)) == 0) { ++ ret = SSH_ERR_LIBCRYPTO_ERROR; + goto out; +- +- switch (DSA_do_verify(digest, hlen, dsig, key->dsa)) { +- case 1: +- ret = 0; +- break; +- case 0: +- ret = SSH_ERR_SIGNATURE_INVALID; ++ } ++ if ((sigb = malloc(slen)) == NULL) { ++ ret = SSH_ERR_ALLOC_FAIL; + goto out; +- default: ++ } ++ psig = sigb; ++ if ((slen = i2d_DSA_SIG(dsig, &psig)) == 0) { + ret = SSH_ERR_LIBCRYPTO_ERROR; + goto out; + } + ++ if ((ret = ssh_create_evp_dss(key, &pkey)) != 0) ++ goto out; ++ ret = sshkey_verify_signature(pkey, SSH_DIGEST_SHA1, data, dlen, ++ sigb, slen); ++ EVP_PKEY_free(pkey); ++ + out: +- explicit_bzero(digest, sizeof(digest)); ++ free(sigb); + DSA_SIG_free(dsig); + BN_clear_free(sig_r); + BN_clear_free(sig_s); +@@ -415,6 +430,65 @@ + return ret; + } + ++int ++ssh_create_evp_dss(const struct sshkey *k, EVP_PKEY **pkey) ++{ ++ OSSL_PARAM_BLD *param_bld = NULL; ++ EVP_PKEY_CTX *ctx = NULL; ++ const BIGNUM *p = NULL, *q = NULL, *g = NULL, *pub = NULL, *priv = NULL; ++ int ret = 0; ++ ++ if (k == NULL) ++ return SSH_ERR_INVALID_ARGUMENT; ++ if ((ctx = EVP_PKEY_CTX_new_from_name(NULL, "DSA", NULL)) == NULL || ++ (param_bld = OSSL_PARAM_BLD_new()) == NULL) { ++ ret = SSH_ERR_ALLOC_FAIL; ++ goto out; ++ } ++ ++ DSA_get0_pqg(k->dsa, &p, &q, &g); ++ DSA_get0_key(k->dsa, &pub, &priv); ++ ++ if (p != NULL && ++ OSSL_PARAM_BLD_push_BN(param_bld, OSSL_PKEY_PARAM_FFC_P, p) != 1) { ++ ret = SSH_ERR_LIBCRYPTO_ERROR; ++ goto out; ++ } ++ if (q != NULL && ++ OSSL_PARAM_BLD_push_BN(param_bld, OSSL_PKEY_PARAM_FFC_Q, q) != 1) { ++ ret = SSH_ERR_LIBCRYPTO_ERROR; ++ goto out; ++ } ++ if (g != NULL && ++ OSSL_PARAM_BLD_push_BN(param_bld, OSSL_PKEY_PARAM_FFC_G, g) != 1) { ++ ret = SSH_ERR_LIBCRYPTO_ERROR; ++ goto out; ++ } ++ if (pub != NULL && ++ OSSL_PARAM_BLD_push_BN(param_bld, ++ OSSL_PKEY_PARAM_PUB_KEY, ++ pub) != 1) { ++ ret = SSH_ERR_LIBCRYPTO_ERROR; ++ goto out; ++ } ++ if (priv != NULL && ++ OSSL_PARAM_BLD_push_BN(param_bld, ++ OSSL_PKEY_PARAM_PRIV_KEY, ++ priv) != 1) { ++ ret = SSH_ERR_LIBCRYPTO_ERROR; ++ goto out; ++ } ++ if ((*pkey = sshkey_create_evp(param_bld, ctx)) == NULL) { ++ ret = SSH_ERR_LIBCRYPTO_ERROR; ++ goto out; ++ } ++ ++out: ++ OSSL_PARAM_BLD_free(param_bld); ++ EVP_PKEY_CTX_free(ctx); ++ return ret; ++} ++ + static const struct sshkey_impl_funcs sshkey_dss_funcs = { + /* .size = */ ssh_dss_size, + /* .alloc = */ ssh_dss_alloc, +diff --color -ru -x regress -x autom4te.cache -x '*.o' -x '*.lo' -x Makefile -x config.status -x configure~ -x configure.ac openssh-9.3p1/ssh-ecdsa.c openssh-9.3p1-patched/ssh-ecdsa.c +--- openssh-9.3p1/ssh-ecdsa.c 2023-03-15 22:28:19.000000000 +0100 ++++ openssh-9.3p1-patched/ssh-ecdsa.c 2023-06-06 15:52:25.626551768 +0200 +@@ -34,6 +34,8 @@ + #include + #include + #include ++#include ++#include + + #include + +@@ -126,19 +128,29 @@ + static int + ssh_ecdsa_generate(struct sshkey *k, int bits) + { +- EC_KEY *private; ++ EVP_PKEY_CTX *ctx = NULL; ++ EVP_PKEY *res = NULL; + + if ((k->ecdsa_nid = sshkey_ecdsa_bits_to_nid(bits)) == -1) + return SSH_ERR_KEY_LENGTH; +- if ((private = EC_KEY_new_by_curve_name(k->ecdsa_nid)) == NULL) ++ ++ if ((ctx = EVP_PKEY_CTX_new_from_name(NULL, "EC", NULL)) == NULL) + return SSH_ERR_ALLOC_FAIL; +- if (EC_KEY_generate_key(private) != 1) { +- EC_KEY_free(private); ++ ++ if (EVP_PKEY_keygen_init(ctx) <= 0 || EVP_PKEY_CTX_set_group_name(ctx, OBJ_nid2sn(k->ecdsa_nid)) <= 0 ++ || EVP_PKEY_keygen(ctx, &res) <= 0) { ++ EVP_PKEY_CTX_free(ctx); ++ EVP_PKEY_free(res); + return SSH_ERR_LIBCRYPTO_ERROR; + } +- EC_KEY_set_asn1_flag(private, OPENSSL_EC_NAMED_CURVE); +- k->ecdsa = private; +- return 0; ++ /* This function is deprecated in OpenSSL 3.0 but OpenSSH doesn't worry about it*/ ++ k->ecdsa = EVP_PKEY_get1_EC_KEY(res); ++ if (k->ecdsa) ++ EC_KEY_set_asn1_flag(k->ecdsa, OPENSSL_EC_NAMED_CURVE); ++ ++ EVP_PKEY_CTX_free(ctx); ++ EVP_PKEY_free(res); ++ return (k->ecdsa) ? 0 : SSH_ERR_LIBCRYPTO_ERROR; + } + + static int +@@ -228,11 +240,13 @@ + const u_char *data, size_t dlen, + const char *alg, const char *sk_provider, const char *sk_pin, u_int compat) + { ++ EVP_PKEY *pkey = NULL; + ECDSA_SIG *esig = NULL; ++ unsigned char *sigb = NULL; ++ const unsigned char *psig; + const BIGNUM *sig_r, *sig_s; + int hash_alg; +- u_char digest[SSH_DIGEST_MAX_LENGTH]; +- size_t len, hlen; ++ int len; + struct sshbuf *b = NULL, *bb = NULL; + int ret = SSH_ERR_INTERNAL_ERROR; + +@@ -245,18 +259,33 @@ + sshkey_type_plain(key->type) != KEY_ECDSA) + return SSH_ERR_INVALID_ARGUMENT; + +- if ((hash_alg = sshkey_ec_nid_to_hash_alg(key->ecdsa_nid)) == -1 || +- (hlen = ssh_digest_bytes(hash_alg)) == 0) ++ if ((hash_alg = sshkey_ec_nid_to_hash_alg(key->ecdsa_nid)) == -1) + return SSH_ERR_INTERNAL_ERROR; +- if ((ret = ssh_digest_memory(hash_alg, data, dlen, +- digest, sizeof(digest))) != 0) ++ ++#ifdef ENABLE_PKCS11 ++ if (is_ecdsa_pkcs11(key->ecdsa)) { ++ if ((pkey = EVP_PKEY_new()) == NULL || ++ EVP_PKEY_set1_EC_KEY(pkey, key->ecdsa) != 1) ++ return SSH_ERR_ALLOC_FAIL; ++ } else { ++#endif ++ if ((ret = ssh_create_evp_ec(key->ecdsa, key->ecdsa_nid, &pkey)) != 0) ++ return ret; ++#ifdef ENABLE_PKCS11 ++ } ++#endif ++ ret = sshkey_calculate_signature(pkey, hash_alg, &sigb, &len, data, ++ dlen); ++ EVP_PKEY_free(pkey); ++ if (ret < 0) { + goto out; ++ } + +- if ((esig = ECDSA_do_sign(digest, hlen, key->ecdsa)) == NULL) { ++ psig = sigb; ++ if (d2i_ECDSA_SIG(&esig, &psig, len) == NULL) { + ret = SSH_ERR_LIBCRYPTO_ERROR; + goto out; + } +- + if ((bb = sshbuf_new()) == NULL || (b = sshbuf_new()) == NULL) { + ret = SSH_ERR_ALLOC_FAIL; + goto out; +@@ -280,7 +309,7 @@ + *lenp = len; + ret = 0; + out: +- explicit_bzero(digest, sizeof(digest)); ++ free(sigb); + sshbuf_free(b); + sshbuf_free(bb); + ECDSA_SIG_free(esig); +@@ -293,22 +322,21 @@ + const u_char *data, size_t dlen, const char *alg, u_int compat, + struct sshkey_sig_details **detailsp) + { ++ EVP_PKEY *pkey = NULL; + ECDSA_SIG *esig = NULL; + BIGNUM *sig_r = NULL, *sig_s = NULL; +- int hash_alg; +- u_char digest[SSH_DIGEST_MAX_LENGTH]; +- size_t hlen; ++ int hash_alg, len; + int ret = SSH_ERR_INTERNAL_ERROR; + struct sshbuf *b = NULL, *sigbuf = NULL; + char *ktype = NULL; ++ unsigned char *sigb = NULL, *psig = NULL; + + if (key == NULL || key->ecdsa == NULL || + sshkey_type_plain(key->type) != KEY_ECDSA || + sig == NULL || siglen == 0) + return SSH_ERR_INVALID_ARGUMENT; + +- if ((hash_alg = sshkey_ec_nid_to_hash_alg(key->ecdsa_nid)) == -1 || +- (hlen = ssh_digest_bytes(hash_alg)) == 0) ++ if ((hash_alg = sshkey_ec_nid_to_hash_alg(key->ecdsa_nid)) == -1) + return SSH_ERR_INTERNAL_ERROR; + + /* fetch signature */ +@@ -344,28 +372,33 @@ + } + sig_r = sig_s = NULL; /* transferred */ + +- if (sshbuf_len(sigbuf) != 0) { +- ret = SSH_ERR_UNEXPECTED_TRAILING_DATA; ++ /* Figure out the length */ ++ if ((len = i2d_ECDSA_SIG(esig, NULL)) == 0) { ++ ret = SSH_ERR_LIBCRYPTO_ERROR; + goto out; + } +- if ((ret = ssh_digest_memory(hash_alg, data, dlen, +- digest, sizeof(digest))) != 0) +- goto out; +- +- switch (ECDSA_do_verify(digest, hlen, esig, key->ecdsa)) { +- case 1: +- ret = 0; +- break; +- case 0: +- ret = SSH_ERR_SIGNATURE_INVALID; ++ if ((sigb = malloc(len)) == NULL) { ++ ret = SSH_ERR_ALLOC_FAIL; + goto out; +- default: ++ } ++ psig = sigb; ++ if ((len = i2d_ECDSA_SIG(esig, &psig)) == 0) { + ret = SSH_ERR_LIBCRYPTO_ERROR; + goto out; + } + ++ if (sshbuf_len(sigbuf) != 0) { ++ ret = SSH_ERR_UNEXPECTED_TRAILING_DATA; ++ goto out; ++ } ++ ++ if (ssh_create_evp_ec(key->ecdsa, key->ecdsa_nid, &pkey) != 0) ++ goto out; ++ ret = sshkey_verify_signature(pkey, hash_alg, data, dlen, sigb, len); ++ EVP_PKEY_free(pkey); ++ + out: +- explicit_bzero(digest, sizeof(digest)); ++ free(sigb); + sshbuf_free(sigbuf); + sshbuf_free(b); + ECDSA_SIG_free(esig); +@@ -375,6 +408,79 @@ + return ret; + } + ++int ++ssh_create_evp_ec(EC_KEY *k, int ecdsa_nid, EVP_PKEY **pkey) ++{ ++ OSSL_PARAM_BLD *param_bld = NULL; ++ EVP_PKEY_CTX *ctx = NULL; ++ BN_CTX *bn_ctx = NULL; ++ uint8_t *pub_ser = NULL; ++ const char *group_name; ++ const EC_POINT *pub = NULL; ++ const BIGNUM *priv = NULL; ++ int ret = 0; ++ ++ if (k == NULL) ++ return SSH_ERR_INVALID_ARGUMENT; ++ if ((ctx = EVP_PKEY_CTX_new_from_name(NULL, "EC", NULL)) == NULL || ++ (param_bld = OSSL_PARAM_BLD_new()) == NULL || ++ (bn_ctx = BN_CTX_new()) == NULL) { ++ ret = SSH_ERR_ALLOC_FAIL; ++ goto out; ++ } ++ ++ if ((group_name = OSSL_EC_curve_nid2name(ecdsa_nid)) == NULL || ++ OSSL_PARAM_BLD_push_utf8_string(param_bld, ++ OSSL_PKEY_PARAM_GROUP_NAME, ++ group_name, ++ strlen(group_name)) != 1) { ++ ret = SSH_ERR_LIBCRYPTO_ERROR; ++ goto out; ++ } ++ if ((pub = EC_KEY_get0_public_key(k)) != NULL) { ++ const EC_GROUP *group; ++ size_t len; ++ ++ group = EC_KEY_get0_group(k); ++ len = EC_POINT_point2oct(group, pub, ++ POINT_CONVERSION_UNCOMPRESSED, NULL, 0, NULL); ++ if ((pub_ser = malloc(len)) == NULL) { ++ ret = SSH_ERR_ALLOC_FAIL; ++ goto out; ++ } ++ EC_POINT_point2oct(group, ++ pub, ++ POINT_CONVERSION_UNCOMPRESSED, ++ pub_ser, ++ len, ++ bn_ctx); ++ if (OSSL_PARAM_BLD_push_octet_string(param_bld, ++ OSSL_PKEY_PARAM_PUB_KEY, ++ pub_ser, ++ len) != 1) { ++ ret = SSH_ERR_LIBCRYPTO_ERROR; ++ goto out; ++ } ++ } ++ if ((priv = EC_KEY_get0_private_key(k)) != NULL && ++ OSSL_PARAM_BLD_push_BN(param_bld, ++ OSSL_PKEY_PARAM_PRIV_KEY, priv) != 1) { ++ ret = SSH_ERR_LIBCRYPTO_ERROR; ++ goto out; ++ } ++ if ((*pkey = sshkey_create_evp(param_bld, ctx)) == NULL) { ++ ret = SSH_ERR_LIBCRYPTO_ERROR; ++ goto out; ++ } ++ ++out: ++ OSSL_PARAM_BLD_free(param_bld); ++ EVP_PKEY_CTX_free(ctx); ++ BN_CTX_free(bn_ctx); ++ free(pub_ser); ++ return ret; ++} ++ + /* NB. not static; used by ECDSA-SK */ + const struct sshkey_impl_funcs sshkey_ecdsa_funcs = { + /* .size = */ ssh_ecdsa_size, +diff --color -ru -x regress -x autom4te.cache -x '*.o' -x '*.lo' -x Makefile -x config.status -x configure~ -x configure.ac openssh-9.3p1/sshkey.c openssh-9.3p1-patched/sshkey.c +--- openssh-9.3p1/sshkey.c 2023-06-06 15:53:36.608444190 +0200 ++++ openssh-9.3p1-patched/sshkey.c 2023-06-06 15:52:25.625551756 +0200 +@@ -34,6 +34,8 @@ + #include + #include + #include ++#include ++#include + #endif + + #include "crypto_api.h" +@@ -575,6 +577,86 @@ + } + + #ifdef WITH_OPENSSL ++int ++sshkey_calculate_signature(EVP_PKEY *pkey, int hash_alg, u_char **sigp, ++ int *lenp, const u_char *data, size_t datalen) ++{ ++ EVP_MD_CTX *ctx = NULL; ++ u_char *sig = NULL; ++ int ret, slen; ++ size_t len; ++ ++ if (sigp == NULL || lenp == NULL) { ++ return SSH_ERR_INVALID_ARGUMENT; ++ } ++ ++ slen = EVP_PKEY_get_size(pkey); ++ if (slen <= 0 || slen > SSHBUF_MAX_BIGNUM) ++ return SSH_ERR_INVALID_ARGUMENT; ++ ++ len = slen; ++ if ((sig = malloc(slen)) == NULL) { ++ return SSH_ERR_ALLOC_FAIL; ++ } ++ ++ if ((ctx = EVP_MD_CTX_new()) == NULL) { ++ ret = SSH_ERR_ALLOC_FAIL; ++ goto error; ++ } ++ if (EVP_DigestSignInit(ctx, NULL, ssh_digest_to_md(hash_alg), ++ NULL, pkey) != 1 || ++ EVP_DigestSignUpdate(ctx, data, datalen) != 1 || ++ EVP_DigestSignFinal(ctx, sig, &len) != 1) { ++ ret = SSH_ERR_LIBCRYPTO_ERROR; ++ goto error; ++ } ++ ++ *sigp = sig; ++ *lenp = len; ++ /* Now owned by the caller */ ++ sig = NULL; ++ ret = 0; ++ ++error: ++ EVP_MD_CTX_free(ctx); ++ free(sig); ++ return ret; ++} ++ ++int ++sshkey_verify_signature(EVP_PKEY *pkey, int hash_alg, const u_char *data, ++ size_t datalen, u_char *sigbuf, int siglen) ++{ ++ EVP_MD_CTX *ctx = NULL; ++ int ret; ++ ++ if ((ctx = EVP_MD_CTX_new()) == NULL) { ++ return SSH_ERR_ALLOC_FAIL; ++ } ++ if (EVP_DigestVerifyInit(ctx, NULL, ssh_digest_to_md(hash_alg), ++ NULL, pkey) != 1 || ++ EVP_DigestVerifyUpdate(ctx, data, datalen) != 1) { ++ ret = SSH_ERR_LIBCRYPTO_ERROR; ++ goto done; ++ } ++ ret = EVP_DigestVerifyFinal(ctx, sigbuf, siglen); ++ switch (ret) { ++ case 1: ++ ret = 0; ++ break; ++ case 0: ++ ret = SSH_ERR_SIGNATURE_INVALID; ++ break; ++ default: ++ ret = SSH_ERR_LIBCRYPTO_ERROR; ++ break; ++ } ++ ++done: ++ EVP_MD_CTX_free(ctx); ++ return ret; ++} ++ + /* XXX: these are really begging for a table-driven approach */ + int + sshkey_curve_name_to_nid(const char *name) +@@ -3763,3 +3845,27 @@ + return 0; + } + #endif /* WITH_XMSS */ ++ ++#ifdef WITH_OPENSSL ++EVP_PKEY * ++sshkey_create_evp(OSSL_PARAM_BLD *param_bld, EVP_PKEY_CTX *ctx) ++{ ++ EVP_PKEY *ret = NULL; ++ OSSL_PARAM *params = NULL; ++ if (param_bld == NULL || ctx == NULL) { ++ debug2_f("param_bld or ctx is NULL"); ++ return NULL; ++ } ++ if ((params = OSSL_PARAM_BLD_to_param(param_bld)) == NULL) { ++ debug2_f("Could not build param list"); ++ return NULL; ++ } ++ if (EVP_PKEY_fromdata_init(ctx) != 1 || ++ EVP_PKEY_fromdata(ctx, &ret, EVP_PKEY_KEYPAIR, params) != 1) { ++ debug2_f("EVP_PKEY_fromdata failed"); ++ OSSL_PARAM_free(params); ++ return NULL; ++ } ++ return ret; ++} ++#endif /* WITH_OPENSSL */ +diff --color -ru -x regress -x autom4te.cache -x '*.o' -x '*.lo' -x Makefile -x config.status -x configure~ -x configure.ac openssh-9.3p1/sshkey.h openssh-9.3p1-patched/sshkey.h +--- openssh-9.3p1/sshkey.h 2023-06-06 15:53:36.608444190 +0200 ++++ openssh-9.3p1-patched/sshkey.h 2023-06-06 15:52:25.626551768 +0200 +@@ -31,6 +31,9 @@ + #ifdef WITH_OPENSSL + #include + #include ++#include ++#include ++#include + # ifdef OPENSSL_HAS_ECC + # include + # include +@@ -268,6 +271,10 @@ + const char *sshkey_ssh_name_plain(const struct sshkey *); + int sshkey_names_valid2(const char *, int); + char *sshkey_alg_list(int, int, int, char); ++int sshkey_calculate_signature(EVP_PKEY*, int, u_char **, ++ int *, const u_char *, size_t); ++int sshkey_verify_signature(EVP_PKEY *, int, const u_char *, ++ size_t, u_char *, int); + + int sshkey_from_blob(const u_char *, size_t, struct sshkey **); + int sshkey_fromb(struct sshbuf *, struct sshkey **); +@@ -324,6 +331,13 @@ + + void sshkey_sig_details_free(struct sshkey_sig_details *); + ++#ifdef WITH_OPENSSL ++EVP_PKEY *sshkey_create_evp(OSSL_PARAM_BLD *, EVP_PKEY_CTX *); ++int ssh_create_evp_dss(const struct sshkey *, EVP_PKEY **); ++int ssh_create_evp_rsa(const struct sshkey *, EVP_PKEY **); ++int ssh_create_evp_ec(EC_KEY *, int, EVP_PKEY **); ++#endif /* WITH_OPENSSL */ ++ + #ifdef SSHKEY_INTERNAL + int sshkey_sk_fields_equal(const struct sshkey *a, const struct sshkey *b); + void sshkey_sk_cleanup(struct sshkey *k); +@@ -338,6 +352,10 @@ + #endif + #endif + ++#ifdef ENABLE_PKCS11 ++int pkcs11_get_ecdsa_idx(void); ++#endif ++ + #if !defined(WITH_OPENSSL) + # undef RSA + # undef DSA +diff --color -ru -x regress -x autom4te.cache -x '*.o' -x '*.lo' -x Makefile -x config.status -x configure~ -x configure.ac openssh-9.3p1/ssh-pkcs11.c openssh-9.3p1-patched/ssh-pkcs11.c +--- openssh-9.3p1/ssh-pkcs11.c 2023-06-06 15:53:36.592443989 +0200 ++++ openssh-9.3p1-patched/ssh-pkcs11.c 2023-06-06 15:52:25.626551768 +0200 +@@ -777,8 +777,24 @@ + + return (0); + } ++ ++int ++is_ecdsa_pkcs11(EC_KEY *ecdsa) ++{ ++ if (EC_KEY_get_ex_data(ecdsa, ec_key_idx) != NULL) ++ return 1; ++ return 0; ++} + #endif /* OPENSSL_HAS_ECC && HAVE_EC_KEY_METHOD_NEW */ + ++int ++is_rsa_pkcs11(RSA *rsa) ++{ ++ if (RSA_get_ex_data(rsa, rsa_idx) != NULL) ++ return 1; ++ return 0; ++} ++ + /* remove trailing spaces */ + static void + rmspace(u_char *buf, size_t len) +diff --color -ru -x regress -x autom4te.cache -x '*.o' -x '*.lo' -x Makefile -x config.status -x configure~ -x configure.ac openssh-9.3p1/ssh-pkcs11-client.c openssh-9.3p1-patched/ssh-pkcs11-client.c +--- openssh-9.3p1/ssh-pkcs11-client.c 2023-06-06 15:53:36.591443976 +0200 ++++ openssh-9.3p1-patched/ssh-pkcs11-client.c 2023-06-06 15:52:25.626551768 +0200 +@@ -225,8 +225,36 @@ + static RSA_METHOD *helper_rsa; + #if defined(OPENSSL_HAS_ECC) && defined(HAVE_EC_KEY_METHOD_NEW) + static EC_KEY_METHOD *helper_ecdsa; ++ ++int ++is_ecdsa_pkcs11(EC_KEY *ecdsa) ++{ ++ const EC_KEY_METHOD *meth; ++ ECDSA_SIG *(*sign_sig)(const unsigned char *dgst, int dgstlen, ++ const BIGNUM *kinv, const BIGNUM *rp, EC_KEY *eckey) = NULL; ++ ++ meth = EC_KEY_get_method(ecdsa); ++ EC_KEY_METHOD_get_sign(meth, NULL, NULL, &sign_sig); ++ if (sign_sig == ecdsa_do_sign) ++ return 1; ++ return 0; ++} + #endif /* OPENSSL_HAS_ECC && HAVE_EC_KEY_METHOD_NEW */ + ++int ++is_rsa_pkcs11(RSA *rsa) ++{ ++ const RSA_METHOD *meth; ++ int (*priv_enc)(int flen, const unsigned char *from, ++ unsigned char *to, RSA *rsa, int padding) = NULL; ++ ++ meth = RSA_get_method(rsa); ++ priv_enc = RSA_meth_get_priv_enc(meth); ++ if (priv_enc == rsa_encrypt) ++ return 1; ++ return 0; ++} ++ + /* redirect private key crypto operations to the ssh-pkcs11-helper */ + static void + wrap_key(struct sshkey *k) +diff --color -ru -x regress -x autom4te.cache -x '*.o' -x '*.lo' -x Makefile -x config.status -x configure~ -x configure.ac openssh-9.3p1/ssh-pkcs11.h openssh-9.3p1-patched/ssh-pkcs11.h +--- openssh-9.3p1/ssh-pkcs11.h 2023-06-06 15:53:36.592443989 +0200 ++++ openssh-9.3p1-patched/ssh-pkcs11.h 2023-06-06 15:52:25.626551768 +0200 +@@ -39,6 +39,11 @@ + u_int32_t *); + #endif + ++#ifdef HAVE_EC_KEY_METHOD_NEW ++int is_ecdsa_pkcs11(EC_KEY *ecdsa); ++#endif ++int is_rsa_pkcs11(RSA *rsa); ++ + #if !defined(WITH_OPENSSL) && defined(ENABLE_PKCS11) + #undef ENABLE_PKCS11 + #endif +diff --color -ru -x regress -x autom4te.cache -x '*.o' -x '*.lo' -x Makefile -x config.status -x configure~ -x configure.ac openssh-9.3p1/ssh-rsa.c openssh-9.3p1-patched/ssh-rsa.c +--- openssh-9.3p1/ssh-rsa.c 2023-03-15 22:28:19.000000000 +0100 ++++ openssh-9.3p1-patched/ssh-rsa.c 2023-06-06 15:52:25.627551781 +0200 +@@ -23,6 +23,8 @@ + + #include + #include ++#include ++#include + + #include + #include +@@ -36,7 +38,7 @@ + + #include "openbsd-compat/openssl-compat.h" + +-static int openssh_RSA_verify(int, u_char *, size_t, u_char *, size_t, RSA *); ++static int openssh_RSA_verify(int, const u_char *, size_t, u_char *, size_t, EVP_PKEY *); + + static u_int + ssh_rsa_size(const struct sshkey *key) +@@ -131,27 +133,50 @@ + static int + ssh_rsa_generate(struct sshkey *k, int bits) + { +- RSA *private = NULL; ++ EVP_PKEY_CTX *ctx = NULL; ++ EVP_PKEY *res = NULL; + BIGNUM *f4 = NULL; + int ret = SSH_ERR_INTERNAL_ERROR; + + if (bits < SSH_RSA_MINIMUM_MODULUS_SIZE || + bits > SSHBUF_MAX_BIGNUM * 8) + return SSH_ERR_KEY_LENGTH; +- if ((private = RSA_new()) == NULL || (f4 = BN_new()) == NULL) { ++ ++ if ((ctx = EVP_PKEY_CTX_new_from_name(NULL, "RSA", NULL)) == NULL ++ || (f4 = BN_new()) == NULL || !BN_set_word(f4, RSA_F4)) { + ret = SSH_ERR_ALLOC_FAIL; + goto out; + } +- if (!BN_set_word(f4, RSA_F4) || +- !RSA_generate_key_ex(private, bits, f4, NULL)) { ++ ++ if (EVP_PKEY_keygen_init(ctx) <= 0) { ++ ret = SSH_ERR_LIBCRYPTO_ERROR; ++ goto out; ++ } ++ ++ if (EVP_PKEY_CTX_set_rsa_keygen_bits(ctx, bits) <= 0) { ++ ret = SSH_ERR_KEY_LENGTH; ++ goto out; ++ } ++ ++ if (EVP_PKEY_CTX_set1_rsa_keygen_pubexp(ctx, f4) <= 0) ++ goto out; ++ ++ if (EVP_PKEY_keygen(ctx, &res) <= 0) { ++ ret = SSH_ERR_LIBCRYPTO_ERROR; ++ goto out; ++ } ++ ++ /* This function is deprecated in OpenSSL 3.0 but OpenSSH doesn't worry about it*/ ++ k->rsa = EVP_PKEY_get1_RSA(res); ++ if (k->rsa) { ++ ret = 0; ++ } else { + ret = SSH_ERR_LIBCRYPTO_ERROR; + goto out; + } +- k->rsa = private; +- private = NULL; +- ret = 0; + out: +- RSA_free(private); ++ EVP_PKEY_CTX_free(ctx); ++ EVP_PKEY_free(res); + BN_free(f4); + return ret; + } +@@ -317,21 +342,6 @@ + return -1; + } + +-static int +-rsa_hash_alg_nid(int type) +-{ +- switch (type) { +- case SSH_DIGEST_SHA1: +- return NID_sha1; +- case SSH_DIGEST_SHA256: +- return NID_sha256; +- case SSH_DIGEST_SHA512: +- return NID_sha512; +- default: +- return -1; +- } +-} +- + int + ssh_rsa_complete_crt_parameters(struct sshkey *key, const BIGNUM *iqmp) + { +@@ -393,11 +403,10 @@ + const u_char *data, size_t datalen, + const char *alg, const char *sk_provider, const char *sk_pin, u_int compat) + { +- const BIGNUM *rsa_n; +- u_char digest[SSH_DIGEST_MAX_LENGTH], *sig = NULL; +- size_t slen = 0; +- u_int hlen, len; +- int nid, hash_alg, ret = SSH_ERR_INTERNAL_ERROR; ++ EVP_PKEY *pkey = NULL; ++ u_char *sig = NULL; ++ int len, slen = 0; ++ int hash_alg, ret = SSH_ERR_INTERNAL_ERROR; + struct sshbuf *b = NULL; + + if (lenp != NULL) +@@ -409,33 +418,33 @@ + hash_alg = SSH_DIGEST_SHA1; + else + hash_alg = rsa_hash_id_from_keyname(alg); ++ + if (key == NULL || key->rsa == NULL || hash_alg == -1 || + sshkey_type_plain(key->type) != KEY_RSA) + return SSH_ERR_INVALID_ARGUMENT; +- RSA_get0_key(key->rsa, &rsa_n, NULL, NULL); +- if (BN_num_bits(rsa_n) < SSH_RSA_MINIMUM_MODULUS_SIZE) +- return SSH_ERR_KEY_LENGTH; + slen = RSA_size(key->rsa); +- if (slen <= 0 || slen > SSHBUF_MAX_BIGNUM) +- return SSH_ERR_INVALID_ARGUMENT; +- +- /* hash the data */ +- nid = rsa_hash_alg_nid(hash_alg); +- if ((hlen = ssh_digest_bytes(hash_alg)) == 0) +- return SSH_ERR_INTERNAL_ERROR; +- if ((ret = ssh_digest_memory(hash_alg, data, datalen, +- digest, sizeof(digest))) != 0) +- goto out; ++ if (RSA_bits(key->rsa) < SSH_RSA_MINIMUM_MODULUS_SIZE) ++ return SSH_ERR_KEY_LENGTH; + +- if ((sig = malloc(slen)) == NULL) { +- ret = SSH_ERR_ALLOC_FAIL; +- goto out; ++#ifdef ENABLE_PKCS11 ++ if (is_rsa_pkcs11(key->rsa)) { ++ if ((pkey = EVP_PKEY_new()) == NULL || ++ EVP_PKEY_set1_RSA(pkey, key->rsa) != 1) ++ return SSH_ERR_ALLOC_FAIL; ++ } else { ++#endif ++ if ((ret = ssh_create_evp_rsa(key, &pkey)) != 0) ++ return ret; ++#ifdef ENABLE_PKCS11 + } +- +- if (RSA_sign(nid, digest, hlen, sig, &len, key->rsa) != 1) { +- ret = SSH_ERR_LIBCRYPTO_ERROR; ++#endif ++ ret = sshkey_calculate_signature(pkey, hash_alg, &sig, &len, data, ++ datalen); ++ EVP_PKEY_free(pkey); ++ if (ret < 0) { + goto out; + } ++ + if (len < slen) { + size_t diff = slen - len; + memmove(sig + diff, sig, len); +@@ -444,6 +453,7 @@ + ret = SSH_ERR_INTERNAL_ERROR; + goto out; + } ++ + /* encode signature */ + if ((b = sshbuf_new()) == NULL) { + ret = SSH_ERR_ALLOC_FAIL; +@@ -464,7 +474,6 @@ + *lenp = len; + ret = 0; + out: +- explicit_bzero(digest, sizeof(digest)); + freezero(sig, slen); + sshbuf_free(b); + return ret; +@@ -476,10 +485,10 @@ + const u_char *data, size_t dlen, const char *alg, u_int compat, + struct sshkey_sig_details **detailsp) + { +- const BIGNUM *rsa_n; ++ EVP_PKEY *pkey = NULL; + char *sigtype = NULL; + int hash_alg, want_alg, ret = SSH_ERR_INTERNAL_ERROR; +- size_t len = 0, diff, modlen, hlen; ++ size_t len = 0, diff, modlen; + struct sshbuf *b = NULL; + u_char digest[SSH_DIGEST_MAX_LENGTH], *osigblob, *sigblob = NULL; + +@@ -487,8 +496,7 @@ + sshkey_type_plain(key->type) != KEY_RSA || + sig == NULL || siglen == 0) + return SSH_ERR_INVALID_ARGUMENT; +- RSA_get0_key(key->rsa, &rsa_n, NULL, NULL); +- if (BN_num_bits(rsa_n) < SSH_RSA_MINIMUM_MODULUS_SIZE) ++ if (RSA_bits(key->rsa) < SSH_RSA_MINIMUM_MODULUS_SIZE) + return SSH_ERR_KEY_LENGTH; + + if ((b = sshbuf_from(sig, siglen)) == NULL) +@@ -540,16 +548,13 @@ + explicit_bzero(sigblob, diff); + len = modlen; + } +- if ((hlen = ssh_digest_bytes(hash_alg)) == 0) { +- ret = SSH_ERR_INTERNAL_ERROR; +- goto out; +- } +- if ((ret = ssh_digest_memory(hash_alg, data, dlen, +- digest, sizeof(digest))) != 0) ++ ++ if ((ret = ssh_create_evp_rsa(key, &pkey)) != 0) + goto out; + +- ret = openssh_RSA_verify(hash_alg, digest, hlen, sigblob, len, +- key->rsa); ++ ret = openssh_RSA_verify(hash_alg, data, dlen, sigblob, len, pkey); ++ EVP_PKEY_free(pkey); ++ + out: + freezero(sigblob, len); + free(sigtype); +@@ -558,125 +563,110 @@ + return ret; + } + +-/* +- * See: +- * http://www.rsasecurity.com/rsalabs/pkcs/pkcs-1/ +- * ftp://ftp.rsasecurity.com/pub/pkcs/pkcs-1/pkcs-1v2-1.asn +- */ +- +-/* +- * id-sha1 OBJECT IDENTIFIER ::= { iso(1) identified-organization(3) +- * oiw(14) secsig(3) algorithms(2) 26 } +- */ +-static const u_char id_sha1[] = { +- 0x30, 0x21, /* type Sequence, length 0x21 (33) */ +- 0x30, 0x09, /* type Sequence, length 0x09 */ +- 0x06, 0x05, /* type OID, length 0x05 */ +- 0x2b, 0x0e, 0x03, 0x02, 0x1a, /* id-sha1 OID */ +- 0x05, 0x00, /* NULL */ +- 0x04, 0x14 /* Octet string, length 0x14 (20), followed by sha1 hash */ +-}; +- +-/* +- * See http://csrc.nist.gov/groups/ST/crypto_apps_infra/csor/algorithms.html +- * id-sha256 OBJECT IDENTIFIER ::= { joint-iso-itu-t(2) country(16) us(840) +- * organization(1) gov(101) csor(3) nistAlgorithm(4) hashAlgs(2) +- * id-sha256(1) } +- */ +-static const u_char id_sha256[] = { +- 0x30, 0x31, /* type Sequence, length 0x31 (49) */ +- 0x30, 0x0d, /* type Sequence, length 0x0d (13) */ +- 0x06, 0x09, /* type OID, length 0x09 */ +- 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x01, /* id-sha256 */ +- 0x05, 0x00, /* NULL */ +- 0x04, 0x20 /* Octet string, length 0x20 (32), followed by sha256 hash */ +-}; +- +-/* +- * See http://csrc.nist.gov/groups/ST/crypto_apps_infra/csor/algorithms.html +- * id-sha512 OBJECT IDENTIFIER ::= { joint-iso-itu-t(2) country(16) us(840) +- * organization(1) gov(101) csor(3) nistAlgorithm(4) hashAlgs(2) +- * id-sha256(3) } +- */ +-static const u_char id_sha512[] = { +- 0x30, 0x51, /* type Sequence, length 0x51 (81) */ +- 0x30, 0x0d, /* type Sequence, length 0x0d (13) */ +- 0x06, 0x09, /* type OID, length 0x09 */ +- 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x03, /* id-sha512 */ +- 0x05, 0x00, /* NULL */ +- 0x04, 0x40 /* Octet string, length 0x40 (64), followed by sha512 hash */ +-}; +- + static int +-rsa_hash_alg_oid(int hash_alg, const u_char **oidp, size_t *oidlenp) ++openssh_RSA_verify(int hash_alg, const u_char *data, size_t datalen, ++ u_char *sigbuf, size_t siglen, EVP_PKEY *pkey) + { +- switch (hash_alg) { +- case SSH_DIGEST_SHA1: +- *oidp = id_sha1; +- *oidlenp = sizeof(id_sha1); +- break; +- case SSH_DIGEST_SHA256: +- *oidp = id_sha256; +- *oidlenp = sizeof(id_sha256); +- break; +- case SSH_DIGEST_SHA512: +- *oidp = id_sha512; +- *oidlenp = sizeof(id_sha512); +- break; +- default: +- return SSH_ERR_INVALID_ARGUMENT; +- } +- return 0; +-} ++ size_t rsasize = 0; ++ int ret; + +-static int +-openssh_RSA_verify(int hash_alg, u_char *hash, size_t hashlen, +- u_char *sigbuf, size_t siglen, RSA *rsa) +-{ +- size_t rsasize = 0, oidlen = 0, hlen = 0; +- int ret, len, oidmatch, hashmatch; +- const u_char *oid = NULL; +- u_char *decrypted = NULL; +- +- if ((ret = rsa_hash_alg_oid(hash_alg, &oid, &oidlen)) != 0) +- return ret; +- ret = SSH_ERR_INTERNAL_ERROR; +- hlen = ssh_digest_bytes(hash_alg); +- if (hashlen != hlen) { +- ret = SSH_ERR_INVALID_ARGUMENT; +- goto done; +- } +- rsasize = RSA_size(rsa); ++ rsasize = EVP_PKEY_get_size(pkey); + if (rsasize <= 0 || rsasize > SSHBUF_MAX_BIGNUM || + siglen == 0 || siglen > rsasize) { + ret = SSH_ERR_INVALID_ARGUMENT; + goto done; + } +- if ((decrypted = malloc(rsasize)) == NULL) { +- ret = SSH_ERR_ALLOC_FAIL; +- goto done; +- } +- if ((len = RSA_public_decrypt(siglen, sigbuf, decrypted, rsa, +- RSA_PKCS1_PADDING)) < 0) { +- ret = SSH_ERR_LIBCRYPTO_ERROR; +- goto done; +- } +- if (len < 0 || (size_t)len != hlen + oidlen) { +- ret = SSH_ERR_INVALID_FORMAT; +- goto done; +- } +- oidmatch = timingsafe_bcmp(decrypted, oid, oidlen) == 0; +- hashmatch = timingsafe_bcmp(decrypted + oidlen, hash, hlen) == 0; +- if (!oidmatch || !hashmatch) { +- ret = SSH_ERR_SIGNATURE_INVALID; +- goto done; +- } +- ret = 0; ++ ++ ret = sshkey_verify_signature(pkey, hash_alg, data, datalen, ++ sigbuf, siglen); ++ + done: +- freezero(decrypted, rsasize); + return ret; + } + ++int ++ssh_create_evp_rsa(const struct sshkey *k, EVP_PKEY **pkey) ++{ ++ OSSL_PARAM_BLD *param_bld = NULL; ++ EVP_PKEY_CTX *ctx = NULL; ++ int ret = 0; ++ const BIGNUM *n = NULL, *e = NULL, *d = NULL, *p = NULL, *q = NULL; ++ const BIGNUM *dmp1 = NULL, *dmq1 = NULL, *iqmp = NULL; ++ ++ if (k == NULL) ++ return SSH_ERR_INVALID_ARGUMENT; ++ if ((ctx = EVP_PKEY_CTX_new_from_name(NULL, "RSA", NULL)) == NULL || ++ (param_bld = OSSL_PARAM_BLD_new()) == NULL) { ++ ret = SSH_ERR_ALLOC_FAIL; ++ goto out; ++ } ++ ++ RSA_get0_key(k->rsa, &n, &e, &d); ++ RSA_get0_factors(k->rsa, &p, &q); ++ RSA_get0_crt_params(k->rsa, &dmp1, &dmq1, &iqmp); ++ ++ if (n != NULL && ++ OSSL_PARAM_BLD_push_BN(param_bld, OSSL_PKEY_PARAM_RSA_N, n) != 1) { ++ ret = SSH_ERR_LIBCRYPTO_ERROR; ++ goto out; ++ } ++ if (e != NULL && ++ OSSL_PARAM_BLD_push_BN(param_bld, OSSL_PKEY_PARAM_RSA_E, e) != 1) { ++ ret = SSH_ERR_LIBCRYPTO_ERROR; ++ goto out; ++ } ++ if (d != NULL && ++ OSSL_PARAM_BLD_push_BN(param_bld, OSSL_PKEY_PARAM_RSA_D, d) != 1) { ++ ret = SSH_ERR_LIBCRYPTO_ERROR; ++ goto out; ++ } ++ ++ if ((*pkey = sshkey_create_evp(param_bld, ctx)) == NULL) { ++ ret = SSH_ERR_LIBCRYPTO_ERROR; ++ goto out; ++ } ++ ++ /* setting this to param_build makes the creation process fail */ ++ if (p != NULL && ++ EVP_PKEY_set_bn_param(*pkey, OSSL_PKEY_PARAM_RSA_FACTOR1, p) != 1) { ++ debug2_f("failed to add 'p' param"); ++ ret = SSH_ERR_LIBCRYPTO_ERROR; ++ goto out; ++ } ++ if (q != NULL && ++ EVP_PKEY_set_bn_param(*pkey, OSSL_PKEY_PARAM_RSA_FACTOR2, q) != 1) { ++ debug2_f("failed to add 'q' param"); ++ ret = SSH_ERR_LIBCRYPTO_ERROR; ++ goto out; ++ } ++ if (dmp1 != NULL && ++ EVP_PKEY_set_bn_param(*pkey, ++ OSSL_PKEY_PARAM_RSA_EXPONENT1, dmp1) != 1) { ++ debug2_f("failed to add 'dmp1' param"); ++ ret = SSH_ERR_LIBCRYPTO_ERROR; ++ goto out; ++ } ++ if (dmq1 != NULL && ++ EVP_PKEY_set_bn_param(*pkey, ++ OSSL_PKEY_PARAM_RSA_EXPONENT2, dmq1) != 1) { ++ debug2_f("failed to add 'dmq1' param"); ++ ret = SSH_ERR_LIBCRYPTO_ERROR; ++ goto out; ++ } ++ if (iqmp != NULL && ++ EVP_PKEY_set_bn_param(*pkey, ++ OSSL_PKEY_PARAM_RSA_COEFFICIENT1, iqmp) != 1) { ++ debug2_f("failed to add 'iqmp' param"); ++ ret = SSH_ERR_LIBCRYPTO_ERROR; ++ goto out; ++ } ++ ++out: ++ OSSL_PARAM_BLD_free(param_bld); ++ EVP_PKEY_CTX_free(ctx); ++ return ret; ++} ++ + static const struct sshkey_impl_funcs sshkey_rsa_funcs = { + /* .size = */ ssh_rsa_size, + /* .alloc = */ ssh_rsa_alloc, diff --git a/openssh-9.3p1-upstream-cve-2023-38408.patch b/openssh-9.3p1-upstream-cve-2023-38408.patch new file mode 100644 index 0000000..e9ac2ae --- /dev/null +++ b/openssh-9.3p1-upstream-cve-2023-38408.patch @@ -0,0 +1,130 @@ +diff --git a/ssh-agent.c b/ssh-agent.c +index 618bb198..8ea831f4 100644 +diff -up openssh-9.3p1/ssh-agent.c.cve openssh-9.3p1/ssh-agent.c +--- openssh-9.3p1/ssh-agent.c.cve 2023-07-21 15:38:13.237276580 +0200 ++++ openssh-9.3p1/ssh-agent.c 2023-07-21 15:41:30.269943569 +0200 +@@ -169,6 +169,12 @@ char socket_dir[PATH_MAX]; + /* Pattern-list of allowed PKCS#11/Security key paths */ + static char *allowed_providers; + ++/* ++ * Allows PKCS11 providers or SK keys that use non-internal providers to ++ * be added over a remote connection (identified by session-bind@openssh.com). ++ */ ++static int remote_add_provider; ++ + /* locking */ + #define LOCK_SIZE 32 + #define LOCK_SALT_SIZE 16 +@@ -1228,6 +1234,12 @@ process_add_identity(SocketEntry *e) + if (strcasecmp(sk_provider, "internal") == 0) { + debug_f("internal provider"); + } else { ++ if (e->nsession_ids != 0 && !remote_add_provider) { ++ verbose("failed add of SK provider \"%.100s\": " ++ "remote addition of providers is disabled", ++ sk_provider); ++ goto out; ++ } + if (realpath(sk_provider, canonical_provider) == NULL) { + verbose("failed provider \"%.100s\": " + "realpath: %s", sk_provider, +@@ -1368,7 +1380,7 @@ no_identities(SocketEntry *e) + + #ifdef ENABLE_PKCS11 + static char * +-sanitize_pkcs11_provider(const char *provider) ++sanitize_pkcs11_provider(SocketEntry *e, const char *provider) + { + struct pkcs11_uri *uri = NULL; + char *sane_uri, *module_path = NULL; /* default path */ +@@ -1399,6 +1411,11 @@ sanitize_pkcs11_provider(const char *pro + module_path = strdup(provider); /* simple path */ + + if (module_path != NULL) { /* do not validate default NULL path in URI */ ++ if (e->nsession_ids != 0 && !remote_add_provider) { ++ verbose("failed PKCS#11 add of \"%.100s\": remote addition of " ++ "providers is disabled", provider); ++ return NULL; ++ } + if (realpath(module_path, canonical_provider) == NULL) { + verbose("failed PKCS#11 provider \"%.100s\": realpath: %s", + module_path, strerror(errno)); +@@ -1455,7 +1472,7 @@ process_add_smartcard_key(SocketEntry *e + goto send; + } + +- sane_uri = sanitize_pkcs11_provider(provider); ++ sane_uri = sanitize_pkcs11_provider(e, provider); + if (sane_uri == NULL) + goto send; + +@@ -1516,7 +1533,7 @@ process_remove_smartcard_key(SocketEntry + } + free(pin); + +- sane_uri = sanitize_pkcs11_provider(provider); ++ sane_uri = sanitize_pkcs11_provider(e, provider); + if (sane_uri == NULL) + goto send; + +@@ -2108,7 +2125,9 @@ main(int ac, char **av) + break; + case 'O': + if (strcmp(optarg, "no-restrict-websafe") == 0) +- restrict_websafe = 0; ++ restrict_websafe = 0; ++ else if (strcmp(optarg, "allow-remote-pkcs11") == 0) ++ remote_add_provider = 1; + else + fatal("Unknown -O option"); + break; +diff --git a/ssh-pkcs11.c b/ssh-pkcs11.c +index 6be647ec..ebddf6c3 100644 +--- a/ssh-pkcs11.c ++++ b/ssh-pkcs11.c +@@ -1537,10 +1537,8 @@ pkcs11_register_provider(char *provider_id, char *pin, + error("dlopen %s failed: %s", provider_module, dlerror()); + goto fail; + } +- if ((getfunctionlist = dlsym(handle, "C_GetFunctionList")) == NULL) { +- error("dlsym(C_GetFunctionList) failed: %s", dlerror()); +- goto fail; +- } ++ if ((getfunctionlist = dlsym(handle, "C_GetFunctionList")) == NULL) ++ fatal("dlsym(C_GetFunctionList) failed: %s", dlerror()); + + p->module->handle = handle; + /* setup the pkcs11 callbacks */ +--- a/ssh-agent.1 2023-03-15 22:28:19.000000000 +0100 ++++ b/ssh-agent.1 2023-07-19 21:39:17.981406432 +0200 +@@ -107,9 +107,27 @@ + .It Fl O Ar option + Specify an option when starting + .Nm . +-Currently only one option is supported: ++Currently two options are supported: ++.Cm allow-remote-pkcs11 ++and + .Cm no-restrict-websafe . +-This instructs ++.Pp ++The ++.Cm allow-remote-pkcs11 ++option allows clients of a forwarded ++.Nm ++to load PKCS#11 or FIDO provider libraries. ++By default only local clients may perform this operation. ++Note that signalling that a ++.Nm ++client remote is performed by ++.Xr ssh 1 , ++and use of other tools to forward access to the agent socket may circumvent ++this restriction. ++.Pp ++The ++.Cm no-restrict-websafe , ++instructs + .Nm + to permit signatures using FIDO keys that might be web authentication + requests. From c0e4707d7b711c6463c6f38aa8839d0833ca7c5e Mon Sep 17 00:00:00 2001 From: Mattias Ellert Date: Fri, 11 Aug 2023 21:46:58 +0200 Subject: [PATCH 17/44] Based on openssh-9.3p1-8.fc39 --- gsi-openssh.spec | 17 ++++++++----- gsisshd.socket | 11 -------- openssh-6.6p1-kuserok.patch | 4 +-- openssh-7.7p1-redhat.patch | 20 +++++++++------ openssh-9.3p1-openssl-compat.patch | 40 ++++++++++++++++++++++++++++++ 5 files changed, 65 insertions(+), 27 deletions(-) delete mode 100644 gsisshd.socket create mode 100644 openssh-9.3p1-openssl-compat.patch diff --git a/gsi-openssh.spec b/gsi-openssh.spec index 0bd49a9..696734d 100644 --- a/gsi-openssh.spec +++ b/gsi-openssh.spec @@ -24,7 +24,7 @@ %global libedit 1 %global openssh_ver 9.3p1 -%global openssh_rel 2 +%global openssh_rel 3 Summary: An implementation of the SSH protocol with GSI authentication Name: gsi-openssh @@ -39,7 +39,6 @@ Source2: gsisshd.pam Source3: gpgkey-736060BA.gpg Source7: gsisshd.sysconfig Source9: gsisshd@.service -Source10: gsisshd.socket Source11: gsisshd.service Source12: gsisshd-keygen@.service Source13: gsisshd-keygen @@ -177,6 +176,8 @@ Patch1012: openssh-9.0p1-evp-fips-dh.patch Patch1013: openssh-9.0p1-evp-fips-ecdh.patch Patch1014: openssh-8.7p1-nohostsha1proof.patch Patch1015: openssh-9.3p1-upstream-cve-2023-38408.patch +# upstream b7afd8a4ecaca8afd3179b55e9db79c0ff210237 +Patch1016: openssh-9.3p1-openssl-compat.patch # Fix issue with read-only ssh buffer during gssapi key exchange (#1938224) # https://github.com/openssh-gsskex/openssh-gsskex/pull/19 @@ -339,6 +340,7 @@ gpgv2 --quiet --keyring %{SOURCE3} %{SOURCE1} %{SOURCE0} %patch -P 1013 -p1 -b .evp-fips-ecdh %patch -P 1014 -p1 -b .nosha1hostproof %patch -P 1015 -p1 -b .cve-2023-38408 +%patch -P 1016 -p1 -b .ossl-version %patch -P 100 -p1 -b .coverity @@ -440,10 +442,10 @@ install -d $RPM_BUILD_ROOT%{_libexecdir}/gsissh install -m644 %{SOURCE2} $RPM_BUILD_ROOT/etc/pam.d/gsisshd install -m644 %{SOURCE7} $RPM_BUILD_ROOT/etc/sysconfig/gsisshd install -m644 ssh_config_redhat $RPM_BUILD_ROOT%{_sysconfdir}/gsissh/ssh_config.d/50-redhat.conf +install -m644 sshd_config_redhat_cp $RPM_BUILD_ROOT%{_sysconfdir}/gsissh/sshd_config.d/40-redhat-crypto-policies.conf install -m644 sshd_config_redhat $RPM_BUILD_ROOT%{_sysconfdir}/gsissh/sshd_config.d/50-redhat.conf install -d -m755 $RPM_BUILD_ROOT/%{_unitdir} install -m644 %{SOURCE9} $RPM_BUILD_ROOT/%{_unitdir}/gsisshd@.service -install -m644 %{SOURCE10} $RPM_BUILD_ROOT/%{_unitdir}/gsisshd.socket install -m644 %{SOURCE11} $RPM_BUILD_ROOT/%{_unitdir}/gsisshd.service install -m644 %{SOURCE12} $RPM_BUILD_ROOT/%{_unitdir}/gsisshd-keygen@.service install -m644 %{SOURCE15} $RPM_BUILD_ROOT/%{_unitdir}/gsisshd-keygen.target @@ -483,10 +485,10 @@ if [ $1 -gt 1 ]; then # script for Fedora 38 to remove group ownership for host keys. %{_libexecdir}/gsissh/ssh-host-keys-migration.sh fi -%systemd_post gsisshd.service gsisshd.socket +%systemd_post gsisshd.service %preun server -%systemd_preun gsisshd.service gsisshd.socket +%systemd_preun gsisshd.service %postun server %systemd_postun_with_restart gsisshd.service @@ -525,18 +527,21 @@ fi %attr(0644,root,root) %{_mandir}/man8/gsisftp-server.8* %attr(0600,root,root) %config(noreplace) %{_sysconfdir}/gsissh/sshd_config %dir %attr(0700,root,root) %{_sysconfdir}/gsissh/sshd_config.d/ +%attr(0600,root,root) %config(noreplace) %{_sysconfdir}/gsissh/sshd_config.d/40-redhat-crypto-policies.conf %attr(0600,root,root) %config(noreplace) %{_sysconfdir}/gsissh/sshd_config.d/50-redhat.conf %attr(0644,root,root) %config(noreplace) /etc/pam.d/gsisshd %attr(0640,root,root) %config(noreplace) /etc/sysconfig/gsisshd %attr(0644,root,root) %{_unitdir}/gsisshd.service %attr(0644,root,root) %{_unitdir}/gsisshd@.service -%attr(0644,root,root) %{_unitdir}/gsisshd.socket %attr(0644,root,root) %{_unitdir}/gsisshd-keygen@.service %attr(0644,root,root) %{_unitdir}/gsisshd-keygen.target %attr(0644,root,root) %{_sysusersdir}/%{name}-server.conf %attr(0744,root,root) %{_libexecdir}/gsissh/ssh-host-keys-migration.sh %changelog +* Fri Aug 11 2023 Mattias Ellert - 9.3p1-3 +- Based on openssh-9.3p1-8.fc39 + * Sun Jul 23 2023 Mattias Ellert - 9.3p1-2 - Based on openssh-9.3p1-5.fc39.1 diff --git a/gsisshd.socket b/gsisshd.socket deleted file mode 100644 index 28e40d1..0000000 --- a/gsisshd.socket +++ /dev/null @@ -1,11 +0,0 @@ -[Unit] -Description=gsissh Server Socket -Documentation=man:gsisshd(8) man:gsisshd_config(5) -Conflicts=gsisshd.service - -[Socket] -ListenStream=22 -Accept=yes - -[Install] -WantedBy=sockets.target diff --git a/openssh-6.6p1-kuserok.patch b/openssh-6.6p1-kuserok.patch index f3231f9..eaf4453 100644 --- a/openssh-6.6p1-kuserok.patch +++ b/openssh-6.6p1-kuserok.patch @@ -155,8 +155,8 @@ diff -up openssh-7.4p1/gss-serv-krb5.c.kuserok openssh-7.4p1/gss-serv-krb5.c * because if they are on a krb5-protected filesystem, user credentials * to access these files aren't available yet. */ - if (krb5_kuserok(krb_context, princ, name) && k5login_exists) { -+ if (ssh_krb5_kuserok(krb_context, princ, name, k5login_exists) -+ && k5login_exists) { ++ if (k5login_exists && ++ ssh_krb5_kuserok(krb_context, princ, name, k5login_exists)) { retval = 1; logit("Authorized to %s, krb5 principal %s (krb5_kuserok)", name, (char *)client->displayname.value); diff --git a/openssh-7.7p1-redhat.patch b/openssh-7.7p1-redhat.patch index 85ebc82..1d77f90 100644 --- a/openssh-7.7p1-redhat.patch +++ b/openssh-7.7p1-redhat.patch @@ -80,14 +80,7 @@ diff -up openssh/sshd_config.redhat openssh/sshd_config diff -up openssh/sshd_config_redhat.redhat openssh/sshd_config_redhat --- openssh/sshd_config_redhat.redhat 2020-02-13 18:14:02.268006439 +0100 +++ openssh/sshd_config_redhat 2020-02-13 18:19:20.765035947 +0100 -@@ -0,0 +1,22 @@ -+# This system is following system-wide crypto policy. The changes to -+# crypto properties (Ciphers, MACs, ...) will not have any effect in -+# this or following included files. To override some configuration option, -+# write it before this block or include it before this file. -+# Please, see manual pages for update-crypto-policies(8) and sshd_config(5). -+Include /etc/crypto-policies/back-ends/opensshserver.config -+ +@@ -0,0 +1,15 @@ +SyslogFacility AUTHPRIV + +ChallengeResponseAuthentication no @@ -103,3 +96,14 @@ diff -up openssh/sshd_config_redhat.redhat openssh/sshd_config_redhat +# as it is more configurable and versatile than the built-in version. +PrintMotd no + +diff -up openssh/sshd_config_redhat.redhat openssh/sshd_config_redhat +--- openssh/sshd_config_redhat_cp.redhat 2020-02-13 18:14:02.268006439 +0100 ++++ openssh/sshd_config_redhat_cp 2020-02-13 18:19:20.765035947 +0100 +@@ -0,0 +1,7 @@ ++# This system is following system-wide crypto policy. The changes to ++# crypto properties (Ciphers, MACs, ...) will not have any effect in ++# this or following included files. To override some configuration option, ++# write it before this block or include it before this file. ++# Please, see manual pages for update-crypto-policies(8) and sshd_config(5). ++Include /etc/crypto-policies/back-ends/opensshserver.config ++ diff --git a/openssh-9.3p1-openssl-compat.patch b/openssh-9.3p1-openssl-compat.patch new file mode 100644 index 0000000..cf512ef --- /dev/null +++ b/openssh-9.3p1-openssl-compat.patch @@ -0,0 +1,40 @@ +--- openssh-9.3p1/openbsd-compat/openssl-compat.c 2023-03-15 22:28:19.000000000 +0100 ++++ /home/dbelyavs/work/upstream/openssh-portable/openbsd-compat/openssl-compat.c 2023-05-25 14:19:42.870841944 +0200 +@@ -33,10 +33,10 @@ + + /* + * OpenSSL version numbers: MNNFFPPS: major minor fix patch status +- * We match major, minor, fix and status (not patch) for <1.0.0. +- * After that, we acceptable compatible fix versions (so we +- * allow 1.0.1 to work with 1.0.0). Going backwards is only allowed +- * within a patch series. ++ * Versions >=3 require only major versions to match. ++ * For versions <3, we accept compatible fix versions (so we allow 1.0.1 ++ * to work with 1.0.0). Going backwards is only allowed within a patch series. ++ * See https://www.openssl.org/policies/releasestrat.html + */ + + int +@@ -48,15 +48,17 @@ + if (headerver == libver) + return 1; + +- /* for versions < 1.0.0, major,minor,fix,status must match */ +- if (headerver < 0x1000000f) { +- mask = 0xfffff00fL; /* major,minor,fix,status */ ++ /* ++ * For versions >= 3.0, only the major and status must match. ++ */ ++ if (headerver >= 0x3000000f) { ++ mask = 0xf000000fL; /* major,status */ + return (headerver & mask) == (libver & mask); + } + + /* +- * For versions >= 1.0.0, major,minor,status must match and library +- * fix version must be equal to or newer than the header. ++ * For versions >= 1.0.0, but <3, major,minor,status must match and ++ * library fix version must be equal to or newer than the header. + */ + mask = 0xfff0000fL; /* major,minor,status */ + hfix = (headerver & 0x000ff000) >> 12; From 5b20a7546c07743d80cc27bdbc1c113f31d8bc0a Mon Sep 17 00:00:00 2001 From: Mattias Ellert Date: Tue, 17 Oct 2023 03:14:46 +0200 Subject: [PATCH 18/44] Based on openssh-9.3p1-9.fc39 --- gsi-openssh.spec | 12 +++++++++--- gsisshd.socket | 11 +++++++++++ 2 files changed, 20 insertions(+), 3 deletions(-) create mode 100644 gsisshd.socket diff --git a/gsi-openssh.spec b/gsi-openssh.spec index 696734d..4c3bc2f 100644 --- a/gsi-openssh.spec +++ b/gsi-openssh.spec @@ -24,7 +24,7 @@ %global libedit 1 %global openssh_ver 9.3p1 -%global openssh_rel 3 +%global openssh_rel 4 Summary: An implementation of the SSH protocol with GSI authentication Name: gsi-openssh @@ -39,6 +39,7 @@ Source2: gsisshd.pam Source3: gpgkey-736060BA.gpg Source7: gsisshd.sysconfig Source9: gsisshd@.service +Source10: gsisshd.socket Source11: gsisshd.service Source12: gsisshd-keygen@.service Source13: gsisshd-keygen @@ -446,6 +447,7 @@ install -m644 sshd_config_redhat_cp $RPM_BUILD_ROOT%{_sysconfdir}/gsissh/sshd_co install -m644 sshd_config_redhat $RPM_BUILD_ROOT%{_sysconfdir}/gsissh/sshd_config.d/50-redhat.conf install -d -m755 $RPM_BUILD_ROOT/%{_unitdir} install -m644 %{SOURCE9} $RPM_BUILD_ROOT/%{_unitdir}/gsisshd@.service +install -m644 %{SOURCE10} $RPM_BUILD_ROOT/%{_unitdir}/gsisshd.socket install -m644 %{SOURCE11} $RPM_BUILD_ROOT/%{_unitdir}/gsisshd.service install -m644 %{SOURCE12} $RPM_BUILD_ROOT/%{_unitdir}/gsisshd-keygen@.service install -m644 %{SOURCE15} $RPM_BUILD_ROOT/%{_unitdir}/gsisshd-keygen.target @@ -485,10 +487,10 @@ if [ $1 -gt 1 ]; then # script for Fedora 38 to remove group ownership for host keys. %{_libexecdir}/gsissh/ssh-host-keys-migration.sh fi -%systemd_post gsisshd.service +%systemd_post gsisshd.service gsisshd.socket %preun server -%systemd_preun gsisshd.service +%systemd_preun gsisshd.service gsisshd.socket %postun server %systemd_postun_with_restart gsisshd.service @@ -533,12 +535,16 @@ fi %attr(0640,root,root) %config(noreplace) /etc/sysconfig/gsisshd %attr(0644,root,root) %{_unitdir}/gsisshd.service %attr(0644,root,root) %{_unitdir}/gsisshd@.service +%attr(0644,root,root) %{_unitdir}/gsisshd.socket %attr(0644,root,root) %{_unitdir}/gsisshd-keygen@.service %attr(0644,root,root) %{_unitdir}/gsisshd-keygen.target %attr(0644,root,root) %{_sysusersdir}/%{name}-server.conf %attr(0744,root,root) %{_libexecdir}/gsissh/ssh-host-keys-migration.sh %changelog +* Tue Oct 17 2023 Mattias Ellert - 9.3p1-4 +- Based on openssh-9.3p1-9.fc39 + * Fri Aug 11 2023 Mattias Ellert - 9.3p1-3 - Based on openssh-9.3p1-8.fc39 diff --git a/gsisshd.socket b/gsisshd.socket new file mode 100644 index 0000000..28e40d1 --- /dev/null +++ b/gsisshd.socket @@ -0,0 +1,11 @@ +[Unit] +Description=gsissh Server Socket +Documentation=man:gsisshd(8) man:gsisshd_config(5) +Conflicts=gsisshd.service + +[Socket] +ListenStream=22 +Accept=yes + +[Install] +WantedBy=sockets.target From 78f4185f33440a45a1d05042c222ac0288f4a309 Mon Sep 17 00:00:00 2001 From: Mattias Ellert Date: Tue, 17 Oct 2023 07:01:51 +0200 Subject: [PATCH 19/44] Based on openssh-9.3p1-12.fc40 --- gsi-openssh.spec | 7 +- openssh-8.0p1-pkcs11-uri.patch | 178 +++++++++++++++++-------- openssh-9.3p1-merged-openssl-evp.patch | 22 ++- 3 files changed, 145 insertions(+), 62 deletions(-) diff --git a/gsi-openssh.spec b/gsi-openssh.spec index 4c3bc2f..a73bd43 100644 --- a/gsi-openssh.spec +++ b/gsi-openssh.spec @@ -24,7 +24,7 @@ %global libedit 1 %global openssh_ver 9.3p1 -%global openssh_rel 4 +%global openssh_rel 5 Summary: An implementation of the SSH protocol with GSI authentication Name: gsi-openssh @@ -191,7 +191,7 @@ Patch98: openssh-9.3p1-gsissh.patch # Based on https://sourceforge.net/projects/hpnssh/files/Patches/HPN-SSH%2015v2%208.5p1/ Patch99: openssh-9.3p1-hpn-15.2-modified.patch -License: BSD +License: BSD-3-Clause AND BSD-2-Clause AND ISC AND SSH-OpenSSH AND ssh-keyscan AND sprintf AND LicenseRef-Fedora-Public-Domain AND X11-distribute-modifications-variant Requires: /sbin/nologin BuildRequires: autoconf, automake, perl-interpreter, perl-generators, zlib-devel @@ -542,6 +542,9 @@ fi %attr(0744,root,root) %{_libexecdir}/gsissh/ssh-host-keys-migration.sh %changelog +* Tue Oct 17 2023 Mattias Ellert - 9.3p1-5 +- Based on openssh-9.3p1-12.fc40 + * Tue Oct 17 2023 Mattias Ellert - 9.3p1-4 - Based on openssh-9.3p1-9.fc39 diff --git a/openssh-8.0p1-pkcs11-uri.patch b/openssh-8.0p1-pkcs11-uri.patch index affdd72..551351c 100644 --- a/openssh-8.0p1-pkcs11-uri.patch +++ b/openssh-8.0p1-pkcs11-uri.patch @@ -68,7 +68,7 @@ diff -up openssh-8.7p1/configure.ac.pkcs11-uri openssh-8.7p1/configure.ac diff -up openssh-8.7p1/Makefile.in.pkcs11-uri openssh-8.7p1/Makefile.in --- openssh-8.7p1/Makefile.in.pkcs11-uri 2021-08-30 13:07:43.571699324 +0200 +++ openssh-8.7p1/Makefile.in 2021-08-30 13:07:43.663700096 +0200 -@@ -103,7 +103,7 @@ LIBSSH_OBJS=${LIBOPENSSH_OBJS} \ +@@ -105,7 +105,7 @@ monitor_fdpass.o rijndael.o ssh-dss.o ssh-ecdsa.o ssh-ecdsa-sk.o \ ssh-ed25519-sk.o ssh-rsa.o dh.o \ msg.o progressmeter.o dns.o entropy.o gss-genr.o umac.o umac128.o \ @@ -103,7 +103,7 @@ diff -up openssh-8.7p1/Makefile.in.pkcs11-uri openssh-8.7p1/Makefile.in $(MKDIR_P) `pwd`/regress/misc/sk-dummy [ -f `pwd`/regress/Makefile ] || \ ln -s `cd $(srcdir) && pwd`/regress/Makefile `pwd`/regress/Makefile -@@ -677,6 +682,16 @@ regress/unittests/utf8/test_utf8$(EXEEXT +@@ -685,6 +690,16 @@ regress/unittests/test_helper/libtest_helper.a \ -lssh -lopenbsd-compat -lssh -lopenbsd-compat $(TESTLIBS) @@ -534,7 +534,7 @@ diff -up openssh-8.7p1/regress/unittests/Makefile.pkcs11-uri openssh-8.7p1/regre diff -up openssh-8.7p1/regress/unittests/pkcs11/tests.c.pkcs11-uri openssh-8.7p1/regress/unittests/pkcs11/tests.c --- openssh-8.7p1/regress/unittests/pkcs11/tests.c.pkcs11-uri 2021-08-30 13:07:43.664700104 +0200 +++ openssh-8.7p1/regress/unittests/pkcs11/tests.c 2021-08-30 13:07:43.664700104 +0200 -@@ -0,0 +1,337 @@ +@@ -0,0 +1,346 @@ +/* + * Copyright (c) 2017 Red Hat + * @@ -563,7 +563,7 @@ diff -up openssh-8.7p1/regress/unittests/pkcs11/tests.c.pkcs11-uri openssh-8.7p1 +#include "sshbuf.h" +#include "ssh-pkcs11-uri.h" + -+#define EMPTY_URI compose_uri(NULL, 0, NULL, NULL, NULL, NULL, NULL, NULL) ++#define EMPTY_URI compose_uri(NULL, 0, NULL, NULL, NULL, NULL, NULL, NULL, NULL) + +/* prototypes are not public -- specify them here internally for tests */ +struct sshbuf *percent_encode(const char *, size_t, char *); @@ -596,6 +596,10 @@ diff -up openssh-8.7p1/regress/unittests/pkcs11/tests.c.pkcs11-uri openssh-8.7p1 + ASSERT_STRING_EQ(a->lib_manuf, b->lib_manuf); + else /* both should be null */ + ASSERT_PTR_EQ(a->lib_manuf, b->lib_manuf); ++ if (b->serial != NULL) ++ ASSERT_STRING_EQ(a->serial, b->serial); ++ else /* both should be null */ ++ ASSERT_PTR_EQ(a->serial, b->serial); +} + +void @@ -630,7 +634,7 @@ diff -up openssh-8.7p1/regress/unittests/pkcs11/tests.c.pkcs11-uri openssh-8.7p1 + +struct pkcs11_uri * +compose_uri(unsigned char *id, size_t id_len, char *token, char *lib_manuf, -+ char *manuf, char *module_path, char *object, char *pin) ++ char *manuf, char *serial, char *module_path, char *object, char *pin) +{ + struct pkcs11_uri *uri = pkcs11_uri_init(); + if (id_len > 0) { @@ -641,6 +645,7 @@ diff -up openssh-8.7p1/regress/unittests/pkcs11/tests.c.pkcs11-uri openssh-8.7p1 + uri->token = token; + uri->lib_manuf = lib_manuf; + uri->manuf = manuf; ++ uri->serial = serial; + uri->object = object; + uri->pin = pin; + return uri; @@ -651,47 +656,49 @@ diff -up openssh-8.7p1/regress/unittests/pkcs11/tests.c.pkcs11-uri openssh-8.7p1 +{ + /* path arguments */ + check_parse("pkcs11:id=%01", -+ compose_uri("\x01", 1, NULL, NULL, NULL, NULL, NULL, NULL)); ++ compose_uri("\x01", 1, NULL, NULL, NULL, NULL, NULL, NULL, NULL)); + check_parse("pkcs11:id=%00%01", -+ compose_uri("\x00\x01", 2, NULL, NULL, NULL, NULL, NULL, NULL)); ++ compose_uri("\x00\x01", 2, NULL, NULL, NULL, NULL, NULL, NULL, NULL)); + check_parse("pkcs11:token=SSH%20Keys", -+ compose_uri(NULL, 0, "SSH Keys", NULL, NULL, NULL, NULL, NULL)); ++ compose_uri(NULL, 0, "SSH Keys", NULL, NULL, NULL, NULL, NULL, NULL)); + check_parse("pkcs11:library-manufacturer=OpenSC", -+ compose_uri(NULL, 0, NULL, "OpenSC", NULL, NULL, NULL, NULL)); ++ compose_uri(NULL, 0, NULL, "OpenSC", NULL, NULL, NULL, NULL, NULL)); + check_parse("pkcs11:manufacturer=piv_II", -+ compose_uri(NULL, 0, NULL, NULL, "piv_II", NULL, NULL, NULL)); ++ compose_uri(NULL, 0, NULL, NULL, "piv_II", NULL, NULL, NULL, NULL)); ++ check_parse("pkcs11:serial=IamSerial", ++ compose_uri(NULL, 0, NULL, NULL, NULL, "IamSerial", NULL, NULL, NULL)); + check_parse("pkcs11:object=SIGN%20Key", -+ compose_uri(NULL, 0, NULL, NULL, NULL, NULL, "SIGN Key", NULL)); ++ compose_uri(NULL, 0, NULL, NULL, NULL, NULL, NULL, "SIGN Key", NULL)); + /* query arguments */ + check_parse("pkcs11:?module-path=/usr/lib64/p11-kit-proxy.so", -+ compose_uri(NULL, 0, NULL, NULL, NULL, "/usr/lib64/p11-kit-proxy.so", NULL, NULL)); ++ compose_uri(NULL, 0, NULL, NULL, NULL, NULL, "/usr/lib64/p11-kit-proxy.so", NULL, NULL)); + check_parse("pkcs11:?pin-value=123456", -+ compose_uri(NULL, 0, NULL, NULL, NULL, NULL, NULL, "123456")); ++ compose_uri(NULL, 0, NULL, NULL, NULL, NULL, NULL, NULL, "123456")); + + /* combinations */ + /* ID SHOULD be percent encoded */ + check_parse("pkcs11:token=SSH%20Key;id=0", -+ compose_uri("0", 1, "SSH Key", NULL, NULL, NULL, NULL, NULL)); ++ compose_uri("0", 1, "SSH Key", NULL, NULL, NULL, NULL, NULL, NULL)); + check_parse( + "pkcs11:manufacturer=CAC?module-path=/usr/lib64/p11-kit-proxy.so", -+ compose_uri(NULL, 0, NULL, NULL, "CAC", ++ compose_uri(NULL, 0, NULL, NULL, "CAC", NULL, + "/usr/lib64/p11-kit-proxy.so", NULL, NULL)); + check_parse( + "pkcs11:object=RSA%20Key?module-path=/usr/lib64/pkcs11/opencryptoki.so", -+ compose_uri(NULL, 0, NULL, NULL, NULL, ++ compose_uri(NULL, 0, NULL, NULL, NULL, NULL, + "/usr/lib64/pkcs11/opencryptoki.so", "RSA Key", NULL)); + check_parse("pkcs11:?module-path=/usr/lib64/p11-kit-proxy.so&pin-value=123456", -+ compose_uri(NULL, 0, NULL, NULL, NULL, "/usr/lib64/p11-kit-proxy.so", NULL, "123456")); ++ compose_uri(NULL, 0, NULL, NULL, NULL, NULL, "/usr/lib64/p11-kit-proxy.so", NULL, "123456")); + + /* empty path component matches everything */ + check_parse("pkcs11:", EMPTY_URI); + + /* empty string is a valid to match against (and different from NULL) */ + check_parse("pkcs11:token=", -+ compose_uri(NULL, 0, "", NULL, NULL, NULL, NULL, NULL)); ++ compose_uri(NULL, 0, "", NULL, NULL, NULL, NULL, NULL, NULL)); + /* Percent character needs to be percent-encoded */ + check_parse("pkcs11:token=%25", -+ compose_uri(NULL, 0, "%", NULL, NULL, NULL, NULL, NULL)); ++ compose_uri(NULL, 0, "%", NULL, NULL, NULL, NULL, NULL, NULL)); +} + +static void @@ -703,7 +710,7 @@ diff -up openssh-8.7p1/regress/unittests/pkcs11/tests.c.pkcs11-uri openssh-8.7p1 + check_parse_rv("pkcs11:id=%ZZ", EMPTY_URI, -1); + /* Space MUST be percent encoded -- XXX not enforced yet */ + check_parse("pkcs11:token=SSH Keys", -+ compose_uri(NULL, 0, "SSH Keys", NULL, NULL, NULL, NULL, NULL)); ++ compose_uri(NULL, 0, "SSH Keys", NULL, NULL, NULL, NULL, NULL, NULL)); + /* MUST NOT contain duplicate attributes of the same name */ + check_parse_rv("pkcs11:id=%01;id=%02", EMPTY_URI, -1); + /* MUST NOT contain duplicate attributes of the same name */ @@ -734,29 +741,31 @@ diff -up openssh-8.7p1/regress/unittests/pkcs11/tests.c.pkcs11-uri openssh-8.7p1 +{ + /* path arguments */ + check_gen("pkcs11:id=%01", -+ compose_uri("\x01", 1, NULL, NULL, NULL, NULL, NULL, NULL)); ++ compose_uri("\x01", 1, NULL, NULL, NULL, NULL, NULL, NULL, NULL)); + check_gen("pkcs11:id=%00%01", -+ compose_uri("\x00\x01", 2, NULL, NULL, NULL, NULL, NULL, NULL)); ++ compose_uri("\x00\x01", 2, NULL, NULL, NULL, NULL, NULL, NULL, NULL)); + check_gen("pkcs11:token=SSH%20Keys", /* space must be percent encoded */ -+ compose_uri(NULL, 0, "SSH Keys", NULL, NULL, NULL, NULL, NULL)); ++ compose_uri(NULL, 0, "SSH Keys", NULL, NULL, NULL, NULL, NULL, NULL)); + /* library-manufacturer is not implmented now */ + /*check_gen("pkcs11:library-manufacturer=OpenSC", -+ compose_uri(NULL, 0, NULL, "OpenSC", NULL, NULL, NULL, NULL));*/ ++ compose_uri(NULL, 0, NULL, "OpenSC", NULL, NULL, NULL, NULL, NULL));*/ + check_gen("pkcs11:manufacturer=piv_II", -+ compose_uri(NULL, 0, NULL, NULL, "piv_II", NULL, NULL, NULL)); ++ compose_uri(NULL, 0, NULL, NULL, "piv_II", NULL, NULL, NULL, NULL)); ++ check_gen("pkcs11:serial=IamSerial", ++ compose_uri(NULL, 0, NULL, NULL, NULL, "IamSerial", NULL, NULL, NULL)); + check_gen("pkcs11:object=RSA%20Key", -+ compose_uri(NULL, 0, NULL, NULL, NULL, NULL, "RSA Key", NULL)); ++ compose_uri(NULL, 0, NULL, NULL, NULL, NULL, NULL, "RSA Key", NULL)); + /* query arguments */ + check_gen("pkcs11:?module-path=/usr/lib64/p11-kit-proxy.so", -+ compose_uri(NULL, 0, NULL, NULL, NULL, "/usr/lib64/p11-kit-proxy.so", NULL, NULL)); ++ compose_uri(NULL, 0, NULL, NULL, NULL, NULL, "/usr/lib64/p11-kit-proxy.so", NULL, NULL)); + + /* combinations */ + check_gen("pkcs11:id=%02;token=SSH%20Keys", -+ compose_uri("\x02", 1, "SSH Keys", NULL, NULL, NULL, NULL, NULL)); ++ compose_uri("\x02", 1, "SSH Keys", NULL, NULL, NULL, NULL, NULL, NULL)); + check_gen("pkcs11:id=%EE%02?module-path=/usr/lib64/p11-kit-proxy.so", -+ compose_uri("\xEE\x02", 2, NULL, NULL, NULL, "/usr/lib64/p11-kit-proxy.so", NULL, NULL)); ++ compose_uri("\xEE\x02", 2, NULL, NULL, NULL, NULL, "/usr/lib64/p11-kit-proxy.so", NULL, NULL)); + check_gen("pkcs11:object=Encryption%20Key;manufacturer=piv_II", -+ compose_uri(NULL, 0, NULL, NULL, "piv_II", NULL, "Encryption Key", NULL)); ++ compose_uri(NULL, 0, NULL, NULL, "piv_II", NULL, NULL, "Encryption Key", NULL)); + + /* empty path component matches everything */ + check_gen("pkcs11:", EMPTY_URI); @@ -1545,7 +1554,7 @@ diff -up openssh-8.7p1/ssh-pkcs11.c.pkcs11-uri openssh-8.7p1/ssh-pkcs11.c } static RSA_METHOD *rsa_method; -@@ -195,6 +286,55 @@ static EC_KEY_METHOD *ec_key_method; +@@ -195,6 +286,56 @@ static EC_KEY_METHOD *ec_key_method; static int ec_key_idx = 0; #endif /* OPENSSL_HAS_ECC && HAVE_EC_KEY_METHOD_NEW */ @@ -1587,6 +1596,7 @@ diff -up openssh-8.7p1/ssh-pkcs11.c.pkcs11-uri openssh-8.7p1/ssh-pkcs11.c + uri.module_path = k11->provider->module->module_path; + uri.lib_manuf = k11->provider->module->info.manufacturerID; + uri.manuf = k11->provider->module->slotinfo[k11->slotidx].token.manufacturerID; ++ uri.serial = k11->provider->module->slotinfo[k11->slotidx].token.serialNumber; + + p = pkcs11_uri_get(&uri); + /* do not cleanup -- we do not allocate here, only reference */ @@ -1620,9 +1630,12 @@ diff -up openssh-8.7p1/ssh-pkcs11.c.pkcs11-uri openssh-8.7p1/ssh-pkcs11.c if ((rv = f->C_FindObjectsInit(session, attr, nattr)) != CKR_OK) { error("C_FindObjectsInit failed (nattr %lu): %lu", nattr, rv); return (-1); -@@ -262,12 +403,12 @@ pkcs11_login_slot(struct pkcs11_provider +@@ -260,14 +403,14 @@ pkcs11_login_slot(struct pkcs11_provider + if (si->token.flags & CKF_PROTECTED_AUTHENTICATION_PATH) + verbose("Deferring PIN entry to reader keypad."); else { - snprintf(prompt, sizeof(prompt), "Enter PIN for '%s': ", +- snprintf(prompt, sizeof(prompt), "Enter PIN for '%s': ", ++ snprintf(prompt, sizeof(prompt), "Enter PIN for '%.32s': ", si->token.label); - if ((pin = read_passphrase(prompt, RP_ALLOW_EOF)) == NULL) { + if ((pin = read_passphrase(prompt, RP_ALLOW_EOF|RP_ALLOW_STDIN)) == NULL) { @@ -1754,6 +1767,27 @@ diff -up openssh-8.7p1/ssh-pkcs11.c.pkcs11-uri openssh-8.7p1/ssh-pkcs11.c EC_KEY_set_method(ec, ec_key_method); EC_KEY_set_ex_data(ec, ec_key_idx, k11); +@@ -622,7 +779,8 @@ + } + #endif /* OPENSSL_HAS_ECC && HAVE_EC_KEY_METHOD_NEW */ + +-/* remove trailing spaces */ ++/* remove trailing spaces. Note, that this does NOT guarantee the buffer ++ * will be null terminated if there are no trailing spaces! */ + static void + rmspace(u_char *buf, size_t len) + { +@@ -630,8 +788,8 @@ + + if (!len) + return; +- for (i = len - 1; i > 0; i--) +- if (i == len - 1 || buf[i] == ' ') ++ for (i = len - 1; i > 0; i--) ++ if (buf[i] == ' ') + buf[i] = '\0'; + else + break; @@ -650,8 +806,8 @@ pkcs11_open_session(struct pkcs11_provid CK_SESSION_HANDLE session; int login_required, ret; @@ -2157,7 +2191,7 @@ diff -up openssh-8.7p1/ssh-pkcs11.c.pkcs11-uri openssh-8.7p1/ssh-pkcs11.c int ret = -1; struct pkcs11_provider *p = NULL; void *handle = NULL; -@@ -1517,164 +1702,298 @@ pkcs11_register_provider(char *provider_ +@@ -1517,164 +1702,305 @@ CK_FUNCTION_LIST *f = NULL; CK_TOKEN_INFO *token; CK_ULONG i; @@ -2243,20 +2277,12 @@ diff -up openssh-8.7p1/ssh-pkcs11.c.pkcs11-uri openssh-8.7p1/ssh-pkcs11.c error("C_GetInfo for provider %s failed: %lu", - provider_id, rv); + provider_module, rv); -+ goto fail; -+ } -+ rmspace(m->info.manufacturerID, sizeof(m->info.manufacturerID)); -+ if (uri->lib_manuf != NULL && -+ strcmp(uri->lib_manuf, m->info.manufacturerID)) { -+ debug_f("Skipping provider %s not matching library_manufacturer", -+ m->info.manufacturerID); goto fail; } - rmspace(p->info.manufacturerID, sizeof(p->info.manufacturerID)); - rmspace(p->info.libraryDescription, sizeof(p->info.libraryDescription)); -+ rmspace(m->info.libraryDescription, sizeof(m->info.libraryDescription)); - debug("provider %s: manufacturerID <%s> cryptokiVersion %d.%d" - " libraryDescription <%s> libraryVersion %d.%d", +- debug("provider %s: manufacturerID <%s> cryptokiVersion %d.%d" +- " libraryDescription <%s> libraryVersion %d.%d", - provider_id, - p->info.manufacturerID, - p->info.cryptokiVersion.major, @@ -2265,6 +2291,16 @@ diff -up openssh-8.7p1/ssh-pkcs11.c.pkcs11-uri openssh-8.7p1/ssh-pkcs11.c - p->info.libraryVersion.major, - p->info.libraryVersion.minor); - if ((rv = f->C_GetSlotList(CK_TRUE, NULL, &p->nslots)) != CKR_OK) { ++ rmspace(m->info.manufacturerID, sizeof(m->info.manufacturerID)); ++ if (uri->lib_manuf != NULL && ++ strncmp(uri->lib_manuf, m->info.manufacturerID, 32)) { ++ debug_f("Skipping provider %s not matching library_manufacturer", ++ m->info.manufacturerID); ++ goto fail; ++ } ++ rmspace(m->info.libraryDescription, sizeof(m->info.libraryDescription)); ++ debug("provider %s: manufacturerID <%.32s> cryptokiVersion %d.%d" ++ " libraryDescription <%.32s> libraryVersion %d.%d", + provider_module, + m->info.manufacturerID, + m->info.cryptokiVersion.major, @@ -2321,6 +2357,9 @@ diff -up openssh-8.7p1/ssh-pkcs11.c.pkcs11-uri openssh-8.7p1/ssh-pkcs11.c rmspace(token->manufacturerID, sizeof(token->manufacturerID)); rmspace(token->model, sizeof(token->model)); rmspace(token->serialNumber, sizeof(token->serialNumber)); +- debug("provider %s slot %lu: label <%s> manufacturerID <%s> " +- "model <%s> serial <%s> flags 0x%lx", +- provider_id, (unsigned long)i, + } + m->module_path = provider_module; + provider_module = NULL; @@ -2389,22 +2428,28 @@ diff -up openssh-8.7p1/ssh-pkcs11.c.pkcs11-uri openssh-8.7p1/ssh-pkcs11.c + continue; + } + if (uri->token != NULL && -+ strcmp(token->label, uri->token) != 0) { -+ debug2_f("ignoring token not matching label (%s) " ++ strncmp(token->label, uri->token, 32) != 0) { ++ debug2_f("ignoring token not matching label (%.32s) " + "specified by PKCS#11 URI in slot %lu", + token->label, (unsigned long)i); + continue; + } + if (uri->manuf != NULL && -+ strcmp(token->manufacturerID, uri->manuf) != 0) { ++ strncmp(token->manufacturerID, uri->manuf, 32) != 0) { + debug2_f("ignoring token not matching requrested " -+ "manufacturerID (%s) specified by PKCS#11 URI in " ++ "manufacturerID (%.32s) specified by PKCS#11 URI in " + "slot %lu", token->manufacturerID, (unsigned long)i); + continue; + } - debug("provider %s slot %lu: label <%s> manufacturerID <%s> " - "model <%s> serial <%s> flags 0x%lx", -- provider_id, (unsigned long)i, ++ if (uri->serial != NULL && ++ strncmp(token->serialNumber, uri->serial, 16) != 0) { ++ debug2_f("ignoring token not matching requrested " ++ "serialNumber (%s) specified by PKCS#11 URI in " ++ "slot %lu", token->serialNumber, (unsigned long)i); ++ continue; ++ } ++ debug("provider %s slot %lu: label <%.32s> manufacturerID <%.32s> " ++ "model <%.16s> serial <%.16s> flags 0x%lx", + provider_uri, (unsigned long)i, token->label, token->manufacturerID, token->model, token->serialNumber, token->flags); @@ -2443,7 +2488,7 @@ diff -up openssh-8.7p1/ssh-pkcs11.c.pkcs11-uri openssh-8.7p1/ssh-pkcs11.c + pkcs11_fetch_certs(p, i, keyp, labelsp, &nkeys, uri); + } + if (nkeys == 0 && uri->object != NULL) { -+ debug3_f("No keys found. Retrying without label (%s) ", ++ debug3_f("No keys found. Retrying without label (%.32s) ", + uri->object); + /* Try once more without the label filter */ + char *label = uri->object; @@ -2531,7 +2576,7 @@ diff -up openssh-8.7p1/ssh-pkcs11.c.pkcs11-uri openssh-8.7p1/ssh-pkcs11.c /* no keys found or some other error, de-register provider */ if (nkeys <= 0 && p != NULL) { -@@ -1683,7 +2002,37 @@ pkcs11_add_provider(char *provider_id, c +@@ -1684,7 +2012,37 @@ pkcs11_add_provider(char *provider_id, c pkcs11_provider_unref(p); } if (nkeys == 0) @@ -2591,7 +2636,7 @@ diff -up openssh-8.7p1/ssh-pkcs11.h.pkcs11-uri openssh-8.7p1/ssh-pkcs11.h diff -up openssh-8.7p1/ssh-pkcs11-uri.c.pkcs11-uri openssh-8.7p1/ssh-pkcs11-uri.c --- openssh-8.7p1/ssh-pkcs11-uri.c.pkcs11-uri 2021-08-30 13:07:43.667700130 +0200 +++ openssh-8.7p1/ssh-pkcs11-uri.c 2021-08-30 13:07:43.667700130 +0200 -@@ -0,0 +1,419 @@ +@@ -0,0 +1,437 @@ +/* + * Copyright (c) 2017 Red Hat + * @@ -2634,13 +2679,14 @@ diff -up openssh-8.7p1/ssh-pkcs11-uri.c.pkcs11-uri openssh-8.7p1/ssh-pkcs11-uri. +#define PKCS11_URI_OBJECT "object" +#define PKCS11_URI_LIB_MANUF "library-manufacturer" +#define PKCS11_URI_MANUF "manufacturer" ++#define PKCS11_URI_SERIAL "serial" +#define PKCS11_URI_MODULE_PATH "module-path" +#define PKCS11_URI_PIN_VALUE "pin-value" + +/* Keyword tokens. */ +typedef enum { -+ pId, pToken, pObject, pLibraryManufacturer, pManufacturer, pModulePath, -+ pPinValue, pBadOption ++ pId, pToken, pObject, pLibraryManufacturer, pManufacturer, pSerial, ++ pModulePath, pPinValue, pBadOption +} pkcs11uriOpCodes; + +/* Textual representation of the tokens. */ @@ -2653,6 +2699,7 @@ diff -up openssh-8.7p1/ssh-pkcs11-uri.c.pkcs11-uri openssh-8.7p1/ssh-pkcs11-uri. + { PKCS11_URI_OBJECT, pObject }, + { PKCS11_URI_LIB_MANUF, pLibraryManufacturer }, + { PKCS11_URI_MANUF, pManufacturer }, ++ { PKCS11_URI_SERIAL, pSerial }, + { PKCS11_URI_MODULE_PATH, pModulePath }, + { PKCS11_URI_PIN_VALUE, pPinValue }, + { NULL, pBadOption } @@ -2811,6 +2858,16 @@ diff -up openssh-8.7p1/ssh-pkcs11-uri.c.pkcs11-uri openssh-8.7p1/ssh-pkcs11-uri. + goto err; + } + ++ /* Write serial */ ++ if (uri->serial) { ++ struct sshbuf *serial = percent_encode(uri->serial, ++ strlen(uri->serial), PKCS11_URI_WHITELIST); ++ path = pkcs11_uri_append(path, PKCS11_URI_PATH_SEPARATOR, ++ PKCS11_URI_SERIAL, serial); ++ if (path == NULL) ++ goto err; ++ } ++ + /* Write module_path */ + if (uri->module_path) { + struct sshbuf *module = percent_encode(uri->module_path, @@ -2853,6 +2910,7 @@ diff -up openssh-8.7p1/ssh-pkcs11-uri.c.pkcs11-uri openssh-8.7p1/ssh-pkcs11-uri. + free(pkcs11->object); + free(pkcs11->lib_manuf); + free(pkcs11->manuf); ++ free(pkcs11->serial); + if (pkcs11->pin) + freezero(pkcs11->pin, strlen(pkcs11->pin)); + free(pkcs11); @@ -2948,6 +3006,11 @@ diff -up openssh-8.7p1/ssh-pkcs11-uri.c.pkcs11-uri openssh-8.7p1/ssh-pkcs11-uri. + charptr = &pkcs11->manuf; + goto parse_string; + ++ case pSerial: ++ /* CK_TOKEN_INFO -> serialNumber */ ++ charptr = &pkcs11->serial; ++ goto parse_string; ++ + case pLibraryManufacturer: + /* CK_INFO -> manufacturerID */ + charptr = &pkcs11->lib_manuf; @@ -3014,7 +3077,7 @@ diff -up openssh-8.7p1/ssh-pkcs11-uri.c.pkcs11-uri openssh-8.7p1/ssh-pkcs11-uri. diff -up openssh-8.7p1/ssh-pkcs11-uri.h.pkcs11-uri openssh-8.7p1/ssh-pkcs11-uri.h --- openssh-8.7p1/ssh-pkcs11-uri.h.pkcs11-uri 2021-08-30 13:07:43.667700130 +0200 +++ openssh-8.7p1/ssh-pkcs11-uri.h 2021-08-30 13:07:43.667700130 +0200 -@@ -0,0 +1,42 @@ +@@ -0,0 +1,43 @@ +/* + * Copyright (c) 2017 Red Hat + * @@ -3046,6 +3109,7 @@ diff -up openssh-8.7p1/ssh-pkcs11-uri.h.pkcs11-uri openssh-8.7p1/ssh-pkcs11-uri. + char *object; + char *lib_manuf; + char *manuf; ++ char *serial; + /* query */ + char *module_path; + char *pin; /* Only parsed, but not printed */ diff --git a/openssh-9.3p1-merged-openssl-evp.patch b/openssh-9.3p1-merged-openssl-evp.patch index 28d281c..95d86c3 100644 --- a/openssh-9.3p1-merged-openssl-evp.patch +++ b/openssh-9.3p1-merged-openssl-evp.patch @@ -252,6 +252,16 @@ diff --color -ru -x regress -x autom4te.cache -x '*.o' -x '*.lo' -x Makefile -x #include +@@ -44,6 +44,9 @@ + #include "digest.h" + #define SSHKEY_INTERNAL + #include "sshkey.h" ++#ifdef ENABLE_PKCS11 ++#include "ssh-pkcs11.h" ++#endif + + #include "openbsd-compat/openssl-compat.h" + @@ -126,19 +128,29 @@ static int ssh_ecdsa_generate(struct sshkey *k, int bits) @@ -710,9 +720,9 @@ diff --color -ru -x regress -x autom4te.cache -x '*.o' -x '*.lo' -x Makefile -x + return 0; +} + - /* remove trailing spaces */ + /* remove trailing spaces. Note, that this does NOT guarantee the buffer + * will be null terminated if there are no trailing spaces! */ static void - rmspace(u_char *buf, size_t len) diff --color -ru -x regress -x autom4te.cache -x '*.o' -x '*.lo' -x Makefile -x config.status -x configure~ -x configure.ac openssh-9.3p1/ssh-pkcs11-client.c openssh-9.3p1-patched/ssh-pkcs11-client.c --- openssh-9.3p1/ssh-pkcs11-client.c 2023-06-06 15:53:36.591443976 +0200 +++ openssh-9.3p1-patched/ssh-pkcs11-client.c 2023-06-06 15:52:25.626551768 +0200 @@ -780,7 +790,13 @@ diff --color -ru -x regress -x autom4te.cache -x '*.o' -x '*.lo' -x Makefile -x #include #include -@@ -36,7 +38,7 @@ +@@ -36,10 +36,13 @@ + #include "sshkey.h" + #include "digest.h" + #include "log.h" ++#ifdef ENABLE_PKCS11 ++#include "ssh-pkcs11.h" ++#endif #include "openbsd-compat/openssl-compat.h" From 76c16c6e5ab1f892f8ff94b99ccd957d22fb7a6e Mon Sep 17 00:00:00 2001 From: Mattias Ellert Date: Tue, 24 Oct 2023 21:25:00 +0200 Subject: [PATCH 20/44] Based on openssh-9.3p1-13.fc40 Drop patch openssh-8.0p1-sshbuf-readonly.patch (now included in openssh-8.0p1-gssapi-keyex.patch) --- gsi-openssh.spec | 11 +- openssh-6.7p1-coverity.patch | 15 --- openssh-8.0p1-gssapi-keyex.patch | 70 ++++++++----- openssh-8.0p1-sshbuf-readonly.patch | 152 ---------------------------- 4 files changed, 51 insertions(+), 197 deletions(-) delete mode 100644 openssh-8.0p1-sshbuf-readonly.patch diff --git a/gsi-openssh.spec b/gsi-openssh.spec index a73bd43..c9f44fd 100644 --- a/gsi-openssh.spec +++ b/gsi-openssh.spec @@ -24,7 +24,7 @@ %global libedit 1 %global openssh_ver 9.3p1 -%global openssh_rel 5 +%global openssh_rel 6 Summary: An implementation of the SSH protocol with GSI authentication Name: gsi-openssh @@ -180,9 +180,6 @@ Patch1015: openssh-9.3p1-upstream-cve-2023-38408.patch # upstream b7afd8a4ecaca8afd3179b55e9db79c0ff210237 Patch1016: openssh-9.3p1-openssl-compat.patch -# Fix issue with read-only ssh buffer during gssapi key exchange (#1938224) -# https://github.com/openssh-gsskex/openssh-gsskex/pull/19 -Patch97: openssh-8.0p1-sshbuf-readonly.patch # This is the patch that adds GSI support # Based on hpn_isshd-gsi.7.5p1b.patch from Globus upstream Patch98: openssh-9.3p1-gsissh.patch @@ -345,7 +342,6 @@ gpgv2 --quiet --keyring %{SOURCE3} %{SOURCE1} %{SOURCE0} %patch -P 100 -p1 -b .coverity -%patch -P 97 -p1 -b .sshbuf-ro %patch -P 98 -p1 -b .gsi %patch -P 99 -p1 -b .hpn @@ -542,6 +538,11 @@ fi %attr(0744,root,root) %{_libexecdir}/gsissh/ssh-host-keys-migration.sh %changelog +* Tue Oct 24 2023 Mattias Ellert - 9.3p1-6 +- Based on openssh-9.3p1-13.fc40 +- Drop patch openssh-8.0p1-sshbuf-readonly.patch (now included in + openssh-8.0p1-gssapi-keyex.patch) + * Tue Oct 17 2023 Mattias Ellert - 9.3p1-5 - Based on openssh-9.3p1-12.fc40 diff --git a/openssh-6.7p1-coverity.patch b/openssh-6.7p1-coverity.patch index 494f4c6..1dca99c 100644 --- a/openssh-6.7p1-coverity.patch +++ b/openssh-6.7p1-coverity.patch @@ -42,21 +42,6 @@ diff -up openssh-8.5p1/gss-genr.c.coverity openssh-8.5p1/gss-genr.c for ((p = strsep(&cp, ",")); p && *p != '\0'; (p = strsep(&cp, ","))) { if (sshbuf_len(buf) != 0 && -diff -up openssh-8.5p1/kexgssc.c.coverity openssh-8.5p1/kexgssc.c ---- openssh-8.5p1/kexgssc.c.coverity 2021-03-24 12:03:33.711967665 +0100 -+++ openssh-8.5p1/kexgssc.c 2021-03-24 12:03:33.783968166 +0100 -@@ -98,8 +98,10 @@ kexgss_client(struct ssh *ssh) - default: - fatal_f("Unexpected KEX type %d", kex->kex_type); - } -- if (r != 0) -+ if (r != 0) { -+ ssh_gssapi_delete_ctx(&ctxt); - return r; -+ } - - token_ptr = GSS_C_NO_BUFFER; - diff -up openssh-8.5p1/krl.c.coverity openssh-8.5p1/krl.c --- openssh-8.5p1/krl.c.coverity 2021-03-02 11:31:47.000000000 +0100 +++ openssh-8.5p1/krl.c 2021-03-24 12:03:33.783968166 +0100 diff --git a/openssh-8.0p1-gssapi-keyex.patch b/openssh-8.0p1-gssapi-keyex.patch index d1d914d..0bc509f 100644 --- a/openssh-8.0p1-gssapi-keyex.patch +++ b/openssh-8.0p1-gssapi-keyex.patch @@ -1488,7 +1488,7 @@ new file mode 100644 index 00000000..f6e1405e --- /dev/null +++ b/kexgssc.c -@@ -0,0 +1,600 @@ +@@ -0,0 +1,612 @@ +/* + * Copyright (c) 2001-2009 Simon Wilkinson. All rights reserved. + * @@ -1589,8 +1589,10 @@ index 00000000..f6e1405e + default: + fatal_f("Unexpected KEX type %d", kex->kex_type); + } -+ if (r != 0) ++ if (r != 0) { ++ ssh_gssapi_delete_ctx(&ctxt); + return r; ++ } + + token_ptr = GSS_C_NO_BUFFER; + @@ -1653,11 +1655,16 @@ index 00000000..f6e1405e + do { + type = ssh_packet_read(ssh); + if (type == SSH2_MSG_KEXGSS_HOSTKEY) { ++ char *tmp = NULL; ++ size_t tmp_len = 0; ++ + debug("Received KEXGSS_HOSTKEY"); + if (server_host_key_blob) + fatal("Server host key received more than once"); -+ if ((r = sshpkt_getb_froms(ssh, &server_host_key_blob)) != 0) ++ if ((r = sshpkt_get_string(ssh, &tmp, &tmp_len)) != 0) + fatal("Failed to read server host key: %s", ssh_err(r)); ++ if ((server_host_key_blob = sshbuf_from(tmp, tmp_len)) == NULL) ++ fatal("sshbuf_from failed"); + } + } while (type == SSH2_MSG_KEXGSS_HOSTKEY); + @@ -1944,11 +1951,16 @@ index 00000000..f6e1405e + do { + type = ssh_packet_read(ssh); + if (type == SSH2_MSG_KEXGSS_HOSTKEY) { ++ char *tmp = NULL; ++ size_t tmp_len = 0; ++ + debug("Received KEXGSS_HOSTKEY"); + if (server_host_key_blob) + fatal("Server host key received more than once"); -+ if ((r = sshpkt_getb_froms(ssh, &server_host_key_blob)) != 0) ++ if ((r = sshpkt_get_string(ssh, &tmp, &tmp_len)) != 0) + fatal("sshpkt failed: %s", ssh_err(r)); ++ if ((server_host_key_blob = sshbuf_from(tmp, tmp_len)) == NULL) ++ fatal("sshbuf_from failed"); + } + } while (type == SSH2_MSG_KEXGSS_HOSTKEY); + @@ -2094,7 +2106,7 @@ new file mode 100644 index 00000000..60bc02de --- /dev/null +++ b/kexgsss.c -@@ -0,0 +1,474 @@ +@@ -0,0 +1,482 @@ +/* + * Copyright (c) 2001-2009 Simon Wilkinson. All rights reserved. + * @@ -2161,7 +2173,7 @@ index 00000000..60bc02de + */ + + OM_uint32 ret_flags = 0; -+ gss_buffer_desc gssbuf, recv_tok, msg_tok; ++ gss_buffer_desc gssbuf = {0, NULL}, recv_tok, msg_tok; + gss_buffer_desc send_tok = GSS_C_EMPTY_BUFFER; + Gssctxt *ctxt = NULL; + struct sshbuf *shared_secret = NULL; @@ -2201,7 +2213,7 @@ index 00000000..60bc02de + type = ssh_packet_read(ssh); + switch(type) { + case SSH2_MSG_KEXGSS_INIT: -+ if (client_pubkey != NULL) ++ if (gssbuf.value != NULL) + fatal("Received KEXGSS_INIT after initialising"); + if ((r = ssh_gssapi_sshpkt_get_buffer_desc(ssh, + &recv_tok)) != 0 || @@ -2232,6 +2244,31 @@ index 00000000..60bc02de + goto out; + + /* Send SSH_MSG_KEXGSS_HOSTKEY here, if we want */ ++ ++ /* Calculate the hash early so we can free the ++ * client_pubkey, which has reference to the parent ++ * buffer state->incoming_packet ++ */ ++ hashlen = sizeof(hash); ++ if ((r = kex_gen_hash( ++ kex->hash_alg, ++ kex->client_version, ++ kex->server_version, ++ kex->peer, ++ kex->my, ++ empty, ++ client_pubkey, ++ server_pubkey, ++ shared_secret, ++ hash, &hashlen)) != 0) ++ goto out; ++ ++ gssbuf.value = hash; ++ gssbuf.length = hashlen; ++ ++ sshbuf_free(client_pubkey); ++ client_pubkey = NULL; ++ + break; + case SSH2_MSG_KEXGSS_CONTINUE: + if ((r = ssh_gssapi_sshpkt_get_buffer_desc(ssh, @@ -2253,7 +2290,7 @@ index 00000000..60bc02de + if (maj_status != GSS_S_COMPLETE && send_tok.length == 0) + fatal("Zero length token output when incomplete"); + -+ if (client_pubkey == NULL) ++ if (gssbuf.value == NULL) + fatal("No client public key"); + + if (maj_status & GSS_S_CONTINUE_NEEDED) { @@ -2282,23 +2319,6 @@ index 00000000..60bc02de + if (!(ret_flags & GSS_C_INTEG_FLAG)) + fatal("Integrity flag wasn't set"); + -+ hashlen = sizeof(hash); -+ if ((r = kex_gen_hash( -+ kex->hash_alg, -+ kex->client_version, -+ kex->server_version, -+ kex->peer, -+ kex->my, -+ empty, -+ client_pubkey, -+ server_pubkey, -+ shared_secret, -+ hash, &hashlen)) != 0) -+ goto out; -+ -+ gssbuf.value = hash; -+ gssbuf.length = hashlen; -+ + if (GSS_ERROR(PRIVSEP(ssh_gssapi_sign(ctxt, &gssbuf, &msg_tok)))) + fatal("Couldn't get MIC"); + diff --git a/openssh-8.0p1-sshbuf-readonly.patch b/openssh-8.0p1-sshbuf-readonly.patch deleted file mode 100644 index edc8bec..0000000 --- a/openssh-8.0p1-sshbuf-readonly.patch +++ /dev/null @@ -1,152 +0,0 @@ -From 063e1a255b53abde1147522f9aceccfd2a7ceb9b Mon Sep 17 00:00:00 2001 -From: Jakub Jelen -Date: Tue, 2 Mar 2021 19:45:25 +0100 -Subject: [PATCH] Unbreak gsi-openssh by not holding the sshbuf structures - originated from incoming packet buffer - -Keeping buffers from sshpkt_getb_froms() for breaks further packet -processing because the "derived" buffer keeps a "link" to te parent -buffer, which is then considered readonly. - -This addresses the visible issue in the kexgss_server(), which -demonstrated with GSI (requiring more round trips than GSSAPI -with kerberos). - -The additional two places in the client were never hit, because the host -keys are never sent as part of the gssapi key exchange but in case we -would have different server or we would start sending hostkeys as the -code is ready for that, we would hit it anyway. - -Fixes #18 ---- - kexgssc.c | 14 ++++++++++++-- - kexgsss.c | 48 ++++++++++++++++++++++++++++-------------------- - 2 files changed, 40 insertions(+), 22 deletions(-) - -diff --git a/kexgssc.c b/kexgssc.c -index 1c62740e..29b8b031 100644 ---- a/kexgssc.c -+++ b/kexgssc.c -@@ -162,11 +162,16 @@ kexgss_client(struct ssh *ssh) - do { - type = ssh_packet_read(ssh); - if (type == SSH2_MSG_KEXGSS_HOSTKEY) { -+ char *tmp = NULL; -+ size_t tmp_len = 0; -+ - debug("Received KEXGSS_HOSTKEY"); - if (server_host_key_blob) - fatal("Server host key received more than once"); -- if ((r = sshpkt_getb_froms(ssh, &server_host_key_blob)) != 0) -+ if ((r = sshpkt_get_string(ssh, &tmp, &tmp_len)) != 0) - fatal("Failed to read server host key: %s", ssh_err(r)); -+ if ((server_host_key_blob = sshbuf_from(tmp, tmp_len)) == NULL) -+ fatal("sshbuf_from failed"); - } - } while (type == SSH2_MSG_KEXGSS_HOSTKEY); - -@@ -453,11 +458,16 @@ kexgssgex_client(struct ssh *ssh) - do { - type = ssh_packet_read(ssh); - if (type == SSH2_MSG_KEXGSS_HOSTKEY) { -+ char *tmp = NULL; -+ size_t tmp_len = 0; -+ - debug("Received KEXGSS_HOSTKEY"); - if (server_host_key_blob) - fatal("Server host key received more than once"); -- if ((r = sshpkt_getb_froms(ssh, &server_host_key_blob)) != 0) -+ if ((r = sshpkt_get_string(ssh, &tmp, &tmp_len)) != 0) - fatal("sshpkt failed: %s", ssh_err(r)); -+ if ((server_host_key_blob = sshbuf_from(tmp, tmp_len)) == NULL) -+ fatal("sshbuf_from failed"); - } - } while (type == SSH2_MSG_KEXGSS_HOSTKEY); - -diff --git a/kexgsss.c b/kexgsss.c -index a2c02148..c8b7d652 100644 ---- a/kexgsss.c -+++ b/kexgsss.c -@@ -64,7 +64,7 @@ kexgss_server(struct ssh *ssh) - */ - - OM_uint32 ret_flags = 0; -- gss_buffer_desc gssbuf, recv_tok, msg_tok; -+ gss_buffer_desc gssbuf = {0, NULL}, recv_tok, msg_tok; - gss_buffer_desc send_tok = GSS_C_EMPTY_BUFFER; - Gssctxt *ctxt = NULL; - struct sshbuf *shared_secret = NULL; -@@ -104,7 +104,7 @@ kexgss_server(struct ssh *ssh) - type = ssh_packet_read(ssh); - switch(type) { - case SSH2_MSG_KEXGSS_INIT: -- if (client_pubkey != NULL) -+ if (gssbuf.value != NULL) - fatal("Received KEXGSS_INIT after initialising"); - if ((r = ssh_gssapi_sshpkt_get_buffer_desc(ssh, - &recv_tok)) != 0 || -@@ -135,6 +135,31 @@ kexgss_server(struct ssh *ssh) - goto out; - - /* Send SSH_MSG_KEXGSS_HOSTKEY here, if we want */ -+ -+ /* Calculate the hash early so we can free the -+ * client_pubkey, which has reference to the parent -+ * buffer state->incoming_packet -+ */ -+ hashlen = sizeof(hash); -+ if ((r = kex_gen_hash( -+ kex->hash_alg, -+ kex->client_version, -+ kex->server_version, -+ kex->peer, -+ kex->my, -+ empty, -+ client_pubkey, -+ server_pubkey, -+ shared_secret, -+ hash, &hashlen)) != 0) -+ goto out; -+ -+ gssbuf.value = hash; -+ gssbuf.length = hashlen; -+ -+ sshbuf_free(client_pubkey); -+ client_pubkey = NULL; -+ - break; - case SSH2_MSG_KEXGSS_CONTINUE: - if ((r = ssh_gssapi_sshpkt_get_buffer_desc(ssh, -@@ -156,7 +181,7 @@ kexgss_server(struct ssh *ssh) - if (maj_status != GSS_S_COMPLETE && send_tok.length == 0) - fatal("Zero length token output when incomplete"); - -- if (client_pubkey == NULL) -+ if (gssbuf.value == NULL) - fatal("No client public key"); - - if (maj_status & GSS_S_CONTINUE_NEEDED) { -@@ -185,23 +210,6 @@ kexgss_server(struct ssh *ssh) - if (!(ret_flags & GSS_C_INTEG_FLAG)) - fatal("Integrity flag wasn't set"); - -- hashlen = sizeof(hash); -- if ((r = kex_gen_hash( -- kex->hash_alg, -- kex->client_version, -- kex->server_version, -- kex->peer, -- kex->my, -- empty, -- client_pubkey, -- server_pubkey, -- shared_secret, -- hash, &hashlen)) != 0) -- goto out; -- -- gssbuf.value = hash; -- gssbuf.length = hashlen; -- - if (GSS_ERROR(PRIVSEP(ssh_gssapi_sign(ctxt, &gssbuf, &msg_tok)))) - fatal("Couldn't get MIC"); - From 4a1597c64d7dd1837f9c7ddfb598bac5c5aaf169 Mon Sep 17 00:00:00 2001 From: Fedora Release Engineering Date: Sat, 20 Jan 2024 21:35:29 +0000 Subject: [PATCH 21/44] Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild --- gsi-openssh.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/gsi-openssh.spec b/gsi-openssh.spec index c9f44fd..03c2dd7 100644 --- a/gsi-openssh.spec +++ b/gsi-openssh.spec @@ -29,7 +29,7 @@ Summary: An implementation of the SSH protocol with GSI authentication Name: gsi-openssh Version: %{openssh_ver} -Release: %{openssh_rel}%{?dist} +Release: %{openssh_rel}%{?dist}.1 Provides: gsissh = %{version}-%{release} Obsoletes: gsissh < 5.8p2-2 URL: http://www.openssh.com/portable.html @@ -538,6 +538,9 @@ fi %attr(0744,root,root) %{_libexecdir}/gsissh/ssh-host-keys-migration.sh %changelog +* Sat Jan 20 2024 Fedora Release Engineering - 9.3p1-6.1 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild + * Tue Oct 24 2023 Mattias Ellert - 9.3p1-6 - Based on openssh-9.3p1-13.fc40 - Drop patch openssh-8.0p1-sshbuf-readonly.patch (now included in From 3e94785b283e6aaa92116943b140356d4ff06cbd Mon Sep 17 00:00:00 2001 From: Mattias Ellert Date: Sat, 20 Jan 2024 22:54:58 +0100 Subject: [PATCH 22/44] Based on openssh-9.3p1-13.fc40.1 --- gsi-openssh.spec | 7 +++++-- openssh-8.0p1-gssapi-keyex.patch | 4 ++-- 2 files changed, 7 insertions(+), 4 deletions(-) diff --git a/gsi-openssh.spec b/gsi-openssh.spec index 03c2dd7..5e4ca1f 100644 --- a/gsi-openssh.spec +++ b/gsi-openssh.spec @@ -24,12 +24,12 @@ %global libedit 1 %global openssh_ver 9.3p1 -%global openssh_rel 6 +%global openssh_rel 7 Summary: An implementation of the SSH protocol with GSI authentication Name: gsi-openssh Version: %{openssh_ver} -Release: %{openssh_rel}%{?dist}.1 +Release: %{openssh_rel}%{?dist} Provides: gsissh = %{version}-%{release} Obsoletes: gsissh < 5.8p2-2 URL: http://www.openssh.com/portable.html @@ -538,6 +538,9 @@ fi %attr(0744,root,root) %{_libexecdir}/gsissh/ssh-host-keys-migration.sh %changelog +* Sat Jan 20 2024 Mattias Ellert - 9.3p1-7 +- Based on openssh-9.3p1-13.fc40.1 + * Sat Jan 20 2024 Fedora Release Engineering - 9.3p1-6.1 - Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild diff --git a/openssh-8.0p1-gssapi-keyex.patch b/openssh-8.0p1-gssapi-keyex.patch index 0bc509f..89bcd0d 100644 --- a/openssh-8.0p1-gssapi-keyex.patch +++ b/openssh-8.0p1-gssapi-keyex.patch @@ -1655,7 +1655,7 @@ index 00000000..f6e1405e + do { + type = ssh_packet_read(ssh); + if (type == SSH2_MSG_KEXGSS_HOSTKEY) { -+ char *tmp = NULL; ++ u_char *tmp = NULL; + size_t tmp_len = 0; + + debug("Received KEXGSS_HOSTKEY"); @@ -1951,7 +1951,7 @@ index 00000000..f6e1405e + do { + type = ssh_packet_read(ssh); + if (type == SSH2_MSG_KEXGSS_HOSTKEY) { -+ char *tmp = NULL; ++ u_char *tmp = NULL; + size_t tmp_len = 0; + + debug("Received KEXGSS_HOSTKEY"); From ed01b0a2c59b718ecb4ebcc266968fe5b898ecc8 Mon Sep 17 00:00:00 2001 From: Fedora Release Engineering Date: Wed, 24 Jan 2024 21:07:00 +0000 Subject: [PATCH 23/44] Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild --- gsi-openssh.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/gsi-openssh.spec b/gsi-openssh.spec index 5e4ca1f..f9bc019 100644 --- a/gsi-openssh.spec +++ b/gsi-openssh.spec @@ -29,7 +29,7 @@ Summary: An implementation of the SSH protocol with GSI authentication Name: gsi-openssh Version: %{openssh_ver} -Release: %{openssh_rel}%{?dist} +Release: %{openssh_rel}%{?dist}.1 Provides: gsissh = %{version}-%{release} Obsoletes: gsissh < 5.8p2-2 URL: http://www.openssh.com/portable.html @@ -538,6 +538,9 @@ fi %attr(0744,root,root) %{_libexecdir}/gsissh/ssh-host-keys-migration.sh %changelog +* Wed Jan 24 2024 Fedora Release Engineering - 9.3p1-7.1 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild + * Sat Jan 20 2024 Mattias Ellert - 9.3p1-7 - Based on openssh-9.3p1-13.fc40.1 From bd1630068088d4ad544ca714f306122b79c62835 Mon Sep 17 00:00:00 2001 From: Mattias Ellert Date: Wed, 10 Jul 2024 15:35:42 +0200 Subject: [PATCH 24/44] Based on openssh-9.6p1-1.fc40.4 --- gsi-openssh.spec | 43 +- gsissh-host-keys-migration.service | 15 + gsisshd.service | 3 + gsisshd@.service | 3 + openssh-6.6.1p1-selinux-contexts.patch | 22 +- openssh-6.7p1-coverity.patch | 87 - openssh-7.2p2-x11.patch | 24 +- openssh-7.8p1-role-mls.patch | 10 +- openssh-8.0p1-gssapi-keyex.patch | 56 +- openssh-8.0p1-pkcs11-uri.patch | 469 +- openssh-8.7p1-minrsabits.patch | 22 +- openssh-8.7p1-recursive-scp.patch | 167 +- openssh-9.3p1-hpn-15.2-modified.patch | 2595 --- openssh-9.3p1-merged-openssl-evp.patch | 55 +- openssh-9.3p1-openssl-compat.patch | 40 - openssh-9.3p1-upstream-cve-2023-38408.patch | 130 - openssh-9.6p1-cve-2024-6387.patch | 35 + ...gsissh.patch => openssh-9.6p1-gsissh.patch | 370 +- openssh-9.6p1-hpn-18.3.1.patch | 14718 ++++++++++++++++ sources | 4 +- 20 files changed, 15422 insertions(+), 3446 deletions(-) create mode 100644 gsissh-host-keys-migration.service delete mode 100644 openssh-9.3p1-hpn-15.2-modified.patch delete mode 100644 openssh-9.3p1-openssl-compat.patch delete mode 100644 openssh-9.3p1-upstream-cve-2023-38408.patch create mode 100644 openssh-9.6p1-cve-2024-6387.patch rename openssh-9.3p1-gsissh.patch => openssh-9.6p1-gsissh.patch (88%) create mode 100644 openssh-9.6p1-hpn-18.3.1.patch diff --git a/gsi-openssh.spec b/gsi-openssh.spec index f9bc019..49140db 100644 --- a/gsi-openssh.spec +++ b/gsi-openssh.spec @@ -23,13 +23,13 @@ # Do we want libedit support %global libedit 1 -%global openssh_ver 9.3p1 -%global openssh_rel 7 +%global openssh_ver 9.6p1 +%global openssh_rel 1 Summary: An implementation of the SSH protocol with GSI authentication Name: gsi-openssh Version: %{openssh_ver} -Release: %{openssh_rel}%{?dist}.1 +Release: %{openssh_rel}%{?dist} Provides: gsissh = %{version}-%{release} Obsoletes: gsissh < 5.8p2-2 URL: http://www.openssh.com/portable.html @@ -46,6 +46,7 @@ Source13: gsisshd-keygen Source15: gsisshd-keygen.target Source19: %{name}-server-systemd-sysusers.conf Source20: gsissh-host-keys-migration.sh +Source21: gsissh-host-keys-migration.service Source99: README.sshd-and-gsisshd #https://bugzilla.mindrot.org/show_bug.cgi?id=2581 @@ -176,17 +177,18 @@ Patch1006: openssh-8.7p1-negotiate-supported-algs.patch Patch1012: openssh-9.0p1-evp-fips-dh.patch Patch1013: openssh-9.0p1-evp-fips-ecdh.patch Patch1014: openssh-8.7p1-nohostsha1proof.patch -Patch1015: openssh-9.3p1-upstream-cve-2023-38408.patch -# upstream b7afd8a4ecaca8afd3179b55e9db79c0ff210237 -Patch1016: openssh-9.3p1-openssl-compat.patch + +# https://bugzilla.redhat.com/show_bug.cgi?id=2294879 +# Merged in OpenSSH 9.8 +Patch1016: openssh-9.6p1-cve-2024-6387.patch # This is the patch that adds GSI support # Based on hpn_isshd-gsi.7.5p1b.patch from Globus upstream -Patch98: openssh-9.3p1-gsissh.patch +Patch98: openssh-9.6p1-gsissh.patch # This is the HPN patch -# Based on https://sourceforge.net/projects/hpnssh/files/Patches/HPN-SSH%2015v2%208.5p1/ -Patch99: openssh-9.3p1-hpn-15.2-modified.patch +# Based on https://github.com/rapier1/hpn-ssh/ tag: hpn-18.3.1 +Patch99: openssh-9.6p1-hpn-18.3.1.patch License: BSD-3-Clause AND BSD-2-Clause AND ISC AND SSH-OpenSSH AND ssh-keyscan AND sprintf AND LicenseRef-Fedora-Public-Domain AND X11-distribute-modifications-variant Requires: /sbin/nologin @@ -337,8 +339,7 @@ gpgv2 --quiet --keyring %{SOURCE3} %{SOURCE1} %{SOURCE0} %patch -P 1012 -p1 -b .evp-fips-dh %patch -P 1013 -p1 -b .evp-fips-ecdh %patch -P 1014 -p1 -b .nosha1hostproof -%patch -P 1015 -p1 -b .cve-2023-38408 -%patch -P 1016 -p1 -b .ossl-version +%patch -P 1016 -p1 -b .cve-2024-6387 %patch -P 100 -p1 -b .coverity @@ -450,9 +451,13 @@ install -m644 %{SOURCE15} $RPM_BUILD_ROOT/%{_unitdir}/gsisshd-keygen.target install -m755 %{SOURCE13} $RPM_BUILD_ROOT/%{_libexecdir}/gsissh/sshd-keygen install -d -m711 ${RPM_BUILD_ROOT}/%{_datadir}/empty.sshd install -p -D -m 0644 %{SOURCE19} $RPM_BUILD_ROOT%{_sysusersdir}/%{name}-server.conf -# Migration script for Fedora 38 change to remove group ownership for standard host keys +# Migration service/script for Fedora 38 change to remove group ownership for standard host keys # See https://fedoraproject.org/wiki/Changes/SSHKeySignSuidBit install -m744 %{SOURCE20} $RPM_BUILD_ROOT/%{_libexecdir}/gsissh/ssh-host-keys-migration.sh +# Pulled-in via a `Wants=` in `gsisshd.service` & `gsisshd@.service` +install -m644 %{SOURCE21} $RPM_BUILD_ROOT/%{_unitdir}/gsissh-host-keys-migration.service +install -d $RPM_BUILD_ROOT/%{_localstatedir}/lib +touch $RPM_BUILD_ROOT/%{_localstatedir}/lib/.gsissh-host-keys-migration rm $RPM_BUILD_ROOT%{_bindir}/ssh-add rm $RPM_BUILD_ROOT%{_bindir}/ssh-agent @@ -472,6 +477,9 @@ for f in $RPM_BUILD_ROOT%{_bindir}/* \ mv $f `dirname $f`/gsi`basename $f` done +# Add symlink with alternative name for scp binary +ln -s gsiscp $RPM_BUILD_ROOT%{_bindir}/hpnscp + perl -pi -e "s|$RPM_BUILD_ROOT||g" $RPM_BUILD_ROOT%{_mandir}/man*/* %pre server @@ -479,9 +487,12 @@ perl -pi -e "s|$RPM_BUILD_ROOT||g" $RPM_BUILD_ROOT%{_mandir}/man*/* %post server if [ $1 -gt 1 ]; then - # In the case of an upgrade run the migration + # In the case of an upgrade (never true on OSTree systems) run the migration # script for Fedora 38 to remove group ownership for host keys. %{_libexecdir}/gsissh/ssh-host-keys-migration.sh + # Prevent the systemd unit that performs the same service (useful for + # OSTree systems) from running. + touch /var/lib/.gsissh-host-keys-migration fi %systemd_post gsisshd.service gsisshd.socket @@ -506,6 +517,7 @@ fi %attr(0755,root,root) %{_bindir}/gsissh %attr(0644,root,root) %{_mandir}/man1/gsissh.1* %attr(0755,root,root) %{_bindir}/gsiscp +%{_bindir}/hpnscp %attr(0644,root,root) %{_mandir}/man1/gsiscp.1* %attr(0644,root,root) %config(noreplace) %{_sysconfdir}/gsissh/ssh_config %dir %attr(0755,root,root) %{_sysconfdir}/gsissh/ssh_config.d/ @@ -535,9 +547,14 @@ fi %attr(0644,root,root) %{_unitdir}/gsisshd-keygen@.service %attr(0644,root,root) %{_unitdir}/gsisshd-keygen.target %attr(0644,root,root) %{_sysusersdir}/%{name}-server.conf +%attr(0644,root,root) %{_unitdir}/gsissh-host-keys-migration.service %attr(0744,root,root) %{_libexecdir}/gsissh/ssh-host-keys-migration.sh +%ghost %attr(0644,root,root) %{_localstatedir}/lib/.gsissh-host-keys-migration %changelog +* Sat Jul 06 2024 Mattias Ellert - 9.6p1-1 +- Based on openssh-9.6p1-1.fc40.4 + * Wed Jan 24 2024 Fedora Release Engineering - 9.3p1-7.1 - Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild diff --git a/gsissh-host-keys-migration.service b/gsissh-host-keys-migration.service new file mode 100644 index 0000000..db91516 --- /dev/null +++ b/gsissh-host-keys-migration.service @@ -0,0 +1,15 @@ +[Unit] +Description=Update gsissh host key permissions +Documentation=https://fedoraproject.org/wiki/Changes/SSHKeySignSuidBit +Before=gsisshd.service +After=gsissh-keygen.target +ConditionPathExists=!/var/lib/.gsissh-host-keys-migration + +[Service] +Type=oneshot +ExecStart=-/usr/libexec/gsissh/ssh-host-keys-migration.sh +ExecStart=touch /var/lib/.gsissh-host-keys-migration +RemainAfterExit=yes + +[Install] +WantedBy=gsisshd.service diff --git a/gsisshd.service b/gsisshd.service index afe165d..6272ced 100644 --- a/gsisshd.service +++ b/gsisshd.service @@ -3,6 +3,9 @@ Description=gsissh server daemon Documentation=man:gsisshd(8) man:gsisshd_config(5) After=network.target gsisshd-keygen.target Wants=gsisshd-keygen.target +# Migration for Fedora 38 change to remove group ownership for standard host keys +# See https://fedoraproject.org/wiki/Changes/SSHKeySignSuidBit +Wants=gsissh-host-keys-migration.service [Service] Type=notify diff --git a/gsisshd@.service b/gsisshd@.service index 3f5ecbd..8a3fff2 100644 --- a/gsisshd@.service +++ b/gsisshd@.service @@ -3,6 +3,9 @@ Description=gsissh per-connection server daemon Documentation=man:gsisshd(8) man:gsisshd_config(5) Wants=gsisshd-keygen.target After=gsisshd-keygen.target +# Migration for Fedora 38 change to remove group ownership for standard host keys +# See https://fedoraproject.org/wiki/Changes/SSHKeySignSuidBit +Wants=gsissh-host-keys-migration.service [Service] EnvironmentFile=-/etc/sysconfig/gsisshd diff --git a/openssh-6.6.1p1-selinux-contexts.patch b/openssh-6.6.1p1-selinux-contexts.patch index fa9d591..eab724a 100644 --- a/openssh-6.6.1p1-selinux-contexts.patch +++ b/openssh-6.6.1p1-selinux-contexts.patch @@ -93,19 +93,17 @@ index 8f32464..18a2ca4 100644 #endif diff --git a/openbsd-compat/port-linux.c b/openbsd-compat/port-linux.c -index 22ea8ef..1fc963d 100644 ---- a/openbsd-compat/port-linux.c -+++ b/openbsd-compat/port-linux.c -@@ -179,7 +179,7 @@ ssh_selinux_change_context(const char *newname) - strlcpy(newctx + len, newname, newlen - len); - if ((cx = index(cx + 1, ':'))) - strlcat(newctx, cx, newlen); -- debug3("%s: setting context from '%s' to '%s'", __func__, -+ debug_f("setting context from '%s' to '%s'", - oldctx, newctx); +--- a/openbsd-compat/port-linux.c (revision 8241b9c0529228b4b86d88b1a6076fb9f97e4a99) ++++ b/openbsd-compat/port-linux.c (date 1703108053912) +@@ -207,7 +207,7 @@ + xasprintf(&newctx, "%.*s%s%s", (int)(cx - oldctx + 1), oldctx, + newname, cx2 == NULL ? "" : cx2); + +- debug3_f("setting context from '%s' to '%s'", oldctx, newctx); ++ debug_f("setting context from '%s' to '%s'", oldctx, newctx); if (setcon(newctx) < 0) - do_log2(log_level, "%s: setcon %s from %s failed with %s", - __func__, newctx, oldctx, strerror(errno)); + do_log2_f(log_level, "setcon %s from %s failed with %s", + newctx, oldctx, strerror(errno)); diff --git a/openbsd-compat/port-linux.h b/openbsd-compat/port-linux.h index cb51f99..8b7cda2 100644 --- a/openbsd-compat/port-linux.h diff --git a/openssh-6.7p1-coverity.patch b/openssh-6.7p1-coverity.patch index 1dca99c..01a061b 100644 --- a/openssh-6.7p1-coverity.patch +++ b/openssh-6.7p1-coverity.patch @@ -17,17 +17,6 @@ diff -up openssh-8.5p1/auth-krb5.c.coverity openssh-8.5p1/auth-krb5.c return oerrno; } /* make sure the KRB5CCNAME is set for non-standard location */ -diff -up openssh-8.5p1/auth-options.c.coverity openssh-8.5p1/auth-options.c ---- openssh-8.5p1/auth-options.c.coverity 2021-03-02 11:31:47.000000000 +0100 -+++ openssh-8.5p1/auth-options.c 2021-03-24 12:03:33.782968159 +0100 -@@ -706,6 +708,7 @@ serialise_array(struct sshbuf *m, char * - return r; - } - /* success */ -+ sshbuf_free(b); - return 0; - } - diff -up openssh-8.5p1/gss-genr.c.coverity openssh-8.5p1/gss-genr.c --- openssh-8.5p1/gss-genr.c.coverity 2021-03-26 11:52:46.613942552 +0100 +++ openssh-8.5p1/gss-genr.c 2021-03-26 11:54:37.881726318 +0100 @@ -45,14 +34,6 @@ diff -up openssh-8.5p1/gss-genr.c.coverity openssh-8.5p1/gss-genr.c diff -up openssh-8.5p1/krl.c.coverity openssh-8.5p1/krl.c --- openssh-8.5p1/krl.c.coverity 2021-03-02 11:31:47.000000000 +0100 +++ openssh-8.5p1/krl.c 2021-03-24 12:03:33.783968166 +0100 -@@ -1209,6 +1209,7 @@ ssh_krl_from_blob(struct sshbuf *buf, st - sshkey_free(key); - sshbuf_free(copy); - sshbuf_free(sect); -+ /* coverity[leaked_storage : FALSE] */ - return r; - } - @@ -1261,6 +1262,7 @@ is_key_revoked(struct ssh_krl *krl, cons return r; erb = RB_FIND(revoked_blob_tree, &krl->revoked_sha1s, &rb); @@ -149,23 +130,6 @@ diff -up openssh-7.4p1/monitor.c.coverity openssh-7.4p1/monitor.c return (0); error: -diff -up openssh-7.4p1/monitor_wrap.c.coverity openssh-7.4p1/monitor_wrap.c ---- openssh-7.4p1/monitor_wrap.c.coverity 2016-12-23 16:40:26.892788689 +0100 -+++ openssh-7.4p1/monitor_wrap.c 2016-12-23 16:40:26.900788691 +0100 -@@ -525,10 +525,10 @@ mm_pty_allocate(int *ptyfd, int *ttyfd, - if ((tmp1 = dup(pmonitor->m_recvfd)) == -1 || - (tmp2 = dup(pmonitor->m_recvfd)) == -1) { - error_f("cannot allocate fds for pty"); -- if (tmp1 > 0) -+ if (tmp1 >= 0) - close(tmp1); -- if (tmp2 > 0) -- close(tmp2); -+ /*DEAD CODE if (tmp2 >= 0) -+ close(tmp2);*/ - return 0; - } - close(tmp1); diff -up openssh-7.4p1/openbsd-compat/bindresvport.c.coverity openssh-7.4p1/openbsd-compat/bindresvport.c --- openssh-7.4p1/openbsd-compat/bindresvport.c.coverity 2016-12-19 05:59:41.000000000 +0100 +++ openssh-7.4p1/openbsd-compat/bindresvport.c 2016-12-23 16:40:26.901788691 +0100 @@ -219,23 +183,6 @@ diff -up openssh-8.5p1/readconf.c.coverity openssh-8.5p1/readconf.c goto out; } free(arg2); -diff -up openssh-8.7p1/scp.c.coverity openssh-8.7p1/scp.c ---- openssh-8.7p1/scp.c.coverity 2021-08-30 16:23:35.389741329 +0200 -+++ openssh-8.7p1/scp.c 2021-08-30 16:27:04.854555296 +0200 -@@ -186,11 +186,11 @@ killchild(int signo) - { - if (do_cmd_pid > 1) { - kill(do_cmd_pid, signo ? signo : SIGTERM); -- waitpid(do_cmd_pid, NULL, 0); -+ (void) waitpid(do_cmd_pid, NULL, 0); - } - if (do_cmd_pid2 > 1) { - kill(do_cmd_pid2, signo ? signo : SIGTERM); -- waitpid(do_cmd_pid2, NULL, 0); -+ (void) waitpid(do_cmd_pid2, NULL, 0); - } - - if (signo) diff -up openssh-7.4p1/servconf.c.coverity openssh-7.4p1/servconf.c --- openssh-7.4p1/servconf.c.coverity 2016-12-23 16:40:26.896788690 +0100 +++ openssh-7.4p1/servconf.c 2016-12-23 16:40:26.901788691 +0100 @@ -263,18 +210,6 @@ diff -up openssh-8.7p1/serverloop.c.coverity openssh-8.7p1/serverloop.c if (tun != SSH_TUNID_ANY && auth_opts->force_tun_device != (int)tun) goto done; -diff -up openssh-7.4p1/sftp.c.coverity openssh-7.4p1/sftp.c ---- openssh-7.4p1/sftp.c.coverity 2016-12-19 05:59:41.000000000 +0100 -+++ openssh-7.4p1/sftp.c 2016-12-23 16:40:26.903788691 +0100 -@@ -224,7 +224,7 @@ killchild(int signo) - pid = sshpid; - if (pid > 1) { - kill(pid, SIGTERM); -- waitpid(pid, NULL, 0); -+ (void) waitpid(pid, NULL, 0); - } - - _exit(1); diff -up openssh-7.4p1/ssh-agent.c.coverity openssh-7.4p1/ssh-agent.c --- openssh-7.4p1/ssh-agent.c.coverity 2016-12-19 05:59:41.000000000 +0100 +++ openssh-7.4p1/ssh-agent.c 2016-12-23 16:40:26.903788691 +0100 @@ -286,28 +221,6 @@ diff -up openssh-7.4p1/ssh-agent.c.coverity openssh-7.4p1/ssh-agent.c return NULL; } /* validate also provider from URI */ -@@ -1220,8 +1220,8 @@ main(int ac, char **av) - sanitise_stdfd(); - - /* drop */ -- setegid(getgid()); -- setgid(getgid()); -+ (void) setegid(getgid()); -+ (void) setgid(getgid()); - - platform_disable_tracing(0); /* strict=no */ - -diff -up openssh-8.5p1/ssh.c.coverity openssh-8.5p1/ssh.c ---- openssh-8.5p1/ssh.c.coverity 2021-03-24 12:03:33.779968138 +0100 -+++ openssh-8.5p1/ssh.c 2021-03-24 12:03:33.786968187 +0100 -@@ -1746,6 +1746,7 @@ control_persist_detach(void) - close(muxserver_sock); - muxserver_sock = -1; - options.control_master = SSHCTL_MASTER_NO; -+ /* coverity[leaked_handle: FALSE]*/ - muxclient(options.control_path); - /* muxclient() doesn't return on success. */ - fatal("Failed to connect to new control master"); diff -up openssh-7.4p1/sshd.c.coverity openssh-7.4p1/sshd.c --- openssh-7.4p1/sshd.c.coverity 2016-12-23 16:40:26.897788690 +0100 +++ openssh-7.4p1/sshd.c 2016-12-23 16:40:26.904788692 +0100 diff --git a/openssh-7.2p2-x11.patch b/openssh-7.2p2-x11.patch index 0a19ecb..b27d7c4 100644 --- a/openssh-7.2p2-x11.patch +++ b/openssh-7.2p2-x11.patch @@ -1,21 +1,23 @@ -diff -up openssh-7.2p2/channels.c.x11 openssh-7.2p2/channels.c ---- openssh-7.2p2/channels.c.x11 2016-03-09 19:04:48.000000000 +0100 -+++ openssh-7.2p2/channels.c 2016-06-03 10:42:04.775164520 +0200 -@@ -3990,21 +3990,24 @@ x11_create_display_inet(int x11_display_ +diff --git a/channels.c b/channels.c +--- a/channels.c (revision 8241b9c0529228b4b86d88b1a6076fb9f97e4a99) ++++ b/channels.c (date 1703026069921) +@@ -5075,11 +5075,13 @@ } - + static int -connect_local_xsocket_path(const char *pathname) +connect_local_xsocket_path(const char *pathname, int len) { int sock; struct sockaddr_un addr; - -+ if (len <= 0) -+ return -1; + ++ if (len <= 0) ++ return -1; sock = socket(AF_UNIX, SOCK_STREAM, 0); - if (sock == -1) + if (sock == -1) { error("socket: %.100s", strerror(errno)); +@@ -5087,11 +5089,12 @@ + } memset(&addr, 0, sizeof(addr)); addr.sun_family = AF_UNIX; - strlcpy(addr.sun_path, pathname, sizeof addr.sun_path); @@ -29,8 +31,8 @@ diff -up openssh-7.2p2/channels.c.x11 openssh-7.2p2/channels.c - error("connect %.100s: %.100s", addr.sun_path, strerror(errno)); return -1; } - -@@ -4012,8 +4015,18 @@ static int + +@@ -5099,8 +5102,18 @@ connect_local_xsocket(u_int dnr) { char buf[1024]; diff --git a/openssh-7.8p1-role-mls.patch b/openssh-7.8p1-role-mls.patch index 4dc460a..347766d 100644 --- a/openssh-7.8p1-role-mls.patch +++ b/openssh-7.8p1-role-mls.patch @@ -23,7 +23,7 @@ diff -up openssh/auth2.c.role-mls openssh/auth2.c if ((style = strchr(user, ':')) != NULL) *style++ = 0; -@@ -296,8 +304,15 @@ input_userauth_request(int type, u_int32 +@@ -314,8 +314,15 @@ input_userauth_request(int type, u_int32 use_privsep ? " [net]" : ""); authctxt->service = xstrdup(service); authctxt->style = style ? xstrdup(style) : NULL; @@ -34,12 +34,12 @@ diff -up openssh/auth2.c.role-mls openssh/auth2.c + if (use_privsep) { mm_inform_authserv(service, style); +#ifdef WITH_SELINUX -+ mm_inform_authrole(role); ++ mm_inform_authrole(role); +#endif -+ } ++ } userauth_banner(ssh); - if (auth2_setup_methods_lists(authctxt) != 0) - ssh_packet_disconnect(ssh, + if ((r = kex_server_update_ext_info(ssh)) != 0) + fatal_fr(r, "kex_server_update_ext_info failed"); diff -up openssh/auth2-gss.c.role-mls openssh/auth2-gss.c --- openssh/auth2-gss.c.role-mls 2018-08-20 07:57:29.000000000 +0200 +++ openssh/auth2-gss.c 2018-08-22 11:15:42.459799171 +0200 diff --git a/openssh-8.0p1-gssapi-keyex.patch b/openssh-8.0p1-gssapi-keyex.patch index 89bcd0d..3e5ccec 100644 --- a/openssh-8.0p1-gssapi-keyex.patch +++ b/openssh-8.0p1-gssapi-keyex.patch @@ -144,8 +144,8 @@ index 9351e042..d6446c0c 100644 --- a/auth2-gss.c +++ b/auth2-gss.c @@ -1,7 +1,7 @@ - /* $OpenBSD: auth2-gss.c,v 1.33 2021/12/19 22:12:07 djm Exp $ */ - + /* $OpenBSD: auth2-gss.c,v 1.34 2023/03/31 04:22:27 djm Exp $ */ + /* - * Copyright (c) 2001-2003 Simon Wilkinson. All rights reserved. + * Copyright (c) 2001-2007 Simon Wilkinson. All rights reserved. @@ -1268,7 +1268,7 @@ index ce85f043..574c7609 100644 +#endif + /* prototype */ - static int kex_choose_conf(struct ssh *); + static int kex_choose_conf(struct ssh *, uint32_t seq); static int kex_input_newkeys(int, u_int32_t, struct ssh *); @@ -115,15 +120,28 @@ static const struct kexalg kexalgs[] = { #endif /* HAVE_EVP_SHA256 || !WITH_OPENSSL */ @@ -3400,7 +3400,7 @@ index 60de6087..db5c65bc 100644 .It HashKnownHosts .It Host .It HostbasedAcceptedAlgorithms -@@ -579,6 +585,8 @@ flag), +@@ -624,6 +624,8 @@ (supported message integrity codes), .Ar kex (key exchange algorithms), @@ -3408,7 +3408,7 @@ index 60de6087..db5c65bc 100644 +(GSSAPI key exchange algorithms), .Ar key (key types), - .Ar key-cert + .Ar key-ca-sign diff --git a/ssh.c b/ssh.c index 15aee569..110cf9c1 100644 --- a/ssh.c @@ -3444,7 +3444,7 @@ index 5e8ef548..1ff999b6 100644 +# GSSAPIKeyExchange no +# GSSAPITrustDNS no # BatchMode no - # CheckHostIP yes + # CheckHostIP no # AddressFamily any diff --git a/ssh_config.5 b/ssh_config.5 index 06a32d31..3f490697 100644 @@ -4028,3 +4028,47 @@ index 71a3fddc..37a43a67 100644 KEY_UNSPEC }; +diff --git a/packet.h b/packet.h +--- a/packet.h (revision 8241b9c0529228b4b86d88b1a6076fb9f97e4a99) ++++ b/packet.h (date 1703172586447) +@@ -124,6 +124,7 @@ + int ssh_packet_send2(struct ssh *); + + int ssh_packet_read(struct ssh *); ++int ssh_packet_read_expect(struct ssh *, u_int type); + int ssh_packet_read_poll(struct ssh *); + int ssh_packet_read_poll2(struct ssh *, u_char *, u_int32_t *seqnr_p); + int ssh_packet_process_incoming(struct ssh *, const char *buf, u_int len); +diff --git a/packet.c b/packet.c +--- a/packet.c (revision 8241b9c0529228b4b86d88b1a6076fb9f97e4a99) ++++ b/packet.c (date 1703172586447) +@@ -1425,6 +1416,29 @@ + return type; + } + ++/* ++ * Waits until a packet has been received, verifies that its type matches ++ * that given, and gives a fatal error and exits if there is a mismatch. ++ */ ++ ++int ++ssh_packet_read_expect(struct ssh *ssh, u_int expected_type) ++{ ++ int r; ++ u_char type; ++ ++ if ((r = ssh_packet_read_seqnr(ssh, &type, NULL)) != 0) ++ return r; ++ if (type != expected_type) { ++ if ((r = sshpkt_disconnect(ssh, ++ "Protocol error: expected packet type %d, got %d", ++ expected_type, type)) != 0) ++ return r; ++ return SSH_ERR_PROTOCOL_ERROR; ++ } ++ return 0; ++} ++ + static int + ssh_packet_read_poll2_mux(struct ssh *ssh, u_char *typep, u_int32_t *seqnr_p) + { diff --git a/openssh-8.0p1-pkcs11-uri.patch b/openssh-8.0p1-pkcs11-uri.patch index 551351c..1e7940d 100644 --- a/openssh-8.0p1-pkcs11-uri.patch +++ b/openssh-8.0p1-pkcs11-uri.patch @@ -1,7 +1,7 @@ -diff -up openssh-8.7p1/configure.ac.pkcs11-uri openssh-8.7p1/configure.ac ---- openssh-8.7p1/configure.ac.pkcs11-uri 2021-08-30 13:07:43.646699953 +0200 -+++ openssh-8.7p1/configure.ac 2021-08-30 13:07:43.662700088 +0200 -@@ -1985,12 +1985,14 @@ AC_LINK_IFELSE( +diff -up openssh-9.6p1/configure.ac.pkcs11-uri openssh-9.6p1/configure.ac +--- openssh-9.6p1/configure.ac.pkcs11-uri 2024-01-12 14:25:25.228942213 +0100 ++++ openssh-9.6p1/configure.ac 2024-01-12 14:25:25.233942336 +0100 +@@ -2066,12 +2066,14 @@ AC_LINK_IFELSE( [AC_DEFINE([HAVE_ISBLANK], [1], [Define if you have isblank(3C).]) ]) @@ -16,7 +16,7 @@ diff -up openssh-8.7p1/configure.ac.pkcs11-uri openssh-8.7p1/configure.ac fi ] ) -@@ -2019,6 +2021,40 @@ AC_SEARCH_LIBS([dlopen], [dl]) +@@ -2095,6 +2097,40 @@ AC_SEARCH_LIBS([dlopen], [dl]) AC_CHECK_FUNCS([dlopen]) AC_CHECK_DECL([RTLD_NOW], [], [], [#include ]) @@ -57,7 +57,7 @@ diff -up openssh-8.7p1/configure.ac.pkcs11-uri openssh-8.7p1/configure.ac # IRIX has a const char return value for gai_strerror() AC_CHECK_FUNCS([gai_strerror], [ AC_DEFINE([HAVE_GAI_STRERROR]) -@@ -5624,6 +5660,7 @@ echo " BSD Auth support +@@ -5708,6 +5744,7 @@ echo " BSD Auth support echo " Random number source: $RAND_MSG" echo " Privsep sandbox style: $SANDBOX_STYLE" echo " PKCS#11 support: $enable_pkcs11" @@ -65,10 +65,10 @@ diff -up openssh-8.7p1/configure.ac.pkcs11-uri openssh-8.7p1/configure.ac echo " U2F/FIDO support: $enable_sk" echo "" -diff -up openssh-8.7p1/Makefile.in.pkcs11-uri openssh-8.7p1/Makefile.in ---- openssh-8.7p1/Makefile.in.pkcs11-uri 2021-08-30 13:07:43.571699324 +0200 -+++ openssh-8.7p1/Makefile.in 2021-08-30 13:07:43.663700096 +0200 -@@ -105,7 +105,7 @@ +diff -up openssh-9.6p1/Makefile.in.pkcs11-uri openssh-9.6p1/Makefile.in +--- openssh-9.6p1/Makefile.in.pkcs11-uri 2024-01-12 14:25:25.204941622 +0100 ++++ openssh-9.6p1/Makefile.in 2024-01-12 14:25:25.233942336 +0100 +@@ -105,7 +105,7 @@ LIBSSH_OBJS=${LIBOPENSSH_OBJS} \ monitor_fdpass.o rijndael.o ssh-dss.o ssh-ecdsa.o ssh-ecdsa-sk.o \ ssh-ed25519-sk.o ssh-rsa.o dh.o \ msg.o progressmeter.o dns.o entropy.o gss-genr.o umac.o umac128.o \ @@ -77,7 +77,7 @@ diff -up openssh-8.7p1/Makefile.in.pkcs11-uri openssh-8.7p1/Makefile.in poly1305.o chacha.o cipher-chachapoly.o cipher-chachapoly-libcrypto.o \ ssh-ed25519.o digest-openssl.o digest-libc.o \ hmac.o ed25519.o hash.o \ -@@ -302,6 +302,8 @@ clean: regressclean +@@ -299,6 +299,8 @@ clean: regressclean rm -f regress/unittests/sshsig/test_sshsig$(EXEEXT) rm -f regress/unittests/utf8/*.o rm -f regress/unittests/utf8/test_utf8$(EXEEXT) @@ -86,15 +86,15 @@ diff -up openssh-8.7p1/Makefile.in.pkcs11-uri openssh-8.7p1/Makefile.in rm -f regress/misc/sk-dummy/*.o rm -f regress/misc/sk-dummy/*.lo rm -f regress/misc/sk-dummy/sk-dummy.so -@@ -339,6 +341,8 @@ distclean: regressclean +@@ -336,6 +338,8 @@ distclean: regressclean rm -f regress/unittests/sshsig/test_sshsig rm -f regress/unittests/utf8/*.o rm -f regress/unittests/utf8/test_utf8 + rm -f regress/unittests/pkcs11/*.o + rm -f regress/unittests/pkcs11/test_pkcs11 - rm -f regress/misc/sk-dummy/*.o - rm -f regress/misc/sk-dummy/*.lo - rm -f regress/misc/sk-dummy/sk-dummy.so + rm -f regress/misc/sk-dummy/*.o + rm -f regress/misc/sk-dummy/*.lo + rm -f regress/misc/sk-dummy/sk-dummy.so @@ -513,6 +517,7 @@ regress-prep: $(MKDIR_P) `pwd`/regress/unittests/sshkey $(MKDIR_P) `pwd`/regress/unittests/sshsig @@ -103,7 +103,7 @@ diff -up openssh-8.7p1/Makefile.in.pkcs11-uri openssh-8.7p1/Makefile.in $(MKDIR_P) `pwd`/regress/misc/sk-dummy [ -f `pwd`/regress/Makefile ] || \ ln -s `cd $(srcdir) && pwd`/regress/Makefile `pwd`/regress/Makefile -@@ -685,6 +690,16 @@ +@@ -685,6 +690,16 @@ regress/unittests/utf8/test_utf8$(EXEEXT regress/unittests/test_helper/libtest_helper.a \ -lssh -lopenbsd-compat -lssh -lopenbsd-compat $(TESTLIBS) @@ -120,7 +120,7 @@ diff -up openssh-8.7p1/Makefile.in.pkcs11-uri openssh-8.7p1/Makefile.in # These all need to be compiled -fPIC, so they are treated differently. SK_DUMMY_OBJS=\ regress/misc/sk-dummy/sk-dummy.lo \ -@@ -711,7 +726,8 @@ regress-unit-binaries: regress-prep $(RE +@@ -720,7 +735,8 @@ regress-unit-binaries: regress-prep $(RE regress/unittests/sshbuf/test_sshbuf$(EXEEXT) \ regress/unittests/sshkey/test_sshkey$(EXEEXT) \ regress/unittests/sshsig/test_sshsig$(EXEEXT) \ @@ -128,24 +128,12 @@ diff -up openssh-8.7p1/Makefile.in.pkcs11-uri openssh-8.7p1/Makefile.in + regress/unittests/utf8/test_utf8$(EXEEXT) \ + regress/unittests/pkcs11/test_pkcs11$(EXEEXT) \ - tests: file-tests t-exec interop-tests unit + tests: file-tests t-exec interop-tests extra-tests unit echo all tests passed -diff -up openssh-8.7p1/regress/agent-pkcs11.sh.pkcs11-uri openssh-8.7p1/regress/agent-pkcs11.sh ---- openssh-8.7p1/regress/agent-pkcs11.sh.pkcs11-uri 2021-08-20 06:03:49.000000000 +0200 -+++ openssh-8.7p1/regress/agent-pkcs11.sh 2021-08-30 13:07:43.663700096 +0200 -@@ -113,7 +113,7 @@ else - done - - trace "remove pkcs11 keys" -- echo ${TEST_SSH_PIN} | notty ${SSHADD} -e ${TEST_SSH_PKCS11} > /dev/null 2>&1 -+ ${SSHADD} -e ${TEST_SSH_PKCS11} > /dev/null 2>&1 - r=$? - if [ $r -ne 0 ]; then - fail "ssh-add -e failed: exit code $r" -diff -up openssh-8.7p1/regress/Makefile.pkcs11-uri openssh-8.7p1/regress/Makefile ---- openssh-8.7p1/regress/Makefile.pkcs11-uri 2021-08-20 06:03:49.000000000 +0200 -+++ openssh-8.7p1/regress/Makefile 2021-08-30 13:07:43.663700096 +0200 -@@ -122,7 +122,8 @@ CLEANFILES= *.core actual agent-key.* au +diff -up openssh-9.6p1/regress/Makefile.pkcs11-uri openssh-9.6p1/regress/Makefile +--- openssh-9.6p1/regress/Makefile.pkcs11-uri 2023-12-18 15:59:50.000000000 +0100 ++++ openssh-9.6p1/regress/Makefile 2024-01-12 14:25:25.233942336 +0100 +@@ -134,7 +134,8 @@ CLEANFILES= *.core actual agent-key.* au known_hosts known_hosts-cert known_hosts.* krl-* ls.copy \ modpipe netcat no_identity_config \ pidfile putty.rsa2 ready regress.log remote_pid \ @@ -155,7 +143,7 @@ diff -up openssh-8.7p1/regress/Makefile.pkcs11-uri openssh-8.7p1/regress/Makefil rsa_ssh2_crnl.prv scp-ssh-wrapper.exe \ scp-ssh-wrapper.scp setuid-allowed sftp-server.log \ sftp-server.sh sftp.log ssh-log-wrapper.sh ssh.log \ -@@ -252,8 +253,9 @@ unit: +@@ -273,8 +274,9 @@ unit: V="" ; \ test "x${USE_VALGRIND}" = "x" || \ V=${.CURDIR}/valgrind-unit.sh ; \ @@ -167,9 +155,9 @@ diff -up openssh-8.7p1/regress/Makefile.pkcs11-uri openssh-8.7p1/regress/Makefil -d ${.CURDIR}/unittests/sshkey/testdata ; \ $$V ${.OBJDIR}/unittests/sshsig/test_sshsig \ -d ${.CURDIR}/unittests/sshsig/testdata ; \ -diff -up openssh-8.7p1/regress/pkcs11.sh.pkcs11-uri openssh-8.7p1/regress/pkcs11.sh ---- openssh-8.7p1/regress/pkcs11.sh.pkcs11-uri 2021-08-30 13:07:43.663700096 +0200 -+++ openssh-8.7p1/regress/pkcs11.sh 2021-08-30 13:07:43.663700096 +0200 +diff -up openssh-9.6p1/regress/pkcs11.sh.pkcs11-uri openssh-9.6p1/regress/pkcs11.sh +--- openssh-9.6p1/regress/pkcs11.sh.pkcs11-uri 2024-01-12 14:25:25.233942336 +0100 ++++ openssh-9.6p1/regress/pkcs11.sh 2024-01-12 14:25:25.233942336 +0100 @@ -0,0 +1,349 @@ +# +# Copyright (c) 2017 Red Hat @@ -520,20 +508,20 @@ diff -up openssh-8.7p1/regress/pkcs11.sh.pkcs11-uri openssh-8.7p1/regress/pkcs11 + trace "kill agent" + ${SSHAGENT} -k > /dev/null +fi -diff -up openssh-8.7p1/regress/unittests/Makefile.pkcs11-uri openssh-8.7p1/regress/unittests/Makefile ---- openssh-8.7p1/regress/unittests/Makefile.pkcs11-uri 2021-08-20 06:03:49.000000000 +0200 -+++ openssh-8.7p1/regress/unittests/Makefile 2021-08-30 13:07:43.663700096 +0200 -@@ -2,6 +2,6 @@ +diff -up openssh-9.6p1/regress/unittests/Makefile.pkcs11-uri openssh-9.6p1/regress/unittests/Makefile +--- openssh-9.6p1/regress/unittests/Makefile.pkcs11-uri 2023-12-18 15:59:50.000000000 +0100 ++++ openssh-9.6p1/regress/unittests/Makefile 2024-01-12 14:25:25.233942336 +0100 +@@ -1,6 +1,6 @@ + # $OpenBSD: Makefile,v 1.13 2023/09/24 08:14:13 claudio Exp $ - REGRESS_FAIL_EARLY?= yes SUBDIR= test_helper sshbuf sshkey bitmap kex hostkeys utf8 match conversion -SUBDIR+=authopt misc sshsig +SUBDIR+=authopt misc sshsig pkcs11 .include -diff -up openssh-8.7p1/regress/unittests/pkcs11/tests.c.pkcs11-uri openssh-8.7p1/regress/unittests/pkcs11/tests.c ---- openssh-8.7p1/regress/unittests/pkcs11/tests.c.pkcs11-uri 2021-08-30 13:07:43.664700104 +0200 -+++ openssh-8.7p1/regress/unittests/pkcs11/tests.c 2021-08-30 13:07:43.664700104 +0200 +diff -up openssh-9.6p1/regress/unittests/pkcs11/tests.c.pkcs11-uri openssh-9.6p1/regress/unittests/pkcs11/tests.c +--- openssh-9.6p1/regress/unittests/pkcs11/tests.c.pkcs11-uri 2024-01-12 14:25:25.233942336 +0100 ++++ openssh-9.6p1/regress/unittests/pkcs11/tests.c 2024-01-12 14:25:25.233942336 +0100 @@ -0,0 +1,346 @@ +/* + * Copyright (c) 2017 Red Hat @@ -881,10 +869,10 @@ diff -up openssh-8.7p1/regress/unittests/pkcs11/tests.c.pkcs11-uri openssh-8.7p1 + test_parse_invalid(); + test_generate_valid(); +} -diff -up openssh-8.7p1/ssh-add.c.pkcs11-uri openssh-8.7p1/ssh-add.c ---- openssh-8.7p1/ssh-add.c.pkcs11-uri 2021-08-20 06:03:49.000000000 +0200 -+++ openssh-8.7p1/ssh-add.c 2021-08-30 13:07:43.664700104 +0200 -@@ -68,6 +68,7 @@ +diff -up openssh-9.6p1/ssh-add.c.pkcs11-uri openssh-9.6p1/ssh-add.c +--- openssh-9.6p1/ssh-add.c.pkcs11-uri 2023-12-18 15:59:50.000000000 +0100 ++++ openssh-9.6p1/ssh-add.c 2024-01-12 14:25:25.233942336 +0100 +@@ -69,6 +69,7 @@ #include "ssh-sk.h" #include "sk-api.h" #include "hostfile.h" @@ -892,12 +880,16 @@ diff -up openssh-8.7p1/ssh-add.c.pkcs11-uri openssh-8.7p1/ssh-add.c /* argv0 */ extern char *__progname; -@@ -229,6 +230,34 @@ delete_all(int agent_fd, int qflag) +@@ -240,6 +241,38 @@ delete_all(int agent_fd, int qflag) return ret; } +#ifdef ENABLE_PKCS11 -+static int update_card(int, int, const char *, int, struct dest_constraint **, size_t, char *); ++static int ++update_card(int agent_fd, int add, const char *id, int qflag, ++ int key_only, int cert_only, ++ struct dest_constraint **dest_constraints, size_t ndest_constraints, ++ struct sshkey **certs, size_t ncerts, char *pin); + +int +update_pkcs11_uri(int agent_fd, int adding, const char *pkcs11_uri, int qflag, @@ -919,32 +911,35 @@ diff -up openssh-8.7p1/ssh-add.c.pkcs11-uri openssh-8.7p1/ssh-add.c + } + pkcs11_uri_cleanup(uri); + -+ return update_card(agent_fd, adding, pkcs11_uri, qflag, -+ dest_constraints, ndest_constraints, pin); ++ return update_card(agent_fd, adding, pkcs11_uri, qflag, 1, 0, ++ dest_constraints, ndest_constraints, NULL, 0, pin); +} +#endif + static int - add_file(int agent_fd, const char *filename, int key_only, int qflag, - const char *skprovider, struct dest_constraint **dest_constraints, -@@ -445,12 +472,11 @@ add_file(int agent_fd, const char *filen - - static int + add_file(int agent_fd, const char *filename, int key_only, int cert_only, + int qflag, const char *skprovider, +@@ -460,15 +489,14 @@ static int update_card(int agent_fd, int add, const char *id, int qflag, -- struct dest_constraint **dest_constraints, size_t ndest_constraints) -+ struct dest_constraint **dest_constraints, size_t ndest_constraints, char *pin) + int key_only, int cert_only, + struct dest_constraint **dest_constraints, size_t ndest_constraints, +- struct sshkey **certs, size_t ncerts) ++ struct sshkey **certs, size_t ncerts, char *pin) { - char *pin = NULL; int r, ret = -1; + if (key_only) + ncerts = 0; + - if (add) { + if (add && pin == NULL) { if ((pin = read_passphrase("Enter passphrase for PKCS#11: ", RP_ALLOW_STDIN)) == NULL) return -1; -@@ -630,6 +656,14 @@ static int - const char *skprovider, struct dest_constraint **dest_constraints, - size_t ndest_constraints) +@@ -656,6 +684,14 @@ do_file(int agent_fd, int deleting, int + char *file, int qflag, const char *skprovider, + struct dest_constraint **dest_constraints, size_t ndest_constraints) { +#ifdef ENABLE_PKCS11 + if (strlen(file) >= strlen(PKCS11_URI_SCHEME) && @@ -955,21 +950,21 @@ diff -up openssh-8.7p1/ssh-add.c.pkcs11-uri openssh-8.7p1/ssh-add.c + } +#endif if (deleting) { - if (delete_file(agent_fd, file, key_only, qflag) == -1) - return -1; -@@ -813,7 +846,7 @@ main(int argc, char **argv) - } - if (pkcs11provider != NULL) { + if (delete_file(agent_fd, file, key_only, + cert_only, qflag) == -1) +@@ -999,7 +1035,7 @@ main(int argc, char **argv) if (update_card(agent_fd, !deleting, pkcs11provider, -- qflag, dest_constraints, ndest_constraints) == -1) -+ qflag, dest_constraints, ndest_constraints, NULL) == -1) + qflag, key_only, cert_only, + dest_constraints, ndest_constraints, +- certs, ncerts) == -1) ++ certs, ncerts, NULL) == -1) ret = 1; goto done; } -diff -up openssh-8.7p1/ssh-agent.c.pkcs11-uri openssh-8.7p1/ssh-agent.c ---- openssh-8.7p1/ssh-agent.c.pkcs11-uri 2021-08-20 06:03:49.000000000 +0200 -+++ openssh-8.7p1/ssh-agent.c 2021-08-30 13:07:43.664700104 +0200 -@@ -847,10 +847,72 @@ no_identities(SocketEntry *e) +diff -up openssh-9.6p1/ssh-agent.c.pkcs11-uri openssh-9.6p1/ssh-agent.c +--- openssh-9.6p1/ssh-agent.c.pkcs11-uri 2023-12-18 15:59:50.000000000 +0100 ++++ openssh-9.6p1/ssh-agent.c 2024-01-12 14:25:25.234942360 +0100 +@@ -1549,10 +1549,72 @@ add_p11_identity(struct sshkey *key, cha } #ifdef ENABLE_PKCS11 @@ -1043,25 +1038,23 @@ diff -up openssh-8.7p1/ssh-agent.c.pkcs11-uri openssh-8.7p1/ssh-agent.c char **comments = NULL; int r, i, count = 0, success = 0, confirm = 0; u_int seconds = 0; -@@ -869,33 +931,28 @@ process_add_smartcard_key(SocketEntry *e - error_f("failed to parse constraints"); +@@ -1581,25 +1643,18 @@ process_add_smartcard_key(SocketEntry *e + "providers is disabled", provider); goto send; } - if (realpath(provider, canonical_provider) == NULL) { - verbose("failed PKCS#11 add of \"%.100s\": realpath: %s", - provider, strerror(errno)); -- goto send; -- } -- if (match_pattern_list(canonical_provider, allowed_providers, 0) != 1) { -- verbose("refusing PKCS#11 add of \"%.100s\": " -- "provider not allowed", canonical_provider); -+ + sane_uri = sanitize_pkcs11_provider(provider); + if (sane_uri == NULL) goto send; - } +- if (match_pattern_list(canonical_provider, allowed_providers, 0) != 1) { +- verbose("refusing PKCS#11 add of \"%.100s\": " +- "provider not allowed", canonical_provider); +- goto send; +- } - debug_f("add %.100s", canonical_provider); -+ if (lifetime && !death) death = monotime() + lifetime; @@ -1069,31 +1062,38 @@ diff -up openssh-8.7p1/ssh-agent.c.pkcs11-uri openssh-8.7p1/ssh-agent.c + debug_f("add %.100s", sane_uri); + count = pkcs11_add_provider(sane_uri, pin, &keys, &comments); for (i = 0; i < count; i++) { - k = keys[i]; - if (lookup_identity(k) == NULL) { - id = xcalloc(1, sizeof(Identity)); - id->key = k; - keys[i] = NULL; /* transferred */ -- id->provider = xstrdup(canonical_provider); -+ id->provider = xstrdup(sane_uri); - if (*comments[i] != '\0') { - id->comment = comments[i]; - comments[i] = NULL; /* transferred */ - } else { -- id->comment = xstrdup(canonical_provider); -+ id->comment = xstrdup(sane_uri); - } - id->death = death; - id->confirm = confirm; -@@ -910,6 +967,7 @@ process_add_smartcard_key(SocketEntry *e + if (comments[i] == NULL || comments[i][0] == '\0') { + free(comments[i]); +- comments[i] = xstrdup(canonical_provider); ++ comments[i] = xstrdup(sane_uri); + } + for (j = 0; j < ncerts; j++) { + if (!sshkey_is_cert(certs[j])) +@@ -1609,13 +1664,13 @@ process_add_smartcard_key(SocketEntry *e + if (pkcs11_make_cert(keys[i], certs[j], &k) != 0) + continue; + add_p11_identity(k, xstrdup(comments[i]), +- canonical_provider, death, confirm, ++ sane_uri, death, confirm, + dest_constraints, ndest_constraints); + success = 1; + } + if (!cert_only && lookup_identity(keys[i]) == NULL) { + add_p11_identity(keys[i], comments[i], +- canonical_provider, death, confirm, ++ sane_uri, death, confirm, + dest_constraints, ndest_constraints); + keys[i] = NULL; /* transferred */ + comments[i] = NULL; /* transferred */ +@@ -1628,6 +1683,7 @@ process_add_smartcard_key(SocketEntry *e send: free(pin); free(provider); + free(sane_uri); free(keys); free(comments); - free_dest_constraints(dest_constraints, ndest_constraints); -@@ -918,7 +976,7 @@ send: + free_dest_constraints(dest_constraints, ndest_constraints); +@@ -1640,7 +1696,7 @@ send: static void process_remove_smartcard_key(SocketEntry *e) { @@ -1102,7 +1102,7 @@ diff -up openssh-8.7p1/ssh-agent.c.pkcs11-uri openssh-8.7p1/ssh-agent.c int r, success = 0; Identity *id, *nxt; -@@ -930,30 +988,29 @@ process_remove_smartcard_key(SocketEntry +@@ -1652,30 +1708,29 @@ process_remove_smartcard_key(SocketEntry } free(pin); @@ -1139,10 +1139,10 @@ diff -up openssh-8.7p1/ssh-agent.c.pkcs11-uri openssh-8.7p1/ssh-agent.c send_status(e, success); } #endif /* ENABLE_PKCS11 */ -diff -up openssh-8.7p1/ssh_config.5.pkcs11-uri openssh-8.7p1/ssh_config.5 ---- openssh-8.7p1/ssh_config.5.pkcs11-uri 2021-08-30 13:07:43.578699383 +0200 -+++ openssh-8.7p1/ssh_config.5 2021-08-30 13:07:43.664700104 +0200 -@@ -1111,6 +1111,21 @@ may also be used in conjunction with +diff -up openssh-9.6p1/ssh_config.5.pkcs11-uri openssh-9.6p1/ssh_config.5 +--- openssh-9.6p1/ssh_config.5.pkcs11-uri 2024-01-12 14:25:25.208941721 +0100 ++++ openssh-9.6p1/ssh_config.5 2024-01-12 14:25:25.234942360 +0100 +@@ -1216,6 +1216,21 @@ may also be used in conjunction with .Cm CertificateFile in order to provide any certificate also needed for authentication with the identity. @@ -1164,10 +1164,10 @@ diff -up openssh-8.7p1/ssh_config.5.pkcs11-uri openssh-8.7p1/ssh_config.5 .It Cm IgnoreUnknown Specifies a pattern-list of unknown options to be ignored if they are encountered in configuration parsing. -diff -up openssh-8.7p1/ssh.c.pkcs11-uri openssh-8.7p1/ssh.c ---- openssh-8.7p1/ssh.c.pkcs11-uri 2021-08-30 13:07:43.578699383 +0200 -+++ openssh-8.7p1/ssh.c 2021-08-30 13:07:43.666700121 +0200 -@@ -826,6 +826,14 @@ main(int ac, char **av) +diff -up openssh-9.6p1/ssh.c.pkcs11-uri openssh-9.6p1/ssh.c +--- openssh-9.6p1/ssh.c.pkcs11-uri 2024-01-12 14:25:25.208941721 +0100 ++++ openssh-9.6p1/ssh.c 2024-01-12 14:25:25.234942360 +0100 +@@ -882,6 +882,14 @@ main(int ac, char **av) options.gss_deleg_creds = 1; break; case 'i': @@ -1182,7 +1182,7 @@ diff -up openssh-8.7p1/ssh.c.pkcs11-uri openssh-8.7p1/ssh.c p = tilde_expand_filename(optarg, getuid()); if (stat(p, &st) == -1) fprintf(stderr, "Warning: Identity file %s " -@@ -1681,6 +1689,7 @@ main(int ac, char **av) +@@ -1784,6 +1792,7 @@ main(int ac, char **av) #ifdef ENABLE_PKCS11 (void)pkcs11_del_provider(options.pkcs11_provider); #endif @@ -1190,7 +1190,7 @@ diff -up openssh-8.7p1/ssh.c.pkcs11-uri openssh-8.7p1/ssh.c skip_connect: exit_status = ssh_session2(ssh, cinfo); -@@ -2197,6 +2206,45 @@ ssh_session2(struct ssh *ssh, const stru +@@ -2307,6 +2316,45 @@ ssh_session2(struct ssh *ssh, const stru options.escape_char : SSH_ESCAPECHAR_NONE, id); } @@ -1236,7 +1236,7 @@ diff -up openssh-8.7p1/ssh.c.pkcs11-uri openssh-8.7p1/ssh.c /* Loads all IdentityFile and CertificateFile keys */ static void load_public_identity_files(const struct ssh_conn_info *cinfo) -@@ -2211,11 +2259,6 @@ load_public_identity_files(const struct +@@ -2321,11 +2369,6 @@ load_public_identity_files(const struct char *certificate_files[SSH_MAX_CERTIFICATE_FILES]; struct sshkey *certificates[SSH_MAX_CERTIFICATE_FILES]; int certificate_file_userprovided[SSH_MAX_CERTIFICATE_FILES]; @@ -1248,7 +1248,7 @@ diff -up openssh-8.7p1/ssh.c.pkcs11-uri openssh-8.7p1/ssh.c n_ids = n_certs = 0; memset(identity_files, 0, sizeof(identity_files)); -@@ -2228,33 +2271,46 @@ load_public_identity_files(const struct +@@ -2338,33 +2381,46 @@ load_public_identity_files(const struct sizeof(certificate_file_userprovided)); #ifdef ENABLE_PKCS11 @@ -1314,10 +1314,10 @@ diff -up openssh-8.7p1/ssh.c.pkcs11-uri openssh-8.7p1/ssh.c filename = default_client_percent_dollar_expand(cp, cinfo); free(cp); check_load(sshkey_load_public(filename, &public, NULL), -diff -up openssh-8.7p1/ssh-keygen.c.pkcs11-uri openssh-8.7p1/ssh-keygen.c ---- openssh-8.7p1/ssh-keygen.c.pkcs11-uri 2021-08-20 06:03:49.000000000 +0200 -+++ openssh-8.7p1/ssh-keygen.c 2021-08-30 13:07:43.666700121 +0200 -@@ -860,8 +860,11 @@ do_download(struct passwd *pw) +diff -up openssh-9.6p1/ssh-keygen.c.pkcs11-uri openssh-9.6p1/ssh-keygen.c +--- openssh-9.6p1/ssh-keygen.c.pkcs11-uri 2023-12-18 15:59:50.000000000 +0100 ++++ openssh-9.6p1/ssh-keygen.c 2024-01-12 14:25:25.234942360 +0100 +@@ -862,8 +862,11 @@ do_download(struct passwd *pw) free(fp); } else { (void) sshkey_write(keys[i], stdout); /* XXX check */ @@ -1331,19 +1331,19 @@ diff -up openssh-8.7p1/ssh-keygen.c.pkcs11-uri openssh-8.7p1/ssh-keygen.c } free(comments[i]); sshkey_free(keys[i]); -diff -up openssh-8.7p1/ssh-pkcs11-client.c.pkcs11-uri openssh-8.7p1/ssh-pkcs11-client.c ---- openssh-8.7p1/ssh-pkcs11-client.c.pkcs11-uri 2021-08-20 06:03:49.000000000 +0200 -+++ openssh-8.7p1/ssh-pkcs11-client.c 2021-08-30 13:07:43.666700121 +0200 -@@ -323,6 +323,8 @@ pkcs11_add_provider(char *name, char *pi - u_int nkeys, i; +diff -up openssh-9.6p1/ssh-pkcs11-client.c.pkcs11-uri openssh-9.6p1/ssh-pkcs11-client.c +--- openssh-9.6p1/ssh-pkcs11-client.c.pkcs11-uri 2023-12-18 15:59:50.000000000 +0100 ++++ openssh-9.6p1/ssh-pkcs11-client.c 2024-01-12 14:25:25.234942360 +0100 +@@ -592,6 +592,8 @@ pkcs11_add_provider(char *name, char *pi struct sshbuf *msg; + struct helper *helper; + debug_f("called, name = %s", name); + - if (fd < 0 && pkcs11_start_helper() < 0) - return (-1); - -@@ -342,6 +344,7 @@ pkcs11_add_provider(char *name, char *pi + if ((helper = helper_by_provider(name)) == NULL && + (helper = pkcs11_start_helper(name)) == NULL) + return -1; +@@ -612,6 +614,7 @@ pkcs11_add_provider(char *name, char *pi *keysp = xcalloc(nkeys, sizeof(struct sshkey *)); if (labelsp) *labelsp = xcalloc(nkeys, sizeof(char *)); @@ -1351,9 +1351,9 @@ diff -up openssh-8.7p1/ssh-pkcs11-client.c.pkcs11-uri openssh-8.7p1/ssh-pkcs11-c for (i = 0; i < nkeys; i++) { /* XXX clean up properly instead of fatal() */ if ((r = sshbuf_get_string(msg, &blob, &blen)) != 0 || -diff -up openssh-8.7p1/ssh-pkcs11.c.pkcs11-uri openssh-8.7p1/ssh-pkcs11.c ---- openssh-8.7p1/ssh-pkcs11.c.pkcs11-uri 2021-08-20 06:03:49.000000000 +0200 -+++ openssh-8.7p1/ssh-pkcs11.c 2021-08-30 13:12:27.709084157 +0200 +diff -up openssh-9.6p1/ssh-pkcs11.c.pkcs11-uri openssh-9.6p1/ssh-pkcs11.c +--- openssh-9.6p1/ssh-pkcs11.c.pkcs11-uri 2023-12-18 15:59:50.000000000 +0100 ++++ openssh-9.6p1/ssh-pkcs11.c 2024-01-12 14:28:09.170975480 +0100 @@ -55,8 +55,8 @@ struct pkcs11_slotinfo { int logged_in; }; @@ -1537,10 +1537,10 @@ diff -up openssh-8.7p1/ssh-pkcs11.c.pkcs11-uri openssh-8.7p1/ssh-pkcs11.c struct pkcs11_provider *p; + int rv = -1; + char *provider_uri = pkcs11_uri_get(uri); ++ ++ debug3_f("called with provider %s", provider_uri); - if ((p = pkcs11_provider_lookup(provider_id)) != NULL) { -+ debug3_f("called with provider %s", provider_uri); -+ + if ((p = pkcs11_provider_lookup(provider_uri)) != NULL) { TAILQ_REMOVE(&pkcs11_providers, p, next); pkcs11_provider_finalize(p); @@ -1611,7 +1611,7 @@ diff -up openssh-8.7p1/ssh-pkcs11.c.pkcs11-uri openssh-8.7p1/ssh-pkcs11.c /* release a wrapped object */ static void pkcs11_k11_free(void *parent, void *ptr, CRYPTO_EX_DATA *ad, int idx, -@@ -208,6 +348,7 @@ pkcs11_k11_free(void *parent, void *ptr, +@@ -208,6 +349,7 @@ pkcs11_k11_free(void *parent, void *ptr, if (k11->provider) pkcs11_provider_unref(k11->provider); free(k11->keyid); @@ -1619,7 +1619,7 @@ diff -up openssh-8.7p1/ssh-pkcs11.c.pkcs11-uri openssh-8.7p1/ssh-pkcs11.c free(k11); } -@@ -222,8 +363,8 @@ pkcs11_find(struct pkcs11_provider *p, C +@@ -222,8 +364,8 @@ pkcs11_find(struct pkcs11_provider *p, C CK_RV rv; int ret = -1; @@ -1630,7 +1630,7 @@ diff -up openssh-8.7p1/ssh-pkcs11.c.pkcs11-uri openssh-8.7p1/ssh-pkcs11.c if ((rv = f->C_FindObjectsInit(session, attr, nattr)) != CKR_OK) { error("C_FindObjectsInit failed (nattr %lu): %lu", nattr, rv); return (-1); -@@ -260,14 +403,14 @@ pkcs11_login_slot(struct pkcs11_provider +@@ -260,14 +402,14 @@ pkcs11_login_slot(struct pkcs11_provider if (si->token.flags & CKF_PROTECTED_AUTHENTICATION_PATH) verbose("Deferring PIN entry to reader keypad."); else { @@ -1648,7 +1648,7 @@ diff -up openssh-8.7p1/ssh-pkcs11.c.pkcs11-uri openssh-8.7p1/ssh-pkcs11.c (pin != NULL) ? strlen(pin) : 0); if (pin != NULL) freezero(pin, strlen(pin)); -@@ -297,13 +438,14 @@ pkcs11_login_slot(struct pkcs11_provider +@@ -297,13 +439,14 @@ pkcs11_login_slot(struct pkcs11_provider static int pkcs11_login(struct pkcs11_key *k11, CK_USER_TYPE type) { @@ -1665,7 +1665,7 @@ diff -up openssh-8.7p1/ssh-pkcs11.c.pkcs11-uri openssh-8.7p1/ssh-pkcs11.c } -@@ -319,13 +461,14 @@ pkcs11_check_obj_bool_attrib(struct pkcs +@@ -319,13 +462,14 @@ pkcs11_check_obj_bool_attrib(struct pkcs *val = 0; @@ -1683,7 +1683,7 @@ diff -up openssh-8.7p1/ssh-pkcs11.c.pkcs11-uri openssh-8.7p1/ssh-pkcs11.c attr.type = type; attr.pValue = &flag; -@@ -356,13 +499,14 @@ pkcs11_get_key(struct pkcs11_key *k11, C +@@ -356,13 +500,14 @@ pkcs11_get_key(struct pkcs11_key *k11, C int always_auth = 0; int did_login = 0; @@ -1701,7 +1701,7 @@ diff -up openssh-8.7p1/ssh-pkcs11.c.pkcs11-uri openssh-8.7p1/ssh-pkcs11.c if ((si->token.flags & CKF_LOGIN_REQUIRED) && !si->logged_in) { if (pkcs11_login(k11, CKU_USER) < 0) { -@@ -439,8 +583,8 @@ pkcs11_rsa_private_encrypt(int flen, con +@@ -439,8 +584,8 @@ pkcs11_rsa_private_encrypt(int flen, con return (-1); } @@ -1712,7 +1712,7 @@ diff -up openssh-8.7p1/ssh-pkcs11.c.pkcs11-uri openssh-8.7p1/ssh-pkcs11.c tlen = RSA_size(rsa); /* XXX handle CKR_BUFFER_TOO_SMALL */ -@@ -484,7 +628,7 @@ pkcs11_rsa_start_wrapper(void) +@@ -484,7 +629,7 @@ pkcs11_rsa_start_wrapper(void) /* redirect private key operations for rsa key to pkcs11 token */ static int pkcs11_rsa_wrap(struct pkcs11_provider *provider, CK_ULONG slotidx, @@ -1721,7 +1721,7 @@ diff -up openssh-8.7p1/ssh-pkcs11.c.pkcs11-uri openssh-8.7p1/ssh-pkcs11.c { struct pkcs11_key *k11; -@@ -502,6 +646,12 @@ pkcs11_rsa_wrap(struct pkcs11_provider * +@@ -502,6 +647,12 @@ pkcs11_rsa_wrap(struct pkcs11_provider * memcpy(k11->keyid, keyid_attrib->pValue, k11->keyid_len); } @@ -1734,7 +1734,7 @@ diff -up openssh-8.7p1/ssh-pkcs11.c.pkcs11-uri openssh-8.7p1/ssh-pkcs11.c RSA_set_method(rsa, rsa_method); RSA_set_ex_data(rsa, rsa_idx, k11); return (0); -@@ -532,8 +682,8 @@ ecdsa_do_sign(const unsigned char *dgst, +@@ -532,8 +683,8 @@ ecdsa_do_sign(const unsigned char *dgst, return (NULL); } @@ -1745,7 +1745,7 @@ diff -up openssh-8.7p1/ssh-pkcs11.c.pkcs11-uri openssh-8.7p1/ssh-pkcs11.c siglen = ECDSA_size(ec); sig = xmalloc(siglen); -@@ -598,7 +748,7 @@ pkcs11_ecdsa_start_wrapper(void) +@@ -598,7 +749,7 @@ pkcs11_ecdsa_start_wrapper(void) static int pkcs11_ecdsa_wrap(struct pkcs11_provider *provider, CK_ULONG slotidx, @@ -1754,10 +1754,10 @@ diff -up openssh-8.7p1/ssh-pkcs11.c.pkcs11-uri openssh-8.7p1/ssh-pkcs11.c { struct pkcs11_key *k11; -@@ -614,6 +764,12 @@ pkcs11_ecdsa_wrap(struct pkcs11_provider +@@ -615,6 +766,12 @@ pkcs11_ecdsa_wrap(struct pkcs11_provider k11->keyid = xmalloc(k11->keyid_len); memcpy(k11->keyid, keyid_attrib->pValue, k11->keyid_len); - } + } + if (label_attrib->ulValueLen > 0 ) { + k11->label = xmalloc(label_attrib->ulValueLen+1); + memcpy(k11->label, label_attrib->pValue, label_attrib->ulValueLen); @@ -1767,28 +1767,17 @@ diff -up openssh-8.7p1/ssh-pkcs11.c.pkcs11-uri openssh-8.7p1/ssh-pkcs11.c EC_KEY_set_method(ec, ec_key_method); EC_KEY_set_ex_data(ec, ec_key_idx, k11); -@@ -622,7 +779,8 @@ +@@ -622,7 +779,8 @@ pkcs11_ecdsa_wrap(struct pkcs11_provider } #endif /* OPENSSL_HAS_ECC && HAVE_EC_KEY_METHOD_NEW */ -/* remove trailing spaces */ +/* remove trailing spaces. Note, that this does NOT guarantee the buffer + * will be null terminated if there are no trailing spaces! */ - static void + static char * rmspace(u_char *buf, size_t len) { -@@ -630,8 +788,8 @@ - - if (!len) - return; -- for (i = len - 1; i > 0; i--) -- if (i == len - 1 || buf[i] == ' ') -+ for (i = len - 1; i > 0; i--) -+ if (buf[i] == ' ') - buf[i] = '\0'; - else - break; -@@ -650,8 +806,8 @@ pkcs11_open_session(struct pkcs11_provid +@@ -654,8 +812,8 @@ pkcs11_open_session(struct pkcs11_provid CK_SESSION_HANDLE session; int login_required, ret; @@ -1799,7 +1788,7 @@ diff -up openssh-8.7p1/ssh-pkcs11.c.pkcs11-uri openssh-8.7p1/ssh-pkcs11.c login_required = si->token.flags & CKF_LOGIN_REQUIRED; -@@ -661,9 +817,9 @@ pkcs11_open_session(struct pkcs11_provid +@@ -665,9 +823,9 @@ pkcs11_open_session(struct pkcs11_provid error("pin required"); return (-SSH_PKCS11_ERR_PIN_REQUIRED); } @@ -1811,7 +1800,7 @@ diff -up openssh-8.7p1/ssh-pkcs11.c.pkcs11-uri openssh-8.7p1/ssh-pkcs11.c return (-1); } if (login_required && pin != NULL && strlen(pin) != 0) { -@@ -699,7 +855,8 @@ static struct sshkey * +@@ -703,7 +861,8 @@ static struct sshkey * pkcs11_fetch_ecdsa_pubkey(struct pkcs11_provider *p, CK_ULONG slotidx, CK_OBJECT_HANDLE *obj) { @@ -1821,7 +1810,7 @@ diff -up openssh-8.7p1/ssh-pkcs11.c.pkcs11-uri openssh-8.7p1/ssh-pkcs11.c CK_SESSION_HANDLE session; CK_FUNCTION_LIST *f = NULL; CK_RV rv; -@@ -713,14 +870,15 @@ pkcs11_fetch_ecdsa_pubkey(struct pkcs11_ +@@ -717,14 +876,15 @@ pkcs11_fetch_ecdsa_pubkey(struct pkcs11_ memset(&key_attr, 0, sizeof(key_attr)); key_attr[0].type = CKA_ID; @@ -1842,7 +1831,7 @@ diff -up openssh-8.7p1/ssh-pkcs11.c.pkcs11-uri openssh-8.7p1/ssh-pkcs11.c if (rv != CKR_OK) { error("C_GetAttributeValue failed: %lu", rv); return (NULL); -@@ -731,19 +889,19 @@ pkcs11_fetch_ecdsa_pubkey(struct pkcs11_ +@@ -735,19 +895,19 @@ pkcs11_fetch_ecdsa_pubkey(struct pkcs11_ * ensure that none of the others are zero length. * XXX assumes CKA_ID is always first. */ @@ -1866,7 +1855,7 @@ diff -up openssh-8.7p1/ssh-pkcs11.c.pkcs11-uri openssh-8.7p1/ssh-pkcs11.c if (rv != CKR_OK) { error("C_GetAttributeValue failed: %lu", rv); goto fail; -@@ -755,8 +913,8 @@ pkcs11_fetch_ecdsa_pubkey(struct pkcs11_ +@@ -759,8 +919,8 @@ pkcs11_fetch_ecdsa_pubkey(struct pkcs11_ goto fail; } @@ -1877,7 +1866,7 @@ diff -up openssh-8.7p1/ssh-pkcs11.c.pkcs11-uri openssh-8.7p1/ssh-pkcs11.c if (group == NULL) { ossl_error("d2i_ECPKParameters failed"); goto fail; -@@ -767,13 +925,13 @@ pkcs11_fetch_ecdsa_pubkey(struct pkcs11_ +@@ -771,13 +931,13 @@ pkcs11_fetch_ecdsa_pubkey(struct pkcs11_ goto fail; } @@ -1894,7 +1883,7 @@ diff -up openssh-8.7p1/ssh-pkcs11.c.pkcs11-uri openssh-8.7p1/ssh-pkcs11.c if (octet == NULL) { ossl_error("d2i_ASN1_OCTET_STRING failed"); goto fail; -@@ -790,7 +948,7 @@ pkcs11_fetch_ecdsa_pubkey(struct pkcs11_ +@@ -794,7 +954,7 @@ pkcs11_fetch_ecdsa_pubkey(struct pkcs11_ goto fail; } @@ -1903,7 +1892,7 @@ diff -up openssh-8.7p1/ssh-pkcs11.c.pkcs11-uri openssh-8.7p1/ssh-pkcs11.c goto fail; key = sshkey_new(KEY_UNSPEC); -@@ -806,7 +964,7 @@ pkcs11_fetch_ecdsa_pubkey(struct pkcs11_ +@@ -810,7 +970,7 @@ pkcs11_fetch_ecdsa_pubkey(struct pkcs11_ ec = NULL; /* now owned by key */ fail: @@ -1912,7 +1901,7 @@ diff -up openssh-8.7p1/ssh-pkcs11.c.pkcs11-uri openssh-8.7p1/ssh-pkcs11.c free(key_attr[i].pValue); if (ec) EC_KEY_free(ec); -@@ -823,7 +981,8 @@ static struct sshkey * +@@ -827,7 +987,8 @@ static struct sshkey * pkcs11_fetch_rsa_pubkey(struct pkcs11_provider *p, CK_ULONG slotidx, CK_OBJECT_HANDLE *obj) { @@ -1922,7 +1911,7 @@ diff -up openssh-8.7p1/ssh-pkcs11.c.pkcs11-uri openssh-8.7p1/ssh-pkcs11.c CK_SESSION_HANDLE session; CK_FUNCTION_LIST *f = NULL; CK_RV rv; -@@ -834,14 +993,15 @@ pkcs11_fetch_rsa_pubkey(struct pkcs11_pr +@@ -838,14 +999,15 @@ pkcs11_fetch_rsa_pubkey(struct pkcs11_pr memset(&key_attr, 0, sizeof(key_attr)); key_attr[0].type = CKA_ID; @@ -1943,7 +1932,7 @@ diff -up openssh-8.7p1/ssh-pkcs11.c.pkcs11-uri openssh-8.7p1/ssh-pkcs11.c if (rv != CKR_OK) { error("C_GetAttributeValue failed: %lu", rv); return (NULL); -@@ -852,19 +1012,19 @@ pkcs11_fetch_rsa_pubkey(struct pkcs11_pr +@@ -856,19 +1018,19 @@ pkcs11_fetch_rsa_pubkey(struct pkcs11_pr * ensure that none of the others are zero length. * XXX assumes CKA_ID is always first. */ @@ -1967,7 +1956,7 @@ diff -up openssh-8.7p1/ssh-pkcs11.c.pkcs11-uri openssh-8.7p1/ssh-pkcs11.c if (rv != CKR_OK) { error("C_GetAttributeValue failed: %lu", rv); goto fail; -@@ -876,8 +1036,8 @@ pkcs11_fetch_rsa_pubkey(struct pkcs11_pr +@@ -880,8 +1042,8 @@ pkcs11_fetch_rsa_pubkey(struct pkcs11_pr goto fail; } @@ -1978,7 +1967,7 @@ diff -up openssh-8.7p1/ssh-pkcs11.c.pkcs11-uri openssh-8.7p1/ssh-pkcs11.c if (rsa_n == NULL || rsa_e == NULL) { error("BN_bin2bn failed"); goto fail; -@@ -886,7 +1046,7 @@ pkcs11_fetch_rsa_pubkey(struct pkcs11_pr +@@ -890,7 +1052,7 @@ pkcs11_fetch_rsa_pubkey(struct pkcs11_pr fatal_f("set key"); rsa_n = rsa_e = NULL; /* transferred */ @@ -1987,7 +1976,7 @@ diff -up openssh-8.7p1/ssh-pkcs11.c.pkcs11-uri openssh-8.7p1/ssh-pkcs11.c goto fail; key = sshkey_new(KEY_UNSPEC); -@@ -901,7 +1061,7 @@ pkcs11_fetch_rsa_pubkey(struct pkcs11_pr +@@ -905,7 +1067,7 @@ pkcs11_fetch_rsa_pubkey(struct pkcs11_pr rsa = NULL; /* now owned by key */ fail: @@ -1996,7 +1985,7 @@ diff -up openssh-8.7p1/ssh-pkcs11.c.pkcs11-uri openssh-8.7p1/ssh-pkcs11.c free(key_attr[i].pValue); RSA_free(rsa); -@@ -912,7 +1072,8 @@ static int +@@ -916,7 +1078,8 @@ static int pkcs11_fetch_x509_pubkey(struct pkcs11_provider *p, CK_ULONG slotidx, CK_OBJECT_HANDLE *obj, struct sshkey **keyp, char **labelp) { @@ -2006,7 +1995,7 @@ diff -up openssh-8.7p1/ssh-pkcs11.c.pkcs11-uri openssh-8.7p1/ssh-pkcs11.c CK_SESSION_HANDLE session; CK_FUNCTION_LIST *f = NULL; CK_RV rv; -@@ -936,14 +1097,15 @@ pkcs11_fetch_x509_pubkey(struct pkcs11_p +@@ -940,14 +1103,15 @@ pkcs11_fetch_x509_pubkey(struct pkcs11_p memset(&cert_attr, 0, sizeof(cert_attr)); cert_attr[0].type = CKA_ID; @@ -2027,7 +2016,7 @@ diff -up openssh-8.7p1/ssh-pkcs11.c.pkcs11-uri openssh-8.7p1/ssh-pkcs11.c if (rv != CKR_OK) { error("C_GetAttributeValue failed: %lu", rv); return -1; -@@ -955,18 +1117,19 @@ pkcs11_fetch_x509_pubkey(struct pkcs11_p +@@ -959,18 +1123,19 @@ pkcs11_fetch_x509_pubkey(struct pkcs11_p * XXX assumes CKA_ID is always first. */ if (cert_attr[1].ulValueLen == 0 || @@ -2050,7 +2039,7 @@ diff -up openssh-8.7p1/ssh-pkcs11.c.pkcs11-uri openssh-8.7p1/ssh-pkcs11.c if (rv != CKR_OK) { error("C_GetAttributeValue failed: %lu", rv); goto out; -@@ -980,8 +1143,8 @@ pkcs11_fetch_x509_pubkey(struct pkcs11_p +@@ -984,8 +1149,8 @@ pkcs11_fetch_x509_pubkey(struct pkcs11_p subject = xstrdup("invalid subject"); X509_NAME_free(x509_name); @@ -2061,7 +2050,7 @@ diff -up openssh-8.7p1/ssh-pkcs11.c.pkcs11-uri openssh-8.7p1/ssh-pkcs11.c error("d2i_x509 failed"); goto out; } -@@ -1001,7 +1164,7 @@ pkcs11_fetch_x509_pubkey(struct pkcs11_p +@@ -1005,7 +1170,7 @@ pkcs11_fetch_x509_pubkey(struct pkcs11_p goto out; } @@ -2070,7 +2059,7 @@ diff -up openssh-8.7p1/ssh-pkcs11.c.pkcs11-uri openssh-8.7p1/ssh-pkcs11.c goto out; key = sshkey_new(KEY_UNSPEC); -@@ -1031,7 +1194,7 @@ pkcs11_fetch_x509_pubkey(struct pkcs11_p +@@ -1035,7 +1200,7 @@ pkcs11_fetch_x509_pubkey(struct pkcs11_p goto out; } @@ -2079,7 +2068,7 @@ diff -up openssh-8.7p1/ssh-pkcs11.c.pkcs11-uri openssh-8.7p1/ssh-pkcs11.c goto out; key = sshkey_new(KEY_UNSPEC); -@@ -1051,7 +1214,7 @@ pkcs11_fetch_x509_pubkey(struct pkcs11_p +@@ -1055,7 +1220,7 @@ pkcs11_fetch_x509_pubkey(struct pkcs11_p goto out; } out: @@ -2088,7 +2077,7 @@ diff -up openssh-8.7p1/ssh-pkcs11.c.pkcs11-uri openssh-8.7p1/ssh-pkcs11.c free(cert_attr[i].pValue); X509_free(x509); RSA_free(rsa); -@@ -1102,11 +1265,12 @@ note_key(struct pkcs11_provider *p, CK_U +@@ -1106,11 +1271,12 @@ note_key(struct pkcs11_provider *p, CK_U */ static int pkcs11_fetch_certs(struct pkcs11_provider *p, CK_ULONG slotidx, @@ -2103,7 +2092,7 @@ diff -up openssh-8.7p1/ssh-pkcs11.c.pkcs11-uri openssh-8.7p1/ssh-pkcs11.c CK_SESSION_HANDLE session; CK_FUNCTION_LIST *f = NULL; CK_RV rv; -@@ -1123,10 +1287,23 @@ pkcs11_fetch_certs(struct pkcs11_provide +@@ -1127,10 +1293,23 @@ pkcs11_fetch_certs(struct pkcs11_provide key_attr[0].pValue = &key_class; key_attr[0].ulValueLen = sizeof(key_class); @@ -2121,16 +2110,16 @@ diff -up openssh-8.7p1/ssh-pkcs11.c.pkcs11-uri openssh-8.7p1/ssh-pkcs11.c + key_attr[nattr].ulValueLen = strlen(uri->object); + nattr++; + } -+ -+ session = p->module->slotinfo[slotidx].session; -+ f = p->module->function_list; - rv = f->C_FindObjectsInit(session, key_attr, 1); ++ session = p->module->slotinfo[slotidx].session; ++ f = p->module->function_list; ++ + rv = f->C_FindObjectsInit(session, key_attr, nattr); if (rv != CKR_OK) { error("C_FindObjectsInit failed: %lu", rv); goto fail; -@@ -1207,11 +1384,12 @@ fail: +@@ -1211,11 +1390,12 @@ fail: */ static int pkcs11_fetch_keys(struct pkcs11_provider *p, CK_ULONG slotidx, @@ -2145,7 +2134,7 @@ diff -up openssh-8.7p1/ssh-pkcs11.c.pkcs11-uri openssh-8.7p1/ssh-pkcs11.c CK_SESSION_HANDLE session; CK_FUNCTION_LIST *f = NULL; CK_RV rv; -@@ -1227,10 +1405,23 @@ pkcs11_fetch_keys(struct pkcs11_provider +@@ -1231,10 +1411,23 @@ pkcs11_fetch_keys(struct pkcs11_provider key_attr[0].pValue = &key_class; key_attr[0].ulValueLen = sizeof(key_class); @@ -2163,16 +2152,16 @@ diff -up openssh-8.7p1/ssh-pkcs11.c.pkcs11-uri openssh-8.7p1/ssh-pkcs11.c + key_attr[nattr].ulValueLen = strlen(uri->object); + nattr++; + } - -- rv = f->C_FindObjectsInit(session, key_attr, 1); ++ + session = p->module->slotinfo[slotidx].session; + f = p->module->function_list; -+ + +- rv = f->C_FindObjectsInit(session, key_attr, 1); + rv = f->C_FindObjectsInit(session, key_attr, nattr); if (rv != CKR_OK) { error("C_FindObjectsInit failed: %lu", rv); goto fail; -@@ -1499,16 +1690,10 @@ pkcs11_ecdsa_generate_private_key(struct +@@ -1503,16 +1696,10 @@ pkcs11_ecdsa_generate_private_key(struct } #endif /* WITH_PKCS11_KEYGEN */ @@ -2191,7 +2180,7 @@ diff -up openssh-8.7p1/ssh-pkcs11.c.pkcs11-uri openssh-8.7p1/ssh-pkcs11.c int ret = -1; struct pkcs11_provider *p = NULL; void *handle = NULL; -@@ -1517,164 +1702,305 @@ +@@ -1521,162 +1708,309 @@ pkcs11_register_provider(char *provider_ CK_FUNCTION_LIST *f = NULL; CK_TOKEN_INFO *token; CK_ULONG i; @@ -2199,28 +2188,35 @@ diff -up openssh-8.7p1/ssh-pkcs11.c.pkcs11-uri openssh-8.7p1/ssh-pkcs11.c + struct pkcs11_module *m = NULL; - if (providerp == NULL) +- goto fail; +- *providerp = NULL; +- +- if (keyp != NULL) +- *keyp = NULL; +- if (labelsp != NULL) +- *labelsp = NULL; + /* if no provider specified, fallback to p11-kit */ + if (uri->module_path == NULL) { +#ifdef PKCS11_DEFAULT_PROVIDER + provider_module = strdup(PKCS11_DEFAULT_PROVIDER); +#else + error_f("No module path provided"); - goto fail; -- *providerp = NULL; ++ goto fail; +#endif + } else { + provider_module = strdup(uri->module_path); + } - -- if (keyp != NULL) -- *keyp = NULL; -- if (labelsp != NULL) -- *labelsp = NULL; + p = xcalloc(1, sizeof(*p)); + p->name = pkcs11_uri_get(uri); - if (pkcs11_provider_lookup(provider_id) != NULL) { - debug_f("provider already registered: %s", provider_id); ++ if (lib_contains_symbol(provider_module, "C_GetFunctionList") != 0) { ++ error("provider %s is not a PKCS11 library", provider_module); + goto fail; + } +- if (lib_contains_symbol(provider_id, "C_GetFunctionList") != 0) { +- error("provider %s is not a PKCS11 library", provider_id); - goto fail; + if ((m = pkcs11_provider_lookup_module(provider_module)) != NULL + && m->valid) { @@ -2247,14 +2243,11 @@ diff -up openssh-8.7p1/ssh-pkcs11.c.pkcs11-uri openssh-8.7p1/ssh-pkcs11.c + error("dlopen %s failed: %s", provider_module, dlerror()); goto fail; } - if ((getfunctionlist = dlsym(handle, "C_GetFunctionList")) == NULL) { - error("dlsym(C_GetFunctionList) failed: %s", dlerror()); - goto fail; - } + if ((getfunctionlist = dlsym(handle, "C_GetFunctionList")) == NULL) + fatal("dlsym(C_GetFunctionList) failed: %s", dlerror()); - p = xcalloc(1, sizeof(*p)); - p->name = xstrdup(provider_id); - p->handle = handle; -+ + p->module->handle = handle; /* setup the pkcs11 callbacks */ if ((rv = (*getfunctionlist)(&f)) != CKR_OK) { @@ -2279,15 +2272,13 @@ diff -up openssh-8.7p1/ssh-pkcs11.c.pkcs11-uri openssh-8.7p1/ssh-pkcs11.c + provider_module, rv); goto fail; } -- rmspace(p->info.manufacturerID, sizeof(p->info.manufacturerID)); -- rmspace(p->info.libraryDescription, sizeof(p->info.libraryDescription)); -- debug("provider %s: manufacturerID <%s> cryptokiVersion %d.%d" -- " libraryDescription <%s> libraryVersion %d.%d", +- debug("provider %s: manufacturerID <%.*s> cryptokiVersion %d.%d" +- " libraryDescription <%.*s> libraryVersion %d.%d", - provider_id, -- p->info.manufacturerID, +- RMSPACE(p->info.manufacturerID), - p->info.cryptokiVersion.major, - p->info.cryptokiVersion.minor, -- p->info.libraryDescription, +- RMSPACE(p->info.libraryDescription), - p->info.libraryVersion.major, - p->info.libraryVersion.minor); - if ((rv = f->C_GetSlotList(CK_TRUE, NULL, &p->nslots)) != CKR_OK) { @@ -2331,12 +2322,12 @@ diff -up openssh-8.7p1/ssh-pkcs11.c.pkcs11-uri openssh-8.7p1/ssh-pkcs11.c goto fail; } - p->slotinfo = xcalloc(p->nslots, sizeof(struct pkcs11_slotinfo)); ++ m->slotinfo = xcalloc(m->nslots, sizeof(struct pkcs11_slotinfo)); p->valid = 1; - nkeys = 0; - for (i = 0; i < p->nslots; i++) { - token = &p->slotinfo[i].token; - if ((rv = f->C_GetTokenInfo(p->slotlist[i], token)) -+ m->slotinfo = xcalloc(m->nslots, sizeof(struct pkcs11_slotinfo)); + m->valid = 1; + for (i = 0; i < m->nslots; i++) { + token = &m->slotinfo[i].token; @@ -2353,23 +2344,25 @@ diff -up openssh-8.7p1/ssh-pkcs11.c.pkcs11-uri openssh-8.7p1/ssh-pkcs11.c + token->flags = 0; continue; } - rmspace(token->label, sizeof(token->label)); - rmspace(token->manufacturerID, sizeof(token->manufacturerID)); - rmspace(token->model, sizeof(token->model)); - rmspace(token->serialNumber, sizeof(token->serialNumber)); -- debug("provider %s slot %lu: label <%s> manufacturerID <%s> " -- "model <%s> serial <%s> flags 0x%lx", + debug("provider %s slot %lu: label <%.*s> " + "manufacturerID <%.*s> model <%.*s> serial <%.*s> " + "flags 0x%lx", - provider_id, (unsigned long)i, ++ provider_module, (unsigned long)i, + RMSPACE(token->label), RMSPACE(token->manufacturerID), + RMSPACE(token->model), RMSPACE(token->serialNumber), + token->flags); + } + m->module_path = provider_module; + provider_module = NULL; + -+ /* insert unconditionally -- remove if there will be no keys later */ ++ /* now owned by caller */ ++ *providerp = p; ++ + TAILQ_INSERT_TAIL(&pkcs11_providers, p, next); + p->refcount++; /* add to provider list */ -+ *providerp = p; -+ return 0; + ++ return 0; +fail: + if (need_finalize && (rv = f->C_Finalize(NULL)) != CKR_OK) + error("C_Finalize for provider %s failed: %lu", @@ -2385,7 +2378,7 @@ diff -up openssh-8.7p1/ssh-pkcs11.c.pkcs11-uri openssh-8.7p1/ssh-pkcs11.c + } + if (handle) + dlclose(handle); -+ return ret; ++ return (ret); +} + +/* @@ -2451,12 +2444,12 @@ diff -up openssh-8.7p1/ssh-pkcs11.c.pkcs11-uri openssh-8.7p1/ssh-pkcs11.c + debug("provider %s slot %lu: label <%.32s> manufacturerID <%.32s> " + "model <%.16s> serial <%.16s> flags 0x%lx", + provider_uri, (unsigned long)i, - token->label, token->manufacturerID, token->model, - token->serialNumber, token->flags); ++ token->label, token->manufacturerID, token->model, ++ token->serialNumber, token->flags); /* - * open session, login with pin and retrieve public - * keys (if keyp is provided) -+ * open session if not yet openend, login with pin and ++ * open session if not yet opened, login with pin and + * retrieve public keys (if keyp is provided) */ - if ((ret = pkcs11_open_session(p, i, pin, user)) != 0 || @@ -2517,8 +2510,8 @@ diff -up openssh-8.7p1/ssh-pkcs11.c.pkcs11-uri openssh-8.7p1/ssh-pkcs11.c - free(p->slotlist); - free(p->slotinfo); - free(p); -+ TAILQ_REMOVE(&pkcs11_providers, p, next); -+ pkcs11_provider_unref(p); ++ TAILQ_REMOVE(&pkcs11_providers, p, next); ++ pkcs11_provider_unref(p); } - if (handle) - dlclose(handle); @@ -2576,7 +2569,7 @@ diff -up openssh-8.7p1/ssh-pkcs11.c.pkcs11-uri openssh-8.7p1/ssh-pkcs11.c /* no keys found or some other error, de-register provider */ if (nkeys <= 0 && p != NULL) { -@@ -1684,7 +2012,37 @@ pkcs11_add_provider(char *provider_id, c +@@ -1685,7 +2019,37 @@ pkcs11_add_provider(char *provider_id, c pkcs11_provider_unref(p); } if (nkeys == 0) @@ -2615,9 +2608,9 @@ diff -up openssh-8.7p1/ssh-pkcs11.c.pkcs11-uri openssh-8.7p1/ssh-pkcs11.c return (nkeys); } -diff -up openssh-8.7p1/ssh-pkcs11.h.pkcs11-uri openssh-8.7p1/ssh-pkcs11.h ---- openssh-8.7p1/ssh-pkcs11.h.pkcs11-uri 2021-08-20 06:03:49.000000000 +0200 -+++ openssh-8.7p1/ssh-pkcs11.h 2021-08-30 13:07:43.666700121 +0200 +diff -up openssh-9.6p1/ssh-pkcs11.h.pkcs11-uri openssh-9.6p1/ssh-pkcs11.h +--- openssh-9.6p1/ssh-pkcs11.h.pkcs11-uri 2023-12-18 15:59:50.000000000 +0100 ++++ openssh-9.6p1/ssh-pkcs11.h 2024-01-12 14:25:25.235942385 +0100 @@ -22,10 +22,14 @@ #define SSH_PKCS11_ERR_PIN_REQUIRED 4 #define SSH_PKCS11_ERR_PIN_LOCKED 5 @@ -2633,9 +2626,9 @@ diff -up openssh-8.7p1/ssh-pkcs11.h.pkcs11-uri openssh-8.7p1/ssh-pkcs11.h #ifdef WITH_PKCS11_KEYGEN struct sshkey * pkcs11_gakp(char *, char *, unsigned int, char *, unsigned int, -diff -up openssh-8.7p1/ssh-pkcs11-uri.c.pkcs11-uri openssh-8.7p1/ssh-pkcs11-uri.c ---- openssh-8.7p1/ssh-pkcs11-uri.c.pkcs11-uri 2021-08-30 13:07:43.667700130 +0200 -+++ openssh-8.7p1/ssh-pkcs11-uri.c 2021-08-30 13:07:43.667700130 +0200 +diff -up openssh-9.6p1/ssh-pkcs11-uri.c.pkcs11-uri openssh-9.6p1/ssh-pkcs11-uri.c +--- openssh-9.6p1/ssh-pkcs11-uri.c.pkcs11-uri 2024-01-12 14:25:25.235942385 +0100 ++++ openssh-9.6p1/ssh-pkcs11-uri.c 2024-01-12 14:25:25.235942385 +0100 @@ -0,0 +1,437 @@ +/* + * Copyright (c) 2017 Red Hat @@ -3074,9 +3067,9 @@ diff -up openssh-8.7p1/ssh-pkcs11-uri.c.pkcs11-uri openssh-8.7p1/ssh-pkcs11-uri. +} + +#endif /* ENABLE_PKCS11 */ -diff -up openssh-8.7p1/ssh-pkcs11-uri.h.pkcs11-uri openssh-8.7p1/ssh-pkcs11-uri.h ---- openssh-8.7p1/ssh-pkcs11-uri.h.pkcs11-uri 2021-08-30 13:07:43.667700130 +0200 -+++ openssh-8.7p1/ssh-pkcs11-uri.h 2021-08-30 13:07:43.667700130 +0200 +diff -up openssh-9.6p1/ssh-pkcs11-uri.h.pkcs11-uri openssh-9.6p1/ssh-pkcs11-uri.h +--- openssh-9.6p1/ssh-pkcs11-uri.h.pkcs11-uri 2024-01-12 14:25:25.235942385 +0100 ++++ openssh-9.6p1/ssh-pkcs11-uri.h 2024-01-12 14:25:25.235942385 +0100 @@ -0,0 +1,43 @@ +/* + * Copyright (c) 2017 Red Hat diff --git a/openssh-8.7p1-minrsabits.patch b/openssh-8.7p1-minrsabits.patch index 2ed59a3..479b55d 100644 --- a/openssh-8.7p1-minrsabits.patch +++ b/openssh-8.7p1-minrsabits.patch @@ -1,23 +1,21 @@ diff --git a/readconf.c b/readconf.c -index 7f26c680..42be690b 100644 ---- a/readconf.c -+++ b/readconf.c -@@ -320,6 +320,7 @@ static struct { +--- a/readconf.c (revision 8241b9c0529228b4b86d88b1a6076fb9f97e4a99) ++++ b/readconf.c (date 1703169891147) +@@ -326,6 +326,7 @@ { "securitykeyprovider", oSecurityKeyProvider }, { "knownhostscommand", oKnownHostsCommand }, - { "requiredrsasize", oRequiredRSASize }, + { "requiredrsasize", oRequiredRSASize }, + { "rsaminsize", oRequiredRSASize }, /* alias */ { "enableescapecommandline", oEnableEscapeCommandline }, - - { NULL, oBadOption } + { "obscurekeystroketiming", oObscureKeystrokeTiming }, + { "channeltimeout", oChannelTimeout }, diff --git a/servconf.c b/servconf.c -index 29df0463..423772b1 100644 ---- a/servconf.c -+++ b/servconf.c -@@ -676,6 +680,7 @@ static struct { +--- a/servconf.c (revision 8241b9c0529228b4b86d88b1a6076fb9f97e4a99) ++++ b/servconf.c (date 1703169891148) +@@ -691,6 +691,7 @@ { "casignaturealgorithms", sCASignatureAlgorithms, SSHCFG_ALL }, { "securitykeyprovider", sSecurityKeyProvider, SSHCFG_GLOBAL }, - { "requiredrsasize", sRequiredRSASize, SSHCFG_ALL }, + { "requiredrsasize", sRequiredRSASize, SSHCFG_ALL }, + { "rsaminsize", sRequiredRSASize, SSHCFG_ALL }, /* alias */ { "channeltimeout", sChannelTimeout, SSHCFG_ALL }, { "unusedconnectiontimeout", sUnusedConnectionTimeout, SSHCFG_ALL }, diff --git a/openssh-8.7p1-recursive-scp.patch b/openssh-8.7p1-recursive-scp.patch index f0d9b0f..17c340e 100644 --- a/openssh-8.7p1-recursive-scp.patch +++ b/openssh-8.7p1-recursive-scp.patch @@ -1,28 +1,28 @@ -diff -up openssh-8.7p1/scp.c.scp-sftpdirs openssh-8.7p1/scp.c ---- openssh-8.7p1/scp.c.scp-sftpdirs 2022-02-07 12:31:07.407740407 +0100 -+++ openssh-8.7p1/scp.c 2022-02-07 12:31:07.409740424 +0100 -@@ -1324,7 +1324,7 @@ source_sftp(int argc, char *src, char *t - +diff --git a/scp.c b/scp.c +--- a/scp.c (revision 8241b9c0529228b4b86d88b1a6076fb9f97e4a99) ++++ b/scp.c (date 1703111453316) +@@ -1372,7 +1372,7 @@ + if (src_is_dir && iamrecursive) { - if (upload_dir(conn, src, abs_dst, pflag, + if (sftp_upload_dir(conn, src, abs_dst, pflag, - SFTP_PROGRESS_ONLY, 0, 0, 1, 1) != 0) { + SFTP_PROGRESS_ONLY, 0, 0, 1, 1, 1) != 0) { - error("failed to upload directory %s to %s", src, targ); - errs = 1; - } -diff -up openssh-8.7p1/sftp-client.c.scp-sftpdirs openssh-8.7p1/sftp-client.c ---- openssh-8.7p1/sftp-client.c.scp-sftpdirs 2021-08-20 06:03:49.000000000 +0200 -+++ openssh-8.7p1/sftp-client.c 2022-02-07 12:47:59.117516131 +0100 -@@ -971,7 +971,7 @@ do_fsetstat(struct sftp_conn *conn, cons - + error("failed to upload directory %s to %s", src, targ); + errs = 1; + } +diff --git a/sftp-client.c b/sftp-client.c +--- a/sftp-client.c (revision 8241b9c0529228b4b86d88b1a6076fb9f97e4a99) ++++ b/sftp-client.c (date 1703169614263) +@@ -1003,7 +1003,7 @@ + /* Implements both the realpath and expand-path operations */ static char * --do_realpath_expand(struct sftp_conn *conn, const char *path, int expand) -+do_realpath_expand(struct sftp_conn *conn, const char *path, int expand, int create_dir) +-sftp_realpath_expand(struct sftp_conn *conn, const char *path, int expand) ++sftp_realpath_expand(struct sftp_conn *conn, const char *path, int expand, int create_dir) { struct sshbuf *msg; u_int expected_id, count, id; -@@ -1033,11 +1033,43 @@ do_realpath_expand(struct sftp_conn *con +@@ -1049,11 +1049,43 @@ if ((r = sshbuf_get_u32(msg, &status)) != 0 || (r = sshbuf_get_cstring(msg, &errmsg, NULL)) != 0) fatal_fr(r, "parse status"); @@ -33,7 +33,7 @@ diff -up openssh-8.7p1/sftp-client.c.scp-sftpdirs openssh-8.7p1/sftp-client.c - return NULL; + if ((status == SSH2_FX_NO_SUCH_FILE) && create_dir) { + memset(&a, '\0', sizeof(a)); -+ if ((r = do_mkdir(conn, path, &a, 0)) != 0) { ++ if ((r = sftp_mkdir(conn, path, &a, 0)) != 0) { + sshbuf_free(msg); + return NULL; + } @@ -71,111 +71,112 @@ diff -up openssh-8.7p1/sftp-client.c.scp-sftpdirs openssh-8.7p1/sftp-client.c } else if (type != SSH2_FXP_NAME) fatal("Expected SSH2_FXP_NAME(%u) packet, got %u", SSH2_FXP_NAME, type); -@@ -1039,9 +1067,9 @@ do_realpath_expand(struct sftp_conn *con +@@ -1078,9 +1110,9 @@ } - + char * --do_realpath(struct sftp_conn *conn, const char *path) -+do_realpath(struct sftp_conn *conn, const char *path, int create_dir) +-sftp_realpath(struct sftp_conn *conn, const char *path) ++sftp_realpath(struct sftp_conn *conn, const char *path, int create_dir) { -- return do_realpath_expand(conn, path, 0); -+ return do_realpath_expand(conn, path, 0, create_dir); +- return sftp_realpath_expand(conn, path, 0); ++ return sftp_realpath_expand(conn, path, 0, create_dir); } - + int -@@ -1055,9 +1083,9 @@ do_expand_path(struct sftp_conn *conn, c +@@ -1094,9 +1126,9 @@ { - if (!can_expand_path(conn)) { + if (!sftp_can_expand_path(conn)) { debug3_f("no server support, fallback to realpath"); -- return do_realpath_expand(conn, path, 0); -+ return do_realpath_expand(conn, path, 0, 0); +- return sftp_realpath_expand(conn, path, 0); ++ return sftp_realpath_expand(conn, path, 0, 0); } -- return do_realpath_expand(conn, path, 1); -+ return do_realpath_expand(conn, path, 1, 0); +- return sftp_realpath_expand(conn, path, 1); ++ return sftp_realpath_expand(conn, path, 1, 0); } - + int -@@ -1807,7 +1835,7 @@ download_dir(struct sftp_conn *conn, con +@@ -2016,7 +2048,7 @@ char *src_canon; int ret; - -- if ((src_canon = do_realpath(conn, src)) == NULL) { -+ if ((src_canon = do_realpath(conn, src, 0)) == NULL) { - error("download \"%s\": path canonicalization failed", src); - return -1; - } -@@ -2115,12 +2143,12 @@ upload_dir_internal(struct sftp_conn *co + +- if ((src_canon = sftp_realpath(conn, src)) == NULL) { ++ if ((src_canon = sftp_realpath(conn, src, 0)) == NULL) { + error("download \"%s\": path canonicalization failed", src); + return -1; + } +@@ -2365,12 +2397,12 @@ int - upload_dir(struct sftp_conn *conn, const char *src, const char *dst, + sftp_upload_dir(struct sftp_conn *conn, const char *src, const char *dst, int preserve_flag, int print_flag, int resume, int fsync_flag, - int follow_link_flag, int inplace_flag) + int follow_link_flag, int inplace_flag, int create_dir) { char *dst_canon; int ret; - -- if ((dst_canon = do_realpath(conn, dst)) == NULL) { -+ if ((dst_canon = do_realpath(conn, dst, create_dir)) == NULL) { - error("upload \"%s\": path canonicalization failed", dst); - return -1; - } -@@ -2557,7 +2585,7 @@ crossload_dir(struct sftp_conn *from, st + +- if ((dst_canon = sftp_realpath(conn, dst)) == NULL) { ++ if ((dst_canon = sftp_realpath(conn, dst, create_dir)) == NULL) { + error("upload \"%s\": path canonicalization failed", dst); + return -1; + } +@@ -2825,7 +2857,7 @@ char *from_path_canon; int ret; - -- if ((from_path_canon = do_realpath(from, from_path)) == NULL) { -+ if ((from_path_canon = do_realpath(from, from_path, 0)) == NULL) { - error("crossload \"%s\": path canonicalization failed", - from_path); - return -1; -diff -up openssh-8.7p1/sftp-client.h.scp-sftpdirs openssh-8.7p1/sftp-client.h ---- openssh-8.7p1/sftp-client.h.scp-sftpdirs 2021-08-20 06:03:49.000000000 +0200 -+++ openssh-8.7p1/sftp-client.h 2022-02-07 12:31:07.410740433 +0100 -@@ -111,7 +111,7 @@ int do_fsetstat(struct sftp_conn *, cons - int do_lsetstat(struct sftp_conn *conn, const char *path, Attrib *a); - + +- if ((from_path_canon = sftp_realpath(from, from_path)) == NULL) { ++ if ((from_path_canon = sftp_realpath(from, from_path, 0)) == NULL) { + error("crossload \"%s\": path canonicalization failed", + from_path); + return -1; +diff --git a/sftp-client.h b/sftp-client.h +--- a/sftp-client.h (revision 8241b9c0529228b4b86d88b1a6076fb9f97e4a99) ++++ b/sftp-client.h (date 1703111691284) +@@ -111,7 +111,7 @@ + int sftp_lsetstat(struct sftp_conn *conn, const char *path, Attrib *a); + /* Canonicalise 'path' - caller must free result */ --char *do_realpath(struct sftp_conn *, const char *); -+char *do_realpath(struct sftp_conn *, const char *, int); - +-char *sftp_realpath(struct sftp_conn *, const char *); ++char *sftp_realpath(struct sftp_conn *, const char *, int); + /* Canonicalisation with tilde expansion (requires server extension) */ - char *do_expand_path(struct sftp_conn *, const char *); -@@ -159,7 +159,7 @@ int do_upload(struct sftp_conn *, const + char *sftp_expand_path(struct sftp_conn *, const char *); +@@ -163,7 +163,7 @@ * times if 'pflag' is set */ - int upload_dir(struct sftp_conn *, const char *, const char *, + int sftp_upload_dir(struct sftp_conn *, const char *, const char *, - int, int, int, int, int, int); + int, int, int, int, int, int, int); - + /* * Download a 'from_path' from the 'from' connection and upload it to -diff -up openssh-8.7p1/sftp.c.scp-sftpdirs openssh-8.7p1/sftp.c ---- openssh-8.7p1/sftp.c.scp-sftpdirs 2021-08-20 06:03:49.000000000 +0200 -+++ openssh-8.7p1/sftp.c 2022-02-07 12:31:07.411740442 +0100 -@@ -760,7 +760,7 @@ process_put(struct sftp_conn *conn, cons - if (globpath_is_dir(g.gl_pathv[i]) && (rflag || global_rflag)) { - if (upload_dir(conn, g.gl_pathv[i], abs_dst, + +diff --git a/sftp.c b/sftp.c +--- a/sftp.c (revision 8241b9c0529228b4b86d88b1a6076fb9f97e4a99) ++++ b/sftp.c (date 1703168795365) +@@ -807,7 +807,7 @@ + (rflag || global_rflag)) { + if (sftp_upload_dir(conn, g.gl_pathv[i], abs_dst, pflag || global_pflag, 1, resume, - fflag || global_fflag, 0, 0) == -1) + fflag || global_fflag, 0, 0, 0) == -1) err = -1; } else { - if (do_upload(conn, g.gl_pathv[i], abs_dst, -@@ -1577,7 +1577,7 @@ parse_dispatch_command(struct sftp_conn + if (sftp_upload(conn, g.gl_pathv[i], abs_dst, +@@ -1642,7 +1642,7 @@ if (path1 == NULL || *path1 == '\0') path1 = xstrdup(startdir); - path1 = make_absolute(path1, *pwd); -- if ((tmp = do_realpath(conn, path1)) == NULL) { -+ if ((tmp = do_realpath(conn, path1, 0)) == NULL) { + path1 = sftp_make_absolute(path1, *pwd); +- if ((tmp = sftp_realpath(conn, path1)) == NULL) { ++ if ((tmp = sftp_realpath(conn, path1, 0)) == NULL) { err = 1; break; } -@@ -2160,7 +2160,7 @@ interactive_loop(struct sftp_conn *conn, +@@ -2247,7 +2247,7 @@ } #endif /* USE_LIBEDIT */ - -- remote_path = do_realpath(conn, "."); -+ remote_path = do_realpath(conn, ".", 0); - if (remote_path == NULL) + +- if ((remote_path = sftp_realpath(conn, ".")) == NULL) ++ if ((remote_path = sftp_realpath(conn, ".", 0)) == NULL) fatal("Need cwd"); startdir = xstrdup(remote_path); + diff --git a/openssh-9.3p1-hpn-15.2-modified.patch b/openssh-9.3p1-hpn-15.2-modified.patch deleted file mode 100644 index d348911..0000000 --- a/openssh-9.3p1-hpn-15.2-modified.patch +++ /dev/null @@ -1,2595 +0,0 @@ -diff -Nur openssh-9.3p1.orig/auth2.c openssh-9.3p1/auth2.c ---- openssh-9.3p1.orig/auth2.c 2023-06-26 17:56:58.794634874 +0200 -+++ openssh-9.3p1/auth2.c 2023-06-26 17:59:24.993036944 +0200 -@@ -52,6 +52,8 @@ - #include "dispatch.h" - #include "pathnames.h" - #include "ssherr.h" -+#include "canohost.h" -+ - #ifdef GSSAPI - #include "ssh-gss.h" - #endif -@@ -74,6 +76,8 @@ - extern Authmethod method_gssapi; - #endif - -+static int log_flag = 0; -+ - Authmethod *authmethods[] = { - &method_none, - &method_pubkey, -@@ -297,6 +301,11 @@ - - debug("userauth-request for user %s service %s method %s", - user[0] ? user : "", service, method); -+ if (!log_flag) { -+ logit("SSH: Server;Ltype: Authname;Remote: %s-%d;Name: %s", -+ ssh_remote_ipaddr(ssh), ssh_remote_port(ssh), user); -+ log_flag = 1; -+ } - debug("attempt %d failures %d", authctxt->attempt, authctxt->failures); - - #ifdef WITH_SELINUX -diff -Nur openssh-9.3p1.orig/channels.c openssh-9.3p1/channels.c ---- openssh-9.3p1.orig/channels.c 2023-06-26 17:56:58.689634585 +0200 -+++ openssh-9.3p1/channels.c 2023-06-26 18:26:41.719517151 +0200 -@@ -229,6 +229,9 @@ - /* Setup helper */ - static void channel_handler_init(struct ssh_channels *sc); - -+static int hpn_disabled = 0; -+static int hpn_buffer_size = 2 * 1024 * 1024; -+ - /* -- channel core */ - - void -@@ -495,6 +498,7 @@ - c->local_window = window; - c->local_window_max = window; - c->local_maxpacket = maxpack; -+ c->dynamic_window = 0; - c->remote_name = xstrdup(remote_name); - c->ctl_chan = -1; - c->delayed = 1; /* prevent call to channel_post handler */ -@@ -1203,6 +1207,28 @@ - c->io_want = SSH_CHAN_IO_SOCK_W; - } - -+static int -+channel_tcpwinsz(struct ssh *ssh) -+{ -+ u_int32_t tcpwinsz = 0; -+ socklen_t optsz = sizeof(tcpwinsz); -+ int ret = -1; -+ -+ /* if we aren't on a socket return 128KB */ -+ if (!ssh_packet_connection_is_on_socket(ssh)) -+ return 128 * 1024; -+ -+ ret = getsockopt(ssh_packet_get_connection_in(ssh), -+ SOL_SOCKET, SO_RCVBUF, &tcpwinsz, &optsz); -+ /* return no more than SSHBUF_SIZE_MAX (currently 256MB) */ -+ if ((ret == 0) && tcpwinsz > SSHBUF_SIZE_MAX) -+ tcpwinsz = SSHBUF_SIZE_MAX; -+ -+ debug2("tcpwinsz: tcp connection %d, Receive window: %d", -+ ssh_packet_get_connection_in(ssh), tcpwinsz); -+ return tcpwinsz; -+} -+ - static void - channel_pre_open(struct ssh *ssh, Channel *c) - { -@@ -2305,22 +2331,31 @@ - - if (c->type == SSH_CHANNEL_OPEN && - !(c->flags & (CHAN_CLOSE_SENT|CHAN_CLOSE_RCVD)) && -- ((c->local_window_max - c->local_window > -- c->local_maxpacket*3) || -+ ((ssh_packet_is_interactive(ssh) && -+ c->local_window_max - c->local_window > c->local_maxpacket*3) || - c->local_window < c->local_window_max/2) && - c->local_consumed > 0) { -+ u_int addition = 0; -+ u_int32_t tcpwinsz = channel_tcpwinsz(ssh); -+ /* adjust max window size if we are in a dynamic environment */ -+ if (c->dynamic_window && (tcpwinsz > c->local_window_max)) { -+ /* grow the window somewhat aggressively to maintain pressure */ -+ addition = 1.5 * (tcpwinsz - c->local_window_max); -+ c->local_window_max += addition; -+ debug("Channel: Window growth to %d by %d bytes", c->local_window_max, addition); -+ } - if (!c->have_remote_id) - fatal_f("channel %d: no remote id", c->self); - if ((r = sshpkt_start(ssh, - SSH2_MSG_CHANNEL_WINDOW_ADJUST)) != 0 || - (r = sshpkt_put_u32(ssh, c->remote_id)) != 0 || -- (r = sshpkt_put_u32(ssh, c->local_consumed)) != 0 || -+ (r = sshpkt_put_u32(ssh, c->local_consumed + addition)) != 0 || - (r = sshpkt_send(ssh)) != 0) { - fatal_fr(r, "channel %i", c->self); - } - debug2("channel %d: window %d sent adjust %d", c->self, -- c->local_window, c->local_consumed); -- c->local_window += c->local_consumed; -+ c->local_window, c->local_consumed + addition); -+ c->local_window += c->local_consumed + addition; - c->local_consumed = 0; - } - return 1; -@@ -3717,6 +3752,14 @@ - return addr; - } - -+void -+channel_set_hpn(int external_hpn_disabled, int external_hpn_buffer_size) -+{ -+ hpn_disabled = external_hpn_disabled; -+ hpn_buffer_size = external_hpn_buffer_size; -+ debug("HPN Disabled: %d, HPN Buffer Size: %d", hpn_disabled, hpn_buffer_size); -+} -+ - static int - channel_setup_fwd_listener_tcpip(struct ssh *ssh, int type, - struct Forward *fwd, int *allocated_listen_port, -@@ -3856,8 +3899,10 @@ - } - - /* Allocate a channel number for the socket. */ -+ /* explicitly test for hpn disabled option. if true use smaller window size */ - c = channel_new(ssh, "port-listener", type, sock, sock, -1, -- CHAN_TCP_WINDOW_DEFAULT, CHAN_TCP_PACKET_DEFAULT, -+ hpn_disabled ? CHAN_TCP_WINDOW_DEFAULT : hpn_buffer_size, -+ CHAN_TCP_PACKET_DEFAULT, - 0, "port listener", 1); - c->path = xstrdup(host); - c->host_port = fwd->connect_port; -@@ -5041,7 +5086,8 @@ - sock = socks[n]; - nc = channel_new(ssh, "x11-listener", - SSH_CHANNEL_X11_LISTENER, sock, sock, -1, -- CHAN_X11_WINDOW_DEFAULT, CHAN_X11_PACKET_DEFAULT, -+ hpn_disabled ? CHAN_X11_WINDOW_DEFAULT : hpn_buffer_size, -+ CHAN_X11_PACKET_DEFAULT, - 0, "X11 inet listener", 1); - nc->single_connection = single_connection; - (*chanids)[n] = nc->self; -diff -Nur openssh-9.3p1.orig/channels.h openssh-9.3p1/channels.h ---- openssh-9.3p1.orig/channels.h 2023-06-26 17:56:58.638634445 +0200 -+++ openssh-9.3p1/channels.h 2023-06-26 17:59:24.996036952 +0200 -@@ -173,8 +173,10 @@ - u_int local_window_max; - u_int local_consumed; - u_int local_maxpacket; -+ int dynamic_window; - int extended_usage; - int single_connection; -+ u_int tcpwinsz; - - char *ctype; /* const type - NB. not freed on channel_free */ - char *xctype; /* extended type */ -@@ -254,7 +256,7 @@ - #define SSH_CHAN_IO_SOCK (SSH_CHAN_IO_SOCK_R|SSH_CHAN_IO_SOCK_W) - - /* Read buffer size */ --#define CHAN_RBUF (16*1024) -+#define CHAN_RBUF CHAN_SES_PACKET_DEFAULT - - /* Maximum size for direct reads to buffers */ - #define CHANNEL_MAX_READ CHAN_SES_PACKET_DEFAULT -@@ -396,4 +398,7 @@ - void chan_write_failed(struct ssh *, Channel *); - void chan_obuf_empty(struct ssh *, Channel *); - -+/* hpn handler */ -+void channel_set_hpn(int, int); -+ - #endif -diff -Nur openssh-9.3p1.orig/cipher.c openssh-9.3p1/cipher.c ---- openssh-9.3p1.orig/cipher.c 2023-06-26 17:56:58.717634662 +0200 -+++ openssh-9.3p1/cipher.c 2023-06-26 17:59:24.997036955 +0200 -@@ -48,6 +48,7 @@ - #include "sshbuf.h" - #include "ssherr.h" - #include "digest.h" -+#include "log.h" - - #include "openbsd-compat/openssl-compat.h" - -@@ -55,6 +56,9 @@ - #define EVP_CIPHER_CTX void - #endif - -+/* for multi-threaded aes-ctr cipher */ -+extern const EVP_CIPHER *evp_aes_ctr_mt(void); -+ - struct sshcipher_ctx { - int plaintext; - int encrypt; -@@ -64,7 +68,7 @@ - const struct sshcipher *cipher; - }; - --static const struct sshcipher ciphers[] = { -+static struct sshcipher ciphers[] = { - #ifdef WITH_OPENSSL - #ifndef OPENSSL_NO_DES - { "3des-cbc", 8, 24, 0, 0, CFLAG_CBC, EVP_des_ede3_cbc }, -@@ -131,6 +135,29 @@ - #endif - } - -+/* used to get the cipher name so when force rekeying to handle the -+ * single to multithreaded ctr cipher swap we only rekey when appropriate -+ */ -+const char * -+cipher_ctx_name(const struct sshcipher_ctx *cc) -+{ -+ return cc->cipher->name; -+} -+ -+/* in order to get around sandbox and forking issues with a threaded cipher -+ * we set the initial pre-auth aes-ctr cipher to the default OpenSSH cipher -+ * post auth we set them to the new evp as defined by cipher-ctr-mt -+ */ -+#ifdef WITH_OPENSSL -+void -+cipher_reset_multithreaded(void) -+{ -+ cipher_by_name("aes128-ctr")->evptype = evp_aes_ctr_mt; -+ cipher_by_name("aes192-ctr")->evptype = evp_aes_ctr_mt; -+ cipher_by_name("aes256-ctr")->evptype = evp_aes_ctr_mt; -+} -+#endif -+ - u_int - cipher_blocksize(const struct sshcipher *c) - { -@@ -180,10 +207,10 @@ - return cc->plaintext; - } - --const struct sshcipher * -+struct sshcipher * - cipher_by_name(const char *name) - { -- const struct sshcipher *c; -+ struct sshcipher *c; - for (c = ciphers; c->name != NULL; c++) - if (strcmp(c->name, name) == 0) - return c; -@@ -205,7 +232,8 @@ - for ((p = strsep(&cp, CIPHER_SEP)); p && *p != '\0'; - (p = strsep(&cp, CIPHER_SEP))) { - c = cipher_by_name(p); -- if (c == NULL || (c->flags & CFLAG_INTERNAL) != 0) { -+ if (c == NULL || ((c->flags & CFLAG_INTERNAL) != 0 && -+ (c->flags & CFLAG_NONE) != 0)) { - free(cipher_list); - return 0; - } -diff -Nur openssh-9.3p1.orig/cipher-ctr-mt.c openssh-9.3p1/cipher-ctr-mt.c ---- openssh-9.3p1.orig/cipher-ctr-mt.c 1970-01-01 01:00:00.000000000 +0100 -+++ openssh-9.3p1/cipher-ctr-mt.c 2023-06-26 17:59:24.998036958 +0200 -@@ -0,0 +1,678 @@ -+/* -+ * OpenSSH Multi-threaded AES-CTR Cipher -+ * -+ * Author: Benjamin Bennett -+ * Author: Mike Tasota -+ * Author: Chris Rapier -+ * Copyright (c) 2008-2013 Pittsburgh Supercomputing Center. All rights reserved. -+ * -+ * Based on original OpenSSH AES-CTR cipher. Small portions remain unchanged, -+ * Copyright (c) 2003 Markus Friedl -+ * -+ * Permission to use, copy, modify, and distribute this software for any -+ * purpose with or without fee is hereby granted, provided that the above -+ * copyright notice and this permission notice appear in all copies. -+ * -+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -+ */ -+#include "includes.h" -+ -+#if defined(WITH_OPENSSL) -+#include -+ -+#include -+#include -+ -+#include -+ -+#include "xmalloc.h" -+#include "log.h" -+#include -+ -+/* compatibility with old or broken OpenSSL versions */ -+#include "openbsd-compat/openssl-compat.h" -+ -+#ifndef USE_BUILTIN_RIJNDAEL -+#include -+#endif -+ -+#include -+ -+/*-------------------- TUNABLES --------------------*/ -+/* maximum number of threads and queues */ -+#define MAX_THREADS 32 -+#define MAX_NUMKQ (MAX_THREADS * 2) -+ -+/* Number of pregen threads to use */ -+int cipher_threads = 2; -+ -+/* Number of keystream queues */ -+int numkq = 4; -+ -+/* Length of a keystream queue */ -+#define KQLEN 4096 -+ -+/* Processor cacheline length */ -+#define CACHELINE_LEN 64 -+ -+/* Collect thread stats and print at cancellation when in debug mode */ -+#define CIPHER_THREAD_STATS -+ -+/* Can the system do unaligned loads natively? */ -+#if defined(__aarch64__) || \ -+ defined(__i386__) || \ -+ defined(__powerpc__) || \ -+ defined(__x86_64__) -+# define CIPHER_UNALIGNED_OK -+#endif -+#if defined(__SIZEOF_INT128__) -+# define CIPHER_INT128_OK -+#endif -+/*-------------------- END TUNABLES --------------------*/ -+ -+ -+const EVP_CIPHER *evp_aes_ctr_mt(void); -+ -+#ifdef CIPHER_THREAD_STATS -+/* -+ * Struct to collect thread stats -+ */ -+struct thread_stats { -+ u_int fills; -+ u_int skips; -+ u_int waits; -+ u_int drains; -+}; -+ -+/* -+ * Debug print the thread stats -+ * Use with pthread_cleanup_push for displaying at thread cancellation -+ */ -+static void -+thread_loop_stats(void *x) -+{ -+ struct thread_stats *s = x; -+ debug("AES-CTR MT tid %lu - %u fills, %u skips, %u waits", pthread_self(), -+ s->fills, s->skips, s->waits); -+} -+ -+# define STATS_STRUCT(s) struct thread_stats s -+# define STATS_INIT(s) { memset(&s, 0, sizeof(s)); } -+# define STATS_FILL(s) { s.fills++; } -+# define STATS_SKIP(s) { s.skips++; } -+# define STATS_WAIT(s) { s.waits++; } -+# define STATS_DRAIN(s) { s.drains++; } -+#else -+# define STATS_STRUCT(s) -+# define STATS_INIT(s) -+# define STATS_FILL(s) -+# define STATS_SKIP(s) -+# define STATS_WAIT(s) -+# define STATS_DRAIN(s) -+#endif -+ -+/* Keystream Queue state */ -+enum { -+ KQINIT, -+ KQEMPTY, -+ KQFILLING, -+ KQFULL, -+ KQDRAINING -+}; -+ -+/* Keystream Queue struct */ -+struct kq { -+ u_char keys[KQLEN][AES_BLOCK_SIZE]; -+ u_char ctr[AES_BLOCK_SIZE]; -+ u_char pad0[CACHELINE_LEN]; -+ int qstate; -+ pthread_mutex_t lock; -+ pthread_cond_t cond; -+ u_char pad1[CACHELINE_LEN]; -+}; -+ -+/* Context struct */ -+struct ssh_aes_ctr_ctx_mt -+{ -+ int struct_id; -+ struct kq q[MAX_NUMKQ]; -+ AES_KEY aes_ctx; -+ STATS_STRUCT(stats); -+ u_char aes_counter[AES_BLOCK_SIZE]; -+ pthread_t tid[MAX_THREADS]; -+ int id[MAX_THREADS]; -+ pthread_rwlock_t tid_lock; -+#ifdef __APPLE__ -+ pthread_rwlock_t stop_lock; -+ int exit_flag; -+#endif /* __APPLE__ */ -+ int state; -+ int qidx; -+ int ridx; -+}; -+ -+/* -+ * increment counter 'ctr', -+ * the counter is of size 'len' bytes and stored in network-byte-order. -+ * (LSB at ctr[len-1], MSB at ctr[0]) -+ */ -+static void -+ssh_ctr_inc(u_char *ctr, size_t len) -+{ -+ int i; -+ -+ for (i = len - 1; i >= 0; i--) -+ if (++ctr[i]) /* continue on overflow */ -+ return; -+} -+ -+/* -+ * Add num to counter 'ctr' -+ */ -+static void -+ssh_ctr_add(u_char *ctr, uint32_t num, u_int len) -+{ -+ int i; -+ uint16_t n; -+ -+ for (n = 0, i = len - 1; i >= 0 && (num || n); i--) { -+ n = ctr[i] + (num & 0xff) + n; -+ num >>= 8; -+ ctr[i] = n & 0xff; -+ n >>= 8; -+ } -+} -+ -+/* -+ * Threads may be cancelled in a pthread_cond_wait, we must free the mutex -+ */ -+static void -+thread_loop_cleanup(void *x) -+{ -+ pthread_mutex_unlock((pthread_mutex_t *)x); -+} -+ -+#ifdef __APPLE__ -+/* Check if we should exit, we are doing both cancel and exit condition -+ * since on OSX threads seem to occasionally fail to notice when they have -+ * been cancelled. We want to have a backup to make sure that we won't hang -+ * when the main process join()-s the cancelled thread. -+ */ -+static void -+thread_loop_check_exit(struct ssh_aes_ctr_ctx_mt *c) -+{ -+ int exit_flag; -+ -+ pthread_rwlock_rdlock(&c->stop_lock); -+ exit_flag = c->exit_flag; -+ pthread_rwlock_unlock(&c->stop_lock); -+ -+ if (exit_flag) -+ pthread_exit(NULL); -+} -+#else -+# define thread_loop_check_exit(s) -+#endif /* __APPLE__ */ -+ -+/* -+ * Helper function to terminate the helper threads -+ */ -+static void -+stop_and_join_pregen_threads(struct ssh_aes_ctr_ctx_mt *c) -+{ -+ int i; -+ -+#ifdef __APPLE__ -+ /* notify threads that they should exit */ -+ pthread_rwlock_wrlock(&c->stop_lock); -+ c->exit_flag = TRUE; -+ pthread_rwlock_unlock(&c->stop_lock); -+#endif /* __APPLE__ */ -+ -+ /* Cancel pregen threads */ -+ for (i = 0; i < cipher_threads; i++) { -+ debug ("Canceled %lu (%d,%d)", c->tid[i], c->struct_id, c->id[i]); -+ pthread_cancel(c->tid[i]); -+ } -+ /* shouldn't need this - see commit logs for hpn-7_7_P1 -cjr 11/7/19*/ -+ /* for (i = 0; i < numkq; i++) { */ -+ /* pthread_mutex_lock(&c->q[i].lock); */ -+ /* pthread_cond_broadcast(&c->q[i].cond); */ -+ /* pthread_mutex_unlock(&c->q[i].lock); */ -+ /* } */ -+ for (i = 0; i < cipher_threads; i++) { -+ if (pthread_kill(c->tid[i], 0) != 0) -+ debug3("AES-CTR MT pthread_join failure: Invalid thread id %lu in %s", c->tid[i], __FUNCTION__); -+ else { -+ debug ("Joining %lu (%d, %d)", c->tid[i], c->struct_id, c->id[i]); -+ pthread_join(c->tid[i], NULL); -+ } -+ } -+} -+ -+/* -+ * The life of a pregen thread: -+ * Find empty keystream queues and fill them using their counter. -+ * When done, update counter for the next fill. -+ */ -+static void * -+thread_loop(void *x) -+{ -+ AES_KEY key; -+ STATS_STRUCT(stats); -+ struct ssh_aes_ctr_ctx_mt *c = x; -+ struct kq *q; -+ int i; -+ int qidx; -+ pthread_t first_tid; -+ -+ /* Threads stats on cancellation */ -+ STATS_INIT(stats); -+#ifdef CIPHER_THREAD_STATS -+ pthread_cleanup_push(thread_loop_stats, &stats); -+#endif -+ -+ /* Thread local copy of AES key */ -+ memcpy(&key, &c->aes_ctx, sizeof(key)); -+ -+ pthread_rwlock_rdlock(&c->tid_lock); -+ first_tid = c->tid[0]; -+ pthread_rwlock_unlock(&c->tid_lock); -+ -+ /* -+ * Handle the special case of startup, one thread must fill -+ * the first KQ then mark it as draining. Lock held throughout. -+ */ -+ if (pthread_equal(pthread_self(), first_tid)) { -+ q = &c->q[0]; -+ pthread_mutex_lock(&q->lock); -+ if (q->qstate == KQINIT) { -+ for (i = 0; i < KQLEN; i++) { -+ AES_encrypt(q->ctr, q->keys[i], &key); -+ ssh_ctr_inc(q->ctr, AES_BLOCK_SIZE); -+ } -+ ssh_ctr_add(q->ctr, KQLEN * (numkq - 1), AES_BLOCK_SIZE); -+ q->qstate = KQDRAINING; -+ STATS_FILL(stats); -+ pthread_cond_broadcast(&q->cond); -+ } -+ pthread_mutex_unlock(&q->lock); -+ } else -+ STATS_SKIP(stats); -+ -+ /* -+ * Normal case is to find empty queues and fill them, skipping over -+ * queues already filled by other threads and stopping to wait for -+ * a draining queue to become empty. -+ * -+ * Multiple threads may be waiting on a draining queue and awoken -+ * when empty. The first thread to wake will mark it as filling, -+ * others will move on to fill, skip, or wait on the next queue. -+ */ -+ for (qidx = 1;; qidx = (qidx + 1) % numkq) { -+ /* Check if I was cancelled, also checked in cond_wait */ -+ pthread_testcancel(); -+ -+ /* Check if we should exit as well */ -+ thread_loop_check_exit(c); -+ -+ /* Lock queue and block if its draining */ -+ q = &c->q[qidx]; -+ pthread_mutex_lock(&q->lock); -+ pthread_cleanup_push(thread_loop_cleanup, &q->lock); -+ while (q->qstate == KQDRAINING || q->qstate == KQINIT) { -+ STATS_WAIT(stats); -+ thread_loop_check_exit(c); -+ pthread_cond_wait(&q->cond, &q->lock); -+ } -+ pthread_cleanup_pop(0); -+ -+ /* If filling or full, somebody else got it, skip */ -+ if (q->qstate != KQEMPTY) { -+ pthread_mutex_unlock(&q->lock); -+ STATS_SKIP(stats); -+ continue; -+ } -+ -+ /* -+ * Empty, let's fill it. -+ * Queue lock is relinquished while we do this so others -+ * can see that it's being filled. -+ */ -+ q->qstate = KQFILLING; -+ pthread_cond_broadcast(&q->cond); -+ pthread_mutex_unlock(&q->lock); -+ for (i = 0; i < KQLEN; i++) { -+ AES_encrypt(q->ctr, q->keys[i], &key); -+ ssh_ctr_inc(q->ctr, AES_BLOCK_SIZE); -+ } -+ -+ /* Re-lock, mark full and signal consumer */ -+ pthread_mutex_lock(&q->lock); -+ ssh_ctr_add(q->ctr, KQLEN * (numkq - 1), AES_BLOCK_SIZE); -+ q->qstate = KQFULL; -+ STATS_FILL(stats); -+ pthread_cond_broadcast(&q->cond); -+ pthread_mutex_unlock(&q->lock); -+ } -+ -+#ifdef CIPHER_THREAD_STATS -+ /* Stats */ -+ pthread_cleanup_pop(1); -+#endif -+ -+ return NULL; -+} -+ -+static int -+ssh_aes_ctr(EVP_CIPHER_CTX *ctx, u_char *dest, const u_char *src, -+ LIBCRYPTO_EVP_INL_TYPE len) -+{ -+ typedef union { -+#ifdef CIPHER_INT128_OK -+ __uint128_t *u128; -+#endif -+ uint64_t *u64; -+ uint32_t *u32; -+ uint8_t *u8; -+ const uint8_t *cu8; -+ uintptr_t u; -+ } ptrs_t; -+ ptrs_t destp, srcp, bufp; -+ uintptr_t align; -+ struct ssh_aes_ctr_ctx_mt *c; -+ struct kq *q, *oldq; -+ int ridx; -+ u_char *buf; -+ -+ if (len == 0) -+ return 1; -+ if ((c = EVP_CIPHER_CTX_get_app_data(ctx)) == NULL) -+ return 0; -+ -+ q = &c->q[c->qidx]; -+ ridx = c->ridx; -+ -+ /* src already padded to block multiple */ -+ srcp.cu8 = src; -+ destp.u8 = dest; -+ while (len > 0) { -+ buf = q->keys[ridx]; -+ bufp.u8 = buf; -+ -+ /* figure out the alignment on the fly */ -+#ifdef CIPHER_UNALIGNED_OK -+ align = 0; -+#else -+ align = destp.u | srcp.u | bufp.u; -+#endif -+ -+#ifdef CIPHER_INT128_OK -+ if ((align & 0xf) == 0) { -+ destp.u128[0] = srcp.u128[0] ^ bufp.u128[0]; -+ } else -+#endif -+ if ((align & 0x7) == 0) { -+ destp.u64[0] = srcp.u64[0] ^ bufp.u64[0]; -+ destp.u64[1] = srcp.u64[1] ^ bufp.u64[1]; -+ } else if ((align & 0x3) == 0) { -+ destp.u32[0] = srcp.u32[0] ^ bufp.u32[0]; -+ destp.u32[1] = srcp.u32[1] ^ bufp.u32[1]; -+ destp.u32[2] = srcp.u32[2] ^ bufp.u32[2]; -+ destp.u32[3] = srcp.u32[3] ^ bufp.u32[3]; -+ } else { -+ size_t i; -+ for (i = 0; i < AES_BLOCK_SIZE; ++i) -+ dest[i] = src[i] ^ buf[i]; -+ } -+ -+ destp.u += AES_BLOCK_SIZE; -+ srcp.u += AES_BLOCK_SIZE; -+ len -= AES_BLOCK_SIZE; -+ ssh_ctr_inc(c->aes_counter, AES_BLOCK_SIZE); -+ -+ /* Increment read index, switch queues on rollover */ -+ if ((ridx = (ridx + 1) % KQLEN) == 0) { -+ oldq = q; -+ -+ /* Mark next queue draining, may need to wait */ -+ c->qidx = (c->qidx + 1) % numkq; -+ q = &c->q[c->qidx]; -+ pthread_mutex_lock(&q->lock); -+ while (q->qstate != KQFULL) { -+ STATS_WAIT(c->stats); -+ pthread_cond_wait(&q->cond, &q->lock); -+ } -+ q->qstate = KQDRAINING; -+ pthread_cond_broadcast(&q->cond); -+ pthread_mutex_unlock(&q->lock); -+ -+ /* Mark consumed queue empty and signal producers */ -+ pthread_mutex_lock(&oldq->lock); -+ oldq->qstate = KQEMPTY; -+ STATS_DRAIN(c->stats); -+ pthread_cond_broadcast(&oldq->cond); -+ pthread_mutex_unlock(&oldq->lock); -+ } -+ } -+ c->ridx = ridx; -+ return 1; -+} -+ -+#define HAVE_NONE 0 -+#define HAVE_KEY 1 -+#define HAVE_IV 2 -+ -+int X = 0; -+ -+static int -+ssh_aes_ctr_init(EVP_CIPHER_CTX *ctx, const u_char *key, const u_char *iv, -+ int enc) -+{ -+ struct ssh_aes_ctr_ctx_mt *c; -+ int i; -+ -+ /* get the number of cores in the system */ -+ /* if it's not linux it currently defaults to 2 */ -+ /* divide by 2 to get threads for each direction (MODE_IN||MODE_OUT) */ -+#ifdef __linux__ -+ cipher_threads = sysconf(_SC_NPROCESSORS_ONLN) / 2; -+#endif /*__linux__*/ -+#ifdef __APPLE__ -+ cipher_threads = sysconf(_SC_NPROCESSORS_ONLN) / 2; -+#endif /*__APPLE__*/ -+#ifdef __FREEBSD__ -+ int req[2]; -+ size_t len; -+ -+ req[0] = CTL_HW; -+ req[1] = HW_NCPU; -+ -+ len = sizeof(ncpu); -+ sysctl(req, 2, &cipher_threads, &len, NULL, 0); -+ cipher_threads = cipher_threads / 2; -+#endif /*__FREEBSD__*/ -+ -+ /* if they have less than 4 cores spin up 4 threads anyway */ -+ if (cipher_threads < 2) -+ cipher_threads = 2; -+ -+ /* assure that we aren't trying to create more threads */ -+ /* than we have in the struct. cipher_threads is half the */ -+ /* total of allowable threads hence the odd looking math here */ -+ if (cipher_threads * 2 > MAX_THREADS) -+ cipher_threads = MAX_THREADS / 2; -+ -+ /* set the number of keystream queues */ -+ numkq = cipher_threads * 2; -+ -+ if ((c = EVP_CIPHER_CTX_get_app_data(ctx)) == NULL) { -+ c = xmalloc(sizeof(*c)); -+ pthread_rwlock_init(&c->tid_lock, NULL); -+#ifdef __APPLE__ -+ pthread_rwlock_init(&c->stop_lock, NULL); -+ c->exit_flag = FALSE; -+#endif /* __APPLE__ */ -+ -+ c->state = HAVE_NONE; -+ for (i = 0; i < numkq; i++) { -+ pthread_mutex_init(&c->q[i].lock, NULL); -+ pthread_cond_init(&c->q[i].cond, NULL); -+ } -+ -+ STATS_INIT(c->stats); -+ EVP_CIPHER_CTX_set_app_data(ctx, c); -+ } -+ -+ if (c->state == (HAVE_KEY | HAVE_IV)) { -+ /* tell the pregen threads to exit */ -+ stop_and_join_pregen_threads(c); -+ -+#ifdef __APPLE__ -+ /* reset the exit flag */ -+ c->exit_flag = FALSE; -+#endif /* __APPLE__ */ -+ -+ /* Start over getting key & iv */ -+ c->state = HAVE_NONE; -+ } -+ -+ if (key != NULL) { -+ AES_set_encrypt_key(key, EVP_CIPHER_CTX_key_length(ctx) * 8, -+ &c->aes_ctx); -+ c->state |= HAVE_KEY; -+ } -+ -+ if (iv != NULL) { -+ memcpy(c->aes_counter, iv, AES_BLOCK_SIZE); -+ c->state |= HAVE_IV; -+ } -+ -+ if (c->state == (HAVE_KEY | HAVE_IV)) { -+ /* Clear queues */ -+ memcpy(c->q[0].ctr, c->aes_counter, AES_BLOCK_SIZE); -+ c->q[0].qstate = KQINIT; -+ for (i = 1; i < numkq; i++) { -+ memcpy(c->q[i].ctr, c->aes_counter, AES_BLOCK_SIZE); -+ ssh_ctr_add(c->q[i].ctr, i * KQLEN, AES_BLOCK_SIZE); -+ c->q[i].qstate = KQEMPTY; -+ } -+ c->qidx = 0; -+ c->ridx = 0; -+ -+ /* Start threads */ -+ for (i = 0; i < cipher_threads; i++) { -+ pthread_rwlock_wrlock(&c->tid_lock); -+ if (pthread_create(&c->tid[i], NULL, thread_loop, c) != 0) -+ debug ("AES-CTR MT Could not create thread in %s", __FUNCTION__); /*should die here */ -+ else { -+ if (!c->struct_id) -+ c->struct_id = X++; -+ c->id[i] = i; -+ debug ("AES-CTR MT spawned a thread with id %lu in %s (%d, %d)", c->tid[i], __FUNCTION__, c->struct_id, c->id[i]); -+ } -+ pthread_rwlock_unlock(&c->tid_lock); -+ } -+ pthread_mutex_lock(&c->q[0].lock); -+ while (c->q[0].qstate == KQINIT) -+ pthread_cond_wait(&c->q[0].cond, &c->q[0].lock); -+ pthread_mutex_unlock(&c->q[0].lock); -+ } -+ return 1; -+} -+ -+/* this function is no longer used but might prove handy in the future -+ * this comment also applies to ssh_aes_ctr_thread_reconstruction -+ */ -+void -+ssh_aes_ctr_thread_destroy(EVP_CIPHER_CTX *ctx) -+{ -+ struct ssh_aes_ctr_ctx_mt *c; -+ -+ c = EVP_CIPHER_CTX_get_app_data(ctx); -+ stop_and_join_pregen_threads(c); -+} -+ -+void -+ssh_aes_ctr_thread_reconstruction(EVP_CIPHER_CTX *ctx) -+{ -+ struct ssh_aes_ctr_ctx_mt *c; -+ int i; -+ c = EVP_CIPHER_CTX_get_app_data(ctx); -+ /* reconstruct threads */ -+ for (i = 0; i < cipher_threads; i++) { -+ pthread_rwlock_wrlock(&c->tid_lock); -+ if (pthread_create(&c->tid[i], NULL, thread_loop, c) !=0 ) -+ debug("AES-CTR MT could not create thread in %s", __FUNCTION__); -+ else { -+ c->struct_id = X++; -+ c->id[i] = i; -+ debug ("AES-CTR MT spawned a thread with id %lu in %s (%d, %d)", c->tid[i], __FUNCTION__, c->struct_id, c->id[i]); -+ debug("AES-CTR MT spawned a thread with id %lu in %s", c->tid[i], __FUNCTION__); -+ } -+ pthread_rwlock_unlock(&c->tid_lock); -+ } -+} -+ -+static int -+ssh_aes_ctr_cleanup(EVP_CIPHER_CTX *ctx) -+{ -+ struct ssh_aes_ctr_ctx_mt *c; -+ -+ if ((c = EVP_CIPHER_CTX_get_app_data(ctx)) != NULL) { -+#ifdef CIPHER_THREAD_STATS -+ debug("AES-CTR MT main thread: %u drains, %u waits", c->stats.drains, -+ c->stats.waits); -+#endif -+ stop_and_join_pregen_threads(c); -+ -+ memset(c, 0, sizeof(*c)); -+ free(c); -+ EVP_CIPHER_CTX_set_app_data(ctx, NULL); -+ } -+ return 1; -+} -+ -+/* */ -+const EVP_CIPHER * -+evp_aes_ctr_mt(void) -+{ -+# if OPENSSL_VERSION_NUMBER >= 0x10100000UL -+ static EVP_CIPHER *aes_ctr; -+ aes_ctr = EVP_CIPHER_meth_new(NID_undef, 16/*block*/, 16/*key*/); -+ EVP_CIPHER_meth_set_iv_length(aes_ctr, AES_BLOCK_SIZE); -+ EVP_CIPHER_meth_set_init(aes_ctr, ssh_aes_ctr_init); -+ EVP_CIPHER_meth_set_cleanup(aes_ctr, ssh_aes_ctr_cleanup); -+ EVP_CIPHER_meth_set_do_cipher(aes_ctr, ssh_aes_ctr); -+# ifndef SSH_OLD_EVP -+ EVP_CIPHER_meth_set_flags(aes_ctr, EVP_CIPH_CBC_MODE -+ | EVP_CIPH_VARIABLE_LENGTH -+ | EVP_CIPH_ALWAYS_CALL_INIT -+ | EVP_CIPH_CUSTOM_IV); -+# endif /*SSH_OLD_EVP*/ -+ return (aes_ctr); -+# else /*earlier versions of openssl*/ -+ static EVP_CIPHER aes_ctr; -+ memset(&aes_ctr, 0, sizeof(EVP_CIPHER)); -+ aes_ctr.nid = NID_undef; -+ aes_ctr.block_size = AES_BLOCK_SIZE; -+ aes_ctr.iv_len = AES_BLOCK_SIZE; -+ aes_ctr.key_len = 16; -+ aes_ctr.init = ssh_aes_ctr_init; -+ aes_ctr.cleanup = ssh_aes_ctr_cleanup; -+ aes_ctr.do_cipher = ssh_aes_ctr; -+# ifndef SSH_OLD_EVP -+ aes_ctr.flags = EVP_CIPH_CBC_MODE | EVP_CIPH_VARIABLE_LENGTH | -+ EVP_CIPH_ALWAYS_CALL_INIT | EVP_CIPH_CUSTOM_IV; -+# endif /*SSH_OLD_EVP*/ -+ return &aes_ctr; -+# endif /*OPENSSH_VERSION_NUMBER*/ -+} -+ -+#endif /* defined(WITH_OPENSSL) */ -diff -Nur openssh-9.3p1.orig/cipher.h openssh-9.3p1/cipher.h ---- openssh-9.3p1.orig/cipher.h 2023-06-26 17:56:58.717634662 +0200 -+++ openssh-9.3p1/cipher.h 2023-06-26 17:59:24.999036961 +0200 -@@ -68,7 +68,9 @@ - - struct sshcipher_ctx; - --const struct sshcipher *cipher_by_name(const char *); -+void ssh_aes_ctr_thread_destroy(EVP_CIPHER_CTX *ctx); // defined in cipher-ctr-mt.c -+void ssh_aes_ctr_thread_reconstruction(EVP_CIPHER_CTX *ctx); -+struct sshcipher *cipher_by_name(const char *); - const char *cipher_warning_message(const struct sshcipher_ctx *); - int ciphers_valid(const char *); - char *cipher_alg_list(char, int); -@@ -86,6 +88,8 @@ - u_int cipher_authlen(const struct sshcipher *); - u_int cipher_ivlen(const struct sshcipher *); - u_int cipher_is_cbc(const struct sshcipher *); -+void cipher_reset_multithreaded(void); -+const char *cipher_ctx_name(const struct sshcipher_ctx *); - - u_int cipher_ctx_is_plaintext(struct sshcipher_ctx *); - -diff -Nur openssh-9.3p1.orig/clientloop.c openssh-9.3p1/clientloop.c ---- openssh-9.3p1.orig/clientloop.c 2023-06-26 17:56:58.584634296 +0200 -+++ openssh-9.3p1/clientloop.c 2023-06-26 17:59:25.000036964 +0200 -@@ -1646,7 +1646,9 @@ - return NULL; - c = channel_new(ssh, "x11", - SSH_CHANNEL_X11_OPEN, sock, sock, -1, -- CHAN_TCP_WINDOW_DEFAULT, CHAN_X11_PACKET_DEFAULT, 0, "x11", 1); -+ /* again is this really necessary for X11? */ -+ options.hpn_disabled ? CHAN_TCP_WINDOW_DEFAULT : options.hpn_buffer_size, -+ CHAN_X11_PACKET_DEFAULT, 0, "x11", 1); - c->force_drain = 1; - return c; - } -@@ -1681,7 +1683,8 @@ - - c = channel_new(ssh, "authentication agent connection", - SSH_CHANNEL_OPEN, sock, sock, -1, -- CHAN_X11_WINDOW_DEFAULT, CHAN_TCP_PACKET_DEFAULT, 0, -+ options.hpn_disabled ? CHAN_X11_WINDOW_DEFAULT : options.hpn_buffer_size, -+ CHAN_TCP_PACKET_DEFAULT, 0, - "authentication agent connection", 1); - c->force_drain = 1; - return c; -@@ -1708,7 +1711,8 @@ - debug("Tunnel forwarding using interface %s", ifname); - - c = channel_new(ssh, "tun", SSH_CHANNEL_OPENING, fd, fd, -1, -- CHAN_TCP_WINDOW_DEFAULT, CHAN_TCP_PACKET_DEFAULT, 0, "tun", 1); -+ options.hpn_disabled ? CHAN_TCP_WINDOW_DEFAULT : options.hpn_buffer_size, -+ CHAN_TCP_PACKET_DEFAULT, 0, "tun", 1); - c->datagram = 1; - - #if defined(SSH_TUN_FILTER) -diff -Nur openssh-9.3p1.orig/compat.c openssh-9.3p1/compat.c ---- openssh-9.3p1.orig/compat.c 2023-06-26 17:56:58.764634791 +0200 -+++ openssh-9.3p1/compat.c 2023-06-26 17:59:25.001036966 +0200 -@@ -135,6 +135,17 @@ - ssh->compat = check[i].bugs; - if (forbid_ssh_rsa) - ssh->compat |= SSH_RH_RSASIGSHA; -+ /* Check to see if the remote side is OpenSSH and not HPN */ -+ /* TODO: See if we can work this into the new method for bug checks */ -+ if (strstr(version, "OpenSSH") != NULL) { -+ if (strstr(version, "hpn") == NULL) { -+ ssh->compat |= SSH_BUG_LARGEWINDOW; -+ debug("Remote is NOT HPN enabled"); -+ } else { -+ debug("Remote is HPN Enabled"); -+ } -+ } -+ debug("ssh->compat is %u", ssh->compat); - return; - } - } -diff -Nur openssh-9.3p1.orig/compat.h openssh-9.3p1/compat.h ---- openssh-9.3p1.orig/compat.h 2023-06-26 17:56:58.765634794 +0200 -+++ openssh-9.3p1/compat.h 2023-06-26 17:59:25.001036966 +0200 -@@ -57,6 +57,7 @@ - #define SSH_BUG_CURVE25519PAD 0x10000000 - #define SSH_BUG_HOSTKEYS 0x20000000 - #define SSH_BUG_DHGEX_LARGE 0x40000000 -+#define SSH_BUG_LARGEWINDOW 0x80000000 - - struct ssh; - -diff -Nur openssh-9.3p1.orig/defines.h openssh-9.3p1/defines.h ---- openssh-9.3p1.orig/defines.h 2023-03-15 22:28:19.000000000 +0100 -+++ openssh-9.3p1/defines.h 2023-06-26 17:59:25.002036969 +0200 -@@ -889,7 +889,7 @@ - #endif - - #ifndef SSH_IOBUFSZ --# define SSH_IOBUFSZ 8192 -+# define SSH_IOBUFSZ 32*1024 - #endif - - /* -diff -Nur openssh-9.3p1.orig/digest.h openssh-9.3p1/digest.h ---- openssh-9.3p1.orig/digest.h 2023-06-26 17:56:58.672634538 +0200 -+++ openssh-9.3p1/digest.h 2023-06-26 17:59:25.002036969 +0200 -@@ -27,7 +27,8 @@ - #define SSH_DIGEST_SHA256 2 - #define SSH_DIGEST_SHA384 3 - #define SSH_DIGEST_SHA512 4 --#define SSH_DIGEST_MAX 5 -+#define SSH_DIGEST_NULL 5 -+#define SSH_DIGEST_MAX 6 - - struct sshbuf; - struct ssh_digest_ctx; -diff -Nur openssh-9.3p1.orig/digest-openssl.c openssh-9.3p1/digest-openssl.c ---- openssh-9.3p1.orig/digest-openssl.c 2023-06-26 17:56:58.672634538 +0200 -+++ openssh-9.3p1/digest-openssl.c 2023-06-26 17:59:25.002036969 +0200 -@@ -61,6 +61,7 @@ - { SSH_DIGEST_SHA256, "SHA256", 32, EVP_sha256 }, - { SSH_DIGEST_SHA384, "SHA384", 48, EVP_sha384 }, - { SSH_DIGEST_SHA512, "SHA512", 64, EVP_sha512 }, -+ { SSH_DIGEST_NULL, "NONEMAC", 0, EVP_md_null}, - { -1, NULL, 0, NULL }, - }; - -diff -Nur openssh-9.3p1.orig/HPN-README openssh-9.3p1/HPN-README ---- openssh-9.3p1.orig/HPN-README 1970-01-01 01:00:00.000000000 +0100 -+++ openssh-9.3p1/HPN-README 2023-06-26 17:59:25.003036972 +0200 -@@ -0,0 +1,153 @@ -+Notes: -+ -+MULTI-THREADED CIPHER: -+The AES cipher in CTR mode has been multithreaded (MTR-AES-CTR). This will allow ssh installations -+on hosts with multiple cores to use more than one processing core during encryption. -+Tests have show significant throughput performance increases when using MTR-AES-CTR up -+to and including a full gigabit per second on quad core systems. It should be possible to -+achieve full line rate on dual core systems but OS and data management overhead makes this -+more difficult to achieve. The cipher stream from MTR-AES-CTR is entirely compatible with single -+thread AES-CTR (ST-AES-CTR) implementations and should be 100% backward compatible. Optimal -+performance requires the MTR-AES-CTR mode be enabled on both ends of the connection. -+The MTR-AES-CTR replaces ST-AES-CTR and is used in exactly the same way with the same -+nomenclature. -+Use examples: -+ ssh -caes128-ctr you@host.com -+ scp -oCipher=aes256-ctr file you@host.com:~/file -+ -+NONE CIPHER: -+To use the NONE option you must have the NoneEnabled switch set on the server and -+you *must* have *both* NoneEnabled and NoneSwitch set to yes on the client. The NONE -+feature works with ALL ssh subsystems (as far as we can tell) *AS LONG AS* a tty is not -+spawned. If a user uses the -T switch to prevent a tty being created the NONE cipher will -+be disabled. -+ -+The performance increase will only be as good as the network and TCP stack tuning -+on the reciever side of the connection allows. As a rule of thumb a user will need -+at least 10Mb/s connection with a 100ms RTT to see a doubling of performance. The -+HPN-SSH home page describes this in greater detail. -+ -+http://www.psc.edu/networking/projects/hpn-ssh -+ -+NONE MAC: -+Starting with HPN 15v1 users will have the option to disable HMAC (message -+authentication ciphers) when using the NONE cipher. You must enable the following: -+NoneEnabled, NoneSwitch, and NoneMacEnabled. If all three are not enabled the None MAC -+will be automatically disabled. In tests the use of the None MAC improved throuput by -+more than 30%. -+ -+ex: scp -oNoneSwitch=yes -oNoneEnabled=yes -oNoneMacEnabled=yes file host:~ -+ -+BUFFER SIZES: -+ -+If HPN is disabled the receive buffer size will be set to the -+OpenSSH default of 2MB (for OpenSSH versions before 4.7: 64KB). -+ -+If an HPN system connects to a nonHPN system the receive buffer will -+be set to the HPNBufferSize value. The default is 2MB but user adjustable. -+ -+If an HPN to HPN connection is established a number of different things might -+happen based on the user options and conditions. -+ -+Conditions: HPNBufferSize NOT Set, TCPRcvBufPoll enabled, TCPRcvBuf NOT Set -+HPN Buffer Size = up to 64MB -+This is the default state. The HPN buffer size will grow to a maximum of 64MB -+as the TCP receive buffer grows. The maximum HPN Buffer size of 64MB is -+geared towards 10GigE transcontinental connections. -+ -+Conditions: HPNBufferSize NOT Set, TCPRcvBufPoll disabled, TCPRcvBuf NOT Set -+HPN Buffer Size = TCP receive buffer value. -+Users on non-autotuning systems should disable TCPRcvBufPoll in the -+ssh_config and sshd_config -+ -+Conditions: HPNBufferSize SET, TCPRcvBufPoll disabled, TCPRcvBuf NOT Set -+HPN Buffer Size = minimum of TCP receive buffer and HPNBufferSize. -+This would be the system defined TCP receive buffer (RWIN). -+ -+Conditions: HPNBufferSize SET, TCPRcvBufPoll disabled, TCPRcvBuf SET -+HPN Buffer Size = minimum of TCPRcvBuf and HPNBufferSize. -+Generally there is no need to set both. -+ -+Conditions: HPNBufferSize SET, TCPRcvBufPoll enabled, TCPRcvBuf NOT Set -+HPN Buffer Size = grows to HPNBufferSize -+The buffer will grow up to the maximum size specified here. -+ -+Conditions: HPNBufferSize SET, TCPRcvBufPoll enabled, TCPRcvBuf SET -+HPN Buffer Size = minimum of TCPRcvBuf and HPNBufferSize. -+Generally there is no need to set both of these, especially on autotuning -+systems. However, if the users wishes to override the autotuning this would be -+one way to do it. -+ -+Conditions: HPNBufferSize NOT Set, TCPRcvBufPoll enabled, TCPRcvBuf SET -+HPN Buffer Size = TCPRcvBuf. -+This will override autotuning and set the TCP recieve buffer to the user defined -+value. -+ -+ -+HPN Specific Configuration options -+ -+TcpRcvBuf=[int]KB client -+ Set the TCP socket receive buffer to n Kilobytes. It can be set up to the -+maximum socket size allowed by the system. This is useful in situations where -+the tcp receive window is set low but the maximum buffer size is set -+higher (as is typical). This works on a per TCP connection basis. You can also -+use this to artifically limit the transfer rate of the connection. In these -+cases the throughput will be no more than n/RTT. The minimum buffer size is 1KB. -+Default is the current system wide tcp receive buffer size. -+ -+TcpRcvBufPoll=[yes/no] client/server -+ Enable of disable the polling of the tcp receive buffer through the life -+of the connection. You would want to make sure that this option is enabled -+for systems making use of autotuning kernels (linux 2.4.24+, 2.6, MS Vista) -+default is yes. -+ -+NoneEnabled=[yes/no] client/server -+ Enable or disable the use of the None cipher. Care must always be used -+when enabling this as it will allow users to send data in the clear. However, -+it is important to note that authentication information remains encrypted -+even if this option is enabled. Set to no by default. -+ -+NoneMacEnabled=[yes/no] client/server -+ Enable or disable the use of the None MAC. When this is enabled ssh -+will *not* provide data integrity of any data being transmitted between hosts. Use -+with caution as it, unlike just using NoneEnabled, doesn't provide data integrity and -+protection against man-in-the-middle attacks. As with NoneEnabled all authentication -+remains encrypted and integrity is ensured. Default is no. -+ -+NoneSwitch=[yes/no] client -+ Switch the encryption cipher being used to the None cipher after -+authentication takes place. NoneEnabled must be enabled on both the client -+and server side of the connection. When the connection switches to the NONE -+cipher a warning is sent to STDERR. The connection attempt will fail with an -+error if a client requests a NoneSwitch from the server that does not explicitly -+have NoneEnabled set to yes. Note: The NONE cipher cannot be used in -+interactive (shell) sessions and it will fail silently. Set to no by default. -+ -+HPNDisabled=[yes/no] client/server -+ In some situations, such as transfers on a local area network, the impact -+of the HPN code produces a net decrease in performance. In these cases it is -+helpful to disable the HPN functionality. By default HPNDisabled is set to no. -+ -+HPNBufferSize=[int]KB client/server -+ This is the default buffer size the HPN functionality uses when interacting -+with nonHPN SSH installations. Conceptually this is similar to the TcpRcvBuf -+option as applied to the internal SSH flow control. This value can range from -+1KB to 64MB (1-65536). Use of oversized or undersized buffers can cause performance -+problems depending on the length of the network path. The default size of this buffer -+is 2MB. -+ -+DisableMTAES=[yes/no] client/server -+ Switch the encryption cipher being used from the multithreaded MT-AES-CTR cipher -+back to the stock single-threaded AES-CTR cipher. Useful on modern processors with -+AES-NI instructions which make the stock single-threaded AES-CTR cipher faster than -+the multithreaded MT-AES-CTR cipher. Set to no by default. -+ -+ -+Credits: This patch was conceived, designed, and led by Chris Rapier (rapier@psc.edu) -+ The majority of the actual coding for versions up to HPN12v1 was performed -+ by Michael Stevens (mstevens@andrew.cmu.edu). The MT-AES-CTR cipher was -+ implemented by Ben Bennet (ben@psc.edu) and improved by Mike Tasota -+ (tasota@gmail.com) an NSF REU grant recipient for 2013. -+ Allan Jude provided the code for the NoneMac and buffer normalization. -+ This work was financed, in part, by Cisco System, Inc., the National -+ Library of Medicine, and the National Science Foundation. -diff -Nur openssh-9.3p1.orig/kex.c openssh-9.3p1/kex.c ---- openssh-9.3p1.orig/kex.c 2023-06-26 17:56:58.759634778 +0200 -+++ openssh-9.3p1/kex.c 2023-06-26 17:59:25.004036975 +0200 -@@ -65,6 +65,7 @@ - - #include "ssherr.h" - #include "sshbuf.h" -+#include "canohost.h" - #include "digest.h" - #include "xmalloc.h" - #include "audit.h" -@@ -1061,6 +1062,11 @@ - int nenc, nmac, ncomp; - u_int mode, ctos, need, dh_need, authlen; - int r, first_kex_follows; -+ int auth_flag = 0; -+ int log_flag = 0; -+ -+ auth_flag = packet_authentication_state(ssh); -+ debug("AUTH STATE IS %d", auth_flag); - - debug2("local %s KEXINIT proposal", kex->server ? "server" : "client"); - if ((r = kex_buf2prop(kex->my, NULL, &my)) != 0) -@@ -1141,11 +1147,40 @@ - peer[ncomp] = NULL; - goto out; - } -+ debug("REQUESTED ENC.NAME is '%s'", newkeys->enc.name); -+ debug("REQUESTED MAC.NAME is '%s'", newkeys->mac.name); -+ if (strcmp(newkeys->enc.name, "none") == 0) { -+ if (auth_flag == 1) { -+ debug("None requested post authentication."); -+ ssh->none = 1; -+ } -+ else -+ fatal("Pre-authentication none cipher requests are not allowed."); -+ if (newkeys->mac.name != NULL && strcmp(newkeys->mac.name, "none") == 0) -+ debug("Requesting: NONEMAC. Authflag is %d", auth_flag); -+ } -+ - debug("kex: %s cipher: %s MAC: %s compression: %s", - ctos ? "client->server" : "server->client", - newkeys->enc.name, - authlen == 0 ? newkeys->mac.name : "", - newkeys->comp.name); -+ /* -+ * client starts with ctos = 0 && log flag = 0 and no log. -+ * 2nd client pass ctos = 1 and flag = 1 so no log. -+ * server starts with ctos = 1 && log_flag = 0 so log. -+ * 2nd sever pass ctos = 1 && log flag = 1 so no log. -+ * -cjr -+ */ -+ if (ctos && !log_flag) { -+ logit("SSH: Server;Ltype: Kex;Remote: %s-%d;Enc: %s;MAC: %s;Comp: %s", -+ ssh_remote_ipaddr(ssh), -+ ssh_remote_port(ssh), -+ newkeys->enc.name, -+ authlen == 0 ? newkeys->mac.name : "", -+ newkeys->comp.name); -+ } -+ log_flag = 1; - } - need = dh_need = 0; - for (mode = 0; mode < MODE_MAX; mode++) { -@@ -1493,7 +1528,7 @@ - if (version_addendum != NULL && *version_addendum == '\0') - version_addendum = NULL; - if ((r = sshbuf_putf(our_version, "SSH-%d.%d-%.100s%s%s\r\n", -- PROTOCOL_MAJOR_2, PROTOCOL_MINOR_2, SSH_VERSION, -+ PROTOCOL_MAJOR_2, PROTOCOL_MINOR_2, SSH_RELEASE, - version_addendum == NULL ? "" : " ", - version_addendum == NULL ? "" : version_addendum)) != 0) { - oerrno = errno; -@@ -1629,6 +1664,14 @@ - r = SSH_ERR_INVALID_FORMAT; - goto out; - } -+ -+ /* report the version information to syslog if this is the server */ -+ if (timeout_ms == -1) { /* only the server uses this value */ -+ logit("SSH: Server;Ltype: Version;Remote: %s-%d;Protocol: %d.%d;Client: %.100s", -+ ssh_remote_ipaddr(ssh), ssh_remote_port(ssh), -+ remote_major, remote_minor, remote_version); -+ } -+ - debug("Remote protocol version %d.%d, remote software version %.100s", - remote_major, remote_minor, remote_version); - compat_banner(ssh, remote_version); -diff -Nur openssh-9.3p1.orig/log.c openssh-9.3p1/log.c ---- openssh-9.3p1.orig/log.c 2023-06-26 17:56:58.620634395 +0200 -+++ openssh-9.3p1/log.c 2023-06-26 17:59:25.005036978 +0200 -@@ -46,6 +46,11 @@ - #include - #include - #include -+#include "packet.h" /* needed for host and port look ups */ -+#ifdef HAVE_SYS_TIME_H -+# include /* to get current time */ -+#endif -+ - #if defined(HAVE_STRNVIS) && defined(HAVE_VIS_H) && !defined(BROKEN_STRNVIS) - # include - #endif -@@ -65,6 +70,8 @@ - - extern char *__progname; - -+extern struct ssh *active_state; -+ - #define LOG_SYSLOG_VIS (VIS_CSTYLE|VIS_NL|VIS_TAB|VIS_OCTAL) - #define LOG_STDERR_VIS (VIS_SAFE|VIS_OCTAL) - -diff -Nur openssh-9.3p1.orig/mac.c openssh-9.3p1/mac.c ---- openssh-9.3p1.orig/mac.c 2023-06-26 17:56:58.719634668 +0200 -+++ openssh-9.3p1/mac.c 2023-06-26 17:59:25.005036978 +0200 -@@ -63,6 +63,7 @@ - { "hmac-sha2-512", SSH_DIGEST, SSH_DIGEST_SHA512, 0, 0, 0, 0 }, - { "hmac-md5", SSH_DIGEST, SSH_DIGEST_MD5, 0, 0, 0, 0 }, - { "hmac-md5-96", SSH_DIGEST, SSH_DIGEST_MD5, 96, 0, 0, 0 }, -+ { "none", SSH_DIGEST, SSH_DIGEST_NULL, 0, 0, 0, 0 }, - { "umac-64@openssh.com", SSH_UMAC, 0, 0, 128, 64, 0 }, - { "umac-128@openssh.com", SSH_UMAC128, 0, 0, 128, 128, 0 }, - -diff -Nur openssh-9.3p1.orig/Makefile.in openssh-9.3p1/Makefile.in ---- openssh-9.3p1.orig/Makefile.in 2023-06-26 17:56:58.801634893 +0200 -+++ openssh-9.3p1/Makefile.in 2023-06-26 18:05:19.227009623 +0200 -@@ -49,7 +49,7 @@ - CFLAGS_NOPIE=@CFLAGS_NOPIE@ - CPPFLAGS=-I. -I$(srcdir) @CPPFLAGS@ $(PATHS) @DEFS@ - PICFLAG=@PICFLAG@ --LIBS=@LIBS@ -+LIBS=@LIBS@ -lpthread - CHANNELLIBS=@CHANNELLIBS@ - K5LIBS=@K5LIBS@ - GSSLIBS=@GSSLIBS@ -@@ -97,7 +97,7 @@ - LIBSSH_OBJS=${LIBOPENSSH_OBJS} \ - authfd.o authfile.o \ - canohost.o channels.o cipher.o cipher-aes.o cipher-aesctr.o \ -- cleanup.o \ -+ cipher-ctr-mt.o cleanup.o \ - compat.o fatal.o hostfile.o \ - log.o match.o moduli.o nchan.o packet.o \ - readpass.o ttymodes.o xmalloc.o addr.o addrmatch.o \ -diff -Nur openssh-9.3p1.orig/packet.c openssh-9.3p1/packet.c ---- openssh-9.3p1.orig/packet.c 2023-06-26 17:56:58.723634679 +0200 -+++ openssh-9.3p1/packet.c 2023-06-26 17:59:25.007036983 +0200 -@@ -246,7 +246,7 @@ - TAILQ_INIT(&ssh->public_keys); - state->connection_in = -1; - state->connection_out = -1; -- state->max_packet_size = 32768; -+ state->max_packet_size = CHAN_SES_PACKET_DEFAULT; - state->packet_timeout_ms = -1; - state->p_send.packets = state->p_read.packets = 0; - state->initialized = 1; -@@ -294,7 +294,7 @@ - ssh_packet_set_connection(struct ssh *ssh, int fd_in, int fd_out) - { - struct session_state *state; -- const struct sshcipher *none = cipher_by_name("none"); -+ struct sshcipher *none = cipher_by_name("none"); - int r; - - if (none == NULL) { -@@ -958,10 +958,19 @@ - * so enforce a 1GB limit for small blocksizes. - * See RFC4344 section 3.2. - */ -- if (enc->block_size >= 16) -- *max_blocks = (u_int64_t)1 << (enc->block_size*2); -- else -- *max_blocks = ((u_int64_t)1 << 30) / enc->block_size; -+ -+ /* we really don't need to rekey if we are using the none cipher -+ * but there isn't a good way to disable it entirely that I can find -+ * and using a blocksize larger that 16 doesn't work (dunno why) -+ * so this seems to be a good limit for now - CJR 10/16/2020*/ -+ if (ssh->none == 1) { -+ *max_blocks = (u_int64_t)1 << (16*2); -+ } else { -+ if (enc->block_size >= 16) -+ *max_blocks = (u_int64_t)1 << (enc->block_size*2); -+ else -+ *max_blocks = ((u_int64_t)1 << 30) / enc->block_size; -+ } - if (state->rekey_limit) - *max_blocks = MINIMUM(*max_blocks, - state->rekey_limit / enc->block_size); -@@ -970,6 +979,24 @@ - return 0; - } - -+/* this supports the forced rekeying required for the NONE cipher */ -+int rekey_requested = 0; -+void -+packet_request_rekeying(void) -+{ -+ rekey_requested = 1; -+} -+ -+/* used to determine if pre or post auth when rekeying for aes-ctr -+ * and none cipher switch */ -+int -+packet_authentication_state(const struct ssh *ssh) -+{ -+ struct session_state *state = ssh->state; -+ -+ return state->after_authentication; -+} -+ - #define MAX_PACKETS (1U<<31) - static int - ssh_packet_need_rekeying(struct ssh *ssh, u_int outbound_packet_len) -@@ -996,6 +1023,13 @@ - if (state->p_send.packets == 0 && state->p_read.packets == 0) - return 0; - -+ /* used to force rekeying when called for by the none -+ * cipher switch and aes-mt-ctr methods -cjr */ -+ if (rekey_requested == 1) { -+ rekey_requested = 0; -+ return 1; -+ } -+ - /* Time-based rekeying */ - if (state->rekey_interval != 0 && - (int64_t)state->rekey_time + state->rekey_interval <= monotime()) -@@ -1342,7 +1376,7 @@ - struct session_state *state = ssh->state; - int len, r, ms_remain = 0; - struct pollfd pfd; -- char buf[8192]; -+ char buf[SSH_IOBUFSZ]; - struct timeval start; - struct timespec timespec, *timespecp = NULL; - -@@ -1822,6 +1856,8 @@ - state->packet_discard -= rlen; - return 0; - } -+ -+ ssh->fdout_bytes += rlen; - return 0; - } - -@@ -1887,17 +1923,21 @@ - switch (r) { - case SSH_ERR_CONN_CLOSED: - ssh_packet_clear_keys(ssh); -+ sshpkt_final_log_entry(ssh); - logdie("Connection closed by %s", remote_id); - case SSH_ERR_CONN_TIMEOUT: - ssh_packet_clear_keys(ssh); -+ sshpkt_final_log_entry(ssh); - logdie("Connection %s %s timed out", - ssh->state->server_side ? "from" : "to", remote_id); - case SSH_ERR_DISCONNECTED: - ssh_packet_clear_keys(ssh); -+ sshpkt_final_log_entry(ssh); - logdie("Disconnected from %s", remote_id); - case SSH_ERR_SYSTEM_ERROR: - if (errno == ECONNRESET) { - ssh_packet_clear_keys(ssh); -+ sshpkt_final_log_entry(ssh); - logdie("Connection reset by %s", remote_id); - } - /* FALLTHROUGH */ -@@ -1939,6 +1979,24 @@ - logdie_f("should have exited"); - } - -+/* this prints out the final log entry */ -+void -+sshpkt_final_log_entry (struct ssh *ssh) { -+ double total_time; -+ -+ if (ssh->start_time < 1) -+ /* this will produce a NaN in the output. -cjr */ -+ total_time = 0; -+ else -+ total_time = monotime_double() - ssh->start_time; -+ -+ logit("SSH: Server;LType: Throughput;Remote: %s-%d;IN: %lu;OUT: %lu;Duration: %.1f;tPut_in: %.1f;tPut_out: %.1f", -+ ssh_remote_ipaddr(ssh), ssh_remote_port(ssh), -+ ssh->stdin_bytes, ssh->fdout_bytes, total_time, -+ ssh->stdin_bytes / total_time, -+ ssh->fdout_bytes / total_time); -+} -+ - /* - * Logs the error plus constructs and sends a disconnect packet, closes the - * connection, and exits. This function never returns. The error message -@@ -2008,6 +2066,7 @@ - return SSH_ERR_CONN_CLOSED; - if ((r = sshbuf_consume(state->output, len)) != 0) - return r; -+ ssh->stdin_bytes += len; - } - return 0; - } -@@ -2799,3 +2858,10 @@ - ssh->state->extra_pad = pad; - return 0; - } -+ -+/* need this for the moment for the aes-ctr cipher */ -+void * -+ssh_packet_get_send_context(struct ssh *ssh) -+{ -+ return ssh->state->send_context; -+} -diff -Nur openssh-9.3p1.orig/packet.h openssh-9.3p1/packet.h ---- openssh-9.3p1.orig/packet.h 2023-06-26 17:56:58.724634681 +0200 -+++ openssh-9.3p1/packet.h 2023-06-26 17:59:25.008036986 +0200 -@@ -86,6 +86,14 @@ - - /* APP data */ - void *app_data; -+ -+ /* logging data for ServerLogging patch*/ -+ double start_time; -+ u_long fdout_bytes; -+ u_long stdin_bytes; -+ -+ /* track that we are in a none cipher/mac state */ -+ int none; - }; - - typedef int (ssh_packet_hook_fn)(struct ssh *, struct sshbuf *, -@@ -157,6 +165,8 @@ - int ssh_packet_set_maxsize(struct ssh *, u_int); - u_int ssh_packet_get_maxsize(struct ssh *); - -+int packet_authentication_state(const struct ssh *); -+ - int ssh_packet_get_state(struct ssh *, struct sshbuf *); - int ssh_packet_set_state(struct ssh *, struct sshbuf *); - -@@ -171,6 +181,13 @@ - - void *ssh_packet_get_input(struct ssh *); - void *ssh_packet_get_output(struct ssh *); -+void *ssh_packet_get_receive_context(struct ssh *); -+void *ssh_packet_get_send_context(struct ssh *); -+ -+/* for forced packet rekeying post auth */ -+void packet_request_rekeying(void); -+/* final log entry support */ -+void sshpkt_final_log_entry (struct ssh *); - - /* new API */ - int sshpkt_start(struct ssh *ssh, u_char type); -diff -Nur openssh-9.3p1.orig/progressmeter.c openssh-9.3p1/progressmeter.c ---- openssh-9.3p1.orig/progressmeter.c 2023-03-15 22:28:19.000000000 +0100 -+++ openssh-9.3p1/progressmeter.c 2023-07-05 10:45:57.895329810 +0200 -@@ -67,6 +67,8 @@ - static off_t start_pos; /* initial position of transfer */ - static off_t end_pos; /* ending position of transfer */ - static off_t cur_pos; /* transfer position as of last refresh */ -+static off_t last_pos; -+static off_t max_delta_pos = 0; - static volatile off_t *counter; /* progress counter */ - static long stalled; /* how long we have been stalled */ - static int bytes_per_second; /* current speed in bytes per second */ -@@ -133,6 +135,7 @@ - int cur_speed; - int hours, minutes, seconds; - int file_len, cols; -+ off_t delta_pos; - - if ((!force_update && !alarm_fired && !win_resized) || !can_output()) - return; -@@ -148,6 +151,10 @@ - now = monotime_double(); - bytes_left = end_pos - cur_pos; - -+ delta_pos = cur_pos - last_pos; -+ if (delta_pos > max_delta_pos) -+ max_delta_pos = delta_pos; -+ - if (bytes_left > 0) - elapsed = now - last_update; - else { -@@ -171,13 +178,14 @@ - bytes_per_second = cur_speed; - - last_update = now; -+ last_pos = cur_pos; - - /* Don't bother if we can't even display the completion percentage */ - if (win_size < 4) - return; - - /* filename */ -- file_len = cols = win_size - 36; -+ file_len = cols = win_size - 45; - if (file_len > 0) { - asmprintf(&buf, INT_MAX, &cols, "%-*s", file_len, file); - /* If we used fewer columns than expected then pad */ -@@ -194,6 +202,12 @@ - xextendf(&buf, NULL, " %3d%% %s %s/s ", percent, format_size(cur_pos), - format_rate((off_t)bytes_per_second)); - -+ /* instantaneous rate */ -+ if (bytes_left > 0) -+ xextendf(&buf, NULL, "%s/s ", format_rate(delta_pos)); -+ else -+ xextendf(&buf, NULL, "%s/s ", format_rate(max_delta_pos)); -+ - /* ETA */ - if (!transferred) - stalled += elapsed; -diff -Nur openssh-9.3p1.orig/readconf.c openssh-9.3p1/readconf.c ---- openssh-9.3p1.orig/readconf.c 2023-06-26 17:56:58.806634907 +0200 -+++ openssh-9.3p1/readconf.c 2023-06-26 17:59:25.011036994 +0200 -@@ -67,6 +67,7 @@ - #include "uidswap.h" - #include "myproposal.h" - #include "digest.h" -+#include "sshbuf.h" - #include "ssh-gss.h" - - /* Format of the configuration file: -@@ -169,6 +170,9 @@ - oHashKnownHosts, - oTunnel, oTunnelDevice, - oLocalCommand, oPermitLocalCommand, oRemoteCommand, -+ oTcpRcvBufPoll, oTcpRcvBuf, oHPNDisabled, oHPNBufferSize, -+ oNoneEnabled, oNoneMacEnabled, oNoneSwitch, -+ oDisableMTAES, - oVisualHostKey, - oKexAlgorithms, oIPQoS, oRequestTTY, oSessionType, oStdinNull, - oForkAfterAuthentication, oIgnoreUnknown, oProxyUseFdpass, -@@ -314,6 +318,10 @@ - { "kexalgorithms", oKexAlgorithms }, - { "ipqos", oIPQoS }, - { "requesttty", oRequestTTY }, -+ { "noneenabled", oNoneEnabled }, -+ { "nonemacenabled", oNoneMacEnabled }, -+ { "noneswitch", oNoneSwitch }, -+ { "disablemtaes", oDisableMTAES }, - { "sessiontype", oSessionType }, - { "stdinnull", oStdinNull }, - { "forkafterauthentication", oForkAfterAuthentication }, -@@ -340,6 +348,11 @@ - { "rsaminsize", oRequiredRSASize }, /* alias */ - { "enableescapecommandline", oEnableEscapeCommandline }, - -+ { "tcprcvbufpoll", oTcpRcvBufPoll }, -+ { "tcprcvbuf", oTcpRcvBuf }, -+ { "hpndisabled", oHPNDisabled }, -+ { "hpnbuffersize", oHPNBufferSize }, -+ - { NULL, oBadOption } - }; - -@@ -1182,6 +1195,46 @@ - intptr = &options->check_host_ip; - goto parse_flag; - -+ case oHPNDisabled: -+ intptr = &options->hpn_disabled; -+ goto parse_flag; -+ -+ case oHPNBufferSize: -+ intptr = &options->hpn_buffer_size; -+ goto parse_int; -+ -+ case oTcpRcvBufPoll: -+ intptr = &options->tcp_rcv_buf_poll; -+ goto parse_flag; -+ -+ case oNoneEnabled: -+ intptr = &options->none_enabled; -+ goto parse_flag; -+ -+ case oNoneMacEnabled: -+ intptr = &options->nonemac_enabled; -+ goto parse_flag; -+ -+ case oDisableMTAES: -+ intptr = &options->disable_multithreaded; -+ goto parse_flag; -+ -+ /* -+ * We check to see if the command comes from the command -+ * line or not. If it does then enable it otherwise fail. -+ * NONE should never be a default configuration. -+ */ -+ case oNoneSwitch: -+ if (strcmp(filename, "command-line") == 0) { -+ intptr = &options->none_switch; -+ goto parse_flag; -+ } else { -+ error("NoneSwitch is found in %.200s.\nYou may only use this configuration option from the command line", filename); -+ error("Continuing..."); -+ debug("NoneSwitch directive found in %.200s.", filename); -+ return 0; -+ } -+ - case oVerifyHostKeyDNS: - intptr = &options->verify_host_key_dns; - multistate_ptr = multistate_yesnoask; -@@ -1436,6 +1489,10 @@ - *intptr = value; - break; - -+ case oTcpRcvBuf: -+ intptr = &options->tcp_rcv_buf; -+ goto parse_int; -+ - case oCiphers: - arg = argv_next(&ac, &av); - if (!arg || *arg == '\0') { -@@ -2476,6 +2533,14 @@ - options->ip_qos_interactive = -1; - options->ip_qos_bulk = -1; - options->request_tty = -1; -+ options->none_switch = -1; -+ options->none_enabled = -1; -+ options->nonemac_enabled = -1; -+ options->disable_multithreaded = -1; -+ options->hpn_disabled = -1; -+ options->hpn_buffer_size = -1; -+ options->tcp_rcv_buf_poll = -1; -+ options->tcp_rcv_buf = -1; - options->session_type = -1; - options->stdin_null = -1; - options->fork_after_authentication = -1; -@@ -2653,6 +2718,43 @@ - options->server_alive_interval = 0; - if (options->server_alive_count_max == -1) - options->server_alive_count_max = 3; -+ if (options->hpn_disabled == -1) -+ options->hpn_disabled = 0; -+ if (options->hpn_buffer_size > -1) { -+ /* if a user tries to set the size to 0 set it to 1KB */ -+ if (options->hpn_buffer_size == 0) -+ options->hpn_buffer_size = 1; -+ /* limit the buffer to SSHBUF_SIZE_MAX (currently 256MB) */ -+ if (options->hpn_buffer_size > (SSHBUF_SIZE_MAX / 1024)) { -+ options->hpn_buffer_size = SSHBUF_SIZE_MAX; -+ debug("User requested buffer larger than 256MB. Request reverted to 256MB"); -+ } else -+ options->hpn_buffer_size *= 1024; -+ debug("hpn_buffer_size set to %d", options->hpn_buffer_size); -+ } -+ if (options->tcp_rcv_buf == 0) -+ options->tcp_rcv_buf = 1; -+ if (options->tcp_rcv_buf > -1) -+ options->tcp_rcv_buf *=1024; -+ if (options->tcp_rcv_buf_poll == -1) -+ options->tcp_rcv_buf_poll = 1; -+ if (options->none_switch == -1) -+ options->none_switch = 0; -+ if (options->none_enabled == -1) -+ options->none_enabled = 0; -+ if (options->none_enabled == 0 && options->none_switch > 0) { -+ fprintf(stderr, "NoneEnabled must be enabled to use the None Switch option. None cipher disabled.\n"); -+ options->none_enabled = 0; -+ } -+ if (options->nonemac_enabled == -1) -+ options->nonemac_enabled = 0; -+ if (options->nonemac_enabled > 0 && (options->none_enabled == 0 || -+ options->none_switch == 0)) { -+ fprintf(stderr, "None MAC can only be used with the None cipher. None MAC disabled.\n"); -+ options->nonemac_enabled = 0; -+ } -+ if (options->disable_multithreaded == -1) -+ options->disable_multithreaded = 0; - if (options->control_master == -1) - options->control_master = 0; - if (options->control_persist == -1) { -diff -Nur openssh-9.3p1.orig/readconf.h openssh-9.3p1/readconf.h ---- openssh-9.3p1.orig/readconf.h 2023-06-26 17:56:58.806634907 +0200 -+++ openssh-9.3p1/readconf.h 2023-06-26 17:59:25.012036996 +0200 -@@ -56,6 +56,10 @@ - int strict_host_key_checking; /* Strict host key checking. */ - int compression; /* Compress packets in both directions. */ - int tcp_keep_alive; /* Set SO_KEEPALIVE. */ -+ int tcp_rcv_buf; /* user switch to set tcp recv buffer */ -+ int tcp_rcv_buf_poll; /* Option to poll recv buf every window transfer */ -+ int hpn_disabled; /* Switch to disable HPN buffer management */ -+ int hpn_buffer_size; /* User definable size for HPN buffer window */ - int ip_qos_interactive; /* IP ToS/DSCP/class for interactive */ - int ip_qos_bulk; /* IP ToS/DSCP/class for bulk traffic */ - SyslogFacility log_facility; /* Facility for system logging. */ -@@ -127,7 +131,12 @@ - - int enable_ssh_keysign; - int64_t rekey_limit; -+ int none_switch; /* Use none cipher */ -+ int none_enabled; /* Allow none to be used */ -+ int nonemac_enabled; /* Allow none to be used */ -+ int disable_multithreaded; /*disable multithreaded aes-ctr*/ - int rekey_interval; -+ - int no_host_authentication_for_localhost; - int identities_only; - int server_alive_interval; -diff -Nur openssh-9.3p1.orig/regress/integrity.sh openssh-9.3p1/regress/integrity.sh ---- openssh-9.3p1.orig/regress/integrity.sh 2023-03-15 22:28:19.000000000 +0100 -+++ openssh-9.3p1/regress/integrity.sh 2023-06-26 17:59:25.013036999 +0200 -@@ -21,6 +21,12 @@ - cmd="$SUDO env SSH_SK_HELPER="$SSH_SK_HELPER" sh ${OBJ}/sshd-log-wrapper.sh -i -f $OBJ/sshd_proxy" - - for m in $macs; do -+ # the none mac is now valid but tests against it will succeed when we expect it to -+ # fail. so we need to explicity remove it from the list of macs returned. -+ if [ "$m" = "none" ]; then -+ continue -+ fi -+ - trace "test $tid: mac $m" - elen=0 - epad=0 -diff -Nur openssh-9.3p1.orig/sandbox-seccomp-filter.c openssh-9.3p1/sandbox-seccomp-filter.c ---- openssh-9.3p1.orig/sandbox-seccomp-filter.c 2023-06-26 17:56:58.742634731 +0200 -+++ openssh-9.3p1/sandbox-seccomp-filter.c 2023-06-26 17:59:25.013036999 +0200 -@@ -295,6 +295,9 @@ - #ifdef __NR_geteuid32 - SC_ALLOW(__NR_geteuid32), - #endif -+#ifdef __NR_getpeername /* not defined on archs that go via socketcall(2) */ -+ SC_ALLOW(__NR_getpeername), -+#endif - #ifdef __NR_getpgid - SC_ALLOW(__NR_getpgid), - #endif -@@ -413,6 +416,9 @@ - #ifdef __NR_sigprocmask - SC_ALLOW(__NR_sigprocmask), - #endif -+#ifdef __NR_socketcall -+ SC_ALLOW(__NR_socketcall), -+#endif - #ifdef __NR_time - SC_ALLOW(__NR_time), - #endif -diff -Nur openssh-9.3p1.orig/scp.c openssh-9.3p1/scp.c ---- openssh-9.3p1.orig/scp.c 2023-06-26 17:56:58.782634841 +0200 -+++ openssh-9.3p1/scp.c 2023-06-26 17:59:25.015037005 +0200 -@@ -1670,7 +1670,7 @@ - off_t size, statbytes; - unsigned long long ull; - int setimes, targisdir, wrerr; -- char ch, *cp, *np, *targ, *why, *vect[1], buf[2048], visbuf[2048]; -+ char ch, *cp, *np, *targ, *why, *vect[1], buf[16384], visbuf[16384]; - char **patterns = NULL; - size_t n, npatterns = 0; - struct timeval tv[2]; -diff -Nur openssh-9.3p1.orig/servconf.c openssh-9.3p1/servconf.c ---- openssh-9.3p1.orig/servconf.c 2023-06-26 17:56:58.807634910 +0200 -+++ openssh-9.3p1/servconf.c 2023-06-26 17:59:25.016037008 +0200 -@@ -70,6 +70,7 @@ - #include "auth.h" - #include "myproposal.h" - #include "digest.h" -+#include "sshbuf.h" - #include "ssh-gss.h" - - static void add_listen_addr(ServerOptions *, const char *, -@@ -200,6 +201,12 @@ - options->authorized_principals_file = NULL; - options->authorized_principals_command = NULL; - options->authorized_principals_command_user = NULL; -+ options->tcp_rcv_buf_poll = -1; -+ options->hpn_disabled = -1; -+ options->hpn_buffer_size = -1; -+ options->none_enabled = -1; -+ options->nonemac_enabled = -1; -+ options->disable_multithreaded = -1; - options->ip_qos_interactive = -1; - options->ip_qos_bulk = -1; - options->version_addendum = NULL; -@@ -294,6 +301,10 @@ - fill_default_server_options(ServerOptions *options) - { - u_int i; -+ /* needed for hpn socket tests */ -+ int sock; -+ int socksize; -+ int socksizelen = sizeof(int); - - /* Portable-specific options */ - if (options->use_pam == -1) -@@ -465,6 +476,51 @@ - } - if (options->permit_tun == -1) - options->permit_tun = SSH_TUNMODE_NO; -+ if (options->none_enabled == -1) -+ options->none_enabled = 0; -+ if (options->nonemac_enabled == -1) -+ options->nonemac_enabled = 0; -+ if (options->nonemac_enabled > 0 && options->none_enabled == 0) { -+ debug ("Attempted to enabled None MAC without setting None Enabled to true. None MAC disabled."); -+ options->nonemac_enabled = 0; -+ } -+ if (options->disable_multithreaded == -1) -+ options->disable_multithreaded = 0; -+ if (options->hpn_disabled == -1) -+ options->hpn_disabled = 0; -+ -+ if (options->hpn_buffer_size == -1) { -+ /* option not explicitly set. Now we have to figure out */ -+ /* what value to use */ -+ if (options->hpn_disabled == 1) { -+ options->hpn_buffer_size = CHAN_SES_WINDOW_DEFAULT; -+ } else { -+ /* get the current RCV size and set it to that */ -+ /*create a socket but don't connect it */ -+ /* we use that the get the rcv socket size */ -+ sock = socket(AF_INET, SOCK_STREAM, 0); -+ getsockopt(sock, SOL_SOCKET, SO_RCVBUF, -+ &socksize, &socksizelen); -+ close(sock); -+ options->hpn_buffer_size = socksize; -+ debug("HPN Buffer Size: %d", options->hpn_buffer_size); -+ } -+ } else { -+ /* we have to do this in case the user sets both values in a contradictory */ -+ /* manner. hpn_disabled overrrides hpn_buffer_size*/ -+ if (options->hpn_disabled <= 0) { -+ if (options->hpn_buffer_size == 0) -+ options->hpn_buffer_size = 1; -+ /* limit the maximum buffer to SSHBUF_SIZE_MAX (currently 256MB) */ -+ if (options->hpn_buffer_size > (SSHBUF_SIZE_MAX / 1024)) { -+ options->hpn_buffer_size = SSHBUF_SIZE_MAX; -+ } else { -+ options->hpn_buffer_size *= 1024; -+ } -+ } else -+ options->hpn_buffer_size = CHAN_TCP_WINDOW_DEFAULT; -+ } -+ - if (options->ip_qos_interactive == -1) - options->ip_qos_interactive = IPTOS_DSCP_AF21; - if (options->ip_qos_bulk == -1) -@@ -546,6 +602,9 @@ - sKerberosGetAFSToken, sKerberosUniqueCCache, sKerberosUseKuserok, sPasswordAuthentication, - sKbdInteractiveAuthentication, sListenAddress, sAddressFamily, - sPrintMotd, sPrintLastLog, sIgnoreRhosts, -+ sNoneEnabled, sNoneMacEnabled, -+ sDisableMTAES, -+ sTcpRcvBufPoll, sHPNDisabled, sHPNBufferSize, - sX11Forwarding, sX11DisplayOffset, sX11MaxDisplays, sX11UseLocalhost, - sPermitTTY, sStrictModes, sEmptyPasswd, sTCPKeepAlive, - sPermitUserEnvironment, sAllowTcpForwarding, sCompression, -@@ -747,6 +806,12 @@ - { "revokedkeys", sRevokedKeys, SSHCFG_ALL }, - { "trustedusercakeys", sTrustedUserCAKeys, SSHCFG_ALL }, - { "authorizedprincipalsfile", sAuthorizedPrincipalsFile, SSHCFG_ALL }, -+ { "hpndisabled", sHPNDisabled, SSHCFG_ALL }, -+ { "hpnbuffersize", sHPNBufferSize, SSHCFG_ALL }, -+ { "tcprcvbufpoll", sTcpRcvBufPoll, SSHCFG_ALL }, -+ { "noneenabled", sNoneEnabled, SSHCFG_ALL }, -+ { "disableMTAES", sDisableMTAES, SSHCFG_ALL }, -+ { "nonemacenabled", sNoneMacEnabled, SSHCFG_ALL }, - { "kexalgorithms", sKexAlgorithms, SSHCFG_GLOBAL }, - { "include", sInclude, SSHCFG_ALL }, - { "ipqos", sIPQoS, SSHCFG_ALL }, -@@ -809,6 +874,7 @@ - - for (i = 0; keywords[i].name; i++) - if (strcasecmp(cp, keywords[i].name) == 0) { -+ debug("Config token is %s", keywords[i].name); - *flags = keywords[i].flags; - return keywords[i].opcode; - } -@@ -1636,12 +1702,36 @@ - multistate_ptr = multistate_ignore_rhosts; - goto parse_multistate; - -+ case sTcpRcvBufPoll: -+ intptr = &options->tcp_rcv_buf_poll; -+ goto parse_flag; -+ -+ case sHPNDisabled: -+ intptr = &options->hpn_disabled; -+ goto parse_flag; -+ -+ case sHPNBufferSize: -+ intptr = &options->hpn_buffer_size; -+ goto parse_int; -+ - case sIgnoreUserKnownHosts: - intptr = &options->ignore_user_known_hosts; - parse_flag: - multistate_ptr = multistate_flag; - goto parse_multistate; - -+ case sNoneEnabled: -+ intptr = &options->none_enabled; -+ goto parse_flag; -+ -+ case sNoneMacEnabled: -+ intptr = &options->nonemac_enabled; -+ goto parse_flag; -+ -+ case sDisableMTAES: -+ intptr = &options->disable_multithreaded; -+ goto parse_flag; -+ - case sHostbasedAuthentication: - intptr = &options->hostbased_authentication; - goto parse_flag; -diff -Nur openssh-9.3p1.orig/servconf.h openssh-9.3p1/servconf.h ---- openssh-9.3p1.orig/servconf.h 2023-06-26 17:56:58.808634912 +0200 -+++ openssh-9.3p1/servconf.h 2023-06-26 17:59:25.017037010 +0200 -@@ -214,6 +214,13 @@ - int use_pam; /* Enable auth via PAM */ - int permit_pam_user_change; /* Allow PAM to change user name */ - -+ int tcp_rcv_buf_poll; /* poll tcp rcv window in autotuning kernels*/ -+ int hpn_disabled; /* disable hpn functionality. false by default */ -+ int hpn_buffer_size; /* set the hpn buffer size - default 3MB */ -+ int none_enabled; /* Enable NONE cipher switch */ -+ int disable_multithreaded; /*disable multithreaded aes-ctr cipher */ -+ int nonemac_enabled; /* Enable NONE MAC switch */ -+ - int permit_tun; - - char **permitted_opens; /* May also be one of PERMITOPEN_* */ -diff -Nur openssh-9.3p1.orig/serverloop.c openssh-9.3p1/serverloop.c ---- openssh-9.3p1.orig/serverloop.c 2023-06-26 17:56:58.784634846 +0200 -+++ openssh-9.3p1/serverloop.c 2023-06-26 17:59:25.018037013 +0200 -@@ -347,6 +347,7 @@ - sigset_t bsigset, osigset; - - debug("Entering interactive session for SSH2."); -+ ssh->start_time = monotime_double(); - - if (sigemptyset(&bsigset) == -1 || sigaddset(&bsigset, SIGCHLD) == -1) - error_f("bsigset setup: %s", strerror(errno)); -@@ -386,6 +387,7 @@ - - if (received_sigterm) { - logit("Exiting on signal %d", (int)received_sigterm); -+ sshpkt_final_log_entry(ssh); - /* Clean up sessions, utmp, etc. */ - cleanup_exit(255); - } -@@ -406,6 +408,9 @@ - /* free all channels, no more reads and writes */ - channel_free_all(ssh); - -+ /* final entry must come after channels close -cjr */ -+ sshpkt_final_log_entry(ssh); -+ - /* free remaining sessions, e.g. remove wtmp entries */ - session_destroy_all(ssh, NULL); - } -@@ -556,7 +561,8 @@ - debug("Tunnel forwarding using interface %s", ifname); - - c = channel_new(ssh, "tun", SSH_CHANNEL_OPEN, sock, sock, -1, -- CHAN_TCP_WINDOW_DEFAULT, CHAN_TCP_PACKET_DEFAULT, 0, "tun", 1); -+ options.hpn_disabled ? CHAN_TCP_WINDOW_DEFAULT : options.hpn_buffer_size, -+ CHAN_TCP_PACKET_DEFAULT, 0, "tun", 1); - c->datagram = 1; - #if defined(SSH_TUN_FILTER) - if (mode == SSH_TUNMODE_POINTOPOINT) -@@ -607,6 +613,8 @@ - c = channel_new(ssh, "session", SSH_CHANNEL_LARVAL, - -1, -1, -1, /*window size*/0, CHAN_SES_PACKET_DEFAULT, - 0, "server-session", 1); -+ if ((options.tcp_rcv_buf_poll) && (!options.hpn_disabled)) -+ c->dynamic_window = 1; - if (session_open(the_authctxt, c->self) != 1) { - debug("session open failed, free channel %d", c->self); - channel_free(ssh, c); -diff -Nur openssh-9.3p1.orig/session.c openssh-9.3p1/session.c ---- openssh-9.3p1.orig/session.c 2023-06-26 17:56:58.732634703 +0200 -+++ openssh-9.3p1/session.c 2023-07-05 10:50:50.184150123 +0200 -@@ -226,6 +226,7 @@ - goto authsock_err; - - /* Allocate a channel for the authentication agent socket. */ -+ /* this shouldn't matter if its hpn or not - cjr */ - nc = channel_new(ssh, "auth-listener", - SSH_CHANNEL_AUTH_SOCKET, sock, sock, -1, - CHAN_X11_WINDOW_DEFAULT, CHAN_X11_PACKET_DEFAULT, -@@ -2369,7 +2370,8 @@ - channel_set_fds(ssh, s->chanid, - fdout, fdin, fderr, - ignore_fderr ? CHAN_EXTENDED_IGNORE : CHAN_EXTENDED_READ, -- 1, is_tty, CHAN_SES_WINDOW_DEFAULT); -+ 1, is_tty, -+ options.hpn_disabled ? CHAN_SES_WINDOW_DEFAULT : options.hpn_buffer_size); - } - - /* -diff -Nur openssh-9.3p1.orig/sftp.1 openssh-9.3p1/sftp.1 ---- openssh-9.3p1.orig/sftp.1 2023-03-15 22:28:19.000000000 +0100 -+++ openssh-9.3p1/sftp.1 2023-06-26 17:59:25.021037021 +0200 -@@ -299,7 +299,8 @@ - Specify how many requests may be outstanding at any one time. - Increasing this may slightly improve file transfer speed - but will increase memory usage. --The default is 64 outstanding requests. -+The default is 256 outstanding requests providing for 8MB -+of outstanding data with a 32KB buffer. - .It Fl r - Recursively copy entire directories when uploading and downloading. - Note that -diff -Nur openssh-9.3p1.orig/sftp-client.c openssh-9.3p1/sftp-client.c ---- openssh-9.3p1.orig/sftp-client.c 2023-06-26 17:56:58.702634621 +0200 -+++ openssh-9.3p1/sftp-client.c 2023-06-26 18:01:56.954454674 +0200 -@@ -72,7 +72,7 @@ - #define DEFAULT_COPY_BUFLEN 32768 - - /* Default number of concurrent xfer requests (fix sftp.1 scp.1 if changed) */ --#define DEFAULT_NUM_REQUESTS 64 -+#define DEFAULT_NUM_REQUESTS 256 - - /* Minimum amount of data to read at a time */ - #define MIN_READ_SIZE 512 -diff -Nur openssh-9.3p1.orig/ssh_api.c openssh-9.3p1/ssh_api.c ---- openssh-9.3p1.orig/ssh_api.c 2023-03-15 22:28:19.000000000 +0100 -+++ openssh-9.3p1/ssh_api.c 2023-06-26 17:59:25.024037030 +0200 -@@ -410,7 +410,7 @@ - char *cp; - int r; - -- if ((r = sshbuf_putf(banner, "SSH-2.0-%.100s\r\n", SSH_VERSION)) != 0) -+ if ((r = sshbuf_putf(banner, "SSH-2.0-%.100s\r\n", SSH_RELEASE)) != 0) - return r; - if ((r = sshbuf_putb(ssh_packet_get_output(ssh), banner)) != 0) - return r; -diff -Nur openssh-9.3p1.orig/sshbuf.h openssh-9.3p1/sshbuf.h ---- openssh-9.3p1.orig/sshbuf.h 2023-03-15 22:28:19.000000000 +0100 -+++ openssh-9.3p1/sshbuf.h 2023-06-26 17:59:25.024037030 +0200 -@@ -28,7 +28,7 @@ - # endif /* OPENSSL_HAS_ECC */ - #endif /* WITH_OPENSSL */ - --#define SSHBUF_SIZE_MAX 0x8000000 /* Hard maximum size */ -+#define SSHBUF_SIZE_MAX 0xF000000 /* Hard maximum size 256MB */ - #define SSHBUF_REFS_MAX 0x100000 /* Max child buffers */ - #define SSHBUF_MAX_BIGNUM (16384 / 8) /* Max bignum *bytes* */ - #define SSHBUF_MAX_ECPOINT ((528 * 2 / 8) + 1) /* Max EC point *bytes* */ -diff -Nur openssh-9.3p1.orig/ssh.c openssh-9.3p1/ssh.c ---- openssh-9.3p1.orig/ssh.c 2023-06-26 17:56:58.809634915 +0200 -+++ openssh-9.3p1/ssh.c 2023-06-26 17:59:25.025037033 +0200 -@@ -1069,6 +1069,10 @@ - break; - case 'T': - options.request_tty = REQUEST_TTY_NO; -+ /* ensure that the user doesn't try to backdoor a */ -+ /* null cipher switch on an interactive session */ -+ /* so explicitly disable it no matter what */ -+ options.none_switch=0; - break; - case 'o': - line = xstrdup(optarg); -@@ -1815,6 +1819,8 @@ - setproctitle("%s [mux]", options.control_path); - } - -+extern const EVP_CIPHER *evp_aes_ctr_mt(void); -+ - /* Do fork() after authentication. Used by "ssh -f" */ - static void - fork_postauth(void) -@@ -2132,6 +2138,79 @@ - NULL, fileno(stdin), command, environ); - } - -+static void -+hpn_options_init(struct ssh *ssh) -+{ -+ /* -+ * We need to check to see if what they want to do about buffer -+ * sizes here. In a hpn to nonhpn connection we want to limit -+ * the window size to something reasonable in case the far side -+ * has the large window bug. In hpn to hpn connection we want to -+ * use the max window size but allow the user to override it -+ * lastly if they disabled hpn then use the ssh std window size. -+ * -+ * So why don't we just do a getsockopt() here and set the -+ * ssh window to that? In the case of a autotuning receive -+ * window the window would get stuck at the initial buffer -+ * size generally less than 96k. Therefore we need to set the -+ * maximum ssh window size to the maximum hpn buffer size -+ * unless the user has specifically set the tcprcvbufpoll -+ * to no. In which case we *can* just set the window to the -+ * minimum of the hpn buffer size and tcp receive buffer size. -+ */ -+ -+ if (tty_flag) -+ options.hpn_buffer_size = CHAN_SES_WINDOW_DEFAULT; -+ else -+ options.hpn_buffer_size = 2 * 1024 * 1024; -+ -+ if (ssh->compat & SSH_BUG_LARGEWINDOW) { -+ debug("HPN to Non-HPN connection"); -+ } else { -+ debug("HPN to HPN connection"); -+ int sock, socksize; -+ socklen_t socksizelen; -+ if (options.tcp_rcv_buf_poll <= 0) { -+ sock = socket(AF_INET, SOCK_STREAM, 0); -+ socksizelen = sizeof(socksize); -+ getsockopt(sock, SOL_SOCKET, SO_RCVBUF, -+ &socksize, &socksizelen); -+ close(sock); -+ debug("socksize %d", socksize); -+ options.hpn_buffer_size = socksize; -+ debug("HPNBufferSize set to TCP RWIN: %d", options.hpn_buffer_size); -+ } else { -+ if (options.tcp_rcv_buf > 0) { -+ /* -+ * Create a socket but don't connect it: -+ * we use that the get the rcv socket size -+ */ -+ sock = socket(AF_INET, SOCK_STREAM, 0); -+ /* -+ * If they are using the tcp_rcv_buf option, -+ * attempt to set the buffer size to that. -+ */ -+ if (options.tcp_rcv_buf) { -+ socksizelen = sizeof(options.tcp_rcv_buf); -+ setsockopt(sock, SOL_SOCKET, SO_RCVBUF, -+ &options.tcp_rcv_buf, socksizelen); -+ } -+ socksizelen = sizeof(socksize); -+ getsockopt(sock, SOL_SOCKET, SO_RCVBUF, -+ &socksize, &socksizelen); -+ close(sock); -+ debug("socksize %d", socksize); -+ options.hpn_buffer_size = socksize; -+ debug("HPNBufferSize set to user TCPRcvBuf: %d", options.hpn_buffer_size); -+ } -+ } -+ } -+ -+ debug("Final hpn_buffer_size = %d", options.hpn_buffer_size); -+ -+ channel_set_hpn(options.hpn_disabled, options.hpn_buffer_size); -+} -+ - /* open new channel for a session */ - static int - ssh_session2_open(struct ssh *ssh) -@@ -2150,9 +2229,11 @@ - if (in == -1 || out == -1 || err == -1) - fatal("dup() in/out/err failed"); - -- window = CHAN_SES_WINDOW_DEFAULT; -+ window = options.hpn_buffer_size; -+ - packetmax = CHAN_SES_PACKET_DEFAULT; - if (tty_flag) { -+ window = CHAN_SES_WINDOW_DEFAULT; - window >>= 1; - packetmax >>= 1; - } -@@ -2163,6 +2244,11 @@ - - debug3_f("channel_new: %d", c->self); - -+ if (options.tcp_rcv_buf_poll > 0 && !options.hpn_disabled) { -+ c->dynamic_window = 1; -+ debug("Enabled Dynamic Window Scaling"); -+ } -+ - channel_send_open(ssh, c->self); - if (options.session_type != SESSION_TYPE_NONE) - channel_register_open_confirm(ssh, c->self, -@@ -2177,6 +2263,13 @@ - int r, id = -1; - char *cp, *tun_fwd_ifname = NULL; - -+ /* -+ * We need to initialize this early because the forwarding logic below -+ * might open channels that use the hpn buffer sizes. We can't send a -+ * window of -1 (the default) to the server as it breaks things. -+ */ -+ hpn_options_init(ssh); -+ - /* XXX should be pre-session */ - if (!options.control_persist) - ssh_init_stdio_forwarding(ssh); -diff -Nur openssh-9.3p1.orig/sshconnect2.c openssh-9.3p1/sshconnect2.c ---- openssh-9.3p1.orig/sshconnect2.c 2023-06-26 17:56:58.811634921 +0200 -+++ openssh-9.3p1/sshconnect2.c 2023-07-05 04:58:43.822783207 +0200 -@@ -76,6 +76,7 @@ - #include "utf8.h" - #include "ssh-sk.h" - #include "sk-api.h" -+#include "myproposal.h" - - #ifdef GSSAPI - #include "ssh-gss.h" -@@ -85,6 +86,13 @@ - extern Options options; - - /* -+ * tty_flag is set in ssh.c. Use this in ssh_userauth2: -+ * if it is set, then prevent the switch to the null cipher. -+ */ -+ -+extern int tty_flag; -+ -+/* - * SSH2 key exchange - */ - -@@ -216,6 +224,8 @@ - return ret; - } - -+static char *myproposal[PROPOSAL_MAX]; -+static const char *myproposal_default[PROPOSAL_MAX] = { KEX_CLIENT }; - void - ssh_kex2(struct ssh *ssh, char *host, struct sockaddr *hostaddr, u_short port, - const struct ssh_conn_info *cinfo) -@@ -229,6 +239,8 @@ - char *gss_host = NULL; - #endif - -+ memcpy(&myproposal, &myproposal_default, sizeof(myproposal)); -+ - xxx_host = host; - xxx_hostaddr = hostaddr; - xxx_conn_info = cinfo; -@@ -577,6 +589,53 @@ - - if (!authctxt.success) - fatal("Authentication failed."); -+ -+ /* -+ * If the user wants to use the none cipher and/or none mac, do it post authentication -+ * and only if the right conditions are met -- both of the NONE commands -+ * must be true and there must be no tty allocated. -+ */ -+ if (options.none_switch == 1 && options.none_enabled == 1) { -+ if (!tty_flag) { /* no null on tty sessions */ -+ debug("Requesting none rekeying..."); -+ memcpy(&myproposal, &myproposal_default, sizeof(myproposal)); -+ myproposal[PROPOSAL_ENC_ALGS_STOC] = "none"; -+ myproposal[PROPOSAL_ENC_ALGS_CTOS] = "none"; -+ fprintf(stderr, "WARNING: ENABLED NONE CIPHER!!!\n"); -+ /* NONEMAC can only be used in context of the NONE CIPHER */ -+ if (options.nonemac_enabled == 1) { -+ myproposal[PROPOSAL_MAC_ALGS_STOC] = "none"; -+ myproposal[PROPOSAL_MAC_ALGS_CTOS] = "none"; -+ fprintf(stderr, "WARNING: ENABLED NONE MAC\n"); -+ } -+ kex_prop2buf(ssh->kex->my, myproposal); -+ packet_request_rekeying(); -+ } else { -+ /* requested NONE cipher when in a tty */ -+ debug("Cannot switch to NONE cipher with tty allocated"); -+ fprintf(stderr, "NONE cipher switch disabled when a TTY is allocated\n"); -+ } -+ } -+ -+#ifdef WITH_OPENSSL -+ if (options.disable_multithreaded == 0) { -+ /* if we are using aes-ctr there can be issues in either a fork or sandbox -+ * so the initial aes-ctr is defined to point to the original single process -+ * evp. After authentication we'll be past the fork and the sandboxed privsep -+ * so we repoint the define to the multithreaded evp. To start the threads we -+ * then force a rekey -+ */ -+ const void *cc = ssh_packet_get_send_context(ssh); -+ -+ /* only do this for the ctr cipher. otherwise gcm mode breaks. Don't know why though */ -+ if (strstr(cipher_ctx_name(cc), "ctr")) { -+ debug("Single to Multithread CTR cipher swap - client request"); -+ cipher_reset_multithreaded(); -+ packet_request_rekeying(); -+ } -+ } -+#endif -+ - if (ssh_packet_connection_is_on_socket(ssh)) { - verbose("Authenticated to %s ([%s]:%d) using \"%s\".", host, - ssh_remote_ipaddr(ssh), ssh_remote_port(ssh), -diff -Nur openssh-9.3p1.orig/sshconnect.c openssh-9.3p1/sshconnect.c ---- openssh-9.3p1.orig/sshconnect.c 2023-06-26 17:56:58.650634478 +0200 -+++ openssh-9.3p1/sshconnect.c 2023-06-26 17:59:25.028037041 +0200 -@@ -344,6 +344,30 @@ - #endif - - /* -+ * Set TCP receive buffer if requested. -+ * Note: tuning needs to happen after the socket is -+ * created but before the connection happens -+ * so winscale is negotiated properly -cjr -+ */ -+static void -+ssh_set_socket_recvbuf(int sock) -+{ -+ void *buf = (void *)&options.tcp_rcv_buf; -+ int sz = sizeof(options.tcp_rcv_buf); -+ int socksize; -+ int socksizelen = sizeof(int); -+ -+ debug("setsockopt Attempting to set SO_RCVBUF to %d", options.tcp_rcv_buf); -+ if (setsockopt(sock, SOL_SOCKET, SO_RCVBUF, buf, sz) >= 0) { -+ getsockopt(sock, SOL_SOCKET, SO_RCVBUF, &socksize, &socksizelen); -+ debug("setsockopt SO_RCVBUF: %.100s %d", strerror(errno), socksize); -+ } -+ else -+ error("Couldn't set socket receive buffer to %d: %.100s", -+ options.tcp_rcv_buf, strerror(errno)); -+} -+ -+/* - * Creates a socket for use as the ssh connection. - */ - static int -@@ -365,6 +389,9 @@ - } - (void)fcntl(sock, F_SETFD, FD_CLOEXEC); - -+ if (options.tcp_rcv_buf > 0) -+ ssh_set_socket_recvbuf(sock); -+ - /* Use interactive QOS (if specified) until authentication completed */ - if (options.ip_qos_interactive != INT_MAX) - set_sock_tos(sock, options.ip_qos_interactive); -diff -Nur openssh-9.3p1.orig/sshd.c openssh-9.3p1/sshd.c ---- openssh-9.3p1.orig/sshd.c 2023-06-26 17:56:58.812634923 +0200 -+++ openssh-9.3p1/sshd.c 2023-07-05 11:08:30.843125617 +0200 -@@ -1093,6 +1093,8 @@ - int ret, listen_sock; - struct addrinfo *ai; - char ntop[NI_MAXHOST], strport[NI_MAXSERV]; -+ int socksize; -+ int socksizelen = sizeof(int); - - for (ai = la->addrs; ai; ai = ai->ai_next) { - if (ai->ai_family != AF_INET && ai->ai_family != AF_INET6) -@@ -1138,6 +1140,11 @@ - - debug("Bind to port %s on %s.", strport, ntop); - -+ getsockopt(listen_sock, SOL_SOCKET, SO_RCVBUF, -+ &socksize, &socksizelen); -+ debug("Server TCP RWIN socket size: %d", socksize); -+ debug("HPN Buffer Size: %d", options.hpn_buffer_size); -+ - /* Bind the socket to the desired port. */ - if (bind(listen_sock, ai->ai_addr, ai->ai_addrlen) == -1) { - error("Bind to port %s on %s failed: %.200s.", -@@ -1876,6 +1883,19 @@ - /* Fill in default values for those options not explicitly set. */ - fill_default_server_options(&options); - -+ if (options.none_enabled == 1) { -+ char *old_ciphers = options.ciphers; -+ xasprintf(&options.ciphers, "%s,none", old_ciphers); -+ free(old_ciphers); -+ -+ /* only enable the none MAC in context of the none cipher -cjr */ -+ if (options.nonemac_enabled == 1) { -+ char *old_macs = options.macs; -+ xasprintf(&options.macs, "%s,none", old_macs); -+ free(old_macs); -+ } -+ } -+ - /* Check that options are sensible */ - if (options.authorized_keys_command_user == NULL && - (options.authorized_keys_command != NULL && -@@ -2359,6 +2379,9 @@ - rdomain == NULL ? "" : "\""); - free(laddr); - -+ /* set the HPN options for the child */ -+ channel_set_hpn(options.hpn_disabled, options.hpn_buffer_size); -+ - /* - * We don't want to listen forever unless the other side - * successfully authenticates itself. So we set up an alarm which is -@@ -2471,6 +2494,25 @@ - /* Try to send all our hostkeys to the client */ - notify_hostkeys(ssh); - -+#ifdef WITH_OPENSSL -+ if (options.disable_multithreaded == 0) { -+ /* if we are using aes-ctr there can be issues in either a fork or sandbox -+ * so the initial aes-ctr is defined to point ot the original single process -+ * evp. After authentication we'll be past the fork and the sandboxed privsep -+ * so we repoint the define to the multithreaded evp. To start the threads we -+ * then force a rekey -+ */ -+ const void *cc = ssh_packet_get_send_context(the_active_state); -+ -+ /* only rekey if necessary. If we don't do this gcm mode cipher breaks */ -+ if (strstr(cipher_ctx_name(cc), "ctr")) { -+ debug("Single to Multithreaded CTR cipher swap - server request"); -+ cipher_reset_multithreaded(); -+ packet_request_rekeying(); -+ } -+ } -+#endif -+ - /* Start session. */ - do_authenticated(ssh, authctxt); - -@@ -2545,6 +2587,11 @@ - struct kex *kex; - int r; - -+ if (options.none_enabled == 1) -+ debug("WARNING: None cipher enabled"); -+ if (options.nonemac_enabled == 1) -+ debug("WARNING: None MAC enabled"); -+ - if (options.rekey_limit || options.rekey_interval) - ssh_packet_set_rekey_limits(ssh, options.rekey_limit, - options.rekey_interval); -diff -Nur openssh-9.3p1.orig/sshd_config openssh-9.3p1/sshd_config ---- openssh-9.3p1.orig/sshd_config 2023-06-26 17:56:58.813634926 +0200 -+++ openssh-9.3p1/sshd_config 2023-06-26 17:59:25.030037046 +0200 -@@ -127,6 +127,28 @@ - # override default of no subsystems - Subsystem sftp /usr/libexec/sftp-server - -+# the following are HPN related configuration options -+# tcp receive buffer polling. disable in non autotuning kernels -+#TcpRcvBufPoll yes -+ -+# disable hpn performance boosts -+#HPNDisabled no -+ -+# buffer size for hpn to non-hpn connections -+#HPNBufferSize 2048 -+ -+# allow the use of the none cipher -+#NoneEnabled no -+ -+# allow the use of the none MAC -+#NoneMacEnabled no -+ -+# Disable MT-AES-CTR cipher on server -+# * needed for GSI-OpenSSH 7.4p1 because it's broken on the server side there -+# * useful for modern processors with AES-NI instructions making the stock -+# AES-CTR cipher faster than the MT-AES-CTR cipher -+DisableMTAES yes -+ - # Example of overriding settings on a per-user basis - #Match User anoncvs - # X11Forwarding no -diff -Nur openssh-9.3p1.orig/version.h openssh-9.3p1/version.h ---- openssh-9.3p1.orig/version.h 2023-06-26 17:56:58.814634929 +0200 -+++ openssh-9.3p1/version.h 2023-06-26 17:59:25.031037049 +0200 -@@ -16,5 +16,6 @@ - - #define SSH_PORTABLE "p1" - #define GSI_PORTABLE "c-GSI" -+#define SSH_HPN "-hpn15v2" - #define SSH_RELEASE SSH_VERSION SSH_PORTABLE GSI_PORTABLE \ -- GSI_VERSION KRB5_VERSION -+ GSI_VERSION SSH_HPN KRB5_VERSION diff --git a/openssh-9.3p1-merged-openssl-evp.patch b/openssh-9.3p1-merged-openssl-evp.patch index 95d86c3..6a30485 100644 --- a/openssh-9.3p1-merged-openssl-evp.patch +++ b/openssh-9.3p1-merged-openssl-evp.patch @@ -659,15 +659,15 @@ diff --color -ru -x regress -x autom4te.cache -x '*.o' -x '*.lo' -x Makefile -x # ifdef OPENSSL_HAS_ECC # include # include -@@ -268,6 +271,10 @@ +@@ -266,6 +266,10 @@ const char *sshkey_ssh_name_plain(const struct sshkey *); - int sshkey_names_valid2(const char *, int); + int sshkey_names_valid2(const char *, int, int); char *sshkey_alg_list(int, int, int, char); +int sshkey_calculate_signature(EVP_PKEY*, int, u_char **, + int *, const u_char *, size_t); +int sshkey_verify_signature(EVP_PKEY *, int, const u_char *, + size_t, u_char *, int); - + int sshkey_from_blob(const u_char *, size_t, struct sshkey **); int sshkey_fromb(struct sshbuf *, struct sshkey **); @@ -324,6 +331,13 @@ @@ -695,11 +695,11 @@ diff --color -ru -x regress -x autom4te.cache -x '*.o' -x '*.lo' -x Makefile -x #if !defined(WITH_OPENSSL) # undef RSA # undef DSA -diff --color -ru -x regress -x autom4te.cache -x '*.o' -x '*.lo' -x Makefile -x config.status -x configure~ -x configure.ac openssh-9.3p1/ssh-pkcs11.c openssh-9.3p1-patched/ssh-pkcs11.c ---- openssh-9.3p1/ssh-pkcs11.c 2023-06-06 15:53:36.592443989 +0200 -+++ openssh-9.3p1-patched/ssh-pkcs11.c 2023-06-06 15:52:25.626551768 +0200 -@@ -777,8 +777,24 @@ - +diff --git a/ssh-pkcs11.c b/ssh-pkcs11.c +--- a/ssh-pkcs11.c (revision 8241b9c0529228b4b86d88b1a6076fb9f97e4a99) ++++ b/ssh-pkcs11.c (date 1703110934679) +@@ -620,8 +620,24 @@ + return (0); } + @@ -711,7 +711,7 @@ diff --color -ru -x regress -x autom4te.cache -x '*.o' -x '*.lo' -x Makefile -x + return 0; +} #endif /* OPENSSL_HAS_ECC && HAVE_EC_KEY_METHOD_NEW */ - + +int +is_rsa_pkcs11(RSA *rsa) +{ @@ -722,14 +722,14 @@ diff --color -ru -x regress -x autom4te.cache -x '*.o' -x '*.lo' -x Makefile -x + /* remove trailing spaces. Note, that this does NOT guarantee the buffer * will be null terminated if there are no trailing spaces! */ - static void -diff --color -ru -x regress -x autom4te.cache -x '*.o' -x '*.lo' -x Makefile -x config.status -x configure~ -x configure.ac openssh-9.3p1/ssh-pkcs11-client.c openssh-9.3p1-patched/ssh-pkcs11-client.c ---- openssh-9.3p1/ssh-pkcs11-client.c 2023-06-06 15:53:36.591443976 +0200 -+++ openssh-9.3p1-patched/ssh-pkcs11-client.c 2023-06-06 15:52:25.626551768 +0200 -@@ -225,8 +225,36 @@ - static RSA_METHOD *helper_rsa; - #if defined(OPENSSL_HAS_ECC) && defined(HAVE_EC_KEY_METHOD_NEW) - static EC_KEY_METHOD *helper_ecdsa; + static char * +diff --git a/ssh-pkcs11-client.c b/ssh-pkcs11-client.c +--- a/ssh-pkcs11-client.c (revision 8241b9c0529228b4b86d88b1a6076fb9f97e4a99) ++++ b/ssh-pkcs11-client.c (date 1703110830967) +@@ -402,8 +402,36 @@ + if (helper->nrsa == 0 && helper->nec == 0) + helper_terminate(helper); + } + +int +is_ecdsa_pkcs11(EC_KEY *ecdsa) @@ -744,8 +744,8 @@ diff --color -ru -x regress -x autom4te.cache -x '*.o' -x '*.lo' -x Makefile -x + return 1; + return 0; +} - #endif /* OPENSSL_HAS_ECC && HAVE_EC_KEY_METHOD_NEW */ - + #endif /* defined(OPENSSL_HAS_ECC) && defined(HAVE_EC_KEY_METHOD_NEW) */ + +int +is_rsa_pkcs11(RSA *rsa) +{ @@ -762,14 +762,15 @@ diff --color -ru -x regress -x autom4te.cache -x '*.o' -x '*.lo' -x Makefile -x + /* redirect private key crypto operations to the ssh-pkcs11-helper */ static void - wrap_key(struct sshkey *k) -diff --color -ru -x regress -x autom4te.cache -x '*.o' -x '*.lo' -x Makefile -x config.status -x configure~ -x configure.ac openssh-9.3p1/ssh-pkcs11.h openssh-9.3p1-patched/ssh-pkcs11.h ---- openssh-9.3p1/ssh-pkcs11.h 2023-06-06 15:53:36.592443989 +0200 -+++ openssh-9.3p1-patched/ssh-pkcs11.h 2023-06-06 15:52:25.626551768 +0200 -@@ -39,6 +39,11 @@ - u_int32_t *); - #endif - + wrap_key(struct helper *helper, struct sshkey *k) +diff --git a/ssh-pkcs11.h b/ssh-pkcs11.h +--- a/ssh-pkcs11.h (revision 8241b9c0529228b4b86d88b1a6076fb9f97e4a99) ++++ b/ssh-pkcs11.h (date 1703111023334) +@@ -38,6 +38,12 @@ + /* Only available in ssh-pkcs11-client.c so far */ + int pkcs11_make_cert(const struct sshkey *, + const struct sshkey *, struct sshkey **); ++ +#ifdef HAVE_EC_KEY_METHOD_NEW +int is_ecdsa_pkcs11(EC_KEY *ecdsa); +#endif diff --git a/openssh-9.3p1-openssl-compat.patch b/openssh-9.3p1-openssl-compat.patch deleted file mode 100644 index cf512ef..0000000 --- a/openssh-9.3p1-openssl-compat.patch +++ /dev/null @@ -1,40 +0,0 @@ ---- openssh-9.3p1/openbsd-compat/openssl-compat.c 2023-03-15 22:28:19.000000000 +0100 -+++ /home/dbelyavs/work/upstream/openssh-portable/openbsd-compat/openssl-compat.c 2023-05-25 14:19:42.870841944 +0200 -@@ -33,10 +33,10 @@ - - /* - * OpenSSL version numbers: MNNFFPPS: major minor fix patch status -- * We match major, minor, fix and status (not patch) for <1.0.0. -- * After that, we acceptable compatible fix versions (so we -- * allow 1.0.1 to work with 1.0.0). Going backwards is only allowed -- * within a patch series. -+ * Versions >=3 require only major versions to match. -+ * For versions <3, we accept compatible fix versions (so we allow 1.0.1 -+ * to work with 1.0.0). Going backwards is only allowed within a patch series. -+ * See https://www.openssl.org/policies/releasestrat.html - */ - - int -@@ -48,15 +48,17 @@ - if (headerver == libver) - return 1; - -- /* for versions < 1.0.0, major,minor,fix,status must match */ -- if (headerver < 0x1000000f) { -- mask = 0xfffff00fL; /* major,minor,fix,status */ -+ /* -+ * For versions >= 3.0, only the major and status must match. -+ */ -+ if (headerver >= 0x3000000f) { -+ mask = 0xf000000fL; /* major,status */ - return (headerver & mask) == (libver & mask); - } - - /* -- * For versions >= 1.0.0, major,minor,status must match and library -- * fix version must be equal to or newer than the header. -+ * For versions >= 1.0.0, but <3, major,minor,status must match and -+ * library fix version must be equal to or newer than the header. - */ - mask = 0xfff0000fL; /* major,minor,status */ - hfix = (headerver & 0x000ff000) >> 12; diff --git a/openssh-9.3p1-upstream-cve-2023-38408.patch b/openssh-9.3p1-upstream-cve-2023-38408.patch deleted file mode 100644 index e9ac2ae..0000000 --- a/openssh-9.3p1-upstream-cve-2023-38408.patch +++ /dev/null @@ -1,130 +0,0 @@ -diff --git a/ssh-agent.c b/ssh-agent.c -index 618bb198..8ea831f4 100644 -diff -up openssh-9.3p1/ssh-agent.c.cve openssh-9.3p1/ssh-agent.c ---- openssh-9.3p1/ssh-agent.c.cve 2023-07-21 15:38:13.237276580 +0200 -+++ openssh-9.3p1/ssh-agent.c 2023-07-21 15:41:30.269943569 +0200 -@@ -169,6 +169,12 @@ char socket_dir[PATH_MAX]; - /* Pattern-list of allowed PKCS#11/Security key paths */ - static char *allowed_providers; - -+/* -+ * Allows PKCS11 providers or SK keys that use non-internal providers to -+ * be added over a remote connection (identified by session-bind@openssh.com). -+ */ -+static int remote_add_provider; -+ - /* locking */ - #define LOCK_SIZE 32 - #define LOCK_SALT_SIZE 16 -@@ -1228,6 +1234,12 @@ process_add_identity(SocketEntry *e) - if (strcasecmp(sk_provider, "internal") == 0) { - debug_f("internal provider"); - } else { -+ if (e->nsession_ids != 0 && !remote_add_provider) { -+ verbose("failed add of SK provider \"%.100s\": " -+ "remote addition of providers is disabled", -+ sk_provider); -+ goto out; -+ } - if (realpath(sk_provider, canonical_provider) == NULL) { - verbose("failed provider \"%.100s\": " - "realpath: %s", sk_provider, -@@ -1368,7 +1380,7 @@ no_identities(SocketEntry *e) - - #ifdef ENABLE_PKCS11 - static char * --sanitize_pkcs11_provider(const char *provider) -+sanitize_pkcs11_provider(SocketEntry *e, const char *provider) - { - struct pkcs11_uri *uri = NULL; - char *sane_uri, *module_path = NULL; /* default path */ -@@ -1399,6 +1411,11 @@ sanitize_pkcs11_provider(const char *pro - module_path = strdup(provider); /* simple path */ - - if (module_path != NULL) { /* do not validate default NULL path in URI */ -+ if (e->nsession_ids != 0 && !remote_add_provider) { -+ verbose("failed PKCS#11 add of \"%.100s\": remote addition of " -+ "providers is disabled", provider); -+ return NULL; -+ } - if (realpath(module_path, canonical_provider) == NULL) { - verbose("failed PKCS#11 provider \"%.100s\": realpath: %s", - module_path, strerror(errno)); -@@ -1455,7 +1472,7 @@ process_add_smartcard_key(SocketEntry *e - goto send; - } - -- sane_uri = sanitize_pkcs11_provider(provider); -+ sane_uri = sanitize_pkcs11_provider(e, provider); - if (sane_uri == NULL) - goto send; - -@@ -1516,7 +1533,7 @@ process_remove_smartcard_key(SocketEntry - } - free(pin); - -- sane_uri = sanitize_pkcs11_provider(provider); -+ sane_uri = sanitize_pkcs11_provider(e, provider); - if (sane_uri == NULL) - goto send; - -@@ -2108,7 +2125,9 @@ main(int ac, char **av) - break; - case 'O': - if (strcmp(optarg, "no-restrict-websafe") == 0) -- restrict_websafe = 0; -+ restrict_websafe = 0; -+ else if (strcmp(optarg, "allow-remote-pkcs11") == 0) -+ remote_add_provider = 1; - else - fatal("Unknown -O option"); - break; -diff --git a/ssh-pkcs11.c b/ssh-pkcs11.c -index 6be647ec..ebddf6c3 100644 ---- a/ssh-pkcs11.c -+++ b/ssh-pkcs11.c -@@ -1537,10 +1537,8 @@ pkcs11_register_provider(char *provider_id, char *pin, - error("dlopen %s failed: %s", provider_module, dlerror()); - goto fail; - } -- if ((getfunctionlist = dlsym(handle, "C_GetFunctionList")) == NULL) { -- error("dlsym(C_GetFunctionList) failed: %s", dlerror()); -- goto fail; -- } -+ if ((getfunctionlist = dlsym(handle, "C_GetFunctionList")) == NULL) -+ fatal("dlsym(C_GetFunctionList) failed: %s", dlerror()); - - p->module->handle = handle; - /* setup the pkcs11 callbacks */ ---- a/ssh-agent.1 2023-03-15 22:28:19.000000000 +0100 -+++ b/ssh-agent.1 2023-07-19 21:39:17.981406432 +0200 -@@ -107,9 +107,27 @@ - .It Fl O Ar option - Specify an option when starting - .Nm . --Currently only one option is supported: -+Currently two options are supported: -+.Cm allow-remote-pkcs11 -+and - .Cm no-restrict-websafe . --This instructs -+.Pp -+The -+.Cm allow-remote-pkcs11 -+option allows clients of a forwarded -+.Nm -+to load PKCS#11 or FIDO provider libraries. -+By default only local clients may perform this operation. -+Note that signalling that a -+.Nm -+client remote is performed by -+.Xr ssh 1 , -+and use of other tools to forward access to the agent socket may circumvent -+this restriction. -+.Pp -+The -+.Cm no-restrict-websafe , -+instructs - .Nm - to permit signatures using FIDO keys that might be web authentication - requests. diff --git a/openssh-9.6p1-cve-2024-6387.patch b/openssh-9.6p1-cve-2024-6387.patch new file mode 100644 index 0000000..646cf7c --- /dev/null +++ b/openssh-9.6p1-cve-2024-6387.patch @@ -0,0 +1,35 @@ +diff --git a/log.c b/log.c +index 9fc1a2e2e..191ff4a5a 100644 +--- a/log.c ++++ b/log.c +@@ -451,12 +451,14 @@ void + sshsigdie(const char *file, const char *func, int line, int showfunc, + LogLevel level, const char *suffix, const char *fmt, ...) + { ++#ifdef SYSLOG_R_SAFE_IN_SIGHAND + va_list args; + + va_start(args, fmt); + sshlogv(file, func, line, showfunc, SYSLOG_LEVEL_FATAL, + suffix, fmt, args); + va_end(args); ++#endif + _exit(1); + } + +diff --git a/clientloop.c b/clientloop.c +index 8ec36af94..6dcd6c853 100644 +--- a/clientloop.c ++++ b/clientloop.c +@@ -608,8 +608,9 @@ obfuscate_keystroke_timing(struct ssh *ssh, struct timespec *timeout, + if (timespeccmp(&now, &chaff_until, >=)) { + /* Stop if there have been no keystrokes for a while */ + stop_reason = "chaff time expired"; +- } else if (timespeccmp(&now, &next_interval, >=)) { +- /* Otherwise if we were due to send, then send chaff */ ++ } else if (timespeccmp(&now, &next_interval, >=) && ++ !ssh_packet_have_data_to_write(ssh)) { ++ /* If due to send but have no data, then send chaff */ + if (send_chaff(ssh)) + nchaff++; + } diff --git a/openssh-9.3p1-gsissh.patch b/openssh-9.6p1-gsissh.patch similarity index 88% rename from openssh-9.3p1-gsissh.patch rename to openssh-9.6p1-gsissh.patch index acf160d..4929e40 100644 --- a/openssh-9.3p1-gsissh.patch +++ b/openssh-9.6p1-gsissh.patch @@ -1,7 +1,7 @@ -diff -Nur openssh-9.3p1.orig/auth2.c openssh-9.3p1/auth2.c ---- openssh-9.3p1.orig/auth2.c 2023-06-26 17:34:46.576956191 +0200 -+++ openssh-9.3p1/auth2.c 2023-06-26 17:36:05.807175554 +0200 -@@ -275,7 +275,28 @@ +diff -Nur openssh-9.6p1.orig/auth2.c openssh-9.6p1/auth2.c +--- openssh-9.6p1.orig/auth2.c 2024-07-06 07:19:36.958049782 +0200 ++++ openssh-9.6p1/auth2.c 2024-07-06 07:20:29.705200575 +0200 +@@ -286,7 +286,28 @@ (r = sshpkt_get_cstring(ssh, &service, NULL)) != 0 || (r = sshpkt_get_cstring(ssh, &method, NULL)) != 0) goto out; @@ -31,7 +31,7 @@ diff -Nur openssh-9.3p1.orig/auth2.c openssh-9.3p1/auth2.c debug("attempt %d failures %d", authctxt->attempt, authctxt->failures); #ifdef WITH_SELINUX -@@ -288,11 +309,33 @@ +@@ -299,11 +320,33 @@ if (authctxt->attempt >= 1024) auth_maxtries_exceeded(ssh); @@ -69,7 +69,7 @@ diff -Nur openssh-9.3p1.orig/auth2.c openssh-9.3p1/auth2.c authctxt->valid = 1; debug2_f("setting up authctxt for %s", user); } else { -@@ -300,6 +343,9 @@ +@@ -311,6 +354,9 @@ /* Invalid user, fake password information */ authctxt->pw = fakepw(); } @@ -79,7 +79,7 @@ diff -Nur openssh-9.3p1.orig/auth2.c openssh-9.3p1/auth2.c #ifdef USE_PAM if (options.use_pam) PRIVSEP(start_pam(ssh)); -@@ -308,6 +354,7 @@ +@@ -319,6 +365,7 @@ authctxt->valid ? "authenticating " : "invalid ", user); setproctitle("%s%s", authctxt->valid ? user : "unknown", use_privsep ? " [net]" : ""); @@ -87,7 +87,7 @@ diff -Nur openssh-9.3p1.orig/auth2.c openssh-9.3p1/auth2.c authctxt->service = xstrdup(service); authctxt->style = style ? xstrdup(style) : NULL; #ifdef WITH_SELINUX -@@ -323,9 +370,10 @@ +@@ -336,9 +383,10 @@ if (auth2_setup_methods_lists(authctxt) != 0) ssh_packet_disconnect(ssh, "no authentication methods enabled"); @@ -101,10 +101,10 @@ diff -Nur openssh-9.3p1.orig/auth2.c openssh-9.3p1/auth2.c "not allowed: (%s,%s) -> (%s,%s)", authctxt->user, authctxt->service, user, service); } -diff -Nur openssh-9.3p1.orig/auth2-gss.c openssh-9.3p1/auth2-gss.c ---- openssh-9.3p1.orig/auth2-gss.c 2023-06-26 17:34:46.462955875 +0200 -+++ openssh-9.3p1/auth2-gss.c 2023-06-26 17:36:05.808175557 +0200 -@@ -50,6 +50,7 @@ +diff -Nur openssh-9.6p1.orig/auth2-gss.c openssh-9.6p1/auth2-gss.c +--- openssh-9.6p1.orig/auth2-gss.c 2024-07-06 07:19:36.850049473 +0200 ++++ openssh-9.6p1/auth2-gss.c 2024-07-06 07:20:29.705200575 +0200 +@@ -52,6 +52,7 @@ extern ServerOptions options; @@ -112,7 +112,7 @@ diff -Nur openssh-9.3p1.orig/auth2-gss.c openssh-9.3p1/auth2-gss.c static int input_gssapi_token(int type, u_int32_t plen, struct ssh *ssh); static int input_gssapi_mic(int type, u_int32_t plen, struct ssh *ssh); static int input_gssapi_exchange_complete(int type, u_int32_t plen, struct ssh *ssh); -@@ -63,8 +64,8 @@ +@@ -65,8 +66,8 @@ { Authctxt *authctxt = ssh->authctxt; int r, authenticated = 0; @@ -123,7 +123,7 @@ diff -Nur openssh-9.3p1.orig/auth2-gss.c openssh-9.3p1/auth2-gss.c u_char *p; size_t len; -@@ -75,6 +76,9 @@ +@@ -77,6 +78,9 @@ if ((b = sshbuf_new()) == NULL) fatal_f("sshbuf_new failed"); @@ -133,7 +133,7 @@ diff -Nur openssh-9.3p1.orig/auth2-gss.c openssh-9.3p1/auth2-gss.c mic.value = p; mic.length = len; -@@ -85,13 +89,29 @@ +@@ -87,13 +91,29 @@ fatal_f("sshbuf_mutable_ptr failed"); gssbuf.length = sshbuf_len(b); @@ -166,7 +166,7 @@ diff -Nur openssh-9.3p1.orig/auth2-gss.c openssh-9.3p1/auth2-gss.c free(mic.value); return (authenticated); -@@ -146,7 +166,9 @@ +@@ -152,7 +172,9 @@ return (0); } @@ -177,7 +177,7 @@ diff -Nur openssh-9.3p1.orig/auth2-gss.c openssh-9.3p1/auth2-gss.c debug2_f("disabled because of invalid user"); free(doid); return (0); -@@ -184,7 +206,7 @@ +@@ -190,7 +212,7 @@ Gssctxt *gssctxt; gss_buffer_desc send_tok = GSS_C_EMPTY_BUFFER; gss_buffer_desc recv_tok; @@ -186,7 +186,7 @@ diff -Nur openssh-9.3p1.orig/auth2-gss.c openssh-9.3p1/auth2-gss.c u_char *p; size_t len; int r; -@@ -205,6 +227,7 @@ +@@ -211,6 +233,7 @@ free(p); if (GSS_ERROR(maj_status)) { @@ -194,7 +194,7 @@ diff -Nur openssh-9.3p1.orig/auth2-gss.c openssh-9.3p1/auth2-gss.c if (send_tok.length != 0) { if ((r = sshpkt_start(ssh, SSH2_MSG_USERAUTH_GSSAPI_ERRTOK)) != 0 || -@@ -279,6 +302,34 @@ +@@ -285,6 +308,34 @@ return 0; } @@ -229,7 +229,7 @@ diff -Nur openssh-9.3p1.orig/auth2-gss.c openssh-9.3p1/auth2-gss.c /* * This is called when the client thinks we've completed authentication. * It should only be enabled in the dispatch handler by the function above, -@@ -289,12 +340,14 @@ +@@ -295,12 +346,14 @@ input_gssapi_exchange_complete(int type, u_int32_t plen, struct ssh *ssh) { Authctxt *authctxt = ssh->authctxt; @@ -245,7 +245,7 @@ diff -Nur openssh-9.3p1.orig/auth2-gss.c openssh-9.3p1/auth2-gss.c /* * We don't need to check the status, because we're only enabled in * the dispatcher once the exchange is complete -@@ -303,8 +356,11 @@ +@@ -309,8 +362,11 @@ if ((r = sshpkt_get_end(ssh)) != 0) fatal_fr(r, "parse packet"); @@ -259,7 +259,7 @@ diff -Nur openssh-9.3p1.orig/auth2-gss.c openssh-9.3p1/auth2-gss.c if ((!use_privsep || mm_is_monitor()) && (displayname = ssh_gssapi_displayname()) != NULL) -@@ -356,11 +412,17 @@ +@@ -362,11 +418,17 @@ fatal_f("sshbuf_mutable_ptr failed"); gssbuf.length = sshbuf_len(b); @@ -281,7 +281,7 @@ diff -Nur openssh-9.3p1.orig/auth2-gss.c openssh-9.3p1/auth2-gss.c sshbuf_free(b); if (micuser != authctxt->user) -@@ -380,6 +442,26 @@ +@@ -386,6 +448,26 @@ return 0; } @@ -308,9 +308,9 @@ diff -Nur openssh-9.3p1.orig/auth2-gss.c openssh-9.3p1/auth2-gss.c Authmethod method_gsskeyex = { "gssapi-keyex", NULL, -diff -Nur openssh-9.3p1.orig/auth.c openssh-9.3p1/auth.c ---- openssh-9.3p1.orig/auth.c 2023-06-26 17:34:46.577956193 +0200 -+++ openssh-9.3p1/auth.c 2023-06-26 17:36:05.808175557 +0200 +diff -Nur openssh-9.6p1.orig/auth.c openssh-9.6p1/auth.c +--- openssh-9.6p1.orig/auth.c 2024-07-06 07:19:36.958049782 +0200 ++++ openssh-9.6p1/auth.c 2024-07-06 07:20:29.706200578 +0200 @@ -299,7 +299,8 @@ method, submethod != NULL ? "/" : "", submethod == NULL ? "" : submethod, @@ -341,9 +341,9 @@ diff -Nur openssh-9.3p1.orig/auth.c openssh-9.3p1/auth.c #ifdef CUSTOM_FAILED_LOGIN record_failed_login(ssh, user, auth_get_canonical_hostname(ssh, options.use_dns), "ssh"); -diff -Nur openssh-9.3p1.orig/auth.h openssh-9.3p1/auth.h ---- openssh-9.3p1.orig/auth.h 2023-06-26 17:34:46.578956196 +0200 -+++ openssh-9.3p1/auth.h 2023-06-26 17:36:05.809175560 +0200 +diff -Nur openssh-9.6p1.orig/auth.h openssh-9.6p1/auth.h +--- openssh-9.6p1.orig/auth.h 2024-07-06 07:19:36.959049785 +0200 ++++ openssh-9.6p1/auth.h 2024-07-06 07:20:29.706200578 +0200 @@ -85,6 +85,8 @@ krb5_principal krb5_user; char *krb5_ticket_file; @@ -353,9 +353,9 @@ diff -Nur openssh-9.3p1.orig/auth.h openssh-9.3p1/auth.h int krb5_set_env; #endif struct sshbuf *loginmsg; -diff -Nur openssh-9.3p1.orig/auth-pam.c openssh-9.3p1/auth-pam.c ---- openssh-9.3p1.orig/auth-pam.c 2023-06-26 17:34:46.562956152 +0200 -+++ openssh-9.3p1/auth-pam.c 2023-06-26 17:45:46.130781404 +0200 +diff -Nur openssh-9.6p1.orig/auth-pam.c openssh-9.6p1/auth-pam.c +--- openssh-9.6p1.orig/auth-pam.c 2024-07-06 07:19:36.944049742 +0200 ++++ openssh-9.6p1/auth-pam.c 2024-07-06 07:20:29.707200580 +0200 @@ -252,6 +252,7 @@ static const char *sshpam_password = NULL; static char *sshpam_rhost = NULL; @@ -487,7 +487,7 @@ diff -Nur openssh-9.3p1.orig/auth-pam.c openssh-9.3p1/auth-pam.c } if (sshpam_rhost != NULL) { debug("PAM: setting PAM_RHOST to \"%s\"", sshpam_rhost); -@@ -1094,6 +1174,18 @@ +@@ -1096,6 +1176,18 @@ debug3("PAM: %s pam_acct_mgmt = %d (%s)", __func__, sshpam_err, pam_strerror(sshpam_handle, sshpam_err)); @@ -506,7 +506,7 @@ diff -Nur openssh-9.3p1.orig/auth-pam.c openssh-9.3p1/auth-pam.c if (sshpam_err != PAM_SUCCESS && sshpam_err != PAM_NEW_AUTHTOK_REQD) { sshpam_account_status = 0; return (sshpam_account_status); -@@ -1382,6 +1474,9 @@ +@@ -1384,6 +1476,9 @@ pam_strerror(sshpam_handle, sshpam_err)); sshpam_err = pam_authenticate(sshpam_handle, flags); @@ -516,9 +516,9 @@ diff -Nur openssh-9.3p1.orig/auth-pam.c openssh-9.3p1/auth-pam.c sshpam_password = NULL; free(fake); if (sshpam_err == PAM_MAXTRIES) -diff -Nur openssh-9.3p1.orig/auth-pam.h openssh-9.3p1/auth-pam.h ---- openssh-9.3p1.orig/auth-pam.h 2023-06-26 17:34:46.430955786 +0200 -+++ openssh-9.3p1/auth-pam.h 2023-06-26 17:36:05.812175568 +0200 +diff -Nur openssh-9.6p1.orig/auth-pam.h openssh-9.6p1/auth-pam.h +--- openssh-9.6p1.orig/auth-pam.h 2024-07-06 07:19:36.818049382 +0200 ++++ openssh-9.6p1/auth-pam.h 2024-07-06 07:20:29.708200583 +0200 @@ -43,5 +43,6 @@ int sshpam_get_maxtries_reached(void); void sshpam_set_maxtries_reached(int); @@ -526,9 +526,9 @@ diff -Nur openssh-9.3p1.orig/auth-pam.h openssh-9.3p1/auth-pam.h +struct passwd *sshpam_getpw(const char *); #endif /* USE_PAM */ -diff -Nur openssh-9.3p1.orig/canohost.c openssh-9.3p1/canohost.c ---- openssh-9.3p1.orig/canohost.c 2023-06-26 17:34:46.463955878 +0200 -+++ openssh-9.3p1/canohost.c 2023-06-26 17:36:05.812175568 +0200 +diff -Nur openssh-9.6p1.orig/canohost.c openssh-9.6p1/canohost.c +--- openssh-9.6p1.orig/canohost.c 2024-07-06 07:19:36.850049473 +0200 ++++ openssh-9.6p1/canohost.c 2024-07-06 07:20:29.708200583 +0200 @@ -17,6 +17,7 @@ #include #include @@ -537,7 +537,7 @@ diff -Nur openssh-9.3p1.orig/canohost.c openssh-9.3p1/canohost.c #include #include -@@ -298,3 +299,33 @@ +@@ -300,3 +301,33 @@ { return get_sock_port(sock, 1); } @@ -571,9 +571,9 @@ diff -Nur openssh-9.3p1.orig/canohost.c openssh-9.3p1/canohost.c + } + } +} -diff -Nur openssh-9.3p1.orig/canohost.h openssh-9.3p1/canohost.h ---- openssh-9.3p1.orig/canohost.h 2023-06-26 17:34:46.463955878 +0200 -+++ openssh-9.3p1/canohost.h 2023-06-26 17:36:05.813175570 +0200 +diff -Nur openssh-9.6p1.orig/canohost.h openssh-9.6p1/canohost.h +--- openssh-9.6p1.orig/canohost.h 2024-07-06 07:19:36.850049473 +0200 ++++ openssh-9.6p1/canohost.h 2024-07-06 07:20:29.709200586 +0200 @@ -26,4 +26,6 @@ #endif /* _CANOHOST_H */ @@ -581,10 +581,10 @@ diff -Nur openssh-9.3p1.orig/canohost.h openssh-9.3p1/canohost.h +void resolve_localhost(char **host); + void ipv64_normalise_mapped(struct sockaddr_storage *, socklen_t *); -diff -Nur openssh-9.3p1.orig/configure.ac openssh-9.3p1/configure.ac ---- openssh-9.3p1.orig/configure.ac 2023-06-26 17:34:46.553956127 +0200 -+++ openssh-9.3p1/configure.ac 2023-06-26 17:36:05.814175573 +0200 -@@ -4858,6 +4858,14 @@ +diff -Nur openssh-9.6p1.orig/configure.ac openssh-9.6p1/configure.ac +--- openssh-9.6p1.orig/configure.ac 2024-07-06 07:19:36.936049719 +0200 ++++ openssh-9.6p1/configure.ac 2024-07-06 07:20:29.710200589 +0200 +@@ -4865,6 +4865,14 @@ AC_CHECK_HEADER([gssapi_krb5.h], , [ CPPFLAGS="$oldCPP" ]) @@ -599,9 +599,9 @@ diff -Nur openssh-9.3p1.orig/configure.ac openssh-9.3p1/configure.ac fi fi if test -n "${rpath_opt}" ; then -@@ -4899,6 +4907,40 @@ - AC_SUBST([K5LIBS]) - AC_SUBST([CHANNELLIBS]) +@@ -4930,6 +4938,40 @@ + ) + +# Check whether the user wants GSI (Globus) support +gsi="no" @@ -637,12 +637,12 @@ diff -Nur openssh-9.3p1.orig/configure.ac openssh-9.3p1/configure.ac + AC_CHECK_FUNCS(globus_gss_assist_map_and_authorize) +fi + - # Check whether user wants systemd support - SYSTEMD_MSG="no" - AC_ARG_WITH(systemd, -diff -Nur openssh-9.3p1.orig/gss-genr.c openssh-9.3p1/gss-genr.c ---- openssh-9.3p1.orig/gss-genr.c 2023-06-26 17:34:46.623956321 +0200 -+++ openssh-9.3p1/gss-genr.c 2023-06-26 17:36:05.815175576 +0200 + # Looking for programs, paths and files + + PRIVSEP_PATH=/var/empty +diff -Nur openssh-9.6p1.orig/gss-genr.c openssh-9.6p1/gss-genr.c +--- openssh-9.6p1.orig/gss-genr.c 2024-07-06 07:19:37.001049905 +0200 ++++ openssh-9.6p1/gss-genr.c 2024-07-06 07:20:29.711200592 +0200 @@ -41,6 +41,7 @@ #include "ssherr.h" #include "sshbuf.h" @@ -679,9 +679,9 @@ diff -Nur openssh-9.3p1.orig/gss-genr.c openssh-9.3p1/gss-genr.c free(gssbuf.value); return (ctx->major); } -diff -Nur openssh-9.3p1.orig/gss-serv.c openssh-9.3p1/gss-serv.c ---- openssh-9.3p1.orig/gss-serv.c 2023-06-26 17:34:46.483955933 +0200 -+++ openssh-9.3p1/gss-serv.c 2023-06-26 17:36:05.816175578 +0200 +diff -Nur openssh-9.6p1.orig/gss-serv.c openssh-9.6p1/gss-serv.c +--- openssh-9.6p1.orig/gss-serv.c 2024-07-06 07:19:36.870049530 +0200 ++++ openssh-9.6p1/gss-serv.c 2024-07-06 07:20:29.712200595 +0200 @@ -50,10 +50,12 @@ #include "monitor_wrap.h" @@ -962,9 +962,9 @@ diff -Nur openssh-9.3p1.orig/gss-serv.c openssh-9.3p1/gss-serv.c xasprintf(&envstr, "%s=%s", gssapi_client.store.envvar, gssapi_client.store.envval); -diff -Nur openssh-9.3p1.orig/gss-serv-gsi.c openssh-9.3p1/gss-serv-gsi.c ---- openssh-9.3p1.orig/gss-serv-gsi.c 1970-01-01 01:00:00.000000000 +0100 -+++ openssh-9.3p1/gss-serv-gsi.c 2023-06-26 17:36:05.816175578 +0200 +diff -Nur openssh-9.6p1.orig/gss-serv-gsi.c openssh-9.6p1/gss-serv-gsi.c +--- openssh-9.6p1.orig/gss-serv-gsi.c 1970-01-01 01:00:00.000000000 +0100 ++++ openssh-9.6p1/gss-serv-gsi.c 2024-07-06 07:20:29.712200595 +0200 @@ -0,0 +1,328 @@ +/* + * Copyright (c) 2001-2003 Simon Wilkinson. All rights reserved. @@ -1294,9 +1294,9 @@ diff -Nur openssh-9.3p1.orig/gss-serv-gsi.c openssh-9.3p1/gss-serv-gsi.c + +#endif /* GSI */ +#endif /* GSSAPI */ -diff -Nur openssh-9.3p1.orig/gss-serv-krb5.c openssh-9.3p1/gss-serv-krb5.c ---- openssh-9.3p1.orig/gss-serv-krb5.c 2023-06-26 17:34:46.506955997 +0200 -+++ openssh-9.3p1/gss-serv-krb5.c 2023-06-26 17:36:05.817175581 +0200 +diff -Nur openssh-9.6p1.orig/gss-serv-krb5.c openssh-9.6p1/gss-serv-krb5.c +--- openssh-9.6p1.orig/gss-serv-krb5.c 2024-07-06 07:19:36.892049593 +0200 ++++ openssh-9.6p1/gss-serv-krb5.c 2024-07-06 07:20:29.713200598 +0200 @@ -379,6 +379,34 @@ return found_principal; } @@ -1350,9 +1350,9 @@ diff -Nur openssh-9.3p1.orig/gss-serv-krb5.c openssh-9.3p1/gss-serv-krb5.c &ssh_gssapi_krb5_storecreds, &ssh_gssapi_krb5_updatecreds }; -diff -Nur openssh-9.3p1.orig/kexgsss.c openssh-9.3p1/kexgsss.c ---- openssh-9.3p1.orig/kexgsss.c 2023-06-26 17:34:46.634956351 +0200 -+++ openssh-9.3p1/kexgsss.c 2023-06-26 17:36:05.817175581 +0200 +diff -Nur openssh-9.6p1.orig/kexgsss.c openssh-9.6p1/kexgsss.c +--- openssh-9.6p1.orig/kexgsss.c 2024-07-06 07:19:36.855049488 +0200 ++++ openssh-9.6p1/kexgsss.c 2024-07-06 07:20:29.713200598 +0200 @@ -48,6 +48,7 @@ #include "digest.h" #include "ssherr.h" @@ -1416,9 +1416,9 @@ diff -Nur openssh-9.3p1.orig/kexgsss.c openssh-9.3p1/kexgsss.c + } +} #endif /* defined(GSSAPI) && defined(WITH_OPENSSL) */ -diff -Nur openssh-9.3p1.orig/Makefile.in openssh-9.3p1/Makefile.in ---- openssh-9.3p1.orig/Makefile.in 2023-06-26 17:34:46.580956202 +0200 -+++ openssh-9.3p1/Makefile.in 2023-06-26 17:36:05.818175584 +0200 +diff -Nur openssh-9.6p1.orig/Makefile.in openssh-9.6p1/Makefile.in +--- openssh-9.6p1.orig/Makefile.in 2024-07-06 07:19:36.961049790 +0200 ++++ openssh-9.6p1/Makefile.in 2024-07-06 07:20:29.713200598 +0200 @@ -130,6 +130,7 @@ auth2-none.o auth2-passwd.o auth2-pubkey.o auth2-pubkeyfile.o \ monitor.o monitor_wrap.o auth-krb5.o \ @@ -1427,10 +1427,10 @@ diff -Nur openssh-9.3p1.orig/Makefile.in openssh-9.3p1/Makefile.in loginrec.o auth-pam.o auth-shadow.o auth-sia.o \ srclimit.o sftp-server.o sftp-common.o \ sandbox-null.o sandbox-rlimit.o sandbox-systrace.o sandbox-darwin.o \ -diff -Nur openssh-9.3p1.orig/misc.c openssh-9.3p1/misc.c ---- openssh-9.3p1.orig/misc.c 2023-06-26 17:34:46.625956326 +0200 -+++ openssh-9.3p1/misc.c 2023-06-26 17:36:05.819175586 +0200 -@@ -393,11 +393,14 @@ +diff -Nur openssh-9.6p1.orig/misc.c openssh-9.6p1/misc.c +--- openssh-9.6p1.orig/misc.c 2024-07-06 07:19:37.002049908 +0200 ++++ openssh-9.6p1/misc.c 2024-07-06 07:20:29.714200600 +0200 +@@ -419,11 +419,14 @@ #define WHITESPACE " \t\r\n" #define QUOTE "\"" @@ -1446,7 +1446,7 @@ diff -Nur openssh-9.3p1.orig/misc.c openssh-9.3p1/misc.c int wspace = 0; if (*s == NULL) -@@ -405,6 +408,21 @@ +@@ -431,6 +434,21 @@ old = *s; @@ -1468,7 +1468,7 @@ diff -Nur openssh-9.3p1.orig/misc.c openssh-9.3p1/misc.c *s = strpbrk(*s, split_equals ? WHITESPACE QUOTE "=" : WHITESPACE QUOTE); if (*s == NULL) -@@ -480,6 +498,20 @@ +@@ -506,6 +524,20 @@ return copy; } @@ -1489,10 +1489,10 @@ diff -Nur openssh-9.3p1.orig/misc.c openssh-9.3p1/misc.c /* * Convert ASCII string to TCP/IP port number. * Port must be >=0 and <=65535. -diff -Nur openssh-9.3p1.orig/misc.h openssh-9.3p1/misc.h ---- openssh-9.3p1.orig/misc.h 2023-06-26 17:34:46.526956052 +0200 -+++ openssh-9.3p1/misc.h 2023-06-26 17:36:05.820175589 +0200 -@@ -100,6 +100,7 @@ +diff -Nur openssh-9.6p1.orig/misc.h openssh-9.6p1/misc.h +--- openssh-9.6p1.orig/misc.h 2024-07-06 07:19:36.911049648 +0200 ++++ openssh-9.6p1/misc.h 2024-07-06 07:20:29.715200603 +0200 +@@ -103,6 +103,7 @@ void sock_set_v6only(int); struct passwd *pwcopy(struct passwd *); @@ -1500,10 +1500,10 @@ diff -Nur openssh-9.3p1.orig/misc.h openssh-9.3p1/misc.h const char *ssh_gai_strerror(int); typedef void privdrop_fn(struct passwd *); -diff -Nur openssh-9.3p1.orig/monitor.c openssh-9.3p1/monitor.c ---- openssh-9.3p1.orig/monitor.c 2023-06-26 17:34:46.625956326 +0200 -+++ openssh-9.3p1/monitor.c 2023-06-26 17:36:05.821175592 +0200 -@@ -152,6 +152,9 @@ +diff -Nur openssh-9.6p1.orig/monitor.c openssh-9.6p1/monitor.c +--- openssh-9.6p1.orig/monitor.c 2024-07-06 07:19:37.002049908 +0200 ++++ openssh-9.6p1/monitor.c 2024-07-06 07:20:29.716200606 +0200 +@@ -149,6 +149,9 @@ int mm_answer_gss_userok(struct ssh *, int, struct sshbuf *); int mm_answer_gss_checkmic(struct ssh *, int, struct sshbuf *); int mm_answer_gss_sign(struct ssh *, int, struct sshbuf *); @@ -1513,7 +1513,7 @@ diff -Nur openssh-9.3p1.orig/monitor.c openssh-9.3p1/monitor.c int mm_answer_gss_updatecreds(struct ssh *, int, struct sshbuf *); #endif -@@ -204,7 +207,7 @@ +@@ -201,7 +204,7 @@ {MONITOR_REQ_MODULI, MON_ONCE, mm_answer_moduli}, #endif {MONITOR_REQ_SIGN, MON_ONCE, mm_answer_sign}, @@ -1522,7 +1522,7 @@ diff -Nur openssh-9.3p1.orig/monitor.c openssh-9.3p1/monitor.c {MONITOR_REQ_AUTHSERV, MON_ONCE, mm_answer_authserv}, #ifdef WITH_SELINUX {MONITOR_REQ_AUTHROLE, MON_ONCE, mm_answer_authrole}, -@@ -212,7 +215,7 @@ +@@ -209,7 +212,7 @@ {MONITOR_REQ_AUTH2_READ_BANNER, MON_ONCE, mm_answer_auth2_read_banner}, {MONITOR_REQ_AUTHPASSWORD, MON_AUTH, mm_answer_authpassword}, #ifdef USE_PAM @@ -1531,7 +1531,7 @@ diff -Nur openssh-9.3p1.orig/monitor.c openssh-9.3p1/monitor.c {MONITOR_REQ_PAM_ACCOUNT, 0, mm_answer_pam_account}, {MONITOR_REQ_PAM_INIT_CTX, MON_ONCE, mm_answer_pam_init_ctx}, {MONITOR_REQ_PAM_QUERY, 0, mm_answer_pam_query}, -@@ -236,8 +239,11 @@ +@@ -233,8 +236,11 @@ {MONITOR_REQ_GSSSETUP, MON_ISAUTH, mm_answer_gss_setup_ctx}, {MONITOR_REQ_GSSSTEP, 0, mm_answer_gss_accept_ctx}, {MONITOR_REQ_GSSUSEROK, MON_ONCE|MON_AUTHDECIDE, mm_answer_gss_userok}, @@ -1544,7 +1544,7 @@ diff -Nur openssh-9.3p1.orig/monitor.c openssh-9.3p1/monitor.c #endif {0, 0, NULL} }; -@@ -247,6 +253,8 @@ +@@ -244,6 +250,8 @@ {MONITOR_REQ_GSSSETUP, 0, mm_answer_gss_setup_ctx}, {MONITOR_REQ_GSSSTEP, 0, mm_answer_gss_accept_ctx}, {MONITOR_REQ_GSSSIGN, 0, mm_answer_gss_sign}, @@ -1553,7 +1553,7 @@ diff -Nur openssh-9.3p1.orig/monitor.c openssh-9.3p1/monitor.c {MONITOR_REQ_GSSUPCREDS, 0, mm_answer_gss_updatecreds}, #endif #ifdef WITH_OPENSSL -@@ -327,6 +335,8 @@ +@@ -324,6 +332,8 @@ #ifdef GSSAPI /* and for the GSSAPI key exchange */ monitor_permit(mon_dispatch, MONITOR_REQ_GSSSETUP, 1); @@ -1562,7 +1562,7 @@ diff -Nur openssh-9.3p1.orig/monitor.c openssh-9.3p1/monitor.c #endif /* The first few requests do not require asynchronous access */ -@@ -451,6 +461,8 @@ +@@ -453,6 +463,8 @@ #ifdef GSSAPI /* and for the GSSAPI key exchange */ monitor_permit(mon_dispatch, MONITOR_REQ_GSSSETUP, 1); @@ -1571,7 +1571,7 @@ diff -Nur openssh-9.3p1.orig/monitor.c openssh-9.3p1/monitor.c #endif if (auth_opts->permit_pty_flag) { -@@ -779,14 +791,17 @@ +@@ -781,14 +793,17 @@ debug3_f("entering"); @@ -1592,7 +1592,7 @@ diff -Nur openssh-9.3p1.orig/monitor.c openssh-9.3p1/monitor.c setproctitle("%s [priv]", pwent ? authctxt->user : "unknown"); sshbuf_reset(m); -@@ -2142,6 +2157,79 @@ +@@ -2144,6 +2159,79 @@ } int @@ -1672,9 +1672,9 @@ diff -Nur openssh-9.3p1.orig/monitor.c openssh-9.3p1/monitor.c mm_answer_gss_sign(struct ssh *ssh, int socket, struct sshbuf *m) { gss_buffer_desc data; -diff -Nur openssh-9.3p1.orig/monitor.h openssh-9.3p1/monitor.h ---- openssh-9.3p1.orig/monitor.h 2023-06-26 17:34:46.581956204 +0200 -+++ openssh-9.3p1/monitor.h 2023-06-26 17:36:05.821175592 +0200 +diff -Nur openssh-9.6p1.orig/monitor.h openssh-9.6p1/monitor.h +--- openssh-9.6p1.orig/monitor.h 2024-07-06 07:19:36.962049793 +0200 ++++ openssh-9.6p1/monitor.h 2024-07-06 07:20:29.716200606 +0200 @@ -75,6 +75,10 @@ MONITOR_REQ_GSSSIGN = 150, MONITOR_ANS_GSSSIGN = 151, @@ -1686,10 +1686,10 @@ diff -Nur openssh-9.3p1.orig/monitor.h openssh-9.3p1/monitor.h }; struct ssh; -diff -Nur openssh-9.3p1.orig/monitor_wrap.c openssh-9.3p1/monitor_wrap.c ---- openssh-9.3p1.orig/monitor_wrap.c 2023-06-26 17:34:46.626956329 +0200 -+++ openssh-9.3p1/monitor_wrap.c 2023-06-26 17:36:05.822175594 +0200 -@@ -1085,6 +1085,94 @@ +diff -Nur openssh-9.6p1.orig/monitor_wrap.c openssh-9.6p1/monitor_wrap.c +--- openssh-9.6p1.orig/monitor_wrap.c 2024-07-06 07:19:36.968049810 +0200 ++++ openssh-9.6p1/monitor_wrap.c 2024-07-06 07:20:29.716200606 +0200 +@@ -1083,6 +1083,94 @@ return (authenticated); } @@ -1784,9 +1784,9 @@ diff -Nur openssh-9.3p1.orig/monitor_wrap.c openssh-9.3p1/monitor_wrap.c OM_uint32 mm_ssh_gssapi_sign(Gssctxt *ctx, gss_buffer_desc *data, gss_buffer_desc *hash) { -diff -Nur openssh-9.3p1.orig/monitor_wrap.h openssh-9.3p1/monitor_wrap.h ---- openssh-9.3p1.orig/monitor_wrap.h 2023-06-26 17:34:46.588956224 +0200 -+++ openssh-9.3p1/monitor_wrap.h 2023-06-26 17:36:05.823175597 +0200 +diff -Nur openssh-9.6p1.orig/monitor_wrap.h openssh-9.6p1/monitor_wrap.h +--- openssh-9.6p1.orig/monitor_wrap.h 2024-07-06 07:19:36.968049810 +0200 ++++ openssh-9.6p1/monitor_wrap.h 2024-07-06 07:20:29.717200609 +0200 @@ -73,6 +73,10 @@ int mm_ssh_gssapi_userok(char *user, struct passwd *, int kex); OM_uint32 mm_ssh_gssapi_checkmic(Gssctxt *, gss_buffer_t, gss_buffer_t); @@ -1798,10 +1798,10 @@ diff -Nur openssh-9.3p1.orig/monitor_wrap.h openssh-9.3p1/monitor_wrap.h int mm_ssh_gssapi_update_creds(ssh_gssapi_ccache *); #endif -diff -Nur openssh-9.3p1.orig/readconf.c openssh-9.3p1/readconf.c ---- openssh-9.3p1.orig/readconf.c 2023-06-26 17:34:46.627956332 +0200 -+++ openssh-9.3p1/readconf.c 2023-06-26 17:36:05.824175600 +0200 -@@ -2554,11 +2554,11 @@ +diff -Nur openssh-9.6p1.orig/readconf.c openssh-9.6p1/readconf.c +--- openssh-9.6p1.orig/readconf.c 2024-07-06 07:19:37.004049913 +0200 ++++ openssh-9.6p1/readconf.c 2024-07-06 07:20:29.718200612 +0200 +@@ -2723,11 +2723,11 @@ if (options->pubkey_authentication == -1) options->pubkey_authentication = SSH_PUBKEY_AUTH_ALL; if (options->gss_authentication == -1) @@ -1816,10 +1816,10 @@ diff -Nur openssh-9.3p1.orig/readconf.c openssh-9.3p1/readconf.c if (options->gss_trust_dns == -1) options->gss_trust_dns = 0; if (options->gss_renewal_rekey == -1) -diff -Nur openssh-9.3p1.orig/readconf.h openssh-9.3p1/readconf.h ---- openssh-9.3p1.orig/readconf.h 2023-06-26 17:34:46.470955897 +0200 -+++ openssh-9.3p1/readconf.h 2023-06-26 17:36:05.825175603 +0200 -@@ -79,6 +79,8 @@ +diff -Nur openssh-9.6p1.orig/readconf.h openssh-9.6p1/readconf.h +--- openssh-9.6p1.orig/readconf.h 2024-07-06 07:19:36.858049496 +0200 ++++ openssh-9.6p1/readconf.h 2024-07-06 07:20:29.718200612 +0200 +@@ -80,6 +80,8 @@ char *host_key_alias; /* hostname alias for .ssh/known_hosts */ char *proxy_command; /* Proxy command for connecting the host. */ char *user; /* User to log in as. */ @@ -1828,10 +1828,10 @@ diff -Nur openssh-9.3p1.orig/readconf.h openssh-9.3p1/readconf.h int escape_char; /* Escape character; -2 = none */ u_int num_system_hostfiles; /* Paths for /etc/ssh/ssh_known_hosts */ -diff -Nur openssh-9.3p1.orig/servconf.c openssh-9.3p1/servconf.c ---- openssh-9.3p1.orig/servconf.c 2023-06-26 17:34:46.628956335 +0200 -+++ openssh-9.3p1/servconf.c 2023-06-26 17:36:05.826175605 +0200 -@@ -93,6 +93,7 @@ +diff -Nur openssh-9.6p1.orig/servconf.c openssh-9.6p1/servconf.c +--- openssh-9.6p1.orig/servconf.c 2024-07-06 07:19:37.004049913 +0200 ++++ openssh-9.6p1/servconf.c 2024-07-06 07:20:29.719200615 +0200 +@@ -92,6 +92,7 @@ /* Portable-specific options */ options->use_pam = -1; @@ -1839,7 +1839,7 @@ diff -Nur openssh-9.3p1.orig/servconf.c openssh-9.3p1/servconf.c /* Standard Options */ options->num_ports = 0; -@@ -139,9 +140,11 @@ +@@ -138,9 +139,11 @@ options->kerberos_get_afs_token = -1; options->kerberos_unique_ccache = -1; options->gss_authentication=-1; @@ -1851,7 +1851,7 @@ diff -Nur openssh-9.3p1.orig/servconf.c openssh-9.3p1/servconf.c options->gss_store_rekey = -1; options->gss_kex_algorithms = NULL; options->use_kuserok = -1; -@@ -295,6 +298,8 @@ +@@ -294,6 +297,8 @@ /* Portable-specific options */ if (options->use_pam == -1) options->use_pam = 0; @@ -1860,7 +1860,7 @@ diff -Nur openssh-9.3p1.orig/servconf.c openssh-9.3p1/servconf.c /* Standard Options */ if (options->num_host_key_files == 0) { -@@ -376,13 +381,17 @@ +@@ -375,13 +380,17 @@ if (options->kerberos_unique_ccache == -1) options->kerberos_unique_ccache = 0; if (options->gss_authentication == -1) @@ -1880,7 +1880,7 @@ diff -Nur openssh-9.3p1.orig/servconf.c openssh-9.3p1/servconf.c if (options->gss_store_rekey == -1) options->gss_store_rekey = 0; #ifdef GSSAPI -@@ -529,7 +538,7 @@ +@@ -528,7 +537,7 @@ typedef enum { sBadOption, /* == unknown option */ /* Portable-specific options */ @@ -1889,7 +1889,7 @@ diff -Nur openssh-9.3p1.orig/servconf.c openssh-9.3p1/servconf.c /* Standard Options */ sPort, sHostKeyFile, sLoginGraceTime, sPermitRootLogin, sLogFacility, sLogLevel, sLogVerbose, -@@ -548,6 +557,9 @@ +@@ -547,6 +556,9 @@ sHostbasedUsesNameFromPacketOnly, sHostbasedAcceptedAlgorithms, sHostKeyAlgorithms, sPerSourceMaxStartups, sPerSourceNetBlockSize, sClientAliveInterval, sClientAliveCountMax, sAuthorizedKeysFile, @@ -1899,7 +1899,7 @@ diff -Nur openssh-9.3p1.orig/servconf.c openssh-9.3p1/servconf.c sGssAuthentication, sGssCleanupCreds, sGssEnablek5users, sGssStrictAcceptor, sGssKeyEx, sGssKexAlgorithms, sGssStoreRekey, sAcceptEnv, sSetEnv, sPermitTunnel, -@@ -581,8 +593,10 @@ +@@ -580,8 +592,10 @@ /* Portable-specific options */ #ifdef USE_PAM { "usepam", sUsePAM, SSHCFG_GLOBAL }, @@ -1910,7 +1910,7 @@ diff -Nur openssh-9.3p1.orig/servconf.c openssh-9.3p1/servconf.c #endif { "pamauthenticationviakbdint", sDeprecated, SSHCFG_GLOBAL }, /* Standard Options */ -@@ -635,8 +649,15 @@ +@@ -634,8 +648,15 @@ { "afstokenpassing", sUnsupported, SSHCFG_GLOBAL }, #ifdef GSSAPI { "gssapiauthentication", sGssAuthentication, SSHCFG_ALL }, @@ -1926,7 +1926,7 @@ diff -Nur openssh-9.3p1.orig/servconf.c openssh-9.3p1/servconf.c { "gssapistrictacceptorcheck", sGssStrictAcceptor, SSHCFG_GLOBAL }, { "gssapikeyexchange", sGssKeyEx, SSHCFG_GLOBAL }, { "gssapistorecredentialsonrekey", sGssStoreRekey, SSHCFG_GLOBAL }, -@@ -644,8 +665,11 @@ +@@ -643,8 +664,11 @@ { "gssapienablek5users", sGssEnablek5users, SSHCFG_ALL }, #else { "gssapiauthentication", sUnsupported, SSHCFG_ALL }, @@ -1938,7 +1938,7 @@ diff -Nur openssh-9.3p1.orig/servconf.c openssh-9.3p1/servconf.c { "gssapistrictacceptorcheck", sUnsupported, SSHCFG_GLOBAL }, { "gssapikeyexchange", sUnsupported, SSHCFG_GLOBAL }, { "gssapistorecredentialsonrekey", sUnsupported, SSHCFG_GLOBAL }, -@@ -717,6 +741,8 @@ +@@ -716,6 +740,8 @@ { "permitlisten", sPermitListen, SSHCFG_ALL }, { "forcecommand", sForceCommand, SSHCFG_ALL }, { "chrootdirectory", sChrootDirectory, SSHCFG_ALL }, @@ -1947,7 +1947,7 @@ diff -Nur openssh-9.3p1.orig/servconf.c openssh-9.3p1/servconf.c { "hostcertificate", sHostCertificate, SSHCFG_GLOBAL }, { "revokedkeys", sRevokedKeys, SSHCFG_ALL }, { "trustedusercakeys", sTrustedUserCAKeys, SSHCFG_ALL }, -@@ -1450,6 +1476,10 @@ +@@ -1418,6 +1444,10 @@ intptr = &options->use_pam; goto parse_flag; @@ -1958,7 +1958,7 @@ diff -Nur openssh-9.3p1.orig/servconf.c openssh-9.3p1/servconf.c /* Standard Options */ case sBadOption: goto out; -@@ -1696,6 +1726,10 @@ +@@ -1669,6 +1699,10 @@ intptr = &options->gss_authentication; goto parse_flag; @@ -1969,7 +1969,7 @@ diff -Nur openssh-9.3p1.orig/servconf.c openssh-9.3p1/servconf.c case sGssKeyEx: intptr = &options->gss_keyex; goto parse_flag; -@@ -1704,6 +1738,10 @@ +@@ -1677,6 +1711,10 @@ intptr = &options->gss_cleanup_creds; goto parse_flag; @@ -1980,7 +1980,7 @@ diff -Nur openssh-9.3p1.orig/servconf.c openssh-9.3p1/servconf.c case sGssStrictAcceptor: intptr = &options->gss_strict_acceptor; goto parse_flag; -@@ -1724,6 +1762,12 @@ +@@ -1697,6 +1735,12 @@ options->gss_kex_algorithms = xstrdup(arg); break; @@ -1993,7 +1993,7 @@ diff -Nur openssh-9.3p1.orig/servconf.c openssh-9.3p1/servconf.c case sPasswordAuthentication: intptr = &options->password_authentication; goto parse_flag; -@@ -2776,6 +2820,7 @@ +@@ -2806,6 +2850,7 @@ M_CP_INTOPT(password_authentication); M_CP_INTOPT(gss_authentication); @@ -2001,10 +2001,10 @@ diff -Nur openssh-9.3p1.orig/servconf.c openssh-9.3p1/servconf.c M_CP_INTOPT(pubkey_authentication); M_CP_INTOPT(pubkey_auth_options); M_CP_INTOPT(kerberos_authentication); -diff -Nur openssh-9.3p1.orig/servconf.h openssh-9.3p1/servconf.h ---- openssh-9.3p1.orig/servconf.h 2023-06-26 17:34:46.519956033 +0200 -+++ openssh-9.3p1/servconf.h 2023-06-26 17:36:05.827175608 +0200 -@@ -146,9 +146,12 @@ +diff -Nur openssh-9.6p1.orig/servconf.h openssh-9.6p1/servconf.h +--- openssh-9.6p1.orig/servconf.h 2024-07-06 07:19:36.904049628 +0200 ++++ openssh-9.6p1/servconf.h 2024-07-06 07:20:29.719200615 +0200 +@@ -144,9 +144,12 @@ * be stored in per-session ccache */ int use_kuserok; int enable_k5users; @@ -2017,7 +2017,7 @@ diff -Nur openssh-9.3p1.orig/servconf.h openssh-9.3p1/servconf.h int gss_strict_acceptor; /* If true, restrict the GSSAPI acceptor name */ int gss_store_rekey; char *gss_kex_algorithms; /* GSSAPI kex methods to be offered by client. */ -@@ -209,6 +212,7 @@ +@@ -207,6 +210,7 @@ char *adm_forced_command; int use_pam; /* Enable auth via PAM */ @@ -2025,10 +2025,10 @@ diff -Nur openssh-9.3p1.orig/servconf.h openssh-9.3p1/servconf.h int permit_tun; -diff -Nur openssh-9.3p1.orig/ssh.1 openssh-9.3p1/ssh.1 ---- openssh-9.3p1.orig/ssh.1 2023-06-26 17:34:46.606956274 +0200 -+++ openssh-9.3p1/ssh.1 2023-06-26 17:36:05.828175611 +0200 -@@ -1514,6 +1514,18 @@ +diff -Nur openssh-9.6p1.orig/ssh.1 openssh-9.6p1/ssh.1 +--- openssh-9.6p1.orig/ssh.1 2024-07-06 07:19:36.983049853 +0200 ++++ openssh-9.6p1/ssh.1 2024-07-06 07:20:29.720200618 +0200 +@@ -1528,6 +1528,18 @@ on to new connections). .It Ev USER Set to the name of the user logging in. @@ -2047,10 +2047,10 @@ diff -Nur openssh-9.3p1.orig/ssh.1 openssh-9.3p1/ssh.1 .El .Pp Additionally, -diff -Nur openssh-9.3p1.orig/ssh.c openssh-9.3p1/ssh.c ---- openssh-9.3p1.orig/ssh.c 2023-06-26 17:34:46.630956340 +0200 -+++ openssh-9.3p1/ssh.c 2023-06-26 17:36:05.829175614 +0200 -@@ -571,6 +571,38 @@ +diff -Nur openssh-9.6p1.orig/ssh.c openssh-9.6p1/ssh.c +--- openssh-9.6p1.orig/ssh.c 2024-07-06 07:19:36.977049836 +0200 ++++ openssh-9.6p1/ssh.c 2024-07-06 07:20:29.720200618 +0200 +@@ -573,6 +573,38 @@ fatal("Can't open user config file %.100s: " "%.100s", config, strerror(errno)); } else { @@ -2089,7 +2089,7 @@ diff -Nur openssh-9.3p1.orig/ssh.c openssh-9.3p1/ssh.c r = snprintf(buf, sizeof buf, "%s/%s", pw->pw_dir, _PATH_SSH_USER_CONFFILE); if (r > 0 && (size_t)r < sizeof(buf)) -@@ -1251,8 +1283,12 @@ +@@ -1299,8 +1331,12 @@ if (fill_default_options(&options) != 0) cleanup_exit(255); @@ -2103,9 +2103,9 @@ diff -Nur openssh-9.3p1.orig/ssh.c openssh-9.3p1/ssh.c /* * If ProxyJump option specified, then construct a ProxyCommand now. -diff -Nur openssh-9.3p1.orig/ssh_config openssh-9.3p1/ssh_config ---- openssh-9.3p1.orig/ssh_config 2023-06-26 17:34:46.473955906 +0200 -+++ openssh-9.3p1/ssh_config 2023-06-26 17:36:05.830175617 +0200 +diff -Nur openssh-9.6p1.orig/ssh_config openssh-9.6p1/ssh_config +--- openssh-9.6p1.orig/ssh_config 2024-07-06 07:19:36.860049502 +0200 ++++ openssh-9.6p1/ssh_config 2024-07-06 07:20:29.721200620 +0200 @@ -22,9 +22,9 @@ # ForwardX11 no # PasswordAuthentication yes @@ -2118,10 +2118,10 @@ diff -Nur openssh-9.3p1.orig/ssh_config openssh-9.3p1/ssh_config +# GSSAPIKeyExchange yes # GSSAPITrustDNS no # BatchMode no - # CheckHostIP yes -diff -Nur openssh-9.3p1.orig/ssh_config.5 openssh-9.3p1/ssh_config.5 ---- openssh-9.3p1.orig/ssh_config.5 2023-06-26 17:34:46.544956102 +0200 -+++ openssh-9.3p1/ssh_config.5 2023-06-26 17:36:05.831175620 +0200 + # CheckHostIP no +diff -Nur openssh-9.6p1.orig/ssh_config.5 openssh-9.6p1/ssh_config.5 +--- openssh-9.6p1.orig/ssh_config.5 2024-07-06 07:19:36.928049696 +0200 ++++ openssh-9.6p1/ssh_config.5 2024-07-06 07:20:29.721200620 +0200 @@ -52,6 +52,12 @@ user's configuration file .Pq Pa ~/.ssh/config @@ -2135,7 +2135,7 @@ diff -Nur openssh-9.3p1.orig/ssh_config.5 openssh-9.3p1/ssh_config.5 system-wide configuration file .Pq Pa /etc/ssh/ssh_config .El -@@ -832,7 +838,7 @@ +@@ -921,7 +927,7 @@ .It Cm GSSAPIAuthentication Specifies whether user authentication based on GSSAPI is allowed. The default is @@ -2144,7 +2144,7 @@ diff -Nur openssh-9.3p1.orig/ssh_config.5 openssh-9.3p1/ssh_config.5 .It Cm GSSAPIClientIdentity If set, specifies the GSSAPI client identity that ssh should use when connecting to the server. The default is unset, which means that the default -@@ -840,12 +846,12 @@ +@@ -929,12 +935,12 @@ .It Cm GSSAPIDelegateCredentials Forward (delegate) credentials to the server. The default is @@ -2159,7 +2159,7 @@ diff -Nur openssh-9.3p1.orig/ssh_config.5 openssh-9.3p1/ssh_config.5 .It Cm GSSAPIRenewalForcesRekey If set to .Dq yes -@@ -1471,7 +1477,7 @@ +@@ -1582,7 +1588,7 @@ .Cm password ) . The default is: .Bd -literal -offset indent @@ -2168,10 +2168,10 @@ diff -Nur openssh-9.3p1.orig/ssh_config.5 openssh-9.3p1/ssh_config.5 keyboard-interactive,password .Ed .It Cm ProxyCommand -diff -Nur openssh-9.3p1.orig/sshconnect2.c openssh-9.3p1/sshconnect2.c ---- openssh-9.3p1.orig/sshconnect2.c 2023-06-26 17:34:46.619956310 +0200 -+++ openssh-9.3p1/sshconnect2.c 2023-06-26 17:36:05.832175622 +0200 -@@ -861,6 +861,11 @@ +diff -Nur openssh-9.6p1.orig/sshconnect2.c openssh-9.6p1/sshconnect2.c +--- openssh-9.6p1.orig/sshconnect2.c 2024-07-06 07:19:36.995049888 +0200 ++++ openssh-9.6p1/sshconnect2.c 2024-07-06 07:20:29.722200623 +0200 +@@ -863,6 +863,11 @@ gss_OID mech = NULL; char *gss_host = NULL; @@ -2183,7 +2183,7 @@ diff -Nur openssh-9.3p1.orig/sshconnect2.c openssh-9.3p1/sshconnect2.c if (options.gss_server_identity) { gss_host = xstrdup(options.gss_server_identity); } else if (options.gss_trust_dns) { -@@ -972,7 +977,8 @@ +@@ -971,7 +976,8 @@ if (status == GSS_S_COMPLETE) { /* send either complete or MIC, depending on mechanism */ @@ -2193,7 +2193,7 @@ diff -Nur openssh-9.3p1.orig/sshconnect2.c openssh-9.3p1/sshconnect2.c if ((r = sshpkt_start(ssh, SSH2_MSG_USERAUTH_GSSAPI_EXCHANGE_COMPLETE)) != 0 || (r = sshpkt_send(ssh)) != 0) -@@ -1139,6 +1145,20 @@ +@@ -1138,6 +1144,20 @@ return r; } @@ -2214,7 +2214,7 @@ diff -Nur openssh-9.3p1.orig/sshconnect2.c openssh-9.3p1/sshconnect2.c int userauth_gsskeyex(struct ssh *ssh) { -@@ -1161,6 +1181,12 @@ +@@ -1160,6 +1180,12 @@ if ((b = sshbuf_new()) == NULL) fatal_f("sshbuf_new failed"); @@ -2227,7 +2227,7 @@ diff -Nur openssh-9.3p1.orig/sshconnect2.c openssh-9.3p1/sshconnect2.c ssh_gssapi_buildmic(b, authctxt->server_user, authctxt->service, "gssapi-keyex", ssh->kex->session_id); -@@ -1174,7 +1200,9 @@ +@@ -1173,7 +1199,9 @@ } if ((r = sshpkt_start(ssh, SSH2_MSG_USERAUTH_REQUEST)) != 0 || @@ -2238,9 +2238,9 @@ diff -Nur openssh-9.3p1.orig/sshconnect2.c openssh-9.3p1/sshconnect2.c (r = sshpkt_put_cstring(ssh, authctxt->service)) != 0 || (r = sshpkt_put_cstring(ssh, authctxt->method->name)) != 0 || (r = sshpkt_put_string(ssh, mic.value, mic.length)) != 0 || -diff -Nur openssh-9.3p1.orig/sshd.8 openssh-9.3p1/sshd.8 ---- openssh-9.3p1.orig/sshd.8 2023-06-26 17:34:46.488955947 +0200 -+++ openssh-9.3p1/sshd.8 2023-06-26 17:36:05.833175625 +0200 +diff -Nur openssh-9.6p1.orig/sshd.8 openssh-9.6p1/sshd.8 +--- openssh-9.6p1.orig/sshd.8 2024-07-06 07:19:36.875049545 +0200 ++++ openssh-9.6p1/sshd.8 2024-07-06 07:20:29.722200623 +0200 @@ -839,6 +839,29 @@ # A CA key, accepted for any host in *.mydomain.com or *.mydomain.org @cert-authority *.mydomain.org,*.mydomain.com ssh-rsa AAAAB5W... @@ -2271,9 +2271,9 @@ diff -Nur openssh-9.3p1.orig/sshd.8 openssh-9.3p1/sshd.8 .Sh FILES .Bl -tag -width Ds -compact .It Pa ~/.hushlogin -diff -Nur openssh-9.3p1.orig/sshd.c openssh-9.3p1/sshd.c ---- openssh-9.3p1.orig/sshd.c 2023-06-26 17:34:46.631956343 +0200 -+++ openssh-9.3p1/sshd.c 2023-06-26 17:36:05.835175630 +0200 +diff -Nur openssh-9.6p1.orig/sshd.c openssh-9.6p1/sshd.c +--- openssh-9.6p1.orig/sshd.c 2024-07-06 07:19:37.006049919 +0200 ++++ openssh-9.6p1/sshd.c 2024-07-06 07:20:29.723200626 +0200 @@ -2438,7 +2438,7 @@ #endif @@ -2283,9 +2283,9 @@ diff -Nur openssh-9.3p1.orig/sshd.c openssh-9.3p1/sshd.c temporarily_use_uid(authctxt->pw); authctxt->krb5_set_env = ssh_gssapi_storecreds(); restore_uid(); -diff -Nur openssh-9.3p1.orig/sshd_config openssh-9.3p1/sshd_config ---- openssh-9.3p1.orig/sshd_config 2023-06-26 17:34:46.508956002 +0200 -+++ openssh-9.3p1/sshd_config 2023-06-26 17:36:05.835175630 +0200 +diff -Nur openssh-9.6p1.orig/sshd_config openssh-9.6p1/sshd_config +--- openssh-9.6p1.orig/sshd_config 2024-07-06 07:19:36.894049599 +0200 ++++ openssh-9.6p1/sshd_config 2024-07-06 07:20:29.723200626 +0200 @@ -76,10 +76,11 @@ #KerberosUseKuserok yes @@ -2311,9 +2311,9 @@ diff -Nur openssh-9.3p1.orig/sshd_config openssh-9.3p1/sshd_config #AllowAgentForwarding yes #AllowTcpForwarding yes #GatewayPorts no -diff -Nur openssh-9.3p1.orig/sshd_config.5 openssh-9.3p1/sshd_config.5 ---- openssh-9.3p1.orig/sshd_config.5 2023-06-26 17:34:46.545956105 +0200 -+++ openssh-9.3p1/sshd_config.5 2023-06-26 17:36:05.836175633 +0200 +diff -Nur openssh-9.6p1.orig/sshd_config.5 openssh-9.6p1/sshd_config.5 +--- openssh-9.6p1.orig/sshd_config.5 2024-07-06 07:19:36.928049696 +0200 ++++ openssh-9.6p1/sshd_config.5 2024-07-06 07:20:29.724200629 +0200 @@ -716,15 +716,34 @@ to allow the client to select the address to which the forwarding is bound. The default is @@ -2372,10 +2372,10 @@ diff -Nur openssh-9.3p1.orig/sshd_config.5 openssh-9.3p1/sshd_config.5 .It Cm VersionAddendum Optionally specifies additional text to append to the SSH protocol banner sent by the server upon connection. -diff -Nur openssh-9.3p1.orig/sshd_config_redhat openssh-9.3p1/sshd_config_redhat ---- openssh-9.3p1.orig/sshd_config_redhat 2023-06-26 17:34:46.457955861 +0200 -+++ openssh-9.3p1/sshd_config_redhat 2023-06-26 17:36:05.837175636 +0200 -@@ -9,9 +9,6 @@ +diff -Nur openssh-9.6p1.orig/sshd_config_redhat openssh-9.6p1/sshd_config_redhat +--- openssh-9.6p1.orig/sshd_config_redhat 2024-07-06 07:19:36.845049459 +0200 ++++ openssh-9.6p1/sshd_config_redhat 2024-07-06 07:20:29.724200629 +0200 +@@ -2,9 +2,6 @@ ChallengeResponseAuthentication no @@ -2385,9 +2385,9 @@ diff -Nur openssh-9.3p1.orig/sshd_config_redhat openssh-9.3p1/sshd_config_redhat UsePAM yes X11Forwarding yes -diff -Nur openssh-9.3p1.orig/ssh-gss.h openssh-9.3p1/ssh-gss.h ---- openssh-9.3p1.orig/ssh-gss.h 2023-06-26 17:34:46.486955941 +0200 -+++ openssh-9.3p1/ssh-gss.h 2023-06-26 17:36:05.837175636 +0200 +diff -Nur openssh-9.6p1.orig/ssh-gss.h openssh-9.6p1/ssh-gss.h +--- openssh-9.6p1.orig/ssh-gss.h 2024-07-06 07:19:36.873049539 +0200 ++++ openssh-9.6p1/ssh-gss.h 2024-07-06 07:20:29.724200629 +0200 @@ -97,12 +97,14 @@ } ssh_gssapi_ccache; @@ -2423,12 +2423,12 @@ diff -Nur openssh-9.3p1.orig/ssh-gss.h openssh-9.3p1/ssh-gss.h /* In the server */ typedef int ssh_gssapi_check_fn(Gssctxt **, gss_OID, const char *, const char *); -diff -Nur openssh-9.3p1.orig/version.h openssh-9.3p1/version.h ---- openssh-9.3p1.orig/version.h 2023-03-15 22:28:19.000000000 +0100 -+++ openssh-9.3p1/version.h 2023-06-26 17:36:05.838175639 +0200 +diff -Nur openssh-9.6p1.orig/version.h openssh-9.6p1/version.h +--- openssh-9.6p1.orig/version.h 2023-12-18 15:59:50.000000000 +0100 ++++ openssh-9.6p1/version.h 2024-07-06 07:20:29.725200632 +0200 @@ -2,5 +2,19 @@ - #define SSH_VERSION "OpenSSH_9.3" + #define SSH_VERSION "OpenSSH_9.6" +#ifdef GSI +#define GSI_VERSION " GSI" diff --git a/openssh-9.6p1-hpn-18.3.1.patch b/openssh-9.6p1-hpn-18.3.1.patch new file mode 100644 index 0000000..e9a43f8 --- /dev/null +++ b/openssh-9.6p1-hpn-18.3.1.patch @@ -0,0 +1,14718 @@ +diff -Nur openssh-9.6p1.orig/auth2.c openssh-9.6p1/auth2.c +--- openssh-9.6p1.orig/auth2.c 2024-07-10 13:32:39.592111791 +0200 ++++ openssh-9.6p1/auth2.c 2024-07-10 13:38:36.540172663 +0200 +@@ -52,6 +52,8 @@ + #include "dispatch.h" + #include "pathnames.h" + #include "ssherr.h" ++#include "canohost.h" ++ + #ifdef GSSAPI + #include "ssh-gss.h" + #endif +@@ -75,6 +77,8 @@ + extern Authmethod method_gssapi; + #endif + ++static int log_flag = 0; ++ + Authmethod *authmethods[] = { + &method_none, + &method_pubkey, +@@ -104,6 +108,9 @@ + #define MATCH_PARTIAL 3 /* method matches, submethod can't be checked */ + static int list_starts_with(const char *, const char *, const char *); + ++/* read the user banner from the path in sshd_config ++ * this isn't to read it on the client side but to read ++ * it into what we are going to send on the server side */ + char * + auth2_read_banner(void) + { +@@ -308,6 +315,11 @@ + + debug("userauth-request for user %s service %s method %s", + user[0] ? user : "", service, method); ++ if (!log_flag) { ++ logit("SSH: Server;Ltype: Authname;Remote: %s-%d;Name: %s", ++ ssh_remote_ipaddr(ssh), ssh_remote_port(ssh), user); ++ log_flag = 1; ++ } + debug("attempt %d failures %d", authctxt->attempt, authctxt->failures); + + #ifdef WITH_SELINUX +diff -Nur openssh-9.6p1.orig/binn.c openssh-9.6p1/binn.c +--- openssh-9.6p1.orig/binn.c 1970-01-01 01:00:00.000000000 +0100 ++++ openssh-9.6p1/binn.c 2024-07-10 13:34:02.707358556 +0200 +@@ -0,0 +1,3496 @@ ++#include ++#include ++#include ++#include ++#include ++#include "binn.h" ++ ++#define UNUSED(x) (void)(x) ++#define roundval(dbl) dbl >= 0.0 ? (int)(dbl + 0.5) : ((dbl - (double)(int)dbl) <= -0.5 ? (int)dbl : (int)(dbl - 0.5)) ++ ++#define BINN_MAGIC 0x1F22B11F ++ ++#define MAX_BINN_HEADER 9 ++#define MIN_BINN_SIZE 3 ++#define CHUNK_SIZE 256 ++ ++#define BINN_STRUCT 1 ++#define BINN_BUFFER 2 ++ ++void* (*malloc_fn)(size_t len) = 0; ++void* (*realloc_fn)(void *ptr, size_t len) = 0; ++void (*free_fn)(void *ptr) = 0; ++ ++/***************************************************************************/ ++ ++#if defined(__alpha__) || defined(__hppa__) || defined(__mips__) || defined(__powerpc__) || defined(__sparc__) ++#define BINN_ONLY_ALIGNED_ACCESS ++#elif ( defined(__arm__) || defined(__aarch64__) ) && !defined(__ARM_FEATURE_UNALIGNED) ++#define BINN_ONLY_ALIGNED_ACCESS ++#endif ++ ++#if defined(_WIN32) ++#define BIG_ENDIAN 0x1000 ++#define LITTLE_ENDIAN 0x0001 ++#define BYTE_ORDER LITTLE_ENDIAN ++#elif defined(__APPLE__) ++/* macros already defined */ ++#elif defined(__OpenBSD__) || defined(__NetBSD__) || defined(__FreeBSD__) || defined(__DragonFly__) ++#include ++#elif defined(_AIX) ++#include ++#else ++#include ++#endif ++ ++#ifndef BYTE_ORDER ++#error "BYTE_ORDER not defined" ++#endif ++#ifndef BIG_ENDIAN ++#error "BIG_ENDIAN not defined" ++#endif ++#ifndef LITTLE_ENDIAN ++#error "LITTLE_ENDIAN not defined" ++#endif ++#if BIG_ENDIAN == LITTLE_ENDIAN ++#error "BIG_ENDIAN == LITTLE_ENDIAN" ++#endif ++#if BYTE_ORDER!=BIG_ENDIAN && BYTE_ORDER!=LITTLE_ENDIAN ++#error "BYTE_ORDER not supported" ++#endif ++ ++typedef unsigned short int u16; ++typedef unsigned int u32; ++typedef unsigned long long int u64; ++ ++BINN_PRIVATE void copy_be16(u16 *pdest, u16 *psource) { ++#if BYTE_ORDER == LITTLE_ENDIAN ++ unsigned char *source = (unsigned char *) psource; ++ unsigned char *dest = (unsigned char *) pdest; ++ dest[0] = source[1]; ++ dest[1] = source[0]; ++#else /* if BYTE_ORDER == BIG_ENDIAN */ ++#ifdef BINN_ONLY_ALIGNED_ACCESS ++ if ((uintptr_t)psource % 2 == 0){ /* address aligned to 16 bit */ ++ *pdest = *psource; ++ } else { ++ unsigned char *source = (unsigned char *) psource; ++ unsigned char *dest = (unsigned char *) pdest; ++ dest[0] = source[0]; /* indexes are the same */ ++ dest[1] = source[1]; ++ } ++#else ++ *pdest = *psource; ++#endif ++#endif ++} ++ ++BINN_PRIVATE void copy_be32(u32 *pdest, u32 *psource) { ++#if BYTE_ORDER == LITTLE_ENDIAN ++ unsigned char *source = (unsigned char *) psource; ++ unsigned char *dest = (unsigned char *) pdest; ++ dest[0] = source[3]; ++ dest[1] = source[2]; ++ dest[2] = source[1]; ++ dest[3] = source[0]; ++#else /* if BYTE_ORDER == BIG_ENDIAN */ ++#ifdef BINN_ONLY_ALIGNED_ACCESS ++ if ((uintptr_t)psource % 4 == 0){ /* address aligned to 32 bit */ ++ *pdest = *psource; ++ } else { ++ unsigned char *source = (unsigned char *) psource; ++ unsigned char *dest = (unsigned char *) pdest; ++ dest[0] = source[0]; /* indexes are the same */ ++ dest[1] = source[1]; ++ dest[2] = source[2]; ++ dest[3] = source[3]; ++ } ++#else ++ *pdest = *psource; ++#endif ++#endif ++} ++ ++BINN_PRIVATE void copy_be64(u64 *pdest, u64 *psource) { ++#if BYTE_ORDER == LITTLE_ENDIAN ++ unsigned char *source = (unsigned char *) psource; ++ unsigned char *dest = (unsigned char *) pdest; ++ int i; ++ for (i=0; i < 8; i++) { ++ dest[i] = source[7-i]; ++ } ++#else /* if BYTE_ORDER == BIG_ENDIAN */ ++#ifdef BINN_ONLY_ALIGNED_ACCESS ++ if ((uintptr_t)psource % 8 == 0){ /* address aligned to 64 bit */ ++ *pdest = *psource; ++ } else { ++ unsigned char *source = (unsigned char *) psource; ++ unsigned char *dest = (unsigned char *) pdest; ++ int i; ++ for (i=0; i < 8; i++) { ++ dest[i] = source[i]; /* indexes are the same */ ++ } ++ } ++#else ++ *pdest = *psource; ++#endif ++#endif ++} ++ ++/***************************************************************************/ ++ ++#ifndef _MSC_VER ++#define stricmp strcasecmp ++#define strnicmp strncasecmp ++#endif ++ ++BINN_PRIVATE BOOL IsValidBinnHeader(void *pbuf, int *ptype, int *pcount, int *psize, int *pheadersize); ++ ++/***************************************************************************/ ++ ++char * APIENTRY binn_version() { ++ return BINN_VERSION; ++} ++ ++/***************************************************************************/ ++ ++void APIENTRY binn_set_alloc_functions(void* (*new_malloc)(size_t), void* (*new_realloc)(void*,size_t), void (*new_free)(void*)) { ++ ++ malloc_fn = new_malloc; ++ realloc_fn = new_realloc; ++ free_fn = new_free; ++ ++} ++ ++/***************************************************************************/ ++ ++BINN_PRIVATE void check_alloc_functions() { ++ ++ if (malloc_fn == 0) malloc_fn = &malloc; ++ if (realloc_fn == 0) realloc_fn = &realloc; ++ if (free_fn == 0) free_fn = &free; ++ ++} ++ ++/***************************************************************************/ ++ ++BINN_PRIVATE void * binn_malloc(int size) { ++ check_alloc_functions(); ++ return malloc_fn(size); ++} ++ ++/***************************************************************************/ ++ ++BINN_PRIVATE void * binn_memdup(void *src, int size) { ++ void *dest; ++ ++ if (src == NULL || size <= 0) return NULL; ++ dest = binn_malloc(size); ++ if (dest == NULL) return NULL; ++ memcpy(dest, src, size); ++ return dest; ++ ++} ++ ++/***************************************************************************/ ++ ++BINN_PRIVATE size_t strlen2(char *str) { ++ ++ if (str == NULL) return 0; ++ return strlen(str); ++ ++} ++ ++/***************************************************************************/ ++ ++int APIENTRY binn_create_type(int storage_type, int data_type_index) { ++ if (data_type_index < 0) return -1; ++ if ((storage_type < BINN_STORAGE_MIN) || (storage_type > BINN_STORAGE_MAX)) return -1; ++ if (data_type_index < 16) ++ return storage_type | data_type_index; ++ else if (data_type_index < 4096) { ++ storage_type |= BINN_STORAGE_HAS_MORE; ++ storage_type <<= 8; ++ data_type_index >>= 4; ++ return storage_type | data_type_index; ++ } else ++ return -1; ++} ++ ++/***************************************************************************/ ++ ++BOOL APIENTRY binn_get_type_info(int long_type, int *pstorage_type, int *pextra_type) { ++ int storage_type, extra_type; ++ BOOL retval=TRUE; ++ ++again: ++ ++ if (long_type < 0) { ++ goto loc_invalid; ++ } else if (long_type <= 0xff) { ++ storage_type = long_type & BINN_STORAGE_MASK; ++ extra_type = long_type & BINN_TYPE_MASK; ++ } else if (long_type <= 0xffff) { ++ storage_type = long_type & BINN_STORAGE_MASK16; ++ storage_type >>= 8; ++ extra_type = long_type & BINN_TYPE_MASK16; ++ extra_type >>= 4; ++ } else if (long_type & BINN_STORAGE_VIRTUAL) { ++ /* storage_type = BINN_STORAGE_VIRTUAL; */ ++ /* extra_type = xxx; */ ++ long_type &= 0xffff; ++ goto again; ++ } else { ++loc_invalid: ++ storage_type = -1; ++ extra_type = -1; ++ retval = FALSE; ++ } ++ ++ if (pstorage_type) *pstorage_type = storage_type; ++ if (pextra_type) *pextra_type = extra_type; ++ ++ return retval; ++ ++} ++ ++/***************************************************************************/ ++ ++BOOL APIENTRY binn_create(binn *item, int type, int size, void *pointer) { ++ BOOL retval=FALSE; ++ ++ switch (type) { ++ case BINN_LIST: ++ case BINN_MAP: ++ case BINN_OBJECT: ++ break; ++ default: ++ goto loc_exit; ++ } ++ ++ if ((item == NULL) || (size < 0)) goto loc_exit; ++ if (size < MIN_BINN_SIZE) { ++ if (pointer) goto loc_exit; ++ else size = 0; ++ } ++ ++ memset(item, 0, sizeof(binn)); ++ ++ if (pointer) { ++ item->pre_allocated = TRUE; ++ item->pbuf = pointer; ++ item->alloc_size = size; ++ } else { ++ item->pre_allocated = FALSE; ++ if (size == 0) size = CHUNK_SIZE; ++ pointer = binn_malloc(size); ++ if (pointer == 0) return INVALID_BINN; ++ item->pbuf = pointer; ++ item->alloc_size = size; ++ } ++ ++ item->header = BINN_MAGIC; ++ /* item->allocated = FALSE; -- already zeroed */ ++ item->writable = TRUE; ++ item->used_size = MAX_BINN_HEADER; /* save space for the header */ ++ item->type = type; ++ /* item->count = 0; -- already zeroed */ ++ item->dirty = TRUE; /* the header is not written to the buffer */ ++ ++ retval = TRUE; ++ ++loc_exit: ++ return retval; ++ ++} ++ ++/***************************************************************************/ ++ ++binn * APIENTRY binn_new(int type, int size, void *pointer) { ++ binn *item; ++ ++ item = (binn*) binn_malloc(sizeof(binn)); ++ ++ if (binn_create(item, type, size, pointer) == FALSE) { ++ free_fn(item); ++ return NULL; ++ } ++ ++ item->allocated = TRUE; ++ return item; ++ ++} ++ ++/*************************************************************************************/ ++ ++BOOL APIENTRY binn_create_list(binn *list) { ++ ++ return binn_create(list, BINN_LIST, 0, NULL); ++ ++} ++ ++/*************************************************************************************/ ++ ++BOOL APIENTRY binn_create_map(binn *map) { ++ ++ return binn_create(map, BINN_MAP, 0, NULL); ++ ++} ++ ++/*************************************************************************************/ ++ ++BOOL APIENTRY binn_create_object(binn *object) { ++ ++ return binn_create(object, BINN_OBJECT, 0, NULL); ++ ++} ++ ++/***************************************************************************/ ++ ++binn * APIENTRY binn_list() { ++ return binn_new(BINN_LIST, 0, 0); ++} ++ ++/***************************************************************************/ ++ ++binn * APIENTRY binn_map() { ++ return binn_new(BINN_MAP, 0, 0); ++} ++ ++/***************************************************************************/ ++ ++binn * APIENTRY binn_object() { ++ return binn_new(BINN_OBJECT, 0, 0); ++} ++ ++/***************************************************************************/ ++ ++binn * APIENTRY binn_copy(void *old) { ++ int type, count, size, header_size; ++ unsigned char *old_ptr = binn_ptr(old); ++ binn *item; ++ ++ size = 0; ++ if (!IsValidBinnHeader(old_ptr, &type, &count, &size, &header_size)) return NULL; ++ ++ item = binn_new(type, size - header_size + MAX_BINN_HEADER, NULL); ++ if( item ){ ++ unsigned char *dest; ++ dest = ((unsigned char *) item->pbuf) + MAX_BINN_HEADER; ++ memcpy(dest, old_ptr + header_size, size - header_size); ++ item->used_size = MAX_BINN_HEADER + size - header_size; ++ item->count = count; ++ } ++ return item; ++ ++} ++ ++/*************************************************************************************/ ++ ++BOOL APIENTRY binn_load(void *data, binn *value) { ++ ++ if ((data == NULL) || (value == NULL)) return FALSE; ++ memset(value, 0, sizeof(binn)); ++ value->header = BINN_MAGIC; ++ /* value->allocated = FALSE; -- already zeroed */ ++ /* value->writable = FALSE; */ ++ ++ if (binn_is_valid(data, &value->type, &value->count, &value->size) == FALSE) return FALSE; ++ value->ptr = data; ++ return TRUE; ++ ++} ++ ++/*************************************************************************************/ ++ ++binn * APIENTRY binn_open(void *data) { ++ binn *item; ++ ++ item = (binn*) binn_malloc(sizeof(binn)); ++ ++ if (binn_load(data, item) == FALSE) { ++ free_fn(item); ++ return NULL; ++ } ++ ++ item->allocated = TRUE; ++ return item; ++ ++} ++ ++/***************************************************************************/ ++ ++BINN_PRIVATE int binn_get_ptr_type(void *ptr) { ++ ++ if (ptr == NULL) return 0; ++ ++ switch (*(unsigned int *)ptr) { ++ case BINN_MAGIC: ++ return BINN_STRUCT; ++ default: ++ return BINN_BUFFER; ++ } ++ ++} ++ ++/***************************************************************************/ ++ ++BOOL APIENTRY binn_is_struct(void *ptr) { ++ ++ if (ptr == NULL) return FALSE; ++ ++ if ((*(unsigned int *)ptr) == BINN_MAGIC) { ++ return TRUE; ++ } else { ++ return FALSE; ++ } ++ ++} ++ ++/***************************************************************************/ ++ ++BINN_PRIVATE int CalcAllocation(int needed_size, int alloc_size) { ++ int calc_size; ++ ++ calc_size = alloc_size; ++ while (calc_size < needed_size) { ++ calc_size <<= 1; /* same as *= 2 */ ++ /* calc_size += CHUNK_SIZE; -- this is slower than the above line, because there are more reallocations */ ++ } ++ return calc_size; ++ ++} ++ ++/***************************************************************************/ ++ ++BINN_PRIVATE BOOL CheckAllocation(binn *item, int add_size) { ++ int alloc_size; ++ void *ptr; ++ ++ if (item->used_size + add_size > item->alloc_size) { ++ if (item->pre_allocated) return FALSE; ++ alloc_size = CalcAllocation(item->used_size + add_size, item->alloc_size); ++ ptr = realloc_fn(item->pbuf, alloc_size); ++ if (ptr == NULL) return FALSE; ++ item->pbuf = ptr; ++ item->alloc_size = alloc_size; ++ } ++ ++ return TRUE; ++ ++} ++ ++/***************************************************************************/ ++ ++#if BYTE_ORDER == BIG_ENDIAN ++ ++BINN_PRIVATE int get_storage_size(int storage_type) { ++ ++ switch (storage_type) { ++ case BINN_STORAGE_NOBYTES: ++ return 0; ++ case BINN_STORAGE_BYTE: ++ return 1; ++ case BINN_STORAGE_WORD: ++ return 2; ++ case BINN_STORAGE_DWORD: ++ return 4; ++ case BINN_STORAGE_QWORD: ++ return 8; ++ default: ++ return 0; ++ } ++ ++} ++ ++#endif ++ ++/***************************************************************************/ ++ ++BINN_PRIVATE unsigned char * AdvanceDataPos(unsigned char *p, unsigned char *plimit) { ++ unsigned char byte; ++ int storage_type, DataSize; ++ ++ if (p > plimit) return 0; ++ ++ byte = *p; p++; ++ storage_type = byte & BINN_STORAGE_MASK; ++ if (byte & BINN_STORAGE_HAS_MORE) p++; ++ ++ switch (storage_type) { ++ case BINN_STORAGE_NOBYTES: ++ /* p += 0; */ ++ break; ++ case BINN_STORAGE_BYTE: ++ p ++; ++ break; ++ case BINN_STORAGE_WORD: ++ p += 2; ++ break; ++ case BINN_STORAGE_DWORD: ++ p += 4; ++ break; ++ case BINN_STORAGE_QWORD: ++ p += 8; ++ break; ++ case BINN_STORAGE_BLOB: ++ case BINN_STORAGE_STRING: ++ if (p > plimit) return 0; ++ DataSize = *((unsigned char*)p); ++ if (DataSize & 0x80) { ++ if (p + sizeof(int) - 1 > plimit) return 0; ++ copy_be32((u32*)&DataSize, (u32*)p); ++ DataSize &= 0x7FFFFFFF; ++ p+=4; ++ } else { ++ p++; ++ } ++ p += DataSize; ++ if (storage_type == BINN_STORAGE_STRING) { ++ p++; /* null terminator. */ ++ } ++ break; ++ case BINN_STORAGE_CONTAINER: ++ if (p > plimit) return 0; ++ DataSize = *((unsigned char*)p); ++ if (DataSize & 0x80) { ++ if (p + sizeof(int) - 1 > plimit) return 0; ++ copy_be32((u32*)&DataSize, (u32*)p); ++ DataSize &= 0x7FFFFFFF; ++ } ++ DataSize--; /* remove the type byte already added before */ ++ p += DataSize; ++ break; ++ default: ++ return 0; ++ } ++ ++ if (p > plimit) return 0; ++ ++ return p; ++ ++} ++ ++/***************************************************************************/ ++ ++/* ++ ++The id can be stored with 1 to 5 bytes ++ ++S = signal bit ++X = bit part of id ++ ++ 0SXX XXXX ++ 100S XXXX + 1 byte ++ 101S XXXX + 2 bytes ++ 110S XXXX + 3 bytes ++ 1110 0000 + 4 bytes ++ ++*/ ++BINN_PRIVATE int read_map_id(unsigned char **pp, unsigned char *plimit) { ++ unsigned char *p, c, sign, type; ++ int id, extra_bytes; ++ ++ p = *pp; ++ ++ c = *p++; ++ ++ if (c & 0x80) { ++ extra_bytes = ((c & 0x60) >> 5) + 1; ++ if (p + extra_bytes > plimit ) { ++ *pp = p + extra_bytes; ++ return 0; ++ } ++ } ++ ++ type = c & 0xE0; ++ sign = c & 0x10; ++ ++ if ((c & 0x80) == 0) { ++ sign = c & 0x40; ++ id = c & 0x3F; ++ } else if (type == 0x80) { ++ id = c & 0x0F; ++ id = (id << 8) | *p++; ++ } else if (type == 0xA0) { ++ id = c & 0x0F; ++ id = (id << 8) | *p++; ++ id = (id << 8) | *p++; ++ } else if (type == 0xC0) { ++ id = c & 0x0F; ++ id = (id << 8) | *p++; ++ id = (id << 8) | *p++; ++ id = (id << 8) | *p++; ++ } else if (type == 0xE0) { ++ copy_be32((u32*)&id, (u32*)p); ++ p += 4; ++ } else { ++ *pp = plimit + 2; ++ return 0; ++ } ++ ++ if (sign) id = -id; ++ ++ *pp = p; ++ ++ return id; ++} ++ ++/***************************************************************************/ ++ ++BINN_PRIVATE unsigned char * SearchForID(unsigned char *p, int header_size, int size, int numitems, int id) { ++ unsigned char *plimit, *base; ++ int i, int32; ++ ++ base = p; ++ plimit = p + size - 1; ++ p += header_size; ++ ++ /* search for the ID in all the arguments. */ ++ for (i = 0; i < numitems; i++) { ++ int32 = read_map_id(&p, plimit); ++ if (p > plimit) break; ++ /* Compare if the IDs are equal. */ ++ if (int32 == id) return p; ++ /* xxx */ ++ p = AdvanceDataPos(p, plimit); ++ if ((p == 0) || (p < base)) break; ++ } ++ ++ return NULL; ++ ++} ++ ++/***************************************************************************/ ++ ++BINN_PRIVATE unsigned char * SearchForKey(unsigned char *p, int header_size, int size, int numitems, const char *key) { ++ unsigned char len, *plimit, *base; ++ int i, keylen; ++ ++ base = p; ++ plimit = p + size - 1; ++ p += header_size; ++ ++ keylen = strlen(key); ++ ++ /* search for the key in all the arguments. */ ++ for (i = 0; i < numitems; i++) { ++ len = *((unsigned char *)p); ++ p++; ++ if (p > plimit) break; ++ /* Compare if the strings are equal. */ ++ if (len > 0) { ++ if (strnicmp((char*)p, key, len) == 0) { /* note that there is no null terminator here */ ++ if (keylen == len) { ++ p += len; ++ return p; ++ } ++ } ++ p += len; ++ if (p > plimit) break; ++ } else if (len == keylen) { /* in the case of empty string: "" */ ++ return p; ++ } ++ /* xxx */ ++ p = AdvanceDataPos(p, plimit); ++ if ((p == 0) || (p < base)) break; ++ } ++ ++ return NULL; ++ ++} ++ ++/***************************************************************************/ ++ ++BINN_PRIVATE BOOL AddValue(binn *item, int type, void *pvalue, int size); ++ ++/***************************************************************************/ ++ ++BINN_PRIVATE BOOL binn_list_add_raw(binn *item, int type, void *pvalue, int size) { ++ ++ if ((item == NULL) || (item->type != BINN_LIST) || (item->writable == FALSE)) return FALSE; ++ ++ /* if (CheckAllocation(item, 4) == FALSE) return FALSE; // 4 bytes used for data_store and data_format. */ ++ ++ if (AddValue(item, type, pvalue, size) == FALSE) return FALSE; ++ ++ item->count++; ++ ++ return TRUE; ++ ++} ++ ++/***************************************************************************/ ++ ++BINN_PRIVATE BOOL binn_object_set_raw(binn *item, const char *key, int type, void *pvalue, int size) { ++ unsigned char *p, len; ++ int int32; ++ ++ if ((item == NULL) || (item->type != BINN_OBJECT) || (item->writable == FALSE)) return FALSE; ++ ++ if (key == NULL) return FALSE; ++ int32 = strlen(key); ++ if (int32 > 255) return FALSE; ++ ++ /* is the key already in it? */ ++ p = SearchForKey(item->pbuf, MAX_BINN_HEADER, item->used_size, item->count, key); ++ if (p) return FALSE; ++ ++ /* start adding it */ ++ ++ if (CheckAllocation(item, 1 + int32) == FALSE) return FALSE; /* bytes used for the key size and the key itself. */ ++ ++ p = ((unsigned char *) item->pbuf) + item->used_size; ++ len = int32; ++ *p = len; ++ p++; ++ memcpy(p, key, int32); ++ int32++; /* now contains the strlen + 1 byte for the len */ ++ item->used_size += int32; ++ ++ if (AddValue(item, type, pvalue, size) == FALSE) { ++ item->used_size -= int32; ++ return FALSE; ++ } ++ ++ item->count++; ++ ++ return TRUE; ++ ++} ++ ++/***************************************************************************/ ++ ++BINN_PRIVATE BOOL binn_map_set_raw(binn *item, int id, int type, void *pvalue, int size) { ++ unsigned char *base, *p, sign; ++ int id_size; ++ ++ if ((item == NULL) || (item->type != BINN_MAP) || (item->writable == FALSE)) return FALSE; ++ ++ /* is the ID already in it? */ ++ p = SearchForID(item->pbuf, MAX_BINN_HEADER, item->used_size, item->count, id); ++ if (p) return FALSE; ++ ++ /* start adding it */ ++ ++ if (CheckAllocation(item, 5) == FALSE) return FALSE; /* max 5 bytes used for the id. */ ++ ++ p = base = ((unsigned char *) item->pbuf) + item->used_size; ++ ++ sign = (id < 0); ++ if (sign) id = -id; ++ ++ if (id <= 0x3F) { ++ *p++ = (sign << 6) | id; ++ } else if (id <= 0xFFF) { ++ *p++ = 0x80 | (sign << 4) | ((id & 0xF00) >> 8); ++ *p++ = id & 0xFF; ++ } else if (id <= 0xFFFFF) { ++ *p++ = 0xA0 | (sign << 4) | ((id & 0xF0000) >> 16); ++ *p++ = (id & 0xFF00) >> 8; ++ *p++ = id & 0xFF; ++ } else if (id <= 0xFFFFFFF) { ++ *p++ = 0xC0 | (sign << 4) | ((id & 0xF000000) >> 24); ++ *p++ = (id & 0xFF0000) >> 16; ++ *p++ = (id & 0xFF00) >> 8; ++ *p++ = id & 0xFF; ++ } else { ++ *p++ = 0xE0; ++ if (sign) id = -id; ++ copy_be32((u32*)p, (u32*)&id); ++ p += 4; ++ } ++ ++ id_size = (p - base); ++ item->used_size += id_size; ++ ++ if (AddValue(item, type, pvalue, size) == FALSE) { ++ item->used_size -= id_size; ++ return FALSE; ++ } ++ ++ item->count++; ++ ++ return TRUE; ++ ++} ++ ++/***************************************************************************/ ++ ++BINN_PRIVATE void * compress_int(int *pstorage_type, int *ptype, void *psource) { ++ int storage_type, storage_type2, type, type2=0; ++ int64 vint = 0; ++ uint64 vuint; ++ char *pvalue; ++#if BYTE_ORDER == BIG_ENDIAN ++ int size1, size2; ++#endif ++ ++ storage_type = *pstorage_type; ++ if (storage_type == BINN_STORAGE_BYTE) return psource; ++ ++ type = *ptype; ++ ++ switch (type) { ++ case BINN_INT64: ++ vint = *(int64*)psource; ++ goto loc_signed; ++ case BINN_INT32: ++ vint = *(int*)psource; ++ goto loc_signed; ++ case BINN_INT16: ++ vint = *(short*)psource; ++ goto loc_signed; ++ case BINN_UINT64: ++ vuint = *(uint64*)psource; ++ goto loc_positive; ++ case BINN_UINT32: ++ vuint = *(unsigned int*)psource; ++ goto loc_positive; ++ case BINN_UINT16: ++ vuint = *(unsigned short*)psource; ++ goto loc_positive; ++ } ++ ++loc_signed: ++ ++ if (vint >= 0) { ++ vuint = vint; ++ goto loc_positive; ++ } ++ ++/* loc_negative: */ ++ ++ if (vint >= INT8_MIN) { ++ type2 = BINN_INT8; ++ } else ++ if (vint >= INT16_MIN) { ++ type2 = BINN_INT16; ++ } else ++ if (vint >= INT32_MIN) { ++ type2 = BINN_INT32; ++ } ++ goto loc_exit; ++ ++loc_positive: ++ ++ if (vuint <= UINT8_MAX) { ++ type2 = BINN_UINT8; ++ } else ++ if (vuint <= UINT16_MAX) { ++ type2 = BINN_UINT16; ++ } else ++ if (vuint <= UINT32_MAX) { ++ type2 = BINN_UINT32; ++ } ++ ++loc_exit: ++ ++ pvalue = (char *) psource; ++ ++ if ((type2) && (type2 != type)) { ++ *ptype = type2; ++ storage_type2 = binn_get_write_storage(type2); ++ *pstorage_type = storage_type2; ++#if BYTE_ORDER == BIG_ENDIAN ++ size1 = get_storage_size(storage_type); ++ size2 = get_storage_size(storage_type2); ++ pvalue += (size1 - size2); ++#endif ++ } ++ ++ return pvalue; ++ ++} ++ ++/***************************************************************************/ ++ ++BINN_PRIVATE int type_family(int type); ++ ++BINN_PRIVATE BOOL AddValue(binn *item, int type, void *pvalue, int size) { ++ int int32, ArgSize, storage_type, extra_type; ++ unsigned char *p; ++ ++ binn_get_type_info(type, &storage_type, &extra_type); ++ ++ if (pvalue == NULL) { ++ switch (storage_type) { ++ case BINN_STORAGE_NOBYTES: ++ break; ++ case BINN_STORAGE_BLOB: ++ case BINN_STORAGE_STRING: ++ if (size == 0) break; /* the 2 above are allowed to have 0 length */ ++ /* fall through */ ++ default: ++ return FALSE; ++ } ++ } ++ ++ if ((type_family(type) == BINN_FAMILY_INT) && (item->disable_int_compression == FALSE)) ++ pvalue = compress_int(&storage_type, &type, pvalue); ++ ++ switch (storage_type) { ++ case BINN_STORAGE_NOBYTES: ++ size = 0; ++ ArgSize = size; ++ break; ++ case BINN_STORAGE_BYTE: ++ size = 1; ++ ArgSize = size; ++ break; ++ case BINN_STORAGE_WORD: ++ size = 2; ++ ArgSize = size; ++ break; ++ case BINN_STORAGE_DWORD: ++ size = 4; ++ ArgSize = size; ++ break; ++ case BINN_STORAGE_QWORD: ++ size = 8; ++ ArgSize = size; ++ break; ++ case BINN_STORAGE_BLOB: ++ if (size < 0) return FALSE; ++ /* if (size == 0) ... */ ++ ArgSize = size + 4; /* at least this size */ ++ break; ++ case BINN_STORAGE_STRING: ++ if (size < 0) return FALSE; ++ if (size == 0) size = strlen2( (char *) pvalue); ++ ArgSize = size + 5; /* at least this size */ ++ break; ++ case BINN_STORAGE_CONTAINER: ++ if (size <= 0) return FALSE; ++ ArgSize = size; ++ break; ++ default: ++ return FALSE; ++ } ++ ++ ArgSize += 2; /* at least 2 bytes used for data_type. */ ++ if (CheckAllocation(item, ArgSize) == FALSE) return FALSE; ++ ++ /* Gets the pointer to the next place in buffer */ ++ p = ((unsigned char *) item->pbuf) + item->used_size; ++ ++ /* If the data is not a container, store the data type */ ++ if (storage_type != BINN_STORAGE_CONTAINER) { ++ if (type > 255) { ++ u16 type16 = type; ++ copy_be16((u16*)p, (u16*)&type16); ++ p += 2; ++ item->used_size += 2; ++ } else { ++ *p = type; ++ p++; ++ item->used_size++; ++ } ++ } ++ ++ switch (storage_type) { ++ case BINN_STORAGE_NOBYTES: ++ /* Nothing to do. */ ++ break; ++ case BINN_STORAGE_BYTE: ++ *((char *) p) = *((char *) pvalue); ++ item->used_size += 1; ++ break; ++ case BINN_STORAGE_WORD: ++ copy_be16((u16*)p, (u16*)pvalue); ++ item->used_size += 2; ++ break; ++ case BINN_STORAGE_DWORD: ++ copy_be32((u32*)p, (u32*)pvalue); ++ item->used_size += 4; ++ break; ++ case BINN_STORAGE_QWORD: ++ copy_be64((u64*)p, (u64*)pvalue); ++ item->used_size += 8; ++ break; ++ case BINN_STORAGE_BLOB: ++ case BINN_STORAGE_STRING: ++ if (size > 127) { ++ int32 = size | 0x80000000; ++ copy_be32((u32*)p, (u32*)&int32); ++ p += 4; ++ item->used_size += 4; ++ } else { ++ *((unsigned char *) p) = size; ++ p++; ++ item->used_size++; ++ } ++ memcpy(p, pvalue, size); ++ if (storage_type == BINN_STORAGE_STRING) { ++ p += size; ++ *((char *) p) = (char) 0; ++ size++; /* null terminator */ ++ } ++ item->used_size += size; ++ break; ++ case BINN_STORAGE_CONTAINER: ++ memcpy(p, pvalue, size); ++ item->used_size += size; ++ break; ++ } ++ ++ item->dirty = TRUE; ++ ++ return TRUE; ++} ++ ++/***************************************************************************/ ++ ++BINN_PRIVATE BOOL binn_save_header(binn *item) { ++ unsigned char byte, *p; ++ int int32, size; ++ ++ if (item == NULL) return FALSE; ++ ++#ifndef BINN_DISABLE_SMALL_HEADER ++ ++ p = ((unsigned char *) item->pbuf) + MAX_BINN_HEADER; ++ size = item->used_size - MAX_BINN_HEADER + 3; /* at least 3 bytes for the header */ ++ ++ /* write the count */ ++ if (item->count > 127) { ++ p -= 4; ++ size += 3; ++ int32 = item->count | 0x80000000; ++ copy_be32((u32*)p, (u32*)&int32); ++ } else { ++ p--; ++ *p = (unsigned char) item->count; ++ } ++ ++ /* write the size */ ++ if (size > 127) { ++ p -= 4; ++ size += 3; ++ int32 = size | 0x80000000; ++ copy_be32((u32*)p, (u32*)&int32); ++ } else { ++ p--; ++ *p = (unsigned char) size; ++ } ++ ++ /* write the type. */ ++ p--; ++ *p = (unsigned char) item->type; ++ ++ /* set the values */ ++ item->ptr = p; ++ item->size = size; ++ ++ UNUSED(byte); ++ ++#else ++ ++ p = (unsigned char *) item->pbuf; ++ ++ /* write the type. */ ++ byte = item->type; ++ *p = byte; p++; ++ /* write the size */ ++ int32 = item->used_size | 0x80000000; ++ copy_be32((u32*)p, (u32*)&int32); ++ p+=4; ++ /* write the count */ ++ int32 = item->count | 0x80000000; ++ copy_be32((u32*)p, (u32*)&int32); ++ ++ item->ptr = item->pbuf; ++ item->size = item->used_size; ++ ++#endif ++ ++ item->dirty = FALSE; ++ ++ return TRUE; ++ ++} ++ ++/***************************************************************************/ ++ ++void APIENTRY binn_free(binn *item) { ++ ++ if (item == NULL) return; ++ ++ if ((item->writable) && (item->pre_allocated == FALSE)) { ++ free_fn(item->pbuf); ++ } ++ ++ if (item->freefn) item->freefn(item->ptr); ++ ++ if (item->allocated) { ++ free_fn(item); ++ } else { ++ memset(item, 0, sizeof(binn)); ++ item->header = BINN_MAGIC; ++ } ++ ++} ++ ++/***************************************************************************/ ++/* free the binn structure but keeps the binn buffer allocated, returning a pointer to it. use the free function to release the buffer later */ ++void * APIENTRY binn_release(binn *item) { ++ void *data; ++ ++ if (item == NULL) return NULL; ++ ++ data = binn_ptr(item); ++ ++ if (data > item->pbuf) { ++ memmove(item->pbuf, data, item->size); ++ data = item->pbuf; ++ } ++ ++ if (item->allocated) { ++ free_fn(item); ++ } else { ++ memset(item, 0, sizeof(binn)); ++ item->header = BINN_MAGIC; ++ } ++ ++ return data; ++ ++} ++ ++/***************************************************************************/ ++ ++BINN_PRIVATE BOOL IsValidBinnHeader(void *pbuf, int *ptype, int *pcount, int *psize, int *pheadersize) { ++ unsigned char byte, *p, *plimit=0; ++ int int32, type, size, count; ++ ++ if (pbuf == NULL) return FALSE; ++ ++ p = (unsigned char *) pbuf; ++ ++ if (psize && *psize > 0) { ++ plimit = p + *psize - 1; ++ } ++ ++ /* get the type */ ++ byte = *p; p++; ++ if ((byte & BINN_STORAGE_MASK) != BINN_STORAGE_CONTAINER) return FALSE; ++ if (byte & BINN_STORAGE_HAS_MORE) return FALSE; ++ type = byte; ++ ++ switch (type) { ++ case BINN_LIST: ++ case BINN_MAP: ++ case BINN_OBJECT: ++ break; ++ default: ++ return FALSE; ++ } ++ ++ /* get the size */ ++ if (plimit && p > plimit) return FALSE; ++ int32 = *((unsigned char*)p); ++ if (int32 & 0x80) { ++ if (plimit && p + sizeof(int) - 1 > plimit) return FALSE; ++ copy_be32((u32*)&int32, (u32*)p); ++ int32 &= 0x7FFFFFFF; ++ p+=4; ++ } else { ++ p++; ++ } ++ size = int32; ++ ++ /* get the count */ ++ if (plimit && p > plimit) return FALSE; ++ int32 = *((unsigned char*)p); ++ if (int32 & 0x80) { ++ if (plimit && p + sizeof(int) - 1 > plimit) return FALSE; ++ copy_be32((u32*)&int32, (u32*)p); ++ int32 &= 0x7FFFFFFF; ++ p+=4; ++ } else { ++ p++; ++ } ++ count = int32; ++ ++#if 0 ++ /* get the size */ ++ copy_be32((u32*)&size, (u32*)p); ++ size &= 0x7FFFFFFF; ++ p+=4; ++ ++ /* get the count */ ++ copy_be32((u32*)&count, (u32*)p); ++ count &= 0x7FFFFFFF; ++ p+=4; ++#endif ++ ++ if ((size < MIN_BINN_SIZE) || (count < 0)) return FALSE; ++ ++ /* return the values */ ++ if (ptype) *ptype = type; ++ if (pcount) *pcount = count; ++ if (psize && *psize==0) *psize = size; ++ if (pheadersize) *pheadersize = (int) (p - (unsigned char*)pbuf); ++ return TRUE; ++} ++ ++/***************************************************************************/ ++ ++BINN_PRIVATE int binn_buf_type(void *pbuf) { ++ int type; ++ ++ if (!IsValidBinnHeader(pbuf, &type, NULL, NULL, NULL)) return INVALID_BINN; ++ ++ return type; ++ ++} ++ ++/***************************************************************************/ ++ ++BINN_PRIVATE int binn_buf_count(void *pbuf) { ++ int nitems; ++ ++ if (!IsValidBinnHeader(pbuf, NULL, &nitems, NULL, NULL)) return 0; ++ ++ return nitems; ++ ++} ++ ++/***************************************************************************/ ++ ++BINN_PRIVATE int binn_buf_size(void *pbuf) { ++ int size=0; ++ ++ if (!IsValidBinnHeader(pbuf, NULL, NULL, &size, NULL)) return 0; ++ ++ return size; ++ ++} ++ ++/***************************************************************************/ ++ ++void * APIENTRY binn_ptr(void *ptr) { ++ binn *item; ++ ++ switch (binn_get_ptr_type(ptr)) { ++ case BINN_STRUCT: ++ item = (binn*) ptr; ++ if (item->writable && item->dirty) { ++ binn_save_header(item); ++ } ++ return item->ptr; ++ case BINN_BUFFER: ++ return ptr; ++ default: ++ return NULL; ++ } ++ ++} ++ ++/***************************************************************************/ ++ ++int APIENTRY binn_size(void *ptr) { ++ binn *item; ++ ++ switch (binn_get_ptr_type(ptr)) { ++ case BINN_STRUCT: ++ item = (binn*) ptr; ++ if (item->writable && item->dirty) { ++ binn_save_header(item); ++ } ++ return item->size; ++ case BINN_BUFFER: ++ return binn_buf_size(ptr); ++ default: ++ return 0; ++ } ++ ++} ++ ++/***************************************************************************/ ++ ++int APIENTRY binn_type(void *ptr) { ++ binn *item; ++ ++ switch (binn_get_ptr_type(ptr)) { ++ case BINN_STRUCT: ++ item = (binn*) ptr; ++ return item->type; ++ case BINN_BUFFER: ++ return binn_buf_type(ptr); ++ default: ++ return -1; ++ } ++ ++} ++ ++/***************************************************************************/ ++ ++int APIENTRY binn_count(void *ptr) { ++ binn *item; ++ ++ switch (binn_get_ptr_type(ptr)) { ++ case BINN_STRUCT: ++ item = (binn*) ptr; ++ return item->count; ++ case BINN_BUFFER: ++ return binn_buf_count(ptr); ++ default: ++ return -1; ++ } ++ ++} ++ ++/***************************************************************************/ ++ ++BOOL APIENTRY binn_is_valid_ex(void *ptr, int *ptype, int *pcount, int *psize) { ++ int i, type, count, size, header_size; ++ unsigned char *p, *plimit, *base, len; ++ void *pbuf; ++ ++ pbuf = binn_ptr(ptr); ++ if (pbuf == NULL) return FALSE; ++ ++ /* is there an informed size? */ ++ if (psize && *psize > 0) { ++ size = *psize; ++ } else { ++ size = 0; ++ } ++ ++ if (!IsValidBinnHeader(pbuf, &type, &count, &size, &header_size)) return FALSE; ++ ++ /* is there an informed size? */ ++ if (psize && *psize > 0) { ++ /* is it the same as the one in the buffer? */ ++ if (size != *psize) return FALSE; ++ } ++ /* is there an informed count? */ ++ if (pcount && *pcount > 0) { ++ /* is it the same as the one in the buffer? */ ++ if (count != *pcount) return FALSE; ++ } ++ /* is there an informed type? */ ++ if (ptype && *ptype != 0) { ++ /* is it the same as the one in the buffer? */ ++ if (type != *ptype) return FALSE; ++ } ++ ++ /* it could compare the content size with the size informed on the header */ ++ ++ p = (unsigned char *)pbuf; ++ base = p; ++ plimit = p + size; ++ ++ p += header_size; ++ ++ /* process all the arguments. */ ++ for (i = 0; i < count; i++) { ++ switch (type) { ++ case BINN_OBJECT: ++ /* gets the string size (argument name) */ ++ len = *p; ++ p++; ++ /* if (len == 0) goto Invalid; */ ++ /* increment the used space */ ++ p += len; ++ break; ++ case BINN_MAP: ++ /* increment the used space */ ++ read_map_id(&p, plimit); ++ break; ++ /* case BINN_LIST: */ ++ /* break; */ ++ } ++ /* xxx */ ++ p = AdvanceDataPos(p, plimit); ++ if ((p == 0) || (p < base)) goto Invalid; ++ } ++ ++ if (ptype && *ptype==0) *ptype = type; ++ if (pcount && *pcount==0) *pcount = count; ++ if (psize && *psize==0) *psize = size; ++ return TRUE; ++ ++Invalid: ++ return FALSE; ++ ++} ++ ++/***************************************************************************/ ++ ++BOOL APIENTRY binn_is_valid(void *ptr, int *ptype, int *pcount, int *psize) { ++ ++ if (ptype) *ptype = 0; ++ if (pcount) *pcount = 0; ++ if (psize) *psize = 0; ++ ++ return binn_is_valid_ex(ptr, ptype, pcount, psize); ++ ++} ++ ++/***************************************************************************/ ++/*** INTERNAL FUNCTIONS ****************************************************/ ++/***************************************************************************/ ++ ++BINN_PRIVATE BOOL GetValue(unsigned char *p, binn *value) { ++ unsigned char byte; ++ int data_type, storage_type; /* , extra_type; */ ++ int DataSize; ++ void *p2; ++ ++ if (value == NULL) return FALSE; ++ memset(value, 0, sizeof(binn)); ++ value->header = BINN_MAGIC; ++ /* value->allocated = FALSE; -- already zeroed */ ++ /* value->writable = FALSE; */ ++ ++ /* saves for use with BINN_STORAGE_CONTAINER */ ++ p2 = p; ++ ++ /* read the data type */ ++ byte = *p; p++; ++ storage_type = byte & BINN_STORAGE_MASK; ++ if (byte & BINN_STORAGE_HAS_MORE) { ++ data_type = byte << 8; ++ byte = *p; p++; ++ data_type |= byte; ++ /* extra_type = data_type & BINN_TYPE_MASK16; */ ++ } else { ++ data_type = byte; ++ /* extra_type = byte & BINN_TYPE_MASK; */ ++ } ++ ++ /* value->storage_type = storage_type; */ ++ value->type = data_type; ++ ++ switch (storage_type) { ++ case BINN_STORAGE_NOBYTES: ++ break; ++ case BINN_STORAGE_BYTE: ++ value->vuint8 = *((unsigned char *) p); ++ value->ptr = p; /* value->ptr = &value->vuint8; */ ++ break; ++ case BINN_STORAGE_WORD: ++ copy_be16((u16*)&value->vint16, (u16*)p); ++ value->ptr = &value->vint16; ++ break; ++ case BINN_STORAGE_DWORD: ++ copy_be32((u32*)&value->vint32, (u32*)p); ++ value->ptr = &value->vint32; ++ break; ++ case BINN_STORAGE_QWORD: ++ copy_be64((u64*)&value->vint64, (u64*)p); ++ value->ptr = &value->vint64; ++ break; ++ case BINN_STORAGE_BLOB: ++ case BINN_STORAGE_STRING: ++ DataSize = *((unsigned char*)p); ++ if (DataSize & 0x80) { ++ copy_be32((u32*)&DataSize, (u32*)p); ++ DataSize &= 0x7FFFFFFF; ++ p+=4; ++ } else { ++ p++; ++ } ++ value->size = DataSize; ++ value->ptr = p; ++ break; ++ case BINN_STORAGE_CONTAINER: ++ value->ptr = p2; /* <-- it returns the pointer to the container, not the data */ ++ if (IsValidBinnHeader(p2, NULL, &value->count, &value->size, NULL) == FALSE) return FALSE; ++ break; ++ default: ++ return FALSE; ++ } ++ ++ /* convert the returned value, if needed */ ++ ++ switch (value->type) { ++ case BINN_TRUE: ++ value->type = BINN_BOOL; ++ value->vbool = TRUE; ++ value->ptr = &value->vbool; ++ break; ++ case BINN_FALSE: ++ value->type = BINN_BOOL; ++ value->vbool = FALSE; ++ value->ptr = &value->vbool; ++ break; ++#ifdef BINN_EXTENDED ++ case BINN_SINGLE_STR: ++ value->type = BINN_SINGLE; ++ value->vfloat = (float) atof((const char*)value->ptr); /* converts from string to double, and then to float */ ++ value->ptr = &value->vfloat; ++ break; ++ case BINN_DOUBLE_STR: ++ value->type = BINN_DOUBLE; ++ value->vdouble = atof((const char*)value->ptr); /* converts from string to double */ ++ value->ptr = &value->vdouble; ++ break; ++#endif ++ /* ++ case BINN_DECIMAL: ++ case BINN_CURRENCYSTR: ++ case BINN_DATE: ++ case BINN_DATETIME: ++ case BINN_TIME: ++ */ ++ } ++ ++ return TRUE; ++ ++} ++ ++/***************************************************************************/ ++ ++#if BYTE_ORDER == LITTLE_ENDIAN ++ ++/* on little-endian devices we store the value so we can return a pointer to integers. */ ++/* it's valid only for single-threaded apps. multi-threaded apps must use the _get_ functions instead. */ ++ ++binn local_value; ++ ++BINN_PRIVATE void * store_value(binn *value) { ++ ++ memcpy(&local_value, value, sizeof(binn)); ++ ++ switch (binn_get_read_storage(value->type)) { ++ case BINN_STORAGE_NOBYTES: ++ /* return a valid pointer */ ++ case BINN_STORAGE_WORD: ++ case BINN_STORAGE_DWORD: ++ case BINN_STORAGE_QWORD: ++ return &local_value.vint32; /* returns the pointer to the converted value, from big-endian to little-endian */ ++ } ++ ++ return value->ptr; /* returns from the on stack value to be thread-safe (for list, map, object, string and blob) */ ++ ++} ++ ++#endif ++ ++/***************************************************************************/ ++/*** READ FUNCTIONS ********************************************************/ ++/***************************************************************************/ ++ ++BOOL APIENTRY binn_object_get_value(void *ptr, const char *key, binn *value) { ++ int type, count, size=0, header_size; ++ unsigned char *p; ++ ++ ptr = binn_ptr(ptr); ++ if ((ptr == 0) || (key == 0) || (value == 0)) return FALSE; ++ ++ /* check the header */ ++ if (IsValidBinnHeader(ptr, &type, &count, &size, &header_size) == FALSE) return FALSE; ++ ++ if (type != BINN_OBJECT) return FALSE; ++ if (count == 0) return FALSE; ++ ++ p = (unsigned char *) ptr; ++ p = SearchForKey(p, header_size, size, count, key); ++ if (p == FALSE) return FALSE; ++ ++ return GetValue(p, value); ++ ++} ++ ++/***************************************************************************/ ++ ++BOOL APIENTRY binn_map_get_value(void* ptr, int id, binn *value) { ++ int type, count, size=0, header_size; ++ unsigned char *p; ++ ++ ptr = binn_ptr(ptr); ++ if ((ptr == 0) || (value == 0)) return FALSE; ++ ++ /* check the header */ ++ if (IsValidBinnHeader(ptr, &type, &count, &size, &header_size) == FALSE) return FALSE; ++ ++ if (type != BINN_MAP) return FALSE; ++ if (count == 0) return FALSE; ++ ++ p = (unsigned char *) ptr; ++ p = SearchForID(p, header_size, size, count, id); ++ if (p == FALSE) return FALSE; ++ ++ return GetValue(p, value); ++ ++} ++ ++/***************************************************************************/ ++ ++BOOL APIENTRY binn_list_get_value(void* ptr, int pos, binn *value) { ++ int i, type, count, size=0, header_size; ++ unsigned char *p, *plimit, *base; ++ ++ ptr = binn_ptr(ptr); ++ if ((ptr == 0) || (value == 0)) return FALSE; ++ ++ /* check the header */ ++ if (IsValidBinnHeader(ptr, &type, &count, &size, &header_size) == FALSE) return FALSE; ++ ++ if (type != BINN_LIST) return FALSE; ++ if (count == 0) return FALSE; ++ if ((pos <= 0) | (pos > count)) return FALSE; ++ pos--; /* convert from base 1 to base 0 */ ++ ++ p = (unsigned char *) ptr; ++ base = p; ++ plimit = p + size; ++ p += header_size; ++ ++ for (i = 0; i < pos; i++) { ++ p = AdvanceDataPos(p, plimit); ++ if ((p == 0) || (p < base)) return FALSE; ++ } ++ ++ return GetValue(p, value); ++ ++} ++ ++/***************************************************************************/ ++/*** READ PAIR BY POSITION *************************************************/ ++/***************************************************************************/ ++ ++BINN_PRIVATE BOOL binn_read_pair(int expected_type, void *ptr, int pos, int *pid, char *pkey, binn *value) { ++ int type, count, size=0, header_size; ++ int i, int32, id = 0, counter=0; ++ unsigned char *p, *plimit, *base, *key = NULL, len = 0; ++ ++ ptr = binn_ptr(ptr); ++ ++ /* check the header */ ++ if (IsValidBinnHeader(ptr, &type, &count, &size, &header_size) == FALSE) return FALSE; ++ ++ if ((type != expected_type) || (count == 0) || (pos < 1) || (pos > count)) return FALSE; ++ ++ p = (unsigned char *) ptr; ++ base = p; ++ plimit = p + size - 1; ++ p += header_size; ++ ++ for (i = 0; i < count; i++) { ++ switch (type) { ++ case BINN_MAP: ++ int32 = read_map_id(&p, plimit); ++ if (p > plimit) return FALSE; ++ id = int32; ++ break; ++ case BINN_OBJECT: ++ len = *((unsigned char *)p); p++; ++ if (p > plimit) return FALSE; ++ key = p; ++ p += len; ++ if (p > plimit) return FALSE; ++ break; ++ } ++ counter++; ++ if (counter == pos) goto found; ++ /* */ ++ p = AdvanceDataPos(p, plimit); ++ if ((p == 0) || (p < base)) return FALSE; ++ } ++ ++ return FALSE; ++ ++found: ++ ++ switch (type) { ++ case BINN_MAP: ++ if (pid) *pid = id; ++ break; ++ case BINN_OBJECT: ++ if (pkey) { ++ memcpy(pkey, key, len); ++ pkey[len] = 0; ++ } ++ break; ++ } ++ ++ return GetValue(p, value); ++ ++} ++ ++/***************************************************************************/ ++ ++BOOL APIENTRY binn_map_get_pair(void *ptr, int pos, int *pid, binn *value) { ++ ++ return binn_read_pair(BINN_MAP, ptr, pos, pid, NULL, value); ++ ++} ++ ++/***************************************************************************/ ++ ++BOOL APIENTRY binn_object_get_pair(void *ptr, int pos, char *pkey, binn *value) { ++ ++ return binn_read_pair(BINN_OBJECT, ptr, pos, NULL, pkey, value); ++ ++} ++ ++/***************************************************************************/ ++ ++binn * APIENTRY binn_map_pair(void *map, int pos, int *pid) { ++ binn *value; ++ ++ value = (binn *) binn_malloc(sizeof(binn)); ++ ++ if (binn_read_pair(BINN_MAP, map, pos, pid, NULL, value) == FALSE) { ++ free_fn(value); ++ return NULL; ++ } ++ ++ value->allocated = TRUE; ++ return value; ++ ++} ++ ++/***************************************************************************/ ++ ++binn * APIENTRY binn_object_pair(void *obj, int pos, char *pkey) { ++ binn *value; ++ ++ value = (binn *) binn_malloc(sizeof(binn)); ++ ++ if (binn_read_pair(BINN_OBJECT, obj, pos, NULL, pkey, value) == FALSE) { ++ free_fn(value); ++ return NULL; ++ } ++ ++ value->allocated = TRUE; ++ return value; ++ ++} ++ ++/***************************************************************************/ ++/***************************************************************************/ ++ ++void * APIENTRY binn_map_read_pair(void *ptr, int pos, int *pid, int *ptype, int *psize) { ++ binn value; ++ ++ if (binn_map_get_pair(ptr, pos, pid, &value) == FALSE) return NULL; ++ if (ptype) *ptype = value.type; ++ if (psize) *psize = value.size; ++#if BYTE_ORDER == LITTLE_ENDIAN ++ return store_value(&value); ++#else ++ return value.ptr; ++#endif ++ ++} ++ ++/***************************************************************************/ ++ ++void * APIENTRY binn_object_read_pair(void *ptr, int pos, char *pkey, int *ptype, int *psize) { ++ binn value; ++ ++ if (binn_object_get_pair(ptr, pos, pkey, &value) == FALSE) return NULL; ++ if (ptype) *ptype = value.type; ++ if (psize) *psize = value.size; ++#if BYTE_ORDER == LITTLE_ENDIAN ++ return store_value(&value); ++#else ++ return value.ptr; ++#endif ++ ++} ++ ++/***************************************************************************/ ++/*** SEQUENTIAL READ FUNCTIONS *********************************************/ ++/***************************************************************************/ ++ ++BOOL APIENTRY binn_iter_init(binn_iter *iter, void *ptr, int expected_type) { ++ int type, count, size=0, header_size; ++ ++ ptr = binn_ptr(ptr); ++ if ((ptr == 0) || (iter == 0)) return FALSE; ++ memset(iter, 0, sizeof(binn_iter)); ++ ++ /* check the header */ ++ if (IsValidBinnHeader(ptr, &type, &count, &size, &header_size) == FALSE) return FALSE; ++ ++ if (type != expected_type) return FALSE; ++ /* if (count == 0) return FALSE; -- should not be used */ ++ ++ iter->plimit = (unsigned char *)ptr + size - 1; ++ iter->pnext = (unsigned char *)ptr + header_size; ++ iter->count = count; ++ iter->current = 0; ++ iter->type = type; ++ ++ return TRUE; ++} ++ ++/***************************************************************************/ ++ ++BOOL APIENTRY binn_list_next(binn_iter *iter, binn *value) { ++ unsigned char *pnow; ++ ++ if ((iter == 0) || (iter->pnext == 0) || (iter->pnext > iter->plimit) || (iter->current > iter->count) || (iter->type != BINN_LIST)) return FALSE; ++ ++ iter->current++; ++ if (iter->current > iter->count) return FALSE; ++ ++ pnow = iter->pnext; ++ iter->pnext = AdvanceDataPos(pnow, iter->plimit); ++ if (iter->pnext != 0 && iter->pnext < pnow) return FALSE; ++ ++ return GetValue(pnow, value); ++ ++} ++ ++/***************************************************************************/ ++ ++BINN_PRIVATE BOOL binn_read_next_pair(int expected_type, binn_iter *iter, int *pid, char *pkey, binn *value) { ++ int int32, id; ++ unsigned char *p, *key; ++ unsigned short len; ++ ++ if ((iter == 0) || (iter->pnext == 0) || (iter->pnext > iter->plimit) || (iter->current > iter->count) || (iter->type != expected_type)) return FALSE; ++ ++ iter->current++; ++ if (iter->current > iter->count) return FALSE; ++ ++ p = iter->pnext; ++ ++ switch (expected_type) { ++ case BINN_MAP: ++ int32 = read_map_id(&p, iter->plimit); ++ if (p > iter->plimit) return FALSE; ++ id = int32; ++ if (pid) *pid = id; ++ break; ++ case BINN_OBJECT: ++ len = *((unsigned char *)p); p++; ++ key = p; ++ p += len; ++ if (p > iter->plimit) return FALSE; ++ if (pkey) { ++ memcpy(pkey, key, len); ++ pkey[len] = 0; ++ } ++ break; ++ } ++ ++ iter->pnext = AdvanceDataPos(p, iter->plimit); ++ if (iter->pnext != 0 && iter->pnext < p) return FALSE; ++ ++ return GetValue(p, value); ++ ++} ++ ++/***************************************************************************/ ++ ++BOOL APIENTRY binn_map_next(binn_iter *iter, int *pid, binn *value) { ++ ++ return binn_read_next_pair(BINN_MAP, iter, pid, NULL, value); ++ ++} ++ ++/***************************************************************************/ ++ ++BOOL APIENTRY binn_object_next(binn_iter *iter, char *pkey, binn *value) { ++ ++ return binn_read_next_pair(BINN_OBJECT, iter, NULL, pkey, value); ++ ++} ++ ++/***************************************************************************/ ++/***************************************************************************/ ++ ++binn * APIENTRY binn_list_next_value(binn_iter *iter) { ++ binn *value; ++ ++ value = (binn *) binn_malloc(sizeof(binn)); ++ ++ if (binn_list_next(iter, value) == FALSE) { ++ free_fn(value); ++ return NULL; ++ } ++ ++ value->allocated = TRUE; ++ return value; ++ ++} ++ ++/***************************************************************************/ ++ ++binn * APIENTRY binn_map_next_value(binn_iter *iter, int *pid) { ++ binn *value; ++ ++ value = (binn *) binn_malloc(sizeof(binn)); ++ ++ if (binn_map_next(iter, pid, value) == FALSE) { ++ free_fn(value); ++ return NULL; ++ } ++ ++ value->allocated = TRUE; ++ return value; ++ ++} ++ ++/***************************************************************************/ ++ ++binn * APIENTRY binn_object_next_value(binn_iter *iter, char *pkey) { ++ binn *value; ++ ++ value = (binn *) binn_malloc(sizeof(binn)); ++ ++ if (binn_object_next(iter, pkey, value) == FALSE) { ++ free_fn(value); ++ return NULL; ++ } ++ ++ value->allocated = TRUE; ++ return value; ++ ++} ++ ++/***************************************************************************/ ++/***************************************************************************/ ++ ++void * APIENTRY binn_list_read_next(binn_iter *iter, int *ptype, int *psize) { ++ binn value; ++ ++ if (binn_list_next(iter, &value) == FALSE) return NULL; ++ if (ptype) *ptype = value.type; ++ if (psize) *psize = value.size; ++#if BYTE_ORDER == LITTLE_ENDIAN ++ return store_value(&value); ++#else ++ return value.ptr; ++#endif ++ ++} ++ ++/***************************************************************************/ ++ ++void * APIENTRY binn_map_read_next(binn_iter *iter, int *pid, int *ptype, int *psize) { ++ binn value; ++ ++ if (binn_map_next(iter, pid, &value) == FALSE) return NULL; ++ if (ptype) *ptype = value.type; ++ if (psize) *psize = value.size; ++#if BYTE_ORDER == LITTLE_ENDIAN ++ return store_value(&value); ++#else ++ return value.ptr; ++#endif ++ ++} ++ ++/***************************************************************************/ ++ ++void * APIENTRY binn_object_read_next(binn_iter *iter, char *pkey, int *ptype, int *psize) { ++ binn value; ++ ++ if (binn_object_next(iter, pkey, &value) == FALSE) return NULL; ++ if (ptype) *ptype = value.type; ++ if (psize) *psize = value.size; ++#if BYTE_ORDER == LITTLE_ENDIAN ++ return store_value(&value); ++#else ++ return value.ptr; ++#endif ++ ++} ++ ++/*************************************************************************************/ ++/****** EXTENDED INTERFACE ***********************************************************/ ++/****** none of the functions above call the functions below *************************/ ++/*************************************************************************************/ ++ ++int APIENTRY binn_get_write_storage(int type) { ++ int storage_type; ++ ++ switch (type) { ++ case BINN_SINGLE_STR: ++ case BINN_DOUBLE_STR: ++ return BINN_STORAGE_STRING; ++ ++ case BINN_BOOL: ++ return BINN_STORAGE_NOBYTES; ++ ++ default: ++ binn_get_type_info(type, &storage_type, NULL); ++ return storage_type; ++ } ++ ++} ++ ++/*************************************************************************************/ ++ ++int APIENTRY binn_get_read_storage(int type) { ++ int storage_type; ++ ++ switch (type) { ++#ifdef BINN_EXTENDED ++ case BINN_SINGLE_STR: ++ return BINN_STORAGE_DWORD; ++ case BINN_DOUBLE_STR: ++ return BINN_STORAGE_QWORD; ++#endif ++ case BINN_BOOL: ++ case BINN_TRUE: ++ case BINN_FALSE: ++ return BINN_STORAGE_DWORD; ++ default: ++ binn_get_type_info(type, &storage_type, NULL); ++ return storage_type; ++ } ++ ++} ++ ++/*************************************************************************************/ ++ ++BINN_PRIVATE BOOL GetWriteConvertedData(int *ptype, void **ppvalue, int *psize) { ++ int type; ++ float f1; ++ double d1; ++ char pstr[128]; ++ ++ UNUSED(pstr); ++ UNUSED(d1); ++ UNUSED(f1); ++ ++ type = *ptype; ++ ++ if (*ppvalue == NULL) { ++ switch (type) { ++ case BINN_NULL: ++ case BINN_TRUE: ++ case BINN_FALSE: ++ break; ++ case BINN_STRING: ++ case BINN_BLOB: ++ if (*psize == 0) break; ++ /* fall through */ ++ default: ++ return FALSE; ++ } ++ } ++ ++ switch (type) { ++#ifdef BINN_EXTENDED ++ case BINN_SINGLE: ++ f1 = **(float**)ppvalue; ++ d1 = f1; /* convert from float (32bits) to double (64bits) */ ++ type = BINN_SINGLE_STR; ++ goto conv_double; ++ case BINN_DOUBLE: ++ d1 = **(double**)ppvalue; ++ type = BINN_DOUBLE_STR; ++conv_double: ++ /* the '%.17e' is more precise than the '%g' */ ++ snprintf(pstr, 127, "%.17e", d1); ++ *ppvalue = pstr; ++ *ptype = type; ++ break; ++#endif ++ case BINN_DECIMAL: ++ case BINN_CURRENCYSTR: ++ /* ++ if (binn_malloc_extptr(128) == NULL) return FALSE; ++ snprintf(sptr, 127, "%E", **ppvalue); ++ *ppvalue = sptr; ++ */ ++ return TRUE; /* ! temporary */ ++ break; ++ ++ case BINN_DATE: ++ case BINN_DATETIME: ++ case BINN_TIME: ++ return TRUE; /* ! temporary */ ++ break; ++ ++ case BINN_BOOL: ++ if (**((BOOL**)ppvalue) == FALSE) { ++ type = BINN_FALSE; ++ } else { ++ type = BINN_TRUE; ++ } ++ *ptype = type; ++ break; ++ ++ } ++ ++ return TRUE; ++ ++} ++ ++/*************************************************************************************/ ++ ++BINN_PRIVATE int type_family(int type) { ++ ++ switch (type) { ++ case BINN_LIST: ++ case BINN_MAP: ++ case BINN_OBJECT: ++ return BINN_FAMILY_BINN; ++ ++ case BINN_INT8: ++ case BINN_INT16: ++ case BINN_INT32: ++ case BINN_INT64: ++ case BINN_UINT8: ++ case BINN_UINT16: ++ case BINN_UINT32: ++ case BINN_UINT64: ++ return BINN_FAMILY_INT; ++ ++ case BINN_FLOAT32: ++ case BINN_FLOAT64: ++ /* case BINN_SINGLE: */ ++ case BINN_SINGLE_STR: ++ /* case BINN_DOUBLE: */ ++ case BINN_DOUBLE_STR: ++ return BINN_FAMILY_FLOAT; ++ ++ case BINN_STRING: ++ case BINN_HTML: ++ case BINN_CSS: ++ case BINN_XML: ++ case BINN_JSON: ++ case BINN_JAVASCRIPT: ++ return BINN_FAMILY_STRING; ++ ++ case BINN_BLOB: ++ case BINN_JPEG: ++ case BINN_GIF: ++ case BINN_PNG: ++ case BINN_BMP: ++ return BINN_FAMILY_BLOB; ++ ++ case BINN_DECIMAL: ++ case BINN_CURRENCY: ++ case BINN_DATE: ++ case BINN_TIME: ++ case BINN_DATETIME: ++ return BINN_FAMILY_STRING; ++ ++ case BINN_BOOL: ++ return BINN_FAMILY_BOOL; ++ ++ case BINN_NULL: ++ return BINN_FAMILY_NULL; ++ ++ default: ++ /* if it wasn't found */ ++ return BINN_FAMILY_NONE; ++ } ++ ++} ++ ++/*************************************************************************************/ ++ ++BINN_PRIVATE int int_type(int type) { ++ ++ switch (type) { ++ case BINN_INT8: ++ case BINN_INT16: ++ case BINN_INT32: ++ case BINN_INT64: ++ return BINN_SIGNED_INT; ++ ++ case BINN_UINT8: ++ case BINN_UINT16: ++ case BINN_UINT32: ++ case BINN_UINT64: ++ return BINN_UNSIGNED_INT; ++ ++ default: ++ return 0; ++ } ++ ++} ++ ++/*************************************************************************************/ ++ ++BINN_PRIVATE BOOL copy_raw_value(void *psource, void *pdest, int data_store) { ++ ++ switch (data_store) { ++ case BINN_STORAGE_NOBYTES: ++ break; ++ case BINN_STORAGE_BYTE: ++ *((char *) pdest) = *(char *)psource; ++ break; ++ case BINN_STORAGE_WORD: ++ *((short *) pdest) = *(short *)psource; ++ break; ++ case BINN_STORAGE_DWORD: ++ *((int *) pdest) = *(int *)psource; ++ break; ++ case BINN_STORAGE_QWORD: ++ *((uint64 *) pdest) = *(uint64 *)psource; ++ break; ++ case BINN_STORAGE_BLOB: ++ case BINN_STORAGE_STRING: ++ case BINN_STORAGE_CONTAINER: ++ *((char **) pdest) = (char *)psource; ++ break; ++ default: ++ return FALSE; ++ } ++ ++ return TRUE; ++ ++} ++ ++/*************************************************************************************/ ++ ++BINN_PRIVATE BOOL copy_int_value(void *psource, void *pdest, int source_type, int dest_type) { ++ uint64 vuint64 = 0; int64 vint64 = 0; ++ ++ switch (source_type) { ++ case BINN_INT8: ++ vint64 = *(signed char *)psource; ++ break; ++ case BINN_INT16: ++ vint64 = *(short *)psource; ++ break; ++ case BINN_INT32: ++ vint64 = *(int *)psource; ++ break; ++ case BINN_INT64: ++ vint64 = *(int64 *)psource; ++ break; ++ ++ case BINN_UINT8: ++ vuint64 = *(unsigned char *)psource; ++ break; ++ case BINN_UINT16: ++ vuint64 = *(unsigned short *)psource; ++ break; ++ case BINN_UINT32: ++ vuint64 = *(unsigned int *)psource; ++ break; ++ case BINN_UINT64: ++ vuint64 = *(uint64 *)psource; ++ break; ++ ++ default: ++ return FALSE; ++ } ++ ++ ++ /* copy from int64 to uint64, if possible */ ++ ++ if ((int_type(source_type) == BINN_UNSIGNED_INT) && (int_type(dest_type) == BINN_SIGNED_INT)) { ++ if (vuint64 > INT64_MAX) return FALSE; ++ vint64 = vuint64; ++ } else if ((int_type(source_type) == BINN_SIGNED_INT) && (int_type(dest_type) == BINN_UNSIGNED_INT)) { ++ if (vint64 < 0) return FALSE; ++ vuint64 = vint64; ++ } ++ ++ ++ switch (dest_type) { ++ case BINN_INT8: ++ if ((vint64 < INT8_MIN) || (vint64 > INT8_MAX)) return FALSE; ++ *(signed char *)pdest = (signed char) vint64; ++ break; ++ case BINN_INT16: ++ if ((vint64 < INT16_MIN) || (vint64 > INT16_MAX)) return FALSE; ++ *(short *)pdest = (short) vint64; ++ break; ++ case BINN_INT32: ++ if ((vint64 < INT32_MIN) || (vint64 > INT32_MAX)) return FALSE; ++ *(int *)pdest = (int) vint64; ++ break; ++ case BINN_INT64: ++ *(int64 *)pdest = vint64; ++ break; ++ ++ case BINN_UINT8: ++ if (vuint64 > UINT8_MAX) return FALSE; ++ *(unsigned char *)pdest = (unsigned char) vuint64; ++ break; ++ case BINN_UINT16: ++ if (vuint64 > UINT16_MAX) return FALSE; ++ *(unsigned short *)pdest = (unsigned short) vuint64; ++ break; ++ case BINN_UINT32: ++ if (vuint64 > UINT32_MAX) return FALSE; ++ *(unsigned int *)pdest = (unsigned int) vuint64; ++ break; ++ case BINN_UINT64: ++ *(uint64 *)pdest = vuint64; ++ break; ++ ++ default: ++ return FALSE; ++ } ++ ++ return TRUE; ++ ++} ++ ++/*************************************************************************************/ ++ ++BINN_PRIVATE BOOL copy_float_value(void *psource, void *pdest, int source_type) { ++ ++ switch (source_type) { ++ case BINN_FLOAT32: ++ *(double *)pdest = *(float *)psource; ++ break; ++ case BINN_FLOAT64: ++ *(float *)pdest = (float) *(double *)psource; ++ break; ++ default: ++ return FALSE; ++ } ++ ++ return TRUE; ++ ++} ++ ++/*************************************************************************************/ ++ ++BINN_PRIVATE void zero_value(void *pvalue, int type) { ++ /* int size=0; */ ++ ++ switch (binn_get_read_storage(type)) { ++ case BINN_STORAGE_NOBYTES: ++ break; ++ case BINN_STORAGE_BYTE: ++ *((char *) pvalue) = 0; ++ /* size=1; */ ++ break; ++ case BINN_STORAGE_WORD: ++ *((short *) pvalue) = 0; ++ /* size=2; */ ++ break; ++ case BINN_STORAGE_DWORD: ++ *((int *) pvalue) = 0; ++ /* size=4; */ ++ break; ++ case BINN_STORAGE_QWORD: ++ *((uint64 *) pvalue) = 0; ++ /* size=8; */ ++ break; ++ case BINN_STORAGE_BLOB: ++ case BINN_STORAGE_STRING: ++ case BINN_STORAGE_CONTAINER: ++ *(char **)pvalue = NULL; ++ break; ++ } ++ ++ /* if (size>0) memset(pvalue, 0, size); */ ++ ++} ++ ++/*************************************************************************************/ ++ ++BINN_PRIVATE BOOL copy_value(void *psource, void *pdest, int source_type, int dest_type, int data_store) { ++ ++ if (type_family(source_type) != type_family(dest_type)) return FALSE; ++ ++ if ((type_family(source_type) == BINN_FAMILY_INT) && (source_type != dest_type)) { ++ return copy_int_value(psource, pdest, source_type, dest_type); ++ } else if ((type_family(source_type) == BINN_FAMILY_FLOAT) && (source_type != dest_type)) { ++ return copy_float_value(psource, pdest, source_type); ++ } else { ++ return copy_raw_value(psource, pdest, data_store); ++ } ++ ++} ++ ++/*************************************************************************************/ ++/*** WRITE FUNCTIONS *****************************************************************/ ++/*************************************************************************************/ ++ ++BOOL APIENTRY binn_list_add(binn *list, int type, void *pvalue, int size) { ++ ++ if (GetWriteConvertedData(&type, &pvalue, &size) == FALSE) return FALSE; ++ ++ return binn_list_add_raw(list, type, pvalue, size); ++ ++} ++ ++/*************************************************************************************/ ++ ++BOOL APIENTRY binn_map_set(binn *map, int id, int type, void *pvalue, int size) { ++ ++ if (GetWriteConvertedData(&type, &pvalue, &size) == FALSE) return FALSE; ++ ++ return binn_map_set_raw(map, id, type, pvalue, size); ++ ++} ++ ++/*************************************************************************************/ ++ ++BOOL APIENTRY binn_object_set(binn *obj, const char *key, int type, void *pvalue, int size) { ++ ++ if (GetWriteConvertedData(&type, &pvalue, &size) == FALSE) return FALSE; ++ ++ return binn_object_set_raw(obj, key, type, pvalue, size); ++ ++} ++ ++/*************************************************************************************/ ++ ++/* this function is used by the wrappers */ ++BOOL APIENTRY binn_add_value(binn *item, int binn_type, int id, char *name, int type, void *pvalue, int size) { ++ ++ switch (binn_type) { ++ case BINN_LIST: ++ return binn_list_add(item, type, pvalue, size); ++ case BINN_MAP: ++ return binn_map_set(item, id, type, pvalue, size); ++ case BINN_OBJECT: ++ return binn_object_set(item, name, type, pvalue, size); ++ default: ++ return FALSE; ++ } ++ ++} ++ ++/*************************************************************************************/ ++/*************************************************************************************/ ++ ++BOOL APIENTRY binn_list_add_new(binn *list, binn *value) { ++ BOOL retval; ++ ++ retval = binn_list_add_value(list, value); ++ if (value) free_fn(value); ++ return retval; ++ ++} ++ ++/*************************************************************************************/ ++ ++BOOL APIENTRY binn_map_set_new(binn *map, int id, binn *value) { ++ BOOL retval; ++ ++ retval = binn_map_set_value(map, id, value); ++ if (value) free_fn(value); ++ return retval; ++ ++} ++ ++/*************************************************************************************/ ++ ++BOOL APIENTRY binn_object_set_new(binn *obj, const char *key, binn *value) { ++ BOOL retval; ++ ++ retval = binn_object_set_value(obj, key, value); ++ if (value) free_fn(value); ++ return retval; ++ ++} ++ ++/*************************************************************************************/ ++/*** READ FUNCTIONS ******************************************************************/ ++/*************************************************************************************/ ++ ++binn * APIENTRY binn_list_value(void *ptr, int pos) { ++ binn *value; ++ ++ value = (binn *) binn_malloc(sizeof(binn)); ++ ++ if (binn_list_get_value(ptr, pos, value) == FALSE) { ++ free_fn(value); ++ return NULL; ++ } ++ ++ value->allocated = TRUE; ++ return value; ++ ++} ++ ++/*************************************************************************************/ ++ ++binn * APIENTRY binn_map_value(void *ptr, int id) { ++ binn *value; ++ ++ value = (binn *) binn_malloc(sizeof(binn)); ++ ++ if (binn_map_get_value(ptr, id, value) == FALSE) { ++ free_fn(value); ++ return NULL; ++ } ++ ++ value->allocated = TRUE; ++ return value; ++ ++} ++ ++/*************************************************************************************/ ++ ++binn * APIENTRY binn_object_value(void *ptr, const char *key) { ++ binn *value; ++ ++ value = (binn *) binn_malloc(sizeof(binn)); ++ ++ if (binn_object_get_value(ptr, key, value) == FALSE) { ++ free_fn(value); ++ return NULL; ++ } ++ ++ value->allocated = TRUE; ++ return value; ++ ++} ++ ++/***************************************************************************/ ++/***************************************************************************/ ++ ++void * APIENTRY binn_list_read(void *list, int pos, int *ptype, int *psize) { ++ binn value; ++ ++ if (binn_list_get_value(list, pos, &value) == FALSE) return NULL; ++ if (ptype) *ptype = value.type; ++ if (psize) *psize = value.size; ++#if BYTE_ORDER == LITTLE_ENDIAN ++ return store_value(&value); ++#else ++ return value.ptr; ++#endif ++ ++} ++ ++/***************************************************************************/ ++ ++void * APIENTRY binn_map_read(void *map, int id, int *ptype, int *psize) { ++ binn value; ++ ++ if (binn_map_get_value(map, id, &value) == FALSE) return NULL; ++ if (ptype) *ptype = value.type; ++ if (psize) *psize = value.size; ++#if BYTE_ORDER == LITTLE_ENDIAN ++ return store_value(&value); ++#else ++ return value.ptr; ++#endif ++ ++} ++ ++/***************************************************************************/ ++ ++void * APIENTRY binn_object_read(void *obj, const char *key, int *ptype, int *psize) { ++ binn value; ++ ++ if (binn_object_get_value(obj, key, &value) == FALSE) return NULL; ++ if (ptype) *ptype = value.type; ++ if (psize) *psize = value.size; ++#if BYTE_ORDER == LITTLE_ENDIAN ++ return store_value(&value); ++#else ++ return value.ptr; ++#endif ++ ++} ++ ++/***************************************************************************/ ++/***************************************************************************/ ++ ++BOOL APIENTRY binn_list_get(void *ptr, int pos, int type, void *pvalue, int *psize) { ++ binn value; ++ int storage_type; ++ ++ storage_type = binn_get_read_storage(type); ++ if ((storage_type != BINN_STORAGE_NOBYTES) && (pvalue == NULL)) return FALSE; ++ ++ zero_value(pvalue, type); ++ ++ if (binn_list_get_value(ptr, pos, &value) == FALSE) return FALSE; ++ ++ if (copy_value(value.ptr, pvalue, value.type, type, storage_type) == FALSE) return FALSE; ++ ++ if (psize) *psize = value.size; ++ ++ return TRUE; ++ ++} ++ ++/***************************************************************************/ ++ ++BOOL APIENTRY binn_map_get(void *ptr, int id, int type, void *pvalue, int *psize) { ++ binn value; ++ int storage_type; ++ ++ storage_type = binn_get_read_storage(type); ++ if ((storage_type != BINN_STORAGE_NOBYTES) && (pvalue == NULL)) return FALSE; ++ ++ zero_value(pvalue, type); ++ ++ if (binn_map_get_value(ptr, id, &value) == FALSE) return FALSE; ++ ++ if (copy_value(value.ptr, pvalue, value.type, type, storage_type) == FALSE) return FALSE; ++ ++ if (psize) *psize = value.size; ++ ++ return TRUE; ++ ++} ++ ++/***************************************************************************/ ++ ++/* if (binn_object_get(obj, "multiplier", BINN_INT32, &multiplier, NULL) == FALSE) xxx; */ ++ ++BOOL APIENTRY binn_object_get(void *ptr, const char *key, int type, void *pvalue, int *psize) { ++ binn value; ++ int storage_type; ++ ++ storage_type = binn_get_read_storage(type); ++ if ((storage_type != BINN_STORAGE_NOBYTES) && (pvalue == NULL)) return FALSE; ++ ++ zero_value(pvalue, type); ++ ++ if (binn_object_get_value(ptr, key, &value) == FALSE) return FALSE; ++ ++ if (copy_value(value.ptr, pvalue, value.type, type, storage_type) == FALSE) return FALSE; ++ ++ if (psize) *psize = value.size; ++ ++ return TRUE; ++ ++} ++ ++/***************************************************************************/ ++/***************************************************************************/ ++ ++/* these functions below may not be implemented as inline functions, because */ ++/* they use a lot of space, even for the variable. so they will be exported. */ ++ ++/* but what about using as static? */ ++/* is there any problem with wrappers? can these wrappers implement these functions using the header? */ ++/* if as static, will they be present even on modules that don't use the functions? */ ++ ++signed char APIENTRY binn_list_int8(void *list, int pos) { ++ signed char value; ++ ++ binn_list_get(list, pos, BINN_INT8, &value, NULL); ++ ++ return value; ++} ++ ++short APIENTRY binn_list_int16(void *list, int pos) { ++ short value; ++ ++ binn_list_get(list, pos, BINN_INT16, &value, NULL); ++ ++ return value; ++} ++ ++int APIENTRY binn_list_int32(void *list, int pos) { ++ int value; ++ ++ binn_list_get(list, pos, BINN_INT32, &value, NULL); ++ ++ return value; ++} ++ ++int64 APIENTRY binn_list_int64(void *list, int pos) { ++ int64 value; ++ ++ binn_list_get(list, pos, BINN_INT64, &value, NULL); ++ ++ return value; ++} ++ ++unsigned char APIENTRY binn_list_uint8(void *list, int pos) { ++ unsigned char value; ++ ++ binn_list_get(list, pos, BINN_UINT8, &value, NULL); ++ ++ return value; ++} ++ ++unsigned short APIENTRY binn_list_uint16(void *list, int pos) { ++ unsigned short value; ++ ++ binn_list_get(list, pos, BINN_UINT16, &value, NULL); ++ ++ return value; ++} ++ ++unsigned int APIENTRY binn_list_uint32(void *list, int pos) { ++ unsigned int value; ++ ++ binn_list_get(list, pos, BINN_UINT32, &value, NULL); ++ ++ return value; ++} ++ ++uint64 APIENTRY binn_list_uint64(void *list, int pos) { ++ uint64 value; ++ ++ binn_list_get(list, pos, BINN_UINT64, &value, NULL); ++ ++ return value; ++} ++ ++float APIENTRY binn_list_float(void *list, int pos) { ++ float value; ++ ++ binn_list_get(list, pos, BINN_FLOAT32, &value, NULL); ++ ++ return value; ++} ++ ++double APIENTRY binn_list_double(void *list, int pos) { ++ double value; ++ ++ binn_list_get(list, pos, BINN_FLOAT64, &value, NULL); ++ ++ return value; ++} ++ ++BOOL APIENTRY binn_list_bool(void *list, int pos) { ++ BOOL value; ++ ++ binn_list_get(list, pos, BINN_BOOL, &value, NULL); ++ ++ return value; ++} ++ ++BOOL APIENTRY binn_list_null(void *list, int pos) { ++ ++ return binn_list_get(list, pos, BINN_NULL, NULL, NULL); ++ ++} ++ ++char * APIENTRY binn_list_str(void *list, int pos) { ++ char *value; ++ ++ binn_list_get(list, pos, BINN_STRING, &value, NULL); ++ ++ return value; ++} ++ ++void * APIENTRY binn_list_blob(void *list, int pos, int *psize) { ++ void *value; ++ ++ binn_list_get(list, pos, BINN_BLOB, &value, psize); ++ ++ return value; ++} ++ ++void * APIENTRY binn_list_list(void *list, int pos) { ++ void *value; ++ ++ binn_list_get(list, pos, BINN_LIST, &value, NULL); ++ ++ return value; ++} ++ ++void * APIENTRY binn_list_map(void *list, int pos) { ++ void *value; ++ ++ binn_list_get(list, pos, BINN_MAP, &value, NULL); ++ ++ return value; ++} ++ ++void * APIENTRY binn_list_object(void *list, int pos) { ++ void *value; ++ ++ binn_list_get(list, pos, BINN_OBJECT, &value, NULL); ++ ++ return value; ++} ++ ++/***************************************************************************/ ++ ++signed char APIENTRY binn_map_int8(void *map, int id) { ++ signed char value; ++ ++ binn_map_get(map, id, BINN_INT8, &value, NULL); ++ ++ return value; ++} ++ ++short APIENTRY binn_map_int16(void *map, int id) { ++ short value; ++ ++ binn_map_get(map, id, BINN_INT16, &value, NULL); ++ ++ return value; ++} ++ ++int APIENTRY binn_map_int32(void *map, int id) { ++ int value; ++ ++ binn_map_get(map, id, BINN_INT32, &value, NULL); ++ ++ return value; ++} ++ ++int64 APIENTRY binn_map_int64(void *map, int id) { ++ int64 value; ++ ++ binn_map_get(map, id, BINN_INT64, &value, NULL); ++ ++ return value; ++} ++ ++unsigned char APIENTRY binn_map_uint8(void *map, int id) { ++ unsigned char value; ++ ++ binn_map_get(map, id, BINN_UINT8, &value, NULL); ++ ++ return value; ++} ++ ++unsigned short APIENTRY binn_map_uint16(void *map, int id) { ++ unsigned short value; ++ ++ binn_map_get(map, id, BINN_UINT16, &value, NULL); ++ ++ return value; ++} ++ ++unsigned int APIENTRY binn_map_uint32(void *map, int id) { ++ unsigned int value; ++ ++ binn_map_get(map, id, BINN_UINT32, &value, NULL); ++ ++ return value; ++} ++ ++uint64 APIENTRY binn_map_uint64(void *map, int id) { ++ uint64 value; ++ ++ binn_map_get(map, id, BINN_UINT64, &value, NULL); ++ ++ return value; ++} ++ ++float APIENTRY binn_map_float(void *map, int id) { ++ float value; ++ ++ binn_map_get(map, id, BINN_FLOAT32, &value, NULL); ++ ++ return value; ++} ++ ++double APIENTRY binn_map_double(void *map, int id) { ++ double value; ++ ++ binn_map_get(map, id, BINN_FLOAT64, &value, NULL); ++ ++ return value; ++} ++ ++BOOL APIENTRY binn_map_bool(void *map, int id) { ++ BOOL value; ++ ++ binn_map_get(map, id, BINN_BOOL, &value, NULL); ++ ++ return value; ++} ++ ++BOOL APIENTRY binn_map_null(void *map, int id) { ++ ++ return binn_map_get(map, id, BINN_NULL, NULL, NULL); ++ ++} ++ ++char * APIENTRY binn_map_str(void *map, int id) { ++ char *value; ++ ++ binn_map_get(map, id, BINN_STRING, &value, NULL); ++ ++ return value; ++} ++ ++void * APIENTRY binn_map_blob(void *map, int id, int *psize) { ++ void *value; ++ ++ binn_map_get(map, id, BINN_BLOB, &value, psize); ++ ++ return value; ++} ++ ++void * APIENTRY binn_map_list(void *map, int id) { ++ void *value; ++ ++ binn_map_get(map, id, BINN_LIST, &value, NULL); ++ ++ return value; ++} ++ ++void * APIENTRY binn_map_map(void *map, int id) { ++ void *value; ++ ++ binn_map_get(map, id, BINN_MAP, &value, NULL); ++ ++ return value; ++} ++ ++void * APIENTRY binn_map_object(void *map, int id) { ++ void *value; ++ ++ binn_map_get(map, id, BINN_OBJECT, &value, NULL); ++ ++ return value; ++} ++ ++/***************************************************************************/ ++ ++signed char APIENTRY binn_object_int8(void *obj, const char *key) { ++ signed char value; ++ ++ binn_object_get(obj, key, BINN_INT8, &value, NULL); ++ ++ return value; ++} ++ ++short APIENTRY binn_object_int16(void *obj, const char *key) { ++ short value; ++ ++ binn_object_get(obj, key, BINN_INT16, &value, NULL); ++ ++ return value; ++} ++ ++int APIENTRY binn_object_int32(void *obj, const char *key) { ++ int value; ++ ++ binn_object_get(obj, key, BINN_INT32, &value, NULL); ++ ++ return value; ++} ++ ++int64 APIENTRY binn_object_int64(void *obj, const char *key) { ++ int64 value; ++ ++ binn_object_get(obj, key, BINN_INT64, &value, NULL); ++ ++ return value; ++} ++ ++unsigned char APIENTRY binn_object_uint8(void *obj, const char *key) { ++ unsigned char value; ++ ++ binn_object_get(obj, key, BINN_UINT8, &value, NULL); ++ ++ return value; ++} ++ ++unsigned short APIENTRY binn_object_uint16(void *obj, const char *key) { ++ unsigned short value; ++ ++ binn_object_get(obj, key, BINN_UINT16, &value, NULL); ++ ++ return value; ++} ++ ++unsigned int APIENTRY binn_object_uint32(void *obj, const char *key) { ++ unsigned int value; ++ ++ binn_object_get(obj, key, BINN_UINT32, &value, NULL); ++ ++ return value; ++} ++ ++uint64 APIENTRY binn_object_uint64(void *obj, const char *key) { ++ uint64 value; ++ ++ binn_object_get(obj, key, BINN_UINT64, &value, NULL); ++ ++ return value; ++} ++ ++float APIENTRY binn_object_float(void *obj, const char *key) { ++ float value; ++ ++ binn_object_get(obj, key, BINN_FLOAT32, &value, NULL); ++ ++ return value; ++} ++ ++double APIENTRY binn_object_double(void *obj, const char *key) { ++ double value; ++ ++ binn_object_get(obj, key, BINN_FLOAT64, &value, NULL); ++ ++ return value; ++} ++ ++BOOL APIENTRY binn_object_bool(void *obj, const char *key) { ++ BOOL value; ++ ++ binn_object_get(obj, key, BINN_BOOL, &value, NULL); ++ ++ return value; ++} ++ ++BOOL APIENTRY binn_object_null(void *obj, const char *key) { ++ ++ return binn_object_get(obj, key, BINN_NULL, NULL, NULL); ++ ++} ++ ++char * APIENTRY binn_object_str(void *obj, const char *key) { ++ char *value; ++ ++ binn_object_get(obj, key, BINN_STRING, &value, NULL); ++ ++ return value; ++} ++ ++void * APIENTRY binn_object_blob(void *obj, const char *key, int *psize) { ++ void *value; ++ ++ binn_object_get(obj, key, BINN_BLOB, &value, psize); ++ ++ return value; ++} ++ ++void * APIENTRY binn_object_list(void *obj, const char *key) { ++ void *value; ++ ++ binn_object_get(obj, key, BINN_LIST, &value, NULL); ++ ++ return value; ++} ++ ++void * APIENTRY binn_object_map(void *obj, const char *key) { ++ void *value; ++ ++ binn_object_get(obj, key, BINN_MAP, &value, NULL); ++ ++ return value; ++} ++ ++void * APIENTRY binn_object_object(void *obj, const char *key) { ++ void *value; ++ ++ binn_object_get(obj, key, BINN_OBJECT, &value, NULL); ++ ++ return value; ++} ++ ++/*************************************************************************************/ ++/*************************************************************************************/ ++ ++BINN_PRIVATE binn * binn_alloc_item() { ++ binn *item; ++ item = (binn *) binn_malloc(sizeof(binn)); ++ if (item) { ++ memset(item, 0, sizeof(binn)); ++ item->header = BINN_MAGIC; ++ item->allocated = TRUE; ++ /* item->writable = FALSE; -- already zeroed */ ++ } ++ return item; ++} ++ ++/*************************************************************************************/ ++ ++binn * APIENTRY binn_value(int type, void *pvalue, int size, binn_mem_free freefn) { ++ int storage_type; ++ binn *item = binn_alloc_item(); ++ if (item) { ++ item->type = type; ++ binn_get_type_info(type, &storage_type, NULL); ++ switch (storage_type) { ++ case BINN_STORAGE_NOBYTES: ++ break; ++ case BINN_STORAGE_STRING: ++ if (size == 0) size = strlen((char*)pvalue) + 1; ++ /* fall through */ ++ case BINN_STORAGE_BLOB: ++ case BINN_STORAGE_CONTAINER: ++ if (freefn == BINN_TRANSIENT) { ++ item->ptr = binn_memdup(pvalue, size); ++ if (item->ptr == NULL) { ++ free_fn(item); ++ return NULL; ++ } ++ item->freefn = free_fn; ++ if (storage_type == BINN_STORAGE_STRING) size--; ++ } else { ++ item->ptr = pvalue; ++ item->freefn = freefn; ++ } ++ item->size = size; ++ break; ++ default: ++ item->ptr = &item->vint32; ++ copy_raw_value(pvalue, item->ptr, storage_type); ++ } ++ } ++ return item; ++} ++ ++/*************************************************************************************/ ++ ++BOOL APIENTRY binn_set_string(binn *item, char *str, binn_mem_free pfree) { ++ ++ if (item == NULL || str == NULL) return FALSE; ++ ++ if (pfree == BINN_TRANSIENT) { ++ item->ptr = binn_memdup(str, strlen(str) + 1); ++ if (item->ptr == NULL) return FALSE; ++ item->freefn = free_fn; ++ } else { ++ item->ptr = str; ++ item->freefn = pfree; ++ } ++ ++ item->type = BINN_STRING; ++ return TRUE; ++ ++} ++ ++/*************************************************************************************/ ++ ++BOOL APIENTRY binn_set_blob(binn *item, void *ptr, int size, binn_mem_free pfree) { ++ ++ if (item == NULL || ptr == NULL) return FALSE; ++ ++ if (pfree == BINN_TRANSIENT) { ++ item->ptr = binn_memdup(ptr, size); ++ if (item->ptr == NULL) return FALSE; ++ item->freefn = free_fn; ++ } else { ++ item->ptr = ptr; ++ item->freefn = pfree; ++ } ++ ++ item->type = BINN_BLOB; ++ item->size = size; ++ return TRUE; ++ ++} ++ ++/*************************************************************************************/ ++/*** READ CONVERTED VALUE ************************************************************/ ++/*************************************************************************************/ ++ ++#ifdef _MSC_VER ++#define atoi64 _atoi64 ++#else ++int64 atoi64(char *str) { ++ int64 retval; ++ int is_negative=0; ++ ++ if (*str == '-') { ++ is_negative = 1; ++ str++; ++ } ++ retval = 0; ++ for (; *str; str++) { ++ retval = 10 * retval + (*str - '0'); ++ } ++ if (is_negative) retval *= -1; ++ return retval; ++} ++#endif ++ ++/*****************************************************************************/ ++ ++BINN_PRIVATE BOOL is_integer(char *p) { ++ BOOL retval; ++ ++ if (p == NULL) return FALSE; ++ if (*p == '-') p++; ++ if (*p == 0) return FALSE; ++ ++ retval = TRUE; ++ ++ for (; *p; p++) { ++ if ( (*p < '0') || (*p > '9') ) { ++ retval = FALSE; ++ } ++ } ++ ++ return retval; ++} ++ ++/*****************************************************************************/ ++ ++BINN_PRIVATE BOOL is_float(char *p) { ++ BOOL retval, number_found=FALSE; ++ ++ if (p == NULL) return FALSE; ++ if (*p == '-') p++; ++ if (*p == 0) return FALSE; ++ ++ retval = TRUE; ++ ++ for (; *p; p++) { ++ if ((*p == '.') || (*p == ',')) { ++ if (!number_found) retval = FALSE; ++ } else if ( (*p >= '0') && (*p <= '9') ) { ++ number_found = TRUE; ++ } else { ++ return FALSE; ++ } ++ } ++ ++ return retval; ++} ++ ++/*************************************************************************************/ ++ ++BINN_PRIVATE BOOL is_bool_str(char *str, BOOL *pbool) { ++ int64 vint; ++ double vdouble; ++ ++ if (str == NULL || pbool == NULL) return FALSE; ++ ++ if (stricmp(str, "true") == 0) goto loc_true; ++ if (stricmp(str, "yes") == 0) goto loc_true; ++ if (stricmp(str, "on") == 0) goto loc_true; ++ /* if (stricmp(str, "1") == 0) goto loc_true; */ ++ ++ if (stricmp(str, "false") == 0) goto loc_false; ++ if (stricmp(str, "no") == 0) goto loc_false; ++ if (stricmp(str, "off") == 0) goto loc_false; ++ /* if (stricmp(str, "0") == 0) goto loc_false; */ ++ ++ if (is_integer(str)) { ++ vint = atoi64(str); ++ *pbool = (vint != 0) ? TRUE : FALSE; ++ return TRUE; ++ } else if (is_float(str)) { ++ vdouble = atof(str); ++ *pbool = (vdouble != 0) ? TRUE : FALSE; ++ return TRUE; ++ } ++ ++ return FALSE; ++ ++loc_true: ++ *pbool = TRUE; ++ return TRUE; ++ ++loc_false: ++ *pbool = FALSE; ++ return TRUE; ++ ++} ++ ++/* these three functions are used to ++ * suppress warnings about implicit conversions ++ * in binn_get_int32 and binn_get_int64 ++ * CJR 2/9/2023 ++ */ ++ ++float ++binn_cvt_int2float (int value) { ++ return (float)value; ++} ++ ++float ++binn_cvt_long2float (long int value) { ++ return (float)value; ++} ++ ++float ++binn_cvt_long2dbl (long int value) { ++ return (long long int)value; ++} ++ ++/*************************************************************************************/ ++ ++BOOL APIENTRY binn_get_int32(binn *value, int *pint) { ++ ++ if (value == NULL || pint == NULL) return FALSE; ++ ++ if (type_family(value->type) == BINN_FAMILY_INT) { ++ return copy_int_value(value->ptr, pint, value->type, BINN_INT32); ++ } ++ ++ switch (value->type) { ++ case BINN_FLOAT: ++ if ((value->vfloat < binn_cvt_int2float(INT32_MIN)) || (value->vfloat > binn_cvt_int2float(INT32_MAX))) return FALSE; ++ *pint = roundval(value->vfloat); ++ break; ++ case BINN_DOUBLE: ++ if ((value->vdouble < INT32_MIN) || (value->vdouble > INT32_MAX)) return FALSE; ++ *pint = roundval(value->vdouble); ++ break; ++ case BINN_STRING: ++ if (is_integer((char*)value->ptr)) ++ *pint = atoi((char*)value->ptr); ++ else if (is_float((char*)value->ptr)) ++ *pint = roundval(atof((char*)value->ptr)); ++ else ++ return FALSE; ++ break; ++ case BINN_BOOL: ++ *pint = value->vbool; ++ break; ++ default: ++ return FALSE; ++ } ++ ++ return TRUE; ++} ++ ++/*************************************************************************************/ ++ ++BOOL APIENTRY binn_get_int64(binn *value, int64 *pint) { ++ ++ if (value == NULL || pint == NULL) return FALSE; ++ ++ if (type_family(value->type) == BINN_FAMILY_INT) { ++ return copy_int_value(value->ptr, pint, value->type, BINN_INT64); ++ } ++ ++ switch (value->type) { ++ case BINN_FLOAT: ++ if ((value->vfloat < binn_cvt_long2float(INT64_MIN)) || (value->vfloat > binn_cvt_long2float(INT64_MAX))) return FALSE; ++ *pint = roundval(value->vfloat); ++ break; ++ case BINN_DOUBLE: ++ if ((value->vdouble < binn_cvt_long2dbl(INT64_MIN)) || (value->vdouble > binn_cvt_long2dbl(INT64_MAX))) return FALSE; ++ *pint = roundval(value->vdouble); ++ break; ++ case BINN_STRING: ++ if (is_integer((char*)value->ptr)) ++ *pint = atoi64((char*)value->ptr); ++ else if (is_float((char*)value->ptr)) ++ *pint = roundval(atof((char*)value->ptr)); ++ else ++ return FALSE; ++ break; ++ case BINN_BOOL: ++ *pint = value->vbool; ++ break; ++ default: ++ return FALSE; ++ } ++ ++ return TRUE; ++} ++ ++/*************************************************************************************/ ++ ++BOOL APIENTRY binn_get_double(binn *value, double *pfloat) { ++ int64 vint; ++ ++ if (value == NULL || pfloat == NULL) return FALSE; ++ ++ if (type_family(value->type) == BINN_FAMILY_INT) { ++ if (copy_int_value(value->ptr, &vint, value->type, BINN_INT64) == FALSE) return FALSE; ++ *pfloat = (double) vint; ++ return TRUE; ++ } ++ ++ switch (value->type) { ++ case BINN_FLOAT: ++ *pfloat = value->vfloat; ++ break; ++ case BINN_DOUBLE: ++ *pfloat = value->vdouble; ++ break; ++ case BINN_STRING: ++ if (is_integer((char*)value->ptr)) ++ *pfloat = (double) atoi64((char*)value->ptr); ++ else if (is_float((char*)value->ptr)) ++ *pfloat = atof((char*)value->ptr); ++ else ++ return FALSE; ++ break; ++ case BINN_BOOL: ++ *pfloat = value->vbool; ++ break; ++ default: ++ return FALSE; ++ } ++ ++ return TRUE; ++} ++ ++/*************************************************************************************/ ++ ++BOOL APIENTRY binn_get_bool(binn *value, BOOL *pbool) { ++ int64 vint; ++ ++ if (value == NULL || pbool == NULL) return FALSE; ++ ++ if (type_family(value->type) == BINN_FAMILY_INT) { ++ if (copy_int_value(value->ptr, &vint, value->type, BINN_INT64) == FALSE) return FALSE; ++ *pbool = (vint != 0) ? TRUE : FALSE; ++ return TRUE; ++ } ++ ++ switch (value->type) { ++ case BINN_BOOL: ++ *pbool = value->vbool; ++ break; ++ case BINN_FLOAT: ++ *pbool = (value->vfloat != 0) ? TRUE : FALSE; ++ break; ++ case BINN_DOUBLE: ++ *pbool = (value->vdouble != 0) ? TRUE : FALSE; ++ break; ++ case BINN_STRING: ++ return is_bool_str((char*)value->ptr, pbool); ++ default: ++ return FALSE; ++ } ++ ++ return TRUE; ++} ++ ++/*************************************************************************************/ ++ ++char * APIENTRY binn_get_str(binn *value) { ++ int64 vint; ++ char buf[128]; ++ ++ if (value == NULL) return NULL; ++ ++ if (type_family(value->type) == BINN_FAMILY_INT) { ++ if (copy_int_value(value->ptr, &vint, value->type, BINN_INT64) == FALSE) return NULL; ++ snprintf(buf, sizeof buf, "%" INT64_FORMAT, vint); ++ goto loc_convert_value; ++ } ++ ++ switch (value->type) { ++ case BINN_FLOAT: ++ value->vdouble = value->vfloat; ++ /* fall through */ ++ case BINN_DOUBLE: ++ snprintf(buf, sizeof buf, "%g", value->vdouble); ++ goto loc_convert_value; ++ case BINN_STRING: ++ return (char*) value->ptr; ++ case BINN_BOOL: ++ if (value->vbool) ++ strcpy(buf, "true"); ++ else ++ strcpy(buf, "false"); ++ goto loc_convert_value; ++ } ++ ++ return NULL; ++ ++loc_convert_value: ++ ++ /* value->vint64 = 0; */ ++ value->ptr = strdup(buf); ++ if (value->ptr == NULL) return NULL; ++ value->freefn = free; ++ value->type = BINN_STRING; ++ return (char*) value->ptr; ++ ++} ++ ++/*************************************************************************************/ ++/*** GENERAL FUNCTIONS ***************************************************************/ ++/*************************************************************************************/ ++ ++BOOL APIENTRY binn_is_container(binn *item) { ++ ++ if (item == NULL) return FALSE; ++ ++ switch (item->type) { ++ case BINN_LIST: ++ case BINN_MAP: ++ case BINN_OBJECT: ++ return TRUE; ++ default: ++ return FALSE; ++ } ++ ++} ++ ++/*************************************************************************************/ +diff -Nur openssh-9.6p1.orig/binn.h openssh-9.6p1/binn.h +--- openssh-9.6p1.orig/binn.h 1970-01-01 01:00:00.000000000 +0100 ++++ openssh-9.6p1/binn.h 2024-07-10 13:34:02.708358559 +0200 +@@ -0,0 +1,944 @@ ++ ++/* TO ENABLE INLINE FUNCTIONS: */ ++/* ON MSVC: enable the 'Inline Function Expansion' (/Ob2) compiler option, and maybe the */ ++/* 'Whole Program Optimitazion' (/GL), that requires the */ ++/* 'Link Time Code Generation' (/LTCG) linker option to be enabled too */ ++ ++#ifndef BINN_H ++#define BINN_H ++#include ++#include "config.h" ++#ifdef __cplusplus ++extern "C" { ++#endif ++ ++#define BINN_VERSION "3.0.0" /* using semantic versioning */ ++ ++#ifndef NULL ++#ifdef __cplusplus ++#define NULL 0 ++#else ++#define NULL ((void *)0) ++#endif ++#endif ++ ++#ifndef TRUE ++#define TRUE 1 ++#endif ++ ++#ifndef FALSE ++#define FALSE 0 ++#endif ++ ++#ifndef BOOL ++typedef int BOOL; ++#endif ++ ++#ifndef APIENTRY ++ #ifdef _WIN32 ++ #define APIENTRY __stdcall ++ #else ++ /* #define APIENTRY __attribute__((stdcall)) */ ++ #define APIENTRY ++ #endif ++#endif ++ ++#ifndef BINN_PRIVATE ++ #ifdef DEBUG ++ #define BINN_PRIVATE ++ #else ++ #define BINN_PRIVATE static ++ #endif ++#endif ++ ++#ifdef _MSC_VER ++ #define INLINE __inline ++ #define ALWAYS_INLINE __forceinline ++#else ++ /* you can change to 'extern inline' if using the gcc option -flto */ ++ #define INLINE static inline ++ #define ALWAYS_INLINE static inline __attribute__((always_inline)) ++#endif ++ ++#ifndef int64 ++#if defined(_MSC_VER) || defined(__BORLANDC__) ++ typedef __int64 int64; ++ typedef unsigned __int64 uint64; ++#else ++ typedef long long int int64; ++ typedef unsigned long long int uint64; ++#endif ++#endif ++ ++#ifdef _WIN32 ++#define INT64_FORMAT "I64i" ++#define UINT64_FORMAT "I64u" ++#define INT64_HEX_FORMAT "I64x" ++#else ++#define INT64_FORMAT "lli" ++#define UINT64_FORMAT "llu" ++#define INT64_HEX_FORMAT "llx" ++#endif ++ ++ ++/* BINN CONSTANTS ---------------------------------------- */ ++ ++#define INVALID_BINN 0 ++ ++/* Storage Data Types ------------------------------------ */ ++ ++#define BINN_STORAGE_NOBYTES 0x00 ++#define BINN_STORAGE_BYTE 0x20 /* 8 bits */ ++#define BINN_STORAGE_WORD 0x40 /* 16 bits -- the endianess (byte order) is automatically corrected */ ++#define BINN_STORAGE_DWORD 0x60 /* 32 bits -- the endianess (byte order) is automatically corrected */ ++#define BINN_STORAGE_QWORD 0x80 /* 64 bits -- the endianess (byte order) is automatically corrected */ ++#define BINN_STORAGE_STRING 0xA0 /* Are stored with null termination */ ++#define BINN_STORAGE_BLOB 0xC0 ++#define BINN_STORAGE_CONTAINER 0xE0 ++#define BINN_STORAGE_VIRTUAL 0x80000 ++ ++#define BINN_STORAGE_MIN BINN_STORAGE_NOBYTES ++#define BINN_STORAGE_MAX BINN_STORAGE_CONTAINER ++ ++#define BINN_STORAGE_MASK 0xE0 ++#define BINN_STORAGE_MASK16 0xE000 ++#define BINN_STORAGE_HAS_MORE 0x10 ++#define BINN_TYPE_MASK 0x0F ++#define BINN_TYPE_MASK16 0x0FFF ++ ++#define BINN_MAX_VALUE_MASK 0xFFFFF ++ ++ ++/* Data Formats ------------------------------------------ */ ++ ++#define BINN_LIST 0xE0 ++#define BINN_MAP 0xE1 ++#define BINN_OBJECT 0xE2 ++ ++#define BINN_NULL 0x00 ++#define BINN_TRUE 0x01 ++#define BINN_FALSE 0x02 ++ ++#define BINN_UINT8 0x20 /* (BYTE) (unsigned byte) Is the default format for the BYTE type */ ++#define BINN_INT8 0x21 /* (BYTE) (signed byte, from -128 to +127. The 0x80 is the sign bit, so the range in hex is from 0x80 [-128] to 0x7F [127], being 0x00 = 0 and 0xFF = -1) */ ++#define BINN_UINT16 0x40 /* (WORD) (unsigned integer) Is the default format for the WORD type */ ++#define BINN_INT16 0x41 /* (WORD) (signed integer) */ ++#define BINN_UINT32 0x60 /* (DWORD) (unsigned integer) Is the default format for the DWORD type */ ++#define BINN_INT32 0x61 /* (DWORD) (signed integer) */ ++#define BINN_UINT64 0x80 /* (QWORD) (unsigned integer) Is the default format for the QWORD type */ ++#define BINN_INT64 0x81 /* (QWORD) (signed integer) */ ++ ++#define BINN_SCHAR BINN_INT8 ++#define BINN_UCHAR BINN_UINT8 ++ ++#define BINN_STRING 0xA0 /* (STRING) Raw String */ ++#define BINN_DATETIME 0xA1 /* (STRING) iso8601 format -- YYYY-MM-DD HH:MM:SS */ ++#define BINN_DATE 0xA2 /* (STRING) iso8601 format -- YYYY-MM-DD */ ++#define BINN_TIME 0xA3 /* (STRING) iso8601 format -- HH:MM:SS */ ++#define BINN_DECIMAL 0xA4 /* (STRING) High precision number - used for generic decimal values and for those ones that cannot be represented in the float64 format. */ ++#define BINN_CURRENCYSTR 0xA5 /* (STRING) With currency unit/symbol - check for some iso standard format */ ++#define BINN_SINGLE_STR 0xA6 /* (STRING) Can be restored to float32 */ ++#define BINN_DOUBLE_STR 0xA7 /* (STRING) May be restored to float64 */ ++ ++#define BINN_FLOAT32 0x62 /* (DWORD) */ ++#define BINN_FLOAT64 0x82 /* (QWORD) */ ++#define BINN_FLOAT BINN_FLOAT32 ++#define BINN_SINGLE BINN_FLOAT32 ++#define BINN_DOUBLE BINN_FLOAT64 ++ ++#define BINN_CURRENCY 0x83 /* (QWORD) */ ++ ++#define BINN_BLOB 0xC0 /* (BLOB) Raw Blob */ ++ ++ ++/* virtual types: */ ++ ++#define BINN_BOOL 0x80061 /* (DWORD) The value may be 0 or 1 */ ++ ++#ifdef BINN_EXTENDED ++/* #define BINN_SINGLE 0x800A1 // (STRING) Can be restored to float32 */ ++/* #define BINN_DOUBLE 0x800A2 // (STRING) May be restored to float64 */ ++#endif ++ ++/* #define BINN_BINN 0x800E1 // (CONTAINER) */ ++/* #define BINN_BINN_BUFFER 0x800C1 // (BLOB) user binn. it's not open by the parser */ ++ ++ ++/* extended content types: */ ++ ++/* strings: */ ++ ++#define BINN_HTML 0xB001 ++#define BINN_XML 0xB002 ++#define BINN_JSON 0xB003 ++#define BINN_JAVASCRIPT 0xB004 ++#define BINN_CSS 0xB005 ++ ++/* blobs: */ ++ ++#define BINN_JPEG 0xD001 ++#define BINN_GIF 0xD002 ++#define BINN_PNG 0xD003 ++#define BINN_BMP 0xD004 ++ ++ ++/* type families */ ++#define BINN_FAMILY_NONE 0x00 ++#define BINN_FAMILY_NULL 0xf1 ++#define BINN_FAMILY_INT 0xf2 ++#define BINN_FAMILY_FLOAT 0xf3 ++#define BINN_FAMILY_STRING 0xf4 ++#define BINN_FAMILY_BLOB 0xf5 ++#define BINN_FAMILY_BOOL 0xf6 ++#define BINN_FAMILY_BINN 0xf7 ++ ++/* integer types related to signal */ ++#define BINN_SIGNED_INT 11 ++#define BINN_UNSIGNED_INT 22 ++ ++ ++typedef void (*binn_mem_free)(void*); ++#define BINN_STATIC ((binn_mem_free)0) ++#define BINN_TRANSIENT ((binn_mem_free)-1) ++ ++ ++/* --- BINN STRUCTURE -------------------------------------------------------------- */ ++ ++ ++struct binn_struct { ++ int header; /* this struct header holds the magic number (BINN_MAGIC) that identifies this memory block as a binn structure */ ++ BOOL allocated; /* the struct can be allocated using malloc_fn() or can be on the stack */ ++ BOOL writable; /* did it was create for writing? it can use the pbuf if not unified with ptr */ ++ BOOL dirty; /* the container header is not written to the buffer */ ++ /* */ ++ void *pbuf; /* use *ptr below? */ ++ BOOL pre_allocated; ++ int alloc_size; ++ int used_size; ++ /* */ ++ int type; ++ void *ptr; ++ int size; ++ int count; ++ /* */ ++ binn_mem_free freefn; /* used only when type == BINN_STRING or BINN_BLOB */ ++ /* */ ++ union { ++ signed char vint8; ++ signed short vint16; ++ signed int vint32; ++ int64 vint64; ++ unsigned char vuint8; ++ unsigned short vuint16; ++ unsigned int vuint32; ++ uint64 vuint64; ++ /* */ ++ signed char vchar; ++ unsigned char vuchar; ++ signed short vshort; ++ unsigned short vushort; ++ signed int vint; ++ unsigned int vuint; ++ /* */ ++ float vfloat; ++ double vdouble; ++ /* */ ++ BOOL vbool; ++ }; ++ /* */ ++ BOOL disable_int_compression; ++}; ++ ++typedef struct binn_struct binn; ++ ++ ++ ++/* --- GENERAL FUNCTIONS ---------------------------------------------------------- */ ++ ++char * APIENTRY binn_version(); ++ ++void APIENTRY binn_set_alloc_functions(void* (*new_malloc)(size_t), void* (*new_realloc)(void*,size_t), void (*new_free)(void*)); ++ ++int APIENTRY binn_create_type(int storage_type, int data_type_index); ++BOOL APIENTRY binn_get_type_info(int long_type, int *pstorage_type, int *pextra_type); ++ ++int APIENTRY binn_get_write_storage(int type); ++int APIENTRY binn_get_read_storage(int type); ++ ++BOOL APIENTRY binn_is_container(binn *item); ++ ++ ++/* --- WRITE FUNCTIONS ------------------------------------------------------------ */ ++ ++/* create a new binn allocating memory for the structure */ ++binn * APIENTRY binn_new(int type, int size, void *buffer); ++binn * APIENTRY binn_list(); ++binn * APIENTRY binn_map(); ++binn * APIENTRY binn_object(); ++ ++/* create a new binn storing the structure on the stack */ ++BOOL APIENTRY binn_create(binn *item, int type, int size, void *buffer); ++BOOL APIENTRY binn_create_list(binn *list); ++BOOL APIENTRY binn_create_map(binn *map); ++BOOL APIENTRY binn_create_object(binn *object); ++ ++/* create a new binn as a copy from another */ ++binn * APIENTRY binn_copy(void *old); ++ ++ ++BOOL APIENTRY binn_list_add_new(binn *list, binn *value); ++BOOL APIENTRY binn_map_set_new(binn *map, int id, binn *value); ++BOOL APIENTRY binn_object_set_new(binn *obj, const char *key, binn *value); ++ ++ ++/* extended interface */ ++ ++BOOL APIENTRY binn_list_add(binn *list, int type, void *pvalue, int size); ++BOOL APIENTRY binn_map_set(binn *map, int id, int type, void *pvalue, int size); ++BOOL APIENTRY binn_object_set(binn *obj, const char *key, int type, void *pvalue, int size); ++ ++ ++/* release memory */ ++ ++void APIENTRY binn_free(binn *item); ++void * APIENTRY binn_release(binn *item); /* free the binn structure but keeps the binn buffer allocated, returning a pointer to it. use the free function to release the buffer later */ ++ ++ ++/* --- CREATING VALUES --------------------------------------------------- */ ++ ++binn * APIENTRY binn_value(int type, void *pvalue, int size, binn_mem_free freefn); ++ ++ALWAYS_INLINE binn * binn_int8(signed char value) { ++ return binn_value(BINN_INT8, &value, 0, NULL); ++} ++ALWAYS_INLINE binn * binn_int16(short value) { ++ return binn_value(BINN_INT16, &value, 0, NULL); ++} ++ALWAYS_INLINE binn * binn_int32(int value) { ++ return binn_value(BINN_INT32, &value, 0, NULL); ++} ++ALWAYS_INLINE binn * binn_int64(int64 value) { ++ return binn_value(BINN_INT64, &value, 0, NULL); ++} ++ALWAYS_INLINE binn * binn_uint8(unsigned char value) { ++ return binn_value(BINN_UINT8, &value, 0, NULL); ++} ++ALWAYS_INLINE binn * binn_uint16(unsigned short value) { ++ return binn_value(BINN_UINT16, &value, 0, NULL); ++} ++ALWAYS_INLINE binn * binn_uint32(unsigned int value) { ++ return binn_value(BINN_UINT32, &value, 0, NULL); ++} ++ALWAYS_INLINE binn * binn_uint64(uint64 value) { ++ return binn_value(BINN_UINT64, &value, 0, NULL); ++} ++ALWAYS_INLINE binn * binn_float(float value) { ++ return binn_value(BINN_FLOAT, &value, 0, NULL); ++} ++ALWAYS_INLINE binn * binn_double(double value) { ++ return binn_value(BINN_DOUBLE, &value, 0, NULL); ++} ++ALWAYS_INLINE binn * binn_bool(BOOL value) { ++ return binn_value(BINN_BOOL, &value, 0, NULL); ++} ++ALWAYS_INLINE binn * binn_null() { ++ return binn_value(BINN_NULL, NULL, 0, NULL); ++} ++ALWAYS_INLINE binn * binn_string(char *str, binn_mem_free freefn) { ++ return binn_value(BINN_STRING, str, 0, freefn); ++} ++ALWAYS_INLINE binn * binn_blob(void *ptr, int size, binn_mem_free freefn) { ++ return binn_value(BINN_BLOB, ptr, size, freefn); ++} ++ ++ ++/* --- READ FUNCTIONS ------------------------------------------------------------- */ ++ ++/* these functions accept pointer to the binn structure and pointer to the binn buffer */ ++void * APIENTRY binn_ptr(void *ptr); ++int APIENTRY binn_size(void *ptr); ++int APIENTRY binn_type(void *ptr); ++int APIENTRY binn_count(void *ptr); ++ ++BOOL APIENTRY binn_is_valid(void *ptr, int *ptype, int *pcount, int *psize); ++/* the function returns the values (type, count and size) and they don't need to be ++ initialized. these values are read from the buffer. example: ++ ++ int type, count, size; ++ result = binn_is_valid(ptr, &type, &count, &size); ++*/ ++BOOL APIENTRY binn_is_valid_ex(void *ptr, int *ptype, int *pcount, int *psize); ++/* if some value is informed (type, count or size) then the function will check if ++ the value returned from the serialized data matches the informed value. otherwise ++ the values must be initialized to zero. example: ++ ++ int type=0, count=0, size = known_size; ++ result = binn_is_valid_ex(ptr, &type, &count, &size); ++*/ ++ ++BOOL APIENTRY binn_is_struct(void *ptr); ++ ++ ++/* Loading a binn buffer into a binn value - this is optional */ ++ ++BOOL APIENTRY binn_load(void *data, binn *item); /* on stack */ ++binn * APIENTRY binn_open(void *data); /* allocated */ ++ ++ ++/* easiest interface to use, but don't check if the value is there */ ++ ++signed char APIENTRY binn_list_int8(void *list, int pos); ++short APIENTRY binn_list_int16(void *list, int pos); ++int APIENTRY binn_list_int32(void *list, int pos); ++int64 APIENTRY binn_list_int64(void *list, int pos); ++unsigned char APIENTRY binn_list_uint8(void *list, int pos); ++unsigned short APIENTRY binn_list_uint16(void *list, int pos); ++unsigned int APIENTRY binn_list_uint32(void *list, int pos); ++uint64 APIENTRY binn_list_uint64(void *list, int pos); ++float APIENTRY binn_list_float(void *list, int pos); ++double APIENTRY binn_list_double(void *list, int pos); ++BOOL APIENTRY binn_list_bool(void *list, int pos); ++BOOL APIENTRY binn_list_null(void *list, int pos); ++char * APIENTRY binn_list_str(void *list, int pos); ++void * APIENTRY binn_list_blob(void *list, int pos, int *psize); ++void * APIENTRY binn_list_list(void *list, int pos); ++void * APIENTRY binn_list_map(void *list, int pos); ++void * APIENTRY binn_list_object(void *list, int pos); ++ ++signed char APIENTRY binn_map_int8(void *map, int id); ++short APIENTRY binn_map_int16(void *map, int id); ++int APIENTRY binn_map_int32(void *map, int id); ++int64 APIENTRY binn_map_int64(void *map, int id); ++unsigned char APIENTRY binn_map_uint8(void *map, int id); ++unsigned short APIENTRY binn_map_uint16(void *map, int id); ++unsigned int APIENTRY binn_map_uint32(void *map, int id); ++uint64 APIENTRY binn_map_uint64(void *map, int id); ++float APIENTRY binn_map_float(void *map, int id); ++double APIENTRY binn_map_double(void *map, int id); ++BOOL APIENTRY binn_map_bool(void *map, int id); ++BOOL APIENTRY binn_map_null(void *map, int id); ++char * APIENTRY binn_map_str(void *map, int id); ++void * APIENTRY binn_map_blob(void *map, int id, int *psize); ++void * APIENTRY binn_map_list(void *map, int id); ++void * APIENTRY binn_map_map(void *map, int id); ++void * APIENTRY binn_map_object(void *map, int id); ++ ++signed char APIENTRY binn_object_int8(void *obj, const char *key); ++short APIENTRY binn_object_int16(void *obj, const char *key); ++int APIENTRY binn_object_int32(void *obj, const char *key); ++int64 APIENTRY binn_object_int64(void *obj, const char *key); ++unsigned char APIENTRY binn_object_uint8(void *obj, const char *key); ++unsigned short APIENTRY binn_object_uint16(void *obj, const char *key); ++unsigned int APIENTRY binn_object_uint32(void *obj, const char *key); ++uint64 APIENTRY binn_object_uint64(void *obj, const char *key); ++float APIENTRY binn_object_float(void *obj, const char *key); ++double APIENTRY binn_object_double(void *obj, const char *key); ++BOOL APIENTRY binn_object_bool(void *obj, const char *key); ++BOOL APIENTRY binn_object_null(void *obj, const char *key); ++char * APIENTRY binn_object_str(void *obj, const char *key); ++void * APIENTRY binn_object_blob(void *obj, const char *key, int *psize); ++void * APIENTRY binn_object_list(void *obj, const char *key); ++void * APIENTRY binn_object_map(void *obj, const char *key); ++void * APIENTRY binn_object_object(void *obj, const char *key); ++ ++ ++/* return a pointer to an allocated binn structure - must be released with the free() function or equivalent set in binn_set_alloc_functions() */ ++binn * APIENTRY binn_list_value(void *list, int pos); ++binn * APIENTRY binn_map_value(void *map, int id); ++binn * APIENTRY binn_object_value(void *obj, const char *key); ++ ++/* read the value to a binn structure on the stack */ ++BOOL APIENTRY binn_list_get_value(void* list, int pos, binn *value); ++BOOL APIENTRY binn_map_get_value(void* map, int id, binn *value); ++BOOL APIENTRY binn_object_get_value(void *obj, const char *key, binn *value); ++ ++/* single interface - these functions check the data type */ ++BOOL APIENTRY binn_list_get(void *list, int pos, int type, void *pvalue, int *psize); ++BOOL APIENTRY binn_map_get(void *map, int id, int type, void *pvalue, int *psize); ++BOOL APIENTRY binn_object_get(void *obj, const char *key, int type, void *pvalue, int *psize); ++ ++/* these 3 functions return a pointer to the value and the data type */ ++/* they are thread-safe on big-endian devices */ ++/* on little-endian devices they are thread-safe only to return pointers to list, map, object, blob and strings */ ++/* the returned pointer to 16, 32 and 64 bits values must be used only by single-threaded applications */ ++void * APIENTRY binn_list_read(void *list, int pos, int *ptype, int *psize); ++void * APIENTRY binn_map_read(void *map, int id, int *ptype, int *psize); ++void * APIENTRY binn_object_read(void *obj, const char *key, int *ptype, int *psize); ++ ++ ++/* READ PAIR FUNCTIONS */ ++ ++/* these functions use base 1 in the 'pos' argument */ ++ ++/* on stack */ ++BOOL APIENTRY binn_map_get_pair(void *map, int pos, int *pid, binn *value); ++BOOL APIENTRY binn_object_get_pair(void *obj, int pos, char *pkey, binn *value); /* must free the memory returned in the pkey */ ++ ++/* allocated */ ++binn * APIENTRY binn_map_pair(void *map, int pos, int *pid); ++binn * APIENTRY binn_object_pair(void *obj, int pos, char *pkey); /* must free the memory returned in the pkey */ ++ ++/* these 2 functions return a pointer to the value and the data type */ ++/* they are thread-safe on big-endian devices */ ++/* on little-endian devices they are thread-safe only to return pointers to list, map, object, blob and strings */ ++/* the returned pointer to 16, 32 and 64 bits values must be used only by single-threaded applications */ ++void * APIENTRY binn_map_read_pair(void *ptr, int pos, int *pid, int *ptype, int *psize); ++void * APIENTRY binn_object_read_pair(void *ptr, int pos, char *pkey, int *ptype, int *psize); ++ ++ ++/* SEQUENTIAL READ FUNCTIONS */ ++ ++typedef struct binn_iter_struct { ++ unsigned char *pnext; ++ unsigned char *plimit; ++ int type; ++ int count; ++ int current; ++} binn_iter; ++ ++BOOL APIENTRY binn_iter_init(binn_iter *iter, void *pbuf, int type); ++ ++/* allocated */ ++binn * APIENTRY binn_list_next_value(binn_iter *iter); ++binn * APIENTRY binn_map_next_value(binn_iter *iter, int *pid); ++binn * APIENTRY binn_object_next_value(binn_iter *iter, char *pkey); /* the key must be declared as: char key[256]; */ ++ ++/* on stack */ ++BOOL APIENTRY binn_list_next(binn_iter *iter, binn *value); ++BOOL APIENTRY binn_map_next(binn_iter *iter, int *pid, binn *value); ++BOOL APIENTRY binn_object_next(binn_iter *iter, char *pkey, binn *value); /* the key must be declared as: char key[256]; */ ++ ++/* these 3 functions return a pointer to the value and the data type */ ++/* they are thread-safe on big-endian devices */ ++/* on little-endian devices they are thread-safe only to return pointers to list, map, object, blob and strings */ ++/* the returned pointer to 16, 32 and 64 bits values must be used only by single-threaded applications */ ++void * APIENTRY binn_list_read_next(binn_iter *iter, int *ptype, int *psize); ++void * APIENTRY binn_map_read_next(binn_iter *iter, int *pid, int *ptype, int *psize); ++void * APIENTRY binn_object_read_next(binn_iter *iter, char *pkey, int *ptype, int *psize); /* the key must be declared as: char key[256]; */ ++ ++ ++/* --- MACROS ------------------------------------------------------------ */ ++ ++ ++#define binn_is_writable(item) (item)->writable; ++ ++ ++/* set values on stack allocated binn structures */ ++ ++#define binn_set_null(item) do { (item)->type = BINN_NULL; } while (0) ++ ++#define binn_set_bool(item,value) do { (item)->type = BINN_BOOL; (item)->vbool = value; (item)->ptr = &((item)->vbool); } while (0) ++ ++#define binn_set_int(item,value) do { (item)->type = BINN_INT32; (item)->vint32 = value; (item)->ptr = &((item)->vint32); } while (0) ++#define binn_set_int64(item,value) do { (item)->type = BINN_INT64; (item)->vint64 = value; (item)->ptr = &((item)->vint64); } while (0) ++ ++#define binn_set_uint(item,value) do { (item)->type = BINN_UINT32; (item)->vuint32 = value; (item)->ptr = &((item)->vuint32); } while (0) ++#define binn_set_uint64(item,value) do { (item)->type = BINN_UINT64; (item)->vuint64 = value; (item)->ptr = &((item)->vuint64); } while (0) ++ ++#define binn_set_float(item,value) do { (item)->type = BINN_FLOAT; (item)->vfloat = value; (item)->ptr = &((item)->vfloat); } while (0) ++#define binn_set_double(item,value) do { (item)->type = BINN_DOUBLE; (item)->vdouble = value; (item)->ptr = &((item)->vdouble); } while (0) ++ ++/* #define binn_set_string(item,str,pfree) do { (item)->type = BINN_STRING; (item)->ptr = str; (item)->freefn = pfree; } while (0) */ ++/* #define binn_set_blob(item,ptr,size,pfree) do { (item)->type = BINN_BLOB; (item)->ptr = ptr; (item)->freefn = pfree; (item)->size = size; } while (0) */ ++BOOL APIENTRY binn_set_string(binn *item, char *str, binn_mem_free pfree); ++BOOL APIENTRY binn_set_blob(binn *item, void *ptr, int size, binn_mem_free pfree); ++ ++ ++/* #define binn_double(value) { (item)->type = BINN_DOUBLE; (item)->vdouble = value; (item)->ptr = &((item)->vdouble) } */ ++ ++ ++ ++/* FOREACH MACROS */ ++/* -------------- */ ++/* */ ++/* We must use these declarations inside the functions that will use the macros: */ ++/* */ ++/* binn_iter iter; */ ++/* binn value; */ ++/* char key[256]; // only for objects */ ++/* int id; // only for maps */ ++ ++#define binn_object_foreach(object, key, value) \ ++ binn_iter_init(&iter, object, BINN_OBJECT); \ ++ while (binn_object_next(&iter, key, &value)) ++ ++#define binn_map_foreach(map, id, value) \ ++ binn_iter_init(&iter, map, BINN_MAP); \ ++ while (binn_map_next(&iter, &id, &value)) ++ ++#define binn_list_foreach(list, value) \ ++ binn_iter_init(&iter, list, BINN_LIST); \ ++ while (binn_list_next(&iter, &value)) ++ ++/* If you need nested foreach loops, use the macros below for the nested loop */ ++/* Also we need to add an additional declaration on the function to hold the iterator */ ++/* We can add in the same line as the first iterator: */ ++/* */ ++/* binn_iter iter, iter2; */ ++ ++#define binn_object_foreach2(object, key, value) \ ++ binn_iter_init(&iter2, object, BINN_OBJECT); \ ++ while (binn_object_next(&iter2, key, &value)) ++ ++#define binn_map_foreach2(map, id, value) \ ++ binn_iter_init(&iter2, map, BINN_MAP); \ ++ while (binn_map_next(&iter2, &id, &value)) ++ ++#define binn_list_foreach2(list, value) \ ++ binn_iter_init(&iter2, list, BINN_LIST); \ ++ while (binn_list_next(&iter2, &value)) ++ ++ ++/*************************************************************************************/ ++/*** SET FUNCTIONS *******************************************************************/ ++/*************************************************************************************/ ++ ++ALWAYS_INLINE BOOL binn_list_add_int8(binn *list, signed char value) { ++ return binn_list_add(list, BINN_INT8, &value, 0); ++} ++ALWAYS_INLINE BOOL binn_list_add_int16(binn *list, short value) { ++ return binn_list_add(list, BINN_INT16, &value, 0); ++} ++ALWAYS_INLINE BOOL binn_list_add_int32(binn *list, int value) { ++ return binn_list_add(list, BINN_INT32, &value, 0); ++} ++ALWAYS_INLINE BOOL binn_list_add_int64(binn *list, int64 value) { ++ return binn_list_add(list, BINN_INT64, &value, 0); ++} ++ALWAYS_INLINE BOOL binn_list_add_uint8(binn *list, unsigned char value) { ++ return binn_list_add(list, BINN_UINT8, &value, 0); ++} ++ALWAYS_INLINE BOOL binn_list_add_uint16(binn *list, unsigned short value) { ++ return binn_list_add(list, BINN_UINT16, &value, 0); ++} ++ALWAYS_INLINE BOOL binn_list_add_uint32(binn *list, unsigned int value) { ++ return binn_list_add(list, BINN_UINT32, &value, 0); ++} ++ALWAYS_INLINE BOOL binn_list_add_uint64(binn *list, uint64 value) { ++ return binn_list_add(list, BINN_UINT64, &value, 0); ++} ++ALWAYS_INLINE BOOL binn_list_add_float(binn *list, float value) { ++ return binn_list_add(list, BINN_FLOAT32, &value, 0); ++} ++ALWAYS_INLINE BOOL binn_list_add_double(binn *list, double value) { ++ return binn_list_add(list, BINN_FLOAT64, &value, 0); ++} ++ALWAYS_INLINE BOOL binn_list_add_bool(binn *list, BOOL value) { ++ return binn_list_add(list, BINN_BOOL, &value, 0); ++} ++ALWAYS_INLINE BOOL binn_list_add_null(binn *list) { ++ return binn_list_add(list, BINN_NULL, NULL, 0); ++} ++ALWAYS_INLINE BOOL binn_list_add_str(binn *list, char *str) { ++ return binn_list_add(list, BINN_STRING, str, 0); ++} ++ALWAYS_INLINE BOOL binn_list_add_blob(binn *list, void *ptr, int size) { ++ return binn_list_add(list, BINN_BLOB, ptr, size); ++} ++ALWAYS_INLINE BOOL binn_list_add_list(binn *list, void *list2) { ++ return binn_list_add(list, BINN_LIST, binn_ptr(list2), binn_size(list2)); ++} ++ALWAYS_INLINE BOOL binn_list_add_map(binn *list, void *map) { ++ return binn_list_add(list, BINN_MAP, binn_ptr(map), binn_size(map)); ++} ++ALWAYS_INLINE BOOL binn_list_add_object(binn *list, void *obj) { ++ return binn_list_add(list, BINN_OBJECT, binn_ptr(obj), binn_size(obj)); ++} ++ALWAYS_INLINE BOOL binn_list_add_value(binn *list, binn *value) { ++ return binn_list_add(list, value->type, binn_ptr(value), binn_size(value)); ++} ++ ++/*************************************************************************************/ ++ ++ALWAYS_INLINE BOOL binn_map_set_int8(binn *map, int id, signed char value) { ++ return binn_map_set(map, id, BINN_INT8, &value, 0); ++} ++ALWAYS_INLINE BOOL binn_map_set_int16(binn *map, int id, short value) { ++ return binn_map_set(map, id, BINN_INT16, &value, 0); ++} ++ALWAYS_INLINE BOOL binn_map_set_int32(binn *map, int id, int value) { ++ return binn_map_set(map, id, BINN_INT32, &value, 0); ++} ++ALWAYS_INLINE BOOL binn_map_set_int64(binn *map, int id, int64 value) { ++ return binn_map_set(map, id, BINN_INT64, &value, 0); ++} ++ALWAYS_INLINE BOOL binn_map_set_uint8(binn *map, int id, unsigned char value) { ++ return binn_map_set(map, id, BINN_UINT8, &value, 0); ++} ++ALWAYS_INLINE BOOL binn_map_set_uint16(binn *map, int id, unsigned short value) { ++ return binn_map_set(map, id, BINN_UINT16, &value, 0); ++} ++ALWAYS_INLINE BOOL binn_map_set_uint32(binn *map, int id, unsigned int value) { ++ return binn_map_set(map, id, BINN_UINT32, &value, 0); ++} ++ALWAYS_INLINE BOOL binn_map_set_uint64(binn *map, int id, uint64 value) { ++ return binn_map_set(map, id, BINN_UINT64, &value, 0); ++} ++ALWAYS_INLINE BOOL binn_map_set_float(binn *map, int id, float value) { ++ return binn_map_set(map, id, BINN_FLOAT32, &value, 0); ++} ++ALWAYS_INLINE BOOL binn_map_set_double(binn *map, int id, double value) { ++ return binn_map_set(map, id, BINN_FLOAT64, &value, 0); ++} ++ALWAYS_INLINE BOOL binn_map_set_bool(binn *map, int id, BOOL value) { ++ return binn_map_set(map, id, BINN_BOOL, &value, 0); ++} ++ALWAYS_INLINE BOOL binn_map_set_null(binn *map, int id) { ++ return binn_map_set(map, id, BINN_NULL, NULL, 0); ++} ++ALWAYS_INLINE BOOL binn_map_set_str(binn *map, int id, char *str) { ++ return binn_map_set(map, id, BINN_STRING, str, 0); ++} ++ALWAYS_INLINE BOOL binn_map_set_blob(binn *map, int id, void *ptr, int size) { ++ return binn_map_set(map, id, BINN_BLOB, ptr, size); ++} ++ALWAYS_INLINE BOOL binn_map_set_list(binn *map, int id, void *list) { ++ return binn_map_set(map, id, BINN_LIST, binn_ptr(list), binn_size(list)); ++} ++ALWAYS_INLINE BOOL binn_map_set_map(binn *map, int id, void *map2) { ++ return binn_map_set(map, id, BINN_MAP, binn_ptr(map2), binn_size(map2)); ++} ++ALWAYS_INLINE BOOL binn_map_set_object(binn *map, int id, void *obj) { ++ return binn_map_set(map, id, BINN_OBJECT, binn_ptr(obj), binn_size(obj)); ++} ++ALWAYS_INLINE BOOL binn_map_set_value(binn *map, int id, binn *value) { ++ return binn_map_set(map, id, value->type, binn_ptr(value), binn_size(value)); ++} ++ ++/*************************************************************************************/ ++ ++ALWAYS_INLINE BOOL binn_object_set_int8(binn *obj, const char *key, signed char value) { ++ return binn_object_set(obj, key, BINN_INT8, &value, 0); ++} ++ALWAYS_INLINE BOOL binn_object_set_int16(binn *obj, const char *key, short value) { ++ return binn_object_set(obj, key, BINN_INT16, &value, 0); ++} ++ALWAYS_INLINE BOOL binn_object_set_int32(binn *obj, const char *key, int value) { ++ return binn_object_set(obj, key, BINN_INT32, &value, 0); ++} ++ALWAYS_INLINE BOOL binn_object_set_int64(binn *obj, const char *key, int64 value) { ++ return binn_object_set(obj, key, BINN_INT64, &value, 0); ++} ++ALWAYS_INLINE BOOL binn_object_set_uint8(binn *obj, const char *key, unsigned char value) { ++ return binn_object_set(obj, key, BINN_UINT8, &value, 0); ++} ++ALWAYS_INLINE BOOL binn_object_set_uint16(binn *obj, const char *key, unsigned short value) { ++ return binn_object_set(obj, key, BINN_UINT16, &value, 0); ++} ++ALWAYS_INLINE BOOL binn_object_set_uint32(binn *obj, const char *key, unsigned int value) { ++ return binn_object_set(obj, key, BINN_UINT32, &value, 0); ++} ++ALWAYS_INLINE BOOL binn_object_set_uint64(binn *obj, const char *key, uint64 value) { ++ return binn_object_set(obj, key, BINN_UINT64, &value, 0); ++} ++ALWAYS_INLINE BOOL binn_object_set_float(binn *obj, const char *key, float value) { ++ return binn_object_set(obj, key, BINN_FLOAT32, &value, 0); ++} ++ALWAYS_INLINE BOOL binn_object_set_double(binn *obj, const char *key, double value) { ++ return binn_object_set(obj, key, BINN_FLOAT64, &value, 0); ++} ++ALWAYS_INLINE BOOL binn_object_set_bool(binn *obj, const char *key, BOOL value) { ++ return binn_object_set(obj, key, BINN_BOOL, &value, 0); ++} ++ALWAYS_INLINE BOOL binn_object_set_null(binn *obj, const char *key) { ++ return binn_object_set(obj, key, BINN_NULL, NULL, 0); ++} ++ALWAYS_INLINE BOOL binn_object_set_str(binn *obj, const char *key, char *str) { ++ return binn_object_set(obj, key, BINN_STRING, str, 0); ++} ++ALWAYS_INLINE BOOL binn_object_set_blob(binn *obj, const char *key, void *ptr, int size) { ++ return binn_object_set(obj, key, BINN_BLOB, ptr, size); ++} ++ALWAYS_INLINE BOOL binn_object_set_list(binn *obj, const char *key, void *list) { ++ return binn_object_set(obj, key, BINN_LIST, binn_ptr(list), binn_size(list)); ++} ++ALWAYS_INLINE BOOL binn_object_set_map(binn *obj, const char *key, void *map) { ++ return binn_object_set(obj, key, BINN_MAP, binn_ptr(map), binn_size(map)); ++} ++ALWAYS_INLINE BOOL binn_object_set_object(binn *obj, const char *key, void *obj2) { ++ return binn_object_set(obj, key, BINN_OBJECT, binn_ptr(obj2), binn_size(obj2)); ++} ++ALWAYS_INLINE BOOL binn_object_set_value(binn *obj, const char *key, binn *value) { ++ return binn_object_set(obj, key, value->type, binn_ptr(value), binn_size(value)); ++} ++ ++/*************************************************************************************/ ++/*** GET FUNCTIONS *******************************************************************/ ++/*************************************************************************************/ ++ ++ALWAYS_INLINE BOOL binn_list_get_int8(void *list, int pos, signed char *pvalue) { ++ return binn_list_get(list, pos, BINN_INT8, pvalue, NULL); ++} ++ALWAYS_INLINE BOOL binn_list_get_int16(void *list, int pos, short *pvalue) { ++ return binn_list_get(list, pos, BINN_INT16, pvalue, NULL); ++} ++ALWAYS_INLINE BOOL binn_list_get_int32(void *list, int pos, int *pvalue) { ++ return binn_list_get(list, pos, BINN_INT32, pvalue, NULL); ++} ++ALWAYS_INLINE BOOL binn_list_get_int64(void *list, int pos, int64 *pvalue) { ++ return binn_list_get(list, pos, BINN_INT64, pvalue, NULL); ++} ++ALWAYS_INLINE BOOL binn_list_get_uint8(void *list, int pos, unsigned char *pvalue) { ++ return binn_list_get(list, pos, BINN_UINT8, pvalue, NULL); ++} ++ALWAYS_INLINE BOOL binn_list_get_uint16(void *list, int pos, unsigned short *pvalue) { ++ return binn_list_get(list, pos, BINN_UINT16, pvalue, NULL); ++} ++ALWAYS_INLINE BOOL binn_list_get_uint32(void *list, int pos, unsigned int *pvalue) { ++ return binn_list_get(list, pos, BINN_UINT32, pvalue, NULL); ++} ++ALWAYS_INLINE BOOL binn_list_get_uint64(void *list, int pos, uint64 *pvalue) { ++ return binn_list_get(list, pos, BINN_UINT64, pvalue, NULL); ++} ++ALWAYS_INLINE BOOL binn_list_get_float(void *list, int pos, float *pvalue) { ++ return binn_list_get(list, pos, BINN_FLOAT32, pvalue, NULL); ++} ++ALWAYS_INLINE BOOL binn_list_get_double(void *list, int pos, double *pvalue) { ++ return binn_list_get(list, pos, BINN_FLOAT64, pvalue, NULL); ++} ++ALWAYS_INLINE BOOL binn_list_get_bool(void *list, int pos, BOOL *pvalue) { ++ return binn_list_get(list, pos, BINN_BOOL, pvalue, NULL); ++} ++ALWAYS_INLINE BOOL binn_list_get_str(void *list, int pos, char **pvalue) { ++ return binn_list_get(list, pos, BINN_STRING, pvalue, NULL); ++} ++ALWAYS_INLINE BOOL binn_list_get_blob(void *list, int pos, void **pvalue, int *psize) { ++ return binn_list_get(list, pos, BINN_BLOB, pvalue, psize); ++} ++ALWAYS_INLINE BOOL binn_list_get_list(void *list, int pos, void **pvalue) { ++ return binn_list_get(list, pos, BINN_LIST, pvalue, NULL); ++} ++ALWAYS_INLINE BOOL binn_list_get_map(void *list, int pos, void **pvalue) { ++ return binn_list_get(list, pos, BINN_MAP, pvalue, NULL); ++} ++ALWAYS_INLINE BOOL binn_list_get_object(void *list, int pos, void **pvalue) { ++ return binn_list_get(list, pos, BINN_OBJECT, pvalue, NULL); ++} ++ ++/***************************************************************************/ ++ ++ALWAYS_INLINE BOOL binn_map_get_int8(void *map, int id, signed char *pvalue) { ++ return binn_map_get(map, id, BINN_INT8, pvalue, NULL); ++} ++ALWAYS_INLINE BOOL binn_map_get_int16(void *map, int id, short *pvalue) { ++ return binn_map_get(map, id, BINN_INT16, pvalue, NULL); ++} ++ALWAYS_INLINE BOOL binn_map_get_int32(void *map, int id, int *pvalue) { ++ return binn_map_get(map, id, BINN_INT32, pvalue, NULL); ++} ++ALWAYS_INLINE BOOL binn_map_get_int64(void *map, int id, int64 *pvalue) { ++ return binn_map_get(map, id, BINN_INT64, pvalue, NULL); ++} ++ALWAYS_INLINE BOOL binn_map_get_uint8(void *map, int id, unsigned char *pvalue) { ++ return binn_map_get(map, id, BINN_UINT8, pvalue, NULL); ++} ++ALWAYS_INLINE BOOL binn_map_get_uint16(void *map, int id, unsigned short *pvalue) { ++ return binn_map_get(map, id, BINN_UINT16, pvalue, NULL); ++} ++ALWAYS_INLINE BOOL binn_map_get_uint32(void *map, int id, unsigned int *pvalue) { ++ return binn_map_get(map, id, BINN_UINT32, pvalue, NULL); ++} ++ALWAYS_INLINE BOOL binn_map_get_uint64(void *map, int id, uint64 *pvalue) { ++ return binn_map_get(map, id, BINN_UINT64, pvalue, NULL); ++} ++ALWAYS_INLINE BOOL binn_map_get_float(void *map, int id, float *pvalue) { ++ return binn_map_get(map, id, BINN_FLOAT32, pvalue, NULL); ++} ++ALWAYS_INLINE BOOL binn_map_get_double(void *map, int id, double *pvalue) { ++ return binn_map_get(map, id, BINN_FLOAT64, pvalue, NULL); ++} ++ALWAYS_INLINE BOOL binn_map_get_bool(void *map, int id, BOOL *pvalue) { ++ return binn_map_get(map, id, BINN_BOOL, pvalue, NULL); ++} ++ALWAYS_INLINE BOOL binn_map_get_str(void *map, int id, char **pvalue) { ++ return binn_map_get(map, id, BINN_STRING, pvalue, NULL); ++} ++ALWAYS_INLINE BOOL binn_map_get_blob(void *map, int id, void **pvalue, int *psize) { ++ return binn_map_get(map, id, BINN_BLOB, pvalue, psize); ++} ++ALWAYS_INLINE BOOL binn_map_get_list(void *map, int id, void **pvalue) { ++ return binn_map_get(map, id, BINN_LIST, pvalue, NULL); ++} ++ALWAYS_INLINE BOOL binn_map_get_map(void *map, int id, void **pvalue) { ++ return binn_map_get(map, id, BINN_MAP, pvalue, NULL); ++} ++ALWAYS_INLINE BOOL binn_map_get_object(void *map, int id, void **pvalue) { ++ return binn_map_get(map, id, BINN_OBJECT, pvalue, NULL); ++} ++ ++/***************************************************************************/ ++ ++/* usage: */ ++/* if (binn_object_get_int32(obj, "key", &value) == FALSE) xxx; */ ++ ++ALWAYS_INLINE BOOL binn_object_get_int8(void *obj, const char *key, signed char *pvalue) { ++ return binn_object_get(obj, key, BINN_INT8, pvalue, NULL); ++} ++ALWAYS_INLINE BOOL binn_object_get_int16(void *obj, const char *key, short *pvalue) { ++ return binn_object_get(obj, key, BINN_INT16, pvalue, NULL); ++} ++ALWAYS_INLINE BOOL binn_object_get_int32(void *obj, const char *key, int *pvalue) { ++ return binn_object_get(obj, key, BINN_INT32, pvalue, NULL); ++} ++ALWAYS_INLINE BOOL binn_object_get_int64(void *obj, const char *key, int64 *pvalue) { ++ return binn_object_get(obj, key, BINN_INT64, pvalue, NULL); ++} ++ALWAYS_INLINE BOOL binn_object_get_uint8(void *obj, const char *key, unsigned char *pvalue) { ++ return binn_object_get(obj, key, BINN_UINT8, pvalue, NULL); ++} ++ALWAYS_INLINE BOOL binn_object_get_uint16(void *obj, const char *key, unsigned short *pvalue) { ++ return binn_object_get(obj, key, BINN_UINT16, pvalue, NULL); ++} ++ALWAYS_INLINE BOOL binn_object_get_uint32(void *obj, const char *key, unsigned int *pvalue) { ++ return binn_object_get(obj, key, BINN_UINT32, pvalue, NULL); ++} ++ALWAYS_INLINE BOOL binn_object_get_uint64(void *obj, const char *key, uint64 *pvalue) { ++ return binn_object_get(obj, key, BINN_UINT64, pvalue, NULL); ++} ++ALWAYS_INLINE BOOL binn_object_get_float(void *obj, const char *key, float *pvalue) { ++ return binn_object_get(obj, key, BINN_FLOAT32, pvalue, NULL); ++} ++ALWAYS_INLINE BOOL binn_object_get_double(void *obj, const char *key, double *pvalue) { ++ return binn_object_get(obj, key, BINN_FLOAT64, pvalue, NULL); ++} ++ALWAYS_INLINE BOOL binn_object_get_bool(void *obj, const char *key, BOOL *pvalue) { ++ return binn_object_get(obj, key, BINN_BOOL, pvalue, NULL); ++} ++ALWAYS_INLINE BOOL binn_object_get_str(void *obj, const char *key, char **pvalue) { ++ return binn_object_get(obj, key, BINN_STRING, pvalue, NULL); ++} ++ALWAYS_INLINE BOOL binn_object_get_blob(void *obj, const char *key, void **pvalue, int *psize) { ++ return binn_object_get(obj, key, BINN_BLOB, pvalue, psize); ++} ++ALWAYS_INLINE BOOL binn_object_get_list(void *obj, const char *key, void **pvalue) { ++ return binn_object_get(obj, key, BINN_LIST, pvalue, NULL); ++} ++ALWAYS_INLINE BOOL binn_object_get_map(void *obj, const char *key, void **pvalue) { ++ return binn_object_get(obj, key, BINN_MAP, pvalue, NULL); ++} ++ALWAYS_INLINE BOOL binn_object_get_object(void *obj, const char *key, void **pvalue) { ++ return binn_object_get(obj, key, BINN_OBJECT, pvalue, NULL); ++} ++ ++/***************************************************************************/ ++ ++BOOL APIENTRY binn_get_int32(binn *value, int *pint); ++BOOL APIENTRY binn_get_int64(binn *value, int64 *pint); ++BOOL APIENTRY binn_get_double(binn *value, double *pfloat); ++BOOL APIENTRY binn_get_bool(binn *value, BOOL *pbool); ++char * APIENTRY binn_get_str(binn *value); ++ ++/* boolean string values: */ ++/* 1, true, yes, on */ ++/* 0, false, no, off */ ++ ++/* boolean number values: */ ++/* !=0 [true] */ ++/* ==0 [false] */ ++ ++ ++#ifdef __cplusplus ++} ++#endif ++ ++#endif /* BINN_H */ +diff -Nur openssh-9.6p1.orig/channels.c openssh-9.6p1/channels.c +--- openssh-9.6p1.orig/channels.c 2024-07-10 13:32:39.521111580 +0200 ++++ openssh-9.6p1/channels.c 2024-07-10 13:45:10.402355836 +0200 +@@ -104,6 +104,11 @@ + /* Minimum port number for X11 forwarding */ + #define X11_PORT_MIN 6000 + ++/* in version of OpenSSH later than 8.8 if we advertise a window ++ * 16MB or larger is causes a pathological behaviour that reduces ++ * throughput. This is not a great solution. */ ++#define NON_HPN_WINDOW_MAX (15 * 1024 * 1024) ++ + /* Per-channel callback for pre/post IO actions */ + typedef void chan_fn(struct ssh *, Channel *c); + +@@ -229,6 +234,9 @@ + /* Setup helper */ + static void channel_handler_init(struct ssh_channels *sc); + ++/* default values to enable hpn and the initial buffer size */ ++static int hpn_disabled = 0; ++ + /* -- channel core */ + + void +@@ -484,6 +492,9 @@ + (c->output = sshbuf_new()) == NULL || + (c->extended = sshbuf_new()) == NULL) + fatal_f("sshbuf_new failed"); ++ sshbuf_relabel(c->input, "channel input"); ++ sshbuf_relabel(c->output, "channel output"); ++ sshbuf_relabel(c->extended, "channel extended"); + if ((r = sshbuf_set_max_size(c->input, CHAN_INPUT_MAX)) != 0) + fatal_fr(r, "sshbuf_set_max_size"); + c->ostate = CHAN_OUTPUT_OPEN; +@@ -495,6 +506,7 @@ + c->local_window = window; + c->local_window_max = window; + c->local_maxpacket = maxpack; ++ c->dynamic_window = 0; + c->remote_name = xstrdup(remote_name); + c->ctl_chan = -1; + c->delayed = 1; /* prevent call to channel_post handler */ +@@ -1220,6 +1232,33 @@ + c->io_want = SSH_CHAN_IO_SOCK_W; + } + ++static int ++channel_tcpwinsz(struct ssh *ssh) ++{ ++ u_int32_t tcpwinsz = 0; ++ socklen_t optsz = sizeof(tcpwinsz); ++ int ret = -1; ++ ++ /* if we aren't on a socket return 128KB */ ++ if (!ssh_packet_connection_is_on_socket(ssh)) ++ return 128 * 1024; ++ ++ ret = getsockopt(ssh_packet_get_connection_in(ssh), ++ SOL_SOCKET, SO_RCVBUF, &tcpwinsz, &optsz); ++ /* return no more than SSHBUF_SIZE_MAX (currently 256MB) */ ++ if ((ret == 0) && tcpwinsz > SSHBUF_SIZE_MAX) ++ tcpwinsz = SSHBUF_SIZE_MAX; ++ /* if the remote side is OpenSSH after version 8.8 we need to restrict ++ * the size of the advertised window. Now this means that any HPN to non-HPN ++ * connection will be window limited to 15MB of receive space. This is a ++ * non-optimal solution. ++ */ ++ ++ if ((ssh->compat & SSH_RESTRICT_WINDOW) && (tcpwinsz > NON_HPN_WINDOW_MAX)) ++ tcpwinsz = NON_HPN_WINDOW_MAX; ++ return (tcpwinsz); ++} ++ + static void + channel_pre_open(struct ssh *ssh, Channel *c) + { +@@ -2321,24 +2360,55 @@ + { + int r; + ++ /* going back to a set denominator of 2. Prior versions had a ++ * dynamic denominator based on the size of the buffer. This may ++ * have been helpful in some situations but it isn't helping in ++ * the general case -cjr 6/30/23 */ + if (c->type == SSH_CHANNEL_OPEN && + !(c->flags & (CHAN_CLOSE_SENT|CHAN_CLOSE_RCVD)) && + ((c->local_window_max - c->local_window > + c->local_maxpacket*3) || + c->local_window < c->local_window_max/2) && + c->local_consumed > 0) { ++ u_int addition = 0; ++ u_int32_t tcpwinsz = channel_tcpwinsz(ssh); ++ /* adjust max window size if we are in a dynamic environment ++ * and the tcp receive buffer is larger than the ssh window */ ++ if (c->dynamic_window && (tcpwinsz > c->local_window_max)) { ++ if (c->hpn_buffer_limit) { ++ /* limit window growth to prevent buffer issues ++ * still not sure what is causing the buffer issues ++ * but it may be an issue with c->local_consumed not being ++ * handled properly in the cases of bottenecked IO to the ++ * wfd endpoint. This does have an impact on throughput ++ * as we're essentially maxing out local_window_max to ++ * half of the window size */ ++ addition = (tcpwinsz/2 - c->local_window_max); ++ } ++ else { ++ /* aggressively grow the window */ ++ addition = tcpwinsz - c->local_window_max; ++ } ++ c->local_window_max += addition; ++ /* doesn't look like we need these ++ * sshbuf_set_window_max(c->output, c->local_window_max); ++ * sshbuf_set_window_max(c->input, c->local_window_max); ++ */ ++ debug("Channel %d: Window growth to %d by %d bytes",c->self, ++ c->local_window_max, addition); ++ } + if (!c->have_remote_id) + fatal_f("channel %d: no remote id", c->self); + if ((r = sshpkt_start(ssh, + SSH2_MSG_CHANNEL_WINDOW_ADJUST)) != 0 || + (r = sshpkt_put_u32(ssh, c->remote_id)) != 0 || +- (r = sshpkt_put_u32(ssh, c->local_consumed)) != 0 || ++ (r = sshpkt_put_u32(ssh, c->local_consumed + addition)) != 0 || + (r = sshpkt_send(ssh)) != 0) { + fatal_fr(r, "channel %i", c->self); + } + debug2("channel %d: window %d sent adjust %d", c->self, +- c->local_window, c->local_consumed); +- c->local_window += c->local_consumed; ++ c->local_window, c->local_consumed + addition); ++ c->local_window += c->local_consumed + addition; + c->local_consumed = 0; + } + return 1; +@@ -2926,9 +2996,7 @@ + * in use. + */ + if (CHANNEL_EFD_INPUT_ACTIVE(c)) +- debug2("channel %d: " +- "ibuf_empty delayed efd %d/(%zu)", +- c->self, c->efd, sshbuf_len(c->extended)); ++ {} + else + chan_ibuf_empty(ssh, c); + } +@@ -3638,7 +3706,7 @@ + error_fr(r, "parse adjust"); + ssh_packet_disconnect(ssh, "Invalid window adjust message"); + } +- debug2("channel %d: rcvd adjust %u", c->self, adjust); ++ debug3_f("channel %d: rcvd adjust %u", c->self, adjust); + if ((new_rwin = c->remote_window + adjust) < c->remote_window) { + fatal("channel %d: adjust %u overflows remote window %u", + c->self, adjust, c->remote_window); +@@ -3753,6 +3821,13 @@ + return addr; + } + ++void ++channel_set_hpn_disabled(int external_hpn_disabled) ++{ ++ hpn_disabled = external_hpn_disabled; ++ debug("HPN Disabled: %d", hpn_disabled); ++} ++ + static int + channel_setup_fwd_listener_tcpip(struct ssh *ssh, int type, + struct Forward *fwd, int *allocated_listen_port, +diff -Nur openssh-9.6p1.orig/channels.h openssh-9.6p1/channels.h +--- openssh-9.6p1.orig/channels.h 2024-07-10 13:32:39.484111470 +0200 ++++ openssh-9.6p1/channels.h 2024-07-10 13:34:02.710358565 +0200 +@@ -174,6 +174,8 @@ + u_int local_window_max; + u_int local_consumed; + u_int local_maxpacket; ++ int dynamic_window; ++ int hpn_buffer_limit; + int extended_usage; + int single_connection; + +@@ -255,7 +257,7 @@ + #define SSH_CHAN_IO_SOCK (SSH_CHAN_IO_SOCK_R|SSH_CHAN_IO_SOCK_W) + + /* Read buffer size */ +-#define CHAN_RBUF (16*1024) ++#define CHAN_RBUF CHAN_SES_PACKET_DEFAULT + + /* Maximum size for direct reads to buffers */ + #define CHANNEL_MAX_READ CHAN_SES_PACKET_DEFAULT +@@ -398,4 +400,6 @@ + void chan_write_failed(struct ssh *, Channel *); + void chan_obuf_empty(struct ssh *, Channel *); + ++/* hpn handler */ ++void channel_set_hpn_disabled(int); + #endif +diff -Nur openssh-9.6p1.orig/cipher.c openssh-9.6p1/cipher.c +--- openssh-9.6p1.orig/cipher.c 2024-07-10 13:32:39.541111639 +0200 ++++ openssh-9.6p1/cipher.c 2024-07-10 13:50:07.565252024 +0200 +@@ -48,23 +48,39 @@ + #include "sshbuf.h" + #include "ssherr.h" + #include "digest.h" ++#include "log.h" + + #include "openbsd-compat/openssl-compat.h" + ++/* for provider functions */ ++#ifdef WITH_OPENSSL3 ++#include ++#include ++#include ++#endif ++ + #ifndef WITH_OPENSSL + #define EVP_CIPHER_CTX void ++#define EVP_CIPHER void ++#else ++/* for multi-threaded aes-ctr cipher */ ++extern const EVP_CIPHER *evp_aes_ctr_mt(void); + #endif + + struct sshcipher_ctx { + int plaintext; + int encrypt; + EVP_CIPHER_CTX *evp; ++ const EVP_CIPHER *meth_ptr; /*used to free memory in aes_ctr_mt */ + struct chachapoly_ctx *cp_ctx; ++#ifdef WITH_OPENSSL ++ struct chachapoly_ctx_mt *cp_ctx_mt; ++#endif + struct aesctr_ctx ac_ctx; /* XXX union with evp? */ + const struct sshcipher *cipher; + }; + +-static const struct sshcipher ciphers[] = { ++static struct sshcipher ciphers[] = { + #ifdef WITH_OPENSSL + #ifndef OPENSSL_NO_DES + { "3des-cbc", 8, 24, 0, 0, CFLAG_CBC, EVP_des_ede3_cbc }, +@@ -86,6 +102,10 @@ + #endif + { "chacha20-poly1305@openssh.com", + 8, 64, 0, 16, CFLAG_CHACHAPOLY, NULL }, ++#ifdef WITH_OPENSSL ++ { "chacha20-poly1305-mt@hpnssh.org", ++ 8, 64, 0, 16, CFLAG_CHACHAPOLY|CFLAG_MT, NULL }, ++#endif + { "none", 8, 0, 0, 0, CFLAG_NONE, NULL }, + + { NULL, 0, 0, 0, 0, 0, NULL } +@@ -131,12 +151,63 @@ + #endif + } + ++/* used to get the cipher name when we are testing to ++ * see if we can move from a serial to parallel cipher ++ * only called in cipher-switch.c ++ */ ++const char * ++cipher_ctx_name(const struct sshcipher_ctx *cc) ++{ ++ return cc->cipher->name; ++} ++ + u_int + cipher_blocksize(const struct sshcipher *c) + { + return (c->block_size); + } + ++uint64_t ++cipher_rekey_blocks(const struct sshcipher *c) ++{ ++ /* ++ * Chacha20-Poly1305 does not benefit from data-based rekeying, ++ * per "The Security of ChaCha20-Poly1305 in the Multi-user Setting", ++ * Degabriele, J. P., Govinden, J, Gunther, F. and Paterson K. ++ * ACM CCS 2021; https://eprint.iacr.org/2023/085.pdf ++ * ++ * Cryptanalysis aside, we do still want do need to prevent the SSH ++ * sequence number wrapping and also to rekey to provide some ++ * protection for long lived sessions against key disclosure at the ++ * endpoints, so arrange for rekeying every 2**32 blocks as the ++ * 128-bit block ciphers do (i.e. every 32GB data). ++ */ ++ if ((c->flags & CFLAG_CHACHAPOLY) != 0) ++ return (uint64_t)1 << 32; ++ ++ /* there is no actual need to rekey the NULL cipher but ++ * rekeying is a necessary step. In part, as mentioned above, ++ * to keep the seqnr from wrapping. So we set it to the ++ * maximum possible -cjr 4/10/23 */ ++ if ((c->flags & CFLAG_NONE) != 0) ++ return (uint64_t)1 << 32; ++ ++ /* ++ * The 2^(blocksize*2) limit is too expensive for 3DES, ++ * so enforce a 1GB data limit for small blocksizes. ++ * See discussion in RFC4344 section 3.2. ++ */ ++ if (c->block_size < 16) ++ return ((uint64_t)1 << 30) / c->block_size; ++ /* ++ * Otherwise, use the RFC4344 s3.2 recommendation of 2**(L/4) blocks ++ * before rekeying where L is the blocksize in bits. ++ * Most other ciphers have a 128 bit blocksize, so this equates to ++ * 2**32 blocks / 64GB data. ++ */ ++ return (uint64_t)1 << (c->block_size * 2); ++} ++ + u_int + cipher_keylen(const struct sshcipher *c) + { +@@ -180,10 +251,10 @@ + return cc->plaintext; + } + +-const struct sshcipher * ++struct sshcipher * + cipher_by_name(const char *name) + { +- const struct sshcipher *c; ++ struct sshcipher *c; + for (c = ciphers; c->name != NULL; c++) + if (strcmp(c->name, name) == 0) + return c; +@@ -205,7 +276,8 @@ + for ((p = strsep(&cp, CIPHER_SEP)); p && *p != '\0'; + (p = strsep(&cp, CIPHER_SEP))) { + c = cipher_by_name(p); +- if (c == NULL || (c->flags & CFLAG_INTERNAL) != 0) { ++ if (c == NULL || ((c->flags & CFLAG_INTERNAL) != 0 && ++ (c->flags & CFLAG_NONE) != 0)) { + free(cipher_list); + return 0; + } +@@ -226,7 +298,7 @@ + int + cipher_init(struct sshcipher_ctx **ccp, const struct sshcipher *cipher, + const u_char *key, u_int keylen, const u_char *iv, u_int ivlen, +- int do_encrypt) ++ u_int seqnr, int do_encrypt, int enable_threads) + { + struct sshcipher_ctx *cc = NULL; + int ret = SSH_ERR_INTERNAL_ERROR; +@@ -241,6 +313,7 @@ + + cc->plaintext = (cipher->flags & CFLAG_NONE) != 0; + cc->encrypt = do_encrypt; ++ cc->meth_ptr = NULL; + + if (keylen < cipher->key_len || + (iv != NULL && ivlen < cipher_ivlen(cipher))) { +@@ -250,8 +323,19 @@ + + cc->cipher = cipher; + if ((cc->cipher->flags & CFLAG_CHACHAPOLY) != 0) { ++#ifdef WITH_OPENSSL ++ if ((cc->cipher->flags & CFLAG_MT) != 0) { ++ cc->cp_ctx_mt = chachapoly_new_mt(seqnr, key, keylen); ++ ret = cc->cp_ctx_mt != NULL ? 0 : ++ SSH_ERR_INVALID_ARGUMENT; ++ } else { ++ cc->cp_ctx = chachapoly_new(key, keylen); ++ ret = cc->cp_ctx != NULL ? 0 : SSH_ERR_INVALID_ARGUMENT; ++ } ++#else + cc->cp_ctx = chachapoly_new(key, keylen); + ret = cc->cp_ctx != NULL ? 0 : SSH_ERR_INVALID_ARGUMENT; ++#endif + goto out; + } + if ((cc->cipher->flags & CFLAG_NONE) != 0) { +@@ -273,6 +357,53 @@ + ret = SSH_ERR_ALLOC_FAIL; + goto out; + } ++ /* the following block is for AES-CTR-MT cipher switching ++ * if we are using the ctr cipher and we are post-auth then ++ * start the threaded cipher. If OSSL supports providers (OSSL 3.0+) then ++ * we load our hpnssh provider. If it doesn't (OSSL < 1.1) then we use the ++ * _meth_new process found in cipher-ctr-mt.c */ ++ if (strstr(cc->cipher->name, "ctr") && enable_threads) { ++#ifdef WITH_OPENSSL3 ++ /* this version of openssl uses providers */ ++ OSSL_LIB_CTX *aes_lib = NULL; /* probably not needed */ ++ OSSL_PROVIDER *aes_mt_provider = NULL; ++ type = NULL; ++ ++ if (OSSL_PROVIDER_add_builtin(aes_lib, "hpnssh", ++ OSSL_provider_init) != 1) { ++ fatal("Failed to add HPNSSH provider for AES-CTR"); ++ } ++ aes_mt_provider = OSSL_PROVIDER_load(aes_lib, "hpnssh"); ++ ++ if (aes_mt_provider != NULL) { ++ /* use the previous key length to determine which cipher to load */ ++ if (cipher->key_len == 32) ++ type = EVP_CIPHER_fetch(aes_lib, "aes_ctr_mt_256", NULL); ++ if (cipher->key_len == 24) ++ type = EVP_CIPHER_fetch(aes_lib, "aes_ctr_mt_192", NULL); ++ if (cipher->key_len == 16) ++ type = EVP_CIPHER_fetch(aes_lib, "aes_ctr_mt_128", NULL); ++ if (type == NULL) { ++ ERR_print_errors_fp(stderr); ++ fatal("FAILED TO LOAD aes_ctr_mt"); ++ } else { ++ debug("LOADED aes_ctr_mt"); ++ } ++ } ++ else { ++ ERR_print_errors_fp(stderr); ++ fatal("Failed to load HPN-SSH AES-CTR-MT provider."); ++ } ++#else ++ type = (*evp_aes_ctr_mt)(); /* see cipher-ctr-mt.c */ ++ /* we need to free this later if using aes_ctr_mt ++ * under OSSL 1.1. Honestly, we could avoid this by making ++ * it a global in cipher-ctr_mt.c and exporting it here ++ * then we'd only have to call EVP_CIPHER_meth once but this ++ * works for now. TODO: This. cjr 02.22.2023 */ ++ cc->meth_ptr = type; ++#endif /* WITH_OPENSSL3 */ ++ } /* if (strstr()) */ + if (EVP_CipherInit(cc->evp, type, NULL, (u_char *)iv, + (do_encrypt == CIPHER_ENCRYPT)) == 0) { + ret = SSH_ERR_LIBCRYPTO_ERROR; +@@ -327,6 +458,12 @@ + const u_char *src, u_int len, u_int aadlen, u_int authlen) + { + if ((cc->cipher->flags & CFLAG_CHACHAPOLY) != 0) { ++#ifdef WITH_OPENSSL ++ if ((cc->cipher->flags & CFLAG_MT) != 0) { ++ return chachapoly_crypt_mt(cc->cp_ctx_mt, seqnr, dest, ++ src, len, aadlen, authlen, cc->encrypt); ++ } ++#endif + return chachapoly_crypt(cc->cp_ctx, seqnr, dest, src, + len, aadlen, authlen, cc->encrypt); + } +@@ -389,9 +526,16 @@ + cipher_get_length(struct sshcipher_ctx *cc, u_int *plenp, u_int seqnr, + const u_char *cp, u_int len) + { +- if ((cc->cipher->flags & CFLAG_CHACHAPOLY) != 0) ++ if ((cc->cipher->flags & CFLAG_CHACHAPOLY) != 0) { ++#ifdef WITH_OPENSSL ++ if ((cc->cipher->flags & CFLAG_MT) != 0) { ++ return chachapoly_get_length_mt(cc->cp_ctx_mt, plenp, ++ seqnr, cp, len); ++ } ++#endif + return chachapoly_get_length(cc->cp_ctx, plenp, seqnr, + cp, len); ++ } + if (len < 4) + return SSH_ERR_MESSAGE_INCOMPLETE; + *plenp = PEEK_U32(cp); +@@ -404,13 +548,33 @@ + if (cc == NULL || cc->cipher == NULL) + return; + if ((cc->cipher->flags & CFLAG_CHACHAPOLY) != 0) { ++#ifdef WITH_OPENSSL ++ if ((cc->cipher->flags & CFLAG_MT) != 0) { ++ chachapoly_free_mt(cc->cp_ctx_mt); ++ cc->cp_ctx_mt = NULL; ++ } else { ++ chachapoly_free(cc->cp_ctx); ++ cc->cp_ctx = NULL; ++ } ++#else + chachapoly_free(cc->cp_ctx); + cc->cp_ctx = NULL; ++#endif + } else if ((cc->cipher->flags & CFLAG_AESCTR) != 0) + explicit_bzero(&cc->ac_ctx, sizeof(cc->ac_ctx)); + #ifdef WITH_OPENSSL + EVP_CIPHER_CTX_free(cc->evp); + cc->evp = NULL; ++ /* if meth_ptr isn't null then we are using the aes_ctr_mt ++ * evp_cipher_meth_new() in cipher-ctr-mt.c under OSSL 1.1 ++ * if we don't explicitly free it then, even though we free ++ * the ctx it is a part of it doesn't get freed. So... ++ * cjr 2/7/2023 ++ */ ++ if (cc->meth_ptr != NULL) { ++ EVP_CIPHER_meth_free((void *)(EVP_CIPHER *)cc->meth_ptr); ++ cc->meth_ptr = NULL; ++ } + #endif + freezero(cc, sizeof(*cc)); + } +diff -Nur openssh-9.6p1.orig/cipher-chachapoly.c openssh-9.6p1/cipher-chachapoly.c +--- openssh-9.6p1.orig/cipher-chachapoly.c 2023-12-18 15:59:50.000000000 +0100 ++++ openssh-9.6p1/cipher-chachapoly.c 2024-07-10 13:34:02.711358567 +0200 +@@ -88,7 +88,7 @@ + if (!do_encrypt) { + const u_char *tag = src + aadlen + len; + +- poly1305_auth(expected_tag, src, aadlen + len, poly_key); ++ poly1305_auth(NULL, expected_tag, src, aadlen + len, poly_key); + if (timingsafe_bcmp(expected_tag, tag, POLY1305_TAGLEN) != 0) { + r = SSH_ERR_MAC_INVALID; + goto out; +@@ -108,7 +108,7 @@ + + /* If encrypting, calculate and append tag */ + if (do_encrypt) { +- poly1305_auth(dest + aadlen + len, dest, aadlen + len, ++ poly1305_auth(NULL, dest + aadlen + len, dest, aadlen + len, + poly_key); + } + r = 0; +diff -Nur openssh-9.6p1.orig/cipher-chachapoly-libcrypto.c openssh-9.6p1/cipher-chachapoly-libcrypto.c +--- openssh-9.6p1.orig/cipher-chachapoly-libcrypto.c 2023-12-18 15:59:50.000000000 +0100 ++++ openssh-9.6p1/cipher-chachapoly-libcrypto.c 2024-07-10 13:34:02.711358567 +0200 +@@ -34,8 +34,17 @@ + #include "ssherr.h" + #include "cipher-chachapoly.h" + ++/* using the EVP_MAC interface for poly1305 is significantly ++ * faster than the version bundled with OpenSSH. However, ++ * this interface is only available in OpenSSL 3.0+ ++ * -cjr 10/21/2022 */ + struct chachapoly_ctx { + EVP_CIPHER_CTX *main_evp, *header_evp; ++#ifdef OPENSSL_HAVE_POLY_EVP ++ EVP_MAC_CTX *poly_ctx; ++#else ++ char *poly_ctx; ++#endif + }; + + struct chachapoly_ctx * +@@ -56,6 +65,15 @@ + goto fail; + if (EVP_CIPHER_CTX_iv_length(ctx->header_evp) != 16) + goto fail; ++#ifdef OPENSSL_HAVE_POLY_EVP ++ EVP_MAC *mac = NULL; ++ if ((mac = EVP_MAC_fetch(NULL, "POLY1305", NULL)) == NULL) ++ goto fail; ++ if ((ctx->poly_ctx = EVP_MAC_CTX_new(mac)) == NULL) ++ goto fail; ++#else ++ ctx->poly_ctx = NULL; ++#endif + return ctx; + fail: + chachapoly_free(ctx); +@@ -69,6 +87,9 @@ + return; + EVP_CIPHER_CTX_free(cpctx->main_evp); + EVP_CIPHER_CTX_free(cpctx->header_evp); ++#ifdef OPENSSL_HAVE_POLY_EVP ++ EVP_MAC_CTX_free(cpctx->poly_ctx); ++#endif + freezero(cpctx, sizeof(*cpctx)); + } + +@@ -107,7 +128,7 @@ + if (!do_encrypt) { + const u_char *tag = src + aadlen + len; + +- poly1305_auth(expected_tag, src, aadlen + len, poly_key); ++ poly1305_auth(ctx->poly_ctx, expected_tag, src, aadlen + len, poly_key); + if (timingsafe_bcmp(expected_tag, tag, POLY1305_TAGLEN) != 0) { + r = SSH_ERR_MAC_INVALID; + goto out; +@@ -133,7 +154,7 @@ + + /* If encrypting, calculate and append tag */ + if (do_encrypt) { +- poly1305_auth(dest + aadlen + len, dest, aadlen + len, ++ poly1305_auth(ctx->poly_ctx, dest + aadlen + len, dest, aadlen + len, + poly_key); + } + r = 0; +diff -Nur openssh-9.6p1.orig/cipher-chachapoly-libcrypto-mt.c openssh-9.6p1/cipher-chachapoly-libcrypto-mt.c +--- openssh-9.6p1.orig/cipher-chachapoly-libcrypto-mt.c 1970-01-01 01:00:00.000000000 +0100 ++++ openssh-9.6p1/cipher-chachapoly-libcrypto-mt.c 2024-07-10 13:34:02.712358571 +0200 +@@ -0,0 +1,695 @@ ++/* ++ * Copyright (c) 2023 The Board of Trustees of Carnegie Mellon University. ++ * ++ * Author: Mitchell Dorrell ++ * Author: Chris Rapier ++ * ++ * This library is free software; you can redistribute it and/or modify it ++ * under the terms of the MIT License. ++ * ++ * This library is distributed in the hope that it will be useful, but WITHOUT ++ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or ++ * FITNESS FOR A PARTICULAR PURPOSE. See the MIT License for more details. ++ * ++ * You should have received a copy of the MIT License along with this library; ++ * if not, see http://opensource.org/licenses/MIT. ++ * ++ */ ++ ++/* TODO: audit includes */ ++ ++#include "includes.h" ++#ifdef WITH_OPENSSL ++#include "openbsd-compat/openssl-compat.h" ++#endif ++ ++#if defined(HAVE_EVP_CHACHA20) && !defined(HAVE_BROKEN_CHACHA20) ++ ++#include ++#include /* needed for getpid under C99 */ ++#include /* needed for log.h */ ++#include ++#include /* needed for misc.h */ ++#include ++ ++#include ++ ++#include "defines.h" ++#include "log.h" ++#include "sshbuf.h" ++#include "ssherr.h" ++ ++#include "xmalloc.h" ++#include "cipher-chachapoly.h" ++#include "cipher-chachapoly-libcrypto-mt.h" ++ ++#ifndef likely ++# define likely(x) __builtin_expect(!!(x), 1) ++#endif ++#ifndef unlikely ++# define unlikely(x) __builtin_expect(!!(x), 0) ++#endif ++ ++/* Size of keystream to pregenerate, measured in bytes ++ * we want to round up to the nearest chacha block and have ++ * 128 bytes for overhead */ ++#define ROUND_UP(x,y) (((((x)-1)/(y))+1)*(y)) ++#define KEYSTREAMLEN (ROUND_UP((SSH_IOBUFSZ) + 128, (CHACHA_BLOCKLEN))) ++ ++/* BEGIN TUNABLES */ ++ ++/* Number of worker threads to spawn. */ ++/* the goal is to ensure that main is never ++ * waiting on the worker threads for keystream data */ ++#define NUMTHREADS 1 ++ ++/* 64 seems to be a pretty blance between memory and performance ++ * 128 is another option with somewhat higher memory consumption */ ++#define NUMSTREAMS 64 ++ ++/* END TUNABLES */ ++ ++struct mt_keystream { ++ u_char poly_key[POLY1305_KEYLEN]; /* POLY1305_KEYLEN == 32 */ ++ u_char headerStream[CHACHA_BLOCKLEN]; /* CHACHA_BLOCKLEN == 64 */ ++ u_char mainStream[KEYSTREAMLEN]; /* KEYSTREAMLEN == 32768 */ ++}; ++ ++struct threadData { ++ EVP_CIPHER_CTX * main_evp; ++ EVP_CIPHER_CTX * header_evp; ++ u_char seqbuf[16]; ++}; ++ ++struct mt_keystream_batch { ++ u_int batchID; ++ struct threadData tds[NUMTHREADS]; ++ struct mt_keystream streams[NUMSTREAMS]; ++}; ++ ++struct chachapoly_ctx_mt { ++ u_int seqnr; ++ u_int batchID; ++ ++ struct mt_keystream_batch batches[2]; ++ ++ pthread_t manager_tid[2]; ++ pthread_t self_tid; ++ ++ pid_t mainpid; ++ u_char zeros[KEYSTREAMLEN]; /* KEYSTREAMLEN == 32768 */ ++ ++ /* if OpenSSL has support for Poly1305 in the MAC EVPs ++ * use that (OSSL >= 3.0) if not then it's OSSL 1.1 so ++ * use the Poly1305 digest methods. Failing that use the ++ * internal poly1305 methods */ ++#ifdef OPENSSL_HAVE_POLY_EVP ++ EVP_MAC_CTX *poly_ctx; ++#elif !defined(WITH_OPENSSL3) && defined(EVP_PKEY_POLY1305) ++ EVP_PKEY_CTX *poly_ctx; ++ EVP_MD_CTX *md_ctx; ++ EVP_PKEY *pkey; ++ size_t ptaglen; ++#else ++ char *poly_ctx; ++#endif ++}; ++ ++struct manager_thread_args { ++ struct chachapoly_ctx_mt * ctx_mt; ++ u_int oldBatchID; ++ int retval; ++}; ++ ++struct worker_thread_args { ++ u_int batchID; ++ struct mt_keystream_batch * batch; ++ int threadIndex; ++ u_char * zeros; ++ int retval; ++}; ++ ++/* generate the keystream and header ++ * we use nulls for the "data" (the zeros variable) in order to ++ * get the raw keystream ++ * Returns 0 on success and -1 on failure */ ++int ++generate_keystream(struct mt_keystream * ks, u_int seqnr, ++ struct threadData * td, u_char * zeros) ++{ ++ /* generate poly1305 key */ ++ memset(td->seqbuf, 0, sizeof(td->seqbuf)); ++ POKE_U64(td->seqbuf + 8, seqnr); ++ memset(ks->poly_key , 0, sizeof(ks->poly_key)); ++ if (!EVP_CipherInit(td->main_evp, NULL, NULL, td->seqbuf, 1) || ++ EVP_Cipher(td->main_evp, ks->poly_key, ks->poly_key, ++ sizeof(ks->poly_key)) < 0) ++ return -1; ++ ++ /* generate header keystream for encrypting payload length */ ++ if (!EVP_CipherInit(td->header_evp, NULL, NULL, td->seqbuf, 1) || ++ EVP_Cipher(td->header_evp, ks->headerStream, zeros, CHACHA_BLOCKLEN) ++ < 0 ) ++ return -1; ++ ++ /* generate main keystream for encrypting payload */ ++ td->seqbuf[0] = 1; ++ if (!EVP_CipherInit(td->main_evp, NULL, NULL, td->seqbuf, 1) || ++ EVP_Cipher(td->main_evp, ks->mainStream, zeros, KEYSTREAMLEN) < 0) ++ return -1; ++ ++ return 0; ++} ++ ++/* free the EVP contexts associated with the give thread */ ++void ++free_threadData(struct threadData * td) ++{ ++ if (td == NULL) ++ return; ++ if (td->main_evp) /* false if initialization didn't get this far */ ++ EVP_CIPHER_CTX_free(td->main_evp); ++ if (td->header_evp) /* false if initialization didn't get this far */ ++ EVP_CIPHER_CTX_free(td->header_evp); ++ explicit_bzero(td, sizeof(*td)); ++} ++ ++/* initialize the EVPs used by the worker thread ++ Returns 0 on success and -1 on failure */ ++int ++initialize_threadData(struct threadData * td, const u_char *key) ++{ ++ memset(td,0,sizeof(*td)); ++ if ((td->main_evp = EVP_CIPHER_CTX_new()) == NULL || ++ (td->header_evp = EVP_CIPHER_CTX_new()) == NULL) ++ goto fail; ++ if (!EVP_CipherInit(td->main_evp, EVP_chacha20(), key, NULL, 1)) ++ goto fail; ++ if (!EVP_CipherInit(td->header_evp, EVP_chacha20(), key + 32, NULL, 1)) ++ goto fail; ++ if (EVP_CIPHER_CTX_iv_length(td->header_evp) != 16) ++ goto fail; ++ return 0; ++ fail: ++ free_threadData(td); ++ return -1; ++} ++ ++struct worker_thread_args * ++worker_thread(struct worker_thread_args * args) ++{ ++ /* check first */ ++ if (args == NULL) ++ return NULL; ++ if (args->batch == NULL || args->zeros == NULL) { ++ args->retval = 1; ++ return args; ++ } ++ ++ int threadIndex = args->threadIndex; ++ struct threadData * td = &(args->batch->tds[threadIndex]); ++ u_int refseqnr = args->batchID * NUMSTREAMS; ++ ++ for (int i = threadIndex; i < NUMSTREAMS; i += NUMTHREADS) { ++ if (generate_keystream(&(args->batch->streams[i]), refseqnr + i, ++ td, args->zeros) == -1) { ++ args->retval = 1; ++ return args; ++ } ++ } ++ ++ args->retval = 0; ++ return args; ++} ++ ++int ++join_manager_thread(pthread_t manager_tid) ++{ ++ struct manager_thread_args * args; ++ if (pthread_join(manager_tid, (void **) &args) == 0) { ++ if (args == NULL) { ++ debug_f("Manager thread returned NULL!"); ++ return 1; ++ } else if (args == PTHREAD_CANCELED) { ++ debug_f("Manager thread canceled!"); ++ return 1; ++ } else if (args->retval != 0) { ++ debug_f("Manager thread error (%d)", args->retval); ++ free(args); ++ return 1; ++ } else { ++ free(args); ++ return 0; ++ } ++ } else { ++ debug_f("pthread_join error!"); ++ return 1; ++ } ++} ++ ++void ++chachapoly_free_mt(struct chachapoly_ctx_mt * ctx_mt) ++{ ++ if (ctx_mt == NULL) ++ return; ++ ++#ifdef OPENSSL_HAVE_POLY_EVP ++ if (ctx_mt->poly_ctx != NULL) { ++ EVP_MAC_CTX_free(ctx_mt->poly_ctx); ++ ctx_mt->poly_ctx = NULL; ++ } ++#elif !defined(WITH_OPENSSL3) && defined(EVP_PKEY_POLY1305) ++ if (ctx_mt->md_ctx != NULL) { ++ EVP_MD_CTX_free(ctx_mt->md_ctx); ++ ctx_mt->md_ctx = NULL; ++ } ++ if (ctx_mt->pkey != NULL) { ++ EVP_PKEY_free(ctx_mt->pkey); ++ ctx_mt->pkey = NULL; ++ } ++#endif ++ ++ /* ++ * Only cleanup the manager threads if we are the PID that initialized ++ * them! If we're a fork, the threads don't really exist. ++ */ ++ ++ if (getpid() == ctx_mt->mainpid) { ++ if (ctx_mt->manager_tid[0] != ctx_mt->self_tid) { ++ join_manager_thread(ctx_mt->manager_tid[0]); ++ ctx_mt->manager_tid[0] = ctx_mt->self_tid; ++ } ++ if (ctx_mt->manager_tid[1] != ctx_mt->self_tid) { ++ join_manager_thread(ctx_mt->manager_tid[1]); ++ ctx_mt->manager_tid[1] = ctx_mt->self_tid; ++ } ++ } ++ ++ /* Cleanup thread data structures. */ ++ for (int i=0; i<2; i++) ++ for (int j=0; jbatches[i].tds[j])); ++ ++ /* Zero and free the whole multithreaded cipher context. */ ++ freezero(ctx_mt, sizeof(*ctx_mt)); ++ ++ return; ++} ++ ++struct chachapoly_ctx_mt * ++chachapoly_new_mt(u_int startseqnr, const u_char * key, u_int keylen) ++{ ++ struct chachapoly_ctx_mt * ctx_mt = xmalloc(sizeof(*ctx_mt)); ++ memset(ctx_mt, 0, sizeof(*ctx_mt)); ++ /* Initialize the sequence number. When rekeying, this won't be zero. */ ++ ctx_mt->seqnr = startseqnr; ++ ctx_mt->batchID = startseqnr / NUMSTREAMS; ++ struct threadData mainData; ++ int tDataI; ++ int genKSfailed = 0; ++ ++#ifdef OPENSSL_HAVE_POLY_EVP ++ EVP_MAC *mac = NULL; ++ if ((mac = EVP_MAC_fetch(NULL, "POLY1305", NULL)) == NULL) ++ goto fail; ++ if ((ctx_mt->poly_ctx = EVP_MAC_CTX_new(mac)) == NULL) ++ goto fail; ++#elif !defined(WITH_OPENSSL3) && defined(EVP_PKEY_POLY1305) ++ if ((ctx_mt->md_ctx = EVP_MD_CTX_new()) == NULL) ++ goto fail; ++ if ((ctx_mt->pkey = EVP_PKEY_new_mac_key(EVP_PKEY_POLY1305, NULL, ++ ctx_mt->zeros, POLY1305_KEYLEN)) == NULL) ++ goto fail; ++ if (EVP_DigestSignInit(ctx_mt->md_ctx, &ctx_mt->poly_ctx, NULL, NULL, ++ ctx_mt->pkey) == 0) ++ goto fail; ++#else ++ ctx_mt->poly_ctx = NULL; ++#endif ++ ++ ctx_mt->batches[ctx_mt->batchID % 2].batchID = ctx_mt->batchID; ++ ctx_mt->batches[(ctx_mt->batchID + 1) % 2].batchID = ++ ctx_mt->batchID + 1; ++ ++ /* initialize batches[0] tds */ ++ for (tDataI = 0; tDataI < NUMTHREADS; tDataI++) { ++ if (initialize_threadData(&(ctx_mt->batches[0].tds[tDataI]), ++ key) != 0) ++ break; ++ } ++ if (tDataI < NUMTHREADS) { ++ /* Backtrack starting with 'tDataI - 1' */ ++ for (tDataI--; tDataI >= 0; tDataI--) ++ free_threadData(&(ctx_mt->batches[0].tds[tDataI])); ++ goto fail; ++ } ++ /* initialize batches[1] tds */ ++ for (tDataI = 0; tDataI < NUMTHREADS; tDataI++) { ++ if (initialize_threadData(&(ctx_mt->batches[1].tds[tDataI]), ++ key) != 0) ++ break; ++ } ++ if (tDataI < NUMTHREADS) { ++ /* Backtrack starting with 'tDataI - 1' */ ++ for (tDataI--; tDataI >= 0; tDataI--) ++ free_threadData(&(ctx_mt->batches[1].tds[tDataI])); ++ /* Free the batches[0] tds too */ ++ for (tDataI = NUMTHREADS; tDataI >= 0; tDataI--) ++ free_threadData(&(ctx_mt->batches[0].tds[tDataI])); ++ goto fail; ++ } ++ ++ if (initialize_threadData(&mainData, key) != 0) { ++ chachapoly_free_mt(ctx_mt); ++ explicit_bzero(&startseqnr, sizeof(startseqnr)); ++ return NULL; ++ } ++ ++ for (int i=0; i<2; i++) { ++ u_int refseqnr = ctx_mt->batches[i].batchID * NUMSTREAMS; ++ for (int j = startseqnr > refseqnr ? startseqnr - refseqnr : 0; ++ jbatches[i].streams[j]), ++ refseqnr + j, &mainData, ctx_mt->zeros) == -1) { ++ debug_f("generate_keystream failed in " ++ "chacha20-poly1305@hpnssh.org"); ++ genKSfailed = 1; ++ break; /* imperfect, but it helps */ ++ } ++ } ++ } ++ ++ free_threadData(&mainData); ++ ++ if (genKSfailed != 0) { ++ chachapoly_free_mt(ctx_mt); ++ explicit_bzero(&startseqnr, sizeof(startseqnr)); ++ return NULL; ++ } ++ ++ /* Store the PID so that in the future, we can tell if we're a fork */ ++ ctx_mt->mainpid = getpid(); ++ ctx_mt->self_tid = pthread_self(); ++ ctx_mt->manager_tid[0] = ctx_mt->self_tid; ++ ctx_mt->manager_tid[1] = ctx_mt->self_tid; ++ /* was reporting the TID using gettid() but it's not portable */ ++ debug2_f("
", getpid(), pthread_self()); ++ ++ /* Success! */ ++ explicit_bzero(&startseqnr, sizeof(startseqnr)); ++ return ctx_mt; ++ ++ fail: ++#ifdef OPENSSL_HAVE_POLY_EVP ++ if (ctx_mt->poly_ctx != NULL) { ++ EVP_MAC_CTX_free(ctx_mt->poly_ctx); ++ ctx_mt->poly_ctx = NULL; ++ } ++#elif !defined(WITH_OPENSSL3) && defined(EVP_PKEY_POLY1305) ++ if (ctx_mt->md_ctx != NULL) { ++ EVP_MD_CTX_free(ctx_mt->md_ctx); ++ ctx_mt->md_ctx = NULL; ++ } ++ if (ctx_mt->pkey != NULL) { ++ EVP_PKEY_free(ctx_mt->pkey); ++ ctx_mt->pkey = NULL; ++ } ++#endif ++ freezero(ctx_mt, sizeof(*ctx_mt)); ++ explicit_bzero(&startseqnr, sizeof(startseqnr)); ++ return NULL; ++} ++ ++/* a fast method to XOR the keystream against the data */ ++static inline void ++fastXOR(u_char *dest, const u_char *src, const u_char *keystream, u_int len) ++{ ++ ++ /* XXX: this was __uint128_t but that was causing unaligned load errors. ++ * this works but we need to explore it more. */ ++ typedef uint32_t chunk; ++ size_t i; ++ ++ for (i=0; i < (len / sizeof(chunk)); i++) ++ ((chunk *)dest)[i]=((chunk *)src)[i]^((chunk *)keystream)[i]; ++ for (i=i*(sizeof(chunk) / sizeof(char)); i < len; i++) ++ dest[i]=src[i]^keystream[i]; ++} ++ ++struct manager_thread_args * ++manager_thread(struct manager_thread_args * margs) { ++ /* make sure we have valid data before proceeding */ ++ if (margs == NULL) ++ return NULL; ++ ++ struct chachapoly_ctx_mt * ctx_mt = margs->ctx_mt; ++ if (ctx_mt == NULL) { ++ margs->retval = 1; ++ return margs; ++ } ++ ++ u_int oldBatchID = margs->oldBatchID; ++ ++ struct mt_keystream_batch * batch = &(ctx_mt->batches[oldBatchID % 2]); ++ if (batch->batchID != oldBatchID) { ++ debug_f("Post-crypt batch miss! Seeking %u, found %u. Failing.", ++ oldBatchID, batch->batchID); ++ margs->retval = 1; ++ return margs; ++ } ++ ++ margs->retval = 0; ++ u_int batchID = oldBatchID + 2; ++ ++ pthread_t tid[NUMTHREADS]; ++ struct worker_thread_args * wargs = malloc(NUMTHREADS * sizeof(*wargs)); ++ int ti; ++ ++ for (ti = 0; ti < NUMTHREADS; ti++) { ++ wargs[ti].batchID = batchID; ++ wargs[ti].batch = batch; ++ wargs[ti].threadIndex = ti; ++ wargs[ti].zeros = ctx_mt->zeros; ++ if (pthread_create(&(tid[ti]), NULL, (void *) worker_thread, ++ &(wargs[ti])) != 0) { ++ margs->retval = 1; ++ break; ++ } ++ } ++ for (; ti < NUMTHREADS; ti++) /* for error condition */ ++ tid[ti] = pthread_self(); ++ ++ struct worker_thread_args * retwargs; ++ ++ for (ti = 0; ti < NUMTHREADS; ti++) { ++ if (tid[ti] == pthread_self()) { ++ margs->retval = 1; /* redundant, but harmless */ ++ continue; ++ } ++ if (pthread_join(tid[ti], (void **) &retwargs) == 0) { ++ if (retwargs == NULL) { ++ debug_f("Worker thread returned NULL!"); ++ margs->retval = 1; ++ } else if (retwargs == PTHREAD_CANCELED) { ++ debug_f("Worker thread canceled!"); ++ margs->retval = 1; ++ } else { ++ if (retwargs->retval != 0) { ++ debug_f("Worker thread error (%d)", ++ retwargs->retval); ++ margs->retval = 1; ++ } ++ if (retwargs != &(wargs[ti])) { ++ debug_f("Worker thread didn't return " ++ "expected structure!"); ++ margs->retval = 1; ++ } ++ } ++ } else { ++ debug_f("pthread_join error!"); ++ margs->retval = 1; ++ } ++ } ++ free(wargs); ++ ++ if (margs->retval == 0) { ++ batch->batchID = batchID; ++ } ++ ++ return margs; ++} ++ ++int ++chachapoly_crypt_mt(struct chachapoly_ctx_mt *ctx_mt, u_int seqnr, u_char *dest, ++ const u_char *src, u_int len, u_int aadlen, u_int authlen, int do_encrypt) ++{ ++#ifdef SAFETY ++ if (ctx_mt->mainpid != getpid()) { /* we're a fork */ ++ /* ++ * TODO: this is EXTREMELY RARE, may never happen at all (only ++ * if the fork calls crypt), so we should tell the compiler. ++ */ ++ /* The worker threads don't exist, we could spawn them? */ ++ debug_f("Fork called crypt without workers!"); ++ chachapoly_free_mt(ctx_mt); ++ return SSH_ERR_INTERNAL_ERROR; ++ } ++#endif ++ ++ pthread_t * manager_tid = &(ctx_mt->manager_tid[ctx_mt->batchID % 2]); ++ if (unlikely(*manager_tid != ctx_mt->self_tid)) { ++ int ret = join_manager_thread(*manager_tid); ++ *manager_tid = ctx_mt->self_tid; ++ if (ret != 0) ++ return SSH_ERR_INTERNAL_ERROR; ++ } ++ ++ struct mt_keystream_batch * batch = ++ &(ctx_mt->batches[ctx_mt->batchID % 2]); ++ ++ struct mt_keystream * ks = &(batch->streams[seqnr % NUMSTREAMS]); ++ ++ int r = SSH_ERR_INTERNAL_ERROR; ++ ++#ifdef SAFETY ++ if (batch->batchID == ctx_mt->batchID) { /* Safety check */ ++#endif ++ /* check tag before anything else */ ++ if (!do_encrypt) { ++ const u_char *tag = src + aadlen + len; ++ u_char expected_tag[POLY1305_TAGLEN]; ++#if !defined(WITH_OPENSSL3) && defined(EVP_PKEY_POLY1305) ++ if ((EVP_PKEY_CTX_ctrl(ctx_mt->poly_ctx, -1, ++ EVP_PKEY_OP_SIGNCTX, EVP_PKEY_CTRL_SET_MAC_KEY, ++ POLY1305_KEYLEN, ks->poly_key) <= 0) || ++ (EVP_DigestSignUpdate(ctx_mt->md_ctx, src, aadlen + len) == 0)) { ++ debug_f("SSL error while decrypting poly1305 tag"); ++ return SSH_ERR_INTERNAL_ERROR; ++ } ++ ctx_mt->ptaglen = POLY1305_TAGLEN; ++ if (EVP_DigestSignFinal(ctx_mt->md_ctx, expected_tag, ++ &ctx_mt->ptaglen) == 0) { ++ debug_f("SSL error while finalizing decyrpted poly1305"); ++ return SSH_ERR_INTERNAL_ERROR; ++ } ++#else ++ poly1305_auth(ctx_mt->poly_ctx, expected_tag, src, ++ aadlen + len, ks->poly_key); ++#endif ++ if (timingsafe_bcmp(expected_tag, tag, POLY1305_TAGLEN) ++ != 0) ++ r = SSH_ERR_MAC_INVALID; ++ explicit_bzero(expected_tag, sizeof(expected_tag)); ++ } ++ if (r != SSH_ERR_MAC_INVALID) { ++ /* Crypt additional data (i.e., packet length) */ ++ /* TODO: is aadlen always four bytes? */ ++ /* TODO: do we always have an aadlen? */ ++ if (aadlen) ++ for (u_int i=0; iheaderStream[i] ^ src[i]; ++ /* Crypt payload */ ++ fastXOR(dest+aadlen,src+aadlen,ks->mainStream,len); ++ /* calculate and append tag */ ++#if !defined(WITH_OPENSSL3) && defined(EVP_PKEY_POLY1305) ++ if (do_encrypt) { ++ if ((EVP_PKEY_CTX_ctrl(ctx_mt->poly_ctx, -1, ++ EVP_PKEY_OP_SIGNCTX, EVP_PKEY_CTRL_SET_MAC_KEY, ++ POLY1305_KEYLEN, ks->poly_key) <=0) || ++ (EVP_DigestSignUpdate(ctx_mt->md_ctx, dest, aadlen + len) == 0)) { ++ debug_f ("SSL error while encrypting poly1305 tag"); ++ return SSH_ERR_INTERNAL_ERROR; ++ } ++ ctx_mt->ptaglen = POLY1305_TAGLEN; ++ if (EVP_DigestSignFinal(ctx_mt->md_ctx, dest+aadlen+len, ++ &ctx_mt->ptaglen) == 0) { ++ debug_f("SSL error while finalizing decyrpted poly1305"); ++ return SSH_ERR_INTERNAL_ERROR; ++ } ++ } ++#else ++ if (do_encrypt) ++ poly1305_auth(ctx_mt->poly_ctx, dest+aadlen+len, ++ dest, aadlen+len, ks->poly_key); ++#endif ++ r=0; /* Success! */ ++ } ++ if (r) /* Anything nonzero is an error. */ ++ return r; ++ ++ ctx_mt->seqnr = seqnr + 1; ++ ++ if (unlikely(ctx_mt->seqnr / NUMSTREAMS > ctx_mt->batchID)) { ++ struct manager_thread_args * args = ++ malloc(sizeof(*args)); ++ if (args == NULL) { ++ return SSH_ERR_INTERNAL_ERROR; ++ } ++ args->ctx_mt = ctx_mt; ++ args->oldBatchID = ctx_mt->batchID; ++ if (pthread_create(&(ctx_mt->manager_tid[ctx_mt->batchID ++ % 2]), NULL, (void *) manager_thread, args) != 0) { ++ free(args); ++ return SSH_ERR_INTERNAL_ERROR; ++ } ++ ctx_mt->batchID = ctx_mt->seqnr / NUMSTREAMS; ++ } ++ ++ /* TODO: Nothing we need to sanitize here? */ ++ ++ return 0; ++#ifdef SAFETY ++ } else { /* Bad, it's the wrong batch. */ ++ debug_f( "Pre-crypt batch miss! Seeking %u, found %u. Failing.", ++ ctx_mt->batchID, batch->batchID); ++ return SSH_ERR_INTERNAL_ERROR; ++ } ++#endif ++} ++ ++int ++chachapoly_get_length_mt(struct chachapoly_ctx_mt *ctx_mt, u_int *plenp, ++ u_int seqnr, const u_char *cp, u_int len) ++{ ++ /* TODO: add compiler hints */ ++#ifdef SAFETY ++ if (ctx_mt->mainpid != getpid()) { /* Use serial mode if we're a fork */ ++ debug_f("We're a fork. Failing."); ++ return SSH_ERR_INTERNAL_ERROR; ++ } ++#endif ++ ++ if (len < 4) ++ return SSH_ERR_MESSAGE_INCOMPLETE; ++ ++ pthread_t * manager_tid = &(ctx_mt->manager_tid[ctx_mt->batchID % 2]); ++ if (unlikely(*manager_tid != ctx_mt->self_tid)) { ++ int ret = join_manager_thread(*manager_tid); ++ *manager_tid = ctx_mt->self_tid; ++ if (ret != 0) ++ return SSH_ERR_INTERNAL_ERROR; ++ } ++ ++ u_char buf[4]; ++#ifdef SAFETY ++ u_int sought_batchID = seqnr / NUMSTREAMS; ++#endif ++ struct mt_keystream_batch * batch = ++ &(ctx_mt->batches[ctx_mt->batchID % 2]); ++ struct mt_keystream * ks = &(batch->streams[seqnr % NUMSTREAMS]); ++#ifdef SAFETY ++ if (batch->batchID == sought_batchID) { ++#endif ++ for (u_int i=0; i < sizeof(buf); i++) ++ buf[i]=ks->headerStream[i] ^ cp[i]; ++ *plenp = PEEK_U32(buf); ++ return 0; ++#ifdef SAFETY ++ } else { ++ debug_f("Batch miss! Seeking %u, found %u. Failing.", ++ sought_batchID, batch->batchID); ++ return SSH_ERR_INTERNAL_ERROR; ++ } ++#endif ++} ++#endif /* defined(HAVE_EVP_CHACHA20) && !defined(HAVE_BROKEN_CHACHA20) */ +diff -Nur openssh-9.6p1.orig/cipher-chachapoly-libcrypto-mt.h openssh-9.6p1/cipher-chachapoly-libcrypto-mt.h +--- openssh-9.6p1.orig/cipher-chachapoly-libcrypto-mt.h 1970-01-01 01:00:00.000000000 +0100 ++++ openssh-9.6p1/cipher-chachapoly-libcrypto-mt.h 2024-07-10 13:34:02.712358571 +0200 +@@ -0,0 +1,45 @@ ++/* ++ * Copyright (c) 2023 The Board of Trustees of Carnegie Mellon University. ++ * ++ * Author: Mitchell Dorrell ++ * Author: Chris Rapier ++ * ++ * This library is free software; you can redistribute it and/or modify it ++ * under the terms of the MIT License. ++ * ++ * This library is distributed in the hope that it will be useful, but WITHOUT ++ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or ++ * FITNESS FOR A PARTICULAR PURPOSE. See the MIT License for more details. ++ * ++ * You should have received a copy of the MIT License along with this library; ++ * if not, see http://opensource.org/licenses/MIT. ++ * ++ */ ++ ++#ifndef CHACHA_POLY_LIBCRYPTO_MT_H ++#define CHACHA_POLY_LIBCRYPTO_MT_H ++ ++#include ++#include "chacha.h" ++#include "poly1305.h" ++ ++#ifndef CHACHA_KEYLEN ++#define CHACHA_KEYLEN 32 /* Only 256 bit keys used here */ ++#endif ++ ++struct chachapoly_ctx_mt; /* defined in cipher-chachapoly-libcrypto-mt.c */ ++ ++struct chachapoly_ctx_mt *chachapoly_new_mt(u_int startseqnr, const u_char *key, u_int keylen) ++ __attribute__((__bounded__(__buffer__, 2, 3))); ++ ++void chachapoly_free_mt(struct chachapoly_ctx_mt *cpctx); ++ ++int chachapoly_crypt_mt(struct chachapoly_ctx_mt *cpctx, u_int seqnr, ++ u_char *dest, const u_char *src, u_int len, u_int aadlen, ++ u_int authlen, int do_encrypt); ++ ++int chachapoly_get_length_mt(struct chachapoly_ctx_mt *cpctx, ++ u_int *plenp, u_int seqnr, const u_char *cp, u_int len) ++ __attribute__((__bounded__(__buffer__, 4, 5))); ++ ++#endif /* CHACHA_POLY_LIBCRYPTO_MT_H */ +diff -Nur openssh-9.6p1.orig/cipher-ctr-mt.c openssh-9.6p1/cipher-ctr-mt.c +--- openssh-9.6p1.orig/cipher-ctr-mt.c 1970-01-01 01:00:00.000000000 +0100 ++++ openssh-9.6p1/cipher-ctr-mt.c 2024-07-10 13:58:24.488736203 +0200 +@@ -0,0 +1,677 @@ ++/* ++ * OpenSSH Multi-threaded AES-CTR Cipher ++ * ++ * Author: Benjamin Bennett ++ * Author: Mike Tasota ++ * Author: Chris Rapier ++ * Copyright (c) 2008-2021 Pittsburgh Supercomputing Center. All rights reserved. ++ * ++ * Based on original OpenSSH AES-CTR cipher. Small portions remain unchanged, ++ * Copyright (c) 2003 Markus Friedl ++ * ++ * Permission to use, copy, modify, and distribute this software for any ++ * purpose with or without fee is hereby granted, provided that the above ++ * copyright notice and this permission notice appear in all copies. ++ * ++ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES ++ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF ++ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ++ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES ++ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ++ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF ++ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. ++ */ ++#include "includes.h" ++ ++#if defined(WITH_OPENSSL) && !defined(WITH_OPENSSL3) ++#include ++ ++#include ++#include ++ ++#include ++ ++#include "xmalloc.h" ++#include "log.h" ++#include ++#include "uthash.h" ++ ++/* compatibility with old or broken OpenSSL versions */ ++#include "openbsd-compat/openssl-compat.h" ++ ++#ifndef USE_BUILTIN_RIJNDAEL ++#include ++#endif ++ ++#include ++ ++#ifdef __APPLE__ ++#include ++#include ++#endif ++ ++/* note regarding threads and queues */ ++/* initially this cipher was written in a way that ++ * the key stream was generated in a per cipher block ++ * loop. For example, if the key stream queue length was ++ * 16k and the cipher block size was 16 bytes it would ++ * fill the queue 16 bytes at a time. Mitch Dorrell pointed ++ * out that we could fill the queue in once call eliminating ++ * loop and multiple calls to EVP_EncryptUpdate. Doing so ++ * dramatically reduced CPU load in the threads and indicated ++ * that we could also eliminate most of the threads and queues ++ * as it would take far less time for a queue to ebter KQ_FULL ++ * state. As such, we've reduced the default number of threads ++ * and queues from 2 and 8 (respectively) to 1 and 2. We've also ++ * elimnated the need to determine the physical number of cores on ++ * the system and, if the user desires, can spin up more threads ++ * using an environment variable. Additionally, queues is now fixed ++ * at thread_count + 1. ++ * cjr 10/19/2022 */ ++ ++/*-------------------- TUNABLES --------------------*/ ++/* maximum number of threads and queues */ ++#define MAX_THREADS 4 ++#define MAX_NUMKQ (MAX_THREADS + 1) ++ ++/* Number of pregen threads to use */ ++/* this is a default value. The actual number is ++ * determined during init as a function of the number ++ * of available cores */ ++int cipher_threads = 1; ++ ++/* Number of keystream queues */ ++/* ideally this should be large enough so that there is ++ * always a key queue for a thread to work on ++ * so maybe double of the number of threads. Again this ++ * is a default and the actual value is determined in init*/ ++int numkq = 2; ++ ++/* Length of a keystream queue */ ++/* one queue holds 512KB (1024 * 32 * 16) of key data ++ * being that the queues are destroyed after a rekey ++ * and at leats one has to be fully filled prior to ++ * enciphering data we don't want this to be too large */ ++#define KQLEN (1024 * 32) ++ ++/* Processor cacheline length */ ++#define CACHELINE_LEN 64 ++ ++/* Can the system do unaligned loads natively? */ ++#if defined(__aarch64__) || \ ++ defined(__i386__) || \ ++ defined(__powerpc__) || \ ++ defined(__x86_64__) ++# define CIPHER_UNALIGNED_OK ++#endif ++#if defined(__SIZEOF_INT128__) ++# define CIPHER_INT128_OK ++#endif ++/*-------------------- END TUNABLES --------------------*/ ++ ++#define HAVE_NONE 0 ++#define HAVE_KEY 1 ++#define HAVE_IV 2 ++int X = 0; ++ ++const EVP_CIPHER *evp_aes_ctr_mt(void); ++ ++/* Keystream Queue state */ ++enum { ++ KQINIT, ++ KQEMPTY, ++ KQFILLING, ++ KQFULL, ++ KQDRAINING ++}; ++ ++/* Keystream Queue struct */ ++struct kq { ++ u_char keys[KQLEN][AES_BLOCK_SIZE]; /* [32768][16B] */ ++ u_char ctr[AES_BLOCK_SIZE]; /* 16B */ ++ u_char pad0[CACHELINE_LEN]; ++ pthread_mutex_t lock; ++ pthread_cond_t cond; ++ int qstate; ++ u_char pad1[CACHELINE_LEN]; ++}; ++ ++/* Context struct */ ++struct ssh_aes_ctr_ctx_mt ++{ ++ long unsigned int struct_id; ++ int keylen; ++ int state; ++ int qidx; ++ int ridx; ++ int id[MAX_THREADS]; /* 32 */ ++ AES_KEY aes_key; ++ const u_char *orig_key; ++ u_char aes_counter[AES_BLOCK_SIZE]; /* 16B */ ++ pthread_t tid[MAX_THREADS]; /* 32 */ ++ pthread_rwlock_t tid_lock; ++ struct kq q[MAX_NUMKQ]; /* 33 */ ++#ifdef __APPLE__ ++ pthread_rwlock_t stop_lock; ++ int exit_flag; ++#endif /* __APPLE__ */ ++}; ++ ++/* this defines the hash and elements of evp context pointers ++ * that are created in thread_loop. We use this to clear and ++ * free the contexts in stop_and_prejoin ++ */ ++struct aes_mt_ctx_ptrs { ++ pthread_t tid; ++ EVP_CIPHER_CTX *pointer; /* 32 */ ++ UT_hash_handle hh; ++}; ++ ++/* globals */ ++/* how we increment the id the structs we create */ ++long unsigned int global_struct_id = 0; ++ ++/* keep a copy of the pointers created in thread_loop to free later */ ++struct aes_mt_ctx_ptrs *evp_ptrs = NULL; ++ ++/* ++ * Add num to counter 'ctr' ++ */ ++static void ++ssh_ctr_add(u_char *ctr, uint32_t num, u_int len) ++{ ++ int i; ++ uint16_t n; ++ ++ for (n = 0, i = len - 1; i >= 0 && (num || n); i--) { ++ n = ctr[i] + (num & 0xff) + n; ++ num >>= 8; ++ ctr[i] = n & 0xff; ++ n >>= 8; ++ } ++} ++ ++/* ++ * Threads may be cancelled in a pthread_cond_wait, we must free the mutex ++ */ ++static void ++thread_loop_cleanup(void *x) ++{ ++ pthread_mutex_unlock((pthread_mutex_t *)x); ++} ++ ++#ifdef __APPLE__ ++/* Check if we should exit, we are doing both cancel and exit condition ++ * since on OSX threads seem to occasionally fail to notice when they have ++ * been cancelled. We want to have a backup to make sure that we won't hang ++ * when the main process join()-s the cancelled thread. ++ */ ++static void ++thread_loop_check_exit(struct ssh_aes_ctr_ctx_mt *c) ++{ ++ int exit_flag; ++ ++ pthread_rwlock_rdlock(&c->stop_lock); ++ exit_flag = c->exit_flag; ++ pthread_rwlock_unlock(&c->stop_lock); ++ ++ if (exit_flag) ++ pthread_exit(NULL); ++} ++#else ++# define thread_loop_check_exit(s) ++#endif /* __APPLE__ */ ++ ++/* ++ * Helper function to terminate the helper threads ++ */ ++static void ++stop_and_join_pregen_threads(struct ssh_aes_ctr_ctx_mt *c) ++{ ++ int i; ++ ++#ifdef __APPLE__ ++ /* notify threads that they should exit */ ++ pthread_rwlock_wrlock(&c->stop_lock); ++ c->exit_flag = TRUE; ++ pthread_rwlock_unlock(&c->stop_lock); ++#endif /* __APPLE__ */ ++ ++ /* Cancel pregen threads */ ++ for (i = 0; i < cipher_threads; i++) { ++ debug ("Canceled %lu (%lu,%d)", c->tid[i], c->struct_id, c->id[i]); ++ pthread_cancel(c->tid[i]); ++ } ++ for (i = 0; i < numkq; i++) { ++ pthread_mutex_lock(&c->q[i].lock); ++ pthread_cond_broadcast(&c->q[i].cond); ++ pthread_mutex_unlock(&c->q[i].lock); ++ } ++ for (i = 0; i < cipher_threads; i++) { ++ if (pthread_kill(c->tid[i], 0) != 0) ++ debug3("AES-CTR MT pthread_join failure: Invalid thread id %lu in %s", ++ c->tid[i], __FUNCTION__); ++ else { ++ debug ("Joining %lu (%lu, %d)", c->tid[i], c->struct_id, c->id[i]); ++ pthread_mutex_destroy(&c->q[i].lock); ++ pthread_cond_destroy(&c->q[i].cond); ++ pthread_join(c->tid[i], NULL); ++ /* this finds the entry in the hash that corresponding to the ++ * thread id. That's used to find the pointer to the cipher struct ++ * created in thread_loop. */ ++ struct aes_mt_ctx_ptrs *ptr; ++ HASH_FIND_INT(evp_ptrs, &c->tid[i], ptr); ++ EVP_CIPHER_CTX_free(ptr->pointer); ++ HASH_DEL(evp_ptrs, ptr); ++ free(ptr); } ++ } ++ pthread_rwlock_destroy(&c->tid_lock); ++} ++ ++/* ++ * The life of a pregen thread: ++ * Find empty keystream queues and fill them using their counter. ++ * When done, update counter for the next fill. ++ */ ++/* previously this used the low level interface which is, sadly, ++ * slower than the EVP interface by a long shot. The original ctx (from the ++ * body of the code) isn't passed in here but we have the key and the counter ++ * which means we should be able to create the exact same ctx and use that to ++ * fill the keystream queues. I'm concerned about additional overhead but the ++ * additional speed from AESNI should make up for it. */ ++/* The above comment was made when I thought I needed to do a new EVP init for ++ * each counter increment. Turns out not to be the case -cjr 10/15/21*/ ++ ++static void * ++thread_loop(void *x) ++{ ++ EVP_CIPHER_CTX *aesni_ctx; ++ struct ssh_aes_ctr_ctx_mt *c = x; ++ struct kq *q; ++ struct aes_mt_ctx_ptrs *ptr; ++ int qidx; ++ pthread_t first_tid; ++ int outlen; ++ u_char mynull[KQLEN * AES_BLOCK_SIZE]; ++ memset(&mynull, 0, KQLEN * AES_BLOCK_SIZE); ++ ++ /* get the thread id to see if this is the first one */ ++ pthread_rwlock_rdlock(&c->tid_lock); ++ first_tid = c->tid[0]; ++ pthread_rwlock_unlock(&c->tid_lock); ++ ++ /* create the context for this thread */ ++ aesni_ctx = EVP_CIPHER_CTX_new(); ++ ++ /* keep track of the pointer for the evp in this struct ++ * so we can free it later. So we place it in a hash indexed on the ++ * thread id, which is available to us in the free function. ++ * Note, the thread id isn't necessary unique across rekeys but ++ * that's okay as they are unique during a key. */ ++ ptr = malloc(sizeof *ptr); /*freed in stop & prejoin */ ++ ptr->tid = pthread_self(); /* index for hash */ ++ ptr->pointer = aesni_ctx; ++ HASH_ADD_INT(evp_ptrs, tid, ptr); ++ ++ /* initialize the cipher ctx with the key provided ++ * determine which cipher to use based on the key size */ ++ if (c->keylen == 256) ++ EVP_EncryptInit_ex(aesni_ctx, EVP_aes_256_ctr(), NULL, c->orig_key, NULL); ++ else if (c->keylen == 128) ++ EVP_EncryptInit_ex(aesni_ctx, EVP_aes_128_ctr(), NULL, c->orig_key, NULL); ++ else if (c->keylen == 192) ++ EVP_EncryptInit_ex(aesni_ctx, EVP_aes_192_ctr(), NULL, c->orig_key, NULL); ++ else { ++ logit("Invalid key length of %d in AES CTR MT. Exiting", c->keylen); ++ exit(1); ++ } ++ ++ /* ++ * Handle the special case of startup, one thread must fill ++ * the first KQ then mark it as draining. Lock held throughout. ++ */ ++ ++ if (pthread_equal(pthread_self(), first_tid)) { ++ /* get the first element of the keyque struct */ ++ q = &c->q[0]; ++ pthread_mutex_lock(&q->lock); ++ /* if we are in the INIT state then fill the queue */ ++ if (q->qstate == KQINIT) { ++ /* set the initial counter */ ++ EVP_EncryptInit_ex(aesni_ctx, NULL, NULL, NULL, q->ctr); ++ ++ /* encypher a block sized null string (mynull) with the key. This ++ * returns the keystream because xoring the keystream ++ * against null returns the keystream. Store that in the appropriate queue */ ++ EVP_EncryptUpdate(aesni_ctx, q->keys[0], &outlen, mynull, KQLEN * AES_BLOCK_SIZE); ++ ++ /* add the number of blocks creates to the aes counter */ ++ ssh_ctr_add(q->ctr, KQLEN * numkq, AES_BLOCK_SIZE); ++ q->qstate = KQDRAINING; ++ pthread_cond_broadcast(&q->cond); ++ } ++ pthread_mutex_unlock(&q->lock); ++ } ++ ++ /* ++ * Normal case is to find empty queues and fill them, skipping over ++ * queues already filled by other threads and stopping to wait for ++ * a draining queue to become empty. ++ * ++ * Multiple threads may be waiting on a draining queue and awoken ++ * when empty. The first thread to wake will mark it as filling, ++ * others will move on to fill, skip, or wait on the next queue. ++ */ ++ for (qidx = 1;; qidx = (qidx + 1) % numkq) { ++ /* Check if I was cancelled, also checked in cond_wait */ ++ pthread_testcancel(); ++ ++ /* Check if we should exit as well */ ++ thread_loop_check_exit(c); ++ ++ /* Lock queue and block if its draining */ ++ q = &c->q[qidx]; ++ pthread_mutex_lock(&q->lock); ++ pthread_cleanup_push(thread_loop_cleanup, &q->lock); ++ while (q->qstate == KQDRAINING || q->qstate == KQINIT) { ++ thread_loop_check_exit(c); ++ pthread_cond_wait(&q->cond, &q->lock); ++ } ++ pthread_cleanup_pop(0); ++ ++ /* If filling or full, somebody else got it, skip */ ++ if (q->qstate != KQEMPTY) { ++ pthread_mutex_unlock(&q->lock); ++ continue; ++ } ++ ++ /* ++ * Empty, let's fill it. ++ * Queue lock is relinquished while we do this so others ++ * can see that it's being filled. ++ */ ++ q->qstate = KQFILLING; ++ pthread_cond_broadcast(&q->cond); ++ pthread_mutex_unlock(&q->lock); ++ ++ /* set the initial counter */ ++ EVP_EncryptInit_ex(aesni_ctx, NULL, NULL, NULL, q->ctr); ++ ++ /* see coresponding block above for useful comments */ ++ EVP_EncryptUpdate(aesni_ctx, q->keys[0], &outlen, mynull, KQLEN * AES_BLOCK_SIZE); ++ ++ /* Re-lock, mark full and signal consumer */ ++ pthread_mutex_lock(&q->lock); ++ ssh_ctr_add(q->ctr, KQLEN * numkq, AES_BLOCK_SIZE); ++ q->qstate = KQFULL; ++ pthread_cond_broadcast(&q->cond); ++ pthread_mutex_unlock(&q->lock); ++ } ++ ++ return NULL; ++} ++ ++/* this is where the data is actually enciphered and deciphered */ ++/* this may also benefit from upgrading to the EVP API */ ++static int ++ssh_aes_ctr(EVP_CIPHER_CTX *ctx, u_char *dest, const u_char *src, ++ size_t len) ++{ ++ typedef union { ++#ifdef CIPHER_INT128_OK ++ __uint128_t *u128; ++#endif ++ uint64_t *u64; ++ uint32_t *u32; ++ uint8_t *u8; ++ const uint8_t *cu8; ++ uintptr_t u; ++ } ptrs_t; ++ ptrs_t destp, srcp, bufp; ++ uintptr_t align; ++ struct ssh_aes_ctr_ctx_mt *c; ++ struct kq *q, *oldq; ++ int ridx; ++ u_char *buf; ++ ++ if (len == 0) ++ return 1; ++ if ((c = EVP_CIPHER_CTX_get_app_data(ctx)) == NULL) ++ return 0; ++ ++ q = &c->q[c->qidx]; ++ ridx = c->ridx; ++ ++ /* src already padded to block multiple */ ++ srcp.cu8 = src; ++ destp.u8 = dest; ++ do { /* do until len is 0 */ ++ buf = q->keys[ridx]; ++ bufp.u8 = buf; ++ ++ /* figure out the alignment on the fly */ ++#ifdef CIPHER_UNALIGNED_OK ++ align = 0; ++#else ++ align = destp.u | srcp.u | bufp.u; ++#endif ++ ++ /* xor the src against the key (buf) ++ * different systems can do all 16 bytes at once or ++ * may need to do it in 8 or 4 bytes chunks ++ * worst case is doing it as a loop */ ++#ifdef CIPHER_INT128_OK ++ /* with GCC 13 we have having consistent seg faults ++ * in this section of code. Since this is a critical ++ * code path we are removing this until we have a solution ++ * in place -cjr 02/22/24 ++ * TODO: FIX THIS ++ */ ++ /* if ((align & 0xf) == 0) { */ ++ /* destp.u128[0] = srcp.u128[0] ^ bufp.u128[0]; */ ++ /* } else */ ++#endif ++ /* 64 bits */ ++ if ((align & 0x7) == 0) { ++ destp.u64[0] = srcp.u64[0] ^ bufp.u64[0]; ++ destp.u64[1] = srcp.u64[1] ^ bufp.u64[1]; ++ /* 32 bits */ ++ } else if ((align & 0x3) == 0) { ++ destp.u32[0] = srcp.u32[0] ^ bufp.u32[0]; ++ destp.u32[1] = srcp.u32[1] ^ bufp.u32[1]; ++ destp.u32[2] = srcp.u32[2] ^ bufp.u32[2]; ++ destp.u32[3] = srcp.u32[3] ^ bufp.u32[3]; ++ } else { ++ /*1 byte at a time*/ ++ size_t i; ++ for (i = 0; i < AES_BLOCK_SIZE; ++i) ++ dest[i] = src[i] ^ buf[i]; ++ } ++ ++ /* inc/decrement the pointers by the block size (16)*/ ++ destp.u += AES_BLOCK_SIZE; ++ srcp.u += AES_BLOCK_SIZE; ++ ++ /* Increment read index, switch queues on rollover */ ++ if ((ridx = (ridx + 1) % KQLEN) == 0) { ++ oldq = q; ++ ++ /* Mark next queue draining, may need to wait */ ++ c->qidx = (c->qidx + 1) % numkq; ++ q = &c->q[c->qidx]; ++ pthread_mutex_lock(&q->lock); ++ while (q->qstate != KQFULL) { ++ pthread_cond_wait(&q->cond, &q->lock); ++ } ++ q->qstate = KQDRAINING; ++ pthread_cond_broadcast(&q->cond); ++ pthread_mutex_unlock(&q->lock); ++ ++ /* Mark consumed queue empty and signal producers */ ++ pthread_mutex_lock(&oldq->lock); ++ oldq->qstate = KQEMPTY; ++ pthread_cond_broadcast(&oldq->cond); ++ pthread_mutex_unlock(&oldq->lock); ++ } ++ } while (len -= AES_BLOCK_SIZE); ++ c->ridx = ridx; ++ return 1; ++} ++ ++static int ++ssh_aes_ctr_init(EVP_CIPHER_CTX *ctx, const u_char *key, const u_char *iv, ++ int enc) ++{ ++ struct ssh_aes_ctr_ctx_mt *c; ++ int i; ++ ++ char *aes_threads = getenv("SSH_CIPHER_THREADS"); ++ if (aes_threads != NULL && strlen(aes_threads) != 0) ++ cipher_threads = atoi(aes_threads); ++ else ++ cipher_threads = 1; ++ ++ if (cipher_threads < 1) ++ cipher_threads = 1; ++ ++ if (cipher_threads > MAX_THREADS) ++ cipher_threads = MAX_THREADS; ++ ++ numkq = cipher_threads + 1; ++ ++ if (numkq > MAX_NUMKQ) ++ numkq = MAX_NUMKQ; ++ ++ debug("Starting %d threads and %d queues\n", cipher_threads, numkq); ++ ++ /* set up the initial state of c (our cipher stream struct) */ ++ if ((c = EVP_CIPHER_CTX_get_app_data(ctx)) == NULL) { ++ c = xmalloc(sizeof(*c)); ++ pthread_rwlock_init(&c->tid_lock, NULL); ++#ifdef __APPLE__ ++ pthread_rwlock_init(&c->stop_lock, NULL); ++ c->exit_flag = FALSE; ++#endif /* __APPLE__ */ ++ ++ c->state = HAVE_NONE; ++ ++ /* initialize the mutexs and conditions for each lock in our struct */ ++ for (i = 0; i < numkq; i++) { ++ pthread_mutex_init(&c->q[i].lock, NULL); ++ pthread_cond_init(&c->q[i].cond, NULL); ++ } ++ ++ /* attach our struct to the context */ ++ EVP_CIPHER_CTX_set_app_data(ctx, c); ++ } ++ ++ /* we are initializing but the current structure already ++ has an IV and key so we want to kill the existing key data ++ and start over. This is important when we need to rekey the data stream */ ++ if (c->state == (HAVE_KEY | HAVE_IV)) { ++ /* tell the pregen threads to exit */ ++ stop_and_join_pregen_threads(c); ++ ++#ifdef __APPLE__ ++ /* reset the exit flag */ ++ c->exit_flag = FALSE; ++#endif /* __APPLE__ */ ++ ++ /* Start over getting key & iv */ ++ c->state = HAVE_NONE; ++ } ++ ++ /* set the initial key for this key stream queue */ ++ if (key != NULL) { ++ AES_set_encrypt_key(key, EVP_CIPHER_CTX_key_length(ctx) * 8, ++ &c->aes_key); ++ c->orig_key = key; ++ c->keylen = EVP_CIPHER_CTX_key_length(ctx) * 8; ++ c->state |= HAVE_KEY; ++ } ++ ++ /* set the IV */ ++ if (iv != NULL) { ++ /* init the counter this is just a 16byte uchar */ ++ memcpy(c->aes_counter, iv, AES_BLOCK_SIZE); ++ c->state |= HAVE_IV; ++ } ++ ++ if (c->state == (HAVE_KEY | HAVE_IV)) { ++ /* Clear queues */ ++ /* set the first key in the key queue to the current counter */ ++ memcpy(c->q[0].ctr, c->aes_counter, AES_BLOCK_SIZE); ++ /* indicate that it needs to be initialized */ ++ c->q[0].qstate = KQINIT; ++ /* for each of the remaining queues set the first counter to the ++ * counter and then add the size of the queue to the counter */ ++ for (i = 1; i < numkq; i++) { ++ memcpy(c->q[i].ctr, c->aes_counter, AES_BLOCK_SIZE); ++ ssh_ctr_add(c->q[i].ctr, i * KQLEN, AES_BLOCK_SIZE); ++ c->q[i].qstate = KQEMPTY; ++ } ++ c->qidx = 0; ++ c->ridx = 0; ++ c->struct_id = global_struct_id++; ++ ++ ++ /* Start threads */ ++#define STACK_SIZE (1024 * 1024) ++ pthread_attr_t attr; ++ pthread_attr_init(&attr); ++ pthread_attr_setstacksize(&attr, STACK_SIZE); ++ for (i = 0; i < cipher_threads; i++) { ++ pthread_rwlock_wrlock(&c->tid_lock); ++ if (pthread_create(&c->tid[i], &attr, thread_loop, c) != 0) ++ fatal ("AES-CTR MT Could not create thread in %s", __FUNCTION__); ++ /*should die here */ ++ else { ++ c->id[i] = i; ++ debug ("AES-CTR MT spawned a thread with id %lu in %s (%lu, %d)", ++ c->tid[i], __FUNCTION__, c->struct_id, c->id[i]); ++ } ++ pthread_rwlock_unlock(&c->tid_lock); ++ } ++ pthread_mutex_lock(&c->q[0].lock); ++ // wait for all of the threads to be initialized ++ while (c->q[0].qstate == KQINIT) ++ pthread_cond_wait(&c->q[0].cond, &c->q[0].lock); ++ pthread_mutex_unlock(&c->q[0].lock); ++ } ++ return 1; ++} ++ ++static int ++ssh_aes_ctr_cleanup(EVP_CIPHER_CTX *ctx) ++{ ++ struct ssh_aes_ctr_ctx_mt *c; ++ ++ if ((c = EVP_CIPHER_CTX_get_app_data(ctx)) != NULL) { ++ stop_and_join_pregen_threads(c); ++ ++ memset(c, 0, sizeof(*c)); ++ free(c); ++ EVP_CIPHER_CTX_set_app_data(ctx, NULL); ++ } ++ return 1; ++} ++ ++/* */ ++const EVP_CIPHER * ++evp_aes_ctr_mt(void) ++{ ++ static EVP_CIPHER *aes_ctr; ++ aes_ctr = EVP_CIPHER_meth_new(NID_undef, 16/*block*/, 16/*key*/); ++ EVP_CIPHER_meth_set_iv_length(aes_ctr, AES_BLOCK_SIZE); ++ EVP_CIPHER_meth_set_init(aes_ctr, ssh_aes_ctr_init); ++ EVP_CIPHER_meth_set_cleanup(aes_ctr, ssh_aes_ctr_cleanup); ++ EVP_CIPHER_meth_set_do_cipher(aes_ctr, ssh_aes_ctr); ++# ifndef SSH_OLD_EVP ++ EVP_CIPHER_meth_set_flags(aes_ctr, EVP_CIPH_CBC_MODE ++ | EVP_CIPH_VARIABLE_LENGTH ++ | EVP_CIPH_ALWAYS_CALL_INIT ++ | EVP_CIPH_CUSTOM_IV); ++# endif /*SSH_OLD_EVP*/ ++ return aes_ctr; ++} ++#endif /* OSSL Check */ +diff -Nur openssh-9.6p1.orig/cipher-ctr-mt-functions.c openssh-9.6p1/cipher-ctr-mt-functions.c +--- openssh-9.6p1.orig/cipher-ctr-mt-functions.c 1970-01-01 01:00:00.000000000 +0100 ++++ openssh-9.6p1/cipher-ctr-mt-functions.c 2024-07-10 13:34:02.713358574 +0200 +@@ -0,0 +1,668 @@ ++/* ++ * OpenSSH Multi-threaded AES-CTR Cipher Provider for OpenSSL 3 ++ * ++ * Author: Benjamin Bennett ++ * Author: Mike Tasota ++ * Author: Chris Rapier ++ * Copyright (c) 2008-2022 Pittsburgh Supercomputing Center. All rights reserved. ++ * ++ * Based on original OpenSSH AES-CTR cipher. Small portions remain unchanged, ++ * Copyright (c) 2003 Markus Friedl ++ * ++ * Permission to use, copy, modify, and distribute this software for any ++ * purpose with or without fee is hereby granted, provided that the above ++ * copyright notice and this permission notice appear in all copies. ++ * ++ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES ++ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF ++ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ++ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES ++ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ++ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF ++ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. ++ */ ++ ++#include "includes.h" ++ ++/* only for systems with OSSL 3 */ ++#ifdef WITH_OPENSSL3 ++#include ++#include ++#include ++#include "xmalloc.h" ++#include ++#include "cipher-ctr-mt-functions.h" ++#include "log.h" ++ ++/* for provider error struct */ ++#include "ossl3-provider-err.h" ++#include "num.h" ++ ++/* note regarding threads and queues */ ++/* initially this cipher was written in a way that ++ * the key stream was generated in a per cipher block ++ * loop. For example, if the key stream queue length was ++ * 16k and the cipher block size was 16 bytes it would ++ * fill the queue 16 bytes at a time. Mitch Dorrell pointed ++ * out that we could fill the queue in once call eliminating ++ * loop and multiple calls to EVP_EncryptUpdate. Doing so ++ * dramatically reduced CPU load in the threads and indicated ++ * that we could also eliminate most of the threads and queues ++ * as it would take far less time for a queue to ebter KQ_FULL ++ * state. As such, we've reduced the default number of threads ++ * and queues from 2 and 8 (respectively) to 1 and 2. We've also ++ * elimnated the need to determine the physical number of cores on ++ * the system and, if the user desires, can spin up more threads ++ * using an environment variable. Additionally, queues is now fixed ++ * at thread_count + 1. ++ * cjr 10/19/2022 */ ++ ++/*-------------------- TUNABLES --------------------*/ ++/* Number of pregen threads to use */ ++/* this is a default value. The actual number is ++ * determined during init as a function of the number ++ * of available cores */ ++int cipher_threads = 1; ++ ++/* Number of keystream queues */ ++/* ideally this should be large enough so that there is ++ * always a key queue for a thread to work on ++ * so maybe double of the number of threads. Again this ++ * is a default and the actual value is determined in init*/ ++int numkq = 2; ++/*-------------------- END TUNABLES --------------------*/ ++ ++/* globals */ ++/* how we increment the id the structs we create */ ++long unsigned int global_struct_id = 0; ++ ++/* keep a copy of the pointers created in thread_loop to free later */ ++struct aes_mt_ctx_ptrs *evp_ptrs = NULL; ++ ++/* private functions */ ++ ++/* ++ * Add num to counter 'ctr' ++ */ ++static void ++ssh_ctr_add(u_char *ctr, uint32_t num, u_int len) ++{ ++ int i; ++ uint16_t n; ++ ++ for (n = 0, i = len - 1; i >= 0 && (num || n); i--) { ++ n = ctr[i] + (num & 0xff) + n; ++ num >>= 8; ++ ctr[i] = n & 0xff; ++ n >>= 8; ++ } ++} ++ ++/* ++ * Threads may be cancelled in a pthread_cond_wait, we must free the mutex ++ */ ++static void ++thread_loop_cleanup(void *x) ++{ ++ pthread_mutex_unlock((pthread_mutex_t *)x); ++} ++ ++#ifdef __APPLE__ ++/* Check if we should exit, we are doing both cancel and exit condition ++ * since on OSX threads seem to occasionally fail to notice when they have ++ * been cancelled. We want to have a backup to make sure that we won't hang ++ * when the main process join()-s the cancelled thread. ++ */ ++static void ++thread_loop_check_exit(struct aes_mt_ctx_st *aes_mt_ctx) ++{ ++ int exit_flag; ++ ++ pthread_rwlock_rdlock(&aes_mt_ctx->stop_lock); ++ exit_flag = aes_mt_ctx->exit_flag; ++ pthread_rwlock_unlock(&aes_mt_ctx->stop_lock); ++ ++ if (exit_flag) ++ pthread_exit(NULL); ++} ++#else ++# define thread_loop_check_exit(s) ++#endif /* __APPLE__ */ ++ ++/* ++ * Helper function to terminate the helper threads ++ */ ++static void ++stop_and_join_pregen_threads(struct aes_mt_ctx_st *aes_mt_ctx) ++{ ++ int i; ++ ++#ifdef __APPLE__ ++ /* notify threads that they should exit */ ++ pthread_rwlock_wrlock(&aes_mt_ctx->stop_lock); ++ aes_mt_ctx->exit_flag = TRUE; ++ pthread_rwlock_unlock(&aes_mt_ctx->stop_lock); ++#endif /* __APPLE__ */ ++ ++ /* Cancel pregen threads */ ++ for (i = 0; i < cipher_threads; i++) { ++ debug_f ("Canceled %lu (%lu,%d)", aes_mt_ctx->tid[i], aes_mt_ctx->struct_id, ++ aes_mt_ctx->id[i]); ++ pthread_cancel(aes_mt_ctx->tid[i]); ++ } ++ for (i = 0; i < cipher_threads; i++) { ++ if (pthread_kill(aes_mt_ctx->tid[i], 0) != 0) ++ debug3("AES-CTR MT pthread_join failure: Invalid thread id %lu in %s", ++ aes_mt_ctx->tid[i], __func__); ++ else { ++ debug_f ("Joining %lu (%lu, %d)", aes_mt_ctx->tid[i], aes_mt_ctx->struct_id, ++ aes_mt_ctx->id[i]); ++ pthread_join(aes_mt_ctx->tid[i], NULL); ++ /* this finds the entry in the hash that corresponding to the ++ * thread id. That's used to find the pointer to the cipher struct ++ * created in thread_loop. */ ++ struct aes_mt_ctx_ptrs *ptr; ++ HASH_FIND_INT(evp_ptrs, &aes_mt_ctx->tid[i], ptr); ++ EVP_CIPHER_CTX_free(ptr->pointer); ++ HASH_DEL(evp_ptrs, ptr); ++ free(ptr); ++ } ++ } ++ pthread_rwlock_destroy(&aes_mt_ctx->tid_lock); ++} ++ ++/* determine the number of threads to use ++ * Testing indicates that in most all situations the optimal number of ++ * threads is 1 meaning 1 for inbound and 1 for outbound. The optimal ++ * queue count has also been determined to be thread_count + 1. ++ * note this function updates two globals - numkq and cipher_threads ++ * it returns the value of cipher_threads but it doesn't need to */ ++static int get_thread_count() { ++ ++ char * aes_threads = getenv("SSH_CIPHER_THREADS"); ++ debug_f ("SSH thread count is %s", aes_threads); ++ if (aes_threads != NULL && strlen(aes_threads) != 0) ++ cipher_threads = atoi(aes_threads); ++ else ++ cipher_threads = 1; ++ ++ if (cipher_threads < 1) ++ cipher_threads = 1; ++ ++ if (cipher_threads > MAX_THREADS) ++ cipher_threads = MAX_THREADS; ++ ++ numkq = cipher_threads + 1; ++ ++ if (numkq > MAX_NUMKQ) ++ numkq = MAX_NUMKQ; ++ ++ debug_f ("Starting %d threads and %d queues\n", cipher_threads, numkq); ++ ++ return (cipher_threads); ++} ++ ++ ++/* ++ * The life of a pregen thread: ++ * Find empty keystream queues and fill them using their counter. ++ * When done, update counter for the next fill. ++ */ ++static void * ++thread_loop(void *job) ++{ ++ EVP_CIPHER_CTX *evp_ctx; ++ struct aes_mt_ctx_st *aes_mt_ctx = job; ++ struct kq *q; ++ struct aes_mt_ctx_ptrs *ptr; ++ pthread_t first_tid; ++ int outlen; ++ u_char mynull[KQLEN * AES_BLOCK_SIZE]; ++ memset(&mynull, 0, KQLEN * AES_BLOCK_SIZE); ++ ++ /* get the thread id to see if this is the first one */ ++ pthread_rwlock_rdlock(&aes_mt_ctx->tid_lock); ++ first_tid = aes_mt_ctx->tid[0]; ++ pthread_rwlock_unlock(&aes_mt_ctx->tid_lock); ++ ++ /* create the context for this thread */ ++ evp_ctx = EVP_CIPHER_CTX_new(); ++ ++ /* keep track of the pointer for the evp in this struct ++ * so we can free it later. So we place it in a hash indexed on the ++ * thread id, which is available to us in the free function. ++ * Note, the thread id isn't necessary unique across rekeys but ++ * that's okay as they are unique during a key. */ ++ ptr = malloc(sizeof *ptr); /*freed in stop & prejoin */ ++ ptr->tid = pthread_self(); /* index for hash */ ++ ptr->pointer = evp_ctx; ++ HASH_ADD_INT(evp_ptrs, tid, ptr); ++ ++ /* initialize the cipher ctx with the key provided ++ * determinbe which cipher to use based on the key size */ ++ if (aes_mt_ctx->keylen == 256) ++ EVP_EncryptInit_ex(evp_ctx, EVP_aes_256_ctr(), NULL, aes_mt_ctx->orig_key, NULL); ++ else if (aes_mt_ctx->keylen == 128) ++ EVP_EncryptInit_ex(evp_ctx, EVP_aes_128_ctr(), NULL, aes_mt_ctx->orig_key, NULL); ++ else if (aes_mt_ctx->keylen == 192) ++ EVP_EncryptInit_ex(evp_ctx, EVP_aes_192_ctr(), NULL, aes_mt_ctx->orig_key, NULL); ++ else ++ fatal("Invalid key length of %d in AES CTR MT. Exiting", aes_mt_ctx->keylen); ++ ++ /* ++ * Handle the special case of startup, one thread must fill ++ * the first KQ then mark it as draining. Lock held throughout. ++ */ ++ if (pthread_equal(pthread_self(), first_tid)) { ++ /* get the first element of the key queue struct */ ++ q = &aes_mt_ctx->q[0]; ++ pthread_mutex_lock(&q->lock); ++ /* if we are in the INIT state then fill the queue */ ++ if (q->qstate == KQINIT) { ++ /* set the initial counter */ ++ EVP_EncryptInit_ex(evp_ctx, NULL, NULL, NULL, q->ctr); ++ /* encypher a block sized null string (mynull) with the key. This ++ * returns the keystream because xoring the keystream ++ * against null returns the keystream. Store that in the appropriate queue */ ++ EVP_EncryptUpdate(evp_ctx, q->keys[0], &outlen, mynull, KQLEN * AES_BLOCK_SIZE); ++ /* Update the aes counter */ ++ ssh_ctr_add(q->ctr, KQLEN * numkq, AES_BLOCK_SIZE); ++ /* since this is the first thread set it to draining */ ++ q->qstate = KQDRAINING; ++ pthread_cond_broadcast(&q->cond); ++ } ++ pthread_mutex_unlock(&q->lock); ++ } ++ ++ /* ++ * Normal case is to find empty queues and fill them, skipping over ++ * queues already filled by other threads and stopping to wait for ++ * a draining queue to become empty. ++ * ++ * Multiple threads may be waiting on a draining queue and awoken ++ * when empty. The first thread to wake will mark it as filling, ++ * others will move on to fill, skip, or wait on the next queue. ++ * We init qidx here because if we do it at the top of the function ++ * we get a warning about it possibly being clobbered. The exact reason ++ * doesn't make a lot of sense but it has to happen after the ++ * first pthread_rwlock_rdlock(). Might have something to do with ++ * incorrect compiler optimizations. ++ */ ++ int qidx; ++ for (qidx = 1;; qidx = (qidx + 1) % numkq) { ++ /* Check if I was cancelled, also checked in cond_wait */ ++ pthread_testcancel(); ++ ++ /* Check if we should exit as well */ ++ thread_loop_check_exit(aes_mt_ctx); ++ ++ /* Lock queue and block if its draining */ ++ q = &aes_mt_ctx->q[qidx]; ++ pthread_mutex_lock(&q->lock); ++ pthread_cleanup_push(thread_loop_cleanup, &q->lock); ++ while (q->qstate == KQDRAINING || q->qstate == KQINIT) { ++ thread_loop_check_exit(aes_mt_ctx); ++ pthread_cond_wait(&q->cond, &q->lock); ++ } ++ pthread_cleanup_pop(0); ++ ++ /* If filling or full, somebody else got it, skip */ ++ if (q->qstate != KQEMPTY) { ++ pthread_mutex_unlock(&q->lock); ++ continue; ++ } ++ ++ /* ++ * Empty, let's fill it. ++ * Queue lock is relinquished while we do this so others ++ * can see that it's being filled. ++ */ ++ q->qstate = KQFILLING; ++ pthread_cond_broadcast(&q->cond); ++ pthread_mutex_unlock(&q->lock); ++ ++ /* set the initial counter */ ++ EVP_EncryptInit_ex(evp_ctx, NULL, NULL, NULL, q->ctr); ++ ++ /* see coresponding block above for useful comments */ ++ EVP_EncryptUpdate(evp_ctx, q->keys[0], &outlen, mynull, KQLEN * AES_BLOCK_SIZE); ++ ++ /* Re-lock, mark full and signal consumer */ ++ pthread_mutex_lock(&q->lock); ++ ssh_ctr_add(q->ctr, KQLEN * numkq, AES_BLOCK_SIZE); ++ q->qstate = KQFULL; ++ pthread_cond_broadcast(&q->cond); ++ pthread_mutex_unlock(&q->lock); ++ } ++ ++ return NULL; ++} ++ ++ ++/* Our version of the EVP functions ++ * these are public as they are used by the provider */ ++ ++/* instantiate the cipher context. ++ * in this we create the EVP ctx and the AES ctx, setup the AES ctx ++ * initialize the EVP and then attach the AES ctx to the EVP ctx. ++ * The *only* difference between aes_mt_newctx_256|192|128 is the ++ * keylength of the cipher used in EVP_CipherInit ++ * parameters: provider context ++ * returns: EVP context ++ */ ++/* honestly the way this works makes me think that there has to be ++ * a better way of doing this however, I've yet to find one that doesn't ++ * involve more madness. I think that's mostly becase I don't understand ++ * how params work properly. I feel like I shoudl be able to use them ++ * to specify the key length but... also, I'd think I'd be able to ++ * set aes_mt_ctx_st->keylen to the keylength but that doesn't seem to ++ * work either. That said, this does work even if it's a bit clunky. ++ * -cjr 09/08/2022 */ ++void *aes_mt_newctx_256(void *provctx) ++{ ++ struct aes_mt_ctx_st *aes_mt_ctx = malloc(sizeof(*aes_mt_ctx)); ++ EVP_CIPHER_CTX *evp_ctx = EVP_CIPHER_CTX_new(); ++ ++ if ((aes_mt_ctx != NULL) && (evp_ctx != NULL)) { ++ get_thread_count(); /* update cipher_threads and numkq */ ++ pthread_rwlock_init(&aes_mt_ctx->tid_lock, NULL); ++#ifdef __APPLE__ ++ pthread_rwlock_init(&aes_mt_ctx->stop_lock, NULL); ++ aes_mt_ctx->exit_flag = FALSE; ++#endif /* __APPLE__ */ ++ ++ aes_mt_ctx->state = HAVE_NONE; ++ ++ /* initialize the mutexs and conditions for each lock in our struct */ ++ for (int i = 0; i < numkq; i++) { ++ pthread_mutex_init(&aes_mt_ctx->q[i].lock, NULL); ++ pthread_cond_init(&aes_mt_ctx->q[i].cond, NULL); ++ } ++ aes_mt_ctx->provctx = provctx; ++ EVP_CipherInit(evp_ctx, EVP_aes_256_ctr(), NULL, NULL, 0); ++ EVP_CIPHER_CTX_set_app_data(evp_ctx, aes_mt_ctx); ++ return evp_ctx; ++ } ++ return NULL; ++} ++ ++void *aes_mt_newctx_192(void *provctx) ++{ ++ struct aes_mt_ctx_st *aes_mt_ctx = malloc(sizeof(*aes_mt_ctx)); ++ EVP_CIPHER_CTX *evp_ctx = EVP_CIPHER_CTX_new(); ++ ++ if ((aes_mt_ctx != NULL) && (evp_ctx != NULL)) { ++ get_thread_count(); /* update cipher_threads and numkq */ ++ pthread_rwlock_init(&aes_mt_ctx->tid_lock, NULL); ++#ifdef __APPLE__ ++ pthread_rwlock_init(&aes_mt_ctx->stop_lock, NULL); ++ aes_mt_ctx->exit_flag = FALSE; ++#endif /* __APPLE__ */ ++ ++ aes_mt_ctx->state = HAVE_NONE; ++ ++ /* initialize the mutexs and conditions for each lock in our struct */ ++ for (int i = 0; i < numkq; i++) { ++ pthread_mutex_init(&aes_mt_ctx->q[i].lock, NULL); ++ pthread_cond_init(&aes_mt_ctx->q[i].cond, NULL); ++ } ++ aes_mt_ctx->provctx = provctx; ++ EVP_CipherInit(evp_ctx, EVP_aes_192_ctr(), NULL, NULL, 0); ++ EVP_CIPHER_CTX_set_app_data(evp_ctx, aes_mt_ctx); ++ return evp_ctx; ++ } ++ return NULL; ++} ++ ++void *aes_mt_newctx_128(void *provctx) ++{ ++ struct aes_mt_ctx_st *aes_mt_ctx = malloc(sizeof(*aes_mt_ctx)); ++ EVP_CIPHER_CTX *evp_ctx = EVP_CIPHER_CTX_new(); ++ ++ if ((aes_mt_ctx != NULL) && (evp_ctx != NULL)) { ++ get_thread_count(); /* update cipher_threads and numkq */ ++ pthread_rwlock_init(&aes_mt_ctx->tid_lock, NULL); ++#ifdef __APPLE__ ++ pthread_rwlock_init(&aes_mt_ctx->stop_lock, NULL); ++ aes_mt_ctx->exit_flag = FALSE; ++#endif /* __APPLE__ */ ++ ++ aes_mt_ctx->state = HAVE_NONE; ++ ++ /* initialize the mutexs and conditions for each lock in our struct */ ++ for (int i = 0; i < numkq; i++) { ++ pthread_mutex_init(&aes_mt_ctx->q[i].lock, NULL); ++ pthread_cond_init(&aes_mt_ctx->q[i].cond, NULL); ++ } ++ aes_mt_ctx->provctx = provctx; ++ EVP_CipherInit(evp_ctx, EVP_aes_128_ctr(), NULL, NULL, 0); ++ EVP_CIPHER_CTX_set_app_data(evp_ctx, aes_mt_ctx); ++ return evp_ctx; ++ } ++ return NULL; ++} ++ ++/* this function expects a void but we need the actual context ++ * to get the app_data. ++ */ ++void aes_mt_freectx(void *vevp_ctx) ++{ ++ EVP_CIPHER_CTX *evp_ctx = vevp_ctx; ++ struct aes_mt_ctx_st *aes_mt_ctx; ++ ++ if ((aes_mt_ctx = EVP_CIPHER_CTX_get_app_data(evp_ctx)) != NULL) { ++ stop_and_join_pregen_threads(aes_mt_ctx); ++ ++ memset(aes_mt_ctx, 0, sizeof(*aes_mt_ctx)); ++ free(aes_mt_ctx); ++ EVP_CIPHER_CTX_set_app_data(evp_ctx, NULL); ++ } ++ EVP_CIPHER_CTX_free(evp_ctx); ++} ++ ++/* this function takes the EVP context, gets the AES context ++ * and starts the various threads we need */ ++int aes_mt_start_threads(void *vevp_ctx, const u_char *key, ++ size_t keylen, const u_char *iv, ++ size_t ivlen, const OSSL_PARAM *ossl_params) ++{ ++ EVP_CIPHER_CTX *evp_ctx = vevp_ctx; ++ struct aes_mt_ctx_st *aes_mt_ctx; ++ ++ ++ /* get the initial state of aes_mt_ctx (our cipher stream struct) */ ++ if ((aes_mt_ctx = EVP_CIPHER_CTX_get_app_data(evp_ctx)) == NULL) { ++ fatal("Missing AES MT context data!"); ++ } ++ ++ /* we are initializing but the current structure already ++ * has an IV and key so we want to kill the existing key data ++ * and start over. This is important when we need to rekey the data stream */ ++ if (aes_mt_ctx->state == (HAVE_KEY | HAVE_IV)) { ++ /* tell the pregen threads to exit */ ++ stop_and_join_pregen_threads(aes_mt_ctx); ++ ++#ifdef __APPLE__ ++ /* reset the exit flag */ ++ aes_mt_ctx->exit_flag = FALSE; ++#endif /* __APPLE__ */ ++ ++ /* Start over getting key & iv */ ++ aes_mt_ctx->state = HAVE_NONE; ++ } ++ ++ /* set the initial key for this key stream queue */ ++ if (key != NULL) { ++ aes_mt_ctx->keylen = EVP_CIPHER_CTX_key_length(evp_ctx) * 8; ++ aes_mt_ctx->orig_key = key; ++ aes_mt_ctx->state |= HAVE_KEY; ++ } ++ ++ /* set the IV */ ++ if (iv != NULL) { ++ /* init the counter this is just a 16byte uchar */ ++ memcpy(aes_mt_ctx->aes_counter, iv, AES_BLOCK_SIZE); ++ aes_mt_ctx->state |= HAVE_IV; ++ } ++ ++ if (aes_mt_ctx->state == (HAVE_KEY | HAVE_IV)) { ++ /* Clear queues */ ++ /* set the first key in the key queue to the current counter */ ++ memcpy(aes_mt_ctx->q[0].ctr, aes_mt_ctx->aes_counter, AES_BLOCK_SIZE); ++ /* indicate that it needs to be initialized */ ++ aes_mt_ctx->q[0].qstate = KQINIT; ++ /* for each of the remaining queues set the first counter to the ++ * counter and then add the size of the queue to the counter */ ++ for (int i = 1; i < numkq; i++) { ++ memcpy(aes_mt_ctx->q[i].ctr, aes_mt_ctx->aes_counter, AES_BLOCK_SIZE); ++ ssh_ctr_add(aes_mt_ctx->q[i].ctr, i * KQLEN, AES_BLOCK_SIZE); ++ aes_mt_ctx->q[i].qstate = KQEMPTY; ++ } ++ aes_mt_ctx->qidx = 0; ++ aes_mt_ctx->ridx = 0; ++ aes_mt_ctx->struct_id = global_struct_id++; ++ ++ /* Start threads. Make sure we have enough stack space (under alpine) ++ * and aren't using more than we need (linux). This can be as low as ++ * 512KB but that's a minimum. 1024KB gives us a little headroom if we ++ * need it */ ++#define STACK_SIZE (1024 * 1024) ++ pthread_attr_t attr; ++ pthread_attr_init(&attr); ++ pthread_attr_setstacksize(&attr, STACK_SIZE); ++ for (int i = 0; i < cipher_threads; i++) { ++ pthread_rwlock_wrlock(&aes_mt_ctx->tid_lock); ++ if (pthread_create(&aes_mt_ctx->tid[i], &attr, thread_loop, aes_mt_ctx) != 0) ++ fatal ("AES-CTR MT Could not create thread in %s", __func__); ++ else { ++ aes_mt_ctx->id[i] = i; ++ debug_f ("AES-CTR MT spawned a thread with id %lu (%lu, %d)", ++ aes_mt_ctx->tid[i], aes_mt_ctx->struct_id, ++ aes_mt_ctx->id[i]); ++ } ++ pthread_rwlock_unlock(&aes_mt_ctx->tid_lock); ++ } ++ pthread_mutex_lock(&aes_mt_ctx->q[0].lock); ++ // wait for all of the threads to be initialized ++ while (aes_mt_ctx->q[0].qstate == KQINIT) ++ pthread_cond_wait(&aes_mt_ctx->q[0].cond, &aes_mt_ctx->q[0].lock); ++ pthread_mutex_unlock(&aes_mt_ctx->q[0].lock); ++ } ++ return 1; ++} ++ ++/* this should correspond to ssh_aes_ctr ++ * OSSL_CORE_MAKE_FUNC(int, cipher_cipher, ++ * (void *cctx, ++ * unsigned char *out, size_t *outl, size_t outsize, ++ * const unsigned char *in, size_t inl)) ++ */ ++ ++int aes_mt_do_cipher(void *vevp_ctx, ++ u_char *dest, size_t *destlen, size_t destsize, ++ const u_char *src, size_t len) ++{ ++ typedef union { ++#ifdef CIPHER_INT128_OK ++ __uint128_t *u128; ++#endif ++ uint64_t *u64; ++ uint32_t *u32; ++ uint8_t *u8; ++ const uint8_t *cu8; ++ uintptr_t u; ++ } ptrs_t; ++ ptrs_t destp, srcp, bufp; ++ uintptr_t align; ++ struct aes_mt_ctx_st *aes_mt_ctx; ++ struct kq *q, *oldq; ++ int ridx; ++ u_char *buf; ++ EVP_CIPHER_CTX *evp_ctx = vevp_ctx; ++ ++ if (len == 0) ++ return 1; ++ ++ if ((aes_mt_ctx = EVP_CIPHER_CTX_get_app_data(evp_ctx)) == NULL) ++ return 0; ++ ++ q = &aes_mt_ctx->q[aes_mt_ctx->qidx]; ++ ridx = aes_mt_ctx->ridx; ++ ++ /* src already padded to block multiple */ ++ srcp.cu8 = src; ++ destp.u8 = dest; ++ do { /* do until len is 0 */ ++ buf = q->keys[ridx]; ++ bufp.u8 = buf; ++ ++ /* figure out the alignment on the fly */ ++#ifdef CIPHER_UNALIGNED_OK ++ align = 0; ++#else ++ align = destp.u | srcp.u | bufp.u; ++#endif ++ ++ /* xor the src against the key (buf) ++ * different systems can do all 16 bytes at once or ++ * may need to do it in 8 or 4 bytes chunks ++ * worst case is doing it as a loop */ ++#ifdef CIPHER_INT128_OK ++ /* with GCC 13 we have having consistent seg faults ++ * in this section of code. Since this is a critical ++ * code path we are removing this until we have a solution ++ * in place -cjr 02/22/24 ++ * TODO: FIX THIS ++ */ ++ /* if ((align & 0xf) == 0) { */ ++ /* destp.u128[0] = srcp.u128[0] ^ bufp.u128[0]; */ ++ /* } else */ ++#endif ++ /* 64 bits */ ++ if ((align & 0x7) == 0) { ++ destp.u64[0] = srcp.u64[0] ^ bufp.u64[0]; ++ destp.u64[1] = srcp.u64[1] ^ bufp.u64[1]; ++ /* 32 bits */ ++ } else if ((align & 0x3) == 0) { ++ destp.u32[0] = srcp.u32[0] ^ bufp.u32[0]; ++ destp.u32[1] = srcp.u32[1] ^ bufp.u32[1]; ++ destp.u32[2] = srcp.u32[2] ^ bufp.u32[2]; ++ destp.u32[3] = srcp.u32[3] ^ bufp.u32[3]; ++ } else { ++ /*1 byte at a time*/ ++ size_t i; ++ for (i = 0; i < AES_BLOCK_SIZE; ++i) ++ dest[i] = src[i] ^ buf[i]; ++ } ++ ++ /* inc/decrement the pointers by the block size (16)*/ ++ destp.u += AES_BLOCK_SIZE; ++ srcp.u += AES_BLOCK_SIZE; ++ ++ /* Increment read index, switch queues on rollover */ ++ if ((ridx = (ridx + 1) % KQLEN) == 0) { ++ oldq = q; ++ ++ /* Mark next queue draining, may need to wait */ ++ aes_mt_ctx->qidx = (aes_mt_ctx->qidx + 1) % numkq; ++ q = &aes_mt_ctx->q[aes_mt_ctx->qidx]; ++ pthread_mutex_lock(&q->lock); ++ while (q->qstate != KQFULL) { ++ pthread_cond_wait(&q->cond, &q->lock); ++ } ++ q->qstate = KQDRAINING; ++ pthread_cond_broadcast(&q->cond); ++ pthread_mutex_unlock(&q->lock); ++ ++ /* Mark consumed queue empty and signal producers */ ++ pthread_mutex_lock(&oldq->lock); ++ oldq->qstate = KQEMPTY; ++ pthread_cond_broadcast(&oldq->cond); ++ pthread_mutex_unlock(&oldq->lock); ++ } ++ } while (len -= AES_BLOCK_SIZE); ++ aes_mt_ctx->ridx = ridx; ++ return 1; ++} ++ ++#endif /*WITH_OPENSSL3*/ +diff -Nur openssh-9.6p1.orig/cipher-ctr-mt-functions.h openssh-9.6p1/cipher-ctr-mt-functions.h +--- openssh-9.6p1.orig/cipher-ctr-mt-functions.h 1970-01-01 01:00:00.000000000 +0100 ++++ openssh-9.6p1/cipher-ctr-mt-functions.h 2024-07-10 13:34:02.714358576 +0200 +@@ -0,0 +1,142 @@ ++/* ++ * OpenSSH Multi-threaded AES-CTR Cipher Provider for OpenSSL 3 ++ * ++ * Author: Benjamin Bennett ++ * Author: Mike Tasota ++ * Author: Chris Rapier ++ * Copyright (c) 2008-2022 Pittsburgh Supercomputing Center. All rights reserved. ++ * ++ * Based on original OpenSSH AES-CTR cipher. Small portions remain unchanged, ++ * Copyright (c) 2003 Markus Friedl ++ * ++ * Permission to use, copy, modify, and distribute this software for any ++ * purpose with or without fee is hereby granted, provided that the above ++ * copyright notice and this permission notice appear in all copies. ++ * ++ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES ++ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF ++ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ++ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES ++ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ++ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF ++ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. ++ */ ++ ++#ifndef CTR_MT_FUNCS ++#define CTR_MT_FUNCS ++ ++/* includes */ ++#include "includes.h" /* needed to get version number */ ++#include ++#include ++#include "cipher-aesctr.h" ++#include "uthash.h" ++ ++#ifndef USE_BUILTIN_RIJNDAEL ++#include ++#endif ++ ++/* only for systems with OSSL 3 */ ++#ifdef WITH_OPENSSL3 ++ ++/*-------------------- TUNABLES --------------------*/ ++/* maximum number of threads and queues */ ++#define MAX_THREADS 32 ++#define MAX_NUMKQ (MAX_THREADS + 1) ++ ++/* one queue holds 8192 * 4 * 16B (512KB) of key data ++ * being that the queues are destroyed after a rekey ++ * and at leats one has to be fully filled prior to ++ * enciphering data we don't want this to be too large */ ++#define KQLEN (8192 * 4) ++ ++/* Processor cacheline length */ ++#define CACHELINE_LEN 64 ++ ++/* Can the system do unaligned loads natively? */ ++#if defined(__aarch64__) || \ ++ defined(__i386__) || \ ++ defined(__powerpc__) || \ ++ defined(__x86_64__) ++# define CIPHER_UNALIGNED_OK ++#endif ++#if defined(__SIZEOF_INT128__) ++# define CIPHER_INT128_OK ++#endif ++ ++/* context states */ ++#define HAVE_NONE 0 ++#define HAVE_KEY 1 ++#define HAVE_IV 2 ++ ++/* Keystream Queue state */ ++enum { ++ KQINIT, ++ KQEMPTY, ++ KQFILLING, ++ KQFULL, ++ KQDRAINING ++}; ++ ++/* structs */ ++ ++/* provider struct */ ++struct provider_ctx_st { ++ const OSSL_CORE_HANDLE *core_handle; ++ struct proverr_functions_st *proverr_handle; ++}; ++ ++/* Keystream Queue struct */ ++struct kq { ++ u_char keys[KQLEN][AES_BLOCK_SIZE]; /* [32768][16B] */ ++ u_char ctr[AES_BLOCK_SIZE]; /* 16B */ ++ u_char pad0[CACHELINE_LEN]; ++ pthread_mutex_t lock; ++ pthread_cond_t cond; ++ int qstate; ++ u_char pad1[CACHELINE_LEN]; ++}; ++ ++/* AES MT context struct */ ++struct aes_mt_ctx_st { ++ struct provider_ctx_st *provctx; ++ long unsigned int struct_id; ++ int keylen; ++ int state; ++ int qidx; ++ int ridx; ++ int id[MAX_THREADS]; /* 32 */ ++ AES_KEY aes_key; ++ const u_char *orig_key; ++ u_char aes_counter[AES_BLOCK_SIZE]; /* 16B */ ++ pthread_t tid[MAX_THREADS]; /* 32 */ ++ pthread_rwlock_t tid_lock; ++ struct kq q[MAX_NUMKQ]; /* 33 */ ++#ifdef __APPLE__ ++ pthread_rwlock_t stop_lock; ++ int exit_flag; ++#endif /* __APPLE__ */ ++ int ongoing; /* possibly not needed */ ++}; ++ ++/* this holds an array of evp context pointers that are ++ * created in thread_loop. Since we can't effectively free those ++ * contexts in thread_loop we keep a copy of those pointers here ++ * and then free them in stop_and_join_pregenthreads ++ * cjr 2/2/2023 ++ */ ++struct aes_mt_ctx_ptrs { ++ EVP_CIPHER_CTX *pointer; ++ pthread_t tid; ++ UT_hash_handle hh; ++}; ++ ++int aes_mt_do_cipher(void *, u_char *, size_t *, size_t, const u_char *, size_t); ++int aes_mt_start_threads(void *, const u_char *, size_t, const u_char *, size_t, const OSSL_PARAM *); ++void aes_mt_freectx(void *); ++void *aes_mt_newctx_256(void *); ++void *aes_mt_newctx_192(void *); ++void *aes_mt_newctx_128(void *); ++ ++#endif /* WITH OPENSSL */ ++#endif /* CTR_MT_FUNCS */ +diff -Nur openssh-9.6p1.orig/cipher-ctr-mt-provider.c openssh-9.6p1/cipher-ctr-mt-provider.c +--- openssh-9.6p1.orig/cipher-ctr-mt-provider.c 1970-01-01 01:00:00.000000000 +0100 ++++ openssh-9.6p1/cipher-ctr-mt-provider.c 2024-07-10 13:34:02.714358576 +0200 +@@ -0,0 +1,390 @@ ++/* ++ * OpenSSH Multi-threaded AES-CTR Cipher Provider for OpenSSL 3 ++ * ++ * Author: Chris Rapier ++ * Copyright (c) 2022 Pittsburgh Supercomputing Center. All rights reserved. ++ * ++ * Permission to use, copy, modify, and distribute this software for any ++ * purpose with or without fee is hereby granted, provided that the above ++ * copyright notice and this permission notice appear in all copies. ++ * ++ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES ++ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF ++ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ++ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES ++ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ++ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF ++ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. ++ */ ++ ++/* based on vienere.c from https://github.com/provider-corner/vigenere by ++ * Richard Levitte provided under a CC0 Public License. */ ++ ++#include "includes.h" ++ ++/* only for systems with OSSL 3.0+ */ ++#ifdef WITH_OPENSSL3 ++ ++#include ++#include ++#include ++#include ++#include ++#include ++#include "xmalloc.h" ++#include "ossl3-provider-err.h" ++#include "num.h" ++#include "cipher-ctr-mt-functions.h" ++ ++#define ERR_HANDLE(ctx) ((ctx)->provctx->proverr_handle) ++ ++/* forward declartion of cipher functions */ ++/* cipher context functions */ ++OSSL_FUNC_cipher_newctx_fn aes_mt_newctx_256; ++OSSL_FUNC_cipher_newctx_fn aes_mt_newctx_192; ++OSSL_FUNC_cipher_newctx_fn aes_mt_newctx_128; ++OSSL_FUNC_cipher_freectx_fn aes_mt_freectx; ++ ++/* param related function*/ ++static OSSL_FUNC_cipher_get_params_fn aes_mt_get_params_256; ++static OSSL_FUNC_cipher_get_params_fn aes_mt_get_params_192; ++static OSSL_FUNC_cipher_get_params_fn aes_mt_get_params_128; ++static OSSL_FUNC_cipher_gettable_params_fn aes_mt_gettable_params; ++static OSSL_FUNC_cipher_set_ctx_params_fn aes_mt_set_ctx_params; ++static OSSL_FUNC_cipher_get_ctx_params_fn aes_mt_get_ctx_params; ++static OSSL_FUNC_cipher_settable_ctx_params_fn aes_mt_settable_ctx_params; ++static OSSL_FUNC_cipher_gettable_ctx_params_fn aes_mt_gettable_ctx_params; ++ ++/* en/decipher functions */ ++OSSL_FUNC_cipher_encrypt_init_fn aes_mt_start_threads; ++OSSL_FUNC_cipher_decrypt_init_fn aes_mt_start_threads; ++OSSL_FUNC_cipher_update_fn aes_mt_do_cipher; ++ ++/* provider context */ ++static OSSL_FUNC_provider_query_operation_fn aes_mt_prov_query; ++static OSSL_FUNC_provider_get_reason_strings_fn aes_mt_prov_reasons; ++static OSSL_FUNC_provider_teardown_fn aes_mt_prov_teardown; ++static OSSL_FUNC_provider_get_params_fn aes_mt_prov_get_params; ++OSSL_provider_init_fn OSSL_provider_init; /* need this? */ ++ ++/* error functions */ ++OSSL_FUNC_core_new_error_fn *c_new_error; ++OSSL_FUNC_core_set_error_debug_fn *c_set_error_debug; ++OSSL_FUNC_core_vset_error_fn *c_vset_error; ++OSSL_FUNC_core_set_error_mark_fn *c_set_error_mark; ++OSSL_FUNC_core_clear_last_error_mark_fn *c_clear_last_error_mark; ++OSSL_FUNC_core_pop_error_to_mark_fn *c_pop_error_to_mark; ++ ++/* Errors used in this provider */ ++#define AES_MT_E_MALLOC 1 ++#define AES_MT_ONGOING_OPERATION 2 ++#define AES_MT_BAD_KEYLEN 3 ++ ++/* typedef for function pointers */ ++typedef void(*fptr_t)(void); ++ ++/* all of the various arrays we need */ ++ ++/* BAD_KEYLEN isn't being used at the moment */ ++const OSSL_ITEM reasons[] = { ++ { AES_MT_E_MALLOC, "Memory allocation failure" }, ++ { AES_MT_ONGOING_OPERATION, "Operation underway" }, ++ { AES_MT_BAD_KEYLEN, "Only 256, 192, and 128 Key lengths are supported" }, ++ { 0, NULL } /* Termination */ ++}; ++ ++/* function mapping for 256|192|128 key lengths */ ++const OSSL_DISPATCH aes_mt_funcs_256[] = { ++ { OSSL_FUNC_CIPHER_NEWCTX, (fptr_t)aes_mt_newctx_256 } , ++ { OSSL_FUNC_CIPHER_FREECTX, (fptr_t)aes_mt_freectx }, ++ { OSSL_FUNC_CIPHER_ENCRYPT_INIT, (fptr_t)aes_mt_start_threads }, ++ { OSSL_FUNC_CIPHER_DECRYPT_INIT, (fptr_t)aes_mt_start_threads }, ++ { OSSL_FUNC_CIPHER_UPDATE, (fptr_t)aes_mt_do_cipher }, ++ { OSSL_FUNC_CIPHER_GET_PARAMS, (fptr_t)aes_mt_get_params_256 }, ++ { OSSL_FUNC_CIPHER_GETTABLE_PARAMS, (fptr_t)aes_mt_gettable_params }, ++ { OSSL_FUNC_CIPHER_GET_CTX_PARAMS, (fptr_t)aes_mt_get_ctx_params }, ++ { OSSL_FUNC_CIPHER_GETTABLE_CTX_PARAMS, ++ (fptr_t)aes_mt_gettable_ctx_params }, ++ { OSSL_FUNC_CIPHER_SET_CTX_PARAMS, (fptr_t)aes_mt_set_ctx_params }, ++ { OSSL_FUNC_CIPHER_SETTABLE_CTX_PARAMS, ++ (fptr_t)aes_mt_settable_ctx_params }, ++ { 0, NULL } ++}; ++ ++const OSSL_DISPATCH aes_mt_funcs_192[] = { ++ { OSSL_FUNC_CIPHER_NEWCTX, (fptr_t)aes_mt_newctx_192 } , ++ { OSSL_FUNC_CIPHER_FREECTX, (fptr_t)aes_mt_freectx }, ++ { OSSL_FUNC_CIPHER_ENCRYPT_INIT, (fptr_t)aes_mt_start_threads }, ++ { OSSL_FUNC_CIPHER_DECRYPT_INIT, (fptr_t)aes_mt_start_threads }, ++ { OSSL_FUNC_CIPHER_UPDATE, (fptr_t)aes_mt_do_cipher }, ++ { OSSL_FUNC_CIPHER_GET_PARAMS, (fptr_t)aes_mt_get_params_192 }, ++ { OSSL_FUNC_CIPHER_GETTABLE_PARAMS, (fptr_t)aes_mt_gettable_params }, ++ { OSSL_FUNC_CIPHER_GET_CTX_PARAMS, (fptr_t)aes_mt_get_ctx_params }, ++ { OSSL_FUNC_CIPHER_GETTABLE_CTX_PARAMS, ++ (fptr_t)aes_mt_gettable_ctx_params }, ++ { OSSL_FUNC_CIPHER_SET_CTX_PARAMS, (fptr_t)aes_mt_set_ctx_params }, ++ { OSSL_FUNC_CIPHER_SETTABLE_CTX_PARAMS, ++ (fptr_t)aes_mt_settable_ctx_params }, ++ { 0, NULL } ++}; ++ ++const OSSL_DISPATCH aes_mt_funcs_128[] = { ++ { OSSL_FUNC_CIPHER_NEWCTX, (fptr_t)aes_mt_newctx_128 } , ++ { OSSL_FUNC_CIPHER_FREECTX, (fptr_t)aes_mt_freectx }, ++ { OSSL_FUNC_CIPHER_ENCRYPT_INIT, (fptr_t)aes_mt_start_threads }, ++ { OSSL_FUNC_CIPHER_DECRYPT_INIT, (fptr_t)aes_mt_start_threads }, ++ { OSSL_FUNC_CIPHER_UPDATE, (fptr_t)aes_mt_do_cipher }, ++ { OSSL_FUNC_CIPHER_GET_PARAMS, (fptr_t)aes_mt_get_params_128 }, ++ { OSSL_FUNC_CIPHER_GETTABLE_PARAMS, (fptr_t)aes_mt_gettable_params }, ++ { OSSL_FUNC_CIPHER_GET_CTX_PARAMS, (fptr_t)aes_mt_get_ctx_params }, ++ { OSSL_FUNC_CIPHER_GETTABLE_CTX_PARAMS, ++ (fptr_t)aes_mt_gettable_ctx_params }, ++ { OSSL_FUNC_CIPHER_SET_CTX_PARAMS, (fptr_t)aes_mt_set_ctx_params }, ++ { OSSL_FUNC_CIPHER_SETTABLE_CTX_PARAMS, ++ (fptr_t)aes_mt_settable_ctx_params }, ++ { 0, NULL } ++}; ++ ++/* the ciphers found in this provider */ ++const OSSL_ALGORITHM aes_mt_ciphers[] = { ++ { "aes_ctr_mt_256", "provider=hpnssh", aes_mt_funcs_256, NULL }, ++ { "aes_ctr_mt_192", "provider=hpnssh", aes_mt_funcs_192, NULL }, ++ { "aes_ctr_mt_128", "provider=hpnssh", aes_mt_funcs_128, NULL }, ++ { NULL, NULL, NULL, NULL } ++}; ++ ++/* function mapping for provider methods */ ++const OSSL_DISPATCH provider_functions[] = { ++ { OSSL_FUNC_PROVIDER_TEARDOWN, (fptr_t)aes_mt_prov_teardown }, ++ { OSSL_FUNC_PROVIDER_QUERY_OPERATION, (fptr_t)aes_mt_prov_query }, ++ { OSSL_FUNC_PROVIDER_GET_PARAMS, (fptr_t)aes_mt_prov_get_params }, ++ { OSSL_FUNC_PROVIDER_GET_REASON_STRINGS, (fptr_t)aes_mt_prov_reasons }, ++ { 0, NULL } ++}; ++ ++static const OSSL_PARAM ctx_get_param_table[] = { ++ { "keylen", OSSL_PARAM_UNSIGNED_INTEGER, NULL, sizeof(size_t), 0 }, ++ { NULL, 0, NULL, 0, 0 }, ++}; ++ ++static const OSSL_PARAM cipher_get_param_table[] = { ++ { "blocksize", OSSL_PARAM_UNSIGNED_INTEGER, NULL, sizeof(size_t), 0 }, ++ { "keylen", OSSL_PARAM_UNSIGNED_INTEGER, NULL, sizeof(size_t), 0 }, ++ { NULL, 0, NULL, 0, 0 }, ++}; ++ ++static const OSSL_PARAM cipher_set_param_table[] = { ++ { "keylen", OSSL_PARAM_UNSIGNED_INTEGER, NULL, sizeof(size_t), 0 }, ++ { NULL, 0, NULL, 0, 0 }, ++}; ++ ++ ++/* provider functions start here */ ++ ++static void provider_ctx_free(struct provider_ctx_st *ctx) ++{ ++ if (ctx != NULL) ++ proverr_free_handle(ctx->proverr_handle); ++ free(ctx); ++} ++ ++static struct provider_ctx_st *provider_ctx_new(const OSSL_CORE_HANDLE *core, ++ const OSSL_DISPATCH *in) ++{ ++ struct provider_ctx_st *ctx; ++ ++ if ((ctx = malloc(sizeof(*ctx))) != NULL ++ && (ctx->proverr_handle = proverr_new_handle(core, in)) != NULL) { ++ ctx->core_handle = core; ++ } else { ++ provider_ctx_free(ctx); ++ ctx = NULL; ++ } ++ return ctx; ++} ++ ++ ++/* returns the appropriate algo table for the requested function ++ * in this case we should only be working with OP_CIPHER */ ++const OSSL_ALGORITHM *aes_mt_prov_query(void *provctx, int operation_id, ++ int *no_store) ++{ ++ switch (operation_id) { ++ case OSSL_OP_CIPHER: ++ return aes_mt_ciphers; ++ } ++ return NULL; ++} ++ ++const OSSL_ITEM *aes_mt_prov_reasons(void *provctx) ++{ ++ return reasons; ++} ++ ++static int aes_mt_prov_get_params(void *provctx, OSSL_PARAM *params) ++{ ++ OSSL_PARAM *p; ++ int ok = 1; ++ ++ char *VERSION="1.0"; ++ char *BUILDTYPE="aes_ctr_mt@hpnssh.org"; ++ ++ for(p = params; p->key != NULL; p++) ++ if (strcasecmp(p->key, "version") == 0) { ++ *(const void **)p->data = VERSION; ++ p->return_size = strlen(VERSION); ++ } else if (strcasecmp(p->key, "buildinfo") == 0 ++ && BUILDTYPE[0] != '\0') { ++ *(const void **)p->data = BUILDTYPE; ++ p->return_size = strlen(BUILDTYPE); ++ } ++ return ok; ++} ++ ++/* The function that tears down this provider */ ++static void aes_mt_prov_teardown(void *vprovctx) ++{ ++ provider_ctx_free(vprovctx); ++} ++ ++int OSSL_provider_init(const OSSL_CORE_HANDLE *core, ++ const OSSL_DISPATCH *in, ++ const OSSL_DISPATCH **out, ++ void **vprovctx) ++{ ++ if ((*vprovctx = provider_ctx_new(core, in)) == NULL) ++ return 0; ++ *out = provider_functions; ++ return 1; ++} ++ ++/* parameter functions for 256|192|128 bit key lengths */ ++static int aes_mt_get_params_256(OSSL_PARAM params[]) ++{ ++ OSSL_PARAM *p; ++ int ok = 1; ++ ++ for (p = params; p->key != NULL; p++) { ++ if (strcasecmp(p->key, "blocksize") == 0) ++ if (provnum_set_size_t(p, AES_BLOCK_SIZE) < 0) { ++ ok = 0; ++ continue; ++ } ++ if (strcasecmp(p->key, "keylen") == 0) { ++ size_t keyl = 32; ++ ++ if (provnum_set_size_t(p, keyl) < 0) { ++ ok = 0; ++ continue; ++ } ++ } ++ } ++ return ok; ++} ++ ++static int aes_mt_get_params_192(OSSL_PARAM params[]) ++{ ++ OSSL_PARAM *p; ++ int ok = 1; ++ ++ for (p = params; p->key != NULL; p++) { ++ if (strcasecmp(p->key, "blocksize") == 0) ++ if (provnum_set_size_t(p, AES_BLOCK_SIZE) < 0) { ++ ok = 0; ++ continue; ++ } ++ if (strcasecmp(p->key, "keylen") == 0) { ++ size_t keyl = 24; ++ ++ if (provnum_set_size_t(p, keyl) < 0) { ++ ok = 0; ++ continue; ++ } ++ } ++ } ++ return ok; ++} ++ ++static int aes_mt_get_params_128(OSSL_PARAM params[]) ++{ ++ OSSL_PARAM *p; ++ int ok = 1; ++ ++ for (p = params; p->key != NULL; p++) { ++ if (strcasecmp(p->key, "blocksize") == 0) ++ if (provnum_set_size_t(p, AES_BLOCK_SIZE) < 0) { ++ ok = 0; ++ continue; ++ } ++ if (strcasecmp(p->key, "keylen") == 0) { ++ size_t keyl = 16; ++ ++ if (provnum_set_size_t(p, keyl) < 0) { ++ ok = 0; ++ continue; ++ } ++ } ++ } ++ return ok; ++} ++ ++/* Parameters that libcrypto can get from this implementation */ ++static const OSSL_PARAM *aes_mt_gettable_params(void *provctx) ++{ ++ return cipher_get_param_table; ++} ++ ++static const OSSL_PARAM *aes_mt_gettable_ctx_params(void *cctx, void *provctx) ++{ ++ return ctx_get_param_table; ++} ++ ++static int aes_mt_get_ctx_params(void *vctx, OSSL_PARAM params[]) ++{ ++ struct aes_mt_ctx_st *ctx = vctx; ++ int ok = 1; ++ ++ if (ctx->keylen > 0) { ++ OSSL_PARAM *p; ++ ++ for (p = params; p->key != NULL; p++) ++ if (strcasecmp(p->key, "keylen") == 0 ++ && provnum_set_size_t(p, ctx->keylen) < 0) { ++ ok = 0; ++ continue; ++ } ++ } ++ return ok; ++} ++ ++/* Parameters that libcrypto can send to this implementation */ ++static const OSSL_PARAM *aes_mt_settable_ctx_params(void *cctx, void *provctx) ++{ ++ return cipher_set_param_table; ++} ++ ++static int aes_mt_set_ctx_params(void *vctx, const OSSL_PARAM params[]) ++{ ++ struct aes_mt_ctx_st *ctx = vctx; ++ const OSSL_PARAM *p; ++ int ok = 1; ++ ++ if (ctx->ongoing) { ++ ERR_raise(ERR_HANDLE(ctx), AES_MT_ONGOING_OPERATION); ++ return 0; ++ } ++ ++ for (p = params; p->key != NULL; p++) ++ if (strcasecmp(p->key, "keylen") == 0) { ++ size_t keyl = 0; ++ ++ if (provnum_get_size_t(&keyl, p) < 0) { ++ ok = 0; ++ continue; ++ } ++ ctx->keylen = keyl; ++ } ++ return ok; ++} ++ ++#endif /*WITH_OPENSSL3*/ +diff -Nur openssh-9.6p1.orig/cipher.h openssh-9.6p1/cipher.h +--- openssh-9.6p1.orig/cipher.h 2024-07-10 13:32:39.541111639 +0200 ++++ openssh-9.6p1/cipher.h 2024-07-10 13:34:02.714358576 +0200 +@@ -42,11 +42,17 @@ + #include + #endif + #include "cipher-chachapoly.h" ++#ifdef WITH_OPENSSL ++#include "cipher-chachapoly-libcrypto-mt.h" ++#endif + #include "cipher-aesctr.h" + + #define CIPHER_ENCRYPT 1 + #define CIPHER_DECRYPT 0 + ++#define CIPHER_MULTITHREAD 1 ++#define CIPHER_SERIAL 0 ++ + struct sshcipher { + char *name; + u_int block_size; +@@ -60,6 +66,7 @@ + #define CFLAG_NONE (1<<3) + #define CFLAG_INTERNAL CFLAG_NONE /* Don't use "none" for packets */ + #ifdef WITH_OPENSSL ++#define CFLAG_MT (1<<4) + const EVP_CIPHER *(*evptype)(void); + #else + void *ignored; +@@ -68,24 +75,27 @@ + + struct sshcipher_ctx; + +-const struct sshcipher *cipher_by_name(const char *); ++struct sshcipher *cipher_by_name(const char *); + const char *cipher_warning_message(const struct sshcipher_ctx *); + int ciphers_valid(const char *); + char *cipher_alg_list(char, int); + const char *compression_alg_list(int); + int cipher_init(struct sshcipher_ctx **, const struct sshcipher *, +- const u_char *, u_int, const u_char *, u_int, int); ++ const u_char *, u_int, const u_char *, u_int, u_int, int, int); + int cipher_crypt(struct sshcipher_ctx *, u_int, u_char *, const u_char *, + u_int, u_int, u_int); + int cipher_get_length(struct sshcipher_ctx *, u_int *, u_int, + const u_char *, u_int); + void cipher_free(struct sshcipher_ctx *); + u_int cipher_blocksize(const struct sshcipher *); ++uint64_t cipher_rekey_blocks(const struct sshcipher *); + u_int cipher_keylen(const struct sshcipher *); + u_int cipher_seclen(const struct sshcipher *); + u_int cipher_authlen(const struct sshcipher *); + u_int cipher_ivlen(const struct sshcipher *); + u_int cipher_is_cbc(const struct sshcipher *); ++void cipher_reset_multithreaded(void); ++const char *cipher_ctx_name(const struct sshcipher_ctx *); + + u_int cipher_ctx_is_plaintext(struct sshcipher_ctx *); + +diff -Nur openssh-9.6p1.orig/cipher-switch.c openssh-9.6p1/cipher-switch.c +--- openssh-9.6p1.orig/cipher-switch.c 1970-01-01 01:00:00.000000000 +0100 ++++ openssh-9.6p1/cipher-switch.c 2024-07-10 13:34:02.715358579 +0200 +@@ -0,0 +1,73 @@ ++/* ++ * Copyright (c) 2023 The Board of Trustees of Carnegie Mellon University. ++ * ++ * Author: Chris Rapier ++ * ++ * This library is free software; you can redistribute it and/or modify it ++ * under the terms of the MIT License. ++ * ++ * This library is distributed in the hope that it will be useful, but WITHOUT ++ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or ++ * FITNESS FOR A PARTICULAR PURPOSE. See the MIT License for more details. ++ * ++ * You should have received a copy of the MIT License along with this library; ++ * if not, see http://opensource.org/licenses/MIT. ++ * ++ */ ++ ++/* This provides the function to switch from a serial to parallel ++ * cipher. This has been moved into it's own file in order to make it ++ * available to both the client and server without having to clutter ++ * up other files. ++ */ ++ ++#include "includes.h" ++#include ++#include ++#include "cipher.h" ++#include "log.h" ++#include "packet.h" ++ ++ ++/* if we are using a parallel cipher there can be issues in either ++ * a fork or sandbox. Essentially, if we switch too early the ++ * threads get lost and the application hangs. So what we do is ++ * test if either the send or receive context cipher name ++ * matches the known available parallel ciphers. If it does ++ * then we force a rekey which automatically loads the parallel ++ * cipher. */ ++ ++void ++cipher_switch(struct ssh *ssh) { ++#ifdef WITH_OPENSSL ++ /* get the send and receive context and extract the cipher name */ ++ const void *send_cc = ssh_packet_get_send_context(ssh); ++ const void *recv_cc = ssh_packet_get_receive_context(ssh); ++ const char *send = cipher_ctx_name(send_cc); ++ const char *recv = cipher_ctx_name(recv_cc); ++ ++ debug_f("Send: %s Recv: %s", send, recv); ++ ++ /* if the name of the cipher matches then we set the context ++ * to authenticated (it likely already is though) and then ++ * force the rekey. Either side can do this. One downside of ++ * this method is that both sides can request a rekey so you ++ * can end up duplicating work. This is annoying but the ++ * performance gains make it worthwhile. Also I ++ * use strstr here because strcmp would require a 6 part ++ * if statement */ ++ if (strstr(send, "ctr") || strstr(recv, "ctr")) { ++ debug("Serial to parallel AES-CTR cipher swap"); ++ /* cipher_reset_multithreaded(); */ ++ ssh_packet_set_authenticated(ssh); ++ packet_request_rekeying(); ++ } ++ /* do the same for multithreaded chacha20 but with strcmp */ ++ if ((strcmp(send, "chacha20-poly1305@openssh.com") == 0) || ++ (strcmp(recv, "chacha20-poly1305@openssh.com") == 0)) { ++ debug("Serial to parallel Chacha20-poly1305 cipher swap"); ++ ssh_packet_set_authenticated(ssh); ++ packet_request_rekeying(); ++ } ++#endif ++} +diff -Nur openssh-9.6p1.orig/cipher-switch.h openssh-9.6p1/cipher-switch.h +--- openssh-9.6p1.orig/cipher-switch.h 1970-01-01 01:00:00.000000000 +0100 ++++ openssh-9.6p1/cipher-switch.h 2024-07-10 13:34:02.715358579 +0200 +@@ -0,0 +1,18 @@ ++/* ++ * Copyright (c) 2015 The Board of Trustees of Carnegie Mellon University. ++ * ++ * Author: Chris Rapier ++ * ++ * This library is free software; you can redistribute it and/or modify it ++ * under the terms of the MIT License. ++ * ++ * This library is distributed in the hope that it will be useful, but WITHOUT ++ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or ++ * FITNESS FOR A PARTICULAR PURPOSE. See the MIT License for more details. ++ * ++ * You should have received a copy of the MIT License along with this library; ++ * if not, see http://opensource.org/licenses/MIT. ++ * ++ */ ++ ++void cipher_switch (struct ssh *); +diff -Nur openssh-9.6p1.orig/clientloop.c openssh-9.6p1/clientloop.c +--- openssh-9.6p1.orig/clientloop.c 2024-07-10 13:32:39.581111758 +0200 ++++ openssh-9.6p1/clientloop.c 2024-07-10 13:34:02.716358582 +0200 +@@ -114,6 +114,7 @@ + #include "msg.h" + #include "ssherr.h" + #include "hostfile.h" ++#include "metrics.h" + + #ifdef GSSAPI + #include "ssh-gss.h" +@@ -172,6 +173,10 @@ + + static void client_init_dispatch(struct ssh *ssh); + int session_ident = -1; ++int metrics_hdr_remote_flag = 0; ++int metrics_hdr_local_flag = 0; ++int remote_no_poll_flag = 0; ++int local_no_poll_flag = 0; + + /* Track escape per proto2 channel */ + struct escape_filter_ctx { +@@ -199,6 +204,9 @@ + TAILQ_HEAD_INITIALIZER(global_confirms); + + void ssh_process_session2_setup(int, int, int, struct sshbuf *); ++ ++void client_request_metrics(struct ssh *); ++ + static void quit_message(const char *fmt, ...) + __attribute__((__format__ (printf, 1, 2))); + +@@ -1453,6 +1461,7 @@ + double start_time, total_time; + int channel_did_enqueue = 0, r, len; + u_int64_t ibytes, obytes; ++ time_t previous_time; + int conn_in_ready, conn_out_ready; + sigset_t bsigset, osigset; + +@@ -1494,6 +1503,7 @@ + client_repledge(); + + start_time = monotime_double(); ++ previous_time = time(NULL); /* for metrics polling */ + + /* Initialize variables. */ + last_was_cr = 1; +@@ -1539,6 +1549,8 @@ + } + + schedule_server_alive_check(); ++ if (options.metrics) ++ client_request_metrics(ssh); /* initial metrics polling */ + + if (sigemptyset(&bsigset) == -1 || + sigaddset(&bsigset, SIGHUP) == -1 || +@@ -1549,6 +1561,12 @@ + + /* Main loop of the client for the interactive session mode. */ + while (!quit_pending) { ++ if (options.metrics) { ++ if ((time(NULL) - previous_time) >= options.metrics_interval) { ++ client_request_metrics(ssh); ++ previous_time = time(NULL); ++ } ++ } + channel_did_enqueue = 0; + + /* Process buffered packets sent by the server. */ +@@ -1641,6 +1659,10 @@ + } + } + } ++ ++ if (options.metrics) ++ client_request_metrics(ssh); /* final metrics polling */ ++ + free(pfd); + + /* Terminate the session. */ +@@ -2684,6 +2706,167 @@ + return 1; + } + ++/* take the response from the server and parse out the data. ++ * the _ctx should be null. It's just here because the format ++ * of the callback handler expects it. Likewise, seq is ++ * not used. */ ++static void ++client_process_request_metrics (struct ssh *ssh, int type, u_int32_t seq, void *_ctx) { ++ struct tcp_info local_tcp_info; ++ const u_char *blob; ++ FILE *remfptr; ++ FILE *localfptr; ++ char remfilename[1024]; ++ char localfilename[1024]; ++ time_t now; ++ struct tm *info; ++ char timestamp[40]; ++ char *metricsstring = NULL; ++ size_t tcpi_len, len = 0; ++ binn *metricsobj = NULL; ++ int r, kernel_version = 0; ++ ++ time(&now); ++ info = localtime(&now); ++ strftime(timestamp, 40, "%d-%m-%Y %H:%M:%S", info); ++ ++ /* malloc the string 1KB should be large enough */ ++ metricsstring = malloc(1024); ++ ++ /* get the local socket information */ ++ int sock_in = ssh_packet_get_connection_in(ssh); ++ ++ /* the user can specify a name/path with options.metrics_path ++ * but if it's not defined we'll use a default name. In either case ++ * the name will have a suffix of local for the local data and remote for ++ * the remote data */ ++ if (options.metrics_path == NULL) { ++ snprintf(remfilename, 1024, "%s", "./ssh_stack_metrics.remote"); ++ snprintf(localfilename, 1024, "%s", "./ssh_stack_metrics.local"); ++ } else { ++ snprintf(remfilename, 1024, "%s.%s", options.metrics_path, "remote"); ++ snprintf(localfilename, 1024, "%s.%s", options.metrics_path, "local"); ++ } ++ ++ /* should be type 81 and if it's not then its likley that ++ * the remote does not support polling. We can still get local data though ++ */ ++ if (type != SSH2_MSG_REQUEST_SUCCESS) { ++ if (remote_no_poll_flag == 0) { ++ error("Remote does not support stack metric polling. Local data only."); ++ remote_no_poll_flag = 1; ++ } ++ goto localonly; ++ } ++ ++ /* open the file handle to write the remote data*/ ++ remfptr = fopen(remfilename, "a"); ++ if (remfptr == NULL) ++ fatal("Error opening %s: %s", remfilename, strerror(errno)); ++ ++ /* read the entire packet string into blob ++ * blob has to be a const uchar as that's what string_direct expects ++ * we cast it as a void for the binn functions */ ++ sshpkt_get_string_direct(ssh, &blob, &len); ++ if (len == 0) { ++ /* received no data. which is weird */ ++ error("Received no remote metrics data. Continuing."); ++ } ++ ++ /* get the kernel version printing the header */ ++ kernel_version = binn_object_int32((void *)blob, "kernel_version"); ++ ++ /* create a string of the data from the binn object blob */ ++ metrics_read_binn_object((void *)blob, &metricsstring); ++ ++ /* have we printed the header? */ ++ if (metrics_hdr_remote_flag == 0) { ++ metrics_print_header(remfptr, "REMOTE CONNECTION", kernel_version); ++ metrics_hdr_remote_flag = 1; ++ } ++ fprintf(remfptr, "%s, ", timestamp); ++ fprintf(remfptr, "%s\n", metricsstring); ++ ++ /* close remote file pointer*/ ++ fclose(remfptr); ++ ++ /* got the remote data, now get the local */ ++localonly: ++/* TCP_INFO is defined in metrics.h*/ ++#if !defined TCP_INFO ++ if (local_no_poll_flag == 0) { ++ error("Local host does not support metric polling. Remote data only."); ++ local_no_poll_flag = 1; ++ } ++#else ++ /* open file handle for local data */ ++ localfptr = fopen(localfilename, "a"); ++ if(localfptr == NULL) ++ fatal("Error opening %s: %s", localfilename, strerror(errno)); ++ ++ /* create the binn object*/ ++ metricsobj = binn_object(); ++ if (metricsobj == NULL) { ++ fatal("Could not create metrics object"); ++ } ++ ++ tcpi_len = (size_t)sizeof(local_tcp_info); ++ if ((r = getsockopt(sock_in, IPPROTO_TCP, TCP_INFO, (void *)&local_tcp_info, ++ (socklen_t *)&tcpi_len)) != 0){ ++ error("Could not read tcp_info from socket"); ++ goto out; ++ } ++ ++ /* we write and read to a binn object because it lets us ++ * format the data consistently */ ++ metrics_write_binn_object(&local_tcp_info, metricsobj); ++ ++ /* create a string of the data from the binn object metricsobj */ ++ metrics_read_binn_object((void *)metricsobj, &metricsstring); ++ ++ /* get the kernel version printing the header */ ++ kernel_version = binn_object_int32(metricsobj, "kernel_version"); ++ ++ if (metrics_hdr_local_flag == 0) { ++ metrics_print_header(localfptr, "LOCAL CONNECTION", kernel_version); ++ metrics_hdr_local_flag = 1; ++ } ++ ++ fprintf(localfptr, "%s, ", timestamp); ++ fprintf(localfptr, "%s\n", metricsstring); ++ fclose (localfptr); ++#endif /* TCP_INFO */ ++out: ++ free(metricsstring); ++} ++ ++/* Use the SSH2_MSG_GLOBAL_REQUEST protocol to ++ * ask the server to send metrics back to the client. ++ * we use the non-canonical string stack-metrics@hpnssh.org ++ * to indicate the type of request we want. If the receiver doesn't ++ * understand it then the response indiactes a failure. ++ * I can probably do this by using clint_input_global_request but ++ * I need to understand that better. ++ */ ++void client_request_metrics(struct ssh *ssh) { ++ int r; ++ ++ debug_f("Asking server for TCP stack metrics"); ++ /* create a pakcet of GLOBAL_REQUEST type */ ++ if ((r = sshpkt_start(ssh, SSH2_MSG_GLOBAL_REQUEST)) != 0 || ++ /* define the type of GLOBAL_REQUEST message */ ++ (r = sshpkt_put_cstring(ssh, ++ "stack-metrics@hpnssh.org")) != 0 || ++ /* indicate if we want a response. 1 for yes 0 for no */ ++ (r = sshpkt_put_u8(ssh, 1)) != 0) ++ fatal_fr(r, "prepare stack request failure"); ++ /* send the packet */ ++ if ((r = sshpkt_send(ssh)) != 0) ++ fatal_fr(r, "send stack request"); ++ /* i believe this indicates what we are to use for a callback */ ++ client_register_global_confirm(client_process_request_metrics, NULL); ++} ++ + static int + client_input_global_request(int type, u_int32_t seq, struct ssh *ssh) + { +@@ -2739,6 +2922,11 @@ + if ((c = channel_lookup(ssh, id)) == NULL) + fatal_f("channel %d: unknown channel", id); + ++ if (options.hpn_buffer_limit) { ++ debug_f("Limiting receive buffer size"); ++ c->hpn_buffer_limit = 1; ++ } ++ + ssh_packet_set_interactive(ssh, want_tty, + options.ip_qos_interactive, options.ip_qos_bulk); + +@@ -2809,6 +2997,43 @@ + + len = sshbuf_len(cmd); + if (len > 0) { ++ /* we may be connecting to a server that has hpn prefixed ++ * binaries installed. In that case we need to rewrite any ++ * scp commands to look for hpnscp instead. ++ */ ++ if (ssh->compat & SSH_HPNSSH_PREFIX) { ++ char *new_cmd; ++ new_cmd = malloc(len+4); ++ /* read the existing command into a temp buffer */ ++ sprintf(new_cmd, "%s", (const u_char*)sshbuf_ptr(cmd)); ++ const char *pos; ++ /* see if the command starts with scp */ ++ pos = strstr(new_cmd, "scp"); ++ /* by substracting the pointer new_cmd from the pointer ++ * pos we end up with the position of the needle in the ++ * haystack. If it's 0 then we can mess with it ++ */ ++ if (pos - new_cmd == 0) { ++ debug_f("Rewriting scp command for hpnscp."); ++ sprintf(new_cmd, "hpn%s", (const u_char*)sshbuf_ptr(cmd)); ++ debug_f("Command was: %s and is now %s", ++ (const u_char*)sshbuf_ptr(cmd), new_cmd); ++ /* free the existing sshbuf 'cmd' ++ * recreate it and then write our new_cmd into ++ * the sshbuf struct ++ */ ++ sshbuf_free(cmd); ++ if ((cmd = sshbuf_new()) == NULL) ++ fatal("sshbuf_new failed in scp rewrite"); ++ sshbuf_putf(cmd, "%s", new_cmd); ++ /* we use len later on so don't forget to ++ * increment it by the number of new chars in the ++ * command ++ */ ++ len += 3; ++ free(new_cmd); ++ } ++ } + if (len > 900) + len = 900; + if (want_subsystem) { +diff -Nur openssh-9.6p1.orig/compat.c openssh-9.6p1/compat.c +--- openssh-9.6p1.orig/compat.c 2024-07-10 13:32:39.574111737 +0200 ++++ openssh-9.6p1/compat.c 2024-07-10 13:34:02.716358582 +0200 +@@ -135,6 +135,36 @@ + ssh->compat = check[i].bugs; + if (forbid_ssh_rsa) + ssh->compat |= SSH_RH_RSASIGSHA; ++ /* Check to see if the remote side is OpenSSH and not HPN */ ++ /* TODO: See if we can work this into the new method for bug checks */ ++ if (strstr(version, "OpenSSH") != NULL) { ++ if (strstr(version, "hpn")) { ++ ssh->compat |= SSH_HPNSSH; ++ debug("Remote is HPN enabled"); ++ } ++ /* this checks to see if the remote ++ * version string indicates that we ++ * have access to hpn prefixed binaries ++ * You'll need to change this to include ++ * new major version numbers. Which is ++ * why we should figure out how to make ++ * the match pattern list work ++ */ ++ if ((strstr(version, "hpn16") != NULL) || ++ (strstr(version, "hpn17") != NULL) || ++ (strstr(version, "hpn18") != NULL)) { ++ ssh->compat |= SSH_HPNSSH_PREFIX; ++ debug("Remote uses HPNSSH prefixes."); ++ break; ++ } ++ /* if it's openssh and not hpn */ ++ if ((strstr(version, "OpenSSH_8.9") != NULL) || ++ (strstr(version, "OpenSSH_9") != NULL)) { ++ ssh->compat |= SSH_RESTRICT_WINDOW; ++ debug("Restricting adverstised window size."); ++ } ++ } ++ debug("ssh->compat is %u", ssh->compat); + return; + } + } +diff -Nur openssh-9.6p1.orig/compat.h openssh-9.6p1/compat.h +--- openssh-9.6p1.orig/compat.h 2024-07-10 13:32:39.574111737 +0200 ++++ openssh-9.6p1/compat.h 2024-07-10 13:34:02.716358582 +0200 +@@ -46,12 +46,12 @@ + /* #define unused 0x00010000 */ + /* #define unused 0x00020000 */ + /* #define unused 0x00040000 */ +-/* #define unused 0x00100000 */ ++#define SSH_HPNSSH 0x00100000 /* basically a notice that this is HPN aware */ + #define SSH_BUG_EXTEOF 0x00200000 + #define SSH_BUG_PROBE 0x00400000 +-/* #define unused 0x00800000 */ ++#define SSH_RESTRICT_WINDOW 0x00800000 /* restrict adverstised window to OpenSSH clients */ + #define SSH_OLD_FORWARD_ADDR 0x01000000 +-/* #define unused 0x02000000 */ ++#define SSH_HPNSSH_PREFIX 0x02000000 /* indicates that we have hpn prefixes binaries */ + #define SSH_NEW_OPENSSH 0x04000000 + #define SSH_BUG_DYNAMIC_RPORT 0x08000000 + #define SSH_BUG_CURVE25519PAD 0x10000000 +diff -Nur openssh-9.6p1.orig/configure.ac openssh-9.6p1/configure.ac +--- openssh-9.6p1.orig/configure.ac 2024-07-10 13:32:39.595111799 +0200 ++++ openssh-9.6p1/configure.ac 2024-07-10 13:34:02.718358588 +0200 +@@ -2909,8 +2909,8 @@ + 200*) # LibreSSL + lver=`echo "$sslver" | sed 's/.*libressl-//'` + case "$lver" in +- 2*|300*) # 2.x, 3.0.0 +- AC_MSG_ERROR([LibreSSL >= 3.1.0 required (have "$ssl_showver")]) ++ 2*|300*|301*|302*|303*|304*|306*) # 2.x, 3.0.0 ++ AC_MSG_ERROR([LibreSSL >= 3.7.0 required (have "$ssl_showver")]) + ;; + *) ;; # Assume all other versions are good. + esac +@@ -2918,10 +2918,12 @@ + 300*) + # OpenSSL 3; we use the 1.1x API + CPPFLAGS="$CPPFLAGS -DOPENSSL_API_COMPAT=0x10100000L" ++ AC_DEFINE([WITH_OPENSSL3], [1], [With OpenSSL3]) + ;; + 301*|302*|303*) + # OpenSSL development branch; request 1.1x API + CPPFLAGS="$CPPFLAGS -DOPENSSL_API_COMPAT=0x10100000L" ++ AC_DEFINE([WITH_OPENSSL3], [1], [With OpenSSL3]) + ;; + *) + AC_MSG_ERROR([Unknown/unsupported OpenSSL version ("$ssl_showver")]) +@@ -3039,6 +3041,30 @@ + EVP_CIPHER_CTX_set_iv \ + ]) + ++ # OpenSSL 3.0 API ++ # Does OpenSSL support the EVP_MAC functions for Poly1305? ++ AC_MSG_CHECKING([whether OpenSSL supports Poly1305 MAC EVP]) ++ AC_RUN_IFELSE( ++ [AC_LANG_PROGRAM([[ ++ #include ++ #include ++ #include ++ ]], [[ ++ EVP_MAC *mac = EVP_MAC_fetch(NULL, "poly1305", NULL); ++ if (mac == NULL) ++ exit(1); ++ ]])], ++ [ ++ AC_MSG_RESULT([yes]) ++ AC_DEFINE([OPENSSL_HAVE_POLY_EVP], [1], ++ [Libcrypto supports Poly1305 MAC EVP]) ++ ], ++ [ ++ AC_MSG_RESULT([no]) ++ ] ++ ) ++ ++ + if test "x$openssl_engine" = "xyes" ; then + AC_MSG_CHECKING([for OpenSSL ENGINE support]) + AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[ +diff -Nur openssh-9.6p1.orig/defines.h openssh-9.6p1/defines.h +--- openssh-9.6p1.orig/defines.h 2023-12-18 15:59:50.000000000 +0100 ++++ openssh-9.6p1/defines.h 2024-07-10 13:34:02.718358588 +0200 +@@ -889,7 +889,7 @@ + #endif + + #ifndef SSH_IOBUFSZ +-# define SSH_IOBUFSZ 8192 ++# define SSH_IOBUFSZ (32*1024) + #endif + + /* +diff -Nur openssh-9.6p1.orig/digest.h openssh-9.6p1/digest.h +--- openssh-9.6p1.orig/digest.h 2024-07-10 13:32:39.511111550 +0200 ++++ openssh-9.6p1/digest.h 2024-07-10 13:34:02.719358591 +0200 +@@ -27,7 +27,8 @@ + #define SSH_DIGEST_SHA256 2 + #define SSH_DIGEST_SHA384 3 + #define SSH_DIGEST_SHA512 4 +-#define SSH_DIGEST_MAX 5 ++#define SSH_DIGEST_NULL 5 ++#define SSH_DIGEST_MAX 6 + + struct sshbuf; + struct ssh_digest_ctx; +diff -Nur openssh-9.6p1.orig/digest-openssl.c openssh-9.6p1/digest-openssl.c +--- openssh-9.6p1.orig/digest-openssl.c 2024-07-10 13:32:39.511111550 +0200 ++++ openssh-9.6p1/digest-openssl.c 2024-07-10 13:34:02.719358591 +0200 +@@ -61,6 +61,7 @@ + { SSH_DIGEST_SHA256, "SHA256", 32, EVP_sha256 }, + { SSH_DIGEST_SHA384, "SHA384", 48, EVP_sha384 }, + { SSH_DIGEST_SHA512, "SHA512", 64, EVP_sha512 }, ++ { SSH_DIGEST_NULL, "NONEMAC", 0, EVP_md_null}, + { -1, NULL, 0, NULL }, + }; + +diff -Nur openssh-9.6p1.orig/FUNDING.yml openssh-9.6p1/FUNDING.yml +--- openssh-9.6p1.orig/FUNDING.yml 1970-01-01 01:00:00.000000000 +0100 ++++ openssh-9.6p1/FUNDING.yml 2024-07-10 13:34:02.719358591 +0200 +@@ -0,0 +1,12 @@ ++# These are supported funding model platforms ++ ++github:rapier1 # Replace with up to 4 GitHub Sponsors-enabled usernames e.g., [user1, user2] ++#patreon: # Replace with a single Patreon username ++#open_collective: # Replace with a single Open Collective username ++#ko_fi: # Replace with a single Ko-fi username ++#tidelift: # Replace with a single Tidelift platform-name/package-name e.g., npm/babel ++#community_bridge: # Replace with a single Community Bridge project-name e.g., cloud-foundry ++#liberapay: # Replace with a single Liberapay username ++#issuehunt: # Replace with a single IssueHunt username ++#otechie: # Replace with a single Otechie username ++#custom: # Replace with up to 4 custom sponsorship URLs e.g., ['link1', 'link2'] +diff -Nur openssh-9.6p1.orig/HPN-README openssh-9.6p1/HPN-README +--- openssh-9.6p1.orig/HPN-README 1970-01-01 01:00:00.000000000 +0100 ++++ openssh-9.6p1/HPN-README 2024-07-10 13:34:02.719358591 +0200 +@@ -0,0 +1,170 @@ ++Notes: ++ ++LibreSSL Support: ++Changes in LibreSSL version 3.5 and 3.6 prevent the use of the threaded AES CTR cipher. ++In those cases HPNSSH will fallback to the serial version of the AES CTR cipher. A warning ++is printed to stderr. ++ ++Automatic Port Fallback (in version 17v3) ++The hpnssh client now uses TCP port 2222 to connect automatically as this is the ++default hpnsshd port. However, we understand that many users will be end up connecting ++standard SSH servers on port 22. To make the easier for users the client will fall back to ++port 22 in the event that there is no hpnssh server running on port 2222. The behaviour can ++be modifed as follows: ++-oFallback=[yes|no] will enable or disable port fallback. Default is yes. ++-oFallbackPort=[N] where N is the port number that should be used for fall back. ++ Default is 22. ++ ++TCP_INFO Metrics ++This features allows the client to request tcp networking information from the ++TCP_INFO struct. This includes data on retransmits, round trip time, lost packets, ++data transferred, and the like. The metrics are polled periodically through the ++life of the connection. By default this is every 5 seconds but users can pick different ++polling periods. The resulting data is stored in two distinct files; one for local ++metrics and one for remote metrics. Remote metrics are only available if the remote ++supports this feature. This feature will *not* diagnose a poorly performing connection ++but may provide insight into what is happening during the connection. ++ ++Usage: ++-oMetrics=[yes|no] will enable metrics polling. Default: No. ++-oMetricsInterval=[N] where N is the polling period in seconds. Default: 5 seconds. ++-oMetricsPath=[/filepath/filename] is the name of the file where the remote and ++ local data will be stored. Default: ./ssh_stack_metrics.[local|remote]. ++ Any other option chosen by the user will have a .local or .remote suffix appended to it. ++ ++The number of instruments polled by this features is dependent on the kernel of the host. ++This means that a remote host with an older kernel may report fewer instruments than a client ++host running a current kernel or vice versa. If there is a discrepency in the number of instruments ++in the ssh_stack_metrics.local and .remote file this is the most likely reason. ++ ++Additionally, determining which file represents sender side versus receiver side is dependent ++on the nature of the connection. Therfore, it's up to the user to make that determination. ++ ++Linux Note: Currently this is only supported on Linux kernel versions 3.7 and greater. Newer kernels ++may have more instruments available to poll than older kernels. ++ ++FreeBSD Note: This is supported on Release 6 and higher. However, FreeBSD has fewer available ++instruments than new Linux kernels. ++ ++Multiplexing Note: The metrics are reported from the TCP socket which means that gathering ++metrics from multiplexed sessions will report on the activity of all sessions on that socket. ++This will likely result in less clear results and, as such, we suggest only gathering metrics ++from non-multiplexed session. ++ ++HPNSCP with Resume functionality ++This feature allows hpnscp to resume failed transfers. In the event of a failed transfer ++issues the same scp command with the '-R' option. For example - if you issued: ++'hpnscp myhugefile me@host:~' ++and it dies halfway through the transfer issuing ++'hpnscp -Z myhugefile me@host:~' ++will resume the transfer at the point where it left off. ++ ++This is implemented by having the source host send a hash (blake2b512) of the file to the ++target host. The target host then computes it's own hash of the target file. If the hashes match ++then the file is skipped as this indicates a successful transfer. However, if the hashes do not ++match then the target sends the source its hash along with the size of the file. The source then ++computes the hash of the file *up to* the size of the target file. If those hashes match then ++the source only send the necessary bytes to complete the transfer. If the hashes do not match then ++the entire file is resent. If the target file is larger then the source file then the entire ++source file is sent and any existing target file is overwritten. ++ ++ ++MULTI-THREADED AES CIPHER: ++The AES cipher in CTR mode has been multithreaded (MTR-AES-CTR). This will allow ssh installations ++on hosts with multiple cores to use more than one processing core during encryption. ++Tests have show significant throughput performance increases when using MTR-AES-CTR up ++to and including a full gigabit per second on quad core systems. It should be possible to ++achieve full line rate on dual core systems but OS and data management overhead makes this ++more difficult to achieve. The cipher stream from MTR-AES-CTR is entirely compatible with single ++thread AES-CTR (ST-AES-CTR) implementations and should be 100% backward compatible. Optimal ++performance requires the MTR-AES-CTR mode be enabled on both ends of the connection. ++The MTR-AES-CTR replaces ST-AES-CTR and is used in exactly the same way with the same ++nomenclature. ++Usage examples: ++ ssh -caes128-ctr you@host.com ++ scp -oCipher=aes256-ctr file you@host.com:~/file ++ ++MULTI-THREADED ChaCha20-Poly1305 CIPHER: ++The default cipher used by HPN-SSH is now a threaded implementation of the ++ChaCha20-Poly1305 cipher. In tests this cipher results in an approximately 90% gain in ++throughput performance in comparison to the serial implementation found in OpenSSH. ++This cipher is fully compatible with all known existing implementations of ChaCha20-Poly1305. ++ ++Internally this cipher is referred to as chacha20-poly1305-mt@hpnssh.org (CC20-MT) ++similar to how the OpenSSH implementation is known as chacha20-poly1305@openssh.com ++(CC20-S (for serial)). No changes are required on the part of the user to make use of CC20-MT. ++However, if the users doesn't want to make use of this cipher they can explicitly load CC20-S using ++'-cchach20-poly1305@openssh.com` on the command line. ++ ++NONE CIPHER: ++To use the NONE option you must have the NoneEnabled switch set on the server and ++you *must* have *both* NoneEnabled and NoneSwitch set to yes on the client. The NONE ++feature works with ALL ssh subsystems (as far as we can tell) *AS LONG AS* a tty is not ++spawned. If a user uses the -T switch to prevent a tty being created the NONE cipher will ++be disabled. ++ ++The performance increase will only be as good as the network and TCP stack tuning ++on the reciever side of the connection allows. As a rule of thumb a user will need ++at least 10Mb/s connection with a 100ms RTT to see a doubling of performance. The ++HPN-SSH home page describes this in greater detail. ++ ++http://www.psc.edu/networking/projects/hpn-ssh ++ ++NONE MAC: ++Starting with HPN 15v1 users will have the option to disable HMAC (message ++authentication ciphers) when using the NONE cipher. You must enable the following: ++NoneEnabled, NoneSwitch, and NoneMacEnabled. If all three are not enabled the None MAC ++will be automatically disabled. In tests the use of the None MAC improved throuput by ++more than 30%. ++ ++ex: scp -oNoneSwitch=yes -oNoneEnabled=yes -oNoneMacEnabled=yes file host:~ ++ ++HPN Specific Configuration options ++ ++TcpRcvBufPoll=[yes/no] client/server ++ Enable of disable the polling of the tcp receive buffer through the life ++of the connection. You would want to make sure that this option is enabled ++for systems making use of autotuning kernels (linux 2.4.24+, 2.6, MS Vista) ++default is yes. ++ ++NoneEnabled=[yes/no] client/server ++ Enable or disable the use of the None cipher. Care must always be used ++when enabling this as it will allow users to send data in the clear. However, ++it is important to note that authentication information remains encrypted ++even if this option is enabled. Set to no by default. ++ ++NoneMacEnabled=[yes/no] client/server ++ Enable or disable the use of the None MAC. When this is enabled ssh ++will *not* provide data integrity of any data being transmitted between hosts. Use ++with caution as it, unlike just using NoneEnabled, doesn't provide data integrity and ++protection against man-in-the-middle attacks. As with NoneEnabled all authentication ++remains encrypted and integrity is ensured. Default is no. ++ ++NoneSwitch=[yes/no] client ++ Switch the encryption cipher being used to the None cipher after ++authentication takes place. NoneEnabled must be enabled on both the client ++and server side of the connection. When the connection switches to the NONE ++cipher a warning is sent to STDERR. The connection attempt will fail with an ++error if a client requests a NoneSwitch from the server that does not explicitly ++have NoneEnabled set to yes. Note: The NONE cipher cannot be used in ++interactive (shell) sessions and it will fail silently. Set to no by default. ++ ++HPNDisabled=[yes/no] client/server ++ In some situations, such as transfers on a local area network, the impact ++of the HPN code produces a net decrease in performance. In these cases it is ++helpful to disable the HPN functionality. By default HPNDisabled is set to no. ++ ++Credits: This patch was conceived, designed, and led by Chris Rapier (rapier@psc.edu) ++ The majority of the actual coding for versions up to HPN12v1 was performed ++ by Michael Stevens (mstevens@andrew.cmu.edu). The MT-AES-CTR cipher was ++ implemented by Ben Bennet (ben@psc.edu) and improved by Mike Tasota ++ (tasota@gmail.com) an NSF REU grant recipient for 2013. ++ Allan Jude provided the code for the NoneMac and buffer normalization. ++ This work was financed, in part, by Cisco System, Inc., the National ++ Library of Medicine, and the National Science Foundation. ++ ++Sponsors: Thanks to Niklas Hambuchen for being the first sponsor of HPN-SSH ++ via github's sponsor program! ++ ++ ++Edited: October 11, 2023 +diff -Nur openssh-9.6p1.orig/HPNSSHInstallation.txt openssh-9.6p1/HPNSSHInstallation.txt +--- openssh-9.6p1.orig/HPNSSHInstallation.txt 1970-01-01 01:00:00.000000000 +0100 ++++ openssh-9.6p1/HPNSSHInstallation.txt 2024-07-10 13:34:02.720358594 +0200 +@@ -0,0 +1,354 @@ ++HPN-SSH Installation ++ ++The process of installing HPN-SSH from source is a relatively painless process ++but does have some nuances. This document will go through the process step by ++step to help you get the most from your installation. If you find any errors ++please contact us at hpnssh@psc.edu. ++ ++ ++Step 1: Get the source code. ++ ++The official repository for HPN-SSH is found at ++https://github.com/rapier1/hpn-ssh. Get a copy with ++"git clone https://github.com/rapier1/hpn-ssh”. ++ ++ ++Step 2: Install dependencies. ++ ++What you need to install is dependent on your distribution but will include: ++* OpenSSL development package ++ * Debian: libssl-dev ++ * Fedora: openssl-devel ++* Alternatively you can use LIbreSSL ++ * However, in this case we suggest compiling and installing libressl manually as ++ there are few maintained linux packages for LibreSSL. ++ * Also, LibreSSL v3.5 and v3.6 do not support the threaded AES-CTR cipher. ++ If that’s important to you then you should use OpenSSL. ++* Z compression library ++ * Debian: zlib1g-dev ++ * Fedora: zlib-devel ++* Autoconf ++* Automake ++ ++ ++Step 3: Install optional dependencies. ++ ++This optional libraries will extend the functionality of HPN-SSH to allow the use of PAM ++authentication, Kerberos, graphical password tools, etc. ++* PAM ++* Kerberos ++* GTK ++ ++ ++Step 4: Build the configure file ++ ++generate ./configure with “autoreconf -f -i” ++ ++ ++Step 5: Configuration ++ ++Configure the installation. You can get detailed information on how to do this by ++issuing “./configure --help”. However, commonly you will want to change the default installation ++location of the binaries. This can be done with “--prefix=/[desired_path]”. For example, ++if you want the binaries installed into /usr/bin as opposed to the default of ++/usr/local/bin you’d use “./configure --prefix=/usr”. Other common options would be to ++incorporate pam, kerberos, alternative SSL libraries, and so forth. However, for most users ++either no additional configuration options or modifying the prefix will suffice. ++ ++ ++Step 6: Make ++ ++Make the application with “make -j[num cores]”. So if you have an 8 core system ++you’d use “make -j8” ++ ++ ++Step 7: Set up the hpnsshd user. ++ ++This user is part of the privilege separation routines used in the ++pre-authentication sandbox. I suggest using the following command: ++ ++sudo useradd --system --shell /usr/sbin/nologin --comment="Privilege separated HPNSSH User" \ ++--home=/run/hpnsshd hpnsshd ++ ++Alternatively, you can use vipw to add the user manually. ++ ++ ++Step 8: Installation ++ ++After HPN-SSH successfully builds, install it with “sudo make install”. This will install the ++binaries, configuration files, and generate the unique host keys used. At this point you can ++make changes to the ssh client and server default configuration. These files are ++found, generally, in /etc/hpnssh/ssh_config and sshd_config respectively. You may want to ++change the default port from 2222 to some other value. You may also want to enable the ++NoneCipher and NoneMac options. For more information use “man hpnsshd_config” and ++“man hpnssh_config”. Note: The hpnssh client expects the server to be on port 2222 but will ++fallback to 22 if it’s not found there. So if you do change the default port you’ll need to ++make sure the clients point at the correct port. ++ ++Step 9: Finishing up. ++ ++At this point you can start hpnsshd manually by running “sudo /usr/sbin/hpnsshd” ++or whatever the full path to the hpnsshd binary might be. However, this won’t ++restart automatically on reboot. To do this you’ll need to install an appropriate ++systemd configuration file. If that seems like a good idea to you then following steps may be ++of help. Otherwise, you are done. Enjoy! ++ ++ ++Step 10: Installing a systemd startup file. ++ ++The correct systemd startup file depends on the distribution you are using. For system ++using systemd (you start a service with systemctl) create a file at /lib/systemd/system/hpnsshd.service ++with the following contents NB: you may need to update the paths to match your installation: ++ ++[Unit] ++Description=HPN/OpenBSD Secure Shell server ++Documentation=man:hpnsshd(8) man:hpnsshd_config(5) ++After=network.target auditd.service ++ConditionPathExists=!/etc/hpnssh/sshd_not_to_be_run ++ ++[Service] ++EnvironmentFile=-/etc/default/hpnssh ++ExecStartPre=/usr/sbin/hpnsshd -t ++ExecStart=/usr/sbin/hpnsshd -D $SSHD_OPTS ++ExecReload=/usr/sbin/hpnsshd -t ++ExecReload=/bin/kill -HUP $MAINPID ++KillMode=process ++Restart=on-failure ++RestartPreventExitStatus=255 ++Type=notify ++RuntimeDirectory=hpnsshd ++RuntimeDirectoryMode=0755 ++ ++[Install] ++WantedBy=multi-user.target ++Alias=hpnsshd.service ++ ++Alternatively, the ./configure command will generate a hpnsshd.service file from ++hpnsshd.service.in. You can use this file by copying it to ++/libsystemd/system/hpnsshd.service instead of copying the above text. ++ ++Then create the defaults file at /etc/defaults/hpnsshd with the following content: ++# Default settings for openssh-server. ++# Options to pass to sshd ++SSHD_OPTS= ++ ++Enter any runtime options you want on the SSHD_OPTS line. If you can’t think of any, simply ++leave it blank. A sample /etc/defauls/hpnssh file may be found in defaults.hpnsshd. ++ ++You must then reload the systemd service to make it aware of this new service with ++sudo systemctl daemon-reload ++ ++If you are using an init.d (you start a service with ‘system’) then you need to install an ++init.d. Create the file /etc/init.d/hpnssh and copy the following into it. NB: The following is ++for where hpnsshd is found at /usr/sbin/hpnsshd. If it is not in that location you’ll need to ++update the paths. ++ ++Alternatively, you may use the hpnsshd.init file created during configure. This will be ++prepopulated with the correct paths by the configure script. ++ ++#! /bin/sh ++ ++### BEGIN INIT INFO ++# Provides: hpnsshd ++# Required-Start: $remote_fs $syslog ++# Required-Stop: $remote_fs $syslog ++# Default-Start: 2 3 4 5 ++# Default-Stop: ++# Short-Description: OpenBSD Secure Shell server with HPN ++### END INIT INFO ++ ++set -e ++ ++# /etc/init.d/hpnssh: start and stop the OpenBSD "secure shell(tm)" daemon ++ ++test -x /usr/sbin/hpnsshd || exit 0 ++( /usr/sbin/hpnsshd -\? 2>&1 | grep -q OpenSSH ) 2>/dev/null || exit 0 ++ ++umask 022 ++ ++if test -f /etc/default/hpnssh; then ++ . /etc/default/hpnssh ++fi ++ ++. /lib/lsb/init-functions ++ ++ ++if [ -n "$2" ]; then ++ SSHD_OPTS="$SSHD_OPTS $2" ++fi ++ ++# Are we running from init? ++run_by_init() { ++ ([ "$previous" ] && [ "$runlevel" ]) || [ "$runlevel" = S ] ++} ++ ++check_for_no_start() { ++ # forget it if we're trying to start, and /etc/hpnssh/sshd_not_to_be_run exists ++ if [ -e /etc/hpnssh/sshd_not_to_be_run ]; then ++ if [ "$1" = log_end_msg ]; then ++ log_end_msg 0 || true ++ fi ++ if ! run_by_init; then ++ log_action_msg "HPN/OpenBSD Secure Shell server not in use (/etc/hpnssh/sshd_not_to_be_run)" || true ++ fi ++ exit 0 ++ fi ++} ++ ++check_dev_null() { ++ if [ ! -c /dev/null ]; then ++ if [ "$1" = log_end_msg ]; then ++ log_end_msg 1 || true ++ fi ++ if ! run_by_init; then ++ log_action_msg "/dev/null is not a character device!" || true ++ fi ++ exit 1 ++ fi ++} ++ ++check_privsep_dir() { ++ # Create the PrivSep empty dir if necessary ++ if [ ! -d /run/hpnsshd ]; then ++ mkdir /run/hpnsshd ++ chmod 0755 /run/hpnsshd ++ fi ++} ++ ++check_config() { ++ if [ ! -e /etc/hpnssh/sshd_not_to_be_run ]; then ++ # shellcheck disable=SC2086 ++ /usr/sbin/hpnsshd $SSHD_OPTS -t || exit 1 ++ fi ++} ++ ++export PATH="${PATH:+$PATH:}/usr/sbin:/sbin" ++ ++case "$1" in ++ start) ++ check_privsep_dir ++ check_for_no_start ++ check_dev_null ++ log_daemon_msg "Starting HPN/OpenBSD Secure Shell server" "hpnsshd" || true ++ # shellcheck disable=SC2086 ++ if start-stop-daemon --start --quiet --oknodo --chuid 0:0 --pidfile /run/hpnsshd.pid --exec /usr/sbin/hpnsshd -- $SSHD_OPTS; then ++ log_end_msg 0 || true ++ else ++ log_end_msg 1 || true ++ fi ++ ;; ++ stop) ++ log_daemon_msg "Stopping HPN/OpenBSD Secure Shell server" "hpnsshd" || true ++ if start-stop-daemon --stop --quiet --oknodo --pidfile /run/hpnsshd.pid --exec /usr/sbin/hpnsshd; then ++ log_end_msg 0 || true ++ else ++ log_end_msg 1 || true ++ fi ++ ;; ++ ++ ++ reload|force-reload) ++ check_for_no_start ++ check_config ++ log_daemon_msg "Reloading HPN/OpenBSD Secure Shell server's configuration" "hpnsshd" || true ++ if start-stop-daemon --stop --signal 1 --quiet --oknodo --pidfile /run/hpnsshd.pid --exec /usr/sbin/hpnsshd; then ++ log_end_msg 0 || true ++ else ++ log_end_msg 1 || true ++ fi ++ ;; ++ ++ ++ restart) ++ check_privsep_dir ++ check_config ++ log_daemon_msg "Restarting HPN/OpenBSD Secure Shell server" "hpnsshd" || true ++ start-stop-daemon --stop --quiet --oknodo --retry 30 --pidfile /run/hpnsshd.pid --exec /usr/sbin/hpnsshd ++ check_for_no_start log_end_msg ++ check_dev_null log_end_msg ++ # shellcheck disable=SC2086 ++ if start-stop-daemon --start --quiet --oknodo --chuid 0:0 --pidfile /run/hpnsshd.pid --exec /usr/sbin/hpnsshd -- $SSHD_OPTS; then ++ log_end_msg 0 || true ++ else ++ log_end_msg 1 || true ++ fi ++ ;; ++ ++ ++ try-restart) ++ check_privsep_dir ++ check_config ++ log_daemon_msg "Restarting HPN/OpenBSD Secure Shell server" "hpnsshd" || true ++ RET=0 ++ start-stop-daemon --stop --quiet --retry 30 --pidfile /run/hpnsshd.pid --exec /usr/sbin/hpnsshd || RET="$?" ++ case $RET in ++ 0) ++ # old daemon stopped ++ check_for_no_start log_end_msg ++ check_dev_null log_end_msg ++ # shellcheck disable=SC2086 ++ if start-stop-daemon --start --quiet --oknodo --chuid 0:0 --pidfile /run/hpnsshd.pid --exec /usr/sbin/hpnsshd -- $SSHD_OPTS; then ++ log_end_msg 0 || true ++ else ++ log_end_msg 1 || true ++ fi ++ ;; ++ 1) ++ # daemon not running ++ log_progress_msg "(not running)" || true ++ log_end_msg 0 || true ++ ;; ++ *) ++ # failed to stop ++ log_progress_msg "(failed to stop)" || true ++ log_end_msg 1 || true ++ ;; ++ esac ++ ;; ++ ++ ++ status) ++ status_of_proc -p /run/hpnsshd.pid /usr/sbin/hpnsshd hpnsshd && exit 0 || exit $? ++ ;; ++ ++ ++ *) ++ log_action_msg "Usage: /etc/init.d/hpnssh {start|stop|reload|force-reload|restart|try-restart|status}" || true ++ exit 1 ++esac ++ ++exit 0 ++ ++ ++Step 10: Working with SELinux. ++ ++If you are using SELinux you’ll need to run a few more commands in order to grant hpnssh the ++necessary exceptions to open sockets, files, read keys, and so forth. Run the following commands ++to allow this. Note, I’m not sure every single one of these is needed so if someone knows better ++please let me know. Again, double check the paths of the files being updated. ++ ++semanage fcontext -a -f f -t sshd_key_t /etc/hpnssh/ssh_host_dsa_key ++semanage fcontext -a -f f -t sshd_key_t /etc/hpnssh/ssh_host_rsa_key ++semanage fcontext -a -f f -t sshd_key_t /etc/hpnssh/ssh_host_ecdsa_key ++semanage fcontext -a -f f -t sshd_key_t /etc/hpnssh/ssh_host_ed25519_key ++semanage fcontext -a -f f -t sshd_key_t /etc/hpnssh/ssh_host_dsa_key.pub ++semanage fcontext -a -f f -t sshd_key_t /etc/hpnssh/ssh_host_rsa_key.pub ++semanage fcontext -a -f f -t sshd_key_t /etc/hpnssh/ssh_host_ecdsa_key.pub ++semanage fcontext -a -f f -t sshd_key_t /etc/hpnssh/ssh_host_ed25519_key.pub ++semanage fcontext -a -f f -t sshd_exec_t /usr/sbin/hpnsshd ++semanage fcontext -a -f f -t sshd_keygen_exec_t /usr/libexec/hpnssh/hpnsshd-keygen ++semanage fcontext -a -f f -t bin_t /usr/libexec/hpnssh/hpnsftp-server ++semanage fcontext -a -f f -t ssh_exec_t /usr/bin/hpnssh ++semanage fcontext -a -f f -t ssh_agent_exec_t /usr/bin/hpnssh-agent ++semanage fcontext -a -f f -t ssh_keygen_exec_t /usr/bin/hpnssh-keygen ++semanage fcontext -a -f f -t etc_t /etc/pam.d/hpnsshd ++semanage port -a -t ssh_port_t -p tcp 2222 ++restorecon /usr/sbin/hpnsshd ++restorecon /etc/hpnssh/ssh*_key ++restorecon /etc/hpnssh/ssh*_key\.pub ++restorecon /usr/libexec/hpnssh/hpnsshd-keygen ++restorecon /usr/libexec/hpnssh/hpnsftp-server ++restorecon /usr/bin/hpnssh ++restorecon /usr/bin/hpnssh-agent ++restorecon /usr/bin/hpnssh-keygen ++restorecon /etc/pam.d/hpnsshd +diff -Nur openssh-9.6p1.orig/kex.c openssh-9.6p1/kex.c +--- openssh-9.6p1.orig/kex.c 2024-07-10 13:32:39.570111725 +0200 ++++ openssh-9.6p1/kex.c 2024-07-10 13:34:02.720358594 +0200 +@@ -65,6 +65,7 @@ + + #include "ssherr.h" + #include "sshbuf.h" ++#include "canohost.h" + #include "digest.h" + #include "xmalloc.h" + #include "audit.h" +@@ -1037,11 +1038,68 @@ + free(kex); + } + ++/* ++ * This function seeks through a comma-separated list and checks for instances ++ * of the multithreaded CC20 cipher. If found, it then ensures that the serial ++ * CC20 cipher is also in the list, adding it if necessary. ++ */ ++char * ++patch_list(char * orig) ++{ ++ char * adj = xstrdup(orig); ++ char * match; ++ u_int next; ++ ++ const char * ccpstr = "chacha20-poly1305@openssh.com"; ++ const char * ccpmtstr = "chacha20-poly1305-mt@hpnssh.org"; ++ ++ match = match_list(ccpmtstr, orig, &next); ++ if (match != NULL) { /* CC20-MT found in the list */ ++ free(match); ++ match = match_list(ccpstr, orig, NULL); ++ if (match == NULL) { /* CC20-Serial NOT found in the list */ ++ adj = xreallocarray(adj, ++ strlen(adj) /* original string length */ ++ + 1 /* for the original null-terminator */ ++ + strlen(ccpstr) /* make room for ccpstr */ ++ + 1 /* make room for the comma delimiter */ ++ , sizeof(char)); ++ /* ++ * adj[next] points to the character after the CC20-MT ++ * string. adj[next] might be ',' or '\0' at this point. ++ */ ++ adj[next] = ','; ++ /* adj + next + 1 is the character after that comma */ ++ memcpy(adj + next + 1, ccpstr, strlen(ccpstr)); ++ /* rewrite the rest of the original list */ ++ memcpy(adj + next + 1 + strlen(ccpstr), orig + next, ++ strlen(orig + next) + 1); ++ } else { /* CC20-Serial found in the list, nothing to do */ ++ free(match); ++ } ++ } ++ ++ return adj; ++} ++ + int + kex_ready(struct ssh *ssh, char *proposal[PROPOSAL_MAX]) + { + int r; + ++#ifdef WITH_OPENSSL ++ proposal[PROPOSAL_ENC_ALGS_CTOS] = ++ patch_list(proposal[PROPOSAL_ENC_ALGS_CTOS]); ++ proposal[PROPOSAL_ENC_ALGS_STOC] = ++ patch_list(proposal[PROPOSAL_ENC_ALGS_STOC]); ++ ++ /* ++ * TODO: Likely memory leak here. The original contents of ++ * proposal[PROPOSAL_ENC_ALGS_CTOS] are no longer accessible or ++ * freeable. ++ */ ++#endif ++ + if ((r = kex_prop2buf(ssh->kex->my, proposal)) != 0) + return r; + ssh->kex->flags = KEX_INITIAL; +@@ -1240,6 +1298,11 @@ + int nenc, nmac, ncomp; + u_int mode, ctos, need, dh_need, authlen; + int r, first_kex_follows; ++ int auth_flag = 0; ++ int log_flag = 0; ++ ++ auth_flag = packet_authentication_state(ssh); ++ debug("AUTH STATE IS %d", auth_flag); + + debug2("local %s KEXINIT proposal", kex->server ? "server" : "client"); + if ((r = kex_buf2prop(kex->my, NULL, &my)) != 0) +@@ -1316,6 +1379,31 @@ + peer[nenc] = NULL; + goto out; + } ++#ifdef WITH_OPENSSL ++ if ((strcmp(newkeys->enc.name, "chacha20-poly1305@openssh.com") ++ == 0) && (match_list("chacha20-poly1305-mt@hpnssh.org", ++ my[nenc], NULL) != NULL)) { ++ /* ++ * if we're using the serial CC20 cipher while the ++ * multithreaded implementation is an option... ++ */ ++ free(newkeys->enc.name); ++ newkeys->enc.cipher = cipher_by_name( ++ "chacha20-poly1305-mt@hpnssh.org"); ++ if (newkeys->enc.cipher == NULL) { ++ error_f("%s cipher not found.", ++ "chacha20-poly1305-mt@hpnssh.org"); ++ r = SSH_ERR_INTERNAL_ERROR; ++ kex->failed_choice = peer[nenc]; ++ peer[nenc] = NULL; ++ goto out; ++ } else { ++ newkeys->enc.name = xstrdup( ++ "chacha20-poly1305-mt@hpnssh.org"); ++ } ++ /* we promote to the multithreaded implementation */ ++ } ++#endif + authlen = cipher_authlen(newkeys->enc.cipher); + /* ignore mac for authenticated encryption */ + if (authlen == 0 && +@@ -1331,11 +1419,43 @@ + peer[ncomp] = NULL; + goto out; + } ++ debug("REQUESTED ENC.NAME is '%s'", newkeys->enc.name); ++ debug("REQUESTED MAC.NAME is '%s'", newkeys->mac.name); ++ if (strcmp(newkeys->enc.name, "none") == 0) { ++ if (auth_flag == 1) { ++ debug("None requested post authentication."); ++ ssh->none = 1; ++ } ++ else ++ fatal("Pre-authentication none cipher requests are not allowed."); ++ ++ if (newkeys->mac.name != NULL && strcmp(newkeys->mac.name, "none") == 0) { ++ debug("Requesting: NONEMAC. Authflag is %d", auth_flag); ++ ssh->none_mac = 1; ++ } ++ } ++ + debug("kex: %s cipher: %s MAC: %s compression: %s", + ctos ? "client->server" : "server->client", + newkeys->enc.name, + authlen == 0 ? newkeys->mac.name : "", + newkeys->comp.name); ++ /* ++ * client starts with ctos = 0 && log flag = 0 and no log. ++ * 2nd client pass ctos = 1 and flag = 1 so no log. ++ * server starts with ctos = 1 && log_flag = 0 so log. ++ * 2nd sever pass ctos = 1 && log flag = 1 so no log. ++ * -cjr ++ */ ++ if (ctos && !log_flag) { ++ logit("SSH: Server;Ltype: Kex;Remote: %s-%d;Enc: %s;MAC: %s;Comp: %s", ++ ssh_remote_ipaddr(ssh), ++ ssh_remote_port(ssh), ++ newkeys->enc.name, ++ authlen == 0 ? newkeys->mac.name : "", ++ newkeys->comp.name); ++ } ++ log_flag = 1; + } + need = dh_need = 0; + for (mode = 0; mode < MODE_MAX; mode++) { +@@ -1683,7 +1803,7 @@ + if (version_addendum != NULL && *version_addendum == '\0') + version_addendum = NULL; + if ((r = sshbuf_putf(our_version, "SSH-%d.%d-%s%s%s\r\n", +- PROTOCOL_MAJOR_2, PROTOCOL_MINOR_2, SSH_VERSION, ++ PROTOCOL_MAJOR_2, PROTOCOL_MINOR_2, SSH_RELEASE, + version_addendum == NULL ? "" : " ", + version_addendum == NULL ? "" : version_addendum)) != 0) { + oerrno = errno; +@@ -1819,9 +1939,24 @@ + r = SSH_ERR_INVALID_FORMAT; + goto out; + } ++ ++ /* report the version information to syslog if this is the server */ ++ if (timeout_ms == -1) { /* only the server uses this value */ ++ logit("SSH: Server;Ltype: Version;Remote: %s-%d;Protocol: %d.%d;Client: %.100s", ++ ssh_remote_ipaddr(ssh), ssh_remote_port(ssh), ++ remote_major, remote_minor, remote_version); ++ } ++ + debug("Remote protocol version %d.%d, remote software version %.100s", + remote_major, remote_minor, remote_version); + compat_banner(ssh, remote_version); ++ if (ssh->compat & SSH_HPNSSH) ++ debug("HPN to HPN Connection."); ++ else ++ debug("Non-HPN to HPN Connection."); ++ ++ if(ssh->compat & SSH_RESTRICT_WINDOW) ++ debug ("Window size restricted."); + + mismatch = 0; + switch (remote_major) { +diff -Nur openssh-9.6p1.orig/mac.c openssh-9.6p1/mac.c +--- openssh-9.6p1.orig/mac.c 2024-07-10 13:32:39.542111642 +0200 ++++ openssh-9.6p1/mac.c 2024-07-10 13:34:02.720358594 +0200 +@@ -63,6 +63,7 @@ + { "hmac-sha2-512", SSH_DIGEST, SSH_DIGEST_SHA512, 0, 0, 0, 0 }, + { "hmac-md5", SSH_DIGEST, SSH_DIGEST_MD5, 0, 0, 0, 0 }, + { "hmac-md5-96", SSH_DIGEST, SSH_DIGEST_MD5, 96, 0, 0, 0 }, ++ { "none", SSH_DIGEST, SSH_DIGEST_NULL, 0, 0, 0, 0 }, + { "umac-64@openssh.com", SSH_UMAC, 0, 0, 128, 64, 0 }, + { "umac-128@openssh.com", SSH_UMAC128, 0, 0, 128, 128, 0 }, + +diff -Nur openssh-9.6p1.orig/Makefile.in openssh-9.6p1/Makefile.in +--- openssh-9.6p1.orig/Makefile.in 2024-07-10 13:32:39.597111805 +0200 ++++ openssh-9.6p1/Makefile.in 2024-07-10 13:34:02.721358597 +0200 +@@ -49,7 +49,7 @@ + CFLAGS_NOPIE=@CFLAGS_NOPIE@ + CPPFLAGS=-I. -I$(srcdir) @CPPFLAGS@ $(PATHS) @DEFS@ + PICFLAG=@PICFLAG@ +-LIBS=@LIBS@ ++LIBS=@LIBS@ -lpthread + CHANNELLIBS=@CHANNELLIBS@ + K5LIBS=@K5LIBS@ + GSSLIBS=@GSSLIBS@ +@@ -97,7 +97,7 @@ + LIBSSH_OBJS=${LIBOPENSSH_OBJS} \ + authfd.o authfile.o \ + canohost.o channels.o cipher.o cipher-aes.o cipher-aesctr.o \ +- cleanup.o \ ++ cleanup.o cipher-ctr-mt.o \ + compat.o fatal.o hostfile.o \ + log.o match.o moduli.o nchan.o packet.o \ + readpass.o ttymodes.o xmalloc.o addr.o addrmatch.o \ +@@ -107,6 +107,7 @@ + msg.o progressmeter.o dns.o entropy.o gss-genr.o umac.o umac128.o \ + ssh-pkcs11.o ssh-pkcs11-uri.o smult_curve25519_ref.o \ + poly1305.o chacha.o cipher-chachapoly.o cipher-chachapoly-libcrypto.o \ ++ cipher-chachapoly-libcrypto-mt.o \ + ssh-ed25519.o digest-openssl.o digest-libc.o \ + hmac.o ed25519.o hash.o \ + kex.o kexdh.o kexgex.o kexecdh.o kexc25519.o \ +@@ -114,12 +115,13 @@ + kexsntrup761x25519.o sntrup761.o kexgen.o \ + kexgssc.o \ + sftp-realpath.o platform-pledge.o platform-tracing.o platform-misc.o \ +- sshbuf-io.o auditstub.o ++ sshbuf-io.o auditstub.o metrics.o binn.o cipher-ctr-mt-provider.o \ ++ cipher-ctr-mt-functions.o ossl3-provider-err.o num.o + + SKOBJS= ssh-sk-client.o + + SSHOBJS= ssh.o readconf.o clientloop.o sshtty.o \ +- sshconnect.o sshconnect2.o mux.o $(SKOBJS) ++ sshconnect.o sshconnect2.o mux.o cipher-switch.o $(SKOBJS) + + SSHDOBJS=sshd.o auth-rhosts.o auth-passwd.o \ + audit.o audit-bsm.o audit-linux.o platform.o \ +@@ -135,7 +137,7 @@ + srclimit.o sftp-server.o sftp-common.o \ + sandbox-null.o sandbox-rlimit.o sandbox-systrace.o sandbox-darwin.o \ + sandbox-seccomp-filter.o sandbox-capsicum.o sandbox-pledge.o \ +- sandbox-solaris.o uidswap.o $(SKOBJS) ++ sandbox-solaris.o uidswap.o cipher-switch.o $(SKOBJS) + + SFTP_CLIENT_OBJS=sftp-common.o sftp-client.o sftp-glob.o + +@@ -214,7 +216,7 @@ + $(LD) -o $@ $(SSHDOBJS) $(LDFLAGS) -lssh -lopenbsd-compat $(SSHDLIBS) $(LIBS) $(GSSLIBS) $(K5LIBS) $(CHANNELLIBS) + + scp$(EXEEXT): $(LIBCOMPAT) libssh.a $(SCP_OBJS) +- $(LD) -o $@ $(SCP_OBJS) $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS) ++ $(LD) -o $@ $(SCP_OBJS) $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS) $(CHANNELLIBS) + + ssh-add$(EXEEXT): $(LIBCOMPAT) libssh.a $(SSHADD_OBJS) + $(LD) -o $@ $(SSHADD_OBJS) $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS) $(CHANNELLIBS) +diff -Nur openssh-9.6p1.orig/metrics.c openssh-9.6p1/metrics.c +--- openssh-9.6p1.orig/metrics.c 1970-01-01 01:00:00.000000000 +0100 ++++ openssh-9.6p1/metrics.c 2024-07-10 13:34:02.721358597 +0200 +@@ -0,0 +1,444 @@ ++/* ++ * Copyright (c) 2022 The Board of Trustees of Carnegie Mellon University. ++ * ++ * Author: Chris Rapier ++ * ++ * This library is free software; you can redistribute it and/or modify it ++ * under the terms of the MIT License. ++ * ++ * This library is distributed in the hope that it will be useful, but WITHOUT ++ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or ++ * FITNESS FOR A PARTICULAR PURPOSE. See the MIT License for more details. ++ * ++ * You should have received a copy of the MIT License along with this library; ++ * if not, see http://opensource.org/licenses/MIT. ++ * ++ */ ++ ++#include "includes.h" ++#include "metrics.h" ++#include "ssherr.h" ++#include ++#include ++#if defined(__linux__) && !defined(__alpine__) ++#include ++#endif ++ ++#ifndef KERNEL_VERSION /* shouldn't be necessary to define this */ ++#define KERNEL_VERSION(a,b,c) (((a) <<16) + ((b) << 8) +(c)) ++#endif ++ ++/* add the information from the tcp_info struct to the ++ * serialized binary object ++ */ ++void ++metrics_write_binn_object(struct tcp_info *data, struct binn_struct *binnobj) { ++#if !defined TCP_INFO ++ /*tcp info isn't supported on this system */ ++ return; ++#else ++ ++/* the base set of tcpi_ measurements starting from kernel 3.7.0 ++ * these measurements existed in previous kernels but the oldest this ++ * is going to support is 3.7.0. We do need to store the kernel version as well */ ++ ++/* obvioulsy the version code macro only exists under linux so ++ * on non linux systems we set the kernel version to 0 ++ * which will get us the base set of metrics from netinet/tcp.h ++ */ ++#if (defined __linux__) && !defined(__alpine__) ++ binn_object_set_uint32(binnobj, "kernel_version", LINUX_VERSION_CODE); ++#else ++ binn_object_set_uint32(binnobj, "kernel_version", 0); ++#endif ++ ++ /* the following are common under both linux and BSD */ ++ binn_object_set_uint8(binnobj, "tcpi_snd_wscale", ++ data->tcpi_snd_wscale); ++ binn_object_set_uint8(binnobj, "tcpi_rcv_wscale", ++ data->tcpi_rcv_wscale); ++ binn_object_set_uint8(binnobj, "tcpi_state", ++ data->tcpi_state); ++ binn_object_set_uint8(binnobj, "tcpi_options", ++ data->tcpi_options); ++ binn_object_set_uint32(binnobj, "tcpi_snd_ssthresh", ++ data->tcpi_snd_ssthresh); ++ binn_object_set_uint32(binnobj, "tcpi_rtt", ++ data->tcpi_rtt); ++ binn_object_set_uint32(binnobj, "tcpi_last_data_recv", ++ data->tcpi_last_data_recv); ++ binn_object_set_uint32(binnobj, "tcpi_rttvar", ++ data->tcpi_rttvar); ++ binn_object_set_uint32(binnobj, "tcpi_snd_cwnd", ++ data->tcpi_snd_cwnd); ++ binn_object_set_uint32(binnobj, "tcpi_rcv_mss", ++ data->tcpi_rcv_mss); ++ binn_object_set_uint32(binnobj, "tcpi_rto", ++ data->tcpi_rto); ++ binn_object_set_uint32(binnobj, "tcpi_snd_mss", ++ data->tcpi_snd_mss); ++ binn_object_set_uint32(binnobj, "tcpi_rcv_space", ++ data->tcpi_rcv_space); ++ ++/* the following exist under both but with different names */ ++#ifdef __linux__ ++ binn_object_set_uint8(binnobj, "tcpi_ca_state", ++ data->tcpi_ca_state); ++ binn_object_set_uint8(binnobj, "tcpi_probes", ++ data->tcpi_probes); ++ binn_object_set_uint8(binnobj, "tcpi_backoff", ++ data->tcpi_backoff); ++ binn_object_set_uint8(binnobj, "tcpi_retransmits", ++ data->tcpi_retransmits); ++ binn_object_set_uint32(binnobj, "tcpi_rcv_ssthresh", ++ data->tcpi_rcv_ssthresh); ++ binn_object_set_uint32(binnobj, "tcpi_sacked", ++ data->tcpi_sacked); ++ binn_object_set_uint32(binnobj, "tcpi_pmtu", ++ data->tcpi_pmtu); ++ binn_object_set_uint32(binnobj, "tcpi_fackets", ++ data->tcpi_fackets); ++ binn_object_set_uint32(binnobj, "tcpi_lost", ++ data->tcpi_lost); ++ binn_object_set_uint32(binnobj, "tcpi_last_ack_sent", ++ data->tcpi_last_ack_sent); ++ binn_object_set_uint32(binnobj, "tcpi_unacked", ++ data->tcpi_unacked); ++ binn_object_set_uint32(binnobj, "tcpi_last_data_sent", ++ data->tcpi_last_data_sent); ++ binn_object_set_uint32(binnobj, "tcpi_last_ack_recv", ++ data->tcpi_last_ack_recv); ++ binn_object_set_uint32(binnobj, "tcpi_reordering", ++ data->tcpi_reordering); ++ binn_object_set_uint32(binnobj, "tcpi_advmss", ++ data->tcpi_advmss); ++ binn_object_set_uint32(binnobj, "tcpi_retrans", ++ data->tcpi_retrans); ++ binn_object_set_uint32(binnobj, "tcpi_ato", ++ data->tcpi_ato); ++ binn_object_set_uint32(binnobj, "tcpi_rcv_rtt", ++ data->tcpi_rcv_rtt); ++#else ++ binn_object_set_uint8(binnobj, "tcpi_backoff", ++ data->__tcpi_backoff); ++ binn_object_set_uint8(binnobj, "tcpi_ca_state", ++ data->__tcpi_ca_state); ++ binn_object_set_uint8(binnobj, "tcpi_probes", ++ data->__tcpi_probes); ++ binn_object_set_uint8(binnobj, "tcpi_retransmits", ++ data->__tcpi_retransmits); ++ binn_object_set_uint32(binnobj, "tcpi_rcv_ssthresh", ++ data->__tcpi_rcv_ssthresh); ++ binn_object_set_uint32(binnobj, "tcpi_sacked", ++ data->__tcpi_sacked); ++ binn_object_set_uint32(binnobj, "tcpi_pmtu", ++ data->__tcpi_pmtu); ++ binn_object_set_uint32(binnobj, "tcpi_fackets", ++ data->__tcpi_fackets); ++ binn_object_set_uint32(binnobj, "tcpi_lost", ++ data->__tcpi_lost); ++ binn_object_set_uint32(binnobj, "tcpi_last_ack_sent", ++ data->__tcpi_last_ack_sent); ++ binn_object_set_uint32(binnobj, "tcpi_unacked", ++ data->__tcpi_unacked); ++ binn_object_set_uint32(binnobj, "tcpi_last_data_sent", ++ data->__tcpi_last_data_sent); ++ binn_object_set_uint32(binnobj, "tcpi_last_ack_recv", ++ data->__tcpi_last_ack_recv); ++ binn_object_set_uint32(binnobj, "tcpi_reordering", ++ data->__tcpi_reordering); ++ binn_object_set_uint32(binnobj, "tcpi_advmss", ++ data->__tcpi_advmss); ++ binn_object_set_uint32(binnobj, "tcpi_retrans", ++ data->__tcpi_retrans); ++ binn_object_set_uint32(binnobj, "tcpi_ato", ++ data->__tcpi_ato); ++ binn_object_set_uint32(binnobj, "tcpi_rcv_rtt", ++ data->__tcpi_rcv_rtt); ++#endif ++ ++/* Under BSD snd_rexmitpack is the same as linux total_retrans*/ ++#ifdef __linux__ ++ binn_object_set_uint32(binnobj, "tcpi_total_retrans", ++ data->tcpi_total_retrans); ++#else ++ binn_object_set_uint32(binnobj, "tcpi_total_retrans", ++ data->tcpi_snd_rexmitpack); ++#endif ++ ++/* The last section are for kernel specific metrics in linux */ ++#ifdef __linux__ ++#if LINUX_VERSION_CODE >= KERNEL_VERSION(3,15,0) ++ binn_object_set_uint64(binnobj, "tcpi_max_pacing_rate", ++ data->tcpi_max_pacing_rate); ++ binn_object_set_uint64(binnobj, "tcpi_pacing_rate", ++ data->tcpi_pacing_rate); ++#endif ++ ++#if LINUX_VERSION_CODE >= KERNEL_VERSION(4,1,0) ++ binn_object_set_uint64(binnobj, "tcpi_bytes_acked", ++ data->tcpi_bytes_acked); ++ binn_object_set_uint64(binnobj, "tcpi_bytes_received", ++ data->tcpi_bytes_received); ++#endif ++ ++#if LINUX_VERSION_CODE >= KERNEL_VERSION(4,2,0) ++ binn_object_set_uint32(binnobj, "tcpi_segs_in", ++ data->tcpi_segs_in); ++ binn_object_set_uint32(binnobj, "tcpi_segs_out", ++ data->tcpi_segs_out); ++#endif ++ ++#if LINUX_VERSION_CODE >= KERNEL_VERSION(4,6,0) ++ binn_object_set_uint32(binnobj, "tcpi_notsent_bytes", ++ data->tcpi_notsent_bytes); ++ binn_object_set_uint32(binnobj, "tcpi_min_rtt", ++ data->tcpi_min_rtt); ++ binn_object_set_uint32(binnobj, "tcpi_data_segs_in", ++ data->tcpi_data_segs_in); ++ binn_object_set_uint32(binnobj, "tcpi_data_segs_out", ++ data->tcpi_data_segs_out); ++#endif ++ ++#if LINUX_VERSION_CODE >= KERNEL_VERSION(4,9,0) ++ binn_object_set_uint8(binnobj, "tcpi_delivery_rate_app_limited", ++ data->tcpi_delivery_rate_app_limited); ++ binn_object_set_uint64(binnobj, "tcpi_delivery_rate", ++ data->tcpi_delivery_rate); ++#endif ++ ++#if LINUX_VERSION_CODE >= KERNEL_VERSION(4,10,0) ++ binn_object_set_uint64(binnobj, "tcpi_busy_time", ++ data->tcpi_busy_time); ++ binn_object_set_uint64(binnobj, "tcpi_sndbuf_limited", ++ data->tcpi_sndbuf_limited); ++ binn_object_set_uint64(binnobj, "tcpi_rwnd_limited", ++ data->tcpi_rwnd_limited); ++#endif ++ ++#if LINUX_VERSION_CODE >= KERNEL_VERSION(4,18,0) ++ binn_object_set_uint32(binnobj, "tcpi_delivered", ++ data->tcpi_delivered); ++ binn_object_set_uint32(binnobj, "tcpi_delivered_ce", ++ data->tcpi_delivered_ce); ++#endif ++ ++#if LINUX_VERSION_CODE >= KERNEL_VERSION(4,19,0) ++ binn_object_set_uint64(binnobj, "tcpi_bytes_sent", ++ data->tcpi_bytes_sent); ++ binn_object_set_uint64(binnobj, "tcpi_bytes_retrans", ++ data->tcpi_bytes_retrans); ++ binn_object_set_uint32(binnobj, "tcpi_dsack_dups", ++ data->tcpi_dsack_dups); ++ binn_object_set_uint32(binnobj, "tcpi_reord_seen", ++ data->tcpi_reord_seen); ++#endif ++ ++#if LINUX_VERSION_CODE >= KERNEL_VERSION(5,4,0) ++ binn_object_set_uint32(binnobj, "tcpi_snd_wnd", ++ data->tcpi_snd_wnd); ++ binn_object_set_uint32(binnobj, "tcpi_rcv_ooopack", ++ data->tcpi_rcv_ooopack); ++#endif ++ ++#if LINUX_VERSION_CODE >= KERNEL_VERSION(5,5,0) ++ binn_object_set_uint8(binnobj, "tcpi_fastopen_client_fail", ++ data->tcpi_fastopen_client_fail); ++#endif ++#endif /*endif for #ifdef __linux__ */ ++#endif /*endif for TCP_INFO */ ++} ++ ++/* this reads out the tcp_info binn object and formats it into a single line ++ * the object will not necessarily have all of the elements. If it's empty it ++ * current just spits out 0. This isn't optimal as 0 can also be a valid value */ ++void ++metrics_read_binn_object (void *binnobj, char **output) { ++ int len = 0; ++ int buflen = 1023; ++ int kernel_version = 0; ++ if (binnobj == NULL) { ++ fprintf(stderr, "Metric polling returned bad data.\n"); ++ return; ++ } ++ kernel_version = binn_object_uint32(binnobj, "kernel_version"); ++ ++ /* base set of metrics */ ++ len = snprintf(*output, buflen, "%d, %d, %d, %d, %d, %d, %d, %d, %d, %d, %d, %d, %d, %d, %d, %d, %d, %d, %d, %d, %d, %d, %d, %d, %d, %d, %d, %d, %d, %d, %d, %d", ++ binn_object_uint8(binnobj, "tcpi_state"), ++ binn_object_uint8(binnobj, "tcpi_ca_state"), ++ binn_object_uint8(binnobj, "tcpi_retransmits"), ++ binn_object_uint8(binnobj, "tcpi_probes"), ++ binn_object_uint8(binnobj, "tcpi_backoff"), ++ binn_object_uint8(binnobj, "tcpi_options"), ++ binn_object_uint8(binnobj, "tcpi_snd_wscale"), ++ binn_object_uint8(binnobj, "tcpi_rcv_wscale"), ++ binn_object_uint32(binnobj, "tcpi_rto"), ++ binn_object_uint32(binnobj, "tcpi_ato"), ++ binn_object_uint32(binnobj, "tcpi_snd_mss"), ++ binn_object_uint32(binnobj, "tcpi_rcv_mss"), ++ binn_object_uint32(binnobj, "tcpi_unacked"), ++ binn_object_uint32(binnobj, "tcpi_sacked"), ++ binn_object_uint32(binnobj, "tcpi_lost"), ++ binn_object_uint32(binnobj, "tcpi_retrans"), ++ binn_object_uint32(binnobj, "tcpi_fackets"), ++ binn_object_uint32(binnobj, "tcpi_last_data_sent"), ++ binn_object_uint32(binnobj, "tcpi_last_ack_sent"), ++ binn_object_uint32(binnobj, "tcpi_last_data_recv"), ++ binn_object_uint32(binnobj, "tcpi_last_ack_recv"), ++ binn_object_uint32(binnobj, "tcpi_pmtu"), ++ binn_object_uint32(binnobj, "tcpi_rcv_ssthresh"), ++ binn_object_uint32(binnobj, "tcpi_rtt"), ++ binn_object_uint32(binnobj, "tcpi_rttvar"), ++ binn_object_uint32(binnobj, "tcpi_snd_ssthresh"), ++ binn_object_uint32(binnobj, "tcpi_snd_cwnd"), ++ binn_object_uint32(binnobj, "tcpi_advmss"), ++ binn_object_uint32(binnobj, "tcpi_reordering"), ++ binn_object_uint32(binnobj, "tcpi_rcv_rtt"), ++ binn_object_uint32(binnobj, "tcpi_rcv_space"), ++ binn_object_uint32(binnobj, "tcpi_total_retrans") ++ ); ++ ++ /* compare the received kernel version to the version that supports ++ * any given metric. This means that a remote host that has a different ++ * kernel that the local host will be able to process the data in terms of ++ * the remote kernel version. Only necessary under linux*/ ++#ifdef __linux__ ++ if (kernel_version >= KERNEL_VERSION(3,15,0)) { ++ len += snprintf(*output+len, (buflen-len), ", %llu, %llu", ++ binn_object_uint64(binnobj, "tcpi_max_pacing_rate"), ++ binn_object_uint64(binnobj, "tcpi_pacing_rate") ++ ); ++ } ++ ++ if (kernel_version >= KERNEL_VERSION(4,1,0)) { ++ len += snprintf(*output+len, (buflen-len), ", %llu, %llu", ++ binn_object_uint64(binnobj, "tcpi_bytes_acked"), ++ binn_object_uint64(binnobj, "tcpi_bytes_received") ++ ); ++ } ++ ++ if (kernel_version >= KERNEL_VERSION(4,2,0)) { ++ len += snprintf(*output+len, (buflen-len), ", %d, %d", ++ binn_object_uint32(binnobj, "tcpi_segs_in"), ++ binn_object_uint32(binnobj, "tcpi_segs_out") ++ ); ++ } ++ ++ if (kernel_version >= KERNEL_VERSION(4,6,0)) { ++ len += snprintf(*output+len, (buflen-len), ", %d, %d, %d, %d", ++ binn_object_uint32(binnobj, "tcpi_notsent_bytes"), ++ binn_object_uint32(binnobj, "tcpi_min_rtt"), ++ binn_object_uint32(binnobj, "tcpi_data_segs_in"), ++ binn_object_uint32(binnobj, "tcpi_data_segs_out") ++ ); ++ } ++ ++ if (kernel_version >= KERNEL_VERSION(4,9,0)) { ++ len += snprintf(*output+len, (buflen-len), ", %d, %llu", ++ binn_object_uint8(binnobj, "tcpi_delivery_rate_app_limited"), ++ binn_object_uint64(binnobj, "tcpi_delivery_rate") ++ ); ++ } ++ ++ if (kernel_version >= KERNEL_VERSION(4,10,0)) { ++ len += snprintf(*output+len, (buflen-len), ", %llu, %llu, %llu", ++ binn_object_uint64(binnobj, "tcpi_busy_time"), ++ binn_object_uint64(binnobj, "tcpi_sndbuf_limited"), ++ binn_object_uint64(binnobj, "tcpi_rwnd_limited") ++ ); ++ } ++ ++ if (kernel_version >= KERNEL_VERSION(4,18,0)) { ++ len += snprintf(*output+len, (buflen-len), ", %d, %d", ++ binn_object_uint32(binnobj, "tcpi_delivered"), ++ binn_object_uint32(binnobj, "tcpi_delivered_ce") ++ ); ++ } ++ ++ if (kernel_version >= KERNEL_VERSION(4,19,0)) { ++ len += snprintf(*output+len, (buflen-len), ", %llu, %llu, %d, %d", ++ binn_object_uint64(binnobj, "tcpi_bytes_sent"), ++ binn_object_uint64(binnobj, "tcpi_bytes_retrans"), ++ binn_object_uint32(binnobj, "tcpi_dsack_dups"), ++ binn_object_uint32(binnobj, "tcpi_reord_seen") ++ ); ++ } ++ ++ if (kernel_version >= KERNEL_VERSION(5,4,0)) { ++ len += snprintf(*output+len, (buflen-len), ", %d, %d", ++ binn_object_uint32(binnobj, "tcpi_snd_wnd"), ++ binn_object_uint32(binnobj, "tcpi_rcv_ooopack") ++ ); ++ } ++ ++ if (kernel_version >= KERNEL_VERSION(5,5,0)) { ++ len += snprintf(*output+len, (buflen-len), ", %d", ++ binn_object_uint8(binnobj, "tcpi_fastopen_client_fail") ++ ); ++ } ++#endif /* ifdef __linux__ */ ++} ++ ++/* Print out the header to the file so that the column header matches the ++ * data in the metrics object. That varies by kernel version so we have to ++ * do tests for each possible version where they added new values to tcp_info ++ * NOTE: This doesn't put the values/headers in the most useful order but the ++ * resulting file is probably going to get processed by something */ ++void ++metrics_print_header(FILE *fptr, char *extra_text, int kernel_version) { ++ if (extra_text != NULL) { ++ fprintf(fptr, "%s\n", extra_text); ++ } ++ fprintf(fptr, "timestamp, state, ca_state, retransmits, probes, backoff, options, "); ++ fprintf(fptr, "snd_wscale, rcv_wscale, rto, ato, snd_mss, rcv_mss, unacked, sacked, lost, retrans, "); ++ fprintf(fptr, "fackets, last_data_sent, last_ack_sent, last_data_recv, "); ++ fprintf(fptr, "last_ack_recv, pmtu, rcv_ssthresh, rtt, rttvar, snd_ssthresh, "); ++ fprintf(fptr, "snd_cwnd, advmss, reordering, rcv_rtt, rcv_space, total_retrans"); ++ ++ /* compare the received kernel version to the version that supports ++ * any given metric. This way we can print consistent headers. ++ * Only necessary under linux*/ ++#ifdef __linux__ ++ if (kernel_version >= KERNEL_VERSION(3,15,0)) { ++ fprintf(fptr, ", max_pacing_rate, pacing_rate"); ++ } ++ ++ if (kernel_version >= KERNEL_VERSION(4,1,0)) { ++ fprintf(fptr, ", bytes_acked, bytes_received"); ++ } ++ ++ if (kernel_version >= KERNEL_VERSION(4,2,0)) { ++ fprintf(fptr, ", segs_in, segs_out"); ++ } ++ ++ if (kernel_version >= KERNEL_VERSION(4,6,0)) { ++ fprintf(fptr, ", notsent_bytes, min_rtt, data_segs_in, data_seg_out"); ++ } ++ ++ if (kernel_version >= KERNEL_VERSION(4,9,0)) { ++ fprintf(fptr, ", delivery_rate_app_limited, delivery_rate"); ++ } ++ ++ if (kernel_version >= KERNEL_VERSION(4,10,0)) { ++ fprintf(fptr, ", busy_time, sndbuf_limited, rwnd_limited"); ++ } ++ ++ if (kernel_version >= KERNEL_VERSION(4,18,0)) { ++ fprintf(fptr, ", delivered, delivered_ce"); ++ } ++ ++ if (kernel_version >= KERNEL_VERSION(4,19,0)) { ++ fprintf(fptr, ", bytes_sent, bytes_retrans, dsack_dups, reord_seen"); ++ } ++ ++ if (kernel_version >= KERNEL_VERSION(5,4,0)) { ++ fprintf(fptr, ", snd_wnd, rcv_ooopack"); ++ } ++ ++ if (kernel_version >= KERNEL_VERSION(5,5,0)) { ++ fprintf(fptr, ", fastopen_client_fail"); ++ } ++#endif /* ifdef __linux__ */ ++ fprintf(fptr, "\n\n"); ++} +diff -Nur openssh-9.6p1.orig/metrics.h openssh-9.6p1/metrics.h +--- openssh-9.6p1.orig/metrics.h 1970-01-01 01:00:00.000000000 +0100 ++++ openssh-9.6p1/metrics.h 2024-07-10 13:34:02.721358597 +0200 +@@ -0,0 +1,45 @@ ++/* ++ * Copyright (c) 2022 The Board of Trustees of Carnegie Mellon University. ++ * ++ * Author: Chris Rapier ++ * ++ * This library is free software; you can redistribute it and/or modify it ++ * under the terms of the MIT License. ++ * ++ * This library is distributed in the hope that it will be useful, but WITHOUT ++ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or ++ * FITNESS FOR A PARTICULAR PURPOSE. See the MIT License for more details. ++ * ++ * You should have received a copy of the MIT License along with this library; ++ * if not, see http://opensource.org/licenses/MIT. ++ * ++ */ ++ ++#ifndef METRICS_H ++#define METRICS_H ++ ++#include "binn.h" ++ ++/* linux, freebsd, and netbsd have tcp_info structs. ++ * I don't know about other systems so we disable this ++ * functionality for them */ ++#if defined __linux__ || defined __FreeBSD__ || defined __NetBSD__ && !defined(__alpine__) ++#define TCP_INFO 1 ++#if defined __linux__ && !defined(__alpine__) ++#include ++#else ++#include ++#endif ++#else ++/* make a null struct for tcp_info on systems that don't support it*/ ++typedef struct tcp_info { ++ void *dummy; ++} tcp_info; ++#endif ++ ++void metrics_write_binn_object(struct tcp_info *, struct binn_struct *); ++void metrics_read_binn_object(void *, char **); ++void metrics_print_header(FILE *, char *, int); ++ ++ ++#endif /* define metrics_h */ +diff -Nur openssh-9.6p1.orig/misc.c openssh-9.6p1/misc.c +--- openssh-9.6p1.orig/misc.c 2024-07-10 13:32:39.597111805 +0200 ++++ openssh-9.6p1/misc.c 2024-07-10 13:34:02.722358600 +0200 +@@ -77,6 +77,29 @@ + #include "ssherr.h" + #include "platform.h" + ++void ++read_mem_stats(statm_t *result, int post_auth) ++{ ++ if (!post_auth) ++ return; ++ ++ const char* statm_path = "/proc/self/statm"; ++ ++ FILE *f = fopen(statm_path,"r"); ++ if(!f){ ++ perror(statm_path); ++ abort(); ++ } ++ if(7 != fscanf(f,"%lu %lu %lu %lu %lu %lu %lu", ++ &result->size, &result->resident, &result->share, &result->text, &result->lib, ++ &result->data, &result->dt)) ++ { ++ perror(statm_path); ++ abort(); ++ } ++ fclose(f); ++} ++ + /* remove newline at end of string */ + char * + chop(char *s) +@@ -1635,20 +1658,6 @@ + return (v); + } + +-u_int32_t +-get_u32_le(const void *vp) +-{ +- const u_char *p = (const u_char *)vp; +- u_int32_t v; +- +- v = (u_int32_t)p[0]; +- v |= (u_int32_t)p[1] << 8; +- v |= (u_int32_t)p[2] << 16; +- v |= (u_int32_t)p[3] << 24; +- +- return (v); +-} +- + u_int16_t + get_u16(const void *vp) + { +@@ -1688,17 +1697,6 @@ + } + + void +-put_u32_le(void *vp, u_int32_t v) +-{ +- u_char *p = (u_char *)vp; +- +- p[0] = (u_char)v & 0xff; +- p[1] = (u_char)(v >> 8) & 0xff; +- p[2] = (u_char)(v >> 16) & 0xff; +- p[3] = (u_char)(v >> 24) & 0xff; +-} +- +-void + put_u16(void *vp, u_int16_t v) + { + u_char *p = (u_char *)vp; +diff -Nur openssh-9.6p1.orig/misc.h openssh-9.6p1/misc.h +--- openssh-9.6p1.orig/misc.h 2024-07-10 13:32:39.598111808 +0200 ++++ openssh-9.6p1/misc.h 2024-07-10 13:34:02.722358600 +0200 +@@ -158,12 +158,6 @@ + void put_u16(void *, u_int16_t) + __attribute__((__bounded__( __minbytes__, 1, 2))); + +-/* Little-endian store/load, used by umac.c */ +-u_int32_t get_u32_le(const void *) +- __attribute__((__bounded__(__minbytes__, 1, 4))); +-void put_u32_le(void *, u_int32_t) +- __attribute__((__bounded__(__minbytes__, 1, 4))); +- + struct bwlimit { + size_t buflen; + u_int64_t rate; /* desired rate in kbit/s */ +@@ -248,4 +242,16 @@ + /* On OpenBSD time_t is int64_t which is long long. */ + /* #define SSH_TIME_T_MAX LLONG_MAX */ + ++typedef struct statm_t { ++ unsigned long size; ++ unsigned long resident; ++ unsigned long share; ++ unsigned long text; ++ unsigned long lib; ++ unsigned long data; ++ unsigned long dt; ++} statm_t; ++ ++void read_mem_stats(struct statm_t *, int); ++ + #endif /* _MISC_H */ +diff -Nur openssh-9.6p1.orig/myproposal.h openssh-9.6p1/myproposal.h +--- openssh-9.6p1.orig/myproposal.h 2024-07-10 13:32:39.557111687 +0200 ++++ openssh-9.6p1/myproposal.h 2024-07-10 13:34:02.722358600 +0200 +@@ -69,6 +69,7 @@ + "rsa-sha2-256" + + #define KEX_SERVER_ENCRYPT \ ++ "chacha20-poly1305-mt@hpnssh.org," \ + "chacha20-poly1305@openssh.com," \ + "aes128-ctr,aes192-ctr,aes256-ctr," \ + "aes128-gcm@openssh.com,aes256-gcm@openssh.com" +diff -Nur openssh-9.6p1.orig/num.c openssh-9.6p1/num.c +--- openssh-9.6p1.orig/num.c 1970-01-01 01:00:00.000000000 +0100 ++++ openssh-9.6p1/num.c 2024-07-10 13:34:02.722358600 +0200 +@@ -0,0 +1,156 @@ ++/* CC0 license applied, see LICENCE.md */ ++ ++#include ++#include "num.h" ++ ++#ifdef WITH_OPENSSL3 ++ ++typedef enum { BIG = 1, LITTLE = -1 } endian_t; ++typedef enum { NEGATIVE = 0xff, POSITIVE = 0x00 } sign_t; ++ ++static endian_t nativeendian(void) ++{ ++ const int endiantest = 1; ++ ++ return *((char *)&endiantest) == 1 ? LITTLE : BIG; ++} ++ ++static sign_t paramsign(const OSSL_PARAM *param) ++{ ++ size_t srcmsb = nativeendian() == BIG ? 0 : param->data_size - 1; ++ ++ return ++ param->data_type == OSSL_PARAM_UNSIGNED_INTEGER ++ ? POSITIVE ++ : (((unsigned char *)param->data)[srcmsb] & 0x80 ++ ? NEGATIVE ++ : POSITIVE); ++} ++ ++struct numdesc { ++ void *data; ++ unsigned int data_type; /* The OSSL_PARAM data type */ ++ ++ /* These fields concern the whole number */ ++ size_t size; ++ endian_t endian; ++ sign_t sign; ++ ++ /* These fields concern the limbs of the number */ ++ size_t limbsize; ++ endian_t limbendian; ++ /* This is for odd archs. */ ++ /* see the manual for mpz_import() for an in depth explanation. */ ++ size_t limbnailbits; ++}; ++ ++struct resultdesc { ++ size_t size; ++ int result; /* 1 or (negative) error */ ++}; ++ ++static struct resultdesc provnum_copy(struct numdesc dest, struct numdesc src) ++{ ++ struct resultdesc result = { dest.size, 1, }; ++ ++ if (src.data_type != OSSL_PARAM_INTEGER ++ && src.data_type != OSSL_PARAM_UNSIGNED_INTEGER) { ++ result.result = PROVNUM_E_WRONG_TYPE; ++ return result; ++ } ++ ++ if (src.size == 0) { ++ memset(dest.data, 0, dest.size); ++ return result; ++ } ++ ++ /* Extra data */ ++ size_t srcmsb = src.endian == BIG ? 0 : src.size - 1; ++ int srcmsb2lsb = src.endian == BIG ? 1 : -1; ++ ++ /* ++ * If the source is bigger than the destination, analyse to see if the ++ * most significant byte is just padding that can be ignored. ++ * The rules to determine if the most significant byte is just padding ++ * are: ++ * ++ * 1. the most significant byte equals srcsigned, which just so happens ++ * to have the 2's complement padding value. ++ * 2. The most significant bit of the next to most significant byte ++ * equals the most significant bit of srcsigned. ++ */ ++ size_t end = dest.data == NULL ? 1 : dest.size; ++ for (; src.size > end; srcmsb += srcmsb2lsb, src.size--) ++ if (((unsigned char *)src.data)[srcmsb] != src.sign ++ || ((((unsigned char *)src.data)[srcmsb + srcmsb2lsb] & 0x80) ++ != (src.sign & 0x80))) ++ break; ++ ++ if (src.size > dest.size) { ++ result.result = PROVNUM_E_TOOBIG; ++ return result; ++ } ++ ++ size_t srclsb = srcmsb + srcmsb2lsb * (src.size - 1); ++ ++ /* Simple case, all significant details match */ ++ if (dest.endian == src.endian ++ && dest.limbsize == 1 ++ && dest.limbnailbits == 0 ++ && (dest.data_type == OSSL_PARAM_INTEGER || src.sign == POSITIVE)) { ++ ++ if (src.size < dest.size) { ++ size_t padstart = dest.endian == BIG ? 0 : dest.size - src.size; ++ ++ memset((unsigned char *)dest.data + padstart, src.sign, ++ dest.size - src.size); ++ } ++ ++ size_t deststart = dest.endian == BIG ? dest.size - src.size : 0; ++ size_t srcstart = src.endian == BIG ? srcmsb : srclsb; ++ ++ memcpy((unsigned char *)dest.data + deststart, ++ (unsigned char *)src.data + srcstart, ++ src.size); ++ return result; ++ } ++ ++ /* Complex case, for sign or limb conversion. Currently unsupported */ ++ result.result = PROVNUM_E_UNSUPPORTED; ++ return result; ++} ++ ++#define implement_provnum(T, DT) \ ++ int provnum_get_##T(T *dest, const OSSL_PARAM *param) \ ++ { \ ++ endian_t endian = nativeendian(); \ ++ struct numdesc destnd = { \ ++ dest, DT, sizeof(T), endian, POSITIVE, 1, endian, 0 \ ++ }; \ ++ struct numdesc srcnd = { \ ++ param->data, param->data_type, param->data_size, \ ++ endian, paramsign(param), 1, endian, 0 \ ++ }; \ ++ \ ++ struct resultdesc result = provnum_copy(destnd, srcnd); \ ++ return result.result; \ ++ } \ ++ int provnum_set_##T(OSSL_PARAM *param, T src) \ ++ { \ ++ endian_t endian = nativeendian(); \ ++ struct numdesc destnd = { \ ++ param->data, param->data_type, param->data_size, \ ++ endian, POSITIVE, 1, endian, 0 \ ++ }; \ ++ struct numdesc srcnd = { \ ++ &src, DT, sizeof(T), endian, POSITIVE, 1, endian, 0 \ ++ }; \ ++ \ ++ struct resultdesc result = provnum_copy(destnd, srcnd); \ ++ param->return_size = result.size; \ ++ return result.result; \ ++ } ++ ++implement_provnum(size_t, OSSL_PARAM_UNSIGNED_INTEGER) ++ ++#endif /* WITH_OPENSSL3 */ +diff -Nur openssh-9.6p1.orig/num.h openssh-9.6p1/num.h +--- openssh-9.6p1.orig/num.h 1970-01-01 01:00:00.000000000 +0100 ++++ openssh-9.6p1/num.h 2024-07-10 13:34:02.723358603 +0200 +@@ -0,0 +1,15 @@ ++/* CC0 license applied, see LICENCE.md */ ++ ++#include "includes.h" ++#ifdef WITH_OPENSSL3 ++ ++#include ++ ++/* Convert between OSSL_PARAM and size_t */ ++int provnum_get_size_t(size_t *dest, const OSSL_PARAM *param); ++int provnum_set_size_t(OSSL_PARAM *param, size_t src); ++ ++#define PROVNUM_E_WRONG_TYPE -1 ++#define PROVNUM_E_TOOBIG -2 ++#define PROVNUM_E_UNSUPPORTED -3 ++#endif /* WITH_OPENSSL3 */ +diff -Nur openssh-9.6p1.orig/ossl3-provider-err.c openssh-9.6p1/ossl3-provider-err.c +--- openssh-9.6p1.orig/ossl3-provider-err.c 1970-01-01 01:00:00.000000000 +0100 ++++ openssh-9.6p1/ossl3-provider-err.c 2024-07-10 13:34:02.723358603 +0200 +@@ -0,0 +1,108 @@ ++/* CC0 license applied, see LICENCE.md */ ++ ++#include ++#include ++#include "ossl3-provider-err.h" ++ ++#ifdef WITH_OPENSSL3 ++ ++struct proverr_functions_st { ++ const OSSL_CORE_HANDLE *core; ++ OSSL_FUNC_core_new_error_fn *core_new_error; ++ OSSL_FUNC_core_set_error_debug_fn *core_set_error_debug; ++ OSSL_FUNC_core_vset_error_fn *core_vset_error; ++}; ++ ++struct proverr_functions_st * ++proverr_new_handle(const OSSL_CORE_HANDLE *core, const OSSL_DISPATCH *dispatch) ++{ ++ /* ++ * libcrypto gives providers the tools to create error routines similar ++ * to the ones defined in ++ */ ++ OSSL_FUNC_core_new_error_fn *c_new_error = NULL; ++ OSSL_FUNC_core_set_error_debug_fn *c_set_error_debug = NULL; ++ OSSL_FUNC_core_vset_error_fn *c_vset_error = NULL; ++ struct proverr_functions_st *handle = NULL; ++ ++ assert(core != NULL); ++ assert(dispatch != NULL); ++ ++#ifndef DEBUG ++ if (core == NULL || dispatch == NULL) ++ return NULL; ++#endif ++ ++ for (; dispatch->function_id != 0; dispatch++) ++ switch (dispatch->function_id) { ++ case OSSL_FUNC_CORE_NEW_ERROR: ++ c_new_error = OSSL_FUNC_core_new_error(dispatch); ++ break; ++ case OSSL_FUNC_CORE_SET_ERROR_DEBUG: ++ c_set_error_debug = OSSL_FUNC_core_set_error_debug(dispatch); ++ break; ++ case OSSL_FUNC_CORE_VSET_ERROR: ++ c_vset_error = OSSL_FUNC_core_vset_error(dispatch); ++ break; ++ } ++ ++ assert(c_new_error != NULL); ++ assert(c_set_error_debug != NULL); ++ assert(c_vset_error != NULL); ++ ++#ifdef NDEBUG ++ if (c_new_error == NULL || c_set_error_debug == NULL || c_vset_error == NULL) ++ return NULL; ++#endif ++ ++ if ((handle = malloc(sizeof(*handle))) != NULL) { ++ handle->core = core; ++ handle->core_new_error = c_new_error; ++ handle->core_set_error_debug = c_set_error_debug; ++ handle->core_vset_error = c_vset_error; ++ } ++ return handle; ++} ++ ++struct proverr_functions_st * ++proverr_dup_handle(struct proverr_functions_st *src) ++{ ++ struct proverr_functions_st *dst = NULL; ++ ++ if (src != NULL ++ && (dst = malloc(sizeof(*dst))) != NULL) { ++ dst->core = src->core; ++ dst->core_new_error = src->core_new_error; ++ dst->core_set_error_debug = src->core_set_error_debug; ++ dst->core_vset_error = src->core_vset_error; ++ } ++ return dst; ++} ++ ++void proverr_free_handle(struct proverr_functions_st *handle) ++{ ++ free(handle); ++} ++ ++void proverr_new_error(const struct proverr_functions_st *handle) ++{ ++ handle->core_new_error(handle->core); ++} ++ ++void proverr_set_error_debug(const struct proverr_functions_st *handle, ++ const char *file, int line, const char *func) ++{ ++ handle->core_set_error_debug(handle->core, file, line, func); ++} ++ ++void proverr_set_error(const struct proverr_functions_st *handle, ++ uint32_t reason, const char *fmt, ...) ++{ ++ va_list ap; ++ ++ va_start(ap, fmt); ++ handle->core_vset_error(handle->core, reason, fmt, ap); ++ va_end(ap); ++} ++ ++#endif /* WITH_OPENSSL3 */ +diff -Nur openssh-9.6p1.orig/ossl3-provider-err.h openssh-9.6p1/ossl3-provider-err.h +--- openssh-9.6p1.orig/ossl3-provider-err.h 1970-01-01 01:00:00.000000000 +0100 ++++ openssh-9.6p1/ossl3-provider-err.h 2024-07-10 13:34:02.723358603 +0200 +@@ -0,0 +1,73 @@ ++/* CC0 license applied, see LICENCE.md */ ++ ++#include "includes.h" ++#ifdef WITH_OPENSSL3 ++#include ++#include ++#include ++ ++/* ++ * The idea with this library is to replace OpenSSL's ERR_raise() and ++ * ERR_raise_data() with variants that are more suitable for providers that ++ * have their own error reason table. ++ * ++ * This assumes variadic function-like macros, i.e. C99 or newer. ++ * ++ * A minimal amount of preparation is needed on provider initialization and ++ * takedown: ++ * ++ * 1. The provider's outgoing OSSL_DISPATCH table must include an entry ++ * got OSSL_FUNC_PROVIDER_GET_REASON_STRINGS, with a function that returns ++ * the provider's table of reasons. ++ * That table of reasons is a simple OSSL_ITEM array, where each element ++ * contains a numeric reason identity for the reason, and the description ++ * text string for that reason. ++ * Each numeric reason identity MUST be unique within this array. ++ * ++ * 2. On provider initialization, an error handle must be created using ++ * proverr_new_handle(). The returned pointer is passed as first argument ++ * to ERR_raise() and ERR_raise_data(). ++ * ++ * 3. On provider takedown, the error handle must be freed, using ++ * proverr_free_handle(). ++ * ++ * With this preparation, the provider code can use ERR_raise() and ++ * ERR_raise_data() "as usual", with the exception that the first argument is ++ * the error handle instead of one of the OpenSSL ERR_LIB_ macros. ++ */ ++ ++/* ++ * In case was included, we throw away its error recording ++ * macros. ++ * Note that ERR_put_error() is NOT recreated. It's deprecated and should not ++ * be used any more. ++ */ ++#undef ERR_put_error ++#undef ERR_raise ++#undef ERR_raise_data ++ ++#define ERR_raise(handle, reason) ERR_raise_data((handle),(reason),NULL) ++ ++#define ERR_raise_data(handle, reason, ...) \ ++ (proverr_new_error(handle), \ ++ proverr_set_error_debug(handle, OPENSSL_FILE,OPENSSL_LINE,OPENSSL_FUNC), \ ++ proverr_set_error(handle, reason, __VA_ARGS__)) ++ ++/* ++ * The structure where the libcrypto core handle and core functions are ++ * captured. ++ */ ++struct proverr_functions_st; ++ ++struct proverr_functions_st * ++proverr_new_handle(const OSSL_CORE_HANDLE *core, const OSSL_DISPATCH *in); ++struct proverr_functions_st * ++proverr_dup_handle(struct proverr_functions_st *src); ++void proverr_free_handle(struct proverr_functions_st *handle); ++ ++void proverr_new_error(const struct proverr_functions_st *handle); ++void proverr_set_error_debug(const struct proverr_functions_st *handle, ++ const char *file, int line, const char *func); ++void proverr_set_error(const struct proverr_functions_st *handle, ++ uint32_t reason, const char *fmt, ...); ++#endif /* WITH_OPENSSL3 */ +diff -Nur openssh-9.6p1.orig/packet.c openssh-9.6p1/packet.c +--- openssh-9.6p1.orig/packet.c 2024-07-10 13:32:39.545111651 +0200 ++++ openssh-9.6p1/packet.c 2024-07-10 15:20:04.337115780 +0200 +@@ -63,6 +63,9 @@ + #endif + #include + #include ++#ifdef HAVE_UTIL_H ++# include ++#endif + + /* + * Explicitly include OpenSSL before zlib as some versions of OpenSSL have +@@ -104,7 +107,20 @@ + #define DBG(x) + #endif + +-#define PACKET_MAX_SIZE (256 * 1024) ++/* OpenSSH usings 256KB packet size max but that consumes a ++ * lot of memory with the buffers we are using. However, we need ++ * a large packet size if the banner that's being sent is large. ++ * So we need a 256KB packet pre authentication and a smaller one ++ * in this case SSH_IOBUFSZ + 1KB, afterwards. So we change ++ * PACKET_MAX_SIZE from a #define to a global. Then, in the function ++ * ssh_packet_set_authentcated we reduce the size to something ++ * more memory efficient. -cjr 04/07/23 ++ */ ++u_int packet_max_size = 256 * 1024; ++ ++/* global to support forced rekeying */ ++int rekey_requested = 0; ++ + + struct packet_state { + u_int32_t seqnr; +@@ -241,12 +257,19 @@ + (state->outgoing_packet = sshbuf_new()) == NULL || + (state->incoming_packet = sshbuf_new()) == NULL) + goto fail; ++ /* these buffers are important in terms of tracking buffer usage ++ * so we explicitly label them with descriptive names */ ++ sshbuf_relabel(state->input, "input"); ++ sshbuf_relabel(state->incoming_packet, "inpacket"); ++ sshbuf_relabel(state->output, "output"); ++ sshbuf_relabel(state->outgoing_packet, "outpacket"); ++ + TAILQ_INIT(&state->outgoing); + TAILQ_INIT(&ssh->private_keys); + TAILQ_INIT(&ssh->public_keys); + state->connection_in = -1; + state->connection_out = -1; +- state->max_packet_size = 32768; ++ state->max_packet_size = CHAN_SES_PACKET_DEFAULT; + state->packet_timeout_ms = -1; + state->p_send.packets = state->p_read.packets = 0; + state->initialized = 1; +@@ -294,7 +317,7 @@ + ssh_packet_set_connection(struct ssh *ssh, int fd_in, int fd_out) + { + struct session_state *state; +- const struct sshcipher *none = cipher_by_name("none"); ++ struct sshcipher *none = cipher_by_name("none"); + int r; + + if (none == NULL) { +@@ -311,9 +334,11 @@ + state->connection_in = fd_in; + state->connection_out = fd_out; + if ((r = cipher_init(&state->send_context, none, +- (const u_char *)"", 0, NULL, 0, CIPHER_ENCRYPT)) != 0 || ++ (const u_char *)"", 0, NULL, 0, 0, CIPHER_ENCRYPT, ++ state->after_authentication)) != 0 || + (r = cipher_init(&state->receive_context, none, +- (const u_char *)"", 0, NULL, 0, CIPHER_DECRYPT)) != 0) { ++ (const u_char *)"", 0, NULL, 0, 0, CIPHER_DECRYPT, ++ state->after_authentication)) != 0) { + error_fr(r, "cipher_init failed"); + free(ssh); /* XXX need ssh_free_session_state? */ + return NULL; +@@ -384,7 +409,7 @@ + + if (state->packet_discard_mac) { + char buf[1024]; +- size_t dlen = PACKET_MAX_SIZE; ++ size_t dlen = packet_max_size; + + if (dlen > state->packet_discard_mac_already) + dlen -= state->packet_discard_mac_already; +@@ -885,6 +910,7 @@ + const char *wmsg; + int r, crypt_type; + const char *dir = mode == MODE_OUT ? "out" : "in"; ++ char blocks_s[FMT_SCALED_STRSIZE], bytes_s[FMT_SCALED_STRSIZE]; + + debug2_f("mode %d", mode); + +@@ -923,12 +949,32 @@ + if ((r = mac_init(mac)) != 0) + return r; + } +- mac->enabled = 1; ++ ++ /* if we are using NONE MAC then we don't need to enable the ++ * mac routines. This disables them and we can claw back some cycles ++ * from the CPU -cjr 3/21/2023 */ ++ if (ssh->none_mac != 1) ++ mac->enabled = 1; ++ + DBG(debug_f("cipher_init: %s", dir)); + cipher_free(*ccp); + *ccp = NULL; ++#ifdef WITH_OPENSSL ++ if (strcmp(enc->name, "chacha20-poly1305-mt@hpnssh.org") == 0) { ++ if (state->after_authentication) ++ enc->cipher = cipher_by_name( ++ "chacha20-poly1305-mt@hpnssh.org"); ++ else ++ enc->cipher = cipher_by_name( ++ "chacha20-poly1305@openssh.com"); ++ if (enc->cipher == NULL) ++ return r; ++ } ++#endif + if ((r = cipher_init(ccp, enc->cipher, enc->key, enc->key_len, +- enc->iv, enc->iv_len, crypt_type)) != 0) ++ enc->iv, enc->iv_len, ++ crypt_type ? state->p_send.seqnr : state->p_read.seqnr, ++ crypt_type, state->after_authentication)) != 0) + return r; + if (!state->cipher_warning_done && + (wmsg = cipher_warning_message(*ccp)) != NULL) { +@@ -953,23 +999,45 @@ + } + comp->enabled = 1; + } +- /* +- * The 2^(blocksize*2) limit is too expensive for 3DES, +- * so enforce a 1GB limit for small blocksizes. +- * See RFC4344 section 3.2. +- */ +- if (enc->block_size >= 16) +- *max_blocks = (u_int64_t)1 << (enc->block_size*2); +- else +- *max_blocks = ((u_int64_t)1 << 30) / enc->block_size; +- if (state->rekey_limit) +- *max_blocks = MINIMUM(*max_blocks, +- state->rekey_limit / enc->block_size); +- debug("rekey %s after %llu blocks", dir, +- (unsigned long long)*max_blocks); ++ ++ /* get the maximum number of blocks the cipher can ++ * handle safely */ ++ *max_blocks = cipher_rekey_blocks(enc->cipher); ++ ++ /* if we have a custom oRekeyLimit use that. */ ++ if (state->rekey_limit) ++ *max_blocks = MINIMUM(*max_blocks, ++ state->rekey_limit / enc->block_size); ++ ++ /* these lines support the debug */ ++ strlcpy(blocks_s, "?", sizeof(blocks_s)); ++ strlcpy(bytes_s, "?", sizeof(bytes_s)); ++ if (*max_blocks * enc->block_size < LLONG_MAX) { ++ fmt_scaled((long long)*max_blocks, blocks_s); ++ fmt_scaled((long long)*max_blocks * enc->block_size, bytes_s); ++ } ++ debug("rekey %s after %s blocks / %sB data", dir, blocks_s, bytes_s); ++ + return 0; + } + ++/* this supports the forced rekeying required for the NONE cipher */ ++void ++packet_request_rekeying(void) ++{ ++ rekey_requested = 1; ++} ++ ++/* used to determine if pre or post auth when rekeying for aes-ctr ++ * and none cipher switch */ ++int ++packet_authentication_state(const struct ssh *ssh) ++{ ++ struct session_state *state = ssh->state; ++ ++ return state->after_authentication; ++} ++ + #define MAX_PACKETS (1U<<31) + static int + ssh_packet_need_rekeying(struct ssh *ssh, u_int outbound_packet_len) +@@ -996,6 +1064,14 @@ + if (state->p_send.packets == 0 && state->p_read.packets == 0) + return 0; + ++ /* used to force rekeying when called for by the none ++ * cipher switch and aes-mt-ctr methods -cjr */ ++ if (rekey_requested == 1) { ++ debug_f("Got the rekey request"); ++ rekey_requested = 0; ++ return 1; ++ } ++ + /* Time-based rekeying */ + if (state->rekey_interval != 0 && + (int64_t)state->rekey_time + state->rekey_interval <= monotime()) +@@ -1354,7 +1430,7 @@ + struct session_state *state = ssh->state; + int len, r, ms_remain = 0; + struct pollfd pfd; +- char buf[8192]; ++ char buf[SSH_IOBUFSZ]; + struct timeval start; + struct timespec timespec, *timespecp = NULL; + +@@ -1481,7 +1557,7 @@ + return 0; /* packet is incomplete */ + state->packlen = PEEK_U32(cp); + if (state->packlen < 4 + 1 || +- state->packlen > PACKET_MAX_SIZE) ++ state->packlen > packet_max_size) + return SSH_ERR_MESSAGE_INCOMPLETE; + } + need = state->packlen + 4; +@@ -1540,7 +1616,7 @@ + sshbuf_ptr(state->input), sshbuf_len(state->input)) != 0) + return 0; + if (state->packlen < 1 + 4 || +- state->packlen > PACKET_MAX_SIZE) { ++ state->packlen > packet_max_size) { + #ifdef PACKET_DEBUG + sshbuf_dump(state->input, stderr); + #endif +@@ -1567,7 +1643,7 @@ + goto out; + state->packlen = PEEK_U32(sshbuf_ptr(state->incoming_packet)); + if (state->packlen < 1 + 4 || +- state->packlen > PACKET_MAX_SIZE) { ++ state->packlen > packet_max_size) { + #ifdef PACKET_DEBUG + fprintf(stderr, "input: \n"); + sshbuf_dump(state->input, stderr); +@@ -1576,7 +1652,7 @@ + #endif + logit("Bad packet length %u.", state->packlen); + return ssh_packet_start_discard(ssh, enc, mac, 0, +- PACKET_MAX_SIZE); ++ packet_max_size); + } + if ((r = sshbuf_consume(state->input, block_size)) != 0) + goto out; +@@ -1599,7 +1675,7 @@ + logit("padding error: need %d block %d mod %d", + need, block_size, need % block_size); + return ssh_packet_start_discard(ssh, enc, mac, 0, +- PACKET_MAX_SIZE - block_size); ++ packet_max_size - block_size); + } + /* + * check if the entire packet has been received and +@@ -1643,11 +1719,11 @@ + if (r != SSH_ERR_MAC_INVALID) + goto out; + logit("Corrupted MAC on input."); +- if (need + block_size > PACKET_MAX_SIZE) ++ if (need + block_size > packet_max_size) + return SSH_ERR_INTERNAL_ERROR; + return ssh_packet_start_discard(ssh, enc, mac, + sshbuf_len(state->incoming_packet), +- PACKET_MAX_SIZE - need - block_size); ++ packet_max_size - need - block_size); + } + /* Remove MAC from input buffer */ + DBG(debug("MAC #%d ok", state->p_read.seqnr)); +@@ -1862,7 +1938,7 @@ + int r; + size_t rlen; + +- if ((r = sshbuf_read(fd, state->input, PACKET_MAX_SIZE, &rlen)) != 0) ++ if ((r = sshbuf_read(fd, state->input, packet_max_size, &rlen)) != 0) + return r; + + if (state->packet_discard) { +@@ -1941,17 +2017,21 @@ + switch (r) { + case SSH_ERR_CONN_CLOSED: + ssh_packet_clear_keys(ssh); ++ sshpkt_final_log_entry(ssh); + logdie("Connection closed by %s", remote_id); + case SSH_ERR_CONN_TIMEOUT: + ssh_packet_clear_keys(ssh); ++ sshpkt_final_log_entry(ssh); + logdie("Connection %s %s timed out", + ssh->state->server_side ? "from" : "to", remote_id); + case SSH_ERR_DISCONNECTED: + ssh_packet_clear_keys(ssh); ++ sshpkt_final_log_entry(ssh); + logdie("Disconnected from %s", remote_id); + case SSH_ERR_SYSTEM_ERROR: + if (errno == ECONNRESET) { + ssh_packet_clear_keys(ssh); ++ sshpkt_final_log_entry(ssh); + logdie("Connection reset by %s", remote_id); + } + /* FALLTHROUGH */ +@@ -1993,6 +2073,24 @@ + logdie_f("should have exited"); + } + ++/* this prints out the final log entry */ ++void ++sshpkt_final_log_entry (struct ssh *ssh) { ++ double total_time; ++ ++ if (ssh->start_time < 1) ++ /* this will produce a NaN in the output. -cjr */ ++ total_time = 0; ++ else ++ total_time = monotime_double() - ssh->start_time; ++ ++ logit("SSH: Server;LType: Throughput;Remote: %s-%d;IN: %lu;OUT: %lu;Duration: %.1f;tPut_in: %.1f;tPut_out: %.1f", ++ ssh_remote_ipaddr(ssh), ssh_remote_port(ssh), ++ ssh->stdin_bytes, ssh->fdout_bytes, total_time, ++ ssh->stdin_bytes / total_time, ++ ssh->fdout_bytes / total_time); ++} ++ + /* + * Logs the error plus constructs and sends a disconnect packet, closes the + * connection, and exits. This function never returns. The error message +@@ -2247,10 +2345,19 @@ + ssh->kex->server = 1; /* XXX unify? */ + } + ++/* Set the state of the connection to post auth ++ * While we are here also decrease the size of ++ * packet_max_size to something more reasonable. ++ * In this case thats 33k. Which is the size of ++ * the largest packet we expect to see and some space ++ * for overhead. This reduces memory usage in high ++ * BDP environments without impacting performance ++ * -cjr 4/11/23 */ + void + ssh_packet_set_authenticated(struct ssh *ssh) + { + ssh->state->after_authentication = 1; ++ packet_max_size = SSH_IOBUFSZ + 1024; + } + + void * +@@ -2868,3 +2975,17 @@ + ssh->state->extra_pad = pad; + return 0; + } ++ ++/* used for cipher switching ++ * only called in cipher-swtich.c */ ++void * ++ssh_packet_get_send_context(struct ssh *ssh) ++{ ++ return ssh->state->send_context; ++} ++ ++void * ++ssh_packet_get_receive_context(struct ssh *ssh) ++{ ++ return ssh->state->receive_context; ++} +diff -Nur openssh-9.6p1.orig/packet.h openssh-9.6p1/packet.h +--- openssh-9.6p1.orig/packet.h 2024-07-10 13:32:39.546111654 +0200 ++++ openssh-9.6p1/packet.h 2024-07-10 13:34:02.724358606 +0200 +@@ -86,6 +86,20 @@ + + /* APP data */ + void *app_data; ++ ++ /* logging data for ServerLogging patch*/ ++ double start_time; ++ u_long fdout_bytes; ++ u_long stdin_bytes; ++ ++ /* track that we are in a none cipher state */ ++ int none; ++ ++ /* track if we have disabled the mac as well */ ++ int none_mac; ++ ++ /* use the less agressive window growth option */ ++ int hpn_buffer_limit; + }; + + typedef int (ssh_packet_hook_fn)(struct ssh *, struct sshbuf *, +@@ -158,6 +172,8 @@ + int ssh_packet_set_maxsize(struct ssh *, u_int); + u_int ssh_packet_get_maxsize(struct ssh *); + ++int packet_authentication_state(const struct ssh *); ++ + int ssh_packet_get_state(struct ssh *, struct sshbuf *); + int ssh_packet_set_state(struct ssh *, struct sshbuf *); + +@@ -172,6 +188,13 @@ + + void *ssh_packet_get_input(struct ssh *); + void *ssh_packet_get_output(struct ssh *); ++void *ssh_packet_get_receive_context(struct ssh *); ++void *ssh_packet_get_send_context(struct ssh *); ++ ++/* for forced packet rekeying post auth */ ++void packet_request_rekeying(void); ++/* final log entry support */ ++void sshpkt_final_log_entry (struct ssh *); + + /* new API */ + int sshpkt_start(struct ssh *ssh, u_char type); +diff -Nur openssh-9.6p1.orig/poly1305.c openssh-9.6p1/poly1305.c +--- openssh-9.6p1.orig/poly1305.c 2023-12-18 15:59:50.000000000 +0100 ++++ openssh-9.6p1/poly1305.c 2024-07-10 13:34:02.724358606 +0200 +@@ -13,6 +13,16 @@ + + #include "poly1305.h" + ++#ifdef OPENSSL_HAVE_POLY_EVP ++void ++poly1305_auth(EVP_MAC_CTX *poly_ctx, unsigned char out[POLY1305_TAGLEN], const unsigned char *m, size_t inlen, const unsigned char key[POLY1305_KEYLEN]) { ++ size_t poly_out_len; ++ EVP_MAC_init(poly_ctx, (const u_char *)key, POLY1305_KEYLEN, NULL); ++ EVP_MAC_update(poly_ctx, m, inlen); ++ EVP_MAC_final(poly_ctx, out, &poly_out_len, (size_t)POLY1305_TAGLEN); ++} ++#else ++ + #define mul32x32_64(a,b) ((uint64_t)(a) * (b)) + + #define U8TO32_LE(p) \ +@@ -30,7 +40,7 @@ + } while (0) + + void +-poly1305_auth(unsigned char out[POLY1305_TAGLEN], const unsigned char *m, size_t inlen, const unsigned char key[POLY1305_KEYLEN]) { ++poly1305_auth(char *unused, unsigned char out[POLY1305_TAGLEN], const unsigned char *m, size_t inlen, const unsigned char key[POLY1305_KEYLEN]) { + uint32_t t0,t1,t2,t3; + uint32_t h0,h1,h2,h3,h4; + uint32_t r0,r1,r2,r3,r4; +@@ -157,3 +167,4 @@ + U32TO8_LE(&out[ 8], f2); f3 += (f2 >> 32); + U32TO8_LE(&out[12], f3); + } ++#endif /* OPENSSL_HAVE_POLY_EVP */ +diff -Nur openssh-9.6p1.orig/poly1305.h openssh-9.6p1/poly1305.h +--- openssh-9.6p1.orig/poly1305.h 2023-12-18 15:59:50.000000000 +0100 ++++ openssh-9.6p1/poly1305.h 2024-07-10 13:34:02.724358606 +0200 +@@ -13,8 +13,15 @@ + #define POLY1305_KEYLEN 32 + #define POLY1305_TAGLEN 16 + +-void poly1305_auth(u_char out[POLY1305_TAGLEN], const u_char *m, size_t inlen, ++#ifdef OPENSSL_HAVE_POLY_EVP ++#include ++ ++void poly1305_auth(EVP_MAC_CTX *poly_key, u_char out[POLY1305_TAGLEN], const u_char *m, size_t inlen, ++ const u_char key[POLY1305_KEYLEN]) ++#else ++void poly1305_auth(char *unused, u_char out[POLY1305_TAGLEN], const u_char *m, size_t inlen, + const u_char key[POLY1305_KEYLEN]) ++#endif + __attribute__((__bounded__(__minbytes__, 1, POLY1305_TAGLEN))) + __attribute__((__bounded__(__buffer__, 2, 3))) + __attribute__((__bounded__(__minbytes__, 4, POLY1305_KEYLEN))); +diff -Nur openssh-9.6p1.orig/progressmeter.c openssh-9.6p1/progressmeter.c +--- openssh-9.6p1.orig/progressmeter.c 2023-12-18 15:59:50.000000000 +0100 ++++ openssh-9.6p1/progressmeter.c 2024-07-10 13:34:02.725358609 +0200 +@@ -66,6 +66,8 @@ + static off_t start_pos; /* initial position of transfer */ + static off_t end_pos; /* ending position of transfer */ + static off_t cur_pos; /* transfer position as of last refresh */ ++static off_t last_pos; ++static off_t max_delta_pos = 0; + static volatile off_t *counter; /* progress counter */ + static long stalled; /* how long we have been stalled */ + static int bytes_per_second; /* current speed in bytes per second */ +@@ -132,6 +134,7 @@ + int cur_speed; + int hours, minutes, seconds; + int file_len, cols; ++ off_t delta_pos; + + if ((!force_update && !alarm_fired && !win_resized) || !can_output()) + return; +@@ -147,6 +150,10 @@ + now = monotime_double(); + bytes_left = end_pos - cur_pos; + ++ delta_pos = cur_pos - last_pos; ++ if (delta_pos > max_delta_pos) ++ max_delta_pos = delta_pos; ++ + if (bytes_left > 0) + elapsed = now - last_update; + else { +@@ -176,7 +183,7 @@ + return; + + /* filename */ +- file_len = cols = win_size - 36; ++ file_len = cols = win_size - 45; + if (file_len > 0) { + asmprintf(&buf, INT_MAX, &cols, "%-*s", file_len, file); + /* If we used fewer columns than expected then pad */ +@@ -193,6 +200,12 @@ + xextendf(&buf, NULL, " %3d%% %s %s/s ", percent, format_size(cur_pos), + format_rate((off_t)bytes_per_second)); + ++ /* instantaneous rate */ ++ if (bytes_left > 0) ++ xextendf(&buf, NULL, "%s/s", format_rate((off_t)delta_pos)); ++ else ++ xextendf(&buf, NULL, "%s/s", format_rate((off_t)max_delta_pos)); ++ + /* ETA */ + if (!transferred) + stalled += elapsed; +@@ -235,6 +248,7 @@ + } + free(buf); + free(obuf); ++ last_pos = cur_pos; + } + + static void +diff -Nur openssh-9.6p1.orig/readconf.c openssh-9.6p1/readconf.c +--- openssh-9.6p1.orig/readconf.c 2024-07-10 13:32:39.600111814 +0200 ++++ openssh-9.6p1/readconf.c 2024-07-10 13:34:02.725358609 +0200 +@@ -72,6 +72,7 @@ + #include "myproposal.h" + #include "digest.h" + #include "ssh-gss.h" ++#include "sshbuf.h" + + /* Format of the configuration file: + +@@ -173,6 +174,9 @@ + oHashKnownHosts, + oTunnel, oTunnelDevice, + oLocalCommand, oPermitLocalCommand, oRemoteCommand, ++ oTcpRcvBufPoll, oHPNDisabled, ++ oNoneEnabled, oNoneMacEnabled, oNoneSwitch, oHPNBufferLimit, ++ oMetrics, oMetricsPath, oMetricsInterval, oFallback, oFallbackPort, + oVisualHostKey, + oKexAlgorithms, oIPQoS, oRequestTTY, oSessionType, oStdinNull, + oForkAfterAuthentication, oIgnoreUnknown, oProxyUseFdpass, +@@ -319,6 +323,15 @@ + { "kexalgorithms", oKexAlgorithms }, + { "ipqos", oIPQoS }, + { "requesttty", oRequestTTY }, ++ { "noneenabled", oNoneEnabled }, ++ { "nonemacenabled", oNoneMacEnabled }, ++ { "noneswitch", oNoneSwitch }, ++ { "hpnbufferlimit", oHPNBufferLimit }, ++ { "metrics", oMetrics }, ++ { "metricspath", oMetricsPath }, ++ { "metricsinterval", oMetricsInterval }, ++ { "fallback", oFallback }, ++ { "fallbackport", oFallbackPort }, + { "sessiontype", oSessionType }, + { "stdinnull", oStdinNull }, + { "forkafterauthentication", oForkAfterAuthentication }, +@@ -341,6 +354,8 @@ + { "proxyjump", oProxyJump }, + { "securitykeyprovider", oSecurityKeyProvider }, + { "knownhostscommand", oKnownHostsCommand }, ++ { "tcprcvbufpoll", oTcpRcvBufPoll }, ++ { "hpndisabled", oHPNDisabled }, + { "requiredrsasize", oRequiredRSASize }, + { "rsaminsize", oRequiredRSASize }, /* alias */ + { "enableescapecommandline", oEnableEscapeCommandline }, +@@ -539,7 +554,7 @@ + + if (port == 0) { + sp = getservbyname(SSH_SERVICE_NAME, "tcp"); +- port = sp ? ntohs(sp->s_port) : SSH_DEFAULT_PORT; ++ port = sp ? ntohs(sp->s_port) : HPNSSH_DEFAULT_PORT; + } + return port; + } +@@ -1271,6 +1286,63 @@ + intptr = &options->check_host_ip; + goto parse_flag; + ++ case oHPNDisabled: ++ intptr = &options->hpn_disabled; ++ goto parse_flag; ++ ++ case oTcpRcvBufPoll: ++ intptr = &options->tcp_rcv_buf_poll; ++ goto parse_flag; ++ ++ case oNoneEnabled: ++ intptr = &options->none_enabled; ++ goto parse_flag; ++ ++ case oNoneMacEnabled: ++ intptr = &options->nonemac_enabled; ++ goto parse_flag; ++ ++ case oHPNBufferLimit: ++ intptr = &options->hpn_buffer_limit; ++ goto parse_flag; ++ ++ case oMetrics: ++ intptr = &options->metrics; ++ goto parse_flag; ++ ++ case oMetricsInterval: ++ intptr = &options->metrics_interval; ++ goto parse_int; ++ ++ case oMetricsPath: ++ charptr = &options->metrics_path; ++ options->metrics = 1; ++ goto parse_string; ++ ++ case oFallback: ++ intptr = &options->fallback; ++ goto parse_flag; ++ ++ case oFallbackPort: ++ intptr = &options->fallback_port; ++ goto parse_int; ++ ++ /* ++ * We check to see if the command comes from the command ++ * line or not. If it does then enable it otherwise fail. ++ * NONE should never be a default configuration. ++ */ ++ case oNoneSwitch: ++ if (strcmp(filename, "command-line") == 0) { ++ intptr = &options->none_switch; ++ goto parse_flag; ++ } else { ++ error("NoneSwitch is found in %.200s.\nYou may only use this configuration option from the command line", filename); ++ error("Continuing..."); ++ debug("NoneSwitch directive found in %.200s.", filename); ++ return 0; ++ } ++ + case oVerifyHostKeyDNS: + intptr = &options->verify_host_key_dns; + multistate_ptr = multistate_yesnoask; +@@ -2641,6 +2713,17 @@ + options->ip_qos_interactive = -1; + options->ip_qos_bulk = -1; + options->request_tty = -1; ++ options->none_switch = -1; ++ options->none_enabled = -1; ++ options->nonemac_enabled = -1; ++ options->metrics = -1; ++ options->metrics_path = NULL; ++ options->metrics_interval = -1; ++ options->hpn_disabled = -1; ++ options->hpn_buffer_limit = -1; ++ options->fallback = -1; ++ options->fallback_port = -1; ++ options->tcp_rcv_buf_poll = -1; + options->session_type = -1; + options->stdin_null = -1; + options->fork_after_authentication = -1; +@@ -2822,8 +2905,37 @@ + options->server_alive_interval = 0; + if (options->server_alive_count_max == -1) + options->server_alive_count_max = 3; ++ if (options->hpn_disabled == -1) ++ options->hpn_disabled = 0; ++ if (options->hpn_buffer_limit == -1) ++ options->hpn_buffer_limit = 0; ++ if (options->tcp_rcv_buf_poll == -1) ++ options->tcp_rcv_buf_poll = 1; ++ if (options->none_switch == -1) ++ options->none_switch = 0; ++ if (options->none_enabled == -1) ++ options->none_enabled = 0; ++ if (options->none_enabled == 0 && options->none_switch > 0) { ++ fprintf(stderr, "NoneEnabled must be enabled to use the None Switch option. None cipher disabled.\n"); ++ options->none_enabled = 0; ++ } ++ if (options->nonemac_enabled == -1) ++ options->nonemac_enabled = 0; ++ if (options->nonemac_enabled > 0 && (options->none_enabled == 0 || ++ options->none_switch == 0)) { ++ fprintf(stderr, "None MAC can only be used with the None cipher. None MAC disabled.\n"); ++ options->nonemac_enabled = 0; ++ } ++ if (options->metrics == -1) ++ options->metrics = 0; ++ if (options->metrics_interval == -1) ++ options->metrics_interval = 5; + if (options->control_master == -1) + options->control_master = 0; ++ if (options->fallback == -1) ++ options->fallback = 1; ++ if (options->fallback_port == -1) ++ options->fallback_port = SSH_DEFAULT_PORT; + if (options->control_persist == -1) { + options->control_persist = 0; + options->control_persist_timeout = 0; +diff -Nur openssh-9.6p1.orig/readconf.h openssh-9.6p1/readconf.h +--- openssh-9.6p1.orig/readconf.h 2024-07-10 13:32:39.600111814 +0200 ++++ openssh-9.6p1/readconf.h 2024-07-10 13:34:02.726358612 +0200 +@@ -56,6 +56,9 @@ + int strict_host_key_checking; /* Strict host key checking. */ + int compression; /* Compress packets in both directions. */ + int tcp_keep_alive; /* Set SO_KEEPALIVE. */ ++ int tcp_rcv_buf_poll; /* Option to poll recv buf every window transfer */ ++ int hpn_disabled; /* Switch to disable HPN buffer management */ ++ int hpn_buffer_limit; /* limit local_window_max to 1/2 receive buffer */ + int ip_qos_interactive; /* IP ToS/DSCP/class for interactive */ + int ip_qos_bulk; /* IP ToS/DSCP/class for bulk traffic */ + SyslogFacility log_facility; /* Facility for system logging. */ +@@ -129,6 +132,16 @@ + int enable_ssh_keysign; + int64_t rekey_limit; + int rekey_interval; ++ ++ int none_switch; /* Use none cipher */ ++ int none_enabled; /* Allow none to be used */ ++ int nonemac_enabled; /* Allow none to be used */ ++ int metrics; /* enable metrics */ ++ int metrics_interval; /* time in seconds between polls */ ++ char *metrics_path; /* path for the metrics files */ ++ int fallback; /* en|disable fallback port (def: true) */ ++ int fallback_port; /* port to fallback to (def: 22) */ ++ + int no_host_authentication_for_localhost; + int identities_only; + int server_alive_interval; +diff -Nur openssh-9.6p1.orig/README.md openssh-9.6p1/README.md +--- openssh-9.6p1.orig/README.md 2023-12-18 15:59:50.000000000 +0100 ++++ openssh-9.6p1/README.md 2024-07-10 13:34:02.726358612 +0200 +@@ -1,12 +1,16 @@ +-# Portable OpenSSH ++# HPNSSH: Based on Portable OpenSSH + +-[![C/C++ CI](https://github.com/openssh/openssh-portable/actions/workflows/c-cpp.yml/badge.svg)](https://github.com/openssh/openssh-portable/actions/workflows/c-cpp.yml) +-[![Fuzzing Status](https://oss-fuzz-build-logs.storage.googleapis.com/badges/openssh.svg)](https://bugs.chromium.org/p/oss-fuzz/issues/list?sort=-opened&can=1&q=proj:openssh) +-[![Coverity Status](https://scan.coverity.com/projects/21341/badge.svg)](https://scan.coverity.com/projects/openssh-portable) ++Starting with version HPN17v0 there will be significant changes to the naming convention used for executables and installation locations. The last version that does not include these changes is HPN16v1 corresponding to the HPN-8_8_P1 tag on the master branch. + +-OpenSSH is a complete implementation of the SSH protocol (version 2) for secure remote login, command execution and file transfer. It includes a client ``ssh`` and server ``sshd``, file transfer utilities ``scp`` and ``sftp`` as well as tools for key generation (``ssh-keygen``), run-time key storage (``ssh-agent``) and a number of supporting programs. ++HPNSSH is a variant of OpenSSH. It a complete implementation of the SSH protocol (version 2) for secure remote login, command execution and file transfer. It includes a client ``hpnssh`` and server ``hpnsshd``, file transfer utilities ``hpnscp`` and ``hpnsftp`` as well as tools for key generation (``hpnssh-keygen``), run-time key storage (``hpnssh-agent``) and a number of supporting programs. It includes numerous performance and functionality enhancements focused on high performance networks and computing envrironments. Complete information can be found in the HPN-README file. + +-This is a port of OpenBSD's [OpenSSH](https://openssh.com) to most Unix-like operating systems, including Linux, OS X and Cygwin. Portable OpenSSH polyfills OpenBSD APIs that are not available elsewhere, adds sshd sandboxing for more operating systems and includes support for OS-native authentication and auditing (e.g. using PAM). ++It is fully compatible with all compliant implementations of the SSH protocol and OpenSSH in particular. ++ ++This version of HPNSSH is significant departure in terms of naming executables and installation locations. Specifically, all executables are now prefixed with ``hpn``. So ``ssh`` becomes ``hpnssh`` and ``scp`` is now ``hpnscp``. Configuation files and host keys can now be found in ``/etc/hpnssh``. By default ``hpnsshd`` now runs on port 2222 but this is configurable. This change was made in order to prevent installations of hpnssh, particularly from package distributions, from interfering with default installations of OpenSSH. HPNSSH is backwards compatible with all versions of OpenSSH including configuration files, keys, and run time options. Additionally, the client will, by default attempt to connect to port 2222 but will automatically fall back to port 22. This is also user configurable. ++ ++HPNSSH is based on OpenSSH portable. This is a port of OpenBSD's [OpenSSH](https://openssh.com) to most Unix-like operating systems, including Linux, OS X and Cygwin. Portable OpenSSH polyfills OpenBSD APIs that are not available elsewhere, adds sshd sandboxing for more operating systems and includes support for OS-native authentication and auditing (e.g. using PAM). ++ ++This document will be changing over time to reflect new changes and features. This document is built off of the OpenSSH README.md + + ## Documentation + +@@ -21,15 +25,15 @@ + * [ssh-keyscan(8)](https://man.openbsd.org/ssh-keyscan.8) + * [sftp-server(8)](https://man.openbsd.org/sftp-server.8) + +-## Stable Releases ++All options in OpenSSH are respected by HPN-SSH. The man pages for HPN-SSH tools are the same as the name of the tool. + +-Stable release tarballs are available from a number of [download mirrors](https://www.openssh.com/portable.html#downloads). We recommend the use of a stable release for most users. Please read the [release notes](https://www.openssh.com/releasenotes.html) for details of recent changes and potential incompatibilities. ++## Building HPNSSH + +-## Building Portable OpenSSH ++Detailed step by step instructions can be found at https://psc.edu/hpn-ssh-home/ + + ### Dependencies + +-Portable OpenSSH is built using autoconf and make. It requires a working C compiler, standard library and headers. ++HPNSSH is built using autoconf and make. It requires a working C compiler, standard library and headers. + + ``libcrypto`` from either [LibreSSL](https://www.libressl.org/) or [OpenSSL](https://www.openssl.org) may also be used. OpenSSH may be built without either of these, but the resulting binaries will have only a subset of the cryptographic algorithms normally available. + +@@ -44,8 +48,8 @@ + Releases include a pre-built copy of the ``configure`` script and may be built using: + + ``` +-tar zxvf openssh-X.YpZ.tar.gz +-cd openssh ++tar zxvf hpnssh-X.YpZ.tar.gz ++cd hpnssh + ./configure # [options] + make && make tests + ``` +@@ -57,7 +61,7 @@ + If building from git, you'll need [autoconf](https://www.gnu.org/software/autoconf/) installed to build the ``configure`` script. The following commands will check out and build portable OpenSSH from git: + + ``` +-git clone https://github.com/openssh/openssh-portable # or https://anongit.mindrot.org/openssh.git ++git clone https://github.com/rapier1/hpn-ssh + cd openssh-portable + autoreconf + ./configure +@@ -76,6 +80,7 @@ + ``--with-libedit`` | Enable [libedit](https://www.thrysoee.dk/editline/) support for sftp. + ``--with-kerberos5`` | Enable Kerberos/GSSAPI support. Both [Heimdal](https://www.h5l.org/) and [MIT](https://web.mit.edu/kerberos/) Kerberos implementations are supported. + ``--with-selinux`` | Enable [SELinux](https://en.wikipedia.org/wiki/Security-Enhanced_Linux) support. ++``--with-security-key-builtin`` | Include built-in support for U2F/FIDO2 security keys. This requires [libfido2](https://github.com/Yubico/libfido2) be installed. + + ## Development + +diff -Nur openssh-9.6p1.orig/sandbox-seccomp-filter.c openssh-9.6p1/sandbox-seccomp-filter.c +--- openssh-9.6p1.orig/sandbox-seccomp-filter.c 2024-07-10 13:32:39.558111689 +0200 ++++ openssh-9.6p1/sandbox-seccomp-filter.c 2024-07-10 13:34:02.726358612 +0200 +@@ -295,6 +295,9 @@ + #ifdef __NR_geteuid32 + SC_ALLOW(__NR_geteuid32), + #endif ++#ifdef __NR_getpeername /* not defined on archs that go via socketcall(2) */ ++ SC_ALLOW(__NR_getpeername), ++#endif + #ifdef __NR_getpgid + SC_ALLOW(__NR_getpgid), + #endif +@@ -413,6 +416,9 @@ + #ifdef __NR_sigprocmask + SC_ALLOW(__NR_sigprocmask), + #endif ++#ifdef __NR_socketcall ++ SC_ALLOW(__NR_socketcall), ++#endif + #ifdef __NR_time + SC_ALLOW(__NR_time), + #endif +diff -Nur openssh-9.6p1.orig/scp.1 openssh-9.6p1/scp.1 +--- openssh-9.6p1.orig/scp.1 2024-07-10 13:32:39.528111600 +0200 ++++ openssh-9.6p1/scp.1 2024-07-10 14:33:54.369943270 +0200 +@@ -18,7 +18,7 @@ + .Nd OpenSSH secure file copy + .Sh SYNOPSIS + .Nm scp +-.Op Fl 346ABCOpqRrsTv ++.Op Fl 346ABCOpqRrsTvZ + .Op Fl c Ar cipher + .Op Fl D Ar sftp_server_path + .Op Fl F Ar ssh_config +@@ -252,6 +252,10 @@ + Note that + .Nm + follows symbolic links encountered in the tree traversal. ++.It Fl Z ++Resume failed or interrupted transfer. Identical files will be skipped. Remote must have resume option. ++.Nm ++only option. + .It Fl S Ar program + Name of + .Ar program +@@ -285,10 +289,13 @@ + .It Cm nrequests Ns = Ns Ar value + Controls how many concurrent SFTP read or write requests may be in progress + at any point in time during a download or upload. +-By default 64 requests may be active concurrently. ++This value must be between 1 and 8192. ++By default 1024 requests may be active concurrently. + .It Cm buffer Ns = Ns Ar value + Controls the maximum buffer size for a single SFTP read/write operation used + during download or upload. ++This value must be between 1B and 255KB. You may use ++the K unit for the size. E.g. 32768 or 32K. + By default a 32KB buffer is used. + .El + .El +@@ -322,6 +329,7 @@ + .Sh AUTHORS + .An Timo Rinne Aq Mt tri@iki.fi + .An Tatu Ylonen Aq Mt ylo@cs.hut.fi ++.An Chris Rapier Aq Mt rapier@psc.edu + .Sh CAVEATS + The legacy SCP protocol (selected by the + .Fl O +diff -Nur openssh-9.6p1.orig/scp.c openssh-9.6p1/scp.c +--- openssh-9.6p1.orig/scp.c 2024-07-10 13:32:39.530111606 +0200 ++++ openssh-9.6p1/scp.c 2024-07-10 14:15:34.032723487 +0200 +@@ -17,6 +17,7 @@ + /* + * Copyright (c) 1999 Theo de Raadt. All rights reserved. + * Copyright (c) 1999 Aaron Campbell. All rights reserved. ++ * Copyright (c) 2021 Chris Rapier. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions +@@ -133,6 +134,12 @@ + #include "misc.h" + #include "progressmeter.h" + #include "utf8.h" ++/* libressl doesn't support the blake2b512 digest so ++ * we need to prevent libressl from using the resume feature ++ * cjr 7/18/2023 */ ++#if (defined WITH_OPENSSL) && !defined(LIBRESSL_VERSION_NUMBER) ++#include ++#endif + #include "sftp.h" + + #include "sftp-common.h" +@@ -175,6 +182,10 @@ + /* This is the program to execute for the secured connection. ("ssh" or -S) */ + char *ssh_program = _PATH_SSH_PROGRAM; + ++/* this is path to the remote scp program allowing the user to specify ++ * a non-default scp */ ++char *remote_path; ++ + /* This is used to store the pid of ssh_program */ + pid_t do_cmd_pid = -1; + pid_t do_cmd_pid2 = -1; +@@ -189,6 +200,17 @@ + int sftp_glob(struct sftp_conn *, const char *, int, + int (*)(const char *, int), glob_t *); /* proto for sftp-glob.c */ + ++/* Flag to indicate that this is a file resume */ ++int resume_flag = 0; /* 0 is off, 1 is on */ ++ ++/* we want the host name for debugging purposes */ ++char hostname[HOST_NAME_MAX + 1]; ++ ++/* defines for the resume function. Need them even if not supported */ ++#define HASH_LEN 128 /*40 sha1, 64 blake2s256 128 blake2b512*/ ++#define BUF_AND_HASH HASH_LEN + 64 /* length of the hash and other data to get size of buffer */ ++#define HASH_BUFLEN 8192 /* 8192 seems to be a good balance between freads ++ * and the digest func*/ + static void + killchild(int signo) + { +@@ -234,6 +256,9 @@ + int status; + pid_t pid; + ++#ifdef DEBUG ++ fprintf(stderr, "In do_local_cmd\n"); ++#endif + if (a->num == 0) + fatal("do_local_cmd: no arguments"); + +@@ -460,6 +485,8 @@ + void tolocal(int, char *[], enum scp_mode_e, char *sftp_direct); + void toremote(int, char *[], enum scp_mode_e, char *sftp_direct); + void usage(void); ++void calculate_hash(char *, char *, off_t); /*get the hash of file to length*/ ++void rand_str(char *, size_t); /*gen randome char string */ + + void source_sftp(int, char *, char *, struct sftp_conn *); + void sink_sftp(int, char *, const char *, struct sftp_conn *); +@@ -478,11 +505,18 @@ + char *sftp_direct = NULL; + long long llv; + ++ /* we use this to prepend the debugging statements ++ * so we know which side is saying what */ ++ gethostname(hostname, HOST_NAME_MAX + 1); ++ + /* Ensure that fds 0, 1 and 2 are open or directed to /dev/null */ + sanitise_stdfd(); + + msetlocale(); + ++ /* for use with rand function when resume option is used*/ ++ srand(time(NULL)); ++ + /* Copy argv, because we modify it */ + argv0 = argv[0]; + newargv = xcalloc(MAXIMUM(argc + 1, 1), sizeof(*newargv)); +@@ -506,7 +540,7 @@ + + fflag = Tflag = tflag = 0; + while ((ch = getopt(argc, argv, +- "12346ABCTdfOpqRrstvD:F:J:M:P:S:c:i:l:o:X:")) != -1) { ++ "12346ABCTdfOpqRrstvZD:F:J:M:P:S:c:i:l:o:X:")) != -1) { + switch (ch) { + /* User-visible flags. */ + case '1': +@@ -587,24 +621,36 @@ + addargs(&remote_remote_args, "-q"); + showprogress = 0; + break; ++#if (defined WITH_OPENSSL) && !defined(LIBRESSL_VERSION_NUMBER) ++ case 'Z': ++ /* currently resume only works in SCP mode */ ++ resume_flag = 1; ++ mode = MODE_SCP; ++ break; ++#endif + case 'X': + /* Please keep in sync with sftp.c -X */ + if (strncmp(optarg, "buffer=", 7) == 0) { + r = scan_scaled(optarg + 7, &llv); +- if (r == 0 && (llv <= 0 || llv > 256 * 1024)) { ++ /* don't ask for a buffer larger than the maximum ++ * size that SFTP can handle */ ++ if (r == 0 && (llv <= 0 || llv > (SFTP_MAX_MSG_LENGTH - 1024))) { + r = -1; + errno = EINVAL; + } + if (r == -1) { +- fatal("Invalid buffer size \"%s\": %s", +- optarg + 7, strerror(errno)); ++ fatal("Invalid buffer size. Must be between 1B and 255KB." ++ "\"%s\": %s", optarg + 7, strerror(errno)); + } + sftp_copy_buflen = (size_t)llv; + } else if (strncmp(optarg, "nrequests=", 10) == 0) { +- llv = strtonum(optarg + 10, 1, 256 * 1024, ++ /* more than 10k to 15k requests starts stalling the connection ++ * 8192 * default buffer size is 256MB of outstanding data. ++ * if users need more then they need to up the buffer size */ ++ llv = strtonum(optarg + 10, 1, 8 * 1024, + &errstr); + if (errstr != NULL) { +- fatal("Invalid number of requests " ++ fatal("Invalid number of requests. Must be between 1 and 8192. " + "\"%s\": %s", optarg + 10, errstr); + } + sftp_nrequests = (size_t)llv; +@@ -692,11 +738,20 @@ + remin = remout = -1; + do_cmd_pid = -1; + /* Command to be executed on remote system using "ssh". */ +- (void) snprintf(cmd, sizeof cmd, "scp%s%s%s%s", +- verbose_mode ? " -v" : "", +- iamrecursive ? " -r" : "", pflag ? " -p" : "", +- targetshouldbedirectory ? " -d" : ""); +- ++ /* In the event of an hpn to hpn connection the scp ++ * command is rewritten to hpnscp. This happens in ++ * clientloop.c -cjr 12/12/2022 */ ++ ++ (void) snprintf(cmd, sizeof cmd, "%s%s%s%s%s%s", ++ remote_path ? remote_path : "scp", ++ verbose_mode ? " -v" : "", ++ iamrecursive ? " -r" : "", ++ pflag ? " -p" : "", ++ targetshouldbedirectory ? " -d" : "", ++ resume_flag ? " -Z" : ""); ++#ifdef DEBUG ++ fprintf(stderr, "%s: Sending cmd %s\n", hostname, cmd); ++#endif + (void) ssh_signal(SIGPIPE, lostconn); + + if (colon(argv[argc - 1])) /* Dest is remote host. */ +@@ -1321,6 +1376,74 @@ + free(src); + } + ++/* calculate the hash of a file up to length bytes ++ * this is used to determine if remote and local file ++ * fragments match. There may be a more efficient process for the hashing ++ * Note: LibreSSL doesn't support blake2b512 so we can't offer them ++ * the resume feature cjr 7/18/2023 */ ++#if (defined WITH_OPENSSL) && !defined(LIBRESSL_VERSION_NUMBER) ++void calculate_hash(char *filename, char *output, off_t length) ++{ ++ int n, md_len; ++ EVP_MD_CTX *c; ++ const EVP_MD *md; ++ char buf[HASH_BUFLEN]; ++ ssize_t bytes; ++ unsigned char out[EVP_MAX_MD_SIZE]; ++ char tmp[3]; ++ FILE *file_ptr; ++ *output = '\0'; ++ ++ /* open file for calculating hash */ ++ file_ptr = fopen(filename, "r"); ++ if (file_ptr==NULL) ++ { ++ if (verbose_mode) { ++ fprintf(stderr, "%s: error opening file %s\n", hostname, filename); ++ /* file the expected output with spaces */ ++ snprintf(output, HASH_LEN, "%s", " "); ++ } ++ return; ++ } ++ ++ md = EVP_get_digestbyname("blake2b512"); ++ c = EVP_MD_CTX_new(); ++ EVP_DigestInit_ex(c, md, NULL); ++ ++ while (length > 0) { ++ if (length > HASH_BUFLEN) ++ /* fread returns the number of elements read. ++ * in this case 1. Multiply by the length to get the bytes */ ++ bytes=fread(buf, HASH_BUFLEN, 1, file_ptr) * HASH_BUFLEN; ++ else ++ bytes=fread(buf, length, 1, file_ptr) * length; ++ EVP_DigestUpdate(c, buf, bytes); ++ length -= HASH_BUFLEN; ++ } ++ EVP_DigestFinal(c, out, &md_len); ++ EVP_MD_CTX_free(c); ++ /* convert the hash into a string */ ++ for(n=0; n < md_len; n++) { ++ snprintf(tmp, 3, "%02x", out[n]); ++ strncat(output, tmp, 3); ++ } ++#ifdef DEBUG ++ fprintf(stderr, "%s: HASH IS '%s' of length %ld\n", hostname, output, strlen(output)); ++#endif ++ fclose(file_ptr); ++} ++#else ++void calculate_hash(char *filename, char *output, off_t length) ++{ ++ /* empty function for builds without openssl or are using libressl */ ++} ++#endif /* WITH_OPENSSL */ ++ ++#define TYPE_OVERFLOW(type, val) \ ++ ((sizeof(type) == 4 && (val) > INT32_MAX) || \ ++ (sizeof(type) == 8 && (val) > INT64_MAX) || \ ++ (sizeof(type) != 4 && sizeof(type) != 8)) ++ + /* Prepare remote path, handling ~ by assuming cwd is the homedir */ + static char * + prepare_remote_path(struct sftp_conn *conn, const char *path) +@@ -1404,14 +1527,23 @@ + struct stat stb; + static BUF buffer; + BUF *bp; +- off_t i, statbytes; ++ off_t i, statbytes, xfer_size; + size_t amt, nr; + int fd = -1, haderr, indx; +- char *last, *name, buf[PATH_MAX + 128], encname[PATH_MAX]; ++ char *cp, *last, *name, buf[PATH_MAX + BUF_AND_HASH], encname[PATH_MAX]; + int len; ++ char hashsum[HASH_LEN+1], test_hashsum[HASH_LEN+1]; ++ char inbuf[PATH_MAX + BUF_AND_HASH]; ++ size_t insize; ++ unsigned long long ull; ++ char *match; /* used to communicate fragment match */ ++ match = "\0"; /*default is to fail the match. NULL and F both indicate fail*/ + + for (indx = 0; indx < argc; ++indx) { + name = argv[indx]; ++#ifdef DEBUG ++ fprintf(stderr, "%s index is %d, name is %s\n", hostname, indx, name); ++#endif + statbytes = 0; + len = strlen(name); + while (len > 1 && name[len-1] == '/') +@@ -1433,6 +1565,14 @@ + unset_nonblock(fd); + switch (stb.st_mode & S_IFMT) { + case S_IFREG: ++ /* only calculate hash if we are in resume mode and a file*/ ++ if (resume_flag) { ++ calculate_hash(name, hashsum, stb.st_size); ++#ifdef DEBUG ++ fprintf(stderr, "%s: Name is '%s' and hash '%s'\n", hostname, name, hashsum); ++ fprintf (stderr,"%s: size of %s is %ld\n", hostname, name, stb.st_size); ++#endif ++ } + break; + case S_IFDIR: + if (iamrecursive) { +@@ -1454,14 +1594,133 @@ + goto next; + } + #define FILEMODEMASK (S_ISUID|S_ISGID|S_IRWXU|S_IRWXG|S_IRWXO) +- snprintf(buf, sizeof buf, "C%04o %lld %s\n", +- (u_int) (stb.st_mode & FILEMODEMASK), +- (long long)stb.st_size, last); +- if (verbose_mode) +- fmprintf(stderr, "Sending file modes: %s", buf); ++ /* Add a hash of the file along with the filemode if in resume */ ++ if (resume_flag) ++ snprintf(buf, sizeof buf, "C%04o %lld %s %s\n", ++ (u_int) (stb.st_mode & FILEMODEMASK), ++ (long long)stb.st_size, hashsum, last); ++ else ++ snprintf(buf, sizeof buf, "C%04o %lld %s\n", ++ (u_int) (stb.st_mode & FILEMODEMASK), ++ (long long)stb.st_size, last); ++ ++#ifdef DEBUG ++ fprintf(stderr, "%s: Sending file modes: %s", hostname, buf); ++#endif + (void) atomicio(vwrite, remout, buf, strlen(buf)); +- if (response() < 0) ++ ++#ifdef DEBUG ++ fprintf(stderr, "%s: inbuf length %ld buf length %ld\n", hostname, strlen(inbuf), strlen(buf)); ++#endif ++ if (resume_flag) { /* get the hash response from the remote */ ++ (void) atomicio(read, remin, inbuf, BUF_AND_HASH - 1); ++#ifdef DEBUG ++ fprintf(stderr, "%s: we got '%s' in inbuf length %ld buf was %ld\n", ++ hostname, inbuf, strlen(inbuf), strlen(buf)); ++#endif ++ } ++ if (response() < 0) { ++#ifdef DEBUG ++ fprintf(stderr, "%s: response is less than 0\n", hostname); ++#endif + goto next; ++ } ++ xfer_size = stb.st_size; ++ ++ /* we only do the following in resume mode because we have a ++ * new buf from the remote to parse */ ++ if (resume_flag) { ++ cp = inbuf; ++ if (*cp == 'R') { /* resume file transfer*/ ++ char *in_hashsum; /* where to hold the incoming hash */ ++ in_hashsum = calloc(HASH_LEN+1, sizeof(char)); ++ for (++cp; cp < inbuf + 5; cp++) { ++ /* skip over the mode */ ++ } ++ if (*cp++ != ' ') { ++ fprintf(stderr, "%s: mode not delineated!\n", hostname); ++ } ++ ++ if (!isdigit((unsigned char)*cp)) ++ fprintf(stderr, "%s: size not present\n", hostname); ++ ull = strtoull(cp, &cp, 10); ++ if (!cp || *cp++ != ' ') ++ fprintf(stderr, "%s: size not delimited\n", hostname); ++ if (TYPE_OVERFLOW(off_t, ull)) ++ fprintf(stderr, "%s: size out of range\n", hostname); ++ insize = (off_t)ull; ++ ++#ifdef DEBUG ++ fprintf (stderr, "%s: received size of %ld\n", hostname, insize); ++#endif ++ ++ /* copy the cp pointer byte by byte */ ++ int i; ++ for (i = 0; i < HASH_LEN; i++) { ++ strncat(in_hashsum, cp++, 1); ++ } ++#ifdef DEBUG ++ fprintf (stderr, "%s: in_hashsum '%s'\n", hostname, in_hashsum); ++#endif ++ ++ /*get the hash of the source file to the byte length we just got*/ ++ calculate_hash(name, test_hashsum, insize); ++#ifdef DEBUG ++ fprintf(stderr, "%s: calculated hashsum of local %s to %ld is %s\n", ++ hostname, last, insize, test_hashsum); ++#endif ++ /* compare the incoming hash to the hash of the local file*/ ++ if (strcmp(in_hashsum, test_hashsum) == 0) { ++ /* the fragments match so we should seek to the appropriate place in the ++ * local file and set the remote file to append */ ++#ifdef DEBUG ++ fprintf(stderr, "%s: File fragments match\n", hostname); ++ fprintf(stderr, "%s: seeking to %ld\n", hostname, insize); ++#endif ++ xfer_size = stb.st_size - insize; ++#ifdef DEBUG ++ fprintf(stderr, "%s: xfer_size: %ld, stb.st_size: %ld insize: %ld\n", ++ hostname, xfer_size, stb.st_size, insize); ++#endif ++ if (lseek(fd, insize, SEEK_CUR) != (off_t)insize) { ++#ifdef DEBUG ++ fprintf(stderr, "%s: lseek did not return %ld\n", hostname, insize) ; ++#endif ++ goto next; ++ } ++ match = "M"; ++ } else { ++ /* the fragments don't match so we should start over from the begining */ ++#ifdef DEBUG ++ fprintf(stderr, "%s: File fragments do not match '%s'(in) '%s'(local)\n", ++ hostname, in_hashsum, test_hashsum); ++#endif ++ match = "F"; ++ xfer_size = stb.st_size; ++ } ++ free(in_hashsum); ++ } ++ if (*cp == 'S') { /* skip file */ ++#ifdef DEBUG ++ fprintf(stderr, "%s: Should be skipping this file\n", hostname); ++#endif ++ goto next; ++ } ++ if (*cp == 'C') { /*transfer entire file*/ ++#ifdef DEBUG ++ fprintf(stderr, "%s: Resending entire file\n", hostname); ++#endif ++ xfer_size = stb.st_size; ++ } ++ /* need to send the match status ++ * We always send the match status or we get out of sync ++ */ ++#ifdef DEBUG ++ fprintf(stderr, "%s: sending match %s\n", hostname, match); ++#endif ++ (void) atomicio(vwrite, remout, match, 1); ++ } ++ + if ((bp = allocbuf(&buffer, fd, COPY_BUFLEN)) == NULL) { + next: if (fd != -1) { + (void) close(fd); +@@ -1469,13 +1728,17 @@ + } + continue; + } ++ ++#ifdef DEBUG ++ fprintf(stderr, "%s: going to xfer %ld\n", hostname, xfer_size); ++#endif + if (showprogress) +- start_progress_meter(curfile, stb.st_size, &statbytes); ++ start_progress_meter(curfile, xfer_size, &statbytes); + set_nonblock(remout); +- for (haderr = i = 0; i < stb.st_size; i += bp->cnt) { ++ for (haderr = i = 0; i < xfer_size; i += bp->cnt) { + amt = bp->cnt; +- if (i + (off_t)amt > stb.st_size) +- amt = stb.st_size - i; ++ if (i + (off_t)amt > xfer_size) ++ amt = xfer_size - i; + if (!haderr) { + if ((nr = atomicio(read, fd, + bp->buf, amt)) != amt) { +@@ -1672,24 +1935,36 @@ + sink(int argc, char **argv, const char *src) + { + static BUF buffer; +- struct stat stb; ++ struct stat stb, cpstat, npstat; + BUF *bp; + off_t i; + size_t j, count; + int amt, exists, first, ofd; + mode_t mode, omode, mask; +- off_t size, statbytes; ++ off_t size, statbytes, xfer_size; + unsigned long long ull; + int setimes, targisdir, wrerr; +- char ch, *cp, *np, *targ, *why, *vect[1], buf[2048], visbuf[2048]; ++ char ch, *cp, *np, *np_tmp, *targ, *why, *vect[1], buf[16384], visbuf[16384]; + char **patterns = NULL; + size_t n, npatterns = 0; + struct timeval tv[2]; ++ char remote_hashsum[HASH_LEN+1]; ++ char local_hashsum[HASH_LEN+1]; ++ char tmpbuf[BUF_AND_HASH]; ++ char outbuf[BUF_AND_HASH]; ++ char match; ++ int bad_match_flag = 0; ++ np = NULL; /* this was originally '/0' but that's wrong */ ++ np_tmp = NULL; ++ + + #define atime tv[0] + #define mtime tv[1] + #define SCREWUP(str) { why = str; goto screwup; } + ++#ifdef DEBUG ++ fprintf (stderr, "%s: LOCAL In sink with %s\n", hostname, src); ++#endif + if (TYPE_OVERFLOW(time_t, 0) || TYPE_OVERFLOW(off_t, 0)) + SCREWUP("Unexpected off_t/time_t size"); + +@@ -1705,9 +1980,16 @@ + if (targetshouldbedirectory) + verifydir(targ); + ++#ifdef DEBUG ++ fprintf (stderr, "%s: Sending null to remout.\n",hostname); ++#endif + (void) atomicio(vwrite, remout, "", 1); + if (stat(targ, &stb) == 0 && S_ISDIR(stb.st_mode)) + targisdir = 1; ++ ++#ifdef DEBUG ++ fprintf(stderr, "%s: Target is %s with a size of %ld\n", hostname, targ, stb.st_size); ++#endif + if (src != NULL && !iamrecursive && !Tflag) { + /* + * Prepare to try to restrict incoming filenames to match +@@ -1716,7 +1998,12 @@ + if (brace_expand(src, &patterns, &npatterns) != 0) + fatal_f("could not expand pattern"); + } ++ + for (first = 1;; first = 0) { ++ bad_match_flag = 0; /* used in resume mode. */ ++#ifdef DEBUG ++ fprintf(stderr, "%s: At start of loop buf is %s\n", hostname, buf); ++#endif + cp = buf; + if (atomicio(read, remin, cp, 1) != 1) + goto done; +@@ -1744,6 +2031,9 @@ + continue; + } + if (buf[0] == 'E') { ++#ifdef DEBUG ++ fprintf (stderr, "%s: Sending null to remout.\n", hostname); ++#endif + (void) atomicio(vwrite, remout, "", 1); + goto done; + } +@@ -1751,6 +2041,9 @@ + *--cp = 0; + + cp = buf; ++#ifdef DEBUG ++ fprintf(stderr, "%s: buf is %s\n", hostname, buf); ++#endif + if (*cp == 'T') { + setimes++; + cp++; +@@ -1778,9 +2071,19 @@ + if (!cp || *cp++ != '\0' || atime.tv_usec < 0 || + atime.tv_usec > 999999) + SCREWUP("atime.usec not delimited"); ++ ++#ifdef DEBUG ++ fprintf (stderr, "%s: Sending null to remout.\n", hostname); ++#endif + (void) atomicio(vwrite, remout, "", 1); + continue; + } ++ if (*cp == 'R') { /*resume file transfer (dont' think I need this here)*/ ++#ifdef DEBUG ++ fprintf(stderr, "%s: Received a RESUME request with %s\n", hostname, cp); ++#endif ++ resume_flag = 1; ++ } + if (*cp != 'C' && *cp != 'D') { + /* + * Check for the case "rcp remote:foo\* local:bar". +@@ -1796,6 +2099,18 @@ + SCREWUP("expected control record"); + } + mode = 0; ++#ifdef DEBUG ++ fprintf(stderr, "%s: buf is %s\n", hostname, buf); ++ fprintf(stderr, "%s: cp is %s\n", hostname, cp); ++#endif ++ /* we need to track if this object is a directory ++ * before we move the pointer. If we are in resume mode ++ * we might end up trying to get an mdsum on a directory ++ * and that doesn't work */ ++ int dir_flag = 0; ++ if (*cp == 'D') ++ dir_flag = 1; ++ + for (++cp; cp < buf + 5; cp++) { + if (*cp < '0' || *cp > '7') + SCREWUP("bad mode"); +@@ -1806,6 +2121,10 @@ + if (*cp++ != ' ') + SCREWUP("mode not delimited"); + ++#ifdef DEBUG ++ fprintf(stderr, "%s: cp is %s\n", hostname, cp); ++#endif ++ + if (!isdigit((unsigned char)*cp)) + SCREWUP("size not present"); + ull = strtoull(cp, &cp, 10); +@@ -1815,11 +2134,32 @@ + SCREWUP("size out of range"); + size = (off_t)ull; + ++#ifdef DEBUG ++ fprintf(stderr, "%s: cp is %s\n", hostname, cp); ++#endif ++ if (resume_flag && !dir_flag) { ++ *remote_hashsum = '\0'; ++ int i; ++ for (i = 0; i < HASH_LEN; i++) { ++ strncat (remote_hashsum, cp++, 1); ++ } ++#ifdef DEBUG ++ fprintf (stderr, "%s: '%s'\n", hostname, remote_hashsum); ++#endif ++ if (!cp || *cp++ != ' ') ++ SCREWUP("hash not delimited"); ++ } ++#ifdef DEBUG ++ fprintf(stderr, "%s: cp is %s\n", hostname, cp); ++#endif + if (*cp == '\0' || strchr(cp, '/') != NULL || + strcmp(cp, ".") == 0 || strcmp(cp, "..") == 0) { + run_err("error: unexpected filename: %s", cp); + exit(1); + } ++#ifdef DEBUG ++ fprintf(stderr, "%s cp is %s\n", hostname, cp); ++#endif + if (npatterns > 0) { + for (n = 0; n < npatterns; n++) { + if (strcmp(patterns[n], cp) == 0 || +@@ -1889,11 +2229,195 @@ + } + omode = mode; + mode |= S_IWUSR; ++ stat(cp, &cpstat); ++ xfer_size = size; ++ if (resume_flag) { ++#ifdef DEBUG ++ fprintf(stderr, "%s: np is %s\n", hostname, np); ++#endif ++ /* does the file exist and if it does it writable? */ ++ if (stat(np, &npstat) == -1) { ++#ifdef DEBUG ++ fprintf(stderr, "%s Local file does not exist size is %ld!\n", ++ hostname, npstat.st_size); ++#endif ++ npstat.st_size = 0; ++ } else { ++ /* check to see if the file is writeable ++ * if it isn't then we need to skip it but ++ * before we skip it we need to send the remote ++ * what they are expecting so BUF_AND_HASH bytes and then ++ * a null. ++ * NOTE!!! The format in the snprintf needs the actual numeric ++ * because using a define isn't working */ ++ if (access (np, W_OK) != 0) { ++ fprintf(stderr, "scp: %s: Permission denied on %s\n", np, hostname); ++ snprintf(outbuf, BUF_AND_HASH, "S%-*s", BUF_AND_HASH-2, " "); ++ (void)atomicio(vwrite, remout, outbuf, strlen(outbuf)); ++ (void)atomicio(vwrite, remout, "", 1); ++ continue; ++ } ++ } ++ /* this file is already here do we need to move it? ++ * Check to make sure npstat.st_size > 0. If it is 0 then we ++ * may trying to be moving a zero byte file in which case this ++ * following block fails. See on 0 byte files the hashes will ++ * always match and the file won't be created even though it should ++ */ ++ if (xfer_size == npstat.st_size && (npstat.st_size > 0)) { ++ calculate_hash(np, local_hashsum, npstat.st_size); ++ if (strcmp(local_hashsum,remote_hashsum) == 0) { ++ /* we can skip this file if we want to. */ ++#ifdef DEBUG ++ fprintf(stderr, "%s: Files are the same\n", hostname); ++#endif ++ /* the remote is expecting something so we need to send them something*/ ++ snprintf(outbuf, BUF_AND_HASH, "S%-*s", BUF_AND_HASH-2, " "); ++ (void)atomicio(vwrite, remout, outbuf, strlen(outbuf)); ++#ifdef DEBUG ++ fprintf(stderr,"%s: sent '%s' to remote\n", hostname, outbuf); ++#endif ++ /* the remote is waiting on an ack so send a null */ ++ (void)atomicio(vwrite, remout, "", 1); ++ if (showprogress) ++ fprintf (stderr, "Skipping identical file: %s\n", np); ++ continue; ++ } else { ++ /* file sizes are the same but they don't match */ ++#ifdef DEBUG ++ fprintf(stderr, "%s: target(%ld) is different than source(%ld)!\n", ++ hostname, npstat.st_size, size); ++#endif ++ snprintf(tmpbuf, sizeof outbuf, "C%04o %lld %s", ++ (u_int) (npstat.st_mode & FILEMODEMASK), ++ (long long)npstat.st_size, local_hashsum); ++ snprintf(outbuf, BUF_AND_HASH, "%-*s", BUF_AND_HASH-1, tmpbuf); ++ (void) atomicio(vwrite, remout, outbuf, strlen(outbuf)); ++ bad_match_flag = 1; ++ } ++ } ++ /* if npstat.st_size is 0 then the local file doesn't exist and ++ * we have to move it. Since we are in resume mode treat it as a resume */ ++ if (npstat.st_size < xfer_size || (npstat.st_size == 0)) { ++ char rand_string[9]; ++#ifdef DEBUG ++ fprintf (stderr, "%s: %s is smaller than %s\n", hostname, np, cp); ++#endif ++ calculate_hash(np, local_hashsum, npstat.st_size); ++#define FILEMODEMASK (S_ISUID|S_ISGID|S_IRWXU|S_IRWXG|S_IRWXO) ++ snprintf(tmpbuf, sizeof outbuf, "R%04o %lld %s", ++ (u_int) (npstat.st_mode & FILEMODEMASK), ++ (long long)npstat.st_size, local_hashsum); ++ snprintf(outbuf, BUF_AND_HASH, "%-*s", BUF_AND_HASH-1, tmpbuf); ++#ifdef DEBUG ++ fprintf (stderr, "%s: new buf is %s of length %ld\n", ++ hostname, outbuf, strlen(outbuf)); ++ fprintf(stderr, "%s: Sending new file (%s) modes: %s\n", ++ hostname, np, outbuf); ++#endif ++ /*now we have to send np's length and hash to the other end ++ * if the computed hashes match then we seek to np's length in ++ * file and append to np starting from there */ ++ (void) atomicio(vwrite, remout, outbuf, strlen(outbuf)); ++#ifdef DEBUG ++ fprintf(stderr, "%s: New size: %ld, size: %ld, st_size: %ld\n", ++ hostname, size - npstat.st_size, size, npstat.st_size); ++#endif ++ xfer_size = size - npstat.st_size; ++ resume_flag = 1; ++ np_tmp = xstrdup(np); ++ /* We should have a random component to avoid clobbering a ++ * local file */ ++ rand_str(rand_string, 8); ++ strcat(np, rand_string); ++#ifdef DEBUG ++ fprintf(stderr, "%s: Will concat %s to %s after xfer\n", ++ hostname, np, np_tmp); ++#endif ++ } else if (npstat.st_size > size) { ++ /* the target file is larger than the source. ++ * so we need to overwrite it. We don't need to send the hash though. */ ++#ifdef DEBUG ++ fprintf(stderr, "%s: target(%ld) is larger than source(%ld)!\n", ++ hostname, npstat.st_size, size); ++#endif ++ snprintf(tmpbuf, sizeof outbuf, "C%04o %lld", ++ (u_int) (npstat.st_mode & FILEMODEMASK), ++ (long long)npstat.st_size); ++ snprintf(outbuf, BUF_AND_HASH, "%-*s", BUF_AND_HASH-1, tmpbuf); ++ (void) atomicio(vwrite, remout, outbuf, strlen(outbuf)); ++ bad_match_flag = 1; ++ } ++ ++#ifdef DEBUG ++ fprintf (stderr, "%s: CP is %s(%ld) NP is %s(%ld)\n", ++ hostname, cp, size, np, npstat.st_size); ++#endif ++ /* we are in resume mode so we need this *here* and not later ++ * because we need to get the file match information from the remote ++ * outside of resume mode we don't get that so we get out of sync ++ * so we have a test for the resume_flag after this block */ ++#ifdef DEBUG ++ fprintf (stderr, "%s: Sending null to remout.\n", hostname); ++#endif ++ (void) atomicio(vwrite, remout, "", 1); ++ ++ /* the remote is always going to send a match status ++ * so we need to read it so we don't get out of sync */ ++ (void) atomicio(read, remin, &match, 1); ++ if (match != 'M') {/*fragments do not match*/ ++ /* expected response of F, M and NULL *but* ++ * anything other than M is a failure ++ * if it's a NULL then we reset xfer_size but ++ * we retain the file pointers */ ++ xfer_size = size; ++ bad_match_flag = 1; ++ if (match == 'F') { ++ /* got an F for failure and not NULL ++ * so we want to swap over the filename from ++ * the temp back to the original */ ++#ifdef DEBUG ++ fprintf(stderr, "%s: match status is F\n", hostname); ++#endif ++ if (np_tmp != NULL) ++ np = np_tmp; ++ else { ++ continue; ++ } ++ } else { ++#ifdef DEBUG ++ fprintf(stderr, "%s: match received is NULL\n", hostname); ++#endif ++ } ++ } else { ++#ifdef DEBUG ++ fprintf(stderr, "%s match status is M\n", hostname); ++#endif ++ bad_match_flag = 0; /* while this is set at the beginning of the ++ * loop I'm setting it here explicitly as well */ ++ } ++ } ++ ++#ifdef DEBUG ++ fprintf(stderr, "%s: Creating file. mode is %d for %s\n", ++ hostname, mode, np); ++#endif + if ((ofd = open(np, O_WRONLY|O_CREAT, mode)) == -1) { + bad: run_err("%s: %s", np, strerror(errno)); + continue; + } +- (void) atomicio(vwrite, remout, "", 1); ++ ++ /* in the case of not using the resume function we need this vwrite here ++ * in the case of using the resume flag it comes in the above if (resume_flag) block ++ * why? because scp is weird and depends on an intricate and silly dance of ++ * call and response at just the right time. That's why */ ++ if (!resume_flag) { ++#ifdef DEBUG ++ fprintf (stderr, "%s: Sending null to remout.\n", hostname); ++#endif ++ (void) atomicio(vwrite, remout, "", 1); ++ } ++ + if ((bp = allocbuf(&buffer, ofd, COPY_BUFLEN)) == NULL) { + (void) close(ofd); + continue; +@@ -1908,13 +2432,17 @@ + */ + statbytes = 0; + if (showprogress) +- start_progress_meter(curfile, size, &statbytes); ++ start_progress_meter(curfile, xfer_size, &statbytes); + set_nonblock(remin); +- for (count = i = 0; i < size; i += bp->cnt) { ++#ifdef DEBUG ++ fprintf(stderr, "%s: xfer_size is %ld\n", hostname, xfer_size); ++#endif ++ for (count = i = 0; i < xfer_size; i += bp->cnt) { + amt = bp->cnt; +- if (i + amt > size) +- amt = size - i; ++ if (i + amt > xfer_size) ++ amt = xfer_size - i; + count += amt; ++ /* read the data from the socket*/ + do { + j = atomicio6(read, remin, cp, amt, + scpio, &statbytes); +@@ -1949,8 +2477,78 @@ + wrerr = 1; + } + if (!wrerr && (!exists || S_ISREG(stb.st_mode)) && +- ftruncate(ofd, size) != 0) ++ ftruncate(ofd, xfer_size) != 0) + note_err("%s: truncate: %s", np, strerror(errno)); ++ ++ /* if np_tmp isn't set then we don't have a resume file to cat */ ++ /* likewise, bad match flag means no resume flag */ ++#ifdef DEBUG ++ fprintf (stderr, "%s: resume_flag: %d, np_tmp: %s, bad_match_flag: %d\n", ++ hostname, resume_flag, np_tmp, bad_match_flag); ++#endif ++ if (resume_flag && np_tmp && !bad_match_flag) { ++ FILE *orig, *resume; ++ char res_buf[512]; /* set at 512 just because, might want to increase*/ ++ ssize_t res_bytes = 0; ++ off_t sum = 0; ++ struct stat res_stat; ++ *res_buf = '\0'; ++ orig = NULL; /*supress warnings*/ ++ resume = NULL; /*supress warnings*/ ++#ifdef DEBUG ++ fprintf(stderr, "%s: Resume flag is set. Going to concat %s to %s now\n", ++ hostname, np, np_tmp); ++#endif ++ /* np/ofd is the resume file so open np_tmp for appending ++ * close ofd because we are going to be shifting it ++ * and I don't wnat the same file open in multiple descriptors */ ++ if (close(ofd) == -1) ++ note_err("%s: close: %s", np, strerror(errno)); ++ /* orig is the target file, resume is the temp file */ ++ orig = fopen(np_tmp, "a"); /*open for appending*/ ++ if (orig == NULL) { ++ fprintf(stderr, "%s: Could not open %s for appending.", hostname, np_tmp); ++ goto stopcat; ++ } ++ resume = fopen(np, "r"); /*open for reading only*/ ++ if (resume == NULL) { ++ fprintf(stderr, "%s: Could not open %s for reading.", hostname, np); ++ goto stopcat; ++ } ++ /* get the number of bytes in the temp file*/ ++ if (fstat(fileno(resume), &res_stat) == -1) { ++ fprintf(stderr, "%s: Could not stat %s", hostname, np); ++ goto stopcat; ++ } ++ /* while the number of bytes read from the temp file ++ * is less than the size of the file read in a chunk and ++ * write it to the target file */ ++ do { ++ res_bytes = fread(res_buf, 1, 512, resume); ++ fwrite(res_buf, 1, res_bytes, orig); ++ sum += res_bytes; ++ } while (sum < res_stat.st_size); ++ ++stopcat: if (orig) ++ fclose(orig); ++ if (resume) ++ fclose(resume); ++ /* delete the resume file */ ++ remove(np); ++#ifdef DEBUG ++ fprintf (stderr, "%s: np(%s) and np_tmp(%s)\n", hostname, np, np_tmp); ++#endif ++ np = np_tmp; ++#ifdef DEBUG ++ fprintf (stderr, "%s np(%s) and np_tmp(%s)\n", hostname, np, np_tmp); ++#endif ++ /* reset ofd to the original np */ ++ if ((ofd = open(np_tmp, O_WRONLY)) == -1) { ++ fprintf(stderr, "%s: couldn't open %s in append function\n", hostname, np_tmp); ++ atomicio(vwrite, remout, "", 1); ++ goto bad; ++ } ++ } + if (pflag) { + if (exists || omode != mode) + #ifdef HAVE_FCHMOD +@@ -1985,8 +2583,17 @@ + } + } + /* If no error was noted then signal success for this file */ +- if (note_err(NULL) == 0) ++ if (note_err(NULL) == 0) { ++#ifdef DEBUG ++ fprintf (stderr, "%s: Sending null to remout.\n", hostname); ++#endif + (void) atomicio(vwrite, remout, "", 1); ++ } ++ /* we are in resume mode and we have allocated memory for np_tmp */ ++ if (resume_flag && np_tmp != NULL) { ++ free(np_tmp); ++ np_tmp = NULL; ++ } + } + done: + for (n = 0; n < npatterns; n++) +@@ -2130,11 +2737,19 @@ + void + usage(void) + { ++#if (defined WITH_OPENSSL) && !defined(LIBRESSL_VERSION_NUMBER) ++ (void) fprintf(stderr, ++ "usage: scp [-346ABCOpqRrsTvZ] [-c cipher] [-D sftp_server_path] [-F ssh_config]\n" ++ " [-i identity_file] [-J destination] [-l limit] [-o ssh_option]\n" ++ " [-P port] [-S program] [-X sftp_option] source ... target\n"); ++ exit(1); ++#else + (void) fprintf(stderr, + "usage: scp [-346ABCOpqRrsTv] [-c cipher] [-D sftp_server_path] [-F ssh_config]\n" + " [-i identity_file] [-J destination] [-l limit] [-o ssh_option]\n" + " [-P port] [-S program] [-X sftp_option] source ... target\n"); + exit(1); ++#endif + } + + void +@@ -2273,6 +2888,18 @@ + exit(1); + } + ++void rand_str(char *dest, size_t length) { ++ char charset[] = "0123456789" ++ "abcdefghijklmnopqrstuvwxyz" ++ "ABCDEFGHIJKLMNOPQRSTUVWXYZ"; ++ ++ while (length-- > 0) { ++ size_t index = (double) rand() / RAND_MAX * (sizeof charset - 1); ++ *dest++ = charset[index]; ++ } ++ *dest = '\0'; ++} ++ + void + cleanup_exit(int i) + { +diff -Nur openssh-9.6p1.orig/servconf.c openssh-9.6p1/servconf.c +--- openssh-9.6p1.orig/servconf.c 2024-07-10 13:32:39.601111817 +0200 ++++ openssh-9.6p1/servconf.c 2024-07-10 14:16:52.654947762 +0200 +@@ -199,6 +199,11 @@ + options->authorized_principals_file = NULL; + options->authorized_principals_command = NULL; + options->authorized_principals_command_user = NULL; ++ options->tcp_rcv_buf_poll = -1; ++ options->hpn_disabled = -1; ++ options->none_enabled = -1; ++ options->nonemac_enabled = -1; ++ options->hpn_buffer_limit = -1; + options->ip_qos_interactive = -1; + options->ip_qos_bulk = -1; + options->version_addendum = NULL; +@@ -464,6 +469,18 @@ + } + if (options->permit_tun == -1) + options->permit_tun = SSH_TUNMODE_NO; ++ if (options->none_enabled == -1) ++ options->none_enabled = 0; ++ if (options->nonemac_enabled == -1) ++ options->nonemac_enabled = 0; ++ if (options->nonemac_enabled > 0 && options->none_enabled == 0) { ++ debug ("Attempted to enabled None MAC without setting None Enabled to true. None MAC disabled."); ++ options->nonemac_enabled = 0; ++ } ++ if (options->hpn_disabled == -1) ++ options->hpn_disabled = 0; ++ if (options->hpn_buffer_limit == -1) ++ options->hpn_buffer_limit = 0; + if (options->ip_qos_interactive == -1) + options->ip_qos_interactive = IPTOS_DSCP_AF21; + if (options->ip_qos_bulk == -1) +@@ -545,6 +562,8 @@ + sKerberosGetAFSToken, sKerberosUniqueCCache, sKerberosUseKuserok, sPasswordAuthentication, + sKbdInteractiveAuthentication, sListenAddress, sAddressFamily, + sPrintMotd, sPrintLastLog, sIgnoreRhosts, ++ sNoneEnabled, sNoneMacEnabled, sHPNBufferLimit, ++ sTcpRcvBufPoll, sHPNDisabled, + sX11Forwarding, sX11DisplayOffset, sX11MaxDisplays, sX11UseLocalhost, + sPermitTTY, sStrictModes, sEmptyPasswd, sTCPKeepAlive, + sPermitUserEnvironment, sAllowTcpForwarding, sCompression, +@@ -746,6 +765,11 @@ + { "revokedkeys", sRevokedKeys, SSHCFG_ALL }, + { "trustedusercakeys", sTrustedUserCAKeys, SSHCFG_ALL }, + { "authorizedprincipalsfile", sAuthorizedPrincipalsFile, SSHCFG_ALL }, ++ { "hpndisabled", sHPNDisabled, SSHCFG_ALL }, ++ { "tcprcvbufpoll", sTcpRcvBufPoll, SSHCFG_ALL }, ++ { "noneenabled", sNoneEnabled, SSHCFG_ALL }, ++ { "nonemacenabled", sNoneMacEnabled, SSHCFG_ALL }, ++ { "hpnbufferlimit", sHPNBufferLimit, SSHCFG_ALL }, + { "kexalgorithms", sKexAlgorithms, SSHCFG_GLOBAL }, + { "include", sInclude, SSHCFG_ALL }, + { "ipqos", sIPQoS, SSHCFG_ALL }, +@@ -808,6 +832,7 @@ + + for (i = 0; keywords[i].name; i++) + if (strcasecmp(cp, keywords[i].name) == 0) { ++ debug("Config token is %s", keywords[i].name); + *flags = keywords[i].flags; + return keywords[i].opcode; + } +@@ -1604,12 +1629,32 @@ + multistate_ptr = multistate_ignore_rhosts; + goto parse_multistate; + ++ case sTcpRcvBufPoll: ++ intptr = &options->tcp_rcv_buf_poll; ++ goto parse_flag; ++ ++ case sHPNDisabled: ++ intptr = &options->hpn_disabled; ++ goto parse_flag; ++ + case sIgnoreUserKnownHosts: + intptr = &options->ignore_user_known_hosts; + parse_flag: + multistate_ptr = multistate_flag; + goto parse_multistate; + ++ case sNoneEnabled: ++ intptr = &options->none_enabled; ++ goto parse_flag; ++ ++ case sNoneMacEnabled: ++ intptr = &options->nonemac_enabled; ++ goto parse_flag; ++ ++ case sHPNBufferLimit: ++ intptr = &options->hpn_buffer_limit; ++ goto parse_flag; ++ + case sHostbasedAuthentication: + intptr = &options->hostbased_authentication; + goto parse_flag; +diff -Nur openssh-9.6p1.orig/servconf.h openssh-9.6p1/servconf.h +--- openssh-9.6p1.orig/servconf.h 2024-07-10 13:32:39.601111817 +0200 ++++ openssh-9.6p1/servconf.h 2024-07-10 13:34:02.728358618 +0200 +@@ -211,6 +211,11 @@ + + int use_pam; /* Enable auth via PAM */ + int permit_pam_user_change; /* Allow PAM to change user name */ ++ int tcp_rcv_buf_poll; /* poll tcp rcv window in autotuning kernels*/ ++ int hpn_disabled; /* disable hpn functionality. false by default */ ++ int none_enabled; /* Enable NONE cipher switch */ ++ int nonemac_enabled; /* Enable NONE MAC switch */ ++ int hpn_buffer_limit; /* limit local_window_max to 1/2 receive buffer */ + + int permit_tun; + +diff -Nur openssh-9.6p1.orig/serverloop.c openssh-9.6p1/serverloop.c +--- openssh-9.6p1.orig/serverloop.c 2024-07-10 13:32:39.588111779 +0200 ++++ openssh-9.6p1/serverloop.c 2024-07-10 14:18:04.600152988 +0200 +@@ -81,6 +81,8 @@ + #include "serverloop.h" + #include "ssherr.h" + #include "compat.h" ++#include "metrics.h" ++#include "cipher-switch.h" + + extern ServerOptions options; + +@@ -347,6 +349,7 @@ + sigset_t bsigset, osigset; + + debug("Entering interactive session for SSH2."); ++ ssh->start_time = monotime_double(); + + if (sigemptyset(&bsigset) == -1 || sigaddset(&bsigset, SIGCHLD) == -1) + error_f("bsigset setup: %s", strerror(errno)); +@@ -385,7 +388,9 @@ + error_f("osigset sigprocmask: %s", strerror(errno)); + + if (received_sigterm) { ++ sshpkt_final_log_entry(ssh); + logit("Exiting on signal %d", (int)received_sigterm); ++ sshpkt_final_log_entry(ssh); + /* Clean up sessions, utmp, etc. */ + cleanup_exit(255); + } +@@ -403,9 +408,15 @@ + collect_children(ssh); + free(pfd); + ++ /* write final log entry */ ++ sshpkt_final_log_entry(ssh); ++ + /* free all channels, no more reads and writes */ + channel_free_all(ssh); + ++ /* final entry must come after channels close -cjr */ ++ sshpkt_final_log_entry(ssh); ++ + /* free remaining sessions, e.g. remove wtmp entries */ + session_destroy_all(ssh, NULL); + } +@@ -607,6 +618,10 @@ + c = channel_new(ssh, "session", SSH_CHANNEL_LARVAL, + -1, -1, -1, /*window size*/0, CHAN_SES_PACKET_DEFAULT, + 0, "server-session", 1); ++ if ((options.tcp_rcv_buf_poll) && (!options.hpn_disabled)) ++ c->dynamic_window = 1; ++ if (options.hpn_buffer_limit) ++ c->hpn_buffer_limit = 1; + if (session_open(the_authctxt, c->self) != 1) { + debug("session open failed, free channel %d", c->self); + channel_free(ssh, c); +@@ -675,6 +690,67 @@ + return 0; + } + ++/* we need to get the actual socket in use and from there ++ * read the values in the TCP_INFO struct. ++ * shout out to Rene Pfiffer for the article https://linuxgazette.net/136/pfeiffer.html ++ * for getting me started. This only works on systems that support the tcp_info ++ * struct; linux, freebsd, netbsd as of now. Apple has one but it's completely different ++ * than any of the others. ++ */ ++static int ++server_input_metrics_request(struct ssh *ssh, struct sshbuf **respp) ++{ ++ int success = 0; ++ /* TCP_INFO is defined in metrics.h ++ * if it's not defined then we don't support tcp_info ++ * so just return a failure code */ ++#if !defined TCP_INFO ++ return success; ++#else ++ struct tcp_info tcp_info; ++ struct sshbuf *resp = NULL; ++ int tcp_info_len; ++ /* this is the socket of the current connection */ ++ int sock_in = ssh_packet_get_connection_in(ssh); ++ int r; ++ binn *metricsobj; ++ ++ tcp_info_len = sizeof(tcp_info); /*expect around 330 bytes */ ++ if ((resp = sshbuf_new()) == NULL) ++ fatal_f("sshbuf_new"); ++ ++ /* create the binn object to hold the serialized metrics */ ++ metricsobj = binn_object(); ++ if (metricsobj == NULL) { ++ error_f("Could not create metrics object"); ++ goto out; ++ } ++ ++ debug("Stack metrics request for connection %d", sock_in); ++ if ((r = getsockopt(sock_in, IPPROTO_TCP, TCP_INFO, (void *)&tcp_info, ++ (socklen_t *)&tcp_info_len)) != 0) { ++ error_f("Could not read tcp_info from socket"); ++ goto out; ++ } ++ /* write the tcp_info data to the binn object */ ++ metrics_write_binn_object(&tcp_info, metricsobj); ++ if ((r = sshbuf_put_string(resp, binn_ptr(metricsobj), ++ binn_size(metricsobj))) != 0) { ++ error_fr(r, "Failed to build tcp_info object"); ++ goto out; ++ } ++ /* copy the pointer of the response to the passed in response pointer */ ++ *respp = resp; ++ resp = NULL; /* don't free it */ ++ /* everything worked so set success to true */ ++ success = 1; ++out: ++ sshbuf_free(resp); ++ binn_free(metricsobj); ++ return success; ++#endif /* TCP_INFO */ ++} ++ + static int + server_input_hostkeys_prove(struct ssh *ssh, struct sshbuf **respp) + { +@@ -854,6 +930,10 @@ + success = 1; + } else if (strcmp(rtype, "hostkeys-prove-00@openssh.com") == 0) { + success = server_input_hostkeys_prove(ssh, &resp); ++ } else if (strcmp(rtype, "stack-metrics@hpnssh.org") == 0) { ++ /* resp is the response (sshbuf struct) from the function which is ++ * handled below in the want_reply stanza */ ++ success = server_input_metrics_request(ssh, &resp); + } + /* XXX sshpkt_get_end() */ + if (want_reply) { +diff -Nur openssh-9.6p1.orig/session.c openssh-9.6p1/session.c +--- openssh-9.6p1.orig/session.c 2024-07-10 13:32:39.552111672 +0200 ++++ openssh-9.6p1/session.c 2024-07-10 13:34:02.729358621 +0200 +@@ -94,6 +94,7 @@ + #include "monitor_wrap.h" + #include "sftp.h" + #include "atomicio.h" ++#include "cipher-switch.h" + + #if defined(KRB5) && defined(USE_AFS) + #include +@@ -226,6 +227,7 @@ + goto authsock_err; + + /* Allocate a channel for the authentication agent socket. */ ++ /* this shouldn't matter if its hpn or not - cjr */ + nc = channel_new(ssh, "auth-listener", + SSH_CHANNEL_AUTH_SOCKET, sock, sock, -1, + CHAN_X11_WINDOW_DEFAULT, CHAN_X11_PACKET_DEFAULT, +@@ -553,6 +555,8 @@ + session_set_fds(ssh, s, inout[1], inout[1], err[1], + s->is_subsystem, 0); + #endif ++ /* switch to the parallel ciphers if necessary */ ++ cipher_switch(ssh); + return 0; + } + +@@ -666,6 +670,8 @@ + ssh_packet_set_interactive(ssh, 1, + options.ip_qos_interactive, options.ip_qos_bulk); + session_set_fds(ssh, s, ptyfd, fdout, -1, 1, 1); ++ /* switch to the parallel cipher if appropriate */ ++ cipher_switch(ssh); + return 0; + } + +@@ -2884,4 +2890,3 @@ + remote = ssh_remote_ipaddr(ssh); + return remote; + } +- +diff -Nur openssh-9.6p1.orig/sftp.1 openssh-9.6p1/sftp.1 +--- openssh-9.6p1.orig/sftp.1 2023-12-18 15:59:50.000000000 +0100 ++++ openssh-9.6p1/sftp.1 2024-07-10 13:34:02.730358624 +0200 +@@ -299,7 +299,8 @@ + Specify how many requests may be outstanding at any one time. + Increasing this may slightly improve file transfer speed + but will increase memory usage. +-The default is 64 outstanding requests. ++The default is 1024 outstanding requests providing for 32MB ++of outstanding data with a 32KB buffer. + .It Fl r + Recursively copy entire directories when uploading and downloading. + Note that +@@ -328,10 +329,13 @@ + .It Cm nrequests Ns = Ns Ar value + Controls how many concurrent SFTP read or write requests may be in progress + at any point in time during a download or upload. +-By default 64 requests may be active concurrently. ++This value must be between 1 and 8192. ++By default 1024 requests may be active concurrently. + .It Cm buffer Ns = Ns Ar value + Controls the maximum buffer size for a single SFTP read/write operation used + during download or upload. ++This value must be between 1B and 255KB. You may use ++the K unit for the size. E.g. 32768 or 32K. + By default a 32KB buffer is used. + .El + .El +diff -Nur openssh-9.6p1.orig/sftp.c openssh-9.6p1/sftp.c +--- openssh-9.6p1.orig/sftp.c 2024-07-10 13:32:39.531111609 +0200 ++++ openssh-9.6p1/sftp.c 2024-07-10 14:19:56.850473846 +0200 +@@ -2562,23 +2562,28 @@ + replacearg(&args, 0, "%s", ssh_program); + break; + case 'X': +- /* Please keep in sync with ssh.c -X */ ++ /* Please keep in sync with scp.c -X */ + if (strncmp(optarg, "buffer=", 7) == 0) { + r = scan_scaled(optarg + 7, &llv); +- if (r == 0 && (llv <= 0 || llv > 256 * 1024)) { ++ /* don't ask for a buffer larger than the maximum ++ * size that SFTP can handle */ ++ if (r == 0 && (llv <= 0 || llv > (SFTP_MAX_MSG_LENGTH - 1024))) { + r = -1; + errno = EINVAL; + } + if (r == -1) { +- fatal("Invalid buffer size \"%s\": %s", +- optarg + 7, strerror(errno)); ++ fatal("Invalid buffer size. Must be between 1B and 255KB." ++ "\"%s\": %s", optarg + 7, strerror(errno)); + } + copy_buffer_len = (size_t)llv; + } else if (strncmp(optarg, "nrequests=", 10) == 0) { +- llv = strtonum(optarg + 10, 1, 256 * 1024, ++ /* more than 10k to 15k requests starts stalling the connection ++ * 8192 * default buffer size is 256MB of outstanding data. ++ * if users need more then they need to up the buffer size */ ++ llv = strtonum(optarg + 10, 1, 8 * 1024, + &errstr); + if (errstr != NULL) { +- fatal("Invalid number of requests " ++ fatal("Invalid number of requests. Must be between 1 and 8192. " + "\"%s\": %s", optarg + 10, errstr); + } + num_requests = (size_t)llv; +diff -Nur openssh-9.6p1.orig/sftp-client.c openssh-9.6p1/sftp-client.c +--- openssh-9.6p1.orig/sftp-client.c 2024-07-10 13:32:39.531111609 +0200 ++++ openssh-9.6p1/sftp-client.c 2024-07-10 13:34:02.731358627 +0200 +@@ -72,7 +72,8 @@ + #define DEFAULT_COPY_BUFLEN 32768 + + /* Default number of concurrent xfer requests (fix sftp.1 scp.1 if changed) */ +-#define DEFAULT_NUM_REQUESTS 64 ++/* 1024 xfer requests gives us 32MB of receive buffer space */ ++#define DEFAULT_NUM_REQUESTS 1024 + + /* Minimum amount of data to read at a time */ + #define MIN_READ_SIZE 512 +diff -Nur openssh-9.6p1.orig/ssh.1 openssh-9.6p1/ssh.1 +--- openssh-9.6p1.orig/ssh.1 2024-07-10 13:32:39.601111817 +0200 ++++ openssh-9.6p1/ssh.1 2024-07-10 13:34:02.731358627 +0200 +@@ -524,6 +524,7 @@ + .It ControlMaster + .It ControlPath + .It ControlPersist ++.It DisableMTAES* + .It DynamicForward + .It EnableSSHKeysign + .It EnableEscapeCommandline +@@ -552,6 +553,8 @@ + .It HostKeyAlgorithms + .It HostKeyAlias + .It Hostname ++.It HPNDisabled* ++.It HPNBufferLimit* + .It IdentitiesOnly + .It IdentityAgent + .It IdentityFile +@@ -568,7 +571,13 @@ + .It LogVerbose + .It MACs + .It Match ++.It Metrics ++.It MetricsInterval ++.It MetricsPath + .It NoHostAuthenticationForLocalhost ++.It NoneCipherEnabled* ++.It NoneEnabled* ++.It NoneMacEnabled* + .It NumberOfPasswordPrompts + .It PasswordAuthentication + .It PermitLocalCommand +@@ -599,6 +608,7 @@ + .It StrictHostKeyChecking + .It SyslogFacility + .It TCPKeepAlive ++.It TcpRcvBufPoll* + .It Tunnel + .It TunnelDevice + .It UpdateHostKeys +@@ -607,6 +617,8 @@ + .It VerifyHostKeyDNS + .It VisualHostKey + .It XAuthLocation ++.Pp ++.It * Hpnssh specific configuration option. + .El + .Pp + .It Fl P Ar tag +@@ -1825,3 +1837,7 @@ + created OpenSSH. + Markus Friedl contributed the support for SSH + protocol versions 1.5 and 2.0. ++Chris Rapier, Michael Stevens, Ben Bennet, and Mike Tasota developed ++the HPN extensions at the Pittsburgh Supercomuting Center with grants ++from Cisco, the National Library of Medicine, and the National Science ++Foundation. +diff -Nur openssh-9.6p1.orig/ssh_api.c openssh-9.6p1/ssh_api.c +--- openssh-9.6p1.orig/ssh_api.c 2023-12-18 15:59:50.000000000 +0100 ++++ openssh-9.6p1/ssh_api.c 2024-07-10 13:34:02.732358630 +0200 +@@ -410,7 +410,7 @@ + char *cp; + int r; + +- if ((r = sshbuf_putf(banner, "SSH-2.0-%.100s\r\n", SSH_VERSION)) != 0) ++ if ((r = sshbuf_putf(banner, "SSH-2.0-%.100s\r\n", SSH_RELEASE)) != 0) + return r; + if ((r = sshbuf_putb(ssh_packet_get_output(ssh), banner)) != 0) + return r; +diff -Nur openssh-9.6p1.orig/sshbuf.c openssh-9.6p1/sshbuf.c +--- openssh-9.6p1.orig/sshbuf.c 2023-12-18 15:59:50.000000000 +0100 ++++ openssh-9.6p1/sshbuf.c 2024-07-10 13:34:02.732358630 +0200 +@@ -27,6 +27,20 @@ + #define SSHBUF_INTERNAL + #include "sshbuf.h" + #include "misc.h" ++/* #include "log.h" */ ++ ++#define BUF_WATERSHED 256*1024 ++ ++#ifdef SSHBUF_DEBUG ++# define SSHBUF_TELL(what) do { \ ++ printf("%s:%d %s: %s size %zu alloc %zu off %zu max %zu\n", \ ++ __FILE__, __LINE__, __func__, what, \ ++ buf->size, buf->alloc, buf->off, buf->max_size); \ ++ fflush(stdout); \ ++ } while (0) ++#else ++# define SSHBUF_TELL(what) ++#endif + + #ifdef SSHBUF_DEBUG + # define SSHBUF_TELL(what) do { \ +@@ -45,12 +59,27 @@ + size_t off; /* First available byte is buf->d + buf->off */ + size_t size; /* Last byte is buf->d + buf->size - 1 */ + size_t max_size; /* Maximum size of buffer */ ++ size_t window_max; /* channel window max */ + size_t alloc; /* Total bytes allocated to buf->d */ + int readonly; /* Refers to external, const data */ + u_int refcount; /* Tracks self and number of child buffers */ + struct sshbuf *parent; /* If child, pointer to parent */ ++ char label[MAX_LABEL_LEN]; /* String for buffer label - debugging use */ ++ struct timeval buf_ts; /* creation time of buffer */ + }; + ++void ++sshbuf_relabel(struct sshbuf *buf, const char *label) ++{ ++ if (label != NULL) ++ strncpy(buf->label, label, MAX_LABEL_LEN-1); ++} ++ ++float time_diff(struct timeval *start, struct timeval *end) ++{ ++ return (end->tv_sec - start->tv_sec) + 1e-6*(end->tv_usec - start->tv_usec); ++} ++ + static inline int + sshbuf_check_sanity(const struct sshbuf *buf) + { +@@ -89,7 +118,7 @@ + } + + struct sshbuf * +-sshbuf_new(void) ++sshbuf_new_label (const char *label) + { + struct sshbuf *ret; + +@@ -100,6 +129,8 @@ + ret->readonly = 0; + ret->refcount = 1; + ret->parent = NULL; ++ if (label != NULL) ++ strncpy(ret->label, label, MAX_LABEL_LEN-1); + if ((ret->cd = ret->d = calloc(1, ret->alloc)) == NULL) { + free(ret); + return NULL; +@@ -218,7 +249,7 @@ + size_t + sshbuf_max_size(const struct sshbuf *buf) + { +- return buf->max_size; ++ return buf->max_size / 2; + } + + size_t +@@ -240,13 +271,18 @@ + } + + int +-sshbuf_set_max_size(struct sshbuf *buf, size_t max_size) ++sshbuf_set_max_size(struct sshbuf *buf, size_t requested_size) + { +- size_t rlen; ++ size_t rlen, max_size = requested_size * 2; + u_char *dp; + int r; + +- SSHBUF_DBG(("set max buf = %p len = %zu", buf, max_size)); ++ /* ++ * Note that we set the actual allocation limit to be 2x the requested ++ * size. This is to avoid some pathological compaction behaviour later ++ * when a buffer is at capacity and has small drains/fills on it. ++ */ ++ SSHBUF_DBG(("set max buf = %p requested = %zu", buf, requested_size)); + if ((r = sshbuf_check_sanity(buf)) != 0) + return r; + if (max_size == buf->max_size) +@@ -255,9 +291,17 @@ + return SSH_ERR_BUFFER_READ_ONLY; + if (max_size > SSHBUF_SIZE_MAX) + return SSH_ERR_NO_BUFFER_SPACE; +- /* pack and realloc if necessary */ +- sshbuf_maybe_pack(buf, max_size < buf->size); +- if (max_size < buf->alloc && max_size > buf->size) { ++ /* ++ * Always pack as it makes everything that follows easier. ++ * Potentially expensive, but this should seldom be called on buffers ++ * that already contain data. ++ */ ++ sshbuf_maybe_pack(buf, 1); ++ /* Refuse setting a maximum below current amount of data in buffer */ ++ if (requested_size < buf->size) ++ return SSH_ERR_NO_BUFFER_SPACE; ++ /* Shrink alloc if the existing allocation is larger than requested */ ++ if (requested_size < buf->alloc) { + if (buf->size < SSHBUF_SIZE_INIT) + rlen = SSHBUF_SIZE_INIT; + else +@@ -271,8 +315,6 @@ + buf->alloc = rlen; + } + SSHBUF_TELL("new-max"); +- if (max_size < buf->alloc) +- return SSH_ERR_NO_BUFFER_SPACE; + buf->max_size = max_size; + return 0; + } +@@ -290,7 +332,7 @@ + { + if (sshbuf_check_sanity(buf) != 0 || buf->readonly || buf->refcount > 1) + return 0; +- return buf->max_size - (buf->size - buf->off); ++ return (buf->max_size / 2) - (buf->size - buf->off); + } + + const u_char * +@@ -320,11 +362,18 @@ + return SSH_ERR_BUFFER_READ_ONLY; + SSHBUF_TELL("check"); + /* Check that len is reasonable and that max_size + available < len */ +- if (len > buf->max_size || buf->max_size - len < buf->size - buf->off) ++ if (len > (buf->max_size / 2) || ++ (buf->max_size / 2) - len < buf->size - buf->off) + return SSH_ERR_NO_BUFFER_SPACE; + return 0; + } + ++void ++sshbuf_set_window_max(struct sshbuf *buf, size_t len) ++{ ++ buf->window_max = len; ++} ++ + int + sshbuf_allocate(struct sshbuf *buf, size_t len) + { +@@ -350,9 +399,42 @@ + */ + need = len + buf->size - buf->alloc; + rlen = ROUNDUP(buf->alloc + need, SSHBUF_SIZE_INC); ++ /* With the changes in 8.9 the output buffer end up growing pretty ++ * slowly. It's knows that it needs to grow but it only does so 32K ++ * at a time. This means a lot of calls to realloc and memcpy which ++ * kills performance until the buffer reaches some maximum size. ++ * so we explicitly test for a buffer that's trying to grow and ++ * if it is then we push the growth to whatever the adjusted value of ++ * local_window_max happens to be. This significantly reduces overhead ++ * and improves performance. In this case we look for a buffer that is trying ++ * to grow larger than BUF_WATERSHED (256*1024 taken from PACKET_MAX_SIZE) ++ * and where the local_window_max isn't zero (which is usally in the Channels ++ * struct but we copied it into the shhbuf as window_max). If it is zero or ++ * the buffer is smaller than BUF_WATERSHED we just use the ++ * normal value for need. We also don't want to grow the buffer past ++ * what we need (the size of window_max) so if the current allocation (in ++ * buf->alloc) is greater than window_max we skip it. ++ * ++ * Turns out the extra functions on the following conditional aren't needed ++ * -cjr 04/06/23 ++ */ ++ if (rlen > BUF_WATERSHED) { ++ /* debug_f ("Prior: label: %s, %p, rlen is %zu need is %zu win_max is %zu max_size is %zu", ++ buf->label, buf, rlen, need, buf->window_max, buf->max_size); */ ++ /* easiest thing to do is grow the nuffer by 4MB each time. It might end ++ * up being somewhat overallocated but works quickly */ ++ need = (4*1024*1024); ++ rlen = ROUNDUP(buf->alloc + need, SSHBUF_SIZE_INC); ++ /* debug_f ("Post: label: %s, %p, rlen is %zu need is %zu win_max is %zu max_size is %zu", */ ++ /* buf->label, buf, rlen, need, buf->window_max, buf->max_size); */ ++ } + SSHBUF_DBG(("need %zu initial rlen %zu", need, rlen)); +- if (rlen > buf->max_size) +- rlen = buf->alloc + need; ++ ++ /* rlen might be above the max allocation */ ++ if (rlen > buf->max_size) { ++ rlen = buf->max_size; ++ /* debug_f("set rlen to %zu", buf->max_size);*/ ++ } + SSHBUF_DBG(("adjusted rlen %zu", rlen)); + if ((dp = recallocarray(buf->d, buf->alloc, rlen, 1)) == NULL) { + SSHBUF_DBG(("realloc fail")); +diff -Nur openssh-9.6p1.orig/sshbuf.h openssh-9.6p1/sshbuf.h +--- openssh-9.6p1.orig/sshbuf.h 2023-12-18 15:59:50.000000000 +0100 ++++ openssh-9.6p1/sshbuf.h 2024-07-10 13:34:02.732358630 +0200 +@@ -28,10 +28,12 @@ + # endif /* OPENSSL_HAS_ECC */ + #endif /* WITH_OPENSSL */ + +-#define SSHBUF_SIZE_MAX 0x8000000 /* Hard maximum size */ ++#define SSHBUF_SIZE_MAX 0xFFFFFFF /* Hard maximum size 256MB */ + #define SSHBUF_REFS_MAX 0x100000 /* Max child buffers */ + #define SSHBUF_MAX_BIGNUM (16384 / 8) /* Max bignum *bytes* */ + #define SSHBUF_MAX_ECPOINT ((528 * 2 / 8) + 1) /* Max EC point *bytes* */ ++#define MAX_LABEL_LEN 64 /*maximum size of sshbuf label */ ++#define sshbuf_new() sshbuf_new_label(__func__) + + struct sshbuf; + +@@ -39,7 +41,18 @@ + * Create a new sshbuf buffer. + * Returns pointer to buffer on success, or NULL on allocation failure. + */ +-struct sshbuf *sshbuf_new(void); ++/* struct sshbuf *sshbuf_new(void); */ ++ ++/* ++ * Create a new labeled sshbuf buffer. ++ * Returns pointer to buffer on success, or NULL on allocation failure. ++ */ ++struct sshbuf *sshbuf_new_label(const char *); ++ ++/* ++ * relabel the sshbuf struct ++ */ ++void sshbuf_relabel(struct sshbuf *, const char *); + + /* + * Create a new, read-only sshbuf buffer from existing data. +@@ -75,12 +88,13 @@ + void sshbuf_reset(struct sshbuf *buf); + + /* +- * Return the maximum size of buf ++ * Return the maximum usable size of buf + */ + size_t sshbuf_max_size(const struct sshbuf *buf); + + /* +- * Set the maximum size of buf ++ * Set the maximum usable size of buf. Note that the buffer may consume up ++ * to 2x this memory plus bookkeeping overhead. + * Returns 0 on success, or a negative SSH_ERR_* error code on failure. + */ + int sshbuf_set_max_size(struct sshbuf *buf, size_t max_size); +@@ -344,6 +358,9 @@ + ((u_char *)(p))[1] = __v & 0xff; \ + } while (0) + ++ ++void sshbuf_set_window_max(struct sshbuf *buf , size_t len); ++ + /* Internal definitions follow. Exposed for regress tests */ + #ifdef SSHBUF_INTERNAL + +diff -Nur openssh-9.6p1.orig/ssh.c openssh-9.6p1/ssh.c +--- openssh-9.6p1.orig/ssh.c 2024-07-10 13:32:39.602111820 +0200 ++++ openssh-9.6p1/ssh.c 2024-07-10 13:34:02.733358633 +0200 +@@ -109,6 +109,7 @@ + #include "ssherr.h" + #include "myproposal.h" + #include "utf8.h" ++#include "cipher-switch.h" + + #ifdef ENABLE_PKCS11 + #include "ssh-pkcs11.h" +@@ -1113,6 +1114,10 @@ + break; + case 'T': + options.request_tty = REQUEST_TTY_NO; ++ /* ensure that the user doesn't try to backdoor a */ ++ /* null cipher switch on an interactive session */ ++ /* so explicitly disable it no matter what */ ++ options.none_switch=0; + break; + case 'o': + line = xstrdup(optarg); +@@ -1682,10 +1687,36 @@ + } + + /* Open a connection to the remote host. */ ++ /* we try initially on the default hpnssh port returned by ++ * default_ssh_port() which now returns HPNSSH_DEFAULT_PORT ++ * if that fails we reset the port to SSH_DEFAULT_PORT ++ * -cjr 8/17/2022 ++ */ ++tryagain: + if (ssh_connect(ssh, host, options.host_arg, addrs, &hostaddr, + options.port, options.connection_attempts, +- &timeout_ms, options.tcp_keep_alive) != 0) ++ &timeout_ms, options.tcp_keep_alive) != 0) { ++ /* could not connect. If the port requested is the same as ++ * hpnssh default port then fallback. Otherwise, exit */ ++ if ((options.port == default_ssh_port()) && options.fallback) { ++ int port = options.fallback_port; ++ options.port = port; ++ fprintf(stderr, "HPNSSH server not available on default port %d\n", ++ default_ssh_port()); ++ if (port == 22) ++ fprintf(stderr, "Falling back to OpenSSH default port %d\n", ++ port); ++ else ++ fprintf(stderr, "Falling back to user defined port %d\n", ++ port); ++ addrs = resolve_host(host, port, 1, ++ cname, sizeof(cname)); ++ goto tryagain; ++ } else { ++ exit(255); ++ } + exit(255); ++ } + + if (addrs != NULL) + freeaddrinfo(addrs); +@@ -1892,7 +1923,7 @@ + + /* Do fork() after authentication. Used by "ssh -f" */ + static void +-fork_postauth(void) ++fork_postauth(struct ssh *ssh) + { + if (need_controlpersist_detach) + control_persist_detach(); +@@ -1902,17 +1933,20 @@ + fatal("daemon() failed: %.200s", strerror(errno)); + if (stdfd_devnull(1, 1, !(log_is_on_stderr() && debug_flag)) == -1) + error_f("stdfd_devnull failed"); ++ /* we do the cipher switch here in the event that the client ++ is forking or has a delayed fork */ ++ cipher_switch(ssh); + } + + static void +-forwarding_success(void) ++forwarding_success(struct ssh *ssh) + { + if (forward_confirms_pending == -1) + return; + if (--forward_confirms_pending == 0) { + debug_f("all expected forwarding replies received"); + if (options.fork_after_authentication) +- fork_postauth(); ++ fork_postauth(ssh); + } else { + debug2_f("%d expected forwarding replies remaining", + forward_confirms_pending); +@@ -1979,7 +2013,7 @@ + "for listen port %d", rfwd->listen_port); + } + } +- forwarding_success(); ++ forwarding_success(ssh); + } + + static void +@@ -2006,7 +2040,7 @@ + } + + debug_f("tunnel forward established, id=%d", id); +- forwarding_success(); ++ forwarding_success(ssh); + } + + static void +@@ -2207,6 +2241,15 @@ + NULL, fileno(stdin), command, environ); + } + ++/* this used to do a lot more but now it just checks to see ++ * if we are disabling hpn */ ++static void ++hpn_options_init(struct ssh *ssh) ++{ ++ channel_set_hpn_disabled(options.hpn_disabled); ++ debug_f("HPN disabled: %d", options.hpn_disabled); ++} ++ + /* open new channel for a session */ + static int + ssh_session2_open(struct ssh *ssh) +@@ -2228,6 +2271,7 @@ + window = CHAN_SES_WINDOW_DEFAULT; + packetmax = CHAN_SES_PACKET_DEFAULT; + if (tty_flag) { ++ window = CHAN_SES_WINDOW_DEFAULT; + window >>= 1; + packetmax >>= 1; + } +@@ -2236,6 +2280,16 @@ + window, packetmax, CHAN_EXTENDED_WRITE, + "client-session", CHANNEL_NONBLOCK_STDIO); + ++ /* TODO: Is this the right place for these options? */ ++ if (options.tcp_rcv_buf_poll > 0 && !options.hpn_disabled) { ++ c->dynamic_window = 1; ++ debug("Enabled Dynamic Window Scaling"); ++ } ++ ++ if (options.hpn_buffer_limit) ++ c->hpn_buffer_limit = 1; ++ ++ + debug3_f("channel_new: %d", c->self); + + channel_send_open(ssh, c->self); +@@ -2252,6 +2306,13 @@ + int r, interactive, id = -1; + char *cp, *tun_fwd_ifname = NULL; + ++ /* ++ * We need to initialize this early because the forwarding logic below ++ * might open channels that use the hpn buffer sizes. We can't send a ++ * window of -1 (the default) to the server as it breaks things. ++ */ ++ hpn_options_init(ssh); ++ + /* XXX should be pre-session */ + if (!options.control_persist) + ssh_init_stdio_forwarding(ssh); +@@ -2350,7 +2411,13 @@ + debug("deferring postauth fork until remote forward " + "confirmation received"); + } else +- fork_postauth(); ++ fork_postauth(ssh); ++ } else { ++ /* check to see if we are switching ciphers to ++ * one of our parallel versions. If the client is ++ * forking then we handle it in fork_postauth() ++ */ ++ cipher_switch(ssh); + } + + return client_loop(ssh, tty_flag, tty_flag ? +diff -Nur openssh-9.6p1.orig/ssh_config.5 openssh-9.6p1/ssh_config.5 +--- openssh-9.6p1.orig/ssh_config.5 2024-07-10 13:32:39.603111823 +0200 ++++ openssh-9.6p1/ssh_config.5 2024-07-10 13:34:02.734358636 +0200 +@@ -62,6 +62,19 @@ + .Pq Pa /etc/ssh/ssh_config + .El + .Pp ++.Xr hpnssh 1 ++is fully compatible with OpenSSH's ssh and uses the same configuration format, directives, and options. ++.Xr hpnssh 1 ++can use the same configuration file as ++.Xr ssh 1 ++though the inverse is not necessarily true. This is because ++.Xr hpnssh 1 ++has some additional options which are discussed below. As such users should either not ++use ++.Xr hpnssh 1 ++specific directives in their default ssh_config files or ensure that they always use a ++custom config file. ++.Pp + Unless noted otherwise, for each parameter, the first obtained value + will be used. + The configuration files contain sections separated by +@@ -700,6 +713,11 @@ + then the backgrounded master connection will automatically terminate + after it has remained idle (with no client connections) for the + specified time. ++.It Cm DisableMTAES ++Switch the encryption cipher being used from the multithreaded MT-AES-CTR cipher ++back to the stock single-threaded AES-CTR cipher. This may prove to be more ++effcient in some circumstances. Default is ++.Cm no. HPNSSH only. + .It Cm DynamicForward + Specifies that a TCP port on the local machine be forwarded + over the secure channel, and the application +@@ -1111,6 +1129,20 @@ + .Cm Hostname + specifications). + The default is the name given on the command line. ++.It Cm HPNDisabled ++In some situations, such as transfers on a local area network, the impact ++of the HPN code produces a net decrease in performance. In these cases it is ++helpful to disable the HPN functionality. By default HPNDisabled is set to ++.Cm no. HPNSSH only. ++.It Cm HPNBufferLimit ++This option will force the hpnssh receive buffer to grow more slowly and limits ++the growth to one half of the TCP receive buffer. This option can prove useful ++in situation where a high speed path with larger RTTs are writing to a slower ++device or file system. Enabling this option will reduce performance but may provide ++a more stable connection. The option only impacts the receiving side of the connection. ++For example, a client receiving data from a server but not a client sending data. ++By default this option is set to ++.Cm no. HPNSSH only. + .It Cm IdentitiesOnly + Specifies that + .Xr ssh 1 +@@ -1484,6 +1516,63 @@ + .Pp + The list of available MAC algorithms may also be obtained using + .Qq ssh -Q mac . ++.It Cm Metrics ++Indicate that the ssh client should gather and write TCP stack metrics from the ++TCP_INFO socket structure on compliant operating systems to a text file. ++These metrics will be collected from both the local and remote hosts if metrics ++are supported by the version of SSH and TCP_INFO is supported by the ++operating system. Currently operating system support is limited to Linux ++version 3.7 and greater, NetBSD, and FreeBSD (version 6 or greater). ++ ++If one of the hosts does not support the Metrics option then only data ++from the the host that does will be reported. See the HPN-README file ++for more detail. ++ ++The argument to the keyword must be ++.Cm yes ++or ++.Cm no ++(the default). ++ ++See ++.Cm MetricsInterval ++and ++.Cm MetricsPath ++for more metrics options. ++.Cm HPNSSH only. ++.It Cm MetricsInterval ++The frequency, in seconds, with which the TCP_INFO struct will be polled. The ++default value is 5 seconds. ++ ++.Cm Metrics ++must be set to ++.Cm yes ++fot this option to have any effect. ++.Cm HPNSSH only. ++.It Cm MetricsPath ++The file path where ++.Cm Metrics ++should write the TCP stack metrics. ++ ++The default is ++.Sm off ++.Ar ./ssh_stack_metrics.local ++ and ++.Ar ./ssh_stack_metrics.remote ++.Sm on ++ ++The user may specify any other filepath and filename that they have write ++access to. E.g. MetricsPath=/tmp/my_metrics. The suffix of .local ++and .remote will be appended to this path. Files are ++.Cm not ++overwritten by subsequent metrics sessions. Instead, data from new sessions ++will be appended if the file already exists. ++ ++.Cm Metrics ++must be set to ++.Cm yes ++fot this option to have any effect. ++.Cm HPNSSH only. + .It Cm NoHostAuthenticationForLocalhost + Disable host authentication for localhost (loopback addresses). + The argument to this keyword must be +@@ -1491,6 +1580,36 @@ + or + .Cm no + (the default). ++.It Cm NoneEnabled ++Enable or disable the use of the None cipher. Care must always be used ++when enabling this as it will allow users to send data in the clear. However, ++it is important to note that authentication information remains encrypted ++even if this option is enabled. Default is ++.Cm no. HPNSSH only. ++.It Cm NoneMacEnabled ++Enable or disable the use of the None MAC. When this is enabled ssh ++will *not* provide data integrity of any data being transmitted between hosts. Use ++with caution as it, unlike just using NoneEnabled, doesn't provide data integrity and ++protection against man-in-the-middle attacks. As with NoneEnabled all authentication ++remains encrypted and integrity is ensured. Default is ++.Cm no. HPNSSH only. ++.It Cm NoneSwitch ++Switch the encryption cipher being used to the None cipher after ++authentication takes place. NoneEnabled must be enabled on both the client ++and server side of the connection. When the connection switches to the NONE ++cipher a warning is sent to STDERR. The connection attempt will fail with an ++error if a client requests a NoneSwitch from the server that does not explicitly ++have NoneEnabled set to yes. Note: The NONE cipher cannot be used in ++interactive (shell) sessions and it will fail silently. Set to ++.Cm no ++by default. ++.Cm HPNSSH only. ++.Pp ++.Cm Note: ++this options cannot actualy be set in the ssh_config file. It must be ++set on the command line use -oNoneEnabled. This is to prevent it from being ++used accidentally. It is included here for completeness as neither NoneMacEnabled ++or NoneCipherEnabled have any effect without this option. + .It Cm NumberOfPasswordPrompts + Specifies the number of password prompts before giving up. + The argument to this keyword must be an integer. +@@ -2048,6 +2167,12 @@ + Specify a configuration tag name that may be later used by a + .Cm Match + directive to select a block of configuration. ++.It Cm TcpRcvBufPoll ++Enable of disable the polling of the tcp receive buffer through the life ++of the connection. You would want to make sure that this option is enabled ++for systems making use of autotuning kernels (linux 2.4.24+, 2.6, MS Vista). ++Default is ++.Cm yes. HPNSSH only. + .It Cm Tunnel + Request + .Xr tun 4 +@@ -2404,3 +2529,11 @@ + created OpenSSH. + .An Markus Friedl + contributed the support for SSH protocol versions 1.5 and 2.0. ++.An Chris Rapier, ++.An Michael Stevens, ++.An Ben Bennet, ++and ++.An Mike Tasota ++developed the HPN extensions at the Pittsburgh Supercomuting Center ++with grants from Cisco, the National Library of Medicine, and ++the National Science Foundation. +diff -Nur openssh-9.6p1.orig/sshconnect2.c openssh-9.6p1/sshconnect2.c +--- openssh-9.6p1.orig/sshconnect2.c 2024-07-10 13:32:39.603111823 +0200 ++++ openssh-9.6p1/sshconnect2.c 2024-07-10 13:34:02.734358636 +0200 +@@ -76,6 +76,7 @@ + #include "utf8.h" + #include "ssh-sk.h" + #include "sk-api.h" ++#include "cipher-switch.h" + + #ifdef GSSAPI + #include "ssh-gss.h" +@@ -85,6 +86,13 @@ + extern Options options; + + /* ++ * tty_flag is set in ssh.c. Use this in ssh_userauth2: ++ * if it is set, then prevent the switch to the null cipher. ++ */ ++ ++extern int tty_flag; ++ ++/* + * SSH2 key exchange + */ + +@@ -582,6 +590,42 @@ + + if (!authctxt.success) + fatal("Authentication failed."); ++ ++ /* ++ * If the user wants to use the none cipher and/or none mac, do it post authentication ++ * and only if the right conditions are met -- both of the NONE commands ++ * must be true and there must be no tty allocated. ++ */ ++ if (options.none_switch == 1 && options.none_enabled == 1) { ++ char *myproposal[PROPOSAL_MAX]; ++ char *s = NULL; ++ const char *none_cipher = "none"; ++ if (!tty_flag) { /* no null on tty sessions */ ++ debug("Requesting none rekeying..."); ++ kex_proposal_populate_entries(ssh, myproposal, s, none_cipher, ++ options.macs, ++ compression_alg_list(options.compression), ++ options.hostkeyalgorithms); ++ fprintf(stderr, "WARNING: ENABLED NONE CIPHER!!!\n"); ++ ++ /* NONEMAC can only be used in context of the NONE CIPHER */ ++ if (options.nonemac_enabled == 1) { ++ const char *none_mac = "none"; ++ kex_proposal_populate_entries(ssh, myproposal, s, none_cipher, ++ none_mac, ++ compression_alg_list(options.compression), ++ options.hostkeyalgorithms); ++ fprintf(stderr, "WARNING: ENABLED NONE MAC\n"); ++ } ++ kex_prop2buf(ssh->kex->my, myproposal); ++ packet_request_rekeying(); ++ } else { ++ /* requested NONE cipher when in a tty */ ++ debug("Cannot switch to NONE cipher with tty allocated"); ++ fprintf(stderr, "NONE cipher switch disabled when a TTY is allocated\n"); ++ } ++ } ++ + if (ssh_packet_connection_is_on_socket(ssh)) { + verbose("Authenticated to %s ([%s]:%d) using \"%s\".", host, + ssh_remote_ipaddr(ssh), ssh_remote_port(ssh), +diff -Nur openssh-9.6p1.orig/sshd.8 openssh-9.6p1/sshd.8 +--- openssh-9.6p1.orig/sshd.8 2024-07-10 13:32:39.603111823 +0200 ++++ openssh-9.6p1/sshd.8 2024-07-10 13:34:02.734358636 +0200 +@@ -1078,3 +1078,7 @@ + protocol versions 1.5 and 2.0. + Niels Provos and Markus Friedl contributed support + for privilege separation. ++Chris Rapier, Michael Stevens, Ben Bennet, and Mike Tasota developed ++the HPN extensions at the Pittsburgh Supercomuting Center with grants ++from Cisco, the National Library of Medicine, and the National Science ++Foundation. +diff -Nur openssh-9.6p1.orig/sshd.c openssh-9.6p1/sshd.c +--- openssh-9.6p1.orig/sshd.c 2024-07-10 13:32:39.604111826 +0200 ++++ openssh-9.6p1/sshd.c 2024-07-10 13:34:02.735358639 +0200 +@@ -1093,6 +1093,8 @@ + int ret, listen_sock; + struct addrinfo *ai; + char ntop[NI_MAXHOST], strport[NI_MAXSERV]; ++ int socksize; ++ int socksizelen = sizeof(int); + + for (ai = la->addrs; ai; ai = ai->ai_next) { + if (ai->ai_family != AF_INET && ai->ai_family != AF_INET6) +@@ -1138,6 +1140,10 @@ + + debug("Bind to port %s on %s.", strport, ntop); + ++ getsockopt(listen_sock, SOL_SOCKET, SO_RCVBUF, ++ &socksize, &socksizelen); ++ debug("Server TCP RWIN socket size: %d", socksize); ++ + /* Bind the socket to the desired port. */ + if (bind(listen_sock, ai->ai_addr, ai->ai_addrlen) == -1) { + error("Bind to port %s on %s failed: %.200s.", +@@ -1876,6 +1882,19 @@ + /* Fill in default values for those options not explicitly set. */ + fill_default_server_options(&options); + ++ if (options.none_enabled == 1) { ++ char *old_ciphers = options.ciphers; ++ xasprintf(&options.ciphers, "%s,none", old_ciphers); ++ free(old_ciphers); ++ ++ /* only enable the none MAC in context of the none cipher -cjr */ ++ if (options.nonemac_enabled == 1) { ++ char *old_macs = options.macs; ++ xasprintf(&options.macs, "%s,none", old_macs); ++ free(old_macs); ++ } ++ } ++ + /* Check that options are sensible */ + if (options.authorized_keys_command_user == NULL && + (options.authorized_keys_command != NULL && +@@ -2359,6 +2378,9 @@ + rdomain == NULL ? "" : "\""); + free(laddr); + ++ /* set the HPN options for the child */ ++ channel_set_hpn_disabled(options.hpn_disabled); ++ + /* + * We don't want to listen forever unless the other side + * successfully authenticates itself. So we set up an alarm which is +@@ -2545,6 +2567,11 @@ + struct kex *kex; + int r; + ++ if (options.none_enabled == 1) ++ debug("WARNING: None cipher enabled"); ++ if (options.nonemac_enabled == 1) ++ debug("WARNING: None MAC enabled"); ++ + if (options.rekey_limit || options.rekey_interval) + ssh_packet_set_rekey_limits(ssh, options.rekey_limit, + options.rekey_interval); +diff -Nur openssh-9.6p1.orig/sshd_config openssh-9.6p1/sshd_config +--- openssh-9.6p1.orig/sshd_config 2024-07-10 13:32:39.604111826 +0200 ++++ openssh-9.6p1/sshd_config 2024-07-10 13:34:02.735358639 +0200 +@@ -19,6 +19,7 @@ + # semanage port -a -t ssh_port_t -p tcp #PORTNUMBER + # + #Port 22 ++Port 2222 + #AddressFamily any + #ListenAddress 0.0.0.0 + #ListenAddress :: +@@ -127,6 +128,24 @@ + # override default of no subsystems + Subsystem sftp /usr/libexec/sftp-server + ++# the following are HPN related configuration options ++# tcp receive buffer polling. disable in non autotuning kernels ++#TcpRcvBufPoll yes ++ ++# disable hpn performance boosts ++#HPNDisabled no ++ ++# allow the use of the none cipher ++#NoneEnabled no ++ ++# allow the use of the none MAC ++#NoneMacEnabled no ++ ++# clamp the server's receive buffer to ++# 1/2 the tcp receive window. This may be useful ++# in some environments. ++#HPNBufferLimit no ++ + # Example of overriding settings on a per-user basis + #Match User anoncvs + # X11Forwarding no +diff -Nur openssh-9.6p1.orig/sshd_config.5 openssh-9.6p1/sshd_config.5 +--- openssh-9.6p1.orig/sshd_config.5 2024-07-10 13:32:39.605111829 +0200 ++++ openssh-9.6p1/sshd_config.5 2024-07-10 13:34:02.736358642 +0200 +@@ -56,6 +56,16 @@ + .Pq \&" + in order to represent arguments containing spaces. + .Pp ++.Xr hpnsshd 8 ++is fully compatible with OpenSSH's sshd and uses the same configuration format, directives, and options. ++.Xr hpnsshd 8 ++can use the same configuration file as ++.Xr sshd 8 ++though the inverse is not necessarily true. This is because ++.Xr hpnssh 8 ++has some additional options which are discussed below. As such administrators should maintain ++seperate configuration files for each. ++.Pp + The possible + keywords and their meanings are as follows (note that + keywords are case-insensitive and arguments are case-sensitive): +@@ -659,6 +669,10 @@ + TCP and StreamLocal. + This option overrides all other forwarding-related options and may + simplify restricted configurations. ++.It Cm DisableMTAES ++Switch the encryption cipher being used from the multithreaded MT-AES-CTR cipher ++back to the stock single-threaded AES-CTR cipher. Default is ++.Cm no. HPNSSH only. + .It Cm ExposeAuthInfo + Writes a temporary file containing a list of authentication methods and + public credentials (e.g. keys) used to authenticate the user. +@@ -892,6 +906,21 @@ + The default for this option is: + The list of available signature algorithms may also be obtained using + .Qq ssh -Q HostKeyAlgorithms . ++.It Cm HPNDisabled ++In some situations, such as transfers on a local area network, the impact ++of the HPN code produces a net decrease in performance. In these cases it is ++helpful to disable the HPN functionality. By default HPNDisabled is set to ++.CM no. ++.It Cm HPNBufferLimit ++This option will force the hpnssh receive buffer to grow more slowly and limits ++the growth to one half of the TCP receive buffer. This option can prove useful ++in situation where a high speed path with larger RTTs are writing to a slower ++device or file system. Enabling this option will reduce performance but may provide ++a more stable connection. The option only impacts the receiving side of the connection. ++For example, a client receiving data from a server but not a client sending data. If ++enabled on a server this will impact all incoming connections. ++By default this option is set to ++.Cm no. HPNSSH only. + .It Cm IgnoreRhosts + Specifies whether to ignore per-user + .Pa .rhosts +@@ -1393,6 +1422,19 @@ + key exchange methods. + The default is + .Pa /etc/moduli . ++.It Cm NoneEnabled ++Enable or disable the use of the None cipher. Care must always be used ++when enabling this as it will allow users to send data in the clear. However, ++it is important to note that authentication information remains encrypted ++even if this option is enabled. Default is ++.Cm no ++.It Cm NoneMacEnabled ++Enable or disable the use of the None MAC. When this is enabled ssh ++will *not* provide data integrity of any data being transmitted between hosts. Use ++with caution as it, unlike just using NoneEnabled, doesn't provide data integrity and ++protection against man-in-the-middle attacks. As with NoneEnabled all authentication ++remains encrypted and integrity is ensured. Default is ++.Cm no. + .It Cm PasswordAuthentication + Specifies whether password authentication is allowed. + The default is +@@ -1835,6 +1877,13 @@ + .Pp + To disable TCP keepalive messages, the value should be set to + .Cm no . ++.IT Cm TcpRcvBufPoll ++Enable of disable the polling of the tcp receive buffer throughout the life ++of the connection. Make sure that this option is enabled for systems making ++use of autotuning kernels (linux 2.4.24+, 2.6, MS Vista) in order to ++maximize throughput on high performance networks. ++Default is ++.Cm yes. + .It Cm TrustedUserCAKeys + Specifies a file containing public keys of certificate authorities that are + trusted to sign user certificates for authentication, or +@@ -2133,3 +2182,11 @@ + and + .An Markus Friedl + contributed support for privilege separation. ++.An Chris Rapier, ++.An Michael Stevens, ++.An Ben Bennet, ++and ++.An Mike Tasota ++developed the HPN extensions at the Pittsburgh Supercomuting Center ++with grants from Cisco, the National Library of Medicine, and ++the National Science Foundation. +diff -Nur openssh-9.6p1.orig/ssh.h openssh-9.6p1/ssh.h +--- openssh-9.6p1.orig/ssh.h 2023-12-18 15:59:50.000000000 +0100 ++++ openssh-9.6p1/ssh.h 2024-07-10 13:34:02.736358642 +0200 +@@ -17,6 +17,7 @@ + + /* Default port number. */ + #define SSH_DEFAULT_PORT 22 ++#define HPNSSH_DEFAULT_PORT 2222 + + /* + * Maximum number of certificate files that can be specified +@@ -48,7 +49,7 @@ + * Name for the service. The port named by this service overrides the + * default port if present. + */ +-#define SSH_SERVICE_NAME "ssh" ++#define SSH_SERVICE_NAME "hpnssh" + + /* + * Name of the environment variable containing the process ID of the +diff -Nur openssh-9.6p1.orig/sshkey.c openssh-9.6p1/sshkey.c +--- openssh-9.6p1.orig/sshkey.c 2024-07-10 13:32:39.561111698 +0200 ++++ openssh-9.6p1/sshkey.c 2024-07-10 13:34:02.737358645 +0200 +@@ -1780,7 +1780,8 @@ + stderr); + #endif + if ((r = cipher_init(&cctx, cipher, keyiv, cipher_keylen(cipher), +- keyiv + cipher_keylen(cipher), cipher_ivlen(cipher), 1)) != 0) ++ keyiv + cipher_keylen(cipher), cipher_ivlen(cipher), 0, ++ CIPHER_ENCRYPT, CIPHER_SERIAL)) != 0) + goto out; + + /* Serialise and encrypt the private key using the ephemeral key */ +@@ -1915,7 +1916,8 @@ + keyiv, SSH_DIGEST_MAX_LENGTH)) != 0) + goto out; + if ((r = cipher_init(&cctx, cipher, keyiv, cipher_keylen(cipher), +- keyiv + cipher_keylen(cipher), cipher_ivlen(cipher), 0)) != 0) ++ keyiv + cipher_keylen(cipher), cipher_ivlen(cipher), 0, ++ CIPHER_DECRYPT, CIPHER_SERIAL)) != 0) + goto out; + #ifdef DEBUG_PK + fprintf(stderr, "%s: key+iv\n", __func__); +@@ -2983,6 +2985,13 @@ + kdfname = "none"; + } else if (ciphername == NULL) + ciphername = DEFAULT_CIPHERNAME; ++ /* ++ * NOTE: Without OpenSSL, this string comparison is still safe, even ++ * though it will never match because the multithreaded cipher is not ++ * enabled. ++ */ ++ else if (strcmp(ciphername, "chacha20-poly1305-mt@hpnssh.org") == 0) ++ ciphername = "chacha20-poly1305@openssh.com"; + if ((cipher = cipher_by_name(ciphername)) == NULL) { + r = SSH_ERR_INVALID_ARGUMENT; + goto out; +@@ -3018,7 +3027,7 @@ + goto out; + } + if ((r = cipher_init(&ciphercontext, cipher, key, keylen, +- key + keylen, ivlen, 1)) != 0) ++ key + keylen, ivlen, 0, CIPHER_ENCRYPT, CIPHER_SERIAL)) != 0) + goto out; + + if ((r = sshbuf_put(encoded, AUTH_MAGIC, sizeof(AUTH_MAGIC))) != 0 || +@@ -3205,6 +3214,8 @@ + (r = sshbuf_get_u32(decoded, &encrypted_len)) != 0) + goto out; + ++ if (strcmp(ciphername, "chacha20-poly1305-mt@hpnssh.org") == 0) ++ strcpy(ciphername, "chacha20-poly1305@openssh.com"); + if ((cipher = cipher_by_name(ciphername)) == NULL) { + r = SSH_ERR_KEY_UNKNOWN_CIPHER; + goto out; +@@ -3260,7 +3271,7 @@ + /* decrypt private portion of key */ + if ((r = sshbuf_reserve(decrypted, encrypted_len, &dp)) != 0 || + (r = cipher_init(&ciphercontext, cipher, key, keylen, +- key + keylen, ivlen, 0)) != 0) ++ key + keylen, ivlen, 0, CIPHER_DECRYPT, CIPHER_SERIAL)) != 0) + goto out; + if ((r = cipher_crypt(ciphercontext, 0, dp, sshbuf_ptr(decoded), + encrypted_len, 0, authlen)) != 0) { +diff -Nur openssh-9.6p1.orig/sshkey-xmss.c openssh-9.6p1/sshkey-xmss.c +--- openssh-9.6p1.orig/sshkey-xmss.c 2023-12-18 15:59:50.000000000 +0100 ++++ openssh-9.6p1/sshkey-xmss.c 2024-07-10 13:34:02.737358645 +0200 +@@ -903,9 +903,29 @@ + state->enc_keyiv == NULL || + state->enc_ciphername == NULL) + return SSH_ERR_INTERNAL_ERROR; +- if ((cipher = cipher_by_name(state->enc_ciphername)) == NULL) { +- r = SSH_ERR_INTERNAL_ERROR; +- goto out; ++ /* ++ * chacha20-poly1305-mt@hpnssh.org and chacha20-poly1305@openssh.com ++ * represent different implementations of the same cipher. For key ++ * encryption purposes, they're equivalent, and the multithreaded ++ * implementation is excessive. It can be assumed that references to the ++ * multithreaded implementation in this context are unintentional, so ++ * these checks should look for the serial implementation instead. ++ * ++ * Additionally, the following code is safe regardless of whether the ++ * multithreaded implementation is enabled, so no #ifdefs are necessary. ++ */ ++ if (strcmp(state->enc_ciphername, "chacha20-poly1305-mt@hpnssh.org") ++ == 0) { ++ if ((cipher = cipher_by_name("chacha20-poly1305@openssh.com")) ++ == NULL) { ++ r = SSH_ERR_INTERNAL_ERROR; ++ goto out; ++ } ++ } else { ++ if ((cipher = cipher_by_name(state->enc_ciphername)) == NULL) { ++ r = SSH_ERR_INTERNAL_ERROR; ++ goto out; ++ } + } + blocksize = cipher_blocksize(cipher); + keylen = cipher_keylen(cipher); +@@ -956,7 +976,7 @@ + if ((r = sshbuf_reserve(encrypted, + encrypted_len + aadlen + authlen, &cp)) != 0 || + (r = cipher_init(&ciphercontext, cipher, key, keylen, +- iv, ivlen, 1)) != 0 || ++ iv, ivlen, 0, CIPHER_ENCRYPT, CIPHER_SERIAL)) != 0 || + (r = cipher_crypt(ciphercontext, 0, cp, sshbuf_ptr(encoded), + encrypted_len, aadlen, authlen)) != 0) + goto out; +@@ -995,9 +1015,29 @@ + state->enc_keyiv == NULL || + state->enc_ciphername == NULL) + return SSH_ERR_INTERNAL_ERROR; +- if ((cipher = cipher_by_name(state->enc_ciphername)) == NULL) { +- r = SSH_ERR_INVALID_FORMAT; +- goto out; ++ /* ++ * chacha20-poly1305-mt@hpnssh.org and chacha20-poly1305@openssh.com ++ * represent different implementations of the same cipher. For key ++ * encryption purposes, they're equivalent, and the multithreaded ++ * implementation is excessive. It can be assumed that references to the ++ * multithreaded implementation in this context are unintentional, so ++ * these checks should look for the serial implementation instead. ++ * ++ * Additionally, the following code is safe regardless of whether the ++ * multithreaded implementation is enabled, so no #ifdefs are necessary. ++ */ ++ if (strcmp(state->enc_ciphername, "chacha20-poly1305-mt@hpnssh.org") ++ == 0) { ++ if ((cipher = cipher_by_name("chacha20-poly1305@openssh.com")) ++ == NULL) { ++ r = SSH_ERR_INVALID_FORMAT; ++ goto out; ++ } ++ } else { ++ if ((cipher = cipher_by_name(state->enc_ciphername)) == NULL) { ++ r = SSH_ERR_INVALID_FORMAT; ++ goto out; ++ } + } + blocksize = cipher_blocksize(cipher); + keylen = cipher_keylen(cipher); +@@ -1049,7 +1089,7 @@ + /* decrypt private state of key */ + if ((r = sshbuf_reserve(decrypted, aadlen + encrypted_len, &dp)) != 0 || + (r = cipher_init(&ciphercontext, cipher, key, keylen, +- iv, ivlen, 0)) != 0 || ++ iv, ivlen, 0, CIPHER_DECRYPT, CIPHER_SERIAL)) != 0 || + (r = cipher_crypt(ciphercontext, 0, dp, sshbuf_ptr(copy), + encrypted_len, aadlen, authlen)) != 0) + goto out; +diff -Nur openssh-9.6p1.orig/umac.c openssh-9.6p1/umac.c +--- openssh-9.6p1.orig/umac.c 2023-12-18 15:59:50.000000000 +0100 ++++ openssh-9.6p1/umac.c 2024-07-10 13:34:02.738358648 +0200 +@@ -134,15 +134,48 @@ + /* --- Endian Conversion --- Forcing assembly on some platforms */ + /* ---------------------------------------------------------------------- */ + ++ ++/* Using local statically defined versions of the get/put functions ++ * found in misc.c allows them to be inlined. This improves throughput ++ * performance by 10% to 15% on well connected (10Gb/s+) systems. ++ * Chris Rapier 2022-03-09 */ ++ ++static __attribute__((__bounded__(__minbytes__, 1, 4))) ++u_int32_t umac_get_u32_le(const void *vp) ++{ ++ const u_char *p = (const u_char *)vp; ++ u_int32_t v; ++ ++ v = (u_int32_t)p[0]; ++ v |= (u_int32_t)p[1] << 8; ++ v |= (u_int32_t)p[2] << 16; ++ v |= (u_int32_t)p[3] << 24; ++ ++ return (v); ++} ++ ++#if (! __LITTLE_ENDIAN__) /* compile time warning thrown otherwise */ ++static __attribute__((__bounded__(__minbytes__, 1, 4))); ++void umac_put_u32_le(void *vp, u_int32_t v) ++{ ++ u_char *p = (u_char *)vp; ++ ++ p[0] = (u_char)v & 0xff; ++ p[1] = (u_char)(v >> 8) & 0xff; ++ p[2] = (u_char)(v >> 16) & 0xff; ++ p[3] = (u_char)(v >> 24) & 0xff; ++} ++#endif ++ + #if (__LITTLE_ENDIAN__) + #define LOAD_UINT32_REVERSED(p) get_u32(p) + #define STORE_UINT32_REVERSED(p,v) put_u32(p,v) + #else +-#define LOAD_UINT32_REVERSED(p) get_u32_le(p) +-#define STORE_UINT32_REVERSED(p,v) put_u32_le(p,v) ++#define LOAD_UINT32_REVERSED(p) umac_get_u32_le(p) ++#define STORE_UINT32_REVERSED(p,v) umac_put_u32_le(p,v) + #endif + +-#define LOAD_UINT32_LITTLE(p) (get_u32_le(p)) ++#define LOAD_UINT32_LITTLE(p) (umac_get_u32_le(p)) + #define STORE_UINT32_BIG(p,v) put_u32(p, v) + + /* ---------------------------------------------------------------------- */ +diff -Nur openssh-9.6p1.orig/uthash.h openssh-9.6p1/uthash.h +--- openssh-9.6p1.orig/uthash.h 1970-01-01 01:00:00.000000000 +0100 ++++ openssh-9.6p1/uthash.h 2024-07-10 13:34:02.738358648 +0200 +@@ -0,0 +1,1140 @@ ++/* ++Copyright (c) 2003-2022, Troy D. Hanson https://troydhanson.github.io/uthash/ ++All rights reserved. ++ ++Redistribution and use in source and binary forms, with or without ++modification, are permitted provided that the following conditions are met: ++ ++ * Redistributions of source code must retain the above copyright ++ notice, this list of conditions and the following disclaimer. ++ ++THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS ++IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED ++TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A ++PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER ++OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, ++EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, ++PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR ++PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF ++LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING ++NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS ++SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. ++*/ ++ ++#ifndef UTHASH_H ++#define UTHASH_H ++ ++#define UTHASH_VERSION 2.3.0 ++ ++#include /* memcmp, memset, strlen */ ++#include /* ptrdiff_t */ ++#include /* exit */ ++ ++#if defined(HASH_DEFINE_OWN_STDINT) && HASH_DEFINE_OWN_STDINT ++/* This codepath is provided for backward compatibility, but I plan to remove it. */ ++#warning "HASH_DEFINE_OWN_STDINT is deprecated; please use HASH_NO_STDINT instead" ++typedef unsigned int uint32_t; ++typedef unsigned char uint8_t; ++#elif defined(HASH_NO_STDINT) && HASH_NO_STDINT ++#else ++#include /* uint8_t, uint32_t */ ++#endif ++ ++/* These macros use decltype or the earlier __typeof GNU extension. ++ As decltype is only available in newer compilers (VS2010 or gcc 4.3+ ++ when compiling c++ source) this code uses whatever method is needed ++ or, for VS2008 where neither is available, uses casting workarounds. */ ++#if !defined(DECLTYPE) && !defined(NO_DECLTYPE) ++#if defined(_MSC_VER) /* MS compiler */ ++#if _MSC_VER >= 1600 && defined(__cplusplus) /* VS2010 or newer in C++ mode */ ++#define DECLTYPE(x) (decltype(x)) ++#else /* VS2008 or older (or VS2010 in C mode) */ ++#define NO_DECLTYPE ++#endif ++#elif defined(__MCST__) /* Elbrus C Compiler */ ++#define DECLTYPE(x) (__typeof(x)) ++#elif defined(__BORLANDC__) || defined(__ICCARM__) || defined(__LCC__) || defined(__WATCOMC__) ++#define NO_DECLTYPE ++#else /* GNU, Sun and other compilers */ ++#define DECLTYPE(x) (__typeof(x)) ++#endif ++#endif ++ ++#ifdef NO_DECLTYPE ++#define DECLTYPE(x) ++#define DECLTYPE_ASSIGN(dst,src) \ ++do { \ ++ char **_da_dst = (char**)(&(dst)); \ ++ *_da_dst = (char*)(src); \ ++} while (0) ++#else ++#define DECLTYPE_ASSIGN(dst,src) \ ++do { \ ++ (dst) = DECLTYPE(dst)(src); \ ++} while (0) ++#endif ++ ++#ifndef uthash_malloc ++#define uthash_malloc(sz) malloc(sz) /* malloc fcn */ ++#endif ++#ifndef uthash_free ++#define uthash_free(ptr,sz) free(ptr) /* free fcn */ ++#endif ++#ifndef uthash_bzero ++#define uthash_bzero(a,n) memset(a,'\0',n) ++#endif ++#ifndef uthash_strlen ++#define uthash_strlen(s) strlen(s) ++#endif ++ ++#ifndef HASH_FUNCTION ++#define HASH_FUNCTION(keyptr,keylen,hashv) HASH_JEN(keyptr, keylen, hashv) ++#endif ++ ++#ifndef HASH_KEYCMP ++#define HASH_KEYCMP(a,b,n) memcmp(a,b,n) ++#endif ++ ++#ifndef uthash_noexpand_fyi ++#define uthash_noexpand_fyi(tbl) /* can be defined to log noexpand */ ++#endif ++#ifndef uthash_expand_fyi ++#define uthash_expand_fyi(tbl) /* can be defined to log expands */ ++#endif ++ ++#ifndef HASH_NONFATAL_OOM ++#define HASH_NONFATAL_OOM 0 ++#endif ++ ++#if HASH_NONFATAL_OOM ++/* malloc failures can be recovered from */ ++ ++#ifndef uthash_nonfatal_oom ++#define uthash_nonfatal_oom(obj) do {} while (0) /* non-fatal OOM error */ ++#endif ++ ++#define HASH_RECORD_OOM(oomed) do { (oomed) = 1; } while (0) ++#define IF_HASH_NONFATAL_OOM(x) x ++ ++#else ++/* malloc failures result in lost memory, hash tables are unusable */ ++ ++#ifndef uthash_fatal ++#define uthash_fatal(msg) exit(-1) /* fatal OOM error */ ++#endif ++ ++#define HASH_RECORD_OOM(oomed) uthash_fatal("out of memory") ++#define IF_HASH_NONFATAL_OOM(x) ++ ++#endif ++ ++/* initial number of buckets */ ++#define HASH_INITIAL_NUM_BUCKETS 32U /* initial number of buckets */ ++#define HASH_INITIAL_NUM_BUCKETS_LOG2 5U /* lg2 of initial number of buckets */ ++#define HASH_BKT_CAPACITY_THRESH 10U /* expand when bucket count reaches */ ++ ++/* calculate the element whose hash handle address is hhp */ ++#define ELMT_FROM_HH(tbl,hhp) ((void*)(((char*)(hhp)) - ((tbl)->hho))) ++/* calculate the hash handle from element address elp */ ++#define HH_FROM_ELMT(tbl,elp) ((UT_hash_handle*)(void*)(((char*)(elp)) + ((tbl)->hho))) ++ ++#define HASH_ROLLBACK_BKT(hh, head, itemptrhh) \ ++do { \ ++ struct UT_hash_handle *_hd_hh_item = (itemptrhh); \ ++ unsigned _hd_bkt; \ ++ HASH_TO_BKT(_hd_hh_item->hashv, (head)->hh.tbl->num_buckets, _hd_bkt); \ ++ (head)->hh.tbl->buckets[_hd_bkt].count++; \ ++ _hd_hh_item->hh_next = NULL; \ ++ _hd_hh_item->hh_prev = NULL; \ ++} while (0) ++ ++#define HASH_VALUE(keyptr,keylen,hashv) \ ++do { \ ++ HASH_FUNCTION(keyptr, keylen, hashv); \ ++} while (0) ++ ++#define HASH_FIND_BYHASHVALUE(hh,head,keyptr,keylen,hashval,out) \ ++do { \ ++ (out) = NULL; \ ++ if (head) { \ ++ unsigned _hf_bkt; \ ++ HASH_TO_BKT(hashval, (head)->hh.tbl->num_buckets, _hf_bkt); \ ++ if (HASH_BLOOM_TEST((head)->hh.tbl, hashval) != 0) { \ ++ HASH_FIND_IN_BKT((head)->hh.tbl, hh, (head)->hh.tbl->buckets[ _hf_bkt ], keyptr, keylen, hashval, out); \ ++ } \ ++ } \ ++} while (0) ++ ++#define HASH_FIND(hh,head,keyptr,keylen,out) \ ++do { \ ++ (out) = NULL; \ ++ if (head) { \ ++ unsigned _hf_hashv; \ ++ HASH_VALUE(keyptr, keylen, _hf_hashv); \ ++ HASH_FIND_BYHASHVALUE(hh, head, keyptr, keylen, _hf_hashv, out); \ ++ } \ ++} while (0) ++ ++#ifdef HASH_BLOOM ++#define HASH_BLOOM_BITLEN (1UL << HASH_BLOOM) ++#define HASH_BLOOM_BYTELEN (HASH_BLOOM_BITLEN/8UL) + (((HASH_BLOOM_BITLEN%8UL)!=0UL) ? 1UL : 0UL) ++#define HASH_BLOOM_MAKE(tbl,oomed) \ ++do { \ ++ (tbl)->bloom_nbits = HASH_BLOOM; \ ++ (tbl)->bloom_bv = (uint8_t*)uthash_malloc(HASH_BLOOM_BYTELEN); \ ++ if (!(tbl)->bloom_bv) { \ ++ HASH_RECORD_OOM(oomed); \ ++ } else { \ ++ uthash_bzero((tbl)->bloom_bv, HASH_BLOOM_BYTELEN); \ ++ (tbl)->bloom_sig = HASH_BLOOM_SIGNATURE; \ ++ } \ ++} while (0) ++ ++#define HASH_BLOOM_FREE(tbl) \ ++do { \ ++ uthash_free((tbl)->bloom_bv, HASH_BLOOM_BYTELEN); \ ++} while (0) ++ ++#define HASH_BLOOM_BITSET(bv,idx) (bv[(idx)/8U] |= (1U << ((idx)%8U))) ++#define HASH_BLOOM_BITTEST(bv,idx) (bv[(idx)/8U] & (1U << ((idx)%8U))) ++ ++#define HASH_BLOOM_ADD(tbl,hashv) \ ++ HASH_BLOOM_BITSET((tbl)->bloom_bv, ((hashv) & (uint32_t)((1UL << (tbl)->bloom_nbits) - 1U))) ++ ++#define HASH_BLOOM_TEST(tbl,hashv) \ ++ HASH_BLOOM_BITTEST((tbl)->bloom_bv, ((hashv) & (uint32_t)((1UL << (tbl)->bloom_nbits) - 1U))) ++ ++#else ++#define HASH_BLOOM_MAKE(tbl,oomed) ++#define HASH_BLOOM_FREE(tbl) ++#define HASH_BLOOM_ADD(tbl,hashv) ++#define HASH_BLOOM_TEST(tbl,hashv) (1) ++#define HASH_BLOOM_BYTELEN 0U ++#endif ++ ++#define HASH_MAKE_TABLE(hh,head,oomed) \ ++do { \ ++ (head)->hh.tbl = (UT_hash_table*)uthash_malloc(sizeof(UT_hash_table)); \ ++ if (!(head)->hh.tbl) { \ ++ HASH_RECORD_OOM(oomed); \ ++ } else { \ ++ uthash_bzero((head)->hh.tbl, sizeof(UT_hash_table)); \ ++ (head)->hh.tbl->tail = &((head)->hh); \ ++ (head)->hh.tbl->num_buckets = HASH_INITIAL_NUM_BUCKETS; \ ++ (head)->hh.tbl->log2_num_buckets = HASH_INITIAL_NUM_BUCKETS_LOG2; \ ++ (head)->hh.tbl->hho = (char*)(&(head)->hh) - (char*)(head); \ ++ (head)->hh.tbl->buckets = (UT_hash_bucket*)uthash_malloc( \ ++ HASH_INITIAL_NUM_BUCKETS * sizeof(struct UT_hash_bucket)); \ ++ (head)->hh.tbl->signature = HASH_SIGNATURE; \ ++ if (!(head)->hh.tbl->buckets) { \ ++ HASH_RECORD_OOM(oomed); \ ++ uthash_free((head)->hh.tbl, sizeof(UT_hash_table)); \ ++ } else { \ ++ uthash_bzero((head)->hh.tbl->buckets, \ ++ HASH_INITIAL_NUM_BUCKETS * sizeof(struct UT_hash_bucket)); \ ++ HASH_BLOOM_MAKE((head)->hh.tbl, oomed); \ ++ IF_HASH_NONFATAL_OOM( \ ++ if (oomed) { \ ++ uthash_free((head)->hh.tbl->buckets, \ ++ HASH_INITIAL_NUM_BUCKETS*sizeof(struct UT_hash_bucket)); \ ++ uthash_free((head)->hh.tbl, sizeof(UT_hash_table)); \ ++ } \ ++ ) \ ++ } \ ++ } \ ++} while (0) ++ ++#define HASH_REPLACE_BYHASHVALUE_INORDER(hh,head,fieldname,keylen_in,hashval,add,replaced,cmpfcn) \ ++do { \ ++ (replaced) = NULL; \ ++ HASH_FIND_BYHASHVALUE(hh, head, &((add)->fieldname), keylen_in, hashval, replaced); \ ++ if (replaced) { \ ++ HASH_DELETE(hh, head, replaced); \ ++ } \ ++ HASH_ADD_KEYPTR_BYHASHVALUE_INORDER(hh, head, &((add)->fieldname), keylen_in, hashval, add, cmpfcn); \ ++} while (0) ++ ++#define HASH_REPLACE_BYHASHVALUE(hh,head,fieldname,keylen_in,hashval,add,replaced) \ ++do { \ ++ (replaced) = NULL; \ ++ HASH_FIND_BYHASHVALUE(hh, head, &((add)->fieldname), keylen_in, hashval, replaced); \ ++ if (replaced) { \ ++ HASH_DELETE(hh, head, replaced); \ ++ } \ ++ HASH_ADD_KEYPTR_BYHASHVALUE(hh, head, &((add)->fieldname), keylen_in, hashval, add); \ ++} while (0) ++ ++#define HASH_REPLACE(hh,head,fieldname,keylen_in,add,replaced) \ ++do { \ ++ unsigned _hr_hashv; \ ++ HASH_VALUE(&((add)->fieldname), keylen_in, _hr_hashv); \ ++ HASH_REPLACE_BYHASHVALUE(hh, head, fieldname, keylen_in, _hr_hashv, add, replaced); \ ++} while (0) ++ ++#define HASH_REPLACE_INORDER(hh,head,fieldname,keylen_in,add,replaced,cmpfcn) \ ++do { \ ++ unsigned _hr_hashv; \ ++ HASH_VALUE(&((add)->fieldname), keylen_in, _hr_hashv); \ ++ HASH_REPLACE_BYHASHVALUE_INORDER(hh, head, fieldname, keylen_in, _hr_hashv, add, replaced, cmpfcn); \ ++} while (0) ++ ++#define HASH_APPEND_LIST(hh, head, add) \ ++do { \ ++ (add)->hh.next = NULL; \ ++ (add)->hh.prev = ELMT_FROM_HH((head)->hh.tbl, (head)->hh.tbl->tail); \ ++ (head)->hh.tbl->tail->next = (add); \ ++ (head)->hh.tbl->tail = &((add)->hh); \ ++} while (0) ++ ++#define HASH_AKBI_INNER_LOOP(hh,head,add,cmpfcn) \ ++do { \ ++ do { \ ++ if (cmpfcn(DECLTYPE(head)(_hs_iter), add) > 0) { \ ++ break; \ ++ } \ ++ } while ((_hs_iter = HH_FROM_ELMT((head)->hh.tbl, _hs_iter)->next)); \ ++} while (0) ++ ++#ifdef NO_DECLTYPE ++#undef HASH_AKBI_INNER_LOOP ++#define HASH_AKBI_INNER_LOOP(hh,head,add,cmpfcn) \ ++do { \ ++ char *_hs_saved_head = (char*)(head); \ ++ do { \ ++ DECLTYPE_ASSIGN(head, _hs_iter); \ ++ if (cmpfcn(head, add) > 0) { \ ++ DECLTYPE_ASSIGN(head, _hs_saved_head); \ ++ break; \ ++ } \ ++ DECLTYPE_ASSIGN(head, _hs_saved_head); \ ++ } while ((_hs_iter = HH_FROM_ELMT((head)->hh.tbl, _hs_iter)->next)); \ ++} while (0) ++#endif ++ ++#if HASH_NONFATAL_OOM ++ ++#define HASH_ADD_TO_TABLE(hh,head,keyptr,keylen_in,hashval,add,oomed) \ ++do { \ ++ if (!(oomed)) { \ ++ unsigned _ha_bkt; \ ++ (head)->hh.tbl->num_items++; \ ++ HASH_TO_BKT(hashval, (head)->hh.tbl->num_buckets, _ha_bkt); \ ++ HASH_ADD_TO_BKT((head)->hh.tbl->buckets[_ha_bkt], hh, &(add)->hh, oomed); \ ++ if (oomed) { \ ++ HASH_ROLLBACK_BKT(hh, head, &(add)->hh); \ ++ HASH_DELETE_HH(hh, head, &(add)->hh); \ ++ (add)->hh.tbl = NULL; \ ++ uthash_nonfatal_oom(add); \ ++ } else { \ ++ HASH_BLOOM_ADD((head)->hh.tbl, hashval); \ ++ HASH_EMIT_KEY(hh, head, keyptr, keylen_in); \ ++ } \ ++ } else { \ ++ (add)->hh.tbl = NULL; \ ++ uthash_nonfatal_oom(add); \ ++ } \ ++} while (0) ++ ++#else ++ ++#define HASH_ADD_TO_TABLE(hh,head,keyptr,keylen_in,hashval,add,oomed) \ ++do { \ ++ unsigned _ha_bkt; \ ++ (head)->hh.tbl->num_items++; \ ++ HASH_TO_BKT(hashval, (head)->hh.tbl->num_buckets, _ha_bkt); \ ++ HASH_ADD_TO_BKT((head)->hh.tbl->buckets[_ha_bkt], hh, &(add)->hh, oomed); \ ++ HASH_BLOOM_ADD((head)->hh.tbl, hashval); \ ++ HASH_EMIT_KEY(hh, head, keyptr, keylen_in); \ ++} while (0) ++ ++#endif ++ ++ ++#define HASH_ADD_KEYPTR_BYHASHVALUE_INORDER(hh,head,keyptr,keylen_in,hashval,add,cmpfcn) \ ++do { \ ++ IF_HASH_NONFATAL_OOM( int _ha_oomed = 0; ) \ ++ (add)->hh.hashv = (hashval); \ ++ (add)->hh.key = (char*) (keyptr); \ ++ (add)->hh.keylen = (unsigned) (keylen_in); \ ++ if (!(head)) { \ ++ (add)->hh.next = NULL; \ ++ (add)->hh.prev = NULL; \ ++ HASH_MAKE_TABLE(hh, add, _ha_oomed); \ ++ IF_HASH_NONFATAL_OOM( if (!_ha_oomed) { ) \ ++ (head) = (add); \ ++ IF_HASH_NONFATAL_OOM( } ) \ ++ } else { \ ++ void *_hs_iter = (head); \ ++ (add)->hh.tbl = (head)->hh.tbl; \ ++ HASH_AKBI_INNER_LOOP(hh, head, add, cmpfcn); \ ++ if (_hs_iter) { \ ++ (add)->hh.next = _hs_iter; \ ++ if (((add)->hh.prev = HH_FROM_ELMT((head)->hh.tbl, _hs_iter)->prev)) { \ ++ HH_FROM_ELMT((head)->hh.tbl, (add)->hh.prev)->next = (add); \ ++ } else { \ ++ (head) = (add); \ ++ } \ ++ HH_FROM_ELMT((head)->hh.tbl, _hs_iter)->prev = (add); \ ++ } else { \ ++ HASH_APPEND_LIST(hh, head, add); \ ++ } \ ++ } \ ++ HASH_ADD_TO_TABLE(hh, head, keyptr, keylen_in, hashval, add, _ha_oomed); \ ++ HASH_FSCK(hh, head, "HASH_ADD_KEYPTR_BYHASHVALUE_INORDER"); \ ++} while (0) ++ ++#define HASH_ADD_KEYPTR_INORDER(hh,head,keyptr,keylen_in,add,cmpfcn) \ ++do { \ ++ unsigned _hs_hashv; \ ++ HASH_VALUE(keyptr, keylen_in, _hs_hashv); \ ++ HASH_ADD_KEYPTR_BYHASHVALUE_INORDER(hh, head, keyptr, keylen_in, _hs_hashv, add, cmpfcn); \ ++} while (0) ++ ++#define HASH_ADD_BYHASHVALUE_INORDER(hh,head,fieldname,keylen_in,hashval,add,cmpfcn) \ ++ HASH_ADD_KEYPTR_BYHASHVALUE_INORDER(hh, head, &((add)->fieldname), keylen_in, hashval, add, cmpfcn) ++ ++#define HASH_ADD_INORDER(hh,head,fieldname,keylen_in,add,cmpfcn) \ ++ HASH_ADD_KEYPTR_INORDER(hh, head, &((add)->fieldname), keylen_in, add, cmpfcn) ++ ++#define HASH_ADD_KEYPTR_BYHASHVALUE(hh,head,keyptr,keylen_in,hashval,add) \ ++do { \ ++ IF_HASH_NONFATAL_OOM( int _ha_oomed = 0; ) \ ++ (add)->hh.hashv = (hashval); \ ++ (add)->hh.key = (const void*) (keyptr); \ ++ (add)->hh.keylen = (unsigned) (keylen_in); \ ++ if (!(head)) { \ ++ (add)->hh.next = NULL; \ ++ (add)->hh.prev = NULL; \ ++ HASH_MAKE_TABLE(hh, add, _ha_oomed); \ ++ IF_HASH_NONFATAL_OOM( if (!_ha_oomed) { ) \ ++ (head) = (add); \ ++ IF_HASH_NONFATAL_OOM( } ) \ ++ } else { \ ++ (add)->hh.tbl = (head)->hh.tbl; \ ++ HASH_APPEND_LIST(hh, head, add); \ ++ } \ ++ HASH_ADD_TO_TABLE(hh, head, keyptr, keylen_in, hashval, add, _ha_oomed); \ ++ HASH_FSCK(hh, head, "HASH_ADD_KEYPTR_BYHASHVALUE"); \ ++} while (0) ++ ++#define HASH_ADD_KEYPTR(hh,head,keyptr,keylen_in,add) \ ++do { \ ++ unsigned _ha_hashv; \ ++ HASH_VALUE(keyptr, keylen_in, _ha_hashv); \ ++ HASH_ADD_KEYPTR_BYHASHVALUE(hh, head, keyptr, keylen_in, _ha_hashv, add); \ ++} while (0) ++ ++#define HASH_ADD_BYHASHVALUE(hh,head,fieldname,keylen_in,hashval,add) \ ++ HASH_ADD_KEYPTR_BYHASHVALUE(hh, head, &((add)->fieldname), keylen_in, hashval, add) ++ ++#define HASH_ADD(hh,head,fieldname,keylen_in,add) \ ++ HASH_ADD_KEYPTR(hh, head, &((add)->fieldname), keylen_in, add) ++ ++#define HASH_TO_BKT(hashv,num_bkts,bkt) \ ++do { \ ++ bkt = ((hashv) & ((num_bkts) - 1U)); \ ++} while (0) ++ ++/* delete "delptr" from the hash table. ++ * "the usual" patch-up process for the app-order doubly-linked-list. ++ * The use of _hd_hh_del below deserves special explanation. ++ * These used to be expressed using (delptr) but that led to a bug ++ * if someone used the same symbol for the head and deletee, like ++ * HASH_DELETE(hh,users,users); ++ * We want that to work, but by changing the head (users) below ++ * we were forfeiting our ability to further refer to the deletee (users) ++ * in the patch-up process. Solution: use scratch space to ++ * copy the deletee pointer, then the latter references are via that ++ * scratch pointer rather than through the repointed (users) symbol. ++ */ ++#define HASH_DELETE(hh,head,delptr) \ ++ HASH_DELETE_HH(hh, head, &(delptr)->hh) ++ ++#define HASH_DELETE_HH(hh,head,delptrhh) \ ++do { \ ++ const struct UT_hash_handle *_hd_hh_del = (delptrhh); \ ++ if ((_hd_hh_del->prev == NULL) && (_hd_hh_del->next == NULL)) { \ ++ HASH_BLOOM_FREE((head)->hh.tbl); \ ++ uthash_free((head)->hh.tbl->buckets, \ ++ (head)->hh.tbl->num_buckets * sizeof(struct UT_hash_bucket)); \ ++ uthash_free((head)->hh.tbl, sizeof(UT_hash_table)); \ ++ (head) = NULL; \ ++ } else { \ ++ unsigned _hd_bkt; \ ++ if (_hd_hh_del == (head)->hh.tbl->tail) { \ ++ (head)->hh.tbl->tail = HH_FROM_ELMT((head)->hh.tbl, _hd_hh_del->prev); \ ++ } \ ++ if (_hd_hh_del->prev != NULL) { \ ++ HH_FROM_ELMT((head)->hh.tbl, _hd_hh_del->prev)->next = _hd_hh_del->next; \ ++ } else { \ ++ DECLTYPE_ASSIGN(head, _hd_hh_del->next); \ ++ } \ ++ if (_hd_hh_del->next != NULL) { \ ++ HH_FROM_ELMT((head)->hh.tbl, _hd_hh_del->next)->prev = _hd_hh_del->prev; \ ++ } \ ++ HASH_TO_BKT(_hd_hh_del->hashv, (head)->hh.tbl->num_buckets, _hd_bkt); \ ++ HASH_DEL_IN_BKT((head)->hh.tbl->buckets[_hd_bkt], _hd_hh_del); \ ++ (head)->hh.tbl->num_items--; \ ++ } \ ++ HASH_FSCK(hh, head, "HASH_DELETE_HH"); \ ++} while (0) ++ ++/* convenience forms of HASH_FIND/HASH_ADD/HASH_DEL */ ++#define HASH_FIND_STR(head,findstr,out) \ ++do { \ ++ unsigned _uthash_hfstr_keylen = (unsigned)uthash_strlen(findstr); \ ++ HASH_FIND(hh, head, findstr, _uthash_hfstr_keylen, out); \ ++} while (0) ++#define HASH_ADD_STR(head,strfield,add) \ ++do { \ ++ unsigned _uthash_hastr_keylen = (unsigned)uthash_strlen((add)->strfield); \ ++ HASH_ADD(hh, head, strfield[0], _uthash_hastr_keylen, add); \ ++} while (0) ++#define HASH_REPLACE_STR(head,strfield,add,replaced) \ ++do { \ ++ unsigned _uthash_hrstr_keylen = (unsigned)uthash_strlen((add)->strfield); \ ++ HASH_REPLACE(hh, head, strfield[0], _uthash_hrstr_keylen, add, replaced); \ ++} while (0) ++#define HASH_FIND_INT(head,findint,out) \ ++ HASH_FIND(hh,head,findint,sizeof(int),out) ++#define HASH_ADD_INT(head,intfield,add) \ ++ HASH_ADD(hh,head,intfield,sizeof(int),add) ++#define HASH_REPLACE_INT(head,intfield,add,replaced) \ ++ HASH_REPLACE(hh,head,intfield,sizeof(int),add,replaced) ++#define HASH_FIND_PTR(head,findptr,out) \ ++ HASH_FIND(hh,head,findptr,sizeof(void *),out) ++#define HASH_ADD_PTR(head,ptrfield,add) \ ++ HASH_ADD(hh,head,ptrfield,sizeof(void *),add) ++#define HASH_REPLACE_PTR(head,ptrfield,add,replaced) \ ++ HASH_REPLACE(hh,head,ptrfield,sizeof(void *),add,replaced) ++#define HASH_DEL(head,delptr) \ ++ HASH_DELETE(hh,head,delptr) ++ ++/* HASH_FSCK checks hash integrity on every add/delete when HASH_DEBUG is defined. ++ * This is for uthash developer only; it compiles away if HASH_DEBUG isn't defined. ++ */ ++#ifdef HASH_DEBUG ++#include /* fprintf, stderr */ ++#define HASH_OOPS(...) do { fprintf(stderr, __VA_ARGS__); exit(-1); } while (0) ++#define HASH_FSCK(hh,head,where) \ ++do { \ ++ struct UT_hash_handle *_thh; \ ++ if (head) { \ ++ unsigned _bkt_i; \ ++ unsigned _count = 0; \ ++ char *_prev; \ ++ for (_bkt_i = 0; _bkt_i < (head)->hh.tbl->num_buckets; ++_bkt_i) { \ ++ unsigned _bkt_count = 0; \ ++ _thh = (head)->hh.tbl->buckets[_bkt_i].hh_head; \ ++ _prev = NULL; \ ++ while (_thh) { \ ++ if (_prev != (char*)(_thh->hh_prev)) { \ ++ HASH_OOPS("%s: invalid hh_prev %p, actual %p\n", \ ++ (where), (void*)_thh->hh_prev, (void*)_prev); \ ++ } \ ++ _bkt_count++; \ ++ _prev = (char*)(_thh); \ ++ _thh = _thh->hh_next; \ ++ } \ ++ _count += _bkt_count; \ ++ if ((head)->hh.tbl->buckets[_bkt_i].count != _bkt_count) { \ ++ HASH_OOPS("%s: invalid bucket count %u, actual %u\n", \ ++ (where), (head)->hh.tbl->buckets[_bkt_i].count, _bkt_count); \ ++ } \ ++ } \ ++ if (_count != (head)->hh.tbl->num_items) { \ ++ HASH_OOPS("%s: invalid hh item count %u, actual %u\n", \ ++ (where), (head)->hh.tbl->num_items, _count); \ ++ } \ ++ _count = 0; \ ++ _prev = NULL; \ ++ _thh = &(head)->hh; \ ++ while (_thh) { \ ++ _count++; \ ++ if (_prev != (char*)_thh->prev) { \ ++ HASH_OOPS("%s: invalid prev %p, actual %p\n", \ ++ (where), (void*)_thh->prev, (void*)_prev); \ ++ } \ ++ _prev = (char*)ELMT_FROM_HH((head)->hh.tbl, _thh); \ ++ _thh = (_thh->next ? HH_FROM_ELMT((head)->hh.tbl, _thh->next) : NULL); \ ++ } \ ++ if (_count != (head)->hh.tbl->num_items) { \ ++ HASH_OOPS("%s: invalid app item count %u, actual %u\n", \ ++ (where), (head)->hh.tbl->num_items, _count); \ ++ } \ ++ } \ ++} while (0) ++#else ++#define HASH_FSCK(hh,head,where) ++#endif ++ ++/* When compiled with -DHASH_EMIT_KEYS, length-prefixed keys are emitted to ++ * the descriptor to which this macro is defined for tuning the hash function. ++ * The app can #include to get the prototype for write(2). */ ++#ifdef HASH_EMIT_KEYS ++#define HASH_EMIT_KEY(hh,head,keyptr,fieldlen) \ ++do { \ ++ unsigned _klen = fieldlen; \ ++ write(HASH_EMIT_KEYS, &_klen, sizeof(_klen)); \ ++ write(HASH_EMIT_KEYS, keyptr, (unsigned long)fieldlen); \ ++} while (0) ++#else ++#define HASH_EMIT_KEY(hh,head,keyptr,fieldlen) ++#endif ++ ++/* The Bernstein hash function, used in Perl prior to v5.6. Note (x<<5+x)=x*33. */ ++#define HASH_BER(key,keylen,hashv) \ ++do { \ ++ unsigned _hb_keylen = (unsigned)keylen; \ ++ const unsigned char *_hb_key = (const unsigned char*)(key); \ ++ (hashv) = 0; \ ++ while (_hb_keylen-- != 0U) { \ ++ (hashv) = (((hashv) << 5) + (hashv)) + *_hb_key++; \ ++ } \ ++} while (0) ++ ++ ++/* SAX/FNV/OAT/JEN hash functions are macro variants of those listed at ++ * http://eternallyconfuzzled.com/tuts/algorithms/jsw_tut_hashing.aspx ++ * (archive link: https://archive.is/Ivcan ) ++ */ ++#define HASH_SAX(key,keylen,hashv) \ ++do { \ ++ unsigned _sx_i; \ ++ const unsigned char *_hs_key = (const unsigned char*)(key); \ ++ hashv = 0; \ ++ for (_sx_i=0; _sx_i < keylen; _sx_i++) { \ ++ hashv ^= (hashv << 5) + (hashv >> 2) + _hs_key[_sx_i]; \ ++ } \ ++} while (0) ++/* FNV-1a variation */ ++#define HASH_FNV(key,keylen,hashv) \ ++do { \ ++ unsigned _fn_i; \ ++ const unsigned char *_hf_key = (const unsigned char*)(key); \ ++ (hashv) = 2166136261U; \ ++ for (_fn_i=0; _fn_i < keylen; _fn_i++) { \ ++ hashv = hashv ^ _hf_key[_fn_i]; \ ++ hashv = hashv * 16777619U; \ ++ } \ ++} while (0) ++ ++#define HASH_OAT(key,keylen,hashv) \ ++do { \ ++ unsigned _ho_i; \ ++ const unsigned char *_ho_key=(const unsigned char*)(key); \ ++ hashv = 0; \ ++ for(_ho_i=0; _ho_i < keylen; _ho_i++) { \ ++ hashv += _ho_key[_ho_i]; \ ++ hashv += (hashv << 10); \ ++ hashv ^= (hashv >> 6); \ ++ } \ ++ hashv += (hashv << 3); \ ++ hashv ^= (hashv >> 11); \ ++ hashv += (hashv << 15); \ ++} while (0) ++ ++#define HASH_JEN_MIX(a,b,c) \ ++do { \ ++ a -= b; a -= c; a ^= ( c >> 13 ); \ ++ b -= c; b -= a; b ^= ( a << 8 ); \ ++ c -= a; c -= b; c ^= ( b >> 13 ); \ ++ a -= b; a -= c; a ^= ( c >> 12 ); \ ++ b -= c; b -= a; b ^= ( a << 16 ); \ ++ c -= a; c -= b; c ^= ( b >> 5 ); \ ++ a -= b; a -= c; a ^= ( c >> 3 ); \ ++ b -= c; b -= a; b ^= ( a << 10 ); \ ++ c -= a; c -= b; c ^= ( b >> 15 ); \ ++} while (0) ++ ++#define HASH_JEN(key,keylen,hashv) \ ++do { \ ++ unsigned _hj_i,_hj_j,_hj_k; \ ++ unsigned const char *_hj_key=(unsigned const char*)(key); \ ++ hashv = 0xfeedbeefu; \ ++ _hj_i = _hj_j = 0x9e3779b9u; \ ++ _hj_k = (unsigned)(keylen); \ ++ while (_hj_k >= 12U) { \ ++ _hj_i += (_hj_key[0] + ( (unsigned)_hj_key[1] << 8 ) \ ++ + ( (unsigned)_hj_key[2] << 16 ) \ ++ + ( (unsigned)_hj_key[3] << 24 ) ); \ ++ _hj_j += (_hj_key[4] + ( (unsigned)_hj_key[5] << 8 ) \ ++ + ( (unsigned)_hj_key[6] << 16 ) \ ++ + ( (unsigned)_hj_key[7] << 24 ) ); \ ++ hashv += (_hj_key[8] + ( (unsigned)_hj_key[9] << 8 ) \ ++ + ( (unsigned)_hj_key[10] << 16 ) \ ++ + ( (unsigned)_hj_key[11] << 24 ) ); \ ++ \ ++ HASH_JEN_MIX(_hj_i, _hj_j, hashv); \ ++ \ ++ _hj_key += 12; \ ++ _hj_k -= 12U; \ ++ } \ ++ hashv += (unsigned)(keylen); \ ++ switch ( _hj_k ) { \ ++ case 11: hashv += ( (unsigned)_hj_key[10] << 24 ); /* FALLTHROUGH */ \ ++ case 10: hashv += ( (unsigned)_hj_key[9] << 16 ); /* FALLTHROUGH */ \ ++ case 9: hashv += ( (unsigned)_hj_key[8] << 8 ); /* FALLTHROUGH */ \ ++ case 8: _hj_j += ( (unsigned)_hj_key[7] << 24 ); /* FALLTHROUGH */ \ ++ case 7: _hj_j += ( (unsigned)_hj_key[6] << 16 ); /* FALLTHROUGH */ \ ++ case 6: _hj_j += ( (unsigned)_hj_key[5] << 8 ); /* FALLTHROUGH */ \ ++ case 5: _hj_j += _hj_key[4]; /* FALLTHROUGH */ \ ++ case 4: _hj_i += ( (unsigned)_hj_key[3] << 24 ); /* FALLTHROUGH */ \ ++ case 3: _hj_i += ( (unsigned)_hj_key[2] << 16 ); /* FALLTHROUGH */ \ ++ case 2: _hj_i += ( (unsigned)_hj_key[1] << 8 ); /* FALLTHROUGH */ \ ++ case 1: _hj_i += _hj_key[0]; /* FALLTHROUGH */ \ ++ default: ; \ ++ } \ ++ HASH_JEN_MIX(_hj_i, _hj_j, hashv); \ ++} while (0) ++ ++/* The Paul Hsieh hash function */ ++#undef get16bits ++#if (defined(__GNUC__) && defined(__i386__)) || defined(__WATCOMC__) \ ++ || defined(_MSC_VER) || defined (__BORLANDC__) || defined (__TURBOC__) ++#define get16bits(d) (*((const uint16_t *) (d))) ++#endif ++ ++#if !defined (get16bits) ++#define get16bits(d) ((((uint32_t)(((const uint8_t *)(d))[1])) << 8) \ ++ +(uint32_t)(((const uint8_t *)(d))[0]) ) ++#endif ++#define HASH_SFH(key,keylen,hashv) \ ++do { \ ++ unsigned const char *_sfh_key=(unsigned const char*)(key); \ ++ uint32_t _sfh_tmp, _sfh_len = (uint32_t)keylen; \ ++ \ ++ unsigned _sfh_rem = _sfh_len & 3U; \ ++ _sfh_len >>= 2; \ ++ hashv = 0xcafebabeu; \ ++ \ ++ /* Main loop */ \ ++ for (;_sfh_len > 0U; _sfh_len--) { \ ++ hashv += get16bits (_sfh_key); \ ++ _sfh_tmp = ((uint32_t)(get16bits (_sfh_key+2)) << 11) ^ hashv; \ ++ hashv = (hashv << 16) ^ _sfh_tmp; \ ++ _sfh_key += 2U*sizeof (uint16_t); \ ++ hashv += hashv >> 11; \ ++ } \ ++ \ ++ /* Handle end cases */ \ ++ switch (_sfh_rem) { \ ++ case 3: hashv += get16bits (_sfh_key); \ ++ hashv ^= hashv << 16; \ ++ hashv ^= (uint32_t)(_sfh_key[sizeof (uint16_t)]) << 18; \ ++ hashv += hashv >> 11; \ ++ break; \ ++ case 2: hashv += get16bits (_sfh_key); \ ++ hashv ^= hashv << 11; \ ++ hashv += hashv >> 17; \ ++ break; \ ++ case 1: hashv += *_sfh_key; \ ++ hashv ^= hashv << 10; \ ++ hashv += hashv >> 1; \ ++ break; \ ++ default: ; \ ++ } \ ++ \ ++ /* Force "avalanching" of final 127 bits */ \ ++ hashv ^= hashv << 3; \ ++ hashv += hashv >> 5; \ ++ hashv ^= hashv << 4; \ ++ hashv += hashv >> 17; \ ++ hashv ^= hashv << 25; \ ++ hashv += hashv >> 6; \ ++} while (0) ++ ++/* iterate over items in a known bucket to find desired item */ ++#define HASH_FIND_IN_BKT(tbl,hh,head,keyptr,keylen_in,hashval,out) \ ++do { \ ++ if ((head).hh_head != NULL) { \ ++ DECLTYPE_ASSIGN(out, ELMT_FROM_HH(tbl, (head).hh_head)); \ ++ } else { \ ++ (out) = NULL; \ ++ } \ ++ while ((out) != NULL) { \ ++ if ((out)->hh.hashv == (hashval) && (out)->hh.keylen == (keylen_in)) { \ ++ if (HASH_KEYCMP((out)->hh.key, keyptr, keylen_in) == 0) { \ ++ break; \ ++ } \ ++ } \ ++ if ((out)->hh.hh_next != NULL) { \ ++ DECLTYPE_ASSIGN(out, ELMT_FROM_HH(tbl, (out)->hh.hh_next)); \ ++ } else { \ ++ (out) = NULL; \ ++ } \ ++ } \ ++} while (0) ++ ++/* add an item to a bucket */ ++#define HASH_ADD_TO_BKT(head,hh,addhh,oomed) \ ++do { \ ++ UT_hash_bucket *_ha_head = &(head); \ ++ _ha_head->count++; \ ++ (addhh)->hh_next = _ha_head->hh_head; \ ++ (addhh)->hh_prev = NULL; \ ++ if (_ha_head->hh_head != NULL) { \ ++ _ha_head->hh_head->hh_prev = (addhh); \ ++ } \ ++ _ha_head->hh_head = (addhh); \ ++ if ((_ha_head->count >= ((_ha_head->expand_mult + 1U) * HASH_BKT_CAPACITY_THRESH)) \ ++ && !(addhh)->tbl->noexpand) { \ ++ HASH_EXPAND_BUCKETS(addhh,(addhh)->tbl, oomed); \ ++ IF_HASH_NONFATAL_OOM( \ ++ if (oomed) { \ ++ HASH_DEL_IN_BKT(head,addhh); \ ++ } \ ++ ) \ ++ } \ ++} while (0) ++ ++/* remove an item from a given bucket */ ++#define HASH_DEL_IN_BKT(head,delhh) \ ++do { \ ++ UT_hash_bucket *_hd_head = &(head); \ ++ _hd_head->count--; \ ++ if (_hd_head->hh_head == (delhh)) { \ ++ _hd_head->hh_head = (delhh)->hh_next; \ ++ } \ ++ if ((delhh)->hh_prev) { \ ++ (delhh)->hh_prev->hh_next = (delhh)->hh_next; \ ++ } \ ++ if ((delhh)->hh_next) { \ ++ (delhh)->hh_next->hh_prev = (delhh)->hh_prev; \ ++ } \ ++} while (0) ++ ++/* Bucket expansion has the effect of doubling the number of buckets ++ * and redistributing the items into the new buckets. Ideally the ++ * items will distribute more or less evenly into the new buckets ++ * (the extent to which this is true is a measure of the quality of ++ * the hash function as it applies to the key domain). ++ * ++ * With the items distributed into more buckets, the chain length ++ * (item count) in each bucket is reduced. Thus by expanding buckets ++ * the hash keeps a bound on the chain length. This bounded chain ++ * length is the essence of how a hash provides constant time lookup. ++ * ++ * The calculation of tbl->ideal_chain_maxlen below deserves some ++ * explanation. First, keep in mind that we're calculating the ideal ++ * maximum chain length based on the *new* (doubled) bucket count. ++ * In fractions this is just n/b (n=number of items,b=new num buckets). ++ * Since the ideal chain length is an integer, we want to calculate ++ * ceil(n/b). We don't depend on floating point arithmetic in this ++ * hash, so to calculate ceil(n/b) with integers we could write ++ * ++ * ceil(n/b) = (n/b) + ((n%b)?1:0) ++ * ++ * and in fact a previous version of this hash did just that. ++ * But now we have improved things a bit by recognizing that b is ++ * always a power of two. We keep its base 2 log handy (call it lb), ++ * so now we can write this with a bit shift and logical AND: ++ * ++ * ceil(n/b) = (n>>lb) + ( (n & (b-1)) ? 1:0) ++ * ++ */ ++#define HASH_EXPAND_BUCKETS(hh,tbl,oomed) \ ++do { \ ++ unsigned _he_bkt; \ ++ unsigned _he_bkt_i; \ ++ struct UT_hash_handle *_he_thh, *_he_hh_nxt; \ ++ UT_hash_bucket *_he_new_buckets, *_he_newbkt; \ ++ _he_new_buckets = (UT_hash_bucket*)uthash_malloc( \ ++ sizeof(struct UT_hash_bucket) * (tbl)->num_buckets * 2U); \ ++ if (!_he_new_buckets) { \ ++ HASH_RECORD_OOM(oomed); \ ++ } else { \ ++ uthash_bzero(_he_new_buckets, \ ++ sizeof(struct UT_hash_bucket) * (tbl)->num_buckets * 2U); \ ++ (tbl)->ideal_chain_maxlen = \ ++ ((tbl)->num_items >> ((tbl)->log2_num_buckets+1U)) + \ ++ ((((tbl)->num_items & (((tbl)->num_buckets*2U)-1U)) != 0U) ? 1U : 0U); \ ++ (tbl)->nonideal_items = 0; \ ++ for (_he_bkt_i = 0; _he_bkt_i < (tbl)->num_buckets; _he_bkt_i++) { \ ++ _he_thh = (tbl)->buckets[ _he_bkt_i ].hh_head; \ ++ while (_he_thh != NULL) { \ ++ _he_hh_nxt = _he_thh->hh_next; \ ++ HASH_TO_BKT(_he_thh->hashv, (tbl)->num_buckets * 2U, _he_bkt); \ ++ _he_newbkt = &(_he_new_buckets[_he_bkt]); \ ++ if (++(_he_newbkt->count) > (tbl)->ideal_chain_maxlen) { \ ++ (tbl)->nonideal_items++; \ ++ if (_he_newbkt->count > _he_newbkt->expand_mult * (tbl)->ideal_chain_maxlen) { \ ++ _he_newbkt->expand_mult++; \ ++ } \ ++ } \ ++ _he_thh->hh_prev = NULL; \ ++ _he_thh->hh_next = _he_newbkt->hh_head; \ ++ if (_he_newbkt->hh_head != NULL) { \ ++ _he_newbkt->hh_head->hh_prev = _he_thh; \ ++ } \ ++ _he_newbkt->hh_head = _he_thh; \ ++ _he_thh = _he_hh_nxt; \ ++ } \ ++ } \ ++ uthash_free((tbl)->buckets, (tbl)->num_buckets * sizeof(struct UT_hash_bucket)); \ ++ (tbl)->num_buckets *= 2U; \ ++ (tbl)->log2_num_buckets++; \ ++ (tbl)->buckets = _he_new_buckets; \ ++ (tbl)->ineff_expands = ((tbl)->nonideal_items > ((tbl)->num_items >> 1)) ? \ ++ ((tbl)->ineff_expands+1U) : 0U; \ ++ if ((tbl)->ineff_expands > 1U) { \ ++ (tbl)->noexpand = 1; \ ++ uthash_noexpand_fyi(tbl); \ ++ } \ ++ uthash_expand_fyi(tbl); \ ++ } \ ++} while (0) ++ ++ ++/* This is an adaptation of Simon Tatham's O(n log(n)) mergesort */ ++/* Note that HASH_SORT assumes the hash handle name to be hh. ++ * HASH_SRT was added to allow the hash handle name to be passed in. */ ++#define HASH_SORT(head,cmpfcn) HASH_SRT(hh,head,cmpfcn) ++#define HASH_SRT(hh,head,cmpfcn) \ ++do { \ ++ unsigned _hs_i; \ ++ unsigned _hs_looping,_hs_nmerges,_hs_insize,_hs_psize,_hs_qsize; \ ++ struct UT_hash_handle *_hs_p, *_hs_q, *_hs_e, *_hs_list, *_hs_tail; \ ++ if (head != NULL) { \ ++ _hs_insize = 1; \ ++ _hs_looping = 1; \ ++ _hs_list = &((head)->hh); \ ++ while (_hs_looping != 0U) { \ ++ _hs_p = _hs_list; \ ++ _hs_list = NULL; \ ++ _hs_tail = NULL; \ ++ _hs_nmerges = 0; \ ++ while (_hs_p != NULL) { \ ++ _hs_nmerges++; \ ++ _hs_q = _hs_p; \ ++ _hs_psize = 0; \ ++ for (_hs_i = 0; _hs_i < _hs_insize; ++_hs_i) { \ ++ _hs_psize++; \ ++ _hs_q = ((_hs_q->next != NULL) ? \ ++ HH_FROM_ELMT((head)->hh.tbl, _hs_q->next) : NULL); \ ++ if (_hs_q == NULL) { \ ++ break; \ ++ } \ ++ } \ ++ _hs_qsize = _hs_insize; \ ++ while ((_hs_psize != 0U) || ((_hs_qsize != 0U) && (_hs_q != NULL))) { \ ++ if (_hs_psize == 0U) { \ ++ _hs_e = _hs_q; \ ++ _hs_q = ((_hs_q->next != NULL) ? \ ++ HH_FROM_ELMT((head)->hh.tbl, _hs_q->next) : NULL); \ ++ _hs_qsize--; \ ++ } else if ((_hs_qsize == 0U) || (_hs_q == NULL)) { \ ++ _hs_e = _hs_p; \ ++ if (_hs_p != NULL) { \ ++ _hs_p = ((_hs_p->next != NULL) ? \ ++ HH_FROM_ELMT((head)->hh.tbl, _hs_p->next) : NULL); \ ++ } \ ++ _hs_psize--; \ ++ } else if ((cmpfcn( \ ++ DECLTYPE(head)(ELMT_FROM_HH((head)->hh.tbl, _hs_p)), \ ++ DECLTYPE(head)(ELMT_FROM_HH((head)->hh.tbl, _hs_q)) \ ++ )) <= 0) { \ ++ _hs_e = _hs_p; \ ++ if (_hs_p != NULL) { \ ++ _hs_p = ((_hs_p->next != NULL) ? \ ++ HH_FROM_ELMT((head)->hh.tbl, _hs_p->next) : NULL); \ ++ } \ ++ _hs_psize--; \ ++ } else { \ ++ _hs_e = _hs_q; \ ++ _hs_q = ((_hs_q->next != NULL) ? \ ++ HH_FROM_ELMT((head)->hh.tbl, _hs_q->next) : NULL); \ ++ _hs_qsize--; \ ++ } \ ++ if ( _hs_tail != NULL ) { \ ++ _hs_tail->next = ((_hs_e != NULL) ? \ ++ ELMT_FROM_HH((head)->hh.tbl, _hs_e) : NULL); \ ++ } else { \ ++ _hs_list = _hs_e; \ ++ } \ ++ if (_hs_e != NULL) { \ ++ _hs_e->prev = ((_hs_tail != NULL) ? \ ++ ELMT_FROM_HH((head)->hh.tbl, _hs_tail) : NULL); \ ++ } \ ++ _hs_tail = _hs_e; \ ++ } \ ++ _hs_p = _hs_q; \ ++ } \ ++ if (_hs_tail != NULL) { \ ++ _hs_tail->next = NULL; \ ++ } \ ++ if (_hs_nmerges <= 1U) { \ ++ _hs_looping = 0; \ ++ (head)->hh.tbl->tail = _hs_tail; \ ++ DECLTYPE_ASSIGN(head, ELMT_FROM_HH((head)->hh.tbl, _hs_list)); \ ++ } \ ++ _hs_insize *= 2U; \ ++ } \ ++ HASH_FSCK(hh, head, "HASH_SRT"); \ ++ } \ ++} while (0) ++ ++/* This function selects items from one hash into another hash. ++ * The end result is that the selected items have dual presence ++ * in both hashes. There is no copy of the items made; rather ++ * they are added into the new hash through a secondary hash ++ * hash handle that must be present in the structure. */ ++#define HASH_SELECT(hh_dst, dst, hh_src, src, cond) \ ++do { \ ++ unsigned _src_bkt, _dst_bkt; \ ++ void *_last_elt = NULL, *_elt; \ ++ UT_hash_handle *_src_hh, *_dst_hh, *_last_elt_hh=NULL; \ ++ ptrdiff_t _dst_hho = ((char*)(&(dst)->hh_dst) - (char*)(dst)); \ ++ if ((src) != NULL) { \ ++ for (_src_bkt=0; _src_bkt < (src)->hh_src.tbl->num_buckets; _src_bkt++) { \ ++ for (_src_hh = (src)->hh_src.tbl->buckets[_src_bkt].hh_head; \ ++ _src_hh != NULL; \ ++ _src_hh = _src_hh->hh_next) { \ ++ _elt = ELMT_FROM_HH((src)->hh_src.tbl, _src_hh); \ ++ if (cond(_elt)) { \ ++ IF_HASH_NONFATAL_OOM( int _hs_oomed = 0; ) \ ++ _dst_hh = (UT_hash_handle*)(void*)(((char*)_elt) + _dst_hho); \ ++ _dst_hh->key = _src_hh->key; \ ++ _dst_hh->keylen = _src_hh->keylen; \ ++ _dst_hh->hashv = _src_hh->hashv; \ ++ _dst_hh->prev = _last_elt; \ ++ _dst_hh->next = NULL; \ ++ if (_last_elt_hh != NULL) { \ ++ _last_elt_hh->next = _elt; \ ++ } \ ++ if ((dst) == NULL) { \ ++ DECLTYPE_ASSIGN(dst, _elt); \ ++ HASH_MAKE_TABLE(hh_dst, dst, _hs_oomed); \ ++ IF_HASH_NONFATAL_OOM( \ ++ if (_hs_oomed) { \ ++ uthash_nonfatal_oom(_elt); \ ++ (dst) = NULL; \ ++ continue; \ ++ } \ ++ ) \ ++ } else { \ ++ _dst_hh->tbl = (dst)->hh_dst.tbl; \ ++ } \ ++ HASH_TO_BKT(_dst_hh->hashv, _dst_hh->tbl->num_buckets, _dst_bkt); \ ++ HASH_ADD_TO_BKT(_dst_hh->tbl->buckets[_dst_bkt], hh_dst, _dst_hh, _hs_oomed); \ ++ (dst)->hh_dst.tbl->num_items++; \ ++ IF_HASH_NONFATAL_OOM( \ ++ if (_hs_oomed) { \ ++ HASH_ROLLBACK_BKT(hh_dst, dst, _dst_hh); \ ++ HASH_DELETE_HH(hh_dst, dst, _dst_hh); \ ++ _dst_hh->tbl = NULL; \ ++ uthash_nonfatal_oom(_elt); \ ++ continue; \ ++ } \ ++ ) \ ++ HASH_BLOOM_ADD(_dst_hh->tbl, _dst_hh->hashv); \ ++ _last_elt = _elt; \ ++ _last_elt_hh = _dst_hh; \ ++ } \ ++ } \ ++ } \ ++ } \ ++ HASH_FSCK(hh_dst, dst, "HASH_SELECT"); \ ++} while (0) ++ ++#define HASH_CLEAR(hh,head) \ ++do { \ ++ if ((head) != NULL) { \ ++ HASH_BLOOM_FREE((head)->hh.tbl); \ ++ uthash_free((head)->hh.tbl->buckets, \ ++ (head)->hh.tbl->num_buckets*sizeof(struct UT_hash_bucket)); \ ++ uthash_free((head)->hh.tbl, sizeof(UT_hash_table)); \ ++ (head) = NULL; \ ++ } \ ++} while (0) ++ ++#define HASH_OVERHEAD(hh,head) \ ++ (((head) != NULL) ? ( \ ++ (size_t)(((head)->hh.tbl->num_items * sizeof(UT_hash_handle)) + \ ++ ((head)->hh.tbl->num_buckets * sizeof(UT_hash_bucket)) + \ ++ sizeof(UT_hash_table) + \ ++ (HASH_BLOOM_BYTELEN))) : 0U) ++ ++#ifdef NO_DECLTYPE ++#define HASH_ITER(hh,head,el,tmp) \ ++for(((el)=(head)), ((*(char**)(&(tmp)))=(char*)((head!=NULL)?(head)->hh.next:NULL)); \ ++ (el) != NULL; ((el)=(tmp)), ((*(char**)(&(tmp)))=(char*)((tmp!=NULL)?(tmp)->hh.next:NULL))) ++#else ++#define HASH_ITER(hh,head,el,tmp) \ ++for(((el)=(head)), ((tmp)=DECLTYPE(el)((head!=NULL)?(head)->hh.next:NULL)); \ ++ (el) != NULL; ((el)=(tmp)), ((tmp)=DECLTYPE(el)((tmp!=NULL)?(tmp)->hh.next:NULL))) ++#endif ++ ++/* obtain a count of items in the hash */ ++#define HASH_COUNT(head) HASH_CNT(hh,head) ++#define HASH_CNT(hh,head) ((head != NULL)?((head)->hh.tbl->num_items):0U) ++ ++typedef struct UT_hash_bucket { ++ struct UT_hash_handle *hh_head; ++ unsigned count; ++ ++ /* expand_mult is normally set to 0. In this situation, the max chain length ++ * threshold is enforced at its default value, HASH_BKT_CAPACITY_THRESH. (If ++ * the bucket's chain exceeds this length, bucket expansion is triggered). ++ * However, setting expand_mult to a non-zero value delays bucket expansion ++ * (that would be triggered by additions to this particular bucket) ++ * until its chain length reaches a *multiple* of HASH_BKT_CAPACITY_THRESH. ++ * (The multiplier is simply expand_mult+1). The whole idea of this ++ * multiplier is to reduce bucket expansions, since they are expensive, in ++ * situations where we know that a particular bucket tends to be overused. ++ * It is better to let its chain length grow to a longer yet-still-bounded ++ * value, than to do an O(n) bucket expansion too often. ++ */ ++ unsigned expand_mult; ++ ++} UT_hash_bucket; ++ ++/* random signature used only to find hash tables in external analysis */ ++#define HASH_SIGNATURE 0xa0111fe1u ++#define HASH_BLOOM_SIGNATURE 0xb12220f2u ++ ++typedef struct UT_hash_table { ++ UT_hash_bucket *buckets; ++ unsigned num_buckets, log2_num_buckets; ++ unsigned num_items; ++ struct UT_hash_handle *tail; /* tail hh in app order, for fast append */ ++ ptrdiff_t hho; /* hash handle offset (byte pos of hash handle in element */ ++ ++ /* in an ideal situation (all buckets used equally), no bucket would have ++ * more than ceil(#items/#buckets) items. that's the ideal chain length. */ ++ unsigned ideal_chain_maxlen; ++ ++ /* nonideal_items is the number of items in the hash whose chain position ++ * exceeds the ideal chain maxlen. these items pay the penalty for an uneven ++ * hash distribution; reaching them in a chain traversal takes >ideal steps */ ++ unsigned nonideal_items; ++ ++ /* ineffective expands occur when a bucket doubling was performed, but ++ * afterward, more than half the items in the hash had nonideal chain ++ * positions. If this happens on two consecutive expansions we inhibit any ++ * further expansion, as it's not helping; this happens when the hash ++ * function isn't a good fit for the key domain. When expansion is inhibited ++ * the hash will still work, albeit no longer in constant time. */ ++ unsigned ineff_expands, noexpand; ++ ++ uint32_t signature; /* used only to find hash tables in external analysis */ ++#ifdef HASH_BLOOM ++ uint32_t bloom_sig; /* used only to test bloom exists in external analysis */ ++ uint8_t *bloom_bv; ++ uint8_t bloom_nbits; ++#endif ++ ++} UT_hash_table; ++ ++typedef struct UT_hash_handle { ++ struct UT_hash_table *tbl; ++ void *prev; /* prev element in app order */ ++ void *next; /* next element in app order */ ++ struct UT_hash_handle *hh_prev; /* previous hh in bucket order */ ++ struct UT_hash_handle *hh_next; /* next hh in bucket order */ ++ const void *key; /* ptr to enclosing struct's key */ ++ unsigned keylen; /* enclosing struct's key len */ ++ unsigned hashv; /* result of hash-fcn(key) */ ++} UT_hash_handle; ++ ++#endif /* UTHASH_H */ +diff -Nur openssh-9.6p1.orig/version.h openssh-9.6p1/version.h +--- openssh-9.6p1.orig/version.h 2024-07-10 13:32:39.605111829 +0200 ++++ openssh-9.6p1/version.h 2024-07-10 14:25:00.449370077 +0200 +@@ -16,5 +16,6 @@ + + #define SSH_PORTABLE "p1" + #define GSI_PORTABLE "c-GSI" ++#define SSH_HPN "-hpn18.3.1" + #define SSH_RELEASE SSH_VERSION SSH_PORTABLE GSI_PORTABLE \ +- GSI_VERSION KRB5_VERSION ++ GSI_VERSION KRB5_VERSION SSH_HPN diff --git a/sources b/sources index c322d35..b461406 100644 --- a/sources +++ b/sources @@ -1,3 +1,3 @@ -SHA512 (openssh-9.3p1.tar.gz) = 087ff6fe5f6caab4c6c3001d906399e02beffad7277280f11187420c2939fd4befdcb14643862a657ce4cad2f115b82a0a1a2c99df6ee54dcd76b53647637c19 -SHA512 (openssh-9.3p1.tar.gz.asc) = 6222378eb24a445c6c1db255392b405f5369b1af0e92f558d4ba05b0d83ab0d084cb8f4b91d7ae8636f333d970638a6635e2bc7af885135dd34992d87f2ef1f4 +SHA512 (openssh-9.6p1.tar.gz) = 0ebf81e39914c3a90d7777a001ec7376a94b37e6024baf3e972c58f0982b7ddef942315f5e01d56c00ff95603b4a20ee561ab918ecc55511df007ac138160509 +SHA512 (openssh-9.6p1.tar.gz.asc) = aec5a5bd6ce480a8e5b5879dc55f8186aec90fe61f085aa92ad7d07f324574aa781be09c83b7443a32848d091fd44fb12c1842d49cee77afc351e550ffcc096d SHA512 (gpgkey-736060BA.gpg) = df44f3fdbcd1d596705348c7f5aed3f738c5f626a55955e0642f7c6c082995cf36a1b1891bb41b8715cb2aff34fef1c877e0eff0d3507dd00a055ba695757a21 From 8ba66847e4bd142c0cc4829507e8585726dc771b Mon Sep 17 00:00:00 2001 From: Mattias Ellert Date: Wed, 10 Jul 2024 15:35:42 +0200 Subject: [PATCH 25/44] Based on openssh-9.6p1-1.fc41.13 --- CVE-2024-6387.patch | 18 + gsi-openssh.spec | 21 +- gsisshd-keygen | 12 +- gsisshd.sysconfig | 3 + openssh-7.4p1-systemd.patch | 98 -- openssh-7.6p1-audit.patch | 4 +- openssh-7.7p1-fips.patch | 2 +- openssh-8.0p1-openssl-kdf.patch | 96 +- openssh-8.7p1-audit-hostname.patch | 106 ++ openssh-8.7p1-nohostsha1proof.patch | 6 +- openssh-9.6p1-cve-2024-6387.patch | 35 - openssh-9.6p1-gsissh.patch | 211 +-- openssh-9.6p1-gsskex-new-api.patch | 1965 +++++++++++++++++++++++++++ openssh-9.6p1-pam-rhost.patch | 32 + openssh-9.8p1-systemd.patch | 201 +++ 15 files changed, 2521 insertions(+), 289 deletions(-) create mode 100644 CVE-2024-6387.patch delete mode 100644 openssh-7.4p1-systemd.patch create mode 100644 openssh-8.7p1-audit-hostname.patch delete mode 100644 openssh-9.6p1-cve-2024-6387.patch create mode 100644 openssh-9.6p1-gsskex-new-api.patch create mode 100644 openssh-9.6p1-pam-rhost.patch create mode 100644 openssh-9.8p1-systemd.patch diff --git a/CVE-2024-6387.patch b/CVE-2024-6387.patch new file mode 100644 index 0000000..0b976c0 --- /dev/null +++ b/CVE-2024-6387.patch @@ -0,0 +1,18 @@ +diff --git a/log.c b/log.c +index 9fc1a2e2e..191ff4a5a 100644 +--- a/log.c ++++ b/log.c +@@ -451,12 +451,14 @@ void + sshsigdie(const char *file, const char *func, int line, int showfunc, + LogLevel level, const char *suffix, const char *fmt, ...) + { ++#ifdef SYSLOG_R_SAFE_IN_SIGHAND + va_list args; + + va_start(args, fmt); + sshlogv(file, func, line, showfunc, SYSLOG_LEVEL_FATAL, + suffix, fmt, args); + va_end(args); ++#endif + _exit(1); + } diff --git a/gsi-openssh.spec b/gsi-openssh.spec index 49140db..70a279f 100644 --- a/gsi-openssh.spec +++ b/gsi-openssh.spec @@ -24,7 +24,7 @@ %global libedit 1 %global openssh_ver 9.6p1 -%global openssh_rel 1 +%global openssh_rel 2 Summary: An implementation of the SSH protocol with GSI authentication Name: gsi-openssh @@ -60,6 +60,8 @@ Patch200: openssh-7.6p1-audit.patch Patch201: openssh-7.1p2-audit-race-condition.patch # https://bugzilla.redhat.com/show_bug.cgi?id=2049947 Patch202: openssh-9.0p1-audit-log.patch +# Correctly audit hostname and IP address +Patch203: openssh-8.7p1-audit-hostname.patch #https://bugzilla.mindrot.org/show_bug.cgi?id=1641 (WONTFIX) Patch400: openssh-7.8p1-role-mls.patch @@ -105,6 +107,8 @@ Patch802: openssh-6.6p1-GSSAPIEnablek5users.patch Patch804: openssh-7.7p1-gssapi-new-unique.patch # Respect k5login_directory option in krk5.conf (#1328243) Patch805: openssh-7.2p2-k5login_directory.patch +# Rewriting OpenSSH GSS KEX to use new packet API +Patch806: openssh-9.6p1-gsskex-new-api.patch #https://bugzilla.mindrot.org/show_bug.cgi?id=1780 Patch901: openssh-6.6p1-kuserok.patch @@ -125,7 +129,7 @@ Patch939: openssh-7.2p2-s390-closefrom.patch # Move MAX_DISPLAYS to a configuration option (#1341302) Patch944: openssh-7.3p1-x11-max-displays.patch # Help systemd to track the running service -Patch948: openssh-7.4p1-systemd.patch +Patch948: openssh-9.8p1-systemd.patch # Pass inetd flags for SELinux down to openbsd compat level Patch949: openssh-7.6p1-cleanup-selinux.patch # Sandbox adjustments for s390 and audit @@ -178,9 +182,9 @@ Patch1012: openssh-9.0p1-evp-fips-dh.patch Patch1013: openssh-9.0p1-evp-fips-ecdh.patch Patch1014: openssh-8.7p1-nohostsha1proof.patch -# https://bugzilla.redhat.com/show_bug.cgi?id=2294879 -# Merged in OpenSSH 9.8 -Patch1016: openssh-9.6p1-cve-2024-6387.patch +Patch1015: openssh-9.6p1-pam-rhost.patch + +Patch1016: CVE-2024-6387.patch # This is the patch that adds GSI support # Based on hpn_isshd-gsi.7.5p1b.patch from Globus upstream @@ -301,6 +305,7 @@ gpgv2 --quiet --keyring %{SOURCE3} %{SOURCE1} %{SOURCE0} %patch -P 801 -p1 -b .force_krb %patch -P 804 -p1 -b .ccache_name %patch -P 805 -p1 -b .k5login +%patch -P 806 -p1 -b .gsskex-new-api %patch -P 901 -p1 -b .kuserok %patch -P 906 -p1 -b .fromto-remote @@ -332,6 +337,7 @@ gpgv2 --quiet --keyring %{SOURCE3} %{SOURCE1} %{SOURCE0} %patch -P 200 -p1 -b .audit %patch -P 201 -p1 -b .audit-race %patch -P 202 -p1 -b .audit-log +%patch -P 203 -p1 -b .audit-hostname %patch -P 700 -p1 -b .fips %patch -P 1002 -p1 -b .ssh-manpage @@ -339,6 +345,7 @@ gpgv2 --quiet --keyring %{SOURCE3} %{SOURCE1} %{SOURCE0} %patch -P 1012 -p1 -b .evp-fips-dh %patch -P 1013 -p1 -b .evp-fips-ecdh %patch -P 1014 -p1 -b .nosha1hostproof +%patch -P 1015 -p1 -b .pam-rhost %patch -P 1016 -p1 -b .cve-2024-6387 %patch -P 100 -p1 -b .coverity @@ -403,6 +410,7 @@ fi --with-default-pkcs11-provider=yes \ --with-security-key-builtin=yes \ --with-pam \ + --without-ssl-engine \ %if %{WITH_SELINUX} --with-selinux --with-audit=linux \ --with-sandbox=seccomp_filter \ @@ -552,6 +560,9 @@ fi %ghost %attr(0644,root,root) %{_localstatedir}/lib/.gsissh-host-keys-migration %changelog +* Sat Jul 06 2024 Mattias Ellert - 9.6p1-2 +- Based on openssh-9.6p1-1.fc41.13 + * Sat Jul 06 2024 Mattias Ellert - 9.6p1-1 - Based on openssh-9.6p1-1.fc40.4 diff --git a/gsisshd-keygen b/gsisshd-keygen index 772550e..c49da87 100644 --- a/gsisshd-keygen +++ b/gsisshd-keygen @@ -9,8 +9,14 @@ case $KEYTYPE in if [[ -r "$FIPS" && $(cat $FIPS) == "1" ]]; then exit 0 fi ;; - "rsa") ;; # always ok - "ecdsa") ;; + "rsa") + if [[ ! -z $SSH_RSA_BITS ]]; then + SSH_KEYGEN_OPTIONS="-b $SSH_RSA_BITS" + fi ;; # always ok + "ecdsa") + if [[ ! -z $SSH_ECDSA_BITS ]]; then + SSH_KEYGEN_OPTIONS="-b $SSH_ECDSA_BITS" + fi ;; *) # wrong argument exit 12 ;; esac @@ -25,7 +31,7 @@ fi rm -f $KEY{,.pub} # create new keys -if ! $KEYGEN -q -t $KEYTYPE -f $KEY -C '' -N '' >&/dev/null; then +if ! $KEYGEN -q -t $KEYTYPE $SSH_KEYGEN_OPTIONS -f $KEY -C '' -N '' >&/dev/null; then exit 1 fi diff --git a/gsisshd.sysconfig b/gsisshd.sysconfig index 904d8c1..7e106f4 100644 --- a/gsisshd.sysconfig +++ b/gsisshd.sysconfig @@ -5,3 +5,6 @@ # example using systemctl enable gsisshd-keygen@dsa.service to allow creation # of DSA key or systemctl mask gsisshd-keygen@rsa.service to disable RSA key # creation. + +#SSH_RSA_BITS=3072 +#SSH_ECDSA_BITS=256 diff --git a/openssh-7.4p1-systemd.patch b/openssh-7.4p1-systemd.patch deleted file mode 100644 index 1242aac..0000000 --- a/openssh-7.4p1-systemd.patch +++ /dev/null @@ -1,98 +0,0 @@ -commit 0e22b79bfde45a7cf7a2e51a68ec11c4285f3b31 -Author: Jakub Jelen -Date: Mon Nov 21 15:04:06 2016 +0100 - - systemd stuff - -diff --git a/configure.ac b/configure.ac -index 2ffc369..162ce92 100644 ---- a/configure.ac -+++ b/configure.ac -@@ -4265,6 +4265,30 @@ AC_ARG_WITH([kerberos5], - AC_SUBST([K5LIBS]) - AC_SUBST([CHANNELLIBS]) - -+# Check whether user wants systemd support -+SYSTEMD_MSG="no" -+AC_ARG_WITH(systemd, -+ [ --with-systemd Enable systemd support], -+ [ if test "x$withval" != "xno" ; then -+ AC_PATH_TOOL([PKGCONFIG], [pkg-config], [no]) -+ if test "$PKGCONFIG" != "no"; then -+ AC_MSG_CHECKING([for libsystemd]) -+ if $PKGCONFIG --exists libsystemd; then -+ SYSTEMD_CFLAGS=`$PKGCONFIG --cflags libsystemd` -+ SYSTEMD_LIBS=`$PKGCONFIG --libs libsystemd` -+ CPPFLAGS="$CPPFLAGS $SYSTEMD_CFLAGS" -+ SSHDLIBS="$SSHDLIBS $SYSTEMD_LIBS" -+ AC_MSG_RESULT([yes]) -+ AC_DEFINE(HAVE_SYSTEMD, 1, [Define if you want systemd support.]) -+ SYSTEMD_MSG="yes" -+ else -+ AC_MSG_RESULT([no]) -+ fi -+ fi -+ fi ] -+) -+ -+ - # Looking for programs, paths and files - - PRIVSEP_PATH=/var/empty -@@ -5097,6 +5121,7 @@ echo " libedit support: $LIBEDIT_MSG" - echo " Solaris process contract support: $SPC_MSG" - echo " Solaris project support: $SP_MSG" - echo " Solaris privilege support: $SPP_MSG" -+echo " systemd support: $SYSTEMD_MSG" - echo " IP address in \$DISPLAY hack: $DISPLAY_HACK_MSG" - echo " Translate v4 in v6 hack: $IPV4_IN6_HACK_MSG" - echo " BSD Auth support: $BSD_AUTH_MSG" -diff --git a/contrib/sshd.service b/contrib/sshd.service -new file mode 100644 -index 0000000..e0d4923 ---- /dev/null -+++ b/contrib/sshd.service -@@ -0,0 +1,16 @@ -+[Unit] -+Description=OpenSSH server daemon -+Documentation=man:sshd(8) man:sshd_config(5) -+After=network.target -+ -+[Service] -+Type=notify -+ExecStart=/usr/sbin/sshd -D $OPTIONS -+ExecReload=/bin/kill -HUP $MAINPID -+KillMode=process -+Restart=on-failure -+RestartPreventExitStatus=255 -+ -+[Install] -+WantedBy=multi-user.target -+ -diff --git a/sshd.c b/sshd.c -index 816611c..b8b9d13 100644 ---- a/sshd.c -+++ b/sshd.c -@@ -85,6 +85,10 @@ - #include - #endif - -+#ifdef HAVE_SYSTEMD -+#include -+#endif -+ - #include "xmalloc.h" - #include "ssh.h" - #include "ssh2.h" -@@ -1888,6 +1892,11 @@ main(int ac, char **av) - } - } - -+#ifdef HAVE_SYSTEMD -+ /* Signal systemd that we are ready to accept connections */ -+ sd_notify(0, "READY=1"); -+#endif -+ - /* Accept a connection and return in a forked child */ - server_accept_loop(&sock_in, &sock_out, - &newsock, config_s); diff --git a/openssh-7.6p1-audit.patch b/openssh-7.6p1-audit.patch index 748c4b6..cec5b23 100644 --- a/openssh-7.6p1-audit.patch +++ b/openssh-7.6p1-audit.patch @@ -2206,8 +2206,8 @@ diff -up openssh-8.6p1/sshd.c.audit openssh-8.6p1/sshd.c close_listen_socks(); if (options.pid_file != NULL) unlink(options.pid_file); -@@ -2098,7 +2154,7 @@ main(int ac, char **av) - #endif +@@ -2189,7 +2189,7 @@ + } /* Accept a connection and return in a forked child */ - server_accept_loop(&sock_in, &sock_out, diff --git a/openssh-7.7p1-fips.patch b/openssh-7.7p1-fips.patch index 5351571..b1007b2 100644 --- a/openssh-7.7p1-fips.patch +++ b/openssh-7.7p1-fips.patch @@ -81,7 +81,7 @@ diff -up openssh-8.6p1/kex.c.fips openssh-8.6p1/kex.c #include +#include #include - # ifdef HAVE_EVP_KDF_CTX_NEW_ID + # ifdef HAVE_EVP_KDF_CTX_NEW # include @@ -203,7 +203,10 @@ kex_names_valid(const char *names) for ((p = strsep(&cp, ",")); p && *p != '\0'; diff --git a/openssh-8.0p1-openssl-kdf.patch b/openssh-8.0p1-openssl-kdf.patch index 5d76a4f..c22b210 100644 --- a/openssh-8.0p1-openssl-kdf.patch +++ b/openssh-8.0p1-openssl-kdf.patch @@ -12,7 +12,7 @@ index 2a455e4e..e01c3d43 100644 HMAC_CTX_init \ RSA_generate_key_ex \ RSA_get_default_method \ -+ EVP_KDF_CTX_new_id \ ++ EVP_KDF_CTX_new \ ]) # OpenSSL_add_all_algorithms may be a macro. @@ -20,33 +20,35 @@ diff --git a/kex.c b/kex.c index b6f041f4..1fbce2bb 100644 --- a/kex.c +++ b/kex.c -@@ -38,6 +38,9 @@ +@@ -38,6 +38,11 @@ #ifdef WITH_OPENSSL #include #include -+# ifdef HAVE_EVP_KDF_CTX_NEW_ID ++# ifdef HAVE_EVP_KDF_CTX_NEW +# include ++# include ++# include +# endif #endif #include "ssh.h" -@@ -942,6 +945,95 @@ kex_choose_conf(struct ssh *ssh) +@@ -942,6 +945,107 @@ kex_choose_conf(struct ssh *ssh) return r; } -+#ifdef HAVE_EVP_KDF_CTX_NEW_ID -+static const EVP_MD * ++#ifdef HAVE_EVP_KDF_CTX_NEW ++static const char * +digest_to_md(int digest_type) +{ + switch (digest_type) { + case SSH_DIGEST_SHA1: -+ return EVP_sha1(); ++ return SN_sha1; + case SSH_DIGEST_SHA256: -+ return EVP_sha256(); ++ return SN_sha256; + case SSH_DIGEST_SHA384: -+ return EVP_sha384(); ++ return SN_sha384; + case SSH_DIGEST_SHA512: -+ return EVP_sha512(); ++ return SN_sha512; + } + return NULL; +} @@ -56,52 +58,62 @@ index b6f041f4..1fbce2bb 100644 + const struct sshbuf *shared_secret, u_char **keyp) +{ + struct kex *kex = ssh->kex; -+ EVP_KDF_CTX *ctx = NULL; + u_char *key = NULL; + int r, key_len; + -+ if ((key_len = ssh_digest_bytes(kex->hash_alg)) == 0) -+ return SSH_ERR_INVALID_ARGUMENT; ++ EVP_KDF *kdf = EVP_KDF_fetch(NULL, "SSHKDF", NULL); ++ EVP_KDF_CTX *ctx = EVP_KDF_CTX_new(kdf); ++ OSSL_PARAM_BLD *param_bld = OSSL_PARAM_BLD_new(); ++ OSSL_PARAM *params = NULL; ++ const char *md = digest_to_md(kex->hash_alg); ++ char keytype = (char)id; ++ ++ EVP_KDF_free(kdf); ++ if (!ctx) { ++ r = SSH_ERR_LIBCRYPTO_ERROR; ++ goto out; ++ } ++ if (md == NULL) { ++ r = SSH_ERR_INVALID_ARGUMENT; ++ goto out; ++ } ++ ++ if (param_bld == NULL) { ++ EVP_KDF_CTX_free(ctx); ++ return -1; ++ } ++ if ((key_len = ssh_digest_bytes(kex->hash_alg)) == 0) { ++ r = SSH_ERR_INVALID_ARGUMENT; ++ goto out; ++ } ++ + key_len = ROUNDUP(need, key_len); + if ((key = calloc(1, key_len)) == NULL) { + r = SSH_ERR_ALLOC_FAIL; + goto out; + } + -+ ctx = EVP_KDF_CTX_new_id(EVP_KDF_SSHKDF); -+ if (!ctx) { ++ r = OSSL_PARAM_BLD_push_utf8_string(param_bld, OSSL_KDF_PARAM_DIGEST, ++ md, strlen(md)) && /* SN */ ++ OSSL_PARAM_BLD_push_octet_string(param_bld, OSSL_KDF_PARAM_KEY, ++ sshbuf_ptr(shared_secret), sshbuf_len(shared_secret)) && ++ OSSL_PARAM_BLD_push_octet_string(param_bld, OSSL_KDF_PARAM_SSHKDF_XCGHASH, ++ hash, hashlen) && ++ OSSL_PARAM_BLD_push_octet_string(param_bld, OSSL_KDF_PARAM_SSHKDF_SESSION_ID, ++ sshbuf_ptr(kex->session_id), sshbuf_len(kex->session_id)) && ++ OSSL_PARAM_BLD_push_utf8_string(param_bld, OSSL_KDF_PARAM_SSHKDF_TYPE, ++ &keytype, 1); ++ if (r != 1) { + r = SSH_ERR_LIBCRYPTO_ERROR; + goto out; + } + -+ r = EVP_KDF_ctrl(ctx, EVP_KDF_CTRL_SET_MD, digest_to_md(kex->hash_alg)); -+ if (r != 1) { ++ params = OSSL_PARAM_BLD_to_param(param_bld); ++ if (params == NULL) { + r = SSH_ERR_LIBCRYPTO_ERROR; + goto out; + } -+ r = EVP_KDF_ctrl(ctx, EVP_KDF_CTRL_SET_KEY, -+ sshbuf_ptr(shared_secret), sshbuf_len(shared_secret)); -+ if (r != 1) { -+ r = SSH_ERR_LIBCRYPTO_ERROR; -+ goto out; -+ } -+ r = EVP_KDF_ctrl(ctx, EVP_KDF_CTRL_SET_SSHKDF_XCGHASH, hash, hashlen); -+ if (r != 1) { -+ r = SSH_ERR_LIBCRYPTO_ERROR; -+ goto out; -+ } -+ r = EVP_KDF_ctrl(ctx, EVP_KDF_CTRL_SET_SSHKDF_TYPE, id); -+ if (r != 1) { -+ r = SSH_ERR_LIBCRYPTO_ERROR; -+ goto out; -+ } -+ r = EVP_KDF_ctrl(ctx, EVP_KDF_CTRL_SET_SSHKDF_SESSION_ID, -+ sshbuf_ptr(kex->session_id), sshbuf_len(kex->session_id)); -+ if (r != 1) { -+ r = SSH_ERR_LIBCRYPTO_ERROR; -+ goto out; -+ } -+ r = EVP_KDF_derive(ctx, key, key_len); ++ r = EVP_KDF_derive(ctx, key, key_len, params); + if (r != 1) { + r = SSH_ERR_LIBCRYPTO_ERROR; + goto out; @@ -115,6 +127,8 @@ index b6f041f4..1fbce2bb 100644 + r = 0; + +out: ++ OSSL_PARAM_BLD_free(param_bld); ++ OSSL_PARAM_free(params); + free (key); + EVP_KDF_CTX_free(ctx); + if (r < 0) { @@ -130,7 +144,7 @@ index b6f041f4..1fbce2bb 100644 ssh_digest_free(hashctx); return r; } -+#endif /* HAVE_OPENSSL_EVP_KDF_CTX_NEW_ID */ ++#endif /* HAVE_OPENSSL_EVP_KDF_CTX_NEW */ #define NKEYS 6 int diff --git a/openssh-8.7p1-audit-hostname.patch b/openssh-8.7p1-audit-hostname.patch new file mode 100644 index 0000000..e450c00 --- /dev/null +++ b/openssh-8.7p1-audit-hostname.patch @@ -0,0 +1,106 @@ +diff --color -ruNp a/audit-linux.c b/audit-linux.c +--- a/audit-linux.c 2024-05-09 12:38:08.843017319 +0200 ++++ b/audit-linux.c 2024-05-09 12:47:05.162267634 +0200 +@@ -52,7 +52,7 @@ extern u_int utmp_len; + const char *audit_username(void); + + static void +-linux_audit_user_logxxx(int uid, const char *username, ++linux_audit_user_logxxx(int uid, const char *username, const char *hostname, + const char *ip, const char *ttyn, int success, int event) + { + int audit_fd, rc, saved_errno; +@@ -66,7 +66,7 @@ linux_audit_user_logxxx(int uid, const c + } + rc = audit_log_acct_message(audit_fd, event, + NULL, "login", username ? username : "(unknown)", +- username == NULL ? uid : -1, NULL, ip, ttyn, success); ++ username == NULL ? uid : -1, hostname, ip, ttyn, success); + saved_errno = errno; + close(audit_fd); + +@@ -181,9 +181,11 @@ audit_run_command(struct ssh *ssh, const + { + if (!user_login_count++) + linux_audit_user_logxxx(the_authctxt->pw->pw_uid, NULL, ++ options.use_dns ? remote_hostname(ssh) : NULL, + ssh_remote_ipaddr(ssh), + "ssh", 1, AUDIT_USER_LOGIN); + linux_audit_user_logxxx(the_authctxt->pw->pw_uid, NULL, ++ options.use_dns ? remote_hostname(ssh) : NULL, + ssh_remote_ipaddr(ssh), + "ssh", 1, AUDIT_USER_START); + return 0; +@@ -193,10 +195,12 @@ void + audit_end_command(struct ssh *ssh, int handle, const char *command) + { + linux_audit_user_logxxx(the_authctxt->pw->pw_uid, NULL, ++ options.use_dns ? remote_hostname(ssh) : NULL, + ssh_remote_ipaddr(ssh), + "ssh", 1, AUDIT_USER_END); + if (user_login_count && !--user_login_count) + linux_audit_user_logxxx(the_authctxt->pw->pw_uid, NULL, ++ options.use_dns ? remote_hostname(ssh) : NULL, + ssh_remote_ipaddr(ssh), + "ssh", 1, AUDIT_USER_LOGOUT); + } +@@ -211,19 +215,27 @@ void + audit_session_open(struct logininfo *li) + { + if (!user_login_count++) +- linux_audit_user_logxxx(li->uid, NULL, li->hostname, ++ linux_audit_user_logxxx(li->uid, NULL, ++ options.use_dns ? li->hostname : NULL, ++ options.use_dns ? NULL : li->hostname, + li->line, 1, AUDIT_USER_LOGIN); +- linux_audit_user_logxxx(li->uid, NULL, li->hostname, ++ linux_audit_user_logxxx(li->uid, NULL, ++ options.use_dns ? li->hostname : NULL, ++ options.use_dns ? NULL : li->hostname, + li->line, 1, AUDIT_USER_START); + } + + void + audit_session_close(struct logininfo *li) + { +- linux_audit_user_logxxx(li->uid, NULL, li->hostname, ++ linux_audit_user_logxxx(li->uid, NULL, ++ options.use_dns ? li->hostname : NULL, ++ options.use_dns ? NULL : li->hostname, + li->line, 1, AUDIT_USER_END); + if (user_login_count && !--user_login_count) +- linux_audit_user_logxxx(li->uid, NULL, li->hostname, ++ linux_audit_user_logxxx(li->uid, NULL, ++ options.use_dns ? li->hostname : NULL, ++ options.use_dns ? NULL : li->hostname, + li->line, 1, AUDIT_USER_LOGOUT); + } + +@@ -236,6 +248,7 @@ audit_event(struct ssh *ssh, ssh_audit_e + linux_audit_user_auth(-1, audit_username(), + ssh_remote_ipaddr(ssh), "ssh", 0, event); + linux_audit_user_logxxx(-1, audit_username(), ++ options.use_dns ? remote_hostname(ssh) : NULL, + ssh_remote_ipaddr(ssh), "ssh", 0, AUDIT_USER_LOGIN); + break; + case SSH_AUTH_FAIL_PASSWD: +@@ -254,9 +267,11 @@ audit_event(struct ssh *ssh, ssh_audit_e + if (user_login_count) { + while (user_login_count--) + linux_audit_user_logxxx(the_authctxt->pw->pw_uid, NULL, ++ options.use_dns ? remote_hostname(ssh) : NULL, + ssh_remote_ipaddr(ssh), + "ssh", 1, AUDIT_USER_END); + linux_audit_user_logxxx(the_authctxt->pw->pw_uid, NULL, ++ options.use_dns ? remote_hostname(ssh) : NULL, + ssh_remote_ipaddr(ssh), + "ssh", 1, AUDIT_USER_LOGOUT); + } +@@ -265,6 +280,7 @@ audit_event(struct ssh *ssh, ssh_audit_e + case SSH_CONNECTION_ABANDON: + case SSH_INVALID_USER: + linux_audit_user_logxxx(-1, audit_username(), ++ options.use_dns ? remote_hostname(ssh) : NULL, + ssh_remote_ipaddr(ssh), "ssh", 0, AUDIT_USER_LOGIN); + break; + default: diff --git a/openssh-8.7p1-nohostsha1proof.patch b/openssh-8.7p1-nohostsha1proof.patch index 7fea800..6a6b63d 100644 --- a/openssh-8.7p1-nohostsha1proof.patch +++ b/openssh-8.7p1-nohostsha1proof.patch @@ -241,10 +241,10 @@ diff -up openssh-8.7p1/regress/unittests/sshkey/test_sshkey.c.sshrsacheck openss { size_t len; u_char *sig; -+ /* ssh-rsa implies SHA1, forbidden in DEFAULT cp */ -+ int expected = (sig_alg && strcmp(sig_alg, "ssh-rsa") == 0) ? SSH_ERR_LIBCRYPTO_ERROR : 0; ++ /* ssh-rsa implies SHA1, forbidden in DEFAULT cp in RHEL, permitted in Fedora */ ++ int expected = (sig_alg && strcmp(sig_alg, "ssh-rsa") == 0) ? sshkey_sign(k, &sig, &len, d, l, sig_alg, NULL, NULL, 0) : 0; + if (k && (sshkey_type_plain(k->type) == KEY_DSA || sshkey_type_plain(k->type) == KEY_DSA_CERT)) -+ expected = SSH_ERR_LIBCRYPTO_ERROR; ++ expected = sshkey_sign(k, &sig, &len, d, l, sig_alg, NULL, NULL, 0); ASSERT_INT_EQ(sshkey_sign(k, &sig, &len, d, l, sig_alg, - NULL, NULL, 0), 0); diff --git a/openssh-9.6p1-cve-2024-6387.patch b/openssh-9.6p1-cve-2024-6387.patch deleted file mode 100644 index 646cf7c..0000000 --- a/openssh-9.6p1-cve-2024-6387.patch +++ /dev/null @@ -1,35 +0,0 @@ -diff --git a/log.c b/log.c -index 9fc1a2e2e..191ff4a5a 100644 ---- a/log.c -+++ b/log.c -@@ -451,12 +451,14 @@ void - sshsigdie(const char *file, const char *func, int line, int showfunc, - LogLevel level, const char *suffix, const char *fmt, ...) - { -+#ifdef SYSLOG_R_SAFE_IN_SIGHAND - va_list args; - - va_start(args, fmt); - sshlogv(file, func, line, showfunc, SYSLOG_LEVEL_FATAL, - suffix, fmt, args); - va_end(args); -+#endif - _exit(1); - } - -diff --git a/clientloop.c b/clientloop.c -index 8ec36af94..6dcd6c853 100644 ---- a/clientloop.c -+++ b/clientloop.c -@@ -608,8 +608,9 @@ obfuscate_keystroke_timing(struct ssh *ssh, struct timespec *timeout, - if (timespeccmp(&now, &chaff_until, >=)) { - /* Stop if there have been no keystrokes for a while */ - stop_reason = "chaff time expired"; -- } else if (timespeccmp(&now, &next_interval, >=)) { -- /* Otherwise if we were due to send, then send chaff */ -+ } else if (timespeccmp(&now, &next_interval, >=) && -+ !ssh_packet_have_data_to_write(ssh)) { -+ /* If due to send but have no data, then send chaff */ - if (send_chaff(ssh)) - nchaff++; - } diff --git a/openssh-9.6p1-gsissh.patch b/openssh-9.6p1-gsissh.patch index 4929e40..a2d2eff 100644 --- a/openssh-9.6p1-gsissh.patch +++ b/openssh-9.6p1-gsissh.patch @@ -1,6 +1,6 @@ diff -Nur openssh-9.6p1.orig/auth2.c openssh-9.6p1/auth2.c ---- openssh-9.6p1.orig/auth2.c 2024-07-06 07:19:36.958049782 +0200 -+++ openssh-9.6p1/auth2.c 2024-07-06 07:20:29.705200575 +0200 +--- openssh-9.6p1.orig/auth2.c 2024-07-07 07:25:31.581747706 +0200 ++++ openssh-9.6p1/auth2.c 2024-07-07 07:26:28.481916473 +0200 @@ -286,7 +286,28 @@ (r = sshpkt_get_cstring(ssh, &service, NULL)) != 0 || (r = sshpkt_get_cstring(ssh, &method, NULL)) != 0) @@ -102,8 +102,8 @@ diff -Nur openssh-9.6p1.orig/auth2.c openssh-9.6p1/auth2.c authctxt->user, authctxt->service, user, service); } diff -Nur openssh-9.6p1.orig/auth2-gss.c openssh-9.6p1/auth2-gss.c ---- openssh-9.6p1.orig/auth2-gss.c 2024-07-06 07:19:36.850049473 +0200 -+++ openssh-9.6p1/auth2-gss.c 2024-07-06 07:20:29.705200575 +0200 +--- openssh-9.6p1.orig/auth2-gss.c 2024-07-07 07:25:31.469747374 +0200 ++++ openssh-9.6p1/auth2-gss.c 2024-07-07 07:26:28.482916477 +0200 @@ -52,6 +52,7 @@ extern ServerOptions options; @@ -309,8 +309,8 @@ diff -Nur openssh-9.6p1.orig/auth2-gss.c openssh-9.6p1/auth2-gss.c "gssapi-keyex", NULL, diff -Nur openssh-9.6p1.orig/auth.c openssh-9.6p1/auth.c ---- openssh-9.6p1.orig/auth.c 2024-07-06 07:19:36.958049782 +0200 -+++ openssh-9.6p1/auth.c 2024-07-06 07:20:29.706200578 +0200 +--- openssh-9.6p1.orig/auth.c 2024-07-07 07:25:31.582747709 +0200 ++++ openssh-9.6p1/auth.c 2024-07-07 07:26:28.482916477 +0200 @@ -299,7 +299,8 @@ method, submethod != NULL ? "/" : "", submethod == NULL ? "" : submethod, @@ -342,8 +342,8 @@ diff -Nur openssh-9.6p1.orig/auth.c openssh-9.6p1/auth.c record_failed_login(ssh, user, auth_get_canonical_hostname(ssh, options.use_dns), "ssh"); diff -Nur openssh-9.6p1.orig/auth.h openssh-9.6p1/auth.h ---- openssh-9.6p1.orig/auth.h 2024-07-06 07:19:36.959049785 +0200 -+++ openssh-9.6p1/auth.h 2024-07-06 07:20:29.706200578 +0200 +--- openssh-9.6p1.orig/auth.h 2024-07-07 07:25:31.582747709 +0200 ++++ openssh-9.6p1/auth.h 2024-07-07 07:26:28.483916479 +0200 @@ -85,6 +85,8 @@ krb5_principal krb5_user; char *krb5_ticket_file; @@ -354,8 +354,8 @@ diff -Nur openssh-9.6p1.orig/auth.h openssh-9.6p1/auth.h #endif struct sshbuf *loginmsg; diff -Nur openssh-9.6p1.orig/auth-pam.c openssh-9.6p1/auth-pam.c ---- openssh-9.6p1.orig/auth-pam.c 2024-07-06 07:19:36.944049742 +0200 -+++ openssh-9.6p1/auth-pam.c 2024-07-06 07:20:29.707200580 +0200 +--- openssh-9.6p1.orig/auth-pam.c 2024-07-07 07:25:31.623747830 +0200 ++++ openssh-9.6p1/auth-pam.c 2024-07-07 07:26:28.483916479 +0200 @@ -252,6 +252,7 @@ static const char *sshpam_password = NULL; static char *sshpam_rhost = NULL; @@ -485,7 +485,7 @@ diff -Nur openssh-9.6p1.orig/auth-pam.c openssh-9.6p1/auth-pam.c + /* Save so allowed_user can be called later */ + sshpam_ssh = ssh; } - if (sshpam_rhost != NULL) { + if (sshpam_rhost != NULL && strcmp(sshpam_rhost, "UNKNOWN") != 0) { debug("PAM: setting PAM_RHOST to \"%s\"", sshpam_rhost); @@ -1096,6 +1176,18 @@ debug3("PAM: %s pam_acct_mgmt = %d (%s)", __func__, sshpam_err, @@ -517,8 +517,8 @@ diff -Nur openssh-9.6p1.orig/auth-pam.c openssh-9.6p1/auth-pam.c free(fake); if (sshpam_err == PAM_MAXTRIES) diff -Nur openssh-9.6p1.orig/auth-pam.h openssh-9.6p1/auth-pam.h ---- openssh-9.6p1.orig/auth-pam.h 2024-07-06 07:19:36.818049382 +0200 -+++ openssh-9.6p1/auth-pam.h 2024-07-06 07:20:29.708200583 +0200 +--- openssh-9.6p1.orig/auth-pam.h 2024-07-07 07:25:31.437747279 +0200 ++++ openssh-9.6p1/auth-pam.h 2024-07-07 07:26:28.484916482 +0200 @@ -43,5 +43,6 @@ int sshpam_get_maxtries_reached(void); void sshpam_set_maxtries_reached(int); @@ -527,8 +527,8 @@ diff -Nur openssh-9.6p1.orig/auth-pam.h openssh-9.6p1/auth-pam.h #endif /* USE_PAM */ diff -Nur openssh-9.6p1.orig/canohost.c openssh-9.6p1/canohost.c ---- openssh-9.6p1.orig/canohost.c 2024-07-06 07:19:36.850049473 +0200 -+++ openssh-9.6p1/canohost.c 2024-07-06 07:20:29.708200583 +0200 +--- openssh-9.6p1.orig/canohost.c 2024-07-07 07:25:31.470747377 +0200 ++++ openssh-9.6p1/canohost.c 2024-07-07 07:26:28.484916482 +0200 @@ -17,6 +17,7 @@ #include #include @@ -572,8 +572,8 @@ diff -Nur openssh-9.6p1.orig/canohost.c openssh-9.6p1/canohost.c + } +} diff -Nur openssh-9.6p1.orig/canohost.h openssh-9.6p1/canohost.h ---- openssh-9.6p1.orig/canohost.h 2024-07-06 07:19:36.850049473 +0200 -+++ openssh-9.6p1/canohost.h 2024-07-06 07:20:29.709200586 +0200 +--- openssh-9.6p1.orig/canohost.h 2024-07-07 07:25:31.470747377 +0200 ++++ openssh-9.6p1/canohost.h 2024-07-07 07:26:28.484916482 +0200 @@ -26,4 +26,6 @@ #endif /* _CANOHOST_H */ @@ -582,9 +582,9 @@ diff -Nur openssh-9.6p1.orig/canohost.h openssh-9.6p1/canohost.h + void ipv64_normalise_mapped(struct sockaddr_storage *, socklen_t *); diff -Nur openssh-9.6p1.orig/configure.ac openssh-9.6p1/configure.ac ---- openssh-9.6p1.orig/configure.ac 2024-07-06 07:19:36.936049719 +0200 -+++ openssh-9.6p1/configure.ac 2024-07-06 07:20:29.710200589 +0200 -@@ -4865,6 +4865,14 @@ +--- openssh-9.6p1.orig/configure.ac 2024-07-07 07:25:31.559747641 +0200 ++++ openssh-9.6p1/configure.ac 2024-07-07 07:26:28.486916488 +0200 +@@ -4866,6 +4866,14 @@ AC_CHECK_HEADER([gssapi_krb5.h], , [ CPPFLAGS="$oldCPP" ]) @@ -599,9 +599,9 @@ diff -Nur openssh-9.6p1.orig/configure.ac openssh-9.6p1/configure.ac fi fi if test -n "${rpath_opt}" ; then -@@ -4930,6 +4938,40 @@ - ) - +@@ -4907,6 +4915,40 @@ + AC_SUBST([K5LIBS]) + AC_SUBST([CHANNELLIBS]) +# Check whether the user wants GSI (Globus) support +gsi="no" @@ -641,8 +641,8 @@ diff -Nur openssh-9.6p1.orig/configure.ac openssh-9.6p1/configure.ac PRIVSEP_PATH=/var/empty diff -Nur openssh-9.6p1.orig/gss-genr.c openssh-9.6p1/gss-genr.c ---- openssh-9.6p1.orig/gss-genr.c 2024-07-06 07:19:37.001049905 +0200 -+++ openssh-9.6p1/gss-genr.c 2024-07-06 07:20:29.711200592 +0200 +--- openssh-9.6p1.orig/gss-genr.c 2024-07-07 07:25:31.626747839 +0200 ++++ openssh-9.6p1/gss-genr.c 2024-07-07 07:26:28.486916488 +0200 @@ -41,6 +41,7 @@ #include "ssherr.h" #include "sshbuf.h" @@ -651,7 +651,7 @@ diff -Nur openssh-9.6p1.orig/gss-genr.c openssh-9.6p1/gss-genr.c #include "ssh2.h" #include "cipher.h" #include "sshkey.h" -@@ -409,9 +410,18 @@ +@@ -416,9 +417,18 @@ ssh_gssapi_import_name(Gssctxt *ctx, const char *host) { gss_buffer_desc gssbuf; @@ -671,7 +671,7 @@ diff -Nur openssh-9.6p1.orig/gss-genr.c openssh-9.6p1/gss-genr.c gssbuf.value = val; gssbuf.length = strlen(gssbuf.value); -@@ -419,6 +429,7 @@ +@@ -426,6 +436,7 @@ &gssbuf, GSS_C_NT_HOSTBASED_SERVICE, &ctx->name))) ssh_gssapi_error(ctx); @@ -680,8 +680,8 @@ diff -Nur openssh-9.6p1.orig/gss-genr.c openssh-9.6p1/gss-genr.c return (ctx->major); } diff -Nur openssh-9.6p1.orig/gss-serv.c openssh-9.6p1/gss-serv.c ---- openssh-9.6p1.orig/gss-serv.c 2024-07-06 07:19:36.870049530 +0200 -+++ openssh-9.6p1/gss-serv.c 2024-07-06 07:20:29.712200595 +0200 +--- openssh-9.6p1.orig/gss-serv.c 2024-07-07 07:25:31.489747433 +0200 ++++ openssh-9.6p1/gss-serv.c 2024-07-07 07:26:28.487916491 +0200 @@ -50,10 +50,12 @@ #include "monitor_wrap.h" @@ -964,7 +964,7 @@ diff -Nur openssh-9.6p1.orig/gss-serv.c openssh-9.6p1/gss-serv.c diff -Nur openssh-9.6p1.orig/gss-serv-gsi.c openssh-9.6p1/gss-serv-gsi.c --- openssh-9.6p1.orig/gss-serv-gsi.c 1970-01-01 01:00:00.000000000 +0100 -+++ openssh-9.6p1/gss-serv-gsi.c 2024-07-06 07:20:29.712200595 +0200 ++++ openssh-9.6p1/gss-serv-gsi.c 2024-07-07 07:26:28.488916494 +0200 @@ -0,0 +1,328 @@ +/* + * Copyright (c) 2001-2003 Simon Wilkinson. All rights reserved. @@ -1295,8 +1295,8 @@ diff -Nur openssh-9.6p1.orig/gss-serv-gsi.c openssh-9.6p1/gss-serv-gsi.c +#endif /* GSI */ +#endif /* GSSAPI */ diff -Nur openssh-9.6p1.orig/gss-serv-krb5.c openssh-9.6p1/gss-serv-krb5.c ---- openssh-9.6p1.orig/gss-serv-krb5.c 2024-07-06 07:19:36.892049593 +0200 -+++ openssh-9.6p1/gss-serv-krb5.c 2024-07-06 07:20:29.713200598 +0200 +--- openssh-9.6p1.orig/gss-serv-krb5.c 2024-07-07 07:25:31.515747510 +0200 ++++ openssh-9.6p1/gss-serv-krb5.c 2024-07-07 07:26:28.488916494 +0200 @@ -379,6 +379,34 @@ return found_principal; } @@ -1351,8 +1351,8 @@ diff -Nur openssh-9.6p1.orig/gss-serv-krb5.c openssh-9.6p1/gss-serv-krb5.c &ssh_gssapi_krb5_updatecreds }; diff -Nur openssh-9.6p1.orig/kexgsss.c openssh-9.6p1/kexgsss.c ---- openssh-9.6p1.orig/kexgsss.c 2024-07-06 07:19:36.855049488 +0200 -+++ openssh-9.6p1/kexgsss.c 2024-07-06 07:20:29.713200598 +0200 +--- openssh-9.6p1.orig/kexgsss.c 2024-07-07 07:25:31.497747457 +0200 ++++ openssh-9.6p1/kexgsss.c 2024-07-07 08:04:49.351732601 +0200 @@ -48,6 +48,7 @@ #include "digest.h" #include "ssherr.h" @@ -1360,27 +1360,36 @@ diff -Nur openssh-9.6p1.orig/kexgsss.c openssh-9.6p1/kexgsss.c +static void kex_gss_send_error(Gssctxt *ctxt, struct ssh *ssh); extern ServerOptions options; - int -@@ -96,8 +97,10 @@ + static int input_kexgss_init(int, u_int32_t, struct ssh *); +@@ -81,8 +82,10 @@ debug2_f("Acquiring credentials"); -- if (GSS_ERROR(PRIVSEP(ssh_gssapi_server_ctx(&ctxt, oid)))) -+ if (GSS_ERROR(PRIVSEP(ssh_gssapi_server_ctx(&ctxt, oid)))) { -+ kex_gss_send_error(ctxt, ssh); +- if (GSS_ERROR(PRIVSEP(ssh_gssapi_server_ctx(&kex->gss, oid)))) ++ if (GSS_ERROR(PRIVSEP(ssh_gssapi_server_ctx(&kex->gss, oid)))) { ++ kex_gss_send_error(kex->gss, ssh); fatal("Unable to acquire credentials for the server"); + } - do { - debug("Wait SSH2_MSG_KEXGSS_INIT"); -@@ -195,13 +198,14 @@ - } while (maj_status & GSS_S_CONTINUE_NEEDED); + ssh_gssapi_build_ctx(&kex->gss); + if (kex->gss == NULL) +@@ -127,7 +130,7 @@ + gss_buffer_desc *send_tok, + OM_uint32 *ret_flags) + { +- struct kex *kex = ssh->kex; ++struct kex *kex = ssh->kex; + Gssctxt *gss = kex->gss; + gss_buffer_desc msg_tok; + int r; +@@ -136,13 +139,14 @@ + ssh_dispatch_set(ssh, SSH2_MSG_KEXGSS_CONTINUE, NULL); - if (GSS_ERROR(maj_status)) { -+ kex_gss_send_error(ctxt, ssh); - if (send_tok.length > 0) { + if (GSS_ERROR(gss->major)) { ++ kex_gss_send_error(kex->gss, ssh); + if (send_tok->length > 0) { if ((r = sshpkt_start(ssh, SSH2_MSG_KEXGSS_CONTINUE)) != 0 || - (r = sshpkt_put_string(ssh, send_tok.value, send_tok.length)) != 0 || + (r = sshpkt_put_string(ssh, send_tok->value, send_tok->length)) != 0 || (r = sshpkt_send(ssh)) != 0) fatal("sshpkt failed: %s", ssh_err(r)); } @@ -1388,12 +1397,11 @@ diff -Nur openssh-9.6p1.orig/kexgsss.c openssh-9.6p1/kexgsss.c + ssh_packet_disconnect(ssh, "GSSAPI Key Exchange handshake failed"); } - if (!(ret_flags & GSS_C_MUTUAL_FLAG)) -@@ -479,4 +483,26 @@ - sshbuf_free(shared_secret); - return r; + if (!(*ret_flags & GSS_C_MUTUAL_FLAG)) +@@ -587,4 +591,26 @@ + return kexgssgex_final(ssh, &send_tok, &ret_flags); } -+ + +static void +kex_gss_send_error(Gssctxt *ctxt, struct ssh *ssh) { + char *errstr; @@ -1415,10 +1423,11 @@ diff -Nur openssh-9.6p1.orig/kexgsss.c openssh-9.6p1/kexgsss.c + free(errstr); + } +} ++ #endif /* defined(GSSAPI) && defined(WITH_OPENSSL) */ diff -Nur openssh-9.6p1.orig/Makefile.in openssh-9.6p1/Makefile.in ---- openssh-9.6p1.orig/Makefile.in 2024-07-06 07:19:36.961049790 +0200 -+++ openssh-9.6p1/Makefile.in 2024-07-06 07:20:29.713200598 +0200 +--- openssh-9.6p1.orig/Makefile.in 2024-07-07 07:25:31.584747715 +0200 ++++ openssh-9.6p1/Makefile.in 2024-07-07 07:26:28.489916497 +0200 @@ -130,6 +130,7 @@ auth2-none.o auth2-passwd.o auth2-pubkey.o auth2-pubkeyfile.o \ monitor.o monitor_wrap.o auth-krb5.o \ @@ -1428,8 +1437,8 @@ diff -Nur openssh-9.6p1.orig/Makefile.in openssh-9.6p1/Makefile.in srclimit.o sftp-server.o sftp-common.o \ sandbox-null.o sandbox-rlimit.o sandbox-systrace.o sandbox-darwin.o \ diff -Nur openssh-9.6p1.orig/misc.c openssh-9.6p1/misc.c ---- openssh-9.6p1.orig/misc.c 2024-07-06 07:19:37.002049908 +0200 -+++ openssh-9.6p1/misc.c 2024-07-06 07:20:29.714200600 +0200 +--- openssh-9.6p1.orig/misc.c 2024-07-07 07:25:31.628747845 +0200 ++++ openssh-9.6p1/misc.c 2024-07-07 07:26:28.490916500 +0200 @@ -419,11 +419,14 @@ #define WHITESPACE " \t\r\n" #define QUOTE "\"" @@ -1490,8 +1499,8 @@ diff -Nur openssh-9.6p1.orig/misc.c openssh-9.6p1/misc.c * Convert ASCII string to TCP/IP port number. * Port must be >=0 and <=65535. diff -Nur openssh-9.6p1.orig/misc.h openssh-9.6p1/misc.h ---- openssh-9.6p1.orig/misc.h 2024-07-06 07:19:36.911049648 +0200 -+++ openssh-9.6p1/misc.h 2024-07-06 07:20:29.715200603 +0200 +--- openssh-9.6p1.orig/misc.h 2024-07-07 07:25:31.534747567 +0200 ++++ openssh-9.6p1/misc.h 2024-07-07 07:26:28.490916500 +0200 @@ -103,6 +103,7 @@ void sock_set_v6only(int); @@ -1501,8 +1510,8 @@ diff -Nur openssh-9.6p1.orig/misc.h openssh-9.6p1/misc.h typedef void privdrop_fn(struct passwd *); diff -Nur openssh-9.6p1.orig/monitor.c openssh-9.6p1/monitor.c ---- openssh-9.6p1.orig/monitor.c 2024-07-06 07:19:37.002049908 +0200 -+++ openssh-9.6p1/monitor.c 2024-07-06 07:20:29.716200606 +0200 +--- openssh-9.6p1.orig/monitor.c 2024-07-07 07:25:31.628747845 +0200 ++++ openssh-9.6p1/monitor.c 2024-07-07 07:26:28.491916503 +0200 @@ -149,6 +149,9 @@ int mm_answer_gss_userok(struct ssh *, int, struct sshbuf *); int mm_answer_gss_checkmic(struct ssh *, int, struct sshbuf *); @@ -1673,8 +1682,8 @@ diff -Nur openssh-9.6p1.orig/monitor.c openssh-9.6p1/monitor.c { gss_buffer_desc data; diff -Nur openssh-9.6p1.orig/monitor.h openssh-9.6p1/monitor.h ---- openssh-9.6p1.orig/monitor.h 2024-07-06 07:19:36.962049793 +0200 -+++ openssh-9.6p1/monitor.h 2024-07-06 07:20:29.716200606 +0200 +--- openssh-9.6p1.orig/monitor.h 2024-07-07 07:25:31.585747718 +0200 ++++ openssh-9.6p1/monitor.h 2024-07-07 07:26:28.492916506 +0200 @@ -75,6 +75,10 @@ MONITOR_REQ_GSSSIGN = 150, MONITOR_ANS_GSSSIGN = 151, @@ -1687,8 +1696,8 @@ diff -Nur openssh-9.6p1.orig/monitor.h openssh-9.6p1/monitor.h struct ssh; diff -Nur openssh-9.6p1.orig/monitor_wrap.c openssh-9.6p1/monitor_wrap.c ---- openssh-9.6p1.orig/monitor_wrap.c 2024-07-06 07:19:36.968049810 +0200 -+++ openssh-9.6p1/monitor_wrap.c 2024-07-06 07:20:29.716200606 +0200 +--- openssh-9.6p1.orig/monitor_wrap.c 2024-07-07 07:25:31.592747738 +0200 ++++ openssh-9.6p1/monitor_wrap.c 2024-07-07 07:26:28.492916506 +0200 @@ -1083,6 +1083,94 @@ return (authenticated); } @@ -1785,8 +1794,8 @@ diff -Nur openssh-9.6p1.orig/monitor_wrap.c openssh-9.6p1/monitor_wrap.c mm_ssh_gssapi_sign(Gssctxt *ctx, gss_buffer_desc *data, gss_buffer_desc *hash) { diff -Nur openssh-9.6p1.orig/monitor_wrap.h openssh-9.6p1/monitor_wrap.h ---- openssh-9.6p1.orig/monitor_wrap.h 2024-07-06 07:19:36.968049810 +0200 -+++ openssh-9.6p1/monitor_wrap.h 2024-07-06 07:20:29.717200609 +0200 +--- openssh-9.6p1.orig/monitor_wrap.h 2024-07-07 07:25:31.592747738 +0200 ++++ openssh-9.6p1/monitor_wrap.h 2024-07-07 07:26:28.493916509 +0200 @@ -73,6 +73,10 @@ int mm_ssh_gssapi_userok(char *user, struct passwd *, int kex); OM_uint32 mm_ssh_gssapi_checkmic(Gssctxt *, gss_buffer_t, gss_buffer_t); @@ -1799,8 +1808,8 @@ diff -Nur openssh-9.6p1.orig/monitor_wrap.h openssh-9.6p1/monitor_wrap.h #endif diff -Nur openssh-9.6p1.orig/readconf.c openssh-9.6p1/readconf.c ---- openssh-9.6p1.orig/readconf.c 2024-07-06 07:19:37.004049913 +0200 -+++ openssh-9.6p1/readconf.c 2024-07-06 07:20:29.718200612 +0200 +--- openssh-9.6p1.orig/readconf.c 2024-07-07 07:25:31.629747848 +0200 ++++ openssh-9.6p1/readconf.c 2024-07-07 07:26:28.493916509 +0200 @@ -2723,11 +2723,11 @@ if (options->pubkey_authentication == -1) options->pubkey_authentication = SSH_PUBKEY_AUTH_ALL; @@ -1817,8 +1826,8 @@ diff -Nur openssh-9.6p1.orig/readconf.c openssh-9.6p1/readconf.c options->gss_trust_dns = 0; if (options->gss_renewal_rekey == -1) diff -Nur openssh-9.6p1.orig/readconf.h openssh-9.6p1/readconf.h ---- openssh-9.6p1.orig/readconf.h 2024-07-06 07:19:36.858049496 +0200 -+++ openssh-9.6p1/readconf.h 2024-07-06 07:20:29.718200612 +0200 +--- openssh-9.6p1.orig/readconf.h 2024-07-07 07:25:31.477747397 +0200 ++++ openssh-9.6p1/readconf.h 2024-07-07 07:26:28.494916512 +0200 @@ -80,6 +80,8 @@ char *host_key_alias; /* hostname alias for .ssh/known_hosts */ char *proxy_command; /* Proxy command for connecting the host. */ @@ -1829,8 +1838,8 @@ diff -Nur openssh-9.6p1.orig/readconf.h openssh-9.6p1/readconf.h u_int num_system_hostfiles; /* Paths for /etc/ssh/ssh_known_hosts */ diff -Nur openssh-9.6p1.orig/servconf.c openssh-9.6p1/servconf.c ---- openssh-9.6p1.orig/servconf.c 2024-07-06 07:19:37.004049913 +0200 -+++ openssh-9.6p1/servconf.c 2024-07-06 07:20:29.719200615 +0200 +--- openssh-9.6p1.orig/servconf.c 2024-07-07 07:25:31.630747851 +0200 ++++ openssh-9.6p1/servconf.c 2024-07-07 07:26:28.495916515 +0200 @@ -92,6 +92,7 @@ /* Portable-specific options */ @@ -2002,8 +2011,8 @@ diff -Nur openssh-9.6p1.orig/servconf.c openssh-9.6p1/servconf.c M_CP_INTOPT(pubkey_auth_options); M_CP_INTOPT(kerberos_authentication); diff -Nur openssh-9.6p1.orig/servconf.h openssh-9.6p1/servconf.h ---- openssh-9.6p1.orig/servconf.h 2024-07-06 07:19:36.904049628 +0200 -+++ openssh-9.6p1/servconf.h 2024-07-06 07:20:29.719200615 +0200 +--- openssh-9.6p1.orig/servconf.h 2024-07-07 07:25:31.526747543 +0200 ++++ openssh-9.6p1/servconf.h 2024-07-07 07:26:28.495916515 +0200 @@ -144,9 +144,12 @@ * be stored in per-session ccache */ int use_kuserok; @@ -2026,8 +2035,8 @@ diff -Nur openssh-9.6p1.orig/servconf.h openssh-9.6p1/servconf.h int permit_tun; diff -Nur openssh-9.6p1.orig/ssh.1 openssh-9.6p1/ssh.1 ---- openssh-9.6p1.orig/ssh.1 2024-07-06 07:19:36.983049853 +0200 -+++ openssh-9.6p1/ssh.1 2024-07-06 07:20:29.720200618 +0200 +--- openssh-9.6p1.orig/ssh.1 2024-07-07 07:25:31.608747786 +0200 ++++ openssh-9.6p1/ssh.1 2024-07-07 07:26:28.496916518 +0200 @@ -1528,6 +1528,18 @@ on to new connections). .It Ev USER @@ -2048,8 +2057,8 @@ diff -Nur openssh-9.6p1.orig/ssh.1 openssh-9.6p1/ssh.1 .Pp Additionally, diff -Nur openssh-9.6p1.orig/ssh.c openssh-9.6p1/ssh.c ---- openssh-9.6p1.orig/ssh.c 2024-07-06 07:19:36.977049836 +0200 -+++ openssh-9.6p1/ssh.c 2024-07-06 07:20:29.720200618 +0200 +--- openssh-9.6p1.orig/ssh.c 2024-07-07 07:25:31.602747768 +0200 ++++ openssh-9.6p1/ssh.c 2024-07-07 07:26:28.496916518 +0200 @@ -573,6 +573,38 @@ fatal("Can't open user config file %.100s: " "%.100s", config, strerror(errno)); @@ -2104,8 +2113,8 @@ diff -Nur openssh-9.6p1.orig/ssh.c openssh-9.6p1/ssh.c /* * If ProxyJump option specified, then construct a ProxyCommand now. diff -Nur openssh-9.6p1.orig/ssh_config openssh-9.6p1/ssh_config ---- openssh-9.6p1.orig/ssh_config 2024-07-06 07:19:36.860049502 +0200 -+++ openssh-9.6p1/ssh_config 2024-07-06 07:20:29.721200620 +0200 +--- openssh-9.6p1.orig/ssh_config 2024-07-07 07:25:31.479747403 +0200 ++++ openssh-9.6p1/ssh_config 2024-07-07 07:26:28.496916518 +0200 @@ -22,9 +22,9 @@ # ForwardX11 no # PasswordAuthentication yes @@ -2120,8 +2129,8 @@ diff -Nur openssh-9.6p1.orig/ssh_config openssh-9.6p1/ssh_config # BatchMode no # CheckHostIP no diff -Nur openssh-9.6p1.orig/ssh_config.5 openssh-9.6p1/ssh_config.5 ---- openssh-9.6p1.orig/ssh_config.5 2024-07-06 07:19:36.928049696 +0200 -+++ openssh-9.6p1/ssh_config.5 2024-07-06 07:20:29.721200620 +0200 +--- openssh-9.6p1.orig/ssh_config.5 2024-07-07 07:25:31.551747617 +0200 ++++ openssh-9.6p1/ssh_config.5 2024-07-07 07:26:28.497916521 +0200 @@ -52,6 +52,12 @@ user's configuration file .Pq Pa ~/.ssh/config @@ -2169,8 +2178,8 @@ diff -Nur openssh-9.6p1.orig/ssh_config.5 openssh-9.6p1/ssh_config.5 .Ed .It Cm ProxyCommand diff -Nur openssh-9.6p1.orig/sshconnect2.c openssh-9.6p1/sshconnect2.c ---- openssh-9.6p1.orig/sshconnect2.c 2024-07-06 07:19:36.995049888 +0200 -+++ openssh-9.6p1/sshconnect2.c 2024-07-06 07:20:29.722200623 +0200 +--- openssh-9.6p1.orig/sshconnect2.c 2024-07-07 07:25:31.620747821 +0200 ++++ openssh-9.6p1/sshconnect2.c 2024-07-07 07:26:28.498916524 +0200 @@ -863,6 +863,11 @@ gss_OID mech = NULL; char *gss_host = NULL; @@ -2239,8 +2248,8 @@ diff -Nur openssh-9.6p1.orig/sshconnect2.c openssh-9.6p1/sshconnect2.c (r = sshpkt_put_cstring(ssh, authctxt->method->name)) != 0 || (r = sshpkt_put_string(ssh, mic.value, mic.length)) != 0 || diff -Nur openssh-9.6p1.orig/sshd.8 openssh-9.6p1/sshd.8 ---- openssh-9.6p1.orig/sshd.8 2024-07-06 07:19:36.875049545 +0200 -+++ openssh-9.6p1/sshd.8 2024-07-06 07:20:29.722200623 +0200 +--- openssh-9.6p1.orig/sshd.8 2024-07-07 07:25:31.494747448 +0200 ++++ openssh-9.6p1/sshd.8 2024-07-07 07:26:28.498916524 +0200 @@ -839,6 +839,29 @@ # A CA key, accepted for any host in *.mydomain.com or *.mydomain.org @cert-authority *.mydomain.org,*.mydomain.com ssh-rsa AAAAB5W... @@ -2272,9 +2281,9 @@ diff -Nur openssh-9.6p1.orig/sshd.8 openssh-9.6p1/sshd.8 .Bl -tag -width Ds -compact .It Pa ~/.hushlogin diff -Nur openssh-9.6p1.orig/sshd.c openssh-9.6p1/sshd.c ---- openssh-9.6p1.orig/sshd.c 2024-07-06 07:19:37.006049919 +0200 -+++ openssh-9.6p1/sshd.c 2024-07-06 07:20:29.723200626 +0200 -@@ -2438,7 +2438,7 @@ +--- openssh-9.6p1.orig/sshd.c 2024-07-07 07:25:31.631747854 +0200 ++++ openssh-9.6p1/sshd.c 2024-07-07 07:26:28.498916524 +0200 +@@ -2431,7 +2431,7 @@ #endif #ifdef GSSAPI @@ -2284,8 +2293,8 @@ diff -Nur openssh-9.6p1.orig/sshd.c openssh-9.6p1/sshd.c authctxt->krb5_set_env = ssh_gssapi_storecreds(); restore_uid(); diff -Nur openssh-9.6p1.orig/sshd_config openssh-9.6p1/sshd_config ---- openssh-9.6p1.orig/sshd_config 2024-07-06 07:19:36.894049599 +0200 -+++ openssh-9.6p1/sshd_config 2024-07-06 07:20:29.723200626 +0200 +--- openssh-9.6p1.orig/sshd_config 2024-07-07 07:25:31.517747516 +0200 ++++ openssh-9.6p1/sshd_config 2024-07-07 07:26:28.499916527 +0200 @@ -76,10 +76,11 @@ #KerberosUseKuserok yes @@ -2312,8 +2321,8 @@ diff -Nur openssh-9.6p1.orig/sshd_config openssh-9.6p1/sshd_config #AllowTcpForwarding yes #GatewayPorts no diff -Nur openssh-9.6p1.orig/sshd_config.5 openssh-9.6p1/sshd_config.5 ---- openssh-9.6p1.orig/sshd_config.5 2024-07-06 07:19:36.928049696 +0200 -+++ openssh-9.6p1/sshd_config.5 2024-07-06 07:20:29.724200629 +0200 +--- openssh-9.6p1.orig/sshd_config.5 2024-07-07 07:25:31.552747620 +0200 ++++ openssh-9.6p1/sshd_config.5 2024-07-07 07:26:28.499916527 +0200 @@ -716,15 +716,34 @@ to allow the client to select the address to which the forwarding is bound. The default is @@ -2373,8 +2382,8 @@ diff -Nur openssh-9.6p1.orig/sshd_config.5 openssh-9.6p1/sshd_config.5 Optionally specifies additional text to append to the SSH protocol banner sent by the server upon connection. diff -Nur openssh-9.6p1.orig/sshd_config_redhat openssh-9.6p1/sshd_config_redhat ---- openssh-9.6p1.orig/sshd_config_redhat 2024-07-06 07:19:36.845049459 +0200 -+++ openssh-9.6p1/sshd_config_redhat 2024-07-06 07:20:29.724200629 +0200 +--- openssh-9.6p1.orig/sshd_config_redhat 2024-07-07 07:25:31.464747359 +0200 ++++ openssh-9.6p1/sshd_config_redhat 2024-07-07 07:26:28.499916527 +0200 @@ -2,9 +2,6 @@ ChallengeResponseAuthentication no @@ -2386,9 +2395,9 @@ diff -Nur openssh-9.6p1.orig/sshd_config_redhat openssh-9.6p1/sshd_config_redhat X11Forwarding yes diff -Nur openssh-9.6p1.orig/ssh-gss.h openssh-9.6p1/ssh-gss.h ---- openssh-9.6p1.orig/ssh-gss.h 2024-07-06 07:19:36.873049539 +0200 -+++ openssh-9.6p1/ssh-gss.h 2024-07-06 07:20:29.724200629 +0200 -@@ -97,12 +97,14 @@ +--- openssh-9.6p1.orig/ssh-gss.h 2024-07-07 07:25:31.498747460 +0200 ++++ openssh-9.6p1/ssh-gss.h 2024-07-07 07:26:28.500916530 +0200 +@@ -99,12 +99,14 @@ } ssh_gssapi_ccache; typedef struct { @@ -2404,7 +2413,7 @@ diff -Nur openssh-9.6p1.orig/ssh-gss.h openssh-9.6p1/ssh-gss.h int used; int updated; } ssh_gssapi_client; -@@ -123,7 +125,7 @@ +@@ -125,7 +127,7 @@ OM_uint32 minor; /* both */ gss_ctx_id_t context; /* both */ gss_name_t name; /* both */ @@ -2413,7 +2422,7 @@ diff -Nur openssh-9.6p1.orig/ssh-gss.h openssh-9.6p1/ssh-gss.h gss_cred_id_t creds; /* server */ gss_name_t client; /* server */ gss_cred_id_t client_creds; /* both */ -@@ -161,6 +163,9 @@ +@@ -173,6 +175,9 @@ OM_uint32 ssh_gssapi_client_identity(Gssctxt *, const char *); int ssh_gssapi_credentials_updated(Gssctxt *); @@ -2425,7 +2434,7 @@ diff -Nur openssh-9.6p1.orig/ssh-gss.h openssh-9.6p1/ssh-gss.h const char *); diff -Nur openssh-9.6p1.orig/version.h openssh-9.6p1/version.h --- openssh-9.6p1.orig/version.h 2023-12-18 15:59:50.000000000 +0100 -+++ openssh-9.6p1/version.h 2024-07-06 07:20:29.725200632 +0200 ++++ openssh-9.6p1/version.h 2024-07-07 07:26:28.500916530 +0200 @@ -2,5 +2,19 @@ #define SSH_VERSION "OpenSSH_9.6" diff --git a/openssh-9.6p1-gsskex-new-api.patch b/openssh-9.6p1-gsskex-new-api.patch new file mode 100644 index 0000000..ed09319 --- /dev/null +++ b/openssh-9.6p1-gsskex-new-api.patch @@ -0,0 +1,1965 @@ +diff --color -ruNp a/gss-genr.c b/gss-genr.c +--- a/gss-genr.c 2024-05-16 15:49:43.999411060 +0200 ++++ b/gss-genr.c 2024-06-26 12:17:55.586856954 +0200 +@@ -346,6 +346,7 @@ ssh_gssapi_build_ctx(Gssctxt **ctx) + (*ctx)->creds = GSS_C_NO_CREDENTIAL; + (*ctx)->client = GSS_C_NO_NAME; + (*ctx)->client_creds = GSS_C_NO_CREDENTIAL; ++ (*ctx)->first = 1; + } + + /* Delete our context, providing it has been built correctly */ +@@ -371,6 +372,12 @@ ssh_gssapi_delete_ctx(Gssctxt **ctx) + gss_release_name(&ms, &(*ctx)->client); + if ((*ctx)->client_creds != GSS_C_NO_CREDENTIAL) + gss_release_cred(&ms, &(*ctx)->client_creds); ++ sshbuf_free((*ctx)->shared_secret); ++ sshbuf_free((*ctx)->server_pubkey); ++ sshbuf_free((*ctx)->server_host_key_blob); ++ sshbuf_free((*ctx)->server_blob); ++ explicit_bzero((*ctx)->hash, sizeof((*ctx)->hash)); ++ BN_clear_free((*ctx)->dh_client_pub); + + free(*ctx); + *ctx = NULL; +diff --color -ruNp a/kexgssc.c b/kexgssc.c +--- a/kexgssc.c 2024-05-16 15:49:43.820407648 +0200 ++++ b/kexgssc.c 2024-07-02 16:26:25.628746744 +0200 +@@ -47,566 +47,658 @@ + + #include "ssh-gss.h" + +-int +-kexgss_client(struct ssh *ssh) ++static int input_kexgss_hostkey(int, u_int32_t, struct ssh *); ++static int input_kexgss_continue(int, u_int32_t, struct ssh *); ++static int input_kexgss_complete(int, u_int32_t, struct ssh *); ++static int input_kexgss_error(int, u_int32_t, struct ssh *); ++static int input_kexgssgex_group(int, u_int32_t, struct ssh *); ++static int input_kexgssgex_continue(int, u_int32_t, struct ssh *); ++static int input_kexgssgex_complete(int, u_int32_t, struct ssh *); ++ ++static int ++kexgss_final(struct ssh *ssh) + { + struct kex *kex = ssh->kex; +- gss_buffer_desc send_tok = GSS_C_EMPTY_BUFFER, +- recv_tok = GSS_C_EMPTY_BUFFER, +- gssbuf, msg_tok = GSS_C_EMPTY_BUFFER, *token_ptr; +- Gssctxt *ctxt; +- OM_uint32 maj_status, min_status, ret_flags; +- struct sshbuf *server_blob = NULL; +- struct sshbuf *shared_secret = NULL; +- struct sshbuf *server_host_key_blob = NULL; ++ Gssctxt *gss = kex->gss; + struct sshbuf *empty = NULL; +- u_char *msg; +- int type = 0; +- int first = 1; ++ struct sshbuf *shared_secret = NULL; + u_char hash[SSH_DIGEST_MAX_LENGTH]; + size_t hashlen; +- u_char c; + int r; + +- /* Initialise our GSSAPI world */ +- ssh_gssapi_build_ctx(&ctxt); +- if (ssh_gssapi_id_kex(ctxt, kex->name, kex->kex_type) +- == GSS_C_NO_OID) +- fatal("Couldn't identify host exchange"); +- +- if (ssh_gssapi_import_name(ctxt, kex->gss_host)) +- fatal("Couldn't import hostname"); +- +- if (kex->gss_client && +- ssh_gssapi_client_identity(ctxt, kex->gss_client)) +- fatal("Couldn't acquire client credentials"); +- +- /* Step 1 */ +- switch (kex->kex_type) { +- case KEX_GSS_GRP1_SHA1: +- case KEX_GSS_GRP14_SHA1: +- case KEX_GSS_GRP14_SHA256: +- case KEX_GSS_GRP16_SHA512: +- r = kex_dh_keypair(kex); +- break; +- case KEX_GSS_NISTP256_SHA256: +- r = kex_ecdh_keypair(kex); +- break; +- case KEX_GSS_C25519_SHA256: +- r = kex_c25519_keypair(kex); +- break; +- default: +- fatal_f("Unexpected KEX type %d", kex->kex_type); +- } +- if (r != 0) { +- ssh_gssapi_delete_ctx(&ctxt); +- return r; +- } +- +- token_ptr = GSS_C_NO_BUFFER; +- +- do { +- debug("Calling gss_init_sec_context"); +- +- maj_status = ssh_gssapi_init_ctx(ctxt, +- kex->gss_deleg_creds, token_ptr, &send_tok, +- &ret_flags); +- +- if (GSS_ERROR(maj_status)) { +- /* XXX Useles code: Missing send? */ +- if (send_tok.length != 0) { +- if ((r = sshpkt_start(ssh, +- SSH2_MSG_KEXGSS_CONTINUE)) != 0 || +- (r = sshpkt_put_string(ssh, send_tok.value, +- send_tok.length)) != 0) +- fatal("sshpkt failed: %s", ssh_err(r)); +- } +- fatal("gss_init_context failed"); +- } +- +- /* If we've got an old receive buffer get rid of it */ +- if (token_ptr != GSS_C_NO_BUFFER) +- gss_release_buffer(&min_status, &recv_tok); +- +- if (maj_status == GSS_S_COMPLETE) { +- /* If mutual state flag is not true, kex fails */ +- if (!(ret_flags & GSS_C_MUTUAL_FLAG)) +- fatal("Mutual authentication failed"); +- +- /* If integ avail flag is not true kex fails */ +- if (!(ret_flags & GSS_C_INTEG_FLAG)) +- fatal("Integrity check failed"); +- } +- +- /* +- * If we have data to send, then the last message that we +- * received cannot have been a 'complete'. +- */ +- if (send_tok.length != 0) { +- if (first) { +- if ((r = sshpkt_start(ssh, SSH2_MSG_KEXGSS_INIT)) != 0 || +- (r = sshpkt_put_string(ssh, send_tok.value, +- send_tok.length)) != 0 || +- (r = sshpkt_put_stringb(ssh, kex->client_pub)) != 0) +- fatal("failed to construct packet: %s", ssh_err(r)); +- first = 0; +- } else { +- if ((r = sshpkt_start(ssh, SSH2_MSG_KEXGSS_CONTINUE)) != 0 || +- (r = sshpkt_put_string(ssh, send_tok.value, +- send_tok.length)) != 0) +- fatal("failed to construct packet: %s", ssh_err(r)); +- } +- if ((r = sshpkt_send(ssh)) != 0) +- fatal("failed to send packet: %s", ssh_err(r)); +- gss_release_buffer(&min_status, &send_tok); +- +- /* If we've sent them data, they should reply */ +- do { +- type = ssh_packet_read(ssh); +- if (type == SSH2_MSG_KEXGSS_HOSTKEY) { +- u_char *tmp = NULL; +- size_t tmp_len = 0; +- +- debug("Received KEXGSS_HOSTKEY"); +- if (server_host_key_blob) +- fatal("Server host key received more than once"); +- if ((r = sshpkt_get_string(ssh, &tmp, &tmp_len)) != 0) +- fatal("Failed to read server host key: %s", ssh_err(r)); +- if ((server_host_key_blob = sshbuf_from(tmp, tmp_len)) == NULL) +- fatal("sshbuf_from failed"); +- } +- } while (type == SSH2_MSG_KEXGSS_HOSTKEY); +- +- switch (type) { +- case SSH2_MSG_KEXGSS_CONTINUE: +- debug("Received GSSAPI_CONTINUE"); +- if (maj_status == GSS_S_COMPLETE) +- fatal("GSSAPI Continue received from server when complete"); +- if ((r = ssh_gssapi_sshpkt_get_buffer_desc(ssh, +- &recv_tok)) != 0 || +- (r = sshpkt_get_end(ssh)) != 0) +- fatal("Failed to read token: %s", ssh_err(r)); +- break; +- case SSH2_MSG_KEXGSS_COMPLETE: +- debug("Received GSSAPI_COMPLETE"); +- if (msg_tok.value != NULL) +- fatal("Received GSSAPI_COMPLETE twice?"); +- if ((r = sshpkt_getb_froms(ssh, &server_blob)) != 0 || +- (r = ssh_gssapi_sshpkt_get_buffer_desc(ssh, +- &msg_tok)) != 0) +- fatal("Failed to read message: %s", ssh_err(r)); +- +- /* Is there a token included? */ +- if ((r = sshpkt_get_u8(ssh, &c)) != 0) +- fatal("sshpkt failed: %s", ssh_err(r)); +- if (c) { +- if ((r = ssh_gssapi_sshpkt_get_buffer_desc( +- ssh, &recv_tok)) != 0) +- fatal("Failed to read token: %s", ssh_err(r)); +- /* If we're already complete - protocol error */ +- if (maj_status == GSS_S_COMPLETE) +- sshpkt_disconnect(ssh, "Protocol error: received token when complete"); +- } else { +- /* No token included */ +- if (maj_status != GSS_S_COMPLETE) +- sshpkt_disconnect(ssh, "Protocol error: did not receive final token"); +- } +- if ((r = sshpkt_get_end(ssh)) != 0) { +- fatal("Expecting end of packet."); +- } +- break; +- case SSH2_MSG_KEXGSS_ERROR: +- debug("Received Error"); +- if ((r = sshpkt_get_u32(ssh, &maj_status)) != 0 || +- (r = sshpkt_get_u32(ssh, &min_status)) != 0 || +- (r = sshpkt_get_string(ssh, &msg, NULL)) != 0 || +- (r = sshpkt_get_string(ssh, NULL, NULL)) != 0 || /* lang tag */ +- (r = sshpkt_get_end(ssh)) != 0) +- fatal("sshpkt_get failed: %s", ssh_err(r)); +- fatal("GSSAPI Error: \n%.400s", msg); +- default: +- sshpkt_disconnect(ssh, "Protocol error: didn't expect packet type %d", +- type); +- } +- token_ptr = &recv_tok; +- } else { +- /* No data, and not complete */ +- if (maj_status != GSS_S_COMPLETE) +- fatal("Not complete, and no token output"); +- } +- } while (maj_status & GSS_S_CONTINUE_NEEDED); +- + /* + * We _must_ have received a COMPLETE message in reply from the + * server, which will have set server_blob and msg_tok + */ + +- if (type != SSH2_MSG_KEXGSS_COMPLETE) +- fatal("Didn't receive a SSH2_MSG_KEXGSS_COMPLETE when I expected it"); +- + /* compute shared secret */ + switch (kex->kex_type) { + case KEX_GSS_GRP1_SHA1: + case KEX_GSS_GRP14_SHA1: + case KEX_GSS_GRP14_SHA256: + case KEX_GSS_GRP16_SHA512: +- r = kex_dh_dec(kex, server_blob, &shared_secret); ++ r = kex_dh_dec(kex, gss->server_blob, &shared_secret); + break; + case KEX_GSS_C25519_SHA256: +- if (sshbuf_ptr(server_blob)[sshbuf_len(server_blob)] & 0x80) ++ if (sshbuf_ptr(gss->server_blob)[sshbuf_len(gss->server_blob)] & 0x80) + fatal("The received key has MSB of last octet set!"); +- r = kex_c25519_dec(kex, server_blob, &shared_secret); ++ r = kex_c25519_dec(kex, gss->server_blob, &shared_secret); + break; + case KEX_GSS_NISTP256_SHA256: +- if (sshbuf_len(server_blob) != 65) +- fatal("The received NIST-P256 key did not match" +- "expected length (expected 65, got %zu)", sshbuf_len(server_blob)); ++ if (sshbuf_len(gss->server_blob) != 65) ++ fatal("The received NIST-P256 key did not match " ++ "expected length (expected 65, got %zu)", ++ sshbuf_len(gss->server_blob)); + +- if (sshbuf_ptr(server_blob)[0] != POINT_CONVERSION_UNCOMPRESSED) ++ if (sshbuf_ptr(gss->server_blob)[0] != POINT_CONVERSION_UNCOMPRESSED) + fatal("The received NIST-P256 key does not have first octet 0x04"); + +- r = kex_ecdh_dec(kex, server_blob, &shared_secret); ++ r = kex_ecdh_dec(kex, gss->server_blob, &shared_secret); + break; + default: + r = SSH_ERR_INVALID_ARGUMENT; + break; + } +- if (r != 0) ++ if (r != 0) { ++ ssh_gssapi_delete_ctx(&kex->gss); + goto out; ++ } + + if ((empty = sshbuf_new()) == NULL) { ++ ssh_gssapi_delete_ctx(&kex->gss); + r = SSH_ERR_ALLOC_FAIL; + goto out; + } + + hashlen = sizeof(hash); +- if ((r = kex_gen_hash( +- kex->hash_alg, +- kex->client_version, +- kex->server_version, +- kex->my, +- kex->peer, +- (server_host_key_blob ? server_host_key_blob : empty), +- kex->client_pub, +- server_blob, +- shared_secret, +- hash, &hashlen)) != 0) ++ r = kex_gen_hash(kex->hash_alg, kex->client_version, ++ kex->server_version, kex->my, kex->peer, ++ (gss->server_host_key_blob ? gss->server_host_key_blob : empty), ++ kex->client_pub, gss->server_blob, shared_secret, ++ hash, &hashlen); ++ sshbuf_free(empty); ++ if (r != 0) + fatal_f("Unexpected KEX type %d", kex->kex_type); + +- gssbuf.value = hash; +- gssbuf.length = hashlen; ++ gss->buf.value = hash; ++ gss->buf.length = hashlen; + + /* Verify that the hash matches the MIC we just got. */ +- if (GSS_ERROR(ssh_gssapi_checkmic(ctxt, &gssbuf, &msg_tok))) ++ if (GSS_ERROR(ssh_gssapi_checkmic(gss, &gss->buf, &gss->msg_tok))) + sshpkt_disconnect(ssh, "Hash's MIC didn't verify"); + +- gss_release_buffer(&min_status, &msg_tok); ++ gss_release_buffer(&gss->minor, &gss->msg_tok); + + if (kex->gss_deleg_creds) +- ssh_gssapi_credentials_updated(ctxt); ++ ssh_gssapi_credentials_updated(gss); + + if (gss_kex_context == NULL) +- gss_kex_context = ctxt; ++ gss_kex_context = gss; + else +- ssh_gssapi_delete_ctx(&ctxt); ++ ssh_gssapi_delete_ctx(&kex->gss); + + if ((r = kex_derive_keys(ssh, hash, hashlen, shared_secret)) == 0) + r = kex_send_newkeys(ssh); + ++ if (kex->gss != NULL) { ++ sshbuf_free(gss->server_host_key_blob); ++ gss->server_host_key_blob = NULL; ++ sshbuf_free(gss->server_blob); ++ gss->server_blob = NULL; ++ } + out: +- explicit_bzero(hash, sizeof(hash)); + explicit_bzero(kex->c25519_client_key, sizeof(kex->c25519_client_key)); +- sshbuf_free(empty); +- sshbuf_free(server_host_key_blob); +- sshbuf_free(server_blob); ++ explicit_bzero(hash, sizeof(hash)); + sshbuf_free(shared_secret); + sshbuf_free(kex->client_pub); + kex->client_pub = NULL; + return r; + } + ++static int ++kexgss_init_ctx(struct ssh *ssh, ++ gss_buffer_desc *token_ptr) ++{ ++ struct kex *kex = ssh->kex; ++ Gssctxt *gss = kex->gss; ++ gss_buffer_desc send_tok = GSS_C_EMPTY_BUFFER; ++ OM_uint32 ret_flags; ++ int r; ++ ++ debug("Calling gss_init_sec_context"); ++ ++ gss->major = ssh_gssapi_init_ctx(gss, kex->gss_deleg_creds, ++ token_ptr, &send_tok, &ret_flags); ++ ++ if (GSS_ERROR(gss->major)) { ++ /* XXX Useless code: Missing send? */ ++ if (send_tok.length != 0) { ++ if ((r = sshpkt_start(ssh, SSH2_MSG_KEXGSS_CONTINUE)) != 0 || ++ (r = sshpkt_put_string(ssh, send_tok.value, send_tok.length)) != 0) ++ fatal("sshpkt failed: %s", ssh_err(r)); ++ } ++ fatal("gss_init_context failed"); ++ } ++ ++ /* If we've got an old receive buffer get rid of it */ ++ if (token_ptr != GSS_C_NO_BUFFER) ++ gss_release_buffer(&gss->minor, token_ptr); ++ ++ if (gss->major == GSS_S_COMPLETE) { ++ /* If mutual state flag is not true, kex fails */ ++ if (!(ret_flags & GSS_C_MUTUAL_FLAG)) ++ fatal("Mutual authentication failed"); ++ ++ /* If integ avail flag is not true kex fails */ ++ if (!(ret_flags & GSS_C_INTEG_FLAG)) ++ fatal("Integrity check failed"); ++ } ++ ++ /* ++ * If we have data to send, then the last message that we ++ * received cannot have been a 'complete'. ++ */ ++ if (send_tok.length != 0) { ++ if (gss->first) { ++ if ((r = sshpkt_start(ssh, SSH2_MSG_KEXGSS_INIT)) != 0 || ++ (r = sshpkt_put_string(ssh, send_tok.value, send_tok.length)) != 0 || ++ (r = sshpkt_put_stringb(ssh, kex->client_pub)) != 0) ++ fatal("failed to construct packet: %s", ssh_err(r)); ++ gss->first = 0; ++ } else { ++ if ((r = sshpkt_start(ssh, SSH2_MSG_KEXGSS_CONTINUE)) != 0 || ++ (r = sshpkt_put_string(ssh, send_tok.value, send_tok.length)) != 0) ++ fatal("failed to construct packet: %s", ssh_err(r)); ++ } ++ if ((r = sshpkt_send(ssh)) != 0) ++ fatal("failed to send packet: %s", ssh_err(r)); ++ gss_release_buffer(&gss->minor, &send_tok); ++ ++ /* If we've sent them data, they should reply */ ++ ssh_dispatch_set(ssh, SSH2_MSG_KEXGSS_HOSTKEY, &input_kexgss_hostkey); ++ ssh_dispatch_set(ssh, SSH2_MSG_KEXGSS_CONTINUE, &input_kexgss_continue); ++ ssh_dispatch_set(ssh, SSH2_MSG_KEXGSS_COMPLETE, &input_kexgss_complete); ++ ssh_dispatch_set(ssh, SSH2_MSG_KEXGSS_ERROR, &input_kexgss_error); ++ return 0; ++ } ++ /* No data, and not complete */ ++ if (gss->major != GSS_S_COMPLETE) ++ fatal("Not complete, and no token output"); ++ ++ if (gss->major & GSS_S_CONTINUE_NEEDED) ++ return kexgss_init_ctx(ssh, token_ptr); ++ ++ return kexgss_final(ssh); ++} ++ + int +-kexgssgex_client(struct ssh *ssh) ++kexgss_client(struct ssh *ssh) + { + struct kex *kex = ssh->kex; +- gss_buffer_desc send_tok = GSS_C_EMPTY_BUFFER, +- recv_tok = GSS_C_EMPTY_BUFFER, gssbuf, +- msg_tok = GSS_C_EMPTY_BUFFER, *token_ptr; +- Gssctxt *ctxt; +- OM_uint32 maj_status, min_status, ret_flags; +- struct sshbuf *shared_secret = NULL; +- BIGNUM *p = NULL; +- BIGNUM *g = NULL; +- struct sshbuf *buf = NULL; +- struct sshbuf *server_host_key_blob = NULL; +- struct sshbuf *server_blob = NULL; +- BIGNUM *dh_server_pub = NULL; +- u_char *msg; +- int type = 0; +- int first = 1; +- u_char hash[SSH_DIGEST_MAX_LENGTH]; +- size_t hashlen; +- const BIGNUM *pub_key, *dh_p, *dh_g; +- int nbits = 0, min = DH_GRP_MIN, max = DH_GRP_MAX; +- struct sshbuf *empty = NULL; +- u_char c; + int r; + + /* Initialise our GSSAPI world */ +- ssh_gssapi_build_ctx(&ctxt); +- if (ssh_gssapi_id_kex(ctxt, kex->name, kex->kex_type) +- == GSS_C_NO_OID) ++ ssh_gssapi_build_ctx(&kex->gss); ++ if (ssh_gssapi_id_kex(kex->gss, kex->name, kex->kex_type) == GSS_C_NO_OID) + fatal("Couldn't identify host exchange"); + +- if (ssh_gssapi_import_name(ctxt, kex->gss_host)) ++ if (ssh_gssapi_import_name(kex->gss, kex->gss_host)) + fatal("Couldn't import hostname"); + + if (kex->gss_client && +- ssh_gssapi_client_identity(ctxt, kex->gss_client)) ++ ssh_gssapi_client_identity(kex->gss, kex->gss_client)) + fatal("Couldn't acquire client credentials"); + +- debug("Doing group exchange"); +- nbits = dh_estimate(kex->dh_need * 8); ++ /* Step 1 */ ++ switch (kex->kex_type) { ++ case KEX_GSS_GRP1_SHA1: ++ case KEX_GSS_GRP14_SHA1: ++ case KEX_GSS_GRP14_SHA256: ++ case KEX_GSS_GRP16_SHA512: ++ r = kex_dh_keypair(kex); ++ break; ++ case KEX_GSS_NISTP256_SHA256: ++ r = kex_ecdh_keypair(kex); ++ break; ++ case KEX_GSS_C25519_SHA256: ++ r = kex_c25519_keypair(kex); ++ break; ++ default: ++ fatal_f("Unexpected KEX type %d", kex->kex_type); ++ } ++ if (r != 0) { ++ ssh_gssapi_delete_ctx(&kex->gss); ++ return r; ++ } ++ return kexgss_init_ctx(ssh, GSS_C_NO_BUFFER); ++} + +- kex->min = DH_GRP_MIN; +- kex->max = DH_GRP_MAX; +- kex->nbits = nbits; +- if ((r = sshpkt_start(ssh, SSH2_MSG_KEXGSS_GROUPREQ)) != 0 || +- (r = sshpkt_put_u32(ssh, min)) != 0 || +- (r = sshpkt_put_u32(ssh, nbits)) != 0 || +- (r = sshpkt_put_u32(ssh, max)) != 0 || +- (r = sshpkt_send(ssh)) != 0) +- fatal("Failed to construct a packet: %s", ssh_err(r)); ++static int ++input_kexgss_hostkey(int type, ++ u_int32_t seq, ++ struct ssh *ssh) ++{ ++ Gssctxt *gss = ssh->kex->gss; ++ u_char *tmp = NULL; ++ size_t tmp_len = 0; ++ int r; ++ ++ debug("Received KEXGSS_HOSTKEY"); ++ if (gss->server_host_key_blob) ++ fatal("Server host key received more than once"); ++ if ((r = sshpkt_get_string(ssh, &tmp, &tmp_len)) != 0) ++ fatal("Failed to read server host key: %s", ssh_err(r)); ++ if ((gss->server_host_key_blob = sshbuf_from(tmp, tmp_len)) == NULL) ++ fatal("sshbuf_from failed"); ++ return 0; ++} + +- if ((r = ssh_packet_read_expect(ssh, SSH2_MSG_KEXGSS_GROUP)) != 0) +- fatal("Error: %s", ssh_err(r)); ++static int ++input_kexgss_continue(int type, ++ u_int32_t seq, ++ struct ssh *ssh) ++{ ++ Gssctxt *gss = ssh->kex->gss; ++ gss_buffer_desc recv_tok = GSS_C_EMPTY_BUFFER; ++ int r; + +- if ((r = sshpkt_get_bignum2(ssh, &p)) != 0 || +- (r = sshpkt_get_bignum2(ssh, &g)) != 0 || ++ ssh_dispatch_set(ssh, SSH2_MSG_KEXGSS_HOSTKEY, NULL); ++ ssh_dispatch_set(ssh, SSH2_MSG_KEXGSS_CONTINUE, NULL); ++ ssh_dispatch_set(ssh, SSH2_MSG_KEXGSS_COMPLETE, NULL); ++ ssh_dispatch_set(ssh, SSH2_MSG_KEXGSS_ERROR, NULL); ++ ++ debug("Received GSSAPI_CONTINUE"); ++ if (gss->major == GSS_S_COMPLETE) ++ fatal("GSSAPI Continue received from server when complete"); ++ if ((r = ssh_gssapi_sshpkt_get_buffer_desc(ssh, &recv_tok)) != 0 || + (r = sshpkt_get_end(ssh)) != 0) +- fatal("shpkt_get_bignum2 failed: %s", ssh_err(r)); ++ fatal("Failed to read token: %s", ssh_err(r)); ++ if (!(gss->major & GSS_S_CONTINUE_NEEDED)) ++ fatal("Didn't receive a SSH2_MSG_KEXGSS_COMPLETE when I expected it"); ++ return kexgss_init_ctx(ssh, &recv_tok); ++} + +- if (BN_num_bits(p) < min || BN_num_bits(p) > max) +- fatal("GSSGRP_GEX group out of range: %d !< %d !< %d", +- min, BN_num_bits(p), max); ++static int ++input_kexgss_complete(int type, ++ u_int32_t seq, ++ struct ssh *ssh) ++{ ++ Gssctxt *gss = ssh->kex->gss; ++ gss_buffer_desc recv_tok = GSS_C_EMPTY_BUFFER; ++ u_char c; ++ int r; + +- if ((kex->dh = dh_new_group(g, p)) == NULL) +- fatal("dn_new_group() failed"); +- p = g = NULL; /* belong to kex->dh now */ ++ ssh_dispatch_set(ssh, SSH2_MSG_KEXGSS_HOSTKEY, NULL); ++ ssh_dispatch_set(ssh, SSH2_MSG_KEXGSS_CONTINUE, NULL); ++ ssh_dispatch_set(ssh, SSH2_MSG_KEXGSS_COMPLETE, NULL); ++ ssh_dispatch_set(ssh, SSH2_MSG_KEXGSS_ERROR, NULL); ++ ++ debug("Received GSSAPI_COMPLETE"); ++ if (gss->msg_tok.value != NULL) ++ fatal("Received GSSAPI_COMPLETE twice?"); ++ if ((r = sshpkt_getb_froms(ssh, &gss->server_blob)) != 0 || ++ (r = ssh_gssapi_sshpkt_get_buffer_desc(ssh, &gss->msg_tok)) != 0) ++ fatal("Failed to read message: %s", ssh_err(r)); ++ ++ /* Is there a token included? */ ++ if ((r = sshpkt_get_u8(ssh, &c)) != 0) ++ fatal("sshpkt failed: %s", ssh_err(r)); ++ if (c) { ++ if ((r = ssh_gssapi_sshpkt_get_buffer_desc(ssh, &recv_tok)) != 0) ++ fatal("Failed to read token: %s", ssh_err(r)); ++ /* If we're already complete - protocol error */ ++ if (gss->major == GSS_S_COMPLETE) ++ sshpkt_disconnect(ssh, "Protocol error: received token when complete"); ++ } else { ++ if (gss->major != GSS_S_COMPLETE) ++ sshpkt_disconnect(ssh, "Protocol error: did not receive final token"); ++ } ++ if ((r = sshpkt_get_end(ssh)) != 0) ++ fatal("Expecting end of packet."); + +- if ((r = dh_gen_key(kex->dh, kex->we_need * 8)) != 0) +- goto out; +- DH_get0_key(kex->dh, &pub_key, NULL); ++ if (gss->major & GSS_S_CONTINUE_NEEDED) ++ return kexgss_init_ctx(ssh, &recv_tok); + +- token_ptr = GSS_C_NO_BUFFER; ++ return kexgss_final(ssh); ++} + +- do { +- /* Step 2 - call GSS_Init_sec_context() */ +- debug("Calling gss_init_sec_context"); +- +- maj_status = ssh_gssapi_init_ctx(ctxt, +- kex->gss_deleg_creds, token_ptr, &send_tok, +- &ret_flags); +- +- if (GSS_ERROR(maj_status)) { +- /* XXX Useles code: Missing send? */ +- if (send_tok.length != 0) { +- if ((r = sshpkt_start(ssh, +- SSH2_MSG_KEXGSS_CONTINUE)) != 0 || +- (r = sshpkt_put_string(ssh, send_tok.value, +- send_tok.length)) != 0) +- fatal("sshpkt failed: %s", ssh_err(r)); +- } +- fatal("gss_init_context failed"); +- } ++static int ++input_kexgss_error(int type, ++ u_int32_t seq, ++ struct ssh *ssh) ++{ ++ Gssctxt *gss = ssh->kex->gss; ++ u_char *msg; ++ int r; + +- /* If we've got an old receive buffer get rid of it */ +- if (token_ptr != GSS_C_NO_BUFFER) +- gss_release_buffer(&min_status, &recv_tok); +- +- if (maj_status == GSS_S_COMPLETE) { +- /* If mutual state flag is not true, kex fails */ +- if (!(ret_flags & GSS_C_MUTUAL_FLAG)) +- fatal("Mutual authentication failed"); +- +- /* If integ avail flag is not true kex fails */ +- if (!(ret_flags & GSS_C_INTEG_FLAG)) +- fatal("Integrity check failed"); +- } ++ debug("Received Error"); ++ if ((r = sshpkt_get_u32(ssh, &gss->major)) != 0 || ++ (r = sshpkt_get_u32(ssh, &gss->minor)) != 0 || ++ (r = sshpkt_get_string(ssh, &msg, NULL)) != 0 || ++ (r = sshpkt_get_string(ssh, NULL, NULL)) != 0 || /* lang tag */ ++ (r = sshpkt_get_end(ssh)) != 0) ++ fatal("sshpkt_get failed: %s", ssh_err(r)); ++ fatal("GSSAPI Error: \n%.400s", msg); ++ return 0; ++} + +- /* +- * If we have data to send, then the last message that we +- * received cannot have been a 'complete'. +- */ +- if (send_tok.length != 0) { +- if (first) { +- if ((r = sshpkt_start(ssh, SSH2_MSG_KEXGSS_INIT)) != 0 || +- (r = sshpkt_put_string(ssh, send_tok.value, +- send_tok.length)) != 0 || +- (r = sshpkt_put_bignum2(ssh, pub_key)) != 0) +- fatal("sshpkt failed: %s", ssh_err(r)); +- first = 0; +- } else { +- if ((r = sshpkt_start(ssh, SSH2_MSG_KEXGSS_CONTINUE)) != 0 || +- (r = sshpkt_put_string(ssh,send_tok.value, +- send_tok.length)) != 0) +- fatal("sshpkt failed: %s", ssh_err(r)); +- } +- if ((r = sshpkt_send(ssh)) != 0) +- fatal("sshpkt_send failed: %s", ssh_err(r)); +- gss_release_buffer(&min_status, &send_tok); +- +- /* If we've sent them data, they should reply */ +- do { +- type = ssh_packet_read(ssh); +- if (type == SSH2_MSG_KEXGSS_HOSTKEY) { +- u_char *tmp = NULL; +- size_t tmp_len = 0; +- +- debug("Received KEXGSS_HOSTKEY"); +- if (server_host_key_blob) +- fatal("Server host key received more than once"); +- if ((r = sshpkt_get_string(ssh, &tmp, &tmp_len)) != 0) +- fatal("sshpkt failed: %s", ssh_err(r)); +- if ((server_host_key_blob = sshbuf_from(tmp, tmp_len)) == NULL) +- fatal("sshbuf_from failed"); +- } +- } while (type == SSH2_MSG_KEXGSS_HOSTKEY); +- +- switch (type) { +- case SSH2_MSG_KEXGSS_CONTINUE: +- debug("Received GSSAPI_CONTINUE"); +- if (maj_status == GSS_S_COMPLETE) +- fatal("GSSAPI Continue received from server when complete"); +- if ((r = ssh_gssapi_sshpkt_get_buffer_desc(ssh, +- &recv_tok)) != 0 || +- (r = sshpkt_get_end(ssh)) != 0) +- fatal("sshpkt failed: %s", ssh_err(r)); +- break; +- case SSH2_MSG_KEXGSS_COMPLETE: +- debug("Received GSSAPI_COMPLETE"); +- if (msg_tok.value != NULL) +- fatal("Received GSSAPI_COMPLETE twice?"); +- if ((r = sshpkt_getb_froms(ssh, &server_blob)) != 0 || +- (r = ssh_gssapi_sshpkt_get_buffer_desc(ssh, +- &msg_tok)) != 0) +- fatal("sshpkt failed: %s", ssh_err(r)); +- +- /* Is there a token included? */ +- if ((r = sshpkt_get_u8(ssh, &c)) != 0) +- fatal("sshpkt failed: %s", ssh_err(r)); +- if (c) { +- if ((r = ssh_gssapi_sshpkt_get_buffer_desc( +- ssh, &recv_tok)) != 0 || +- (r = sshpkt_get_end(ssh)) != 0) +- fatal("sshpkt failed: %s", ssh_err(r)); +- /* If we're already complete - protocol error */ +- if (maj_status == GSS_S_COMPLETE) +- sshpkt_disconnect(ssh, "Protocol error: received token when complete"); +- } else { +- /* No token included */ +- if (maj_status != GSS_S_COMPLETE) +- sshpkt_disconnect(ssh, "Protocol error: did not receive final token"); +- } +- break; +- case SSH2_MSG_KEXGSS_ERROR: +- debug("Received Error"); +- if ((r = sshpkt_get_u32(ssh, &maj_status)) != 0 || +- (r = sshpkt_get_u32(ssh, &min_status)) != 0 || +- (r = sshpkt_get_string(ssh, &msg, NULL)) != 0 || +- (r = sshpkt_get_string(ssh, NULL, NULL)) != 0 || /* lang tag */ +- (r = sshpkt_get_end(ssh)) != 0) +- fatal("sshpkt failed: %s", ssh_err(r)); +- fatal("GSSAPI Error: \n%.400s", msg); +- default: +- sshpkt_disconnect(ssh, "Protocol error: didn't expect packet type %d", +- type); +- } +- token_ptr = &recv_tok; +- } else { +- /* No data, and not complete */ +- if (maj_status != GSS_S_COMPLETE) +- fatal("Not complete, and no token output"); +- } +- } while (maj_status & GSS_S_CONTINUE_NEEDED); ++/*******************************************************/ ++/******************** KEXGSSGEX ************************/ ++/*******************************************************/ ++ ++int ++kexgssgex_client(struct ssh *ssh) ++{ ++ struct kex *kex = ssh->kex; ++ int r; ++ ++ /* Initialise our GSSAPI world */ ++ ssh_gssapi_build_ctx(&kex->gss); ++ if (ssh_gssapi_id_kex(kex->gss, kex->name, kex->kex_type) == GSS_C_NO_OID) ++ fatal("Couldn't identify host exchange"); ++ ++ if (ssh_gssapi_import_name(kex->gss, kex->gss_host)) ++ fatal("Couldn't import hostname"); ++ ++ if (kex->gss_client && ++ ssh_gssapi_client_identity(kex->gss, kex->gss_client)) ++ fatal("Couldn't acquire client credentials"); ++ ++ debug("Doing group exchange"); ++ kex->min = DH_GRP_MIN; ++ kex->max = DH_GRP_MAX; ++ kex->nbits = dh_estimate(kex->dh_need * 8); ++ ++ if ((r = sshpkt_start(ssh, SSH2_MSG_KEXGSS_GROUPREQ)) != 0 || ++ (r = sshpkt_put_u32(ssh, kex->min)) != 0 || ++ (r = sshpkt_put_u32(ssh, kex->nbits)) != 0 || ++ (r = sshpkt_put_u32(ssh, kex->max)) != 0 || ++ (r = sshpkt_send(ssh)) != 0) ++ fatal("Failed to construct a packet: %s", ssh_err(r)); ++ ++ debug("Wait SSH2_MSG_KEXGSS_GROUP"); ++ ssh_dispatch_set(ssh, SSH2_MSG_KEXGSS_GROUP, &input_kexgssgex_group); ++ return 0; ++} ++ ++static int ++kexgssgex_final(struct ssh *ssh) ++{ ++ struct kex *kex = ssh->kex; ++ Gssctxt *gss = kex->gss; ++ struct sshbuf *buf = NULL; ++ struct sshbuf *empty = NULL; ++ struct sshbuf *shared_secret = NULL; ++ BIGNUM *dh_server_pub = NULL; ++ const BIGNUM *pub_key, *dh_p, *dh_g; ++ u_char hash[SSH_DIGEST_MAX_LENGTH]; ++ size_t hashlen; ++ int r; + + /* + * We _must_ have received a COMPLETE message in reply from the +- * server, which will have set dh_server_pub and msg_tok ++ * server, which will have set server_blob and msg_tok + */ + +- if (type != SSH2_MSG_KEXGSS_COMPLETE) +- fatal("Didn't receive a SSH2_MSG_KEXGSS_COMPLETE when I expected it"); +- + /* 7. C verifies that the key Q_S is valid */ + /* 8. C computes shared secret */ + if ((buf = sshbuf_new()) == NULL || +- (r = sshbuf_put_stringb(buf, server_blob)) != 0 || +- (r = sshbuf_get_bignum2(buf, &dh_server_pub)) != 0) ++ (r = sshbuf_put_stringb(buf, gss->server_blob)) != 0 || ++ (r = sshbuf_get_bignum2(buf, &dh_server_pub)) != 0) { ++ ssh_gssapi_delete_ctx(&kex->gss); + goto out; ++ } + sshbuf_free(buf); + buf = NULL; + + if ((shared_secret = sshbuf_new()) == NULL) { ++ ssh_gssapi_delete_ctx(&kex->gss); + r = SSH_ERR_ALLOC_FAIL; + goto out; + } + +- if ((r = kex_dh_compute_key(kex, dh_server_pub, shared_secret)) != 0) ++ if ((r = kex_dh_compute_key(kex, dh_server_pub, shared_secret)) != 0) { ++ ssh_gssapi_delete_ctx(&kex->gss); + goto out; ++ } ++ + if ((empty = sshbuf_new()) == NULL) { ++ ssh_gssapi_delete_ctx(&kex->gss); + r = SSH_ERR_ALLOC_FAIL; + goto out; + } + ++ DH_get0_key(kex->dh, &pub_key, NULL); + DH_get0_pqg(kex->dh, &dh_p, NULL, &dh_g); + hashlen = sizeof(hash); +- if ((r = kexgex_hash( +- kex->hash_alg, +- kex->client_version, +- kex->server_version, +- kex->my, +- kex->peer, +- (server_host_key_blob ? server_host_key_blob : empty), +- kex->min, kex->nbits, kex->max, +- dh_p, dh_g, +- pub_key, +- dh_server_pub, +- sshbuf_ptr(shared_secret), sshbuf_len(shared_secret), +- hash, &hashlen)) != 0) ++ r = kexgex_hash(kex->hash_alg, kex->client_version, ++ kex->server_version, kex->my, kex->peer, ++ (gss->server_host_key_blob ? gss->server_host_key_blob : empty), ++ kex->min, kex->nbits, kex->max, dh_p, dh_g, pub_key, ++ dh_server_pub, sshbuf_ptr(shared_secret), sshbuf_len(shared_secret), ++ hash, &hashlen); ++ sshbuf_free(empty); ++ if (r != 0) + fatal("Failed to calculate hash: %s", ssh_err(r)); + +- gssbuf.value = hash; +- gssbuf.length = hashlen; ++ gss->buf.value = hash; ++ gss->buf.length = hashlen; + + /* Verify that the hash matches the MIC we just got. */ +- if (GSS_ERROR(ssh_gssapi_checkmic(ctxt, &gssbuf, &msg_tok))) ++ if (GSS_ERROR(ssh_gssapi_checkmic(gss, &gss->buf, &gss->msg_tok))) + sshpkt_disconnect(ssh, "Hash's MIC didn't verify"); + +- gss_release_buffer(&min_status, &msg_tok); ++ gss_release_buffer(&gss->minor, &gss->msg_tok); + + if (kex->gss_deleg_creds) +- ssh_gssapi_credentials_updated(ctxt); ++ ssh_gssapi_credentials_updated(gss); + + if (gss_kex_context == NULL) +- gss_kex_context = ctxt; ++ gss_kex_context = gss; + else +- ssh_gssapi_delete_ctx(&ctxt); ++ ssh_gssapi_delete_ctx(&kex->gss); + + /* Finally derive the keys and send them */ + if ((r = kex_derive_keys(ssh, hash, hashlen, shared_secret)) == 0) + r = kex_send_newkeys(ssh); ++ ++ if (kex->gss != NULL) { ++ sshbuf_free(gss->server_host_key_blob); ++ gss->server_host_key_blob = NULL; ++ sshbuf_free(gss->server_blob); ++ gss->server_blob = NULL; ++ } + out: +- sshbuf_free(buf); +- sshbuf_free(server_blob); +- sshbuf_free(empty); + explicit_bzero(hash, sizeof(hash)); + DH_free(kex->dh); + kex->dh = NULL; + BN_clear_free(dh_server_pub); + sshbuf_free(shared_secret); +- sshbuf_free(server_host_key_blob); + return r; + } + ++static int ++kexgssgex_init_ctx(struct ssh *ssh, ++ gss_buffer_desc *token_ptr) ++{ ++ struct kex *kex = ssh->kex; ++ Gssctxt *gss = kex->gss; ++ const BIGNUM *pub_key; ++ gss_buffer_desc send_tok = GSS_C_EMPTY_BUFFER; ++ OM_uint32 ret_flags; ++ int r; ++ ++ /* Step 2 - call GSS_Init_sec_context() */ ++ debug("Calling gss_init_sec_context"); ++ ++ gss->major = ssh_gssapi_init_ctx(gss, kex->gss_deleg_creds, ++ token_ptr, &send_tok, &ret_flags); ++ ++ if (GSS_ERROR(gss->major)) { ++ /* XXX Useless code: Missing send? */ ++ if (send_tok.length != 0) { ++ if ((r = sshpkt_start(ssh, SSH2_MSG_KEXGSS_CONTINUE)) != 0 || ++ (r = sshpkt_put_string(ssh, send_tok.value, send_tok.length)) != 0) ++ fatal("sshpkt failed: %s", ssh_err(r)); ++ } ++ fatal("gss_init_context failed"); ++ } ++ ++ /* If we've got an old receive buffer get rid of it */ ++ if (token_ptr != GSS_C_NO_BUFFER) ++ gss_release_buffer(&gss->minor, token_ptr); ++ ++ if (gss->major == GSS_S_COMPLETE) { ++ /* If mutual state flag is not true, kex fails */ ++ if (!(ret_flags & GSS_C_MUTUAL_FLAG)) ++ fatal("Mutual authentication failed"); ++ ++ /* If integ avail flag is not true kex fails */ ++ if (!(ret_flags & GSS_C_INTEG_FLAG)) ++ fatal("Integrity check failed"); ++ } ++ ++ /* ++ * If we have data to send, then the last message that we ++ * received cannot have been a 'complete'. ++ */ ++ if (send_tok.length != 0) { ++ if (gss->first) { ++ DH_get0_key(kex->dh, &pub_key, NULL); ++ if ((r = sshpkt_start(ssh, SSH2_MSG_KEXGSS_INIT)) != 0 || ++ (r = sshpkt_put_string(ssh, send_tok.value, send_tok.length)) != 0 || ++ (r = sshpkt_put_bignum2(ssh, pub_key)) != 0) ++ fatal("failed to construct packet: %s", ssh_err(r)); ++ gss->first = 0; ++ } else { ++ if ((r = sshpkt_start(ssh, SSH2_MSG_KEXGSS_CONTINUE)) != 0 || ++ (r = sshpkt_put_string(ssh, send_tok.value, send_tok.length)) != 0) ++ fatal("failed to construct packet: %s", ssh_err(r)); ++ } ++ if ((r = sshpkt_send(ssh)) != 0) ++ fatal("failed to send packet: %s", ssh_err(r)); ++ gss_release_buffer(&gss->minor, &send_tok); ++ ++ /* If we've sent them data, they should reply */ ++ ssh_dispatch_set(ssh, SSH2_MSG_KEXGSS_HOSTKEY, &input_kexgss_hostkey); ++ ssh_dispatch_set(ssh, SSH2_MSG_KEXGSS_CONTINUE, &input_kexgssgex_continue); ++ ssh_dispatch_set(ssh, SSH2_MSG_KEXGSS_COMPLETE, &input_kexgssgex_complete); ++ ssh_dispatch_set(ssh, SSH2_MSG_KEXGSS_ERROR, &input_kexgss_error); ++ return 0; ++ } ++ /* No data, and not complete */ ++ if (gss->major != GSS_S_COMPLETE) ++ fatal("Not complete, and no token output"); ++ ++ if (gss->major & GSS_S_CONTINUE_NEEDED) ++ return kexgssgex_init_ctx(ssh, token_ptr); ++ ++ return kexgssgex_final(ssh); ++} ++ ++static int ++input_kexgssgex_group(int type, ++ u_int32_t seq, ++ struct ssh *ssh) ++{ ++ struct kex *kex = ssh->kex; ++ BIGNUM *p = NULL; ++ BIGNUM *g = NULL; ++ int r; ++ ++ debug("Received SSH2_MSG_KEXGSS_GROUP"); ++ ssh_dispatch_set(ssh, SSH2_MSG_KEXGSS_GROUP, NULL); ++ ++ if ((r = sshpkt_get_bignum2(ssh, &p)) != 0 || ++ (r = sshpkt_get_bignum2(ssh, &g)) != 0 || ++ (r = sshpkt_get_end(ssh)) != 0) ++ fatal("shpkt_get_bignum2 failed: %s", ssh_err(r)); ++ ++ if (BN_num_bits(p) < kex->min || BN_num_bits(p) > kex->max) ++ fatal("GSSGRP_GEX group out of range: %d !< %d !< %d", ++ kex->min, BN_num_bits(p), kex->max); ++ ++ if ((kex->dh = dh_new_group(g, p)) == NULL) ++ fatal("dn_new_group() failed"); ++ p = g = NULL; /* belong to kex->dh now */ ++ ++ if ((r = dh_gen_key(kex->dh, kex->we_need * 8)) != 0) { ++ ssh_gssapi_delete_ctx(&kex->gss); ++ DH_free(kex->dh); ++ kex->dh = NULL; ++ return r; ++ } ++ ++ return kexgssgex_init_ctx(ssh, GSS_C_NO_BUFFER); ++} ++ ++static int ++input_kexgssgex_continue(int type, ++ u_int32_t seq, ++ struct ssh *ssh) ++{ ++ Gssctxt *gss = ssh->kex->gss; ++ gss_buffer_desc recv_tok = GSS_C_EMPTY_BUFFER; ++ int r; ++ ++ ssh_dispatch_set(ssh, SSH2_MSG_KEXGSS_HOSTKEY, NULL); ++ ssh_dispatch_set(ssh, SSH2_MSG_KEXGSS_CONTINUE, NULL); ++ ssh_dispatch_set(ssh, SSH2_MSG_KEXGSS_COMPLETE, NULL); ++ ssh_dispatch_set(ssh, SSH2_MSG_KEXGSS_ERROR, NULL); ++ ++ debug("Received GSSAPI_CONTINUE"); ++ if (gss->major == GSS_S_COMPLETE) ++ fatal("GSSAPI Continue received from server when complete"); ++ if ((r = ssh_gssapi_sshpkt_get_buffer_desc(ssh, &recv_tok)) != 0 || ++ (r = sshpkt_get_end(ssh)) != 0) ++ fatal("Failed to read token: %s", ssh_err(r)); ++ if (!(gss->major & GSS_S_CONTINUE_NEEDED)) ++ fatal("Didn't receive a SSH2_MSG_KEXGSS_COMPLETE when I expected it"); ++ return kexgssgex_init_ctx(ssh, &recv_tok); ++} ++ ++static int ++input_kexgssgex_complete(int type, ++ u_int32_t seq, ++ struct ssh *ssh) ++{ ++ Gssctxt *gss = ssh->kex->gss; ++ gss_buffer_desc recv_tok = GSS_C_EMPTY_BUFFER; ++ u_char c; ++ int r; ++ ++ ssh_dispatch_set(ssh, SSH2_MSG_KEXGSS_HOSTKEY, NULL); ++ ssh_dispatch_set(ssh, SSH2_MSG_KEXGSS_CONTINUE, NULL); ++ ssh_dispatch_set(ssh, SSH2_MSG_KEXGSS_COMPLETE, NULL); ++ ssh_dispatch_set(ssh, SSH2_MSG_KEXGSS_ERROR, NULL); ++ ++ debug("Received GSSAPI_COMPLETE"); ++ if (gss->msg_tok.value != NULL) ++ fatal("Received GSSAPI_COMPLETE twice?"); ++ if ((r = sshpkt_getb_froms(ssh, &gss->server_blob)) != 0 || ++ (r = ssh_gssapi_sshpkt_get_buffer_desc(ssh, &gss->msg_tok)) != 0) ++ fatal("Failed to read message: %s", ssh_err(r)); ++ ++ /* Is there a token included? */ ++ if ((r = sshpkt_get_u8(ssh, &c)) != 0) ++ fatal("sshpkt failed: %s", ssh_err(r)); ++ if (c) { ++ if ((r = ssh_gssapi_sshpkt_get_buffer_desc(ssh, &recv_tok)) != 0) ++ fatal("Failed to read token: %s", ssh_err(r)); ++ /* If we're already complete - protocol error */ ++ if (gss->major == GSS_S_COMPLETE) ++ sshpkt_disconnect(ssh, "Protocol error: received token when complete"); ++ } else { ++ if (gss->major != GSS_S_COMPLETE) ++ sshpkt_disconnect(ssh, "Protocol error: did not receive final token"); ++ } ++ if ((r = sshpkt_get_end(ssh)) != 0) ++ fatal("Expecting end of packet."); ++ ++ if (gss->major & GSS_S_CONTINUE_NEEDED) ++ return kexgssgex_init_ctx(ssh, &recv_tok); ++ ++ return kexgssgex_final(ssh); ++} ++ + #endif /* defined(GSSAPI) && defined(WITH_OPENSSL) */ +diff --color -ruNp a/kexgsss.c b/kexgsss.c +--- a/kexgsss.c 2024-05-16 15:49:43.820407648 +0200 ++++ b/kexgsss.c 2024-07-02 16:29:05.744790839 +0200 +@@ -50,33 +50,18 @@ + + extern ServerOptions options; + ++static int input_kexgss_init(int, u_int32_t, struct ssh *); ++static int input_kexgss_continue(int, u_int32_t, struct ssh *); ++static int input_kexgssgex_groupreq(int, u_int32_t, struct ssh *); ++static int input_kexgssgex_init(int, u_int32_t, struct ssh *); ++static int input_kexgssgex_continue(int, u_int32_t, struct ssh *); ++ + int + kexgss_server(struct ssh *ssh) + { + struct kex *kex = ssh->kex; +- OM_uint32 maj_status, min_status; +- +- /* +- * Some GSSAPI implementations use the input value of ret_flags (an +- * output variable) as a means of triggering mechanism specific +- * features. Initializing it to zero avoids inadvertently +- * activating this non-standard behaviour. +- */ +- +- OM_uint32 ret_flags = 0; +- gss_buffer_desc gssbuf = {0, NULL}, recv_tok, msg_tok; +- gss_buffer_desc send_tok = GSS_C_EMPTY_BUFFER; +- Gssctxt *ctxt = NULL; +- struct sshbuf *shared_secret = NULL; +- struct sshbuf *client_pubkey = NULL; +- struct sshbuf *server_pubkey = NULL; +- struct sshbuf *empty = sshbuf_new(); +- int type = 0; + gss_OID oid; + char *mechs; +- u_char hash[SSH_DIGEST_MAX_LENGTH]; +- size_t hashlen; +- int r; + + /* Initialise GSSAPI */ + +@@ -92,135 +77,91 @@ kexgss_server(struct ssh *ssh) + debug2_f("Identifying %s", kex->name); + oid = ssh_gssapi_id_kex(NULL, kex->name, kex->kex_type); + if (oid == GSS_C_NO_OID) +- fatal("Unknown gssapi mechanism"); ++ fatal("Unknown gssapi mechanism"); + + debug2_f("Acquiring credentials"); + +- if (GSS_ERROR(PRIVSEP(ssh_gssapi_server_ctx(&ctxt, oid)))) ++ if (GSS_ERROR(PRIVSEP(ssh_gssapi_server_ctx(&kex->gss, oid)))) + fatal("Unable to acquire credentials for the server"); + +- do { +- debug("Wait SSH2_MSG_KEXGSS_INIT"); +- type = ssh_packet_read(ssh); +- switch(type) { +- case SSH2_MSG_KEXGSS_INIT: +- if (gssbuf.value != NULL) +- fatal("Received KEXGSS_INIT after initialising"); +- if ((r = ssh_gssapi_sshpkt_get_buffer_desc(ssh, +- &recv_tok)) != 0 || +- (r = sshpkt_getb_froms(ssh, &client_pubkey)) != 0 || +- (r = sshpkt_get_end(ssh)) != 0) +- fatal("sshpkt failed: %s", ssh_err(r)); ++ ssh_gssapi_build_ctx(&kex->gss); ++ if (kex->gss == NULL) ++ fatal("Unable to allocate memory for gss context"); ++ ++ ssh_dispatch_set(ssh, SSH2_MSG_KEXGSS_INIT, &input_kexgss_init); ++ ssh_dispatch_set(ssh, SSH2_MSG_KEXGSS_CONTINUE, &input_kexgss_continue); ++ debug("Wait SSH2_MSG_KEXGSS_INIT"); ++ return 0; ++} + +- switch (kex->kex_type) { +- case KEX_GSS_GRP1_SHA1: +- case KEX_GSS_GRP14_SHA1: +- case KEX_GSS_GRP14_SHA256: +- case KEX_GSS_GRP16_SHA512: +- r = kex_dh_enc(kex, client_pubkey, &server_pubkey, +- &shared_secret); +- break; +- case KEX_GSS_NISTP256_SHA256: +- r = kex_ecdh_enc(kex, client_pubkey, &server_pubkey, +- &shared_secret); +- break; +- case KEX_GSS_C25519_SHA256: +- r = kex_c25519_enc(kex, client_pubkey, &server_pubkey, +- &shared_secret); +- break; +- default: +- fatal_f("Unexpected KEX type %d", kex->kex_type); +- } +- if (r != 0) +- goto out; +- +- /* Send SSH_MSG_KEXGSS_HOSTKEY here, if we want */ +- +- /* Calculate the hash early so we can free the +- * client_pubkey, which has reference to the parent +- * buffer state->incoming_packet +- */ +- hashlen = sizeof(hash); +- if ((r = kex_gen_hash( +- kex->hash_alg, +- kex->client_version, +- kex->server_version, +- kex->peer, +- kex->my, +- empty, +- client_pubkey, +- server_pubkey, +- shared_secret, +- hash, &hashlen)) != 0) +- goto out; +- +- gssbuf.value = hash; +- gssbuf.length = hashlen; +- +- sshbuf_free(client_pubkey); +- client_pubkey = NULL; +- +- break; +- case SSH2_MSG_KEXGSS_CONTINUE: +- if ((r = ssh_gssapi_sshpkt_get_buffer_desc(ssh, +- &recv_tok)) != 0 || +- (r = sshpkt_get_end(ssh)) != 0) +- fatal("sshpkt failed: %s", ssh_err(r)); +- break; +- default: +- sshpkt_disconnect(ssh, +- "Protocol error: didn't expect packet type %d", +- type); +- } ++static inline void ++kexgss_accept_ctx(struct ssh *ssh, ++ gss_buffer_desc *recv_tok, ++ gss_buffer_desc *send_tok, ++ OM_uint32 *ret_flags) ++{ ++ Gssctxt *gss = ssh->kex->gss; ++ int r; + +- maj_status = PRIVSEP(ssh_gssapi_accept_ctx(ctxt, &recv_tok, +- &send_tok, &ret_flags)); ++ gss->major = PRIVSEP(ssh_gssapi_accept_ctx(gss, recv_tok, send_tok, ret_flags)); ++ gss_release_buffer(&gss->minor, recv_tok); + +- gss_release_buffer(&min_status, &recv_tok); ++ if (gss->major != GSS_S_COMPLETE && send_tok->length == 0) ++ fatal("Zero length token output when incomplete"); + +- if (maj_status != GSS_S_COMPLETE && send_tok.length == 0) +- fatal("Zero length token output when incomplete"); ++ if (gss->buf.value == NULL) ++ fatal("No client public key"); + +- if (gssbuf.value == NULL) +- fatal("No client public key"); ++ if (gss->major & GSS_S_CONTINUE_NEEDED) { ++ debug("Sending GSSAPI_CONTINUE"); ++ if ((r = sshpkt_start(ssh, SSH2_MSG_KEXGSS_CONTINUE)) != 0 || ++ (r = sshpkt_put_string(ssh, send_tok->value, send_tok->length)) != 0 || ++ (r = sshpkt_send(ssh)) != 0) ++ fatal("sshpkt failed: %s", ssh_err(r)); ++ gss_release_buffer(&gss->minor, send_tok); ++ } ++} + +- if (maj_status & GSS_S_CONTINUE_NEEDED) { +- debug("Sending GSSAPI_CONTINUE"); +- if ((r = sshpkt_start(ssh, SSH2_MSG_KEXGSS_CONTINUE)) != 0 || +- (r = sshpkt_put_string(ssh, send_tok.value, send_tok.length)) != 0 || +- (r = sshpkt_send(ssh)) != 0) +- fatal("sshpkt failed: %s", ssh_err(r)); +- gss_release_buffer(&min_status, &send_tok); +- } +- } while (maj_status & GSS_S_CONTINUE_NEEDED); ++static inline int ++kexgss_final(struct ssh *ssh, ++ gss_buffer_desc *send_tok, ++ OM_uint32 *ret_flags) ++{ ++ struct kex *kex = ssh->kex; ++ Gssctxt *gss = kex->gss; ++ gss_buffer_desc msg_tok; ++ int r; ++ ++ ssh_dispatch_set(ssh, SSH2_MSG_KEXGSS_INIT, NULL); ++ ssh_dispatch_set(ssh, SSH2_MSG_KEXGSS_CONTINUE, NULL); + +- if (GSS_ERROR(maj_status)) { +- if (send_tok.length > 0) { ++ if (GSS_ERROR(gss->major)) { ++ if (send_tok->length > 0) { + if ((r = sshpkt_start(ssh, SSH2_MSG_KEXGSS_CONTINUE)) != 0 || +- (r = sshpkt_put_string(ssh, send_tok.value, send_tok.length)) != 0 || ++ (r = sshpkt_put_string(ssh, send_tok->value, send_tok->length)) != 0 || + (r = sshpkt_send(ssh)) != 0) + fatal("sshpkt failed: %s", ssh_err(r)); + } + fatal("accept_ctx died"); + } + +- if (!(ret_flags & GSS_C_MUTUAL_FLAG)) ++ if (!(*ret_flags & GSS_C_MUTUAL_FLAG)) + fatal("Mutual Authentication flag wasn't set"); + +- if (!(ret_flags & GSS_C_INTEG_FLAG)) ++ if (!(*ret_flags & GSS_C_INTEG_FLAG)) + fatal("Integrity flag wasn't set"); + +- if (GSS_ERROR(PRIVSEP(ssh_gssapi_sign(ctxt, &gssbuf, &msg_tok)))) ++ if (GSS_ERROR(PRIVSEP(ssh_gssapi_sign(gss, &gss->buf, &msg_tok)))) + fatal("Couldn't get MIC"); + + if ((r = sshpkt_start(ssh, SSH2_MSG_KEXGSS_COMPLETE)) != 0 || +- (r = sshpkt_put_stringb(ssh, server_pubkey)) != 0 || ++ (r = sshpkt_put_stringb(ssh, gss->server_pubkey)) != 0 || + (r = sshpkt_put_string(ssh, msg_tok.value, msg_tok.length)) != 0) + fatal("sshpkt failed: %s", ssh_err(r)); + +- if (send_tok.length != 0) { ++ if (send_tok->length != 0) { + if ((r = sshpkt_put_u8(ssh, 1)) != 0 || /* true */ +- (r = sshpkt_put_string(ssh, send_tok.value, send_tok.length)) != 0) ++ (r = sshpkt_put_string(ssh, send_tok->value, send_tok->length)) != 0) + fatal("sshpkt failed: %s", ssh_err(r)); + } else { + if ((r = sshpkt_put_u8(ssh, 0)) != 0) /* false */ +@@ -229,59 +170,139 @@ kexgss_server(struct ssh *ssh) + if ((r = sshpkt_send(ssh)) != 0) + fatal("sshpkt_send failed: %s", ssh_err(r)); + +- gss_release_buffer(&min_status, &send_tok); +- gss_release_buffer(&min_status, &msg_tok); ++ gss_release_buffer(&gss->minor, send_tok); ++ gss_release_buffer(&gss->minor, &msg_tok); + + if (gss_kex_context == NULL) +- gss_kex_context = ctxt; ++ gss_kex_context = gss; + else +- ssh_gssapi_delete_ctx(&ctxt); ++ ssh_gssapi_delete_ctx(&kex->gss); + +- if ((r = kex_derive_keys(ssh, hash, hashlen, shared_secret)) == 0) ++ if ((r = kex_derive_keys(ssh, gss->hash, gss->hashlen, gss->shared_secret)) == 0) + r = kex_send_newkeys(ssh); + + /* If this was a rekey, then save out any delegated credentials we + * just exchanged. */ + if (options.gss_store_rekey) + ssh_gssapi_rekey_creds(); +-out: +- sshbuf_free(empty); +- explicit_bzero(hash, sizeof(hash)); +- sshbuf_free(shared_secret); +- sshbuf_free(client_pubkey); +- sshbuf_free(server_pubkey); ++ ++ if (kex->gss != NULL) { ++ explicit_bzero(gss->hash, sizeof(gss->hash)); ++ sshbuf_free(gss->shared_secret); ++ gss->shared_secret = NULL; ++ sshbuf_free(gss->server_pubkey); ++ gss->server_pubkey = NULL; ++ } + return r; + } + +-int +-kexgssgex_server(struct ssh *ssh) ++static int ++input_kexgss_init(int type, ++ u_int32_t seq, ++ struct ssh *ssh) + { + struct kex *kex = ssh->kex; +- OM_uint32 maj_status, min_status; ++ Gssctxt *gss = kex->gss; ++ struct sshbuf *empty; ++ struct sshbuf *client_pubkey = NULL; ++ gss_buffer_desc recv_tok, send_tok = GSS_C_EMPTY_BUFFER; ++ OM_uint32 ret_flags = 0; ++ int r; ++ ++ debug("SSH2_MSG_KEXGSS_INIT received"); ++ ssh_dispatch_set(ssh, SSH2_MSG_KEXGSS_INIT, NULL); + +- /* +- * Some GSSAPI implementations use the input value of ret_flags (an +- * output variable) as a means of triggering mechanism specific +- * features. Initializing it to zero avoids inadvertently +- * activating this non-standard behaviour. ++ if ((r = ssh_gssapi_sshpkt_get_buffer_desc(ssh, &recv_tok)) != 0 || ++ (r = sshpkt_getb_froms(ssh, &client_pubkey)) != 0 || ++ (r = sshpkt_get_end(ssh)) != 0) ++ fatal("sshpkt failed: %s", ssh_err(r)); ++ ++ switch (kex->kex_type) { ++ case KEX_GSS_GRP1_SHA1: ++ case KEX_GSS_GRP14_SHA1: ++ case KEX_GSS_GRP14_SHA256: ++ case KEX_GSS_GRP16_SHA512: ++ r = kex_dh_enc(kex, client_pubkey, &gss->server_pubkey, &gss->shared_secret); ++ break; ++ case KEX_GSS_NISTP256_SHA256: ++ r = kex_ecdh_enc(kex, client_pubkey, &gss->server_pubkey, &gss->shared_secret); ++ break; ++ case KEX_GSS_C25519_SHA256: ++ r = kex_c25519_enc(kex, client_pubkey, &gss->server_pubkey, &gss->shared_secret); ++ break; ++ default: ++ fatal_f("Unexpected KEX type %d", kex->kex_type); ++ } ++ if (r != 0) { ++ sshbuf_free(client_pubkey); ++ ssh_gssapi_delete_ctx(&kex->gss); ++ return r; ++ } ++ ++ /* Send SSH_MSG_KEXGSS_HOSTKEY here, if we want */ ++ ++ if ((empty = sshbuf_new()) == NULL) { ++ sshbuf_free(client_pubkey); ++ ssh_gssapi_delete_ctx(&kex->gss); ++ return SSH_ERR_ALLOC_FAIL; ++ } ++ ++ /* Calculate the hash early so we can free the ++ * client_pubkey, which has reference to the parent ++ * buffer state->incoming_packet + */ ++ gss->hashlen = sizeof(gss->hash); ++ r = kex_gen_hash(kex->hash_alg, kex->client_version, kex->server_version, ++ kex->peer, kex->my, empty, client_pubkey, gss->server_pubkey, ++ gss->shared_secret, gss->hash, &gss->hashlen); ++ sshbuf_free(empty); ++ sshbuf_free(client_pubkey); ++ if (r != 0) { ++ ssh_gssapi_delete_ctx(&kex->gss); ++ return r; ++ } ++ ++ gss->buf.value = gss->hash; ++ gss->buf.length = gss->hashlen; ++ ++ kexgss_accept_ctx(ssh, &recv_tok, &send_tok, &ret_flags); ++ if (gss->major & GSS_S_CONTINUE_NEEDED) ++ return 0; + ++ return kexgss_final(ssh, &send_tok, &ret_flags); ++} ++ ++static int ++input_kexgss_continue(int type, ++ u_int32_t seq, ++ struct ssh *ssh) ++{ ++ Gssctxt *gss = ssh->kex->gss; ++ gss_buffer_desc recv_tok, send_tok = GSS_C_EMPTY_BUFFER; + OM_uint32 ret_flags = 0; +- gss_buffer_desc gssbuf, recv_tok, msg_tok; +- gss_buffer_desc send_tok = GSS_C_EMPTY_BUFFER; +- Gssctxt *ctxt = NULL; +- struct sshbuf *shared_secret = NULL; +- int type = 0; ++ int r; ++ ++ if ((r = ssh_gssapi_sshpkt_get_buffer_desc(ssh, &recv_tok)) != 0 || ++ (r = sshpkt_get_end(ssh)) != 0) ++ fatal("sshpkt failed: %s", ssh_err(r)); ++ ++ kexgss_accept_ctx(ssh, &recv_tok, &send_tok, &ret_flags); ++ if (gss->major & GSS_S_CONTINUE_NEEDED) ++ return 0; ++ ++ return kexgss_final(ssh, &send_tok, &ret_flags); ++} ++ ++/*******************************************************/ ++/******************** KEXGSSGEX ************************/ ++/*******************************************************/ ++ ++int ++kexgssgex_server(struct ssh *ssh) ++{ ++ struct kex *kex = ssh->kex; + gss_OID oid; + char *mechs; +- u_char hash[SSH_DIGEST_MAX_LENGTH]; +- size_t hashlen; +- BIGNUM *dh_client_pub = NULL; +- const BIGNUM *pub_key, *dh_p, *dh_g; +- int min = -1, max = -1, nbits = -1; +- int cmin = -1, cmax = -1; /* client proposal */ +- struct sshbuf *empty = sshbuf_new(); +- int r; + + /* Initialise GSSAPI */ + +@@ -289,153 +310,125 @@ kexgssgex_server(struct ssh *ssh) + * in the GSSAPI code are no longer available. This kludges them back + * into life + */ +- if (!ssh_gssapi_oid_table_ok()) +- if ((mechs = ssh_gssapi_server_mechanisms())) +- free(mechs); ++ if (!ssh_gssapi_oid_table_ok()) { ++ mechs = ssh_gssapi_server_mechanisms(); ++ free(mechs); ++ } + + debug2_f("Identifying %s", kex->name); + oid = ssh_gssapi_id_kex(NULL, kex->name, kex->kex_type); + if (oid == GSS_C_NO_OID) +- fatal("Unknown gssapi mechanism"); ++ fatal("Unknown gssapi mechanism"); + + debug2_f("Acquiring credentials"); + +- if (GSS_ERROR(PRIVSEP(ssh_gssapi_server_ctx(&ctxt, oid)))) ++ if (GSS_ERROR(PRIVSEP(ssh_gssapi_server_ctx(&kex->gss, oid)))) + fatal("Unable to acquire credentials for the server"); + +- /* 5. S generates an ephemeral key pair (do the allocations early) */ +- debug("Doing group exchange"); +- ssh_packet_read_expect(ssh, SSH2_MSG_KEXGSS_GROUPREQ); +- /* store client proposal to provide valid signature */ +- if ((r = sshpkt_get_u32(ssh, &cmin)) != 0 || +- (r = sshpkt_get_u32(ssh, &nbits)) != 0 || +- (r = sshpkt_get_u32(ssh, &cmax)) != 0 || +- (r = sshpkt_get_end(ssh)) != 0) +- fatal("sshpkt failed: %s", ssh_err(r)); +- kex->nbits = nbits; +- kex->min = cmin; +- kex->max = cmax; +- min = MAX(DH_GRP_MIN, cmin); +- max = MIN(DH_GRP_MAX, cmax); +- nbits = MAXIMUM(DH_GRP_MIN, nbits); +- nbits = MINIMUM(DH_GRP_MAX, nbits); +- if (max < min || nbits < min || max < nbits) +- fatal("GSS_GEX, bad parameters: %d !< %d !< %d", +- min, nbits, max); +- kex->dh = PRIVSEP(choose_dh(min, nbits, max)); +- if (kex->dh == NULL) { +- sshpkt_disconnect(ssh, "Protocol error: no matching group found"); +- fatal("Protocol error: no matching group found"); +- } ++ ssh_gssapi_build_ctx(&kex->gss); ++ if (kex->gss == NULL) ++ fatal("Unable to allocate memory for gss context"); + +- DH_get0_pqg(kex->dh, &dh_p, NULL, &dh_g); +- if ((r = sshpkt_start(ssh, SSH2_MSG_KEXGSS_GROUP)) != 0 || +- (r = sshpkt_put_bignum2(ssh, dh_p)) != 0 || +- (r = sshpkt_put_bignum2(ssh, dh_g)) != 0 || +- (r = sshpkt_send(ssh)) != 0) +- fatal("sshpkt failed: %s", ssh_err(r)); +- +- if ((r = ssh_packet_write_wait(ssh)) != 0) +- fatal("ssh_packet_write_wait: %s", ssh_err(r)); +- +- /* Compute our exchange value in parallel with the client */ +- if ((r = dh_gen_key(kex->dh, kex->we_need * 8)) != 0) +- goto out; ++ debug("Doing group exchange"); ++ ssh_dispatch_set(ssh, SSH2_MSG_KEXGSS_GROUPREQ, &input_kexgssgex_groupreq); ++ return 0; ++} + +- do { +- debug("Wait SSH2_MSG_GSSAPI_INIT"); +- type = ssh_packet_read(ssh); +- switch(type) { +- case SSH2_MSG_KEXGSS_INIT: +- if (dh_client_pub != NULL) +- fatal("Received KEXGSS_INIT after initialising"); +- if ((r = ssh_gssapi_sshpkt_get_buffer_desc(ssh, +- &recv_tok)) != 0 || +- (r = sshpkt_get_bignum2(ssh, &dh_client_pub)) != 0 || +- (r = sshpkt_get_end(ssh)) != 0) +- fatal("sshpkt failed: %s", ssh_err(r)); ++static inline void ++kexgssgex_accept_ctx(struct ssh *ssh, ++ gss_buffer_desc *recv_tok, ++ gss_buffer_desc *send_tok, ++ OM_uint32 *ret_flags) ++{ ++ Gssctxt *gss = ssh->kex->gss; ++ int r; + +- /* Send SSH_MSG_KEXGSS_HOSTKEY here, if we want */ +- break; +- case SSH2_MSG_KEXGSS_CONTINUE: +- if ((r = ssh_gssapi_sshpkt_get_buffer_desc(ssh, +- &recv_tok)) != 0 || +- (r = sshpkt_get_end(ssh)) != 0) +- fatal("sshpkt failed: %s", ssh_err(r)); +- break; +- default: +- sshpkt_disconnect(ssh, +- "Protocol error: didn't expect packet type %d", +- type); +- } ++ gss->major = PRIVSEP(ssh_gssapi_accept_ctx(gss, recv_tok, send_tok, ret_flags)); ++ gss_release_buffer(&gss->minor, recv_tok); + +- maj_status = PRIVSEP(ssh_gssapi_accept_ctx(ctxt, &recv_tok, +- &send_tok, &ret_flags)); ++ if (gss->major != GSS_S_COMPLETE && send_tok->length == 0) ++ fatal("Zero length token output when incomplete"); + +- gss_release_buffer(&min_status, &recv_tok); ++ if (gss->dh_client_pub == NULL) ++ fatal("No client public key"); + +- if (maj_status != GSS_S_COMPLETE && send_tok.length == 0) +- fatal("Zero length token output when incomplete"); ++ if (gss->major & GSS_S_CONTINUE_NEEDED) { ++ debug("Sending GSSAPI_CONTINUE"); ++ if ((r = sshpkt_start(ssh, SSH2_MSG_KEXGSS_CONTINUE)) != 0 || ++ (r = sshpkt_put_string(ssh, send_tok->value, send_tok->length)) != 0 || ++ (r = sshpkt_send(ssh)) != 0) ++ fatal("sshpkt failed: %s", ssh_err(r)); ++ gss_release_buffer(&gss->minor, send_tok); ++ } ++} + +- if (dh_client_pub == NULL) +- fatal("No client public key"); ++static inline int ++kexgssgex_final(struct ssh *ssh, ++ gss_buffer_desc *send_tok, ++ OM_uint32 *ret_flags) ++{ ++ struct kex *kex = ssh->kex; ++ Gssctxt *gss = kex->gss; ++ gss_buffer_desc msg_tok; ++ u_char hash[SSH_DIGEST_MAX_LENGTH]; ++ size_t hashlen; ++ const BIGNUM *pub_key, *dh_p, *dh_g; ++ struct sshbuf *shared_secret = NULL; ++ struct sshbuf *empty = NULL; ++ int r; + +- if (maj_status & GSS_S_CONTINUE_NEEDED) { +- debug("Sending GSSAPI_CONTINUE"); +- if ((r = sshpkt_start(ssh, SSH2_MSG_KEXGSS_CONTINUE)) != 0 || +- (r = sshpkt_put_string(ssh, send_tok.value, send_tok.length)) != 0 || +- (r = sshpkt_send(ssh)) != 0) +- fatal("sshpkt failed: %s", ssh_err(r)); +- gss_release_buffer(&min_status, &send_tok); +- } +- } while (maj_status & GSS_S_CONTINUE_NEEDED); ++ ssh_dispatch_set(ssh, SSH2_MSG_KEXGSS_INIT, NULL); ++ ssh_dispatch_set(ssh, SSH2_MSG_KEXGSS_CONTINUE, NULL); + +- if (GSS_ERROR(maj_status)) { +- if (send_tok.length > 0) { ++ if (GSS_ERROR(gss->major)) { ++ if (send_tok->length > 0) { + if ((r = sshpkt_start(ssh, SSH2_MSG_KEXGSS_CONTINUE)) != 0 || +- (r = sshpkt_put_string(ssh, send_tok.value, send_tok.length)) != 0 || ++ (r = sshpkt_put_string(ssh, send_tok->value, send_tok->length)) != 0 || + (r = sshpkt_send(ssh)) != 0) + fatal("sshpkt failed: %s", ssh_err(r)); + } + fatal("accept_ctx died"); + } + +- if (!(ret_flags & GSS_C_MUTUAL_FLAG)) ++ if (!(*ret_flags & GSS_C_MUTUAL_FLAG)) + fatal("Mutual Authentication flag wasn't set"); + +- if (!(ret_flags & GSS_C_INTEG_FLAG)) ++ if (!(*ret_flags & GSS_C_INTEG_FLAG)) + fatal("Integrity flag wasn't set"); + + /* calculate shared secret */ +- if ((shared_secret = sshbuf_new()) == NULL) { ++ shared_secret = sshbuf_new(); ++ if (shared_secret == NULL) { ++ ssh_gssapi_delete_ctx(&kex->gss); + r = SSH_ERR_ALLOC_FAIL; + goto out; + } +- if ((r = kex_dh_compute_key(kex, dh_client_pub, shared_secret)) != 0) ++ if ((r = kex_dh_compute_key(kex, gss->dh_client_pub, shared_secret)) != 0) { ++ ssh_gssapi_delete_ctx(&kex->gss); + goto out; ++ } ++ ++ if ((empty = sshbuf_new()) == NULL) { ++ ssh_gssapi_delete_ctx(&kex->gss); ++ r = SSH_ERR_ALLOC_FAIL; ++ goto out; ++ } + + DH_get0_key(kex->dh, &pub_key, NULL); + DH_get0_pqg(kex->dh, &dh_p, NULL, &dh_g); + hashlen = sizeof(hash); +- if ((r = kexgex_hash( +- kex->hash_alg, +- kex->client_version, +- kex->server_version, +- kex->peer, +- kex->my, +- empty, +- cmin, nbits, cmax, +- dh_p, dh_g, +- dh_client_pub, +- pub_key, +- sshbuf_ptr(shared_secret), sshbuf_len(shared_secret), +- hash, &hashlen)) != 0) ++ r = kexgex_hash(kex->hash_alg, kex->client_version, kex->server_version, ++ kex->peer, kex->my, empty, kex->min, kex->nbits, kex->max, dh_p, dh_g, ++ gss->dh_client_pub, pub_key, sshbuf_ptr(shared_secret), ++ sshbuf_len(shared_secret), hash, &hashlen); ++ sshbuf_free(empty); ++ if (r != 0) + fatal("kexgex_hash failed: %s", ssh_err(r)); + +- gssbuf.value = hash; +- gssbuf.length = hashlen; ++ gss->buf.value = hash; ++ gss->buf.length = hashlen; + +- if (GSS_ERROR(PRIVSEP(ssh_gssapi_sign(ctxt, &gssbuf, &msg_tok)))) ++ if (GSS_ERROR(PRIVSEP(ssh_gssapi_sign(gss, &gss->buf, &msg_tok)))) + fatal("Couldn't get MIC"); + + if ((r = sshpkt_start(ssh, SSH2_MSG_KEXGSS_COMPLETE)) != 0 || +@@ -443,24 +436,24 @@ kexgssgex_server(struct ssh *ssh) + (r = sshpkt_put_string(ssh, msg_tok.value, msg_tok.length)) != 0) + fatal("sshpkt failed: %s", ssh_err(r)); + +- if (send_tok.length != 0) { ++ if (send_tok->length != 0) { + if ((r = sshpkt_put_u8(ssh, 1)) != 0 || /* true */ +- (r = sshpkt_put_string(ssh, send_tok.value, send_tok.length)) != 0) ++ (r = sshpkt_put_string(ssh, send_tok->value, send_tok->length)) != 0) + fatal("sshpkt failed: %s", ssh_err(r)); + } else { + if ((r = sshpkt_put_u8(ssh, 0)) != 0) /* false */ + fatal("sshpkt failed: %s", ssh_err(r)); + } + if ((r = sshpkt_send(ssh)) != 0) +- fatal("sshpkt failed: %s", ssh_err(r)); ++ fatal("sshpkt_send failed: %s", ssh_err(r)); + +- gss_release_buffer(&min_status, &send_tok); +- gss_release_buffer(&min_status, &msg_tok); ++ gss_release_buffer(&gss->minor, send_tok); ++ gss_release_buffer(&gss->minor, &msg_tok); + + if (gss_kex_context == NULL) +- gss_kex_context = ctxt; ++ gss_kex_context = gss; + else +- ssh_gssapi_delete_ctx(&ctxt); ++ ssh_gssapi_delete_ctx(&kex->gss); + + /* Finally derive the keys and send them */ + if ((r = kex_derive_keys(ssh, hash, hashlen, shared_secret)) == 0) +@@ -470,13 +463,128 @@ kexgssgex_server(struct ssh *ssh) + * just exchanged. */ + if (options.gss_store_rekey) + ssh_gssapi_rekey_creds(); ++ ++ if (kex->gss != NULL) ++ BN_clear_free(gss->dh_client_pub); ++ + out: +- sshbuf_free(empty); + explicit_bzero(hash, sizeof(hash)); + DH_free(kex->dh); + kex->dh = NULL; +- BN_clear_free(dh_client_pub); + sshbuf_free(shared_secret); + return r; + } ++ ++static int ++input_kexgssgex_groupreq(int type, ++ u_int32_t seq, ++ struct ssh *ssh) ++{ ++ struct kex *kex = ssh->kex; ++ const BIGNUM *dh_p, *dh_g; ++ int min = -1, max = -1, nbits = -1; ++ int cmin = -1, cmax = -1; /* client proposal */ ++ int r; ++ ++ /* 5. S generates an ephemeral key pair (do the allocations early) */ ++ ++ debug("SSH2_MSG_KEXGSS_GROUPREQ received"); ++ ssh_dispatch_set(ssh, SSH2_MSG_KEXGSS_GROUPREQ, NULL); ++ ++ /* store client proposal to provide valid signature */ ++ if ((r = sshpkt_get_u32(ssh, &cmin)) != 0 || ++ (r = sshpkt_get_u32(ssh, &nbits)) != 0 || ++ (r = sshpkt_get_u32(ssh, &cmax)) != 0 || ++ (r = sshpkt_get_end(ssh)) != 0) ++ fatal("sshpkt failed: %s", ssh_err(r)); ++ ++ kex->nbits = nbits; ++ kex->min = cmin; ++ kex->max = cmax; ++ min = MAX(DH_GRP_MIN, cmin); ++ max = MIN(DH_GRP_MAX, cmax); ++ nbits = MAXIMUM(DH_GRP_MIN, nbits); ++ nbits = MINIMUM(DH_GRP_MAX, nbits); ++ ++ if (max < min || nbits < min || max < nbits) ++ fatal("GSS_GEX, bad parameters: %d !< %d !< %d", min, nbits, max); ++ ++ kex->dh = PRIVSEP(choose_dh(min, nbits, max)); ++ if (kex->dh == NULL) { ++ sshpkt_disconnect(ssh, "Protocol error: no matching group found"); ++ fatal("Protocol error: no matching group found"); ++ } ++ ++ DH_get0_pqg(kex->dh, &dh_p, NULL, &dh_g); ++ if ((r = sshpkt_start(ssh, SSH2_MSG_KEXGSS_GROUP)) != 0 || ++ (r = sshpkt_put_bignum2(ssh, dh_p)) != 0 || ++ (r = sshpkt_put_bignum2(ssh, dh_g)) != 0 || ++ (r = sshpkt_send(ssh)) != 0) ++ fatal("sshpkt failed: %s", ssh_err(r)); ++ ++ if ((r = ssh_packet_write_wait(ssh)) != 0) ++ fatal("ssh_packet_write_wait: %s", ssh_err(r)); ++ ++ /* Compute our exchange value in parallel with the client */ ++ if ((r = dh_gen_key(kex->dh, kex->we_need * 8)) != 0) { ++ ssh_gssapi_delete_ctx(&kex->gss); ++ DH_free(kex->dh); ++ kex->dh = NULL; ++ return r; ++ } ++ ++ ssh_dispatch_set(ssh, SSH2_MSG_KEXGSS_INIT, &input_kexgssgex_init); ++ ssh_dispatch_set(ssh, SSH2_MSG_KEXGSS_CONTINUE, &input_kexgssgex_continue); ++ debug("Wait SSH2_MSG_KEXGSS_INIT"); ++ return 0; ++} ++ ++static int ++input_kexgssgex_init(int type, ++ u_int32_t seq, ++ struct ssh *ssh) ++{ ++ Gssctxt *gss = ssh->kex->gss; ++ gss_buffer_desc recv_tok, send_tok = GSS_C_EMPTY_BUFFER; ++ OM_uint32 ret_flags = 0; ++ int r; ++ ++ debug("SSH2_MSG_KEXGSS_INIT received"); ++ ssh_dispatch_set(ssh, SSH2_MSG_KEXGSS_INIT, NULL); ++ ++ if ((r = ssh_gssapi_sshpkt_get_buffer_desc(ssh, &recv_tok)) != 0 || ++ (r = sshpkt_get_bignum2(ssh, &gss->dh_client_pub)) != 0 || ++ (r = sshpkt_get_end(ssh)) != 0) ++ fatal("sshpkt failed: %s", ssh_err(r)); ++ ++ /* Send SSH_MSG_KEXGSS_HOSTKEY here, if we want */ ++ ++ kexgssgex_accept_ctx(ssh, &recv_tok, &send_tok, &ret_flags); ++ if (gss->major & GSS_S_CONTINUE_NEEDED) ++ return 0; ++ ++ return kexgssgex_final(ssh, &send_tok, &ret_flags); ++} ++ ++static int ++input_kexgssgex_continue(int type, ++ u_int32_t seq, ++ struct ssh *ssh) ++{ ++ Gssctxt *gss = ssh->kex->gss; ++ gss_buffer_desc recv_tok, send_tok = GSS_C_EMPTY_BUFFER; ++ OM_uint32 ret_flags = 0; ++ int r; ++ ++ if ((r = ssh_gssapi_sshpkt_get_buffer_desc(ssh, &recv_tok)) != 0 || ++ (r = sshpkt_get_end(ssh)) != 0) ++ fatal("sshpkt failed: %s", ssh_err(r)); ++ ++ kexgssgex_accept_ctx(ssh, &recv_tok, &send_tok, &ret_flags); ++ if (gss->major & GSS_S_CONTINUE_NEEDED) ++ return 0; ++ ++ return kexgssgex_final(ssh, &send_tok, &ret_flags); ++} ++ + #endif /* defined(GSSAPI) && defined(WITH_OPENSSL) */ +diff --color -ruNp a/kex.h b/kex.h +--- a/kex.h 2024-05-16 15:49:43.986410812 +0200 ++++ b/kex.h 2024-06-18 12:19:48.580347469 +0200 +@@ -29,6 +29,10 @@ + #include "mac.h" + #include "crypto_api.h" + ++#ifdef GSSAPI ++# include "ssh-gss.h" /* Gssctxt */ ++#endif ++ + #ifdef WITH_OPENSSL + # include + # include +@@ -177,6 +181,7 @@ struct kex { + int hash_alg; + int ec_nid; + #ifdef GSSAPI ++ Gssctxt *gss; + int gss_deleg_creds; + int gss_trust_dns; + char *gss_host; +diff --color -ruNp a/ssh-gss.h b/ssh-gss.h +--- a/ssh-gss.h 2024-05-16 15:49:43.837407972 +0200 ++++ b/ssh-gss.h 2024-06-27 14:12:48.659866937 +0200 +@@ -88,6 +88,8 @@ extern char **k5users_allowed_cmds; + KEX_GSS_GRP14_SHA1_ID "," \ + KEX_GSS_GEX_SHA1_ID + ++#include "digest.h" /* SSH_DIGEST_MAX_LENGTH */ ++ + typedef struct { + char *filename; + char *envvar; +@@ -127,6 +129,16 @@ typedef struct { + gss_cred_id_t creds; /* server */ + gss_name_t client; /* server */ + gss_cred_id_t client_creds; /* both */ ++ struct sshbuf *shared_secret; /* both */ ++ struct sshbuf *server_pubkey; /* server */ ++ struct sshbuf *server_blob; /* client */ ++ struct sshbuf *server_host_key_blob; /* client */ ++ gss_buffer_desc msg_tok; /* client */ ++ gss_buffer_desc buf; /* both */ ++ u_char hash[SSH_DIGEST_MAX_LENGTH]; /* both */ ++ size_t hashlen; /* both */ ++ int first; /* client */ ++ BIGNUM *dh_client_pub; /* server (gex) */ + } Gssctxt; + + extern ssh_gssapi_mech *supported_mechs[]; diff --git a/openssh-9.6p1-pam-rhost.patch b/openssh-9.6p1-pam-rhost.patch new file mode 100644 index 0000000..b1b0d04 --- /dev/null +++ b/openssh-9.6p1-pam-rhost.patch @@ -0,0 +1,32 @@ +From 26f366e263e575c4e1a18e2e64ba418f58878b37 Mon Sep 17 00:00:00 2001 +From: Daan De Meyer +Date: Mon, 20 Mar 2023 20:22:14 +0100 +Subject: [PATCH] Only set PAM_RHOST if the remote host is not "UNKNOWN" + +When using sshd's -i option with stdio that is not a AF_INET/AF_INET6 +socket, auth_get_canonical_hostname() returns "UNKNOWN" which is then +set as the value of PAM_RHOST, causing pam to try to do a reverse DNS +query of "UNKNOWN", which times out multiple times, causing a +substantial slowdown when logging in. + +To fix this, let's only set PAM_RHOST if the hostname is not "UNKNOWN". +--- + auth-pam.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/auth-pam.c b/auth-pam.c +index e143304e3..39b4e4563 100644 +--- a/auth-pam.c ++++ b/auth-pam.c +@@ -735,7 +735,7 @@ sshpam_init(struct ssh *ssh, Authctxt *authctxt) + sshpam_laddr = get_local_ipaddr( + ssh_packet_get_connection_in(ssh)); + } +- if (sshpam_rhost != NULL) { ++ if (sshpam_rhost != NULL && strcmp(sshpam_rhost, "UNKNOWN") != 0) { + debug("PAM: setting PAM_RHOST to \"%s\"", sshpam_rhost); + sshpam_err = pam_set_item(sshpam_handle, PAM_RHOST, + sshpam_rhost); +-- +2.44.0 + diff --git a/openssh-9.8p1-systemd.patch b/openssh-9.8p1-systemd.patch new file mode 100644 index 0000000..b20624e --- /dev/null +++ b/openssh-9.8p1-systemd.patch @@ -0,0 +1,201 @@ +diff --git a/configure.ac b/configure.ac +index 379cd746b..15e2ecdb7 100644 +--- a/configure.ac ++++ b/configure.ac +@@ -907,6 +907,7 @@ int main(void) { if (NSVersionOfRunTimeLibrary("System") >= (60 << 16)) + AC_DEFINE([_PATH_BTMP], ["/var/log/btmp"], [log for bad login attempts]) + AC_DEFINE([USE_BTMP]) + AC_DEFINE([LINUX_OOM_ADJUST], [1], [Adjust Linux out-of-memory killer]) ++ AC_DEFINE([SYSTEMD_NOTIFY], [1], [Have sshd notify systemd on start/reload]) + inet6_default_4in6=yes + case `uname -r` in + 1.*|2.0.*) +diff --git a/openbsd-compat/port-linux.c b/openbsd-compat/port-linux.c +index 0457e28d0..df7290246 100644 +--- a/openbsd-compat/port-linux.c ++++ b/openbsd-compat/port-linux.c +@@ -21,16 +21,23 @@ + + #include "includes.h" + +-#if defined(WITH_SELINUX) || defined(LINUX_OOM_ADJUST) ++#if defined(WITH_SELINUX) || defined(LINUX_OOM_ADJUST) || \ ++ defined(SYSTEMD_NOTIFY) ++#include ++#include ++ + #include ++#include + #include + #include + #include + #include ++#include + + #include "log.h" + #include "xmalloc.h" + #include "port-linux.h" ++#include "misc.h" + + #ifdef WITH_SELINUX + #include +@@ -310,4 +317,90 @@ oom_adjust_restore(void) + return; + } + #endif /* LINUX_OOM_ADJUST */ +-#endif /* WITH_SELINUX || LINUX_OOM_ADJUST */ ++ ++#ifdef SYSTEMD_NOTIFY ++ ++static void ssh_systemd_notify(const char *, ...) ++ __attribute__((__format__ (printf, 1, 2))) __attribute__((__nonnull__ (1))); ++ ++static void ++ssh_systemd_notify(const char *fmt, ...) ++{ ++ char *s = NULL; ++ const char *path; ++ struct stat sb; ++ struct sockaddr_un addr; ++ int fd = -1; ++ va_list ap; ++ ++ if ((path = getenv("NOTIFY_SOCKET")) == NULL || strlen(path) == 0) ++ return; ++ ++ va_start(ap, fmt); ++ xvasprintf(&s, fmt, ap); ++ va_end(ap); ++ ++ /* Only AF_UNIX is supported, with path or abstract sockets */ ++ if (path[0] != '/' && path[0] != '@') { ++ error_f("socket \"%s\" is not compatible with AF_UNIX", path); ++ goto out; ++ } ++ ++ if (path[0] == '/' && stat(path, &sb) != 0) { ++ error_f("socket \"%s\" stat: %s", path, strerror(errno)); ++ goto out; ++ } ++ ++ memset(&addr, 0, sizeof(addr)); ++ addr.sun_family = AF_UNIX; ++ if (strlcpy(addr.sun_path, path, ++ sizeof(addr.sun_path)) >= sizeof(addr.sun_path)) { ++ error_f("socket path \"%s\" too long", path); ++ goto out; ++ } ++ /* Support for abstract socket */ ++ if (addr.sun_path[0] == '@') ++ addr.sun_path[0] = 0; ++ if ((fd = socket(PF_UNIX, SOCK_DGRAM, 0)) == -1) { ++ error_f("socket \"%s\": %s", path, strerror(errno)); ++ goto out; ++ } ++ if (connect(fd, &addr, sizeof(addr)) != 0) { ++ error_f("socket \"%s\" connect: %s", path, strerror(errno)); ++ goto out; ++ } ++ if (write(fd, s, strlen(s)) != (ssize_t)strlen(s)) { ++ error_f("socket \"%s\" write: %s", path, strerror(errno)); ++ goto out; ++ } ++ debug_f("socket \"%s\" notified %s", path, s); ++ out: ++ if (fd != -1) ++ close(fd); ++ free(s); ++} ++ ++void ++ssh_systemd_notify_ready(void) ++{ ++ ssh_systemd_notify("READY=1"); ++} ++ ++void ++ssh_systemd_notify_reload(void) ++{ ++ struct timespec now; ++ ++ monotime_ts(&now); ++ if (now.tv_sec < 0 || now.tv_nsec < 0) { ++ error_f("monotime returned negative value"); ++ ssh_systemd_notify("RELOADING=1"); ++ } else { ++ ssh_systemd_notify("RELOADING=1\nMONOTONIC_USEC=%llu", ++ ((uint64_t)now.tv_sec * 1000000ULL) + ++ ((uint64_t)now.tv_nsec / 1000ULL)); ++ } ++} ++#endif /* SYSTEMD_NOTIFY */ ++ ++#endif /* WITH_SELINUX || LINUX_OOM_ADJUST || SYSTEMD_NOTIFY */ +diff --git a/openbsd-compat/port-linux.h b/openbsd-compat/port-linux.h +index 3c22a854d..14064f87d 100644 +--- a/openbsd-compat/port-linux.h ++++ b/openbsd-compat/port-linux.h +@@ -30,4 +30,9 @@ void oom_adjust_restore(void); + void oom_adjust_setup(void); + #endif + ++#ifdef SYSTEMD_NOTIFY ++void ssh_systemd_notify_ready(void); ++void ssh_systemd_notify_reload(void); ++#endif ++ + #endif /* ! _PORT_LINUX_H */ +diff --git a/platform.c b/platform.c +index 4fe8744ee..9cf818153 100644 +--- a/platform.c ++++ b/platform.c +@@ -44,6 +44,14 @@ platform_pre_listen(void) + #endif + } + ++void ++platform_post_listen(void) ++{ ++#ifdef SYSTEMD_NOTIFY ++ ssh_systemd_notify_ready(); ++#endif ++} ++ + void + platform_pre_fork(void) + { +@@ -55,6 +63,9 @@ platform_pre_fork(void) + void + platform_pre_restart(void) + { ++#ifdef SYSTEMD_NOTIFY ++ ssh_systemd_notify_reload(); ++#endif + #ifdef LINUX_OOM_ADJUST + oom_adjust_restore(); + #endif +diff --git a/platform.h b/platform.h +index 7fef8c983..5dec23276 100644 +--- a/platform.h ++++ b/platform.h +@@ -21,6 +21,7 @@ + void platform_pre_listen(void); + void platform_pre_fork(void); + void platform_pre_restart(void); ++void platform_post_listen(void); + void platform_post_fork_parent(pid_t child_pid); + void platform_post_fork_child(void); + int platform_privileged_uidswap(void); +diff --git a/sshd.c b/sshd.c +index 9cbe92293..3c3f2dd6b 100644 +--- a/sshd.c ++++ b/sshd.c +@@ -2077,6 +2077,8 @@ main(int ac, char **av) + ssh_signal(SIGTERM, sigterm_handler); + ssh_signal(SIGQUIT, sigterm_handler); + ++ platform_post_listen(); ++ + /* + * Write out the pid file after the sigterm handler + * is setup and the listen sockets are bound From 85175e1ba24c44e574e669be2f0293e779c0e464 Mon Sep 17 00:00:00 2001 From: Mattias Ellert Date: Wed, 10 Jul 2024 21:31:40 +0200 Subject: [PATCH 26/44] Fix s390x compilation --- openssh-9.6p1-hpn-18.3.1.patch | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/openssh-9.6p1-hpn-18.3.1.patch b/openssh-9.6p1-hpn-18.3.1.patch index e9a43f8..e50801b 100644 --- a/openssh-9.6p1-hpn-18.3.1.patch +++ b/openssh-9.6p1-hpn-18.3.1.patch @@ -13533,7 +13533,7 @@ diff -Nur openssh-9.6p1.orig/umac.c openssh-9.6p1/umac.c + return (v); +} + -+#if (! __LITTLE_ENDIAN__) /* compile time warning thrown otherwise */ ++#if 0 /* compile time warning thrown otherwise */ +static __attribute__((__bounded__(__minbytes__, 1, 4))); +void umac_put_u32_le(void *vp, u_int32_t v) +{ From 0c7244d48fd3fc287530cb313800f5c7973b2df2 Mon Sep 17 00:00:00 2001 From: Mattias Ellert Date: Fri, 12 Jul 2024 20:31:20 +0200 Subject: [PATCH 27/44] Add scp and hpnscp symlinks in gsisshd's path --- gsi-openssh.spec | 33 +++++++++++++++++++------- openssh-9.6p1-hpn-18.3.1.patch | 43 +++++++++++++++++----------------- 2 files changed, 45 insertions(+), 31 deletions(-) diff --git a/gsi-openssh.spec b/gsi-openssh.spec index 70a279f..ff165b1 100644 --- a/gsi-openssh.spec +++ b/gsi-openssh.spec @@ -24,7 +24,7 @@ %global libedit 1 %global openssh_ver 9.6p1 -%global openssh_rel 2 +%global openssh_rel 3 Summary: An implementation of the SSH protocol with GSI authentication Name: gsi-openssh @@ -250,6 +250,8 @@ Requires(pre): /usr/sbin/useradd Requires: pam >= 1.0.1-3 Requires: crypto-policies >= 20220824-1 %{?systemd_requires} +Requires(pre): policycoreutils-python-utils +Requires(postun): policycoreutils-python-utils %description SSH (Secure SHell) is a program for logging into and executing @@ -397,8 +399,8 @@ fi --sysconfdir=%{_sysconfdir}/gsissh \ --libexecdir=%{_libexecdir}/gsissh \ --datadir=%{_datadir}/gsissh \ - --with-default-path=/usr/local/bin:/usr/bin:/usr/local/sbin:/usr/sbin \ - --with-superuser-path=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin \ + --with-default-path=%{_libexecdir}/gsissh/bin:/usr/local/bin:/usr/bin:/usr/local/sbin:/usr/sbin \ + --with-superuser-path=%{_libexecdir}/gsissh/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin \ --with-privsep-path=%{_datadir}/empty.sshd \ --disable-strip \ --without-zlib-version-check \ @@ -472,12 +474,10 @@ rm $RPM_BUILD_ROOT%{_bindir}/ssh-agent rm $RPM_BUILD_ROOT%{_bindir}/ssh-keyscan rm $RPM_BUILD_ROOT%{_libexecdir}/gsissh/ssh-keycat rm $RPM_BUILD_ROOT%{_libexecdir}/gsissh/ssh-pkcs11-helper -rm $RPM_BUILD_ROOT%{_libexecdir}/gsissh/ssh-sk-helper rm $RPM_BUILD_ROOT%{_mandir}/man1/ssh-add.1* rm $RPM_BUILD_ROOT%{_mandir}/man1/ssh-agent.1* rm $RPM_BUILD_ROOT%{_mandir}/man1/ssh-keyscan.1* rm $RPM_BUILD_ROOT%{_mandir}/man8/ssh-pkcs11-helper.8* -rm $RPM_BUILD_ROOT%{_mandir}/man8/ssh-sk-helper.8* for f in $RPM_BUILD_ROOT%{_bindir}/* \ $RPM_BUILD_ROOT%{_sbindir}/* \ @@ -485,13 +485,18 @@ for f in $RPM_BUILD_ROOT%{_bindir}/* \ mv $f `dirname $f`/gsi`basename $f` done -# Add symlink with alternative name for scp binary -ln -s gsiscp $RPM_BUILD_ROOT%{_bindir}/hpnscp +# Add scp and hpnscp symlinks in gsisshd's path +mkdir $RPM_BUILD_ROOT%{_libexecdir}/gsissh/bin +ln -nrs $RPM_BUILD_ROOT%{_bindir}/gsiscp \ + $RPM_BUILD_ROOT%{_libexecdir}/gsissh/bin/scp +ln -nrs $RPM_BUILD_ROOT%{_bindir}/gsiscp \ + $RPM_BUILD_ROOT%{_libexecdir}/gsissh/bin/hpnscp perl -pi -e "s|$RPM_BUILD_ROOT||g" $RPM_BUILD_ROOT%{_mandir}/man*/* %pre server %sysusers_create_compat %{SOURCE19} +semanage port -a -t ssh_port_t -p tcp 2222 2>/dev/null || : %post server if [ $1 -gt 1 ]; then @@ -509,6 +514,9 @@ fi %postun server %systemd_postun_with_restart gsisshd.service +if [ $1 -eq 0 ]; then + semanage port -d -t ssh_port_t -p tcp 2222 2>/dev/null || : +fi %files %license LICENCE @@ -518,21 +526,25 @@ fi %attr(0755,root,root) %{_bindir}/gsissh-keygen %attr(0644,root,root) %{_mandir}/man1/gsissh-keygen.1* %attr(0755,root,root) %dir %{_libexecdir}/gsissh -%attr(4755,root,root) %{_libexecdir}/gsissh/ssh-keysign +%attr(4555,root,root) %{_libexecdir}/gsissh/ssh-keysign %attr(0644,root,root) %{_mandir}/man8/gsissh-keysign.8* %files clients %attr(0755,root,root) %{_bindir}/gsissh %attr(0644,root,root) %{_mandir}/man1/gsissh.1* %attr(0755,root,root) %{_bindir}/gsiscp -%{_bindir}/hpnscp %attr(0644,root,root) %{_mandir}/man1/gsiscp.1* %attr(0644,root,root) %config(noreplace) %{_sysconfdir}/gsissh/ssh_config %dir %attr(0755,root,root) %{_sysconfdir}/gsissh/ssh_config.d/ %attr(0644,root,root) %config(noreplace) %{_sysconfdir}/gsissh/ssh_config.d/50-redhat.conf %attr(0644,root,root) %{_mandir}/man5/gsissh_config.5* %attr(0755,root,root) %{_bindir}/gsisftp +%attr(0755,root,root) %{_libexecdir}/gsissh/ssh-sk-helper %attr(0644,root,root) %{_mandir}/man1/gsisftp.1* +%attr(0644,root,root) %{_mandir}/man8/gsissh-sk-helper.8* +%attr(0755,root,root) %dir %{_libexecdir}/gsissh/bin +%{_libexecdir}/gsissh/bin/scp +%{_libexecdir}/gsissh/bin/hpnscp %files server %dir %attr(0711,root,root) %{_datadir}/empty.sshd @@ -560,6 +572,9 @@ fi %ghost %attr(0644,root,root) %{_localstatedir}/lib/.gsissh-host-keys-migration %changelog +* Fri Jul 12 2024 Mattias Ellert - 9.6p1-3 +- Add scp and hpnscp symlinks in gsisshd's path + * Sat Jul 06 2024 Mattias Ellert - 9.6p1-2 - Based on openssh-9.6p1-1.fc41.13 diff --git a/openssh-9.6p1-hpn-18.3.1.patch b/openssh-9.6p1-hpn-18.3.1.patch index e50801b..68159b7 100644 --- a/openssh-9.6p1-hpn-18.3.1.patch +++ b/openssh-9.6p1-hpn-18.3.1.patch @@ -8177,8 +8177,8 @@ diff -Nur openssh-9.6p1.orig/clientloop.c openssh-9.6p1/clientloop.c if (want_subsystem) { diff -Nur openssh-9.6p1.orig/compat.c openssh-9.6p1/compat.c --- openssh-9.6p1.orig/compat.c 2024-07-10 13:32:39.574111737 +0200 -+++ openssh-9.6p1/compat.c 2024-07-10 13:34:02.716358582 +0200 -@@ -135,6 +135,36 @@ ++++ openssh-9.6p1/compat.c 2024-07-14 11:29:56.093866627 +0200 +@@ -135,6 +135,35 @@ ssh->compat = check[i].bugs; if (forbid_ssh_rsa) ssh->compat |= SSH_RH_RSASIGSHA; @@ -8188,27 +8188,26 @@ diff -Nur openssh-9.6p1.orig/compat.c openssh-9.6p1/compat.c + if (strstr(version, "hpn")) { + ssh->compat |= SSH_HPNSSH; + debug("Remote is HPN enabled"); -+ } -+ /* this checks to see if the remote -+ * version string indicates that we -+ * have access to hpn prefixed binaries -+ * You'll need to change this to include -+ * new major version numbers. Which is -+ * why we should figure out how to make -+ * the match pattern list work -+ */ -+ if ((strstr(version, "hpn16") != NULL) || -+ (strstr(version, "hpn17") != NULL) || -+ (strstr(version, "hpn18") != NULL)) { -+ ssh->compat |= SSH_HPNSSH_PREFIX; -+ debug("Remote uses HPNSSH prefixes."); -+ break; ++ /* this checks to see if the remote ++ * version string indicates that we ++ * have access to hpn prefixed binaries ++ * You'll need to change this to include ++ * new major version numbers. Which is ++ * why we should figure out how to make ++ * the match pattern list work ++ */ ++ if ((strstr(version, "hpn16") != NULL) || ++ (strstr(version, "hpn17") != NULL) || ++ (strstr(version, "hpn18") != NULL)) { ++ ssh->compat |= SSH_HPNSSH_PREFIX; ++ debug("Remote uses HPNSSH prefixes."); ++ } + } + /* if it's openssh and not hpn */ -+ if ((strstr(version, "OpenSSH_8.9") != NULL) || -+ (strstr(version, "OpenSSH_9") != NULL)) { ++ else if ((strstr(version, "OpenSSH_8.9") != NULL) || ++ (strstr(version, "OpenSSH_9") != NULL)) { + ssh->compat |= SSH_RESTRICT_WINDOW; -+ debug("Restricting adverstised window size."); ++ debug("Restricting advertised window size."); + } + } + debug("ssh->compat is %u", ssh->compat); @@ -8217,7 +8216,7 @@ diff -Nur openssh-9.6p1.orig/compat.c openssh-9.6p1/compat.c } diff -Nur openssh-9.6p1.orig/compat.h openssh-9.6p1/compat.h --- openssh-9.6p1.orig/compat.h 2024-07-10 13:32:39.574111737 +0200 -+++ openssh-9.6p1/compat.h 2024-07-10 13:34:02.716358582 +0200 ++++ openssh-9.6p1/compat.h 2024-07-14 11:29:56.093866627 +0200 @@ -46,12 +46,12 @@ /* #define unused 0x00010000 */ /* #define unused 0x00020000 */ @@ -8227,7 +8226,7 @@ diff -Nur openssh-9.6p1.orig/compat.h openssh-9.6p1/compat.h #define SSH_BUG_EXTEOF 0x00200000 #define SSH_BUG_PROBE 0x00400000 -/* #define unused 0x00800000 */ -+#define SSH_RESTRICT_WINDOW 0x00800000 /* restrict adverstised window to OpenSSH clients */ ++#define SSH_RESTRICT_WINDOW 0x00800000 /* restrict advertised window to OpenSSH clients */ #define SSH_OLD_FORWARD_ADDR 0x01000000 -/* #define unused 0x02000000 */ +#define SSH_HPNSSH_PREFIX 0x02000000 /* indicates that we have hpn prefixes binaries */ From 75b18e250aac62139028f560b0546fd2541730af Mon Sep 17 00:00:00 2001 From: Fedora Release Engineering Date: Thu, 18 Jul 2024 08:40:59 +0000 Subject: [PATCH 28/44] Rebuilt for https://fedoraproject.org/wiki/Fedora_41_Mass_Rebuild --- gsi-openssh.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/gsi-openssh.spec b/gsi-openssh.spec index ff165b1..f27261e 100644 --- a/gsi-openssh.spec +++ b/gsi-openssh.spec @@ -29,7 +29,7 @@ Summary: An implementation of the SSH protocol with GSI authentication Name: gsi-openssh Version: %{openssh_ver} -Release: %{openssh_rel}%{?dist} +Release: %{openssh_rel}%{?dist}.1 Provides: gsissh = %{version}-%{release} Obsoletes: gsissh < 5.8p2-2 URL: http://www.openssh.com/portable.html @@ -572,6 +572,9 @@ fi %ghost %attr(0644,root,root) %{_localstatedir}/lib/.gsissh-host-keys-migration %changelog +* Thu Jul 18 2024 Fedora Release Engineering - 9.6p1-3.1 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_41_Mass_Rebuild + * Fri Jul 12 2024 Mattias Ellert - 9.6p1-3 - Add scp and hpnscp symlinks in gsisshd's path From f463dc835a93f640471508c3a63384c857aab4b2 Mon Sep 17 00:00:00 2001 From: Mattias Ellert Date: Thu, 3 Oct 2024 00:49:37 +0200 Subject: [PATCH 29/44] Based on openssh-9.8p1-3.fc41.1 --- CVE-2024-6387.patch | 18 - gsi-openssh.spec | 29 +- openssh-6.6.1p1-log-in-chroot.patch | 8 +- openssh-6.6.1p1-selinux-contexts.patch | 6 +- openssh-6.6p1-GSSAPIEnablek5users.patch | 9 +- openssh-6.6p1-allow-ip-opts.patch | 4 +- openssh-6.6p1-keycat.patch | 10 +- openssh-6.6p1-kuserok.patch | 4 +- openssh-6.6p1-privsep-selinux.patch | 23 +- openssh-6.7p1-coverity.patch | 8 +- openssh-7.1p2-audit-race-condition.patch | 13 +- openssh-7.2p2-x11.patch | 4 +- openssh-7.3p1-x11-max-displays.patch | 2 +- openssh-7.6p1-audit.patch | 183 +- openssh-7.6p1-cleanup-selinux.patch | 50 +- openssh-7.7p1-fips.patch | 73 +- openssh-7.7p1-gssapi-new-unique.patch | 12 +- openssh-7.8p1-UsePAM-warning.patch | 14 +- openssh-7.8p1-role-mls.patch | 28 +- openssh-8.0p1-crypto-policies.patch | 32 +- openssh-8.0p1-gssapi-keyex.patch | 2209 +++++++------- openssh-8.0p1-pkcs11-uri.patch | 6 +- openssh-8.0p1-preserve-pam-errors.patch | 7 +- openssh-8.7p1-minrsabits.patch | 2 +- openssh-8.7p1-negotiate-supported-algs.patch | 11 +- openssh-8.7p1-nohostsha1proof.patch | 126 +- openssh-9.0p1-evp-fips-dh.patch | 2 +- openssh-9.6p1-gsskex-new-api.patch | 34 +- ...gsissh.patch => openssh-9.8p1-gsissh.patch | 492 ++- ....1.patch => openssh-9.8p1-hpn-18.5.1.patch | 2702 +++++++++-------- openssh-9.8p1-systemd.patch | 201 -- sources | 4 +- 32 files changed, 2991 insertions(+), 3335 deletions(-) delete mode 100644 CVE-2024-6387.patch rename openssh-9.6p1-gsissh.patch => openssh-9.8p1-gsissh.patch (85%) rename openssh-9.6p1-hpn-18.3.1.patch => openssh-9.8p1-hpn-18.5.1.patch (87%) delete mode 100644 openssh-9.8p1-systemd.patch diff --git a/CVE-2024-6387.patch b/CVE-2024-6387.patch deleted file mode 100644 index 0b976c0..0000000 --- a/CVE-2024-6387.patch +++ /dev/null @@ -1,18 +0,0 @@ -diff --git a/log.c b/log.c -index 9fc1a2e2e..191ff4a5a 100644 ---- a/log.c -+++ b/log.c -@@ -451,12 +451,14 @@ void - sshsigdie(const char *file, const char *func, int line, int showfunc, - LogLevel level, const char *suffix, const char *fmt, ...) - { -+#ifdef SYSLOG_R_SAFE_IN_SIGHAND - va_list args; - - va_start(args, fmt); - sshlogv(file, func, line, showfunc, SYSLOG_LEVEL_FATAL, - suffix, fmt, args); - va_end(args); -+#endif - _exit(1); - } diff --git a/gsi-openssh.spec b/gsi-openssh.spec index f27261e..afd571d 100644 --- a/gsi-openssh.spec +++ b/gsi-openssh.spec @@ -23,13 +23,13 @@ # Do we want libedit support %global libedit 1 -%global openssh_ver 9.6p1 -%global openssh_rel 3 +%global openssh_ver 9.8p1 +%global openssh_rel 1 Summary: An implementation of the SSH protocol with GSI authentication Name: gsi-openssh Version: %{openssh_ver} -Release: %{openssh_rel}%{?dist}.1 +Release: %{openssh_rel}%{?dist} Provides: gsissh = %{version}-%{release} Obsoletes: gsissh < 5.8p2-2 URL: http://www.openssh.com/portable.html @@ -128,8 +128,6 @@ Patch926: openssh-6.7p1-sftp-force-permission.patch Patch939: openssh-7.2p2-s390-closefrom.patch # Move MAX_DISPLAYS to a configuration option (#1341302) Patch944: openssh-7.3p1-x11-max-displays.patch -# Help systemd to track the running service -Patch948: openssh-9.8p1-systemd.patch # Pass inetd flags for SELinux down to openbsd compat level Patch949: openssh-7.6p1-cleanup-selinux.patch # Sandbox adjustments for s390 and audit @@ -184,15 +182,13 @@ Patch1014: openssh-8.7p1-nohostsha1proof.patch Patch1015: openssh-9.6p1-pam-rhost.patch -Patch1016: CVE-2024-6387.patch - # This is the patch that adds GSI support # Based on hpn_isshd-gsi.7.5p1b.patch from Globus upstream -Patch98: openssh-9.6p1-gsissh.patch +Patch98: openssh-9.8p1-gsissh.patch # This is the HPN patch -# Based on https://github.com/rapier1/hpn-ssh/ tag: hpn-18.3.1 -Patch99: openssh-9.6p1-hpn-18.3.1.patch +# Based on https://github.com/rapier1/hpn-ssh/ tag: hpn-18.5.1 +Patch99: openssh-9.8p1-hpn-18.5.1.patch License: BSD-3-Clause AND BSD-2-Clause AND ISC AND SSH-OpenSSH AND ssh-keyscan AND sprintf AND LicenseRef-Fedora-Public-Domain AND X11-distribute-modifications-variant Requires: /sbin/nologin @@ -319,7 +315,6 @@ gpgv2 --quiet --keyring %{SOURCE3} %{SOURCE1} %{SOURCE0} %patch -P 926 -p1 -b .sftp-force-mode %patch -P 939 -p1 -b .s390-dev %patch -P 944 -p1 -b .x11max -%patch -P 948 -p1 -b .systemd %patch -P 949 -p1 -b .refactor %patch -P 950 -p1 -b .sandbox %patch -P 951 -p1 -b .pkcs11-uri @@ -348,17 +343,14 @@ gpgv2 --quiet --keyring %{SOURCE3} %{SOURCE1} %{SOURCE0} %patch -P 1013 -p1 -b .evp-fips-ecdh %patch -P 1014 -p1 -b .nosha1hostproof %patch -P 1015 -p1 -b .pam-rhost -%patch -P 1016 -p1 -b .cve-2024-6387 %patch -P 100 -p1 -b .coverity - %patch -P 98 -p1 -b .gsi %patch -P 99 -p1 -b .hpn sed 's/sshd.pid/gsisshd.pid/' -i pathnames.h sed 's!$(piddir)/sshd.pid!$(piddir)/gsisshd.pid!' -i Makefile.in -sed 's!/etc/sysconfig/sshd!/etc/sysconfig/gsisshd!' -i sshd_config -sed 's!/etc/pam.d/sshd!/etc/pam.d/gsisshd!' -i sshd_config +sed 's!/etc/pam.d/sshd!/etc/pam.d/gsisshd!' -i sshd_config_redhat cp -p %{SOURCE99} . @@ -404,7 +396,6 @@ fi --with-privsep-path=%{_datadir}/empty.sshd \ --disable-strip \ --without-zlib-version-check \ - --with-ssl-engine \ --with-ipaddr-display \ --with-pie=no \ --without-hardening `# The hardening flags are configured by system` \ @@ -412,7 +403,7 @@ fi --with-default-pkcs11-provider=yes \ --with-security-key-builtin=yes \ --with-pam \ - --without-ssl-engine \ + --with-pam-service=gsisshd \ %if %{WITH_SELINUX} --with-selinux --with-audit=linux \ --with-sandbox=seccomp_filter \ @@ -549,6 +540,7 @@ fi %files server %dir %attr(0711,root,root) %{_datadir}/empty.sshd %attr(0755,root,root) %{_sbindir}/gsisshd +%attr(0755,root,root) %{_libexecdir}/gsissh/sshd-session %attr(0755,root,root) %{_libexecdir}/gsissh/sftp-server %attr(0755,root,root) %{_libexecdir}/gsissh/sshd-keygen %attr(0644,root,root) %{_mandir}/man5/gsisshd_config.5* @@ -572,6 +564,9 @@ fi %ghost %attr(0644,root,root) %{_localstatedir}/lib/.gsissh-host-keys-migration %changelog +* Fri Sep 27 2024 Mattias Ellert - 9.8p1-1 +- Based on openssh-9.8p1-3.fc41.1 + * Thu Jul 18 2024 Fedora Release Engineering - 9.6p1-3.1 - Rebuilt for https://fedoraproject.org/wiki/Fedora_41_Mass_Rebuild diff --git a/openssh-6.6.1p1-log-in-chroot.patch b/openssh-6.6.1p1-log-in-chroot.patch index 941c694..0f65279 100644 --- a/openssh-6.6.1p1-log-in-chroot.patch +++ b/openssh-6.6.1p1-log-in-chroot.patch @@ -237,11 +237,11 @@ diff -up openssh-8.6p1/sftp-server-main.c.log-in-chroot openssh-8.6p1/sftp-serve - return (sftp_server_main(argc, argv, user_pw)); + return (sftp_server_main(argc, argv, user_pw, 0)); } -diff -up openssh-8.6p1/sshd.c.log-in-chroot openssh-8.6p1/sshd.c ---- openssh-8.6p1/sshd.c.log-in-chroot 2021-04-19 14:43:08.543843426 +0200 -+++ openssh-8.6p1/sshd.c 2021-04-19 14:43:08.545843441 +0200 +diff -up openssh-8.6p1/sshd-session.c.log-in-chroot openssh-8.6p1/sshd-session.c +--- openssh-8.6p1/sshd-session.c.log-in-chroot 2021-04-19 14:43:08.543843426 +0200 ++++ openssh-8.6p1/sshd-session.c 2021-04-19 14:43:08.545843441 +0200 @@ -559,7 +559,7 @@ privsep_postauth(struct ssh *ssh, Authct - } + #endif /* New socket pair */ - monitor_reinit(pmonitor); diff --git a/openssh-6.6.1p1-selinux-contexts.patch b/openssh-6.6.1p1-selinux-contexts.patch index eab724a..96161cb 100644 --- a/openssh-6.6.1p1-selinux-contexts.patch +++ b/openssh-6.6.1p1-selinux-contexts.patch @@ -116,10 +116,10 @@ index cb51f99..8b7cda2 100644 #endif #ifdef LINUX_OOM_ADJUST -diff --git a/sshd.c b/sshd.c +diff --git a/sshd-session.c b/sshd-session.c index 2871fe9..39b9c08 100644 ---- a/sshd.c -+++ b/sshd.c +--- a/sshd-session.c ++++ b/sshd-session.c @@ -629,7 +629,7 @@ privsep_preauth_child(void) demote_sensitive_data(); diff --git a/openssh-6.6p1-GSSAPIEnablek5users.patch b/openssh-6.6p1-GSSAPIEnablek5users.patch index cccb3e0..7fef831 100644 --- a/openssh-6.6p1-GSSAPIEnablek5users.patch +++ b/openssh-6.6p1-GSSAPIEnablek5users.patch @@ -38,16 +38,16 @@ diff -up openssh-7.4p1/servconf.c.GSSAPIEnablek5users openssh-7.4p1/servconf.c if (options->password_authentication == -1) options->password_authentication = 1; if (options->kbd_interactive_authentication == -1) -@@ -418,7 +421,7 @@ typedef enum { - sHostbasedUsesNameFromPacketOnly, sHostbasedAcceptedAlgorithms, +@@ -578,7 +578,7 @@ typedef enum { sHostKeyAlgorithms, sPerSourceMaxStartups, sPerSourceNetBlockSize, + sPerSourcePenalties, sPerSourcePenaltyExemptList, sClientAliveInterval, sClientAliveCountMax, sAuthorizedKeysFile, - sGssAuthentication, sGssCleanupCreds, sGssStrictAcceptor, + sGssAuthentication, sGssCleanupCreds, sGssEnablek5users, sGssStrictAcceptor, sGssKeyEx, sGssKexAlgorithms, sGssStoreRekey, sAcceptEnv, sSetEnv, sPermitTunnel, sMatch, sPermitOpen, sPermitListen, sForceCommand, sChrootDirectory, -@@ -497,14 +500,16 @@ static struct { +@@ -600,14 +600,16 @@ static struct { { "gssapikeyexchange", sGssKeyEx, SSHCFG_GLOBAL }, { "gssapistorecredentialsonrekey", sGssStoreRekey, SSHCFG_GLOBAL }, { "gssapikexalgorithms", sGssKexAlgorithms, SSHCFG_GLOBAL }, @@ -129,3 +129,6 @@ diff -up openssh-7.4p1/sshd_config.GSSAPIEnablek5users openssh-7.4p1/sshd_config # Set this to 'yes' to enable PAM authentication, account processing, # and session processing. If this is enabled, PAM authentication will +diff -up openssh-9.8p1/servconf.c.xxx openssh-9.8p1/servconf.c +--- openssh-9.8p1/servconf.c.xxx 2024-07-11 13:51:19.969960781 +0200 ++++ openssh-9.8p1/servconf.c 2024-07-11 13:51:30.938231250 +0200 diff --git a/openssh-6.6p1-allow-ip-opts.patch b/openssh-6.6p1-allow-ip-opts.patch index be8d340..d969b5c 100644 --- a/openssh-6.6p1-allow-ip-opts.patch +++ b/openssh-6.6p1-allow-ip-opts.patch @@ -1,6 +1,6 @@ diff -up openssh/sshd.c.ip-opts openssh/sshd.c ---- openssh/sshd.c.ip-opts 2016-07-25 13:58:48.998507834 +0200 -+++ openssh/sshd.c 2016-07-25 14:01:28.346469878 +0200 +--- openssh/sshd-session.c.ip-opts 2016-07-25 13:58:48.998507834 +0200 ++++ openssh/sshd-session.c 2016-07-25 14:01:28.346469878 +0200 @@ -1507,12 +1507,32 @@ check_ip_options(struct ssh *ssh) if (getsockopt(sock_in, IPPROTO_IP, IP_OPTIONS, opts, diff --git a/openssh-6.6p1-keycat.patch b/openssh-6.6p1-keycat.patch index 529b508..4eb0998 100644 --- a/openssh-6.6p1-keycat.patch +++ b/openssh-6.6p1-keycat.patch @@ -39,9 +39,9 @@ diff -up openssh/Makefile.in.keycat openssh/Makefile.in SFTP_SERVER=$(libexecdir)/sftp-server SSH_KEYSIGN=$(libexecdir)/ssh-keysign +SSH_KEYCAT=$(libexecdir)/ssh-keycat + SSHD_SESSION=$(libexecdir)/sshd-session SSH_PKCS11_HELPER=$(libexecdir)/ssh-pkcs11-helper SSH_SK_HELPER=$(libexecdir)/ssh-sk-helper - PRIVSEP_PATH=@PRIVSEP_PATH@ @@ -52,6 +52,7 @@ K5LIBS=@K5LIBS@ K5LIBS=@K5LIBS@ GSSLIBS=@GSSLIBS@ @@ -54,8 +54,8 @@ diff -up openssh/Makefile.in.keycat openssh/Makefile.in .SUFFIXES: .lo --TARGETS=ssh$(EXEEXT) sshd$(EXEEXT) ssh-add$(EXEEXT) ssh-keygen$(EXEEXT) ssh-keyscan${EXEEXT} ssh-keysign${EXEEXT} ssh-pkcs11-helper$(EXEEXT) ssh-agent$(EXEEXT) scp$(EXEEXT) sftp-server$(EXEEXT) sftp$(EXEEXT) ssh-sk-helper$(EXEEXT) -+TARGETS=ssh$(EXEEXT) sshd$(EXEEXT) ssh-add$(EXEEXT) ssh-keygen$(EXEEXT) ssh-keyscan${EXEEXT} ssh-keysign${EXEEXT} ssh-pkcs11-helper$(EXEEXT) ssh-agent$(EXEEXT) scp$(EXEEXT) sftp-server$(EXEEXT) sftp$(EXEEXT) ssh-sk-helper$(EXEEXT) ssh-keycat$(EXEEXT) +-TARGETS=ssh$(EXEEXT) sshd$(EXEEXT) sshd-session$(EXEEXT) ssh-add$(EXEEXT) ssh-keygen$(EXEEXT) ssh-keyscan${EXEEXT} ssh-keysign${EXEEXT} ssh-pkcs11-helper$(EXEEXT) ssh-agent$(EXEEXT) scp$(EXEEXT) sftp-server$(EXEEXT) sftp$(EXEEXT) ssh-sk-helper$(EXEEXT) ++TARGETS=ssh$(EXEEXT) sshd$(EXEEXT) sshd-session$(EXEEXT) ssh-add$(EXEEXT) ssh-keygen$(EXEEXT) ssh-keyscan${EXEEXT} ssh-keysign${EXEEXT} ssh-pkcs11-helper$(EXEEXT) ssh-agent$(EXEEXT) scp$(EXEEXT) sftp-server$(EXEEXT) sftp$(EXEEXT) ssh-sk-helper$(EXEEXT) ssh-keycat$(EXEEXT) XMSS_OBJS=\ ssh-xmss.o \ @@ -95,8 +95,8 @@ diff -up openssh/openbsd-compat/port-linux-sshd.c.keycat openssh/openbsd-compat/ --- openssh/openbsd-compat/port-linux-sshd.c.keycat 2015-06-24 10:57:50.150849626 +0200 +++ openssh/openbsd-compat/port-linux-sshd.c 2015-06-24 10:57:50.159849603 +0200 @@ -54,6 +54,20 @@ extern Authctxt *the_authctxt; + extern Authctxt *the_authctxt; extern int inetd_flag; - extern int rexeced_flag; +/* Wrapper around is_selinux_enabled() to log its return value once only */ +int @@ -131,7 +131,7 @@ diff -up openssh/openbsd-compat/port-linux-sshd.c.keycat openssh/openbsd-compat/ - rv = do_pam_putenv("SELINUX_ROLE_REQUESTED", role ? role : ""); + rv = set_it("SELINUX_ROLE_REQUESTED", role ? role : ""); - if (inetd_flag && !rexeced_flag) { + if (inetd_flag) { use_current = "1"; } else { use_current = ""; diff --git a/openssh-6.6p1-kuserok.patch b/openssh-6.6p1-kuserok.patch index eaf4453..e43128b 100644 --- a/openssh-6.6p1-kuserok.patch +++ b/openssh-6.6p1-kuserok.patch @@ -266,8 +266,8 @@ diff -up openssh-7.4p1/sshd_config.5.kuserok openssh-7.4p1/sshd_config.5 +The default is +.Cm yes . .It Cm KexAlgorithms - Specifies the available KEX (Key Exchange) algorithms. - Multiple algorithms must be comma-separated. + Specifies the permitted KEX (Key Exchange) algorithms that the server will + offer to clients. @@ -1078,6 +1082,7 @@ Available keywords are .Cm IPQoS , .Cm KbdInteractiveAuthentication , diff --git a/openssh-6.6p1-privsep-selinux.patch b/openssh-6.6p1-privsep-selinux.patch index 8047fc3..16d98cd 100644 --- a/openssh-6.6p1-privsep-selinux.patch +++ b/openssh-6.6p1-privsep-selinux.patch @@ -49,7 +49,7 @@ diff -up openssh-7.4p1/session.c.privsep-selinux openssh-7.4p1/session.c platform_setusercontext(pw); - if (platform_privileged_uidswap()) { -+ if (platform_privileged_uidswap() && (!is_child || !use_privsep)) { ++ if (platform_privileged_uidswap() && !is_child) { #ifdef HAVE_LOGIN_CAP if (setusercontext(lc, pw, pw->pw_uid, (LOGIN_SETALL & ~(LOGIN_SETPATH|LOGIN_SETUSER))) < 0) { @@ -96,8 +96,8 @@ diff -up openssh-7.4p1/session.c.privsep-selinux openssh-7.4p1/session.c } diff -up openssh-7.4p1/sshd.c.privsep-selinux openssh-7.4p1/sshd.c ---- openssh-7.4p1/sshd.c.privsep-selinux 2016-12-23 18:58:52.973122201 +0100 -+++ openssh-7.4p1/sshd.c 2016-12-23 18:59:13.808124269 +0100 +--- openssh-7.4p1/sshd-session.c.privsep-selinux 2016-12-23 18:58:52.973122201 +0100 ++++ openssh-7.4p1/sshd-session.c 2016-12-23 18:59:13.808124269 +0100 @@ -540,6 +540,10 @@ privsep_preauth_child(void) /* Demote the private keys to public keys. */ demote_sensitive_data(); @@ -109,13 +109,12 @@ diff -up openssh-7.4p1/sshd.c.privsep-selinux openssh-7.4p1/sshd.c /* Demote the child */ if (privsep_chroot) { /* Change our root directory */ -@@ -633,6 +637,9 @@ privsep_postauth(Authctxt *authctxt) - { - #ifdef DISABLE_FD_PASSING - if (1) { -+#elif defined(WITH_SELINUX) -+ if (0) { -+ /* even root user can be confined by SELinux */ - #else - if (authctxt->pw->pw_uid == 0) { +@@ -403,7 +403,7 @@ privsep_postauth(struct ssh *ssh, Authct + * fd passing, as AFAIK PTY allocation on this platform doesn't require + * special privileges to begin with. + */ +-#if defined(DISABLE_FD_PASSING) && !defined(HAVE_CYGWIN) ++#if defined(DISABLE_FD_PASSING) && !defined(HAVE_CYGWIN) && !defined(WITH_SELINUX) + skip_privdrop = 1; #endif + diff --git a/openssh-6.7p1-coverity.patch b/openssh-6.7p1-coverity.patch index 01a061b..d98da28 100644 --- a/openssh-6.7p1-coverity.patch +++ b/openssh-6.7p1-coverity.patch @@ -27,7 +27,7 @@ diff -up openssh-8.5p1/gss-genr.c.coverity openssh-8.5p1/gss-genr.c - +#pragma GCC diagnostic ignored "-Wstringop-overflow" cp = strncpy(s, kex, strlen(kex)); -+#pragma pop ++#pragma GCC diagnostic pop for ((p = strsep(&cp, ",")); p && *p != '\0'; (p = strsep(&cp, ","))) { if (sshbuf_len(buf) != 0 && @@ -221,9 +221,9 @@ diff -up openssh-7.4p1/ssh-agent.c.coverity openssh-7.4p1/ssh-agent.c return NULL; } /* validate also provider from URI */ -diff -up openssh-7.4p1/sshd.c.coverity openssh-7.4p1/sshd.c ---- openssh-7.4p1/sshd.c.coverity 2016-12-23 16:40:26.897788690 +0100 -+++ openssh-7.4p1/sshd.c 2016-12-23 16:40:26.904788692 +0100 +diff -up openssh-7.4p1/sshd-session.c.coverity openssh-7.4p1/sshd-session.c +--- openssh-7.4p1/sshd-session.c.coverity 2016-12-23 16:40:26.897788690 +0100 ++++ openssh-7.4p1/sshd-session.c 2016-12-23 16:40:26.904788692 +0100 @@ -691,8 +691,10 @@ privsep_preauth(Authctxt *authctxt) privsep_preauth_child(ssh); diff --git a/openssh-7.1p2-audit-race-condition.patch b/openssh-7.1p2-audit-race-condition.patch index b5895f7..57ad148 100644 --- a/openssh-7.1p2-audit-race-condition.patch +++ b/openssh-7.1p2-audit-race-condition.patch @@ -109,7 +109,7 @@ diff -up openssh-7.4p1/session.c.audit-race openssh-7.4p1/session.c @@ -717,6 +728,8 @@ do_exec(Session *s, const char *command) } if (s->command != NULL && s->ptyfd == -1) - s->command_handle = PRIVSEP(audit_run_command(ssh, s->command)); + s->command_handle = mm_audit_run_command(ssh, s->command); + if (pipe(paudit) < 0) + fatal("pipe: %s", strerror(errno)); #endif @@ -121,7 +121,7 @@ diff -up openssh-7.4p1/session.c.audit-race openssh-7.4p1/session.c +#ifdef SSH_AUDIT_EVENTS + close(paudit[1]); -+ if (use_privsep && ret == 0) { ++ if (ret == 0) { + /* + * Read the audit messages from forked child and send them + * back to monitor. We don't want to communicate directly, @@ -136,7 +136,7 @@ diff -up openssh-7.4p1/session.c.audit-race openssh-7.4p1/session.c return ret; } -@@ -1538,6 +1565,34 @@ child_close_fds(void) +@@ -1538,6 +1565,33 @@ child_close_fds(void) log_redirect_stderr_to(NULL); } @@ -147,12 +147,11 @@ diff -up openssh-7.4p1/session.c.audit-race openssh-7.4p1/session.c + int pparent = paudit[1]; + close(paudit[0]); + /* Hack the monitor pipe to avoid race condition with parent */ -+ if (use_privsep) -+ mm_set_monitor_pipe(pparent); ++ mm_set_monitor_pipe(pparent); +#endif + + /* remove hostkey from the child's memory */ -+ destroy_sensitive_data(ssh, use_privsep); ++ destroy_sensitive_data(ssh); + /* + * We can audit this, because we hacked the pipe to direct the + * messages over postauth child. But this message requires answer @@ -176,7 +175,7 @@ diff -up openssh-7.4p1/session.c.audit-race openssh-7.4p1/session.c sshpkt_fmt_connection_id(ssh, remote_id, sizeof(remote_id)); - /* remove hostkey from the child's memory */ -- destroy_sensitive_data(ssh, 1); +- destroy_sensitive_data(ssh); - ssh_packet_clear_keys(ssh); - /* Don't audit this - both us and the parent would be talking to the - monitor over a single socket, with no synchronization. */ diff --git a/openssh-7.2p2-x11.patch b/openssh-7.2p2-x11.patch index b27d7c4..6db16be 100644 --- a/openssh-7.2p2-x11.patch +++ b/openssh-7.2p2-x11.patch @@ -11,8 +11,8 @@ diff --git a/channels.c b/channels.c int sock; struct sockaddr_un addr; -+ if (len <= 0) -+ return -1; ++ if (len <= 0) ++ return -1; sock = socket(AF_UNIX, SOCK_STREAM, 0); if (sock == -1) { error("socket: %.100s", strerror(errno)); diff --git a/openssh-7.3p1-x11-max-displays.patch b/openssh-7.3p1-x11-max-displays.patch index 2b702d4..e28c62e 100644 --- a/openssh-7.3p1-x11-max-displays.patch +++ b/openssh-7.3p1-x11-max-displays.patch @@ -2,7 +2,7 @@ diff -up openssh-7.4p1/channels.c.x11max openssh-7.4p1/channels.c --- openssh-7.4p1/channels.c.x11max 2016-12-23 15:46:32.071506625 +0100 +++ openssh-7.4p1/channels.c 2016-12-23 15:46:32.139506636 +0100 @@ -152,8 +152,8 @@ static int all_opens_permitted = 0; - #define FWD_PERMIT_ANY_HOST "*" + #define NUM_SOCKS 10 /* -- X11 forwarding */ -/* Maximum number of fake X11 displays to try. */ diff --git a/openssh-7.6p1-audit.patch b/openssh-7.6p1-audit.patch index cec5b23..c884292 100644 --- a/openssh-7.6p1-audit.patch +++ b/openssh-7.6p1-audit.patch @@ -129,19 +129,19 @@ diff -up openssh-8.6p1/audit.c.audit openssh-8.6p1/audit.c +void +audit_unsupported(struct ssh *ssh, int what) +{ -+ PRIVSEP(audit_unsupported_body(ssh, what)); ++ mm_audit_unsupported_body(ssh, what); +} + +void +audit_kex(struct ssh *ssh, int ctos, char *enc, char *mac, char *comp, char *pfs) +{ -+ PRIVSEP(audit_kex_body(ssh, ctos, enc, mac, comp, pfs, getpid(), getuid())); ++ mm_audit_kex_body(ssh, ctos, enc, mac, comp, pfs, getpid(), getuid()); +} + +void +audit_session_key_free(struct ssh *ssh, int ctos) +{ -+ PRIVSEP(audit_session_key_free_body(ssh, ctos, getpid(), getuid())); ++ mm_audit_session_key_free_body(ssh, ctos, getpid(), getuid()); +} + # ifndef CUSTOM_SSH_AUDIT_EVENTS @@ -446,7 +446,7 @@ diff -up openssh-8.6p1/audit-linux.c.audit openssh-8.6p1/audit-linux.c /* Below is the sshd audit API code */ void -@@ -76,49 +176,210 @@ audit_connection_from(const char *host, +@@ -76,49 +176,211 @@ audit_connection_from(const char *host, /* not implemented */ } @@ -525,6 +525,7 @@ diff -up openssh-8.6p1/audit-linux.c.audit openssh-8.6p1/audit-linux.c case SSH_AUTH_FAIL_PASSWD: + if (options.use_pam) + break; ++ /* Fallthrough */ + case SSH_LOGIN_EXCEED_MAXTRIES: case SSH_AUTH_FAIL_KBDINT: case SSH_AUTH_FAIL_PUBKEY: @@ -564,7 +565,7 @@ diff -up openssh-8.6p1/audit-linux.c.audit openssh-8.6p1/audit-linux.c +{ +#ifdef AUDIT_CRYPTO_SESSION + char buf[AUDIT_LOG_SIZE]; -+ const static char *name[] = { "cipher", "mac", "comp" }; ++ static const char *name[] = { "cipher", "mac", "comp" }; + char *s; + int audit_fd; + @@ -582,7 +583,7 @@ diff -up openssh-8.6p1/audit-linux.c.audit openssh-8.6p1/audit-linux.c +#endif +} + -+const static char *direction[] = { "from-server", "from-client", "both" }; ++static const char *direction[] = { "from-server", "from-client", "both" }; + +void +audit_kex_body(struct ssh *ssh, int ctos, char *enc, char *mac, char *compress, @@ -661,7 +662,7 @@ diff -up openssh-8.6p1/audit-linux.c.audit openssh-8.6p1/audit-linux.c + } + audit_ok = audit_log_user_message(audit_fd, AUDIT_CRYPTO_KEY_USER, + buf, NULL, -+ listening_for_clients() ? NULL : ssh_remote_ipaddr(ssh), ++ ssh_remote_ipaddr(ssh), /*FIXME listening_for_clients() ? NULL : ssh_remote_ipaddr(ssh) */ + NULL, 1); + audit_close(audit_fd); + /* do not abort if the error is EPERM and sshd is run as non root user */ @@ -733,7 +734,7 @@ diff -up openssh-8.6p1/auth2.c.audit openssh-8.6p1/auth2.c /* Invalid user, fake password information */ authctxt->pw = fakepw(); -#ifdef SSH_AUDIT_EVENTS -- PRIVSEP(audit_event(ssh, SSH_INVALID_USER)); +- mm_audit_event(ssh, SSH_INVALID_USER); -#endif } #ifdef USE_PAM @@ -743,11 +744,11 @@ diff -up openssh-8.6p1/auth2-hostbased.c.audit openssh-8.6p1/auth2-hostbased.c +++ openssh-8.6p1/auth2-hostbased.c 2021-04-19 16:47:35.754062114 +0200 @@ -158,7 +158,7 @@ userauth_hostbased(struct ssh *ssh) authenticated = 0; - if (PRIVSEP(hostbased_key_allowed(ssh, authctxt->pw, cuser, - chost, key)) && -- PRIVSEP(sshkey_verify(key, sig, slen, -+ PRIVSEP(hostbased_key_verify(ssh, key, sig, slen, - sshbuf_ptr(b), sshbuf_len(b), pkalg, ssh->compat, NULL)) == 0) + if (mm_hostbased_key_allowed(ssh, authctxt->pw, cuser, + chost, key) && +- mm_sshkey_verify(key, sig, slen, ++ mm_hostbased_key_verify(ssh, key, sig, slen, + sshbuf_ptr(b), sshbuf_len(b), pkalg, ssh->compat, NULL) == 0) authenticated = 1; @@ -175,6 +175,20 @@ done: @@ -777,12 +778,12 @@ diff -up openssh-8.6p1/auth2-pubkey.c.audit openssh-8.6p1/auth2-pubkey.c @@ -213,7 +213,7 @@ userauth_pubkey(struct ssh *ssh) /* test for correct signature */ authenticated = 0; - if (PRIVSEP(user_key_allowed(ssh, pw, key, 1, &authopts)) && -- PRIVSEP(sshkey_verify(key, sig, slen, -+ PRIVSEP(user_key_verify(ssh, key, sig, slen, + if (mm_user_key_allowed(ssh, pw, key, 1, &authopts) && +- mm_sshkey_verify(key, sig, slen, ++ mm_user_key_verify(ssh, key, sig, slen, sshbuf_ptr(b), sshbuf_len(b), (ssh->compat & SSH_BUG_SIGTYPE) == 0 ? pkalg : NULL, - ssh->compat, &sig_details)) == 0) { + ssh->compat, &sig_details) == 0) { @@ -305,6 +305,20 @@ done: return authenticated; } @@ -828,7 +829,7 @@ diff -up openssh-8.6p1/auth.h.audit openssh-8.6p1/auth.h + const u_char *, size_t, const char *, u_int, struct sshkey_sig_details **); /* Key / cert options linkage to auth layer */ - const struct sshauthopt *auth_options(struct ssh *); + int auth_activate_options(struct ssh *, struct sshauthopt *); @@ -239,6 +241,8 @@ struct passwd * getpwnamallow(struct ssh char *, const char *, const char *, const char *, struct sshauthopt **); int auth_check_authkeys_file(struct passwd *, FILE *, char *, @@ -915,8 +916,8 @@ diff -up openssh-8.6p1/kex.c.audit openssh-8.6p1/kex.c #include "xmalloc.h" +#include "audit.h" - #ifdef GSSAPI - #include "ssh-gss.h" + /* prototype */ + static int kex_choose_conf(struct ssh *, uint32_t seq); @@ -816,12 +817,16 @@ kex_start_rekex(struct ssh *ssh) } @@ -1108,7 +1109,7 @@ diff -up openssh-8.6p1/monitor.c.audit openssh-8.6p1/monitor.c extern struct sshbuf *loginmsg; extern struct sshauthopt *auth_opts; /* XXX move to permanent ssh->authctxt? */ -+extern void destroy_sensitive_data(struct ssh *, int); ++extern void destroy_sensitive_data(struct ssh *); + /* State exported from the child */ static struct sshbuf *child_state; @@ -1241,7 +1242,7 @@ diff -up openssh-8.6p1/monitor.c.audit openssh-8.6p1/monitor.c sshpam_cleanup(); #endif -+ destroy_sensitive_data(ssh, 0); ++ destroy_sensitive_data(ssh); + while (waitpid(pmonitor->m_pid, &status, 0) == -1) if (errno != EINTR) @@ -1536,9 +1537,9 @@ diff -up openssh-8.6p1/monitor_wrap.c.audit openssh-8.6p1/monitor_wrap.c } #endif /* SSH_AUDIT_EVENTS */ @@ -1095,3 +1137,83 @@ mm_ssh_gssapi_update_creds(ssh_gssapi_cc + return &ci; } - #endif /* GSSAPI */ +#ifdef SSH_AUDIT_EVENTS +void +mm_audit_unsupported_body(struct ssh *ssh, int what) @@ -1632,7 +1633,7 @@ diff -up openssh-8.6p1/monitor_wrap.h.audit openssh-8.6p1/monitor_wrap.h +int mm_user_key_verify(struct ssh*, const struct sshkey *, const u_char *, size_t, const u_char *, size_t, const char *, u_int, struct sshkey_sig_details **); - #ifdef GSSAPI + void mm_decode_activate_server_options(struct ssh *ssh, struct sshbuf *m); @@ -86,7 +88,12 @@ void mm_sshpam_free_ctx(void *); #ifdef SSH_AUDIT_EVENTS #include "audit.h" @@ -1817,7 +1818,7 @@ diff -up openssh-8.6p1/session.c.audit openssh-8.6p1/session.c extern u_int utmp_len; extern int startup_pipe; -extern void destroy_sensitive_data(void); -+extern void destroy_sensitive_data(struct ssh *, int); ++extern void destroy_sensitive_data(struct ssh *); extern struct sshbuf *loginmsg; extern struct sshauthopt *auth_opts; extern char *tun_fwd_ifnames; /* serverloop.c */ @@ -1843,18 +1844,18 @@ diff -up openssh-8.6p1/session.c.audit openssh-8.6p1/session.c + if (s->command != NULL || s->command_handle != -1) + fatal("do_exec: command already set"); if (command != NULL) -- PRIVSEP(audit_run_command(command)); +- mm_audit_run_command(command); + s->command = xstrdup(command); else if (s->ttyfd == -1) { char *shell = s->pw->pw_shell; if (shell[0] == '\0') /* empty shell means /bin/sh */ shell =_PATH_BSHELL; -- PRIVSEP(audit_run_command(shell)); +- mm_audit_run_command(shell); + s->command = xstrdup(shell); } + if (s->command != NULL && s->ptyfd == -1) -+ s->command_handle = PRIVSEP(audit_run_command(ssh, s->command)); ++ s->command_handle = mm_audit_run_command(ssh, s->command); #endif if (s->ttyfd != -1) ret = do_exec_pty(ssh, s, command); @@ -1863,7 +1864,7 @@ diff -up openssh-8.6p1/session.c.audit openssh-8.6p1/session.c /* remove hostkey from the child's memory */ - destroy_sensitive_data(); -+ destroy_sensitive_data(ssh, 1); ++ destroy_sensitive_data(ssh); ssh_packet_clear_keys(ssh); + /* Don't audit this - both us and the parent would be talking to the + monitor over a single socket, with no synchronization. */ @@ -1923,7 +1924,7 @@ diff -up openssh-8.6p1/session.c.audit openssh-8.6p1/session.c +{ + if (s->command != NULL) { + if (s->command_handle != -1) -+ PRIVSEP(audit_end_command(ssh, s->command_handle, s->command)); ++ mm_audit_end_command(ssh, s->command_handle, s->command); + free(s->command); + s->command = NULL; + s->command_handle = -1; @@ -1981,7 +1982,7 @@ diff -up openssh-8.6p1/session.c.audit openssh-8.6p1/session.c @@ -2734,7 +2804,7 @@ do_cleanup(struct ssh *ssh, Authctxt *au * or if running in monitor. */ - if (!use_privsep || mm_is_monitor()) + if (mm_is_monitor()) - session_destroy_all(ssh, session_pty_cleanup2); + session_destroy_all(ssh, do_cleanup_one_session); } @@ -2020,25 +2021,6 @@ diff -up openssh-8.6p1/session.h.audit openssh-8.6p1/session.h diff -up openssh-8.6p1/sshd.c.audit openssh-8.6p1/sshd.c --- openssh-8.6p1/sshd.c.audit 2021-04-19 16:47:35.727061907 +0200 +++ openssh-8.6p1/sshd.c 2021-04-19 16:47:35.759062152 +0200 -@@ -122,6 +122,7 @@ - #include "ssh-gss.h" - #endif - #include "monitor_wrap.h" -+#include "audit.h" - #include "ssh-sandbox.h" - #include "auth-options.h" - #include "version.h" -@@ -260,8 +261,8 @@ struct sshbuf *loginmsg; - struct passwd *privsep_pw = NULL; - - /* Prototypes for various functions defined later in this file. */ --void destroy_sensitive_data(void); --void demote_sensitive_data(void); -+void destroy_sensitive_data(struct ssh *, int); -+void demote_sensitive_data(struct ssh *); - static void do_ssh2_kex(struct ssh *); - - static char *listener_proctitle; @@ -279,6 +280,15 @@ close_listen_socks(void) num_listen_socks = 0; } @@ -2052,11 +2034,41 @@ diff -up openssh-8.6p1/sshd.c.audit openssh-8.6p1/sshd.c + return num_listen_socks > 0; +} + + /* Allocate and initialise the children array */ static void - close_startup_pipes(void) - { -@@ -377,18 +387,45 @@ grace_alarm_handler(int sig) - ssh_remote_port(the_active_state)); + child_alloc(void) +@@ -1204,6 +1259,7 @@ server_accept_loop(int *sock_in, int *so + if (received_sigterm) { + logit("Received signal %d; terminating.", + (int) received_sigterm); ++ /* destroy_sensitive_data(ssh, 0); FIXME */ + close_listen_socks(); + if (options.pid_file != NULL) + unlink(options.pid_file); +diff -up openssh-8.6p1/sshd-session.c.audit openssh-8.6p1/sshd-session.c +--- openssh-8.6p1/sshd-session.c.audit 2021-04-19 16:47:35.727061907 +0200 ++++ openssh-8.6p1/sshd-session.c 2021-04-19 16:47:35.759062152 +0200 +@@ -122,6 +122,7 @@ + #include "ssh-gss.h" + #endif + #include "monitor_wrap.h" ++#include "audit.h" + #include "ssh-sandbox.h" + #include "auth-options.h" + #include "version.h" +@@ -260,8 +261,8 @@ struct sshbuf *loginmsg; + struct sshbuf *loginmsg; + + /* Prototypes for various functions defined later in this file. */ +-void destroy_sensitive_data(void); +-void demote_sensitive_data(void); ++void destroy_sensitive_data(struct ssh *); ++void demote_sensitive_data(struct ssh *); + static void do_ssh2_kex(struct ssh *); + + /* +@@ -377,18 +387,40 @@ grace_alarm_handler(int sig) + _exit(EXIT_LOGIN_GRACE); } -/* Destroy the host and server keys. They will no longer be needed. */ @@ -2066,7 +2078,7 @@ diff -up openssh-8.6p1/sshd.c.audit openssh-8.6p1/sshd.c + */ void -destroy_sensitive_data(void) -+destroy_sensitive_data(struct ssh *ssh, int privsep) ++destroy_sensitive_data(struct ssh *ssh) { u_int i; +#ifdef SSH_AUDIT_EVENTS @@ -2088,12 +2100,7 @@ diff -up openssh-8.6p1/sshd.c.audit openssh-8.6p1/sshd.c sensitive_data.host_keys[i] = NULL; + if (fp != NULL) { +#ifdef SSH_AUDIT_EVENTS -+ if (privsep) -+ PRIVSEP(audit_destroy_sensitive_data(ssh, fp, -+ pid, uid)); -+ else -+ audit_destroy_sensitive_data(ssh, fp, -+ pid, uid); ++ audit_destroy_sensitive_data(ssh, fp, pid, uid); +#endif + free(fp); + } @@ -2163,9 +2170,9 @@ diff -up openssh-8.6p1/sshd.c.audit openssh-8.6p1/sshd.c #ifdef WITH_SELINUX sshd_selinux_change_privsep_preauth_context(); @@ -492,7 +547,7 @@ privsep_preauth(struct ssh *ssh) + pmonitor->m_pkex = &ssh->kex; - if (use_privsep == PRIVSEP_ON) - box = ssh_sandbox_init(pmonitor); + box = ssh_sandbox_init(pmonitor); - pid = fork(); + pmonitor->m_pid = pid = fork(); if (pid == -1) { @@ -2189,48 +2196,21 @@ diff -up openssh-8.6p1/sshd.c.audit openssh-8.6p1/sshd.c reseed_prngs(); -@@ -1143,7 +1198,7 @@ server_listen(void) - * from this function are in a forked subprocess. - */ - static void --server_accept_loop(int *sock_in, int *sock_out, int *newsock, int *config_s) -+server_accept_loop(struct ssh *ssh, int *sock_in, int *sock_out, int *newsock, int *config_s) - { - struct pollfd *pfd = NULL; - int i, j, ret, npfd; -@@ -1204,6 +1259,7 @@ server_accept_loop(int *sock_in, int *so - if (received_sigterm) { - logit("Received signal %d; terminating.", - (int) received_sigterm); -+ destroy_sensitive_data(ssh, 0); - close_listen_socks(); - if (options.pid_file != NULL) - unlink(options.pid_file); -@@ -2189,7 +2189,7 @@ - } - - /* Accept a connection and return in a forked child */ -- server_accept_loop(&sock_in, &sock_out, -+ server_accept_loop(ssh, &sock_in, &sock_out, - &newsock, config_s); - } - @@ -2333,6 +2389,9 @@ main(int ac, char **av) do_authenticated(ssh, authctxt); /* The connection has been terminated. */ + packet_destroy_all(ssh, 1, 1); -+ destroy_sensitive_data(ssh, 1); ++ destroy_sensitive_data(ssh); + ssh_packet_get_bytes(ssh, &ibytes, &obytes); verbose("Transferred: sent %llu, received %llu bytes", (unsigned long long)obytes, (unsigned long long)ibytes); -@@ -2513,6 +2572,15 @@ do_ssh2_kex(struct ssh *ssh) +@@ -2513,6 +2572,14 @@ do_ssh2_kex(struct ssh *ssh) void cleanup_exit(int i) { + static int in_cleanup = 0; -+ int is_privsep_child; + + /* cleanup_exit can be called at the very least from the privsep + wrappers used for auditing. Make sure we don't recurse @@ -2238,24 +2218,17 @@ diff -up openssh-8.6p1/sshd.c.audit openssh-8.6p1/sshd.c + if (in_cleanup) + _exit(i); + in_cleanup = 1; + extern int auth_attempted; /* monitor.c */ + if (the_active_state != NULL && the_authctxt != NULL) { - do_cleanup(the_active_state, the_authctxt); - if (use_privsep && privsep_is_preauth && -@@ -2525,9 +2593,16 @@ cleanup_exit(int i) - } - } - } -+ is_privsep_child = use_privsep && pmonitor != NULL && pmonitor->m_pid == 0; -+ if (sensitive_data.host_keys != NULL && the_active_state != NULL) -+ destroy_sensitive_data(the_active_state, is_privsep_child); -+ if (the_active_state != NULL) -+ packet_destroy_all(the_active_state, 1, is_privsep_child); +@@ -2525,7 +2593,9 @@ cleanup_exit(int i) + _exit(EXIT_AUTH_ATTEMPTED); #ifdef SSH_AUDIT_EVENTS /* done after do_cleanup so it can cancel the PAM auth 'thread' */ -- if (the_active_state != NULL && (!use_privsep || mm_is_monitor())) +- if (the_active_state != NULL && mm_is_monitor()) + if (the_active_state != NULL && + (the_authctxt == NULL || !the_authctxt->authenticated) && -+ (!use_privsep || mm_is_monitor())) ++ mm_is_monitor()) audit_event(the_active_state, SSH_CONNECTION_ABANDON); #endif _exit(i); diff --git a/openssh-7.6p1-cleanup-selinux.patch b/openssh-7.6p1-cleanup-selinux.patch index f7cd50f..cfe11ad 100644 --- a/openssh-7.6p1-cleanup-selinux.patch +++ b/openssh-7.6p1-cleanup-selinux.patch @@ -1,23 +1,22 @@ diff -up openssh/auth2-pubkey.c.refactor openssh/auth2-pubkey.c --- openssh/auth2-pubkey.c.refactor 2019-04-04 13:19:12.188821236 +0200 +++ openssh/auth2-pubkey.c 2019-04-04 13:19:12.276822078 +0200 -@@ -72,6 +72,9 @@ +@@ -72,6 +72,8 @@ /* import */ extern ServerOptions options; +extern int inetd_flag; -+extern int rexeced_flag; +extern Authctxt *the_authctxt; + extern struct authmethod_cfg methodcfg_pubkey; static char * - format_key(const struct sshkey *key) @@ -511,7 +514,8 @@ match_principals_command(struct ssh *ssh if ((pid = subprocess("AuthorizedPrincipalsCommand", command, ac, av, &f, SSH_SUBPROCESS_STDOUT_CAPTURE|SSH_SUBPROCESS_STDERR_DISCARD, - runas_pw, temporarily_use_uid, restore_uid)) == 0) + runas_pw, temporarily_use_uid, restore_uid, -+ (inetd_flag && !rexeced_flag), the_authctxt)) == 0) ++ inetd_flag, the_authctxt)) == 0) goto out; uid_swapped = 1; @@ -27,7 +26,7 @@ diff -up openssh/auth2-pubkey.c.refactor openssh/auth2-pubkey.c SSH_SUBPROCESS_STDOUT_CAPTURE|SSH_SUBPROCESS_STDERR_DISCARD, - runas_pw, temporarily_use_uid, restore_uid)) == 0) + runas_pw, temporarily_use_uid, restore_uid, -+ (inetd_flag && !rexeced_flag), the_authctxt)) == 0) ++ inetd_flag, the_authctxt)) == 0) goto out; uid_swapped = 1; @@ -82,14 +81,13 @@ diff -up openssh/openbsd-compat/port-linux.h.refactor openssh/openbsd-compat/por diff -up openssh/openbsd-compat/port-linux-sshd.c.refactor openssh/openbsd-compat/port-linux-sshd.c --- openssh/openbsd-compat/port-linux-sshd.c.refactor 2019-04-04 13:19:12.256821887 +0200 +++ openssh/openbsd-compat/port-linux-sshd.c 2019-04-04 13:19:12.276822078 +0200 -@@ -49,11 +49,6 @@ +@@ -49,10 +49,6 @@ #include #endif -extern ServerOptions options; -extern Authctxt *the_authctxt; -extern int inetd_flag; --extern int rexeced_flag; - /* Wrapper around is_selinux_enabled() to log its return value once only */ int @@ -128,7 +126,7 @@ diff -up openssh/openbsd-compat/port-linux-sshd.c.refactor openssh/openbsd-compa if (r == 0) { /* If launched from xinetd, we must use current level */ -- if (inetd_flag && !rexeced_flag) { +- if (inetd_flag) { + if (inetd) { security_context_t sshdsc=NULL; @@ -152,7 +150,7 @@ diff -up openssh/openbsd-compat/port-linux-sshd.c.refactor openssh/openbsd-compa rv = set_it("SELINUX_ROLE_REQUESTED", role ? role : ""); -- if (inetd_flag && !rexeced_flag) { +- if (inetd_flag) { + if (inetd) { use_current = "1"; } else { @@ -216,55 +214,45 @@ diff -up openssh/openbsd-compat/port-linux-sshd.c.refactor openssh/openbsd-compa diff -up openssh/platform.c.refactor openssh/platform.c --- openssh/platform.c.refactor 2019-04-04 13:19:12.204821389 +0200 +++ openssh/platform.c 2019-04-04 13:19:12.277822088 +0200 -@@ -32,6 +32,9 @@ +@@ -32,6 +32,8 @@ + #include "openbsd-compat/openbsd-compat.h" - extern int use_privsep; extern ServerOptions options; +extern int inetd_flag; -+extern int rexeced_flag; +extern Authctxt *the_authctxt; - void - platform_pre_listen(void) + /* return 1 if we are running with privilege to swap UIDs, 0 otherwise */ + int @@ -183,7 +186,9 @@ platform_setusercontext_post_groups(stru } #endif /* HAVE_SETPCRED */ #ifdef WITH_SELINUX - sshd_selinux_setup_exec_context(pw->pw_name); + sshd_selinux_setup_exec_context(pw->pw_name, -+ (inetd_flag && !rexeced_flag), do_pam_putenv, the_authctxt, ++ inetd_flag, do_pam_putenv, the_authctxt, + options.use_pam); #endif } -diff -up openssh/sshd.c.refactor openssh/sshd.c ---- openssh/sshd.c.refactor 2019-04-04 13:19:12.275822068 +0200 -+++ openssh/sshd.c 2019-04-04 13:19:51.270195262 +0200 +diff -up openssh/sshd-session.c.refactor openssh/sshd-session.c +--- openssh/sshd-session.c.refactor 2019-04-04 13:19:12.275822068 +0200 ++++ openssh/sshd-session.c 2019-04-04 13:19:51.270195262 +0200 @@ -158,7 +158,7 @@ int debug_flag = 0; - static int test_flag = 0; + int debug_flag = 0; /* Flag indicating that the daemon is being started from inetd. */ -static int inetd_flag = 0; +int inetd_flag = 0; - /* Flag indicating that sshd should not detach and become a daemon. */ - static int no_daemon_flag = 0; -@@ -171,7 +171,7 @@ static char **saved_argv; - static int saved_argc; - - /* re-exec */ --static int rexeced_flag = 0; -+int rexeced_flag = 0; - static int rexec_flag = 1; - static int rexec_argc = 0; - static char **rexec_argv; + /* debug goes to stderr unless inetd_flag is set */ + static int log_stderr = 0; @@ -2192,7 +2192,9 @@ main(int ac, char **av) } #endif #ifdef WITH_SELINUX - sshd_selinux_setup_exec_context(authctxt->pw->pw_name); + sshd_selinux_setup_exec_context(authctxt->pw->pw_name, -+ (inetd_flag && !rexeced_flag), do_pam_putenv, the_authctxt, ++ inetd_flag, do_pam_putenv, the_authctxt, + options.use_pam); #endif #ifdef USE_PAM diff --git a/openssh-7.7p1-fips.patch b/openssh-7.7p1-fips.patch index b1007b2..6a14cb3 100644 --- a/openssh-7.7p1-fips.patch +++ b/openssh-7.7p1-fips.patch @@ -72,17 +72,17 @@ diff -up openssh-8.6p1/dh.h.fips openssh-8.6p1/dh.h u_int dh_estimate(int); void dh_set_moduli_file(const char *); -diff -up openssh-8.6p1/kex.c.fips openssh-8.6p1/kex.c ---- openssh-8.6p1/kex.c.fips 2021-05-06 12:08:36.489926807 +0200 -+++ openssh-8.6p1/kex.c 2021-05-06 12:08:36.498926877 +0200 +diff -up openssh-8.6p1/kex-names.c.fips openssh-8.6p1/kex-names.c +--- openssh-8.6p1/kex-names.c.fips 2021-05-06 12:08:36.489926807 +0200 ++++ openssh-8.6p1/kex-names.c 2021-05-06 12:08:36.498926877 +0200 @@ -39,6 +39,7 @@ #ifdef WITH_OPENSSL #include +#include - #include - # ifdef HAVE_EVP_KDF_CTX_NEW - # include + #include + #endif + @@ -203,7 +203,10 @@ kex_names_valid(const char *names) for ((p = strsep(&cp, ",")); p && *p != '\0'; (p = strsep(&cp, ","))) { @@ -361,8 +361,8 @@ diff -up openssh-8.6p1/sshd.c.fips openssh-8.6p1/sshd.c #include #include @@ -77,6 +78,7 @@ - #include - #include + #ifdef WITH_OPENSSL + #include #include +#include #include "openbsd-compat/openssl-compat.h" @@ -393,7 +393,18 @@ diff -up openssh-8.6p1/sshd.c.fips openssh-8.6p1/sshd.c /* * Chdir to the root directory so that the current disk can be * unmounted if desired. -@@ -2494,10 +2501,14 @@ do_ssh2_kex(struct ssh *ssh) +diff -up openssh-8.6p1/sshd-session.c.fips openssh-8.6p1/sshd-session.c +--- a/sshd-session.c.fips 2021-05-06 12:08:36.493926838 +0200 ++++ b/sshd-session.c 2021-05-06 12:13:56.501492639 +0200 +@@ -78,6 +79,7 @@ + #include + #include + #include ++#include + #include "openbsd-compat/openssl-compat.h" + #endif + +@@ -2506,10 +2513,14 @@ do_ssh2_kex(struct ssh *ssh) if (strlen(myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS]) == 0) orig = NULL; @@ -475,11 +486,11 @@ diff -up openssh-8.6p1/sshkey.c.fips openssh-8.6p1/sshkey.c *lenp = 0; if (datalen > SSH_KEY_MAX_SIGN_DATA_SIZE) return SSH_ERR_INVALID_ARGUMENT; -+ if (FIPS_mode() && ((key->type == KEY_ED25519_SK) || (key->type == KEY_ED25519_SK_CERT))) { -+ logit_f("Ed25519 keys are not allowed in FIPS mode"); -+ return SSH_ERR_INVALID_ARGUMENT; -+ } -+ /* Fallthrough */ ++ if (FIPS_mode() && ((key->type == KEY_ED25519_SK) || (key->type == KEY_ED25519_SK_CERT))) { ++ logit_f("Ed25519 keys are not allowed in FIPS mode"); ++ return SSH_ERR_INVALID_ARGUMENT; ++ } ++ /* Fallthrough */ if ((impl = sshkey_impl_from_key(key)) == NULL) return SSH_ERR_KEY_TYPE_UNKNOWN; if ((r = sshkey_unshield_private(key)) != 0) @@ -487,10 +498,10 @@ diff -up openssh-8.6p1/sshkey.c.fips openssh-8.6p1/sshkey.c *detailsp = NULL; if (siglen == 0 || dlen > SSH_KEY_MAX_SIGN_DATA_SIZE) return SSH_ERR_INVALID_ARGUMENT; -+ if (FIPS_mode() && ((key->type == KEY_ED25519_SK) || (key->type == KEY_ED25519_SK_CERT))) { -+ logit_f("Ed25519 keys are not allowed in FIPS mode"); -+ return SSH_ERR_INVALID_ARGUMENT; -+ } ++ if (FIPS_mode() && ((key->type == KEY_ED25519_SK) || (key->type == KEY_ED25519_SK_CERT))) { ++ logit_f("Ed25519 keys are not allowed in FIPS mode"); ++ return SSH_ERR_INVALID_ARGUMENT; ++ } if ((impl = sshkey_impl_from_key(key)) == NULL) return SSH_ERR_KEY_TYPE_UNKNOWN; return impl->funcs->verify(key, sig, siglen, data, dlen, @@ -505,6 +516,14 @@ diff -up openssh-8.6p1/ssh-keygen.c.fips openssh-8.6p1/ssh-keygen.c #include #include "openbsd-compat/openssl-compat.h" #endif +@@ -69,6 +69,7 @@ + #include "cipher.h" + + #define DEFAULT_KEY_TYPE_NAME "ed25519" ++#define FIPS_DEFAULT_KEY_TYPE_NAME "rsa" + + /* + * Default number of bits in the RSA, DSA and ECDSA keys. These value can be @@ -205,6 +205,12 @@ type_bits_valid(int type, const char *na #endif } @@ -518,6 +537,15 @@ diff -up openssh-8.6p1/ssh-keygen.c.fips openssh-8.6p1/ssh-keygen.c switch (type) { case KEY_DSA: if (*bitsp != 1024) +@@ -266,7 +267,7 @@ ask_filename(struct passwd *pw, const ch + char *name = NULL; + + if (key_type_name == NULL) +- name = _PATH_SSH_CLIENT_ID_ED25519; ++ name = FIPS_mode() ? _PATH_SSH_CLIENT_ID_RSA : _PATH_SSH_CLIENT_ID_ED25519; + else { + switch (sshkey_type_from_name(key_type_name)) { + #ifdef WITH_DSA @@ -1098,9 +1104,17 @@ do_gen_all_hostkeys(struct passwd *pw) first = 1; printf("%s: generating new host keys: ", __progname); @@ -537,6 +565,15 @@ diff -up openssh-8.6p1/ssh-keygen.c.fips openssh-8.6p1/ssh-keygen.c if ((fd = mkstemp(prv_tmp)) == -1) { error("Could not save your private key in %s: %s", prv_tmp, strerror(errno)); +@@ -3830,7 +3831,7 @@ main(int argc, char **argv) + } + + if (key_type_name == NULL) +- key_type_name = DEFAULT_KEY_TYPE_NAME; ++ key_type_name = FIPS_mode() ? FIPS_DEFAULT_KEY_TYPE_NAME : DEFAULT_KEY_TYPE_NAME; + + type = sshkey_type_from_name(key_type_name); + type_bits_valid(type, key_type_name, &bits); diff -up openssh-9.3p1/ssh-rsa.c.evpgenrsa openssh-9.3p1/ssh-rsa.c --- openssh-9.3p1/ssh-rsa.c.evpgenrsa 2022-06-30 15:14:58.200518353 +0200 +++ openssh-9.3p1/ssh-rsa.c 2022-06-30 15:24:31.499641196 +0200 diff --git a/openssh-7.7p1-gssapi-new-unique.patch b/openssh-7.7p1-gssapi-new-unique.patch index 544932b..0b8ab02 100644 --- a/openssh-7.7p1-gssapi-new-unique.patch +++ b/openssh-7.7p1-gssapi-new-unique.patch @@ -368,7 +368,7 @@ diff -up openssh-8.6p1/gss-serv.c.ccache_name openssh-8.6p1/gss-serv.c + if (gssapi_client.store.envval == NULL) return; - ok = PRIVSEP(ssh_gssapi_update_creds(&gssapi_client.store)); + ok = mm_ssh_gssapi_update_creds(&gssapi_client.store); diff -up openssh-8.6p1/gss-serv-krb5.c.ccache_name openssh-8.6p1/gss-serv-krb5.c --- openssh-8.6p1/gss-serv-krb5.c.ccache_name 2021-04-19 14:05:10.852744562 +0200 +++ openssh-8.6p1/gss-serv-krb5.c 2021-04-19 14:05:10.854744577 +0200 @@ -579,9 +579,9 @@ diff -up openssh-8.6p1/session.c.ccache_name openssh-8.6p1/session.c child_set_env(&env, &envsize, "KRB5CCNAME", s->authctxt->krb5_ccname); #endif -diff -up openssh-8.6p1/sshd.c.ccache_name openssh-8.6p1/sshd.c ---- openssh-8.6p1/sshd.c.ccache_name 2021-04-19 14:05:10.849744540 +0200 -+++ openssh-8.6p1/sshd.c 2021-04-19 14:05:10.855744584 +0200 +diff -up openssh-8.6p1/sshd-session.c.ccache_name openssh-8.6p1/sshd-session.c +--- openssh-8.6p1/sshd-session.c.ccache_name 2021-04-19 14:05:10.849744540 +0200 ++++ openssh-8.6p1/sshd-session.c 2021-04-19 14:05:10.855744584 +0200 @@ -2284,7 +2284,7 @@ main(int ac, char **av) #ifdef GSSAPI if (options.gss_authentication) { @@ -607,8 +607,8 @@ diff -up openssh-8.6p1/sshd_config.5.ccache_name openssh-8.6p1/sshd_config.5 +can lead to overwriting previous tickets by subseqent connections to the same +user account. .It Cm KexAlgorithms - Specifies the available KEX (Key Exchange) algorithms. - Multiple algorithms must be comma-separated. + Specifies the permitted KEX (Key Exchange) algorithms that the server will + offer to clients. diff -up openssh-8.6p1/ssh-gss.h.ccache_name openssh-8.6p1/ssh-gss.h --- openssh-8.6p1/ssh-gss.h.ccache_name 2021-04-19 14:05:10.852744562 +0200 +++ openssh-8.6p1/ssh-gss.h 2021-04-19 14:05:10.855744584 +0200 diff --git a/openssh-7.8p1-UsePAM-warning.patch b/openssh-7.8p1-UsePAM-warning.patch index a94419e..f8d7042 100644 --- a/openssh-7.8p1-UsePAM-warning.patch +++ b/openssh-7.8p1-UsePAM-warning.patch @@ -1,13 +1,13 @@ diff -up openssh-8.6p1/sshd.c.log-usepam-no openssh-8.6p1/sshd.c ---- openssh-8.6p1/sshd.c.log-usepam-no 2021-04-19 14:00:45.099735129 +0200 -+++ openssh-8.6p1/sshd.c 2021-04-19 14:03:21.140920974 +0200 +--- openssh-8.6p1/sshd-session.c.log-usepam-no 2021-04-19 14:00:45.099735129 +0200 ++++ openssh-8.6p1/sshd-session.c 2021-04-19 14:03:21.140920974 +0200 @@ -1749,6 +1749,10 @@ main(int ac, char **av) - parse_server_config(&options, rexeced_flag ? "rexec" : config_file_name, - cfg, &includes, NULL, rexeced_flag); + "enabled authentication methods"); + } -+ /* 'UsePAM no' is not supported in Fedora */ ++ /* 'UsePAM no' is not supported in our builds */ + if (! options.use_pam) -+ logit("WARNING: 'UsePAM no' is not supported in Fedora and may cause several problems."); ++ logit("WARNING: 'UsePAM no' is not supported in this build and may cause several problems."); + #ifdef WITH_OPENSSL if (options.moduli_file != NULL) @@ -19,7 +19,7 @@ diff -up openssh-8.6p1/sshd_config.log-usepam-no openssh-8.6p1/sshd_config # If you just want the PAM account and session checks to run without # PAM authentication, then enable this but set PasswordAuthentication # and KbdInteractiveAuthentication to 'no'. -+# WARNING: 'UsePAM no' is not supported in Fedora and may cause several ++# WARNING: 'UsePAM no' is not supported in this build and may cause several +# problems. #UsePAM no diff --git a/openssh-7.8p1-role-mls.patch b/openssh-7.8p1-role-mls.patch index 347766d..7c6d0ca 100644 --- a/openssh-7.8p1-role-mls.patch +++ b/openssh-7.8p1-role-mls.patch @@ -23,20 +23,17 @@ diff -up openssh/auth2.c.role-mls openssh/auth2.c if ((style = strchr(user, ':')) != NULL) *style++ = 0; -@@ -314,8 +314,15 @@ input_userauth_request(int type, u_int32 - use_privsep ? " [net]" : ""); +@@ -314,7 +314,13 @@ input_userauth_request(int type, u_int32 + setproctitle("%s [net]", authctxt->valid ? user : "unknown"); authctxt->service = xstrdup(service); authctxt->style = style ? xstrdup(style) : NULL; -- if (use_privsep) +#ifdef WITH_SELINUX + authctxt->role = role ? xstrdup(role) : NULL; +#endif -+ if (use_privsep) { - mm_inform_authserv(service, style); + mm_inform_authserv(service, style); +#ifdef WITH_SELINUX + mm_inform_authrole(role); +#endif -+ } userauth_banner(ssh); if ((r = kex_server_update_ext_info(ssh)) != 0) fatal_fr(r, "kex_server_update_ext_info failed"); @@ -50,7 +47,7 @@ diff -up openssh/auth2-gss.c.role-mls openssh/auth2-gss.c + char *micuser; struct sshbuf *b; gss_buffer_desc mic, gssbuf; - const char *displayname; + u_char *p; @@ -298,7 +299,13 @@ input_gssapi_mic(int type, u_int32_t ple fatal_f("sshbuf_new failed"); mic.value = p; @@ -74,7 +71,7 @@ diff -up openssh/auth2-gss.c.role-mls openssh/auth2-gss.c + free(micuser); free(mic.value); - if ((!use_privsep || mm_is_monitor()) && + authctxt->postponed = 0; diff -up openssh/auth2-hostbased.c.role-mls openssh/auth2-hostbased.c --- openssh/auth2-hostbased.c.role-mls 2018-08-20 07:57:29.000000000 +0200 +++ openssh/auth2-hostbased.c 2018-08-22 11:14:56.816430924 +0200 @@ -147,7 +144,7 @@ diff -up openssh/auth-pam.h.role-mls openssh/auth-pam.h +++ openssh/auth-pam.h 2018-08-22 11:14:56.817430932 +0200 @@ -33,7 +33,7 @@ u_int do_pam_account(void); void do_pam_session(struct ssh *); - void do_pam_setcred(int ); + void do_pam_setcred(void); void do_pam_chauthtok(void); -int do_pam_putenv(char *, char *); +int do_pam_putenv(char *, const char *); @@ -418,7 +415,7 @@ diff -up openssh/openbsd-compat/port-linux.h.role-mls openssh/openbsd-compat/por diff -up openssh/openbsd-compat/port-linux-sshd.c.role-mls openssh/openbsd-compat/port-linux-sshd.c --- openssh/openbsd-compat/port-linux-sshd.c.role-mls 2018-08-22 11:14:56.819430949 +0200 +++ openssh/openbsd-compat/port-linux-sshd.c 2018-08-22 11:14:56.819430949 +0200 -@@ -0,0 +1,421 @@ +@@ -0,0 +1,420 @@ +/* + * Copyright (c) 2005 Daniel Walsh + * Copyright (c) 2014 Petr Lautrbach @@ -472,7 +469,6 @@ diff -up openssh/openbsd-compat/port-linux-sshd.c.role-mls openssh/openbsd-compa +extern ServerOptions options; +extern Authctxt *the_authctxt; +extern int inetd_flag; -+extern int rexeced_flag; + +/* Send audit message */ +static int @@ -678,7 +674,7 @@ diff -up openssh/openbsd-compat/port-linux-sshd.c.role-mls openssh/openbsd-compa + + if (r == 0) { + /* If launched from xinetd, we must use current level */ -+ if (inetd_flag && !rexeced_flag) { ++ if (inetd_flag) { + security_context_t sshdsc=NULL; + + if (getcon_raw(&sshdsc) < 0) @@ -752,7 +748,7 @@ diff -up openssh/openbsd-compat/port-linux-sshd.c.role-mls openssh/openbsd-compa + + rv = do_pam_putenv("SELINUX_ROLE_REQUESTED", role ? role : ""); + -+ if (inetd_flag && !rexeced_flag) { ++ if (inetd_flag) { + use_current = "1"; + } else { + use_current = ""; @@ -853,8 +849,8 @@ diff -up openssh/platform.c.role-mls openssh/platform.c } diff -up openssh/sshd.c.role-mls openssh/sshd.c ---- openssh/sshd.c.role-mls 2018-08-20 07:57:29.000000000 +0200 -+++ openssh/sshd.c 2018-08-22 11:14:56.820430957 +0200 +--- openssh/sshd-session.c.role-mls 2018-08-20 07:57:29.000000000 +0200 ++++ openssh/sshd-session.c 2018-08-22 11:14:56.820430957 +0200 @@ -2186,6 +2186,9 @@ main(int ac, char **av) restore_uid(); } @@ -864,4 +860,4 @@ diff -up openssh/sshd.c.role-mls openssh/sshd.c +#endif #ifdef USE_PAM if (options.use_pam) { - do_pam_setcred(1); + do_pam_setcred(); diff --git a/openssh-8.0p1-crypto-policies.patch b/openssh-8.0p1-crypto-policies.patch index 86c08db..fd1e59d 100644 --- a/openssh-8.0p1-crypto-policies.patch +++ b/openssh-8.0p1-crypto-policies.patch @@ -155,7 +155,7 @@ diff --color -ru -x regress -x autom4te.cache -x '*.o' -x '*.lo' -x Makefile -x .It Cm HostKeyAlias Specifies an alias that should be used instead of the real host name when looking up or saving the host key -@@ -1232,30 +1229,25 @@ +@@ -1330,6 +1330,11 @@ it may be zero or more of: and .Cm pam . .It Cm KexAlgorithms @@ -164,8 +164,11 @@ diff --color -ru -x regress -x autom4te.cache -x '*.o' -x '*.lo' -x Makefile -x +Information about defaults, how to modify the defaults and how to customize existing policies with sub-policies are present in manual page +.Xr update-crypto-policies 8 . +.Pp - Specifies the available KEX (Key Exchange) algorithms. - Multiple algorithms must be comma-separated. + Specifies the permitted KEX (Key Exchange) algorithms that will be used and + their preference order. + The selected algorithm will the the first algorithm in this list that +@@ -1338,28 +1343,17 @@ Multiple algorithms must be comma-separa + .Pp If the specified list begins with a .Sq + -character, then the specified algorithms will be appended to the default set @@ -181,6 +184,7 @@ diff --color -ru -x regress -x autom4te.cache -x '*.o' -x '*.lo' -x Makefile -x .Sq ^ character, then the specified algorithms will be placed at the head of the -default set. +-.Pp -The default is: -.Bd -literal -offset indent -sntrup761x25519-sha512@openssh.com, @@ -191,10 +195,11 @@ diff --color -ru -x regress -x autom4te.cache -x '*.o' -x '*.lo' -x Makefile -x -diffie-hellman-group18-sha512, -diffie-hellman-group14-sha256 -.Ed -+built-in openssh default set. .Pp - The list of available key exchange algorithms may also be obtained using ++built-in openssh default set. + The list of supported key exchange algorithms may also be obtained using .Qq ssh -Q kex . + .It Cm KnownHostsCommand @@ -1365,37 +1357,33 @@ file. This option is intended for debugging and no overrides are enabled by default. @@ -479,7 +484,7 @@ diff --color -ru -x regress -x autom4te.cache -x '*.o' -x '*.lo' -x Makefile -x The list of available signature algorithms may also be obtained using .Qq ssh -Q HostKeyAlgorithms . .It Cm IgnoreRhosts -@@ -1044,20 +1017,25 @@ +@@ -1025,6 +1025,11 @@ Specifies whether to look at .k5login fi The default is .Cm yes . .It Cm KexAlgorithms @@ -488,9 +493,12 @@ diff --color -ru -x regress -x autom4te.cache -x '*.o' -x '*.lo' -x Makefile -x +Information about defaults, how to modify the defaults and how to customize existing policies with sub-policies are present in manual page +.Xr update-crypto-policies 8 . +.Pp - Specifies the available KEX (Key Exchange) algorithms. - Multiple algorithms must be comma-separated. - Alternately if the specified list begins with a + Specifies the permitted KEX (Key Exchange) algorithms that the server will + offer to clients. + The ordering of this list is not important, as the client specifies the +@@ -1033,16 +1038,16 @@ Multiple algorithms must be comma-separa + .Pp + If the specified list begins with a .Sq + -character, then the specified algorithms will be appended to the default set -instead of replacing them. @@ -506,10 +514,10 @@ diff --color -ru -x regress -x autom4te.cache -x '*.o' -x '*.lo' -x Makefile -x character, then the specified algorithms will be placed at the head of the -default set. +built-in openssh default set. + .Pp The supported algorithms are: .Pp - .Bl -item -compact -offset indent -@@ -1089,16 +1067,6 @@ +@@ -1075,16 +1080,6 @@ ecdh-sha2-nistp521 sntrup761x25519-sha512@openssh.com .El .Pp @@ -523,7 +531,7 @@ diff --color -ru -x regress -x autom4te.cache -x '*.o' -x '*.lo' -x Makefile -x -diffie-hellman-group14-sha256 -.Ed -.Pp - The list of available key exchange algorithms may also be obtained using + The list of supported key exchange algorithms may also be obtained using .Qq ssh -Q KexAlgorithms . .It Cm ListenAddress @@ -1184,21 +1152,26 @@ diff --git a/openssh-8.0p1-gssapi-keyex.patch b/openssh-8.0p1-gssapi-keyex.patch index 3e5ccec..82b2bfe 100644 --- a/openssh-8.0p1-gssapi-keyex.patch +++ b/openssh-8.0p1-gssapi-keyex.patch @@ -1,162 +1,37 @@ -diff --git a/Makefile.in b/Makefile.in -index e7549470..b68c1710 100644 ---- a/Makefile.in -+++ b/Makefile.in -@@ -109,6 +109,7 @@ LIBSSH_OBJS=${LIBOPENSSH_OBJS} \ - kex.o kexdh.o kexgex.o kexecdh.o kexc25519.o \ - kexgexc.o kexgexs.o \ - kexsntrup761x25519.o sntrup761.o kexgen.o \ -+ kexgssc.o \ - sftp-realpath.o platform-pledge.o platform-tracing.o platform-misc.o \ - sshbuf-io.o +diff --color -ruNp a/auth2.c b/auth2.c +--- a/auth2.c 2024-08-28 12:35:01.189659493 +0200 ++++ b/auth2.c 2024-08-28 12:35:41.246432045 +0200 +@@ -71,6 +71,7 @@ extern Authmethod method_passwd; + extern Authmethod method_kbdint; + extern Authmethod method_hostbased; + #ifdef GSSAPI ++extern Authmethod method_gsskeyex; + extern Authmethod method_gssapi; + #endif -@@ -125,7 +126,7 @@ SSHDOBJS=sshd.o auth-rhosts.o auth-passwd.o \ - auth-bsdauth.o auth2-hostbased.o auth2-kbdint.o \ - auth2-none.o auth2-passwd.o auth2-pubkey.o auth2-pubkeyfile.o \ - monitor.o monitor_wrap.o auth-krb5.o \ -- auth2-gss.o gss-serv.o gss-serv-krb5.o \ -+ auth2-gss.o gss-serv.o gss-serv-krb5.o kexgsss.o \ - loginrec.o auth-pam.o auth-shadow.o auth-sia.o \ - srclimit.o sftp-server.o sftp-common.o \ - sandbox-null.o sandbox-rlimit.o sandbox-systrace.o sandbox-darwin.o \ -@@ -523,7 +523,7 @@ regress-prep: - ln -s `cd $(srcdir) && pwd`/regress/Makefile `pwd`/regress/Makefile +@@ -78,6 +79,7 @@ Authmethod *authmethods[] = { + &method_none, + &method_pubkey, + #ifdef GSSAPI ++ &method_gsskeyex, + &method_gssapi, + #endif + &method_passwd, +diff --color -ruNp a/auth2-gss.c b/auth2-gss.c +--- a/auth2-gss.c 2024-08-28 12:35:01.189659493 +0200 ++++ b/auth2-gss.c 2024-08-28 12:35:41.265432411 +0200 +@@ -51,6 +51,7 @@ + #define SSH_GSSAPI_MAX_MECHS 2048 - REGRESSLIBS=libssh.a $(LIBCOMPAT) --TESTLIBS=$(LIBS) $(CHANNELLIBS) -+TESTLIBS=$(LIBS) $(CHANNELLIBS) $(GSSLIBS) + extern ServerOptions options; ++extern struct authmethod_cfg methodcfg_gsskeyex; + extern struct authmethod_cfg methodcfg_gssapi; - regress/modpipe$(EXEEXT): $(srcdir)/regress/modpipe.c $(REGRESSLIBS) - $(CC) $(CFLAGS) $(CPPFLAGS) -o $@ $(srcdir)/regress/modpipe.c \ -diff -up a/auth.c.gsskex b/auth.c ---- a/auth.c.gsskex 2021-08-20 06:03:49.000000000 +0200 -+++ b/auth.c 2021-08-27 12:41:51.262788953 +0200 -@@ -402,7 +402,8 @@ auth_root_allowed(struct ssh *ssh, const - case PERMIT_NO_PASSWD: - if (strcmp(method, "publickey") == 0 || - strcmp(method, "hostbased") == 0 || -- strcmp(method, "gssapi-with-mic") == 0) -+ strcmp(method, "gssapi-with-mic") == 0 || -+ strcmp(method, "gssapi-keyex") == 0) - return 1; - break; - case PERMIT_FORCED_ONLY: -@@ -730,97 +731,6 @@ fakepw(void) - } - - /* -- * Returns the remote DNS hostname as a string. The returned string must not -- * be freed. NB. this will usually trigger a DNS query the first time it is -- * called. -- * This function does additional checks on the hostname to mitigate some -- * attacks on based on conflation of hostnames and IP addresses. -- */ -- --static char * --remote_hostname(struct ssh *ssh) --{ -- struct sockaddr_storage from; -- socklen_t fromlen; -- struct addrinfo hints, *ai, *aitop; -- char name[NI_MAXHOST], ntop2[NI_MAXHOST]; -- const char *ntop = ssh_remote_ipaddr(ssh); -- -- /* Get IP address of client. */ -- fromlen = sizeof(from); -- memset(&from, 0, sizeof(from)); -- if (getpeername(ssh_packet_get_connection_in(ssh), -- (struct sockaddr *)&from, &fromlen) == -1) { -- debug("getpeername failed: %.100s", strerror(errno)); -- return xstrdup(ntop); -- } -- -- ipv64_normalise_mapped(&from, &fromlen); -- if (from.ss_family == AF_INET6) -- fromlen = sizeof(struct sockaddr_in6); -- -- debug3("Trying to reverse map address %.100s.", ntop); -- /* Map the IP address to a host name. */ -- if (getnameinfo((struct sockaddr *)&from, fromlen, name, sizeof(name), -- NULL, 0, NI_NAMEREQD) != 0) { -- /* Host name not found. Use ip address. */ -- return xstrdup(ntop); -- } -- -- /* -- * if reverse lookup result looks like a numeric hostname, -- * someone is trying to trick us by PTR record like following: -- * 1.1.1.10.in-addr.arpa. IN PTR 2.3.4.5 -- */ -- memset(&hints, 0, sizeof(hints)); -- hints.ai_socktype = SOCK_DGRAM; /*dummy*/ -- hints.ai_flags = AI_NUMERICHOST; -- if (getaddrinfo(name, NULL, &hints, &ai) == 0) { -- logit("Nasty PTR record \"%s\" is set up for %s, ignoring", -- name, ntop); -- freeaddrinfo(ai); -- return xstrdup(ntop); -- } -- -- /* Names are stored in lowercase. */ -- lowercase(name); -- -- /* -- * Map it back to an IP address and check that the given -- * address actually is an address of this host. This is -- * necessary because anyone with access to a name server can -- * define arbitrary names for an IP address. Mapping from -- * name to IP address can be trusted better (but can still be -- * fooled if the intruder has access to the name server of -- * the domain). -- */ -- memset(&hints, 0, sizeof(hints)); -- hints.ai_family = from.ss_family; -- hints.ai_socktype = SOCK_STREAM; -- if (getaddrinfo(name, NULL, &hints, &aitop) != 0) { -- logit("reverse mapping checking getaddrinfo for %.700s " -- "[%s] failed.", name, ntop); -- return xstrdup(ntop); -- } -- /* Look for the address from the list of addresses. */ -- for (ai = aitop; ai; ai = ai->ai_next) { -- if (getnameinfo(ai->ai_addr, ai->ai_addrlen, ntop2, -- sizeof(ntop2), NULL, 0, NI_NUMERICHOST) == 0 && -- (strcmp(ntop, ntop2) == 0)) -- break; -- } -- freeaddrinfo(aitop); -- /* If we reached the end of the list, the address was not there. */ -- if (ai == NULL) { -- /* Address not found for the host name. */ -- logit("Address %.100s maps to %.600s, but this does not " -- "map back to the address.", ntop, name); -- return xstrdup(ntop); -- } -- return xstrdup(name); --} -- --/* - * Return the canonical name of the host in the other side of the current - * connection. The host name is cached, so it is efficient to call this - * several times. -diff --git a/auth2-gss.c b/auth2-gss.c -index 9351e042..d6446c0c 100644 ---- a/auth2-gss.c -+++ b/auth2-gss.c -@@ -1,7 +1,7 @@ - /* $OpenBSD: auth2-gss.c,v 1.34 2023/03/31 04:22:27 djm Exp $ */ - - /* -- * Copyright (c) 2001-2003 Simon Wilkinson. All rights reserved. -+ * Copyright (c) 2001-2007 Simon Wilkinson. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions -@@ -54,6 +54,48 @@ static int input_gssapi_mic(int type, u_int32_t plen, struct ssh *ssh); - static int input_gssapi_exchange_complete(int type, u_int32_t plen, struct ssh *ssh); + static int input_gssapi_token(int type, u_int32_t plen, struct ssh *ssh); +@@ -59,6 +60,48 @@ static int input_gssapi_exchange_complet static int input_gssapi_errtok(int, u_int32_t, struct ssh *); -+/* + /* + * The 'gssapi_keyex' userauth mechanism. + */ +static int @@ -187,10 +62,10 @@ index 9351e042..d6446c0c 100644 + gssbuf.length = sshbuf_len(b); + + /* gss_kex_context is NULL with privsep, so we can't check it here */ -+ if (!GSS_ERROR(PRIVSEP(ssh_gssapi_checkmic(gss_kex_context, -+ &gssbuf, &mic)))) -+ authenticated = PRIVSEP(ssh_gssapi_userok(authctxt->user, -+ authctxt->pw, 1)); ++ if (!GSS_ERROR(mm_ssh_gssapi_checkmic(gss_kex_context, ++ &gssbuf, &mic))) ++ authenticated = mm_ssh_gssapi_userok(authctxt->user, ++ authctxt->pw, 1); + + sshbuf_free(b); + free(mic.value); @@ -198,67 +73,79 @@ index 9351e042..d6446c0c 100644 + return (authenticated); +} + - /* ++/* * We only support those mechanisms that we know about (ie ones that we know * how to check local user kuserok and the like) -@@ -260,7 +302,8 @@ input_gssapi_exchange_complete(int type, u_int32_t plen, struct ssh *ssh) + */ +@@ -267,7 +310,7 @@ input_gssapi_exchange_complete(int type, if ((r = sshpkt_get_end(ssh)) != 0) fatal_fr(r, "parse packet"); -- authenticated = PRIVSEP(ssh_gssapi_userok(authctxt->user)); -+ authenticated = PRIVSEP(ssh_gssapi_userok(authctxt->user, -+ authctxt->pw, 1)); +- authenticated = mm_ssh_gssapi_userok(authctxt->user); ++ authenticated = mm_ssh_gssapi_userok(authctxt->user, authctxt->pw, 1); - if ((!use_privsep || mm_is_monitor()) && - (displayname = ssh_gssapi_displayname()) != NULL) -@@ -306,7 +349,8 @@ input_gssapi_mic(int type, u_int32_t plen, struct ssh *ssh) + authctxt->postponed = 0; + ssh_dispatch_set(ssh, SSH2_MSG_USERAUTH_GSSAPI_TOKEN, NULL); +@@ -315,7 +358,7 @@ input_gssapi_mic(int type, u_int32_t ple gssbuf.length = sshbuf_len(b); - if (!GSS_ERROR(PRIVSEP(ssh_gssapi_checkmic(gssctxt, &gssbuf, &mic)))) -- authenticated = PRIVSEP(ssh_gssapi_userok(authctxt->user)); -+ authenticated = PRIVSEP(ssh_gssapi_userok(authctxt->user, -+ authctxt->pw, 0)); + if (!GSS_ERROR(mm_ssh_gssapi_checkmic(gssctxt, &gssbuf, &mic))) +- authenticated = mm_ssh_gssapi_userok(authctxt->user); ++ authenticated = mm_ssh_gssapi_userok(authctxt->user, authctxt->pw, 0); else logit("GSSAPI MIC check failed"); -@@ -326,6 +370,13 @@ input_gssapi_mic(int type, u_int32_t plen, struct ssh *ssh) +@@ -333,6 +376,11 @@ input_gssapi_mic(int type, u_int32_t ple return 0; } +Authmethod method_gsskeyex = { -+ "gssapi-keyex", -+ NULL, ++ &methodcfg_gsskeyex, + userauth_gsskeyex, -+ &options.gss_authentication +}; + Authmethod method_gssapi = { + &methodcfg_gssapi, + userauth_gssapi, +diff --color -ruNp a/auth2-methods.c b/auth2-methods.c +--- a/auth2-methods.c 2024-07-01 06:36:28.000000000 +0200 ++++ b/auth2-methods.c 2024-08-28 12:35:41.265432411 +0200 +@@ -50,6 +50,11 @@ struct authmethod_cfg methodcfg_pubkey = + &options.pubkey_authentication + }; + #ifdef GSSAPI ++struct authmethod_cfg methodcfg_gsskeyex = { ++ "gssapi-keyex", ++ NULL, ++ &options.gss_authentication ++}; + struct authmethod_cfg methodcfg_gssapi = { "gssapi-with-mic", NULL, -diff --git a/auth2.c b/auth2.c -index 0e776224..1c217268 100644 ---- a/auth2.c -+++ b/auth2.c -@@ -73,6 +73,7 @@ extern Authmethod method_passwd; - extern Authmethod method_kbdint; - extern Authmethod method_hostbased; +@@ -76,6 +81,7 @@ static struct authmethod_cfg *authmethod + &methodcfg_none, + &methodcfg_pubkey, #ifdef GSSAPI -+extern Authmethod method_gsskeyex; - extern Authmethod method_gssapi; ++ &methodcfg_gsskeyex, + &methodcfg_gssapi, #endif - -@@ -80,6 +81,7 @@ Authmethod *authmethods[] = { - &method_none, - &method_pubkey, - #ifdef GSSAPI -+ &method_gsskeyex, - &method_gssapi, - #endif - &method_passwd, -diff --git a/canohost.c b/canohost.c -index abea9c6e..8e81b519 100644 ---- a/canohost.c -+++ b/canohost.c + &methodcfg_passwd, +diff --color -ruNp a/auth.c b/auth.c +--- a/auth.c 2024-07-01 06:36:28.000000000 +0200 ++++ b/auth.c 2024-08-28 12:35:41.245432026 +0200 +@@ -356,7 +356,8 @@ auth_root_allowed(struct ssh *ssh, const + case PERMIT_NO_PASSWD: + if (strcmp(method, "publickey") == 0 || + strcmp(method, "hostbased") == 0 || +- strcmp(method, "gssapi-with-mic") == 0) ++ strcmp(method, "gssapi-with-mic") == 0 || ++ strcmp(method, "gssapi-keyex") == 0) + return 1; + break; + case PERMIT_FORCED_ONLY: +diff --color -ruNp a/canohost.c b/canohost.c +--- a/canohost.c 2024-07-01 06:36:28.000000000 +0200 ++++ b/canohost.c 2024-08-28 12:35:41.246432045 +0200 @@ -35,6 +35,99 @@ #include "canohost.h" #include "misc.h" @@ -359,10 +246,9 @@ index abea9c6e..8e81b519 100644 void ipv64_normalise_mapped(struct sockaddr_storage *addr, socklen_t *len) { -diff --git a/canohost.h b/canohost.h -index 26d62855..0cadc9f1 100644 ---- a/canohost.h -+++ b/canohost.h +diff --color -ruNp a/canohost.h b/canohost.h +--- a/canohost.h 2024-07-01 06:36:28.000000000 +0200 ++++ b/canohost.h 2024-08-28 12:35:41.246432045 +0200 @@ -15,6 +15,9 @@ #ifndef _CANOHOST_H #define _CANOHOST_H @@ -373,11 +259,10 @@ index 26d62855..0cadc9f1 100644 char *get_peer_ipaddr(int); int get_peer_port(int); char *get_local_ipaddr(int); -diff --git a/clientloop.c b/clientloop.c -index ebd0dbca..1bdac6a4 100644 ---- a/clientloop.c -+++ b/clientloop.c -@@ -112,6 +112,10 @@ +diff --color -ruNp a/clientloop.c b/clientloop.c +--- a/clientloop.c 2024-07-01 06:36:28.000000000 +0200 ++++ b/clientloop.c 2024-08-28 12:35:41.246432045 +0200 +@@ -115,6 +115,10 @@ #include "ssherr.h" #include "hostfile.h" @@ -388,7 +273,7 @@ index ebd0dbca..1bdac6a4 100644 /* Permitted RSA signature algorithms for UpdateHostkeys proofs */ #define HOSTKEY_PROOF_RSA_ALGS "rsa-sha2-512,rsa-sha2-256" -@@ -1379,6 +1383,14 @@ client_loop(struct ssh *ssh, int have_pty, int escape_char_arg, +@@ -1590,6 +1594,14 @@ client_loop(struct ssh *ssh, int have_pt /* Do channel operations. */ channel_after_poll(ssh, pfd, npfd_active); @@ -403,11 +288,10 @@ index ebd0dbca..1bdac6a4 100644 /* Buffer input from the connection. */ if (conn_in_ready) client_process_net_input(ssh); -diff --git a/configure.ac b/configure.ac -index b689db4b..efafb6bd 100644 ---- a/configure.ac -+++ b/configure.ac -@@ -674,6 +674,30 @@ main() { if (NSVersionOfRunTimeLibrary("System") >= (60 << 16)) +diff --color -ruNp a/configure.ac b/configure.ac +--- a/configure.ac 2024-08-28 12:35:01.202659743 +0200 ++++ b/configure.ac 2024-08-28 12:35:41.247432064 +0200 +@@ -774,6 +774,30 @@ int main(void) { if (NSVersionOfRunTimeL [Use tunnel device compatibility to OpenBSD]) AC_DEFINE([SSH_TUN_PREPEND_AF], [1], [Prepend the address family to IP tunnel traffic]) @@ -438,20 +322,10 @@ index b689db4b..efafb6bd 100644 m4_pattern_allow([AU_IPv]) AC_CHECK_DECL([AU_IPv4], [], AC_DEFINE([AU_IPv4], [0], [System only supports IPv4 audit records]) -diff --git a/gss-genr.c b/gss-genr.c -index d56257b4..763a63ff 100644 ---- a/gss-genr.c -+++ b/gss-genr.c -@@ -1,7 +1,7 @@ - /* $OpenBSD: gss-genr.c,v 1.28 2021/01/27 10:05:28 djm Exp $ */ - - /* -- * Copyright (c) 2001-2007 Simon Wilkinson. All rights reserved. -+ * Copyright (c) 2001-2009 Simon Wilkinson. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions -@@ -41,9 +41,33 @@ +diff --color -ruNp a/gss-genr.c b/gss-genr.c +--- a/gss-genr.c 2024-07-01 06:36:28.000000000 +0200 ++++ b/gss-genr.c 2024-08-28 12:35:41.248432084 +0200 +@@ -42,9 +42,33 @@ #include "sshbuf.h" #include "log.h" #include "ssh2.h" @@ -485,7 +359,7 @@ index d56257b4..763a63ff 100644 /* sshbuf_get for gss_buffer_desc */ int ssh_gssapi_get_buffer_desc(struct sshbuf *b, gss_buffer_desc *g) -@@ -62,6 +86,159 @@ ssh_gssapi_get_buffer_desc(struct sshbuf *b, gss_buffer_desc *g) +@@ -60,6 +84,159 @@ ssh_gssapi_get_buffer_desc(struct sshbuf return 0; } @@ -645,7 +519,7 @@ index d56257b4..763a63ff 100644 /* Check that the OID in a data stream matches that in the context */ int ssh_gssapi_check_oid(Gssctxt *ctx, void *data, size_t len) -@@ -218,7 +398,7 @@ ssh_gssapi_init_ctx(Gssctxt *ctx, int deleg_creds, gss_buffer_desc *recv_tok, +@@ -216,7 +393,7 @@ ssh_gssapi_init_ctx(Gssctxt *ctx, int de } ctx->major = gss_init_sec_context(&ctx->minor, @@ -654,11 +528,10 @@ index d56257b4..763a63ff 100644 GSS_C_MUTUAL_FLAG | GSS_C_INTEG_FLAG | deleg_flag, 0, NULL, recv_tok, NULL, send_tok, flags, NULL); -@@ -247,9 +427,43 @@ ssh_gssapi_import_name(Gssctxt *ctx, const char *host) - return (ctx->major); +@@ -246,8 +423,42 @@ ssh_gssapi_import_name(Gssctxt *ctx, con } -+OM_uint32 + OM_uint32 +ssh_gssapi_client_identity(Gssctxt *ctx, const char *name) +{ + gss_buffer_desc gssbuf; @@ -689,7 +562,7 @@ index d56257b4..763a63ff 100644 + return(ctx->major); +} + - OM_uint32 ++OM_uint32 ssh_gssapi_sign(Gssctxt *ctx, gss_buffer_t buffer, gss_buffer_t hash) { + if (ctx == NULL) @@ -698,7 +571,7 @@ index d56257b4..763a63ff 100644 if ((ctx->major = gss_get_mic(&ctx->minor, ctx->context, GSS_C_QOP_DEFAULT, buffer, hash))) ssh_gssapi_error(ctx); -@@ -257,6 +471,19 @@ ssh_gssapi_sign(Gssctxt *ctx, gss_buffer_t buffer, gss_buffer_t hash) +@@ -255,6 +466,19 @@ ssh_gssapi_sign(Gssctxt *ctx, gss_buffer return (ctx->major); } @@ -718,7 +591,7 @@ index d56257b4..763a63ff 100644 void ssh_gssapi_buildmic(struct sshbuf *b, const char *user, const char *service, const char *context, const struct sshbuf *session_id) -@@ -273,11 +500,16 @@ ssh_gssapi_buildmic(struct sshbuf *b, const char *user, const char *service, +@@ -271,11 +495,16 @@ ssh_gssapi_buildmic(struct sshbuf *b, co } int @@ -735,8 +608,8 @@ index d56257b4..763a63ff 100644 + ctx = &intctx; /* RFC 4462 says we MUST NOT do SPNEGO */ - if (oid->length == spnego_oid.length && -@@ -287,6 +519,10 @@ ssh_gssapi_check_mechanism(Gssctxt **ctx, gss_OID oid, const char *host) + if (oid->length == spnego_oid.length && +@@ -285,6 +514,10 @@ ssh_gssapi_check_mechanism(Gssctxt **ctx ssh_gssapi_build_ctx(ctx); ssh_gssapi_set_oid(*ctx, oid); major = ssh_gssapi_import_name(*ctx, host); @@ -745,13 +618,13 @@ index d56257b4..763a63ff 100644 + major = ssh_gssapi_client_identity(*ctx, client); + if (!GSS_ERROR(major)) { - major = ssh_gssapi_init_ctx(*ctx, 0, GSS_C_NO_BUFFER, &token, + major = ssh_gssapi_init_ctx(*ctx, 0, GSS_C_NO_BUFFER, &token, NULL); -@@ -296,10 +532,66 @@ ssh_gssapi_check_mechanism(Gssctxt **ctx, gss_OID oid, const char *host) +@@ -294,10 +527,66 @@ ssh_gssapi_check_mechanism(Gssctxt **ctx GSS_C_NO_BUFFER); } -- if (GSS_ERROR(major)) +- if (GSS_ERROR(major)) + if (GSS_ERROR(major) || intctx != NULL) ssh_gssapi_delete_ctx(ctx); @@ -815,10 +688,303 @@ index d56257b4..763a63ff 100644 +} + #endif /* GSSAPI */ -diff --git a/gss-serv-krb5.c b/gss-serv-krb5.c -index a151bc1e..8d2b677f 100644 ---- a/gss-serv-krb5.c -+++ b/gss-serv-krb5.c +diff --color -ruNp a/gss-serv.c b/gss-serv.c +--- a/gss-serv.c 2024-07-01 06:36:28.000000000 +0200 ++++ b/gss-serv.c 2024-08-28 12:35:41.248432084 +0200 +@@ -1,7 +1,7 @@ + /* $OpenBSD: gss-serv.c,v 1.32 2020/03/13 03:17:07 djm Exp $ */ + + /* +- * Copyright (c) 2001-2003 Simon Wilkinson. All rights reserved. ++ * Copyright (c) 2001-2009 Simon Wilkinson. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions +@@ -44,17 +44,19 @@ + #include "session.h" + #include "misc.h" + #include "servconf.h" ++#include "uidswap.h" + + #include "ssh-gss.h" ++#include "monitor_wrap.h" + + extern ServerOptions options; + + static ssh_gssapi_client gssapi_client = +- { GSS_C_EMPTY_BUFFER, GSS_C_EMPTY_BUFFER, +- GSS_C_NO_CREDENTIAL, NULL, {NULL, NULL, NULL, NULL}}; ++ { GSS_C_EMPTY_BUFFER, GSS_C_EMPTY_BUFFER, GSS_C_NO_CREDENTIAL, ++ GSS_C_NO_NAME, NULL, {NULL, NULL, NULL, NULL, NULL}, 0, 0}; + + ssh_gssapi_mech gssapi_null_mech = +- { NULL, NULL, {0, NULL}, NULL, NULL, NULL, NULL}; ++ { NULL, NULL, {0, NULL}, NULL, NULL, NULL, NULL, NULL}; + + #ifdef KRB5 + extern ssh_gssapi_mech gssapi_kerberos_mech; +@@ -141,6 +143,29 @@ ssh_gssapi_server_ctx(Gssctxt **ctx, gss + } + + /* Unprivileged */ ++char * ++ssh_gssapi_server_mechanisms(void) { ++ if (supported_oids == NULL) ++ ssh_gssapi_prepare_supported_oids(); ++ return (ssh_gssapi_kex_mechs(supported_oids, ++ &ssh_gssapi_server_check_mech, NULL, NULL, ++ options.gss_kex_algorithms)); ++} ++ ++/* Unprivileged */ ++int ++ssh_gssapi_server_check_mech(Gssctxt **dum, gss_OID oid, const char *data, ++ const char *dummy) { ++ Gssctxt *ctx = NULL; ++ int res; ++ ++ res = !GSS_ERROR(mm_ssh_gssapi_server_ctx(&ctx, oid)); ++ ssh_gssapi_delete_ctx(&ctx); ++ ++ return (res); ++} ++ ++/* Unprivileged */ + void + ssh_gssapi_supported_oids(gss_OID_set *oidset) + { +@@ -150,7 +175,9 @@ ssh_gssapi_supported_oids(gss_OID_set *o + gss_OID_set supported; + + gss_create_empty_oid_set(&min_status, oidset); +- gss_indicate_mechs(&min_status, &supported); ++ ++ if (GSS_ERROR(gss_indicate_mechs(&min_status, &supported))) ++ return; + + while (supported_mechs[i]->name != NULL) { + if (GSS_ERROR(gss_test_oid_set_member(&min_status, +@@ -276,8 +303,48 @@ OM_uint32 + ssh_gssapi_getclient(Gssctxt *ctx, ssh_gssapi_client *client) + { + int i = 0; ++ int equal = 0; ++ gss_name_t new_name = GSS_C_NO_NAME; ++ gss_buffer_desc ename = GSS_C_EMPTY_BUFFER; ++ ++ if (options.gss_store_rekey && client->used && ctx->client_creds) { ++ if (client->mech->oid.length != ctx->oid->length || ++ (memcmp(client->mech->oid.elements, ++ ctx->oid->elements, ctx->oid->length) !=0)) { ++ debug("Rekeyed credentials have different mechanism"); ++ return GSS_S_COMPLETE; ++ } + +- gss_buffer_desc ename; ++ if ((ctx->major = gss_inquire_cred_by_mech(&ctx->minor, ++ ctx->client_creds, ctx->oid, &new_name, ++ NULL, NULL, NULL))) { ++ ssh_gssapi_error(ctx); ++ return (ctx->major); ++ } ++ ++ ctx->major = gss_compare_name(&ctx->minor, client->name, ++ new_name, &equal); ++ ++ if (GSS_ERROR(ctx->major)) { ++ ssh_gssapi_error(ctx); ++ return (ctx->major); ++ } ++ ++ if (!equal) { ++ debug("Rekeyed credentials have different name"); ++ return GSS_S_COMPLETE; ++ } ++ ++ debug("Marking rekeyed credentials for export"); ++ ++ gss_release_name(&ctx->minor, &client->name); ++ gss_release_cred(&ctx->minor, &client->creds); ++ client->name = new_name; ++ client->creds = ctx->client_creds; ++ ctx->client_creds = GSS_C_NO_CREDENTIAL; ++ client->updated = 1; ++ return GSS_S_COMPLETE; ++ } + + client->mech = NULL; + +@@ -292,6 +359,13 @@ ssh_gssapi_getclient(Gssctxt *ctx, ssh_g + if (client->mech == NULL) + return GSS_S_FAILURE; + ++ if (ctx->client_creds && ++ (ctx->major = gss_inquire_cred_by_mech(&ctx->minor, ++ ctx->client_creds, ctx->oid, &client->name, NULL, NULL, NULL))) { ++ ssh_gssapi_error(ctx); ++ return (ctx->major); ++ } ++ + if ((ctx->major = gss_display_name(&ctx->minor, ctx->client, + &client->displayname, NULL))) { + ssh_gssapi_error(ctx); +@@ -309,6 +383,8 @@ ssh_gssapi_getclient(Gssctxt *ctx, ssh_g + return (ctx->major); + } + ++ gss_release_buffer(&ctx->minor, &ename); ++ + /* We can't copy this structure, so we just move the pointer to it */ + client->creds = ctx->client_creds; + ctx->client_creds = GSS_C_NO_CREDENTIAL; +@@ -319,11 +395,20 @@ ssh_gssapi_getclient(Gssctxt *ctx, ssh_g + void + ssh_gssapi_cleanup_creds(void) + { +- if (gssapi_client.store.filename != NULL) { +- /* Unlink probably isn't sufficient */ +- debug("removing gssapi cred file\"%s\"", +- gssapi_client.store.filename); +- unlink(gssapi_client.store.filename); ++ krb5_ccache ccache = NULL; ++ krb5_error_code problem; ++ ++ if (gssapi_client.store.data != NULL) { ++ if ((problem = krb5_cc_resolve(gssapi_client.store.data, gssapi_client.store.envval, &ccache))) { ++ debug_f("krb5_cc_resolve(): %.100s", ++ krb5_get_err_text(gssapi_client.store.data, problem)); ++ } else if ((problem = krb5_cc_destroy(gssapi_client.store.data, ccache))) { ++ debug_f("krb5_cc_destroy(): %.100s", ++ krb5_get_err_text(gssapi_client.store.data, problem)); ++ } else { ++ krb5_free_context(gssapi_client.store.data); ++ gssapi_client.store.data = NULL; ++ } + } + } + +@@ -356,19 +441,23 @@ ssh_gssapi_do_child(char ***envp, u_int + + /* Privileged */ + int +-ssh_gssapi_userok(char *user) ++ssh_gssapi_userok(char *user, struct passwd *pw, int kex) + { + OM_uint32 lmin; + ++ (void) kex; /* used in privilege separation */ ++ + if (gssapi_client.exportedname.length == 0 || + gssapi_client.exportedname.value == NULL) { + debug("No suitable client data"); + return 0; + } + if (gssapi_client.mech && gssapi_client.mech->userok) +- if ((*gssapi_client.mech->userok)(&gssapi_client, user)) ++ if ((*gssapi_client.mech->userok)(&gssapi_client, user)) { ++ gssapi_client.used = 1; ++ gssapi_client.store.owner = pw; + return 1; +- else { ++ } else { + /* Destroy delegated credentials if userok fails */ + gss_release_buffer(&lmin, &gssapi_client.displayname); + gss_release_buffer(&lmin, &gssapi_client.exportedname); +@@ -382,14 +471,85 @@ ssh_gssapi_userok(char *user) + return (0); + } + +-/* Privileged */ +-OM_uint32 +-ssh_gssapi_checkmic(Gssctxt *ctx, gss_buffer_t gssbuf, gss_buffer_t gssmic) ++/* These bits are only used for rekeying. The unpriviledged child is running ++ * as the user, the monitor is root. ++ * ++ * In the child, we want to : ++ * *) Ask the monitor to store our credentials into the store we specify ++ * *) If it succeeds, maybe do a PAM update ++ */ ++ ++/* Stuff for PAM */ ++ ++#ifdef USE_PAM ++static int ssh_gssapi_simple_conv(int n, const struct pam_message **msg, ++ struct pam_response **resp, void *data) + { +- ctx->major = gss_verify_mic(&ctx->minor, ctx->context, +- gssbuf, gssmic, NULL); ++ return (PAM_CONV_ERR); ++} ++#endif + +- return (ctx->major); ++void ++ssh_gssapi_rekey_creds(void) { ++ int ok; ++#ifdef USE_PAM ++ int ret; ++ pam_handle_t *pamh = NULL; ++ struct pam_conv pamconv = {ssh_gssapi_simple_conv, NULL}; ++ char *envstr; ++#endif ++ ++ if (gssapi_client.store.filename == NULL && ++ gssapi_client.store.envval == NULL && ++ gssapi_client.store.envvar == NULL) ++ return; ++ ++ ok = mm_ssh_gssapi_update_creds(&gssapi_client.store); ++ ++ if (!ok) ++ return; ++ ++ debug("Rekeyed credentials stored successfully"); ++ ++ /* Actually managing to play with the ssh pam stack from here will ++ * be next to impossible. In any case, we may want different options ++ * for rekeying. So, use our own :) ++ */ ++#ifdef USE_PAM ++ ret = pam_start("sshd-rekey", gssapi_client.store.owner->pw_name, ++ &pamconv, &pamh); ++ if (ret) ++ return; ++ ++ xasprintf(&envstr, "%s=%s", gssapi_client.store.envvar, ++ gssapi_client.store.envval); ++ ++ ret = pam_putenv(pamh, envstr); ++ if (!ret) ++ pam_setcred(pamh, PAM_REINITIALIZE_CRED); ++ pam_end(pamh, PAM_SUCCESS); ++#endif ++} ++ ++int ++ssh_gssapi_update_creds(ssh_gssapi_ccache *store) { ++ int ok = 0; ++ ++ /* Check we've got credentials to store */ ++ if (!gssapi_client.updated) ++ return 0; ++ ++ gssapi_client.updated = 0; ++ ++ temporarily_use_uid(gssapi_client.store.owner); ++ if (gssapi_client.mech && gssapi_client.mech->updatecreds) ++ ok = (*gssapi_client.mech->updatecreds)(store, &gssapi_client); ++ else ++ debug("No update function for this mechanism"); ++ ++ restore_uid(); ++ ++ return ok; + } + + /* Privileged */ +diff --color -ruNp a/gss-serv-krb5.c b/gss-serv-krb5.c +--- a/gss-serv-krb5.c 2024-07-01 06:36:28.000000000 +0200 ++++ b/gss-serv-krb5.c 2024-08-28 12:35:41.248432084 +0200 @@ -1,7 +1,7 @@ /* $OpenBSD: gss-serv-krb5.c,v 1.9 2018/07/09 21:37:55 markus Exp $ */ @@ -828,7 +994,7 @@ index a151bc1e..8d2b677f 100644 * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions -@@ -120,7 +120,7 @@ ssh_gssapi_krb5_storecreds(ssh_gssapi_client *client) +@@ -120,7 +120,7 @@ ssh_gssapi_krb5_storecreds(ssh_gssapi_cl krb5_error_code problem; krb5_principal princ; OM_uint32 maj_status, min_status; @@ -837,7 +1003,7 @@ index a151bc1e..8d2b677f 100644 const char *errmsg; if (client->creds == NULL) { -@@ -180,11 +180,26 @@ ssh_gssapi_krb5_storecreds(ssh_gssapi_client *client) +@@ -180,11 +180,26 @@ ssh_gssapi_krb5_storecreds(ssh_gssapi_cl return; } @@ -868,7 +1034,7 @@ index a151bc1e..8d2b677f 100644 #ifdef USE_PAM if (options.use_pam) -@@ -193,9 +208,76 @@ ssh_gssapi_krb5_storecreds(ssh_gssapi_client *client) +@@ -193,9 +208,76 @@ ssh_gssapi_krb5_storecreds(ssh_gssapi_cl krb5_cc_close(krb_context, ccache); @@ -955,414 +1121,54 @@ index a151bc1e..8d2b677f 100644 }; #endif /* KRB5 */ -diff --git a/gss-serv.c b/gss-serv.c -index ab3a15f0..6ce56e92 100644 ---- a/gss-serv.c -+++ b/gss-serv.c -@@ -1,7 +1,7 @@ - /* $OpenBSD: gss-serv.c,v 1.32 2020/03/13 03:17:07 djm Exp $ */ - - /* -- * Copyright (c) 2001-2003 Simon Wilkinson. All rights reserved. -+ * Copyright (c) 2001-2009 Simon Wilkinson. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions -@@ -44,17 +44,19 @@ - #include "session.h" - #include "misc.h" - #include "servconf.h" -+#include "uidswap.h" - - #include "ssh-gss.h" -+#include "monitor_wrap.h" - - extern ServerOptions options; - - static ssh_gssapi_client gssapi_client = -- { GSS_C_EMPTY_BUFFER, GSS_C_EMPTY_BUFFER, -- GSS_C_NO_CREDENTIAL, NULL, {NULL, NULL, NULL, NULL}}; -+ { GSS_C_EMPTY_BUFFER, GSS_C_EMPTY_BUFFER, GSS_C_NO_CREDENTIAL, -+ GSS_C_NO_NAME, NULL, {NULL, NULL, NULL, NULL, NULL}, 0, 0}; - - ssh_gssapi_mech gssapi_null_mech = -- { NULL, NULL, {0, NULL}, NULL, NULL, NULL, NULL}; -+ { NULL, NULL, {0, NULL}, NULL, NULL, NULL, NULL, NULL}; - - #ifdef KRB5 - extern ssh_gssapi_mech gssapi_kerberos_mech; -@@ -140,6 +142,29 @@ ssh_gssapi_server_ctx(Gssctxt **ctx, gss_OID oid) - return (ssh_gssapi_acquire_cred(*ctx)); - } - -+/* Unprivileged */ -+char * -+ssh_gssapi_server_mechanisms(void) { -+ if (supported_oids == NULL) -+ ssh_gssapi_prepare_supported_oids(); -+ return (ssh_gssapi_kex_mechs(supported_oids, -+ &ssh_gssapi_server_check_mech, NULL, NULL, -+ options.gss_kex_algorithms)); -+} -+ -+/* Unprivileged */ -+int -+ssh_gssapi_server_check_mech(Gssctxt **dum, gss_OID oid, const char *data, -+ const char *dummy) { -+ Gssctxt *ctx = NULL; -+ int res; -+ -+ res = !GSS_ERROR(PRIVSEP(ssh_gssapi_server_ctx(&ctx, oid))); -+ ssh_gssapi_delete_ctx(&ctx); -+ -+ return (res); -+} -+ - /* Unprivileged */ - void - ssh_gssapi_supported_oids(gss_OID_set *oidset) -@@ -150,7 +175,9 @@ ssh_gssapi_supported_oids(gss_OID_set *oidset) - gss_OID_set supported; - - gss_create_empty_oid_set(&min_status, oidset); -- gss_indicate_mechs(&min_status, &supported); -+ -+ if (GSS_ERROR(gss_indicate_mechs(&min_status, &supported))) -+ return; - - while (supported_mechs[i]->name != NULL) { - if (GSS_ERROR(gss_test_oid_set_member(&min_status, -@@ -276,8 +303,48 @@ OM_uint32 - ssh_gssapi_getclient(Gssctxt *ctx, ssh_gssapi_client *client) +diff --color -ruNp a/kex.c b/kex.c +--- a/kex.c 2024-07-01 06:36:28.000000000 +0200 ++++ b/kex.c 2024-08-28 12:35:41.249432103 +0200 +@@ -303,17 +303,37 @@ static int + kex_compose_ext_info_server(struct ssh *ssh, struct sshbuf *m) { - int i = 0; -+ int equal = 0; -+ gss_name_t new_name = GSS_C_NO_NAME; -+ gss_buffer_desc ename = GSS_C_EMPTY_BUFFER; + int r; ++ int have_key = 0; ++ int ext_count = 2; + -+ if (options.gss_store_rekey && client->used && ctx->client_creds) { -+ if (client->mech->oid.length != ctx->oid->length || -+ (memcmp(client->mech->oid.elements, -+ ctx->oid->elements, ctx->oid->length) !=0)) { -+ debug("Rekeyed credentials have different mechanism"); -+ return GSS_S_COMPLETE; -+ } -+ -+ if ((ctx->major = gss_inquire_cred_by_mech(&ctx->minor, -+ ctx->client_creds, ctx->oid, &new_name, -+ NULL, NULL, NULL))) { -+ ssh_gssapi_error(ctx); -+ return (ctx->major); -+ } - -- gss_buffer_desc ename; -+ ctx->major = gss_compare_name(&ctx->minor, client->name, -+ new_name, &equal); -+ -+ if (GSS_ERROR(ctx->major)) { -+ ssh_gssapi_error(ctx); -+ return (ctx->major); -+ } -+ -+ if (!equal) { -+ debug("Rekeyed credentials have different name"); -+ return GSS_S_COMPLETE; -+ } -+ -+ debug("Marking rekeyed credentials for export"); -+ -+ gss_release_name(&ctx->minor, &client->name); -+ gss_release_cred(&ctx->minor, &client->creds); -+ client->name = new_name; -+ client->creds = ctx->client_creds; -+ ctx->client_creds = GSS_C_NO_CREDENTIAL; -+ client->updated = 1; -+ return GSS_S_COMPLETE; -+ } - - client->mech = NULL; - -@@ -292,6 +359,13 @@ ssh_gssapi_getclient(Gssctxt *ctx, ssh_gssapi_client *client) - if (client->mech == NULL) - return GSS_S_FAILURE; - -+ if (ctx->client_creds && -+ (ctx->major = gss_inquire_cred_by_mech(&ctx->minor, -+ ctx->client_creds, ctx->oid, &client->name, NULL, NULL, NULL))) { -+ ssh_gssapi_error(ctx); -+ return (ctx->major); -+ } -+ - if ((ctx->major = gss_display_name(&ctx->minor, ctx->client, - &client->displayname, NULL))) { - ssh_gssapi_error(ctx); -@@ -309,6 +383,8 @@ ssh_gssapi_getclient(Gssctxt *ctx, ssh_gssapi_client *client) - return (ctx->major); - } - -+ gss_release_buffer(&ctx->minor, &ename); -+ - /* We can't copy this structure, so we just move the pointer to it */ - client->creds = ctx->client_creds; - ctx->client_creds = GSS_C_NO_CREDENTIAL; -@@ -319,11 +395,20 @@ ssh_gssapi_getclient(Gssctxt *ctx, ssh_gssapi_client *client) - void - ssh_gssapi_cleanup_creds(void) - { -- if (gssapi_client.store.filename != NULL) { -- /* Unlink probably isn't sufficient */ -- debug("removing gssapi cred file\"%s\"", -- gssapi_client.store.filename); -- unlink(gssapi_client.store.filename); -+ krb5_ccache ccache = NULL; -+ krb5_error_code problem; -+ -+ if (gssapi_client.store.data != NULL) { -+ if ((problem = krb5_cc_resolve(gssapi_client.store.data, gssapi_client.store.envval, &ccache))) { -+ debug_f("krb5_cc_resolve(): %.100s", -+ krb5_get_err_text(gssapi_client.store.data, problem)); -+ } else if ((problem = krb5_cc_destroy(gssapi_client.store.data, ccache))) { -+ debug_f("krb5_cc_destroy(): %.100s", -+ krb5_get_err_text(gssapi_client.store.data, problem)); -+ } else { -+ krb5_free_context(gssapi_client.store.data); -+ gssapi_client.store.data = NULL; -+ } - } - } - -@@ -356,19 +441,23 @@ ssh_gssapi_do_child(char ***envp, u_int *envsizep) - - /* Privileged */ - int --ssh_gssapi_userok(char *user) -+ssh_gssapi_userok(char *user, struct passwd *pw, int kex) - { - OM_uint32 lmin; - -+ (void) kex; /* used in privilege separation */ -+ - if (gssapi_client.exportedname.length == 0 || - gssapi_client.exportedname.value == NULL) { - debug("No suitable client data"); - return 0; - } - if (gssapi_client.mech && gssapi_client.mech->userok) -- if ((*gssapi_client.mech->userok)(&gssapi_client, user)) -+ if ((*gssapi_client.mech->userok)(&gssapi_client, user)) { -+ gssapi_client.used = 1; -+ gssapi_client.store.owner = pw; - return 1; -- else { -+ } else { - /* Destroy delegated credentials if userok fails */ - gss_release_buffer(&lmin, &gssapi_client.displayname); - gss_release_buffer(&lmin, &gssapi_client.exportedname); -@@ -382,14 +471,90 @@ ssh_gssapi_userok(char *user) - return (0); - } - --/* Privileged */ --OM_uint32 --ssh_gssapi_checkmic(Gssctxt *ctx, gss_buffer_t gssbuf, gss_buffer_t gssmic) -+/* These bits are only used for rekeying. The unpriviledged child is running -+ * as the user, the monitor is root. -+ * -+ * In the child, we want to : -+ * *) Ask the monitor to store our credentials into the store we specify -+ * *) If it succeeds, maybe do a PAM update -+ */ -+ -+/* Stuff for PAM */ -+ -+#ifdef USE_PAM -+static int ssh_gssapi_simple_conv(int n, const struct pam_message **msg, -+ struct pam_response **resp, void *data) - { -- ctx->major = gss_verify_mic(&ctx->minor, ctx->context, -- gssbuf, gssmic, NULL); -+ return (PAM_CONV_ERR); -+} -+#endif - -- return (ctx->major); -+void -+ssh_gssapi_rekey_creds(void) { -+ int ok; -+#ifdef USE_PAM -+ int ret; -+ pam_handle_t *pamh = NULL; -+ struct pam_conv pamconv = {ssh_gssapi_simple_conv, NULL}; -+ char *envstr; -+#endif -+ -+ if (gssapi_client.store.filename == NULL && -+ gssapi_client.store.envval == NULL && -+ gssapi_client.store.envvar == NULL) -+ return; -+ -+ ok = PRIVSEP(ssh_gssapi_update_creds(&gssapi_client.store)); -+ -+ if (!ok) -+ return; -+ -+ debug("Rekeyed credentials stored successfully"); -+ -+ /* Actually managing to play with the ssh pam stack from here will -+ * be next to impossible. In any case, we may want different options -+ * for rekeying. So, use our own :) ++#ifdef GSSAPI ++ /* ++ * Currently GSS KEX don't provide host keys as optional message, so ++ * no reasons to announce the publickey-hostbound extension + */ -+#ifdef USE_PAM -+ if (!use_privsep) { -+ debug("Not even going to try and do PAM with privsep disabled"); -+ return; ++ if (ssh->kex->gss == NULL) ++ have_key = 1; ++#endif ++ ext_count += have_key; ++ + + if (ssh->kex->server_sig_algs == NULL && + (ssh->kex->server_sig_algs = sshkey_alg_list(0, 1, 1, ',')) == NULL) + return SSH_ERR_ALLOC_FAIL; +- if ((r = sshbuf_put_u32(m, 3)) != 0 || ++ if ((r = sshbuf_put_u32(m, ext_count)) != 0 || + (r = sshbuf_put_cstring(m, "server-sig-algs")) != 0 || +- (r = sshbuf_put_cstring(m, ssh->kex->server_sig_algs)) != 0 || +- (r = sshbuf_put_cstring(m, +- "publickey-hostbound@openssh.com")) != 0 || +- (r = sshbuf_put_cstring(m, "0")) != 0 || +- (r = sshbuf_put_cstring(m, "ping@openssh.com")) != 0 || ++ (r = sshbuf_put_cstring(m, ssh->kex->server_sig_algs)) != 0) { ++ error_fr(r, "compose"); ++ return r; + } -+ -+ ret = pam_start("sshd-rekey", gssapi_client.store.owner->pw_name, -+ &pamconv, &pamh); -+ if (ret) -+ return; -+ -+ xasprintf(&envstr, "%s=%s", gssapi_client.store.envvar, -+ gssapi_client.store.envval); -+ -+ ret = pam_putenv(pamh, envstr); -+ if (!ret) -+ pam_setcred(pamh, PAM_REINITIALIZE_CRED); -+ pam_end(pamh, PAM_SUCCESS); -+#endif -+} -+ -+int -+ssh_gssapi_update_creds(ssh_gssapi_ccache *store) { -+ int ok = 0; -+ -+ /* Check we've got credentials to store */ -+ if (!gssapi_client.updated) -+ return 0; -+ -+ gssapi_client.updated = 0; -+ -+ temporarily_use_uid(gssapi_client.store.owner); -+ if (gssapi_client.mech && gssapi_client.mech->updatecreds) -+ ok = (*gssapi_client.mech->updatecreds)(store, &gssapi_client); -+ else -+ debug("No update function for this mechanism"); -+ -+ restore_uid(); -+ -+ return ok; - } - - /* Privileged */ -diff --git a/kex.c b/kex.c -index ce85f043..574c7609 100644 ---- a/kex.c -+++ b/kex.c -@@ -57,6 +57,10 @@ - #include "digest.h" - #include "xmalloc.h" - -+#ifdef GSSAPI -+#include "ssh-gss.h" -+#endif -+ - /* prototype */ - static int kex_choose_conf(struct ssh *, uint32_t seq); - static int kex_input_newkeys(int, u_int32_t, struct ssh *); -@@ -115,15 +120,28 @@ static const struct kexalg kexalgs[] = { - #endif /* HAVE_EVP_SHA256 || !WITH_OPENSSL */ - { NULL, 0, -1, -1}, - }; -+static const struct kexalg gss_kexalgs[] = { -+#ifdef GSSAPI -+ { KEX_GSS_GEX_SHA1_ID, KEX_GSS_GEX_SHA1, 0, SSH_DIGEST_SHA1 }, -+ { KEX_GSS_GRP1_SHA1_ID, KEX_GSS_GRP1_SHA1, 0, SSH_DIGEST_SHA1 }, -+ { KEX_GSS_GRP14_SHA1_ID, KEX_GSS_GRP14_SHA1, 0, SSH_DIGEST_SHA1 }, -+ { KEX_GSS_GRP14_SHA256_ID, KEX_GSS_GRP14_SHA256, 0, SSH_DIGEST_SHA256 }, -+ { KEX_GSS_GRP16_SHA512_ID, KEX_GSS_GRP16_SHA512, 0, SSH_DIGEST_SHA512 }, -+ { KEX_GSS_NISTP256_SHA256_ID, KEX_GSS_NISTP256_SHA256, -+ NID_X9_62_prime256v1, SSH_DIGEST_SHA256 }, -+ { KEX_GSS_C25519_SHA256_ID, KEX_GSS_C25519_SHA256, 0, SSH_DIGEST_SHA256 }, -+#endif -+ { NULL, 0, -1, -1}, -+}; - --char * --kex_alg_list(char sep) -+static char * -+kex_alg_list_internal(char sep, const struct kexalg *algs) - { - char *ret = NULL, *tmp; - size_t nlen, rlen = 0; - const struct kexalg *k; - -- for (k = kexalgs; k->name != NULL; k++) { -+ for (k = algs; k->name != NULL; k++) { - if (ret != NULL) - ret[rlen++] = sep; - nlen = strlen(k->name); -@@ -138,6 +156,18 @@ kex_alg_list(char sep) - return ret; - } - -+char * -+kex_alg_list(char sep) -+{ -+ return kex_alg_list_internal(sep, kexalgs); -+} -+ -+char * -+kex_gss_alg_list(char sep) -+{ -+ return kex_alg_list_internal(sep, gss_kexalgs); -+} -+ - static const struct kexalg * - kex_alg_by_name(const char *name) - { -@@ -147,6 +177,10 @@ kex_alg_by_name(const char *name) - if (strcmp(k->name, name) == 0) - return k; - } -+ for (k = gss_kexalgs; k->name != NULL; k++) { -+ if (strncmp(k->name, name, strlen(k->name)) == 0) -+ return k; -+ } - return NULL; - } - -@@ -315,6 +349,29 @@ kex_assemble_names(char **listp, const char *def, const char *all) - return r; - } - -+/* Validate GSS KEX method name list */ -+int -+kex_gss_names_valid(const char *names) -+{ -+ char *s, *cp, *p; -+ -+ if (names == NULL || *names == '\0') -+ return 0; -+ s = cp = xstrdup(names); -+ for ((p = strsep(&cp, ",")); p && *p != '\0'; -+ (p = strsep(&cp, ","))) { -+ if (strncmp(p, "gss-", 4) != 0 -+ || kex_alg_by_name(p) == NULL) { -+ error("Unsupported KEX algorithm \"%.100s\"", p); -+ free(s); -+ return 0; ++ if (have_key) { ++ if ((r = sshbuf_put_cstring(m, "publickey-hostbound@openssh.com")) != 0 || ++ (r = sshbuf_put_cstring(m, "0")) != 0) { ++ error_fr(r, "compose"); ++ return r; + } + } -+ debug3("gss kex names ok: [%s]", names); -+ free(s); -+ return 1; -+} -+ - /* - * Fill out a proposal array with dynamically allocated values, which may - * be modified as required for compatibility reasons. -@@ -698,6 +755,9 @@ kex_free(struct kex *kex) ++ if ((r = sshbuf_put_cstring(m, "ping@openssh.com")) != 0 || + (r = sshbuf_put_cstring(m, "0")) != 0) { + error_fr(r, "compose"); + return r; +@@ -737,6 +737,9 @@ kex_free(struct kex *kex) sshbuf_free(kex->server_version); sshbuf_free(kex->client_pub); sshbuf_free(kex->session_id); @@ -1372,81 +1178,10 @@ index ce85f043..574c7609 100644 sshbuf_free(kex->initial_sig); sshkey_free(kex->initial_hostkey); free(kex->failed_choice); -diff --git a/kex.h b/kex.h -index a5ae6ac0..fe714141 100644 ---- a/kex.h -+++ b/kex.h -@@ -102,6 +102,15 @@ enum kex_exchange { - KEX_ECDH_SHA2, - KEX_C25519_SHA256, - KEX_KEM_SNTRUP761X25519_SHA512, -+#ifdef GSSAPI -+ KEX_GSS_GRP1_SHA1, -+ KEX_GSS_GRP14_SHA1, -+ KEX_GSS_GRP14_SHA256, -+ KEX_GSS_GRP16_SHA512, -+ KEX_GSS_GEX_SHA1, -+ KEX_GSS_NISTP256_SHA256, -+ KEX_GSS_C25519_SHA256, -+#endif - KEX_MAX - }; - -@@ -153,6 +162,12 @@ struct kex { - u_int flags; - int hash_alg; - int ec_nid; -+#ifdef GSSAPI -+ int gss_deleg_creds; -+ int gss_trust_dns; -+ char *gss_host; -+ char *gss_client; -+#endif - char *failed_choice; - int (*verify_host_key)(struct sshkey *, struct ssh *); - struct sshkey *(*load_host_public_key)(int, int, struct ssh *); -@@ -174,8 +189,10 @@ struct kex { - - int kex_names_valid(const char *); - char *kex_alg_list(char); -+char *kex_gss_alg_list(char); - char *kex_names_cat(const char *, const char *); - int kex_assemble_names(char **, const char *, const char *); -+int kex_gss_names_valid(const char *); - void kex_proposal_populate_entries(struct ssh *, char *prop[PROPOSAL_MAX], - const char *, const char *, const char *, const char *, const char *); - void kex_proposal_free_entries(char *prop[PROPOSAL_MAX]); -@@ -202,6 +219,12 @@ int kexgex_client(struct ssh *); - int kexgex_server(struct ssh *); - int kex_gen_client(struct ssh *); - int kex_gen_server(struct ssh *); -+#if defined(GSSAPI) && defined(WITH_OPENSSL) -+int kexgssgex_client(struct ssh *); -+int kexgssgex_server(struct ssh *); -+int kexgss_client(struct ssh *); -+int kexgss_server(struct ssh *); -+#endif - - int kex_dh_keypair(struct kex *); - int kex_dh_enc(struct kex *, const struct sshbuf *, struct sshbuf **, -@@ -234,6 +257,12 @@ int kexgex_hash(int, const struct sshbuf *, const struct sshbuf *, - const BIGNUM *, const u_char *, size_t, - u_char *, size_t *); - -+int kex_gen_hash(int hash_alg, const struct sshbuf *client_version, -+ const struct sshbuf *server_version, const struct sshbuf *client_kexinit, -+ const struct sshbuf *server_kexinit, const struct sshbuf *server_host_key_blob, -+ const struct sshbuf *client_pub, const struct sshbuf *server_pub, -+ const struct sshbuf *shared_secret, u_char *hash, size_t *hashlen); -+ - void kexc25519_keygen(u_char key[CURVE25519_SIZE], u_char pub[CURVE25519_SIZE]) - __attribute__((__bounded__(__minbytes__, 1, CURVE25519_SIZE))) - __attribute__((__bounded__(__minbytes__, 2, CURVE25519_SIZE))); -diff --git a/kexdh.c b/kexdh.c -index 67133e33..edaa4676 100644 ---- a/kexdh.c -+++ b/kexdh.c -@@ -48,13 +48,23 @@ kex_dh_keygen(struct kex *kex) +diff --color -ruNp a/kexdh.c b/kexdh.c +--- a/kexdh.c 2024-07-01 06:36:28.000000000 +0200 ++++ b/kexdh.c 2024-08-28 12:35:41.249432103 +0200 +@@ -49,13 +49,23 @@ kex_dh_keygen(struct kex *kex) { switch (kex->kex_type) { case KEX_DH_GRP1_SHA1: @@ -1470,10 +1205,9 @@ index 67133e33..edaa4676 100644 kex->dh = dh_new_group16(); break; case KEX_DH_GRP18_SHA512: -diff --git a/kexgen.c b/kexgen.c -index 69348b96..c0e8c2f4 100644 ---- a/kexgen.c -+++ b/kexgen.c +diff --color -ruNp a/kexgen.c b/kexgen.c +--- a/kexgen.c 2024-07-01 06:36:28.000000000 +0200 ++++ b/kexgen.c 2024-08-28 12:35:41.249432103 +0200 @@ -44,7 +44,7 @@ static int input_kex_gen_init(int, u_int32_t, struct ssh *); static int input_kex_gen_reply(int type, u_int32_t seq, struct ssh *ssh); @@ -1483,11 +1217,9 @@ index 69348b96..c0e8c2f4 100644 kex_gen_hash( int hash_alg, const struct sshbuf *client_version, -diff --git a/kexgssc.c b/kexgssc.c -new file mode 100644 -index 00000000..f6e1405e ---- /dev/null -+++ b/kexgssc.c +diff --color -ruNp a/kexgssc.c b/kexgssc.c +--- a/kexgssc.c 1970-01-01 01:00:00.000000000 +0100 ++++ b/kexgssc.c 2024-08-28 12:35:41.250432122 +0200 @@ -0,0 +1,612 @@ +/* + * Copyright (c) 2001-2009 Simon Wilkinson. All rights reserved. @@ -2101,11 +1833,9 @@ index 00000000..f6e1405e +} + +#endif /* defined(GSSAPI) && defined(WITH_OPENSSL) */ -diff --git a/kexgsss.c b/kexgsss.c -new file mode 100644 -index 00000000..60bc02de ---- /dev/null -+++ b/kexgsss.c +diff --color -ruNp a/kexgsss.c b/kexgsss.c +--- a/kexgsss.c 1970-01-01 01:00:00.000000000 +0100 ++++ b/kexgsss.c 2024-08-28 12:35:41.250432122 +0200 @@ -0,0 +1,482 @@ +/* + * Copyright (c) 2001-2009 Simon Wilkinson. All rights reserved. @@ -2205,7 +1935,7 @@ index 00000000..60bc02de + + debug2_f("Acquiring credentials"); + -+ if (GSS_ERROR(PRIVSEP(ssh_gssapi_server_ctx(&ctxt, oid)))) ++ if (GSS_ERROR(mm_ssh_gssapi_server_ctx(&ctxt, oid))) + fatal("Unable to acquire credentials for the server"); + + do { @@ -2282,8 +2012,8 @@ index 00000000..60bc02de + type); + } + -+ maj_status = PRIVSEP(ssh_gssapi_accept_ctx(ctxt, &recv_tok, -+ &send_tok, &ret_flags)); ++ maj_status = mm_ssh_gssapi_accept_ctx(ctxt, &recv_tok, ++ &send_tok, &ret_flags); + + gss_release_buffer(&min_status, &recv_tok); + @@ -2319,7 +2049,7 @@ index 00000000..60bc02de + if (!(ret_flags & GSS_C_INTEG_FLAG)) + fatal("Integrity flag wasn't set"); + -+ if (GSS_ERROR(PRIVSEP(ssh_gssapi_sign(ctxt, &gssbuf, &msg_tok)))) ++ if (GSS_ERROR(mm_ssh_gssapi_sign(ctxt, &gssbuf, &msg_tok))) + fatal("Couldn't get MIC"); + + if ((r = sshpkt_start(ssh, SSH2_MSG_KEXGSS_COMPLETE)) != 0 || @@ -2409,7 +2139,7 @@ index 00000000..60bc02de + + debug2_f("Acquiring credentials"); + -+ if (GSS_ERROR(PRIVSEP(ssh_gssapi_server_ctx(&ctxt, oid)))) ++ if (GSS_ERROR(mm_ssh_gssapi_server_ctx(&ctxt, oid))) + fatal("Unable to acquire credentials for the server"); + + /* 5. S generates an ephemeral key pair (do the allocations early) */ @@ -2431,7 +2161,7 @@ index 00000000..60bc02de + if (max < min || nbits < min || max < nbits) + fatal("GSS_GEX, bad parameters: %d !< %d !< %d", + min, nbits, max); -+ kex->dh = PRIVSEP(choose_dh(min, nbits, max)); ++ kex->dh = mm_choose_dh(min, nbits, max); + if (kex->dh == NULL) { + sshpkt_disconnect(ssh, "Protocol error: no matching group found"); + fatal("Protocol error: no matching group found"); @@ -2478,8 +2208,8 @@ index 00000000..60bc02de + type); + } + -+ maj_status = PRIVSEP(ssh_gssapi_accept_ctx(ctxt, &recv_tok, -+ &send_tok, &ret_flags)); ++ maj_status = mm_ssh_gssapi_accept_ctx(ctxt, &recv_tok, ++ &send_tok, &ret_flags); + + gss_release_buffer(&min_status, &recv_tok); + @@ -2544,7 +2274,7 @@ index 00000000..60bc02de + gssbuf.value = hash; + gssbuf.length = hashlen; + -+ if (GSS_ERROR(PRIVSEP(ssh_gssapi_sign(ctxt, &gssbuf, &msg_tok)))) ++ if (GSS_ERROR(mm_ssh_gssapi_sign(ctxt, &gssbuf, &msg_tok))) + fatal("Couldn't get MIC"); + + if ((r = sshpkt_start(ssh, SSH2_MSG_KEXGSS_COMPLETE)) != 0 || @@ -2589,11 +2319,211 @@ index 00000000..60bc02de + return r; +} +#endif /* defined(GSSAPI) && defined(WITH_OPENSSL) */ -diff --git a/monitor.c b/monitor.c -index 2ce89fe9..ebf76c7f 100644 ---- a/monitor.c -+++ b/monitor.c -@@ -148,6 +148,8 @@ int mm_answer_gss_setup_ctx(struct ssh *, int, struct sshbuf *); +diff --color -ruNp a/kex.h b/kex.h +--- a/kex.h 2024-07-01 06:36:28.000000000 +0200 ++++ b/kex.h 2024-08-28 12:35:41.249432103 +0200 +@@ -102,6 +102,15 @@ enum kex_exchange { + KEX_ECDH_SHA2, + KEX_C25519_SHA256, + KEX_KEM_SNTRUP761X25519_SHA512, ++#ifdef GSSAPI ++ KEX_GSS_GRP1_SHA1, ++ KEX_GSS_GRP14_SHA1, ++ KEX_GSS_GRP14_SHA256, ++ KEX_GSS_GRP16_SHA512, ++ KEX_GSS_GEX_SHA1, ++ KEX_GSS_NISTP256_SHA256, ++ KEX_GSS_C25519_SHA256, ++#endif + KEX_MAX + }; + +@@ -164,6 +173,12 @@ struct kex { + u_int flags; + int hash_alg; + int ec_nid; ++#ifdef GSSAPI ++ int gss_deleg_creds; ++ int gss_trust_dns; ++ char *gss_host; ++ char *gss_client; ++#endif + char *failed_choice; + int (*verify_host_key)(struct sshkey *, struct ssh *); + struct sshkey *(*load_host_public_key)(int, int, struct ssh *); +@@ -189,8 +204,10 @@ int kex_hash_from_name(const char *); + int kex_nid_from_name(const char *); + int kex_names_valid(const char *); + char *kex_alg_list(char); ++char *kex_gss_alg_list(char); + char *kex_names_cat(const char *, const char *); + int kex_has_any_alg(const char *, const char *); ++int kex_gss_names_valid(const char *); + int kex_assemble_names(char **, const char *, const char *); + void kex_proposal_populate_entries(struct ssh *, char *prop[PROPOSAL_MAX], + const char *, const char *, const char *, const char *, const char *); +@@ -224,6 +241,12 @@ int kexgex_client(struct ssh *); + int kexgex_server(struct ssh *); + int kex_gen_client(struct ssh *); + int kex_gen_server(struct ssh *); ++#if defined(GSSAPI) && defined(WITH_OPENSSL) ++int kexgssgex_client(struct ssh *); ++int kexgssgex_server(struct ssh *); ++int kexgss_client(struct ssh *); ++int kexgss_server(struct ssh *); ++#endif + + int kex_dh_keypair(struct kex *); + int kex_dh_enc(struct kex *, const struct sshbuf *, struct sshbuf **, +@@ -256,6 +279,12 @@ int kexgex_hash(int, const struct sshbu + const BIGNUM *, const u_char *, size_t, + u_char *, size_t *); + ++int kex_gen_hash(int hash_alg, const struct sshbuf *client_version, ++ const struct sshbuf *server_version, const struct sshbuf *client_kexinit, ++ const struct sshbuf *server_kexinit, const struct sshbuf *server_host_key_blob, ++ const struct sshbuf *client_pub, const struct sshbuf *server_pub, ++ const struct sshbuf *shared_secret, u_char *hash, size_t *hashlen); ++ + void kexc25519_keygen(u_char key[CURVE25519_SIZE], u_char pub[CURVE25519_SIZE]) + __attribute__((__bounded__(__minbytes__, 1, CURVE25519_SIZE))) + __attribute__((__bounded__(__minbytes__, 2, CURVE25519_SIZE))); +diff --color -ruNp a/kex-names.c b/kex-names.c +--- a/kex-names.c 2024-07-01 06:36:28.000000000 +0200 ++++ b/kex-names.c 2024-08-28 12:35:41.249432103 +0200 +@@ -45,6 +45,10 @@ + #include "ssherr.h" + #include "xmalloc.h" + ++#ifdef GSSAPI ++#include "ssh-gss.h" ++#endif ++ + struct kexalg { + char *name; + u_int type; +@@ -83,15 +87,28 @@ static const struct kexalg kexalgs[] = { + #endif /* HAVE_EVP_SHA256 || !WITH_OPENSSL */ + { NULL, 0, -1, -1}, + }; ++static const struct kexalg gss_kexalgs[] = { ++#ifdef GSSAPI ++ { KEX_GSS_GEX_SHA1_ID, KEX_GSS_GEX_SHA1, 0, SSH_DIGEST_SHA1 }, ++ { KEX_GSS_GRP1_SHA1_ID, KEX_GSS_GRP1_SHA1, 0, SSH_DIGEST_SHA1 }, ++ { KEX_GSS_GRP14_SHA1_ID, KEX_GSS_GRP14_SHA1, 0, SSH_DIGEST_SHA1 }, ++ { KEX_GSS_GRP14_SHA256_ID, KEX_GSS_GRP14_SHA256, 0, SSH_DIGEST_SHA256 }, ++ { KEX_GSS_GRP16_SHA512_ID, KEX_GSS_GRP16_SHA512, 0, SSH_DIGEST_SHA512 }, ++ { KEX_GSS_NISTP256_SHA256_ID, KEX_GSS_NISTP256_SHA256, ++ NID_X9_62_prime256v1, SSH_DIGEST_SHA256 }, ++ { KEX_GSS_C25519_SHA256_ID, KEX_GSS_C25519_SHA256, 0, SSH_DIGEST_SHA256 }, ++#endif ++ { NULL, 0, -1, -1}, ++}; + +-char * +-kex_alg_list(char sep) ++static char * ++kex_alg_list_internal(char sep, const struct kexalg *algs) + { + char *ret = NULL, *tmp; + size_t nlen, rlen = 0; + const struct kexalg *k; + +- for (k = kexalgs; k->name != NULL; k++) { ++ for (k = algs; k->name != NULL; k++) { + if (ret != NULL) + ret[rlen++] = sep; + nlen = strlen(k->name); +@@ -106,6 +123,18 @@ kex_alg_list(char sep) + return ret; + } + ++char * ++kex_alg_list(char sep) ++{ ++ return kex_alg_list_internal(sep, kexalgs); ++} ++ ++char * ++kex_gss_alg_list(char sep) ++{ ++ return kex_alg_list_internal(sep, gss_kexalgs); ++} ++ + static const struct kexalg * + kex_alg_by_name(const char *name) + { +@@ -115,6 +144,10 @@ kex_alg_by_name(const char *name) + if (strcmp(k->name, name) == 0) + return k; + } ++ for (k = gss_kexalgs; k->name != NULL; k++) { ++ if (strncmp(k->name, name, strlen(k->name)) == 0) ++ return k; ++ } + return NULL; + } + +@@ -328,3 +361,26 @@ kex_assemble_names(char **listp, const c + free(ret); + return r; + } ++ ++/* Validate GSS KEX method name list */ ++int ++kex_gss_names_valid(const char *names) ++{ ++ char *s, *cp, *p; ++ ++ if (names == NULL || *names == '\0') ++ return 0; ++ s = cp = xstrdup(names); ++ for ((p = strsep(&cp, ",")); p && *p != '\0'; ++ (p = strsep(&cp, ","))) { ++ if (strncmp(p, "gss-", 4) != 0 ++ || kex_alg_by_name(p) == NULL) { ++ error("Unsupported KEX algorithm \"%.100s\"", p); ++ free(s); ++ return 0; ++ } ++ } ++ debug3("gss kex names ok: [%s]", names); ++ free(s); ++ return 1; ++} +diff --color -ruNp a/Makefile.in b/Makefile.in +--- a/Makefile.in 2024-08-28 12:35:01.200659705 +0200 ++++ b/Makefile.in 2024-08-28 12:35:41.244432006 +0200 +@@ -114,6 +114,7 @@ LIBSSH_OBJS=${LIBOPENSSH_OBJS} \ + kex.o kex-names.o kexdh.o kexgex.o kexecdh.o kexc25519.o \ + kexgexc.o kexgexs.o \ + kexsntrup761x25519.o sntrup761.o kexgen.o \ ++ kexgssc.o \ + sftp-realpath.o platform-pledge.o platform-tracing.o platform-misc.o \ + sshbuf-io.o + +@@ -135,7 +136,7 @@ SSHD_SESSION_OBJS=sshd-session.o auth-rh + auth2-chall.o groupaccess.o \ + auth-bsdauth.o auth2-hostbased.o auth2-kbdint.o \ + auth2-none.o auth2-passwd.o auth2-pubkey.o auth2-pubkeyfile.o \ +- monitor.o monitor_wrap.o auth-krb5.o \ ++ monitor.o monitor_wrap.o auth-krb5.o kexgsss.o \ + auth2-gss.o gss-serv.o gss-serv-krb5.o \ + loginrec.o auth-pam.o auth-shadow.o auth-sia.o \ + sftp-server.o sftp-common.o \ +@@ -529,7 +530,7 @@ regress-prep: + ln -s `cd $(srcdir) && pwd`/regress/Makefile `pwd`/regress/Makefile + + REGRESSLIBS=libssh.a $(LIBCOMPAT) +-TESTLIBS=$(LIBS) $(CHANNELLIBS) ++TESTLIBS=$(LIBS) $(CHANNELLIBS) $(GSSLIBS) + + regress/modpipe$(EXEEXT): $(srcdir)/regress/modpipe.c $(REGRESSLIBS) + $(CC) $(CFLAGS) $(CPPFLAGS) -o $@ $(srcdir)/regress/modpipe.c \ +diff --color -ruNp a/monitor.c b/monitor.c +--- a/monitor.c 2024-08-28 12:35:01.192659551 +0200 ++++ b/monitor.c 2024-08-28 12:35:41.251432142 +0200 +@@ -143,6 +143,8 @@ int mm_answer_gss_setup_ctx(struct ssh * int mm_answer_gss_accept_ctx(struct ssh *, int, struct sshbuf *); int mm_answer_gss_userok(struct ssh *, int, struct sshbuf *); int mm_answer_gss_checkmic(struct ssh *, int, struct sshbuf *); @@ -2602,7 +2532,7 @@ index 2ce89fe9..ebf76c7f 100644 #endif #ifdef SSH_AUDIT_EVENTS -@@ -220,11 +222,18 @@ struct mon_table mon_dispatch_proto20[] = { +@@ -219,11 +221,18 @@ struct mon_table mon_dispatch_proto20[] {MONITOR_REQ_GSSSTEP, 0, mm_answer_gss_accept_ctx}, {MONITOR_REQ_GSSUSEROK, MON_ONCE|MON_AUTHDECIDE, mm_answer_gss_userok}, {MONITOR_REQ_GSSCHECKMIC, MON_ONCE, mm_answer_gss_checkmic}, @@ -2621,7 +2551,7 @@ index 2ce89fe9..ebf76c7f 100644 #ifdef WITH_OPENSSL {MONITOR_REQ_MODULI, 0, mm_answer_moduli}, #endif -@@ -293,6 +302,10 @@ monitor_child_preauth(struct ssh *ssh, struct monitor *pmonitor) +@@ -292,6 +301,10 @@ monitor_child_preauth(struct ssh *ssh, s /* Permit requests for moduli and signatures */ monitor_permit(mon_dispatch, MONITOR_REQ_MODULI, 1); monitor_permit(mon_dispatch, MONITOR_REQ_SIGN, 1); @@ -2632,7 +2562,7 @@ index 2ce89fe9..ebf76c7f 100644 /* The first few requests do not require asynchronous access */ while (!authenticated) { -@@ -376,8 +376,15 @@ monitor_child_preauth(struct ssh *ssh, s +@@ -344,8 +357,15 @@ monitor_child_preauth(struct ssh *ssh, s if (ent->flags & (MON_AUTHDECIDE|MON_ALOG)) { auth_log(ssh, authenticated, partial, auth_method, auth_submethod); @@ -2649,7 +2579,7 @@ index 2ce89fe9..ebf76c7f 100644 if (authenticated || partial) { auth2_update_session_info(authctxt, auth_method, auth_submethod); -@@ -406,6 +419,10 @@ monitor_child_postauth(struct ssh *ssh, struct monitor *pmonitor) +@@ -413,6 +433,10 @@ monitor_child_postauth(struct ssh *ssh, monitor_permit(mon_dispatch, MONITOR_REQ_MODULI, 1); monitor_permit(mon_dispatch, MONITOR_REQ_SIGN, 1); monitor_permit(mon_dispatch, MONITOR_REQ_TERM, 1); @@ -2660,7 +2590,7 @@ index 2ce89fe9..ebf76c7f 100644 if (auth_opts->permit_pty_flag) { monitor_permit(mon_dispatch, MONITOR_REQ_PTY, 1); -@@ -1713,6 +1730,17 @@ monitor_apply_keystate(struct ssh *ssh, struct monitor *pmonitor) +@@ -1793,6 +1817,17 @@ monitor_apply_keystate(struct ssh *ssh, # ifdef OPENSSL_HAS_ECC kex->kex[KEX_ECDH_SHA2] = kex_gen_server; # endif @@ -2678,7 +2608,7 @@ index 2ce89fe9..ebf76c7f 100644 #endif /* WITH_OPENSSL */ kex->kex[KEX_C25519_SHA256] = kex_gen_server; kex->kex[KEX_KEM_SNTRUP761X25519_SHA512] = kex_gen_server; -@@ -1806,8 +1834,8 @@ mm_answer_gss_setup_ctx(struct ssh *ssh, int sock, struct sshbuf *m) +@@ -1885,8 +1920,8 @@ mm_answer_gss_setup_ctx(struct ssh *ssh, u_char *p; int r; @@ -2689,7 +2619,7 @@ index 2ce89fe9..ebf76c7f 100644 if ((r = sshbuf_get_string(m, &p, &len)) != 0) fatal_fr(r, "parse"); -@@ -1839,8 +1867,8 @@ mm_answer_gss_accept_ctx(struct ssh *ssh, int sock, struct sshbuf *m) +@@ -1918,8 +1953,8 @@ mm_answer_gss_accept_ctx(struct ssh *ssh OM_uint32 flags = 0; /* GSI needs this */ int r; @@ -2700,7 +2630,7 @@ index 2ce89fe9..ebf76c7f 100644 if ((r = ssh_gssapi_get_buffer_desc(m, &in)) != 0) fatal_fr(r, "ssh_gssapi_get_buffer_desc"); -@@ -1860,6 +1888,7 @@ mm_answer_gss_accept_ctx(struct ssh *ssh, int sock, struct sshbuf *m) +@@ -1939,6 +1974,7 @@ mm_answer_gss_accept_ctx(struct ssh *ssh monitor_permit(mon_dispatch, MONITOR_REQ_GSSSTEP, 0); monitor_permit(mon_dispatch, MONITOR_REQ_GSSUSEROK, 1); monitor_permit(mon_dispatch, MONITOR_REQ_GSSCHECKMIC, 1); @@ -2708,7 +2638,7 @@ index 2ce89fe9..ebf76c7f 100644 } return (0); } -@@ -1871,8 +1900,8 @@ mm_answer_gss_checkmic(struct ssh *ssh, int sock, struct sshbuf *m) +@@ -1950,8 +1986,8 @@ mm_answer_gss_checkmic(struct ssh *ssh, OM_uint32 ret; int r; @@ -2719,7 +2649,7 @@ index 2ce89fe9..ebf76c7f 100644 if ((r = ssh_gssapi_get_buffer_desc(m, &gssbuf)) != 0 || (r = ssh_gssapi_get_buffer_desc(m, &mic)) != 0) -@@ -1898,13 +1927,17 @@ mm_answer_gss_checkmic(struct ssh *ssh, int sock, struct sshbuf *m) +@@ -1977,13 +2013,17 @@ mm_answer_gss_checkmic(struct ssh *ssh, int mm_answer_gss_userok(struct ssh *ssh, int sock, struct sshbuf *m) { @@ -2741,7 +2671,7 @@ index 2ce89fe9..ebf76c7f 100644 sshbuf_reset(m); if ((r = sshbuf_put_u32(m, authenticated)) != 0) -@@ -1913,7 +1946,11 @@ mm_answer_gss_userok(struct ssh *ssh, int sock, struct sshbuf *m) +@@ -1992,7 +2032,11 @@ mm_answer_gss_userok(struct ssh *ssh, in debug3_f("sending result %d", authenticated); mm_request_send(sock, MONITOR_ANS_GSSUSEROK, m); @@ -2754,7 +2684,7 @@ index 2ce89fe9..ebf76c7f 100644 if ((displayname = ssh_gssapi_displayname()) != NULL) auth2_record_info(authctxt, "%s", displayname); -@@ -1921,5 +1958,84 @@ mm_answer_gss_userok(struct ssh *ssh, int sock, struct sshbuf *m) +@@ -2000,5 +2044,84 @@ mm_answer_gss_userok(struct ssh *ssh, in /* Monitor loop will terminate if authenticated */ return (authenticated); } @@ -2839,11 +2769,10 @@ index 2ce89fe9..ebf76c7f 100644 + #endif /* GSSAPI */ -diff --git a/monitor.h b/monitor.h -index 683e5e07..2b1a2d59 100644 ---- a/monitor.h -+++ b/monitor.h -@@ -63,6 +63,8 @@ enum monitor_reqtype { +diff --color -ruNp a/monitor.h b/monitor.h +--- a/monitor.h 2024-08-28 12:35:01.192659551 +0200 ++++ b/monitor.h 2024-08-28 12:35:41.251432142 +0200 +@@ -67,6 +67,8 @@ enum monitor_reqtype { MONITOR_REQ_PAM_FREE_CTX = 110, MONITOR_ANS_PAM_FREE_CTX = 111, MONITOR_REQ_AUDIT_EVENT = 112, MONITOR_REQ_AUDIT_COMMAND = 113, @@ -2852,11 +2781,10 @@ index 683e5e07..2b1a2d59 100644 }; struct ssh; -diff --git a/monitor_wrap.c b/monitor_wrap.c -index 001a8fa1..6edb509a 100644 ---- a/monitor_wrap.c -+++ b/monitor_wrap.c -@@ -993,13 +993,15 @@ mm_ssh_gssapi_checkmic(Gssctxt *ctx, gss_buffer_t gssbuf, gss_buffer_t gssmic) +diff --color -ruNp a/monitor_wrap.c b/monitor_wrap.c +--- a/monitor_wrap.c 2024-08-28 12:35:01.192659551 +0200 ++++ b/monitor_wrap.c 2024-08-28 12:35:41.251432142 +0200 +@@ -1075,13 +1075,15 @@ mm_ssh_gssapi_checkmic(Gssctxt *ctx, gss } int @@ -2873,7 +2801,7 @@ index 001a8fa1..6edb509a 100644 mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_GSSUSEROK, m); mm_request_receive_expect(pmonitor->m_recvfd, -@@ -1012,4 +1014,57 @@ mm_ssh_gssapi_userok(char *user) +@@ -1094,6 +1096,59 @@ mm_ssh_gssapi_userok(char *user) debug3_f("user %sauthenticated", authenticated ? "" : "not "); return (authenticated); } @@ -2931,11 +2859,12 @@ index 001a8fa1..6edb509a 100644 +} + #endif /* GSSAPI */ -diff --git a/monitor_wrap.h b/monitor_wrap.h -index 23ab096a..485590c1 100644 ---- a/monitor_wrap.h -+++ b/monitor_wrap.h -@@ -64,8 +64,10 @@ int mm_sshkey_verify(const struct sshkey *, const u_char *, size_t, + + /* +diff --color -ruNp a/monitor_wrap.h b/monitor_wrap.h +--- a/monitor_wrap.h 2024-08-28 12:35:01.193659570 +0200 ++++ b/monitor_wrap.h 2024-08-28 12:35:41.251432142 +0200 +@@ -67,8 +67,10 @@ void mm_decode_activate_server_options(s OM_uint32 mm_ssh_gssapi_server_ctx(Gssctxt **, gss_OID); OM_uint32 mm_ssh_gssapi_accept_ctx(Gssctxt *, gss_buffer_desc *, gss_buffer_desc *, OM_uint32 *); @@ -2947,10 +2876,54 @@ index 23ab096a..485590c1 100644 #endif #ifdef USE_PAM -diff -up a/readconf.c.gsskex b/readconf.c ---- a/readconf.c.gsskex 2021-08-20 06:03:49.000000000 +0200 -+++ b/readconf.c 2021-08-27 12:25:42.556421509 +0200 -@@ -67,6 +67,7 @@ +diff --color -ruNp a/packet.c b/packet.c +--- a/packet.c 2024-07-01 06:36:28.000000000 +0200 ++++ b/packet.c 2024-08-28 12:35:41.260432315 +0200 +@@ -1517,6 +1517,29 @@ ssh_packet_read(struct ssh *ssh) + return type; + } + ++/* ++ * Waits until a packet has been received, verifies that its type matches ++ * that given, and gives a fatal error and exits if there is a mismatch. ++ */ ++ ++int ++ssh_packet_read_expect(struct ssh *ssh, u_int expected_type) ++{ ++ int r; ++ u_char type; ++ ++ if ((r = ssh_packet_read_seqnr(ssh, &type, NULL)) != 0) ++ return r; ++ if (type != expected_type) { ++ if ((r = sshpkt_disconnect(ssh, ++ "Protocol error: expected packet type %d, got %d", ++ expected_type, type)) != 0) ++ return r; ++ return SSH_ERR_PROTOCOL_ERROR; ++ } ++ return 0; ++} ++ + static int + ssh_packet_read_poll2_mux(struct ssh *ssh, u_char *typep, u_int32_t *seqnr_p) + { +diff --color -ruNp a/packet.h b/packet.h +--- a/packet.h 2024-07-01 06:36:28.000000000 +0200 ++++ b/packet.h 2024-08-28 12:35:41.260432315 +0200 +@@ -124,6 +124,7 @@ int ssh_packet_send2_wrapped(struct ssh + int ssh_packet_send2(struct ssh *); + + int ssh_packet_read(struct ssh *); ++int ssh_packet_read_expect(struct ssh *, u_int type); + int ssh_packet_read_poll2(struct ssh *, u_char *, u_int32_t *seqnr_p); + int ssh_packet_process_incoming(struct ssh *, const char *buf, u_int len); + int ssh_packet_process_read(struct ssh *, int); +diff --color -ruNp a/readconf.c b/readconf.c +--- a/readconf.c 2024-07-01 06:36:28.000000000 +0200 ++++ b/readconf.c 2024-08-28 12:35:41.253432180 +0200 +@@ -70,6 +70,7 @@ #include "uidswap.h" #include "myproposal.h" #include "digest.h" @@ -2958,7 +2931,7 @@ diff -up a/readconf.c.gsskex b/readconf.c /* Format of the configuration file: -@@ -161,6 +162,8 @@ typedef enum { +@@ -164,6 +165,8 @@ typedef enum { oClearAllForwardings, oNoHostAuthenticationForLocalhost, oEnableSSHKeysign, oRekeyLimit, oVerifyHostKeyDNS, oConnectTimeout, oAddressFamily, oGssAuthentication, oGssDelegateCreds, @@ -2967,7 +2940,7 @@ diff -up a/readconf.c.gsskex b/readconf.c oServerAliveInterval, oServerAliveCountMax, oIdentitiesOnly, oSendEnv, oSetEnv, oControlPath, oControlMaster, oControlPersist, oHashKnownHosts, -@@ -206,10 +209,22 @@ static struct { +@@ -210,10 +213,22 @@ static struct { /* Sometimes-unsupported options */ #if defined(GSSAPI) { "gssapiauthentication", oGssAuthentication }, @@ -2990,7 +2963,7 @@ diff -up a/readconf.c.gsskex b/readconf.c #endif #ifdef ENABLE_PKCS11 { "pkcs11provider", oPKCS11Provider }, -@@ -1113,10 +1128,42 @@ parse_time: +@@ -1227,10 +1242,42 @@ parse_time: intptr = &options->gss_authentication; goto parse_flag; @@ -3033,7 +3006,7 @@ diff -up a/readconf.c.gsskex b/readconf.c case oBatchMode: intptr = &options->batch_mode; goto parse_flag; -@@ -2306,7 +2353,13 @@ initialize_options(Options * options) +@@ -2542,7 +2589,13 @@ initialize_options(Options * options) options->fwd_opts.streamlocal_bind_unlink = -1; options->pubkey_authentication = -1; options->gss_authentication = -1; @@ -3047,7 +3020,7 @@ diff -up a/readconf.c.gsskex b/readconf.c options->password_authentication = -1; options->kbd_interactive_authentication = -1; options->kbd_interactive_devices = NULL; -@@ -2463,8 +2516,18 @@ fill_default_options(Options * options) +@@ -2705,8 +2758,18 @@ fill_default_options(Options * options) options->pubkey_authentication = SSH_PUBKEY_AUTH_ALL; if (options->gss_authentication == -1) options->gss_authentication = 0; @@ -3066,7 +3039,7 @@ diff -up a/readconf.c.gsskex b/readconf.c if (options->password_authentication == -1) options->password_authentication = 1; if (options->kbd_interactive_authentication == -1) -@@ -3246,7 +3309,14 @@ dump_client_config(Options *o, const cha +@@ -3533,7 +3596,14 @@ dump_client_config(Options *o, const cha dump_cfg_fmtint(oGatewayPorts, o->fwd_opts.gateway_ports); #ifdef GSSAPI dump_cfg_fmtint(oGssAuthentication, o->gss_authentication); @@ -3081,10 +3054,10 @@ diff -up a/readconf.c.gsskex b/readconf.c #endif /* GSSAPI */ dump_cfg_fmtint(oHashKnownHosts, o->hash_known_hosts); dump_cfg_fmtint(oHostbasedAuthentication, o->hostbased_authentication); -diff -up a/readconf.h.gsskex b/readconf.h ---- a/readconf.h.gsskex 2021-08-27 12:05:29.248142431 +0200 -+++ b/readconf.h 2021-08-27 12:22:19.270679852 +0200 -@@ -39,7 +39,13 @@ typedef struct { +diff --color -ruNp a/readconf.h b/readconf.h +--- a/readconf.h 2024-07-01 06:36:28.000000000 +0200 ++++ b/readconf.h 2024-08-28 12:35:41.254432199 +0200 +@@ -40,7 +40,13 @@ typedef struct { int pubkey_authentication; /* Try ssh2 pubkey authentication. */ int hostbased_authentication; /* ssh2's rhosts_rsa */ int gss_authentication; /* Try GSS authentication */ @@ -3098,18 +3071,18 @@ diff -up a/readconf.h.gsskex b/readconf.h int password_authentication; /* Try password * authentication. */ int kbd_interactive_authentication; /* Try keyboard-interactive auth. */ -diff -up a/servconf.c.gsskex b/servconf.c ---- a/servconf.c.gsskex 2021-08-20 06:03:49.000000000 +0200 -+++ b/servconf.c 2021-08-27 12:28:15.887735189 +0200 -@@ -70,6 +70,7 @@ +diff --color -ruNp a/servconf.c b/servconf.c +--- a/servconf.c 2024-07-01 06:36:28.000000000 +0200 ++++ b/servconf.c 2024-08-28 12:35:41.255432218 +0200 +@@ -68,6 +68,7 @@ #include "auth.h" #include "myproposal.h" #include "digest.h" +#include "ssh-gss.h" - static void add_listen_addr(ServerOptions *, const char *, - const char *, int); -@@ -136,8 +137,11 @@ initialize_server_options(ServerOptions + #if !defined(SSHD_PAM_SERVICE) + # define SSHD_PAM_SERVICE "sshd" +@@ -137,8 +138,11 @@ initialize_server_options(ServerOptions options->kerberos_ticket_cleanup = -1; options->kerberos_get_afs_token = -1; options->gss_authentication=-1; @@ -3121,7 +3094,7 @@ diff -up a/servconf.c.gsskex b/servconf.c options->password_authentication = -1; options->kbd_interactive_authentication = -1; options->permit_empty_passwd = -1; -@@ -356,10 +360,18 @@ fill_default_server_options(ServerOption +@@ -376,10 +380,18 @@ fill_default_server_options(ServerOption options->kerberos_get_afs_token = 0; if (options->gss_authentication == -1) options->gss_authentication = 0; @@ -3140,15 +3113,15 @@ diff -up a/servconf.c.gsskex b/servconf.c if (options->password_authentication == -1) options->password_authentication = 1; if (options->kbd_interactive_authentication == -1) -@@ -506,6 +518,7 @@ typedef enum { - sHostKeyAlgorithms, sPerSourceMaxStartups, sPerSourceNetBlockSize, +@@ -558,6 +570,7 @@ typedef enum { + sPerSourcePenalties, sPerSourcePenaltyExemptList, sClientAliveInterval, sClientAliveCountMax, sAuthorizedKeysFile, sGssAuthentication, sGssCleanupCreds, sGssStrictAcceptor, + sGssKeyEx, sGssKexAlgorithms, sGssStoreRekey, sAcceptEnv, sSetEnv, sPermitTunnel, sMatch, sPermitOpen, sPermitListen, sForceCommand, sChrootDirectory, sUsePrivilegeSeparation, sAllowAgentForwarding, -@@ -587,12 +600,22 @@ static struct { +@@ -643,12 +656,22 @@ static struct { #ifdef GSSAPI { "gssapiauthentication", sGssAuthentication, SSHCFG_ALL }, { "gssapicleanupcredentials", sGssCleanupCreds, SSHCFG_GLOBAL }, @@ -3171,7 +3144,7 @@ diff -up a/servconf.c.gsskex b/servconf.c { "passwordauthentication", sPasswordAuthentication, SSHCFG_ALL }, { "kbdinteractiveauthentication", sKbdInteractiveAuthentication, SSHCFG_ALL }, { "challengeresponseauthentication", sKbdInteractiveAuthentication, SSHCFG_ALL }, /* alias */ -@@ -1576,6 +1599,10 @@ process_server_config_line_depth(ServerO +@@ -1585,6 +1608,10 @@ process_server_config_line_depth(ServerO intptr = &options->gss_authentication; goto parse_flag; @@ -3182,7 +3155,7 @@ diff -up a/servconf.c.gsskex b/servconf.c case sGssCleanupCreds: intptr = &options->gss_cleanup_creds; goto parse_flag; -@@ -1584,6 +1611,22 @@ process_server_config_line_depth(ServerO +@@ -1593,6 +1620,22 @@ process_server_config_line_depth(ServerO intptr = &options->gss_strict_acceptor; goto parse_flag; @@ -3205,7 +3178,7 @@ diff -up a/servconf.c.gsskex b/servconf.c case sPasswordAuthentication: intptr = &options->password_authentication; goto parse_flag; -@@ -2892,6 +2935,10 @@ dump_config(ServerOptions *o) +@@ -3178,6 +3221,10 @@ dump_config(ServerOptions *o) #ifdef GSSAPI dump_cfg_fmtint(sGssAuthentication, o->gss_authentication); dump_cfg_fmtint(sGssCleanupCreds, o->gss_cleanup_creds); @@ -3216,11 +3189,10 @@ diff -up a/servconf.c.gsskex b/servconf.c #endif dump_cfg_fmtint(sPasswordAuthentication, o->password_authentication); dump_cfg_fmtint(sKbdInteractiveAuthentication, -diff --git a/servconf.h b/servconf.h -index 4202a2d0..3f47ea25 100644 ---- a/servconf.h -+++ b/servconf.h -@@ -132,8 +132,11 @@ typedef struct { +diff --color -ruNp a/servconf.h b/servconf.h +--- a/servconf.h 2024-07-01 06:36:28.000000000 +0200 ++++ b/servconf.h 2024-08-28 12:35:41.255432218 +0200 +@@ -149,8 +149,11 @@ typedef struct { int kerberos_get_afs_token; /* If true, try to get AFS token if * authenticated with Kerberos. */ int gss_authentication; /* If true, permit GSSAPI authentication */ @@ -3232,11 +3204,10 @@ index 4202a2d0..3f47ea25 100644 int password_authentication; /* If true, permit password * authentication. */ int kbd_interactive_authentication; /* If true, permit */ -diff --git a/session.c b/session.c -index 8c0e54f7..06a33442 100644 ---- a/session.c -+++ b/session.c -@@ -2678,13 +2678,19 @@ do_cleanup(struct ssh *ssh, Authctxt *authctxt) +diff --color -ruNp a/session.c b/session.c +--- a/session.c 2024-08-28 12:35:01.197659647 +0200 ++++ b/session.c 2024-08-28 12:35:41.255432218 +0200 +@@ -2674,13 +2674,19 @@ do_cleanup(struct ssh *ssh, Authctxt *au #ifdef KRB5 if (options.kerberos_ticket_cleanup && @@ -3258,135 +3229,10 @@ index 8c0e54f7..06a33442 100644 #endif /* remove agent socket */ -diff --git a/ssh-gss.h b/ssh-gss.h -index 36180d07..70dd3665 100644 ---- a/ssh-gss.h -+++ b/ssh-gss.h -@@ -1,6 +1,6 @@ - /* $OpenBSD: ssh-gss.h,v 1.15 2021/01/27 10:05:28 djm Exp $ */ - /* -- * Copyright (c) 2001-2003 Simon Wilkinson. All rights reserved. -+ * Copyright (c) 2001-2009 Simon Wilkinson. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions -@@ -61,10 +61,34 @@ - - #define SSH_GSS_OIDTYPE 0x06 - -+#define SSH2_MSG_KEXGSS_INIT 30 -+#define SSH2_MSG_KEXGSS_CONTINUE 31 -+#define SSH2_MSG_KEXGSS_COMPLETE 32 -+#define SSH2_MSG_KEXGSS_HOSTKEY 33 -+#define SSH2_MSG_KEXGSS_ERROR 34 -+#define SSH2_MSG_KEXGSS_GROUPREQ 40 -+#define SSH2_MSG_KEXGSS_GROUP 41 -+#define KEX_GSS_GRP1_SHA1_ID "gss-group1-sha1-" -+#define KEX_GSS_GRP14_SHA1_ID "gss-group14-sha1-" -+#define KEX_GSS_GRP14_SHA256_ID "gss-group14-sha256-" -+#define KEX_GSS_GRP16_SHA512_ID "gss-group16-sha512-" -+#define KEX_GSS_GEX_SHA1_ID "gss-gex-sha1-" -+#define KEX_GSS_NISTP256_SHA256_ID "gss-nistp256-sha256-" -+#define KEX_GSS_C25519_SHA256_ID "gss-curve25519-sha256-" -+ -+#define GSS_KEX_DEFAULT_KEX \ -+ KEX_GSS_GRP14_SHA256_ID "," \ -+ KEX_GSS_GRP16_SHA512_ID "," \ -+ KEX_GSS_NISTP256_SHA256_ID "," \ -+ KEX_GSS_C25519_SHA256_ID "," \ -+ KEX_GSS_GRP14_SHA1_ID "," \ -+ KEX_GSS_GEX_SHA1_ID -+ - typedef struct { - char *filename; - char *envvar; - char *envval; -+ struct passwd *owner; - void *data; - } ssh_gssapi_ccache; - -@@ -72,8 +92,11 @@ typedef struct { - gss_buffer_desc displayname; - gss_buffer_desc exportedname; - gss_cred_id_t creds; -+ gss_name_t name; - struct ssh_gssapi_mech_struct *mech; - ssh_gssapi_ccache store; -+ int used; -+ int updated; - } ssh_gssapi_client; - - typedef struct ssh_gssapi_mech_struct { -@@ -84,6 +107,7 @@ typedef struct ssh_gssapi_mech_struct { - int (*userok) (ssh_gssapi_client *, char *); - int (*localname) (ssh_gssapi_client *, char **); - void (*storecreds) (ssh_gssapi_client *); -+ int (*updatecreds) (ssh_gssapi_ccache *, ssh_gssapi_client *); - } ssh_gssapi_mech; - - typedef struct { -@@ -94,10 +118,11 @@ typedef struct { - gss_OID oid; /* client */ - gss_cred_id_t creds; /* server */ - gss_name_t client; /* server */ -- gss_cred_id_t client_creds; /* server */ -+ gss_cred_id_t client_creds; /* both */ - } Gssctxt; - - extern ssh_gssapi_mech *supported_mechs[]; -+extern Gssctxt *gss_kex_context; - - int ssh_gssapi_check_oid(Gssctxt *, void *, size_t); - void ssh_gssapi_set_oid_data(Gssctxt *, void *, size_t); -@@ -109,6 +134,7 @@ OM_uint32 ssh_gssapi_test_oid_supported(OM_uint32 *, gss_OID, int *); - - struct sshbuf; - int ssh_gssapi_get_buffer_desc(struct sshbuf *, gss_buffer_desc *); -+int ssh_gssapi_sshpkt_get_buffer_desc(struct ssh *, gss_buffer_desc *); - - OM_uint32 ssh_gssapi_import_name(Gssctxt *, const char *); - OM_uint32 ssh_gssapi_init_ctx(Gssctxt *, int, -@@ -123,17 +149,33 @@ void ssh_gssapi_delete_ctx(Gssctxt **); - OM_uint32 ssh_gssapi_sign(Gssctxt *, gss_buffer_t, gss_buffer_t); - void ssh_gssapi_buildmic(struct sshbuf *, const char *, - const char *, const char *, const struct sshbuf *); --int ssh_gssapi_check_mechanism(Gssctxt **, gss_OID, const char *); -+int ssh_gssapi_check_mechanism(Gssctxt **, gss_OID, const char *, const char *); -+OM_uint32 ssh_gssapi_client_identity(Gssctxt *, const char *); -+int ssh_gssapi_credentials_updated(Gssctxt *); - - /* In the server */ -+typedef int ssh_gssapi_check_fn(Gssctxt **, gss_OID, const char *, -+ const char *); -+char *ssh_gssapi_client_mechanisms(const char *, const char *, const char *); -+char *ssh_gssapi_kex_mechs(gss_OID_set, ssh_gssapi_check_fn *, const char *, -+ const char *, const char *); -+gss_OID ssh_gssapi_id_kex(Gssctxt *, char *, int); -+int ssh_gssapi_server_check_mech(Gssctxt **,gss_OID, const char *, -+ const char *); - OM_uint32 ssh_gssapi_server_ctx(Gssctxt **, gss_OID); --int ssh_gssapi_userok(char *name); -+int ssh_gssapi_userok(char *name, struct passwd *, int kex); - OM_uint32 ssh_gssapi_checkmic(Gssctxt *, gss_buffer_t, gss_buffer_t); - void ssh_gssapi_do_child(char ***, u_int *); - void ssh_gssapi_cleanup_creds(void); - void ssh_gssapi_storecreds(void); - const char *ssh_gssapi_displayname(void); - -+char *ssh_gssapi_server_mechanisms(void); -+int ssh_gssapi_oid_table_ok(void); -+ -+int ssh_gssapi_update_creds(ssh_gssapi_ccache *store); -+void ssh_gssapi_rekey_creds(void); -+ - #endif /* GSSAPI */ - - #endif /* _SSH_GSS_H */ -diff --git a/ssh.1 b/ssh.1 -index 60de6087..db5c65bc 100644 ---- a/ssh.1 -+++ b/ssh.1 -@@ -503,7 +503,13 @@ For full details of the options listed below, and their possible values, see +diff --color -ruNp a/ssh.1 b/ssh.1 +--- a/ssh.1 2024-08-28 12:35:01.207659840 +0200 ++++ b/ssh.1 2024-08-28 12:35:41.256432238 +0200 +@@ -536,7 +536,13 @@ For full details of the options listed b .It GatewayPorts .It GlobalKnownHostsFile .It GSSAPIAuthentication @@ -3400,7 +3246,7 @@ index 60de6087..db5c65bc 100644 .It HashKnownHosts .It Host .It HostbasedAcceptedAlgorithms -@@ -624,6 +624,8 @@ +@@ -624,6 +630,8 @@ flag), (supported message integrity codes), .Ar kex (key exchange algorithms), @@ -3409,11 +3255,10 @@ index 60de6087..db5c65bc 100644 .Ar key (key types), .Ar key-ca-sign -diff --git a/ssh.c b/ssh.c -index 15aee569..110cf9c1 100644 ---- a/ssh.c -+++ b/ssh.c -@@ -747,6 +747,8 @@ main(int ac, char **av) +diff --color -ruNp a/ssh.c b/ssh.c +--- a/ssh.c 2024-07-01 06:36:28.000000000 +0200 ++++ b/ssh.c 2024-08-28 12:35:41.256432238 +0200 +@@ -827,6 +827,8 @@ main(int ac, char **av) else if (strcmp(optarg, "kex") == 0 || strcasecmp(optarg, "KexAlgorithms") == 0) cp = kex_alg_list('\n'); @@ -3422,7 +3267,7 @@ index 15aee569..110cf9c1 100644 else if (strcmp(optarg, "key") == 0) cp = sshkey_alg_list(0, 0, 0, '\n'); else if (strcmp(optarg, "key-cert") == 0) -@@ -772,8 +774,8 @@ main(int ac, char **av) +@@ -857,8 +859,8 @@ main(int ac, char **av) } else if (strcmp(optarg, "help") == 0) { cp = xstrdup( "cipher\ncipher-auth\ncompression\nkex\n" @@ -3433,10 +3278,9 @@ index 15aee569..110cf9c1 100644 } if (cp == NULL) fatal("Unsupported query \"%s\"", optarg); -diff --git a/ssh_config b/ssh_config -index 5e8ef548..1ff999b6 100644 ---- a/ssh_config -+++ b/ssh_config +diff --color -ruNp a/ssh_config b/ssh_config +--- a/ssh_config 2024-08-28 12:35:01.216660014 +0200 ++++ b/ssh_config 2024-08-28 12:35:41.256432238 +0200 @@ -24,6 +24,8 @@ # HostbasedAuthentication no # GSSAPIAuthentication no @@ -3446,11 +3290,10 @@ index 5e8ef548..1ff999b6 100644 # BatchMode no # CheckHostIP no # AddressFamily any -diff --git a/ssh_config.5 b/ssh_config.5 -index 06a32d31..3f490697 100644 ---- a/ssh_config.5 -+++ b/ssh_config.5 -@@ -766,10 +766,68 @@ The default is +diff --color -ruNp a/ssh_config.5 b/ssh_config.5 +--- a/ssh_config.5 2024-07-01 06:36:28.000000000 +0200 ++++ b/ssh_config.5 2024-08-28 12:35:41.257432257 +0200 +@@ -938,10 +938,68 @@ The default is Specifies whether user authentication based on GSSAPI is allowed. The default is .Cm no . @@ -3519,21 +3362,11 @@ index 06a32d31..3f490697 100644 .It Cm HashKnownHosts Indicates that .Xr ssh 1 -diff --git a/sshconnect2.c b/sshconnect2.c -index af00fb30..03bc87eb 100644 ---- a/sshconnect2.c -+++ b/sshconnect2.c -@@ -80,8 +80,6 @@ - #endif - - /* import */ --extern char *client_version_string; --extern char *server_version_string; - extern Options options; - - /* -@@ -163,6 +161,11 @@ ssh_kex2(struct ssh *ssh, char *host, struct sockaddr *hostaddr, u_short port) - char *s, *all_key, *hkalgs = NULL; +diff --color -ruNp a/sshconnect2.c b/sshconnect2.c +--- a/sshconnect2.c 2024-07-01 06:36:28.000000000 +0200 ++++ b/sshconnect2.c 2024-08-28 12:35:41.258432276 +0200 +@@ -222,6 +222,11 @@ ssh_kex2(struct ssh *ssh, char *host, st + char *all_key, *hkalgs = NULL; int r, use_known_hosts_order = 0; +#if defined(GSSAPI) && defined(WITH_OPENSSL) @@ -3544,11 +3377,10 @@ index af00fb30..03bc87eb 100644 xxx_host = host; xxx_hostaddr = hostaddr; xxx_conn_info = cinfo; -@@ -206,6 +209,42 @@ ssh_kex2(struct ssh *ssh, char *host, struct sockaddr *hostaddr, u_short port) - kex_proposal_populate_entries(ssh, myproposal, s, options.ciphers, - options.macs, compression_alg_list(options.compression), +@@ -255,6 +260,42 @@ ssh_kex2(struct ssh *ssh, char *host, st + compression_alg_list(options.compression), hkalgs ? hkalgs : options.hostkeyalgorithms); -+ + +#if defined(GSSAPI) && defined(WITH_OPENSSL) + if (options.gss_keyex) { + /* Add the GSSAPI mechanisms currently supported on this @@ -3584,10 +3416,11 @@ index af00fb30..03bc87eb 100644 + } + } +#endif - ++ free(hkalgs); -@@ -224,17 +256,47 @@ ssh_kex2(struct ssh *ssh, char *host, struct sockaddr *hostaddr, u_short port) + /* start key exchange */ +@@ -271,14 +312,44 @@ ssh_kex2(struct ssh *ssh, char *host, st # ifdef OPENSSL_HAS_ECC ssh->kex->kex[KEX_ECDH_SHA2] = kex_gen_client; # endif @@ -3618,11 +3451,8 @@ index af00fb30..03bc87eb 100644 +#endif + ssh_dispatch_run_fatal(ssh, DISPATCH_BLOCK, &ssh->kex->done); + kex_proposal_free_entries(myproposal); - /* remove ext-info from the KEX proposals for rekeying */ - free(myproposal[PROPOSAL_KEX_ALGS]); - myproposal[PROPOSAL_KEX_ALGS] = - compat_kex_proposal(ssh, options.kex_algorithms); +#if defined(GSSAPI) && defined(WITH_OPENSSL) + /* repair myproposal after it was crumpled by the */ + /* ext-info removal above */ @@ -3633,10 +3463,10 @@ index af00fb30..03bc87eb 100644 + free(gss); + } +#endif - if ((r = kex_prop2buf(ssh->kex->my, myproposal)) != 0) - fatal_r(r, "kex_prop2buf"); - -@@ -330,6 +392,7 @@ static int input_gssapi_response(int type, u_int32_t, struct ssh *); + #ifdef DEBUG_KEXDH + /* send 1st encrypted/maced/compressed message */ + if ((r = sshpkt_start(ssh, SSH2_MSG_IGNORE)) != 0 || +@@ -368,6 +439,7 @@ static int input_gssapi_response(int typ static int input_gssapi_token(int type, u_int32_t, struct ssh *); static int input_gssapi_error(int, u_int32_t, struct ssh *); static int input_gssapi_errtok(int, u_int32_t, struct ssh *); @@ -3644,7 +3474,7 @@ index af00fb30..03bc87eb 100644 #endif void userauth(struct ssh *, char *); -@@ -346,6 +409,11 @@ static char *authmethods_get(void); +@@ -384,6 +456,11 @@ static char *authmethods_get(void); Authmethod authmethods[] = { #ifdef GSSAPI @@ -3656,7 +3486,7 @@ index af00fb30..03bc87eb 100644 {"gssapi-with-mic", userauth_gssapi, userauth_gssapi_cleanup, -@@ -716,12 +784,32 @@ userauth_gssapi(struct ssh *ssh) +@@ -755,12 +832,32 @@ userauth_gssapi(struct ssh *ssh) OM_uint32 min; int r, ok = 0; gss_OID mech = NULL; @@ -3690,7 +3520,7 @@ index af00fb30..03bc87eb 100644 /* Check to see whether the mechanism is usable before we offer it */ while (authctxt->mech_tried < authctxt->gss_supported_mechs->count && -@@ -730,13 +811,15 @@ userauth_gssapi(struct ssh *ssh) +@@ -769,13 +866,15 @@ userauth_gssapi(struct ssh *ssh) elements[authctxt->mech_tried]; /* My DER encoding requires length<128 */ if (mech->length < 128 && ssh_gssapi_check_mechanism(&gssctxt, @@ -3707,7 +3537,7 @@ index af00fb30..03bc87eb 100644 if (!ok || mech == NULL) return 0; -@@ -976,6 +1059,55 @@ input_gssapi_error(int type, u_int32_t plen, struct ssh *ssh) +@@ -1009,6 +1108,55 @@ input_gssapi_error(int type, u_int32_t p free(lang); return r; } @@ -3763,22 +3593,10 @@ index af00fb30..03bc87eb 100644 #endif /* GSSAPI */ static int -diff --git a/sshd.c b/sshd.c -index 60b2aaf7..d92f03aa 100644 ---- a/sshd.c -+++ b/sshd.c -@@ -817,8 +817,8 @@ notify_hostkeys(struct ssh *ssh) - } - debug3_f("sent %u hostkeys", nkeys); - if (nkeys == 0) -- fatal_f("no hostkeys"); -- if ((r = sshpkt_send(ssh)) != 0) -+ debug3_f("no hostkeys"); -+ else if ((r = sshpkt_send(ssh)) != 0) - sshpkt_fatal(ssh, r, "%s: send", __func__); - sshbuf_free(buf); - } -@@ -1852,7 +1852,8 @@ main(int ac, char **av) +diff --color -ruNp a/sshd.c b/sshd.c +--- a/sshd.c 2024-07-01 06:36:28.000000000 +0200 ++++ b/sshd.c 2024-08-28 12:35:41.258432276 +0200 +@@ -1551,7 +1551,8 @@ main(int ac, char **av) free(fp); } accumulate_host_timing_secret(cfg, NULL); @@ -3788,80 +3606,10 @@ index 60b2aaf7..d92f03aa 100644 logit("sshd: no hostkeys available -- exiting."); exit(1); } -@@ -2347,6 +2348,48 @@ do_ssh2_kex(struct ssh *ssh) - - free(hkalgs); - -+#if defined(GSSAPI) && defined(WITH_OPENSSL) -+ { -+ char *orig; -+ char *gss = NULL; -+ char *newstr = NULL; -+ orig = myproposal[PROPOSAL_KEX_ALGS]; -+ -+ /* -+ * If we don't have a host key, then there's no point advertising -+ * the other key exchange algorithms -+ */ -+ -+ if (strlen(myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS]) == 0) -+ orig = NULL; -+ -+ if (options.gss_keyex) -+ gss = ssh_gssapi_server_mechanisms(); -+ else -+ gss = NULL; -+ -+ if (gss && orig) -+ xasprintf(&newstr, "%s,%s", gss, orig); -+ else if (gss) -+ newstr = gss; -+ else if (orig) -+ newstr = orig; -+ -+ /* -+ * If we've got GSSAPI mechanisms, then we've got the 'null' host -+ * key alg, but we can't tell people about it unless its the only -+ * host key algorithm we support -+ */ -+ if (gss && (strlen(myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS])) == 0) -+ myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = "null"; -+ -+ if (newstr) -+ myproposal[PROPOSAL_KEX_ALGS] = newstr; -+ else -+ fatal("No supported key exchange algorithms"); -+ } -+#endif -+ - /* start key exchange */ - if ((r = kex_setup(ssh, myproposal)) != 0) - fatal_r(r, "kex_setup"); -@@ -2362,7 +2405,18 @@ do_ssh2_kex(struct ssh *ssh) - # ifdef OPENSSL_HAS_ECC - kex->kex[KEX_ECDH_SHA2] = kex_gen_server; - # endif --#endif -+# ifdef GSSAPI -+ if (options.gss_keyex) { -+ kex->kex[KEX_GSS_GRP1_SHA1] = kexgss_server; -+ kex->kex[KEX_GSS_GRP14_SHA1] = kexgss_server; -+ kex->kex[KEX_GSS_GRP14_SHA256] = kexgss_server; -+ kex->kex[KEX_GSS_GRP16_SHA512] = kexgss_server; -+ kex->kex[KEX_GSS_GEX_SHA1] = kexgssgex_server; -+ kex->kex[KEX_GSS_NISTP256_SHA256] = kexgss_server; -+ kex->kex[KEX_GSS_C25519_SHA256] = kexgss_server; -+ } -+# endif -+#endif /* WITH_OPENSSL */ - kex->kex[KEX_C25519_SHA256] = kex_gen_server; - kex->kex[KEX_KEM_SNTRUP761X25519_SHA512] = kex_gen_server; - kex->load_host_public_key=&get_hostkey_public_by_type; -diff --git a/sshd_config b/sshd_config -index 19b7c91a..2c48105f 100644 ---- a/sshd_config -+++ b/sshd_config -@@ -69,6 +69,8 @@ AuthorizedKeysFile .ssh/authorized_keys +diff --color -ruNp a/sshd_config b/sshd_config +--- a/sshd_config 2024-08-28 12:35:01.221660110 +0200 ++++ b/sshd_config 2024-08-28 12:35:41.259432296 +0200 +@@ -77,6 +77,8 @@ AuthorizedKeysFile .ssh/authorized_keys # GSSAPI options #GSSAPIAuthentication no #GSSAPICleanupCredentials yes @@ -3870,11 +3618,10 @@ index 19b7c91a..2c48105f 100644 # Set this to 'yes' to enable PAM authentication, account processing, # and session processing. If this is enabled, PAM authentication will -diff --git a/sshd_config.5 b/sshd_config.5 -index 70ccea44..f6b41a2f 100644 ---- a/sshd_config.5 -+++ b/sshd_config.5 -@@ -646,6 +646,11 @@ Specifies whether to automatically destroy the user's credentials cache +diff --color -ruNp a/sshd_config.5 b/sshd_config.5 +--- a/sshd_config.5 2024-08-28 12:35:01.218660052 +0200 ++++ b/sshd_config.5 2024-08-28 12:35:41.259432296 +0200 +@@ -739,6 +739,11 @@ Specifies whether to automatically destr on logout. The default is .Cm yes . @@ -3886,7 +3633,7 @@ index 70ccea44..f6b41a2f 100644 .It Cm GSSAPIStrictAcceptorCheck Determines whether to be strict about the identity of the GSSAPI acceptor a client authenticates against. -@@ -660,6 +665,32 @@ machine's default store. +@@ -753,6 +758,32 @@ machine's default store. This facility is provided to assist with operation on multi homed machines. The default is .Cm yes . @@ -3919,15 +3666,223 @@ index 70ccea44..f6b41a2f 100644 .It Cm HostbasedAcceptedAlgorithms Specifies the signature algorithms that will be accepted for hostbased authentication as a list of comma-separated patterns. -diff --git a/sshkey.c b/sshkey.c -index 57995ee6..fd5b7724 100644 ---- a/sshkey.c -+++ b/sshkey.c -@@ -127,6 +127,75 @@ static const struct keytype keytypes[] = { - extern const struct sshkey_impl sshkey_xmss_impl; +diff --color -ruNp a/sshd-session.c b/sshd-session.c +--- a/sshd-session.c 2024-08-28 12:35:01.221660110 +0200 ++++ b/sshd-session.c 2024-08-28 12:35:41.263432373 +0200 +@@ -660,8 +660,8 @@ notify_hostkeys(struct ssh *ssh) + } + debug3_f("sent %u hostkeys", nkeys); + if (nkeys == 0) +- fatal_f("no hostkeys"); +- if ((r = sshpkt_send(ssh)) != 0) ++ debug3_f("no hostkeys"); ++ else if ((r = sshpkt_send(ssh)) != 0) + sshpkt_fatal(ssh, r, "%s: send", __func__); + sshbuf_free(buf); + } +@@ -1180,8 +1180,9 @@ main(int ac, char **av) + break; + } + } +- if (!have_key) +- fatal("internal error: monitor received no hostkeys"); ++ /* The GSSAPI key exchange can run without a host key */ ++ if (!have_key && !options.gss_keyex) ++ fatal("internal error: monitor received no hostkeys and GSS KEX is not configured"); + + /* Ensure that umask disallows at least group and world write */ + new_umask = umask(0077) | 0022; +@@ -1462,6 +1463,48 @@ do_ssh2_kex(struct ssh *ssh) + + free(hkalgs); + ++#if defined(GSSAPI) && defined(WITH_OPENSSL) ++ { ++ char *orig; ++ char *gss = NULL; ++ char *newstr = NULL; ++ orig = myproposal[PROPOSAL_KEX_ALGS]; ++ ++ /* ++ * If we don't have a host key, then there's no point advertising ++ * the other key exchange algorithms ++ */ ++ ++ if (strlen(myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS]) == 0) ++ orig = NULL; ++ ++ if (options.gss_keyex) ++ gss = ssh_gssapi_server_mechanisms(); ++ else ++ gss = NULL; ++ ++ if (gss && orig) ++ xasprintf(&newstr, "%s,%s", gss, orig); ++ else if (gss) ++ xasprintf(&newstr, "%s,%s", gss, "kex-strict-s-v00@openssh.com"); ++ else if (orig) ++ newstr = orig; ++ ++ /* ++ * If we've got GSSAPI mechanisms, then we've got the 'null' host ++ * key alg, but we can't tell people about it unless its the only ++ * host key algorithm we support ++ */ ++ if (gss && (strlen(myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS])) == 0) ++ myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = xstrdup("null"); ++ ++ if (newstr) ++ myproposal[PROPOSAL_KEX_ALGS] = newstr; ++ else ++ fatal("No supported key exchange algorithms"); ++ } ++#endif ++ + /* start key exchange */ + if ((r = kex_setup(ssh, myproposal)) != 0) + fatal_r(r, "kex_setup"); +@@ -1479,7 +1522,18 @@ do_ssh2_kex(struct ssh *ssh) + #ifdef OPENSSL_HAS_ECC + kex->kex[KEX_ECDH_SHA2] = kex_gen_server; + #endif +-#endif ++# ifdef GSSAPI ++ if (options.gss_keyex) { ++ kex->kex[KEX_GSS_GRP1_SHA1] = kexgss_server; ++ kex->kex[KEX_GSS_GRP14_SHA1] = kexgss_server; ++ kex->kex[KEX_GSS_GRP14_SHA256] = kexgss_server; ++ kex->kex[KEX_GSS_GRP16_SHA512] = kexgss_server; ++ kex->kex[KEX_GSS_GEX_SHA1] = kexgssgex_server; ++ kex->kex[KEX_GSS_NISTP256_SHA256] = kexgss_server; ++ kex->kex[KEX_GSS_C25519_SHA256] = kexgss_server; ++ } ++# endif ++#endif /* WITH_OPENSSL */ + kex->kex[KEX_C25519_SHA256] = kex_gen_server; + kex->kex[KEX_KEM_SNTRUP761X25519_SHA512] = kex_gen_server; + kex->load_host_public_key=&get_hostkey_public_by_type; +diff --color -ruNp a/ssh-gss.h b/ssh-gss.h +--- a/ssh-gss.h 2024-07-01 06:36:28.000000000 +0200 ++++ b/ssh-gss.h 2024-08-28 12:35:41.256432238 +0200 +@@ -61,10 +61,34 @@ + + #define SSH_GSS_OIDTYPE 0x06 + ++#define SSH2_MSG_KEXGSS_INIT 30 ++#define SSH2_MSG_KEXGSS_CONTINUE 31 ++#define SSH2_MSG_KEXGSS_COMPLETE 32 ++#define SSH2_MSG_KEXGSS_HOSTKEY 33 ++#define SSH2_MSG_KEXGSS_ERROR 34 ++#define SSH2_MSG_KEXGSS_GROUPREQ 40 ++#define SSH2_MSG_KEXGSS_GROUP 41 ++#define KEX_GSS_GRP1_SHA1_ID "gss-group1-sha1-" ++#define KEX_GSS_GRP14_SHA1_ID "gss-group14-sha1-" ++#define KEX_GSS_GRP14_SHA256_ID "gss-group14-sha256-" ++#define KEX_GSS_GRP16_SHA512_ID "gss-group16-sha512-" ++#define KEX_GSS_GEX_SHA1_ID "gss-gex-sha1-" ++#define KEX_GSS_NISTP256_SHA256_ID "gss-nistp256-sha256-" ++#define KEX_GSS_C25519_SHA256_ID "gss-curve25519-sha256-" ++ ++#define GSS_KEX_DEFAULT_KEX \ ++ KEX_GSS_GRP14_SHA256_ID "," \ ++ KEX_GSS_GRP16_SHA512_ID "," \ ++ KEX_GSS_NISTP256_SHA256_ID "," \ ++ KEX_GSS_C25519_SHA256_ID "," \ ++ KEX_GSS_GRP14_SHA1_ID "," \ ++ KEX_GSS_GEX_SHA1_ID ++ + typedef struct { + char *filename; + char *envvar; + char *envval; ++ struct passwd *owner; + void *data; + } ssh_gssapi_ccache; + +@@ -72,8 +96,11 @@ typedef struct { + gss_buffer_desc displayname; + gss_buffer_desc exportedname; + gss_cred_id_t creds; ++ gss_name_t name; + struct ssh_gssapi_mech_struct *mech; + ssh_gssapi_ccache store; ++ int used; ++ int updated; + } ssh_gssapi_client; + + typedef struct ssh_gssapi_mech_struct { +@@ -84,6 +111,7 @@ typedef struct ssh_gssapi_mech_struct { + int (*userok) (ssh_gssapi_client *, char *); + int (*localname) (ssh_gssapi_client *, char **); + void (*storecreds) (ssh_gssapi_client *); ++ int (*updatecreds) (ssh_gssapi_ccache *, ssh_gssapi_client *); + } ssh_gssapi_mech; + + typedef struct { +@@ -94,10 +122,11 @@ typedef struct { + gss_OID oid; /* client */ + gss_cred_id_t creds; /* server */ + gss_name_t client; /* server */ +- gss_cred_id_t client_creds; /* server */ ++ gss_cred_id_t client_creds; /* both */ + } Gssctxt; + + extern ssh_gssapi_mech *supported_mechs[]; ++extern Gssctxt *gss_kex_context; + + int ssh_gssapi_check_oid(Gssctxt *, void *, size_t); + void ssh_gssapi_set_oid_data(Gssctxt *, void *, size_t); +@@ -108,6 +137,7 @@ OM_uint32 ssh_gssapi_test_oid_supported( + + struct sshbuf; + int ssh_gssapi_get_buffer_desc(struct sshbuf *, gss_buffer_desc *); ++int ssh_gssapi_sshpkt_get_buffer_desc(struct ssh *, gss_buffer_desc *); + + OM_uint32 ssh_gssapi_import_name(Gssctxt *, const char *); + OM_uint32 ssh_gssapi_init_ctx(Gssctxt *, int, +@@ -122,17 +152,33 @@ void ssh_gssapi_delete_ctx(Gssctxt **); + OM_uint32 ssh_gssapi_sign(Gssctxt *, gss_buffer_t, gss_buffer_t); + void ssh_gssapi_buildmic(struct sshbuf *, const char *, + const char *, const char *, const struct sshbuf *); +-int ssh_gssapi_check_mechanism(Gssctxt **, gss_OID, const char *); ++int ssh_gssapi_check_mechanism(Gssctxt **, gss_OID, const char *, const char *); ++OM_uint32 ssh_gssapi_client_identity(Gssctxt *, const char *); ++int ssh_gssapi_credentials_updated(Gssctxt *); + + /* In the server */ ++typedef int ssh_gssapi_check_fn(Gssctxt **, gss_OID, const char *, ++ const char *); ++char *ssh_gssapi_client_mechanisms(const char *, const char *, const char *); ++char *ssh_gssapi_kex_mechs(gss_OID_set, ssh_gssapi_check_fn *, const char *, ++ const char *, const char *); ++gss_OID ssh_gssapi_id_kex(Gssctxt *, char *, int); ++int ssh_gssapi_server_check_mech(Gssctxt **,gss_OID, const char *, ++ const char *); + OM_uint32 ssh_gssapi_server_ctx(Gssctxt **, gss_OID); +-int ssh_gssapi_userok(char *name); ++int ssh_gssapi_userok(char *name, struct passwd *, int kex); + OM_uint32 ssh_gssapi_checkmic(Gssctxt *, gss_buffer_t, gss_buffer_t); + void ssh_gssapi_do_child(char ***, u_int *); + void ssh_gssapi_cleanup_creds(void); + void ssh_gssapi_storecreds(void); + const char *ssh_gssapi_displayname(void); + ++char *ssh_gssapi_server_mechanisms(void); ++int ssh_gssapi_oid_table_ok(void); ++ ++int ssh_gssapi_update_creds(ssh_gssapi_ccache *store); ++void ssh_gssapi_rekey_creds(void); ++ + #endif /* GSSAPI */ + + #endif /* _SSH_GSS_H */ +diff --color -ruNp a/sshkey.c b/sshkey.c +--- a/sshkey.c 2024-07-01 06:36:28.000000000 +0200 ++++ b/sshkey.c 2024-08-28 12:35:41.260432315 +0200 +@@ -131,6 +131,75 @@ extern const struct sshkey_impl sshkey_x extern const struct sshkey_impl sshkey_xmss_cert_impl; #endif -+ + +static int ssh_gss_equal(const struct sshkey *, const struct sshkey *) +{ + return SSH_ERR_FEATURE_UNSUPPORTED; @@ -3996,10 +3951,11 @@ index 57995ee6..fd5b7724 100644 + /* .keybits = */ 0, /* FIXME */ + /* .funcs = */ &sshkey_gss_funcs, +}; - ++ const struct sshkey_impl * const keyimpls[] = { &sshkey_ed25519_impl, -@@ -154,6 +154,7 @@ static const struct keytype keytypes[] = { + &sshkey_ed25519_cert_impl, +@@ -169,6 +238,7 @@ const struct sshkey_impl * const keyimpl &sshkey_xmss_impl, &sshkey_xmss_cert_impl, #endif @@ -4007,7 +3963,7 @@ index 57995ee6..fd5b7724 100644 NULL }; -@@ -255,7 +256,7 @@ sshkey_alg_list(int certs_only, int plain_only, int include_sigonly, char sep) +@@ -324,7 +394,7 @@ sshkey_alg_list(int certs_only, int plai for (i = 0; keyimpls[i] != NULL; i++) { impl = keyimpls[i]; @@ -4016,11 +3972,10 @@ index 57995ee6..fd5b7724 100644 continue; if (!include_sigonly && impl->sigonly) continue; -diff --git a/sshkey.h b/sshkey.h -index 71a3fddc..37a43a67 100644 ---- a/sshkey.h -+++ b/sshkey.h -@@ -69,6 +69,7 @@ enum sshkey_types { +diff --color -ruNp a/sshkey.h b/sshkey.h +--- a/sshkey.h 2024-07-01 06:36:28.000000000 +0200 ++++ b/sshkey.h 2024-08-28 12:35:41.260432315 +0200 +@@ -71,6 +71,7 @@ enum sshkey_types { KEY_ECDSA_SK_CERT, KEY_ED25519_SK, KEY_ED25519_SK_CERT, @@ -4028,47 +3983,3 @@ index 71a3fddc..37a43a67 100644 KEY_UNSPEC }; -diff --git a/packet.h b/packet.h ---- a/packet.h (revision 8241b9c0529228b4b86d88b1a6076fb9f97e4a99) -+++ b/packet.h (date 1703172586447) -@@ -124,6 +124,7 @@ - int ssh_packet_send2(struct ssh *); - - int ssh_packet_read(struct ssh *); -+int ssh_packet_read_expect(struct ssh *, u_int type); - int ssh_packet_read_poll(struct ssh *); - int ssh_packet_read_poll2(struct ssh *, u_char *, u_int32_t *seqnr_p); - int ssh_packet_process_incoming(struct ssh *, const char *buf, u_int len); -diff --git a/packet.c b/packet.c ---- a/packet.c (revision 8241b9c0529228b4b86d88b1a6076fb9f97e4a99) -+++ b/packet.c (date 1703172586447) -@@ -1425,6 +1416,29 @@ - return type; - } - -+/* -+ * Waits until a packet has been received, verifies that its type matches -+ * that given, and gives a fatal error and exits if there is a mismatch. -+ */ -+ -+int -+ssh_packet_read_expect(struct ssh *ssh, u_int expected_type) -+{ -+ int r; -+ u_char type; -+ -+ if ((r = ssh_packet_read_seqnr(ssh, &type, NULL)) != 0) -+ return r; -+ if (type != expected_type) { -+ if ((r = sshpkt_disconnect(ssh, -+ "Protocol error: expected packet type %d, got %d", -+ expected_type, type)) != 0) -+ return r; -+ return SSH_ERR_PROTOCOL_ERROR; -+ } -+ return 0; -+} -+ - static int - ssh_packet_read_poll2_mux(struct ssh *ssh, u_char *typep, u_int32_t *seqnr_p) - { diff --git a/openssh-8.0p1-pkcs11-uri.patch b/openssh-8.0p1-pkcs11-uri.patch index 1e7940d..9931d92 100644 --- a/openssh-8.0p1-pkcs11-uri.patch +++ b/openssh-8.0p1-pkcs11-uri.patch @@ -964,10 +964,10 @@ diff -up openssh-9.6p1/ssh-add.c.pkcs11-uri openssh-9.6p1/ssh-add.c diff -up openssh-9.6p1/ssh-agent.c.pkcs11-uri openssh-9.6p1/ssh-agent.c --- openssh-9.6p1/ssh-agent.c.pkcs11-uri 2023-12-18 15:59:50.000000000 +0100 +++ openssh-9.6p1/ssh-agent.c 2024-01-12 14:25:25.234942360 +0100 -@@ -1549,10 +1549,72 @@ add_p11_identity(struct sshkey *key, cha +@@ -1549,10 +1549,74 @@ add_p11_identity(struct sshkey *key, cha + idtab->nentries++; } - #ifdef ENABLE_PKCS11 +static char * +sanitize_pkcs11_provider(const char *provider) +{ @@ -978,6 +978,8 @@ diff -up openssh-9.6p1/ssh-agent.c.pkcs11-uri openssh-9.6p1/ssh-agent.c + if (provider == NULL) + return NULL; + ++ memset(canonical_provider, 0, sizeof(canonical_provider)); ++ + if (strlen(provider) >= strlen(PKCS11_URI_SCHEME) && + strncmp(provider, PKCS11_URI_SCHEME, + strlen(PKCS11_URI_SCHEME)) == 0) { diff --git a/openssh-8.0p1-preserve-pam-errors.patch b/openssh-8.0p1-preserve-pam-errors.patch index dbdbe93..b7ab965 100644 --- a/openssh-8.0p1-preserve-pam-errors.patch +++ b/openssh-8.0p1-preserve-pam-errors.patch @@ -27,16 +27,15 @@ diff -up openssh-8.0p1/auth-pam.c.preserve-pam-errors openssh-8.0p1/auth-pam.c else if (sshpam_maxtries_reached) ssh_msg_send(ctxt->pam_csock, PAM_MAXTRIES, buffer); else -@@ -856,10 +862,12 @@ sshpam_query(void *ctx, char **name, cha - plen++; +@@ -856,9 +862,11 @@ sshpam_query(void *ctx, char **name, cha free(msg); break; -+ case PAM_USER_UNKNOWN: -+ case PAM_PERM_DENIED: case PAM_ACCT_EXPIRED: + sshpam_account_status = 0; + /* FALLTHROUGH */ case PAM_MAXTRIES: ++ case PAM_USER_UNKNOWN: ++ case PAM_PERM_DENIED: - if (type == PAM_ACCT_EXPIRED) - sshpam_account_status = 0; if (type == PAM_MAXTRIES) diff --git a/openssh-8.7p1-minrsabits.patch b/openssh-8.7p1-minrsabits.patch index 479b55d..d8577d2 100644 --- a/openssh-8.7p1-minrsabits.patch +++ b/openssh-8.7p1-minrsabits.patch @@ -19,4 +19,4 @@ diff --git a/servconf.c b/servconf.c + { "rsaminsize", sRequiredRSASize, SSHCFG_ALL }, /* alias */ { "channeltimeout", sChannelTimeout, SSHCFG_ALL }, { "unusedconnectiontimeout", sUnusedConnectionTimeout, SSHCFG_ALL }, - { NULL, sBadOption, 0 } + { "sshdsessionpath", sSshdSessionPath, SSHCFG_GLOBAL }, diff --git a/openssh-8.7p1-negotiate-supported-algs.patch b/openssh-8.7p1-negotiate-supported-algs.patch index ee3637f..c4d86e7 100644 --- a/openssh-8.7p1-negotiate-supported-algs.patch +++ b/openssh-8.7p1-negotiate-supported-algs.patch @@ -79,12 +79,12 @@ diff -up openssh-9.3p1/sshconnect2.c.xxx openssh-9.3p1/sshconnect2.c const struct ssh_conn_info *cinfo) { char *myproposal[PROPOSAL_MAX]; -- char *s, *all_key, *hkalgs = NULL; -+ char *s, *all_key, *hkalgs = NULL, *filtered_algs = NULL; +- char *all_key, *hkalgs = NULL; ++ char *all_key, *hkalgs = NULL, *filtered_algs = NULL; int r, use_known_hosts_order = 0; #if defined(GSSAPI) && defined(WITH_OPENSSL) -@@ -260,9 +260,21 @@ ssh_kex2(struct ssh *ssh, char *host, st +@@ -260,10 +260,22 @@ ssh_kex2(struct ssh *ssh, char *host, st if (use_known_hosts_order) hkalgs = order_hostkeyalgs(host, hostaddr, port, cinfo); @@ -100,8 +100,9 @@ diff -up openssh-9.3p1/sshconnect2.c.xxx openssh-9.3p1/sshconnect2.c + options.hostkeyalgorithms, options.pubkey_accepted_algos); + } + - kex_proposal_populate_entries(ssh, myproposal, s, options.ciphers, - options.macs, compression_alg_list(options.compression), + kex_proposal_populate_entries(ssh, myproposal, + options.kex_algorithms, options.ciphers, options.macs, + compression_alg_list(options.compression), - hkalgs ? hkalgs : options.hostkeyalgorithms); + filtered_algs); diff --git a/openssh-8.7p1-nohostsha1proof.patch b/openssh-8.7p1-nohostsha1proof.patch index 6a6b63d..abc6aa4 100644 --- a/openssh-8.7p1-nohostsha1proof.patch +++ b/openssh-8.7p1-nohostsha1proof.patch @@ -148,15 +148,6 @@ diff -up openssh-8.7p1/regress/unittests/kex/test_kex.c.sshrsacheck openssh-8.7p ASSERT_PTR_NE(keyname, NULL); kex_params.proposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = keyname; ASSERT_INT_EQ(ssh_init(&client, 0, &kex_params), 0); -@@ -180,7 +181,7 @@ do_kex(char *kex) - { - #ifdef WITH_OPENSSL - do_kex_with_key(kex, KEY_RSA, 2048); -- do_kex_with_key(kex, KEY_DSA, 1024); -+ /* do_kex_with_key(kex, KEY_DSA, 1024); */ - #ifdef OPENSSL_HAS_ECC - do_kex_with_key(kex, KEY_ECDSA, 256); - #endif /* OPENSSL_HAS_ECC */ diff -up openssh-8.7p1/regress/unittests/sshkey/test_file.c.sshrsacheck openssh-8.7p1/regress/unittests/sshkey/test_file.c --- openssh-8.7p1/regress/unittests/sshkey/test_file.c.sshrsacheck 2023-01-26 12:04:55.946343408 +0100 +++ openssh-8.7p1/regress/unittests/sshkey/test_file.c 2023-01-26 12:06:35.235164432 +0100 @@ -196,22 +187,6 @@ diff -up openssh-8.7p1/regress/unittests/sshkey/test_fuzz.c.sshrsacheck openssh- TEST_START("fuzz RSA SHA256 sig"); buf = load_file("rsa_1"); -@@ -357,6 +358,7 @@ sshkey_fuzz_tests(void) - sshkey_free(k1); - TEST_DONE(); - -+ /* Skip this test, SHA1 signatures are not supported - TEST_START("fuzz DSA sig"); - buf = load_file("dsa_1"); - ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", &k1, NULL), 0); -@@ -364,6 +366,7 @@ sshkey_fuzz_tests(void) - sig_fuzz(k1, NULL); - sshkey_free(k1); - TEST_DONE(); -+ */ - - #ifdef OPENSSL_HAS_ECC - TEST_START("fuzz ECDSA sig"); diff -up openssh-8.7p1/regress/unittests/sshkey/test_sshkey.c.sshrsacheck openssh-8.7p1/regress/unittests/sshkey/test_sshkey.c --- openssh-8.7p1/regress/unittests/sshkey/test_sshkey.c.sshrsacheck 2023-01-26 11:02:52.339413463 +0100 +++ openssh-8.7p1/regress/unittests/sshkey/test_sshkey.c 2023-01-26 11:58:42.324253896 +0100 @@ -277,21 +252,6 @@ diff -up openssh-8.7p1/regress/unittests/sshkey/test_sshkey.c.sshrsacheck openss ASSERT_INT_EQ(sshkey_from_blob(sshbuf_ptr(b), sshbuf_len(b), &k4), SSH_ERR_KEY_CERT_INVALID_SIGN_KEY); ASSERT_PTR_EQ(k4, NULL); -diff -up openssh-8.7p1/regress/unittests/sshsig/tests.c.sshrsacheck openssh-8.7p1/regress/unittests/sshsig/tests.c ---- openssh-8.7p1/regress/unittests/sshsig/tests.c.sshrsacheck 2023-01-26 12:19:23.659513651 +0100 -+++ openssh-8.7p1/regress/unittests/sshsig/tests.c 2023-01-26 12:20:28.021044803 +0100 -@@ -102,9 +102,11 @@ tests(void) - check_sig("rsa.pub", "rsa.sig", msg, namespace); - TEST_DONE(); - -+ /* Skip this test, SHA1 signatures are not supported - TEST_START("check DSA signature"); - check_sig("dsa.pub", "dsa.sig", msg, namespace); - TEST_DONE(); -+ */ - - #ifdef OPENSSL_HAS_ECC - TEST_START("check ECDSA signature"); diff -up openssh-8.7p1/serverloop.c.sshrsacheck openssh-8.7p1/serverloop.c --- openssh-8.7p1/serverloop.c.sshrsacheck 2023-01-12 14:57:08.118400073 +0100 +++ openssh-8.7p1/serverloop.c 2023-01-12 14:59:17.330470518 +0100 @@ -332,61 +292,6 @@ diff -up openssh-8.7p1/sshconnect2.c.sshrsacheck openssh-8.7p1/sshconnect2.c goto out; } -diff -up openssh-8.7p1/sshd.c.sshrsacheck openssh-8.7p1/sshd.c ---- openssh-8.7p1/sshd.c.sshrsacheck 2023-01-12 13:29:06.355711140 +0100 -+++ openssh-8.7p1/sshd.c 2023-01-12 13:29:06.358711178 +0100 -@@ -1640,6 +1651,7 @@ main(int ac, char **av) - Authctxt *authctxt; - struct connection_info *connection_info = NULL; - sigset_t sigmask; -+ int forbid_ssh_rsa = 0; - - #ifdef HAVE_SECUREWARE - (void)set_auth_parameters(ac, av); -@@ -1938,6 +1950,33 @@ main(int ac, char **av) - key = NULL; - continue; - } -+ if (key && (sshkey_type_plain(key->type) == KEY_RSA || sshkey_type_plain(key->type) == KEY_RSA_CERT)) { -+ size_t sign_size = 0; -+ u_char *tmp = NULL; -+ u_char data[] = "Test SHA1 vector"; -+ int res; -+ -+ res = sshkey_sign(key, &tmp, &sign_size, data, sizeof(data), NULL, NULL, NULL, 0); -+ free(tmp); -+ if (res == SSH_ERR_LIBCRYPTO_ERROR) { -+ verbose_f("sshd: SHA1 in signatures is disabled for RSA keys"); -+ forbid_ssh_rsa = 1; -+ } -+ } -+ if (key && (sshkey_type_plain(key->type) == KEY_DSA || sshkey_type_plain(key->type) == KEY_DSA_CERT)) { -+ size_t sign_size = 0; -+ u_char *tmp = NULL; -+ u_char data[] = "Test SHA1 vector"; -+ int res; -+ -+ res = sshkey_sign(key, &tmp, &sign_size, data, sizeof(data), NULL, NULL, NULL, 0); -+ free(tmp); -+ if (res == SSH_ERR_LIBCRYPTO_ERROR) { -+ logit_f("sshd: ssh-dss is disabled, skipping key file %s", options.host_key_files[i]); -+ key = NULL; -+ continue; -+ } -+ } - if (sshkey_is_sk(key) && - key->sk_flags & SSH_SK_USER_PRESENCE_REQD) { - debug("host key %s requires user presence, ignoring", -@@ -2275,6 +2306,9 @@ main(int ac, char **av) - - check_ip_options(ssh); - -+ if (forbid_ssh_rsa) -+ ssh->compat |= SSH_RH_RSASIGSHA; -+ - /* Prepare the channels layer */ - channel_init_channels(ssh); - channel_set_af(ssh, options.address_family); diff -up openssh-8.7p1/ssh-rsa.c.sshrsacheck openssh-8.7p1/ssh-rsa.c --- openssh-8.7p1/ssh-rsa.c.sshrsacheck 2023-01-20 13:07:54.180676144 +0100 +++ openssh-8.7p1/ssh-rsa.c 2023-01-20 13:07:54.290677074 +0100 @@ -400,3 +305,34 @@ diff -up openssh-8.7p1/ssh-rsa.c.sshrsacheck openssh-8.7p1/ssh-rsa.c ret = SSH_ERR_SIGNATURE_INVALID; goto out; } +diff -up openssh-9.8p1/sshd-session.c.xxx openssh-9.8p1/sshd-session.c +--- openssh-9.8p1/sshd-session.c.xxx 2024-07-23 15:08:14.794350818 +0200 ++++ openssh-9.8p1/sshd-session.c 2024-07-23 15:40:21.658456636 +0200 +@@ -1305,6 +1305,27 @@ main(int ac, char **av) + + check_ip_options(ssh); + ++ { ++ struct sshkey *rsakey = NULL; ++ rsakey = get_hostkey_private_by_type(KEY_RSA, 0, ssh); ++ if (rsakey == NULL) ++ rsakey = get_hostkey_private_by_type(KEY_RSA_CERT, 0, ssh); ++ ++ if (rsakey != NULL) { ++ size_t sign_size = 0; ++ u_char *tmp = NULL; ++ u_char data[] = "Test SHA1 vector"; ++ int res; ++ ++ res = sshkey_sign(rsakey, &tmp, &sign_size, data, sizeof(data), NULL, NULL, NULL, 0); ++ free(tmp); ++ if (res == SSH_ERR_LIBCRYPTO_ERROR) { ++ verbose_f("SHA1 in signatures is disabled for RSA keys"); ++ ssh->compat |= SSH_RH_RSASIGSHA; ++ } ++ } ++ } ++ + /* Prepare the channels layer */ + channel_init_channels(ssh); + channel_set_af(ssh, options.address_family); diff --git a/openssh-9.0p1-evp-fips-dh.patch b/openssh-9.0p1-evp-fips-dh.patch index d0470d9..8c70197 100644 --- a/openssh-9.0p1-evp-fips-dh.patch +++ b/openssh-9.0p1-evp-fips-dh.patch @@ -200,7 +200,7 @@ diff --color -ru -x regress -x autom4te.cache -x '*.o' -x '*.lo' -x Makefile -x u_char *kbuf = NULL; size_t klen = 0; - int kout, r; -+ int kout, r = 0; ++ int r = 0; #ifdef DEBUG_KEXDH fprintf(stderr, "dh_pub= "); diff --git a/openssh-9.6p1-gsskex-new-api.patch b/openssh-9.6p1-gsskex-new-api.patch index ed09319..0f2eabb 100644 --- a/openssh-9.6p1-gsskex-new-api.patch +++ b/openssh-9.6p1-gsskex-new-api.patch @@ -811,7 +811,7 @@ diff --color -ruNp a/kexgssc.c b/kexgssc.c + const BIGNUM *pub_key, *dh_p, *dh_g; + u_char hash[SSH_DIGEST_MAX_LENGTH]; + size_t hashlen; -+ int r; ++ int r = SSH_ERR_INTERNAL_ERROR; /* * We _must_ have received a COMPLETE message in reply from the @@ -1163,8 +1163,8 @@ diff --color -ruNp a/kexgsss.c b/kexgsss.c debug2_f("Acquiring credentials"); -- if (GSS_ERROR(PRIVSEP(ssh_gssapi_server_ctx(&ctxt, oid)))) -+ if (GSS_ERROR(PRIVSEP(ssh_gssapi_server_ctx(&kex->gss, oid)))) +- if (GSS_ERROR(mm_ssh_gssapi_server_ctx(&ctxt, oid))) ++ if (GSS_ERROR(mm_ssh_gssapi_server_ctx(&kex->gss, oid))) fatal("Unable to acquire credentials for the server"); - do { @@ -1258,9 +1258,9 @@ diff --color -ruNp a/kexgsss.c b/kexgsss.c + Gssctxt *gss = ssh->kex->gss; + int r; -- maj_status = PRIVSEP(ssh_gssapi_accept_ctx(ctxt, &recv_tok, -- &send_tok, &ret_flags)); -+ gss->major = PRIVSEP(ssh_gssapi_accept_ctx(gss, recv_tok, send_tok, ret_flags)); +- maj_status = mm_ssh_gssapi_accept_ctx(ctxt, &recv_tok, +- &send_tok, &ret_flags); ++ gss->major = mm_ssh_gssapi_accept_ctx(gss, recv_tok, send_tok, ret_flags); + gss_release_buffer(&gss->minor, recv_tok); - gss_release_buffer(&min_status, &recv_tok); @@ -1327,8 +1327,8 @@ diff --color -ruNp a/kexgsss.c b/kexgsss.c + if (!(*ret_flags & GSS_C_INTEG_FLAG)) fatal("Integrity flag wasn't set"); -- if (GSS_ERROR(PRIVSEP(ssh_gssapi_sign(ctxt, &gssbuf, &msg_tok)))) -+ if (GSS_ERROR(PRIVSEP(ssh_gssapi_sign(gss, &gss->buf, &msg_tok)))) +- if (GSS_ERROR(mm_ssh_gssapi_sign(ctxt, &gssbuf, &msg_tok))) ++ if (GSS_ERROR(mm_ssh_gssapi_sign(gss, &gss->buf, &msg_tok))) fatal("Couldn't get MIC"); if ((r = sshpkt_start(ssh, SSH2_MSG_KEXGSS_COMPLETE)) != 0 || @@ -1537,8 +1537,8 @@ diff --color -ruNp a/kexgsss.c b/kexgsss.c debug2_f("Acquiring credentials"); -- if (GSS_ERROR(PRIVSEP(ssh_gssapi_server_ctx(&ctxt, oid)))) -+ if (GSS_ERROR(PRIVSEP(ssh_gssapi_server_ctx(&kex->gss, oid)))) +- if (GSS_ERROR(mm_ssh_gssapi_server_ctx(&ctxt, oid))) ++ if (GSS_ERROR(mm_ssh_gssapi_server_ctx(&kex->gss, oid))) fatal("Unable to acquire credentials for the server"); - /* 5. S generates an ephemeral key pair (do the allocations early) */ @@ -1560,7 +1560,7 @@ diff --color -ruNp a/kexgsss.c b/kexgsss.c - if (max < min || nbits < min || max < nbits) - fatal("GSS_GEX, bad parameters: %d !< %d !< %d", - min, nbits, max); -- kex->dh = PRIVSEP(choose_dh(min, nbits, max)); +- kex->dh = mm_choose_dh(min, nbits, max); - if (kex->dh == NULL) { - sshpkt_disconnect(ssh, "Protocol error: no matching group found"); - fatal("Protocol error: no matching group found"); @@ -1621,11 +1621,11 @@ diff --color -ruNp a/kexgsss.c b/kexgsss.c - "Protocol error: didn't expect packet type %d", - type); - } -+ gss->major = PRIVSEP(ssh_gssapi_accept_ctx(gss, recv_tok, send_tok, ret_flags)); ++ gss->major = mm_ssh_gssapi_accept_ctx(gss, recv_tok, send_tok, ret_flags); + gss_release_buffer(&gss->minor, recv_tok); -- maj_status = PRIVSEP(ssh_gssapi_accept_ctx(ctxt, &recv_tok, -- &send_tok, &ret_flags)); +- maj_status = mm_ssh_gssapi_accept_ctx(ctxt, &recv_tok, +- &send_tok, &ret_flags); + if (gss->major != GSS_S_COMPLETE && send_tok->length == 0) + fatal("Zero length token output when incomplete"); @@ -1744,8 +1744,8 @@ diff --color -ruNp a/kexgsss.c b/kexgsss.c + gss->buf.value = hash; + gss->buf.length = hashlen; -- if (GSS_ERROR(PRIVSEP(ssh_gssapi_sign(ctxt, &gssbuf, &msg_tok)))) -+ if (GSS_ERROR(PRIVSEP(ssh_gssapi_sign(gss, &gss->buf, &msg_tok)))) +- if (GSS_ERROR(mm_ssh_gssapi_sign(ctxt, &gssbuf, &msg_tok))) ++ if (GSS_ERROR(mm_ssh_gssapi_sign(gss, &gss->buf, &msg_tok))) fatal("Couldn't get MIC"); if ((r = sshpkt_start(ssh, SSH2_MSG_KEXGSS_COMPLETE)) != 0 || @@ -1833,7 +1833,7 @@ diff --color -ruNp a/kexgsss.c b/kexgsss.c + if (max < min || nbits < min || max < nbits) + fatal("GSS_GEX, bad parameters: %d !< %d !< %d", min, nbits, max); + -+ kex->dh = PRIVSEP(choose_dh(min, nbits, max)); ++ kex->dh = mm_choose_dh(min, nbits, max); + if (kex->dh == NULL) { + sshpkt_disconnect(ssh, "Protocol error: no matching group found"); + fatal("Protocol error: no matching group found"); diff --git a/openssh-9.6p1-gsissh.patch b/openssh-9.8p1-gsissh.patch similarity index 85% rename from openssh-9.6p1-gsissh.patch rename to openssh-9.8p1-gsissh.patch index a2d2eff..ecb2c4e 100644 --- a/openssh-9.6p1-gsissh.patch +++ b/openssh-9.8p1-gsissh.patch @@ -1,6 +1,6 @@ -diff -Nur openssh-9.6p1.orig/auth2.c openssh-9.6p1/auth2.c ---- openssh-9.6p1.orig/auth2.c 2024-07-07 07:25:31.581747706 +0200 -+++ openssh-9.6p1/auth2.c 2024-07-07 07:26:28.481916473 +0200 +diff -Nur openssh-9.8p1.orig/auth2.c openssh-9.8p1/auth2.c +--- openssh-9.8p1.orig/auth2.c 2024-09-30 11:38:28.487321398 +0200 ++++ openssh-9.8p1/auth2.c 2024-10-01 08:11:48.131268544 +0200 @@ -286,7 +286,28 @@ (r = sshpkt_get_cstring(ssh, &service, NULL)) != 0 || (r = sshpkt_get_cstring(ssh, &method, NULL)) != 0) @@ -12,7 +12,7 @@ diff -Nur openssh-9.6p1.orig/auth2.c openssh-9.6p1/auth2.c + debug("received empty username for %s", method); + if (strcmp(method, "gssapi-keyex") == 0) { + char *lname = NULL; -+ PRIVSEP(ssh_gssapi_localname(&lname)); ++ mm_ssh_gssapi_localname(&lname); + if (lname && lname[0] != '\0') { + free(user); + user = lname; @@ -37,7 +37,7 @@ diff -Nur openssh-9.6p1.orig/auth2.c openssh-9.6p1/auth2.c auth_maxtries_exceeded(ssh); - if (authctxt->attempt++ == 0) { - /* setup auth context */ -- authctxt->pw = PRIVSEP(getpwnamallow(ssh, user)); +- authctxt->pw = mm_getpwnamallow(ssh, user); + /* If first time or username changed or empty username, + setup/reset authentication context. */ + if ((authctxt->attempt++ == 0) || @@ -64,7 +64,7 @@ diff -Nur openssh-9.6p1.orig/auth2.c openssh-9.6p1/auth2.c + authctxt->pw = fakepw(); + } else { +#endif -+ authctxt->pw = PRIVSEP(getpwnamallow(ssh, user)); ++ authctxt->pw = mm_getpwnamallow(ssh, user); + if (authctxt->pw) { authctxt->valid = 1; debug2_f("setting up authctxt for %s", user); @@ -78,16 +78,16 @@ diff -Nur openssh-9.6p1.orig/auth2.c openssh-9.6p1/auth2.c +#endif #ifdef USE_PAM if (options.use_pam) - PRIVSEP(start_pam(ssh)); -@@ -319,6 +365,7 @@ + mm_start_pam(ssh); +@@ -318,6 +364,7 @@ + ssh_packet_set_log_preamble(ssh, "%suser %s", authctxt->valid ? "authenticating " : "invalid ", user); - setproctitle("%s%s", authctxt->valid ? user : "unknown", - use_privsep ? " [net]" : ""); + setproctitle("%s [net]", authctxt->valid ? user : "unknown"); + if (authctxt->attempt == 1) { authctxt->service = xstrdup(service); authctxt->style = style ? xstrdup(style) : NULL; #ifdef WITH_SELINUX -@@ -336,9 +383,10 @@ +@@ -333,9 +380,10 @@ if (auth2_setup_methods_lists(authctxt) != 0) ssh_packet_disconnect(ssh, "no authentication methods enabled"); @@ -101,18 +101,18 @@ diff -Nur openssh-9.6p1.orig/auth2.c openssh-9.6p1/auth2.c "not allowed: (%s,%s) -> (%s,%s)", authctxt->user, authctxt->service, user, service); } -diff -Nur openssh-9.6p1.orig/auth2-gss.c openssh-9.6p1/auth2-gss.c ---- openssh-9.6p1.orig/auth2-gss.c 2024-07-07 07:25:31.469747374 +0200 -+++ openssh-9.6p1/auth2-gss.c 2024-07-07 07:26:28.482916477 +0200 -@@ -52,6 +52,7 @@ - - extern ServerOptions options; +diff -Nur openssh-9.8p1.orig/auth2-gss.c openssh-9.8p1/auth2-gss.c +--- openssh-9.8p1.orig/auth2-gss.c 2024-09-30 11:38:28.368321057 +0200 ++++ openssh-9.8p1/auth2-gss.c 2024-10-01 13:47:06.876811637 +0200 +@@ -54,6 +54,7 @@ + extern struct authmethod_cfg methodcfg_gsskeyex; + extern struct authmethod_cfg methodcfg_gssapi; +static void ssh_gssapi_userauth_error(Gssctxt *ctxt, struct ssh *ssh); static int input_gssapi_token(int type, u_int32_t plen, struct ssh *ssh); static int input_gssapi_mic(int type, u_int32_t plen, struct ssh *ssh); static int input_gssapi_exchange_complete(int type, u_int32_t plen, struct ssh *ssh); -@@ -65,8 +66,8 @@ +@@ -67,8 +68,8 @@ { Authctxt *authctxt = ssh->authctxt; int r, authenticated = 0; @@ -123,7 +123,7 @@ diff -Nur openssh-9.6p1.orig/auth2-gss.c openssh-9.6p1/auth2-gss.c u_char *p; size_t len; -@@ -77,6 +78,9 @@ +@@ -79,6 +80,9 @@ if ((b = sshbuf_new()) == NULL) fatal_f("sshbuf_new failed"); @@ -133,7 +133,7 @@ diff -Nur openssh-9.6p1.orig/auth2-gss.c openssh-9.6p1/auth2-gss.c mic.value = p; mic.length = len; -@@ -87,13 +91,29 @@ +@@ -89,13 +93,28 @@ fatal_f("sshbuf_mutable_ptr failed"); gssbuf.length = sshbuf_len(b); @@ -147,17 +147,16 @@ diff -Nur openssh-9.6p1.orig/auth2-gss.c openssh-9.6p1/auth2-gss.c + gssbuf2.length = sshbuf_len(b2); + /* gss_kex_context is NULL with privsep, so we can't check it here */ - if (!GSS_ERROR(PRIVSEP(ssh_gssapi_checkmic(gss_kex_context, -- &gssbuf, &mic)))) -- authenticated = PRIVSEP(ssh_gssapi_userok(authctxt->user, -- authctxt->pw, 1)); -+ &gssbuf, &mic))) || -+ !GSS_ERROR(PRIVSEP(ssh_gssapi_checkmic(gss_kex_context, -+ &gssbuf2, &mic)))) { + if (!GSS_ERROR(mm_ssh_gssapi_checkmic(gss_kex_context, +- &gssbuf, &mic))) +- authenticated = mm_ssh_gssapi_userok(authctxt->user, +- authctxt->pw, 1); ++ &gssbuf, &mic)) || ++ !GSS_ERROR(mm_ssh_gssapi_checkmic(gss_kex_context, ++ &gssbuf2, &mic))) { + if (authctxt->valid && authctxt->user && authctxt->user[0]) { -+ authenticated = -+ PRIVSEP(ssh_gssapi_userok(authctxt->user, -+ authctxt->pw, 1)); ++ authenticated = mm_ssh_gssapi_userok(authctxt->user, ++ authctxt->pw, 1); + } + } @@ -166,7 +165,7 @@ diff -Nur openssh-9.6p1.orig/auth2-gss.c openssh-9.6p1/auth2-gss.c free(mic.value); return (authenticated); -@@ -152,7 +172,9 @@ +@@ -154,7 +173,9 @@ return (0); } @@ -177,7 +176,7 @@ diff -Nur openssh-9.6p1.orig/auth2-gss.c openssh-9.6p1/auth2-gss.c debug2_f("disabled because of invalid user"); free(doid); return (0); -@@ -190,7 +212,7 @@ +@@ -192,7 +213,7 @@ Gssctxt *gssctxt; gss_buffer_desc send_tok = GSS_C_EMPTY_BUFFER; gss_buffer_desc recv_tok; @@ -186,7 +185,7 @@ diff -Nur openssh-9.6p1.orig/auth2-gss.c openssh-9.6p1/auth2-gss.c u_char *p; size_t len; int r; -@@ -211,6 +233,7 @@ +@@ -213,6 +234,7 @@ free(p); if (GSS_ERROR(maj_status)) { @@ -194,7 +193,7 @@ diff -Nur openssh-9.6p1.orig/auth2-gss.c openssh-9.6p1/auth2-gss.c if (send_tok.length != 0) { if ((r = sshpkt_start(ssh, SSH2_MSG_USERAUTH_GSSAPI_ERRTOK)) != 0 || -@@ -285,6 +308,34 @@ +@@ -287,6 +309,34 @@ return 0; } @@ -205,17 +204,17 @@ diff -Nur openssh-9.6p1.orig/auth2-gss.c openssh-9.6p1/auth2-gss.c + char *lname = NULL; + + if ((authctxt->user == NULL) || (authctxt->user[0] == '\0')) { -+ PRIVSEP(ssh_gssapi_localname(&lname)); ++ mm_ssh_gssapi_localname(&lname); + if (lname && lname[0] != '\0') { + if (authctxt->user) free(authctxt->user); + authctxt->user = lname; + debug("set username to %s from gssapi context", lname); -+ authctxt->pw = PRIVSEP(getpwnamallow(ssh, authctxt->user)); ++ authctxt->pw = mm_getpwnamallow(ssh, authctxt->user); + if (authctxt->pw) { + authctxt->valid = 1; +#ifdef USE_PAM + if (options.use_pam) -+ PRIVSEP(start_pam(ssh)); ++ mm_start_pam(ssh); +#endif + } + } else { @@ -229,15 +228,14 @@ diff -Nur openssh-9.6p1.orig/auth2-gss.c openssh-9.6p1/auth2-gss.c /* * This is called when the client thinks we've completed authentication. * It should only be enabled in the dispatch handler by the function above, -@@ -295,12 +346,14 @@ +@@ -297,11 +347,13 @@ input_gssapi_exchange_complete(int type, u_int32_t plen, struct ssh *ssh) { Authctxt *authctxt = ssh->authctxt; - int r, authenticated; + int r, authenticated = 0; - const char *displayname; - if (authctxt == NULL || (authctxt->methoddata == NULL && !use_privsep)) + if (authctxt == NULL) fatal("No authentication or GSSAPI context"); + gssapi_set_username(ssh); @@ -245,35 +243,32 @@ diff -Nur openssh-9.6p1.orig/auth2-gss.c openssh-9.6p1/auth2-gss.c /* * We don't need to check the status, because we're only enabled in * the dispatcher once the exchange is complete -@@ -309,8 +362,11 @@ +@@ -310,7 +362,11 @@ if ((r = sshpkt_get_end(ssh)) != 0) fatal_fr(r, "parse packet"); -- authenticated = PRIVSEP(ssh_gssapi_userok(authctxt->user, -- authctxt->pw, 1)); +- authenticated = mm_ssh_gssapi_userok(authctxt->user, authctxt->pw, 1); + /* user should be set if valid but we double-check here */ + if (authctxt->valid && authctxt->user && authctxt->user[0]) { -+ authenticated = PRIVSEP(ssh_gssapi_userok(authctxt->user, -+ authctxt->pw, 1)); ++ authenticated = mm_ssh_gssapi_userok(authctxt->user, ++ authctxt->pw, 1); + } - if ((!use_privsep || mm_is_monitor()) && - (displayname = ssh_gssapi_displayname()) != NULL) -@@ -362,11 +418,17 @@ + authctxt->postponed = 0; + ssh_dispatch_set(ssh, SSH2_MSG_USERAUTH_GSSAPI_TOKEN, NULL); +@@ -357,10 +413,16 @@ fatal_f("sshbuf_mutable_ptr failed"); gssbuf.length = sshbuf_len(b); -- if (!GSS_ERROR(PRIVSEP(ssh_gssapi_checkmic(gssctxt, &gssbuf, &mic)))) -- authenticated = PRIVSEP(ssh_gssapi_userok(authctxt->user, -- authctxt->pw, 0)); +- if (!GSS_ERROR(mm_ssh_gssapi_checkmic(gssctxt, &gssbuf, &mic))) +- authenticated = mm_ssh_gssapi_userok(authctxt->user, authctxt->pw, 0); - else + gssapi_set_username(ssh); + -+ if (!GSS_ERROR(PRIVSEP(ssh_gssapi_checkmic(gssctxt, &gssbuf, &mic)))) { ++ if (!GSS_ERROR(mm_ssh_gssapi_checkmic(gssctxt, &gssbuf, &mic))) { + if (authctxt->valid && authctxt->user && authctxt->user[0]) { -+ authenticated = -+ PRIVSEP(ssh_gssapi_userok(authctxt->user, -+ authctxt->pw, 0)); ++ authenticated = mm_ssh_gssapi_userok(authctxt->user, ++ authctxt->pw, 0); + } + } else { logit("GSSAPI MIC check failed"); @@ -281,7 +276,7 @@ diff -Nur openssh-9.6p1.orig/auth2-gss.c openssh-9.6p1/auth2-gss.c sshbuf_free(b); if (micuser != authctxt->user) -@@ -386,6 +448,26 @@ +@@ -376,6 +438,26 @@ return 0; } @@ -290,7 +285,7 @@ diff -Nur openssh-9.6p1.orig/auth2-gss.c openssh-9.6p1/auth2-gss.c + OM_uint32 maj, min; + int r; + -+ errstr = PRIVSEP(ssh_gssapi_last_error(ctxt, &maj, &min)); ++ errstr = mm_ssh_gssapi_last_error(ctxt, &maj, &min); + if (errstr) { + if ((r = sshpkt_start(ssh, + SSH2_MSG_USERAUTH_GSSAPI_ERROR)) != 0 || @@ -306,12 +301,12 @@ diff -Nur openssh-9.6p1.orig/auth2-gss.c openssh-9.6p1/auth2-gss.c +} + Authmethod method_gsskeyex = { - "gssapi-keyex", - NULL, -diff -Nur openssh-9.6p1.orig/auth.c openssh-9.6p1/auth.c ---- openssh-9.6p1.orig/auth.c 2024-07-07 07:25:31.582747709 +0200 -+++ openssh-9.6p1/auth.c 2024-07-07 07:26:28.482916477 +0200 -@@ -299,7 +299,8 @@ + &methodcfg_gsskeyex, + userauth_gsskeyex, +diff -Nur openssh-9.8p1.orig/auth.c openssh-9.8p1/auth.c +--- openssh-9.8p1.orig/auth.c 2024-09-30 11:38:28.488321400 +0200 ++++ openssh-9.8p1/auth.c 2024-09-30 11:39:17.561461794 +0200 +@@ -298,7 +298,8 @@ method, submethod != NULL ? "/" : "", submethod == NULL ? "" : submethod, authctxt->valid ? "" : "invalid user ", @@ -321,7 +316,7 @@ diff -Nur openssh-9.6p1.orig/auth.c openssh-9.6p1/auth.c ssh_remote_ipaddr(ssh), ssh_remote_port(ssh), extra != NULL ? ": " : "", -@@ -487,13 +488,18 @@ +@@ -486,13 +487,18 @@ #endif pw = getpwnam(user); @@ -341,9 +336,9 @@ diff -Nur openssh-9.6p1.orig/auth.c openssh-9.6p1/auth.c #ifdef CUSTOM_FAILED_LOGIN record_failed_login(ssh, user, auth_get_canonical_hostname(ssh, options.use_dns), "ssh"); -diff -Nur openssh-9.6p1.orig/auth.h openssh-9.6p1/auth.h ---- openssh-9.6p1.orig/auth.h 2024-07-07 07:25:31.582747709 +0200 -+++ openssh-9.6p1/auth.h 2024-07-07 07:26:28.483916479 +0200 +diff -Nur openssh-9.8p1.orig/auth.h openssh-9.8p1/auth.h +--- openssh-9.8p1.orig/auth.h 2024-09-30 11:38:28.489321403 +0200 ++++ openssh-9.8p1/auth.h 2024-09-30 11:39:17.561461794 +0200 @@ -85,6 +85,8 @@ krb5_principal krb5_user; char *krb5_ticket_file; @@ -353,10 +348,10 @@ diff -Nur openssh-9.6p1.orig/auth.h openssh-9.6p1/auth.h int krb5_set_env; #endif struct sshbuf *loginmsg; -diff -Nur openssh-9.6p1.orig/auth-pam.c openssh-9.6p1/auth-pam.c ---- openssh-9.6p1.orig/auth-pam.c 2024-07-07 07:25:31.623747830 +0200 -+++ openssh-9.6p1/auth-pam.c 2024-07-07 07:26:28.483916479 +0200 -@@ -252,6 +252,7 @@ +diff -Nur openssh-9.8p1.orig/auth-pam.c openssh-9.8p1/auth-pam.c +--- openssh-9.8p1.orig/auth-pam.c 2024-09-30 11:38:28.533321529 +0200 ++++ openssh-9.8p1/auth-pam.c 2024-09-30 11:39:17.562461797 +0200 +@@ -248,6 +248,7 @@ static const char *sshpam_password = NULL; static char *sshpam_rhost = NULL; static char *sshpam_laddr = NULL; @@ -364,7 +359,7 @@ diff -Nur openssh-9.6p1.orig/auth-pam.c openssh-9.6p1/auth-pam.c /* Some PAM implementations don't implement this */ #ifndef HAVE_PAM_GETENVLIST -@@ -300,6 +301,56 @@ +@@ -296,6 +297,56 @@ # define pam_chauthtok(a,b) (sshpam_chauthtok_ruid((a), (b))) #endif @@ -421,7 +416,7 @@ diff -Nur openssh-9.6p1.orig/auth-pam.c openssh-9.6p1/auth-pam.c static void sshpam_password_change_required(int reqd) { -@@ -331,7 +382,7 @@ +@@ -327,7 +378,7 @@ static void import_environments(struct sshbuf *b) { @@ -430,7 +425,7 @@ diff -Nur openssh-9.6p1.orig/auth-pam.c openssh-9.6p1/auth-pam.c u_int n, i, num_env; int r; -@@ -347,6 +398,19 @@ +@@ -343,6 +394,19 @@ if ((r = sshbuf_get_u32(b, &n)) != 0) fatal("%s: buffer error: %s", __func__, ssh_err(r)); sshpam_password_change_required(n != 0); @@ -450,7 +445,7 @@ diff -Nur openssh-9.6p1.orig/auth-pam.c openssh-9.6p1/auth-pam.c /* Import environment from subprocess */ if ((r = sshbuf_get_u32(b, &num_env)) != 0) -@@ -526,6 +590,13 @@ +@@ -522,6 +586,13 @@ if (sshpam_err != PAM_SUCCESS) goto auth_fail; @@ -464,7 +459,7 @@ diff -Nur openssh-9.6p1.orig/auth-pam.c openssh-9.6p1/auth-pam.c if (!do_pam_account()) { /* Preserve PAM_PERM_DENIED and PAM_USER_UNKNOWN. * Backward compatibility for other errors. */ -@@ -550,6 +621,13 @@ +@@ -546,6 +617,13 @@ if ((r = sshbuf_put_u32(buffer, sshpam_account_status)) != 0 || (r = sshbuf_put_u32(buffer, sshpam_authctxt->force_pwchange)) != 0) fatal("%s: buffer error: %s", __func__, ssh_err(r)); @@ -507,7 +502,7 @@ diff -Nur openssh-9.6p1.orig/auth-pam.c openssh-9.6p1/auth-pam.c sshpam_account_status = 0; return (sshpam_account_status); @@ -1384,6 +1476,9 @@ - pam_strerror(sshpam_handle, sshpam_err)); + expose_authinfo(__func__); sshpam_err = pam_authenticate(sshpam_handle, flags); + if (options.permit_pam_user_change) { @@ -516,9 +511,9 @@ diff -Nur openssh-9.6p1.orig/auth-pam.c openssh-9.6p1/auth-pam.c sshpam_password = NULL; free(fake); if (sshpam_err == PAM_MAXTRIES) -diff -Nur openssh-9.6p1.orig/auth-pam.h openssh-9.6p1/auth-pam.h ---- openssh-9.6p1.orig/auth-pam.h 2024-07-07 07:25:31.437747279 +0200 -+++ openssh-9.6p1/auth-pam.h 2024-07-07 07:26:28.484916482 +0200 +diff -Nur openssh-9.8p1.orig/auth-pam.h openssh-9.8p1/auth-pam.h +--- openssh-9.8p1.orig/auth-pam.h 2024-09-30 11:38:28.333320957 +0200 ++++ openssh-9.8p1/auth-pam.h 2024-09-30 11:39:17.563461800 +0200 @@ -43,5 +43,6 @@ int sshpam_get_maxtries_reached(void); void sshpam_set_maxtries_reached(int); @@ -526,9 +521,9 @@ diff -Nur openssh-9.6p1.orig/auth-pam.h openssh-9.6p1/auth-pam.h +struct passwd *sshpam_getpw(const char *); #endif /* USE_PAM */ -diff -Nur openssh-9.6p1.orig/canohost.c openssh-9.6p1/canohost.c ---- openssh-9.6p1.orig/canohost.c 2024-07-07 07:25:31.470747377 +0200 -+++ openssh-9.6p1/canohost.c 2024-07-07 07:26:28.484916482 +0200 +diff -Nur openssh-9.8p1.orig/canohost.c openssh-9.8p1/canohost.c +--- openssh-9.8p1.orig/canohost.c 2024-09-30 11:38:28.368321057 +0200 ++++ openssh-9.8p1/canohost.c 2024-09-30 11:39:17.564461803 +0200 @@ -17,6 +17,7 @@ #include #include @@ -571,9 +566,9 @@ diff -Nur openssh-9.6p1.orig/canohost.c openssh-9.6p1/canohost.c + } + } +} -diff -Nur openssh-9.6p1.orig/canohost.h openssh-9.6p1/canohost.h ---- openssh-9.6p1.orig/canohost.h 2024-07-07 07:25:31.470747377 +0200 -+++ openssh-9.6p1/canohost.h 2024-07-07 07:26:28.484916482 +0200 +diff -Nur openssh-9.8p1.orig/canohost.h openssh-9.8p1/canohost.h +--- openssh-9.8p1.orig/canohost.h 2024-09-30 11:38:28.369321060 +0200 ++++ openssh-9.8p1/canohost.h 2024-09-30 11:39:17.564461803 +0200 @@ -26,4 +26,6 @@ #endif /* _CANOHOST_H */ @@ -581,10 +576,10 @@ diff -Nur openssh-9.6p1.orig/canohost.h openssh-9.6p1/canohost.h +void resolve_localhost(char **host); + void ipv64_normalise_mapped(struct sockaddr_storage *, socklen_t *); -diff -Nur openssh-9.6p1.orig/configure.ac openssh-9.6p1/configure.ac ---- openssh-9.6p1.orig/configure.ac 2024-07-07 07:25:31.559747641 +0200 -+++ openssh-9.6p1/configure.ac 2024-07-07 07:26:28.486916488 +0200 -@@ -4866,6 +4866,14 @@ +diff -Nur openssh-9.8p1.orig/configure.ac openssh-9.8p1/configure.ac +--- openssh-9.8p1.orig/configure.ac 2024-09-30 11:38:28.463321329 +0200 ++++ openssh-9.8p1/configure.ac 2024-09-30 11:39:17.565461806 +0200 +@@ -4909,6 +4909,14 @@ AC_CHECK_HEADER([gssapi_krb5.h], , [ CPPFLAGS="$oldCPP" ]) @@ -599,7 +594,7 @@ diff -Nur openssh-9.6p1.orig/configure.ac openssh-9.6p1/configure.ac fi fi if test -n "${rpath_opt}" ; then -@@ -4907,6 +4915,40 @@ +@@ -4950,6 +4958,40 @@ AC_SUBST([K5LIBS]) AC_SUBST([CHANNELLIBS]) @@ -640,9 +635,9 @@ diff -Nur openssh-9.6p1.orig/configure.ac openssh-9.6p1/configure.ac # Looking for programs, paths and files PRIVSEP_PATH=/var/empty -diff -Nur openssh-9.6p1.orig/gss-genr.c openssh-9.6p1/gss-genr.c ---- openssh-9.6p1.orig/gss-genr.c 2024-07-07 07:25:31.626747839 +0200 -+++ openssh-9.6p1/gss-genr.c 2024-07-07 07:26:28.486916488 +0200 +diff -Nur openssh-9.8p1.orig/gss-genr.c openssh-9.8p1/gss-genr.c +--- openssh-9.8p1.orig/gss-genr.c 2024-09-30 11:38:28.535321535 +0200 ++++ openssh-9.8p1/gss-genr.c 2024-09-30 11:39:17.566461808 +0200 @@ -41,6 +41,7 @@ #include "ssherr.h" #include "sshbuf.h" @@ -679,9 +674,9 @@ diff -Nur openssh-9.6p1.orig/gss-genr.c openssh-9.6p1/gss-genr.c free(gssbuf.value); return (ctx->major); } -diff -Nur openssh-9.6p1.orig/gss-serv.c openssh-9.6p1/gss-serv.c ---- openssh-9.6p1.orig/gss-serv.c 2024-07-07 07:25:31.489747433 +0200 -+++ openssh-9.6p1/gss-serv.c 2024-07-07 07:26:28.487916491 +0200 +diff -Nur openssh-9.8p1.orig/gss-serv.c openssh-9.8p1/gss-serv.c +--- openssh-9.8p1.orig/gss-serv.c 2024-09-30 11:38:28.389321117 +0200 ++++ openssh-9.8p1/gss-serv.c 2024-09-30 11:39:17.567461811 +0200 @@ -50,10 +50,12 @@ #include "monitor_wrap.h" @@ -942,8 +937,8 @@ diff -Nur openssh-9.6p1.orig/gss-serv.c openssh-9.6p1/gss-serv.c + gssapi_client.store.envval == NULL) return; - ok = PRIVSEP(ssh_gssapi_update_creds(&gssapi_client.store)); -@@ -526,6 +612,18 @@ + ok = mm_ssh_gssapi_update_creds(&gssapi_client.store); +@@ -521,6 +607,18 @@ if (ret) return; @@ -962,9 +957,9 @@ diff -Nur openssh-9.6p1.orig/gss-serv.c openssh-9.6p1/gss-serv.c xasprintf(&envstr, "%s=%s", gssapi_client.store.envvar, gssapi_client.store.envval); -diff -Nur openssh-9.6p1.orig/gss-serv-gsi.c openssh-9.6p1/gss-serv-gsi.c ---- openssh-9.6p1.orig/gss-serv-gsi.c 1970-01-01 01:00:00.000000000 +0100 -+++ openssh-9.6p1/gss-serv-gsi.c 2024-07-07 07:26:28.488916494 +0200 +diff -Nur openssh-9.8p1.orig/gss-serv-gsi.c openssh-9.8p1/gss-serv-gsi.c +--- openssh-9.8p1.orig/gss-serv-gsi.c 1970-01-01 01:00:00.000000000 +0100 ++++ openssh-9.8p1/gss-serv-gsi.c 2024-09-30 11:39:17.567461811 +0200 @@ -0,0 +1,328 @@ +/* + * Copyright (c) 2001-2003 Simon Wilkinson. All rights reserved. @@ -1294,9 +1289,9 @@ diff -Nur openssh-9.6p1.orig/gss-serv-gsi.c openssh-9.6p1/gss-serv-gsi.c + +#endif /* GSI */ +#endif /* GSSAPI */ -diff -Nur openssh-9.6p1.orig/gss-serv-krb5.c openssh-9.6p1/gss-serv-krb5.c ---- openssh-9.6p1.orig/gss-serv-krb5.c 2024-07-07 07:25:31.515747510 +0200 -+++ openssh-9.6p1/gss-serv-krb5.c 2024-07-07 07:26:28.488916494 +0200 +diff -Nur openssh-9.8p1.orig/gss-serv-krb5.c openssh-9.8p1/gss-serv-krb5.c +--- openssh-9.8p1.orig/gss-serv-krb5.c 2024-09-30 11:38:28.418321200 +0200 ++++ openssh-9.8p1/gss-serv-krb5.c 2024-09-30 11:39:17.568461814 +0200 @@ -379,6 +379,34 @@ return found_principal; } @@ -1350,9 +1345,9 @@ diff -Nur openssh-9.6p1.orig/gss-serv-krb5.c openssh-9.6p1/gss-serv-krb5.c &ssh_gssapi_krb5_storecreds, &ssh_gssapi_krb5_updatecreds }; -diff -Nur openssh-9.6p1.orig/kexgsss.c openssh-9.6p1/kexgsss.c ---- openssh-9.6p1.orig/kexgsss.c 2024-07-07 07:25:31.497747457 +0200 -+++ openssh-9.6p1/kexgsss.c 2024-07-07 08:04:49.351732601 +0200 +diff -Nur openssh-9.8p1.orig/kexgsss.c openssh-9.8p1/kexgsss.c +--- openssh-9.8p1.orig/kexgsss.c 2024-09-30 11:38:28.399321146 +0200 ++++ openssh-9.8p1/kexgsss.c 2024-09-30 15:10:29.856045413 +0200 @@ -48,6 +48,7 @@ #include "digest.h" #include "ssherr.h" @@ -1365,8 +1360,8 @@ diff -Nur openssh-9.6p1.orig/kexgsss.c openssh-9.6p1/kexgsss.c debug2_f("Acquiring credentials"); -- if (GSS_ERROR(PRIVSEP(ssh_gssapi_server_ctx(&kex->gss, oid)))) -+ if (GSS_ERROR(PRIVSEP(ssh_gssapi_server_ctx(&kex->gss, oid)))) { +- if (GSS_ERROR(mm_ssh_gssapi_server_ctx(&kex->gss, oid))) ++ if (GSS_ERROR(mm_ssh_gssapi_server_ctx(&kex->gss, oid))) { + kex_gss_send_error(kex->gss, ssh); fatal("Unable to acquire credentials for the server"); + } @@ -1408,7 +1403,7 @@ diff -Nur openssh-9.6p1.orig/kexgsss.c openssh-9.6p1/kexgsss.c + OM_uint32 maj, min; + int r; + -+ errstr = PRIVSEP(ssh_gssapi_last_error(ctxt, &maj, &min)); ++ errstr = mm_ssh_gssapi_last_error(ctxt, &maj, &min); + if (errstr) { + if ((r = sshpkt_start(ssh, SSH2_MSG_KEXGSS_ERROR)) != 0 || + (r = sshpkt_put_u32(ssh, maj)) != 0 || @@ -1425,20 +1420,20 @@ diff -Nur openssh-9.6p1.orig/kexgsss.c openssh-9.6p1/kexgsss.c +} + #endif /* defined(GSSAPI) && defined(WITH_OPENSSL) */ -diff -Nur openssh-9.6p1.orig/Makefile.in openssh-9.6p1/Makefile.in ---- openssh-9.6p1.orig/Makefile.in 2024-07-07 07:25:31.584747715 +0200 -+++ openssh-9.6p1/Makefile.in 2024-07-07 07:26:28.489916497 +0200 -@@ -130,6 +130,7 @@ +diff -Nur openssh-9.8p1.orig/Makefile.in openssh-9.8p1/Makefile.in +--- openssh-9.8p1.orig/Makefile.in 2024-09-30 11:38:28.491321409 +0200 ++++ openssh-9.8p1/Makefile.in 2024-09-30 11:43:22.688163055 +0200 +@@ -138,6 +138,7 @@ auth2-none.o auth2-passwd.o auth2-pubkey.o auth2-pubkeyfile.o \ - monitor.o monitor_wrap.o auth-krb5.o \ - auth2-gss.o gss-serv.o gss-serv-krb5.o kexgsss.o \ + monitor.o monitor_wrap.o auth-krb5.o kexgsss.o \ + auth2-gss.o gss-serv.o gss-serv-krb5.o \ + gss-serv-gsi.o \ loginrec.o auth-pam.o auth-shadow.o auth-sia.o \ - srclimit.o sftp-server.o sftp-common.o \ + sftp-server.o sftp-common.o \ sandbox-null.o sandbox-rlimit.o sandbox-systrace.o sandbox-darwin.o \ -diff -Nur openssh-9.6p1.orig/misc.c openssh-9.6p1/misc.c ---- openssh-9.6p1.orig/misc.c 2024-07-07 07:25:31.628747845 +0200 -+++ openssh-9.6p1/misc.c 2024-07-07 07:26:28.490916500 +0200 +diff -Nur openssh-9.8p1.orig/misc.c openssh-9.8p1/misc.c +--- openssh-9.8p1.orig/misc.c 2024-09-30 11:38:28.537321541 +0200 ++++ openssh-9.8p1/misc.c 2024-09-30 11:39:17.570461820 +0200 @@ -419,11 +419,14 @@ #define WHITESPACE " \t\r\n" #define QUOTE "\"" @@ -1498,10 +1493,10 @@ diff -Nur openssh-9.6p1.orig/misc.c openssh-9.6p1/misc.c /* * Convert ASCII string to TCP/IP port number. * Port must be >=0 and <=65535. -diff -Nur openssh-9.6p1.orig/misc.h openssh-9.6p1/misc.h ---- openssh-9.6p1.orig/misc.h 2024-07-07 07:25:31.534747567 +0200 -+++ openssh-9.6p1/misc.h 2024-07-07 07:26:28.490916500 +0200 -@@ -103,6 +103,7 @@ +diff -Nur openssh-9.8p1.orig/misc.h openssh-9.8p1/misc.h +--- openssh-9.8p1.orig/misc.h 2024-09-30 11:38:28.435321249 +0200 ++++ openssh-9.8p1/misc.h 2024-09-30 11:39:17.570461820 +0200 +@@ -111,6 +111,7 @@ void sock_set_v6only(int); struct passwd *pwcopy(struct passwd *); @@ -1509,10 +1504,10 @@ diff -Nur openssh-9.6p1.orig/misc.h openssh-9.6p1/misc.h const char *ssh_gai_strerror(int); typedef void privdrop_fn(struct passwd *); -diff -Nur openssh-9.6p1.orig/monitor.c openssh-9.6p1/monitor.c ---- openssh-9.6p1.orig/monitor.c 2024-07-07 07:25:31.628747845 +0200 -+++ openssh-9.6p1/monitor.c 2024-07-07 07:26:28.491916503 +0200 -@@ -149,6 +149,9 @@ +diff -Nur openssh-9.8p1.orig/monitor.c openssh-9.8p1/monitor.c +--- openssh-9.8p1.orig/monitor.c 2024-09-30 11:38:28.537321541 +0200 ++++ openssh-9.8p1/monitor.c 2024-09-30 11:39:17.571461823 +0200 +@@ -147,6 +147,9 @@ int mm_answer_gss_userok(struct ssh *, int, struct sshbuf *); int mm_answer_gss_checkmic(struct ssh *, int, struct sshbuf *); int mm_answer_gss_sign(struct ssh *, int, struct sshbuf *); @@ -1522,7 +1517,7 @@ diff -Nur openssh-9.6p1.orig/monitor.c openssh-9.6p1/monitor.c int mm_answer_gss_updatecreds(struct ssh *, int, struct sshbuf *); #endif -@@ -201,7 +204,7 @@ +@@ -200,7 +203,7 @@ {MONITOR_REQ_MODULI, MON_ONCE, mm_answer_moduli}, #endif {MONITOR_REQ_SIGN, MON_ONCE, mm_answer_sign}, @@ -1531,7 +1526,7 @@ diff -Nur openssh-9.6p1.orig/monitor.c openssh-9.6p1/monitor.c {MONITOR_REQ_AUTHSERV, MON_ONCE, mm_answer_authserv}, #ifdef WITH_SELINUX {MONITOR_REQ_AUTHROLE, MON_ONCE, mm_answer_authrole}, -@@ -209,7 +212,7 @@ +@@ -208,7 +211,7 @@ {MONITOR_REQ_AUTH2_READ_BANNER, MON_ONCE, mm_answer_auth2_read_banner}, {MONITOR_REQ_AUTHPASSWORD, MON_AUTH, mm_answer_authpassword}, #ifdef USE_PAM @@ -1540,7 +1535,7 @@ diff -Nur openssh-9.6p1.orig/monitor.c openssh-9.6p1/monitor.c {MONITOR_REQ_PAM_ACCOUNT, 0, mm_answer_pam_account}, {MONITOR_REQ_PAM_INIT_CTX, MON_ONCE, mm_answer_pam_init_ctx}, {MONITOR_REQ_PAM_QUERY, 0, mm_answer_pam_query}, -@@ -233,8 +236,11 @@ +@@ -232,8 +235,11 @@ {MONITOR_REQ_GSSSETUP, MON_ISAUTH, mm_answer_gss_setup_ctx}, {MONITOR_REQ_GSSSTEP, 0, mm_answer_gss_accept_ctx}, {MONITOR_REQ_GSSUSEROK, MON_ONCE|MON_AUTHDECIDE, mm_answer_gss_userok}, @@ -1553,7 +1548,7 @@ diff -Nur openssh-9.6p1.orig/monitor.c openssh-9.6p1/monitor.c #endif {0, 0, NULL} }; -@@ -244,6 +250,8 @@ +@@ -243,6 +249,8 @@ {MONITOR_REQ_GSSSETUP, 0, mm_answer_gss_setup_ctx}, {MONITOR_REQ_GSSSTEP, 0, mm_answer_gss_accept_ctx}, {MONITOR_REQ_GSSSIGN, 0, mm_answer_gss_sign}, @@ -1562,7 +1557,7 @@ diff -Nur openssh-9.6p1.orig/monitor.c openssh-9.6p1/monitor.c {MONITOR_REQ_GSSUPCREDS, 0, mm_answer_gss_updatecreds}, #endif #ifdef WITH_OPENSSL -@@ -324,6 +332,8 @@ +@@ -323,6 +331,8 @@ #ifdef GSSAPI /* and for the GSSAPI key exchange */ monitor_permit(mon_dispatch, MONITOR_REQ_GSSSETUP, 1); @@ -1571,7 +1566,7 @@ diff -Nur openssh-9.6p1.orig/monitor.c openssh-9.6p1/monitor.c #endif /* The first few requests do not require asynchronous access */ -@@ -453,6 +463,8 @@ +@@ -457,6 +467,8 @@ #ifdef GSSAPI /* and for the GSSAPI key exchange */ monitor_permit(mon_dispatch, MONITOR_REQ_GSSSETUP, 1); @@ -1580,7 +1575,7 @@ diff -Nur openssh-9.6p1.orig/monitor.c openssh-9.6p1/monitor.c #endif if (auth_opts->permit_pty_flag) { -@@ -781,14 +793,17 @@ +@@ -811,14 +823,17 @@ debug3_f("entering"); @@ -1601,7 +1596,7 @@ diff -Nur openssh-9.6p1.orig/monitor.c openssh-9.6p1/monitor.c setproctitle("%s [priv]", pwent ? authctxt->user : "unknown"); sshbuf_reset(m); -@@ -2144,6 +2159,79 @@ +@@ -2159,6 +2174,79 @@ } int @@ -1681,9 +1676,9 @@ diff -Nur openssh-9.6p1.orig/monitor.c openssh-9.6p1/monitor.c mm_answer_gss_sign(struct ssh *ssh, int socket, struct sshbuf *m) { gss_buffer_desc data; -diff -Nur openssh-9.6p1.orig/monitor.h openssh-9.6p1/monitor.h ---- openssh-9.6p1.orig/monitor.h 2024-07-07 07:25:31.585747718 +0200 -+++ openssh-9.6p1/monitor.h 2024-07-07 07:26:28.492916506 +0200 +diff -Nur openssh-9.8p1.orig/monitor.h openssh-9.8p1/monitor.h +--- openssh-9.8p1.orig/monitor.h 2024-09-30 11:38:28.492321412 +0200 ++++ openssh-9.8p1/monitor.h 2024-09-30 11:39:17.571461823 +0200 @@ -75,6 +75,10 @@ MONITOR_REQ_GSSSIGN = 150, MONITOR_ANS_GSSSIGN = 151, @@ -1695,10 +1690,10 @@ diff -Nur openssh-9.6p1.orig/monitor.h openssh-9.6p1/monitor.h }; struct ssh; -diff -Nur openssh-9.6p1.orig/monitor_wrap.c openssh-9.6p1/monitor_wrap.c ---- openssh-9.6p1.orig/monitor_wrap.c 2024-07-07 07:25:31.592747738 +0200 -+++ openssh-9.6p1/monitor_wrap.c 2024-07-07 07:26:28.492916506 +0200 -@@ -1083,6 +1083,94 @@ +diff -Nur openssh-9.8p1.orig/monitor_wrap.c openssh-9.8p1/monitor_wrap.c +--- openssh-9.8p1.orig/monitor_wrap.c 2024-09-30 11:38:28.499321432 +0200 ++++ openssh-9.8p1/monitor_wrap.c 2024-09-30 11:39:17.572461826 +0200 +@@ -1139,6 +1139,94 @@ return (authenticated); } @@ -1793,10 +1788,10 @@ diff -Nur openssh-9.6p1.orig/monitor_wrap.c openssh-9.6p1/monitor_wrap.c OM_uint32 mm_ssh_gssapi_sign(Gssctxt *ctx, gss_buffer_desc *data, gss_buffer_desc *hash) { -diff -Nur openssh-9.6p1.orig/monitor_wrap.h openssh-9.6p1/monitor_wrap.h ---- openssh-9.6p1.orig/monitor_wrap.h 2024-07-07 07:25:31.592747738 +0200 -+++ openssh-9.6p1/monitor_wrap.h 2024-07-07 07:26:28.493916509 +0200 -@@ -73,6 +73,10 @@ +diff -Nur openssh-9.8p1.orig/monitor_wrap.h openssh-9.8p1/monitor_wrap.h +--- openssh-9.8p1.orig/monitor_wrap.h 2024-09-30 11:38:28.499321432 +0200 ++++ openssh-9.8p1/monitor_wrap.h 2024-09-30 11:39:17.572461826 +0200 +@@ -72,6 +72,10 @@ int mm_ssh_gssapi_userok(char *user, struct passwd *, int kex); OM_uint32 mm_ssh_gssapi_checkmic(Gssctxt *, gss_buffer_t, gss_buffer_t); OM_uint32 mm_ssh_gssapi_sign(Gssctxt *, gss_buffer_t, gss_buffer_t); @@ -1807,10 +1802,10 @@ diff -Nur openssh-9.6p1.orig/monitor_wrap.h openssh-9.6p1/monitor_wrap.h int mm_ssh_gssapi_update_creds(ssh_gssapi_ccache *); #endif -diff -Nur openssh-9.6p1.orig/readconf.c openssh-9.6p1/readconf.c ---- openssh-9.6p1.orig/readconf.c 2024-07-07 07:25:31.629747848 +0200 -+++ openssh-9.6p1/readconf.c 2024-07-07 07:26:28.493916509 +0200 -@@ -2723,11 +2723,11 @@ +diff -Nur openssh-9.8p1.orig/readconf.c openssh-9.8p1/readconf.c +--- openssh-9.8p1.orig/readconf.c 2024-09-30 11:38:28.539321546 +0200 ++++ openssh-9.8p1/readconf.c 2024-09-30 11:39:17.573461828 +0200 +@@ -2760,11 +2760,11 @@ if (options->pubkey_authentication == -1) options->pubkey_authentication = SSH_PUBKEY_AUTH_ALL; if (options->gss_authentication == -1) @@ -1825,9 +1820,9 @@ diff -Nur openssh-9.6p1.orig/readconf.c openssh-9.6p1/readconf.c if (options->gss_trust_dns == -1) options->gss_trust_dns = 0; if (options->gss_renewal_rekey == -1) -diff -Nur openssh-9.6p1.orig/readconf.h openssh-9.6p1/readconf.h ---- openssh-9.6p1.orig/readconf.h 2024-07-07 07:25:31.477747397 +0200 -+++ openssh-9.6p1/readconf.h 2024-07-07 07:26:28.494916512 +0200 +diff -Nur openssh-9.8p1.orig/readconf.h openssh-9.8p1/readconf.h +--- openssh-9.8p1.orig/readconf.h 2024-09-30 11:38:28.377321083 +0200 ++++ openssh-9.8p1/readconf.h 2024-09-30 11:39:17.574461831 +0200 @@ -80,6 +80,8 @@ char *host_key_alias; /* hostname alias for .ssh/known_hosts */ char *proxy_command; /* Proxy command for connecting the host. */ @@ -1837,18 +1832,18 @@ diff -Nur openssh-9.6p1.orig/readconf.h openssh-9.6p1/readconf.h int escape_char; /* Escape character; -2 = none */ u_int num_system_hostfiles; /* Paths for /etc/ssh/ssh_known_hosts */ -diff -Nur openssh-9.6p1.orig/servconf.c openssh-9.6p1/servconf.c ---- openssh-9.6p1.orig/servconf.c 2024-07-07 07:25:31.630747851 +0200 -+++ openssh-9.6p1/servconf.c 2024-07-07 07:26:28.495916515 +0200 -@@ -92,6 +92,7 @@ - +diff -Nur openssh-9.8p1.orig/servconf.c openssh-9.8p1/servconf.c +--- openssh-9.8p1.orig/servconf.c 2024-09-30 11:38:28.539321546 +0200 ++++ openssh-9.8p1/servconf.c 2024-09-30 14:09:25.379481790 +0200 +@@ -95,6 +95,7 @@ /* Portable-specific options */ options->use_pam = -1; + options->pam_service_name = NULL; + options->permit_pam_user_change = -1; /* Standard Options */ options->num_ports = 0; -@@ -138,9 +139,11 @@ +@@ -141,9 +142,11 @@ options->kerberos_get_afs_token = -1; options->kerberos_unique_ccache = -1; options->gss_authentication=-1; @@ -1860,16 +1855,16 @@ diff -Nur openssh-9.6p1.orig/servconf.c openssh-9.6p1/servconf.c options->gss_store_rekey = -1; options->gss_kex_algorithms = NULL; options->use_kuserok = -1; -@@ -294,6 +297,8 @@ - /* Portable-specific options */ - if (options->use_pam == -1) +@@ -312,6 +315,8 @@ options->use_pam = 0; + if (options->pam_service_name == NULL) + options->pam_service_name = xstrdup(SSHD_PAM_SERVICE); + if (options->permit_pam_user_change == -1) + options->permit_pam_user_change = 0; /* Standard Options */ if (options->num_host_key_files == 0) { -@@ -375,13 +380,17 @@ +@@ -393,13 +398,17 @@ if (options->kerberos_unique_ccache == -1) options->kerberos_unique_ccache = 0; if (options->gss_authentication == -1) @@ -1889,18 +1884,18 @@ diff -Nur openssh-9.6p1.orig/servconf.c openssh-9.6p1/servconf.c if (options->gss_store_rekey == -1) options->gss_store_rekey = 0; #ifdef GSSAPI -@@ -528,7 +537,7 @@ +@@ -567,7 +576,7 @@ typedef enum { sBadOption, /* == unknown option */ /* Portable-specific options */ -- sUsePAM, -+ sUsePAM, sPermitPAMUserChange, +- sUsePAM, sPAMServiceName, ++ sUsePAM, sPAMServiceName, sPermitPAMUserChange, /* Standard Options */ sPort, sHostKeyFile, sLoginGraceTime, sPermitRootLogin, sLogFacility, sLogLevel, sLogVerbose, -@@ -547,6 +556,9 @@ - sHostbasedUsesNameFromPacketOnly, sHostbasedAcceptedAlgorithms, +@@ -587,6 +596,9 @@ sHostKeyAlgorithms, sPerSourceMaxStartups, sPerSourceNetBlockSize, + sPerSourcePenalties, sPerSourcePenaltyExemptList, sClientAliveInterval, sClientAliveCountMax, sAuthorizedKeysFile, + sGssDelegateCreds, + sGssCredsPath, @@ -1908,18 +1903,19 @@ diff -Nur openssh-9.6p1.orig/servconf.c openssh-9.6p1/servconf.c sGssAuthentication, sGssCleanupCreds, sGssEnablek5users, sGssStrictAcceptor, sGssKeyEx, sGssKexAlgorithms, sGssStoreRekey, sAcceptEnv, sSetEnv, sPermitTunnel, -@@ -580,8 +592,10 @@ - /* Portable-specific options */ +@@ -622,9 +634,11 @@ #ifdef USE_PAM { "usepam", sUsePAM, SSHCFG_GLOBAL }, + { "pamservicename", sPAMServiceName, SSHCFG_ALL }, + { "permitpamuserchange", sPermitPAMUserChange, SSHCFG_GLOBAL }, #else { "usepam", sUnsupported, SSHCFG_GLOBAL }, + { "pamservicename", sUnsupported, SSHCFG_ALL }, + { "permitpamuserchange", sUnsupported, SSHCFG_GLOBAL }, #endif { "pamauthenticationviakbdint", sDeprecated, SSHCFG_GLOBAL }, /* Standard Options */ -@@ -634,8 +648,15 @@ +@@ -677,8 +691,15 @@ { "afstokenpassing", sUnsupported, SSHCFG_GLOBAL }, #ifdef GSSAPI { "gssapiauthentication", sGssAuthentication, SSHCFG_ALL }, @@ -1935,7 +1931,7 @@ diff -Nur openssh-9.6p1.orig/servconf.c openssh-9.6p1/servconf.c { "gssapistrictacceptorcheck", sGssStrictAcceptor, SSHCFG_GLOBAL }, { "gssapikeyexchange", sGssKeyEx, SSHCFG_GLOBAL }, { "gssapistorecredentialsonrekey", sGssStoreRekey, SSHCFG_GLOBAL }, -@@ -643,8 +664,11 @@ +@@ -686,8 +707,11 @@ { "gssapienablek5users", sGssEnablek5users, SSHCFG_ALL }, #else { "gssapiauthentication", sUnsupported, SSHCFG_ALL }, @@ -1947,7 +1943,7 @@ diff -Nur openssh-9.6p1.orig/servconf.c openssh-9.6p1/servconf.c { "gssapistrictacceptorcheck", sUnsupported, SSHCFG_GLOBAL }, { "gssapikeyexchange", sUnsupported, SSHCFG_GLOBAL }, { "gssapistorecredentialsonrekey", sUnsupported, SSHCFG_GLOBAL }, -@@ -716,6 +740,8 @@ +@@ -761,6 +785,8 @@ { "permitlisten", sPermitListen, SSHCFG_ALL }, { "forcecommand", sForceCommand, SSHCFG_ALL }, { "chrootdirectory", sChrootDirectory, SSHCFG_ALL }, @@ -1956,9 +1952,9 @@ diff -Nur openssh-9.6p1.orig/servconf.c openssh-9.6p1/servconf.c { "hostcertificate", sHostCertificate, SSHCFG_GLOBAL }, { "revokedkeys", sRevokedKeys, SSHCFG_ALL }, { "trustedusercakeys", sTrustedUserCAKeys, SSHCFG_ALL }, -@@ -1418,6 +1444,10 @@ - intptr = &options->use_pam; - goto parse_flag; +@@ -1387,6 +1413,10 @@ + *charptr = xstrdup(arg); + break; + case sPermitPAMUserChange: + intptr = &options->permit_pam_user_change; @@ -1967,7 +1963,7 @@ diff -Nur openssh-9.6p1.orig/servconf.c openssh-9.6p1/servconf.c /* Standard Options */ case sBadOption: goto out; -@@ -1669,6 +1699,10 @@ +@@ -1638,6 +1668,10 @@ intptr = &options->gss_authentication; goto parse_flag; @@ -1978,7 +1974,7 @@ diff -Nur openssh-9.6p1.orig/servconf.c openssh-9.6p1/servconf.c case sGssKeyEx: intptr = &options->gss_keyex; goto parse_flag; -@@ -1677,6 +1711,10 @@ +@@ -1646,6 +1680,10 @@ intptr = &options->gss_cleanup_creds; goto parse_flag; @@ -1989,7 +1985,7 @@ diff -Nur openssh-9.6p1.orig/servconf.c openssh-9.6p1/servconf.c case sGssStrictAcceptor: intptr = &options->gss_strict_acceptor; goto parse_flag; -@@ -1697,6 +1735,12 @@ +@@ -1666,6 +1704,12 @@ options->gss_kex_algorithms = xstrdup(arg); break; @@ -2002,7 +1998,7 @@ diff -Nur openssh-9.6p1.orig/servconf.c openssh-9.6p1/servconf.c case sPasswordAuthentication: intptr = &options->password_authentication; goto parse_flag; -@@ -2806,6 +2850,7 @@ +@@ -2925,6 +2969,7 @@ M_CP_INTOPT(password_authentication); M_CP_INTOPT(gss_authentication); @@ -2010,10 +2006,10 @@ diff -Nur openssh-9.6p1.orig/servconf.c openssh-9.6p1/servconf.c M_CP_INTOPT(pubkey_authentication); M_CP_INTOPT(pubkey_auth_options); M_CP_INTOPT(kerberos_authentication); -diff -Nur openssh-9.6p1.orig/servconf.h openssh-9.6p1/servconf.h ---- openssh-9.6p1.orig/servconf.h 2024-07-07 07:25:31.526747543 +0200 -+++ openssh-9.6p1/servconf.h 2024-07-07 07:26:28.495916515 +0200 -@@ -144,9 +144,12 @@ +diff -Nur openssh-9.8p1.orig/servconf.h openssh-9.8p1/servconf.h +--- openssh-9.8p1.orig/servconf.h 2024-09-30 11:38:28.431321237 +0200 ++++ openssh-9.8p1/servconf.h 2024-09-30 11:44:57.129433237 +0200 +@@ -154,9 +154,12 @@ * be stored in per-session ccache */ int use_kuserok; int enable_k5users; @@ -2026,18 +2022,18 @@ diff -Nur openssh-9.6p1.orig/servconf.h openssh-9.6p1/servconf.h int gss_strict_acceptor; /* If true, restrict the GSSAPI acceptor name */ int gss_store_rekey; char *gss_kex_algorithms; /* GSSAPI kex methods to be offered by client. */ -@@ -207,6 +210,7 @@ - char *adm_forced_command; +@@ -220,6 +223,7 @@ int use_pam; /* Enable auth via PAM */ + char *pam_service_name; + int permit_pam_user_change; /* Allow PAM to change user name */ int permit_tun; -diff -Nur openssh-9.6p1.orig/ssh.1 openssh-9.6p1/ssh.1 ---- openssh-9.6p1.orig/ssh.1 2024-07-07 07:25:31.608747786 +0200 -+++ openssh-9.6p1/ssh.1 2024-07-07 07:26:28.496916518 +0200 -@@ -1528,6 +1528,18 @@ +diff -Nur openssh-9.8p1.orig/ssh.1 openssh-9.8p1/ssh.1 +--- openssh-9.8p1.orig/ssh.1 2024-09-30 11:38:28.517321483 +0200 ++++ openssh-9.8p1/ssh.1 2024-09-30 11:39:17.577461840 +0200 +@@ -1521,6 +1521,18 @@ on to new connections). .It Ev USER Set to the name of the user logging in. @@ -2056,9 +2052,9 @@ diff -Nur openssh-9.6p1.orig/ssh.1 openssh-9.6p1/ssh.1 .El .Pp Additionally, -diff -Nur openssh-9.6p1.orig/ssh.c openssh-9.6p1/ssh.c ---- openssh-9.6p1.orig/ssh.c 2024-07-07 07:25:31.602747768 +0200 -+++ openssh-9.6p1/ssh.c 2024-07-07 07:26:28.496916518 +0200 +diff -Nur openssh-9.8p1.orig/ssh.c openssh-9.8p1/ssh.c +--- openssh-9.8p1.orig/ssh.c 2024-09-30 11:38:28.511321466 +0200 ++++ openssh-9.8p1/ssh.c 2024-09-30 11:39:17.578461843 +0200 @@ -573,6 +573,38 @@ fatal("Can't open user config file %.100s: " "%.100s", config, strerror(errno)); @@ -2112,9 +2108,9 @@ diff -Nur openssh-9.6p1.orig/ssh.c openssh-9.6p1/ssh.c /* * If ProxyJump option specified, then construct a ProxyCommand now. -diff -Nur openssh-9.6p1.orig/ssh_config openssh-9.6p1/ssh_config ---- openssh-9.6p1.orig/ssh_config 2024-07-07 07:25:31.479747403 +0200 -+++ openssh-9.6p1/ssh_config 2024-07-07 07:26:28.496916518 +0200 +diff -Nur openssh-9.8p1.orig/ssh_config openssh-9.8p1/ssh_config +--- openssh-9.8p1.orig/ssh_config 2024-09-30 11:38:28.380321091 +0200 ++++ openssh-9.8p1/ssh_config 2024-09-30 11:39:17.578461843 +0200 @@ -22,9 +22,9 @@ # ForwardX11 no # PasswordAuthentication yes @@ -2128,9 +2124,9 @@ diff -Nur openssh-9.6p1.orig/ssh_config openssh-9.6p1/ssh_config # GSSAPITrustDNS no # BatchMode no # CheckHostIP no -diff -Nur openssh-9.6p1.orig/ssh_config.5 openssh-9.6p1/ssh_config.5 ---- openssh-9.6p1.orig/ssh_config.5 2024-07-07 07:25:31.551747617 +0200 -+++ openssh-9.6p1/ssh_config.5 2024-07-07 07:26:28.497916521 +0200 +diff -Nur openssh-9.8p1.orig/ssh_config.5 openssh-9.8p1/ssh_config.5 +--- openssh-9.8p1.orig/ssh_config.5 2024-09-30 11:38:28.454321303 +0200 ++++ openssh-9.8p1/ssh_config.5 2024-09-30 11:39:17.579461846 +0200 @@ -52,6 +52,12 @@ user's configuration file .Pq Pa ~/.ssh/config @@ -2144,7 +2140,7 @@ diff -Nur openssh-9.6p1.orig/ssh_config.5 openssh-9.6p1/ssh_config.5 system-wide configuration file .Pq Pa /etc/ssh/ssh_config .El -@@ -921,7 +927,7 @@ +@@ -931,7 +937,7 @@ .It Cm GSSAPIAuthentication Specifies whether user authentication based on GSSAPI is allowed. The default is @@ -2153,7 +2149,7 @@ diff -Nur openssh-9.6p1.orig/ssh_config.5 openssh-9.6p1/ssh_config.5 .It Cm GSSAPIClientIdentity If set, specifies the GSSAPI client identity that ssh should use when connecting to the server. The default is unset, which means that the default -@@ -929,12 +935,12 @@ +@@ -939,12 +945,12 @@ .It Cm GSSAPIDelegateCredentials Forward (delegate) credentials to the server. The default is @@ -2168,7 +2164,7 @@ diff -Nur openssh-9.6p1.orig/ssh_config.5 openssh-9.6p1/ssh_config.5 .It Cm GSSAPIRenewalForcesRekey If set to .Dq yes -@@ -1582,7 +1588,7 @@ +@@ -1595,7 +1601,7 @@ .Cm password ) . The default is: .Bd -literal -offset indent @@ -2177,10 +2173,10 @@ diff -Nur openssh-9.6p1.orig/ssh_config.5 openssh-9.6p1/ssh_config.5 keyboard-interactive,password .Ed .It Cm ProxyCommand -diff -Nur openssh-9.6p1.orig/sshconnect2.c openssh-9.6p1/sshconnect2.c ---- openssh-9.6p1.orig/sshconnect2.c 2024-07-07 07:25:31.620747821 +0200 -+++ openssh-9.6p1/sshconnect2.c 2024-07-07 07:26:28.498916524 +0200 -@@ -863,6 +863,11 @@ +diff -Nur openssh-9.8p1.orig/sshconnect2.c openssh-9.8p1/sshconnect2.c +--- openssh-9.8p1.orig/sshconnect2.c 2024-09-30 11:38:28.530321521 +0200 ++++ openssh-9.8p1/sshconnect2.c 2024-09-30 11:39:17.580461848 +0200 +@@ -854,6 +854,11 @@ gss_OID mech = NULL; char *gss_host = NULL; @@ -2192,7 +2188,7 @@ diff -Nur openssh-9.6p1.orig/sshconnect2.c openssh-9.6p1/sshconnect2.c if (options.gss_server_identity) { gss_host = xstrdup(options.gss_server_identity); } else if (options.gss_trust_dns) { -@@ -971,7 +976,8 @@ +@@ -962,7 +967,8 @@ if (status == GSS_S_COMPLETE) { /* send either complete or MIC, depending on mechanism */ @@ -2202,7 +2198,7 @@ diff -Nur openssh-9.6p1.orig/sshconnect2.c openssh-9.6p1/sshconnect2.c if ((r = sshpkt_start(ssh, SSH2_MSG_USERAUTH_GSSAPI_EXCHANGE_COMPLETE)) != 0 || (r = sshpkt_send(ssh)) != 0) -@@ -1138,6 +1144,20 @@ +@@ -1129,6 +1135,20 @@ return r; } @@ -2223,7 +2219,7 @@ diff -Nur openssh-9.6p1.orig/sshconnect2.c openssh-9.6p1/sshconnect2.c int userauth_gsskeyex(struct ssh *ssh) { -@@ -1160,6 +1180,12 @@ +@@ -1151,6 +1171,12 @@ if ((b = sshbuf_new()) == NULL) fatal_f("sshbuf_new failed"); @@ -2236,7 +2232,7 @@ diff -Nur openssh-9.6p1.orig/sshconnect2.c openssh-9.6p1/sshconnect2.c ssh_gssapi_buildmic(b, authctxt->server_user, authctxt->service, "gssapi-keyex", ssh->kex->session_id); -@@ -1173,7 +1199,9 @@ +@@ -1164,7 +1190,9 @@ } if ((r = sshpkt_start(ssh, SSH2_MSG_USERAUTH_REQUEST)) != 0 || @@ -2247,10 +2243,10 @@ diff -Nur openssh-9.6p1.orig/sshconnect2.c openssh-9.6p1/sshconnect2.c (r = sshpkt_put_cstring(ssh, authctxt->service)) != 0 || (r = sshpkt_put_cstring(ssh, authctxt->method->name)) != 0 || (r = sshpkt_put_string(ssh, mic.value, mic.length)) != 0 || -diff -Nur openssh-9.6p1.orig/sshd.8 openssh-9.6p1/sshd.8 ---- openssh-9.6p1.orig/sshd.8 2024-07-07 07:25:31.494747448 +0200 -+++ openssh-9.6p1/sshd.8 2024-07-07 07:26:28.498916524 +0200 -@@ -839,6 +839,29 @@ +diff -Nur openssh-9.8p1.orig/sshd.8 openssh-9.8p1/sshd.8 +--- openssh-9.8p1.orig/sshd.8 2024-09-30 11:38:28.395321134 +0200 ++++ openssh-9.8p1/sshd.8 2024-09-30 11:39:17.580461848 +0200 +@@ -836,6 +836,29 @@ # A CA key, accepted for any host in *.mydomain.com or *.mydomain.org @cert-authority *.mydomain.org,*.mydomain.com ssh-rsa AAAAB5W... .Ed @@ -2280,21 +2276,9 @@ diff -Nur openssh-9.6p1.orig/sshd.8 openssh-9.6p1/sshd.8 .Sh FILES .Bl -tag -width Ds -compact .It Pa ~/.hushlogin -diff -Nur openssh-9.6p1.orig/sshd.c openssh-9.6p1/sshd.c ---- openssh-9.6p1.orig/sshd.c 2024-07-07 07:25:31.631747854 +0200 -+++ openssh-9.6p1/sshd.c 2024-07-07 07:26:28.498916524 +0200 -@@ -2431,7 +2431,7 @@ - #endif - - #ifdef GSSAPI -- if (options.gss_authentication) { -+ if (options.gss_authentication && options.gss_deleg_creds) { - temporarily_use_uid(authctxt->pw); - authctxt->krb5_set_env = ssh_gssapi_storecreds(); - restore_uid(); -diff -Nur openssh-9.6p1.orig/sshd_config openssh-9.6p1/sshd_config ---- openssh-9.6p1.orig/sshd_config 2024-07-07 07:25:31.517747516 +0200 -+++ openssh-9.6p1/sshd_config 2024-07-07 07:26:28.499916527 +0200 +diff -Nur openssh-9.8p1.orig/sshd_config openssh-9.8p1/sshd_config +--- openssh-9.8p1.orig/sshd_config 2024-09-30 11:38:28.419321203 +0200 ++++ openssh-9.8p1/sshd_config 2024-09-30 11:39:17.582461854 +0200 @@ -76,10 +76,11 @@ #KerberosUseKuserok yes @@ -2320,10 +2304,10 @@ diff -Nur openssh-9.6p1.orig/sshd_config openssh-9.6p1/sshd_config #AllowAgentForwarding yes #AllowTcpForwarding yes #GatewayPorts no -diff -Nur openssh-9.6p1.orig/sshd_config.5 openssh-9.6p1/sshd_config.5 ---- openssh-9.6p1.orig/sshd_config.5 2024-07-07 07:25:31.552747620 +0200 -+++ openssh-9.6p1/sshd_config.5 2024-07-07 07:26:28.499916527 +0200 -@@ -716,15 +716,34 @@ +diff -Nur openssh-9.8p1.orig/sshd_config.5 openssh-9.8p1/sshd_config.5 +--- openssh-9.8p1.orig/sshd_config.5 2024-09-30 11:38:28.455321306 +0200 ++++ openssh-9.8p1/sshd_config.5 2024-09-30 11:39:17.582461854 +0200 +@@ -724,15 +724,34 @@ to allow the client to select the address to which the forwarding is bound. The default is .Cm no . @@ -2359,7 +2343,7 @@ diff -Nur openssh-9.6p1.orig/sshd_config.5 openssh-9.6p1/sshd_config.5 .It Cm GSSAPIEnablek5users Specifies whether to look at .k5users file for GSSAPI authentication access control. Further details are described in -@@ -735,7 +754,7 @@ +@@ -743,7 +762,7 @@ Specifies whether key exchange based on GSSAPI is allowed. GSSAPI key exchange doesn't rely on ssh keys to verify host identity. The default is @@ -2368,7 +2352,7 @@ diff -Nur openssh-9.6p1.orig/sshd_config.5 openssh-9.6p1/sshd_config.5 .It Cm GSSAPIStrictAcceptorCheck Determines whether to be strict about the identity of the GSSAPI acceptor a client authenticates against. -@@ -1900,6 +1919,12 @@ +@@ -2017,6 +2036,12 @@ as a non-root user. The default is .Cm no . @@ -2381,9 +2365,9 @@ diff -Nur openssh-9.6p1.orig/sshd_config.5 openssh-9.6p1/sshd_config.5 .It Cm VersionAddendum Optionally specifies additional text to append to the SSH protocol banner sent by the server upon connection. -diff -Nur openssh-9.6p1.orig/sshd_config_redhat openssh-9.6p1/sshd_config_redhat ---- openssh-9.6p1.orig/sshd_config_redhat 2024-07-07 07:25:31.464747359 +0200 -+++ openssh-9.6p1/sshd_config_redhat 2024-07-07 07:26:28.499916527 +0200 +diff -Nur openssh-9.8p1.orig/sshd_config_redhat openssh-9.8p1/sshd_config_redhat +--- openssh-9.8p1.orig/sshd_config_redhat 2024-09-30 11:38:28.362321040 +0200 ++++ openssh-9.8p1/sshd_config_redhat 2024-09-30 11:39:17.583461857 +0200 @@ -2,9 +2,6 @@ ChallengeResponseAuthentication no @@ -2394,9 +2378,21 @@ diff -Nur openssh-9.6p1.orig/sshd_config_redhat openssh-9.6p1/sshd_config_redhat UsePAM yes X11Forwarding yes -diff -Nur openssh-9.6p1.orig/ssh-gss.h openssh-9.6p1/ssh-gss.h ---- openssh-9.6p1.orig/ssh-gss.h 2024-07-07 07:25:31.498747460 +0200 -+++ openssh-9.6p1/ssh-gss.h 2024-07-07 07:26:28.500916530 +0200 +diff -Nur openssh-9.8p1.orig/sshd-session.c openssh-9.8p1/sshd-session.c +--- openssh-9.8p1.orig/sshd-session.c 2024-09-30 11:38:28.541321552 +0200 ++++ openssh-9.8p1/sshd-session.c 2024-09-30 11:48:44.155082722 +0200 +@@ -1437,7 +1437,7 @@ + #endif + + #ifdef GSSAPI +- if (options.gss_authentication) { ++ if (options.gss_authentication && options.gss_deleg_creds) { + temporarily_use_uid(authctxt->pw); + authctxt->krb5_set_env = ssh_gssapi_storecreds(); + restore_uid(); +diff -Nur openssh-9.8p1.orig/ssh-gss.h openssh-9.8p1/ssh-gss.h +--- openssh-9.8p1.orig/ssh-gss.h 2024-09-30 11:38:28.400321149 +0200 ++++ openssh-9.8p1/ssh-gss.h 2024-09-30 11:39:17.583461857 +0200 @@ -99,12 +99,14 @@ } ssh_gssapi_ccache; @@ -2422,7 +2418,7 @@ diff -Nur openssh-9.6p1.orig/ssh-gss.h openssh-9.6p1/ssh-gss.h gss_cred_id_t creds; /* server */ gss_name_t client; /* server */ gss_cred_id_t client_creds; /* both */ -@@ -173,6 +175,9 @@ +@@ -172,6 +174,9 @@ OM_uint32 ssh_gssapi_client_identity(Gssctxt *, const char *); int ssh_gssapi_credentials_updated(Gssctxt *); @@ -2432,12 +2428,12 @@ diff -Nur openssh-9.6p1.orig/ssh-gss.h openssh-9.6p1/ssh-gss.h /* In the server */ typedef int ssh_gssapi_check_fn(Gssctxt **, gss_OID, const char *, const char *); -diff -Nur openssh-9.6p1.orig/version.h openssh-9.6p1/version.h ---- openssh-9.6p1.orig/version.h 2023-12-18 15:59:50.000000000 +0100 -+++ openssh-9.6p1/version.h 2024-07-07 07:26:28.500916530 +0200 +diff -Nur openssh-9.8p1.orig/version.h openssh-9.8p1/version.h +--- openssh-9.8p1.orig/version.h 2024-07-01 06:36:28.000000000 +0200 ++++ openssh-9.8p1/version.h 2024-09-30 11:39:17.584461860 +0200 @@ -2,5 +2,19 @@ - #define SSH_VERSION "OpenSSH_9.6" + #define SSH_VERSION "OpenSSH_9.8" +#ifdef GSI +#define GSI_VERSION " GSI" diff --git a/openssh-9.6p1-hpn-18.3.1.patch b/openssh-9.8p1-hpn-18.5.1.patch similarity index 87% rename from openssh-9.6p1-hpn-18.3.1.patch rename to openssh-9.8p1-hpn-18.5.1.patch index 68159b7..0952a56 100644 --- a/openssh-9.6p1-hpn-18.3.1.patch +++ b/openssh-9.8p1-hpn-18.5.1.patch @@ -1,6 +1,6 @@ -diff -Nur openssh-9.6p1.orig/auth2.c openssh-9.6p1/auth2.c ---- openssh-9.6p1.orig/auth2.c 2024-07-10 13:32:39.592111791 +0200 -+++ openssh-9.6p1/auth2.c 2024-07-10 13:38:36.540172663 +0200 +diff -Nur openssh-9.8p1.orig/auth2.c openssh-9.8p1/auth2.c +--- openssh-9.8p1.orig/auth2.c 2024-09-30 16:02:22.611024465 +0200 ++++ openssh-9.8p1/auth2.c 2024-10-01 08:51:48.548148424 +0200 @@ -52,6 +52,8 @@ #include "dispatch.h" #include "pathnames.h" @@ -41,10 +41,10 @@ diff -Nur openssh-9.6p1.orig/auth2.c openssh-9.6p1/auth2.c debug("attempt %d failures %d", authctxt->attempt, authctxt->failures); #ifdef WITH_SELINUX -diff -Nur openssh-9.6p1.orig/binn.c openssh-9.6p1/binn.c ---- openssh-9.6p1.orig/binn.c 1970-01-01 01:00:00.000000000 +0100 -+++ openssh-9.6p1/binn.c 2024-07-10 13:34:02.707358556 +0200 -@@ -0,0 +1,3496 @@ +diff -Nur openssh-9.8p1.orig/binn.c openssh-9.8p1/binn.c +--- openssh-9.8p1.orig/binn.c 1970-01-01 01:00:00.000000000 +0100 ++++ openssh-9.8p1/binn.c 2024-09-30 16:03:39.142245236 +0200 +@@ -0,0 +1,3541 @@ +#include +#include +#include @@ -55,11 +55,13 @@ diff -Nur openssh-9.6p1.orig/binn.c openssh-9.6p1/binn.c +#define UNUSED(x) (void)(x) +#define roundval(dbl) dbl >= 0.0 ? (int)(dbl + 0.5) : ((dbl - (double)(int)dbl) <= -0.5 ? (int)dbl : (int)(dbl - 0.5)) + ++// magic number: 0x1F 0xb1 0x22 0x1F => 0x1FB1221F or 0x1F22B11F ++// because the BINN_STORAGE_NOBYTES (binary 000) may not have so many sub-types (BINN_STORAGE_HAS_MORE = 0x10) +#define BINN_MAGIC 0x1F22B11F + -+#define MAX_BINN_HEADER 9 -+#define MIN_BINN_SIZE 3 -+#define CHUNK_SIZE 256 ++#define MAX_BINN_HEADER 9 // [1:type][4:size][4:count] ++#define MIN_BINN_SIZE 3 // [1:type][1:size][1:count] ++#define CHUNK_SIZE 256 // 1024 + +#define BINN_STRUCT 1 +#define BINN_BUFFER 2 @@ -116,14 +118,14 @@ diff -Nur openssh-9.6p1.orig/binn.c openssh-9.6p1/binn.c + unsigned char *dest = (unsigned char *) pdest; + dest[0] = source[1]; + dest[1] = source[0]; -+#else /* if BYTE_ORDER == BIG_ENDIAN */ ++#else // if BYTE_ORDER == BIG_ENDIAN +#ifdef BINN_ONLY_ALIGNED_ACCESS -+ if ((uintptr_t)psource % 2 == 0){ /* address aligned to 16 bit */ ++ if ((uintptr_t)psource % 2 == 0){ // address aligned to 16 bit + *pdest = *psource; + } else { + unsigned char *source = (unsigned char *) psource; + unsigned char *dest = (unsigned char *) pdest; -+ dest[0] = source[0]; /* indexes are the same */ ++ dest[0] = source[0]; // indexes are the same + dest[1] = source[1]; + } +#else @@ -140,14 +142,14 @@ diff -Nur openssh-9.6p1.orig/binn.c openssh-9.6p1/binn.c + dest[1] = source[2]; + dest[2] = source[1]; + dest[3] = source[0]; -+#else /* if BYTE_ORDER == BIG_ENDIAN */ ++#else // if BYTE_ORDER == BIG_ENDIAN +#ifdef BINN_ONLY_ALIGNED_ACCESS -+ if ((uintptr_t)psource % 4 == 0){ /* address aligned to 32 bit */ ++ if ((uintptr_t)psource % 4 == 0){ // address aligned to 32 bit + *pdest = *psource; + } else { + unsigned char *source = (unsigned char *) psource; + unsigned char *dest = (unsigned char *) pdest; -+ dest[0] = source[0]; /* indexes are the same */ ++ dest[0] = source[0]; // indexes are the same + dest[1] = source[1]; + dest[2] = source[2]; + dest[3] = source[3]; @@ -166,16 +168,16 @@ diff -Nur openssh-9.6p1.orig/binn.c openssh-9.6p1/binn.c + for (i=0; i < 8; i++) { + dest[i] = source[7-i]; + } -+#else /* if BYTE_ORDER == BIG_ENDIAN */ ++#else // if BYTE_ORDER == BIG_ENDIAN +#ifdef BINN_ONLY_ALIGNED_ACCESS -+ if ((uintptr_t)psource % 8 == 0){ /* address aligned to 64 bit */ ++ if ((uintptr_t)psource % 8 == 0){ // address aligned to 64 bit + *pdest = *psource; + } else { + unsigned char *source = (unsigned char *) psource; + unsigned char *dest = (unsigned char *) pdest; + int i; + for (i=0; i < 8; i++) { -+ dest[i] = source[i]; /* indexes are the same */ ++ dest[i] = source[i]; // indexes are the same + } + } +#else @@ -191,7 +193,7 @@ diff -Nur openssh-9.6p1.orig/binn.c openssh-9.6p1/binn.c +#define strnicmp strncasecmp +#endif + -+BINN_PRIVATE BOOL IsValidBinnHeader(void *pbuf, int *ptype, int *pcount, int *psize, int *pheadersize); ++BINN_PRIVATE BOOL IsValidBinnHeader(const void *pbuf, int *ptype, int *pcount, int *psize, int *pheadersize); + +/***************************************************************************/ + @@ -228,7 +230,7 @@ diff -Nur openssh-9.6p1.orig/binn.c openssh-9.6p1/binn.c + +/***************************************************************************/ + -+BINN_PRIVATE void * binn_memdup(void *src, int size) { ++BINN_PRIVATE void * binn_memdup(const void *src, int size) { + void *dest; + + if (src == NULL || size <= 0) return NULL; @@ -252,7 +254,7 @@ diff -Nur openssh-9.6p1.orig/binn.c openssh-9.6p1/binn.c + +int APIENTRY binn_create_type(int storage_type, int data_type_index) { + if (data_type_index < 0) return -1; -+ if ((storage_type < BINN_STORAGE_MIN) || (storage_type > BINN_STORAGE_MAX)) return -1; ++ if (storage_type < BINN_STORAGE_MIN || storage_type > BINN_STORAGE_MAX) return -1; + if (data_type_index < 16) + return storage_type | data_type_index; + else if (data_type_index < 4096) { @@ -283,8 +285,8 @@ diff -Nur openssh-9.6p1.orig/binn.c openssh-9.6p1/binn.c + extra_type = long_type & BINN_TYPE_MASK16; + extra_type >>= 4; + } else if (long_type & BINN_STORAGE_VIRTUAL) { -+ /* storage_type = BINN_STORAGE_VIRTUAL; */ -+ /* extra_type = xxx; */ ++ //storage_type = BINN_STORAGE_VIRTUAL; ++ //extra_type = xxx; + long_type &= 0xffff; + goto again; + } else { @@ -315,7 +317,7 @@ diff -Nur openssh-9.6p1.orig/binn.c openssh-9.6p1/binn.c + goto loc_exit; + } + -+ if ((item == NULL) || (size < 0)) goto loc_exit; ++ if (item == NULL || size < 0) goto loc_exit; + if (size < MIN_BINN_SIZE) { + if (pointer) goto loc_exit; + else size = 0; @@ -325,24 +327,23 @@ diff -Nur openssh-9.6p1.orig/binn.c openssh-9.6p1/binn.c + + if (pointer) { + item->pre_allocated = TRUE; -+ item->pbuf = pointer; -+ item->alloc_size = size; + } else { + item->pre_allocated = FALSE; + if (size == 0) size = CHUNK_SIZE; + pointer = binn_malloc(size); + if (pointer == 0) return INVALID_BINN; -+ item->pbuf = pointer; -+ item->alloc_size = size; + } + ++ item->pbuf = pointer; ++ item->alloc_size = size; ++ + item->header = BINN_MAGIC; -+ /* item->allocated = FALSE; -- already zeroed */ ++ //item->allocated = FALSE; -- already zeroed + item->writable = TRUE; -+ item->used_size = MAX_BINN_HEADER; /* save space for the header */ ++ item->used_size = MAX_BINN_HEADER; // save space for the header + item->type = type; -+ /* item->count = 0; -- already zeroed */ -+ item->dirty = TRUE; /* the header is not written to the buffer */ ++ //item->count = 0; -- already zeroed ++ item->dirty = TRUE; // the header is not written to the buffer + + retval = TRUE; + @@ -412,7 +413,7 @@ diff -Nur openssh-9.6p1.orig/binn.c openssh-9.6p1/binn.c + +/***************************************************************************/ + -+binn * APIENTRY binn_copy(void *old) { ++binn * APIENTRY binn_copy(const void *old) { + int type, count, size, header_size; + unsigned char *old_ptr = binn_ptr(old); + binn *item; @@ -434,23 +435,39 @@ diff -Nur openssh-9.6p1.orig/binn.c openssh-9.6p1/binn.c + +/*************************************************************************************/ + -+BOOL APIENTRY binn_load(void *data, binn *value) { ++// deprecated: unsecure. the size can be corrupted accidentally or intentionally ++BOOL APIENTRY binn_load(const void *data, binn *value) { + -+ if ((data == NULL) || (value == NULL)) return FALSE; ++ if (data == NULL || value == NULL) return FALSE; + memset(value, 0, sizeof(binn)); + value->header = BINN_MAGIC; -+ /* value->allocated = FALSE; -- already zeroed */ -+ /* value->writable = FALSE; */ ++ //value->allocated = FALSE; -- already zeroed ++ //value->writable = FALSE; + + if (binn_is_valid(data, &value->type, &value->count, &value->size) == FALSE) return FALSE; -+ value->ptr = data; ++ value->ptr = (void*) data; ++ return TRUE; ++ ++} ++ ++BOOL APIENTRY binn_load_ex(const void *data, int size, binn *value) { ++ ++ if (data == NULL || value == NULL || size <= 0) return FALSE; ++ memset(value, 0, sizeof(binn)); ++ value->header = BINN_MAGIC; ++ //value->allocated = FALSE; -- already zeroed ++ //value->writable = FALSE; ++ ++ if (binn_is_valid_ex(data, &value->type, &value->count, &size) == FALSE) return FALSE; ++ value->ptr = (void*) data; ++ value->size = size; + return TRUE; + +} + +/*************************************************************************************/ + -+binn * APIENTRY binn_open(void *data) { ++binn * APIENTRY binn_open(const void *data) { + binn *item; + + item = (binn*) binn_malloc(sizeof(binn)); @@ -465,9 +482,24 @@ diff -Nur openssh-9.6p1.orig/binn.c openssh-9.6p1/binn.c + +} + ++binn * APIENTRY binn_open_ex(const void *data, int size) { ++ binn *item; ++ ++ item = (binn*) binn_malloc(sizeof(binn)); ++ ++ if (binn_load_ex(data, size, item) == FALSE) { ++ free_fn(item); ++ return NULL; ++ } ++ ++ item->allocated = TRUE; ++ return item; ++ ++} ++ +/***************************************************************************/ + -+BINN_PRIVATE int binn_get_ptr_type(void *ptr) { ++BINN_PRIVATE int binn_get_ptr_type(const void *ptr) { + + if (ptr == NULL) return 0; + @@ -482,7 +514,7 @@ diff -Nur openssh-9.6p1.orig/binn.c openssh-9.6p1/binn.c + +/***************************************************************************/ + -+BOOL APIENTRY binn_is_struct(void *ptr) { ++BOOL APIENTRY binn_is_struct(const void *ptr) { + + if (ptr == NULL) return FALSE; + @@ -501,8 +533,8 @@ diff -Nur openssh-9.6p1.orig/binn.c openssh-9.6p1/binn.c + + calc_size = alloc_size; + while (calc_size < needed_size) { -+ calc_size <<= 1; /* same as *= 2 */ -+ /* calc_size += CHUNK_SIZE; -- this is slower than the above line, because there are more reallocations */ ++ calc_size <<= 1; // same as *= 2 ++ //calc_size += CHUNK_SIZE; -- this is slower than the above line, because there are more reallocations + } + return calc_size; + @@ -566,7 +598,7 @@ diff -Nur openssh-9.6p1.orig/binn.c openssh-9.6p1/binn.c + + switch (storage_type) { + case BINN_STORAGE_NOBYTES: -+ /* p += 0; */ ++ //p += 0; + break; + case BINN_STORAGE_BYTE: + p ++; @@ -594,7 +626,7 @@ diff -Nur openssh-9.6p1.orig/binn.c openssh-9.6p1/binn.c + } + p += DataSize; + if (storage_type == BINN_STORAGE_STRING) { -+ p++; /* null terminator. */ ++ p++; // null terminator. + } + break; + case BINN_STORAGE_CONTAINER: @@ -605,15 +637,13 @@ diff -Nur openssh-9.6p1.orig/binn.c openssh-9.6p1/binn.c + copy_be32((u32*)&DataSize, (u32*)p); + DataSize &= 0x7FFFFFFF; + } -+ DataSize--; /* remove the type byte already added before */ ++ DataSize--; // remove the type byte already added before + p += DataSize; + break; + default: + return 0; + } + -+ if (p > plimit) return 0; -+ + return p; + +} @@ -639,6 +669,7 @@ diff -Nur openssh-9.6p1.orig/binn.c openssh-9.6p1/binn.c + int id, extra_bytes; + + p = *pp; ++ if (p > plimit) return 0; + + c = *p++; + @@ -693,15 +724,15 @@ diff -Nur openssh-9.6p1.orig/binn.c openssh-9.6p1/binn.c + plimit = p + size - 1; + p += header_size; + -+ /* search for the ID in all the arguments. */ ++ // search for the ID in all the arguments. + for (i = 0; i < numitems; i++) { + int32 = read_map_id(&p, plimit); + if (p > plimit) break; -+ /* Compare if the IDs are equal. */ ++ // Compare if the IDs are equal. + if (int32 == id) return p; -+ /* xxx */ ++ // xxx + p = AdvanceDataPos(p, plimit); -+ if ((p == 0) || (p < base)) break; ++ if (p == 0 || p < base) break; + } + + return NULL; @@ -720,27 +751,27 @@ diff -Nur openssh-9.6p1.orig/binn.c openssh-9.6p1/binn.c + + keylen = strlen(key); + -+ /* search for the key in all the arguments. */ ++ // search for the key in all the arguments. + for (i = 0; i < numitems; i++) { ++ if (p > plimit) break; + len = *((unsigned char *)p); + p++; -+ if (p > plimit) break; -+ /* Compare if the strings are equal. */ ++ if (p + len > plimit) break; ++ // Compare if the strings are equal. + if (len > 0) { -+ if (strnicmp((char*)p, key, len) == 0) { /* note that there is no null terminator here */ ++ if (strnicmp((char*)p, key, len) == 0) { // note that there is no null terminator here + if (keylen == len) { + p += len; + return p; + } + } + p += len; -+ if (p > plimit) break; -+ } else if (len == keylen) { /* in the case of empty string: "" */ ++ } else if (len == keylen) { // in the case of empty string: "" + return p; + } -+ /* xxx */ ++ // xxx + p = AdvanceDataPos(p, plimit); -+ if ((p == 0) || (p < base)) break; ++ if (p == 0 || p < base) break; + } + + return NULL; @@ -755,9 +786,9 @@ diff -Nur openssh-9.6p1.orig/binn.c openssh-9.6p1/binn.c + +BINN_PRIVATE BOOL binn_list_add_raw(binn *item, int type, void *pvalue, int size) { + -+ if ((item == NULL) || (item->type != BINN_LIST) || (item->writable == FALSE)) return FALSE; ++ if (item == NULL || item->type != BINN_LIST || item->writable == FALSE) return FALSE; + -+ /* if (CheckAllocation(item, 4) == FALSE) return FALSE; // 4 bytes used for data_store and data_format. */ ++ //if (CheckAllocation(item, 4) == FALSE) return FALSE; // 4 bytes used for data_store and data_format. + + if (AddValue(item, type, pvalue, size) == FALSE) return FALSE; + @@ -773,26 +804,26 @@ diff -Nur openssh-9.6p1.orig/binn.c openssh-9.6p1/binn.c + unsigned char *p, len; + int int32; + -+ if ((item == NULL) || (item->type != BINN_OBJECT) || (item->writable == FALSE)) return FALSE; ++ if (item == NULL || item->type != BINN_OBJECT || item->writable == FALSE) return FALSE; + + if (key == NULL) return FALSE; + int32 = strlen(key); + if (int32 > 255) return FALSE; + -+ /* is the key already in it? */ ++ // is the key already in it? + p = SearchForKey(item->pbuf, MAX_BINN_HEADER, item->used_size, item->count, key); + if (p) return FALSE; + -+ /* start adding it */ ++ // start adding it + -+ if (CheckAllocation(item, 1 + int32) == FALSE) return FALSE; /* bytes used for the key size and the key itself. */ ++ if (CheckAllocation(item, 1 + int32) == FALSE) return FALSE; // bytes used for the key size and the key itself. + + p = ((unsigned char *) item->pbuf) + item->used_size; + len = int32; + *p = len; + p++; + memcpy(p, key, int32); -+ int32++; /* now contains the strlen + 1 byte for the len */ ++ int32++; // now contains the strlen + 1 byte for the len + item->used_size += int32; + + if (AddValue(item, type, pvalue, size) == FALSE) { @@ -812,15 +843,15 @@ diff -Nur openssh-9.6p1.orig/binn.c openssh-9.6p1/binn.c + unsigned char *base, *p, sign; + int id_size; + -+ if ((item == NULL) || (item->type != BINN_MAP) || (item->writable == FALSE)) return FALSE; ++ if (item == NULL || item->type != BINN_MAP || item->writable == FALSE) return FALSE; + -+ /* is the ID already in it? */ ++ // is the ID already in it? + p = SearchForID(item->pbuf, MAX_BINN_HEADER, item->used_size, item->count, id); + if (p) return FALSE; + -+ /* start adding it */ ++ // start adding it + -+ if (CheckAllocation(item, 5) == FALSE) return FALSE; /* max 5 bytes used for the id. */ ++ if (CheckAllocation(item, 5) == FALSE) return FALSE; // max 5 bytes used for the id. + + p = base = ((unsigned char *) item->pbuf) + item->used_size; + @@ -906,7 +937,7 @@ diff -Nur openssh-9.6p1.orig/binn.c openssh-9.6p1/binn.c + goto loc_positive; + } + -+/* loc_negative: */ ++//loc_negative: + + if (vint >= INT8_MIN) { + type2 = BINN_INT8; @@ -935,7 +966,7 @@ diff -Nur openssh-9.6p1.orig/binn.c openssh-9.6p1/binn.c + + pvalue = (char *) psource; + -+ if ((type2) && (type2 != type)) { ++ if (type2 && type2 != type) { + *ptype = type2; + storage_type2 = binn_get_write_storage(type2); + *pstorage_type = storage_type2; @@ -966,14 +997,14 @@ diff -Nur openssh-9.6p1.orig/binn.c openssh-9.6p1/binn.c + break; + case BINN_STORAGE_BLOB: + case BINN_STORAGE_STRING: -+ if (size == 0) break; /* the 2 above are allowed to have 0 length */ ++ if (size == 0) break; // the 2 above are allowed to have 0 length + /* fall through */ + default: + return FALSE; + } + } + -+ if ((type_family(type) == BINN_FAMILY_INT) && (item->disable_int_compression == FALSE)) ++ if (type_family(type) == BINN_FAMILY_INT && item->disable_int_compression == FALSE) + pvalue = compress_int(&storage_type, &type, pvalue); + + switch (storage_type) { @@ -999,13 +1030,13 @@ diff -Nur openssh-9.6p1.orig/binn.c openssh-9.6p1/binn.c + break; + case BINN_STORAGE_BLOB: + if (size < 0) return FALSE; -+ /* if (size == 0) ... */ -+ ArgSize = size + 4; /* at least this size */ ++ //if (size == 0) ... ++ ArgSize = size + 4; // at least this size + break; + case BINN_STORAGE_STRING: + if (size < 0) return FALSE; + if (size == 0) size = strlen2( (char *) pvalue); -+ ArgSize = size + 5; /* at least this size */ ++ ArgSize = size + 5; // at least this size + break; + case BINN_STORAGE_CONTAINER: + if (size <= 0) return FALSE; @@ -1015,13 +1046,13 @@ diff -Nur openssh-9.6p1.orig/binn.c openssh-9.6p1/binn.c + return FALSE; + } + -+ ArgSize += 2; /* at least 2 bytes used for data_type. */ ++ ArgSize += 2; // at least 2 bytes used for data_type. + if (CheckAllocation(item, ArgSize) == FALSE) return FALSE; + -+ /* Gets the pointer to the next place in buffer */ ++ // Gets the pointer to the next place in buffer + p = ((unsigned char *) item->pbuf) + item->used_size; + -+ /* If the data is not a container, store the data type */ ++ // If the data is not a container, store the data type + if (storage_type != BINN_STORAGE_CONTAINER) { + if (type > 255) { + u16 type16 = type; @@ -1037,7 +1068,7 @@ diff -Nur openssh-9.6p1.orig/binn.c openssh-9.6p1/binn.c + + switch (storage_type) { + case BINN_STORAGE_NOBYTES: -+ /* Nothing to do. */ ++ // Nothing to do. + break; + case BINN_STORAGE_BYTE: + *((char *) p) = *((char *) pvalue); @@ -1071,7 +1102,7 @@ diff -Nur openssh-9.6p1.orig/binn.c openssh-9.6p1/binn.c + if (storage_type == BINN_STORAGE_STRING) { + p += size; + *((char *) p) = (char) 0; -+ size++; /* null terminator */ ++ size++; // null terminator + } + item->used_size += size; + break; @@ -1097,9 +1128,9 @@ diff -Nur openssh-9.6p1.orig/binn.c openssh-9.6p1/binn.c +#ifndef BINN_DISABLE_SMALL_HEADER + + p = ((unsigned char *) item->pbuf) + MAX_BINN_HEADER; -+ size = item->used_size - MAX_BINN_HEADER + 3; /* at least 3 bytes for the header */ ++ size = item->used_size - MAX_BINN_HEADER + 3; // at least 3 bytes for the header + -+ /* write the count */ ++ // write the count + if (item->count > 127) { + p -= 4; + size += 3; @@ -1110,7 +1141,7 @@ diff -Nur openssh-9.6p1.orig/binn.c openssh-9.6p1/binn.c + *p = (unsigned char) item->count; + } + -+ /* write the size */ ++ // write the size + if (size > 127) { + p -= 4; + size += 3; @@ -1121,11 +1152,11 @@ diff -Nur openssh-9.6p1.orig/binn.c openssh-9.6p1/binn.c + *p = (unsigned char) size; + } + -+ /* write the type. */ ++ // write the type. + p--; + *p = (unsigned char) item->type; + -+ /* set the values */ ++ // set the values + item->ptr = p; + item->size = size; + @@ -1135,14 +1166,14 @@ diff -Nur openssh-9.6p1.orig/binn.c openssh-9.6p1/binn.c + + p = (unsigned char *) item->pbuf; + -+ /* write the type. */ ++ // write the type. + byte = item->type; + *p = byte; p++; -+ /* write the size */ ++ // write the size + int32 = item->used_size | 0x80000000; + copy_be32((u32*)p, (u32*)&int32); + p+=4; -+ /* write the count */ ++ // write the count + int32 = item->count | 0x80000000; + copy_be32((u32*)p, (u32*)&int32); + @@ -1163,7 +1194,7 @@ diff -Nur openssh-9.6p1.orig/binn.c openssh-9.6p1/binn.c + + if (item == NULL) return; + -+ if ((item->writable) && (item->pre_allocated == FALSE)) { ++ if (item->writable && item->pre_allocated == FALSE) { + free_fn(item->pbuf); + } + @@ -1179,7 +1210,7 @@ diff -Nur openssh-9.6p1.orig/binn.c openssh-9.6p1/binn.c +} + +/***************************************************************************/ -+/* free the binn structure but keeps the binn buffer allocated, returning a pointer to it. use the free function to release the buffer later */ ++// free the binn structure but keeps the binn buffer allocated, returning a pointer to it. use the free function to release the buffer later +void * APIENTRY binn_release(binn *item) { + void *data; + @@ -1205,7 +1236,7 @@ diff -Nur openssh-9.6p1.orig/binn.c openssh-9.6p1/binn.c + +/***************************************************************************/ + -+BINN_PRIVATE BOOL IsValidBinnHeader(void *pbuf, int *ptype, int *pcount, int *psize, int *pheadersize) { ++BINN_PRIVATE BOOL IsValidBinnHeader(const void *pbuf, int *ptype, int *pcount, int *psize, int *pheadersize) { + unsigned char byte, *p, *plimit=0; + int int32, type, size, count; + @@ -1214,10 +1245,11 @@ diff -Nur openssh-9.6p1.orig/binn.c openssh-9.6p1/binn.c + p = (unsigned char *) pbuf; + + if (psize && *psize > 0) { ++ if (*psize < MIN_BINN_SIZE) return FALSE; + plimit = p + *psize - 1; + } + -+ /* get the type */ ++ // get the type + byte = *p; p++; + if ((byte & BINN_STORAGE_MASK) != BINN_STORAGE_CONTAINER) return FALSE; + if (byte & BINN_STORAGE_HAS_MORE) return FALSE; @@ -1232,7 +1264,7 @@ diff -Nur openssh-9.6p1.orig/binn.c openssh-9.6p1/binn.c + return FALSE; + } + -+ /* get the size */ ++ // get the size + if (plimit && p > plimit) return FALSE; + int32 = *((unsigned char*)p); + if (int32 & 0x80) { @@ -1245,7 +1277,7 @@ diff -Nur openssh-9.6p1.orig/binn.c openssh-9.6p1/binn.c + } + size = int32; + -+ /* get the count */ ++ // get the count + if (plimit && p > plimit) return FALSE; + int32 = *((unsigned char*)p); + if (int32 & 0x80) { @@ -1258,31 +1290,19 @@ diff -Nur openssh-9.6p1.orig/binn.c openssh-9.6p1/binn.c + } + count = int32; + -+#if 0 -+ /* get the size */ -+ copy_be32((u32*)&size, (u32*)p); -+ size &= 0x7FFFFFFF; -+ p+=4; ++ if (size < MIN_BINN_SIZE || count < 0) return FALSE; + -+ /* get the count */ -+ copy_be32((u32*)&count, (u32*)p); -+ count &= 0x7FFFFFFF; -+ p+=4; -+#endif -+ -+ if ((size < MIN_BINN_SIZE) || (count < 0)) return FALSE; -+ -+ /* return the values */ ++ // return the values + if (ptype) *ptype = type; + if (pcount) *pcount = count; -+ if (psize && *psize==0) *psize = size; ++ if (psize) *psize = size; + if (pheadersize) *pheadersize = (int) (p - (unsigned char*)pbuf); + return TRUE; +} + +/***************************************************************************/ + -+BINN_PRIVATE int binn_buf_type(void *pbuf) { ++BINN_PRIVATE int binn_buf_type(const void *pbuf) { + int type; + + if (!IsValidBinnHeader(pbuf, &type, NULL, NULL, NULL)) return INVALID_BINN; @@ -1293,7 +1313,7 @@ diff -Nur openssh-9.6p1.orig/binn.c openssh-9.6p1/binn.c + +/***************************************************************************/ + -+BINN_PRIVATE int binn_buf_count(void *pbuf) { ++BINN_PRIVATE int binn_buf_count(const void *pbuf) { + int nitems; + + if (!IsValidBinnHeader(pbuf, NULL, &nitems, NULL, NULL)) return 0; @@ -1304,7 +1324,7 @@ diff -Nur openssh-9.6p1.orig/binn.c openssh-9.6p1/binn.c + +/***************************************************************************/ + -+BINN_PRIVATE int binn_buf_size(void *pbuf) { ++BINN_PRIVATE int binn_buf_size(const void *pbuf) { + int size=0; + + if (!IsValidBinnHeader(pbuf, NULL, NULL, &size, NULL)) return 0; @@ -1315,7 +1335,7 @@ diff -Nur openssh-9.6p1.orig/binn.c openssh-9.6p1/binn.c + +/***************************************************************************/ + -+void * APIENTRY binn_ptr(void *ptr) { ++void * APIENTRY binn_ptr(const void *ptr) { + binn *item; + + switch (binn_get_ptr_type(ptr)) { @@ -1326,7 +1346,7 @@ diff -Nur openssh-9.6p1.orig/binn.c openssh-9.6p1/binn.c + } + return item->ptr; + case BINN_BUFFER: -+ return ptr; ++ return (void*)ptr; + default: + return NULL; + } @@ -1335,7 +1355,7 @@ diff -Nur openssh-9.6p1.orig/binn.c openssh-9.6p1/binn.c + +/***************************************************************************/ + -+int APIENTRY binn_size(void *ptr) { ++int APIENTRY binn_size(const void *ptr) { + binn *item; + + switch (binn_get_ptr_type(ptr)) { @@ -1355,7 +1375,7 @@ diff -Nur openssh-9.6p1.orig/binn.c openssh-9.6p1/binn.c + +/***************************************************************************/ + -+int APIENTRY binn_type(void *ptr) { ++int APIENTRY binn_type(const void *ptr) { + binn *item; + + switch (binn_get_ptr_type(ptr)) { @@ -1372,7 +1392,7 @@ diff -Nur openssh-9.6p1.orig/binn.c openssh-9.6p1/binn.c + +/***************************************************************************/ + -+int APIENTRY binn_count(void *ptr) { ++int APIENTRY binn_count(const void *ptr) { + binn *item; + + switch (binn_get_ptr_type(ptr)) { @@ -1389,73 +1409,83 @@ diff -Nur openssh-9.6p1.orig/binn.c openssh-9.6p1/binn.c + +/***************************************************************************/ + -+BOOL APIENTRY binn_is_valid_ex(void *ptr, int *ptype, int *pcount, int *psize) { ++// the container can be smaller than the informed size ++BINN_PRIVATE BOOL binn_is_valid_ex2(const void *ptr, int *ptype, int *pcount, int *psize) { + int i, type, count, size, header_size; + unsigned char *p, *plimit, *base, len; -+ void *pbuf; + -+ pbuf = binn_ptr(ptr); -+ if (pbuf == NULL) return FALSE; ++ if (ptr == NULL) return FALSE; + -+ /* is there an informed size? */ ++ // is there an informed size? + if (psize && *psize > 0) { + size = *psize; + } else { + size = 0; + } + -+ if (!IsValidBinnHeader(pbuf, &type, &count, &size, &header_size)) return FALSE; ++ if (!IsValidBinnHeader(ptr, &type, &count, &size, &header_size)) return FALSE; + -+ /* is there an informed size? */ ++ // is there an informed size? + if (psize && *psize > 0) { -+ /* is it the same as the one in the buffer? */ -+ if (size != *psize) return FALSE; ++ // is it bigger than the buffer? ++ if (size > *psize) return FALSE; + } -+ /* is there an informed count? */ ++ // is there an informed count? + if (pcount && *pcount > 0) { -+ /* is it the same as the one in the buffer? */ ++ // is it the same as the one in the buffer? + if (count != *pcount) return FALSE; + } -+ /* is there an informed type? */ ++ // is there an informed type? + if (ptype && *ptype != 0) { -+ /* is it the same as the one in the buffer? */ ++ // is it the same as the one in the buffer? + if (type != *ptype) return FALSE; + } + -+ /* it could compare the content size with the size informed on the header */ -+ -+ p = (unsigned char *)pbuf; ++ p = (unsigned char *)ptr; + base = p; -+ plimit = p + size; ++ plimit = p + size - 1; + + p += header_size; + -+ /* process all the arguments. */ ++ // process each (key and) value + for (i = 0; i < count; i++) { + switch (type) { + case BINN_OBJECT: -+ /* gets the string size (argument name) */ ++ if (p > plimit) goto Invalid; ++ // get the key (string) size + len = *p; + p++; -+ /* if (len == 0) goto Invalid; */ -+ /* increment the used space */ ++ //if (len == 0) goto Invalid; ++ // advance over the key + p += len; + break; + case BINN_MAP: -+ /* increment the used space */ ++ // advance over the key + read_map_id(&p, plimit); + break; -+ /* case BINN_LIST: */ -+ /* break; */ ++ case BINN_LIST: ++ // no key ++ break; ++ default: ++ goto Invalid; ++ } ++ // check the value ++ if (p > plimit) goto Invalid; ++ if ((*p & BINN_STORAGE_MASK) == BINN_STORAGE_CONTAINER) { ++ // recursively check the internal container ++ int size2 = plimit - p + 1; // maximum container size ++ if (binn_is_valid_ex2(p, NULL, NULL, &size2) == FALSE) goto Invalid; ++ p += size2; ++ } else { ++ // advance over the value ++ p = AdvanceDataPos(p, plimit); ++ if (p == 0 || p < base) goto Invalid; + } -+ /* xxx */ -+ p = AdvanceDataPos(p, plimit); -+ if ((p == 0) || (p < base)) goto Invalid; + } + -+ if (ptype && *ptype==0) *ptype = type; ++ if (ptype && *ptype==0) *ptype = type; + if (pcount && *pcount==0) *pcount = count; -+ if (psize && *psize==0) *psize = size; ++ if (psize) *psize = size; + return TRUE; + +Invalid: @@ -1463,9 +1493,32 @@ diff -Nur openssh-9.6p1.orig/binn.c openssh-9.6p1/binn.c + +} + ++// the container must have the informed size, if informed ++BOOL APIENTRY binn_is_valid_ex(const void *ptr, int *ptype, int *pcount, int *psize) { ++ int size; ++ ++ if (psize && *psize > 0) { ++ size = *psize; ++ } else { ++ size = 0; ++ } ++ ++ if (binn_is_valid_ex2(ptr, ptype, pcount, &size) == FALSE) return FALSE; ++ ++ if (psize) { ++ if (*psize > 0) { ++ if (size != *psize) return FALSE; ++ } else if (*psize==0) { ++ *psize = size; ++ } ++ } ++ ++ return TRUE; ++} ++ +/***************************************************************************/ + -+BOOL APIENTRY binn_is_valid(void *ptr, int *ptype, int *pcount, int *psize) { ++BOOL APIENTRY binn_is_valid(const void *ptr, int *ptype, int *pcount, int *psize) { + + if (ptype) *ptype = 0; + if (pcount) *pcount = 0; @@ -1479,78 +1532,87 @@ diff -Nur openssh-9.6p1.orig/binn.c openssh-9.6p1/binn.c +/*** INTERNAL FUNCTIONS ****************************************************/ +/***************************************************************************/ + -+BINN_PRIVATE BOOL GetValue(unsigned char *p, binn *value) { ++BINN_PRIVATE BOOL GetValue(unsigned char *p, unsigned char *plimit, binn *value) { + unsigned char byte; -+ int data_type, storage_type; /* , extra_type; */ ++ int data_type, storage_type; //, extra_type; + int DataSize; + void *p2; + + if (value == NULL) return FALSE; + memset(value, 0, sizeof(binn)); + value->header = BINN_MAGIC; -+ /* value->allocated = FALSE; -- already zeroed */ -+ /* value->writable = FALSE; */ ++ //value->allocated = FALSE; -- already zeroed ++ //value->writable = FALSE; + -+ /* saves for use with BINN_STORAGE_CONTAINER */ ++ // saves for use with BINN_STORAGE_CONTAINER + p2 = p; + -+ /* read the data type */ ++ // read the data type ++ if (p > plimit) return FALSE; + byte = *p; p++; + storage_type = byte & BINN_STORAGE_MASK; + if (byte & BINN_STORAGE_HAS_MORE) { + data_type = byte << 8; ++ if (p > plimit) return FALSE; + byte = *p; p++; + data_type |= byte; -+ /* extra_type = data_type & BINN_TYPE_MASK16; */ ++ //extra_type = data_type & BINN_TYPE_MASK16; + } else { + data_type = byte; -+ /* extra_type = byte & BINN_TYPE_MASK; */ ++ //extra_type = byte & BINN_TYPE_MASK; + } + -+ /* value->storage_type = storage_type; */ ++ //value->storage_type = storage_type; + value->type = data_type; + + switch (storage_type) { + case BINN_STORAGE_NOBYTES: + break; + case BINN_STORAGE_BYTE: ++ if (p > plimit) return FALSE; + value->vuint8 = *((unsigned char *) p); -+ value->ptr = p; /* value->ptr = &value->vuint8; */ ++ value->ptr = p; //value->ptr = &value->vuint8; + break; + case BINN_STORAGE_WORD: ++ if (p + 1 > plimit) return FALSE; + copy_be16((u16*)&value->vint16, (u16*)p); + value->ptr = &value->vint16; + break; + case BINN_STORAGE_DWORD: ++ if (p + 3 > plimit) return FALSE; + copy_be32((u32*)&value->vint32, (u32*)p); + value->ptr = &value->vint32; + break; + case BINN_STORAGE_QWORD: ++ if (p + 7 > plimit) return FALSE; + copy_be64((u64*)&value->vint64, (u64*)p); + value->ptr = &value->vint64; + break; + case BINN_STORAGE_BLOB: + case BINN_STORAGE_STRING: ++ if (p > plimit) return FALSE; + DataSize = *((unsigned char*)p); + if (DataSize & 0x80) { ++ if (p + 3 > plimit) return FALSE; + copy_be32((u32*)&DataSize, (u32*)p); + DataSize &= 0x7FFFFFFF; + p+=4; + } else { + p++; + } ++ if (p + DataSize - 1 > plimit) return FALSE; + value->size = DataSize; + value->ptr = p; + break; + case BINN_STORAGE_CONTAINER: -+ value->ptr = p2; /* <-- it returns the pointer to the container, not the data */ ++ value->ptr = p2; // <-- it returns the pointer to the container, not the data + if (IsValidBinnHeader(p2, NULL, &value->count, &value->size, NULL) == FALSE) return FALSE; + break; + default: + return FALSE; + } + -+ /* convert the returned value, if needed */ ++ // convert the returned value, if needed + + switch (value->type) { + case BINN_TRUE: @@ -1566,12 +1628,12 @@ diff -Nur openssh-9.6p1.orig/binn.c openssh-9.6p1/binn.c +#ifdef BINN_EXTENDED + case BINN_SINGLE_STR: + value->type = BINN_SINGLE; -+ value->vfloat = (float) atof((const char*)value->ptr); /* converts from string to double, and then to float */ ++ value->vfloat = (float) atof((const char*)value->ptr); // converts from string to double, and then to float + value->ptr = &value->vfloat; + break; + case BINN_DOUBLE_STR: + value->type = BINN_DOUBLE; -+ value->vdouble = atof((const char*)value->ptr); /* converts from string to double */ ++ value->vdouble = atof((const char*)value->ptr); // converts from string to double + value->ptr = &value->vdouble; + break; +#endif @@ -1592,8 +1654,8 @@ diff -Nur openssh-9.6p1.orig/binn.c openssh-9.6p1/binn.c + +#if BYTE_ORDER == LITTLE_ENDIAN + -+/* on little-endian devices we store the value so we can return a pointer to integers. */ -+/* it's valid only for single-threaded apps. multi-threaded apps must use the _get_ functions instead. */ ++// on little-endian devices we store the value so we can return a pointer to integers. ++// it's valid only for single-threaded apps. multi-threaded apps must use the _get_ functions instead. + +binn local_value; + @@ -1603,14 +1665,14 @@ diff -Nur openssh-9.6p1.orig/binn.c openssh-9.6p1/binn.c + + switch (binn_get_read_storage(value->type)) { + case BINN_STORAGE_NOBYTES: -+ /* return a valid pointer */ ++ // return a valid pointer + case BINN_STORAGE_WORD: + case BINN_STORAGE_DWORD: + case BINN_STORAGE_QWORD: -+ return &local_value.vint32; /* returns the pointer to the converted value, from big-endian to little-endian */ ++ return &local_value.vint32; // returns the pointer to the converted value, from big-endian to little-endian + } + -+ return value->ptr; /* returns from the on stack value to be thread-safe (for list, map, object, string and blob) */ ++ return value->ptr; // returns from the on stack value to be thread-safe (for list, map, object, string and blob) + +} + @@ -1620,78 +1682,82 @@ diff -Nur openssh-9.6p1.orig/binn.c openssh-9.6p1/binn.c +/*** READ FUNCTIONS ********************************************************/ +/***************************************************************************/ + -+BOOL APIENTRY binn_object_get_value(void *ptr, const char *key, binn *value) { ++BOOL APIENTRY binn_object_get_value(const void *ptr, const char *key, binn *value) { + int type, count, size=0, header_size; -+ unsigned char *p; ++ unsigned char *p, *plimit; + + ptr = binn_ptr(ptr); -+ if ((ptr == 0) || (key == 0) || (value == 0)) return FALSE; ++ if (ptr == NULL || key == NULL || value == NULL) return FALSE; + -+ /* check the header */ ++ // check the header + if (IsValidBinnHeader(ptr, &type, &count, &size, &header_size) == FALSE) return FALSE; + + if (type != BINN_OBJECT) return FALSE; + if (count == 0) return FALSE; + + p = (unsigned char *) ptr; ++ plimit = p + size - 1; ++ + p = SearchForKey(p, header_size, size, count, key); + if (p == FALSE) return FALSE; + -+ return GetValue(p, value); ++ return GetValue(p, plimit, value); + +} + +/***************************************************************************/ + -+BOOL APIENTRY binn_map_get_value(void* ptr, int id, binn *value) { ++BOOL APIENTRY binn_map_get_value(const void *ptr, int id, binn *value) { + int type, count, size=0, header_size; -+ unsigned char *p; ++ unsigned char *p, *plimit; + + ptr = binn_ptr(ptr); -+ if ((ptr == 0) || (value == 0)) return FALSE; ++ if (ptr == NULL || value == NULL) return FALSE; + -+ /* check the header */ ++ // check the header + if (IsValidBinnHeader(ptr, &type, &count, &size, &header_size) == FALSE) return FALSE; + + if (type != BINN_MAP) return FALSE; + if (count == 0) return FALSE; + + p = (unsigned char *) ptr; ++ plimit = p + size - 1; ++ + p = SearchForID(p, header_size, size, count, id); + if (p == FALSE) return FALSE; + -+ return GetValue(p, value); ++ return GetValue(p, plimit, value); + +} + +/***************************************************************************/ + -+BOOL APIENTRY binn_list_get_value(void* ptr, int pos, binn *value) { ++BOOL APIENTRY binn_list_get_value(const void *ptr, int pos, binn *value) { + int i, type, count, size=0, header_size; + unsigned char *p, *plimit, *base; + + ptr = binn_ptr(ptr); -+ if ((ptr == 0) || (value == 0)) return FALSE; ++ if (ptr == NULL || value == NULL) return FALSE; + -+ /* check the header */ ++ // check the header + if (IsValidBinnHeader(ptr, &type, &count, &size, &header_size) == FALSE) return FALSE; + + if (type != BINN_LIST) return FALSE; + if (count == 0) return FALSE; -+ if ((pos <= 0) | (pos > count)) return FALSE; -+ pos--; /* convert from base 1 to base 0 */ ++ if (pos <= 0 || pos > count) return FALSE; ++ pos--; // convert from base 1 to base 0 + + p = (unsigned char *) ptr; + base = p; -+ plimit = p + size; ++ plimit = p + size - 1; + p += header_size; + + for (i = 0; i < pos; i++) { + p = AdvanceDataPos(p, plimit); -+ if ((p == 0) || (p < base)) return FALSE; ++ if (p == 0 || p < base) return FALSE; + } + -+ return GetValue(p, value); ++ return GetValue(p, plimit, value); + +} + @@ -1699,17 +1765,17 @@ diff -Nur openssh-9.6p1.orig/binn.c openssh-9.6p1/binn.c +/*** READ PAIR BY POSITION *************************************************/ +/***************************************************************************/ + -+BINN_PRIVATE BOOL binn_read_pair(int expected_type, void *ptr, int pos, int *pid, char *pkey, binn *value) { ++BINN_PRIVATE BOOL binn_read_pair(int expected_type, const void *ptr, int pos, int *pid, char *pkey, binn *value) { + int type, count, size=0, header_size; + int i, int32, id = 0, counter=0; + unsigned char *p, *plimit, *base, *key = NULL, len = 0; + + ptr = binn_ptr(ptr); + -+ /* check the header */ ++ // check the header + if (IsValidBinnHeader(ptr, &type, &count, &size, &header_size) == FALSE) return FALSE; + -+ if ((type != expected_type) || (count == 0) || (pos < 1) || (pos > count)) return FALSE; ++ if (type != expected_type || count == 0 || pos < 1 || pos > count) return FALSE; + + p = (unsigned char *) ptr; + base = p; @@ -1733,9 +1799,9 @@ diff -Nur openssh-9.6p1.orig/binn.c openssh-9.6p1/binn.c + } + counter++; + if (counter == pos) goto found; -+ /* */ ++ // + p = AdvanceDataPos(p, plimit); -+ if ((p == 0) || (p < base)) return FALSE; ++ if (p == 0 || p < base) return FALSE; + } + + return FALSE; @@ -1754,13 +1820,13 @@ diff -Nur openssh-9.6p1.orig/binn.c openssh-9.6p1/binn.c + break; + } + -+ return GetValue(p, value); ++ return GetValue(p, plimit, value); + +} + +/***************************************************************************/ + -+BOOL APIENTRY binn_map_get_pair(void *ptr, int pos, int *pid, binn *value) { ++BOOL APIENTRY binn_map_get_pair(const void *ptr, int pos, int *pid, binn *value) { + + return binn_read_pair(BINN_MAP, ptr, pos, pid, NULL, value); + @@ -1768,7 +1834,7 @@ diff -Nur openssh-9.6p1.orig/binn.c openssh-9.6p1/binn.c + +/***************************************************************************/ + -+BOOL APIENTRY binn_object_get_pair(void *ptr, int pos, char *pkey, binn *value) { ++BOOL APIENTRY binn_object_get_pair(const void *ptr, int pos, char *pkey, binn *value) { + + return binn_read_pair(BINN_OBJECT, ptr, pos, NULL, pkey, value); + @@ -1776,7 +1842,7 @@ diff -Nur openssh-9.6p1.orig/binn.c openssh-9.6p1/binn.c + +/***************************************************************************/ + -+binn * APIENTRY binn_map_pair(void *map, int pos, int *pid) { ++binn * APIENTRY binn_map_pair(const void *map, int pos, int *pid) { + binn *value; + + value = (binn *) binn_malloc(sizeof(binn)); @@ -1793,7 +1859,7 @@ diff -Nur openssh-9.6p1.orig/binn.c openssh-9.6p1/binn.c + +/***************************************************************************/ + -+binn * APIENTRY binn_object_pair(void *obj, int pos, char *pkey) { ++binn * APIENTRY binn_object_pair(const void *obj, int pos, char *pkey) { + binn *value; + + value = (binn *) binn_malloc(sizeof(binn)); @@ -1811,7 +1877,7 @@ diff -Nur openssh-9.6p1.orig/binn.c openssh-9.6p1/binn.c +/***************************************************************************/ +/***************************************************************************/ + -+void * APIENTRY binn_map_read_pair(void *ptr, int pos, int *pid, int *ptype, int *psize) { ++void * APIENTRY binn_map_read_pair(const void *ptr, int pos, int *pid, int *ptype, int *psize) { + binn value; + + if (binn_map_get_pair(ptr, pos, pid, &value) == FALSE) return NULL; @@ -1827,7 +1893,7 @@ diff -Nur openssh-9.6p1.orig/binn.c openssh-9.6p1/binn.c + +/***************************************************************************/ + -+void * APIENTRY binn_object_read_pair(void *ptr, int pos, char *pkey, int *ptype, int *psize) { ++void * APIENTRY binn_object_read_pair(const void *ptr, int pos, char *pkey, int *ptype, int *psize) { + binn value; + + if (binn_object_get_pair(ptr, pos, pkey, &value) == FALSE) return NULL; @@ -1845,18 +1911,18 @@ diff -Nur openssh-9.6p1.orig/binn.c openssh-9.6p1/binn.c +/*** SEQUENTIAL READ FUNCTIONS *********************************************/ +/***************************************************************************/ + -+BOOL APIENTRY binn_iter_init(binn_iter *iter, void *ptr, int expected_type) { ++BOOL APIENTRY binn_iter_init(binn_iter *iter, const void *ptr, int expected_type) { + int type, count, size=0, header_size; + + ptr = binn_ptr(ptr); -+ if ((ptr == 0) || (iter == 0)) return FALSE; ++ if (ptr == NULL || iter == NULL) return FALSE; + memset(iter, 0, sizeof(binn_iter)); + -+ /* check the header */ ++ // check the header + if (IsValidBinnHeader(ptr, &type, &count, &size, &header_size) == FALSE) return FALSE; + + if (type != expected_type) return FALSE; -+ /* if (count == 0) return FALSE; -- should not be used */ ++ //if (count == 0) return FALSE; -- should not be used + + iter->plimit = (unsigned char *)ptr + size - 1; + iter->pnext = (unsigned char *)ptr + header_size; @@ -1872,7 +1938,7 @@ diff -Nur openssh-9.6p1.orig/binn.c openssh-9.6p1/binn.c +BOOL APIENTRY binn_list_next(binn_iter *iter, binn *value) { + unsigned char *pnow; + -+ if ((iter == 0) || (iter->pnext == 0) || (iter->pnext > iter->plimit) || (iter->current > iter->count) || (iter->type != BINN_LIST)) return FALSE; ++ if (iter == NULL || iter->pnext == NULL || iter->pnext > iter->plimit || iter->current > iter->count || iter->type != BINN_LIST) return FALSE; + + iter->current++; + if (iter->current > iter->count) return FALSE; @@ -1881,7 +1947,7 @@ diff -Nur openssh-9.6p1.orig/binn.c openssh-9.6p1/binn.c + iter->pnext = AdvanceDataPos(pnow, iter->plimit); + if (iter->pnext != 0 && iter->pnext < pnow) return FALSE; + -+ return GetValue(pnow, value); ++ return GetValue(pnow, iter->plimit, value); + +} + @@ -1892,7 +1958,7 @@ diff -Nur openssh-9.6p1.orig/binn.c openssh-9.6p1/binn.c + unsigned char *p, *key; + unsigned short len; + -+ if ((iter == 0) || (iter->pnext == 0) || (iter->pnext > iter->plimit) || (iter->current > iter->count) || (iter->type != expected_type)) return FALSE; ++ if (iter == NULL || iter->pnext == NULL || iter->pnext > iter->plimit || iter->current > iter->count || iter->type != expected_type) return FALSE; + + iter->current++; + if (iter->current > iter->count) return FALSE; @@ -1921,7 +1987,7 @@ diff -Nur openssh-9.6p1.orig/binn.c openssh-9.6p1/binn.c + iter->pnext = AdvanceDataPos(p, iter->plimit); + if (iter->pnext != 0 && iter->pnext < p) return FALSE; + -+ return GetValue(p, value); ++ return GetValue(p, iter->plimit, value); + +} + @@ -2121,14 +2187,14 @@ diff -Nur openssh-9.6p1.orig/binn.c openssh-9.6p1/binn.c +#ifdef BINN_EXTENDED + case BINN_SINGLE: + f1 = **(float**)ppvalue; -+ d1 = f1; /* convert from float (32bits) to double (64bits) */ ++ d1 = f1; // convert from float (32bits) to double (64bits) + type = BINN_SINGLE_STR; + goto conv_double; + case BINN_DOUBLE: + d1 = **(double**)ppvalue; + type = BINN_DOUBLE_STR; +conv_double: -+ /* the '%.17e' is more precise than the '%g' */ ++ // the '%.17e' is more precise than the '%g' + snprintf(pstr, 127, "%.17e", d1); + *ppvalue = pstr; + *ptype = type; @@ -2141,13 +2207,13 @@ diff -Nur openssh-9.6p1.orig/binn.c openssh-9.6p1/binn.c + snprintf(sptr, 127, "%E", **ppvalue); + *ppvalue = sptr; + */ -+ return TRUE; /* ! temporary */ ++ return TRUE; //! temporary + break; + + case BINN_DATE: + case BINN_DATETIME: + case BINN_TIME: -+ return TRUE; /* ! temporary */ ++ return TRUE; //! temporary + break; + + case BINN_BOOL: @@ -2187,9 +2253,9 @@ diff -Nur openssh-9.6p1.orig/binn.c openssh-9.6p1/binn.c + + case BINN_FLOAT32: + case BINN_FLOAT64: -+ /* case BINN_SINGLE: */ ++ //case BINN_SINGLE: + case BINN_SINGLE_STR: -+ /* case BINN_DOUBLE: */ ++ //case BINN_DOUBLE: + case BINN_DOUBLE_STR: + return BINN_FAMILY_FLOAT; + @@ -2222,7 +2288,7 @@ diff -Nur openssh-9.6p1.orig/binn.c openssh-9.6p1/binn.c + return BINN_FAMILY_NULL; + + default: -+ /* if it wasn't found */ ++ // if it wasn't found + return BINN_FAMILY_NONE; + } + @@ -2253,7 +2319,7 @@ diff -Nur openssh-9.6p1.orig/binn.c openssh-9.6p1/binn.c + +/*************************************************************************************/ + -+BINN_PRIVATE BOOL copy_raw_value(void *psource, void *pdest, int data_store) { ++BINN_PRIVATE BOOL copy_raw_value(const void *psource, void *pdest, int data_store) { + + switch (data_store) { + case BINN_STORAGE_NOBYTES: @@ -2285,7 +2351,7 @@ diff -Nur openssh-9.6p1.orig/binn.c openssh-9.6p1/binn.c + +/*************************************************************************************/ + -+BINN_PRIVATE BOOL copy_int_value(void *psource, void *pdest, int source_type, int dest_type) { ++BINN_PRIVATE BOOL copy_int_value(const void *psource, void *pdest, int source_type, int dest_type) { + uint64 vuint64 = 0; int64 vint64 = 0; + + switch (source_type) { @@ -2320,12 +2386,12 @@ diff -Nur openssh-9.6p1.orig/binn.c openssh-9.6p1/binn.c + } + + -+ /* copy from int64 to uint64, if possible */ ++ // copy from int64 to uint64, if possible + -+ if ((int_type(source_type) == BINN_UNSIGNED_INT) && (int_type(dest_type) == BINN_SIGNED_INT)) { ++ if (int_type(source_type) == BINN_UNSIGNED_INT && int_type(dest_type) == BINN_SIGNED_INT) { + if (vuint64 > INT64_MAX) return FALSE; + vint64 = vuint64; -+ } else if ((int_type(source_type) == BINN_SIGNED_INT) && (int_type(dest_type) == BINN_UNSIGNED_INT)) { ++ } else if (int_type(source_type) == BINN_SIGNED_INT && int_type(dest_type) == BINN_UNSIGNED_INT) { + if (vint64 < 0) return FALSE; + vuint64 = vint64; + } @@ -2333,15 +2399,15 @@ diff -Nur openssh-9.6p1.orig/binn.c openssh-9.6p1/binn.c + + switch (dest_type) { + case BINN_INT8: -+ if ((vint64 < INT8_MIN) || (vint64 > INT8_MAX)) return FALSE; ++ if (vint64 < INT8_MIN || vint64 > INT8_MAX) return FALSE; + *(signed char *)pdest = (signed char) vint64; + break; + case BINN_INT16: -+ if ((vint64 < INT16_MIN) || (vint64 > INT16_MAX)) return FALSE; ++ if (vint64 < INT16_MIN || vint64 > INT16_MAX) return FALSE; + *(short *)pdest = (short) vint64; + break; + case BINN_INT32: -+ if ((vint64 < INT32_MIN) || (vint64 > INT32_MAX)) return FALSE; ++ if (vint64 < INT32_MIN || vint64 > INT32_MAX) return FALSE; + *(int *)pdest = (int) vint64; + break; + case BINN_INT64: @@ -2374,7 +2440,7 @@ diff -Nur openssh-9.6p1.orig/binn.c openssh-9.6p1/binn.c + +/*************************************************************************************/ + -+BINN_PRIVATE BOOL copy_float_value(void *psource, void *pdest, int source_type) { ++BINN_PRIVATE BOOL copy_float_value(const void *psource, void *pdest, int source_type, int dest_type) { + + switch (source_type) { + case BINN_FLOAT32: @@ -2393,27 +2459,27 @@ diff -Nur openssh-9.6p1.orig/binn.c openssh-9.6p1/binn.c + +/*************************************************************************************/ + -+BINN_PRIVATE void zero_value(void *pvalue, int type) { -+ /* int size=0; */ ++BINN_PRIVATE void zero_value(const void *pvalue, int type) { ++ //int size=0; + + switch (binn_get_read_storage(type)) { + case BINN_STORAGE_NOBYTES: + break; + case BINN_STORAGE_BYTE: + *((char *) pvalue) = 0; -+ /* size=1; */ ++ //size=1; + break; + case BINN_STORAGE_WORD: + *((short *) pvalue) = 0; -+ /* size=2; */ ++ //size=2; + break; + case BINN_STORAGE_DWORD: + *((int *) pvalue) = 0; -+ /* size=4; */ ++ //size=4; + break; + case BINN_STORAGE_QWORD: + *((uint64 *) pvalue) = 0; -+ /* size=8; */ ++ //size=8; + break; + case BINN_STORAGE_BLOB: + case BINN_STORAGE_STRING: @@ -2422,7 +2488,7 @@ diff -Nur openssh-9.6p1.orig/binn.c openssh-9.6p1/binn.c + break; + } + -+ /* if (size>0) memset(pvalue, 0, size); */ ++ //if (size>0) memset(pvalue, 0, size); + +} + @@ -2432,10 +2498,10 @@ diff -Nur openssh-9.6p1.orig/binn.c openssh-9.6p1/binn.c + + if (type_family(source_type) != type_family(dest_type)) return FALSE; + -+ if ((type_family(source_type) == BINN_FAMILY_INT) && (source_type != dest_type)) { ++ if (type_family(source_type) == BINN_FAMILY_INT && source_type != dest_type) { + return copy_int_value(psource, pdest, source_type, dest_type); -+ } else if ((type_family(source_type) == BINN_FAMILY_FLOAT) && (source_type != dest_type)) { -+ return copy_float_value(psource, pdest, source_type); ++ } else if (type_family(source_type) == BINN_FAMILY_FLOAT && source_type != dest_type) { ++ return copy_float_value(psource, pdest, source_type, dest_type); + } else { + return copy_raw_value(psource, pdest, data_store); + } @@ -2476,7 +2542,7 @@ diff -Nur openssh-9.6p1.orig/binn.c openssh-9.6p1/binn.c + +/*************************************************************************************/ + -+/* this function is used by the wrappers */ ++// this function is used by the wrappers +BOOL APIENTRY binn_add_value(binn *item, int binn_type, int id, char *name, int type, void *pvalue, int size) { + + switch (binn_type) { @@ -2530,7 +2596,7 @@ diff -Nur openssh-9.6p1.orig/binn.c openssh-9.6p1/binn.c +/*** READ FUNCTIONS ******************************************************************/ +/*************************************************************************************/ + -+binn * APIENTRY binn_list_value(void *ptr, int pos) { ++binn * APIENTRY binn_list_value(const void *ptr, int pos) { + binn *value; + + value = (binn *) binn_malloc(sizeof(binn)); @@ -2547,7 +2613,7 @@ diff -Nur openssh-9.6p1.orig/binn.c openssh-9.6p1/binn.c + +/*************************************************************************************/ + -+binn * APIENTRY binn_map_value(void *ptr, int id) { ++binn * APIENTRY binn_map_value(const void *ptr, int id) { + binn *value; + + value = (binn *) binn_malloc(sizeof(binn)); @@ -2564,7 +2630,7 @@ diff -Nur openssh-9.6p1.orig/binn.c openssh-9.6p1/binn.c + +/*************************************************************************************/ + -+binn * APIENTRY binn_object_value(void *ptr, const char *key) { ++binn * APIENTRY binn_object_value(const void *ptr, const char *key) { + binn *value; + + value = (binn *) binn_malloc(sizeof(binn)); @@ -2582,7 +2648,7 @@ diff -Nur openssh-9.6p1.orig/binn.c openssh-9.6p1/binn.c +/***************************************************************************/ +/***************************************************************************/ + -+void * APIENTRY binn_list_read(void *list, int pos, int *ptype, int *psize) { ++void * APIENTRY binn_list_read(const void *list, int pos, int *ptype, int *psize) { + binn value; + + if (binn_list_get_value(list, pos, &value) == FALSE) return NULL; @@ -2598,7 +2664,7 @@ diff -Nur openssh-9.6p1.orig/binn.c openssh-9.6p1/binn.c + +/***************************************************************************/ + -+void * APIENTRY binn_map_read(void *map, int id, int *ptype, int *psize) { ++void * APIENTRY binn_map_read(const void *map, int id, int *ptype, int *psize) { + binn value; + + if (binn_map_get_value(map, id, &value) == FALSE) return NULL; @@ -2614,7 +2680,7 @@ diff -Nur openssh-9.6p1.orig/binn.c openssh-9.6p1/binn.c + +/***************************************************************************/ + -+void * APIENTRY binn_object_read(void *obj, const char *key, int *ptype, int *psize) { ++void * APIENTRY binn_object_read(const void *obj, const char *key, int *ptype, int *psize) { + binn value; + + if (binn_object_get_value(obj, key, &value) == FALSE) return NULL; @@ -2631,12 +2697,12 @@ diff -Nur openssh-9.6p1.orig/binn.c openssh-9.6p1/binn.c +/***************************************************************************/ +/***************************************************************************/ + -+BOOL APIENTRY binn_list_get(void *ptr, int pos, int type, void *pvalue, int *psize) { ++BOOL APIENTRY binn_list_get(const void *ptr, int pos, int type, void *pvalue, int *psize) { + binn value; + int storage_type; + + storage_type = binn_get_read_storage(type); -+ if ((storage_type != BINN_STORAGE_NOBYTES) && (pvalue == NULL)) return FALSE; ++ if (storage_type != BINN_STORAGE_NOBYTES && pvalue == NULL) return FALSE; + + zero_value(pvalue, type); + @@ -2652,12 +2718,12 @@ diff -Nur openssh-9.6p1.orig/binn.c openssh-9.6p1/binn.c + +/***************************************************************************/ + -+BOOL APIENTRY binn_map_get(void *ptr, int id, int type, void *pvalue, int *psize) { ++BOOL APIENTRY binn_map_get(const void *ptr, int id, int type, void *pvalue, int *psize) { + binn value; + int storage_type; + + storage_type = binn_get_read_storage(type); -+ if ((storage_type != BINN_STORAGE_NOBYTES) && (pvalue == NULL)) return FALSE; ++ if (storage_type != BINN_STORAGE_NOBYTES && pvalue == NULL) return FALSE; + + zero_value(pvalue, type); + @@ -2673,14 +2739,14 @@ diff -Nur openssh-9.6p1.orig/binn.c openssh-9.6p1/binn.c + +/***************************************************************************/ + -+/* if (binn_object_get(obj, "multiplier", BINN_INT32, &multiplier, NULL) == FALSE) xxx; */ ++// if (binn_object_get(obj, "multiplier", BINN_INT32, &multiplier, NULL) == FALSE) xxx; + -+BOOL APIENTRY binn_object_get(void *ptr, const char *key, int type, void *pvalue, int *psize) { ++BOOL APIENTRY binn_object_get(const void *ptr, const char *key, int type, void *pvalue, int *psize) { + binn value; + int storage_type; + + storage_type = binn_get_read_storage(type); -+ if ((storage_type != BINN_STORAGE_NOBYTES) && (pvalue == NULL)) return FALSE; ++ if (storage_type != BINN_STORAGE_NOBYTES && pvalue == NULL) return FALSE; + + zero_value(pvalue, type); + @@ -2697,14 +2763,14 @@ diff -Nur openssh-9.6p1.orig/binn.c openssh-9.6p1/binn.c +/***************************************************************************/ +/***************************************************************************/ + -+/* these functions below may not be implemented as inline functions, because */ -+/* they use a lot of space, even for the variable. so they will be exported. */ ++// these functions below may not be implemented as inline functions, because ++// they use a lot of space, even for the variable. so they will be exported. + -+/* but what about using as static? */ -+/* is there any problem with wrappers? can these wrappers implement these functions using the header? */ -+/* if as static, will they be present even on modules that don't use the functions? */ ++// but what about using as static? ++// is there any problem with wrappers? can these wrappers implement these functions using the header? ++// if as static, will they be present even on modules that don't use the functions? + -+signed char APIENTRY binn_list_int8(void *list, int pos) { ++signed char APIENTRY binn_list_int8(const void *list, int pos) { + signed char value; + + binn_list_get(list, pos, BINN_INT8, &value, NULL); @@ -2712,7 +2778,7 @@ diff -Nur openssh-9.6p1.orig/binn.c openssh-9.6p1/binn.c + return value; +} + -+short APIENTRY binn_list_int16(void *list, int pos) { ++short APIENTRY binn_list_int16(const void *list, int pos) { + short value; + + binn_list_get(list, pos, BINN_INT16, &value, NULL); @@ -2720,7 +2786,7 @@ diff -Nur openssh-9.6p1.orig/binn.c openssh-9.6p1/binn.c + return value; +} + -+int APIENTRY binn_list_int32(void *list, int pos) { ++int APIENTRY binn_list_int32(const void *list, int pos) { + int value; + + binn_list_get(list, pos, BINN_INT32, &value, NULL); @@ -2728,7 +2794,7 @@ diff -Nur openssh-9.6p1.orig/binn.c openssh-9.6p1/binn.c + return value; +} + -+int64 APIENTRY binn_list_int64(void *list, int pos) { ++int64 APIENTRY binn_list_int64(const void *list, int pos) { + int64 value; + + binn_list_get(list, pos, BINN_INT64, &value, NULL); @@ -2736,7 +2802,7 @@ diff -Nur openssh-9.6p1.orig/binn.c openssh-9.6p1/binn.c + return value; +} + -+unsigned char APIENTRY binn_list_uint8(void *list, int pos) { ++unsigned char APIENTRY binn_list_uint8(const void *list, int pos) { + unsigned char value; + + binn_list_get(list, pos, BINN_UINT8, &value, NULL); @@ -2744,7 +2810,7 @@ diff -Nur openssh-9.6p1.orig/binn.c openssh-9.6p1/binn.c + return value; +} + -+unsigned short APIENTRY binn_list_uint16(void *list, int pos) { ++unsigned short APIENTRY binn_list_uint16(const void *list, int pos) { + unsigned short value; + + binn_list_get(list, pos, BINN_UINT16, &value, NULL); @@ -2752,7 +2818,7 @@ diff -Nur openssh-9.6p1.orig/binn.c openssh-9.6p1/binn.c + return value; +} + -+unsigned int APIENTRY binn_list_uint32(void *list, int pos) { ++unsigned int APIENTRY binn_list_uint32(const void *list, int pos) { + unsigned int value; + + binn_list_get(list, pos, BINN_UINT32, &value, NULL); @@ -2760,7 +2826,7 @@ diff -Nur openssh-9.6p1.orig/binn.c openssh-9.6p1/binn.c + return value; +} + -+uint64 APIENTRY binn_list_uint64(void *list, int pos) { ++uint64 APIENTRY binn_list_uint64(const void *list, int pos) { + uint64 value; + + binn_list_get(list, pos, BINN_UINT64, &value, NULL); @@ -2768,7 +2834,7 @@ diff -Nur openssh-9.6p1.orig/binn.c openssh-9.6p1/binn.c + return value; +} + -+float APIENTRY binn_list_float(void *list, int pos) { ++float APIENTRY binn_list_float(const void *list, int pos) { + float value; + + binn_list_get(list, pos, BINN_FLOAT32, &value, NULL); @@ -2776,7 +2842,7 @@ diff -Nur openssh-9.6p1.orig/binn.c openssh-9.6p1/binn.c + return value; +} + -+double APIENTRY binn_list_double(void *list, int pos) { ++double APIENTRY binn_list_double(const void *list, int pos) { + double value; + + binn_list_get(list, pos, BINN_FLOAT64, &value, NULL); @@ -2784,21 +2850,21 @@ diff -Nur openssh-9.6p1.orig/binn.c openssh-9.6p1/binn.c + return value; +} + -+BOOL APIENTRY binn_list_bool(void *list, int pos) { -+ BOOL value; ++BOOL APIENTRY binn_list_bool(const void *list, int pos) { ++ BOOL value = TRUE; + + binn_list_get(list, pos, BINN_BOOL, &value, NULL); + + return value; +} + -+BOOL APIENTRY binn_list_null(void *list, int pos) { ++BOOL APIENTRY binn_list_null(const void *list, int pos) { + + return binn_list_get(list, pos, BINN_NULL, NULL, NULL); + +} + -+char * APIENTRY binn_list_str(void *list, int pos) { ++char * APIENTRY binn_list_str(const void *list, int pos) { + char *value; + + binn_list_get(list, pos, BINN_STRING, &value, NULL); @@ -2806,7 +2872,7 @@ diff -Nur openssh-9.6p1.orig/binn.c openssh-9.6p1/binn.c + return value; +} + -+void * APIENTRY binn_list_blob(void *list, int pos, int *psize) { ++void * APIENTRY binn_list_blob(const void *list, int pos, int *psize) { + void *value; + + binn_list_get(list, pos, BINN_BLOB, &value, psize); @@ -2814,7 +2880,7 @@ diff -Nur openssh-9.6p1.orig/binn.c openssh-9.6p1/binn.c + return value; +} + -+void * APIENTRY binn_list_list(void *list, int pos) { ++void * APIENTRY binn_list_list(const void *list, int pos) { + void *value; + + binn_list_get(list, pos, BINN_LIST, &value, NULL); @@ -2822,7 +2888,7 @@ diff -Nur openssh-9.6p1.orig/binn.c openssh-9.6p1/binn.c + return value; +} + -+void * APIENTRY binn_list_map(void *list, int pos) { ++void * APIENTRY binn_list_map(const void *list, int pos) { + void *value; + + binn_list_get(list, pos, BINN_MAP, &value, NULL); @@ -2830,7 +2896,7 @@ diff -Nur openssh-9.6p1.orig/binn.c openssh-9.6p1/binn.c + return value; +} + -+void * APIENTRY binn_list_object(void *list, int pos) { ++void * APIENTRY binn_list_object(const void *list, int pos) { + void *value; + + binn_list_get(list, pos, BINN_OBJECT, &value, NULL); @@ -2840,7 +2906,7 @@ diff -Nur openssh-9.6p1.orig/binn.c openssh-9.6p1/binn.c + +/***************************************************************************/ + -+signed char APIENTRY binn_map_int8(void *map, int id) { ++signed char APIENTRY binn_map_int8(const void *map, int id) { + signed char value; + + binn_map_get(map, id, BINN_INT8, &value, NULL); @@ -2848,7 +2914,7 @@ diff -Nur openssh-9.6p1.orig/binn.c openssh-9.6p1/binn.c + return value; +} + -+short APIENTRY binn_map_int16(void *map, int id) { ++short APIENTRY binn_map_int16(const void *map, int id) { + short value; + + binn_map_get(map, id, BINN_INT16, &value, NULL); @@ -2856,7 +2922,7 @@ diff -Nur openssh-9.6p1.orig/binn.c openssh-9.6p1/binn.c + return value; +} + -+int APIENTRY binn_map_int32(void *map, int id) { ++int APIENTRY binn_map_int32(const void *map, int id) { + int value; + + binn_map_get(map, id, BINN_INT32, &value, NULL); @@ -2864,7 +2930,7 @@ diff -Nur openssh-9.6p1.orig/binn.c openssh-9.6p1/binn.c + return value; +} + -+int64 APIENTRY binn_map_int64(void *map, int id) { ++int64 APIENTRY binn_map_int64(const void *map, int id) { + int64 value; + + binn_map_get(map, id, BINN_INT64, &value, NULL); @@ -2872,7 +2938,7 @@ diff -Nur openssh-9.6p1.orig/binn.c openssh-9.6p1/binn.c + return value; +} + -+unsigned char APIENTRY binn_map_uint8(void *map, int id) { ++unsigned char APIENTRY binn_map_uint8(const void *map, int id) { + unsigned char value; + + binn_map_get(map, id, BINN_UINT8, &value, NULL); @@ -2880,7 +2946,7 @@ diff -Nur openssh-9.6p1.orig/binn.c openssh-9.6p1/binn.c + return value; +} + -+unsigned short APIENTRY binn_map_uint16(void *map, int id) { ++unsigned short APIENTRY binn_map_uint16(const void *map, int id) { + unsigned short value; + + binn_map_get(map, id, BINN_UINT16, &value, NULL); @@ -2888,7 +2954,7 @@ diff -Nur openssh-9.6p1.orig/binn.c openssh-9.6p1/binn.c + return value; +} + -+unsigned int APIENTRY binn_map_uint32(void *map, int id) { ++unsigned int APIENTRY binn_map_uint32(const void *map, int id) { + unsigned int value; + + binn_map_get(map, id, BINN_UINT32, &value, NULL); @@ -2896,7 +2962,7 @@ diff -Nur openssh-9.6p1.orig/binn.c openssh-9.6p1/binn.c + return value; +} + -+uint64 APIENTRY binn_map_uint64(void *map, int id) { ++uint64 APIENTRY binn_map_uint64(const void *map, int id) { + uint64 value; + + binn_map_get(map, id, BINN_UINT64, &value, NULL); @@ -2904,7 +2970,7 @@ diff -Nur openssh-9.6p1.orig/binn.c openssh-9.6p1/binn.c + return value; +} + -+float APIENTRY binn_map_float(void *map, int id) { ++float APIENTRY binn_map_float(const void *map, int id) { + float value; + + binn_map_get(map, id, BINN_FLOAT32, &value, NULL); @@ -2912,7 +2978,7 @@ diff -Nur openssh-9.6p1.orig/binn.c openssh-9.6p1/binn.c + return value; +} + -+double APIENTRY binn_map_double(void *map, int id) { ++double APIENTRY binn_map_double(const void *map, int id) { + double value; + + binn_map_get(map, id, BINN_FLOAT64, &value, NULL); @@ -2920,21 +2986,21 @@ diff -Nur openssh-9.6p1.orig/binn.c openssh-9.6p1/binn.c + return value; +} + -+BOOL APIENTRY binn_map_bool(void *map, int id) { -+ BOOL value; ++BOOL APIENTRY binn_map_bool(const void *map, int id) { ++ BOOL value = TRUE; + + binn_map_get(map, id, BINN_BOOL, &value, NULL); + + return value; +} + -+BOOL APIENTRY binn_map_null(void *map, int id) { ++BOOL APIENTRY binn_map_null(const void *map, int id) { + + return binn_map_get(map, id, BINN_NULL, NULL, NULL); + +} + -+char * APIENTRY binn_map_str(void *map, int id) { ++char * APIENTRY binn_map_str(const void *map, int id) { + char *value; + + binn_map_get(map, id, BINN_STRING, &value, NULL); @@ -2942,7 +3008,7 @@ diff -Nur openssh-9.6p1.orig/binn.c openssh-9.6p1/binn.c + return value; +} + -+void * APIENTRY binn_map_blob(void *map, int id, int *psize) { ++void * APIENTRY binn_map_blob(const void *map, int id, int *psize) { + void *value; + + binn_map_get(map, id, BINN_BLOB, &value, psize); @@ -2950,7 +3016,7 @@ diff -Nur openssh-9.6p1.orig/binn.c openssh-9.6p1/binn.c + return value; +} + -+void * APIENTRY binn_map_list(void *map, int id) { ++void * APIENTRY binn_map_list(const void *map, int id) { + void *value; + + binn_map_get(map, id, BINN_LIST, &value, NULL); @@ -2958,7 +3024,7 @@ diff -Nur openssh-9.6p1.orig/binn.c openssh-9.6p1/binn.c + return value; +} + -+void * APIENTRY binn_map_map(void *map, int id) { ++void * APIENTRY binn_map_map(const void *map, int id) { + void *value; + + binn_map_get(map, id, BINN_MAP, &value, NULL); @@ -2966,7 +3032,7 @@ diff -Nur openssh-9.6p1.orig/binn.c openssh-9.6p1/binn.c + return value; +} + -+void * APIENTRY binn_map_object(void *map, int id) { ++void * APIENTRY binn_map_object(const void *map, int id) { + void *value; + + binn_map_get(map, id, BINN_OBJECT, &value, NULL); @@ -2976,7 +3042,7 @@ diff -Nur openssh-9.6p1.orig/binn.c openssh-9.6p1/binn.c + +/***************************************************************************/ + -+signed char APIENTRY binn_object_int8(void *obj, const char *key) { ++signed char APIENTRY binn_object_int8(const void *obj, const char *key) { + signed char value; + + binn_object_get(obj, key, BINN_INT8, &value, NULL); @@ -2984,7 +3050,7 @@ diff -Nur openssh-9.6p1.orig/binn.c openssh-9.6p1/binn.c + return value; +} + -+short APIENTRY binn_object_int16(void *obj, const char *key) { ++short APIENTRY binn_object_int16(const void *obj, const char *key) { + short value; + + binn_object_get(obj, key, BINN_INT16, &value, NULL); @@ -2992,7 +3058,7 @@ diff -Nur openssh-9.6p1.orig/binn.c openssh-9.6p1/binn.c + return value; +} + -+int APIENTRY binn_object_int32(void *obj, const char *key) { ++int APIENTRY binn_object_int32(const void *obj, const char *key) { + int value; + + binn_object_get(obj, key, BINN_INT32, &value, NULL); @@ -3000,7 +3066,7 @@ diff -Nur openssh-9.6p1.orig/binn.c openssh-9.6p1/binn.c + return value; +} + -+int64 APIENTRY binn_object_int64(void *obj, const char *key) { ++int64 APIENTRY binn_object_int64(const void *obj, const char *key) { + int64 value; + + binn_object_get(obj, key, BINN_INT64, &value, NULL); @@ -3008,7 +3074,7 @@ diff -Nur openssh-9.6p1.orig/binn.c openssh-9.6p1/binn.c + return value; +} + -+unsigned char APIENTRY binn_object_uint8(void *obj, const char *key) { ++unsigned char APIENTRY binn_object_uint8(const void *obj, const char *key) { + unsigned char value; + + binn_object_get(obj, key, BINN_UINT8, &value, NULL); @@ -3016,7 +3082,7 @@ diff -Nur openssh-9.6p1.orig/binn.c openssh-9.6p1/binn.c + return value; +} + -+unsigned short APIENTRY binn_object_uint16(void *obj, const char *key) { ++unsigned short APIENTRY binn_object_uint16(const void *obj, const char *key) { + unsigned short value; + + binn_object_get(obj, key, BINN_UINT16, &value, NULL); @@ -3024,7 +3090,7 @@ diff -Nur openssh-9.6p1.orig/binn.c openssh-9.6p1/binn.c + return value; +} + -+unsigned int APIENTRY binn_object_uint32(void *obj, const char *key) { ++unsigned int APIENTRY binn_object_uint32(const void *obj, const char *key) { + unsigned int value; + + binn_object_get(obj, key, BINN_UINT32, &value, NULL); @@ -3032,7 +3098,7 @@ diff -Nur openssh-9.6p1.orig/binn.c openssh-9.6p1/binn.c + return value; +} + -+uint64 APIENTRY binn_object_uint64(void *obj, const char *key) { ++uint64 APIENTRY binn_object_uint64(const void *obj, const char *key) { + uint64 value; + + binn_object_get(obj, key, BINN_UINT64, &value, NULL); @@ -3040,7 +3106,7 @@ diff -Nur openssh-9.6p1.orig/binn.c openssh-9.6p1/binn.c + return value; +} + -+float APIENTRY binn_object_float(void *obj, const char *key) { ++float APIENTRY binn_object_float(const void *obj, const char *key) { + float value; + + binn_object_get(obj, key, BINN_FLOAT32, &value, NULL); @@ -3048,7 +3114,7 @@ diff -Nur openssh-9.6p1.orig/binn.c openssh-9.6p1/binn.c + return value; +} + -+double APIENTRY binn_object_double(void *obj, const char *key) { ++double APIENTRY binn_object_double(const void *obj, const char *key) { + double value; + + binn_object_get(obj, key, BINN_FLOAT64, &value, NULL); @@ -3056,21 +3122,21 @@ diff -Nur openssh-9.6p1.orig/binn.c openssh-9.6p1/binn.c + return value; +} + -+BOOL APIENTRY binn_object_bool(void *obj, const char *key) { -+ BOOL value; ++BOOL APIENTRY binn_object_bool(const void *obj, const char *key) { ++ BOOL value = TRUE; + + binn_object_get(obj, key, BINN_BOOL, &value, NULL); + + return value; +} + -+BOOL APIENTRY binn_object_null(void *obj, const char *key) { ++BOOL APIENTRY binn_object_null(const void *obj, const char *key) { + + return binn_object_get(obj, key, BINN_NULL, NULL, NULL); + +} + -+char * APIENTRY binn_object_str(void *obj, const char *key) { ++char * APIENTRY binn_object_str(const void *obj, const char *key) { + char *value; + + binn_object_get(obj, key, BINN_STRING, &value, NULL); @@ -3078,7 +3144,7 @@ diff -Nur openssh-9.6p1.orig/binn.c openssh-9.6p1/binn.c + return value; +} + -+void * APIENTRY binn_object_blob(void *obj, const char *key, int *psize) { ++void * APIENTRY binn_object_blob(const void *obj, const char *key, int *psize) { + void *value; + + binn_object_get(obj, key, BINN_BLOB, &value, psize); @@ -3086,7 +3152,7 @@ diff -Nur openssh-9.6p1.orig/binn.c openssh-9.6p1/binn.c + return value; +} + -+void * APIENTRY binn_object_list(void *obj, const char *key) { ++void * APIENTRY binn_object_list(const void *obj, const char *key) { + void *value; + + binn_object_get(obj, key, BINN_LIST, &value, NULL); @@ -3094,7 +3160,7 @@ diff -Nur openssh-9.6p1.orig/binn.c openssh-9.6p1/binn.c + return value; +} + -+void * APIENTRY binn_object_map(void *obj, const char *key) { ++void * APIENTRY binn_object_map(const void *obj, const char *key) { + void *value; + + binn_object_get(obj, key, BINN_MAP, &value, NULL); @@ -3102,7 +3168,7 @@ diff -Nur openssh-9.6p1.orig/binn.c openssh-9.6p1/binn.c + return value; +} + -+void * APIENTRY binn_object_object(void *obj, const char *key) { ++void * APIENTRY binn_object_object(const void *obj, const char *key) { + void *value; + + binn_object_get(obj, key, BINN_OBJECT, &value, NULL); @@ -3120,7 +3186,7 @@ diff -Nur openssh-9.6p1.orig/binn.c openssh-9.6p1/binn.c + memset(item, 0, sizeof(binn)); + item->header = BINN_MAGIC; + item->allocated = TRUE; -+ /* item->writable = FALSE; -- already zeroed */ ++ //item->writable = FALSE; -- already zeroed + } + return item; +} @@ -3240,7 +3306,7 @@ diff -Nur openssh-9.6p1.orig/binn.c openssh-9.6p1/binn.c + retval = TRUE; + + for (; *p; p++) { -+ if ( (*p < '0') || (*p > '9') ) { ++ if ( (*p < '0' || *p > '9') ) { + retval = FALSE; + } + } @@ -3260,9 +3326,9 @@ diff -Nur openssh-9.6p1.orig/binn.c openssh-9.6p1/binn.c + retval = TRUE; + + for (; *p; p++) { -+ if ((*p == '.') || (*p == ',')) { ++ if (*p == '.' || *p == ',') { + if (!number_found) retval = FALSE; -+ } else if ( (*p >= '0') && (*p <= '9') ) { ++ } else if ( *p >= '0' && *p <= '9' ) { + number_found = TRUE; + } else { + return FALSE; @@ -3283,12 +3349,12 @@ diff -Nur openssh-9.6p1.orig/binn.c openssh-9.6p1/binn.c + if (stricmp(str, "true") == 0) goto loc_true; + if (stricmp(str, "yes") == 0) goto loc_true; + if (stricmp(str, "on") == 0) goto loc_true; -+ /* if (stricmp(str, "1") == 0) goto loc_true; */ ++ //if (stricmp(str, "1") == 0) goto loc_true; + + if (stricmp(str, "false") == 0) goto loc_false; + if (stricmp(str, "no") == 0) goto loc_false; + if (stricmp(str, "off") == 0) goto loc_false; -+ /* if (stricmp(str, "0") == 0) goto loc_false; */ ++ //if (stricmp(str, "0") == 0) goto loc_false; + + if (is_integer(str)) { + vint = atoi64(str); @@ -3312,27 +3378,6 @@ diff -Nur openssh-9.6p1.orig/binn.c openssh-9.6p1/binn.c + +} + -+/* these three functions are used to -+ * suppress warnings about implicit conversions -+ * in binn_get_int32 and binn_get_int64 -+ * CJR 2/9/2023 -+ */ -+ -+float -+binn_cvt_int2float (int value) { -+ return (float)value; -+} -+ -+float -+binn_cvt_long2float (long int value) { -+ return (float)value; -+} -+ -+float -+binn_cvt_long2dbl (long int value) { -+ return (long long int)value; -+} -+ +/*************************************************************************************/ + +BOOL APIENTRY binn_get_int32(binn *value, int *pint) { @@ -3345,11 +3390,11 @@ diff -Nur openssh-9.6p1.orig/binn.c openssh-9.6p1/binn.c + + switch (value->type) { + case BINN_FLOAT: -+ if ((value->vfloat < binn_cvt_int2float(INT32_MIN)) || (value->vfloat > binn_cvt_int2float(INT32_MAX))) return FALSE; ++ if (value->vfloat < (float)INT32_MIN || value->vfloat > (float)INT32_MAX) return FALSE; + *pint = roundval(value->vfloat); + break; + case BINN_DOUBLE: -+ if ((value->vdouble < INT32_MIN) || (value->vdouble > INT32_MAX)) return FALSE; ++ if (value->vdouble < (double)INT32_MIN || value->vdouble > (double)INT32_MAX) return FALSE; + *pint = roundval(value->vdouble); + break; + case BINN_STRING: @@ -3382,11 +3427,11 @@ diff -Nur openssh-9.6p1.orig/binn.c openssh-9.6p1/binn.c + + switch (value->type) { + case BINN_FLOAT: -+ if ((value->vfloat < binn_cvt_long2float(INT64_MIN)) || (value->vfloat > binn_cvt_long2float(INT64_MAX))) return FALSE; ++ if (value->vfloat < (float)INT64_MIN || value->vfloat > (float)INT64_MAX) return FALSE; + *pint = roundval(value->vfloat); + break; + case BINN_DOUBLE: -+ if ((value->vdouble < binn_cvt_long2dbl(INT64_MIN)) || (value->vdouble > binn_cvt_long2dbl(INT64_MAX))) return FALSE; ++ if (value->vdouble < (double)INT64_MIN || value->vdouble > (double)INT64_MAX) return FALSE; + *pint = roundval(value->vdouble); + break; + case BINN_STRING: @@ -3512,7 +3557,7 @@ diff -Nur openssh-9.6p1.orig/binn.c openssh-9.6p1/binn.c + +loc_convert_value: + -+ /* value->vint64 = 0; */ ++ //value->vint64 = 0; + value->ptr = strdup(buf); + if (value->ptr == NULL) return NULL; + value->freefn = free; @@ -3541,20 +3586,19 @@ diff -Nur openssh-9.6p1.orig/binn.c openssh-9.6p1/binn.c +} + +/*************************************************************************************/ -diff -Nur openssh-9.6p1.orig/binn.h openssh-9.6p1/binn.h ---- openssh-9.6p1.orig/binn.h 1970-01-01 01:00:00.000000000 +0100 -+++ openssh-9.6p1/binn.h 2024-07-10 13:34:02.708358559 +0200 -@@ -0,0 +1,944 @@ +diff -Nur openssh-9.8p1.orig/binn.h openssh-9.8p1/binn.h +--- openssh-9.8p1.orig/binn.h 1970-01-01 01:00:00.000000000 +0100 ++++ openssh-9.8p1/binn.h 2024-09-30 16:03:39.145245244 +0200 +@@ -0,0 +1,945 @@ + -+/* TO ENABLE INLINE FUNCTIONS: */ -+/* ON MSVC: enable the 'Inline Function Expansion' (/Ob2) compiler option, and maybe the */ -+/* 'Whole Program Optimitazion' (/GL), that requires the */ -+/* 'Link Time Code Generation' (/LTCG) linker option to be enabled too */ ++// TO ENABLE INLINE FUNCTIONS: ++// ON MSVC: enable the 'Inline Function Expansion' (/Ob2) compiler option, and maybe the ++// 'Whole Program Optimitazion' (/GL), that requires the ++// 'Link Time Code Generation' (/LTCG) linker option to be enabled too + +#ifndef BINN_H +#define BINN_H -+#include -+#include "config.h" ++ +#ifdef __cplusplus +extern "C" { +#endif @@ -3585,7 +3629,7 @@ diff -Nur openssh-9.6p1.orig/binn.h openssh-9.6p1/binn.h + #ifdef _WIN32 + #define APIENTRY __stdcall + #else -+ /* #define APIENTRY __attribute__((stdcall)) */ ++ //#define APIENTRY __attribute__((stdcall)) + #define APIENTRY + #endif +#endif @@ -3602,7 +3646,7 @@ diff -Nur openssh-9.6p1.orig/binn.h openssh-9.6p1/binn.h + #define INLINE __inline + #define ALWAYS_INLINE __forceinline +#else -+ /* you can change to 'extern inline' if using the gcc option -flto */ ++ // you can change to 'extern inline' if using the gcc option -flto + #define INLINE static inline + #define ALWAYS_INLINE static inline __attribute__((always_inline)) +#endif @@ -3628,18 +3672,18 @@ diff -Nur openssh-9.6p1.orig/binn.h openssh-9.6p1/binn.h +#endif + + -+/* BINN CONSTANTS ---------------------------------------- */ ++// BINN CONSTANTS ---------------------------------------- + +#define INVALID_BINN 0 + -+/* Storage Data Types ------------------------------------ */ ++// Storage Data Types ------------------------------------ + +#define BINN_STORAGE_NOBYTES 0x00 -+#define BINN_STORAGE_BYTE 0x20 /* 8 bits */ -+#define BINN_STORAGE_WORD 0x40 /* 16 bits -- the endianess (byte order) is automatically corrected */ -+#define BINN_STORAGE_DWORD 0x60 /* 32 bits -- the endianess (byte order) is automatically corrected */ -+#define BINN_STORAGE_QWORD 0x80 /* 64 bits -- the endianess (byte order) is automatically corrected */ -+#define BINN_STORAGE_STRING 0xA0 /* Are stored with null termination */ ++#define BINN_STORAGE_BYTE 0x20 // 8 bits ++#define BINN_STORAGE_WORD 0x40 // 16 bits -- the endianess (byte order) is automatically corrected ++#define BINN_STORAGE_DWORD 0x60 // 32 bits -- the endianess (byte order) is automatically corrected ++#define BINN_STORAGE_QWORD 0x80 // 64 bits -- the endianess (byte order) is automatically corrected ++#define BINN_STORAGE_STRING 0xA0 // Are stored with null termination +#define BINN_STORAGE_BLOB 0xC0 +#define BINN_STORAGE_CONTAINER 0xE0 +#define BINN_STORAGE_VIRTUAL 0x80000 @@ -3656,7 +3700,7 @@ diff -Nur openssh-9.6p1.orig/binn.h openssh-9.6p1/binn.h +#define BINN_MAX_VALUE_MASK 0xFFFFF + + -+/* Data Formats ------------------------------------------ */ ++// Data Formats ------------------------------------------ + +#define BINN_LIST 0xE0 +#define BINN_MAP 0xE1 @@ -3666,54 +3710,54 @@ diff -Nur openssh-9.6p1.orig/binn.h openssh-9.6p1/binn.h +#define BINN_TRUE 0x01 +#define BINN_FALSE 0x02 + -+#define BINN_UINT8 0x20 /* (BYTE) (unsigned byte) Is the default format for the BYTE type */ -+#define BINN_INT8 0x21 /* (BYTE) (signed byte, from -128 to +127. The 0x80 is the sign bit, so the range in hex is from 0x80 [-128] to 0x7F [127], being 0x00 = 0 and 0xFF = -1) */ -+#define BINN_UINT16 0x40 /* (WORD) (unsigned integer) Is the default format for the WORD type */ -+#define BINN_INT16 0x41 /* (WORD) (signed integer) */ -+#define BINN_UINT32 0x60 /* (DWORD) (unsigned integer) Is the default format for the DWORD type */ -+#define BINN_INT32 0x61 /* (DWORD) (signed integer) */ -+#define BINN_UINT64 0x80 /* (QWORD) (unsigned integer) Is the default format for the QWORD type */ -+#define BINN_INT64 0x81 /* (QWORD) (signed integer) */ ++#define BINN_UINT8 0x20 // (BYTE) (unsigned byte) Is the default format for the BYTE type ++#define BINN_INT8 0x21 // (BYTE) (signed byte, from -128 to +127. The 0x80 is the sign bit, so the range in hex is from 0x80 [-128] to 0x7F [127], being 0x00 = 0 and 0xFF = -1) ++#define BINN_UINT16 0x40 // (WORD) (unsigned integer) Is the default format for the WORD type ++#define BINN_INT16 0x41 // (WORD) (signed integer) ++#define BINN_UINT32 0x60 // (DWORD) (unsigned integer) Is the default format for the DWORD type ++#define BINN_INT32 0x61 // (DWORD) (signed integer) ++#define BINN_UINT64 0x80 // (QWORD) (unsigned integer) Is the default format for the QWORD type ++#define BINN_INT64 0x81 // (QWORD) (signed integer) + +#define BINN_SCHAR BINN_INT8 +#define BINN_UCHAR BINN_UINT8 + -+#define BINN_STRING 0xA0 /* (STRING) Raw String */ -+#define BINN_DATETIME 0xA1 /* (STRING) iso8601 format -- YYYY-MM-DD HH:MM:SS */ -+#define BINN_DATE 0xA2 /* (STRING) iso8601 format -- YYYY-MM-DD */ -+#define BINN_TIME 0xA3 /* (STRING) iso8601 format -- HH:MM:SS */ -+#define BINN_DECIMAL 0xA4 /* (STRING) High precision number - used for generic decimal values and for those ones that cannot be represented in the float64 format. */ -+#define BINN_CURRENCYSTR 0xA5 /* (STRING) With currency unit/symbol - check for some iso standard format */ -+#define BINN_SINGLE_STR 0xA6 /* (STRING) Can be restored to float32 */ -+#define BINN_DOUBLE_STR 0xA7 /* (STRING) May be restored to float64 */ ++#define BINN_STRING 0xA0 // (STRING) Raw String ++#define BINN_DATETIME 0xA1 // (STRING) iso8601 format -- YYYY-MM-DD HH:MM:SS ++#define BINN_DATE 0xA2 // (STRING) iso8601 format -- YYYY-MM-DD ++#define BINN_TIME 0xA3 // (STRING) iso8601 format -- HH:MM:SS ++#define BINN_DECIMAL 0xA4 // (STRING) High precision number - used for generic decimal values and for those ones that cannot be represented in the float64 format. ++#define BINN_CURRENCYSTR 0xA5 // (STRING) With currency unit/symbol - check for some iso standard format ++#define BINN_SINGLE_STR 0xA6 // (STRING) Can be restored to float32 ++#define BINN_DOUBLE_STR 0xA7 // (STRING) May be restored to float64 + -+#define BINN_FLOAT32 0x62 /* (DWORD) */ -+#define BINN_FLOAT64 0x82 /* (QWORD) */ ++#define BINN_FLOAT32 0x62 // (DWORD) ++#define BINN_FLOAT64 0x82 // (QWORD) +#define BINN_FLOAT BINN_FLOAT32 +#define BINN_SINGLE BINN_FLOAT32 +#define BINN_DOUBLE BINN_FLOAT64 + -+#define BINN_CURRENCY 0x83 /* (QWORD) */ ++#define BINN_CURRENCY 0x83 // (QWORD) + -+#define BINN_BLOB 0xC0 /* (BLOB) Raw Blob */ ++#define BINN_BLOB 0xC0 // (BLOB) Raw Blob + + -+/* virtual types: */ ++// virtual types: + -+#define BINN_BOOL 0x80061 /* (DWORD) The value may be 0 or 1 */ ++#define BINN_BOOL 0x80061 // (DWORD) The value may be 0 or 1 + +#ifdef BINN_EXTENDED -+/* #define BINN_SINGLE 0x800A1 // (STRING) Can be restored to float32 */ -+/* #define BINN_DOUBLE 0x800A2 // (STRING) May be restored to float64 */ ++//#define BINN_SINGLE 0x800A1 // (STRING) Can be restored to float32 ++//#define BINN_DOUBLE 0x800A2 // (STRING) May be restored to float64 +#endif + -+/* #define BINN_BINN 0x800E1 // (CONTAINER) */ -+/* #define BINN_BINN_BUFFER 0x800C1 // (BLOB) user binn. it's not open by the parser */ ++//#define BINN_BINN 0x800E1 // (CONTAINER) ++//#define BINN_BINN_BUFFER 0x800C1 // (BLOB) user binn. it's not open by the parser + + -+/* extended content types: */ ++// extended content types: + -+/* strings: */ ++// strings: + +#define BINN_HTML 0xB001 +#define BINN_XML 0xB002 @@ -3721,7 +3765,7 @@ diff -Nur openssh-9.6p1.orig/binn.h openssh-9.6p1/binn.h +#define BINN_JAVASCRIPT 0xB004 +#define BINN_CSS 0xB005 + -+/* blobs: */ ++// blobs: + +#define BINN_JPEG 0xD001 +#define BINN_GIF 0xD002 @@ -3729,7 +3773,7 @@ diff -Nur openssh-9.6p1.orig/binn.h openssh-9.6p1/binn.h +#define BINN_BMP 0xD004 + + -+/* type families */ ++// type families +#define BINN_FAMILY_NONE 0x00 +#define BINN_FAMILY_NULL 0xf1 +#define BINN_FAMILY_INT 0xf2 @@ -3739,7 +3783,7 @@ diff -Nur openssh-9.6p1.orig/binn.h openssh-9.6p1/binn.h +#define BINN_FAMILY_BOOL 0xf6 +#define BINN_FAMILY_BINN 0xf7 + -+/* integer types related to signal */ ++// integer types related to signal +#define BINN_SIGNED_INT 11 +#define BINN_UNSIGNED_INT 22 + @@ -3749,27 +3793,27 @@ diff -Nur openssh-9.6p1.orig/binn.h openssh-9.6p1/binn.h +#define BINN_TRANSIENT ((binn_mem_free)-1) + + -+/* --- BINN STRUCTURE -------------------------------------------------------------- */ ++// --- BINN STRUCTURE -------------------------------------------------------------- + + +struct binn_struct { -+ int header; /* this struct header holds the magic number (BINN_MAGIC) that identifies this memory block as a binn structure */ -+ BOOL allocated; /* the struct can be allocated using malloc_fn() or can be on the stack */ -+ BOOL writable; /* did it was create for writing? it can use the pbuf if not unified with ptr */ -+ BOOL dirty; /* the container header is not written to the buffer */ -+ /* */ -+ void *pbuf; /* use *ptr below? */ ++ int header; // this struct header holds the magic number (BINN_MAGIC) that identifies this memory block as a binn structure ++ BOOL allocated; // the struct can be allocated using malloc_fn() or can be on the stack ++ BOOL writable; // did it was create for writing? it can use the pbuf if not unified with ptr ++ BOOL dirty; // the container header is not written to the buffer ++ // ++ void *pbuf; // use *ptr below? + BOOL pre_allocated; + int alloc_size; + int used_size; -+ /* */ ++ // + int type; + void *ptr; + int size; + int count; -+ /* */ -+ binn_mem_free freefn; /* used only when type == BINN_STRING or BINN_BLOB */ -+ /* */ ++ // ++ binn_mem_free freefn; // used only when type == BINN_STRING or BINN_BLOB ++ // + union { + signed char vint8; + signed short vint16; @@ -3779,20 +3823,20 @@ diff -Nur openssh-9.6p1.orig/binn.h openssh-9.6p1/binn.h + unsigned short vuint16; + unsigned int vuint32; + uint64 vuint64; -+ /* */ ++ // + signed char vchar; + unsigned char vuchar; + signed short vshort; + unsigned short vushort; + signed int vint; + unsigned int vuint; -+ /* */ ++ // + float vfloat; + double vdouble; -+ /* */ ++ // + BOOL vbool; + }; -+ /* */ ++ // + BOOL disable_int_compression; +}; + @@ -3800,7 +3844,7 @@ diff -Nur openssh-9.6p1.orig/binn.h openssh-9.6p1/binn.h + + + -+/* --- GENERAL FUNCTIONS ---------------------------------------------------------- */ ++// --- GENERAL FUNCTIONS ---------------------------------------------------------- + +char * APIENTRY binn_version(); + @@ -3815,22 +3859,22 @@ diff -Nur openssh-9.6p1.orig/binn.h openssh-9.6p1/binn.h +BOOL APIENTRY binn_is_container(binn *item); + + -+/* --- WRITE FUNCTIONS ------------------------------------------------------------ */ ++// --- WRITE FUNCTIONS ------------------------------------------------------------ + -+/* create a new binn allocating memory for the structure */ ++// create a new binn allocating memory for the structure +binn * APIENTRY binn_new(int type, int size, void *buffer); +binn * APIENTRY binn_list(); +binn * APIENTRY binn_map(); +binn * APIENTRY binn_object(); + -+/* create a new binn storing the structure on the stack */ ++// create a new binn storing the structure on the stack +BOOL APIENTRY binn_create(binn *item, int type, int size, void *buffer); +BOOL APIENTRY binn_create_list(binn *list); +BOOL APIENTRY binn_create_map(binn *map); +BOOL APIENTRY binn_create_object(binn *object); + -+/* create a new binn as a copy from another */ -+binn * APIENTRY binn_copy(void *old); ++// create a new binn as a copy from another ++binn * APIENTRY binn_copy(const void *old); + + +BOOL APIENTRY binn_list_add_new(binn *list, binn *value); @@ -3838,20 +3882,20 @@ diff -Nur openssh-9.6p1.orig/binn.h openssh-9.6p1/binn.h +BOOL APIENTRY binn_object_set_new(binn *obj, const char *key, binn *value); + + -+/* extended interface */ ++// extended interface + +BOOL APIENTRY binn_list_add(binn *list, int type, void *pvalue, int size); +BOOL APIENTRY binn_map_set(binn *map, int id, int type, void *pvalue, int size); +BOOL APIENTRY binn_object_set(binn *obj, const char *key, int type, void *pvalue, int size); + + -+/* release memory */ ++// release memory + +void APIENTRY binn_free(binn *item); -+void * APIENTRY binn_release(binn *item); /* free the binn structure but keeps the binn buffer allocated, returning a pointer to it. use the free function to release the buffer later */ ++void * APIENTRY binn_release(binn *item); // free the binn structure but keeps the binn buffer allocated, returning a pointer to it. use the free function to release the buffer later + + -+/* --- CREATING VALUES --------------------------------------------------- */ ++// --- CREATING VALUES --------------------------------------------------- + +binn * APIENTRY binn_value(int type, void *pvalue, int size, binn_mem_free freefn); + @@ -3899,22 +3943,22 @@ diff -Nur openssh-9.6p1.orig/binn.h openssh-9.6p1/binn.h +} + + -+/* --- READ FUNCTIONS ------------------------------------------------------------- */ ++// --- READ FUNCTIONS ------------------------------------------------------------- + -+/* these functions accept pointer to the binn structure and pointer to the binn buffer */ -+void * APIENTRY binn_ptr(void *ptr); -+int APIENTRY binn_size(void *ptr); -+int APIENTRY binn_type(void *ptr); -+int APIENTRY binn_count(void *ptr); ++// these functions accept pointer to the binn structure and pointer to the binn buffer ++void * APIENTRY binn_ptr(const void *ptr); ++int APIENTRY binn_size(const void *ptr); ++int APIENTRY binn_type(const void *ptr); ++int APIENTRY binn_count(const void *ptr); + -+BOOL APIENTRY binn_is_valid(void *ptr, int *ptype, int *pcount, int *psize); ++BOOL APIENTRY binn_is_valid(const void *ptr, int *ptype, int *pcount, int *psize); +/* the function returns the values (type, count and size) and they don't need to be + initialized. these values are read from the buffer. example: + + int type, count, size; + result = binn_is_valid(ptr, &type, &count, &size); +*/ -+BOOL APIENTRY binn_is_valid_ex(void *ptr, int *ptype, int *pcount, int *psize); ++BOOL APIENTRY binn_is_valid_ex(const void *ptr, int *ptype, int *pcount, int *psize); +/* if some value is informed (type, count or size) then the function will check if + the value returned from the serialized data matches the informed value. otherwise + the values must be initialized to zero. example: @@ -3923,117 +3967,119 @@ diff -Nur openssh-9.6p1.orig/binn.h openssh-9.6p1/binn.h + result = binn_is_valid_ex(ptr, &type, &count, &size); +*/ + -+BOOL APIENTRY binn_is_struct(void *ptr); ++BOOL APIENTRY binn_is_struct(const void *ptr); + + -+/* Loading a binn buffer into a binn value - this is optional */ ++// Loading a binn buffer into a binn value - this is optional + -+BOOL APIENTRY binn_load(void *data, binn *item); /* on stack */ -+binn * APIENTRY binn_open(void *data); /* allocated */ ++binn * APIENTRY binn_open(const void *data); // allocated - unsecure ++binn * APIENTRY binn_open_ex(const void *data, int size); // allocated - secure ++BOOL APIENTRY binn_load(const void *data, binn *item); // on stack - unsecure ++BOOL APIENTRY binn_load_ex(const void *data, int size, binn *value); // secure + + -+/* easiest interface to use, but don't check if the value is there */ ++// easiest interface to use, but don't check if the value is there + -+signed char APIENTRY binn_list_int8(void *list, int pos); -+short APIENTRY binn_list_int16(void *list, int pos); -+int APIENTRY binn_list_int32(void *list, int pos); -+int64 APIENTRY binn_list_int64(void *list, int pos); -+unsigned char APIENTRY binn_list_uint8(void *list, int pos); -+unsigned short APIENTRY binn_list_uint16(void *list, int pos); -+unsigned int APIENTRY binn_list_uint32(void *list, int pos); -+uint64 APIENTRY binn_list_uint64(void *list, int pos); -+float APIENTRY binn_list_float(void *list, int pos); -+double APIENTRY binn_list_double(void *list, int pos); -+BOOL APIENTRY binn_list_bool(void *list, int pos); -+BOOL APIENTRY binn_list_null(void *list, int pos); -+char * APIENTRY binn_list_str(void *list, int pos); -+void * APIENTRY binn_list_blob(void *list, int pos, int *psize); -+void * APIENTRY binn_list_list(void *list, int pos); -+void * APIENTRY binn_list_map(void *list, int pos); -+void * APIENTRY binn_list_object(void *list, int pos); ++signed char APIENTRY binn_list_int8(const void *list, int pos); ++short APIENTRY binn_list_int16(const void *list, int pos); ++int APIENTRY binn_list_int32(const void *list, int pos); ++int64 APIENTRY binn_list_int64(const void *list, int pos); ++unsigned char APIENTRY binn_list_uint8(const void *list, int pos); ++unsigned short APIENTRY binn_list_uint16(const void *list, int pos); ++unsigned int APIENTRY binn_list_uint32(const void *list, int pos); ++uint64 APIENTRY binn_list_uint64(const void *list, int pos); ++float APIENTRY binn_list_float(const void *list, int pos); ++double APIENTRY binn_list_double(const void *list, int pos); ++BOOL APIENTRY binn_list_bool(const void *list, int pos); ++BOOL APIENTRY binn_list_null(const void *list, int pos); ++char * APIENTRY binn_list_str(const void *list, int pos); ++void * APIENTRY binn_list_blob(const void *list, int pos, int *psize); ++void * APIENTRY binn_list_list(const void *list, int pos); ++void * APIENTRY binn_list_map(const void *list, int pos); ++void * APIENTRY binn_list_object(const void *list, int pos); + -+signed char APIENTRY binn_map_int8(void *map, int id); -+short APIENTRY binn_map_int16(void *map, int id); -+int APIENTRY binn_map_int32(void *map, int id); -+int64 APIENTRY binn_map_int64(void *map, int id); -+unsigned char APIENTRY binn_map_uint8(void *map, int id); -+unsigned short APIENTRY binn_map_uint16(void *map, int id); -+unsigned int APIENTRY binn_map_uint32(void *map, int id); -+uint64 APIENTRY binn_map_uint64(void *map, int id); -+float APIENTRY binn_map_float(void *map, int id); -+double APIENTRY binn_map_double(void *map, int id); -+BOOL APIENTRY binn_map_bool(void *map, int id); -+BOOL APIENTRY binn_map_null(void *map, int id); -+char * APIENTRY binn_map_str(void *map, int id); -+void * APIENTRY binn_map_blob(void *map, int id, int *psize); -+void * APIENTRY binn_map_list(void *map, int id); -+void * APIENTRY binn_map_map(void *map, int id); -+void * APIENTRY binn_map_object(void *map, int id); ++signed char APIENTRY binn_map_int8(const void *map, int id); ++short APIENTRY binn_map_int16(const void *map, int id); ++int APIENTRY binn_map_int32(const void *map, int id); ++int64 APIENTRY binn_map_int64(const void *map, int id); ++unsigned char APIENTRY binn_map_uint8(const void *map, int id); ++unsigned short APIENTRY binn_map_uint16(const void *map, int id); ++unsigned int APIENTRY binn_map_uint32(const void *map, int id); ++uint64 APIENTRY binn_map_uint64(const void *map, int id); ++float APIENTRY binn_map_float(const void *map, int id); ++double APIENTRY binn_map_double(const void *map, int id); ++BOOL APIENTRY binn_map_bool(const void *map, int id); ++BOOL APIENTRY binn_map_null(const void *map, int id); ++char * APIENTRY binn_map_str(const void *map, int id); ++void * APIENTRY binn_map_blob(const void *map, int id, int *psize); ++void * APIENTRY binn_map_list(const void *map, int id); ++void * APIENTRY binn_map_map(const void *map, int id); ++void * APIENTRY binn_map_object(const void *map, int id); + -+signed char APIENTRY binn_object_int8(void *obj, const char *key); -+short APIENTRY binn_object_int16(void *obj, const char *key); -+int APIENTRY binn_object_int32(void *obj, const char *key); -+int64 APIENTRY binn_object_int64(void *obj, const char *key); -+unsigned char APIENTRY binn_object_uint8(void *obj, const char *key); -+unsigned short APIENTRY binn_object_uint16(void *obj, const char *key); -+unsigned int APIENTRY binn_object_uint32(void *obj, const char *key); -+uint64 APIENTRY binn_object_uint64(void *obj, const char *key); -+float APIENTRY binn_object_float(void *obj, const char *key); -+double APIENTRY binn_object_double(void *obj, const char *key); -+BOOL APIENTRY binn_object_bool(void *obj, const char *key); -+BOOL APIENTRY binn_object_null(void *obj, const char *key); -+char * APIENTRY binn_object_str(void *obj, const char *key); -+void * APIENTRY binn_object_blob(void *obj, const char *key, int *psize); -+void * APIENTRY binn_object_list(void *obj, const char *key); -+void * APIENTRY binn_object_map(void *obj, const char *key); -+void * APIENTRY binn_object_object(void *obj, const char *key); ++signed char APIENTRY binn_object_int8(const void *obj, const char *key); ++short APIENTRY binn_object_int16(const void *obj, const char *key); ++int APIENTRY binn_object_int32(const void *obj, const char *key); ++int64 APIENTRY binn_object_int64(const void *obj, const char *key); ++unsigned char APIENTRY binn_object_uint8(const void *obj, const char *key); ++unsigned short APIENTRY binn_object_uint16(const void *obj, const char *key); ++unsigned int APIENTRY binn_object_uint32(const void *obj, const char *key); ++uint64 APIENTRY binn_object_uint64(const void *obj, const char *key); ++float APIENTRY binn_object_float(const void *obj, const char *key); ++double APIENTRY binn_object_double(const void *obj, const char *key); ++BOOL APIENTRY binn_object_bool(const void *obj, const char *key); ++BOOL APIENTRY binn_object_null(const void *obj, const char *key); ++char * APIENTRY binn_object_str(const void *obj, const char *key); ++void * APIENTRY binn_object_blob(const void *obj, const char *key, int *psize); ++void * APIENTRY binn_object_list(const void *obj, const char *key); ++void * APIENTRY binn_object_map(const void *obj, const char *key); ++void * APIENTRY binn_object_object(const void *obj, const char *key); + + -+/* return a pointer to an allocated binn structure - must be released with the free() function or equivalent set in binn_set_alloc_functions() */ -+binn * APIENTRY binn_list_value(void *list, int pos); -+binn * APIENTRY binn_map_value(void *map, int id); -+binn * APIENTRY binn_object_value(void *obj, const char *key); ++// return a pointer to an allocated binn structure - must be released with the free() function or equivalent set in binn_set_alloc_functions() ++binn * APIENTRY binn_list_value(const void *list, int pos); ++binn * APIENTRY binn_map_value(const void *map, int id); ++binn * APIENTRY binn_object_value(const void *obj, const char *key); + -+/* read the value to a binn structure on the stack */ -+BOOL APIENTRY binn_list_get_value(void* list, int pos, binn *value); -+BOOL APIENTRY binn_map_get_value(void* map, int id, binn *value); -+BOOL APIENTRY binn_object_get_value(void *obj, const char *key, binn *value); ++// read the value to a binn structure on the stack ++BOOL APIENTRY binn_list_get_value(const void *list, int pos, binn *value); ++BOOL APIENTRY binn_map_get_value(const void *map, int id, binn *value); ++BOOL APIENTRY binn_object_get_value(const void *obj, const char *key, binn *value); + -+/* single interface - these functions check the data type */ -+BOOL APIENTRY binn_list_get(void *list, int pos, int type, void *pvalue, int *psize); -+BOOL APIENTRY binn_map_get(void *map, int id, int type, void *pvalue, int *psize); -+BOOL APIENTRY binn_object_get(void *obj, const char *key, int type, void *pvalue, int *psize); ++// single interface - these functions check the data type ++BOOL APIENTRY binn_list_get(const void *list, int pos, int type, void *pvalue, int *psize); ++BOOL APIENTRY binn_map_get(const void *map, int id, int type, void *pvalue, int *psize); ++BOOL APIENTRY binn_object_get(const void *obj, const char *key, int type, void *pvalue, int *psize); + -+/* these 3 functions return a pointer to the value and the data type */ -+/* they are thread-safe on big-endian devices */ -+/* on little-endian devices they are thread-safe only to return pointers to list, map, object, blob and strings */ -+/* the returned pointer to 16, 32 and 64 bits values must be used only by single-threaded applications */ -+void * APIENTRY binn_list_read(void *list, int pos, int *ptype, int *psize); -+void * APIENTRY binn_map_read(void *map, int id, int *ptype, int *psize); -+void * APIENTRY binn_object_read(void *obj, const char *key, int *ptype, int *psize); ++// these 3 functions return a pointer to the value and the data type ++// they are thread-safe on big-endian devices ++// on little-endian devices they are thread-safe only to return pointers to list, map, object, blob and strings ++// the returned pointer to 16, 32 and 64 bits values must be used only by single-threaded applications ++void * APIENTRY binn_list_read(const void *list, int pos, int *ptype, int *psize); ++void * APIENTRY binn_map_read(const void *map, int id, int *ptype, int *psize); ++void * APIENTRY binn_object_read(const void *obj, const char *key, int *ptype, int *psize); + + -+/* READ PAIR FUNCTIONS */ ++// READ PAIR FUNCTIONS + -+/* these functions use base 1 in the 'pos' argument */ ++// these functions use base 1 in the 'pos' argument + -+/* on stack */ -+BOOL APIENTRY binn_map_get_pair(void *map, int pos, int *pid, binn *value); -+BOOL APIENTRY binn_object_get_pair(void *obj, int pos, char *pkey, binn *value); /* must free the memory returned in the pkey */ ++// on stack ++BOOL APIENTRY binn_map_get_pair(const void *map, int pos, int *pid, binn *value); ++BOOL APIENTRY binn_object_get_pair(const void *obj, int pos, char *pkey, binn *value); // the key must be declared as: char key[256]; + -+/* allocated */ -+binn * APIENTRY binn_map_pair(void *map, int pos, int *pid); -+binn * APIENTRY binn_object_pair(void *obj, int pos, char *pkey); /* must free the memory returned in the pkey */ ++// allocated ++binn * APIENTRY binn_map_pair(const void *map, int pos, int *pid); ++binn * APIENTRY binn_object_pair(const void *obj, int pos, char *pkey); // the key must be declared as: char key[256]; + -+/* these 2 functions return a pointer to the value and the data type */ -+/* they are thread-safe on big-endian devices */ -+/* on little-endian devices they are thread-safe only to return pointers to list, map, object, blob and strings */ -+/* the returned pointer to 16, 32 and 64 bits values must be used only by single-threaded applications */ -+void * APIENTRY binn_map_read_pair(void *ptr, int pos, int *pid, int *ptype, int *psize); -+void * APIENTRY binn_object_read_pair(void *ptr, int pos, char *pkey, int *ptype, int *psize); ++// these 2 functions return a pointer to the value and the data type ++// they are thread-safe on big-endian devices ++// on little-endian devices they are thread-safe only to return pointers to list, map, object, blob and strings ++// the returned pointer to 16, 32 and 64 bits values must be used only by single-threaded applications ++void * APIENTRY binn_map_read_pair(const void *ptr, int pos, int *pid, int *ptype, int *psize); ++void * APIENTRY binn_object_read_pair(const void *ptr, int pos, char *pkey, int *ptype, int *psize); + + -+/* SEQUENTIAL READ FUNCTIONS */ ++// SEQUENTIAL READ FUNCTIONS + +typedef struct binn_iter_struct { + unsigned char *pnext; @@ -4043,34 +4089,34 @@ diff -Nur openssh-9.6p1.orig/binn.h openssh-9.6p1/binn.h + int current; +} binn_iter; + -+BOOL APIENTRY binn_iter_init(binn_iter *iter, void *pbuf, int type); ++BOOL APIENTRY binn_iter_init(binn_iter *iter, const void *pbuf, int type); + -+/* allocated */ ++// allocated +binn * APIENTRY binn_list_next_value(binn_iter *iter); +binn * APIENTRY binn_map_next_value(binn_iter *iter, int *pid); -+binn * APIENTRY binn_object_next_value(binn_iter *iter, char *pkey); /* the key must be declared as: char key[256]; */ ++binn * APIENTRY binn_object_next_value(binn_iter *iter, char *pkey); // the key must be declared as: char key[256]; + -+/* on stack */ ++// on stack +BOOL APIENTRY binn_list_next(binn_iter *iter, binn *value); +BOOL APIENTRY binn_map_next(binn_iter *iter, int *pid, binn *value); -+BOOL APIENTRY binn_object_next(binn_iter *iter, char *pkey, binn *value); /* the key must be declared as: char key[256]; */ ++BOOL APIENTRY binn_object_next(binn_iter *iter, char *pkey, binn *value); // the key must be declared as: char key[256]; + -+/* these 3 functions return a pointer to the value and the data type */ -+/* they are thread-safe on big-endian devices */ -+/* on little-endian devices they are thread-safe only to return pointers to list, map, object, blob and strings */ -+/* the returned pointer to 16, 32 and 64 bits values must be used only by single-threaded applications */ ++// these 3 functions return a pointer to the value and the data type ++// they are thread-safe on big-endian devices ++// on little-endian devices they are thread-safe only to return pointers to list, map, object, blob and strings ++// the returned pointer to 16, 32 and 64 bits values must be used only by single-threaded applications +void * APIENTRY binn_list_read_next(binn_iter *iter, int *ptype, int *psize); +void * APIENTRY binn_map_read_next(binn_iter *iter, int *pid, int *ptype, int *psize); -+void * APIENTRY binn_object_read_next(binn_iter *iter, char *pkey, int *ptype, int *psize); /* the key must be declared as: char key[256]; */ ++void * APIENTRY binn_object_read_next(binn_iter *iter, char *pkey, int *ptype, int *psize); // the key must be declared as: char key[256]; + + -+/* --- MACROS ------------------------------------------------------------ */ ++// --- MACROS ------------------------------------------------------------ + + +#define binn_is_writable(item) (item)->writable; + + -+/* set values on stack allocated binn structures */ ++// set values on stack allocated binn structures + +#define binn_set_null(item) do { (item)->type = BINN_NULL; } while (0) + @@ -4085,25 +4131,25 @@ diff -Nur openssh-9.6p1.orig/binn.h openssh-9.6p1/binn.h +#define binn_set_float(item,value) do { (item)->type = BINN_FLOAT; (item)->vfloat = value; (item)->ptr = &((item)->vfloat); } while (0) +#define binn_set_double(item,value) do { (item)->type = BINN_DOUBLE; (item)->vdouble = value; (item)->ptr = &((item)->vdouble); } while (0) + -+/* #define binn_set_string(item,str,pfree) do { (item)->type = BINN_STRING; (item)->ptr = str; (item)->freefn = pfree; } while (0) */ -+/* #define binn_set_blob(item,ptr,size,pfree) do { (item)->type = BINN_BLOB; (item)->ptr = ptr; (item)->freefn = pfree; (item)->size = size; } while (0) */ ++//#define binn_set_string(item,str,pfree) do { (item)->type = BINN_STRING; (item)->ptr = str; (item)->freefn = pfree; } while (0) ++//#define binn_set_blob(item,ptr,size,pfree) do { (item)->type = BINN_BLOB; (item)->ptr = ptr; (item)->freefn = pfree; (item)->size = size; } while (0) +BOOL APIENTRY binn_set_string(binn *item, char *str, binn_mem_free pfree); +BOOL APIENTRY binn_set_blob(binn *item, void *ptr, int size, binn_mem_free pfree); + + -+/* #define binn_double(value) { (item)->type = BINN_DOUBLE; (item)->vdouble = value; (item)->ptr = &((item)->vdouble) } */ ++//#define binn_double(value) { (item)->type = BINN_DOUBLE; (item)->vdouble = value; (item)->ptr = &((item)->vdouble) } + + + -+/* FOREACH MACROS */ -+/* -------------- */ -+/* */ -+/* We must use these declarations inside the functions that will use the macros: */ -+/* */ -+/* binn_iter iter; */ -+/* binn value; */ -+/* char key[256]; // only for objects */ -+/* int id; // only for maps */ ++// FOREACH MACROS ++// -------------- ++// ++// We must use these declarations inside the functions that will use the macros: ++// ++// binn_iter iter; ++// binn value; ++// char key[256]; // only for objects ++// int id; // only for maps + +#define binn_object_foreach(object, key, value) \ + binn_iter_init(&iter, object, BINN_OBJECT); \ @@ -4117,11 +4163,11 @@ diff -Nur openssh-9.6p1.orig/binn.h openssh-9.6p1/binn.h + binn_iter_init(&iter, list, BINN_LIST); \ + while (binn_list_next(&iter, &value)) + -+/* If you need nested foreach loops, use the macros below for the nested loop */ -+/* Also we need to add an additional declaration on the function to hold the iterator */ -+/* We can add in the same line as the first iterator: */ -+/* */ -+/* binn_iter iter, iter2; */ ++// If you need nested foreach loops, use the macros below for the nested loop ++// Also we need to add an additional declaration on the function to hold the iterator ++// We can add in the same line as the first iterator: ++// ++// binn_iter iter, iter2; + +#define binn_object_foreach2(object, key, value) \ + binn_iter_init(&iter2, object, BINN_OBJECT); \ @@ -4313,157 +4359,157 @@ diff -Nur openssh-9.6p1.orig/binn.h openssh-9.6p1/binn.h +/*** GET FUNCTIONS *******************************************************************/ +/*************************************************************************************/ + -+ALWAYS_INLINE BOOL binn_list_get_int8(void *list, int pos, signed char *pvalue) { ++ALWAYS_INLINE BOOL binn_list_get_int8(const void *list, int pos, signed char *pvalue) { + return binn_list_get(list, pos, BINN_INT8, pvalue, NULL); +} -+ALWAYS_INLINE BOOL binn_list_get_int16(void *list, int pos, short *pvalue) { ++ALWAYS_INLINE BOOL binn_list_get_int16(const void *list, int pos, short *pvalue) { + return binn_list_get(list, pos, BINN_INT16, pvalue, NULL); +} -+ALWAYS_INLINE BOOL binn_list_get_int32(void *list, int pos, int *pvalue) { ++ALWAYS_INLINE BOOL binn_list_get_int32(const void *list, int pos, int *pvalue) { + return binn_list_get(list, pos, BINN_INT32, pvalue, NULL); +} -+ALWAYS_INLINE BOOL binn_list_get_int64(void *list, int pos, int64 *pvalue) { ++ALWAYS_INLINE BOOL binn_list_get_int64(const void *list, int pos, int64 *pvalue) { + return binn_list_get(list, pos, BINN_INT64, pvalue, NULL); +} -+ALWAYS_INLINE BOOL binn_list_get_uint8(void *list, int pos, unsigned char *pvalue) { ++ALWAYS_INLINE BOOL binn_list_get_uint8(const void *list, int pos, unsigned char *pvalue) { + return binn_list_get(list, pos, BINN_UINT8, pvalue, NULL); +} -+ALWAYS_INLINE BOOL binn_list_get_uint16(void *list, int pos, unsigned short *pvalue) { ++ALWAYS_INLINE BOOL binn_list_get_uint16(const void *list, int pos, unsigned short *pvalue) { + return binn_list_get(list, pos, BINN_UINT16, pvalue, NULL); +} -+ALWAYS_INLINE BOOL binn_list_get_uint32(void *list, int pos, unsigned int *pvalue) { ++ALWAYS_INLINE BOOL binn_list_get_uint32(const void *list, int pos, unsigned int *pvalue) { + return binn_list_get(list, pos, BINN_UINT32, pvalue, NULL); +} -+ALWAYS_INLINE BOOL binn_list_get_uint64(void *list, int pos, uint64 *pvalue) { ++ALWAYS_INLINE BOOL binn_list_get_uint64(const void *list, int pos, uint64 *pvalue) { + return binn_list_get(list, pos, BINN_UINT64, pvalue, NULL); +} -+ALWAYS_INLINE BOOL binn_list_get_float(void *list, int pos, float *pvalue) { ++ALWAYS_INLINE BOOL binn_list_get_float(const void *list, int pos, float *pvalue) { + return binn_list_get(list, pos, BINN_FLOAT32, pvalue, NULL); +} -+ALWAYS_INLINE BOOL binn_list_get_double(void *list, int pos, double *pvalue) { ++ALWAYS_INLINE BOOL binn_list_get_double(const void *list, int pos, double *pvalue) { + return binn_list_get(list, pos, BINN_FLOAT64, pvalue, NULL); +} -+ALWAYS_INLINE BOOL binn_list_get_bool(void *list, int pos, BOOL *pvalue) { ++ALWAYS_INLINE BOOL binn_list_get_bool(const void *list, int pos, BOOL *pvalue) { + return binn_list_get(list, pos, BINN_BOOL, pvalue, NULL); +} -+ALWAYS_INLINE BOOL binn_list_get_str(void *list, int pos, char **pvalue) { ++ALWAYS_INLINE BOOL binn_list_get_str(const void *list, int pos, char **pvalue) { + return binn_list_get(list, pos, BINN_STRING, pvalue, NULL); +} -+ALWAYS_INLINE BOOL binn_list_get_blob(void *list, int pos, void **pvalue, int *psize) { ++ALWAYS_INLINE BOOL binn_list_get_blob(const void *list, int pos, void **pvalue, int *psize) { + return binn_list_get(list, pos, BINN_BLOB, pvalue, psize); +} -+ALWAYS_INLINE BOOL binn_list_get_list(void *list, int pos, void **pvalue) { ++ALWAYS_INLINE BOOL binn_list_get_list(const void *list, int pos, void **pvalue) { + return binn_list_get(list, pos, BINN_LIST, pvalue, NULL); +} -+ALWAYS_INLINE BOOL binn_list_get_map(void *list, int pos, void **pvalue) { ++ALWAYS_INLINE BOOL binn_list_get_map(const void *list, int pos, void **pvalue) { + return binn_list_get(list, pos, BINN_MAP, pvalue, NULL); +} -+ALWAYS_INLINE BOOL binn_list_get_object(void *list, int pos, void **pvalue) { ++ALWAYS_INLINE BOOL binn_list_get_object(const void *list, int pos, void **pvalue) { + return binn_list_get(list, pos, BINN_OBJECT, pvalue, NULL); +} + +/***************************************************************************/ + -+ALWAYS_INLINE BOOL binn_map_get_int8(void *map, int id, signed char *pvalue) { ++ALWAYS_INLINE BOOL binn_map_get_int8(const void *map, int id, signed char *pvalue) { + return binn_map_get(map, id, BINN_INT8, pvalue, NULL); +} -+ALWAYS_INLINE BOOL binn_map_get_int16(void *map, int id, short *pvalue) { ++ALWAYS_INLINE BOOL binn_map_get_int16(const void *map, int id, short *pvalue) { + return binn_map_get(map, id, BINN_INT16, pvalue, NULL); +} -+ALWAYS_INLINE BOOL binn_map_get_int32(void *map, int id, int *pvalue) { ++ALWAYS_INLINE BOOL binn_map_get_int32(const void *map, int id, int *pvalue) { + return binn_map_get(map, id, BINN_INT32, pvalue, NULL); +} -+ALWAYS_INLINE BOOL binn_map_get_int64(void *map, int id, int64 *pvalue) { ++ALWAYS_INLINE BOOL binn_map_get_int64(const void *map, int id, int64 *pvalue) { + return binn_map_get(map, id, BINN_INT64, pvalue, NULL); +} -+ALWAYS_INLINE BOOL binn_map_get_uint8(void *map, int id, unsigned char *pvalue) { ++ALWAYS_INLINE BOOL binn_map_get_uint8(const void *map, int id, unsigned char *pvalue) { + return binn_map_get(map, id, BINN_UINT8, pvalue, NULL); +} -+ALWAYS_INLINE BOOL binn_map_get_uint16(void *map, int id, unsigned short *pvalue) { ++ALWAYS_INLINE BOOL binn_map_get_uint16(const void *map, int id, unsigned short *pvalue) { + return binn_map_get(map, id, BINN_UINT16, pvalue, NULL); +} -+ALWAYS_INLINE BOOL binn_map_get_uint32(void *map, int id, unsigned int *pvalue) { ++ALWAYS_INLINE BOOL binn_map_get_uint32(const void *map, int id, unsigned int *pvalue) { + return binn_map_get(map, id, BINN_UINT32, pvalue, NULL); +} -+ALWAYS_INLINE BOOL binn_map_get_uint64(void *map, int id, uint64 *pvalue) { ++ALWAYS_INLINE BOOL binn_map_get_uint64(const void *map, int id, uint64 *pvalue) { + return binn_map_get(map, id, BINN_UINT64, pvalue, NULL); +} -+ALWAYS_INLINE BOOL binn_map_get_float(void *map, int id, float *pvalue) { ++ALWAYS_INLINE BOOL binn_map_get_float(const void *map, int id, float *pvalue) { + return binn_map_get(map, id, BINN_FLOAT32, pvalue, NULL); +} -+ALWAYS_INLINE BOOL binn_map_get_double(void *map, int id, double *pvalue) { ++ALWAYS_INLINE BOOL binn_map_get_double(const void *map, int id, double *pvalue) { + return binn_map_get(map, id, BINN_FLOAT64, pvalue, NULL); +} -+ALWAYS_INLINE BOOL binn_map_get_bool(void *map, int id, BOOL *pvalue) { ++ALWAYS_INLINE BOOL binn_map_get_bool(const void *map, int id, BOOL *pvalue) { + return binn_map_get(map, id, BINN_BOOL, pvalue, NULL); +} -+ALWAYS_INLINE BOOL binn_map_get_str(void *map, int id, char **pvalue) { ++ALWAYS_INLINE BOOL binn_map_get_str(const void *map, int id, char **pvalue) { + return binn_map_get(map, id, BINN_STRING, pvalue, NULL); +} -+ALWAYS_INLINE BOOL binn_map_get_blob(void *map, int id, void **pvalue, int *psize) { ++ALWAYS_INLINE BOOL binn_map_get_blob(const void *map, int id, void **pvalue, int *psize) { + return binn_map_get(map, id, BINN_BLOB, pvalue, psize); +} -+ALWAYS_INLINE BOOL binn_map_get_list(void *map, int id, void **pvalue) { ++ALWAYS_INLINE BOOL binn_map_get_list(const void *map, int id, void **pvalue) { + return binn_map_get(map, id, BINN_LIST, pvalue, NULL); +} -+ALWAYS_INLINE BOOL binn_map_get_map(void *map, int id, void **pvalue) { ++ALWAYS_INLINE BOOL binn_map_get_map(const void *map, int id, void **pvalue) { + return binn_map_get(map, id, BINN_MAP, pvalue, NULL); +} -+ALWAYS_INLINE BOOL binn_map_get_object(void *map, int id, void **pvalue) { ++ALWAYS_INLINE BOOL binn_map_get_object(const void *map, int id, void **pvalue) { + return binn_map_get(map, id, BINN_OBJECT, pvalue, NULL); +} + +/***************************************************************************/ + -+/* usage: */ -+/* if (binn_object_get_int32(obj, "key", &value) == FALSE) xxx; */ ++// usage: ++// if (binn_object_get_int32(obj, "key", &value) == FALSE) xxx; + -+ALWAYS_INLINE BOOL binn_object_get_int8(void *obj, const char *key, signed char *pvalue) { ++ALWAYS_INLINE BOOL binn_object_get_int8(const void *obj, const char *key, signed char *pvalue) { + return binn_object_get(obj, key, BINN_INT8, pvalue, NULL); +} -+ALWAYS_INLINE BOOL binn_object_get_int16(void *obj, const char *key, short *pvalue) { ++ALWAYS_INLINE BOOL binn_object_get_int16(const void *obj, const char *key, short *pvalue) { + return binn_object_get(obj, key, BINN_INT16, pvalue, NULL); +} -+ALWAYS_INLINE BOOL binn_object_get_int32(void *obj, const char *key, int *pvalue) { ++ALWAYS_INLINE BOOL binn_object_get_int32(const void *obj, const char *key, int *pvalue) { + return binn_object_get(obj, key, BINN_INT32, pvalue, NULL); +} -+ALWAYS_INLINE BOOL binn_object_get_int64(void *obj, const char *key, int64 *pvalue) { ++ALWAYS_INLINE BOOL binn_object_get_int64(const void *obj, const char *key, int64 *pvalue) { + return binn_object_get(obj, key, BINN_INT64, pvalue, NULL); +} -+ALWAYS_INLINE BOOL binn_object_get_uint8(void *obj, const char *key, unsigned char *pvalue) { ++ALWAYS_INLINE BOOL binn_object_get_uint8(const void *obj, const char *key, unsigned char *pvalue) { + return binn_object_get(obj, key, BINN_UINT8, pvalue, NULL); +} -+ALWAYS_INLINE BOOL binn_object_get_uint16(void *obj, const char *key, unsigned short *pvalue) { ++ALWAYS_INLINE BOOL binn_object_get_uint16(const void *obj, const char *key, unsigned short *pvalue) { + return binn_object_get(obj, key, BINN_UINT16, pvalue, NULL); +} -+ALWAYS_INLINE BOOL binn_object_get_uint32(void *obj, const char *key, unsigned int *pvalue) { ++ALWAYS_INLINE BOOL binn_object_get_uint32(const void *obj, const char *key, unsigned int *pvalue) { + return binn_object_get(obj, key, BINN_UINT32, pvalue, NULL); +} -+ALWAYS_INLINE BOOL binn_object_get_uint64(void *obj, const char *key, uint64 *pvalue) { ++ALWAYS_INLINE BOOL binn_object_get_uint64(const void *obj, const char *key, uint64 *pvalue) { + return binn_object_get(obj, key, BINN_UINT64, pvalue, NULL); +} -+ALWAYS_INLINE BOOL binn_object_get_float(void *obj, const char *key, float *pvalue) { ++ALWAYS_INLINE BOOL binn_object_get_float(const void *obj, const char *key, float *pvalue) { + return binn_object_get(obj, key, BINN_FLOAT32, pvalue, NULL); +} -+ALWAYS_INLINE BOOL binn_object_get_double(void *obj, const char *key, double *pvalue) { ++ALWAYS_INLINE BOOL binn_object_get_double(const void *obj, const char *key, double *pvalue) { + return binn_object_get(obj, key, BINN_FLOAT64, pvalue, NULL); +} -+ALWAYS_INLINE BOOL binn_object_get_bool(void *obj, const char *key, BOOL *pvalue) { ++ALWAYS_INLINE BOOL binn_object_get_bool(const void *obj, const char *key, BOOL *pvalue) { + return binn_object_get(obj, key, BINN_BOOL, pvalue, NULL); +} -+ALWAYS_INLINE BOOL binn_object_get_str(void *obj, const char *key, char **pvalue) { ++ALWAYS_INLINE BOOL binn_object_get_str(const void *obj, const char *key, char **pvalue) { + return binn_object_get(obj, key, BINN_STRING, pvalue, NULL); +} -+ALWAYS_INLINE BOOL binn_object_get_blob(void *obj, const char *key, void **pvalue, int *psize) { ++ALWAYS_INLINE BOOL binn_object_get_blob(const void *obj, const char *key, void **pvalue, int *psize) { + return binn_object_get(obj, key, BINN_BLOB, pvalue, psize); +} -+ALWAYS_INLINE BOOL binn_object_get_list(void *obj, const char *key, void **pvalue) { ++ALWAYS_INLINE BOOL binn_object_get_list(const void *obj, const char *key, void **pvalue) { + return binn_object_get(obj, key, BINN_LIST, pvalue, NULL); +} -+ALWAYS_INLINE BOOL binn_object_get_map(void *obj, const char *key, void **pvalue) { ++ALWAYS_INLINE BOOL binn_object_get_map(const void *obj, const char *key, void **pvalue) { + return binn_object_get(obj, key, BINN_MAP, pvalue, NULL); +} -+ALWAYS_INLINE BOOL binn_object_get_object(void *obj, const char *key, void **pvalue) { ++ALWAYS_INLINE BOOL binn_object_get_object(const void *obj, const char *key, void **pvalue) { + return binn_object_get(obj, key, BINN_OBJECT, pvalue, NULL); +} + @@ -4475,24 +4521,24 @@ diff -Nur openssh-9.6p1.orig/binn.h openssh-9.6p1/binn.h +BOOL APIENTRY binn_get_bool(binn *value, BOOL *pbool); +char * APIENTRY binn_get_str(binn *value); + -+/* boolean string values: */ -+/* 1, true, yes, on */ -+/* 0, false, no, off */ ++// boolean string values: ++// 1, true, yes, on ++// 0, false, no, off + -+/* boolean number values: */ -+/* !=0 [true] */ -+/* ==0 [false] */ ++// boolean number values: ++// !=0 [true] ++// ==0 [false] + + +#ifdef __cplusplus +} +#endif + -+#endif /* BINN_H */ -diff -Nur openssh-9.6p1.orig/channels.c openssh-9.6p1/channels.c ---- openssh-9.6p1.orig/channels.c 2024-07-10 13:32:39.521111580 +0200 -+++ openssh-9.6p1/channels.c 2024-07-10 13:45:10.402355836 +0200 -@@ -104,6 +104,11 @@ ++#endif //BINN_H +diff -Nur openssh-9.8p1.orig/channels.c openssh-9.8p1/channels.c +--- openssh-9.8p1.orig/channels.c 2024-09-30 16:02:22.534024243 +0200 ++++ openssh-9.8p1/channels.c 2024-10-01 08:56:07.524893574 +0200 +@@ -97,6 +97,11 @@ /* Minimum port number for X11 forwarding */ #define X11_PORT_MIN 6000 @@ -4504,7 +4550,7 @@ diff -Nur openssh-9.6p1.orig/channels.c openssh-9.6p1/channels.c /* Per-channel callback for pre/post IO actions */ typedef void chan_fn(struct ssh *, Channel *c); -@@ -229,6 +234,9 @@ +@@ -225,6 +230,9 @@ /* Setup helper */ static void channel_handler_init(struct ssh_channels *sc); @@ -4514,17 +4560,24 @@ diff -Nur openssh-9.6p1.orig/channels.c openssh-9.6p1/channels.c /* -- channel core */ void -@@ -484,6 +492,9 @@ +@@ -519,6 +527,16 @@ (c->output = sshbuf_new()) == NULL || (c->extended = sshbuf_new()) == NULL) fatal_f("sshbuf_new failed"); ++ ++ /* these buffers are important in terms of tracking channel ++ * buffer usage so label and type them with descriptive names */ + sshbuf_relabel(c->input, "channel input"); ++ sshbuf_type(c->input, BUF_CHANNEL_INPUT); + sshbuf_relabel(c->output, "channel output"); ++ sshbuf_type(c->output, BUF_CHANNEL_OUTPUT); + sshbuf_relabel(c->extended, "channel extended"); ++ sshbuf_type(c->extended, BUF_CHANNEL_EXTENDED); ++ if ((r = sshbuf_set_max_size(c->input, CHAN_INPUT_MAX)) != 0) fatal_fr(r, "sshbuf_set_max_size"); c->ostate = CHAN_OUTPUT_OPEN; -@@ -495,6 +506,7 @@ +@@ -530,6 +548,7 @@ c->local_window = window; c->local_window_max = window; c->local_maxpacket = maxpack; @@ -4532,7 +4585,7 @@ diff -Nur openssh-9.6p1.orig/channels.c openssh-9.6p1/channels.c c->remote_name = xstrdup(remote_name); c->ctl_chan = -1; c->delayed = 1; /* prevent call to channel_post handler */ -@@ -1220,6 +1232,33 @@ +@@ -1255,6 +1274,33 @@ c->io_want = SSH_CHAN_IO_SOCK_W; } @@ -4566,45 +4619,19 @@ diff -Nur openssh-9.6p1.orig/channels.c openssh-9.6p1/channels.c static void channel_pre_open(struct ssh *ssh, Channel *c) { -@@ -2321,24 +2360,55 @@ - { - int r; - -+ /* going back to a set denominator of 2. Prior versions had a -+ * dynamic denominator based on the size of the buffer. This may -+ * have been helpful in some situations but it isn't helping in -+ * the general case -cjr 6/30/23 */ - if (c->type == SSH_CHANNEL_OPEN && - !(c->flags & (CHAN_CLOSE_SENT|CHAN_CLOSE_RCVD)) && - ((c->local_window_max - c->local_window > +@@ -2362,18 +2408,29 @@ c->local_maxpacket*3) || c->local_window < c->local_window_max/2) && c->local_consumed > 0) { -+ u_int addition = 0; ++ int addition = 0; + u_int32_t tcpwinsz = channel_tcpwinsz(ssh); + /* adjust max window size if we are in a dynamic environment + * and the tcp receive buffer is larger than the ssh window */ + if (c->dynamic_window && (tcpwinsz > c->local_window_max)) { -+ if (c->hpn_buffer_limit) { -+ /* limit window growth to prevent buffer issues -+ * still not sure what is causing the buffer issues -+ * but it may be an issue with c->local_consumed not being -+ * handled properly in the cases of bottenecked IO to the -+ * wfd endpoint. This does have an impact on throughput -+ * as we're essentially maxing out local_window_max to -+ * half of the window size */ -+ addition = (tcpwinsz/2 - c->local_window_max); -+ } -+ else { -+ /* aggressively grow the window */ -+ addition = tcpwinsz - c->local_window_max; -+ } ++ /* aggressively grow the window */ ++ addition = tcpwinsz - c->local_window_max; + c->local_window_max += addition; -+ /* doesn't look like we need these -+ * sshbuf_set_window_max(c->output, c->local_window_max); -+ * sshbuf_set_window_max(c->input, c->local_window_max); -+ */ -+ debug("Channel %d: Window growth to %d by %d bytes",c->self, ++ debug_f("Channel %d: Window growth to %d by %d bytes",c->self, + c->local_window_max, addition); + } if (!c->have_remote_id) @@ -4625,7 +4652,7 @@ diff -Nur openssh-9.6p1.orig/channels.c openssh-9.6p1/channels.c c->local_consumed = 0; } return 1; -@@ -2926,9 +2996,7 @@ +@@ -2959,9 +3016,7 @@ * in use. */ if (CHANNEL_EFD_INPUT_ACTIVE(c)) @@ -4636,7 +4663,7 @@ diff -Nur openssh-9.6p1.orig/channels.c openssh-9.6p1/channels.c else chan_ibuf_empty(ssh, c); } -@@ -3638,7 +3706,7 @@ +@@ -3670,7 +3725,7 @@ error_fr(r, "parse adjust"); ssh_packet_disconnect(ssh, "Invalid window adjust message"); } @@ -4645,7 +4672,7 @@ diff -Nur openssh-9.6p1.orig/channels.c openssh-9.6p1/channels.c if ((new_rwin = c->remote_window + adjust) < c->remote_window) { fatal("channel %d: adjust %u overflows remote window %u", c->self, adjust, c->remote_window); -@@ -3753,6 +3821,13 @@ +@@ -3785,6 +3840,13 @@ return addr; } @@ -4659,19 +4686,18 @@ diff -Nur openssh-9.6p1.orig/channels.c openssh-9.6p1/channels.c static int channel_setup_fwd_listener_tcpip(struct ssh *ssh, int type, struct Forward *fwd, int *allocated_listen_port, -diff -Nur openssh-9.6p1.orig/channels.h openssh-9.6p1/channels.h ---- openssh-9.6p1.orig/channels.h 2024-07-10 13:32:39.484111470 +0200 -+++ openssh-9.6p1/channels.h 2024-07-10 13:34:02.710358565 +0200 -@@ -174,6 +174,8 @@ +diff -Nur openssh-9.8p1.orig/channels.h openssh-9.8p1/channels.h +--- openssh-9.8p1.orig/channels.h 2024-09-30 16:02:22.494024127 +0200 ++++ openssh-9.8p1/channels.h 2024-09-30 16:03:39.147245250 +0200 +@@ -173,6 +173,7 @@ u_int local_window_max; u_int local_consumed; u_int local_maxpacket; + int dynamic_window; -+ int hpn_buffer_limit; int extended_usage; int single_connection; -@@ -255,7 +257,7 @@ +@@ -254,7 +255,7 @@ #define SSH_CHAN_IO_SOCK (SSH_CHAN_IO_SOCK_R|SSH_CHAN_IO_SOCK_W) /* Read buffer size */ @@ -4680,16 +4706,16 @@ diff -Nur openssh-9.6p1.orig/channels.h openssh-9.6p1/channels.h /* Maximum size for direct reads to buffers */ #define CHANNEL_MAX_READ CHAN_SES_PACKET_DEFAULT -@@ -398,4 +400,6 @@ +@@ -396,4 +397,6 @@ void chan_write_failed(struct ssh *, Channel *); void chan_obuf_empty(struct ssh *, Channel *); +/* hpn handler */ +void channel_set_hpn_disabled(int); #endif -diff -Nur openssh-9.6p1.orig/cipher.c openssh-9.6p1/cipher.c ---- openssh-9.6p1.orig/cipher.c 2024-07-10 13:32:39.541111639 +0200 -+++ openssh-9.6p1/cipher.c 2024-07-10 13:50:07.565252024 +0200 +diff -Nur openssh-9.8p1.orig/cipher.c openssh-9.8p1/cipher.c +--- openssh-9.8p1.orig/cipher.c 2024-09-30 16:02:22.556024306 +0200 ++++ openssh-9.8p1/cipher.c 2024-10-01 09:00:13.211602019 +0200 @@ -48,23 +48,39 @@ #include "sshbuf.h" #include "ssherr.h" @@ -4985,9 +5011,9 @@ diff -Nur openssh-9.6p1.orig/cipher.c openssh-9.6p1/cipher.c #endif freezero(cc, sizeof(*cc)); } -diff -Nur openssh-9.6p1.orig/cipher-chachapoly.c openssh-9.6p1/cipher-chachapoly.c ---- openssh-9.6p1.orig/cipher-chachapoly.c 2023-12-18 15:59:50.000000000 +0100 -+++ openssh-9.6p1/cipher-chachapoly.c 2024-07-10 13:34:02.711358567 +0200 +diff -Nur openssh-9.8p1.orig/cipher-chachapoly.c openssh-9.8p1/cipher-chachapoly.c +--- openssh-9.8p1.orig/cipher-chachapoly.c 2024-07-01 06:36:28.000000000 +0200 ++++ openssh-9.8p1/cipher-chachapoly.c 2024-09-30 16:03:39.149245256 +0200 @@ -88,7 +88,7 @@ if (!do_encrypt) { const u_char *tag = src + aadlen + len; @@ -5006,9 +5032,9 @@ diff -Nur openssh-9.6p1.orig/cipher-chachapoly.c openssh-9.6p1/cipher-chachapoly poly_key); } r = 0; -diff -Nur openssh-9.6p1.orig/cipher-chachapoly-libcrypto.c openssh-9.6p1/cipher-chachapoly-libcrypto.c ---- openssh-9.6p1.orig/cipher-chachapoly-libcrypto.c 2023-12-18 15:59:50.000000000 +0100 -+++ openssh-9.6p1/cipher-chachapoly-libcrypto.c 2024-07-10 13:34:02.711358567 +0200 +diff -Nur openssh-9.8p1.orig/cipher-chachapoly-libcrypto.c openssh-9.8p1/cipher-chachapoly-libcrypto.c +--- openssh-9.8p1.orig/cipher-chachapoly-libcrypto.c 2024-07-01 06:36:28.000000000 +0200 ++++ openssh-9.8p1/cipher-chachapoly-libcrypto.c 2024-10-01 09:02:21.651972382 +0200 @@ -34,8 +34,17 @@ #include "ssherr.h" #include "cipher-chachapoly.h" @@ -5071,9 +5097,9 @@ diff -Nur openssh-9.6p1.orig/cipher-chachapoly-libcrypto.c openssh-9.6p1/cipher- poly_key); } r = 0; -diff -Nur openssh-9.6p1.orig/cipher-chachapoly-libcrypto-mt.c openssh-9.6p1/cipher-chachapoly-libcrypto-mt.c ---- openssh-9.6p1.orig/cipher-chachapoly-libcrypto-mt.c 1970-01-01 01:00:00.000000000 +0100 -+++ openssh-9.6p1/cipher-chachapoly-libcrypto-mt.c 2024-07-10 13:34:02.712358571 +0200 +diff -Nur openssh-9.8p1.orig/cipher-chachapoly-libcrypto-mt.c openssh-9.8p1/cipher-chachapoly-libcrypto-mt.c +--- openssh-9.8p1.orig/cipher-chachapoly-libcrypto-mt.c 1970-01-01 01:00:00.000000000 +0100 ++++ openssh-9.8p1/cipher-chachapoly-libcrypto-mt.c 2024-09-30 16:03:39.149245256 +0200 @@ -0,0 +1,695 @@ +/* + * Copyright (c) 2023 The Board of Trustees of Carnegie Mellon University. @@ -5770,9 +5796,9 @@ diff -Nur openssh-9.6p1.orig/cipher-chachapoly-libcrypto-mt.c openssh-9.6p1/ciph +#endif +} +#endif /* defined(HAVE_EVP_CHACHA20) && !defined(HAVE_BROKEN_CHACHA20) */ -diff -Nur openssh-9.6p1.orig/cipher-chachapoly-libcrypto-mt.h openssh-9.6p1/cipher-chachapoly-libcrypto-mt.h ---- openssh-9.6p1.orig/cipher-chachapoly-libcrypto-mt.h 1970-01-01 01:00:00.000000000 +0100 -+++ openssh-9.6p1/cipher-chachapoly-libcrypto-mt.h 2024-07-10 13:34:02.712358571 +0200 +diff -Nur openssh-9.8p1.orig/cipher-chachapoly-libcrypto-mt.h openssh-9.8p1/cipher-chachapoly-libcrypto-mt.h +--- openssh-9.8p1.orig/cipher-chachapoly-libcrypto-mt.h 1970-01-01 01:00:00.000000000 +0100 ++++ openssh-9.8p1/cipher-chachapoly-libcrypto-mt.h 2024-09-30 16:03:39.149245256 +0200 @@ -0,0 +1,45 @@ +/* + * Copyright (c) 2023 The Board of Trustees of Carnegie Mellon University. @@ -5819,9 +5845,9 @@ diff -Nur openssh-9.6p1.orig/cipher-chachapoly-libcrypto-mt.h openssh-9.6p1/ciph + __attribute__((__bounded__(__buffer__, 4, 5))); + +#endif /* CHACHA_POLY_LIBCRYPTO_MT_H */ -diff -Nur openssh-9.6p1.orig/cipher-ctr-mt.c openssh-9.6p1/cipher-ctr-mt.c ---- openssh-9.6p1.orig/cipher-ctr-mt.c 1970-01-01 01:00:00.000000000 +0100 -+++ openssh-9.6p1/cipher-ctr-mt.c 2024-07-10 13:58:24.488736203 +0200 +diff -Nur openssh-9.8p1.orig/cipher-ctr-mt.c openssh-9.8p1/cipher-ctr-mt.c +--- openssh-9.8p1.orig/cipher-ctr-mt.c 1970-01-01 01:00:00.000000000 +0100 ++++ openssh-9.8p1/cipher-ctr-mt.c 2024-09-30 16:03:39.150245259 +0200 @@ -0,0 +1,677 @@ +/* + * OpenSSH Multi-threaded AES-CTR Cipher @@ -5896,8 +5922,8 @@ diff -Nur openssh-9.6p1.orig/cipher-ctr-mt.c openssh-9.6p1/cipher-ctr-mt.c + +/*-------------------- TUNABLES --------------------*/ +/* maximum number of threads and queues */ -+#define MAX_THREADS 4 -+#define MAX_NUMKQ (MAX_THREADS + 1) ++#define MAX_THREADS 4 ++#define MAX_NUMKQ (MAX_THREADS + 1) + +/* Number of pregen threads to use */ +/* this is a default value. The actual number is @@ -5934,9 +5960,9 @@ diff -Nur openssh-9.6p1.orig/cipher-ctr-mt.c openssh-9.6p1/cipher-ctr-mt.c +#endif +/*-------------------- END TUNABLES --------------------*/ + -+#define HAVE_NONE 0 -+#define HAVE_KEY 1 -+#define HAVE_IV 2 ++#define HAVE_NONE 0 ++#define HAVE_KEY 1 ++#define HAVE_IV 2 +int X = 0; + +const EVP_CIPHER *evp_aes_ctr_mt(void); @@ -5954,24 +5980,24 @@ diff -Nur openssh-9.6p1.orig/cipher-ctr-mt.c openssh-9.6p1/cipher-ctr-mt.c +struct kq { + u_char keys[KQLEN][AES_BLOCK_SIZE]; /* [32768][16B] */ + u_char ctr[AES_BLOCK_SIZE]; /* 16B */ -+ u_char pad0[CACHELINE_LEN]; ++ u_char pad0[CACHELINE_LEN]; + pthread_mutex_t lock; + pthread_cond_t cond; -+ int qstate; -+ u_char pad1[CACHELINE_LEN]; ++ int qstate; ++ u_char pad1[CACHELINE_LEN]; +}; + +/* Context struct */ +struct ssh_aes_ctr_ctx_mt +{ + long unsigned int struct_id; -+ int keylen; ++ int keylen; + int state; + int qidx; + int ridx; -+ int id[MAX_THREADS]; /* 32 */ -+ AES_KEY aes_key; -+ const u_char *orig_key; ++ int id[MAX_THREADS]; /* 32 */ ++ AES_KEY aes_key; ++ const u_char *orig_key; + u_char aes_counter[AES_BLOCK_SIZE]; /* 16B */ + pthread_t tid[MAX_THREADS]; /* 32 */ + pthread_rwlock_t tid_lock; @@ -5987,7 +6013,7 @@ diff -Nur openssh-9.6p1.orig/cipher-ctr-mt.c openssh-9.6p1/cipher-ctr-mt.c + * free the contexts in stop_and_prejoin + */ +struct aes_mt_ctx_ptrs { -+ pthread_t tid; ++ pthread_t tid; + EVP_CIPHER_CTX *pointer; /* 32 */ + UT_hash_handle hh; +}; @@ -6500,9 +6526,9 @@ diff -Nur openssh-9.6p1.orig/cipher-ctr-mt.c openssh-9.6p1/cipher-ctr-mt.c + return aes_ctr; +} +#endif /* OSSL Check */ -diff -Nur openssh-9.6p1.orig/cipher-ctr-mt-functions.c openssh-9.6p1/cipher-ctr-mt-functions.c ---- openssh-9.6p1.orig/cipher-ctr-mt-functions.c 1970-01-01 01:00:00.000000000 +0100 -+++ openssh-9.6p1/cipher-ctr-mt-functions.c 2024-07-10 13:34:02.713358574 +0200 +diff -Nur openssh-9.8p1.orig/cipher-ctr-mt-functions.c openssh-9.8p1/cipher-ctr-mt-functions.c +--- openssh-9.8p1.orig/cipher-ctr-mt-functions.c 1970-01-01 01:00:00.000000000 +0100 ++++ openssh-9.8p1/cipher-ctr-mt-functions.c 2024-09-30 16:03:39.150245259 +0200 @@ -0,0 +1,668 @@ +/* + * OpenSSH Multi-threaded AES-CTR Cipher Provider for OpenSSL 3 @@ -7172,9 +7198,9 @@ diff -Nur openssh-9.6p1.orig/cipher-ctr-mt-functions.c openssh-9.6p1/cipher-ctr- +} + +#endif /*WITH_OPENSSL3*/ -diff -Nur openssh-9.6p1.orig/cipher-ctr-mt-functions.h openssh-9.6p1/cipher-ctr-mt-functions.h ---- openssh-9.6p1.orig/cipher-ctr-mt-functions.h 1970-01-01 01:00:00.000000000 +0100 -+++ openssh-9.6p1/cipher-ctr-mt-functions.h 2024-07-10 13:34:02.714358576 +0200 +diff -Nur openssh-9.8p1.orig/cipher-ctr-mt-functions.h openssh-9.8p1/cipher-ctr-mt-functions.h +--- openssh-9.8p1.orig/cipher-ctr-mt-functions.h 1970-01-01 01:00:00.000000000 +0100 ++++ openssh-9.8p1/cipher-ctr-mt-functions.h 2024-09-30 16:03:39.150245259 +0200 @@ -0,0 +1,142 @@ +/* + * OpenSSH Multi-threaded AES-CTR Cipher Provider for OpenSSL 3 @@ -7318,9 +7344,9 @@ diff -Nur openssh-9.6p1.orig/cipher-ctr-mt-functions.h openssh-9.6p1/cipher-ctr- + +#endif /* WITH OPENSSL */ +#endif /* CTR_MT_FUNCS */ -diff -Nur openssh-9.6p1.orig/cipher-ctr-mt-provider.c openssh-9.6p1/cipher-ctr-mt-provider.c ---- openssh-9.6p1.orig/cipher-ctr-mt-provider.c 1970-01-01 01:00:00.000000000 +0100 -+++ openssh-9.6p1/cipher-ctr-mt-provider.c 2024-07-10 13:34:02.714358576 +0200 +diff -Nur openssh-9.8p1.orig/cipher-ctr-mt-provider.c openssh-9.8p1/cipher-ctr-mt-provider.c +--- openssh-9.8p1.orig/cipher-ctr-mt-provider.c 1970-01-01 01:00:00.000000000 +0100 ++++ openssh-9.8p1/cipher-ctr-mt-provider.c 2024-09-30 16:03:39.151245261 +0200 @@ -0,0 +1,390 @@ +/* + * OpenSSH Multi-threaded AES-CTR Cipher Provider for OpenSSL 3 @@ -7712,9 +7738,9 @@ diff -Nur openssh-9.6p1.orig/cipher-ctr-mt-provider.c openssh-9.6p1/cipher-ctr-m +} + +#endif /*WITH_OPENSSL3*/ -diff -Nur openssh-9.6p1.orig/cipher.h openssh-9.6p1/cipher.h ---- openssh-9.6p1.orig/cipher.h 2024-07-10 13:32:39.541111639 +0200 -+++ openssh-9.6p1/cipher.h 2024-07-10 13:34:02.714358576 +0200 +diff -Nur openssh-9.8p1.orig/cipher.h openssh-9.8p1/cipher.h +--- openssh-9.8p1.orig/cipher.h 2024-09-30 16:02:22.556024306 +0200 ++++ openssh-9.8p1/cipher.h 2024-09-30 16:26:15.533157716 +0200 @@ -42,11 +42,17 @@ #include #endif @@ -7771,9 +7797,9 @@ diff -Nur openssh-9.6p1.orig/cipher.h openssh-9.6p1/cipher.h u_int cipher_ctx_is_plaintext(struct sshcipher_ctx *); -diff -Nur openssh-9.6p1.orig/cipher-switch.c openssh-9.6p1/cipher-switch.c ---- openssh-9.6p1.orig/cipher-switch.c 1970-01-01 01:00:00.000000000 +0100 -+++ openssh-9.6p1/cipher-switch.c 2024-07-10 13:34:02.715358579 +0200 +diff -Nur openssh-9.8p1.orig/cipher-switch.c openssh-9.8p1/cipher-switch.c +--- openssh-9.8p1.orig/cipher-switch.c 1970-01-01 01:00:00.000000000 +0100 ++++ openssh-9.8p1/cipher-switch.c 2024-09-30 16:03:39.151245261 +0200 @@ -0,0 +1,73 @@ +/* + * Copyright (c) 2023 The Board of Trustees of Carnegie Mellon University. @@ -7848,9 +7874,9 @@ diff -Nur openssh-9.6p1.orig/cipher-switch.c openssh-9.6p1/cipher-switch.c + } +#endif +} -diff -Nur openssh-9.6p1.orig/cipher-switch.h openssh-9.6p1/cipher-switch.h ---- openssh-9.6p1.orig/cipher-switch.h 1970-01-01 01:00:00.000000000 +0100 -+++ openssh-9.6p1/cipher-switch.h 2024-07-10 13:34:02.715358579 +0200 +diff -Nur openssh-9.8p1.orig/cipher-switch.h openssh-9.8p1/cipher-switch.h +--- openssh-9.8p1.orig/cipher-switch.h 1970-01-01 01:00:00.000000000 +0100 ++++ openssh-9.8p1/cipher-switch.h 2024-09-30 16:03:39.152245264 +0200 @@ -0,0 +1,18 @@ +/* + * Copyright (c) 2015 The Board of Trustees of Carnegie Mellon University. @@ -7870,9 +7896,9 @@ diff -Nur openssh-9.6p1.orig/cipher-switch.h openssh-9.6p1/cipher-switch.h + */ + +void cipher_switch (struct ssh *); -diff -Nur openssh-9.6p1.orig/clientloop.c openssh-9.6p1/clientloop.c ---- openssh-9.6p1.orig/clientloop.c 2024-07-10 13:32:39.581111758 +0200 -+++ openssh-9.6p1/clientloop.c 2024-07-10 13:34:02.716358582 +0200 +diff -Nur openssh-9.8p1.orig/clientloop.c openssh-9.8p1/clientloop.c +--- openssh-9.8p1.orig/clientloop.c 2024-09-30 16:02:22.434023954 +0200 ++++ openssh-9.8p1/clientloop.c 2024-09-30 16:03:39.153245267 +0200 @@ -114,6 +114,7 @@ #include "msg.h" #include "ssherr.h" @@ -7881,7 +7907,7 @@ diff -Nur openssh-9.6p1.orig/clientloop.c openssh-9.6p1/clientloop.c #ifdef GSSAPI #include "ssh-gss.h" -@@ -172,6 +173,10 @@ +@@ -171,6 +172,10 @@ static void client_init_dispatch(struct ssh *ssh); int session_ident = -1; @@ -7892,25 +7918,24 @@ diff -Nur openssh-9.6p1.orig/clientloop.c openssh-9.6p1/clientloop.c /* Track escape per proto2 channel */ struct escape_filter_ctx { -@@ -199,6 +204,9 @@ +@@ -197,6 +202,8 @@ + static struct global_confirms global_confirms = TAILQ_HEAD_INITIALIZER(global_confirms); - void ssh_process_session2_setup(int, int, int, struct sshbuf *); -+ +void client_request_metrics(struct ssh *); + static void quit_message(const char *fmt, ...) __attribute__((__format__ (printf, 1, 2))); -@@ -1453,6 +1461,7 @@ +@@ -1452,6 +1459,7 @@ double start_time, total_time; - int channel_did_enqueue = 0, r, len; + int channel_did_enqueue = 0, r; u_int64_t ibytes, obytes; + time_t previous_time; int conn_in_ready, conn_out_ready; sigset_t bsigset, osigset; -@@ -1494,6 +1503,7 @@ +@@ -1493,6 +1501,7 @@ client_repledge(); start_time = monotime_double(); @@ -7918,7 +7943,7 @@ diff -Nur openssh-9.6p1.orig/clientloop.c openssh-9.6p1/clientloop.c /* Initialize variables. */ last_was_cr = 1; -@@ -1539,6 +1549,8 @@ +@@ -1534,6 +1543,8 @@ } schedule_server_alive_check(); @@ -7927,7 +7952,7 @@ diff -Nur openssh-9.6p1.orig/clientloop.c openssh-9.6p1/clientloop.c if (sigemptyset(&bsigset) == -1 || sigaddset(&bsigset, SIGHUP) == -1 || -@@ -1549,6 +1561,12 @@ +@@ -1544,6 +1555,12 @@ /* Main loop of the client for the interactive session mode. */ while (!quit_pending) { @@ -7940,7 +7965,7 @@ diff -Nur openssh-9.6p1.orig/clientloop.c openssh-9.6p1/clientloop.c channel_did_enqueue = 0; /* Process buffered packets sent by the server. */ -@@ -1641,6 +1659,10 @@ +@@ -1636,6 +1653,10 @@ } } } @@ -7951,7 +7976,7 @@ diff -Nur openssh-9.6p1.orig/clientloop.c openssh-9.6p1/clientloop.c free(pfd); /* Terminate the session. */ -@@ -2684,6 +2706,167 @@ +@@ -2647,6 +2668,167 @@ return 1; } @@ -8026,7 +8051,7 @@ diff -Nur openssh-9.6p1.orig/clientloop.c openssh-9.6p1/clientloop.c + kernel_version = binn_object_int32((void *)blob, "kernel_version"); + + /* create a string of the data from the binn object blob */ -+ metrics_read_binn_object((void *)blob, &metricsstring); ++ metrics_read_binn_object((void *)blob, metricsstring); + + /* have we printed the header? */ + if (metrics_hdr_remote_flag == 0) { @@ -8071,7 +8096,7 @@ diff -Nur openssh-9.6p1.orig/clientloop.c openssh-9.6p1/clientloop.c + metrics_write_binn_object(&local_tcp_info, metricsobj); + + /* create a string of the data from the binn object metricsobj */ -+ metrics_read_binn_object((void *)metricsobj, &metricsstring); ++ metrics_read_binn_object((void *)metricsobj, metricsstring); + + /* get the kernel version printing the header */ + kernel_version = binn_object_int32(metricsobj, "kernel_version"); @@ -8119,19 +8144,7 @@ diff -Nur openssh-9.6p1.orig/clientloop.c openssh-9.6p1/clientloop.c static int client_input_global_request(int type, u_int32_t seq, struct ssh *ssh) { -@@ -2739,6 +2922,11 @@ - if ((c = channel_lookup(ssh, id)) == NULL) - fatal_f("channel %d: unknown channel", id); - -+ if (options.hpn_buffer_limit) { -+ debug_f("Limiting receive buffer size"); -+ c->hpn_buffer_limit = 1; -+ } -+ - ssh_packet_set_interactive(ssh, want_tty, - options.ip_qos_interactive, options.ip_qos_bulk); - -@@ -2809,6 +2997,43 @@ +@@ -2772,6 +2954,43 @@ len = sshbuf_len(cmd); if (len > 0) { @@ -8175,9 +8188,9 @@ diff -Nur openssh-9.6p1.orig/clientloop.c openssh-9.6p1/clientloop.c if (len > 900) len = 900; if (want_subsystem) { -diff -Nur openssh-9.6p1.orig/compat.c openssh-9.6p1/compat.c ---- openssh-9.6p1.orig/compat.c 2024-07-10 13:32:39.574111737 +0200 -+++ openssh-9.6p1/compat.c 2024-07-14 11:29:56.093866627 +0200 +diff -Nur openssh-9.8p1.orig/compat.c openssh-9.8p1/compat.c +--- openssh-9.8p1.orig/compat.c 2024-09-30 16:02:22.594024416 +0200 ++++ openssh-9.8p1/compat.c 2024-10-01 09:15:43.262288236 +0200 @@ -135,6 +135,35 @@ ssh->compat = check[i].bugs; if (forbid_ssh_rsa) @@ -8214,9 +8227,9 @@ diff -Nur openssh-9.6p1.orig/compat.c openssh-9.6p1/compat.c return; } } -diff -Nur openssh-9.6p1.orig/compat.h openssh-9.6p1/compat.h ---- openssh-9.6p1.orig/compat.h 2024-07-10 13:32:39.574111737 +0200 -+++ openssh-9.6p1/compat.h 2024-07-14 11:29:56.093866627 +0200 +diff -Nur openssh-9.8p1.orig/compat.h openssh-9.8p1/compat.h +--- openssh-9.8p1.orig/compat.h 2024-09-30 16:02:22.594024416 +0200 ++++ openssh-9.8p1/compat.h 2024-10-01 09:16:03.734347588 +0200 @@ -46,12 +46,12 @@ /* #define unused 0x00010000 */ /* #define unused 0x00020000 */ @@ -8233,10 +8246,10 @@ diff -Nur openssh-9.6p1.orig/compat.h openssh-9.6p1/compat.h #define SSH_NEW_OPENSSH 0x04000000 #define SSH_BUG_DYNAMIC_RPORT 0x08000000 #define SSH_BUG_CURVE25519PAD 0x10000000 -diff -Nur openssh-9.6p1.orig/configure.ac openssh-9.6p1/configure.ac ---- openssh-9.6p1.orig/configure.ac 2024-07-10 13:32:39.595111799 +0200 -+++ openssh-9.6p1/configure.ac 2024-07-10 13:34:02.718358588 +0200 -@@ -2909,8 +2909,8 @@ +diff -Nur openssh-9.8p1.orig/configure.ac openssh-9.8p1/configure.ac +--- openssh-9.8p1.orig/configure.ac 2024-09-30 16:02:22.614024473 +0200 ++++ openssh-9.8p1/configure.ac 2024-09-30 16:03:39.155245273 +0200 +@@ -2936,8 +2936,8 @@ 200*) # LibreSSL lver=`echo "$sslver" | sed 's/.*libressl-//'` case "$lver" in @@ -8247,20 +8260,15 @@ diff -Nur openssh-9.6p1.orig/configure.ac openssh-9.6p1/configure.ac ;; *) ;; # Assume all other versions are good. esac -@@ -2918,10 +2918,12 @@ - 300*) +@@ -2946,6 +2946,7 @@ # OpenSSL 3; we use the 1.1x API - CPPFLAGS="$CPPFLAGS -DOPENSSL_API_COMPAT=0x10100000L" -+ AC_DEFINE([WITH_OPENSSL3], [1], [With OpenSSL3]) - ;; - 301*|302*|303*) - # OpenSSL development branch; request 1.1x API + # https://openssl.org/policies/general/versioning-policy.html CPPFLAGS="$CPPFLAGS -DOPENSSL_API_COMPAT=0x10100000L" + AC_DEFINE([WITH_OPENSSL3], [1], [With OpenSSL3]) ;; *) AC_MSG_ERROR([Unknown/unsupported OpenSSL version ("$ssl_showver")]) -@@ -3039,6 +3041,30 @@ +@@ -3063,6 +3064,30 @@ EVP_CIPHER_CTX_set_iv \ ]) @@ -8291,9 +8299,9 @@ diff -Nur openssh-9.6p1.orig/configure.ac openssh-9.6p1/configure.ac if test "x$openssl_engine" = "xyes" ; then AC_MSG_CHECKING([for OpenSSL ENGINE support]) AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[ -diff -Nur openssh-9.6p1.orig/defines.h openssh-9.6p1/defines.h ---- openssh-9.6p1.orig/defines.h 2023-12-18 15:59:50.000000000 +0100 -+++ openssh-9.6p1/defines.h 2024-07-10 13:34:02.718358588 +0200 +diff -Nur openssh-9.8p1.orig/defines.h openssh-9.8p1/defines.h +--- openssh-9.8p1.orig/defines.h 2024-07-01 06:36:28.000000000 +0200 ++++ openssh-9.8p1/defines.h 2024-09-30 16:03:39.155245273 +0200 @@ -889,7 +889,7 @@ #endif @@ -8303,9 +8311,9 @@ diff -Nur openssh-9.6p1.orig/defines.h openssh-9.6p1/defines.h #endif /* -diff -Nur openssh-9.6p1.orig/digest.h openssh-9.6p1/digest.h ---- openssh-9.6p1.orig/digest.h 2024-07-10 13:32:39.511111550 +0200 -+++ openssh-9.6p1/digest.h 2024-07-10 13:34:02.719358591 +0200 +diff -Nur openssh-9.8p1.orig/digest.h openssh-9.8p1/digest.h +--- openssh-9.8p1.orig/digest.h 2024-09-30 16:02:22.523024211 +0200 ++++ openssh-9.8p1/digest.h 2024-09-30 16:03:39.156245276 +0200 @@ -27,7 +27,8 @@ #define SSH_DIGEST_SHA256 2 #define SSH_DIGEST_SHA384 3 @@ -8316,9 +8324,9 @@ diff -Nur openssh-9.6p1.orig/digest.h openssh-9.6p1/digest.h struct sshbuf; struct ssh_digest_ctx; -diff -Nur openssh-9.6p1.orig/digest-openssl.c openssh-9.6p1/digest-openssl.c ---- openssh-9.6p1.orig/digest-openssl.c 2024-07-10 13:32:39.511111550 +0200 -+++ openssh-9.6p1/digest-openssl.c 2024-07-10 13:34:02.719358591 +0200 +diff -Nur openssh-9.8p1.orig/digest-openssl.c openssh-9.8p1/digest-openssl.c +--- openssh-9.8p1.orig/digest-openssl.c 2024-09-30 16:02:22.523024211 +0200 ++++ openssh-9.8p1/digest-openssl.c 2024-09-30 16:03:39.156245276 +0200 @@ -61,6 +61,7 @@ { SSH_DIGEST_SHA256, "SHA256", 32, EVP_sha256 }, { SSH_DIGEST_SHA384, "SHA384", 48, EVP_sha384 }, @@ -8327,9 +8335,9 @@ diff -Nur openssh-9.6p1.orig/digest-openssl.c openssh-9.6p1/digest-openssl.c { -1, NULL, 0, NULL }, }; -diff -Nur openssh-9.6p1.orig/FUNDING.yml openssh-9.6p1/FUNDING.yml ---- openssh-9.6p1.orig/FUNDING.yml 1970-01-01 01:00:00.000000000 +0100 -+++ openssh-9.6p1/FUNDING.yml 2024-07-10 13:34:02.719358591 +0200 +diff -Nur openssh-9.8p1.orig/FUNDING.yml openssh-9.8p1/FUNDING.yml +--- openssh-9.8p1.orig/FUNDING.yml 1970-01-01 01:00:00.000000000 +0100 ++++ openssh-9.8p1/FUNDING.yml 2024-09-30 16:03:39.156245276 +0200 @@ -0,0 +1,12 @@ +# These are supported funding model platforms + @@ -8343,9 +8351,9 @@ diff -Nur openssh-9.6p1.orig/FUNDING.yml openssh-9.6p1/FUNDING.yml +#issuehunt: # Replace with a single IssueHunt username +#otechie: # Replace with a single Otechie username +#custom: # Replace with up to 4 custom sponsorship URLs e.g., ['link1', 'link2'] -diff -Nur openssh-9.6p1.orig/HPN-README openssh-9.6p1/HPN-README ---- openssh-9.6p1.orig/HPN-README 1970-01-01 01:00:00.000000000 +0100 -+++ openssh-9.6p1/HPN-README 2024-07-10 13:34:02.719358591 +0200 +diff -Nur openssh-9.8p1.orig/HPN-README openssh-9.8p1/HPN-README +--- openssh-9.8p1.orig/HPN-README 1970-01-01 01:00:00.000000000 +0100 ++++ openssh-9.8p1/HPN-README 2024-09-30 16:03:39.156245276 +0200 @@ -0,0 +1,170 @@ +Notes: + @@ -8517,9 +8525,9 @@ diff -Nur openssh-9.6p1.orig/HPN-README openssh-9.6p1/HPN-README + + +Edited: October 11, 2023 -diff -Nur openssh-9.6p1.orig/HPNSSHInstallation.txt openssh-9.6p1/HPNSSHInstallation.txt ---- openssh-9.6p1.orig/HPNSSHInstallation.txt 1970-01-01 01:00:00.000000000 +0100 -+++ openssh-9.6p1/HPNSSHInstallation.txt 2024-07-10 13:34:02.720358594 +0200 +diff -Nur openssh-9.8p1.orig/HPNSSHInstallation.txt openssh-9.8p1/HPNSSHInstallation.txt +--- openssh-9.8p1.orig/HPNSSHInstallation.txt 1970-01-01 01:00:00.000000000 +0100 ++++ openssh-9.8p1/HPNSSHInstallation.txt 2024-09-30 16:03:39.156245276 +0200 @@ -0,0 +1,354 @@ +HPN-SSH Installation + @@ -8875,10 +8883,10 @@ diff -Nur openssh-9.6p1.orig/HPNSSHInstallation.txt openssh-9.6p1/HPNSSHInstalla +restorecon /usr/bin/hpnssh-agent +restorecon /usr/bin/hpnssh-keygen +restorecon /etc/pam.d/hpnsshd -diff -Nur openssh-9.6p1.orig/kex.c openssh-9.6p1/kex.c ---- openssh-9.6p1.orig/kex.c 2024-07-10 13:32:39.570111725 +0200 -+++ openssh-9.6p1/kex.c 2024-07-10 13:34:02.720358594 +0200 -@@ -65,6 +65,7 @@ +diff -Nur openssh-9.8p1.orig/kex.c openssh-9.8p1/kex.c +--- openssh-9.8p1.orig/kex.c 2024-09-30 16:02:22.589024401 +0200 ++++ openssh-9.8p1/kex.c 2024-09-30 16:03:39.157245279 +0200 +@@ -66,6 +66,7 @@ #include "ssherr.h" #include "sshbuf.h" @@ -8886,7 +8894,7 @@ diff -Nur openssh-9.6p1.orig/kex.c openssh-9.6p1/kex.c #include "digest.h" #include "xmalloc.h" #include "audit.h" -@@ -1037,11 +1038,68 @@ +@@ -774,17 +775,83 @@ free(kex); } @@ -8937,9 +8945,12 @@ diff -Nur openssh-9.6p1.orig/kex.c openssh-9.6p1/kex.c int kex_ready(struct ssh *ssh, char *proposal[PROPOSAL_MAX]) { - int r; - +- int r; ++ int r = 0; ++ +#ifdef WITH_OPENSSL ++ char * orig_ctos = proposal[PROPOSAL_ENC_ALGS_CTOS]; ++ char * orig_stoc = proposal[PROPOSAL_ENC_ALGS_STOC]; + proposal[PROPOSAL_ENC_ALGS_CTOS] = + patch_list(proposal[PROPOSAL_ENC_ALGS_CTOS]); + proposal[PROPOSAL_ENC_ALGS_STOC] = @@ -8951,11 +8962,26 @@ diff -Nur openssh-9.6p1.orig/kex.c openssh-9.6p1/kex.c + * freeable. + */ +#endif -+ + if ((r = kex_prop2buf(ssh->kex->my, proposal)) != 0) - return r; +- return r; ++ goto restoreProposal; ssh->kex->flags = KEX_INITIAL; -@@ -1240,6 +1298,11 @@ + kex_reset_dispatch(ssh); + ssh_dispatch_set(ssh, SSH2_MSG_KEXINIT, &kex_input_kexinit); +- return 0; ++ restoreProposal: ++#ifdef WITH_OPENSSL ++ free(proposal[PROPOSAL_ENC_ALGS_CTOS]); ++ free(proposal[PROPOSAL_ENC_ALGS_STOC]); ++ proposal[PROPOSAL_ENC_ALGS_CTOS] = orig_ctos; ++ proposal[PROPOSAL_ENC_ALGS_STOC] = orig_stoc; ++#endif ++ return r; + } + + int +@@ -975,6 +1042,11 @@ int nenc, nmac, ncomp; u_int mode, ctos, need, dh_need, authlen; int r, first_kex_follows; @@ -8967,7 +8993,7 @@ diff -Nur openssh-9.6p1.orig/kex.c openssh-9.6p1/kex.c debug2("local %s KEXINIT proposal", kex->server ? "server" : "client"); if ((r = kex_buf2prop(kex->my, NULL, &my)) != 0) -@@ -1316,6 +1379,31 @@ +@@ -1051,6 +1123,31 @@ peer[nenc] = NULL; goto out; } @@ -8999,7 +9025,7 @@ diff -Nur openssh-9.6p1.orig/kex.c openssh-9.6p1/kex.c authlen = cipher_authlen(newkeys->enc.cipher); /* ignore mac for authenticated encryption */ if (authlen == 0 && -@@ -1331,11 +1419,43 @@ +@@ -1066,11 +1163,43 @@ peer[ncomp] = NULL; goto out; } @@ -9043,7 +9069,7 @@ diff -Nur openssh-9.6p1.orig/kex.c openssh-9.6p1/kex.c } need = dh_need = 0; for (mode = 0; mode < MODE_MAX; mode++) { -@@ -1683,7 +1803,7 @@ +@@ -1430,7 +1559,7 @@ if (version_addendum != NULL && *version_addendum == '\0') version_addendum = NULL; if ((r = sshbuf_putf(our_version, "SSH-%d.%d-%s%s%s\r\n", @@ -9052,7 +9078,7 @@ diff -Nur openssh-9.6p1.orig/kex.c openssh-9.6p1/kex.c version_addendum == NULL ? "" : " ", version_addendum == NULL ? "" : version_addendum)) != 0) { oerrno = errno; -@@ -1819,9 +1939,24 @@ +@@ -1566,9 +1695,24 @@ r = SSH_ERR_INVALID_FORMAT; goto out; } @@ -9077,9 +9103,9 @@ diff -Nur openssh-9.6p1.orig/kex.c openssh-9.6p1/kex.c mismatch = 0; switch (remote_major) { -diff -Nur openssh-9.6p1.orig/mac.c openssh-9.6p1/mac.c ---- openssh-9.6p1.orig/mac.c 2024-07-10 13:32:39.542111642 +0200 -+++ openssh-9.6p1/mac.c 2024-07-10 13:34:02.720358594 +0200 +diff -Nur openssh-9.8p1.orig/mac.c openssh-9.8p1/mac.c +--- openssh-9.8p1.orig/mac.c 2024-09-30 16:02:22.557024309 +0200 ++++ openssh-9.8p1/mac.c 2024-09-30 16:03:39.158245282 +0200 @@ -63,6 +63,7 @@ { "hmac-sha2-512", SSH_DIGEST, SSH_DIGEST_SHA512, 0, 0, 0, 0 }, { "hmac-md5", SSH_DIGEST, SSH_DIGEST_MD5, 0, 0, 0, 0 }, @@ -9088,10 +9114,10 @@ diff -Nur openssh-9.6p1.orig/mac.c openssh-9.6p1/mac.c { "umac-64@openssh.com", SSH_UMAC, 0, 0, 128, 64, 0 }, { "umac-128@openssh.com", SSH_UMAC128, 0, 0, 128, 128, 0 }, -diff -Nur openssh-9.6p1.orig/Makefile.in openssh-9.6p1/Makefile.in ---- openssh-9.6p1.orig/Makefile.in 2024-07-10 13:32:39.597111805 +0200 -+++ openssh-9.6p1/Makefile.in 2024-07-10 13:34:02.721358597 +0200 -@@ -49,7 +49,7 @@ +diff -Nur openssh-9.8p1.orig/Makefile.in openssh-9.8p1/Makefile.in +--- openssh-9.8p1.orig/Makefile.in 2024-09-30 16:02:22.616024479 +0200 ++++ openssh-9.8p1/Makefile.in 2024-10-01 09:22:44.089508215 +0200 +@@ -51,7 +51,7 @@ CFLAGS_NOPIE=@CFLAGS_NOPIE@ CPPFLAGS=-I. -I$(srcdir) @CPPFLAGS@ $(PATHS) @DEFS@ PICFLAG=@PICFLAG@ @@ -9100,7 +9126,7 @@ diff -Nur openssh-9.6p1.orig/Makefile.in openssh-9.6p1/Makefile.in CHANNELLIBS=@CHANNELLIBS@ K5LIBS=@K5LIBS@ GSSLIBS=@GSSLIBS@ -@@ -97,7 +97,7 @@ +@@ -99,7 +99,7 @@ LIBSSH_OBJS=${LIBOPENSSH_OBJS} \ authfd.o authfile.o \ canohost.o channels.o cipher.o cipher-aes.o cipher-aesctr.o \ @@ -9109,15 +9135,15 @@ diff -Nur openssh-9.6p1.orig/Makefile.in openssh-9.6p1/Makefile.in compat.o fatal.o hostfile.o \ log.o match.o moduli.o nchan.o packet.o \ readpass.o ttymodes.o xmalloc.o addr.o addrmatch.o \ -@@ -107,6 +107,7 @@ +@@ -109,6 +109,7 @@ msg.o progressmeter.o dns.o entropy.o gss-genr.o umac.o umac128.o \ ssh-pkcs11.o ssh-pkcs11-uri.o smult_curve25519_ref.o \ poly1305.o chacha.o cipher-chachapoly.o cipher-chachapoly-libcrypto.o \ + cipher-chachapoly-libcrypto-mt.o \ ssh-ed25519.o digest-openssl.o digest-libc.o \ hmac.o ed25519.o hash.o \ - kex.o kexdh.o kexgex.o kexecdh.o kexc25519.o \ -@@ -114,12 +115,13 @@ + kex.o kex-names.o kexdh.o kexgex.o kexecdh.o kexc25519.o \ +@@ -116,12 +117,13 @@ kexsntrup761x25519.o sntrup761.o kexgen.o \ kexgssc.o \ sftp-realpath.o platform-pledge.o platform-tracing.o platform-misc.o \ @@ -9131,10 +9157,10 @@ diff -Nur openssh-9.6p1.orig/Makefile.in openssh-9.6p1/Makefile.in - sshconnect.o sshconnect2.o mux.o $(SKOBJS) + sshconnect.o sshconnect2.o mux.o cipher-switch.o $(SKOBJS) - SSHDOBJS=sshd.o auth-rhosts.o auth-passwd.o \ - audit.o audit-bsm.o audit-linux.o platform.o \ -@@ -135,7 +137,7 @@ - srclimit.o sftp-server.o sftp-common.o \ + SSHDOBJS=sshd.o \ + platform-listen.o \ +@@ -143,7 +145,7 @@ + sftp-server.o sftp-common.o \ sandbox-null.o sandbox-rlimit.o sandbox-systrace.o sandbox-darwin.o \ sandbox-seccomp-filter.o sandbox-capsicum.o sandbox-pledge.o \ - sandbox-solaris.o uidswap.o $(SKOBJS) @@ -9142,8 +9168,8 @@ diff -Nur openssh-9.6p1.orig/Makefile.in openssh-9.6p1/Makefile.in SFTP_CLIENT_OBJS=sftp-common.o sftp-client.o sftp-glob.o -@@ -214,7 +216,7 @@ - $(LD) -o $@ $(SSHDOBJS) $(LDFLAGS) -lssh -lopenbsd-compat $(SSHDLIBS) $(LIBS) $(GSSLIBS) $(K5LIBS) $(CHANNELLIBS) +@@ -225,7 +227,7 @@ + $(LD) -o $@ $(SSHD_SESSION_OBJS) $(LDFLAGS) -lssh -lopenbsd-compat $(SSHDLIBS) $(LIBS) $(GSSLIBS) $(K5LIBS) $(CHANNELLIBS) scp$(EXEEXT): $(LIBCOMPAT) libssh.a $(SCP_OBJS) - $(LD) -o $@ $(SCP_OBJS) $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS) @@ -9151,9 +9177,9 @@ diff -Nur openssh-9.6p1.orig/Makefile.in openssh-9.6p1/Makefile.in ssh-add$(EXEEXT): $(LIBCOMPAT) libssh.a $(SSHADD_OBJS) $(LD) -o $@ $(SSHADD_OBJS) $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS) $(CHANNELLIBS) -diff -Nur openssh-9.6p1.orig/metrics.c openssh-9.6p1/metrics.c ---- openssh-9.6p1.orig/metrics.c 1970-01-01 01:00:00.000000000 +0100 -+++ openssh-9.6p1/metrics.c 2024-07-10 13:34:02.721358597 +0200 +diff -Nur openssh-9.8p1.orig/metrics.c openssh-9.8p1/metrics.c +--- openssh-9.8p1.orig/metrics.c 1970-01-01 01:00:00.000000000 +0100 ++++ openssh-9.8p1/metrics.c 2024-09-30 16:03:39.159245285 +0200 @@ -0,0 +1,444 @@ +/* + * Copyright (c) 2022 The Board of Trustees of Carnegie Mellon University. @@ -9410,7 +9436,7 @@ diff -Nur openssh-9.6p1.orig/metrics.c openssh-9.6p1/metrics.c + * the object will not necessarily have all of the elements. If it's empty it + * current just spits out 0. This isn't optimal as 0 can also be a valid value */ +void -+metrics_read_binn_object (void *binnobj, char **output) { ++metrics_read_binn_object (void *binnobj, char *output) { + int len = 0; + int buflen = 1023; + int kernel_version = 0; @@ -9421,7 +9447,7 @@ diff -Nur openssh-9.6p1.orig/metrics.c openssh-9.6p1/metrics.c + kernel_version = binn_object_uint32(binnobj, "kernel_version"); + + /* base set of metrics */ -+ len = snprintf(*output, buflen, "%d, %d, %d, %d, %d, %d, %d, %d, %d, %d, %d, %d, %d, %d, %d, %d, %d, %d, %d, %d, %d, %d, %d, %d, %d, %d, %d, %d, %d, %d, %d, %d", ++ len = snprintf(output, buflen, "%d, %d, %d, %d, %d, %d, %d, %d, %d, %d, %d, %d, %d, %d, %d, %d, %d, %d, %d, %d, %d, %d, %d, %d, %d, %d, %d, %d, %d, %d, %d, %d", + binn_object_uint8(binnobj, "tcpi_state"), + binn_object_uint8(binnobj, "tcpi_ca_state"), + binn_object_uint8(binnobj, "tcpi_retransmits"), @@ -9462,28 +9488,28 @@ diff -Nur openssh-9.6p1.orig/metrics.c openssh-9.6p1/metrics.c + * the remote kernel version. Only necessary under linux*/ +#ifdef __linux__ + if (kernel_version >= KERNEL_VERSION(3,15,0)) { -+ len += snprintf(*output+len, (buflen-len), ", %llu, %llu", ++ len += snprintf(output+len, (buflen-len), ", %llu, %llu", + binn_object_uint64(binnobj, "tcpi_max_pacing_rate"), + binn_object_uint64(binnobj, "tcpi_pacing_rate") + ); + } + + if (kernel_version >= KERNEL_VERSION(4,1,0)) { -+ len += snprintf(*output+len, (buflen-len), ", %llu, %llu", ++ len += snprintf(output+len, (buflen-len), ", %llu, %llu", + binn_object_uint64(binnobj, "tcpi_bytes_acked"), + binn_object_uint64(binnobj, "tcpi_bytes_received") + ); + } + + if (kernel_version >= KERNEL_VERSION(4,2,0)) { -+ len += snprintf(*output+len, (buflen-len), ", %d, %d", ++ len += snprintf(output+len, (buflen-len), ", %d, %d", + binn_object_uint32(binnobj, "tcpi_segs_in"), + binn_object_uint32(binnobj, "tcpi_segs_out") + ); + } + + if (kernel_version >= KERNEL_VERSION(4,6,0)) { -+ len += snprintf(*output+len, (buflen-len), ", %d, %d, %d, %d", ++ len += snprintf(output+len, (buflen-len), ", %d, %d, %d, %d", + binn_object_uint32(binnobj, "tcpi_notsent_bytes"), + binn_object_uint32(binnobj, "tcpi_min_rtt"), + binn_object_uint32(binnobj, "tcpi_data_segs_in"), @@ -9492,14 +9518,14 @@ diff -Nur openssh-9.6p1.orig/metrics.c openssh-9.6p1/metrics.c + } + + if (kernel_version >= KERNEL_VERSION(4,9,0)) { -+ len += snprintf(*output+len, (buflen-len), ", %d, %llu", ++ len += snprintf(output+len, (buflen-len), ", %d, %llu", + binn_object_uint8(binnobj, "tcpi_delivery_rate_app_limited"), + binn_object_uint64(binnobj, "tcpi_delivery_rate") + ); + } + + if (kernel_version >= KERNEL_VERSION(4,10,0)) { -+ len += snprintf(*output+len, (buflen-len), ", %llu, %llu, %llu", ++ len += snprintf(output+len, (buflen-len), ", %llu, %llu, %llu", + binn_object_uint64(binnobj, "tcpi_busy_time"), + binn_object_uint64(binnobj, "tcpi_sndbuf_limited"), + binn_object_uint64(binnobj, "tcpi_rwnd_limited") @@ -9507,14 +9533,14 @@ diff -Nur openssh-9.6p1.orig/metrics.c openssh-9.6p1/metrics.c + } + + if (kernel_version >= KERNEL_VERSION(4,18,0)) { -+ len += snprintf(*output+len, (buflen-len), ", %d, %d", ++ len += snprintf(output+len, (buflen-len), ", %d, %d", + binn_object_uint32(binnobj, "tcpi_delivered"), + binn_object_uint32(binnobj, "tcpi_delivered_ce") + ); + } + + if (kernel_version >= KERNEL_VERSION(4,19,0)) { -+ len += snprintf(*output+len, (buflen-len), ", %llu, %llu, %d, %d", ++ len += snprintf(output+len, (buflen-len), ", %llu, %llu, %d, %d", + binn_object_uint64(binnobj, "tcpi_bytes_sent"), + binn_object_uint64(binnobj, "tcpi_bytes_retrans"), + binn_object_uint32(binnobj, "tcpi_dsack_dups"), @@ -9523,14 +9549,14 @@ diff -Nur openssh-9.6p1.orig/metrics.c openssh-9.6p1/metrics.c + } + + if (kernel_version >= KERNEL_VERSION(5,4,0)) { -+ len += snprintf(*output+len, (buflen-len), ", %d, %d", ++ len += snprintf(output+len, (buflen-len), ", %d, %d", + binn_object_uint32(binnobj, "tcpi_snd_wnd"), + binn_object_uint32(binnobj, "tcpi_rcv_ooopack") + ); + } + + if (kernel_version >= KERNEL_VERSION(5,5,0)) { -+ len += snprintf(*output+len, (buflen-len), ", %d", ++ len += snprintf(output+len, (buflen-len), ", %d", + binn_object_uint8(binnobj, "tcpi_fastopen_client_fail") + ); + } @@ -9599,9 +9625,9 @@ diff -Nur openssh-9.6p1.orig/metrics.c openssh-9.6p1/metrics.c +#endif /* ifdef __linux__ */ + fprintf(fptr, "\n\n"); +} -diff -Nur openssh-9.6p1.orig/metrics.h openssh-9.6p1/metrics.h ---- openssh-9.6p1.orig/metrics.h 1970-01-01 01:00:00.000000000 +0100 -+++ openssh-9.6p1/metrics.h 2024-07-10 13:34:02.721358597 +0200 +diff -Nur openssh-9.8p1.orig/metrics.h openssh-9.8p1/metrics.h +--- openssh-9.8p1.orig/metrics.h 1970-01-01 01:00:00.000000000 +0100 ++++ openssh-9.8p1/metrics.h 2024-09-30 16:03:39.159245285 +0200 @@ -0,0 +1,45 @@ +/* + * Copyright (c) 2022 The Board of Trustees of Carnegie Mellon University. @@ -9643,14 +9669,14 @@ diff -Nur openssh-9.6p1.orig/metrics.h openssh-9.6p1/metrics.h +#endif + +void metrics_write_binn_object(struct tcp_info *, struct binn_struct *); -+void metrics_read_binn_object(void *, char **); ++void metrics_read_binn_object(void *, char *); +void metrics_print_header(FILE *, char *, int); + + +#endif /* define metrics_h */ -diff -Nur openssh-9.6p1.orig/misc.c openssh-9.6p1/misc.c ---- openssh-9.6p1.orig/misc.c 2024-07-10 13:32:39.597111805 +0200 -+++ openssh-9.6p1/misc.c 2024-07-10 13:34:02.722358600 +0200 +diff -Nur openssh-9.8p1.orig/misc.c openssh-9.8p1/misc.c +--- openssh-9.8p1.orig/misc.c 2024-09-30 16:02:22.617024482 +0200 ++++ openssh-9.8p1/misc.c 2024-09-30 16:03:39.159245285 +0200 @@ -77,6 +77,29 @@ #include "ssherr.h" #include "platform.h" @@ -9681,7 +9707,7 @@ diff -Nur openssh-9.6p1.orig/misc.c openssh-9.6p1/misc.c /* remove newline at end of string */ char * chop(char *s) -@@ -1635,20 +1658,6 @@ +@@ -1649,20 +1672,6 @@ return (v); } @@ -9702,7 +9728,7 @@ diff -Nur openssh-9.6p1.orig/misc.c openssh-9.6p1/misc.c u_int16_t get_u16(const void *vp) { -@@ -1688,17 +1697,6 @@ +@@ -1702,17 +1711,6 @@ } void @@ -9720,10 +9746,10 @@ diff -Nur openssh-9.6p1.orig/misc.c openssh-9.6p1/misc.c put_u16(void *vp, u_int16_t v) { u_char *p = (u_char *)vp; -diff -Nur openssh-9.6p1.orig/misc.h openssh-9.6p1/misc.h ---- openssh-9.6p1.orig/misc.h 2024-07-10 13:32:39.598111808 +0200 -+++ openssh-9.6p1/misc.h 2024-07-10 13:34:02.722358600 +0200 -@@ -158,12 +158,6 @@ +diff -Nur openssh-9.8p1.orig/misc.h openssh-9.8p1/misc.h +--- openssh-9.8p1.orig/misc.h 2024-09-30 16:02:22.617024482 +0200 ++++ openssh-9.8p1/misc.h 2024-09-30 16:03:39.160245287 +0200 +@@ -166,12 +166,6 @@ void put_u16(void *, u_int16_t) __attribute__((__bounded__( __minbytes__, 1, 2))); @@ -9736,7 +9762,7 @@ diff -Nur openssh-9.6p1.orig/misc.h openssh-9.6p1/misc.h struct bwlimit { size_t buflen; u_int64_t rate; /* desired rate in kbit/s */ -@@ -248,4 +242,16 @@ +@@ -258,4 +252,16 @@ /* On OpenBSD time_t is int64_t which is long long. */ /* #define SSH_TIME_T_MAX LLONG_MAX */ @@ -9753,20 +9779,22 @@ diff -Nur openssh-9.6p1.orig/misc.h openssh-9.6p1/misc.h +void read_mem_stats(struct statm_t *, int); + #endif /* _MISC_H */ -diff -Nur openssh-9.6p1.orig/myproposal.h openssh-9.6p1/myproposal.h ---- openssh-9.6p1.orig/myproposal.h 2024-07-10 13:32:39.557111687 +0200 -+++ openssh-9.6p1/myproposal.h 2024-07-10 13:34:02.722358600 +0200 -@@ -69,6 +69,7 @@ +diff -Nur openssh-9.8p1.orig/myproposal.h openssh-9.8p1/myproposal.h +--- openssh-9.8p1.orig/myproposal.h 2024-09-30 16:02:22.575024361 +0200 ++++ openssh-9.8p1/myproposal.h 2024-09-30 16:03:39.161245290 +0200 +@@ -69,7 +69,8 @@ "rsa-sha2-256" #define KEX_SERVER_ENCRYPT \ +- "chacha20-poly1305@openssh.com," \ + "chacha20-poly1305-mt@hpnssh.org," \ - "chacha20-poly1305@openssh.com," \ ++ "chacha20-poly1305@openssh.com," \ "aes128-ctr,aes192-ctr,aes256-ctr," \ "aes128-gcm@openssh.com,aes256-gcm@openssh.com" -diff -Nur openssh-9.6p1.orig/num.c openssh-9.6p1/num.c ---- openssh-9.6p1.orig/num.c 1970-01-01 01:00:00.000000000 +0100 -+++ openssh-9.6p1/num.c 2024-07-10 13:34:02.722358600 +0200 + +diff -Nur openssh-9.8p1.orig/num.c openssh-9.8p1/num.c +--- openssh-9.8p1.orig/num.c 1970-01-01 01:00:00.000000000 +0100 ++++ openssh-9.8p1/num.c 2024-09-30 16:03:39.161245290 +0200 @@ -0,0 +1,156 @@ +/* CC0 license applied, see LICENCE.md */ + @@ -9924,9 +9952,9 @@ diff -Nur openssh-9.6p1.orig/num.c openssh-9.6p1/num.c +implement_provnum(size_t, OSSL_PARAM_UNSIGNED_INTEGER) + +#endif /* WITH_OPENSSL3 */ -diff -Nur openssh-9.6p1.orig/num.h openssh-9.6p1/num.h ---- openssh-9.6p1.orig/num.h 1970-01-01 01:00:00.000000000 +0100 -+++ openssh-9.6p1/num.h 2024-07-10 13:34:02.723358603 +0200 +diff -Nur openssh-9.8p1.orig/num.h openssh-9.8p1/num.h +--- openssh-9.8p1.orig/num.h 1970-01-01 01:00:00.000000000 +0100 ++++ openssh-9.8p1/num.h 2024-09-30 16:03:39.161245290 +0200 @@ -0,0 +1,15 @@ +/* CC0 license applied, see LICENCE.md */ + @@ -9943,9 +9971,9 @@ diff -Nur openssh-9.6p1.orig/num.h openssh-9.6p1/num.h +#define PROVNUM_E_TOOBIG -2 +#define PROVNUM_E_UNSUPPORTED -3 +#endif /* WITH_OPENSSL3 */ -diff -Nur openssh-9.6p1.orig/ossl3-provider-err.c openssh-9.6p1/ossl3-provider-err.c ---- openssh-9.6p1.orig/ossl3-provider-err.c 1970-01-01 01:00:00.000000000 +0100 -+++ openssh-9.6p1/ossl3-provider-err.c 2024-07-10 13:34:02.723358603 +0200 +diff -Nur openssh-9.8p1.orig/ossl3-provider-err.c openssh-9.8p1/ossl3-provider-err.c +--- openssh-9.8p1.orig/ossl3-provider-err.c 1970-01-01 01:00:00.000000000 +0100 ++++ openssh-9.8p1/ossl3-provider-err.c 2024-09-30 16:03:39.162245293 +0200 @@ -0,0 +1,108 @@ +/* CC0 license applied, see LICENCE.md */ + @@ -10055,9 +10083,9 @@ diff -Nur openssh-9.6p1.orig/ossl3-provider-err.c openssh-9.6p1/ossl3-provider-e +} + +#endif /* WITH_OPENSSL3 */ -diff -Nur openssh-9.6p1.orig/ossl3-provider-err.h openssh-9.6p1/ossl3-provider-err.h ---- openssh-9.6p1.orig/ossl3-provider-err.h 1970-01-01 01:00:00.000000000 +0100 -+++ openssh-9.6p1/ossl3-provider-err.h 2024-07-10 13:34:02.723358603 +0200 +diff -Nur openssh-9.8p1.orig/ossl3-provider-err.h openssh-9.8p1/ossl3-provider-err.h +--- openssh-9.8p1.orig/ossl3-provider-err.h 1970-01-01 01:00:00.000000000 +0100 ++++ openssh-9.8p1/ossl3-provider-err.h 2024-09-30 16:03:39.162245293 +0200 @@ -0,0 +1,73 @@ +/* CC0 license applied, see LICENCE.md */ + @@ -10132,9 +10160,9 @@ diff -Nur openssh-9.6p1.orig/ossl3-provider-err.h openssh-9.6p1/ossl3-provider-e +void proverr_set_error(const struct proverr_functions_st *handle, + uint32_t reason, const char *fmt, ...); +#endif /* WITH_OPENSSL3 */ -diff -Nur openssh-9.6p1.orig/packet.c openssh-9.6p1/packet.c ---- openssh-9.6p1.orig/packet.c 2024-07-10 13:32:39.545111651 +0200 -+++ openssh-9.6p1/packet.c 2024-07-10 15:20:04.337115780 +0200 +diff -Nur openssh-9.8p1.orig/packet.c openssh-9.8p1/packet.c +--- openssh-9.8p1.orig/packet.c 2024-09-30 16:02:22.560024318 +0200 ++++ openssh-9.8p1/packet.c 2024-09-30 16:03:39.163245296 +0200 @@ -63,6 +63,9 @@ #endif #include @@ -10167,16 +10195,20 @@ diff -Nur openssh-9.6p1.orig/packet.c openssh-9.6p1/packet.c struct packet_state { u_int32_t seqnr; -@@ -241,12 +257,19 @@ +@@ -241,12 +257,23 @@ (state->outgoing_packet = sshbuf_new()) == NULL || (state->incoming_packet = sshbuf_new()) == NULL) goto fail; + /* these buffers are important in terms of tracking buffer usage -+ * so we explicitly label them with descriptive names */ ++ * so we explicitly label and type them with descriptive names */ + sshbuf_relabel(state->input, "input"); ++ sshbuf_type(state->input, BUF_PACKET_INPUT); + sshbuf_relabel(state->incoming_packet, "inpacket"); ++ sshbuf_type(state->incoming_packet, BUF_PACKET_INCOMING); + sshbuf_relabel(state->output, "output"); ++ sshbuf_type(state->output, BUF_PACKET_OUTPUT); + sshbuf_relabel(state->outgoing_packet, "outpacket"); ++ sshbuf_type(state->outgoing_packet, BUF_PACKET_OUTGOING); + TAILQ_INIT(&state->outgoing); TAILQ_INIT(&ssh->private_keys); @@ -10188,7 +10220,7 @@ diff -Nur openssh-9.6p1.orig/packet.c openssh-9.6p1/packet.c state->packet_timeout_ms = -1; state->p_send.packets = state->p_read.packets = 0; state->initialized = 1; -@@ -294,7 +317,7 @@ +@@ -294,7 +321,7 @@ ssh_packet_set_connection(struct ssh *ssh, int fd_in, int fd_out) { struct session_state *state; @@ -10197,7 +10229,7 @@ diff -Nur openssh-9.6p1.orig/packet.c openssh-9.6p1/packet.c int r; if (none == NULL) { -@@ -311,9 +334,11 @@ +@@ -311,9 +338,11 @@ state->connection_in = fd_in; state->connection_out = fd_out; if ((r = cipher_init(&state->send_context, none, @@ -10211,7 +10243,7 @@ diff -Nur openssh-9.6p1.orig/packet.c openssh-9.6p1/packet.c error_fr(r, "cipher_init failed"); free(ssh); /* XXX need ssh_free_session_state? */ return NULL; -@@ -384,7 +409,7 @@ +@@ -384,7 +413,7 @@ if (state->packet_discard_mac) { char buf[1024]; @@ -10220,7 +10252,7 @@ diff -Nur openssh-9.6p1.orig/packet.c openssh-9.6p1/packet.c if (dlen > state->packet_discard_mac_already) dlen -= state->packet_discard_mac_already; -@@ -885,6 +910,7 @@ +@@ -977,6 +1006,7 @@ const char *wmsg; int r, crypt_type; const char *dir = mode == MODE_OUT ? "out" : "in"; @@ -10228,7 +10260,7 @@ diff -Nur openssh-9.6p1.orig/packet.c openssh-9.6p1/packet.c debug2_f("mode %d", mode); -@@ -923,12 +949,32 @@ +@@ -1015,12 +1045,32 @@ if ((r = mac_init(mac)) != 0) return r; } @@ -10263,7 +10295,7 @@ diff -Nur openssh-9.6p1.orig/packet.c openssh-9.6p1/packet.c return r; if (!state->cipher_warning_done && (wmsg = cipher_warning_message(*ccp)) != NULL) { -@@ -953,23 +999,45 @@ +@@ -1045,23 +1095,45 @@ } comp->enabled = 1; } @@ -10323,7 +10355,7 @@ diff -Nur openssh-9.6p1.orig/packet.c openssh-9.6p1/packet.c #define MAX_PACKETS (1U<<31) static int ssh_packet_need_rekeying(struct ssh *ssh, u_int outbound_packet_len) -@@ -996,6 +1064,14 @@ +@@ -1088,6 +1160,14 @@ if (state->p_send.packets == 0 && state->p_read.packets == 0) return 0; @@ -10338,7 +10370,18 @@ diff -Nur openssh-9.6p1.orig/packet.c openssh-9.6p1/packet.c /* Time-based rekeying */ if (state->rekey_interval != 0 && (int64_t)state->rekey_time + state->rekey_interval <= monotime()) -@@ -1354,7 +1430,7 @@ +@@ -1294,8 +1374,8 @@ + sshbuf_len(state->outgoing_packet) + authlen, &cp)) != 0) + goto out; + if ((r = cipher_crypt(state->send_context, state->p_send.seqnr, cp, +- sshbuf_ptr(state->outgoing_packet), +- len - aadlen, aadlen, authlen)) != 0) ++ sshbuf_ptr(state->outgoing_packet), len - aadlen, aadlen, authlen)) ++ != 0) + goto out; + /* append unencrypted MAC */ + if (mac && mac->enabled) { +@@ -1446,7 +1526,7 @@ struct session_state *state = ssh->state; int len, r, ms_remain = 0; struct pollfd pfd; @@ -10347,7 +10390,7 @@ diff -Nur openssh-9.6p1.orig/packet.c openssh-9.6p1/packet.c struct timeval start; struct timespec timespec, *timespecp = NULL; -@@ -1481,7 +1557,7 @@ +@@ -1573,7 +1653,7 @@ return 0; /* packet is incomplete */ state->packlen = PEEK_U32(cp); if (state->packlen < 4 + 1 || @@ -10356,7 +10399,7 @@ diff -Nur openssh-9.6p1.orig/packet.c openssh-9.6p1/packet.c return SSH_ERR_MESSAGE_INCOMPLETE; } need = state->packlen + 4; -@@ -1540,7 +1616,7 @@ +@@ -1632,7 +1712,7 @@ sshbuf_ptr(state->input), sshbuf_len(state->input)) != 0) return 0; if (state->packlen < 1 + 4 || @@ -10365,7 +10408,7 @@ diff -Nur openssh-9.6p1.orig/packet.c openssh-9.6p1/packet.c #ifdef PACKET_DEBUG sshbuf_dump(state->input, stderr); #endif -@@ -1567,7 +1643,7 @@ +@@ -1659,7 +1739,7 @@ goto out; state->packlen = PEEK_U32(sshbuf_ptr(state->incoming_packet)); if (state->packlen < 1 + 4 || @@ -10374,7 +10417,7 @@ diff -Nur openssh-9.6p1.orig/packet.c openssh-9.6p1/packet.c #ifdef PACKET_DEBUG fprintf(stderr, "input: \n"); sshbuf_dump(state->input, stderr); -@@ -1576,7 +1652,7 @@ +@@ -1668,7 +1748,7 @@ #endif logit("Bad packet length %u.", state->packlen); return ssh_packet_start_discard(ssh, enc, mac, 0, @@ -10383,7 +10426,7 @@ diff -Nur openssh-9.6p1.orig/packet.c openssh-9.6p1/packet.c } if ((r = sshbuf_consume(state->input, block_size)) != 0) goto out; -@@ -1599,7 +1675,7 @@ +@@ -1691,7 +1771,7 @@ logit("padding error: need %d block %d mod %d", need, block_size, need % block_size); return ssh_packet_start_discard(ssh, enc, mac, 0, @@ -10392,7 +10435,7 @@ diff -Nur openssh-9.6p1.orig/packet.c openssh-9.6p1/packet.c } /* * check if the entire packet has been received and -@@ -1643,11 +1719,11 @@ +@@ -1735,11 +1815,11 @@ if (r != SSH_ERR_MAC_INVALID) goto out; logit("Corrupted MAC on input."); @@ -10406,7 +10449,7 @@ diff -Nur openssh-9.6p1.orig/packet.c openssh-9.6p1/packet.c } /* Remove MAC from input buffer */ DBG(debug("MAC #%d ok", state->p_read.seqnr)); -@@ -1862,7 +1938,7 @@ +@@ -1954,7 +2034,7 @@ int r; size_t rlen; @@ -10415,7 +10458,7 @@ diff -Nur openssh-9.6p1.orig/packet.c openssh-9.6p1/packet.c return r; if (state->packet_discard) { -@@ -1941,17 +2017,21 @@ +@@ -2033,17 +2113,21 @@ switch (r) { case SSH_ERR_CONN_CLOSED: ssh_packet_clear_keys(ssh); @@ -10437,7 +10480,7 @@ diff -Nur openssh-9.6p1.orig/packet.c openssh-9.6p1/packet.c logdie("Connection reset by %s", remote_id); } /* FALLTHROUGH */ -@@ -1993,6 +2073,24 @@ +@@ -2085,6 +2169,24 @@ logdie_f("should have exited"); } @@ -10462,7 +10505,7 @@ diff -Nur openssh-9.6p1.orig/packet.c openssh-9.6p1/packet.c /* * Logs the error plus constructs and sends a disconnect packet, closes the * connection, and exits. This function never returns. The error message -@@ -2247,10 +2345,19 @@ +@@ -2339,10 +2441,19 @@ ssh->kex->server = 1; /* XXX unify? */ } @@ -10482,7 +10525,7 @@ diff -Nur openssh-9.6p1.orig/packet.c openssh-9.6p1/packet.c } void * -@@ -2868,3 +2975,17 @@ +@@ -2960,3 +3071,17 @@ ssh->state->extra_pad = pad; return 0; } @@ -10500,10 +10543,10 @@ diff -Nur openssh-9.6p1.orig/packet.c openssh-9.6p1/packet.c +{ + return ssh->state->receive_context; +} -diff -Nur openssh-9.6p1.orig/packet.h openssh-9.6p1/packet.h ---- openssh-9.6p1.orig/packet.h 2024-07-10 13:32:39.546111654 +0200 -+++ openssh-9.6p1/packet.h 2024-07-10 13:34:02.724358606 +0200 -@@ -86,6 +86,20 @@ +diff -Nur openssh-9.8p1.orig/packet.h openssh-9.8p1/packet.h +--- openssh-9.8p1.orig/packet.h 2024-09-30 16:02:22.560024318 +0200 ++++ openssh-9.8p1/packet.h 2024-09-30 16:03:39.163245296 +0200 +@@ -86,6 +86,17 @@ /* APP data */ void *app_data; @@ -10518,13 +10561,10 @@ diff -Nur openssh-9.6p1.orig/packet.h openssh-9.6p1/packet.h + + /* track if we have disabled the mac as well */ + int none_mac; -+ -+ /* use the less agressive window growth option */ -+ int hpn_buffer_limit; }; typedef int (ssh_packet_hook_fn)(struct ssh *, struct sshbuf *, -@@ -158,6 +172,8 @@ +@@ -156,6 +167,8 @@ int ssh_packet_set_maxsize(struct ssh *, u_int); u_int ssh_packet_get_maxsize(struct ssh *); @@ -10533,7 +10573,7 @@ diff -Nur openssh-9.6p1.orig/packet.h openssh-9.6p1/packet.h int ssh_packet_get_state(struct ssh *, struct sshbuf *); int ssh_packet_set_state(struct ssh *, struct sshbuf *); -@@ -172,6 +188,13 @@ +@@ -171,6 +184,13 @@ void *ssh_packet_get_input(struct ssh *); void *ssh_packet_get_output(struct ssh *); @@ -10547,9 +10587,9 @@ diff -Nur openssh-9.6p1.orig/packet.h openssh-9.6p1/packet.h /* new API */ int sshpkt_start(struct ssh *ssh, u_char type); -diff -Nur openssh-9.6p1.orig/poly1305.c openssh-9.6p1/poly1305.c ---- openssh-9.6p1.orig/poly1305.c 2023-12-18 15:59:50.000000000 +0100 -+++ openssh-9.6p1/poly1305.c 2024-07-10 13:34:02.724358606 +0200 +diff -Nur openssh-9.8p1.orig/poly1305.c openssh-9.8p1/poly1305.c +--- openssh-9.8p1.orig/poly1305.c 2024-07-01 06:36:28.000000000 +0200 ++++ openssh-9.8p1/poly1305.c 2024-09-30 16:03:39.164245299 +0200 @@ -13,6 +13,16 @@ #include "poly1305.h" @@ -10581,9 +10621,9 @@ diff -Nur openssh-9.6p1.orig/poly1305.c openssh-9.6p1/poly1305.c U32TO8_LE(&out[12], f3); } +#endif /* OPENSSL_HAVE_POLY_EVP */ -diff -Nur openssh-9.6p1.orig/poly1305.h openssh-9.6p1/poly1305.h ---- openssh-9.6p1.orig/poly1305.h 2023-12-18 15:59:50.000000000 +0100 -+++ openssh-9.6p1/poly1305.h 2024-07-10 13:34:02.724358606 +0200 +diff -Nur openssh-9.8p1.orig/poly1305.h openssh-9.8p1/poly1305.h +--- openssh-9.8p1.orig/poly1305.h 2024-07-01 06:36:28.000000000 +0200 ++++ openssh-9.8p1/poly1305.h 2024-09-30 16:03:39.164245299 +0200 @@ -13,8 +13,15 @@ #define POLY1305_KEYLEN 32 #define POLY1305_TAGLEN 16 @@ -10601,9 +10641,9 @@ diff -Nur openssh-9.6p1.orig/poly1305.h openssh-9.6p1/poly1305.h __attribute__((__bounded__(__minbytes__, 1, POLY1305_TAGLEN))) __attribute__((__bounded__(__buffer__, 2, 3))) __attribute__((__bounded__(__minbytes__, 4, POLY1305_KEYLEN))); -diff -Nur openssh-9.6p1.orig/progressmeter.c openssh-9.6p1/progressmeter.c ---- openssh-9.6p1.orig/progressmeter.c 2023-12-18 15:59:50.000000000 +0100 -+++ openssh-9.6p1/progressmeter.c 2024-07-10 13:34:02.725358609 +0200 +diff -Nur openssh-9.8p1.orig/progressmeter.c openssh-9.8p1/progressmeter.c +--- openssh-9.8p1.orig/progressmeter.c 2024-07-01 06:36:28.000000000 +0200 ++++ openssh-9.8p1/progressmeter.c 2024-09-30 16:03:39.165245302 +0200 @@ -66,6 +66,8 @@ static off_t start_pos; /* initial position of transfer */ static off_t end_pos; /* ending position of transfer */ @@ -10662,9 +10702,9 @@ diff -Nur openssh-9.6p1.orig/progressmeter.c openssh-9.6p1/progressmeter.c } static void -diff -Nur openssh-9.6p1.orig/readconf.c openssh-9.6p1/readconf.c ---- openssh-9.6p1.orig/readconf.c 2024-07-10 13:32:39.600111814 +0200 -+++ openssh-9.6p1/readconf.c 2024-07-10 13:34:02.725358609 +0200 +diff -Nur openssh-9.8p1.orig/readconf.c openssh-9.8p1/readconf.c +--- openssh-9.8p1.orig/readconf.c 2024-09-30 16:02:22.619024488 +0200 ++++ openssh-9.8p1/readconf.c 2024-09-30 16:35:58.686841931 +0200 @@ -72,6 +72,7 @@ #include "myproposal.h" #include "digest.h" @@ -10673,24 +10713,25 @@ diff -Nur openssh-9.6p1.orig/readconf.c openssh-9.6p1/readconf.c /* Format of the configuration file: -@@ -173,6 +174,9 @@ +@@ -173,6 +174,10 @@ oHashKnownHosts, oTunnel, oTunnelDevice, oLocalCommand, oPermitLocalCommand, oRemoteCommand, + oTcpRcvBufPoll, oHPNDisabled, -+ oNoneEnabled, oNoneMacEnabled, oNoneSwitch, oHPNBufferLimit, ++ oNoneEnabled, oNoneMacEnabled, oNoneSwitch, ++ oDisableMTAES, + oMetrics, oMetricsPath, oMetricsInterval, oFallback, oFallbackPort, oVisualHostKey, oKexAlgorithms, oIPQoS, oRequestTTY, oSessionType, oStdinNull, oForkAfterAuthentication, oIgnoreUnknown, oProxyUseFdpass, -@@ -319,6 +323,15 @@ +@@ -319,6 +324,15 @@ { "kexalgorithms", oKexAlgorithms }, { "ipqos", oIPQoS }, { "requesttty", oRequestTTY }, + { "noneenabled", oNoneEnabled }, + { "nonemacenabled", oNoneMacEnabled }, + { "noneswitch", oNoneSwitch }, -+ { "hpnbufferlimit", oHPNBufferLimit }, ++ { "disablemtaes", oDisableMTAES }, + { "metrics", oMetrics }, + { "metricspath", oMetricsPath }, + { "metricsinterval", oMetricsInterval }, @@ -10699,7 +10740,7 @@ diff -Nur openssh-9.6p1.orig/readconf.c openssh-9.6p1/readconf.c { "sessiontype", oSessionType }, { "stdinnull", oStdinNull }, { "forkafterauthentication", oForkAfterAuthentication }, -@@ -341,6 +354,8 @@ +@@ -341,6 +355,8 @@ { "proxyjump", oProxyJump }, { "securitykeyprovider", oSecurityKeyProvider }, { "knownhostscommand", oKnownHostsCommand }, @@ -10708,7 +10749,7 @@ diff -Nur openssh-9.6p1.orig/readconf.c openssh-9.6p1/readconf.c { "requiredrsasize", oRequiredRSASize }, { "rsaminsize", oRequiredRSASize }, /* alias */ { "enableescapecommandline", oEnableEscapeCommandline }, -@@ -539,7 +554,7 @@ +@@ -539,7 +555,7 @@ if (port == 0) { sp = getservbyname(SSH_SERVICE_NAME, "tcp"); @@ -10717,7 +10758,7 @@ diff -Nur openssh-9.6p1.orig/readconf.c openssh-9.6p1/readconf.c } return port; } -@@ -1271,6 +1286,63 @@ +@@ -1288,6 +1304,63 @@ intptr = &options->check_host_ip; goto parse_flag; @@ -10737,8 +10778,8 @@ diff -Nur openssh-9.6p1.orig/readconf.c openssh-9.6p1/readconf.c + intptr = &options->nonemac_enabled; + goto parse_flag; + -+ case oHPNBufferLimit: -+ intptr = &options->hpn_buffer_limit; ++ case oDisableMTAES: ++ intptr = &options->disable_multithreaded; + goto parse_flag; + + case oMetrics: @@ -10781,32 +10822,30 @@ diff -Nur openssh-9.6p1.orig/readconf.c openssh-9.6p1/readconf.c case oVerifyHostKeyDNS: intptr = &options->verify_host_key_dns; multistate_ptr = multistate_yesnoask; -@@ -2641,6 +2713,17 @@ +@@ -2678,6 +2751,17 @@ options->ip_qos_interactive = -1; options->ip_qos_bulk = -1; options->request_tty = -1; + options->none_switch = -1; + options->none_enabled = -1; + options->nonemac_enabled = -1; ++ options->disable_multithreaded = -1; + options->metrics = -1; + options->metrics_path = NULL; + options->metrics_interval = -1; + options->hpn_disabled = -1; -+ options->hpn_buffer_limit = -1; + options->fallback = -1; + options->fallback_port = -1; + options->tcp_rcv_buf_poll = -1; options->session_type = -1; options->stdin_null = -1; options->fork_after_authentication = -1; -@@ -2822,8 +2905,37 @@ +@@ -2861,8 +2945,37 @@ options->server_alive_interval = 0; if (options->server_alive_count_max == -1) options->server_alive_count_max = 3; + if (options->hpn_disabled == -1) + options->hpn_disabled = 0; -+ if (options->hpn_buffer_limit == -1) -+ options->hpn_buffer_limit = 0; + if (options->tcp_rcv_buf_poll == -1) + options->tcp_rcv_buf_poll = 1; + if (options->none_switch == -1) @@ -10824,6 +10863,8 @@ diff -Nur openssh-9.6p1.orig/readconf.c openssh-9.6p1/readconf.c + fprintf(stderr, "None MAC can only be used with the None cipher. None MAC disabled.\n"); + options->nonemac_enabled = 0; + } ++ if (options->disable_multithreaded == -1) ++ options->disable_multithreaded = 0; + if (options->metrics == -1) + options->metrics = 0; + if (options->metrics_interval == -1) @@ -10837,20 +10878,19 @@ diff -Nur openssh-9.6p1.orig/readconf.c openssh-9.6p1/readconf.c if (options->control_persist == -1) { options->control_persist = 0; options->control_persist_timeout = 0; -diff -Nur openssh-9.6p1.orig/readconf.h openssh-9.6p1/readconf.h ---- openssh-9.6p1.orig/readconf.h 2024-07-10 13:32:39.600111814 +0200 -+++ openssh-9.6p1/readconf.h 2024-07-10 13:34:02.726358612 +0200 -@@ -56,6 +56,9 @@ +diff -Nur openssh-9.8p1.orig/readconf.h openssh-9.8p1/readconf.h +--- openssh-9.8p1.orig/readconf.h 2024-09-30 16:02:22.619024488 +0200 ++++ openssh-9.8p1/readconf.h 2024-10-01 10:20:11.459528169 +0200 +@@ -56,6 +56,8 @@ int strict_host_key_checking; /* Strict host key checking. */ int compression; /* Compress packets in both directions. */ int tcp_keep_alive; /* Set SO_KEEPALIVE. */ + int tcp_rcv_buf_poll; /* Option to poll recv buf every window transfer */ + int hpn_disabled; /* Switch to disable HPN buffer management */ -+ int hpn_buffer_limit; /* limit local_window_max to 1/2 receive buffer */ int ip_qos_interactive; /* IP ToS/DSCP/class for interactive */ int ip_qos_bulk; /* IP ToS/DSCP/class for bulk traffic */ SyslogFacility log_facility; /* Facility for system logging. */ -@@ -129,6 +132,16 @@ +@@ -129,6 +131,17 @@ int enable_ssh_keysign; int64_t rekey_limit; int rekey_interval; @@ -10858,6 +10898,7 @@ diff -Nur openssh-9.6p1.orig/readconf.h openssh-9.6p1/readconf.h + int none_switch; /* Use none cipher */ + int none_enabled; /* Allow none to be used */ + int nonemac_enabled; /* Allow none to be used */ ++ int disable_multithreaded; /* Disable multithreaded aes-ctr */ + int metrics; /* enable metrics */ + int metrics_interval; /* time in seconds between polls */ + char *metrics_path; /* path for the metrics files */ @@ -10867,9 +10908,9 @@ diff -Nur openssh-9.6p1.orig/readconf.h openssh-9.6p1/readconf.h int no_host_authentication_for_localhost; int identities_only; int server_alive_interval; -diff -Nur openssh-9.6p1.orig/README.md openssh-9.6p1/README.md ---- openssh-9.6p1.orig/README.md 2023-12-18 15:59:50.000000000 +0100 -+++ openssh-9.6p1/README.md 2024-07-10 13:34:02.726358612 +0200 +diff -Nur openssh-9.8p1.orig/README.md openssh-9.8p1/README.md +--- openssh-9.8p1.orig/README.md 2024-07-01 06:36:28.000000000 +0200 ++++ openssh-9.8p1/README.md 2024-09-30 16:03:39.167245307 +0200 @@ -1,12 +1,16 @@ -# Portable OpenSSH +# HPNSSH: Based on Portable OpenSSH @@ -10941,9 +10982,9 @@ diff -Nur openssh-9.6p1.orig/README.md openssh-9.6p1/README.md ## Development -diff -Nur openssh-9.6p1.orig/sandbox-seccomp-filter.c openssh-9.6p1/sandbox-seccomp-filter.c ---- openssh-9.6p1.orig/sandbox-seccomp-filter.c 2024-07-10 13:32:39.558111689 +0200 -+++ openssh-9.6p1/sandbox-seccomp-filter.c 2024-07-10 13:34:02.726358612 +0200 +diff -Nur openssh-9.8p1.orig/sandbox-seccomp-filter.c openssh-9.8p1/sandbox-seccomp-filter.c +--- openssh-9.8p1.orig/sandbox-seccomp-filter.c 2024-09-30 16:02:22.576024364 +0200 ++++ openssh-9.8p1/sandbox-seccomp-filter.c 2024-09-30 16:03:39.168245311 +0200 @@ -295,6 +295,9 @@ #ifdef __NR_geteuid32 SC_ALLOW(__NR_geteuid32), @@ -10964,9 +11005,9 @@ diff -Nur openssh-9.6p1.orig/sandbox-seccomp-filter.c openssh-9.6p1/sandbox-secc #ifdef __NR_time SC_ALLOW(__NR_time), #endif -diff -Nur openssh-9.6p1.orig/scp.1 openssh-9.6p1/scp.1 ---- openssh-9.6p1.orig/scp.1 2024-07-10 13:32:39.528111600 +0200 -+++ openssh-9.6p1/scp.1 2024-07-10 14:33:54.369943270 +0200 +diff -Nur openssh-9.8p1.orig/scp.1 openssh-9.8p1/scp.1 +--- openssh-9.8p1.orig/scp.1 2024-09-30 16:02:22.541024263 +0200 ++++ openssh-9.8p1/scp.1 2024-10-01 13:10:54.653458405 +0200 @@ -18,7 +18,7 @@ .Nd OpenSSH secure file copy .Sh SYNOPSIS @@ -10976,18 +11017,31 @@ diff -Nur openssh-9.6p1.orig/scp.1 openssh-9.6p1/scp.1 .Op Fl c Ar cipher .Op Fl D Ar sftp_server_path .Op Fl F Ar ssh_config -@@ -252,6 +252,10 @@ +@@ -252,6 +252,9 @@ Note that .Nm follows symbolic links encountered in the tree traversal. +.It Fl Z +Resume failed or interrupted transfer. Identical files will be skipped. Remote must have resume option. -+.Nm -+only option. ++HPN-SSH only option. .It Fl S Ar program Name of .Ar program -@@ -285,10 +289,13 @@ +@@ -259,6 +262,13 @@ + The program must understand + .Xr ssh 1 + options. ++.It Fl z Ar program ++Path to hpnscp on remote system. Useful if remote has multiple scp installs. ++For example, using the resume option but the default remote scp does not have the resume option. ++Use -z to point the version that does - e.g. -z /opt/hpnssh/bin/hpnscp. ++HPN-SSH only option. ++.It Fl s ++Use the SFTP protocol for transfers rather than the original scp protocol. + .It Fl T + Disable strict filename checking. + By default when copying files from a remote host to a local directory +@@ -285,10 +295,13 @@ .It Cm nrequests Ns = Ns Ar value Controls how many concurrent SFTP read or write requests may be in progress at any point in time during a download or upload. @@ -11002,7 +11056,7 @@ diff -Nur openssh-9.6p1.orig/scp.1 openssh-9.6p1/scp.1 By default a 32KB buffer is used. .El .El -@@ -322,6 +329,7 @@ +@@ -322,6 +335,7 @@ .Sh AUTHORS .An Timo Rinne Aq Mt tri@iki.fi .An Tatu Ylonen Aq Mt ylo@cs.hut.fi @@ -11010,9 +11064,9 @@ diff -Nur openssh-9.6p1.orig/scp.1 openssh-9.6p1/scp.1 .Sh CAVEATS The legacy SCP protocol (selected by the .Fl O -diff -Nur openssh-9.6p1.orig/scp.c openssh-9.6p1/scp.c ---- openssh-9.6p1.orig/scp.c 2024-07-10 13:32:39.530111606 +0200 -+++ openssh-9.6p1/scp.c 2024-07-10 14:15:34.032723487 +0200 +diff -Nur openssh-9.8p1.orig/scp.c openssh-9.8p1/scp.c +--- openssh-9.8p1.orig/scp.c 2024-09-30 16:02:22.544024272 +0200 ++++ openssh-9.8p1/scp.c 2024-09-30 16:03:39.170245316 +0200 @@ -17,6 +17,7 @@ /* * Copyright (c) 1999 Theo de Raadt. All rights reserved. @@ -11063,7 +11117,7 @@ diff -Nur openssh-9.6p1.orig/scp.c openssh-9.6p1/scp.c static void killchild(int signo) { -@@ -234,6 +256,9 @@ +@@ -236,6 +258,9 @@ int status; pid_t pid; @@ -11073,7 +11127,7 @@ diff -Nur openssh-9.6p1.orig/scp.c openssh-9.6p1/scp.c if (a->num == 0) fatal("do_local_cmd: no arguments"); -@@ -460,6 +485,8 @@ +@@ -462,6 +487,8 @@ void tolocal(int, char *[], enum scp_mode_e, char *sftp_direct); void toremote(int, char *[], enum scp_mode_e, char *sftp_direct); void usage(void); @@ -11082,7 +11136,7 @@ diff -Nur openssh-9.6p1.orig/scp.c openssh-9.6p1/scp.c void source_sftp(int, char *, char *, struct sftp_conn *); void sink_sftp(int, char *, const char *, struct sftp_conn *); -@@ -478,11 +505,18 @@ +@@ -480,11 +507,18 @@ char *sftp_direct = NULL; long long llv; @@ -11101,7 +11155,7 @@ diff -Nur openssh-9.6p1.orig/scp.c openssh-9.6p1/scp.c /* Copy argv, because we modify it */ argv0 = argv[0]; newargv = xcalloc(MAXIMUM(argc + 1, 1), sizeof(*newargv)); -@@ -506,7 +540,7 @@ +@@ -508,7 +542,7 @@ fflag = Tflag = tflag = 0; while ((ch = getopt(argc, argv, @@ -11110,7 +11164,7 @@ diff -Nur openssh-9.6p1.orig/scp.c openssh-9.6p1/scp.c switch (ch) { /* User-visible flags. */ case '1': -@@ -587,24 +621,36 @@ +@@ -589,31 +623,43 @@ addargs(&remote_remote_args, "-q"); showprogress = 0; break; @@ -11124,35 +11178,59 @@ diff -Nur openssh-9.6p1.orig/scp.c openssh-9.6p1/scp.c case 'X': /* Please keep in sync with sftp.c -X */ if (strncmp(optarg, "buffer=", 7) == 0) { - r = scan_scaled(optarg + 7, &llv); +- r = scan_scaled(optarg + 7, &llv); - if (r == 0 && (llv <= 0 || llv > 256 * 1024)) { -+ /* don't ask for a buffer larger than the maximum -+ * size that SFTP can handle */ -+ if (r == 0 && (llv <= 0 || llv > (SFTP_MAX_MSG_LENGTH - 1024))) { - r = -1; - errno = EINVAL; - } - if (r == -1) { +- r = -1; +- errno = EINVAL; +- } +- if (r == -1) { - fatal("Invalid buffer size \"%s\": %s", - optarg + 7, strerror(errno)); -+ fatal("Invalid buffer size. Must be between 1B and 255KB." -+ "\"%s\": %s", optarg + 7, strerror(errno)); - } - sftp_copy_buflen = (size_t)llv; - } else if (strncmp(optarg, "nrequests=", 10) == 0) { +- } +- sftp_copy_buflen = (size_t)llv; +- } else if (strncmp(optarg, "nrequests=", 10) == 0) { - llv = strtonum(optarg + 10, 1, 256 * 1024, -+ /* more than 10k to 15k requests starts stalling the connection -+ * 8192 * default buffer size is 256MB of outstanding data. -+ * if users need more then they need to up the buffer size */ -+ llv = strtonum(optarg + 10, 1, 8 * 1024, - &errstr); - if (errstr != NULL) { +- &errstr); +- if (errstr != NULL) { - fatal("Invalid number of requests " -+ fatal("Invalid number of requests. Must be between 1 and 8192. " - "\"%s\": %s", optarg + 10, errstr); - } - sftp_nrequests = (size_t)llv; -@@ -692,11 +738,20 @@ +- "\"%s\": %s", optarg + 10, errstr); +- } +- sftp_nrequests = (size_t)llv; +- } else { +- fatal("Invalid -X option"); +- } +- break; ++ r = scan_scaled(optarg + 7, &llv); ++ /* don't ask for a buffer larger than the maximum ++ * size that SFTP can handle */ ++ if (r == 0 && (llv <= 0 || llv > (SFTP_MAX_MSG_LENGTH - 1024))) { ++ r = -1; ++ errno = EINVAL; ++ } ++ if (r == -1) { ++ fatal("Invalid buffer size. Must be between 1B and 255KB." ++ "\"%s\": %s", optarg + 7, strerror(errno)); ++ } ++ sftp_copy_buflen = (size_t)llv; ++ } else if (strncmp(optarg, "nrequests=", 10) == 0) { ++ /* more than 10k to 15k requests starts stalling the connection ++ * 8192 * default buffer size is 256MB of outstanding data. ++ * if users need more then they need to up the buffer size */ ++ llv = strtonum(optarg + 10, 1, 8 * 1024, ++ &errstr); ++ if (errstr != NULL) { ++ fatal("Invalid number of requests. Must be between 1 and 8192. " ++ "\"%s\": %s", optarg + 10, errstr); ++ } ++ sftp_nrequests = (size_t)llv; ++ } else { ++ fatal("Invalid -X option"); ++ } ++ break; + + /* Server options. */ + case 'd': +@@ -694,11 +740,20 @@ remin = remout = -1; do_cmd_pid = -1; /* Command to be executed on remote system using "ssh". */ @@ -11178,7 +11256,7 @@ diff -Nur openssh-9.6p1.orig/scp.c openssh-9.6p1/scp.c (void) ssh_signal(SIGPIPE, lostconn); if (colon(argv[argc - 1])) /* Dest is remote host. */ -@@ -1321,6 +1376,74 @@ +@@ -1323,6 +1378,74 @@ free(src); } @@ -11253,7 +11331,7 @@ diff -Nur openssh-9.6p1.orig/scp.c openssh-9.6p1/scp.c /* Prepare remote path, handling ~ by assuming cwd is the homedir */ static char * prepare_remote_path(struct sftp_conn *conn, const char *path) -@@ -1404,14 +1527,23 @@ +@@ -1406,14 +1529,23 @@ struct stat stb; static BUF buffer; BUF *bp; @@ -11279,7 +11357,7 @@ diff -Nur openssh-9.6p1.orig/scp.c openssh-9.6p1/scp.c statbytes = 0; len = strlen(name); while (len > 1 && name[len-1] == '/') -@@ -1433,6 +1565,14 @@ +@@ -1435,6 +1567,14 @@ unset_nonblock(fd); switch (stb.st_mode & S_IFMT) { case S_IFREG: @@ -11294,7 +11372,7 @@ diff -Nur openssh-9.6p1.orig/scp.c openssh-9.6p1/scp.c break; case S_IFDIR: if (iamrecursive) { -@@ -1454,14 +1594,133 @@ +@@ -1456,14 +1596,133 @@ goto next; } #define FILEMODEMASK (S_ISUID|S_ISGID|S_IRWXU|S_IRWXG|S_IRWXO) @@ -11434,7 +11512,7 @@ diff -Nur openssh-9.6p1.orig/scp.c openssh-9.6p1/scp.c if ((bp = allocbuf(&buffer, fd, COPY_BUFLEN)) == NULL) { next: if (fd != -1) { (void) close(fd); -@@ -1469,13 +1728,17 @@ +@@ -1471,13 +1730,17 @@ } continue; } @@ -11456,7 +11534,12 @@ diff -Nur openssh-9.6p1.orig/scp.c openssh-9.6p1/scp.c if (!haderr) { if ((nr = atomicio(read, fd, bp->buf, amt)) != amt) { -@@ -1672,24 +1935,36 @@ +@@ -1670,28 +1933,41 @@ + (sizeof(type) == 8 && (val) > INT64_MAX) || \ + (sizeof(type) != 4 && sizeof(type) != 8)) + ++ + void sink(int argc, char **argv, const char *src) { static BUF buffer; @@ -11496,7 +11579,7 @@ diff -Nur openssh-9.6p1.orig/scp.c openssh-9.6p1/scp.c if (TYPE_OVERFLOW(time_t, 0) || TYPE_OVERFLOW(off_t, 0)) SCREWUP("Unexpected off_t/time_t size"); -@@ -1705,9 +1980,16 @@ +@@ -1707,9 +1983,16 @@ if (targetshouldbedirectory) verifydir(targ); @@ -11513,7 +11596,7 @@ diff -Nur openssh-9.6p1.orig/scp.c openssh-9.6p1/scp.c if (src != NULL && !iamrecursive && !Tflag) { /* * Prepare to try to restrict incoming filenames to match -@@ -1716,7 +1998,12 @@ +@@ -1718,7 +2001,12 @@ if (brace_expand(src, &patterns, &npatterns) != 0) fatal_f("could not expand pattern"); } @@ -11526,7 +11609,7 @@ diff -Nur openssh-9.6p1.orig/scp.c openssh-9.6p1/scp.c cp = buf; if (atomicio(read, remin, cp, 1) != 1) goto done; -@@ -1744,6 +2031,9 @@ +@@ -1746,6 +2034,9 @@ continue; } if (buf[0] == 'E') { @@ -11536,7 +11619,7 @@ diff -Nur openssh-9.6p1.orig/scp.c openssh-9.6p1/scp.c (void) atomicio(vwrite, remout, "", 1); goto done; } -@@ -1751,6 +2041,9 @@ +@@ -1753,6 +2044,9 @@ *--cp = 0; cp = buf; @@ -11546,7 +11629,7 @@ diff -Nur openssh-9.6p1.orig/scp.c openssh-9.6p1/scp.c if (*cp == 'T') { setimes++; cp++; -@@ -1778,9 +2071,19 @@ +@@ -1780,9 +2074,19 @@ if (!cp || *cp++ != '\0' || atime.tv_usec < 0 || atime.tv_usec > 999999) SCREWUP("atime.usec not delimited"); @@ -11566,7 +11649,7 @@ diff -Nur openssh-9.6p1.orig/scp.c openssh-9.6p1/scp.c if (*cp != 'C' && *cp != 'D') { /* * Check for the case "rcp remote:foo\* local:bar". -@@ -1796,6 +2099,18 @@ +@@ -1798,6 +2102,18 @@ SCREWUP("expected control record"); } mode = 0; @@ -11585,7 +11668,7 @@ diff -Nur openssh-9.6p1.orig/scp.c openssh-9.6p1/scp.c for (++cp; cp < buf + 5; cp++) { if (*cp < '0' || *cp > '7') SCREWUP("bad mode"); -@@ -1806,6 +2121,10 @@ +@@ -1808,6 +2124,10 @@ if (*cp++ != ' ') SCREWUP("mode not delimited"); @@ -11596,7 +11679,7 @@ diff -Nur openssh-9.6p1.orig/scp.c openssh-9.6p1/scp.c if (!isdigit((unsigned char)*cp)) SCREWUP("size not present"); ull = strtoull(cp, &cp, 10); -@@ -1815,11 +2134,32 @@ +@@ -1817,11 +2137,32 @@ SCREWUP("size out of range"); size = (off_t)ull; @@ -11629,7 +11712,7 @@ diff -Nur openssh-9.6p1.orig/scp.c openssh-9.6p1/scp.c if (npatterns > 0) { for (n = 0; n < npatterns; n++) { if (strcmp(patterns[n], cp) == 0 || -@@ -1889,11 +2229,195 @@ +@@ -1891,11 +2232,195 @@ } omode = mode; mode |= S_IWUSR; @@ -11826,7 +11909,7 @@ diff -Nur openssh-9.6p1.orig/scp.c openssh-9.6p1/scp.c if ((bp = allocbuf(&buffer, ofd, COPY_BUFLEN)) == NULL) { (void) close(ofd); continue; -@@ -1908,13 +2432,17 @@ +@@ -1910,13 +2435,17 @@ */ statbytes = 0; if (showprogress) @@ -11848,7 +11931,7 @@ diff -Nur openssh-9.6p1.orig/scp.c openssh-9.6p1/scp.c do { j = atomicio6(read, remin, cp, amt, scpio, &statbytes); -@@ -1949,8 +2477,78 @@ +@@ -1951,8 +2480,78 @@ wrerr = 1; } if (!wrerr && (!exists || S_ISREG(stb.st_mode)) && @@ -11928,7 +12011,7 @@ diff -Nur openssh-9.6p1.orig/scp.c openssh-9.6p1/scp.c if (pflag) { if (exists || omode != mode) #ifdef HAVE_FCHMOD -@@ -1985,8 +2583,17 @@ +@@ -1987,8 +2586,17 @@ } } /* If no error was noted then signal success for this file */ @@ -11947,7 +12030,7 @@ diff -Nur openssh-9.6p1.orig/scp.c openssh-9.6p1/scp.c } done: for (n = 0; n < npatterns; n++) -@@ -2130,11 +2737,19 @@ +@@ -2132,11 +2740,20 @@ void usage(void) { @@ -11964,10 +12047,11 @@ diff -Nur openssh-9.6p1.orig/scp.c openssh-9.6p1/scp.c " [-P port] [-S program] [-X sftp_option] source ... target\n"); exit(1); +#endif ++ } void -@@ -2273,6 +2888,18 @@ +@@ -2275,6 +2892,18 @@ exit(1); } @@ -11986,10 +12070,10 @@ diff -Nur openssh-9.6p1.orig/scp.c openssh-9.6p1/scp.c void cleanup_exit(int i) { -diff -Nur openssh-9.6p1.orig/servconf.c openssh-9.6p1/servconf.c ---- openssh-9.6p1.orig/servconf.c 2024-07-10 13:32:39.601111817 +0200 -+++ openssh-9.6p1/servconf.c 2024-07-10 14:16:52.654947762 +0200 -@@ -199,6 +199,11 @@ +diff -Nur openssh-9.8p1.orig/servconf.c openssh-9.8p1/servconf.c +--- openssh-9.8p1.orig/servconf.c 2024-09-30 16:02:22.620024491 +0200 ++++ openssh-9.8p1/servconf.c 2024-10-01 09:37:00.637000944 +0200 +@@ -214,6 +214,11 @@ options->authorized_principals_file = NULL; options->authorized_principals_command = NULL; options->authorized_principals_command_user = NULL; @@ -11997,11 +12081,11 @@ diff -Nur openssh-9.6p1.orig/servconf.c openssh-9.6p1/servconf.c + options->hpn_disabled = -1; + options->none_enabled = -1; + options->nonemac_enabled = -1; -+ options->hpn_buffer_limit = -1; ++ options->disable_multithreaded = -1; options->ip_qos_interactive = -1; options->ip_qos_bulk = -1; options->version_addendum = NULL; -@@ -464,6 +469,18 @@ +@@ -504,6 +509,18 @@ } if (options->permit_tun == -1) options->permit_tun = SSH_TUNMODE_NO; @@ -12013,23 +12097,23 @@ diff -Nur openssh-9.6p1.orig/servconf.c openssh-9.6p1/servconf.c + debug ("Attempted to enabled None MAC without setting None Enabled to true. None MAC disabled."); + options->nonemac_enabled = 0; + } ++ if (options->disable_multithreaded == -1) ++ options->disable_multithreaded = 0; + if (options->hpn_disabled == -1) + options->hpn_disabled = 0; -+ if (options->hpn_buffer_limit == -1) -+ options->hpn_buffer_limit = 0; if (options->ip_qos_interactive == -1) options->ip_qos_interactive = IPTOS_DSCP_AF21; if (options->ip_qos_bulk == -1) -@@ -545,6 +562,8 @@ +@@ -584,6 +601,8 @@ sKerberosGetAFSToken, sKerberosUniqueCCache, sKerberosUseKuserok, sPasswordAuthentication, sKbdInteractiveAuthentication, sListenAddress, sAddressFamily, sPrintMotd, sPrintLastLog, sIgnoreRhosts, -+ sNoneEnabled, sNoneMacEnabled, sHPNBufferLimit, -+ sTcpRcvBufPoll, sHPNDisabled, ++ sNoneEnabled, sNoneMacEnabled, sTcpRcvBufPoll, sHPNDisabled, ++ sDisableMTAES, sX11Forwarding, sX11DisplayOffset, sX11MaxDisplays, sX11UseLocalhost, sPermitTTY, sStrictModes, sEmptyPasswd, sTCPKeepAlive, sPermitUserEnvironment, sAllowTcpForwarding, sCompression, -@@ -746,6 +765,11 @@ +@@ -791,6 +810,11 @@ { "revokedkeys", sRevokedKeys, SSHCFG_ALL }, { "trustedusercakeys", sTrustedUserCAKeys, SSHCFG_ALL }, { "authorizedprincipalsfile", sAuthorizedPrincipalsFile, SSHCFG_ALL }, @@ -12037,11 +12121,11 @@ diff -Nur openssh-9.6p1.orig/servconf.c openssh-9.6p1/servconf.c + { "tcprcvbufpoll", sTcpRcvBufPoll, SSHCFG_ALL }, + { "noneenabled", sNoneEnabled, SSHCFG_ALL }, + { "nonemacenabled", sNoneMacEnabled, SSHCFG_ALL }, -+ { "hpnbufferlimit", sHPNBufferLimit, SSHCFG_ALL }, ++ { "disableMTAES", sDisableMTAES, SSHCFG_ALL }, { "kexalgorithms", sKexAlgorithms, SSHCFG_GLOBAL }, { "include", sInclude, SSHCFG_ALL }, { "ipqos", sIPQoS, SSHCFG_ALL }, -@@ -808,6 +832,7 @@ +@@ -854,6 +878,7 @@ for (i = 0; keywords[i].name; i++) if (strcasecmp(cp, keywords[i].name) == 0) { @@ -12049,7 +12133,7 @@ diff -Nur openssh-9.6p1.orig/servconf.c openssh-9.6p1/servconf.c *flags = keywords[i].flags; return keywords[i].opcode; } -@@ -1604,12 +1629,32 @@ +@@ -1573,12 +1598,32 @@ multistate_ptr = multistate_ignore_rhosts; goto parse_multistate; @@ -12075,31 +12159,32 @@ diff -Nur openssh-9.6p1.orig/servconf.c openssh-9.6p1/servconf.c + intptr = &options->nonemac_enabled; + goto parse_flag; + -+ case sHPNBufferLimit: -+ intptr = &options->hpn_buffer_limit; -+ goto parse_flag; ++ case sDisableMTAES: ++ intptr = &options->disable_multithreaded; ++ goto parse_flag; + case sHostbasedAuthentication: intptr = &options->hostbased_authentication; goto parse_flag; -diff -Nur openssh-9.6p1.orig/servconf.h openssh-9.6p1/servconf.h ---- openssh-9.6p1.orig/servconf.h 2024-07-10 13:32:39.601111817 +0200 -+++ openssh-9.6p1/servconf.h 2024-07-10 13:34:02.728358618 +0200 -@@ -211,6 +211,11 @@ - - int use_pam; /* Enable auth via PAM */ +diff -Nur openssh-9.8p1.orig/servconf.h openssh-9.8p1/servconf.h +--- openssh-9.8p1.orig/servconf.h 2024-09-30 16:02:22.621024494 +0200 ++++ openssh-9.8p1/servconf.h 2024-10-01 09:38:49.188317659 +0200 +@@ -225,6 +225,12 @@ + char *pam_service_name; int permit_pam_user_change; /* Allow PAM to change user name */ + + int tcp_rcv_buf_poll; /* poll tcp rcv window in autotuning kernels*/ + int hpn_disabled; /* disable hpn functionality. false by default */ + int none_enabled; /* Enable NONE cipher switch */ + int nonemac_enabled; /* Enable NONE MAC switch */ -+ int hpn_buffer_limit; /* limit local_window_max to 1/2 receive buffer */ - ++ int disable_multithreaded; /* Disable multithreaded aes-ctr cipher */ ++ int permit_tun; -diff -Nur openssh-9.6p1.orig/serverloop.c openssh-9.6p1/serverloop.c ---- openssh-9.6p1.orig/serverloop.c 2024-07-10 13:32:39.588111779 +0200 -+++ openssh-9.6p1/serverloop.c 2024-07-10 14:18:04.600152988 +0200 + char **permitted_opens; /* May also be one of PERMITOPEN_* */ +diff -Nur openssh-9.8p1.orig/serverloop.c openssh-9.8p1/serverloop.c +--- openssh-9.8p1.orig/serverloop.c 2024-09-30 16:02:22.607024453 +0200 ++++ openssh-9.8p1/serverloop.c 2024-10-01 09:39:20.858410057 +0200 @@ -81,6 +81,8 @@ #include "serverloop.h" #include "ssherr.h" @@ -12109,7 +12194,7 @@ diff -Nur openssh-9.6p1.orig/serverloop.c openssh-9.6p1/serverloop.c extern ServerOptions options; -@@ -347,6 +349,7 @@ +@@ -326,6 +328,7 @@ sigset_t bsigset, osigset; debug("Entering interactive session for SSH2."); @@ -12117,21 +12202,11 @@ diff -Nur openssh-9.6p1.orig/serverloop.c openssh-9.6p1/serverloop.c if (sigemptyset(&bsigset) == -1 || sigaddset(&bsigset, SIGCHLD) == -1) error_f("bsigset setup: %s", strerror(errno)); -@@ -385,7 +388,9 @@ - error_f("osigset sigprocmask: %s", strerror(errno)); - - if (received_sigterm) { -+ sshpkt_final_log_entry(ssh); - logit("Exiting on signal %d", (int)received_sigterm); -+ sshpkt_final_log_entry(ssh); - /* Clean up sessions, utmp, etc. */ - cleanup_exit(255); - } -@@ -403,9 +408,15 @@ +@@ -370,9 +373,15 @@ collect_children(ssh); free(pfd); -+ /* write final log entry */ ++ /* write final log entry (do we need this here? -cjr)*/ + sshpkt_final_log_entry(ssh); + /* free all channels, no more reads and writes */ @@ -12143,18 +12218,16 @@ diff -Nur openssh-9.6p1.orig/serverloop.c openssh-9.6p1/serverloop.c /* free remaining sessions, e.g. remove wtmp entries */ session_destroy_all(ssh, NULL); } -@@ -607,6 +618,10 @@ +@@ -574,6 +583,8 @@ c = channel_new(ssh, "session", SSH_CHANNEL_LARVAL, -1, -1, -1, /*window size*/0, CHAN_SES_PACKET_DEFAULT, 0, "server-session", 1); + if ((options.tcp_rcv_buf_poll) && (!options.hpn_disabled)) + c->dynamic_window = 1; -+ if (options.hpn_buffer_limit) -+ c->hpn_buffer_limit = 1; if (session_open(the_authctxt, c->self) != 1) { debug("session open failed, free channel %d", c->self); channel_free(ssh, c); -@@ -675,6 +690,67 @@ +@@ -642,6 +653,67 @@ return 0; } @@ -12222,7 +12295,7 @@ diff -Nur openssh-9.6p1.orig/serverloop.c openssh-9.6p1/serverloop.c static int server_input_hostkeys_prove(struct ssh *ssh, struct sshbuf **respp) { -@@ -854,6 +930,10 @@ +@@ -818,6 +890,10 @@ success = 1; } else if (strcmp(rtype, "hostkeys-prove-00@openssh.com") == 0) { success = server_input_hostkeys_prove(ssh, &resp); @@ -12233,9 +12306,9 @@ diff -Nur openssh-9.6p1.orig/serverloop.c openssh-9.6p1/serverloop.c } /* XXX sshpkt_get_end() */ if (want_reply) { -diff -Nur openssh-9.6p1.orig/session.c openssh-9.6p1/session.c ---- openssh-9.6p1.orig/session.c 2024-07-10 13:32:39.552111672 +0200 -+++ openssh-9.6p1/session.c 2024-07-10 13:34:02.729358621 +0200 +diff -Nur openssh-9.8p1.orig/session.c openssh-9.8p1/session.c +--- openssh-9.8p1.orig/session.c 2024-09-30 16:02:22.566024335 +0200 ++++ openssh-9.8p1/session.c 2024-09-30 16:03:39.174245328 +0200 @@ -94,6 +94,7 @@ #include "monitor_wrap.h" #include "sftp.h" @@ -12244,7 +12317,7 @@ diff -Nur openssh-9.6p1.orig/session.c openssh-9.6p1/session.c #if defined(KRB5) && defined(USE_AFS) #include -@@ -226,6 +227,7 @@ +@@ -237,6 +238,7 @@ goto authsock_err; /* Allocate a channel for the authentication agent socket. */ @@ -12252,32 +12325,29 @@ diff -Nur openssh-9.6p1.orig/session.c openssh-9.6p1/session.c nc = channel_new(ssh, "auth-listener", SSH_CHANNEL_AUTH_SOCKET, sock, sock, -1, CHAN_X11_WINDOW_DEFAULT, CHAN_X11_PACKET_DEFAULT, -@@ -553,6 +555,8 @@ +@@ -564,6 +566,9 @@ session_set_fds(ssh, s, inout[1], inout[1], err[1], s->is_subsystem, 0); #endif + /* switch to the parallel ciphers if necessary */ -+ cipher_switch(ssh); ++ if (options.disable_multithreaded == 0) ++ cipher_switch(ssh); return 0; } -@@ -666,6 +670,8 @@ +@@ -677,6 +682,9 @@ ssh_packet_set_interactive(ssh, 1, options.ip_qos_interactive, options.ip_qos_bulk); session_set_fds(ssh, s, ptyfd, fdout, -1, 1, 1); + /* switch to the parallel cipher if appropriate */ -+ cipher_switch(ssh); ++ if (options.disable_multithreaded == 0) ++ cipher_switch(ssh); return 0; } -@@ -2884,4 +2890,3 @@ - remote = ssh_remote_ipaddr(ssh); - return remote; - } -- -diff -Nur openssh-9.6p1.orig/sftp.1 openssh-9.6p1/sftp.1 ---- openssh-9.6p1.orig/sftp.1 2023-12-18 15:59:50.000000000 +0100 -+++ openssh-9.6p1/sftp.1 2024-07-10 13:34:02.730358624 +0200 +diff -Nur openssh-9.8p1.orig/sftp.1 openssh-9.8p1/sftp.1 +--- openssh-9.8p1.orig/sftp.1 2024-07-01 06:36:28.000000000 +0200 ++++ openssh-9.8p1/sftp.1 2024-10-01 11:22:00.648462200 +0200 @@ -299,7 +299,8 @@ Specify how many requests may be outstanding at any one time. Increasing this may slightly improve file transfer speed @@ -12303,10 +12373,10 @@ diff -Nur openssh-9.6p1.orig/sftp.1 openssh-9.6p1/sftp.1 By default a 32KB buffer is used. .El .El -diff -Nur openssh-9.6p1.orig/sftp.c openssh-9.6p1/sftp.c ---- openssh-9.6p1.orig/sftp.c 2024-07-10 13:32:39.531111609 +0200 -+++ openssh-9.6p1/sftp.c 2024-07-10 14:19:56.850473846 +0200 -@@ -2562,23 +2562,28 @@ +diff -Nur openssh-9.8p1.orig/sftp.c openssh-9.8p1/sftp.c +--- openssh-9.8p1.orig/sftp.c 2024-09-30 16:02:22.545024274 +0200 ++++ openssh-9.8p1/sftp.c 2024-10-01 09:50:10.979301433 +0200 +@@ -2566,23 +2566,28 @@ replacearg(&args, 0, "%s", ssh_program); break; case 'X': @@ -12341,9 +12411,9 @@ diff -Nur openssh-9.6p1.orig/sftp.c openssh-9.6p1/sftp.c "\"%s\": %s", optarg + 10, errstr); } num_requests = (size_t)llv; -diff -Nur openssh-9.6p1.orig/sftp-client.c openssh-9.6p1/sftp-client.c ---- openssh-9.6p1.orig/sftp-client.c 2024-07-10 13:32:39.531111609 +0200 -+++ openssh-9.6p1/sftp-client.c 2024-07-10 13:34:02.731358627 +0200 +diff -Nur openssh-9.8p1.orig/sftp-client.c openssh-9.8p1/sftp-client.c +--- openssh-9.8p1.orig/sftp-client.c 2024-09-30 16:02:22.545024274 +0200 ++++ openssh-9.8p1/sftp-client.c 2024-09-30 16:03:39.175245331 +0200 @@ -72,7 +72,8 @@ #define DEFAULT_COPY_BUFLEN 32768 @@ -12354,10 +12424,25 @@ diff -Nur openssh-9.6p1.orig/sftp-client.c openssh-9.6p1/sftp-client.c /* Minimum amount of data to read at a time */ #define MIN_READ_SIZE 512 -diff -Nur openssh-9.6p1.orig/ssh.1 openssh-9.6p1/ssh.1 ---- openssh-9.6p1.orig/ssh.1 2024-07-10 13:32:39.601111817 +0200 -+++ openssh-9.6p1/ssh.1 2024-07-10 13:34:02.731358627 +0200 -@@ -524,6 +524,7 @@ +diff -Nur openssh-9.8p1.orig/ssh.1 openssh-9.8p1/ssh.1 +--- openssh-9.8p1.orig/ssh.1 2024-09-30 16:02:22.622024497 +0200 ++++ openssh-9.8p1/ssh.1 2024-09-30 16:35:12.408708175 +0200 +@@ -77,6 +77,14 @@ + X11 connections, arbitrary TCP ports and + .Ux Ns -domain + sockets can also be forwarded over the secure channel. ++.Nm ++is binary compatible with the more well known OpenSSH and uses the same configuration ++directives, methods, and keywords except where noted with the exception of the default port. ++HPN-SSH servers, by default, use port 2222 for connection, and as such, ++.Nm ++clients ++attempt to connect on that port. If the connection attempt on port 2222 fails it will fallback to ++port 22. Please see the -p switch for more information. + .Pp + .Nm + connects and logs into the specified +@@ -524,11 +532,13 @@ .It ControlMaster .It ControlPath .It ControlPersist @@ -12365,16 +12450,21 @@ diff -Nur openssh-9.6p1.orig/ssh.1 openssh-9.6p1/ssh.1 .It DynamicForward .It EnableSSHKeysign .It EnableEscapeCommandline -@@ -552,6 +553,8 @@ + .It EscapeChar + .It ExitOnForwardFailure ++.It FallbackPort + .It FingerprintHash + .It ForkAfterAuthentication + .It ForwardAgent +@@ -552,6 +562,7 @@ .It HostKeyAlgorithms .It HostKeyAlias .It Hostname +.It HPNDisabled* -+.It HPNBufferLimit* .It IdentitiesOnly .It IdentityAgent .It IdentityFile -@@ -568,7 +571,13 @@ +@@ -568,7 +579,13 @@ .It LogVerbose .It MACs .It Match @@ -12388,7 +12478,7 @@ diff -Nur openssh-9.6p1.orig/ssh.1 openssh-9.6p1/ssh.1 .It NumberOfPasswordPrompts .It PasswordAuthentication .It PermitLocalCommand -@@ -599,6 +608,7 @@ +@@ -599,6 +616,7 @@ .It StrictHostKeyChecking .It SyslogFacility .It TCPKeepAlive @@ -12396,27 +12486,41 @@ diff -Nur openssh-9.6p1.orig/ssh.1 openssh-9.6p1/ssh.1 .It Tunnel .It TunnelDevice .It UpdateHostKeys -@@ -607,6 +617,8 @@ +@@ -607,6 +625,8 @@ .It VerifyHostKeyDNS .It VisualHostKey .It XAuthLocation +.Pp -+.It * Hpnssh specific configuration option. ++.It * Hpnssh specific configuration option. .El .Pp .It Fl P Ar tag -@@ -1825,3 +1837,7 @@ +@@ -623,6 +643,13 @@ + Port to connect to on the remote host. + This can be specified on a + per-host basis in the configuration file. ++HPN-SSH uses a default port of 2222. It will automatically ++fallback to use the SSH standard port 22 if it cannot connect ++on port 2222. This fallback behaviour can be modified with the ++FallbackPort option. Note: if outbound port 2222 is ++blocked it may appear that the hpnssh client is non-responsive. In that event, ++either specify the correct port or use the ConnectTimeout option ++to trigger the port fallback more quickly. + .Pp + .It Fl Q Ar query_option + Queries for the algorithms supported by one of the following features: +@@ -1814,3 +1841,7 @@ created OpenSSH. Markus Friedl contributed the support for SSH protocol versions 1.5 and 2.0. +Chris Rapier, Michael Stevens, Ben Bennet, and Mike Tasota developed +the HPN extensions at the Pittsburgh Supercomuting Center with grants +from Cisco, the National Library of Medicine, and the National Science -+Foundation. -diff -Nur openssh-9.6p1.orig/ssh_api.c openssh-9.6p1/ssh_api.c ---- openssh-9.6p1.orig/ssh_api.c 2023-12-18 15:59:50.000000000 +0100 -+++ openssh-9.6p1/ssh_api.c 2024-07-10 13:34:02.732358630 +0200 -@@ -410,7 +410,7 @@ ++Foundation. +diff -Nur openssh-9.8p1.orig/ssh_api.c openssh-9.8p1/ssh_api.c +--- openssh-9.8p1.orig/ssh_api.c 2024-07-01 06:36:28.000000000 +0200 ++++ openssh-9.8p1/ssh_api.c 2024-09-30 16:03:39.177245336 +0200 +@@ -425,7 +425,7 @@ char *cp; int r; @@ -12425,43 +12529,29 @@ diff -Nur openssh-9.6p1.orig/ssh_api.c openssh-9.6p1/ssh_api.c return r; if ((r = sshbuf_putb(ssh_packet_get_output(ssh), banner)) != 0) return r; -diff -Nur openssh-9.6p1.orig/sshbuf.c openssh-9.6p1/sshbuf.c ---- openssh-9.6p1.orig/sshbuf.c 2023-12-18 15:59:50.000000000 +0100 -+++ openssh-9.6p1/sshbuf.c 2024-07-10 13:34:02.732358630 +0200 -@@ -27,6 +27,20 @@ +diff -Nur openssh-9.8p1.orig/sshbuf.c openssh-9.8p1/sshbuf.c +--- openssh-9.8p1.orig/sshbuf.c 2024-07-01 06:36:28.000000000 +0200 ++++ openssh-9.8p1/sshbuf.c 2024-09-30 16:03:39.177245336 +0200 +@@ -27,6 +27,9 @@ #define SSHBUF_INTERNAL #include "sshbuf.h" #include "misc.h" +/* #include "log.h" */ + +#define BUF_WATERSHED 256*1024 -+ -+#ifdef SSHBUF_DEBUG -+# define SSHBUF_TELL(what) do { \ -+ printf("%s:%d %s: %s size %zu alloc %zu off %zu max %zu\n", \ -+ __FILE__, __LINE__, __func__, what, \ -+ buf->size, buf->alloc, buf->off, buf->max_size); \ -+ fflush(stdout); \ -+ } while (0) -+#else -+# define SSHBUF_TELL(what) -+#endif #ifdef SSHBUF_DEBUG # define SSHBUF_TELL(what) do { \ -@@ -45,12 +59,27 @@ - size_t off; /* First available byte is buf->d + buf->off */ - size_t size; /* Last byte is buf->d + buf->size - 1 */ - size_t max_size; /* Maximum size of buffer */ -+ size_t window_max; /* channel window max */ - size_t alloc; /* Total bytes allocated to buf->d */ +@@ -49,8 +52,29 @@ int readonly; /* Refers to external, const data */ u_int refcount; /* Tracks self and number of child buffers */ struct sshbuf *parent; /* If child, pointer to parent */ + char label[MAX_LABEL_LEN]; /* String for buffer label - debugging use */ -+ struct timeval buf_ts; /* creation time of buffer */ ++ int type; /* type of buffer enum (sshbuf_types)*/ }; ++/* update the label string for a given sshbuf. Useful ++ * for debugging */ +void +sshbuf_relabel(struct sshbuf *buf, const char *label) +{ @@ -12469,15 +12559,20 @@ diff -Nur openssh-9.6p1.orig/sshbuf.c openssh-9.6p1/sshbuf.c + strncpy(buf->label, label, MAX_LABEL_LEN-1); +} + -+float time_diff(struct timeval *start, struct timeval *end) ++/* set the type (from enum sshbuf_type) of the given sshbuf. ++ * The purpose is to allow different classes of buffers to ++ * follow different code paths if necessary */ ++void ++sshbuf_type(struct sshbuf *buf, int type) +{ -+ return (end->tv_sec - start->tv_sec) + 1e-6*(end->tv_usec - start->tv_usec); ++ if (type < BUF_MAX_TYPE) ++ buf->type = type; +} + static inline int sshbuf_check_sanity(const struct sshbuf *buf) { -@@ -89,7 +118,7 @@ +@@ -89,7 +113,7 @@ } struct sshbuf * @@ -12486,7 +12581,7 @@ diff -Nur openssh-9.6p1.orig/sshbuf.c openssh-9.6p1/sshbuf.c { struct sshbuf *ret; -@@ -100,6 +129,8 @@ +@@ -100,6 +124,8 @@ ret->readonly = 0; ret->refcount = 1; ret->parent = NULL; @@ -12495,97 +12590,27 @@ diff -Nur openssh-9.6p1.orig/sshbuf.c openssh-9.6p1/sshbuf.c if ((ret->cd = ret->d = calloc(1, ret->alloc)) == NULL) { free(ret); return NULL; -@@ -218,7 +249,7 @@ - size_t - sshbuf_max_size(const struct sshbuf *buf) - { -- return buf->max_size; -+ return buf->max_size / 2; - } - - size_t -@@ -240,13 +271,18 @@ - } - - int --sshbuf_set_max_size(struct sshbuf *buf, size_t max_size) -+sshbuf_set_max_size(struct sshbuf *buf, size_t requested_size) - { -- size_t rlen; -+ size_t rlen, max_size = requested_size * 2; - u_char *dp; - int r; - -- SSHBUF_DBG(("set max buf = %p len = %zu", buf, max_size)); -+ /* -+ * Note that we set the actual allocation limit to be 2x the requested -+ * size. This is to avoid some pathological compaction behaviour later -+ * when a buffer is at capacity and has small drains/fills on it. -+ */ -+ SSHBUF_DBG(("set max buf = %p requested = %zu", buf, requested_size)); - if ((r = sshbuf_check_sanity(buf)) != 0) - return r; - if (max_size == buf->max_size) -@@ -255,9 +291,17 @@ - return SSH_ERR_BUFFER_READ_ONLY; - if (max_size > SSHBUF_SIZE_MAX) - return SSH_ERR_NO_BUFFER_SPACE; -- /* pack and realloc if necessary */ -- sshbuf_maybe_pack(buf, max_size < buf->size); -- if (max_size < buf->alloc && max_size > buf->size) { -+ /* -+ * Always pack as it makes everything that follows easier. -+ * Potentially expensive, but this should seldom be called on buffers -+ * that already contain data. -+ */ -+ sshbuf_maybe_pack(buf, 1); -+ /* Refuse setting a maximum below current amount of data in buffer */ -+ if (requested_size < buf->size) -+ return SSH_ERR_NO_BUFFER_SPACE; -+ /* Shrink alloc if the existing allocation is larger than requested */ -+ if (requested_size < buf->alloc) { - if (buf->size < SSHBUF_SIZE_INIT) - rlen = SSHBUF_SIZE_INIT; - else -@@ -271,8 +315,6 @@ - buf->alloc = rlen; - } - SSHBUF_TELL("new-max"); -- if (max_size < buf->alloc) -- return SSH_ERR_NO_BUFFER_SPACE; - buf->max_size = max_size; - return 0; - } -@@ -290,7 +332,7 @@ +@@ -290,7 +316,18 @@ { if (sshbuf_check_sanity(buf) != 0 || buf->readonly || buf->refcount > 1) return 0; - return buf->max_size - (buf->size - buf->off); -+ return (buf->max_size / 2) - (buf->size - buf->off); ++ /* we need to reserve a small amount of overhead on the input buffer ++ * or we can enter into a pathological state during bulk ++ * data transfers. We use a fraction of the max size as we want it to scale ++ * with the size of the input buffer. If we do it for all of the buffers ++ * we fail the regression unit tests. This seems like a reasonable ++ * solution. Of course, I still need to figure out *why* this is ++ * happening and come up with an actual fix. TODO ++ * cjr 4/19/2024 */ ++ if (buf->type == BUF_CHANNEL_INPUT) ++ return buf->max_size / 1.05 - (buf->size - buf->off); ++ else ++ return buf->max_size - (buf->size - buf->off); } const u_char * -@@ -320,11 +362,18 @@ - return SSH_ERR_BUFFER_READ_ONLY; - SSHBUF_TELL("check"); - /* Check that len is reasonable and that max_size + available < len */ -- if (len > buf->max_size || buf->max_size - len < buf->size - buf->off) -+ if (len > (buf->max_size / 2) || -+ (buf->max_size / 2) - len < buf->size - buf->off) - return SSH_ERR_NO_BUFFER_SPACE; - return 0; - } - -+void -+sshbuf_set_window_max(struct sshbuf *buf, size_t len) -+{ -+ buf->window_max = len; -+} -+ - int - sshbuf_allocate(struct sshbuf *buf, size_t len) - { -@@ -350,9 +399,42 @@ +@@ -350,9 +387,36 @@ */ need = len + buf->size - buf->alloc; rlen = ROUNDUP(buf->alloc + need, SSHBUF_SIZE_INC); @@ -12593,52 +12618,45 @@ diff -Nur openssh-9.6p1.orig/sshbuf.c openssh-9.6p1/sshbuf.c + * slowly. It's knows that it needs to grow but it only does so 32K + * at a time. This means a lot of calls to realloc and memcpy which + * kills performance until the buffer reaches some maximum size. -+ * so we explicitly test for a buffer that's trying to grow and -+ * if it is then we push the growth to whatever the adjusted value of -+ * local_window_max happens to be. This significantly reduces overhead ++ * So we explicitly test for a buffer that's trying to grow and ++ * if it is then we push the growth by 4MB at a time. This can result in ++ * the buffer being over allocated (in terms of actual needs) but the ++ * process is fast. This significantly reduces overhead + * and improves performance. In this case we look for a buffer that is trying + * to grow larger than BUF_WATERSHED (256*1024 taken from PACKET_MAX_SIZE) -+ * and where the local_window_max isn't zero (which is usally in the Channels -+ * struct but we copied it into the shhbuf as window_max). If it is zero or -+ * the buffer is smaller than BUF_WATERSHED we just use the -+ * normal value for need. We also don't want to grow the buffer past -+ * what we need (the size of window_max) so if the current allocation (in -+ * buf->alloc) is greater than window_max we skip it. -+ * -+ * Turns out the extra functions on the following conditional aren't needed -+ * -cjr 04/06/23 ++ * and explcitly check that the buffer is being used for inbound outbound ++ * channel buffering. ++ * Updated for 18.4.1 -cjr 04/20/24 + */ -+ if (rlen > BUF_WATERSHED) { -+ /* debug_f ("Prior: label: %s, %p, rlen is %zu need is %zu win_max is %zu max_size is %zu", -+ buf->label, buf, rlen, need, buf->window_max, buf->max_size); */ ++ if (rlen > BUF_WATERSHED && (buf->type == BUF_CHANNEL_OUTPUT || buf->type == BUF_CHANNEL_INPUT)) { ++ /* debug_f ("Prior: label: %s, %p, rlen is %zu need is %zu max_size is %zu", ++ buf->label, buf, rlen, need, buf->max_size); */ + /* easiest thing to do is grow the nuffer by 4MB each time. It might end + * up being somewhat overallocated but works quickly */ + need = (4*1024*1024); + rlen = ROUNDUP(buf->alloc + need, SSHBUF_SIZE_INC); -+ /* debug_f ("Post: label: %s, %p, rlen is %zu need is %zu win_max is %zu max_size is %zu", */ -+ /* buf->label, buf, rlen, need, buf->window_max, buf->max_size); */ ++ /* debug_f ("Post: label: %s, %p, rlen is %zu need is %zu max_size is %zu", */ ++ /* buf->label, buf, rlen, need, buf->max_size); */ + } SSHBUF_DBG(("need %zu initial rlen %zu", need, rlen)); -- if (rlen > buf->max_size) -- rlen = buf->alloc + need; + + /* rlen might be above the max allocation */ -+ if (rlen > buf->max_size) { + if (rlen > buf->max_size) +- rlen = buf->alloc + need; + rlen = buf->max_size; -+ /* debug_f("set rlen to %zu", buf->max_size);*/ -+ } ++ SSHBUF_DBG(("adjusted rlen %zu", rlen)); if ((dp = recallocarray(buf->d, buf->alloc, rlen, 1)) == NULL) { SSHBUF_DBG(("realloc fail")); -diff -Nur openssh-9.6p1.orig/sshbuf.h openssh-9.6p1/sshbuf.h ---- openssh-9.6p1.orig/sshbuf.h 2023-12-18 15:59:50.000000000 +0100 -+++ openssh-9.6p1/sshbuf.h 2024-07-10 13:34:02.732358630 +0200 -@@ -28,10 +28,12 @@ +diff -Nur openssh-9.8p1.orig/sshbuf.h openssh-9.8p1/sshbuf.h +--- openssh-9.8p1.orig/sshbuf.h 2024-07-01 06:36:28.000000000 +0200 ++++ openssh-9.8p1/sshbuf.h 2024-09-30 16:03:39.177245336 +0200 +@@ -28,18 +28,49 @@ # endif /* OPENSSL_HAS_ECC */ #endif /* WITH_OPENSSL */ -#define SSHBUF_SIZE_MAX 0x8000000 /* Hard maximum size */ -+#define SSHBUF_SIZE_MAX 0xFFFFFFF /* Hard maximum size 256MB */ ++#define SSHBUF_SIZE_MAX 0x8000000 /* Hard maximum size 128MB */ #define SSHBUF_REFS_MAX 0x100000 /* Max child buffers */ #define SSHBUF_MAX_BIGNUM (16384 / 8) /* Max bignum *bytes* */ #define SSHBUF_MAX_ECPOINT ((528 * 2 / 8) + 1) /* Max EC point *bytes* */ @@ -12647,12 +12665,23 @@ diff -Nur openssh-9.6p1.orig/sshbuf.h openssh-9.6p1/sshbuf.h struct sshbuf; -@@ -39,7 +41,18 @@ ++enum buffer_types { ++ BUF_CHANNEL_OUTPUT, ++ BUF_CHANNEL_INPUT, ++ BUF_CHANNEL_EXTENDED, ++ BUF_PACKET_INPUT, ++ BUF_PACKET_INCOMING, ++ BUF_PACKET_OUTPUT, ++ BUF_PACKET_OUTGOING, ++ BUF_MAX_TYPE ++}; ++ + /* * Create a new sshbuf buffer. * Returns pointer to buffer on success, or NULL on allocation failure. */ -struct sshbuf *sshbuf_new(void); -+/* struct sshbuf *sshbuf_new(void); */ ++/* struct sshbuf *sshbuf_new(void);*/ + +/* + * Create a new labeled sshbuf buffer. @@ -12664,10 +12693,17 @@ diff -Nur openssh-9.6p1.orig/sshbuf.h openssh-9.6p1/sshbuf.h + * relabel the sshbuf struct + */ +void sshbuf_relabel(struct sshbuf *, const char *); ++ ++/* ++ * assign a type (from the buffer_types enum) to ++ * the buffer. Used to quickly identify the purpose of ++ * the buffer. ++ */ ++void sshbuf_type(struct sshbuf *, int); /* * Create a new, read-only sshbuf buffer from existing data. -@@ -75,12 +88,13 @@ +@@ -75,12 +106,13 @@ void sshbuf_reset(struct sshbuf *buf); /* @@ -12683,7 +12719,7 @@ diff -Nur openssh-9.6p1.orig/sshbuf.h openssh-9.6p1/sshbuf.h * Returns 0 on success, or a negative SSH_ERR_* error code on failure. */ int sshbuf_set_max_size(struct sshbuf *buf, size_t max_size); -@@ -344,6 +358,9 @@ +@@ -344,6 +376,9 @@ ((u_char *)(p))[1] = __v & 0xff; \ } while (0) @@ -12693,9 +12729,9 @@ diff -Nur openssh-9.6p1.orig/sshbuf.h openssh-9.6p1/sshbuf.h /* Internal definitions follow. Exposed for regress tests */ #ifdef SSHBUF_INTERNAL -diff -Nur openssh-9.6p1.orig/ssh.c openssh-9.6p1/ssh.c ---- openssh-9.6p1.orig/ssh.c 2024-07-10 13:32:39.602111820 +0200 -+++ openssh-9.6p1/ssh.c 2024-07-10 13:34:02.733358633 +0200 +diff -Nur openssh-9.8p1.orig/ssh.c openssh-9.8p1/ssh.c +--- openssh-9.8p1.orig/ssh.c 2024-09-30 16:02:22.622024497 +0200 ++++ openssh-9.8p1/ssh.c 2024-09-30 16:03:39.178245339 +0200 @@ -109,6 +109,7 @@ #include "ssherr.h" #include "myproposal.h" @@ -12753,7 +12789,7 @@ diff -Nur openssh-9.6p1.orig/ssh.c openssh-9.6p1/ssh.c if (addrs != NULL) freeaddrinfo(addrs); -@@ -1892,7 +1923,7 @@ +@@ -1896,7 +1927,7 @@ /* Do fork() after authentication. Used by "ssh -f" */ static void @@ -12762,13 +12798,14 @@ diff -Nur openssh-9.6p1.orig/ssh.c openssh-9.6p1/ssh.c { if (need_controlpersist_detach) control_persist_detach(); -@@ -1902,17 +1933,20 @@ +@@ -1906,17 +1937,21 @@ fatal("daemon() failed: %.200s", strerror(errno)); if (stdfd_devnull(1, 1, !(log_is_on_stderr() && debug_flag)) == -1) error_f("stdfd_devnull failed"); + /* we do the cipher switch here in the event that the client + is forking or has a delayed fork */ -+ cipher_switch(ssh); ++ if (options.disable_multithreaded == 0) ++ cipher_switch(ssh); } static void @@ -12785,7 +12822,7 @@ diff -Nur openssh-9.6p1.orig/ssh.c openssh-9.6p1/ssh.c } else { debug2_f("%d expected forwarding replies remaining", forward_confirms_pending); -@@ -1979,7 +2013,7 @@ +@@ -1983,7 +2018,7 @@ "for listen port %d", rfwd->listen_port); } } @@ -12794,7 +12831,7 @@ diff -Nur openssh-9.6p1.orig/ssh.c openssh-9.6p1/ssh.c } static void -@@ -2006,7 +2040,7 @@ +@@ -2010,7 +2045,7 @@ } debug_f("tunnel forward established, id=%d", id); @@ -12803,7 +12840,7 @@ diff -Nur openssh-9.6p1.orig/ssh.c openssh-9.6p1/ssh.c } static void -@@ -2207,6 +2241,15 @@ +@@ -2211,6 +2246,15 @@ NULL, fileno(stdin), command, environ); } @@ -12819,7 +12856,7 @@ diff -Nur openssh-9.6p1.orig/ssh.c openssh-9.6p1/ssh.c /* open new channel for a session */ static int ssh_session2_open(struct ssh *ssh) -@@ -2228,6 +2271,7 @@ +@@ -2232,6 +2276,7 @@ window = CHAN_SES_WINDOW_DEFAULT; packetmax = CHAN_SES_PACKET_DEFAULT; if (tty_flag) { @@ -12827,7 +12864,7 @@ diff -Nur openssh-9.6p1.orig/ssh.c openssh-9.6p1/ssh.c window >>= 1; packetmax >>= 1; } -@@ -2236,6 +2280,16 @@ +@@ -2240,6 +2285,12 @@ window, packetmax, CHAN_EXTENDED_WRITE, "client-session", CHANNEL_NONBLOCK_STDIO); @@ -12836,15 +12873,11 @@ diff -Nur openssh-9.6p1.orig/ssh.c openssh-9.6p1/ssh.c + c->dynamic_window = 1; + debug("Enabled Dynamic Window Scaling"); + } -+ -+ if (options.hpn_buffer_limit) -+ c->hpn_buffer_limit = 1; -+ + debug3_f("channel_new: %d", c->self); channel_send_open(ssh, c->self); -@@ -2252,6 +2306,13 @@ +@@ -2256,6 +2307,13 @@ int r, interactive, id = -1; char *cp, *tun_fwd_ifname = NULL; @@ -12858,7 +12891,7 @@ diff -Nur openssh-9.6p1.orig/ssh.c openssh-9.6p1/ssh.c /* XXX should be pre-session */ if (!options.control_persist) ssh_init_stdio_forwarding(ssh); -@@ -2350,7 +2411,13 @@ +@@ -2354,7 +2412,14 @@ debug("deferring postauth fork until remote forward " "confirmation received"); } else @@ -12869,13 +12902,14 @@ diff -Nur openssh-9.6p1.orig/ssh.c openssh-9.6p1/ssh.c + * one of our parallel versions. If the client is + * forking then we handle it in fork_postauth() + */ -+ cipher_switch(ssh); ++ if (options.disable_multithreaded == 0) ++ cipher_switch(ssh); } return client_loop(ssh, tty_flag, tty_flag ? -diff -Nur openssh-9.6p1.orig/ssh_config.5 openssh-9.6p1/ssh_config.5 ---- openssh-9.6p1.orig/ssh_config.5 2024-07-10 13:32:39.603111823 +0200 -+++ openssh-9.6p1/ssh_config.5 2024-07-10 13:34:02.734358636 +0200 +diff -Nur openssh-9.8p1.orig/ssh_config.5 openssh-9.8p1/ssh_config.5 +--- openssh-9.8p1.orig/ssh_config.5 2024-09-30 16:02:22.623024499 +0200 ++++ openssh-9.8p1/ssh_config.5 2024-09-30 16:03:39.179245342 +0200 @@ -62,6 +62,19 @@ .Pq Pa /etc/ssh/ssh_config .El @@ -12896,19 +12930,17 @@ diff -Nur openssh-9.6p1.orig/ssh_config.5 openssh-9.6p1/ssh_config.5 Unless noted otherwise, for each parameter, the first obtained value will be used. The configuration files contain sections separated by -@@ -700,6 +713,11 @@ - then the backgrounded master connection will automatically terminate - after it has remained idle (with no client connections) for the - specified time. -+.It Cm DisableMTAES -+Switch the encryption cipher being used from the multithreaded MT-AES-CTR cipher -+back to the stock single-threaded AES-CTR cipher. This may prove to be more -+effcient in some circumstances. Default is -+.Cm no. HPNSSH only. - .It Cm DynamicForward - Specifies that a TCP port on the local machine be forwarded - over the secure channel, and the application -@@ -1111,6 +1129,20 @@ +@@ -795,6 +808,9 @@ + or + .Cm no + (the default). ++.It Cm FallbackPort ++Specifies the port hpnssh should try to connect to if it fails connecting to the ++default hpnsshd port of 2222. The default is port 22. HPN-SSH only. + .It Cm FingerprintHash + Specifies the hash algorithm used when displaying key fingerprints. + Valid options are: +@@ -1121,6 +1137,11 @@ .Cm Hostname specifications). The default is the name given on the command line. @@ -12916,20 +12948,11 @@ diff -Nur openssh-9.6p1.orig/ssh_config.5 openssh-9.6p1/ssh_config.5 +In some situations, such as transfers on a local area network, the impact +of the HPN code produces a net decrease in performance. In these cases it is +helpful to disable the HPN functionality. By default HPNDisabled is set to -+.Cm no. HPNSSH only. -+.It Cm HPNBufferLimit -+This option will force the hpnssh receive buffer to grow more slowly and limits -+the growth to one half of the TCP receive buffer. This option can prove useful -+in situation where a high speed path with larger RTTs are writing to a slower -+device or file system. Enabling this option will reduce performance but may provide -+a more stable connection. The option only impacts the receiving side of the connection. -+For example, a client receiving data from a server but not a client sending data. -+By default this option is set to +.Cm no. HPNSSH only. .It Cm IdentitiesOnly Specifies that .Xr ssh 1 -@@ -1484,6 +1516,63 @@ +@@ -1497,6 +1518,63 @@ .Pp The list of available MAC algorithms may also be obtained using .Qq ssh -Q mac . @@ -12993,7 +13016,7 @@ diff -Nur openssh-9.6p1.orig/ssh_config.5 openssh-9.6p1/ssh_config.5 .It Cm NoHostAuthenticationForLocalhost Disable host authentication for localhost (loopback addresses). The argument to this keyword must be -@@ -1491,6 +1580,36 @@ +@@ -1504,6 +1582,36 @@ or .Cm no (the default). @@ -13030,7 +13053,7 @@ diff -Nur openssh-9.6p1.orig/ssh_config.5 openssh-9.6p1/ssh_config.5 .It Cm NumberOfPasswordPrompts Specifies the number of password prompts before giving up. The argument to this keyword must be an integer. -@@ -2048,6 +2167,12 @@ +@@ -2061,6 +2169,12 @@ Specify a configuration tag name that may be later used by a .Cm Match directive to select a block of configuration. @@ -13043,7 +13066,7 @@ diff -Nur openssh-9.6p1.orig/ssh_config.5 openssh-9.6p1/ssh_config.5 .It Cm Tunnel Request .Xr tun 4 -@@ -2404,3 +2529,11 @@ +@@ -2417,3 +2531,11 @@ created OpenSSH. .An Markus Friedl contributed the support for SSH protocol versions 1.5 and 2.0. @@ -13055,9 +13078,9 @@ diff -Nur openssh-9.6p1.orig/ssh_config.5 openssh-9.6p1/ssh_config.5 +developed the HPN extensions at the Pittsburgh Supercomuting Center +with grants from Cisco, the National Library of Medicine, and +the National Science Foundation. -diff -Nur openssh-9.6p1.orig/sshconnect2.c openssh-9.6p1/sshconnect2.c ---- openssh-9.6p1.orig/sshconnect2.c 2024-07-10 13:32:39.603111823 +0200 -+++ openssh-9.6p1/sshconnect2.c 2024-07-10 13:34:02.734358636 +0200 +diff -Nur openssh-9.8p1.orig/sshconnect2.c openssh-9.8p1/sshconnect2.c +--- openssh-9.8p1.orig/sshconnect2.c 2024-09-30 16:02:22.623024499 +0200 ++++ openssh-9.8p1/sshconnect2.c 2024-09-30 16:03:39.180245345 +0200 @@ -76,6 +76,7 @@ #include "utf8.h" #include "ssh-sk.h" @@ -13080,7 +13103,7 @@ diff -Nur openssh-9.6p1.orig/sshconnect2.c openssh-9.6p1/sshconnect2.c * SSH2 key exchange */ -@@ -582,6 +590,42 @@ +@@ -573,6 +581,42 @@ if (!authctxt.success) fatal("Authentication failed."); @@ -13123,10 +13146,10 @@ diff -Nur openssh-9.6p1.orig/sshconnect2.c openssh-9.6p1/sshconnect2.c if (ssh_packet_connection_is_on_socket(ssh)) { verbose("Authenticated to %s ([%s]:%d) using \"%s\".", host, ssh_remote_ipaddr(ssh), ssh_remote_port(ssh), -diff -Nur openssh-9.6p1.orig/sshd.8 openssh-9.6p1/sshd.8 ---- openssh-9.6p1.orig/sshd.8 2024-07-10 13:32:39.603111823 +0200 -+++ openssh-9.6p1/sshd.8 2024-07-10 13:34:02.734358636 +0200 -@@ -1078,3 +1078,7 @@ +diff -Nur openssh-9.8p1.orig/sshd.8 openssh-9.8p1/sshd.8 +--- openssh-9.8p1.orig/sshd.8 2024-09-30 16:02:22.624024502 +0200 ++++ openssh-9.8p1/sshd.8 2024-09-30 16:03:39.181245348 +0200 +@@ -1075,3 +1075,7 @@ protocol versions 1.5 and 2.0. Niels Provos and Markus Friedl contributed support for privilege separation. @@ -13134,10 +13157,10 @@ diff -Nur openssh-9.6p1.orig/sshd.8 openssh-9.6p1/sshd.8 +the HPN extensions at the Pittsburgh Supercomuting Center with grants +from Cisco, the National Library of Medicine, and the National Science +Foundation. -diff -Nur openssh-9.6p1.orig/sshd.c openssh-9.6p1/sshd.c ---- openssh-9.6p1.orig/sshd.c 2024-07-10 13:32:39.604111826 +0200 -+++ openssh-9.6p1/sshd.c 2024-07-10 13:34:02.735358639 +0200 -@@ -1093,6 +1093,8 @@ +diff -Nur openssh-9.8p1.orig/sshd.c openssh-9.8p1/sshd.c +--- openssh-9.8p1.orig/sshd.c 2024-09-30 16:02:22.578024370 +0200 ++++ openssh-9.8p1/sshd.c 2024-09-30 16:03:39.182245351 +0200 +@@ -753,6 +753,8 @@ int ret, listen_sock; struct addrinfo *ai; char ntop[NI_MAXHOST], strport[NI_MAXSERV]; @@ -13146,7 +13169,7 @@ diff -Nur openssh-9.6p1.orig/sshd.c openssh-9.6p1/sshd.c for (ai = la->addrs; ai; ai = ai->ai_next) { if (ai->ai_family != AF_INET && ai->ai_family != AF_INET6) -@@ -1138,6 +1140,10 @@ +@@ -798,6 +800,10 @@ debug("Bind to port %s on %s.", strport, ntop); @@ -13157,7 +13180,7 @@ diff -Nur openssh-9.6p1.orig/sshd.c openssh-9.6p1/sshd.c /* Bind the socket to the desired port. */ if (bind(listen_sock, ai->ai_addr, ai->ai_addrlen) == -1) { error("Bind to port %s on %s failed: %.200s.", -@@ -1876,6 +1882,19 @@ +@@ -1421,6 +1427,19 @@ /* Fill in default values for those options not explicitly set. */ fill_default_server_options(&options); @@ -13177,31 +13200,9 @@ diff -Nur openssh-9.6p1.orig/sshd.c openssh-9.6p1/sshd.c /* Check that options are sensible */ if (options.authorized_keys_command_user == NULL && (options.authorized_keys_command != NULL && -@@ -2359,6 +2378,9 @@ - rdomain == NULL ? "" : "\""); - free(laddr); - -+ /* set the HPN options for the child */ -+ channel_set_hpn_disabled(options.hpn_disabled); -+ - /* - * We don't want to listen forever unless the other side - * successfully authenticates itself. So we set up an alarm which is -@@ -2545,6 +2567,11 @@ - struct kex *kex; - int r; - -+ if (options.none_enabled == 1) -+ debug("WARNING: None cipher enabled"); -+ if (options.nonemac_enabled == 1) -+ debug("WARNING: None MAC enabled"); -+ - if (options.rekey_limit || options.rekey_interval) - ssh_packet_set_rekey_limits(ssh, options.rekey_limit, - options.rekey_interval); -diff -Nur openssh-9.6p1.orig/sshd_config openssh-9.6p1/sshd_config ---- openssh-9.6p1.orig/sshd_config 2024-07-10 13:32:39.604111826 +0200 -+++ openssh-9.6p1/sshd_config 2024-07-10 13:34:02.735358639 +0200 +diff -Nur openssh-9.8p1.orig/sshd_config openssh-9.8p1/sshd_config +--- openssh-9.8p1.orig/sshd_config 2024-09-30 16:02:22.624024502 +0200 ++++ openssh-9.8p1/sshd_config 2024-10-02 15:40:20.779644727 +0200 @@ -19,6 +19,7 @@ # semanage port -a -t ssh_port_t -p tcp #PORTNUMBER # @@ -13210,7 +13211,7 @@ diff -Nur openssh-9.6p1.orig/sshd_config openssh-9.6p1/sshd_config #AddressFamily any #ListenAddress 0.0.0.0 #ListenAddress :: -@@ -127,6 +128,24 @@ +@@ -127,6 +128,19 @@ # override default of no subsystems Subsystem sftp /usr/libexec/sftp-server @@ -13226,18 +13227,13 @@ diff -Nur openssh-9.6p1.orig/sshd_config openssh-9.6p1/sshd_config + +# allow the use of the none MAC +#NoneMacEnabled no -+ -+# clamp the server's receive buffer to -+# 1/2 the tcp receive window. This may be useful -+# in some environments. -+#HPNBufferLimit no + # Example of overriding settings on a per-user basis #Match User anoncvs # X11Forwarding no -diff -Nur openssh-9.6p1.orig/sshd_config.5 openssh-9.6p1/sshd_config.5 ---- openssh-9.6p1.orig/sshd_config.5 2024-07-10 13:32:39.605111829 +0200 -+++ openssh-9.6p1/sshd_config.5 2024-07-10 13:34:02.736358642 +0200 +diff -Nur openssh-9.8p1.orig/sshd_config.5 openssh-9.8p1/sshd_config.5 +--- openssh-9.8p1.orig/sshd_config.5 2024-09-30 16:02:22.624024502 +0200 ++++ openssh-9.8p1/sshd_config.5 2024-09-30 16:03:39.183245354 +0200 @@ -56,6 +56,16 @@ .Pq \&" in order to represent arguments containing spaces. @@ -13255,7 +13251,7 @@ diff -Nur openssh-9.6p1.orig/sshd_config.5 openssh-9.6p1/sshd_config.5 The possible keywords and their meanings are as follows (note that keywords are case-insensitive and arguments are case-sensitive): -@@ -659,6 +669,10 @@ +@@ -667,6 +677,10 @@ TCP and StreamLocal. This option overrides all other forwarding-related options and may simplify restricted configurations. @@ -13266,7 +13262,7 @@ diff -Nur openssh-9.6p1.orig/sshd_config.5 openssh-9.6p1/sshd_config.5 .It Cm ExposeAuthInfo Writes a temporary file containing a list of authentication methods and public credentials (e.g. keys) used to authenticate the user. -@@ -892,6 +906,21 @@ +@@ -900,6 +914,11 @@ The default for this option is: The list of available signature algorithms may also be obtained using .Qq ssh -Q HostKeyAlgorithms . @@ -13275,20 +13271,10 @@ diff -Nur openssh-9.6p1.orig/sshd_config.5 openssh-9.6p1/sshd_config.5 +of the HPN code produces a net decrease in performance. In these cases it is +helpful to disable the HPN functionality. By default HPNDisabled is set to +.CM no. -+.It Cm HPNBufferLimit -+This option will force the hpnssh receive buffer to grow more slowly and limits -+the growth to one half of the TCP receive buffer. This option can prove useful -+in situation where a high speed path with larger RTTs are writing to a slower -+device or file system. Enabling this option will reduce performance but may provide -+a more stable connection. The option only impacts the receiving side of the connection. -+For example, a client receiving data from a server but not a client sending data. If -+enabled on a server this will impact all incoming connections. -+By default this option is set to -+.Cm no. HPNSSH only. .It Cm IgnoreRhosts Specifies whether to ignore per-user .Pa .rhosts -@@ -1393,6 +1422,19 @@ +@@ -1408,6 +1427,19 @@ key exchange methods. The default is .Pa /etc/moduli . @@ -13305,10 +13291,10 @@ diff -Nur openssh-9.6p1.orig/sshd_config.5 openssh-9.6p1/sshd_config.5 +protection against man-in-the-middle attacks. As with NoneEnabled all authentication +remains encrypted and integrity is ensured. Default is +.Cm no. - .It Cm PasswordAuthentication - Specifies whether password authentication is allowed. - The default is -@@ -1835,6 +1877,13 @@ + .It Cm PAMServiceName + Specifies the service name used for Pluggable Authentication Modules (PAM) + authentication, authorisation and session controls when +@@ -1952,6 +1984,13 @@ .Pp To disable TCP keepalive messages, the value should be set to .Cm no . @@ -13322,7 +13308,7 @@ diff -Nur openssh-9.6p1.orig/sshd_config.5 openssh-9.6p1/sshd_config.5 .It Cm TrustedUserCAKeys Specifies a file containing public keys of certificate authorities that are trusted to sign user certificates for authentication, or -@@ -2133,3 +2182,11 @@ +@@ -2250,3 +2289,11 @@ and .An Markus Friedl contributed support for privilege separation. @@ -13334,9 +13320,55 @@ diff -Nur openssh-9.6p1.orig/sshd_config.5 openssh-9.6p1/sshd_config.5 +developed the HPN extensions at the Pittsburgh Supercomuting Center +with grants from Cisco, the National Library of Medicine, and +the National Science Foundation. -diff -Nur openssh-9.6p1.orig/ssh.h openssh-9.6p1/ssh.h ---- openssh-9.6p1.orig/ssh.h 2023-12-18 15:59:50.000000000 +0100 -+++ openssh-9.6p1/ssh.h 2024-07-10 13:34:02.736358642 +0200 +diff -Nur openssh-9.8p1.orig/sshd-session.c openssh-9.8p1/sshd-session.c +--- openssh-9.8p1.orig/sshd-session.c 2024-09-30 16:02:22.625024505 +0200 ++++ openssh-9.8p1/sshd-session.c 2024-09-30 16:03:39.184245357 +0200 +@@ -1158,6 +1158,20 @@ + } + endpwent(); + ++ /* get NONE options */ ++ if (options.none_enabled == 1) { ++ char *old_ciphers = options.ciphers; ++ xasprintf(&options.ciphers, "%s,none", old_ciphers); ++ free(old_ciphers); ++ ++ /* only enable the none MAC in context of the none cipher -cjr */ ++ if (options.nonemac_enabled == 1) { ++ char *old_macs = options.macs; ++ xasprintf(&options.macs, "%s,none", old_macs); ++ free(old_macs); ++ } ++ } ++ + if (!debug_flag) { + startup_pipe = dup(REEXEC_STARTUP_PIPE_FD); + close(REEXEC_STARTUP_PIPE_FD); +@@ -1365,6 +1379,9 @@ + rdomain == NULL ? "" : "\""); + free(laddr); + ++ /* set the HPN options for the child */ ++ channel_set_hpn_disabled(options.hpn_disabled); ++ + /* + * We don't want to listen forever unless the other side + * successfully authenticates itself. So we set up an alarm which is +@@ -1525,6 +1542,11 @@ + struct kex *kex; + int r; + ++ if (options.none_enabled == 1) ++ debug("WARNING: None cipher enabled"); ++ if (options.nonemac_enabled == 1) ++ debug("WARNING: None MAC enabled"); ++ + if (options.rekey_limit || options.rekey_interval) + ssh_packet_set_rekey_limits(ssh, options.rekey_limit, + options.rekey_interval); +diff -Nur openssh-9.8p1.orig/ssh.h openssh-9.8p1/ssh.h +--- openssh-9.8p1.orig/ssh.h 2024-07-01 06:36:28.000000000 +0200 ++++ openssh-9.8p1/ssh.h 2024-09-30 16:03:39.185245360 +0200 @@ -17,6 +17,7 @@ /* Default port number. */ @@ -13354,10 +13386,10 @@ diff -Nur openssh-9.6p1.orig/ssh.h openssh-9.6p1/ssh.h /* * Name of the environment variable containing the process ID of the -diff -Nur openssh-9.6p1.orig/sshkey.c openssh-9.6p1/sshkey.c ---- openssh-9.6p1.orig/sshkey.c 2024-07-10 13:32:39.561111698 +0200 -+++ openssh-9.6p1/sshkey.c 2024-07-10 13:34:02.737358645 +0200 -@@ -1780,7 +1780,8 @@ +diff -Nur openssh-9.8p1.orig/sshkey.c openssh-9.8p1/sshkey.c +--- openssh-9.8p1.orig/sshkey.c 2024-09-30 16:02:22.579024372 +0200 ++++ openssh-9.8p1/sshkey.c 2024-09-30 16:03:39.185245360 +0200 +@@ -1784,7 +1784,8 @@ stderr); #endif if ((r = cipher_init(&cctx, cipher, keyiv, cipher_keylen(cipher), @@ -13367,7 +13399,7 @@ diff -Nur openssh-9.6p1.orig/sshkey.c openssh-9.6p1/sshkey.c goto out; /* Serialise and encrypt the private key using the ephemeral key */ -@@ -1915,7 +1916,8 @@ +@@ -1919,7 +1920,8 @@ keyiv, SSH_DIGEST_MAX_LENGTH)) != 0) goto out; if ((r = cipher_init(&cctx, cipher, keyiv, cipher_keylen(cipher), @@ -13377,7 +13409,7 @@ diff -Nur openssh-9.6p1.orig/sshkey.c openssh-9.6p1/sshkey.c goto out; #ifdef DEBUG_PK fprintf(stderr, "%s: key+iv\n", __func__); -@@ -2983,6 +2985,13 @@ +@@ -2987,6 +2989,13 @@ kdfname = "none"; } else if (ciphername == NULL) ciphername = DEFAULT_CIPHERNAME; @@ -13391,7 +13423,7 @@ diff -Nur openssh-9.6p1.orig/sshkey.c openssh-9.6p1/sshkey.c if ((cipher = cipher_by_name(ciphername)) == NULL) { r = SSH_ERR_INVALID_ARGUMENT; goto out; -@@ -3018,7 +3027,7 @@ +@@ -3022,7 +3031,7 @@ goto out; } if ((r = cipher_init(&ciphercontext, cipher, key, keylen, @@ -13400,7 +13432,7 @@ diff -Nur openssh-9.6p1.orig/sshkey.c openssh-9.6p1/sshkey.c goto out; if ((r = sshbuf_put(encoded, AUTH_MAGIC, sizeof(AUTH_MAGIC))) != 0 || -@@ -3205,6 +3214,8 @@ +@@ -3209,6 +3218,8 @@ (r = sshbuf_get_u32(decoded, &encrypted_len)) != 0) goto out; @@ -13409,7 +13441,7 @@ diff -Nur openssh-9.6p1.orig/sshkey.c openssh-9.6p1/sshkey.c if ((cipher = cipher_by_name(ciphername)) == NULL) { r = SSH_ERR_KEY_UNKNOWN_CIPHER; goto out; -@@ -3260,7 +3271,7 @@ +@@ -3264,7 +3275,7 @@ /* decrypt private portion of key */ if ((r = sshbuf_reserve(decrypted, encrypted_len, &dp)) != 0 || (r = cipher_init(&ciphercontext, cipher, key, keylen, @@ -13418,9 +13450,9 @@ diff -Nur openssh-9.6p1.orig/sshkey.c openssh-9.6p1/sshkey.c goto out; if ((r = cipher_crypt(ciphercontext, 0, dp, sshbuf_ptr(decoded), encrypted_len, 0, authlen)) != 0) { -diff -Nur openssh-9.6p1.orig/sshkey-xmss.c openssh-9.6p1/sshkey-xmss.c ---- openssh-9.6p1.orig/sshkey-xmss.c 2023-12-18 15:59:50.000000000 +0100 -+++ openssh-9.6p1/sshkey-xmss.c 2024-07-10 13:34:02.737358645 +0200 +diff -Nur openssh-9.8p1.orig/sshkey-xmss.c openssh-9.8p1/sshkey-xmss.c +--- openssh-9.8p1.orig/sshkey-xmss.c 2024-07-01 06:36:28.000000000 +0200 ++++ openssh-9.8p1/sshkey-xmss.c 2024-09-30 16:03:39.186245362 +0200 @@ -903,9 +903,29 @@ state->enc_keyiv == NULL || state->enc_ciphername == NULL) @@ -13505,9 +13537,9 @@ diff -Nur openssh-9.6p1.orig/sshkey-xmss.c openssh-9.6p1/sshkey-xmss.c (r = cipher_crypt(ciphercontext, 0, dp, sshbuf_ptr(copy), encrypted_len, aadlen, authlen)) != 0) goto out; -diff -Nur openssh-9.6p1.orig/umac.c openssh-9.6p1/umac.c ---- openssh-9.6p1.orig/umac.c 2023-12-18 15:59:50.000000000 +0100 -+++ openssh-9.6p1/umac.c 2024-07-10 13:34:02.738358648 +0200 +diff -Nur openssh-9.8p1.orig/umac.c openssh-9.8p1/umac.c +--- openssh-9.8p1.orig/umac.c 2024-07-01 06:36:28.000000000 +0200 ++++ openssh-9.8p1/umac.c 2024-10-01 09:50:36.972376774 +0200 @@ -134,15 +134,48 @@ /* --- Endian Conversion --- Forcing assembly on some platforms */ /* ---------------------------------------------------------------------- */ @@ -13560,9 +13592,9 @@ diff -Nur openssh-9.6p1.orig/umac.c openssh-9.6p1/umac.c #define STORE_UINT32_BIG(p,v) put_u32(p, v) /* ---------------------------------------------------------------------- */ -diff -Nur openssh-9.6p1.orig/uthash.h openssh-9.6p1/uthash.h ---- openssh-9.6p1.orig/uthash.h 1970-01-01 01:00:00.000000000 +0100 -+++ openssh-9.6p1/uthash.h 2024-07-10 13:34:02.738358648 +0200 +diff -Nur openssh-9.8p1.orig/uthash.h openssh-9.8p1/uthash.h +--- openssh-9.8p1.orig/uthash.h 1970-01-01 01:00:00.000000000 +0100 ++++ openssh-9.8p1/uthash.h 2024-09-30 16:03:39.187245365 +0200 @@ -0,0 +1,1140 @@ +/* +Copyright (c) 2003-2022, Troy D. Hanson https://troydhanson.github.io/uthash/ @@ -14704,14 +14736,14 @@ diff -Nur openssh-9.6p1.orig/uthash.h openssh-9.6p1/uthash.h +} UT_hash_handle; + +#endif /* UTHASH_H */ -diff -Nur openssh-9.6p1.orig/version.h openssh-9.6p1/version.h ---- openssh-9.6p1.orig/version.h 2024-07-10 13:32:39.605111829 +0200 -+++ openssh-9.6p1/version.h 2024-07-10 14:25:00.449370077 +0200 +diff -Nur openssh-9.8p1.orig/version.h openssh-9.8p1/version.h +--- openssh-9.8p1.orig/version.h 2024-09-30 16:02:22.625024505 +0200 ++++ openssh-9.8p1/version.h 2024-10-01 10:07:08.736253374 +0200 @@ -16,5 +16,6 @@ #define SSH_PORTABLE "p1" #define GSI_PORTABLE "c-GSI" -+#define SSH_HPN "-hpn18.3.1" ++#define SSH_HPN "_hpn18.5.1" #define SSH_RELEASE SSH_VERSION SSH_PORTABLE GSI_PORTABLE \ - GSI_VERSION KRB5_VERSION + GSI_VERSION KRB5_VERSION SSH_HPN diff --git a/openssh-9.8p1-systemd.patch b/openssh-9.8p1-systemd.patch deleted file mode 100644 index b20624e..0000000 --- a/openssh-9.8p1-systemd.patch +++ /dev/null @@ -1,201 +0,0 @@ -diff --git a/configure.ac b/configure.ac -index 379cd746b..15e2ecdb7 100644 ---- a/configure.ac -+++ b/configure.ac -@@ -907,6 +907,7 @@ int main(void) { if (NSVersionOfRunTimeLibrary("System") >= (60 << 16)) - AC_DEFINE([_PATH_BTMP], ["/var/log/btmp"], [log for bad login attempts]) - AC_DEFINE([USE_BTMP]) - AC_DEFINE([LINUX_OOM_ADJUST], [1], [Adjust Linux out-of-memory killer]) -+ AC_DEFINE([SYSTEMD_NOTIFY], [1], [Have sshd notify systemd on start/reload]) - inet6_default_4in6=yes - case `uname -r` in - 1.*|2.0.*) -diff --git a/openbsd-compat/port-linux.c b/openbsd-compat/port-linux.c -index 0457e28d0..df7290246 100644 ---- a/openbsd-compat/port-linux.c -+++ b/openbsd-compat/port-linux.c -@@ -21,16 +21,23 @@ - - #include "includes.h" - --#if defined(WITH_SELINUX) || defined(LINUX_OOM_ADJUST) -+#if defined(WITH_SELINUX) || defined(LINUX_OOM_ADJUST) || \ -+ defined(SYSTEMD_NOTIFY) -+#include -+#include -+ - #include -+#include - #include - #include - #include - #include -+#include - - #include "log.h" - #include "xmalloc.h" - #include "port-linux.h" -+#include "misc.h" - - #ifdef WITH_SELINUX - #include -@@ -310,4 +317,90 @@ oom_adjust_restore(void) - return; - } - #endif /* LINUX_OOM_ADJUST */ --#endif /* WITH_SELINUX || LINUX_OOM_ADJUST */ -+ -+#ifdef SYSTEMD_NOTIFY -+ -+static void ssh_systemd_notify(const char *, ...) -+ __attribute__((__format__ (printf, 1, 2))) __attribute__((__nonnull__ (1))); -+ -+static void -+ssh_systemd_notify(const char *fmt, ...) -+{ -+ char *s = NULL; -+ const char *path; -+ struct stat sb; -+ struct sockaddr_un addr; -+ int fd = -1; -+ va_list ap; -+ -+ if ((path = getenv("NOTIFY_SOCKET")) == NULL || strlen(path) == 0) -+ return; -+ -+ va_start(ap, fmt); -+ xvasprintf(&s, fmt, ap); -+ va_end(ap); -+ -+ /* Only AF_UNIX is supported, with path or abstract sockets */ -+ if (path[0] != '/' && path[0] != '@') { -+ error_f("socket \"%s\" is not compatible with AF_UNIX", path); -+ goto out; -+ } -+ -+ if (path[0] == '/' && stat(path, &sb) != 0) { -+ error_f("socket \"%s\" stat: %s", path, strerror(errno)); -+ goto out; -+ } -+ -+ memset(&addr, 0, sizeof(addr)); -+ addr.sun_family = AF_UNIX; -+ if (strlcpy(addr.sun_path, path, -+ sizeof(addr.sun_path)) >= sizeof(addr.sun_path)) { -+ error_f("socket path \"%s\" too long", path); -+ goto out; -+ } -+ /* Support for abstract socket */ -+ if (addr.sun_path[0] == '@') -+ addr.sun_path[0] = 0; -+ if ((fd = socket(PF_UNIX, SOCK_DGRAM, 0)) == -1) { -+ error_f("socket \"%s\": %s", path, strerror(errno)); -+ goto out; -+ } -+ if (connect(fd, &addr, sizeof(addr)) != 0) { -+ error_f("socket \"%s\" connect: %s", path, strerror(errno)); -+ goto out; -+ } -+ if (write(fd, s, strlen(s)) != (ssize_t)strlen(s)) { -+ error_f("socket \"%s\" write: %s", path, strerror(errno)); -+ goto out; -+ } -+ debug_f("socket \"%s\" notified %s", path, s); -+ out: -+ if (fd != -1) -+ close(fd); -+ free(s); -+} -+ -+void -+ssh_systemd_notify_ready(void) -+{ -+ ssh_systemd_notify("READY=1"); -+} -+ -+void -+ssh_systemd_notify_reload(void) -+{ -+ struct timespec now; -+ -+ monotime_ts(&now); -+ if (now.tv_sec < 0 || now.tv_nsec < 0) { -+ error_f("monotime returned negative value"); -+ ssh_systemd_notify("RELOADING=1"); -+ } else { -+ ssh_systemd_notify("RELOADING=1\nMONOTONIC_USEC=%llu", -+ ((uint64_t)now.tv_sec * 1000000ULL) + -+ ((uint64_t)now.tv_nsec / 1000ULL)); -+ } -+} -+#endif /* SYSTEMD_NOTIFY */ -+ -+#endif /* WITH_SELINUX || LINUX_OOM_ADJUST || SYSTEMD_NOTIFY */ -diff --git a/openbsd-compat/port-linux.h b/openbsd-compat/port-linux.h -index 3c22a854d..14064f87d 100644 ---- a/openbsd-compat/port-linux.h -+++ b/openbsd-compat/port-linux.h -@@ -30,4 +30,9 @@ void oom_adjust_restore(void); - void oom_adjust_setup(void); - #endif - -+#ifdef SYSTEMD_NOTIFY -+void ssh_systemd_notify_ready(void); -+void ssh_systemd_notify_reload(void); -+#endif -+ - #endif /* ! _PORT_LINUX_H */ -diff --git a/platform.c b/platform.c -index 4fe8744ee..9cf818153 100644 ---- a/platform.c -+++ b/platform.c -@@ -44,6 +44,14 @@ platform_pre_listen(void) - #endif - } - -+void -+platform_post_listen(void) -+{ -+#ifdef SYSTEMD_NOTIFY -+ ssh_systemd_notify_ready(); -+#endif -+} -+ - void - platform_pre_fork(void) - { -@@ -55,6 +63,9 @@ platform_pre_fork(void) - void - platform_pre_restart(void) - { -+#ifdef SYSTEMD_NOTIFY -+ ssh_systemd_notify_reload(); -+#endif - #ifdef LINUX_OOM_ADJUST - oom_adjust_restore(); - #endif -diff --git a/platform.h b/platform.h -index 7fef8c983..5dec23276 100644 ---- a/platform.h -+++ b/platform.h -@@ -21,6 +21,7 @@ - void platform_pre_listen(void); - void platform_pre_fork(void); - void platform_pre_restart(void); -+void platform_post_listen(void); - void platform_post_fork_parent(pid_t child_pid); - void platform_post_fork_child(void); - int platform_privileged_uidswap(void); -diff --git a/sshd.c b/sshd.c -index 9cbe92293..3c3f2dd6b 100644 ---- a/sshd.c -+++ b/sshd.c -@@ -2077,6 +2077,8 @@ main(int ac, char **av) - ssh_signal(SIGTERM, sigterm_handler); - ssh_signal(SIGQUIT, sigterm_handler); - -+ platform_post_listen(); -+ - /* - * Write out the pid file after the sigterm handler - * is setup and the listen sockets are bound diff --git a/sources b/sources index b461406..1f1ded8 100644 --- a/sources +++ b/sources @@ -1,3 +1,3 @@ -SHA512 (openssh-9.6p1.tar.gz) = 0ebf81e39914c3a90d7777a001ec7376a94b37e6024baf3e972c58f0982b7ddef942315f5e01d56c00ff95603b4a20ee561ab918ecc55511df007ac138160509 -SHA512 (openssh-9.6p1.tar.gz.asc) = aec5a5bd6ce480a8e5b5879dc55f8186aec90fe61f085aa92ad7d07f324574aa781be09c83b7443a32848d091fd44fb12c1842d49cee77afc351e550ffcc096d +SHA512 (openssh-9.8p1.tar.gz) = 95dec2f18e58eb47994f3de4430253e0665e185564b65088ca5f4108870e05feddef8cda8d3c0a4b75f18b98cc2c024df0e27de53b48c1a16da8da483cb8292a +SHA512 (openssh-9.8p1.tar.gz.asc) = 4df1f1be2c6ab7f3aebaedd0a773b0e8c8929abb30cd3415873ad55d012cfa113f792e888e5e772dd468c394aeb7e35d62893a514dbc0ab1a03acd79918657f7 SHA512 (gpgkey-736060BA.gpg) = df44f3fdbcd1d596705348c7f5aed3f738c5f626a55955e0642f7c6c082995cf36a1b1891bb41b8715cb2aff34fef1c877e0eff0d3507dd00a055ba695757a21 From c81b691d2c61abc4885898f2b321f3d4ae543ab6 Mon Sep 17 00:00:00 2001 From: Mattias Ellert Date: Thu, 3 Oct 2024 00:52:03 +0200 Subject: [PATCH 30/44] Based on openssh-9.8p1-4.fc42 --- gsi-openssh.spec | 10 +- ....patch => openssh-9.6p1-gssapi-keyex.patch | 1937 ++++++++-------- openssh-9.6p1-gsskex-new-api.patch | 1965 ----------------- 3 files changed, 1074 insertions(+), 2838 deletions(-) rename openssh-8.0p1-gssapi-keyex.patch => openssh-9.6p1-gssapi-keyex.patch (76%) delete mode 100644 openssh-9.6p1-gsskex-new-api.patch diff --git a/gsi-openssh.spec b/gsi-openssh.spec index afd571d..a07c006 100644 --- a/gsi-openssh.spec +++ b/gsi-openssh.spec @@ -24,7 +24,7 @@ %global libedit 1 %global openssh_ver 9.8p1 -%global openssh_rel 1 +%global openssh_rel 2 Summary: An implementation of the SSH protocol with GSI authentication Name: gsi-openssh @@ -96,7 +96,7 @@ Patch711: openssh-7.8p1-UsePAM-warning.patch # Reenable MONITOR_REQ_GSSCHECKMIC after gssapi-with-mic failures # upstream MR: # https://github.com/openssh-gsskex/openssh-gsskex/pull/21 -Patch800: openssh-8.0p1-gssapi-keyex.patch +Patch800: openssh-9.6p1-gssapi-keyex.patch #http://www.mail-archive.com/kerberos@mit.edu/msg17591.html Patch801: openssh-6.6p1-force_krb.patch # add new option GSSAPIEnablek5users and disable using ~/.k5users by default (#1169843) @@ -107,8 +107,6 @@ Patch802: openssh-6.6p1-GSSAPIEnablek5users.patch Patch804: openssh-7.7p1-gssapi-new-unique.patch # Respect k5login_directory option in krk5.conf (#1328243) Patch805: openssh-7.2p2-k5login_directory.patch -# Rewriting OpenSSH GSS KEX to use new packet API -Patch806: openssh-9.6p1-gsskex-new-api.patch #https://bugzilla.mindrot.org/show_bug.cgi?id=1780 Patch901: openssh-6.6p1-kuserok.patch @@ -303,7 +301,6 @@ gpgv2 --quiet --keyring %{SOURCE3} %{SOURCE1} %{SOURCE0} %patch -P 801 -p1 -b .force_krb %patch -P 804 -p1 -b .ccache_name %patch -P 805 -p1 -b .k5login -%patch -P 806 -p1 -b .gsskex-new-api %patch -P 901 -p1 -b .kuserok %patch -P 906 -p1 -b .fromto-remote @@ -564,6 +561,9 @@ fi %ghost %attr(0644,root,root) %{_localstatedir}/lib/.gsissh-host-keys-migration %changelog +* Wed Oct 02 2024 Mattias Ellert - 9.8p1-2 +- Based on openssh-9.8p1-4.fc42 + * Fri Sep 27 2024 Mattias Ellert - 9.8p1-1 - Based on openssh-9.8p1-3.fc41.1 diff --git a/openssh-8.0p1-gssapi-keyex.patch b/openssh-9.6p1-gssapi-keyex.patch similarity index 76% rename from openssh-8.0p1-gssapi-keyex.patch rename to openssh-9.6p1-gssapi-keyex.patch index 82b2bfe..e63b258 100644 --- a/openssh-8.0p1-gssapi-keyex.patch +++ b/openssh-9.6p1-gssapi-keyex.patch @@ -1,6 +1,6 @@ diff --color -ruNp a/auth2.c b/auth2.c ---- a/auth2.c 2024-08-28 12:35:01.189659493 +0200 -+++ b/auth2.c 2024-08-28 12:35:41.246432045 +0200 +--- a/auth2.c 2024-09-16 11:45:56.858133241 +0200 ++++ b/auth2.c 2024-09-16 11:46:34.688939755 +0200 @@ -71,6 +71,7 @@ extern Authmethod method_passwd; extern Authmethod method_kbdint; extern Authmethod method_hostbased; @@ -18,8 +18,8 @@ diff --color -ruNp a/auth2.c b/auth2.c #endif &method_passwd, diff --color -ruNp a/auth2-gss.c b/auth2-gss.c ---- a/auth2-gss.c 2024-08-28 12:35:01.189659493 +0200 -+++ b/auth2-gss.c 2024-08-28 12:35:41.265432411 +0200 +--- a/auth2-gss.c 2024-09-16 11:45:56.858133241 +0200 ++++ b/auth2-gss.c 2024-09-16 11:46:34.689939776 +0200 @@ -51,6 +51,7 @@ #define SSH_GSSAPI_MAX_MECHS 2048 @@ -109,7 +109,7 @@ diff --color -ruNp a/auth2-gss.c b/auth2-gss.c userauth_gssapi, diff --color -ruNp a/auth2-methods.c b/auth2-methods.c --- a/auth2-methods.c 2024-07-01 06:36:28.000000000 +0200 -+++ b/auth2-methods.c 2024-08-28 12:35:41.265432411 +0200 ++++ b/auth2-methods.c 2024-09-16 11:46:34.689939776 +0200 @@ -50,6 +50,11 @@ struct authmethod_cfg methodcfg_pubkey = &options.pubkey_authentication }; @@ -132,7 +132,7 @@ diff --color -ruNp a/auth2-methods.c b/auth2-methods.c &methodcfg_passwd, diff --color -ruNp a/auth.c b/auth.c --- a/auth.c 2024-07-01 06:36:28.000000000 +0200 -+++ b/auth.c 2024-08-28 12:35:41.245432026 +0200 ++++ b/auth.c 2024-09-16 11:46:34.690939798 +0200 @@ -356,7 +356,8 @@ auth_root_allowed(struct ssh *ssh, const case PERMIT_NO_PASSWD: if (strcmp(method, "publickey") == 0 || @@ -145,7 +145,7 @@ diff --color -ruNp a/auth.c b/auth.c case PERMIT_FORCED_ONLY: diff --color -ruNp a/canohost.c b/canohost.c --- a/canohost.c 2024-07-01 06:36:28.000000000 +0200 -+++ b/canohost.c 2024-08-28 12:35:41.246432045 +0200 ++++ b/canohost.c 2024-09-16 11:46:34.690939798 +0200 @@ -35,6 +35,99 @@ #include "canohost.h" #include "misc.h" @@ -248,7 +248,7 @@ diff --color -ruNp a/canohost.c b/canohost.c { diff --color -ruNp a/canohost.h b/canohost.h --- a/canohost.h 2024-07-01 06:36:28.000000000 +0200 -+++ b/canohost.h 2024-08-28 12:35:41.246432045 +0200 ++++ b/canohost.h 2024-09-16 11:46:34.690939798 +0200 @@ -15,6 +15,9 @@ #ifndef _CANOHOST_H #define _CANOHOST_H @@ -261,7 +261,7 @@ diff --color -ruNp a/canohost.h b/canohost.h char *get_local_ipaddr(int); diff --color -ruNp a/clientloop.c b/clientloop.c --- a/clientloop.c 2024-07-01 06:36:28.000000000 +0200 -+++ b/clientloop.c 2024-08-28 12:35:41.246432045 +0200 ++++ b/clientloop.c 2024-09-16 11:46:34.690939798 +0200 @@ -115,6 +115,10 @@ #include "ssherr.h" #include "hostfile.h" @@ -289,8 +289,8 @@ diff --color -ruNp a/clientloop.c b/clientloop.c if (conn_in_ready) client_process_net_input(ssh); diff --color -ruNp a/configure.ac b/configure.ac ---- a/configure.ac 2024-08-28 12:35:01.202659743 +0200 -+++ b/configure.ac 2024-08-28 12:35:41.247432064 +0200 +--- a/configure.ac 2024-09-16 11:45:56.870133497 +0200 ++++ b/configure.ac 2024-09-16 11:46:34.691939819 +0200 @@ -774,6 +774,30 @@ int main(void) { if (NSVersionOfRunTimeL [Use tunnel device compatibility to OpenBSD]) AC_DEFINE([SSH_TUN_PREPEND_AF], [1], @@ -324,7 +324,7 @@ diff --color -ruNp a/configure.ac b/configure.ac AC_DEFINE([AU_IPv4], [0], [System only supports IPv4 audit records]) diff --color -ruNp a/gss-genr.c b/gss-genr.c --- a/gss-genr.c 2024-07-01 06:36:28.000000000 +0200 -+++ b/gss-genr.c 2024-08-28 12:35:41.248432084 +0200 ++++ b/gss-genr.c 2024-09-16 11:46:34.708940181 +0200 @@ -42,9 +42,33 @@ #include "sshbuf.h" #include "log.h" @@ -519,7 +519,28 @@ diff --color -ruNp a/gss-genr.c b/gss-genr.c /* Check that the OID in a data stream matches that in the context */ int ssh_gssapi_check_oid(Gssctxt *ctx, void *data, size_t len) -@@ -216,7 +393,7 @@ ssh_gssapi_init_ctx(Gssctxt *ctx, int de +@@ -168,6 +345,7 @@ ssh_gssapi_build_ctx(Gssctxt **ctx) + (*ctx)->creds = GSS_C_NO_CREDENTIAL; + (*ctx)->client = GSS_C_NO_NAME; + (*ctx)->client_creds = GSS_C_NO_CREDENTIAL; ++ (*ctx)->first = 1; + } + + /* Delete our context, providing it has been built correctly */ +@@ -193,6 +371,12 @@ ssh_gssapi_delete_ctx(Gssctxt **ctx) + gss_release_name(&ms, &(*ctx)->client); + if ((*ctx)->client_creds != GSS_C_NO_CREDENTIAL) + gss_release_cred(&ms, &(*ctx)->client_creds); ++ sshbuf_free((*ctx)->shared_secret); ++ sshbuf_free((*ctx)->server_pubkey); ++ sshbuf_free((*ctx)->server_host_key_blob); ++ sshbuf_free((*ctx)->server_blob); ++ explicit_bzero((*ctx)->hash, sizeof((*ctx)->hash)); ++ BN_clear_free((*ctx)->dh_client_pub); + + free(*ctx); + *ctx = NULL; +@@ -216,7 +400,7 @@ ssh_gssapi_init_ctx(Gssctxt *ctx, int de } ctx->major = gss_init_sec_context(&ctx->minor, @@ -528,7 +549,7 @@ diff --color -ruNp a/gss-genr.c b/gss-genr.c GSS_C_MUTUAL_FLAG | GSS_C_INTEG_FLAG | deleg_flag, 0, NULL, recv_tok, NULL, send_tok, flags, NULL); -@@ -246,8 +423,42 @@ ssh_gssapi_import_name(Gssctxt *ctx, con +@@ -246,8 +430,42 @@ ssh_gssapi_import_name(Gssctxt *ctx, con } OM_uint32 @@ -571,7 +592,7 @@ diff --color -ruNp a/gss-genr.c b/gss-genr.c if ((ctx->major = gss_get_mic(&ctx->minor, ctx->context, GSS_C_QOP_DEFAULT, buffer, hash))) ssh_gssapi_error(ctx); -@@ -255,6 +466,19 @@ ssh_gssapi_sign(Gssctxt *ctx, gss_buffer +@@ -255,6 +473,19 @@ ssh_gssapi_sign(Gssctxt *ctx, gss_buffer return (ctx->major); } @@ -591,7 +612,7 @@ diff --color -ruNp a/gss-genr.c b/gss-genr.c void ssh_gssapi_buildmic(struct sshbuf *b, const char *user, const char *service, const char *context, const struct sshbuf *session_id) -@@ -271,11 +495,16 @@ ssh_gssapi_buildmic(struct sshbuf *b, co +@@ -271,11 +502,16 @@ ssh_gssapi_buildmic(struct sshbuf *b, co } int @@ -609,7 +630,7 @@ diff --color -ruNp a/gss-genr.c b/gss-genr.c /* RFC 4462 says we MUST NOT do SPNEGO */ if (oid->length == spnego_oid.length && -@@ -285,6 +514,10 @@ ssh_gssapi_check_mechanism(Gssctxt **ctx +@@ -285,6 +521,10 @@ ssh_gssapi_check_mechanism(Gssctxt **ctx ssh_gssapi_build_ctx(ctx); ssh_gssapi_set_oid(*ctx, oid); major = ssh_gssapi_import_name(*ctx, host); @@ -620,7 +641,7 @@ diff --color -ruNp a/gss-genr.c b/gss-genr.c if (!GSS_ERROR(major)) { major = ssh_gssapi_init_ctx(*ctx, 0, GSS_C_NO_BUFFER, &token, NULL); -@@ -294,10 +527,66 @@ ssh_gssapi_check_mechanism(Gssctxt **ctx +@@ -294,10 +534,66 @@ ssh_gssapi_check_mechanism(Gssctxt **ctx GSS_C_NO_BUFFER); } @@ -690,7 +711,7 @@ diff --color -ruNp a/gss-genr.c b/gss-genr.c #endif /* GSSAPI */ diff --color -ruNp a/gss-serv.c b/gss-serv.c --- a/gss-serv.c 2024-07-01 06:36:28.000000000 +0200 -+++ b/gss-serv.c 2024-08-28 12:35:41.248432084 +0200 ++++ b/gss-serv.c 2024-09-16 11:46:34.692939840 +0200 @@ -1,7 +1,7 @@ /* $OpenBSD: gss-serv.c,v 1.32 2020/03/13 03:17:07 djm Exp $ */ @@ -984,7 +1005,7 @@ diff --color -ruNp a/gss-serv.c b/gss-serv.c /* Privileged */ diff --color -ruNp a/gss-serv-krb5.c b/gss-serv-krb5.c --- a/gss-serv-krb5.c 2024-07-01 06:36:28.000000000 +0200 -+++ b/gss-serv-krb5.c 2024-08-28 12:35:41.248432084 +0200 ++++ b/gss-serv-krb5.c 2024-09-16 11:46:34.692939840 +0200 @@ -1,7 +1,7 @@ /* $OpenBSD: gss-serv-krb5.c,v 1.9 2018/07/09 21:37:55 markus Exp $ */ @@ -1123,8 +1144,8 @@ diff --color -ruNp a/gss-serv-krb5.c b/gss-serv-krb5.c #endif /* KRB5 */ diff --color -ruNp a/kex.c b/kex.c --- a/kex.c 2024-07-01 06:36:28.000000000 +0200 -+++ b/kex.c 2024-08-28 12:35:41.249432103 +0200 -@@ -303,17 +303,37 @@ static int ++++ b/kex.c 2024-09-16 11:46:34.692939840 +0200 +@@ -297,17 +297,37 @@ static int kex_compose_ext_info_server(struct ssh *ssh, struct sshbuf *m) { int r; @@ -1168,7 +1189,7 @@ diff --color -ruNp a/kex.c b/kex.c (r = sshbuf_put_cstring(m, "0")) != 0) { error_fr(r, "compose"); return r; -@@ -737,6 +737,9 @@ kex_free(struct kex *kex) +@@ -737,6 +757,9 @@ kex_free(struct kex *kex) sshbuf_free(kex->server_version); sshbuf_free(kex->client_pub); sshbuf_free(kex->session_id); @@ -1180,7 +1201,7 @@ diff --color -ruNp a/kex.c b/kex.c free(kex->failed_choice); diff --color -ruNp a/kexdh.c b/kexdh.c --- a/kexdh.c 2024-07-01 06:36:28.000000000 +0200 -+++ b/kexdh.c 2024-08-28 12:35:41.249432103 +0200 ++++ b/kexdh.c 2024-09-16 11:46:34.693939862 +0200 @@ -49,13 +49,23 @@ kex_dh_keygen(struct kex *kex) { switch (kex->kex_type) { @@ -1207,7 +1228,7 @@ diff --color -ruNp a/kexdh.c b/kexdh.c case KEX_DH_GRP18_SHA512: diff --color -ruNp a/kexgen.c b/kexgen.c --- a/kexgen.c 2024-07-01 06:36:28.000000000 +0200 -+++ b/kexgen.c 2024-08-28 12:35:41.249432103 +0200 ++++ b/kexgen.c 2024-09-16 11:46:34.693939862 +0200 @@ -44,7 +44,7 @@ static int input_kex_gen_init(int, u_int32_t, struct ssh *); static int input_kex_gen_reply(int type, u_int32_t seq, struct ssh *ssh); @@ -1219,8 +1240,8 @@ diff --color -ruNp a/kexgen.c b/kexgen.c const struct sshbuf *client_version, diff --color -ruNp a/kexgssc.c b/kexgssc.c --- a/kexgssc.c 1970-01-01 01:00:00.000000000 +0100 -+++ b/kexgssc.c 2024-08-28 12:35:41.250432122 +0200 -@@ -0,0 +1,612 @@ ++++ b/kexgssc.c 2024-09-16 11:46:34.709940203 +0200 +@@ -0,0 +1,704 @@ +/* + * Copyright (c) 2001-2009 Simon Wilkinson. All rights reserved. + * @@ -1270,38 +1291,206 @@ diff --color -ruNp a/kexgssc.c b/kexgssc.c + +#include "ssh-gss.h" + ++static int input_kexgss_hostkey(int, u_int32_t, struct ssh *); ++static int input_kexgss_continue(int, u_int32_t, struct ssh *); ++static int input_kexgss_complete(int, u_int32_t, struct ssh *); ++static int input_kexgss_error(int, u_int32_t, struct ssh *); ++static int input_kexgssgex_group(int, u_int32_t, struct ssh *); ++static int input_kexgssgex_continue(int, u_int32_t, struct ssh *); ++static int input_kexgssgex_complete(int, u_int32_t, struct ssh *); ++ ++static int ++kexgss_final(struct ssh *ssh) ++{ ++ struct kex *kex = ssh->kex; ++ Gssctxt *gss = kex->gss; ++ struct sshbuf *empty = NULL; ++ struct sshbuf *shared_secret = NULL; ++ u_char hash[SSH_DIGEST_MAX_LENGTH]; ++ size_t hashlen; ++ int r; ++ ++ /* ++ * We _must_ have received a COMPLETE message in reply from the ++ * server, which will have set server_blob and msg_tok ++ */ ++ ++ /* compute shared secret */ ++ switch (kex->kex_type) { ++ case KEX_GSS_GRP1_SHA1: ++ case KEX_GSS_GRP14_SHA1: ++ case KEX_GSS_GRP14_SHA256: ++ case KEX_GSS_GRP16_SHA512: ++ r = kex_dh_dec(kex, gss->server_blob, &shared_secret); ++ break; ++ case KEX_GSS_C25519_SHA256: ++ if (sshbuf_ptr(gss->server_blob)[sshbuf_len(gss->server_blob)] & 0x80) ++ fatal("The received key has MSB of last octet set!"); ++ r = kex_c25519_dec(kex, gss->server_blob, &shared_secret); ++ break; ++ case KEX_GSS_NISTP256_SHA256: ++ if (sshbuf_len(gss->server_blob) != 65) ++ fatal("The received NIST-P256 key did not match " ++ "expected length (expected 65, got %zu)", ++ sshbuf_len(gss->server_blob)); ++ ++ if (sshbuf_ptr(gss->server_blob)[0] != POINT_CONVERSION_UNCOMPRESSED) ++ fatal("The received NIST-P256 key does not have first octet 0x04"); ++ ++ r = kex_ecdh_dec(kex, gss->server_blob, &shared_secret); ++ break; ++ default: ++ r = SSH_ERR_INVALID_ARGUMENT; ++ break; ++ } ++ if (r != 0) { ++ ssh_gssapi_delete_ctx(&kex->gss); ++ goto out; ++ } ++ ++ if ((empty = sshbuf_new()) == NULL) { ++ ssh_gssapi_delete_ctx(&kex->gss); ++ r = SSH_ERR_ALLOC_FAIL; ++ goto out; ++ } ++ ++ hashlen = sizeof(hash); ++ r = kex_gen_hash(kex->hash_alg, kex->client_version, ++ kex->server_version, kex->my, kex->peer, ++ (gss->server_host_key_blob ? gss->server_host_key_blob : empty), ++ kex->client_pub, gss->server_blob, shared_secret, ++ hash, &hashlen); ++ sshbuf_free(empty); ++ if (r != 0) ++ fatal_f("Unexpected KEX type %d", kex->kex_type); ++ ++ gss->buf.value = hash; ++ gss->buf.length = hashlen; ++ ++ /* Verify that the hash matches the MIC we just got. */ ++ if (GSS_ERROR(ssh_gssapi_checkmic(gss, &gss->buf, &gss->msg_tok))) ++ sshpkt_disconnect(ssh, "Hash's MIC didn't verify"); ++ ++ gss_release_buffer(&gss->minor, &gss->msg_tok); ++ ++ if (kex->gss_deleg_creds) ++ ssh_gssapi_credentials_updated(gss); ++ ++ if (gss_kex_context == NULL) ++ gss_kex_context = gss; ++ else ++ ssh_gssapi_delete_ctx(&kex->gss); ++ ++ if ((r = kex_derive_keys(ssh, hash, hashlen, shared_secret)) == 0) ++ r = kex_send_newkeys(ssh); ++ ++ if (kex->gss != NULL) { ++ sshbuf_free(gss->server_host_key_blob); ++ gss->server_host_key_blob = NULL; ++ sshbuf_free(gss->server_blob); ++ gss->server_blob = NULL; ++ } ++out: ++ explicit_bzero(kex->c25519_client_key, sizeof(kex->c25519_client_key)); ++ explicit_bzero(hash, sizeof(hash)); ++ sshbuf_free(shared_secret); ++ sshbuf_free(kex->client_pub); ++ kex->client_pub = NULL; ++ return r; ++} ++ ++static int ++kexgss_init_ctx(struct ssh *ssh, ++ gss_buffer_desc *token_ptr) ++{ ++ struct kex *kex = ssh->kex; ++ Gssctxt *gss = kex->gss; ++ gss_buffer_desc send_tok = GSS_C_EMPTY_BUFFER; ++ OM_uint32 ret_flags; ++ int r; ++ ++ debug("Calling gss_init_sec_context"); ++ ++ gss->major = ssh_gssapi_init_ctx(gss, kex->gss_deleg_creds, ++ token_ptr, &send_tok, &ret_flags); ++ ++ if (GSS_ERROR(gss->major)) { ++ /* XXX Useless code: Missing send? */ ++ if (send_tok.length != 0) { ++ if ((r = sshpkt_start(ssh, SSH2_MSG_KEXGSS_CONTINUE)) != 0 || ++ (r = sshpkt_put_string(ssh, send_tok.value, send_tok.length)) != 0) ++ fatal("sshpkt failed: %s", ssh_err(r)); ++ } ++ fatal("gss_init_context failed"); ++ } ++ ++ /* If we've got an old receive buffer get rid of it */ ++ if (token_ptr != GSS_C_NO_BUFFER) ++ gss_release_buffer(&gss->minor, token_ptr); ++ ++ if (gss->major == GSS_S_COMPLETE) { ++ /* If mutual state flag is not true, kex fails */ ++ if (!(ret_flags & GSS_C_MUTUAL_FLAG)) ++ fatal("Mutual authentication failed"); ++ ++ /* If integ avail flag is not true kex fails */ ++ if (!(ret_flags & GSS_C_INTEG_FLAG)) ++ fatal("Integrity check failed"); ++ } ++ ++ /* ++ * If we have data to send, then the last message that we ++ * received cannot have been a 'complete'. ++ */ ++ if (send_tok.length != 0) { ++ if (gss->first) { ++ if ((r = sshpkt_start(ssh, SSH2_MSG_KEXGSS_INIT)) != 0 || ++ (r = sshpkt_put_string(ssh, send_tok.value, send_tok.length)) != 0 || ++ (r = sshpkt_put_stringb(ssh, kex->client_pub)) != 0) ++ fatal("failed to construct packet: %s", ssh_err(r)); ++ gss->first = 0; ++ } else { ++ if ((r = sshpkt_start(ssh, SSH2_MSG_KEXGSS_CONTINUE)) != 0 || ++ (r = sshpkt_put_string(ssh, send_tok.value, send_tok.length)) != 0) ++ fatal("failed to construct packet: %s", ssh_err(r)); ++ } ++ if ((r = sshpkt_send(ssh)) != 0) ++ fatal("failed to send packet: %s", ssh_err(r)); ++ gss_release_buffer(&gss->minor, &send_tok); ++ ++ /* If we've sent them data, they should reply */ ++ ssh_dispatch_set(ssh, SSH2_MSG_KEXGSS_HOSTKEY, &input_kexgss_hostkey); ++ ssh_dispatch_set(ssh, SSH2_MSG_KEXGSS_CONTINUE, &input_kexgss_continue); ++ ssh_dispatch_set(ssh, SSH2_MSG_KEXGSS_COMPLETE, &input_kexgss_complete); ++ ssh_dispatch_set(ssh, SSH2_MSG_KEXGSS_ERROR, &input_kexgss_error); ++ return 0; ++ } ++ /* No data, and not complete */ ++ if (gss->major != GSS_S_COMPLETE) ++ fatal("Not complete, and no token output"); ++ ++ if (gss->major & GSS_S_CONTINUE_NEEDED) ++ return kexgss_init_ctx(ssh, token_ptr); ++ ++ return kexgss_final(ssh); ++} ++ +int +kexgss_client(struct ssh *ssh) +{ + struct kex *kex = ssh->kex; -+ gss_buffer_desc send_tok = GSS_C_EMPTY_BUFFER, -+ recv_tok = GSS_C_EMPTY_BUFFER, -+ gssbuf, msg_tok = GSS_C_EMPTY_BUFFER, *token_ptr; -+ Gssctxt *ctxt; -+ OM_uint32 maj_status, min_status, ret_flags; -+ struct sshbuf *server_blob = NULL; -+ struct sshbuf *shared_secret = NULL; -+ struct sshbuf *server_host_key_blob = NULL; -+ struct sshbuf *empty = NULL; -+ u_char *msg; -+ int type = 0; -+ int first = 1; -+ u_char hash[SSH_DIGEST_MAX_LENGTH]; -+ size_t hashlen; -+ u_char c; + int r; + + /* Initialise our GSSAPI world */ -+ ssh_gssapi_build_ctx(&ctxt); -+ if (ssh_gssapi_id_kex(ctxt, kex->name, kex->kex_type) -+ == GSS_C_NO_OID) ++ ssh_gssapi_build_ctx(&kex->gss); ++ if (ssh_gssapi_id_kex(kex->gss, kex->name, kex->kex_type) == GSS_C_NO_OID) + fatal("Couldn't identify host exchange"); + -+ if (ssh_gssapi_import_name(ctxt, kex->gss_host)) ++ if (ssh_gssapi_import_name(kex->gss, kex->gss_host)) + fatal("Couldn't import hostname"); + + if (kex->gss_client && -+ ssh_gssapi_client_identity(ctxt, kex->gss_client)) ++ ssh_gssapi_client_identity(kex->gss, kex->gss_client)) + fatal("Couldn't acquire client credentials"); + + /* Step 1 */ @@ -1322,521 +1511,445 @@ diff --color -ruNp a/kexgssc.c b/kexgssc.c + fatal_f("Unexpected KEX type %d", kex->kex_type); + } + if (r != 0) { -+ ssh_gssapi_delete_ctx(&ctxt); ++ ssh_gssapi_delete_ctx(&kex->gss); + return r; + } ++ return kexgss_init_ctx(ssh, GSS_C_NO_BUFFER); ++} + -+ token_ptr = GSS_C_NO_BUFFER; ++static int ++input_kexgss_hostkey(int type, ++ u_int32_t seq, ++ struct ssh *ssh) ++{ ++ Gssctxt *gss = ssh->kex->gss; ++ u_char *tmp = NULL; ++ size_t tmp_len = 0; ++ int r; + -+ do { -+ debug("Calling gss_init_sec_context"); ++ debug("Received KEXGSS_HOSTKEY"); ++ if (gss->server_host_key_blob) ++ fatal("Server host key received more than once"); ++ if ((r = sshpkt_get_string(ssh, &tmp, &tmp_len)) != 0) ++ fatal("Failed to read server host key: %s", ssh_err(r)); ++ if ((gss->server_host_key_blob = sshbuf_from(tmp, tmp_len)) == NULL) ++ fatal("sshbuf_from failed"); ++ return 0; ++} + -+ maj_status = ssh_gssapi_init_ctx(ctxt, -+ kex->gss_deleg_creds, token_ptr, &send_tok, -+ &ret_flags); ++static int ++input_kexgss_continue(int type, ++ u_int32_t seq, ++ struct ssh *ssh) ++{ ++ Gssctxt *gss = ssh->kex->gss; ++ gss_buffer_desc recv_tok = GSS_C_EMPTY_BUFFER; ++ int r; + -+ if (GSS_ERROR(maj_status)) { -+ /* XXX Useles code: Missing send? */ -+ if (send_tok.length != 0) { -+ if ((r = sshpkt_start(ssh, -+ SSH2_MSG_KEXGSS_CONTINUE)) != 0 || -+ (r = sshpkt_put_string(ssh, send_tok.value, -+ send_tok.length)) != 0) -+ fatal("sshpkt failed: %s", ssh_err(r)); -+ } -+ fatal("gss_init_context failed"); -+ } ++ ssh_dispatch_set(ssh, SSH2_MSG_KEXGSS_HOSTKEY, NULL); ++ ssh_dispatch_set(ssh, SSH2_MSG_KEXGSS_CONTINUE, NULL); ++ ssh_dispatch_set(ssh, SSH2_MSG_KEXGSS_COMPLETE, NULL); ++ ssh_dispatch_set(ssh, SSH2_MSG_KEXGSS_ERROR, NULL); + -+ /* If we've got an old receive buffer get rid of it */ -+ if (token_ptr != GSS_C_NO_BUFFER) -+ gss_release_buffer(&min_status, &recv_tok); ++ debug("Received GSSAPI_CONTINUE"); ++ if (gss->major == GSS_S_COMPLETE) ++ fatal("GSSAPI Continue received from server when complete"); ++ if ((r = ssh_gssapi_sshpkt_get_buffer_desc(ssh, &recv_tok)) != 0 || ++ (r = sshpkt_get_end(ssh)) != 0) ++ fatal("Failed to read token: %s", ssh_err(r)); ++ if (!(gss->major & GSS_S_CONTINUE_NEEDED)) ++ fatal("Didn't receive a SSH2_MSG_KEXGSS_COMPLETE when I expected it"); ++ return kexgss_init_ctx(ssh, &recv_tok); ++} + -+ if (maj_status == GSS_S_COMPLETE) { -+ /* If mutual state flag is not true, kex fails */ -+ if (!(ret_flags & GSS_C_MUTUAL_FLAG)) -+ fatal("Mutual authentication failed"); ++static int ++input_kexgss_complete(int type, ++ u_int32_t seq, ++ struct ssh *ssh) ++{ ++ Gssctxt *gss = ssh->kex->gss; ++ gss_buffer_desc recv_tok = GSS_C_EMPTY_BUFFER; ++ u_char c; ++ int r; + -+ /* If integ avail flag is not true kex fails */ -+ if (!(ret_flags & GSS_C_INTEG_FLAG)) -+ fatal("Integrity check failed"); -+ } ++ ssh_dispatch_set(ssh, SSH2_MSG_KEXGSS_HOSTKEY, NULL); ++ ssh_dispatch_set(ssh, SSH2_MSG_KEXGSS_CONTINUE, NULL); ++ ssh_dispatch_set(ssh, SSH2_MSG_KEXGSS_COMPLETE, NULL); ++ ssh_dispatch_set(ssh, SSH2_MSG_KEXGSS_ERROR, NULL); + -+ /* -+ * If we have data to send, then the last message that we -+ * received cannot have been a 'complete'. -+ */ -+ if (send_tok.length != 0) { -+ if (first) { -+ if ((r = sshpkt_start(ssh, SSH2_MSG_KEXGSS_INIT)) != 0 || -+ (r = sshpkt_put_string(ssh, send_tok.value, -+ send_tok.length)) != 0 || -+ (r = sshpkt_put_stringb(ssh, kex->client_pub)) != 0) -+ fatal("failed to construct packet: %s", ssh_err(r)); -+ first = 0; -+ } else { -+ if ((r = sshpkt_start(ssh, SSH2_MSG_KEXGSS_CONTINUE)) != 0 || -+ (r = sshpkt_put_string(ssh, send_tok.value, -+ send_tok.length)) != 0) -+ fatal("failed to construct packet: %s", ssh_err(r)); -+ } -+ if ((r = sshpkt_send(ssh)) != 0) -+ fatal("failed to send packet: %s", ssh_err(r)); -+ gss_release_buffer(&min_status, &send_tok); ++ debug("Received GSSAPI_COMPLETE"); ++ if (gss->msg_tok.value != NULL) ++ fatal("Received GSSAPI_COMPLETE twice?"); ++ if ((r = sshpkt_getb_froms(ssh, &gss->server_blob)) != 0 || ++ (r = ssh_gssapi_sshpkt_get_buffer_desc(ssh, &gss->msg_tok)) != 0) ++ fatal("Failed to read message: %s", ssh_err(r)); + -+ /* If we've sent them data, they should reply */ -+ do { -+ type = ssh_packet_read(ssh); -+ if (type == SSH2_MSG_KEXGSS_HOSTKEY) { -+ u_char *tmp = NULL; -+ size_t tmp_len = 0; ++ /* Is there a token included? */ ++ if ((r = sshpkt_get_u8(ssh, &c)) != 0) ++ fatal("sshpkt failed: %s", ssh_err(r)); ++ if (c) { ++ if ((r = ssh_gssapi_sshpkt_get_buffer_desc(ssh, &recv_tok)) != 0) ++ fatal("Failed to read token: %s", ssh_err(r)); ++ /* If we're already complete - protocol error */ ++ if (gss->major == GSS_S_COMPLETE) ++ sshpkt_disconnect(ssh, "Protocol error: received token when complete"); ++ } else { ++ if (gss->major != GSS_S_COMPLETE) ++ sshpkt_disconnect(ssh, "Protocol error: did not receive final token"); ++ } ++ if ((r = sshpkt_get_end(ssh)) != 0) ++ fatal("Expecting end of packet."); + -+ debug("Received KEXGSS_HOSTKEY"); -+ if (server_host_key_blob) -+ fatal("Server host key received more than once"); -+ if ((r = sshpkt_get_string(ssh, &tmp, &tmp_len)) != 0) -+ fatal("Failed to read server host key: %s", ssh_err(r)); -+ if ((server_host_key_blob = sshbuf_from(tmp, tmp_len)) == NULL) -+ fatal("sshbuf_from failed"); -+ } -+ } while (type == SSH2_MSG_KEXGSS_HOSTKEY); ++ if (gss->major & GSS_S_CONTINUE_NEEDED) ++ return kexgss_init_ctx(ssh, &recv_tok); + -+ switch (type) { -+ case SSH2_MSG_KEXGSS_CONTINUE: -+ debug("Received GSSAPI_CONTINUE"); -+ if (maj_status == GSS_S_COMPLETE) -+ fatal("GSSAPI Continue received from server when complete"); -+ if ((r = ssh_gssapi_sshpkt_get_buffer_desc(ssh, -+ &recv_tok)) != 0 || -+ (r = sshpkt_get_end(ssh)) != 0) -+ fatal("Failed to read token: %s", ssh_err(r)); -+ break; -+ case SSH2_MSG_KEXGSS_COMPLETE: -+ debug("Received GSSAPI_COMPLETE"); -+ if (msg_tok.value != NULL) -+ fatal("Received GSSAPI_COMPLETE twice?"); -+ if ((r = sshpkt_getb_froms(ssh, &server_blob)) != 0 || -+ (r = ssh_gssapi_sshpkt_get_buffer_desc(ssh, -+ &msg_tok)) != 0) -+ fatal("Failed to read message: %s", ssh_err(r)); ++ return kexgss_final(ssh); ++} + -+ /* Is there a token included? */ -+ if ((r = sshpkt_get_u8(ssh, &c)) != 0) -+ fatal("sshpkt failed: %s", ssh_err(r)); -+ if (c) { -+ if ((r = ssh_gssapi_sshpkt_get_buffer_desc( -+ ssh, &recv_tok)) != 0) -+ fatal("Failed to read token: %s", ssh_err(r)); -+ /* If we're already complete - protocol error */ -+ if (maj_status == GSS_S_COMPLETE) -+ sshpkt_disconnect(ssh, "Protocol error: received token when complete"); -+ } else { -+ /* No token included */ -+ if (maj_status != GSS_S_COMPLETE) -+ sshpkt_disconnect(ssh, "Protocol error: did not receive final token"); -+ } -+ if ((r = sshpkt_get_end(ssh)) != 0) { -+ fatal("Expecting end of packet."); -+ } -+ break; -+ case SSH2_MSG_KEXGSS_ERROR: -+ debug("Received Error"); -+ if ((r = sshpkt_get_u32(ssh, &maj_status)) != 0 || -+ (r = sshpkt_get_u32(ssh, &min_status)) != 0 || -+ (r = sshpkt_get_string(ssh, &msg, NULL)) != 0 || -+ (r = sshpkt_get_string(ssh, NULL, NULL)) != 0 || /* lang tag */ -+ (r = sshpkt_get_end(ssh)) != 0) -+ fatal("sshpkt_get failed: %s", ssh_err(r)); -+ fatal("GSSAPI Error: \n%.400s", msg); -+ default: -+ sshpkt_disconnect(ssh, "Protocol error: didn't expect packet type %d", -+ type); -+ } -+ token_ptr = &recv_tok; -+ } else { -+ /* No data, and not complete */ -+ if (maj_status != GSS_S_COMPLETE) -+ fatal("Not complete, and no token output"); -+ } -+ } while (maj_status & GSS_S_CONTINUE_NEEDED); ++static int ++input_kexgss_error(int type, ++ u_int32_t seq, ++ struct ssh *ssh) ++{ ++ Gssctxt *gss = ssh->kex->gss; ++ u_char *msg; ++ int r; ++ ++ debug("Received Error"); ++ if ((r = sshpkt_get_u32(ssh, &gss->major)) != 0 || ++ (r = sshpkt_get_u32(ssh, &gss->minor)) != 0 || ++ (r = sshpkt_get_string(ssh, &msg, NULL)) != 0 || ++ (r = sshpkt_get_string(ssh, NULL, NULL)) != 0 || /* lang tag */ ++ (r = sshpkt_get_end(ssh)) != 0) ++ fatal("sshpkt_get failed: %s", ssh_err(r)); ++ fatal("GSSAPI Error: \n%.400s", msg); ++ return 0; ++} ++ ++/*******************************************************/ ++/******************** KEXGSSGEX ************************/ ++/*******************************************************/ ++ ++int ++kexgssgex_client(struct ssh *ssh) ++{ ++ struct kex *kex = ssh->kex; ++ int r; ++ ++ /* Initialise our GSSAPI world */ ++ ssh_gssapi_build_ctx(&kex->gss); ++ if (ssh_gssapi_id_kex(kex->gss, kex->name, kex->kex_type) == GSS_C_NO_OID) ++ fatal("Couldn't identify host exchange"); ++ ++ if (ssh_gssapi_import_name(kex->gss, kex->gss_host)) ++ fatal("Couldn't import hostname"); ++ ++ if (kex->gss_client && ++ ssh_gssapi_client_identity(kex->gss, kex->gss_client)) ++ fatal("Couldn't acquire client credentials"); ++ ++ debug("Doing group exchange"); ++ kex->min = DH_GRP_MIN; ++ kex->max = DH_GRP_MAX; ++ kex->nbits = dh_estimate(kex->dh_need * 8); ++ ++ if ((r = sshpkt_start(ssh, SSH2_MSG_KEXGSS_GROUPREQ)) != 0 || ++ (r = sshpkt_put_u32(ssh, kex->min)) != 0 || ++ (r = sshpkt_put_u32(ssh, kex->nbits)) != 0 || ++ (r = sshpkt_put_u32(ssh, kex->max)) != 0 || ++ (r = sshpkt_send(ssh)) != 0) ++ fatal("Failed to construct a packet: %s", ssh_err(r)); ++ ++ debug("Wait SSH2_MSG_KEXGSS_GROUP"); ++ ssh_dispatch_set(ssh, SSH2_MSG_KEXGSS_GROUP, &input_kexgssgex_group); ++ return 0; ++} ++ ++static int ++kexgssgex_final(struct ssh *ssh) ++{ ++ struct kex *kex = ssh->kex; ++ Gssctxt *gss = kex->gss; ++ struct sshbuf *buf = NULL; ++ struct sshbuf *empty = NULL; ++ struct sshbuf *shared_secret = NULL; ++ BIGNUM *dh_server_pub = NULL; ++ const BIGNUM *pub_key, *dh_p, *dh_g; ++ u_char hash[SSH_DIGEST_MAX_LENGTH]; ++ size_t hashlen; ++ int r = SSH_ERR_INTERNAL_ERROR; + + /* + * We _must_ have received a COMPLETE message in reply from the + * server, which will have set server_blob and msg_tok + */ + -+ if (type != SSH2_MSG_KEXGSS_COMPLETE) -+ fatal("Didn't receive a SSH2_MSG_KEXGSS_COMPLETE when I expected it"); -+ -+ /* compute shared secret */ -+ switch (kex->kex_type) { -+ case KEX_GSS_GRP1_SHA1: -+ case KEX_GSS_GRP14_SHA1: -+ case KEX_GSS_GRP14_SHA256: -+ case KEX_GSS_GRP16_SHA512: -+ r = kex_dh_dec(kex, server_blob, &shared_secret); -+ break; -+ case KEX_GSS_C25519_SHA256: -+ if (sshbuf_ptr(server_blob)[sshbuf_len(server_blob)] & 0x80) -+ fatal("The received key has MSB of last octet set!"); -+ r = kex_c25519_dec(kex, server_blob, &shared_secret); -+ break; -+ case KEX_GSS_NISTP256_SHA256: -+ if (sshbuf_len(server_blob) != 65) -+ fatal("The received NIST-P256 key did not match" -+ "expected length (expected 65, got %zu)", sshbuf_len(server_blob)); -+ -+ if (sshbuf_ptr(server_blob)[0] != POINT_CONVERSION_UNCOMPRESSED) -+ fatal("The received NIST-P256 key does not have first octet 0x04"); -+ -+ r = kex_ecdh_dec(kex, server_blob, &shared_secret); -+ break; -+ default: -+ r = SSH_ERR_INVALID_ARGUMENT; -+ break; -+ } -+ if (r != 0) ++ /* 7. C verifies that the key Q_S is valid */ ++ /* 8. C computes shared secret */ ++ if ((buf = sshbuf_new()) == NULL || ++ (r = sshbuf_put_stringb(buf, gss->server_blob)) != 0 || ++ (r = sshbuf_get_bignum2(buf, &dh_server_pub)) != 0) { ++ ssh_gssapi_delete_ctx(&kex->gss); + goto out; ++ } ++ sshbuf_free(buf); ++ buf = NULL; + -+ if ((empty = sshbuf_new()) == NULL) { ++ if ((shared_secret = sshbuf_new()) == NULL) { ++ ssh_gssapi_delete_ctx(&kex->gss); + r = SSH_ERR_ALLOC_FAIL; + goto out; + } + -+ hashlen = sizeof(hash); -+ if ((r = kex_gen_hash( -+ kex->hash_alg, -+ kex->client_version, -+ kex->server_version, -+ kex->my, -+ kex->peer, -+ (server_host_key_blob ? server_host_key_blob : empty), -+ kex->client_pub, -+ server_blob, -+ shared_secret, -+ hash, &hashlen)) != 0) -+ fatal_f("Unexpected KEX type %d", kex->kex_type); ++ if ((r = kex_dh_compute_key(kex, dh_server_pub, shared_secret)) != 0) { ++ ssh_gssapi_delete_ctx(&kex->gss); ++ goto out; ++ } + -+ gssbuf.value = hash; -+ gssbuf.length = hashlen; ++ if ((empty = sshbuf_new()) == NULL) { ++ ssh_gssapi_delete_ctx(&kex->gss); ++ r = SSH_ERR_ALLOC_FAIL; ++ goto out; ++ } ++ ++ DH_get0_key(kex->dh, &pub_key, NULL); ++ DH_get0_pqg(kex->dh, &dh_p, NULL, &dh_g); ++ hashlen = sizeof(hash); ++ r = kexgex_hash(kex->hash_alg, kex->client_version, ++ kex->server_version, kex->my, kex->peer, ++ (gss->server_host_key_blob ? gss->server_host_key_blob : empty), ++ kex->min, kex->nbits, kex->max, dh_p, dh_g, pub_key, ++ dh_server_pub, sshbuf_ptr(shared_secret), sshbuf_len(shared_secret), ++ hash, &hashlen); ++ sshbuf_free(empty); ++ if (r != 0) ++ fatal("Failed to calculate hash: %s", ssh_err(r)); ++ ++ gss->buf.value = hash; ++ gss->buf.length = hashlen; + + /* Verify that the hash matches the MIC we just got. */ -+ if (GSS_ERROR(ssh_gssapi_checkmic(ctxt, &gssbuf, &msg_tok))) ++ if (GSS_ERROR(ssh_gssapi_checkmic(gss, &gss->buf, &gss->msg_tok))) + sshpkt_disconnect(ssh, "Hash's MIC didn't verify"); + -+ gss_release_buffer(&min_status, &msg_tok); ++ gss_release_buffer(&gss->minor, &gss->msg_tok); + + if (kex->gss_deleg_creds) -+ ssh_gssapi_credentials_updated(ctxt); ++ ssh_gssapi_credentials_updated(gss); + + if (gss_kex_context == NULL) -+ gss_kex_context = ctxt; ++ gss_kex_context = gss; + else -+ ssh_gssapi_delete_ctx(&ctxt); ++ ssh_gssapi_delete_ctx(&kex->gss); + ++ /* Finally derive the keys and send them */ + if ((r = kex_derive_keys(ssh, hash, hashlen, shared_secret)) == 0) + r = kex_send_newkeys(ssh); + ++ if (kex->gss != NULL) { ++ sshbuf_free(gss->server_host_key_blob); ++ gss->server_host_key_blob = NULL; ++ sshbuf_free(gss->server_blob); ++ gss->server_blob = NULL; ++ } +out: + explicit_bzero(hash, sizeof(hash)); -+ explicit_bzero(kex->c25519_client_key, sizeof(kex->c25519_client_key)); -+ sshbuf_free(empty); -+ sshbuf_free(server_host_key_blob); -+ sshbuf_free(server_blob); ++ DH_free(kex->dh); ++ kex->dh = NULL; ++ BN_clear_free(dh_server_pub); + sshbuf_free(shared_secret); -+ sshbuf_free(kex->client_pub); -+ kex->client_pub = NULL; + return r; +} + -+int -+kexgssgex_client(struct ssh *ssh) ++static int ++kexgssgex_init_ctx(struct ssh *ssh, ++ gss_buffer_desc *token_ptr) +{ + struct kex *kex = ssh->kex; -+ gss_buffer_desc send_tok = GSS_C_EMPTY_BUFFER, -+ recv_tok = GSS_C_EMPTY_BUFFER, gssbuf, -+ msg_tok = GSS_C_EMPTY_BUFFER, *token_ptr; -+ Gssctxt *ctxt; -+ OM_uint32 maj_status, min_status, ret_flags; -+ struct sshbuf *shared_secret = NULL; -+ BIGNUM *p = NULL; -+ BIGNUM *g = NULL; -+ struct sshbuf *buf = NULL; -+ struct sshbuf *server_host_key_blob = NULL; -+ struct sshbuf *server_blob = NULL; -+ BIGNUM *dh_server_pub = NULL; -+ u_char *msg; -+ int type = 0; -+ int first = 1; -+ u_char hash[SSH_DIGEST_MAX_LENGTH]; -+ size_t hashlen; -+ const BIGNUM *pub_key, *dh_p, *dh_g; -+ int nbits = 0, min = DH_GRP_MIN, max = DH_GRP_MAX; -+ struct sshbuf *empty = NULL; -+ u_char c; ++ Gssctxt *gss = kex->gss; ++ const BIGNUM *pub_key; ++ gss_buffer_desc send_tok = GSS_C_EMPTY_BUFFER; ++ OM_uint32 ret_flags; + int r; + -+ /* Initialise our GSSAPI world */ -+ ssh_gssapi_build_ctx(&ctxt); -+ if (ssh_gssapi_id_kex(ctxt, kex->name, kex->kex_type) -+ == GSS_C_NO_OID) -+ fatal("Couldn't identify host exchange"); ++ /* Step 2 - call GSS_Init_sec_context() */ ++ debug("Calling gss_init_sec_context"); + -+ if (ssh_gssapi_import_name(ctxt, kex->gss_host)) -+ fatal("Couldn't import hostname"); ++ gss->major = ssh_gssapi_init_ctx(gss, kex->gss_deleg_creds, ++ token_ptr, &send_tok, &ret_flags); + -+ if (kex->gss_client && -+ ssh_gssapi_client_identity(ctxt, kex->gss_client)) -+ fatal("Couldn't acquire client credentials"); ++ if (GSS_ERROR(gss->major)) { ++ /* XXX Useless code: Missing send? */ ++ if (send_tok.length != 0) { ++ if ((r = sshpkt_start(ssh, SSH2_MSG_KEXGSS_CONTINUE)) != 0 || ++ (r = sshpkt_put_string(ssh, send_tok.value, send_tok.length)) != 0) ++ fatal("sshpkt failed: %s", ssh_err(r)); ++ } ++ fatal("gss_init_context failed"); ++ } + -+ debug("Doing group exchange"); -+ nbits = dh_estimate(kex->dh_need * 8); ++ /* If we've got an old receive buffer get rid of it */ ++ if (token_ptr != GSS_C_NO_BUFFER) ++ gss_release_buffer(&gss->minor, token_ptr); + -+ kex->min = DH_GRP_MIN; -+ kex->max = DH_GRP_MAX; -+ kex->nbits = nbits; -+ if ((r = sshpkt_start(ssh, SSH2_MSG_KEXGSS_GROUPREQ)) != 0 || -+ (r = sshpkt_put_u32(ssh, min)) != 0 || -+ (r = sshpkt_put_u32(ssh, nbits)) != 0 || -+ (r = sshpkt_put_u32(ssh, max)) != 0 || -+ (r = sshpkt_send(ssh)) != 0) -+ fatal("Failed to construct a packet: %s", ssh_err(r)); ++ if (gss->major == GSS_S_COMPLETE) { ++ /* If mutual state flag is not true, kex fails */ ++ if (!(ret_flags & GSS_C_MUTUAL_FLAG)) ++ fatal("Mutual authentication failed"); + -+ if ((r = ssh_packet_read_expect(ssh, SSH2_MSG_KEXGSS_GROUP)) != 0) -+ fatal("Error: %s", ssh_err(r)); ++ /* If integ avail flag is not true kex fails */ ++ if (!(ret_flags & GSS_C_INTEG_FLAG)) ++ fatal("Integrity check failed"); ++ } ++ ++ /* ++ * If we have data to send, then the last message that we ++ * received cannot have been a 'complete'. ++ */ ++ if (send_tok.length != 0) { ++ if (gss->first) { ++ DH_get0_key(kex->dh, &pub_key, NULL); ++ if ((r = sshpkt_start(ssh, SSH2_MSG_KEXGSS_INIT)) != 0 || ++ (r = sshpkt_put_string(ssh, send_tok.value, send_tok.length)) != 0 || ++ (r = sshpkt_put_bignum2(ssh, pub_key)) != 0) ++ fatal("failed to construct packet: %s", ssh_err(r)); ++ gss->first = 0; ++ } else { ++ if ((r = sshpkt_start(ssh, SSH2_MSG_KEXGSS_CONTINUE)) != 0 || ++ (r = sshpkt_put_string(ssh, send_tok.value, send_tok.length)) != 0) ++ fatal("failed to construct packet: %s", ssh_err(r)); ++ } ++ if ((r = sshpkt_send(ssh)) != 0) ++ fatal("failed to send packet: %s", ssh_err(r)); ++ gss_release_buffer(&gss->minor, &send_tok); ++ ++ /* If we've sent them data, they should reply */ ++ ssh_dispatch_set(ssh, SSH2_MSG_KEXGSS_HOSTKEY, &input_kexgss_hostkey); ++ ssh_dispatch_set(ssh, SSH2_MSG_KEXGSS_CONTINUE, &input_kexgssgex_continue); ++ ssh_dispatch_set(ssh, SSH2_MSG_KEXGSS_COMPLETE, &input_kexgssgex_complete); ++ ssh_dispatch_set(ssh, SSH2_MSG_KEXGSS_ERROR, &input_kexgss_error); ++ return 0; ++ } ++ /* No data, and not complete */ ++ if (gss->major != GSS_S_COMPLETE) ++ fatal("Not complete, and no token output"); ++ ++ if (gss->major & GSS_S_CONTINUE_NEEDED) ++ return kexgssgex_init_ctx(ssh, token_ptr); ++ ++ return kexgssgex_final(ssh); ++} ++ ++static int ++input_kexgssgex_group(int type, ++ u_int32_t seq, ++ struct ssh *ssh) ++{ ++ struct kex *kex = ssh->kex; ++ BIGNUM *p = NULL; ++ BIGNUM *g = NULL; ++ int r; ++ ++ debug("Received SSH2_MSG_KEXGSS_GROUP"); ++ ssh_dispatch_set(ssh, SSH2_MSG_KEXGSS_GROUP, NULL); + + if ((r = sshpkt_get_bignum2(ssh, &p)) != 0 || + (r = sshpkt_get_bignum2(ssh, &g)) != 0 || + (r = sshpkt_get_end(ssh)) != 0) + fatal("shpkt_get_bignum2 failed: %s", ssh_err(r)); + -+ if (BN_num_bits(p) < min || BN_num_bits(p) > max) ++ if (BN_num_bits(p) < kex->min || BN_num_bits(p) > kex->max) + fatal("GSSGRP_GEX group out of range: %d !< %d !< %d", -+ min, BN_num_bits(p), max); ++ kex->min, BN_num_bits(p), kex->max); + + if ((kex->dh = dh_new_group(g, p)) == NULL) + fatal("dn_new_group() failed"); + p = g = NULL; /* belong to kex->dh now */ + -+ if ((r = dh_gen_key(kex->dh, kex->we_need * 8)) != 0) -+ goto out; -+ DH_get0_key(kex->dh, &pub_key, NULL); ++ if ((r = dh_gen_key(kex->dh, kex->we_need * 8)) != 0) { ++ ssh_gssapi_delete_ctx(&kex->gss); ++ DH_free(kex->dh); ++ kex->dh = NULL; ++ return r; ++ } + -+ token_ptr = GSS_C_NO_BUFFER; ++ return kexgssgex_init_ctx(ssh, GSS_C_NO_BUFFER); ++} + -+ do { -+ /* Step 2 - call GSS_Init_sec_context() */ -+ debug("Calling gss_init_sec_context"); ++static int ++input_kexgssgex_continue(int type, ++ u_int32_t seq, ++ struct ssh *ssh) ++{ ++ Gssctxt *gss = ssh->kex->gss; ++ gss_buffer_desc recv_tok = GSS_C_EMPTY_BUFFER; ++ int r; + -+ maj_status = ssh_gssapi_init_ctx(ctxt, -+ kex->gss_deleg_creds, token_ptr, &send_tok, -+ &ret_flags); ++ ssh_dispatch_set(ssh, SSH2_MSG_KEXGSS_HOSTKEY, NULL); ++ ssh_dispatch_set(ssh, SSH2_MSG_KEXGSS_CONTINUE, NULL); ++ ssh_dispatch_set(ssh, SSH2_MSG_KEXGSS_COMPLETE, NULL); ++ ssh_dispatch_set(ssh, SSH2_MSG_KEXGSS_ERROR, NULL); + -+ if (GSS_ERROR(maj_status)) { -+ /* XXX Useles code: Missing send? */ -+ if (send_tok.length != 0) { -+ if ((r = sshpkt_start(ssh, -+ SSH2_MSG_KEXGSS_CONTINUE)) != 0 || -+ (r = sshpkt_put_string(ssh, send_tok.value, -+ send_tok.length)) != 0) -+ fatal("sshpkt failed: %s", ssh_err(r)); -+ } -+ fatal("gss_init_context failed"); -+ } -+ -+ /* If we've got an old receive buffer get rid of it */ -+ if (token_ptr != GSS_C_NO_BUFFER) -+ gss_release_buffer(&min_status, &recv_tok); -+ -+ if (maj_status == GSS_S_COMPLETE) { -+ /* If mutual state flag is not true, kex fails */ -+ if (!(ret_flags & GSS_C_MUTUAL_FLAG)) -+ fatal("Mutual authentication failed"); -+ -+ /* If integ avail flag is not true kex fails */ -+ if (!(ret_flags & GSS_C_INTEG_FLAG)) -+ fatal("Integrity check failed"); -+ } -+ -+ /* -+ * If we have data to send, then the last message that we -+ * received cannot have been a 'complete'. -+ */ -+ if (send_tok.length != 0) { -+ if (first) { -+ if ((r = sshpkt_start(ssh, SSH2_MSG_KEXGSS_INIT)) != 0 || -+ (r = sshpkt_put_string(ssh, send_tok.value, -+ send_tok.length)) != 0 || -+ (r = sshpkt_put_bignum2(ssh, pub_key)) != 0) -+ fatal("sshpkt failed: %s", ssh_err(r)); -+ first = 0; -+ } else { -+ if ((r = sshpkt_start(ssh, SSH2_MSG_KEXGSS_CONTINUE)) != 0 || -+ (r = sshpkt_put_string(ssh,send_tok.value, -+ send_tok.length)) != 0) -+ fatal("sshpkt failed: %s", ssh_err(r)); -+ } -+ if ((r = sshpkt_send(ssh)) != 0) -+ fatal("sshpkt_send failed: %s", ssh_err(r)); -+ gss_release_buffer(&min_status, &send_tok); -+ -+ /* If we've sent them data, they should reply */ -+ do { -+ type = ssh_packet_read(ssh); -+ if (type == SSH2_MSG_KEXGSS_HOSTKEY) { -+ u_char *tmp = NULL; -+ size_t tmp_len = 0; -+ -+ debug("Received KEXGSS_HOSTKEY"); -+ if (server_host_key_blob) -+ fatal("Server host key received more than once"); -+ if ((r = sshpkt_get_string(ssh, &tmp, &tmp_len)) != 0) -+ fatal("sshpkt failed: %s", ssh_err(r)); -+ if ((server_host_key_blob = sshbuf_from(tmp, tmp_len)) == NULL) -+ fatal("sshbuf_from failed"); -+ } -+ } while (type == SSH2_MSG_KEXGSS_HOSTKEY); -+ -+ switch (type) { -+ case SSH2_MSG_KEXGSS_CONTINUE: -+ debug("Received GSSAPI_CONTINUE"); -+ if (maj_status == GSS_S_COMPLETE) -+ fatal("GSSAPI Continue received from server when complete"); -+ if ((r = ssh_gssapi_sshpkt_get_buffer_desc(ssh, -+ &recv_tok)) != 0 || -+ (r = sshpkt_get_end(ssh)) != 0) -+ fatal("sshpkt failed: %s", ssh_err(r)); -+ break; -+ case SSH2_MSG_KEXGSS_COMPLETE: -+ debug("Received GSSAPI_COMPLETE"); -+ if (msg_tok.value != NULL) -+ fatal("Received GSSAPI_COMPLETE twice?"); -+ if ((r = sshpkt_getb_froms(ssh, &server_blob)) != 0 || -+ (r = ssh_gssapi_sshpkt_get_buffer_desc(ssh, -+ &msg_tok)) != 0) -+ fatal("sshpkt failed: %s", ssh_err(r)); -+ -+ /* Is there a token included? */ -+ if ((r = sshpkt_get_u8(ssh, &c)) != 0) -+ fatal("sshpkt failed: %s", ssh_err(r)); -+ if (c) { -+ if ((r = ssh_gssapi_sshpkt_get_buffer_desc( -+ ssh, &recv_tok)) != 0 || -+ (r = sshpkt_get_end(ssh)) != 0) -+ fatal("sshpkt failed: %s", ssh_err(r)); -+ /* If we're already complete - protocol error */ -+ if (maj_status == GSS_S_COMPLETE) -+ sshpkt_disconnect(ssh, "Protocol error: received token when complete"); -+ } else { -+ /* No token included */ -+ if (maj_status != GSS_S_COMPLETE) -+ sshpkt_disconnect(ssh, "Protocol error: did not receive final token"); -+ } -+ break; -+ case SSH2_MSG_KEXGSS_ERROR: -+ debug("Received Error"); -+ if ((r = sshpkt_get_u32(ssh, &maj_status)) != 0 || -+ (r = sshpkt_get_u32(ssh, &min_status)) != 0 || -+ (r = sshpkt_get_string(ssh, &msg, NULL)) != 0 || -+ (r = sshpkt_get_string(ssh, NULL, NULL)) != 0 || /* lang tag */ -+ (r = sshpkt_get_end(ssh)) != 0) -+ fatal("sshpkt failed: %s", ssh_err(r)); -+ fatal("GSSAPI Error: \n%.400s", msg); -+ default: -+ sshpkt_disconnect(ssh, "Protocol error: didn't expect packet type %d", -+ type); -+ } -+ token_ptr = &recv_tok; -+ } else { -+ /* No data, and not complete */ -+ if (maj_status != GSS_S_COMPLETE) -+ fatal("Not complete, and no token output"); -+ } -+ } while (maj_status & GSS_S_CONTINUE_NEEDED); -+ -+ /* -+ * We _must_ have received a COMPLETE message in reply from the -+ * server, which will have set dh_server_pub and msg_tok -+ */ -+ -+ if (type != SSH2_MSG_KEXGSS_COMPLETE) ++ debug("Received GSSAPI_CONTINUE"); ++ if (gss->major == GSS_S_COMPLETE) ++ fatal("GSSAPI Continue received from server when complete"); ++ if ((r = ssh_gssapi_sshpkt_get_buffer_desc(ssh, &recv_tok)) != 0 || ++ (r = sshpkt_get_end(ssh)) != 0) ++ fatal("Failed to read token: %s", ssh_err(r)); ++ if (!(gss->major & GSS_S_CONTINUE_NEEDED)) + fatal("Didn't receive a SSH2_MSG_KEXGSS_COMPLETE when I expected it"); ++ return kexgssgex_init_ctx(ssh, &recv_tok); ++} + -+ /* 7. C verifies that the key Q_S is valid */ -+ /* 8. C computes shared secret */ -+ if ((buf = sshbuf_new()) == NULL || -+ (r = sshbuf_put_stringb(buf, server_blob)) != 0 || -+ (r = sshbuf_get_bignum2(buf, &dh_server_pub)) != 0) -+ goto out; -+ sshbuf_free(buf); -+ buf = NULL; ++static int ++input_kexgssgex_complete(int type, ++ u_int32_t seq, ++ struct ssh *ssh) ++{ ++ Gssctxt *gss = ssh->kex->gss; ++ gss_buffer_desc recv_tok = GSS_C_EMPTY_BUFFER; ++ u_char c; ++ int r; + -+ if ((shared_secret = sshbuf_new()) == NULL) { -+ r = SSH_ERR_ALLOC_FAIL; -+ goto out; ++ ssh_dispatch_set(ssh, SSH2_MSG_KEXGSS_HOSTKEY, NULL); ++ ssh_dispatch_set(ssh, SSH2_MSG_KEXGSS_CONTINUE, NULL); ++ ssh_dispatch_set(ssh, SSH2_MSG_KEXGSS_COMPLETE, NULL); ++ ssh_dispatch_set(ssh, SSH2_MSG_KEXGSS_ERROR, NULL); ++ ++ debug("Received GSSAPI_COMPLETE"); ++ if (gss->msg_tok.value != NULL) ++ fatal("Received GSSAPI_COMPLETE twice?"); ++ if ((r = sshpkt_getb_froms(ssh, &gss->server_blob)) != 0 || ++ (r = ssh_gssapi_sshpkt_get_buffer_desc(ssh, &gss->msg_tok)) != 0) ++ fatal("Failed to read message: %s", ssh_err(r)); ++ ++ /* Is there a token included? */ ++ if ((r = sshpkt_get_u8(ssh, &c)) != 0) ++ fatal("sshpkt failed: %s", ssh_err(r)); ++ if (c) { ++ if ((r = ssh_gssapi_sshpkt_get_buffer_desc(ssh, &recv_tok)) != 0) ++ fatal("Failed to read token: %s", ssh_err(r)); ++ /* If we're already complete - protocol error */ ++ if (gss->major == GSS_S_COMPLETE) ++ sshpkt_disconnect(ssh, "Protocol error: received token when complete"); ++ } else { ++ if (gss->major != GSS_S_COMPLETE) ++ sshpkt_disconnect(ssh, "Protocol error: did not receive final token"); + } ++ if ((r = sshpkt_get_end(ssh)) != 0) ++ fatal("Expecting end of packet."); + -+ if ((r = kex_dh_compute_key(kex, dh_server_pub, shared_secret)) != 0) -+ goto out; -+ if ((empty = sshbuf_new()) == NULL) { -+ r = SSH_ERR_ALLOC_FAIL; -+ goto out; -+ } ++ if (gss->major & GSS_S_CONTINUE_NEEDED) ++ return kexgssgex_init_ctx(ssh, &recv_tok); + -+ DH_get0_pqg(kex->dh, &dh_p, NULL, &dh_g); -+ hashlen = sizeof(hash); -+ if ((r = kexgex_hash( -+ kex->hash_alg, -+ kex->client_version, -+ kex->server_version, -+ kex->my, -+ kex->peer, -+ (server_host_key_blob ? server_host_key_blob : empty), -+ kex->min, kex->nbits, kex->max, -+ dh_p, dh_g, -+ pub_key, -+ dh_server_pub, -+ sshbuf_ptr(shared_secret), sshbuf_len(shared_secret), -+ hash, &hashlen)) != 0) -+ fatal("Failed to calculate hash: %s", ssh_err(r)); -+ -+ gssbuf.value = hash; -+ gssbuf.length = hashlen; -+ -+ /* Verify that the hash matches the MIC we just got. */ -+ if (GSS_ERROR(ssh_gssapi_checkmic(ctxt, &gssbuf, &msg_tok))) -+ sshpkt_disconnect(ssh, "Hash's MIC didn't verify"); -+ -+ gss_release_buffer(&min_status, &msg_tok); -+ -+ if (kex->gss_deleg_creds) -+ ssh_gssapi_credentials_updated(ctxt); -+ -+ if (gss_kex_context == NULL) -+ gss_kex_context = ctxt; -+ else -+ ssh_gssapi_delete_ctx(&ctxt); -+ -+ /* Finally derive the keys and send them */ -+ if ((r = kex_derive_keys(ssh, hash, hashlen, shared_secret)) == 0) -+ r = kex_send_newkeys(ssh); -+out: -+ sshbuf_free(buf); -+ sshbuf_free(server_blob); -+ sshbuf_free(empty); -+ explicit_bzero(hash, sizeof(hash)); -+ DH_free(kex->dh); -+ kex->dh = NULL; -+ BN_clear_free(dh_server_pub); -+ sshbuf_free(shared_secret); -+ sshbuf_free(server_host_key_blob); -+ return r; ++ return kexgssgex_final(ssh); +} + +#endif /* defined(GSSAPI) && defined(WITH_OPENSSL) */ diff --color -ruNp a/kexgsss.c b/kexgsss.c --- a/kexgsss.c 1970-01-01 01:00:00.000000000 +0100 -+++ b/kexgsss.c 2024-08-28 12:35:41.250432122 +0200 -@@ -0,0 +1,482 @@ ++++ b/kexgsss.c 2024-09-16 11:46:34.710940224 +0200 +@@ -0,0 +1,590 @@ +/* + * Copyright (c) 2001-2009 Simon Wilkinson. All rights reserved. + * @@ -1889,33 +2002,18 @@ diff --color -ruNp a/kexgsss.c b/kexgsss.c + +extern ServerOptions options; + ++static int input_kexgss_init(int, u_int32_t, struct ssh *); ++static int input_kexgss_continue(int, u_int32_t, struct ssh *); ++static int input_kexgssgex_groupreq(int, u_int32_t, struct ssh *); ++static int input_kexgssgex_init(int, u_int32_t, struct ssh *); ++static int input_kexgssgex_continue(int, u_int32_t, struct ssh *); ++ +int +kexgss_server(struct ssh *ssh) +{ + struct kex *kex = ssh->kex; -+ OM_uint32 maj_status, min_status; -+ -+ /* -+ * Some GSSAPI implementations use the input value of ret_flags (an -+ * output variable) as a means of triggering mechanism specific -+ * features. Initializing it to zero avoids inadvertently -+ * activating this non-standard behaviour. -+ */ -+ -+ OM_uint32 ret_flags = 0; -+ gss_buffer_desc gssbuf = {0, NULL}, recv_tok, msg_tok; -+ gss_buffer_desc send_tok = GSS_C_EMPTY_BUFFER; -+ Gssctxt *ctxt = NULL; -+ struct sshbuf *shared_secret = NULL; -+ struct sshbuf *client_pubkey = NULL; -+ struct sshbuf *server_pubkey = NULL; -+ struct sshbuf *empty = sshbuf_new(); -+ int type = 0; + gss_OID oid; + char *mechs; -+ u_char hash[SSH_DIGEST_MAX_LENGTH]; -+ size_t hashlen; -+ int r; + + /* Initialise GSSAPI */ + @@ -1931,135 +2029,91 @@ diff --color -ruNp a/kexgsss.c b/kexgsss.c + debug2_f("Identifying %s", kex->name); + oid = ssh_gssapi_id_kex(NULL, kex->name, kex->kex_type); + if (oid == GSS_C_NO_OID) -+ fatal("Unknown gssapi mechanism"); ++ fatal("Unknown gssapi mechanism"); + + debug2_f("Acquiring credentials"); + -+ if (GSS_ERROR(mm_ssh_gssapi_server_ctx(&ctxt, oid))) ++ if (GSS_ERROR(mm_ssh_gssapi_server_ctx(&kex->gss, oid))) + fatal("Unable to acquire credentials for the server"); + -+ do { -+ debug("Wait SSH2_MSG_KEXGSS_INIT"); -+ type = ssh_packet_read(ssh); -+ switch(type) { -+ case SSH2_MSG_KEXGSS_INIT: -+ if (gssbuf.value != NULL) -+ fatal("Received KEXGSS_INIT after initialising"); -+ if ((r = ssh_gssapi_sshpkt_get_buffer_desc(ssh, -+ &recv_tok)) != 0 || -+ (r = sshpkt_getb_froms(ssh, &client_pubkey)) != 0 || -+ (r = sshpkt_get_end(ssh)) != 0) -+ fatal("sshpkt failed: %s", ssh_err(r)); ++ ssh_gssapi_build_ctx(&kex->gss); ++ if (kex->gss == NULL) ++ fatal("Unable to allocate memory for gss context"); + -+ switch (kex->kex_type) { -+ case KEX_GSS_GRP1_SHA1: -+ case KEX_GSS_GRP14_SHA1: -+ case KEX_GSS_GRP14_SHA256: -+ case KEX_GSS_GRP16_SHA512: -+ r = kex_dh_enc(kex, client_pubkey, &server_pubkey, -+ &shared_secret); -+ break; -+ case KEX_GSS_NISTP256_SHA256: -+ r = kex_ecdh_enc(kex, client_pubkey, &server_pubkey, -+ &shared_secret); -+ break; -+ case KEX_GSS_C25519_SHA256: -+ r = kex_c25519_enc(kex, client_pubkey, &server_pubkey, -+ &shared_secret); -+ break; -+ default: -+ fatal_f("Unexpected KEX type %d", kex->kex_type); -+ } -+ if (r != 0) -+ goto out; ++ ssh_dispatch_set(ssh, SSH2_MSG_KEXGSS_INIT, &input_kexgss_init); ++ ssh_dispatch_set(ssh, SSH2_MSG_KEXGSS_CONTINUE, &input_kexgss_continue); ++ debug("Wait SSH2_MSG_KEXGSS_INIT"); ++ return 0; ++} + -+ /* Send SSH_MSG_KEXGSS_HOSTKEY here, if we want */ ++static inline void ++kexgss_accept_ctx(struct ssh *ssh, ++ gss_buffer_desc *recv_tok, ++ gss_buffer_desc *send_tok, ++ OM_uint32 *ret_flags) ++{ ++ Gssctxt *gss = ssh->kex->gss; ++ int r; + -+ /* Calculate the hash early so we can free the -+ * client_pubkey, which has reference to the parent -+ * buffer state->incoming_packet -+ */ -+ hashlen = sizeof(hash); -+ if ((r = kex_gen_hash( -+ kex->hash_alg, -+ kex->client_version, -+ kex->server_version, -+ kex->peer, -+ kex->my, -+ empty, -+ client_pubkey, -+ server_pubkey, -+ shared_secret, -+ hash, &hashlen)) != 0) -+ goto out; ++ gss->major = mm_ssh_gssapi_accept_ctx(gss, recv_tok, send_tok, ret_flags); ++ gss_release_buffer(&gss->minor, recv_tok); + -+ gssbuf.value = hash; -+ gssbuf.length = hashlen; ++ if (gss->major != GSS_S_COMPLETE && send_tok->length == 0) ++ fatal("Zero length token output when incomplete"); + -+ sshbuf_free(client_pubkey); -+ client_pubkey = NULL; ++ if (gss->buf.value == NULL) ++ fatal("No client public key"); + -+ break; -+ case SSH2_MSG_KEXGSS_CONTINUE: -+ if ((r = ssh_gssapi_sshpkt_get_buffer_desc(ssh, -+ &recv_tok)) != 0 || -+ (r = sshpkt_get_end(ssh)) != 0) -+ fatal("sshpkt failed: %s", ssh_err(r)); -+ break; -+ default: -+ sshpkt_disconnect(ssh, -+ "Protocol error: didn't expect packet type %d", -+ type); -+ } ++ if (gss->major & GSS_S_CONTINUE_NEEDED) { ++ debug("Sending GSSAPI_CONTINUE"); ++ if ((r = sshpkt_start(ssh, SSH2_MSG_KEXGSS_CONTINUE)) != 0 || ++ (r = sshpkt_put_string(ssh, send_tok->value, send_tok->length)) != 0 || ++ (r = sshpkt_send(ssh)) != 0) ++ fatal("sshpkt failed: %s", ssh_err(r)); ++ gss_release_buffer(&gss->minor, send_tok); ++ } ++} + -+ maj_status = mm_ssh_gssapi_accept_ctx(ctxt, &recv_tok, -+ &send_tok, &ret_flags); ++static inline int ++kexgss_final(struct ssh *ssh, ++ gss_buffer_desc *send_tok, ++ OM_uint32 *ret_flags) ++{ ++ struct kex *kex = ssh->kex; ++ Gssctxt *gss = kex->gss; ++ gss_buffer_desc msg_tok; ++ int r; + -+ gss_release_buffer(&min_status, &recv_tok); ++ ssh_dispatch_set(ssh, SSH2_MSG_KEXGSS_INIT, NULL); ++ ssh_dispatch_set(ssh, SSH2_MSG_KEXGSS_CONTINUE, NULL); + -+ if (maj_status != GSS_S_COMPLETE && send_tok.length == 0) -+ fatal("Zero length token output when incomplete"); -+ -+ if (gssbuf.value == NULL) -+ fatal("No client public key"); -+ -+ if (maj_status & GSS_S_CONTINUE_NEEDED) { -+ debug("Sending GSSAPI_CONTINUE"); ++ if (GSS_ERROR(gss->major)) { ++ if (send_tok->length > 0) { + if ((r = sshpkt_start(ssh, SSH2_MSG_KEXGSS_CONTINUE)) != 0 || -+ (r = sshpkt_put_string(ssh, send_tok.value, send_tok.length)) != 0 || -+ (r = sshpkt_send(ssh)) != 0) -+ fatal("sshpkt failed: %s", ssh_err(r)); -+ gss_release_buffer(&min_status, &send_tok); -+ } -+ } while (maj_status & GSS_S_CONTINUE_NEEDED); -+ -+ if (GSS_ERROR(maj_status)) { -+ if (send_tok.length > 0) { -+ if ((r = sshpkt_start(ssh, SSH2_MSG_KEXGSS_CONTINUE)) != 0 || -+ (r = sshpkt_put_string(ssh, send_tok.value, send_tok.length)) != 0 || ++ (r = sshpkt_put_string(ssh, send_tok->value, send_tok->length)) != 0 || + (r = sshpkt_send(ssh)) != 0) + fatal("sshpkt failed: %s", ssh_err(r)); + } + fatal("accept_ctx died"); + } + -+ if (!(ret_flags & GSS_C_MUTUAL_FLAG)) ++ if (!(*ret_flags & GSS_C_MUTUAL_FLAG)) + fatal("Mutual Authentication flag wasn't set"); + -+ if (!(ret_flags & GSS_C_INTEG_FLAG)) ++ if (!(*ret_flags & GSS_C_INTEG_FLAG)) + fatal("Integrity flag wasn't set"); + -+ if (GSS_ERROR(mm_ssh_gssapi_sign(ctxt, &gssbuf, &msg_tok))) ++ if (GSS_ERROR(mm_ssh_gssapi_sign(gss, &gss->buf, &msg_tok))) + fatal("Couldn't get MIC"); + + if ((r = sshpkt_start(ssh, SSH2_MSG_KEXGSS_COMPLETE)) != 0 || -+ (r = sshpkt_put_stringb(ssh, server_pubkey)) != 0 || ++ (r = sshpkt_put_stringb(ssh, gss->server_pubkey)) != 0 || + (r = sshpkt_put_string(ssh, msg_tok.value, msg_tok.length)) != 0) + fatal("sshpkt failed: %s", ssh_err(r)); + -+ if (send_tok.length != 0) { ++ if (send_tok->length != 0) { + if ((r = sshpkt_put_u8(ssh, 1)) != 0 || /* true */ -+ (r = sshpkt_put_string(ssh, send_tok.value, send_tok.length)) != 0) ++ (r = sshpkt_put_string(ssh, send_tok->value, send_tok->length)) != 0) + fatal("sshpkt failed: %s", ssh_err(r)); + } else { + if ((r = sshpkt_put_u8(ssh, 0)) != 0) /* false */ @@ -2068,59 +2122,139 @@ diff --color -ruNp a/kexgsss.c b/kexgsss.c + if ((r = sshpkt_send(ssh)) != 0) + fatal("sshpkt_send failed: %s", ssh_err(r)); + -+ gss_release_buffer(&min_status, &send_tok); -+ gss_release_buffer(&min_status, &msg_tok); ++ gss_release_buffer(&gss->minor, send_tok); ++ gss_release_buffer(&gss->minor, &msg_tok); + + if (gss_kex_context == NULL) -+ gss_kex_context = ctxt; ++ gss_kex_context = gss; + else -+ ssh_gssapi_delete_ctx(&ctxt); ++ ssh_gssapi_delete_ctx(&kex->gss); + -+ if ((r = kex_derive_keys(ssh, hash, hashlen, shared_secret)) == 0) ++ if ((r = kex_derive_keys(ssh, gss->hash, gss->hashlen, gss->shared_secret)) == 0) + r = kex_send_newkeys(ssh); + + /* If this was a rekey, then save out any delegated credentials we + * just exchanged. */ + if (options.gss_store_rekey) + ssh_gssapi_rekey_creds(); -+out: -+ sshbuf_free(empty); -+ explicit_bzero(hash, sizeof(hash)); -+ sshbuf_free(shared_secret); -+ sshbuf_free(client_pubkey); -+ sshbuf_free(server_pubkey); ++ ++ if (kex->gss != NULL) { ++ explicit_bzero(gss->hash, sizeof(gss->hash)); ++ sshbuf_free(gss->shared_secret); ++ gss->shared_secret = NULL; ++ sshbuf_free(gss->server_pubkey); ++ gss->server_pubkey = NULL; ++ } + return r; +} + ++static int ++input_kexgss_init(int type, ++ u_int32_t seq, ++ struct ssh *ssh) ++{ ++ struct kex *kex = ssh->kex; ++ Gssctxt *gss = kex->gss; ++ struct sshbuf *empty; ++ struct sshbuf *client_pubkey = NULL; ++ gss_buffer_desc recv_tok, send_tok = GSS_C_EMPTY_BUFFER; ++ OM_uint32 ret_flags = 0; ++ int r; ++ ++ debug("SSH2_MSG_KEXGSS_INIT received"); ++ ssh_dispatch_set(ssh, SSH2_MSG_KEXGSS_INIT, NULL); ++ ++ if ((r = ssh_gssapi_sshpkt_get_buffer_desc(ssh, &recv_tok)) != 0 || ++ (r = sshpkt_getb_froms(ssh, &client_pubkey)) != 0 || ++ (r = sshpkt_get_end(ssh)) != 0) ++ fatal("sshpkt failed: %s", ssh_err(r)); ++ ++ switch (kex->kex_type) { ++ case KEX_GSS_GRP1_SHA1: ++ case KEX_GSS_GRP14_SHA1: ++ case KEX_GSS_GRP14_SHA256: ++ case KEX_GSS_GRP16_SHA512: ++ r = kex_dh_enc(kex, client_pubkey, &gss->server_pubkey, &gss->shared_secret); ++ break; ++ case KEX_GSS_NISTP256_SHA256: ++ r = kex_ecdh_enc(kex, client_pubkey, &gss->server_pubkey, &gss->shared_secret); ++ break; ++ case KEX_GSS_C25519_SHA256: ++ r = kex_c25519_enc(kex, client_pubkey, &gss->server_pubkey, &gss->shared_secret); ++ break; ++ default: ++ fatal_f("Unexpected KEX type %d", kex->kex_type); ++ } ++ if (r != 0) { ++ sshbuf_free(client_pubkey); ++ ssh_gssapi_delete_ctx(&kex->gss); ++ return r; ++ } ++ ++ /* Send SSH_MSG_KEXGSS_HOSTKEY here, if we want */ ++ ++ if ((empty = sshbuf_new()) == NULL) { ++ sshbuf_free(client_pubkey); ++ ssh_gssapi_delete_ctx(&kex->gss); ++ return SSH_ERR_ALLOC_FAIL; ++ } ++ ++ /* Calculate the hash early so we can free the ++ * client_pubkey, which has reference to the parent ++ * buffer state->incoming_packet ++ */ ++ gss->hashlen = sizeof(gss->hash); ++ r = kex_gen_hash(kex->hash_alg, kex->client_version, kex->server_version, ++ kex->peer, kex->my, empty, client_pubkey, gss->server_pubkey, ++ gss->shared_secret, gss->hash, &gss->hashlen); ++ sshbuf_free(empty); ++ sshbuf_free(client_pubkey); ++ if (r != 0) { ++ ssh_gssapi_delete_ctx(&kex->gss); ++ return r; ++ } ++ ++ gss->buf.value = gss->hash; ++ gss->buf.length = gss->hashlen; ++ ++ kexgss_accept_ctx(ssh, &recv_tok, &send_tok, &ret_flags); ++ if (gss->major & GSS_S_CONTINUE_NEEDED) ++ return 0; ++ ++ return kexgss_final(ssh, &send_tok, &ret_flags); ++} ++ ++static int ++input_kexgss_continue(int type, ++ u_int32_t seq, ++ struct ssh *ssh) ++{ ++ Gssctxt *gss = ssh->kex->gss; ++ gss_buffer_desc recv_tok, send_tok = GSS_C_EMPTY_BUFFER; ++ OM_uint32 ret_flags = 0; ++ int r; ++ ++ if ((r = ssh_gssapi_sshpkt_get_buffer_desc(ssh, &recv_tok)) != 0 || ++ (r = sshpkt_get_end(ssh)) != 0) ++ fatal("sshpkt failed: %s", ssh_err(r)); ++ ++ kexgss_accept_ctx(ssh, &recv_tok, &send_tok, &ret_flags); ++ if (gss->major & GSS_S_CONTINUE_NEEDED) ++ return 0; ++ ++ return kexgss_final(ssh, &send_tok, &ret_flags); ++} ++ ++/*******************************************************/ ++/******************** KEXGSSGEX ************************/ ++/*******************************************************/ ++ +int +kexgssgex_server(struct ssh *ssh) +{ + struct kex *kex = ssh->kex; -+ OM_uint32 maj_status, min_status; -+ -+ /* -+ * Some GSSAPI implementations use the input value of ret_flags (an -+ * output variable) as a means of triggering mechanism specific -+ * features. Initializing it to zero avoids inadvertently -+ * activating this non-standard behaviour. -+ */ -+ -+ OM_uint32 ret_flags = 0; -+ gss_buffer_desc gssbuf, recv_tok, msg_tok; -+ gss_buffer_desc send_tok = GSS_C_EMPTY_BUFFER; -+ Gssctxt *ctxt = NULL; -+ struct sshbuf *shared_secret = NULL; -+ int type = 0; + gss_OID oid; + char *mechs; -+ u_char hash[SSH_DIGEST_MAX_LENGTH]; -+ size_t hashlen; -+ BIGNUM *dh_client_pub = NULL; -+ const BIGNUM *pub_key, *dh_p, *dh_g; -+ int min = -1, max = -1, nbits = -1; -+ int cmin = -1, cmax = -1; /* client proposal */ -+ struct sshbuf *empty = sshbuf_new(); -+ int r; + + /* Initialise GSSAPI */ + @@ -2128,29 +2262,194 @@ diff --color -ruNp a/kexgsss.c b/kexgsss.c + * in the GSSAPI code are no longer available. This kludges them back + * into life + */ -+ if (!ssh_gssapi_oid_table_ok()) -+ if ((mechs = ssh_gssapi_server_mechanisms())) -+ free(mechs); ++ if (!ssh_gssapi_oid_table_ok()) { ++ mechs = ssh_gssapi_server_mechanisms(); ++ free(mechs); ++ } + + debug2_f("Identifying %s", kex->name); + oid = ssh_gssapi_id_kex(NULL, kex->name, kex->kex_type); + if (oid == GSS_C_NO_OID) -+ fatal("Unknown gssapi mechanism"); ++ fatal("Unknown gssapi mechanism"); + + debug2_f("Acquiring credentials"); + -+ if (GSS_ERROR(mm_ssh_gssapi_server_ctx(&ctxt, oid))) ++ if (GSS_ERROR(mm_ssh_gssapi_server_ctx(&kex->gss, oid))) + fatal("Unable to acquire credentials for the server"); + -+ /* 5. S generates an ephemeral key pair (do the allocations early) */ ++ ssh_gssapi_build_ctx(&kex->gss); ++ if (kex->gss == NULL) ++ fatal("Unable to allocate memory for gss context"); ++ + debug("Doing group exchange"); -+ ssh_packet_read_expect(ssh, SSH2_MSG_KEXGSS_GROUPREQ); ++ ssh_dispatch_set(ssh, SSH2_MSG_KEXGSS_GROUPREQ, &input_kexgssgex_groupreq); ++ return 0; ++} ++ ++static inline void ++kexgssgex_accept_ctx(struct ssh *ssh, ++ gss_buffer_desc *recv_tok, ++ gss_buffer_desc *send_tok, ++ OM_uint32 *ret_flags) ++{ ++ Gssctxt *gss = ssh->kex->gss; ++ int r; ++ ++ gss->major = mm_ssh_gssapi_accept_ctx(gss, recv_tok, send_tok, ret_flags); ++ gss_release_buffer(&gss->minor, recv_tok); ++ ++ if (gss->major != GSS_S_COMPLETE && send_tok->length == 0) ++ fatal("Zero length token output when incomplete"); ++ ++ if (gss->dh_client_pub == NULL) ++ fatal("No client public key"); ++ ++ if (gss->major & GSS_S_CONTINUE_NEEDED) { ++ debug("Sending GSSAPI_CONTINUE"); ++ if ((r = sshpkt_start(ssh, SSH2_MSG_KEXGSS_CONTINUE)) != 0 || ++ (r = sshpkt_put_string(ssh, send_tok->value, send_tok->length)) != 0 || ++ (r = sshpkt_send(ssh)) != 0) ++ fatal("sshpkt failed: %s", ssh_err(r)); ++ gss_release_buffer(&gss->minor, send_tok); ++ } ++} ++ ++static inline int ++kexgssgex_final(struct ssh *ssh, ++ gss_buffer_desc *send_tok, ++ OM_uint32 *ret_flags) ++{ ++ struct kex *kex = ssh->kex; ++ Gssctxt *gss = kex->gss; ++ gss_buffer_desc msg_tok; ++ u_char hash[SSH_DIGEST_MAX_LENGTH]; ++ size_t hashlen; ++ const BIGNUM *pub_key, *dh_p, *dh_g; ++ struct sshbuf *shared_secret = NULL; ++ struct sshbuf *empty = NULL; ++ int r; ++ ++ ssh_dispatch_set(ssh, SSH2_MSG_KEXGSS_INIT, NULL); ++ ssh_dispatch_set(ssh, SSH2_MSG_KEXGSS_CONTINUE, NULL); ++ ++ if (GSS_ERROR(gss->major)) { ++ if (send_tok->length > 0) { ++ if ((r = sshpkt_start(ssh, SSH2_MSG_KEXGSS_CONTINUE)) != 0 || ++ (r = sshpkt_put_string(ssh, send_tok->value, send_tok->length)) != 0 || ++ (r = sshpkt_send(ssh)) != 0) ++ fatal("sshpkt failed: %s", ssh_err(r)); ++ } ++ fatal("accept_ctx died"); ++ } ++ ++ if (!(*ret_flags & GSS_C_MUTUAL_FLAG)) ++ fatal("Mutual Authentication flag wasn't set"); ++ ++ if (!(*ret_flags & GSS_C_INTEG_FLAG)) ++ fatal("Integrity flag wasn't set"); ++ ++ /* calculate shared secret */ ++ shared_secret = sshbuf_new(); ++ if (shared_secret == NULL) { ++ ssh_gssapi_delete_ctx(&kex->gss); ++ r = SSH_ERR_ALLOC_FAIL; ++ goto out; ++ } ++ if ((r = kex_dh_compute_key(kex, gss->dh_client_pub, shared_secret)) != 0) { ++ ssh_gssapi_delete_ctx(&kex->gss); ++ goto out; ++ } ++ ++ if ((empty = sshbuf_new()) == NULL) { ++ ssh_gssapi_delete_ctx(&kex->gss); ++ r = SSH_ERR_ALLOC_FAIL; ++ goto out; ++ } ++ ++ DH_get0_key(kex->dh, &pub_key, NULL); ++ DH_get0_pqg(kex->dh, &dh_p, NULL, &dh_g); ++ hashlen = sizeof(hash); ++ r = kexgex_hash(kex->hash_alg, kex->client_version, kex->server_version, ++ kex->peer, kex->my, empty, kex->min, kex->nbits, kex->max, dh_p, dh_g, ++ gss->dh_client_pub, pub_key, sshbuf_ptr(shared_secret), ++ sshbuf_len(shared_secret), hash, &hashlen); ++ sshbuf_free(empty); ++ if (r != 0) ++ fatal("kexgex_hash failed: %s", ssh_err(r)); ++ ++ gss->buf.value = hash; ++ gss->buf.length = hashlen; ++ ++ if (GSS_ERROR(mm_ssh_gssapi_sign(gss, &gss->buf, &msg_tok))) ++ fatal("Couldn't get MIC"); ++ ++ if ((r = sshpkt_start(ssh, SSH2_MSG_KEXGSS_COMPLETE)) != 0 || ++ (r = sshpkt_put_bignum2(ssh, pub_key)) != 0 || ++ (r = sshpkt_put_string(ssh, msg_tok.value, msg_tok.length)) != 0) ++ fatal("sshpkt failed: %s", ssh_err(r)); ++ ++ if (send_tok->length != 0) { ++ if ((r = sshpkt_put_u8(ssh, 1)) != 0 || /* true */ ++ (r = sshpkt_put_string(ssh, send_tok->value, send_tok->length)) != 0) ++ fatal("sshpkt failed: %s", ssh_err(r)); ++ } else { ++ if ((r = sshpkt_put_u8(ssh, 0)) != 0) /* false */ ++ fatal("sshpkt failed: %s", ssh_err(r)); ++ } ++ if ((r = sshpkt_send(ssh)) != 0) ++ fatal("sshpkt_send failed: %s", ssh_err(r)); ++ ++ gss_release_buffer(&gss->minor, send_tok); ++ gss_release_buffer(&gss->minor, &msg_tok); ++ ++ if (gss_kex_context == NULL) ++ gss_kex_context = gss; ++ else ++ ssh_gssapi_delete_ctx(&kex->gss); ++ ++ /* Finally derive the keys and send them */ ++ if ((r = kex_derive_keys(ssh, hash, hashlen, shared_secret)) == 0) ++ r = kex_send_newkeys(ssh); ++ ++ /* If this was a rekey, then save out any delegated credentials we ++ * just exchanged. */ ++ if (options.gss_store_rekey) ++ ssh_gssapi_rekey_creds(); ++ ++ if (kex->gss != NULL) ++ BN_clear_free(gss->dh_client_pub); ++ ++out: ++ explicit_bzero(hash, sizeof(hash)); ++ DH_free(kex->dh); ++ kex->dh = NULL; ++ sshbuf_free(shared_secret); ++ return r; ++} ++ ++static int ++input_kexgssgex_groupreq(int type, ++ u_int32_t seq, ++ struct ssh *ssh) ++{ ++ struct kex *kex = ssh->kex; ++ const BIGNUM *dh_p, *dh_g; ++ int min = -1, max = -1, nbits = -1; ++ int cmin = -1, cmax = -1; /* client proposal */ ++ int r; ++ ++ /* 5. S generates an ephemeral key pair (do the allocations early) */ ++ ++ debug("SSH2_MSG_KEXGSS_GROUPREQ received"); ++ ssh_dispatch_set(ssh, SSH2_MSG_KEXGSS_GROUPREQ, NULL); ++ + /* store client proposal to provide valid signature */ + if ((r = sshpkt_get_u32(ssh, &cmin)) != 0 || + (r = sshpkt_get_u32(ssh, &nbits)) != 0 || + (r = sshpkt_get_u32(ssh, &cmax)) != 0 || + (r = sshpkt_get_end(ssh)) != 0) + fatal("sshpkt failed: %s", ssh_err(r)); ++ + kex->nbits = nbits; + kex->min = cmin; + kex->max = cmax; @@ -2158,9 +2457,10 @@ diff --color -ruNp a/kexgsss.c b/kexgsss.c + max = MIN(DH_GRP_MAX, cmax); + nbits = MAXIMUM(DH_GRP_MIN, nbits); + nbits = MINIMUM(DH_GRP_MAX, nbits); ++ + if (max < min || nbits < min || max < nbits) -+ fatal("GSS_GEX, bad parameters: %d !< %d !< %d", -+ min, nbits, max); ++ fatal("GSS_GEX, bad parameters: %d !< %d !< %d", min, nbits, max); ++ + kex->dh = mm_choose_dh(min, nbits, max); + if (kex->dh == NULL) { + sshpkt_disconnect(ssh, "Protocol error: no matching group found"); @@ -2178,151 +2478,83 @@ diff --color -ruNp a/kexgsss.c b/kexgsss.c + fatal("ssh_packet_write_wait: %s", ssh_err(r)); + + /* Compute our exchange value in parallel with the client */ -+ if ((r = dh_gen_key(kex->dh, kex->we_need * 8)) != 0) -+ goto out; -+ -+ do { -+ debug("Wait SSH2_MSG_GSSAPI_INIT"); -+ type = ssh_packet_read(ssh); -+ switch(type) { -+ case SSH2_MSG_KEXGSS_INIT: -+ if (dh_client_pub != NULL) -+ fatal("Received KEXGSS_INIT after initialising"); -+ if ((r = ssh_gssapi_sshpkt_get_buffer_desc(ssh, -+ &recv_tok)) != 0 || -+ (r = sshpkt_get_bignum2(ssh, &dh_client_pub)) != 0 || -+ (r = sshpkt_get_end(ssh)) != 0) -+ fatal("sshpkt failed: %s", ssh_err(r)); -+ -+ /* Send SSH_MSG_KEXGSS_HOSTKEY here, if we want */ -+ break; -+ case SSH2_MSG_KEXGSS_CONTINUE: -+ if ((r = ssh_gssapi_sshpkt_get_buffer_desc(ssh, -+ &recv_tok)) != 0 || -+ (r = sshpkt_get_end(ssh)) != 0) -+ fatal("sshpkt failed: %s", ssh_err(r)); -+ break; -+ default: -+ sshpkt_disconnect(ssh, -+ "Protocol error: didn't expect packet type %d", -+ type); -+ } -+ -+ maj_status = mm_ssh_gssapi_accept_ctx(ctxt, &recv_tok, -+ &send_tok, &ret_flags); -+ -+ gss_release_buffer(&min_status, &recv_tok); -+ -+ if (maj_status != GSS_S_COMPLETE && send_tok.length == 0) -+ fatal("Zero length token output when incomplete"); -+ -+ if (dh_client_pub == NULL) -+ fatal("No client public key"); -+ -+ if (maj_status & GSS_S_CONTINUE_NEEDED) { -+ debug("Sending GSSAPI_CONTINUE"); -+ if ((r = sshpkt_start(ssh, SSH2_MSG_KEXGSS_CONTINUE)) != 0 || -+ (r = sshpkt_put_string(ssh, send_tok.value, send_tok.length)) != 0 || -+ (r = sshpkt_send(ssh)) != 0) -+ fatal("sshpkt failed: %s", ssh_err(r)); -+ gss_release_buffer(&min_status, &send_tok); -+ } -+ } while (maj_status & GSS_S_CONTINUE_NEEDED); -+ -+ if (GSS_ERROR(maj_status)) { -+ if (send_tok.length > 0) { -+ if ((r = sshpkt_start(ssh, SSH2_MSG_KEXGSS_CONTINUE)) != 0 || -+ (r = sshpkt_put_string(ssh, send_tok.value, send_tok.length)) != 0 || -+ (r = sshpkt_send(ssh)) != 0) -+ fatal("sshpkt failed: %s", ssh_err(r)); -+ } -+ fatal("accept_ctx died"); ++ if ((r = dh_gen_key(kex->dh, kex->we_need * 8)) != 0) { ++ ssh_gssapi_delete_ctx(&kex->gss); ++ DH_free(kex->dh); ++ kex->dh = NULL; ++ return r; + } + -+ if (!(ret_flags & GSS_C_MUTUAL_FLAG)) -+ fatal("Mutual Authentication flag wasn't set"); -+ -+ if (!(ret_flags & GSS_C_INTEG_FLAG)) -+ fatal("Integrity flag wasn't set"); -+ -+ /* calculate shared secret */ -+ if ((shared_secret = sshbuf_new()) == NULL) { -+ r = SSH_ERR_ALLOC_FAIL; -+ goto out; -+ } -+ if ((r = kex_dh_compute_key(kex, dh_client_pub, shared_secret)) != 0) -+ goto out; -+ -+ DH_get0_key(kex->dh, &pub_key, NULL); -+ DH_get0_pqg(kex->dh, &dh_p, NULL, &dh_g); -+ hashlen = sizeof(hash); -+ if ((r = kexgex_hash( -+ kex->hash_alg, -+ kex->client_version, -+ kex->server_version, -+ kex->peer, -+ kex->my, -+ empty, -+ cmin, nbits, cmax, -+ dh_p, dh_g, -+ dh_client_pub, -+ pub_key, -+ sshbuf_ptr(shared_secret), sshbuf_len(shared_secret), -+ hash, &hashlen)) != 0) -+ fatal("kexgex_hash failed: %s", ssh_err(r)); -+ -+ gssbuf.value = hash; -+ gssbuf.length = hashlen; -+ -+ if (GSS_ERROR(mm_ssh_gssapi_sign(ctxt, &gssbuf, &msg_tok))) -+ fatal("Couldn't get MIC"); -+ -+ if ((r = sshpkt_start(ssh, SSH2_MSG_KEXGSS_COMPLETE)) != 0 || -+ (r = sshpkt_put_bignum2(ssh, pub_key)) != 0 || -+ (r = sshpkt_put_string(ssh, msg_tok.value, msg_tok.length)) != 0) -+ fatal("sshpkt failed: %s", ssh_err(r)); -+ -+ if (send_tok.length != 0) { -+ if ((r = sshpkt_put_u8(ssh, 1)) != 0 || /* true */ -+ (r = sshpkt_put_string(ssh, send_tok.value, send_tok.length)) != 0) -+ fatal("sshpkt failed: %s", ssh_err(r)); -+ } else { -+ if ((r = sshpkt_put_u8(ssh, 0)) != 0) /* false */ -+ fatal("sshpkt failed: %s", ssh_err(r)); -+ } -+ if ((r = sshpkt_send(ssh)) != 0) -+ fatal("sshpkt failed: %s", ssh_err(r)); -+ -+ gss_release_buffer(&min_status, &send_tok); -+ gss_release_buffer(&min_status, &msg_tok); -+ -+ if (gss_kex_context == NULL) -+ gss_kex_context = ctxt; -+ else -+ ssh_gssapi_delete_ctx(&ctxt); -+ -+ /* Finally derive the keys and send them */ -+ if ((r = kex_derive_keys(ssh, hash, hashlen, shared_secret)) == 0) -+ r = kex_send_newkeys(ssh); -+ -+ /* If this was a rekey, then save out any delegated credentials we -+ * just exchanged. */ -+ if (options.gss_store_rekey) -+ ssh_gssapi_rekey_creds(); -+out: -+ sshbuf_free(empty); -+ explicit_bzero(hash, sizeof(hash)); -+ DH_free(kex->dh); -+ kex->dh = NULL; -+ BN_clear_free(dh_client_pub); -+ sshbuf_free(shared_secret); -+ return r; ++ ssh_dispatch_set(ssh, SSH2_MSG_KEXGSS_INIT, &input_kexgssgex_init); ++ ssh_dispatch_set(ssh, SSH2_MSG_KEXGSS_CONTINUE, &input_kexgssgex_continue); ++ debug("Wait SSH2_MSG_KEXGSS_INIT"); ++ return 0; +} ++ ++static int ++input_kexgssgex_init(int type, ++ u_int32_t seq, ++ struct ssh *ssh) ++{ ++ Gssctxt *gss = ssh->kex->gss; ++ gss_buffer_desc recv_tok, send_tok = GSS_C_EMPTY_BUFFER; ++ OM_uint32 ret_flags = 0; ++ int r; ++ ++ debug("SSH2_MSG_KEXGSS_INIT received"); ++ ssh_dispatch_set(ssh, SSH2_MSG_KEXGSS_INIT, NULL); ++ ++ if ((r = ssh_gssapi_sshpkt_get_buffer_desc(ssh, &recv_tok)) != 0 || ++ (r = sshpkt_get_bignum2(ssh, &gss->dh_client_pub)) != 0 || ++ (r = sshpkt_get_end(ssh)) != 0) ++ fatal("sshpkt failed: %s", ssh_err(r)); ++ ++ /* Send SSH_MSG_KEXGSS_HOSTKEY here, if we want */ ++ ++ kexgssgex_accept_ctx(ssh, &recv_tok, &send_tok, &ret_flags); ++ if (gss->major & GSS_S_CONTINUE_NEEDED) ++ return 0; ++ ++ return kexgssgex_final(ssh, &send_tok, &ret_flags); ++} ++ ++static int ++input_kexgssgex_continue(int type, ++ u_int32_t seq, ++ struct ssh *ssh) ++{ ++ Gssctxt *gss = ssh->kex->gss; ++ gss_buffer_desc recv_tok, send_tok = GSS_C_EMPTY_BUFFER; ++ OM_uint32 ret_flags = 0; ++ int r; ++ ++ if ((r = ssh_gssapi_sshpkt_get_buffer_desc(ssh, &recv_tok)) != 0 || ++ (r = sshpkt_get_end(ssh)) != 0) ++ fatal("sshpkt failed: %s", ssh_err(r)); ++ ++ kexgssgex_accept_ctx(ssh, &recv_tok, &send_tok, &ret_flags); ++ if (gss->major & GSS_S_CONTINUE_NEEDED) ++ return 0; ++ ++ return kexgssgex_final(ssh, &send_tok, &ret_flags); ++} ++ +#endif /* defined(GSSAPI) && defined(WITH_OPENSSL) */ diff --color -ruNp a/kex.h b/kex.h --- a/kex.h 2024-07-01 06:36:28.000000000 +0200 -+++ b/kex.h 2024-08-28 12:35:41.249432103 +0200 -@@ -102,6 +102,15 @@ enum kex_exchange { ++++ b/kex.h 2024-09-16 11:46:34.710940224 +0200 +@@ -29,6 +29,10 @@ + #include "mac.h" + #include "crypto_api.h" + ++#ifdef GSSAPI ++# include "ssh-gss.h" /* Gssctxt */ ++#endif ++ + #ifdef WITH_OPENSSL + # include + # include +@@ -102,6 +106,15 @@ enum kex_exchange { KEX_ECDH_SHA2, KEX_C25519_SHA256, KEX_KEM_SNTRUP761X25519_SHA512, @@ -2338,11 +2570,12 @@ diff --color -ruNp a/kex.h b/kex.h KEX_MAX }; -@@ -164,6 +173,12 @@ struct kex { +@@ -164,6 +177,13 @@ struct kex { u_int flags; int hash_alg; int ec_nid; +#ifdef GSSAPI ++ Gssctxt *gss; + int gss_deleg_creds; + int gss_trust_dns; + char *gss_host; @@ -2351,7 +2584,7 @@ diff --color -ruNp a/kex.h b/kex.h char *failed_choice; int (*verify_host_key)(struct sshkey *, struct ssh *); struct sshkey *(*load_host_public_key)(int, int, struct ssh *); -@@ -189,8 +204,10 @@ int kex_hash_from_name(const char *); +@@ -189,8 +209,10 @@ int kex_hash_from_name(const char *); int kex_nid_from_name(const char *); int kex_names_valid(const char *); char *kex_alg_list(char); @@ -2362,7 +2595,7 @@ diff --color -ruNp a/kex.h b/kex.h int kex_assemble_names(char **, const char *, const char *); void kex_proposal_populate_entries(struct ssh *, char *prop[PROPOSAL_MAX], const char *, const char *, const char *, const char *, const char *); -@@ -224,6 +241,12 @@ int kexgex_client(struct ssh *); +@@ -224,6 +246,12 @@ int kexgex_client(struct ssh *); int kexgex_server(struct ssh *); int kex_gen_client(struct ssh *); int kex_gen_server(struct ssh *); @@ -2375,7 +2608,7 @@ diff --color -ruNp a/kex.h b/kex.h int kex_dh_keypair(struct kex *); int kex_dh_enc(struct kex *, const struct sshbuf *, struct sshbuf **, -@@ -256,6 +279,12 @@ int kexgex_hash(int, const struct sshbu +@@ -256,6 +284,12 @@ int kexgex_hash(int, const struct sshbu const BIGNUM *, const u_char *, size_t, u_char *, size_t *); @@ -2390,7 +2623,7 @@ diff --color -ruNp a/kex.h b/kex.h __attribute__((__bounded__(__minbytes__, 2, CURVE25519_SIZE))); diff --color -ruNp a/kex-names.c b/kex-names.c --- a/kex-names.c 2024-07-01 06:36:28.000000000 +0200 -+++ b/kex-names.c 2024-08-28 12:35:41.249432103 +0200 ++++ b/kex-names.c 2024-09-16 11:46:34.694939883 +0200 @@ -45,6 +45,10 @@ #include "ssherr.h" #include "xmalloc.h" @@ -2492,8 +2725,8 @@ diff --color -ruNp a/kex-names.c b/kex-names.c + return 1; +} diff --color -ruNp a/Makefile.in b/Makefile.in ---- a/Makefile.in 2024-08-28 12:35:01.200659705 +0200 -+++ b/Makefile.in 2024-08-28 12:35:41.244432006 +0200 +--- a/Makefile.in 2024-09-16 11:45:56.868133454 +0200 ++++ b/Makefile.in 2024-09-16 11:46:34.695939904 +0200 @@ -114,6 +114,7 @@ LIBSSH_OBJS=${LIBOPENSSH_OBJS} \ kex.o kex-names.o kexdh.o kexgex.o kexecdh.o kexc25519.o \ kexgexc.o kexgexs.o \ @@ -2521,8 +2754,8 @@ diff --color -ruNp a/Makefile.in b/Makefile.in regress/modpipe$(EXEEXT): $(srcdir)/regress/modpipe.c $(REGRESSLIBS) $(CC) $(CFLAGS) $(CPPFLAGS) -o $@ $(srcdir)/regress/modpipe.c \ diff --color -ruNp a/monitor.c b/monitor.c ---- a/monitor.c 2024-08-28 12:35:01.192659551 +0200 -+++ b/monitor.c 2024-08-28 12:35:41.251432142 +0200 +--- a/monitor.c 2024-09-16 11:45:56.861133305 +0200 ++++ b/monitor.c 2024-09-16 11:46:34.696939926 +0200 @@ -143,6 +143,8 @@ int mm_answer_gss_setup_ctx(struct ssh * int mm_answer_gss_accept_ctx(struct ssh *, int, struct sshbuf *); int mm_answer_gss_userok(struct ssh *, int, struct sshbuf *); @@ -2770,8 +3003,8 @@ diff --color -ruNp a/monitor.c b/monitor.c #endif /* GSSAPI */ diff --color -ruNp a/monitor.h b/monitor.h ---- a/monitor.h 2024-08-28 12:35:01.192659551 +0200 -+++ b/monitor.h 2024-08-28 12:35:41.251432142 +0200 +--- a/monitor.h 2024-09-16 11:45:56.861133305 +0200 ++++ b/monitor.h 2024-09-16 11:46:34.696939926 +0200 @@ -67,6 +67,8 @@ enum monitor_reqtype { MONITOR_REQ_PAM_FREE_CTX = 110, MONITOR_ANS_PAM_FREE_CTX = 111, MONITOR_REQ_AUDIT_EVENT = 112, MONITOR_REQ_AUDIT_COMMAND = 113, @@ -2782,8 +3015,8 @@ diff --color -ruNp a/monitor.h b/monitor.h struct ssh; diff --color -ruNp a/monitor_wrap.c b/monitor_wrap.c ---- a/monitor_wrap.c 2024-08-28 12:35:01.192659551 +0200 -+++ b/monitor_wrap.c 2024-08-28 12:35:41.251432142 +0200 +--- a/monitor_wrap.c 2024-09-16 11:45:56.862133326 +0200 ++++ b/monitor_wrap.c 2024-09-16 11:46:34.697939947 +0200 @@ -1075,13 +1075,15 @@ mm_ssh_gssapi_checkmic(Gssctxt *ctx, gss } @@ -2862,8 +3095,8 @@ diff --color -ruNp a/monitor_wrap.c b/monitor_wrap.c /* diff --color -ruNp a/monitor_wrap.h b/monitor_wrap.h ---- a/monitor_wrap.h 2024-08-28 12:35:01.193659570 +0200 -+++ b/monitor_wrap.h 2024-08-28 12:35:41.251432142 +0200 +--- a/monitor_wrap.h 2024-09-16 11:45:56.862133326 +0200 ++++ b/monitor_wrap.h 2024-09-16 11:46:34.697939947 +0200 @@ -67,8 +67,10 @@ void mm_decode_activate_server_options(s OM_uint32 mm_ssh_gssapi_server_ctx(Gssctxt **, gss_OID); OM_uint32 mm_ssh_gssapi_accept_ctx(Gssctxt *, @@ -2876,53 +3109,9 @@ diff --color -ruNp a/monitor_wrap.h b/monitor_wrap.h #endif #ifdef USE_PAM -diff --color -ruNp a/packet.c b/packet.c ---- a/packet.c 2024-07-01 06:36:28.000000000 +0200 -+++ b/packet.c 2024-08-28 12:35:41.260432315 +0200 -@@ -1517,6 +1517,29 @@ ssh_packet_read(struct ssh *ssh) - return type; - } - -+/* -+ * Waits until a packet has been received, verifies that its type matches -+ * that given, and gives a fatal error and exits if there is a mismatch. -+ */ -+ -+int -+ssh_packet_read_expect(struct ssh *ssh, u_int expected_type) -+{ -+ int r; -+ u_char type; -+ -+ if ((r = ssh_packet_read_seqnr(ssh, &type, NULL)) != 0) -+ return r; -+ if (type != expected_type) { -+ if ((r = sshpkt_disconnect(ssh, -+ "Protocol error: expected packet type %d, got %d", -+ expected_type, type)) != 0) -+ return r; -+ return SSH_ERR_PROTOCOL_ERROR; -+ } -+ return 0; -+} -+ - static int - ssh_packet_read_poll2_mux(struct ssh *ssh, u_char *typep, u_int32_t *seqnr_p) - { -diff --color -ruNp a/packet.h b/packet.h ---- a/packet.h 2024-07-01 06:36:28.000000000 +0200 -+++ b/packet.h 2024-08-28 12:35:41.260432315 +0200 -@@ -124,6 +124,7 @@ int ssh_packet_send2_wrapped(struct ssh - int ssh_packet_send2(struct ssh *); - - int ssh_packet_read(struct ssh *); -+int ssh_packet_read_expect(struct ssh *, u_int type); - int ssh_packet_read_poll2(struct ssh *, u_char *, u_int32_t *seqnr_p); - int ssh_packet_process_incoming(struct ssh *, const char *buf, u_int len); - int ssh_packet_process_read(struct ssh *, int); diff --color -ruNp a/readconf.c b/readconf.c --- a/readconf.c 2024-07-01 06:36:28.000000000 +0200 -+++ b/readconf.c 2024-08-28 12:35:41.253432180 +0200 ++++ b/readconf.c 2024-09-16 11:46:34.699939990 +0200 @@ -70,6 +70,7 @@ #include "uidswap.h" #include "myproposal.h" @@ -3056,7 +3245,7 @@ diff --color -ruNp a/readconf.c b/readconf.c dump_cfg_fmtint(oHostbasedAuthentication, o->hostbased_authentication); diff --color -ruNp a/readconf.h b/readconf.h --- a/readconf.h 2024-07-01 06:36:28.000000000 +0200 -+++ b/readconf.h 2024-08-28 12:35:41.254432199 +0200 ++++ b/readconf.h 2024-09-16 11:46:34.699939990 +0200 @@ -40,7 +40,13 @@ typedef struct { int pubkey_authentication; /* Try ssh2 pubkey authentication. */ int hostbased_authentication; /* ssh2's rhosts_rsa */ @@ -3073,7 +3262,7 @@ diff --color -ruNp a/readconf.h b/readconf.h int kbd_interactive_authentication; /* Try keyboard-interactive auth. */ diff --color -ruNp a/servconf.c b/servconf.c --- a/servconf.c 2024-07-01 06:36:28.000000000 +0200 -+++ b/servconf.c 2024-08-28 12:35:41.255432218 +0200 ++++ b/servconf.c 2024-09-16 11:46:34.700940011 +0200 @@ -68,6 +68,7 @@ #include "auth.h" #include "myproposal.h" @@ -3191,7 +3380,7 @@ diff --color -ruNp a/servconf.c b/servconf.c dump_cfg_fmtint(sKbdInteractiveAuthentication, diff --color -ruNp a/servconf.h b/servconf.h --- a/servconf.h 2024-07-01 06:36:28.000000000 +0200 -+++ b/servconf.h 2024-08-28 12:35:41.255432218 +0200 ++++ b/servconf.h 2024-09-16 11:46:34.700940011 +0200 @@ -149,8 +149,11 @@ typedef struct { int kerberos_get_afs_token; /* If true, try to get AFS token if * authenticated with Kerberos. */ @@ -3205,8 +3394,8 @@ diff --color -ruNp a/servconf.h b/servconf.h * authentication. */ int kbd_interactive_authentication; /* If true, permit */ diff --color -ruNp a/session.c b/session.c ---- a/session.c 2024-08-28 12:35:01.197659647 +0200 -+++ b/session.c 2024-08-28 12:35:41.255432218 +0200 +--- a/session.c 2024-09-16 11:45:56.866133411 +0200 ++++ b/session.c 2024-09-16 11:46:34.701940032 +0200 @@ -2674,13 +2674,19 @@ do_cleanup(struct ssh *ssh, Authctxt *au #ifdef KRB5 @@ -3230,8 +3419,8 @@ diff --color -ruNp a/session.c b/session.c /* remove agent socket */ diff --color -ruNp a/ssh.1 b/ssh.1 ---- a/ssh.1 2024-08-28 12:35:01.207659840 +0200 -+++ b/ssh.1 2024-08-28 12:35:41.256432238 +0200 +--- a/ssh.1 2024-09-16 11:45:56.875133603 +0200 ++++ b/ssh.1 2024-09-16 11:46:34.701940032 +0200 @@ -536,7 +536,13 @@ For full details of the options listed b .It GatewayPorts .It GlobalKnownHostsFile @@ -3257,7 +3446,7 @@ diff --color -ruNp a/ssh.1 b/ssh.1 .Ar key-ca-sign diff --color -ruNp a/ssh.c b/ssh.c --- a/ssh.c 2024-07-01 06:36:28.000000000 +0200 -+++ b/ssh.c 2024-08-28 12:35:41.256432238 +0200 ++++ b/ssh.c 2024-09-16 11:46:34.702940054 +0200 @@ -827,6 +827,8 @@ main(int ac, char **av) else if (strcmp(optarg, "kex") == 0 || strcasecmp(optarg, "KexAlgorithms") == 0) @@ -3279,8 +3468,8 @@ diff --color -ruNp a/ssh.c b/ssh.c if (cp == NULL) fatal("Unsupported query \"%s\"", optarg); diff --color -ruNp a/ssh_config b/ssh_config ---- a/ssh_config 2024-08-28 12:35:01.216660014 +0200 -+++ b/ssh_config 2024-08-28 12:35:41.256432238 +0200 +--- a/ssh_config 2024-09-16 11:45:56.884133795 +0200 ++++ b/ssh_config 2024-09-16 11:46:34.702940054 +0200 @@ -24,6 +24,8 @@ # HostbasedAuthentication no # GSSAPIAuthentication no @@ -3292,7 +3481,7 @@ diff --color -ruNp a/ssh_config b/ssh_config # AddressFamily any diff --color -ruNp a/ssh_config.5 b/ssh_config.5 --- a/ssh_config.5 2024-07-01 06:36:28.000000000 +0200 -+++ b/ssh_config.5 2024-08-28 12:35:41.257432257 +0200 ++++ b/ssh_config.5 2024-09-16 11:46:34.703940075 +0200 @@ -938,10 +938,68 @@ The default is Specifies whether user authentication based on GSSAPI is allowed. The default is @@ -3364,7 +3553,7 @@ diff --color -ruNp a/ssh_config.5 b/ssh_config.5 .Xr ssh 1 diff --color -ruNp a/sshconnect2.c b/sshconnect2.c --- a/sshconnect2.c 2024-07-01 06:36:28.000000000 +0200 -+++ b/sshconnect2.c 2024-08-28 12:35:41.258432276 +0200 ++++ b/sshconnect2.c 2024-09-16 11:46:34.703940075 +0200 @@ -222,6 +222,11 @@ ssh_kex2(struct ssh *ssh, char *host, st char *all_key, *hkalgs = NULL; int r, use_known_hosts_order = 0; @@ -3595,7 +3784,7 @@ diff --color -ruNp a/sshconnect2.c b/sshconnect2.c static int diff --color -ruNp a/sshd.c b/sshd.c --- a/sshd.c 2024-07-01 06:36:28.000000000 +0200 -+++ b/sshd.c 2024-08-28 12:35:41.258432276 +0200 ++++ b/sshd.c 2024-09-16 11:46:34.704940096 +0200 @@ -1551,7 +1551,8 @@ main(int ac, char **av) free(fp); } @@ -3607,8 +3796,8 @@ diff --color -ruNp a/sshd.c b/sshd.c exit(1); } diff --color -ruNp a/sshd_config b/sshd_config ---- a/sshd_config 2024-08-28 12:35:01.221660110 +0200 -+++ b/sshd_config 2024-08-28 12:35:41.259432296 +0200 +--- a/sshd_config 2024-09-16 11:45:56.888133880 +0200 ++++ b/sshd_config 2024-09-16 11:46:34.704940096 +0200 @@ -77,6 +77,8 @@ AuthorizedKeysFile .ssh/authorized_keys # GSSAPI options #GSSAPIAuthentication no @@ -3619,8 +3808,8 @@ diff --color -ruNp a/sshd_config b/sshd_config # Set this to 'yes' to enable PAM authentication, account processing, # and session processing. If this is enabled, PAM authentication will diff --color -ruNp a/sshd_config.5 b/sshd_config.5 ---- a/sshd_config.5 2024-08-28 12:35:01.218660052 +0200 -+++ b/sshd_config.5 2024-08-28 12:35:41.259432296 +0200 +--- a/sshd_config.5 2024-09-16 11:45:56.885133816 +0200 ++++ b/sshd_config.5 2024-09-16 11:46:34.704940096 +0200 @@ -739,6 +739,11 @@ Specifies whether to automatically destr on logout. The default is @@ -3667,8 +3856,8 @@ diff --color -ruNp a/sshd_config.5 b/sshd_config.5 Specifies the signature algorithms that will be accepted for hostbased authentication as a list of comma-separated patterns. diff --color -ruNp a/sshd-session.c b/sshd-session.c ---- a/sshd-session.c 2024-08-28 12:35:01.221660110 +0200 -+++ b/sshd-session.c 2024-08-28 12:35:41.263432373 +0200 +--- a/sshd-session.c 2024-09-16 11:45:56.888133880 +0200 ++++ b/sshd-session.c 2024-09-16 11:46:34.705940118 +0200 @@ -660,8 +660,8 @@ notify_hostkeys(struct ssh *ssh) } debug3_f("sent %u hostkeys", nkeys); @@ -3763,8 +3952,8 @@ diff --color -ruNp a/sshd-session.c b/sshd-session.c kex->load_host_public_key=&get_hostkey_public_by_type; diff --color -ruNp a/ssh-gss.h b/ssh-gss.h --- a/ssh-gss.h 2024-07-01 06:36:28.000000000 +0200 -+++ b/ssh-gss.h 2024-08-28 12:35:41.256432238 +0200 -@@ -61,10 +61,34 @@ ++++ b/ssh-gss.h 2024-09-16 11:46:34.710940224 +0200 +@@ -61,10 +61,36 @@ #define SSH_GSS_OIDTYPE 0x06 @@ -3790,6 +3979,8 @@ diff --color -ruNp a/ssh-gss.h b/ssh-gss.h + KEX_GSS_C25519_SHA256_ID "," \ + KEX_GSS_GRP14_SHA1_ID "," \ + KEX_GSS_GEX_SHA1_ID ++ ++#include "digest.h" /* SSH_DIGEST_MAX_LENGTH */ + typedef struct { char *filename; @@ -3799,7 +3990,7 @@ diff --color -ruNp a/ssh-gss.h b/ssh-gss.h void *data; } ssh_gssapi_ccache; -@@ -72,8 +96,11 @@ typedef struct { +@@ -72,8 +98,11 @@ typedef struct { gss_buffer_desc displayname; gss_buffer_desc exportedname; gss_cred_id_t creds; @@ -3811,7 +4002,7 @@ diff --color -ruNp a/ssh-gss.h b/ssh-gss.h } ssh_gssapi_client; typedef struct ssh_gssapi_mech_struct { -@@ -84,6 +111,7 @@ typedef struct ssh_gssapi_mech_struct { +@@ -84,6 +113,7 @@ typedef struct ssh_gssapi_mech_struct { int (*userok) (ssh_gssapi_client *, char *); int (*localname) (ssh_gssapi_client *, char **); void (*storecreds) (ssh_gssapi_client *); @@ -3819,12 +4010,22 @@ diff --color -ruNp a/ssh-gss.h b/ssh-gss.h } ssh_gssapi_mech; typedef struct { -@@ -94,10 +122,11 @@ typedef struct { +@@ -94,10 +124,21 @@ typedef struct { gss_OID oid; /* client */ gss_cred_id_t creds; /* server */ gss_name_t client; /* server */ - gss_cred_id_t client_creds; /* server */ + gss_cred_id_t client_creds; /* both */ ++ struct sshbuf *shared_secret; /* both */ ++ struct sshbuf *server_pubkey; /* server */ ++ struct sshbuf *server_blob; /* client */ ++ struct sshbuf *server_host_key_blob; /* client */ ++ gss_buffer_desc msg_tok; /* client */ ++ gss_buffer_desc buf; /* both */ ++ u_char hash[SSH_DIGEST_MAX_LENGTH]; /* both */ ++ size_t hashlen; /* both */ ++ int first; /* client */ ++ BIGNUM *dh_client_pub; /* server (gex) */ } Gssctxt; extern ssh_gssapi_mech *supported_mechs[]; @@ -3832,7 +4033,7 @@ diff --color -ruNp a/ssh-gss.h b/ssh-gss.h int ssh_gssapi_check_oid(Gssctxt *, void *, size_t); void ssh_gssapi_set_oid_data(Gssctxt *, void *, size_t); -@@ -108,6 +137,7 @@ OM_uint32 ssh_gssapi_test_oid_supported( +@@ -108,6 +149,7 @@ OM_uint32 ssh_gssapi_test_oid_supported( struct sshbuf; int ssh_gssapi_get_buffer_desc(struct sshbuf *, gss_buffer_desc *); @@ -3840,7 +4041,7 @@ diff --color -ruNp a/ssh-gss.h b/ssh-gss.h OM_uint32 ssh_gssapi_import_name(Gssctxt *, const char *); OM_uint32 ssh_gssapi_init_ctx(Gssctxt *, int, -@@ -122,17 +152,33 @@ void ssh_gssapi_delete_ctx(Gssctxt **); +@@ -122,17 +164,33 @@ void ssh_gssapi_delete_ctx(Gssctxt **); OM_uint32 ssh_gssapi_sign(Gssctxt *, gss_buffer_t, gss_buffer_t); void ssh_gssapi_buildmic(struct sshbuf *, const char *, const char *, const char *, const struct sshbuf *); @@ -3878,7 +4079,7 @@ diff --color -ruNp a/ssh-gss.h b/ssh-gss.h #endif /* _SSH_GSS_H */ diff --color -ruNp a/sshkey.c b/sshkey.c --- a/sshkey.c 2024-07-01 06:36:28.000000000 +0200 -+++ b/sshkey.c 2024-08-28 12:35:41.260432315 +0200 ++++ b/sshkey.c 2024-09-16 11:46:34.706940139 +0200 @@ -131,6 +131,75 @@ extern const struct sshkey_impl sshkey_x extern const struct sshkey_impl sshkey_xmss_cert_impl; #endif @@ -3974,7 +4175,7 @@ diff --color -ruNp a/sshkey.c b/sshkey.c continue; diff --color -ruNp a/sshkey.h b/sshkey.h --- a/sshkey.h 2024-07-01 06:36:28.000000000 +0200 -+++ b/sshkey.h 2024-08-28 12:35:41.260432315 +0200 ++++ b/sshkey.h 2024-09-16 11:46:34.706940139 +0200 @@ -71,6 +71,7 @@ enum sshkey_types { KEY_ECDSA_SK_CERT, KEY_ED25519_SK, diff --git a/openssh-9.6p1-gsskex-new-api.patch b/openssh-9.6p1-gsskex-new-api.patch deleted file mode 100644 index 0f2eabb..0000000 --- a/openssh-9.6p1-gsskex-new-api.patch +++ /dev/null @@ -1,1965 +0,0 @@ -diff --color -ruNp a/gss-genr.c b/gss-genr.c ---- a/gss-genr.c 2024-05-16 15:49:43.999411060 +0200 -+++ b/gss-genr.c 2024-06-26 12:17:55.586856954 +0200 -@@ -346,6 +346,7 @@ ssh_gssapi_build_ctx(Gssctxt **ctx) - (*ctx)->creds = GSS_C_NO_CREDENTIAL; - (*ctx)->client = GSS_C_NO_NAME; - (*ctx)->client_creds = GSS_C_NO_CREDENTIAL; -+ (*ctx)->first = 1; - } - - /* Delete our context, providing it has been built correctly */ -@@ -371,6 +372,12 @@ ssh_gssapi_delete_ctx(Gssctxt **ctx) - gss_release_name(&ms, &(*ctx)->client); - if ((*ctx)->client_creds != GSS_C_NO_CREDENTIAL) - gss_release_cred(&ms, &(*ctx)->client_creds); -+ sshbuf_free((*ctx)->shared_secret); -+ sshbuf_free((*ctx)->server_pubkey); -+ sshbuf_free((*ctx)->server_host_key_blob); -+ sshbuf_free((*ctx)->server_blob); -+ explicit_bzero((*ctx)->hash, sizeof((*ctx)->hash)); -+ BN_clear_free((*ctx)->dh_client_pub); - - free(*ctx); - *ctx = NULL; -diff --color -ruNp a/kexgssc.c b/kexgssc.c ---- a/kexgssc.c 2024-05-16 15:49:43.820407648 +0200 -+++ b/kexgssc.c 2024-07-02 16:26:25.628746744 +0200 -@@ -47,566 +47,658 @@ - - #include "ssh-gss.h" - --int --kexgss_client(struct ssh *ssh) -+static int input_kexgss_hostkey(int, u_int32_t, struct ssh *); -+static int input_kexgss_continue(int, u_int32_t, struct ssh *); -+static int input_kexgss_complete(int, u_int32_t, struct ssh *); -+static int input_kexgss_error(int, u_int32_t, struct ssh *); -+static int input_kexgssgex_group(int, u_int32_t, struct ssh *); -+static int input_kexgssgex_continue(int, u_int32_t, struct ssh *); -+static int input_kexgssgex_complete(int, u_int32_t, struct ssh *); -+ -+static int -+kexgss_final(struct ssh *ssh) - { - struct kex *kex = ssh->kex; -- gss_buffer_desc send_tok = GSS_C_EMPTY_BUFFER, -- recv_tok = GSS_C_EMPTY_BUFFER, -- gssbuf, msg_tok = GSS_C_EMPTY_BUFFER, *token_ptr; -- Gssctxt *ctxt; -- OM_uint32 maj_status, min_status, ret_flags; -- struct sshbuf *server_blob = NULL; -- struct sshbuf *shared_secret = NULL; -- struct sshbuf *server_host_key_blob = NULL; -+ Gssctxt *gss = kex->gss; - struct sshbuf *empty = NULL; -- u_char *msg; -- int type = 0; -- int first = 1; -+ struct sshbuf *shared_secret = NULL; - u_char hash[SSH_DIGEST_MAX_LENGTH]; - size_t hashlen; -- u_char c; - int r; - -- /* Initialise our GSSAPI world */ -- ssh_gssapi_build_ctx(&ctxt); -- if (ssh_gssapi_id_kex(ctxt, kex->name, kex->kex_type) -- == GSS_C_NO_OID) -- fatal("Couldn't identify host exchange"); -- -- if (ssh_gssapi_import_name(ctxt, kex->gss_host)) -- fatal("Couldn't import hostname"); -- -- if (kex->gss_client && -- ssh_gssapi_client_identity(ctxt, kex->gss_client)) -- fatal("Couldn't acquire client credentials"); -- -- /* Step 1 */ -- switch (kex->kex_type) { -- case KEX_GSS_GRP1_SHA1: -- case KEX_GSS_GRP14_SHA1: -- case KEX_GSS_GRP14_SHA256: -- case KEX_GSS_GRP16_SHA512: -- r = kex_dh_keypair(kex); -- break; -- case KEX_GSS_NISTP256_SHA256: -- r = kex_ecdh_keypair(kex); -- break; -- case KEX_GSS_C25519_SHA256: -- r = kex_c25519_keypair(kex); -- break; -- default: -- fatal_f("Unexpected KEX type %d", kex->kex_type); -- } -- if (r != 0) { -- ssh_gssapi_delete_ctx(&ctxt); -- return r; -- } -- -- token_ptr = GSS_C_NO_BUFFER; -- -- do { -- debug("Calling gss_init_sec_context"); -- -- maj_status = ssh_gssapi_init_ctx(ctxt, -- kex->gss_deleg_creds, token_ptr, &send_tok, -- &ret_flags); -- -- if (GSS_ERROR(maj_status)) { -- /* XXX Useles code: Missing send? */ -- if (send_tok.length != 0) { -- if ((r = sshpkt_start(ssh, -- SSH2_MSG_KEXGSS_CONTINUE)) != 0 || -- (r = sshpkt_put_string(ssh, send_tok.value, -- send_tok.length)) != 0) -- fatal("sshpkt failed: %s", ssh_err(r)); -- } -- fatal("gss_init_context failed"); -- } -- -- /* If we've got an old receive buffer get rid of it */ -- if (token_ptr != GSS_C_NO_BUFFER) -- gss_release_buffer(&min_status, &recv_tok); -- -- if (maj_status == GSS_S_COMPLETE) { -- /* If mutual state flag is not true, kex fails */ -- if (!(ret_flags & GSS_C_MUTUAL_FLAG)) -- fatal("Mutual authentication failed"); -- -- /* If integ avail flag is not true kex fails */ -- if (!(ret_flags & GSS_C_INTEG_FLAG)) -- fatal("Integrity check failed"); -- } -- -- /* -- * If we have data to send, then the last message that we -- * received cannot have been a 'complete'. -- */ -- if (send_tok.length != 0) { -- if (first) { -- if ((r = sshpkt_start(ssh, SSH2_MSG_KEXGSS_INIT)) != 0 || -- (r = sshpkt_put_string(ssh, send_tok.value, -- send_tok.length)) != 0 || -- (r = sshpkt_put_stringb(ssh, kex->client_pub)) != 0) -- fatal("failed to construct packet: %s", ssh_err(r)); -- first = 0; -- } else { -- if ((r = sshpkt_start(ssh, SSH2_MSG_KEXGSS_CONTINUE)) != 0 || -- (r = sshpkt_put_string(ssh, send_tok.value, -- send_tok.length)) != 0) -- fatal("failed to construct packet: %s", ssh_err(r)); -- } -- if ((r = sshpkt_send(ssh)) != 0) -- fatal("failed to send packet: %s", ssh_err(r)); -- gss_release_buffer(&min_status, &send_tok); -- -- /* If we've sent them data, they should reply */ -- do { -- type = ssh_packet_read(ssh); -- if (type == SSH2_MSG_KEXGSS_HOSTKEY) { -- u_char *tmp = NULL; -- size_t tmp_len = 0; -- -- debug("Received KEXGSS_HOSTKEY"); -- if (server_host_key_blob) -- fatal("Server host key received more than once"); -- if ((r = sshpkt_get_string(ssh, &tmp, &tmp_len)) != 0) -- fatal("Failed to read server host key: %s", ssh_err(r)); -- if ((server_host_key_blob = sshbuf_from(tmp, tmp_len)) == NULL) -- fatal("sshbuf_from failed"); -- } -- } while (type == SSH2_MSG_KEXGSS_HOSTKEY); -- -- switch (type) { -- case SSH2_MSG_KEXGSS_CONTINUE: -- debug("Received GSSAPI_CONTINUE"); -- if (maj_status == GSS_S_COMPLETE) -- fatal("GSSAPI Continue received from server when complete"); -- if ((r = ssh_gssapi_sshpkt_get_buffer_desc(ssh, -- &recv_tok)) != 0 || -- (r = sshpkt_get_end(ssh)) != 0) -- fatal("Failed to read token: %s", ssh_err(r)); -- break; -- case SSH2_MSG_KEXGSS_COMPLETE: -- debug("Received GSSAPI_COMPLETE"); -- if (msg_tok.value != NULL) -- fatal("Received GSSAPI_COMPLETE twice?"); -- if ((r = sshpkt_getb_froms(ssh, &server_blob)) != 0 || -- (r = ssh_gssapi_sshpkt_get_buffer_desc(ssh, -- &msg_tok)) != 0) -- fatal("Failed to read message: %s", ssh_err(r)); -- -- /* Is there a token included? */ -- if ((r = sshpkt_get_u8(ssh, &c)) != 0) -- fatal("sshpkt failed: %s", ssh_err(r)); -- if (c) { -- if ((r = ssh_gssapi_sshpkt_get_buffer_desc( -- ssh, &recv_tok)) != 0) -- fatal("Failed to read token: %s", ssh_err(r)); -- /* If we're already complete - protocol error */ -- if (maj_status == GSS_S_COMPLETE) -- sshpkt_disconnect(ssh, "Protocol error: received token when complete"); -- } else { -- /* No token included */ -- if (maj_status != GSS_S_COMPLETE) -- sshpkt_disconnect(ssh, "Protocol error: did not receive final token"); -- } -- if ((r = sshpkt_get_end(ssh)) != 0) { -- fatal("Expecting end of packet."); -- } -- break; -- case SSH2_MSG_KEXGSS_ERROR: -- debug("Received Error"); -- if ((r = sshpkt_get_u32(ssh, &maj_status)) != 0 || -- (r = sshpkt_get_u32(ssh, &min_status)) != 0 || -- (r = sshpkt_get_string(ssh, &msg, NULL)) != 0 || -- (r = sshpkt_get_string(ssh, NULL, NULL)) != 0 || /* lang tag */ -- (r = sshpkt_get_end(ssh)) != 0) -- fatal("sshpkt_get failed: %s", ssh_err(r)); -- fatal("GSSAPI Error: \n%.400s", msg); -- default: -- sshpkt_disconnect(ssh, "Protocol error: didn't expect packet type %d", -- type); -- } -- token_ptr = &recv_tok; -- } else { -- /* No data, and not complete */ -- if (maj_status != GSS_S_COMPLETE) -- fatal("Not complete, and no token output"); -- } -- } while (maj_status & GSS_S_CONTINUE_NEEDED); -- - /* - * We _must_ have received a COMPLETE message in reply from the - * server, which will have set server_blob and msg_tok - */ - -- if (type != SSH2_MSG_KEXGSS_COMPLETE) -- fatal("Didn't receive a SSH2_MSG_KEXGSS_COMPLETE when I expected it"); -- - /* compute shared secret */ - switch (kex->kex_type) { - case KEX_GSS_GRP1_SHA1: - case KEX_GSS_GRP14_SHA1: - case KEX_GSS_GRP14_SHA256: - case KEX_GSS_GRP16_SHA512: -- r = kex_dh_dec(kex, server_blob, &shared_secret); -+ r = kex_dh_dec(kex, gss->server_blob, &shared_secret); - break; - case KEX_GSS_C25519_SHA256: -- if (sshbuf_ptr(server_blob)[sshbuf_len(server_blob)] & 0x80) -+ if (sshbuf_ptr(gss->server_blob)[sshbuf_len(gss->server_blob)] & 0x80) - fatal("The received key has MSB of last octet set!"); -- r = kex_c25519_dec(kex, server_blob, &shared_secret); -+ r = kex_c25519_dec(kex, gss->server_blob, &shared_secret); - break; - case KEX_GSS_NISTP256_SHA256: -- if (sshbuf_len(server_blob) != 65) -- fatal("The received NIST-P256 key did not match" -- "expected length (expected 65, got %zu)", sshbuf_len(server_blob)); -+ if (sshbuf_len(gss->server_blob) != 65) -+ fatal("The received NIST-P256 key did not match " -+ "expected length (expected 65, got %zu)", -+ sshbuf_len(gss->server_blob)); - -- if (sshbuf_ptr(server_blob)[0] != POINT_CONVERSION_UNCOMPRESSED) -+ if (sshbuf_ptr(gss->server_blob)[0] != POINT_CONVERSION_UNCOMPRESSED) - fatal("The received NIST-P256 key does not have first octet 0x04"); - -- r = kex_ecdh_dec(kex, server_blob, &shared_secret); -+ r = kex_ecdh_dec(kex, gss->server_blob, &shared_secret); - break; - default: - r = SSH_ERR_INVALID_ARGUMENT; - break; - } -- if (r != 0) -+ if (r != 0) { -+ ssh_gssapi_delete_ctx(&kex->gss); - goto out; -+ } - - if ((empty = sshbuf_new()) == NULL) { -+ ssh_gssapi_delete_ctx(&kex->gss); - r = SSH_ERR_ALLOC_FAIL; - goto out; - } - - hashlen = sizeof(hash); -- if ((r = kex_gen_hash( -- kex->hash_alg, -- kex->client_version, -- kex->server_version, -- kex->my, -- kex->peer, -- (server_host_key_blob ? server_host_key_blob : empty), -- kex->client_pub, -- server_blob, -- shared_secret, -- hash, &hashlen)) != 0) -+ r = kex_gen_hash(kex->hash_alg, kex->client_version, -+ kex->server_version, kex->my, kex->peer, -+ (gss->server_host_key_blob ? gss->server_host_key_blob : empty), -+ kex->client_pub, gss->server_blob, shared_secret, -+ hash, &hashlen); -+ sshbuf_free(empty); -+ if (r != 0) - fatal_f("Unexpected KEX type %d", kex->kex_type); - -- gssbuf.value = hash; -- gssbuf.length = hashlen; -+ gss->buf.value = hash; -+ gss->buf.length = hashlen; - - /* Verify that the hash matches the MIC we just got. */ -- if (GSS_ERROR(ssh_gssapi_checkmic(ctxt, &gssbuf, &msg_tok))) -+ if (GSS_ERROR(ssh_gssapi_checkmic(gss, &gss->buf, &gss->msg_tok))) - sshpkt_disconnect(ssh, "Hash's MIC didn't verify"); - -- gss_release_buffer(&min_status, &msg_tok); -+ gss_release_buffer(&gss->minor, &gss->msg_tok); - - if (kex->gss_deleg_creds) -- ssh_gssapi_credentials_updated(ctxt); -+ ssh_gssapi_credentials_updated(gss); - - if (gss_kex_context == NULL) -- gss_kex_context = ctxt; -+ gss_kex_context = gss; - else -- ssh_gssapi_delete_ctx(&ctxt); -+ ssh_gssapi_delete_ctx(&kex->gss); - - if ((r = kex_derive_keys(ssh, hash, hashlen, shared_secret)) == 0) - r = kex_send_newkeys(ssh); - -+ if (kex->gss != NULL) { -+ sshbuf_free(gss->server_host_key_blob); -+ gss->server_host_key_blob = NULL; -+ sshbuf_free(gss->server_blob); -+ gss->server_blob = NULL; -+ } - out: -- explicit_bzero(hash, sizeof(hash)); - explicit_bzero(kex->c25519_client_key, sizeof(kex->c25519_client_key)); -- sshbuf_free(empty); -- sshbuf_free(server_host_key_blob); -- sshbuf_free(server_blob); -+ explicit_bzero(hash, sizeof(hash)); - sshbuf_free(shared_secret); - sshbuf_free(kex->client_pub); - kex->client_pub = NULL; - return r; - } - -+static int -+kexgss_init_ctx(struct ssh *ssh, -+ gss_buffer_desc *token_ptr) -+{ -+ struct kex *kex = ssh->kex; -+ Gssctxt *gss = kex->gss; -+ gss_buffer_desc send_tok = GSS_C_EMPTY_BUFFER; -+ OM_uint32 ret_flags; -+ int r; -+ -+ debug("Calling gss_init_sec_context"); -+ -+ gss->major = ssh_gssapi_init_ctx(gss, kex->gss_deleg_creds, -+ token_ptr, &send_tok, &ret_flags); -+ -+ if (GSS_ERROR(gss->major)) { -+ /* XXX Useless code: Missing send? */ -+ if (send_tok.length != 0) { -+ if ((r = sshpkt_start(ssh, SSH2_MSG_KEXGSS_CONTINUE)) != 0 || -+ (r = sshpkt_put_string(ssh, send_tok.value, send_tok.length)) != 0) -+ fatal("sshpkt failed: %s", ssh_err(r)); -+ } -+ fatal("gss_init_context failed"); -+ } -+ -+ /* If we've got an old receive buffer get rid of it */ -+ if (token_ptr != GSS_C_NO_BUFFER) -+ gss_release_buffer(&gss->minor, token_ptr); -+ -+ if (gss->major == GSS_S_COMPLETE) { -+ /* If mutual state flag is not true, kex fails */ -+ if (!(ret_flags & GSS_C_MUTUAL_FLAG)) -+ fatal("Mutual authentication failed"); -+ -+ /* If integ avail flag is not true kex fails */ -+ if (!(ret_flags & GSS_C_INTEG_FLAG)) -+ fatal("Integrity check failed"); -+ } -+ -+ /* -+ * If we have data to send, then the last message that we -+ * received cannot have been a 'complete'. -+ */ -+ if (send_tok.length != 0) { -+ if (gss->first) { -+ if ((r = sshpkt_start(ssh, SSH2_MSG_KEXGSS_INIT)) != 0 || -+ (r = sshpkt_put_string(ssh, send_tok.value, send_tok.length)) != 0 || -+ (r = sshpkt_put_stringb(ssh, kex->client_pub)) != 0) -+ fatal("failed to construct packet: %s", ssh_err(r)); -+ gss->first = 0; -+ } else { -+ if ((r = sshpkt_start(ssh, SSH2_MSG_KEXGSS_CONTINUE)) != 0 || -+ (r = sshpkt_put_string(ssh, send_tok.value, send_tok.length)) != 0) -+ fatal("failed to construct packet: %s", ssh_err(r)); -+ } -+ if ((r = sshpkt_send(ssh)) != 0) -+ fatal("failed to send packet: %s", ssh_err(r)); -+ gss_release_buffer(&gss->minor, &send_tok); -+ -+ /* If we've sent them data, they should reply */ -+ ssh_dispatch_set(ssh, SSH2_MSG_KEXGSS_HOSTKEY, &input_kexgss_hostkey); -+ ssh_dispatch_set(ssh, SSH2_MSG_KEXGSS_CONTINUE, &input_kexgss_continue); -+ ssh_dispatch_set(ssh, SSH2_MSG_KEXGSS_COMPLETE, &input_kexgss_complete); -+ ssh_dispatch_set(ssh, SSH2_MSG_KEXGSS_ERROR, &input_kexgss_error); -+ return 0; -+ } -+ /* No data, and not complete */ -+ if (gss->major != GSS_S_COMPLETE) -+ fatal("Not complete, and no token output"); -+ -+ if (gss->major & GSS_S_CONTINUE_NEEDED) -+ return kexgss_init_ctx(ssh, token_ptr); -+ -+ return kexgss_final(ssh); -+} -+ - int --kexgssgex_client(struct ssh *ssh) -+kexgss_client(struct ssh *ssh) - { - struct kex *kex = ssh->kex; -- gss_buffer_desc send_tok = GSS_C_EMPTY_BUFFER, -- recv_tok = GSS_C_EMPTY_BUFFER, gssbuf, -- msg_tok = GSS_C_EMPTY_BUFFER, *token_ptr; -- Gssctxt *ctxt; -- OM_uint32 maj_status, min_status, ret_flags; -- struct sshbuf *shared_secret = NULL; -- BIGNUM *p = NULL; -- BIGNUM *g = NULL; -- struct sshbuf *buf = NULL; -- struct sshbuf *server_host_key_blob = NULL; -- struct sshbuf *server_blob = NULL; -- BIGNUM *dh_server_pub = NULL; -- u_char *msg; -- int type = 0; -- int first = 1; -- u_char hash[SSH_DIGEST_MAX_LENGTH]; -- size_t hashlen; -- const BIGNUM *pub_key, *dh_p, *dh_g; -- int nbits = 0, min = DH_GRP_MIN, max = DH_GRP_MAX; -- struct sshbuf *empty = NULL; -- u_char c; - int r; - - /* Initialise our GSSAPI world */ -- ssh_gssapi_build_ctx(&ctxt); -- if (ssh_gssapi_id_kex(ctxt, kex->name, kex->kex_type) -- == GSS_C_NO_OID) -+ ssh_gssapi_build_ctx(&kex->gss); -+ if (ssh_gssapi_id_kex(kex->gss, kex->name, kex->kex_type) == GSS_C_NO_OID) - fatal("Couldn't identify host exchange"); - -- if (ssh_gssapi_import_name(ctxt, kex->gss_host)) -+ if (ssh_gssapi_import_name(kex->gss, kex->gss_host)) - fatal("Couldn't import hostname"); - - if (kex->gss_client && -- ssh_gssapi_client_identity(ctxt, kex->gss_client)) -+ ssh_gssapi_client_identity(kex->gss, kex->gss_client)) - fatal("Couldn't acquire client credentials"); - -- debug("Doing group exchange"); -- nbits = dh_estimate(kex->dh_need * 8); -+ /* Step 1 */ -+ switch (kex->kex_type) { -+ case KEX_GSS_GRP1_SHA1: -+ case KEX_GSS_GRP14_SHA1: -+ case KEX_GSS_GRP14_SHA256: -+ case KEX_GSS_GRP16_SHA512: -+ r = kex_dh_keypair(kex); -+ break; -+ case KEX_GSS_NISTP256_SHA256: -+ r = kex_ecdh_keypair(kex); -+ break; -+ case KEX_GSS_C25519_SHA256: -+ r = kex_c25519_keypair(kex); -+ break; -+ default: -+ fatal_f("Unexpected KEX type %d", kex->kex_type); -+ } -+ if (r != 0) { -+ ssh_gssapi_delete_ctx(&kex->gss); -+ return r; -+ } -+ return kexgss_init_ctx(ssh, GSS_C_NO_BUFFER); -+} - -- kex->min = DH_GRP_MIN; -- kex->max = DH_GRP_MAX; -- kex->nbits = nbits; -- if ((r = sshpkt_start(ssh, SSH2_MSG_KEXGSS_GROUPREQ)) != 0 || -- (r = sshpkt_put_u32(ssh, min)) != 0 || -- (r = sshpkt_put_u32(ssh, nbits)) != 0 || -- (r = sshpkt_put_u32(ssh, max)) != 0 || -- (r = sshpkt_send(ssh)) != 0) -- fatal("Failed to construct a packet: %s", ssh_err(r)); -+static int -+input_kexgss_hostkey(int type, -+ u_int32_t seq, -+ struct ssh *ssh) -+{ -+ Gssctxt *gss = ssh->kex->gss; -+ u_char *tmp = NULL; -+ size_t tmp_len = 0; -+ int r; -+ -+ debug("Received KEXGSS_HOSTKEY"); -+ if (gss->server_host_key_blob) -+ fatal("Server host key received more than once"); -+ if ((r = sshpkt_get_string(ssh, &tmp, &tmp_len)) != 0) -+ fatal("Failed to read server host key: %s", ssh_err(r)); -+ if ((gss->server_host_key_blob = sshbuf_from(tmp, tmp_len)) == NULL) -+ fatal("sshbuf_from failed"); -+ return 0; -+} - -- if ((r = ssh_packet_read_expect(ssh, SSH2_MSG_KEXGSS_GROUP)) != 0) -- fatal("Error: %s", ssh_err(r)); -+static int -+input_kexgss_continue(int type, -+ u_int32_t seq, -+ struct ssh *ssh) -+{ -+ Gssctxt *gss = ssh->kex->gss; -+ gss_buffer_desc recv_tok = GSS_C_EMPTY_BUFFER; -+ int r; - -- if ((r = sshpkt_get_bignum2(ssh, &p)) != 0 || -- (r = sshpkt_get_bignum2(ssh, &g)) != 0 || -+ ssh_dispatch_set(ssh, SSH2_MSG_KEXGSS_HOSTKEY, NULL); -+ ssh_dispatch_set(ssh, SSH2_MSG_KEXGSS_CONTINUE, NULL); -+ ssh_dispatch_set(ssh, SSH2_MSG_KEXGSS_COMPLETE, NULL); -+ ssh_dispatch_set(ssh, SSH2_MSG_KEXGSS_ERROR, NULL); -+ -+ debug("Received GSSAPI_CONTINUE"); -+ if (gss->major == GSS_S_COMPLETE) -+ fatal("GSSAPI Continue received from server when complete"); -+ if ((r = ssh_gssapi_sshpkt_get_buffer_desc(ssh, &recv_tok)) != 0 || - (r = sshpkt_get_end(ssh)) != 0) -- fatal("shpkt_get_bignum2 failed: %s", ssh_err(r)); -+ fatal("Failed to read token: %s", ssh_err(r)); -+ if (!(gss->major & GSS_S_CONTINUE_NEEDED)) -+ fatal("Didn't receive a SSH2_MSG_KEXGSS_COMPLETE when I expected it"); -+ return kexgss_init_ctx(ssh, &recv_tok); -+} - -- if (BN_num_bits(p) < min || BN_num_bits(p) > max) -- fatal("GSSGRP_GEX group out of range: %d !< %d !< %d", -- min, BN_num_bits(p), max); -+static int -+input_kexgss_complete(int type, -+ u_int32_t seq, -+ struct ssh *ssh) -+{ -+ Gssctxt *gss = ssh->kex->gss; -+ gss_buffer_desc recv_tok = GSS_C_EMPTY_BUFFER; -+ u_char c; -+ int r; - -- if ((kex->dh = dh_new_group(g, p)) == NULL) -- fatal("dn_new_group() failed"); -- p = g = NULL; /* belong to kex->dh now */ -+ ssh_dispatch_set(ssh, SSH2_MSG_KEXGSS_HOSTKEY, NULL); -+ ssh_dispatch_set(ssh, SSH2_MSG_KEXGSS_CONTINUE, NULL); -+ ssh_dispatch_set(ssh, SSH2_MSG_KEXGSS_COMPLETE, NULL); -+ ssh_dispatch_set(ssh, SSH2_MSG_KEXGSS_ERROR, NULL); -+ -+ debug("Received GSSAPI_COMPLETE"); -+ if (gss->msg_tok.value != NULL) -+ fatal("Received GSSAPI_COMPLETE twice?"); -+ if ((r = sshpkt_getb_froms(ssh, &gss->server_blob)) != 0 || -+ (r = ssh_gssapi_sshpkt_get_buffer_desc(ssh, &gss->msg_tok)) != 0) -+ fatal("Failed to read message: %s", ssh_err(r)); -+ -+ /* Is there a token included? */ -+ if ((r = sshpkt_get_u8(ssh, &c)) != 0) -+ fatal("sshpkt failed: %s", ssh_err(r)); -+ if (c) { -+ if ((r = ssh_gssapi_sshpkt_get_buffer_desc(ssh, &recv_tok)) != 0) -+ fatal("Failed to read token: %s", ssh_err(r)); -+ /* If we're already complete - protocol error */ -+ if (gss->major == GSS_S_COMPLETE) -+ sshpkt_disconnect(ssh, "Protocol error: received token when complete"); -+ } else { -+ if (gss->major != GSS_S_COMPLETE) -+ sshpkt_disconnect(ssh, "Protocol error: did not receive final token"); -+ } -+ if ((r = sshpkt_get_end(ssh)) != 0) -+ fatal("Expecting end of packet."); - -- if ((r = dh_gen_key(kex->dh, kex->we_need * 8)) != 0) -- goto out; -- DH_get0_key(kex->dh, &pub_key, NULL); -+ if (gss->major & GSS_S_CONTINUE_NEEDED) -+ return kexgss_init_ctx(ssh, &recv_tok); - -- token_ptr = GSS_C_NO_BUFFER; -+ return kexgss_final(ssh); -+} - -- do { -- /* Step 2 - call GSS_Init_sec_context() */ -- debug("Calling gss_init_sec_context"); -- -- maj_status = ssh_gssapi_init_ctx(ctxt, -- kex->gss_deleg_creds, token_ptr, &send_tok, -- &ret_flags); -- -- if (GSS_ERROR(maj_status)) { -- /* XXX Useles code: Missing send? */ -- if (send_tok.length != 0) { -- if ((r = sshpkt_start(ssh, -- SSH2_MSG_KEXGSS_CONTINUE)) != 0 || -- (r = sshpkt_put_string(ssh, send_tok.value, -- send_tok.length)) != 0) -- fatal("sshpkt failed: %s", ssh_err(r)); -- } -- fatal("gss_init_context failed"); -- } -+static int -+input_kexgss_error(int type, -+ u_int32_t seq, -+ struct ssh *ssh) -+{ -+ Gssctxt *gss = ssh->kex->gss; -+ u_char *msg; -+ int r; - -- /* If we've got an old receive buffer get rid of it */ -- if (token_ptr != GSS_C_NO_BUFFER) -- gss_release_buffer(&min_status, &recv_tok); -- -- if (maj_status == GSS_S_COMPLETE) { -- /* If mutual state flag is not true, kex fails */ -- if (!(ret_flags & GSS_C_MUTUAL_FLAG)) -- fatal("Mutual authentication failed"); -- -- /* If integ avail flag is not true kex fails */ -- if (!(ret_flags & GSS_C_INTEG_FLAG)) -- fatal("Integrity check failed"); -- } -+ debug("Received Error"); -+ if ((r = sshpkt_get_u32(ssh, &gss->major)) != 0 || -+ (r = sshpkt_get_u32(ssh, &gss->minor)) != 0 || -+ (r = sshpkt_get_string(ssh, &msg, NULL)) != 0 || -+ (r = sshpkt_get_string(ssh, NULL, NULL)) != 0 || /* lang tag */ -+ (r = sshpkt_get_end(ssh)) != 0) -+ fatal("sshpkt_get failed: %s", ssh_err(r)); -+ fatal("GSSAPI Error: \n%.400s", msg); -+ return 0; -+} - -- /* -- * If we have data to send, then the last message that we -- * received cannot have been a 'complete'. -- */ -- if (send_tok.length != 0) { -- if (first) { -- if ((r = sshpkt_start(ssh, SSH2_MSG_KEXGSS_INIT)) != 0 || -- (r = sshpkt_put_string(ssh, send_tok.value, -- send_tok.length)) != 0 || -- (r = sshpkt_put_bignum2(ssh, pub_key)) != 0) -- fatal("sshpkt failed: %s", ssh_err(r)); -- first = 0; -- } else { -- if ((r = sshpkt_start(ssh, SSH2_MSG_KEXGSS_CONTINUE)) != 0 || -- (r = sshpkt_put_string(ssh,send_tok.value, -- send_tok.length)) != 0) -- fatal("sshpkt failed: %s", ssh_err(r)); -- } -- if ((r = sshpkt_send(ssh)) != 0) -- fatal("sshpkt_send failed: %s", ssh_err(r)); -- gss_release_buffer(&min_status, &send_tok); -- -- /* If we've sent them data, they should reply */ -- do { -- type = ssh_packet_read(ssh); -- if (type == SSH2_MSG_KEXGSS_HOSTKEY) { -- u_char *tmp = NULL; -- size_t tmp_len = 0; -- -- debug("Received KEXGSS_HOSTKEY"); -- if (server_host_key_blob) -- fatal("Server host key received more than once"); -- if ((r = sshpkt_get_string(ssh, &tmp, &tmp_len)) != 0) -- fatal("sshpkt failed: %s", ssh_err(r)); -- if ((server_host_key_blob = sshbuf_from(tmp, tmp_len)) == NULL) -- fatal("sshbuf_from failed"); -- } -- } while (type == SSH2_MSG_KEXGSS_HOSTKEY); -- -- switch (type) { -- case SSH2_MSG_KEXGSS_CONTINUE: -- debug("Received GSSAPI_CONTINUE"); -- if (maj_status == GSS_S_COMPLETE) -- fatal("GSSAPI Continue received from server when complete"); -- if ((r = ssh_gssapi_sshpkt_get_buffer_desc(ssh, -- &recv_tok)) != 0 || -- (r = sshpkt_get_end(ssh)) != 0) -- fatal("sshpkt failed: %s", ssh_err(r)); -- break; -- case SSH2_MSG_KEXGSS_COMPLETE: -- debug("Received GSSAPI_COMPLETE"); -- if (msg_tok.value != NULL) -- fatal("Received GSSAPI_COMPLETE twice?"); -- if ((r = sshpkt_getb_froms(ssh, &server_blob)) != 0 || -- (r = ssh_gssapi_sshpkt_get_buffer_desc(ssh, -- &msg_tok)) != 0) -- fatal("sshpkt failed: %s", ssh_err(r)); -- -- /* Is there a token included? */ -- if ((r = sshpkt_get_u8(ssh, &c)) != 0) -- fatal("sshpkt failed: %s", ssh_err(r)); -- if (c) { -- if ((r = ssh_gssapi_sshpkt_get_buffer_desc( -- ssh, &recv_tok)) != 0 || -- (r = sshpkt_get_end(ssh)) != 0) -- fatal("sshpkt failed: %s", ssh_err(r)); -- /* If we're already complete - protocol error */ -- if (maj_status == GSS_S_COMPLETE) -- sshpkt_disconnect(ssh, "Protocol error: received token when complete"); -- } else { -- /* No token included */ -- if (maj_status != GSS_S_COMPLETE) -- sshpkt_disconnect(ssh, "Protocol error: did not receive final token"); -- } -- break; -- case SSH2_MSG_KEXGSS_ERROR: -- debug("Received Error"); -- if ((r = sshpkt_get_u32(ssh, &maj_status)) != 0 || -- (r = sshpkt_get_u32(ssh, &min_status)) != 0 || -- (r = sshpkt_get_string(ssh, &msg, NULL)) != 0 || -- (r = sshpkt_get_string(ssh, NULL, NULL)) != 0 || /* lang tag */ -- (r = sshpkt_get_end(ssh)) != 0) -- fatal("sshpkt failed: %s", ssh_err(r)); -- fatal("GSSAPI Error: \n%.400s", msg); -- default: -- sshpkt_disconnect(ssh, "Protocol error: didn't expect packet type %d", -- type); -- } -- token_ptr = &recv_tok; -- } else { -- /* No data, and not complete */ -- if (maj_status != GSS_S_COMPLETE) -- fatal("Not complete, and no token output"); -- } -- } while (maj_status & GSS_S_CONTINUE_NEEDED); -+/*******************************************************/ -+/******************** KEXGSSGEX ************************/ -+/*******************************************************/ -+ -+int -+kexgssgex_client(struct ssh *ssh) -+{ -+ struct kex *kex = ssh->kex; -+ int r; -+ -+ /* Initialise our GSSAPI world */ -+ ssh_gssapi_build_ctx(&kex->gss); -+ if (ssh_gssapi_id_kex(kex->gss, kex->name, kex->kex_type) == GSS_C_NO_OID) -+ fatal("Couldn't identify host exchange"); -+ -+ if (ssh_gssapi_import_name(kex->gss, kex->gss_host)) -+ fatal("Couldn't import hostname"); -+ -+ if (kex->gss_client && -+ ssh_gssapi_client_identity(kex->gss, kex->gss_client)) -+ fatal("Couldn't acquire client credentials"); -+ -+ debug("Doing group exchange"); -+ kex->min = DH_GRP_MIN; -+ kex->max = DH_GRP_MAX; -+ kex->nbits = dh_estimate(kex->dh_need * 8); -+ -+ if ((r = sshpkt_start(ssh, SSH2_MSG_KEXGSS_GROUPREQ)) != 0 || -+ (r = sshpkt_put_u32(ssh, kex->min)) != 0 || -+ (r = sshpkt_put_u32(ssh, kex->nbits)) != 0 || -+ (r = sshpkt_put_u32(ssh, kex->max)) != 0 || -+ (r = sshpkt_send(ssh)) != 0) -+ fatal("Failed to construct a packet: %s", ssh_err(r)); -+ -+ debug("Wait SSH2_MSG_KEXGSS_GROUP"); -+ ssh_dispatch_set(ssh, SSH2_MSG_KEXGSS_GROUP, &input_kexgssgex_group); -+ return 0; -+} -+ -+static int -+kexgssgex_final(struct ssh *ssh) -+{ -+ struct kex *kex = ssh->kex; -+ Gssctxt *gss = kex->gss; -+ struct sshbuf *buf = NULL; -+ struct sshbuf *empty = NULL; -+ struct sshbuf *shared_secret = NULL; -+ BIGNUM *dh_server_pub = NULL; -+ const BIGNUM *pub_key, *dh_p, *dh_g; -+ u_char hash[SSH_DIGEST_MAX_LENGTH]; -+ size_t hashlen; -+ int r = SSH_ERR_INTERNAL_ERROR; - - /* - * We _must_ have received a COMPLETE message in reply from the -- * server, which will have set dh_server_pub and msg_tok -+ * server, which will have set server_blob and msg_tok - */ - -- if (type != SSH2_MSG_KEXGSS_COMPLETE) -- fatal("Didn't receive a SSH2_MSG_KEXGSS_COMPLETE when I expected it"); -- - /* 7. C verifies that the key Q_S is valid */ - /* 8. C computes shared secret */ - if ((buf = sshbuf_new()) == NULL || -- (r = sshbuf_put_stringb(buf, server_blob)) != 0 || -- (r = sshbuf_get_bignum2(buf, &dh_server_pub)) != 0) -+ (r = sshbuf_put_stringb(buf, gss->server_blob)) != 0 || -+ (r = sshbuf_get_bignum2(buf, &dh_server_pub)) != 0) { -+ ssh_gssapi_delete_ctx(&kex->gss); - goto out; -+ } - sshbuf_free(buf); - buf = NULL; - - if ((shared_secret = sshbuf_new()) == NULL) { -+ ssh_gssapi_delete_ctx(&kex->gss); - r = SSH_ERR_ALLOC_FAIL; - goto out; - } - -- if ((r = kex_dh_compute_key(kex, dh_server_pub, shared_secret)) != 0) -+ if ((r = kex_dh_compute_key(kex, dh_server_pub, shared_secret)) != 0) { -+ ssh_gssapi_delete_ctx(&kex->gss); - goto out; -+ } -+ - if ((empty = sshbuf_new()) == NULL) { -+ ssh_gssapi_delete_ctx(&kex->gss); - r = SSH_ERR_ALLOC_FAIL; - goto out; - } - -+ DH_get0_key(kex->dh, &pub_key, NULL); - DH_get0_pqg(kex->dh, &dh_p, NULL, &dh_g); - hashlen = sizeof(hash); -- if ((r = kexgex_hash( -- kex->hash_alg, -- kex->client_version, -- kex->server_version, -- kex->my, -- kex->peer, -- (server_host_key_blob ? server_host_key_blob : empty), -- kex->min, kex->nbits, kex->max, -- dh_p, dh_g, -- pub_key, -- dh_server_pub, -- sshbuf_ptr(shared_secret), sshbuf_len(shared_secret), -- hash, &hashlen)) != 0) -+ r = kexgex_hash(kex->hash_alg, kex->client_version, -+ kex->server_version, kex->my, kex->peer, -+ (gss->server_host_key_blob ? gss->server_host_key_blob : empty), -+ kex->min, kex->nbits, kex->max, dh_p, dh_g, pub_key, -+ dh_server_pub, sshbuf_ptr(shared_secret), sshbuf_len(shared_secret), -+ hash, &hashlen); -+ sshbuf_free(empty); -+ if (r != 0) - fatal("Failed to calculate hash: %s", ssh_err(r)); - -- gssbuf.value = hash; -- gssbuf.length = hashlen; -+ gss->buf.value = hash; -+ gss->buf.length = hashlen; - - /* Verify that the hash matches the MIC we just got. */ -- if (GSS_ERROR(ssh_gssapi_checkmic(ctxt, &gssbuf, &msg_tok))) -+ if (GSS_ERROR(ssh_gssapi_checkmic(gss, &gss->buf, &gss->msg_tok))) - sshpkt_disconnect(ssh, "Hash's MIC didn't verify"); - -- gss_release_buffer(&min_status, &msg_tok); -+ gss_release_buffer(&gss->minor, &gss->msg_tok); - - if (kex->gss_deleg_creds) -- ssh_gssapi_credentials_updated(ctxt); -+ ssh_gssapi_credentials_updated(gss); - - if (gss_kex_context == NULL) -- gss_kex_context = ctxt; -+ gss_kex_context = gss; - else -- ssh_gssapi_delete_ctx(&ctxt); -+ ssh_gssapi_delete_ctx(&kex->gss); - - /* Finally derive the keys and send them */ - if ((r = kex_derive_keys(ssh, hash, hashlen, shared_secret)) == 0) - r = kex_send_newkeys(ssh); -+ -+ if (kex->gss != NULL) { -+ sshbuf_free(gss->server_host_key_blob); -+ gss->server_host_key_blob = NULL; -+ sshbuf_free(gss->server_blob); -+ gss->server_blob = NULL; -+ } - out: -- sshbuf_free(buf); -- sshbuf_free(server_blob); -- sshbuf_free(empty); - explicit_bzero(hash, sizeof(hash)); - DH_free(kex->dh); - kex->dh = NULL; - BN_clear_free(dh_server_pub); - sshbuf_free(shared_secret); -- sshbuf_free(server_host_key_blob); - return r; - } - -+static int -+kexgssgex_init_ctx(struct ssh *ssh, -+ gss_buffer_desc *token_ptr) -+{ -+ struct kex *kex = ssh->kex; -+ Gssctxt *gss = kex->gss; -+ const BIGNUM *pub_key; -+ gss_buffer_desc send_tok = GSS_C_EMPTY_BUFFER; -+ OM_uint32 ret_flags; -+ int r; -+ -+ /* Step 2 - call GSS_Init_sec_context() */ -+ debug("Calling gss_init_sec_context"); -+ -+ gss->major = ssh_gssapi_init_ctx(gss, kex->gss_deleg_creds, -+ token_ptr, &send_tok, &ret_flags); -+ -+ if (GSS_ERROR(gss->major)) { -+ /* XXX Useless code: Missing send? */ -+ if (send_tok.length != 0) { -+ if ((r = sshpkt_start(ssh, SSH2_MSG_KEXGSS_CONTINUE)) != 0 || -+ (r = sshpkt_put_string(ssh, send_tok.value, send_tok.length)) != 0) -+ fatal("sshpkt failed: %s", ssh_err(r)); -+ } -+ fatal("gss_init_context failed"); -+ } -+ -+ /* If we've got an old receive buffer get rid of it */ -+ if (token_ptr != GSS_C_NO_BUFFER) -+ gss_release_buffer(&gss->minor, token_ptr); -+ -+ if (gss->major == GSS_S_COMPLETE) { -+ /* If mutual state flag is not true, kex fails */ -+ if (!(ret_flags & GSS_C_MUTUAL_FLAG)) -+ fatal("Mutual authentication failed"); -+ -+ /* If integ avail flag is not true kex fails */ -+ if (!(ret_flags & GSS_C_INTEG_FLAG)) -+ fatal("Integrity check failed"); -+ } -+ -+ /* -+ * If we have data to send, then the last message that we -+ * received cannot have been a 'complete'. -+ */ -+ if (send_tok.length != 0) { -+ if (gss->first) { -+ DH_get0_key(kex->dh, &pub_key, NULL); -+ if ((r = sshpkt_start(ssh, SSH2_MSG_KEXGSS_INIT)) != 0 || -+ (r = sshpkt_put_string(ssh, send_tok.value, send_tok.length)) != 0 || -+ (r = sshpkt_put_bignum2(ssh, pub_key)) != 0) -+ fatal("failed to construct packet: %s", ssh_err(r)); -+ gss->first = 0; -+ } else { -+ if ((r = sshpkt_start(ssh, SSH2_MSG_KEXGSS_CONTINUE)) != 0 || -+ (r = sshpkt_put_string(ssh, send_tok.value, send_tok.length)) != 0) -+ fatal("failed to construct packet: %s", ssh_err(r)); -+ } -+ if ((r = sshpkt_send(ssh)) != 0) -+ fatal("failed to send packet: %s", ssh_err(r)); -+ gss_release_buffer(&gss->minor, &send_tok); -+ -+ /* If we've sent them data, they should reply */ -+ ssh_dispatch_set(ssh, SSH2_MSG_KEXGSS_HOSTKEY, &input_kexgss_hostkey); -+ ssh_dispatch_set(ssh, SSH2_MSG_KEXGSS_CONTINUE, &input_kexgssgex_continue); -+ ssh_dispatch_set(ssh, SSH2_MSG_KEXGSS_COMPLETE, &input_kexgssgex_complete); -+ ssh_dispatch_set(ssh, SSH2_MSG_KEXGSS_ERROR, &input_kexgss_error); -+ return 0; -+ } -+ /* No data, and not complete */ -+ if (gss->major != GSS_S_COMPLETE) -+ fatal("Not complete, and no token output"); -+ -+ if (gss->major & GSS_S_CONTINUE_NEEDED) -+ return kexgssgex_init_ctx(ssh, token_ptr); -+ -+ return kexgssgex_final(ssh); -+} -+ -+static int -+input_kexgssgex_group(int type, -+ u_int32_t seq, -+ struct ssh *ssh) -+{ -+ struct kex *kex = ssh->kex; -+ BIGNUM *p = NULL; -+ BIGNUM *g = NULL; -+ int r; -+ -+ debug("Received SSH2_MSG_KEXGSS_GROUP"); -+ ssh_dispatch_set(ssh, SSH2_MSG_KEXGSS_GROUP, NULL); -+ -+ if ((r = sshpkt_get_bignum2(ssh, &p)) != 0 || -+ (r = sshpkt_get_bignum2(ssh, &g)) != 0 || -+ (r = sshpkt_get_end(ssh)) != 0) -+ fatal("shpkt_get_bignum2 failed: %s", ssh_err(r)); -+ -+ if (BN_num_bits(p) < kex->min || BN_num_bits(p) > kex->max) -+ fatal("GSSGRP_GEX group out of range: %d !< %d !< %d", -+ kex->min, BN_num_bits(p), kex->max); -+ -+ if ((kex->dh = dh_new_group(g, p)) == NULL) -+ fatal("dn_new_group() failed"); -+ p = g = NULL; /* belong to kex->dh now */ -+ -+ if ((r = dh_gen_key(kex->dh, kex->we_need * 8)) != 0) { -+ ssh_gssapi_delete_ctx(&kex->gss); -+ DH_free(kex->dh); -+ kex->dh = NULL; -+ return r; -+ } -+ -+ return kexgssgex_init_ctx(ssh, GSS_C_NO_BUFFER); -+} -+ -+static int -+input_kexgssgex_continue(int type, -+ u_int32_t seq, -+ struct ssh *ssh) -+{ -+ Gssctxt *gss = ssh->kex->gss; -+ gss_buffer_desc recv_tok = GSS_C_EMPTY_BUFFER; -+ int r; -+ -+ ssh_dispatch_set(ssh, SSH2_MSG_KEXGSS_HOSTKEY, NULL); -+ ssh_dispatch_set(ssh, SSH2_MSG_KEXGSS_CONTINUE, NULL); -+ ssh_dispatch_set(ssh, SSH2_MSG_KEXGSS_COMPLETE, NULL); -+ ssh_dispatch_set(ssh, SSH2_MSG_KEXGSS_ERROR, NULL); -+ -+ debug("Received GSSAPI_CONTINUE"); -+ if (gss->major == GSS_S_COMPLETE) -+ fatal("GSSAPI Continue received from server when complete"); -+ if ((r = ssh_gssapi_sshpkt_get_buffer_desc(ssh, &recv_tok)) != 0 || -+ (r = sshpkt_get_end(ssh)) != 0) -+ fatal("Failed to read token: %s", ssh_err(r)); -+ if (!(gss->major & GSS_S_CONTINUE_NEEDED)) -+ fatal("Didn't receive a SSH2_MSG_KEXGSS_COMPLETE when I expected it"); -+ return kexgssgex_init_ctx(ssh, &recv_tok); -+} -+ -+static int -+input_kexgssgex_complete(int type, -+ u_int32_t seq, -+ struct ssh *ssh) -+{ -+ Gssctxt *gss = ssh->kex->gss; -+ gss_buffer_desc recv_tok = GSS_C_EMPTY_BUFFER; -+ u_char c; -+ int r; -+ -+ ssh_dispatch_set(ssh, SSH2_MSG_KEXGSS_HOSTKEY, NULL); -+ ssh_dispatch_set(ssh, SSH2_MSG_KEXGSS_CONTINUE, NULL); -+ ssh_dispatch_set(ssh, SSH2_MSG_KEXGSS_COMPLETE, NULL); -+ ssh_dispatch_set(ssh, SSH2_MSG_KEXGSS_ERROR, NULL); -+ -+ debug("Received GSSAPI_COMPLETE"); -+ if (gss->msg_tok.value != NULL) -+ fatal("Received GSSAPI_COMPLETE twice?"); -+ if ((r = sshpkt_getb_froms(ssh, &gss->server_blob)) != 0 || -+ (r = ssh_gssapi_sshpkt_get_buffer_desc(ssh, &gss->msg_tok)) != 0) -+ fatal("Failed to read message: %s", ssh_err(r)); -+ -+ /* Is there a token included? */ -+ if ((r = sshpkt_get_u8(ssh, &c)) != 0) -+ fatal("sshpkt failed: %s", ssh_err(r)); -+ if (c) { -+ if ((r = ssh_gssapi_sshpkt_get_buffer_desc(ssh, &recv_tok)) != 0) -+ fatal("Failed to read token: %s", ssh_err(r)); -+ /* If we're already complete - protocol error */ -+ if (gss->major == GSS_S_COMPLETE) -+ sshpkt_disconnect(ssh, "Protocol error: received token when complete"); -+ } else { -+ if (gss->major != GSS_S_COMPLETE) -+ sshpkt_disconnect(ssh, "Protocol error: did not receive final token"); -+ } -+ if ((r = sshpkt_get_end(ssh)) != 0) -+ fatal("Expecting end of packet."); -+ -+ if (gss->major & GSS_S_CONTINUE_NEEDED) -+ return kexgssgex_init_ctx(ssh, &recv_tok); -+ -+ return kexgssgex_final(ssh); -+} -+ - #endif /* defined(GSSAPI) && defined(WITH_OPENSSL) */ -diff --color -ruNp a/kexgsss.c b/kexgsss.c ---- a/kexgsss.c 2024-05-16 15:49:43.820407648 +0200 -+++ b/kexgsss.c 2024-07-02 16:29:05.744790839 +0200 -@@ -50,33 +50,18 @@ - - extern ServerOptions options; - -+static int input_kexgss_init(int, u_int32_t, struct ssh *); -+static int input_kexgss_continue(int, u_int32_t, struct ssh *); -+static int input_kexgssgex_groupreq(int, u_int32_t, struct ssh *); -+static int input_kexgssgex_init(int, u_int32_t, struct ssh *); -+static int input_kexgssgex_continue(int, u_int32_t, struct ssh *); -+ - int - kexgss_server(struct ssh *ssh) - { - struct kex *kex = ssh->kex; -- OM_uint32 maj_status, min_status; -- -- /* -- * Some GSSAPI implementations use the input value of ret_flags (an -- * output variable) as a means of triggering mechanism specific -- * features. Initializing it to zero avoids inadvertently -- * activating this non-standard behaviour. -- */ -- -- OM_uint32 ret_flags = 0; -- gss_buffer_desc gssbuf = {0, NULL}, recv_tok, msg_tok; -- gss_buffer_desc send_tok = GSS_C_EMPTY_BUFFER; -- Gssctxt *ctxt = NULL; -- struct sshbuf *shared_secret = NULL; -- struct sshbuf *client_pubkey = NULL; -- struct sshbuf *server_pubkey = NULL; -- struct sshbuf *empty = sshbuf_new(); -- int type = 0; - gss_OID oid; - char *mechs; -- u_char hash[SSH_DIGEST_MAX_LENGTH]; -- size_t hashlen; -- int r; - - /* Initialise GSSAPI */ - -@@ -92,135 +77,91 @@ kexgss_server(struct ssh *ssh) - debug2_f("Identifying %s", kex->name); - oid = ssh_gssapi_id_kex(NULL, kex->name, kex->kex_type); - if (oid == GSS_C_NO_OID) -- fatal("Unknown gssapi mechanism"); -+ fatal("Unknown gssapi mechanism"); - - debug2_f("Acquiring credentials"); - -- if (GSS_ERROR(mm_ssh_gssapi_server_ctx(&ctxt, oid))) -+ if (GSS_ERROR(mm_ssh_gssapi_server_ctx(&kex->gss, oid))) - fatal("Unable to acquire credentials for the server"); - -- do { -- debug("Wait SSH2_MSG_KEXGSS_INIT"); -- type = ssh_packet_read(ssh); -- switch(type) { -- case SSH2_MSG_KEXGSS_INIT: -- if (gssbuf.value != NULL) -- fatal("Received KEXGSS_INIT after initialising"); -- if ((r = ssh_gssapi_sshpkt_get_buffer_desc(ssh, -- &recv_tok)) != 0 || -- (r = sshpkt_getb_froms(ssh, &client_pubkey)) != 0 || -- (r = sshpkt_get_end(ssh)) != 0) -- fatal("sshpkt failed: %s", ssh_err(r)); -+ ssh_gssapi_build_ctx(&kex->gss); -+ if (kex->gss == NULL) -+ fatal("Unable to allocate memory for gss context"); -+ -+ ssh_dispatch_set(ssh, SSH2_MSG_KEXGSS_INIT, &input_kexgss_init); -+ ssh_dispatch_set(ssh, SSH2_MSG_KEXGSS_CONTINUE, &input_kexgss_continue); -+ debug("Wait SSH2_MSG_KEXGSS_INIT"); -+ return 0; -+} - -- switch (kex->kex_type) { -- case KEX_GSS_GRP1_SHA1: -- case KEX_GSS_GRP14_SHA1: -- case KEX_GSS_GRP14_SHA256: -- case KEX_GSS_GRP16_SHA512: -- r = kex_dh_enc(kex, client_pubkey, &server_pubkey, -- &shared_secret); -- break; -- case KEX_GSS_NISTP256_SHA256: -- r = kex_ecdh_enc(kex, client_pubkey, &server_pubkey, -- &shared_secret); -- break; -- case KEX_GSS_C25519_SHA256: -- r = kex_c25519_enc(kex, client_pubkey, &server_pubkey, -- &shared_secret); -- break; -- default: -- fatal_f("Unexpected KEX type %d", kex->kex_type); -- } -- if (r != 0) -- goto out; -- -- /* Send SSH_MSG_KEXGSS_HOSTKEY here, if we want */ -- -- /* Calculate the hash early so we can free the -- * client_pubkey, which has reference to the parent -- * buffer state->incoming_packet -- */ -- hashlen = sizeof(hash); -- if ((r = kex_gen_hash( -- kex->hash_alg, -- kex->client_version, -- kex->server_version, -- kex->peer, -- kex->my, -- empty, -- client_pubkey, -- server_pubkey, -- shared_secret, -- hash, &hashlen)) != 0) -- goto out; -- -- gssbuf.value = hash; -- gssbuf.length = hashlen; -- -- sshbuf_free(client_pubkey); -- client_pubkey = NULL; -- -- break; -- case SSH2_MSG_KEXGSS_CONTINUE: -- if ((r = ssh_gssapi_sshpkt_get_buffer_desc(ssh, -- &recv_tok)) != 0 || -- (r = sshpkt_get_end(ssh)) != 0) -- fatal("sshpkt failed: %s", ssh_err(r)); -- break; -- default: -- sshpkt_disconnect(ssh, -- "Protocol error: didn't expect packet type %d", -- type); -- } -+static inline void -+kexgss_accept_ctx(struct ssh *ssh, -+ gss_buffer_desc *recv_tok, -+ gss_buffer_desc *send_tok, -+ OM_uint32 *ret_flags) -+{ -+ Gssctxt *gss = ssh->kex->gss; -+ int r; - -- maj_status = mm_ssh_gssapi_accept_ctx(ctxt, &recv_tok, -- &send_tok, &ret_flags); -+ gss->major = mm_ssh_gssapi_accept_ctx(gss, recv_tok, send_tok, ret_flags); -+ gss_release_buffer(&gss->minor, recv_tok); - -- gss_release_buffer(&min_status, &recv_tok); -+ if (gss->major != GSS_S_COMPLETE && send_tok->length == 0) -+ fatal("Zero length token output when incomplete"); - -- if (maj_status != GSS_S_COMPLETE && send_tok.length == 0) -- fatal("Zero length token output when incomplete"); -+ if (gss->buf.value == NULL) -+ fatal("No client public key"); - -- if (gssbuf.value == NULL) -- fatal("No client public key"); -+ if (gss->major & GSS_S_CONTINUE_NEEDED) { -+ debug("Sending GSSAPI_CONTINUE"); -+ if ((r = sshpkt_start(ssh, SSH2_MSG_KEXGSS_CONTINUE)) != 0 || -+ (r = sshpkt_put_string(ssh, send_tok->value, send_tok->length)) != 0 || -+ (r = sshpkt_send(ssh)) != 0) -+ fatal("sshpkt failed: %s", ssh_err(r)); -+ gss_release_buffer(&gss->minor, send_tok); -+ } -+} - -- if (maj_status & GSS_S_CONTINUE_NEEDED) { -- debug("Sending GSSAPI_CONTINUE"); -- if ((r = sshpkt_start(ssh, SSH2_MSG_KEXGSS_CONTINUE)) != 0 || -- (r = sshpkt_put_string(ssh, send_tok.value, send_tok.length)) != 0 || -- (r = sshpkt_send(ssh)) != 0) -- fatal("sshpkt failed: %s", ssh_err(r)); -- gss_release_buffer(&min_status, &send_tok); -- } -- } while (maj_status & GSS_S_CONTINUE_NEEDED); -+static inline int -+kexgss_final(struct ssh *ssh, -+ gss_buffer_desc *send_tok, -+ OM_uint32 *ret_flags) -+{ -+ struct kex *kex = ssh->kex; -+ Gssctxt *gss = kex->gss; -+ gss_buffer_desc msg_tok; -+ int r; -+ -+ ssh_dispatch_set(ssh, SSH2_MSG_KEXGSS_INIT, NULL); -+ ssh_dispatch_set(ssh, SSH2_MSG_KEXGSS_CONTINUE, NULL); - -- if (GSS_ERROR(maj_status)) { -- if (send_tok.length > 0) { -+ if (GSS_ERROR(gss->major)) { -+ if (send_tok->length > 0) { - if ((r = sshpkt_start(ssh, SSH2_MSG_KEXGSS_CONTINUE)) != 0 || -- (r = sshpkt_put_string(ssh, send_tok.value, send_tok.length)) != 0 || -+ (r = sshpkt_put_string(ssh, send_tok->value, send_tok->length)) != 0 || - (r = sshpkt_send(ssh)) != 0) - fatal("sshpkt failed: %s", ssh_err(r)); - } - fatal("accept_ctx died"); - } - -- if (!(ret_flags & GSS_C_MUTUAL_FLAG)) -+ if (!(*ret_flags & GSS_C_MUTUAL_FLAG)) - fatal("Mutual Authentication flag wasn't set"); - -- if (!(ret_flags & GSS_C_INTEG_FLAG)) -+ if (!(*ret_flags & GSS_C_INTEG_FLAG)) - fatal("Integrity flag wasn't set"); - -- if (GSS_ERROR(mm_ssh_gssapi_sign(ctxt, &gssbuf, &msg_tok))) -+ if (GSS_ERROR(mm_ssh_gssapi_sign(gss, &gss->buf, &msg_tok))) - fatal("Couldn't get MIC"); - - if ((r = sshpkt_start(ssh, SSH2_MSG_KEXGSS_COMPLETE)) != 0 || -- (r = sshpkt_put_stringb(ssh, server_pubkey)) != 0 || -+ (r = sshpkt_put_stringb(ssh, gss->server_pubkey)) != 0 || - (r = sshpkt_put_string(ssh, msg_tok.value, msg_tok.length)) != 0) - fatal("sshpkt failed: %s", ssh_err(r)); - -- if (send_tok.length != 0) { -+ if (send_tok->length != 0) { - if ((r = sshpkt_put_u8(ssh, 1)) != 0 || /* true */ -- (r = sshpkt_put_string(ssh, send_tok.value, send_tok.length)) != 0) -+ (r = sshpkt_put_string(ssh, send_tok->value, send_tok->length)) != 0) - fatal("sshpkt failed: %s", ssh_err(r)); - } else { - if ((r = sshpkt_put_u8(ssh, 0)) != 0) /* false */ -@@ -229,59 +170,139 @@ kexgss_server(struct ssh *ssh) - if ((r = sshpkt_send(ssh)) != 0) - fatal("sshpkt_send failed: %s", ssh_err(r)); - -- gss_release_buffer(&min_status, &send_tok); -- gss_release_buffer(&min_status, &msg_tok); -+ gss_release_buffer(&gss->minor, send_tok); -+ gss_release_buffer(&gss->minor, &msg_tok); - - if (gss_kex_context == NULL) -- gss_kex_context = ctxt; -+ gss_kex_context = gss; - else -- ssh_gssapi_delete_ctx(&ctxt); -+ ssh_gssapi_delete_ctx(&kex->gss); - -- if ((r = kex_derive_keys(ssh, hash, hashlen, shared_secret)) == 0) -+ if ((r = kex_derive_keys(ssh, gss->hash, gss->hashlen, gss->shared_secret)) == 0) - r = kex_send_newkeys(ssh); - - /* If this was a rekey, then save out any delegated credentials we - * just exchanged. */ - if (options.gss_store_rekey) - ssh_gssapi_rekey_creds(); --out: -- sshbuf_free(empty); -- explicit_bzero(hash, sizeof(hash)); -- sshbuf_free(shared_secret); -- sshbuf_free(client_pubkey); -- sshbuf_free(server_pubkey); -+ -+ if (kex->gss != NULL) { -+ explicit_bzero(gss->hash, sizeof(gss->hash)); -+ sshbuf_free(gss->shared_secret); -+ gss->shared_secret = NULL; -+ sshbuf_free(gss->server_pubkey); -+ gss->server_pubkey = NULL; -+ } - return r; - } - --int --kexgssgex_server(struct ssh *ssh) -+static int -+input_kexgss_init(int type, -+ u_int32_t seq, -+ struct ssh *ssh) - { - struct kex *kex = ssh->kex; -- OM_uint32 maj_status, min_status; -+ Gssctxt *gss = kex->gss; -+ struct sshbuf *empty; -+ struct sshbuf *client_pubkey = NULL; -+ gss_buffer_desc recv_tok, send_tok = GSS_C_EMPTY_BUFFER; -+ OM_uint32 ret_flags = 0; -+ int r; -+ -+ debug("SSH2_MSG_KEXGSS_INIT received"); -+ ssh_dispatch_set(ssh, SSH2_MSG_KEXGSS_INIT, NULL); - -- /* -- * Some GSSAPI implementations use the input value of ret_flags (an -- * output variable) as a means of triggering mechanism specific -- * features. Initializing it to zero avoids inadvertently -- * activating this non-standard behaviour. -+ if ((r = ssh_gssapi_sshpkt_get_buffer_desc(ssh, &recv_tok)) != 0 || -+ (r = sshpkt_getb_froms(ssh, &client_pubkey)) != 0 || -+ (r = sshpkt_get_end(ssh)) != 0) -+ fatal("sshpkt failed: %s", ssh_err(r)); -+ -+ switch (kex->kex_type) { -+ case KEX_GSS_GRP1_SHA1: -+ case KEX_GSS_GRP14_SHA1: -+ case KEX_GSS_GRP14_SHA256: -+ case KEX_GSS_GRP16_SHA512: -+ r = kex_dh_enc(kex, client_pubkey, &gss->server_pubkey, &gss->shared_secret); -+ break; -+ case KEX_GSS_NISTP256_SHA256: -+ r = kex_ecdh_enc(kex, client_pubkey, &gss->server_pubkey, &gss->shared_secret); -+ break; -+ case KEX_GSS_C25519_SHA256: -+ r = kex_c25519_enc(kex, client_pubkey, &gss->server_pubkey, &gss->shared_secret); -+ break; -+ default: -+ fatal_f("Unexpected KEX type %d", kex->kex_type); -+ } -+ if (r != 0) { -+ sshbuf_free(client_pubkey); -+ ssh_gssapi_delete_ctx(&kex->gss); -+ return r; -+ } -+ -+ /* Send SSH_MSG_KEXGSS_HOSTKEY here, if we want */ -+ -+ if ((empty = sshbuf_new()) == NULL) { -+ sshbuf_free(client_pubkey); -+ ssh_gssapi_delete_ctx(&kex->gss); -+ return SSH_ERR_ALLOC_FAIL; -+ } -+ -+ /* Calculate the hash early so we can free the -+ * client_pubkey, which has reference to the parent -+ * buffer state->incoming_packet - */ -+ gss->hashlen = sizeof(gss->hash); -+ r = kex_gen_hash(kex->hash_alg, kex->client_version, kex->server_version, -+ kex->peer, kex->my, empty, client_pubkey, gss->server_pubkey, -+ gss->shared_secret, gss->hash, &gss->hashlen); -+ sshbuf_free(empty); -+ sshbuf_free(client_pubkey); -+ if (r != 0) { -+ ssh_gssapi_delete_ctx(&kex->gss); -+ return r; -+ } -+ -+ gss->buf.value = gss->hash; -+ gss->buf.length = gss->hashlen; -+ -+ kexgss_accept_ctx(ssh, &recv_tok, &send_tok, &ret_flags); -+ if (gss->major & GSS_S_CONTINUE_NEEDED) -+ return 0; - -+ return kexgss_final(ssh, &send_tok, &ret_flags); -+} -+ -+static int -+input_kexgss_continue(int type, -+ u_int32_t seq, -+ struct ssh *ssh) -+{ -+ Gssctxt *gss = ssh->kex->gss; -+ gss_buffer_desc recv_tok, send_tok = GSS_C_EMPTY_BUFFER; - OM_uint32 ret_flags = 0; -- gss_buffer_desc gssbuf, recv_tok, msg_tok; -- gss_buffer_desc send_tok = GSS_C_EMPTY_BUFFER; -- Gssctxt *ctxt = NULL; -- struct sshbuf *shared_secret = NULL; -- int type = 0; -+ int r; -+ -+ if ((r = ssh_gssapi_sshpkt_get_buffer_desc(ssh, &recv_tok)) != 0 || -+ (r = sshpkt_get_end(ssh)) != 0) -+ fatal("sshpkt failed: %s", ssh_err(r)); -+ -+ kexgss_accept_ctx(ssh, &recv_tok, &send_tok, &ret_flags); -+ if (gss->major & GSS_S_CONTINUE_NEEDED) -+ return 0; -+ -+ return kexgss_final(ssh, &send_tok, &ret_flags); -+} -+ -+/*******************************************************/ -+/******************** KEXGSSGEX ************************/ -+/*******************************************************/ -+ -+int -+kexgssgex_server(struct ssh *ssh) -+{ -+ struct kex *kex = ssh->kex; - gss_OID oid; - char *mechs; -- u_char hash[SSH_DIGEST_MAX_LENGTH]; -- size_t hashlen; -- BIGNUM *dh_client_pub = NULL; -- const BIGNUM *pub_key, *dh_p, *dh_g; -- int min = -1, max = -1, nbits = -1; -- int cmin = -1, cmax = -1; /* client proposal */ -- struct sshbuf *empty = sshbuf_new(); -- int r; - - /* Initialise GSSAPI */ - -@@ -289,153 +310,125 @@ kexgssgex_server(struct ssh *ssh) - * in the GSSAPI code are no longer available. This kludges them back - * into life - */ -- if (!ssh_gssapi_oid_table_ok()) -- if ((mechs = ssh_gssapi_server_mechanisms())) -- free(mechs); -+ if (!ssh_gssapi_oid_table_ok()) { -+ mechs = ssh_gssapi_server_mechanisms(); -+ free(mechs); -+ } - - debug2_f("Identifying %s", kex->name); - oid = ssh_gssapi_id_kex(NULL, kex->name, kex->kex_type); - if (oid == GSS_C_NO_OID) -- fatal("Unknown gssapi mechanism"); -+ fatal("Unknown gssapi mechanism"); - - debug2_f("Acquiring credentials"); - -- if (GSS_ERROR(mm_ssh_gssapi_server_ctx(&ctxt, oid))) -+ if (GSS_ERROR(mm_ssh_gssapi_server_ctx(&kex->gss, oid))) - fatal("Unable to acquire credentials for the server"); - -- /* 5. S generates an ephemeral key pair (do the allocations early) */ -- debug("Doing group exchange"); -- ssh_packet_read_expect(ssh, SSH2_MSG_KEXGSS_GROUPREQ); -- /* store client proposal to provide valid signature */ -- if ((r = sshpkt_get_u32(ssh, &cmin)) != 0 || -- (r = sshpkt_get_u32(ssh, &nbits)) != 0 || -- (r = sshpkt_get_u32(ssh, &cmax)) != 0 || -- (r = sshpkt_get_end(ssh)) != 0) -- fatal("sshpkt failed: %s", ssh_err(r)); -- kex->nbits = nbits; -- kex->min = cmin; -- kex->max = cmax; -- min = MAX(DH_GRP_MIN, cmin); -- max = MIN(DH_GRP_MAX, cmax); -- nbits = MAXIMUM(DH_GRP_MIN, nbits); -- nbits = MINIMUM(DH_GRP_MAX, nbits); -- if (max < min || nbits < min || max < nbits) -- fatal("GSS_GEX, bad parameters: %d !< %d !< %d", -- min, nbits, max); -- kex->dh = mm_choose_dh(min, nbits, max); -- if (kex->dh == NULL) { -- sshpkt_disconnect(ssh, "Protocol error: no matching group found"); -- fatal("Protocol error: no matching group found"); -- } -+ ssh_gssapi_build_ctx(&kex->gss); -+ if (kex->gss == NULL) -+ fatal("Unable to allocate memory for gss context"); - -- DH_get0_pqg(kex->dh, &dh_p, NULL, &dh_g); -- if ((r = sshpkt_start(ssh, SSH2_MSG_KEXGSS_GROUP)) != 0 || -- (r = sshpkt_put_bignum2(ssh, dh_p)) != 0 || -- (r = sshpkt_put_bignum2(ssh, dh_g)) != 0 || -- (r = sshpkt_send(ssh)) != 0) -- fatal("sshpkt failed: %s", ssh_err(r)); -- -- if ((r = ssh_packet_write_wait(ssh)) != 0) -- fatal("ssh_packet_write_wait: %s", ssh_err(r)); -- -- /* Compute our exchange value in parallel with the client */ -- if ((r = dh_gen_key(kex->dh, kex->we_need * 8)) != 0) -- goto out; -+ debug("Doing group exchange"); -+ ssh_dispatch_set(ssh, SSH2_MSG_KEXGSS_GROUPREQ, &input_kexgssgex_groupreq); -+ return 0; -+} - -- do { -- debug("Wait SSH2_MSG_GSSAPI_INIT"); -- type = ssh_packet_read(ssh); -- switch(type) { -- case SSH2_MSG_KEXGSS_INIT: -- if (dh_client_pub != NULL) -- fatal("Received KEXGSS_INIT after initialising"); -- if ((r = ssh_gssapi_sshpkt_get_buffer_desc(ssh, -- &recv_tok)) != 0 || -- (r = sshpkt_get_bignum2(ssh, &dh_client_pub)) != 0 || -- (r = sshpkt_get_end(ssh)) != 0) -- fatal("sshpkt failed: %s", ssh_err(r)); -+static inline void -+kexgssgex_accept_ctx(struct ssh *ssh, -+ gss_buffer_desc *recv_tok, -+ gss_buffer_desc *send_tok, -+ OM_uint32 *ret_flags) -+{ -+ Gssctxt *gss = ssh->kex->gss; -+ int r; - -- /* Send SSH_MSG_KEXGSS_HOSTKEY here, if we want */ -- break; -- case SSH2_MSG_KEXGSS_CONTINUE: -- if ((r = ssh_gssapi_sshpkt_get_buffer_desc(ssh, -- &recv_tok)) != 0 || -- (r = sshpkt_get_end(ssh)) != 0) -- fatal("sshpkt failed: %s", ssh_err(r)); -- break; -- default: -- sshpkt_disconnect(ssh, -- "Protocol error: didn't expect packet type %d", -- type); -- } -+ gss->major = mm_ssh_gssapi_accept_ctx(gss, recv_tok, send_tok, ret_flags); -+ gss_release_buffer(&gss->minor, recv_tok); - -- maj_status = mm_ssh_gssapi_accept_ctx(ctxt, &recv_tok, -- &send_tok, &ret_flags); -+ if (gss->major != GSS_S_COMPLETE && send_tok->length == 0) -+ fatal("Zero length token output when incomplete"); - -- gss_release_buffer(&min_status, &recv_tok); -+ if (gss->dh_client_pub == NULL) -+ fatal("No client public key"); - -- if (maj_status != GSS_S_COMPLETE && send_tok.length == 0) -- fatal("Zero length token output when incomplete"); -+ if (gss->major & GSS_S_CONTINUE_NEEDED) { -+ debug("Sending GSSAPI_CONTINUE"); -+ if ((r = sshpkt_start(ssh, SSH2_MSG_KEXGSS_CONTINUE)) != 0 || -+ (r = sshpkt_put_string(ssh, send_tok->value, send_tok->length)) != 0 || -+ (r = sshpkt_send(ssh)) != 0) -+ fatal("sshpkt failed: %s", ssh_err(r)); -+ gss_release_buffer(&gss->minor, send_tok); -+ } -+} - -- if (dh_client_pub == NULL) -- fatal("No client public key"); -+static inline int -+kexgssgex_final(struct ssh *ssh, -+ gss_buffer_desc *send_tok, -+ OM_uint32 *ret_flags) -+{ -+ struct kex *kex = ssh->kex; -+ Gssctxt *gss = kex->gss; -+ gss_buffer_desc msg_tok; -+ u_char hash[SSH_DIGEST_MAX_LENGTH]; -+ size_t hashlen; -+ const BIGNUM *pub_key, *dh_p, *dh_g; -+ struct sshbuf *shared_secret = NULL; -+ struct sshbuf *empty = NULL; -+ int r; - -- if (maj_status & GSS_S_CONTINUE_NEEDED) { -- debug("Sending GSSAPI_CONTINUE"); -- if ((r = sshpkt_start(ssh, SSH2_MSG_KEXGSS_CONTINUE)) != 0 || -- (r = sshpkt_put_string(ssh, send_tok.value, send_tok.length)) != 0 || -- (r = sshpkt_send(ssh)) != 0) -- fatal("sshpkt failed: %s", ssh_err(r)); -- gss_release_buffer(&min_status, &send_tok); -- } -- } while (maj_status & GSS_S_CONTINUE_NEEDED); -+ ssh_dispatch_set(ssh, SSH2_MSG_KEXGSS_INIT, NULL); -+ ssh_dispatch_set(ssh, SSH2_MSG_KEXGSS_CONTINUE, NULL); - -- if (GSS_ERROR(maj_status)) { -- if (send_tok.length > 0) { -+ if (GSS_ERROR(gss->major)) { -+ if (send_tok->length > 0) { - if ((r = sshpkt_start(ssh, SSH2_MSG_KEXGSS_CONTINUE)) != 0 || -- (r = sshpkt_put_string(ssh, send_tok.value, send_tok.length)) != 0 || -+ (r = sshpkt_put_string(ssh, send_tok->value, send_tok->length)) != 0 || - (r = sshpkt_send(ssh)) != 0) - fatal("sshpkt failed: %s", ssh_err(r)); - } - fatal("accept_ctx died"); - } - -- if (!(ret_flags & GSS_C_MUTUAL_FLAG)) -+ if (!(*ret_flags & GSS_C_MUTUAL_FLAG)) - fatal("Mutual Authentication flag wasn't set"); - -- if (!(ret_flags & GSS_C_INTEG_FLAG)) -+ if (!(*ret_flags & GSS_C_INTEG_FLAG)) - fatal("Integrity flag wasn't set"); - - /* calculate shared secret */ -- if ((shared_secret = sshbuf_new()) == NULL) { -+ shared_secret = sshbuf_new(); -+ if (shared_secret == NULL) { -+ ssh_gssapi_delete_ctx(&kex->gss); - r = SSH_ERR_ALLOC_FAIL; - goto out; - } -- if ((r = kex_dh_compute_key(kex, dh_client_pub, shared_secret)) != 0) -+ if ((r = kex_dh_compute_key(kex, gss->dh_client_pub, shared_secret)) != 0) { -+ ssh_gssapi_delete_ctx(&kex->gss); - goto out; -+ } -+ -+ if ((empty = sshbuf_new()) == NULL) { -+ ssh_gssapi_delete_ctx(&kex->gss); -+ r = SSH_ERR_ALLOC_FAIL; -+ goto out; -+ } - - DH_get0_key(kex->dh, &pub_key, NULL); - DH_get0_pqg(kex->dh, &dh_p, NULL, &dh_g); - hashlen = sizeof(hash); -- if ((r = kexgex_hash( -- kex->hash_alg, -- kex->client_version, -- kex->server_version, -- kex->peer, -- kex->my, -- empty, -- cmin, nbits, cmax, -- dh_p, dh_g, -- dh_client_pub, -- pub_key, -- sshbuf_ptr(shared_secret), sshbuf_len(shared_secret), -- hash, &hashlen)) != 0) -+ r = kexgex_hash(kex->hash_alg, kex->client_version, kex->server_version, -+ kex->peer, kex->my, empty, kex->min, kex->nbits, kex->max, dh_p, dh_g, -+ gss->dh_client_pub, pub_key, sshbuf_ptr(shared_secret), -+ sshbuf_len(shared_secret), hash, &hashlen); -+ sshbuf_free(empty); -+ if (r != 0) - fatal("kexgex_hash failed: %s", ssh_err(r)); - -- gssbuf.value = hash; -- gssbuf.length = hashlen; -+ gss->buf.value = hash; -+ gss->buf.length = hashlen; - -- if (GSS_ERROR(mm_ssh_gssapi_sign(ctxt, &gssbuf, &msg_tok))) -+ if (GSS_ERROR(mm_ssh_gssapi_sign(gss, &gss->buf, &msg_tok))) - fatal("Couldn't get MIC"); - - if ((r = sshpkt_start(ssh, SSH2_MSG_KEXGSS_COMPLETE)) != 0 || -@@ -443,24 +436,24 @@ kexgssgex_server(struct ssh *ssh) - (r = sshpkt_put_string(ssh, msg_tok.value, msg_tok.length)) != 0) - fatal("sshpkt failed: %s", ssh_err(r)); - -- if (send_tok.length != 0) { -+ if (send_tok->length != 0) { - if ((r = sshpkt_put_u8(ssh, 1)) != 0 || /* true */ -- (r = sshpkt_put_string(ssh, send_tok.value, send_tok.length)) != 0) -+ (r = sshpkt_put_string(ssh, send_tok->value, send_tok->length)) != 0) - fatal("sshpkt failed: %s", ssh_err(r)); - } else { - if ((r = sshpkt_put_u8(ssh, 0)) != 0) /* false */ - fatal("sshpkt failed: %s", ssh_err(r)); - } - if ((r = sshpkt_send(ssh)) != 0) -- fatal("sshpkt failed: %s", ssh_err(r)); -+ fatal("sshpkt_send failed: %s", ssh_err(r)); - -- gss_release_buffer(&min_status, &send_tok); -- gss_release_buffer(&min_status, &msg_tok); -+ gss_release_buffer(&gss->minor, send_tok); -+ gss_release_buffer(&gss->minor, &msg_tok); - - if (gss_kex_context == NULL) -- gss_kex_context = ctxt; -+ gss_kex_context = gss; - else -- ssh_gssapi_delete_ctx(&ctxt); -+ ssh_gssapi_delete_ctx(&kex->gss); - - /* Finally derive the keys and send them */ - if ((r = kex_derive_keys(ssh, hash, hashlen, shared_secret)) == 0) -@@ -470,13 +463,128 @@ kexgssgex_server(struct ssh *ssh) - * just exchanged. */ - if (options.gss_store_rekey) - ssh_gssapi_rekey_creds(); -+ -+ if (kex->gss != NULL) -+ BN_clear_free(gss->dh_client_pub); -+ - out: -- sshbuf_free(empty); - explicit_bzero(hash, sizeof(hash)); - DH_free(kex->dh); - kex->dh = NULL; -- BN_clear_free(dh_client_pub); - sshbuf_free(shared_secret); - return r; - } -+ -+static int -+input_kexgssgex_groupreq(int type, -+ u_int32_t seq, -+ struct ssh *ssh) -+{ -+ struct kex *kex = ssh->kex; -+ const BIGNUM *dh_p, *dh_g; -+ int min = -1, max = -1, nbits = -1; -+ int cmin = -1, cmax = -1; /* client proposal */ -+ int r; -+ -+ /* 5. S generates an ephemeral key pair (do the allocations early) */ -+ -+ debug("SSH2_MSG_KEXGSS_GROUPREQ received"); -+ ssh_dispatch_set(ssh, SSH2_MSG_KEXGSS_GROUPREQ, NULL); -+ -+ /* store client proposal to provide valid signature */ -+ if ((r = sshpkt_get_u32(ssh, &cmin)) != 0 || -+ (r = sshpkt_get_u32(ssh, &nbits)) != 0 || -+ (r = sshpkt_get_u32(ssh, &cmax)) != 0 || -+ (r = sshpkt_get_end(ssh)) != 0) -+ fatal("sshpkt failed: %s", ssh_err(r)); -+ -+ kex->nbits = nbits; -+ kex->min = cmin; -+ kex->max = cmax; -+ min = MAX(DH_GRP_MIN, cmin); -+ max = MIN(DH_GRP_MAX, cmax); -+ nbits = MAXIMUM(DH_GRP_MIN, nbits); -+ nbits = MINIMUM(DH_GRP_MAX, nbits); -+ -+ if (max < min || nbits < min || max < nbits) -+ fatal("GSS_GEX, bad parameters: %d !< %d !< %d", min, nbits, max); -+ -+ kex->dh = mm_choose_dh(min, nbits, max); -+ if (kex->dh == NULL) { -+ sshpkt_disconnect(ssh, "Protocol error: no matching group found"); -+ fatal("Protocol error: no matching group found"); -+ } -+ -+ DH_get0_pqg(kex->dh, &dh_p, NULL, &dh_g); -+ if ((r = sshpkt_start(ssh, SSH2_MSG_KEXGSS_GROUP)) != 0 || -+ (r = sshpkt_put_bignum2(ssh, dh_p)) != 0 || -+ (r = sshpkt_put_bignum2(ssh, dh_g)) != 0 || -+ (r = sshpkt_send(ssh)) != 0) -+ fatal("sshpkt failed: %s", ssh_err(r)); -+ -+ if ((r = ssh_packet_write_wait(ssh)) != 0) -+ fatal("ssh_packet_write_wait: %s", ssh_err(r)); -+ -+ /* Compute our exchange value in parallel with the client */ -+ if ((r = dh_gen_key(kex->dh, kex->we_need * 8)) != 0) { -+ ssh_gssapi_delete_ctx(&kex->gss); -+ DH_free(kex->dh); -+ kex->dh = NULL; -+ return r; -+ } -+ -+ ssh_dispatch_set(ssh, SSH2_MSG_KEXGSS_INIT, &input_kexgssgex_init); -+ ssh_dispatch_set(ssh, SSH2_MSG_KEXGSS_CONTINUE, &input_kexgssgex_continue); -+ debug("Wait SSH2_MSG_KEXGSS_INIT"); -+ return 0; -+} -+ -+static int -+input_kexgssgex_init(int type, -+ u_int32_t seq, -+ struct ssh *ssh) -+{ -+ Gssctxt *gss = ssh->kex->gss; -+ gss_buffer_desc recv_tok, send_tok = GSS_C_EMPTY_BUFFER; -+ OM_uint32 ret_flags = 0; -+ int r; -+ -+ debug("SSH2_MSG_KEXGSS_INIT received"); -+ ssh_dispatch_set(ssh, SSH2_MSG_KEXGSS_INIT, NULL); -+ -+ if ((r = ssh_gssapi_sshpkt_get_buffer_desc(ssh, &recv_tok)) != 0 || -+ (r = sshpkt_get_bignum2(ssh, &gss->dh_client_pub)) != 0 || -+ (r = sshpkt_get_end(ssh)) != 0) -+ fatal("sshpkt failed: %s", ssh_err(r)); -+ -+ /* Send SSH_MSG_KEXGSS_HOSTKEY here, if we want */ -+ -+ kexgssgex_accept_ctx(ssh, &recv_tok, &send_tok, &ret_flags); -+ if (gss->major & GSS_S_CONTINUE_NEEDED) -+ return 0; -+ -+ return kexgssgex_final(ssh, &send_tok, &ret_flags); -+} -+ -+static int -+input_kexgssgex_continue(int type, -+ u_int32_t seq, -+ struct ssh *ssh) -+{ -+ Gssctxt *gss = ssh->kex->gss; -+ gss_buffer_desc recv_tok, send_tok = GSS_C_EMPTY_BUFFER; -+ OM_uint32 ret_flags = 0; -+ int r; -+ -+ if ((r = ssh_gssapi_sshpkt_get_buffer_desc(ssh, &recv_tok)) != 0 || -+ (r = sshpkt_get_end(ssh)) != 0) -+ fatal("sshpkt failed: %s", ssh_err(r)); -+ -+ kexgssgex_accept_ctx(ssh, &recv_tok, &send_tok, &ret_flags); -+ if (gss->major & GSS_S_CONTINUE_NEEDED) -+ return 0; -+ -+ return kexgssgex_final(ssh, &send_tok, &ret_flags); -+} -+ - #endif /* defined(GSSAPI) && defined(WITH_OPENSSL) */ -diff --color -ruNp a/kex.h b/kex.h ---- a/kex.h 2024-05-16 15:49:43.986410812 +0200 -+++ b/kex.h 2024-06-18 12:19:48.580347469 +0200 -@@ -29,6 +29,10 @@ - #include "mac.h" - #include "crypto_api.h" - -+#ifdef GSSAPI -+# include "ssh-gss.h" /* Gssctxt */ -+#endif -+ - #ifdef WITH_OPENSSL - # include - # include -@@ -177,6 +181,7 @@ struct kex { - int hash_alg; - int ec_nid; - #ifdef GSSAPI -+ Gssctxt *gss; - int gss_deleg_creds; - int gss_trust_dns; - char *gss_host; -diff --color -ruNp a/ssh-gss.h b/ssh-gss.h ---- a/ssh-gss.h 2024-05-16 15:49:43.837407972 +0200 -+++ b/ssh-gss.h 2024-06-27 14:12:48.659866937 +0200 -@@ -88,6 +88,8 @@ extern char **k5users_allowed_cmds; - KEX_GSS_GRP14_SHA1_ID "," \ - KEX_GSS_GEX_SHA1_ID - -+#include "digest.h" /* SSH_DIGEST_MAX_LENGTH */ -+ - typedef struct { - char *filename; - char *envvar; -@@ -127,6 +129,16 @@ typedef struct { - gss_cred_id_t creds; /* server */ - gss_name_t client; /* server */ - gss_cred_id_t client_creds; /* both */ -+ struct sshbuf *shared_secret; /* both */ -+ struct sshbuf *server_pubkey; /* server */ -+ struct sshbuf *server_blob; /* client */ -+ struct sshbuf *server_host_key_blob; /* client */ -+ gss_buffer_desc msg_tok; /* client */ -+ gss_buffer_desc buf; /* both */ -+ u_char hash[SSH_DIGEST_MAX_LENGTH]; /* both */ -+ size_t hashlen; /* both */ -+ int first; /* client */ -+ BIGNUM *dh_client_pub; /* server (gex) */ - } Gssctxt; - - extern ssh_gssapi_mech *supported_mechs[]; From 480372390cb559e3b85e341410c411097d6806f8 Mon Sep 17 00:00:00 2001 From: Fedora Release Engineering Date: Fri, 17 Jan 2025 05:17:11 +0000 Subject: [PATCH 31/44] Rebuilt for https://fedoraproject.org/wiki/Fedora_42_Mass_Rebuild --- gsi-openssh.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/gsi-openssh.spec b/gsi-openssh.spec index a07c006..e1e70b1 100644 --- a/gsi-openssh.spec +++ b/gsi-openssh.spec @@ -29,7 +29,7 @@ Summary: An implementation of the SSH protocol with GSI authentication Name: gsi-openssh Version: %{openssh_ver} -Release: %{openssh_rel}%{?dist} +Release: %{openssh_rel}%{?dist}.1 Provides: gsissh = %{version}-%{release} Obsoletes: gsissh < 5.8p2-2 URL: http://www.openssh.com/portable.html @@ -561,6 +561,9 @@ fi %ghost %attr(0644,root,root) %{_localstatedir}/lib/.gsissh-host-keys-migration %changelog +* Fri Jan 17 2025 Fedora Release Engineering - 9.8p1-2.1 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_42_Mass_Rebuild + * Wed Oct 02 2024 Mattias Ellert - 9.8p1-2 - Based on openssh-9.8p1-4.fc42 From 06032544b5fabeea4bb159c2ae1e3ed8ae201cf3 Mon Sep 17 00:00:00 2001 From: Mattias Ellert Date: Tue, 21 Jan 2025 09:58:09 +0100 Subject: [PATCH 32/44] Based on openssh-9.9p1-5.fc42 / openssh-9.9p1-1.fc41 --- gsi-openssh.spec | 49 +- gsisshd-keygen@.service | 3 + gsisshd.service | 3 + gsisshd@.service | 3 + openssh-6.6p1-allow-ip-opts.patch | 2 +- openssh-6.7p1-coverity.patch | 16 - openssh-7.6p1-audit.patch | 97 +- openssh-7.7p1-fips.patch | 83 +- openssh-8.0p1-crypto-policies.patch | 12 +- openssh-8.0p1-pkcs11-uri.patch | 44 +- openssh-8.7p1-audit-hostname.patch | 106 -- openssh-8.7p1-nohostsha1proof.patch | 41 - openssh-9.0p1-audit-log.patch | 133 +- openssh-9.0p1-evp-fips-ecdh.patch | 207 --- ....patch => openssh-9.0p1-evp-fips-kex.patch | 307 +++- openssh-9.3p1-merged-openssl-evp.patch | 1237 ----------------- openssh-9.6p1-gssapi-keyex.patch | 40 +- ...gsissh.patch => openssh-9.9p1-gsissh.patch | 313 ++--- ....1.patch => openssh-9.9p1-hpn-18.6.0.patch | 797 +++++------ openssh-9.9p1-mlkembe.patch | 98 ++ openssh-9.9p1-separate-keysign.patch | 12 + sources | 4 +- 22 files changed, 1291 insertions(+), 2316 deletions(-) delete mode 100644 openssh-8.7p1-audit-hostname.patch delete mode 100644 openssh-9.0p1-evp-fips-ecdh.patch rename openssh-9.0p1-evp-fips-dh.patch => openssh-9.0p1-evp-fips-kex.patch (50%) delete mode 100644 openssh-9.3p1-merged-openssl-evp.patch rename openssh-9.8p1-gsissh.patch => openssh-9.9p1-gsissh.patch (89%) rename openssh-9.8p1-hpn-18.5.1.patch => openssh-9.9p1-hpn-18.6.0.patch (96%) create mode 100644 openssh-9.9p1-mlkembe.patch create mode 100644 openssh-9.9p1-separate-keysign.patch diff --git a/gsi-openssh.spec b/gsi-openssh.spec index e1e70b1..1060509 100644 --- a/gsi-openssh.spec +++ b/gsi-openssh.spec @@ -23,13 +23,13 @@ # Do we want libedit support %global libedit 1 -%global openssh_ver 9.8p1 -%global openssh_rel 2 +%global openssh_ver 9.9p1 +%global openssh_rel 1 Summary: An implementation of the SSH protocol with GSI authentication Name: gsi-openssh Version: %{openssh_ver} -Release: %{openssh_rel}%{?dist}.1 +Release: %{openssh_rel}%{?dist} Provides: gsissh = %{version}-%{release} Obsoletes: gsissh < 5.8p2-2 URL: http://www.openssh.com/portable.html @@ -60,8 +60,6 @@ Patch200: openssh-7.6p1-audit.patch Patch201: openssh-7.1p2-audit-race-condition.patch # https://bugzilla.redhat.com/show_bug.cgi?id=2049947 Patch202: openssh-9.0p1-audit-log.patch -# Correctly audit hostname and IP address -Patch203: openssh-8.7p1-audit-hostname.patch #https://bugzilla.mindrot.org/show_bug.cgi?id=1641 (WONTFIX) Patch400: openssh-7.8p1-role-mls.patch @@ -139,9 +137,6 @@ Patch953: openssh-7.8p1-scp-ipv6.patch # Mention crypto-policies in manual pages (#1668325) # clarify rhbz#2068423 on the man page of ssh_config Patch962: openssh-8.0p1-crypto-policies.patch -# Use OpenSSL high-level API to produce and verify signatures (#1707485) -# TODO fix the comment above ^ -Patch963: openssh-9.3p1-merged-openssl-evp.patch # Use OpenSSL KDF (#1631761) Patch964: openssh-8.0p1-openssl-kdf.patch # sk-dummy.so built with -fvisibility=hidden does not work @@ -174,19 +169,22 @@ Patch1002: openssh-8.7p1-ssh-manpage.patch # https://github.com/openssh/openssh-portable/pull/323 Patch1006: openssh-8.7p1-negotiate-supported-algs.patch -Patch1012: openssh-9.0p1-evp-fips-dh.patch -Patch1013: openssh-9.0p1-evp-fips-ecdh.patch +Patch1012: openssh-9.0p1-evp-fips-kex.patch Patch1014: openssh-8.7p1-nohostsha1proof.patch Patch1015: openssh-9.6p1-pam-rhost.patch +Patch1016: openssh-9.9p1-separate-keysign.patch +# upstream cf3e48ee8ba1beeccddd2f203b558fa102be67a2 +# upstream 0c3927c45f8a57b511c874c4d51a8c89414f74ef +Patch1017: openssh-9.9p1-mlkembe.patch # This is the patch that adds GSI support # Based on hpn_isshd-gsi.7.5p1b.patch from Globus upstream -Patch98: openssh-9.8p1-gsissh.patch +Patch98: openssh-9.9p1-gsissh.patch # This is the HPN patch -# Based on https://github.com/rapier1/hpn-ssh/ tag: hpn-18.5.1 -Patch99: openssh-9.8p1-hpn-18.5.1.patch +# Based on https://github.com/rapier1/hpn-ssh/ tag: hpn-18.6.0 +Patch99: openssh-9.9p1-hpn-18.6.0.patch License: BSD-3-Clause AND BSD-2-Clause AND ISC AND SSH-OpenSSH AND ssh-keyscan AND sprintf AND LicenseRef-Fedora-Public-Domain AND X11-distribute-modifications-variant Requires: /sbin/nologin @@ -235,6 +233,10 @@ Obsoletes: gsissh-clients < 5.8p2-2 Requires: %{name} = %{version}-%{release} Requires: crypto-policies >= 20220824-1 +%package keysign +Summary: A helper program used for host-based authentication +Requires: %{name} = %{version}-%{release} + %package server Summary: SSH server daemon with GSI authentication Provides: gsissh-server = %{version}-%{release} @@ -270,6 +272,11 @@ the clients necessary to make encrypted connections to SSH servers. This version of OpenSSH has been modified to support GSI authentication. +%description keysign +OpenSSH is a free version of SSH (Secure SHell), a program for logging +into and executing commands on a remote machine. ssh-keysign is a +helper program used for host-based authentication disabled by default. + %description server OpenSSH is a free version of SSH (Secure SHell), a program for logging into and executing commands on a remote machine. This package contains @@ -317,7 +324,6 @@ gpgv2 --quiet --keyring %{SOURCE3} %{SOURCE1} %{SOURCE0} %patch -P 951 -p1 -b .pkcs11-uri %patch -P 953 -p1 -b .scp-ipv6 %patch -P 962 -p1 -b .crypto-policies -%patch -P 963 -p1 -b .openssl-evp %patch -P 964 -p1 -b .openssl-kdf %patch -P 965 -p1 -b .visibility %patch -P 966 -p1 -b .x11-ipv6 @@ -331,15 +337,15 @@ gpgv2 --quiet --keyring %{SOURCE3} %{SOURCE1} %{SOURCE0} %patch -P 200 -p1 -b .audit %patch -P 201 -p1 -b .audit-race %patch -P 202 -p1 -b .audit-log -%patch -P 203 -p1 -b .audit-hostname %patch -P 700 -p1 -b .fips %patch -P 1002 -p1 -b .ssh-manpage %patch -P 1006 -p1 -b .negotiate-supported-algs %patch -P 1012 -p1 -b .evp-fips-dh -%patch -P 1013 -p1 -b .evp-fips-ecdh %patch -P 1014 -p1 -b .nosha1hostproof %patch -P 1015 -p1 -b .pam-rhost +%patch -P 1016 -p1 -b .sep-keysign +%patch -P 1017 -p1 -b .mlkembe %patch -P 100 -p1 -b .coverity %patch -P 98 -p1 -b .gsi @@ -468,7 +474,9 @@ rm $RPM_BUILD_ROOT%{_mandir}/man1/ssh-keyscan.1* rm $RPM_BUILD_ROOT%{_mandir}/man8/ssh-pkcs11-helper.8* for f in $RPM_BUILD_ROOT%{_bindir}/* \ +%if "%{_sbindir}" != "%{_bindir}" $RPM_BUILD_ROOT%{_sbindir}/* \ +%endif $RPM_BUILD_ROOT%{_mandir}/man*/* ; do mv $f `dirname $f`/gsi`basename $f` done @@ -514,8 +522,6 @@ fi %attr(0755,root,root) %{_bindir}/gsissh-keygen %attr(0644,root,root) %{_mandir}/man1/gsissh-keygen.1* %attr(0755,root,root) %dir %{_libexecdir}/gsissh -%attr(4555,root,root) %{_libexecdir}/gsissh/ssh-keysign -%attr(0644,root,root) %{_mandir}/man8/gsissh-keysign.8* %files clients %attr(0755,root,root) %{_bindir}/gsissh @@ -534,6 +540,10 @@ fi %{_libexecdir}/gsissh/bin/scp %{_libexecdir}/gsissh/bin/hpnscp +%files keysign +%attr(4555,root,root) %{_libexecdir}/gsissh/ssh-keysign +%attr(0644,root,root) %{_mandir}/man8/gsissh-keysign.8* + %files server %dir %attr(0711,root,root) %{_datadir}/empty.sshd %attr(0755,root,root) %{_sbindir}/gsisshd @@ -561,6 +571,9 @@ fi %ghost %attr(0644,root,root) %{_localstatedir}/lib/.gsissh-host-keys-migration %changelog +* Mon Jan 20 2025 Mattias Ellert - 9.9p1-1 +- Based on openssh-9.9p1-5.fc42 / openssh-9.9p1-1.fc41 + * Fri Jan 17 2025 Fedora Release Engineering - 9.8p1-2.1 - Rebuilt for https://fedoraproject.org/wiki/Fedora_42_Mass_Rebuild diff --git a/gsisshd-keygen@.service b/gsisshd-keygen@.service index 6b2898b..62a1898 100644 --- a/gsisshd-keygen@.service +++ b/gsisshd-keygen@.service @@ -4,6 +4,9 @@ ConditionFileNotEmpty=|!/etc/gsissh/ssh_host_%i_key [Service] Type=oneshot +# Set option as empty variable to suppress warnings upon expanding the command line +# when the config file under /etc does not exist or is empty. +Environment=OPTIONS= EnvironmentFile=-/etc/sysconfig/gsisshd ExecStart=/usr/libexec/gsissh/sshd-keygen %i diff --git a/gsisshd.service b/gsisshd.service index 6272ced..55dd115 100644 --- a/gsisshd.service +++ b/gsisshd.service @@ -9,6 +9,9 @@ Wants=gsissh-host-keys-migration.service [Service] Type=notify +# Set option as empty variable to suppress warnings upon expanding the command line +# when the config file under /etc does not exist or is empty. +Environment=OPTIONS= EnvironmentFile=-/etc/sysconfig/gsisshd ExecStart=/usr/sbin/gsisshd -D $OPTIONS ExecReload=/bin/kill -HUP $MAINPID diff --git a/gsisshd@.service b/gsisshd@.service index 8a3fff2..acc3d85 100644 --- a/gsisshd@.service +++ b/gsisshd@.service @@ -8,6 +8,9 @@ After=gsisshd-keygen.target Wants=gsissh-host-keys-migration.service [Service] +# Set option as empty variable to suppress warnings upon expanding the command line +# when the config file under /etc does not exist or is empty. +Environment=OPTIONS= EnvironmentFile=-/etc/sysconfig/gsisshd ExecStart=-/usr/sbin/gsisshd -i $OPTIONS StandardInput=socket diff --git a/openssh-6.6p1-allow-ip-opts.patch b/openssh-6.6p1-allow-ip-opts.patch index d969b5c..995e04e 100644 --- a/openssh-6.6p1-allow-ip-opts.patch +++ b/openssh-6.6p1-allow-ip-opts.patch @@ -38,5 +38,5 @@ diff -up openssh/sshd.c.ip-opts openssh/sshd.c + } + } while (i < option_size); } - return; #endif /* IP_OPTIONS */ + } diff --git a/openssh-6.7p1-coverity.patch b/openssh-6.7p1-coverity.patch index d98da28..ffe0c69 100644 --- a/openssh-6.7p1-coverity.patch +++ b/openssh-6.7p1-coverity.patch @@ -73,22 +73,6 @@ diff -up openssh-8.5p1/loginrec.c.coverity openssh-8.5p1/loginrec.c strncpy(ut->ut_host, li->hostname, MIN_SIZEOF(ut->ut_host, li->hostname)); # endif -@@ -1690,6 +1692,7 @@ record_failed_login(struct ssh *ssh, con - - memset(&ut, 0, sizeof(ut)); - /* strncpy because we don't necessarily want nul termination */ -+ /* coverity[buffer_size_warning : FALSE] */ - strncpy(ut.ut_user, username, sizeof(ut.ut_user)); - strlcpy(ut.ut_line, "ssh:notty", sizeof(ut.ut_line)); - -@@ -1699,6 +1702,7 @@ record_failed_login(struct ssh *ssh, con - ut.ut_pid = getpid(); - - /* strncpy because we don't necessarily want nul termination */ -+ /* coverity[buffer_size_warning : FALSE] */ - strncpy(ut.ut_host, hostname, sizeof(ut.ut_host)); - - if (ssh_packet_connection_is_on_socket(ssh) && diff -up openssh-8.5p1/misc.c.coverity openssh-8.5p1/misc.c --- openssh-8.5p1/misc.c.coverity 2021-03-24 12:03:33.745967902 +0100 +++ openssh-8.5p1/misc.c 2021-03-24 13:31:47.037079617 +0100 diff --git a/openssh-7.6p1-audit.patch b/openssh-7.6p1-audit.patch index c884292..2c7ddc5 100644 --- a/openssh-7.6p1-audit.patch +++ b/openssh-7.6p1-audit.patch @@ -1086,7 +1086,7 @@ diff -up openssh-8.6p1/Makefile.in.audit openssh-8.6p1/Makefile.in --- openssh-8.6p1/Makefile.in.audit 2021-04-19 16:47:35.731061937 +0200 +++ openssh-8.6p1/Makefile.in 2021-04-19 16:47:35.756062129 +0200 @@ -112,7 +112,7 @@ LIBSSH_OBJS=${LIBOPENSSH_OBJS} \ - kexsntrup761x25519.o sntrup761.o kexgen.o \ + kexsntrup761x25519.o kexmlkem768x25519.o sntrup761.o kexgen.o \ kexgssc.o \ sftp-realpath.o platform-pledge.o platform-tracing.o platform-misc.o \ - sshbuf-io.o @@ -2056,7 +2056,7 @@ diff -up openssh-8.6p1/sshd-session.c.audit openssh-8.6p1/sshd-session.c #include "ssh-sandbox.h" #include "auth-options.h" #include "version.h" -@@ -260,8 +261,8 @@ struct sshbuf *loginmsg; +@@ -260,8 +261,44 @@ struct sshbuf *loginmsg; struct sshbuf *loginmsg; /* Prototypes for various functions defined later in this file. */ @@ -2064,6 +2064,42 @@ diff -up openssh-8.6p1/sshd-session.c.audit openssh-8.6p1/sshd-session.c -void demote_sensitive_data(void); +void destroy_sensitive_data(struct ssh *); +void demote_sensitive_data(struct ssh *); ++ ++static int ++sshkey_is_private(const struct sshkey *k) ++{ ++ switch (k->type) { ++#ifdef WITH_OPENSSL ++ case KEY_RSA_CERT: ++ case KEY_RSA: { ++ const BIGNUM *d; ++ const RSA *rsa = EVP_PKEY_get0_RSA(k->pkey); ++ RSA_get0_key(rsa, NULL, NULL, &d); ++ return d != NULL; ++ } ++ case KEY_DSA_CERT: ++ case KEY_DSA: { ++ const BIGNUM *priv_key; ++ DSA_get0_key(k->dsa, NULL, &priv_key); ++ return priv_key != NULL; ++ } ++#ifdef OPENSSL_HAS_ECC ++ case KEY_ECDSA_CERT: ++ case KEY_ECDSA: { ++ const EC_KEY * ecdsa = EVP_PKEY_get0_EC_KEY(k->pkey); ++ return EC_KEY_get0_private_key(ecdsa) != NULL; ++ } ++#endif /* OPENSSL_HAS_ECC */ ++#endif /* WITH_OPENSSL */ ++ case KEY_ED25519_CERT: ++ case KEY_ED25519: ++ return (k->ed25519_pk != NULL); ++ default: ++ /* fatal("key_is_private: bad key type %d", k->type); */ ++ return 0; ++ } ++} ++ static void do_ssh2_kex(struct ssh *); /* @@ -2222,7 +2258,7 @@ diff -up openssh-8.6p1/sshd-session.c.audit openssh-8.6p1/sshd-session.c if (the_active_state != NULL && the_authctxt != NULL) { @@ -2525,7 +2593,9 @@ cleanup_exit(int i) - _exit(EXIT_AUTH_ATTEMPTED); + } #ifdef SSH_AUDIT_EVENTS /* done after do_cleanup so it can cancel the PAM auth 'thread' */ - if (the_active_state != NULL && mm_is_monitor()) @@ -2231,57 +2267,4 @@ diff -up openssh-8.6p1/sshd-session.c.audit openssh-8.6p1/sshd-session.c + mm_is_monitor()) audit_event(the_active_state, SSH_CONNECTION_ABANDON); #endif - _exit(i); -diff -up openssh-8.6p1/sshkey.c.audit openssh-8.6p1/sshkey.c ---- openssh-8.6p1/sshkey.c.audit 2021-04-19 16:47:35.741062014 +0200 -+++ openssh-8.6p1/sshkey.c 2021-04-19 16:47:35.759062152 +0200 -@@ -371,6 +371,38 @@ sshkey_type_is_valid_ca(int type) - } - - int -+sshkey_is_private(const struct sshkey *k) -+{ -+ switch (k->type) { -+#ifdef WITH_OPENSSL -+ case KEY_RSA_CERT: -+ case KEY_RSA: { -+ const BIGNUM *d; -+ RSA_get0_key(k->rsa, NULL, NULL, &d); -+ return d != NULL; -+ } -+ case KEY_DSA_CERT: -+ case KEY_DSA: { -+ const BIGNUM *priv_key; -+ DSA_get0_key(k->dsa, NULL, &priv_key); -+ return priv_key != NULL; -+ } -+#ifdef OPENSSL_HAS_ECC -+ case KEY_ECDSA_CERT: -+ case KEY_ECDSA: -+ return EC_KEY_get0_private_key(k->ecdsa) != NULL; -+#endif /* OPENSSL_HAS_ECC */ -+#endif /* WITH_OPENSSL */ -+ case KEY_ED25519_CERT: -+ case KEY_ED25519: -+ return (k->ed25519_pk != NULL); -+ default: -+ /* fatal("key_is_private: bad key type %d", k->type); */ -+ return 0; -+ } -+} -+ -+int - sshkey_is_cert(const struct sshkey *k) - { - if (k == NULL) -diff -up openssh-8.6p1/sshkey.h.audit openssh-8.6p1/sshkey.h ---- openssh-8.6p1/sshkey.h.audit 2021-04-19 16:47:35.741062014 +0200 -+++ openssh-8.6p1/sshkey.h 2021-04-19 16:47:35.759062152 +0200 -@@ -189,6 +189,7 @@ int sshkey_shield_private(struct sshke - int sshkey_unshield_private(struct sshkey *); - - int sshkey_type_from_name(const char *); -+int sshkey_is_private(const struct sshkey *); - int sshkey_is_cert(const struct sshkey *); - int sshkey_is_sk(const struct sshkey *); - int sshkey_type_is_cert(int); + /* Override default fatal exit value when auth was attempted */ diff --git a/openssh-7.7p1-fips.patch b/openssh-7.7p1-fips.patch index 6a14cb3..5d8da08 100644 --- a/openssh-7.7p1-fips.patch +++ b/openssh-7.7p1-fips.patch @@ -427,9 +427,9 @@ diff -up openssh-8.6p1/sshkey.c.fips openssh-8.6p1/sshkey.c --- openssh-8.6p1/sshkey.c.fips 2021-05-06 12:08:36.493926838 +0200 +++ openssh-8.6p1/sshkey.c 2021-05-06 12:08:36.502926908 +0200 @@ -36,6 +36,7 @@ + #include + #include #include - #include - #include +#include #endif @@ -544,13 +544,13 @@ diff -up openssh-8.6p1/ssh-keygen.c.fips openssh-8.6p1/ssh-keygen.c - name = _PATH_SSH_CLIENT_ID_ED25519; + name = FIPS_mode() ? _PATH_SSH_CLIENT_ID_RSA : _PATH_SSH_CLIENT_ID_ED25519; else { - switch (sshkey_type_from_name(key_type_name)) { + switch (sshkey_type_from_shortname(key_type_name)) { #ifdef WITH_DSA @@ -1098,9 +1104,17 @@ do_gen_all_hostkeys(struct passwd *pw) first = 1; printf("%s: generating new host keys: ", __progname); } -+ type = sshkey_type_from_name(key_types[i].key_type); ++ type = sshkey_type_from_shortname(key_types[i].key_type); + + /* Skip the keys that are not supported in FIPS mode */ + if (FIPS_mode() && (type == KEY_DSA || type == KEY_ED25519)) { @@ -561,7 +561,7 @@ diff -up openssh-8.6p1/ssh-keygen.c.fips openssh-8.6p1/ssh-keygen.c + printf("%s ", key_types[i].key_type_display); fflush(stdout); -- type = sshkey_type_from_name(key_types[i].key_type); +- type = sshkey_type_from_shortname(key_types[i].key_type); if ((fd = mkstemp(prv_tmp)) == -1) { error("Could not save your private key in %s: %s", prv_tmp, strerror(errno)); @@ -572,31 +572,31 @@ diff -up openssh-8.6p1/ssh-keygen.c.fips openssh-8.6p1/ssh-keygen.c - key_type_name = DEFAULT_KEY_TYPE_NAME; + key_type_name = FIPS_mode() ? FIPS_DEFAULT_KEY_TYPE_NAME : DEFAULT_KEY_TYPE_NAME; - type = sshkey_type_from_name(key_type_name); + type = sshkey_type_from_shortname(key_type_name); type_bits_valid(type, key_type_name, &bits); diff -up openssh-9.3p1/ssh-rsa.c.evpgenrsa openssh-9.3p1/ssh-rsa.c --- openssh-9.3p1/ssh-rsa.c.evpgenrsa 2022-06-30 15:14:58.200518353 +0200 +++ openssh-9.3p1/ssh-rsa.c 2022-06-30 15:24:31.499641196 +0200 @@ -33,6 +33,7 @@ + + #include #include - #include - #include +#include #include #include @@ -1705,6 +1707,8 @@ ssh_rsa_generate(u_int bits, RSA goto out; - - if (EVP_PKEY_keygen(ctx, &res) <= 0) { + } + if (EVP_PKEY_keygen(ctx, &res) <= 0 || res == NULL) { + if (FIPS_mode()) + logit_f("the key length might be unsupported by FIPS mode approved key generation method"); ret = SSH_ERR_LIBCRYPTO_ERROR; goto out; } -diff -up openssh-8.7p1/kexgen.c.fips3 openssh-8.7p1/kexgen.c ---- openssh-8.7p1/kexgen.c.fips3 2022-07-11 16:11:21.973519913 +0200 -+++ openssh-8.7p1/kexgen.c 2022-07-11 16:25:31.172187365 +0200 +diff -up openssh-9.9p1/kexgen.c.xxx openssh-9.9p1/kexgen.c +--- openssh-9.9p1/kexgen.c.xxx 2024-10-09 10:35:56.285946080 +0200 ++++ openssh-9.9p1/kexgen.c 2024-10-09 10:41:52.792597194 +0200 @@ -31,6 +31,7 @@ #include #include @@ -605,7 +605,7 @@ diff -up openssh-8.7p1/kexgen.c.fips3 openssh-8.7p1/kexgen.c #include "sshkey.h" #include "kex.h" -@@ -115,10 +116,20 @@ kex_gen_client(struct ssh *ssh) +@@ -115,13 +116,28 @@ kex_gen_client(struct ssh *ssh) break; #endif case KEX_C25519_SHA256: @@ -624,11 +624,20 @@ diff -up openssh-8.7p1/kexgen.c.fips3 openssh-8.7p1/kexgen.c + r = SSH_ERR_INVALID_ARGUMENT; + } else { + r = kex_kem_sntrup761x25519_keypair(kex); ++ } + break; + case KEX_KEM_MLKEM768X25519_SHA256: +- r = kex_kem_mlkem768x25519_keypair(kex); ++ if (FIPS_mode()) { ++ logit_f("Key exchange type mlkem768x25519 is not allowed in FIPS mode"); ++ r = SSH_ERR_INVALID_ARGUMENT; ++ } else { ++ r = kex_kem_mlkem768x25519_keypair(kex); + } break; default: r = SSH_ERR_INVALID_ARGUMENT; -@@ -186,11 +197,21 @@ input_kex_gen_reply(int type, u_int32_t +@@ -189,15 +205,30 @@ input_kex_gen_reply(int type, u_int32_t break; #endif case KEX_C25519_SHA256: @@ -649,11 +658,22 @@ diff -up openssh-8.7p1/kexgen.c.fips3 openssh-8.7p1/kexgen.c + } else { + r = kex_kem_sntrup761x25519_dec(kex, server_blob, + &shared_secret); ++ } + break; + case KEX_KEM_MLKEM768X25519_SHA256: +- r = kex_kem_mlkem768x25519_dec(kex, server_blob, +- &shared_secret); ++ if (FIPS_mode()) { ++ logit_f("Key exchange type mlkem768x25519 is not allowed in FIPS mode"); ++ r = SSH_ERR_INVALID_ARGUMENT; ++ } else { ++ r = kex_kem_mlkem768x25519_dec(kex, server_blob, ++ &shared_secret); + } break; default: r = SSH_ERR_INVALID_ARGUMENT; -@@ -285,12 +306,22 @@ input_kex_gen_init(int type, u_int32_t s +@@ -312,16 +343,31 @@ input_kex_gen_init(int type, u_int32_t s break; #endif case KEX_C25519_SHA256: @@ -676,6 +696,17 @@ diff -up openssh-8.7p1/kexgen.c.fips3 openssh-8.7p1/kexgen.c + } else { + r = kex_kem_sntrup761x25519_enc(kex, client_pubkey, + &server_pubkey, &shared_secret); ++ } + break; + case KEX_KEM_MLKEM768X25519_SHA256: +- r = kex_kem_mlkem768x25519_enc(kex, client_pubkey, +- &server_pubkey, &shared_secret); ++ if (FIPS_mode()) { ++ logit_f("Key exchange type mlkem768x25519 is not allowed in FIPS mode"); ++ r = SSH_ERR_INVALID_ARGUMENT; ++ } else { ++ r = kex_kem_mlkem768x25519_enc(kex, client_pubkey, ++ &server_pubkey, &shared_secret); + } break; default: @@ -713,3 +744,23 @@ diff -up openssh-8.7p1/ssh-ed25519.c.fips3 openssh-8.7p1/ssh-ed25519.c if ((b = sshbuf_from(sig, siglen)) == NULL) return SSH_ERR_ALLOC_FAIL; +diff -up openssh-9.9p1/kex.c.xxx openssh-9.9p1/kex.c +--- openssh-9.9p1/kex.c.xxx 2024-10-11 12:44:08.087426597 +0200 ++++ openssh-9.9p1/kex.c 2024-10-11 14:00:10.404714521 +0200 +@@ -40,6 +40,7 @@ + #ifdef WITH_OPENSSL + #include + #include ++#include + # ifdef HAVE_EVP_KDF_CTX_NEW + # include + # include +@@ -109,7 +110,7 @@ kex_proposal_populate_entries(struct ssh + + /* Append EXT_INFO signalling to KexAlgorithms */ + if (kexalgos == NULL) +- kexalgos = defprop[PROPOSAL_KEX_ALGS]; ++ kexalgos = FIPS_mode() ? KEX_DEFAULT_KEX_FIPS : defprop[PROPOSAL_KEX_ALGS]; + if ((cp = kex_names_cat(kexalgos, ssh->kex->server ? + "ext-info-s,kex-strict-s-v00@openssh.com" : + "ext-info-c,kex-strict-c-v00@openssh.com")) == NULL) diff --git a/openssh-8.0p1-crypto-policies.patch b/openssh-8.0p1-crypto-policies.patch index fd1e59d..a666c5c 100644 --- a/openssh-8.0p1-crypto-policies.patch +++ b/openssh-8.0p1-crypto-policies.patch @@ -166,8 +166,8 @@ diff --color -ru -x regress -x autom4te.cache -x '*.o' -x '*.lo' -x Makefile -x +.Pp Specifies the permitted KEX (Key Exchange) algorithms that will be used and their preference order. - The selected algorithm will the the first algorithm in this list that -@@ -1338,28 +1343,17 @@ Multiple algorithms must be comma-separa + The selected algorithm will be the first algorithm in this list that +@@ -1338,29 +1343,17 @@ Multiple algorithms must be comma-separa .Pp If the specified list begins with a .Sq + @@ -187,7 +187,8 @@ diff --color -ru -x regress -x autom4te.cache -x '*.o' -x '*.lo' -x Makefile -x -.Pp -The default is: -.Bd -literal -offset indent --sntrup761x25519-sha512@openssh.com, +-sntrup761x25519-sha512,sntrup761x25519-sha512@openssh.com, +-mlkem768x25519-sha256, -curve25519-sha256,curve25519-sha256@libssh.org, -ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521, -diffie-hellman-group-exchange-sha256, @@ -517,13 +518,14 @@ diff --color -ru -x regress -x autom4te.cache -x '*.o' -x '*.lo' -x Makefile -x .Pp The supported algorithms are: .Pp -@@ -1075,16 +1080,6 @@ ecdh-sha2-nistp521 +@@ -1075,17 +1080,6 @@ ecdh-sha2-nistp521 sntrup761x25519-sha512@openssh.com .El .Pp -The default is: -.Bd -literal -offset indent --sntrup761x25519-sha512@openssh.com, +-sntrup761x25519-sha512,sntrup761x25519-sha512@openssh.com, +-mlkem768x25519-sha256, -curve25519-sha256,curve25519-sha256@libssh.org, -ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521, -diffie-hellman-group-exchange-sha256, diff --git a/openssh-8.0p1-pkcs11-uri.patch b/openssh-8.0p1-pkcs11-uri.patch index 9931d92..bdc4722 100644 --- a/openssh-8.0p1-pkcs11-uri.patch +++ b/openssh-8.0p1-pkcs11-uri.patch @@ -1353,9 +1353,17 @@ diff -up openssh-9.6p1/ssh-pkcs11-client.c.pkcs11-uri openssh-9.6p1/ssh-pkcs11-c for (i = 0; i < nkeys; i++) { /* XXX clean up properly instead of fatal() */ if ((r = sshbuf_get_string(msg, &blob, &blen)) != 0 || -diff -up openssh-9.6p1/ssh-pkcs11.c.pkcs11-uri openssh-9.6p1/ssh-pkcs11.c ---- openssh-9.6p1/ssh-pkcs11.c.pkcs11-uri 2023-12-18 15:59:50.000000000 +0100 -+++ openssh-9.6p1/ssh-pkcs11.c 2024-01-12 14:28:09.170975480 +0100 +diff -up openssh-9.9p1/ssh-pkcs11.c.xxx openssh-9.9p1/ssh-pkcs11.c +--- openssh-9.9p1/ssh-pkcs11.c.xxx 2024-10-09 11:56:35.890126144 +0200 ++++ openssh-9.9p1/ssh-pkcs11.c 2024-10-09 11:56:48.528459585 +0200 +@@ -38,6 +38,7 @@ + #include + #include + #include ++#include + + #define CRYPTOKI_COMPAT + #include "pkcs11.h" @@ -55,8 +55,8 @@ struct pkcs11_slotinfo { int logged_in; }; @@ -1556,7 +1564,7 @@ diff -up openssh-9.6p1/ssh-pkcs11.c.pkcs11-uri openssh-9.6p1/ssh-pkcs11.c } static RSA_METHOD *rsa_method; -@@ -195,6 +286,56 @@ static EC_KEY_METHOD *ec_key_method; +@@ -195,6 +286,60 @@ static EC_KEY_METHOD *ec_key_method; static int ec_key_idx = 0; #endif /* OPENSSL_HAS_ECC && HAVE_EC_KEY_METHOD_NEW */ @@ -1573,13 +1581,17 @@ diff -up openssh-9.6p1/ssh-pkcs11.c.pkcs11-uri openssh-9.6p1/ssh-pkcs11.c + + /* sanity - is it a RSA key with associated app_data? */ + switch (key->type) { -+ case KEY_RSA: -+ k11 = RSA_get_ex_data(key->rsa, rsa_idx); ++ case KEY_RSA: { ++ const RSA *rsa = EVP_PKEY_get0_RSA(key->pkey); ++ k11 = RSA_get_ex_data(rsa, rsa_idx); + break; ++ } +#ifdef HAVE_EC_KEY_METHOD_NEW -+ case KEY_ECDSA: -+ k11 = EC_KEY_get_ex_data(key->ecdsa, ec_key_idx); ++ case KEY_ECDSA: { ++ const EC_KEY * ecdsa = EVP_PKEY_get0_EC_KEY(key->pkey); ++ k11 = EC_KEY_get_ex_data(ecdsa, ec_key_idx); + break; ++ } +#endif + default: + error("Unknown key type %d", key->type); @@ -1733,9 +1745,9 @@ diff -up openssh-9.6p1/ssh-pkcs11.c.pkcs11-uri openssh-9.6p1/ssh-pkcs11.c + k11->label[label_attrib->ulValueLen] = 0; + } + - RSA_set_method(rsa, rsa_method); - RSA_set_ex_data(rsa, rsa_idx, k11); - return (0); + if (RSA_set_method(rsa, rsa_method) != 1) + fatal_f("RSA_set_method failed"); + if (RSA_set_ex_data(rsa, rsa_idx, k11) != 1) @@ -532,8 +683,8 @@ ecdsa_do_sign(const unsigned char *dgst, return (NULL); } @@ -1766,9 +1778,9 @@ diff -up openssh-9.6p1/ssh-pkcs11.c.pkcs11-uri openssh-9.6p1/ssh-pkcs11.c + k11->label[label_attrib->ulValueLen] = 0; + } + - EC_KEY_set_method(ec, ec_key_method); - EC_KEY_set_ex_data(ec, ec_key_idx, k11); - + if (EC_KEY_set_method(ec, ec_key_method) != 1) + fatal_f("EC_KEY_set_method failed"); + if (EC_KEY_set_ex_data(ec, ec_key_idx, k11) != 1) @@ -622,7 +779,8 @@ pkcs11_ecdsa_wrap(struct pkcs11_provider } #endif /* OPENSSL_HAS_ECC && HAVE_EC_KEY_METHOD_NEW */ @@ -1895,7 +1907,7 @@ diff -up openssh-9.6p1/ssh-pkcs11.c.pkcs11-uri openssh-9.6p1/ssh-pkcs11.c key = sshkey_new(KEY_UNSPEC); @@ -810,7 +970,7 @@ pkcs11_fetch_ecdsa_pubkey(struct pkcs11_ - ec = NULL; /* now owned by key */ + key->flags |= SSHKEY_FLAG_EXT; fail: - for (i = 0; i < 3; i++) @@ -1979,7 +1991,7 @@ diff -up openssh-9.6p1/ssh-pkcs11.c.pkcs11-uri openssh-9.6p1/ssh-pkcs11.c key = sshkey_new(KEY_UNSPEC); @@ -905,7 +1067,7 @@ pkcs11_fetch_rsa_pubkey(struct pkcs11_pr - rsa = NULL; /* now owned by key */ + key->flags |= SSHKEY_FLAG_EXT; fail: - for (i = 0; i < 3; i++) diff --git a/openssh-8.7p1-audit-hostname.patch b/openssh-8.7p1-audit-hostname.patch deleted file mode 100644 index e450c00..0000000 --- a/openssh-8.7p1-audit-hostname.patch +++ /dev/null @@ -1,106 +0,0 @@ -diff --color -ruNp a/audit-linux.c b/audit-linux.c ---- a/audit-linux.c 2024-05-09 12:38:08.843017319 +0200 -+++ b/audit-linux.c 2024-05-09 12:47:05.162267634 +0200 -@@ -52,7 +52,7 @@ extern u_int utmp_len; - const char *audit_username(void); - - static void --linux_audit_user_logxxx(int uid, const char *username, -+linux_audit_user_logxxx(int uid, const char *username, const char *hostname, - const char *ip, const char *ttyn, int success, int event) - { - int audit_fd, rc, saved_errno; -@@ -66,7 +66,7 @@ linux_audit_user_logxxx(int uid, const c - } - rc = audit_log_acct_message(audit_fd, event, - NULL, "login", username ? username : "(unknown)", -- username == NULL ? uid : -1, NULL, ip, ttyn, success); -+ username == NULL ? uid : -1, hostname, ip, ttyn, success); - saved_errno = errno; - close(audit_fd); - -@@ -181,9 +181,11 @@ audit_run_command(struct ssh *ssh, const - { - if (!user_login_count++) - linux_audit_user_logxxx(the_authctxt->pw->pw_uid, NULL, -+ options.use_dns ? remote_hostname(ssh) : NULL, - ssh_remote_ipaddr(ssh), - "ssh", 1, AUDIT_USER_LOGIN); - linux_audit_user_logxxx(the_authctxt->pw->pw_uid, NULL, -+ options.use_dns ? remote_hostname(ssh) : NULL, - ssh_remote_ipaddr(ssh), - "ssh", 1, AUDIT_USER_START); - return 0; -@@ -193,10 +195,12 @@ void - audit_end_command(struct ssh *ssh, int handle, const char *command) - { - linux_audit_user_logxxx(the_authctxt->pw->pw_uid, NULL, -+ options.use_dns ? remote_hostname(ssh) : NULL, - ssh_remote_ipaddr(ssh), - "ssh", 1, AUDIT_USER_END); - if (user_login_count && !--user_login_count) - linux_audit_user_logxxx(the_authctxt->pw->pw_uid, NULL, -+ options.use_dns ? remote_hostname(ssh) : NULL, - ssh_remote_ipaddr(ssh), - "ssh", 1, AUDIT_USER_LOGOUT); - } -@@ -211,19 +215,27 @@ void - audit_session_open(struct logininfo *li) - { - if (!user_login_count++) -- linux_audit_user_logxxx(li->uid, NULL, li->hostname, -+ linux_audit_user_logxxx(li->uid, NULL, -+ options.use_dns ? li->hostname : NULL, -+ options.use_dns ? NULL : li->hostname, - li->line, 1, AUDIT_USER_LOGIN); -- linux_audit_user_logxxx(li->uid, NULL, li->hostname, -+ linux_audit_user_logxxx(li->uid, NULL, -+ options.use_dns ? li->hostname : NULL, -+ options.use_dns ? NULL : li->hostname, - li->line, 1, AUDIT_USER_START); - } - - void - audit_session_close(struct logininfo *li) - { -- linux_audit_user_logxxx(li->uid, NULL, li->hostname, -+ linux_audit_user_logxxx(li->uid, NULL, -+ options.use_dns ? li->hostname : NULL, -+ options.use_dns ? NULL : li->hostname, - li->line, 1, AUDIT_USER_END); - if (user_login_count && !--user_login_count) -- linux_audit_user_logxxx(li->uid, NULL, li->hostname, -+ linux_audit_user_logxxx(li->uid, NULL, -+ options.use_dns ? li->hostname : NULL, -+ options.use_dns ? NULL : li->hostname, - li->line, 1, AUDIT_USER_LOGOUT); - } - -@@ -236,6 +248,7 @@ audit_event(struct ssh *ssh, ssh_audit_e - linux_audit_user_auth(-1, audit_username(), - ssh_remote_ipaddr(ssh), "ssh", 0, event); - linux_audit_user_logxxx(-1, audit_username(), -+ options.use_dns ? remote_hostname(ssh) : NULL, - ssh_remote_ipaddr(ssh), "ssh", 0, AUDIT_USER_LOGIN); - break; - case SSH_AUTH_FAIL_PASSWD: -@@ -254,9 +267,11 @@ audit_event(struct ssh *ssh, ssh_audit_e - if (user_login_count) { - while (user_login_count--) - linux_audit_user_logxxx(the_authctxt->pw->pw_uid, NULL, -+ options.use_dns ? remote_hostname(ssh) : NULL, - ssh_remote_ipaddr(ssh), - "ssh", 1, AUDIT_USER_END); - linux_audit_user_logxxx(the_authctxt->pw->pw_uid, NULL, -+ options.use_dns ? remote_hostname(ssh) : NULL, - ssh_remote_ipaddr(ssh), - "ssh", 1, AUDIT_USER_LOGOUT); - } -@@ -265,6 +280,7 @@ audit_event(struct ssh *ssh, ssh_audit_e - case SSH_CONNECTION_ABANDON: - case SSH_INVALID_USER: - linux_audit_user_logxxx(-1, audit_username(), -+ options.use_dns ? remote_hostname(ssh) : NULL, - ssh_remote_ipaddr(ssh), "ssh", 0, AUDIT_USER_LOGIN); - break; - default: diff --git a/openssh-8.7p1-nohostsha1proof.patch b/openssh-8.7p1-nohostsha1proof.patch index abc6aa4..dae0932 100644 --- a/openssh-8.7p1-nohostsha1proof.patch +++ b/openssh-8.7p1-nohostsha1proof.patch @@ -94,47 +94,6 @@ diff -up openssh-8.7p1/monitor.c.sshrsacheck openssh-8.7p1/monitor.c is_proof ? "hostkey proof" : "KEX", siglen); sshbuf_reset(m); -diff -up openssh-8.7p1/regress/cert-userkey.sh.sshrsacheck openssh-8.7p1/regress/cert-userkey.sh ---- openssh-8.7p1/regress/cert-userkey.sh.sshrsacheck 2023-01-25 14:26:52.885963113 +0100 -+++ openssh-8.7p1/regress/cert-userkey.sh 2023-01-25 14:27:25.757219800 +0100 -@@ -7,7 +7,8 @@ rm -f $OBJ/authorized_keys_$USER $OBJ/us - cp $OBJ/sshd_proxy $OBJ/sshd_proxy_bak - cp $OBJ/ssh_proxy $OBJ/ssh_proxy_bak - --PLAIN_TYPES=`$SSH -Q key-plain | maybe_filter_sk | sed 's/^ssh-dss/ssh-dsa/;s/^ssh-//'` -+#ssh-dss keys are incompatible with DEFAULT crypto policy -+PLAIN_TYPES=`$SSH -Q key-plain | maybe_filter_sk | grep -v 'ssh-dss' | sed 's/^ssh-dss/ssh-dsa/;s/^ssh-//'` - EXTRA_TYPES="" - rsa="" - -diff -up openssh-8.7p1/regress/Makefile.sshrsacheck openssh-8.7p1/regress/Makefile ---- openssh-8.7p1/regress/Makefile.sshrsacheck 2023-01-20 13:07:54.169676051 +0100 -+++ openssh-8.7p1/regress/Makefile 2023-01-20 13:07:54.290677074 +0100 -@@ -2,7 +2,8 @@ - - tests: prep file-tests t-exec unit - --REGRESS_TARGETS= t1 t2 t3 t4 t5 t6 t7 t8 t9 t10 t11 t12 -+#ssh-dss tests will not pass on DEFAULT crypto-policy because of SHA1, skipping -+REGRESS_TARGETS= t1 t2 t3 t4 t5 t7 t8 t9 t10 t11 t12 - - # File based tests - file-tests: $(REGRESS_TARGETS) -diff -up openssh-8.7p1/regress/test-exec.sh.sshrsacheck openssh-8.7p1/regress/test-exec.sh ---- openssh-8.7p1/regress/test-exec.sh.sshrsacheck 2023-01-25 14:24:54.778040819 +0100 -+++ openssh-8.7p1/regress/test-exec.sh 2023-01-25 14:26:39.500858590 +0100 -@@ -581,8 +581,9 @@ maybe_filter_sk() { - fi - } - --SSH_KEYTYPES=`$SSH -Q key-plain | maybe_filter_sk` --SSH_HOSTKEY_TYPES=`$SSH -Q key-plain | maybe_filter_sk` -+#ssh-dss keys are incompatible with DEFAULT crypto policy -+SSH_KEYTYPES=`$SSH -Q key-plain | maybe_filter_sk | grep -v 'ssh-dss'` -+SSH_HOSTKEY_TYPES=`$SSH -Q key-plain | maybe_filter_sk | grep -v 'ssh-dss'` - - for t in ${SSH_KEYTYPES}; do - # generate user key diff -up openssh-8.7p1/regress/unittests/kex/test_kex.c.sshrsacheck openssh-8.7p1/regress/unittests/kex/test_kex.c --- openssh-8.7p1/regress/unittests/kex/test_kex.c.sshrsacheck 2023-01-26 13:34:52.645743677 +0100 +++ openssh-8.7p1/regress/unittests/kex/test_kex.c 2023-01-26 13:36:56.220745823 +0100 diff --git a/openssh-9.0p1-audit-log.patch b/openssh-9.0p1-audit-log.patch index fbf5094..ae9550f 100644 --- a/openssh-9.0p1-audit-log.patch +++ b/openssh-9.0p1-audit-log.patch @@ -52,9 +52,27 @@ diff -up openssh-9.0p1/audit.h.patch openssh-9.0p1/audit.h void audit_key(struct ssh *, int, int *, const struct sshkey *); void audit_unsupported(struct ssh *, int); void audit_kex(struct ssh *, int, char *, char *, char *, char *); -diff -up openssh-9.0p1/audit-linux.c.patch openssh-9.0p1/audit-linux.c ---- openssh-9.0p1/audit-linux.c.patch 2022-10-24 15:02:16.544858331 +0200 -+++ openssh-9.0p1/audit-linux.c 2022-10-24 15:21:58.165303951 +0200 +diff -up openssh-9.9p1/audit-linux.c.xxx openssh-9.9p1/audit-linux.c +--- openssh-9.9p1/audit-linux.c.xxx 2024-10-15 11:49:48.092151974 +0200 ++++ openssh-9.9p1/audit-linux.c 2024-10-15 12:08:17.179158343 +0200 +@@ -52,7 +52,7 @@ extern u_int utmp_len; + const char *audit_username(void); + + static void +-linux_audit_user_logxxx(int uid, const char *username, ++linux_audit_user_logxxx(int uid, const char *username, const char *hostname, + const char *ip, const char *ttyn, int success, int event) + { + int audit_fd, rc, saved_errno; +@@ -66,7 +66,7 @@ linux_audit_user_logxxx(int uid, const c + } + rc = audit_log_acct_message(audit_fd, event, + NULL, "login", username ? username : "(unknown)", +- username == NULL ? uid : -1, NULL, ip, ttyn, success); ++ username == NULL ? uid : -1, hostname, ip, ttyn, success); + saved_errno = errno; + close(audit_fd); + @@ -137,10 +137,12 @@ fatal_report: } @@ -117,3 +135,112 @@ diff -up openssh-9.0p1/audit-linux.c.patch openssh-9.0p1/audit-linux.c out: saved_errno = errno; audit_close(audit_fd); +@@ -179,26 +211,34 @@ audit_connection_from(const char *host, + int + audit_run_command(struct ssh *ssh, const char *command) + { ++ char * audit_hostname = options.use_dns ? remote_hostname(ssh) : NULL; + if (!user_login_count++) + linux_audit_user_logxxx(the_authctxt->pw->pw_uid, NULL, ++ audit_hostname, + ssh_remote_ipaddr(ssh), + "ssh", 1, AUDIT_USER_LOGIN); + linux_audit_user_logxxx(the_authctxt->pw->pw_uid, NULL, ++ audit_hostname, + ssh_remote_ipaddr(ssh), + "ssh", 1, AUDIT_USER_START); ++ free(audit_hostname); + return 0; + } + + void + audit_end_command(struct ssh *ssh, int handle, const char *command) + { ++ char * audit_hostname = options.use_dns ? remote_hostname(ssh) : NULL; + linux_audit_user_logxxx(the_authctxt->pw->pw_uid, NULL, ++ audit_hostname, + ssh_remote_ipaddr(ssh), + "ssh", 1, AUDIT_USER_END); + if (user_login_count && !--user_login_count) + linux_audit_user_logxxx(the_authctxt->pw->pw_uid, NULL, ++ audit_hostname, + ssh_remote_ipaddr(ssh), + "ssh", 1, AUDIT_USER_LOGOUT); ++ free(audit_hostname); + } + + void +@@ -211,31 +251,41 @@ void + audit_session_open(struct logininfo *li) + { + if (!user_login_count++) +- linux_audit_user_logxxx(li->uid, NULL, li->hostname, ++ linux_audit_user_logxxx(li->uid, NULL, ++ options.use_dns ? li->hostname : NULL, ++ options.use_dns ? NULL : li->hostname, + li->line, 1, AUDIT_USER_LOGIN); +- linux_audit_user_logxxx(li->uid, NULL, li->hostname, ++ linux_audit_user_logxxx(li->uid, NULL, ++ options.use_dns ? li->hostname : NULL, ++ options.use_dns ? NULL : li->hostname, + li->line, 1, AUDIT_USER_START); + } + + void + audit_session_close(struct logininfo *li) + { +- linux_audit_user_logxxx(li->uid, NULL, li->hostname, ++ linux_audit_user_logxxx(li->uid, NULL, ++ options.use_dns ? li->hostname : NULL, ++ options.use_dns ? NULL : li->hostname, + li->line, 1, AUDIT_USER_END); + if (user_login_count && !--user_login_count) +- linux_audit_user_logxxx(li->uid, NULL, li->hostname, ++ linux_audit_user_logxxx(li->uid, NULL, ++ options.use_dns ? li->hostname : NULL, ++ options.use_dns ? NULL : li->hostname, + li->line, 1, AUDIT_USER_LOGOUT); + } + + void + audit_event(struct ssh *ssh, ssh_audit_event_t event) + { ++ char * audit_hostname = options.use_dns ? remote_hostname(ssh) : NULL; ++ + switch(event) { + case SSH_NOLOGIN: + case SSH_LOGIN_ROOT_DENIED: + linux_audit_user_auth(-1, audit_username(), + ssh_remote_ipaddr(ssh), "ssh", 0, event); +- linux_audit_user_logxxx(-1, audit_username(), ++ linux_audit_user_logxxx(-1, audit_username(), audit_hostname, + ssh_remote_ipaddr(ssh), "ssh", 0, AUDIT_USER_LOGIN); + break; + case SSH_AUTH_FAIL_PASSWD: +@@ -255,9 +305,11 @@ audit_event(struct ssh *ssh, ssh_audit_e + if (user_login_count) { + while (user_login_count--) + linux_audit_user_logxxx(the_authctxt->pw->pw_uid, NULL, ++ audit_hostname, + ssh_remote_ipaddr(ssh), + "ssh", 1, AUDIT_USER_END); + linux_audit_user_logxxx(the_authctxt->pw->pw_uid, NULL, ++ audit_hostname, + ssh_remote_ipaddr(ssh), + "ssh", 1, AUDIT_USER_LOGOUT); + } +@@ -266,12 +318,14 @@ audit_event(struct ssh *ssh, ssh_audit_e + case SSH_CONNECTION_ABANDON: + case SSH_INVALID_USER: + linux_audit_user_logxxx(-1, audit_username(), ++ audit_hostname, + ssh_remote_ipaddr(ssh), "ssh", 0, AUDIT_USER_LOGIN); + break; + default: + debug("%s: unhandled event %d", __func__, event); + break; + } ++ free(audit_hostname); + } + + void diff --git a/openssh-9.0p1-evp-fips-ecdh.patch b/openssh-9.0p1-evp-fips-ecdh.patch deleted file mode 100644 index 0313c6f..0000000 --- a/openssh-9.0p1-evp-fips-ecdh.patch +++ /dev/null @@ -1,207 +0,0 @@ -diff --color -ru -x regress -x autom4te.cache -x '*.o' -x '*.lo' -x Makefile -x config.status -x configure~ -x configure.ac ../openssh-8.7p1/kexecdh.c ./kexecdh.c ---- ../openssh-8.7p1/kexecdh.c 2021-08-20 06:03:49.000000000 +0200 -+++ ./kexecdh.c 2023-04-13 14:30:14.882449593 +0200 -@@ -35,17 +35,57 @@ - #include - - #include -+#include -+#include -+#include -+#include - - #include "sshkey.h" - #include "kex.h" - #include "sshbuf.h" - #include "digest.h" - #include "ssherr.h" -+#include "log.h" - - static int - kex_ecdh_dec_key_group(struct kex *, const struct sshbuf *, EC_KEY *key, - const EC_GROUP *, struct sshbuf **); - -+static EC_KEY * -+generate_ec_keys(int ec_nid) -+{ -+ EC_KEY *client_key = NULL; -+ EVP_PKEY *pkey = NULL; -+ EVP_PKEY_CTX *ctx = NULL; -+ OSSL_PARAM_BLD *param_bld = NULL; -+ OSSL_PARAM *params = NULL; -+ const char *group_name; -+ -+ if ((ctx = EVP_PKEY_CTX_new_from_name(NULL, "EC", NULL)) == NULL || -+ (param_bld = OSSL_PARAM_BLD_new()) == NULL) -+ goto out; -+ if ((group_name = OSSL_EC_curve_nid2name(ec_nid)) == NULL || -+ OSSL_PARAM_BLD_push_utf8_string(param_bld, -+ OSSL_PKEY_PARAM_GROUP_NAME, group_name, 0) != 1 || -+ (params = OSSL_PARAM_BLD_to_param(param_bld)) == NULL) { -+ error_f("Could not create OSSL_PARAM"); -+ goto out; -+ } -+ if (EVP_PKEY_keygen_init(ctx) != 1 || -+ EVP_PKEY_CTX_set_params(ctx, params) != 1 || -+ EVP_PKEY_generate(ctx, &pkey) != 1 || -+ (client_key = EVP_PKEY_get1_EC_KEY(pkey)) == NULL) { -+ error_f("Could not generate ec keys"); -+ goto out; -+ } -+out: -+ EVP_PKEY_free(pkey); -+ EVP_PKEY_CTX_free(ctx); -+ OSSL_PARAM_BLD_free(param_bld); -+ OSSL_PARAM_free(params); -+ return client_key; -+} -+ - int - kex_ecdh_keypair(struct kex *kex) - { -@@ -55,11 +95,7 @@ - struct sshbuf *buf = NULL; - int r; - -- if ((client_key = EC_KEY_new_by_curve_name(kex->ec_nid)) == NULL) { -- r = SSH_ERR_ALLOC_FAIL; -- goto out; -- } -- if (EC_KEY_generate_key(client_key) != 1) { -+ if ((client_key = generate_ec_keys(kex->ec_nid)) == NULL) { - r = SSH_ERR_LIBCRYPTO_ERROR; - goto out; - } -@@ -101,11 +137,7 @@ - *server_blobp = NULL; - *shared_secretp = NULL; - -- if ((server_key = EC_KEY_new_by_curve_name(kex->ec_nid)) == NULL) { -- r = SSH_ERR_ALLOC_FAIL; -- goto out; -- } -- if (EC_KEY_generate_key(server_key) != 1) { -+ if ((server_key = generate_ec_keys(kex->ec_nid)) == NULL) { - r = SSH_ERR_LIBCRYPTO_ERROR; - goto out; - } -@@ -140,11 +172,21 @@ - { - struct sshbuf *buf = NULL; - BIGNUM *shared_secret = NULL; -- EC_POINT *dh_pub = NULL; -- u_char *kbuf = NULL; -- size_t klen = 0; -+ EVP_PKEY_CTX *ctx = NULL; -+ EVP_PKEY *pkey = NULL, *dh_pkey = NULL; -+ OSSL_PARAM_BLD *param_bld = NULL; -+ OSSL_PARAM *params = NULL; -+ u_char *kbuf = NULL, *pub = NULL; -+ size_t klen = 0, publen; -+ const char *group_name; - int r; - -+ /* import EC_KEY to EVP_PKEY */ -+ if ((r = ssh_create_evp_ec(key, kex->ec_nid, &pkey)) != 0) { -+ error_f("Could not create EVP_PKEY"); -+ goto out; -+ } -+ - *shared_secretp = NULL; - - if ((buf = sshbuf_new()) == NULL) { -@@ -153,45 +195,82 @@ - } - if ((r = sshbuf_put_stringb(buf, ec_blob)) != 0) - goto out; -- if ((dh_pub = EC_POINT_new(group)) == NULL) { -+ -+ /* the public key is in the buffer in octet string UNCOMPRESSED -+ * format. See sshbuf_put_ec */ -+ if ((r = sshbuf_get_string(buf, &pub, &publen)) != 0) -+ goto out; -+ sshbuf_reset(buf); -+ if ((ctx = EVP_PKEY_CTX_new_from_pkey(NULL, pkey, NULL)) == NULL || -+ (param_bld = OSSL_PARAM_BLD_new()) == NULL) { - r = SSH_ERR_ALLOC_FAIL; - goto out; - } -- if ((r = sshbuf_get_ec(buf, dh_pub, group)) != 0) { -+ if ((group_name = OSSL_EC_curve_nid2name(kex->ec_nid)) == NULL) { -+ r = SSH_ERR_LIBCRYPTO_ERROR; -+ goto out; -+ } -+ if (OSSL_PARAM_BLD_push_octet_string(param_bld, -+ OSSL_PKEY_PARAM_PUB_KEY, pub, publen) != 1 || -+ OSSL_PARAM_BLD_push_utf8_string(param_bld, -+ OSSL_PKEY_PARAM_GROUP_NAME, group_name, 0) != 1 || -+ (params = OSSL_PARAM_BLD_to_param(param_bld)) == NULL) { -+ error_f("Failed to set params for dh_pkey"); -+ r = SSH_ERR_LIBCRYPTO_ERROR; -+ goto out; -+ } -+ if (EVP_PKEY_fromdata_init(ctx) != 1 || -+ EVP_PKEY_fromdata(ctx, &dh_pkey, -+ EVP_PKEY_PUBLIC_KEY, params) != 1 || -+ EVP_PKEY_public_check(ctx) != 1) { -+ error_f("Peer public key import failed"); -+ r = SSH_ERR_LIBCRYPTO_ERROR; - goto out; - } -- sshbuf_reset(buf); - - #ifdef DEBUG_KEXECDH - fputs("public key:\n", stderr); -- sshkey_dump_ec_point(group, dh_pub); -+ EVP_PKEY_print_public_fp(stderr, dh_pkey, 0, NULL); - #endif -- if (sshkey_ec_validate_public(group, dh_pub) != 0) { -- r = SSH_ERR_MESSAGE_INCOMPLETE; -+ EVP_PKEY_CTX_free(ctx); -+ ctx = NULL; -+ if ((ctx = EVP_PKEY_CTX_new_from_pkey(NULL, pkey, NULL)) == NULL || -+ EVP_PKEY_derive_init(ctx) != 1 || -+ EVP_PKEY_derive_set_peer(ctx, dh_pkey) != 1 || -+ EVP_PKEY_derive(ctx, NULL, &klen) != 1) { -+ error_f("Failed to get derive information"); -+ r = SSH_ERR_LIBCRYPTO_ERROR; - goto out; - } -- klen = (EC_GROUP_get_degree(group) + 7) / 8; -- if ((kbuf = malloc(klen)) == NULL || -- (shared_secret = BN_new()) == NULL) { -+ if ((kbuf = malloc(klen)) == NULL) { - r = SSH_ERR_ALLOC_FAIL; - goto out; - } -- if (ECDH_compute_key(kbuf, klen, dh_pub, key, NULL) != (int)klen || -- BN_bin2bn(kbuf, klen, shared_secret) == NULL) { -+ if (EVP_PKEY_derive(ctx, kbuf, &klen) != 1) { - r = SSH_ERR_LIBCRYPTO_ERROR; - goto out; - } - #ifdef DEBUG_KEXECDH - dump_digest("shared secret", kbuf, klen); - #endif -+ if ((shared_secret = BN_new()) == NULL || -+ (BN_bin2bn(kbuf, klen, shared_secret) == NULL)) { -+ r = SSH_ERR_ALLOC_FAIL; -+ goto out; -+ } - if ((r = sshbuf_put_bignum2(buf, shared_secret)) != 0) - goto out; - *shared_secretp = buf; - buf = NULL; - out: -- EC_POINT_clear_free(dh_pub); -+ EVP_PKEY_CTX_free(ctx); -+ EVP_PKEY_free(pkey); -+ EVP_PKEY_free(dh_pkey); -+ OSSL_PARAM_BLD_free(param_bld); -+ OSSL_PARAM_free(params); - BN_clear_free(shared_secret); - freezero(kbuf, klen); -+ freezero(pub, publen); - sshbuf_free(buf); - return r; - } diff --git a/openssh-9.0p1-evp-fips-dh.patch b/openssh-9.0p1-evp-fips-kex.patch similarity index 50% rename from openssh-9.0p1-evp-fips-dh.patch rename to openssh-9.0p1-evp-fips-kex.patch index 8c70197..36fd1cf 100644 --- a/openssh-9.0p1-evp-fips-dh.patch +++ b/openssh-9.0p1-evp-fips-kex.patch @@ -128,7 +128,7 @@ diff --color -ru -x regress -x autom4te.cache -x '*.o' -x '*.lo' -x Makefile -x diff --color -ru -x regress -x autom4te.cache -x '*.o' -x '*.lo' -x Makefile -x config.status -x configure~ -x configure.ac openssh-9.0p1/kex.c openssh-9.0p1-patched/kex.c --- openssh-9.0p1/kex.c 2023-05-25 09:24:28.731868327 +0200 +++ openssh-9.0p1-patched/kex.c 2023-05-25 09:23:44.841379532 +0200 -@@ -1623,3 +1623,47 @@ +@@ -1623,3 +1623,142 @@ return r; } @@ -137,6 +137,101 @@ diff --color -ru -x regress -x autom4te.cache -x '*.o' -x '*.lo' -x Makefile -x + * Creates an EVP_PKEY from the given parameters and keys. + * The private key can be omitted. + */ ++EVP_PKEY * ++sshkey_create_evp(OSSL_PARAM_BLD *param_bld, EVP_PKEY_CTX *ctx) ++{ ++ EVP_PKEY *ret = NULL; ++ OSSL_PARAM *params = NULL; ++ if (param_bld == NULL || ctx == NULL) { ++ debug2_f("param_bld or ctx is NULL"); ++ return NULL; ++ } ++ if ((params = OSSL_PARAM_BLD_to_param(param_bld)) == NULL) { ++ debug2_f("Could not build param list"); ++ return NULL; ++ } ++ if (EVP_PKEY_fromdata_init(ctx) != 1 || ++ EVP_PKEY_fromdata(ctx, &ret, EVP_PKEY_KEYPAIR, params) != 1) { ++ debug2_f("EVP_PKEY_fromdata failed"); ++ OSSL_PARAM_free(params); ++ return NULL; ++ } ++ return ret; ++} ++ ++int ++kex_create_evp_ec(EC_KEY *k, int ecdsa_nid, EVP_PKEY **pkey) ++{ ++ OSSL_PARAM_BLD *param_bld = NULL; ++ EVP_PKEY_CTX *ctx = NULL; ++ BN_CTX *bn_ctx = NULL; ++ uint8_t *pub_ser = NULL; ++ const char *group_name; ++ const EC_POINT *pub = NULL; ++ const BIGNUM *priv = NULL; ++ int ret = 0; ++ ++ if (k == NULL) ++ return SSH_ERR_INVALID_ARGUMENT; ++ if ((ctx = EVP_PKEY_CTX_new_from_name(NULL, "EC", NULL)) == NULL || ++ (param_bld = OSSL_PARAM_BLD_new()) == NULL || ++ (bn_ctx = BN_CTX_new()) == NULL) { ++ ret = SSH_ERR_ALLOC_FAIL; ++ goto out; ++ } ++ ++ if ((group_name = OSSL_EC_curve_nid2name(ecdsa_nid)) == NULL || ++ OSSL_PARAM_BLD_push_utf8_string(param_bld, ++ OSSL_PKEY_PARAM_GROUP_NAME, ++ group_name, ++ strlen(group_name)) != 1) { ++ ret = SSH_ERR_LIBCRYPTO_ERROR; ++ goto out; ++ } ++ if ((pub = EC_KEY_get0_public_key(k)) != NULL) { ++ const EC_GROUP *group; ++ size_t len; ++ ++ group = EC_KEY_get0_group(k); ++ len = EC_POINT_point2oct(group, pub, ++ POINT_CONVERSION_UNCOMPRESSED, NULL, 0, NULL); ++ if ((pub_ser = malloc(len)) == NULL) { ++ ret = SSH_ERR_ALLOC_FAIL; ++ goto out; ++ } ++ EC_POINT_point2oct(group, ++ pub, ++ POINT_CONVERSION_UNCOMPRESSED, ++ pub_ser, ++ len, ++ bn_ctx); ++ if (OSSL_PARAM_BLD_push_octet_string(param_bld, ++ OSSL_PKEY_PARAM_PUB_KEY, ++ pub_ser, ++ len) != 1) { ++ ret = SSH_ERR_LIBCRYPTO_ERROR; ++ goto out; ++ } ++ } ++ if ((priv = EC_KEY_get0_private_key(k)) != NULL && ++ OSSL_PARAM_BLD_push_BN(param_bld, ++ OSSL_PKEY_PARAM_PRIV_KEY, priv) != 1) { ++ ret = SSH_ERR_LIBCRYPTO_ERROR; ++ goto out; ++ } ++ if ((*pkey = sshkey_create_evp(param_bld, ctx)) == NULL) { ++ ret = SSH_ERR_LIBCRYPTO_ERROR; ++ goto out; ++ } ++ ++out: ++ OSSL_PARAM_BLD_free(param_bld); ++ EVP_PKEY_CTX_free(ctx); ++ BN_CTX_free(bn_ctx); ++ free(pub_ser); ++ return ret; ++} ++ +int +kex_create_evp_dh(EVP_PKEY **pkey, const BIGNUM *p, const BIGNUM *q, + const BIGNUM *g, const BIGNUM *pub, const BIGNUM *priv) @@ -281,12 +376,220 @@ diff --color -ru -x regress -x autom4te.cache -x '*.o' -x '*.lo' -x Makefile -x # ifdef OPENSSL_HAS_ECC # include # else /* OPENSSL_HAS_ECC */ -@@ -283,6 +286,8 @@ +@@ -283,6 +286,9@@ const u_char pub[CURVE25519_SIZE], struct sshbuf *out, int) __attribute__((__bounded__(__minbytes__, 1, CURVE25519_SIZE))) __attribute__((__bounded__(__minbytes__, 2, CURVE25519_SIZE))); +int kex_create_evp_dh(EVP_PKEY **, const BIGNUM *, const BIGNUM *, + const BIGNUM *, const BIGNUM *, const BIGNUM *); ++int kex_create_evp_ec(EC_KEY *k, int ecdsa_nid, EVP_PKEY **pkey); #if defined(DEBUG_KEX) || defined(DEBUG_KEXDH) || defined(DEBUG_KEXECDH) void dump_digest(const char *, const u_char *, int); +diff --color -ru -x regress -x autom4te.cache -x '*.o' -x '*.lo' -x Makefile -x config.status -x configure~ -x configure.ac ../openssh-8.7p1/kexecdh.c ./kexecdh.c +--- ../openssh-8.7p1/kexecdh.c 2021-08-20 06:03:49.000000000 +0200 ++++ ./kexecdh.c 2023-04-13 14:30:14.882449593 +0200 +@@ -35,17 +35,57 @@ + #include + + #include ++#include ++#include ++#include ++#include + + #include "sshkey.h" + #include "kex.h" + #include "sshbuf.h" + #include "digest.h" + #include "ssherr.h" ++#include "log.h" + + static int + kex_ecdh_dec_key_group(struct kex *, const struct sshbuf *, EC_KEY *key, + const EC_GROUP *, struct sshbuf **); + ++static EC_KEY * ++generate_ec_keys(int ec_nid) ++{ ++ EC_KEY *client_key = NULL; ++ EVP_PKEY *pkey = NULL; ++ EVP_PKEY_CTX *ctx = NULL; ++ OSSL_PARAM_BLD *param_bld = NULL; ++ OSSL_PARAM *params = NULL; ++ const char *group_name; ++ ++ if ((ctx = EVP_PKEY_CTX_new_from_name(NULL, "EC", NULL)) == NULL || ++ (param_bld = OSSL_PARAM_BLD_new()) == NULL) ++ goto out; ++ if ((group_name = OSSL_EC_curve_nid2name(ec_nid)) == NULL || ++ OSSL_PARAM_BLD_push_utf8_string(param_bld, ++ OSSL_PKEY_PARAM_GROUP_NAME, group_name, 0) != 1 || ++ (params = OSSL_PARAM_BLD_to_param(param_bld)) == NULL) { ++ error_f("Could not create OSSL_PARAM"); ++ goto out; ++ } ++ if (EVP_PKEY_keygen_init(ctx) != 1 || ++ EVP_PKEY_CTX_set_params(ctx, params) != 1 || ++ EVP_PKEY_generate(ctx, &pkey) != 1 || ++ (client_key = EVP_PKEY_get1_EC_KEY(pkey)) == NULL) { ++ error_f("Could not generate ec keys"); ++ goto out; ++ } ++out: ++ EVP_PKEY_free(pkey); ++ EVP_PKEY_CTX_free(ctx); ++ OSSL_PARAM_BLD_free(param_bld); ++ OSSL_PARAM_free(params); ++ return client_key; ++} ++ + int + kex_ecdh_keypair(struct kex *kex) + { +@@ -55,11 +95,7 @@ + struct sshbuf *buf = NULL; + int r; + +- if ((client_key = EC_KEY_new_by_curve_name(kex->ec_nid)) == NULL) { +- r = SSH_ERR_ALLOC_FAIL; +- goto out; +- } +- if (EC_KEY_generate_key(client_key) != 1) { ++ if ((client_key = generate_ec_keys(kex->ec_nid)) == NULL) { + r = SSH_ERR_LIBCRYPTO_ERROR; + goto out; + } +@@ -101,11 +137,7 @@ + *server_blobp = NULL; + *shared_secretp = NULL; + +- if ((server_key = EC_KEY_new_by_curve_name(kex->ec_nid)) == NULL) { +- r = SSH_ERR_ALLOC_FAIL; +- goto out; +- } +- if (EC_KEY_generate_key(server_key) != 1) { ++ if ((server_key = generate_ec_keys(kex->ec_nid)) == NULL) { + r = SSH_ERR_LIBCRYPTO_ERROR; + goto out; + } +@@ -140,11 +172,21 @@ + { + struct sshbuf *buf = NULL; + BIGNUM *shared_secret = NULL; +- EC_POINT *dh_pub = NULL; +- u_char *kbuf = NULL; +- size_t klen = 0; ++ EVP_PKEY_CTX *ctx = NULL; ++ EVP_PKEY *pkey = NULL, *dh_pkey = NULL; ++ OSSL_PARAM_BLD *param_bld = NULL; ++ OSSL_PARAM *params = NULL; ++ u_char *kbuf = NULL, *pub = NULL; ++ size_t klen = 0, publen; ++ const char *group_name; + int r; + ++ /* import EC_KEY to EVP_PKEY */ ++ if ((r = kex_create_evp_ec(key, kex->ec_nid, &pkey)) != 0) { ++ error_f("Could not create EVP_PKEY"); ++ goto out; ++ } ++ + *shared_secretp = NULL; + + if ((buf = sshbuf_new()) == NULL) { +@@ -153,45 +195,82 @@ + } + if ((r = sshbuf_put_stringb(buf, ec_blob)) != 0) + goto out; +- if ((dh_pub = EC_POINT_new(group)) == NULL) { ++ ++ /* the public key is in the buffer in octet string UNCOMPRESSED ++ * format. See sshbuf_put_ec */ ++ if ((r = sshbuf_get_string(buf, &pub, &publen)) != 0) ++ goto out; ++ sshbuf_reset(buf); ++ if ((ctx = EVP_PKEY_CTX_new_from_pkey(NULL, pkey, NULL)) == NULL || ++ (param_bld = OSSL_PARAM_BLD_new()) == NULL) { + r = SSH_ERR_ALLOC_FAIL; + goto out; + } +- if ((r = sshbuf_get_ec(buf, dh_pub, group)) != 0) { ++ if ((group_name = OSSL_EC_curve_nid2name(kex->ec_nid)) == NULL) { ++ r = SSH_ERR_LIBCRYPTO_ERROR; ++ goto out; ++ } ++ if (OSSL_PARAM_BLD_push_octet_string(param_bld, ++ OSSL_PKEY_PARAM_PUB_KEY, pub, publen) != 1 || ++ OSSL_PARAM_BLD_push_utf8_string(param_bld, ++ OSSL_PKEY_PARAM_GROUP_NAME, group_name, 0) != 1 || ++ (params = OSSL_PARAM_BLD_to_param(param_bld)) == NULL) { ++ error_f("Failed to set params for dh_pkey"); ++ r = SSH_ERR_LIBCRYPTO_ERROR; ++ goto out; ++ } ++ if (EVP_PKEY_fromdata_init(ctx) != 1 || ++ EVP_PKEY_fromdata(ctx, &dh_pkey, ++ EVP_PKEY_PUBLIC_KEY, params) != 1 || ++ EVP_PKEY_public_check(ctx) != 1) { ++ error_f("Peer public key import failed"); ++ r = SSH_ERR_LIBCRYPTO_ERROR; + goto out; + } +- sshbuf_reset(buf); + + #ifdef DEBUG_KEXECDH + fputs("public key:\n", stderr); +- sshkey_dump_ec_point(group, dh_pub); ++ EVP_PKEY_print_public_fp(stderr, dh_pkey, 0, NULL); + #endif +- if (sshkey_ec_validate_public(group, dh_pub) != 0) { +- r = SSH_ERR_MESSAGE_INCOMPLETE; ++ EVP_PKEY_CTX_free(ctx); ++ ctx = NULL; ++ if ((ctx = EVP_PKEY_CTX_new_from_pkey(NULL, pkey, NULL)) == NULL || ++ EVP_PKEY_derive_init(ctx) != 1 || ++ EVP_PKEY_derive_set_peer(ctx, dh_pkey) != 1 || ++ EVP_PKEY_derive(ctx, NULL, &klen) != 1) { ++ error_f("Failed to get derive information"); ++ r = SSH_ERR_LIBCRYPTO_ERROR; + goto out; + } +- klen = (EC_GROUP_get_degree(group) + 7) / 8; +- if ((kbuf = malloc(klen)) == NULL || +- (shared_secret = BN_new()) == NULL) { ++ if ((kbuf = malloc(klen)) == NULL) { + r = SSH_ERR_ALLOC_FAIL; + goto out; + } +- if (ECDH_compute_key(kbuf, klen, dh_pub, key, NULL) != (int)klen || +- BN_bin2bn(kbuf, klen, shared_secret) == NULL) { ++ if (EVP_PKEY_derive(ctx, kbuf, &klen) != 1) { + r = SSH_ERR_LIBCRYPTO_ERROR; + goto out; + } + #ifdef DEBUG_KEXECDH + dump_digest("shared secret", kbuf, klen); + #endif ++ if ((shared_secret = BN_new()) == NULL || ++ (BN_bin2bn(kbuf, klen, shared_secret) == NULL)) { ++ r = SSH_ERR_ALLOC_FAIL; ++ goto out; ++ } + if ((r = sshbuf_put_bignum2(buf, shared_secret)) != 0) + goto out; + *shared_secretp = buf; + buf = NULL; + out: +- EC_POINT_clear_free(dh_pub); ++ EVP_PKEY_CTX_free(ctx); ++ EVP_PKEY_free(pkey); ++ EVP_PKEY_free(dh_pkey); ++ OSSL_PARAM_BLD_free(param_bld); ++ OSSL_PARAM_free(params); + BN_clear_free(shared_secret); + freezero(kbuf, klen); ++ freezero(pub, publen); + sshbuf_free(buf); + return r; + } diff --git a/openssh-9.3p1-merged-openssl-evp.patch b/openssh-9.3p1-merged-openssl-evp.patch deleted file mode 100644 index 6a30485..0000000 --- a/openssh-9.3p1-merged-openssl-evp.patch +++ /dev/null @@ -1,1237 +0,0 @@ -diff --color -ru -x regress -x autom4te.cache -x '*.o' -x '*.lo' -x Makefile -x config.status -x configure~ -x configure.ac openssh-9.3p1/digest.h openssh-9.3p1-patched/digest.h ---- openssh-9.3p1/digest.h 2023-03-15 22:28:19.000000000 +0100 -+++ openssh-9.3p1-patched/digest.h 2023-06-06 15:52:25.602551466 +0200 -@@ -32,6 +32,12 @@ - struct sshbuf; - struct ssh_digest_ctx; - -+#ifdef WITH_OPENSSL -+#include -+/* Converts internal digest representation to the OpenSSL one */ -+const EVP_MD *ssh_digest_to_md(int digest_type); -+#endif -+ - /* Looks up a digest algorithm by name */ - int ssh_digest_alg_by_name(const char *name); - -diff --color -ru -x regress -x autom4te.cache -x '*.o' -x '*.lo' -x Makefile -x config.status -x configure~ -x configure.ac openssh-9.3p1/digest-openssl.c openssh-9.3p1-patched/digest-openssl.c ---- openssh-9.3p1/digest-openssl.c 2023-03-15 22:28:19.000000000 +0100 -+++ openssh-9.3p1-patched/digest-openssl.c 2023-06-06 15:52:25.601551454 +0200 -@@ -64,6 +64,22 @@ - { -1, NULL, 0, NULL }, - }; - -+const EVP_MD * -+ssh_digest_to_md(int digest_type) -+{ -+ switch (digest_type) { -+ case SSH_DIGEST_SHA1: -+ return EVP_sha1(); -+ case SSH_DIGEST_SHA256: -+ return EVP_sha256(); -+ case SSH_DIGEST_SHA384: -+ return EVP_sha384(); -+ case SSH_DIGEST_SHA512: -+ return EVP_sha512(); -+ } -+ return NULL; -+} -+ - static const struct ssh_digest * - ssh_digest_by_alg(int alg) - { -diff --color -ru -x regress -x autom4te.cache -x '*.o' -x '*.lo' -x Makefile -x config.status -x configure~ -x configure.ac openssh-9.3p1/ssh-dss.c openssh-9.3p1-patched/ssh-dss.c ---- openssh-9.3p1/ssh-dss.c 2023-03-15 22:28:19.000000000 +0100 -+++ openssh-9.3p1-patched/ssh-dss.c 2023-06-06 15:52:25.624551743 +0200 -@@ -32,6 +32,8 @@ - #include - #include - #include -+#include -+#include - - #include - #include -@@ -261,11 +263,15 @@ - const u_char *data, size_t datalen, - const char *alg, const char *sk_provider, const char *sk_pin, u_int compat) - { -+ EVP_PKEY *pkey = NULL; - DSA_SIG *sig = NULL; - const BIGNUM *sig_r, *sig_s; -- u_char digest[SSH_DIGEST_MAX_LENGTH], sigblob[SIGBLOB_LEN]; -- size_t rlen, slen, len, dlen = ssh_digest_bytes(SSH_DIGEST_SHA1); -+ u_char sigblob[SIGBLOB_LEN]; -+ size_t rlen, slen; -+ int len; - struct sshbuf *b = NULL; -+ u_char *sigb = NULL; -+ const u_char *psig = NULL; - int ret = SSH_ERR_INVALID_ARGUMENT; - - if (lenp != NULL) -@@ -276,17 +282,23 @@ - if (key == NULL || key->dsa == NULL || - sshkey_type_plain(key->type) != KEY_DSA) - return SSH_ERR_INVALID_ARGUMENT; -- if (dlen == 0) -- return SSH_ERR_INTERNAL_ERROR; - -- if ((ret = ssh_digest_memory(SSH_DIGEST_SHA1, data, datalen, -- digest, sizeof(digest))) != 0) -+ if ((ret = ssh_create_evp_dss(key, &pkey)) != 0) -+ return ret; -+ ret = sshkey_calculate_signature(pkey, SSH_DIGEST_SHA1, &sigb, &len, -+ data, datalen); -+ EVP_PKEY_free(pkey); -+ if (ret < 0) { - goto out; -+ } - -- if ((sig = DSA_do_sign(digest, dlen, key->dsa)) == NULL) { -+ psig = sigb; -+ if ((sig = d2i_DSA_SIG(NULL, &psig, len)) == NULL) { - ret = SSH_ERR_LIBCRYPTO_ERROR; - goto out; - } -+ free(sigb); -+ sigb = NULL; - - DSA_SIG_get0(sig, &sig_r, &sig_s); - rlen = BN_num_bytes(sig_r); -@@ -319,7 +331,7 @@ - *lenp = len; - ret = 0; - out: -- explicit_bzero(digest, sizeof(digest)); -+ free(sigb); - DSA_SIG_free(sig); - sshbuf_free(b); - return ret; -@@ -331,20 +343,20 @@ - const u_char *data, size_t dlen, const char *alg, u_int compat, - struct sshkey_sig_details **detailsp) - { -+ EVP_PKEY *pkey = NULL; - DSA_SIG *dsig = NULL; - BIGNUM *sig_r = NULL, *sig_s = NULL; -- u_char digest[SSH_DIGEST_MAX_LENGTH], *sigblob = NULL; -- size_t len, hlen = ssh_digest_bytes(SSH_DIGEST_SHA1); -+ u_char *sigblob = NULL; -+ size_t len, slen; - int ret = SSH_ERR_INTERNAL_ERROR; - struct sshbuf *b = NULL; - char *ktype = NULL; -+ u_char *sigb = NULL, *psig = NULL; - - if (key == NULL || key->dsa == NULL || - sshkey_type_plain(key->type) != KEY_DSA || - sig == NULL || siglen == 0) - return SSH_ERR_INVALID_ARGUMENT; -- if (hlen == 0) -- return SSH_ERR_INTERNAL_ERROR; - - /* fetch signature */ - if ((b = sshbuf_from(sig, siglen)) == NULL) -@@ -386,25 +398,28 @@ - } - sig_r = sig_s = NULL; /* transferred */ - -- /* sha1 the data */ -- if ((ret = ssh_digest_memory(SSH_DIGEST_SHA1, data, dlen, -- digest, sizeof(digest))) != 0) -+ if ((slen = i2d_DSA_SIG(dsig, NULL)) == 0) { -+ ret = SSH_ERR_LIBCRYPTO_ERROR; - goto out; -- -- switch (DSA_do_verify(digest, hlen, dsig, key->dsa)) { -- case 1: -- ret = 0; -- break; -- case 0: -- ret = SSH_ERR_SIGNATURE_INVALID; -+ } -+ if ((sigb = malloc(slen)) == NULL) { -+ ret = SSH_ERR_ALLOC_FAIL; - goto out; -- default: -+ } -+ psig = sigb; -+ if ((slen = i2d_DSA_SIG(dsig, &psig)) == 0) { - ret = SSH_ERR_LIBCRYPTO_ERROR; - goto out; - } - -+ if ((ret = ssh_create_evp_dss(key, &pkey)) != 0) -+ goto out; -+ ret = sshkey_verify_signature(pkey, SSH_DIGEST_SHA1, data, dlen, -+ sigb, slen); -+ EVP_PKEY_free(pkey); -+ - out: -- explicit_bzero(digest, sizeof(digest)); -+ free(sigb); - DSA_SIG_free(dsig); - BN_clear_free(sig_r); - BN_clear_free(sig_s); -@@ -415,6 +430,65 @@ - return ret; - } - -+int -+ssh_create_evp_dss(const struct sshkey *k, EVP_PKEY **pkey) -+{ -+ OSSL_PARAM_BLD *param_bld = NULL; -+ EVP_PKEY_CTX *ctx = NULL; -+ const BIGNUM *p = NULL, *q = NULL, *g = NULL, *pub = NULL, *priv = NULL; -+ int ret = 0; -+ -+ if (k == NULL) -+ return SSH_ERR_INVALID_ARGUMENT; -+ if ((ctx = EVP_PKEY_CTX_new_from_name(NULL, "DSA", NULL)) == NULL || -+ (param_bld = OSSL_PARAM_BLD_new()) == NULL) { -+ ret = SSH_ERR_ALLOC_FAIL; -+ goto out; -+ } -+ -+ DSA_get0_pqg(k->dsa, &p, &q, &g); -+ DSA_get0_key(k->dsa, &pub, &priv); -+ -+ if (p != NULL && -+ OSSL_PARAM_BLD_push_BN(param_bld, OSSL_PKEY_PARAM_FFC_P, p) != 1) { -+ ret = SSH_ERR_LIBCRYPTO_ERROR; -+ goto out; -+ } -+ if (q != NULL && -+ OSSL_PARAM_BLD_push_BN(param_bld, OSSL_PKEY_PARAM_FFC_Q, q) != 1) { -+ ret = SSH_ERR_LIBCRYPTO_ERROR; -+ goto out; -+ } -+ if (g != NULL && -+ OSSL_PARAM_BLD_push_BN(param_bld, OSSL_PKEY_PARAM_FFC_G, g) != 1) { -+ ret = SSH_ERR_LIBCRYPTO_ERROR; -+ goto out; -+ } -+ if (pub != NULL && -+ OSSL_PARAM_BLD_push_BN(param_bld, -+ OSSL_PKEY_PARAM_PUB_KEY, -+ pub) != 1) { -+ ret = SSH_ERR_LIBCRYPTO_ERROR; -+ goto out; -+ } -+ if (priv != NULL && -+ OSSL_PARAM_BLD_push_BN(param_bld, -+ OSSL_PKEY_PARAM_PRIV_KEY, -+ priv) != 1) { -+ ret = SSH_ERR_LIBCRYPTO_ERROR; -+ goto out; -+ } -+ if ((*pkey = sshkey_create_evp(param_bld, ctx)) == NULL) { -+ ret = SSH_ERR_LIBCRYPTO_ERROR; -+ goto out; -+ } -+ -+out: -+ OSSL_PARAM_BLD_free(param_bld); -+ EVP_PKEY_CTX_free(ctx); -+ return ret; -+} -+ - static const struct sshkey_impl_funcs sshkey_dss_funcs = { - /* .size = */ ssh_dss_size, - /* .alloc = */ ssh_dss_alloc, -diff --color -ru -x regress -x autom4te.cache -x '*.o' -x '*.lo' -x Makefile -x config.status -x configure~ -x configure.ac openssh-9.3p1/ssh-ecdsa.c openssh-9.3p1-patched/ssh-ecdsa.c ---- openssh-9.3p1/ssh-ecdsa.c 2023-03-15 22:28:19.000000000 +0100 -+++ openssh-9.3p1-patched/ssh-ecdsa.c 2023-06-06 15:52:25.626551768 +0200 -@@ -34,6 +34,8 @@ - #include - #include - #include -+#include -+#include - - #include - -@@ -44,6 +44,9 @@ - #include "digest.h" - #define SSHKEY_INTERNAL - #include "sshkey.h" -+#ifdef ENABLE_PKCS11 -+#include "ssh-pkcs11.h" -+#endif - - #include "openbsd-compat/openssl-compat.h" - -@@ -126,19 +128,29 @@ - static int - ssh_ecdsa_generate(struct sshkey *k, int bits) - { -- EC_KEY *private; -+ EVP_PKEY_CTX *ctx = NULL; -+ EVP_PKEY *res = NULL; - - if ((k->ecdsa_nid = sshkey_ecdsa_bits_to_nid(bits)) == -1) - return SSH_ERR_KEY_LENGTH; -- if ((private = EC_KEY_new_by_curve_name(k->ecdsa_nid)) == NULL) -+ -+ if ((ctx = EVP_PKEY_CTX_new_from_name(NULL, "EC", NULL)) == NULL) - return SSH_ERR_ALLOC_FAIL; -- if (EC_KEY_generate_key(private) != 1) { -- EC_KEY_free(private); -+ -+ if (EVP_PKEY_keygen_init(ctx) <= 0 || EVP_PKEY_CTX_set_group_name(ctx, OBJ_nid2sn(k->ecdsa_nid)) <= 0 -+ || EVP_PKEY_keygen(ctx, &res) <= 0) { -+ EVP_PKEY_CTX_free(ctx); -+ EVP_PKEY_free(res); - return SSH_ERR_LIBCRYPTO_ERROR; - } -- EC_KEY_set_asn1_flag(private, OPENSSL_EC_NAMED_CURVE); -- k->ecdsa = private; -- return 0; -+ /* This function is deprecated in OpenSSL 3.0 but OpenSSH doesn't worry about it*/ -+ k->ecdsa = EVP_PKEY_get1_EC_KEY(res); -+ if (k->ecdsa) -+ EC_KEY_set_asn1_flag(k->ecdsa, OPENSSL_EC_NAMED_CURVE); -+ -+ EVP_PKEY_CTX_free(ctx); -+ EVP_PKEY_free(res); -+ return (k->ecdsa) ? 0 : SSH_ERR_LIBCRYPTO_ERROR; - } - - static int -@@ -228,11 +240,13 @@ - const u_char *data, size_t dlen, - const char *alg, const char *sk_provider, const char *sk_pin, u_int compat) - { -+ EVP_PKEY *pkey = NULL; - ECDSA_SIG *esig = NULL; -+ unsigned char *sigb = NULL; -+ const unsigned char *psig; - const BIGNUM *sig_r, *sig_s; - int hash_alg; -- u_char digest[SSH_DIGEST_MAX_LENGTH]; -- size_t len, hlen; -+ int len; - struct sshbuf *b = NULL, *bb = NULL; - int ret = SSH_ERR_INTERNAL_ERROR; - -@@ -245,18 +259,33 @@ - sshkey_type_plain(key->type) != KEY_ECDSA) - return SSH_ERR_INVALID_ARGUMENT; - -- if ((hash_alg = sshkey_ec_nid_to_hash_alg(key->ecdsa_nid)) == -1 || -- (hlen = ssh_digest_bytes(hash_alg)) == 0) -+ if ((hash_alg = sshkey_ec_nid_to_hash_alg(key->ecdsa_nid)) == -1) - return SSH_ERR_INTERNAL_ERROR; -- if ((ret = ssh_digest_memory(hash_alg, data, dlen, -- digest, sizeof(digest))) != 0) -+ -+#ifdef ENABLE_PKCS11 -+ if (is_ecdsa_pkcs11(key->ecdsa)) { -+ if ((pkey = EVP_PKEY_new()) == NULL || -+ EVP_PKEY_set1_EC_KEY(pkey, key->ecdsa) != 1) -+ return SSH_ERR_ALLOC_FAIL; -+ } else { -+#endif -+ if ((ret = ssh_create_evp_ec(key->ecdsa, key->ecdsa_nid, &pkey)) != 0) -+ return ret; -+#ifdef ENABLE_PKCS11 -+ } -+#endif -+ ret = sshkey_calculate_signature(pkey, hash_alg, &sigb, &len, data, -+ dlen); -+ EVP_PKEY_free(pkey); -+ if (ret < 0) { - goto out; -+ } - -- if ((esig = ECDSA_do_sign(digest, hlen, key->ecdsa)) == NULL) { -+ psig = sigb; -+ if (d2i_ECDSA_SIG(&esig, &psig, len) == NULL) { - ret = SSH_ERR_LIBCRYPTO_ERROR; - goto out; - } -- - if ((bb = sshbuf_new()) == NULL || (b = sshbuf_new()) == NULL) { - ret = SSH_ERR_ALLOC_FAIL; - goto out; -@@ -280,7 +309,7 @@ - *lenp = len; - ret = 0; - out: -- explicit_bzero(digest, sizeof(digest)); -+ free(sigb); - sshbuf_free(b); - sshbuf_free(bb); - ECDSA_SIG_free(esig); -@@ -293,22 +322,21 @@ - const u_char *data, size_t dlen, const char *alg, u_int compat, - struct sshkey_sig_details **detailsp) - { -+ EVP_PKEY *pkey = NULL; - ECDSA_SIG *esig = NULL; - BIGNUM *sig_r = NULL, *sig_s = NULL; -- int hash_alg; -- u_char digest[SSH_DIGEST_MAX_LENGTH]; -- size_t hlen; -+ int hash_alg, len; - int ret = SSH_ERR_INTERNAL_ERROR; - struct sshbuf *b = NULL, *sigbuf = NULL; - char *ktype = NULL; -+ unsigned char *sigb = NULL, *psig = NULL; - - if (key == NULL || key->ecdsa == NULL || - sshkey_type_plain(key->type) != KEY_ECDSA || - sig == NULL || siglen == 0) - return SSH_ERR_INVALID_ARGUMENT; - -- if ((hash_alg = sshkey_ec_nid_to_hash_alg(key->ecdsa_nid)) == -1 || -- (hlen = ssh_digest_bytes(hash_alg)) == 0) -+ if ((hash_alg = sshkey_ec_nid_to_hash_alg(key->ecdsa_nid)) == -1) - return SSH_ERR_INTERNAL_ERROR; - - /* fetch signature */ -@@ -344,28 +372,33 @@ - } - sig_r = sig_s = NULL; /* transferred */ - -- if (sshbuf_len(sigbuf) != 0) { -- ret = SSH_ERR_UNEXPECTED_TRAILING_DATA; -+ /* Figure out the length */ -+ if ((len = i2d_ECDSA_SIG(esig, NULL)) == 0) { -+ ret = SSH_ERR_LIBCRYPTO_ERROR; - goto out; - } -- if ((ret = ssh_digest_memory(hash_alg, data, dlen, -- digest, sizeof(digest))) != 0) -- goto out; -- -- switch (ECDSA_do_verify(digest, hlen, esig, key->ecdsa)) { -- case 1: -- ret = 0; -- break; -- case 0: -- ret = SSH_ERR_SIGNATURE_INVALID; -+ if ((sigb = malloc(len)) == NULL) { -+ ret = SSH_ERR_ALLOC_FAIL; - goto out; -- default: -+ } -+ psig = sigb; -+ if ((len = i2d_ECDSA_SIG(esig, &psig)) == 0) { - ret = SSH_ERR_LIBCRYPTO_ERROR; - goto out; - } - -+ if (sshbuf_len(sigbuf) != 0) { -+ ret = SSH_ERR_UNEXPECTED_TRAILING_DATA; -+ goto out; -+ } -+ -+ if (ssh_create_evp_ec(key->ecdsa, key->ecdsa_nid, &pkey) != 0) -+ goto out; -+ ret = sshkey_verify_signature(pkey, hash_alg, data, dlen, sigb, len); -+ EVP_PKEY_free(pkey); -+ - out: -- explicit_bzero(digest, sizeof(digest)); -+ free(sigb); - sshbuf_free(sigbuf); - sshbuf_free(b); - ECDSA_SIG_free(esig); -@@ -375,6 +408,79 @@ - return ret; - } - -+int -+ssh_create_evp_ec(EC_KEY *k, int ecdsa_nid, EVP_PKEY **pkey) -+{ -+ OSSL_PARAM_BLD *param_bld = NULL; -+ EVP_PKEY_CTX *ctx = NULL; -+ BN_CTX *bn_ctx = NULL; -+ uint8_t *pub_ser = NULL; -+ const char *group_name; -+ const EC_POINT *pub = NULL; -+ const BIGNUM *priv = NULL; -+ int ret = 0; -+ -+ if (k == NULL) -+ return SSH_ERR_INVALID_ARGUMENT; -+ if ((ctx = EVP_PKEY_CTX_new_from_name(NULL, "EC", NULL)) == NULL || -+ (param_bld = OSSL_PARAM_BLD_new()) == NULL || -+ (bn_ctx = BN_CTX_new()) == NULL) { -+ ret = SSH_ERR_ALLOC_FAIL; -+ goto out; -+ } -+ -+ if ((group_name = OSSL_EC_curve_nid2name(ecdsa_nid)) == NULL || -+ OSSL_PARAM_BLD_push_utf8_string(param_bld, -+ OSSL_PKEY_PARAM_GROUP_NAME, -+ group_name, -+ strlen(group_name)) != 1) { -+ ret = SSH_ERR_LIBCRYPTO_ERROR; -+ goto out; -+ } -+ if ((pub = EC_KEY_get0_public_key(k)) != NULL) { -+ const EC_GROUP *group; -+ size_t len; -+ -+ group = EC_KEY_get0_group(k); -+ len = EC_POINT_point2oct(group, pub, -+ POINT_CONVERSION_UNCOMPRESSED, NULL, 0, NULL); -+ if ((pub_ser = malloc(len)) == NULL) { -+ ret = SSH_ERR_ALLOC_FAIL; -+ goto out; -+ } -+ EC_POINT_point2oct(group, -+ pub, -+ POINT_CONVERSION_UNCOMPRESSED, -+ pub_ser, -+ len, -+ bn_ctx); -+ if (OSSL_PARAM_BLD_push_octet_string(param_bld, -+ OSSL_PKEY_PARAM_PUB_KEY, -+ pub_ser, -+ len) != 1) { -+ ret = SSH_ERR_LIBCRYPTO_ERROR; -+ goto out; -+ } -+ } -+ if ((priv = EC_KEY_get0_private_key(k)) != NULL && -+ OSSL_PARAM_BLD_push_BN(param_bld, -+ OSSL_PKEY_PARAM_PRIV_KEY, priv) != 1) { -+ ret = SSH_ERR_LIBCRYPTO_ERROR; -+ goto out; -+ } -+ if ((*pkey = sshkey_create_evp(param_bld, ctx)) == NULL) { -+ ret = SSH_ERR_LIBCRYPTO_ERROR; -+ goto out; -+ } -+ -+out: -+ OSSL_PARAM_BLD_free(param_bld); -+ EVP_PKEY_CTX_free(ctx); -+ BN_CTX_free(bn_ctx); -+ free(pub_ser); -+ return ret; -+} -+ - /* NB. not static; used by ECDSA-SK */ - const struct sshkey_impl_funcs sshkey_ecdsa_funcs = { - /* .size = */ ssh_ecdsa_size, -diff --color -ru -x regress -x autom4te.cache -x '*.o' -x '*.lo' -x Makefile -x config.status -x configure~ -x configure.ac openssh-9.3p1/sshkey.c openssh-9.3p1-patched/sshkey.c ---- openssh-9.3p1/sshkey.c 2023-06-06 15:53:36.608444190 +0200 -+++ openssh-9.3p1-patched/sshkey.c 2023-06-06 15:52:25.625551756 +0200 -@@ -34,6 +34,8 @@ - #include - #include - #include -+#include -+#include - #endif - - #include "crypto_api.h" -@@ -575,6 +577,86 @@ - } - - #ifdef WITH_OPENSSL -+int -+sshkey_calculate_signature(EVP_PKEY *pkey, int hash_alg, u_char **sigp, -+ int *lenp, const u_char *data, size_t datalen) -+{ -+ EVP_MD_CTX *ctx = NULL; -+ u_char *sig = NULL; -+ int ret, slen; -+ size_t len; -+ -+ if (sigp == NULL || lenp == NULL) { -+ return SSH_ERR_INVALID_ARGUMENT; -+ } -+ -+ slen = EVP_PKEY_get_size(pkey); -+ if (slen <= 0 || slen > SSHBUF_MAX_BIGNUM) -+ return SSH_ERR_INVALID_ARGUMENT; -+ -+ len = slen; -+ if ((sig = malloc(slen)) == NULL) { -+ return SSH_ERR_ALLOC_FAIL; -+ } -+ -+ if ((ctx = EVP_MD_CTX_new()) == NULL) { -+ ret = SSH_ERR_ALLOC_FAIL; -+ goto error; -+ } -+ if (EVP_DigestSignInit(ctx, NULL, ssh_digest_to_md(hash_alg), -+ NULL, pkey) != 1 || -+ EVP_DigestSignUpdate(ctx, data, datalen) != 1 || -+ EVP_DigestSignFinal(ctx, sig, &len) != 1) { -+ ret = SSH_ERR_LIBCRYPTO_ERROR; -+ goto error; -+ } -+ -+ *sigp = sig; -+ *lenp = len; -+ /* Now owned by the caller */ -+ sig = NULL; -+ ret = 0; -+ -+error: -+ EVP_MD_CTX_free(ctx); -+ free(sig); -+ return ret; -+} -+ -+int -+sshkey_verify_signature(EVP_PKEY *pkey, int hash_alg, const u_char *data, -+ size_t datalen, u_char *sigbuf, int siglen) -+{ -+ EVP_MD_CTX *ctx = NULL; -+ int ret; -+ -+ if ((ctx = EVP_MD_CTX_new()) == NULL) { -+ return SSH_ERR_ALLOC_FAIL; -+ } -+ if (EVP_DigestVerifyInit(ctx, NULL, ssh_digest_to_md(hash_alg), -+ NULL, pkey) != 1 || -+ EVP_DigestVerifyUpdate(ctx, data, datalen) != 1) { -+ ret = SSH_ERR_LIBCRYPTO_ERROR; -+ goto done; -+ } -+ ret = EVP_DigestVerifyFinal(ctx, sigbuf, siglen); -+ switch (ret) { -+ case 1: -+ ret = 0; -+ break; -+ case 0: -+ ret = SSH_ERR_SIGNATURE_INVALID; -+ break; -+ default: -+ ret = SSH_ERR_LIBCRYPTO_ERROR; -+ break; -+ } -+ -+done: -+ EVP_MD_CTX_free(ctx); -+ return ret; -+} -+ - /* XXX: these are really begging for a table-driven approach */ - int - sshkey_curve_name_to_nid(const char *name) -@@ -3763,3 +3845,27 @@ - return 0; - } - #endif /* WITH_XMSS */ -+ -+#ifdef WITH_OPENSSL -+EVP_PKEY * -+sshkey_create_evp(OSSL_PARAM_BLD *param_bld, EVP_PKEY_CTX *ctx) -+{ -+ EVP_PKEY *ret = NULL; -+ OSSL_PARAM *params = NULL; -+ if (param_bld == NULL || ctx == NULL) { -+ debug2_f("param_bld or ctx is NULL"); -+ return NULL; -+ } -+ if ((params = OSSL_PARAM_BLD_to_param(param_bld)) == NULL) { -+ debug2_f("Could not build param list"); -+ return NULL; -+ } -+ if (EVP_PKEY_fromdata_init(ctx) != 1 || -+ EVP_PKEY_fromdata(ctx, &ret, EVP_PKEY_KEYPAIR, params) != 1) { -+ debug2_f("EVP_PKEY_fromdata failed"); -+ OSSL_PARAM_free(params); -+ return NULL; -+ } -+ return ret; -+} -+#endif /* WITH_OPENSSL */ -diff --color -ru -x regress -x autom4te.cache -x '*.o' -x '*.lo' -x Makefile -x config.status -x configure~ -x configure.ac openssh-9.3p1/sshkey.h openssh-9.3p1-patched/sshkey.h ---- openssh-9.3p1/sshkey.h 2023-06-06 15:53:36.608444190 +0200 -+++ openssh-9.3p1-patched/sshkey.h 2023-06-06 15:52:25.626551768 +0200 -@@ -31,6 +31,9 @@ - #ifdef WITH_OPENSSL - #include - #include -+#include -+#include -+#include - # ifdef OPENSSL_HAS_ECC - # include - # include -@@ -266,6 +266,10 @@ - const char *sshkey_ssh_name_plain(const struct sshkey *); - int sshkey_names_valid2(const char *, int, int); - char *sshkey_alg_list(int, int, int, char); -+int sshkey_calculate_signature(EVP_PKEY*, int, u_char **, -+ int *, const u_char *, size_t); -+int sshkey_verify_signature(EVP_PKEY *, int, const u_char *, -+ size_t, u_char *, int); - - int sshkey_from_blob(const u_char *, size_t, struct sshkey **); - int sshkey_fromb(struct sshbuf *, struct sshkey **); -@@ -324,6 +331,13 @@ - - void sshkey_sig_details_free(struct sshkey_sig_details *); - -+#ifdef WITH_OPENSSL -+EVP_PKEY *sshkey_create_evp(OSSL_PARAM_BLD *, EVP_PKEY_CTX *); -+int ssh_create_evp_dss(const struct sshkey *, EVP_PKEY **); -+int ssh_create_evp_rsa(const struct sshkey *, EVP_PKEY **); -+int ssh_create_evp_ec(EC_KEY *, int, EVP_PKEY **); -+#endif /* WITH_OPENSSL */ -+ - #ifdef SSHKEY_INTERNAL - int sshkey_sk_fields_equal(const struct sshkey *a, const struct sshkey *b); - void sshkey_sk_cleanup(struct sshkey *k); -@@ -338,6 +352,10 @@ - #endif - #endif - -+#ifdef ENABLE_PKCS11 -+int pkcs11_get_ecdsa_idx(void); -+#endif -+ - #if !defined(WITH_OPENSSL) - # undef RSA - # undef DSA -diff --git a/ssh-pkcs11.c b/ssh-pkcs11.c ---- a/ssh-pkcs11.c (revision 8241b9c0529228b4b86d88b1a6076fb9f97e4a99) -+++ b/ssh-pkcs11.c (date 1703110934679) -@@ -620,8 +620,24 @@ - - return (0); - } -+ -+int -+is_ecdsa_pkcs11(EC_KEY *ecdsa) -+{ -+ if (EC_KEY_get_ex_data(ecdsa, ec_key_idx) != NULL) -+ return 1; -+ return 0; -+} - #endif /* OPENSSL_HAS_ECC && HAVE_EC_KEY_METHOD_NEW */ - -+int -+is_rsa_pkcs11(RSA *rsa) -+{ -+ if (RSA_get_ex_data(rsa, rsa_idx) != NULL) -+ return 1; -+ return 0; -+} -+ - /* remove trailing spaces. Note, that this does NOT guarantee the buffer - * will be null terminated if there are no trailing spaces! */ - static char * -diff --git a/ssh-pkcs11-client.c b/ssh-pkcs11-client.c ---- a/ssh-pkcs11-client.c (revision 8241b9c0529228b4b86d88b1a6076fb9f97e4a99) -+++ b/ssh-pkcs11-client.c (date 1703110830967) -@@ -402,8 +402,36 @@ - if (helper->nrsa == 0 && helper->nec == 0) - helper_terminate(helper); - } -+ -+int -+is_ecdsa_pkcs11(EC_KEY *ecdsa) -+{ -+ const EC_KEY_METHOD *meth; -+ ECDSA_SIG *(*sign_sig)(const unsigned char *dgst, int dgstlen, -+ const BIGNUM *kinv, const BIGNUM *rp, EC_KEY *eckey) = NULL; -+ -+ meth = EC_KEY_get_method(ecdsa); -+ EC_KEY_METHOD_get_sign(meth, NULL, NULL, &sign_sig); -+ if (sign_sig == ecdsa_do_sign) -+ return 1; -+ return 0; -+} - #endif /* defined(OPENSSL_HAS_ECC) && defined(HAVE_EC_KEY_METHOD_NEW) */ - -+int -+is_rsa_pkcs11(RSA *rsa) -+{ -+ const RSA_METHOD *meth; -+ int (*priv_enc)(int flen, const unsigned char *from, -+ unsigned char *to, RSA *rsa, int padding) = NULL; -+ -+ meth = RSA_get_method(rsa); -+ priv_enc = RSA_meth_get_priv_enc(meth); -+ if (priv_enc == rsa_encrypt) -+ return 1; -+ return 0; -+} -+ - /* redirect private key crypto operations to the ssh-pkcs11-helper */ - static void - wrap_key(struct helper *helper, struct sshkey *k) -diff --git a/ssh-pkcs11.h b/ssh-pkcs11.h ---- a/ssh-pkcs11.h (revision 8241b9c0529228b4b86d88b1a6076fb9f97e4a99) -+++ b/ssh-pkcs11.h (date 1703111023334) -@@ -38,6 +38,12 @@ - /* Only available in ssh-pkcs11-client.c so far */ - int pkcs11_make_cert(const struct sshkey *, - const struct sshkey *, struct sshkey **); -+ -+#ifdef HAVE_EC_KEY_METHOD_NEW -+int is_ecdsa_pkcs11(EC_KEY *ecdsa); -+#endif -+int is_rsa_pkcs11(RSA *rsa); -+ - #if !defined(WITH_OPENSSL) && defined(ENABLE_PKCS11) - #undef ENABLE_PKCS11 - #endif -diff --color -ru -x regress -x autom4te.cache -x '*.o' -x '*.lo' -x Makefile -x config.status -x configure~ -x configure.ac openssh-9.3p1/ssh-rsa.c openssh-9.3p1-patched/ssh-rsa.c ---- openssh-9.3p1/ssh-rsa.c 2023-03-15 22:28:19.000000000 +0100 -+++ openssh-9.3p1-patched/ssh-rsa.c 2023-06-06 15:52:25.627551781 +0200 -@@ -23,6 +23,8 @@ - - #include - #include -+#include -+#include - - #include - #include -@@ -36,10 +36,13 @@ - #include "sshkey.h" - #include "digest.h" - #include "log.h" -+#ifdef ENABLE_PKCS11 -+#include "ssh-pkcs11.h" -+#endif - - #include "openbsd-compat/openssl-compat.h" - --static int openssh_RSA_verify(int, u_char *, size_t, u_char *, size_t, RSA *); -+static int openssh_RSA_verify(int, const u_char *, size_t, u_char *, size_t, EVP_PKEY *); - - static u_int - ssh_rsa_size(const struct sshkey *key) -@@ -131,27 +133,50 @@ - static int - ssh_rsa_generate(struct sshkey *k, int bits) - { -- RSA *private = NULL; -+ EVP_PKEY_CTX *ctx = NULL; -+ EVP_PKEY *res = NULL; - BIGNUM *f4 = NULL; - int ret = SSH_ERR_INTERNAL_ERROR; - - if (bits < SSH_RSA_MINIMUM_MODULUS_SIZE || - bits > SSHBUF_MAX_BIGNUM * 8) - return SSH_ERR_KEY_LENGTH; -- if ((private = RSA_new()) == NULL || (f4 = BN_new()) == NULL) { -+ -+ if ((ctx = EVP_PKEY_CTX_new_from_name(NULL, "RSA", NULL)) == NULL -+ || (f4 = BN_new()) == NULL || !BN_set_word(f4, RSA_F4)) { - ret = SSH_ERR_ALLOC_FAIL; - goto out; - } -- if (!BN_set_word(f4, RSA_F4) || -- !RSA_generate_key_ex(private, bits, f4, NULL)) { -+ -+ if (EVP_PKEY_keygen_init(ctx) <= 0) { -+ ret = SSH_ERR_LIBCRYPTO_ERROR; -+ goto out; -+ } -+ -+ if (EVP_PKEY_CTX_set_rsa_keygen_bits(ctx, bits) <= 0) { -+ ret = SSH_ERR_KEY_LENGTH; -+ goto out; -+ } -+ -+ if (EVP_PKEY_CTX_set1_rsa_keygen_pubexp(ctx, f4) <= 0) -+ goto out; -+ -+ if (EVP_PKEY_keygen(ctx, &res) <= 0) { -+ ret = SSH_ERR_LIBCRYPTO_ERROR; -+ goto out; -+ } -+ -+ /* This function is deprecated in OpenSSL 3.0 but OpenSSH doesn't worry about it*/ -+ k->rsa = EVP_PKEY_get1_RSA(res); -+ if (k->rsa) { -+ ret = 0; -+ } else { - ret = SSH_ERR_LIBCRYPTO_ERROR; - goto out; - } -- k->rsa = private; -- private = NULL; -- ret = 0; - out: -- RSA_free(private); -+ EVP_PKEY_CTX_free(ctx); -+ EVP_PKEY_free(res); - BN_free(f4); - return ret; - } -@@ -317,21 +342,6 @@ - return -1; - } - --static int --rsa_hash_alg_nid(int type) --{ -- switch (type) { -- case SSH_DIGEST_SHA1: -- return NID_sha1; -- case SSH_DIGEST_SHA256: -- return NID_sha256; -- case SSH_DIGEST_SHA512: -- return NID_sha512; -- default: -- return -1; -- } --} -- - int - ssh_rsa_complete_crt_parameters(struct sshkey *key, const BIGNUM *iqmp) - { -@@ -393,11 +403,10 @@ - const u_char *data, size_t datalen, - const char *alg, const char *sk_provider, const char *sk_pin, u_int compat) - { -- const BIGNUM *rsa_n; -- u_char digest[SSH_DIGEST_MAX_LENGTH], *sig = NULL; -- size_t slen = 0; -- u_int hlen, len; -- int nid, hash_alg, ret = SSH_ERR_INTERNAL_ERROR; -+ EVP_PKEY *pkey = NULL; -+ u_char *sig = NULL; -+ int len, slen = 0; -+ int hash_alg, ret = SSH_ERR_INTERNAL_ERROR; - struct sshbuf *b = NULL; - - if (lenp != NULL) -@@ -409,33 +418,33 @@ - hash_alg = SSH_DIGEST_SHA1; - else - hash_alg = rsa_hash_id_from_keyname(alg); -+ - if (key == NULL || key->rsa == NULL || hash_alg == -1 || - sshkey_type_plain(key->type) != KEY_RSA) - return SSH_ERR_INVALID_ARGUMENT; -- RSA_get0_key(key->rsa, &rsa_n, NULL, NULL); -- if (BN_num_bits(rsa_n) < SSH_RSA_MINIMUM_MODULUS_SIZE) -- return SSH_ERR_KEY_LENGTH; - slen = RSA_size(key->rsa); -- if (slen <= 0 || slen > SSHBUF_MAX_BIGNUM) -- return SSH_ERR_INVALID_ARGUMENT; -- -- /* hash the data */ -- nid = rsa_hash_alg_nid(hash_alg); -- if ((hlen = ssh_digest_bytes(hash_alg)) == 0) -- return SSH_ERR_INTERNAL_ERROR; -- if ((ret = ssh_digest_memory(hash_alg, data, datalen, -- digest, sizeof(digest))) != 0) -- goto out; -+ if (RSA_bits(key->rsa) < SSH_RSA_MINIMUM_MODULUS_SIZE) -+ return SSH_ERR_KEY_LENGTH; - -- if ((sig = malloc(slen)) == NULL) { -- ret = SSH_ERR_ALLOC_FAIL; -- goto out; -+#ifdef ENABLE_PKCS11 -+ if (is_rsa_pkcs11(key->rsa)) { -+ if ((pkey = EVP_PKEY_new()) == NULL || -+ EVP_PKEY_set1_RSA(pkey, key->rsa) != 1) -+ return SSH_ERR_ALLOC_FAIL; -+ } else { -+#endif -+ if ((ret = ssh_create_evp_rsa(key, &pkey)) != 0) -+ return ret; -+#ifdef ENABLE_PKCS11 - } -- -- if (RSA_sign(nid, digest, hlen, sig, &len, key->rsa) != 1) { -- ret = SSH_ERR_LIBCRYPTO_ERROR; -+#endif -+ ret = sshkey_calculate_signature(pkey, hash_alg, &sig, &len, data, -+ datalen); -+ EVP_PKEY_free(pkey); -+ if (ret < 0) { - goto out; - } -+ - if (len < slen) { - size_t diff = slen - len; - memmove(sig + diff, sig, len); -@@ -444,6 +453,7 @@ - ret = SSH_ERR_INTERNAL_ERROR; - goto out; - } -+ - /* encode signature */ - if ((b = sshbuf_new()) == NULL) { - ret = SSH_ERR_ALLOC_FAIL; -@@ -464,7 +474,6 @@ - *lenp = len; - ret = 0; - out: -- explicit_bzero(digest, sizeof(digest)); - freezero(sig, slen); - sshbuf_free(b); - return ret; -@@ -476,10 +485,10 @@ - const u_char *data, size_t dlen, const char *alg, u_int compat, - struct sshkey_sig_details **detailsp) - { -- const BIGNUM *rsa_n; -+ EVP_PKEY *pkey = NULL; - char *sigtype = NULL; - int hash_alg, want_alg, ret = SSH_ERR_INTERNAL_ERROR; -- size_t len = 0, diff, modlen, hlen; -+ size_t len = 0, diff, modlen; - struct sshbuf *b = NULL; - u_char digest[SSH_DIGEST_MAX_LENGTH], *osigblob, *sigblob = NULL; - -@@ -487,8 +496,7 @@ - sshkey_type_plain(key->type) != KEY_RSA || - sig == NULL || siglen == 0) - return SSH_ERR_INVALID_ARGUMENT; -- RSA_get0_key(key->rsa, &rsa_n, NULL, NULL); -- if (BN_num_bits(rsa_n) < SSH_RSA_MINIMUM_MODULUS_SIZE) -+ if (RSA_bits(key->rsa) < SSH_RSA_MINIMUM_MODULUS_SIZE) - return SSH_ERR_KEY_LENGTH; - - if ((b = sshbuf_from(sig, siglen)) == NULL) -@@ -540,16 +548,13 @@ - explicit_bzero(sigblob, diff); - len = modlen; - } -- if ((hlen = ssh_digest_bytes(hash_alg)) == 0) { -- ret = SSH_ERR_INTERNAL_ERROR; -- goto out; -- } -- if ((ret = ssh_digest_memory(hash_alg, data, dlen, -- digest, sizeof(digest))) != 0) -+ -+ if ((ret = ssh_create_evp_rsa(key, &pkey)) != 0) - goto out; - -- ret = openssh_RSA_verify(hash_alg, digest, hlen, sigblob, len, -- key->rsa); -+ ret = openssh_RSA_verify(hash_alg, data, dlen, sigblob, len, pkey); -+ EVP_PKEY_free(pkey); -+ - out: - freezero(sigblob, len); - free(sigtype); -@@ -558,125 +563,110 @@ - return ret; - } - --/* -- * See: -- * http://www.rsasecurity.com/rsalabs/pkcs/pkcs-1/ -- * ftp://ftp.rsasecurity.com/pub/pkcs/pkcs-1/pkcs-1v2-1.asn -- */ -- --/* -- * id-sha1 OBJECT IDENTIFIER ::= { iso(1) identified-organization(3) -- * oiw(14) secsig(3) algorithms(2) 26 } -- */ --static const u_char id_sha1[] = { -- 0x30, 0x21, /* type Sequence, length 0x21 (33) */ -- 0x30, 0x09, /* type Sequence, length 0x09 */ -- 0x06, 0x05, /* type OID, length 0x05 */ -- 0x2b, 0x0e, 0x03, 0x02, 0x1a, /* id-sha1 OID */ -- 0x05, 0x00, /* NULL */ -- 0x04, 0x14 /* Octet string, length 0x14 (20), followed by sha1 hash */ --}; -- --/* -- * See http://csrc.nist.gov/groups/ST/crypto_apps_infra/csor/algorithms.html -- * id-sha256 OBJECT IDENTIFIER ::= { joint-iso-itu-t(2) country(16) us(840) -- * organization(1) gov(101) csor(3) nistAlgorithm(4) hashAlgs(2) -- * id-sha256(1) } -- */ --static const u_char id_sha256[] = { -- 0x30, 0x31, /* type Sequence, length 0x31 (49) */ -- 0x30, 0x0d, /* type Sequence, length 0x0d (13) */ -- 0x06, 0x09, /* type OID, length 0x09 */ -- 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x01, /* id-sha256 */ -- 0x05, 0x00, /* NULL */ -- 0x04, 0x20 /* Octet string, length 0x20 (32), followed by sha256 hash */ --}; -- --/* -- * See http://csrc.nist.gov/groups/ST/crypto_apps_infra/csor/algorithms.html -- * id-sha512 OBJECT IDENTIFIER ::= { joint-iso-itu-t(2) country(16) us(840) -- * organization(1) gov(101) csor(3) nistAlgorithm(4) hashAlgs(2) -- * id-sha256(3) } -- */ --static const u_char id_sha512[] = { -- 0x30, 0x51, /* type Sequence, length 0x51 (81) */ -- 0x30, 0x0d, /* type Sequence, length 0x0d (13) */ -- 0x06, 0x09, /* type OID, length 0x09 */ -- 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x03, /* id-sha512 */ -- 0x05, 0x00, /* NULL */ -- 0x04, 0x40 /* Octet string, length 0x40 (64), followed by sha512 hash */ --}; -- - static int --rsa_hash_alg_oid(int hash_alg, const u_char **oidp, size_t *oidlenp) -+openssh_RSA_verify(int hash_alg, const u_char *data, size_t datalen, -+ u_char *sigbuf, size_t siglen, EVP_PKEY *pkey) - { -- switch (hash_alg) { -- case SSH_DIGEST_SHA1: -- *oidp = id_sha1; -- *oidlenp = sizeof(id_sha1); -- break; -- case SSH_DIGEST_SHA256: -- *oidp = id_sha256; -- *oidlenp = sizeof(id_sha256); -- break; -- case SSH_DIGEST_SHA512: -- *oidp = id_sha512; -- *oidlenp = sizeof(id_sha512); -- break; -- default: -- return SSH_ERR_INVALID_ARGUMENT; -- } -- return 0; --} -+ size_t rsasize = 0; -+ int ret; - --static int --openssh_RSA_verify(int hash_alg, u_char *hash, size_t hashlen, -- u_char *sigbuf, size_t siglen, RSA *rsa) --{ -- size_t rsasize = 0, oidlen = 0, hlen = 0; -- int ret, len, oidmatch, hashmatch; -- const u_char *oid = NULL; -- u_char *decrypted = NULL; -- -- if ((ret = rsa_hash_alg_oid(hash_alg, &oid, &oidlen)) != 0) -- return ret; -- ret = SSH_ERR_INTERNAL_ERROR; -- hlen = ssh_digest_bytes(hash_alg); -- if (hashlen != hlen) { -- ret = SSH_ERR_INVALID_ARGUMENT; -- goto done; -- } -- rsasize = RSA_size(rsa); -+ rsasize = EVP_PKEY_get_size(pkey); - if (rsasize <= 0 || rsasize > SSHBUF_MAX_BIGNUM || - siglen == 0 || siglen > rsasize) { - ret = SSH_ERR_INVALID_ARGUMENT; - goto done; - } -- if ((decrypted = malloc(rsasize)) == NULL) { -- ret = SSH_ERR_ALLOC_FAIL; -- goto done; -- } -- if ((len = RSA_public_decrypt(siglen, sigbuf, decrypted, rsa, -- RSA_PKCS1_PADDING)) < 0) { -- ret = SSH_ERR_LIBCRYPTO_ERROR; -- goto done; -- } -- if (len < 0 || (size_t)len != hlen + oidlen) { -- ret = SSH_ERR_INVALID_FORMAT; -- goto done; -- } -- oidmatch = timingsafe_bcmp(decrypted, oid, oidlen) == 0; -- hashmatch = timingsafe_bcmp(decrypted + oidlen, hash, hlen) == 0; -- if (!oidmatch || !hashmatch) { -- ret = SSH_ERR_SIGNATURE_INVALID; -- goto done; -- } -- ret = 0; -+ -+ ret = sshkey_verify_signature(pkey, hash_alg, data, datalen, -+ sigbuf, siglen); -+ - done: -- freezero(decrypted, rsasize); - return ret; - } - -+int -+ssh_create_evp_rsa(const struct sshkey *k, EVP_PKEY **pkey) -+{ -+ OSSL_PARAM_BLD *param_bld = NULL; -+ EVP_PKEY_CTX *ctx = NULL; -+ int ret = 0; -+ const BIGNUM *n = NULL, *e = NULL, *d = NULL, *p = NULL, *q = NULL; -+ const BIGNUM *dmp1 = NULL, *dmq1 = NULL, *iqmp = NULL; -+ -+ if (k == NULL) -+ return SSH_ERR_INVALID_ARGUMENT; -+ if ((ctx = EVP_PKEY_CTX_new_from_name(NULL, "RSA", NULL)) == NULL || -+ (param_bld = OSSL_PARAM_BLD_new()) == NULL) { -+ ret = SSH_ERR_ALLOC_FAIL; -+ goto out; -+ } -+ -+ RSA_get0_key(k->rsa, &n, &e, &d); -+ RSA_get0_factors(k->rsa, &p, &q); -+ RSA_get0_crt_params(k->rsa, &dmp1, &dmq1, &iqmp); -+ -+ if (n != NULL && -+ OSSL_PARAM_BLD_push_BN(param_bld, OSSL_PKEY_PARAM_RSA_N, n) != 1) { -+ ret = SSH_ERR_LIBCRYPTO_ERROR; -+ goto out; -+ } -+ if (e != NULL && -+ OSSL_PARAM_BLD_push_BN(param_bld, OSSL_PKEY_PARAM_RSA_E, e) != 1) { -+ ret = SSH_ERR_LIBCRYPTO_ERROR; -+ goto out; -+ } -+ if (d != NULL && -+ OSSL_PARAM_BLD_push_BN(param_bld, OSSL_PKEY_PARAM_RSA_D, d) != 1) { -+ ret = SSH_ERR_LIBCRYPTO_ERROR; -+ goto out; -+ } -+ -+ if ((*pkey = sshkey_create_evp(param_bld, ctx)) == NULL) { -+ ret = SSH_ERR_LIBCRYPTO_ERROR; -+ goto out; -+ } -+ -+ /* setting this to param_build makes the creation process fail */ -+ if (p != NULL && -+ EVP_PKEY_set_bn_param(*pkey, OSSL_PKEY_PARAM_RSA_FACTOR1, p) != 1) { -+ debug2_f("failed to add 'p' param"); -+ ret = SSH_ERR_LIBCRYPTO_ERROR; -+ goto out; -+ } -+ if (q != NULL && -+ EVP_PKEY_set_bn_param(*pkey, OSSL_PKEY_PARAM_RSA_FACTOR2, q) != 1) { -+ debug2_f("failed to add 'q' param"); -+ ret = SSH_ERR_LIBCRYPTO_ERROR; -+ goto out; -+ } -+ if (dmp1 != NULL && -+ EVP_PKEY_set_bn_param(*pkey, -+ OSSL_PKEY_PARAM_RSA_EXPONENT1, dmp1) != 1) { -+ debug2_f("failed to add 'dmp1' param"); -+ ret = SSH_ERR_LIBCRYPTO_ERROR; -+ goto out; -+ } -+ if (dmq1 != NULL && -+ EVP_PKEY_set_bn_param(*pkey, -+ OSSL_PKEY_PARAM_RSA_EXPONENT2, dmq1) != 1) { -+ debug2_f("failed to add 'dmq1' param"); -+ ret = SSH_ERR_LIBCRYPTO_ERROR; -+ goto out; -+ } -+ if (iqmp != NULL && -+ EVP_PKEY_set_bn_param(*pkey, -+ OSSL_PKEY_PARAM_RSA_COEFFICIENT1, iqmp) != 1) { -+ debug2_f("failed to add 'iqmp' param"); -+ ret = SSH_ERR_LIBCRYPTO_ERROR; -+ goto out; -+ } -+ -+out: -+ OSSL_PARAM_BLD_free(param_bld); -+ EVP_PKEY_CTX_free(ctx); -+ return ret; -+} -+ - static const struct sshkey_impl_funcs sshkey_rsa_funcs = { - /* .size = */ ssh_rsa_size, - /* .alloc = */ ssh_rsa_alloc, diff --git a/openssh-9.6p1-gssapi-keyex.patch b/openssh-9.6p1-gssapi-keyex.patch index e63b258..ef1f97e 100644 --- a/openssh-9.6p1-gssapi-keyex.patch +++ b/openssh-9.6p1-gssapi-keyex.patch @@ -1240,8 +1240,8 @@ diff --color -ruNp a/kexgen.c b/kexgen.c const struct sshbuf *client_version, diff --color -ruNp a/kexgssc.c b/kexgssc.c --- a/kexgssc.c 1970-01-01 01:00:00.000000000 +0100 -+++ b/kexgssc.c 2024-09-16 11:46:34.709940203 +0200 -@@ -0,0 +1,704 @@ ++++ b/kexgssc.c 2024-10-14 15:18:02.491798105 +0200 +@@ -0,0 +1,706 @@ +/* + * Copyright (c) 2001-2009 Simon Wilkinson. All rights reserved. + * @@ -1603,6 +1603,7 @@ diff --color -ruNp a/kexgssc.c b/kexgssc.c + if (gss->major & GSS_S_CONTINUE_NEEDED) + return kexgss_init_ctx(ssh, &recv_tok); + ++ gss_release_buffer(&gss->minor, &recv_tok); + return kexgss_final(ssh); +} + @@ -1942,14 +1943,15 @@ diff --color -ruNp a/kexgssc.c b/kexgssc.c + if (gss->major & GSS_S_CONTINUE_NEEDED) + return kexgssgex_init_ctx(ssh, &recv_tok); + ++ gss_release_buffer(&gss->minor, &recv_tok); + return kexgssgex_final(ssh); +} + +#endif /* defined(GSSAPI) && defined(WITH_OPENSSL) */ diff --color -ruNp a/kexgsss.c b/kexgsss.c --- a/kexgsss.c 1970-01-01 01:00:00.000000000 +0100 -+++ b/kexgsss.c 2024-09-16 11:46:34.710940224 +0200 -@@ -0,0 +1,590 @@ ++++ b/kexgsss.c 2024-10-14 15:18:02.491798105 +0200 +@@ -0,0 +1,601 @@ +/* + * Copyright (c) 2001-2009 Simon Wilkinson. All rights reserved. + * @@ -2082,6 +2084,9 @@ diff --color -ruNp a/kexgsss.c b/kexgsss.c + struct kex *kex = ssh->kex; + Gssctxt *gss = kex->gss; + gss_buffer_desc msg_tok; ++ u_char hash[SSH_DIGEST_MAX_LENGTH]; ++ size_t hashlen; ++ struct sshbuf *shared_secret = NULL; + int r; + + ssh_dispatch_set(ssh, SSH2_MSG_KEXGSS_INIT, NULL); @@ -2125,12 +2130,18 @@ diff --color -ruNp a/kexgsss.c b/kexgsss.c + gss_release_buffer(&gss->minor, send_tok); + gss_release_buffer(&gss->minor, &msg_tok); + ++ hashlen = gss->hashlen; ++ memcpy(hash, gss->hash, hashlen); ++ explicit_bzero(gss->hash, sizeof(gss->hash)); ++ shared_secret = gss->shared_secret; ++ gss->shared_secret = NULL; ++ + if (gss_kex_context == NULL) + gss_kex_context = gss; + else + ssh_gssapi_delete_ctx(&kex->gss); + -+ if ((r = kex_derive_keys(ssh, gss->hash, gss->hashlen, gss->shared_secret)) == 0) ++ if ((r = kex_derive_keys(ssh, hash, hashlen, shared_secret)) == 0) + r = kex_send_newkeys(ssh); + + /* If this was a rekey, then save out any delegated credentials we @@ -2139,12 +2150,11 @@ diff --color -ruNp a/kexgsss.c b/kexgsss.c + ssh_gssapi_rekey_creds(); + + if (kex->gss != NULL) { -+ explicit_bzero(gss->hash, sizeof(gss->hash)); -+ sshbuf_free(gss->shared_secret); -+ gss->shared_secret = NULL; + sshbuf_free(gss->server_pubkey); + gss->server_pubkey = NULL; + } ++ explicit_bzero(hash, sizeof(hash)); ++ sshbuf_free(shared_secret); + return r; +} + @@ -2187,7 +2197,8 @@ diff --color -ruNp a/kexgsss.c b/kexgsss.c + } + if (r != 0) { + sshbuf_free(client_pubkey); -+ ssh_gssapi_delete_ctx(&kex->gss); ++ gss_release_buffer(&gss->minor, &recv_tok); ++ ssh_gssapi_delete_ctx(&kex->gss); + return r; + } + @@ -2195,6 +2206,7 @@ diff --color -ruNp a/kexgsss.c b/kexgsss.c + + if ((empty = sshbuf_new()) == NULL) { + sshbuf_free(client_pubkey); ++ gss_release_buffer(&gss->minor, &recv_tok); + ssh_gssapi_delete_ctx(&kex->gss); + return SSH_ERR_ALLOC_FAIL; + } @@ -2210,6 +2222,7 @@ diff --color -ruNp a/kexgsss.c b/kexgsss.c + sshbuf_free(empty); + sshbuf_free(client_pubkey); + if (r != 0) { ++ gss_release_buffer(&gss->minor, &recv_tok); + ssh_gssapi_delete_ctx(&kex->gss); + return r; + } @@ -2555,9 +2568,9 @@ diff --color -ruNp a/kex.h b/kex.h # include # include @@ -102,6 +106,15 @@ enum kex_exchange { - KEX_ECDH_SHA2, KEX_C25519_SHA256, KEX_KEM_SNTRUP761X25519_SHA512, + KEX_KEM_MLKEM768X25519_SHA256, +#ifdef GSSAPI + KEX_GSS_GRP1_SHA1, + KEX_GSS_GRP14_SHA1, @@ -2730,7 +2743,7 @@ diff --color -ruNp a/Makefile.in b/Makefile.in @@ -114,6 +114,7 @@ LIBSSH_OBJS=${LIBOPENSSH_OBJS} \ kex.o kex-names.o kexdh.o kexgex.o kexecdh.o kexc25519.o \ kexgexc.o kexgexs.o \ - kexsntrup761x25519.o sntrup761.o kexgen.o \ + kexsntrup761x25519.o kexmlkem768x25519.o sntrup761.o kexgen.o \ + kexgssc.o \ sftp-realpath.o platform-pledge.o platform-tracing.o platform-misc.o \ sshbuf-io.o @@ -3609,7 +3622,7 @@ diff --color -ruNp a/sshconnect2.c b/sshconnect2.c free(hkalgs); /* start key exchange */ -@@ -271,14 +312,44 @@ ssh_kex2(struct ssh *ssh, char *host, st +@@ -271,15 +312,45 @@ ssh_kex2(struct ssh *ssh, char *host, st # ifdef OPENSSL_HAS_ECC ssh->kex->kex[KEX_ECDH_SHA2] = kex_gen_client; # endif @@ -3628,6 +3641,7 @@ diff --color -ruNp a/sshconnect2.c b/sshconnect2.c +#endif /* WITH_OPENSSL */ ssh->kex->kex[KEX_C25519_SHA256] = kex_gen_client; ssh->kex->kex[KEX_KEM_SNTRUP761X25519_SHA512] = kex_gen_client; + ssh->kex->kex[KEX_KEM_MLKEM768X25519_SHA256] = kex_gen_client; ssh->kex->verify_host_key=&verify_host_key_callback; +#if defined(GSSAPI) && defined(WITH_OPENSSL) @@ -3949,7 +3963,7 @@ diff --color -ruNp a/sshd-session.c b/sshd-session.c +#endif /* WITH_OPENSSL */ kex->kex[KEX_C25519_SHA256] = kex_gen_server; kex->kex[KEX_KEM_SNTRUP761X25519_SHA512] = kex_gen_server; - kex->load_host_public_key=&get_hostkey_public_by_type; + kex->kex[KEX_KEM_MLKEM768X25519_SHA256] = kex_gen_server; diff --color -ruNp a/ssh-gss.h b/ssh-gss.h --- a/ssh-gss.h 2024-07-01 06:36:28.000000000 +0200 +++ b/ssh-gss.h 2024-09-16 11:46:34.710940224 +0200 diff --git a/openssh-9.8p1-gsissh.patch b/openssh-9.9p1-gsissh.patch similarity index 89% rename from openssh-9.8p1-gsissh.patch rename to openssh-9.9p1-gsissh.patch index ecb2c4e..7f60393 100644 --- a/openssh-9.8p1-gsissh.patch +++ b/openssh-9.9p1-gsissh.patch @@ -1,6 +1,6 @@ -diff -Nur openssh-9.8p1.orig/auth2.c openssh-9.8p1/auth2.c ---- openssh-9.8p1.orig/auth2.c 2024-09-30 11:38:28.487321398 +0200 -+++ openssh-9.8p1/auth2.c 2024-10-01 08:11:48.131268544 +0200 +diff -Nur openssh-9.9p1.orig/auth2.c openssh-9.9p1/auth2.c +--- openssh-9.9p1.orig/auth2.c 2025-01-20 19:52:47.907052307 +0100 ++++ openssh-9.9p1/auth2.c 2025-01-20 20:23:17.232729940 +0100 @@ -286,7 +286,28 @@ (r = sshpkt_get_cstring(ssh, &service, NULL)) != 0 || (r = sshpkt_get_cstring(ssh, &method, NULL)) != 0) @@ -101,9 +101,9 @@ diff -Nur openssh-9.8p1.orig/auth2.c openssh-9.8p1/auth2.c "not allowed: (%s,%s) -> (%s,%s)", authctxt->user, authctxt->service, user, service); } -diff -Nur openssh-9.8p1.orig/auth2-gss.c openssh-9.8p1/auth2-gss.c ---- openssh-9.8p1.orig/auth2-gss.c 2024-09-30 11:38:28.368321057 +0200 -+++ openssh-9.8p1/auth2-gss.c 2024-10-01 13:47:06.876811637 +0200 +diff -Nur openssh-9.9p1.orig/auth2-gss.c openssh-9.9p1/auth2-gss.c +--- openssh-9.9p1.orig/auth2-gss.c 2025-01-20 19:52:47.769051955 +0100 ++++ openssh-9.9p1/auth2-gss.c 2025-01-20 20:23:17.233729943 +0100 @@ -54,6 +54,7 @@ extern struct authmethod_cfg methodcfg_gsskeyex; extern struct authmethod_cfg methodcfg_gssapi; @@ -303,9 +303,9 @@ diff -Nur openssh-9.8p1.orig/auth2-gss.c openssh-9.8p1/auth2-gss.c Authmethod method_gsskeyex = { &methodcfg_gsskeyex, userauth_gsskeyex, -diff -Nur openssh-9.8p1.orig/auth.c openssh-9.8p1/auth.c ---- openssh-9.8p1.orig/auth.c 2024-09-30 11:38:28.488321400 +0200 -+++ openssh-9.8p1/auth.c 2024-09-30 11:39:17.561461794 +0200 +diff -Nur openssh-9.9p1.orig/auth.c openssh-9.9p1/auth.c +--- openssh-9.9p1.orig/auth.c 2025-01-20 19:52:47.908052310 +0100 ++++ openssh-9.9p1/auth.c 2025-01-20 20:23:17.233729943 +0100 @@ -298,7 +298,8 @@ method, submethod != NULL ? "/" : "", submethod == NULL ? "" : submethod, @@ -316,7 +316,7 @@ diff -Nur openssh-9.8p1.orig/auth.c openssh-9.8p1/auth.c ssh_remote_ipaddr(ssh), ssh_remote_port(ssh), extra != NULL ? ": " : "", -@@ -486,13 +487,18 @@ +@@ -490,13 +491,18 @@ #endif pw = getpwnam(user); @@ -336,9 +336,9 @@ diff -Nur openssh-9.8p1.orig/auth.c openssh-9.8p1/auth.c #ifdef CUSTOM_FAILED_LOGIN record_failed_login(ssh, user, auth_get_canonical_hostname(ssh, options.use_dns), "ssh"); -diff -Nur openssh-9.8p1.orig/auth.h openssh-9.8p1/auth.h ---- openssh-9.8p1.orig/auth.h 2024-09-30 11:38:28.489321403 +0200 -+++ openssh-9.8p1/auth.h 2024-09-30 11:39:17.561461794 +0200 +diff -Nur openssh-9.9p1.orig/auth.h openssh-9.9p1/auth.h +--- openssh-9.9p1.orig/auth.h 2025-01-20 19:52:47.909052313 +0100 ++++ openssh-9.9p1/auth.h 2025-01-20 20:23:17.234729946 +0100 @@ -85,6 +85,8 @@ krb5_principal krb5_user; char *krb5_ticket_file; @@ -348,9 +348,9 @@ diff -Nur openssh-9.8p1.orig/auth.h openssh-9.8p1/auth.h int krb5_set_env; #endif struct sshbuf *loginmsg; -diff -Nur openssh-9.8p1.orig/auth-pam.c openssh-9.8p1/auth-pam.c ---- openssh-9.8p1.orig/auth-pam.c 2024-09-30 11:38:28.533321529 +0200 -+++ openssh-9.8p1/auth-pam.c 2024-09-30 11:39:17.562461797 +0200 +diff -Nur openssh-9.9p1.orig/auth-pam.c openssh-9.9p1/auth-pam.c +--- openssh-9.9p1.orig/auth-pam.c 2025-01-20 19:52:47.954052427 +0100 ++++ openssh-9.9p1/auth-pam.c 2025-01-20 20:23:17.264730023 +0100 @@ -248,6 +248,7 @@ static const char *sshpam_password = NULL; static char *sshpam_rhost = NULL; @@ -511,9 +511,9 @@ diff -Nur openssh-9.8p1.orig/auth-pam.c openssh-9.8p1/auth-pam.c sshpam_password = NULL; free(fake); if (sshpam_err == PAM_MAXTRIES) -diff -Nur openssh-9.8p1.orig/auth-pam.h openssh-9.8p1/auth-pam.h ---- openssh-9.8p1.orig/auth-pam.h 2024-09-30 11:38:28.333320957 +0200 -+++ openssh-9.8p1/auth-pam.h 2024-09-30 11:39:17.563461800 +0200 +diff -Nur openssh-9.9p1.orig/auth-pam.h openssh-9.9p1/auth-pam.h +--- openssh-9.9p1.orig/auth-pam.h 2025-01-20 19:52:47.713051809 +0100 ++++ openssh-9.9p1/auth-pam.h 2025-01-20 20:23:17.264730023 +0100 @@ -43,5 +43,6 @@ int sshpam_get_maxtries_reached(void); void sshpam_set_maxtries_reached(int); @@ -521,9 +521,9 @@ diff -Nur openssh-9.8p1.orig/auth-pam.h openssh-9.8p1/auth-pam.h +struct passwd *sshpam_getpw(const char *); #endif /* USE_PAM */ -diff -Nur openssh-9.8p1.orig/canohost.c openssh-9.8p1/canohost.c ---- openssh-9.8p1.orig/canohost.c 2024-09-30 11:38:28.368321057 +0200 -+++ openssh-9.8p1/canohost.c 2024-09-30 11:39:17.564461803 +0200 +diff -Nur openssh-9.9p1.orig/canohost.c openssh-9.9p1/canohost.c +--- openssh-9.9p1.orig/canohost.c 2025-01-20 19:52:47.770051957 +0100 ++++ openssh-9.9p1/canohost.c 2025-01-20 20:23:17.265730026 +0100 @@ -17,6 +17,7 @@ #include #include @@ -566,9 +566,9 @@ diff -Nur openssh-9.8p1.orig/canohost.c openssh-9.8p1/canohost.c + } + } +} -diff -Nur openssh-9.8p1.orig/canohost.h openssh-9.8p1/canohost.h ---- openssh-9.8p1.orig/canohost.h 2024-09-30 11:38:28.369321060 +0200 -+++ openssh-9.8p1/canohost.h 2024-09-30 11:39:17.564461803 +0200 +diff -Nur openssh-9.9p1.orig/canohost.h openssh-9.9p1/canohost.h +--- openssh-9.9p1.orig/canohost.h 2025-01-20 19:52:47.770051957 +0100 ++++ openssh-9.9p1/canohost.h 2025-01-20 20:23:17.265730026 +0100 @@ -26,4 +26,6 @@ #endif /* _CANOHOST_H */ @@ -576,10 +576,10 @@ diff -Nur openssh-9.8p1.orig/canohost.h openssh-9.8p1/canohost.h +void resolve_localhost(char **host); + void ipv64_normalise_mapped(struct sockaddr_storage *, socklen_t *); -diff -Nur openssh-9.8p1.orig/configure.ac openssh-9.8p1/configure.ac ---- openssh-9.8p1.orig/configure.ac 2024-09-30 11:38:28.463321329 +0200 -+++ openssh-9.8p1/configure.ac 2024-09-30 11:39:17.565461806 +0200 -@@ -4909,6 +4909,14 @@ +diff -Nur openssh-9.9p1.orig/configure.ac openssh-9.9p1/configure.ac +--- openssh-9.9p1.orig/configure.ac 2025-01-20 19:52:47.872052217 +0100 ++++ openssh-9.9p1/configure.ac 2025-01-20 20:23:17.266730028 +0100 +@@ -4920,6 +4920,14 @@ AC_CHECK_HEADER([gssapi_krb5.h], , [ CPPFLAGS="$oldCPP" ]) @@ -594,7 +594,7 @@ diff -Nur openssh-9.8p1.orig/configure.ac openssh-9.8p1/configure.ac fi fi if test -n "${rpath_opt}" ; then -@@ -4950,6 +4958,40 @@ +@@ -4961,6 +4969,40 @@ AC_SUBST([K5LIBS]) AC_SUBST([CHANNELLIBS]) @@ -635,9 +635,9 @@ diff -Nur openssh-9.8p1.orig/configure.ac openssh-9.8p1/configure.ac # Looking for programs, paths and files PRIVSEP_PATH=/var/empty -diff -Nur openssh-9.8p1.orig/gss-genr.c openssh-9.8p1/gss-genr.c ---- openssh-9.8p1.orig/gss-genr.c 2024-09-30 11:38:28.535321535 +0200 -+++ openssh-9.8p1/gss-genr.c 2024-09-30 11:39:17.566461808 +0200 +diff -Nur openssh-9.9p1.orig/gss-genr.c openssh-9.9p1/gss-genr.c +--- openssh-9.9p1.orig/gss-genr.c 2025-01-20 19:52:47.962052448 +0100 ++++ openssh-9.9p1/gss-genr.c 2025-01-20 20:23:17.267730031 +0100 @@ -41,6 +41,7 @@ #include "ssherr.h" #include "sshbuf.h" @@ -674,9 +674,9 @@ diff -Nur openssh-9.8p1.orig/gss-genr.c openssh-9.8p1/gss-genr.c free(gssbuf.value); return (ctx->major); } -diff -Nur openssh-9.8p1.orig/gss-serv.c openssh-9.8p1/gss-serv.c ---- openssh-9.8p1.orig/gss-serv.c 2024-09-30 11:38:28.389321117 +0200 -+++ openssh-9.8p1/gss-serv.c 2024-09-30 11:39:17.567461811 +0200 +diff -Nur openssh-9.9p1.orig/gss-serv.c openssh-9.9p1/gss-serv.c +--- openssh-9.9p1.orig/gss-serv.c 2025-01-20 19:52:47.802052038 +0100 ++++ openssh-9.9p1/gss-serv.c 2025-01-20 20:23:17.268730033 +0100 @@ -50,10 +50,12 @@ #include "monitor_wrap.h" @@ -957,9 +957,9 @@ diff -Nur openssh-9.8p1.orig/gss-serv.c openssh-9.8p1/gss-serv.c xasprintf(&envstr, "%s=%s", gssapi_client.store.envvar, gssapi_client.store.envval); -diff -Nur openssh-9.8p1.orig/gss-serv-gsi.c openssh-9.8p1/gss-serv-gsi.c ---- openssh-9.8p1.orig/gss-serv-gsi.c 1970-01-01 01:00:00.000000000 +0100 -+++ openssh-9.8p1/gss-serv-gsi.c 2024-09-30 11:39:17.567461811 +0200 +diff -Nur openssh-9.9p1.orig/gss-serv-gsi.c openssh-9.9p1/gss-serv-gsi.c +--- openssh-9.9p1.orig/gss-serv-gsi.c 1970-01-01 01:00:00.000000000 +0100 ++++ openssh-9.9p1/gss-serv-gsi.c 2025-01-20 20:23:17.268730033 +0100 @@ -0,0 +1,328 @@ +/* + * Copyright (c) 2001-2003 Simon Wilkinson. All rights reserved. @@ -1289,9 +1289,9 @@ diff -Nur openssh-9.8p1.orig/gss-serv-gsi.c openssh-9.8p1/gss-serv-gsi.c + +#endif /* GSI */ +#endif /* GSSAPI */ -diff -Nur openssh-9.8p1.orig/gss-serv-krb5.c openssh-9.8p1/gss-serv-krb5.c ---- openssh-9.8p1.orig/gss-serv-krb5.c 2024-09-30 11:38:28.418321200 +0200 -+++ openssh-9.8p1/gss-serv-krb5.c 2024-09-30 11:39:17.568461814 +0200 +diff -Nur openssh-9.9p1.orig/gss-serv-krb5.c openssh-9.9p1/gss-serv-krb5.c +--- openssh-9.9p1.orig/gss-serv-krb5.c 2025-01-20 19:52:47.824052094 +0100 ++++ openssh-9.9p1/gss-serv-krb5.c 2025-01-20 20:23:17.269730036 +0100 @@ -379,6 +379,34 @@ return found_principal; } @@ -1345,9 +1345,9 @@ diff -Nur openssh-9.8p1.orig/gss-serv-krb5.c openssh-9.8p1/gss-serv-krb5.c &ssh_gssapi_krb5_storecreds, &ssh_gssapi_krb5_updatecreds }; -diff -Nur openssh-9.8p1.orig/kexgsss.c openssh-9.8p1/kexgsss.c ---- openssh-9.8p1.orig/kexgsss.c 2024-09-30 11:38:28.399321146 +0200 -+++ openssh-9.8p1/kexgsss.c 2024-09-30 15:10:29.856045413 +0200 +diff -Nur openssh-9.9p1.orig/kexgsss.c openssh-9.9p1/kexgsss.c +--- openssh-9.9p1.orig/kexgsss.c 2025-01-20 19:52:47.785051995 +0100 ++++ openssh-9.9p1/kexgsss.c 2025-01-21 07:14:03.079570547 +0100 @@ -48,6 +48,7 @@ #include "digest.h" #include "ssherr.h" @@ -1368,16 +1368,7 @@ diff -Nur openssh-9.8p1.orig/kexgsss.c openssh-9.8p1/kexgsss.c ssh_gssapi_build_ctx(&kex->gss); if (kex->gss == NULL) -@@ -127,7 +130,7 @@ - gss_buffer_desc *send_tok, - OM_uint32 *ret_flags) - { -- struct kex *kex = ssh->kex; -+struct kex *kex = ssh->kex; - Gssctxt *gss = kex->gss; - gss_buffer_desc msg_tok; - int r; -@@ -136,13 +139,14 @@ +@@ -139,13 +142,14 @@ ssh_dispatch_set(ssh, SSH2_MSG_KEXGSS_CONTINUE, NULL); if (GSS_ERROR(gss->major)) { @@ -1393,7 +1384,7 @@ diff -Nur openssh-9.8p1.orig/kexgsss.c openssh-9.8p1/kexgsss.c } if (!(*ret_flags & GSS_C_MUTUAL_FLAG)) -@@ -587,4 +591,26 @@ +@@ -598,4 +602,26 @@ return kexgssgex_final(ssh, &send_tok, &ret_flags); } @@ -1420,9 +1411,9 @@ diff -Nur openssh-9.8p1.orig/kexgsss.c openssh-9.8p1/kexgsss.c +} + #endif /* defined(GSSAPI) && defined(WITH_OPENSSL) */ -diff -Nur openssh-9.8p1.orig/Makefile.in openssh-9.8p1/Makefile.in ---- openssh-9.8p1.orig/Makefile.in 2024-09-30 11:38:28.491321409 +0200 -+++ openssh-9.8p1/Makefile.in 2024-09-30 11:43:22.688163055 +0200 +diff -Nur openssh-9.9p1.orig/Makefile.in openssh-9.9p1/Makefile.in +--- openssh-9.9p1.orig/Makefile.in 2025-01-20 19:52:47.911052318 +0100 ++++ openssh-9.9p1/Makefile.in 2025-01-20 20:23:17.270730038 +0100 @@ -138,6 +138,7 @@ auth2-none.o auth2-passwd.o auth2-pubkey.o auth2-pubkeyfile.o \ monitor.o monitor_wrap.o auth-krb5.o kexgsss.o \ @@ -1431,9 +1422,9 @@ diff -Nur openssh-9.8p1.orig/Makefile.in openssh-9.8p1/Makefile.in loginrec.o auth-pam.o auth-shadow.o auth-sia.o \ sftp-server.o sftp-common.o \ sandbox-null.o sandbox-rlimit.o sandbox-systrace.o sandbox-darwin.o \ -diff -Nur openssh-9.8p1.orig/misc.c openssh-9.8p1/misc.c ---- openssh-9.8p1.orig/misc.c 2024-09-30 11:38:28.537321541 +0200 -+++ openssh-9.8p1/misc.c 2024-09-30 11:39:17.570461820 +0200 +diff -Nur openssh-9.9p1.orig/misc.c openssh-9.9p1/misc.c +--- openssh-9.9p1.orig/misc.c 2025-01-20 19:52:47.963052451 +0100 ++++ openssh-9.9p1/misc.c 2025-01-20 20:23:17.271730041 +0100 @@ -419,11 +419,14 @@ #define WHITESPACE " \t\r\n" #define QUOTE "\"" @@ -1493,9 +1484,9 @@ diff -Nur openssh-9.8p1.orig/misc.c openssh-9.8p1/misc.c /* * Convert ASCII string to TCP/IP port number. * Port must be >=0 and <=65535. -diff -Nur openssh-9.8p1.orig/misc.h openssh-9.8p1/misc.h ---- openssh-9.8p1.orig/misc.h 2024-09-30 11:38:28.435321249 +0200 -+++ openssh-9.8p1/misc.h 2024-09-30 11:39:17.570461820 +0200 +diff -Nur openssh-9.9p1.orig/misc.h openssh-9.9p1/misc.h +--- openssh-9.9p1.orig/misc.h 2025-01-20 19:52:47.840052135 +0100 ++++ openssh-9.9p1/misc.h 2025-01-20 20:23:17.272730043 +0100 @@ -111,6 +111,7 @@ void sock_set_v6only(int); @@ -1504,10 +1495,10 @@ diff -Nur openssh-9.8p1.orig/misc.h openssh-9.8p1/misc.h const char *ssh_gai_strerror(int); typedef void privdrop_fn(struct passwd *); -diff -Nur openssh-9.8p1.orig/monitor.c openssh-9.8p1/monitor.c ---- openssh-9.8p1.orig/monitor.c 2024-09-30 11:38:28.537321541 +0200 -+++ openssh-9.8p1/monitor.c 2024-09-30 11:39:17.571461823 +0200 -@@ -147,6 +147,9 @@ +diff -Nur openssh-9.9p1.orig/monitor.c openssh-9.9p1/monitor.c +--- openssh-9.9p1.orig/monitor.c 2025-01-20 19:52:47.964052453 +0100 ++++ openssh-9.9p1/monitor.c 2025-01-20 20:23:17.273730046 +0100 +@@ -148,6 +148,9 @@ int mm_answer_gss_userok(struct ssh *, int, struct sshbuf *); int mm_answer_gss_checkmic(struct ssh *, int, struct sshbuf *); int mm_answer_gss_sign(struct ssh *, int, struct sshbuf *); @@ -1517,7 +1508,7 @@ diff -Nur openssh-9.8p1.orig/monitor.c openssh-9.8p1/monitor.c int mm_answer_gss_updatecreds(struct ssh *, int, struct sshbuf *); #endif -@@ -200,7 +203,7 @@ +@@ -201,7 +204,7 @@ {MONITOR_REQ_MODULI, MON_ONCE, mm_answer_moduli}, #endif {MONITOR_REQ_SIGN, MON_ONCE, mm_answer_sign}, @@ -1526,7 +1517,7 @@ diff -Nur openssh-9.8p1.orig/monitor.c openssh-9.8p1/monitor.c {MONITOR_REQ_AUTHSERV, MON_ONCE, mm_answer_authserv}, #ifdef WITH_SELINUX {MONITOR_REQ_AUTHROLE, MON_ONCE, mm_answer_authrole}, -@@ -208,7 +211,7 @@ +@@ -209,7 +212,7 @@ {MONITOR_REQ_AUTH2_READ_BANNER, MON_ONCE, mm_answer_auth2_read_banner}, {MONITOR_REQ_AUTHPASSWORD, MON_AUTH, mm_answer_authpassword}, #ifdef USE_PAM @@ -1535,7 +1526,7 @@ diff -Nur openssh-9.8p1.orig/monitor.c openssh-9.8p1/monitor.c {MONITOR_REQ_PAM_ACCOUNT, 0, mm_answer_pam_account}, {MONITOR_REQ_PAM_INIT_CTX, MON_ONCE, mm_answer_pam_init_ctx}, {MONITOR_REQ_PAM_QUERY, 0, mm_answer_pam_query}, -@@ -232,8 +235,11 @@ +@@ -233,8 +236,11 @@ {MONITOR_REQ_GSSSETUP, MON_ISAUTH, mm_answer_gss_setup_ctx}, {MONITOR_REQ_GSSSTEP, 0, mm_answer_gss_accept_ctx}, {MONITOR_REQ_GSSUSEROK, MON_ONCE|MON_AUTHDECIDE, mm_answer_gss_userok}, @@ -1548,7 +1539,7 @@ diff -Nur openssh-9.8p1.orig/monitor.c openssh-9.8p1/monitor.c #endif {0, 0, NULL} }; -@@ -243,6 +249,8 @@ +@@ -244,6 +250,8 @@ {MONITOR_REQ_GSSSETUP, 0, mm_answer_gss_setup_ctx}, {MONITOR_REQ_GSSSTEP, 0, mm_answer_gss_accept_ctx}, {MONITOR_REQ_GSSSIGN, 0, mm_answer_gss_sign}, @@ -1557,7 +1548,7 @@ diff -Nur openssh-9.8p1.orig/monitor.c openssh-9.8p1/monitor.c {MONITOR_REQ_GSSUPCREDS, 0, mm_answer_gss_updatecreds}, #endif #ifdef WITH_OPENSSL -@@ -323,6 +331,8 @@ +@@ -324,6 +332,8 @@ #ifdef GSSAPI /* and for the GSSAPI key exchange */ monitor_permit(mon_dispatch, MONITOR_REQ_GSSSETUP, 1); @@ -1566,7 +1557,7 @@ diff -Nur openssh-9.8p1.orig/monitor.c openssh-9.8p1/monitor.c #endif /* The first few requests do not require asynchronous access */ -@@ -457,6 +467,8 @@ +@@ -458,6 +468,8 @@ #ifdef GSSAPI /* and for the GSSAPI key exchange */ monitor_permit(mon_dispatch, MONITOR_REQ_GSSSETUP, 1); @@ -1575,7 +1566,7 @@ diff -Nur openssh-9.8p1.orig/monitor.c openssh-9.8p1/monitor.c #endif if (auth_opts->permit_pty_flag) { -@@ -811,14 +823,17 @@ +@@ -812,14 +824,17 @@ debug3_f("entering"); @@ -1596,7 +1587,7 @@ diff -Nur openssh-9.8p1.orig/monitor.c openssh-9.8p1/monitor.c setproctitle("%s [priv]", pwent ? authctxt->user : "unknown"); sshbuf_reset(m); -@@ -2159,6 +2174,79 @@ +@@ -2170,6 +2185,79 @@ } int @@ -1676,9 +1667,9 @@ diff -Nur openssh-9.8p1.orig/monitor.c openssh-9.8p1/monitor.c mm_answer_gss_sign(struct ssh *ssh, int socket, struct sshbuf *m) { gss_buffer_desc data; -diff -Nur openssh-9.8p1.orig/monitor.h openssh-9.8p1/monitor.h ---- openssh-9.8p1.orig/monitor.h 2024-09-30 11:38:28.492321412 +0200 -+++ openssh-9.8p1/monitor.h 2024-09-30 11:39:17.571461823 +0200 +diff -Nur openssh-9.9p1.orig/monitor.h openssh-9.9p1/monitor.h +--- openssh-9.9p1.orig/monitor.h 2025-01-20 19:52:47.912052320 +0100 ++++ openssh-9.9p1/monitor.h 2025-01-20 20:23:17.273730046 +0100 @@ -75,6 +75,10 @@ MONITOR_REQ_GSSSIGN = 150, MONITOR_ANS_GSSSIGN = 151, @@ -1690,9 +1681,9 @@ diff -Nur openssh-9.8p1.orig/monitor.h openssh-9.8p1/monitor.h }; struct ssh; -diff -Nur openssh-9.8p1.orig/monitor_wrap.c openssh-9.8p1/monitor_wrap.c ---- openssh-9.8p1.orig/monitor_wrap.c 2024-09-30 11:38:28.499321432 +0200 -+++ openssh-9.8p1/monitor_wrap.c 2024-09-30 11:39:17.572461826 +0200 +diff -Nur openssh-9.9p1.orig/monitor_wrap.c openssh-9.9p1/monitor_wrap.c +--- openssh-9.9p1.orig/monitor_wrap.c 2025-01-20 19:52:47.918052335 +0100 ++++ openssh-9.9p1/monitor_wrap.c 2025-01-20 20:23:17.274730049 +0100 @@ -1139,6 +1139,94 @@ return (authenticated); } @@ -1788,9 +1779,9 @@ diff -Nur openssh-9.8p1.orig/monitor_wrap.c openssh-9.8p1/monitor_wrap.c OM_uint32 mm_ssh_gssapi_sign(Gssctxt *ctx, gss_buffer_desc *data, gss_buffer_desc *hash) { -diff -Nur openssh-9.8p1.orig/monitor_wrap.h openssh-9.8p1/monitor_wrap.h ---- openssh-9.8p1.orig/monitor_wrap.h 2024-09-30 11:38:28.499321432 +0200 -+++ openssh-9.8p1/monitor_wrap.h 2024-09-30 11:39:17.572461826 +0200 +diff -Nur openssh-9.9p1.orig/monitor_wrap.h openssh-9.9p1/monitor_wrap.h +--- openssh-9.9p1.orig/monitor_wrap.h 2025-01-20 19:52:47.918052335 +0100 ++++ openssh-9.9p1/monitor_wrap.h 2025-01-20 20:23:17.274730049 +0100 @@ -72,6 +72,10 @@ int mm_ssh_gssapi_userok(char *user, struct passwd *, int kex); OM_uint32 mm_ssh_gssapi_checkmic(Gssctxt *, gss_buffer_t, gss_buffer_t); @@ -1802,10 +1793,10 @@ diff -Nur openssh-9.8p1.orig/monitor_wrap.h openssh-9.8p1/monitor_wrap.h int mm_ssh_gssapi_update_creds(ssh_gssapi_ccache *); #endif -diff -Nur openssh-9.8p1.orig/readconf.c openssh-9.8p1/readconf.c ---- openssh-9.8p1.orig/readconf.c 2024-09-30 11:38:28.539321546 +0200 -+++ openssh-9.8p1/readconf.c 2024-09-30 11:39:17.573461828 +0200 -@@ -2760,11 +2760,11 @@ +diff -Nur openssh-9.9p1.orig/readconf.c openssh-9.9p1/readconf.c +--- openssh-9.9p1.orig/readconf.c 2025-01-20 19:52:47.966052458 +0100 ++++ openssh-9.9p1/readconf.c 2025-01-20 20:23:17.275730051 +0100 +@@ -2794,11 +2794,11 @@ if (options->pubkey_authentication == -1) options->pubkey_authentication = SSH_PUBKEY_AUTH_ALL; if (options->gss_authentication == -1) @@ -1820,9 +1811,9 @@ diff -Nur openssh-9.8p1.orig/readconf.c openssh-9.8p1/readconf.c if (options->gss_trust_dns == -1) options->gss_trust_dns = 0; if (options->gss_renewal_rekey == -1) -diff -Nur openssh-9.8p1.orig/readconf.h openssh-9.8p1/readconf.h ---- openssh-9.8p1.orig/readconf.h 2024-09-30 11:38:28.377321083 +0200 -+++ openssh-9.8p1/readconf.h 2024-09-30 11:39:17.574461831 +0200 +diff -Nur openssh-9.9p1.orig/readconf.h openssh-9.9p1/readconf.h +--- openssh-9.9p1.orig/readconf.h 2025-01-20 19:52:47.790052008 +0100 ++++ openssh-9.9p1/readconf.h 2025-01-20 20:23:17.276730054 +0100 @@ -80,6 +80,8 @@ char *host_key_alias; /* hostname alias for .ssh/known_hosts */ char *proxy_command; /* Proxy command for connecting the host. */ @@ -1832,9 +1823,9 @@ diff -Nur openssh-9.8p1.orig/readconf.h openssh-9.8p1/readconf.h int escape_char; /* Escape character; -2 = none */ u_int num_system_hostfiles; /* Paths for /etc/ssh/ssh_known_hosts */ -diff -Nur openssh-9.8p1.orig/servconf.c openssh-9.8p1/servconf.c ---- openssh-9.8p1.orig/servconf.c 2024-09-30 11:38:28.539321546 +0200 -+++ openssh-9.8p1/servconf.c 2024-09-30 14:09:25.379481790 +0200 +diff -Nur openssh-9.9p1.orig/servconf.c openssh-9.9p1/servconf.c +--- openssh-9.9p1.orig/servconf.c 2025-01-20 19:52:47.966052458 +0100 ++++ openssh-9.9p1/servconf.c 2025-01-20 20:23:17.277730056 +0100 @@ -95,6 +95,7 @@ /* Portable-specific options */ options->use_pam = -1; @@ -1855,7 +1846,7 @@ diff -Nur openssh-9.8p1.orig/servconf.c openssh-9.8p1/servconf.c options->gss_store_rekey = -1; options->gss_kex_algorithms = NULL; options->use_kuserok = -1; -@@ -312,6 +315,8 @@ +@@ -314,6 +317,8 @@ options->use_pam = 0; if (options->pam_service_name == NULL) options->pam_service_name = xstrdup(SSHD_PAM_SERVICE); @@ -1864,7 +1855,7 @@ diff -Nur openssh-9.8p1.orig/servconf.c openssh-9.8p1/servconf.c /* Standard Options */ if (options->num_host_key_files == 0) { -@@ -393,13 +398,17 @@ +@@ -395,13 +400,17 @@ if (options->kerberos_unique_ccache == -1) options->kerberos_unique_ccache = 0; if (options->gss_authentication == -1) @@ -1884,7 +1875,7 @@ diff -Nur openssh-9.8p1.orig/servconf.c openssh-9.8p1/servconf.c if (options->gss_store_rekey == -1) options->gss_store_rekey = 0; #ifdef GSSAPI -@@ -567,7 +576,7 @@ +@@ -573,7 +582,7 @@ typedef enum { sBadOption, /* == unknown option */ /* Portable-specific options */ @@ -1893,7 +1884,7 @@ diff -Nur openssh-9.8p1.orig/servconf.c openssh-9.8p1/servconf.c /* Standard Options */ sPort, sHostKeyFile, sLoginGraceTime, sPermitRootLogin, sLogFacility, sLogLevel, sLogVerbose, -@@ -587,6 +596,9 @@ +@@ -593,6 +602,9 @@ sHostKeyAlgorithms, sPerSourceMaxStartups, sPerSourceNetBlockSize, sPerSourcePenalties, sPerSourcePenaltyExemptList, sClientAliveInterval, sClientAliveCountMax, sAuthorizedKeysFile, @@ -1903,7 +1894,7 @@ diff -Nur openssh-9.8p1.orig/servconf.c openssh-9.8p1/servconf.c sGssAuthentication, sGssCleanupCreds, sGssEnablek5users, sGssStrictAcceptor, sGssKeyEx, sGssKexAlgorithms, sGssStoreRekey, sAcceptEnv, sSetEnv, sPermitTunnel, -@@ -622,9 +634,11 @@ +@@ -628,9 +640,11 @@ #ifdef USE_PAM { "usepam", sUsePAM, SSHCFG_GLOBAL }, { "pamservicename", sPAMServiceName, SSHCFG_ALL }, @@ -1915,7 +1906,7 @@ diff -Nur openssh-9.8p1.orig/servconf.c openssh-9.8p1/servconf.c #endif { "pamauthenticationviakbdint", sDeprecated, SSHCFG_GLOBAL }, /* Standard Options */ -@@ -677,8 +691,15 @@ +@@ -683,8 +697,15 @@ { "afstokenpassing", sUnsupported, SSHCFG_GLOBAL }, #ifdef GSSAPI { "gssapiauthentication", sGssAuthentication, SSHCFG_ALL }, @@ -1931,7 +1922,7 @@ diff -Nur openssh-9.8p1.orig/servconf.c openssh-9.8p1/servconf.c { "gssapistrictacceptorcheck", sGssStrictAcceptor, SSHCFG_GLOBAL }, { "gssapikeyexchange", sGssKeyEx, SSHCFG_GLOBAL }, { "gssapistorecredentialsonrekey", sGssStoreRekey, SSHCFG_GLOBAL }, -@@ -686,8 +707,11 @@ +@@ -692,8 +713,11 @@ { "gssapienablek5users", sGssEnablek5users, SSHCFG_ALL }, #else { "gssapiauthentication", sUnsupported, SSHCFG_ALL }, @@ -1943,7 +1934,7 @@ diff -Nur openssh-9.8p1.orig/servconf.c openssh-9.8p1/servconf.c { "gssapistrictacceptorcheck", sUnsupported, SSHCFG_GLOBAL }, { "gssapikeyexchange", sUnsupported, SSHCFG_GLOBAL }, { "gssapistorecredentialsonrekey", sUnsupported, SSHCFG_GLOBAL }, -@@ -761,6 +785,8 @@ +@@ -767,6 +791,8 @@ { "permitlisten", sPermitListen, SSHCFG_ALL }, { "forcecommand", sForceCommand, SSHCFG_ALL }, { "chrootdirectory", sChrootDirectory, SSHCFG_ALL }, @@ -1952,7 +1943,7 @@ diff -Nur openssh-9.8p1.orig/servconf.c openssh-9.8p1/servconf.c { "hostcertificate", sHostCertificate, SSHCFG_GLOBAL }, { "revokedkeys", sRevokedKeys, SSHCFG_ALL }, { "trustedusercakeys", sTrustedUserCAKeys, SSHCFG_ALL }, -@@ -1387,6 +1413,10 @@ +@@ -1407,6 +1433,10 @@ *charptr = xstrdup(arg); break; @@ -1963,7 +1954,7 @@ diff -Nur openssh-9.8p1.orig/servconf.c openssh-9.8p1/servconf.c /* Standard Options */ case sBadOption: goto out; -@@ -1638,6 +1668,10 @@ +@@ -1658,6 +1688,10 @@ intptr = &options->gss_authentication; goto parse_flag; @@ -1974,7 +1965,7 @@ diff -Nur openssh-9.8p1.orig/servconf.c openssh-9.8p1/servconf.c case sGssKeyEx: intptr = &options->gss_keyex; goto parse_flag; -@@ -1646,6 +1680,10 @@ +@@ -1666,6 +1700,10 @@ intptr = &options->gss_cleanup_creds; goto parse_flag; @@ -1985,7 +1976,7 @@ diff -Nur openssh-9.8p1.orig/servconf.c openssh-9.8p1/servconf.c case sGssStrictAcceptor: intptr = &options->gss_strict_acceptor; goto parse_flag; -@@ -1666,6 +1704,12 @@ +@@ -1686,6 +1724,12 @@ options->gss_kex_algorithms = xstrdup(arg); break; @@ -1998,7 +1989,7 @@ diff -Nur openssh-9.8p1.orig/servconf.c openssh-9.8p1/servconf.c case sPasswordAuthentication: intptr = &options->password_authentication; goto parse_flag; -@@ -2925,6 +2969,7 @@ +@@ -2950,6 +2994,7 @@ M_CP_INTOPT(password_authentication); M_CP_INTOPT(gss_authentication); @@ -2006,10 +1997,10 @@ diff -Nur openssh-9.8p1.orig/servconf.c openssh-9.8p1/servconf.c M_CP_INTOPT(pubkey_authentication); M_CP_INTOPT(pubkey_auth_options); M_CP_INTOPT(kerberos_authentication); -diff -Nur openssh-9.8p1.orig/servconf.h openssh-9.8p1/servconf.h ---- openssh-9.8p1.orig/servconf.h 2024-09-30 11:38:28.431321237 +0200 -+++ openssh-9.8p1/servconf.h 2024-09-30 11:44:57.129433237 +0200 -@@ -154,9 +154,12 @@ +diff -Nur openssh-9.9p1.orig/servconf.h openssh-9.9p1/servconf.h +--- openssh-9.9p1.orig/servconf.h 2025-01-20 19:52:47.836052125 +0100 ++++ openssh-9.9p1/servconf.h 2025-01-20 20:23:17.278730059 +0100 +@@ -155,9 +155,12 @@ * be stored in per-session ccache */ int use_kuserok; int enable_k5users; @@ -2022,7 +2013,7 @@ diff -Nur openssh-9.8p1.orig/servconf.h openssh-9.8p1/servconf.h int gss_strict_acceptor; /* If true, restrict the GSSAPI acceptor name */ int gss_store_rekey; char *gss_kex_algorithms; /* GSSAPI kex methods to be offered by client. */ -@@ -220,6 +223,7 @@ +@@ -221,6 +224,7 @@ int use_pam; /* Enable auth via PAM */ char *pam_service_name; @@ -2030,10 +2021,10 @@ diff -Nur openssh-9.8p1.orig/servconf.h openssh-9.8p1/servconf.h int permit_tun; -diff -Nur openssh-9.8p1.orig/ssh.1 openssh-9.8p1/ssh.1 ---- openssh-9.8p1.orig/ssh.1 2024-09-30 11:38:28.517321483 +0200 -+++ openssh-9.8p1/ssh.1 2024-09-30 11:39:17.577461840 +0200 -@@ -1521,6 +1521,18 @@ +diff -Nur openssh-9.9p1.orig/ssh.1 openssh-9.9p1/ssh.1 +--- openssh-9.9p1.orig/ssh.1 2025-01-20 19:52:47.941052394 +0100 ++++ openssh-9.9p1/ssh.1 2025-01-20 20:23:17.279730061 +0100 +@@ -1523,6 +1523,18 @@ on to new connections). .It Ev USER Set to the name of the user logging in. @@ -2052,9 +2043,9 @@ diff -Nur openssh-9.8p1.orig/ssh.1 openssh-9.8p1/ssh.1 .El .Pp Additionally, -diff -Nur openssh-9.8p1.orig/ssh.c openssh-9.8p1/ssh.c ---- openssh-9.8p1.orig/ssh.c 2024-09-30 11:38:28.511321466 +0200 -+++ openssh-9.8p1/ssh.c 2024-09-30 11:39:17.578461843 +0200 +diff -Nur openssh-9.9p1.orig/ssh.c openssh-9.9p1/ssh.c +--- openssh-9.9p1.orig/ssh.c 2025-01-20 19:52:47.926052356 +0100 ++++ openssh-9.9p1/ssh.c 2025-01-20 20:23:17.280730064 +0100 @@ -573,6 +573,38 @@ fatal("Can't open user config file %.100s: " "%.100s", config, strerror(errno)); @@ -2108,9 +2099,9 @@ diff -Nur openssh-9.8p1.orig/ssh.c openssh-9.8p1/ssh.c /* * If ProxyJump option specified, then construct a ProxyCommand now. -diff -Nur openssh-9.8p1.orig/ssh_config openssh-9.8p1/ssh_config ---- openssh-9.8p1.orig/ssh_config 2024-09-30 11:38:28.380321091 +0200 -+++ openssh-9.8p1/ssh_config 2024-09-30 11:39:17.578461843 +0200 +diff -Nur openssh-9.9p1.orig/ssh_config openssh-9.9p1/ssh_config +--- openssh-9.9p1.orig/ssh_config 2025-01-20 19:52:47.793052015 +0100 ++++ openssh-9.9p1/ssh_config 2025-01-20 20:23:17.281730067 +0100 @@ -22,9 +22,9 @@ # ForwardX11 no # PasswordAuthentication yes @@ -2124,9 +2115,9 @@ diff -Nur openssh-9.8p1.orig/ssh_config openssh-9.8p1/ssh_config # GSSAPITrustDNS no # BatchMode no # CheckHostIP no -diff -Nur openssh-9.8p1.orig/ssh_config.5 openssh-9.8p1/ssh_config.5 ---- openssh-9.8p1.orig/ssh_config.5 2024-09-30 11:38:28.454321303 +0200 -+++ openssh-9.8p1/ssh_config.5 2024-09-30 11:39:17.579461846 +0200 +diff -Nur openssh-9.9p1.orig/ssh_config.5 openssh-9.9p1/ssh_config.5 +--- openssh-9.9p1.orig/ssh_config.5 2025-01-20 19:52:47.956052433 +0100 ++++ openssh-9.9p1/ssh_config.5 2025-01-20 20:23:17.282730069 +0100 @@ -52,6 +52,12 @@ user's configuration file .Pq Pa ~/.ssh/config @@ -2164,7 +2155,7 @@ diff -Nur openssh-9.8p1.orig/ssh_config.5 openssh-9.8p1/ssh_config.5 .It Cm GSSAPIRenewalForcesRekey If set to .Dq yes -@@ -1595,7 +1601,7 @@ +@@ -1600,7 +1606,7 @@ .Cm password ) . The default is: .Bd -literal -offset indent @@ -2173,10 +2164,10 @@ diff -Nur openssh-9.8p1.orig/ssh_config.5 openssh-9.8p1/ssh_config.5 keyboard-interactive,password .Ed .It Cm ProxyCommand -diff -Nur openssh-9.8p1.orig/sshconnect2.c openssh-9.8p1/sshconnect2.c ---- openssh-9.8p1.orig/sshconnect2.c 2024-09-30 11:38:28.530321521 +0200 -+++ openssh-9.8p1/sshconnect2.c 2024-09-30 11:39:17.580461848 +0200 -@@ -854,6 +854,11 @@ +diff -Nur openssh-9.9p1.orig/sshconnect2.c openssh-9.9p1/sshconnect2.c +--- openssh-9.9p1.orig/sshconnect2.c 2025-01-20 19:52:47.951052420 +0100 ++++ openssh-9.9p1/sshconnect2.c 2025-01-20 20:23:17.283730071 +0100 +@@ -855,6 +855,11 @@ gss_OID mech = NULL; char *gss_host = NULL; @@ -2188,7 +2179,7 @@ diff -Nur openssh-9.8p1.orig/sshconnect2.c openssh-9.8p1/sshconnect2.c if (options.gss_server_identity) { gss_host = xstrdup(options.gss_server_identity); } else if (options.gss_trust_dns) { -@@ -962,7 +967,8 @@ +@@ -963,7 +968,8 @@ if (status == GSS_S_COMPLETE) { /* send either complete or MIC, depending on mechanism */ @@ -2198,7 +2189,7 @@ diff -Nur openssh-9.8p1.orig/sshconnect2.c openssh-9.8p1/sshconnect2.c if ((r = sshpkt_start(ssh, SSH2_MSG_USERAUTH_GSSAPI_EXCHANGE_COMPLETE)) != 0 || (r = sshpkt_send(ssh)) != 0) -@@ -1129,6 +1135,20 @@ +@@ -1130,6 +1136,20 @@ return r; } @@ -2219,7 +2210,7 @@ diff -Nur openssh-9.8p1.orig/sshconnect2.c openssh-9.8p1/sshconnect2.c int userauth_gsskeyex(struct ssh *ssh) { -@@ -1151,6 +1171,12 @@ +@@ -1152,6 +1172,12 @@ if ((b = sshbuf_new()) == NULL) fatal_f("sshbuf_new failed"); @@ -2232,7 +2223,7 @@ diff -Nur openssh-9.8p1.orig/sshconnect2.c openssh-9.8p1/sshconnect2.c ssh_gssapi_buildmic(b, authctxt->server_user, authctxt->service, "gssapi-keyex", ssh->kex->session_id); -@@ -1164,7 +1190,9 @@ +@@ -1165,7 +1191,9 @@ } if ((r = sshpkt_start(ssh, SSH2_MSG_USERAUTH_REQUEST)) != 0 || @@ -2243,10 +2234,10 @@ diff -Nur openssh-9.8p1.orig/sshconnect2.c openssh-9.8p1/sshconnect2.c (r = sshpkt_put_cstring(ssh, authctxt->service)) != 0 || (r = sshpkt_put_cstring(ssh, authctxt->method->name)) != 0 || (r = sshpkt_put_string(ssh, mic.value, mic.length)) != 0 || -diff -Nur openssh-9.8p1.orig/sshd.8 openssh-9.8p1/sshd.8 ---- openssh-9.8p1.orig/sshd.8 2024-09-30 11:38:28.395321134 +0200 -+++ openssh-9.8p1/sshd.8 2024-09-30 11:39:17.580461848 +0200 -@@ -836,6 +836,29 @@ +diff -Nur openssh-9.9p1.orig/sshd.8 openssh-9.9p1/sshd.8 +--- openssh-9.9p1.orig/sshd.8 2025-01-20 19:52:47.807052051 +0100 ++++ openssh-9.9p1/sshd.8 2025-01-20 20:23:17.283730071 +0100 +@@ -840,6 +840,29 @@ # A CA key, accepted for any host in *.mydomain.com or *.mydomain.org @cert-authority *.mydomain.org,*.mydomain.com ssh-rsa AAAAB5W... .Ed @@ -2276,9 +2267,9 @@ diff -Nur openssh-9.8p1.orig/sshd.8 openssh-9.8p1/sshd.8 .Sh FILES .Bl -tag -width Ds -compact .It Pa ~/.hushlogin -diff -Nur openssh-9.8p1.orig/sshd_config openssh-9.8p1/sshd_config ---- openssh-9.8p1.orig/sshd_config 2024-09-30 11:38:28.419321203 +0200 -+++ openssh-9.8p1/sshd_config 2024-09-30 11:39:17.582461854 +0200 +diff -Nur openssh-9.9p1.orig/sshd_config openssh-9.9p1/sshd_config +--- openssh-9.9p1.orig/sshd_config 2025-01-20 19:52:47.826052099 +0100 ++++ openssh-9.9p1/sshd_config 2025-01-20 20:23:17.284730074 +0100 @@ -76,10 +76,11 @@ #KerberosUseKuserok yes @@ -2304,9 +2295,9 @@ diff -Nur openssh-9.8p1.orig/sshd_config openssh-9.8p1/sshd_config #AllowAgentForwarding yes #AllowTcpForwarding yes #GatewayPorts no -diff -Nur openssh-9.8p1.orig/sshd_config.5 openssh-9.8p1/sshd_config.5 ---- openssh-9.8p1.orig/sshd_config.5 2024-09-30 11:38:28.455321306 +0200 -+++ openssh-9.8p1/sshd_config.5 2024-09-30 11:39:17.582461854 +0200 +diff -Nur openssh-9.9p1.orig/sshd_config.5 openssh-9.9p1/sshd_config.5 +--- openssh-9.9p1.orig/sshd_config.5 2025-01-20 19:52:47.870052212 +0100 ++++ openssh-9.9p1/sshd_config.5 2025-01-20 20:23:17.284730074 +0100 @@ -724,15 +724,34 @@ to allow the client to select the address to which the forwarding is bound. The default is @@ -2352,7 +2343,7 @@ diff -Nur openssh-9.8p1.orig/sshd_config.5 openssh-9.8p1/sshd_config.5 .It Cm GSSAPIStrictAcceptorCheck Determines whether to be strict about the identity of the GSSAPI acceptor a client authenticates against. -@@ -2017,6 +2036,12 @@ +@@ -2041,6 +2060,12 @@ as a non-root user. The default is .Cm no . @@ -2365,9 +2356,9 @@ diff -Nur openssh-9.8p1.orig/sshd_config.5 openssh-9.8p1/sshd_config.5 .It Cm VersionAddendum Optionally specifies additional text to append to the SSH protocol banner sent by the server upon connection. -diff -Nur openssh-9.8p1.orig/sshd_config_redhat openssh-9.8p1/sshd_config_redhat ---- openssh-9.8p1.orig/sshd_config_redhat 2024-09-30 11:38:28.362321040 +0200 -+++ openssh-9.8p1/sshd_config_redhat 2024-09-30 11:39:17.583461857 +0200 +diff -Nur openssh-9.9p1.orig/sshd_config_redhat openssh-9.9p1/sshd_config_redhat +--- openssh-9.9p1.orig/sshd_config_redhat 2025-01-20 19:52:47.764051942 +0100 ++++ openssh-9.9p1/sshd_config_redhat 2025-01-20 20:23:17.285730077 +0100 @@ -2,9 +2,6 @@ ChallengeResponseAuthentication no @@ -2378,10 +2369,10 @@ diff -Nur openssh-9.8p1.orig/sshd_config_redhat openssh-9.8p1/sshd_config_redhat UsePAM yes X11Forwarding yes -diff -Nur openssh-9.8p1.orig/sshd-session.c openssh-9.8p1/sshd-session.c ---- openssh-9.8p1.orig/sshd-session.c 2024-09-30 11:38:28.541321552 +0200 -+++ openssh-9.8p1/sshd-session.c 2024-09-30 11:48:44.155082722 +0200 -@@ -1437,7 +1437,7 @@ +diff -Nur openssh-9.9p1.orig/sshd-session.c openssh-9.9p1/sshd-session.c +--- openssh-9.9p1.orig/sshd-session.c 2025-01-20 19:52:47.968052463 +0100 ++++ openssh-9.9p1/sshd-session.c 2025-01-20 20:23:17.285730077 +0100 +@@ -1487,7 +1487,7 @@ #endif #ifdef GSSAPI @@ -2390,9 +2381,9 @@ diff -Nur openssh-9.8p1.orig/sshd-session.c openssh-9.8p1/sshd-session.c temporarily_use_uid(authctxt->pw); authctxt->krb5_set_env = ssh_gssapi_storecreds(); restore_uid(); -diff -Nur openssh-9.8p1.orig/ssh-gss.h openssh-9.8p1/ssh-gss.h ---- openssh-9.8p1.orig/ssh-gss.h 2024-09-30 11:38:28.400321149 +0200 -+++ openssh-9.8p1/ssh-gss.h 2024-09-30 11:39:17.583461857 +0200 +diff -Nur openssh-9.9p1.orig/ssh-gss.h openssh-9.9p1/ssh-gss.h +--- openssh-9.9p1.orig/ssh-gss.h 2025-01-20 19:52:47.805052046 +0100 ++++ openssh-9.9p1/ssh-gss.h 2025-01-20 20:23:17.286730079 +0100 @@ -99,12 +99,14 @@ } ssh_gssapi_ccache; @@ -2428,12 +2419,12 @@ diff -Nur openssh-9.8p1.orig/ssh-gss.h openssh-9.8p1/ssh-gss.h /* In the server */ typedef int ssh_gssapi_check_fn(Gssctxt **, gss_OID, const char *, const char *); -diff -Nur openssh-9.8p1.orig/version.h openssh-9.8p1/version.h ---- openssh-9.8p1.orig/version.h 2024-07-01 06:36:28.000000000 +0200 -+++ openssh-9.8p1/version.h 2024-09-30 11:39:17.584461860 +0200 +diff -Nur openssh-9.9p1.orig/version.h openssh-9.9p1/version.h +--- openssh-9.9p1.orig/version.h 2024-09-20 00:20:48.000000000 +0200 ++++ openssh-9.9p1/version.h 2025-01-20 20:23:17.286730079 +0100 @@ -2,5 +2,19 @@ - #define SSH_VERSION "OpenSSH_9.8" + #define SSH_VERSION "OpenSSH_9.9" +#ifdef GSI +#define GSI_VERSION " GSI" diff --git a/openssh-9.8p1-hpn-18.5.1.patch b/openssh-9.9p1-hpn-18.6.0.patch similarity index 96% rename from openssh-9.8p1-hpn-18.5.1.patch rename to openssh-9.9p1-hpn-18.6.0.patch index 0952a56..da663c9 100644 --- a/openssh-9.8p1-hpn-18.5.1.patch +++ b/openssh-9.9p1-hpn-18.6.0.patch @@ -1,6 +1,6 @@ -diff -Nur openssh-9.8p1.orig/auth2.c openssh-9.8p1/auth2.c ---- openssh-9.8p1.orig/auth2.c 2024-09-30 16:02:22.611024465 +0200 -+++ openssh-9.8p1/auth2.c 2024-10-01 08:51:48.548148424 +0200 +diff -Nur openssh-9.9p1.orig/auth2.c openssh-9.9p1/auth2.c +--- openssh-9.9p1.orig/auth2.c 2025-01-20 20:48:33.444582227 +0100 ++++ openssh-9.9p1/auth2.c 2025-01-20 21:54:08.570687857 +0100 @@ -52,6 +52,8 @@ #include "dispatch.h" #include "pathnames.h" @@ -41,9 +41,9 @@ diff -Nur openssh-9.8p1.orig/auth2.c openssh-9.8p1/auth2.c debug("attempt %d failures %d", authctxt->attempt, authctxt->failures); #ifdef WITH_SELINUX -diff -Nur openssh-9.8p1.orig/binn.c openssh-9.8p1/binn.c ---- openssh-9.8p1.orig/binn.c 1970-01-01 01:00:00.000000000 +0100 -+++ openssh-9.8p1/binn.c 2024-09-30 16:03:39.142245236 +0200 +diff -Nur openssh-9.9p1.orig/binn.c openssh-9.9p1/binn.c +--- openssh-9.9p1.orig/binn.c 1970-01-01 01:00:00.000000000 +0100 ++++ openssh-9.9p1/binn.c 2025-01-20 20:50:04.564813761 +0100 @@ -0,0 +1,3541 @@ +#include +#include @@ -3586,9 +3586,9 @@ diff -Nur openssh-9.8p1.orig/binn.c openssh-9.8p1/binn.c +} + +/*************************************************************************************/ -diff -Nur openssh-9.8p1.orig/binn.h openssh-9.8p1/binn.h ---- openssh-9.8p1.orig/binn.h 1970-01-01 01:00:00.000000000 +0100 -+++ openssh-9.8p1/binn.h 2024-09-30 16:03:39.145245244 +0200 +diff -Nur openssh-9.9p1.orig/binn.h openssh-9.9p1/binn.h +--- openssh-9.9p1.orig/binn.h 1970-01-01 01:00:00.000000000 +0100 ++++ openssh-9.9p1/binn.h 2025-01-20 20:50:04.565813763 +0100 @@ -0,0 +1,945 @@ + +// TO ENABLE INLINE FUNCTIONS: @@ -4535,9 +4535,9 @@ diff -Nur openssh-9.8p1.orig/binn.h openssh-9.8p1/binn.h +#endif + +#endif //BINN_H -diff -Nur openssh-9.8p1.orig/channels.c openssh-9.8p1/channels.c ---- openssh-9.8p1.orig/channels.c 2024-09-30 16:02:22.534024243 +0200 -+++ openssh-9.8p1/channels.c 2024-10-01 08:56:07.524893574 +0200 +diff -Nur openssh-9.9p1.orig/channels.c openssh-9.9p1/channels.c +--- openssh-9.9p1.orig/channels.c 2025-01-20 20:48:33.373582047 +0100 ++++ openssh-9.9p1/channels.c 2025-01-20 21:55:22.938880541 +0100 @@ -97,6 +97,11 @@ /* Minimum port number for X11 forwarding */ #define X11_PORT_MIN 6000 @@ -4585,7 +4585,7 @@ diff -Nur openssh-9.8p1.orig/channels.c openssh-9.8p1/channels.c c->remote_name = xstrdup(remote_name); c->ctl_chan = -1; c->delayed = 1; /* prevent call to channel_post handler */ -@@ -1255,6 +1274,33 @@ +@@ -1257,6 +1276,33 @@ c->io_want = SSH_CHAN_IO_SOCK_W; } @@ -4619,7 +4619,7 @@ diff -Nur openssh-9.8p1.orig/channels.c openssh-9.8p1/channels.c static void channel_pre_open(struct ssh *ssh, Channel *c) { -@@ -2362,18 +2408,29 @@ +@@ -2364,18 +2410,29 @@ c->local_maxpacket*3) || c->local_window < c->local_window_max/2) && c->local_consumed > 0) { @@ -4652,7 +4652,7 @@ diff -Nur openssh-9.8p1.orig/channels.c openssh-9.8p1/channels.c c->local_consumed = 0; } return 1; -@@ -2959,9 +3016,7 @@ +@@ -2961,9 +3018,7 @@ * in use. */ if (CHANNEL_EFD_INPUT_ACTIVE(c)) @@ -4663,7 +4663,7 @@ diff -Nur openssh-9.8p1.orig/channels.c openssh-9.8p1/channels.c else chan_ibuf_empty(ssh, c); } -@@ -3670,7 +3725,7 @@ +@@ -3672,7 +3727,7 @@ error_fr(r, "parse adjust"); ssh_packet_disconnect(ssh, "Invalid window adjust message"); } @@ -4672,7 +4672,7 @@ diff -Nur openssh-9.8p1.orig/channels.c openssh-9.8p1/channels.c if ((new_rwin = c->remote_window + adjust) < c->remote_window) { fatal("channel %d: adjust %u overflows remote window %u", c->self, adjust, c->remote_window); -@@ -3785,6 +3840,13 @@ +@@ -3787,6 +3842,13 @@ return addr; } @@ -4686,10 +4686,10 @@ diff -Nur openssh-9.8p1.orig/channels.c openssh-9.8p1/channels.c static int channel_setup_fwd_listener_tcpip(struct ssh *ssh, int type, struct Forward *fwd, int *allocated_listen_port, -diff -Nur openssh-9.8p1.orig/channels.h openssh-9.8p1/channels.h ---- openssh-9.8p1.orig/channels.h 2024-09-30 16:02:22.494024127 +0200 -+++ openssh-9.8p1/channels.h 2024-09-30 16:03:39.147245250 +0200 -@@ -173,6 +173,7 @@ +diff -Nur openssh-9.9p1.orig/channels.h openssh-9.9p1/channels.h +--- openssh-9.9p1.orig/channels.h 2025-01-20 20:48:33.343581971 +0100 ++++ openssh-9.9p1/channels.h 2025-01-20 20:50:04.567813768 +0100 +@@ -175,6 +175,7 @@ u_int local_window_max; u_int local_consumed; u_int local_maxpacket; @@ -4697,7 +4697,7 @@ diff -Nur openssh-9.8p1.orig/channels.h openssh-9.8p1/channels.h int extended_usage; int single_connection; -@@ -254,7 +255,7 @@ +@@ -256,7 +257,7 @@ #define SSH_CHAN_IO_SOCK (SSH_CHAN_IO_SOCK_R|SSH_CHAN_IO_SOCK_W) /* Read buffer size */ @@ -4706,16 +4706,16 @@ diff -Nur openssh-9.8p1.orig/channels.h openssh-9.8p1/channels.h /* Maximum size for direct reads to buffers */ #define CHANNEL_MAX_READ CHAN_SES_PACKET_DEFAULT -@@ -396,4 +397,6 @@ +@@ -398,4 +399,6 @@ void chan_write_failed(struct ssh *, Channel *); void chan_obuf_empty(struct ssh *, Channel *); +/* hpn handler */ +void channel_set_hpn_disabled(int); #endif -diff -Nur openssh-9.8p1.orig/cipher.c openssh-9.8p1/cipher.c ---- openssh-9.8p1.orig/cipher.c 2024-09-30 16:02:22.556024306 +0200 -+++ openssh-9.8p1/cipher.c 2024-10-01 09:00:13.211602019 +0200 +diff -Nur openssh-9.9p1.orig/cipher.c openssh-9.9p1/cipher.c +--- openssh-9.9p1.orig/cipher.c 2025-01-20 20:48:33.392582095 +0100 ++++ openssh-9.9p1/cipher.c 2025-01-20 21:56:16.253016900 +0100 @@ -48,23 +48,39 @@ #include "sshbuf.h" #include "ssherr.h" @@ -5011,9 +5011,9 @@ diff -Nur openssh-9.8p1.orig/cipher.c openssh-9.8p1/cipher.c #endif freezero(cc, sizeof(*cc)); } -diff -Nur openssh-9.8p1.orig/cipher-chachapoly.c openssh-9.8p1/cipher-chachapoly.c ---- openssh-9.8p1.orig/cipher-chachapoly.c 2024-07-01 06:36:28.000000000 +0200 -+++ openssh-9.8p1/cipher-chachapoly.c 2024-09-30 16:03:39.149245256 +0200 +diff -Nur openssh-9.9p1.orig/cipher-chachapoly.c openssh-9.9p1/cipher-chachapoly.c +--- openssh-9.9p1.orig/cipher-chachapoly.c 2024-09-20 00:20:48.000000000 +0200 ++++ openssh-9.9p1/cipher-chachapoly.c 2025-01-20 20:50:04.569813773 +0100 @@ -88,7 +88,7 @@ if (!do_encrypt) { const u_char *tag = src + aadlen + len; @@ -5032,9 +5032,9 @@ diff -Nur openssh-9.8p1.orig/cipher-chachapoly.c openssh-9.8p1/cipher-chachapoly poly_key); } r = 0; -diff -Nur openssh-9.8p1.orig/cipher-chachapoly-libcrypto.c openssh-9.8p1/cipher-chachapoly-libcrypto.c ---- openssh-9.8p1.orig/cipher-chachapoly-libcrypto.c 2024-07-01 06:36:28.000000000 +0200 -+++ openssh-9.8p1/cipher-chachapoly-libcrypto.c 2024-10-01 09:02:21.651972382 +0200 +diff -Nur openssh-9.9p1.orig/cipher-chachapoly-libcrypto.c openssh-9.9p1/cipher-chachapoly-libcrypto.c +--- openssh-9.9p1.orig/cipher-chachapoly-libcrypto.c 2024-09-20 00:20:48.000000000 +0200 ++++ openssh-9.9p1/cipher-chachapoly-libcrypto.c 2025-01-20 21:59:09.157459134 +0100 @@ -34,8 +34,17 @@ #include "ssherr.h" #include "cipher-chachapoly.h" @@ -5097,9 +5097,9 @@ diff -Nur openssh-9.8p1.orig/cipher-chachapoly-libcrypto.c openssh-9.8p1/cipher- poly_key); } r = 0; -diff -Nur openssh-9.8p1.orig/cipher-chachapoly-libcrypto-mt.c openssh-9.8p1/cipher-chachapoly-libcrypto-mt.c ---- openssh-9.8p1.orig/cipher-chachapoly-libcrypto-mt.c 1970-01-01 01:00:00.000000000 +0100 -+++ openssh-9.8p1/cipher-chachapoly-libcrypto-mt.c 2024-09-30 16:03:39.149245256 +0200 +diff -Nur openssh-9.9p1.orig/cipher-chachapoly-libcrypto-mt.c openssh-9.9p1/cipher-chachapoly-libcrypto-mt.c +--- openssh-9.9p1.orig/cipher-chachapoly-libcrypto-mt.c 1970-01-01 01:00:00.000000000 +0100 ++++ openssh-9.9p1/cipher-chachapoly-libcrypto-mt.c 2025-01-20 20:50:04.570813776 +0100 @@ -0,0 +1,695 @@ +/* + * Copyright (c) 2023 The Board of Trustees of Carnegie Mellon University. @@ -5796,9 +5796,9 @@ diff -Nur openssh-9.8p1.orig/cipher-chachapoly-libcrypto-mt.c openssh-9.8p1/ciph +#endif +} +#endif /* defined(HAVE_EVP_CHACHA20) && !defined(HAVE_BROKEN_CHACHA20) */ -diff -Nur openssh-9.8p1.orig/cipher-chachapoly-libcrypto-mt.h openssh-9.8p1/cipher-chachapoly-libcrypto-mt.h ---- openssh-9.8p1.orig/cipher-chachapoly-libcrypto-mt.h 1970-01-01 01:00:00.000000000 +0100 -+++ openssh-9.8p1/cipher-chachapoly-libcrypto-mt.h 2024-09-30 16:03:39.149245256 +0200 +diff -Nur openssh-9.9p1.orig/cipher-chachapoly-libcrypto-mt.h openssh-9.9p1/cipher-chachapoly-libcrypto-mt.h +--- openssh-9.9p1.orig/cipher-chachapoly-libcrypto-mt.h 1970-01-01 01:00:00.000000000 +0100 ++++ openssh-9.9p1/cipher-chachapoly-libcrypto-mt.h 2025-01-20 20:50:04.571813779 +0100 @@ -0,0 +1,45 @@ +/* + * Copyright (c) 2023 The Board of Trustees of Carnegie Mellon University. @@ -5845,9 +5845,9 @@ diff -Nur openssh-9.8p1.orig/cipher-chachapoly-libcrypto-mt.h openssh-9.8p1/ciph + __attribute__((__bounded__(__buffer__, 4, 5))); + +#endif /* CHACHA_POLY_LIBCRYPTO_MT_H */ -diff -Nur openssh-9.8p1.orig/cipher-ctr-mt.c openssh-9.8p1/cipher-ctr-mt.c ---- openssh-9.8p1.orig/cipher-ctr-mt.c 1970-01-01 01:00:00.000000000 +0100 -+++ openssh-9.8p1/cipher-ctr-mt.c 2024-09-30 16:03:39.150245259 +0200 +diff -Nur openssh-9.9p1.orig/cipher-ctr-mt.c openssh-9.9p1/cipher-ctr-mt.c +--- openssh-9.9p1.orig/cipher-ctr-mt.c 1970-01-01 01:00:00.000000000 +0100 ++++ openssh-9.9p1/cipher-ctr-mt.c 2025-01-20 20:50:04.571813779 +0100 @@ -0,0 +1,677 @@ +/* + * OpenSSH Multi-threaded AES-CTR Cipher @@ -6526,9 +6526,9 @@ diff -Nur openssh-9.8p1.orig/cipher-ctr-mt.c openssh-9.8p1/cipher-ctr-mt.c + return aes_ctr; +} +#endif /* OSSL Check */ -diff -Nur openssh-9.8p1.orig/cipher-ctr-mt-functions.c openssh-9.8p1/cipher-ctr-mt-functions.c ---- openssh-9.8p1.orig/cipher-ctr-mt-functions.c 1970-01-01 01:00:00.000000000 +0100 -+++ openssh-9.8p1/cipher-ctr-mt-functions.c 2024-09-30 16:03:39.150245259 +0200 +diff -Nur openssh-9.9p1.orig/cipher-ctr-mt-functions.c openssh-9.9p1/cipher-ctr-mt-functions.c +--- openssh-9.9p1.orig/cipher-ctr-mt-functions.c 1970-01-01 01:00:00.000000000 +0100 ++++ openssh-9.9p1/cipher-ctr-mt-functions.c 2025-01-20 20:50:04.572813781 +0100 @@ -0,0 +1,668 @@ +/* + * OpenSSH Multi-threaded AES-CTR Cipher Provider for OpenSSL 3 @@ -7198,9 +7198,9 @@ diff -Nur openssh-9.8p1.orig/cipher-ctr-mt-functions.c openssh-9.8p1/cipher-ctr- +} + +#endif /*WITH_OPENSSL3*/ -diff -Nur openssh-9.8p1.orig/cipher-ctr-mt-functions.h openssh-9.8p1/cipher-ctr-mt-functions.h ---- openssh-9.8p1.orig/cipher-ctr-mt-functions.h 1970-01-01 01:00:00.000000000 +0100 -+++ openssh-9.8p1/cipher-ctr-mt-functions.h 2024-09-30 16:03:39.150245259 +0200 +diff -Nur openssh-9.9p1.orig/cipher-ctr-mt-functions.h openssh-9.9p1/cipher-ctr-mt-functions.h +--- openssh-9.9p1.orig/cipher-ctr-mt-functions.h 1970-01-01 01:00:00.000000000 +0100 ++++ openssh-9.9p1/cipher-ctr-mt-functions.h 2025-01-20 20:50:04.572813781 +0100 @@ -0,0 +1,142 @@ +/* + * OpenSSH Multi-threaded AES-CTR Cipher Provider for OpenSSL 3 @@ -7344,9 +7344,9 @@ diff -Nur openssh-9.8p1.orig/cipher-ctr-mt-functions.h openssh-9.8p1/cipher-ctr- + +#endif /* WITH OPENSSL */ +#endif /* CTR_MT_FUNCS */ -diff -Nur openssh-9.8p1.orig/cipher-ctr-mt-provider.c openssh-9.8p1/cipher-ctr-mt-provider.c ---- openssh-9.8p1.orig/cipher-ctr-mt-provider.c 1970-01-01 01:00:00.000000000 +0100 -+++ openssh-9.8p1/cipher-ctr-mt-provider.c 2024-09-30 16:03:39.151245261 +0200 +diff -Nur openssh-9.9p1.orig/cipher-ctr-mt-provider.c openssh-9.9p1/cipher-ctr-mt-provider.c +--- openssh-9.9p1.orig/cipher-ctr-mt-provider.c 1970-01-01 01:00:00.000000000 +0100 ++++ openssh-9.9p1/cipher-ctr-mt-provider.c 2025-01-20 20:50:04.572813781 +0100 @@ -0,0 +1,390 @@ +/* + * OpenSSH Multi-threaded AES-CTR Cipher Provider for OpenSSL 3 @@ -7738,9 +7738,9 @@ diff -Nur openssh-9.8p1.orig/cipher-ctr-mt-provider.c openssh-9.8p1/cipher-ctr-m +} + +#endif /*WITH_OPENSSL3*/ -diff -Nur openssh-9.8p1.orig/cipher.h openssh-9.8p1/cipher.h ---- openssh-9.8p1.orig/cipher.h 2024-09-30 16:02:22.556024306 +0200 -+++ openssh-9.8p1/cipher.h 2024-09-30 16:26:15.533157716 +0200 +diff -Nur openssh-9.9p1.orig/cipher.h openssh-9.9p1/cipher.h +--- openssh-9.9p1.orig/cipher.h 2025-01-20 20:48:33.392582095 +0100 ++++ openssh-9.9p1/cipher.h 2025-01-20 20:59:21.957234646 +0100 @@ -42,11 +42,17 @@ #include #endif @@ -7797,9 +7797,9 @@ diff -Nur openssh-9.8p1.orig/cipher.h openssh-9.8p1/cipher.h u_int cipher_ctx_is_plaintext(struct sshcipher_ctx *); -diff -Nur openssh-9.8p1.orig/cipher-switch.c openssh-9.8p1/cipher-switch.c ---- openssh-9.8p1.orig/cipher-switch.c 1970-01-01 01:00:00.000000000 +0100 -+++ openssh-9.8p1/cipher-switch.c 2024-09-30 16:03:39.151245261 +0200 +diff -Nur openssh-9.9p1.orig/cipher-switch.c openssh-9.9p1/cipher-switch.c +--- openssh-9.9p1.orig/cipher-switch.c 1970-01-01 01:00:00.000000000 +0100 ++++ openssh-9.9p1/cipher-switch.c 2025-01-20 20:50:04.573813784 +0100 @@ -0,0 +1,73 @@ +/* + * Copyright (c) 2023 The Board of Trustees of Carnegie Mellon University. @@ -7874,9 +7874,9 @@ diff -Nur openssh-9.8p1.orig/cipher-switch.c openssh-9.8p1/cipher-switch.c + } +#endif +} -diff -Nur openssh-9.8p1.orig/cipher-switch.h openssh-9.8p1/cipher-switch.h ---- openssh-9.8p1.orig/cipher-switch.h 1970-01-01 01:00:00.000000000 +0100 -+++ openssh-9.8p1/cipher-switch.h 2024-09-30 16:03:39.152245264 +0200 +diff -Nur openssh-9.9p1.orig/cipher-switch.h openssh-9.9p1/cipher-switch.h +--- openssh-9.9p1.orig/cipher-switch.h 1970-01-01 01:00:00.000000000 +0100 ++++ openssh-9.9p1/cipher-switch.h 2025-01-20 20:50:04.574813786 +0100 @@ -0,0 +1,18 @@ +/* + * Copyright (c) 2015 The Board of Trustees of Carnegie Mellon University. @@ -7896,9 +7896,9 @@ diff -Nur openssh-9.8p1.orig/cipher-switch.h openssh-9.8p1/cipher-switch.h + */ + +void cipher_switch (struct ssh *); -diff -Nur openssh-9.8p1.orig/clientloop.c openssh-9.8p1/clientloop.c ---- openssh-9.8p1.orig/clientloop.c 2024-09-30 16:02:22.434023954 +0200 -+++ openssh-9.8p1/clientloop.c 2024-09-30 16:03:39.153245267 +0200 +diff -Nur openssh-9.9p1.orig/clientloop.c openssh-9.9p1/clientloop.c +--- openssh-9.9p1.orig/clientloop.c 2025-01-20 20:48:33.290581837 +0100 ++++ openssh-9.9p1/clientloop.c 2025-01-20 20:50:04.575813789 +0100 @@ -114,6 +114,7 @@ #include "msg.h" #include "ssherr.h" @@ -8188,9 +8188,9 @@ diff -Nur openssh-9.8p1.orig/clientloop.c openssh-9.8p1/clientloop.c if (len > 900) len = 900; if (want_subsystem) { -diff -Nur openssh-9.8p1.orig/compat.c openssh-9.8p1/compat.c ---- openssh-9.8p1.orig/compat.c 2024-09-30 16:02:22.594024416 +0200 -+++ openssh-9.8p1/compat.c 2024-10-01 09:15:43.262288236 +0200 +diff -Nur openssh-9.9p1.orig/compat.c openssh-9.9p1/compat.c +--- openssh-9.9p1.orig/compat.c 2025-01-20 20:48:33.422582171 +0100 ++++ openssh-9.9p1/compat.c 2025-01-20 22:39:30.315877553 +0100 @@ -135,6 +135,35 @@ ssh->compat = check[i].bugs; if (forbid_ssh_rsa) @@ -8218,7 +8218,7 @@ diff -Nur openssh-9.8p1.orig/compat.c openssh-9.8p1/compat.c + } + /* if it's openssh and not hpn */ + else if ((strstr(version, "OpenSSH_8.9") != NULL) || -+ (strstr(version, "OpenSSH_9") != NULL)) { ++ (strstr(version, "OpenSSH_9") != NULL)) { + ssh->compat |= SSH_RESTRICT_WINDOW; + debug("Restricting advertised window size."); + } @@ -8227,9 +8227,9 @@ diff -Nur openssh-9.8p1.orig/compat.c openssh-9.8p1/compat.c return; } } -diff -Nur openssh-9.8p1.orig/compat.h openssh-9.8p1/compat.h ---- openssh-9.8p1.orig/compat.h 2024-09-30 16:02:22.594024416 +0200 -+++ openssh-9.8p1/compat.h 2024-10-01 09:16:03.734347588 +0200 +diff -Nur openssh-9.9p1.orig/compat.h openssh-9.9p1/compat.h +--- openssh-9.9p1.orig/compat.h 2025-01-20 20:48:33.423582174 +0100 ++++ openssh-9.9p1/compat.h 2025-01-20 22:36:35.778448062 +0100 @@ -46,12 +46,12 @@ /* #define unused 0x00010000 */ /* #define unused 0x00020000 */ @@ -8246,10 +8246,10 @@ diff -Nur openssh-9.8p1.orig/compat.h openssh-9.8p1/compat.h #define SSH_NEW_OPENSSH 0x04000000 #define SSH_BUG_DYNAMIC_RPORT 0x08000000 #define SSH_BUG_CURVE25519PAD 0x10000000 -diff -Nur openssh-9.8p1.orig/configure.ac openssh-9.8p1/configure.ac ---- openssh-9.8p1.orig/configure.ac 2024-09-30 16:02:22.614024473 +0200 -+++ openssh-9.8p1/configure.ac 2024-09-30 16:03:39.155245273 +0200 -@@ -2936,8 +2936,8 @@ +diff -Nur openssh-9.9p1.orig/configure.ac openssh-9.9p1/configure.ac +--- openssh-9.9p1.orig/configure.ac 2025-01-20 20:48:33.447582234 +0100 ++++ openssh-9.9p1/configure.ac 2025-01-20 20:50:04.577813794 +0100 +@@ -2945,8 +2945,8 @@ 200*) # LibreSSL lver=`echo "$sslver" | sed 's/.*libressl-//'` case "$lver" in @@ -8260,7 +8260,7 @@ diff -Nur openssh-9.8p1.orig/configure.ac openssh-9.8p1/configure.ac ;; *) ;; # Assume all other versions are good. esac -@@ -2946,6 +2946,7 @@ +@@ -2955,6 +2955,7 @@ # OpenSSL 3; we use the 1.1x API # https://openssl.org/policies/general/versioning-policy.html CPPFLAGS="$CPPFLAGS -DOPENSSL_API_COMPAT=0x10100000L" @@ -8268,7 +8268,7 @@ diff -Nur openssh-9.8p1.orig/configure.ac openssh-9.8p1/configure.ac ;; *) AC_MSG_ERROR([Unknown/unsupported OpenSSL version ("$ssl_showver")]) -@@ -3063,6 +3064,30 @@ +@@ -3074,6 +3075,30 @@ EVP_CIPHER_CTX_set_iv \ ]) @@ -8299,9 +8299,9 @@ diff -Nur openssh-9.8p1.orig/configure.ac openssh-9.8p1/configure.ac if test "x$openssl_engine" = "xyes" ; then AC_MSG_CHECKING([for OpenSSL ENGINE support]) AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[ -diff -Nur openssh-9.8p1.orig/defines.h openssh-9.8p1/defines.h ---- openssh-9.8p1.orig/defines.h 2024-07-01 06:36:28.000000000 +0200 -+++ openssh-9.8p1/defines.h 2024-09-30 16:03:39.155245273 +0200 +diff -Nur openssh-9.9p1.orig/defines.h openssh-9.9p1/defines.h +--- openssh-9.9p1.orig/defines.h 2024-09-20 00:20:48.000000000 +0200 ++++ openssh-9.9p1/defines.h 2025-01-20 20:50:04.578813797 +0100 @@ -889,7 +889,7 @@ #endif @@ -8311,9 +8311,9 @@ diff -Nur openssh-9.8p1.orig/defines.h openssh-9.8p1/defines.h #endif /* -diff -Nur openssh-9.8p1.orig/digest.h openssh-9.8p1/digest.h ---- openssh-9.8p1.orig/digest.h 2024-09-30 16:02:22.523024211 +0200 -+++ openssh-9.8p1/digest.h 2024-09-30 16:03:39.156245276 +0200 +diff -Nur openssh-9.9p1.orig/digest.h openssh-9.9p1/digest.h +--- openssh-9.9p1.orig/digest.h 2024-09-20 00:20:48.000000000 +0200 ++++ openssh-9.9p1/digest.h 2025-01-20 20:50:04.578813797 +0100 @@ -27,7 +27,8 @@ #define SSH_DIGEST_SHA256 2 #define SSH_DIGEST_SHA384 3 @@ -8324,9 +8324,9 @@ diff -Nur openssh-9.8p1.orig/digest.h openssh-9.8p1/digest.h struct sshbuf; struct ssh_digest_ctx; -diff -Nur openssh-9.8p1.orig/digest-openssl.c openssh-9.8p1/digest-openssl.c ---- openssh-9.8p1.orig/digest-openssl.c 2024-09-30 16:02:22.523024211 +0200 -+++ openssh-9.8p1/digest-openssl.c 2024-09-30 16:03:39.156245276 +0200 +diff -Nur openssh-9.9p1.orig/digest-openssl.c openssh-9.9p1/digest-openssl.c +--- openssh-9.9p1.orig/digest-openssl.c 2024-09-20 00:20:48.000000000 +0200 ++++ openssh-9.9p1/digest-openssl.c 2025-01-20 20:50:04.578813797 +0100 @@ -61,6 +61,7 @@ { SSH_DIGEST_SHA256, "SHA256", 32, EVP_sha256 }, { SSH_DIGEST_SHA384, "SHA384", 48, EVP_sha384 }, @@ -8335,9 +8335,9 @@ diff -Nur openssh-9.8p1.orig/digest-openssl.c openssh-9.8p1/digest-openssl.c { -1, NULL, 0, NULL }, }; -diff -Nur openssh-9.8p1.orig/FUNDING.yml openssh-9.8p1/FUNDING.yml ---- openssh-9.8p1.orig/FUNDING.yml 1970-01-01 01:00:00.000000000 +0100 -+++ openssh-9.8p1/FUNDING.yml 2024-09-30 16:03:39.156245276 +0200 +diff -Nur openssh-9.9p1.orig/FUNDING.yml openssh-9.9p1/FUNDING.yml +--- openssh-9.9p1.orig/FUNDING.yml 1970-01-01 01:00:00.000000000 +0100 ++++ openssh-9.9p1/FUNDING.yml 2025-01-20 20:50:04.578813797 +0100 @@ -0,0 +1,12 @@ +# These are supported funding model platforms + @@ -8351,9 +8351,9 @@ diff -Nur openssh-9.8p1.orig/FUNDING.yml openssh-9.8p1/FUNDING.yml +#issuehunt: # Replace with a single IssueHunt username +#otechie: # Replace with a single Otechie username +#custom: # Replace with up to 4 custom sponsorship URLs e.g., ['link1', 'link2'] -diff -Nur openssh-9.8p1.orig/HPN-README openssh-9.8p1/HPN-README ---- openssh-9.8p1.orig/HPN-README 1970-01-01 01:00:00.000000000 +0100 -+++ openssh-9.8p1/HPN-README 2024-09-30 16:03:39.156245276 +0200 +diff -Nur openssh-9.9p1.orig/HPN-README openssh-9.9p1/HPN-README +--- openssh-9.9p1.orig/HPN-README 1970-01-01 01:00:00.000000000 +0100 ++++ openssh-9.9p1/HPN-README 2025-01-20 20:50:04.578813797 +0100 @@ -0,0 +1,170 @@ +Notes: + @@ -8525,9 +8525,9 @@ diff -Nur openssh-9.8p1.orig/HPN-README openssh-9.8p1/HPN-README + + +Edited: October 11, 2023 -diff -Nur openssh-9.8p1.orig/HPNSSHInstallation.txt openssh-9.8p1/HPNSSHInstallation.txt ---- openssh-9.8p1.orig/HPNSSHInstallation.txt 1970-01-01 01:00:00.000000000 +0100 -+++ openssh-9.8p1/HPNSSHInstallation.txt 2024-09-30 16:03:39.156245276 +0200 +diff -Nur openssh-9.9p1.orig/HPNSSHInstallation.txt openssh-9.9p1/HPNSSHInstallation.txt +--- openssh-9.9p1.orig/HPNSSHInstallation.txt 1970-01-01 01:00:00.000000000 +0100 ++++ openssh-9.9p1/HPNSSHInstallation.txt 2025-01-20 20:50:04.579813799 +0100 @@ -0,0 +1,354 @@ +HPN-SSH Installation + @@ -8658,7 +8658,7 @@ diff -Nur openssh-9.8p1.orig/HPNSSHInstallation.txt openssh-9.8p1/HPNSSHInstalla +hpnsshd.service.in. You can use this file by copying it to +/libsystemd/system/hpnsshd.service instead of copying the above text. + -+Then create the defaults file at /etc/defaults/hpnsshd with the following content: ++Then create the defaults file at /etc/default/hpnsshd with the following content: +# Default settings for openssh-server. +# Options to pass to sshd +SSHD_OPTS= @@ -8883,10 +8883,10 @@ diff -Nur openssh-9.8p1.orig/HPNSSHInstallation.txt openssh-9.8p1/HPNSSHInstalla +restorecon /usr/bin/hpnssh-agent +restorecon /usr/bin/hpnssh-keygen +restorecon /etc/pam.d/hpnsshd -diff -Nur openssh-9.8p1.orig/kex.c openssh-9.8p1/kex.c ---- openssh-9.8p1.orig/kex.c 2024-09-30 16:02:22.589024401 +0200 -+++ openssh-9.8p1/kex.c 2024-09-30 16:03:39.157245279 +0200 -@@ -66,6 +66,7 @@ +diff -Nur openssh-9.9p1.orig/kex.c openssh-9.9p1/kex.c +--- openssh-9.9p1.orig/kex.c 2025-01-20 20:48:33.420582166 +0100 ++++ openssh-9.9p1/kex.c 2025-01-20 20:50:04.579813799 +0100 +@@ -67,6 +67,7 @@ #include "ssherr.h" #include "sshbuf.h" @@ -8894,7 +8894,7 @@ diff -Nur openssh-9.8p1.orig/kex.c openssh-9.8p1/kex.c #include "digest.h" #include "xmalloc.h" #include "audit.h" -@@ -774,17 +775,83 @@ +@@ -775,17 +776,83 @@ free(kex); } @@ -8970,7 +8970,7 @@ diff -Nur openssh-9.8p1.orig/kex.c openssh-9.8p1/kex.c kex_reset_dispatch(ssh); ssh_dispatch_set(ssh, SSH2_MSG_KEXINIT, &kex_input_kexinit); - return 0; -+ restoreProposal: ++ restoreProposal: +#ifdef WITH_OPENSSL + free(proposal[PROPOSAL_ENC_ALGS_CTOS]); + free(proposal[PROPOSAL_ENC_ALGS_STOC]); @@ -8981,7 +8981,7 @@ diff -Nur openssh-9.8p1.orig/kex.c openssh-9.8p1/kex.c } int -@@ -975,6 +1042,11 @@ +@@ -974,6 +1041,11 @@ int nenc, nmac, ncomp; u_int mode, ctos, need, dh_need, authlen; int r, first_kex_follows; @@ -8993,7 +8993,7 @@ diff -Nur openssh-9.8p1.orig/kex.c openssh-9.8p1/kex.c debug2("local %s KEXINIT proposal", kex->server ? "server" : "client"); if ((r = kex_buf2prop(kex->my, NULL, &my)) != 0) -@@ -1051,6 +1123,31 @@ +@@ -1050,6 +1122,31 @@ peer[nenc] = NULL; goto out; } @@ -9025,7 +9025,7 @@ diff -Nur openssh-9.8p1.orig/kex.c openssh-9.8p1/kex.c authlen = cipher_authlen(newkeys->enc.cipher); /* ignore mac for authenticated encryption */ if (authlen == 0 && -@@ -1066,11 +1163,43 @@ +@@ -1065,11 +1162,43 @@ peer[ncomp] = NULL; goto out; } @@ -9069,7 +9069,7 @@ diff -Nur openssh-9.8p1.orig/kex.c openssh-9.8p1/kex.c } need = dh_need = 0; for (mode = 0; mode < MODE_MAX; mode++) { -@@ -1430,7 +1559,7 @@ +@@ -1429,7 +1558,7 @@ if (version_addendum != NULL && *version_addendum == '\0') version_addendum = NULL; if ((r = sshbuf_putf(our_version, "SSH-%d.%d-%s%s%s\r\n", @@ -9078,7 +9078,7 @@ diff -Nur openssh-9.8p1.orig/kex.c openssh-9.8p1/kex.c version_addendum == NULL ? "" : " ", version_addendum == NULL ? "" : version_addendum)) != 0) { oerrno = errno; -@@ -1566,9 +1695,24 @@ +@@ -1565,9 +1694,24 @@ r = SSH_ERR_INVALID_FORMAT; goto out; } @@ -9103,9 +9103,9 @@ diff -Nur openssh-9.8p1.orig/kex.c openssh-9.8p1/kex.c mismatch = 0; switch (remote_major) { -diff -Nur openssh-9.8p1.orig/mac.c openssh-9.8p1/mac.c ---- openssh-9.8p1.orig/mac.c 2024-09-30 16:02:22.557024309 +0200 -+++ openssh-9.8p1/mac.c 2024-09-30 16:03:39.158245282 +0200 +diff -Nur openssh-9.9p1.orig/mac.c openssh-9.9p1/mac.c +--- openssh-9.9p1.orig/mac.c 2025-01-20 20:48:33.394582100 +0100 ++++ openssh-9.9p1/mac.c 2025-01-20 20:50:04.580813802 +0100 @@ -63,6 +63,7 @@ { "hmac-sha2-512", SSH_DIGEST, SSH_DIGEST_SHA512, 0, 0, 0, 0 }, { "hmac-md5", SSH_DIGEST, SSH_DIGEST_MD5, 0, 0, 0, 0 }, @@ -9114,9 +9114,9 @@ diff -Nur openssh-9.8p1.orig/mac.c openssh-9.8p1/mac.c { "umac-64@openssh.com", SSH_UMAC, 0, 0, 128, 64, 0 }, { "umac-128@openssh.com", SSH_UMAC128, 0, 0, 128, 128, 0 }, -diff -Nur openssh-9.8p1.orig/Makefile.in openssh-9.8p1/Makefile.in ---- openssh-9.8p1.orig/Makefile.in 2024-09-30 16:02:22.616024479 +0200 -+++ openssh-9.8p1/Makefile.in 2024-10-01 09:22:44.089508215 +0200 +diff -Nur openssh-9.9p1.orig/Makefile.in openssh-9.9p1/Makefile.in +--- openssh-9.9p1.orig/Makefile.in 2025-01-20 20:48:33.449582239 +0100 ++++ openssh-9.9p1/Makefile.in 2025-01-20 21:02:30.432714955 +0100 @@ -51,7 +51,7 @@ CFLAGS_NOPIE=@CFLAGS_NOPIE@ CPPFLAGS=-I. -I$(srcdir) @CPPFLAGS@ $(PATHS) @DEFS@ @@ -9144,7 +9144,7 @@ diff -Nur openssh-9.8p1.orig/Makefile.in openssh-9.8p1/Makefile.in hmac.o ed25519.o hash.o \ kex.o kex-names.o kexdh.o kexgex.o kexecdh.o kexc25519.o \ @@ -116,12 +117,13 @@ - kexsntrup761x25519.o sntrup761.o kexgen.o \ + kexsntrup761x25519.o kexmlkem768x25519.o sntrup761.o kexgen.o \ kexgssc.o \ sftp-realpath.o platform-pledge.o platform-tracing.o platform-misc.o \ - sshbuf-io.o auditstub.o @@ -9177,9 +9177,9 @@ diff -Nur openssh-9.8p1.orig/Makefile.in openssh-9.8p1/Makefile.in ssh-add$(EXEEXT): $(LIBCOMPAT) libssh.a $(SSHADD_OBJS) $(LD) -o $@ $(SSHADD_OBJS) $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS) $(CHANNELLIBS) -diff -Nur openssh-9.8p1.orig/metrics.c openssh-9.8p1/metrics.c ---- openssh-9.8p1.orig/metrics.c 1970-01-01 01:00:00.000000000 +0100 -+++ openssh-9.8p1/metrics.c 2024-09-30 16:03:39.159245285 +0200 +diff -Nur openssh-9.9p1.orig/metrics.c openssh-9.9p1/metrics.c +--- openssh-9.9p1.orig/metrics.c 1970-01-01 01:00:00.000000000 +0100 ++++ openssh-9.9p1/metrics.c 2025-01-20 20:50:04.581813804 +0100 @@ -0,0 +1,444 @@ +/* + * Copyright (c) 2022 The Board of Trustees of Carnegie Mellon University. @@ -9625,9 +9625,9 @@ diff -Nur openssh-9.8p1.orig/metrics.c openssh-9.8p1/metrics.c +#endif /* ifdef __linux__ */ + fprintf(fptr, "\n\n"); +} -diff -Nur openssh-9.8p1.orig/metrics.h openssh-9.8p1/metrics.h ---- openssh-9.8p1.orig/metrics.h 1970-01-01 01:00:00.000000000 +0100 -+++ openssh-9.8p1/metrics.h 2024-09-30 16:03:39.159245285 +0200 +diff -Nur openssh-9.9p1.orig/metrics.h openssh-9.9p1/metrics.h +--- openssh-9.9p1.orig/metrics.h 1970-01-01 01:00:00.000000000 +0100 ++++ openssh-9.9p1/metrics.h 2025-01-20 20:50:04.581813804 +0100 @@ -0,0 +1,45 @@ +/* + * Copyright (c) 2022 The Board of Trustees of Carnegie Mellon University. @@ -9674,9 +9674,9 @@ diff -Nur openssh-9.8p1.orig/metrics.h openssh-9.8p1/metrics.h + + +#endif /* define metrics_h */ -diff -Nur openssh-9.8p1.orig/misc.c openssh-9.8p1/misc.c ---- openssh-9.8p1.orig/misc.c 2024-09-30 16:02:22.617024482 +0200 -+++ openssh-9.8p1/misc.c 2024-09-30 16:03:39.159245285 +0200 +diff -Nur openssh-9.9p1.orig/misc.c openssh-9.9p1/misc.c +--- openssh-9.9p1.orig/misc.c 2025-01-20 20:48:33.449582239 +0100 ++++ openssh-9.9p1/misc.c 2025-01-20 20:50:04.582813807 +0100 @@ -77,6 +77,29 @@ #include "ssherr.h" #include "platform.h" @@ -9746,9 +9746,9 @@ diff -Nur openssh-9.8p1.orig/misc.c openssh-9.8p1/misc.c put_u16(void *vp, u_int16_t v) { u_char *p = (u_char *)vp; -diff -Nur openssh-9.8p1.orig/misc.h openssh-9.8p1/misc.h ---- openssh-9.8p1.orig/misc.h 2024-09-30 16:02:22.617024482 +0200 -+++ openssh-9.8p1/misc.h 2024-09-30 16:03:39.160245287 +0200 +diff -Nur openssh-9.9p1.orig/misc.h openssh-9.9p1/misc.h +--- openssh-9.9p1.orig/misc.h 2025-01-20 20:48:33.450582242 +0100 ++++ openssh-9.9p1/misc.h 2025-01-20 20:50:04.582813807 +0100 @@ -166,12 +166,6 @@ void put_u16(void *, u_int16_t) __attribute__((__bounded__( __minbytes__, 1, 2))); @@ -9779,10 +9779,10 @@ diff -Nur openssh-9.8p1.orig/misc.h openssh-9.8p1/misc.h +void read_mem_stats(struct statm_t *, int); + #endif /* _MISC_H */ -diff -Nur openssh-9.8p1.orig/myproposal.h openssh-9.8p1/myproposal.h ---- openssh-9.8p1.orig/myproposal.h 2024-09-30 16:02:22.575024361 +0200 -+++ openssh-9.8p1/myproposal.h 2024-09-30 16:03:39.161245290 +0200 -@@ -69,7 +69,8 @@ +diff -Nur openssh-9.9p1.orig/myproposal.h openssh-9.9p1/myproposal.h +--- openssh-9.9p1.orig/myproposal.h 2025-01-20 20:48:33.407582133 +0100 ++++ openssh-9.9p1/myproposal.h 2025-01-20 20:50:04.583813809 +0100 +@@ -71,7 +71,8 @@ "rsa-sha2-256" #define KEX_SERVER_ENCRYPT \ @@ -9792,9 +9792,9 @@ diff -Nur openssh-9.8p1.orig/myproposal.h openssh-9.8p1/myproposal.h "aes128-ctr,aes192-ctr,aes256-ctr," \ "aes128-gcm@openssh.com,aes256-gcm@openssh.com" -diff -Nur openssh-9.8p1.orig/num.c openssh-9.8p1/num.c ---- openssh-9.8p1.orig/num.c 1970-01-01 01:00:00.000000000 +0100 -+++ openssh-9.8p1/num.c 2024-09-30 16:03:39.161245290 +0200 +diff -Nur openssh-9.9p1.orig/num.c openssh-9.9p1/num.c +--- openssh-9.9p1.orig/num.c 1970-01-01 01:00:00.000000000 +0100 ++++ openssh-9.9p1/num.c 2025-01-20 20:50:04.583813809 +0100 @@ -0,0 +1,156 @@ +/* CC0 license applied, see LICENCE.md */ + @@ -9952,9 +9952,9 @@ diff -Nur openssh-9.8p1.orig/num.c openssh-9.8p1/num.c +implement_provnum(size_t, OSSL_PARAM_UNSIGNED_INTEGER) + +#endif /* WITH_OPENSSL3 */ -diff -Nur openssh-9.8p1.orig/num.h openssh-9.8p1/num.h ---- openssh-9.8p1.orig/num.h 1970-01-01 01:00:00.000000000 +0100 -+++ openssh-9.8p1/num.h 2024-09-30 16:03:39.161245290 +0200 +diff -Nur openssh-9.9p1.orig/num.h openssh-9.9p1/num.h +--- openssh-9.9p1.orig/num.h 1970-01-01 01:00:00.000000000 +0100 ++++ openssh-9.9p1/num.h 2025-01-20 20:50:04.584813812 +0100 @@ -0,0 +1,15 @@ +/* CC0 license applied, see LICENCE.md */ + @@ -9971,9 +9971,9 @@ diff -Nur openssh-9.8p1.orig/num.h openssh-9.8p1/num.h +#define PROVNUM_E_TOOBIG -2 +#define PROVNUM_E_UNSUPPORTED -3 +#endif /* WITH_OPENSSL3 */ -diff -Nur openssh-9.8p1.orig/ossl3-provider-err.c openssh-9.8p1/ossl3-provider-err.c ---- openssh-9.8p1.orig/ossl3-provider-err.c 1970-01-01 01:00:00.000000000 +0100 -+++ openssh-9.8p1/ossl3-provider-err.c 2024-09-30 16:03:39.162245293 +0200 +diff -Nur openssh-9.9p1.orig/ossl3-provider-err.c openssh-9.9p1/ossl3-provider-err.c +--- openssh-9.9p1.orig/ossl3-provider-err.c 1970-01-01 01:00:00.000000000 +0100 ++++ openssh-9.9p1/ossl3-provider-err.c 2025-01-20 20:50:04.584813812 +0100 @@ -0,0 +1,108 @@ +/* CC0 license applied, see LICENCE.md */ + @@ -10083,9 +10083,9 @@ diff -Nur openssh-9.8p1.orig/ossl3-provider-err.c openssh-9.8p1/ossl3-provider-e +} + +#endif /* WITH_OPENSSL3 */ -diff -Nur openssh-9.8p1.orig/ossl3-provider-err.h openssh-9.8p1/ossl3-provider-err.h ---- openssh-9.8p1.orig/ossl3-provider-err.h 1970-01-01 01:00:00.000000000 +0100 -+++ openssh-9.8p1/ossl3-provider-err.h 2024-09-30 16:03:39.162245293 +0200 +diff -Nur openssh-9.9p1.orig/ossl3-provider-err.h openssh-9.9p1/ossl3-provider-err.h +--- openssh-9.9p1.orig/ossl3-provider-err.h 1970-01-01 01:00:00.000000000 +0100 ++++ openssh-9.9p1/ossl3-provider-err.h 2025-01-20 20:50:04.584813812 +0100 @@ -0,0 +1,73 @@ +/* CC0 license applied, see LICENCE.md */ + @@ -10160,9 +10160,9 @@ diff -Nur openssh-9.8p1.orig/ossl3-provider-err.h openssh-9.8p1/ossl3-provider-e +void proverr_set_error(const struct proverr_functions_st *handle, + uint32_t reason, const char *fmt, ...); +#endif /* WITH_OPENSSL3 */ -diff -Nur openssh-9.8p1.orig/packet.c openssh-9.8p1/packet.c ---- openssh-9.8p1.orig/packet.c 2024-09-30 16:02:22.560024318 +0200 -+++ openssh-9.8p1/packet.c 2024-09-30 16:03:39.163245296 +0200 +diff -Nur openssh-9.9p1.orig/packet.c openssh-9.9p1/packet.c +--- openssh-9.9p1.orig/packet.c 2025-01-20 20:48:33.396582105 +0100 ++++ openssh-9.9p1/packet.c 2025-01-20 20:50:04.585813814 +0100 @@ -63,6 +63,9 @@ #endif #include @@ -10295,7 +10295,7 @@ diff -Nur openssh-9.8p1.orig/packet.c openssh-9.8p1/packet.c return r; if (!state->cipher_warning_done && (wmsg = cipher_warning_message(*ccp)) != NULL) { -@@ -1045,23 +1095,45 @@ +@@ -1044,23 +1094,45 @@ } comp->enabled = 1; } @@ -10355,7 +10355,7 @@ diff -Nur openssh-9.8p1.orig/packet.c openssh-9.8p1/packet.c #define MAX_PACKETS (1U<<31) static int ssh_packet_need_rekeying(struct ssh *ssh, u_int outbound_packet_len) -@@ -1088,6 +1160,14 @@ +@@ -1087,6 +1159,14 @@ if (state->p_send.packets == 0 && state->p_read.packets == 0) return 0; @@ -10370,7 +10370,7 @@ diff -Nur openssh-9.8p1.orig/packet.c openssh-9.8p1/packet.c /* Time-based rekeying */ if (state->rekey_interval != 0 && (int64_t)state->rekey_time + state->rekey_interval <= monotime()) -@@ -1294,8 +1374,8 @@ +@@ -1293,8 +1373,8 @@ sshbuf_len(state->outgoing_packet) + authlen, &cp)) != 0) goto out; if ((r = cipher_crypt(state->send_context, state->p_send.seqnr, cp, @@ -10381,7 +10381,7 @@ diff -Nur openssh-9.8p1.orig/packet.c openssh-9.8p1/packet.c goto out; /* append unencrypted MAC */ if (mac && mac->enabled) { -@@ -1446,7 +1526,7 @@ +@@ -1445,7 +1525,7 @@ struct session_state *state = ssh->state; int len, r, ms_remain = 0; struct pollfd pfd; @@ -10390,7 +10390,7 @@ diff -Nur openssh-9.8p1.orig/packet.c openssh-9.8p1/packet.c struct timeval start; struct timespec timespec, *timespecp = NULL; -@@ -1573,7 +1653,7 @@ +@@ -1549,7 +1629,7 @@ return 0; /* packet is incomplete */ state->packlen = PEEK_U32(cp); if (state->packlen < 4 + 1 || @@ -10399,7 +10399,7 @@ diff -Nur openssh-9.8p1.orig/packet.c openssh-9.8p1/packet.c return SSH_ERR_MESSAGE_INCOMPLETE; } need = state->packlen + 4; -@@ -1632,7 +1712,7 @@ +@@ -1608,7 +1688,7 @@ sshbuf_ptr(state->input), sshbuf_len(state->input)) != 0) return 0; if (state->packlen < 1 + 4 || @@ -10408,7 +10408,7 @@ diff -Nur openssh-9.8p1.orig/packet.c openssh-9.8p1/packet.c #ifdef PACKET_DEBUG sshbuf_dump(state->input, stderr); #endif -@@ -1659,7 +1739,7 @@ +@@ -1635,7 +1715,7 @@ goto out; state->packlen = PEEK_U32(sshbuf_ptr(state->incoming_packet)); if (state->packlen < 1 + 4 || @@ -10417,7 +10417,7 @@ diff -Nur openssh-9.8p1.orig/packet.c openssh-9.8p1/packet.c #ifdef PACKET_DEBUG fprintf(stderr, "input: \n"); sshbuf_dump(state->input, stderr); -@@ -1668,7 +1748,7 @@ +@@ -1644,7 +1724,7 @@ #endif logit("Bad packet length %u.", state->packlen); return ssh_packet_start_discard(ssh, enc, mac, 0, @@ -10426,7 +10426,7 @@ diff -Nur openssh-9.8p1.orig/packet.c openssh-9.8p1/packet.c } if ((r = sshbuf_consume(state->input, block_size)) != 0) goto out; -@@ -1691,7 +1771,7 @@ +@@ -1667,7 +1747,7 @@ logit("padding error: need %d block %d mod %d", need, block_size, need % block_size); return ssh_packet_start_discard(ssh, enc, mac, 0, @@ -10435,7 +10435,7 @@ diff -Nur openssh-9.8p1.orig/packet.c openssh-9.8p1/packet.c } /* * check if the entire packet has been received and -@@ -1735,11 +1815,11 @@ +@@ -1711,11 +1791,11 @@ if (r != SSH_ERR_MAC_INVALID) goto out; logit("Corrupted MAC on input."); @@ -10449,7 +10449,7 @@ diff -Nur openssh-9.8p1.orig/packet.c openssh-9.8p1/packet.c } /* Remove MAC from input buffer */ DBG(debug("MAC #%d ok", state->p_read.seqnr)); -@@ -1954,7 +2034,7 @@ +@@ -1930,7 +2010,7 @@ int r; size_t rlen; @@ -10458,7 +10458,7 @@ diff -Nur openssh-9.8p1.orig/packet.c openssh-9.8p1/packet.c return r; if (state->packet_discard) { -@@ -2033,17 +2113,21 @@ +@@ -2009,17 +2089,21 @@ switch (r) { case SSH_ERR_CONN_CLOSED: ssh_packet_clear_keys(ssh); @@ -10480,7 +10480,7 @@ diff -Nur openssh-9.8p1.orig/packet.c openssh-9.8p1/packet.c logdie("Connection reset by %s", remote_id); } /* FALLTHROUGH */ -@@ -2085,6 +2169,24 @@ +@@ -2061,6 +2145,24 @@ logdie_f("should have exited"); } @@ -10505,7 +10505,7 @@ diff -Nur openssh-9.8p1.orig/packet.c openssh-9.8p1/packet.c /* * Logs the error plus constructs and sends a disconnect packet, closes the * connection, and exits. This function never returns. The error message -@@ -2339,10 +2441,19 @@ +@@ -2315,10 +2417,19 @@ ssh->kex->server = 1; /* XXX unify? */ } @@ -10525,7 +10525,7 @@ diff -Nur openssh-9.8p1.orig/packet.c openssh-9.8p1/packet.c } void * -@@ -2960,3 +3071,17 @@ +@@ -2941,3 +3052,17 @@ ssh->state->extra_pad = pad; return 0; } @@ -10543,10 +10543,10 @@ diff -Nur openssh-9.8p1.orig/packet.c openssh-9.8p1/packet.c +{ + return ssh->state->receive_context; +} -diff -Nur openssh-9.8p1.orig/packet.h openssh-9.8p1/packet.h ---- openssh-9.8p1.orig/packet.h 2024-09-30 16:02:22.560024318 +0200 -+++ openssh-9.8p1/packet.h 2024-09-30 16:03:39.163245296 +0200 -@@ -86,6 +86,17 @@ +diff -Nur openssh-9.9p1.orig/packet.h openssh-9.9p1/packet.h +--- openssh-9.9p1.orig/packet.h 2025-01-20 20:48:33.397582108 +0100 ++++ openssh-9.9p1/packet.h 2025-01-20 20:50:04.585813814 +0100 +@@ -88,6 +88,17 @@ /* APP data */ void *app_data; @@ -10564,7 +10564,7 @@ diff -Nur openssh-9.8p1.orig/packet.h openssh-9.8p1/packet.h }; typedef int (ssh_packet_hook_fn)(struct ssh *, struct sshbuf *, -@@ -156,6 +167,8 @@ +@@ -157,6 +168,8 @@ int ssh_packet_set_maxsize(struct ssh *, u_int); u_int ssh_packet_get_maxsize(struct ssh *); @@ -10573,7 +10573,7 @@ diff -Nur openssh-9.8p1.orig/packet.h openssh-9.8p1/packet.h int ssh_packet_get_state(struct ssh *, struct sshbuf *); int ssh_packet_set_state(struct ssh *, struct sshbuf *); -@@ -171,6 +184,13 @@ +@@ -172,6 +185,13 @@ void *ssh_packet_get_input(struct ssh *); void *ssh_packet_get_output(struct ssh *); @@ -10587,9 +10587,9 @@ diff -Nur openssh-9.8p1.orig/packet.h openssh-9.8p1/packet.h /* new API */ int sshpkt_start(struct ssh *ssh, u_char type); -diff -Nur openssh-9.8p1.orig/poly1305.c openssh-9.8p1/poly1305.c ---- openssh-9.8p1.orig/poly1305.c 2024-07-01 06:36:28.000000000 +0200 -+++ openssh-9.8p1/poly1305.c 2024-09-30 16:03:39.164245299 +0200 +diff -Nur openssh-9.9p1.orig/poly1305.c openssh-9.9p1/poly1305.c +--- openssh-9.9p1.orig/poly1305.c 2024-09-20 00:20:48.000000000 +0200 ++++ openssh-9.9p1/poly1305.c 2025-01-20 20:50:04.586813817 +0100 @@ -13,6 +13,16 @@ #include "poly1305.h" @@ -10621,9 +10621,9 @@ diff -Nur openssh-9.8p1.orig/poly1305.c openssh-9.8p1/poly1305.c U32TO8_LE(&out[12], f3); } +#endif /* OPENSSL_HAVE_POLY_EVP */ -diff -Nur openssh-9.8p1.orig/poly1305.h openssh-9.8p1/poly1305.h ---- openssh-9.8p1.orig/poly1305.h 2024-07-01 06:36:28.000000000 +0200 -+++ openssh-9.8p1/poly1305.h 2024-09-30 16:03:39.164245299 +0200 +diff -Nur openssh-9.9p1.orig/poly1305.h openssh-9.9p1/poly1305.h +--- openssh-9.9p1.orig/poly1305.h 2024-09-20 00:20:48.000000000 +0200 ++++ openssh-9.9p1/poly1305.h 2025-01-20 20:50:04.586813817 +0100 @@ -13,8 +13,15 @@ #define POLY1305_KEYLEN 32 #define POLY1305_TAGLEN 16 @@ -10641,9 +10641,9 @@ diff -Nur openssh-9.8p1.orig/poly1305.h openssh-9.8p1/poly1305.h __attribute__((__bounded__(__minbytes__, 1, POLY1305_TAGLEN))) __attribute__((__bounded__(__buffer__, 2, 3))) __attribute__((__bounded__(__minbytes__, 4, POLY1305_KEYLEN))); -diff -Nur openssh-9.8p1.orig/progressmeter.c openssh-9.8p1/progressmeter.c ---- openssh-9.8p1.orig/progressmeter.c 2024-07-01 06:36:28.000000000 +0200 -+++ openssh-9.8p1/progressmeter.c 2024-09-30 16:03:39.165245302 +0200 +diff -Nur openssh-9.9p1.orig/progressmeter.c openssh-9.9p1/progressmeter.c +--- openssh-9.9p1.orig/progressmeter.c 2024-09-20 00:20:48.000000000 +0200 ++++ openssh-9.9p1/progressmeter.c 2025-01-20 20:50:04.586813817 +0100 @@ -66,6 +66,8 @@ static off_t start_pos; /* initial position of transfer */ static off_t end_pos; /* ending position of transfer */ @@ -10702,9 +10702,9 @@ diff -Nur openssh-9.8p1.orig/progressmeter.c openssh-9.8p1/progressmeter.c } static void -diff -Nur openssh-9.8p1.orig/readconf.c openssh-9.8p1/readconf.c ---- openssh-9.8p1.orig/readconf.c 2024-09-30 16:02:22.619024488 +0200 -+++ openssh-9.8p1/readconf.c 2024-09-30 16:35:58.686841931 +0200 +diff -Nur openssh-9.9p1.orig/readconf.c openssh-9.9p1/readconf.c +--- openssh-9.9p1.orig/readconf.c 2025-01-20 20:48:33.452582247 +0100 ++++ openssh-9.9p1/readconf.c 2025-01-20 21:03:08.963813150 +0100 @@ -72,6 +72,7 @@ #include "myproposal.h" #include "digest.h" @@ -10758,7 +10758,7 @@ diff -Nur openssh-9.8p1.orig/readconf.c openssh-9.8p1/readconf.c } return port; } -@@ -1288,6 +1304,63 @@ +@@ -1317,6 +1333,63 @@ intptr = &options->check_host_ip; goto parse_flag; @@ -10822,7 +10822,7 @@ diff -Nur openssh-9.8p1.orig/readconf.c openssh-9.8p1/readconf.c case oVerifyHostKeyDNS: intptr = &options->verify_host_key_dns; multistate_ptr = multistate_yesnoask; -@@ -2678,6 +2751,17 @@ +@@ -2712,6 +2785,17 @@ options->ip_qos_interactive = -1; options->ip_qos_bulk = -1; options->request_tty = -1; @@ -10840,7 +10840,7 @@ diff -Nur openssh-9.8p1.orig/readconf.c openssh-9.8p1/readconf.c options->session_type = -1; options->stdin_null = -1; options->fork_after_authentication = -1; -@@ -2861,8 +2945,37 @@ +@@ -2895,8 +2979,37 @@ options->server_alive_interval = 0; if (options->server_alive_count_max == -1) options->server_alive_count_max = 3; @@ -10878,9 +10878,9 @@ diff -Nur openssh-9.8p1.orig/readconf.c openssh-9.8p1/readconf.c if (options->control_persist == -1) { options->control_persist = 0; options->control_persist_timeout = 0; -diff -Nur openssh-9.8p1.orig/readconf.h openssh-9.8p1/readconf.h ---- openssh-9.8p1.orig/readconf.h 2024-09-30 16:02:22.619024488 +0200 -+++ openssh-9.8p1/readconf.h 2024-10-01 10:20:11.459528169 +0200 +diff -Nur openssh-9.9p1.orig/readconf.h openssh-9.9p1/readconf.h +--- openssh-9.9p1.orig/readconf.h 2025-01-20 20:48:33.452582247 +0100 ++++ openssh-9.9p1/readconf.h 2025-01-21 07:26:17.608445051 +0100 @@ -56,6 +56,8 @@ int strict_host_key_checking; /* Strict host key checking. */ int compression; /* Compress packets in both directions. */ @@ -10908,9 +10908,9 @@ diff -Nur openssh-9.8p1.orig/readconf.h openssh-9.8p1/readconf.h int no_host_authentication_for_localhost; int identities_only; int server_alive_interval; -diff -Nur openssh-9.8p1.orig/README.md openssh-9.8p1/README.md ---- openssh-9.8p1.orig/README.md 2024-07-01 06:36:28.000000000 +0200 -+++ openssh-9.8p1/README.md 2024-09-30 16:03:39.167245307 +0200 +diff -Nur openssh-9.9p1.orig/README.md openssh-9.9p1/README.md +--- openssh-9.9p1.orig/README.md 2024-09-20 00:20:48.000000000 +0200 ++++ openssh-9.9p1/README.md 2025-01-20 20:50:04.588813822 +0100 @@ -1,12 +1,16 @@ -# Portable OpenSSH +# HPNSSH: Based on Portable OpenSSH @@ -10954,27 +10954,32 @@ diff -Nur openssh-9.8p1.orig/README.md openssh-9.8p1/README.md ``libcrypto`` from either [LibreSSL](https://www.libressl.org/) or [OpenSSL](https://www.openssl.org) may also be used. OpenSSH may be built without either of these, but the resulting binaries will have only a subset of the cryptographic algorithms normally available. -@@ -44,8 +48,8 @@ +@@ -44,8 +48,9 @@ Releases include a pre-built copy of the ``configure`` script and may be built using: ``` -tar zxvf openssh-X.YpZ.tar.gz -cd openssh +tar zxvf hpnssh-X.YpZ.tar.gz -+cd hpnssh ++cd hpn-ssh ++autoreconf -f -i ./configure # [options] make && make tests ``` -@@ -57,7 +61,7 @@ +@@ -57,9 +62,9 @@ If building from git, you'll need [autoconf](https://www.gnu.org/software/autoconf/) installed to build the ``configure`` script. The following commands will check out and build portable OpenSSH from git: ``` -git clone https://github.com/openssh/openssh-portable # or https://anongit.mindrot.org/openssh.git +-cd openssh-portable +-autoreconf +git clone https://github.com/rapier1/hpn-ssh - cd openssh-portable - autoreconf ++cd hpn-ssh ++autoreconf -f -i ./configure -@@ -76,6 +80,7 @@ + make && make tests + ``` +@@ -76,6 +81,7 @@ ``--with-libedit`` | Enable [libedit](https://www.thrysoee.dk/editline/) support for sftp. ``--with-kerberos5`` | Enable Kerberos/GSSAPI support. Both [Heimdal](https://www.h5l.org/) and [MIT](https://web.mit.edu/kerberos/) Kerberos implementations are supported. ``--with-selinux`` | Enable [SELinux](https://en.wikipedia.org/wiki/Security-Enhanced_Linux) support. @@ -10982,9 +10987,9 @@ diff -Nur openssh-9.8p1.orig/README.md openssh-9.8p1/README.md ## Development -diff -Nur openssh-9.8p1.orig/sandbox-seccomp-filter.c openssh-9.8p1/sandbox-seccomp-filter.c ---- openssh-9.8p1.orig/sandbox-seccomp-filter.c 2024-09-30 16:02:22.576024364 +0200 -+++ openssh-9.8p1/sandbox-seccomp-filter.c 2024-09-30 16:03:39.168245311 +0200 +diff -Nur openssh-9.9p1.orig/sandbox-seccomp-filter.c openssh-9.9p1/sandbox-seccomp-filter.c +--- openssh-9.9p1.orig/sandbox-seccomp-filter.c 2025-01-20 20:48:33.408582135 +0100 ++++ openssh-9.9p1/sandbox-seccomp-filter.c 2025-01-20 20:50:04.589813825 +0100 @@ -295,6 +295,9 @@ #ifdef __NR_geteuid32 SC_ALLOW(__NR_geteuid32), @@ -11005,9 +11010,9 @@ diff -Nur openssh-9.8p1.orig/sandbox-seccomp-filter.c openssh-9.8p1/sandbox-secc #ifdef __NR_time SC_ALLOW(__NR_time), #endif -diff -Nur openssh-9.8p1.orig/scp.1 openssh-9.8p1/scp.1 ---- openssh-9.8p1.orig/scp.1 2024-09-30 16:02:22.541024263 +0200 -+++ openssh-9.8p1/scp.1 2024-10-01 13:10:54.653458405 +0200 +diff -Nur openssh-9.9p1.orig/scp.1 openssh-9.9p1/scp.1 +--- openssh-9.9p1.orig/scp.1 2025-01-20 20:48:33.380582065 +0100 ++++ openssh-9.9p1/scp.1 2025-01-20 22:18:33.595608452 +0100 @@ -18,7 +18,7 @@ .Nd OpenSSH secure file copy .Sh SYNOPSIS @@ -11064,9 +11069,9 @@ diff -Nur openssh-9.8p1.orig/scp.1 openssh-9.8p1/scp.1 .Sh CAVEATS The legacy SCP protocol (selected by the .Fl O -diff -Nur openssh-9.8p1.orig/scp.c openssh-9.8p1/scp.c ---- openssh-9.8p1.orig/scp.c 2024-09-30 16:02:22.544024272 +0200 -+++ openssh-9.8p1/scp.c 2024-09-30 16:03:39.170245316 +0200 +diff -Nur openssh-9.9p1.orig/scp.c openssh-9.9p1/scp.c +--- openssh-9.9p1.orig/scp.c 2025-01-20 20:48:33.382582070 +0100 ++++ openssh-9.9p1/scp.c 2025-01-21 07:44:00.216159475 +0100 @@ -17,6 +17,7 @@ /* * Copyright (c) 1999 Theo de Raadt. All rights reserved. @@ -11164,7 +11169,7 @@ diff -Nur openssh-9.8p1.orig/scp.c openssh-9.8p1/scp.c switch (ch) { /* User-visible flags. */ case '1': -@@ -589,31 +623,43 @@ +@@ -589,24 +623,36 @@ addargs(&remote_remote_args, "-q"); showprogress = 0; break; @@ -11178,80 +11183,52 @@ diff -Nur openssh-9.8p1.orig/scp.c openssh-9.8p1/scp.c case 'X': /* Please keep in sync with sftp.c -X */ if (strncmp(optarg, "buffer=", 7) == 0) { -- r = scan_scaled(optarg + 7, &llv); + r = scan_scaled(optarg + 7, &llv); - if (r == 0 && (llv <= 0 || llv > 256 * 1024)) { -- r = -1; -- errno = EINVAL; -- } -- if (r == -1) { ++ /* don't ask for a buffer larger than the maximum ++ * size that SFTP can handle */ ++ if (r == 0 && (llv <= 0 || llv > (SFTP_MAX_MSG_LENGTH - 1024))) { + r = -1; + errno = EINVAL; + } + if (r == -1) { - fatal("Invalid buffer size \"%s\": %s", -- optarg + 7, strerror(errno)); -- } -- sftp_copy_buflen = (size_t)llv; -- } else if (strncmp(optarg, "nrequests=", 10) == 0) { ++ fatal("Invalid buffer size. Must be between 1B and 255KB. \"%s\": %s", + optarg + 7, strerror(errno)); + } + sftp_copy_buflen = (size_t)llv; + } else if (strncmp(optarg, "nrequests=", 10) == 0) { - llv = strtonum(optarg + 10, 1, 256 * 1024, -- &errstr); -- if (errstr != NULL) { ++ /* more than 10k to 15k requests starts stalling the connection ++ * 8192 * default buffer size is 256MB of outstanding data. ++ * if users need more then they need to up the buffer size */ ++ llv = strtonum(optarg + 10, 1, 8 * 1024, + &errstr); + if (errstr != NULL) { - fatal("Invalid number of requests " -- "\"%s\": %s", optarg + 10, errstr); -- } -- sftp_nrequests = (size_t)llv; -- } else { -- fatal("Invalid -X option"); -- } -- break; -+ r = scan_scaled(optarg + 7, &llv); -+ /* don't ask for a buffer larger than the maximum -+ * size that SFTP can handle */ -+ if (r == 0 && (llv <= 0 || llv > (SFTP_MAX_MSG_LENGTH - 1024))) { -+ r = -1; -+ errno = EINVAL; -+ } -+ if (r == -1) { -+ fatal("Invalid buffer size. Must be between 1B and 255KB." -+ "\"%s\": %s", optarg + 7, strerror(errno)); -+ } -+ sftp_copy_buflen = (size_t)llv; -+ } else if (strncmp(optarg, "nrequests=", 10) == 0) { -+ /* more than 10k to 15k requests starts stalling the connection -+ * 8192 * default buffer size is 256MB of outstanding data. -+ * if users need more then they need to up the buffer size */ -+ llv = strtonum(optarg + 10, 1, 8 * 1024, -+ &errstr); -+ if (errstr != NULL) { -+ fatal("Invalid number of requests. Must be between 1 and 8192. " -+ "\"%s\": %s", optarg + 10, errstr); -+ } -+ sftp_nrequests = (size_t)llv; -+ } else { -+ fatal("Invalid -X option"); -+ } -+ break; - - /* Server options. */ - case 'd': ++ fatal("Invalid number of requests. Must be between 1 and 8192. " + "\"%s\": %s", optarg + 10, errstr); + } + sftp_nrequests = (size_t)llv; @@ -694,11 +740,20 @@ remin = remout = -1; do_cmd_pid = -1; /* Command to be executed on remote system using "ssh". */ - (void) snprintf(cmd, sizeof cmd, "scp%s%s%s%s", -- verbose_mode ? " -v" : "", -- iamrecursive ? " -r" : "", pflag ? " -p" : "", -- targetshouldbedirectory ? " -d" : ""); -- + /* In the event of an hpn to hpn connection the scp + * command is rewritten to hpnscp. This happens in + * clientloop.c -cjr 12/12/2022 */ + + (void) snprintf(cmd, sizeof cmd, "%s%s%s%s%s%s", -+ remote_path ? remote_path : "scp", -+ verbose_mode ? " -v" : "", -+ iamrecursive ? " -r" : "", -+ pflag ? " -p" : "", -+ targetshouldbedirectory ? " -d" : "", -+ resume_flag ? " -Z" : ""); ++ remote_path ? remote_path : "scp", + verbose_mode ? " -v" : "", + iamrecursive ? " -r" : "", pflag ? " -p" : "", +- targetshouldbedirectory ? " -d" : ""); ++ targetshouldbedirectory ? " -d" : "", ++ resume_flag ? " -Z" : ""); + +#ifdef DEBUG -+ fprintf(stderr, "%s: Sending cmd %s\n", hostname, cmd); ++ fprintf(stderr, "%s: Sending cmd %s\n", hostname, cmd); +#endif (void) ssh_signal(SIGPIPE, lostconn); @@ -11534,12 +11511,7 @@ diff -Nur openssh-9.8p1.orig/scp.c openssh-9.8p1/scp.c if (!haderr) { if ((nr = atomicio(read, fd, bp->buf, amt)) != amt) { -@@ -1670,28 +1933,41 @@ - (sizeof(type) == 8 && (val) > INT64_MAX) || \ - (sizeof(type) != 4 && sizeof(type) != 8)) - -+ - void +@@ -1674,24 +1937,36 @@ sink(int argc, char **argv, const char *src) { static BUF buffer; @@ -11579,7 +11551,7 @@ diff -Nur openssh-9.8p1.orig/scp.c openssh-9.8p1/scp.c if (TYPE_OVERFLOW(time_t, 0) || TYPE_OVERFLOW(off_t, 0)) SCREWUP("Unexpected off_t/time_t size"); -@@ -1707,9 +1983,16 @@ +@@ -1707,9 +1982,16 @@ if (targetshouldbedirectory) verifydir(targ); @@ -11596,11 +11568,9 @@ diff -Nur openssh-9.8p1.orig/scp.c openssh-9.8p1/scp.c if (src != NULL && !iamrecursive && !Tflag) { /* * Prepare to try to restrict incoming filenames to match -@@ -1718,7 +2001,12 @@ - if (brace_expand(src, &patterns, &npatterns) != 0) +@@ -1719,6 +2001,10 @@ fatal_f("could not expand pattern"); } -+ for (first = 1;; first = 0) { + bad_match_flag = 0; /* used in resume mode. */ +#ifdef DEBUG @@ -11609,7 +11579,7 @@ diff -Nur openssh-9.8p1.orig/scp.c openssh-9.8p1/scp.c cp = buf; if (atomicio(read, remin, cp, 1) != 1) goto done; -@@ -1746,6 +2034,9 @@ +@@ -1746,6 +2032,9 @@ continue; } if (buf[0] == 'E') { @@ -11619,7 +11589,7 @@ diff -Nur openssh-9.8p1.orig/scp.c openssh-9.8p1/scp.c (void) atomicio(vwrite, remout, "", 1); goto done; } -@@ -1753,6 +2044,9 @@ +@@ -1753,6 +2042,9 @@ *--cp = 0; cp = buf; @@ -11629,7 +11599,7 @@ diff -Nur openssh-9.8p1.orig/scp.c openssh-9.8p1/scp.c if (*cp == 'T') { setimes++; cp++; -@@ -1780,9 +2074,19 @@ +@@ -1780,9 +2072,19 @@ if (!cp || *cp++ != '\0' || atime.tv_usec < 0 || atime.tv_usec > 999999) SCREWUP("atime.usec not delimited"); @@ -11649,7 +11619,7 @@ diff -Nur openssh-9.8p1.orig/scp.c openssh-9.8p1/scp.c if (*cp != 'C' && *cp != 'D') { /* * Check for the case "rcp remote:foo\* local:bar". -@@ -1798,6 +2102,18 @@ +@@ -1798,6 +2100,18 @@ SCREWUP("expected control record"); } mode = 0; @@ -11668,7 +11638,7 @@ diff -Nur openssh-9.8p1.orig/scp.c openssh-9.8p1/scp.c for (++cp; cp < buf + 5; cp++) { if (*cp < '0' || *cp > '7') SCREWUP("bad mode"); -@@ -1808,6 +2124,10 @@ +@@ -1808,6 +2122,10 @@ if (*cp++ != ' ') SCREWUP("mode not delimited"); @@ -11679,7 +11649,7 @@ diff -Nur openssh-9.8p1.orig/scp.c openssh-9.8p1/scp.c if (!isdigit((unsigned char)*cp)) SCREWUP("size not present"); ull = strtoull(cp, &cp, 10); -@@ -1817,11 +2137,32 @@ +@@ -1817,11 +2135,32 @@ SCREWUP("size out of range"); size = (off_t)ull; @@ -11712,7 +11682,7 @@ diff -Nur openssh-9.8p1.orig/scp.c openssh-9.8p1/scp.c if (npatterns > 0) { for (n = 0; n < npatterns; n++) { if (strcmp(patterns[n], cp) == 0 || -@@ -1891,11 +2232,195 @@ +@@ -1891,11 +2230,195 @@ } omode = mode; mode |= S_IWUSR; @@ -11881,7 +11851,7 @@ diff -Nur openssh-9.8p1.orig/scp.c openssh-9.8p1/scp.c + fprintf(stderr, "%s match status is M\n", hostname); +#endif + bad_match_flag = 0; /* while this is set at the beginning of the -+ * loop I'm setting it here explicitly as well */ ++ * loop I'm setting it here explicitly as well */ + } + } + @@ -11909,7 +11879,7 @@ diff -Nur openssh-9.8p1.orig/scp.c openssh-9.8p1/scp.c if ((bp = allocbuf(&buffer, ofd, COPY_BUFLEN)) == NULL) { (void) close(ofd); continue; -@@ -1910,13 +2435,17 @@ +@@ -1910,13 +2433,17 @@ */ statbytes = 0; if (showprogress) @@ -11931,7 +11901,7 @@ diff -Nur openssh-9.8p1.orig/scp.c openssh-9.8p1/scp.c do { j = atomicio6(read, remin, cp, amt, scpio, &statbytes); -@@ -1951,8 +2480,78 @@ +@@ -1951,8 +2478,78 @@ wrerr = 1; } if (!wrerr && (!exists || S_ISREG(stb.st_mode)) && @@ -11939,7 +11909,7 @@ diff -Nur openssh-9.8p1.orig/scp.c openssh-9.8p1/scp.c + ftruncate(ofd, xfer_size) != 0) note_err("%s: truncate: %s", np, strerror(errno)); + -+ /* if np_tmp isn't set then we don't have a resume file to cat */ ++ /* if np_tmp isn't set then we don't have a resume file to cat */ + /* likewise, bad match flag means no resume flag */ +#ifdef DEBUG + fprintf (stderr, "%s: resume_flag: %d, np_tmp: %s, bad_match_flag: %d\n", @@ -12011,7 +11981,7 @@ diff -Nur openssh-9.8p1.orig/scp.c openssh-9.8p1/scp.c if (pflag) { if (exists || omode != mode) #ifdef HAVE_FCHMOD -@@ -1987,8 +2586,17 @@ +@@ -1987,8 +2584,17 @@ } } /* If no error was noted then signal success for this file */ @@ -12030,7 +12000,7 @@ diff -Nur openssh-9.8p1.orig/scp.c openssh-9.8p1/scp.c } done: for (n = 0; n < npatterns; n++) -@@ -2132,11 +2740,20 @@ +@@ -2132,11 +2738,20 @@ void usage(void) { @@ -12051,7 +12021,7 @@ diff -Nur openssh-9.8p1.orig/scp.c openssh-9.8p1/scp.c } void -@@ -2275,6 +2892,18 @@ +@@ -2275,6 +2890,18 @@ exit(1); } @@ -12070,10 +12040,10 @@ diff -Nur openssh-9.8p1.orig/scp.c openssh-9.8p1/scp.c void cleanup_exit(int i) { -diff -Nur openssh-9.8p1.orig/servconf.c openssh-9.8p1/servconf.c ---- openssh-9.8p1.orig/servconf.c 2024-09-30 16:02:22.620024491 +0200 -+++ openssh-9.8p1/servconf.c 2024-10-01 09:37:00.637000944 +0200 -@@ -214,6 +214,11 @@ +diff -Nur openssh-9.9p1.orig/servconf.c openssh-9.9p1/servconf.c +--- openssh-9.9p1.orig/servconf.c 2025-01-20 20:48:33.453582249 +0100 ++++ openssh-9.9p1/servconf.c 2025-01-20 22:27:14.328008145 +0100 +@@ -215,6 +215,11 @@ options->authorized_principals_file = NULL; options->authorized_principals_command = NULL; options->authorized_principals_command_user = NULL; @@ -12085,7 +12055,7 @@ diff -Nur openssh-9.8p1.orig/servconf.c openssh-9.8p1/servconf.c options->ip_qos_interactive = -1; options->ip_qos_bulk = -1; options->version_addendum = NULL; -@@ -504,6 +509,18 @@ +@@ -508,6 +513,18 @@ } if (options->permit_tun == -1) options->permit_tun = SSH_TUNMODE_NO; @@ -12104,7 +12074,7 @@ diff -Nur openssh-9.8p1.orig/servconf.c openssh-9.8p1/servconf.c if (options->ip_qos_interactive == -1) options->ip_qos_interactive = IPTOS_DSCP_AF21; if (options->ip_qos_bulk == -1) -@@ -584,6 +601,8 @@ +@@ -590,6 +607,8 @@ sKerberosGetAFSToken, sKerberosUniqueCCache, sKerberosUseKuserok, sPasswordAuthentication, sKbdInteractiveAuthentication, sListenAddress, sAddressFamily, sPrintMotd, sPrintLastLog, sIgnoreRhosts, @@ -12113,7 +12083,7 @@ diff -Nur openssh-9.8p1.orig/servconf.c openssh-9.8p1/servconf.c sX11Forwarding, sX11DisplayOffset, sX11MaxDisplays, sX11UseLocalhost, sPermitTTY, sStrictModes, sEmptyPasswd, sTCPKeepAlive, sPermitUserEnvironment, sAllowTcpForwarding, sCompression, -@@ -791,6 +810,11 @@ +@@ -797,6 +816,11 @@ { "revokedkeys", sRevokedKeys, SSHCFG_ALL }, { "trustedusercakeys", sTrustedUserCAKeys, SSHCFG_ALL }, { "authorizedprincipalsfile", sAuthorizedPrincipalsFile, SSHCFG_ALL }, @@ -12125,7 +12095,7 @@ diff -Nur openssh-9.8p1.orig/servconf.c openssh-9.8p1/servconf.c { "kexalgorithms", sKexAlgorithms, SSHCFG_GLOBAL }, { "include", sInclude, SSHCFG_ALL }, { "ipqos", sIPQoS, SSHCFG_ALL }, -@@ -854,6 +878,7 @@ +@@ -861,6 +885,7 @@ for (i = 0; keywords[i].name; i++) if (strcasecmp(cp, keywords[i].name) == 0) { @@ -12133,7 +12103,7 @@ diff -Nur openssh-9.8p1.orig/servconf.c openssh-9.8p1/servconf.c *flags = keywords[i].flags; return keywords[i].opcode; } -@@ -1573,12 +1598,32 @@ +@@ -1593,12 +1618,32 @@ multistate_ptr = multistate_ignore_rhosts; goto parse_multistate; @@ -12166,14 +12136,14 @@ diff -Nur openssh-9.8p1.orig/servconf.c openssh-9.8p1/servconf.c case sHostbasedAuthentication: intptr = &options->hostbased_authentication; goto parse_flag; -diff -Nur openssh-9.8p1.orig/servconf.h openssh-9.8p1/servconf.h ---- openssh-9.8p1.orig/servconf.h 2024-09-30 16:02:22.621024494 +0200 -+++ openssh-9.8p1/servconf.h 2024-10-01 09:38:49.188317659 +0200 -@@ -225,6 +225,12 @@ +diff -Nur openssh-9.9p1.orig/servconf.h openssh-9.9p1/servconf.h +--- openssh-9.9p1.orig/servconf.h 2025-01-20 20:48:33.453582249 +0100 ++++ openssh-9.9p1/servconf.h 2025-01-20 22:28:39.829229874 +0100 +@@ -226,6 +226,12 @@ char *pam_service_name; int permit_pam_user_change; /* Allow PAM to change user name */ -+ int tcp_rcv_buf_poll; /* poll tcp rcv window in autotuning kernels*/ ++ int tcp_rcv_buf_poll; /* poll tcp rcv window in autotuning kernels*/ + int hpn_disabled; /* disable hpn functionality. false by default */ + int none_enabled; /* Enable NONE cipher switch */ + int nonemac_enabled; /* Enable NONE MAC switch */ @@ -12182,9 +12152,9 @@ diff -Nur openssh-9.8p1.orig/servconf.h openssh-9.8p1/servconf.h int permit_tun; char **permitted_opens; /* May also be one of PERMITOPEN_* */ -diff -Nur openssh-9.8p1.orig/serverloop.c openssh-9.8p1/serverloop.c ---- openssh-9.8p1.orig/serverloop.c 2024-09-30 16:02:22.607024453 +0200 -+++ openssh-9.8p1/serverloop.c 2024-10-01 09:39:20.858410057 +0200 +diff -Nur openssh-9.9p1.orig/serverloop.c openssh-9.9p1/serverloop.c +--- openssh-9.9p1.orig/serverloop.c 2025-01-20 20:48:33.440582216 +0100 ++++ openssh-9.9p1/serverloop.c 2025-01-20 22:30:36.463532350 +0100 @@ -81,6 +81,8 @@ #include "serverloop.h" #include "ssherr.h" @@ -12306,9 +12276,9 @@ diff -Nur openssh-9.8p1.orig/serverloop.c openssh-9.8p1/serverloop.c } /* XXX sshpkt_get_end() */ if (want_reply) { -diff -Nur openssh-9.8p1.orig/session.c openssh-9.8p1/session.c ---- openssh-9.8p1.orig/session.c 2024-09-30 16:02:22.566024335 +0200 -+++ openssh-9.8p1/session.c 2024-09-30 16:03:39.174245328 +0200 +diff -Nur openssh-9.9p1.orig/session.c openssh-9.9p1/session.c +--- openssh-9.9p1.orig/session.c 2025-01-20 20:48:33.402582120 +0100 ++++ openssh-9.9p1/session.c 2025-01-20 20:50:04.595813840 +0100 @@ -94,6 +94,7 @@ #include "monitor_wrap.h" #include "sftp.h" @@ -12345,9 +12315,9 @@ diff -Nur openssh-9.8p1.orig/session.c openssh-9.8p1/session.c return 0; } -diff -Nur openssh-9.8p1.orig/sftp.1 openssh-9.8p1/sftp.1 ---- openssh-9.8p1.orig/sftp.1 2024-07-01 06:36:28.000000000 +0200 -+++ openssh-9.8p1/sftp.1 2024-10-01 11:22:00.648462200 +0200 +diff -Nur openssh-9.9p1.orig/sftp.1 openssh-9.9p1/sftp.1 +--- openssh-9.9p1.orig/sftp.1 2024-09-20 00:20:48.000000000 +0200 ++++ openssh-9.9p1/sftp.1 2025-01-20 20:50:04.595813840 +0100 @@ -299,7 +299,8 @@ Specify how many requests may be outstanding at any one time. Increasing this may slightly improve file transfer speed @@ -12373,15 +12343,11 @@ diff -Nur openssh-9.8p1.orig/sftp.1 openssh-9.8p1/sftp.1 By default a 32KB buffer is used. .El .El -diff -Nur openssh-9.8p1.orig/sftp.c openssh-9.8p1/sftp.c ---- openssh-9.8p1.orig/sftp.c 2024-09-30 16:02:22.545024274 +0200 -+++ openssh-9.8p1/sftp.c 2024-10-01 09:50:10.979301433 +0200 -@@ -2566,23 +2566,28 @@ - replacearg(&args, 0, "%s", ssh_program); - break; - case 'X': -- /* Please keep in sync with ssh.c -X */ -+ /* Please keep in sync with scp.c -X */ +diff -Nur openssh-9.9p1.orig/sftp.c openssh-9.9p1/sftp.c +--- openssh-9.9p1.orig/sftp.c 2025-01-20 20:48:33.383582072 +0100 ++++ openssh-9.9p1/sftp.c 2025-01-20 20:50:04.596813843 +0100 +@@ -2569,20 +2569,25 @@ + /* Please keep in sync with ssh.c -X */ if (strncmp(optarg, "buffer=", 7) == 0) { r = scan_scaled(optarg + 7, &llv); - if (r == 0 && (llv <= 0 || llv > 256 * 1024)) { @@ -12411,9 +12377,9 @@ diff -Nur openssh-9.8p1.orig/sftp.c openssh-9.8p1/sftp.c "\"%s\": %s", optarg + 10, errstr); } num_requests = (size_t)llv; -diff -Nur openssh-9.8p1.orig/sftp-client.c openssh-9.8p1/sftp-client.c ---- openssh-9.8p1.orig/sftp-client.c 2024-09-30 16:02:22.545024274 +0200 -+++ openssh-9.8p1/sftp-client.c 2024-09-30 16:03:39.175245331 +0200 +diff -Nur openssh-9.9p1.orig/sftp-client.c openssh-9.9p1/sftp-client.c +--- openssh-9.9p1.orig/sftp-client.c 2025-01-20 20:48:33.382582070 +0100 ++++ openssh-9.9p1/sftp-client.c 2025-01-20 20:50:04.596813843 +0100 @@ -72,7 +72,8 @@ #define DEFAULT_COPY_BUFLEN 32768 @@ -12424,9 +12390,9 @@ diff -Nur openssh-9.8p1.orig/sftp-client.c openssh-9.8p1/sftp-client.c /* Minimum amount of data to read at a time */ #define MIN_READ_SIZE 512 -diff -Nur openssh-9.8p1.orig/ssh.1 openssh-9.8p1/ssh.1 ---- openssh-9.8p1.orig/ssh.1 2024-09-30 16:02:22.622024497 +0200 -+++ openssh-9.8p1/ssh.1 2024-09-30 16:35:12.408708175 +0200 +diff -Nur openssh-9.9p1.orig/ssh.1 openssh-9.9p1/ssh.1 +--- openssh-9.9p1.orig/ssh.1 2025-01-20 20:48:33.453582249 +0100 ++++ openssh-9.9p1/ssh.1 2025-01-20 21:06:00.112249282 +0100 @@ -77,6 +77,14 @@ X11 connections, arbitrary TCP ports and .Ux Ns -domain @@ -12442,7 +12408,7 @@ diff -Nur openssh-9.8p1.orig/ssh.1 openssh-9.8p1/ssh.1 .Pp .Nm connects and logs into the specified -@@ -524,11 +532,13 @@ +@@ -526,11 +534,13 @@ .It ControlMaster .It ControlPath .It ControlPersist @@ -12456,7 +12422,7 @@ diff -Nur openssh-9.8p1.orig/ssh.1 openssh-9.8p1/ssh.1 .It FingerprintHash .It ForkAfterAuthentication .It ForwardAgent -@@ -552,6 +562,7 @@ +@@ -554,6 +564,7 @@ .It HostKeyAlgorithms .It HostKeyAlias .It Hostname @@ -12464,7 +12430,7 @@ diff -Nur openssh-9.8p1.orig/ssh.1 openssh-9.8p1/ssh.1 .It IdentitiesOnly .It IdentityAgent .It IdentityFile -@@ -568,7 +579,13 @@ +@@ -570,7 +581,13 @@ .It LogVerbose .It MACs .It Match @@ -12478,7 +12444,7 @@ diff -Nur openssh-9.8p1.orig/ssh.1 openssh-9.8p1/ssh.1 .It NumberOfPasswordPrompts .It PasswordAuthentication .It PermitLocalCommand -@@ -599,6 +616,7 @@ +@@ -601,6 +618,7 @@ .It StrictHostKeyChecking .It SyslogFacility .It TCPKeepAlive @@ -12486,7 +12452,7 @@ diff -Nur openssh-9.8p1.orig/ssh.1 openssh-9.8p1/ssh.1 .It Tunnel .It TunnelDevice .It UpdateHostKeys -@@ -607,6 +625,8 @@ +@@ -609,6 +627,8 @@ .It VerifyHostKeyDNS .It VisualHostKey .It XAuthLocation @@ -12495,7 +12461,7 @@ diff -Nur openssh-9.8p1.orig/ssh.1 openssh-9.8p1/ssh.1 .El .Pp .It Fl P Ar tag -@@ -623,6 +643,13 @@ +@@ -625,6 +645,13 @@ Port to connect to on the remote host. This can be specified on a per-host basis in the configuration file. @@ -12509,7 +12475,7 @@ diff -Nur openssh-9.8p1.orig/ssh.1 openssh-9.8p1/ssh.1 .Pp .It Fl Q Ar query_option Queries for the algorithms supported by one of the following features: -@@ -1814,3 +1841,7 @@ +@@ -1816,3 +1843,7 @@ created OpenSSH. Markus Friedl contributed the support for SSH protocol versions 1.5 and 2.0. @@ -12517,10 +12483,10 @@ diff -Nur openssh-9.8p1.orig/ssh.1 openssh-9.8p1/ssh.1 +the HPN extensions at the Pittsburgh Supercomuting Center with grants +from Cisco, the National Library of Medicine, and the National Science +Foundation. -diff -Nur openssh-9.8p1.orig/ssh_api.c openssh-9.8p1/ssh_api.c ---- openssh-9.8p1.orig/ssh_api.c 2024-07-01 06:36:28.000000000 +0200 -+++ openssh-9.8p1/ssh_api.c 2024-09-30 16:03:39.177245336 +0200 -@@ -425,7 +425,7 @@ +diff -Nur openssh-9.9p1.orig/ssh_api.c openssh-9.9p1/ssh_api.c +--- openssh-9.9p1.orig/ssh_api.c 2024-09-20 00:20:48.000000000 +0200 ++++ openssh-9.9p1/ssh_api.c 2025-01-20 20:50:04.598813848 +0100 +@@ -427,7 +427,7 @@ char *cp; int r; @@ -12529,9 +12495,9 @@ diff -Nur openssh-9.8p1.orig/ssh_api.c openssh-9.8p1/ssh_api.c return r; if ((r = sshbuf_putb(ssh_packet_get_output(ssh), banner)) != 0) return r; -diff -Nur openssh-9.8p1.orig/sshbuf.c openssh-9.8p1/sshbuf.c ---- openssh-9.8p1.orig/sshbuf.c 2024-07-01 06:36:28.000000000 +0200 -+++ openssh-9.8p1/sshbuf.c 2024-09-30 16:03:39.177245336 +0200 +diff -Nur openssh-9.9p1.orig/sshbuf.c openssh-9.9p1/sshbuf.c +--- openssh-9.9p1.orig/sshbuf.c 2024-09-20 00:20:48.000000000 +0200 ++++ openssh-9.9p1/sshbuf.c 2025-01-20 20:50:04.598813848 +0100 @@ -27,6 +27,9 @@ #define SSHBUF_INTERNAL #include "sshbuf.h" @@ -12572,7 +12538,7 @@ diff -Nur openssh-9.8p1.orig/sshbuf.c openssh-9.8p1/sshbuf.c static inline int sshbuf_check_sanity(const struct sshbuf *buf) { -@@ -89,7 +113,7 @@ +@@ -90,7 +114,7 @@ } struct sshbuf * @@ -12581,7 +12547,7 @@ diff -Nur openssh-9.8p1.orig/sshbuf.c openssh-9.8p1/sshbuf.c { struct sshbuf *ret; -@@ -100,6 +124,8 @@ +@@ -101,6 +125,8 @@ ret->readonly = 0; ret->refcount = 1; ret->parent = NULL; @@ -12648,10 +12614,10 @@ diff -Nur openssh-9.8p1.orig/sshbuf.c openssh-9.8p1/sshbuf.c SSHBUF_DBG(("adjusted rlen %zu", rlen)); if ((dp = recallocarray(buf->d, buf->alloc, rlen, 1)) == NULL) { SSHBUF_DBG(("realloc fail")); -diff -Nur openssh-9.8p1.orig/sshbuf.h openssh-9.8p1/sshbuf.h ---- openssh-9.8p1.orig/sshbuf.h 2024-07-01 06:36:28.000000000 +0200 -+++ openssh-9.8p1/sshbuf.h 2024-09-30 16:03:39.177245336 +0200 -@@ -28,18 +28,49 @@ +diff -Nur openssh-9.9p1.orig/sshbuf.h openssh-9.9p1/sshbuf.h +--- openssh-9.9p1.orig/sshbuf.h 2024-09-20 00:20:48.000000000 +0200 ++++ openssh-9.9p1/sshbuf.h 2025-01-20 20:50:04.598813848 +0100 +@@ -29,18 +29,49 @@ # endif /* OPENSSL_HAS_ECC */ #endif /* WITH_OPENSSL */ @@ -12660,7 +12626,7 @@ diff -Nur openssh-9.8p1.orig/sshbuf.h openssh-9.8p1/sshbuf.h #define SSHBUF_REFS_MAX 0x100000 /* Max child buffers */ #define SSHBUF_MAX_BIGNUM (16384 / 8) /* Max bignum *bytes* */ #define SSHBUF_MAX_ECPOINT ((528 * 2 / 8) + 1) /* Max EC point *bytes* */ -+#define MAX_LABEL_LEN 64 /*maximum size of sshbuf label */ ++#define MAX_LABEL_LEN 64 /*maximum size of sshbuf label */ +#define sshbuf_new() sshbuf_new_label(__func__) struct sshbuf; @@ -12703,7 +12669,7 @@ diff -Nur openssh-9.8p1.orig/sshbuf.h openssh-9.8p1/sshbuf.h /* * Create a new, read-only sshbuf buffer from existing data. -@@ -75,12 +106,13 @@ +@@ -76,12 +107,13 @@ void sshbuf_reset(struct sshbuf *buf); /* @@ -12719,7 +12685,7 @@ diff -Nur openssh-9.8p1.orig/sshbuf.h openssh-9.8p1/sshbuf.h * Returns 0 on success, or a negative SSH_ERR_* error code on failure. */ int sshbuf_set_max_size(struct sshbuf *buf, size_t max_size); -@@ -344,6 +376,9 @@ +@@ -346,6 +378,9 @@ ((u_char *)(p))[1] = __v & 0xff; \ } while (0) @@ -12729,9 +12695,9 @@ diff -Nur openssh-9.8p1.orig/sshbuf.h openssh-9.8p1/sshbuf.h /* Internal definitions follow. Exposed for regress tests */ #ifdef SSHBUF_INTERNAL -diff -Nur openssh-9.8p1.orig/ssh.c openssh-9.8p1/ssh.c ---- openssh-9.8p1.orig/ssh.c 2024-09-30 16:02:22.622024497 +0200 -+++ openssh-9.8p1/ssh.c 2024-09-30 16:03:39.178245339 +0200 +diff -Nur openssh-9.9p1.orig/ssh.c openssh-9.9p1/ssh.c +--- openssh-9.9p1.orig/ssh.c 2025-01-20 20:48:33.454582252 +0100 ++++ openssh-9.9p1/ssh.c 2025-01-20 20:50:04.599813850 +0100 @@ -109,6 +109,7 @@ #include "ssherr.h" #include "myproposal.h" @@ -12907,9 +12873,9 @@ diff -Nur openssh-9.8p1.orig/ssh.c openssh-9.8p1/ssh.c } return client_loop(ssh, tty_flag, tty_flag ? -diff -Nur openssh-9.8p1.orig/ssh_config.5 openssh-9.8p1/ssh_config.5 ---- openssh-9.8p1.orig/ssh_config.5 2024-09-30 16:02:22.623024499 +0200 -+++ openssh-9.8p1/ssh_config.5 2024-09-30 16:03:39.179245342 +0200 +diff -Nur openssh-9.9p1.orig/ssh_config.5 openssh-9.9p1/ssh_config.5 +--- openssh-9.9p1.orig/ssh_config.5 2025-01-20 20:48:33.454582252 +0100 ++++ openssh-9.9p1/ssh_config.5 2025-01-20 20:50:04.600813853 +0100 @@ -62,6 +62,19 @@ .Pq Pa /etc/ssh/ssh_config .El @@ -12952,7 +12918,7 @@ diff -Nur openssh-9.8p1.orig/ssh_config.5 openssh-9.8p1/ssh_config.5 .It Cm IdentitiesOnly Specifies that .Xr ssh 1 -@@ -1497,6 +1518,63 @@ +@@ -1502,6 +1523,63 @@ .Pp The list of available MAC algorithms may also be obtained using .Qq ssh -Q mac . @@ -13016,7 +12982,7 @@ diff -Nur openssh-9.8p1.orig/ssh_config.5 openssh-9.8p1/ssh_config.5 .It Cm NoHostAuthenticationForLocalhost Disable host authentication for localhost (loopback addresses). The argument to this keyword must be -@@ -1504,6 +1582,36 @@ +@@ -1509,6 +1587,36 @@ or .Cm no (the default). @@ -13053,7 +13019,7 @@ diff -Nur openssh-9.8p1.orig/ssh_config.5 openssh-9.8p1/ssh_config.5 .It Cm NumberOfPasswordPrompts Specifies the number of password prompts before giving up. The argument to this keyword must be an integer. -@@ -2061,6 +2169,12 @@ +@@ -2066,6 +2174,12 @@ Specify a configuration tag name that may be later used by a .Cm Match directive to select a block of configuration. @@ -13066,7 +13032,7 @@ diff -Nur openssh-9.8p1.orig/ssh_config.5 openssh-9.8p1/ssh_config.5 .It Cm Tunnel Request .Xr tun 4 -@@ -2417,3 +2531,11 @@ +@@ -2424,3 +2538,11 @@ created OpenSSH. .An Markus Friedl contributed the support for SSH protocol versions 1.5 and 2.0. @@ -13078,9 +13044,9 @@ diff -Nur openssh-9.8p1.orig/ssh_config.5 openssh-9.8p1/ssh_config.5 +developed the HPN extensions at the Pittsburgh Supercomuting Center +with grants from Cisco, the National Library of Medicine, and +the National Science Foundation. -diff -Nur openssh-9.8p1.orig/sshconnect2.c openssh-9.8p1/sshconnect2.c ---- openssh-9.8p1.orig/sshconnect2.c 2024-09-30 16:02:22.623024499 +0200 -+++ openssh-9.8p1/sshconnect2.c 2024-09-30 16:03:39.180245345 +0200 +diff -Nur openssh-9.9p1.orig/sshconnect2.c openssh-9.9p1/sshconnect2.c +--- openssh-9.9p1.orig/sshconnect2.c 2025-01-20 20:48:33.455582254 +0100 ++++ openssh-9.9p1/sshconnect2.c 2025-01-20 20:50:04.601813855 +0100 @@ -76,6 +76,7 @@ #include "utf8.h" #include "ssh-sk.h" @@ -13103,7 +13069,7 @@ diff -Nur openssh-9.8p1.orig/sshconnect2.c openssh-9.8p1/sshconnect2.c * SSH2 key exchange */ -@@ -573,6 +581,42 @@ +@@ -574,6 +582,42 @@ if (!authctxt.success) fatal("Authentication failed."); @@ -13146,10 +13112,10 @@ diff -Nur openssh-9.8p1.orig/sshconnect2.c openssh-9.8p1/sshconnect2.c if (ssh_packet_connection_is_on_socket(ssh)) { verbose("Authenticated to %s ([%s]:%d) using \"%s\".", host, ssh_remote_ipaddr(ssh), ssh_remote_port(ssh), -diff -Nur openssh-9.8p1.orig/sshd.8 openssh-9.8p1/sshd.8 ---- openssh-9.8p1.orig/sshd.8 2024-09-30 16:02:22.624024502 +0200 -+++ openssh-9.8p1/sshd.8 2024-09-30 16:03:39.181245348 +0200 -@@ -1075,3 +1075,7 @@ +diff -Nur openssh-9.9p1.orig/sshd.8 openssh-9.9p1/sshd.8 +--- openssh-9.9p1.orig/sshd.8 2025-01-20 20:48:33.455582254 +0100 ++++ openssh-9.9p1/sshd.8 2025-01-20 20:50:04.601813855 +0100 +@@ -1079,3 +1079,7 @@ protocol versions 1.5 and 2.0. Niels Provos and Markus Friedl contributed support for privilege separation. @@ -13157,10 +13123,10 @@ diff -Nur openssh-9.8p1.orig/sshd.8 openssh-9.8p1/sshd.8 +the HPN extensions at the Pittsburgh Supercomuting Center with grants +from Cisco, the National Library of Medicine, and the National Science +Foundation. -diff -Nur openssh-9.8p1.orig/sshd.c openssh-9.8p1/sshd.c ---- openssh-9.8p1.orig/sshd.c 2024-09-30 16:02:22.578024370 +0200 -+++ openssh-9.8p1/sshd.c 2024-09-30 16:03:39.182245351 +0200 -@@ -753,6 +753,8 @@ +diff -Nur openssh-9.9p1.orig/sshd.c openssh-9.9p1/sshd.c +--- openssh-9.9p1.orig/sshd.c 2025-01-20 20:48:33.410582141 +0100 ++++ openssh-9.9p1/sshd.c 2025-01-20 20:50:04.602813858 +0100 +@@ -760,6 +760,8 @@ int ret, listen_sock; struct addrinfo *ai; char ntop[NI_MAXHOST], strport[NI_MAXSERV]; @@ -13169,7 +13135,7 @@ diff -Nur openssh-9.8p1.orig/sshd.c openssh-9.8p1/sshd.c for (ai = la->addrs; ai; ai = ai->ai_next) { if (ai->ai_family != AF_INET && ai->ai_family != AF_INET6) -@@ -798,6 +800,10 @@ +@@ -805,6 +807,10 @@ debug("Bind to port %s on %s.", strport, ntop); @@ -13180,7 +13146,7 @@ diff -Nur openssh-9.8p1.orig/sshd.c openssh-9.8p1/sshd.c /* Bind the socket to the desired port. */ if (bind(listen_sock, ai->ai_addr, ai->ai_addrlen) == -1) { error("Bind to port %s on %s failed: %.200s.", -@@ -1421,6 +1427,19 @@ +@@ -1428,6 +1434,19 @@ /* Fill in default values for those options not explicitly set. */ fill_default_server_options(&options); @@ -13200,18 +13166,19 @@ diff -Nur openssh-9.8p1.orig/sshd.c openssh-9.8p1/sshd.c /* Check that options are sensible */ if (options.authorized_keys_command_user == NULL && (options.authorized_keys_command != NULL && -diff -Nur openssh-9.8p1.orig/sshd_config openssh-9.8p1/sshd_config ---- openssh-9.8p1.orig/sshd_config 2024-09-30 16:02:22.624024502 +0200 -+++ openssh-9.8p1/sshd_config 2024-10-02 15:40:20.779644727 +0200 -@@ -19,6 +19,7 @@ +diff -Nur openssh-9.9p1.orig/sshd_config openssh-9.9p1/sshd_config +--- openssh-9.9p1.orig/sshd_config 2025-01-20 20:48:33.456582257 +0100 ++++ openssh-9.9p1/sshd_config 2025-01-20 21:06:55.293389906 +0100 +@@ -18,7 +18,7 @@ + # SELinux about this change. # semanage port -a -t ssh_port_t -p tcp #PORTNUMBER # - #Port 22 +-#Port 22 +Port 2222 #AddressFamily any #ListenAddress 0.0.0.0 #ListenAddress :: -@@ -127,6 +128,19 @@ +@@ -127,6 +127,19 @@ # override default of no subsystems Subsystem sftp /usr/libexec/sftp-server @@ -13231,9 +13198,9 @@ diff -Nur openssh-9.8p1.orig/sshd_config openssh-9.8p1/sshd_config # Example of overriding settings on a per-user basis #Match User anoncvs # X11Forwarding no -diff -Nur openssh-9.8p1.orig/sshd_config.5 openssh-9.8p1/sshd_config.5 ---- openssh-9.8p1.orig/sshd_config.5 2024-09-30 16:02:22.624024502 +0200 -+++ openssh-9.8p1/sshd_config.5 2024-09-30 16:03:39.183245354 +0200 +diff -Nur openssh-9.9p1.orig/sshd_config.5 openssh-9.9p1/sshd_config.5 +--- openssh-9.9p1.orig/sshd_config.5 2025-01-20 20:48:33.456582257 +0100 ++++ openssh-9.9p1/sshd_config.5 2025-01-20 20:50:04.604813863 +0100 @@ -56,6 +56,16 @@ .Pq \&" in order to represent arguments containing spaces. @@ -13274,7 +13241,7 @@ diff -Nur openssh-9.8p1.orig/sshd_config.5 openssh-9.8p1/sshd_config.5 .It Cm IgnoreRhosts Specifies whether to ignore per-user .Pa .rhosts -@@ -1408,6 +1427,19 @@ +@@ -1415,6 +1434,19 @@ key exchange methods. The default is .Pa /etc/moduli . @@ -13294,7 +13261,7 @@ diff -Nur openssh-9.8p1.orig/sshd_config.5 openssh-9.8p1/sshd_config.5 .It Cm PAMServiceName Specifies the service name used for Pluggable Authentication Modules (PAM) authentication, authorisation and session controls when -@@ -1952,6 +1984,13 @@ +@@ -1976,6 +2008,13 @@ .Pp To disable TCP keepalive messages, the value should be set to .Cm no . @@ -13308,7 +13275,7 @@ diff -Nur openssh-9.8p1.orig/sshd_config.5 openssh-9.8p1/sshd_config.5 .It Cm TrustedUserCAKeys Specifies a file containing public keys of certificate authorities that are trusted to sign user certificates for authentication, or -@@ -2250,3 +2289,11 @@ +@@ -2274,3 +2313,11 @@ and .An Markus Friedl contributed support for privilege separation. @@ -13320,10 +13287,10 @@ diff -Nur openssh-9.8p1.orig/sshd_config.5 openssh-9.8p1/sshd_config.5 +developed the HPN extensions at the Pittsburgh Supercomuting Center +with grants from Cisco, the National Library of Medicine, and +the National Science Foundation. -diff -Nur openssh-9.8p1.orig/sshd-session.c openssh-9.8p1/sshd-session.c ---- openssh-9.8p1.orig/sshd-session.c 2024-09-30 16:02:22.625024505 +0200 -+++ openssh-9.8p1/sshd-session.c 2024-09-30 16:03:39.184245357 +0200 -@@ -1158,6 +1158,20 @@ +diff -Nur openssh-9.9p1.orig/sshd-session.c openssh-9.9p1/sshd-session.c +--- openssh-9.9p1.orig/sshd-session.c 2025-01-20 20:48:33.457582259 +0100 ++++ openssh-9.9p1/sshd-session.c 2025-01-20 20:50:04.604813863 +0100 +@@ -1196,6 +1196,20 @@ } endpwent(); @@ -13344,7 +13311,7 @@ diff -Nur openssh-9.8p1.orig/sshd-session.c openssh-9.8p1/sshd-session.c if (!debug_flag) { startup_pipe = dup(REEXEC_STARTUP_PIPE_FD); close(REEXEC_STARTUP_PIPE_FD); -@@ -1365,6 +1379,9 @@ +@@ -1403,6 +1417,9 @@ rdomain == NULL ? "" : "\""); free(laddr); @@ -13354,7 +13321,7 @@ diff -Nur openssh-9.8p1.orig/sshd-session.c openssh-9.8p1/sshd-session.c /* * We don't want to listen forever unless the other side * successfully authenticates itself. So we set up an alarm which is -@@ -1525,6 +1542,11 @@ +@@ -1575,6 +1592,11 @@ struct kex *kex; int r; @@ -13366,9 +13333,9 @@ diff -Nur openssh-9.8p1.orig/sshd-session.c openssh-9.8p1/sshd-session.c if (options.rekey_limit || options.rekey_interval) ssh_packet_set_rekey_limits(ssh, options.rekey_limit, options.rekey_interval); -diff -Nur openssh-9.8p1.orig/ssh.h openssh-9.8p1/ssh.h ---- openssh-9.8p1.orig/ssh.h 2024-07-01 06:36:28.000000000 +0200 -+++ openssh-9.8p1/ssh.h 2024-09-30 16:03:39.185245360 +0200 +diff -Nur openssh-9.9p1.orig/ssh.h openssh-9.9p1/ssh.h +--- openssh-9.9p1.orig/ssh.h 2024-09-20 00:20:48.000000000 +0200 ++++ openssh-9.9p1/ssh.h 2025-01-20 20:50:04.605813865 +0100 @@ -17,6 +17,7 @@ /* Default port number. */ @@ -13386,10 +13353,10 @@ diff -Nur openssh-9.8p1.orig/ssh.h openssh-9.8p1/ssh.h /* * Name of the environment variable containing the process ID of the -diff -Nur openssh-9.8p1.orig/sshkey.c openssh-9.8p1/sshkey.c ---- openssh-9.8p1.orig/sshkey.c 2024-09-30 16:02:22.579024372 +0200 -+++ openssh-9.8p1/sshkey.c 2024-09-30 16:03:39.185245360 +0200 -@@ -1784,7 +1784,8 @@ +diff -Nur openssh-9.9p1.orig/sshkey.c openssh-9.9p1/sshkey.c +--- openssh-9.9p1.orig/sshkey.c 2025-01-20 20:48:33.411582143 +0100 ++++ openssh-9.9p1/sshkey.c 2025-01-20 20:50:04.606813868 +0100 +@@ -1778,7 +1778,8 @@ stderr); #endif if ((r = cipher_init(&cctx, cipher, keyiv, cipher_keylen(cipher), @@ -13399,7 +13366,7 @@ diff -Nur openssh-9.8p1.orig/sshkey.c openssh-9.8p1/sshkey.c goto out; /* Serialise and encrypt the private key using the ephemeral key */ -@@ -1919,7 +1920,8 @@ +@@ -1913,7 +1914,8 @@ keyiv, SSH_DIGEST_MAX_LENGTH)) != 0) goto out; if ((r = cipher_init(&cctx, cipher, keyiv, cipher_keylen(cipher), @@ -13409,7 +13376,7 @@ diff -Nur openssh-9.8p1.orig/sshkey.c openssh-9.8p1/sshkey.c goto out; #ifdef DEBUG_PK fprintf(stderr, "%s: key+iv\n", __func__); -@@ -2987,6 +2989,13 @@ +@@ -2981,6 +2983,13 @@ kdfname = "none"; } else if (ciphername == NULL) ciphername = DEFAULT_CIPHERNAME; @@ -13423,7 +13390,7 @@ diff -Nur openssh-9.8p1.orig/sshkey.c openssh-9.8p1/sshkey.c if ((cipher = cipher_by_name(ciphername)) == NULL) { r = SSH_ERR_INVALID_ARGUMENT; goto out; -@@ -3022,7 +3031,7 @@ +@@ -3016,7 +3025,7 @@ goto out; } if ((r = cipher_init(&ciphercontext, cipher, key, keylen, @@ -13432,7 +13399,7 @@ diff -Nur openssh-9.8p1.orig/sshkey.c openssh-9.8p1/sshkey.c goto out; if ((r = sshbuf_put(encoded, AUTH_MAGIC, sizeof(AUTH_MAGIC))) != 0 || -@@ -3209,6 +3218,8 @@ +@@ -3203,6 +3212,8 @@ (r = sshbuf_get_u32(decoded, &encrypted_len)) != 0) goto out; @@ -13441,7 +13408,7 @@ diff -Nur openssh-9.8p1.orig/sshkey.c openssh-9.8p1/sshkey.c if ((cipher = cipher_by_name(ciphername)) == NULL) { r = SSH_ERR_KEY_UNKNOWN_CIPHER; goto out; -@@ -3264,7 +3275,7 @@ +@@ -3258,7 +3269,7 @@ /* decrypt private portion of key */ if ((r = sshbuf_reserve(decrypted, encrypted_len, &dp)) != 0 || (r = cipher_init(&ciphercontext, cipher, key, keylen, @@ -13450,9 +13417,9 @@ diff -Nur openssh-9.8p1.orig/sshkey.c openssh-9.8p1/sshkey.c goto out; if ((r = cipher_crypt(ciphercontext, 0, dp, sshbuf_ptr(decoded), encrypted_len, 0, authlen)) != 0) { -diff -Nur openssh-9.8p1.orig/sshkey-xmss.c openssh-9.8p1/sshkey-xmss.c ---- openssh-9.8p1.orig/sshkey-xmss.c 2024-07-01 06:36:28.000000000 +0200 -+++ openssh-9.8p1/sshkey-xmss.c 2024-09-30 16:03:39.186245362 +0200 +diff -Nur openssh-9.9p1.orig/sshkey-xmss.c openssh-9.9p1/sshkey-xmss.c +--- openssh-9.9p1.orig/sshkey-xmss.c 2024-09-20 00:20:48.000000000 +0200 ++++ openssh-9.9p1/sshkey-xmss.c 2025-01-20 20:50:04.606813868 +0100 @@ -903,9 +903,29 @@ state->enc_keyiv == NULL || state->enc_ciphername == NULL) @@ -13537,9 +13504,9 @@ diff -Nur openssh-9.8p1.orig/sshkey-xmss.c openssh-9.8p1/sshkey-xmss.c (r = cipher_crypt(ciphercontext, 0, dp, sshbuf_ptr(copy), encrypted_len, aadlen, authlen)) != 0) goto out; -diff -Nur openssh-9.8p1.orig/umac.c openssh-9.8p1/umac.c ---- openssh-9.8p1.orig/umac.c 2024-07-01 06:36:28.000000000 +0200 -+++ openssh-9.8p1/umac.c 2024-10-01 09:50:36.972376774 +0200 +diff -Nur openssh-9.9p1.orig/umac.c openssh-9.9p1/umac.c +--- openssh-9.9p1.orig/umac.c 2024-09-20 00:20:48.000000000 +0200 ++++ openssh-9.9p1/umac.c 2025-01-20 20:50:04.607813871 +0100 @@ -134,15 +134,48 @@ /* --- Endian Conversion --- Forcing assembly on some platforms */ /* ---------------------------------------------------------------------- */ @@ -13592,9 +13559,9 @@ diff -Nur openssh-9.8p1.orig/umac.c openssh-9.8p1/umac.c #define STORE_UINT32_BIG(p,v) put_u32(p, v) /* ---------------------------------------------------------------------- */ -diff -Nur openssh-9.8p1.orig/uthash.h openssh-9.8p1/uthash.h ---- openssh-9.8p1.orig/uthash.h 1970-01-01 01:00:00.000000000 +0100 -+++ openssh-9.8p1/uthash.h 2024-09-30 16:03:39.187245365 +0200 +diff -Nur openssh-9.9p1.orig/uthash.h openssh-9.9p1/uthash.h +--- openssh-9.9p1.orig/uthash.h 1970-01-01 01:00:00.000000000 +0100 ++++ openssh-9.9p1/uthash.h 2025-01-20 20:50:04.608813873 +0100 @@ -0,0 +1,1140 @@ +/* +Copyright (c) 2003-2022, Troy D. Hanson https://troydhanson.github.io/uthash/ @@ -14736,14 +14703,14 @@ diff -Nur openssh-9.8p1.orig/uthash.h openssh-9.8p1/uthash.h +} UT_hash_handle; + +#endif /* UTHASH_H */ -diff -Nur openssh-9.8p1.orig/version.h openssh-9.8p1/version.h ---- openssh-9.8p1.orig/version.h 2024-09-30 16:02:22.625024505 +0200 -+++ openssh-9.8p1/version.h 2024-10-01 10:07:08.736253374 +0200 +diff -Nur openssh-9.9p1.orig/version.h openssh-9.9p1/version.h +--- openssh-9.9p1.orig/version.h 2025-01-20 20:48:33.457582259 +0100 ++++ openssh-9.9p1/version.h 2025-01-20 21:09:18.648755010 +0100 @@ -16,5 +16,6 @@ #define SSH_PORTABLE "p1" #define GSI_PORTABLE "c-GSI" -+#define SSH_HPN "_hpn18.5.1" - #define SSH_RELEASE SSH_VERSION SSH_PORTABLE GSI_PORTABLE \ -- GSI_VERSION KRB5_VERSION -+ GSI_VERSION KRB5_VERSION SSH_HPN +-#define SSH_RELEASE SSH_VERSION SSH_PORTABLE GSI_PORTABLE \ ++#define SSH_HPN "_hpn18.6.0" ++#define SSH_RELEASE SSH_VERSION SSH_PORTABLE GSI_PORTABLE SSH_HPN \ + GSI_VERSION KRB5_VERSION diff --git a/openssh-9.9p1-mlkembe.patch b/openssh-9.9p1-mlkembe.patch new file mode 100644 index 0000000..aa0c26c --- /dev/null +++ b/openssh-9.9p1-mlkembe.patch @@ -0,0 +1,98 @@ +diff --git a/kexmlkem768x25519.c b/kexmlkem768x25519.c +index 679446e9..2b5d3960 100644 +--- a/kexmlkem768x25519.c ++++ b/kexmlkem768x25519.c +@@ -1,4 +1,4 @@ +-/* $OpenBSD: kexmlkem768x25519.c,v 1.1 2024/09/02 12:13:56 djm Exp $ */ ++/* $OpenBSD: kexmlkem768x25519.c,v 1.2 2024/10/27 02:06:59 djm Exp $ */ + /* + * Copyright (c) 2023 Markus Friedl. All rights reserved. + * +@@ -34,6 +34,9 @@ + #include + #include + #include ++#ifdef HAVE_ENDIAN_H ++# include ++#endif + + #include "sshkey.h" + #include "kex.h" +diff --git a/libcrux_mlkem768_sha3.h b/libcrux_mlkem768_sha3.h +index a82d60e8..b8ac1436 100644 +--- a/libcrux_mlkem768_sha3.h ++++ b/libcrux_mlkem768_sha3.h +@@ -1,4 +1,5 @@ +-/* $OpenBSD: libcrux_mlkem768_sha3.h,v 1.1 2024/09/02 12:13:56 djm Exp $ */ ++/* $OpenBSD: libcrux_mlkem768_sha3.h,v 1.2 2024/10/27 02:06:01 djm Exp $ */ ++ + /* Extracted from libcrux revision 84c5d87b3092c59294345aa269ceefe0eb97cc35 */ + + /* +@@ -160,18 +161,19 @@ static inline void Eurydice_slice_to_array3(uint8_t *dst_tag, char *dst_ok, + // CORE STUFF (conversions, endianness, ...) + + static inline void core_num__u64_9__to_le_bytes(uint64_t v, uint8_t buf[8]) { ++ v = htole64(v); + memcpy(buf, &v, sizeof(v)); + } + static inline uint64_t core_num__u64_9__from_le_bytes(uint8_t buf[8]) { + uint64_t v; + memcpy(&v, buf, sizeof(v)); +- return v; ++ return le64toh(v); + } + + static inline uint32_t core_num__u32_8__from_le_bytes(uint8_t buf[4]) { + uint32_t v; + memcpy(&v, buf, sizeof(v)); +- return v; ++ return le32toh(v); + } + + static inline uint32_t core_num__u8_6__count_ones(uint8_t x0) { +diff --git a/mlkem768.sh b/mlkem768.sh +index 2fdc2831..3d12b2ed 100644 +--- a/mlkem768.sh ++++ b/mlkem768.sh +@@ -1,9 +1,10 @@ + #!/bin/sh +-# $OpenBSD: mlkem768.sh,v 1.2 2024/09/04 05:11:33 djm Exp $ ++# $OpenBSD: mlkem768.sh,v 1.3 2024/10/27 02:06:01 djm Exp $ + # Placed in the Public Domain. + # + +-WANT_LIBCRUX_REVISION="origin/main" ++#WANT_LIBCRUX_REVISION="origin/main" ++WANT_LIBCRUX_REVISION="84c5d87b3092c59294345aa269ceefe0eb97cc35" + + FILES=" + libcrux/libcrux-ml-kem/cg/eurydice_glue.h +@@ -47,6 +48,7 @@ echo '#define KRML_NOINLINE __attribute__((noinline, unused))' + echo '#define KRML_HOST_EPRINTF(...)' + echo '#define KRML_HOST_EXIT(x) fatal_f("internal error")' + echo ++ + for i in $FILES; do + echo "/* from $i */" + # Changes to all files: +@@ -56,11 +58,16 @@ for i in $FILES; do + -e 's/[ ]*$//' \ + $i | \ + case "$i" in +- # XXX per-file handling goes here. ++ */libcrux-ml-kem/cg/eurydice_glue.h) ++ # Replace endian functions with versions that work. ++ perl -0777 -pe 's/(static inline void core_num__u64_9__to_le_bytes.*\n)([^}]*\n)/\1 v = htole64(v);\n\2/' | ++ perl -0777 -pe 's/(static inline uint64_t core_num__u64_9__from_le_bytes.*?)return v;/\1return le64toh(v);/s' | ++ perl -0777 -pe 's/(static inline uint32_t core_num__u32_8__from_le_bytes.*?)return v;/\1return le32toh(v);/s' ++ ;; + # Default: pass through. + *) +- cat +- ;; ++ cat ++ ;; + esac + echo + done diff --git a/openssh-9.9p1-separate-keysign.patch b/openssh-9.9p1-separate-keysign.patch new file mode 100644 index 0000000..ff0e35f --- /dev/null +++ b/openssh-9.9p1-separate-keysign.patch @@ -0,0 +1,12 @@ +diff -up openssh-9.9p1/ssh_config.5.xxx openssh-9.9p1/ssh_config.5 +--- openssh-9.9p1/ssh_config.5.xxx 2024-10-11 12:01:14.260566303 +0200 ++++ openssh-9.9p1/ssh_config.5 2024-10-11 12:01:59.725654775 +0200 +@@ -759,7 +759,7 @@ or + This option should be placed in the non-hostspecific section. + See + .Xr ssh-keysign 8 +-for more information. ++for more information. ssh-keysign should be installed explicitly. + .It Cm EscapeChar + Sets the escape character (default: + .Ql ~ ) . diff --git a/sources b/sources index 1f1ded8..e88b6d9 100644 --- a/sources +++ b/sources @@ -1,3 +1,3 @@ -SHA512 (openssh-9.8p1.tar.gz) = 95dec2f18e58eb47994f3de4430253e0665e185564b65088ca5f4108870e05feddef8cda8d3c0a4b75f18b98cc2c024df0e27de53b48c1a16da8da483cb8292a -SHA512 (openssh-9.8p1.tar.gz.asc) = 4df1f1be2c6ab7f3aebaedd0a773b0e8c8929abb30cd3415873ad55d012cfa113f792e888e5e772dd468c394aeb7e35d62893a514dbc0ab1a03acd79918657f7 +SHA512 (openssh-9.9p1.tar.gz) = 3cc0ed97f3e29ecbd882eca79239f02eb5a1606fce4f3119ddc3c5e86128aa3ff12dc85000879fccc87b60e7d651cfe37376607ac66075fede2118deaa685d6d +SHA512 (openssh-9.9p1.tar.gz.asc) = 916e975c54eb68c0b2f0b0006522b241cbe54c4caa88d31537a6278490c93d9d732c2ab3a080ac084bf75cbdd5402901ec68583cbe7c7cde4a8e40e7a8b78c28 SHA512 (gpgkey-736060BA.gpg) = df44f3fdbcd1d596705348c7f5aed3f738c5f626a55955e0642f7c6c082995cf36a1b1891bb41b8715cb2aff34fef1c877e0eff0d3507dd00a055ba695757a21 From 9e253dc61c0bc1969af2d2767bb109fd7cf999b7 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Bj=C3=B6rn=20Esser?= Date: Sat, 1 Feb 2025 19:54:26 +0100 Subject: [PATCH 33/44] Add explicit BR: libxcrypt-devel MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Björn Esser --- gsi-openssh.spec | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/gsi-openssh.spec b/gsi-openssh.spec index 1060509..def41e3 100644 --- a/gsi-openssh.spec +++ b/gsi-openssh.spec @@ -29,7 +29,7 @@ Summary: An implementation of the SSH protocol with GSI authentication Name: gsi-openssh Version: %{openssh_ver} -Release: %{openssh_rel}%{?dist} +Release: %{openssh_rel}%{?dist}.1 Provides: gsissh = %{version}-%{release} Obsoletes: gsissh < 5.8p2-2 URL: http://www.openssh.com/portable.html @@ -199,6 +199,7 @@ BuildRequires: systemd-rpm-macros BuildRequires: gcc make BuildRequires: p11-kit-devel BuildRequires: libfido2-devel +BuildRequires: libxcrypt-devel Recommends: p11-kit %if %{kerberos5} @@ -571,6 +572,9 @@ fi %ghost %attr(0644,root,root) %{_localstatedir}/lib/.gsissh-host-keys-migration %changelog +* Sat Feb 01 2025 Björn Esser - 9.9p1-1.1 +- Add explicit BR: libxcrypt-devel + * Mon Jan 20 2025 Mattias Ellert - 9.9p1-1 - Based on openssh-9.9p1-5.fc42 / openssh-9.9p1-1.fc41 From 3c2a11925bfca5fad2682c0581a8fe607423a5f0 Mon Sep 17 00:00:00 2001 From: Mattias Ellert Date: Wed, 5 Feb 2025 11:43:01 +0100 Subject: [PATCH 34/44] Based on openssh-9.9p1-7.fc42 / openssh-9.9p1-2.fc41 --- gsi-openssh.spec | 12 +- openssh-9.9p1-match-regression.patch | 463 +++++++++++++++++++++++++++ 2 files changed, 472 insertions(+), 3 deletions(-) create mode 100644 openssh-9.9p1-match-regression.patch diff --git a/gsi-openssh.spec b/gsi-openssh.spec index def41e3..01f1110 100644 --- a/gsi-openssh.spec +++ b/gsi-openssh.spec @@ -24,12 +24,12 @@ %global libedit 1 %global openssh_ver 9.9p1 -%global openssh_rel 1 +%global openssh_rel 2 Summary: An implementation of the SSH protocol with GSI authentication Name: gsi-openssh Version: %{openssh_ver} -Release: %{openssh_rel}%{?dist}.1 +Release: %{openssh_rel}%{?dist} Provides: gsissh = %{version}-%{release} Obsoletes: gsissh < 5.8p2-2 URL: http://www.openssh.com/portable.html @@ -177,6 +177,9 @@ Patch1016: openssh-9.9p1-separate-keysign.patch # upstream cf3e48ee8ba1beeccddd2f203b558fa102be67a2 # upstream 0c3927c45f8a57b511c874c4d51a8c89414f74ef Patch1017: openssh-9.9p1-mlkembe.patch +# upstream 3f02368e8e9121847727c46b280efc280e5eb615 +# upstream 67a115e7a56dbdc3f5a58c64b29231151f3670f5 +Patch1020: openssh-9.9p1-match-regression.patch # This is the patch that adds GSI support # Based on hpn_isshd-gsi.7.5p1b.patch from Globus upstream @@ -347,6 +350,7 @@ gpgv2 --quiet --keyring %{SOURCE3} %{SOURCE1} %{SOURCE0} %patch -P 1015 -p1 -b .pam-rhost %patch -P 1016 -p1 -b .sep-keysign %patch -P 1017 -p1 -b .mlkembe +%patch -P 1020 -p1 -b .match %patch -P 100 -p1 -b .coverity %patch -P 98 -p1 -b .gsi @@ -362,7 +366,6 @@ autoreconf %build %set_build_flags -CFLAGS="$CFLAGS"; export CFLAGS %if %{pie} %ifarch s390 s390x sparc sparcv9 sparc64 CFLAGS="$CFLAGS -fPIC" @@ -572,6 +575,9 @@ fi %ghost %attr(0644,root,root) %{_localstatedir}/lib/.gsissh-host-keys-migration %changelog +* Wed Feb 05 2025 Mattias Ellert - 9.9p1-2 +- Based on openssh-9.9p1-7.fc42 / openssh-9.9p1-2.fc41 + * Sat Feb 01 2025 Björn Esser - 9.9p1-1.1 - Add explicit BR: libxcrypt-devel diff --git a/openssh-9.9p1-match-regression.patch b/openssh-9.9p1-match-regression.patch new file mode 100644 index 0000000..d724401 --- /dev/null +++ b/openssh-9.9p1-match-regression.patch @@ -0,0 +1,463 @@ +diff --git a/misc.c b/misc.c +index afdf5142..1b4b55c5 100644 +--- a/misc.c ++++ b/misc.c +@@ -107,6 +107,27 @@ rtrim(char *s) + } + } + ++/* ++ * returns pointer to character after 'prefix' in 's' or otherwise NULL ++ * if the prefix is not present. ++ */ ++const char * ++strprefix(const char *s, const char *prefix, int ignorecase) ++{ ++ size_t prefixlen; ++ ++ if ((prefixlen = strlen(prefix)) == 0) ++ return s; ++ if (ignorecase) { ++ if (strncasecmp(s, prefix, prefixlen) != 0) ++ return NULL; ++ } else { ++ if (strncmp(s, prefix, prefixlen) != 0) ++ return NULL; ++ } ++ return s + prefixlen; ++} ++ + /* set/unset filedescriptor to non-blocking */ + int + set_nonblock(int fd) +diff --git a/misc.h b/misc.h +index 11340389..efecdf1a 100644 +--- a/misc.h ++++ b/misc.h +@@ -56,6 +56,7 @@ struct ForwardOptions { + char *chop(char *); + void rtrim(char *); + void skip_space(char **); ++const char *strprefix(const char *, const char *, int); + char *strdelim(char **); + char *strdelimw(char **); + int set_nonblock(int); +diff --git a/readconf.c b/readconf.c +index 3d9cc6db..9f559269 100644 +--- a/readconf.c ++++ b/readconf.c +@@ -710,7 +710,7 @@ match_cfg_line(Options *options, const char *full_line, int *acp, char ***avp, + struct passwd *pw, const char *host_arg, const char *original_host, + int final_pass, int *want_final_pass, const char *filename, int linenum) + { +- char *arg, *oattrib, *attrib, *cmd, *host, *criteria; ++ char *arg, *oattrib = NULL, *attrib = NULL, *cmd, *host, *criteria; + const char *ruser; + int r, this_result, result = 1, attributes = 0, negate; + +@@ -731,7 +731,8 @@ match_cfg_line(Options *options, const char *full_line, int *acp, char ***avp, + + debug2("checking match for '%s' host %s originally %s", + full_line, host, original_host); +- while ((oattrib = attrib = argv_next(acp, avp)) != NULL) { ++ while ((attrib = argv_next(acp, avp)) != NULL) { ++ attrib = oattrib = xstrdup(attrib); + /* Terminate on comment */ + if (*attrib == '#') { + argv_consume(acp); +@@ -777,9 +778,23 @@ match_cfg_line(Options *options, const char *full_line, int *acp, char ***avp, + this_result ? "" : "not ", oattrib); + continue; + } ++ ++ /* Keep this list in sync with below */ ++ if (strprefix(attrib, "host=", 1) != NULL || ++ strprefix(attrib, "originalhost=", 1) != NULL || ++ strprefix(attrib, "user=", 1) != NULL || ++ strprefix(attrib, "localuser=", 1) != NULL || ++ strprefix(attrib, "localnetwork=", 1) != NULL || ++ strprefix(attrib, "tagged=", 1) != NULL || ++ strprefix(attrib, "exec=", 1) != NULL) { ++ arg = strchr(attrib, '='); ++ *(arg++) = '\0'; ++ } else { ++ arg = argv_next(acp, avp); ++ } ++ + /* All other criteria require an argument */ +- if ((arg = argv_next(acp, avp)) == NULL || +- *arg == '\0' || *arg == '#') { ++ if (arg == NULL || *arg == '\0' || *arg == '#') { + error("Missing Match criteria for %s", attrib); + result = -1; + goto out; +@@ -856,6 +871,8 @@ match_cfg_line(Options *options, const char *full_line, int *acp, char ***avp, + criteria == NULL ? "" : criteria, + criteria == NULL ? "" : "\""); + free(criteria); ++ free(oattrib); ++ oattrib = attrib = NULL; + } + if (attributes == 0) { + error("One or more attributes required for Match"); +@@ -865,6 +882,7 @@ match_cfg_line(Options *options, const char *full_line, int *acp, char ***avp, + out: + if (result != -1) + debug2("match %sfound", result ? "" : "not "); ++ free(oattrib); + free(host); + return result; + } +diff --git a/servconf.c b/servconf.c +index 89b8413e..dd774f46 100644 +--- a/servconf.c ++++ b/servconf.c +@@ -1,4 +1,4 @@ +-/* $OpenBSD: servconf.c,v 1.418 2024/09/15 03:09:44 djm Exp $ */ ++/* $OpenBSD: servconf.c,v 1.419 2024/09/25 01:24:04 djm Exp $ */ + /* + * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland + * All rights reserved +@@ -1033,7 +1033,7 @@ match_cfg_line(const char *full_line, int *acp, char ***avp, + int line, struct connection_info *ci) + { + int result = 1, attributes = 0, port; +- char *arg, *attrib; ++ char *arg, *attrib = NULL, *oattrib; + + if (ci == NULL) + debug3("checking syntax for 'Match %s'", full_line); +@@ -1047,7 +1047,8 @@ match_cfg_line(const char *full_line, int *acp, char ***avp, + ci->laddress ? ci->laddress : "(null)", ci->lport); + } + +- while ((attrib = argv_next(acp, avp)) != NULL) { ++ while ((oattrib = argv_next(acp, avp)) != NULL) { ++ attrib = xstrdup(oattrib); + /* Terminate on comment */ + if (*attrib == '#') { + argv_consume(acp); /* mark all arguments consumed */ +@@ -1062,11 +1063,13 @@ match_cfg_line(const char *full_line, int *acp, char ***avp, + *arg != '\0' && *arg != '#')) { + error("'all' cannot be combined with other " + "Match attributes"); +- return -1; ++ result = -1; ++ goto out; + } + if (arg != NULL && *arg == '#') + argv_consume(acp); /* consume remaining args */ +- return 1; ++ result = 1; ++ goto out; + } + /* Criterion "invalid-user" also has no argument */ + if (strcasecmp(attrib, "invalid-user") == 0) { +@@ -1078,11 +1081,26 @@ match_cfg_line(const char *full_line, int *acp, char ***avp, + debug("matched invalid-user at line %d", line); + continue; + } ++ ++ /* Keep this list in sync with below */ ++ if (strprefix(attrib, "user=", 1) != NULL || ++ strprefix(attrib, "group=", 1) != NULL || ++ strprefix(attrib, "host=", 1) != NULL || ++ strprefix(attrib, "address=", 1) != NULL || ++ strprefix(attrib, "localaddress=", 1) != NULL || ++ strprefix(attrib, "localport=", 1) != NULL || ++ strprefix(attrib, "rdomain=", 1) != NULL) { ++ arg = strchr(attrib, '='); ++ *(arg++) = '\0'; ++ } else { ++ arg = argv_next(acp, avp); ++ } ++ + /* All other criteria require an argument */ +- if ((arg = argv_next(acp, avp)) == NULL || +- *arg == '\0' || *arg == '#') { ++ if (arg == NULL || *arg == '\0' || *arg == '#') { + error("Missing Match criteria for %s", attrib); +- return -1; ++ result = -1; ++ goto out; + } + if (strcasecmp(attrib, "user") == 0) { + if (ci == NULL || (ci->test && ci->user == NULL)) { +@@ -1105,7 +1123,8 @@ match_cfg_line(const char *full_line, int *acp, char ***avp, + match_test_missing_fatal("Group", "user"); + switch (match_cfg_line_group(arg, line, ci->user)) { + case -1: +- return -1; ++ result = -1; ++ goto out; + case 0: + result = 0; + } +@@ -1141,7 +1160,8 @@ match_cfg_line(const char *full_line, int *acp, char ***avp, + result = 0; + break; + case -2: +- return -1; ++ result = -1; ++ goto out; + } + } else if (strcasecmp(attrib, "localaddress") == 0){ + if (ci == NULL || (ci->test && ci->laddress == NULL)) { +@@ -1166,13 +1186,15 @@ match_cfg_line(const char *full_line, int *acp, char ***avp, + result = 0; + break; + case -2: +- return -1; ++ result = -1; ++ goto out; + } + } else if (strcasecmp(attrib, "localport") == 0) { + if ((port = a2port(arg)) == -1) { + error("Invalid LocalPort '%s' on Match line", + arg); +- return -1; ++ result = -1; ++ goto out; + } + if (ci == NULL || (ci->test && ci->lport == -1)) { + result = 0; +@@ -1200,16 +1222,21 @@ match_cfg_line(const char *full_line, int *acp, char ***avp, + debug("user %.100s matched 'RDomain %.100s' at " + "line %d", ci->rdomain, arg, line); + } else { +- error("Unsupported Match attribute %s", attrib); +- return -1; ++ error("Unsupported Match attribute %s", oattrib); ++ result = -1; ++ goto out; + } ++ free(attrib); ++ attrib = NULL; + } + if (attributes == 0) { + error("One or more attributes required for Match"); + return -1; + } +- if (ci != NULL) ++ out: ++ if (ci != NULL && result != -1) + debug3("match %sfound", result ? "" : "not "); ++ free(attrib); + return result; + } + +diff --git a/regress/cfginclude.sh b/regress/cfginclude.sh +index d442cdd6..97fd816f 100644 +--- a/regress/cfginclude.sh ++++ b/regress/cfginclude.sh +@@ -1,4 +1,4 @@ +-# $OpenBSD: cfginclude.sh,v 1.4 2024/09/03 05:58:56 djm Exp $ ++# $OpenBSD: cfginclude.sh,v 1.5 2024/09/27 01:05:54 djm Exp $ + # Placed in the Public Domain. + + tid="config include" +@@ -10,7 +10,7 @@ cat > $OBJ/ssh_config.i << _EOF + Match host a + Hostname aa + +-Match host b # comment ++Match host=b # comment + Hostname bb + Include $OBJ/ssh_config.i.* + +@@ -18,7 +18,7 @@ Match host c + Include $OBJ/ssh_config.i.* + Hostname cc + +-Match host m ++Match host=m !user xxxyfake + Include $OBJ/ssh_config.i.* # comment + + Host d +@@ -41,7 +41,7 @@ Match host xxxxxx + _EOF + + cat > $OBJ/ssh_config.i.1 << _EOF +-Match host a ++Match host=a + Hostname aaa + + Match host b +@@ -64,10 +64,10 @@ cat > $OBJ/ssh_config.i.2 << _EOF + Match host a + Hostname aaaa + +-Match host b ++Match host=b !user blahblahfake + Hostname bbbb + +-Match host c ++Match host=c + Hostname cccc + + Host d +@@ -142,7 +142,7 @@ trial a aa + + # cleanup + rm -f $OBJ/ssh_config.i $OBJ/ssh_config.i.* $OBJ/ssh_config.out +-# $OpenBSD: cfginclude.sh,v 1.4 2024/09/03 05:58:56 djm Exp $ ++# $OpenBSD: cfginclude.sh,v 1.5 2024/09/27 01:05:54 djm Exp $ + # Placed in the Public Domain. + + tid="config include" +diff --git a/regress/cfgmatch.sh b/regress/cfgmatch.sh +index 05a66685..2737a5f9 100644 +--- a/regress/cfgmatch.sh ++++ b/regress/cfgmatch.sh +@@ -1,4 +1,4 @@ +-# $OpenBSD: cfgmatch.sh,v 1.13 2021/06/08 06:52:43 djm Exp $ ++# $OpenBSD: cfgmatch.sh,v 1.14 2024/09/27 01:05:54 djm Exp $ + # Placed in the Public Domain. + + tid="sshd_config match" +@@ -26,7 +26,7 @@ start_client() + kill $client_pid + fatal "timeout waiting for background ssh" + fi +- done ++ done + } + + stop_client() +@@ -119,40 +119,42 @@ stop_client + # requires knowledge of actual group memberships user running the test). + params="user:user:u1 host:host:h1 address:addr:1.2.3.4 \ + localaddress:laddr:5.6.7.8 rdomain:rdomain:rdom1" +-cp $OBJ/sshd_proxy_bak $OBJ/sshd_config +-echo 'Banner /nomatch' >>$OBJ/sshd_config +-for i in $params; do +- config=`echo $i | cut -f1 -d:` +- criteria=`echo $i | cut -f2 -d:` +- value=`echo $i | cut -f3 -d:` +- cat >>$OBJ/sshd_config </dev/null || \ ++ fail "validate config for w/out spec" ++ ++ # Test matching each criteria. ++ for i in $params; do ++ testcriteria=`echo $i | cut -f2 -d:` ++ expected=/`echo $i | cut -f3 -d:` ++ spec="" ++ for j in $params; do ++ config=`echo $j | cut -f1 -d:` ++ criteria=`echo $j | cut -f2 -d:` ++ value=`echo $j | cut -f3 -d:` ++ if [ "$criteria" = "$testcriteria" ]; then ++ spec="$criteria=$value,$spec" ++ else ++ spec="$criteria=1$value,$spec" ++ fi ++ done ++ trace "test spec $spec" ++ result=`${SUDO} ${SSHD} -f $OBJ/sshd_config -T -C "$spec" | \ ++ awk '$1=="banner"{print $2}'` ++ if [ "$result" != "$expected" ]; then ++ fail "match $config expected $expected got $result" + fi + done +- trace "test spec $spec" +- result=`${SUDO} ${SSHD} -f $OBJ/sshd_config -T -C "$spec" | \ +- awk '$1=="banner"{print $2}'` +- if [ "$result" != "$expected" ]; then +- fail "match $config expected $expected got $result" +- fi + done +diff --git a/regress/servcfginclude.sh b/regress/servcfginclude.sh +index 518a703d..f67c3caa 100644 +--- a/regress/servcfginclude.sh ++++ b/regress/servcfginclude.sh +@@ -4,14 +4,14 @@ tid="server config include" + + cat > $OBJ/sshd_config.i << _EOF + HostKey $OBJ/host.ssh-ed25519 +-Match host a ++Match host=a + Banner /aa + + Match host b + Banner /bb + Include $OBJ/sshd_config.i.* # comment + +-Match host c ++Match host=c + Include $OBJ/sshd_config.i.* # comment + Banner /cc + +@@ -25,7 +25,7 @@ Match Host e + Banner /ee + Include $OBJ/sshd_config.i.* + +-Match Host f ++Match Host=f + Include $OBJ/sshd_config.i.* + Banner /ff + +@@ -47,13 +47,13 @@ Match host b + Match host c + Banner /ccc + +-Match Host d ++Match Host=d + Banner /ddd + + Match Host e + Banner /eee + +-Match Host f ++Match Host=f + Banner /fff + _EOF + +@@ -61,13 +61,13 @@ cat > $OBJ/sshd_config.i.2 << _EOF + Match host a + Banner /aaaa + +-Match host b ++Match host=b + Banner /bbbb + + Match host c # comment + Banner /cccc + +-Match Host d ++Match Host=d + Banner /dddd + + Match Host e From 6f3daee4f0618076cb81249c3a27501d81d166f5 Mon Sep 17 00:00:00 2001 From: Mattias Ellert Date: Wed, 5 Feb 2025 12:58:20 +0100 Subject: [PATCH 35/44] Based on openssh-9.9p1-8.fc42 --- gsi-openssh.spec | 7 +++++-- openssh-7.7p1-redhat.patch => openssh-8.7p1-redhat.patch | 2 +- openssh-9.9p1-gsissh.patch | 2 +- 3 files changed, 7 insertions(+), 4 deletions(-) rename openssh-7.7p1-redhat.patch => openssh-8.7p1-redhat.patch (99%) diff --git a/gsi-openssh.spec b/gsi-openssh.spec index 01f1110..9a340d9 100644 --- a/gsi-openssh.spec +++ b/gsi-openssh.spec @@ -24,7 +24,7 @@ %global libedit 1 %global openssh_ver 9.9p1 -%global openssh_rel 2 +%global openssh_rel 3 Summary: An implementation of the SSH protocol with GSI authentication Name: gsi-openssh @@ -84,7 +84,7 @@ Patch702: openssh-5.1p1-askpass-progress.patch #https://bugzilla.redhat.com/show_bug.cgi?id=198332 Patch703: openssh-4.3p2-askpass-grab-info.patch #https://bugzilla.mindrot.org/show_bug.cgi?id=1635 (WONTFIX) -Patch707: openssh-7.7p1-redhat.patch +Patch707: openssh-8.7p1-redhat.patch # warn users for unsupported UsePAM=no (#757545) Patch711: openssh-7.8p1-UsePAM-warning.patch @@ -575,6 +575,9 @@ fi %ghost %attr(0644,root,root) %{_localstatedir}/lib/.gsissh-host-keys-migration %changelog +* Wed Feb 05 2025 Mattias Ellert - 9.9p1-3 +- Based on openssh-9.9p1-8.fc42 + * Wed Feb 05 2025 Mattias Ellert - 9.9p1-2 - Based on openssh-9.9p1-7.fc42 / openssh-9.9p1-2.fc41 diff --git a/openssh-7.7p1-redhat.patch b/openssh-8.7p1-redhat.patch similarity index 99% rename from openssh-7.7p1-redhat.patch rename to openssh-8.7p1-redhat.patch index 1d77f90..4e9d108 100644 --- a/openssh-7.7p1-redhat.patch +++ b/openssh-8.7p1-redhat.patch @@ -83,7 +83,7 @@ diff -up openssh/sshd_config_redhat.redhat openssh/sshd_config_redhat @@ -0,0 +1,15 @@ +SyslogFacility AUTHPRIV + -+ChallengeResponseAuthentication no ++KbdInteractiveAuthentication no + +GSSAPIAuthentication yes +GSSAPICleanupCredentials no diff --git a/openssh-9.9p1-gsissh.patch b/openssh-9.9p1-gsissh.patch index 7f60393..5e2d011 100644 --- a/openssh-9.9p1-gsissh.patch +++ b/openssh-9.9p1-gsissh.patch @@ -2361,7 +2361,7 @@ diff -Nur openssh-9.9p1.orig/sshd_config_redhat openssh-9.9p1/sshd_config_redhat +++ openssh-9.9p1/sshd_config_redhat 2025-01-20 20:23:17.285730077 +0100 @@ -2,9 +2,6 @@ - ChallengeResponseAuthentication no + KbdInteractiveAuthentication no -GSSAPIAuthentication yes -GSSAPICleanupCredentials no From 850caa568b8a0bdda6df8eb773c88d5305184de1 Mon Sep 17 00:00:00 2001 From: Mattias Ellert Date: Wed, 5 Mar 2025 14:14:30 +0100 Subject: [PATCH 36/44] Based on openssh-9.9p1-9.fc42 --- gsi-openssh.spec | 9 +- openssh-9.9p1-match-regression.patch | 10 +- openssh-9.9p2-error_processing.patch | 152 +++++++++++++++++++++++++++ 3 files changed, 169 insertions(+), 2 deletions(-) create mode 100644 openssh-9.9p2-error_processing.patch diff --git a/gsi-openssh.spec b/gsi-openssh.spec index 9a340d9..95abd24 100644 --- a/gsi-openssh.spec +++ b/gsi-openssh.spec @@ -24,7 +24,7 @@ %global libedit 1 %global openssh_ver 9.9p1 -%global openssh_rel 3 +%global openssh_rel 4 Summary: An implementation of the SSH protocol with GSI authentication Name: gsi-openssh @@ -180,6 +180,9 @@ Patch1017: openssh-9.9p1-mlkembe.patch # upstream 3f02368e8e9121847727c46b280efc280e5eb615 # upstream 67a115e7a56dbdc3f5a58c64b29231151f3670f5 Patch1020: openssh-9.9p1-match-regression.patch +# upstream 6ce00f0c2ecbb9f75023dbe627ee6460bcec78c2 +# upstream 0832aac79517611dd4de93ad0a83577994d9c907 +Patch1021: openssh-9.9p2-error_processing.patch # This is the patch that adds GSI support # Based on hpn_isshd-gsi.7.5p1b.patch from Globus upstream @@ -351,6 +354,7 @@ gpgv2 --quiet --keyring %{SOURCE3} %{SOURCE1} %{SOURCE0} %patch -P 1016 -p1 -b .sep-keysign %patch -P 1017 -p1 -b .mlkembe %patch -P 1020 -p1 -b .match +%patch -P 1021 -p1 -b .errcode_set %patch -P 100 -p1 -b .coverity %patch -P 98 -p1 -b .gsi @@ -575,6 +579,9 @@ fi %ghost %attr(0644,root,root) %{_localstatedir}/lib/.gsissh-host-keys-migration %changelog +* Wed Mar 05 2025 Mattias Ellert - 9.9p1-4 +- Based on openssh-9.9p1-9.fc42 + * Wed Feb 05 2025 Mattias Ellert - 9.9p1-3 - Based on openssh-9.9p1-8.fc42 diff --git a/openssh-9.9p1-match-regression.patch b/openssh-9.9p1-match-regression.patch index d724401..73ea964 100644 --- a/openssh-9.9p1-match-regression.patch +++ b/openssh-9.9p1-match-regression.patch @@ -137,7 +137,7 @@ index 89b8413e..dd774f46 100644 /* Terminate on comment */ if (*attrib == '#') { argv_consume(acp); /* mark all arguments consumed */ -@@ -1062,11 +1063,13 @@ match_cfg_line(const char *full_line, int *acp, char ***avp, +@@ -1062,16 +1063,20 @@ match_cfg_line(const char *full_line, int *acp, char ***avp, *arg != '\0' && *arg != '#')) { error("'all' cannot be combined with other " "Match attributes"); @@ -153,6 +153,14 @@ index 89b8413e..dd774f46 100644 } /* Criterion "invalid-user" also has no argument */ if (strcasecmp(attrib, "invalid-user") == 0) { +- if (ci == NULL) ++ if (ci == NULL) { ++ result = 0; + continue; ++ } + if (ci->user_invalid == 0) + result = 0; + else @@ -1078,11 +1081,26 @@ match_cfg_line(const char *full_line, int *acp, char ***avp, debug("matched invalid-user at line %d", line); continue; diff --git a/openssh-9.9p2-error_processing.patch b/openssh-9.9p2-error_processing.patch new file mode 100644 index 0000000..692c6ac --- /dev/null +++ b/openssh-9.9p2-error_processing.patch @@ -0,0 +1,152 @@ +diff --git a/krl.c b/krl.c +index e2efdf06..0d0f6953 100644 +--- a/krl.c ++++ b/krl.c +@@ -674,6 +674,7 @@ revoked_certs_generate(struct revoked_certs *rc, struct sshbuf *buf) + break; + case KRL_SECTION_CERT_SERIAL_BITMAP: + if (rs->lo - bitmap_start > INT_MAX) { ++ r = SSH_ERR_INVALID_FORMAT; + error_f("insane bitmap gap"); + goto out; + } +@@ -1059,6 +1060,7 @@ ssh_krl_from_blob(struct sshbuf *buf, struct ssh_krl **krlp) + } + + if ((krl = ssh_krl_init()) == NULL) { ++ r = SSH_ERR_ALLOC_FAIL; + error_f("alloc failed"); + goto out; + } +diff --git a/packet.c b/packet.c +index 486f8515..9dea2cfc 100644 +--- a/packet.c ++++ b/packet.c +@@ -1864,6 +1864,14 @@ ssh_packet_read_poll_seqnr(struct ssh *ssh, u_char *typep, u_int32_t *seqnr_p) + if ((r = sshpkt_get_string_direct(ssh, &d, &len)) != 0) + return r; + DBG(debug("Received SSH2_MSG_PING len %zu", len)); ++ if (!ssh->state->after_authentication) { ++ DBG(debug("Won't reply to PING in preauth")); ++ break; ++ } ++ if (ssh_packet_is_rekeying(ssh)) { ++ DBG(debug("Won't reply to PING during KEX")); ++ break; ++ } + if ((r = sshpkt_start(ssh, SSH2_MSG_PONG)) != 0 || + (r = sshpkt_put_string(ssh, d, len)) != 0 || + (r = sshpkt_send(ssh)) != 0) +diff --git a/ssh-agent.c b/ssh-agent.c +index 48973b2c..c27c5a95 100644 +--- a/ssh-agent.c ++++ b/ssh-agent.c +@@ -1220,6 +1220,7 @@ parse_key_constraint_extension(struct sshbuf *m, char **sk_providerp, + "restrict-destination-v00@openssh.com") == 0) { + if (*dcsp != NULL) { + error_f("%s already set", ext_name); ++ r = SSH_ERR_INVALID_FORMAT; + goto out; + } + if ((r = sshbuf_froms(m, &b)) != 0) { +@@ -1229,6 +1230,7 @@ parse_key_constraint_extension(struct sshbuf *m, char **sk_providerp, + while (sshbuf_len(b) != 0) { + if (*ndcsp >= AGENT_MAX_DEST_CONSTRAINTS) { + error_f("too many %s constraints", ext_name); ++ r = SSH_ERR_INVALID_FORMAT; + goto out; + } + *dcsp = xrecallocarray(*dcsp, *ndcsp, *ndcsp + 1, +@@ -1246,6 +1248,7 @@ parse_key_constraint_extension(struct sshbuf *m, char **sk_providerp, + } + if (*certs != NULL) { + error_f("%s already set", ext_name); ++ r = SSH_ERR_INVALID_FORMAT; + goto out; + } + if ((r = sshbuf_get_u8(m, &v)) != 0 || +@@ -1257,6 +1260,7 @@ parse_key_constraint_extension(struct sshbuf *m, char **sk_providerp, + while (sshbuf_len(b) != 0) { + if (*ncerts >= AGENT_MAX_EXT_CERTS) { + error_f("too many %s constraints", ext_name); ++ r = SSH_ERR_INVALID_FORMAT; + goto out; + } + *certs = xrecallocarray(*certs, *ncerts, *ncerts + 1, +@@ -1757,6 +1761,7 @@ process_ext_session_bind(SocketEntry *e) + /* record new key/sid */ + if (e->nsession_ids >= AGENT_MAX_SESSION_IDS) { + error_f("too many session IDs recorded"); ++ r = -1; + goto out; + } + e->session_ids = xrecallocarray(e->session_ids, e->nsession_ids, +diff --git a/ssh-sk-client.c b/ssh-sk-client.c +index 321fe53a..06fad221 100644 +--- a/ssh-sk-client.c ++++ b/ssh-sk-client.c +@@ -439,6 +439,7 @@ sshsk_load_resident(const char *provider_path, const char *device, + } + if ((srk = calloc(1, sizeof(*srk))) == NULL) { + error_f("calloc failed"); ++ r = SSH_ERR_ALLOC_FAIL; + goto out; + } + srk->key = key; +@@ -450,6 +451,7 @@ sshsk_load_resident(const char *provider_path, const char *device, + if ((tmp = recallocarray(srks, nsrks, nsrks + 1, + sizeof(*srks))) == NULL) { + error_f("recallocarray keys failed"); ++ r = SSH_ERR_ALLOC_FAIL; + goto out; + } + debug_f("srks[%zu]: %s %s uidlen %zu", nsrks, +diff --git a/sshconnect2.c b/sshconnect2.c +index a69c4da1..1ee6000a 100644 +--- a/sshconnect2.c ++++ b/sshconnect2.c +@@ -99,7 +99,7 @@ verify_host_key_callback(struct sshkey *hostkey, struct ssh *ssh) + options.required_rsa_size)) != 0) + fatal_r(r, "Bad server host key"); + if (verify_host_key(xxx_host, xxx_hostaddr, hostkey, +- xxx_conn_info) == -1) ++ xxx_conn_info) != 0) + fatal("Host key verification failed."); + return 0; + } +@@ -699,6 +699,7 @@ input_userauth_pk_ok(int type, u_int32_t seq, struct ssh *ssh) + + if ((pktype = sshkey_type_from_name(pkalg)) == KEY_UNSPEC) { + debug_f("server sent unknown pkalg %s", pkalg); ++ r = SSH_ERR_INVALID_FORMAT; + goto done; + } + if ((r = sshkey_from_blob(pkblob, blen, &key)) != 0) { +@@ -709,6 +710,7 @@ input_userauth_pk_ok(int type, u_int32_t seq, struct ssh *ssh) + error("input_userauth_pk_ok: type mismatch " + "for decoded key (received %d, expected %d)", + key->type, pktype); ++ r = SSH_ERR_INVALID_FORMAT; + goto done; + } + +@@ -728,6 +730,7 @@ input_userauth_pk_ok(int type, u_int32_t seq, struct ssh *ssh) + SSH_FP_DEFAULT); + error_f("server replied with unknown key: %s %s", + sshkey_type(key), fp == NULL ? "" : fp); ++ r = SSH_ERR_INVALID_FORMAT; + goto done; + } + ident = format_identity(id); +diff --git a/sshsig.c b/sshsig.c +index 6e03c0b0..3da005d6 100644 +--- a/sshsig.c ++++ b/sshsig.c +@@ -879,6 +879,7 @@ cert_filter_principals(const char *path, u_long linenum, + } + if ((principals = sshbuf_dup_string(nprincipals)) == NULL) { + error_f("buffer error"); ++ r = SSH_ERR_ALLOC_FAIL; + goto out; + } + /* success */ From beffeababdabf42a621a45f8e5b4e374d45317d8 Mon Sep 17 00:00:00 2001 From: Mattias Ellert Date: Wed, 5 Mar 2025 14:28:17 +0100 Subject: [PATCH 37/44] Based on openssh-9.9p1-11.fc43 --- gsi-openssh.spec | 11 +- openssh-7.7p1-gssapi-new-unique.patch | 5 +- openssh-9.9p1-openssl-mlkem.patch | 385 ++++++++++++++++++++++++++ openssh-9.9p2-error_processing.patch | 9 + 4 files changed, 406 insertions(+), 4 deletions(-) create mode 100644 openssh-9.9p1-openssl-mlkem.patch diff --git a/gsi-openssh.spec b/gsi-openssh.spec index 95abd24..cdf61c4 100644 --- a/gsi-openssh.spec +++ b/gsi-openssh.spec @@ -24,12 +24,11 @@ %global libedit 1 %global openssh_ver 9.9p1 -%global openssh_rel 4 Summary: An implementation of the SSH protocol with GSI authentication Name: gsi-openssh Version: %{openssh_ver} -Release: %{openssh_rel}%{?dist} +Release: 5%{?dist} Provides: gsissh = %{version}-%{release} Obsoletes: gsissh < 5.8p2-2 URL: http://www.openssh.com/portable.html @@ -182,7 +181,10 @@ Patch1017: openssh-9.9p1-mlkembe.patch Patch1020: openssh-9.9p1-match-regression.patch # upstream 6ce00f0c2ecbb9f75023dbe627ee6460bcec78c2 # upstream 0832aac79517611dd4de93ad0a83577994d9c907 +# added https://www.openwall.com/lists/oss-security/2025/02/22/1 Patch1021: openssh-9.9p2-error_processing.patch +# Downstream patch, OpenSSL based MLKEM implementation +Patch1022: openssh-9.9p1-openssl-mlkem.patch # This is the patch that adds GSI support # Based on hpn_isshd-gsi.7.5p1b.patch from Globus upstream @@ -206,6 +208,7 @@ BuildRequires: gcc make BuildRequires: p11-kit-devel BuildRequires: libfido2-devel BuildRequires: libxcrypt-devel +BuildRequires: oqsprovider Recommends: p11-kit %if %{kerberos5} @@ -355,6 +358,7 @@ gpgv2 --quiet --keyring %{SOURCE3} %{SOURCE1} %{SOURCE0} %patch -P 1017 -p1 -b .mlkembe %patch -P 1020 -p1 -b .match %patch -P 1021 -p1 -b .errcode_set +%patch -P 1022 -p1 -b .openssl-mlkem %patch -P 100 -p1 -b .coverity %patch -P 98 -p1 -b .gsi @@ -579,6 +583,9 @@ fi %ghost %attr(0644,root,root) %{_localstatedir}/lib/.gsissh-host-keys-migration %changelog +* Wed Mar 05 2025 Mattias Ellert - 9.9p1-5 +- Based on openssh-9.9p1-11.fc43 + * Wed Mar 05 2025 Mattias Ellert - 9.9p1-4 - Based on openssh-9.9p1-9.fc42 diff --git a/openssh-7.7p1-gssapi-new-unique.patch b/openssh-7.7p1-gssapi-new-unique.patch index 0b8ab02..34b9b9d 100644 --- a/openssh-7.7p1-gssapi-new-unique.patch +++ b/openssh-7.7p1-gssapi-new-unique.patch @@ -126,7 +126,7 @@ diff -up openssh-8.6p1/auth-krb5.c.ccache_name openssh-8.6p1/auth-krb5.c if (authctxt->krb5_user) { krb5_free_principal(authctxt->krb5_ctx, authctxt->krb5_user); authctxt->krb5_user = NULL; -@@ -238,36 +281,188 @@ krb5_cleanup_proc(Authctxt *authctxt) +@@ -238,36 +281,189 @@ krb5_cleanup_proc(Authctxt *authctxt) } } @@ -149,7 +149,8 @@ diff -up openssh-8.6p1/auth-krb5.c.ccache_name openssh-8.6p1/auth-krb5.c + old = *dsc; + + i = asprintf(dsc, "%s%s", *dsc, src); -+ if (i == -1 || src == NULL) { ++ if (i == -1) { ++ *dsc = old; + free(src); + return -1; + } diff --git a/openssh-9.9p1-openssl-mlkem.patch b/openssh-9.9p1-openssl-mlkem.patch new file mode 100644 index 0000000..e39bb67 --- /dev/null +++ b/openssh-9.9p1-openssl-mlkem.patch @@ -0,0 +1,385 @@ +diff --git a/kex-names.c b/kex-names.c +index ec840c1f..c0d3be11 100644 +--- a/kex-names.c ++++ b/kex-names.c +@@ -90,6 +90,19 @@ static const struct kexalg kexalgs[] = { + { NULL, 0, -1, -1}, + }; + ++static int is_mlkem768_available() ++{ ++ static int is_fetched = -1; ++ ++ if (is_fetched == -1) { ++ EVP_KEM *mlkem768 = EVP_KEM_fetch(NULL, "mlkem768", NULL); ++ is_fetched = mlkem768 != NULL ? 1 : 0; ++ EVP_KEM_free(mlkem768); ++ } ++ ++ return is_fetched; ++} ++ + static char * + kex_alg_list_internal(char sep, const struct kexalg *algs) + { +@@ -98,6 +111,9 @@ kex_alg_list_internal(char sep, const struct kexalg *algs) + const struct kexalg *k; + + for (k = algs; k->name != NULL; k++) { ++ if (strcmp(k->name, KEX_MLKEM768X25519_SHA256) == 0 ++ && !is_mlkem768_available()) ++ continue; + if (ret != NULL) + ret[rlen++] = sep; + nlen = strlen(k->name); +@@ -117,6 +133,10 @@ kex_alg_by_name(const char *name) + { + const struct kexalg *k; + ++ if (strcmp(name, KEX_MLKEM768X25519_SHA256) == 0 ++ && !is_mlkem768_available()) ++ return NULL; ++ + for (k = kexalgs; k->name != NULL; k++) { + if (strcmp(k->name, name) == 0) + return k; +diff --git a/kexmlkem768x25519.c b/kexmlkem768x25519.c +index 2b5d3960..670049dc 100644 +--- a/kexmlkem768x25519.c ++++ b/kexmlkem768x25519.c +@@ -48,10 +48,127 @@ + #ifdef USE_MLKEM768X25519 + + #include "libcrux_mlkem768_sha3.h" ++#include ++#include ++#include ++ ++static int ++mlkem768_keypair_gen(unsigned char *pubkeybuf, unsigned char *privkeybuf) ++{ ++ EVP_PKEY_CTX *ctx = NULL; ++ EVP_PKEY *pkey = NULL; ++ int ret = SSH_ERR_INTERNAL_ERROR; ++ size_t pubkey_size = crypto_kem_mlkem768_PUBLICKEYBYTES, privkey_size = crypto_kem_mlkem768_SECRETKEYBYTES; ++ ++ ctx = EVP_PKEY_CTX_new_from_name(NULL, "mlkem768", NULL); ++ if (ctx == NULL) { ++ ret = SSH_ERR_LIBCRYPTO_ERROR; ++ goto err; ++ } ++ ++ if (EVP_PKEY_keygen_init(ctx) <= 0 ++ || EVP_PKEY_keygen(ctx, &pkey) <= 0) { ++ ret = SSH_ERR_LIBCRYPTO_ERROR; ++ goto err; ++ } ++ ++ if (EVP_PKEY_get_raw_public_key(pkey, pubkeybuf, &pubkey_size) <= 0 ++ || EVP_PKEY_get_raw_private_key(pkey, privkeybuf, &privkey_size) <= 0) { ++ ret = SSH_ERR_LIBCRYPTO_ERROR; ++ goto err; ++ } ++ ++ if (privkey_size != crypto_kem_mlkem768_SECRETKEYBYTES ++ || pubkey_size != crypto_kem_mlkem768_PUBLICKEYBYTES) { ++ ret = SSH_ERR_LIBCRYPTO_ERROR; ++ goto err; ++ } ++ ret = 0; ++ ++ err: ++ EVP_PKEY_free(pkey); ++ EVP_PKEY_CTX_free(ctx); ++ if (ret == SSH_ERR_LIBCRYPTO_ERROR) ++ ERR_print_errors_fp(stderr); ++ return ret; ++} ++ ++static int ++mlkem768_encap_secret(const u_char *pubkeybuf, u_char *secret, u_char *out) ++{ ++ EVP_PKEY *pkey = NULL; ++ EVP_PKEY_CTX *ctx = NULL; ++ int r = SSH_ERR_INTERNAL_ERROR; ++ size_t outlen = crypto_kem_mlkem768_CIPHERTEXTBYTES, ++ secretlen = crypto_kem_mlkem768_BYTES; ++ ++ pkey = EVP_PKEY_new_raw_public_key_ex(NULL, "mlkem768", NULL, ++ pubkeybuf, crypto_kem_mlkem768_PUBLICKEYBYTES); ++ if (pkey == NULL) { ++ r = SSH_ERR_LIBCRYPTO_ERROR; ++ goto err; ++ } ++ ++ ctx = EVP_PKEY_CTX_new_from_pkey(NULL, pkey, NULL); ++ if (ctx == NULL ++ || EVP_PKEY_encapsulate_init(ctx, NULL) <= 0 ++ || EVP_PKEY_encapsulate(ctx, out, &outlen, secret, &secretlen) <= 0 ++ || secretlen != crypto_kem_mlkem768_BYTES ++ || outlen != crypto_kem_mlkem768_CIPHERTEXTBYTES) { ++ r = SSH_ERR_LIBCRYPTO_ERROR; ++ goto err; ++ } ++ r = 0; ++ ++ err: ++ EVP_PKEY_free(pkey); ++ EVP_PKEY_CTX_free(ctx); ++ if (r == SSH_ERR_LIBCRYPTO_ERROR) ++ ERR_print_errors_fp(stderr); ++ ++ return r; ++} ++ ++static int ++mlkem768_decap_secret(const u_char *privkeybuf, const u_char *wrapped, u_char *secret) ++{ ++ EVP_PKEY *pkey = NULL; ++ EVP_PKEY_CTX *ctx = NULL; ++ int r = SSH_ERR_INTERNAL_ERROR; ++ size_t wrappedlen = crypto_kem_mlkem768_CIPHERTEXTBYTES, ++ secretlen = crypto_kem_mlkem768_BYTES; ++ ++ pkey = EVP_PKEY_new_raw_private_key_ex(NULL, "mlkem768", NULL, ++ privkeybuf, crypto_kem_mlkem768_SECRETKEYBYTES); ++ if (pkey == NULL) { ++ r = SSH_ERR_LIBCRYPTO_ERROR; ++ goto err; ++ } ++ ++ ctx = EVP_PKEY_CTX_new_from_pkey(NULL, pkey, NULL); ++ if (ctx == NULL ++ || EVP_PKEY_decapsulate_init(ctx, NULL) <= 0 ++ || EVP_PKEY_decapsulate(ctx, secret, &secretlen, wrapped, wrappedlen) <= 0 ++ || secretlen != crypto_kem_mlkem768_BYTES) { ++ r = SSH_ERR_LIBCRYPTO_ERROR; ++ goto err; ++ } ++ r = 0; ++ ++ err: ++ EVP_PKEY_free(pkey); ++ EVP_PKEY_CTX_free(ctx); ++ ++ if (r == SSH_ERR_LIBCRYPTO_ERROR) ++ ERR_print_errors_fp(stderr); ++ ++ return r; ++} + + int + kex_kem_mlkem768x25519_keypair(struct kex *kex) + { ++#if 0 + struct sshbuf *buf = NULL; + u_char rnd[LIBCRUX_ML_KEM_KEY_PAIR_PRNG_LEN], *cp = NULL; + size_t need; +@@ -86,6 +203,36 @@ kex_kem_mlkem768x25519_keypair(struct kex *kex) + explicit_bzero(rnd, sizeof(rnd)); + sshbuf_free(buf); + return r; ++#else ++ struct sshbuf *buf = NULL; ++ u_char *cp = NULL; ++ size_t need; ++ int r = SSH_ERR_INTERNAL_ERROR; ++ ++ if ((buf = sshbuf_new()) == NULL) ++ return SSH_ERR_ALLOC_FAIL; ++ need = crypto_kem_mlkem768_PUBLICKEYBYTES + CURVE25519_SIZE; ++ if ((r = sshbuf_reserve(buf, need, &cp)) != 0) ++ goto out; ++ if ((r = mlkem768_keypair_gen(cp, kex->mlkem768_client_key)) != 0) ++ goto out; ++#ifdef DEBUG_KEXECDH ++ dump_digest("client public key mlkem768:", cp, ++ crypto_kem_mlkem768_PUBLICKEYBYTES); ++#endif ++ cp += crypto_kem_mlkem768_PUBLICKEYBYTES; ++ kexc25519_keygen(kex->c25519_client_key, cp); ++#ifdef DEBUG_KEXECDH ++ dump_digest("client public key c25519:", cp, CURVE25519_SIZE); ++#endif ++ /* success */ ++ r = 0; ++ kex->client_pub = buf; ++ buf = NULL; ++ out: ++ sshbuf_free(buf); ++ return r; ++#endif + } + + int +@@ -93,6 +240,7 @@ kex_kem_mlkem768x25519_enc(struct kex *kex, + const struct sshbuf *client_blob, struct sshbuf **server_blobp, + struct sshbuf **shared_secretp) + { ++#if 0 + struct sshbuf *server_blob = NULL; + struct sshbuf *buf = NULL; + const u_char *client_pub; +@@ -185,12 +333,97 @@ kex_kem_mlkem768x25519_enc(struct kex *kex, + sshbuf_free(server_blob); + sshbuf_free(buf); + return r; ++#else ++ struct sshbuf *server_blob = NULL; ++ struct sshbuf *buf = NULL; ++ const u_char *client_pub; ++ u_char server_pub[CURVE25519_SIZE], server_key[CURVE25519_SIZE]; ++ u_char hash[SSH_DIGEST_MAX_LENGTH]; ++ size_t need; ++ int r = SSH_ERR_INTERNAL_ERROR; ++ struct libcrux_mlkem768_enc_result enc; /* FIXME */ ++ ++ *server_blobp = NULL; ++ *shared_secretp = NULL; ++ ++ /* client_blob contains both KEM and ECDH client pubkeys */ ++ need = crypto_kem_mlkem768_PUBLICKEYBYTES + CURVE25519_SIZE; ++ if (sshbuf_len(client_blob) != need) { ++ r = SSH_ERR_SIGNATURE_INVALID; ++ goto out; ++ } ++ client_pub = sshbuf_ptr(client_blob); ++#ifdef DEBUG_KEXECDH ++ dump_digest("client public key mlkem768:", client_pub, ++ crypto_kem_mlkem768_PUBLICKEYBYTES); ++ dump_digest("client public key 25519:", ++ client_pub + crypto_kem_mlkem768_PUBLICKEYBYTES, ++ CURVE25519_SIZE); ++#endif ++ ++ /* allocate buffer for concatenation of KEM key and ECDH shared key */ ++ /* the buffer will be hashed and the result is the shared secret */ ++ if ((buf = sshbuf_new()) == NULL) { ++ r = SSH_ERR_ALLOC_FAIL; ++ goto out; ++ } ++ /* allocate space for encrypted KEM key and ECDH pub key */ ++ if ((server_blob = sshbuf_new()) == NULL) { ++ r = SSH_ERR_ALLOC_FAIL; ++ goto out; ++ } ++ if (mlkem768_encap_secret(client_pub, enc.snd, enc.fst.value) != 0) ++ goto out; ++ ++ /* generate ECDH key pair, store server pubkey after ciphertext */ ++ kexc25519_keygen(server_key, server_pub); ++ if ((r = sshbuf_put(buf, enc.snd, sizeof(enc.snd))) != 0 || ++ (r = sshbuf_put(server_blob, enc.fst.value, sizeof(enc.fst.value))) != 0 || ++ (r = sshbuf_put(server_blob, server_pub, sizeof(server_pub))) != 0) ++ goto out; ++ /* append ECDH shared key */ ++ client_pub += crypto_kem_mlkem768_PUBLICKEYBYTES; ++ if ((r = kexc25519_shared_key_ext(server_key, client_pub, buf, 1)) < 0) ++ goto out; ++ if ((r = ssh_digest_buffer(kex->hash_alg, buf, hash, sizeof(hash))) != 0) ++ goto out; ++#ifdef DEBUG_KEXECDH ++ dump_digest("server public key 25519:", server_pub, CURVE25519_SIZE); ++ dump_digest("server cipher text:", ++ enc.fst.value, sizeof(enc.fst.value)); ++ dump_digest("server kem key:", enc.snd, sizeof(enc.snd)); ++ dump_digest("concatenation of KEM key and ECDH shared key:", ++ sshbuf_ptr(buf), sshbuf_len(buf)); ++#endif ++ /* string-encoded hash is resulting shared secret */ ++ sshbuf_reset(buf); ++ if ((r = sshbuf_put_string(buf, hash, ++ ssh_digest_bytes(kex->hash_alg))) != 0) ++ goto out; ++#ifdef DEBUG_KEXECDH ++ dump_digest("encoded shared secret:", sshbuf_ptr(buf), sshbuf_len(buf)); ++#endif ++ /* success */ ++ r = 0; ++ *server_blobp = server_blob; ++ *shared_secretp = buf; ++ server_blob = NULL; ++ buf = NULL; ++ out: ++ explicit_bzero(hash, sizeof(hash)); ++ explicit_bzero(server_key, sizeof(server_key)); ++ explicit_bzero(&enc, sizeof(enc)); ++ sshbuf_free(server_blob); ++ sshbuf_free(buf); ++ return r; ++#endif + } + + int + kex_kem_mlkem768x25519_dec(struct kex *kex, + const struct sshbuf *server_blob, struct sshbuf **shared_secretp) + { ++#if 0 + struct sshbuf *buf = NULL; + u_char mlkem_key[crypto_kem_mlkem768_BYTES]; + const u_char *ciphertext, *server_pub; +@@ -258,6 +491,64 @@ kex_kem_mlkem768x25519_dec(struct kex *kex, + explicit_bzero(mlkem_key, sizeof(mlkem_key)); + sshbuf_free(buf); + return r; ++#else ++ struct sshbuf *buf = NULL; ++ const u_char *ciphertext, *server_pub; ++ u_char hash[SSH_DIGEST_MAX_LENGTH]; ++ u_char decap[crypto_kem_mlkem768_BYTES]; ++ size_t need; ++ int r; ++ ++ *shared_secretp = NULL; ++ ++ need = crypto_kem_mlkem768_CIPHERTEXTBYTES + CURVE25519_SIZE; ++ if (sshbuf_len(server_blob) != need) { ++ r = SSH_ERR_SIGNATURE_INVALID; ++ goto out; ++ } ++ ciphertext = sshbuf_ptr(server_blob); ++ server_pub = ciphertext + crypto_kem_mlkem768_CIPHERTEXTBYTES; ++ /* hash concatenation of KEM key and ECDH shared key */ ++ if ((buf = sshbuf_new()) == NULL) { ++ r = SSH_ERR_ALLOC_FAIL; ++ goto out; ++ } ++#ifdef DEBUG_KEXECDH ++ dump_digest("server cipher text:", ciphertext, crypto_kem_mlkem768_CIPHERTEXTBYTES); ++ dump_digest("server public key c25519:", server_pub, CURVE25519_SIZE); ++#endif ++ if ((r = mlkem768_decap_secret(kex->mlkem768_client_key, ciphertext, decap)) != 0) ++ goto out; ++ if ((r = sshbuf_put(buf, decap, sizeof(decap))) != 0) ++ goto out; ++ if ((r = kexc25519_shared_key_ext(kex->c25519_client_key, server_pub, ++ buf, 1)) < 0) ++ goto out; ++ if ((r = ssh_digest_buffer(kex->hash_alg, buf, ++ hash, sizeof(hash))) != 0) ++ goto out; ++#ifdef DEBUG_KEXECDH ++ dump_digest("client kem key:", decap, sizeof(decap)); ++ dump_digest("concatenation of KEM key and ECDH shared key:", ++ sshbuf_ptr(buf), sshbuf_len(buf)); ++#endif ++ sshbuf_reset(buf); ++ if ((r = sshbuf_put_string(buf, hash, ++ ssh_digest_bytes(kex->hash_alg))) != 0) ++ goto out; ++#ifdef DEBUG_KEXECDH ++ dump_digest("encoded shared secret:", sshbuf_ptr(buf), sshbuf_len(buf)); ++#endif ++ /* success */ ++ r = 0; ++ *shared_secretp = buf; ++ buf = NULL; ++ out: ++ explicit_bzero(hash, sizeof(hash)); ++ explicit_bzero(decap, sizeof(decap)); ++ sshbuf_free(buf); ++ return r; ++#endif + } + #else /* USE_MLKEM768X25519 */ + int diff --git a/openssh-9.9p2-error_processing.patch b/openssh-9.9p2-error_processing.patch index 692c6ac..dd71716 100644 --- a/openssh-9.9p2-error_processing.patch +++ b/openssh-9.9p2-error_processing.patch @@ -73,6 +73,15 @@ index 48973b2c..c27c5a95 100644 goto out; } *certs = xrecallocarray(*certs, *ncerts, *ncerts + 1, +@@ -1360,6 +1360,8 @@ process_add_identity(SocketEntry *e) + if ((r = sshkey_private_deserialize(e->request, &k)) != 0 || + k == NULL || + (r = sshbuf_get_cstring(e->request, &comment, NULL)) != 0) { ++ if (!r) /* k == NULL */ ++ r = SSH_ERR_INTERNAL_ERROR; + error_fr(r, "parse"); + goto out; + } @@ -1757,6 +1761,7 @@ process_ext_session_bind(SocketEntry *e) /* record new key/sid */ if (e->nsession_ids >= AGENT_MAX_SESSION_IDS) { From 4205fcb9442de13a2a9978c27c6feb4fc8ca2622 Mon Sep 17 00:00:00 2001 From: Mattias Ellert Date: Sun, 20 Apr 2025 05:56:15 +0200 Subject: [PATCH 38/44] Based on openssh-9.9p1-15.fc43 --- gsi-openssh.spec | 11 +++++++---- gsisshd.sysconfig | 1 + openssh-8.7p1-redhat.patch | 10 ++++++++-- 3 files changed, 16 insertions(+), 6 deletions(-) diff --git a/gsi-openssh.spec b/gsi-openssh.spec index cdf61c4..cb7ced2 100644 --- a/gsi-openssh.spec +++ b/gsi-openssh.spec @@ -196,19 +196,19 @@ Patch99: openssh-9.9p1-hpn-18.6.0.patch License: BSD-3-Clause AND BSD-2-Clause AND ISC AND SSH-OpenSSH AND ssh-keyscan AND sprintf AND LicenseRef-Fedora-Public-Domain AND X11-distribute-modifications-variant Requires: /sbin/nologin +Requires: openssl-libs >= 3.5.0 BuildRequires: autoconf, automake, perl-interpreter, perl-generators, zlib-devel BuildRequires: audit-libs-devel >= 2.0.5 BuildRequires: util-linux, groff BuildRequires: pam-devel -BuildRequires: openssl-devel >= 0.9.8j +BuildRequires: openssl-devel >= 3.5.0 BuildRequires: systemd-devel BuildRequires: systemd-rpm-macros BuildRequires: gcc make BuildRequires: p11-kit-devel BuildRequires: libfido2-devel BuildRequires: libxcrypt-devel -BuildRequires: oqsprovider Recommends: p11-kit %if %{kerberos5} @@ -406,8 +406,8 @@ fi --sysconfdir=%{_sysconfdir}/gsissh \ --libexecdir=%{_libexecdir}/gsissh \ --datadir=%{_datadir}/gsissh \ - --with-default-path=%{_libexecdir}/gsissh/bin:/usr/local/bin:/usr/bin:/usr/local/sbin:/usr/sbin \ - --with-superuser-path=%{_libexecdir}/gsissh/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin \ + --with-default-path=%{_libexecdir}/gsissh/bin:/usr/local/bin:/usr/bin \ + --with-superuser-path=%{_libexecdir}/gsissh/bin:/usr/local/bin:/usr/bin \ --with-privsep-path=%{_datadir}/empty.sshd \ --disable-strip \ --without-zlib-version-check \ @@ -583,6 +583,9 @@ fi %ghost %attr(0644,root,root) %{_localstatedir}/lib/.gsissh-host-keys-migration %changelog +* Sun Apr 20 2025 Mattias Ellert - 9.9p1-5 +- Based on openssh-9.9p1-15.fc43 + * Wed Mar 05 2025 Mattias Ellert - 9.9p1-5 - Based on openssh-9.9p1-11.fc43 diff --git a/gsisshd.sysconfig b/gsisshd.sysconfig index 7e106f4..e968b50 100644 --- a/gsisshd.sysconfig +++ b/gsisshd.sysconfig @@ -8,3 +8,4 @@ #SSH_RSA_BITS=3072 #SSH_ECDSA_BITS=256 +OPTIONS="" diff --git a/openssh-8.7p1-redhat.patch b/openssh-8.7p1-redhat.patch index 4e9d108..a4c11b5 100644 --- a/openssh-8.7p1-redhat.patch +++ b/openssh-8.7p1-redhat.patch @@ -15,7 +15,7 @@ diff -up openssh/ssh_config.redhat openssh/ssh_config diff -up openssh/ssh_config_redhat.redhat openssh/ssh_config_redhat --- openssh/ssh_config_redhat.redhat 2020-02-13 18:13:39.180641839 +0100 +++ openssh/ssh_config_redhat 2020-02-13 18:13:39.180641839 +0100 -@@ -0,0 +1,15 @@ +@@ -0,0 +1,18 @@ +# The options here are in the "Match final block" to be applied as the last +# options and could be potentially overwritten by the user configuration +Match final all @@ -29,6 +29,9 @@ diff -up openssh/ssh_config_redhat.redhat openssh/ssh_config_redhat +# mode correctly we set this to yes. + ForwardX11Trusted yes + ++# rhbz#2352653 - export COLORTERM ++ SendEnv COLORTERM ++ +# Uncomment this if you want to use .local domain +# Host *.local diff -up openssh/sshd_config.0.redhat openssh/sshd_config.0 @@ -80,7 +83,7 @@ diff -up openssh/sshd_config.redhat openssh/sshd_config diff -up openssh/sshd_config_redhat.redhat openssh/sshd_config_redhat --- openssh/sshd_config_redhat.redhat 2020-02-13 18:14:02.268006439 +0100 +++ openssh/sshd_config_redhat 2020-02-13 18:19:20.765035947 +0100 -@@ -0,0 +1,15 @@ +@@ -0,0 +1,18 @@ +SyslogFacility AUTHPRIV + +KbdInteractiveAuthentication no @@ -92,6 +95,9 @@ diff -up openssh/sshd_config_redhat.redhat openssh/sshd_config_redhat + +X11Forwarding yes + ++# rhbz#2352653 - accept COLORTERM ++ AcceptEnv COLORTERM ++ +# It is recommended to use pam_motd in /etc/pam.d/sshd instead of PrintMotd, +# as it is more configurable and versatile than the built-in version. +PrintMotd no From 6a6b9524b271b2b23c9adee30d48053161431fa6 Mon Sep 17 00:00:00 2001 From: Mattias Ellert Date: Sun, 20 Apr 2025 06:13:54 +0200 Subject: [PATCH 39/44] Bump release --- gsi-openssh.spec | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/gsi-openssh.spec b/gsi-openssh.spec index cb7ced2..b61f6d3 100644 --- a/gsi-openssh.spec +++ b/gsi-openssh.spec @@ -28,7 +28,7 @@ Summary: An implementation of the SSH protocol with GSI authentication Name: gsi-openssh Version: %{openssh_ver} -Release: 5%{?dist} +Release: 6%{?dist} Provides: gsissh = %{version}-%{release} Obsoletes: gsissh < 5.8p2-2 URL: http://www.openssh.com/portable.html @@ -583,7 +583,7 @@ fi %ghost %attr(0644,root,root) %{_localstatedir}/lib/.gsissh-host-keys-migration %changelog -* Sun Apr 20 2025 Mattias Ellert - 9.9p1-5 +* Sun Apr 20 2025 Mattias Ellert - 9.9p1-6 - Based on openssh-9.9p1-15.fc43 * Wed Mar 05 2025 Mattias Ellert - 9.9p1-5 From dff7de33ab86afdc6e3951a17c9e38cfa632c4b1 Mon Sep 17 00:00:00 2001 From: Mattias Ellert Date: Mon, 16 Jun 2025 05:31:00 +0200 Subject: [PATCH 40/44] Based on openssh-10.0p1-3.fc43 --- ...patch => 0001-openssh-7.8p1-role-mls.patch | 445 ++- ...> 0002-openssh-6.6p1-privsep-selinux.patch | 94 +- ...t.patch => 0003-openssh-6.6p1-keycat.patch | 226 +- ... => 0004-openssh-6.6p1-allow-ip-opts.patch | 21 +- ....patch => 0005-openssh-5.9p1-ipv6man.patch | 31 +- 0006-openssh-5.8p2-sigpipe.patch | 26 + ...-x11.patch => 0007-openssh-7.2p2-x11.patch | 31 +- ... 0008-openssh-5.1p1-askpass-progress.patch | 41 +- ...0009-openssh-4.3p2-askpass-grab-info.patch | 21 +- ...t.patch => 0010-openssh-8.7p1-redhat.patch | 109 +- ...=> 0011-openssh-7.8p1-UsePAM-warning.patch | 31 +- ...h => 0012-openssh-9.6p1-gssapi-keyex.patch | 2232 ++++++------ ...atch => 0013-openssh-6.6p1-force_krb.patch | 39 +- ...0014-openssh-7.7p1-gssapi-new-unique.patch | 316 +- ...0015-openssh-7.2p2-k5login_directory.patch | 31 +- ....patch => 0016-openssh-6.6p1-kuserok.patch | 135 +- 0017-openssh-6.4p1-fromto-remote.patch | 28 + ...018-openssh-6.6.1p1-selinux-contexts.patch | 50 +- ...> 0019-openssh-6.6.1p1-log-in-chroot.patch | 178 +- ...h-6.6.1p1-scp-non-existing-directory.patch | 27 + ...21-openssh-6.6p1-GSSAPIEnablek5users.patch | 107 +- 0022-openssh-6.8p1-sshdT-output.patch | 25 + ...-openssh-6.7p1-sftp-force-permission.patch | 41 +- ...=> 0024-openssh-7.2p2-s390-closefrom.patch | 22 +- ... 0025-openssh-7.3p1-x11-max-displays.patch | 152 +- ...> 0026-openssh-7.6p1-cleanup-selinux.patch | 169 +- 0027-openssh-7.5p1-sandbox.patch | 58 + ...tch => 0028-openssh-8.0p1-pkcs11-uri.patch | 3216 +++++++++-------- ...patch => 0029-openssh-7.8p1-scp-ipv6.patch | 15 +- ...> 0030-openssh-8.0p1-crypto-policies.patch | 92 +- ...ch => 0031-openssh-8.0p1-openssl-kdf.patch | 26 +- ...tch => 0032-openssh-8.2p1-visibility.patch | 22 +- ... 0033-openssh-8.2p1-x11-without-ipv6.patch | 25 +- ...34-openssh-8.0p1-preserve-pam-errors.patch | 29 +- ...> 0035-openssh-8.7p1-scp-kill-switch.patch | 39 +- ... => 0036-openssh-8.7p1-recursive-scp.patch | 86 +- ...tch => 0037-openssh-8.7p1-minrsabits.patch | 27 +- 0038-openssh-8.7p1-ibmca.patch | 25 + ...it.patch => 0039-openssh-7.6p1-audit.patch | 1030 +++--- ...0-openssh-7.1p2-audit-race-condition.patch | 59 +- ...atch => 0041-openssh-9.0p1-audit-log.patch | 127 +- ...ips.patch => 0042-openssh-7.7p1-fips.patch | 781 ++-- 0043-openssh-8.7p1-ssh-manpage.patch | 47 + ...enssh-8.7p1-negotiate-supported-algs.patch | 41 +- ...h => 0045-openssh-9.0p1-evp-fips-kex.patch | 109 +- ...> 0046-openssh-8.7p1-nohostsha1proof.patch | 161 +- 0047-openssh-9.6p1-pam-rhost.patch | 25 + 0048-openssh-9.9p1-separate-keysign.patch | 25 + ... => 0049-openssh-9.9p1-openssl-mlkem.patch | 21 +- 0050-openssh-9.9p2-error_processing.patch | 25 + ...error-for-non-supported-private-keys.patch | 27 + ...ore-bad-hostkeys-in-known_hosts-file.patch | 86 + ...-authentication-indicators-in-GSSAPI.patch | 450 +++ 1000-openssh-coverity.patch | 257 ++ ....patch => 2000-openssh-10.0p1-gsissh.patch | 440 +-- ...ch => 2001-openssh-10.0p1-hpn-18.7.0.patch | 1254 ++++--- gsi-openssh.spec | 229 +- openssh-5.8p2-sigpipe.patch | 14 - openssh-6.4p1-fromto-remote.patch | 16 - ...h-6.6.1p1-scp-non-existing-directory.patch | 14 - openssh-6.7p1-coverity.patch | 248 -- openssh-6.8p1-sshdT-output.patch | 12 - openssh-7.5p1-sandbox.patch | 86 - openssh-8.0p1-keygen-strip-doseol.patch | 12 - openssh-8.7p1-ibmca.patch | 11 - openssh-8.7p1-ssh-manpage.patch | 53 - openssh-9.6p1-pam-rhost.patch | 32 - openssh-9.9p1-match-regression.patch | 471 --- openssh-9.9p1-mlkembe.patch | 98 - openssh-9.9p1-separate-keysign.patch | 12 - openssh-9.9p2-error_processing.patch | 161 - 71 files changed, 7826 insertions(+), 6896 deletions(-) rename openssh-7.8p1-role-mls.patch => 0001-openssh-7.8p1-role-mls.patch (80%) rename openssh-6.6p1-privsep-selinux.patch => 0002-openssh-6.6p1-privsep-selinux.patch (52%) rename openssh-6.6p1-keycat.patch => 0003-openssh-6.6p1-keycat.patch (77%) rename openssh-6.6p1-allow-ip-opts.patch => 0004-openssh-6.6p1-allow-ip-opts.patch (68%) rename openssh-5.9p1-ipv6man.patch => 0005-openssh-5.9p1-ipv6man.patch (54%) create mode 100644 0006-openssh-5.8p2-sigpipe.patch rename openssh-7.2p2-x11.patch => 0007-openssh-7.2p2-x11.patch (71%) rename openssh-5.1p1-askpass-progress.patch => 0008-openssh-5.1p1-askpass-progress.patch (66%) rename openssh-4.3p2-askpass-grab-info.patch => 0009-openssh-4.3p2-askpass-grab-info.patch (53%) rename openssh-8.7p1-redhat.patch => 0010-openssh-8.7p1-redhat.patch (67%) rename openssh-7.8p1-UsePAM-warning.patch => 0011-openssh-7.8p1-UsePAM-warning.patch (50%) rename openssh-9.6p1-gssapi-keyex.patch => 0012-openssh-9.6p1-gssapi-keyex.patch (89%) rename openssh-6.6p1-force_krb.patch => 0013-openssh-6.6p1-force_krb.patch (88%) rename openssh-7.7p1-gssapi-new-unique.patch => 0014-openssh-7.7p1-gssapi-new-unique.patch (79%) rename openssh-7.2p2-k5login_directory.patch => 0015-openssh-7.2p2-k5login_directory.patch (74%) rename openssh-6.6p1-kuserok.patch => 0016-openssh-6.6p1-kuserok.patch (80%) create mode 100644 0017-openssh-6.4p1-fromto-remote.patch rename openssh-6.6.1p1-selinux-contexts.patch => 0018-openssh-6.6.1p1-selinux-contexts.patch (73%) rename openssh-6.6.1p1-log-in-chroot.patch => 0019-openssh-6.6.1p1-log-in-chroot.patch (54%) create mode 100644 0020-openssh-6.6.1p1-scp-non-existing-directory.patch rename openssh-6.6p1-GSSAPIEnablek5users.patch => 0021-openssh-6.6p1-GSSAPIEnablek5users.patch (61%) create mode 100644 0022-openssh-6.8p1-sshdT-output.patch rename openssh-6.7p1-sftp-force-permission.patch => 0023-openssh-6.7p1-sftp-force-permission.patch (72%) rename openssh-7.2p2-s390-closefrom.patch => 0024-openssh-7.2p2-s390-closefrom.patch (66%) rename openssh-7.3p1-x11-max-displays.patch => 0025-openssh-7.3p1-x11-max-displays.patch (53%) rename openssh-7.6p1-cleanup-selinux.patch => 0026-openssh-7.6p1-cleanup-selinux.patch (65%) create mode 100644 0027-openssh-7.5p1-sandbox.patch rename openssh-8.0p1-pkcs11-uri.patch => 0028-openssh-8.0p1-pkcs11-uri.patch (90%) rename openssh-7.8p1-scp-ipv6.patch => 0029-openssh-7.8p1-scp-ipv6.patch (51%) rename openssh-8.0p1-crypto-policies.patch => 0030-openssh-8.0p1-crypto-policies.patch (90%) rename openssh-8.0p1-openssl-kdf.patch => 0031-openssh-8.0p1-openssl-kdf.patch (84%) rename openssh-8.2p1-visibility.patch => 0032-openssh-8.2p1-visibility.patch (62%) rename openssh-8.2p1-x11-without-ipv6.patch => 0033-openssh-8.2p1-x11-without-ipv6.patch (55%) rename openssh-8.0p1-preserve-pam-errors.patch => 0034-openssh-8.0p1-preserve-pam-errors.patch (67%) rename openssh-8.7p1-scp-kill-switch.patch => 0035-openssh-8.7p1-scp-kill-switch.patch (57%) rename openssh-8.7p1-recursive-scp.patch => 0036-openssh-8.7p1-recursive-scp.patch (73%) rename openssh-8.7p1-minrsabits.patch => 0037-openssh-8.7p1-minrsabits.patch (63%) create mode 100644 0038-openssh-8.7p1-ibmca.patch rename openssh-7.6p1-audit.patch => 0039-openssh-7.6p1-audit.patch (83%) rename openssh-7.1p2-audit-race-condition.patch => 0040-openssh-7.1p2-audit-race-condition.patch (73%) rename openssh-9.0p1-audit-log.patch => 0041-openssh-9.0p1-audit-log.patch (85%) rename openssh-7.7p1-fips.patch => 0042-openssh-7.7p1-fips.patch (77%) create mode 100644 0043-openssh-8.7p1-ssh-manpage.patch rename openssh-8.7p1-negotiate-supported-algs.patch => 0044-openssh-8.7p1-negotiate-supported-algs.patch (74%) rename openssh-9.0p1-evp-fips-kex.patch => 0045-openssh-9.0p1-evp-fips-kex.patch (90%) rename openssh-8.7p1-nohostsha1proof.patch => 0046-openssh-8.7p1-nohostsha1proof.patch (69%) create mode 100644 0047-openssh-9.6p1-pam-rhost.patch create mode 100644 0048-openssh-9.9p1-separate-keysign.patch rename openssh-9.9p1-openssl-mlkem.patch => 0049-openssh-9.9p1-openssl-mlkem.patch (94%) create mode 100644 0050-openssh-9.9p2-error_processing.patch create mode 100644 0051-Provide-better-error-for-non-supported-private-keys.patch create mode 100644 0052-Ignore-bad-hostkeys-in-known_hosts-file.patch create mode 100644 0053-support-authentication-indicators-in-GSSAPI.patch create mode 100644 1000-openssh-coverity.patch rename openssh-9.9p1-gsissh.patch => 2000-openssh-10.0p1-gsissh.patch (86%) rename openssh-9.9p1-hpn-18.6.0.patch => 2001-openssh-10.0p1-hpn-18.7.0.patch (94%) delete mode 100644 openssh-5.8p2-sigpipe.patch delete mode 100644 openssh-6.4p1-fromto-remote.patch delete mode 100644 openssh-6.6.1p1-scp-non-existing-directory.patch delete mode 100644 openssh-6.7p1-coverity.patch delete mode 100644 openssh-6.8p1-sshdT-output.patch delete mode 100644 openssh-7.5p1-sandbox.patch delete mode 100644 openssh-8.0p1-keygen-strip-doseol.patch delete mode 100644 openssh-8.7p1-ibmca.patch delete mode 100644 openssh-8.7p1-ssh-manpage.patch delete mode 100644 openssh-9.6p1-pam-rhost.patch delete mode 100644 openssh-9.9p1-match-regression.patch delete mode 100644 openssh-9.9p1-mlkembe.patch delete mode 100644 openssh-9.9p1-separate-keysign.patch delete mode 100644 openssh-9.9p2-error_processing.patch diff --git a/openssh-7.8p1-role-mls.patch b/0001-openssh-7.8p1-role-mls.patch similarity index 80% rename from openssh-7.8p1-role-mls.patch rename to 0001-openssh-7.8p1-role-mls.patch index 7c6d0ca..c08e414 100644 --- a/openssh-7.8p1-role-mls.patch +++ b/0001-openssh-7.8p1-role-mls.patch @@ -1,46 +1,75 @@ -diff -up openssh/auth2.c.role-mls openssh/auth2.c ---- openssh/auth2.c.role-mls 2018-08-20 07:57:29.000000000 +0200 -+++ openssh/auth2.c 2018-08-22 11:14:56.815430916 +0200 -@@ -256,6 +256,9 @@ input_userauth_request(int type, u_int32 - Authctxt *authctxt = ssh->authctxt; - Authmethod *m = NULL; - char *user = NULL, *service = NULL, *method = NULL, *style = NULL; +From 95f4e30195382c3df7104c2ad3e5e9953f8ad554 Mon Sep 17 00:00:00 2001 +From: Dmitry Belyavskiy +Date: Thu, 15 May 2025 13:43:28 +0200 +Subject: [PATCH 01/50] openssh-7.8p1-role-mls + +--- + auth-pam.c | 2 +- + auth-pam.h | 2 +- + auth.h | 3 + + auth2-gss.c | 11 +- + auth2-hostbased.c | 9 + + auth2-pubkey.c | 11 +- + auth2.c | 14 ++ + misc.c | 8 + + monitor.c | 37 ++- + monitor.h | 4 + + monitor_wrap.c | 21 ++ + monitor_wrap.h | 3 + + openbsd-compat/Makefile.in | 3 +- + openbsd-compat/port-linux-sshd.c | 420 +++++++++++++++++++++++++++++++ + openbsd-compat/port-linux.c | 37 +-- + openbsd-compat/port-linux.h | 3 +- + platform.c | 2 +- + sshd-session.c | 3 + + 18 files changed, 551 insertions(+), 42 deletions(-) + create mode 100644 openbsd-compat/port-linux-sshd.c + +diff --git a/auth-pam.c b/auth-pam.c +index 13c0a792..b4100ea1 100644 +--- a/auth-pam.c ++++ b/auth-pam.c +@@ -1238,7 +1238,7 @@ is_pam_session_open(void) + * during the ssh authentication process. + */ + int +-do_pam_putenv(char *name, char *value) ++do_pam_putenv(char *name, const char *value) + { + int ret = 1; + char *compound; +diff --git a/auth-pam.h b/auth-pam.h +index 8d801c68..9dd7ae07 100644 +--- a/auth-pam.h ++++ b/auth-pam.h +@@ -33,7 +33,7 @@ u_int do_pam_account(void); + void do_pam_session(struct ssh *); + void do_pam_setcred(void); + void do_pam_chauthtok(void); +-int do_pam_putenv(char *, char *); ++int do_pam_putenv(char *, const char *); + char ** fetch_pam_environment(void); + char ** fetch_pam_child_environment(void); + void free_pam_environment(char **); +diff --git a/auth.h b/auth.h +index 98bb23d4..83d07ae8 100644 +--- a/auth.h ++++ b/auth.h +@@ -65,6 +65,9 @@ struct Authctxt { + char *service; + struct passwd *pw; /* set if 'valid' */ + char *style; +#ifdef WITH_SELINUX -+ char *role = NULL; ++ char *role; +#endif - int r, authenticated = 0; - double tstart = monotime_double(); -@@ -268,6 +271,11 @@ input_userauth_request(int type, u_int32 - debug("userauth-request for user %s service %s method %s", user, service, method); - debug("attempt %d failures %d", authctxt->attempt, authctxt->failures); - -+#ifdef WITH_SELINUX -+ if ((role = strchr(user, '/')) != NULL) -+ *role++ = 0; -+#endif -+ - if ((style = strchr(user, ':')) != NULL) - *style++ = 0; - -@@ -314,7 +314,13 @@ input_userauth_request(int type, u_int32 - setproctitle("%s [net]", authctxt->valid ? user : "unknown"); - authctxt->service = xstrdup(service); - authctxt->style = style ? xstrdup(style) : NULL; -+#ifdef WITH_SELINUX -+ authctxt->role = role ? xstrdup(role) : NULL; -+#endif - mm_inform_authserv(service, style); -+#ifdef WITH_SELINUX -+ mm_inform_authrole(role); -+#endif - userauth_banner(ssh); - if ((r = kex_server_update_ext_info(ssh)) != 0) - fatal_fr(r, "kex_server_update_ext_info failed"); -diff -up openssh/auth2-gss.c.role-mls openssh/auth2-gss.c ---- openssh/auth2-gss.c.role-mls 2018-08-20 07:57:29.000000000 +0200 -+++ openssh/auth2-gss.c 2018-08-22 11:15:42.459799171 +0200 -@@ -281,6 +281,7 @@ input_gssapi_mic(int type, u_int32_t ple + /* Method lists for multiple authentication */ + char **auth_methods; /* modified from server config */ +diff --git a/auth2-gss.c b/auth2-gss.c +index 75eb4e3a..f7898ab3 100644 +--- a/auth2-gss.c ++++ b/auth2-gss.c +@@ -284,6 +284,7 @@ input_gssapi_mic(int type, u_int32_t plen, struct ssh *ssh) Authctxt *authctxt = ssh->authctxt; Gssctxt *gssctxt; int r, authenticated = 0; @@ -48,7 +77,7 @@ diff -up openssh/auth2-gss.c.role-mls openssh/auth2-gss.c struct sshbuf *b; gss_buffer_desc mic, gssbuf; u_char *p; -@@ -298,7 +299,13 @@ input_gssapi_mic(int type, u_int32_t ple +@@ -300,7 +301,13 @@ input_gssapi_mic(int type, u_int32_t plen, struct ssh *ssh) fatal_f("sshbuf_new failed"); mic.value = p; mic.length = len; @@ -63,7 +92,7 @@ diff -up openssh/auth2-gss.c.role-mls openssh/auth2-gss.c "gssapi-with-mic", ssh->kex->session_id); if ((gssbuf.value = sshbuf_mutable_ptr(b)) == NULL) -@@ -311,6 +318,8 @@ input_gssapi_mic(int type, u_int32_t ple +@@ -313,6 +320,8 @@ input_gssapi_mic(int type, u_int32_t plen, struct ssh *ssh) logit("GSSAPI MIC check failed"); sshbuf_free(b); @@ -72,10 +101,11 @@ diff -up openssh/auth2-gss.c.role-mls openssh/auth2-gss.c free(mic.value); authctxt->postponed = 0; -diff -up openssh/auth2-hostbased.c.role-mls openssh/auth2-hostbased.c ---- openssh/auth2-hostbased.c.role-mls 2018-08-20 07:57:29.000000000 +0200 -+++ openssh/auth2-hostbased.c 2018-08-22 11:14:56.816430924 +0200 -@@ -123,7 +123,16 @@ userauth_hostbased(struct ssh *ssh) +diff --git a/auth2-hostbased.c b/auth2-hostbased.c +index eb21479a..a3be6e49 100644 +--- a/auth2-hostbased.c ++++ b/auth2-hostbased.c +@@ -129,7 +129,16 @@ userauth_hostbased(struct ssh *ssh, const char *method) /* reconstruct packet */ if ((r = sshbuf_put_stringb(b, ssh->kex->session_id)) != 0 || (r = sshbuf_put_u8(b, SSH2_MSG_USERAUTH_REQUEST)) != 0 || @@ -92,10 +122,11 @@ diff -up openssh/auth2-hostbased.c.role-mls openssh/auth2-hostbased.c (r = sshbuf_put_cstring(b, authctxt->service)) != 0 || (r = sshbuf_put_cstring(b, method)) != 0 || (r = sshbuf_put_string(b, pkalg, alen)) != 0 || -diff -up openssh/auth2-pubkey.c.role-mls openssh/auth2-pubkey.c ---- openssh/auth2-pubkey.c.role-mls 2018-08-22 11:14:56.816430924 +0200 -+++ openssh/auth2-pubkey.c 2018-08-22 11:17:07.331483958 +0200 -@@ -169,9 +169,16 @@ userauth_pubkey(struct ssh *ssh) +diff --git a/auth2-pubkey.c b/auth2-pubkey.c +index aa24fda0..267a27d2 100644 +--- a/auth2-pubkey.c ++++ b/auth2-pubkey.c +@@ -206,9 +206,16 @@ userauth_pubkey(struct ssh *ssh, const char *method) goto done; } /* reconstruct packet */ @@ -114,47 +145,51 @@ diff -up openssh/auth2-pubkey.c.role-mls openssh/auth2-pubkey.c if ((r = sshbuf_put_u8(b, SSH2_MSG_USERAUTH_REQUEST)) != 0 || (r = sshbuf_put_cstring(b, userstyle)) != 0 || (r = sshbuf_put_cstring(b, authctxt->service)) != 0 || -diff -up openssh/auth.h.role-mls openssh/auth.h ---- openssh/auth.h.role-mls 2018-08-20 07:57:29.000000000 +0200 -+++ openssh/auth.h 2018-08-22 11:14:56.816430924 +0200 -@@ -65,6 +65,9 @@ struct Authctxt { - char *service; - struct passwd *pw; /* set if 'valid' */ - char *style; +diff --git a/auth2.c b/auth2.c +index 82f6e621..5ba45c12 100644 +--- a/auth2.c ++++ b/auth2.c +@@ -271,6 +271,9 @@ input_userauth_request(int type, u_int32_t seq, struct ssh *ssh) + Authctxt *authctxt = ssh->authctxt; + Authmethod *m = NULL; + char *user = NULL, *service = NULL, *method = NULL, *style = NULL; +#ifdef WITH_SELINUX -+ char *role; ++ char *role = NULL; +#endif + int r, authenticated = 0; + double tstart = monotime_double(); - /* Method lists for multiple authentication */ - char **auth_methods; /* modified from server config */ -diff -up openssh/auth-pam.c.role-mls openssh/auth-pam.c ---- openssh/auth-pam.c.role-mls 2018-08-20 07:57:29.000000000 +0200 -+++ openssh/auth-pam.c 2018-08-22 11:14:56.816430924 +0200 -@@ -1172,7 +1172,7 @@ is_pam_session_open(void) - * during the ssh authentication process. - */ - int --do_pam_putenv(char *name, char *value) -+do_pam_putenv(char *name, const char *value) - { - int ret = 1; - char *compound; -diff -up openssh/auth-pam.h.role-mls openssh/auth-pam.h ---- openssh/auth-pam.h.role-mls 2018-08-20 07:57:29.000000000 +0200 -+++ openssh/auth-pam.h 2018-08-22 11:14:56.817430932 +0200 -@@ -33,7 +33,7 @@ u_int do_pam_account(void); - void do_pam_session(struct ssh *); - void do_pam_setcred(void); - void do_pam_chauthtok(void); --int do_pam_putenv(char *, char *); -+int do_pam_putenv(char *, const char *); - char ** fetch_pam_environment(void); - char ** fetch_pam_child_environment(void); - void free_pam_environment(char **); -diff -up openssh/misc.c.role-mls openssh/misc.c ---- openssh/misc.c.role-mls 2018-08-20 07:57:29.000000000 +0200 -+++ openssh/misc.c 2018-08-22 11:14:56.817430932 +0200 -@@ -542,6 +542,7 @@ char * +@@ -284,6 +287,11 @@ input_userauth_request(int type, u_int32_t seq, struct ssh *ssh) + debug("userauth-request for user %s service %s method %s", user, service, method); + debug("attempt %d failures %d", authctxt->attempt, authctxt->failures); + ++#ifdef WITH_SELINUX ++ if ((role = strchr(user, '/')) != NULL) ++ *role++ = 0; ++#endif ++ + if ((style = strchr(user, ':')) != NULL) + *style++ = 0; + +@@ -313,7 +321,13 @@ input_userauth_request(int type, u_int32_t seq, struct ssh *ssh) + setproctitle("%s [net]", authctxt->valid ? user : "unknown"); + authctxt->service = xstrdup(service); + authctxt->style = style ? xstrdup(style) : NULL; ++#ifdef WITH_SELINUX ++ authctxt->role = role ? xstrdup(role) : NULL; ++#endif + mm_inform_authserv(service, style); ++#ifdef WITH_SELINUX ++ mm_inform_authrole(role); ++#endif + userauth_banner(ssh); + if ((r = kex_server_update_ext_info(ssh)) != 0) + fatal_fr(r, "kex_server_update_ext_info failed"); +diff --git a/misc.c b/misc.c +index dd0bd032..c932f9bb 100644 +--- a/misc.c ++++ b/misc.c +@@ -806,6 +806,7 @@ char * colon(char *cp) { int flag = 0; @@ -162,7 +197,7 @@ diff -up openssh/misc.c.role-mls openssh/misc.c if (*cp == ':') /* Leading colon is part of file name. */ return NULL; -@@ -557,6 +558,13 @@ colon(char *cp) +@@ -821,6 +822,13 @@ colon(char *cp) return (cp); if (*cp == '/') return NULL; @@ -176,10 +211,11 @@ diff -up openssh/misc.c.role-mls openssh/misc.c } return NULL; } -diff -up openssh-8.6p1/monitor.c.role-mls openssh-8.6p1/monitor.c ---- openssh-8.6p1/monitor.c.role-mls 2021-04-16 05:55:25.000000000 +0200 -+++ openssh-8.6p1/monitor.c 2021-05-21 14:21:56.719414087 +0200 -@@ -117,6 +117,9 @@ int mm_answer_sign(struct ssh *, int, st +diff --git a/monitor.c b/monitor.c +index 2179553d..02b3eaaa 100644 +--- a/monitor.c ++++ b/monitor.c +@@ -120,6 +120,9 @@ int mm_answer_sign(struct ssh *, int, struct sshbuf *); int mm_answer_pwnamallow(struct ssh *, int, struct sshbuf *); int mm_answer_auth2_read_banner(struct ssh *, int, struct sshbuf *); int mm_answer_authserv(struct ssh *, int, struct sshbuf *); @@ -189,7 +225,7 @@ diff -up openssh-8.6p1/monitor.c.role-mls openssh-8.6p1/monitor.c int mm_answer_authpassword(struct ssh *, int, struct sshbuf *); int mm_answer_bsdauthquery(struct ssh *, int, struct sshbuf *); int mm_answer_bsdauthrespond(struct ssh *, int, struct sshbuf *); -@@ -195,6 +198,9 @@ struct mon_table mon_dispatch_proto20[] +@@ -194,6 +197,9 @@ struct mon_table mon_dispatch_proto20[] = { {MONITOR_REQ_SIGN, MON_ONCE, mm_answer_sign}, {MONITOR_REQ_PWNAM, MON_ONCE, mm_answer_pwnamallow}, {MONITOR_REQ_AUTHSERV, MON_ONCE, mm_answer_authserv}, @@ -199,7 +235,7 @@ diff -up openssh-8.6p1/monitor.c.role-mls openssh-8.6p1/monitor.c {MONITOR_REQ_AUTH2_READ_BANNER, MON_ONCE, mm_answer_auth2_read_banner}, {MONITOR_REQ_AUTHPASSWORD, MON_AUTH, mm_answer_authpassword}, #ifdef USE_PAM -@@ -803,6 +809,9 @@ mm_answer_pwnamallow(struct ssh *ssh, in +@@ -912,6 +918,9 @@ mm_answer_pwnamallow(struct ssh *ssh, int sock, struct sshbuf *m) /* Allow service/style information on the auth context */ monitor_permit(mon_dispatch, MONITOR_REQ_AUTHSERV, 1); @@ -209,7 +245,7 @@ diff -up openssh-8.6p1/monitor.c.role-mls openssh-8.6p1/monitor.c monitor_permit(mon_dispatch, MONITOR_REQ_AUTH2_READ_BANNER, 1); #ifdef USE_PAM -@@ -877,6 +886,26 @@ key_base_type_match(const char *method, +@@ -986,6 +995,26 @@ key_base_type_match(const char *method, const struct sshkey *key, return found; } @@ -236,16 +272,16 @@ diff -up openssh-8.6p1/monitor.c.role-mls openssh-8.6p1/monitor.c int mm_answer_authpassword(struct ssh *ssh, int sock, struct sshbuf *m) { -@@ -1251,7 +1280,7 @@ monitor_valid_userblob(struct ssh *ssh, +@@ -1358,7 +1387,7 @@ monitor_valid_userblob(struct ssh *ssh, const u_char *data, u_int datalen) struct sshbuf *b; - struct sshkey *hostkey = NULL; + struct sshkey *hostkey = NULL; const u_char *p; - char *userstyle, *cp; + char *userstyle, *s, *cp; size_t len; u_char type; int hostbound = 0, r, fail = 0; -@@ -1282,6 +1311,8 @@ monitor_valid_userblob(struct ssh *ssh, +@@ -1389,6 +1418,8 @@ monitor_valid_userblob(struct ssh *ssh, const u_char *data, u_int datalen) fail++; if ((r = sshbuf_get_cstring(b, &cp, NULL)) != 0) fatal_fr(r, "parse userstyle"); @@ -254,7 +290,7 @@ diff -up openssh-8.6p1/monitor.c.role-mls openssh-8.6p1/monitor.c xasprintf(&userstyle, "%s%s%s", authctxt->user, authctxt->style ? ":" : "", authctxt->style ? authctxt->style : ""); -@@ -1317,7 +1348,7 @@ monitor_valid_hostbasedblob(const u_char +@@ -1439,7 +1470,7 @@ monitor_valid_hostbasedblob(const u_char *data, u_int datalen, { struct sshbuf *b; const u_char *p; @@ -263,7 +299,7 @@ diff -up openssh-8.6p1/monitor.c.role-mls openssh-8.6p1/monitor.c size_t len; int r, fail = 0; u_char type; -@@ -1338,6 +1370,8 @@ monitor_valid_hostbasedblob(const u_char +@@ -1460,6 +1491,8 @@ monitor_valid_hostbasedblob(const u_char *data, u_int datalen, fail++; if ((r = sshbuf_get_cstring(b, &cp, NULL)) != 0) fatal_fr(r, "parse userstyle"); @@ -272,12 +308,13 @@ diff -up openssh-8.6p1/monitor.c.role-mls openssh-8.6p1/monitor.c xasprintf(&userstyle, "%s%s%s", authctxt->user, authctxt->style ? ":" : "", authctxt->style ? authctxt->style : ""); -diff -up openssh/monitor.h.role-mls openssh/monitor.h ---- openssh/monitor.h.role-mls 2018-08-20 07:57:29.000000000 +0200 -+++ openssh/monitor.h 2018-08-22 11:14:56.818430941 +0200 -@@ -55,6 +55,10 @@ enum monitor_reqtype { - MONITOR_REQ_GSSCHECKMIC = 48, MONITOR_ANS_GSSCHECKMIC = 49, +diff --git a/monitor.h b/monitor.h +index 3f8a9bea..9dcd9c29 100644 +--- a/monitor.h ++++ b/monitor.h +@@ -56,6 +56,10 @@ enum monitor_reqtype { MONITOR_REQ_TERM = 50, + MONITOR_REQ_STATE = 51, MONITOR_ANS_STATE = 52, +#ifdef WITH_SELINUX + MONITOR_REQ_AUTHROLE = 80, @@ -286,10 +323,11 @@ diff -up openssh/monitor.h.role-mls openssh/monitor.h MONITOR_REQ_PAM_START = 100, MONITOR_REQ_PAM_ACCOUNT = 102, MONITOR_ANS_PAM_ACCOUNT = 103, MONITOR_REQ_PAM_INIT_CTX = 104, MONITOR_ANS_PAM_INIT_CTX = 105, -diff -up openssh/monitor_wrap.c.role-mls openssh/monitor_wrap.c ---- openssh/monitor_wrap.c.role-mls 2018-08-22 11:14:56.818430941 +0200 -+++ openssh/monitor_wrap.c 2018-08-22 11:21:47.938747968 +0200 -@@ -390,6 +390,27 @@ mm_inform_authserv(char *service, char * +diff --git a/monitor_wrap.c b/monitor_wrap.c +index bd900b2f..ef3ab1b1 100644 +--- a/monitor_wrap.c ++++ b/monitor_wrap.c +@@ -442,6 +442,27 @@ mm_inform_authserv(char *service, char *style) sshbuf_free(m); } @@ -317,10 +355,11 @@ diff -up openssh/monitor_wrap.c.role-mls openssh/monitor_wrap.c /* Do the password authentication */ int mm_auth_password(struct ssh *ssh, char *password) -diff -up openssh/monitor_wrap.h.role-mls openssh/monitor_wrap.h ---- openssh/monitor_wrap.h.role-mls 2018-08-22 11:14:56.818430941 +0200 -+++ openssh/monitor_wrap.h 2018-08-22 11:22:10.439929513 +0200 -@@ -44,6 +44,9 @@ DH *mm_choose_dh(int, int, int); +diff --git a/monitor_wrap.h b/monitor_wrap.h +index 7134afee..38a280c8 100644 +--- a/monitor_wrap.h ++++ b/monitor_wrap.h +@@ -46,6 +46,9 @@ int mm_sshkey_sign(struct ssh *, struct sshkey *, u_char **, size_t *, const u_char *, size_t, const char *, const char *, const char *, u_int compat); void mm_inform_authserv(char *, char *); @@ -330,10 +369,11 @@ diff -up openssh/monitor_wrap.h.role-mls openssh/monitor_wrap.h struct passwd *mm_getpwnamallow(struct ssh *, const char *); char *mm_auth2_read_banner(void); int mm_auth_password(struct ssh *, char *); -diff -up openssh/openbsd-compat/Makefile.in.role-mls openssh/openbsd-compat/Makefile.in ---- openssh/openbsd-compat/Makefile.in.role-mls 2018-08-20 07:57:29.000000000 +0200 -+++ openssh/openbsd-compat/Makefile.in 2018-08-22 11:14:56.819430949 +0200 -@@ -92,7 +92,8 @@ PORTS= port-aix.o \ +diff --git a/openbsd-compat/Makefile.in b/openbsd-compat/Makefile.in +index 1d549954..78e6fa5b 100644 +--- a/openbsd-compat/Makefile.in ++++ b/openbsd-compat/Makefile.in +@@ -100,7 +100,8 @@ PORTS= port-aix.o \ port-prngd.o \ port-solaris.o \ port-net.o \ @@ -343,78 +383,11 @@ diff -up openssh/openbsd-compat/Makefile.in.role-mls openssh/openbsd-compat/Make .c.o: $(CC) $(CFLAGS_NOPIE) $(PICFLAG) $(CPPFLAGS) -c $< -diff -up openssh/openbsd-compat/port-linux.c.role-mls openssh/openbsd-compat/port-linux.c ---- openssh/openbsd-compat/port-linux.c.role-mls 2018-08-20 07:57:29.000000000 +0200 -+++ openssh/openbsd-compat/port-linux.c 2018-08-22 11:14:56.819430949 +0200 -@@ -100,37 +100,6 @@ ssh_selinux_getctxbyname(char *pwname) - return sc; - } - --/* Set the execution context to the default for the specified user */ --void --ssh_selinux_setup_exec_context(char *pwname) --{ -- char *user_ctx = NULL; -- -- if (!ssh_selinux_enabled()) -- return; -- -- debug3("%s: setting execution context", __func__); -- -- user_ctx = ssh_selinux_getctxbyname(pwname); -- if (setexeccon(user_ctx) != 0) { -- switch (security_getenforce()) { -- case -1: -- fatal("%s: security_getenforce() failed", __func__); -- case 0: -- error("%s: Failed to set SELinux execution " -- "context for %s", __func__, pwname); -- break; -- default: -- fatal("%s: Failed to set SELinux execution context " -- "for %s (in enforcing mode)", __func__, pwname); -- } -- } -- if (user_ctx != NULL) -- freecon(user_ctx); -- -- debug3("%s: done", __func__); --} -- - /* Set the TTY context for the specified user */ - void - ssh_selinux_setup_pty(char *pwname, const char *tty) -@@ -145,7 +114,11 @@ ssh_selinux_setup_pty(char *pwname, cons - - debug3("%s: setting TTY context on %s", __func__, tty); - -- user_ctx = ssh_selinux_getctxbyname(pwname); -+ if (getexeccon(&user_ctx) != 0) { -+ error_f("getexeccon: %s", strerror(errno)); -+ goto out; -+ } -+ - - /* XXX: should these calls fatal() upon failure in enforcing mode? */ - -diff -up openssh/openbsd-compat/port-linux.h.role-mls openssh/openbsd-compat/port-linux.h ---- openssh/openbsd-compat/port-linux.h.role-mls 2018-08-20 07:57:29.000000000 +0200 -+++ openssh/openbsd-compat/port-linux.h 2018-08-22 11:14:56.819430949 +0200 -@@ -20,9 +20,10 @@ - #ifdef WITH_SELINUX - int ssh_selinux_enabled(void); - void ssh_selinux_setup_pty(char *, const char *); --void ssh_selinux_setup_exec_context(char *); - void ssh_selinux_change_context(const char *); - void ssh_selinux_setfscreatecon(const char *); -+ -+void sshd_selinux_setup_exec_context(char *); - #endif - - #ifdef LINUX_OOM_ADJUST -diff -up openssh/openbsd-compat/port-linux-sshd.c.role-mls openssh/openbsd-compat/port-linux-sshd.c ---- openssh/openbsd-compat/port-linux-sshd.c.role-mls 2018-08-22 11:14:56.819430949 +0200 -+++ openssh/openbsd-compat/port-linux-sshd.c 2018-08-22 11:14:56.819430949 +0200 +diff --git a/openbsd-compat/port-linux-sshd.c b/openbsd-compat/port-linux-sshd.c +new file mode 100644 +index 00000000..b9fbe38b +--- /dev/null ++++ b/openbsd-compat/port-linux-sshd.c @@ -0,0 +1,420 @@ +/* + * Copyright (c) 2005 Daniel Walsh @@ -836,10 +809,82 @@ diff -up openssh/openbsd-compat/port-linux-sshd.c.role-mls openssh/openbsd-compa +#endif +#endif + -diff -up openssh/platform.c.role-mls openssh/platform.c ---- openssh/platform.c.role-mls 2018-08-20 07:57:29.000000000 +0200 -+++ openssh/platform.c 2018-08-22 11:14:56.819430949 +0200 -@@ -183,7 +183,7 @@ platform_setusercontext_post_groups(stru +diff --git a/openbsd-compat/port-linux.c b/openbsd-compat/port-linux.c +index c1d54f38..7426f6f7 100644 +--- a/openbsd-compat/port-linux.c ++++ b/openbsd-compat/port-linux.c +@@ -109,37 +109,6 @@ ssh_selinux_getctxbyname(char *pwname) + return sc; + } + +-/* Set the execution context to the default for the specified user */ +-void +-ssh_selinux_setup_exec_context(char *pwname) +-{ +- char *user_ctx = NULL; +- +- if (!ssh_selinux_enabled()) +- return; +- +- debug3("%s: setting execution context", __func__); +- +- user_ctx = ssh_selinux_getctxbyname(pwname); +- if (setexeccon(user_ctx) != 0) { +- switch (security_getenforce()) { +- case -1: +- fatal("%s: security_getenforce() failed", __func__); +- case 0: +- error("%s: Failed to set SELinux execution " +- "context for %s", __func__, pwname); +- break; +- default: +- fatal("%s: Failed to set SELinux execution context " +- "for %s (in enforcing mode)", __func__, pwname); +- } +- } +- if (user_ctx != NULL) +- freecon(user_ctx); +- +- debug3("%s: done", __func__); +-} +- + /* Set the TTY context for the specified user */ + void + ssh_selinux_setup_pty(char *pwname, const char *tty) +@@ -152,7 +121,11 @@ ssh_selinux_setup_pty(char *pwname, const char *tty) + + debug3("%s: setting TTY context on %s", __func__, tty); + +- user_ctx = ssh_selinux_getctxbyname(pwname); ++ if (getexeccon(&user_ctx) != 0) { ++ error_f("getexeccon: %s", strerror(errno)); ++ goto out; ++ } ++ + + /* XXX: should these calls fatal() upon failure in enforcing mode? */ + +diff --git a/openbsd-compat/port-linux.h b/openbsd-compat/port-linux.h +index 959430de..055c825e 100644 +--- a/openbsd-compat/port-linux.h ++++ b/openbsd-compat/port-linux.h +@@ -20,9 +20,10 @@ + #ifdef WITH_SELINUX + int ssh_selinux_enabled(void); + void ssh_selinux_setup_pty(char *, const char *); +-void ssh_selinux_setup_exec_context(char *); + void ssh_selinux_change_context(const char *); + void ssh_selinux_setfscreatecon(const char *); ++ ++void sshd_selinux_setup_exec_context(char *); + #endif + + #ifdef LINUX_OOM_ADJUST +diff --git a/platform.c b/platform.c +index 4c4fe57e..1bfb4bea 100644 +--- a/platform.c ++++ b/platform.c +@@ -140,7 +140,7 @@ platform_setusercontext_post_groups(struct passwd *pw) } #endif /* HAVE_SETPCRED */ #ifdef WITH_SELINUX @@ -848,10 +893,11 @@ diff -up openssh/platform.c.role-mls openssh/platform.c #endif } -diff -up openssh/sshd.c.role-mls openssh/sshd.c ---- openssh/sshd-session.c.role-mls 2018-08-20 07:57:29.000000000 +0200 -+++ openssh/sshd-session.c 2018-08-22 11:14:56.820430957 +0200 -@@ -2186,6 +2186,9 @@ main(int ac, char **av) +diff --git a/sshd-session.c b/sshd-session.c +index c64eb29f..74d2cbc7 100644 +--- a/sshd-session.c ++++ b/sshd-session.c +@@ -1328,6 +1328,9 @@ main(int ac, char **av) restore_uid(); } #endif @@ -861,3 +907,6 @@ diff -up openssh/sshd.c.role-mls openssh/sshd.c #ifdef USE_PAM if (options.use_pam) { do_pam_setcred(); +-- +2.49.0 + diff --git a/openssh-6.6p1-privsep-selinux.patch b/0002-openssh-6.6p1-privsep-selinux.patch similarity index 52% rename from openssh-6.6p1-privsep-selinux.patch rename to 0002-openssh-6.6p1-privsep-selinux.patch index 16d98cd..32d3c64 100644 --- a/openssh-6.6p1-privsep-selinux.patch +++ b/0002-openssh-6.6p1-privsep-selinux.patch @@ -1,18 +1,21 @@ -diff -up openssh-7.4p1/openbsd-compat/port-linux.h.privsep-selinux openssh-7.4p1/openbsd-compat/port-linux.h ---- openssh-7.4p1/openbsd-compat/port-linux.h.privsep-selinux 2016-12-23 18:58:52.972122201 +0100 -+++ openssh-7.4p1/openbsd-compat/port-linux.h 2016-12-23 18:58:52.974122201 +0100 -@@ -23,6 +23,7 @@ void ssh_selinux_setup_pty(char *, const - void ssh_selinux_change_context(const char *); - void ssh_selinux_setfscreatecon(const char *); - -+void sshd_selinux_copy_context(void); - void sshd_selinux_setup_exec_context(char *); - #endif - -diff -up openssh-7.4p1/openbsd-compat/port-linux-sshd.c.privsep-selinux openssh-7.4p1/openbsd-compat/port-linux-sshd.c ---- openssh-7.4p1/openbsd-compat/port-linux-sshd.c.privsep-selinux 2016-12-23 18:58:52.973122201 +0100 -+++ openssh-7.4p1/openbsd-compat/port-linux-sshd.c 2016-12-23 18:58:52.974122201 +0100 -@@ -419,6 +419,28 @@ sshd_selinux_setup_exec_context(char *pw +From 99d8e250514023d3b88a1c9eb724c4898aba9827 Mon Sep 17 00:00:00 2001 +From: Dmitry Belyavskiy +Date: Thu, 15 May 2025 13:43:28 +0200 +Subject: [PATCH 02/50] openssh-6.6p1-privsep-selinux + +--- + openbsd-compat/port-linux-sshd.c | 22 ++++++++++++++++++++++ + openbsd-compat/port-linux.h | 1 + + session.c | 16 +++++++++------- + sshd-auth.c | 4 ++++ + sshd-session.c | 2 +- + 5 files changed, 37 insertions(+), 8 deletions(-) + +diff --git a/openbsd-compat/port-linux-sshd.c b/openbsd-compat/port-linux-sshd.c +index b9fbe38b..dfafc622 100644 +--- a/openbsd-compat/port-linux-sshd.c ++++ b/openbsd-compat/port-linux-sshd.c +@@ -415,6 +415,28 @@ sshd_selinux_setup_exec_context(char *pwname) debug3_f("done"); } @@ -41,10 +44,23 @@ diff -up openssh-7.4p1/openbsd-compat/port-linux-sshd.c.privsep-selinux openssh- #endif #endif -diff -up openssh-7.4p1/session.c.privsep-selinux openssh-7.4p1/session.c ---- openssh-7.4p1/session.c.privsep-selinux 2016-12-19 05:59:41.000000000 +0100 -+++ openssh-7.4p1/session.c 2016-12-23 18:58:52.974122201 +0100 -@@ -1331,7 +1331,7 @@ do_setusercontext(struct passwd *pw) +diff --git a/openbsd-compat/port-linux.h b/openbsd-compat/port-linux.h +index 055c825e..498d242a 100644 +--- a/openbsd-compat/port-linux.h ++++ b/openbsd-compat/port-linux.h +@@ -23,6 +23,7 @@ void ssh_selinux_setup_pty(char *, const char *); + void ssh_selinux_change_context(const char *); + void ssh_selinux_setfscreatecon(const char *); + ++void sshd_selinux_copy_context(void); + void sshd_selinux_setup_exec_context(char *); + #endif + +diff --git a/session.c b/session.c +index 6444c77f..e4657cef 100644 +--- a/session.c ++++ b/session.c +@@ -1350,7 +1350,7 @@ do_setusercontext(struct passwd *pw) platform_setusercontext(pw); @@ -53,17 +69,17 @@ diff -up openssh-7.4p1/session.c.privsep-selinux openssh-7.4p1/session.c #ifdef HAVE_LOGIN_CAP if (setusercontext(lc, pw, pw->pw_uid, (LOGIN_SETALL & ~(LOGIN_SETPATH|LOGIN_SETUSER))) < 0) { -@@ -1361,6 +1361,9 @@ do_setusercontext(struct passwd *pw) - (unsigned long long)pw->pw_uid); - chroot_path = percent_expand(tmp, "h", pw->pw_dir, - "u", pw->pw_name, "U", uidstr, (char *)NULL); +@@ -1382,6 +1382,9 @@ do_setusercontext(struct passwd *pw) + (unsigned long long)pw->pw_uid); + chroot_path = percent_expand(tmp, "h", pw->pw_dir, + "u", pw->pw_name, "U", uidstr, (char *)NULL); +#ifdef WITH_SELINUX + sshd_selinux_copy_context(); +#endif safely_chroot(chroot_path, pw->pw_uid); free(tmp); free(chroot_path); -@@ -1396,6 +1399,11 @@ do_setusercontext(struct passwd *pw) +@@ -1417,6 +1420,11 @@ do_setusercontext(struct passwd *pw) /* Permanently switch to the desired uid. */ permanently_set_uid(pw); #endif @@ -75,17 +91,17 @@ diff -up openssh-7.4p1/session.c.privsep-selinux openssh-7.4p1/session.c } else if (options.chroot_directory != NULL && strcasecmp(options.chroot_directory, "none") != 0) { fatal("server lacks privileges to chroot to ChrootDirectory"); -@@ -1413,9 +1421,6 @@ do_pwchange(Session *s) +@@ -1434,9 +1442,6 @@ do_pwchange(Session *s) if (s->ttyfd != -1) { fprintf(stderr, - "You must change your password now and login again!\n"); + "You must change your password now and log in again!\n"); -#ifdef WITH_SELINUX - setexeccon(NULL); -#endif #ifdef PASSWD_NEEDS_USERNAME execl(_PATH_PASSWD_PROG, "passwd", s->pw->pw_name, (char *)NULL); -@@ -1625,9 +1630,6 @@ do_child(Session *s, const char *command +@@ -1649,9 +1654,6 @@ do_child(struct ssh *ssh, Session *s, const char *command) argv[i] = NULL; optind = optreset = 1; __progname = argv[0]; @@ -95,13 +111,14 @@ diff -up openssh-7.4p1/session.c.privsep-selinux openssh-7.4p1/session.c exit(sftp_server_main(i, argv, s->pw)); } -diff -up openssh-7.4p1/sshd.c.privsep-selinux openssh-7.4p1/sshd.c ---- openssh-7.4p1/sshd-session.c.privsep-selinux 2016-12-23 18:58:52.973122201 +0100 -+++ openssh-7.4p1/sshd-session.c 2016-12-23 18:59:13.808124269 +0100 -@@ -540,6 +540,10 @@ privsep_preauth_child(void) - /* Demote the private keys to public keys. */ - demote_sensitive_data(); - +diff --git a/sshd-auth.c b/sshd-auth.c +index 30eecd8a..f957dc22 100644 +--- a/sshd-auth.c ++++ b/sshd-auth.c +@@ -187,6 +187,10 @@ privsep_child_demote(void) + if ((box = ssh_sandbox_init(pmonitor)) == NULL) + fatal_f("ssh_sandbox_init failed"); + #endif +#ifdef WITH_SELINUX + ssh_selinux_change_context("sshd_net_t"); +#endif @@ -109,7 +126,11 @@ diff -up openssh-7.4p1/sshd.c.privsep-selinux openssh-7.4p1/sshd.c /* Demote the child */ if (privsep_chroot) { /* Change our root directory */ -@@ -403,7 +403,7 @@ privsep_postauth(struct ssh *ssh, Authct +diff --git a/sshd-session.c b/sshd-session.c +index 74d2cbc7..4a148db4 100644 +--- a/sshd-session.c ++++ b/sshd-session.c +@@ -432,7 +432,7 @@ privsep_postauth(struct ssh *ssh, Authctxt *authctxt) * fd passing, as AFAIK PTY allocation on this platform doesn't require * special privileges to begin with. */ @@ -118,3 +139,6 @@ diff -up openssh-7.4p1/sshd.c.privsep-selinux openssh-7.4p1/sshd.c skip_privdrop = 1; #endif +-- +2.49.0 + diff --git a/openssh-6.6p1-keycat.patch b/0003-openssh-6.6p1-keycat.patch similarity index 77% rename from openssh-6.6p1-keycat.patch rename to 0003-openssh-6.6p1-keycat.patch index 4eb0998..b46b378 100644 --- a/openssh-6.6p1-keycat.patch +++ b/0003-openssh-6.6p1-keycat.patch @@ -1,23 +1,26 @@ -diff -up openssh/misc.c.keycat openssh/misc.c ---- openssh/misc.c.keycat 2015-06-24 10:57:50.158849606 +0200 -+++ openssh/misc.c 2015-06-24 11:04:23.989868638 +0200 -@@ -966,6 +966,13 @@ subprocess(const char *tag, struct passw - error("%s: dup2: %s", tag, strerror(errno)); - _exit(1); - } -+#ifdef WITH_SELINUX -+ if (sshd_selinux_setup_env_variables() < 0) { -+ error ("failed to copy environment: %s", -+ strerror(errno)); -+ _exit(127); -+ } -+#endif - if (env != NULL) - execve(av[0], av, env); - else -diff -up openssh/HOWTO.ssh-keycat.keycat openssh/HOWTO.ssh-keycat ---- openssh/HOWTO.ssh-keycat.keycat 2015-06-24 10:57:50.157849608 +0200 -+++ openssh/HOWTO.ssh-keycat 2015-06-24 10:57:50.157849608 +0200 +From 5e35e18a419a5a66b6e1cb2b98beaaf4d9db0dc6 Mon Sep 17 00:00:00 2001 +From: Dmitry Belyavskiy +Date: Thu, 15 May 2025 13:43:28 +0200 +Subject: [PATCH 03/50] openssh-6.6p1-keycat + +--- + HOWTO.ssh-keycat | 12 ++ + Makefile.in | 8 +- + configure.ac | 6 + + misc.c | 7 + + openbsd-compat/port-linux-sshd.c | 44 +++++- + openbsd-compat/port-linux.h | 2 + + platform.c | 2 +- + ssh-keycat.c | 241 +++++++++++++++++++++++++++++++ + 8 files changed, 314 insertions(+), 8 deletions(-) + create mode 100644 HOWTO.ssh-keycat + create mode 100644 ssh-keycat.c + +diff --git a/HOWTO.ssh-keycat b/HOWTO.ssh-keycat +new file mode 100644 +index 00000000..630ec628 +--- /dev/null ++++ b/HOWTO.ssh-keycat @@ -0,0 +1,12 @@ +The ssh-keycat retrieves the content of the ~/.ssh/authorized_keys +of an user in any environment. This includes environments with @@ -31,35 +34,36 @@ diff -up openssh/HOWTO.ssh-keycat.keycat openssh/HOWTO.ssh-keycat + PubkeyAuthentication yes + + -diff -up openssh/Makefile.in.keycat openssh/Makefile.in ---- openssh/Makefile.in.keycat 2015-06-24 10:57:50.152849621 +0200 -+++ openssh/Makefile.in 2015-06-24 10:57:50.157849608 +0200 -@@ -27,6 +27,7 @@ SFTP_SERVER=$(libexecdir)/sftp-server +diff --git a/Makefile.in b/Makefile.in +index 4617cebc..438efc51 100644 +--- a/Makefile.in ++++ b/Makefile.in +@@ -23,6 +23,7 @@ SSH_PROGRAM=@bindir@/ssh ASKPASS_PROGRAM=$(libexecdir)/ssh-askpass SFTP_SERVER=$(libexecdir)/sftp-server SSH_KEYSIGN=$(libexecdir)/ssh-keysign +SSH_KEYCAT=$(libexecdir)/ssh-keycat SSHD_SESSION=$(libexecdir)/sshd-session + SSHD_AUTH=$(libexecdir)/sshd-auth SSH_PKCS11_HELPER=$(libexecdir)/ssh-pkcs11-helper - SSH_SK_HELPER=$(libexecdir)/ssh-sk-helper -@@ -52,6 +52,7 @@ K5LIBS=@K5LIBS@ +@@ -57,6 +58,7 @@ CHANNELLIBS=@CHANNELLIBS@ K5LIBS=@K5LIBS@ GSSLIBS=@GSSLIBS@ SSHDLIBS=@SSHDLIBS@ +KEYCATLIBS=@KEYCATLIBS@ LIBEDIT=@LIBEDIT@ LIBFIDO2=@LIBFIDO2@ - AR=@AR@ -@@ -65,7 +66,7 @@ EXEEXT=@EXEEXT@ + LIBWTMPDB=@LIBWTMPDB@ +@@ -74,7 +76,7 @@ MKDIR_P=@MKDIR_P@ .SUFFIXES: .lo --TARGETS=ssh$(EXEEXT) sshd$(EXEEXT) sshd-session$(EXEEXT) ssh-add$(EXEEXT) ssh-keygen$(EXEEXT) ssh-keyscan${EXEEXT} ssh-keysign${EXEEXT} ssh-pkcs11-helper$(EXEEXT) ssh-agent$(EXEEXT) scp$(EXEEXT) sftp-server$(EXEEXT) sftp$(EXEEXT) ssh-sk-helper$(EXEEXT) -+TARGETS=ssh$(EXEEXT) sshd$(EXEEXT) sshd-session$(EXEEXT) ssh-add$(EXEEXT) ssh-keygen$(EXEEXT) ssh-keyscan${EXEEXT} ssh-keysign${EXEEXT} ssh-pkcs11-helper$(EXEEXT) ssh-agent$(EXEEXT) scp$(EXEEXT) sftp-server$(EXEEXT) sftp$(EXEEXT) ssh-sk-helper$(EXEEXT) ssh-keycat$(EXEEXT) +-TARGETS=ssh$(EXEEXT) sshd$(EXEEXT) sshd-session$(EXEEXT) sshd-auth$(EXEEXT) ssh-add$(EXEEXT) ssh-keygen$(EXEEXT) ssh-keyscan${EXEEXT} ssh-keysign${EXEEXT} ssh-pkcs11-helper$(EXEEXT) ssh-agent$(EXEEXT) scp$(EXEEXT) sftp-server$(EXEEXT) sftp$(EXEEXT) ssh-sk-helper$(EXEEXT) $(SK_STANDALONE) ++TARGETS=ssh$(EXEEXT) sshd$(EXEEXT) sshd-session$(EXEEXT) sshd-auth$(EXEEXT) ssh-add$(EXEEXT) ssh-keygen$(EXEEXT) ssh-keyscan${EXEEXT} ssh-keysign${EXEEXT} ssh-pkcs11-helper$(EXEEXT) ssh-agent$(EXEEXT) scp$(EXEEXT) sftp-server$(EXEEXT) sftp$(EXEEXT) ssh-sk-helper$(EXEEXT) ssh-keycat$(EXEEXT) $(SK_STANDALONE) XMSS_OBJS=\ ssh-xmss.o \ -@@ -190,6 +191,9 @@ ssh-pkcs11-helper$(EXEEXT): $(LIBCOMPAT) +@@ -260,6 +262,9 @@ ssh-pkcs11-helper$(EXEEXT): $(LIBCOMPAT) libssh.a $(P11HELPER_OBJS) ssh-sk-helper$(EXEEXT): $(LIBCOMPAT) libssh.a $(SKHELPER_OBJS) $(LD) -o $@ $(SKHELPER_OBJS) $(LDFLAGS) -lssh -lopenbsd-compat -lssh -lopenbsd-compat $(LIBS) $(LIBFIDO2) $(CHANNELLIBS) @@ -69,7 +73,7 @@ diff -up openssh/Makefile.in.keycat openssh/Makefile.in ssh-keyscan$(EXEEXT): $(LIBCOMPAT) libssh.a $(SSHKEYSCAN_OBJS) $(LD) -o $@ $(SSHKEYSCAN_OBJS) $(LDFLAGS) -lssh -lopenbsd-compat -lssh $(LIBS) $(CHANNELLIBS) -@@ -321,6 +325,7 @@ install-files: +@@ -447,6 +452,7 @@ install-files: $(INSTALL) -m 4711 $(STRIP_OPT) ssh-keysign$(EXEEXT) $(DESTDIR)$(SSH_KEYSIGN)$(EXEEXT) $(INSTALL) -m 0755 $(STRIP_OPT) ssh-pkcs11-helper$(EXEEXT) $(DESTDIR)$(SSH_PKCS11_HELPER)$(EXEEXT) $(INSTALL) -m 0755 $(STRIP_OPT) ssh-sk-helper$(EXEEXT) $(DESTDIR)$(SSH_SK_HELPER)$(EXEEXT) @@ -77,24 +81,67 @@ diff -up openssh/Makefile.in.keycat openssh/Makefile.in $(INSTALL) -m 0755 $(STRIP_OPT) sftp$(EXEEXT) $(DESTDIR)$(bindir)/sftp$(EXEEXT) $(INSTALL) -m 0755 $(STRIP_OPT) sftp-server$(EXEEXT) $(DESTDIR)$(SFTP_SERVER)$(EXEEXT) $(INSTALL) -m 644 ssh.1.out $(DESTDIR)$(mandir)/$(mansubdir)1/ssh.1 -diff -up openssh/openbsd-compat/port-linux.h.keycat openssh/openbsd-compat/port-linux.h ---- openssh/openbsd-compat/port-linux.h.keycat 2015-06-24 10:57:50.150849626 +0200 -+++ openssh/openbsd-compat/port-linux.h 2015-06-24 10:57:50.160849601 +0200 -@@ -25,8 +25,10 @@ void ssh_selinux_setup_pty(char *, const - void ssh_selinux_change_context(const char *); - void ssh_selinux_setfscreatecon(const char *); +diff --git a/configure.ac b/configure.ac +index ee77a048..d546788c 100644 +--- a/configure.ac ++++ b/configure.ac +@@ -3566,6 +3566,7 @@ AC_ARG_WITH([pam], + PAM_MSG="yes" -+int sshd_selinux_enabled(void); - void sshd_selinux_copy_context(void); - void sshd_selinux_setup_exec_context(char *); -+int sshd_selinux_setup_env_variables(void); - #endif + SSHDLIBS="$SSHDLIBS -lpam" ++ KEYCATLIBS="$KEYCATLIBS -lpam" + AC_DEFINE([USE_PAM], [1], + [Define if you want to enable PAM support]) - #ifdef LINUX_OOM_ADJUST -diff -up openssh/openbsd-compat/port-linux-sshd.c.keycat openssh/openbsd-compat/port-linux-sshd.c ---- openssh/openbsd-compat/port-linux-sshd.c.keycat 2015-06-24 10:57:50.150849626 +0200 -+++ openssh/openbsd-compat/port-linux-sshd.c 2015-06-24 10:57:50.159849603 +0200 -@@ -54,6 +54,20 @@ extern Authctxt *the_authctxt; +@@ -3576,6 +3577,7 @@ AC_ARG_WITH([pam], + ;; + *) + SSHDLIBS="$SSHDLIBS -ldl" ++ KEYCATLIBS="$KEYCATLIBS -ldl" + ;; + esac + fi +@@ -4801,6 +4803,7 @@ AC_ARG_WITH([selinux], + fi ] + ) + AC_SUBST([SSHDLIBS]) ++AC_SUBST([KEYCATLIBS]) + + # Check whether user wants Kerberos 5 support + KRB5_MSG="no" +@@ -5812,6 +5815,9 @@ fi + if test ! -z "${SSHDLIBS}"; then + echo " +for sshd: ${SSHDLIBS}" + fi ++if test ! -z "${KEYCATLIBS}"; then ++echo " +for ssh-keycat: ${KEYCATLIBS}" ++fi + + echo "" + +diff --git a/misc.c b/misc.c +index c932f9bb..1e31acc9 100644 +--- a/misc.c ++++ b/misc.c +@@ -2897,6 +2897,13 @@ subprocess(const char *tag, const char *command, + error("%s: dup2: %s", tag, strerror(errno)); + _exit(1); + } ++#ifdef WITH_SELINUX ++ if (sshd_selinux_setup_env_variables() < 0) { ++ error ("failed to copy environment: %s", ++ strerror(errno)); ++ _exit(127); ++ } ++#endif + if (env != NULL) + execve(av[0], av, env); + else +diff --git a/openbsd-compat/port-linux-sshd.c b/openbsd-compat/port-linux-sshd.c +index dfafc622..8c5fc1fe 100644 +--- a/openbsd-compat/port-linux-sshd.c ++++ b/openbsd-compat/port-linux-sshd.c +@@ -52,6 +52,20 @@ extern ServerOptions options; extern Authctxt *the_authctxt; extern int inetd_flag; @@ -115,7 +162,7 @@ diff -up openssh/openbsd-compat/port-linux-sshd.c.keycat openssh/openbsd-compat/ /* Send audit message */ static int sshd_selinux_send_audit_message(int success, security_context_t default_context, -@@ -308,7 +322,7 @@ sshd_selinux_getctxbyname(char *pwname, +@@ -317,7 +331,7 @@ sshd_selinux_getctxbyname(char *pwname, /* Setup environment variables for pam_selinux */ static int @@ -124,7 +171,7 @@ diff -up openssh/openbsd-compat/port-linux-sshd.c.keycat openssh/openbsd-compat/ { const char *reqlvl; char *role; -@@ -319,16 +333,16 @@ sshd_selinux_setup_pam_variables(void) +@@ -328,16 +342,16 @@ sshd_selinux_setup_pam_variables(void) ssh_selinux_get_role_level(&role, &reqlvl); @@ -144,7 +191,7 @@ diff -up openssh/openbsd-compat/port-linux-sshd.c.keycat openssh/openbsd-compat/ if (role != NULL) free(role); -@@ -336,6 +350,24 @@ sshd_selinux_setup_pam_variables(void) +@@ -345,6 +359,24 @@ sshd_selinux_setup_pam_variables(void) return rv; } @@ -169,7 +216,7 @@ diff -up openssh/openbsd-compat/port-linux-sshd.c.keycat openssh/openbsd-compat/ /* Set the execution context to the default for the specified user */ void sshd_selinux_setup_exec_context(char *pwname) -@@ -344,7 +376,7 @@ sshd_selinux_setup_exec_context(char *pw +@@ -353,7 +385,7 @@ sshd_selinux_setup_exec_context(char *pwname) int r = 0; security_context_t default_ctx = NULL; @@ -178,7 +225,7 @@ diff -up openssh/openbsd-compat/port-linux-sshd.c.keycat openssh/openbsd-compat/ return; if (options.use_pam) { -@@ -415,7 +447,7 @@ sshd_selinux_copy_context(void) +@@ -420,7 +452,7 @@ sshd_selinux_copy_context(void) { security_context_t *ctx; @@ -187,10 +234,26 @@ diff -up openssh/openbsd-compat/port-linux-sshd.c.keycat openssh/openbsd-compat/ return; if (getexeccon((security_context_t *)&ctx) != 0) { -diff -up openssh/platform.c.keycat openssh/platform.c ---- openssh/platform.c.keycat 2015-06-24 10:57:50.147849633 +0200 -+++ openssh/platform.c 2015-06-24 10:57:50.160849601 +0200 -@@ -103,7 +103,7 @@ platform_setusercontext(struct passwd *p +diff --git a/openbsd-compat/port-linux.h b/openbsd-compat/port-linux.h +index 498d242a..1b745a76 100644 +--- a/openbsd-compat/port-linux.h ++++ b/openbsd-compat/port-linux.h +@@ -23,8 +23,10 @@ void ssh_selinux_setup_pty(char *, const char *); + void ssh_selinux_change_context(const char *); + void ssh_selinux_setfscreatecon(const char *); + ++int sshd_selinux_enabled(void); + void sshd_selinux_copy_context(void); + void sshd_selinux_setup_exec_context(char *); ++int sshd_selinux_setup_env_variables(void); + #endif + + #ifdef LINUX_OOM_ADJUST +diff --git a/platform.c b/platform.c +index 1bfb4bea..0d12f311 100644 +--- a/platform.c ++++ b/platform.c +@@ -55,7 +55,7 @@ platform_setusercontext(struct passwd *pw) { #ifdef WITH_SELINUX /* Cache selinux status for later use */ @@ -199,9 +262,11 @@ diff -up openssh/platform.c.keycat openssh/platform.c #endif #ifdef USE_SOLARIS_PROJECTS -diff -up openssh/ssh-keycat.c.keycat openssh/ssh-keycat.c ---- openssh/ssh-keycat.c.keycat 2015-06-24 10:57:50.161849599 +0200 -+++ openssh/ssh-keycat.c 2015-06-24 10:57:50.161849599 +0200 +diff --git a/ssh-keycat.c b/ssh-keycat.c +new file mode 100644 +index 00000000..5678be07 +--- /dev/null ++++ b/ssh-keycat.c @@ -0,0 +1,241 @@ +/* + * Redistribution and use in source and binary forms, with or without @@ -444,41 +509,6 @@ diff -up openssh/ssh-keycat.c.keycat openssh/ssh-keycat.c + } + return ev; +} -diff --git a/configure.ac b/configure.ac -index 3bbccfd..6481f1f 100644 ---- a/configure.ac -+++ b/configure.ac -@@ -2952,6 +2952,7 @@ AC_ARG_WITH([pam], - PAM_MSG="yes" - - SSHDLIBS="$SSHDLIBS -lpam" -+ KEYCATLIBS="$KEYCATLIBS -lpam" - AC_DEFINE([USE_PAM], [1], - [Define if you want to enable PAM support]) - -@@ -3105,6 +3106,7 @@ - ;; - *) - SSHDLIBS="$SSHDLIBS -ldl" -+ KEYCATLIBS="$KEYCATLIBS -ldl" - ;; - esac - fi -@@ -4042,6 +4044,7 @@ AC_ARG_WITH([selinux], - fi ] - ) - AC_SUBST([SSHDLIBS]) -+AC_SUBST([KEYCATLIBS]) - - # Check whether user wants Kerberos 5 support - KRB5_MSG="no" -@@ -5031,6 +5034,9 @@ fi - if test ! -z "${SSHDLIBS}"; then - echo " +for sshd: ${SSHDLIBS}" - fi -+if test ! -z "${KEYCATLIBS}"; then -+echo " +for ssh-keycat: ${KEYCATLIBS}" -+fi - - echo "" - +-- +2.49.0 + diff --git a/openssh-6.6p1-allow-ip-opts.patch b/0004-openssh-6.6p1-allow-ip-opts.patch similarity index 68% rename from openssh-6.6p1-allow-ip-opts.patch rename to 0004-openssh-6.6p1-allow-ip-opts.patch index 995e04e..ef15fbf 100644 --- a/openssh-6.6p1-allow-ip-opts.patch +++ b/0004-openssh-6.6p1-allow-ip-opts.patch @@ -1,7 +1,17 @@ -diff -up openssh/sshd.c.ip-opts openssh/sshd.c ---- openssh/sshd-session.c.ip-opts 2016-07-25 13:58:48.998507834 +0200 -+++ openssh/sshd-session.c 2016-07-25 14:01:28.346469878 +0200 -@@ -1507,12 +1507,32 @@ check_ip_options(struct ssh *ssh) +From 28333f1dfe68b0ffc80c2a4799759587b4c32d3e Mon Sep 17 00:00:00 2001 +From: Dmitry Belyavskiy +Date: Thu, 15 May 2025 13:43:28 +0200 +Subject: [PATCH 04/50] openssh-6.6p1-allow-ip-opts + +--- + sshd-session.c | 32 ++++++++++++++++++++++++++------ + 1 file changed, 26 insertions(+), 6 deletions(-) + +diff --git a/sshd-session.c b/sshd-session.c +index 4a148db4..a365f26f 100644 +--- a/sshd-session.c ++++ b/sshd-session.c +@@ -778,12 +778,32 @@ check_ip_options(struct ssh *ssh) if (getsockopt(sock_in, IPPROTO_IP, IP_OPTIONS, opts, &option_size) >= 0 && option_size != 0) { @@ -40,3 +50,6 @@ diff -up openssh/sshd.c.ip-opts openssh/sshd.c } #endif /* IP_OPTIONS */ } +-- +2.49.0 + diff --git a/openssh-5.9p1-ipv6man.patch b/0005-openssh-5.9p1-ipv6man.patch similarity index 54% rename from openssh-5.9p1-ipv6man.patch rename to 0005-openssh-5.9p1-ipv6man.patch index ece1a73..909b988 100644 --- a/openssh-5.9p1-ipv6man.patch +++ b/0005-openssh-5.9p1-ipv6man.patch @@ -1,7 +1,18 @@ -diff -up openssh-5.9p0/ssh.1.ipv6man openssh-5.9p0/ssh.1 ---- openssh-5.9p0/ssh.1.ipv6man 2011-08-05 22:17:32.000000000 +0200 -+++ openssh-5.9p0/ssh.1 2011-08-31 13:08:34.880024485 +0200 -@@ -1400,6 +1400,8 @@ manual page for more information. +From 388be633842a9f3e4b0a76fe40cf7035912a913a Mon Sep 17 00:00:00 2001 +From: Dmitry Belyavskiy +Date: Thu, 15 May 2025 13:43:28 +0200 +Subject: [PATCH 05/50] openssh-5.9p1-ipv6man + +--- + ssh.1 | 2 ++ + sshd.8 | 2 ++ + 2 files changed, 4 insertions(+) + +diff --git a/ssh.1 b/ssh.1 +index 697f4e42..db92ac9a 100644 +--- a/ssh.1 ++++ b/ssh.1 +@@ -1663,6 +1663,8 @@ manual page for more information. .Nm exits with the exit status of the remote command or with 255 if an error occurred. @@ -10,10 +21,11 @@ diff -up openssh-5.9p0/ssh.1.ipv6man openssh-5.9p0/ssh.1 .Sh SEE ALSO .Xr scp 1 , .Xr sftp 1 , -diff -up openssh-5.9p0/sshd.8.ipv6man openssh-5.9p0/sshd.8 ---- openssh-5.9p0/sshd.8.ipv6man 2011-08-05 22:17:32.000000000 +0200 -+++ openssh-5.9p0/sshd.8 2011-08-31 13:10:34.129039094 +0200 -@@ -940,6 +940,8 @@ concurrently for different ports, this c +diff --git a/sshd.8 b/sshd.8 +index 08ebf53a..2aa73271 100644 +--- a/sshd.8 ++++ b/sshd.8 +@@ -1018,6 +1018,8 @@ concurrently for different ports, this contains the process ID of the one started last). The content of this file is not sensitive; it can be world-readable. .El @@ -22,3 +34,6 @@ diff -up openssh-5.9p0/sshd.8.ipv6man openssh-5.9p0/sshd.8 .Sh SEE ALSO .Xr scp 1 , .Xr sftp 1 , +-- +2.49.0 + diff --git a/0006-openssh-5.8p2-sigpipe.patch b/0006-openssh-5.8p2-sigpipe.patch new file mode 100644 index 0000000..5bf31bc --- /dev/null +++ b/0006-openssh-5.8p2-sigpipe.patch @@ -0,0 +1,26 @@ +From 80359feb76fd8061b5ce18f73451d7b9db0c2477 Mon Sep 17 00:00:00 2001 +From: Dmitry Belyavskiy +Date: Thu, 15 May 2025 13:43:28 +0200 +Subject: [PATCH 06/50] openssh-5.8p2-sigpipe + +--- + ssh-keyscan.c | 3 +++ + 1 file changed, 3 insertions(+) + +diff --git a/ssh-keyscan.c b/ssh-keyscan.c +index 3436c0b5..9f76ad22 100644 +--- a/ssh-keyscan.c ++++ b/ssh-keyscan.c +@@ -798,6 +798,9 @@ main(int argc, char **argv) + if (maxfd > fdlim_get(0)) + fdlim_set(maxfd); + fdcon = xcalloc(maxfd, sizeof(con)); ++ ++ signal(SIGPIPE, SIG_IGN); ++ + read_wait = xcalloc(maxfd, sizeof(struct pollfd)); + for (j = 0; j < maxfd; j++) + read_wait[j].fd = -1; +-- +2.49.0 + diff --git a/openssh-7.2p2-x11.patch b/0007-openssh-7.2p2-x11.patch similarity index 71% rename from openssh-7.2p2-x11.patch rename to 0007-openssh-7.2p2-x11.patch index 6db16be..2f72f9a 100644 --- a/openssh-7.2p2-x11.patch +++ b/0007-openssh-7.2p2-x11.patch @@ -1,22 +1,32 @@ -diff --git a/channels.c b/channels.c ---- a/channels.c (revision 8241b9c0529228b4b86d88b1a6076fb9f97e4a99) -+++ b/channels.c (date 1703026069921) -@@ -5075,11 +5075,13 @@ - } +From cf6d48305cf6601448ea7a0d96ae825cbbbf0a2c Mon Sep 17 00:00:00 2001 +From: Dmitry Belyavskiy +Date: Thu, 15 May 2025 13:43:28 +0200 +Subject: [PATCH 07/50] openssh-7.2p2-x11 +--- + channels.c | 25 +++++++++++++++++++------ + 1 file changed, 19 insertions(+), 6 deletions(-) + +diff --git a/channels.c b/channels.c +index bfe2e3b2..d46531ce 100644 +--- a/channels.c ++++ b/channels.c +@@ -5098,11 +5098,13 @@ x11_create_display_inet(struct ssh *ssh, int x11_display_offset, + } + static int -connect_local_xsocket_path(const char *pathname) +connect_local_xsocket_path(const char *pathname, int len) { int sock; struct sockaddr_un addr; - + + if (len <= 0) + return -1; sock = socket(AF_UNIX, SOCK_STREAM, 0); if (sock == -1) { error("socket: %.100s", strerror(errno)); -@@ -5087,11 +5089,12 @@ +@@ -5110,11 +5112,12 @@ connect_local_xsocket_path(const char *pathname) } memset(&addr, 0, sizeof(addr)); addr.sun_family = AF_UNIX; @@ -31,8 +41,8 @@ diff --git a/channels.c b/channels.c - error("connect %.100s: %.100s", addr.sun_path, strerror(errno)); return -1; } - -@@ -5099,8 +5102,18 @@ + +@@ -5122,8 +5125,18 @@ static int connect_local_xsocket(u_int dnr) { char buf[1024]; @@ -53,3 +63,6 @@ diff --git a/channels.c b/channels.c } #ifdef __APPLE__ +-- +2.49.0 + diff --git a/openssh-5.1p1-askpass-progress.patch b/0008-openssh-5.1p1-askpass-progress.patch similarity index 66% rename from openssh-5.1p1-askpass-progress.patch rename to 0008-openssh-5.1p1-askpass-progress.patch index ff609da..f7ca382 100644 --- a/openssh-5.1p1-askpass-progress.patch +++ b/0008-openssh-5.1p1-askpass-progress.patch @@ -1,7 +1,17 @@ -diff -up openssh-7.4p1/contrib/gnome-ssh-askpass2.c.progress openssh-7.4p1/contrib/gnome-ssh-askpass2.c ---- openssh-7.4p1/contrib/gnome-ssh-askpass2.c.progress 2016-12-19 05:59:41.000000000 +0100 -+++ openssh-7.4p1/contrib/gnome-ssh-askpass2.c 2016-12-23 13:31:16.545211926 +0100 -@@ -53,6 +53,7 @@ +From 6b2a33044583e892badb9ac86cd2c6252b1a532f Mon Sep 17 00:00:00 2001 +From: Dmitry Belyavskiy +Date: Thu, 15 May 2025 13:43:28 +0200 +Subject: [PATCH 08/50] openssh-5.1p1-askpass-progress + +--- + contrib/gnome-ssh-askpass2.c | 39 +++++++++++++++++++++++++++++++++--- + 1 file changed, 36 insertions(+), 3 deletions(-) + +diff --git a/contrib/gnome-ssh-askpass2.c b/contrib/gnome-ssh-askpass2.c +index a62f9815..cb7152dc 100644 +--- a/contrib/gnome-ssh-askpass2.c ++++ b/contrib/gnome-ssh-askpass2.c +@@ -58,6 +58,7 @@ #include #include @@ -9,7 +19,7 @@ diff -up openssh-7.4p1/contrib/gnome-ssh-askpass2.c.progress openssh-7.4p1/contr #include #include #include -@@ -81,14 +82,25 @@ ok_dialog(GtkWidget *entry, gpointer dia +@@ -146,6 +147,17 @@ parse_env_hex_color(const char *env, GdkColor *c) return 1; } @@ -27,7 +37,7 @@ diff -up openssh-7.4p1/contrib/gnome-ssh-askpass2.c.progress openssh-7.4p1/contr static int passphrase_dialog(char *message, int prompt_type) { - const char *failed; +@@ -153,7 +165,7 @@ passphrase_dialog(char *message, int prompt_type) char *passphrase, *local; int result, grab_tries, grab_server, grab_pointer; int buttons, default_response; @@ -36,7 +46,7 @@ diff -up openssh-7.4p1/contrib/gnome-ssh-askpass2.c.progress openssh-7.4p1/contr GdkGrabStatus status; GdkColor fg, bg; int fg_set = 0, bg_set = 0; -@@ -104,14 +116,19 @@ passphrase_dialog(char *message) +@@ -199,14 +211,19 @@ passphrase_dialog(char *message, int prompt_type) gtk_widget_modify_bg(dialog, GTK_STATE_NORMAL, &bg); if (prompt_type == PROMPT_ENTRY || prompt_type == PROMPT_NONE) { @@ -45,12 +55,12 @@ diff -up openssh-7.4p1/contrib/gnome-ssh-askpass2.c.progress openssh-7.4p1/contr + FALSE, 0); + gtk_widget_show(hbox); + - entry = gtk_entry_new(); - if (fg_set) - gtk_widget_modify_fg(entry, GTK_STATE_NORMAL, &fg); - if (bg_set) - gtk_widget_modify_bg(entry, GTK_STATE_NORMAL, &bg); - gtk_box_pack_start( + entry = gtk_entry_new(); + if (fg_set) + gtk_widget_modify_fg(entry, GTK_STATE_NORMAL, &fg); + if (bg_set) + gtk_widget_modify_bg(entry, GTK_STATE_NORMAL, &bg); + gtk_box_pack_start( - GTK_BOX(gtk_dialog_get_content_area(GTK_DIALOG(dialog))), - entry, FALSE, FALSE, 0); + GTK_BOX(hbox), entry, TRUE, FALSE, 0); @@ -58,7 +68,7 @@ diff -up openssh-7.4p1/contrib/gnome-ssh-askpass2.c.progress openssh-7.4p1/contr gtk_entry_set_visibility(GTK_ENTRY(entry), FALSE); gtk_widget_grab_focus(entry); if (prompt_type == PROMPT_ENTRY) { -@@ -130,6 +145,22 @@ passphrase_dialog(char *message) +@@ -225,6 +242,22 @@ passphrase_dialog(char *message, int prompt_type) g_signal_connect(G_OBJECT(entry), "key_press_event", G_CALLBACK(check_none), dialog); } @@ -81,3 +91,6 @@ diff -up openssh-7.4p1/contrib/gnome-ssh-askpass2.c.progress openssh-7.4p1/contr } /* Grab focus */ +-- +2.49.0 + diff --git a/openssh-4.3p2-askpass-grab-info.patch b/0009-openssh-4.3p2-askpass-grab-info.patch similarity index 53% rename from openssh-4.3p2-askpass-grab-info.patch rename to 0009-openssh-4.3p2-askpass-grab-info.patch index 120ed1b..8a7cf9e 100644 --- a/openssh-4.3p2-askpass-grab-info.patch +++ b/0009-openssh-4.3p2-askpass-grab-info.patch @@ -1,7 +1,17 @@ -diff -up openssh-8.6p1/contrib/gnome-ssh-askpass2.c.grab-info openssh-8.6p1/contrib/gnome-ssh-askpass2.c ---- openssh-8.6p1/contrib/gnome-ssh-askpass2.c.grab-info 2021-04-19 13:57:11.720113536 +0200 -+++ openssh-8.6p1/contrib/gnome-ssh-askpass2.c 2021-04-19 13:59:29.842163204 +0200 -@@ -70,8 +70,12 @@ report_failed_grab (GtkWidget *parent_wi +From 710ce53fdf1d32a0629fce2e42fb49d407e2b06c Mon Sep 17 00:00:00 2001 +From: Dmitry Belyavskiy +Date: Thu, 15 May 2025 13:43:28 +0200 +Subject: [PATCH 09/50] openssh-4.3p2-askpass-grab-info + +--- + contrib/gnome-ssh-askpass2.c | 8 ++++++-- + 1 file changed, 6 insertions(+), 2 deletions(-) + +diff --git a/contrib/gnome-ssh-askpass2.c b/contrib/gnome-ssh-askpass2.c +index cb7152dc..bbe93d83 100644 +--- a/contrib/gnome-ssh-askpass2.c ++++ b/contrib/gnome-ssh-askpass2.c +@@ -70,8 +70,12 @@ report_failed_grab (GtkWidget *parent_window, const char *what) err = gtk_message_dialog_new(GTK_WINDOW(parent_window), 0, GTK_MESSAGE_ERROR, GTK_BUTTONS_CLOSE, @@ -16,3 +26,6 @@ diff -up openssh-8.6p1/contrib/gnome-ssh-askpass2.c.grab-info openssh-8.6p1/cont gtk_window_set_position(GTK_WINDOW(err), GTK_WIN_POS_CENTER); gtk_dialog_run(GTK_DIALOG(err)); +-- +2.49.0 + diff --git a/openssh-8.7p1-redhat.patch b/0010-openssh-8.7p1-redhat.patch similarity index 67% rename from openssh-8.7p1-redhat.patch rename to 0010-openssh-8.7p1-redhat.patch index a4c11b5..cb3d140 100644 --- a/openssh-8.7p1-redhat.patch +++ b/0010-openssh-8.7p1-redhat.patch @@ -1,7 +1,26 @@ -diff -up openssh/ssh_config.redhat openssh/ssh_config ---- openssh/ssh_config.redhat 2020-02-11 23:28:35.000000000 +0100 -+++ openssh/ssh_config 2020-02-13 18:13:39.180641839 +0100 -@@ -43,3 +43,10 @@ +From 5f21983f6472b26693babea4d6ca6b95a7dc7b05 Mon Sep 17 00:00:00 2001 +From: Dmitry Belyavskiy +Date: Thu, 15 May 2025 13:43:28 +0200 +Subject: [PATCH 10/50] openssh-8.7p1-redhat + +--- + ssh_config | 7 +++++++ + ssh_config_redhat | 18 ++++++++++++++++++ + sshd_config | 8 ++++++++ + sshd_config.0 | 6 +++--- + sshd_config.5 | 2 +- + sshd_config_redhat | 18 ++++++++++++++++++ + sshd_config_redhat_cp | 7 +++++++ + 7 files changed, 62 insertions(+), 4 deletions(-) + create mode 100644 ssh_config_redhat + create mode 100644 sshd_config_redhat + create mode 100644 sshd_config_redhat_cp + +diff --git a/ssh_config b/ssh_config +index cc566356..18169187 100644 +--- a/ssh_config ++++ b/ssh_config +@@ -44,3 +44,10 @@ # ProxyCommand ssh -q -W %h:%p gateway.example.com # RekeyLimit 1G 1h # UserKnownHostsFile ~/.ssh/known_hosts.d/%k @@ -12,9 +31,11 @@ diff -up openssh/ssh_config.redhat openssh/ssh_config +# included below. For more information, see manual page for +# update-crypto-policies(8) and ssh_config(5). +Include /etc/ssh/ssh_config.d/*.conf -diff -up openssh/ssh_config_redhat.redhat openssh/ssh_config_redhat ---- openssh/ssh_config_redhat.redhat 2020-02-13 18:13:39.180641839 +0100 -+++ openssh/ssh_config_redhat 2020-02-13 18:13:39.180641839 +0100 +diff --git a/ssh_config_redhat b/ssh_config_redhat +new file mode 100644 +index 00000000..8b1b5902 +--- /dev/null ++++ b/ssh_config_redhat @@ -0,0 +1,18 @@ +# The options here are in the "Match final block" to be applied as the last +# options and could be potentially overwritten by the user configuration @@ -34,10 +55,30 @@ diff -up openssh/ssh_config_redhat.redhat openssh/ssh_config_redhat + +# Uncomment this if you want to use .local domain +# Host *.local -diff -up openssh/sshd_config.0.redhat openssh/sshd_config.0 ---- openssh/sshd_config.0.redhat 2020-02-12 14:30:04.000000000 +0100 -+++ openssh/sshd_config.0 2020-02-13 18:13:39.181641855 +0100 -@@ -970,9 +970,9 @@ DESCRIPTION +diff --git a/sshd_config b/sshd_config +index 0f4a3a72..608203e4 100644 +--- a/sshd_config ++++ b/sshd_config +@@ -10,6 +10,14 @@ + # possible, but leave them commented. Uncommented options override the + # default value. + ++# To modify the system-wide sshd configuration, create a *.conf file under ++# /etc/ssh/sshd_config.d/ which will be automatically included below ++Include /etc/ssh/sshd_config.d/*.conf ++ ++# If you want to change the port on a SELinux system, you have to tell ++# SELinux about this change. ++# semanage port -a -t ssh_port_t -p tcp #PORTNUMBER ++# + #Port 22 + #AddressFamily any + #ListenAddress 0.0.0.0 +diff --git a/sshd_config.0 b/sshd_config.0 +index 2f77b4f4..49349bb3 100644 +--- a/sshd_config.0 ++++ b/sshd_config.0 +@@ -1219,9 +1219,9 @@ DESCRIPTION SyslogFacility Gives the facility code that is used when logging messages from @@ -50,10 +91,11 @@ diff -up openssh/sshd_config.0.redhat openssh/sshd_config.0 TCPKeepAlive Specifies whether the system should send TCP keepalive messages -diff -up openssh/sshd_config.5.redhat openssh/sshd_config.5 ---- openssh/sshd_config.5.redhat 2020-02-11 23:28:35.000000000 +0100 -+++ openssh/sshd_config.5 2020-02-13 18:13:39.181641855 +0100 -@@ -1614,7 +1614,7 @@ By default no subsystems are defined. +diff --git a/sshd_config.5 b/sshd_config.5 +index c0771737..035a50c8 100644 +--- a/sshd_config.5 ++++ b/sshd_config.5 +@@ -1942,7 +1942,7 @@ By default no subsystems are defined. .It Cm SyslogFacility Gives the facility code that is used when logging messages from .Xr sshd 8 . @@ -62,27 +104,11 @@ diff -up openssh/sshd_config.5.redhat openssh/sshd_config.5 LOCAL3, LOCAL4, LOCAL5, LOCAL6, LOCAL7. The default is AUTH. .It Cm TCPKeepAlive -diff -up openssh/sshd_config.redhat openssh/sshd_config ---- openssh/sshd_config.redhat 2020-02-11 23:28:35.000000000 +0100 -+++ openssh/sshd_config 2020-02-13 18:20:16.349913681 +0100 -@@ -10,6 +10,14 @@ - # possible, but leave them commented. Uncommented options override the - # default value. - -+# To modify the system-wide sshd configuration, create a *.conf file under -+# /etc/ssh/sshd_config.d/ which will be automatically included below -+Include /etc/ssh/sshd_config.d/*.conf -+ -+# If you want to change the port on a SELinux system, you have to tell -+# SELinux about this change. -+# semanage port -a -t ssh_port_t -p tcp #PORTNUMBER -+# - #Port 22 - #AddressFamily any - #ListenAddress 0.0.0.0 -diff -up openssh/sshd_config_redhat.redhat openssh/sshd_config_redhat ---- openssh/sshd_config_redhat.redhat 2020-02-13 18:14:02.268006439 +0100 -+++ openssh/sshd_config_redhat 2020-02-13 18:19:20.765035947 +0100 +diff --git a/sshd_config_redhat b/sshd_config_redhat +new file mode 100644 +index 00000000..993a28d5 +--- /dev/null ++++ b/sshd_config_redhat @@ -0,0 +1,18 @@ +SyslogFacility AUTHPRIV + @@ -102,9 +128,11 @@ diff -up openssh/sshd_config_redhat.redhat openssh/sshd_config_redhat +# as it is more configurable and versatile than the built-in version. +PrintMotd no + -diff -up openssh/sshd_config_redhat.redhat openssh/sshd_config_redhat ---- openssh/sshd_config_redhat_cp.redhat 2020-02-13 18:14:02.268006439 +0100 -+++ openssh/sshd_config_redhat_cp 2020-02-13 18:19:20.765035947 +0100 +diff --git a/sshd_config_redhat_cp b/sshd_config_redhat_cp +new file mode 100644 +index 00000000..1d592d13 +--- /dev/null ++++ b/sshd_config_redhat_cp @@ -0,0 +1,7 @@ +# This system is following system-wide crypto policy. The changes to +# crypto properties (Ciphers, MACs, ...) will not have any effect in @@ -113,3 +141,6 @@ diff -up openssh/sshd_config_redhat.redhat openssh/sshd_config_redhat +# Please, see manual pages for update-crypto-policies(8) and sshd_config(5). +Include /etc/crypto-policies/back-ends/opensshserver.config + +-- +2.49.0 + diff --git a/openssh-7.8p1-UsePAM-warning.patch b/0011-openssh-7.8p1-UsePAM-warning.patch similarity index 50% rename from openssh-7.8p1-UsePAM-warning.patch rename to 0011-openssh-7.8p1-UsePAM-warning.patch index f8d7042..76ee115 100644 --- a/openssh-7.8p1-UsePAM-warning.patch +++ b/0011-openssh-7.8p1-UsePAM-warning.patch @@ -1,7 +1,18 @@ -diff -up openssh-8.6p1/sshd.c.log-usepam-no openssh-8.6p1/sshd.c ---- openssh-8.6p1/sshd-session.c.log-usepam-no 2021-04-19 14:00:45.099735129 +0200 -+++ openssh-8.6p1/sshd-session.c 2021-04-19 14:03:21.140920974 +0200 -@@ -1749,6 +1749,10 @@ main(int ac, char **av) +From 56b8d082bc9e25a77b5227d576f27088446c6fb9 Mon Sep 17 00:00:00 2001 +From: Dmitry Belyavskiy +Date: Thu, 15 May 2025 13:43:28 +0200 +Subject: [PATCH 11/50] openssh-7.8p1-UsePAM-warning + +--- + sshd-session.c | 4 ++++ + sshd_config | 2 ++ + 2 files changed, 6 insertions(+) + +diff --git a/sshd-session.c b/sshd-session.c +index a365f26f..a70b36c9 100644 +--- a/sshd-session.c ++++ b/sshd-session.c +@@ -1127,6 +1127,10 @@ main(int ac, char **av) "enabled authentication methods"); } @@ -12,10 +23,11 @@ diff -up openssh-8.6p1/sshd.c.log-usepam-no openssh-8.6p1/sshd.c #ifdef WITH_OPENSSL if (options.moduli_file != NULL) dh_set_moduli_file(options.moduli_file); -diff -up openssh-8.6p1/sshd_config.log-usepam-no openssh-8.6p1/sshd_config ---- openssh-8.6p1/sshd_config.log-usepam-no 2021-04-19 14:00:45.098735121 +0200 -+++ openssh-8.6p1/sshd_config 2021-04-19 14:00:45.099735129 +0200 -@@ -87,6 +87,8 @@ AuthorizedKeysFile .ssh/authorized_keys +diff --git a/sshd_config b/sshd_config +index 608203e4..48af6321 100644 +--- a/sshd_config ++++ b/sshd_config +@@ -89,6 +89,8 @@ AuthorizedKeysFile .ssh/authorized_keys # If you just want the PAM account and session checks to run without # PAM authentication, then enable this but set PasswordAuthentication # and KbdInteractiveAuthentication to 'no'. @@ -24,3 +36,6 @@ diff -up openssh-8.6p1/sshd_config.log-usepam-no openssh-8.6p1/sshd_config #UsePAM no #AllowAgentForwarding yes +-- +2.49.0 + diff --git a/openssh-9.6p1-gssapi-keyex.patch b/0012-openssh-9.6p1-gssapi-keyex.patch similarity index 89% rename from openssh-9.6p1-gssapi-keyex.patch rename to 0012-openssh-9.6p1-gssapi-keyex.patch index ef1f97e..f5f54f7 100644 --- a/openssh-9.6p1-gssapi-keyex.patch +++ b/0012-openssh-9.6p1-gssapi-keyex.patch @@ -1,25 +1,111 @@ -diff --color -ruNp a/auth2.c b/auth2.c ---- a/auth2.c 2024-09-16 11:45:56.858133241 +0200 -+++ b/auth2.c 2024-09-16 11:46:34.688939755 +0200 -@@ -71,6 +71,7 @@ extern Authmethod method_passwd; - extern Authmethod method_kbdint; - extern Authmethod method_hostbased; - #ifdef GSSAPI -+extern Authmethod method_gsskeyex; - extern Authmethod method_gssapi; - #endif +From 754b023b92aa68742258c55243a6ae8f30ed5a17 Mon Sep 17 00:00:00 2001 +From: Dmitry Belyavskiy +Date: Thu, 15 May 2025 13:43:28 +0200 +Subject: [PATCH 12/50] openssh-9.6p1-gssapi-keyex + +--- + Makefile.in | 7 +- + auth.c | 3 +- + auth2-gss.c | 52 +++- + auth2-methods.c | 6 + + auth2.c | 2 + + canohost.c | 93 +++++++ + canohost.h | 3 + + clientloop.c | 12 + + configure.ac | 24 ++ + gss-genr.c | 302 ++++++++++++++++++++- + gss-serv-krb5.c | 97 ++++++- + gss-serv.c | 200 ++++++++++++-- + kex-names.c | 62 ++++- + kex.c | 35 ++- + kex.h | 34 +++ + kexdh.c | 10 + + kexgen.c | 2 +- + kexgssc.c | 706 ++++++++++++++++++++++++++++++++++++++++++++++++ + kexgsss.c | 601 +++++++++++++++++++++++++++++++++++++++++ + monitor.c | 147 +++++++++- + monitor.h | 2 + + monitor_wrap.c | 57 +++- + monitor_wrap.h | 4 +- + readconf.c | 70 +++++ + readconf.h | 6 + + servconf.c | 47 ++++ + servconf.h | 3 + + session.c | 10 +- + ssh-gss.h | 64 ++++- + ssh.1 | 8 + + ssh.c | 6 +- + ssh_config | 2 + + ssh_config.5 | 58 ++++ + sshconnect2.c | 154 ++++++++++- + sshd-auth.c | 53 ++++ + sshd-session.c | 9 +- + sshd.c | 3 +- + sshd_config | 2 + + sshd_config.5 | 31 +++ + sshkey.c | 72 ++++- + sshkey.h | 1 + + 41 files changed, 2984 insertions(+), 76 deletions(-) + create mode 100644 kexgssc.c + create mode 100644 kexgsss.c + +diff --git a/Makefile.in b/Makefile.in +index 438efc51..78f65948 100644 +--- a/Makefile.in ++++ b/Makefile.in +@@ -117,6 +117,7 @@ LIBSSH_OBJS=${LIBOPENSSH_OBJS} \ + kex.o kex-names.o kexdh.o kexgex.o kexecdh.o kexc25519.o \ + kexgexc.o kexgexs.o \ + kexsntrup761x25519.o kexmlkem768x25519.o sntrup761.o kexgen.o \ ++ kexgssc.o \ + sftp-realpath.o platform-pledge.o platform-tracing.o platform-misc.o \ + sshbuf-io.o -@@ -78,6 +79,7 @@ Authmethod *authmethods[] = { - &method_none, - &method_pubkey, - #ifdef GSSAPI -+ &method_gsskeyex, - &method_gssapi, - #endif - &method_passwd, -diff --color -ruNp a/auth2-gss.c b/auth2-gss.c ---- a/auth2-gss.c 2024-09-16 11:45:56.858133241 +0200 -+++ b/auth2-gss.c 2024-09-16 11:46:34.689939776 +0200 +@@ -138,7 +139,7 @@ SSHD_SESSION_OBJS=sshd-session.o auth-rhosts.o auth-passwd.o \ + auth2-chall.o groupaccess.o \ + auth-bsdauth.o auth2-hostbased.o auth2-kbdint.o \ + auth2-none.o auth2-passwd.o auth2-pubkey.o auth2-pubkeyfile.o \ +- monitor.o monitor_wrap.o auth-krb5.o \ ++ monitor.o monitor_wrap.o auth-krb5.o kexgsss.o \ + auth2-gss.o gss-serv.o gss-serv-krb5.o \ + loginrec.o auth-pam.o auth-shadow.o auth-sia.o \ + sftp-server.o sftp-common.o \ +@@ -150,7 +151,7 @@ SSHD_AUTH_OBJS=sshd-auth.o \ + serverloop.o auth.o auth2.o auth-options.o session.o auth2-chall.o \ + groupaccess.o auth-bsdauth.o auth2-hostbased.o auth2-kbdint.o \ + auth2-none.o auth2-passwd.o auth2-pubkey.o auth2-pubkeyfile.o \ +- auth2-gss.o gss-serv.o gss-serv-krb5.o \ ++ auth2-gss.o gss-serv.o gss-serv-krb5.o kexgsss.o \ + monitor_wrap.o auth-krb5.o \ + audit.o audit-bsm.o audit-linux.o platform.o \ + loginrec.o auth-pam.o auth-shadow.o auth-sia.o \ +@@ -563,7 +564,7 @@ regress-prep: + ln -s `cd $(srcdir) && pwd`/regress/Makefile `pwd`/regress/Makefile + + REGRESSLIBS=libssh.a $(LIBCOMPAT) +-TESTLIBS=$(LIBS) $(CHANNELLIBS) ++TESTLIBS=$(LIBS) $(CHANNELLIBS) $(GSSLIBS) + + regress/modpipe$(EXEEXT): $(srcdir)/regress/modpipe.c $(REGRESSLIBS) + $(CC) $(CFLAGS) $(CPPFLAGS) -o $@ $(srcdir)/regress/modpipe.c \ +diff --git a/auth.c b/auth.c +index 9a6e5a31..e4578169 100644 +--- a/auth.c ++++ b/auth.c +@@ -356,7 +356,8 @@ auth_root_allowed(struct ssh *ssh, const char *method) + case PERMIT_NO_PASSWD: + if (strcmp(method, "publickey") == 0 || + strcmp(method, "hostbased") == 0 || +- strcmp(method, "gssapi-with-mic") == 0) ++ strcmp(method, "gssapi-with-mic") == 0 || ++ strcmp(method, "gssapi-keyex") == 0) + return 1; + break; + case PERMIT_FORCED_ONLY: +diff --git a/auth2-gss.c b/auth2-gss.c +index f7898ab3..5b1b9cde 100644 +--- a/auth2-gss.c ++++ b/auth2-gss.c @@ -51,6 +51,7 @@ #define SSH_GSSAPI_MAX_MECHS 2048 @@ -28,10 +114,11 @@ diff --color -ruNp a/auth2-gss.c b/auth2-gss.c extern struct authmethod_cfg methodcfg_gssapi; static int input_gssapi_token(int type, u_int32_t plen, struct ssh *ssh); -@@ -59,6 +60,48 @@ static int input_gssapi_exchange_complet +@@ -58,6 +59,48 @@ static int input_gssapi_mic(int type, u_int32_t plen, struct ssh *ssh); + static int input_gssapi_exchange_complete(int type, u_int32_t plen, struct ssh *ssh); static int input_gssapi_errtok(int, u_int32_t, struct ssh *); - /* ++/* + * The 'gssapi_keyex' userauth mechanism. + */ +static int @@ -73,11 +160,10 @@ diff --color -ruNp a/auth2-gss.c b/auth2-gss.c + return (authenticated); +} + -+/* + /* * We only support those mechanisms that we know about (ie ones that we know * how to check local user kuserok and the like) - */ -@@ -267,7 +310,7 @@ input_gssapi_exchange_complete(int type, +@@ -267,7 +310,7 @@ input_gssapi_exchange_complete(int type, u_int32_t plen, struct ssh *ssh) if ((r = sshpkt_get_end(ssh)) != 0) fatal_fr(r, "parse packet"); @@ -86,7 +172,7 @@ diff --color -ruNp a/auth2-gss.c b/auth2-gss.c authctxt->postponed = 0; ssh_dispatch_set(ssh, SSH2_MSG_USERAUTH_GSSAPI_TOKEN, NULL); -@@ -315,7 +358,7 @@ input_gssapi_mic(int type, u_int32_t ple +@@ -315,7 +358,7 @@ input_gssapi_mic(int type, u_int32_t plen, struct ssh *ssh) gssbuf.length = sshbuf_len(b); if (!GSS_ERROR(mm_ssh_gssapi_checkmic(gssctxt, &gssbuf, &mic))) @@ -95,7 +181,7 @@ diff --color -ruNp a/auth2-gss.c b/auth2-gss.c else logit("GSSAPI MIC check failed"); -@@ -333,6 +376,11 @@ input_gssapi_mic(int type, u_int32_t ple +@@ -333,6 +376,11 @@ input_gssapi_mic(int type, u_int32_t plen, struct ssh *ssh) return 0; } @@ -107,10 +193,11 @@ diff --color -ruNp a/auth2-gss.c b/auth2-gss.c Authmethod method_gssapi = { &methodcfg_gssapi, userauth_gssapi, -diff --color -ruNp a/auth2-methods.c b/auth2-methods.c ---- a/auth2-methods.c 2024-07-01 06:36:28.000000000 +0200 -+++ b/auth2-methods.c 2024-09-16 11:46:34.689939776 +0200 -@@ -50,6 +50,11 @@ struct authmethod_cfg methodcfg_pubkey = +diff --git a/auth2-methods.c b/auth2-methods.c +index 99637a89..a05908cf 100644 +--- a/auth2-methods.c ++++ b/auth2-methods.c +@@ -50,6 +50,11 @@ struct authmethod_cfg methodcfg_pubkey = { &options.pubkey_authentication }; #ifdef GSSAPI @@ -122,7 +209,7 @@ diff --color -ruNp a/auth2-methods.c b/auth2-methods.c struct authmethod_cfg methodcfg_gssapi = { "gssapi-with-mic", NULL, -@@ -76,6 +81,7 @@ static struct authmethod_cfg *authmethod +@@ -76,6 +81,7 @@ static struct authmethod_cfg *authmethod_cfgs[] = { &methodcfg_none, &methodcfg_pubkey, #ifdef GSSAPI @@ -130,22 +217,30 @@ diff --color -ruNp a/auth2-methods.c b/auth2-methods.c &methodcfg_gssapi, #endif &methodcfg_passwd, -diff --color -ruNp a/auth.c b/auth.c ---- a/auth.c 2024-07-01 06:36:28.000000000 +0200 -+++ b/auth.c 2024-09-16 11:46:34.690939798 +0200 -@@ -356,7 +356,8 @@ auth_root_allowed(struct ssh *ssh, const - case PERMIT_NO_PASSWD: - if (strcmp(method, "publickey") == 0 || - strcmp(method, "hostbased") == 0 || -- strcmp(method, "gssapi-with-mic") == 0) -+ strcmp(method, "gssapi-with-mic") == 0 || -+ strcmp(method, "gssapi-keyex") == 0) - return 1; - break; - case PERMIT_FORCED_ONLY: -diff --color -ruNp a/canohost.c b/canohost.c ---- a/canohost.c 2024-07-01 06:36:28.000000000 +0200 -+++ b/canohost.c 2024-09-16 11:46:34.690939798 +0200 +diff --git a/auth2.c b/auth2.c +index 5ba45c12..8ec41de2 100644 +--- a/auth2.c ++++ b/auth2.c +@@ -71,6 +71,7 @@ extern Authmethod method_passwd; + extern Authmethod method_kbdint; + extern Authmethod method_hostbased; + #ifdef GSSAPI ++extern Authmethod method_gsskeyex; + extern Authmethod method_gssapi; + #endif + +@@ -78,6 +79,7 @@ Authmethod *authmethods[] = { + &method_none, + &method_pubkey, + #ifdef GSSAPI ++ &method_gsskeyex, + &method_gssapi, + #endif + &method_passwd, +diff --git a/canohost.c b/canohost.c +index 28f086e5..875805c9 100644 +--- a/canohost.c ++++ b/canohost.c @@ -35,6 +35,99 @@ #include "canohost.h" #include "misc.h" @@ -246,9 +341,10 @@ diff --color -ruNp a/canohost.c b/canohost.c void ipv64_normalise_mapped(struct sockaddr_storage *addr, socklen_t *len) { -diff --color -ruNp a/canohost.h b/canohost.h ---- a/canohost.h 2024-07-01 06:36:28.000000000 +0200 -+++ b/canohost.h 2024-09-16 11:46:34.690939798 +0200 +diff --git a/canohost.h b/canohost.h +index 26d62855..0cadc9f1 100644 +--- a/canohost.h ++++ b/canohost.h @@ -15,6 +15,9 @@ #ifndef _CANOHOST_H #define _CANOHOST_H @@ -259,9 +355,10 @@ diff --color -ruNp a/canohost.h b/canohost.h char *get_peer_ipaddr(int); int get_peer_port(int); char *get_local_ipaddr(int); -diff --color -ruNp a/clientloop.c b/clientloop.c ---- a/clientloop.c 2024-07-01 06:36:28.000000000 +0200 -+++ b/clientloop.c 2024-09-16 11:46:34.690939798 +0200 +diff --git a/clientloop.c b/clientloop.c +index 916fc077..4655f91f 100644 +--- a/clientloop.c ++++ b/clientloop.c @@ -115,6 +115,10 @@ #include "ssherr.h" #include "hostfile.h" @@ -273,7 +370,7 @@ diff --color -ruNp a/clientloop.c b/clientloop.c /* Permitted RSA signature algorithms for UpdateHostkeys proofs */ #define HOSTKEY_PROOF_RSA_ALGS "rsa-sha2-512,rsa-sha2-256" -@@ -1590,6 +1594,14 @@ client_loop(struct ssh *ssh, int have_pt +@@ -1591,6 +1595,14 @@ client_loop(struct ssh *ssh, int have_pty, int escape_char_arg, /* Do channel operations. */ channel_after_poll(ssh, pfd, npfd_active); @@ -288,10 +385,11 @@ diff --color -ruNp a/clientloop.c b/clientloop.c /* Buffer input from the connection. */ if (conn_in_ready) client_process_net_input(ssh); -diff --color -ruNp a/configure.ac b/configure.ac ---- a/configure.ac 2024-09-16 11:45:56.870133497 +0200 -+++ b/configure.ac 2024-09-16 11:46:34.691939819 +0200 -@@ -774,6 +774,30 @@ int main(void) { if (NSVersionOfRunTimeL +diff --git a/configure.ac b/configure.ac +index d546788c..13c70a98 100644 +--- a/configure.ac ++++ b/configure.ac +@@ -786,6 +786,30 @@ int main(void) { if (NSVersionOfRunTimeLibrary("System") >= (60 << 16)) [Use tunnel device compatibility to OpenBSD]) AC_DEFINE([SSH_TUN_PREPEND_AF], [1], [Prepend the address family to IP tunnel traffic]) @@ -322,9 +420,10 @@ diff --color -ruNp a/configure.ac b/configure.ac m4_pattern_allow([AU_IPv]) AC_CHECK_DECL([AU_IPv4], [], AC_DEFINE([AU_IPv4], [0], [System only supports IPv4 audit records]) -diff --color -ruNp a/gss-genr.c b/gss-genr.c ---- a/gss-genr.c 2024-07-01 06:36:28.000000000 +0200 -+++ b/gss-genr.c 2024-09-16 11:46:34.708940181 +0200 +diff --git a/gss-genr.c b/gss-genr.c +index aa34b71c..3034370c 100644 +--- a/gss-genr.c ++++ b/gss-genr.c @@ -42,9 +42,33 @@ #include "sshbuf.h" #include "log.h" @@ -359,7 +458,7 @@ diff --color -ruNp a/gss-genr.c b/gss-genr.c /* sshbuf_get for gss_buffer_desc */ int ssh_gssapi_get_buffer_desc(struct sshbuf *b, gss_buffer_desc *g) -@@ -60,6 +84,159 @@ ssh_gssapi_get_buffer_desc(struct sshbuf +@@ -60,6 +84,159 @@ ssh_gssapi_get_buffer_desc(struct sshbuf *b, gss_buffer_desc *g) return 0; } @@ -540,7 +639,7 @@ diff --color -ruNp a/gss-genr.c b/gss-genr.c free(*ctx); *ctx = NULL; -@@ -216,7 +400,7 @@ ssh_gssapi_init_ctx(Gssctxt *ctx, int de +@@ -216,7 +400,7 @@ ssh_gssapi_init_ctx(Gssctxt *ctx, int deleg_creds, gss_buffer_desc *recv_tok, } ctx->major = gss_init_sec_context(&ctx->minor, @@ -549,10 +648,11 @@ diff --color -ruNp a/gss-genr.c b/gss-genr.c GSS_C_MUTUAL_FLAG | GSS_C_INTEG_FLAG | deleg_flag, 0, NULL, recv_tok, NULL, send_tok, flags, NULL); -@@ -246,8 +430,42 @@ ssh_gssapi_import_name(Gssctxt *ctx, con +@@ -245,9 +429,43 @@ ssh_gssapi_import_name(Gssctxt *ctx, const char *host) + return (ctx->major); } - OM_uint32 ++OM_uint32 +ssh_gssapi_client_identity(Gssctxt *ctx, const char *name) +{ + gss_buffer_desc gssbuf; @@ -583,7 +683,7 @@ diff --color -ruNp a/gss-genr.c b/gss-genr.c + return(ctx->major); +} + -+OM_uint32 + OM_uint32 ssh_gssapi_sign(Gssctxt *ctx, gss_buffer_t buffer, gss_buffer_t hash) { + if (ctx == NULL) @@ -592,7 +692,7 @@ diff --color -ruNp a/gss-genr.c b/gss-genr.c if ((ctx->major = gss_get_mic(&ctx->minor, ctx->context, GSS_C_QOP_DEFAULT, buffer, hash))) ssh_gssapi_error(ctx); -@@ -255,6 +473,19 @@ ssh_gssapi_sign(Gssctxt *ctx, gss_buffer +@@ -255,6 +473,19 @@ ssh_gssapi_sign(Gssctxt *ctx, gss_buffer_t buffer, gss_buffer_t hash) return (ctx->major); } @@ -612,7 +712,7 @@ diff --color -ruNp a/gss-genr.c b/gss-genr.c void ssh_gssapi_buildmic(struct sshbuf *b, const char *user, const char *service, const char *context, const struct sshbuf *session_id) -@@ -271,11 +502,16 @@ ssh_gssapi_buildmic(struct sshbuf *b, co +@@ -271,11 +502,16 @@ ssh_gssapi_buildmic(struct sshbuf *b, const char *user, const char *service, } int @@ -630,7 +730,7 @@ diff --color -ruNp a/gss-genr.c b/gss-genr.c /* RFC 4462 says we MUST NOT do SPNEGO */ if (oid->length == spnego_oid.length && -@@ -285,6 +521,10 @@ ssh_gssapi_check_mechanism(Gssctxt **ctx +@@ -285,6 +521,10 @@ ssh_gssapi_check_mechanism(Gssctxt **ctx, gss_OID oid, const char *host) ssh_gssapi_build_ctx(ctx); ssh_gssapi_set_oid(*ctx, oid); major = ssh_gssapi_import_name(*ctx, host); @@ -641,7 +741,7 @@ diff --color -ruNp a/gss-genr.c b/gss-genr.c if (!GSS_ERROR(major)) { major = ssh_gssapi_init_ctx(*ctx, 0, GSS_C_NO_BUFFER, &token, NULL); -@@ -294,10 +534,66 @@ ssh_gssapi_check_mechanism(Gssctxt **ctx +@@ -294,10 +534,66 @@ ssh_gssapi_check_mechanism(Gssctxt **ctx, gss_OID oid, const char *host) GSS_C_NO_BUFFER); } @@ -709,9 +809,150 @@ diff --color -ruNp a/gss-genr.c b/gss-genr.c +} + #endif /* GSSAPI */ -diff --color -ruNp a/gss-serv.c b/gss-serv.c ---- a/gss-serv.c 2024-07-01 06:36:28.000000000 +0200 -+++ b/gss-serv.c 2024-09-16 11:46:34.692939840 +0200 +diff --git a/gss-serv-krb5.c b/gss-serv-krb5.c +index a151bc1e..8d2b677f 100644 +--- a/gss-serv-krb5.c ++++ b/gss-serv-krb5.c +@@ -1,7 +1,7 @@ + /* $OpenBSD: gss-serv-krb5.c,v 1.9 2018/07/09 21:37:55 markus Exp $ */ + + /* +- * Copyright (c) 2001-2003 Simon Wilkinson. All rights reserved. ++ * Copyright (c) 2001-2007 Simon Wilkinson. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions +@@ -120,7 +120,7 @@ ssh_gssapi_krb5_storecreds(ssh_gssapi_client *client) + krb5_error_code problem; + krb5_principal princ; + OM_uint32 maj_status, min_status; +- int len; ++ const char *new_ccname, *new_cctype; + const char *errmsg; + + if (client->creds == NULL) { +@@ -180,11 +180,26 @@ ssh_gssapi_krb5_storecreds(ssh_gssapi_client *client) + return; + } + +- client->store.filename = xstrdup(krb5_cc_get_name(krb_context, ccache)); ++ new_cctype = krb5_cc_get_type(krb_context, ccache); ++ new_ccname = krb5_cc_get_name(krb_context, ccache); ++ + client->store.envvar = "KRB5CCNAME"; +- len = strlen(client->store.filename) + 6; +- client->store.envval = xmalloc(len); +- snprintf(client->store.envval, len, "FILE:%s", client->store.filename); ++#ifdef USE_CCAPI ++ xasprintf(&client->store.envval, "API:%s", new_ccname); ++ client->store.filename = NULL; ++#else ++ if (new_ccname[0] == ':') ++ new_ccname++; ++ xasprintf(&client->store.envval, "%s:%s", new_cctype, new_ccname); ++ if (strcmp(new_cctype, "DIR") == 0) { ++ char *p; ++ p = strrchr(client->store.envval, '/'); ++ if (p) ++ *p = '\0'; ++ } ++ if ((strcmp(new_cctype, "FILE") == 0) || (strcmp(new_cctype, "DIR") == 0)) ++ client->store.filename = xstrdup(new_ccname); ++#endif + + #ifdef USE_PAM + if (options.use_pam) +@@ -193,9 +208,76 @@ ssh_gssapi_krb5_storecreds(ssh_gssapi_client *client) + + krb5_cc_close(krb_context, ccache); + ++ client->store.data = krb_context; ++ + return; + } + ++int ++ssh_gssapi_krb5_updatecreds(ssh_gssapi_ccache *store, ++ ssh_gssapi_client *client) ++{ ++ krb5_ccache ccache = NULL; ++ krb5_principal principal = NULL; ++ char *name = NULL; ++ krb5_error_code problem; ++ OM_uint32 maj_status, min_status; ++ ++ if ((problem = krb5_cc_resolve(krb_context, store->envval, &ccache))) { ++ logit("krb5_cc_resolve(): %.100s", ++ krb5_get_err_text(krb_context, problem)); ++ return 0; ++ } ++ ++ /* Find out who the principal in this cache is */ ++ if ((problem = krb5_cc_get_principal(krb_context, ccache, ++ &principal))) { ++ logit("krb5_cc_get_principal(): %.100s", ++ krb5_get_err_text(krb_context, problem)); ++ krb5_cc_close(krb_context, ccache); ++ return 0; ++ } ++ ++ if ((problem = krb5_unparse_name(krb_context, principal, &name))) { ++ logit("krb5_unparse_name(): %.100s", ++ krb5_get_err_text(krb_context, problem)); ++ krb5_free_principal(krb_context, principal); ++ krb5_cc_close(krb_context, ccache); ++ return 0; ++ } ++ ++ ++ if (strcmp(name,client->exportedname.value)!=0) { ++ debug("Name in local credentials cache differs. Not storing"); ++ krb5_free_principal(krb_context, principal); ++ krb5_cc_close(krb_context, ccache); ++ krb5_free_unparsed_name(krb_context, name); ++ return 0; ++ } ++ krb5_free_unparsed_name(krb_context, name); ++ ++ /* Name matches, so lets get on with it! */ ++ ++ if ((problem = krb5_cc_initialize(krb_context, ccache, principal))) { ++ logit("krb5_cc_initialize(): %.100s", ++ krb5_get_err_text(krb_context, problem)); ++ krb5_free_principal(krb_context, principal); ++ krb5_cc_close(krb_context, ccache); ++ return 0; ++ } ++ ++ krb5_free_principal(krb_context, principal); ++ ++ if ((maj_status = gss_krb5_copy_ccache(&min_status, client->creds, ++ ccache))) { ++ logit("gss_krb5_copy_ccache() failed. Sorry!"); ++ krb5_cc_close(krb_context, ccache); ++ return 0; ++ } ++ ++ return 1; ++} ++ + ssh_gssapi_mech gssapi_kerberos_mech = { + "toWM5Slw5Ew8Mqkay+al2g==", + "Kerberos", +@@ -203,7 +285,8 @@ ssh_gssapi_mech gssapi_kerberos_mech = { + NULL, + &ssh_gssapi_krb5_userok, + NULL, +- &ssh_gssapi_krb5_storecreds ++ &ssh_gssapi_krb5_storecreds, ++ &ssh_gssapi_krb5_updatecreds + }; + + #endif /* KRB5 */ +diff --git a/gss-serv.c b/gss-serv.c +index 025a118f..a5cca797 100644 +--- a/gss-serv.c ++++ b/gss-serv.c @@ -1,7 +1,7 @@ /* $OpenBSD: gss-serv.c,v 1.32 2020/03/13 03:17:07 djm Exp $ */ @@ -721,7 +962,7 @@ diff --color -ruNp a/gss-serv.c b/gss-serv.c * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions -@@ -44,17 +44,19 @@ +@@ -45,17 +45,19 @@ #include "session.h" #include "misc.h" #include "servconf.h" @@ -744,10 +985,11 @@ diff --color -ruNp a/gss-serv.c b/gss-serv.c #ifdef KRB5 extern ssh_gssapi_mech gssapi_kerberos_mech; -@@ -141,6 +143,29 @@ ssh_gssapi_server_ctx(Gssctxt **ctx, gss +@@ -141,6 +143,29 @@ ssh_gssapi_server_ctx(Gssctxt **ctx, gss_OID oid) + return (ssh_gssapi_acquire_cred(*ctx)); } - /* Unprivileged */ ++/* Unprivileged */ +char * +ssh_gssapi_server_mechanisms(void) { + if (supported_oids == NULL) @@ -770,11 +1012,10 @@ diff --color -ruNp a/gss-serv.c b/gss-serv.c + return (res); +} + -+/* Unprivileged */ + /* Unprivileged */ void ssh_gssapi_supported_oids(gss_OID_set *oidset) - { -@@ -150,7 +175,9 @@ ssh_gssapi_supported_oids(gss_OID_set *o +@@ -151,7 +176,9 @@ ssh_gssapi_supported_oids(gss_OID_set *oidset) gss_OID_set supported; gss_create_empty_oid_set(&min_status, oidset); @@ -785,7 +1026,7 @@ diff --color -ruNp a/gss-serv.c b/gss-serv.c while (supported_mechs[i]->name != NULL) { if (GSS_ERROR(gss_test_oid_set_member(&min_status, -@@ -276,8 +303,48 @@ OM_uint32 +@@ -277,8 +304,48 @@ OM_uint32 ssh_gssapi_getclient(Gssctxt *ctx, ssh_gssapi_client *client) { int i = 0; @@ -835,7 +1076,7 @@ diff --color -ruNp a/gss-serv.c b/gss-serv.c client->mech = NULL; -@@ -292,6 +359,13 @@ ssh_gssapi_getclient(Gssctxt *ctx, ssh_g +@@ -293,6 +360,13 @@ ssh_gssapi_getclient(Gssctxt *ctx, ssh_gssapi_client *client) if (client->mech == NULL) return GSS_S_FAILURE; @@ -849,7 +1090,7 @@ diff --color -ruNp a/gss-serv.c b/gss-serv.c if ((ctx->major = gss_display_name(&ctx->minor, ctx->client, &client->displayname, NULL))) { ssh_gssapi_error(ctx); -@@ -309,6 +383,8 @@ ssh_gssapi_getclient(Gssctxt *ctx, ssh_g +@@ -310,6 +384,8 @@ ssh_gssapi_getclient(Gssctxt *ctx, ssh_gssapi_client *client) return (ctx->major); } @@ -858,7 +1099,7 @@ diff --color -ruNp a/gss-serv.c b/gss-serv.c /* We can't copy this structure, so we just move the pointer to it */ client->creds = ctx->client_creds; ctx->client_creds = GSS_C_NO_CREDENTIAL; -@@ -319,11 +395,20 @@ ssh_gssapi_getclient(Gssctxt *ctx, ssh_g +@@ -320,11 +396,20 @@ ssh_gssapi_getclient(Gssctxt *ctx, ssh_gssapi_client *client) void ssh_gssapi_cleanup_creds(void) { @@ -884,7 +1125,7 @@ diff --color -ruNp a/gss-serv.c b/gss-serv.c } } -@@ -356,19 +441,23 @@ ssh_gssapi_do_child(char ***envp, u_int +@@ -357,19 +442,23 @@ ssh_gssapi_do_child(char ***envp, u_int *envsizep) /* Privileged */ int @@ -911,7 +1152,7 @@ diff --color -ruNp a/gss-serv.c b/gss-serv.c /* Destroy delegated credentials if userok fails */ gss_release_buffer(&lmin, &gssapi_client.displayname); gss_release_buffer(&lmin, &gssapi_client.exportedname); -@@ -382,14 +471,85 @@ ssh_gssapi_userok(char *user) +@@ -383,14 +472,85 @@ ssh_gssapi_userok(char *user) return (0); } @@ -1003,148 +1244,114 @@ diff --color -ruNp a/gss-serv.c b/gss-serv.c } /* Privileged */ -diff --color -ruNp a/gss-serv-krb5.c b/gss-serv-krb5.c ---- a/gss-serv-krb5.c 2024-07-01 06:36:28.000000000 +0200 -+++ b/gss-serv-krb5.c 2024-09-16 11:46:34.692939840 +0200 -@@ -1,7 +1,7 @@ - /* $OpenBSD: gss-serv-krb5.c,v 1.9 2018/07/09 21:37:55 markus Exp $ */ +diff --git a/kex-names.c b/kex-names.c +index ec840c1f..6c0b7c2b 100644 +--- a/kex-names.c ++++ b/kex-names.c +@@ -45,6 +45,10 @@ + #include "ssherr.h" + #include "xmalloc.h" - /* -- * Copyright (c) 2001-2003 Simon Wilkinson. All rights reserved. -+ * Copyright (c) 2001-2007 Simon Wilkinson. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions -@@ -120,7 +120,7 @@ ssh_gssapi_krb5_storecreds(ssh_gssapi_cl - krb5_error_code problem; - krb5_principal princ; - OM_uint32 maj_status, min_status; -- int len; -+ const char *new_ccname, *new_cctype; - const char *errmsg; - - if (client->creds == NULL) { -@@ -180,11 +180,26 @@ ssh_gssapi_krb5_storecreds(ssh_gssapi_cl - return; - } - -- client->store.filename = xstrdup(krb5_cc_get_name(krb_context, ccache)); -+ new_cctype = krb5_cc_get_type(krb_context, ccache); -+ new_ccname = krb5_cc_get_name(krb_context, ccache); -+ - client->store.envvar = "KRB5CCNAME"; -- len = strlen(client->store.filename) + 6; -- client->store.envval = xmalloc(len); -- snprintf(client->store.envval, len, "FILE:%s", client->store.filename); -+#ifdef USE_CCAPI -+ xasprintf(&client->store.envval, "API:%s", new_ccname); -+ client->store.filename = NULL; -+#else -+ if (new_ccname[0] == ':') -+ new_ccname++; -+ xasprintf(&client->store.envval, "%s:%s", new_cctype, new_ccname); -+ if (strcmp(new_cctype, "DIR") == 0) { -+ char *p; -+ p = strrchr(client->store.envval, '/'); -+ if (p) -+ *p = '\0'; -+ } -+ if ((strcmp(new_cctype, "FILE") == 0) || (strcmp(new_cctype, "DIR") == 0)) -+ client->store.filename = xstrdup(new_ccname); ++#ifdef GSSAPI ++#include "ssh-gss.h" +#endif - - #ifdef USE_PAM - if (options.use_pam) -@@ -193,9 +208,76 @@ ssh_gssapi_krb5_storecreds(ssh_gssapi_cl - - krb5_cc_close(krb_context, ccache); - -+ client->store.data = krb_context; + - return; + struct kexalg { + char *name; + u_int type; +@@ -89,15 +93,28 @@ static const struct kexalg kexalgs[] = { + #endif /* HAVE_EVP_SHA256 || !WITH_OPENSSL */ + { NULL, 0, -1, -1}, + }; ++static const struct kexalg gss_kexalgs[] = { ++#ifdef GSSAPI ++ { KEX_GSS_GEX_SHA1_ID, KEX_GSS_GEX_SHA1, 0, SSH_DIGEST_SHA1 }, ++ { KEX_GSS_GRP1_SHA1_ID, KEX_GSS_GRP1_SHA1, 0, SSH_DIGEST_SHA1 }, ++ { KEX_GSS_GRP14_SHA1_ID, KEX_GSS_GRP14_SHA1, 0, SSH_DIGEST_SHA1 }, ++ { KEX_GSS_GRP14_SHA256_ID, KEX_GSS_GRP14_SHA256, 0, SSH_DIGEST_SHA256 }, ++ { KEX_GSS_GRP16_SHA512_ID, KEX_GSS_GRP16_SHA512, 0, SSH_DIGEST_SHA512 }, ++ { KEX_GSS_NISTP256_SHA256_ID, KEX_GSS_NISTP256_SHA256, ++ NID_X9_62_prime256v1, SSH_DIGEST_SHA256 }, ++ { KEX_GSS_C25519_SHA256_ID, KEX_GSS_C25519_SHA256, 0, SSH_DIGEST_SHA256 }, ++#endif ++ { NULL, 0, -1, -1}, ++}; + +-char * +-kex_alg_list(char sep) ++static char * ++kex_alg_list_internal(char sep, const struct kexalg *algs) + { + char *ret = NULL, *tmp; + size_t nlen, rlen = 0; + const struct kexalg *k; + +- for (k = kexalgs; k->name != NULL; k++) { ++ for (k = algs; k->name != NULL; k++) { + if (ret != NULL) + ret[rlen++] = sep; + nlen = strlen(k->name); +@@ -112,6 +129,18 @@ kex_alg_list(char sep) + return ret; } -+int -+ssh_gssapi_krb5_updatecreds(ssh_gssapi_ccache *store, -+ ssh_gssapi_client *client) ++char * ++kex_alg_list(char sep) +{ -+ krb5_ccache ccache = NULL; -+ krb5_principal principal = NULL; -+ char *name = NULL; -+ krb5_error_code problem; -+ OM_uint32 maj_status, min_status; -+ -+ if ((problem = krb5_cc_resolve(krb_context, store->envval, &ccache))) { -+ logit("krb5_cc_resolve(): %.100s", -+ krb5_get_err_text(krb_context, problem)); -+ return 0; -+ } -+ -+ /* Find out who the principal in this cache is */ -+ if ((problem = krb5_cc_get_principal(krb_context, ccache, -+ &principal))) { -+ logit("krb5_cc_get_principal(): %.100s", -+ krb5_get_err_text(krb_context, problem)); -+ krb5_cc_close(krb_context, ccache); -+ return 0; -+ } -+ -+ if ((problem = krb5_unparse_name(krb_context, principal, &name))) { -+ logit("krb5_unparse_name(): %.100s", -+ krb5_get_err_text(krb_context, problem)); -+ krb5_free_principal(krb_context, principal); -+ krb5_cc_close(krb_context, ccache); -+ return 0; -+ } -+ -+ -+ if (strcmp(name,client->exportedname.value)!=0) { -+ debug("Name in local credentials cache differs. Not storing"); -+ krb5_free_principal(krb_context, principal); -+ krb5_cc_close(krb_context, ccache); -+ krb5_free_unparsed_name(krb_context, name); -+ return 0; -+ } -+ krb5_free_unparsed_name(krb_context, name); -+ -+ /* Name matches, so lets get on with it! */ -+ -+ if ((problem = krb5_cc_initialize(krb_context, ccache, principal))) { -+ logit("krb5_cc_initialize(): %.100s", -+ krb5_get_err_text(krb_context, problem)); -+ krb5_free_principal(krb_context, principal); -+ krb5_cc_close(krb_context, ccache); -+ return 0; -+ } -+ -+ krb5_free_principal(krb_context, principal); -+ -+ if ((maj_status = gss_krb5_copy_ccache(&min_status, client->creds, -+ ccache))) { -+ logit("gss_krb5_copy_ccache() failed. Sorry!"); -+ krb5_cc_close(krb_context, ccache); -+ return 0; -+ } -+ -+ return 1; ++ return kex_alg_list_internal(sep, kexalgs); +} + - ssh_gssapi_mech gssapi_kerberos_mech = { - "toWM5Slw5Ew8Mqkay+al2g==", - "Kerberos", -@@ -203,7 +285,8 @@ ssh_gssapi_mech gssapi_kerberos_mech = { - NULL, - &ssh_gssapi_krb5_userok, - NULL, -- &ssh_gssapi_krb5_storecreds -+ &ssh_gssapi_krb5_storecreds, -+ &ssh_gssapi_krb5_updatecreds - }; ++char * ++kex_gss_alg_list(char sep) ++{ ++ return kex_alg_list_internal(sep, gss_kexalgs); ++} ++ + static const struct kexalg * + kex_alg_by_name(const char *name) + { +@@ -121,6 +150,10 @@ kex_alg_by_name(const char *name) + if (strcmp(k->name, name) == 0) + return k; + } ++ for (k = gss_kexalgs; k->name != NULL; k++) { ++ if (strncmp(k->name, name, strlen(k->name)) == 0) ++ return k; ++ } + return NULL; + } - #endif /* KRB5 */ -diff --color -ruNp a/kex.c b/kex.c ---- a/kex.c 2024-07-01 06:36:28.000000000 +0200 -+++ b/kex.c 2024-09-16 11:46:34.692939840 +0200 +@@ -334,3 +367,26 @@ kex_assemble_names(char **listp, const char *def, const char *all) + free(ret); + return r; + } ++ ++/* Validate GSS KEX method name list */ ++int ++kex_gss_names_valid(const char *names) ++{ ++ char *s, *cp, *p; ++ ++ if (names == NULL || *names == '\0') ++ return 0; ++ s = cp = xstrdup(names); ++ for ((p = strsep(&cp, ",")); p && *p != '\0'; ++ (p = strsep(&cp, ","))) { ++ if (strncmp(p, "gss-", 4) != 0 ++ || kex_alg_by_name(p) == NULL) { ++ error("Unsupported KEX algorithm \"%.100s\"", p); ++ free(s); ++ return 0; ++ } ++ } ++ debug3("gss kex names ok: [%s]", names); ++ free(s); ++ return 1; ++} +diff --git a/kex.c b/kex.c +index 6b957e5e..19a56e8e 100644 +--- a/kex.c ++++ b/kex.c @@ -297,17 +297,37 @@ static int kex_compose_ext_info_server(struct ssh *ssh, struct sshbuf *m) { @@ -1199,9 +1406,92 @@ diff --color -ruNp a/kex.c b/kex.c sshbuf_free(kex->initial_sig); sshkey_free(kex->initial_hostkey); free(kex->failed_choice); -diff --color -ruNp a/kexdh.c b/kexdh.c ---- a/kexdh.c 2024-07-01 06:36:28.000000000 +0200 -+++ b/kexdh.c 2024-09-16 11:46:34.693939862 +0200 +diff --git a/kex.h b/kex.h +index d08988b3..0e080ea3 100644 +--- a/kex.h ++++ b/kex.h +@@ -29,6 +29,10 @@ + #include "mac.h" + #include "crypto_api.h" + ++#ifdef GSSAPI ++# include "ssh-gss.h" /* Gssctxt */ ++#endif ++ + #ifdef WITH_OPENSSL + # include + # include +@@ -103,6 +107,15 @@ enum kex_exchange { + KEX_C25519_SHA256, + KEX_KEM_SNTRUP761X25519_SHA512, + KEX_KEM_MLKEM768X25519_SHA256, ++#ifdef GSSAPI ++ KEX_GSS_GRP1_SHA1, ++ KEX_GSS_GRP14_SHA1, ++ KEX_GSS_GRP14_SHA256, ++ KEX_GSS_GRP16_SHA512, ++ KEX_GSS_GEX_SHA1, ++ KEX_GSS_NISTP256_SHA256, ++ KEX_GSS_C25519_SHA256, ++#endif + KEX_MAX + }; + +@@ -165,6 +178,13 @@ struct kex { + u_int flags; + int hash_alg; + int ec_nid; ++#ifdef GSSAPI ++ Gssctxt *gss; ++ int gss_deleg_creds; ++ int gss_trust_dns; ++ char *gss_host; ++ char *gss_client; ++#endif + char *failed_choice; + int (*verify_host_key)(struct sshkey *, struct ssh *); + struct sshkey *(*load_host_public_key)(int, int, struct ssh *); +@@ -191,8 +211,10 @@ int kex_hash_from_name(const char *); + int kex_nid_from_name(const char *); + int kex_names_valid(const char *); + char *kex_alg_list(char); ++char *kex_gss_alg_list(char); + char *kex_names_cat(const char *, const char *); + int kex_has_any_alg(const char *, const char *); ++int kex_gss_names_valid(const char *); + int kex_assemble_names(char **, const char *, const char *); + void kex_proposal_populate_entries(struct ssh *, char *prop[PROPOSAL_MAX], + const char *, const char *, const char *, const char *, const char *); +@@ -226,6 +248,12 @@ int kexgex_client(struct ssh *); + int kexgex_server(struct ssh *); + int kex_gen_client(struct ssh *); + int kex_gen_server(struct ssh *); ++#if defined(GSSAPI) && defined(WITH_OPENSSL) ++int kexgssgex_client(struct ssh *); ++int kexgssgex_server(struct ssh *); ++int kexgss_client(struct ssh *); ++int kexgss_server(struct ssh *); ++#endif + + int kex_dh_keypair(struct kex *); + int kex_dh_enc(struct kex *, const struct sshbuf *, struct sshbuf **, +@@ -264,6 +292,12 @@ int kexgex_hash(int, const struct sshbuf *, const struct sshbuf *, + const BIGNUM *, const u_char *, size_t, + u_char *, size_t *); + ++int kex_gen_hash(int hash_alg, const struct sshbuf *client_version, ++ const struct sshbuf *server_version, const struct sshbuf *client_kexinit, ++ const struct sshbuf *server_kexinit, const struct sshbuf *server_host_key_blob, ++ const struct sshbuf *client_pub, const struct sshbuf *server_pub, ++ const struct sshbuf *shared_secret, u_char *hash, size_t *hashlen); ++ + void kexc25519_keygen(u_char key[CURVE25519_SIZE], u_char pub[CURVE25519_SIZE]) + __attribute__((__bounded__(__minbytes__, 1, CURVE25519_SIZE))) + __attribute__((__bounded__(__minbytes__, 2, CURVE25519_SIZE))); +diff --git a/kexdh.c b/kexdh.c +index c1084f21..0faab21b 100644 +--- a/kexdh.c ++++ b/kexdh.c @@ -49,13 +49,23 @@ kex_dh_keygen(struct kex *kex) { switch (kex->kex_type) { @@ -1226,9 +1516,10 @@ diff --color -ruNp a/kexdh.c b/kexdh.c kex->dh = dh_new_group16(); break; case KEX_DH_GRP18_SHA512: -diff --color -ruNp a/kexgen.c b/kexgen.c ---- a/kexgen.c 2024-07-01 06:36:28.000000000 +0200 -+++ b/kexgen.c 2024-09-16 11:46:34.693939862 +0200 +diff --git a/kexgen.c b/kexgen.c +index 40d688d6..15df591c 100644 +--- a/kexgen.c ++++ b/kexgen.c @@ -44,7 +44,7 @@ static int input_kex_gen_init(int, u_int32_t, struct ssh *); static int input_kex_gen_reply(int type, u_int32_t seq, struct ssh *ssh); @@ -1238,9 +1529,11 @@ diff --color -ruNp a/kexgen.c b/kexgen.c kex_gen_hash( int hash_alg, const struct sshbuf *client_version, -diff --color -ruNp a/kexgssc.c b/kexgssc.c ---- a/kexgssc.c 1970-01-01 01:00:00.000000000 +0100 -+++ b/kexgssc.c 2024-10-14 15:18:02.491798105 +0200 +diff --git a/kexgssc.c b/kexgssc.c +new file mode 100644 +index 00000000..96f7b6f5 +--- /dev/null ++++ b/kexgssc.c @@ -0,0 +1,706 @@ +/* + * Copyright (c) 2001-2009 Simon Wilkinson. All rights reserved. @@ -1948,9 +2241,11 @@ diff --color -ruNp a/kexgssc.c b/kexgssc.c +} + +#endif /* defined(GSSAPI) && defined(WITH_OPENSSL) */ -diff --color -ruNp a/kexgsss.c b/kexgsss.c ---- a/kexgsss.c 1970-01-01 01:00:00.000000000 +0100 -+++ b/kexgsss.c 2024-10-14 15:18:02.491798105 +0200 +diff --git a/kexgsss.c b/kexgsss.c +new file mode 100644 +index 00000000..8362081e +--- /dev/null ++++ b/kexgsss.c @@ -0,0 +1,601 @@ +/* + * Copyright (c) 2001-2009 Simon Wilkinson. All rights reserved. @@ -2553,223 +2848,11 @@ diff --color -ruNp a/kexgsss.c b/kexgsss.c +} + +#endif /* defined(GSSAPI) && defined(WITH_OPENSSL) */ -diff --color -ruNp a/kex.h b/kex.h ---- a/kex.h 2024-07-01 06:36:28.000000000 +0200 -+++ b/kex.h 2024-09-16 11:46:34.710940224 +0200 -@@ -29,6 +29,10 @@ - #include "mac.h" - #include "crypto_api.h" - -+#ifdef GSSAPI -+# include "ssh-gss.h" /* Gssctxt */ -+#endif -+ - #ifdef WITH_OPENSSL - # include - # include -@@ -102,6 +106,15 @@ enum kex_exchange { - KEX_C25519_SHA256, - KEX_KEM_SNTRUP761X25519_SHA512, - KEX_KEM_MLKEM768X25519_SHA256, -+#ifdef GSSAPI -+ KEX_GSS_GRP1_SHA1, -+ KEX_GSS_GRP14_SHA1, -+ KEX_GSS_GRP14_SHA256, -+ KEX_GSS_GRP16_SHA512, -+ KEX_GSS_GEX_SHA1, -+ KEX_GSS_NISTP256_SHA256, -+ KEX_GSS_C25519_SHA256, -+#endif - KEX_MAX - }; - -@@ -164,6 +177,13 @@ struct kex { - u_int flags; - int hash_alg; - int ec_nid; -+#ifdef GSSAPI -+ Gssctxt *gss; -+ int gss_deleg_creds; -+ int gss_trust_dns; -+ char *gss_host; -+ char *gss_client; -+#endif - char *failed_choice; - int (*verify_host_key)(struct sshkey *, struct ssh *); - struct sshkey *(*load_host_public_key)(int, int, struct ssh *); -@@ -189,8 +209,10 @@ int kex_hash_from_name(const char *); - int kex_nid_from_name(const char *); - int kex_names_valid(const char *); - char *kex_alg_list(char); -+char *kex_gss_alg_list(char); - char *kex_names_cat(const char *, const char *); - int kex_has_any_alg(const char *, const char *); -+int kex_gss_names_valid(const char *); - int kex_assemble_names(char **, const char *, const char *); - void kex_proposal_populate_entries(struct ssh *, char *prop[PROPOSAL_MAX], - const char *, const char *, const char *, const char *, const char *); -@@ -224,6 +246,12 @@ int kexgex_client(struct ssh *); - int kexgex_server(struct ssh *); - int kex_gen_client(struct ssh *); - int kex_gen_server(struct ssh *); -+#if defined(GSSAPI) && defined(WITH_OPENSSL) -+int kexgssgex_client(struct ssh *); -+int kexgssgex_server(struct ssh *); -+int kexgss_client(struct ssh *); -+int kexgss_server(struct ssh *); -+#endif - - int kex_dh_keypair(struct kex *); - int kex_dh_enc(struct kex *, const struct sshbuf *, struct sshbuf **, -@@ -256,6 +284,12 @@ int kexgex_hash(int, const struct sshbu - const BIGNUM *, const u_char *, size_t, - u_char *, size_t *); - -+int kex_gen_hash(int hash_alg, const struct sshbuf *client_version, -+ const struct sshbuf *server_version, const struct sshbuf *client_kexinit, -+ const struct sshbuf *server_kexinit, const struct sshbuf *server_host_key_blob, -+ const struct sshbuf *client_pub, const struct sshbuf *server_pub, -+ const struct sshbuf *shared_secret, u_char *hash, size_t *hashlen); -+ - void kexc25519_keygen(u_char key[CURVE25519_SIZE], u_char pub[CURVE25519_SIZE]) - __attribute__((__bounded__(__minbytes__, 1, CURVE25519_SIZE))) - __attribute__((__bounded__(__minbytes__, 2, CURVE25519_SIZE))); -diff --color -ruNp a/kex-names.c b/kex-names.c ---- a/kex-names.c 2024-07-01 06:36:28.000000000 +0200 -+++ b/kex-names.c 2024-09-16 11:46:34.694939883 +0200 -@@ -45,6 +45,10 @@ - #include "ssherr.h" - #include "xmalloc.h" - -+#ifdef GSSAPI -+#include "ssh-gss.h" -+#endif -+ - struct kexalg { - char *name; - u_int type; -@@ -83,15 +87,28 @@ static const struct kexalg kexalgs[] = { - #endif /* HAVE_EVP_SHA256 || !WITH_OPENSSL */ - { NULL, 0, -1, -1}, - }; -+static const struct kexalg gss_kexalgs[] = { -+#ifdef GSSAPI -+ { KEX_GSS_GEX_SHA1_ID, KEX_GSS_GEX_SHA1, 0, SSH_DIGEST_SHA1 }, -+ { KEX_GSS_GRP1_SHA1_ID, KEX_GSS_GRP1_SHA1, 0, SSH_DIGEST_SHA1 }, -+ { KEX_GSS_GRP14_SHA1_ID, KEX_GSS_GRP14_SHA1, 0, SSH_DIGEST_SHA1 }, -+ { KEX_GSS_GRP14_SHA256_ID, KEX_GSS_GRP14_SHA256, 0, SSH_DIGEST_SHA256 }, -+ { KEX_GSS_GRP16_SHA512_ID, KEX_GSS_GRP16_SHA512, 0, SSH_DIGEST_SHA512 }, -+ { KEX_GSS_NISTP256_SHA256_ID, KEX_GSS_NISTP256_SHA256, -+ NID_X9_62_prime256v1, SSH_DIGEST_SHA256 }, -+ { KEX_GSS_C25519_SHA256_ID, KEX_GSS_C25519_SHA256, 0, SSH_DIGEST_SHA256 }, -+#endif -+ { NULL, 0, -1, -1}, -+}; - --char * --kex_alg_list(char sep) -+static char * -+kex_alg_list_internal(char sep, const struct kexalg *algs) - { - char *ret = NULL, *tmp; - size_t nlen, rlen = 0; - const struct kexalg *k; - -- for (k = kexalgs; k->name != NULL; k++) { -+ for (k = algs; k->name != NULL; k++) { - if (ret != NULL) - ret[rlen++] = sep; - nlen = strlen(k->name); -@@ -106,6 +123,18 @@ kex_alg_list(char sep) - return ret; - } - -+char * -+kex_alg_list(char sep) -+{ -+ return kex_alg_list_internal(sep, kexalgs); -+} -+ -+char * -+kex_gss_alg_list(char sep) -+{ -+ return kex_alg_list_internal(sep, gss_kexalgs); -+} -+ - static const struct kexalg * - kex_alg_by_name(const char *name) - { -@@ -115,6 +144,10 @@ kex_alg_by_name(const char *name) - if (strcmp(k->name, name) == 0) - return k; - } -+ for (k = gss_kexalgs; k->name != NULL; k++) { -+ if (strncmp(k->name, name, strlen(k->name)) == 0) -+ return k; -+ } - return NULL; - } - -@@ -328,3 +361,26 @@ kex_assemble_names(char **listp, const c - free(ret); - return r; - } -+ -+/* Validate GSS KEX method name list */ -+int -+kex_gss_names_valid(const char *names) -+{ -+ char *s, *cp, *p; -+ -+ if (names == NULL || *names == '\0') -+ return 0; -+ s = cp = xstrdup(names); -+ for ((p = strsep(&cp, ",")); p && *p != '\0'; -+ (p = strsep(&cp, ","))) { -+ if (strncmp(p, "gss-", 4) != 0 -+ || kex_alg_by_name(p) == NULL) { -+ error("Unsupported KEX algorithm \"%.100s\"", p); -+ free(s); -+ return 0; -+ } -+ } -+ debug3("gss kex names ok: [%s]", names); -+ free(s); -+ return 1; -+} -diff --color -ruNp a/Makefile.in b/Makefile.in ---- a/Makefile.in 2024-09-16 11:45:56.868133454 +0200 -+++ b/Makefile.in 2024-09-16 11:46:34.695939904 +0200 -@@ -114,6 +114,7 @@ LIBSSH_OBJS=${LIBOPENSSH_OBJS} \ - kex.o kex-names.o kexdh.o kexgex.o kexecdh.o kexc25519.o \ - kexgexc.o kexgexs.o \ - kexsntrup761x25519.o kexmlkem768x25519.o sntrup761.o kexgen.o \ -+ kexgssc.o \ - sftp-realpath.o platform-pledge.o platform-tracing.o platform-misc.o \ - sshbuf-io.o - -@@ -135,7 +136,7 @@ SSHD_SESSION_OBJS=sshd-session.o auth-rh - auth2-chall.o groupaccess.o \ - auth-bsdauth.o auth2-hostbased.o auth2-kbdint.o \ - auth2-none.o auth2-passwd.o auth2-pubkey.o auth2-pubkeyfile.o \ -- monitor.o monitor_wrap.o auth-krb5.o \ -+ monitor.o monitor_wrap.o auth-krb5.o kexgsss.o \ - auth2-gss.o gss-serv.o gss-serv-krb5.o \ - loginrec.o auth-pam.o auth-shadow.o auth-sia.o \ - sftp-server.o sftp-common.o \ -@@ -529,7 +530,7 @@ regress-prep: - ln -s `cd $(srcdir) && pwd`/regress/Makefile `pwd`/regress/Makefile - - REGRESSLIBS=libssh.a $(LIBCOMPAT) --TESTLIBS=$(LIBS) $(CHANNELLIBS) -+TESTLIBS=$(LIBS) $(CHANNELLIBS) $(GSSLIBS) - - regress/modpipe$(EXEEXT): $(srcdir)/regress/modpipe.c $(REGRESSLIBS) - $(CC) $(CFLAGS) $(CPPFLAGS) -o $@ $(srcdir)/regress/modpipe.c \ -diff --color -ruNp a/monitor.c b/monitor.c ---- a/monitor.c 2024-09-16 11:45:56.861133305 +0200 -+++ b/monitor.c 2024-09-16 11:46:34.696939926 +0200 -@@ -143,6 +143,8 @@ int mm_answer_gss_setup_ctx(struct ssh * +diff --git a/monitor.c b/monitor.c +index 02b3eaaa..2ef16cc8 100644 +--- a/monitor.c ++++ b/monitor.c +@@ -147,6 +147,8 @@ int mm_answer_gss_setup_ctx(struct ssh *, int, struct sshbuf *); int mm_answer_gss_accept_ctx(struct ssh *, int, struct sshbuf *); int mm_answer_gss_userok(struct ssh *, int, struct sshbuf *); int mm_answer_gss_checkmic(struct ssh *, int, struct sshbuf *); @@ -2778,7 +2861,7 @@ diff --color -ruNp a/monitor.c b/monitor.c #endif #ifdef SSH_AUDIT_EVENTS -@@ -219,11 +221,18 @@ struct mon_table mon_dispatch_proto20[] +@@ -224,11 +226,18 @@ struct mon_table mon_dispatch_proto20[] = { {MONITOR_REQ_GSSSTEP, 0, mm_answer_gss_accept_ctx}, {MONITOR_REQ_GSSUSEROK, MON_ONCE|MON_AUTHDECIDE, mm_answer_gss_userok}, {MONITOR_REQ_GSSCHECKMIC, MON_ONCE, mm_answer_gss_checkmic}, @@ -2794,11 +2877,11 @@ diff --color -ruNp a/monitor.c b/monitor.c + {MONITOR_REQ_GSSSIGN, 0, mm_answer_gss_sign}, + {MONITOR_REQ_GSSUPCREDS, 0, mm_answer_gss_updatecreds}, +#endif + {MONITOR_REQ_STATE, MON_ONCE, mm_answer_state}, #ifdef WITH_OPENSSL {MONITOR_REQ_MODULI, 0, mm_answer_moduli}, - #endif -@@ -292,6 +301,10 @@ monitor_child_preauth(struct ssh *ssh, s - /* Permit requests for moduli and signatures */ +@@ -299,6 +308,10 @@ monitor_child_preauth(struct ssh *ssh, struct monitor *pmonitor) + monitor_permit(mon_dispatch, MONITOR_REQ_STATE, 1); monitor_permit(mon_dispatch, MONITOR_REQ_MODULI, 1); monitor_permit(mon_dispatch, MONITOR_REQ_SIGN, 1); +#ifdef GSSAPI @@ -2808,7 +2891,7 @@ diff --color -ruNp a/monitor.c b/monitor.c /* The first few requests do not require asynchronous access */ while (!authenticated) { -@@ -344,8 +357,15 @@ monitor_child_preauth(struct ssh *ssh, s +@@ -351,8 +364,15 @@ monitor_child_preauth(struct ssh *ssh, struct monitor *pmonitor) if (ent->flags & (MON_AUTHDECIDE|MON_ALOG)) { auth_log(ssh, authenticated, partial, auth_method, auth_submethod); @@ -2825,7 +2908,7 @@ diff --color -ruNp a/monitor.c b/monitor.c if (authenticated || partial) { auth2_update_session_info(authctxt, auth_method, auth_submethod); -@@ -413,6 +433,10 @@ monitor_child_postauth(struct ssh *ssh, +@@ -421,6 +441,10 @@ monitor_child_postauth(struct ssh *ssh, struct monitor *pmonitor) monitor_permit(mon_dispatch, MONITOR_REQ_MODULI, 1); monitor_permit(mon_dispatch, MONITOR_REQ_SIGN, 1); monitor_permit(mon_dispatch, MONITOR_REQ_TERM, 1); @@ -2836,7 +2919,7 @@ diff --color -ruNp a/monitor.c b/monitor.c if (auth_opts->permit_pty_flag) { monitor_permit(mon_dispatch, MONITOR_REQ_PTY, 1); -@@ -1793,6 +1817,17 @@ monitor_apply_keystate(struct ssh *ssh, +@@ -1890,6 +1914,17 @@ monitor_apply_keystate(struct ssh *ssh, struct monitor *pmonitor) # ifdef OPENSSL_HAS_ECC kex->kex[KEX_ECDH_SHA2] = kex_gen_server; # endif @@ -2854,7 +2937,7 @@ diff --color -ruNp a/monitor.c b/monitor.c #endif /* WITH_OPENSSL */ kex->kex[KEX_C25519_SHA256] = kex_gen_server; kex->kex[KEX_KEM_SNTRUP761X25519_SHA512] = kex_gen_server; -@@ -1885,8 +1920,8 @@ mm_answer_gss_setup_ctx(struct ssh *ssh, +@@ -1981,8 +2016,8 @@ mm_answer_gss_setup_ctx(struct ssh *ssh, int sock, struct sshbuf *m) u_char *p; int r; @@ -2865,7 +2948,7 @@ diff --color -ruNp a/monitor.c b/monitor.c if ((r = sshbuf_get_string(m, &p, &len)) != 0) fatal_fr(r, "parse"); -@@ -1918,8 +1953,8 @@ mm_answer_gss_accept_ctx(struct ssh *ssh +@@ -2014,8 +2049,8 @@ mm_answer_gss_accept_ctx(struct ssh *ssh, int sock, struct sshbuf *m) OM_uint32 flags = 0; /* GSI needs this */ int r; @@ -2876,7 +2959,7 @@ diff --color -ruNp a/monitor.c b/monitor.c if ((r = ssh_gssapi_get_buffer_desc(m, &in)) != 0) fatal_fr(r, "ssh_gssapi_get_buffer_desc"); -@@ -1939,6 +1974,7 @@ mm_answer_gss_accept_ctx(struct ssh *ssh +@@ -2035,6 +2070,7 @@ mm_answer_gss_accept_ctx(struct ssh *ssh, int sock, struct sshbuf *m) monitor_permit(mon_dispatch, MONITOR_REQ_GSSSTEP, 0); monitor_permit(mon_dispatch, MONITOR_REQ_GSSUSEROK, 1); monitor_permit(mon_dispatch, MONITOR_REQ_GSSCHECKMIC, 1); @@ -2884,7 +2967,7 @@ diff --color -ruNp a/monitor.c b/monitor.c } return (0); } -@@ -1950,8 +1986,8 @@ mm_answer_gss_checkmic(struct ssh *ssh, +@@ -2046,8 +2082,8 @@ mm_answer_gss_checkmic(struct ssh *ssh, int sock, struct sshbuf *m) OM_uint32 ret; int r; @@ -2895,7 +2978,7 @@ diff --color -ruNp a/monitor.c b/monitor.c if ((r = ssh_gssapi_get_buffer_desc(m, &gssbuf)) != 0 || (r = ssh_gssapi_get_buffer_desc(m, &mic)) != 0) -@@ -1977,13 +2013,17 @@ mm_answer_gss_checkmic(struct ssh *ssh, +@@ -2073,13 +2109,17 @@ mm_answer_gss_checkmic(struct ssh *ssh, int sock, struct sshbuf *m) int mm_answer_gss_userok(struct ssh *ssh, int sock, struct sshbuf *m) { @@ -2907,17 +2990,17 @@ diff --color -ruNp a/monitor.c b/monitor.c - fatal_f("GSSAPI authentication not enabled"); + if (!options.gss_authentication && !options.gss_keyex) + fatal_f("GSSAPI not enabled"); - -- authenticated = authctxt->valid && ssh_gssapi_userok(authctxt->user); ++ + if ((r = sshbuf_get_u32(m, &kex)) != 0) + fatal_fr(r, "buffer error"); -+ + +- authenticated = authctxt->valid && ssh_gssapi_userok(authctxt->user); + authenticated = authctxt->valid && + ssh_gssapi_userok(authctxt->user, authctxt->pw, kex); sshbuf_reset(m); if ((r = sshbuf_put_u32(m, authenticated)) != 0) -@@ -1992,7 +2032,11 @@ mm_answer_gss_userok(struct ssh *ssh, in +@@ -2088,7 +2128,11 @@ mm_answer_gss_userok(struct ssh *ssh, int sock, struct sshbuf *m) debug3_f("sending result %d", authenticated); mm_request_send(sock, MONITOR_ANS_GSSUSEROK, m); @@ -2930,7 +3013,7 @@ diff --color -ruNp a/monitor.c b/monitor.c if ((displayname = ssh_gssapi_displayname()) != NULL) auth2_record_info(authctxt, "%s", displayname); -@@ -2000,5 +2044,84 @@ mm_answer_gss_userok(struct ssh *ssh, in +@@ -2096,5 +2140,84 @@ mm_answer_gss_userok(struct ssh *ssh, int sock, struct sshbuf *m) /* Monitor loop will terminate if authenticated */ return (authenticated); } @@ -3015,10 +3098,11 @@ diff --color -ruNp a/monitor.c b/monitor.c + #endif /* GSSAPI */ -diff --color -ruNp a/monitor.h b/monitor.h ---- a/monitor.h 2024-09-16 11:45:56.861133305 +0200 -+++ b/monitor.h 2024-09-16 11:46:34.696939926 +0200 -@@ -67,6 +67,8 @@ enum monitor_reqtype { +diff --git a/monitor.h b/monitor.h +index 9dcd9c29..dbc7e003 100644 +--- a/monitor.h ++++ b/monitor.h +@@ -68,6 +68,8 @@ enum monitor_reqtype { MONITOR_REQ_PAM_FREE_CTX = 110, MONITOR_ANS_PAM_FREE_CTX = 111, MONITOR_REQ_AUDIT_EVENT = 112, MONITOR_REQ_AUDIT_COMMAND = 113, @@ -3027,10 +3111,11 @@ diff --color -ruNp a/monitor.h b/monitor.h }; struct ssh; -diff --color -ruNp a/monitor_wrap.c b/monitor_wrap.c ---- a/monitor_wrap.c 2024-09-16 11:45:56.862133326 +0200 -+++ b/monitor_wrap.c 2024-09-16 11:46:34.697939947 +0200 -@@ -1075,13 +1075,15 @@ mm_ssh_gssapi_checkmic(Gssctxt *ctx, gss +diff --git a/monitor_wrap.c b/monitor_wrap.c +index ef3ab1b1..b6e3b3f3 100644 +--- a/monitor_wrap.c ++++ b/monitor_wrap.c +@@ -1131,13 +1131,15 @@ mm_ssh_gssapi_checkmic(Gssctxt *ctx, gss_buffer_t gssbuf, gss_buffer_t gssmic) } int @@ -3047,7 +3132,7 @@ diff --color -ruNp a/monitor_wrap.c b/monitor_wrap.c mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_GSSUSEROK, m); mm_request_receive_expect(pmonitor->m_recvfd, -@@ -1094,6 +1096,59 @@ mm_ssh_gssapi_userok(char *user) +@@ -1150,6 +1152,59 @@ mm_ssh_gssapi_userok(char *user) debug3_f("user %sauthenticated", authenticated ? "" : "not "); return (authenticated); } @@ -3107,10 +3192,11 @@ diff --color -ruNp a/monitor_wrap.c b/monitor_wrap.c #endif /* GSSAPI */ /* -diff --color -ruNp a/monitor_wrap.h b/monitor_wrap.h ---- a/monitor_wrap.h 2024-09-16 11:45:56.862133326 +0200 -+++ b/monitor_wrap.h 2024-09-16 11:46:34.697939947 +0200 -@@ -67,8 +67,10 @@ void mm_decode_activate_server_options(s +diff --git a/monitor_wrap.h b/monitor_wrap.h +index 38a280c8..672dce52 100644 +--- a/monitor_wrap.h ++++ b/monitor_wrap.h +@@ -67,8 +67,10 @@ void mm_decode_activate_server_options(struct ssh *ssh, struct sshbuf *m); OM_uint32 mm_ssh_gssapi_server_ctx(Gssctxt **, gss_OID); OM_uint32 mm_ssh_gssapi_accept_ctx(Gssctxt *, gss_buffer_desc *, gss_buffer_desc *, OM_uint32 *); @@ -3122,18 +3208,19 @@ diff --color -ruNp a/monitor_wrap.h b/monitor_wrap.h #endif #ifdef USE_PAM -diff --color -ruNp a/readconf.c b/readconf.c ---- a/readconf.c 2024-07-01 06:36:28.000000000 +0200 -+++ b/readconf.c 2024-09-16 11:46:34.699939990 +0200 -@@ -70,6 +70,7 @@ - #include "uidswap.h" +diff --git a/readconf.c b/readconf.c +index 7cbe7d2c..6c04ed43 100644 +--- a/readconf.c ++++ b/readconf.c +@@ -71,6 +71,7 @@ #include "myproposal.h" #include "digest.h" + #include "version.h" +#include "ssh-gss.h" /* Format of the configuration file: -@@ -164,6 +165,8 @@ typedef enum { +@@ -165,6 +166,8 @@ typedef enum { oClearAllForwardings, oNoHostAuthenticationForLocalhost, oEnableSSHKeysign, oRekeyLimit, oVerifyHostKeyDNS, oConnectTimeout, oAddressFamily, oGssAuthentication, oGssDelegateCreds, @@ -3142,7 +3229,7 @@ diff --color -ruNp a/readconf.c b/readconf.c oServerAliveInterval, oServerAliveCountMax, oIdentitiesOnly, oSendEnv, oSetEnv, oControlPath, oControlMaster, oControlPersist, oHashKnownHosts, -@@ -210,10 +213,22 @@ static struct { +@@ -212,10 +215,22 @@ static struct { /* Sometimes-unsupported options */ #if defined(GSSAPI) { "gssapiauthentication", oGssAuthentication }, @@ -3165,7 +3252,7 @@ diff --color -ruNp a/readconf.c b/readconf.c #endif #ifdef ENABLE_PKCS11 { "pkcs11provider", oPKCS11Provider }, -@@ -1227,10 +1242,42 @@ parse_time: +@@ -1320,10 +1335,42 @@ parse_time: intptr = &options->gss_authentication; goto parse_flag; @@ -3208,7 +3295,7 @@ diff --color -ruNp a/readconf.c b/readconf.c case oBatchMode: intptr = &options->batch_mode; goto parse_flag; -@@ -2542,7 +2589,13 @@ initialize_options(Options * options) +@@ -2662,7 +2709,13 @@ initialize_options(Options * options) options->fwd_opts.streamlocal_bind_unlink = -1; options->pubkey_authentication = -1; options->gss_authentication = -1; @@ -3222,7 +3309,7 @@ diff --color -ruNp a/readconf.c b/readconf.c options->password_authentication = -1; options->kbd_interactive_authentication = -1; options->kbd_interactive_devices = NULL; -@@ -2705,8 +2758,18 @@ fill_default_options(Options * options) +@@ -2826,8 +2879,18 @@ fill_default_options(Options * options) options->pubkey_authentication = SSH_PUBKEY_AUTH_ALL; if (options->gss_authentication == -1) options->gss_authentication = 0; @@ -3241,7 +3328,7 @@ diff --color -ruNp a/readconf.c b/readconf.c if (options->password_authentication == -1) options->password_authentication = 1; if (options->kbd_interactive_authentication == -1) -@@ -3533,7 +3596,14 @@ dump_client_config(Options *o, const cha +@@ -3656,7 +3719,14 @@ dump_client_config(Options *o, const char *host) dump_cfg_fmtint(oGatewayPorts, o->fwd_opts.gateway_ports); #ifdef GSSAPI dump_cfg_fmtint(oGssAuthentication, o->gss_authentication); @@ -3256,10 +3343,11 @@ diff --color -ruNp a/readconf.c b/readconf.c #endif /* GSSAPI */ dump_cfg_fmtint(oHashKnownHosts, o->hash_known_hosts); dump_cfg_fmtint(oHostbasedAuthentication, o->hostbased_authentication); -diff --color -ruNp a/readconf.h b/readconf.h ---- a/readconf.h 2024-07-01 06:36:28.000000000 +0200 -+++ b/readconf.h 2024-09-16 11:46:34.699939990 +0200 -@@ -40,7 +40,13 @@ typedef struct { +diff --git a/readconf.h b/readconf.h +index cd49139b..368523dd 100644 +--- a/readconf.h ++++ b/readconf.h +@@ -39,7 +39,13 @@ typedef struct { int pubkey_authentication; /* Try ssh2 pubkey authentication. */ int hostbased_authentication; /* ssh2's rhosts_rsa */ int gss_authentication; /* Try GSS authentication */ @@ -3273,18 +3361,19 @@ diff --color -ruNp a/readconf.h b/readconf.h int password_authentication; /* Try password * authentication. */ int kbd_interactive_authentication; /* Try keyboard-interactive auth. */ -diff --color -ruNp a/servconf.c b/servconf.c ---- a/servconf.c 2024-07-01 06:36:28.000000000 +0200 -+++ b/servconf.c 2024-09-16 11:46:34.700940011 +0200 -@@ -68,6 +68,7 @@ - #include "auth.h" +diff --git a/servconf.c b/servconf.c +index f7bc9237..d4f7fd66 100644 +--- a/servconf.c ++++ b/servconf.c +@@ -69,6 +69,7 @@ #include "myproposal.h" #include "digest.h" + #include "version.h" +#include "ssh-gss.h" #if !defined(SSHD_PAM_SERVICE) # define SSHD_PAM_SERVICE "sshd" -@@ -137,8 +138,11 @@ initialize_server_options(ServerOptions +@@ -138,8 +139,11 @@ initialize_server_options(ServerOptions *options) options->kerberos_ticket_cleanup = -1; options->kerberos_get_afs_token = -1; options->gss_authentication=-1; @@ -3296,7 +3385,7 @@ diff --color -ruNp a/servconf.c b/servconf.c options->password_authentication = -1; options->kbd_interactive_authentication = -1; options->permit_empty_passwd = -1; -@@ -376,10 +380,18 @@ fill_default_server_options(ServerOption +@@ -380,10 +384,18 @@ fill_default_server_options(ServerOptions *options) options->kerberos_get_afs_token = 0; if (options->gss_authentication == -1) options->gss_authentication = 0; @@ -3315,7 +3404,7 @@ diff --color -ruNp a/servconf.c b/servconf.c if (options->password_authentication == -1) options->password_authentication = 1; if (options->kbd_interactive_authentication == -1) -@@ -558,6 +570,7 @@ typedef enum { +@@ -568,6 +580,7 @@ typedef enum { sPerSourcePenalties, sPerSourcePenaltyExemptList, sClientAliveInterval, sClientAliveCountMax, sAuthorizedKeysFile, sGssAuthentication, sGssCleanupCreds, sGssStrictAcceptor, @@ -3323,7 +3412,7 @@ diff --color -ruNp a/servconf.c b/servconf.c sAcceptEnv, sSetEnv, sPermitTunnel, sMatch, sPermitOpen, sPermitListen, sForceCommand, sChrootDirectory, sUsePrivilegeSeparation, sAllowAgentForwarding, -@@ -643,12 +656,22 @@ static struct { +@@ -653,12 +666,22 @@ static struct { #ifdef GSSAPI { "gssapiauthentication", sGssAuthentication, SSHCFG_ALL }, { "gssapicleanupcredentials", sGssCleanupCreds, SSHCFG_GLOBAL }, @@ -3346,7 +3435,7 @@ diff --color -ruNp a/servconf.c b/servconf.c { "passwordauthentication", sPasswordAuthentication, SSHCFG_ALL }, { "kbdinteractiveauthentication", sKbdInteractiveAuthentication, SSHCFG_ALL }, { "challengeresponseauthentication", sKbdInteractiveAuthentication, SSHCFG_ALL }, /* alias */ -@@ -1585,6 +1608,10 @@ process_server_config_line_depth(ServerO +@@ -1649,6 +1672,10 @@ process_server_config_line_depth(ServerOptions *options, char *line, intptr = &options->gss_authentication; goto parse_flag; @@ -3357,7 +3446,7 @@ diff --color -ruNp a/servconf.c b/servconf.c case sGssCleanupCreds: intptr = &options->gss_cleanup_creds; goto parse_flag; -@@ -1593,6 +1620,22 @@ process_server_config_line_depth(ServerO +@@ -1657,6 +1684,22 @@ process_server_config_line_depth(ServerOptions *options, char *line, intptr = &options->gss_strict_acceptor; goto parse_flag; @@ -3380,7 +3469,7 @@ diff --color -ruNp a/servconf.c b/servconf.c case sPasswordAuthentication: intptr = &options->password_authentication; goto parse_flag; -@@ -3178,6 +3221,10 @@ dump_config(ServerOptions *o) +@@ -3254,6 +3297,10 @@ dump_config(ServerOptions *o) #ifdef GSSAPI dump_cfg_fmtint(sGssAuthentication, o->gss_authentication); dump_cfg_fmtint(sGssCleanupCreds, o->gss_cleanup_creds); @@ -3391,10 +3480,11 @@ diff --color -ruNp a/servconf.c b/servconf.c #endif dump_cfg_fmtint(sPasswordAuthentication, o->password_authentication); dump_cfg_fmtint(sKbdInteractiveAuthentication, -diff --color -ruNp a/servconf.h b/servconf.h ---- a/servconf.h 2024-07-01 06:36:28.000000000 +0200 -+++ b/servconf.h 2024-09-16 11:46:34.700940011 +0200 -@@ -149,8 +149,11 @@ typedef struct { +diff --git a/servconf.h b/servconf.h +index 9beb90fa..c3f50140 100644 +--- a/servconf.h ++++ b/servconf.h +@@ -150,8 +150,11 @@ typedef struct { int kerberos_get_afs_token; /* If true, try to get AFS token if * authenticated with Kerberos. */ int gss_authentication; /* If true, permit GSSAPI authentication */ @@ -3406,10 +3496,11 @@ diff --color -ruNp a/servconf.h b/servconf.h int password_authentication; /* If true, permit password * authentication. */ int kbd_interactive_authentication; /* If true, permit */ -diff --color -ruNp a/session.c b/session.c ---- a/session.c 2024-09-16 11:45:56.866133411 +0200 -+++ b/session.c 2024-09-16 11:46:34.701940032 +0200 -@@ -2674,13 +2674,19 @@ do_cleanup(struct ssh *ssh, Authctxt *au +diff --git a/session.c b/session.c +index e4657cef..cbfbcee8 100644 +--- a/session.c ++++ b/session.c +@@ -2670,13 +2670,19 @@ do_cleanup(struct ssh *ssh, Authctxt *authctxt) #ifdef KRB5 if (options.kerberos_ticket_cleanup && @@ -3431,542 +3522,10 @@ diff --color -ruNp a/session.c b/session.c #endif /* remove agent socket */ -diff --color -ruNp a/ssh.1 b/ssh.1 ---- a/ssh.1 2024-09-16 11:45:56.875133603 +0200 -+++ b/ssh.1 2024-09-16 11:46:34.701940032 +0200 -@@ -536,7 +536,13 @@ For full details of the options listed b - .It GatewayPorts - .It GlobalKnownHostsFile - .It GSSAPIAuthentication -+.It GSSAPIKeyExchange -+.It GSSAPIClientIdentity - .It GSSAPIDelegateCredentials -+.It GSSAPIKexAlgorithms -+.It GSSAPIRenewalForcesRekey -+.It GSSAPIServerIdentity -+.It GSSAPITrustDns - .It HashKnownHosts - .It Host - .It HostbasedAcceptedAlgorithms -@@ -624,6 +630,8 @@ flag), - (supported message integrity codes), - .Ar kex - (key exchange algorithms), -+.Ar kex-gss -+(GSSAPI key exchange algorithms), - .Ar key - (key types), - .Ar key-ca-sign -diff --color -ruNp a/ssh.c b/ssh.c ---- a/ssh.c 2024-07-01 06:36:28.000000000 +0200 -+++ b/ssh.c 2024-09-16 11:46:34.702940054 +0200 -@@ -827,6 +827,8 @@ main(int ac, char **av) - else if (strcmp(optarg, "kex") == 0 || - strcasecmp(optarg, "KexAlgorithms") == 0) - cp = kex_alg_list('\n'); -+ else if (strcmp(optarg, "kex-gss") == 0) -+ cp = kex_gss_alg_list('\n'); - else if (strcmp(optarg, "key") == 0) - cp = sshkey_alg_list(0, 0, 0, '\n'); - else if (strcmp(optarg, "key-cert") == 0) -@@ -857,8 +859,8 @@ main(int ac, char **av) - } else if (strcmp(optarg, "help") == 0) { - cp = xstrdup( - "cipher\ncipher-auth\ncompression\nkex\n" -- "key\nkey-cert\nkey-plain\nkey-sig\nmac\n" -- "protocol-version\nsig"); -+ "kex-gss\nkey\nkey-cert\nkey-plain\n" -+ "key-sig\nmac\nprotocol-version\nsig"); - } - if (cp == NULL) - fatal("Unsupported query \"%s\"", optarg); -diff --color -ruNp a/ssh_config b/ssh_config ---- a/ssh_config 2024-09-16 11:45:56.884133795 +0200 -+++ b/ssh_config 2024-09-16 11:46:34.702940054 +0200 -@@ -24,6 +24,8 @@ - # HostbasedAuthentication no - # GSSAPIAuthentication no - # GSSAPIDelegateCredentials no -+# GSSAPIKeyExchange no -+# GSSAPITrustDNS no - # BatchMode no - # CheckHostIP no - # AddressFamily any -diff --color -ruNp a/ssh_config.5 b/ssh_config.5 ---- a/ssh_config.5 2024-07-01 06:36:28.000000000 +0200 -+++ b/ssh_config.5 2024-09-16 11:46:34.703940075 +0200 -@@ -938,10 +938,68 @@ The default is - Specifies whether user authentication based on GSSAPI is allowed. - The default is - .Cm no . -+.It Cm GSSAPIClientIdentity -+If set, specifies the GSSAPI client identity that ssh should use when -+connecting to the server. The default is unset, which means that the default -+identity will be used. - .It Cm GSSAPIDelegateCredentials - Forward (delegate) credentials to the server. - The default is - .Cm no . -+.It Cm GSSAPIKeyExchange -+Specifies whether key exchange based on GSSAPI may be used. When using -+GSSAPI key exchange the server need not have a host key. -+The default is -+.Dq no . -+.It Cm GSSAPIRenewalForcesRekey -+If set to -+.Dq yes -+then renewal of the client's GSSAPI credentials will force the rekeying of the -+ssh connection. With a compatible server, this will delegate the renewed -+credentials to a session on the server. -+.Pp -+Checks are made to ensure that credentials are only propagated when the new -+credentials match the old ones on the originating client and where the -+receiving server still has the old set in its cache. -+.Pp -+The default is -+.Dq no . -+.Pp -+For this to work -+.Cm GSSAPIKeyExchange -+needs to be enabled in the server and also used by the client. -+.It Cm GSSAPIServerIdentity -+If set, specifies the GSSAPI server identity that ssh should expect when -+connecting to the server. The default is unset, which means that the -+expected GSSAPI server identity will be determined from the target -+hostname. -+.It Cm GSSAPITrustDns -+Set to -+.Dq yes -+to indicate that the DNS is trusted to securely canonicalize -+the name of the host being connected to. If -+.Dq no , -+the hostname entered on the -+command line will be passed untouched to the GSSAPI library. -+The default is -+.Dq no . -+.It Cm GSSAPIKexAlgorithms -+The list of key exchange algorithms that are offered for GSSAPI -+key exchange. Possible values are -+.Bd -literal -offset 3n -+gss-gex-sha1-, -+gss-group1-sha1-, -+gss-group14-sha1-, -+gss-group14-sha256-, -+gss-group16-sha512-, -+gss-nistp256-sha256-, -+gss-curve25519-sha256- -+.Ed -+.Pp -+The default is -+.Dq gss-group14-sha256-,gss-group16-sha512-,gss-nistp256-sha256-, -+gss-curve25519-sha256-,gss-group14-sha1-,gss-gex-sha1- . -+This option only applies to connections using GSSAPI. - .It Cm HashKnownHosts - Indicates that - .Xr ssh 1 -diff --color -ruNp a/sshconnect2.c b/sshconnect2.c ---- a/sshconnect2.c 2024-07-01 06:36:28.000000000 +0200 -+++ b/sshconnect2.c 2024-09-16 11:46:34.703940075 +0200 -@@ -222,6 +222,11 @@ ssh_kex2(struct ssh *ssh, char *host, st - char *all_key, *hkalgs = NULL; - int r, use_known_hosts_order = 0; - -+#if defined(GSSAPI) && defined(WITH_OPENSSL) -+ char *orig = NULL, *gss = NULL; -+ char *gss_host = NULL; -+#endif -+ - xxx_host = host; - xxx_hostaddr = hostaddr; - xxx_conn_info = cinfo; -@@ -255,6 +260,42 @@ ssh_kex2(struct ssh *ssh, char *host, st - compression_alg_list(options.compression), - hkalgs ? hkalgs : options.hostkeyalgorithms); - -+#if defined(GSSAPI) && defined(WITH_OPENSSL) -+ if (options.gss_keyex) { -+ /* Add the GSSAPI mechanisms currently supported on this -+ * client to the key exchange algorithm proposal */ -+ orig = myproposal[PROPOSAL_KEX_ALGS]; -+ -+ if (options.gss_server_identity) { -+ gss_host = xstrdup(options.gss_server_identity); -+ } else if (options.gss_trust_dns) { -+ gss_host = remote_hostname(ssh); -+ /* Fall back to specified host if we are using proxy command -+ * and can not use DNS on that socket */ -+ if (strcmp(gss_host, "UNKNOWN") == 0) { -+ free(gss_host); -+ gss_host = xstrdup(host); -+ } -+ } else { -+ gss_host = xstrdup(host); -+ } -+ -+ gss = ssh_gssapi_client_mechanisms(gss_host, -+ options.gss_client_identity, options.gss_kex_algorithms); -+ if (gss) { -+ debug("Offering GSSAPI proposal: %s", gss); -+ xasprintf(&myproposal[PROPOSAL_KEX_ALGS], -+ "%s,%s", gss, orig); -+ -+ /* If we've got GSSAPI algorithms, then we also support the -+ * 'null' hostkey, as a last resort */ -+ orig = myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS]; -+ xasprintf(&myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS], -+ "%s,null", orig); -+ } -+ } -+#endif -+ - free(hkalgs); - - /* start key exchange */ -@@ -271,15 +312,45 @@ ssh_kex2(struct ssh *ssh, char *host, st - # ifdef OPENSSL_HAS_ECC - ssh->kex->kex[KEX_ECDH_SHA2] = kex_gen_client; - # endif --#endif -+# ifdef GSSAPI -+ if (options.gss_keyex) { -+ ssh->kex->kex[KEX_GSS_GRP1_SHA1] = kexgss_client; -+ ssh->kex->kex[KEX_GSS_GRP14_SHA1] = kexgss_client; -+ ssh->kex->kex[KEX_GSS_GRP14_SHA256] = kexgss_client; -+ ssh->kex->kex[KEX_GSS_GRP16_SHA512] = kexgss_client; -+ ssh->kex->kex[KEX_GSS_GEX_SHA1] = kexgssgex_client; -+ ssh->kex->kex[KEX_GSS_NISTP256_SHA256] = kexgss_client; -+ ssh->kex->kex[KEX_GSS_C25519_SHA256] = kexgss_client; -+ } -+# endif -+#endif /* WITH_OPENSSL */ - ssh->kex->kex[KEX_C25519_SHA256] = kex_gen_client; - ssh->kex->kex[KEX_KEM_SNTRUP761X25519_SHA512] = kex_gen_client; - ssh->kex->kex[KEX_KEM_MLKEM768X25519_SHA256] = kex_gen_client; - ssh->kex->verify_host_key=&verify_host_key_callback; - -+#if defined(GSSAPI) && defined(WITH_OPENSSL) -+ if (options.gss_keyex) { -+ ssh->kex->gss_deleg_creds = options.gss_deleg_creds; -+ ssh->kex->gss_trust_dns = options.gss_trust_dns; -+ ssh->kex->gss_client = options.gss_client_identity; -+ ssh->kex->gss_host = gss_host; -+ } -+#endif -+ - ssh_dispatch_run_fatal(ssh, DISPATCH_BLOCK, &ssh->kex->done); - kex_proposal_free_entries(myproposal); - -+#if defined(GSSAPI) && defined(WITH_OPENSSL) -+ /* repair myproposal after it was crumpled by the */ -+ /* ext-info removal above */ -+ if (gss) { -+ orig = myproposal[PROPOSAL_KEX_ALGS]; -+ xasprintf(&myproposal[PROPOSAL_KEX_ALGS], -+ "%s,%s", gss, orig); -+ free(gss); -+ } -+#endif - #ifdef DEBUG_KEXDH - /* send 1st encrypted/maced/compressed message */ - if ((r = sshpkt_start(ssh, SSH2_MSG_IGNORE)) != 0 || -@@ -368,6 +439,7 @@ static int input_gssapi_response(int typ - static int input_gssapi_token(int type, u_int32_t, struct ssh *); - static int input_gssapi_error(int, u_int32_t, struct ssh *); - static int input_gssapi_errtok(int, u_int32_t, struct ssh *); -+static int userauth_gsskeyex(struct ssh *); - #endif - - void userauth(struct ssh *, char *); -@@ -384,6 +456,11 @@ static char *authmethods_get(void); - - Authmethod authmethods[] = { - #ifdef GSSAPI -+ {"gssapi-keyex", -+ userauth_gsskeyex, -+ NULL, -+ &options.gss_keyex, -+ NULL}, - {"gssapi-with-mic", - userauth_gssapi, - userauth_gssapi_cleanup, -@@ -755,12 +832,32 @@ userauth_gssapi(struct ssh *ssh) - OM_uint32 min; - int r, ok = 0; - gss_OID mech = NULL; -+ char *gss_host = NULL; -+ -+ if (options.gss_server_identity) { -+ gss_host = xstrdup(options.gss_server_identity); -+ } else if (options.gss_trust_dns) { -+ gss_host = remote_hostname(ssh); -+ /* Fall back to specified host if we are using proxy command -+ * and can not use DNS on that socket */ -+ if (strcmp(gss_host, "UNKNOWN") == 0) { -+ free(gss_host); -+ gss_host = xstrdup(authctxt->host); -+ } -+ } else { -+ gss_host = xstrdup(authctxt->host); -+ } - - /* Try one GSSAPI method at a time, rather than sending them all at - * once. */ - - if (authctxt->gss_supported_mechs == NULL) -- gss_indicate_mechs(&min, &authctxt->gss_supported_mechs); -+ if (GSS_ERROR(gss_indicate_mechs(&min, -+ &authctxt->gss_supported_mechs))) { -+ authctxt->gss_supported_mechs = NULL; -+ free(gss_host); -+ return 0; -+ } - - /* Check to see whether the mechanism is usable before we offer it */ - while (authctxt->mech_tried < authctxt->gss_supported_mechs->count && -@@ -769,13 +866,15 @@ userauth_gssapi(struct ssh *ssh) - elements[authctxt->mech_tried]; - /* My DER encoding requires length<128 */ - if (mech->length < 128 && ssh_gssapi_check_mechanism(&gssctxt, -- mech, authctxt->host)) { -+ mech, gss_host, options.gss_client_identity)) { - ok = 1; /* Mechanism works */ - } else { - authctxt->mech_tried++; - } - } - -+ free(gss_host); -+ - if (!ok || mech == NULL) - return 0; - -@@ -1009,6 +1108,55 @@ input_gssapi_error(int type, u_int32_t p - free(lang); - return r; - } -+ -+int -+userauth_gsskeyex(struct ssh *ssh) -+{ -+ struct sshbuf *b = NULL; -+ Authctxt *authctxt = ssh->authctxt; -+ gss_buffer_desc gssbuf; -+ gss_buffer_desc mic = GSS_C_EMPTY_BUFFER; -+ OM_uint32 ms; -+ int r; -+ -+ static int attempt = 0; -+ if (attempt++ >= 1) -+ return (0); -+ -+ if (gss_kex_context == NULL) { -+ debug("No valid Key exchange context"); -+ return (0); -+ } -+ -+ if ((b = sshbuf_new()) == NULL) -+ fatal_f("sshbuf_new failed"); -+ -+ ssh_gssapi_buildmic(b, authctxt->server_user, authctxt->service, -+ "gssapi-keyex", ssh->kex->session_id); -+ -+ if ((gssbuf.value = sshbuf_mutable_ptr(b)) == NULL) -+ fatal_f("sshbuf_mutable_ptr failed"); -+ gssbuf.length = sshbuf_len(b); -+ -+ if (GSS_ERROR(ssh_gssapi_sign(gss_kex_context, &gssbuf, &mic))) { -+ sshbuf_free(b); -+ return (0); -+ } -+ -+ if ((r = sshpkt_start(ssh, SSH2_MSG_USERAUTH_REQUEST)) != 0 || -+ (r = sshpkt_put_cstring(ssh, authctxt->server_user)) != 0 || -+ (r = sshpkt_put_cstring(ssh, authctxt->service)) != 0 || -+ (r = sshpkt_put_cstring(ssh, authctxt->method->name)) != 0 || -+ (r = sshpkt_put_string(ssh, mic.value, mic.length)) != 0 || -+ (r = sshpkt_send(ssh)) != 0) -+ fatal_fr(r, "parsing"); -+ -+ sshbuf_free(b); -+ gss_release_buffer(&ms, &mic); -+ -+ return (1); -+} -+ - #endif /* GSSAPI */ - - static int -diff --color -ruNp a/sshd.c b/sshd.c ---- a/sshd.c 2024-07-01 06:36:28.000000000 +0200 -+++ b/sshd.c 2024-09-16 11:46:34.704940096 +0200 -@@ -1551,7 +1551,8 @@ main(int ac, char **av) - free(fp); - } - accumulate_host_timing_secret(cfg, NULL); -- if (!sensitive_data.have_ssh2_key) { -+ /* The GSSAPI key exchange can run without a host key */ -+ if (!sensitive_data.have_ssh2_key && !options.gss_keyex) { - logit("sshd: no hostkeys available -- exiting."); - exit(1); - } -diff --color -ruNp a/sshd_config b/sshd_config ---- a/sshd_config 2024-09-16 11:45:56.888133880 +0200 -+++ b/sshd_config 2024-09-16 11:46:34.704940096 +0200 -@@ -77,6 +77,8 @@ AuthorizedKeysFile .ssh/authorized_keys - # GSSAPI options - #GSSAPIAuthentication no - #GSSAPICleanupCredentials yes -+#GSSAPIStrictAcceptorCheck yes -+#GSSAPIKeyExchange no - - # Set this to 'yes' to enable PAM authentication, account processing, - # and session processing. If this is enabled, PAM authentication will -diff --color -ruNp a/sshd_config.5 b/sshd_config.5 ---- a/sshd_config.5 2024-09-16 11:45:56.885133816 +0200 -+++ b/sshd_config.5 2024-09-16 11:46:34.704940096 +0200 -@@ -739,6 +739,11 @@ Specifies whether to automatically destr - on logout. - The default is - .Cm yes . -+.It Cm GSSAPIKeyExchange -+Specifies whether key exchange based on GSSAPI is allowed. GSSAPI key exchange -+doesn't rely on ssh keys to verify host identity. -+The default is -+.Cm no . - .It Cm GSSAPIStrictAcceptorCheck - Determines whether to be strict about the identity of the GSSAPI acceptor - a client authenticates against. -@@ -753,6 +758,32 @@ machine's default store. - This facility is provided to assist with operation on multi homed machines. - The default is - .Cm yes . -+.It Cm GSSAPIStoreCredentialsOnRekey -+Controls whether the user's GSSAPI credentials should be updated following a -+successful connection rekeying. This option can be used to accepted renewed -+or updated credentials from a compatible client. The default is -+.Dq no . -+.Pp -+For this to work -+.Cm GSSAPIKeyExchange -+needs to be enabled in the server and also used by the client. -+.It Cm GSSAPIKexAlgorithms -+The list of key exchange algorithms that are accepted by GSSAPI -+key exchange. Possible values are -+.Bd -literal -offset 3n -+gss-gex-sha1-, -+gss-group1-sha1-, -+gss-group14-sha1-, -+gss-group14-sha256-, -+gss-group16-sha512-, -+gss-nistp256-sha256-, -+gss-curve25519-sha256- -+.Ed -+.Pp -+The default is -+.Dq gss-group14-sha256-,gss-group16-sha512-,gss-nistp256-sha256-, -+gss-curve25519-sha256-,gss-group14-sha1-,gss-gex-sha1- . -+This option only applies to connections using GSSAPI. - .It Cm HostbasedAcceptedAlgorithms - Specifies the signature algorithms that will be accepted for hostbased - authentication as a list of comma-separated patterns. -diff --color -ruNp a/sshd-session.c b/sshd-session.c ---- a/sshd-session.c 2024-09-16 11:45:56.888133880 +0200 -+++ b/sshd-session.c 2024-09-16 11:46:34.705940118 +0200 -@@ -660,8 +660,8 @@ notify_hostkeys(struct ssh *ssh) - } - debug3_f("sent %u hostkeys", nkeys); - if (nkeys == 0) -- fatal_f("no hostkeys"); -- if ((r = sshpkt_send(ssh)) != 0) -+ debug3_f("no hostkeys"); -+ else if ((r = sshpkt_send(ssh)) != 0) - sshpkt_fatal(ssh, r, "%s: send", __func__); - sshbuf_free(buf); - } -@@ -1180,8 +1180,9 @@ main(int ac, char **av) - break; - } - } -- if (!have_key) -- fatal("internal error: monitor received no hostkeys"); -+ /* The GSSAPI key exchange can run without a host key */ -+ if (!have_key && !options.gss_keyex) -+ fatal("internal error: monitor received no hostkeys and GSS KEX is not configured"); - - /* Ensure that umask disallows at least group and world write */ - new_umask = umask(0077) | 0022; -@@ -1462,6 +1463,48 @@ do_ssh2_kex(struct ssh *ssh) - - free(hkalgs); - -+#if defined(GSSAPI) && defined(WITH_OPENSSL) -+ { -+ char *orig; -+ char *gss = NULL; -+ char *newstr = NULL; -+ orig = myproposal[PROPOSAL_KEX_ALGS]; -+ -+ /* -+ * If we don't have a host key, then there's no point advertising -+ * the other key exchange algorithms -+ */ -+ -+ if (strlen(myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS]) == 0) -+ orig = NULL; -+ -+ if (options.gss_keyex) -+ gss = ssh_gssapi_server_mechanisms(); -+ else -+ gss = NULL; -+ -+ if (gss && orig) -+ xasprintf(&newstr, "%s,%s", gss, orig); -+ else if (gss) -+ xasprintf(&newstr, "%s,%s", gss, "kex-strict-s-v00@openssh.com"); -+ else if (orig) -+ newstr = orig; -+ -+ /* -+ * If we've got GSSAPI mechanisms, then we've got the 'null' host -+ * key alg, but we can't tell people about it unless its the only -+ * host key algorithm we support -+ */ -+ if (gss && (strlen(myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS])) == 0) -+ myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = xstrdup("null"); -+ -+ if (newstr) -+ myproposal[PROPOSAL_KEX_ALGS] = newstr; -+ else -+ fatal("No supported key exchange algorithms"); -+ } -+#endif -+ - /* start key exchange */ - if ((r = kex_setup(ssh, myproposal)) != 0) - fatal_r(r, "kex_setup"); -@@ -1479,7 +1522,18 @@ do_ssh2_kex(struct ssh *ssh) - #ifdef OPENSSL_HAS_ECC - kex->kex[KEX_ECDH_SHA2] = kex_gen_server; - #endif --#endif -+# ifdef GSSAPI -+ if (options.gss_keyex) { -+ kex->kex[KEX_GSS_GRP1_SHA1] = kexgss_server; -+ kex->kex[KEX_GSS_GRP14_SHA1] = kexgss_server; -+ kex->kex[KEX_GSS_GRP14_SHA256] = kexgss_server; -+ kex->kex[KEX_GSS_GRP16_SHA512] = kexgss_server; -+ kex->kex[KEX_GSS_GEX_SHA1] = kexgssgex_server; -+ kex->kex[KEX_GSS_NISTP256_SHA256] = kexgss_server; -+ kex->kex[KEX_GSS_C25519_SHA256] = kexgss_server; -+ } -+# endif -+#endif /* WITH_OPENSSL */ - kex->kex[KEX_C25519_SHA256] = kex_gen_server; - kex->kex[KEX_KEM_SNTRUP761X25519_SHA512] = kex_gen_server; - kex->kex[KEX_KEM_MLKEM768X25519_SHA256] = kex_gen_server; -diff --color -ruNp a/ssh-gss.h b/ssh-gss.h ---- a/ssh-gss.h 2024-07-01 06:36:28.000000000 +0200 -+++ b/ssh-gss.h 2024-09-16 11:46:34.710940224 +0200 +diff --git a/ssh-gss.h b/ssh-gss.h +index 7b14e74a..8ec45192 100644 +--- a/ssh-gss.h ++++ b/ssh-gss.h @@ -61,10 +61,36 @@ #define SSH_GSS_OIDTYPE 0x06 @@ -4047,7 +3606,7 @@ diff --color -ruNp a/ssh-gss.h b/ssh-gss.h int ssh_gssapi_check_oid(Gssctxt *, void *, size_t); void ssh_gssapi_set_oid_data(Gssctxt *, void *, size_t); -@@ -108,6 +149,7 @@ OM_uint32 ssh_gssapi_test_oid_supported( +@@ -108,6 +149,7 @@ OM_uint32 ssh_gssapi_test_oid_supported(OM_uint32 *, gss_OID, int *); struct sshbuf; int ssh_gssapi_get_buffer_desc(struct sshbuf *, gss_buffer_desc *); @@ -4091,10 +3650,557 @@ diff --color -ruNp a/ssh-gss.h b/ssh-gss.h #endif /* GSSAPI */ #endif /* _SSH_GSS_H */ -diff --color -ruNp a/sshkey.c b/sshkey.c ---- a/sshkey.c 2024-07-01 06:36:28.000000000 +0200 -+++ b/sshkey.c 2024-09-16 11:46:34.706940139 +0200 -@@ -131,6 +131,75 @@ extern const struct sshkey_impl sshkey_x +diff --git a/ssh.1 b/ssh.1 +index db92ac9a..6a9fbdc5 100644 +--- a/ssh.1 ++++ b/ssh.1 +@@ -539,9 +539,15 @@ For full details of the options listed below, and their possible values, see + .It ForwardX11Timeout + .It ForwardX11Trusted + .It GSSAPIAuthentication ++.It GSSAPIKeyExchange ++.It GSSAPIClientIdentity + .It GSSAPIDelegateCredentials + .It GatewayPorts + .It GlobalKnownHostsFile ++.It GSSAPIKexAlgorithms ++.It GSSAPIRenewalForcesRekey ++.It GSSAPIServerIdentity ++.It GSSAPITrustDns + .It HashKnownHosts + .It Host + .It HostKeyAlgorithms +@@ -636,6 +642,8 @@ flag), + (supported message integrity codes), + .Ar kex + (key exchange algorithms), ++.Ar kex-gss ++(GSSAPI key exchange algorithms), + .Ar key + (key types), + .Ar key-ca-sign +diff --git a/ssh.c b/ssh.c +index dc4886d0..c23d3b9e 100644 +--- a/ssh.c ++++ b/ssh.c +@@ -835,6 +835,8 @@ main(int ac, char **av) + else if (strcmp(optarg, "kex") == 0 || + strcasecmp(optarg, "KexAlgorithms") == 0) + cp = kex_alg_list('\n'); ++ else if (strcmp(optarg, "kex-gss") == 0) ++ cp = kex_gss_alg_list('\n'); + else if (strcmp(optarg, "key") == 0) + cp = sshkey_alg_list(0, 0, 0, '\n'); + else if (strcmp(optarg, "key-cert") == 0) +@@ -865,8 +867,8 @@ main(int ac, char **av) + } else if (strcmp(optarg, "help") == 0) { + cp = xstrdup( + "cipher\ncipher-auth\ncompression\nkex\n" +- "key\nkey-cert\nkey-plain\nkey-sig\nmac\n" +- "protocol-version\nsig"); ++ "kex-gss\nkey\nkey-cert\nkey-plain\n" ++ "key-sig\nmac\nprotocol-version\nsig"); + } + if (cp == NULL) + fatal("Unsupported query \"%s\"", optarg); +diff --git a/ssh_config b/ssh_config +index 18169187..209248d6 100644 +--- a/ssh_config ++++ b/ssh_config +@@ -24,6 +24,8 @@ + # HostbasedAuthentication no + # GSSAPIAuthentication no + # GSSAPIDelegateCredentials no ++# GSSAPIKeyExchange no ++# GSSAPITrustDNS no + # BatchMode no + # CheckHostIP no + # AddressFamily any +diff --git a/ssh_config.5 b/ssh_config.5 +index 894d7383..3a8e246c 100644 +--- a/ssh_config.5 ++++ b/ssh_config.5 +@@ -976,10 +976,68 @@ The default is + Specifies whether user authentication based on GSSAPI is allowed. + The default is + .Cm no . ++.It Cm GSSAPIClientIdentity ++If set, specifies the GSSAPI client identity that ssh should use when ++connecting to the server. The default is unset, which means that the default ++identity will be used. + .It Cm GSSAPIDelegateCredentials + Forward (delegate) credentials to the server. + The default is + .Cm no . ++.It Cm GSSAPIKeyExchange ++Specifies whether key exchange based on GSSAPI may be used. When using ++GSSAPI key exchange the server need not have a host key. ++The default is ++.Dq no . ++.It Cm GSSAPIRenewalForcesRekey ++If set to ++.Dq yes ++then renewal of the client's GSSAPI credentials will force the rekeying of the ++ssh connection. With a compatible server, this will delegate the renewed ++credentials to a session on the server. ++.Pp ++Checks are made to ensure that credentials are only propagated when the new ++credentials match the old ones on the originating client and where the ++receiving server still has the old set in its cache. ++.Pp ++The default is ++.Dq no . ++.Pp ++For this to work ++.Cm GSSAPIKeyExchange ++needs to be enabled in the server and also used by the client. ++.It Cm GSSAPIServerIdentity ++If set, specifies the GSSAPI server identity that ssh should expect when ++connecting to the server. The default is unset, which means that the ++expected GSSAPI server identity will be determined from the target ++hostname. ++.It Cm GSSAPITrustDns ++Set to ++.Dq yes ++to indicate that the DNS is trusted to securely canonicalize ++the name of the host being connected to. If ++.Dq no , ++the hostname entered on the ++command line will be passed untouched to the GSSAPI library. ++The default is ++.Dq no . ++.It Cm GSSAPIKexAlgorithms ++The list of key exchange algorithms that are offered for GSSAPI ++key exchange. Possible values are ++.Bd -literal -offset 3n ++gss-gex-sha1-, ++gss-group1-sha1-, ++gss-group14-sha1-, ++gss-group14-sha256-, ++gss-group16-sha512-, ++gss-nistp256-sha256-, ++gss-curve25519-sha256- ++.Ed ++.Pp ++The default is ++.Dq gss-group14-sha256-,gss-group16-sha512-,gss-nistp256-sha256-, ++gss-curve25519-sha256-,gss-group14-sha1-,gss-gex-sha1- . ++This option only applies to connections using GSSAPI. + .It Cm HashKnownHosts + Indicates that + .Xr ssh 1 +diff --git a/sshconnect2.c b/sshconnect2.c +index 1ee6000a..0af15bcc 100644 +--- a/sshconnect2.c ++++ b/sshconnect2.c +@@ -222,6 +222,11 @@ ssh_kex2(struct ssh *ssh, char *host, struct sockaddr *hostaddr, u_short port, + char *all_key, *hkalgs = NULL; + int r, use_known_hosts_order = 0; + ++#if defined(GSSAPI) && defined(WITH_OPENSSL) ++ char *orig = NULL, *gss = NULL; ++ char *gss_host = NULL; ++#endif ++ + xxx_host = host; + xxx_hostaddr = hostaddr; + xxx_conn_info = cinfo; +@@ -255,6 +260,42 @@ ssh_kex2(struct ssh *ssh, char *host, struct sockaddr *hostaddr, u_short port, + compression_alg_list(options.compression), + hkalgs ? hkalgs : options.hostkeyalgorithms); + ++#if defined(GSSAPI) && defined(WITH_OPENSSL) ++ if (options.gss_keyex) { ++ /* Add the GSSAPI mechanisms currently supported on this ++ * client to the key exchange algorithm proposal */ ++ orig = myproposal[PROPOSAL_KEX_ALGS]; ++ ++ if (options.gss_server_identity) { ++ gss_host = xstrdup(options.gss_server_identity); ++ } else if (options.gss_trust_dns) { ++ gss_host = remote_hostname(ssh); ++ /* Fall back to specified host if we are using proxy command ++ * and can not use DNS on that socket */ ++ if (strcmp(gss_host, "UNKNOWN") == 0) { ++ free(gss_host); ++ gss_host = xstrdup(host); ++ } ++ } else { ++ gss_host = xstrdup(host); ++ } ++ ++ gss = ssh_gssapi_client_mechanisms(gss_host, ++ options.gss_client_identity, options.gss_kex_algorithms); ++ if (gss) { ++ debug("Offering GSSAPI proposal: %s", gss); ++ xasprintf(&myproposal[PROPOSAL_KEX_ALGS], ++ "%s,%s", gss, orig); ++ ++ /* If we've got GSSAPI algorithms, then we also support the ++ * 'null' hostkey, as a last resort */ ++ orig = myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS]; ++ xasprintf(&myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS], ++ "%s,null", orig); ++ } ++ } ++#endif ++ + free(hkalgs); + + /* start key exchange */ +@@ -271,15 +312,45 @@ ssh_kex2(struct ssh *ssh, char *host, struct sockaddr *hostaddr, u_short port, + # ifdef OPENSSL_HAS_ECC + ssh->kex->kex[KEX_ECDH_SHA2] = kex_gen_client; + # endif +-#endif ++# ifdef GSSAPI ++ if (options.gss_keyex) { ++ ssh->kex->kex[KEX_GSS_GRP1_SHA1] = kexgss_client; ++ ssh->kex->kex[KEX_GSS_GRP14_SHA1] = kexgss_client; ++ ssh->kex->kex[KEX_GSS_GRP14_SHA256] = kexgss_client; ++ ssh->kex->kex[KEX_GSS_GRP16_SHA512] = kexgss_client; ++ ssh->kex->kex[KEX_GSS_GEX_SHA1] = kexgssgex_client; ++ ssh->kex->kex[KEX_GSS_NISTP256_SHA256] = kexgss_client; ++ ssh->kex->kex[KEX_GSS_C25519_SHA256] = kexgss_client; ++ } ++# endif ++#endif /* WITH_OPENSSL */ + ssh->kex->kex[KEX_C25519_SHA256] = kex_gen_client; + ssh->kex->kex[KEX_KEM_SNTRUP761X25519_SHA512] = kex_gen_client; + ssh->kex->kex[KEX_KEM_MLKEM768X25519_SHA256] = kex_gen_client; + ssh->kex->verify_host_key=&verify_host_key_callback; + ++#if defined(GSSAPI) && defined(WITH_OPENSSL) ++ if (options.gss_keyex) { ++ ssh->kex->gss_deleg_creds = options.gss_deleg_creds; ++ ssh->kex->gss_trust_dns = options.gss_trust_dns; ++ ssh->kex->gss_client = options.gss_client_identity; ++ ssh->kex->gss_host = gss_host; ++ } ++#endif ++ + ssh_dispatch_run_fatal(ssh, DISPATCH_BLOCK, &ssh->kex->done); + kex_proposal_free_entries(myproposal); + ++#if defined(GSSAPI) && defined(WITH_OPENSSL) ++ /* repair myproposal after it was crumpled by the */ ++ /* ext-info removal above */ ++ if (gss) { ++ orig = myproposal[PROPOSAL_KEX_ALGS]; ++ xasprintf(&myproposal[PROPOSAL_KEX_ALGS], ++ "%s,%s", gss, orig); ++ free(gss); ++ } ++#endif + #ifdef DEBUG_KEXDH + /* send 1st encrypted/maced/compressed message */ + if ((r = sshpkt_start(ssh, SSH2_MSG_IGNORE)) != 0 || +@@ -369,6 +440,7 @@ static int input_gssapi_response(int type, u_int32_t, struct ssh *); + static int input_gssapi_token(int type, u_int32_t, struct ssh *); + static int input_gssapi_error(int, u_int32_t, struct ssh *); + static int input_gssapi_errtok(int, u_int32_t, struct ssh *); ++static int userauth_gsskeyex(struct ssh *); + #endif + + void userauth(struct ssh *, char *); +@@ -385,6 +457,11 @@ static char *authmethods_get(void); + + Authmethod authmethods[] = { + #ifdef GSSAPI ++ {"gssapi-keyex", ++ userauth_gsskeyex, ++ NULL, ++ &options.gss_keyex, ++ NULL}, + {"gssapi-with-mic", + userauth_gssapi, + userauth_gssapi_cleanup, +@@ -759,12 +836,32 @@ userauth_gssapi(struct ssh *ssh) + OM_uint32 min; + int r, ok = 0; + gss_OID mech = NULL; ++ char *gss_host = NULL; ++ ++ if (options.gss_server_identity) { ++ gss_host = xstrdup(options.gss_server_identity); ++ } else if (options.gss_trust_dns) { ++ gss_host = remote_hostname(ssh); ++ /* Fall back to specified host if we are using proxy command ++ * and can not use DNS on that socket */ ++ if (strcmp(gss_host, "UNKNOWN") == 0) { ++ free(gss_host); ++ gss_host = xstrdup(authctxt->host); ++ } ++ } else { ++ gss_host = xstrdup(authctxt->host); ++ } + + /* Try one GSSAPI method at a time, rather than sending them all at + * once. */ + + if (authctxt->gss_supported_mechs == NULL) +- gss_indicate_mechs(&min, &authctxt->gss_supported_mechs); ++ if (GSS_ERROR(gss_indicate_mechs(&min, ++ &authctxt->gss_supported_mechs))) { ++ authctxt->gss_supported_mechs = NULL; ++ free(gss_host); ++ return 0; ++ } + + /* Check to see whether the mechanism is usable before we offer it */ + while (authctxt->mech_tried < authctxt->gss_supported_mechs->count && +@@ -773,13 +870,15 @@ userauth_gssapi(struct ssh *ssh) + elements[authctxt->mech_tried]; + /* My DER encoding requires length<128 */ + if (mech->length < 128 && ssh_gssapi_check_mechanism(&gssctxt, +- mech, authctxt->host)) { ++ mech, gss_host, options.gss_client_identity)) { + ok = 1; /* Mechanism works */ + } else { + authctxt->mech_tried++; + } + } + ++ free(gss_host); ++ + if (!ok || mech == NULL) + return 0; + +@@ -1013,6 +1112,55 @@ input_gssapi_error(int type, u_int32_t plen, struct ssh *ssh) + free(lang); + return r; + } ++ ++int ++userauth_gsskeyex(struct ssh *ssh) ++{ ++ struct sshbuf *b = NULL; ++ Authctxt *authctxt = ssh->authctxt; ++ gss_buffer_desc gssbuf; ++ gss_buffer_desc mic = GSS_C_EMPTY_BUFFER; ++ OM_uint32 ms; ++ int r; ++ ++ static int attempt = 0; ++ if (attempt++ >= 1) ++ return (0); ++ ++ if (gss_kex_context == NULL) { ++ debug("No valid Key exchange context"); ++ return (0); ++ } ++ ++ if ((b = sshbuf_new()) == NULL) ++ fatal_f("sshbuf_new failed"); ++ ++ ssh_gssapi_buildmic(b, authctxt->server_user, authctxt->service, ++ "gssapi-keyex", ssh->kex->session_id); ++ ++ if ((gssbuf.value = sshbuf_mutable_ptr(b)) == NULL) ++ fatal_f("sshbuf_mutable_ptr failed"); ++ gssbuf.length = sshbuf_len(b); ++ ++ if (GSS_ERROR(ssh_gssapi_sign(gss_kex_context, &gssbuf, &mic))) { ++ sshbuf_free(b); ++ return (0); ++ } ++ ++ if ((r = sshpkt_start(ssh, SSH2_MSG_USERAUTH_REQUEST)) != 0 || ++ (r = sshpkt_put_cstring(ssh, authctxt->server_user)) != 0 || ++ (r = sshpkt_put_cstring(ssh, authctxt->service)) != 0 || ++ (r = sshpkt_put_cstring(ssh, authctxt->method->name)) != 0 || ++ (r = sshpkt_put_string(ssh, mic.value, mic.length)) != 0 || ++ (r = sshpkt_send(ssh)) != 0) ++ fatal_fr(r, "parsing"); ++ ++ sshbuf_free(b); ++ gss_release_buffer(&ms, &mic); ++ ++ return (1); ++} ++ + #endif /* GSSAPI */ + + static int +diff --git a/sshd-auth.c b/sshd-auth.c +index f957dc22..d51e4636 100644 +--- a/sshd-auth.c ++++ b/sshd-auth.c +@@ -844,6 +844,48 @@ do_ssh2_kex(struct ssh *ssh) + + free(hkalgs); + ++#if defined(GSSAPI) && defined(WITH_OPENSSL) ++ { ++ char *orig; ++ char *gss = NULL; ++ char *newstr = NULL; ++ orig = myproposal[PROPOSAL_KEX_ALGS]; ++ ++ /* ++ * If we don't have a host key, then there's no point advertising ++ * the other key exchange algorithms ++ */ ++ ++ if (strlen(myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS]) == 0) ++ orig = NULL; ++ ++ if (options.gss_keyex) ++ gss = ssh_gssapi_server_mechanisms(); ++ else ++ gss = NULL; ++ ++ if (gss && orig) ++ xasprintf(&newstr, "%s,%s", gss, orig); ++ else if (gss) ++ xasprintf(&newstr, "%s,%s", gss, "kex-strict-s-v00@openssh.com"); ++ else if (orig) ++ newstr = orig; ++ ++ /* ++ * If we've got GSSAPI mechanisms, then we've got the 'null' host ++ * key alg, but we can't tell people about it unless its the only ++ * host key algorithm we support ++ */ ++ if (gss && (strlen(myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS])) == 0) ++ myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = xstrdup("null"); ++ ++ if (newstr) ++ myproposal[PROPOSAL_KEX_ALGS] = newstr; ++ else ++ fatal("No supported key exchange algorithms"); ++ } ++#endif ++ + /* start key exchange */ + if ((r = kex_setup(ssh, myproposal)) != 0) + fatal_r(r, "kex_setup"); +@@ -861,6 +903,17 @@ do_ssh2_kex(struct ssh *ssh) + # ifdef OPENSSL_HAS_ECC + kex->kex[KEX_ECDH_SHA2] = kex_gen_server; + # endif /* OPENSSL_HAS_ECC */ ++# ifdef GSSAPI ++ if (options.gss_keyex) { ++ kex->kex[KEX_GSS_GRP1_SHA1] = kexgss_server; ++ kex->kex[KEX_GSS_GRP14_SHA1] = kexgss_server; ++ kex->kex[KEX_GSS_GRP14_SHA256] = kexgss_server; ++ kex->kex[KEX_GSS_GRP16_SHA512] = kexgss_server; ++ kex->kex[KEX_GSS_GEX_SHA1] = kexgssgex_server; ++ kex->kex[KEX_GSS_NISTP256_SHA256] = kexgss_server; ++ kex->kex[KEX_GSS_C25519_SHA256] = kexgss_server; ++ } ++# endif + #endif /* WITH_OPENSSL */ + kex->kex[KEX_C25519_SHA256] = kex_gen_server; + kex->kex[KEX_KEM_SNTRUP761X25519_SHA512] = kex_gen_server; +diff --git a/sshd-session.c b/sshd-session.c +index a70b36c9..f8c8a797 100644 +--- a/sshd-session.c ++++ b/sshd-session.c +@@ -616,8 +616,8 @@ notify_hostkeys(struct ssh *ssh) + } + debug3_f("sent %u hostkeys", nkeys); + if (nkeys == 0) +- fatal_f("no hostkeys"); +- if ((r = sshpkt_send(ssh)) != 0) ++ debug3_f("no hostkeys"); ++ else if ((r = sshpkt_send(ssh)) != 0) + sshpkt_fatal(ssh, r, "%s: send", __func__); + sshbuf_free(buf); + } +@@ -1159,8 +1159,9 @@ main(int ac, char **av) + break; + } + } +- if (!have_key) +- fatal("internal error: monitor received no hostkeys"); ++ /* The GSSAPI key exchange can run without a host key */ ++ if (!have_key && !options.gss_keyex) ++ fatal("internal error: monitor received no hostkeys and GSS KEX is not configured"); + + /* Ensure that umask disallows at least group and world write */ + new_umask = umask(0077) | 0022; +diff --git a/sshd.c b/sshd.c +index 4a93e29e..c9ea8e38 100644 +--- a/sshd.c ++++ b/sshd.c +@@ -1676,7 +1676,8 @@ main(int ac, char **av) + free(fp); + } + accumulate_host_timing_secret(cfg, NULL); +- if (!sensitive_data.have_ssh2_key) { ++ /* The GSSAPI key exchange can run without a host key */ ++ if (!sensitive_data.have_ssh2_key && !options.gss_keyex) { + logit("sshd: no hostkeys available -- exiting."); + exit(1); + } +diff --git a/sshd_config b/sshd_config +index 48af6321..8db9f0fb 100644 +--- a/sshd_config ++++ b/sshd_config +@@ -79,6 +79,8 @@ AuthorizedKeysFile .ssh/authorized_keys + # GSSAPI options + #GSSAPIAuthentication no + #GSSAPICleanupCredentials yes ++#GSSAPIStrictAcceptorCheck yes ++#GSSAPIKeyExchange no + + # Set this to 'yes' to enable PAM authentication, account processing, + # and session processing. If this is enabled, PAM authentication will +diff --git a/sshd_config.5 b/sshd_config.5 +index 035a50c8..8bc6586e 100644 +--- a/sshd_config.5 ++++ b/sshd_config.5 +@@ -739,6 +739,11 @@ Specifies whether to automatically destroy the user's credentials cache + on logout. + The default is + .Cm yes . ++.It Cm GSSAPIKeyExchange ++Specifies whether key exchange based on GSSAPI is allowed. GSSAPI key exchange ++doesn't rely on ssh keys to verify host identity. ++The default is ++.Cm no . + .It Cm GSSAPIStrictAcceptorCheck + Determines whether to be strict about the identity of the GSSAPI acceptor + a client authenticates against. +@@ -753,6 +758,32 @@ machine's default store. + This facility is provided to assist with operation on multi homed machines. + The default is + .Cm yes . ++.It Cm GSSAPIStoreCredentialsOnRekey ++Controls whether the user's GSSAPI credentials should be updated following a ++successful connection rekeying. This option can be used to accepted renewed ++or updated credentials from a compatible client. The default is ++.Dq no . ++.Pp ++For this to work ++.Cm GSSAPIKeyExchange ++needs to be enabled in the server and also used by the client. ++.It Cm GSSAPIKexAlgorithms ++The list of key exchange algorithms that are accepted by GSSAPI ++key exchange. Possible values are ++.Bd -literal -offset 3n ++gss-gex-sha1-, ++gss-group1-sha1-, ++gss-group14-sha1-, ++gss-group14-sha256-, ++gss-group16-sha512-, ++gss-nistp256-sha256-, ++gss-curve25519-sha256- ++.Ed ++.Pp ++The default is ++.Dq gss-group14-sha256-,gss-group16-sha512-,gss-nistp256-sha256-, ++gss-curve25519-sha256-,gss-group14-sha1-,gss-gex-sha1- . ++This option only applies to connections using GSSAPI. + .It Cm HostbasedAcceptedAlgorithms + Specifies the signature algorithms that will be accepted for hostbased + authentication as a list of comma-separated patterns. +diff --git a/sshkey.c b/sshkey.c +index ab80752b..4e41a78c 100644 +--- a/sshkey.c ++++ b/sshkey.c +@@ -129,6 +129,75 @@ extern const struct sshkey_impl sshkey_xmss_impl; extern const struct sshkey_impl sshkey_xmss_cert_impl; #endif @@ -4170,7 +4276,7 @@ diff --color -ruNp a/sshkey.c b/sshkey.c const struct sshkey_impl * const keyimpls[] = { &sshkey_ed25519_impl, &sshkey_ed25519_cert_impl, -@@ -169,6 +238,7 @@ const struct sshkey_impl * const keyimpl +@@ -167,6 +236,7 @@ const struct sshkey_impl * const keyimpls[] = { &sshkey_xmss_impl, &sshkey_xmss_cert_impl, #endif @@ -4178,7 +4284,7 @@ diff --color -ruNp a/sshkey.c b/sshkey.c NULL }; -@@ -324,7 +394,7 @@ sshkey_alg_list(int certs_only, int plai +@@ -336,7 +406,7 @@ sshkey_alg_list(int certs_only, int plain_only, int include_sigonly, char sep) for (i = 0; keyimpls[i] != NULL; i++) { impl = keyimpls[i]; @@ -4187,10 +4293,11 @@ diff --color -ruNp a/sshkey.c b/sshkey.c continue; if (!include_sigonly && impl->sigonly) continue; -diff --color -ruNp a/sshkey.h b/sshkey.h ---- a/sshkey.h 2024-07-01 06:36:28.000000000 +0200 -+++ b/sshkey.h 2024-09-16 11:46:34.706940139 +0200 -@@ -71,6 +71,7 @@ enum sshkey_types { +diff --git a/sshkey.h b/sshkey.h +index 19bbbac7..4a318d05 100644 +--- a/sshkey.h ++++ b/sshkey.h +@@ -75,6 +75,7 @@ enum sshkey_types { KEY_ECDSA_SK_CERT, KEY_ED25519_SK, KEY_ED25519_SK_CERT, @@ -4198,3 +4305,6 @@ diff --color -ruNp a/sshkey.h b/sshkey.h KEY_UNSPEC }; +-- +2.49.0 + diff --git a/openssh-6.6p1-force_krb.patch b/0013-openssh-6.6p1-force_krb.patch similarity index 88% rename from openssh-6.6p1-force_krb.patch rename to 0013-openssh-6.6p1-force_krb.patch index 90f8322..74643b5 100644 --- a/openssh-6.6p1-force_krb.patch +++ b/0013-openssh-6.6p1-force_krb.patch @@ -1,5 +1,17 @@ +From f5e5ee321def2a3674600714ad98fd1ca9b2cff1 Mon Sep 17 00:00:00 2001 +From: Dmitry Belyavskiy +Date: Thu, 15 May 2025 13:43:28 +0200 +Subject: [PATCH 13/50] openssh-6.6p1-force_krb + +--- + gss-serv-krb5.c | 156 +++++++++++++++++++++++++++++++++++++++++++++++- + session.c | 23 +++++++ + ssh-gss.h | 4 ++ + sshd.8 | 7 +++ + 4 files changed, 189 insertions(+), 1 deletion(-) + diff --git a/gss-serv-krb5.c b/gss-serv-krb5.c -index 413b845..54dd383 100644 +index 8d2b677f..14502c5a 100644 --- a/gss-serv-krb5.c +++ b/gss-serv-krb5.c @@ -32,7 +32,9 @@ @@ -12,7 +24,7 @@ index 413b845..54dd383 100644 #include "xmalloc.h" #include "sshkey.h" -@@ -45,6 +47,7 @@ +@@ -44,6 +46,7 @@ #include "ssh-gss.h" @@ -20,7 +32,7 @@ index 413b845..54dd383 100644 extern ServerOptions options; #ifdef HEIMDAL -@@ -56,6 +59,13 @@ extern ServerOptions options; +@@ -55,6 +58,13 @@ extern ServerOptions options; # include #endif @@ -34,7 +46,7 @@ index 413b845..54dd383 100644 static krb5_context krb_context = NULL; /* Initialise the krb5 library, for the stuff that GSSAPI won't do */ -@@ -88,6 +98,7 @@ ssh_gssapi_krb5_userok(ssh_gssapi_client *client, char *name) +@@ -87,6 +97,7 @@ ssh_gssapi_krb5_userok(ssh_gssapi_client *client, char *name) krb5_principal princ; int retval; const char *errmsg; @@ -42,7 +54,7 @@ index 413b845..54dd383 100644 if (ssh_gssapi_krb5_init() == 0) return 0; -@@ -99,10 +110,22 @@ ssh_gssapi_krb5_userok(ssh_gssapi_client *client, char *name) +@@ -98,10 +109,22 @@ ssh_gssapi_krb5_userok(ssh_gssapi_client *client, char *name) krb5_free_error_message(krb_context, errmsg); return 0; } @@ -66,7 +78,7 @@ index 413b845..54dd383 100644 } else retval = 0; -@@ -110,6 +133,137 @@ ssh_gssapi_krb5_userok(ssh_gssapi_client *client, char *name) +@@ -109,6 +132,137 @@ ssh_gssapi_krb5_userok(ssh_gssapi_client *client, char *name) return retval; } @@ -205,10 +217,10 @@ index 413b845..54dd383 100644 /* This writes out any forwarded credentials from the structure populated * during userauth. Called after we have setuid to the user */ diff --git a/session.c b/session.c -index 28659ec..9c94d8e 100644 +index cbfbcee8..89b3a9cf 100644 --- a/session.c +++ b/session.c -@@ -789,6 +789,29 @@ do_exec(Session *s, const char *command) +@@ -680,6 +680,29 @@ do_exec(struct ssh *ssh, Session *s, const char *command) command = auth_opts->force_command; forced = "(key-option)"; } @@ -239,7 +251,7 @@ index 28659ec..9c94d8e 100644 if (forced != NULL) { s->forced = 1; diff --git a/ssh-gss.h b/ssh-gss.h -index 0374c88..509109a 100644 +index 8ec45192..db34d77f 100644 --- a/ssh-gss.h +++ b/ssh-gss.h @@ -49,6 +49,10 @@ @@ -254,10 +266,10 @@ index 0374c88..509109a 100644 /* draft-ietf-secsh-gsskeyex-06 */ diff --git a/sshd.8 b/sshd.8 -index adcaaf9..824163b 100644 +index 2aa73271..049d0a94 100644 --- a/sshd.8 +++ b/sshd.8 -@@ -324,6 +324,7 @@ Finally, the server and the client enter an authentication dialog. +@@ -286,6 +286,7 @@ Finally, the server and the client enter an authentication dialog. The client tries to authenticate itself using host-based authentication, public key authentication, @@ -265,7 +277,7 @@ index adcaaf9..824163b 100644 challenge-response authentication, or password authentication. .Pp -@@ -800,6 +801,12 @@ This file is used in exactly the same way as +@@ -874,6 +875,12 @@ This file is used in exactly the same way as but allows host-based authentication without permitting login with rlogin/rsh. .Pp @@ -278,3 +290,6 @@ index adcaaf9..824163b 100644 .It Pa ~/.ssh/ This directory is the default location for all user-specific configuration and authentication information. +-- +2.49.0 + diff --git a/openssh-7.7p1-gssapi-new-unique.patch b/0014-openssh-7.7p1-gssapi-new-unique.patch similarity index 79% rename from openssh-7.7p1-gssapi-new-unique.patch rename to 0014-openssh-7.7p1-gssapi-new-unique.patch index 34b9b9d..1d21839 100644 --- a/openssh-7.7p1-gssapi-new-unique.patch +++ b/0014-openssh-7.7p1-gssapi-new-unique.patch @@ -1,26 +1,25 @@ -diff -up openssh-8.6p1/auth.h.ccache_name openssh-8.6p1/auth.h ---- openssh-8.6p1/auth.h.ccache_name 2021-04-19 14:05:10.820744325 +0200 -+++ openssh-8.6p1/auth.h 2021-04-19 14:05:10.853744569 +0200 -@@ -83,6 +83,7 @@ struct Authctxt { - krb5_principal krb5_user; - char *krb5_ticket_file; - char *krb5_ccname; -+ int krb5_set_env; - #endif - struct sshbuf *loginmsg; - -@@ -231,7 +232,7 @@ struct passwd *fakepw(void); - int sys_auth_passwd(struct ssh *, const char *); - - #if defined(KRB5) && !defined(HEIMDAL) --krb5_error_code ssh_krb5_cc_gen(krb5_context, krb5_ccache *); -+krb5_error_code ssh_krb5_cc_new_unique(krb5_context, krb5_ccache *, int *); - #endif - - #endif /* AUTH_H */ -diff -up openssh-8.6p1/auth-krb5.c.ccache_name openssh-8.6p1/auth-krb5.c ---- openssh-8.6p1/auth-krb5.c.ccache_name 2021-04-16 05:55:25.000000000 +0200 -+++ openssh-8.6p1/auth-krb5.c 2021-04-19 14:40:55.142832954 +0200 +From 5fca5946aa97dce23c6824c52b070a92532752a9 Mon Sep 17 00:00:00 2001 +From: Dmitry Belyavskiy +Date: Thu, 15 May 2025 13:43:28 +0200 +Subject: [PATCH 14/50] openssh-7.7p1-gssapi-new-unique + +--- + auth-krb5.c | 262 ++++++++++++++++++++++++++++++++++++++++++------ + auth.h | 3 +- + gss-serv-krb5.c | 42 +++----- + gss-serv.c | 10 +- + servconf.c | 12 ++- + servconf.h | 2 + + session.c | 5 +- + ssh-gss.h | 4 +- + sshd-session.c | 2 +- + sshd_config.5 | 8 ++ + 10 files changed, 279 insertions(+), 71 deletions(-) + +diff --git a/auth-krb5.c b/auth-krb5.c +index c99e4e43..77714e3d 100644 +--- a/auth-krb5.c ++++ b/auth-krb5.c @@ -51,6 +51,7 @@ #include #include @@ -29,7 +28,7 @@ diff -up openssh-8.6p1/auth-krb5.c.ccache_name openssh-8.6p1/auth-krb5.c extern ServerOptions options; -@@ -77,7 +78,7 @@ auth_krb5_password(Authctxt *authctxt, c +@@ -77,7 +78,7 @@ auth_krb5_password(Authctxt *authctxt, const char *password) #endif krb5_error_code problem; krb5_ccache ccache = NULL; @@ -38,7 +37,7 @@ diff -up openssh-8.6p1/auth-krb5.c.ccache_name openssh-8.6p1/auth-krb5.c char *client, *platform_client; const char *errmsg; -@@ -163,8 +164,8 @@ auth_krb5_password(Authctxt *authctxt, c +@@ -163,8 +164,8 @@ auth_krb5_password(Authctxt *authctxt, const char *password) goto out; } @@ -49,7 +48,7 @@ diff -up openssh-8.6p1/auth-krb5.c.ccache_name openssh-8.6p1/auth-krb5.c if (problem) goto out; -@@ -179,15 +180,14 @@ auth_krb5_password(Authctxt *authctxt, c +@@ -179,15 +180,14 @@ auth_krb5_password(Authctxt *authctxt, const char *password) goto out; #endif @@ -70,7 +69,7 @@ diff -up openssh-8.6p1/auth-krb5.c.ccache_name openssh-8.6p1/auth-krb5.c do_pam_putenv("KRB5CCNAME", authctxt->krb5_ccname); #endif -@@ -223,11 +223,54 @@ auth_krb5_password(Authctxt *authctxt, c +@@ -223,11 +223,54 @@ auth_krb5_password(Authctxt *authctxt, const char *password) void krb5_cleanup_proc(Authctxt *authctxt) { @@ -131,7 +130,24 @@ diff -up openssh-8.6p1/auth-krb5.c.ccache_name openssh-8.6p1/auth-krb5.c } -#ifndef HEIMDAL -+ +-krb5_error_code +-ssh_krb5_cc_gen(krb5_context ctx, krb5_ccache *ccache) { +- int tmpfd, ret, oerrno; +- char ccname[40]; +- mode_t old_umask; + +- ret = snprintf(ccname, sizeof(ccname), +- "FILE:/tmp/krb5cc_%d_XXXXXXXXXX", geteuid()); +- if (ret < 0 || (size_t)ret >= sizeof(ccname)) +- return ENOMEM; +- +- old_umask = umask(0177); +- tmpfd = mkstemp(ccname + strlen("FILE:")); +- oerrno = errno; +- umask(old_umask); +- if (tmpfd == -1) { +- logit("mkstemp(): %.100s", strerror(oerrno)); +- return oerrno; +#if !defined(HEIMDAL) +int +ssh_asprintf_append(char **dsc, const char *fmt, ...) { @@ -197,8 +213,9 @@ diff -up openssh-8.6p1/auth-krb5.c.ccache_name openssh-8.6p1/auth-krb5.c + /* unknown token, fallback to the default */ + goto cleanup; + } -+ } -+ + } + +- if (fchmod(tmpfd,S_IRUSR | S_IWUSR) == -1) { + if (ssh_asprintf_append(&r, "%s", p_o) == -1) + goto cleanup; + @@ -233,29 +250,13 @@ diff -up openssh-8.6p1/auth-krb5.c.ccache_name openssh-8.6p1/auth-krb5.c + return ret; +} + - krb5_error_code --ssh_krb5_cc_gen(krb5_context ctx, krb5_ccache *ccache) { -- int tmpfd, ret, oerrno; -- char ccname[40]; ++krb5_error_code +ssh_krb5_cc_new_unique(krb5_context ctx, krb5_ccache *ccache, int *need_environment) { + int tmpfd, ret, oerrno, type_len; + char *ccname = NULL; - mode_t old_umask; ++ mode_t old_umask; + char *type = NULL, *colon = NULL; - -- ret = snprintf(ccname, sizeof(ccname), -- "FILE:/tmp/krb5cc_%d_XXXXXXXXXX", geteuid()); -- if (ret < 0 || (size_t)ret >= sizeof(ccname)) -- return ENOMEM; -- -- old_umask = umask(0177); -- tmpfd = mkstemp(ccname + strlen("FILE:")); -- oerrno = errno; -- umask(old_umask); -- if (tmpfd == -1) { -- logit("mkstemp(): %.100s", strerror(oerrno)); -- return oerrno; -- } ++ + debug3_f("called"); + if (need_environment) + *need_environment = 0; @@ -270,8 +271,7 @@ diff -up openssh-8.6p1/auth-krb5.c.ccache_name openssh-8.6p1/auth-krb5.c + "FILE:/tmp/krb5cc_%d_XXXXXXXXXX", geteuid()); + if (ret < 0) + return ENOMEM; - -- if (fchmod(tmpfd,S_IRUSR | S_IWUSR) == -1) { ++ + old_umask = umask(0177); + tmpfd = mkstemp(ccname + strlen("FILE:")); oerrno = errno; @@ -338,42 +338,32 @@ diff -up openssh-8.6p1/auth-krb5.c.ccache_name openssh-8.6p1/auth-krb5.c } #endif /* !HEIMDAL */ #endif /* KRB5 */ -diff -up openssh-8.6p1/gss-serv.c.ccache_name openssh-8.6p1/gss-serv.c ---- openssh-8.6p1/gss-serv.c.ccache_name 2021-04-19 14:05:10.844744503 +0200 -+++ openssh-8.6p1/gss-serv.c 2021-04-19 14:05:10.854744577 +0200 -@@ -413,13 +413,15 @@ ssh_gssapi_cleanup_creds(void) - } +diff --git a/auth.h b/auth.h +index 83d07ae8..10e88e11 100644 +--- a/auth.h ++++ b/auth.h +@@ -85,6 +85,7 @@ struct Authctxt { + krb5_principal krb5_user; + char *krb5_ticket_file; + char *krb5_ccname; ++ int krb5_set_env; + #endif + struct sshbuf *loginmsg; - /* As user */ --void -+int - ssh_gssapi_storecreds(void) - { - if (gssapi_client.mech && gssapi_client.mech->storecreds) { -- (*gssapi_client.mech->storecreds)(&gssapi_client); -+ return (*gssapi_client.mech->storecreds)(&gssapi_client); - } else - debug("ssh_gssapi_storecreds: Not a GSSAPI mechanism"); -+ -+ return 0; - } +@@ -245,7 +246,7 @@ FILE *auth_openprincipals(const char *, struct passwd *, int); + int sys_auth_passwd(struct ssh *, const char *); - /* This allows GSSAPI methods to do things to the child's environment based -@@ -499,9 +501,7 @@ ssh_gssapi_rekey_creds(void) { - char *envstr; + #if defined(KRB5) && !defined(HEIMDAL) +-krb5_error_code ssh_krb5_cc_gen(krb5_context, krb5_ccache *); ++krb5_error_code ssh_krb5_cc_new_unique(krb5_context, krb5_ccache *, int *); #endif -- if (gssapi_client.store.filename == NULL && -- gssapi_client.store.envval == NULL && -- gssapi_client.store.envvar == NULL) -+ if (gssapi_client.store.envval == NULL) - return; - - ok = mm_ssh_gssapi_update_creds(&gssapi_client.store); -diff -up openssh-8.6p1/gss-serv-krb5.c.ccache_name openssh-8.6p1/gss-serv-krb5.c ---- openssh-8.6p1/gss-serv-krb5.c.ccache_name 2021-04-19 14:05:10.852744562 +0200 -+++ openssh-8.6p1/gss-serv-krb5.c 2021-04-19 14:05:10.854744577 +0200 -@@ -267,7 +267,7 @@ ssh_gssapi_krb5_cmdok(krb5_principal pri + #endif /* AUTH_H */ +diff --git a/gss-serv-krb5.c b/gss-serv-krb5.c +index 14502c5a..df55512d 100644 +--- a/gss-serv-krb5.c ++++ b/gss-serv-krb5.c +@@ -267,7 +267,7 @@ ssh_gssapi_krb5_cmdok(krb5_principal principal, const char *name, /* This writes out any forwarded credentials from the structure populated * during userauth. Called after we have setuid to the user */ @@ -382,7 +372,7 @@ diff -up openssh-8.6p1/gss-serv-krb5.c.ccache_name openssh-8.6p1/gss-serv-krb5.c ssh_gssapi_krb5_storecreds(ssh_gssapi_client *client) { krb5_ccache ccache; -@@ -276,14 +276,15 @@ ssh_gssapi_krb5_storecreds(ssh_gssapi_cl +@@ -276,14 +276,15 @@ ssh_gssapi_krb5_storecreds(ssh_gssapi_client *client) OM_uint32 maj_status, min_status; const char *new_ccname, *new_cctype; const char *errmsg; @@ -400,7 +390,7 @@ diff -up openssh-8.6p1/gss-serv-krb5.c.ccache_name openssh-8.6p1/gss-serv-krb5.c #ifdef HEIMDAL # ifdef HAVE_KRB5_CC_NEW_UNIQUE -@@ -297,14 +298,14 @@ ssh_gssapi_krb5_storecreds(ssh_gssapi_cl +@@ -297,14 +298,14 @@ ssh_gssapi_krb5_storecreds(ssh_gssapi_client *client) krb5_get_err_text(krb_context, problem)); # endif krb5_free_error_message(krb_context, errmsg); @@ -419,7 +409,7 @@ diff -up openssh-8.6p1/gss-serv-krb5.c.ccache_name openssh-8.6p1/gss-serv-krb5.c } #endif /* #ifdef HEIMDAL */ -@@ -313,7 +314,7 @@ ssh_gssapi_krb5_storecreds(ssh_gssapi_cl +@@ -313,7 +314,7 @@ ssh_gssapi_krb5_storecreds(ssh_gssapi_client *client) errmsg = krb5_get_error_message(krb_context, problem); logit("krb5_parse_name(): %.100s", errmsg); krb5_free_error_message(krb_context, errmsg); @@ -428,7 +418,7 @@ diff -up openssh-8.6p1/gss-serv-krb5.c.ccache_name openssh-8.6p1/gss-serv-krb5.c } if ((problem = krb5_cc_initialize(krb_context, ccache, princ))) { -@@ -322,7 +323,7 @@ ssh_gssapi_krb5_storecreds(ssh_gssapi_cl +@@ -322,7 +323,7 @@ ssh_gssapi_krb5_storecreds(ssh_gssapi_client *client) krb5_free_error_message(krb_context, errmsg); krb5_free_principal(krb_context, princ); krb5_cc_destroy(krb_context, ccache); @@ -437,7 +427,7 @@ diff -up openssh-8.6p1/gss-serv-krb5.c.ccache_name openssh-8.6p1/gss-serv-krb5.c } krb5_free_principal(krb_context, princ); -@@ -331,32 +332,21 @@ ssh_gssapi_krb5_storecreds(ssh_gssapi_cl +@@ -331,32 +332,21 @@ ssh_gssapi_krb5_storecreds(ssh_gssapi_client *client) client->creds, ccache))) { logit("gss_krb5_copy_ccache() failed"); krb5_cc_destroy(krb_context, ccache); @@ -475,7 +465,7 @@ diff -up openssh-8.6p1/gss-serv-krb5.c.ccache_name openssh-8.6p1/gss-serv-krb5.c do_pam_putenv(client->store.envvar, client->store.envval); #endif -@@ -364,7 +354,7 @@ ssh_gssapi_krb5_storecreds(ssh_gssapi_cl +@@ -364,7 +354,7 @@ ssh_gssapi_krb5_storecreds(ssh_gssapi_client *client) client->store.data = krb_context; @@ -484,10 +474,44 @@ diff -up openssh-8.6p1/gss-serv-krb5.c.ccache_name openssh-8.6p1/gss-serv-krb5.c } int -diff -up openssh-8.6p1/servconf.c.ccache_name openssh-8.6p1/servconf.c ---- openssh-8.6p1/servconf.c.ccache_name 2021-04-19 14:05:10.848744532 +0200 -+++ openssh-8.6p1/servconf.c 2021-04-19 14:05:10.854744577 +0200 -@@ -136,6 +136,7 @@ initialize_server_options(ServerOptions +diff --git a/gss-serv.c b/gss-serv.c +index a5cca797..9d5435ed 100644 +--- a/gss-serv.c ++++ b/gss-serv.c +@@ -414,13 +414,15 @@ ssh_gssapi_cleanup_creds(void) + } + + /* As user */ +-void ++int + ssh_gssapi_storecreds(void) + { + if (gssapi_client.mech && gssapi_client.mech->storecreds) { +- (*gssapi_client.mech->storecreds)(&gssapi_client); ++ return (*gssapi_client.mech->storecreds)(&gssapi_client); + } else + debug("ssh_gssapi_storecreds: Not a GSSAPI mechanism"); ++ ++ return 0; + } + + /* This allows GSSAPI methods to do things to the child's environment based +@@ -500,9 +502,7 @@ ssh_gssapi_rekey_creds(void) { + char *envstr; + #endif + +- if (gssapi_client.store.filename == NULL && +- gssapi_client.store.envval == NULL && +- gssapi_client.store.envvar == NULL) ++ if (gssapi_client.store.envval == NULL) + return; + + ok = mm_ssh_gssapi_update_creds(&gssapi_client.store); +diff --git a/servconf.c b/servconf.c +index d4f7fd66..55aa5bf0 100644 +--- a/servconf.c ++++ b/servconf.c +@@ -138,6 +138,7 @@ initialize_server_options(ServerOptions *options) options->kerberos_or_local_passwd = -1; options->kerberos_ticket_cleanup = -1; options->kerberos_get_afs_token = -1; @@ -495,7 +519,7 @@ diff -up openssh-8.6p1/servconf.c.ccache_name openssh-8.6p1/servconf.c options->gss_authentication=-1; options->gss_keyex = -1; options->gss_cleanup_creds = -1; -@@ -359,6 +360,8 @@ fill_default_server_options(ServerOption +@@ -382,6 +383,8 @@ fill_default_server_options(ServerOptions *options) options->kerberos_ticket_cleanup = 1; if (options->kerberos_get_afs_token == -1) options->kerberos_get_afs_token = 0; @@ -504,16 +528,16 @@ diff -up openssh-8.6p1/servconf.c.ccache_name openssh-8.6p1/servconf.c if (options->gss_authentication == -1) options->gss_authentication = 0; if (options->gss_keyex == -1) -@@ -506,7 +509,7 @@ typedef enum { - sPort, sHostKeyFile, sLoginGraceTime, - sPermitRootLogin, sLogFacility, sLogLevel, sLogVerbose, - sKerberosAuthentication, sKerberosOrLocalPasswd, sKerberosTicketCleanup, +@@ -564,7 +567,7 @@ typedef enum { + sPort, sHostKeyFile, sLoginGraceTime, + sPermitRootLogin, sLogFacility, sLogLevel, sLogVerbose, + sKerberosAuthentication, sKerberosOrLocalPasswd, sKerberosTicketCleanup, - sKerberosGetAFSToken, sPasswordAuthentication, + sKerberosGetAFSToken, sKerberosUniqueCCache, sPasswordAuthentication, - sKbdInteractiveAuthentication, sListenAddress, sAddressFamily, - sPrintMotd, sPrintLastLog, sIgnoreRhosts, - sX11Forwarding, sX11DisplayOffset, sX11UseLocalhost, -@@ -593,11 +597,13 @@ static struct { + sKbdInteractiveAuthentication, sListenAddress, sAddressFamily, + sPrintMotd, sPrintLastLog, sIgnoreRhosts, + sX11Forwarding, sX11DisplayOffset, sX11UseLocalhost, +@@ -655,11 +658,13 @@ static struct { #else { "kerberosgetafstoken", sUnsupported, SSHCFG_GLOBAL }, #endif @@ -527,7 +551,7 @@ diff -up openssh-8.6p1/servconf.c.ccache_name openssh-8.6p1/servconf.c #endif { "kerberostgtpassing", sUnsupported, SSHCFG_GLOBAL }, { "afstokenpassing", sUnsupported, SSHCFG_GLOBAL }, -@@ -1573,6 +1579,10 @@ process_server_config_line_depth(ServerO +@@ -1668,6 +1673,10 @@ process_server_config_line_depth(ServerOptions *options, char *line, intptr = &options->kerberos_get_afs_token; goto parse_flag; @@ -538,7 +562,7 @@ diff -up openssh-8.6p1/servconf.c.ccache_name openssh-8.6p1/servconf.c case sGssAuthentication: intptr = &options->gss_authentication; goto parse_flag; -@@ -2891,6 +2901,7 @@ dump_config(ServerOptions *o) +@@ -3293,6 +3302,7 @@ dump_config(ServerOptions *o) # ifdef USE_AFS dump_cfg_fmtint(sKerberosGetAFSToken, o->kerberos_get_afs_token); # endif @@ -546,10 +570,11 @@ diff -up openssh-8.6p1/servconf.c.ccache_name openssh-8.6p1/servconf.c #endif #ifdef GSSAPI dump_cfg_fmtint(sGssAuthentication, o->gss_authentication); -diff -up openssh-8.6p1/servconf.h.ccache_name openssh-8.6p1/servconf.h ---- openssh-8.6p1/servconf.h.ccache_name 2021-04-19 14:05:10.848744532 +0200 -+++ openssh-8.6p1/servconf.h 2021-04-19 14:05:10.855744584 +0200 -@@ -140,6 +140,8 @@ typedef struct { +diff --git a/servconf.h b/servconf.h +index c3f50140..a4a38d6d 100644 +--- a/servconf.h ++++ b/servconf.h +@@ -149,6 +149,8 @@ typedef struct { * file on logout. */ int kerberos_get_afs_token; /* If true, try to get AFS token if * authenticated with Kerberos. */ @@ -558,10 +583,11 @@ diff -up openssh-8.6p1/servconf.h.ccache_name openssh-8.6p1/servconf.h int gss_authentication; /* If true, permit GSSAPI authentication */ int gss_keyex; /* If true, permit GSSAPI key exchange */ int gss_cleanup_creds; /* If true, destroy cred cache on logout */ -diff -up openssh-8.6p1/session.c.ccache_name openssh-8.6p1/session.c ---- openssh-8.6p1/session.c.ccache_name 2021-04-19 14:05:10.852744562 +0200 -+++ openssh-8.6p1/session.c 2021-04-19 14:05:10.855744584 +0200 -@@ -1038,7 +1038,8 @@ do_setup_env(struct ssh *ssh, Session *s +diff --git a/session.c b/session.c +index 89b3a9cf..2620dd11 100644 +--- a/session.c ++++ b/session.c +@@ -1025,7 +1025,8 @@ do_setup_env(struct ssh *ssh, Session *s, const char *shell) /* Allow any GSSAPI methods that we've used to alter * the child's environment as they see fit */ @@ -571,7 +597,7 @@ diff -up openssh-8.6p1/session.c.ccache_name openssh-8.6p1/session.c #endif /* Set basic environment. */ -@@ -1114,7 +1115,7 @@ do_setup_env(struct ssh *ssh, Session *s +@@ -1101,7 +1102,7 @@ do_setup_env(struct ssh *ssh, Session *s, const char *shell) } #endif #ifdef KRB5 @@ -580,10 +606,33 @@ diff -up openssh-8.6p1/session.c.ccache_name openssh-8.6p1/session.c child_set_env(&env, &envsize, "KRB5CCNAME", s->authctxt->krb5_ccname); #endif -diff -up openssh-8.6p1/sshd-session.c.ccache_name openssh-8.6p1/sshd-session.c ---- openssh-8.6p1/sshd-session.c.ccache_name 2021-04-19 14:05:10.849744540 +0200 -+++ openssh-8.6p1/sshd-session.c 2021-04-19 14:05:10.855744584 +0200 -@@ -2284,7 +2284,7 @@ main(int ac, char **av) +diff --git a/ssh-gss.h b/ssh-gss.h +index db34d77f..a894e23c 100644 +--- a/ssh-gss.h ++++ b/ssh-gss.h +@@ -116,7 +116,7 @@ typedef struct ssh_gssapi_mech_struct { + int (*dochild) (ssh_gssapi_client *); + int (*userok) (ssh_gssapi_client *, char *); + int (*localname) (ssh_gssapi_client *, char **); +- void (*storecreds) (ssh_gssapi_client *); ++ int (*storecreds) (ssh_gssapi_client *); + int (*updatecreds) (ssh_gssapi_ccache *, ssh_gssapi_client *); + } ssh_gssapi_mech; + +@@ -186,7 +186,7 @@ int ssh_gssapi_userok(char *name, struct passwd *, int kex); + OM_uint32 ssh_gssapi_checkmic(Gssctxt *, gss_buffer_t, gss_buffer_t); + void ssh_gssapi_do_child(char ***, u_int *); + void ssh_gssapi_cleanup_creds(void); +-void ssh_gssapi_storecreds(void); ++int ssh_gssapi_storecreds(void); + const char *ssh_gssapi_displayname(void); + + char *ssh_gssapi_server_mechanisms(void); +diff --git a/sshd-session.c b/sshd-session.c +index f8c8a797..478381db 100644 +--- a/sshd-session.c ++++ b/sshd-session.c +@@ -1349,7 +1349,7 @@ main(int ac, char **av) #ifdef GSSAPI if (options.gss_authentication) { temporarily_use_uid(authctxt->pw); @@ -592,10 +641,11 @@ diff -up openssh-8.6p1/sshd-session.c.ccache_name openssh-8.6p1/sshd-session.c restore_uid(); } #endif -diff -up openssh-8.6p1/sshd_config.5.ccache_name openssh-8.6p1/sshd_config.5 ---- openssh-8.6p1/sshd_config.5.ccache_name 2021-04-19 14:05:10.849744540 +0200 -+++ openssh-8.6p1/sshd_config.5 2021-04-19 14:05:10.856744592 +0200 -@@ -939,6 +939,14 @@ Specifies whether to automatically destr +diff --git a/sshd_config.5 b/sshd_config.5 +index 8bc6586e..1251d4d5 100644 +--- a/sshd_config.5 ++++ b/sshd_config.5 +@@ -1033,6 +1033,14 @@ Specifies whether to automatically destroy the user's ticket cache file on logout. The default is .Cm yes . @@ -610,24 +660,6 @@ diff -up openssh-8.6p1/sshd_config.5.ccache_name openssh-8.6p1/sshd_config.5 .It Cm KexAlgorithms Specifies the permitted KEX (Key Exchange) algorithms that the server will offer to clients. -diff -up openssh-8.6p1/ssh-gss.h.ccache_name openssh-8.6p1/ssh-gss.h ---- openssh-8.6p1/ssh-gss.h.ccache_name 2021-04-19 14:05:10.852744562 +0200 -+++ openssh-8.6p1/ssh-gss.h 2021-04-19 14:05:10.855744584 +0200 -@@ -114,7 +114,7 @@ typedef struct ssh_gssapi_mech_struct { - int (*dochild) (ssh_gssapi_client *); - int (*userok) (ssh_gssapi_client *, char *); - int (*localname) (ssh_gssapi_client *, char **); -- void (*storecreds) (ssh_gssapi_client *); -+ int (*storecreds) (ssh_gssapi_client *); - int (*updatecreds) (ssh_gssapi_ccache *, ssh_gssapi_client *); - } ssh_gssapi_mech; - -@@ -175,7 +175,7 @@ int ssh_gssapi_userok(char *name, struct - OM_uint32 ssh_gssapi_checkmic(Gssctxt *, gss_buffer_t, gss_buffer_t); - void ssh_gssapi_do_child(char ***, u_int *); - void ssh_gssapi_cleanup_creds(void); --void ssh_gssapi_storecreds(void); -+int ssh_gssapi_storecreds(void); - const char *ssh_gssapi_displayname(void); - - char *ssh_gssapi_server_mechanisms(void); +-- +2.49.0 + diff --git a/openssh-7.2p2-k5login_directory.patch b/0015-openssh-7.2p2-k5login_directory.patch similarity index 74% rename from openssh-7.2p2-k5login_directory.patch rename to 0015-openssh-7.2p2-k5login_directory.patch index 80e7678..5e980c8 100644 --- a/openssh-7.2p2-k5login_directory.patch +++ b/0015-openssh-7.2p2-k5login_directory.patch @@ -1,8 +1,20 @@ +From 25540939422660b024b8832f67eab82267aa8df6 Mon Sep 17 00:00:00 2001 +From: Dmitry Belyavskiy +Date: Thu, 15 May 2025 13:43:28 +0200 +Subject: [PATCH 15/50] openssh-7.2p2-k5login_directory + +--- + auth-krb5.c | 16 ++++++++++++++++ + auth.h | 2 ++ + gss-serv-krb5.c | 21 ++++++++++++++++++++- + sshd.8 | 4 ++++ + 4 files changed, 42 insertions(+), 1 deletion(-) + diff --git a/auth-krb5.c b/auth-krb5.c -index 2b02a04..19b9364 100644 +index 77714e3d..74f56d47 100644 --- a/auth-krb5.c +++ b/auth-krb5.c -@@ -375,5 +375,21 @@ cleanup: +@@ -465,5 +465,21 @@ ssh_krb5_cc_new_unique(krb5_context ctx, krb5_ccache *ccache, int *need_environm return (krb5_cc_resolve(ctx, ccname, ccache)); } } @@ -25,10 +37,10 @@ index 2b02a04..19b9364 100644 #endif /* !HEIMDAL */ #endif /* KRB5 */ diff --git a/auth.h b/auth.h -index f9d191c..c432d2f 100644 +index 10e88e11..39163035 100644 --- a/auth.h +++ b/auth.h -@@ -222,6 +222,8 @@ int sys_auth_passwd(Authctxt *, const char *); +@@ -247,6 +247,8 @@ int sys_auth_passwd(struct ssh *, const char *); #if defined(KRB5) && !defined(HEIMDAL) krb5_error_code ssh_krb5_cc_new_unique(krb5_context, krb5_ccache *, int *); @@ -38,10 +50,10 @@ index f9d191c..c432d2f 100644 #endif /* AUTH_H */ diff --git a/gss-serv-krb5.c b/gss-serv-krb5.c -index a7c0c5f..df8cc9a 100644 +index df55512d..820f794c 100644 --- a/gss-serv-krb5.c +++ b/gss-serv-krb5.c -@@ -244,8 +244,27 @@ ssh_gssapi_k5login_exists() +@@ -144,8 +144,27 @@ ssh_gssapi_k5login_exists() { char file[MAXPATHLEN]; struct passwd *pw = the_authctxt->pw; @@ -71,10 +83,10 @@ index a7c0c5f..df8cc9a 100644 } diff --git a/sshd.8 b/sshd.8 -index 5c4f15b..135e290 100644 +index 049d0a94..6784286d 100644 --- a/sshd.8 +++ b/sshd.8 -@@ -806,6 +806,10 @@ rlogin/rsh. +@@ -880,6 +880,10 @@ rlogin/rsh. These files enforce GSSAPI/Kerberos authentication access control. Further details are described in .Xr ksu 1 . @@ -85,3 +97,6 @@ index 5c4f15b..135e290 100644 .Pp .It Pa ~/.ssh/ This directory is the default location for all user-specific configuration +-- +2.49.0 + diff --git a/openssh-6.6p1-kuserok.patch b/0016-openssh-6.6p1-kuserok.patch similarity index 80% rename from openssh-6.6p1-kuserok.patch rename to 0016-openssh-6.6p1-kuserok.patch index e43128b..3724b8d 100644 --- a/openssh-6.6p1-kuserok.patch +++ b/0016-openssh-6.6p1-kuserok.patch @@ -1,7 +1,22 @@ -diff -up openssh-7.4p1/auth-krb5.c.kuserok openssh-7.4p1/auth-krb5.c ---- openssh-7.4p1/auth-krb5.c.kuserok 2016-12-23 14:36:07.640465939 +0100 -+++ openssh-7.4p1/auth-krb5.c 2016-12-23 14:36:07.644465936 +0100 -@@ -56,6 +56,21 @@ +From bac7a9d1a654c8c2e0c71f979195e300b25d6232 Mon Sep 17 00:00:00 2001 +From: Dmitry Belyavskiy +Date: Thu, 15 May 2025 13:43:28 +0200 +Subject: [PATCH 16/50] openssh-6.6p1-kuserok + +--- + auth-krb5.c | 20 ++++++++- + gss-serv-krb5.c | 106 ++++++++++++++++++++++++++++++++++++++++++++++-- + servconf.c | 13 +++++- + servconf.h | 1 + + sshd_config | 1 + + sshd_config.5 | 5 +++ + 6 files changed, 139 insertions(+), 7 deletions(-) + +diff --git a/auth-krb5.c b/auth-krb5.c +index 74f56d47..bae153c9 100644 +--- a/auth-krb5.c ++++ b/auth-krb5.c +@@ -55,6 +55,21 @@ extern ServerOptions options; @@ -23,7 +38,7 @@ diff -up openssh-7.4p1/auth-krb5.c.kuserok openssh-7.4p1/auth-krb5.c static int krb5_init(void *context) { -@@ -160,8 +175,9 @@ auth_krb5_password(Authctxt *authctxt, c +@@ -158,8 +173,9 @@ auth_krb5_password(Authctxt *authctxt, const char *password) if (problem) goto out; @@ -35,10 +50,11 @@ diff -up openssh-7.4p1/auth-krb5.c.kuserok openssh-7.4p1/auth-krb5.c problem = -1; goto out; } -diff -up openssh-7.4p1/gss-serv-krb5.c.kuserok openssh-7.4p1/gss-serv-krb5.c ---- openssh-7.4p1/gss-serv-krb5.c.kuserok 2016-12-23 14:36:07.640465939 +0100 -+++ openssh-7.4p1/gss-serv-krb5.c 2016-12-23 14:36:07.644465936 +0100 -@@ -67,6 +67,7 @@ static int ssh_gssapi_krb5_cmdok(krb5_pr +diff --git a/gss-serv-krb5.c b/gss-serv-krb5.c +index 820f794c..187faf92 100644 +--- a/gss-serv-krb5.c ++++ b/gss-serv-krb5.c +@@ -66,6 +66,7 @@ static int ssh_gssapi_krb5_cmdok(krb5_principal, const char *, const char *, int); static krb5_context krb_context = NULL; @@ -46,7 +62,7 @@ diff -up openssh-7.4p1/gss-serv-krb5.c.kuserok openssh-7.4p1/gss-serv-krb5.c /* Initialise the krb5 library, for the stuff that GSSAPI won't do */ -@@ -92,6 +93,103 @@ ssh_gssapi_krb5_init(void) +@@ -91,6 +92,103 @@ ssh_gssapi_krb5_init(void) * Returns true if the user is OK to log in, otherwise returns 0 */ @@ -150,7 +166,7 @@ diff -up openssh-7.4p1/gss-serv-krb5.c.kuserok openssh-7.4p1/gss-serv-krb5.c static int ssh_gssapi_krb5_userok(ssh_gssapi_client *client, char *name) { -@@ -116,7 +214,8 @@ ssh_gssapi_krb5_userok(ssh_gssapi_client +@@ -115,7 +213,8 @@ ssh_gssapi_krb5_userok(ssh_gssapi_client *client, char *name) /* NOTE: .k5login and .k5users must opened as root, not the user, * because if they are on a krb5-protected filesystem, user credentials * to access these files aren't available yet. */ @@ -160,7 +176,7 @@ diff -up openssh-7.4p1/gss-serv-krb5.c.kuserok openssh-7.4p1/gss-serv-krb5.c retval = 1; logit("Authorized to %s, krb5 principal %s (krb5_kuserok)", name, (char *)client->displayname.value); -@@ -190,9 +289,8 @@ ssh_gssapi_krb5_cmdok(krb5_principal pri +@@ -190,9 +289,8 @@ ssh_gssapi_krb5_cmdok(krb5_principal principal, const char *name, snprintf(file, sizeof(file), "%s/.k5users", pw->pw_dir); /* If both .k5login and .k5users DNE, self-login is ok. */ if (!k5login_exists && (access(file, F_OK) == -1)) { @@ -172,18 +188,19 @@ diff -up openssh-7.4p1/gss-serv-krb5.c.kuserok openssh-7.4p1/gss-serv-krb5.c } if ((fp = fopen(file, "r")) == NULL) { int saved_errno = errno; -diff -up openssh-7.4p1/servconf.c.kuserok openssh-7.4p1/servconf.c ---- openssh-7.4p1/servconf.c.kuserok 2016-12-23 14:36:07.630465944 +0100 -+++ openssh-7.4p1/servconf.c 2016-12-23 15:11:52.278133344 +0100 -@@ -116,6 +116,7 @@ initialize_server_options(ServerOptions +diff --git a/servconf.c b/servconf.c +index 55aa5bf0..5dd5ca21 100644 +--- a/servconf.c ++++ b/servconf.c +@@ -145,6 +145,7 @@ initialize_server_options(ServerOptions *options) options->gss_strict_acceptor = -1; options->gss_store_rekey = -1; options->gss_kex_algorithms = NULL; + options->use_kuserok = -1; options->password_authentication = -1; options->kbd_interactive_authentication = -1; - options->permit_empty_passwd = -1; -@@ -278,6 +279,8 @@ fill_default_server_options(ServerOption + options->permit_empty_passwd = -1; +@@ -399,6 +400,8 @@ fill_default_server_options(ServerOptions *options) if (options->gss_kex_algorithms == NULL) options->gss_kex_algorithms = strdup(GSS_KEX_DEFAULT_KEX); #endif @@ -192,16 +209,16 @@ diff -up openssh-7.4p1/servconf.c.kuserok openssh-7.4p1/servconf.c if (options->password_authentication == -1) options->password_authentication = 1; if (options->kbd_interactive_authentication == -1) -@@ -399,7 +402,7 @@ typedef enum { - sPort, sHostKeyFile, sLoginGraceTime, - sPermitRootLogin, sLogFacility, sLogLevel, sLogVerbose, - sKerberosAuthentication, sKerberosOrLocalPasswd, sKerberosTicketCleanup, +@@ -567,7 +570,7 @@ typedef enum { + sPort, sHostKeyFile, sLoginGraceTime, + sPermitRootLogin, sLogFacility, sLogLevel, sLogVerbose, + sKerberosAuthentication, sKerberosOrLocalPasswd, sKerberosTicketCleanup, - sKerberosGetAFSToken, sKerberosUniqueCCache, sPasswordAuthentication, + sKerberosGetAFSToken, sKerberosUniqueCCache, sKerberosUseKuserok, sPasswordAuthentication, - sKbdInteractiveAuthentication, sListenAddress, sAddressFamily, - sPrintMotd, sPrintLastLog, sIgnoreRhosts, - sX11Forwarding, sX11DisplayOffset, sX11UseLocalhost, -@@ -478,12 +481,14 @@ static struct { + sKbdInteractiveAuthentication, sListenAddress, sAddressFamily, + sPrintMotd, sPrintLastLog, sIgnoreRhosts, + sX11Forwarding, sX11DisplayOffset, sX11UseLocalhost, +@@ -659,12 +662,14 @@ static struct { { "kerberosgetafstoken", sUnsupported, SSHCFG_GLOBAL }, #endif { "kerberosuniqueccache", sKerberosUniqueCCache, SSHCFG_GLOBAL }, @@ -216,18 +233,18 @@ diff -up openssh-7.4p1/servconf.c.kuserok openssh-7.4p1/servconf.c #endif { "kerberostgtpassing", sUnsupported, SSHCFG_GLOBAL }, { "afstokenpassing", sUnsupported, SSHCFG_GLOBAL }, -@@ -1644,6 +1649,10 @@ process_server_config_line(ServerOptions - } - break; - +@@ -2441,6 +2446,10 @@ process_server_config_line_depth(ServerOptions *options, char *line, + } + break; + + case sKerberosUseKuserok: + intptr = &options->use_kuserok; + goto parse_flag; + - case sMatch: - if (cmdline) - fatal("Match directive not supported as a command-line " -@@ -2016,6 +2025,7 @@ copy_set_server_options(ServerOptions *d + case sMatch: + if (cmdline) + fatal("Match directive not supported as a command-line " +@@ -2995,6 +3004,7 @@ copy_set_server_options(ServerOptions *dst, ServerOptions *src, int preauth) M_CP_INTOPT(client_alive_interval); M_CP_INTOPT(ip_qos_interactive); M_CP_INTOPT(ip_qos_bulk); @@ -235,18 +252,19 @@ diff -up openssh-7.4p1/servconf.c.kuserok openssh-7.4p1/servconf.c M_CP_INTOPT(rekey_limit); M_CP_INTOPT(rekey_interval); M_CP_INTOPT(log_level); -@@ -2309,6 +2319,7 @@ dump_config(ServerOptions *o) +@@ -3303,6 +3313,7 @@ dump_config(ServerOptions *o) dump_cfg_fmtint(sKerberosGetAFSToken, o->kerberos_get_afs_token); # endif dump_cfg_fmtint(sKerberosUniqueCCache, o->kerberos_unique_ccache); + dump_cfg_fmtint(sKerberosUseKuserok, o->use_kuserok); #endif #ifdef GSSAPI - dump_cfg_fmtint(sGssAuthentication, o->gss_authentication); -diff -up openssh-7.4p1/servconf.h.kuserok openssh-7.4p1/servconf.h ---- openssh-7.4p1/servconf.h.kuserok 2016-12-23 14:36:07.630465944 +0100 -+++ openssh-7.4p1/servconf.h 2016-12-23 14:36:07.645465936 +0100 -@@ -118,6 +118,7 @@ typedef struct { + dump_cfg_fmtint(sGssAuthentication, o->gss_authentication); +diff --git a/servconf.h b/servconf.h +index a4a38d6d..11de36a2 100644 +--- a/servconf.h ++++ b/servconf.h +@@ -151,6 +151,7 @@ typedef struct { * authenticated with Kerberos. */ int kerberos_unique_ccache; /* If true, the acquired ticket will * be stored in per-session ccache */ @@ -254,10 +272,23 @@ diff -up openssh-7.4p1/servconf.h.kuserok openssh-7.4p1/servconf.h int gss_authentication; /* If true, permit GSSAPI authentication */ int gss_keyex; /* If true, permit GSSAPI key exchange */ int gss_cleanup_creds; /* If true, destroy cred cache on logout */ -diff -up openssh-7.4p1/sshd_config.5.kuserok openssh-7.4p1/sshd_config.5 ---- openssh-7.4p1/sshd_config.5.kuserok 2016-12-23 14:36:07.637465940 +0100 -+++ openssh-7.4p1/sshd_config.5 2016-12-23 15:14:03.117162222 +0100 -@@ -850,6 +850,10 @@ Specifies whether to automatically destr +diff --git a/sshd_config b/sshd_config +index 8db9f0fb..ea5a878e 100644 +--- a/sshd_config ++++ b/sshd_config +@@ -75,6 +75,7 @@ AuthorizedKeysFile .ssh/authorized_keys + #KerberosOrLocalPasswd yes + #KerberosTicketCleanup yes + #KerberosGetAFSToken no ++#KerberosUseKuserok yes + + # GSSAPI options + #GSSAPIAuthentication no +diff --git a/sshd_config.5 b/sshd_config.5 +index 1251d4d5..0fcb409a 100644 +--- a/sshd_config.5 ++++ b/sshd_config.5 +@@ -1041,6 +1041,10 @@ The default value .Cm no can lead to overwriting previous tickets by subseqent connections to the same user account. @@ -268,7 +299,7 @@ diff -up openssh-7.4p1/sshd_config.5.kuserok openssh-7.4p1/sshd_config.5 .It Cm KexAlgorithms Specifies the permitted KEX (Key Exchange) algorithms that the server will offer to clients. -@@ -1078,6 +1082,7 @@ Available keywords are +@@ -1355,6 +1359,7 @@ Available keywords are .Cm IPQoS , .Cm KbdInteractiveAuthentication , .Cm KerberosAuthentication , @@ -276,14 +307,6 @@ diff -up openssh-7.4p1/sshd_config.5.kuserok openssh-7.4p1/sshd_config.5 .Cm LogLevel , .Cm MaxAuthTries , .Cm MaxSessions , -diff -up openssh-7.4p1/sshd_config.kuserok openssh-7.4p1/sshd_config ---- openssh-7.4p1/sshd_config.kuserok 2016-12-23 14:36:07.631465943 +0100 -+++ openssh-7.4p1/sshd_config 2016-12-23 14:36:07.646465935 +0100 -@@ -73,6 +73,7 @@ ChallengeResponseAuthentication no - #KerberosOrLocalPasswd yes - #KerberosTicketCleanup yes - #KerberosGetAFSToken no -+#KerberosUseKuserok yes - - # GSSAPI options - #GSSAPIAuthentication no +-- +2.49.0 + diff --git a/0017-openssh-6.4p1-fromto-remote.patch b/0017-openssh-6.4p1-fromto-remote.patch new file mode 100644 index 0000000..5e8309d --- /dev/null +++ b/0017-openssh-6.4p1-fromto-remote.patch @@ -0,0 +1,28 @@ +From 20aabb2c445e29d211266ce7434bb0273edf88b9 Mon Sep 17 00:00:00 2001 +From: Dmitry Belyavskiy +Date: Thu, 15 May 2025 13:43:28 +0200 +Subject: [PATCH 17/50] openssh-6.4p1-fromto-remote + +--- + scp.c | 5 ++++- + 1 file changed, 4 insertions(+), 1 deletion(-) + +diff --git a/scp.c b/scp.c +index 57c242ff..716ae386 100644 +--- a/scp.c ++++ b/scp.c +@@ -1162,7 +1162,10 @@ toremote(int argc, char **argv, enum scp_mode_e mode, char *sftp_direct) + addargs(&alist, "%s", ssh_program); + addargs(&alist, "-x"); + addargs(&alist, "-oClearAllForwardings=yes"); +- addargs(&alist, "-n"); ++ if (isatty(fileno(stdin))) ++ addargs(&alist, "-t"); ++ else ++ addargs(&alist, "-n"); + for (j = 0; j < remote_remote_args.num; j++) { + addargs(&alist, "%s", + remote_remote_args.list[j]); +-- +2.49.0 + diff --git a/openssh-6.6.1p1-selinux-contexts.patch b/0018-openssh-6.6.1p1-selinux-contexts.patch similarity index 73% rename from openssh-6.6.1p1-selinux-contexts.patch rename to 0018-openssh-6.6.1p1-selinux-contexts.patch index 96161cb..49f2119 100644 --- a/openssh-6.6.1p1-selinux-contexts.patch +++ b/0018-openssh-6.6.1p1-selinux-contexts.patch @@ -1,8 +1,20 @@ +From 6481ac7fbd0027a7038560e0f51dd0af056cc229 Mon Sep 17 00:00:00 2001 +From: Dmitry Belyavskiy +Date: Thu, 15 May 2025 13:43:28 +0200 +Subject: [PATCH 18/50] openssh-6.6.1p1-selinux-contexts + +--- + openbsd-compat/port-linux-sshd.c | 69 +++++++++++++++++++++++++++++++- + openbsd-compat/port-linux.c | 2 +- + openbsd-compat/port-linux.h | 1 + + sshd-auth.c | 2 +- + 4 files changed, 71 insertions(+), 3 deletions(-) + diff --git a/openbsd-compat/port-linux-sshd.c b/openbsd-compat/port-linux-sshd.c -index 8f32464..18a2ca4 100644 +index 8c5fc1fe..646f0887 100644 --- a/openbsd-compat/port-linux-sshd.c +++ b/openbsd-compat/port-linux-sshd.c -@@ -32,6 +32,7 @@ +@@ -33,6 +33,7 @@ #include "misc.h" /* servconf.h needs misc.h for struct ForwardOptions */ #include "servconf.h" #include "port-linux.h" @@ -10,7 +22,7 @@ index 8f32464..18a2ca4 100644 #include "sshkey.h" #include "hostfile.h" #include "auth.h" -@@ -445,7 +446,7 @@ sshd_selinux_setup_exec_context(char *pwname) +@@ -450,7 +451,7 @@ sshd_selinux_setup_exec_context(char *pwname) void sshd_selinux_copy_context(void) { @@ -19,7 +31,7 @@ index 8f32464..18a2ca4 100644 if (!sshd_selinux_enabled()) return; -@@ -461,6 +462,72 @@ sshd_selinux_copy_context(void) +@@ -469,6 +470,72 @@ sshd_selinux_copy_context(void) } } @@ -93,22 +105,23 @@ index 8f32464..18a2ca4 100644 #endif diff --git a/openbsd-compat/port-linux.c b/openbsd-compat/port-linux.c ---- a/openbsd-compat/port-linux.c (revision 8241b9c0529228b4b86d88b1a6076fb9f97e4a99) -+++ b/openbsd-compat/port-linux.c (date 1703108053912) -@@ -207,7 +207,7 @@ +index 7426f6f7..9a6b1d6e 100644 +--- a/openbsd-compat/port-linux.c ++++ b/openbsd-compat/port-linux.c +@@ -188,7 +188,7 @@ ssh_selinux_change_context(const char *newname) xasprintf(&newctx, "%.*s%s%s", (int)(cx - oldctx + 1), oldctx, newname, cx2 == NULL ? "" : cx2); - + - debug3_f("setting context from '%s' to '%s'", oldctx, newctx); + debug_f("setting context from '%s' to '%s'", oldctx, newctx); if (setcon(newctx) < 0) do_log2_f(log_level, "setcon %s from %s failed with %s", newctx, oldctx, strerror(errno)); diff --git a/openbsd-compat/port-linux.h b/openbsd-compat/port-linux.h -index cb51f99..8b7cda2 100644 +index 1b745a76..7f8ba200 100644 --- a/openbsd-compat/port-linux.h +++ b/openbsd-compat/port-linux.h -@@ -29,6 +29,7 @@ int sshd_selinux_enabled(void); +@@ -27,6 +27,7 @@ int sshd_selinux_enabled(void); void sshd_selinux_copy_context(void); void sshd_selinux_setup_exec_context(char *); int sshd_selinux_setup_env_variables(void); @@ -116,16 +129,19 @@ index cb51f99..8b7cda2 100644 #endif #ifdef LINUX_OOM_ADJUST -diff --git a/sshd-session.c b/sshd-session.c -index 2871fe9..39b9c08 100644 ---- a/sshd-session.c -+++ b/sshd-session.c -@@ -629,7 +629,7 @@ privsep_preauth_child(void) - demote_sensitive_data(); - +diff --git a/sshd-auth.c b/sshd-auth.c +index d51e4636..e4a8edfd 100644 +--- a/sshd-auth.c ++++ b/sshd-auth.c +@@ -188,7 +188,7 @@ privsep_child_demote(void) + fatal_f("ssh_sandbox_init failed"); + #endif #ifdef WITH_SELINUX - ssh_selinux_change_context("sshd_net_t"); + sshd_selinux_change_privsep_preauth_context(); #endif /* Demote the child */ +-- +2.49.0 + diff --git a/openssh-6.6.1p1-log-in-chroot.patch b/0019-openssh-6.6.1p1-log-in-chroot.patch similarity index 54% rename from openssh-6.6.1p1-log-in-chroot.patch rename to 0019-openssh-6.6.1p1-log-in-chroot.patch index 0f65279..3b30f98 100644 --- a/openssh-6.6.1p1-log-in-chroot.patch +++ b/0019-openssh-6.6.1p1-log-in-chroot.patch @@ -1,7 +1,25 @@ -diff -up openssh-8.6p1/log.c.log-in-chroot openssh-8.6p1/log.c ---- openssh-8.6p1/log.c.log-in-chroot 2021-04-16 05:55:25.000000000 +0200 -+++ openssh-8.6p1/log.c 2021-04-19 14:43:08.544843434 +0200 -@@ -194,6 +194,11 @@ void +From 825018f5f2d892655f3d63167a0d1f3391cec678 Mon Sep 17 00:00:00 2001 +From: Dmitry Belyavskiy +Date: Thu, 15 May 2025 13:43:28 +0200 +Subject: [PATCH 19/50] openssh-6.6.1p1-log-in-chroot + +--- + log.c | 11 +++++++++-- + log.h | 1 + + monitor.c | 17 +++++++++++++++-- + monitor.h | 2 +- + session.c | 26 +++++++++++++++----------- + sftp-server-main.c | 2 +- + sftp-server.c | 6 +++--- + sftp.h | 2 +- + sshd-session.c | 7 ++++++- + 9 files changed, 52 insertions(+), 22 deletions(-) + +diff --git a/log.c b/log.c +index 6617f267..9782cfb0 100644 +--- a/log.c ++++ b/log.c +@@ -196,6 +196,11 @@ void log_init(const char *av0, LogLevel level, SyslogFacility facility, int on_stderr) { @@ -13,7 +31,7 @@ diff -up openssh-8.6p1/log.c.log-in-chroot openssh-8.6p1/log.c #if defined(HAVE_OPENLOG_R) && defined(SYSLOG_DATA_INIT) struct syslog_data sdata = SYSLOG_DATA_INIT; #endif -@@ -206,8 +211,10 @@ log_init(const char *av0, LogLevel level +@@ -208,8 +213,10 @@ log_init(const char *av0, LogLevel level, SyslogFacility facility, exit(1); } @@ -26,9 +44,10 @@ diff -up openssh-8.6p1/log.c.log-in-chroot openssh-8.6p1/log.c log_on_stderr = on_stderr; if (on_stderr) -diff -up openssh-8.6p1/log.h.log-in-chroot openssh-8.6p1/log.h ---- openssh-8.6p1/log.h.log-in-chroot 2021-04-19 14:43:08.544843434 +0200 -+++ openssh-8.6p1/log.h 2021-04-19 14:56:46.931042176 +0200 +diff --git a/log.h b/log.h +index 8e8dfc23..70048a8a 100644 +--- a/log.h ++++ b/log.h @@ -52,6 +52,7 @@ typedef enum { typedef void (log_handler_fn)(LogLevel, int, const char *, void *); @@ -37,43 +56,11 @@ diff -up openssh-8.6p1/log.h.log-in-chroot openssh-8.6p1/log.h LogLevel log_level_get(void); int log_change_level(LogLevel); int log_is_on_stderr(void); -diff -up openssh-8.6p1/monitor.c.log-in-chroot openssh-8.6p1/monitor.c ---- openssh-8.6p1/monitor.c.log-in-chroot 2021-04-19 14:43:08.526843298 +0200 -+++ openssh-8.6p1/monitor.c 2021-04-19 14:55:25.286424043 +0200 -@@ -297,6 +297,8 @@ monitor_child_preauth(struct ssh *ssh, s - close(pmonitor->m_log_sendfd); - pmonitor->m_log_sendfd = pmonitor->m_recvfd = -1; - -+ pmonitor->m_state = "preauth"; -+ - authctxt = (Authctxt *)ssh->authctxt; - memset(authctxt, 0, sizeof(*authctxt)); - ssh->authctxt = authctxt; -@@ -408,6 +410,8 @@ monitor_child_postauth(struct ssh *ssh, - close(pmonitor->m_recvfd); - pmonitor->m_recvfd = -1; - -+ pmonitor->m_state = "postauth"; -+ - monitor_set_child_handler(pmonitor->m_pid); - ssh_signal(SIGHUP, &monitor_child_handler); - ssh_signal(SIGTERM, &monitor_child_handler); -@@ -480,7 +484,7 @@ monitor_read_log(struct monitor *pmonito - /* Log it */ - if (log_level_name(level) == NULL) - fatal_f("invalid log level %u (corrupted message?)", level); -- sshlogdirect(level, forced, "%s [preauth]", msg); -+ sshlogdirect(level, forced, "%s [%s]", msg, pmonitor->m_state); - - sshbuf_free(logmsg); - free(msg); -@@ -1868,13 +1872,28 @@ monitor_init(void) - mon = xcalloc(1, sizeof(*mon)); - monitor_openfds(mon, 1); - -+ mon->m_state = ""; -+ - return mon; +diff --git a/monitor.c b/monitor.c +index 2ef16cc8..43c10a4e 100644 +--- a/monitor.c ++++ b/monitor.c +@@ -2001,9 +2001,22 @@ monitor_init(void) } void @@ -98,14 +85,11 @@ diff -up openssh-8.6p1/monitor.c.log-in-chroot openssh-8.6p1/monitor.c } #ifdef GSSAPI -diff -up openssh-8.6p1/monitor.h.log-in-chroot openssh-8.6p1/monitor.h ---- openssh-8.6p1/monitor.h.log-in-chroot 2021-04-19 14:43:08.527843305 +0200 -+++ openssh-8.6p1/monitor.h 2021-04-19 14:43:08.545843441 +0200 -@@ -80,10 +80,11 @@ struct monitor { - int m_log_sendfd; - struct kex **m_pkex; - pid_t m_pid; -+ char *m_state; +diff --git a/monitor.h b/monitor.h +index dbc7e003..d4d631dd 100644 +--- a/monitor.h ++++ b/monitor.h +@@ -85,7 +85,7 @@ struct monitor { }; struct monitor *monitor_init(void); @@ -114,10 +98,11 @@ diff -up openssh-8.6p1/monitor.h.log-in-chroot openssh-8.6p1/monitor.h struct Authctxt; void monitor_child_preauth(struct ssh *, struct monitor *); -diff -up openssh-8.6p1/session.c.log-in-chroot openssh-8.6p1/session.c ---- openssh-8.6p1/session.c.log-in-chroot 2021-04-19 14:43:08.534843358 +0200 -+++ openssh-8.6p1/session.c 2021-04-19 14:43:08.545843441 +0200 -@@ -160,6 +160,7 @@ login_cap_t *lc; +diff --git a/session.c b/session.c +index 2620dd11..54da09d5 100644 +--- a/session.c ++++ b/session.c +@@ -169,6 +169,7 @@ login_cap_t *lc; static int is_child = 0; static int in_chroot = 0; @@ -125,7 +110,7 @@ diff -up openssh-8.6p1/session.c.log-in-chroot openssh-8.6p1/session.c /* File containing userauth info, if ExposeAuthInfo set */ static char *auth_info_file = NULL; -@@ -661,6 +662,7 @@ do_exec(struct ssh *ssh, Session *s, con +@@ -670,6 +671,7 @@ do_exec(struct ssh *ssh, Session *s, const char *command) int ret; const char *forced = NULL, *tty = NULL; char session_type[1024]; @@ -133,7 +118,7 @@ diff -up openssh-8.6p1/session.c.log-in-chroot openssh-8.6p1/session.c if (options.adm_forced_command) { original_command = command; -@@ -720,6 +722,10 @@ do_exec(struct ssh *ssh, Session *s, con +@@ -729,6 +731,10 @@ do_exec(struct ssh *ssh, Session *s, const char *command) tty += 5; } @@ -144,7 +129,7 @@ diff -up openssh-8.6p1/session.c.log-in-chroot openssh-8.6p1/session.c verbose("Starting session: %s%s%s for %s from %.200s port %d id %d", session_type, tty == NULL ? "" : " on ", -@@ -1524,14 +1530,6 @@ child_close_fds(struct ssh *ssh) +@@ -1512,14 +1518,6 @@ child_close_fds(struct ssh *ssh) /* Stop directing logs to a high-numbered fd before we close it */ log_redirect_stderr_to(NULL); @@ -159,7 +144,7 @@ diff -up openssh-8.6p1/session.c.log-in-chroot openssh-8.6p1/session.c } /* -@@ -1665,8 +1663,6 @@ do_child(struct ssh *ssh, Session *s, co +@@ -1652,8 +1650,6 @@ do_child(struct ssh *ssh, Session *s, const char *command) exit(1); } @@ -168,7 +153,7 @@ diff -up openssh-8.6p1/session.c.log-in-chroot openssh-8.6p1/session.c do_rc_files(ssh, s, shell); /* restore SIGPIPE for child */ -@@ -1691,9 +1687,17 @@ do_child(struct ssh *ssh, Session *s, co +@@ -1678,9 +1674,17 @@ do_child(struct ssh *ssh, Session *s, const char *command) argv[i] = NULL; optind = optreset = 1; __progname = argv[0]; @@ -187,29 +172,31 @@ diff -up openssh-8.6p1/session.c.log-in-chroot openssh-8.6p1/session.c fflush(NULL); /* Get the last component of the shell name. */ -diff -up openssh-8.6p1/sftp.h.log-in-chroot openssh-8.6p1/sftp.h ---- openssh-8.6p1/sftp.h.log-in-chroot 2021-04-16 05:55:25.000000000 +0200 -+++ openssh-8.6p1/sftp.h 2021-04-19 14:43:08.545843441 +0200 -@@ -97,5 +97,5 @@ +diff --git a/sftp-server-main.c b/sftp-server-main.c +index 2c70f89b..bbb79f27 100644 +--- a/sftp-server-main.c ++++ b/sftp-server-main.c +@@ -48,5 +48,5 @@ main(int argc, char **argv) + return 1; + } - struct passwd; - --int sftp_server_main(int, char **, struct passwd *); -+int sftp_server_main(int, char **, struct passwd *, int); - void sftp_server_cleanup_exit(int) __attribute__((noreturn)); -diff -up openssh-8.6p1/sftp-server.c.log-in-chroot openssh-8.6p1/sftp-server.c ---- openssh-8.6p1/sftp-server.c.log-in-chroot 2021-04-16 05:55:25.000000000 +0200 -+++ openssh-8.6p1/sftp-server.c 2021-04-19 14:43:08.545843441 +0200 -@@ -1644,7 +1644,7 @@ sftp_server_usage(void) +- return (sftp_server_main(argc, argv, user_pw)); ++ return (sftp_server_main(argc, argv, user_pw, 0)); + } +diff --git a/sftp-server.c b/sftp-server.c +index a4abb9f7..4985da38 100644 +--- a/sftp-server.c ++++ b/sftp-server.c +@@ -1901,7 +1901,7 @@ sftp_server_usage(void) } int -sftp_server_main(int argc, char **argv, struct passwd *user_pw) +sftp_server_main(int argc, char **argv, struct passwd *user_pw, int reset_handler) { - int i, r, in, out, ch, skipargs = 0, log_stderr = 0; - ssize_t len, olen; -@@ -1657,7 +1657,7 @@ sftp_server_main(int argc, char **argv, + int i, r, in, out, ch, skipargs = 0, log_stderr = 0; + ssize_t len, olen; +@@ -1913,7 +1913,7 @@ sftp_server_main(int argc, char **argv, struct passwd *user_pw) extern char *__progname; __progname = ssh_get_progname(argv[0]); @@ -218,7 +205,7 @@ diff -up openssh-8.6p1/sftp-server.c.log-in-chroot openssh-8.6p1/sftp-server.c pw = pwcopy(user_pw); -@@ -1730,7 +1730,7 @@ sftp_server_main(int argc, char **argv, +@@ -1986,7 +1986,7 @@ sftp_server_main(int argc, char **argv, struct passwd *user_pw) } } @@ -227,20 +214,22 @@ diff -up openssh-8.6p1/sftp-server.c.log-in-chroot openssh-8.6p1/sftp-server.c /* * On platforms where we can, avoid making /proc/self/{mem,maps} -diff -up openssh-8.6p1/sftp-server-main.c.log-in-chroot openssh-8.6p1/sftp-server-main.c ---- openssh-8.6p1/sftp-server-main.c.log-in-chroot 2021-04-16 05:55:25.000000000 +0200 -+++ openssh-8.6p1/sftp-server-main.c 2021-04-19 14:43:08.545843441 +0200 -@@ -50,5 +50,5 @@ main(int argc, char **argv) - return 1; - } +diff --git a/sftp.h b/sftp.h +index 2bde8bb7..ddf1a396 100644 +--- a/sftp.h ++++ b/sftp.h +@@ -97,5 +97,5 @@ -- return (sftp_server_main(argc, argv, user_pw)); -+ return (sftp_server_main(argc, argv, user_pw, 0)); - } -diff -up openssh-8.6p1/sshd-session.c.log-in-chroot openssh-8.6p1/sshd-session.c ---- openssh-8.6p1/sshd-session.c.log-in-chroot 2021-04-19 14:43:08.543843426 +0200 -+++ openssh-8.6p1/sshd-session.c 2021-04-19 14:43:08.545843441 +0200 -@@ -559,7 +559,7 @@ privsep_postauth(struct ssh *ssh, Authct + struct passwd; + +-int sftp_server_main(int, char **, struct passwd *); ++int sftp_server_main(int, char **, struct passwd *, int); + void sftp_server_cleanup_exit(int) __attribute__((noreturn)); +diff --git a/sshd-session.c b/sshd-session.c +index 478381db..9342e416 100644 +--- a/sshd-session.c ++++ b/sshd-session.c +@@ -437,7 +437,7 @@ privsep_postauth(struct ssh *ssh, Authctxt *authctxt) #endif /* New socket pair */ @@ -249,7 +238,7 @@ diff -up openssh-8.6p1/sshd-session.c.log-in-chroot openssh-8.6p1/sshd-session.c pmonitor->m_pid = fork(); if (pmonitor->m_pid == -1) -@@ -578,6 +578,11 @@ privsep_postauth(struct ssh *ssh, Authct +@@ -456,6 +456,11 @@ privsep_postauth(struct ssh *ssh, Authctxt *authctxt) close(pmonitor->m_sendfd); pmonitor->m_sendfd = -1; @@ -261,3 +250,6 @@ diff -up openssh-8.6p1/sshd-session.c.log-in-chroot openssh-8.6p1/sshd-session.c /* Demote the private keys to public keys. */ demote_sensitive_data(); +-- +2.49.0 + diff --git a/0020-openssh-6.6.1p1-scp-non-existing-directory.patch b/0020-openssh-6.6.1p1-scp-non-existing-directory.patch new file mode 100644 index 0000000..94c43ef --- /dev/null +++ b/0020-openssh-6.6.1p1-scp-non-existing-directory.patch @@ -0,0 +1,27 @@ +From 007ee98fa9100f7241985ac2a7eed71e17d89a9f Mon Sep 17 00:00:00 2001 +From: Dmitry Belyavskiy +Date: Thu, 15 May 2025 13:43:28 +0200 +Subject: [PATCH 20/50] openssh-6.6.1p1-scp-non-existing-directory + +--- + scp.c | 4 ++++ + 1 file changed, 4 insertions(+) + +diff --git a/scp.c b/scp.c +index 716ae386..9554b188 100644 +--- a/scp.c ++++ b/scp.c +@@ -1876,6 +1876,10 @@ sink(int argc, char **argv, const char *src) + free(vect[0]); + continue; + } ++ if (buf[0] == 'C' && ! exists && np[strlen(np)-1] == '/') { ++ errno = ENOTDIR; ++ goto bad; ++ } + omode = mode; + mode |= S_IWUSR; + if ((ofd = open(np, O_WRONLY|O_CREAT, mode)) == -1) { +-- +2.49.0 + diff --git a/openssh-6.6p1-GSSAPIEnablek5users.patch b/0021-openssh-6.6p1-GSSAPIEnablek5users.patch similarity index 61% rename from openssh-6.6p1-GSSAPIEnablek5users.patch rename to 0021-openssh-6.6p1-GSSAPIEnablek5users.patch index 7fef831..eeff02a 100644 --- a/openssh-6.6p1-GSSAPIEnablek5users.patch +++ b/0021-openssh-6.6p1-GSSAPIEnablek5users.patch @@ -1,7 +1,21 @@ -diff -up openssh-7.4p1/gss-serv-krb5.c.GSSAPIEnablek5users openssh-7.4p1/gss-serv-krb5.c ---- openssh-7.4p1/gss-serv-krb5.c.GSSAPIEnablek5users 2016-12-23 15:18:40.615216100 +0100 -+++ openssh-7.4p1/gss-serv-krb5.c 2016-12-23 15:18:40.628216102 +0100 -@@ -279,7 +279,6 @@ ssh_gssapi_krb5_cmdok(krb5_principal pri +From 9c75c175e3555377328fc5fc9b06e94f129b7cd7 Mon Sep 17 00:00:00 2001 +From: Dmitry Belyavskiy +Date: Thu, 15 May 2025 13:43:28 +0200 +Subject: [PATCH 21/50] openssh-6.6p1-GSSAPIEnablek5users + +--- + gss-serv-krb5.c | 3 +-- + servconf.c | 13 ++++++++++++- + servconf.h | 1 + + sshd_config | 1 + + sshd_config.5 | 6 ++++++ + 5 files changed, 21 insertions(+), 3 deletions(-) + +diff --git a/gss-serv-krb5.c b/gss-serv-krb5.c +index 187faf92..03188d9b 100644 +--- a/gss-serv-krb5.c ++++ b/gss-serv-krb5.c +@@ -278,7 +278,6 @@ ssh_gssapi_krb5_cmdok(krb5_principal principal, const char *name, FILE *fp; char file[MAXPATHLEN]; char *line = NULL; @@ -9,7 +23,7 @@ diff -up openssh-7.4p1/gss-serv-krb5.c.GSSAPIEnablek5users openssh-7.4p1/gss-ser struct stat st; struct passwd *pw = the_authctxt->pw; int found_principal = 0; -@@ -288,7 +287,7 @@ ssh_gssapi_krb5_cmdok(krb5_principal pri +@@ -288,7 +287,7 @@ ssh_gssapi_krb5_cmdok(krb5_principal principal, const char *name, snprintf(file, sizeof(file), "%s/.k5users", pw->pw_dir); /* If both .k5login and .k5users DNE, self-login is ok. */ @@ -18,18 +32,19 @@ diff -up openssh-7.4p1/gss-serv-krb5.c.GSSAPIEnablek5users openssh-7.4p1/gss-ser return ssh_krb5_kuserok(krb_context, principal, luser, k5login_exists); } -diff -up openssh-7.4p1/servconf.c.GSSAPIEnablek5users openssh-7.4p1/servconf.c ---- openssh-7.4p1/servconf.c.GSSAPIEnablek5users 2016-12-23 15:18:40.615216100 +0100 -+++ openssh-7.4p1/servconf.c 2016-12-23 15:35:36.354401156 +0100 -@@ -168,6 +168,7 @@ initialize_server_options(ServerOptions +diff --git a/servconf.c b/servconf.c +index 5dd5ca21..c0de7110 100644 +--- a/servconf.c ++++ b/servconf.c +@@ -146,6 +146,7 @@ initialize_server_options(ServerOptions *options) options->gss_store_rekey = -1; options->gss_kex_algorithms = NULL; options->use_kuserok = -1; + options->enable_k5users = -1; options->password_authentication = -1; options->kbd_interactive_authentication = -1; - options->permit_empty_passwd = -1; -@@ -345,6 +346,8 @@ fill_default_server_options(ServerOption + options->permit_empty_passwd = -1; +@@ -402,6 +403,8 @@ fill_default_server_options(ServerOptions *options) #endif if (options->use_kuserok == -1) options->use_kuserok = 1; @@ -38,7 +53,7 @@ diff -up openssh-7.4p1/servconf.c.GSSAPIEnablek5users openssh-7.4p1/servconf.c if (options->password_authentication == -1) options->password_authentication = 1; if (options->kbd_interactive_authentication == -1) -@@ -578,7 +578,7 @@ typedef enum { +@@ -585,7 +588,7 @@ typedef enum { sHostKeyAlgorithms, sPerSourceMaxStartups, sPerSourceNetBlockSize, sPerSourcePenalties, sPerSourcePenaltyExemptList, sClientAliveInterval, sClientAliveCountMax, sAuthorizedKeysFile, @@ -47,7 +62,7 @@ diff -up openssh-7.4p1/servconf.c.GSSAPIEnablek5users openssh-7.4p1/servconf.c sGssKeyEx, sGssKexAlgorithms, sGssStoreRekey, sAcceptEnv, sSetEnv, sPermitTunnel, sMatch, sPermitOpen, sPermitListen, sForceCommand, sChrootDirectory, -@@ -600,14 +600,16 @@ static struct { +@@ -681,6 +684,7 @@ static struct { { "gssapikeyexchange", sGssKeyEx, SSHCFG_GLOBAL }, { "gssapistorecredentialsonrekey", sGssStoreRekey, SSHCFG_GLOBAL }, { "gssapikexalgorithms", sGssKexAlgorithms, SSHCFG_GLOBAL }, @@ -55,8 +70,7 @@ diff -up openssh-7.4p1/servconf.c.GSSAPIEnablek5users openssh-7.4p1/servconf.c #else { "gssapiauthentication", sUnsupported, SSHCFG_ALL }, { "gssapicleanupcredentials", sUnsupported, SSHCFG_GLOBAL }, - { "gssapicleanupcreds", sUnsupported, SSHCFG_GLOBAL }, - { "gssapistrictacceptorcheck", sUnsupported, SSHCFG_GLOBAL }, +@@ -689,6 +693,7 @@ static struct { { "gssapikeyexchange", sUnsupported, SSHCFG_GLOBAL }, { "gssapistorecredentialsonrekey", sUnsupported, SSHCFG_GLOBAL }, { "gssapikexalgorithms", sUnsupported, SSHCFG_GLOBAL }, @@ -64,7 +78,7 @@ diff -up openssh-7.4p1/servconf.c.GSSAPIEnablek5users openssh-7.4p1/servconf.c #endif { "gssusesessionccache", sUnsupported, SSHCFG_GLOBAL }, { "gssapiusesessioncredcache", sUnsupported, SSHCFG_GLOBAL }, -@@ -1653,6 +1658,10 @@ process_server_config_line(ServerOptions +@@ -2450,6 +2455,10 @@ process_server_config_line_depth(ServerOptions *options, char *line, intptr = &options->use_kuserok; goto parse_flag; @@ -72,10 +86,10 @@ diff -up openssh-7.4p1/servconf.c.GSSAPIEnablek5users openssh-7.4p1/servconf.c + intptr = &options->enable_k5users; + goto parse_flag; + - case sMatch: - if (cmdline) - fatal("Match directive not supported as a command-line " -@@ -2026,6 +2035,7 @@ copy_set_server_options(ServerOptions *d + case sMatch: + if (cmdline) + fatal("Match directive not supported as a command-line " +@@ -3005,6 +3014,7 @@ copy_set_server_options(ServerOptions *dst, ServerOptions *src, int preauth) M_CP_INTOPT(ip_qos_interactive); M_CP_INTOPT(ip_qos_bulk); M_CP_INTOPT(use_kuserok); @@ -83,7 +97,7 @@ diff -up openssh-7.4p1/servconf.c.GSSAPIEnablek5users openssh-7.4p1/servconf.c M_CP_INTOPT(rekey_limit); M_CP_INTOPT(rekey_interval); M_CP_INTOPT(log_level); -@@ -2320,6 +2330,7 @@ dump_config(ServerOptions *o) +@@ -3314,6 +3324,7 @@ dump_config(ServerOptions *o) # endif dump_cfg_fmtint(sKerberosUniqueCCache, o->kerberos_unique_ccache); dump_cfg_fmtint(sKerberosUseKuserok, o->use_kuserok); @@ -91,21 +105,35 @@ diff -up openssh-7.4p1/servconf.c.GSSAPIEnablek5users openssh-7.4p1/servconf.c #endif #ifdef GSSAPI dump_cfg_fmtint(sGssAuthentication, o->gss_authentication); -diff -up openssh-7.4p1/servconf.h.GSSAPIEnablek5users openssh-7.4p1/servconf.h ---- openssh-7.4p1/servconf.h.GSSAPIEnablek5users 2016-12-23 15:18:40.616216100 +0100 -+++ openssh-7.4p1/servconf.h 2016-12-23 15:18:40.629216102 +0100 -@@ -174,6 +174,7 @@ typedef struct { - int kerberos_unique_ccache; /* If true, the acquired ticket will - * be stored in per-session ccache */ +diff --git a/servconf.h b/servconf.h +index 11de36a2..c08cf6a7 100644 +--- a/servconf.h ++++ b/servconf.h +@@ -152,6 +152,7 @@ typedef struct { + int kerberos_unique_ccache; /* If true, the acquired ticket will + * be stored in per-session ccache */ int use_kuserok; + int enable_k5users; int gss_authentication; /* If true, permit GSSAPI authentication */ int gss_keyex; /* If true, permit GSSAPI key exchange */ int gss_cleanup_creds; /* If true, destroy cred cache on logout */ -diff -up openssh-7.4p1/sshd_config.5.GSSAPIEnablek5users openssh-7.4p1/sshd_config.5 ---- openssh-7.4p1/sshd_config.5.GSSAPIEnablek5users 2016-12-23 15:18:40.630216103 +0100 -+++ openssh-7.4p1/sshd_config.5 2016-12-23 15:36:21.607408435 +0100 -@@ -628,6 +628,12 @@ Specifies whether to automatically destr +diff --git a/sshd_config b/sshd_config +index ea5a878e..33713c88 100644 +--- a/sshd_config ++++ b/sshd_config +@@ -82,6 +82,7 @@ AuthorizedKeysFile .ssh/authorized_keys + #GSSAPICleanupCredentials yes + #GSSAPIStrictAcceptorCheck yes + #GSSAPIKeyExchange no ++#GSSAPIEnablek5users no + + # Set this to 'yes' to enable PAM authentication, account processing, + # and session processing. If this is enabled, PAM authentication will +diff --git a/sshd_config.5 b/sshd_config.5 +index 0fcb409a..fe246fc2 100644 +--- a/sshd_config.5 ++++ b/sshd_config.5 +@@ -739,6 +739,12 @@ Specifies whether to automatically destroy the user's credentials cache on logout. The default is .Cm yes . @@ -118,17 +146,6 @@ diff -up openssh-7.4p1/sshd_config.5.GSSAPIEnablek5users openssh-7.4p1/sshd_conf .It Cm GSSAPIKeyExchange Specifies whether key exchange based on GSSAPI is allowed. GSSAPI key exchange doesn't rely on ssh keys to verify host identity. -diff -up openssh-7.4p1/sshd_config.GSSAPIEnablek5users openssh-7.4p1/sshd_config ---- openssh-7.4p1/sshd_config.GSSAPIEnablek5users 2016-12-23 15:18:40.616216100 +0100 -+++ openssh-7.4p1/sshd_config 2016-12-23 15:18:40.631216103 +0100 -@@ -80,6 +80,7 @@ GSSAPIAuthentication yes - #GSSAPICleanupCredentials yes - #GSSAPIStrictAcceptorCheck yes - #GSSAPIKeyExchange no -+#GSSAPIEnablek5users no - - # Set this to 'yes' to enable PAM authentication, account processing, - # and session processing. If this is enabled, PAM authentication will -diff -up openssh-9.8p1/servconf.c.xxx openssh-9.8p1/servconf.c ---- openssh-9.8p1/servconf.c.xxx 2024-07-11 13:51:19.969960781 +0200 -+++ openssh-9.8p1/servconf.c 2024-07-11 13:51:30.938231250 +0200 +-- +2.49.0 + diff --git a/0022-openssh-6.8p1-sshdT-output.patch b/0022-openssh-6.8p1-sshdT-output.patch new file mode 100644 index 0000000..4e4766e --- /dev/null +++ b/0022-openssh-6.8p1-sshdT-output.patch @@ -0,0 +1,25 @@ +From 05b09904f431333e19cd24528ef66d1fd15e9efe Mon Sep 17 00:00:00 2001 +From: Dmitry Belyavskiy +Date: Thu, 15 May 2025 13:43:28 +0200 +Subject: [PATCH 22/50] openssh-6.8p1-sshdT-output + +--- + servconf.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/servconf.c b/servconf.c +index c0de7110..105e301d 100644 +--- a/servconf.c ++++ b/servconf.c +@@ -3366,7 +3366,7 @@ dump_config(ServerOptions *o) + dump_cfg_string(sXAuthLocation, o->xauth_location); + dump_cfg_string(sCiphers, o->ciphers); + dump_cfg_string(sMacs, o->macs); +- dump_cfg_string(sBanner, o->banner); ++ dump_cfg_string(sBanner, o->banner != NULL ? o->banner : "none"); + dump_cfg_string(sForceCommand, o->adm_forced_command); + dump_cfg_string(sChrootDirectory, o->chroot_directory); + dump_cfg_string(sTrustedUserCAKeys, o->trusted_user_ca_keys); +-- +2.49.0 + diff --git a/openssh-6.7p1-sftp-force-permission.patch b/0023-openssh-6.7p1-sftp-force-permission.patch similarity index 72% rename from openssh-6.7p1-sftp-force-permission.patch rename to 0023-openssh-6.7p1-sftp-force-permission.patch index 1cfa309..1cdc0df 100644 --- a/openssh-6.7p1-sftp-force-permission.patch +++ b/0023-openssh-6.7p1-sftp-force-permission.patch @@ -1,6 +1,17 @@ -diff -up openssh-7.2p2/sftp-server.8.sftp-force-mode openssh-7.2p2/sftp-server.8 ---- openssh-7.2p2/sftp-server.8.sftp-force-mode 2016-03-09 19:04:48.000000000 +0100 -+++ openssh-7.2p2/sftp-server.8 2016-06-23 16:18:20.463854117 +0200 +From 34b196198018059bed294fa7a08e70606b4cbc36 Mon Sep 17 00:00:00 2001 +From: Dmitry Belyavskiy +Date: Thu, 15 May 2025 13:43:28 +0200 +Subject: [PATCH 23/50] openssh-6.7p1-sftp-force-permission + +--- + sftp-server.8 | 7 +++++++ + sftp-server.c | 24 ++++++++++++++++++++++-- + 2 files changed, 29 insertions(+), 2 deletions(-) + +diff --git a/sftp-server.8 b/sftp-server.8 +index 5311bf92..5e6e3aa4 100644 +--- a/sftp-server.8 ++++ b/sftp-server.8 @@ -38,6 +38,7 @@ .Op Fl P Ar denied_requests .Op Fl p Ar allowed_requests @@ -22,10 +33,11 @@ diff -up openssh-7.2p2/sftp-server.8.sftp-force-mode openssh-7.2p2/sftp-server.8 .El .Pp On some systems, -diff -up openssh-7.2p2/sftp-server.c.sftp-force-mode openssh-7.2p2/sftp-server.c ---- openssh-7.2p2/sftp-server.c.sftp-force-mode 2016-06-23 16:18:20.446854128 +0200 -+++ openssh-7.2p2/sftp-server.c 2016-06-23 16:20:37.950766082 +0200 -@@ -69,6 +69,10 @@ struct sshbuf *oqueue; +diff --git a/sftp-server.c b/sftp-server.c +index 4985da38..6ed1c27f 100644 +--- a/sftp-server.c ++++ b/sftp-server.c +@@ -76,6 +76,10 @@ struct sshbuf *oqueue; /* Version of client */ static u_int version; @@ -36,7 +48,7 @@ diff -up openssh-7.2p2/sftp-server.c.sftp-force-mode openssh-7.2p2/sftp-server.c /* SSH2_FXP_INIT received */ static int init_done; -@@ -683,6 +687,7 @@ process_open(u_int32_t id) +@@ -745,6 +749,7 @@ process_open(u_int32_t id) Attrib a; char *name; int r, handle, fd, flags, mode, status = SSH2_FX_FAILURE; @@ -44,7 +56,7 @@ diff -up openssh-7.2p2/sftp-server.c.sftp-force-mode openssh-7.2p2/sftp-server.c if ((r = sshbuf_get_cstring(iqueue, &name, NULL)) != 0 || (r = sshbuf_get_u32(iqueue, &pflags)) != 0 || /* portable flags */ -@@ -692,6 +697,10 @@ process_open(u_int32_t id) +@@ -754,6 +759,10 @@ process_open(u_int32_t id) debug3("request %u: open flags %d", id, pflags); flags = flags_from_portable(pflags); mode = (a.flags & SSH2_FILEXFER_ATTR_PERMISSIONS) ? a.perm : 0666; @@ -55,7 +67,7 @@ diff -up openssh-7.2p2/sftp-server.c.sftp-force-mode openssh-7.2p2/sftp-server.c logit("open \"%s\" flags %s mode 0%o", name, string_from_portable(pflags), mode); if (readonly && -@@ -713,6 +722,8 @@ process_open(u_int32_t id) +@@ -775,6 +784,8 @@ process_open(u_int32_t id) } } } @@ -64,7 +76,7 @@ diff -up openssh-7.2p2/sftp-server.c.sftp-force-mode openssh-7.2p2/sftp-server.c if (status != SSH2_FX_OK) send_status(id, status); free(name); -@@ -1494,7 +1505,7 @@ sftp_server_usage(void) +@@ -1894,7 +1905,7 @@ sftp_server_usage(void) fprintf(stderr, "usage: %s [-ehR] [-d start_directory] [-f log_facility] " "[-l log_level]\n\t[-P denied_requests] " @@ -73,7 +85,7 @@ diff -up openssh-7.2p2/sftp-server.c.sftp-force-mode openssh-7.2p2/sftp-server.c " %s -Q protocol_feature\n", __progname, __progname); exit(1); -@@ -1520,7 +1531,7 @@ sftp_server_main(int argc, char **argv, +@@ -1918,7 +1929,7 @@ sftp_server_main(int argc, char **argv, struct passwd *user_pw, int reset_handle pw = pwcopy(user_pw); while (!skipargs && (ch = getopt(argc, argv, @@ -82,7 +94,7 @@ diff -up openssh-7.2p2/sftp-server.c.sftp-force-mode openssh-7.2p2/sftp-server.c switch (ch) { case 'Q': if (strcasecmp(optarg, "requests") != 0) { -@@ -1580,6 +1591,15 @@ sftp_server_main(int argc, char **argv, +@@ -1980,6 +1991,15 @@ sftp_server_main(int argc, char **argv, struct passwd *user_pw, int reset_handle fatal("Invalid umask \"%s\"", optarg); (void)umask((mode_t)mask); break; @@ -98,3 +110,6 @@ diff -up openssh-7.2p2/sftp-server.c.sftp-force-mode openssh-7.2p2/sftp-server.c case 'h': default: sftp_server_usage(); +-- +2.49.0 + diff --git a/openssh-7.2p2-s390-closefrom.patch b/0024-openssh-7.2p2-s390-closefrom.patch similarity index 66% rename from openssh-7.2p2-s390-closefrom.patch rename to 0024-openssh-7.2p2-s390-closefrom.patch index 363538c..0214781 100644 --- a/openssh-7.2p2-s390-closefrom.patch +++ b/0024-openssh-7.2p2-s390-closefrom.patch @@ -1,21 +1,17 @@ -Zseries only: Leave the hardware filedescriptors open. - -All filedescriptors above 2 are getting closed when a new -sshd process to handle a new client connection is -spawned. As the process also chroot into an empty filesystem -without any device nodes, there is no chance to reopen the -files. This patch filters out the reqired fds in the -closefrom function so these are skipped in the close loop. - -Author: Harald Freudenberger +From 9bb31b63142adaaf949e20c2d86c97f9b787217b Mon Sep 17 00:00:00 2001 +From: Dmitry Belyavskiy +Date: Thu, 15 May 2025 13:43:28 +0200 +Subject: [PATCH 24/50] openssh-7.2p2-s390-closefrom --- - openbsd-compat/bsd-closefrom.c | 26 ++++++++++++++++++++++++++ + openbsd-compat/bsd-closefrom.c | 26 ++++++++++++++++++++++++++ 1 file changed, 26 insertions(+) +diff --git a/openbsd-compat/bsd-closefrom.c b/openbsd-compat/bsd-closefrom.c +index 49a4f35f..f6112458 100644 --- a/openbsd-compat/bsd-closefrom.c +++ b/openbsd-compat/bsd-closefrom.c -@@ -82,7 +82,33 @@ closefrom(int lowfd) +@@ -140,7 +140,33 @@ closefrom(int lowfd) fd = strtol(dent->d_name, &endp, 10); if (dent->d_name != endp && *endp == '\0' && fd >= 0 && fd < INT_MAX && fd >= lowfd && fd != dirfd(dirp)) @@ -49,4 +45,6 @@ Author: Harald Freudenberger } (void) closedir(dirp); return; +-- +2.49.0 diff --git a/openssh-7.3p1-x11-max-displays.patch b/0025-openssh-7.3p1-x11-max-displays.patch similarity index 53% rename from openssh-7.3p1-x11-max-displays.patch rename to 0025-openssh-7.3p1-x11-max-displays.patch index e28c62e..68d679c 100644 --- a/openssh-7.3p1-x11-max-displays.patch +++ b/0025-openssh-7.3p1-x11-max-displays.patch @@ -1,18 +1,22 @@ -diff -up openssh-7.4p1/channels.c.x11max openssh-7.4p1/channels.c ---- openssh-7.4p1/channels.c.x11max 2016-12-23 15:46:32.071506625 +0100 -+++ openssh-7.4p1/channels.c 2016-12-23 15:46:32.139506636 +0100 -@@ -152,8 +152,8 @@ static int all_opens_permitted = 0; - #define NUM_SOCKS 10 - - /* -- X11 forwarding */ --/* Maximum number of fake X11 displays to try. */ --#define MAX_DISPLAYS 1000 -+/* Minimum port number for X11 forwarding */ -+#define X11_PORT_MIN 6000 - - /* Per-channel callback for pre/post IO actions */ - typedef void chan_fn(struct ssh *, Channel *c); -@@ -4228,7 +4228,7 @@ channel_send_window_changes(void) +From 36e3430d1f81397d5f40600e075272a81f7effce Mon Sep 17 00:00:00 2001 +From: Dmitry Belyavskiy +Date: Thu, 15 May 2025 13:43:28 +0200 +Subject: [PATCH 25/50] openssh-7.3p1-x11-max-displays + +--- + channels.c | 9 ++++++--- + channels.h | 2 +- + servconf.c | 12 +++++++++++- + servconf.h | 2 ++ + session.c | 5 +++-- + sshd_config.5 | 7 +++++++ + 6 files changed, 30 insertions(+), 7 deletions(-) + +diff --git a/channels.c b/channels.c +index d46531ce..7438c1a5 100644 +--- a/channels.c ++++ b/channels.c +@@ -4996,7 +4996,7 @@ rdynamic_connect_finish(struct ssh *ssh, Channel *c) */ int x11_create_display_inet(struct ssh *ssh, int x11_display_offset, @@ -21,8 +25,8 @@ diff -up openssh-7.4p1/channels.c.x11max openssh-7.4p1/channels.c u_int *display_numberp, int **chanids) { Channel *nc = NULL; -@@ -4240,10 +4241,15 @@ x11_create_display_inet(int x11_display_ - if (chanids == NULL) +@@ -5009,8 +5009,11 @@ x11_create_display_inet(struct ssh *ssh, int x11_display_offset, + x11_display_offset > UINT16_MAX - X11_BASE_PORT - MAX_DISPLAYS) return -1; + /* Try to bind ports starting at 6000+X11DisplayOffset */ @@ -32,55 +36,22 @@ diff -up openssh-7.4p1/channels.c.x11max openssh-7.4p1/channels.c - display_number < MAX_DISPLAYS; + display_number < x11_max_displays; display_number++) { -- port = 6000 + display_number; -+ port = X11_PORT_MIN + display_number; -+ if (port < X11_PORT_MIN) /* overflow */ -+ break; + port = X11_BASE_PORT + display_number; memset(&hints, 0, sizeof(hints)); - hints.ai_family = ssh->chanctxt->IPv4or6; - hints.ai_flags = x11_use_localhost ? 0: AI_PASSIVE; -@@ -4295,7 +4301,7 @@ x11_create_display_inet(int x11_display_ +@@ -5065,7 +5068,7 @@ x11_create_display_inet(struct ssh *ssh, int x11_display_offset, if (num_socks > 0) break; } - if (display_number >= MAX_DISPLAYS) { -+ if (display_number >= x11_max_displays || port < X11_PORT_MIN ) { ++ if (display_number >= x11_max_displays || port < X11_BASE_PORT ) { error("Failed to allocate internet-domain X11 display socket."); return -1; } -@@ -4441,7 +4447,7 @@ x11_connect_display(void) - memset(&hints, 0, sizeof(hints)); - hints.ai_family = ssh->chanctxt->IPv4or6; - hints.ai_socktype = SOCK_STREAM; -- snprintf(strport, sizeof strport, "%u", 6000 + display_number); -+ snprintf(strport, sizeof strport, "%u", X11_PORT_MIN + display_number); - if ((gaierr = getaddrinfo(buf, strport, &hints, &aitop)) != 0) { - error("%.100s: unknown host. (%s)", buf, - ssh_gai_strerror(gaierr)); -@@ -4457,7 +4463,7 @@ x11_connect_display(void) - /* Connect it to the display. */ - if (connect(sock, ai->ai_addr, ai->ai_addrlen) == -1) { - debug2("connect %.100s port %u: %.100s", buf, -- 6000 + display_number, strerror(errno)); -+ X11_PORT_MIN + display_number, strerror(errno)); - close(sock); - continue; - } -@@ -4466,8 +4472,8 @@ x11_connect_display(void) - } - freeaddrinfo(aitop); - if (!ai) { -- error("connect %.100s port %u: %.100s", buf, -- 6000 + display_number, strerror(errno)); -+ error("connect %.100s port %u: %.100s", buf, -+ X11_PORT_MIN + display_number, strerror(errno)); - return -1; - } - set_nodelay(sock); -diff -up openssh-7.4p1/channels.h.x11max openssh-7.4p1/channels.h ---- openssh-7.4p1/channels.h.x11max 2016-12-19 05:59:41.000000000 +0100 -+++ openssh-7.4p1/channels.h 2016-12-23 15:46:32.139506636 +0100 -@@ -293,7 +293,7 @@ int permitopen_port(const char *); +diff --git a/channels.h b/channels.h +index 134528d5..8a09a820 100644 +--- a/channels.h ++++ b/channels.h +@@ -379,7 +379,7 @@ int permitopen_port(const char *); void channel_set_x11_refuse_time(struct ssh *, time_t); int x11_connect_display(struct ssh *); @@ -88,11 +59,12 @@ diff -up openssh-7.4p1/channels.h.x11max openssh-7.4p1/channels.h +int x11_create_display_inet(struct ssh *, int, int, int, int, u_int *, int **); void x11_request_forwarding_with_spoofing(struct ssh *, int, const char *, const char *, const char *, int); - -diff -up openssh-7.4p1/servconf.c.x11max openssh-7.4p1/servconf.c ---- openssh-7.4p1/servconf.c.x11max 2016-12-23 15:46:32.133506635 +0100 -+++ openssh-7.4p1/servconf.c 2016-12-23 15:47:27.320519121 +0100 -@@ -95,6 +95,7 @@ initialize_server_options(ServerOptions + int x11_channel_used_recently(struct ssh *ssh); +diff --git a/servconf.c b/servconf.c +index 105e301d..15c99b30 100644 +--- a/servconf.c ++++ b/servconf.c +@@ -117,6 +117,7 @@ initialize_server_options(ServerOptions *options) options->print_lastlog = -1; options->x11_forwarding = -1; options->x11_display_offset = -1; @@ -100,7 +72,7 @@ diff -up openssh-7.4p1/servconf.c.x11max openssh-7.4p1/servconf.c options->x11_use_localhost = -1; options->permit_tty = -1; options->permit_user_rc = -1; -@@ -243,6 +244,8 @@ fill_default_server_options(ServerOption +@@ -353,6 +354,8 @@ fill_default_server_options(ServerOptions *options) options->x11_forwarding = 0; if (options->x11_display_offset == -1) options->x11_display_offset = 10; @@ -109,16 +81,16 @@ diff -up openssh-7.4p1/servconf.c.x11max openssh-7.4p1/servconf.c if (options->x11_use_localhost == -1) options->x11_use_localhost = 1; if (options->xauth_location == NULL) -@@ -419,7 +422,7 @@ typedef enum { - sKerberosGetAFSToken, sKerberosUniqueCCache, sKerberosUseKuserok, sPasswordAuthentication, - sKbdInteractiveAuthentication, sListenAddress, sAddressFamily, - sPrintMotd, sPrintLastLog, sIgnoreRhosts, +@@ -576,7 +579,7 @@ typedef enum { + sKerberosGetAFSToken, sKerberosUniqueCCache, sKerberosUseKuserok, sPasswordAuthentication, + sKbdInteractiveAuthentication, sListenAddress, sAddressFamily, + sPrintMotd, sPrintLastLog, sIgnoreRhosts, - sX11Forwarding, sX11DisplayOffset, sX11UseLocalhost, + sX11Forwarding, sX11DisplayOffset, sX11MaxDisplays, sX11UseLocalhost, sPermitTTY, sStrictModes, sEmptyPasswd, sTCPKeepAlive, sPermitUserEnvironment, sAllowTcpForwarding, sCompression, sRekeyLimit, sAllowUsers, sDenyUsers, sAllowGroups, sDenyGroups, -@@ -540,6 +543,7 @@ static struct { +@@ -714,6 +717,7 @@ static struct { { "ignoreuserknownhosts", sIgnoreUserKnownHosts, SSHCFG_GLOBAL }, { "x11forwarding", sX11Forwarding, SSHCFG_ALL }, { "x11displayoffset", sX11DisplayOffset, SSHCFG_ALL }, @@ -126,7 +98,7 @@ diff -up openssh-7.4p1/servconf.c.x11max openssh-7.4p1/servconf.c { "x11uselocalhost", sX11UseLocalhost, SSHCFG_ALL }, { "xauthlocation", sXAuthLocation, SSHCFG_GLOBAL }, { "strictmodes", sStrictModes, SSHCFG_GLOBAL }, -@@ -1316,6 +1320,10 @@ process_server_config_line(ServerOptions +@@ -1750,6 +1754,10 @@ process_server_config_line_depth(ServerOptions *options, char *line, *intptr = value; break; @@ -137,7 +109,7 @@ diff -up openssh-7.4p1/servconf.c.x11max openssh-7.4p1/servconf.c case sX11UseLocalhost: intptr = &options->x11_use_localhost; goto parse_flag; -@@ -2063,6 +2071,7 @@ copy_set_server_options(ServerOptions *d +@@ -3004,6 +3012,7 @@ copy_set_server_options(ServerOptions *dst, ServerOptions *src, int preauth) M_CP_INTOPT(fwd_opts.streamlocal_bind_unlink); M_CP_INTOPT(x11_display_offset); M_CP_INTOPT(x11_forwarding); @@ -145,7 +117,7 @@ diff -up openssh-7.4p1/servconf.c.x11max openssh-7.4p1/servconf.c M_CP_INTOPT(x11_use_localhost); M_CP_INTOPT(permit_tty); M_CP_INTOPT(permit_user_rc); -@@ -2315,6 +2324,7 @@ dump_config(ServerOptions *o) +@@ -3299,6 +3308,7 @@ dump_config(ServerOptions *o) #endif dump_cfg_int(sLoginGraceTime, o->login_grace_time); dump_cfg_int(sX11DisplayOffset, o->x11_display_offset); @@ -153,10 +125,11 @@ diff -up openssh-7.4p1/servconf.c.x11max openssh-7.4p1/servconf.c dump_cfg_int(sMaxAuthTries, o->max_authtries); dump_cfg_int(sMaxSessions, o->max_sessions); dump_cfg_int(sClientAliveInterval, o->client_alive_interval); -diff -up openssh-7.4p1/servconf.h.x11max openssh-7.4p1/servconf.h ---- openssh-7.4p1/servconf.h.x11max 2016-12-23 15:46:32.133506635 +0100 -+++ openssh-7.4p1/servconf.h 2016-12-23 15:46:32.140506636 +0100 -@@ -55,6 +55,7 @@ +diff --git a/servconf.h b/servconf.h +index c08cf6a7..7c7e5d43 100644 +--- a/servconf.h ++++ b/servconf.h +@@ -38,6 +38,7 @@ #define DEFAULT_AUTH_FAIL_MAX 6 /* Default for MaxAuthTries */ #define DEFAULT_SESSIONS_MAX 10 /* Default for MaxSessions */ @@ -164,7 +137,7 @@ diff -up openssh-7.4p1/servconf.h.x11max openssh-7.4p1/servconf.h /* Magic name for internal sftp-server */ #define INTERNAL_SFTP_NAME "internal-sftp" -@@ -85,6 +86,7 @@ typedef struct { +@@ -114,6 +115,7 @@ typedef struct { int x11_forwarding; /* If true, permit inet (spoofing) X11 fwd. */ int x11_display_offset; /* What DISPLAY number to start * searching at */ @@ -172,13 +145,14 @@ diff -up openssh-7.4p1/servconf.h.x11max openssh-7.4p1/servconf.h int x11_use_localhost; /* If true, use localhost for fake X11 server. */ char *xauth_location; /* Location of xauth program */ int permit_tty; /* If false, deny pty allocation */ -diff -up openssh-7.4p1/session.c.x11max openssh-7.4p1/session.c ---- openssh-7.4p1/session.c.x11max 2016-12-23 15:46:32.136506636 +0100 -+++ openssh-7.4p1/session.c 2016-12-23 15:46:32.141506636 +0100 -@@ -2518,8 +2518,9 @@ session_setup_x11fwd(Session *s) +diff --git a/session.c b/session.c +index 54da09d5..28bbb8a7 100644 +--- a/session.c ++++ b/session.c +@@ -2611,8 +2611,9 @@ session_setup_x11fwd(struct ssh *ssh, Session *s) return 0; } - if (x11_create_display_inet(ssh, options.x11_display_offset, + if (x11_create_display_inet(ssh, options.x11_display_offset, - options.x11_use_localhost, s->single_connection, - &s->display_number, &s->x11_chanids) == -1) { + options.x11_use_localhost, options.x11_max_displays, @@ -187,10 +161,11 @@ diff -up openssh-7.4p1/session.c.x11max openssh-7.4p1/session.c debug("x11_create_display_inet failed."); return 0; } -diff -up openssh-7.4p1/sshd_config.5.x11max openssh-7.4p1/sshd_config.5 ---- openssh-7.4p1/sshd_config.5.x11max 2016-12-23 15:46:32.134506635 +0100 -+++ openssh-7.4p1/sshd_config.5 2016-12-23 15:46:32.141506636 +0100 -@@ -1133,6 +1133,7 @@ Available keywords are +diff --git a/sshd_config.5 b/sshd_config.5 +index fe246fc2..26fcdc84 100644 +--- a/sshd_config.5 ++++ b/sshd_config.5 +@@ -1391,6 +1391,7 @@ Available keywords are .Cm TrustedUserCAKeys , .Cm UnusedConnectionTimeout , .Cm X11DisplayOffset , @@ -198,7 +173,7 @@ diff -up openssh-7.4p1/sshd_config.5.x11max openssh-7.4p1/sshd_config.5 .Cm X11Forwarding and .Cm X11UseLocalhost . -@@ -1566,6 +1567,12 @@ Specifies the first display number avail +@@ -2111,6 +2112,12 @@ Specifies the first display number available for X11 forwarding. This prevents sshd from interfering with real X11 servers. The default is 10. @@ -211,3 +186,6 @@ diff -up openssh-7.4p1/sshd_config.5.x11max openssh-7.4p1/sshd_config.5 .It Cm X11Forwarding Specifies whether X11 forwarding is permitted. The argument must be +-- +2.49.0 + diff --git a/openssh-7.6p1-cleanup-selinux.patch b/0026-openssh-7.6p1-cleanup-selinux.patch similarity index 65% rename from openssh-7.6p1-cleanup-selinux.patch rename to 0026-openssh-7.6p1-cleanup-selinux.patch index cfe11ad..c4f2d15 100644 --- a/openssh-7.6p1-cleanup-selinux.patch +++ b/0026-openssh-7.6p1-cleanup-selinux.patch @@ -1,7 +1,25 @@ -diff -up openssh/auth2-pubkey.c.refactor openssh/auth2-pubkey.c ---- openssh/auth2-pubkey.c.refactor 2019-04-04 13:19:12.188821236 +0200 -+++ openssh/auth2-pubkey.c 2019-04-04 13:19:12.276822078 +0200 -@@ -72,6 +72,8 @@ +From 43320351b6f150167190aacc84f2f87030fef3d2 Mon Sep 17 00:00:00 2001 +From: Dmitry Belyavskiy +Date: Thu, 15 May 2025 13:43:28 +0200 +Subject: [PATCH 26/50] openssh-7.6p1-cleanup-selinux + +--- + auth2-pubkey.c | 8 ++++-- + misc.c | 5 ++-- + misc.h | 2 +- + openbsd-compat/port-linux-sshd.c | 42 +++++++++++++++++--------------- + openbsd-compat/port-linux.h | 4 +-- + platform.c | 6 ++++- + sshconnect.c | 2 +- + sshd-auth.c | 2 +- + sshd-session.c | 6 +++-- + 9 files changed, 45 insertions(+), 32 deletions(-) + +diff --git a/auth2-pubkey.c b/auth2-pubkey.c +index 267a27d2..0d5ae0df 100644 +--- a/auth2-pubkey.c ++++ b/auth2-pubkey.c +@@ -77,6 +77,8 @@ /* import */ extern ServerOptions options; @@ -10,7 +28,7 @@ diff -up openssh/auth2-pubkey.c.refactor openssh/auth2-pubkey.c extern struct authmethod_cfg methodcfg_pubkey; static char * -@@ -511,7 +514,8 @@ match_principals_command(struct ssh *ssh +@@ -485,7 +487,8 @@ match_principals_command(struct passwd *user_pw, const struct sshkey *key, if ((pid = subprocess("AuthorizedPrincipalsCommand", command, ac, av, &f, SSH_SUBPROCESS_STDOUT_CAPTURE|SSH_SUBPROCESS_STDERR_DISCARD, @@ -20,20 +38,21 @@ diff -up openssh/auth2-pubkey.c.refactor openssh/auth2-pubkey.c goto out; uid_swapped = 1; -@@ -981,7 +985,8 @@ user_key_command_allowed2(struct ssh *ss +@@ -755,7 +758,8 @@ user_key_command_allowed2(struct passwd *user_pw, struct sshkey *key, if ((pid = subprocess("AuthorizedKeysCommand", command, ac, av, &f, - SSH_SUBPROCESS_STDOUT_CAPTURE|SSH_SUBPROCESS_STDERR_DISCARD, + SSH_SUBPROCESS_STDOUT_CAPTURE|SSH_SUBPROCESS_STDERR_DISCARD, - runas_pw, temporarily_use_uid, restore_uid)) == 0) + runas_pw, temporarily_use_uid, restore_uid, + inetd_flag, the_authctxt)) == 0) goto out; uid_swapped = 1; -diff -up openssh/misc.c.refactor openssh/misc.c ---- openssh/misc.c.refactor 2019-04-04 13:19:12.235821686 +0200 -+++ openssh/misc.c 2019-04-04 13:19:12.276822078 +0200 -@@ -756,7 +756,8 @@ auth_get_canonical_hostname(struct ssh * +diff --git a/misc.c b/misc.c +index 1e31acc9..09722962 100644 +--- a/misc.c ++++ b/misc.c +@@ -2764,7 +2764,8 @@ stdfd_devnull(int do_stdin, int do_stdout, int do_stderr) pid_t subprocess(const char *tag, const char *command, int ac, char **av, FILE **child, u_int flags, @@ -43,7 +62,7 @@ diff -up openssh/misc.c.refactor openssh/misc.c { FILE *f = NULL; struct stat st; -@@ -872,7 +873,7 @@ subprocess(const char *tag, struct passw +@@ -2898,7 +2899,7 @@ subprocess(const char *tag, const char *command, _exit(1); } #ifdef WITH_SELINUX @@ -52,10 +71,11 @@ diff -up openssh/misc.c.refactor openssh/misc.c error ("failed to copy environment: %s", strerror(errno)); _exit(127); -diff -up openssh/misc.h.refactor openssh/misc.h ---- openssh/misc.h.refactor 2019-04-04 13:19:12.251821839 +0200 -+++ openssh/misc.h 2019-04-04 13:19:12.276822078 +0200 -@@ -235,7 +235,7 @@ struct passwd *fakepw(void); +diff --git a/misc.h b/misc.h +index efecdf1a..9efa9cf4 100644 +--- a/misc.h ++++ b/misc.h +@@ -122,7 +122,7 @@ typedef void privrestore_fn(void); #define SSH_SUBPROCESS_UNSAFE_PATH (1<<3) /* Don't check for safe cmd */ #define SSH_SUBPROCESS_PRESERVE_ENV (1<<4) /* Keep parent environment */ pid_t subprocess(const char *, const char *, int, char **, FILE **, u_int, @@ -64,23 +84,10 @@ diff -up openssh/misc.h.refactor openssh/misc.h typedef struct arglist arglist; struct arglist { -diff -up openssh/openbsd-compat/port-linux.h.refactor openssh/openbsd-compat/port-linux.h ---- openssh/openbsd-compat/port-linux.h.refactor 2019-04-04 13:19:12.256821887 +0200 -+++ openssh/openbsd-compat/port-linux.h 2019-04-04 13:19:12.276822078 +0200 -@@ -26,8 +26,8 @@ void ssh_selinux_setfscreatecon(const ch - - int sshd_selinux_enabled(void); - void sshd_selinux_copy_context(void); --void sshd_selinux_setup_exec_context(char *); --int sshd_selinux_setup_env_variables(void); -+void sshd_selinux_setup_exec_context(char *, int, int(char *, const char *), void *, int); -+int sshd_selinux_setup_env_variables(int inetd, void *); - void sshd_selinux_change_privsep_preauth_context(void); - #endif - -diff -up openssh/openbsd-compat/port-linux-sshd.c.refactor openssh/openbsd-compat/port-linux-sshd.c ---- openssh/openbsd-compat/port-linux-sshd.c.refactor 2019-04-04 13:19:12.256821887 +0200 -+++ openssh/openbsd-compat/port-linux-sshd.c 2019-04-04 13:19:12.276822078 +0200 +diff --git a/openbsd-compat/port-linux-sshd.c b/openbsd-compat/port-linux-sshd.c +index 646f0887..291b569a 100644 +--- a/openbsd-compat/port-linux-sshd.c ++++ b/openbsd-compat/port-linux-sshd.c @@ -49,10 +49,6 @@ #include #endif @@ -92,7 +99,7 @@ diff -up openssh/openbsd-compat/port-linux-sshd.c.refactor openssh/openbsd-compa /* Wrapper around is_selinux_enabled() to log its return value once only */ int sshd_selinux_enabled(void) -@@ -223,7 +218,8 @@ get_user_context(const char *sename, con +@@ -222,7 +218,8 @@ get_user_context(const char *sename, const char *role, const char *lvl, } static void @@ -102,7 +109,7 @@ diff -up openssh/openbsd-compat/port-linux-sshd.c.refactor openssh/openbsd-compa { *role = NULL; *level = NULL; -@@ -241,8 +237,8 @@ ssh_selinux_get_role_level(char **role, +@@ -240,8 +237,8 @@ ssh_selinux_get_role_level(char **role, const char **level) /* Return the default security context for the given username */ static int @@ -113,7 +120,7 @@ diff -up openssh/openbsd-compat/port-linux-sshd.c.refactor openssh/openbsd-compa { char *sename, *lvl; char *role; -@@ -250,7 +246,7 @@ sshd_selinux_getctxbyname(char *pwname, +@@ -249,7 +246,7 @@ sshd_selinux_getctxbyname(char *pwname, int r = 0; context_t con = NULL; @@ -122,7 +129,7 @@ diff -up openssh/openbsd-compat/port-linux-sshd.c.refactor openssh/openbsd-compa #ifdef HAVE_GETSEUSERBYNAME if ((r=getseuserbyname(pwname, &sename, &lvl)) != 0) { -@@ -272,7 +268,7 @@ sshd_selinux_getctxbyname(char *pwname, +@@ -271,7 +268,7 @@ sshd_selinux_getctxbyname(char *pwname, if (r == 0) { /* If launched from xinetd, we must use current level */ @@ -131,7 +138,7 @@ diff -up openssh/openbsd-compat/port-linux-sshd.c.refactor openssh/openbsd-compa security_context_t sshdsc=NULL; if (getcon_raw(&sshdsc) < 0) -@@ -333,7 +329,8 @@ sshd_selinux_getctxbyname(char *pwname, +@@ -332,7 +329,8 @@ sshd_selinux_getctxbyname(char *pwname, /* Setup environment variables for pam_selinux */ static int @@ -141,7 +148,7 @@ diff -up openssh/openbsd-compat/port-linux-sshd.c.refactor openssh/openbsd-compa { const char *reqlvl; char *role; -@@ -342,11 +339,11 @@ sshd_selinux_setup_variables(int(*set_it +@@ -341,11 +339,11 @@ sshd_selinux_setup_variables(int(*set_it)(char *, const char *)) debug3_f("setting execution context"); @@ -155,7 +162,7 @@ diff -up openssh/openbsd-compat/port-linux-sshd.c.refactor openssh/openbsd-compa use_current = "1"; } else { use_current = ""; -@@ -362,9 +359,10 @@ sshd_selinux_setup_variables(int(*set_it +@@ -361,9 +359,10 @@ sshd_selinux_setup_variables(int(*set_it)(char *, const char *)) } static int @@ -168,7 +175,7 @@ diff -up openssh/openbsd-compat/port-linux-sshd.c.refactor openssh/openbsd-compa } static int -@@ -374,25 +372,28 @@ do_setenv(char *name, const char *value) +@@ -373,25 +372,28 @@ do_setenv(char *name, const char *value) } int @@ -202,7 +209,7 @@ diff -up openssh/openbsd-compat/port-linux-sshd.c.refactor openssh/openbsd-compa switch (security_getenforce()) { case -1: fatal_f("security_getenforce() failed"); -@@ -410,7 +411,7 @@ sshd_selinux_setup_exec_context(char *pw +@@ -407,7 +409,7 @@ sshd_selinux_setup_exec_context(char *pwname) debug3_f("setting execution context"); @@ -211,10 +218,26 @@ diff -up openssh/openbsd-compat/port-linux-sshd.c.refactor openssh/openbsd-compa if (r >= 0) { r = setexeccon(user_ctx); if (r < 0) { -diff -up openssh/platform.c.refactor openssh/platform.c ---- openssh/platform.c.refactor 2019-04-04 13:19:12.204821389 +0200 -+++ openssh/platform.c 2019-04-04 13:19:12.277822088 +0200 -@@ -32,6 +32,8 @@ +diff --git a/openbsd-compat/port-linux.h b/openbsd-compat/port-linux.h +index 7f8ba200..3cd7da6a 100644 +--- a/openbsd-compat/port-linux.h ++++ b/openbsd-compat/port-linux.h +@@ -25,8 +25,8 @@ void ssh_selinux_setfscreatecon(const char *); + + int sshd_selinux_enabled(void); + void sshd_selinux_copy_context(void); +-void sshd_selinux_setup_exec_context(char *); +-int sshd_selinux_setup_env_variables(void); ++void sshd_selinux_setup_exec_context(char *, int, int(char *, const char *), void *, int); ++int sshd_selinux_setup_env_variables(int inetd, void *); + void sshd_selinux_change_privsep_preauth_context(void); + #endif + +diff --git a/platform.c b/platform.c +index 0d12f311..f0800b1f 100644 +--- a/platform.c ++++ b/platform.c +@@ -33,6 +33,8 @@ #include "openbsd-compat/openbsd-compat.h" extern ServerOptions options; @@ -223,7 +246,7 @@ diff -up openssh/platform.c.refactor openssh/platform.c /* return 1 if we are running with privilege to swap UIDs, 0 otherwise */ int -@@ -183,7 +186,9 @@ platform_setusercontext_post_groups(stru +@@ -140,7 +142,9 @@ platform_setusercontext_post_groups(struct passwd *pw) } #endif /* HAVE_SETPCRED */ #ifdef WITH_SELINUX @@ -234,10 +257,37 @@ diff -up openssh/platform.c.refactor openssh/platform.c #endif } -diff -up openssh/sshd-session.c.refactor openssh/sshd-session.c ---- openssh/sshd-session.c.refactor 2019-04-04 13:19:12.275822068 +0200 -+++ openssh/sshd-session.c 2019-04-04 13:19:51.270195262 +0200 -@@ -158,7 +158,7 @@ int debug_flag = 0; +diff --git a/sshconnect.c b/sshconnect.c +index c86182d1..04084810 100644 +--- a/sshconnect.c ++++ b/sshconnect.c +@@ -925,7 +925,7 @@ load_hostkeys_command(struct hostkeys *hostkeys, const char *command_template, + + if ((pid = subprocess(tag, command, ac, av, &f, + SSH_SUBPROCESS_STDOUT_CAPTURE|SSH_SUBPROCESS_UNSAFE_PATH| +- SSH_SUBPROCESS_PRESERVE_ENV, NULL, NULL, NULL)) == 0) ++ SSH_SUBPROCESS_PRESERVE_ENV, NULL, NULL, NULL, 0, NULL)) == 0) + goto out; + + load_hostkeys_file(hostkeys, hostfile_hostname, tag, f, 1); +diff --git a/sshd-auth.c b/sshd-auth.c +index e4a8edfd..897db9b4 100644 +--- a/sshd-auth.c ++++ b/sshd-auth.c +@@ -122,7 +122,7 @@ char *config_file_name = _PATH_SERVER_CONFIG_FILE; + int debug_flag = 0; + + /* Flag indicating that the daemon is being started from inetd. */ +-static int inetd_flag = 0; ++int inetd_flag = 0; + + /* Saved arguments to main(). */ + static char **saved_argv; +diff --git a/sshd-session.c b/sshd-session.c +index 9342e416..81d30152 100644 +--- a/sshd-session.c ++++ b/sshd-session.c +@@ -136,7 +136,7 @@ char *config_file_name = _PATH_SERVER_CONFIG_FILE; int debug_flag = 0; /* Flag indicating that the daemon is being started from inetd. */ @@ -246,7 +296,7 @@ diff -up openssh/sshd-session.c.refactor openssh/sshd-session.c /* debug goes to stderr unless inetd_flag is set */ static int log_stderr = 0; -@@ -2192,7 +2192,9 @@ main(int ac, char **av) +@@ -1359,7 +1359,9 @@ main(int ac, char **av) } #endif #ifdef WITH_SELINUX @@ -257,15 +307,6 @@ diff -up openssh/sshd-session.c.refactor openssh/sshd-session.c #endif #ifdef USE_PAM if (options.use_pam) { -diff -up openssh/sshconnect.c.refactor openssh/sshconnect.c ---- openssh/sshconnect.c.refactor 2021-02-24 00:12:03.065325046 +0100 -+++ openssh/sshconnect.c 2021-02-24 00:12:12.126449544 +0100 -@@ -892,7 +892,7 @@ load_hostkeys_command(struct hostkeys *h - - if ((pid = subprocess(tag, command, ac, av, &f, - SSH_SUBPROCESS_STDOUT_CAPTURE|SSH_SUBPROCESS_UNSAFE_PATH| -- SSH_SUBPROCESS_PRESERVE_ENV, NULL, NULL, NULL)) == 0) -+ SSH_SUBPROCESS_PRESERVE_ENV, NULL, NULL, NULL, 0, NULL)) == 0) - goto out; - - load_hostkeys_file(hostkeys, hostfile_hostname, tag, f, 1); +-- +2.49.0 + diff --git a/0027-openssh-7.5p1-sandbox.patch b/0027-openssh-7.5p1-sandbox.patch new file mode 100644 index 0000000..435d029 --- /dev/null +++ b/0027-openssh-7.5p1-sandbox.patch @@ -0,0 +1,58 @@ +From 35205319dd71d8e61c1596b8f9479df91aff7756 Mon Sep 17 00:00:00 2001 +From: Dmitry Belyavskiy +Date: Thu, 15 May 2025 13:43:28 +0200 +Subject: [PATCH 27/50] openssh-7.5p1-sandbox + +--- + sandbox-seccomp-filter.c | 21 +++++++++++++++++++++ + 1 file changed, 21 insertions(+) + +diff --git a/sandbox-seccomp-filter.c b/sandbox-seccomp-filter.c +index b31062c2..1fabf99d 100644 +--- a/sandbox-seccomp-filter.c ++++ b/sandbox-seccomp-filter.c +@@ -277,6 +277,9 @@ static const struct sock_filter preauth_insns[] = { + #ifdef __NR_exit_group + SC_ALLOW(__NR_exit_group), + #endif ++#if defined(__NR_flock) && defined(__s390__) ++ SC_ALLOW(__NR_flock), ++#endif + #ifdef __NR_futex + SC_FUTEX(__NR_futex), + #endif +@@ -295,6 +298,21 @@ static const struct sock_filter preauth_insns[] = { + #ifdef __NR_getpid + SC_ALLOW(__NR_getpid), + #endif ++#ifdef __NR_getuid ++ SC_ALLOW(__NR_getuid), ++#endif ++#ifdef __NR_getuid32 ++ SC_ALLOW(__NR_getuid32), ++#endif ++#ifdef __NR_geteuid ++ SC_ALLOW(__NR_geteuid), ++#endif ++#ifdef __NR_geteuid32 ++ SC_ALLOW(__NR_geteuid32), ++#endif ++#ifdef __NR_gettid ++ SC_ALLOW(__NR_gettid), ++#endif + #ifdef __NR_getrandom + SC_ALLOW(__NR_getrandom), + #endif +@@ -304,6 +322,9 @@ static const struct sock_filter preauth_insns[] = { + #ifdef __NR_gettimeofday + SC_ALLOW(__NR_gettimeofday), + #endif ++#if defined(__NR_ipc) && defined(__s390__) ++ SC_ALLOW(__NR_ipc), ++#endif + #ifdef __NR_getuid + SC_ALLOW(__NR_getuid), + #endif +-- +2.49.0 + diff --git a/openssh-8.0p1-pkcs11-uri.patch b/0028-openssh-8.0p1-pkcs11-uri.patch similarity index 90% rename from openssh-8.0p1-pkcs11-uri.patch rename to 0028-openssh-8.0p1-pkcs11-uri.patch index bdc4722..73e890b 100644 --- a/openssh-8.0p1-pkcs11-uri.patch +++ b/0028-openssh-8.0p1-pkcs11-uri.patch @@ -1,7 +1,102 @@ -diff -up openssh-9.6p1/configure.ac.pkcs11-uri openssh-9.6p1/configure.ac ---- openssh-9.6p1/configure.ac.pkcs11-uri 2024-01-12 14:25:25.228942213 +0100 -+++ openssh-9.6p1/configure.ac 2024-01-12 14:25:25.233942336 +0100 -@@ -2066,12 +2066,14 @@ AC_LINK_IFELSE( +From 5d6ec35c1a0e06452a2c087decb0baf6e8063e21 Mon Sep 17 00:00:00 2001 +From: Dmitry Belyavskiy +Date: Thu, 15 May 2025 13:43:28 +0200 +Subject: [PATCH 28/50] openssh-8.0p1-pkcs11-uri + +--- + Makefile.in | 20 +- + configure.ac | 37 ++ + regress/Makefile | 8 +- + regress/pkcs11.sh | 349 +++++++++++++++ + regress/unittests/Makefile | 2 +- + regress/unittests/pkcs11/tests.c | 346 ++++++++++++++ + ssh-add.c | 48 +- + ssh-agent.c | 103 ++++- + ssh-keygen.c | 7 +- + ssh-pkcs11-client.c | 3 + + ssh-pkcs11-uri.c | 437 ++++++++++++++++++ + ssh-pkcs11-uri.h | 43 ++ + ssh-pkcs11.c | 745 +++++++++++++++++++++++-------- + ssh-pkcs11.h | 4 + + ssh.c | 104 ++++- + ssh_config.5 | 15 + + 16 files changed, 2024 insertions(+), 247 deletions(-) + create mode 100644 regress/pkcs11.sh + create mode 100644 regress/unittests/pkcs11/tests.c + create mode 100644 ssh-pkcs11-uri.c + create mode 100644 ssh-pkcs11-uri.h + +diff --git a/Makefile.in b/Makefile.in +index 78f65948..6c417ef7 100644 +--- a/Makefile.in ++++ b/Makefile.in +@@ -110,7 +110,7 @@ LIBSSH_OBJS=${LIBOPENSSH_OBJS} \ + monitor_fdpass.o rijndael.o ssh-dss.o ssh-ecdsa.o ssh-ecdsa-sk.o \ + ssh-ed25519-sk.o ssh-rsa.o dh.o \ + msg.o progressmeter.o dns.o entropy.o gss-genr.o umac.o umac128.o \ +- ssh-pkcs11.o smult_curve25519_ref.o \ ++ ssh-pkcs11.o ssh-pkcs11-uri.o smult_curve25519_ref.o \ + poly1305.o chacha.o cipher-chachapoly.o cipher-chachapoly-libcrypto.o \ + ssh-ed25519.o digest-openssl.o digest-libc.o \ + hmac.o ed25519.o hash.o \ +@@ -339,6 +339,8 @@ clean: regressclean + rm -f regress/unittests/sshsig/test_sshsig$(EXEEXT) + rm -f regress/unittests/utf8/*.o + rm -f regress/unittests/utf8/test_utf8$(EXEEXT) ++ rm -f regress/unittests/pkcs11/*.o ++ rm -f regress/unittests/pkcs11/test_pkcs11$(EXEEXT) + rm -f regress/misc/sk-dummy/*.o + rm -f regress/misc/sk-dummy/*.lo + rm -f regress/misc/ssh-verify-attestation/ssh-verify-attestation$(EXEEXT) +@@ -377,6 +379,8 @@ distclean: regressclean + rm -f regress/unittests/sshsig/test_sshsig + rm -f regress/unittests/utf8/*.o + rm -f regress/unittests/utf8/test_utf8 ++ rm -f regress/unittests/pkcs11/*.o ++ rm -f regress/unittests/pkcs11/test_pkcs11 + rm -f regress/misc/sk-dummy/*.o + rm -f regress/misc/sk-dummy/*.lo + rm -f regress/misc/sk-dummy/sk-dummy.so +@@ -558,6 +562,7 @@ regress-prep: + $(MKDIR_P) `pwd`/regress/unittests/sshkey + $(MKDIR_P) `pwd`/regress/unittests/sshsig + $(MKDIR_P) `pwd`/regress/unittests/utf8 ++ $(MKDIR_P) `pwd`/regress/unittests/pkcs11 + $(MKDIR_P) `pwd`/regress/misc/sk-dummy + $(MKDIR_P) `pwd`/regress/misc/ssh-verify-attestation + [ -f `pwd`/regress/Makefile ] || \ +@@ -731,6 +736,16 @@ regress/unittests/utf8/test_utf8$(EXEEXT): \ + regress/unittests/test_helper/libtest_helper.a \ + -lssh -lopenbsd-compat -lssh -lopenbsd-compat $(TESTLIBS) + ++UNITTESTS_TEST_PKCS11_OBJS=\ ++ regress/unittests/pkcs11/tests.o ++ ++regress/unittests/pkcs11/test_pkcs11$(EXEEXT): \ ++ ${UNITTESTS_TEST_PKCS11_OBJS} \ ++ regress/unittests/test_helper/libtest_helper.a libssh.a ++ $(LD) -o $@ $(LDFLAGS) $(UNITTESTS_TEST_PKCS11_OBJS) \ ++ regress/unittests/test_helper/libtest_helper.a \ ++ -lssh -lopenbsd-compat -lcrypto $(LIBS) ++ + # These all need to be compiled -fPIC, so they are treated differently. + SK_DUMMY_OBJS=\ + regress/misc/sk-dummy/sk-dummy.lo \ +@@ -776,7 +791,8 @@ regress-unit-binaries: regress-prep $(REGRESSLIBS) \ + regress/unittests/sshbuf/test_sshbuf$(EXEEXT) \ + regress/unittests/sshkey/test_sshkey$(EXEEXT) \ + regress/unittests/sshsig/test_sshsig$(EXEEXT) \ +- regress/unittests/utf8/test_utf8$(EXEEXT) ++ regress/unittests/utf8/test_utf8$(EXEEXT) \ ++ regress/unittests/pkcs11/test_pkcs11$(EXEEXT) \ + + tests: file-tests t-exec interop-tests extra-tests unit + echo all tests passed +diff --git a/configure.ac b/configure.ac +index 13c70a98..d9bd2f51 100644 +--- a/configure.ac ++++ b/configure.ac +@@ -2172,12 +2172,14 @@ AC_LINK_IFELSE( [AC_DEFINE([HAVE_ISBLANK], [1], [Define if you have isblank(3C).]) ]) @@ -16,7 +111,7 @@ diff -up openssh-9.6p1/configure.ac.pkcs11-uri openssh-9.6p1/configure.ac fi ] ) -@@ -2095,6 +2097,40 @@ AC_SEARCH_LIBS([dlopen], [dl]) +@@ -2207,6 +2209,40 @@ AC_SEARCH_LIBS([dlopen], [dl]) AC_CHECK_FUNCS([dlopen]) AC_CHECK_DECL([RTLD_NOW], [], [], [#include ]) @@ -57,7 +152,7 @@ diff -up openssh-9.6p1/configure.ac.pkcs11-uri openssh-9.6p1/configure.ac # IRIX has a const char return value for gai_strerror() AC_CHECK_FUNCS([gai_strerror], [ AC_DEFINE([HAVE_GAI_STRERROR]) -@@ -5708,6 +5744,7 @@ echo " BSD Auth support +@@ -5820,6 +5856,7 @@ echo " BSD Auth support: $BSD_AUTH_MSG" echo " Random number source: $RAND_MSG" echo " Privsep sandbox style: $SANDBOX_STYLE" echo " PKCS#11 support: $enable_pkcs11" @@ -65,75 +160,11 @@ diff -up openssh-9.6p1/configure.ac.pkcs11-uri openssh-9.6p1/configure.ac echo " U2F/FIDO support: $enable_sk" echo "" -diff -up openssh-9.6p1/Makefile.in.pkcs11-uri openssh-9.6p1/Makefile.in ---- openssh-9.6p1/Makefile.in.pkcs11-uri 2024-01-12 14:25:25.204941622 +0100 -+++ openssh-9.6p1/Makefile.in 2024-01-12 14:25:25.233942336 +0100 -@@ -105,7 +105,7 @@ LIBSSH_OBJS=${LIBOPENSSH_OBJS} \ - monitor_fdpass.o rijndael.o ssh-dss.o ssh-ecdsa.o ssh-ecdsa-sk.o \ - ssh-ed25519-sk.o ssh-rsa.o dh.o \ - msg.o progressmeter.o dns.o entropy.o gss-genr.o umac.o umac128.o \ -- ssh-pkcs11.o smult_curve25519_ref.o \ -+ ssh-pkcs11.o ssh-pkcs11-uri.o smult_curve25519_ref.o \ - poly1305.o chacha.o cipher-chachapoly.o cipher-chachapoly-libcrypto.o \ - ssh-ed25519.o digest-openssl.o digest-libc.o \ - hmac.o ed25519.o hash.o \ -@@ -299,6 +299,8 @@ clean: regressclean - rm -f regress/unittests/sshsig/test_sshsig$(EXEEXT) - rm -f regress/unittests/utf8/*.o - rm -f regress/unittests/utf8/test_utf8$(EXEEXT) -+ rm -f regress/unittests/pkcs11/*.o -+ rm -f regress/unittests/pkcs11/test_pkcs11$(EXEEXT) - rm -f regress/misc/sk-dummy/*.o - rm -f regress/misc/sk-dummy/*.lo - rm -f regress/misc/sk-dummy/sk-dummy.so -@@ -336,6 +338,8 @@ distclean: regressclean - rm -f regress/unittests/sshsig/test_sshsig - rm -f regress/unittests/utf8/*.o - rm -f regress/unittests/utf8/test_utf8 -+ rm -f regress/unittests/pkcs11/*.o -+ rm -f regress/unittests/pkcs11/test_pkcs11 - rm -f regress/misc/sk-dummy/*.o - rm -f regress/misc/sk-dummy/*.lo - rm -f regress/misc/sk-dummy/sk-dummy.so -@@ -513,6 +517,7 @@ regress-prep: - $(MKDIR_P) `pwd`/regress/unittests/sshkey - $(MKDIR_P) `pwd`/regress/unittests/sshsig - $(MKDIR_P) `pwd`/regress/unittests/utf8 -+ $(MKDIR_P) `pwd`/regress/unittests/pkcs11 - $(MKDIR_P) `pwd`/regress/misc/sk-dummy - [ -f `pwd`/regress/Makefile ] || \ - ln -s `cd $(srcdir) && pwd`/regress/Makefile `pwd`/regress/Makefile -@@ -685,6 +690,16 @@ regress/unittests/utf8/test_utf8$(EXEEXT - regress/unittests/test_helper/libtest_helper.a \ - -lssh -lopenbsd-compat -lssh -lopenbsd-compat $(TESTLIBS) - -+UNITTESTS_TEST_PKCS11_OBJS=\ -+ regress/unittests/pkcs11/tests.o -+ -+regress/unittests/pkcs11/test_pkcs11$(EXEEXT): \ -+ ${UNITTESTS_TEST_PKCS11_OBJS} \ -+ regress/unittests/test_helper/libtest_helper.a libssh.a -+ $(LD) -o $@ $(LDFLAGS) $(UNITTESTS_TEST_PKCS11_OBJS) \ -+ regress/unittests/test_helper/libtest_helper.a \ -+ -lssh -lopenbsd-compat -lcrypto $(LIBS) -+ - # These all need to be compiled -fPIC, so they are treated differently. - SK_DUMMY_OBJS=\ - regress/misc/sk-dummy/sk-dummy.lo \ -@@ -720,7 +735,8 @@ regress-unit-binaries: regress-prep $(RE - regress/unittests/sshbuf/test_sshbuf$(EXEEXT) \ - regress/unittests/sshkey/test_sshkey$(EXEEXT) \ - regress/unittests/sshsig/test_sshsig$(EXEEXT) \ -- regress/unittests/utf8/test_utf8$(EXEEXT) -+ regress/unittests/utf8/test_utf8$(EXEEXT) \ -+ regress/unittests/pkcs11/test_pkcs11$(EXEEXT) \ - - tests: file-tests t-exec interop-tests extra-tests unit - echo all tests passed -diff -up openssh-9.6p1/regress/Makefile.pkcs11-uri openssh-9.6p1/regress/Makefile ---- openssh-9.6p1/regress/Makefile.pkcs11-uri 2023-12-18 15:59:50.000000000 +0100 -+++ openssh-9.6p1/regress/Makefile 2024-01-12 14:25:25.233942336 +0100 -@@ -134,7 +134,8 @@ CLEANFILES= *.core actual agent-key.* au +diff --git a/regress/Makefile b/regress/Makefile +index 7e7f95b5..f36de51e 100644 +--- a/regress/Makefile ++++ b/regress/Makefile +@@ -137,7 +137,8 @@ CLEANFILES= *.core actual agent-key.* authorized_keys_${USERNAME} \ known_hosts known_hosts-cert known_hosts.* krl-* ls.copy \ modpipe netcat no_identity_config \ pidfile putty.rsa2 ready regress.log remote_pid \ @@ -143,7 +174,7 @@ diff -up openssh-9.6p1/regress/Makefile.pkcs11-uri openssh-9.6p1/regress/Makefil rsa_ssh2_crnl.prv scp-ssh-wrapper.exe \ scp-ssh-wrapper.scp setuid-allowed sftp-server.log \ sftp-server.sh sftp.log ssh-log-wrapper.sh ssh.log \ -@@ -273,8 +274,9 @@ unit: +@@ -297,8 +298,9 @@ unit: V="" ; \ test "x${USE_VALGRIND}" = "x" || \ V=${.CURDIR}/valgrind-unit.sh ; \ @@ -155,9 +186,11 @@ diff -up openssh-9.6p1/regress/Makefile.pkcs11-uri openssh-9.6p1/regress/Makefil -d ${.CURDIR}/unittests/sshkey/testdata ; \ $$V ${.OBJDIR}/unittests/sshsig/test_sshsig \ -d ${.CURDIR}/unittests/sshsig/testdata ; \ -diff -up openssh-9.6p1/regress/pkcs11.sh.pkcs11-uri openssh-9.6p1/regress/pkcs11.sh ---- openssh-9.6p1/regress/pkcs11.sh.pkcs11-uri 2024-01-12 14:25:25.233942336 +0100 -+++ openssh-9.6p1/regress/pkcs11.sh 2024-01-12 14:25:25.233942336 +0100 +diff --git a/regress/pkcs11.sh b/regress/pkcs11.sh +new file mode 100644 +index 00000000..a91aee94 +--- /dev/null ++++ b/regress/pkcs11.sh @@ -0,0 +1,349 @@ +# +# Copyright (c) 2017 Red Hat @@ -508,9 +541,10 @@ diff -up openssh-9.6p1/regress/pkcs11.sh.pkcs11-uri openssh-9.6p1/regress/pkcs11 + trace "kill agent" + ${SSHAGENT} -k > /dev/null +fi -diff -up openssh-9.6p1/regress/unittests/Makefile.pkcs11-uri openssh-9.6p1/regress/unittests/Makefile ---- openssh-9.6p1/regress/unittests/Makefile.pkcs11-uri 2023-12-18 15:59:50.000000000 +0100 -+++ openssh-9.6p1/regress/unittests/Makefile 2024-01-12 14:25:25.233942336 +0100 +diff --git a/regress/unittests/Makefile b/regress/unittests/Makefile +index e370900e..d6c89c12 100644 +--- a/regress/unittests/Makefile ++++ b/regress/unittests/Makefile @@ -1,6 +1,6 @@ # $OpenBSD: Makefile,v 1.13 2023/09/24 08:14:13 claudio Exp $ @@ -519,9 +553,11 @@ diff -up openssh-9.6p1/regress/unittests/Makefile.pkcs11-uri openssh-9.6p1/regre +SUBDIR+=authopt misc sshsig pkcs11 .include -diff -up openssh-9.6p1/regress/unittests/pkcs11/tests.c.pkcs11-uri openssh-9.6p1/regress/unittests/pkcs11/tests.c ---- openssh-9.6p1/regress/unittests/pkcs11/tests.c.pkcs11-uri 2024-01-12 14:25:25.233942336 +0100 -+++ openssh-9.6p1/regress/unittests/pkcs11/tests.c 2024-01-12 14:25:25.233942336 +0100 +diff --git a/regress/unittests/pkcs11/tests.c b/regress/unittests/pkcs11/tests.c +new file mode 100644 +index 00000000..7d4fa499 +--- /dev/null ++++ b/regress/unittests/pkcs11/tests.c @@ -0,0 +1,346 @@ +/* + * Copyright (c) 2017 Red Hat @@ -869,9 +905,10 @@ diff -up openssh-9.6p1/regress/unittests/pkcs11/tests.c.pkcs11-uri openssh-9.6p1 + test_parse_invalid(); + test_generate_valid(); +} -diff -up openssh-9.6p1/ssh-add.c.pkcs11-uri openssh-9.6p1/ssh-add.c ---- openssh-9.6p1/ssh-add.c.pkcs11-uri 2023-12-18 15:59:50.000000000 +0100 -+++ openssh-9.6p1/ssh-add.c 2024-01-12 14:25:25.233942336 +0100 +diff --git a/ssh-add.c b/ssh-add.c +index 0035cb84..b0f47f4d 100644 +--- a/ssh-add.c ++++ b/ssh-add.c @@ -69,6 +69,7 @@ #include "ssh-sk.h" #include "sk-api.h" @@ -880,7 +917,7 @@ diff -up openssh-9.6p1/ssh-add.c.pkcs11-uri openssh-9.6p1/ssh-add.c /* argv0 */ extern char *__progname; -@@ -240,6 +241,38 @@ delete_all(int agent_fd, int qflag) +@@ -242,6 +243,38 @@ delete_all(int agent_fd, int qflag) return ret; } @@ -919,7 +956,7 @@ diff -up openssh-9.6p1/ssh-add.c.pkcs11-uri openssh-9.6p1/ssh-add.c static int add_file(int agent_fd, const char *filename, int key_only, int cert_only, int qflag, const char *skprovider, -@@ -460,15 +489,14 @@ static int +@@ -462,15 +495,14 @@ static int update_card(int agent_fd, int add, const char *id, int qflag, int key_only, int cert_only, struct dest_constraint **dest_constraints, size_t ndest_constraints, @@ -937,7 +974,7 @@ diff -up openssh-9.6p1/ssh-add.c.pkcs11-uri openssh-9.6p1/ssh-add.c if ((pin = read_passphrase("Enter passphrase for PKCS#11: ", RP_ALLOW_STDIN)) == NULL) return -1; -@@ -656,6 +684,14 @@ do_file(int agent_fd, int deleting, int +@@ -658,6 +690,14 @@ do_file(int agent_fd, int deleting, int key_only, int cert_only, char *file, int qflag, const char *skprovider, struct dest_constraint **dest_constraints, size_t ndest_constraints) { @@ -952,7 +989,7 @@ diff -up openssh-9.6p1/ssh-add.c.pkcs11-uri openssh-9.6p1/ssh-add.c if (deleting) { if (delete_file(agent_fd, file, key_only, cert_only, qflag) == -1) -@@ -999,7 +1035,7 @@ main(int argc, char **argv) +@@ -1001,7 +1041,7 @@ main(int argc, char **argv) if (update_card(agent_fd, !deleting, pkcs11provider, qflag, key_only, cert_only, dest_constraints, ndest_constraints, @@ -961,10 +998,11 @@ diff -up openssh-9.6p1/ssh-add.c.pkcs11-uri openssh-9.6p1/ssh-add.c ret = 1; goto done; } -diff -up openssh-9.6p1/ssh-agent.c.pkcs11-uri openssh-9.6p1/ssh-agent.c ---- openssh-9.6p1/ssh-agent.c.pkcs11-uri 2023-12-18 15:59:50.000000000 +0100 -+++ openssh-9.6p1/ssh-agent.c 2024-01-12 14:25:25.234942360 +0100 -@@ -1549,10 +1549,74 @@ add_p11_identity(struct sshkey *key, cha +diff --git a/ssh-agent.c b/ssh-agent.c +index c27c5a95..798bf9b6 100644 +--- a/ssh-agent.c ++++ b/ssh-agent.c +@@ -1569,10 +1569,74 @@ add_p11_identity(struct sshkey *key, char *comment, const char *provider, idtab->nentries++; } @@ -1040,21 +1078,21 @@ diff -up openssh-9.6p1/ssh-agent.c.pkcs11-uri openssh-9.6p1/ssh-agent.c char **comments = NULL; int r, i, count = 0, success = 0, confirm = 0; u_int seconds = 0; -@@ -1581,25 +1643,18 @@ process_add_smartcard_key(SocketEntry *e +@@ -1601,25 +1665,18 @@ process_add_smartcard_key(SocketEntry *e) "providers is disabled", provider); goto send; } - if (realpath(provider, canonical_provider) == NULL) { - verbose("failed PKCS#11 add of \"%.100s\": realpath: %s", - provider, strerror(errno)); -+ sane_uri = sanitize_pkcs11_provider(provider); -+ if (sane_uri == NULL) - goto send; +- goto send; - } - if (match_pattern_list(canonical_provider, allowed_providers, 0) != 1) { - verbose("refusing PKCS#11 add of \"%.100s\": " - "provider not allowed", canonical_provider); -- goto send; ++ sane_uri = sanitize_pkcs11_provider(provider); ++ if (sane_uri == NULL) + goto send; - } - debug_f("add %.100s", canonical_provider); if (lifetime && !death) @@ -1071,7 +1109,7 @@ diff -up openssh-9.6p1/ssh-agent.c.pkcs11-uri openssh-9.6p1/ssh-agent.c } for (j = 0; j < ncerts; j++) { if (!sshkey_is_cert(certs[j])) -@@ -1609,13 +1664,13 @@ process_add_smartcard_key(SocketEntry *e +@@ -1629,13 +1686,13 @@ process_add_smartcard_key(SocketEntry *e) if (pkcs11_make_cert(keys[i], certs[j], &k) != 0) continue; add_p11_identity(k, xstrdup(comments[i]), @@ -1087,7 +1125,7 @@ diff -up openssh-9.6p1/ssh-agent.c.pkcs11-uri openssh-9.6p1/ssh-agent.c dest_constraints, ndest_constraints); keys[i] = NULL; /* transferred */ comments[i] = NULL; /* transferred */ -@@ -1628,6 +1683,7 @@ process_add_smartcard_key(SocketEntry *e +@@ -1648,6 +1705,7 @@ process_add_smartcard_key(SocketEntry *e) send: free(pin); free(provider); @@ -1095,7 +1133,7 @@ diff -up openssh-9.6p1/ssh-agent.c.pkcs11-uri openssh-9.6p1/ssh-agent.c free(keys); free(comments); free_dest_constraints(dest_constraints, ndest_constraints); -@@ -1640,7 +1696,7 @@ send: +@@ -1660,7 +1718,7 @@ send: static void process_remove_smartcard_key(SocketEntry *e) { @@ -1104,7 +1142,7 @@ diff -up openssh-9.6p1/ssh-agent.c.pkcs11-uri openssh-9.6p1/ssh-agent.c int r, success = 0; Identity *id, *nxt; -@@ -1652,30 +1708,29 @@ process_remove_smartcard_key(SocketEntry +@@ -1672,30 +1730,29 @@ process_remove_smartcard_key(SocketEntry *e) } free(pin); @@ -1141,185 +1179,11 @@ diff -up openssh-9.6p1/ssh-agent.c.pkcs11-uri openssh-9.6p1/ssh-agent.c send_status(e, success); } #endif /* ENABLE_PKCS11 */ -diff -up openssh-9.6p1/ssh_config.5.pkcs11-uri openssh-9.6p1/ssh_config.5 ---- openssh-9.6p1/ssh_config.5.pkcs11-uri 2024-01-12 14:25:25.208941721 +0100 -+++ openssh-9.6p1/ssh_config.5 2024-01-12 14:25:25.234942360 +0100 -@@ -1216,6 +1216,21 @@ may also be used in conjunction with - .Cm CertificateFile - in order to provide any certificate also needed for authentication with - the identity. -+.Pp -+The authentication identity can be also specified in a form of PKCS#11 URI -+starting with a string -+.Cm pkcs11: . -+There is supported a subset of the PKCS#11 URI as defined -+in RFC 7512 (implemented path arguments -+.Cm id , -+.Cm manufacturer , -+.Cm object , -+.Cm token -+and query arguments -+.Cm module-path -+and -+.Cm pin-value -+). The URI can not be in quotes. - .It Cm IgnoreUnknown - Specifies a pattern-list of unknown options to be ignored if they are - encountered in configuration parsing. -diff -up openssh-9.6p1/ssh.c.pkcs11-uri openssh-9.6p1/ssh.c ---- openssh-9.6p1/ssh.c.pkcs11-uri 2024-01-12 14:25:25.208941721 +0100 -+++ openssh-9.6p1/ssh.c 2024-01-12 14:25:25.234942360 +0100 -@@ -882,6 +882,14 @@ main(int ac, char **av) - options.gss_deleg_creds = 1; - break; - case 'i': -+#ifdef ENABLE_PKCS11 -+ if (strlen(optarg) >= strlen(PKCS11_URI_SCHEME) && -+ strncmp(optarg, PKCS11_URI_SCHEME, -+ strlen(PKCS11_URI_SCHEME)) == 0) { -+ add_identity_file(&options, NULL, optarg, 1); -+ break; -+ } -+#endif - p = tilde_expand_filename(optarg, getuid()); - if (stat(p, &st) == -1) - fprintf(stderr, "Warning: Identity file %s " -@@ -1784,6 +1792,7 @@ main(int ac, char **av) - #ifdef ENABLE_PKCS11 - (void)pkcs11_del_provider(options.pkcs11_provider); - #endif -+ pkcs11_terminate(); - - skip_connect: - exit_status = ssh_session2(ssh, cinfo); -@@ -2307,6 +2316,45 @@ ssh_session2(struct ssh *ssh, const stru - options.escape_char : SSH_ESCAPECHAR_NONE, id); - } - -+#ifdef ENABLE_PKCS11 -+static void -+load_pkcs11_identity(char *pkcs11_uri, char *identity_files[], -+ struct sshkey *identity_keys[], int *n_ids) -+{ -+ int nkeys, i; -+ struct sshkey **keys; -+ struct pkcs11_uri *uri; -+ -+ debug("identity file '%s' from pkcs#11", pkcs11_uri); -+ uri = pkcs11_uri_init(); -+ if (uri == NULL) -+ fatal("Failed to init PKCS#11 URI"); -+ -+ if (pkcs11_uri_parse(pkcs11_uri, uri) != 0) -+ fatal("Failed to parse PKCS#11 URI %s", pkcs11_uri); -+ -+ /* we need to merge URI and provider together */ -+ if (options.pkcs11_provider != NULL && uri->module_path == NULL) -+ uri->module_path = strdup(options.pkcs11_provider); -+ -+ if (options.num_identity_files < SSH_MAX_IDENTITY_FILES && -+ (nkeys = pkcs11_add_provider_by_uri(uri, NULL, &keys, NULL)) > 0) { -+ for (i = 0; i < nkeys; i++) { -+ if (*n_ids >= SSH_MAX_IDENTITY_FILES) { -+ sshkey_free(keys[i]); -+ continue; -+ } -+ identity_keys[*n_ids] = keys[i]; -+ identity_files[*n_ids] = pkcs11_uri_get(uri); -+ (*n_ids)++; -+ } -+ free(keys); -+ } -+ -+ pkcs11_uri_cleanup(uri); -+} -+#endif /* ENABLE_PKCS11 */ -+ - /* Loads all IdentityFile and CertificateFile keys */ - static void - load_public_identity_files(const struct ssh_conn_info *cinfo) -@@ -2321,11 +2369,6 @@ load_public_identity_files(const struct - char *certificate_files[SSH_MAX_CERTIFICATE_FILES]; - struct sshkey *certificates[SSH_MAX_CERTIFICATE_FILES]; - int certificate_file_userprovided[SSH_MAX_CERTIFICATE_FILES]; --#ifdef ENABLE_PKCS11 -- struct sshkey **keys = NULL; -- char **comments = NULL; -- int nkeys; --#endif /* PKCS11 */ - - n_ids = n_certs = 0; - memset(identity_files, 0, sizeof(identity_files)); -@@ -2338,33 +2381,46 @@ load_public_identity_files(const struct - sizeof(certificate_file_userprovided)); - - #ifdef ENABLE_PKCS11 -- if (options.pkcs11_provider != NULL && -- options.num_identity_files < SSH_MAX_IDENTITY_FILES && -- (pkcs11_init(!options.batch_mode) == 0) && -- (nkeys = pkcs11_add_provider(options.pkcs11_provider, NULL, -- &keys, &comments)) > 0) { -- for (i = 0; i < nkeys; i++) { -- if (n_ids >= SSH_MAX_IDENTITY_FILES) { -- sshkey_free(keys[i]); -- free(comments[i]); -- continue; -- } -- identity_keys[n_ids] = keys[i]; -- identity_files[n_ids] = comments[i]; /* transferred */ -- n_ids++; -- } -- free(keys); -- free(comments); -+ /* handle fallback from PKCS11Provider option */ -+ pkcs11_init(!options.batch_mode); -+ -+ if (options.pkcs11_provider != NULL) { -+ struct pkcs11_uri *uri; -+ -+ uri = pkcs11_uri_init(); -+ if (uri == NULL) -+ fatal("Failed to init PKCS#11 URI"); -+ -+ /* Construct simple PKCS#11 URI to simplify access */ -+ uri->module_path = strdup(options.pkcs11_provider); -+ -+ /* Add it as any other IdentityFile */ -+ cp = pkcs11_uri_get(uri); -+ add_identity_file(&options, NULL, cp, 1); -+ free(cp); -+ -+ pkcs11_uri_cleanup(uri); - } - #endif /* ENABLE_PKCS11 */ - for (i = 0; i < options.num_identity_files; i++) { -+ char *name = options.identity_files[i]; - if (n_ids >= SSH_MAX_IDENTITY_FILES || -- strcasecmp(options.identity_files[i], "none") == 0) { -+ strcasecmp(name, "none") == 0) { - free(options.identity_files[i]); - options.identity_files[i] = NULL; - continue; - } -- cp = tilde_expand_filename(options.identity_files[i], getuid()); -+#ifdef ENABLE_PKCS11 -+ if (strlen(name) >= strlen(PKCS11_URI_SCHEME) && -+ strncmp(name, PKCS11_URI_SCHEME, -+ strlen(PKCS11_URI_SCHEME)) == 0) { -+ load_pkcs11_identity(name, identity_files, -+ identity_keys, &n_ids); -+ free(options.identity_files[i]); -+ continue; -+ } -+#endif /* ENABLE_PKCS11 */ -+ cp = tilde_expand_filename(name, getuid()); - filename = default_client_percent_dollar_expand(cp, cinfo); - free(cp); - check_load(sshkey_load_public(filename, &public, NULL), -diff -up openssh-9.6p1/ssh-keygen.c.pkcs11-uri openssh-9.6p1/ssh-keygen.c ---- openssh-9.6p1/ssh-keygen.c.pkcs11-uri 2023-12-18 15:59:50.000000000 +0100 -+++ openssh-9.6p1/ssh-keygen.c 2024-01-12 14:25:25.234942360 +0100 -@@ -862,8 +862,11 @@ do_download(struct passwd *pw) +diff --git a/ssh-keygen.c b/ssh-keygen.c +index 89c3ed28..16cff947 100644 +--- a/ssh-keygen.c ++++ b/ssh-keygen.c +@@ -906,8 +906,11 @@ do_download(struct passwd *pw) free(fp); } else { (void) sshkey_write(keys[i], stdout); /* XXX check */ @@ -1333,10 +1197,11 @@ diff -up openssh-9.6p1/ssh-keygen.c.pkcs11-uri openssh-9.6p1/ssh-keygen.c } free(comments[i]); sshkey_free(keys[i]); -diff -up openssh-9.6p1/ssh-pkcs11-client.c.pkcs11-uri openssh-9.6p1/ssh-pkcs11-client.c ---- openssh-9.6p1/ssh-pkcs11-client.c.pkcs11-uri 2023-12-18 15:59:50.000000000 +0100 -+++ openssh-9.6p1/ssh-pkcs11-client.c 2024-01-12 14:25:25.234942360 +0100 -@@ -592,6 +592,8 @@ pkcs11_add_provider(char *name, char *pi +diff --git a/ssh-pkcs11-client.c b/ssh-pkcs11-client.c +index b8d1700f..64df695e 100644 +--- a/ssh-pkcs11-client.c ++++ b/ssh-pkcs11-client.c +@@ -635,6 +635,8 @@ pkcs11_add_provider(char *name, char *pin, struct sshkey ***keysp, struct sshbuf *msg; struct helper *helper; @@ -1345,7 +1210,7 @@ diff -up openssh-9.6p1/ssh-pkcs11-client.c.pkcs11-uri openssh-9.6p1/ssh-pkcs11-c if ((helper = helper_by_provider(name)) == NULL && (helper = pkcs11_start_helper(name)) == NULL) return -1; -@@ -612,6 +614,7 @@ pkcs11_add_provider(char *name, char *pi +@@ -655,6 +657,7 @@ pkcs11_add_provider(char *name, char *pin, struct sshkey ***keysp, *keysp = xcalloc(nkeys, sizeof(struct sshkey *)); if (labelsp) *labelsp = xcalloc(nkeys, sizeof(char *)); @@ -1353,1296 +1218,11 @@ diff -up openssh-9.6p1/ssh-pkcs11-client.c.pkcs11-uri openssh-9.6p1/ssh-pkcs11-c for (i = 0; i < nkeys; i++) { /* XXX clean up properly instead of fatal() */ if ((r = sshbuf_get_string(msg, &blob, &blen)) != 0 || -diff -up openssh-9.9p1/ssh-pkcs11.c.xxx openssh-9.9p1/ssh-pkcs11.c ---- openssh-9.9p1/ssh-pkcs11.c.xxx 2024-10-09 11:56:35.890126144 +0200 -+++ openssh-9.9p1/ssh-pkcs11.c 2024-10-09 11:56:48.528459585 +0200 -@@ -38,6 +38,7 @@ - #include - #include - #include -+#include - - #define CRYPTOKI_COMPAT - #include "pkcs11.h" -@@ -55,8 +55,8 @@ struct pkcs11_slotinfo { - int logged_in; - }; - --struct pkcs11_provider { -- char *name; -+struct pkcs11_module { -+ char *module_path; - void *handle; - CK_FUNCTION_LIST *function_list; - CK_INFO info; -@@ -65,6 +65,13 @@ struct pkcs11_provider { - struct pkcs11_slotinfo *slotinfo; - int valid; - int refcount; -+}; -+ -+struct pkcs11_provider { -+ char *name; -+ struct pkcs11_module *module; /* can be shared between various providers */ -+ int refcount; -+ int valid; - TAILQ_ENTRY(pkcs11_provider) next; - }; - -@@ -75,6 +82,7 @@ struct pkcs11_key { - CK_ULONG slotidx; - char *keyid; - int keyid_len; -+ char *label; - }; - - int pkcs11_interactive = 0; -@@ -106,26 +114,61 @@ pkcs11_init(int interactive) - * this is called when a provider gets unregistered. - */ - static void --pkcs11_provider_finalize(struct pkcs11_provider *p) -+pkcs11_module_finalize(struct pkcs11_module *m) - { - CK_RV rv; - CK_ULONG i; - -- debug_f("provider \"%s\" refcount %d valid %d", -- p->name, p->refcount, p->valid); -- if (!p->valid) -+ debug_f("%p refcount %d valid %d", m, m->refcount, m->valid); -+ if (!m->valid) - return; -- for (i = 0; i < p->nslots; i++) { -- if (p->slotinfo[i].session && -- (rv = p->function_list->C_CloseSession( -- p->slotinfo[i].session)) != CKR_OK) -+ for (i = 0; i < m->nslots; i++) { -+ if (m->slotinfo[i].session && -+ (rv = m->function_list->C_CloseSession( -+ m->slotinfo[i].session)) != CKR_OK) - error("C_CloseSession failed: %lu", rv); - } -- if ((rv = p->function_list->C_Finalize(NULL)) != CKR_OK) -+ if ((rv = m->function_list->C_Finalize(NULL)) != CKR_OK) - error("C_Finalize failed: %lu", rv); -+ m->valid = 0; -+ m->function_list = NULL; -+ dlclose(m->handle); -+} -+ -+/* -+ * remove a reference to the pkcs11 module. -+ * called when a provider is unregistered. -+ */ -+static void -+pkcs11_module_unref(struct pkcs11_module *m) -+{ -+ debug_f("%p refcount %d", m, m->refcount); -+ if (--m->refcount <= 0) { -+ pkcs11_module_finalize(m); -+ if (m->valid) -+ error_f("%p still valid", m); -+ free(m->slotlist); -+ free(m->slotinfo); -+ free(m->module_path); -+ free(m); -+ } -+} -+ -+/* -+ * finalize a provider shared library, it's no longer usable. -+ * however, there might still be keys referencing this provider, -+ * so the actual freeing of memory is handled by pkcs11_provider_unref(). -+ * this is called when a provider gets unregistered. -+ */ -+static void -+pkcs11_provider_finalize(struct pkcs11_provider *p) -+{ -+ debug_f("%p refcount %d valid %d", p, p->refcount, p->valid); -+ if (!p->valid) -+ return; -+ pkcs11_module_unref(p->module); -+ p->module = NULL; - p->valid = 0; -- p->function_list = NULL; -- dlclose(p->handle); - } - - /* -@@ -137,11 +180,9 @@ pkcs11_provider_unref(struct pkcs11_prov - { - debug_f("provider \"%s\" refcount %d", p->name, p->refcount); - if (--p->refcount <= 0) { -- if (p->valid) -- error_f("provider \"%s\" still valid", p->name); - free(p->name); -- free(p->slotlist); -- free(p->slotinfo); -+ if (p->module) -+ pkcs11_module_unref(p->module); - free(p); - } - } -@@ -159,6 +200,20 @@ pkcs11_terminate(void) - } - } - -+/* lookup provider by module path */ -+static struct pkcs11_module * -+pkcs11_provider_lookup_module(char *module_path) -+{ -+ struct pkcs11_provider *p; -+ -+ TAILQ_FOREACH(p, &pkcs11_providers, next) { -+ debug("check %p %s (%s)", p, p->name, p->module->module_path); -+ if (!strcmp(module_path, p->module->module_path)) -+ return (p->module); -+ } -+ return (NULL); -+} -+ - /* lookup provider by name */ - static struct pkcs11_provider * - pkcs11_provider_lookup(char *provider_id) -@@ -173,19 +228,55 @@ pkcs11_provider_lookup(char *provider_id - return (NULL); - } - -+int pkcs11_del_provider_by_uri(struct pkcs11_uri *); -+ - /* unregister provider by name */ - int - pkcs11_del_provider(char *provider_id) - { -+ int rv; -+ struct pkcs11_uri *uri; -+ -+ debug_f("called, provider_id = %s", provider_id); -+ -+ if (provider_id == NULL) -+ return 0; -+ -+ uri = pkcs11_uri_init(); -+ if (uri == NULL) -+ fatal("Failed to init PKCS#11 URI"); -+ -+ if (strlen(provider_id) >= strlen(PKCS11_URI_SCHEME) && -+ strncmp(provider_id, PKCS11_URI_SCHEME, strlen(PKCS11_URI_SCHEME)) == 0) { -+ if (pkcs11_uri_parse(provider_id, uri) != 0) -+ fatal("Failed to parse PKCS#11 URI"); -+ } else { -+ uri->module_path = strdup(provider_id); -+ } -+ -+ rv = pkcs11_del_provider_by_uri(uri); -+ pkcs11_uri_cleanup(uri); -+ return rv; -+} -+ -+/* unregister provider by PKCS#11 URI */ -+int -+pkcs11_del_provider_by_uri(struct pkcs11_uri *uri) -+{ - struct pkcs11_provider *p; -+ int rv = -1; -+ char *provider_uri = pkcs11_uri_get(uri); -+ -+ debug3_f("called with provider %s", provider_uri); - -- if ((p = pkcs11_provider_lookup(provider_id)) != NULL) { -+ if ((p = pkcs11_provider_lookup(provider_uri)) != NULL) { - TAILQ_REMOVE(&pkcs11_providers, p, next); - pkcs11_provider_finalize(p); - pkcs11_provider_unref(p); -- return (0); -+ rv = 0; - } -- return (-1); -+ free(provider_uri); -+ return rv; - } - - static RSA_METHOD *rsa_method; -@@ -195,6 +286,60 @@ static EC_KEY_METHOD *ec_key_method; - static int ec_key_idx = 0; - #endif /* OPENSSL_HAS_ECC && HAVE_EC_KEY_METHOD_NEW */ - -+/* -+ * This can't be in the ssh-pkcs11-uri, becase we can not depend on -+ * PKCS#11 structures in ssh-agent (using client-helper communication) -+ */ -+int -+pkcs11_uri_write(const struct sshkey *key, FILE *f) -+{ -+ char *p = NULL; -+ struct pkcs11_uri uri; -+ struct pkcs11_key *k11; -+ -+ /* sanity - is it a RSA key with associated app_data? */ -+ switch (key->type) { -+ case KEY_RSA: { -+ const RSA *rsa = EVP_PKEY_get0_RSA(key->pkey); -+ k11 = RSA_get_ex_data(rsa, rsa_idx); -+ break; -+ } -+#ifdef HAVE_EC_KEY_METHOD_NEW -+ case KEY_ECDSA: { -+ const EC_KEY * ecdsa = EVP_PKEY_get0_EC_KEY(key->pkey); -+ k11 = EC_KEY_get_ex_data(ecdsa, ec_key_idx); -+ break; -+ } -+#endif -+ default: -+ error("Unknown key type %d", key->type); -+ return -1; -+ } -+ if (k11 == NULL) { -+ error("Failed to get ex_data for key type %d", key->type); -+ return (-1); -+ } -+ -+ /* omit type -- we are looking for private-public or private-certificate pairs */ -+ uri.id = k11->keyid; -+ uri.id_len = k11->keyid_len; -+ uri.token = k11->provider->module->slotinfo[k11->slotidx].token.label; -+ uri.object = k11->label; -+ uri.module_path = k11->provider->module->module_path; -+ uri.lib_manuf = k11->provider->module->info.manufacturerID; -+ uri.manuf = k11->provider->module->slotinfo[k11->slotidx].token.manufacturerID; -+ uri.serial = k11->provider->module->slotinfo[k11->slotidx].token.serialNumber; -+ -+ p = pkcs11_uri_get(&uri); -+ /* do not cleanup -- we do not allocate here, only reference */ -+ if (p == NULL) -+ return -1; -+ -+ fprintf(f, " %s", p); -+ free(p); -+ return 0; -+} -+ - /* release a wrapped object */ - static void - pkcs11_k11_free(void *parent, void *ptr, CRYPTO_EX_DATA *ad, int idx, -@@ -208,6 +349,7 @@ pkcs11_k11_free(void *parent, void *ptr, - if (k11->provider) - pkcs11_provider_unref(k11->provider); - free(k11->keyid); -+ free(k11->label); - free(k11); - } - -@@ -222,8 +364,8 @@ pkcs11_find(struct pkcs11_provider *p, C - CK_RV rv; - int ret = -1; - -- f = p->function_list; -- session = p->slotinfo[slotidx].session; -+ f = p->module->function_list; -+ session = p->module->slotinfo[slotidx].session; - if ((rv = f->C_FindObjectsInit(session, attr, nattr)) != CKR_OK) { - error("C_FindObjectsInit failed (nattr %lu): %lu", nattr, rv); - return (-1); -@@ -260,14 +402,14 @@ pkcs11_login_slot(struct pkcs11_provider - if (si->token.flags & CKF_PROTECTED_AUTHENTICATION_PATH) - verbose("Deferring PIN entry to reader keypad."); - else { -- snprintf(prompt, sizeof(prompt), "Enter PIN for '%s': ", -+ snprintf(prompt, sizeof(prompt), "Enter PIN for '%.32s': ", - si->token.label); -- if ((pin = read_passphrase(prompt, RP_ALLOW_EOF)) == NULL) { -+ if ((pin = read_passphrase(prompt, RP_ALLOW_EOF|RP_ALLOW_STDIN)) == NULL) { - debug_f("no pin specified"); - return (-1); /* bail out */ - } - } -- rv = provider->function_list->C_Login(si->session, type, (u_char *)pin, -+ rv = provider->module->function_list->C_Login(si->session, type, (u_char *)pin, - (pin != NULL) ? strlen(pin) : 0); - if (pin != NULL) - freezero(pin, strlen(pin)); -@@ -297,13 +439,14 @@ pkcs11_login_slot(struct pkcs11_provider - static int - pkcs11_login(struct pkcs11_key *k11, CK_USER_TYPE type) - { -- if (k11 == NULL || k11->provider == NULL || !k11->provider->valid) { -+ if (k11 == NULL || k11->provider == NULL || !k11->provider->valid || -+ k11->provider->module == NULL || !k11->provider->module->valid) { - error("no pkcs11 (valid) provider found"); - return (-1); - } - - return pkcs11_login_slot(k11->provider, -- &k11->provider->slotinfo[k11->slotidx], type); -+ &k11->provider->module->slotinfo[k11->slotidx], type); - } - - -@@ -319,13 +462,14 @@ pkcs11_check_obj_bool_attrib(struct pkcs - - *val = 0; - -- if (!k11->provider || !k11->provider->valid) { -+ if (!k11->provider || !k11->provider->valid || -+ !k11->provider->module || !k11->provider->module->valid) { - error("no pkcs11 (valid) provider found"); - return (-1); - } - -- f = k11->provider->function_list; -- si = &k11->provider->slotinfo[k11->slotidx]; -+ f = k11->provider->module->function_list; -+ si = &k11->provider->module->slotinfo[k11->slotidx]; - - attr.type = type; - attr.pValue = &flag; -@@ -356,13 +500,14 @@ pkcs11_get_key(struct pkcs11_key *k11, C - int always_auth = 0; - int did_login = 0; - -- if (!k11->provider || !k11->provider->valid) { -+ if (!k11->provider || !k11->provider->valid || -+ !k11->provider->module || !k11->provider->module->valid) { - error("no pkcs11 (valid) provider found"); - return (-1); - } - -- f = k11->provider->function_list; -- si = &k11->provider->slotinfo[k11->slotidx]; -+ f = k11->provider->module->function_list; -+ si = &k11->provider->module->slotinfo[k11->slotidx]; - - if ((si->token.flags & CKF_LOGIN_REQUIRED) && !si->logged_in) { - if (pkcs11_login(k11, CKU_USER) < 0) { -@@ -439,8 +584,8 @@ pkcs11_rsa_private_encrypt(int flen, con - return (-1); - } - -- f = k11->provider->function_list; -- si = &k11->provider->slotinfo[k11->slotidx]; -+ f = k11->provider->module->function_list; -+ si = &k11->provider->module->slotinfo[k11->slotidx]; - tlen = RSA_size(rsa); - - /* XXX handle CKR_BUFFER_TOO_SMALL */ -@@ -484,7 +629,7 @@ pkcs11_rsa_start_wrapper(void) - /* redirect private key operations for rsa key to pkcs11 token */ - static int - pkcs11_rsa_wrap(struct pkcs11_provider *provider, CK_ULONG slotidx, -- CK_ATTRIBUTE *keyid_attrib, RSA *rsa) -+ CK_ATTRIBUTE *keyid_attrib, CK_ATTRIBUTE *label_attrib, RSA *rsa) - { - struct pkcs11_key *k11; - -@@ -502,6 +647,12 @@ pkcs11_rsa_wrap(struct pkcs11_provider * - memcpy(k11->keyid, keyid_attrib->pValue, k11->keyid_len); - } - -+ if (label_attrib->ulValueLen > 0 ) { -+ k11->label = xmalloc(label_attrib->ulValueLen+1); -+ memcpy(k11->label, label_attrib->pValue, label_attrib->ulValueLen); -+ k11->label[label_attrib->ulValueLen] = 0; -+ } -+ - if (RSA_set_method(rsa, rsa_method) != 1) - fatal_f("RSA_set_method failed"); - if (RSA_set_ex_data(rsa, rsa_idx, k11) != 1) -@@ -532,8 +683,8 @@ ecdsa_do_sign(const unsigned char *dgst, - return (NULL); - } - -- f = k11->provider->function_list; -- si = &k11->provider->slotinfo[k11->slotidx]; -+ f = k11->provider->module->function_list; -+ si = &k11->provider->module->slotinfo[k11->slotidx]; - - siglen = ECDSA_size(ec); - sig = xmalloc(siglen); -@@ -598,7 +749,7 @@ pkcs11_ecdsa_start_wrapper(void) - - static int - pkcs11_ecdsa_wrap(struct pkcs11_provider *provider, CK_ULONG slotidx, -- CK_ATTRIBUTE *keyid_attrib, EC_KEY *ec) -+ CK_ATTRIBUTE *keyid_attrib, CK_ATTRIBUTE *label_attrib, EC_KEY *ec) - { - struct pkcs11_key *k11; - -@@ -615,6 +766,12 @@ pkcs11_ecdsa_wrap(struct pkcs11_provider - k11->keyid = xmalloc(k11->keyid_len); - memcpy(k11->keyid, keyid_attrib->pValue, k11->keyid_len); - } -+ if (label_attrib->ulValueLen > 0 ) { -+ k11->label = xmalloc(label_attrib->ulValueLen+1); -+ memcpy(k11->label, label_attrib->pValue, label_attrib->ulValueLen); -+ k11->label[label_attrib->ulValueLen] = 0; -+ } -+ - if (EC_KEY_set_method(ec, ec_key_method) != 1) - fatal_f("EC_KEY_set_method failed"); - if (EC_KEY_set_ex_data(ec, ec_key_idx, k11) != 1) -@@ -622,7 +779,8 @@ pkcs11_ecdsa_wrap(struct pkcs11_provider - } - #endif /* OPENSSL_HAS_ECC && HAVE_EC_KEY_METHOD_NEW */ - --/* remove trailing spaces */ -+/* remove trailing spaces. Note, that this does NOT guarantee the buffer -+ * will be null terminated if there are no trailing spaces! */ - static char * - rmspace(u_char *buf, size_t len) - { -@@ -654,8 +812,8 @@ pkcs11_open_session(struct pkcs11_provid - CK_SESSION_HANDLE session; - int login_required, ret; - -- f = p->function_list; -- si = &p->slotinfo[slotidx]; -+ f = p->module->function_list; -+ si = &p->module->slotinfo[slotidx]; - - login_required = si->token.flags & CKF_LOGIN_REQUIRED; - -@@ -665,9 +823,9 @@ pkcs11_open_session(struct pkcs11_provid - error("pin required"); - return (-SSH_PKCS11_ERR_PIN_REQUIRED); - } -- if ((rv = f->C_OpenSession(p->slotlist[slotidx], CKF_RW_SESSION| -+ if ((rv = f->C_OpenSession(p->module->slotlist[slotidx], CKF_RW_SESSION| - CKF_SERIAL_SESSION, NULL, NULL, &session)) != CKR_OK) { -- error("C_OpenSession failed: %lu", rv); -+ error("C_OpenSession failed for slot %lu: %lu", slotidx, rv); - return (-1); - } - if (login_required && pin != NULL && strlen(pin) != 0) { -@@ -703,7 +861,8 @@ static struct sshkey * - pkcs11_fetch_ecdsa_pubkey(struct pkcs11_provider *p, CK_ULONG slotidx, - CK_OBJECT_HANDLE *obj) - { -- CK_ATTRIBUTE key_attr[3]; -+ CK_ATTRIBUTE key_attr[4]; -+ int nattr = 4; - CK_SESSION_HANDLE session; - CK_FUNCTION_LIST *f = NULL; - CK_RV rv; -@@ -717,14 +876,15 @@ pkcs11_fetch_ecdsa_pubkey(struct pkcs11_ - - memset(&key_attr, 0, sizeof(key_attr)); - key_attr[0].type = CKA_ID; -- key_attr[1].type = CKA_EC_POINT; -- key_attr[2].type = CKA_EC_PARAMS; -+ key_attr[1].type = CKA_LABEL; -+ key_attr[2].type = CKA_EC_POINT; -+ key_attr[3].type = CKA_EC_PARAMS; - -- session = p->slotinfo[slotidx].session; -- f = p->function_list; -+ session = p->module->slotinfo[slotidx].session; -+ f = p->module->function_list; - - /* figure out size of the attributes */ -- rv = f->C_GetAttributeValue(session, *obj, key_attr, 3); -+ rv = f->C_GetAttributeValue(session, *obj, key_attr, nattr); - if (rv != CKR_OK) { - error("C_GetAttributeValue failed: %lu", rv); - return (NULL); -@@ -735,19 +895,19 @@ pkcs11_fetch_ecdsa_pubkey(struct pkcs11_ - * ensure that none of the others are zero length. - * XXX assumes CKA_ID is always first. - */ -- if (key_attr[1].ulValueLen == 0 || -- key_attr[2].ulValueLen == 0) { -+ if (key_attr[2].ulValueLen == 0 || -+ key_attr[3].ulValueLen == 0) { - error("invalid attribute length"); - return (NULL); - } - - /* allocate buffers for attributes */ -- for (i = 0; i < 3; i++) -+ for (i = 0; i < nattr; i++) - if (key_attr[i].ulValueLen > 0) - key_attr[i].pValue = xcalloc(1, key_attr[i].ulValueLen); - - /* retrieve ID, public point and curve parameters of EC key */ -- rv = f->C_GetAttributeValue(session, *obj, key_attr, 3); -+ rv = f->C_GetAttributeValue(session, *obj, key_attr, nattr); - if (rv != CKR_OK) { - error("C_GetAttributeValue failed: %lu", rv); - goto fail; -@@ -759,8 +919,8 @@ pkcs11_fetch_ecdsa_pubkey(struct pkcs11_ - goto fail; - } - -- attrp = key_attr[2].pValue; -- group = d2i_ECPKParameters(NULL, &attrp, key_attr[2].ulValueLen); -+ attrp = key_attr[3].pValue; -+ group = d2i_ECPKParameters(NULL, &attrp, key_attr[3].ulValueLen); - if (group == NULL) { - ossl_error("d2i_ECPKParameters failed"); - goto fail; -@@ -771,13 +931,13 @@ pkcs11_fetch_ecdsa_pubkey(struct pkcs11_ - goto fail; - } - -- if (key_attr[1].ulValueLen <= 2) { -+ if (key_attr[2].ulValueLen <= 2) { - error("CKA_EC_POINT too small"); - goto fail; - } - -- attrp = key_attr[1].pValue; -- octet = d2i_ASN1_OCTET_STRING(NULL, &attrp, key_attr[1].ulValueLen); -+ attrp = key_attr[2].pValue; -+ octet = d2i_ASN1_OCTET_STRING(NULL, &attrp, key_attr[2].ulValueLen); - if (octet == NULL) { - ossl_error("d2i_ASN1_OCTET_STRING failed"); - goto fail; -@@ -794,7 +954,7 @@ pkcs11_fetch_ecdsa_pubkey(struct pkcs11_ - goto fail; - } - -- if (pkcs11_ecdsa_wrap(p, slotidx, &key_attr[0], ec)) -+ if (pkcs11_ecdsa_wrap(p, slotidx, &key_attr[0], &key_attr[1], ec)) - goto fail; - - key = sshkey_new(KEY_UNSPEC); -@@ -810,7 +970,7 @@ pkcs11_fetch_ecdsa_pubkey(struct pkcs11_ - key->flags |= SSHKEY_FLAG_EXT; - - fail: -- for (i = 0; i < 3; i++) -+ for (i = 0; i < nattr; i++) - free(key_attr[i].pValue); - if (ec) - EC_KEY_free(ec); -@@ -827,7 +987,8 @@ static struct sshkey * - pkcs11_fetch_rsa_pubkey(struct pkcs11_provider *p, CK_ULONG slotidx, - CK_OBJECT_HANDLE *obj) - { -- CK_ATTRIBUTE key_attr[3]; -+ CK_ATTRIBUTE key_attr[4]; -+ int nattr = 4; - CK_SESSION_HANDLE session; - CK_FUNCTION_LIST *f = NULL; - CK_RV rv; -@@ -838,14 +999,15 @@ pkcs11_fetch_rsa_pubkey(struct pkcs11_pr - - memset(&key_attr, 0, sizeof(key_attr)); - key_attr[0].type = CKA_ID; -- key_attr[1].type = CKA_MODULUS; -- key_attr[2].type = CKA_PUBLIC_EXPONENT; -+ key_attr[1].type = CKA_LABEL; -+ key_attr[2].type = CKA_MODULUS; -+ key_attr[3].type = CKA_PUBLIC_EXPONENT; - -- session = p->slotinfo[slotidx].session; -- f = p->function_list; -+ session = p->module->slotinfo[slotidx].session; -+ f = p->module->function_list; - - /* figure out size of the attributes */ -- rv = f->C_GetAttributeValue(session, *obj, key_attr, 3); -+ rv = f->C_GetAttributeValue(session, *obj, key_attr, nattr); - if (rv != CKR_OK) { - error("C_GetAttributeValue failed: %lu", rv); - return (NULL); -@@ -856,19 +1018,19 @@ pkcs11_fetch_rsa_pubkey(struct pkcs11_pr - * ensure that none of the others are zero length. - * XXX assumes CKA_ID is always first. - */ -- if (key_attr[1].ulValueLen == 0 || -- key_attr[2].ulValueLen == 0) { -+ if (key_attr[2].ulValueLen == 0 || -+ key_attr[3].ulValueLen == 0) { - error("invalid attribute length"); - return (NULL); - } - - /* allocate buffers for attributes */ -- for (i = 0; i < 3; i++) -+ for (i = 0; i < nattr; i++) - if (key_attr[i].ulValueLen > 0) - key_attr[i].pValue = xcalloc(1, key_attr[i].ulValueLen); - - /* retrieve ID, modulus and public exponent of RSA key */ -- rv = f->C_GetAttributeValue(session, *obj, key_attr, 3); -+ rv = f->C_GetAttributeValue(session, *obj, key_attr, nattr); - if (rv != CKR_OK) { - error("C_GetAttributeValue failed: %lu", rv); - goto fail; -@@ -880,8 +1042,8 @@ pkcs11_fetch_rsa_pubkey(struct pkcs11_pr - goto fail; - } - -- rsa_n = BN_bin2bn(key_attr[1].pValue, key_attr[1].ulValueLen, NULL); -- rsa_e = BN_bin2bn(key_attr[2].pValue, key_attr[2].ulValueLen, NULL); -+ rsa_n = BN_bin2bn(key_attr[2].pValue, key_attr[2].ulValueLen, NULL); -+ rsa_e = BN_bin2bn(key_attr[3].pValue, key_attr[3].ulValueLen, NULL); - if (rsa_n == NULL || rsa_e == NULL) { - error("BN_bin2bn failed"); - goto fail; -@@ -890,7 +1052,7 @@ pkcs11_fetch_rsa_pubkey(struct pkcs11_pr - fatal_f("set key"); - rsa_n = rsa_e = NULL; /* transferred */ - -- if (pkcs11_rsa_wrap(p, slotidx, &key_attr[0], rsa)) -+ if (pkcs11_rsa_wrap(p, slotidx, &key_attr[0], &key_attr[1], rsa)) - goto fail; - - key = sshkey_new(KEY_UNSPEC); -@@ -905,7 +1067,7 @@ pkcs11_fetch_rsa_pubkey(struct pkcs11_pr - key->flags |= SSHKEY_FLAG_EXT; - - fail: -- for (i = 0; i < 3; i++) -+ for (i = 0; i < nattr; i++) - free(key_attr[i].pValue); - RSA_free(rsa); - -@@ -916,7 +1078,8 @@ static int - pkcs11_fetch_x509_pubkey(struct pkcs11_provider *p, CK_ULONG slotidx, - CK_OBJECT_HANDLE *obj, struct sshkey **keyp, char **labelp) - { -- CK_ATTRIBUTE cert_attr[3]; -+ CK_ATTRIBUTE cert_attr[4]; -+ int nattr = 4; - CK_SESSION_HANDLE session; - CK_FUNCTION_LIST *f = NULL; - CK_RV rv; -@@ -940,14 +1103,15 @@ pkcs11_fetch_x509_pubkey(struct pkcs11_p - - memset(&cert_attr, 0, sizeof(cert_attr)); - cert_attr[0].type = CKA_ID; -- cert_attr[1].type = CKA_SUBJECT; -- cert_attr[2].type = CKA_VALUE; -+ cert_attr[1].type = CKA_LABEL; -+ cert_attr[2].type = CKA_SUBJECT; -+ cert_attr[3].type = CKA_VALUE; - -- session = p->slotinfo[slotidx].session; -- f = p->function_list; -+ session = p->module->slotinfo[slotidx].session; -+ f = p->module->function_list; - - /* figure out size of the attributes */ -- rv = f->C_GetAttributeValue(session, *obj, cert_attr, 3); -+ rv = f->C_GetAttributeValue(session, *obj, cert_attr, nattr); - if (rv != CKR_OK) { - error("C_GetAttributeValue failed: %lu", rv); - return -1; -@@ -959,18 +1123,19 @@ pkcs11_fetch_x509_pubkey(struct pkcs11_p - * XXX assumes CKA_ID is always first. - */ - if (cert_attr[1].ulValueLen == 0 || -- cert_attr[2].ulValueLen == 0) { -+ cert_attr[2].ulValueLen == 0 || -+ cert_attr[3].ulValueLen == 0) { - error("invalid attribute length"); - return -1; - } - - /* allocate buffers for attributes */ -- for (i = 0; i < 3; i++) -+ for (i = 0; i < nattr; i++) - if (cert_attr[i].ulValueLen > 0) - cert_attr[i].pValue = xcalloc(1, cert_attr[i].ulValueLen); - - /* retrieve ID, subject and value of certificate */ -- rv = f->C_GetAttributeValue(session, *obj, cert_attr, 3); -+ rv = f->C_GetAttributeValue(session, *obj, cert_attr, nattr); - if (rv != CKR_OK) { - error("C_GetAttributeValue failed: %lu", rv); - goto out; -@@ -984,8 +1149,8 @@ pkcs11_fetch_x509_pubkey(struct pkcs11_p - subject = xstrdup("invalid subject"); - X509_NAME_free(x509_name); - -- cp = cert_attr[2].pValue; -- if ((x509 = d2i_X509(NULL, &cp, cert_attr[2].ulValueLen)) == NULL) { -+ cp = cert_attr[3].pValue; -+ if ((x509 = d2i_X509(NULL, &cp, cert_attr[3].ulValueLen)) == NULL) { - error("d2i_x509 failed"); - goto out; - } -@@ -1005,7 +1170,7 @@ pkcs11_fetch_x509_pubkey(struct pkcs11_p - goto out; - } - -- if (pkcs11_rsa_wrap(p, slotidx, &cert_attr[0], rsa)) -+ if (pkcs11_rsa_wrap(p, slotidx, &cert_attr[0], &cert_attr[1], rsa)) - goto out; - - key = sshkey_new(KEY_UNSPEC); -@@ -1035,7 +1200,7 @@ pkcs11_fetch_x509_pubkey(struct pkcs11_p - goto out; - } - -- if (pkcs11_ecdsa_wrap(p, slotidx, &cert_attr[0], ec)) -+ if (pkcs11_ecdsa_wrap(p, slotidx, &cert_attr[0], &cert_attr[1], ec)) - goto out; - - key = sshkey_new(KEY_UNSPEC); -@@ -1055,7 +1220,7 @@ pkcs11_fetch_x509_pubkey(struct pkcs11_p - goto out; - } - out: -- for (i = 0; i < 3; i++) -+ for (i = 0; i < nattr; i++) - free(cert_attr[i].pValue); - X509_free(x509); - RSA_free(rsa); -@@ -1106,11 +1271,12 @@ note_key(struct pkcs11_provider *p, CK_U - */ - static int - pkcs11_fetch_certs(struct pkcs11_provider *p, CK_ULONG slotidx, -- struct sshkey ***keysp, char ***labelsp, int *nkeys) -+ struct sshkey ***keysp, char ***labelsp, int *nkeys, struct pkcs11_uri *uri) - { - struct sshkey *key = NULL; - CK_OBJECT_CLASS key_class; -- CK_ATTRIBUTE key_attr[1]; -+ CK_ATTRIBUTE key_attr[3]; -+ int nattr = 1; - CK_SESSION_HANDLE session; - CK_FUNCTION_LIST *f = NULL; - CK_RV rv; -@@ -1127,10 +1293,23 @@ pkcs11_fetch_certs(struct pkcs11_provide - key_attr[0].pValue = &key_class; - key_attr[0].ulValueLen = sizeof(key_class); - -- session = p->slotinfo[slotidx].session; -- f = p->function_list; -+ if (uri->id != NULL) { -+ key_attr[nattr].type = CKA_ID; -+ key_attr[nattr].pValue = uri->id; -+ key_attr[nattr].ulValueLen = uri->id_len; -+ nattr++; -+ } -+ if (uri->object != NULL) { -+ key_attr[nattr].type = CKA_LABEL; -+ key_attr[nattr].pValue = uri->object; -+ key_attr[nattr].ulValueLen = strlen(uri->object); -+ nattr++; -+ } - -- rv = f->C_FindObjectsInit(session, key_attr, 1); -+ session = p->module->slotinfo[slotidx].session; -+ f = p->module->function_list; -+ -+ rv = f->C_FindObjectsInit(session, key_attr, nattr); - if (rv != CKR_OK) { - error("C_FindObjectsInit failed: %lu", rv); - goto fail; -@@ -1211,11 +1390,12 @@ fail: - */ - static int - pkcs11_fetch_keys(struct pkcs11_provider *p, CK_ULONG slotidx, -- struct sshkey ***keysp, char ***labelsp, int *nkeys) -+ struct sshkey ***keysp, char ***labelsp, int *nkeys, struct pkcs11_uri *uri) - { - struct sshkey *key = NULL; - CK_OBJECT_CLASS key_class; -- CK_ATTRIBUTE key_attr[2]; -+ CK_ATTRIBUTE key_attr[3]; -+ int nattr = 1; - CK_SESSION_HANDLE session; - CK_FUNCTION_LIST *f = NULL; - CK_RV rv; -@@ -1231,10 +1411,23 @@ pkcs11_fetch_keys(struct pkcs11_provider - key_attr[0].pValue = &key_class; - key_attr[0].ulValueLen = sizeof(key_class); - -- session = p->slotinfo[slotidx].session; -- f = p->function_list; -+ if (uri->id != NULL) { -+ key_attr[nattr].type = CKA_ID; -+ key_attr[nattr].pValue = uri->id; -+ key_attr[nattr].ulValueLen = uri->id_len; -+ nattr++; -+ } -+ if (uri->object != NULL) { -+ key_attr[nattr].type = CKA_LABEL; -+ key_attr[nattr].pValue = uri->object; -+ key_attr[nattr].ulValueLen = strlen(uri->object); -+ nattr++; -+ } -+ -+ session = p->module->slotinfo[slotidx].session; -+ f = p->module->function_list; - -- rv = f->C_FindObjectsInit(session, key_attr, 1); -+ rv = f->C_FindObjectsInit(session, key_attr, nattr); - if (rv != CKR_OK) { - error("C_FindObjectsInit failed: %lu", rv); - goto fail; -@@ -1503,16 +1696,10 @@ pkcs11_ecdsa_generate_private_key(struct - } - #endif /* WITH_PKCS11_KEYGEN */ - --/* -- * register a new provider, fails if provider already exists. if -- * keyp is provided, fetch keys. -- */ - static int --pkcs11_register_provider(char *provider_id, char *pin, -- struct sshkey ***keyp, char ***labelsp, -- struct pkcs11_provider **providerp, CK_ULONG user) -+pkcs11_initialize_provider(struct pkcs11_uri *uri, struct pkcs11_provider **providerp) - { -- int nkeys, need_finalize = 0; -+ int need_finalize = 0; - int ret = -1; - struct pkcs11_provider *p = NULL; - void *handle = NULL; -@@ -1521,162 +1708,309 @@ pkcs11_register_provider(char *provider_ - CK_FUNCTION_LIST *f = NULL; - CK_TOKEN_INFO *token; - CK_ULONG i; -+ char *provider_module = NULL; -+ struct pkcs11_module *m = NULL; - -- if (providerp == NULL) -- goto fail; -- *providerp = NULL; -- -- if (keyp != NULL) -- *keyp = NULL; -- if (labelsp != NULL) -- *labelsp = NULL; -+ /* if no provider specified, fallback to p11-kit */ -+ if (uri->module_path == NULL) { -+#ifdef PKCS11_DEFAULT_PROVIDER -+ provider_module = strdup(PKCS11_DEFAULT_PROVIDER); -+#else -+ error_f("No module path provided"); -+ goto fail; -+#endif -+ } else { -+ provider_module = strdup(uri->module_path); -+ } -+ p = xcalloc(1, sizeof(*p)); -+ p->name = pkcs11_uri_get(uri); - -- if (pkcs11_provider_lookup(provider_id) != NULL) { -- debug_f("provider already registered: %s", provider_id); -+ if (lib_contains_symbol(provider_module, "C_GetFunctionList") != 0) { -+ error("provider %s is not a PKCS11 library", provider_module); - goto fail; - } -- if (lib_contains_symbol(provider_id, "C_GetFunctionList") != 0) { -- error("provider %s is not a PKCS11 library", provider_id); -- goto fail; -+ if ((m = pkcs11_provider_lookup_module(provider_module)) != NULL -+ && m->valid) { -+ debug_f("provider module already initialized: %s", provider_module); -+ free(provider_module); -+ /* Skip the initialization of PKCS#11 module */ -+ m->refcount++; -+ p->module = m; -+ p->valid = 1; -+ TAILQ_INSERT_TAIL(&pkcs11_providers, p, next); -+ p->refcount++; /* add to provider list */ -+ *providerp = p; -+ return 0; -+ } else { -+ m = xcalloc(1, sizeof(*m)); -+ p->module = m; -+ m->refcount++; - } -+ - /* open shared pkcs11-library */ -- if ((handle = dlopen(provider_id, RTLD_NOW)) == NULL) { -- error("dlopen %s failed: %s", provider_id, dlerror()); -+ if ((handle = dlopen(provider_module, RTLD_NOW)) == NULL) { -+ error("dlopen %s failed: %s", provider_module, dlerror()); - goto fail; - } - if ((getfunctionlist = dlsym(handle, "C_GetFunctionList")) == NULL) - fatal("dlsym(C_GetFunctionList) failed: %s", dlerror()); -- p = xcalloc(1, sizeof(*p)); -- p->name = xstrdup(provider_id); -- p->handle = handle; -+ p->module->handle = handle; - /* setup the pkcs11 callbacks */ - if ((rv = (*getfunctionlist)(&f)) != CKR_OK) { - error("C_GetFunctionList for provider %s failed: %lu", -- provider_id, rv); -+ provider_module, rv); - goto fail; - } -- p->function_list = f; -+ m->function_list = f; - if ((rv = f->C_Initialize(NULL)) != CKR_OK) { - error("C_Initialize for provider %s failed: %lu", -- provider_id, rv); -+ provider_module, rv); - goto fail; - } - need_finalize = 1; -- if ((rv = f->C_GetInfo(&p->info)) != CKR_OK) { -+ if ((rv = f->C_GetInfo(&m->info)) != CKR_OK) { - error("C_GetInfo for provider %s failed: %lu", -- provider_id, rv); -+ provider_module, rv); - goto fail; - } -- debug("provider %s: manufacturerID <%.*s> cryptokiVersion %d.%d" -- " libraryDescription <%.*s> libraryVersion %d.%d", -- provider_id, -- RMSPACE(p->info.manufacturerID), -- p->info.cryptokiVersion.major, -- p->info.cryptokiVersion.minor, -- RMSPACE(p->info.libraryDescription), -- p->info.libraryVersion.major, -- p->info.libraryVersion.minor); -- if ((rv = f->C_GetSlotList(CK_TRUE, NULL, &p->nslots)) != CKR_OK) { -+ rmspace(m->info.manufacturerID, sizeof(m->info.manufacturerID)); -+ if (uri->lib_manuf != NULL && -+ strncmp(uri->lib_manuf, m->info.manufacturerID, 32)) { -+ debug_f("Skipping provider %s not matching library_manufacturer", -+ m->info.manufacturerID); -+ goto fail; -+ } -+ rmspace(m->info.libraryDescription, sizeof(m->info.libraryDescription)); -+ debug("provider %s: manufacturerID <%.32s> cryptokiVersion %d.%d" -+ " libraryDescription <%.32s> libraryVersion %d.%d", -+ provider_module, -+ m->info.manufacturerID, -+ m->info.cryptokiVersion.major, -+ m->info.cryptokiVersion.minor, -+ m->info.libraryDescription, -+ m->info.libraryVersion.major, -+ m->info.libraryVersion.minor); -+ -+ if ((rv = f->C_GetSlotList(CK_TRUE, NULL, &m->nslots)) != CKR_OK) { - error("C_GetSlotList failed: %lu", rv); - goto fail; - } -- if (p->nslots == 0) { -- debug_f("provider %s returned no slots", provider_id); -+ if (m->nslots == 0) { -+ debug_f("provider %s returned no slots", provider_module); - ret = -SSH_PKCS11_ERR_NO_SLOTS; - goto fail; - } -- p->slotlist = xcalloc(p->nslots, sizeof(CK_SLOT_ID)); -- if ((rv = f->C_GetSlotList(CK_TRUE, p->slotlist, &p->nslots)) -+ m->slotlist = xcalloc(m->nslots, sizeof(CK_SLOT_ID)); -+ if ((rv = f->C_GetSlotList(CK_TRUE, m->slotlist, &m->nslots)) - != CKR_OK) { - error("C_GetSlotList for provider %s failed: %lu", -- provider_id, rv); -+ provider_module, rv); - goto fail; - } -- p->slotinfo = xcalloc(p->nslots, sizeof(struct pkcs11_slotinfo)); -+ m->slotinfo = xcalloc(m->nslots, sizeof(struct pkcs11_slotinfo)); - p->valid = 1; -- nkeys = 0; -- for (i = 0; i < p->nslots; i++) { -- token = &p->slotinfo[i].token; -- if ((rv = f->C_GetTokenInfo(p->slotlist[i], token)) -+ m->valid = 1; -+ for (i = 0; i < m->nslots; i++) { -+ token = &m->slotinfo[i].token; -+ if ((rv = f->C_GetTokenInfo(m->slotlist[i], token)) - != CKR_OK) { - error("C_GetTokenInfo for provider %s slot %lu " -- "failed: %lu", provider_id, (u_long)i, rv); -- continue; -- } -- if ((token->flags & CKF_TOKEN_INITIALIZED) == 0) { -- debug2_f("ignoring uninitialised token in " -- "provider %s slot %lu", provider_id, (u_long)i); -+ "failed: %lu", provider_module, (u_long)i, rv); -+ token->flags = 0; - continue; - } - debug("provider %s slot %lu: label <%.*s> " - "manufacturerID <%.*s> model <%.*s> serial <%.*s> " - "flags 0x%lx", -- provider_id, (unsigned long)i, -+ provider_module, (unsigned long)i, - RMSPACE(token->label), RMSPACE(token->manufacturerID), - RMSPACE(token->model), RMSPACE(token->serialNumber), - token->flags); -+ } -+ m->module_path = provider_module; -+ provider_module = NULL; -+ -+ /* now owned by caller */ -+ *providerp = p; -+ -+ TAILQ_INSERT_TAIL(&pkcs11_providers, p, next); -+ p->refcount++; /* add to provider list */ -+ -+ return 0; -+fail: -+ if (need_finalize && (rv = f->C_Finalize(NULL)) != CKR_OK) -+ error("C_Finalize for provider %s failed: %lu", -+ provider_module, rv); -+ free(provider_module); -+ if (m) { -+ free(m->slotlist); -+ free(m); -+ } -+ if (p) { -+ free(p->name); -+ free(p); -+ } -+ if (handle) -+ dlclose(handle); -+ return (ret); -+} -+ -+/* -+ * register a new provider, fails if provider already exists. if -+ * keyp is provided, fetch keys. -+ */ -+static int -+pkcs11_register_provider_by_uri(struct pkcs11_uri *uri, char *pin, -+ struct sshkey ***keyp, char ***labelsp, struct pkcs11_provider **providerp, -+ CK_ULONG user) -+{ -+ int nkeys; -+ int ret = -1; -+ struct pkcs11_provider *p = NULL; -+ CK_ULONG i; -+ CK_TOKEN_INFO *token; -+ char *provider_uri = NULL; -+ -+ if (providerp == NULL) -+ goto fail; -+ *providerp = NULL; -+ -+ if (keyp != NULL) -+ *keyp = NULL; -+ -+ if ((ret = pkcs11_initialize_provider(uri, &p)) != 0) { -+ goto fail; -+ } -+ -+ provider_uri = pkcs11_uri_get(uri); -+ if (pin == NULL && uri->pin != NULL) { -+ pin = uri->pin; -+ } -+ nkeys = 0; -+ for (i = 0; i < p->module->nslots; i++) { -+ token = &p->module->slotinfo[i].token; -+ if ((token->flags & CKF_TOKEN_INITIALIZED) == 0) { -+ debug2_f("ignoring uninitialised token in " -+ "provider %s slot %lu", provider_uri, (u_long)i); -+ continue; -+ } -+ if (uri->token != NULL && -+ strncmp(token->label, uri->token, 32) != 0) { -+ debug2_f("ignoring token not matching label (%.32s) " -+ "specified by PKCS#11 URI in slot %lu", -+ token->label, (unsigned long)i); -+ continue; -+ } -+ if (uri->manuf != NULL && -+ strncmp(token->manufacturerID, uri->manuf, 32) != 0) { -+ debug2_f("ignoring token not matching requrested " -+ "manufacturerID (%.32s) specified by PKCS#11 URI in " -+ "slot %lu", token->manufacturerID, (unsigned long)i); -+ continue; -+ } -+ if (uri->serial != NULL && -+ strncmp(token->serialNumber, uri->serial, 16) != 0) { -+ debug2_f("ignoring token not matching requrested " -+ "serialNumber (%s) specified by PKCS#11 URI in " -+ "slot %lu", token->serialNumber, (unsigned long)i); -+ continue; -+ } -+ debug("provider %s slot %lu: label <%.32s> manufacturerID <%.32s> " -+ "model <%.16s> serial <%.16s> flags 0x%lx", -+ provider_uri, (unsigned long)i, -+ token->label, token->manufacturerID, token->model, -+ token->serialNumber, token->flags); - /* -- * open session, login with pin and retrieve public -- * keys (if keyp is provided) -+ * open session if not yet opened, login with pin and -+ * retrieve public keys (if keyp is provided) - */ -- if ((ret = pkcs11_open_session(p, i, pin, user)) != 0 || -+ if ((p->module->slotinfo[i].session != 0 || -+ (ret = pkcs11_open_session(p, i, pin, user)) != 0) && /* ??? */ - keyp == NULL) - continue; -- pkcs11_fetch_keys(p, i, keyp, labelsp, &nkeys); -- pkcs11_fetch_certs(p, i, keyp, labelsp, &nkeys); -- if (nkeys == 0 && !p->slotinfo[i].logged_in && -+ pkcs11_fetch_keys(p, i, keyp, labelsp, &nkeys, uri); -+ pkcs11_fetch_certs(p, i, keyp, labelsp, &nkeys, uri); -+ if (nkeys == 0 && !p->module->slotinfo[i].logged_in && - pkcs11_interactive) { - /* - * Some tokens require login before they will - * expose keys. - */ -- if (pkcs11_login_slot(p, &p->slotinfo[i], -+ debug3_f("Trying to login as there were no keys found"); -+ if (pkcs11_login_slot(p, &p->module->slotinfo[i], - CKU_USER) < 0) { - error("login failed"); - continue; - } -- pkcs11_fetch_keys(p, i, keyp, labelsp, &nkeys); -- pkcs11_fetch_certs(p, i, keyp, labelsp, &nkeys); -+ pkcs11_fetch_keys(p, i, keyp, labelsp, &nkeys, uri); -+ pkcs11_fetch_certs(p, i, keyp, labelsp, &nkeys, uri); -+ } -+ if (nkeys == 0 && uri->object != NULL) { -+ debug3_f("No keys found. Retrying without label (%.32s) ", -+ uri->object); -+ /* Try once more without the label filter */ -+ char *label = uri->object; -+ uri->object = NULL; /* XXX clone uri? */ -+ pkcs11_fetch_keys(p, i, keyp, labelsp, &nkeys, uri); -+ pkcs11_fetch_certs(p, i, keyp, labelsp, &nkeys, uri); -+ uri->object = label; - } - } -+ pin = NULL; /* Will be cleaned up with URI */ - - /* now owned by caller */ - *providerp = p; - -- TAILQ_INSERT_TAIL(&pkcs11_providers, p, next); -- p->refcount++; /* add to provider list */ -- -+ free(provider_uri); - return (nkeys); - fail: -- if (need_finalize && (rv = f->C_Finalize(NULL)) != CKR_OK) -- error("C_Finalize for provider %s failed: %lu", -- provider_id, rv); - if (p) { -- free(p->name); -- free(p->slotlist); -- free(p->slotinfo); -- free(p); -+ TAILQ_REMOVE(&pkcs11_providers, p, next); -+ pkcs11_provider_unref(p); - } -- if (handle) -- dlclose(handle); - if (ret > 0) - ret = -1; - return (ret); - } - --/* -- * register a new provider and get number of keys hold by the token, -- * fails if provider already exists -- */ -+static int -+pkcs11_register_provider(char *provider_id, char *pin, struct sshkey ***keyp, -+ char ***labelsp, struct pkcs11_provider **providerp, CK_ULONG user) -+{ -+ struct pkcs11_uri *uri = NULL; -+ int r; -+ -+ debug_f("called, provider_id = %s", provider_id); -+ -+ uri = pkcs11_uri_init(); -+ if (uri == NULL) -+ fatal("failed to init PKCS#11 URI"); -+ -+ if (strlen(provider_id) >= strlen(PKCS11_URI_SCHEME) && -+ strncmp(provider_id, PKCS11_URI_SCHEME, strlen(PKCS11_URI_SCHEME)) == 0) { -+ if (pkcs11_uri_parse(provider_id, uri) != 0) -+ fatal("Failed to parse PKCS#11 URI"); -+ } else { -+ uri->module_path = strdup(provider_id); -+ } -+ -+ r = pkcs11_register_provider_by_uri(uri, pin, keyp, labelsp, providerp, user); -+ pkcs11_uri_cleanup(uri); -+ -+ return r; -+} -+ - int --pkcs11_add_provider(char *provider_id, char *pin, struct sshkey ***keyp, -- char ***labelsp) -+pkcs11_add_provider_by_uri(struct pkcs11_uri *uri, char *pin, -+ struct sshkey ***keyp, char ***labelsp) - { - struct pkcs11_provider *p = NULL; - int nkeys; -+ char *provider_uri = pkcs11_uri_get(uri); -+ -+ debug_f("called, provider_uri = %s", provider_uri); - -- nkeys = pkcs11_register_provider(provider_id, pin, keyp, labelsp, -- &p, CKU_USER); -+ nkeys = pkcs11_register_provider_by_uri(uri, pin, keyp, labelsp, &p, CKU_USER); - - /* no keys found or some other error, de-register provider */ - if (nkeys <= 0 && p != NULL) { -@@ -1685,7 +2019,37 @@ pkcs11_add_provider(char *provider_id, c - pkcs11_provider_unref(p); - } - if (nkeys == 0) -- debug_f("provider %s returned no keys", provider_id); -+ debug_f("provider %s returned no keys", provider_uri); -+ -+ free(provider_uri); -+ return nkeys; -+} -+ -+/* -+ * register a new provider and get number of keys hold by the token, -+ * fails if provider already exists -+ */ -+int -+pkcs11_add_provider(char *provider_id, char *pin, -+ struct sshkey ***keyp, char ***labelsp) -+{ -+ struct pkcs11_uri *uri; -+ int nkeys; -+ -+ uri = pkcs11_uri_init(); -+ if (uri == NULL) -+ fatal("Failed to init PKCS#11 URI"); -+ -+ if (strlen(provider_id) >= strlen(PKCS11_URI_SCHEME) && -+ strncmp(provider_id, PKCS11_URI_SCHEME, strlen(PKCS11_URI_SCHEME)) == 0) { -+ if (pkcs11_uri_parse(provider_id, uri) != 0) -+ fatal("Failed to parse PKCS#11 URI"); -+ } else { -+ uri->module_path = strdup(provider_id); -+ } -+ -+ nkeys = pkcs11_add_provider_by_uri(uri, pin, keyp, labelsp); -+ pkcs11_uri_cleanup(uri); - - return (nkeys); - } -diff -up openssh-9.6p1/ssh-pkcs11.h.pkcs11-uri openssh-9.6p1/ssh-pkcs11.h ---- openssh-9.6p1/ssh-pkcs11.h.pkcs11-uri 2023-12-18 15:59:50.000000000 +0100 -+++ openssh-9.6p1/ssh-pkcs11.h 2024-01-12 14:25:25.235942385 +0100 -@@ -22,10 +22,14 @@ - #define SSH_PKCS11_ERR_PIN_REQUIRED 4 - #define SSH_PKCS11_ERR_PIN_LOCKED 5 - -+#include "ssh-pkcs11-uri.h" -+ - int pkcs11_init(int); - void pkcs11_terminate(void); - int pkcs11_add_provider(char *, char *, struct sshkey ***, char ***); -+int pkcs11_add_provider_by_uri(struct pkcs11_uri *, char *, struct sshkey ***, char ***); - int pkcs11_del_provider(char *); -+int pkcs11_uri_write(const struct sshkey *, FILE *); - #ifdef WITH_PKCS11_KEYGEN - struct sshkey * - pkcs11_gakp(char *, char *, unsigned int, char *, unsigned int, -diff -up openssh-9.6p1/ssh-pkcs11-uri.c.pkcs11-uri openssh-9.6p1/ssh-pkcs11-uri.c ---- openssh-9.6p1/ssh-pkcs11-uri.c.pkcs11-uri 2024-01-12 14:25:25.235942385 +0100 -+++ openssh-9.6p1/ssh-pkcs11-uri.c 2024-01-12 14:25:25.235942385 +0100 +diff --git a/ssh-pkcs11-uri.c b/ssh-pkcs11-uri.c +new file mode 100644 +index 00000000..8bd97e9e +--- /dev/null ++++ b/ssh-pkcs11-uri.c @@ -0,0 +1,437 @@ +/* + * Copyright (c) 2017 Red Hat @@ -3081,9 +1661,11 @@ diff -up openssh-9.6p1/ssh-pkcs11-uri.c.pkcs11-uri openssh-9.6p1/ssh-pkcs11-uri. +} + +#endif /* ENABLE_PKCS11 */ -diff -up openssh-9.6p1/ssh-pkcs11-uri.h.pkcs11-uri openssh-9.6p1/ssh-pkcs11-uri.h ---- openssh-9.6p1/ssh-pkcs11-uri.h.pkcs11-uri 2024-01-12 14:25:25.235942385 +0100 -+++ openssh-9.6p1/ssh-pkcs11-uri.h 2024-01-12 14:25:25.235942385 +0100 +diff --git a/ssh-pkcs11-uri.h b/ssh-pkcs11-uri.h +new file mode 100644 +index 00000000..29e9f732 +--- /dev/null ++++ b/ssh-pkcs11-uri.h @@ -0,0 +1,43 @@ +/* + * Copyright (c) 2017 Red Hat @@ -3128,3 +1710,1473 @@ diff -up openssh-9.6p1/ssh-pkcs11-uri.h.pkcs11-uri openssh-9.6p1/ssh-pkcs11-uri. +struct pkcs11_uri *pkcs11_uri_init(); +char *pkcs11_uri_get(struct pkcs11_uri *uri); + +diff --git a/ssh-pkcs11.c b/ssh-pkcs11.c +index 31b9360f..b96f5b89 100644 +--- a/ssh-pkcs11.c ++++ b/ssh-pkcs11.c +@@ -38,6 +38,7 @@ + #include + #include + #include ++#include + + #define CRYPTOKI_COMPAT + #include "pkcs11.h" +@@ -55,8 +56,8 @@ struct pkcs11_slotinfo { + int logged_in; + }; + +-struct pkcs11_provider { +- char *name; ++struct pkcs11_module { ++ char *module_path; + void *handle; + CK_FUNCTION_LIST *function_list; + CK_INFO info; +@@ -65,6 +66,13 @@ struct pkcs11_provider { + struct pkcs11_slotinfo *slotinfo; + int valid; + int refcount; ++}; ++ ++struct pkcs11_provider { ++ char *name; ++ struct pkcs11_module *module; /* can be shared between various providers */ ++ int refcount; ++ int valid; + TAILQ_ENTRY(pkcs11_provider) next; + }; + +@@ -75,6 +83,7 @@ struct pkcs11_key { + CK_ULONG slotidx; + char *keyid; + int keyid_len; ++ char *label; + }; + + int pkcs11_interactive = 0; +@@ -106,26 +115,61 @@ pkcs11_init(int interactive) + * this is called when a provider gets unregistered. + */ + static void +-pkcs11_provider_finalize(struct pkcs11_provider *p) ++pkcs11_module_finalize(struct pkcs11_module *m) + { + CK_RV rv; + CK_ULONG i; + +- debug_f("provider \"%s\" refcount %d valid %d", +- p->name, p->refcount, p->valid); +- if (!p->valid) ++ debug_f("%p refcount %d valid %d", m, m->refcount, m->valid); ++ if (!m->valid) + return; +- for (i = 0; i < p->nslots; i++) { +- if (p->slotinfo[i].session && +- (rv = p->function_list->C_CloseSession( +- p->slotinfo[i].session)) != CKR_OK) ++ for (i = 0; i < m->nslots; i++) { ++ if (m->slotinfo[i].session && ++ (rv = m->function_list->C_CloseSession( ++ m->slotinfo[i].session)) != CKR_OK) + error("C_CloseSession failed: %lu", rv); + } +- if ((rv = p->function_list->C_Finalize(NULL)) != CKR_OK) ++ if ((rv = m->function_list->C_Finalize(NULL)) != CKR_OK) + error("C_Finalize failed: %lu", rv); ++ m->valid = 0; ++ m->function_list = NULL; ++ dlclose(m->handle); ++} ++ ++/* ++ * remove a reference to the pkcs11 module. ++ * called when a provider is unregistered. ++ */ ++static void ++pkcs11_module_unref(struct pkcs11_module *m) ++{ ++ debug_f("%p refcount %d", m, m->refcount); ++ if (--m->refcount <= 0) { ++ pkcs11_module_finalize(m); ++ if (m->valid) ++ error_f("%p still valid", m); ++ free(m->slotlist); ++ free(m->slotinfo); ++ free(m->module_path); ++ free(m); ++ } ++} ++ ++/* ++ * finalize a provider shared library, it's no longer usable. ++ * however, there might still be keys referencing this provider, ++ * so the actual freeing of memory is handled by pkcs11_provider_unref(). ++ * this is called when a provider gets unregistered. ++ */ ++static void ++pkcs11_provider_finalize(struct pkcs11_provider *p) ++{ ++ debug_f("%p refcount %d valid %d", p, p->refcount, p->valid); ++ if (!p->valid) ++ return; ++ pkcs11_module_unref(p->module); ++ p->module = NULL; + p->valid = 0; +- p->function_list = NULL; +- dlclose(p->handle); + } + + /* +@@ -137,11 +181,9 @@ pkcs11_provider_unref(struct pkcs11_provider *p) + { + debug_f("provider \"%s\" refcount %d", p->name, p->refcount); + if (--p->refcount <= 0) { +- if (p->valid) +- error_f("provider \"%s\" still valid", p->name); + free(p->name); +- free(p->slotlist); +- free(p->slotinfo); ++ if (p->module) ++ pkcs11_module_unref(p->module); + free(p); + } + } +@@ -159,6 +201,20 @@ pkcs11_terminate(void) + } + } + ++/* lookup provider by module path */ ++static struct pkcs11_module * ++pkcs11_provider_lookup_module(char *module_path) ++{ ++ struct pkcs11_provider *p; ++ ++ TAILQ_FOREACH(p, &pkcs11_providers, next) { ++ debug("check %p %s (%s)", p, p->name, p->module->module_path); ++ if (!strcmp(module_path, p->module->module_path)) ++ return (p->module); ++ } ++ return (NULL); ++} ++ + /* lookup provider by name */ + static struct pkcs11_provider * + pkcs11_provider_lookup(char *provider_id) +@@ -173,19 +229,55 @@ pkcs11_provider_lookup(char *provider_id) + return (NULL); + } + ++int pkcs11_del_provider_by_uri(struct pkcs11_uri *); ++ + /* unregister provider by name */ + int + pkcs11_del_provider(char *provider_id) ++{ ++ int rv; ++ struct pkcs11_uri *uri; ++ ++ debug_f("called, provider_id = %s", provider_id); ++ ++ if (provider_id == NULL) ++ return 0; ++ ++ uri = pkcs11_uri_init(); ++ if (uri == NULL) ++ fatal("Failed to init PKCS#11 URI"); ++ ++ if (strlen(provider_id) >= strlen(PKCS11_URI_SCHEME) && ++ strncmp(provider_id, PKCS11_URI_SCHEME, strlen(PKCS11_URI_SCHEME)) == 0) { ++ if (pkcs11_uri_parse(provider_id, uri) != 0) ++ fatal("Failed to parse PKCS#11 URI"); ++ } else { ++ uri->module_path = strdup(provider_id); ++ } ++ ++ rv = pkcs11_del_provider_by_uri(uri); ++ pkcs11_uri_cleanup(uri); ++ return rv; ++} ++ ++/* unregister provider by PKCS#11 URI */ ++int ++pkcs11_del_provider_by_uri(struct pkcs11_uri *uri) + { + struct pkcs11_provider *p; ++ int rv = -1; ++ char *provider_uri = pkcs11_uri_get(uri); + +- if ((p = pkcs11_provider_lookup(provider_id)) != NULL) { ++ debug3_f("called with provider %s", provider_uri); ++ ++ if ((p = pkcs11_provider_lookup(provider_uri)) != NULL) { + TAILQ_REMOVE(&pkcs11_providers, p, next); + pkcs11_provider_finalize(p); + pkcs11_provider_unref(p); +- return (0); ++ rv = 0; + } +- return (-1); ++ free(provider_uri); ++ return rv; + } + + static RSA_METHOD *rsa_method; +@@ -195,6 +287,60 @@ static EC_KEY_METHOD *ec_key_method; + static int ec_key_idx = 0; + #endif /* OPENSSL_HAS_ECC && HAVE_EC_KEY_METHOD_NEW */ + ++/* ++ * This can't be in the ssh-pkcs11-uri, becase we can not depend on ++ * PKCS#11 structures in ssh-agent (using client-helper communication) ++ */ ++int ++pkcs11_uri_write(const struct sshkey *key, FILE *f) ++{ ++ char *p = NULL; ++ struct pkcs11_uri uri; ++ struct pkcs11_key *k11; ++ ++ /* sanity - is it a RSA key with associated app_data? */ ++ switch (key->type) { ++ case KEY_RSA: { ++ const RSA *rsa = EVP_PKEY_get0_RSA(key->pkey); ++ k11 = RSA_get_ex_data(rsa, rsa_idx); ++ break; ++ } ++#ifdef HAVE_EC_KEY_METHOD_NEW ++ case KEY_ECDSA: { ++ const EC_KEY * ecdsa = EVP_PKEY_get0_EC_KEY(key->pkey); ++ k11 = EC_KEY_get_ex_data(ecdsa, ec_key_idx); ++ break; ++ } ++#endif ++ default: ++ error("Unknown key type %d", key->type); ++ return -1; ++ } ++ if (k11 == NULL) { ++ error("Failed to get ex_data for key type %d", key->type); ++ return (-1); ++ } ++ ++ /* omit type -- we are looking for private-public or private-certificate pairs */ ++ uri.id = k11->keyid; ++ uri.id_len = k11->keyid_len; ++ uri.token = k11->provider->module->slotinfo[k11->slotidx].token.label; ++ uri.object = k11->label; ++ uri.module_path = k11->provider->module->module_path; ++ uri.lib_manuf = k11->provider->module->info.manufacturerID; ++ uri.manuf = k11->provider->module->slotinfo[k11->slotidx].token.manufacturerID; ++ uri.serial = k11->provider->module->slotinfo[k11->slotidx].token.serialNumber; ++ ++ p = pkcs11_uri_get(&uri); ++ /* do not cleanup -- we do not allocate here, only reference */ ++ if (p == NULL) ++ return -1; ++ ++ fprintf(f, " %s", p); ++ free(p); ++ return 0; ++} ++ + /* release a wrapped object */ + static void + pkcs11_k11_free(void *parent, void *ptr, CRYPTO_EX_DATA *ad, int idx, +@@ -208,6 +354,7 @@ pkcs11_k11_free(void *parent, void *ptr, CRYPTO_EX_DATA *ad, int idx, + if (k11->provider) + pkcs11_provider_unref(k11->provider); + free(k11->keyid); ++ free(k11->label); + free(k11); + } + +@@ -222,8 +369,8 @@ pkcs11_find(struct pkcs11_provider *p, CK_ULONG slotidx, CK_ATTRIBUTE *attr, + CK_RV rv; + int ret = -1; + +- f = p->function_list; +- session = p->slotinfo[slotidx].session; ++ f = p->module->function_list; ++ session = p->module->slotinfo[slotidx].session; + if ((rv = f->C_FindObjectsInit(session, attr, nattr)) != CKR_OK) { + error("C_FindObjectsInit failed (nattr %lu): %lu", nattr, rv); + return (-1); +@@ -260,14 +407,14 @@ pkcs11_login_slot(struct pkcs11_provider *provider, struct pkcs11_slotinfo *si, + if (si->token.flags & CKF_PROTECTED_AUTHENTICATION_PATH) + verbose("Deferring PIN entry to reader keypad."); + else { +- snprintf(prompt, sizeof(prompt), "Enter PIN for '%s': ", ++ snprintf(prompt, sizeof(prompt), "Enter PIN for '%.32s': ", + si->token.label); +- if ((pin = read_passphrase(prompt, RP_ALLOW_EOF)) == NULL) { ++ if ((pin = read_passphrase(prompt, RP_ALLOW_EOF|RP_ALLOW_STDIN)) == NULL) { + debug_f("no pin specified"); + return (-1); /* bail out */ + } + } +- rv = provider->function_list->C_Login(si->session, type, (u_char *)pin, ++ rv = provider->module->function_list->C_Login(si->session, type, (u_char *)pin, + (pin != NULL) ? strlen(pin) : 0); + if (pin != NULL) + freezero(pin, strlen(pin)); +@@ -297,13 +444,14 @@ pkcs11_login_slot(struct pkcs11_provider *provider, struct pkcs11_slotinfo *si, + static int + pkcs11_login(struct pkcs11_key *k11, CK_USER_TYPE type) + { +- if (k11 == NULL || k11->provider == NULL || !k11->provider->valid) { ++ if (k11 == NULL || k11->provider == NULL || !k11->provider->valid || ++ k11->provider->module == NULL || !k11->provider->module->valid) { + error("no pkcs11 (valid) provider found"); + return (-1); + } + + return pkcs11_login_slot(k11->provider, +- &k11->provider->slotinfo[k11->slotidx], type); ++ &k11->provider->module->slotinfo[k11->slotidx], type); + } + + +@@ -319,13 +467,14 @@ pkcs11_check_obj_bool_attrib(struct pkcs11_key *k11, CK_OBJECT_HANDLE obj, + + *val = 0; + +- if (!k11->provider || !k11->provider->valid) { ++ if (!k11->provider || !k11->provider->valid || ++ !k11->provider->module || !k11->provider->module->valid) { + error("no pkcs11 (valid) provider found"); + return (-1); + } + +- f = k11->provider->function_list; +- si = &k11->provider->slotinfo[k11->slotidx]; ++ f = k11->provider->module->function_list; ++ si = &k11->provider->module->slotinfo[k11->slotidx]; + + attr.type = type; + attr.pValue = &flag; +@@ -356,13 +505,14 @@ pkcs11_get_key(struct pkcs11_key *k11, CK_MECHANISM_TYPE mech_type) + int always_auth = 0; + int did_login = 0; + +- if (!k11->provider || !k11->provider->valid) { ++ if (!k11->provider || !k11->provider->valid || ++ !k11->provider->module || !k11->provider->module->valid) { + error("no pkcs11 (valid) provider found"); + return (-1); + } + +- f = k11->provider->function_list; +- si = &k11->provider->slotinfo[k11->slotidx]; ++ f = k11->provider->module->function_list; ++ si = &k11->provider->module->slotinfo[k11->slotidx]; + + if ((si->token.flags & CKF_LOGIN_REQUIRED) && !si->logged_in) { + if (pkcs11_login(k11, CKU_USER) < 0) { +@@ -439,8 +589,8 @@ pkcs11_rsa_private_encrypt(int flen, const u_char *from, u_char *to, RSA *rsa, + return (-1); + } + +- f = k11->provider->function_list; +- si = &k11->provider->slotinfo[k11->slotidx]; ++ f = k11->provider->module->function_list; ++ si = &k11->provider->module->slotinfo[k11->slotidx]; + tlen = RSA_size(rsa); + + /* XXX handle CKR_BUFFER_TOO_SMALL */ +@@ -484,7 +634,7 @@ pkcs11_rsa_start_wrapper(void) + /* redirect private key operations for rsa key to pkcs11 token */ + static int + pkcs11_rsa_wrap(struct pkcs11_provider *provider, CK_ULONG slotidx, +- CK_ATTRIBUTE *keyid_attrib, RSA *rsa) ++ CK_ATTRIBUTE *keyid_attrib, CK_ATTRIBUTE *label_attrib, RSA *rsa) + { + struct pkcs11_key *k11; + +@@ -502,6 +652,12 @@ pkcs11_rsa_wrap(struct pkcs11_provider *provider, CK_ULONG slotidx, + memcpy(k11->keyid, keyid_attrib->pValue, k11->keyid_len); + } + ++ if (label_attrib->ulValueLen > 0 ) { ++ k11->label = xmalloc(label_attrib->ulValueLen+1); ++ memcpy(k11->label, label_attrib->pValue, label_attrib->ulValueLen); ++ k11->label[label_attrib->ulValueLen] = 0; ++ } ++ + if (RSA_set_method(rsa, rsa_method) != 1) + fatal_f("RSA_set_method failed"); + if (RSA_set_ex_data(rsa, rsa_idx, k11) != 1) +@@ -534,8 +690,8 @@ ecdsa_do_sign(const unsigned char *dgst, int dgst_len, const BIGNUM *inv, + return (NULL); + } + +- f = k11->provider->function_list; +- si = &k11->provider->slotinfo[k11->slotidx]; ++ f = k11->provider->module->function_list; ++ si = &k11->provider->module->slotinfo[k11->slotidx]; + + siglen = ECDSA_size(ec); + sig = xmalloc(siglen); +@@ -600,7 +756,7 @@ pkcs11_ecdsa_start_wrapper(void) + + static int + pkcs11_ecdsa_wrap(struct pkcs11_provider *provider, CK_ULONG slotidx, +- CK_ATTRIBUTE *keyid_attrib, EC_KEY *ec) ++ CK_ATTRIBUTE *keyid_attrib, CK_ATTRIBUTE *label_attrib, EC_KEY *ec) + { + struct pkcs11_key *k11; + +@@ -617,6 +773,12 @@ pkcs11_ecdsa_wrap(struct pkcs11_provider *provider, CK_ULONG slotidx, + k11->keyid = xmalloc(k11->keyid_len); + memcpy(k11->keyid, keyid_attrib->pValue, k11->keyid_len); + } ++ if (label_attrib->ulValueLen > 0 ) { ++ k11->label = xmalloc(label_attrib->ulValueLen+1); ++ memcpy(k11->label, label_attrib->pValue, label_attrib->ulValueLen); ++ k11->label[label_attrib->ulValueLen] = 0; ++ } ++ + if (EC_KEY_set_method(ec, ec_key_method) != 1) + fatal_f("EC_KEY_set_method failed"); + if (EC_KEY_set_ex_data(ec, ec_key_idx, k11) != 1) +@@ -626,7 +788,8 @@ pkcs11_ecdsa_wrap(struct pkcs11_provider *provider, CK_ULONG slotidx, + } + #endif /* OPENSSL_HAS_ECC && HAVE_EC_KEY_METHOD_NEW */ + +-/* remove trailing spaces */ ++/* remove trailing spaces. Note, that this does NOT guarantee the buffer ++ * will be null terminated if there are no trailing spaces! */ + static char * + rmspace(u_char *buf, size_t len) + { +@@ -658,8 +821,8 @@ pkcs11_open_session(struct pkcs11_provider *p, CK_ULONG slotidx, char *pin, + CK_SESSION_HANDLE session; + int login_required, ret; + +- f = p->function_list; +- si = &p->slotinfo[slotidx]; ++ f = p->module->function_list; ++ si = &p->module->slotinfo[slotidx]; + + login_required = si->token.flags & CKF_LOGIN_REQUIRED; + +@@ -669,9 +832,9 @@ pkcs11_open_session(struct pkcs11_provider *p, CK_ULONG slotidx, char *pin, + error("pin required"); + return (-SSH_PKCS11_ERR_PIN_REQUIRED); + } +- if ((rv = f->C_OpenSession(p->slotlist[slotidx], CKF_RW_SESSION| ++ if ((rv = f->C_OpenSession(p->module->slotlist[slotidx], CKF_RW_SESSION| + CKF_SERIAL_SESSION, NULL, NULL, &session)) != CKR_OK) { +- error("C_OpenSession failed: %lu", rv); ++ error("C_OpenSession failed for slot %lu: %lu", slotidx, rv); + return (-1); + } + if (login_required && pin != NULL && strlen(pin) != 0) { +@@ -707,7 +870,8 @@ static struct sshkey * + pkcs11_fetch_ecdsa_pubkey(struct pkcs11_provider *p, CK_ULONG slotidx, + CK_OBJECT_HANDLE *obj) + { +- CK_ATTRIBUTE key_attr[3]; ++ CK_ATTRIBUTE key_attr[4]; ++ int nattr = 4; + CK_SESSION_HANDLE session; + CK_FUNCTION_LIST *f = NULL; + CK_RV rv; +@@ -721,14 +885,15 @@ pkcs11_fetch_ecdsa_pubkey(struct pkcs11_provider *p, CK_ULONG slotidx, + + memset(&key_attr, 0, sizeof(key_attr)); + key_attr[0].type = CKA_ID; +- key_attr[1].type = CKA_EC_POINT; +- key_attr[2].type = CKA_EC_PARAMS; ++ key_attr[1].type = CKA_LABEL; ++ key_attr[2].type = CKA_EC_POINT; ++ key_attr[3].type = CKA_EC_PARAMS; + +- session = p->slotinfo[slotidx].session; +- f = p->function_list; ++ session = p->module->slotinfo[slotidx].session; ++ f = p->module->function_list; + + /* figure out size of the attributes */ +- rv = f->C_GetAttributeValue(session, *obj, key_attr, 3); ++ rv = f->C_GetAttributeValue(session, *obj, key_attr, nattr); + if (rv != CKR_OK) { + error("C_GetAttributeValue failed: %lu", rv); + return (NULL); +@@ -739,19 +904,19 @@ pkcs11_fetch_ecdsa_pubkey(struct pkcs11_provider *p, CK_ULONG slotidx, + * ensure that none of the others are zero length. + * XXX assumes CKA_ID is always first. + */ +- if (key_attr[1].ulValueLen == 0 || +- key_attr[2].ulValueLen == 0) { ++ if (key_attr[2].ulValueLen == 0 || ++ key_attr[3].ulValueLen == 0) { + error("invalid attribute length"); + return (NULL); + } + + /* allocate buffers for attributes */ +- for (i = 0; i < 3; i++) ++ for (i = 0; i < nattr; i++) + if (key_attr[i].ulValueLen > 0) + key_attr[i].pValue = xcalloc(1, key_attr[i].ulValueLen); + + /* retrieve ID, public point and curve parameters of EC key */ +- rv = f->C_GetAttributeValue(session, *obj, key_attr, 3); ++ rv = f->C_GetAttributeValue(session, *obj, key_attr, nattr); + if (rv != CKR_OK) { + error("C_GetAttributeValue failed: %lu", rv); + goto fail; +@@ -763,8 +928,8 @@ pkcs11_fetch_ecdsa_pubkey(struct pkcs11_provider *p, CK_ULONG slotidx, + goto fail; + } + +- attrp = key_attr[2].pValue; +- group = d2i_ECPKParameters(NULL, &attrp, key_attr[2].ulValueLen); ++ attrp = key_attr[3].pValue; ++ group = d2i_ECPKParameters(NULL, &attrp, key_attr[3].ulValueLen); + if (group == NULL) { + ossl_error("d2i_ECPKParameters failed"); + goto fail; +@@ -775,13 +940,13 @@ pkcs11_fetch_ecdsa_pubkey(struct pkcs11_provider *p, CK_ULONG slotidx, + goto fail; + } + +- if (key_attr[1].ulValueLen <= 2) { ++ if (key_attr[2].ulValueLen <= 2) { + error("CKA_EC_POINT too small"); + goto fail; + } + +- attrp = key_attr[1].pValue; +- octet = d2i_ASN1_OCTET_STRING(NULL, &attrp, key_attr[1].ulValueLen); ++ attrp = key_attr[2].pValue; ++ octet = d2i_ASN1_OCTET_STRING(NULL, &attrp, key_attr[2].ulValueLen); + if (octet == NULL) { + ossl_error("d2i_ASN1_OCTET_STRING failed"); + goto fail; +@@ -798,7 +963,7 @@ pkcs11_fetch_ecdsa_pubkey(struct pkcs11_provider *p, CK_ULONG slotidx, + goto fail; + } + +- if (pkcs11_ecdsa_wrap(p, slotidx, &key_attr[0], ec)) ++ if (pkcs11_ecdsa_wrap(p, slotidx, &key_attr[0], &key_attr[1], ec)) + goto fail; + + key = sshkey_new(KEY_UNSPEC); +@@ -817,7 +982,7 @@ pkcs11_fetch_ecdsa_pubkey(struct pkcs11_provider *p, CK_ULONG slotidx, + key->flags |= SSHKEY_FLAG_EXT; + + fail: +- for (i = 0; i < 3; i++) ++ for (i = 0; i < nattr; i++) + free(key_attr[i].pValue); + if (ec) + EC_KEY_free(ec); +@@ -834,7 +999,8 @@ static struct sshkey * + pkcs11_fetch_rsa_pubkey(struct pkcs11_provider *p, CK_ULONG slotidx, + CK_OBJECT_HANDLE *obj) + { +- CK_ATTRIBUTE key_attr[3]; ++ CK_ATTRIBUTE key_attr[4]; ++ int nattr = 4; + CK_SESSION_HANDLE session; + CK_FUNCTION_LIST *f = NULL; + CK_RV rv; +@@ -845,14 +1011,15 @@ pkcs11_fetch_rsa_pubkey(struct pkcs11_provider *p, CK_ULONG slotidx, + + memset(&key_attr, 0, sizeof(key_attr)); + key_attr[0].type = CKA_ID; +- key_attr[1].type = CKA_MODULUS; +- key_attr[2].type = CKA_PUBLIC_EXPONENT; ++ key_attr[1].type = CKA_LABEL; ++ key_attr[2].type = CKA_MODULUS; ++ key_attr[3].type = CKA_PUBLIC_EXPONENT; + +- session = p->slotinfo[slotidx].session; +- f = p->function_list; ++ session = p->module->slotinfo[slotidx].session; ++ f = p->module->function_list; + + /* figure out size of the attributes */ +- rv = f->C_GetAttributeValue(session, *obj, key_attr, 3); ++ rv = f->C_GetAttributeValue(session, *obj, key_attr, nattr); + if (rv != CKR_OK) { + error("C_GetAttributeValue failed: %lu", rv); + return (NULL); +@@ -863,19 +1030,19 @@ pkcs11_fetch_rsa_pubkey(struct pkcs11_provider *p, CK_ULONG slotidx, + * ensure that none of the others are zero length. + * XXX assumes CKA_ID is always first. + */ +- if (key_attr[1].ulValueLen == 0 || +- key_attr[2].ulValueLen == 0) { ++ if (key_attr[2].ulValueLen == 0 || ++ key_attr[3].ulValueLen == 0) { + error("invalid attribute length"); + return (NULL); + } + + /* allocate buffers for attributes */ +- for (i = 0; i < 3; i++) ++ for (i = 0; i < nattr; i++) + if (key_attr[i].ulValueLen > 0) + key_attr[i].pValue = xcalloc(1, key_attr[i].ulValueLen); + + /* retrieve ID, modulus and public exponent of RSA key */ +- rv = f->C_GetAttributeValue(session, *obj, key_attr, 3); ++ rv = f->C_GetAttributeValue(session, *obj, key_attr, nattr); + if (rv != CKR_OK) { + error("C_GetAttributeValue failed: %lu", rv); + goto fail; +@@ -887,8 +1054,8 @@ pkcs11_fetch_rsa_pubkey(struct pkcs11_provider *p, CK_ULONG slotidx, + goto fail; + } + +- rsa_n = BN_bin2bn(key_attr[1].pValue, key_attr[1].ulValueLen, NULL); +- rsa_e = BN_bin2bn(key_attr[2].pValue, key_attr[2].ulValueLen, NULL); ++ rsa_n = BN_bin2bn(key_attr[2].pValue, key_attr[2].ulValueLen, NULL); ++ rsa_e = BN_bin2bn(key_attr[3].pValue, key_attr[3].ulValueLen, NULL); + if (rsa_n == NULL || rsa_e == NULL) { + error("BN_bin2bn failed"); + goto fail; +@@ -897,7 +1064,7 @@ pkcs11_fetch_rsa_pubkey(struct pkcs11_provider *p, CK_ULONG slotidx, + fatal_f("set key"); + rsa_n = rsa_e = NULL; /* transferred */ + +- if (pkcs11_rsa_wrap(p, slotidx, &key_attr[0], rsa)) ++ if (pkcs11_rsa_wrap(p, slotidx, &key_attr[0], &key_attr[1], rsa)) + goto fail; + + key = sshkey_new(KEY_UNSPEC); +@@ -915,7 +1082,7 @@ pkcs11_fetch_rsa_pubkey(struct pkcs11_provider *p, CK_ULONG slotidx, + key->flags |= SSHKEY_FLAG_EXT; + + fail: +- for (i = 0; i < 3; i++) ++ for (i = 0; i < nattr; i++) + free(key_attr[i].pValue); + RSA_free(rsa); + +@@ -926,7 +1093,8 @@ static int + pkcs11_fetch_x509_pubkey(struct pkcs11_provider *p, CK_ULONG slotidx, + CK_OBJECT_HANDLE *obj, struct sshkey **keyp, char **labelp) + { +- CK_ATTRIBUTE cert_attr[3]; ++ CK_ATTRIBUTE cert_attr[4]; ++ int nattr = 4; + CK_SESSION_HANDLE session; + CK_FUNCTION_LIST *f = NULL; + CK_RV rv; +@@ -950,14 +1118,15 @@ pkcs11_fetch_x509_pubkey(struct pkcs11_provider *p, CK_ULONG slotidx, + + memset(&cert_attr, 0, sizeof(cert_attr)); + cert_attr[0].type = CKA_ID; +- cert_attr[1].type = CKA_SUBJECT; +- cert_attr[2].type = CKA_VALUE; ++ cert_attr[1].type = CKA_LABEL; ++ cert_attr[2].type = CKA_SUBJECT; ++ cert_attr[3].type = CKA_VALUE; + +- session = p->slotinfo[slotidx].session; +- f = p->function_list; ++ session = p->module->slotinfo[slotidx].session; ++ f = p->module->function_list; + + /* figure out size of the attributes */ +- rv = f->C_GetAttributeValue(session, *obj, cert_attr, 3); ++ rv = f->C_GetAttributeValue(session, *obj, cert_attr, nattr); + if (rv != CKR_OK) { + error("C_GetAttributeValue failed: %lu", rv); + return -1; +@@ -969,18 +1138,19 @@ pkcs11_fetch_x509_pubkey(struct pkcs11_provider *p, CK_ULONG slotidx, + * XXX assumes CKA_ID is always first. + */ + if (cert_attr[1].ulValueLen == 0 || +- cert_attr[2].ulValueLen == 0) { ++ cert_attr[2].ulValueLen == 0 || ++ cert_attr[3].ulValueLen == 0) { + error("invalid attribute length"); + return -1; + } + + /* allocate buffers for attributes */ +- for (i = 0; i < 3; i++) ++ for (i = 0; i < nattr; i++) + if (cert_attr[i].ulValueLen > 0) + cert_attr[i].pValue = xcalloc(1, cert_attr[i].ulValueLen); + + /* retrieve ID, subject and value of certificate */ +- rv = f->C_GetAttributeValue(session, *obj, cert_attr, 3); ++ rv = f->C_GetAttributeValue(session, *obj, cert_attr, nattr); + if (rv != CKR_OK) { + error("C_GetAttributeValue failed: %lu", rv); + goto out; +@@ -994,8 +1164,8 @@ pkcs11_fetch_x509_pubkey(struct pkcs11_provider *p, CK_ULONG slotidx, + subject = xstrdup("invalid subject"); + X509_NAME_free(x509_name); + +- cp = cert_attr[2].pValue; +- if ((x509 = d2i_X509(NULL, &cp, cert_attr[2].ulValueLen)) == NULL) { ++ cp = cert_attr[3].pValue; ++ if ((x509 = d2i_X509(NULL, &cp, cert_attr[3].ulValueLen)) == NULL) { + error("d2i_x509 failed"); + goto out; + } +@@ -1015,7 +1185,7 @@ pkcs11_fetch_x509_pubkey(struct pkcs11_provider *p, CK_ULONG slotidx, + goto out; + } + +- if (pkcs11_rsa_wrap(p, slotidx, &cert_attr[0], rsa)) ++ if (pkcs11_rsa_wrap(p, slotidx, &cert_attr[0], &cert_attr[1], rsa)) + goto out; + + key = sshkey_new(KEY_UNSPEC); +@@ -1048,7 +1218,7 @@ pkcs11_fetch_x509_pubkey(struct pkcs11_provider *p, CK_ULONG slotidx, + goto out; + } + +- if (pkcs11_ecdsa_wrap(p, slotidx, &cert_attr[0], ec)) ++ if (pkcs11_ecdsa_wrap(p, slotidx, &cert_attr[0], &cert_attr[1], ec)) + goto out; + + key = sshkey_new(KEY_UNSPEC); +@@ -1071,7 +1241,7 @@ pkcs11_fetch_x509_pubkey(struct pkcs11_provider *p, CK_ULONG slotidx, + goto out; + } + out: +- for (i = 0; i < 3; i++) ++ for (i = 0; i < nattr; i++) + free(cert_attr[i].pValue); + X509_free(x509); + RSA_free(rsa); +@@ -1122,11 +1292,12 @@ note_key(struct pkcs11_provider *p, CK_ULONG slotidx, const char *context, + */ + static int + pkcs11_fetch_certs(struct pkcs11_provider *p, CK_ULONG slotidx, +- struct sshkey ***keysp, char ***labelsp, int *nkeys) ++ struct sshkey ***keysp, char ***labelsp, int *nkeys, struct pkcs11_uri *uri) + { + struct sshkey *key = NULL; + CK_OBJECT_CLASS key_class; +- CK_ATTRIBUTE key_attr[1]; ++ CK_ATTRIBUTE key_attr[3]; ++ int nattr = 1; + CK_SESSION_HANDLE session; + CK_FUNCTION_LIST *f = NULL; + CK_RV rv; +@@ -1143,10 +1314,23 @@ pkcs11_fetch_certs(struct pkcs11_provider *p, CK_ULONG slotidx, + key_attr[0].pValue = &key_class; + key_attr[0].ulValueLen = sizeof(key_class); + +- session = p->slotinfo[slotidx].session; +- f = p->function_list; ++ if (uri->id != NULL) { ++ key_attr[nattr].type = CKA_ID; ++ key_attr[nattr].pValue = uri->id; ++ key_attr[nattr].ulValueLen = uri->id_len; ++ nattr++; ++ } ++ if (uri->object != NULL) { ++ key_attr[nattr].type = CKA_LABEL; ++ key_attr[nattr].pValue = uri->object; ++ key_attr[nattr].ulValueLen = strlen(uri->object); ++ nattr++; ++ } ++ ++ session = p->module->slotinfo[slotidx].session; ++ f = p->module->function_list; + +- rv = f->C_FindObjectsInit(session, key_attr, 1); ++ rv = f->C_FindObjectsInit(session, key_attr, nattr); + if (rv != CKR_OK) { + error("C_FindObjectsInit failed: %lu", rv); + goto fail; +@@ -1227,11 +1411,12 @@ fail: + */ + static int + pkcs11_fetch_keys(struct pkcs11_provider *p, CK_ULONG slotidx, +- struct sshkey ***keysp, char ***labelsp, int *nkeys) ++ struct sshkey ***keysp, char ***labelsp, int *nkeys, struct pkcs11_uri *uri) + { + struct sshkey *key = NULL; + CK_OBJECT_CLASS key_class; +- CK_ATTRIBUTE key_attr[2]; ++ CK_ATTRIBUTE key_attr[3]; ++ int nattr = 1; + CK_SESSION_HANDLE session; + CK_FUNCTION_LIST *f = NULL; + CK_RV rv; +@@ -1247,10 +1432,23 @@ pkcs11_fetch_keys(struct pkcs11_provider *p, CK_ULONG slotidx, + key_attr[0].pValue = &key_class; + key_attr[0].ulValueLen = sizeof(key_class); + +- session = p->slotinfo[slotidx].session; +- f = p->function_list; ++ if (uri->id != NULL) { ++ key_attr[nattr].type = CKA_ID; ++ key_attr[nattr].pValue = uri->id; ++ key_attr[nattr].ulValueLen = uri->id_len; ++ nattr++; ++ } ++ if (uri->object != NULL) { ++ key_attr[nattr].type = CKA_LABEL; ++ key_attr[nattr].pValue = uri->object; ++ key_attr[nattr].ulValueLen = strlen(uri->object); ++ nattr++; ++ } ++ ++ session = p->module->slotinfo[slotidx].session; ++ f = p->module->function_list; + +- rv = f->C_FindObjectsInit(session, key_attr, 1); ++ rv = f->C_FindObjectsInit(session, key_attr, nattr); + if (rv != CKR_OK) { + error("C_FindObjectsInit failed: %lu", rv); + goto fail; +@@ -1532,16 +1730,10 @@ pkcs11_ecdsa_generate_private_key(struct pkcs11_provider *p, CK_ULONG slotidx, + } + #endif /* WITH_PKCS11_KEYGEN */ + +-/* +- * register a new provider, fails if provider already exists. if +- * keyp is provided, fetch keys. +- */ + static int +-pkcs11_register_provider(char *provider_id, char *pin, +- struct sshkey ***keyp, char ***labelsp, +- struct pkcs11_provider **providerp, CK_ULONG user) ++pkcs11_initialize_provider(struct pkcs11_uri *uri, struct pkcs11_provider **providerp) + { +- int nkeys, need_finalize = 0; ++ int need_finalize = 0; + int ret = -1; + struct pkcs11_provider *p = NULL; + void *handle = NULL; +@@ -1550,162 +1742,309 @@ pkcs11_register_provider(char *provider_id, char *pin, + CK_FUNCTION_LIST *f = NULL; + CK_TOKEN_INFO *token; + CK_ULONG i; ++ char *provider_module = NULL; ++ struct pkcs11_module *m = NULL; ++ ++ /* if no provider specified, fallback to p11-kit */ ++ if (uri->module_path == NULL) { ++#ifdef PKCS11_DEFAULT_PROVIDER ++ provider_module = strdup(PKCS11_DEFAULT_PROVIDER); ++#else ++ error_f("No module path provided"); ++ goto fail; ++#endif ++ } else { ++ provider_module = strdup(uri->module_path); ++ } ++ p = xcalloc(1, sizeof(*p)); ++ p->name = pkcs11_uri_get(uri); + +- if (providerp == NULL) +- goto fail; +- *providerp = NULL; +- +- if (keyp != NULL) +- *keyp = NULL; +- if (labelsp != NULL) +- *labelsp = NULL; +- +- if (pkcs11_provider_lookup(provider_id) != NULL) { +- debug_f("provider already registered: %s", provider_id); ++ if (lib_contains_symbol(provider_module, "C_GetFunctionList") != 0) { ++ error("provider %s is not a PKCS11 library", provider_module); + goto fail; + } +- if (lib_contains_symbol(provider_id, "C_GetFunctionList") != 0) { +- error("provider %s is not a PKCS11 library", provider_id); +- goto fail; ++ if ((m = pkcs11_provider_lookup_module(provider_module)) != NULL ++ && m->valid) { ++ debug_f("provider module already initialized: %s", provider_module); ++ free(provider_module); ++ /* Skip the initialization of PKCS#11 module */ ++ m->refcount++; ++ p->module = m; ++ p->valid = 1; ++ TAILQ_INSERT_TAIL(&pkcs11_providers, p, next); ++ p->refcount++; /* add to provider list */ ++ *providerp = p; ++ return 0; ++ } else { ++ m = xcalloc(1, sizeof(*m)); ++ p->module = m; ++ m->refcount++; + } ++ + /* open shared pkcs11-library */ +- if ((handle = dlopen(provider_id, RTLD_NOW)) == NULL) { +- error("dlopen %s failed: %s", provider_id, dlerror()); ++ if ((handle = dlopen(provider_module, RTLD_NOW)) == NULL) { ++ error("dlopen %s failed: %s", provider_module, dlerror()); + goto fail; + } + if ((getfunctionlist = dlsym(handle, "C_GetFunctionList")) == NULL) + fatal("dlsym(C_GetFunctionList) failed: %s", dlerror()); +- p = xcalloc(1, sizeof(*p)); +- p->name = xstrdup(provider_id); +- p->handle = handle; ++ p->module->handle = handle; + /* setup the pkcs11 callbacks */ + if ((rv = (*getfunctionlist)(&f)) != CKR_OK) { + error("C_GetFunctionList for provider %s failed: %lu", +- provider_id, rv); ++ provider_module, rv); + goto fail; + } +- p->function_list = f; ++ m->function_list = f; + if ((rv = f->C_Initialize(NULL)) != CKR_OK) { + error("C_Initialize for provider %s failed: %lu", +- provider_id, rv); ++ provider_module, rv); + goto fail; + } + need_finalize = 1; +- if ((rv = f->C_GetInfo(&p->info)) != CKR_OK) { ++ if ((rv = f->C_GetInfo(&m->info)) != CKR_OK) { + error("C_GetInfo for provider %s failed: %lu", +- provider_id, rv); ++ provider_module, rv); ++ goto fail; ++ } ++ rmspace(m->info.manufacturerID, sizeof(m->info.manufacturerID)); ++ if (uri->lib_manuf != NULL && ++ strncmp(uri->lib_manuf, m->info.manufacturerID, 32)) { ++ debug_f("Skipping provider %s not matching library_manufacturer", ++ m->info.manufacturerID); + goto fail; + } +- debug("provider %s: manufacturerID <%.*s> cryptokiVersion %d.%d" +- " libraryDescription <%.*s> libraryVersion %d.%d", +- provider_id, +- RMSPACE(p->info.manufacturerID), +- p->info.cryptokiVersion.major, +- p->info.cryptokiVersion.minor, +- RMSPACE(p->info.libraryDescription), +- p->info.libraryVersion.major, +- p->info.libraryVersion.minor); +- if ((rv = f->C_GetSlotList(CK_TRUE, NULL, &p->nslots)) != CKR_OK) { ++ rmspace(m->info.libraryDescription, sizeof(m->info.libraryDescription)); ++ debug("provider %s: manufacturerID <%.32s> cryptokiVersion %d.%d" ++ " libraryDescription <%.32s> libraryVersion %d.%d", ++ provider_module, ++ m->info.manufacturerID, ++ m->info.cryptokiVersion.major, ++ m->info.cryptokiVersion.minor, ++ m->info.libraryDescription, ++ m->info.libraryVersion.major, ++ m->info.libraryVersion.minor); ++ ++ if ((rv = f->C_GetSlotList(CK_TRUE, NULL, &m->nslots)) != CKR_OK) { + error("C_GetSlotList failed: %lu", rv); + goto fail; + } +- if (p->nslots == 0) { +- debug_f("provider %s returned no slots", provider_id); ++ if (m->nslots == 0) { ++ debug_f("provider %s returned no slots", provider_module); + ret = -SSH_PKCS11_ERR_NO_SLOTS; + goto fail; + } +- p->slotlist = xcalloc(p->nslots, sizeof(CK_SLOT_ID)); +- if ((rv = f->C_GetSlotList(CK_TRUE, p->slotlist, &p->nslots)) ++ m->slotlist = xcalloc(m->nslots, sizeof(CK_SLOT_ID)); ++ if ((rv = f->C_GetSlotList(CK_TRUE, m->slotlist, &m->nslots)) + != CKR_OK) { + error("C_GetSlotList for provider %s failed: %lu", +- provider_id, rv); ++ provider_module, rv); + goto fail; + } +- p->slotinfo = xcalloc(p->nslots, sizeof(struct pkcs11_slotinfo)); ++ m->slotinfo = xcalloc(m->nslots, sizeof(struct pkcs11_slotinfo)); + p->valid = 1; +- nkeys = 0; +- for (i = 0; i < p->nslots; i++) { +- token = &p->slotinfo[i].token; +- if ((rv = f->C_GetTokenInfo(p->slotlist[i], token)) ++ m->valid = 1; ++ for (i = 0; i < m->nslots; i++) { ++ token = &m->slotinfo[i].token; ++ if ((rv = f->C_GetTokenInfo(m->slotlist[i], token)) + != CKR_OK) { + error("C_GetTokenInfo for provider %s slot %lu " +- "failed: %lu", provider_id, (u_long)i, rv); +- continue; +- } +- if ((token->flags & CKF_TOKEN_INITIALIZED) == 0) { +- debug2_f("ignoring uninitialised token in " +- "provider %s slot %lu", provider_id, (u_long)i); ++ "failed: %lu", provider_module, (u_long)i, rv); ++ token->flags = 0; + continue; + } + debug("provider %s slot %lu: label <%.*s> " + "manufacturerID <%.*s> model <%.*s> serial <%.*s> " + "flags 0x%lx", +- provider_id, (unsigned long)i, ++ provider_module, (unsigned long)i, + RMSPACE(token->label), RMSPACE(token->manufacturerID), + RMSPACE(token->model), RMSPACE(token->serialNumber), + token->flags); ++ } ++ m->module_path = provider_module; ++ provider_module = NULL; ++ ++ /* now owned by caller */ ++ *providerp = p; ++ ++ TAILQ_INSERT_TAIL(&pkcs11_providers, p, next); ++ p->refcount++; /* add to provider list */ ++ ++ return 0; ++fail: ++ if (need_finalize && (rv = f->C_Finalize(NULL)) != CKR_OK) ++ error("C_Finalize for provider %s failed: %lu", ++ provider_module, rv); ++ free(provider_module); ++ if (m) { ++ free(m->slotlist); ++ free(m); ++ } ++ if (p) { ++ free(p->name); ++ free(p); ++ } ++ if (handle) ++ dlclose(handle); ++ return (ret); ++} ++ ++/* ++ * register a new provider, fails if provider already exists. if ++ * keyp is provided, fetch keys. ++ */ ++static int ++pkcs11_register_provider_by_uri(struct pkcs11_uri *uri, char *pin, ++ struct sshkey ***keyp, char ***labelsp, struct pkcs11_provider **providerp, ++ CK_ULONG user) ++{ ++ int nkeys; ++ int ret = -1; ++ struct pkcs11_provider *p = NULL; ++ CK_ULONG i; ++ CK_TOKEN_INFO *token; ++ char *provider_uri = NULL; ++ ++ if (providerp == NULL) ++ goto fail; ++ *providerp = NULL; ++ ++ if (keyp != NULL) ++ *keyp = NULL; ++ ++ if ((ret = pkcs11_initialize_provider(uri, &p)) != 0) { ++ goto fail; ++ } ++ ++ provider_uri = pkcs11_uri_get(uri); ++ if (pin == NULL && uri->pin != NULL) { ++ pin = uri->pin; ++ } ++ nkeys = 0; ++ for (i = 0; i < p->module->nslots; i++) { ++ token = &p->module->slotinfo[i].token; ++ if ((token->flags & CKF_TOKEN_INITIALIZED) == 0) { ++ debug2_f("ignoring uninitialised token in " ++ "provider %s slot %lu", provider_uri, (u_long)i); ++ continue; ++ } ++ if (uri->token != NULL && ++ strncmp(token->label, uri->token, 32) != 0) { ++ debug2_f("ignoring token not matching label (%.32s) " ++ "specified by PKCS#11 URI in slot %lu", ++ token->label, (unsigned long)i); ++ continue; ++ } ++ if (uri->manuf != NULL && ++ strncmp(token->manufacturerID, uri->manuf, 32) != 0) { ++ debug2_f("ignoring token not matching requrested " ++ "manufacturerID (%.32s) specified by PKCS#11 URI in " ++ "slot %lu", token->manufacturerID, (unsigned long)i); ++ continue; ++ } ++ if (uri->serial != NULL && ++ strncmp(token->serialNumber, uri->serial, 16) != 0) { ++ debug2_f("ignoring token not matching requrested " ++ "serialNumber (%s) specified by PKCS#11 URI in " ++ "slot %lu", token->serialNumber, (unsigned long)i); ++ continue; ++ } ++ debug("provider %s slot %lu: label <%.32s> manufacturerID <%.32s> " ++ "model <%.16s> serial <%.16s> flags 0x%lx", ++ provider_uri, (unsigned long)i, ++ token->label, token->manufacturerID, token->model, ++ token->serialNumber, token->flags); + /* +- * open session, login with pin and retrieve public +- * keys (if keyp is provided) ++ * open session if not yet opened, login with pin and ++ * retrieve public keys (if keyp is provided) + */ +- if ((ret = pkcs11_open_session(p, i, pin, user)) != 0 || ++ if ((p->module->slotinfo[i].session != 0 || ++ (ret = pkcs11_open_session(p, i, pin, user)) != 0) && /* ??? */ + keyp == NULL) + continue; +- pkcs11_fetch_keys(p, i, keyp, labelsp, &nkeys); +- pkcs11_fetch_certs(p, i, keyp, labelsp, &nkeys); +- if (nkeys == 0 && !p->slotinfo[i].logged_in && ++ pkcs11_fetch_keys(p, i, keyp, labelsp, &nkeys, uri); ++ pkcs11_fetch_certs(p, i, keyp, labelsp, &nkeys, uri); ++ if (nkeys == 0 && !p->module->slotinfo[i].logged_in && + pkcs11_interactive) { + /* + * Some tokens require login before they will + * expose keys. + */ +- if (pkcs11_login_slot(p, &p->slotinfo[i], ++ debug3_f("Trying to login as there were no keys found"); ++ if (pkcs11_login_slot(p, &p->module->slotinfo[i], + CKU_USER) < 0) { + error("login failed"); + continue; + } +- pkcs11_fetch_keys(p, i, keyp, labelsp, &nkeys); +- pkcs11_fetch_certs(p, i, keyp, labelsp, &nkeys); ++ pkcs11_fetch_keys(p, i, keyp, labelsp, &nkeys, uri); ++ pkcs11_fetch_certs(p, i, keyp, labelsp, &nkeys, uri); ++ } ++ if (nkeys == 0 && uri->object != NULL) { ++ debug3_f("No keys found. Retrying without label (%.32s) ", ++ uri->object); ++ /* Try once more without the label filter */ ++ char *label = uri->object; ++ uri->object = NULL; /* XXX clone uri? */ ++ pkcs11_fetch_keys(p, i, keyp, labelsp, &nkeys, uri); ++ pkcs11_fetch_certs(p, i, keyp, labelsp, &nkeys, uri); ++ uri->object = label; + } + } ++ pin = NULL; /* Will be cleaned up with URI */ + + /* now owned by caller */ + *providerp = p; + +- TAILQ_INSERT_TAIL(&pkcs11_providers, p, next); +- p->refcount++; /* add to provider list */ +- ++ free(provider_uri); + return (nkeys); + fail: +- if (need_finalize && (rv = f->C_Finalize(NULL)) != CKR_OK) +- error("C_Finalize for provider %s failed: %lu", +- provider_id, rv); + if (p) { +- free(p->name); +- free(p->slotlist); +- free(p->slotinfo); +- free(p); ++ TAILQ_REMOVE(&pkcs11_providers, p, next); ++ pkcs11_provider_unref(p); + } +- if (handle) +- dlclose(handle); + if (ret > 0) + ret = -1; + return (ret); + } + +-/* +- * register a new provider and get number of keys hold by the token, +- * fails if provider already exists +- */ ++static int ++pkcs11_register_provider(char *provider_id, char *pin, struct sshkey ***keyp, ++ char ***labelsp, struct pkcs11_provider **providerp, CK_ULONG user) ++{ ++ struct pkcs11_uri *uri = NULL; ++ int r; ++ ++ debug_f("called, provider_id = %s", provider_id); ++ ++ uri = pkcs11_uri_init(); ++ if (uri == NULL) ++ fatal("failed to init PKCS#11 URI"); ++ ++ if (strlen(provider_id) >= strlen(PKCS11_URI_SCHEME) && ++ strncmp(provider_id, PKCS11_URI_SCHEME, strlen(PKCS11_URI_SCHEME)) == 0) { ++ if (pkcs11_uri_parse(provider_id, uri) != 0) ++ fatal("Failed to parse PKCS#11 URI"); ++ } else { ++ uri->module_path = strdup(provider_id); ++ } ++ ++ r = pkcs11_register_provider_by_uri(uri, pin, keyp, labelsp, providerp, user); ++ pkcs11_uri_cleanup(uri); ++ ++ return r; ++} ++ + int +-pkcs11_add_provider(char *provider_id, char *pin, struct sshkey ***keyp, +- char ***labelsp) ++pkcs11_add_provider_by_uri(struct pkcs11_uri *uri, char *pin, ++ struct sshkey ***keyp, char ***labelsp) + { + struct pkcs11_provider *p = NULL; + int nkeys; ++ char *provider_uri = pkcs11_uri_get(uri); ++ ++ debug_f("called, provider_uri = %s", provider_uri); + +- nkeys = pkcs11_register_provider(provider_id, pin, keyp, labelsp, +- &p, CKU_USER); ++ nkeys = pkcs11_register_provider_by_uri(uri, pin, keyp, labelsp, &p, CKU_USER); + + /* no keys found or some other error, de-register provider */ + if (nkeys <= 0 && p != NULL) { +@@ -1714,7 +2053,37 @@ pkcs11_add_provider(char *provider_id, char *pin, struct sshkey ***keyp, + pkcs11_provider_unref(p); + } + if (nkeys == 0) +- debug_f("provider %s returned no keys", provider_id); ++ debug_f("provider %s returned no keys", provider_uri); ++ ++ free(provider_uri); ++ return nkeys; ++} ++ ++/* ++ * register a new provider and get number of keys hold by the token, ++ * fails if provider already exists ++ */ ++int ++pkcs11_add_provider(char *provider_id, char *pin, ++ struct sshkey ***keyp, char ***labelsp) ++{ ++ struct pkcs11_uri *uri; ++ int nkeys; ++ ++ uri = pkcs11_uri_init(); ++ if (uri == NULL) ++ fatal("Failed to init PKCS#11 URI"); ++ ++ if (strlen(provider_id) >= strlen(PKCS11_URI_SCHEME) && ++ strncmp(provider_id, PKCS11_URI_SCHEME, strlen(PKCS11_URI_SCHEME)) == 0) { ++ if (pkcs11_uri_parse(provider_id, uri) != 0) ++ fatal("Failed to parse PKCS#11 URI"); ++ } else { ++ uri->module_path = strdup(provider_id); ++ } ++ ++ nkeys = pkcs11_add_provider_by_uri(uri, pin, keyp, labelsp); ++ pkcs11_uri_cleanup(uri); + + return (nkeys); + } +diff --git a/ssh-pkcs11.h b/ssh-pkcs11.h +index 52602231..9ce20c1f 100644 +--- a/ssh-pkcs11.h ++++ b/ssh-pkcs11.h +@@ -22,10 +22,14 @@ + #define SSH_PKCS11_ERR_PIN_REQUIRED 4 + #define SSH_PKCS11_ERR_PIN_LOCKED 5 + ++#include "ssh-pkcs11-uri.h" ++ + int pkcs11_init(int); + void pkcs11_terminate(void); + int pkcs11_add_provider(char *, char *, struct sshkey ***, char ***); ++int pkcs11_add_provider_by_uri(struct pkcs11_uri *, char *, struct sshkey ***, char ***); + int pkcs11_del_provider(char *); ++int pkcs11_uri_write(const struct sshkey *, FILE *); + #ifdef WITH_PKCS11_KEYGEN + struct sshkey * + pkcs11_gakp(char *, char *, unsigned int, char *, unsigned int, +diff --git a/ssh.c b/ssh.c +index c23d3b9e..98b103c9 100644 +--- a/ssh.c ++++ b/ssh.c +@@ -890,6 +890,14 @@ main(int ac, char **av) + options.gss_deleg_creds = 1; + break; + case 'i': ++#ifdef ENABLE_PKCS11 ++ if (strlen(optarg) >= strlen(PKCS11_URI_SCHEME) && ++ strncmp(optarg, PKCS11_URI_SCHEME, ++ strlen(PKCS11_URI_SCHEME)) == 0) { ++ add_identity_file(&options, NULL, optarg, 1); ++ break; ++ } ++#endif + p = tilde_expand_filename(optarg, getuid()); + if (stat(p, &st) == -1) + fprintf(stderr, "Warning: Identity file %s " +@@ -1847,6 +1855,7 @@ main(int ac, char **av) + #ifdef ENABLE_PKCS11 + (void)pkcs11_del_provider(options.pkcs11_provider); + #endif ++ pkcs11_terminate(); + + skip_connect: + exit_status = ssh_session2(ssh, cinfo); +@@ -2370,6 +2379,45 @@ ssh_session2(struct ssh *ssh, const struct ssh_conn_info *cinfo) + options.escape_char : SSH_ESCAPECHAR_NONE, id); + } + ++#ifdef ENABLE_PKCS11 ++static void ++load_pkcs11_identity(char *pkcs11_uri, char *identity_files[], ++ struct sshkey *identity_keys[], int *n_ids) ++{ ++ int nkeys, i; ++ struct sshkey **keys; ++ struct pkcs11_uri *uri; ++ ++ debug("identity file '%s' from pkcs#11", pkcs11_uri); ++ uri = pkcs11_uri_init(); ++ if (uri == NULL) ++ fatal("Failed to init PKCS#11 URI"); ++ ++ if (pkcs11_uri_parse(pkcs11_uri, uri) != 0) ++ fatal("Failed to parse PKCS#11 URI %s", pkcs11_uri); ++ ++ /* we need to merge URI and provider together */ ++ if (options.pkcs11_provider != NULL && uri->module_path == NULL) ++ uri->module_path = strdup(options.pkcs11_provider); ++ ++ if (options.num_identity_files < SSH_MAX_IDENTITY_FILES && ++ (nkeys = pkcs11_add_provider_by_uri(uri, NULL, &keys, NULL)) > 0) { ++ for (i = 0; i < nkeys; i++) { ++ if (*n_ids >= SSH_MAX_IDENTITY_FILES) { ++ sshkey_free(keys[i]); ++ continue; ++ } ++ identity_keys[*n_ids] = keys[i]; ++ identity_files[*n_ids] = pkcs11_uri_get(uri); ++ (*n_ids)++; ++ } ++ free(keys); ++ } ++ ++ pkcs11_uri_cleanup(uri); ++} ++#endif /* ENABLE_PKCS11 */ ++ + /* Loads all IdentityFile and CertificateFile keys */ + static void + load_public_identity_files(const struct ssh_conn_info *cinfo) +@@ -2384,11 +2432,6 @@ load_public_identity_files(const struct ssh_conn_info *cinfo) + char *certificate_files[SSH_MAX_CERTIFICATE_FILES]; + struct sshkey *certificates[SSH_MAX_CERTIFICATE_FILES]; + int certificate_file_userprovided[SSH_MAX_CERTIFICATE_FILES]; +-#ifdef ENABLE_PKCS11 +- struct sshkey **keys = NULL; +- char **comments = NULL; +- int nkeys; +-#endif /* PKCS11 */ + + n_ids = n_certs = 0; + memset(identity_files, 0, sizeof(identity_files)); +@@ -2401,33 +2444,46 @@ load_public_identity_files(const struct ssh_conn_info *cinfo) + sizeof(certificate_file_userprovided)); + + #ifdef ENABLE_PKCS11 +- if (options.pkcs11_provider != NULL && +- options.num_identity_files < SSH_MAX_IDENTITY_FILES && +- (pkcs11_init(!options.batch_mode) == 0) && +- (nkeys = pkcs11_add_provider(options.pkcs11_provider, NULL, +- &keys, &comments)) > 0) { +- for (i = 0; i < nkeys; i++) { +- if (n_ids >= SSH_MAX_IDENTITY_FILES) { +- sshkey_free(keys[i]); +- free(comments[i]); +- continue; +- } +- identity_keys[n_ids] = keys[i]; +- identity_files[n_ids] = comments[i]; /* transferred */ +- n_ids++; +- } +- free(keys); +- free(comments); ++ /* handle fallback from PKCS11Provider option */ ++ pkcs11_init(!options.batch_mode); ++ ++ if (options.pkcs11_provider != NULL) { ++ struct pkcs11_uri *uri; ++ ++ uri = pkcs11_uri_init(); ++ if (uri == NULL) ++ fatal("Failed to init PKCS#11 URI"); ++ ++ /* Construct simple PKCS#11 URI to simplify access */ ++ uri->module_path = strdup(options.pkcs11_provider); ++ ++ /* Add it as any other IdentityFile */ ++ cp = pkcs11_uri_get(uri); ++ add_identity_file(&options, NULL, cp, 1); ++ free(cp); ++ ++ pkcs11_uri_cleanup(uri); + } + #endif /* ENABLE_PKCS11 */ + for (i = 0; i < options.num_identity_files; i++) { ++ char *name = options.identity_files[i]; + if (n_ids >= SSH_MAX_IDENTITY_FILES || +- strcasecmp(options.identity_files[i], "none") == 0) { ++ strcasecmp(name, "none") == 0) { + free(options.identity_files[i]); + options.identity_files[i] = NULL; + continue; + } +- cp = tilde_expand_filename(options.identity_files[i], getuid()); ++#ifdef ENABLE_PKCS11 ++ if (strlen(name) >= strlen(PKCS11_URI_SCHEME) && ++ strncmp(name, PKCS11_URI_SCHEME, ++ strlen(PKCS11_URI_SCHEME)) == 0) { ++ load_pkcs11_identity(name, identity_files, ++ identity_keys, &n_ids); ++ free(options.identity_files[i]); ++ continue; ++ } ++#endif /* ENABLE_PKCS11 */ ++ cp = tilde_expand_filename(name, getuid()); + filename = default_client_percent_dollar_expand(cp, cinfo); + free(cp); + check_load(sshkey_load_public(filename, &public, NULL), +diff --git a/ssh_config.5 b/ssh_config.5 +index 3a8e246c..8d5d0722 100644 +--- a/ssh_config.5 ++++ b/ssh_config.5 +@@ -1263,6 +1263,21 @@ may also be used in conjunction with + .Cm CertificateFile + in order to provide any certificate also needed for authentication with + the identity. ++.Pp ++The authentication identity can be also specified in a form of PKCS#11 URI ++starting with a string ++.Cm pkcs11: . ++There is supported a subset of the PKCS#11 URI as defined ++in RFC 7512 (implemented path arguments ++.Cm id , ++.Cm manufacturer , ++.Cm object , ++.Cm token ++and query arguments ++.Cm module-path ++and ++.Cm pin-value ++). The URI can not be in quotes. + .It Cm IgnoreUnknown + Specifies a pattern-list of unknown options to be ignored if they are + encountered in configuration parsing. +-- +2.49.0 + diff --git a/openssh-7.8p1-scp-ipv6.patch b/0029-openssh-7.8p1-scp-ipv6.patch similarity index 51% rename from openssh-7.8p1-scp-ipv6.patch rename to 0029-openssh-7.8p1-scp-ipv6.patch index 8ae0948..dbd69aa 100644 --- a/openssh-7.8p1-scp-ipv6.patch +++ b/0029-openssh-7.8p1-scp-ipv6.patch @@ -1,8 +1,17 @@ +From 507e6f245557ae7261806f7ecbd40697cb0dd389 Mon Sep 17 00:00:00 2001 +From: Dmitry Belyavskiy +Date: Thu, 15 May 2025 13:43:28 +0200 +Subject: [PATCH 29/50] openssh-7.8p1-scp-ipv6 + +--- + scp.c | 4 +++- + 1 file changed, 3 insertions(+), 1 deletion(-) + diff --git a/scp.c b/scp.c -index 60682c68..9344806e 100644 +index 9554b188..7f9795a5 100644 --- a/scp.c +++ b/scp.c -@@ -714,7 +714,9 @@ toremote(int argc, char **argv) +@@ -1183,7 +1183,9 @@ toremote(int argc, char **argv, enum scp_mode_e mode, char *sftp_direct) addargs(&alist, "%s", host); addargs(&alist, "%s", cmd); addargs(&alist, "%s", src); @@ -13,4 +22,6 @@ index 60682c68..9344806e 100644 tuser ? tuser : "", tuser ? "@" : "", thost, targ); if (do_local_cmd(&alist) != 0) +-- +2.49.0 diff --git a/openssh-8.0p1-crypto-policies.patch b/0030-openssh-8.0p1-crypto-policies.patch similarity index 90% rename from openssh-8.0p1-crypto-policies.patch rename to 0030-openssh-8.0p1-crypto-policies.patch index a666c5c..498e3f5 100644 --- a/openssh-8.0p1-crypto-policies.patch +++ b/0030-openssh-8.0p1-crypto-policies.patch @@ -1,7 +1,18 @@ -diff --color -ru -x regress -x autom4te.cache -x '*.o' -x '*.lo' -x Makefile -x config.status -x configure~ -x configure.ac openssh-9.3p1/ssh_config.5 openssh-9.3p1-patched/ssh_config.5 ---- openssh-9.3p1/ssh_config.5 2023-06-07 10:26:48.284590156 +0200 -+++ openssh-9.3p1-patched/ssh_config.5 2023-06-07 10:26:00.623052194 +0200 -@@ -378,17 +378,13 @@ +From b436140fe3abd9f97f01f9af9f5da5cf6c5d7725 Mon Sep 17 00:00:00 2001 +From: Dmitry Belyavskiy +Date: Thu, 15 May 2025 13:43:28 +0200 +Subject: [PATCH 30/50] openssh-8.0p1-crypto-policies + +--- + ssh_config.5 | 164 ++++++++++++++++++++------------------------- + sshd_config.5 | 179 +++++++++++++++++++------------------------------- + 2 files changed, 140 insertions(+), 203 deletions(-) + +diff --git a/ssh_config.5 b/ssh_config.5 +index 8d5d0722..a43b2a27 100644 +--- a/ssh_config.5 ++++ b/ssh_config.5 +@@ -438,17 +438,13 @@ A single argument of causes no CNAMEs to be considered for canonicalization. This is the default behaviour. .It Cm CASignatureAlgorithms @@ -24,7 +35,7 @@ diff --color -ru -x regress -x autom4te.cache -x '*.o' -x '*.lo' -x Makefile -x If the specified list begins with a .Sq + character, then the specified algorithms will be appended to the default set -@@ -450,20 +446,25 @@ +@@ -587,20 +583,25 @@ If the option is set to (the default), the check will not be executed. .It Cm Ciphers @@ -54,21 +65,21 @@ diff --color -ru -x regress -x autom4te.cache -x '*.o' -x '*.lo' -x Makefile -x .Pp The supported ciphers are: .Bd -literal -offset indent -@@ -479,13 +480,6 @@ +@@ -616,13 +617,6 @@ aes256-gcm@openssh.com chacha20-poly1305@openssh.com .Ed .Pp -The default is: -.Bd -literal -offset indent -chacha20-poly1305@openssh.com, --aes128-ctr,aes192-ctr,aes256-ctr, --aes128-gcm@openssh.com,aes256-gcm@openssh.com +-aes128-gcm@openssh.com,aes256-gcm@openssh.com, +-aes128-ctr,aes192-ctr,aes256-ctr -.Ed -.Pp The list of available ciphers may also be obtained using .Qq ssh -Q cipher . .It Cm ClearAllForwardings -@@ -885,6 +879,11 @@ +@@ -1022,6 +1016,11 @@ command line will be passed untouched to the GSSAPI library. The default is .Dq no . .It Cm GSSAPIKexAlgorithms @@ -80,7 +91,7 @@ diff --color -ru -x regress -x autom4te.cache -x '*.o' -x '*.lo' -x Makefile -x The list of key exchange algorithms that are offered for GSSAPI key exchange. Possible values are .Bd -literal -offset 3n -@@ -897,10 +896,8 @@ +@@ -1034,10 +1033,8 @@ gss-nistp256-sha256-, gss-curve25519-sha256- .Ed .Pp @@ -92,7 +103,7 @@ diff --color -ru -x regress -x autom4te.cache -x '*.o' -x '*.lo' -x Makefile -x .It Cm HashKnownHosts Indicates that .Xr ssh 1 -@@ -919,36 +916,25 @@ +@@ -1056,36 +1053,25 @@ will not be converted automatically, but may be manually hashed using .Xr ssh-keygen 1 . .It Cm HostbasedAcceptedAlgorithms @@ -137,7 +148,7 @@ diff --color -ru -x regress -x autom4te.cache -x '*.o' -x '*.lo' -x Makefile -x .Pp The .Fl Q -@@ -1001,6 +987,17 @@ +@@ -1138,6 +1124,17 @@ to prefer their algorithms. .Pp The list of available signature algorithms may also be obtained using .Qq ssh -Q HostKeyAlgorithms . @@ -155,7 +166,7 @@ diff --color -ru -x regress -x autom4te.cache -x '*.o' -x '*.lo' -x Makefile -x .It Cm HostKeyAlias Specifies an alias that should be used instead of the real host name when looking up or saving the host key -@@ -1330,6 +1330,11 @@ it may be zero or more of: +@@ -1376,6 +1373,11 @@ it may be zero or more of: and .Cm pam . .It Cm KexAlgorithms @@ -167,7 +178,7 @@ diff --color -ru -x regress -x autom4te.cache -x '*.o' -x '*.lo' -x Makefile -x Specifies the permitted KEX (Key Exchange) algorithms that will be used and their preference order. The selected algorithm will be the first algorithm in this list that -@@ -1338,29 +1343,17 @@ Multiple algorithms must be comma-separa +@@ -1384,29 +1386,17 @@ Multiple algorithms must be comma-separated. .Pp If the specified list begins with a .Sq + @@ -187,8 +198,8 @@ diff --color -ru -x regress -x autom4te.cache -x '*.o' -x '*.lo' -x Makefile -x -.Pp -The default is: -.Bd -literal -offset indent --sntrup761x25519-sha512,sntrup761x25519-sha512@openssh.com, -mlkem768x25519-sha256, +-sntrup761x25519-sha512,sntrup761x25519-sha512@openssh.com, -curve25519-sha256,curve25519-sha256@libssh.org, -ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521, -diffie-hellman-group-exchange-sha256, @@ -201,7 +212,7 @@ diff --color -ru -x regress -x autom4te.cache -x '*.o' -x '*.lo' -x Makefile -x The list of supported key exchange algorithms may also be obtained using .Qq ssh -Q kex . .It Cm KnownHostsCommand -@@ -1365,37 +1357,33 @@ +@@ -1522,37 +1512,33 @@ function, and all code in the file. This option is intended for debugging and no overrides are enabled by default. .It Cm MACs @@ -248,7 +259,7 @@ diff --color -ru -x regress -x autom4te.cache -x '*.o' -x '*.lo' -x Makefile -x The list of available MAC algorithms may also be obtained using .Qq ssh -Q mac . .It Cm NoHostAuthenticationForLocalhost -@@ -1567,39 +1555,31 @@ +@@ -1741,39 +1727,31 @@ instead of continuing to execute and pass data. The default is .Cm no . .It Cm PubkeyAcceptedAlgorithms @@ -300,7 +311,7 @@ diff --color -ru -x regress -x autom4te.cache -x '*.o' -x '*.lo' -x Makefile -x .It Cm PubkeyAuthentication Specifies whether to try public key authentication. The argument to this keyword must be -@@ -2265,7 +2245,9 @@ +@@ -2497,7 +2475,9 @@ for those users who do not have a configuration file. This file must be world-readable. .El .Sh SEE ALSO @@ -311,10 +322,11 @@ diff --color -ru -x regress -x autom4te.cache -x '*.o' -x '*.lo' -x Makefile -x .Sh AUTHORS .An -nosplit OpenSSH is a derivative of the original and free -diff --color -ru -x regress -x autom4te.cache -x '*.o' -x '*.lo' -x Makefile -x config.status -x configure~ -x configure.ac openssh-9.3p1/sshd_config.5 openssh-9.3p1-patched/sshd_config.5 ---- openssh-9.3p1/sshd_config.5 2023-06-07 10:26:48.277590077 +0200 -+++ openssh-9.3p1-patched/sshd_config.5 2023-06-07 10:26:00.592051845 +0200 -@@ -379,17 +379,13 @@ +diff --git a/sshd_config.5 b/sshd_config.5 +index 26fcdc84..583a01cd 100644 +--- a/sshd_config.5 ++++ b/sshd_config.5 +@@ -379,17 +379,13 @@ If the argument is then no banner is displayed. By default, no banner is displayed. .It Cm CASignatureAlgorithms @@ -337,7 +349,7 @@ diff --color -ru -x regress -x autom4te.cache -x '*.o' -x '*.lo' -x Makefile -x If the specified list begins with a .Sq + character, then the specified algorithms will be appended to the default set -@@ -525,20 +521,25 @@ +@@ -533,20 +529,25 @@ The default is indicating not to .Xr chroot 2 . .It Cm Ciphers @@ -367,21 +379,21 @@ diff --color -ru -x regress -x autom4te.cache -x '*.o' -x '*.lo' -x Makefile -x .Pp The supported ciphers are: .Pp -@@ -565,13 +566,6 @@ +@@ -573,13 +574,6 @@ aes256-gcm@openssh.com chacha20-poly1305@openssh.com .El .Pp -The default is: -.Bd -literal -offset indent -chacha20-poly1305@openssh.com, --aes128-ctr,aes192-ctr,aes256-ctr, --aes128-gcm@openssh.com,aes256-gcm@openssh.com +-aes128-gcm@openssh.com,aes256-gcm@openssh.com, +-aes128-ctr,aes192-ctr,aes256-ctr -.Ed -.Pp The list of available ciphers may also be obtained using .Qq ssh -Q cipher . .It Cm ClientAliveCountMax -@@ -766,53 +760,43 @@ +@@ -774,53 +768,43 @@ For this to work .Cm GSSAPIKeyExchange needs to be enabled in the server and also used by the client. .It Cm GSSAPIKexAlgorithms @@ -454,7 +466,7 @@ diff --color -ru -x regress -x autom4te.cache -x '*.o' -x '*.lo' -x Makefile -x .Pp The list of available signature algorithms may also be obtained using .Qq ssh -Q HostbasedAcceptedAlgorithms . -@@ -879,25 +863,14 @@ +@@ -887,25 +871,14 @@ is specified, the location of the socket will be read from the .Ev SSH_AUTH_SOCK environment variable. .It Cm HostKeyAlgorithms @@ -485,7 +497,7 @@ diff --color -ru -x regress -x autom4te.cache -x '*.o' -x '*.lo' -x Makefile -x The list of available signature algorithms may also be obtained using .Qq ssh -Q HostKeyAlgorithms . .It Cm IgnoreRhosts -@@ -1025,6 +1025,11 @@ Specifies whether to look at .k5login fi +@@ -1052,6 +1025,11 @@ Specifies whether to look at .k5login file for user's aliases. The default is .Cm yes . .It Cm KexAlgorithms @@ -497,7 +509,7 @@ diff --color -ru -x regress -x autom4te.cache -x '*.o' -x '*.lo' -x Makefile -x Specifies the permitted KEX (Key Exchange) algorithms that the server will offer to clients. The ordering of this list is not important, as the client specifies the -@@ -1033,16 +1038,16 @@ Multiple algorithms must be comma-separa +@@ -1060,16 +1038,16 @@ Multiple algorithms must be comma-separated. .Pp If the specified list begins with a .Sq + @@ -518,25 +530,22 @@ diff --color -ru -x regress -x autom4te.cache -x '*.o' -x '*.lo' -x Makefile -x .Pp The supported algorithms are: .Pp -@@ -1075,17 +1080,6 @@ ecdh-sha2-nistp521 +@@ -1106,14 +1084,6 @@ sntrup761x25519-sha512 sntrup761x25519-sha512@openssh.com .El .Pp -The default is: -.Bd -literal -offset indent --sntrup761x25519-sha512,sntrup761x25519-sha512@openssh.com, -mlkem768x25519-sha256, +-sntrup761x25519-sha512,sntrup761x25519-sha512@openssh.com, -curve25519-sha256,curve25519-sha256@libssh.org, --ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521, --diffie-hellman-group-exchange-sha256, --diffie-hellman-group16-sha512,diffie-hellman-group18-sha512, --diffie-hellman-group14-sha256 +-ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521 -.Ed -.Pp The list of supported key exchange algorithms may also be obtained using .Qq ssh -Q KexAlgorithms . .It Cm ListenAddress -@@ -1184,21 +1152,26 @@ +@@ -1200,21 +1170,26 @@ function, and all code in the file. This option is intended for debugging and no overrides are enabled by default. .It Cm MACs @@ -567,7 +576,7 @@ diff --color -ru -x regress -x autom4te.cache -x '*.o' -x '*.lo' -x Makefile -x .Pp The algorithms that contain .Qq -etm -@@ -1241,15 +1214,6 @@ +@@ -1257,15 +1232,6 @@ umac-64-etm@openssh.com umac-128-etm@openssh.com .El .Pp @@ -583,7 +592,7 @@ diff --color -ru -x regress -x autom4te.cache -x '*.o' -x '*.lo' -x Makefile -x The list of available MAC algorithms may also be obtained using .Qq ssh -Q mac . .It Cm Match -@@ -1633,36 +1597,25 @@ +@@ -1753,36 +1719,25 @@ or equivalent.) The default is .Cm yes . .It Cm PubkeyAcceptedAlgorithms @@ -629,7 +638,7 @@ diff --color -ru -x regress -x autom4te.cache -x '*.o' -x '*.lo' -x Makefile -x .Pp The list of available signature algorithms may also be obtained using .Qq ssh -Q PubkeyAcceptedAlgorithms . -@@ -2131,7 +2084,9 @@ +@@ -2289,7 +2244,9 @@ This file should be writable by root only, but it is recommended .El .Sh SEE ALSO .Xr sftp-server 8 , @@ -640,3 +649,6 @@ diff --color -ru -x regress -x autom4te.cache -x '*.o' -x '*.lo' -x Makefile -x .Sh AUTHORS .An -nosplit OpenSSH is a derivative of the original and free +-- +2.49.0 + diff --git a/openssh-8.0p1-openssl-kdf.patch b/0031-openssh-8.0p1-openssl-kdf.patch similarity index 84% rename from openssh-8.0p1-openssl-kdf.patch rename to 0031-openssh-8.0p1-openssl-kdf.patch index c22b210..529940f 100644 --- a/openssh-8.0p1-openssl-kdf.patch +++ b/0031-openssh-8.0p1-openssl-kdf.patch @@ -1,14 +1,18 @@ -commit 2c3ef499bfffce3cfd315edeebf202850ba4e00a -Author: Jakub Jelen -Date: Tue Apr 16 15:35:18 2019 +0200 +From 430bd33963725beb8ec01a1e581529ae6bf6bec0 Mon Sep 17 00:00:00 2001 +From: Dmitry Belyavskiy +Date: Thu, 15 May 2025 13:43:28 +0200 +Subject: [PATCH 31/50] openssh-8.0p1-openssl-kdf - Use the new OpenSSL KDF +--- + configure.ac | 1 + + kex.c | 107 +++++++++++++++++++++++++++++++++++++++++++++++++++ + 2 files changed, 108 insertions(+) diff --git a/configure.ac b/configure.ac -index 2a455e4e..e01c3d43 100644 +index d9bd2f51..d92a8580 100644 --- a/configure.ac +++ b/configure.ac -@@ -2712,6 +2712,7 @@ if test "x$openssl" = "xyes" ; then +@@ -3137,6 +3137,7 @@ if test "x$openssl" = "xyes" ; then HMAC_CTX_init \ RSA_generate_key_ex \ RSA_get_default_method \ @@ -17,10 +21,10 @@ index 2a455e4e..e01c3d43 100644 # OpenSSL_add_all_algorithms may be a macro. diff --git a/kex.c b/kex.c -index b6f041f4..1fbce2bb 100644 +index 19a56e8e..8b200ff4 100644 --- a/kex.c +++ b/kex.c -@@ -38,6 +38,11 @@ +@@ -40,6 +40,11 @@ #ifdef WITH_OPENSSL #include #include @@ -32,7 +36,7 @@ index b6f041f4..1fbce2bb 100644 #endif #include "ssh.h" -@@ -942,6 +945,107 @@ kex_choose_conf(struct ssh *ssh) +@@ -1078,6 +1083,107 @@ kex_choose_conf(struct ssh *ssh, uint32_t seq) return r; } @@ -140,7 +144,7 @@ index b6f041f4..1fbce2bb 100644 static int derive_key(struct ssh *ssh, int id, u_int need, u_char *hash, u_int hashlen, const struct sshbuf *shared_secret, u_char **keyp) -@@ -1004,6 +1096,7 @@ derive_key(struct ssh *ssh, int id, u_int need, u_char *hash, u_int hashlen, +@@ -1141,6 +1247,7 @@ derive_key(struct ssh *ssh, int id, u_int need, u_char *hash, u_int hashlen, ssh_digest_free(hashctx); return r; } @@ -148,4 +152,6 @@ index b6f041f4..1fbce2bb 100644 #define NKEYS 6 int +-- +2.49.0 diff --git a/openssh-8.2p1-visibility.patch b/0032-openssh-8.2p1-visibility.patch similarity index 62% rename from openssh-8.2p1-visibility.patch rename to 0032-openssh-8.2p1-visibility.patch index 89c35ef..c67373c 100644 --- a/openssh-8.2p1-visibility.patch +++ b/0032-openssh-8.2p1-visibility.patch @@ -1,8 +1,17 @@ +From 6aa231d9acfeca870ee87e3bf9c4a1239518706d Mon Sep 17 00:00:00 2001 +From: Dmitry Belyavskiy +Date: Thu, 15 May 2025 13:43:28 +0200 +Subject: [PATCH 32/50] openssh-8.2p1-visibility + +--- + regress/misc/sk-dummy/sk-dummy.c | 8 ++++---- + 1 file changed, 4 insertions(+), 4 deletions(-) + diff --git a/regress/misc/sk-dummy/sk-dummy.c b/regress/misc/sk-dummy/sk-dummy.c -index dca158de..afdcb1d2 100644 +index 347b2122..344f8a8a 100644 --- a/regress/misc/sk-dummy/sk-dummy.c +++ b/regress/misc/sk-dummy/sk-dummy.c -@@ -71,7 +71,7 @@ skdebug(const char *func, const char *fmt, ...) +@@ -81,7 +81,7 @@ skdebug(const char *func, const char *fmt, ...) #endif } @@ -11,7 +20,7 @@ index dca158de..afdcb1d2 100644 sk_api_version(void) { return SSH_SK_VERSION_MAJOR; -@@ -220,7 +220,7 @@ check_options(struct sk_option **options) +@@ -230,7 +230,7 @@ check_options(struct sk_option **options) return 0; } @@ -20,7 +29,7 @@ index dca158de..afdcb1d2 100644 sk_enroll(uint32_t alg, const uint8_t *challenge, size_t challenge_len, const char *application, uint8_t flags, const char *pin, struct sk_option **options, struct sk_enroll_response **enroll_response) -@@ -467,7 +467,7 @@ sig_ed25519(const uint8_t *message, size_t message_len, +@@ -478,7 +478,7 @@ sig_ed25519(const uint8_t *message, size_t message_len, return ret; } @@ -29,7 +38,7 @@ index dca158de..afdcb1d2 100644 sk_sign(uint32_t alg, const uint8_t *data, size_t datalen, const char *application, const uint8_t *key_handle, size_t key_handle_len, uint8_t flags, const char *pin, struct sk_option **options, -@@ -518,7 +518,7 @@ sk_sign(uint32_t alg, const uint8_t *message, size_t message_len, +@@ -535,7 +535,7 @@ sk_sign(uint32_t alg, const uint8_t *data, size_t datalen, return ret; } @@ -38,3 +47,6 @@ index dca158de..afdcb1d2 100644 sk_load_resident_keys(const char *pin, struct sk_option **options, struct sk_resident_key ***rks, size_t *nrks) { +-- +2.49.0 + diff --git a/openssh-8.2p1-x11-without-ipv6.patch b/0033-openssh-8.2p1-x11-without-ipv6.patch similarity index 55% rename from openssh-8.2p1-x11-without-ipv6.patch rename to 0033-openssh-8.2p1-x11-without-ipv6.patch index 8b83bc3..32a9056 100644 --- a/openssh-8.2p1-x11-without-ipv6.patch +++ b/0033-openssh-8.2p1-x11-without-ipv6.patch @@ -1,12 +1,17 @@ +From cfe5a99d335eb57b8c08b4eb6b4535dd042d96e3 Mon Sep 17 00:00:00 2001 +From: Dmitry Belyavskiy +Date: Thu, 15 May 2025 13:43:28 +0200 +Subject: [PATCH 33/50] openssh-8.2p1-x11-without-ipv6 + +--- + channels.c | 10 ++++++++++ + 1 file changed, 10 insertions(+) + diff --git a/channels.c b/channels.c +index 7438c1a5..95836d50 100644 --- a/channels.c +++ b/channels.c -@@ -3933,16 +3933,26 @@ x11_create_display_inet(int x11_display_ - if (ai->ai_family == AF_INET6) - sock_set_v6only(sock); - if (x11_use_localhost) - set_reuseaddr(sock); - if (bind(sock, ai->ai_addr, ai->ai_addrlen) == -1) { +@@ -5055,6 +5055,16 @@ x11_create_display_inet(struct ssh *ssh, int x11_display_offset, debug2_f("bind port %d: %.100s", port, strerror(errno)); close(sock); @@ -23,8 +28,6 @@ diff --git a/channels.c b/channels.c for (n = 0; n < num_socks; n++) close(socks[n]); num_socks = 0; - break; - } - socks[num_socks++] = sock; - if (num_socks == NUM_SOCKS) - break; +-- +2.49.0 + diff --git a/openssh-8.0p1-preserve-pam-errors.patch b/0034-openssh-8.0p1-preserve-pam-errors.patch similarity index 67% rename from openssh-8.0p1-preserve-pam-errors.patch rename to 0034-openssh-8.0p1-preserve-pam-errors.patch index b7ab965..15e59c2 100644 --- a/openssh-8.0p1-preserve-pam-errors.patch +++ b/0034-openssh-8.0p1-preserve-pam-errors.patch @@ -1,7 +1,17 @@ -diff -up openssh-8.0p1/auth-pam.c.preserve-pam-errors openssh-8.0p1/auth-pam.c ---- openssh-8.0p1/auth-pam.c.preserve-pam-errors 2021-03-31 17:03:15.618592347 +0200 -+++ openssh-8.0p1/auth-pam.c 2021-03-31 17:06:58.115220014 +0200 -@@ -511,7 +511,11 @@ sshpam_thread(void *ctxtp) +From 8de0391e3b3eb75e23ee9f173f04a9c78f2b96c9 Mon Sep 17 00:00:00 2001 +From: Dmitry Belyavskiy +Date: Thu, 15 May 2025 13:43:29 +0200 +Subject: [PATCH 34/50] openssh-8.0p1-preserve-pam-errors + +--- + auth-pam.c | 18 +++++++++++++----- + 1 file changed, 13 insertions(+), 5 deletions(-) + +diff --git a/auth-pam.c b/auth-pam.c +index b4100ea1..a042c3c8 100644 +--- a/auth-pam.c ++++ b/auth-pam.c +@@ -523,7 +523,11 @@ sshpam_thread(void *ctxtp) goto auth_fail; if (!do_pam_account()) { @@ -14,7 +24,7 @@ diff -up openssh-8.0p1/auth-pam.c.preserve-pam-errors openssh-8.0p1/auth-pam.c goto auth_fail; } if (sshpam_authctxt->force_pwchange) { -@@ -568,8 +572,10 @@ sshpam_thread(void *ctxtp) +@@ -580,8 +584,10 @@ sshpam_thread(void *ctxtp) pam_strerror(sshpam_handle, sshpam_err))) != 0) fatal("%s: buffer error: %s", __func__, ssh_err(r)); /* XXX - can't do much about an error here */ @@ -27,17 +37,20 @@ diff -up openssh-8.0p1/auth-pam.c.preserve-pam-errors openssh-8.0p1/auth-pam.c else if (sshpam_maxtries_reached) ssh_msg_send(ctxt->pam_csock, PAM_MAXTRIES, buffer); else -@@ -856,9 +862,11 @@ sshpam_query(void *ctx, char **name, cha +@@ -890,9 +896,11 @@ sshpam_query(void *ctx, char **name, char **info, free(msg); break; case PAM_ACCT_EXPIRED: + sshpam_account_status = 0; + /* FALLTHROUGH */ case PAM_MAXTRIES: -+ case PAM_USER_UNKNOWN: -+ case PAM_PERM_DENIED: - if (type == PAM_ACCT_EXPIRED) - sshpam_account_status = 0; ++ case PAM_USER_UNKNOWN: ++ case PAM_PERM_DENIED: if (type == PAM_MAXTRIES) sshpam_set_maxtries_reached(1); /* FALLTHROUGH */ +-- +2.49.0 + diff --git a/openssh-8.7p1-scp-kill-switch.patch b/0035-openssh-8.7p1-scp-kill-switch.patch similarity index 57% rename from openssh-8.7p1-scp-kill-switch.patch rename to 0035-openssh-8.7p1-scp-kill-switch.patch index 161ab2d..58a5036 100644 --- a/openssh-8.7p1-scp-kill-switch.patch +++ b/0035-openssh-8.7p1-scp-kill-switch.patch @@ -1,6 +1,18 @@ -diff -up openssh-8.7p1/pathnames.h.kill-scp openssh-8.7p1/pathnames.h ---- openssh-8.7p1/pathnames.h.kill-scp 2021-09-16 11:37:57.240171687 +0200 -+++ openssh-8.7p1/pathnames.h 2021-09-16 11:42:29.183427917 +0200 +From a68f3741fdc01bf6823a69d2442caba7de9835f9 Mon Sep 17 00:00:00 2001 +From: Dmitry Belyavskiy +Date: Thu, 15 May 2025 13:43:29 +0200 +Subject: [PATCH 35/50] openssh-8.7p1-scp-kill-switch + +--- + pathnames.h | 1 + + scp.1 | 7 +++++++ + scp.c | 8 ++++++++ + 3 files changed, 16 insertions(+) + +diff --git a/pathnames.h b/pathnames.h +index 1158bec9..43f0c570 100644 +--- a/pathnames.h ++++ b/pathnames.h @@ -42,6 +42,7 @@ #define _PATH_HOST_XMSS_KEY_FILE SSHDIR "/ssh_host_xmss_key" #define _PATH_HOST_RSA_KEY_FILE SSHDIR "/ssh_host_rsa_key" @@ -9,10 +21,11 @@ diff -up openssh-8.7p1/pathnames.h.kill-scp openssh-8.7p1/pathnames.h #ifndef _PATH_SSH_PROGRAM #define _PATH_SSH_PROGRAM "/usr/bin/ssh" -diff -up openssh-8.7p1/scp.1.kill-scp openssh-8.7p1/scp.1 ---- openssh-8.7p1/scp.1.kill-scp 2021-09-16 12:09:02.646714578 +0200 -+++ openssh-8.7p1/scp.1 2021-09-16 12:26:49.978628226 +0200 -@@ -278,6 +278,13 @@ to print debugging messages about their +diff --git a/scp.1 b/scp.1 +index aa2e2d8b..373d7237 100644 +--- a/scp.1 ++++ b/scp.1 +@@ -331,6 +331,13 @@ during download or upload. By default a 32KB buffer is used. .El .El @@ -26,10 +39,11 @@ diff -up openssh-8.7p1/scp.1.kill-scp openssh-8.7p1/scp.1 .Sh EXIT STATUS .Ex -std scp .Sh SEE ALSO -diff -up openssh-8.7p1/scp.c.kill-scp openssh-8.7p1/scp.c ---- openssh-8.7p1/scp.c.kill-scp 2021-09-16 11:42:56.013650519 +0200 -+++ openssh-8.7p1/scp.c 2021-09-16 11:53:03.249713836 +0200 -@@ -596,6 +596,14 @@ main(int argc, char **argv) +diff --git a/scp.c b/scp.c +index 7f9795a5..7ed1a54c 100644 +--- a/scp.c ++++ b/scp.c +@@ -649,6 +649,14 @@ main(int argc, char **argv) if (iamremote) mode = MODE_SCP; @@ -44,3 +58,6 @@ diff -up openssh-8.7p1/scp.c.kill-scp openssh-8.7p1/scp.c if ((pwd = getpwuid(userid = getuid())) == NULL) fatal("unknown user %u", (u_int) userid); +-- +2.49.0 + diff --git a/openssh-8.7p1-recursive-scp.patch b/0036-openssh-8.7p1-recursive-scp.patch similarity index 73% rename from openssh-8.7p1-recursive-scp.patch rename to 0036-openssh-8.7p1-recursive-scp.patch index 17c340e..929b408 100644 --- a/openssh-8.7p1-recursive-scp.patch +++ b/0036-openssh-8.7p1-recursive-scp.patch @@ -1,8 +1,21 @@ -diff --git a/scp.c b/scp.c ---- a/scp.c (revision 8241b9c0529228b4b86d88b1a6076fb9f97e4a99) -+++ b/scp.c (date 1703111453316) -@@ -1372,7 +1372,7 @@ +From 99e1e3af524376788e591ca73387f1ca37e6f5ef Mon Sep 17 00:00:00 2001 +From: Dmitry Belyavskiy +Date: Thu, 15 May 2025 13:43:29 +0200 +Subject: [PATCH 36/50] openssh-8.7p1-recursive-scp +--- + scp.c | 2 +- + sftp-client.c | 60 +++++++++++++++++++++++++++++++++++++++------------ + sftp-client.h | 4 ++-- + sftp.c | 6 +++--- + 4 files changed, 52 insertions(+), 20 deletions(-) + +diff --git a/scp.c b/scp.c +index 7ed1a54c..0c87dd0e 100644 +--- a/scp.c ++++ b/scp.c +@@ -1388,7 +1388,7 @@ source_sftp(int argc, char *src, char *targ, struct sftp_conn *conn) + if (src_is_dir && iamrecursive) { if (sftp_upload_dir(conn, src, abs_dst, pflag, - SFTP_PROGRESS_ONLY, 0, 0, 1, 1) != 0) { @@ -11,10 +24,11 @@ diff --git a/scp.c b/scp.c errs = 1; } diff --git a/sftp-client.c b/sftp-client.c ---- a/sftp-client.c (revision 8241b9c0529228b4b86d88b1a6076fb9f97e4a99) -+++ b/sftp-client.c (date 1703169614263) -@@ -1003,7 +1003,7 @@ - +index 9f8ab4af..873dec04 100644 +--- a/sftp-client.c ++++ b/sftp-client.c +@@ -1003,7 +1003,7 @@ sftp_fsetstat(struct sftp_conn *conn, const u_char *handle, u_int handle_len, + /* Implements both the realpath and expand-path operations */ static char * -sftp_realpath_expand(struct sftp_conn *conn, const char *path, int expand) @@ -22,7 +36,7 @@ diff --git a/sftp-client.c b/sftp-client.c { struct sshbuf *msg; u_int expected_id, count, id; -@@ -1049,11 +1049,43 @@ +@@ -1049,11 +1049,43 @@ sftp_realpath_expand(struct sftp_conn *conn, const char *path, int expand) if ((r = sshbuf_get_u32(msg, &status)) != 0 || (r = sshbuf_get_cstring(msg, &errmsg, NULL)) != 0) fatal_fr(r, "parse status"); @@ -71,9 +85,9 @@ diff --git a/sftp-client.c b/sftp-client.c } else if (type != SSH2_FXP_NAME) fatal("Expected SSH2_FXP_NAME(%u) packet, got %u", SSH2_FXP_NAME, type); -@@ -1078,9 +1110,9 @@ +@@ -1078,9 +1110,9 @@ sftp_realpath_expand(struct sftp_conn *conn, const char *path, int expand) } - + char * -sftp_realpath(struct sftp_conn *conn, const char *path) +sftp_realpath(struct sftp_conn *conn, const char *path, int create_dir) @@ -81,9 +95,9 @@ diff --git a/sftp-client.c b/sftp-client.c - return sftp_realpath_expand(conn, path, 0); + return sftp_realpath_expand(conn, path, 0, create_dir); } - + int -@@ -1094,9 +1126,9 @@ +@@ -1094,9 +1126,9 @@ sftp_expand_path(struct sftp_conn *conn, const char *path) { if (!sftp_can_expand_path(conn)) { debug3_f("no server support, fallback to realpath"); @@ -93,18 +107,18 @@ diff --git a/sftp-client.c b/sftp-client.c - return sftp_realpath_expand(conn, path, 1); + return sftp_realpath_expand(conn, path, 1, 0); } - + int -@@ -2016,7 +2048,7 @@ +@@ -2016,7 +2048,7 @@ sftp_download_dir(struct sftp_conn *conn, const char *src, const char *dst, char *src_canon; int ret; - + - if ((src_canon = sftp_realpath(conn, src)) == NULL) { + if ((src_canon = sftp_realpath(conn, src, 0)) == NULL) { error("download \"%s\": path canonicalization failed", src); return -1; } -@@ -2365,12 +2397,12 @@ +@@ -2366,12 +2398,12 @@ upload_dir_internal(struct sftp_conn *conn, const char *src, const char *dst, int sftp_upload_dir(struct sftp_conn *conn, const char *src, const char *dst, int preserve_flag, int print_flag, int resume, int fsync_flag, @@ -113,47 +127,48 @@ diff --git a/sftp-client.c b/sftp-client.c { char *dst_canon; int ret; - + - if ((dst_canon = sftp_realpath(conn, dst)) == NULL) { + if ((dst_canon = sftp_realpath(conn, dst, create_dir)) == NULL) { error("upload \"%s\": path canonicalization failed", dst); return -1; } -@@ -2825,7 +2857,7 @@ +@@ -2826,7 +2858,7 @@ sftp_crossload_dir(struct sftp_conn *from, struct sftp_conn *to, char *from_path_canon; int ret; - + - if ((from_path_canon = sftp_realpath(from, from_path)) == NULL) { + if ((from_path_canon = sftp_realpath(from, from_path, 0)) == NULL) { error("crossload \"%s\": path canonicalization failed", from_path); return -1; diff --git a/sftp-client.h b/sftp-client.h ---- a/sftp-client.h (revision 8241b9c0529228b4b86d88b1a6076fb9f97e4a99) -+++ b/sftp-client.h (date 1703111691284) -@@ -111,7 +111,7 @@ +index 74cdae7d..00ed6630 100644 +--- a/sftp-client.h ++++ b/sftp-client.h +@@ -111,7 +111,7 @@ int sftp_fsetstat(struct sftp_conn *, const u_char *, u_int, Attrib *); int sftp_lsetstat(struct sftp_conn *conn, const char *path, Attrib *a); - + /* Canonicalise 'path' - caller must free result */ -char *sftp_realpath(struct sftp_conn *, const char *); +char *sftp_realpath(struct sftp_conn *, const char *, int); - + /* Canonicalisation with tilde expansion (requires server extension) */ char *sftp_expand_path(struct sftp_conn *, const char *); -@@ -163,7 +163,7 @@ +@@ -163,7 +163,7 @@ int sftp_upload(struct sftp_conn *, const char *, const char *, * times if 'pflag' is set */ int sftp_upload_dir(struct sftp_conn *, const char *, const char *, - int, int, int, int, int, int); + int, int, int, int, int, int, int); - + /* * Download a 'from_path' from the 'from' connection and upload it to - diff --git a/sftp.c b/sftp.c ---- a/sftp.c (revision 8241b9c0529228b4b86d88b1a6076fb9f97e4a99) -+++ b/sftp.c (date 1703168795365) -@@ -807,7 +807,7 @@ +index bdedd141..322e6d1f 100644 +--- a/sftp.c ++++ b/sftp.c +@@ -809,7 +809,7 @@ process_put(struct sftp_conn *conn, const char *src, const char *dst, (rflag || global_rflag)) { if (sftp_upload_dir(conn, g.gl_pathv[i], abs_dst, pflag || global_pflag, 1, resume, @@ -162,7 +177,7 @@ diff --git a/sftp.c b/sftp.c err = -1; } else { if (sftp_upload(conn, g.gl_pathv[i], abs_dst, -@@ -1642,7 +1642,7 @@ +@@ -1644,7 +1644,7 @@ parse_dispatch_command(struct sftp_conn *conn, const char *cmd, char **pwd, if (path1 == NULL || *path1 == '\0') path1 = xstrdup(startdir); path1 = sftp_make_absolute(path1, *pwd); @@ -171,12 +186,15 @@ diff --git a/sftp.c b/sftp.c err = 1; break; } -@@ -2247,7 +2247,7 @@ +@@ -2249,7 +2249,7 @@ interactive_loop(struct sftp_conn *conn, char *file1, char *file2) } #endif /* USE_LIBEDIT */ - + - if ((remote_path = sftp_realpath(conn, ".")) == NULL) + if ((remote_path = sftp_realpath(conn, ".", 0)) == NULL) fatal("Need cwd"); startdir = xstrdup(remote_path); + +-- +2.49.0 diff --git a/openssh-8.7p1-minrsabits.patch b/0037-openssh-8.7p1-minrsabits.patch similarity index 63% rename from openssh-8.7p1-minrsabits.patch rename to 0037-openssh-8.7p1-minrsabits.patch index d8577d2..59e530b 100644 --- a/openssh-8.7p1-minrsabits.patch +++ b/0037-openssh-8.7p1-minrsabits.patch @@ -1,7 +1,18 @@ +From 286bc4a302b5130f732c857095ae665f7bea01dd Mon Sep 17 00:00:00 2001 +From: Dmitry Belyavskiy +Date: Thu, 15 May 2025 13:43:29 +0200 +Subject: [PATCH 37/50] openssh-8.7p1-minrsabits + +--- + readconf.c | 1 + + servconf.c | 1 + + 2 files changed, 2 insertions(+) + diff --git a/readconf.c b/readconf.c ---- a/readconf.c (revision 8241b9c0529228b4b86d88b1a6076fb9f97e4a99) -+++ b/readconf.c (date 1703169891147) -@@ -326,6 +326,7 @@ +index 6c04ed43..f340bf50 100644 +--- a/readconf.c ++++ b/readconf.c +@@ -343,6 +343,7 @@ static struct { { "securitykeyprovider", oSecurityKeyProvider }, { "knownhostscommand", oKnownHostsCommand }, { "requiredrsasize", oRequiredRSASize }, @@ -10,9 +21,10 @@ diff --git a/readconf.c b/readconf.c { "obscurekeystroketiming", oObscureKeystrokeTiming }, { "channeltimeout", oChannelTimeout }, diff --git a/servconf.c b/servconf.c ---- a/servconf.c (revision 8241b9c0529228b4b86d88b1a6076fb9f97e4a99) -+++ b/servconf.c (date 1703169891148) -@@ -691,6 +691,7 @@ +index 15c99b30..84891544 100644 +--- a/servconf.c ++++ b/servconf.c +@@ -788,6 +788,7 @@ static struct { { "casignaturealgorithms", sCASignatureAlgorithms, SSHCFG_ALL }, { "securitykeyprovider", sSecurityKeyProvider, SSHCFG_GLOBAL }, { "requiredrsasize", sRequiredRSASize, SSHCFG_ALL }, @@ -20,3 +32,6 @@ diff --git a/servconf.c b/servconf.c { "channeltimeout", sChannelTimeout, SSHCFG_ALL }, { "unusedconnectiontimeout", sUnusedConnectionTimeout, SSHCFG_ALL }, { "sshdsessionpath", sSshdSessionPath, SSHCFG_GLOBAL }, +-- +2.49.0 + diff --git a/0038-openssh-8.7p1-ibmca.patch b/0038-openssh-8.7p1-ibmca.patch new file mode 100644 index 0000000..74dd5b5 --- /dev/null +++ b/0038-openssh-8.7p1-ibmca.patch @@ -0,0 +1,25 @@ +From 26af04432f6404eb03780265a5cce948ecfec8dc Mon Sep 17 00:00:00 2001 +From: Dmitry Belyavskiy +Date: Thu, 15 May 2025 13:43:29 +0200 +Subject: [PATCH 38/50] openssh-8.7p1-ibmca + +--- + openbsd-compat/bsd-closefrom.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/openbsd-compat/bsd-closefrom.c b/openbsd-compat/bsd-closefrom.c +index f6112458..417c2048 100644 +--- a/openbsd-compat/bsd-closefrom.c ++++ b/openbsd-compat/bsd-closefrom.c +@@ -16,7 +16,7 @@ + + #include "includes.h" + +-#if !defined(HAVE_CLOSEFROM) || defined(BROKEN_CLOSEFROM) ++#if !defined(HAVE_CLOSEFROM) || defined(BROKEN_CLOSEFROM) || (defined __s390__) + + #include + #include +-- +2.49.0 + diff --git a/openssh-7.6p1-audit.patch b/0039-openssh-7.6p1-audit.patch similarity index 83% rename from openssh-7.6p1-audit.patch rename to 0039-openssh-7.6p1-audit.patch index 2c7ddc5..e4f89c7 100644 --- a/openssh-7.6p1-audit.patch +++ b/0039-openssh-7.6p1-audit.patch @@ -1,7 +1,57 @@ -diff -up openssh-8.6p1/audit-bsm.c.audit openssh-8.6p1/audit-bsm.c ---- openssh-8.6p1/audit-bsm.c.audit 2021-04-16 05:55:25.000000000 +0200 -+++ openssh-8.6p1/audit-bsm.c 2021-04-19 16:47:35.753062106 +0200 -@@ -373,13 +373,26 @@ audit_connection_from(const char *host, +From b0505837bfa2dcdf07800634fa80c5cdb78799dc Mon Sep 17 00:00:00 2001 +From: Dmitry Belyavskiy +Date: Thu, 15 May 2025 13:43:29 +0200 +Subject: [PATCH 39/50] openssh-7.6p1-audit + +--- + Makefile.in | 2 +- + audit-bsm.c | 45 ++++++- + audit-linux.c | 302 +++++++++++++++++++++++++++++++++++++++++++--- + audit.c | 129 ++++++++++++++++++-- + audit.h | 22 +++- + auditstub.c | 52 ++++++++ + auth.c | 3 - + auth.h | 4 + + auth2-hostbased.c | 16 ++- + auth2-pubkey.c | 16 ++- + auth2.c | 3 - + cipher.c | 21 +--- + cipher.h | 20 ++- + kex.c | 61 ++++++++-- + kex.h | 2 + + mac.c | 14 +++ + mac.h | 1 + + monitor.c | 194 +++++++++++++++++++++++++++-- + monitor.h | 8 +- + monitor_wrap.c | 130 +++++++++++++++++++- + monitor_wrap.h | 11 +- + packet.c | 98 +++++++++++++-- + packet.h | 1 + + session.c | 83 ++++++++++++- + session.h | 10 +- + sshd-session.c | 104 ++++++++++++++-- + sshd.c | 10 ++ + 27 files changed, 1258 insertions(+), 104 deletions(-) + create mode 100644 auditstub.c + +diff --git a/Makefile.in b/Makefile.in +index 6c417ef7..a2942392 100644 +--- a/Makefile.in ++++ b/Makefile.in +@@ -119,7 +119,7 @@ LIBSSH_OBJS=${LIBOPENSSH_OBJS} \ + kexsntrup761x25519.o kexmlkem768x25519.o sntrup761.o kexgen.o \ + kexgssc.o \ + sftp-realpath.o platform-pledge.o platform-tracing.o platform-misc.o \ +- sshbuf-io.o ++ sshbuf-io.o auditstub.o + + SKOBJS= ssh-sk-client.o + +diff --git a/audit-bsm.c b/audit-bsm.c +index ccfcf6f7..a49abb92 100644 +--- a/audit-bsm.c ++++ b/audit-bsm.c +@@ -373,12 +373,25 @@ audit_connection_from(const char *host, int port) #endif } @@ -19,17 +69,16 @@ diff -up openssh-8.6p1/audit-bsm.c.audit openssh-8.6p1/audit-bsm.c /* not implemented */ } - void ++void +audit_count_session_open(void) +{ + /* not necessary */ +} + -+void + void audit_session_open(struct logininfo *li) { - /* not implemented */ -@@ -391,6 +404,12 @@ audit_session_close(struct logininfo *li +@@ -391,6 +404,12 @@ audit_session_close(struct logininfo *li) /* not implemented */ } @@ -42,7 +91,7 @@ diff -up openssh-8.6p1/audit-bsm.c.audit openssh-8.6p1/audit-bsm.c void audit_event(struct ssh *ssh, ssh_audit_event_t event) { -@@ -452,4 +471,28 @@ audit_event(struct ssh *ssh, ssh_audit_e +@@ -452,4 +471,28 @@ audit_event(struct ssh *ssh, ssh_audit_event_t event) debug("%s: unhandled event %d", __func__, event); } } @@ -71,234 +120,10 @@ diff -up openssh-8.6p1/audit-bsm.c.audit openssh-8.6p1/audit-bsm.c + /* not implemented */ +} #endif /* BSM */ -diff -up openssh-8.6p1/audit.c.audit openssh-8.6p1/audit.c ---- openssh-8.6p1/audit.c.audit 2021-04-16 05:55:25.000000000 +0200 -+++ openssh-8.6p1/audit.c 2021-04-19 16:47:35.753062106 +0200 -@@ -34,6 +34,12 @@ - #include "log.h" - #include "hostfile.h" - #include "auth.h" -+#include "ssh-gss.h" -+#include "monitor_wrap.h" -+#include "xmalloc.h" -+#include "misc.h" -+#include "servconf.h" -+#include "ssherr.h" - - /* - * Care must be taken when using this since it WILL NOT be initialized when -@@ -41,6 +47,7 @@ - * audit_event(CONNECTION_ABANDON) is called. Test for NULL before using. - */ - extern Authctxt *the_authctxt; -+extern ServerOptions options; - - /* Maybe add the audit class to struct Authmethod? */ - ssh_audit_event_t -@@ -69,13 +76,10 @@ audit_classify_auth(const char *method) - const char * - audit_username(void) - { -- static const char unknownuser[] = "(unknown user)"; -- static const char invaliduser[] = "(invalid user)"; -+ static const char unknownuser[] = "(unknown)"; - -- if (the_authctxt == NULL || the_authctxt->user == NULL) -+ if (the_authctxt == NULL || the_authctxt->user == NULL || !the_authctxt->valid) - return (unknownuser); -- if (!the_authctxt->valid) -- return (invaliduser); - return (the_authctxt->user); - } - -@@ -109,6 +113,35 @@ audit_event_lookup(ssh_audit_event_t ev) - return(event_lookup[i].name); - } - -+void -+audit_key(struct ssh *ssh, int host_user, int *rv, const struct sshkey *key) -+{ -+ char *fp; -+ -+ fp = sshkey_fingerprint(key, options.fingerprint_hash, SSH_FP_HEX); -+ if (audit_keyusage(ssh, host_user, fp, (*rv == 0)) == 0) -+ *rv = -SSH_ERR_INTERNAL_ERROR; -+ free(fp); -+} -+ -+void -+audit_unsupported(struct ssh *ssh, int what) -+{ -+ mm_audit_unsupported_body(ssh, what); -+} -+ -+void -+audit_kex(struct ssh *ssh, int ctos, char *enc, char *mac, char *comp, char *pfs) -+{ -+ mm_audit_kex_body(ssh, ctos, enc, mac, comp, pfs, getpid(), getuid()); -+} -+ -+void -+audit_session_key_free(struct ssh *ssh, int ctos) -+{ -+ mm_audit_session_key_free_body(ssh, ctos, getpid(), getuid()); -+} -+ - # ifndef CUSTOM_SSH_AUDIT_EVENTS - /* - * Null implementations of audit functions. -@@ -138,6 +171,17 @@ audit_event(struct ssh *ssh, ssh_audit_e - } - - /* -+ * Called when a child process has called, or will soon call, -+ * audit_session_open. -+ */ -+void -+audit_count_session_open(void) -+{ -+ debug("audit count session open euid %d user %s", geteuid(), -+ audit_username()); -+} -+ -+/* - * Called when a user session is started. Argument is the tty allocated to - * the session, or NULL if no tty was allocated. - * -@@ -172,13 +216,82 @@ audit_session_close(struct logininfo *li - /* - * This will be called when a user runs a non-interactive command. Note that - * it may be called multiple times for a single connection since SSH2 allows -- * multiple sessions within a single connection. -+ * multiple sessions within a single connection. Returns a "handle" for -+ * audit_end_command. - */ --void --audit_run_command(const char *command) -+int -+audit_run_command(struct ssh *ssh, const char *command) - { - debug("audit run command euid %d user %s command '%.200s'", geteuid(), - audit_username(), command); -+ return 0; -+} -+ -+/* -+ * This will be called when the non-interactive command finishes. Note that -+ * it may be called multiple times for a single connection since SSH2 allows -+ * multiple sessions within a single connection. "handle" should come from -+ * the corresponding audit_run_command. -+ */ -+void -+audit_end_command(struct ssh *ssh, int handle, const char *command) -+{ -+ debug("audit end nopty exec euid %d user %s command '%.200s'", geteuid(), -+ audit_username(), command); -+} -+ -+/* -+ * This will be called when user is successfully autherized by the RSA1/RSA/DSA key. -+ * -+ * Type is the key type, len is the key length(byte) and fp is the fingerprint of the key. -+ */ -+int -+audit_keyusage(struct ssh *ssh, int host_user, char *fp, int rv) -+{ -+ debug("audit %s key usage euid %d user %s fingerprint %s, result %d", -+ host_user ? "pubkey" : "hostbased", geteuid(), audit_username(), -+ fp, rv); -+} -+ -+/* -+ * This will be called when the protocol negotiation fails. -+ */ -+void -+audit_unsupported_body(struct ssh *ssh, int what) -+{ -+ debug("audit unsupported protocol euid %d type %d", geteuid(), what); -+} -+ -+/* -+ * This will be called on succesfull protocol negotiation. -+ */ -+void -+audit_kex_body(struct ssh *ssh, int ctos, char *enc, char *mac, char *compress, char *pfs, pid_t pid, -+ uid_t uid) -+{ -+ debug("audit protocol negotiation euid %d direction %d cipher %s mac %s compresion %s pfs %s from pid %ld uid %u", -+ (unsigned)geteuid(), ctos, enc, mac, compress, pfs, (long)pid, -+ (unsigned)uid); -+} -+ -+/* -+ * This will be called on succesfull session key discard -+ */ -+void -+audit_session_key_free_body(struct ssh *, int ctos, pid_t pid, uid_t uid) -+{ -+ debug("audit session key discard euid %u direction %d from pid %ld uid %u", -+ (unsigned)geteuid(), ctos, (long)pid, (unsigned)uid); -+} -+ -+/* -+ * This will be called on destroy private part of the server key -+ */ -+void -+audit_destroy_sensitive_data(struct ssh *ssh, const char *fp, pid_t pid, uid_t uid) -+{ -+ debug("audit destroy sensitive data euid %d fingerprint %s from pid %ld uid %u", -+ geteuid(), fp, (long)pid, (unsigned)uid); - } - # endif /* !defined CUSTOM_SSH_AUDIT_EVENTS */ - #endif /* SSH_AUDIT_EVENTS */ -diff -up openssh-8.6p1/audit.h.audit openssh-8.6p1/audit.h ---- openssh-8.6p1/audit.h.audit 2021-04-16 05:55:25.000000000 +0200 -+++ openssh-8.6p1/audit.h 2021-04-19 16:47:35.753062106 +0200 -@@ -26,6 +26,7 @@ - # define _SSH_AUDIT_H - - #include "loginrec.h" -+#include "sshkey.h" - - struct ssh; - -@@ -45,13 +46,32 @@ enum ssh_audit_event_type { - SSH_CONNECTION_ABANDON, /* closed without completing auth */ - SSH_AUDIT_UNKNOWN - }; -+ -+enum ssh_audit_kex { -+ SSH_AUDIT_UNSUPPORTED_CIPHER, -+ SSH_AUDIT_UNSUPPORTED_MAC, -+ SSH_AUDIT_UNSUPPORTED_COMPRESSION -+}; - typedef enum ssh_audit_event_type ssh_audit_event_t; - -+int listening_for_clients(void); -+ - void audit_connection_from(const char *, int); - void audit_event(struct ssh *, ssh_audit_event_t); -+void audit_count_session_open(void); - void audit_session_open(struct logininfo *); - void audit_session_close(struct logininfo *); --void audit_run_command(const char *); -+int audit_run_command(struct ssh *, const char *); -+void audit_end_command(struct ssh *, int, const char *); - ssh_audit_event_t audit_classify_auth(const char *); -+int audit_keyusage(struct ssh *, int, char *, int); -+void audit_key(struct ssh *, int, int *, const struct sshkey *); -+void audit_unsupported(struct ssh *, int); -+void audit_kex(struct ssh *, int, char *, char *, char *, char *); -+void audit_unsupported_body(struct ssh *, int); -+void audit_kex_body(struct ssh *, int, char *, char *, char *, char *, pid_t, uid_t); -+void audit_session_key_free(struct ssh *, int ctos); -+void audit_session_key_free_body(struct ssh *, int ctos, pid_t, uid_t); -+void audit_destroy_sensitive_data(struct ssh *, const char *, pid_t, uid_t); - - #endif /* _SSH_AUDIT_H */ -diff -up openssh-8.6p1/audit-linux.c.audit openssh-8.6p1/audit-linux.c ---- openssh-8.6p1/audit-linux.c.audit 2021-04-16 05:55:25.000000000 +0200 -+++ openssh-8.6p1/audit-linux.c 2021-04-19 16:47:35.753062106 +0200 +diff --git a/audit-linux.c b/audit-linux.c +index 3fcbe5c5..d484b82b 100644 +--- a/audit-linux.c ++++ b/audit-linux.c @@ -33,27 +33,40 @@ #include "log.h" @@ -310,11 +135,10 @@ diff -up openssh-8.6p1/audit-linux.c.audit openssh-8.6p1/audit-linux.c +#include "servconf.h" #include "canohost.h" #include "packet.h" -- +#include "cipher.h" +#include "channels.h" +#include "session.h" -+ + +#define AUDIT_LOG_SIZE 256 + +extern ServerOptions options; @@ -348,7 +172,7 @@ diff -up openssh-8.6p1/audit-linux.c.audit openssh-8.6p1/audit-linux.c saved_errno = errno; close(audit_fd); -@@ -65,9 +78,96 @@ linux_audit_record_event(int uid, const +@@ -65,9 +78,96 @@ linux_audit_record_event(int uid, const char *username, const char *hostname, rc = 0; errno = saved_errno; @@ -446,7 +270,7 @@ diff -up openssh-8.6p1/audit-linux.c.audit openssh-8.6p1/audit-linux.c /* Below is the sshd audit API code */ void -@@ -76,49 +176,211 @@ audit_connection_from(const char *host, +@@ -76,49 +176,211 @@ audit_connection_from(const char *host, int port) /* not implemented */ } @@ -670,9 +494,238 @@ diff -up openssh-8.6p1/audit-linux.c.audit openssh-8.6p1/audit-linux.c + error("cannot write into audit"); +} #endif /* USE_LINUX_AUDIT */ -diff -up openssh-8.6p1/auditstub.c.audit openssh-8.6p1/auditstub.c ---- openssh-8.6p1/auditstub.c.audit 2021-04-19 16:47:35.754062114 +0200 -+++ openssh-8.6p1/auditstub.c 2021-04-19 16:47:35.754062114 +0200 +diff --git a/audit.c b/audit.c +index dd2f0355..d0433c3a 100644 +--- a/audit.c ++++ b/audit.c +@@ -34,6 +34,12 @@ + #include "log.h" + #include "hostfile.h" + #include "auth.h" ++#include "ssh-gss.h" ++#include "monitor_wrap.h" ++#include "xmalloc.h" ++#include "misc.h" ++#include "servconf.h" ++#include "ssherr.h" + + /* + * Care must be taken when using this since it WILL NOT be initialized when +@@ -41,6 +47,7 @@ + * audit_event(CONNECTION_ABANDON) is called. Test for NULL before using. + */ + extern Authctxt *the_authctxt; ++extern ServerOptions options; + + /* Maybe add the audit class to struct Authmethod? */ + ssh_audit_event_t +@@ -69,13 +76,10 @@ audit_classify_auth(const char *method) + const char * + audit_username(void) + { +- static const char unknownuser[] = "(unknown user)"; +- static const char invaliduser[] = "(invalid user)"; ++ static const char unknownuser[] = "(unknown)"; + +- if (the_authctxt == NULL || the_authctxt->user == NULL) ++ if (the_authctxt == NULL || the_authctxt->user == NULL || !the_authctxt->valid) + return (unknownuser); +- if (!the_authctxt->valid) +- return (invaliduser); + return (the_authctxt->user); + } + +@@ -109,6 +113,35 @@ audit_event_lookup(ssh_audit_event_t ev) + return(event_lookup[i].name); + } + ++void ++audit_key(struct ssh *ssh, int host_user, int *rv, const struct sshkey *key) ++{ ++ char *fp; ++ ++ fp = sshkey_fingerprint(key, options.fingerprint_hash, SSH_FP_HEX); ++ if (audit_keyusage(ssh, host_user, fp, (*rv == 0)) == 0) ++ *rv = -SSH_ERR_INTERNAL_ERROR; ++ free(fp); ++} ++ ++void ++audit_unsupported(struct ssh *ssh, int what) ++{ ++ mm_audit_unsupported_body(ssh, what); ++} ++ ++void ++audit_kex(struct ssh *ssh, int ctos, char *enc, char *mac, char *comp, char *pfs) ++{ ++ mm_audit_kex_body(ssh, ctos, enc, mac, comp, pfs, getpid(), getuid()); ++} ++ ++void ++audit_session_key_free(struct ssh *ssh, int ctos) ++{ ++ mm_audit_session_key_free_body(ssh, ctos, getpid(), getuid()); ++} ++ + # ifndef CUSTOM_SSH_AUDIT_EVENTS + /* + * Null implementations of audit functions. +@@ -137,6 +170,17 @@ audit_event(struct ssh *ssh, ssh_audit_event_t event) + audit_username(), event, audit_event_lookup(event)); + } + ++/* ++ * Called when a child process has called, or will soon call, ++ * audit_session_open. ++ */ ++void ++audit_count_session_open(void) ++{ ++ debug("audit count session open euid %d user %s", geteuid(), ++ audit_username()); ++} ++ + /* + * Called when a user session is started. Argument is the tty allocated to + * the session, or NULL if no tty was allocated. +@@ -172,13 +216,82 @@ audit_session_close(struct logininfo *li) + /* + * This will be called when a user runs a non-interactive command. Note that + * it may be called multiple times for a single connection since SSH2 allows +- * multiple sessions within a single connection. ++ * multiple sessions within a single connection. Returns a "handle" for ++ * audit_end_command. + */ +-void +-audit_run_command(const char *command) ++int ++audit_run_command(struct ssh *ssh, const char *command) + { + debug("audit run command euid %d user %s command '%.200s'", geteuid(), + audit_username(), command); ++ return 0; ++} ++ ++/* ++ * This will be called when the non-interactive command finishes. Note that ++ * it may be called multiple times for a single connection since SSH2 allows ++ * multiple sessions within a single connection. "handle" should come from ++ * the corresponding audit_run_command. ++ */ ++void ++audit_end_command(struct ssh *ssh, int handle, const char *command) ++{ ++ debug("audit end nopty exec euid %d user %s command '%.200s'", geteuid(), ++ audit_username(), command); ++} ++ ++/* ++ * This will be called when user is successfully autherized by the RSA1/RSA/DSA key. ++ * ++ * Type is the key type, len is the key length(byte) and fp is the fingerprint of the key. ++ */ ++int ++audit_keyusage(struct ssh *ssh, int host_user, char *fp, int rv) ++{ ++ debug("audit %s key usage euid %d user %s fingerprint %s, result %d", ++ host_user ? "pubkey" : "hostbased", geteuid(), audit_username(), ++ fp, rv); ++} ++ ++/* ++ * This will be called when the protocol negotiation fails. ++ */ ++void ++audit_unsupported_body(struct ssh *ssh, int what) ++{ ++ debug("audit unsupported protocol euid %d type %d", geteuid(), what); ++} ++ ++/* ++ * This will be called on succesfull protocol negotiation. ++ */ ++void ++audit_kex_body(struct ssh *ssh, int ctos, char *enc, char *mac, char *compress, char *pfs, pid_t pid, ++ uid_t uid) ++{ ++ debug("audit protocol negotiation euid %d direction %d cipher %s mac %s compresion %s pfs %s from pid %ld uid %u", ++ (unsigned)geteuid(), ctos, enc, mac, compress, pfs, (long)pid, ++ (unsigned)uid); ++} ++ ++/* ++ * This will be called on succesfull session key discard ++ */ ++void ++audit_session_key_free_body(struct ssh *, int ctos, pid_t pid, uid_t uid) ++{ ++ debug("audit session key discard euid %u direction %d from pid %ld uid %u", ++ (unsigned)geteuid(), ctos, (long)pid, (unsigned)uid); ++} ++ ++/* ++ * This will be called on destroy private part of the server key ++ */ ++void ++audit_destroy_sensitive_data(struct ssh *ssh, const char *fp, pid_t pid, uid_t uid) ++{ ++ debug("audit destroy sensitive data euid %d fingerprint %s from pid %ld uid %u", ++ geteuid(), fp, (long)pid, (unsigned)uid); + } + # endif /* !defined CUSTOM_SSH_AUDIT_EVENTS */ + #endif /* SSH_AUDIT_EVENTS */ +diff --git a/audit.h b/audit.h +index 38cb5ad3..45d66ccf 100644 +--- a/audit.h ++++ b/audit.h +@@ -26,6 +26,7 @@ + # define _SSH_AUDIT_H + + #include "loginrec.h" ++#include "sshkey.h" + + struct ssh; + +@@ -45,13 +46,32 @@ enum ssh_audit_event_type { + SSH_CONNECTION_ABANDON, /* closed without completing auth */ + SSH_AUDIT_UNKNOWN + }; ++ ++enum ssh_audit_kex { ++ SSH_AUDIT_UNSUPPORTED_CIPHER, ++ SSH_AUDIT_UNSUPPORTED_MAC, ++ SSH_AUDIT_UNSUPPORTED_COMPRESSION ++}; + typedef enum ssh_audit_event_type ssh_audit_event_t; + ++int listening_for_clients(void); ++ + void audit_connection_from(const char *, int); + void audit_event(struct ssh *, ssh_audit_event_t); ++void audit_count_session_open(void); + void audit_session_open(struct logininfo *); + void audit_session_close(struct logininfo *); +-void audit_run_command(const char *); ++int audit_run_command(struct ssh *, const char *); ++void audit_end_command(struct ssh *, int, const char *); + ssh_audit_event_t audit_classify_auth(const char *); ++int audit_keyusage(struct ssh *, int, char *, int); ++void audit_key(struct ssh *, int, int *, const struct sshkey *); ++void audit_unsupported(struct ssh *, int); ++void audit_kex(struct ssh *, int, char *, char *, char *, char *); ++void audit_unsupported_body(struct ssh *, int); ++void audit_kex_body(struct ssh *, int, char *, char *, char *, char *, pid_t, uid_t); ++void audit_session_key_free(struct ssh *, int ctos); ++void audit_session_key_free_body(struct ssh *, int ctos, pid_t, uid_t); ++void audit_destroy_sensitive_data(struct ssh *, const char *, pid_t, uid_t); + + #endif /* _SSH_AUDIT_H */ +diff --git a/auditstub.c b/auditstub.c +new file mode 100644 +index 00000000..639a798d +--- /dev/null ++++ b/auditstub.c @@ -0,0 +1,52 @@ +/* $Id: auditstub.c,v 1.1 jfch Exp $ */ + @@ -726,23 +779,47 @@ diff -up openssh-8.6p1/auditstub.c.audit openssh-8.6p1/auditstub.c +audit_session_key_free_body(struct ssh *ssh, int ctos, pid_t pid, uid_t uid) +{ +} -diff -up openssh-8.6p1/auth2.c.audit openssh-8.6p1/auth2.c ---- openssh-8.6p1/auth2.c.audit 2021-04-19 16:47:35.682061561 +0200 -+++ openssh-8.6p1/auth2.c 2021-04-19 16:47:35.754062114 +0200 -@@ -298,9 +298,6 @@ input_userauth_request(int type, u_int32 - authctxt->valid = 0; - /* Invalid user, fake password information */ - authctxt->pw = fakepw(); +diff --git a/auth.c b/auth.c +index e4578169..e10e804f 100644 +--- a/auth.c ++++ b/auth.c +@@ -501,9 +501,6 @@ getpwnamallow(struct ssh *ssh, const char *user) + record_failed_login(ssh, user, + auth_get_canonical_hostname(ssh, options.use_dns), "ssh"); + #endif -#ifdef SSH_AUDIT_EVENTS -- mm_audit_event(ssh, SSH_INVALID_USER); --#endif - } - #ifdef USE_PAM - if (options.use_pam) -diff -up openssh-8.6p1/auth2-hostbased.c.audit openssh-8.6p1/auth2-hostbased.c ---- openssh-8.6p1/auth2-hostbased.c.audit 2021-04-19 16:47:35.656061361 +0200 -+++ openssh-8.6p1/auth2-hostbased.c 2021-04-19 16:47:35.754062114 +0200 -@@ -158,7 +158,7 @@ userauth_hostbased(struct ssh *ssh) +- audit_event(ssh, SSH_INVALID_USER); +-#endif /* SSH_AUDIT_EVENTS */ + return (NULL); + } + if (!allowed_user(ssh, pw)) +diff --git a/auth.h b/auth.h +index 39163035..6be52d70 100644 +--- a/auth.h ++++ b/auth.h +@@ -215,6 +215,8 @@ struct sshkey *get_hostkey_private_by_type(int, int, struct ssh *); + int get_hostkey_index(struct sshkey *, int, struct ssh *); + int sshd_hostkey_sign(struct ssh *, struct sshkey *, struct sshkey *, + u_char **, size_t *, const u_char *, size_t, const char *); ++int hostbased_key_verify(struct ssh *, const struct sshkey *, const u_char *, size_t, ++ const u_char *, size_t, const char *, u_int, struct sshkey_sig_details **); + + /* Key / cert options linkage to auth layer */ + int auth_activate_options(struct ssh *, struct sshauthopt *); +@@ -240,6 +242,8 @@ int auth_check_authkey_line(struct passwd *, struct sshkey *, + char *, const char *, const char *, const char *, struct sshauthopt **); + int auth_check_authkeys_file(struct passwd *, FILE *, char *, + struct sshkey *, const char *, const char *, struct sshauthopt **); ++int user_key_verify(struct ssh *, const struct sshkey *, const u_char *, size_t, ++ const u_char *, size_t, const char *, u_int, struct sshkey_sig_details **); + FILE *auth_openkeyfile(const char *, struct passwd *, int); + FILE *auth_openprincipals(const char *, struct passwd *, int); + +diff --git a/auth2-hostbased.c b/auth2-hostbased.c +index a3be6e49..8cebaffd 100644 +--- a/auth2-hostbased.c ++++ b/auth2-hostbased.c +@@ -157,7 +157,7 @@ userauth_hostbased(struct ssh *ssh, const char *method) authenticated = 0; if (mm_hostbased_key_allowed(ssh, authctxt->pw, cuser, chost, key) && @@ -751,7 +828,7 @@ diff -up openssh-8.6p1/auth2-hostbased.c.audit openssh-8.6p1/auth2-hostbased.c sshbuf_ptr(b), sshbuf_len(b), pkalg, ssh->compat, NULL) == 0) authenticated = 1; -@@ -175,6 +175,20 @@ done: +@@ -174,6 +174,20 @@ done: return authenticated; } @@ -772,10 +849,11 @@ diff -up openssh-8.6p1/auth2-hostbased.c.audit openssh-8.6p1/auth2-hostbased.c /* return 1 if given hostkey is allowed */ int hostbased_key_allowed(struct ssh *ssh, struct passwd *pw, -diff -up openssh-8.6p1/auth2-pubkey.c.audit openssh-8.6p1/auth2-pubkey.c ---- openssh-8.6p1/auth2-pubkey.c.audit 2021-04-19 16:47:35.726061899 +0200 -+++ openssh-8.6p1/auth2-pubkey.c 2021-04-19 16:47:35.754062114 +0200 -@@ -213,7 +213,7 @@ userauth_pubkey(struct ssh *ssh) +diff --git a/auth2-pubkey.c b/auth2-pubkey.c +index 0d5ae0df..99cb810f 100644 +--- a/auth2-pubkey.c ++++ b/auth2-pubkey.c +@@ -235,7 +235,7 @@ userauth_pubkey(struct ssh *ssh, const char *method) /* test for correct signature */ authenticated = 0; if (mm_user_key_allowed(ssh, pw, key, 1, &authopts) && @@ -784,7 +862,7 @@ diff -up openssh-8.6p1/auth2-pubkey.c.audit openssh-8.6p1/auth2-pubkey.c sshbuf_ptr(b), sshbuf_len(b), (ssh->compat & SSH_BUG_SIGTYPE) == 0 ? pkalg : NULL, ssh->compat, &sig_details) == 0) { -@@ -305,6 +305,20 @@ done: +@@ -328,6 +328,20 @@ done: return authenticated; } @@ -805,43 +883,24 @@ diff -up openssh-8.6p1/auth2-pubkey.c.audit openssh-8.6p1/auth2-pubkey.c static int match_principals_file(struct passwd *pw, char *file, struct sshkey_cert *cert, struct sshauthopt **authoptsp) -diff -up openssh-8.6p1/auth.c.audit openssh-8.6p1/auth.c ---- openssh-8.6p1/auth.c.audit 2021-04-19 16:47:35.681061553 +0200 -+++ openssh-8.6p1/auth.c 2021-04-19 16:47:35.754062114 +0200 -@@ -597,9 +597,6 @@ getpwnamallow(struct ssh *ssh, const cha - record_failed_login(ssh, user, - auth_get_canonical_hostname(ssh, options.use_dns), "ssh"); - #endif +diff --git a/auth2.c b/auth2.c +index 8ec41de2..4a8515ea 100644 +--- a/auth2.c ++++ b/auth2.c +@@ -310,9 +310,6 @@ input_userauth_request(int type, u_int32_t seq, struct ssh *ssh) + authctxt->valid = 0; + /* Invalid user, fake password information */ + authctxt->pw = fakepw(); -#ifdef SSH_AUDIT_EVENTS -- audit_event(ssh, SSH_INVALID_USER); --#endif /* SSH_AUDIT_EVENTS */ - return (NULL); - } - if (!allowed_user(ssh, pw)) -diff -up openssh-8.6p1/auth.h.audit openssh-8.6p1/auth.h ---- openssh-8.6p1/auth.h.audit 2021-04-19 16:47:35.697061676 +0200 -+++ openssh-8.6p1/auth.h 2021-04-19 16:47:35.754062114 +0200 -@@ -212,6 +214,8 @@ struct sshkey *get_hostkey_private_by_ty - int get_hostkey_index(struct sshkey *, int, struct ssh *); - int sshd_hostkey_sign(struct ssh *, struct sshkey *, struct sshkey *, - u_char **, size_t *, const u_char *, size_t, const char *); -+int hostbased_key_verify(struct ssh *, const struct sshkey *, const u_char *, size_t, -+ const u_char *, size_t, const char *, u_int, struct sshkey_sig_details **); - - /* Key / cert options linkage to auth layer */ - int auth_activate_options(struct ssh *, struct sshauthopt *); -@@ -239,6 +241,8 @@ struct passwd * getpwnamallow(struct ssh - char *, const char *, const char *, const char *, struct sshauthopt **); - int auth_check_authkeys_file(struct passwd *, FILE *, char *, - struct sshkey *, const char *, const char *, struct sshauthopt **); -+int user_key_verify(struct ssh *, const struct sshkey *, const u_char *, size_t, -+ const u_char *, size_t, const char *, u_int, struct sshkey_sig_details **); - FILE *auth_openkeyfile(const char *, struct passwd *, int); - FILE *auth_openprincipals(const char *, struct passwd *, int); - -diff -up openssh-8.6p1/cipher.c.audit openssh-8.6p1/cipher.c ---- openssh-8.6p1/cipher.c.audit 2021-04-16 05:55:25.000000000 +0200 -+++ openssh-8.6p1/cipher.c 2021-04-19 16:47:35.755062122 +0200 +- mm_audit_event(ssh, SSH_INVALID_USER); +-#endif + } + #ifdef USE_PAM + if (options.use_pam) +diff --git a/cipher.c b/cipher.c +index 8a18da2d..57d55325 100644 +--- a/cipher.c ++++ b/cipher.c @@ -64,25 +64,6 @@ struct sshcipher_ctx { const struct sshcipher *cipher; }; @@ -868,7 +927,7 @@ diff -up openssh-8.6p1/cipher.c.audit openssh-8.6p1/cipher.c static const struct sshcipher ciphers[] = { #ifdef WITH_OPENSSL #ifndef OPENSSL_NO_DES -@@ -422,7 +403,7 @@ cipher_get_length(struct sshcipher_ctx * +@@ -420,7 +401,7 @@ cipher_get_length(struct sshcipher_ctx *cc, u_int *plenp, u_int seqnr, void cipher_free(struct sshcipher_ctx *cc) { @@ -877,9 +936,10 @@ diff -up openssh-8.6p1/cipher.c.audit openssh-8.6p1/cipher.c return; if ((cc->cipher->flags & CFLAG_CHACHAPOLY) != 0) { chachapoly_free(cc->cp_ctx); -diff -up openssh-8.6p1/cipher.h.audit openssh-8.6p1/cipher.h ---- openssh-8.6p1/cipher.h.audit 2021-04-16 05:55:25.000000000 +0200 -+++ openssh-8.6p1/cipher.h 2021-04-19 16:47:35.755062122 +0200 +diff --git a/cipher.h b/cipher.h +index 6533ff2b..2e05a021 100644 +--- a/cipher.h ++++ b/cipher.h @@ -47,7 +47,25 @@ #define CIPHER_ENCRYPT 1 #define CIPHER_DECRYPT 0 @@ -907,10 +967,11 @@ diff -up openssh-8.6p1/cipher.h.audit openssh-8.6p1/cipher.h struct sshcipher_ctx; const struct sshcipher *cipher_by_name(const char *); -diff -up openssh-8.6p1/kex.c.audit openssh-8.6p1/kex.c ---- openssh-8.6p1/kex.c.audit 2021-04-19 16:47:35.743062030 +0200 -+++ openssh-8.6p1/kex.c 2021-04-19 16:47:35.755062122 +0200 -@@ -65,6 +65,7 @@ +diff --git a/kex.c b/kex.c +index 8b200ff4..62f607d6 100644 +--- a/kex.c ++++ b/kex.c +@@ -68,6 +68,7 @@ #include "sshbuf.h" #include "digest.h" #include "xmalloc.h" @@ -918,7 +979,7 @@ diff -up openssh-8.6p1/kex.c.audit openssh-8.6p1/kex.c /* prototype */ static int kex_choose_conf(struct ssh *, uint32_t seq); -@@ -816,12 +817,16 @@ kex_start_rekex(struct ssh *ssh) +@@ -821,12 +822,16 @@ kex_start_rekex(struct ssh *ssh) } static int @@ -937,7 +998,7 @@ diff -up openssh-8.6p1/kex.c.audit openssh-8.6p1/kex.c if ((enc->cipher = cipher_by_name(name)) == NULL) { error_f("unsupported cipher %s", name); free(name); -@@ -842,8 +847,12 @@ choose_mac(struct ssh *ssh, struct sshma +@@ -847,8 +852,12 @@ choose_mac(struct ssh *ssh, struct sshmac *mac, char *client, char *server) { char *name = match_list(client, server, NULL); @@ -951,7 +1012,7 @@ diff -up openssh-8.6p1/kex.c.audit openssh-8.6p1/kex.c if (mac_setup(mac, name) < 0) { error_f("unsupported MAC %s", name); free(name); -@@ -856,12 +865,16 @@ choose_mac(struct ssh *ssh, struct sshma +@@ -861,12 +870,16 @@ choose_mac(struct ssh *ssh, struct sshmac *mac, char *client, char *server) } static int @@ -970,7 +1031,7 @@ diff -up openssh-8.6p1/kex.c.audit openssh-8.6p1/kex.c #ifdef WITH_ZLIB if (strcmp(name, "zlib@openssh.com") == 0) { comp->type = COMP_DELAYED; -@@ -1002,7 +1015,7 @@ kex_choose_conf(struct ssh *ssh) +@@ -1030,7 +1043,7 @@ kex_choose_conf(struct ssh *ssh, uint32_t seq) nenc = ctos ? PROPOSAL_ENC_ALGS_CTOS : PROPOSAL_ENC_ALGS_STOC; nmac = ctos ? PROPOSAL_MAC_ALGS_CTOS : PROPOSAL_MAC_ALGS_STOC; ncomp = ctos ? PROPOSAL_COMP_ALGS_CTOS : PROPOSAL_COMP_ALGS_STOC; @@ -979,7 +1040,7 @@ diff -up openssh-8.6p1/kex.c.audit openssh-8.6p1/kex.c sprop[nenc])) != 0) { kex->failed_choice = peer[nenc]; peer[nenc] = NULL; -@@ -1017,7 +1030,7 @@ kex_choose_conf(struct ssh *ssh) +@@ -1045,7 +1058,7 @@ kex_choose_conf(struct ssh *ssh, uint32_t seq) peer[nmac] = NULL; goto out; } @@ -988,7 +1049,7 @@ diff -up openssh-8.6p1/kex.c.audit openssh-8.6p1/kex.c sprop[ncomp])) != 0) { kex->failed_choice = peer[ncomp]; peer[ncomp] = NULL; -@@ -1040,6 +1053,10 @@ kex_choose_conf(struct ssh *ssh) +@@ -1068,6 +1081,10 @@ kex_choose_conf(struct ssh *ssh, uint32_t seq) dh_need = MAXIMUM(dh_need, newkeys->enc.block_size); dh_need = MAXIMUM(dh_need, newkeys->enc.iv_len); dh_need = MAXIMUM(dh_need, newkeys->mac.key_len); @@ -999,7 +1060,7 @@ diff -up openssh-8.6p1/kex.c.audit openssh-8.6p1/kex.c } /* XXX need runden? */ kex->we_need = need; -@@ -1297,6 +1314,36 @@ dump_digest(const char *msg, const u_cha +@@ -1337,6 +1354,36 @@ dump_digest(const char *msg, const u_char *digest, int len) } #endif @@ -1036,10 +1097,11 @@ diff -up openssh-8.6p1/kex.c.audit openssh-8.6p1/kex.c /* * Send a plaintext error message to the peer, suffixed by \r\n. * Only used during banner exchange, and there only for the server. -diff -up openssh-8.6p1/kex.h.audit openssh-8.6p1/kex.h ---- openssh-8.6p1/kex.h.audit 2021-04-19 16:47:35.683061568 +0200 -+++ openssh-8.6p1/kex.h 2021-04-19 16:47:35.756062129 +0200 -@@ -226,6 +226,8 @@ int kexgss_client(struct ssh *); +diff --git a/kex.h b/kex.h +index 0e080ea3..6a55aadf 100644 +--- a/kex.h ++++ b/kex.h +@@ -255,6 +255,8 @@ int kexgss_client(struct ssh *); int kexgss_server(struct ssh *); #endif @@ -1048,9 +1110,10 @@ diff -up openssh-8.6p1/kex.h.audit openssh-8.6p1/kex.h int kex_dh_keypair(struct kex *); int kex_dh_enc(struct kex *, const struct sshbuf *, struct sshbuf **, struct sshbuf **); -diff -up openssh-8.6p1/mac.c.audit openssh-8.6p1/mac.c ---- openssh-8.6p1/mac.c.audit 2021-04-16 05:55:25.000000000 +0200 -+++ openssh-8.6p1/mac.c 2021-04-19 16:47:35.756062129 +0200 +diff --git a/mac.c b/mac.c +index f3dda669..bf051baa 100644 +--- a/mac.c ++++ b/mac.c @@ -239,6 +239,20 @@ mac_clear(struct sshmac *mac) mac->umac_ctx = NULL; } @@ -1072,31 +1135,21 @@ diff -up openssh-8.6p1/mac.c.audit openssh-8.6p1/mac.c /* XXX copied from ciphers_valid */ #define MAC_SEP "," int -diff -up openssh-8.6p1/mac.h.audit openssh-8.6p1/mac.h ---- openssh-8.6p1/mac.h.audit 2021-04-16 05:55:25.000000000 +0200 -+++ openssh-8.6p1/mac.h 2021-04-19 16:47:35.756062129 +0200 -@@ -49,5 +49,6 @@ int mac_compute(struct sshmac *, u_int3 +diff --git a/mac.h b/mac.h +index 0b119d7a..5fb593b9 100644 +--- a/mac.h ++++ b/mac.h +@@ -49,5 +49,6 @@ int mac_compute(struct sshmac *, u_int32_t, const u_char *, int, int mac_check(struct sshmac *, u_int32_t, const u_char *, size_t, const u_char *, size_t); void mac_clear(struct sshmac *); +void mac_destroy(struct sshmac *); #endif /* SSHMAC_H */ -diff -up openssh-8.6p1/Makefile.in.audit openssh-8.6p1/Makefile.in ---- openssh-8.6p1/Makefile.in.audit 2021-04-19 16:47:35.731061937 +0200 -+++ openssh-8.6p1/Makefile.in 2021-04-19 16:47:35.756062129 +0200 -@@ -112,7 +112,7 @@ LIBSSH_OBJS=${LIBOPENSSH_OBJS} \ - kexsntrup761x25519.o kexmlkem768x25519.o sntrup761.o kexgen.o \ - kexgssc.o \ - sftp-realpath.o platform-pledge.o platform-tracing.o platform-misc.o \ -- sshbuf-io.o -+ sshbuf-io.o auditstub.o - - SKOBJS= ssh-sk-client.o - -diff -up openssh-8.6p1/monitor.c.audit openssh-8.6p1/monitor.c ---- openssh-8.6p1/monitor.c.audit 2021-04-19 16:47:35.707061753 +0200 -+++ openssh-8.6p1/monitor.c 2021-04-19 16:47:35.756062129 +0200 +diff --git a/monitor.c b/monitor.c +index 43c10a4e..fbc35782 100644 +--- a/monitor.c ++++ b/monitor.c @@ -93,6 +93,7 @@ #include "compat.h" #include "ssh2.h" @@ -1105,8 +1158,8 @@ diff -up openssh-8.6p1/monitor.c.audit openssh-8.6p1/monitor.c #include "match.h" #include "ssherr.h" #include "sk-api.h" -@@ -107,6 +108,8 @@ extern u_int utmp_len; - extern struct sshbuf *loginmsg; +@@ -110,6 +111,8 @@ extern struct sshbuf *loginmsg; + extern struct include_list includes; extern struct sshauthopt *auth_opts; /* XXX move to permanent ssh->authctxt? */ +extern void destroy_sensitive_data(struct ssh *); @@ -1114,7 +1167,7 @@ diff -up openssh-8.6p1/monitor.c.audit openssh-8.6p1/monitor.c /* State exported from the child */ static struct sshbuf *child_state; -@@ -157,6 +160,11 @@ int mm_answer_gss_updatecreds(struct ssh +@@ -154,6 +157,11 @@ int mm_answer_gss_updatecreds(struct ssh *, int, struct sshbuf *); #ifdef SSH_AUDIT_EVENTS int mm_answer_audit_event(struct ssh *, int, struct sshbuf *); int mm_answer_audit_command(struct ssh *, int, struct sshbuf *); @@ -1126,7 +1179,7 @@ diff -up openssh-8.6p1/monitor.c.audit openssh-8.6p1/monitor.c #endif static Authctxt *authctxt; -@@ -215,6 +223,10 @@ struct mon_table mon_dispatch_proto20[] +@@ -214,6 +222,10 @@ struct mon_table mon_dispatch_proto20[] = { #endif #ifdef SSH_AUDIT_EVENTS {MONITOR_REQ_AUDIT_EVENT, MON_PERMIT, mm_answer_audit_event}, @@ -1137,7 +1190,7 @@ diff -up openssh-8.6p1/monitor.c.audit openssh-8.6p1/monitor.c #endif #ifdef BSD_AUTH {MONITOR_REQ_BSDAUTHQUERY, MON_ISAUTH, mm_answer_bsdauthquery}, -@@ -249,6 +261,11 @@ struct mon_table mon_dispatch_postauth20 +@@ -249,6 +261,11 @@ struct mon_table mon_dispatch_postauth20[] = { #ifdef SSH_AUDIT_EVENTS {MONITOR_REQ_AUDIT_EVENT, MON_PERMIT, mm_answer_audit_event}, {MONITOR_REQ_AUDIT_COMMAND, MON_PERMIT, mm_answer_audit_command}, @@ -1149,7 +1202,7 @@ diff -up openssh-8.6p1/monitor.c.audit openssh-8.6p1/monitor.c #endif {0, 0, NULL} }; -@@ -1444,8 +1461,10 @@ mm_answer_keyverify(struct ssh *ssh, int +@@ -1569,8 +1586,10 @@ mm_answer_keyverify(struct ssh *ssh, int sock, struct sshbuf *m) int r, ret, req_presence = 0, req_verify = 0, valid_data = 0; int encoded_ret; struct sshkey_sig_details *sig_details = NULL; @@ -1161,7 +1214,7 @@ diff -up openssh-8.6p1/monitor.c.audit openssh-8.6p1/monitor.c (r = sshbuf_get_string_direct(m, &signature, &signaturelen)) != 0 || (r = sshbuf_get_string_direct(m, &data, &datalen)) != 0 || (r = sshbuf_get_cstring(m, &sigalg, NULL)) != 0) -@@ -1454,6 +1473,8 @@ mm_answer_keyverify(struct ssh *ssh, int +@@ -1579,6 +1598,8 @@ mm_answer_keyverify(struct ssh *ssh, int sock, struct sshbuf *m) if (hostbased_cuser == NULL || hostbased_chost == NULL || !monitor_allowed_key(blob, bloblen)) fatal_f("bad key, not previously allowed"); @@ -1170,7 +1223,7 @@ diff -up openssh-8.6p1/monitor.c.audit openssh-8.6p1/monitor.c /* Empty signature algorithm means NULL. */ if (*sigalg == '\0') { -@@ -1469,14 +1490,19 @@ mm_answer_keyverify(struct ssh *ssh, int +@@ -1594,14 +1615,19 @@ mm_answer_keyverify(struct ssh *ssh, int sock, struct sshbuf *m) case MM_USERKEY: valid_data = monitor_valid_userblob(ssh, data, datalen); auth_method = "publickey"; @@ -1190,16 +1243,16 @@ diff -up openssh-8.6p1/monitor.c.audit openssh-8.6p1/monitor.c break; } if (!valid_data) -@@ -1488,8 +1514,6 @@ mm_answer_keyverify(struct ssh *ssh, int +@@ -1613,8 +1639,6 @@ mm_answer_keyverify(struct ssh *ssh, int sock, struct sshbuf *m) SSH_FP_DEFAULT)) == NULL) fatal_f("sshkey_fingerprint failed"); - ret = sshkey_verify(key, signature, signaturelen, data, datalen, - sigalg, ssh->compat, &sig_details); - debug3_f("%s %s signature using %s %s%s%s", auth_method, - sshkey_type(key), sigalg == NULL ? "default" : sigalg, - (ret == 0) ? "verified" : "unverified", -@@ -1576,13 +1600,19 @@ mm_record_login(struct ssh *ssh, Session + debug3_f("%s %s signature using %s %s%s%s", auth_method, + sshkey_type(key), sigalg == NULL ? "default" : sigalg, + (ret == 0) ? "verified" : "unverified", +@@ -1702,13 +1726,19 @@ mm_record_login(struct ssh *ssh, Session *s, struct passwd *pw) } static void @@ -1220,7 +1273,7 @@ diff -up openssh-8.6p1/monitor.c.audit openssh-8.6p1/monitor.c session_unused(s->self); } -@@ -1649,7 +1679,7 @@ mm_answer_pty(struct ssh *ssh, int sock, +@@ -1775,7 +1805,7 @@ mm_answer_pty(struct ssh *ssh, int sock, struct sshbuf *m) error: if (s != NULL) @@ -1229,7 +1282,7 @@ diff -up openssh-8.6p1/monitor.c.audit openssh-8.6p1/monitor.c if ((r = sshbuf_put_u32(m, 0)) != 0) fatal_fr(r, "assemble 0"); mm_request_send(sock, MONITOR_ANS_PTY, m); -@@ -1668,7 +1698,7 @@ mm_answer_pty_cleanup(struct ssh *ssh, i +@@ -1794,7 +1824,7 @@ mm_answer_pty_cleanup(struct ssh *ssh, int sock, struct sshbuf *m) if ((r = sshbuf_get_cstring(m, &tty, NULL)) != 0) fatal_fr(r, "parse tty"); if ((s = session_by_tty(tty)) != NULL) @@ -1238,7 +1291,7 @@ diff -up openssh-8.6p1/monitor.c.audit openssh-8.6p1/monitor.c sshbuf_reset(m); free(tty); return (0); -@@ -1690,6 +1720,8 @@ mm_answer_term(struct ssh *ssh, int sock +@@ -1816,6 +1846,8 @@ mm_answer_term(struct ssh *ssh, int sock, struct sshbuf *req) sshpam_cleanup(); #endif @@ -1247,7 +1300,7 @@ diff -up openssh-8.6p1/monitor.c.audit openssh-8.6p1/monitor.c while (waitpid(pmonitor->m_pid, &status, 0) == -1) if (errno != EINTR) exit(1); -@@ -1736,12 +1768,47 @@ mm_answer_audit_command(struct ssh *ssh, +@@ -1862,12 +1894,47 @@ mm_answer_audit_command(struct ssh *ssh, int socket, struct sshbuf *m) { char *cmd; int r; @@ -1296,7 +1349,7 @@ diff -up openssh-8.6p1/monitor.c.audit openssh-8.6p1/monitor.c free(cmd); return (0); } -@@ -1813,6 +1880,7 @@ monitor_apply_keystate(struct ssh *ssh, +@@ -1940,6 +2007,7 @@ monitor_apply_keystate(struct ssh *ssh, struct monitor *pmonitor) void mm_get_keystate(struct ssh *ssh, struct monitor *pmonitor) { @@ -1304,7 +1357,7 @@ diff -up openssh-8.6p1/monitor.c.audit openssh-8.6p1/monitor.c debug3_f("Waiting for new keys"); if ((child_state = sshbuf_new()) == NULL) -@@ -1820,6 +1888,19 @@ mm_get_keystate(struct ssh *ssh, struct +@@ -1947,6 +2015,19 @@ mm_get_keystate(struct ssh *ssh, struct monitor *pmonitor) mm_request_receive_expect(pmonitor->m_sendfd, MONITOR_REQ_KEYEXPORT, child_state); debug3_f("GOT new keys"); @@ -1324,7 +1377,7 @@ diff -up openssh-8.6p1/monitor.c.audit openssh-8.6p1/monitor.c } -@@ -2111,3 +2192,102 @@ mm_answer_gss_updatecreds(struct ssh *ss +@@ -2234,3 +2315,102 @@ mm_answer_gss_updatecreds(struct ssh *ssh, int socket, struct sshbuf *m) { #endif /* GSSAPI */ @@ -1427,10 +1480,11 @@ diff -up openssh-8.6p1/monitor.c.audit openssh-8.6p1/monitor.c + return 0; +} +#endif /* SSH_AUDIT_EVENTS */ -diff -up openssh-8.6p1/monitor.h.audit openssh-8.6p1/monitor.h ---- openssh-8.6p1/monitor.h.audit 2021-04-19 16:47:35.707061753 +0200 -+++ openssh-8.6p1/monitor.h 2021-04-19 16:47:35.757062137 +0200 -@@ -65,7 +65,13 @@ enum monitor_reqtype { +diff --git a/monitor.h b/monitor.h +index d4d631dd..2c64f07d 100644 +--- a/monitor.h ++++ b/monitor.h +@@ -66,7 +66,13 @@ enum monitor_reqtype { MONITOR_REQ_PAM_QUERY = 106, MONITOR_ANS_PAM_QUERY = 107, MONITOR_REQ_PAM_RESPOND = 108, MONITOR_ANS_PAM_RESPOND = 109, MONITOR_REQ_PAM_FREE_CTX = 110, MONITOR_ANS_PAM_FREE_CTX = 111, @@ -1445,10 +1499,11 @@ diff -up openssh-8.6p1/monitor.h.audit openssh-8.6p1/monitor.h MONITOR_REQ_GSSSIGN = 150, MONITOR_ANS_GSSSIGN = 151, MONITOR_REQ_GSSUPCREDS = 152, MONITOR_ANS_GSSUPCREDS = 153, -diff -up openssh-8.6p1/monitor_wrap.c.audit openssh-8.6p1/monitor_wrap.c ---- openssh-8.6p1/monitor_wrap.c.audit 2021-04-19 16:47:35.685061584 +0200 -+++ openssh-8.6p1/monitor_wrap.c 2021-04-19 16:47:35.757062137 +0200 -@@ -520,7 +520,7 @@ mm_key_allowed(enum mm_keytype type, con +diff --git a/monitor_wrap.c b/monitor_wrap.c +index b6e3b3f3..1a079c15 100644 +--- a/monitor_wrap.c ++++ b/monitor_wrap.c +@@ -567,7 +567,7 @@ mm_key_allowed(enum mm_keytype type, const char *user, const char *host, */ int @@ -1457,7 +1512,7 @@ diff -up openssh-8.6p1/monitor_wrap.c.audit openssh-8.6p1/monitor_wrap.c const u_char *data, size_t datalen, const char *sigalg, u_int compat, struct sshkey_sig_details **sig_detailsp) { -@@ -536,7 +536,8 @@ mm_sshkey_verify(const struct sshkey *ke +@@ -583,7 +583,8 @@ mm_sshkey_verify(const struct sshkey *key, const u_char *sig, size_t siglen, *sig_detailsp = NULL; if ((m = sshbuf_new()) == NULL) fatal_f("sshbuf_new failed"); @@ -1467,7 +1522,7 @@ diff -up openssh-8.6p1/monitor_wrap.c.audit openssh-8.6p1/monitor_wrap.c (r = sshbuf_put_string(m, sig, siglen)) != 0 || (r = sshbuf_put_string(m, data, datalen)) != 0 || (r = sshbuf_put_cstring(m, sigalg == NULL ? "" : sigalg)) != 0) -@@ -569,6 +570,22 @@ mm_sshkey_verify(const struct sshkey *ke +@@ -616,6 +617,22 @@ mm_sshkey_verify(const struct sshkey *key, const u_char *sig, size_t siglen, return 0; } @@ -1490,7 +1545,7 @@ diff -up openssh-8.6p1/monitor_wrap.c.audit openssh-8.6p1/monitor_wrap.c void mm_send_keystate(struct ssh *ssh, struct monitor *monitor) { -@@ -921,11 +938,12 @@ mm_audit_event(struct ssh *ssh, ssh_audi +@@ -1032,11 +1049,12 @@ mm_audit_event(struct ssh *ssh, ssh_audit_event_t event) sshbuf_free(m); } @@ -1505,7 +1560,7 @@ diff -up openssh-8.6p1/monitor_wrap.c.audit openssh-8.6p1/monitor_wrap.c debug3("%s entering command %s", __func__, command); -@@ -935,6 +953,30 @@ mm_audit_run_command(const char *command +@@ -1046,6 +1064,30 @@ mm_audit_run_command(const char *command) fatal("%s: buffer error: %s", __func__, ssh_err(r)); mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_AUDIT_COMMAND, m); @@ -1536,7 +1591,7 @@ diff -up openssh-8.6p1/monitor_wrap.c.audit openssh-8.6p1/monitor_wrap.c sshbuf_free(m); } #endif /* SSH_AUDIT_EVENTS */ -@@ -1095,3 +1137,83 @@ mm_ssh_gssapi_update_creds(ssh_gssapi_cc +@@ -1294,3 +1336,83 @@ server_get_connection_info(struct ssh *ssh, int populate, int use_dns) return &ci; } @@ -1620,10 +1675,11 @@ diff -up openssh-8.6p1/monitor_wrap.c.audit openssh-8.6p1/monitor_wrap.c + sshbuf_free(m); +} +#endif /* SSH_AUDIT_EVENTS */ -diff -up openssh-8.6p1/monitor_wrap.h.audit openssh-8.6p1/monitor_wrap.h ---- openssh-8.6p1/monitor_wrap.h.audit 2021-04-19 16:47:35.685061584 +0200 -+++ openssh-8.6p1/monitor_wrap.h 2021-04-19 16:47:35.757062137 +0200 -@@ -61,7 +61,9 @@ int mm_user_key_allowed(struct ssh *, st +diff --git a/monitor_wrap.h b/monitor_wrap.h +index 672dce52..661ed63b 100644 +--- a/monitor_wrap.h ++++ b/monitor_wrap.h +@@ -58,7 +58,9 @@ int mm_user_key_allowed(struct ssh *ssh, struct passwd *, struct sshkey *, int, struct sshauthopt **); int mm_hostbased_key_allowed(struct ssh *, struct passwd *, const char *, const char *, struct sshkey *); @@ -1634,7 +1690,7 @@ diff -up openssh-8.6p1/monitor_wrap.h.audit openssh-8.6p1/monitor_wrap.h const u_char *, size_t, const char *, u_int, struct sshkey_sig_details **); void mm_decode_activate_server_options(struct ssh *ssh, struct sshbuf *m); -@@ -86,7 +88,12 @@ void mm_sshpam_free_ctx(void *); +@@ -85,7 +87,12 @@ void mm_sshpam_free_ctx(void *); #ifdef SSH_AUDIT_EVENTS #include "audit.h" void mm_audit_event(struct ssh *, ssh_audit_event_t); @@ -1648,9 +1704,10 @@ diff -up openssh-8.6p1/monitor_wrap.h.audit openssh-8.6p1/monitor_wrap.h #endif struct Session; -diff -up openssh-8.6p1/packet.c.audit openssh-8.6p1/packet.c ---- openssh-8.6p1/packet.c.audit 2021-04-16 05:55:25.000000000 +0200 -+++ openssh-8.6p1/packet.c 2021-04-19 16:48:46.885608837 +0200 +diff --git a/packet.c b/packet.c +index 9dea2cfc..344b5f54 100644 +--- a/packet.c ++++ b/packet.c @@ -81,6 +81,7 @@ #endif @@ -1659,7 +1716,7 @@ diff -up openssh-8.6p1/packet.c.audit openssh-8.6p1/packet.c #include "compat.h" #include "ssh2.h" #include "cipher.h" -@@ -506,6 +507,13 @@ ssh_packet_get_connection_out(struct ssh +@@ -506,6 +507,13 @@ ssh_packet_get_connection_out(struct ssh *ssh) return ssh->state->connection_out; } @@ -1673,7 +1730,7 @@ diff -up openssh-8.6p1/packet.c.audit openssh-8.6p1/packet.c /* * Returns the IP-address of the remote host as a string. The returned * string must not be freed. -@@ -583,22 +591,19 @@ ssh_packet_close_internal(struct ssh *ss +@@ -675,22 +683,19 @@ ssh_packet_close_internal(struct ssh *ssh, int do_close) { struct session_state *state = ssh->state; u_int mode; @@ -1701,7 +1758,7 @@ diff -up openssh-8.6p1/packet.c.audit openssh-8.6p1/packet.c for (mode = 0; mode < MODE_MAX; mode++) { kex_free_newkeys(state->newkeys[mode]); /* current keys */ state->newkeys[mode] = NULL; -@@ -634,8 +639,18 @@ ssh_packet_close_internal(struct ssh *ss +@@ -726,8 +731,18 @@ ssh_packet_close_internal(struct ssh *ssh, int do_close) #endif /* WITH_ZLIB */ cipher_free(state->send_context); cipher_free(state->receive_context); @@ -1720,7 +1777,7 @@ diff -up openssh-8.6p1/packet.c.audit openssh-8.6p1/packet.c free(ssh->local_ipaddr); ssh->local_ipaddr = NULL; free(ssh->remote_ipaddr); -@@ -892,6 +907,7 @@ ssh_set_newkeys(struct ssh *ssh, int mod +@@ -984,6 +999,7 @@ ssh_set_newkeys(struct ssh *ssh, int mode) (unsigned long long)state->p_send.bytes, (unsigned long long)state->p_send.blocks); kex_free_newkeys(state->newkeys[mode]); @@ -1728,7 +1785,7 @@ diff -up openssh-8.6p1/packet.c.audit openssh-8.6p1/packet.c state->newkeys[mode] = NULL; } /* note that both bytes and the seqnr are not reset */ -@@ -2173,6 +2189,72 @@ ssh_packet_get_output(struct ssh *ssh) +@@ -2325,6 +2341,72 @@ ssh_packet_get_output(struct ssh *ssh) return (void *)ssh->state->output; } @@ -1801,19 +1858,21 @@ diff -up openssh-8.6p1/packet.c.audit openssh-8.6p1/packet.c /* Reset after_authentication and reset compression in post-auth privsep */ static int ssh_packet_set_postauth(struct ssh *ssh) -diff -up openssh-8.6p1/packet.h.audit openssh-8.6p1/packet.h ---- openssh-8.6p1/packet.h.audit 2021-04-16 05:55:25.000000000 +0200 -+++ openssh-8.6p1/packet.h 2021-04-19 16:47:35.758062145 +0200 -@@ -218,4 +218,5 @@ const u_char *sshpkt_ptr(struct ssh *, s +diff --git a/packet.h b/packet.h +index 49bb87f0..44a39a9e 100644 +--- a/packet.h ++++ b/packet.h +@@ -223,4 +223,5 @@ const u_char *sshpkt_ptr(struct ssh *, size_t *lenp); # undef EC_POINT #endif +void packet_destroy_all(struct ssh *, int, int); #endif /* PACKET_H */ -diff -up openssh-8.6p1/session.c.audit openssh-8.6p1/session.c ---- openssh-8.6p1/session.c.audit 2021-04-19 16:47:35.722061868 +0200 -+++ openssh-8.6p1/session.c 2021-04-19 16:47:35.758062145 +0200 -@@ -136,7 +136,7 @@ extern char *__progname; +diff --git a/session.c b/session.c +index 28bbb8a7..83fc9418 100644 +--- a/session.c ++++ b/session.c +@@ -145,7 +145,7 @@ extern char *__progname; extern int debug_flag; extern u_int utmp_len; extern int startup_pipe; @@ -1822,7 +1881,7 @@ diff -up openssh-8.6p1/session.c.audit openssh-8.6p1/session.c extern struct sshbuf *loginmsg; extern struct sshauthopt *auth_opts; extern char *tun_fwd_ifnames; /* serverloop.c */ -@@ -644,6 +644,14 @@ do_exec_pty(struct ssh *ssh, Session *s, +@@ -653,6 +653,14 @@ do_exec_pty(struct ssh *ssh, Session *s, const char *command) /* Parent. Close the slave side of the pseudo tty. */ close(ttyfd); @@ -1837,7 +1896,7 @@ diff -up openssh-8.6p1/session.c.audit openssh-8.6p1/session.c /* Enter interactive session. */ s->ptymaster = ptymaster; ssh_packet_set_interactive(ssh, 1, -@@ -736,15 +744,19 @@ do_exec(struct ssh *ssh, Session *s, con +@@ -745,15 +753,19 @@ do_exec(struct ssh *ssh, Session *s, const char *command) s->self); #ifdef SSH_AUDIT_EVENTS @@ -1859,11 +1918,10 @@ diff -up openssh-8.6p1/session.c.audit openssh-8.6p1/session.c #endif if (s->ttyfd != -1) ret = do_exec_pty(ssh, s, command); -@@ -1550,8 +1562,11 @@ do_child(struct ssh *ssh, Session *s, co +@@ -1538,7 +1550,11 @@ do_child(struct ssh *ssh, Session *s, const char *command) sshpkt_fmt_connection_id(ssh, remote_id, sizeof(remote_id)); - /* remove hostkey from the child's memory */ -- destroy_sensitive_data(); + /* remove keys from memory */ + destroy_sensitive_data(ssh); ssh_packet_clear_keys(ssh); + /* Don't audit this - both us and the parent would be talking to the @@ -1872,7 +1930,7 @@ diff -up openssh-8.6p1/session.c.audit openssh-8.6p1/session.c /* Force a password change */ if (s->authctxt->force_pwchange) { -@@ -1763,6 +1778,9 @@ session_unused(int id) +@@ -1750,6 +1766,9 @@ session_unused(int id) sessions[id].ttyfd = -1; sessions[id].ptymaster = -1; sessions[id].x11_chanids = NULL; @@ -1882,10 +1940,11 @@ diff -up openssh-8.6p1/session.c.audit openssh-8.6p1/session.c sessions[id].next_unused = sessions_first_unused; sessions_first_unused = id; } -@@ -1843,6 +1861,19 @@ session_open(Authctxt *authctxt, int cha +@@ -1828,6 +1847,19 @@ session_open(Authctxt *authctxt, int chanid) + return 1; } - Session * ++Session * +session_by_id(int id) +{ + if (id >= 0 && id < sessions_nalloc) { @@ -1898,11 +1957,10 @@ diff -up openssh-8.6p1/session.c.audit openssh-8.6p1/session.c + return NULL; +} + -+Session * + Session * session_by_tty(char *tty) { - int i; -@@ -2450,6 +2481,32 @@ session_exit_message(struct ssh *ssh, Se +@@ -2445,6 +2477,32 @@ session_exit_message(struct ssh *ssh, Session *s, int status) chan_write_failed(ssh, c); } @@ -1935,7 +1993,7 @@ diff -up openssh-8.6p1/session.c.audit openssh-8.6p1/session.c void session_close(struct ssh *ssh, Session *s) { -@@ -2463,6 +2520,10 @@ session_close(struct ssh *ssh, Session * +@@ -2458,6 +2516,10 @@ session_close(struct ssh *ssh, Session *s) if (s->ttyfd != -1) session_pty_cleanup(s); @@ -1946,7 +2004,7 @@ diff -up openssh-8.6p1/session.c.audit openssh-8.6p1/session.c free(s->term); free(s->display); free(s->x11_chanids); -@@ -2537,14 +2598,14 @@ session_close_by_channel(struct ssh *ssh +@@ -2534,14 +2596,14 @@ session_close_by_channel(struct ssh *ssh, int id, int force, void *arg) } void @@ -1963,7 +2021,7 @@ diff -up openssh-8.6p1/session.c.audit openssh-8.6p1/session.c else session_close(ssh, s); } -@@ -2671,6 +2732,15 @@ do_authenticated2(struct ssh *ssh, Authc +@@ -2668,6 +2730,15 @@ do_authenticated2(struct ssh *ssh, Authctxt *authctxt) server_loop2(ssh, authctxt); } @@ -1979,7 +2037,7 @@ diff -up openssh-8.6p1/session.c.audit openssh-8.6p1/session.c void do_cleanup(struct ssh *ssh, Authctxt *authctxt) { -@@ -2734,7 +2804,7 @@ do_cleanup(struct ssh *ssh, Authctxt *au +@@ -2731,7 +2802,7 @@ do_cleanup(struct ssh *ssh, Authctxt *authctxt) * or if running in monitor. */ if (mm_is_monitor()) @@ -1988,9 +2046,10 @@ diff -up openssh-8.6p1/session.c.audit openssh-8.6p1/session.c } /* Return a name for the remote host that fits inside utmp_size */ -diff -up openssh-8.6p1/session.h.audit openssh-8.6p1/session.h ---- openssh-8.6p1/session.h.audit 2021-04-16 05:55:25.000000000 +0200 -+++ openssh-8.6p1/session.h 2021-04-19 16:47:35.758062145 +0200 +diff --git a/session.h b/session.h +index 344a1ddf..a41c6efc 100644 +--- a/session.h ++++ b/session.h @@ -61,6 +61,12 @@ struct Session { char *name; char *val; @@ -2018,53 +2077,25 @@ diff -up openssh-8.6p1/session.h.audit openssh-8.6p1/session.h Session *session_by_tty(char *); void session_close(struct ssh *, Session *); void do_setusercontext(struct passwd *); -diff -up openssh-8.6p1/sshd.c.audit openssh-8.6p1/sshd.c ---- openssh-8.6p1/sshd.c.audit 2021-04-19 16:47:35.727061907 +0200 -+++ openssh-8.6p1/sshd.c 2021-04-19 16:47:35.759062152 +0200 -@@ -279,6 +280,15 @@ close_listen_socks(void) - num_listen_socks = 0; - } - -+/* -+ * Is this process listening for clients (i.e. not specific to any specific -+ * client connection?) -+ */ -+int listening_for_clients(void) -+{ -+ return num_listen_socks > 0; -+} -+ - /* Allocate and initialise the children array */ - static void - child_alloc(void) -@@ -1204,6 +1259,7 @@ server_accept_loop(int *sock_in, int *so - if (received_sigterm) { - logit("Received signal %d; terminating.", - (int) received_sigterm); -+ /* destroy_sensitive_data(ssh, 0); FIXME */ - close_listen_socks(); - if (options.pid_file != NULL) - unlink(options.pid_file); -diff -up openssh-8.6p1/sshd-session.c.audit openssh-8.6p1/sshd-session.c ---- openssh-8.6p1/sshd-session.c.audit 2021-04-19 16:47:35.727061907 +0200 -+++ openssh-8.6p1/sshd-session.c 2021-04-19 16:47:35.759062152 +0200 -@@ -122,6 +122,7 @@ - #include "ssh-gss.h" - #endif - #include "monitor_wrap.h" -+#include "audit.h" - #include "ssh-sandbox.h" - #include "auth-options.h" - #include "version.h" -@@ -260,8 +261,44 @@ struct sshbuf *loginmsg; +diff --git a/sshd-session.c b/sshd-session.c +index 81d30152..a808ac9a 100644 +--- a/sshd-session.c ++++ b/sshd-session.c +@@ -194,8 +194,8 @@ struct include_list includes = TAILQ_HEAD_INITIALIZER(includes); struct sshbuf *loginmsg; /* Prototypes for various functions defined later in this file. */ -void destroy_sensitive_data(void); -void demote_sensitive_data(void); -+void destroy_sensitive_data(struct ssh *); -+void demote_sensitive_data(struct ssh *); -+ ++void destroy_sensitive_data(struct ssh *ssh); ++void demote_sensitive_data(struct ssh *ssh); + + /* XXX reduce to stub once postauth split */ + int +@@ -208,6 +208,41 @@ mm_is_monitor(void) + return (pmonitor && pmonitor->m_pid > 0); + } + +static int +sshkey_is_private(const struct sshkey *k) +{ @@ -2100,13 +2131,13 @@ diff -up openssh-8.6p1/sshd-session.c.audit openssh-8.6p1/sshd-session.c + } +} + - static void do_ssh2_kex(struct ssh *); - /* -@@ -377,18 +387,40 @@ grace_alarm_handler(int sig) + * Signal handler for the alarm after the login grace period has expired. + * As usual, this may only take signal-safe actions, even though it is +@@ -236,18 +271,40 @@ grace_alarm_handler(int sig) _exit(EXIT_LOGIN_GRACE); } - + -/* Destroy the host and server keys. They will no longer be needed. */ +/* + * Destroy the host and server keys. They will no longer be needed. Careful, @@ -2147,7 +2178,7 @@ diff -up openssh-8.6p1/sshd-session.c.audit openssh-8.6p1/sshd-session.c sshkey_free(sensitive_data.host_certificates[i]); sensitive_data.host_certificates[i] = NULL; } -@@ -397,20 +434,38 @@ destroy_sensitive_data(void) +@@ -256,20 +313,38 @@ destroy_sensitive_data(void) /* Demote private to public keys for network child */ void @@ -2187,43 +2218,7 @@ diff -up openssh-8.6p1/sshd-session.c.audit openssh-8.6p1/sshd-session.c } /* Certs do not need demotion */ } -@@ -438,7 +493,7 @@ reseed_prngs(void) - } - - static void --privsep_preauth_child(void) -+privsep_preauth_child(struct ssh *ssh) - { - gid_t gidset[1]; - -@@ -453,7 +508,7 @@ privsep_preauth_child(void) - reseed_prngs(); - - /* Demote the private keys to public keys. */ -- demote_sensitive_data(); -+ demote_sensitive_data(ssh); - - #ifdef WITH_SELINUX - sshd_selinux_change_privsep_preauth_context(); -@@ -492,7 +547,7 @@ privsep_preauth(struct ssh *ssh) - pmonitor->m_pkex = &ssh->kex; - - box = ssh_sandbox_init(pmonitor); -- pid = fork(); -+ pmonitor->m_pid = pid = fork(); - if (pid == -1) { - fatal("fork of unprivileged child failed"); - } else if (pid != 0) { -@@ -537,7 +592,7 @@ privsep_preauth(struct ssh *ssh) - /* Arrange for logging to be sent to the monitor */ - set_log_handler(mm_log_handler, pmonitor); - -- privsep_preauth_child(); -+ privsep_preauth_child(ssh); - setproctitle("%s", "[net]"); - if (box != NULL) - ssh_sandbox_child(box); -@@ -589,7 +644,7 @@ privsep_postauth(struct ssh *ssh, Authct +@@ -463,7 +538,7 @@ privsep_postauth(struct ssh *ssh, Authctxt *authctxt) set_log_handler(mm_log_handler, pmonitor); /* Demote the private keys to public keys. */ @@ -2232,7 +2227,7 @@ diff -up openssh-8.6p1/sshd-session.c.audit openssh-8.6p1/sshd-session.c reseed_prngs(); -@@ -2333,6 +2389,9 @@ main(int ac, char **av) +@@ -1387,6 +1462,9 @@ main(int ac, char **av) do_authenticated(ssh, authctxt); /* The connection has been terminated. */ @@ -2242,7 +2237,7 @@ diff -up openssh-8.6p1/sshd-session.c.audit openssh-8.6p1/sshd-session.c ssh_packet_get_bytes(ssh, &ibytes, &obytes); verbose("Transferred: sent %llu, received %llu bytes", (unsigned long long)obytes, (unsigned long long)ibytes); -@@ -2513,6 +2572,14 @@ do_ssh2_kex(struct ssh *ssh) +@@ -1432,6 +1510,14 @@ sshd_hostkey_sign(struct ssh *ssh, struct sshkey *privkey, void cleanup_exit(int i) { @@ -2257,7 +2252,7 @@ diff -up openssh-8.6p1/sshd-session.c.audit openssh-8.6p1/sshd-session.c extern int auth_attempted; /* monitor.c */ if (the_active_state != NULL && the_authctxt != NULL) { -@@ -2525,7 +2593,9 @@ cleanup_exit(int i) +@@ -1448,7 +1534,9 @@ cleanup_exit(int i) } #ifdef SSH_AUDIT_EVENTS /* done after do_cleanup so it can cancel the PAM auth 'thread' */ @@ -2268,3 +2263,34 @@ diff -up openssh-8.6p1/sshd-session.c.audit openssh-8.6p1/sshd-session.c audit_event(the_active_state, SSH_CONNECTION_ABANDON); #endif /* Override default fatal exit value when auth was attempted */ +diff --git a/sshd.c b/sshd.c +index c9ea8e38..8a99f0b2 100644 +--- a/sshd.c ++++ b/sshd.c +@@ -217,6 +217,15 @@ close_listen_socks(void) + num_listen_socks = 0; + } + ++/* ++ * Is this process listening for clients (i.e. not specific to any specific ++ * client connection?) ++ */ ++int listening_for_clients(void) ++{ ++ return num_listen_socks > 0; ++} ++ + /* Allocate and initialise the children array */ + static void + child_alloc(void) +@@ -959,6 +968,7 @@ server_accept_loop(int *sock_in, int *sock_out, int *newsock, int *config_s, + if (received_sigterm) { + logit("Received signal %d; terminating.", + (int) received_sigterm); ++ /* destroy_sensitive_data(ssh, 0); FIXME */ + close_listen_socks(); + if (options.pid_file != NULL) + unlink(options.pid_file); +-- +2.49.0 + diff --git a/openssh-7.1p2-audit-race-condition.patch b/0040-openssh-7.1p2-audit-race-condition.patch similarity index 73% rename from openssh-7.1p2-audit-race-condition.patch rename to 0040-openssh-7.1p2-audit-race-condition.patch index 57ad148..fe732a6 100644 --- a/openssh-7.1p2-audit-race-condition.patch +++ b/0040-openssh-7.1p2-audit-race-condition.patch @@ -1,7 +1,19 @@ -diff -up openssh-7.4p1/monitor_wrap.c.audit-race openssh-7.4p1/monitor_wrap.c ---- openssh-7.4p1/monitor_wrap.c.audit-race 2016-12-23 16:35:52.694685771 +0100 -+++ openssh-7.4p1/monitor_wrap.c 2016-12-23 16:35:52.697685772 +0100 -@@ -1107,4 +1107,50 @@ mm_audit_destroy_sensitive_data(const ch +From c288d4a26ad44dc481c9d18d2920c9d70474833c Mon Sep 17 00:00:00 2001 +From: Dmitry Belyavskiy +Date: Thu, 15 May 2025 13:43:29 +0200 +Subject: [PATCH 40/50] openssh-7.1p2-audit-race-condition + +--- + monitor_wrap.c | 46 +++++++++++++++++++++++++++++++++++++ + monitor_wrap.h | 2 ++ + session.c | 61 ++++++++++++++++++++++++++++++++++++++++++++------ + 3 files changed, 102 insertions(+), 7 deletions(-) + +diff --git a/monitor_wrap.c b/monitor_wrap.c +index 1a079c15..768a59f9 100644 +--- a/monitor_wrap.c ++++ b/monitor_wrap.c +@@ -1415,4 +1415,50 @@ mm_audit_destroy_sensitive_data(struct ssh *ssh, const char *fp, pid_t pid, uid_ mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_AUDIT_SERVER_KEY_FREE, m); sshbuf_free(m); } @@ -52,10 +64,11 @@ diff -up openssh-7.4p1/monitor_wrap.c.audit-race openssh-7.4p1/monitor_wrap.c + pmonitor->m_recvfd = fd; +} #endif /* SSH_AUDIT_EVENTS */ -diff -up openssh-7.4p1/monitor_wrap.h.audit-race openssh-7.4p1/monitor_wrap.h ---- openssh-7.4p1/monitor_wrap.h.audit-race 2016-12-23 16:35:52.694685771 +0100 -+++ openssh-7.4p1/monitor_wrap.h 2016-12-23 16:35:52.698685772 +0100 -@@ -83,6 +83,8 @@ void mm_audit_unsupported_body(int); +diff --git a/monitor_wrap.h b/monitor_wrap.h +index 661ed63b..e957ba6e 100644 +--- a/monitor_wrap.h ++++ b/monitor_wrap.h +@@ -93,6 +93,8 @@ void mm_audit_unsupported_body(struct ssh *, int); void mm_audit_kex_body(struct ssh *, int, char *, char *, char *, char *, pid_t, uid_t); void mm_audit_session_key_free_body(struct ssh *, int, pid_t, uid_t); void mm_audit_destroy_sensitive_data(struct ssh *, const char *, pid_t, uid_t); @@ -64,10 +77,11 @@ diff -up openssh-7.4p1/monitor_wrap.h.audit-race openssh-7.4p1/monitor_wrap.h #endif struct Session; -diff -up openssh-7.4p1/session.c.audit-race openssh-7.4p1/session.c ---- openssh-7.4p1/session.c.audit-race 2016-12-23 16:35:52.695685771 +0100 -+++ openssh-7.4p1/session.c 2016-12-23 16:37:26.339730596 +0100 -@@ -162,6 +162,10 @@ static Session *sessions = NULL; +diff --git a/session.c b/session.c +index 83fc9418..b4753d93 100644 +--- a/session.c ++++ b/session.c +@@ -167,6 +167,10 @@ static Session *sessions = NULL; login_cap_t *lc; #endif @@ -78,7 +92,7 @@ diff -up openssh-7.4p1/session.c.audit-race openssh-7.4p1/session.c static int is_child = 0; static int in_chroot = 0; static int have_dev_log = 1; -@@ -289,6 +293,8 @@ xauth_valid_string(const char *s) +@@ -390,6 +394,8 @@ xauth_valid_string(const char *s) return 1; } @@ -87,7 +101,7 @@ diff -up openssh-7.4p1/session.c.audit-race openssh-7.4p1/session.c #define USE_PIPES 1 /* * This is called to fork and execute a command when we have no tty. This -@@ -424,6 +430,8 @@ do_exec_no_pty(Session *s, const char *c +@@ -513,6 +519,8 @@ do_exec_no_pty(struct ssh *ssh, Session *s, const char *command) close(err[0]); #endif @@ -96,7 +110,7 @@ diff -up openssh-7.4p1/session.c.audit-race openssh-7.4p1/session.c /* Do processing for the child (exec command etc). */ do_child(ssh, s, command); /* NOTREACHED */ -@@ -547,6 +555,9 @@ do_exec_pty(Session *s, const char *comm +@@ -630,6 +638,9 @@ do_exec_pty(struct ssh *ssh, Session *s, const char *command) /* Close the extra descriptor for the pseudo tty. */ close(ttyfd); @@ -106,7 +120,7 @@ diff -up openssh-7.4p1/session.c.audit-race openssh-7.4p1/session.c /* record login, etc. similar to login(1) */ #ifndef HAVE_OSF_SIA do_login(ssh, s, command); -@@ -717,6 +728,8 @@ do_exec(Session *s, const char *command) +@@ -766,6 +777,8 @@ do_exec(struct ssh *ssh, Session *s, const char *command) } if (s->command != NULL && s->ptyfd == -1) s->command_handle = mm_audit_run_command(ssh, s->command); @@ -115,7 +129,7 @@ diff -up openssh-7.4p1/session.c.audit-race openssh-7.4p1/session.c #endif if (s->ttyfd != -1) ret = do_exec_pty(ssh, s, command); -@@ -732,6 +745,20 @@ do_exec(Session *s, const char *command) +@@ -781,6 +794,20 @@ do_exec(struct ssh *ssh, Session *s, const char *command) */ sshbuf_reset(loginmsg); @@ -136,7 +150,7 @@ diff -up openssh-7.4p1/session.c.audit-race openssh-7.4p1/session.c return ret; } -@@ -1538,6 +1565,33 @@ child_close_fds(void) +@@ -1532,6 +1559,33 @@ child_close_fds(struct ssh *ssh) log_redirect_stderr_to(NULL); } @@ -151,7 +165,7 @@ diff -up openssh-7.4p1/session.c.audit-race openssh-7.4p1/session.c +#endif + + /* remove hostkey from the child's memory */ -+ destroy_sensitive_data(ssh); ++ /* FIXME beldmit destroy_sensitive_data(ssh); */ + /* + * We can audit this, because we hacked the pipe to direct the + * messages over postauth child. But this message requires answer @@ -170,11 +184,11 @@ diff -up openssh-7.4p1/session.c.audit-race openssh-7.4p1/session.c /* * Performs common processing for the child, such as setting up the * environment, closing extra file descriptors, setting the user and group -@@ -1554,13 +1608,6 @@ do_child(Session *s, const char *command +@@ -1549,13 +1603,6 @@ do_child(struct ssh *ssh, Session *s, const char *command) sshpkt_fmt_connection_id(ssh, remote_id, sizeof(remote_id)); -- /* remove hostkey from the child's memory */ +- /* remove keys from memory */ - destroy_sensitive_data(ssh); - ssh_packet_clear_keys(ssh); - /* Don't audit this - both us and the parent would be talking to the @@ -184,3 +198,6 @@ diff -up openssh-7.4p1/session.c.audit-race openssh-7.4p1/session.c /* Force a password change */ if (s->authctxt->force_pwchange) { do_setusercontext(pw); +-- +2.49.0 + diff --git a/openssh-9.0p1-audit-log.patch b/0041-openssh-9.0p1-audit-log.patch similarity index 85% rename from openssh-9.0p1-audit-log.patch rename to 0041-openssh-9.0p1-audit-log.patch index ae9550f..e04f31b 100644 --- a/openssh-9.0p1-audit-log.patch +++ b/0041-openssh-9.0p1-audit-log.patch @@ -1,7 +1,20 @@ -diff -up openssh-9.0p1/audit-bsm.c.patch openssh-9.0p1/audit-bsm.c ---- openssh-9.0p1/audit-bsm.c.patch 2022-10-24 15:02:16.544858331 +0200 -+++ openssh-9.0p1/audit-bsm.c 2022-10-24 14:51:43.685766639 +0200 -@@ -405,7 +405,7 @@ audit_session_close(struct logininfo *li +From 80d967a18261156573e7385f8e534a89d2767d67 Mon Sep 17 00:00:00 2001 +From: Dmitry Belyavskiy +Date: Thu, 15 May 2025 13:43:29 +0200 +Subject: [PATCH 41/50] openssh-9.0p1-audit-log + +--- + audit-bsm.c | 2 +- + audit-linux.c | 76 +++++++++++++++++++++++++++++++++++++++++++-------- + audit.c | 18 +++++++++--- + audit.h | 2 +- + 4 files changed, 81 insertions(+), 17 deletions(-) + +diff --git a/audit-bsm.c b/audit-bsm.c +index a49abb92..c6f56553 100644 +--- a/audit-bsm.c ++++ b/audit-bsm.c +@@ -405,7 +405,7 @@ audit_session_close(struct logininfo *li) } int @@ -10,51 +23,10 @@ diff -up openssh-9.0p1/audit-bsm.c.patch openssh-9.0p1/audit-bsm.c { /* not implemented */ } -diff -up openssh-9.0p1/audit.c.patch openssh-9.0p1/audit.c ---- openssh-9.0p1/audit.c.patch 2022-10-24 15:02:16.544858331 +0200 -+++ openssh-9.0p1/audit.c 2022-10-24 15:20:38.854548226 +0200 -@@ -116,12 +116,22 @@ audit_event_lookup(ssh_audit_event_t ev) - void - audit_key(struct ssh *ssh, int host_user, int *rv, const struct sshkey *key) - { -- char *fp; -+ char *key_fp = NULL; -+ char *issuer_fp = NULL; -+ struct sshkey_cert *cert = NULL; - -- fp = sshkey_fingerprint(key, options.fingerprint_hash, SSH_FP_HEX); -- if (audit_keyusage(ssh, host_user, fp, (*rv == 0)) == 0) -+ key_fp = sshkey_fingerprint(key, options.fingerprint_hash, SSH_FP_HEX); -+ if (sshkey_is_cert(key) && key->cert != NULL && key->cert->signature_key != NULL) { -+ cert = key->cert; -+ issuer_fp = sshkey_fingerprint(cert->signature_key, -+ options.fingerprint_hash, SSH_FP_DEFAULT); -+ } -+ if (audit_keyusage(ssh, host_user, key_fp, cert, issuer_fp, (*rv == 0)) == 0) - *rv = -SSH_ERR_INTERNAL_ERROR; -- free(fp); -+ if (key_fp) -+ free(key_fp); -+ if (issuer_fp) -+ free(issuer_fp); - } - - void -diff -up openssh-9.0p1/audit.h.patch openssh-9.0p1/audit.h ---- openssh-9.0p1/audit.h.patch 2022-10-24 15:02:16.544858331 +0200 -+++ openssh-9.0p1/audit.h 2022-10-24 14:58:20.887565518 +0200 -@@ -64,7 +64,7 @@ void audit_session_close(struct logininf - int audit_run_command(struct ssh *, const char *); - void audit_end_command(struct ssh *, int, const char *); - ssh_audit_event_t audit_classify_auth(const char *); --int audit_keyusage(struct ssh *, int, char *, int); -+int audit_keyusage(struct ssh *, int, const char *, const struct sshkey_cert *, const char *, int); - void audit_key(struct ssh *, int, int *, const struct sshkey *); - void audit_unsupported(struct ssh *, int); - void audit_kex(struct ssh *, int, char *, char *, char *, char *); -diff -up openssh-9.9p1/audit-linux.c.xxx openssh-9.9p1/audit-linux.c ---- openssh-9.9p1/audit-linux.c.xxx 2024-10-15 11:49:48.092151974 +0200 -+++ openssh-9.9p1/audit-linux.c 2024-10-15 12:08:17.179158343 +0200 +diff --git a/audit-linux.c b/audit-linux.c +index d484b82b..dcfde3a9 100644 +--- a/audit-linux.c ++++ b/audit-linux.c @@ -52,7 +52,7 @@ extern u_int utmp_len; const char *audit_username(void); @@ -64,7 +36,7 @@ diff -up openssh-9.9p1/audit-linux.c.xxx openssh-9.9p1/audit-linux.c const char *ip, const char *ttyn, int success, int event) { int audit_fd, rc, saved_errno; -@@ -66,7 +66,7 @@ linux_audit_user_logxxx(int uid, const c +@@ -66,7 +66,7 @@ linux_audit_user_logxxx(int uid, const char *username, } rc = audit_log_acct_message(audit_fd, event, NULL, "login", username ? username : "(unknown)", @@ -87,7 +59,7 @@ diff -up openssh-9.9p1/audit-linux.c.xxx openssh-9.9p1/audit-linux.c audit_fd = audit_open(); if (audit_fd < 0) { -@@ -150,14 +152,44 @@ audit_keyusage(struct ssh *ssh, int host +@@ -150,14 +152,44 @@ audit_keyusage(struct ssh *ssh, int host_user, char *fp, int rv) else return 0; /* Must prevent login */ } @@ -135,7 +107,7 @@ diff -up openssh-9.9p1/audit-linux.c.xxx openssh-9.9p1/audit-linux.c out: saved_errno = errno; audit_close(audit_fd); -@@ -179,26 +211,34 @@ audit_connection_from(const char *host, +@@ -179,26 +211,34 @@ audit_connection_from(const char *host, int port) int audit_run_command(struct ssh *ssh, const char *command) { @@ -217,7 +189,7 @@ diff -up openssh-9.9p1/audit-linux.c.xxx openssh-9.9p1/audit-linux.c ssh_remote_ipaddr(ssh), "ssh", 0, AUDIT_USER_LOGIN); break; case SSH_AUTH_FAIL_PASSWD: -@@ -255,9 +305,11 @@ audit_event(struct ssh *ssh, ssh_audit_e +@@ -255,9 +305,11 @@ audit_event(struct ssh *ssh, ssh_audit_event_t event) if (user_login_count) { while (user_login_count--) linux_audit_user_logxxx(the_authctxt->pw->pw_uid, NULL, @@ -229,7 +201,7 @@ diff -up openssh-9.9p1/audit-linux.c.xxx openssh-9.9p1/audit-linux.c ssh_remote_ipaddr(ssh), "ssh", 1, AUDIT_USER_LOGOUT); } -@@ -266,12 +318,14 @@ audit_event(struct ssh *ssh, ssh_audit_e +@@ -266,12 +318,14 @@ audit_event(struct ssh *ssh, ssh_audit_event_t event) case SSH_CONNECTION_ABANDON: case SSH_INVALID_USER: linux_audit_user_logxxx(-1, audit_username(), @@ -244,3 +216,50 @@ diff -up openssh-9.9p1/audit-linux.c.xxx openssh-9.9p1/audit-linux.c } void +diff --git a/audit.c b/audit.c +index d0433c3a..28d51a14 100644 +--- a/audit.c ++++ b/audit.c +@@ -116,12 +116,22 @@ audit_event_lookup(ssh_audit_event_t ev) + void + audit_key(struct ssh *ssh, int host_user, int *rv, const struct sshkey *key) + { +- char *fp; ++ char *key_fp = NULL; ++ char *issuer_fp = NULL; ++ struct sshkey_cert *cert = NULL; + +- fp = sshkey_fingerprint(key, options.fingerprint_hash, SSH_FP_HEX); +- if (audit_keyusage(ssh, host_user, fp, (*rv == 0)) == 0) ++ key_fp = sshkey_fingerprint(key, options.fingerprint_hash, SSH_FP_HEX); ++ if (sshkey_is_cert(key) && key->cert != NULL && key->cert->signature_key != NULL) { ++ cert = key->cert; ++ issuer_fp = sshkey_fingerprint(cert->signature_key, ++ options.fingerprint_hash, SSH_FP_DEFAULT); ++ } ++ if (audit_keyusage(ssh, host_user, key_fp, cert, issuer_fp, (*rv == 0)) == 0) + *rv = -SSH_ERR_INTERNAL_ERROR; +- free(fp); ++ if (key_fp) ++ free(key_fp); ++ if (issuer_fp) ++ free(issuer_fp); + } + + void +diff --git a/audit.h b/audit.h +index 45d66ccf..05ac132c 100644 +--- a/audit.h ++++ b/audit.h +@@ -64,7 +64,7 @@ void audit_session_close(struct logininfo *); + int audit_run_command(struct ssh *, const char *); + void audit_end_command(struct ssh *, int, const char *); + ssh_audit_event_t audit_classify_auth(const char *); +-int audit_keyusage(struct ssh *, int, char *, int); ++int audit_keyusage(struct ssh *, int, const char *, const struct sshkey_cert *, const char *, int); + void audit_key(struct ssh *, int, int *, const struct sshkey *); + void audit_unsupported(struct ssh *, int); + void audit_kex(struct ssh *, int, char *, char *, char *, char *); +-- +2.49.0 + diff --git a/openssh-7.7p1-fips.patch b/0042-openssh-7.7p1-fips.patch similarity index 77% rename from openssh-7.7p1-fips.patch rename to 0042-openssh-7.7p1-fips.patch index 5d8da08..f4729d7 100644 --- a/openssh-7.7p1-fips.patch +++ b/0042-openssh-7.7p1-fips.patch @@ -1,6 +1,33 @@ -diff -up openssh-8.6p1/dh.c.fips openssh-8.6p1/dh.c ---- openssh-8.6p1/dh.c.fips 2021-04-16 05:55:25.000000000 +0200 -+++ openssh-8.6p1/dh.c 2021-05-06 12:12:10.107634472 +0200 +From 6e0e7462959e8bc6a99f50dbf9a5b42ae74c2c87 Mon Sep 17 00:00:00 2001 +From: Dmitry Belyavskiy +Date: Thu, 15 May 2025 13:43:29 +0200 +Subject: [PATCH 42/50] openssh-7.7p1-fips + +--- + dh.c | 41 ++++++++++++++++++++++ + dh.h | 1 + + kex-names.c | 6 +++- + kex.c | 3 +- + kexgen.c | 74 ++++++++++++++++++++++++++++++++-------- + kexgexc.c | 5 +++ + myproposal.h | 33 ++++++++++++++++++ + readconf.c | 16 ++++++--- + sandbox-seccomp-filter.c | 3 ++ + servconf.c | 16 ++++++--- + ssh-ed25519.c | 9 +++++ + ssh-keygen.c | 22 ++++++++++-- + ssh-rsa.c | 3 ++ + ssh.c | 5 +++ + sshconnect2.c | 61 ++++++++++++++++++--------------- + sshd-auth.c | 13 ++++--- + sshd.c | 13 +++++++ + sshkey.c | 37 ++++++++++++++++++++ + 18 files changed, 301 insertions(+), 60 deletions(-) + +diff --git a/dh.c b/dh.c +index 168dea1d..8c9a29fa 100644 +--- a/dh.c ++++ b/dh.c @@ -36,6 +36,7 @@ #include @@ -9,7 +36,7 @@ diff -up openssh-8.6p1/dh.c.fips openssh-8.6p1/dh.c #include "dh.h" #include "pathnames.h" -@@ -164,6 +164,12 @@ choose_dh(int min, int wantbits, int max +@@ -164,6 +165,12 @@ choose_dh(int min, int wantbits, int max) int best, bestcount, which, linenum; struct dhgroup dhg; @@ -22,7 +49,7 @@ diff -up openssh-8.6p1/dh.c.fips openssh-8.6p1/dh.c if ((f = fopen(get_moduli_filename(), "r")) == NULL) { logit("WARNING: could not open %s (%s), using fixed modulus", get_moduli_filename(), strerror(errno)); -@@ -502,4 +508,38 @@ dh_estimate(int bits) +@@ -502,4 +509,38 @@ dh_estimate(int bits) return 8192; } @@ -61,9 +88,10 @@ diff -up openssh-8.6p1/dh.c.fips openssh-8.6p1/dh.c +} + #endif /* WITH_OPENSSL */ -diff -up openssh-8.6p1/dh.h.fips openssh-8.6p1/dh.h ---- openssh-8.6p1/dh.h.fips 2021-05-06 12:08:36.498926877 +0200 -+++ openssh-8.6p1/dh.h 2021-05-06 12:11:28.393298005 +0200 +diff --git a/dh.h b/dh.h +index c6326a39..e51e292b 100644 +--- a/dh.h ++++ b/dh.h @@ -45,6 +45,7 @@ DH *dh_new_group_fallback(int); int dh_gen_key(DH *, int); @@ -72,10 +100,11 @@ diff -up openssh-8.6p1/dh.h.fips openssh-8.6p1/dh.h u_int dh_estimate(int); void dh_set_moduli_file(const char *); -diff -up openssh-8.6p1/kex-names.c.fips openssh-8.6p1/kex-names.c ---- openssh-8.6p1/kex-names.c.fips 2021-05-06 12:08:36.489926807 +0200 -+++ openssh-8.6p1/kex-names.c 2021-05-06 12:08:36.498926877 +0200 -@@ -39,6 +39,7 @@ +diff --git a/kex-names.c b/kex-names.c +index 6c0b7c2b..cd3902ad 100644 +--- a/kex-names.c ++++ b/kex-names.c +@@ -33,6 +33,7 @@ #ifdef WITH_OPENSSL #include @@ -83,7 +112,7 @@ diff -up openssh-8.6p1/kex-names.c.fips openssh-8.6p1/kex-names.c #include #endif -@@ -203,7 +203,10 @@ kex_names_valid(const char *names) +@@ -206,7 +207,10 @@ kex_names_valid(const char *names) for ((p = strsep(&cp, ",")); p && *p != '\0'; (p = strsep(&cp, ","))) { if (kex_alg_by_name(p) == NULL) { @@ -95,9 +124,149 @@ diff -up openssh-8.6p1/kex-names.c.fips openssh-8.6p1/kex-names.c free(s); return 0; } -diff -up openssh-8.6p1/kexgexc.c.fips openssh-8.6p1/kexgexc.c ---- openssh-8.6p1/kexgexc.c.fips 2021-04-16 05:55:25.000000000 +0200 -+++ openssh-8.6p1/kexgexc.c 2021-05-06 12:08:36.498926877 +0200 +diff --git a/kex.c b/kex.c +index 62f607d6..71fbe5cb 100644 +--- a/kex.c ++++ b/kex.c +@@ -40,6 +40,7 @@ + #ifdef WITH_OPENSSL + #include + #include ++#include + # ifdef HAVE_EVP_KDF_CTX_NEW + # include + # include +@@ -109,7 +110,7 @@ kex_proposal_populate_entries(struct ssh *ssh, char *prop[PROPOSAL_MAX], + + /* Append EXT_INFO signalling to KexAlgorithms */ + if (kexalgos == NULL) +- kexalgos = defprop[PROPOSAL_KEX_ALGS]; ++ kexalgos = FIPS_mode() ? KEX_DEFAULT_KEX_FIPS : defprop[PROPOSAL_KEX_ALGS]; + if ((cp = kex_names_cat(kexalgos, ssh->kex->server ? + "ext-info-s,kex-strict-s-v00@openssh.com" : + "ext-info-c,kex-strict-c-v00@openssh.com")) == NULL) +diff --git a/kexgen.c b/kexgen.c +index 15df591c..eecdceba 100644 +--- a/kexgen.c ++++ b/kexgen.c +@@ -31,6 +31,7 @@ + #include + #include + #include ++#include + + #include "sshkey.h" + #include "kex.h" +@@ -115,13 +116,28 @@ kex_gen_client(struct ssh *ssh) + break; + #endif + case KEX_C25519_SHA256: +- r = kex_c25519_keypair(kex); ++ if (FIPS_mode()) { ++ logit_f("Key exchange type c25519 is not allowed in FIPS mode"); ++ r = SSH_ERR_INVALID_ARGUMENT; ++ } else { ++ r = kex_c25519_keypair(kex); ++ } + break; + case KEX_KEM_SNTRUP761X25519_SHA512: +- r = kex_kem_sntrup761x25519_keypair(kex); ++ if (FIPS_mode()) { ++ logit_f("Key exchange type sntrup761 is not allowed in FIPS mode"); ++ r = SSH_ERR_INVALID_ARGUMENT; ++ } else { ++ r = kex_kem_sntrup761x25519_keypair(kex); ++ } + break; + case KEX_KEM_MLKEM768X25519_SHA256: +- r = kex_kem_mlkem768x25519_keypair(kex); ++ if (FIPS_mode()) { ++ logit_f("Key exchange type mlkem768x25519 is not allowed in FIPS mode"); ++ r = SSH_ERR_INVALID_ARGUMENT; ++ } else { ++ r = kex_kem_mlkem768x25519_keypair(kex); ++ } + break; + default: + r = SSH_ERR_INVALID_ARGUMENT; +@@ -189,15 +205,30 @@ input_kex_gen_reply(int type, u_int32_t seq, struct ssh *ssh) + break; + #endif + case KEX_C25519_SHA256: +- r = kex_c25519_dec(kex, server_blob, &shared_secret); ++ if (FIPS_mode()) { ++ logit_f("Key exchange type c25519 is not allowed in FIPS mode"); ++ r = SSH_ERR_INVALID_ARGUMENT; ++ } else { ++ r = kex_c25519_dec(kex, server_blob, &shared_secret); ++ } + break; + case KEX_KEM_SNTRUP761X25519_SHA512: +- r = kex_kem_sntrup761x25519_dec(kex, server_blob, +- &shared_secret); ++ if (FIPS_mode()) { ++ logit_f("Key exchange type sntrup761 is not allowed in FIPS mode"); ++ r = SSH_ERR_INVALID_ARGUMENT; ++ } else { ++ r = kex_kem_sntrup761x25519_dec(kex, server_blob, ++ &shared_secret); ++ } + break; + case KEX_KEM_MLKEM768X25519_SHA256: +- r = kex_kem_mlkem768x25519_dec(kex, server_blob, +- &shared_secret); ++ if (FIPS_mode()) { ++ logit_f("Key exchange type mlkem768x25519 is not allowed in FIPS mode"); ++ r = SSH_ERR_INVALID_ARGUMENT; ++ } else { ++ r = kex_kem_mlkem768x25519_dec(kex, server_blob, ++ &shared_secret); ++ } + break; + default: + r = SSH_ERR_INVALID_ARGUMENT; +@@ -312,16 +343,31 @@ input_kex_gen_init(int type, u_int32_t seq, struct ssh *ssh) + break; + #endif + case KEX_C25519_SHA256: +- r = kex_c25519_enc(kex, client_pubkey, &server_pubkey, +- &shared_secret); ++ if (FIPS_mode()) { ++ logit_f("Key exchange type c25519 is not allowed in FIPS mode"); ++ r = SSH_ERR_INVALID_ARGUMENT; ++ } else { ++ r = kex_c25519_enc(kex, client_pubkey, &server_pubkey, ++ &shared_secret); ++ } + break; + case KEX_KEM_SNTRUP761X25519_SHA512: +- r = kex_kem_sntrup761x25519_enc(kex, client_pubkey, +- &server_pubkey, &shared_secret); ++ if (FIPS_mode()) { ++ logit_f("Key exchange type sntrup761 is not allowed in FIPS mode"); ++ r = SSH_ERR_INVALID_ARGUMENT; ++ } else { ++ r = kex_kem_sntrup761x25519_enc(kex, client_pubkey, ++ &server_pubkey, &shared_secret); ++ } + break; + case KEX_KEM_MLKEM768X25519_SHA256: +- r = kex_kem_mlkem768x25519_enc(kex, client_pubkey, +- &server_pubkey, &shared_secret); ++ if (FIPS_mode()) { ++ logit_f("Key exchange type mlkem768x25519 is not allowed in FIPS mode"); ++ r = SSH_ERR_INVALID_ARGUMENT; ++ } else { ++ r = kex_kem_mlkem768x25519_enc(kex, client_pubkey, ++ &server_pubkey, &shared_secret); ++ } + break; + default: + r = SSH_ERR_INVALID_ARGUMENT; +diff --git a/kexgexc.c b/kexgexc.c +index e99e0cf2..4c3feae0 100644 +--- a/kexgexc.c ++++ b/kexgexc.c @@ -28,6 +28,7 @@ #ifdef WITH_OPENSSL @@ -106,7 +275,7 @@ diff -up openssh-8.6p1/kexgexc.c.fips openssh-8.6p1/kexgexc.c #include #include -@@ -115,6 +116,10 @@ input_kex_dh_gex_group(int type, u_int32 +@@ -115,6 +116,10 @@ input_kex_dh_gex_group(int type, u_int32_t seq, struct ssh *ssh) r = SSH_ERR_ALLOC_FAIL; goto out; } @@ -117,10 +286,11 @@ diff -up openssh-8.6p1/kexgexc.c.fips openssh-8.6p1/kexgexc.c p = g = NULL; /* belong to kex->dh now */ /* generate and send 'e', client DH public key */ -diff -up openssh-8.6p1/myproposal.h.fips openssh-8.6p1/myproposal.h ---- openssh-8.6p1/myproposal.h.fips 2021-04-16 05:55:25.000000000 +0200 -+++ openssh-8.6p1/myproposal.h 2021-05-06 12:08:36.498926877 +0200 -@@ -57,6 +57,18 @@ +diff --git a/myproposal.h b/myproposal.h +index 8fe9276c..3e0ec682 100644 +--- a/myproposal.h ++++ b/myproposal.h +@@ -58,6 +58,18 @@ "rsa-sha2-512," \ "rsa-sha2-256" @@ -138,8 +308,8 @@ diff -up openssh-8.6p1/myproposal.h.fips openssh-8.6p1/myproposal.h + #define KEX_SERVER_ENCRYPT \ "chacha20-poly1305@openssh.com," \ - "aes128-ctr,aes192-ctr,aes256-ctr," \ -@@ -78,6 +92,27 @@ + "aes128-gcm@openssh.com,aes256-gcm@openssh.com," \ +@@ -79,6 +91,27 @@ #define KEX_CLIENT_MAC KEX_SERVER_MAC @@ -167,10 +337,11 @@ diff -up openssh-8.6p1/myproposal.h.fips openssh-8.6p1/myproposal.h /* Not a KEX value, but here so all the algorithm defaults are together */ #define SSH_ALLOWED_CA_SIGALGS \ "ssh-ed25519," \ -diff -up openssh-8.6p1/readconf.c.fips openssh-8.6p1/readconf.c ---- openssh-8.6p1/readconf.c.fips 2021-05-06 12:08:36.428926336 +0200 -+++ openssh-8.6p1/readconf.c 2021-05-06 12:08:36.499926885 +0200 -@@ -39,6 +39,7 @@ +diff --git a/readconf.c b/readconf.c +index f340bf50..ea9d293c 100644 +--- a/readconf.c ++++ b/readconf.c +@@ -43,6 +43,7 @@ #include #include #include @@ -178,7 +349,7 @@ diff -up openssh-8.6p1/readconf.c.fips openssh-8.6p1/readconf.c #ifdef USE_SYSTEM_GLOB # include #else -@@ -2538,11 +2538,16 @@ fill_default_options(Options * options) +@@ -3043,11 +3044,16 @@ fill_default_options(Options * options) all_key = sshkey_alg_list(0, 0, 1, ','); all_sig = sshkey_alg_list(0, 1, 1, ','); /* remove unsupported algos from default lists */ @@ -200,10 +371,11 @@ diff -up openssh-8.6p1/readconf.c.fips openssh-8.6p1/readconf.c #define ASSEMBLE(what, defaults, all) \ do { \ if ((r = kex_assemble_names(&options->what, \ -diff -up openssh-8.6p1/sandbox-seccomp-filter.c.fips openssh-8.6p1/sandbox-seccomp-filter.c ---- openssh-8.6p1/sandbox-seccomp-filter.c.fips 2021-05-06 12:08:36.463926606 +0200 -+++ openssh-8.6p1/sandbox-seccomp-filter.c 2021-05-06 12:08:36.499926885 +0200 -@@ -160,6 +160,9 @@ static const struct sock_filter preauth_ +diff --git a/sandbox-seccomp-filter.c b/sandbox-seccomp-filter.c +index 1fabf99d..ccb61586 100644 +--- a/sandbox-seccomp-filter.c ++++ b/sandbox-seccomp-filter.c +@@ -230,6 +230,9 @@ static const struct sock_filter preauth_insns[] = { #ifdef __NR_open SC_DENY(__NR_open, EACCES), #endif @@ -213,10 +385,11 @@ diff -up openssh-8.6p1/sandbox-seccomp-filter.c.fips openssh-8.6p1/sandbox-secco #ifdef __NR_openat SC_DENY(__NR_openat, EACCES), #endif -diff -up openssh-8.6p1/servconf.c.fips openssh-8.6p1/servconf.c ---- openssh-8.6p1/servconf.c.fips 2021-05-06 12:08:36.455926545 +0200 -+++ openssh-8.6p1/servconf.c 2021-05-06 12:08:36.500926893 +0200 -@@ -38,6 +38,7 @@ +diff --git a/servconf.c b/servconf.c +index 84891544..8b708cbf 100644 +--- a/servconf.c ++++ b/servconf.c +@@ -37,6 +37,7 @@ #include #include #include @@ -224,7 +397,7 @@ diff -up openssh-8.6p1/servconf.c.fips openssh-8.6p1/servconf.c #ifdef HAVE_UTIL_H #include #endif -@@ -226,11 +226,16 @@ assemble_algorithms(ServerOptions *o) +@@ -247,11 +248,16 @@ assemble_algorithms(ServerOptions *o) all_key = sshkey_alg_list(0, 0, 1, ','); all_sig = sshkey_alg_list(0, 1, 1, ','); /* remove unsupported algos from default lists */ @@ -246,10 +419,136 @@ diff -up openssh-8.6p1/servconf.c.fips openssh-8.6p1/servconf.c #define ASSEMBLE(what, defaults, all) \ do { \ if ((r = kex_assemble_names(&o->what, defaults, all)) != 0) \ -diff -up openssh-8.6p1/ssh.c.fips openssh-8.6p1/ssh.c ---- openssh-8.6p1/ssh.c.fips 2021-05-06 12:08:36.467926637 +0200 -+++ openssh-8.6p1/ssh.c 2021-05-06 12:08:36.500926893 +0200 -@@ -77,6 +77,7 @@ +diff --git a/ssh-ed25519.c b/ssh-ed25519.c +index 22d8db02..41942f4e 100644 +--- a/ssh-ed25519.c ++++ b/ssh-ed25519.c +@@ -24,6 +24,7 @@ + + #include + #include ++#include + + #include "log.h" + #include "sshbuf.h" +@@ -164,6 +165,10 @@ ssh_ed25519_sign(struct sshkey *key, + key->ed25519_sk == NULL || + datalen >= INT_MAX - crypto_sign_ed25519_BYTES) + return SSH_ERR_INVALID_ARGUMENT; ++ if (FIPS_mode()) { ++ logit_f("Ed25519 keys are not allowed in FIPS mode"); ++ return SSH_ERR_INVALID_ARGUMENT; ++ } + smlen = slen = datalen + crypto_sign_ed25519_BYTES; + if ((sig = malloc(slen)) == NULL) + return SSH_ERR_ALLOC_FAIL; +@@ -221,6 +226,10 @@ ssh_ed25519_verify(const struct sshkey *key, + dlen >= INT_MAX - crypto_sign_ed25519_BYTES || + sig == NULL || siglen == 0) + return SSH_ERR_INVALID_ARGUMENT; ++ if (FIPS_mode()) { ++ logit_f("Ed25519 keys are not allowed in FIPS mode"); ++ return SSH_ERR_INVALID_ARGUMENT; ++ } + + if ((b = sshbuf_from(sig, siglen)) == NULL) + return SSH_ERR_ALLOC_FAIL; +diff --git a/ssh-keygen.c b/ssh-keygen.c +index 16cff947..792aafde 100644 +--- a/ssh-keygen.c ++++ b/ssh-keygen.c +@@ -20,6 +20,7 @@ + + #ifdef WITH_OPENSSL + #include ++#include + #include + #include "openbsd-compat/openssl-compat.h" + #endif +@@ -68,6 +69,7 @@ + #include "cipher.h" + + #define DEFAULT_KEY_TYPE_NAME "ed25519" ++#define FIPS_DEFAULT_KEY_TYPE_NAME "rsa" + + /* + * Default number of bits in the RSA, DSA and ECDSA keys. These value can be +@@ -202,6 +204,12 @@ type_bits_valid(int type, const char *name, u_int32_t *bitsp) + #endif + } + #ifdef WITH_OPENSSL ++ if (FIPS_mode()) { ++ if (type == KEY_DSA) ++ fatal("DSA keys are not allowed in FIPS mode"); ++ if (type == KEY_ED25519 || type == KEY_ED25519_SK) ++ fatal("ED25519 keys are not allowed in FIPS mode"); ++ } + switch (type) { + case KEY_DSA: + if (*bitsp != 1024) +@@ -259,7 +267,7 @@ ask_filename(struct passwd *pw, const char *prompt) + char *name = NULL; + + if (key_type_name == NULL) +- name = _PATH_SSH_CLIENT_ID_ED25519; ++ name = FIPS_mode() ? _PATH_SSH_CLIENT_ID_RSA : _PATH_SSH_CLIENT_ID_ED25519; + else { + switch (sshkey_type_from_shortname(key_type_name)) { + #ifdef WITH_DSA +@@ -1144,9 +1152,17 @@ do_gen_all_hostkeys(struct passwd *pw) + first = 1; + printf("%s: generating new host keys: ", __progname); + } ++ type = sshkey_type_from_shortname(key_types[i].key_type); ++ ++ /* Skip the keys that are not supported in FIPS mode */ ++ if (FIPS_mode() && (type == KEY_DSA || type == KEY_ED25519)) { ++ logit("Skipping %s key in FIPS mode", ++ key_types[i].key_type_display); ++ goto next; ++ } ++ + printf("%s ", key_types[i].key_type_display); + fflush(stdout); +- type = sshkey_type_from_shortname(key_types[i].key_type); + if ((fd = mkstemp(prv_tmp)) == -1) { + error("Could not save your private key in %s: %s", + prv_tmp, strerror(errno)); +@@ -3849,7 +3865,7 @@ main(int argc, char **argv) + } + + if (key_type_name == NULL) +- key_type_name = DEFAULT_KEY_TYPE_NAME; ++ key_type_name = FIPS_mode() ? FIPS_DEFAULT_KEY_TYPE_NAME : DEFAULT_KEY_TYPE_NAME; + + type = sshkey_type_from_shortname(key_type_name); + type_bits_valid(type, key_type_name, &bits); +diff --git a/ssh-rsa.c b/ssh-rsa.c +index 3ad1fddc..6c2f771a 100644 +--- a/ssh-rsa.c ++++ b/ssh-rsa.c +@@ -23,6 +23,7 @@ + + #include + #include ++#include + + #include + #include +@@ -142,6 +143,8 @@ ssh_rsa_generate(struct sshkey *k, int bits) + goto out; + } + if (EVP_PKEY_keygen(ctx, &res) <= 0 || res == NULL) { ++ if (FIPS_mode()) ++ logit_f("the key length might be unsupported by FIPS mode approved key generation method"); + ret = SSH_ERR_LIBCRYPTO_ERROR; + goto out; + } +diff --git a/ssh.c b/ssh.c +index 98b103c9..abc8b843 100644 +--- a/ssh.c ++++ b/ssh.c +@@ -78,6 +78,7 @@ #include #include #endif @@ -257,7 +556,7 @@ diff -up openssh-8.6p1/ssh.c.fips openssh-8.6p1/ssh.c #include "openbsd-compat/openssl-compat.h" #include "openbsd-compat/sys-queue.h" -@@ -1516,6 +1517,10 @@ main(int ac, char **av) +@@ -1642,6 +1643,10 @@ main(int ac, char **av) exit(0); } @@ -268,9 +567,10 @@ diff -up openssh-8.6p1/ssh.c.fips openssh-8.6p1/ssh.c /* Expand SecurityKeyProvider if it refers to an environment variable */ if (options.sk_provider != NULL && *options.sk_provider == '$' && strlen(options.sk_provider) > 1) { -diff -up openssh-8.6p1/sshconnect2.c.fips openssh-8.6p1/sshconnect2.c ---- openssh-8.6p1/sshconnect2.c.fips 2021-05-06 12:08:36.485926777 +0200 -+++ openssh-8.6p1/sshconnect2.c 2021-05-06 12:08:36.501926900 +0200 +diff --git a/sshconnect2.c b/sshconnect2.c +index 0af15bcc..14f7671a 100644 +--- a/sshconnect2.c ++++ b/sshconnect2.c @@ -45,6 +45,8 @@ #include #endif @@ -280,7 +580,7 @@ diff -up openssh-8.6p1/sshconnect2.c.fips openssh-8.6p1/sshconnect2.c #include "openbsd-compat/sys-queue.h" #include "xmalloc.h" -@@ -269,36 +271,41 @@ ssh_kex2(struct ssh *ssh, char *host, st +@@ -262,36 +264,41 @@ ssh_kex2(struct ssh *ssh, char *host, struct sockaddr *hostaddr, u_short port, #if defined(GSSAPI) && defined(WITH_OPENSSL) if (options.gss_keyex) { @@ -349,62 +649,19 @@ diff -up openssh-8.6p1/sshconnect2.c.fips openssh-8.6p1/sshconnect2.c } } #endif -diff -up openssh-8.6p1/sshd.c.fips openssh-8.6p1/sshd.c ---- openssh-8.6p1/sshd.c.fips 2021-05-06 12:08:36.493926838 +0200 -+++ openssh-8.6p1/sshd.c 2021-05-06 12:13:56.501492639 +0200 -@@ -66,6 +66,7 @@ - #endif - #include - #include -+#include - #include - #include - #include -@@ -77,6 +78,7 @@ +diff --git a/sshd-auth.c b/sshd-auth.c +index 897db9b4..eaf32981 100644 +--- a/sshd-auth.c ++++ b/sshd-auth.c +@@ -58,6 +58,7 @@ #ifdef WITH_OPENSSL - #include - #include -+#include - #include "openbsd-compat/openssl-compat.h" - #endif - -@@ -1931,6 +1931,13 @@ main(int ac, char **av) - &key, NULL)) != 0 && r != SSH_ERR_SYSTEM_ERROR) - do_log2_r(r, ll, "Unable to load host key \"%s\"", - options.host_key_files[i]); -+ if (FIPS_mode() && key != NULL && (sshkey_type_plain(key->type) == KEY_ED25519_SK -+ || sshkey_type_plain(key->type) == KEY_ED25519)) { -+ logit_f("sshd: Ed25519 keys are not allowed in FIPS mode, skipping %s", options.host_key_files[i]); -+ sshkey_free(key); -+ key = NULL; -+ continue; -+ } - if (sshkey_is_sk(key) && - key->sk_flags & SSH_SK_USER_PRESENCE_REQD) { - debug("host key %s requires user presence, ignoring", -@@ -2110,6 +2113,10 @@ main(int ac, char **av) - /* Reinitialize the log (because of the fork above). */ - log_init(__progname, options.log_level, options.log_facility, log_stderr); - -+ if (FIPS_mode()) { -+ debug("FIPS mode initialized"); -+ } -+ - /* - * Chdir to the root directory so that the current disk can be - * unmounted if desired. -diff -up openssh-8.6p1/sshd-session.c.fips openssh-8.6p1/sshd-session.c ---- a/sshd-session.c.fips 2021-05-06 12:08:36.493926838 +0200 -+++ b/sshd-session.c 2021-05-06 12:13:56.501492639 +0200 -@@ -78,6 +79,7 @@ #include #include - #include +#include - #include "openbsd-compat/openssl-compat.h" #endif -@@ -2506,10 +2513,14 @@ do_ssh2_kex(struct ssh *ssh) + #include "xmalloc.h" +@@ -859,10 +860,14 @@ do_ssh2_kex(struct ssh *ssh) if (strlen(myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS]) == 0) orig = NULL; @@ -423,10 +680,56 @@ diff -up openssh-8.6p1/sshd-session.c.fips openssh-8.6p1/sshd-session.c if (gss && orig) xasprintf(&newstr, "%s,%s", gss, orig); -diff -up openssh-8.6p1/sshkey.c.fips openssh-8.6p1/sshkey.c ---- openssh-8.6p1/sshkey.c.fips 2021-05-06 12:08:36.493926838 +0200 -+++ openssh-8.6p1/sshkey.c 2021-05-06 12:08:36.502926908 +0200 -@@ -36,6 +36,7 @@ +diff --git a/sshd.c b/sshd.c +index 8a99f0b2..5ff0b5ff 100644 +--- a/sshd.c ++++ b/sshd.c +@@ -52,6 +52,7 @@ + #endif + #include + #include ++#include + #include + #include + #include +@@ -63,6 +64,7 @@ + #ifdef WITH_OPENSSL + #include + #include ++#include + #include "openbsd-compat/openssl-compat.h" + #endif + +@@ -1611,6 +1613,13 @@ main(int ac, char **av) + &key, NULL)) != 0 && r != SSH_ERR_SYSTEM_ERROR) + do_log2_r(r, ll, "Unable to load host key \"%s\"", + options.host_key_files[i]); ++ if (FIPS_mode() && key != NULL && (sshkey_type_plain(key->type) == KEY_ED25519_SK ++ || sshkey_type_plain(key->type) == KEY_ED25519)) { ++ logit_f("sshd: Ed25519 keys are not allowed in FIPS mode, skipping %s", options.host_key_files[i]); ++ sshkey_free(key); ++ key = NULL; ++ continue; ++ } + if (sshkey_is_sk(key) && + key->sk_flags & SSH_SK_USER_PRESENCE_REQD) { + debug("host key %s requires user presence, ignoring", +@@ -1830,6 +1839,10 @@ main(int ac, char **av) + /* Reinitialize the log (because of the fork above). */ + log_init(__progname, options.log_level, options.log_facility, log_stderr); + ++ if (FIPS_mode()) { ++ debug("FIPS mode initialized"); ++ } ++ + /* + * Chdir to the root directory so that the current disk can be + * unmounted if desired. +diff --git a/sshkey.c b/sshkey.c +index 4e41a78c..ca1cdb64 100644 +--- a/sshkey.c ++++ b/sshkey.c +@@ -35,6 +35,7 @@ #include #include #include @@ -434,7 +737,7 @@ diff -up openssh-8.6p1/sshkey.c.fips openssh-8.6p1/sshkey.c #endif #include "crypto_api.h" -@@ -57,6 +58,7 @@ +@@ -59,6 +60,7 @@ #define SSHKEY_INTERNAL #include "sshkey.h" #include "match.h" @@ -442,7 +745,7 @@ diff -up openssh-8.6p1/sshkey.c.fips openssh-8.6p1/sshkey.c #include "ssh-sk.h" #ifdef WITH_XMSS -@@ -285,6 +285,18 @@ sshkey_alg_list(int certs_only, int plai +@@ -408,6 +410,18 @@ sshkey_alg_list(int certs_only, int plain_only, int include_sigonly, char sep) impl = keyimpls[i]; if (impl->name == NULL || impl->type == KEY_NULL) continue; @@ -461,7 +764,7 @@ diff -up openssh-8.6p1/sshkey.c.fips openssh-8.6p1/sshkey.c if (!include_sigonly && impl->sigonly) continue; if ((certs_only && !impl->cert) || (plain_only && impl->cert)) -@@ -1503,6 +1503,20 @@ sshkey_read(struct sshkey *ret, char **c +@@ -1441,6 +1455,20 @@ sshkey_read(struct sshkey *ret, char **cpp) return SSH_ERR_EC_CURVE_MISMATCH; } @@ -482,7 +785,7 @@ diff -up openssh-8.6p1/sshkey.c.fips openssh-8.6p1/sshkey.c /* Fill in ret from parsed key */ sshkey_free_contents(ret); *ret = *k; -@@ -2916,6 +2916,11 @@ sshkey_sign(struct sshkey *key, +@@ -2275,6 +2303,11 @@ sshkey_sign(struct sshkey *key, *lenp = 0; if (datalen > SSH_KEY_MAX_SIGN_DATA_SIZE) return SSH_ERR_INVALID_ARGUMENT; @@ -494,7 +797,7 @@ diff -up openssh-8.6p1/sshkey.c.fips openssh-8.6p1/sshkey.c if ((impl = sshkey_impl_from_key(key)) == NULL) return SSH_ERR_KEY_TYPE_UNKNOWN; if ((r = sshkey_unshield_private(key)) != 0) -@@ -2973,6 +2978,10 @@ sshkey_verify(const struct sshkey *key, +@@ -2311,6 +2344,10 @@ sshkey_verify(const struct sshkey *key, *detailsp = NULL; if (siglen == 0 || dlen > SSH_KEY_MAX_SIGN_DATA_SIZE) return SSH_ERR_INVALID_ARGUMENT; @@ -502,265 +805,9 @@ diff -up openssh-8.6p1/sshkey.c.fips openssh-8.6p1/sshkey.c + logit_f("Ed25519 keys are not allowed in FIPS mode"); + return SSH_ERR_INVALID_ARGUMENT; + } - if ((impl = sshkey_impl_from_key(key)) == NULL) - return SSH_ERR_KEY_TYPE_UNKNOWN; - return impl->funcs->verify(key, sig, siglen, data, dlen, -diff -up openssh-8.6p1/ssh-keygen.c.fips openssh-8.6p1/ssh-keygen.c ---- openssh-8.6p1/ssh-keygen.c.fips 2021-05-06 12:08:36.467926637 +0200 -+++ openssh-8.6p1/ssh-keygen.c 2021-05-06 12:08:36.503926916 +0200 -@@ -20,6 +20,7 @@ - - #ifdef WITH_OPENSSL - #include -+#include - #include - #include "openbsd-compat/openssl-compat.h" - #endif -@@ -69,6 +69,7 @@ - #include "cipher.h" - - #define DEFAULT_KEY_TYPE_NAME "ed25519" -+#define FIPS_DEFAULT_KEY_TYPE_NAME "rsa" - - /* - * Default number of bits in the RSA, DSA and ECDSA keys. These value can be -@@ -205,6 +205,12 @@ type_bits_valid(int type, const char *na - #endif - } - #ifdef WITH_OPENSSL -+ if (FIPS_mode()) { -+ if (type == KEY_DSA) -+ fatal("DSA keys are not allowed in FIPS mode"); -+ if (type == KEY_ED25519 || type == KEY_ED25519_SK) -+ fatal("ED25519 keys are not allowed in FIPS mode"); -+ } - switch (type) { - case KEY_DSA: - if (*bitsp != 1024) -@@ -266,7 +267,7 @@ ask_filename(struct passwd *pw, const ch - char *name = NULL; - - if (key_type_name == NULL) -- name = _PATH_SSH_CLIENT_ID_ED25519; -+ name = FIPS_mode() ? _PATH_SSH_CLIENT_ID_RSA : _PATH_SSH_CLIENT_ID_ED25519; - else { - switch (sshkey_type_from_shortname(key_type_name)) { - #ifdef WITH_DSA -@@ -1098,9 +1104,17 @@ do_gen_all_hostkeys(struct passwd *pw) - first = 1; - printf("%s: generating new host keys: ", __progname); - } -+ type = sshkey_type_from_shortname(key_types[i].key_type); -+ -+ /* Skip the keys that are not supported in FIPS mode */ -+ if (FIPS_mode() && (type == KEY_DSA || type == KEY_ED25519)) { -+ logit("Skipping %s key in FIPS mode", -+ key_types[i].key_type_display); -+ goto next; -+ } -+ - printf("%s ", key_types[i].key_type_display); - fflush(stdout); -- type = sshkey_type_from_shortname(key_types[i].key_type); - if ((fd = mkstemp(prv_tmp)) == -1) { - error("Could not save your private key in %s: %s", - prv_tmp, strerror(errno)); -@@ -3830,7 +3831,7 @@ main(int argc, char **argv) - } - - if (key_type_name == NULL) -- key_type_name = DEFAULT_KEY_TYPE_NAME; -+ key_type_name = FIPS_mode() ? FIPS_DEFAULT_KEY_TYPE_NAME : DEFAULT_KEY_TYPE_NAME; - - type = sshkey_type_from_shortname(key_type_name); - type_bits_valid(type, key_type_name, &bits); -diff -up openssh-9.3p1/ssh-rsa.c.evpgenrsa openssh-9.3p1/ssh-rsa.c ---- openssh-9.3p1/ssh-rsa.c.evpgenrsa 2022-06-30 15:14:58.200518353 +0200 -+++ openssh-9.3p1/ssh-rsa.c 2022-06-30 15:24:31.499641196 +0200 -@@ -33,6 +33,7 @@ - - #include - #include -+#include - - #include - #include -@@ -1705,6 +1707,8 @@ ssh_rsa_generate(u_int bits, RSA - goto out; - } - if (EVP_PKEY_keygen(ctx, &res) <= 0 || res == NULL) { -+ if (FIPS_mode()) -+ logit_f("the key length might be unsupported by FIPS mode approved key generation method"); - ret = SSH_ERR_LIBCRYPTO_ERROR; - goto out; - } -diff -up openssh-9.9p1/kexgen.c.xxx openssh-9.9p1/kexgen.c ---- openssh-9.9p1/kexgen.c.xxx 2024-10-09 10:35:56.285946080 +0200 -+++ openssh-9.9p1/kexgen.c 2024-10-09 10:41:52.792597194 +0200 -@@ -31,6 +31,7 @@ - #include - #include - #include -+#include - - #include "sshkey.h" - #include "kex.h" -@@ -115,13 +116,28 @@ kex_gen_client(struct ssh *ssh) - break; - #endif - case KEX_C25519_SHA256: -- r = kex_c25519_keypair(kex); -+ if (FIPS_mode()) { -+ logit_f("Key exchange type c25519 is not allowed in FIPS mode"); -+ r = SSH_ERR_INVALID_ARGUMENT; -+ } else { -+ r = kex_c25519_keypair(kex); -+ } - break; - case KEX_KEM_SNTRUP761X25519_SHA512: -- r = kex_kem_sntrup761x25519_keypair(kex); -+ if (FIPS_mode()) { -+ logit_f("Key exchange type sntrup761 is not allowed in FIPS mode"); -+ r = SSH_ERR_INVALID_ARGUMENT; -+ } else { -+ r = kex_kem_sntrup761x25519_keypair(kex); -+ } - break; - case KEX_KEM_MLKEM768X25519_SHA256: -- r = kex_kem_mlkem768x25519_keypair(kex); -+ if (FIPS_mode()) { -+ logit_f("Key exchange type mlkem768x25519 is not allowed in FIPS mode"); -+ r = SSH_ERR_INVALID_ARGUMENT; -+ } else { -+ r = kex_kem_mlkem768x25519_keypair(kex); -+ } - break; - default: - r = SSH_ERR_INVALID_ARGUMENT; -@@ -189,15 +205,30 @@ input_kex_gen_reply(int type, u_int32_t - break; - #endif - case KEX_C25519_SHA256: -- r = kex_c25519_dec(kex, server_blob, &shared_secret); -+ if (FIPS_mode()) { -+ logit_f("Key exchange type c25519 is not allowed in FIPS mode"); -+ r = SSH_ERR_INVALID_ARGUMENT; -+ } else { -+ r = kex_c25519_dec(kex, server_blob, &shared_secret); -+ } - break; - case KEX_KEM_SNTRUP761X25519_SHA512: -- r = kex_kem_sntrup761x25519_dec(kex, server_blob, -- &shared_secret); -+ if (FIPS_mode()) { -+ logit_f("Key exchange type sntrup761 is not allowed in FIPS mode"); -+ r = SSH_ERR_INVALID_ARGUMENT; -+ } else { -+ r = kex_kem_sntrup761x25519_dec(kex, server_blob, -+ &shared_secret); -+ } - break; - case KEX_KEM_MLKEM768X25519_SHA256: -- r = kex_kem_mlkem768x25519_dec(kex, server_blob, -- &shared_secret); -+ if (FIPS_mode()) { -+ logit_f("Key exchange type mlkem768x25519 is not allowed in FIPS mode"); -+ r = SSH_ERR_INVALID_ARGUMENT; -+ } else { -+ r = kex_kem_mlkem768x25519_dec(kex, server_blob, -+ &shared_secret); -+ } - break; - default: - r = SSH_ERR_INVALID_ARGUMENT; -@@ -312,16 +343,31 @@ input_kex_gen_init(int type, u_int32_t s - break; - #endif - case KEX_C25519_SHA256: -- r = kex_c25519_enc(kex, client_pubkey, &server_pubkey, -- &shared_secret); -+ if (FIPS_mode()) { -+ logit_f("Key exchange type c25519 is not allowed in FIPS mode"); -+ r = SSH_ERR_INVALID_ARGUMENT; -+ } else { -+ r = kex_c25519_enc(kex, client_pubkey, &server_pubkey, -+ &shared_secret); -+ } - break; - case KEX_KEM_SNTRUP761X25519_SHA512: -- r = kex_kem_sntrup761x25519_enc(kex, client_pubkey, -- &server_pubkey, &shared_secret); -+ if (FIPS_mode()) { -+ logit_f("Key exchange type sntrup761 is not allowed in FIPS mode"); -+ r = SSH_ERR_INVALID_ARGUMENT; -+ } else { -+ r = kex_kem_sntrup761x25519_enc(kex, client_pubkey, -+ &server_pubkey, &shared_secret); -+ } - break; - case KEX_KEM_MLKEM768X25519_SHA256: -- r = kex_kem_mlkem768x25519_enc(kex, client_pubkey, -- &server_pubkey, &shared_secret); -+ if (FIPS_mode()) { -+ logit_f("Key exchange type mlkem768x25519 is not allowed in FIPS mode"); -+ r = SSH_ERR_INVALID_ARGUMENT; -+ } else { -+ r = kex_kem_mlkem768x25519_enc(kex, client_pubkey, -+ &server_pubkey, &shared_secret); -+ } - break; - default: - r = SSH_ERR_INVALID_ARGUMENT; -diff -up openssh-8.7p1/ssh-ed25519.c.fips3 openssh-8.7p1/ssh-ed25519.c ---- openssh-8.7p1/ssh-ed25519.c.fips3 2022-07-11 16:53:41.428343304 +0200 -+++ openssh-8.7p1/ssh-ed25519.c 2022-07-11 16:56:09.284663661 +0200 -@@ -24,6 +24,7 @@ - - #include - #include -+#include - - #include "log.h" - #include "sshbuf.h" -@@ -52,6 +53,10 @@ ssh_ed25519_sign(const struct sshkey *ke - key->ed25519_sk == NULL || - datalen >= INT_MAX - crypto_sign_ed25519_BYTES) - return SSH_ERR_INVALID_ARGUMENT; -+ if (FIPS_mode()) { -+ logit_f("Ed25519 keys are not allowed in FIPS mode"); -+ return SSH_ERR_INVALID_ARGUMENT; -+ } - smlen = slen = datalen + crypto_sign_ed25519_BYTES; - if ((sig = malloc(slen)) == NULL) - return SSH_ERR_ALLOC_FAIL; -@@ -108,6 +113,10 @@ ssh_ed25519_verify(const struct sshkey * - dlen >= INT_MAX - crypto_sign_ed25519_BYTES || - sig == NULL || siglen == 0) - return SSH_ERR_INVALID_ARGUMENT; -+ if (FIPS_mode()) { -+ logit_f("Ed25519 keys are not allowed in FIPS mode"); -+ return SSH_ERR_INVALID_ARGUMENT; -+ } - - if ((b = sshbuf_from(sig, siglen)) == NULL) - return SSH_ERR_ALLOC_FAIL; -diff -up openssh-9.9p1/kex.c.xxx openssh-9.9p1/kex.c ---- openssh-9.9p1/kex.c.xxx 2024-10-11 12:44:08.087426597 +0200 -+++ openssh-9.9p1/kex.c 2024-10-11 14:00:10.404714521 +0200 -@@ -40,6 +40,7 @@ - #ifdef WITH_OPENSSL - #include - #include -+#include - # ifdef HAVE_EVP_KDF_CTX_NEW - # include - # include -@@ -109,7 +110,7 @@ kex_proposal_populate_entries(struct ssh - - /* Append EXT_INFO signalling to KexAlgorithms */ - if (kexalgos == NULL) -- kexalgos = defprop[PROPOSAL_KEX_ALGS]; -+ kexalgos = FIPS_mode() ? KEX_DEFAULT_KEX_FIPS : defprop[PROPOSAL_KEX_ALGS]; - if ((cp = kex_names_cat(kexalgos, ssh->kex->server ? - "ext-info-s,kex-strict-s-v00@openssh.com" : - "ext-info-c,kex-strict-c-v00@openssh.com")) == NULL) + if ((impl = sshkey_impl_from_key(key)) == NULL) + return SSH_ERR_KEY_TYPE_UNKNOWN; + return impl->funcs->verify(key, sig, siglen, data, dlen, +-- +2.49.0 + diff --git a/0043-openssh-8.7p1-ssh-manpage.patch b/0043-openssh-8.7p1-ssh-manpage.patch new file mode 100644 index 0000000..89c6ea1 --- /dev/null +++ b/0043-openssh-8.7p1-ssh-manpage.patch @@ -0,0 +1,47 @@ +From 299a602802d7c7d121306eb2aeae1502871a35cb Mon Sep 17 00:00:00 2001 +From: Dmitry Belyavskiy +Date: Thu, 15 May 2025 13:43:29 +0200 +Subject: [PATCH 43/50] openssh-8.7p1-ssh-manpage + +--- + ssh.1 | 5 ++++- + 1 file changed, 4 insertions(+), 1 deletion(-) + +diff --git a/ssh.1 b/ssh.1 +index 6a9fbdc5..755cdef2 100644 +--- a/ssh.1 ++++ b/ssh.1 +@@ -510,12 +510,12 @@ For full details of the options listed below, and their possible values, see + .It BatchMode + .It BindAddress + .It BindInterface +-.It CASignatureAlgorithms + .It CanonicalDomains + .It CanonicalizeFallbackLocal + .It CanonicalizeHostname + .It CanonicalizeMaxDots + .It CanonicalizePermittedCNAMEs ++.It CASignatureAlgorithms + .It CertificateFile + .It ChannelTimeout + .It CheckHostIP +@@ -528,6 +528,7 @@ For full details of the options listed below, and their possible values, see + .It ControlPath + .It ControlPersist + .It DynamicForward ++.It EnableSSHKeysign + .It EnableEscapeCommandline + .It EnableSSHKeysign + .It EscapeChar +@@ -588,6 +589,8 @@ For full details of the options listed below, and their possible values, see + .It RemoteCommand + .It RemoteForward + .It RequestTTY ++.It RevokedHostKeys ++.It SecurityKeyProvider + .It RequiredRSASize + .It RevokedHostKeys + .It SecurityKeyProvider +-- +2.49.0 + diff --git a/openssh-8.7p1-negotiate-supported-algs.patch b/0044-openssh-8.7p1-negotiate-supported-algs.patch similarity index 74% rename from openssh-8.7p1-negotiate-supported-algs.patch rename to 0044-openssh-8.7p1-negotiate-supported-algs.patch index c4d86e7..f4c3b8a 100644 --- a/openssh-8.7p1-negotiate-supported-algs.patch +++ b/0044-openssh-8.7p1-negotiate-supported-algs.patch @@ -1,6 +1,17 @@ -diff -up openssh-9.3p1/regress/hostkey-agent.sh.xxx openssh-9.3p1/regress/hostkey-agent.sh ---- openssh-9.3p1/regress/hostkey-agent.sh.xxx 2023-05-29 18:15:56.311236887 +0200 -+++ openssh-9.3p1/regress/hostkey-agent.sh 2023-05-29 18:16:07.598503551 +0200 +From 5c92430c08ac392b5b2ace899cc043247c923734 Mon Sep 17 00:00:00 2001 +From: Dmitry Belyavskiy +Date: Thu, 15 May 2025 13:43:29 +0200 +Subject: [PATCH 44/50] openssh-8.7p1-negotiate-supported-algs + +--- + regress/hostkey-agent.sh | 32 +++++++++++++++++++++++++------- + sshconnect2.c | 17 +++++++++++++++-- + 2 files changed, 40 insertions(+), 9 deletions(-) + +diff --git a/regress/hostkey-agent.sh b/regress/hostkey-agent.sh +index 28dcfe17..b9e716dc 100644 +--- a/regress/hostkey-agent.sh ++++ b/regress/hostkey-agent.sh @@ -17,8 +17,21 @@ trace "make CA key" ${SSHKEYGEN} -qt ed25519 -f $OBJ/agent-ca -N '' || fatal "ssh-keygen CA" @@ -24,7 +35,7 @@ diff -up openssh-9.3p1/regress/hostkey-agent.sh.xxx openssh-9.3p1/regress/hostke ${SSHKEYGEN} -qt $k -f $OBJ/agent-key.$k -N '' || fatal "ssh-keygen $k" ${SSHKEYGEN} -s $OBJ/agent-ca -qh -n localhost-with-alias \ -I localhost-with-alias $OBJ/agent-key.$k.pub || \ -@@ -32,12 +48,16 @@ rm $OBJ/agent-ca # Don't need CA private +@@ -32,12 +45,16 @@ rm $OBJ/agent-ca # Don't need CA private any more either unset SSH_AUTH_SOCK @@ -44,10 +55,10 @@ diff -up openssh-9.3p1/regress/hostkey-agent.sh.xxx openssh-9.3p1/regress/hostke ( printf 'localhost-with-alias,127.0.0.1,::1 ' ; cat $OBJ/agent-key.$k.pub) > $OBJ/known_hosts SSH_CONNECTION=`${SSH} $opts host 'echo $SSH_CONNECTION'` -@@ -50,15 +70,16 @@ for k in $SSH_KEYTYPES ; do +@@ -50,15 +67,16 @@ for k in $SSH_KEYTYPES ; do done - SSH_CERTTYPES=`ssh -Q key-sig | grep 'cert-v01@openssh.com'` + SSH_CERTTYPES=`ssh -Q key-sig | grep 'cert-v01@openssh.com' | maybe_filter_sk` +SSH_ACCEPTED_CERTTYPES=`echo "$SSH_CERTTYPES" | egrep "$PUBKEY_ACCEPTED_ALGOS"` # Prepare sshd_proxy for certificates. @@ -63,7 +74,7 @@ diff -up openssh-9.3p1/regress/hostkey-agent.sh.xxx openssh-9.3p1/regress/hostke echo "Hostkey $OBJ/agent-key.${k}.pub" >> $OBJ/sshd_proxy echo "HostCertificate $OBJ/agent-key.${k}-cert.pub" >> $OBJ/sshd_proxy test -f $OBJ/agent-key.${k}.pub || fatal "no $k key" -@@ -70,7 +93,7 @@ echo "HostKeyAlgorithms $HOSTKEYALGS" >> +@@ -70,7 +88,7 @@ echo "HostKeyAlgorithms $HOSTKEYALGS" >> $OBJ/sshd_proxy ( printf '@cert-authority localhost-with-alias ' ; cat $OBJ/agent-ca.pub) > $OBJ/known_hosts @@ -72,10 +83,11 @@ diff -up openssh-9.3p1/regress/hostkey-agent.sh.xxx openssh-9.3p1/regress/hostke verbose "cert type $k" opts="-oHostKeyAlgorithms=$k -F $OBJ/ssh_proxy" SSH_CONNECTION=`${SSH} $opts host 'echo $SSH_CONNECTION'` -diff -up openssh-9.3p1/sshconnect2.c.xxx openssh-9.3p1/sshconnect2.c ---- openssh-9.3p1/sshconnect2.c.xxx 2023-04-26 17:37:35.100827792 +0200 -+++ openssh-9.3p1/sshconnect2.c 2023-04-26 17:50:31.860748877 +0200 -@@ -221,7 +221,7 @@ ssh_kex2(struct ssh *ssh, char *host, st +diff --git a/sshconnect2.c b/sshconnect2.c +index 14f7671a..ad3f560f 100644 +--- a/sshconnect2.c ++++ b/sshconnect2.c +@@ -221,7 +221,7 @@ ssh_kex2(struct ssh *ssh, char *host, struct sockaddr *hostaddr, u_short port, const struct ssh_conn_info *cinfo) { char *myproposal[PROPOSAL_MAX]; @@ -84,7 +96,7 @@ diff -up openssh-9.3p1/sshconnect2.c.xxx openssh-9.3p1/sshconnect2.c int r, use_known_hosts_order = 0; #if defined(GSSAPI) && defined(WITH_OPENSSL) -@@ -260,10 +260,22 @@ ssh_kex2(struct ssh *ssh, char *host, st +@@ -257,10 +257,22 @@ ssh_kex2(struct ssh *ssh, char *host, struct sockaddr *hostaddr, u_short port, if (use_known_hosts_order) hkalgs = order_hostkeyalgs(host, hostaddr, port, cinfo); @@ -108,7 +120,7 @@ diff -up openssh-9.3p1/sshconnect2.c.xxx openssh-9.3p1/sshconnect2.c #if defined(GSSAPI) && defined(WITH_OPENSSL) if (options.gss_keyex) { -@@ -303,6 +315,7 @@ ssh_kex2(struct ssh *ssh, char *host, st +@@ -304,6 +316,7 @@ ssh_kex2(struct ssh *ssh, char *host, struct sockaddr *hostaddr, u_short port, #endif free(hkalgs); @@ -116,3 +128,6 @@ diff -up openssh-9.3p1/sshconnect2.c.xxx openssh-9.3p1/sshconnect2.c /* start key exchange */ if ((r = kex_setup(ssh, myproposal)) != 0) +-- +2.49.0 + diff --git a/openssh-9.0p1-evp-fips-kex.patch b/0045-openssh-9.0p1-evp-fips-kex.patch similarity index 90% rename from openssh-9.0p1-evp-fips-kex.patch rename to 0045-openssh-9.0p1-evp-fips-kex.patch index 36fd1cf..610cea0 100644 --- a/openssh-9.0p1-evp-fips-kex.patch +++ b/0045-openssh-9.0p1-evp-fips-kex.patch @@ -1,6 +1,20 @@ -diff --color -ru -x regress -x autom4te.cache -x '*.o' -x '*.lo' -x Makefile -x config.status -x configure~ -x configure.ac openssh-9.0p1/dh.c openssh-9.0p1-patched/dh.c ---- openssh-9.0p1/dh.c 2023-05-25 09:24:28.730868316 +0200 -+++ openssh-9.0p1-patched/dh.c 2023-05-25 09:23:44.841379532 +0200 +From be23afbab800c9b5ffea56b3f410a04156c08df2 Mon Sep 17 00:00:00 2001 +From: Dmitry Belyavskiy +Date: Thu, 15 May 2025 13:43:29 +0200 +Subject: [PATCH 45/50] openssh-9.0p1-evp-fips-kex + +--- + dh.c | 98 +++++++++++++++++++++++++++++++++----- + kex.c | 139 ++++++++++++++++++++++++++++++++++++++++++++++++++++++ + kex.h | 6 +++ + kexdh.c | 52 ++++++++++++++++++-- + kexecdh.c | 129 ++++++++++++++++++++++++++++++++++++++++---------- + 5 files changed, 382 insertions(+), 42 deletions(-) + +diff --git a/dh.c b/dh.c +index 8c9a29fa..ea0a0b09 100644 +--- a/dh.c ++++ b/dh.c @@ -37,6 +37,9 @@ #include #include @@ -11,7 +25,7 @@ diff --color -ru -x regress -x autom4te.cache -x '*.o' -x '*.lo' -x Makefile -x #include "dh.h" #include "pathnames.h" -@@ -290,10 +293,15 @@ +@@ -290,10 +293,15 @@ dh_pub_is_valid(const DH *dh, const BIGNUM *dh_pub) int dh_gen_key(DH *dh, int need) { @@ -30,7 +44,7 @@ diff --color -ru -x regress -x autom4te.cache -x '*.o' -x '*.lo' -x Makefile -x if (need < 0 || dh_p == NULL || (pbits = BN_num_bits(dh_p)) <= 0 || -@@ -301,19 +309,85 @@ +@@ -301,19 +309,85 @@ dh_gen_key(DH *dh, int need) return SSH_ERR_INVALID_ARGUMENT; if (need < 256) need = 256; @@ -125,10 +139,11 @@ diff --color -ru -x regress -x autom4te.cache -x '*.o' -x '*.lo' -x Makefile -x } DH * -diff --color -ru -x regress -x autom4te.cache -x '*.o' -x '*.lo' -x Makefile -x config.status -x configure~ -x configure.ac openssh-9.0p1/kex.c openssh-9.0p1-patched/kex.c ---- openssh-9.0p1/kex.c 2023-05-25 09:24:28.731868327 +0200 -+++ openssh-9.0p1-patched/kex.c 2023-05-25 09:23:44.841379532 +0200 -@@ -1623,3 +1623,142 @@ +diff --git a/kex.c b/kex.c +index 71fbe5cb..ce6a7b81 100644 +--- a/kex.c ++++ b/kex.c +@@ -1614,3 +1614,142 @@ kex_exchange_identification(struct ssh *ssh, int timeout_ms, return r; } @@ -271,9 +286,34 @@ diff --color -ru -x regress -x autom4te.cache -x '*.o' -x '*.lo' -x Makefile -x + return r; +} +#endif /* WITH_OPENSSL */ -diff --color -ru -x regress -x autom4te.cache -x '*.o' -x '*.lo' -x Makefile -x config.status -x configure~ -x configure.ac openssh-9.0p1/kexdh.c openssh-9.0p1-patched/kexdh.c ---- openssh-9.0p1/kexdh.c 2023-05-25 09:24:28.674867692 +0200 -+++ openssh-9.0p1-patched/kexdh.c 2023-05-25 09:25:28.494533889 +0200 +diff --git a/kex.h b/kex.h +index 6a55aadf..48f3bb87 100644 +--- a/kex.h ++++ b/kex.h +@@ -37,6 +37,9 @@ + # include + # include + # include ++# include ++# include ++# include + # ifdef OPENSSL_HAS_ECC + # include + # else /* OPENSSL_HAS_ECC */ +@@ -311,6 +314,9 @@ int kexc25519_shared_key_ext(const u_char key[CURVE25519_SIZE], + const u_char pub[CURVE25519_SIZE], struct sshbuf *out, int) + __attribute__((__bounded__(__minbytes__, 1, CURVE25519_SIZE))) + __attribute__((__bounded__(__minbytes__, 2, CURVE25519_SIZE))); ++int kex_create_evp_dh(EVP_PKEY **, const BIGNUM *, const BIGNUM *, ++ const BIGNUM *, const BIGNUM *, const BIGNUM *); ++int kex_create_evp_ec(EC_KEY *k, int ecdsa_nid, EVP_PKEY **pkey); + + #if defined(DEBUG_KEX) || defined(DEBUG_KEXDH) || defined(DEBUG_KEXECDH) + void dump_digest(const char *, const u_char *, int); +diff --git a/kexdh.c b/kexdh.c +index 0faab21b..32e1de51 100644 +--- a/kexdh.c ++++ b/kexdh.c @@ -35,6 +35,10 @@ #include "openbsd-compat/openssl-compat.h" @@ -285,7 +325,7 @@ diff --color -ru -x regress -x autom4te.cache -x '*.o' -x '*.lo' -x Makefile -x #include "sshkey.h" #include "kex.h" -@@ -83,9 +87,12 @@ +@@ -83,9 +87,12 @@ int kex_dh_compute_key(struct kex *kex, BIGNUM *dh_pub, struct sshbuf *out) { BIGNUM *shared_secret = NULL; @@ -299,7 +339,7 @@ diff --color -ru -x regress -x autom4te.cache -x '*.o' -x '*.lo' -x Makefile -x #ifdef DEBUG_KEXDH fprintf(stderr, "dh_pub= "); -@@ -100,24 +107,59 @@ +@@ -100,24 +107,59 @@ kex_dh_compute_key(struct kex *kex, BIGNUM *dh_pub, struct sshbuf *out) r = SSH_ERR_MESSAGE_INCOMPLETE; goto out; } @@ -363,32 +403,10 @@ diff --color -ru -x regress -x autom4te.cache -x '*.o' -x '*.lo' -x Makefile -x return r; } -diff --color -ru -x regress -x autom4te.cache -x '*.o' -x '*.lo' -x Makefile -x config.status -x configure~ -x configure.ac openssh-9.0p1/kex.h openssh-9.0p1-patched/kex.h ---- openssh-9.0p1/kex.h 2023-05-25 09:24:28.725868260 +0200 -+++ openssh-9.0p1-patched/kex.h 2023-05-25 09:23:44.841379532 +0200 -@@ -33,6 +33,9 @@ - # include - # include - # include -+# include -+# include -+# include - # ifdef OPENSSL_HAS_ECC - # include - # else /* OPENSSL_HAS_ECC */ -@@ -283,6 +286,9@@ - const u_char pub[CURVE25519_SIZE], struct sshbuf *out, int) - __attribute__((__bounded__(__minbytes__, 1, CURVE25519_SIZE))) - __attribute__((__bounded__(__minbytes__, 2, CURVE25519_SIZE))); -+int kex_create_evp_dh(EVP_PKEY **, const BIGNUM *, const BIGNUM *, -+ const BIGNUM *, const BIGNUM *, const BIGNUM *); -+int kex_create_evp_ec(EC_KEY *k, int ecdsa_nid, EVP_PKEY **pkey); - - #if defined(DEBUG_KEX) || defined(DEBUG_KEXDH) || defined(DEBUG_KEXECDH) - void dump_digest(const char *, const u_char *, int); -diff --color -ru -x regress -x autom4te.cache -x '*.o' -x '*.lo' -x Makefile -x config.status -x configure~ -x configure.ac ../openssh-8.7p1/kexecdh.c ./kexecdh.c ---- ../openssh-8.7p1/kexecdh.c 2021-08-20 06:03:49.000000000 +0200 -+++ ./kexecdh.c 2023-04-13 14:30:14.882449593 +0200 +diff --git a/kexecdh.c b/kexecdh.c +index efb2e55a..d92ba54f 100644 +--- a/kexecdh.c ++++ b/kexecdh.c @@ -35,17 +35,57 @@ #include @@ -447,7 +465,7 @@ diff --color -ru -x regress -x autom4te.cache -x '*.o' -x '*.lo' -x Makefile -x int kex_ecdh_keypair(struct kex *kex) { -@@ -55,11 +95,7 @@ +@@ -55,11 +95,7 @@ kex_ecdh_keypair(struct kex *kex) struct sshbuf *buf = NULL; int r; @@ -460,7 +478,7 @@ diff --color -ru -x regress -x autom4te.cache -x '*.o' -x '*.lo' -x Makefile -x r = SSH_ERR_LIBCRYPTO_ERROR; goto out; } -@@ -101,11 +137,7 @@ +@@ -101,11 +137,7 @@ kex_ecdh_enc(struct kex *kex, const struct sshbuf *client_blob, *server_blobp = NULL; *shared_secretp = NULL; @@ -473,7 +491,7 @@ diff --color -ru -x regress -x autom4te.cache -x '*.o' -x '*.lo' -x Makefile -x r = SSH_ERR_LIBCRYPTO_ERROR; goto out; } -@@ -140,11 +172,21 @@ +@@ -140,11 +172,21 @@ kex_ecdh_dec_key_group(struct kex *kex, const struct sshbuf *ec_blob, { struct sshbuf *buf = NULL; BIGNUM *shared_secret = NULL; @@ -498,7 +516,7 @@ diff --color -ru -x regress -x autom4te.cache -x '*.o' -x '*.lo' -x Makefile -x *shared_secretp = NULL; if ((buf = sshbuf_new()) == NULL) { -@@ -153,45 +195,82 @@ +@@ -153,45 +195,82 @@ kex_ecdh_dec_key_group(struct kex *kex, const struct sshbuf *ec_blob, } if ((r = sshbuf_put_stringb(buf, ec_blob)) != 0) goto out; @@ -593,3 +611,6 @@ diff --color -ru -x regress -x autom4te.cache -x '*.o' -x '*.lo' -x Makefile -x sshbuf_free(buf); return r; } +-- +2.49.0 + diff --git a/openssh-8.7p1-nohostsha1proof.patch b/0046-openssh-8.7p1-nohostsha1proof.patch similarity index 69% rename from openssh-8.7p1-nohostsha1proof.patch rename to 0046-openssh-8.7p1-nohostsha1proof.patch index dae0932..9e75c8a 100644 --- a/openssh-8.7p1-nohostsha1proof.patch +++ b/0046-openssh-8.7p1-nohostsha1proof.patch @@ -1,7 +1,27 @@ -diff -up openssh-8.7p1/compat.c.sshrsacheck openssh-8.7p1/compat.c ---- openssh-8.7p1/compat.c.sshrsacheck 2023-01-12 13:29:06.338710923 +0100 -+++ openssh-8.7p1/compat.c 2023-01-12 13:29:06.357711165 +0100 -@@ -43,6 +43,7 @@ void +From e4ca3b9dba1cc832a9974493c91207d42e218a68 Mon Sep 17 00:00:00 2001 +From: Dmitry Belyavskiy +Date: Thu, 15 May 2025 13:43:29 +0200 +Subject: [PATCH 46/50] openssh-8.7p1-nohostsha1proof + +--- + compat.c | 6 +++++ + compat.h | 2 +- + monitor.c | 27 ++++++++++++++++------ + regress/unittests/kex/test_kex.c | 3 ++- + regress/unittests/sshkey/test_file.c | 3 ++- + regress/unittests/sshkey/test_fuzz.c | 3 ++- + regress/unittests/sshkey/test_sshkey.c | 32 +++++++++++++++++--------- + serverloop.c | 6 ++++- + ssh-rsa.c | 3 ++- + sshconnect2.c | 8 +++++++ + sshd-session.c | 21 +++++++++++++++++ + 11 files changed, 90 insertions(+), 24 deletions(-) + +diff --git a/compat.c b/compat.c +index b59f0bfc..4e611dc3 100644 +--- a/compat.c ++++ b/compat.c +@@ -42,6 +42,7 @@ void compat_banner(struct ssh *ssh, const char *version) { int i; @@ -9,7 +29,7 @@ diff -up openssh-8.7p1/compat.c.sshrsacheck openssh-8.7p1/compat.c static struct { char *pat; int bugs; -@@ -145,16 +146,21 @@ compat_banner(struct ssh *ssh, const cha +@@ -125,16 +126,21 @@ compat_banner(struct ssh *ssh, const char *version) }; /* process table, return first match */ @@ -31,9 +51,10 @@ diff -up openssh-8.7p1/compat.c.sshrsacheck openssh-8.7p1/compat.c } /* Always returns pointer to allocated memory, caller must free. */ -diff -up openssh-8.7p1/compat.h.sshrsacheck openssh-8.7p1/compat.h ---- openssh-8.7p1/compat.h.sshrsacheck 2021-08-20 06:03:49.000000000 +0200 -+++ openssh-8.7p1/compat.h 2023-01-12 13:29:06.358711178 +0100 +diff --git a/compat.h b/compat.h +index 1a19060f..2e6db5bf 100644 +--- a/compat.h ++++ b/compat.h @@ -30,7 +30,7 @@ #define SSH_BUG_UTF8TTYMODE 0x00000001 #define SSH_BUG_SIGTYPE 0x00000002 @@ -43,24 +64,28 @@ diff -up openssh-8.7p1/compat.h.sshrsacheck openssh-8.7p1/compat.h #define SSH_OLD_SESSIONID 0x00000010 /* #define unused 0x00000020 */ #define SSH_BUG_DEBUG 0x00000040 -diff -up openssh-8.7p1/monitor.c.sshrsacheck openssh-8.7p1/monitor.c ---- openssh-8.7p1/monitor.c.sshrsacheck 2023-01-20 13:07:54.279676981 +0100 -+++ openssh-8.7p1/monitor.c 2023-01-20 15:01:07.007821379 +0100 -@@ -660,11 +660,12 @@ mm_answer_sign(struct ssh *ssh, int sock - struct sshkey *key; +diff --git a/monitor.c b/monitor.c +index fbc35782..19cb058e 100644 +--- a/monitor.c ++++ b/monitor.c +@@ -747,11 +747,12 @@ mm_answer_sign(struct ssh *ssh, int sock, struct sshbuf *m) + struct sshkey *pubkey, *key; struct sshbuf *sigbuf = NULL; u_char *p = NULL, *signature = NULL; - char *alg = NULL; +- size_t datlen, siglen; +- int r, is_proof = 0, keyid; +- u_int compat; + char *alg = NULL, *effective_alg; - size_t datlen, siglen, alglen; - int r, is_proof = 0; - u_int keyid, compat; ++ size_t datlen, siglen, alglen; ++ int r, is_proof = 0; ++ u_int keyid, compat; const char proof_req[] = "hostkeys-prove-00@openssh.com"; + const char safe_rsa[] = "rsa-sha2-256"; debug3_f("entering"); -@@ -719,18 +720,30 @@ mm_answer_sign(struct ssh *ssh, int sock +@@ -809,18 +810,30 @@ mm_answer_sign(struct ssh *ssh, int sock, struct sshbuf *m) } if ((key = get_hostkey_by_index(keyid)) != NULL) { @@ -94,10 +119,11 @@ diff -up openssh-8.7p1/monitor.c.sshrsacheck openssh-8.7p1/monitor.c is_proof ? "hostkey proof" : "KEX", siglen); sshbuf_reset(m); -diff -up openssh-8.7p1/regress/unittests/kex/test_kex.c.sshrsacheck openssh-8.7p1/regress/unittests/kex/test_kex.c ---- openssh-8.7p1/regress/unittests/kex/test_kex.c.sshrsacheck 2023-01-26 13:34:52.645743677 +0100 -+++ openssh-8.7p1/regress/unittests/kex/test_kex.c 2023-01-26 13:36:56.220745823 +0100 -@@ -97,7 +97,8 @@ do_kex_with_key(char *kex, int keytype, +diff --git a/regress/unittests/kex/test_kex.c b/regress/unittests/kex/test_kex.c +index caf8f57f..09016aea 100644 +--- a/regress/unittests/kex/test_kex.c ++++ b/regress/unittests/kex/test_kex.c +@@ -97,7 +97,8 @@ do_kex_with_key(char *kex, int keytype, int bits) memcpy(kex_params.proposal, myproposal, sizeof(myproposal)); if (kex != NULL) kex_params.proposal[PROPOSAL_KEX_ALGS] = kex; @@ -107,10 +133,11 @@ diff -up openssh-8.7p1/regress/unittests/kex/test_kex.c.sshrsacheck openssh-8.7p ASSERT_PTR_NE(keyname, NULL); kex_params.proposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = keyname; ASSERT_INT_EQ(ssh_init(&client, 0, &kex_params), 0); -diff -up openssh-8.7p1/regress/unittests/sshkey/test_file.c.sshrsacheck openssh-8.7p1/regress/unittests/sshkey/test_file.c ---- openssh-8.7p1/regress/unittests/sshkey/test_file.c.sshrsacheck 2023-01-26 12:04:55.946343408 +0100 -+++ openssh-8.7p1/regress/unittests/sshkey/test_file.c 2023-01-26 12:06:35.235164432 +0100 -@@ -110,6 +110,7 @@ sshkey_file_tests(void) +diff --git a/regress/unittests/sshkey/test_file.c b/regress/unittests/sshkey/test_file.c +index 3babe604..cc80fe97 100644 +--- a/regress/unittests/sshkey/test_file.c ++++ b/regress/unittests/sshkey/test_file.c +@@ -109,6 +109,7 @@ sshkey_file_tests(void) sshkey_free(k2); TEST_DONE(); @@ -118,7 +145,7 @@ diff -up openssh-8.7p1/regress/unittests/sshkey/test_file.c.sshrsacheck openssh- TEST_START("load RSA cert with SHA1 signature"); ASSERT_INT_EQ(sshkey_load_cert(test_data_file("rsa_1_sha1"), &k2), 0); ASSERT_PTR_NE(k2, NULL); -@@ -117,7 +118,7 @@ sshkey_file_tests(void) +@@ -116,7 +117,7 @@ sshkey_file_tests(void) ASSERT_INT_EQ(sshkey_equal_public(k1, k2), 1); ASSERT_STRING_EQ(k2->cert->signature_type, "ssh-rsa"); sshkey_free(k2); @@ -127,10 +154,11 @@ diff -up openssh-8.7p1/regress/unittests/sshkey/test_file.c.sshrsacheck openssh- TEST_START("load RSA cert with SHA512 signature"); ASSERT_INT_EQ(sshkey_load_cert(test_data_file("rsa_1_sha512"), &k2), 0); -diff -up openssh-8.7p1/regress/unittests/sshkey/test_fuzz.c.sshrsacheck openssh-8.7p1/regress/unittests/sshkey/test_fuzz.c ---- openssh-8.7p1/regress/unittests/sshkey/test_fuzz.c.sshrsacheck 2023-01-26 12:10:37.533168013 +0100 -+++ openssh-8.7p1/regress/unittests/sshkey/test_fuzz.c 2023-01-26 12:15:35.637631860 +0100 -@@ -333,13 +333,14 @@ sshkey_fuzz_tests(void) +diff --git a/regress/unittests/sshkey/test_fuzz.c b/regress/unittests/sshkey/test_fuzz.c +index 0aff7c9b..951122e1 100644 +--- a/regress/unittests/sshkey/test_fuzz.c ++++ b/regress/unittests/sshkey/test_fuzz.c +@@ -338,13 +338,14 @@ sshkey_fuzz_tests(void) TEST_DONE(); #ifdef WITH_OPENSSL @@ -146,10 +174,11 @@ diff -up openssh-8.7p1/regress/unittests/sshkey/test_fuzz.c.sshrsacheck openssh- TEST_START("fuzz RSA SHA256 sig"); buf = load_file("rsa_1"); -diff -up openssh-8.7p1/regress/unittests/sshkey/test_sshkey.c.sshrsacheck openssh-8.7p1/regress/unittests/sshkey/test_sshkey.c ---- openssh-8.7p1/regress/unittests/sshkey/test_sshkey.c.sshrsacheck 2023-01-26 11:02:52.339413463 +0100 -+++ openssh-8.7p1/regress/unittests/sshkey/test_sshkey.c 2023-01-26 11:58:42.324253896 +0100 -@@ -60,6 +60,9 @@ build_cert(struct sshbuf *b, struct sshk +diff --git a/regress/unittests/sshkey/test_sshkey.c b/regress/unittests/sshkey/test_sshkey.c +index 5bf4b65c..6d0a35bb 100644 +--- a/regress/unittests/sshkey/test_sshkey.c ++++ b/regress/unittests/sshkey/test_sshkey.c +@@ -61,6 +61,9 @@ build_cert(struct sshbuf *b, struct sshkey *k, const char *type, u_char *sigblob; size_t siglen; @@ -159,7 +188,7 @@ diff -up openssh-8.7p1/regress/unittests/sshkey/test_sshkey.c.sshrsacheck openss ca_buf = sshbuf_new(); ASSERT_PTR_NE(ca_buf, NULL); ASSERT_INT_EQ(sshkey_putb(ca_key, ca_buf), 0); -@@ -101,8 +104,9 @@ build_cert(struct sshbuf *b, struct sshk +@@ -102,8 +105,9 @@ build_cert(struct sshbuf *b, struct sshkey *k, const char *type, ASSERT_INT_EQ(sshbuf_put_string(b, NULL, 0), 0); /* reserved */ ASSERT_INT_EQ(sshbuf_put_stringb(b, ca_buf), 0); /* signature key */ ASSERT_INT_EQ(sshkey_sign(sign_key, &sigblob, &siglen, @@ -171,7 +200,7 @@ diff -up openssh-8.7p1/regress/unittests/sshkey/test_sshkey.c.sshrsacheck openss free(sigblob); sshbuf_free(ca_buf); -@@ -119,16 +123,22 @@ signature_test(struct sshkey *k, struct +@@ -120,16 +124,22 @@ signature_test(struct sshkey *k, struct sshkey *bad, const char *sig_alg, { size_t len; u_char *sig; @@ -202,7 +231,7 @@ diff -up openssh-8.7p1/regress/unittests/sshkey/test_sshkey.c.sshrsacheck openss free(sig); } -@@ -514,7 +524,7 @@ sshkey_tests(void) +@@ -526,7 +536,7 @@ sshkey_tests(void) ASSERT_INT_EQ(sshkey_load_public(test_data_file("rsa_1.pub"), &k2, NULL), 0); k3 = get_private("rsa_1"); @@ -211,9 +240,10 @@ diff -up openssh-8.7p1/regress/unittests/sshkey/test_sshkey.c.sshrsacheck openss ASSERT_INT_EQ(sshkey_from_blob(sshbuf_ptr(b), sshbuf_len(b), &k4), SSH_ERR_KEY_CERT_INVALID_SIGN_KEY); ASSERT_PTR_EQ(k4, NULL); -diff -up openssh-8.7p1/serverloop.c.sshrsacheck openssh-8.7p1/serverloop.c ---- openssh-8.7p1/serverloop.c.sshrsacheck 2023-01-12 14:57:08.118400073 +0100 -+++ openssh-8.7p1/serverloop.c 2023-01-12 14:59:17.330470518 +0100 +diff --git a/serverloop.c b/serverloop.c +index 40ddfb04..9c5b1567 100644 +--- a/serverloop.c ++++ b/serverloop.c @@ -80,6 +80,7 @@ #include "auth-options.h" #include "serverloop.h" @@ -222,10 +252,11 @@ diff -up openssh-8.7p1/serverloop.c.sshrsacheck openssh-8.7p1/serverloop.c extern ServerOptions options; -@@ -737,6 +737,10 @@ server_input_hostkeys_prove(struct ssh * +@@ -699,7 +700,10 @@ server_input_hostkeys_prove(struct ssh *ssh, struct sshbuf **respp) else if (ssh->kex->flags & KEX_RSA_SHA2_256_SUPPORTED) sigalg = "rsa-sha2-256"; } +- + if (ssh->compat & SSH_RH_RSASIGSHA && sigalg == NULL) { + sigalg = "rsa-sha2-512"; + debug3_f("SHA1 signature is not supported, falling back to %s", sigalg); @@ -233,10 +264,25 @@ diff -up openssh-8.7p1/serverloop.c.sshrsacheck openssh-8.7p1/serverloop.c debug3_f("sign %s key (index %d) using sigalg %s", sshkey_type(key), ndx, sigalg == NULL ? "default" : sigalg); if ((r = sshbuf_put_cstring(sigbuf, -diff -up openssh-8.7p1/sshconnect2.c.sshrsacheck openssh-8.7p1/sshconnect2.c ---- openssh-8.7p1/sshconnect2.c.sshrsacheck 2023-01-25 15:33:29.140353651 +0100 -+++ openssh-8.7p1/sshconnect2.c 2023-01-25 15:59:34.225364883 +0100 -@@ -1461,6 +1464,14 @@ identity_sign(struct identity *id, u_cha +diff --git a/ssh-rsa.c b/ssh-rsa.c +index 6c2f771a..8dd4ab01 100644 +--- a/ssh-rsa.c ++++ b/ssh-rsa.c +@@ -509,7 +509,8 @@ ssh_rsa_verify(const struct sshkey *key, + ret = SSH_ERR_INVALID_ARGUMENT; + goto out; + } +- if (hash_alg != want_alg) { ++ if (hash_alg != want_alg && want_alg != SSH_DIGEST_SHA1) { ++ debug_f("Unexpected digest algorithm: got %d, wanted %d", hash_alg, want_alg); + ret = SSH_ERR_SIGNATURE_INVALID; + goto out; + } +diff --git a/sshconnect2.c b/sshconnect2.c +index ad3f560f..3941e089 100644 +--- a/sshconnect2.c ++++ b/sshconnect2.c +@@ -1434,6 +1434,14 @@ identity_sign(struct identity *id, u_char **sigp, size_t *lenp, retried = 1; goto retry_pin; } @@ -251,23 +297,11 @@ diff -up openssh-8.7p1/sshconnect2.c.sshrsacheck openssh-8.7p1/sshconnect2.c goto out; } -diff -up openssh-8.7p1/ssh-rsa.c.sshrsacheck openssh-8.7p1/ssh-rsa.c ---- openssh-8.7p1/ssh-rsa.c.sshrsacheck 2023-01-20 13:07:54.180676144 +0100 -+++ openssh-8.7p1/ssh-rsa.c 2023-01-20 13:07:54.290677074 +0100 -@@ -254,7 +254,8 @@ ssh_rsa_verify(const struct sshkey *key, - ret = SSH_ERR_INVALID_ARGUMENT; - goto out; - } -- if (hash_alg != want_alg) { -+ if (hash_alg != want_alg && want_alg != SSH_DIGEST_SHA1) { -+ debug_f("Unexpected digest algorithm: got %d, wanted %d", hash_alg, want_alg); - ret = SSH_ERR_SIGNATURE_INVALID; - goto out; - } -diff -up openssh-9.8p1/sshd-session.c.xxx openssh-9.8p1/sshd-session.c ---- openssh-9.8p1/sshd-session.c.xxx 2024-07-23 15:08:14.794350818 +0200 -+++ openssh-9.8p1/sshd-session.c 2024-07-23 15:40:21.658456636 +0200 -@@ -1305,6 +1305,27 @@ main(int ac, char **av) +diff --git a/sshd-session.c b/sshd-session.c +index a808ac9a..c3349a8a 100644 +--- a/sshd-session.c ++++ b/sshd-session.c +@@ -1316,6 +1316,27 @@ main(int ac, char **av) check_ip_options(ssh); @@ -295,3 +329,6 @@ diff -up openssh-9.8p1/sshd-session.c.xxx openssh-9.8p1/sshd-session.c /* Prepare the channels layer */ channel_init_channels(ssh); channel_set_af(ssh, options.address_family); +-- +2.49.0 + diff --git a/0047-openssh-9.6p1-pam-rhost.patch b/0047-openssh-9.6p1-pam-rhost.patch new file mode 100644 index 0000000..968e60a --- /dev/null +++ b/0047-openssh-9.6p1-pam-rhost.patch @@ -0,0 +1,25 @@ +From 497de886faaddec60b7ad1013396c7d4f3145968 Mon Sep 17 00:00:00 2001 +From: Dmitry Belyavskiy +Date: Thu, 15 May 2025 13:43:29 +0200 +Subject: [PATCH 47/50] openssh-9.6p1-pam-rhost + +--- + auth-pam.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/auth-pam.c b/auth-pam.c +index a042c3c8..a321e0d3 100644 +--- a/auth-pam.c ++++ b/auth-pam.c +@@ -741,7 +741,7 @@ sshpam_init(struct ssh *ssh, Authctxt *authctxt) + sshpam_laddr = get_local_ipaddr( + ssh_packet_get_connection_in(ssh)); + } +- if (sshpam_rhost != NULL) { ++ if (sshpam_rhost != NULL && strcmp(sshpam_rhost, "UNKNOWN") != 0) { + debug("PAM: setting PAM_RHOST to \"%s\"", sshpam_rhost); + sshpam_err = pam_set_item(sshpam_handle, PAM_RHOST, + sshpam_rhost); +-- +2.49.0 + diff --git a/0048-openssh-9.9p1-separate-keysign.patch b/0048-openssh-9.9p1-separate-keysign.patch new file mode 100644 index 0000000..8d0f691 --- /dev/null +++ b/0048-openssh-9.9p1-separate-keysign.patch @@ -0,0 +1,25 @@ +From b97b1040bc0918fe9be89cdb482d046270e92d9c Mon Sep 17 00:00:00 2001 +From: Dmitry Belyavskiy +Date: Thu, 15 May 2025 13:43:29 +0200 +Subject: [PATCH 48/50] openssh-9.9p1-separate-keysign + +--- + ssh_config.5 | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/ssh_config.5 b/ssh_config.5 +index a43b2a27..9d5da2a6 100644 +--- a/ssh_config.5 ++++ b/ssh_config.5 +@@ -797,7 +797,7 @@ or + This option should be placed in the non-hostspecific section. + See + .Xr ssh-keysign 8 +-for more information. ++for more information. ssh-keysign should be installed explicitly. + .It Cm EscapeChar + Sets the escape character (default: + .Ql ~ ) . +-- +2.49.0 + diff --git a/openssh-9.9p1-openssl-mlkem.patch b/0049-openssh-9.9p1-openssl-mlkem.patch similarity index 94% rename from openssh-9.9p1-openssl-mlkem.patch rename to 0049-openssh-9.9p1-openssl-mlkem.patch index e39bb67..e04d194 100644 --- a/openssh-9.9p1-openssl-mlkem.patch +++ b/0049-openssh-9.9p1-openssl-mlkem.patch @@ -1,8 +1,18 @@ +From 0a621a2ccb8444e4c6da906b0e112e0522658122 Mon Sep 17 00:00:00 2001 +From: Dmitry Belyavskiy +Date: Thu, 15 May 2025 13:43:29 +0200 +Subject: [PATCH 49/50] openssh-9.9p1-openssl-mlkem + +--- + kex-names.c | 20 +++ + kexmlkem768x25519.c | 291 ++++++++++++++++++++++++++++++++++++++++++++ + 2 files changed, 311 insertions(+) + diff --git a/kex-names.c b/kex-names.c -index ec840c1f..c0d3be11 100644 +index cd3902ad..36a953ab 100644 --- a/kex-names.c +++ b/kex-names.c -@@ -90,6 +90,19 @@ static const struct kexalg kexalgs[] = { +@@ -108,6 +108,19 @@ static const struct kexalg gss_kexalgs[] = { { NULL, 0, -1, -1}, }; @@ -22,7 +32,7 @@ index ec840c1f..c0d3be11 100644 static char * kex_alg_list_internal(char sep, const struct kexalg *algs) { -@@ -98,6 +111,9 @@ kex_alg_list_internal(char sep, const struct kexalg *algs) +@@ -116,6 +129,9 @@ kex_alg_list_internal(char sep, const struct kexalg *algs) const struct kexalg *k; for (k = algs; k->name != NULL; k++) { @@ -32,7 +42,7 @@ index ec840c1f..c0d3be11 100644 if (ret != NULL) ret[rlen++] = sep; nlen = strlen(k->name); -@@ -117,6 +133,10 @@ kex_alg_by_name(const char *name) +@@ -147,6 +163,10 @@ kex_alg_by_name(const char *name) { const struct kexalg *k; @@ -383,3 +393,6 @@ index 2b5d3960..670049dc 100644 } #else /* USE_MLKEM768X25519 */ int +-- +2.49.0 + diff --git a/0050-openssh-9.9p2-error_processing.patch b/0050-openssh-9.9p2-error_processing.patch new file mode 100644 index 0000000..aed1c30 --- /dev/null +++ b/0050-openssh-9.9p2-error_processing.patch @@ -0,0 +1,25 @@ +From fd32e753ae7f3b314712e6aa8b2bed3c1fca1ef5 Mon Sep 17 00:00:00 2001 +From: Dmitry Belyavskiy +Date: Fri, 16 May 2025 14:53:54 +0200 +Subject: [PATCH 50/51] openssh-9.9p2-error_processing + +--- + ssh-agent.c | 2 ++ + 1 file changed, 2 insertions(+) + +diff --git a/ssh-agent.c b/ssh-agent.c +index 798bf9b6..dfb6ac72 100644 +--- a/ssh-agent.c ++++ b/ssh-agent.c +@@ -1377,6 +1377,8 @@ process_add_identity(SocketEntry *e) + if ((r = sshkey_private_deserialize(e->request, &k)) != 0 || + k == NULL || + (r = sshbuf_get_cstring(e->request, &comment, NULL)) != 0) { ++ if (!r) /* k == NULL */ ++ r = SSH_ERR_INTERNAL_ERROR; + error_fr(r, "parse"); + goto out; + } +-- +2.49.0 + diff --git a/0051-Provide-better-error-for-non-supported-private-keys.patch b/0051-Provide-better-error-for-non-supported-private-keys.patch new file mode 100644 index 0000000..9c1aa4d --- /dev/null +++ b/0051-Provide-better-error-for-non-supported-private-keys.patch @@ -0,0 +1,27 @@ +From 4965cdbc1ee1e6a0c665797bb8b944d96d3d411f Mon Sep 17 00:00:00 2001 +From: Zoltan Fridrich +Date: Wed, 16 Apr 2025 15:11:59 +0200 +Subject: [PATCH 51/53] Provide better error for non-supported private keys + +Signed-off-by: Zoltan Fridrich +--- + sshkey.c | 3 +++ + 1 file changed, 3 insertions(+) + +diff --git a/sshkey.c b/sshkey.c +index ca1cdb642..aada474e0 100644 +--- a/sshkey.c ++++ b/sshkey.c +@@ -3582,6 +3582,9 @@ translate_libcrypto_error(unsigned long pem_err) + return SSH_ERR_LIBCRYPTO_ERROR; + } + case ERR_LIB_ASN1: ++#ifdef ERR_LIB_OSSL_DECODER ++ case ERR_LIB_OSSL_DECODER: ++#endif + return SSH_ERR_INVALID_FORMAT; + } + return SSH_ERR_LIBCRYPTO_ERROR; +-- +2.49.0 + diff --git a/0052-Ignore-bad-hostkeys-in-known_hosts-file.patch b/0052-Ignore-bad-hostkeys-in-known_hosts-file.patch new file mode 100644 index 0000000..f071225 --- /dev/null +++ b/0052-Ignore-bad-hostkeys-in-known_hosts-file.patch @@ -0,0 +1,86 @@ +From 9ed09ef158a113e21be7b3fefa7c5f932632749b Mon Sep 17 00:00:00 2001 +From: Zoltan Fridrich +Date: Mon, 5 May 2025 11:52:25 +0200 +Subject: [PATCH 52/53] Ignore bad hostkeys in known_hosts file + +Signed-off-by: Zoltan Fridrich +--- + hostfile.c | 15 +++++++++++++++ + hostfile.h | 1 + + ssh.c | 2 ++ + 3 files changed, 18 insertions(+) + +diff --git a/hostfile.c b/hostfile.c +index c5669c703..5c402f501 100644 +--- a/hostfile.c ++++ b/hostfile.c +@@ -63,6 +63,14 @@ + #include "hmac.h" + #include "sshbuf.h" + ++static int required_rsa_size = SSH_RSA_MINIMUM_MODULUS_SIZE; ++ ++void ++hostfile_set_minimum_rsa_size(int size) ++{ ++ required_rsa_size = size; ++} ++ + /* XXX hmac is too easy to dictionary attack; use bcrypt? */ + + static int +@@ -233,6 +241,7 @@ record_hostkey(struct hostkey_foreach_line *l, void *_ctx) + struct load_callback_ctx *ctx = (struct load_callback_ctx *)_ctx; + struct hostkeys *hostkeys = ctx->hostkeys; + struct hostkey_entry *tmp; ++ int r = 0; + + if (l->status == HKF_STATUS_INVALID) { + /* XXX make this verbose() in the future */ +@@ -241,6 +250,12 @@ record_hostkey(struct hostkey_foreach_line *l, void *_ctx) + return 0; + } + ++ if ((r = sshkey_check_rsa_length(l->key, required_rsa_size)) != 0) { ++ debug2_f("%s:%ld: ignoring hostkey: %s", ++ l->path, l->linenum, ssh_err(r)); ++ return 0; ++ } ++ + debug3_f("found %skey type %s in file %s:%lu", + l->marker == MRK_NONE ? "" : + (l->marker == MRK_CA ? "ca " : "revoked "), +diff --git a/hostfile.h b/hostfile.h +index a24a4e329..0e9b1a19a 100644 +--- a/hostfile.h ++++ b/hostfile.h +@@ -119,5 +119,6 @@ int hostkeys_foreach_file(const char *path, FILE *f, + const char *host, const char *ip, u_int options, u_int note); + + void hostfile_create_user_ssh_dir(const char *, int); ++void hostfile_set_minimum_rsa_size(int); + + #endif +diff --git a/ssh.c b/ssh.c +index abc8b8439..33787a8d4 100644 +--- a/ssh.c ++++ b/ssh.c +@@ -110,6 +110,7 @@ + #include "ssherr.h" + #include "myproposal.h" + #include "utf8.h" ++#include "hostfile.h" + + #ifdef ENABLE_PKCS11 + #include "ssh-pkcs11.h" +@@ -1397,6 +1398,7 @@ main(int ac, char **av) + options.update_hostkeys = 0; + } + } ++ hostfile_set_minimum_rsa_size(options.required_rsa_size); + if (options.connection_attempts <= 0) + fatal("Invalid number of ConnectionAttempts"); + +-- +2.49.0 + diff --git a/0053-support-authentication-indicators-in-GSSAPI.patch b/0053-support-authentication-indicators-in-GSSAPI.patch new file mode 100644 index 0000000..237e45d --- /dev/null +++ b/0053-support-authentication-indicators-in-GSSAPI.patch @@ -0,0 +1,450 @@ +From 5d5a66e96ad03132f65371070f4fa475f10207d9 Mon Sep 17 00:00:00 2001 +From: Alexander Bokovoy +Date: Mon, 10 Jun 2024 23:00:03 +0300 +Subject: [PATCH] support authentication indicators in GSSAPI + +RFC 6680 defines a set of GSSAPI extensions to handle attributes +associated with the GSSAPI names. MIT Kerberos and FreeIPA use +name attributes to add information about pre-authentication methods used +to acquire the initial Kerberos ticket. The attribute 'auth-indicators' +may contain list of strings that KDC has associated with the ticket +issuance process. + +Use authentication indicators to authorise or deny access to SSH server. +GSSAPIIndicators setting allows to specify a list of possible indicators +that a Kerberos ticket presented must or must not contain. More details +on the syntax are provided in sshd_config(5) man page. + +Fixes: https://bugzilla.mindrot.org/show_bug.cgi?id=2696 + +Signed-off-by: Alexander Bokovoy +--- + configure.ac | 1 + + gss-serv-krb5.c | 64 +++++++++++++++++++++++++++--- + gss-serv.c | 103 +++++++++++++++++++++++++++++++++++++++++++++++- + servconf.c | 15 ++++++- + servconf.h | 2 + + ssh-gss.h | 7 ++++ + sshd_config.5 | 44 +++++++++++++++++++++ + 7 files changed, 228 insertions(+), 8 deletions(-) + +diff --git a/configure.ac b/configure.ac +index d92a85809..2cbe20bf3 100644 +--- a/configure.ac ++++ b/configure.ac +@@ -5004,6 +5004,7 @@ AC_ARG_WITH([kerberos5], + AC_CHECK_HEADERS([gssapi.h gssapi/gssapi.h]) + AC_CHECK_HEADERS([gssapi_krb5.h gssapi/gssapi_krb5.h]) + AC_CHECK_HEADERS([gssapi_generic.h gssapi/gssapi_generic.h]) ++ AC_CHECK_HEADERS([gssapi_ext.h gssapi/gssapi_ext.h]) + + AC_SEARCH_LIBS([k_hasafs], [kafs], [AC_DEFINE([USE_AFS], [1], + [Define this if you want to use libkafs' AFS support])]) +diff --git a/gss-serv-krb5.c b/gss-serv-krb5.c +index 03188d9b3..2c786ef14 100644 +--- a/gss-serv-krb5.c ++++ b/gss-serv-krb5.c +@@ -43,6 +43,7 @@ + #include "log.h" + #include "misc.h" + #include "servconf.h" ++#include "match.h" + + #include "ssh-gss.h" + +@@ -87,6 +88,32 @@ ssh_gssapi_krb5_init(void) + return 1; + } + ++/* Check if any of the indicators in the Kerberos ticket match ++ * one of indicators in the list of allowed/denied rules. ++ * In case of the match, apply the decision from the rule. ++ * In case of no indicator from the ticket matching the rule, deny ++ */ ++ ++static int ++ssh_gssapi_check_indicators(ssh_gssapi_client *client, int *matched) ++{ ++ int ret; ++ u_int i; ++ ++ /* Check indicators */ ++ for (i = 0; client->indicators[i] != NULL; i++) { ++ ret = match_pattern_list(client->indicators[i], ++ options.gss_indicators, 1); ++ /* negative or positive match */ ++ if (ret != 0) { ++ *matched = i; ++ return ret; ++ } ++ } ++ /* No rule matched */ ++ return 0; ++} ++ + /* Check if this user is OK to login. This only works with krb5 - other + * GSSAPI mechanisms will need their own. + * Returns true if the user is OK to log in, otherwise returns 0 +@@ -193,7 +220,7 @@ static int + ssh_gssapi_krb5_userok(ssh_gssapi_client *client, char *name) + { + krb5_principal princ; +- int retval; ++ int retval, matched; + const char *errmsg; + int k5login_exists; + +@@ -216,17 +243,42 @@ ssh_gssapi_krb5_userok(ssh_gssapi_client *client, char *name) + if (k5login_exists && + ssh_krb5_kuserok(krb_context, princ, name, k5login_exists)) { + retval = 1; +- logit("Authorized to %s, krb5 principal %s (krb5_kuserok)", +- name, (char *)client->displayname.value); ++ errmsg = "krb5_kuserok"; + } else if (ssh_gssapi_krb5_cmdok(princ, client->exportedname.value, + name, k5login_exists)) { + retval = 1; +- logit("Authorized to %s, krb5 principal %s " +- "(ssh_gssapi_krb5_cmdok)", +- name, (char *)client->displayname.value); ++ errmsg = "ssh_gssapi_krb5_cmdok"; + } else + retval = 0; + ++ if ((retval == 1) && (options.gss_indicators != NULL)) { ++ /* At this point the configuration enforces presence of indicators ++ * so we drop the authorization result again */ ++ retval = 0; ++ if (client->indicators) { ++ matched = -1; ++ retval = ssh_gssapi_check_indicators(client, &matched); ++ if (retval != 0) { ++ retval = (retval == 1); ++ logit("Ticket contains indicator %s, " ++ "krb5 principal %s is %s", ++ client->indicators[matched], ++ (char *)client->displayname.value, ++ retval ? "allowed" : "denied"); ++ goto cont; ++ } ++ } ++ if (retval == 0) { ++ logit("GSSAPI authentication indicators enforced " ++ "but not matched. krb5 principal %s denied", ++ (char *)client->displayname.value); ++ } ++ } ++cont: ++ if (retval == 1) { ++ logit("Authorized to %s, krb5 principal %s (%s)", ++ name, (char *)client->displayname.value, errmsg); ++ } + krb5_free_principal(krb_context, princ); + return retval; + } +diff --git a/gss-serv.c b/gss-serv.c +index 9d5435eda..5c0491cf1 100644 +--- a/gss-serv.c ++++ b/gss-serv.c +@@ -54,7 +54,7 @@ extern ServerOptions options; + + static ssh_gssapi_client gssapi_client = + { GSS_C_EMPTY_BUFFER, GSS_C_EMPTY_BUFFER, GSS_C_NO_CREDENTIAL, +- GSS_C_NO_NAME, NULL, {NULL, NULL, NULL, NULL, NULL}, 0, 0}; ++ GSS_C_NO_NAME, NULL, {NULL, NULL, NULL, NULL, NULL}, 0, 0, NULL}; + + ssh_gssapi_mech gssapi_null_mech = + { NULL, NULL, {0, NULL}, NULL, NULL, NULL, NULL, NULL}; +@@ -296,6 +296,92 @@ ssh_gssapi_parse_ename(Gssctxt *ctx, gss_buffer_t ename, gss_buffer_t name) + return GSS_S_COMPLETE; + } + ++ ++/* Extract authentication indicators from the Kerberos ticket. Authentication ++ * indicators are GSSAPI name attributes for the name "auth-indicators". ++ * Multiple indicators might be present in the ticket. ++ * Each indicator is a utf8 string. */ ++ ++#define AUTH_INDICATORS_TAG "auth-indicators" ++ ++/* Privileged (called from accept_secure_ctx) */ ++static OM_uint32 ++ssh_gssapi_getindicators(Gssctxt *ctx, gss_name_t gss_name, ssh_gssapi_client *client) ++{ ++ gss_buffer_set_t attrs = GSS_C_NO_BUFFER_SET; ++ gss_buffer_desc value = GSS_C_EMPTY_BUFFER; ++ gss_buffer_desc display_value = GSS_C_EMPTY_BUFFER; ++ int is_mechname, authenticated, complete, more; ++ size_t count, i; ++ ++ ctx->major = gss_inquire_name(&ctx->minor, gss_name, ++ &is_mechname, NULL, &attrs); ++ if (ctx->major != GSS_S_COMPLETE) { ++ return (ctx->major); ++ } ++ ++ if (attrs == GSS_C_NO_BUFFER_SET) { ++ /* No indicators in the ticket */ ++ return (0); ++ } ++ ++ count = 0; ++ for (i = 0; i < attrs->count; i++) { ++ /* skip anything but auth-indicators */ ++ if (((sizeof(AUTH_INDICATORS_TAG) - 1) != attrs->elements[i].length) || ++ strncmp(AUTH_INDICATORS_TAG, ++ attrs->elements[i].value, ++ sizeof(AUTH_INDICATORS_TAG) - 1) != 0) ++ continue; ++ count++; ++ } ++ ++ if (count == 0) { ++ /* No auth-indicators in the ticket */ ++ (void) gss_release_buffer_set(&ctx->minor, &attrs); ++ return (0); ++ } ++ ++ client->indicators = recallocarray(NULL, 0, count + 1, sizeof(char*)); ++ count = 0; ++ for (i = 0; i < attrs->count; i++) { ++ authenticated = 0; ++ complete = 0; ++ more = -1; ++ /* skip anything but auth-indicators */ ++ if (((sizeof(AUTH_INDICATORS_TAG) - 1) != attrs->elements[i].length) || ++ strncmp(AUTH_INDICATORS_TAG, ++ attrs->elements[i].value, ++ sizeof(AUTH_INDICATORS_TAG) - 1) != 0) ++ continue; ++ /* retrieve all indicators */ ++ while (more != 0) { ++ value.value = NULL; ++ display_value.value = NULL; ++ ctx->major = gss_get_name_attribute(&ctx->minor, gss_name, ++ &attrs->elements[i], &authenticated, ++ &complete, &value, &display_value, &more); ++ if (ctx->major != GSS_S_COMPLETE) { ++ goto out; ++ } ++ ++ if ((value.value != NULL) && authenticated) { ++ client->indicators[count] = xmalloc(value.length + 1); ++ memcpy(client->indicators[count], value.value, value.length); ++ client->indicators[count][value.length] = '\0'; ++ count++; ++ } ++ } ++ } ++ ++out: ++ (void) gss_release_buffer(&ctx->minor, &value); ++ (void) gss_release_buffer(&ctx->minor, &display_value); ++ (void) gss_release_buffer_set(&ctx->minor, &attrs); ++ return (ctx->major); ++} ++ ++ + /* Extract the client details from a given context. This can only reliably + * be called once for a context */ + +@@ -385,6 +471,12 @@ ssh_gssapi_getclient(Gssctxt *ctx, ssh_gssapi_client *client) + } + + gss_release_buffer(&ctx->minor, &ename); ++ /* Retrieve authentication indicators, if they exist */ ++ if ((ctx->major = ssh_gssapi_getindicators(ctx, ++ ctx->client, client))) { ++ ssh_gssapi_error(ctx); ++ return (ctx->major); ++ } + + /* We can't copy this structure, so we just move the pointer to it */ + client->creds = ctx->client_creds; +@@ -447,6 +539,7 @@ int + ssh_gssapi_userok(char *user, struct passwd *pw, int kex) + { + OM_uint32 lmin; ++ size_t i; + + (void) kex; /* used in privilege separation */ + +@@ -465,6 +558,14 @@ ssh_gssapi_userok(char *user, struct passwd *pw, int kex) + gss_release_buffer(&lmin, &gssapi_client.displayname); + gss_release_buffer(&lmin, &gssapi_client.exportedname); + gss_release_cred(&lmin, &gssapi_client.creds); ++ ++ if (gssapi_client.indicators != NULL) { ++ for(i = 0; gssapi_client.indicators[i] != NULL; i++) { ++ free(gssapi_client.indicators[i]); ++ } ++ free(gssapi_client.indicators); ++ } ++ + explicit_bzero(&gssapi_client, + sizeof(ssh_gssapi_client)); + return 0; +diff --git a/servconf.c b/servconf.c +index e7e4ad046..aab653244 100644 +--- a/servconf.c ++++ b/servconf.c +@@ -147,6 +147,7 @@ initialize_server_options(ServerOptions *options) + options->gss_strict_acceptor = -1; + options->gss_store_rekey = -1; + options->gss_kex_algorithms = NULL; ++ options->gss_indicators = NULL; + options->use_kuserok = -1; + options->enable_k5users = -1; + options->password_authentication = -1; +@@ -598,7 +599,7 @@ typedef enum { + sPerSourcePenalties, sPerSourcePenaltyExemptList, + sClientAliveInterval, sClientAliveCountMax, sAuthorizedKeysFile, + sGssAuthentication, sGssCleanupCreds, sGssEnablek5users, sGssStrictAcceptor, +- sGssKeyEx, sGssKexAlgorithms, sGssStoreRekey, ++ sGssKeyEx, sGssIndicators, sGssKexAlgorithms, sGssStoreRekey, + sAcceptEnv, sSetEnv, sPermitTunnel, + sMatch, sPermitOpen, sPermitListen, sForceCommand, sChrootDirectory, + sUsePrivilegeSeparation, sAllowAgentForwarding, +@@ -694,6 +695,7 @@ static struct { + { "gssapistorecredentialsonrekey", sGssStoreRekey, SSHCFG_GLOBAL }, + { "gssapikexalgorithms", sGssKexAlgorithms, SSHCFG_GLOBAL }, + { "gssapienablek5users", sGssEnablek5users, SSHCFG_ALL }, ++ { "gssapiindicators", sGssIndicators, SSHCFG_ALL }, + #else + { "gssapiauthentication", sUnsupported, SSHCFG_ALL }, + { "gssapicleanupcredentials", sUnsupported, SSHCFG_GLOBAL }, +@@ -703,6 +705,7 @@ static struct { + { "gssapistorecredentialsonrekey", sUnsupported, SSHCFG_GLOBAL }, + { "gssapikexalgorithms", sUnsupported, SSHCFG_GLOBAL }, + { "gssapienablek5users", sUnsupported, SSHCFG_ALL }, ++ { "gssapiindicators", sUnsupported, SSHCFG_ALL }, + #endif + { "gssusesessionccache", sUnsupported, SSHCFG_GLOBAL }, + { "gssapiusesessioncredcache", sUnsupported, SSHCFG_GLOBAL }, +@@ -1730,6 +1733,15 @@ process_server_config_line_depth(ServerOptions *options, char *line, + options->gss_kex_algorithms = xstrdup(arg); + break; + ++ case sGssIndicators: ++ arg = argv_next(&ac, &av); ++ if (!arg || *arg == '\0') ++ fatal("%s line %d: %s missing argument.", ++ filename, linenum, keyword); ++ if (options->gss_indicators == NULL) ++ options->gss_indicators = xstrdup(arg); ++ break; ++ + case sPasswordAuthentication: + intptr = &options->password_authentication; + goto parse_flag; +@@ -3351,6 +3363,7 @@ dump_config(ServerOptions *o) + dump_cfg_fmtint(sGssStrictAcceptor, o->gss_strict_acceptor); + dump_cfg_fmtint(sGssStoreRekey, o->gss_store_rekey); + dump_cfg_string(sGssKexAlgorithms, o->gss_kex_algorithms); ++ dump_cfg_string(sGssIndicators, o->gss_indicators); + #endif + dump_cfg_fmtint(sPasswordAuthentication, o->password_authentication); + dump_cfg_fmtint(sKbdInteractiveAuthentication, +diff --git a/servconf.h b/servconf.h +index 7c7e5d434..7c41df417 100644 +--- a/servconf.h ++++ b/servconf.h +@@ -181,6 +181,7 @@ typedef struct { + char **allow_groups; + u_int num_deny_groups; + char **deny_groups; ++ char *gss_indicators; + + u_int num_subsystems; + char **subsystem_name; +@@ -310,6 +311,7 @@ TAILQ_HEAD(include_list, include_item); + M_CP_STROPT(routing_domain); \ + M_CP_STROPT(permit_user_env_allowlist); \ + M_CP_STROPT(pam_service_name); \ ++ M_CP_STROPT(gss_indicators); \ + M_CP_STRARRAYOPT(authorized_keys_files, num_authkeys_files); \ + M_CP_STRARRAYOPT(allow_users, num_allow_users); \ + M_CP_STRARRAYOPT(deny_users, num_deny_users); \ +diff --git a/ssh-gss.h b/ssh-gss.h +index a894e23c9..59cf46d47 100644 +--- a/ssh-gss.h ++++ b/ssh-gss.h +@@ -34,6 +34,12 @@ + #include + #endif + ++#ifdef HAVE_GSSAPI_EXT_H ++#include ++#elif defined(HAVE_GSSAPI_GSSAPI_EXT_H) ++#include ++#endif ++ + #ifdef KRB5 + # ifndef HEIMDAL + # ifdef HAVE_GSSAPI_GENERIC_H +@@ -107,6 +113,7 @@ typedef struct { + ssh_gssapi_ccache store; + int used; + int updated; ++ char **indicators; /* auth indicators */ + } ssh_gssapi_client; + + typedef struct ssh_gssapi_mech_struct { +diff --git a/sshd_config.5 b/sshd_config.5 +index 583a01cdb..90ab87edd 100644 +--- a/sshd_config.5 ++++ b/sshd_config.5 +@@ -785,6 +785,50 @@ gss-nistp256-sha256- + gss-curve25519-sha256- + .Ed + This option only applies to connections using GSSAPI. ++.It Cm GSSAPIIndicators ++Specifies whether to accept or deny GSSAPI authenticated access if Kerberos ++mechanism is used and Kerberos ticket contains a particular set of ++authentication indicators. The values can be specified as a comma-separated list ++.Cm [!]name1,[!]name2,... . ++When indicator's name is prefixed with !, the authentication indicator 'name' ++will deny access to the system. Otherwise, one of non-negated authentication ++indicators must be present in the Kerberos ticket to allow access. If ++.Cm GSSAPIIndicators ++is defined, a Kerberos ticket that has indicators but does not match the ++policy will get denial. If at least one indicator is configured, whether for ++access or denial, tickets without authentication indicators will be explicitly ++rejected. ++.Pp ++By default systems using MIT Kerberos 1.17 or later will not assign any ++indicators. SPAKE and PKINIT methods add authentication indicators ++to all successful authentications. The SPAKE pre-authentication method is ++preferred over an encrypted timestamp pre-authentication when passwords used to ++authenticate user principals. Kerberos KDCs built with Heimdal Kerberos ++(including Samba AD DC built with Heimdal) do not add authentication ++indicators. However, OpenSSH built against Heimdal Kerberos library is able to ++inquire authentication indicators and thus can be used to check for their presence. ++.Pp ++Indicator name is case-sensitive and depends on the configuration of a ++particular Kerberos deployment. Indicators available in MIT Kerberos and ++FreeIPA environments: ++.Pp ++.Bl -tag -width XXXX -offset indent -compact ++.It Cm hardened ++SPAKE or encrypted timestamp pre-authentication mechanisms in MIT Kerberos and FreeIPA ++.It Cm pkinit ++smartcard or PKCS11 token-based pre-authentication in MIT Kerberos and FreeIPA ++.It Cm radius ++pre-authentication based on a RADIUS server in MIT Kerberos and FreeIPA ++.It Cm otp ++TOTP/HOTP-based two-factor pre-authentication in FreeIPA ++.It Cm idp ++OAuth2-based pre-authentication in FreeIPA using an external identity provider ++and device authorization grant flow ++.It Cm passkey ++FIDO2-based pre-authentication in FreeIPA, using FIDO2 USB and NFC tokens ++.El ++.Pp ++The default is to not use GSSAPI authentication indicators for access decisions. + .It Cm HostbasedAcceptedAlgorithms + The default is handled system-wide by + .Xr crypto-policies 7 . +-- +2.49.0 + diff --git a/1000-openssh-coverity.patch b/1000-openssh-coverity.patch new file mode 100644 index 0000000..88362eb --- /dev/null +++ b/1000-openssh-coverity.patch @@ -0,0 +1,257 @@ +From 24c411970682dc67873c36bac05b4b460d68a628 Mon Sep 17 00:00:00 2001 +From: Dmitry Belyavskiy +Date: Thu, 15 May 2025 13:43:29 +0200 +Subject: [PATCH 50/50] openssh-6.7p1-coverity + +--- + auth-krb5.c | 2 ++ + gss-genr.c | 3 ++- + krl.c | 3 +++ + loginrec.c | 2 ++ + misc.c | 3 +++ + monitor.c | 4 ++-- + openbsd-compat/bindresvport.c | 2 +- + openbsd-compat/bsd-pselect.c | 8 ++++---- + readconf.c | 1 + + servconf.c | 5 +++-- + serverloop.c | 2 +- + ssh-agent.c | 1 + + ssh-keygen.c | 3 +++ + 13 files changed, 28 insertions(+), 11 deletions(-) + +diff --git a/auth-krb5.c b/auth-krb5.c +index bae153c9..209a3265 100644 +--- a/auth-krb5.c ++++ b/auth-krb5.c +@@ -427,6 +427,7 @@ ssh_krb5_cc_new_unique(krb5_context ctx, krb5_ccache *ccache, int *need_environm + umask(old_umask); + if (tmpfd == -1) { + logit("mkstemp(): %.100s", strerror(oerrno)); ++ free(ccname); + return oerrno; + } + +@@ -434,6 +435,7 @@ ssh_krb5_cc_new_unique(krb5_context ctx, krb5_ccache *ccache, int *need_environm + oerrno = errno; + logit("fchmod(): %.100s", strerror(oerrno)); + close(tmpfd); ++ free(ccname); + return oerrno; + } + /* make sure the KRB5CCNAME is set for non-standard location */ +diff --git a/gss-genr.c b/gss-genr.c +index 3034370c..c357e973 100644 +--- a/gss-genr.c ++++ b/gss-genr.c +@@ -168,8 +168,9 @@ ssh_gssapi_kex_mechs(gss_OID_set gss_supported, ssh_gssapi_check_fn *check, + enclen = __b64_ntop(digest, + ssh_digest_bytes(SSH_DIGEST_MD5), encoded, + ssh_digest_bytes(SSH_DIGEST_MD5) * 2); +- ++#pragma GCC diagnostic ignored "-Wstringop-overflow" + cp = strncpy(s, kex, strlen(kex)); ++#pragma GCC diagnostic pop + for ((p = strsep(&cp, ",")); p && *p != '\0'; + (p = strsep(&cp, ","))) { + if (sshbuf_len(buf) != 0 && +diff --git a/krl.c b/krl.c +index 0d0f6953..d8517f12 100644 +--- a/krl.c ++++ b/krl.c +@@ -1202,6 +1202,7 @@ is_key_revoked(struct ssh_krl *krl, const struct sshkey *key) + return r; + erb = RB_FIND(revoked_blob_tree, &krl->revoked_sha1s, &rb); + free(rb.blob); ++ rb.blob = NULL; /* make coverity happy */ + if (erb != NULL) { + KRL_DBG(("revoked by key SHA1")); + return SSH_ERR_KEY_REVOKED; +@@ -1212,6 +1213,7 @@ is_key_revoked(struct ssh_krl *krl, const struct sshkey *key) + return r; + erb = RB_FIND(revoked_blob_tree, &krl->revoked_sha256s, &rb); + free(rb.blob); ++ rb.blob = NULL; /* make coverity happy */ + if (erb != NULL) { + KRL_DBG(("revoked by key SHA256")); + return SSH_ERR_KEY_REVOKED; +@@ -1223,6 +1225,7 @@ is_key_revoked(struct ssh_krl *krl, const struct sshkey *key) + return r; + erb = RB_FIND(revoked_blob_tree, &krl->revoked_keys, &rb); + free(rb.blob); ++ rb.blob = NULL; /* make coverity happy */ + if (erb != NULL) { + KRL_DBG(("revoked by explicit key")); + return SSH_ERR_KEY_REVOKED; +diff --git a/loginrec.c b/loginrec.c +index c4a9bd48..2583612c 100644 +--- a/loginrec.c ++++ b/loginrec.c +@@ -683,9 +683,11 @@ construct_utmp(struct logininfo *li, + */ + + /* Use strncpy because we don't necessarily want null termination */ ++ /* coverity[buffer_size_warning : FALSE] */ + strncpy(ut->ut_name, li->username, + MIN_SIZEOF(ut->ut_name, li->username)); + # ifdef HAVE_HOST_IN_UTMP ++ /* coverity[buffer_size_warning : FALSE] */ + strncpy(ut->ut_host, li->hostname, + MIN_SIZEOF(ut->ut_host, li->hostname)); + # endif +diff --git a/misc.c b/misc.c +index 09722962..cd71c1b2 100644 +--- a/misc.c ++++ b/misc.c +@@ -1556,6 +1556,8 @@ sanitise_stdfd(void) + } + if (nullfd > STDERR_FILENO) + close(nullfd); ++ /* coverity[leaked_handle : FALSE]*/ ++ /* coverity[leaked_handle : FALSE]*/ + } + + char * +@@ -2749,6 +2751,7 @@ stdfd_devnull(int do_stdin, int do_stdout, int do_stderr) + } + if (devnull > STDERR_FILENO) + close(devnull); ++ /* coverity[leaked_handle : FALSE]*/ + return ret; + } + +diff --git a/monitor.c b/monitor.c +index 19cb058e..58fbac9d 100644 +--- a/monitor.c ++++ b/monitor.c +@@ -415,7 +415,7 @@ monitor_child_preauth(struct ssh *ssh, struct monitor *pmonitor) + mm_get_keystate(ssh, pmonitor); + + /* Drain any buffered messages from the child */ +- while (pmonitor->m_log_recvfd != -1 && monitor_read_log(pmonitor) == 0) ++ while (pmonitor->m_log_recvfd >= 0 && monitor_read_log(pmonitor) == 0) + ; + + if (pmonitor->m_recvfd >= 0) +@@ -1813,7 +1813,7 @@ mm_answer_pty(struct ssh *ssh, int sock, struct sshbuf *m) + s->ptymaster = s->ptyfd; + + debug3_f("tty %s ptyfd %d", s->tty, s->ttyfd); +- ++ /* coverity[leaked_handle : FALSE] */ + return (0); + + error: +diff --git a/openbsd-compat/bindresvport.c b/openbsd-compat/bindresvport.c +index 346c7fe5..f42792fd 100644 +--- a/openbsd-compat/bindresvport.c ++++ b/openbsd-compat/bindresvport.c +@@ -59,7 +59,7 @@ bindresvport_sa(int sd, struct sockaddr *sa) + struct sockaddr_in6 *in6; + u_int16_t *portp; + u_int16_t port; +- socklen_t salen; ++ socklen_t salen = sizeof(struct sockaddr_storage); + int i; + + if (sa == NULL) { +diff --git a/openbsd-compat/bsd-pselect.c b/openbsd-compat/bsd-pselect.c +index 26bdc3e0..8e2939b9 100644 +--- a/openbsd-compat/bsd-pselect.c ++++ b/openbsd-compat/bsd-pselect.c +@@ -85,13 +85,13 @@ pselect_notify_setup(void) + static void + pselect_notify_parent(void) + { +- if (notify_pipe[1] != -1) ++ if (notify_pipe[1] >= 0) + (void)write(notify_pipe[1], "", 1); + } + static void + pselect_notify_prepare(fd_set *readset) + { +- if (notify_pipe[0] != -1) ++ if (notify_pipe[0] >= 0) + FD_SET(notify_pipe[0], readset); + } + static void +@@ -99,8 +99,8 @@ pselect_notify_done(fd_set *readset) + { + char c; + +- if (notify_pipe[0] != -1 && FD_ISSET(notify_pipe[0], readset)) { +- while (read(notify_pipe[0], &c, 1) != -1) ++ if (notify_pipe[0] >= 0 && FD_ISSET(notify_pipe[0], readset)) { ++ while (read(notify_pipe[0], &c, 1) >= 0) + debug2_f("reading"); + FD_CLR(notify_pipe[0], readset); + } +diff --git a/readconf.c b/readconf.c +index ea9d293c..9680c38c 100644 +--- a/readconf.c ++++ b/readconf.c +@@ -2164,6 +2164,7 @@ parse_pubkey_algos: + } else if (r != 0) { + error("%.200s line %d: glob failed for %s.", + filename, linenum, arg2); ++ free(arg2); + goto out; + } + free(arg2); +diff --git a/servconf.c b/servconf.c +index 8b708cbf..e7e4ad04 100644 +--- a/servconf.c ++++ b/servconf.c +@@ -2293,8 +2293,9 @@ process_server_config_line_depth(ServerOptions *options, char *line, + if (*activep && *charptr == NULL) { + *charptr = tilde_expand_filename(arg, getuid()); + /* increase optional counter */ +- if (intptr != NULL) +- *intptr = *intptr + 1; ++ /* DEAD CODE intptr is still NULL ;) ++ if (intptr != NULL) ++ *intptr = *intptr + 1; */ + } + break; + +diff --git a/serverloop.c b/serverloop.c +index 9c5b1567..768ee9fa 100644 +--- a/serverloop.c ++++ b/serverloop.c +@@ -511,7 +511,7 @@ server_request_tun(struct ssh *ssh) + debug_f("invalid tun"); + goto done; + } +- if (auth_opts->force_tun_device != -1) { ++ if (auth_opts->force_tun_device >= 0) { + if (tun != SSH_TUNID_ANY && + auth_opts->force_tun_device != (int)tun) + goto done; +diff --git a/ssh-agent.c b/ssh-agent.c +index 798bf9b6..0e39dff7 100644 +--- a/ssh-agent.c ++++ b/ssh-agent.c +@@ -1593,6 +1593,7 @@ sanitize_pkcs11_provider(const char *provider) + + if (pkcs11_uri_parse(provider, uri) != 0) { + error("Failed to parse PKCS#11 URI"); ++ pkcs11_uri_cleanup(uri); + return NULL; + } + /* validate also provider from URI */ +diff --git a/ssh-keygen.c b/ssh-keygen.c +index 792aafde..96b3474d 100644 +--- a/ssh-keygen.c ++++ b/ssh-keygen.c +@@ -2424,6 +2424,9 @@ update_krl_from_file(struct passwd *pw, const char *file, int wild_ca, + r = ssh_krl_revoke_key_sha256(krl, blob, blen); + if (r != 0) + fatal_fr(r, "revoke key failed"); ++ freezero(blob, blen); ++ blob = NULL; ++ blen = 0; + } else { + if (strncasecmp(cp, "key:", 4) == 0) { + cp += 4; +-- +2.49.0 + diff --git a/openssh-9.9p1-gsissh.patch b/2000-openssh-10.0p1-gsissh.patch similarity index 86% rename from openssh-9.9p1-gsissh.patch rename to 2000-openssh-10.0p1-gsissh.patch index 5e2d011..4a1a329 100644 --- a/openssh-9.9p1-gsissh.patch +++ b/2000-openssh-10.0p1-gsissh.patch @@ -1,6 +1,6 @@ -diff -Nur openssh-9.9p1.orig/auth2.c openssh-9.9p1/auth2.c ---- openssh-9.9p1.orig/auth2.c 2025-01-20 19:52:47.907052307 +0100 -+++ openssh-9.9p1/auth2.c 2025-01-20 20:23:17.232729940 +0100 +diff -Nur openssh-10.0p1.orig/auth2.c openssh-10.0p1/auth2.c +--- openssh-10.0p1.orig/auth2.c 2025-06-14 08:24:55.444264765 +0200 ++++ openssh-10.0p1/auth2.c 2025-06-14 08:25:50.314922659 +0200 @@ -286,7 +286,28 @@ (r = sshpkt_get_cstring(ssh, &service, NULL)) != 0 || (r = sshpkt_get_cstring(ssh, &method, NULL)) != 0) @@ -101,9 +101,9 @@ diff -Nur openssh-9.9p1.orig/auth2.c openssh-9.9p1/auth2.c "not allowed: (%s,%s) -> (%s,%s)", authctxt->user, authctxt->service, user, service); } -diff -Nur openssh-9.9p1.orig/auth2-gss.c openssh-9.9p1/auth2-gss.c ---- openssh-9.9p1.orig/auth2-gss.c 2025-01-20 19:52:47.769051955 +0100 -+++ openssh-9.9p1/auth2-gss.c 2025-01-20 20:23:17.233729943 +0100 +diff -Nur openssh-10.0p1.orig/auth2-gss.c openssh-10.0p1/auth2-gss.c +--- openssh-10.0p1.orig/auth2-gss.c 2025-06-14 08:24:54.946580198 +0200 ++++ openssh-10.0p1/auth2-gss.c 2025-06-14 08:25:50.315696363 +0200 @@ -54,6 +54,7 @@ extern struct authmethod_cfg methodcfg_gsskeyex; extern struct authmethod_cfg methodcfg_gssapi; @@ -303,9 +303,9 @@ diff -Nur openssh-9.9p1.orig/auth2-gss.c openssh-9.9p1/auth2-gss.c Authmethod method_gsskeyex = { &methodcfg_gsskeyex, userauth_gsskeyex, -diff -Nur openssh-9.9p1.orig/auth.c openssh-9.9p1/auth.c ---- openssh-9.9p1.orig/auth.c 2025-01-20 19:52:47.908052310 +0100 -+++ openssh-9.9p1/auth.c 2025-01-20 20:23:17.233729943 +0100 +diff -Nur openssh-10.0p1.orig/auth.c openssh-10.0p1/auth.c +--- openssh-10.0p1.orig/auth.c 2025-06-14 08:24:55.443524655 +0200 ++++ openssh-10.0p1/auth.c 2025-06-14 08:25:50.316281495 +0200 @@ -298,7 +298,8 @@ method, submethod != NULL ? "/" : "", submethod == NULL ? "" : submethod, @@ -336,9 +336,9 @@ diff -Nur openssh-9.9p1.orig/auth.c openssh-9.9p1/auth.c #ifdef CUSTOM_FAILED_LOGIN record_failed_login(ssh, user, auth_get_canonical_hostname(ssh, options.use_dns), "ssh"); -diff -Nur openssh-9.9p1.orig/auth.h openssh-9.9p1/auth.h ---- openssh-9.9p1.orig/auth.h 2025-01-20 19:52:47.909052313 +0100 -+++ openssh-9.9p1/auth.h 2025-01-20 20:23:17.234729946 +0100 +diff -Nur openssh-10.0p1.orig/auth.h openssh-10.0p1/auth.h +--- openssh-10.0p1.orig/auth.h 2025-06-14 08:24:55.443709595 +0200 ++++ openssh-10.0p1/auth.h 2025-06-14 08:25:50.316833592 +0200 @@ -85,6 +85,8 @@ krb5_principal krb5_user; char *krb5_ticket_file; @@ -348,9 +348,9 @@ diff -Nur openssh-9.9p1.orig/auth.h openssh-9.9p1/auth.h int krb5_set_env; #endif struct sshbuf *loginmsg; -diff -Nur openssh-9.9p1.orig/auth-pam.c openssh-9.9p1/auth-pam.c ---- openssh-9.9p1.orig/auth-pam.c 2025-01-20 19:52:47.954052427 +0100 -+++ openssh-9.9p1/auth-pam.c 2025-01-20 20:23:17.264730023 +0100 +diff -Nur openssh-10.0p1.orig/auth-pam.c openssh-10.0p1/auth-pam.c +--- openssh-10.0p1.orig/auth-pam.c 2025-06-14 08:24:55.609208310 +0200 ++++ openssh-10.0p1/auth-pam.c 2025-06-14 08:25:50.317378775 +0200 @@ -248,6 +248,7 @@ static const char *sshpam_password = NULL; static char *sshpam_rhost = NULL; @@ -511,9 +511,9 @@ diff -Nur openssh-9.9p1.orig/auth-pam.c openssh-9.9p1/auth-pam.c sshpam_password = NULL; free(fake); if (sshpam_err == PAM_MAXTRIES) -diff -Nur openssh-9.9p1.orig/auth-pam.h openssh-9.9p1/auth-pam.h ---- openssh-9.9p1.orig/auth-pam.h 2025-01-20 19:52:47.713051809 +0100 -+++ openssh-9.9p1/auth-pam.h 2025-01-20 20:23:17.264730023 +0100 +diff -Nur openssh-10.0p1.orig/auth-pam.h openssh-10.0p1/auth-pam.h +--- openssh-10.0p1.orig/auth-pam.h 2025-06-14 08:24:54.755199761 +0200 ++++ openssh-10.0p1/auth-pam.h 2025-06-14 08:25:50.318085082 +0200 @@ -43,5 +43,6 @@ int sshpam_get_maxtries_reached(void); void sshpam_set_maxtries_reached(int); @@ -521,9 +521,9 @@ diff -Nur openssh-9.9p1.orig/auth-pam.h openssh-9.9p1/auth-pam.h +struct passwd *sshpam_getpw(const char *); #endif /* USE_PAM */ -diff -Nur openssh-9.9p1.orig/canohost.c openssh-9.9p1/canohost.c ---- openssh-9.9p1.orig/canohost.c 2025-01-20 19:52:47.770051957 +0100 -+++ openssh-9.9p1/canohost.c 2025-01-20 20:23:17.265730026 +0100 +diff -Nur openssh-10.0p1.orig/canohost.c openssh-10.0p1/canohost.c +--- openssh-10.0p1.orig/canohost.c 2025-06-14 08:24:54.947106244 +0200 ++++ openssh-10.0p1/canohost.c 2025-06-14 08:25:50.318537655 +0200 @@ -17,6 +17,7 @@ #include #include @@ -566,9 +566,9 @@ diff -Nur openssh-9.9p1.orig/canohost.c openssh-9.9p1/canohost.c + } + } +} -diff -Nur openssh-9.9p1.orig/canohost.h openssh-9.9p1/canohost.h ---- openssh-9.9p1.orig/canohost.h 2025-01-20 19:52:47.770051957 +0100 -+++ openssh-9.9p1/canohost.h 2025-01-20 20:23:17.265730026 +0100 +diff -Nur openssh-10.0p1.orig/canohost.h openssh-10.0p1/canohost.h +--- openssh-10.0p1.orig/canohost.h 2025-06-14 08:24:54.947234403 +0200 ++++ openssh-10.0p1/canohost.h 2025-06-14 08:25:50.318980799 +0200 @@ -26,4 +26,6 @@ #endif /* _CANOHOST_H */ @@ -576,10 +576,10 @@ diff -Nur openssh-9.9p1.orig/canohost.h openssh-9.9p1/canohost.h +void resolve_localhost(char **host); + void ipv64_normalise_mapped(struct sockaddr_storage *, socklen_t *); -diff -Nur openssh-9.9p1.orig/configure.ac openssh-9.9p1/configure.ac ---- openssh-9.9p1.orig/configure.ac 2025-01-20 19:52:47.872052217 +0100 -+++ openssh-9.9p1/configure.ac 2025-01-20 20:23:17.266730028 +0100 -@@ -4920,6 +4920,14 @@ +diff -Nur openssh-10.0p1.orig/configure.ac openssh-10.0p1/configure.ac +--- openssh-10.0p1.orig/configure.ac 2025-06-14 08:24:55.711190794 +0200 ++++ openssh-10.0p1/configure.ac 2025-06-14 08:25:50.319884827 +0200 +@@ -4992,6 +4992,14 @@ AC_CHECK_HEADER([gssapi_krb5.h], , [ CPPFLAGS="$oldCPP" ]) @@ -594,7 +594,7 @@ diff -Nur openssh-9.9p1.orig/configure.ac openssh-9.9p1/configure.ac fi fi if test -n "${rpath_opt}" ; then -@@ -4961,6 +4969,40 @@ +@@ -5034,6 +5042,40 @@ AC_SUBST([K5LIBS]) AC_SUBST([CHANNELLIBS]) @@ -635,9 +635,9 @@ diff -Nur openssh-9.9p1.orig/configure.ac openssh-9.9p1/configure.ac # Looking for programs, paths and files PRIVSEP_PATH=/var/empty -diff -Nur openssh-9.9p1.orig/gss-genr.c openssh-9.9p1/gss-genr.c ---- openssh-9.9p1.orig/gss-genr.c 2025-01-20 19:52:47.962052448 +0100 -+++ openssh-9.9p1/gss-genr.c 2025-01-20 20:23:17.267730031 +0100 +diff -Nur openssh-10.0p1.orig/gss-genr.c openssh-10.0p1/gss-genr.c +--- openssh-10.0p1.orig/gss-genr.c 2025-06-14 08:24:55.730946369 +0200 ++++ openssh-10.0p1/gss-genr.c 2025-06-14 08:25:50.321274952 +0200 @@ -41,6 +41,7 @@ #include "ssherr.h" #include "sshbuf.h" @@ -674,10 +674,10 @@ diff -Nur openssh-9.9p1.orig/gss-genr.c openssh-9.9p1/gss-genr.c free(gssbuf.value); return (ctx->major); } -diff -Nur openssh-9.9p1.orig/gss-serv.c openssh-9.9p1/gss-serv.c ---- openssh-9.9p1.orig/gss-serv.c 2025-01-20 19:52:47.802052038 +0100 -+++ openssh-9.9p1/gss-serv.c 2025-01-20 20:23:17.268730033 +0100 -@@ -50,10 +50,12 @@ +diff -Nur openssh-10.0p1.orig/gss-serv.c openssh-10.0p1/gss-serv.c +--- openssh-10.0p1.orig/gss-serv.c 2025-06-14 08:24:55.712377680 +0200 ++++ openssh-10.0p1/gss-serv.c 2025-06-14 14:29:38.679799497 +0200 +@@ -51,10 +51,12 @@ #include "monitor_wrap.h" extern ServerOptions options; @@ -685,14 +685,14 @@ diff -Nur openssh-9.9p1.orig/gss-serv.c openssh-9.9p1/gss-serv.c static ssh_gssapi_client gssapi_client = - { GSS_C_EMPTY_BUFFER, GSS_C_EMPTY_BUFFER, GSS_C_NO_CREDENTIAL, -- GSS_C_NO_NAME, NULL, {NULL, NULL, NULL, NULL, NULL}, 0, 0}; +- GSS_C_NO_NAME, NULL, {NULL, NULL, NULL, NULL, NULL}, 0, 0, NULL}; + { {0, NULL}, GSS_C_EMPTY_BUFFER, GSS_C_EMPTY_BUFFER, GSS_C_NO_CREDENTIAL, + GSS_C_NO_NAME, GSS_C_NO_NAME, NULL, {NULL, NULL, NULL, NULL, NULL}, -+ GSS_C_NO_CONTEXT, 0, 0}; ++ GSS_C_NO_CONTEXT, 0, 0, NULL}; ssh_gssapi_mech gssapi_null_mech = { NULL, NULL, {0, NULL}, NULL, NULL, NULL, NULL, NULL}; -@@ -61,14 +63,26 @@ +@@ -62,14 +64,26 @@ #ifdef KRB5 extern ssh_gssapi_mech gssapi_kerberos_mech; #endif @@ -719,7 +719,7 @@ diff -Nur openssh-9.9p1.orig/gss-serv.c openssh-9.9p1/gss-serv.c /* * ssh_gssapi_supported_oids() can cause sandbox violations, so prepare the * list of supported mechanisms before privsep is set up. -@@ -229,6 +243,10 @@ +@@ -230,6 +244,10 @@ (*flags & GSS_C_INTEG_FLAG))) && (ctx->major == GSS_S_COMPLETE)) { if (ssh_gssapi_getclient(ctx, &gssapi_client)) fatal("Couldn't convert client name"); @@ -730,7 +730,7 @@ diff -Nur openssh-9.9p1.orig/gss-serv.c openssh-9.9p1/gss-serv.c } return (status); -@@ -248,6 +266,20 @@ +@@ -249,6 +267,20 @@ tok = ename->value; @@ -751,7 +751,23 @@ diff -Nur openssh-9.9p1.orig/gss-serv.c openssh-9.9p1/gss-serv.c /* * Check that ename is long enough for all of the fixed length * header, and that the initial ID bytes are correct -@@ -308,21 +340,24 @@ +@@ -297,6 +329,7 @@ + } + + ++#ifdef KRB5 + /* Extract authentication indicators from the Kerberos ticket. Authentication + * indicators are GSSAPI name attributes for the name "auth-indicators". + * Multiple indicators might be present in the ticket. +@@ -380,6 +413,7 @@ + (void) gss_release_buffer_set(&ctx->minor, &attrs); + return (ctx->major); + } ++#endif + + + /* Extract the client details from a given context. This can only reliably +@@ -395,21 +429,24 @@ gss_buffer_desc ename = GSS_C_EMPTY_BUFFER; if (options.gss_store_rekey && client->used && ctx->client_creds) { @@ -781,7 +797,7 @@ diff -Nur openssh-9.9p1.orig/gss-serv.c openssh-9.9p1/gss-serv.c new_name, &equal); if (GSS_ERROR(ctx->major)) { -@@ -337,9 +372,9 @@ +@@ -424,9 +461,9 @@ debug("Marking rekeyed credentials for export"); @@ -793,7 +809,7 @@ diff -Nur openssh-9.9p1.orig/gss-serv.c openssh-9.9p1/gss-serv.c client->creds = ctx->client_creds; ctx->client_creds = GSS_C_NO_CREDENTIAL; client->updated = 1; -@@ -356,12 +391,17 @@ +@@ -443,12 +480,17 @@ i++; } @@ -813,7 +829,7 @@ diff -Nur openssh-9.9p1.orig/gss-serv.c openssh-9.9p1/gss-serv.c ssh_gssapi_error(ctx); return (ctx->major); } -@@ -378,16 +418,25 @@ +@@ -465,22 +507,33 @@ return (ctx->major); } @@ -829,6 +845,14 @@ diff -Nur openssh-9.9p1.orig/gss-serv.c openssh-9.9p1/gss-serv.c + return ctx->major; + gss_release_buffer(&ctx->minor, &ename); ++#ifdef KRB5 + /* Retrieve authentication indicators, if they exist */ + if ((ctx->major = ssh_gssapi_getindicators(ctx, + ctx->client, client))) { + ssh_gssapi_error(ctx); + return (ctx->major); + } ++#endif /* We can't copy this structure, so we just move the pointer to it */ client->creds = ctx->client_creds; @@ -840,7 +864,7 @@ diff -Nur openssh-9.9p1.orig/gss-serv.c openssh-9.9p1/gss-serv.c return (ctx->major); } -@@ -395,6 +444,7 @@ +@@ -488,6 +541,7 @@ void ssh_gssapi_cleanup_creds(void) { @@ -848,7 +872,7 @@ diff -Nur openssh-9.9p1.orig/gss-serv.c openssh-9.9p1/gss-serv.c krb5_ccache ccache = NULL; krb5_error_code problem; -@@ -410,6 +460,14 @@ +@@ -503,6 +557,14 @@ gssapi_client.store.data = NULL; } } @@ -863,7 +887,7 @@ diff -Nur openssh-9.9p1.orig/gss-serv.c openssh-9.9p1/gss-serv.c } /* As user */ -@@ -417,6 +475,11 @@ +@@ -510,6 +572,11 @@ ssh_gssapi_storecreds(void) { if (gssapi_client.mech && gssapi_client.mech->storecreds) { @@ -875,7 +899,7 @@ diff -Nur openssh-9.9p1.orig/gss-serv.c openssh-9.9p1/gss-serv.c return (*gssapi_client.mech->storecreds)(&gssapi_client); } else debug("ssh_gssapi_storecreds: Not a GSSAPI mechanism"); -@@ -449,11 +512,13 @@ +@@ -543,11 +610,13 @@ (void) kex; /* used in privilege separation */ @@ -892,15 +916,15 @@ diff -Nur openssh-9.9p1.orig/gss-serv.c openssh-9.9p1/gss-serv.c if (gssapi_client.mech && gssapi_client.mech->userok) if ((*gssapi_client.mech->userok)(&gssapi_client, user)) { gssapi_client.used = 1; -@@ -464,6 +529,7 @@ +@@ -558,6 +627,7 @@ gss_release_buffer(&lmin, &gssapi_client.displayname); gss_release_buffer(&lmin, &gssapi_client.exportedname); gss_release_cred(&lmin, &gssapi_client.creds); + gss_release_name(&lmin, &gssapi_client.ctx_name); - explicit_bzero(&gssapi_client, - sizeof(ssh_gssapi_client)); - return 0; -@@ -473,6 +539,24 @@ + + if (gssapi_client.indicators != NULL) { + for(i = 0; gssapi_client.indicators[i] != NULL; i++) { +@@ -575,6 +645,24 @@ return (0); } @@ -925,7 +949,7 @@ diff -Nur openssh-9.9p1.orig/gss-serv.c openssh-9.9p1/gss-serv.c /* These bits are only used for rekeying. The unpriviledged child is running * as the user, the monitor is root. * -@@ -499,9 +583,11 @@ +@@ -601,9 +689,11 @@ pam_handle_t *pamh = NULL; struct pam_conv pamconv = {ssh_gssapi_simple_conv, NULL}; char *envstr; @@ -938,7 +962,7 @@ diff -Nur openssh-9.9p1.orig/gss-serv.c openssh-9.9p1/gss-serv.c return; ok = mm_ssh_gssapi_update_creds(&gssapi_client.store); -@@ -521,6 +607,18 @@ +@@ -623,6 +713,18 @@ if (ret) return; @@ -957,9 +981,9 @@ diff -Nur openssh-9.9p1.orig/gss-serv.c openssh-9.9p1/gss-serv.c xasprintf(&envstr, "%s=%s", gssapi_client.store.envvar, gssapi_client.store.envval); -diff -Nur openssh-9.9p1.orig/gss-serv-gsi.c openssh-9.9p1/gss-serv-gsi.c ---- openssh-9.9p1.orig/gss-serv-gsi.c 1970-01-01 01:00:00.000000000 +0100 -+++ openssh-9.9p1/gss-serv-gsi.c 2025-01-20 20:23:17.268730033 +0100 +diff -Nur openssh-10.0p1.orig/gss-serv-gsi.c openssh-10.0p1/gss-serv-gsi.c +--- openssh-10.0p1.orig/gss-serv-gsi.c 1970-01-01 01:00:00.000000000 +0100 ++++ openssh-10.0p1/gss-serv-gsi.c 2025-06-14 08:25:50.323228698 +0200 @@ -0,0 +1,328 @@ +/* + * Copyright (c) 2001-2003 Simon Wilkinson. All rights reserved. @@ -1289,10 +1313,10 @@ diff -Nur openssh-9.9p1.orig/gss-serv-gsi.c openssh-9.9p1/gss-serv-gsi.c + +#endif /* GSI */ +#endif /* GSSAPI */ -diff -Nur openssh-9.9p1.orig/gss-serv-krb5.c openssh-9.9p1/gss-serv-krb5.c ---- openssh-9.9p1.orig/gss-serv-krb5.c 2025-01-20 19:52:47.824052094 +0100 -+++ openssh-9.9p1/gss-serv-krb5.c 2025-01-20 20:23:17.269730036 +0100 -@@ -379,6 +379,34 @@ +diff -Nur openssh-10.0p1.orig/gss-serv-krb5.c openssh-10.0p1/gss-serv-krb5.c +--- openssh-10.0p1.orig/gss-serv-krb5.c 2025-06-14 08:24:55.712149299 +0200 ++++ openssh-10.0p1/gss-serv-krb5.c 2025-06-14 08:25:50.323586985 +0200 +@@ -431,6 +431,34 @@ return found_principal; } @@ -1327,7 +1351,7 @@ diff -Nur openssh-9.9p1.orig/gss-serv-krb5.c openssh-9.9p1/gss-serv-krb5.c /* This writes out any forwarded credentials from the structure populated * during userauth. Called after we have setuid to the user */ -@@ -473,7 +501,7 @@ +@@ -525,7 +553,7 @@ return set_env; } @@ -1336,7 +1360,7 @@ diff -Nur openssh-9.9p1.orig/gss-serv-krb5.c openssh-9.9p1/gss-serv-krb5.c ssh_gssapi_krb5_updatecreds(ssh_gssapi_ccache *store, ssh_gssapi_client *client) { -@@ -544,7 +572,7 @@ +@@ -596,7 +624,7 @@ {9, "\x2A\x86\x48\x86\xF7\x12\x01\x02\x02"}, NULL, &ssh_gssapi_krb5_userok, @@ -1345,9 +1369,9 @@ diff -Nur openssh-9.9p1.orig/gss-serv-krb5.c openssh-9.9p1/gss-serv-krb5.c &ssh_gssapi_krb5_storecreds, &ssh_gssapi_krb5_updatecreds }; -diff -Nur openssh-9.9p1.orig/kexgsss.c openssh-9.9p1/kexgsss.c ---- openssh-9.9p1.orig/kexgsss.c 2025-01-20 19:52:47.785051995 +0100 -+++ openssh-9.9p1/kexgsss.c 2025-01-21 07:14:03.079570547 +0100 +diff -Nur openssh-10.0p1.orig/kexgsss.c openssh-10.0p1/kexgsss.c +--- openssh-10.0p1.orig/kexgsss.c 2025-06-14 08:24:54.950961355 +0200 ++++ openssh-10.0p1/kexgsss.c 2025-06-14 08:25:50.324355451 +0200 @@ -48,6 +48,7 @@ #include "digest.h" #include "ssherr.h" @@ -1411,21 +1435,31 @@ diff -Nur openssh-9.9p1.orig/kexgsss.c openssh-9.9p1/kexgsss.c +} + #endif /* defined(GSSAPI) && defined(WITH_OPENSSL) */ -diff -Nur openssh-9.9p1.orig/Makefile.in openssh-9.9p1/Makefile.in ---- openssh-9.9p1.orig/Makefile.in 2025-01-20 19:52:47.911052318 +0100 -+++ openssh-9.9p1/Makefile.in 2025-01-20 20:23:17.270730038 +0100 -@@ -138,6 +138,7 @@ +diff -Nur openssh-10.0p1.orig/Makefile.in openssh-10.0p1/Makefile.in +--- openssh-10.0p1.orig/Makefile.in 2025-06-14 08:24:55.442297261 +0200 ++++ openssh-10.0p1/Makefile.in 2025-06-14 14:49:48.752490751 +0200 +@@ -140,7 +140,7 @@ + auth-bsdauth.o auth2-hostbased.o auth2-kbdint.o \ auth2-none.o auth2-passwd.o auth2-pubkey.o auth2-pubkeyfile.o \ monitor.o monitor_wrap.o auth-krb5.o kexgsss.o \ - auth2-gss.o gss-serv.o gss-serv-krb5.o \ -+ gss-serv-gsi.o \ +- auth2-gss.o gss-serv.o gss-serv-krb5.o \ ++ auth2-gss.o gss-serv.o gss-serv-krb5.o gss-serv-gsi.o \ loginrec.o auth-pam.o auth-shadow.o auth-sia.o \ sftp-server.o sftp-common.o \ - sandbox-null.o sandbox-rlimit.o sandbox-systrace.o sandbox-darwin.o \ -diff -Nur openssh-9.9p1.orig/misc.c openssh-9.9p1/misc.c ---- openssh-9.9p1.orig/misc.c 2025-01-20 19:52:47.963052451 +0100 -+++ openssh-9.9p1/misc.c 2025-01-20 20:23:17.271730041 +0100 -@@ -419,11 +419,14 @@ + uidswap.o platform-listen.o $(SKOBJS) +@@ -151,7 +151,7 @@ + serverloop.o auth.o auth2.o auth-options.o session.o auth2-chall.o \ + groupaccess.o auth-bsdauth.o auth2-hostbased.o auth2-kbdint.o \ + auth2-none.o auth2-passwd.o auth2-pubkey.o auth2-pubkeyfile.o \ +- auth2-gss.o gss-serv.o gss-serv-krb5.o kexgsss.o \ ++ auth2-gss.o gss-serv.o gss-serv-krb5.o gss-serv-gsi.o kexgsss.o \ + monitor_wrap.o auth-krb5.o \ + audit.o audit-bsm.o audit-linux.o platform.o \ + loginrec.o auth-pam.o auth-shadow.o auth-sia.o \ +diff -Nur openssh-10.0p1.orig/misc.c openssh-10.0p1/misc.c +--- openssh-10.0p1.orig/misc.c 2025-06-14 08:24:55.731834474 +0200 ++++ openssh-10.0p1/misc.c 2025-06-14 08:25:50.325895875 +0200 +@@ -440,11 +440,14 @@ #define WHITESPACE " \t\r\n" #define QUOTE "\"" @@ -1441,7 +1475,7 @@ diff -Nur openssh-9.9p1.orig/misc.c openssh-9.9p1/misc.c int wspace = 0; if (*s == NULL) -@@ -431,6 +434,21 @@ +@@ -452,6 +455,21 @@ old = *s; @@ -1463,7 +1497,7 @@ diff -Nur openssh-9.9p1.orig/misc.c openssh-9.9p1/misc.c *s = strpbrk(*s, split_equals ? WHITESPACE QUOTE "=" : WHITESPACE QUOTE); if (*s == NULL) -@@ -506,6 +524,20 @@ +@@ -527,6 +545,20 @@ return copy; } @@ -1484,10 +1518,10 @@ diff -Nur openssh-9.9p1.orig/misc.c openssh-9.9p1/misc.c /* * Convert ASCII string to TCP/IP port number. * Port must be >=0 and <=65535. -diff -Nur openssh-9.9p1.orig/misc.h openssh-9.9p1/misc.h ---- openssh-9.9p1.orig/misc.h 2025-01-20 19:52:47.840052135 +0100 -+++ openssh-9.9p1/misc.h 2025-01-20 20:23:17.272730043 +0100 -@@ -111,6 +111,7 @@ +diff -Nur openssh-10.0p1.orig/misc.h openssh-10.0p1/misc.h +--- openssh-10.0p1.orig/misc.h 2025-06-14 08:24:55.216960866 +0200 ++++ openssh-10.0p1/misc.h 2025-06-14 08:25:50.326898660 +0200 +@@ -112,6 +112,7 @@ void sock_set_v6only(int); struct passwd *pwcopy(struct passwd *); @@ -1495,10 +1529,10 @@ diff -Nur openssh-9.9p1.orig/misc.h openssh-9.9p1/misc.h const char *ssh_gai_strerror(int); typedef void privdrop_fn(struct passwd *); -diff -Nur openssh-9.9p1.orig/monitor.c openssh-9.9p1/monitor.c ---- openssh-9.9p1.orig/monitor.c 2025-01-20 19:52:47.964052453 +0100 -+++ openssh-9.9p1/monitor.c 2025-01-20 20:23:17.273730046 +0100 -@@ -148,6 +148,9 @@ +diff -Nur openssh-10.0p1.orig/monitor.c openssh-10.0p1/monitor.c +--- openssh-10.0p1.orig/monitor.c 2025-06-14 08:24:55.732232011 +0200 ++++ openssh-10.0p1/monitor.c 2025-06-14 08:25:50.327682491 +0200 +@@ -151,6 +151,9 @@ int mm_answer_gss_userok(struct ssh *, int, struct sshbuf *); int mm_answer_gss_checkmic(struct ssh *, int, struct sshbuf *); int mm_answer_gss_sign(struct ssh *, int, struct sshbuf *); @@ -1508,7 +1542,7 @@ diff -Nur openssh-9.9p1.orig/monitor.c openssh-9.9p1/monitor.c int mm_answer_gss_updatecreds(struct ssh *, int, struct sshbuf *); #endif -@@ -201,7 +204,7 @@ +@@ -205,7 +208,7 @@ {MONITOR_REQ_MODULI, MON_ONCE, mm_answer_moduli}, #endif {MONITOR_REQ_SIGN, MON_ONCE, mm_answer_sign}, @@ -1517,7 +1551,7 @@ diff -Nur openssh-9.9p1.orig/monitor.c openssh-9.9p1/monitor.c {MONITOR_REQ_AUTHSERV, MON_ONCE, mm_answer_authserv}, #ifdef WITH_SELINUX {MONITOR_REQ_AUTHROLE, MON_ONCE, mm_answer_authrole}, -@@ -209,7 +212,7 @@ +@@ -213,7 +216,7 @@ {MONITOR_REQ_AUTH2_READ_BANNER, MON_ONCE, mm_answer_auth2_read_banner}, {MONITOR_REQ_AUTHPASSWORD, MON_AUTH, mm_answer_authpassword}, #ifdef USE_PAM @@ -1526,7 +1560,7 @@ diff -Nur openssh-9.9p1.orig/monitor.c openssh-9.9p1/monitor.c {MONITOR_REQ_PAM_ACCOUNT, 0, mm_answer_pam_account}, {MONITOR_REQ_PAM_INIT_CTX, MON_ONCE, mm_answer_pam_init_ctx}, {MONITOR_REQ_PAM_QUERY, 0, mm_answer_pam_query}, -@@ -233,8 +236,11 @@ +@@ -237,8 +240,11 @@ {MONITOR_REQ_GSSSETUP, MON_ISAUTH, mm_answer_gss_setup_ctx}, {MONITOR_REQ_GSSSTEP, 0, mm_answer_gss_accept_ctx}, {MONITOR_REQ_GSSUSEROK, MON_ONCE|MON_AUTHDECIDE, mm_answer_gss_userok}, @@ -1539,7 +1573,7 @@ diff -Nur openssh-9.9p1.orig/monitor.c openssh-9.9p1/monitor.c #endif {0, 0, NULL} }; -@@ -244,6 +250,8 @@ +@@ -248,6 +254,8 @@ {MONITOR_REQ_GSSSETUP, 0, mm_answer_gss_setup_ctx}, {MONITOR_REQ_GSSSTEP, 0, mm_answer_gss_accept_ctx}, {MONITOR_REQ_GSSSIGN, 0, mm_answer_gss_sign}, @@ -1547,8 +1581,8 @@ diff -Nur openssh-9.9p1.orig/monitor.c openssh-9.9p1/monitor.c + {MONITOR_REQ_GSSMECHS, 0, mm_answer_gss_indicate_mechs}, {MONITOR_REQ_GSSUPCREDS, 0, mm_answer_gss_updatecreds}, #endif - #ifdef WITH_OPENSSL -@@ -324,6 +332,8 @@ + {MONITOR_REQ_STATE, MON_ONCE, mm_answer_state}, +@@ -328,6 +336,8 @@ #ifdef GSSAPI /* and for the GSSAPI key exchange */ monitor_permit(mon_dispatch, MONITOR_REQ_GSSSETUP, 1); @@ -1557,7 +1591,7 @@ diff -Nur openssh-9.9p1.orig/monitor.c openssh-9.9p1/monitor.c #endif /* The first few requests do not require asynchronous access */ -@@ -458,6 +468,8 @@ +@@ -461,6 +471,8 @@ #ifdef GSSAPI /* and for the GSSAPI key exchange */ monitor_permit(mon_dispatch, MONITOR_REQ_GSSSETUP, 1); @@ -1566,7 +1600,7 @@ diff -Nur openssh-9.9p1.orig/monitor.c openssh-9.9p1/monitor.c #endif if (auth_opts->permit_pty_flag) { -@@ -812,14 +824,17 @@ +@@ -895,14 +907,17 @@ debug3_f("entering"); @@ -1587,7 +1621,7 @@ diff -Nur openssh-9.9p1.orig/monitor.c openssh-9.9p1/monitor.c setproctitle("%s [priv]", pwent ? authctxt->user : "unknown"); sshbuf_reset(m); -@@ -2170,6 +2185,79 @@ +@@ -2249,6 +2264,79 @@ } int @@ -1667,10 +1701,10 @@ diff -Nur openssh-9.9p1.orig/monitor.c openssh-9.9p1/monitor.c mm_answer_gss_sign(struct ssh *ssh, int socket, struct sshbuf *m) { gss_buffer_desc data; -diff -Nur openssh-9.9p1.orig/monitor.h openssh-9.9p1/monitor.h ---- openssh-9.9p1.orig/monitor.h 2025-01-20 19:52:47.912052320 +0100 -+++ openssh-9.9p1/monitor.h 2025-01-20 20:23:17.273730046 +0100 -@@ -75,6 +75,10 @@ +diff -Nur openssh-10.0p1.orig/monitor.h openssh-10.0p1/monitor.h +--- openssh-10.0p1.orig/monitor.h 2025-06-14 08:24:55.446043209 +0200 ++++ openssh-10.0p1/monitor.h 2025-06-14 08:25:50.328788501 +0200 +@@ -76,6 +76,10 @@ MONITOR_REQ_GSSSIGN = 150, MONITOR_ANS_GSSSIGN = 151, MONITOR_REQ_GSSUPCREDS = 152, MONITOR_ANS_GSSUPCREDS = 153, @@ -1681,10 +1715,10 @@ diff -Nur openssh-9.9p1.orig/monitor.h openssh-9.9p1/monitor.h }; struct ssh; -diff -Nur openssh-9.9p1.orig/monitor_wrap.c openssh-9.9p1/monitor_wrap.c ---- openssh-9.9p1.orig/monitor_wrap.c 2025-01-20 19:52:47.918052335 +0100 -+++ openssh-9.9p1/monitor_wrap.c 2025-01-20 20:23:17.274730049 +0100 -@@ -1139,6 +1139,94 @@ +diff -Nur openssh-10.0p1.orig/monitor_wrap.c openssh-10.0p1/monitor_wrap.c +--- openssh-10.0p1.orig/monitor_wrap.c 2025-06-14 08:24:55.468434323 +0200 ++++ openssh-10.0p1/monitor_wrap.c 2025-06-14 08:25:50.329256997 +0200 +@@ -1195,6 +1195,94 @@ return (authenticated); } @@ -1779,9 +1813,9 @@ diff -Nur openssh-9.9p1.orig/monitor_wrap.c openssh-9.9p1/monitor_wrap.c OM_uint32 mm_ssh_gssapi_sign(Gssctxt *ctx, gss_buffer_desc *data, gss_buffer_desc *hash) { -diff -Nur openssh-9.9p1.orig/monitor_wrap.h openssh-9.9p1/monitor_wrap.h ---- openssh-9.9p1.orig/monitor_wrap.h 2025-01-20 19:52:47.918052335 +0100 -+++ openssh-9.9p1/monitor_wrap.h 2025-01-20 20:23:17.274730049 +0100 +diff -Nur openssh-10.0p1.orig/monitor_wrap.h openssh-10.0p1/monitor_wrap.h +--- openssh-10.0p1.orig/monitor_wrap.h 2025-06-14 08:24:55.468730870 +0200 ++++ openssh-10.0p1/monitor_wrap.h 2025-06-14 08:25:50.329790028 +0200 @@ -72,6 +72,10 @@ int mm_ssh_gssapi_userok(char *user, struct passwd *, int kex); OM_uint32 mm_ssh_gssapi_checkmic(Gssctxt *, gss_buffer_t, gss_buffer_t); @@ -1793,10 +1827,10 @@ diff -Nur openssh-9.9p1.orig/monitor_wrap.h openssh-9.9p1/monitor_wrap.h int mm_ssh_gssapi_update_creds(ssh_gssapi_ccache *); #endif -diff -Nur openssh-9.9p1.orig/readconf.c openssh-9.9p1/readconf.c ---- openssh-9.9p1.orig/readconf.c 2025-01-20 19:52:47.966052458 +0100 -+++ openssh-9.9p1/readconf.c 2025-01-20 20:23:17.275730051 +0100 -@@ -2794,11 +2794,11 @@ +diff -Nur openssh-10.0p1.orig/readconf.c openssh-10.0p1/readconf.c +--- openssh-10.0p1.orig/readconf.c 2025-06-14 08:24:55.733023595 +0200 ++++ openssh-10.0p1/readconf.c 2025-06-14 08:25:50.330266207 +0200 +@@ -2881,11 +2881,11 @@ if (options->pubkey_authentication == -1) options->pubkey_authentication = SSH_PUBKEY_AUTH_ALL; if (options->gss_authentication == -1) @@ -1811,10 +1845,10 @@ diff -Nur openssh-9.9p1.orig/readconf.c openssh-9.9p1/readconf.c if (options->gss_trust_dns == -1) options->gss_trust_dns = 0; if (options->gss_renewal_rekey == -1) -diff -Nur openssh-9.9p1.orig/readconf.h openssh-9.9p1/readconf.h ---- openssh-9.9p1.orig/readconf.h 2025-01-20 19:52:47.790052008 +0100 -+++ openssh-9.9p1/readconf.h 2025-01-20 20:23:17.276730054 +0100 -@@ -80,6 +80,8 @@ +diff -Nur openssh-10.0p1.orig/readconf.h openssh-10.0p1/readconf.h +--- openssh-10.0p1.orig/readconf.h 2025-06-14 08:24:54.953487731 +0200 ++++ openssh-10.0p1/readconf.h 2025-06-14 08:25:50.330993746 +0200 +@@ -79,6 +79,8 @@ char *host_key_alias; /* hostname alias for .ssh/known_hosts */ char *proxy_command; /* Proxy command for connecting the host. */ char *user; /* User to log in as. */ @@ -1823,10 +1857,10 @@ diff -Nur openssh-9.9p1.orig/readconf.h openssh-9.9p1/readconf.h int escape_char; /* Escape character; -2 = none */ u_int num_system_hostfiles; /* Paths for /etc/ssh/ssh_known_hosts */ -diff -Nur openssh-9.9p1.orig/servconf.c openssh-9.9p1/servconf.c ---- openssh-9.9p1.orig/servconf.c 2025-01-20 19:52:47.966052458 +0100 -+++ openssh-9.9p1/servconf.c 2025-01-20 20:23:17.277730056 +0100 -@@ -95,6 +95,7 @@ +diff -Nur openssh-10.0p1.orig/servconf.c openssh-10.0p1/servconf.c +--- openssh-10.0p1.orig/servconf.c 2025-06-14 08:24:55.733579673 +0200 ++++ openssh-10.0p1/servconf.c 2025-06-14 08:25:50.331610935 +0200 +@@ -96,6 +96,7 @@ /* Portable-specific options */ options->use_pam = -1; options->pam_service_name = NULL; @@ -1834,7 +1868,7 @@ diff -Nur openssh-9.9p1.orig/servconf.c openssh-9.9p1/servconf.c /* Standard Options */ options->num_ports = 0; -@@ -141,9 +142,11 @@ +@@ -142,9 +143,11 @@ options->kerberos_get_afs_token = -1; options->kerberos_unique_ccache = -1; options->gss_authentication=-1; @@ -1845,8 +1879,8 @@ diff -Nur openssh-9.9p1.orig/servconf.c openssh-9.9p1/servconf.c + options->gsi_allow_limited_proxy = -1; options->gss_store_rekey = -1; options->gss_kex_algorithms = NULL; - options->use_kuserok = -1; -@@ -314,6 +317,8 @@ + options->gss_indicators = NULL; +@@ -317,6 +320,8 @@ options->use_pam = 0; if (options->pam_service_name == NULL) options->pam_service_name = xstrdup(SSHD_PAM_SERVICE); @@ -1855,7 +1889,7 @@ diff -Nur openssh-9.9p1.orig/servconf.c openssh-9.9p1/servconf.c /* Standard Options */ if (options->num_host_key_files == 0) { -@@ -395,13 +400,17 @@ +@@ -398,13 +403,17 @@ if (options->kerberos_unique_ccache == -1) options->kerberos_unique_ccache = 0; if (options->gss_authentication == -1) @@ -1875,7 +1909,7 @@ diff -Nur openssh-9.9p1.orig/servconf.c openssh-9.9p1/servconf.c if (options->gss_store_rekey == -1) options->gss_store_rekey = 0; #ifdef GSSAPI -@@ -573,7 +582,7 @@ +@@ -578,7 +587,7 @@ typedef enum { sBadOption, /* == unknown option */ /* Portable-specific options */ @@ -1884,7 +1918,7 @@ diff -Nur openssh-9.9p1.orig/servconf.c openssh-9.9p1/servconf.c /* Standard Options */ sPort, sHostKeyFile, sLoginGraceTime, sPermitRootLogin, sLogFacility, sLogLevel, sLogVerbose, -@@ -593,6 +602,9 @@ +@@ -598,6 +607,9 @@ sHostKeyAlgorithms, sPerSourceMaxStartups, sPerSourceNetBlockSize, sPerSourcePenalties, sPerSourcePenaltyExemptList, sClientAliveInterval, sClientAliveCountMax, sAuthorizedKeysFile, @@ -1892,9 +1926,9 @@ diff -Nur openssh-9.9p1.orig/servconf.c openssh-9.9p1/servconf.c + sGssCredsPath, + sGsiAllowLimitedProxy, sGssAuthentication, sGssCleanupCreds, sGssEnablek5users, sGssStrictAcceptor, - sGssKeyEx, sGssKexAlgorithms, sGssStoreRekey, + sGssKeyEx, sGssIndicators, sGssKexAlgorithms, sGssStoreRekey, sAcceptEnv, sSetEnv, sPermitTunnel, -@@ -628,9 +640,11 @@ +@@ -633,9 +645,11 @@ #ifdef USE_PAM { "usepam", sUsePAM, SSHCFG_GLOBAL }, { "pamservicename", sPAMServiceName, SSHCFG_ALL }, @@ -1906,7 +1940,7 @@ diff -Nur openssh-9.9p1.orig/servconf.c openssh-9.9p1/servconf.c #endif { "pamauthenticationviakbdint", sDeprecated, SSHCFG_GLOBAL }, /* Standard Options */ -@@ -683,8 +697,15 @@ +@@ -688,8 +702,15 @@ { "afstokenpassing", sUnsupported, SSHCFG_GLOBAL }, #ifdef GSSAPI { "gssapiauthentication", sGssAuthentication, SSHCFG_ALL }, @@ -1922,8 +1956,8 @@ diff -Nur openssh-9.9p1.orig/servconf.c openssh-9.9p1/servconf.c { "gssapistrictacceptorcheck", sGssStrictAcceptor, SSHCFG_GLOBAL }, { "gssapikeyexchange", sGssKeyEx, SSHCFG_GLOBAL }, { "gssapistorecredentialsonrekey", sGssStoreRekey, SSHCFG_GLOBAL }, -@@ -692,8 +713,11 @@ - { "gssapienablek5users", sGssEnablek5users, SSHCFG_ALL }, +@@ -698,8 +719,11 @@ + { "gssapiindicators", sGssIndicators, SSHCFG_ALL }, #else { "gssapiauthentication", sUnsupported, SSHCFG_ALL }, + { "gssapidelegatecredentials", sUnsupported, SSHCFG_ALL }, @@ -1934,7 +1968,7 @@ diff -Nur openssh-9.9p1.orig/servconf.c openssh-9.9p1/servconf.c { "gssapistrictacceptorcheck", sUnsupported, SSHCFG_GLOBAL }, { "gssapikeyexchange", sUnsupported, SSHCFG_GLOBAL }, { "gssapistorecredentialsonrekey", sUnsupported, SSHCFG_GLOBAL }, -@@ -767,6 +791,8 @@ +@@ -774,6 +798,8 @@ { "permitlisten", sPermitListen, SSHCFG_ALL }, { "forcecommand", sForceCommand, SSHCFG_ALL }, { "chrootdirectory", sChrootDirectory, SSHCFG_ALL }, @@ -1943,7 +1977,7 @@ diff -Nur openssh-9.9p1.orig/servconf.c openssh-9.9p1/servconf.c { "hostcertificate", sHostCertificate, SSHCFG_GLOBAL }, { "revokedkeys", sRevokedKeys, SSHCFG_ALL }, { "trustedusercakeys", sTrustedUserCAKeys, SSHCFG_ALL }, -@@ -1407,6 +1433,10 @@ +@@ -1454,6 +1480,10 @@ *charptr = xstrdup(arg); break; @@ -1954,7 +1988,7 @@ diff -Nur openssh-9.9p1.orig/servconf.c openssh-9.9p1/servconf.c /* Standard Options */ case sBadOption: goto out; -@@ -1658,6 +1688,10 @@ +@@ -1705,6 +1735,10 @@ intptr = &options->gss_authentication; goto parse_flag; @@ -1965,7 +1999,7 @@ diff -Nur openssh-9.9p1.orig/servconf.c openssh-9.9p1/servconf.c case sGssKeyEx: intptr = &options->gss_keyex; goto parse_flag; -@@ -1666,6 +1700,10 @@ +@@ -1713,6 +1747,10 @@ intptr = &options->gss_cleanup_creds; goto parse_flag; @@ -1976,8 +2010,8 @@ diff -Nur openssh-9.9p1.orig/servconf.c openssh-9.9p1/servconf.c case sGssStrictAcceptor: intptr = &options->gss_strict_acceptor; goto parse_flag; -@@ -1686,6 +1724,12 @@ - options->gss_kex_algorithms = xstrdup(arg); +@@ -1742,6 +1780,12 @@ + options->gss_indicators = xstrdup(arg); break; +#ifdef GSI @@ -1989,7 +2023,7 @@ diff -Nur openssh-9.9p1.orig/servconf.c openssh-9.9p1/servconf.c case sPasswordAuthentication: intptr = &options->password_authentication; goto parse_flag; -@@ -2950,6 +2994,7 @@ +@@ -3012,6 +3056,7 @@ M_CP_INTOPT(password_authentication); M_CP_INTOPT(gss_authentication); @@ -1997,9 +2031,9 @@ diff -Nur openssh-9.9p1.orig/servconf.c openssh-9.9p1/servconf.c M_CP_INTOPT(pubkey_authentication); M_CP_INTOPT(pubkey_auth_options); M_CP_INTOPT(kerberos_authentication); -diff -Nur openssh-9.9p1.orig/servconf.h openssh-9.9p1/servconf.h ---- openssh-9.9p1.orig/servconf.h 2025-01-20 19:52:47.836052125 +0100 -+++ openssh-9.9p1/servconf.h 2025-01-20 20:23:17.278730059 +0100 +diff -Nur openssh-10.0p1.orig/servconf.h openssh-10.0p1/servconf.h +--- openssh-10.0p1.orig/servconf.h 2025-06-14 08:24:55.713201111 +0200 ++++ openssh-10.0p1/servconf.h 2025-06-14 08:25:50.332635999 +0200 @@ -155,9 +155,12 @@ * be stored in per-session ccache */ int use_kuserok; @@ -2013,7 +2047,7 @@ diff -Nur openssh-9.9p1.orig/servconf.h openssh-9.9p1/servconf.h int gss_strict_acceptor; /* If true, restrict the GSSAPI acceptor name */ int gss_store_rekey; char *gss_kex_algorithms; /* GSSAPI kex methods to be offered by client. */ -@@ -221,6 +224,7 @@ +@@ -222,6 +225,7 @@ int use_pam; /* Enable auth via PAM */ char *pam_service_name; @@ -2021,10 +2055,10 @@ diff -Nur openssh-9.9p1.orig/servconf.h openssh-9.9p1/servconf.h int permit_tun; -diff -Nur openssh-9.9p1.orig/ssh.1 openssh-9.9p1/ssh.1 ---- openssh-9.9p1.orig/ssh.1 2025-01-20 19:52:47.941052394 +0100 -+++ openssh-9.9p1/ssh.1 2025-01-20 20:23:17.279730061 +0100 -@@ -1523,6 +1523,18 @@ +diff -Nur openssh-10.0p1.orig/ssh.1 openssh-10.0p1/ssh.1 +--- openssh-10.0p1.orig/ssh.1 2025-06-14 08:24:55.527924262 +0200 ++++ openssh-10.0p1/ssh.1 2025-06-14 08:25:50.333158134 +0200 +@@ -1528,6 +1528,18 @@ on to new connections). .It Ev USER Set to the name of the user logging in. @@ -2043,10 +2077,10 @@ diff -Nur openssh-9.9p1.orig/ssh.1 openssh-9.9p1/ssh.1 .El .Pp Additionally, -diff -Nur openssh-9.9p1.orig/ssh.c openssh-9.9p1/ssh.c ---- openssh-9.9p1.orig/ssh.c 2025-01-20 19:52:47.926052356 +0100 -+++ openssh-9.9p1/ssh.c 2025-01-20 20:23:17.280730064 +0100 -@@ -573,6 +573,38 @@ +diff -Nur openssh-10.0p1.orig/ssh.c openssh-10.0p1/ssh.c +--- openssh-10.0p1.orig/ssh.c 2025-06-14 08:24:55.693276450 +0200 ++++ openssh-10.0p1/ssh.c 2025-06-14 13:58:47.186170059 +0200 +@@ -578,6 +578,38 @@ fatal("Can't open user config file %.100s: " "%.100s", config, strerror(errno)); } else { @@ -2062,14 +2096,14 @@ diff -Nur openssh-9.9p1.orig/ssh.c openssh-9.9p1/ssh.c + r = snprintf(buf, sizeof buf, "%s/%s.gssapi", pw->pw_dir, + _PATH_SSH_USER_CONFFILE); + if (r > 0 && (size_t)r < sizeof(buf)) -+ (void)read_config_file(buf, pw, host, host_name, ++ (void)read_config_file(buf, pw, host, host_name, cmd, + &options, SSHCONF_CHECKPERM | SSHCONF_USERCONF | + (final_pass ? SSHCONF_FINAL : 0), want_final_pass); +#ifdef GSI + r = snprintf(buf, sizeof buf, "%s/%s.gsi", pw->pw_dir, + _PATH_SSH_USER_CONFFILE); + if (r > 0 && (size_t)r < sizeof(buf)) -+ (void)read_config_file(buf, pw, host, host_name, ++ (void)read_config_file(buf, pw, host, host_name, cmd, + &options, SSHCONF_CHECKPERM | SSHCONF_USERCONF | + (final_pass ? SSHCONF_FINAL : 0), want_final_pass); +#endif @@ -2077,7 +2111,7 @@ diff -Nur openssh-9.9p1.orig/ssh.c openssh-9.9p1/ssh.c + r = snprintf(buf, sizeof buf, "%s/%s.krb", pw->pw_dir, + _PATH_SSH_USER_CONFFILE); + if (r > 0 && (size_t)r < sizeof(buf)) -+ (void)read_config_file(buf, pw, host, host_name, ++ (void)read_config_file(buf, pw, host, host_name, cmd, + &options, SSHCONF_CHECKPERM | SSHCONF_USERCONF | + (final_pass ? SSHCONF_FINAL : 0), want_final_pass); +#endif @@ -2085,7 +2119,7 @@ diff -Nur openssh-9.9p1.orig/ssh.c openssh-9.9p1/ssh.c r = snprintf(buf, sizeof buf, "%s/%s", pw->pw_dir, _PATH_SSH_USER_CONFFILE); if (r > 0 && (size_t)r < sizeof(buf)) -@@ -1299,8 +1331,12 @@ +@@ -1313,8 +1345,12 @@ if (fill_default_options(&options) != 0) cleanup_exit(255); @@ -2099,9 +2133,9 @@ diff -Nur openssh-9.9p1.orig/ssh.c openssh-9.9p1/ssh.c /* * If ProxyJump option specified, then construct a ProxyCommand now. -diff -Nur openssh-9.9p1.orig/ssh_config openssh-9.9p1/ssh_config ---- openssh-9.9p1.orig/ssh_config 2025-01-20 19:52:47.793052015 +0100 -+++ openssh-9.9p1/ssh_config 2025-01-20 20:23:17.281730067 +0100 +diff -Nur openssh-10.0p1.orig/ssh_config openssh-10.0p1/ssh_config +--- openssh-10.0p1.orig/ssh_config 2025-06-14 08:24:54.955694862 +0200 ++++ openssh-10.0p1/ssh_config 2025-06-14 08:25:50.334427503 +0200 @@ -22,9 +22,9 @@ # ForwardX11 no # PasswordAuthentication yes @@ -2115,9 +2149,9 @@ diff -Nur openssh-9.9p1.orig/ssh_config openssh-9.9p1/ssh_config # GSSAPITrustDNS no # BatchMode no # CheckHostIP no -diff -Nur openssh-9.9p1.orig/ssh_config.5 openssh-9.9p1/ssh_config.5 ---- openssh-9.9p1.orig/ssh_config.5 2025-01-20 19:52:47.956052433 +0100 -+++ openssh-9.9p1/ssh_config.5 2025-01-20 20:23:17.282730069 +0100 +diff -Nur openssh-10.0p1.orig/ssh_config.5 openssh-10.0p1/ssh_config.5 +--- openssh-10.0p1.orig/ssh_config.5 2025-06-14 08:24:55.625225410 +0200 ++++ openssh-10.0p1/ssh_config.5 2025-06-14 08:25:50.334845923 +0200 @@ -52,6 +52,12 @@ user's configuration file .Pq Pa ~/.ssh/config @@ -2131,7 +2165,7 @@ diff -Nur openssh-9.9p1.orig/ssh_config.5 openssh-9.9p1/ssh_config.5 system-wide configuration file .Pq Pa /etc/ssh/ssh_config .El -@@ -931,7 +937,7 @@ +@@ -969,7 +975,7 @@ .It Cm GSSAPIAuthentication Specifies whether user authentication based on GSSAPI is allowed. The default is @@ -2140,7 +2174,7 @@ diff -Nur openssh-9.9p1.orig/ssh_config.5 openssh-9.9p1/ssh_config.5 .It Cm GSSAPIClientIdentity If set, specifies the GSSAPI client identity that ssh should use when connecting to the server. The default is unset, which means that the default -@@ -939,12 +945,12 @@ +@@ -977,12 +983,12 @@ .It Cm GSSAPIDelegateCredentials Forward (delegate) credentials to the server. The default is @@ -2155,7 +2189,7 @@ diff -Nur openssh-9.9p1.orig/ssh_config.5 openssh-9.9p1/ssh_config.5 .It Cm GSSAPIRenewalForcesRekey If set to .Dq yes -@@ -1600,7 +1606,7 @@ +@@ -1645,7 +1651,7 @@ .Cm password ) . The default is: .Bd -literal -offset indent @@ -2164,10 +2198,10 @@ diff -Nur openssh-9.9p1.orig/ssh_config.5 openssh-9.9p1/ssh_config.5 keyboard-interactive,password .Ed .It Cm ProxyCommand -diff -Nur openssh-9.9p1.orig/sshconnect2.c openssh-9.9p1/sshconnect2.c ---- openssh-9.9p1.orig/sshconnect2.c 2025-01-20 19:52:47.951052420 +0100 -+++ openssh-9.9p1/sshconnect2.c 2025-01-20 20:23:17.283730071 +0100 -@@ -855,6 +855,11 @@ +diff -Nur openssh-10.0p1.orig/sshconnect2.c openssh-10.0p1/sshconnect2.c +--- openssh-10.0p1.orig/sshconnect2.c 2025-06-14 08:24:55.591449573 +0200 ++++ openssh-10.0p1/sshconnect2.c 2025-06-14 08:25:50.335562288 +0200 +@@ -858,6 +858,11 @@ gss_OID mech = NULL; char *gss_host = NULL; @@ -2179,7 +2213,7 @@ diff -Nur openssh-9.9p1.orig/sshconnect2.c openssh-9.9p1/sshconnect2.c if (options.gss_server_identity) { gss_host = xstrdup(options.gss_server_identity); } else if (options.gss_trust_dns) { -@@ -963,7 +968,8 @@ +@@ -966,7 +971,8 @@ if (status == GSS_S_COMPLETE) { /* send either complete or MIC, depending on mechanism */ @@ -2189,7 +2223,7 @@ diff -Nur openssh-9.9p1.orig/sshconnect2.c openssh-9.9p1/sshconnect2.c if ((r = sshpkt_start(ssh, SSH2_MSG_USERAUTH_GSSAPI_EXCHANGE_COMPLETE)) != 0 || (r = sshpkt_send(ssh)) != 0) -@@ -1130,6 +1136,20 @@ +@@ -1133,6 +1139,20 @@ return r; } @@ -2210,7 +2244,7 @@ diff -Nur openssh-9.9p1.orig/sshconnect2.c openssh-9.9p1/sshconnect2.c int userauth_gsskeyex(struct ssh *ssh) { -@@ -1152,6 +1172,12 @@ +@@ -1155,6 +1175,12 @@ if ((b = sshbuf_new()) == NULL) fatal_f("sshbuf_new failed"); @@ -2223,7 +2257,7 @@ diff -Nur openssh-9.9p1.orig/sshconnect2.c openssh-9.9p1/sshconnect2.c ssh_gssapi_buildmic(b, authctxt->server_user, authctxt->service, "gssapi-keyex", ssh->kex->session_id); -@@ -1165,7 +1191,9 @@ +@@ -1168,7 +1194,9 @@ } if ((r = sshpkt_start(ssh, SSH2_MSG_USERAUTH_REQUEST)) != 0 || @@ -2234,9 +2268,9 @@ diff -Nur openssh-9.9p1.orig/sshconnect2.c openssh-9.9p1/sshconnect2.c (r = sshpkt_put_cstring(ssh, authctxt->service)) != 0 || (r = sshpkt_put_cstring(ssh, authctxt->method->name)) != 0 || (r = sshpkt_put_string(ssh, mic.value, mic.length)) != 0 || -diff -Nur openssh-9.9p1.orig/sshd.8 openssh-9.9p1/sshd.8 ---- openssh-9.9p1.orig/sshd.8 2025-01-20 19:52:47.807052051 +0100 -+++ openssh-9.9p1/sshd.8 2025-01-20 20:23:17.283730071 +0100 +diff -Nur openssh-10.0p1.orig/sshd.8 openssh-10.0p1/sshd.8 +--- openssh-10.0p1.orig/sshd.8 2025-06-14 08:24:55.024336971 +0200 ++++ openssh-10.0p1/sshd.8 2025-06-14 08:25:50.336280328 +0200 @@ -840,6 +840,29 @@ # A CA key, accepted for any host in *.mydomain.com or *.mydomain.org @cert-authority *.mydomain.org,*.mydomain.com ssh-rsa AAAAB5W... @@ -2267,10 +2301,10 @@ diff -Nur openssh-9.9p1.orig/sshd.8 openssh-9.9p1/sshd.8 .Sh FILES .Bl -tag -width Ds -compact .It Pa ~/.hushlogin -diff -Nur openssh-9.9p1.orig/sshd_config openssh-9.9p1/sshd_config ---- openssh-9.9p1.orig/sshd_config 2025-01-20 19:52:47.826052099 +0100 -+++ openssh-9.9p1/sshd_config 2025-01-20 20:23:17.284730074 +0100 -@@ -76,10 +76,11 @@ +diff -Nur openssh-10.0p1.orig/sshd_config openssh-10.0p1/sshd_config +--- openssh-10.0p1.orig/sshd_config 2025-06-14 08:24:55.129477337 +0200 ++++ openssh-10.0p1/sshd_config 2025-06-14 08:25:50.336709644 +0200 +@@ -78,10 +78,11 @@ #KerberosUseKuserok yes # GSSAPI options @@ -2284,7 +2318,7 @@ diff -Nur openssh-9.9p1.orig/sshd_config openssh-9.9p1/sshd_config #GSSAPIEnablek5users no # Set this to 'yes' to enable PAM authentication, account processing, -@@ -95,6 +96,10 @@ +@@ -97,6 +98,10 @@ # problems. #UsePAM no @@ -2295,9 +2329,9 @@ diff -Nur openssh-9.9p1.orig/sshd_config openssh-9.9p1/sshd_config #AllowAgentForwarding yes #AllowTcpForwarding yes #GatewayPorts no -diff -Nur openssh-9.9p1.orig/sshd_config.5 openssh-9.9p1/sshd_config.5 ---- openssh-9.9p1.orig/sshd_config.5 2025-01-20 19:52:47.870052212 +0100 -+++ openssh-9.9p1/sshd_config.5 2025-01-20 20:23:17.284730074 +0100 +diff -Nur openssh-10.0p1.orig/sshd_config.5 openssh-10.0p1/sshd_config.5 +--- openssh-10.0p1.orig/sshd_config.5 2025-06-14 08:24:55.713605773 +0200 ++++ openssh-10.0p1/sshd_config.5 2025-06-14 08:25:50.337207823 +0200 @@ -724,15 +724,34 @@ to allow the client to select the address to which the forwarding is bound. The default is @@ -2343,7 +2377,7 @@ diff -Nur openssh-9.9p1.orig/sshd_config.5 openssh-9.9p1/sshd_config.5 .It Cm GSSAPIStrictAcceptorCheck Determines whether to be strict about the identity of the GSSAPI acceptor a client authenticates against. -@@ -2041,6 +2060,12 @@ +@@ -2100,6 +2119,12 @@ as a non-root user. The default is .Cm no . @@ -2356,9 +2390,9 @@ diff -Nur openssh-9.9p1.orig/sshd_config.5 openssh-9.9p1/sshd_config.5 .It Cm VersionAddendum Optionally specifies additional text to append to the SSH protocol banner sent by the server upon connection. -diff -Nur openssh-9.9p1.orig/sshd_config_redhat openssh-9.9p1/sshd_config_redhat ---- openssh-9.9p1.orig/sshd_config_redhat 2025-01-20 19:52:47.764051942 +0100 -+++ openssh-9.9p1/sshd_config_redhat 2025-01-20 20:23:17.285730077 +0100 +diff -Nur openssh-10.0p1.orig/sshd_config_redhat openssh-10.0p1/sshd_config_redhat +--- openssh-10.0p1.orig/sshd_config_redhat 2025-06-14 08:24:54.911947266 +0200 ++++ openssh-10.0p1/sshd_config_redhat 2025-06-14 08:25:50.337806574 +0200 @@ -2,9 +2,6 @@ KbdInteractiveAuthentication no @@ -2369,10 +2403,10 @@ diff -Nur openssh-9.9p1.orig/sshd_config_redhat openssh-9.9p1/sshd_config_redhat UsePAM yes X11Forwarding yes -diff -Nur openssh-9.9p1.orig/sshd-session.c openssh-9.9p1/sshd-session.c ---- openssh-9.9p1.orig/sshd-session.c 2025-01-20 19:52:47.968052463 +0100 -+++ openssh-9.9p1/sshd-session.c 2025-01-20 20:23:17.285730077 +0100 -@@ -1487,7 +1487,7 @@ +diff -Nur openssh-10.0p1.orig/sshd-session.c openssh-10.0p1/sshd-session.c +--- openssh-10.0p1.orig/sshd-session.c 2025-06-14 08:24:55.591819733 +0200 ++++ openssh-10.0p1/sshd-session.c 2025-06-14 08:25:50.338154455 +0200 +@@ -1448,7 +1448,7 @@ #endif #ifdef GSSAPI @@ -2381,10 +2415,10 @@ diff -Nur openssh-9.9p1.orig/sshd-session.c openssh-9.9p1/sshd-session.c temporarily_use_uid(authctxt->pw); authctxt->krb5_set_env = ssh_gssapi_storecreds(); restore_uid(); -diff -Nur openssh-9.9p1.orig/ssh-gss.h openssh-9.9p1/ssh-gss.h ---- openssh-9.9p1.orig/ssh-gss.h 2025-01-20 19:52:47.805052046 +0100 -+++ openssh-9.9p1/ssh-gss.h 2025-01-20 20:23:17.286730079 +0100 -@@ -99,12 +99,14 @@ +diff -Nur openssh-10.0p1.orig/ssh-gss.h openssh-10.0p1/ssh-gss.h +--- openssh-10.0p1.orig/ssh-gss.h 2025-06-14 08:24:55.713368522 +0200 ++++ openssh-10.0p1/ssh-gss.h 2025-06-14 08:25:50.338720590 +0200 +@@ -105,12 +105,14 @@ } ssh_gssapi_ccache; typedef struct { @@ -2399,8 +2433,8 @@ diff -Nur openssh-9.9p1.orig/ssh-gss.h openssh-9.9p1/ssh-gss.h + gss_ctx_id_t context; /* needed for globus_gss_assist_map_and_authorize() */ int used; int updated; - } ssh_gssapi_client; -@@ -125,7 +127,7 @@ + char **indicators; /* auth indicators */ +@@ -132,7 +134,7 @@ OM_uint32 minor; /* both */ gss_ctx_id_t context; /* both */ gss_name_t name; /* both */ @@ -2409,7 +2443,7 @@ diff -Nur openssh-9.9p1.orig/ssh-gss.h openssh-9.9p1/ssh-gss.h gss_cred_id_t creds; /* server */ gss_name_t client; /* server */ gss_cred_id_t client_creds; /* both */ -@@ -172,6 +174,9 @@ +@@ -179,6 +181,9 @@ OM_uint32 ssh_gssapi_client_identity(Gssctxt *, const char *); int ssh_gssapi_credentials_updated(Gssctxt *); @@ -2419,12 +2453,12 @@ diff -Nur openssh-9.9p1.orig/ssh-gss.h openssh-9.9p1/ssh-gss.h /* In the server */ typedef int ssh_gssapi_check_fn(Gssctxt **, gss_OID, const char *, const char *); -diff -Nur openssh-9.9p1.orig/version.h openssh-9.9p1/version.h ---- openssh-9.9p1.orig/version.h 2024-09-20 00:20:48.000000000 +0200 -+++ openssh-9.9p1/version.h 2025-01-20 20:23:17.286730079 +0100 +diff -Nur openssh-10.0p1.orig/version.h openssh-10.0p1/version.h +--- openssh-10.0p1.orig/version.h 2025-04-09 09:02:43.000000000 +0200 ++++ openssh-10.0p1/version.h 2025-06-14 08:41:29.417798618 +0200 @@ -2,5 +2,19 @@ - #define SSH_VERSION "OpenSSH_9.9" + #define SSH_VERSION "OpenSSH_10.0" +#ifdef GSI +#define GSI_VERSION " GSI" @@ -2438,7 +2472,7 @@ diff -Nur openssh-9.9p1.orig/version.h openssh-9.9p1/version.h +#define KRB5_VERSION "" +#endif + - #define SSH_PORTABLE "p1" + #define SSH_PORTABLE "p2" -#define SSH_RELEASE SSH_VERSION SSH_PORTABLE +#define GSI_PORTABLE "c-GSI" +#define SSH_RELEASE SSH_VERSION SSH_PORTABLE GSI_PORTABLE \ diff --git a/openssh-9.9p1-hpn-18.6.0.patch b/2001-openssh-10.0p1-hpn-18.7.0.patch similarity index 94% rename from openssh-9.9p1-hpn-18.6.0.patch rename to 2001-openssh-10.0p1-hpn-18.7.0.patch index da663c9..8349a52 100644 --- a/openssh-9.9p1-hpn-18.6.0.patch +++ b/2001-openssh-10.0p1-hpn-18.7.0.patch @@ -1,6 +1,6 @@ -diff -Nur openssh-9.9p1.orig/auth2.c openssh-9.9p1/auth2.c ---- openssh-9.9p1.orig/auth2.c 2025-01-20 20:48:33.444582227 +0100 -+++ openssh-9.9p1/auth2.c 2025-01-20 21:54:08.570687857 +0100 +diff -Nur openssh-10.0p1.orig/auth2.c openssh-10.0p1/auth2.c +--- openssh-10.0p1.orig/auth2.c 2025-06-14 10:53:02.012331859 +0200 ++++ openssh-10.0p1/auth2.c 2025-06-14 11:42:37.929224784 +0200 @@ -52,6 +52,8 @@ #include "dispatch.h" #include "pathnames.h" @@ -41,9 +41,9 @@ diff -Nur openssh-9.9p1.orig/auth2.c openssh-9.9p1/auth2.c debug("attempt %d failures %d", authctxt->attempt, authctxt->failures); #ifdef WITH_SELINUX -diff -Nur openssh-9.9p1.orig/binn.c openssh-9.9p1/binn.c ---- openssh-9.9p1.orig/binn.c 1970-01-01 01:00:00.000000000 +0100 -+++ openssh-9.9p1/binn.c 2025-01-20 20:50:04.564813761 +0100 +diff -Nur openssh-10.0p1.orig/binn.c openssh-10.0p1/binn.c +--- openssh-10.0p1.orig/binn.c 1970-01-01 01:00:00.000000000 +0100 ++++ openssh-10.0p1/binn.c 2025-06-14 10:54:01.301771902 +0200 @@ -0,0 +1,3541 @@ +#include +#include @@ -3586,9 +3586,9 @@ diff -Nur openssh-9.9p1.orig/binn.c openssh-9.9p1/binn.c +} + +/*************************************************************************************/ -diff -Nur openssh-9.9p1.orig/binn.h openssh-9.9p1/binn.h ---- openssh-9.9p1.orig/binn.h 1970-01-01 01:00:00.000000000 +0100 -+++ openssh-9.9p1/binn.h 2025-01-20 20:50:04.565813763 +0100 +diff -Nur openssh-10.0p1.orig/binn.h openssh-10.0p1/binn.h +--- openssh-10.0p1.orig/binn.h 1970-01-01 01:00:00.000000000 +0100 ++++ openssh-10.0p1/binn.h 2025-06-14 10:54:01.303905629 +0200 @@ -0,0 +1,945 @@ + +// TO ENABLE INLINE FUNCTIONS: @@ -4535,12 +4535,12 @@ diff -Nur openssh-9.9p1.orig/binn.h openssh-9.9p1/binn.h +#endif + +#endif //BINN_H -diff -Nur openssh-9.9p1.orig/channels.c openssh-9.9p1/channels.c ---- openssh-9.9p1.orig/channels.c 2025-01-20 20:48:33.373582047 +0100 -+++ openssh-9.9p1/channels.c 2025-01-20 21:55:22.938880541 +0100 -@@ -97,6 +97,11 @@ - /* Minimum port number for X11 forwarding */ - #define X11_PORT_MIN 6000 +diff -Nur openssh-10.0p1.orig/channels.c openssh-10.0p1/channels.c +--- openssh-10.0p1.orig/channels.c 2025-06-14 10:53:01.614387370 +0200 ++++ openssh-10.0p1/channels.c 2025-06-14 11:44:14.886309096 +0200 +@@ -99,6 +99,11 @@ + /* Maximum number of fake X11 displays to try. */ + #define MAX_DISPLAYS 1000 +/* in version of OpenSSH later than 8.8 if we advertise a window + * 16MB or larger is causes a pathological behaviour that reduces @@ -4550,7 +4550,7 @@ diff -Nur openssh-9.9p1.orig/channels.c openssh-9.9p1/channels.c /* Per-channel callback for pre/post IO actions */ typedef void chan_fn(struct ssh *, Channel *c); -@@ -225,6 +230,9 @@ +@@ -227,6 +232,9 @@ /* Setup helper */ static void channel_handler_init(struct ssh_channels *sc); @@ -4560,7 +4560,7 @@ diff -Nur openssh-9.9p1.orig/channels.c openssh-9.9p1/channels.c /* -- channel core */ void -@@ -519,6 +527,16 @@ +@@ -521,6 +529,16 @@ (c->output = sshbuf_new()) == NULL || (c->extended = sshbuf_new()) == NULL) fatal_f("sshbuf_new failed"); @@ -4577,7 +4577,7 @@ diff -Nur openssh-9.9p1.orig/channels.c openssh-9.9p1/channels.c if ((r = sshbuf_set_max_size(c->input, CHAN_INPUT_MAX)) != 0) fatal_fr(r, "sshbuf_set_max_size"); c->ostate = CHAN_OUTPUT_OPEN; -@@ -530,6 +548,7 @@ +@@ -532,6 +550,7 @@ c->local_window = window; c->local_window_max = window; c->local_maxpacket = maxpack; @@ -4585,7 +4585,7 @@ diff -Nur openssh-9.9p1.orig/channels.c openssh-9.9p1/channels.c c->remote_name = xstrdup(remote_name); c->ctl_chan = -1; c->delayed = 1; /* prevent call to channel_post handler */ -@@ -1257,6 +1276,33 @@ +@@ -1259,6 +1278,33 @@ c->io_want = SSH_CHAN_IO_SOCK_W; } @@ -4619,7 +4619,7 @@ diff -Nur openssh-9.9p1.orig/channels.c openssh-9.9p1/channels.c static void channel_pre_open(struct ssh *ssh, Channel *c) { -@@ -2364,18 +2410,29 @@ +@@ -2366,18 +2412,29 @@ c->local_maxpacket*3) || c->local_window < c->local_window_max/2) && c->local_consumed > 0) { @@ -4652,7 +4652,7 @@ diff -Nur openssh-9.9p1.orig/channels.c openssh-9.9p1/channels.c c->local_consumed = 0; } return 1; -@@ -2961,9 +3018,7 @@ +@@ -2963,9 +3020,7 @@ * in use. */ if (CHANNEL_EFD_INPUT_ACTIVE(c)) @@ -4663,7 +4663,7 @@ diff -Nur openssh-9.9p1.orig/channels.c openssh-9.9p1/channels.c else chan_ibuf_empty(ssh, c); } -@@ -3672,7 +3727,7 @@ +@@ -3674,7 +3729,7 @@ error_fr(r, "parse adjust"); ssh_packet_disconnect(ssh, "Invalid window adjust message"); } @@ -4672,7 +4672,7 @@ diff -Nur openssh-9.9p1.orig/channels.c openssh-9.9p1/channels.c if ((new_rwin = c->remote_window + adjust) < c->remote_window) { fatal("channel %d: adjust %u overflows remote window %u", c->self, adjust, c->remote_window); -@@ -3787,6 +3842,13 @@ +@@ -3789,6 +3844,13 @@ return addr; } @@ -4686,9 +4686,9 @@ diff -Nur openssh-9.9p1.orig/channels.c openssh-9.9p1/channels.c static int channel_setup_fwd_listener_tcpip(struct ssh *ssh, int type, struct Forward *fwd, int *allocated_listen_port, -diff -Nur openssh-9.9p1.orig/channels.h openssh-9.9p1/channels.h ---- openssh-9.9p1.orig/channels.h 2025-01-20 20:48:33.343581971 +0100 -+++ openssh-9.9p1/channels.h 2025-01-20 20:50:04.567813768 +0100 +diff -Nur openssh-10.0p1.orig/channels.h openssh-10.0p1/channels.h +--- openssh-10.0p1.orig/channels.h 2025-06-14 10:53:01.467785388 +0200 ++++ openssh-10.0p1/channels.h 2025-06-14 10:54:01.306120024 +0200 @@ -175,6 +175,7 @@ u_int local_window_max; u_int local_consumed; @@ -4706,16 +4706,16 @@ diff -Nur openssh-9.9p1.orig/channels.h openssh-9.9p1/channels.h /* Maximum size for direct reads to buffers */ #define CHANNEL_MAX_READ CHAN_SES_PACKET_DEFAULT -@@ -398,4 +399,6 @@ +@@ -399,4 +400,6 @@ void chan_write_failed(struct ssh *, Channel *); void chan_obuf_empty(struct ssh *, Channel *); +/* hpn handler */ +void channel_set_hpn_disabled(int); #endif -diff -Nur openssh-9.9p1.orig/cipher.c openssh-9.9p1/cipher.c ---- openssh-9.9p1.orig/cipher.c 2025-01-20 20:48:33.392582095 +0100 -+++ openssh-9.9p1/cipher.c 2025-01-20 21:56:16.253016900 +0100 +diff -Nur openssh-10.0p1.orig/cipher.c openssh-10.0p1/cipher.c +--- openssh-10.0p1.orig/cipher.c 2025-06-14 10:53:01.716919856 +0200 ++++ openssh-10.0p1/cipher.c 2025-06-14 12:01:51.076334585 +0200 @@ -48,23 +48,39 @@ #include "sshbuf.h" #include "ssherr.h" @@ -5011,9 +5011,9 @@ diff -Nur openssh-9.9p1.orig/cipher.c openssh-9.9p1/cipher.c #endif freezero(cc, sizeof(*cc)); } -diff -Nur openssh-9.9p1.orig/cipher-chachapoly.c openssh-9.9p1/cipher-chachapoly.c ---- openssh-9.9p1.orig/cipher-chachapoly.c 2024-09-20 00:20:48.000000000 +0200 -+++ openssh-9.9p1/cipher-chachapoly.c 2025-01-20 20:50:04.569813773 +0100 +diff -Nur openssh-10.0p1.orig/cipher-chachapoly.c openssh-10.0p1/cipher-chachapoly.c +--- openssh-10.0p1.orig/cipher-chachapoly.c 2025-04-09 09:02:43.000000000 +0200 ++++ openssh-10.0p1/cipher-chachapoly.c 2025-06-14 10:54:01.307925846 +0200 @@ -88,7 +88,7 @@ if (!do_encrypt) { const u_char *tag = src + aadlen + len; @@ -5032,13 +5032,14 @@ diff -Nur openssh-9.9p1.orig/cipher-chachapoly.c openssh-9.9p1/cipher-chachapoly poly_key); } r = 0; -diff -Nur openssh-9.9p1.orig/cipher-chachapoly-libcrypto.c openssh-9.9p1/cipher-chachapoly-libcrypto.c ---- openssh-9.9p1.orig/cipher-chachapoly-libcrypto.c 2024-09-20 00:20:48.000000000 +0200 -+++ openssh-9.9p1/cipher-chachapoly-libcrypto.c 2025-01-20 21:59:09.157459134 +0100 -@@ -34,8 +34,17 @@ +diff -Nur openssh-10.0p1.orig/cipher-chachapoly-libcrypto.c openssh-10.0p1/cipher-chachapoly-libcrypto.c +--- openssh-10.0p1.orig/cipher-chachapoly-libcrypto.c 2025-04-09 09:02:43.000000000 +0200 ++++ openssh-10.0p1/cipher-chachapoly-libcrypto.c 2025-06-14 10:54:01.308400139 +0200 +@@ -34,8 +34,18 @@ #include "ssherr.h" #include "cipher-chachapoly.h" ++ +/* using the EVP_MAC interface for poly1305 is significantly + * faster than the version bundled with OpenSSH. However, + * this interface is only available in OpenSSL 3.0+ @@ -5053,7 +5054,7 @@ diff -Nur openssh-9.9p1.orig/cipher-chachapoly-libcrypto.c openssh-9.9p1/cipher- }; struct chachapoly_ctx * -@@ -56,6 +65,15 @@ +@@ -56,6 +66,15 @@ goto fail; if (EVP_CIPHER_CTX_iv_length(ctx->header_evp) != 16) goto fail; @@ -5069,7 +5070,7 @@ diff -Nur openssh-9.9p1.orig/cipher-chachapoly-libcrypto.c openssh-9.9p1/cipher- return ctx; fail: chachapoly_free(ctx); -@@ -69,6 +87,9 @@ +@@ -69,6 +88,9 @@ return; EVP_CIPHER_CTX_free(cpctx->main_evp); EVP_CIPHER_CTX_free(cpctx->header_evp); @@ -5079,7 +5080,7 @@ diff -Nur openssh-9.9p1.orig/cipher-chachapoly-libcrypto.c openssh-9.9p1/cipher- freezero(cpctx, sizeof(*cpctx)); } -@@ -107,7 +128,7 @@ +@@ -107,7 +129,7 @@ if (!do_encrypt) { const u_char *tag = src + aadlen + len; @@ -5088,7 +5089,7 @@ diff -Nur openssh-9.9p1.orig/cipher-chachapoly-libcrypto.c openssh-9.9p1/cipher- if (timingsafe_bcmp(expected_tag, tag, POLY1305_TAGLEN) != 0) { r = SSH_ERR_MAC_INVALID; goto out; -@@ -133,7 +154,7 @@ +@@ -133,7 +155,7 @@ /* If encrypting, calculate and append tag */ if (do_encrypt) { @@ -5097,9 +5098,9 @@ diff -Nur openssh-9.9p1.orig/cipher-chachapoly-libcrypto.c openssh-9.9p1/cipher- poly_key); } r = 0; -diff -Nur openssh-9.9p1.orig/cipher-chachapoly-libcrypto-mt.c openssh-9.9p1/cipher-chachapoly-libcrypto-mt.c ---- openssh-9.9p1.orig/cipher-chachapoly-libcrypto-mt.c 1970-01-01 01:00:00.000000000 +0100 -+++ openssh-9.9p1/cipher-chachapoly-libcrypto-mt.c 2025-01-20 20:50:04.570813776 +0100 +diff -Nur openssh-10.0p1.orig/cipher-chachapoly-libcrypto-mt.c openssh-10.0p1/cipher-chachapoly-libcrypto-mt.c +--- openssh-10.0p1.orig/cipher-chachapoly-libcrypto-mt.c 1970-01-01 01:00:00.000000000 +0100 ++++ openssh-10.0p1/cipher-chachapoly-libcrypto-mt.c 2025-06-14 10:54:01.309077322 +0200 @@ -0,0 +1,695 @@ +/* + * Copyright (c) 2023 The Board of Trustees of Carnegie Mellon University. @@ -5796,9 +5797,9 @@ diff -Nur openssh-9.9p1.orig/cipher-chachapoly-libcrypto-mt.c openssh-9.9p1/ciph +#endif +} +#endif /* defined(HAVE_EVP_CHACHA20) && !defined(HAVE_BROKEN_CHACHA20) */ -diff -Nur openssh-9.9p1.orig/cipher-chachapoly-libcrypto-mt.h openssh-9.9p1/cipher-chachapoly-libcrypto-mt.h ---- openssh-9.9p1.orig/cipher-chachapoly-libcrypto-mt.h 1970-01-01 01:00:00.000000000 +0100 -+++ openssh-9.9p1/cipher-chachapoly-libcrypto-mt.h 2025-01-20 20:50:04.571813779 +0100 +diff -Nur openssh-10.0p1.orig/cipher-chachapoly-libcrypto-mt.h openssh-10.0p1/cipher-chachapoly-libcrypto-mt.h +--- openssh-10.0p1.orig/cipher-chachapoly-libcrypto-mt.h 1970-01-01 01:00:00.000000000 +0100 ++++ openssh-10.0p1/cipher-chachapoly-libcrypto-mt.h 2025-06-14 10:54:01.309455724 +0200 @@ -0,0 +1,45 @@ +/* + * Copyright (c) 2023 The Board of Trustees of Carnegie Mellon University. @@ -5845,9 +5846,9 @@ diff -Nur openssh-9.9p1.orig/cipher-chachapoly-libcrypto-mt.h openssh-9.9p1/ciph + __attribute__((__bounded__(__buffer__, 4, 5))); + +#endif /* CHACHA_POLY_LIBCRYPTO_MT_H */ -diff -Nur openssh-9.9p1.orig/cipher-ctr-mt.c openssh-9.9p1/cipher-ctr-mt.c ---- openssh-9.9p1.orig/cipher-ctr-mt.c 1970-01-01 01:00:00.000000000 +0100 -+++ openssh-9.9p1/cipher-ctr-mt.c 2025-01-20 20:50:04.571813779 +0100 +diff -Nur openssh-10.0p1.orig/cipher-ctr-mt.c openssh-10.0p1/cipher-ctr-mt.c +--- openssh-10.0p1.orig/cipher-ctr-mt.c 1970-01-01 01:00:00.000000000 +0100 ++++ openssh-10.0p1/cipher-ctr-mt.c 2025-06-14 10:54:01.309949084 +0200 @@ -0,0 +1,677 @@ +/* + * OpenSSH Multi-threaded AES-CTR Cipher @@ -6526,9 +6527,9 @@ diff -Nur openssh-9.9p1.orig/cipher-ctr-mt.c openssh-9.9p1/cipher-ctr-mt.c + return aes_ctr; +} +#endif /* OSSL Check */ -diff -Nur openssh-9.9p1.orig/cipher-ctr-mt-functions.c openssh-9.9p1/cipher-ctr-mt-functions.c ---- openssh-9.9p1.orig/cipher-ctr-mt-functions.c 1970-01-01 01:00:00.000000000 +0100 -+++ openssh-9.9p1/cipher-ctr-mt-functions.c 2025-01-20 20:50:04.572813781 +0100 +diff -Nur openssh-10.0p1.orig/cipher-ctr-mt-functions.c openssh-10.0p1/cipher-ctr-mt-functions.c +--- openssh-10.0p1.orig/cipher-ctr-mt-functions.c 1970-01-01 01:00:00.000000000 +0100 ++++ openssh-10.0p1/cipher-ctr-mt-functions.c 2025-06-14 10:54:01.310535264 +0200 @@ -0,0 +1,668 @@ +/* + * OpenSSH Multi-threaded AES-CTR Cipher Provider for OpenSSL 3 @@ -7198,9 +7199,9 @@ diff -Nur openssh-9.9p1.orig/cipher-ctr-mt-functions.c openssh-9.9p1/cipher-ctr- +} + +#endif /*WITH_OPENSSL3*/ -diff -Nur openssh-9.9p1.orig/cipher-ctr-mt-functions.h openssh-9.9p1/cipher-ctr-mt-functions.h ---- openssh-9.9p1.orig/cipher-ctr-mt-functions.h 1970-01-01 01:00:00.000000000 +0100 -+++ openssh-9.9p1/cipher-ctr-mt-functions.h 2025-01-20 20:50:04.572813781 +0100 +diff -Nur openssh-10.0p1.orig/cipher-ctr-mt-functions.h openssh-10.0p1/cipher-ctr-mt-functions.h +--- openssh-10.0p1.orig/cipher-ctr-mt-functions.h 1970-01-01 01:00:00.000000000 +0100 ++++ openssh-10.0p1/cipher-ctr-mt-functions.h 2025-06-14 10:54:01.310937760 +0200 @@ -0,0 +1,142 @@ +/* + * OpenSSH Multi-threaded AES-CTR Cipher Provider for OpenSSL 3 @@ -7344,9 +7345,9 @@ diff -Nur openssh-9.9p1.orig/cipher-ctr-mt-functions.h openssh-9.9p1/cipher-ctr- + +#endif /* WITH OPENSSL */ +#endif /* CTR_MT_FUNCS */ -diff -Nur openssh-9.9p1.orig/cipher-ctr-mt-provider.c openssh-9.9p1/cipher-ctr-mt-provider.c ---- openssh-9.9p1.orig/cipher-ctr-mt-provider.c 1970-01-01 01:00:00.000000000 +0100 -+++ openssh-9.9p1/cipher-ctr-mt-provider.c 2025-01-20 20:50:04.572813781 +0100 +diff -Nur openssh-10.0p1.orig/cipher-ctr-mt-provider.c openssh-10.0p1/cipher-ctr-mt-provider.c +--- openssh-10.0p1.orig/cipher-ctr-mt-provider.c 1970-01-01 01:00:00.000000000 +0100 ++++ openssh-10.0p1/cipher-ctr-mt-provider.c 2025-06-14 10:54:01.311329711 +0200 @@ -0,0 +1,390 @@ +/* + * OpenSSH Multi-threaded AES-CTR Cipher Provider for OpenSSL 3 @@ -7738,9 +7739,9 @@ diff -Nur openssh-9.9p1.orig/cipher-ctr-mt-provider.c openssh-9.9p1/cipher-ctr-m +} + +#endif /*WITH_OPENSSL3*/ -diff -Nur openssh-9.9p1.orig/cipher.h openssh-9.9p1/cipher.h ---- openssh-9.9p1.orig/cipher.h 2025-01-20 20:48:33.392582095 +0100 -+++ openssh-9.9p1/cipher.h 2025-01-20 20:59:21.957234646 +0100 +diff -Nur openssh-10.0p1.orig/cipher.h openssh-10.0p1/cipher.h +--- openssh-10.0p1.orig/cipher.h 2025-06-14 10:53:01.717078466 +0200 ++++ openssh-10.0p1/cipher.h 2025-06-14 13:45:10.880862884 +0200 @@ -42,11 +42,17 @@ #include #endif @@ -7797,9 +7798,9 @@ diff -Nur openssh-9.9p1.orig/cipher.h openssh-9.9p1/cipher.h u_int cipher_ctx_is_plaintext(struct sshcipher_ctx *); -diff -Nur openssh-9.9p1.orig/cipher-switch.c openssh-9.9p1/cipher-switch.c ---- openssh-9.9p1.orig/cipher-switch.c 1970-01-01 01:00:00.000000000 +0100 -+++ openssh-9.9p1/cipher-switch.c 2025-01-20 20:50:04.573813784 +0100 +diff -Nur openssh-10.0p1.orig/cipher-switch.c openssh-10.0p1/cipher-switch.c +--- openssh-10.0p1.orig/cipher-switch.c 1970-01-01 01:00:00.000000000 +0100 ++++ openssh-10.0p1/cipher-switch.c 2025-06-14 10:54:01.312566045 +0200 @@ -0,0 +1,73 @@ +/* + * Copyright (c) 2023 The Board of Trustees of Carnegie Mellon University. @@ -7874,9 +7875,9 @@ diff -Nur openssh-9.9p1.orig/cipher-switch.c openssh-9.9p1/cipher-switch.c + } +#endif +} -diff -Nur openssh-9.9p1.orig/cipher-switch.h openssh-9.9p1/cipher-switch.h ---- openssh-9.9p1.orig/cipher-switch.h 1970-01-01 01:00:00.000000000 +0100 -+++ openssh-9.9p1/cipher-switch.h 2025-01-20 20:50:04.574813786 +0100 +diff -Nur openssh-10.0p1.orig/cipher-switch.h openssh-10.0p1/cipher-switch.h +--- openssh-10.0p1.orig/cipher-switch.h 1970-01-01 01:00:00.000000000 +0100 ++++ openssh-10.0p1/cipher-switch.h 2025-06-14 10:54:01.312822014 +0200 @@ -0,0 +1,18 @@ +/* + * Copyright (c) 2015 The Board of Trustees of Carnegie Mellon University. @@ -7896,9 +7897,9 @@ diff -Nur openssh-9.9p1.orig/cipher-switch.h openssh-9.9p1/cipher-switch.h + */ + +void cipher_switch (struct ssh *); -diff -Nur openssh-9.9p1.orig/clientloop.c openssh-9.9p1/clientloop.c ---- openssh-9.9p1.orig/clientloop.c 2025-01-20 20:48:33.290581837 +0100 -+++ openssh-9.9p1/clientloop.c 2025-01-20 20:50:04.575813789 +0100 +diff -Nur openssh-10.0p1.orig/clientloop.c openssh-10.0p1/clientloop.c +--- openssh-10.0p1.orig/clientloop.c 2025-06-14 10:53:01.223339310 +0200 ++++ openssh-10.0p1/clientloop.c 2025-06-14 10:54:01.313407565 +0200 @@ -114,6 +114,7 @@ #include "msg.h" #include "ssherr.h" @@ -7927,7 +7928,7 @@ diff -Nur openssh-9.9p1.orig/clientloop.c openssh-9.9p1/clientloop.c static void quit_message(const char *fmt, ...) __attribute__((__format__ (printf, 1, 2))); -@@ -1452,6 +1459,7 @@ +@@ -1453,6 +1460,7 @@ double start_time, total_time; int channel_did_enqueue = 0, r; u_int64_t ibytes, obytes; @@ -7935,7 +7936,7 @@ diff -Nur openssh-9.9p1.orig/clientloop.c openssh-9.9p1/clientloop.c int conn_in_ready, conn_out_ready; sigset_t bsigset, osigset; -@@ -1493,6 +1501,7 @@ +@@ -1494,6 +1502,7 @@ client_repledge(); start_time = monotime_double(); @@ -7943,7 +7944,7 @@ diff -Nur openssh-9.9p1.orig/clientloop.c openssh-9.9p1/clientloop.c /* Initialize variables. */ last_was_cr = 1; -@@ -1534,6 +1543,8 @@ +@@ -1535,6 +1544,8 @@ } schedule_server_alive_check(); @@ -7952,7 +7953,7 @@ diff -Nur openssh-9.9p1.orig/clientloop.c openssh-9.9p1/clientloop.c if (sigemptyset(&bsigset) == -1 || sigaddset(&bsigset, SIGHUP) == -1 || -@@ -1544,6 +1555,12 @@ +@@ -1545,6 +1556,12 @@ /* Main loop of the client for the interactive session mode. */ while (!quit_pending) { @@ -7965,7 +7966,7 @@ diff -Nur openssh-9.9p1.orig/clientloop.c openssh-9.9p1/clientloop.c channel_did_enqueue = 0; /* Process buffered packets sent by the server. */ -@@ -1636,6 +1653,10 @@ +@@ -1637,6 +1654,10 @@ } } } @@ -7976,7 +7977,7 @@ diff -Nur openssh-9.9p1.orig/clientloop.c openssh-9.9p1/clientloop.c free(pfd); /* Terminate the session. */ -@@ -2647,6 +2668,167 @@ +@@ -2648,6 +2669,167 @@ return 1; } @@ -8144,7 +8145,7 @@ diff -Nur openssh-9.9p1.orig/clientloop.c openssh-9.9p1/clientloop.c static int client_input_global_request(int type, u_int32_t seq, struct ssh *ssh) { -@@ -2772,6 +2954,43 @@ +@@ -2773,6 +2955,43 @@ len = sshbuf_len(cmd); if (len > 0) { @@ -8188,9 +8189,9 @@ diff -Nur openssh-9.9p1.orig/clientloop.c openssh-9.9p1/clientloop.c if (len > 900) len = 900; if (want_subsystem) { -diff -Nur openssh-9.9p1.orig/compat.c openssh-9.9p1/compat.c ---- openssh-9.9p1.orig/compat.c 2025-01-20 20:48:33.422582171 +0100 -+++ openssh-9.9p1/compat.c 2025-01-20 22:39:30.315877553 +0100 +diff -Nur openssh-10.0p1.orig/compat.c openssh-10.0p1/compat.c +--- openssh-10.0p1.orig/compat.c 2025-06-14 10:53:01.849953032 +0200 ++++ openssh-10.0p1/compat.c 2025-06-14 12:24:07.747714342 +0200 @@ -135,6 +135,35 @@ ssh->compat = check[i].bugs; if (forbid_ssh_rsa) @@ -8227,10 +8228,10 @@ diff -Nur openssh-9.9p1.orig/compat.c openssh-9.9p1/compat.c return; } } -diff -Nur openssh-9.9p1.orig/compat.h openssh-9.9p1/compat.h ---- openssh-9.9p1.orig/compat.h 2025-01-20 20:48:33.423582174 +0100 -+++ openssh-9.9p1/compat.h 2025-01-20 22:36:35.778448062 +0100 -@@ -46,12 +46,12 @@ +diff -Nur openssh-10.0p1.orig/compat.h openssh-10.0p1/compat.h +--- openssh-10.0p1.orig/compat.h 2025-06-14 10:53:01.850139160 +0200 ++++ openssh-10.0p1/compat.h 2025-06-14 12:25:55.470697341 +0200 +@@ -46,17 +46,18 @@ /* #define unused 0x00010000 */ /* #define unused 0x00020000 */ /* #define unused 0x00040000 */ @@ -8246,10 +8247,56 @@ diff -Nur openssh-9.9p1.orig/compat.h openssh-9.9p1/compat.h #define SSH_NEW_OPENSSH 0x04000000 #define SSH_BUG_DYNAMIC_RPORT 0x08000000 #define SSH_BUG_CURVE25519PAD 0x10000000 -diff -Nur openssh-9.9p1.orig/configure.ac openssh-9.9p1/configure.ac ---- openssh-9.9p1.orig/configure.ac 2025-01-20 20:48:33.447582234 +0100 -+++ openssh-9.9p1/configure.ac 2025-01-20 20:50:04.577813794 +0100 -@@ -2945,8 +2945,8 @@ + #define SSH_BUG_HOSTKEYS 0x20000000 + #define SSH_BUG_DHGEX_LARGE 0x40000000 ++/* #define unused 0x80000000 */ + + struct ssh; + +diff -Nur openssh-10.0p1.orig/configure.ac openssh-10.0p1/configure.ac +--- openssh-10.0p1.orig/configure.ac 2025-06-14 10:53:02.015907743 +0200 ++++ openssh-10.0p1/configure.ac 2025-06-14 10:54:01.316233073 +0200 +@@ -2621,6 +2621,39 @@ + ) + fi + ++ ++# Testing MPTCP Support ++# Does the OS support MPTCP? ++# We don't use this at the moment ++# but I am holding it in resrve -cjr 04/04/2025 ++ AC_MSG_CHECKING([whether the OS supports MPTCP]) ++ AC_RUN_IFELSE( ++ [AC_LANG_PROGRAM([[ ++ #include ++ #include ++ #include ++ #include ++ #include ++ #include ++ #include ++ ++ ]], [[ ++ int sock = -1; ++ sock = socket(AF_INET, SOCK_STREAM, IPPROTO_MPTCP); ++ if (sock < 0) { ++ exit(1); ++ } ++ ]])], ++ [ ++ AC_MSG_RESULT([yes]) ++ AC_DEFINE([HAVE_MPTCP], [1], ++ [OS Supports MPTCP]) ++ ], ++ [ ++ AC_MSG_RESULT([no]) ++ ] ++ ) ++ + if test "x$ac_cv_func_getaddrinfo" = "xyes" && \ + test "x$check_for_hpux_broken_getaddrinfo" = "x1"; then + AC_MSG_CHECKING([if getaddrinfo seems to work]) +@@ -3029,8 +3062,8 @@ 200*) # LibreSSL lver=`echo "$sslver" | sed 's/.*libressl-//'` case "$lver" in @@ -8260,7 +8307,7 @@ diff -Nur openssh-9.9p1.orig/configure.ac openssh-9.9p1/configure.ac ;; *) ;; # Assume all other versions are good. esac -@@ -2955,6 +2955,7 @@ +@@ -3039,6 +3072,7 @@ # OpenSSL 3; we use the 1.1x API # https://openssl.org/policies/general/versioning-policy.html CPPFLAGS="$CPPFLAGS -DOPENSSL_API_COMPAT=0x10100000L" @@ -8268,7 +8315,7 @@ diff -Nur openssh-9.9p1.orig/configure.ac openssh-9.9p1/configure.ac ;; *) AC_MSG_ERROR([Unknown/unsupported OpenSSL version ("$ssl_showver")]) -@@ -3074,6 +3075,30 @@ +@@ -3158,6 +3192,29 @@ EVP_CIPHER_CTX_set_iv \ ]) @@ -8294,26 +8341,42 @@ diff -Nur openssh-9.9p1.orig/configure.ac openssh-9.9p1/configure.ac + AC_MSG_RESULT([no]) + ] + ) -+ + if test "x$openssl_engine" = "xyes" ; then AC_MSG_CHECKING([for OpenSSL ENGINE support]) AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[ -diff -Nur openssh-9.9p1.orig/defines.h openssh-9.9p1/defines.h ---- openssh-9.9p1.orig/defines.h 2024-09-20 00:20:48.000000000 +0200 -+++ openssh-9.9p1/defines.h 2025-01-20 20:50:04.578813797 +0100 -@@ -889,7 +889,7 @@ +diff -Nur openssh-10.0p1.orig/defines.h openssh-10.0p1/defines.h +--- openssh-10.0p1.orig/defines.h 2025-04-09 09:02:43.000000000 +0200 ++++ openssh-10.0p1/defines.h 2025-06-14 10:54:01.317208898 +0200 +@@ -931,7 +931,11 @@ #endif #ifndef SSH_IOBUFSZ -# define SSH_IOBUFSZ 8192 +# define SSH_IOBUFSZ (32*1024) ++#endif ++ ++#ifndef IPPROTO_MPTCP ++#define IPPROTO_MPTCP 262 #endif /* -diff -Nur openssh-9.9p1.orig/digest.h openssh-9.9p1/digest.h ---- openssh-9.9p1.orig/digest.h 2024-09-20 00:20:48.000000000 +0200 -+++ openssh-9.9p1/digest.h 2025-01-20 20:50:04.578813797 +0100 +@@ -987,3 +991,12 @@ + # define USE_MLKEM768X25519 1 + #endif + #endif /* _DEFINES_H */ ++ ++/* used to enable checking linux kernel versions */ ++#if defined(__linux__) && !defined(__alpine__) ++#include ++#endif ++ ++#ifndef KERNEL_VERSION /* shouldn't be necessary to define this */ ++#define KERNEL_VERSION(a,b,c) (((a) <<16) + ((b) << 8) +(c)) ++#endif +diff -Nur openssh-10.0p1.orig/digest.h openssh-10.0p1/digest.h +--- openssh-10.0p1.orig/digest.h 2025-04-09 09:02:43.000000000 +0200 ++++ openssh-10.0p1/digest.h 2025-06-14 10:54:01.317584436 +0200 @@ -27,7 +27,8 @@ #define SSH_DIGEST_SHA256 2 #define SSH_DIGEST_SHA384 3 @@ -8324,9 +8387,9 @@ diff -Nur openssh-9.9p1.orig/digest.h openssh-9.9p1/digest.h struct sshbuf; struct ssh_digest_ctx; -diff -Nur openssh-9.9p1.orig/digest-openssl.c openssh-9.9p1/digest-openssl.c ---- openssh-9.9p1.orig/digest-openssl.c 2024-09-20 00:20:48.000000000 +0200 -+++ openssh-9.9p1/digest-openssl.c 2025-01-20 20:50:04.578813797 +0100 +diff -Nur openssh-10.0p1.orig/digest-openssl.c openssh-10.0p1/digest-openssl.c +--- openssh-10.0p1.orig/digest-openssl.c 2025-04-09 09:02:43.000000000 +0200 ++++ openssh-10.0p1/digest-openssl.c 2025-06-14 10:54:01.317859402 +0200 @@ -61,6 +61,7 @@ { SSH_DIGEST_SHA256, "SHA256", 32, EVP_sha256 }, { SSH_DIGEST_SHA384, "SHA384", 48, EVP_sha384 }, @@ -8335,9 +8398,9 @@ diff -Nur openssh-9.9p1.orig/digest-openssl.c openssh-9.9p1/digest-openssl.c { -1, NULL, 0, NULL }, }; -diff -Nur openssh-9.9p1.orig/FUNDING.yml openssh-9.9p1/FUNDING.yml ---- openssh-9.9p1.orig/FUNDING.yml 1970-01-01 01:00:00.000000000 +0100 -+++ openssh-9.9p1/FUNDING.yml 2025-01-20 20:50:04.578813797 +0100 +diff -Nur openssh-10.0p1.orig/FUNDING.yml openssh-10.0p1/FUNDING.yml +--- openssh-10.0p1.orig/FUNDING.yml 1970-01-01 01:00:00.000000000 +0100 ++++ openssh-10.0p1/FUNDING.yml 2025-06-14 10:54:01.318133600 +0200 @@ -0,0 +1,12 @@ +# These are supported funding model platforms + @@ -8351,12 +8414,22 @@ diff -Nur openssh-9.9p1.orig/FUNDING.yml openssh-9.9p1/FUNDING.yml +#issuehunt: # Replace with a single IssueHunt username +#otechie: # Replace with a single Otechie username +#custom: # Replace with up to 4 custom sponsorship URLs e.g., ['link1', 'link2'] -diff -Nur openssh-9.9p1.orig/HPN-README openssh-9.9p1/HPN-README ---- openssh-9.9p1.orig/HPN-README 1970-01-01 01:00:00.000000000 +0100 -+++ openssh-9.9p1/HPN-README 2025-01-20 20:50:04.578813797 +0100 -@@ -0,0 +1,170 @@ +diff -Nur openssh-10.0p1.orig/HPN-README openssh-10.0p1/HPN-README +--- openssh-10.0p1.orig/HPN-README 1970-01-01 01:00:00.000000000 +0100 ++++ openssh-10.0p1/HPN-README 2025-06-14 10:54:01.318366032 +0200 +@@ -0,0 +1,180 @@ +Notes: + ++MPTCP Support in 18.7.0: ++Multipath TCP is now available as a runtime option for HPN-SSH. MPTCP ++is available only on Linux and Mac OSX operating systems. Using MPTCP on a system that ++doesn't support it will result in a notice and failure. The use cases for MPTCP include ++seamless handovers when changing networks and aggregating multiple interfaces to improve ++available bandwidth. As of 18.7.0 this options should be considered somewhat experimental. ++ ++Usage: ++-oUseMPTCP=[Yes|No] will enable MPTCP. The default is no. ++ +LibreSSL Support: +Changes in LibreSSL version 3.5 and 3.6 prevent the use of the threaded AES CTR cipher. +In those cases HPNSSH will fallback to the serial version of the AES CTR cipher. A warning @@ -8525,9 +8598,9 @@ diff -Nur openssh-9.9p1.orig/HPN-README openssh-9.9p1/HPN-README + + +Edited: October 11, 2023 -diff -Nur openssh-9.9p1.orig/HPNSSHInstallation.txt openssh-9.9p1/HPNSSHInstallation.txt ---- openssh-9.9p1.orig/HPNSSHInstallation.txt 1970-01-01 01:00:00.000000000 +0100 -+++ openssh-9.9p1/HPNSSHInstallation.txt 2025-01-20 20:50:04.579813799 +0100 +diff -Nur openssh-10.0p1.orig/HPNSSHInstallation.txt openssh-10.0p1/HPNSSHInstallation.txt +--- openssh-10.0p1.orig/HPNSSHInstallation.txt 1970-01-01 01:00:00.000000000 +0100 ++++ openssh-10.0p1/HPNSSHInstallation.txt 2025-06-14 10:54:01.318659925 +0200 @@ -0,0 +1,354 @@ +HPN-SSH Installation + @@ -8883,9 +8956,9 @@ diff -Nur openssh-9.9p1.orig/HPNSSHInstallation.txt openssh-9.9p1/HPNSSHInstalla +restorecon /usr/bin/hpnssh-agent +restorecon /usr/bin/hpnssh-keygen +restorecon /etc/pam.d/hpnsshd -diff -Nur openssh-9.9p1.orig/kex.c openssh-9.9p1/kex.c ---- openssh-9.9p1.orig/kex.c 2025-01-20 20:48:33.420582166 +0100 -+++ openssh-9.9p1/kex.c 2025-01-20 20:50:04.579813799 +0100 +diff -Nur openssh-10.0p1.orig/kex.c openssh-10.0p1/kex.c +--- openssh-10.0p1.orig/kex.c 2025-06-14 10:53:01.833082539 +0200 ++++ openssh-10.0p1/kex.c 2025-06-14 10:54:01.319010460 +0200 @@ -67,6 +67,7 @@ #include "ssherr.h" @@ -9103,9 +9176,32 @@ diff -Nur openssh-9.9p1.orig/kex.c openssh-9.9p1/kex.c mismatch = 0; switch (remote_major) { -diff -Nur openssh-9.9p1.orig/mac.c openssh-9.9p1/mac.c ---- openssh-9.9p1.orig/mac.c 2025-01-20 20:48:33.394582100 +0100 -+++ openssh-9.9p1/mac.c 2025-01-20 20:50:04.580813802 +0100 +diff -Nur openssh-10.0p1.orig/log.c openssh-10.0p1/log.c +--- openssh-10.0p1.orig/log.c 2025-06-14 10:53:01.364646329 +0200 ++++ openssh-10.0p1/log.c 2025-06-14 10:54:01.319781160 +0200 +@@ -48,6 +48,10 @@ + #include + #include + #include ++#include "packet.h" /* needed for host and port look ups */ ++#ifdef HAVE_SYS_TIME_H ++# include /* to get current time */ ++#endif + #if defined(HAVE_STRNVIS) && defined(HAVE_VIS_H) && !defined(BROKEN_STRNVIS) + # include + #endif +@@ -67,6 +71,8 @@ + + extern char *__progname; + ++extern struct ssh *active_state; ++ + #define LOG_SYSLOG_VIS (VIS_CSTYLE|VIS_NL|VIS_TAB|VIS_OCTAL) + #define LOG_STDERR_VIS (VIS_SAFE|VIS_OCTAL) + +diff -Nur openssh-10.0p1.orig/mac.c openssh-10.0p1/mac.c +--- openssh-10.0p1.orig/mac.c 2025-06-14 10:53:01.717727014 +0200 ++++ openssh-10.0p1/mac.c 2025-06-14 10:54:01.320122336 +0200 @@ -63,6 +63,7 @@ { "hmac-sha2-512", SSH_DIGEST, SSH_DIGEST_SHA512, 0, 0, 0, 0 }, { "hmac-md5", SSH_DIGEST, SSH_DIGEST_MD5, 0, 0, 0, 0 }, @@ -9114,10 +9210,10 @@ diff -Nur openssh-9.9p1.orig/mac.c openssh-9.9p1/mac.c { "umac-64@openssh.com", SSH_UMAC, 0, 0, 128, 64, 0 }, { "umac-128@openssh.com", SSH_UMAC128, 0, 0, 128, 128, 0 }, -diff -Nur openssh-9.9p1.orig/Makefile.in openssh-9.9p1/Makefile.in ---- openssh-9.9p1.orig/Makefile.in 2025-01-20 20:48:33.449582239 +0100 -+++ openssh-9.9p1/Makefile.in 2025-01-20 21:02:30.432714955 +0100 -@@ -51,7 +51,7 @@ +diff -Nur openssh-10.0p1.orig/Makefile.in openssh-10.0p1/Makefile.in +--- openssh-10.0p1.orig/Makefile.in 2025-06-14 14:54:57.417594122 +0200 ++++ openssh-10.0p1/Makefile.in 2025-06-14 14:54:42.451734455 +0200 +@@ -53,7 +53,7 @@ CFLAGS_NOPIE=@CFLAGS_NOPIE@ CPPFLAGS=-I. -I$(srcdir) @CPPFLAGS@ $(PATHS) @DEFS@ PICFLAG=@PICFLAG@ @@ -9126,7 +9222,7 @@ diff -Nur openssh-9.9p1.orig/Makefile.in openssh-9.9p1/Makefile.in CHANNELLIBS=@CHANNELLIBS@ K5LIBS=@K5LIBS@ GSSLIBS=@GSSLIBS@ -@@ -99,7 +99,7 @@ +@@ -102,7 +102,7 @@ LIBSSH_OBJS=${LIBOPENSSH_OBJS} \ authfd.o authfile.o \ canohost.o channels.o cipher.o cipher-aes.o cipher-aesctr.o \ @@ -9135,7 +9231,7 @@ diff -Nur openssh-9.9p1.orig/Makefile.in openssh-9.9p1/Makefile.in compat.o fatal.o hostfile.o \ log.o match.o moduli.o nchan.o packet.o \ readpass.o ttymodes.o xmalloc.o addr.o addrmatch.o \ -@@ -109,6 +109,7 @@ +@@ -112,6 +112,7 @@ msg.o progressmeter.o dns.o entropy.o gss-genr.o umac.o umac128.o \ ssh-pkcs11.o ssh-pkcs11-uri.o smult_curve25519_ref.o \ poly1305.o chacha.o cipher-chachapoly.o cipher-chachapoly-libcrypto.o \ @@ -9143,7 +9239,7 @@ diff -Nur openssh-9.9p1.orig/Makefile.in openssh-9.9p1/Makefile.in ssh-ed25519.o digest-openssl.o digest-libc.o \ hmac.o ed25519.o hash.o \ kex.o kex-names.o kexdh.o kexgex.o kexecdh.o kexc25519.o \ -@@ -116,12 +117,13 @@ +@@ -119,12 +120,13 @@ kexsntrup761x25519.o kexmlkem768x25519.o sntrup761.o kexgen.o \ kexgssc.o \ sftp-realpath.o platform-pledge.o platform-tracing.o platform-misc.o \ @@ -9160,16 +9256,25 @@ diff -Nur openssh-9.9p1.orig/Makefile.in openssh-9.9p1/Makefile.in SSHDOBJS=sshd.o \ platform-listen.o \ @@ -143,7 +145,7 @@ + auth2-gss.o gss-serv.o gss-serv-krb5.o gss-serv-gsi.o \ + loginrec.o auth-pam.o auth-shadow.o auth-sia.o \ sftp-server.o sftp-common.o \ - sandbox-null.o sandbox-rlimit.o sandbox-systrace.o sandbox-darwin.o \ - sandbox-seccomp-filter.o sandbox-capsicum.o sandbox-pledge.o \ -- sandbox-solaris.o uidswap.o $(SKOBJS) -+ sandbox-solaris.o uidswap.o cipher-switch.o $(SKOBJS) +- uidswap.o platform-listen.o $(SKOBJS) ++ uidswap.o platform-listen.o cipher-switch.o $(SKOBJS) + + SSHD_AUTH_OBJS=sshd-auth.o \ + auth2-methods.o \ +@@ -158,7 +160,7 @@ + sandbox-null.o sandbox-rlimit.o sandbox-darwin.o \ + sandbox-seccomp-filter.o sandbox-capsicum.o sandbox-solaris.o \ + sftp-server.o sftp-common.o \ +- uidswap.o $(SKOBJS) ++ uidswap.o cipher-switch.o $(SKOBJS) SFTP_CLIENT_OBJS=sftp-common.o sftp-client.o sftp-glob.o -@@ -225,7 +227,7 @@ - $(LD) -o $@ $(SSHD_SESSION_OBJS) $(LDFLAGS) -lssh -lopenbsd-compat $(SSHDLIBS) $(LIBS) $(GSSLIBS) $(K5LIBS) $(CHANNELLIBS) +@@ -243,7 +245,7 @@ + $(LD) -o $@ $(SSHD_AUTH_OBJS) $(LDFLAGS) -lssh -lopenbsd-compat $(SSHDLIBS) $(LIBS) $(GSSLIBS) $(K5LIBS) $(CHANNELLIBS) $(LIBWTMPDB) scp$(EXEEXT): $(LIBCOMPAT) libssh.a $(SCP_OBJS) - $(LD) -o $@ $(SCP_OBJS) $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS) @@ -9177,10 +9282,10 @@ diff -Nur openssh-9.9p1.orig/Makefile.in openssh-9.9p1/Makefile.in ssh-add$(EXEEXT): $(LIBCOMPAT) libssh.a $(SSHADD_OBJS) $(LD) -o $@ $(SSHADD_OBJS) $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS) $(CHANNELLIBS) -diff -Nur openssh-9.9p1.orig/metrics.c openssh-9.9p1/metrics.c ---- openssh-9.9p1.orig/metrics.c 1970-01-01 01:00:00.000000000 +0100 -+++ openssh-9.9p1/metrics.c 2025-01-20 20:50:04.581813804 +0100 -@@ -0,0 +1,444 @@ +diff -Nur openssh-10.0p1.orig/metrics.c openssh-10.0p1/metrics.c +--- openssh-10.0p1.orig/metrics.c 1970-01-01 01:00:00.000000000 +0100 ++++ openssh-10.0p1/metrics.c 2025-06-14 10:54:01.321376410 +0200 +@@ -0,0 +1,439 @@ +/* + * Copyright (c) 2022 The Board of Trustees of Carnegie Mellon University. + * @@ -9203,13 +9308,8 @@ diff -Nur openssh-9.9p1.orig/metrics.c openssh-9.9p1/metrics.c +#include "ssherr.h" +#include +#include -+#if defined(__linux__) && !defined(__alpine__) -+#include -+#endif + -+#ifndef KERNEL_VERSION /* shouldn't be necessary to define this */ -+#define KERNEL_VERSION(a,b,c) (((a) <<16) + ((b) << 8) +(c)) -+#endif ++/* kernel version macro moved to defines.h */ + +/* add the information from the tcp_info struct to the + * serialized binary object @@ -9625,9 +9725,9 @@ diff -Nur openssh-9.9p1.orig/metrics.c openssh-9.9p1/metrics.c +#endif /* ifdef __linux__ */ + fprintf(fptr, "\n\n"); +} -diff -Nur openssh-9.9p1.orig/metrics.h openssh-9.9p1/metrics.h ---- openssh-9.9p1.orig/metrics.h 1970-01-01 01:00:00.000000000 +0100 -+++ openssh-9.9p1/metrics.h 2025-01-20 20:50:04.581813804 +0100 +diff -Nur openssh-10.0p1.orig/metrics.h openssh-10.0p1/metrics.h +--- openssh-10.0p1.orig/metrics.h 1970-01-01 01:00:00.000000000 +0100 ++++ openssh-10.0p1/metrics.h 2025-06-14 10:54:01.321618830 +0200 @@ -0,0 +1,45 @@ +/* + * Copyright (c) 2022 The Board of Trustees of Carnegie Mellon University. @@ -9674,9 +9774,9 @@ diff -Nur openssh-9.9p1.orig/metrics.h openssh-9.9p1/metrics.h + + +#endif /* define metrics_h */ -diff -Nur openssh-9.9p1.orig/misc.c openssh-9.9p1/misc.c ---- openssh-9.9p1.orig/misc.c 2025-01-20 20:48:33.449582239 +0100 -+++ openssh-9.9p1/misc.c 2025-01-20 20:50:04.582813807 +0100 +diff -Nur openssh-10.0p1.orig/misc.c openssh-10.0p1/misc.c +--- openssh-10.0p1.orig/misc.c 2025-06-14 10:53:02.019076801 +0200 ++++ openssh-10.0p1/misc.c 2025-06-14 10:54:01.321922850 +0200 @@ -77,6 +77,29 @@ #include "ssherr.h" #include "platform.h" @@ -9707,7 +9807,7 @@ diff -Nur openssh-9.9p1.orig/misc.c openssh-9.9p1/misc.c /* remove newline at end of string */ char * chop(char *s) -@@ -1649,20 +1672,6 @@ +@@ -1670,20 +1693,6 @@ return (v); } @@ -9728,7 +9828,7 @@ diff -Nur openssh-9.9p1.orig/misc.c openssh-9.9p1/misc.c u_int16_t get_u16(const void *vp) { -@@ -1702,17 +1711,6 @@ +@@ -1723,17 +1732,6 @@ } void @@ -9746,10 +9846,10 @@ diff -Nur openssh-9.9p1.orig/misc.c openssh-9.9p1/misc.c put_u16(void *vp, u_int16_t v) { u_char *p = (u_char *)vp; -diff -Nur openssh-9.9p1.orig/misc.h openssh-9.9p1/misc.h ---- openssh-9.9p1.orig/misc.h 2025-01-20 20:48:33.450582242 +0100 -+++ openssh-9.9p1/misc.h 2025-01-20 20:50:04.582813807 +0100 -@@ -166,12 +166,6 @@ +diff -Nur openssh-10.0p1.orig/misc.h openssh-10.0p1/misc.h +--- openssh-10.0p1.orig/misc.h 2025-06-14 10:53:02.019622613 +0200 ++++ openssh-10.0p1/misc.h 2025-06-14 10:54:01.322621684 +0200 +@@ -167,12 +167,6 @@ void put_u16(void *, u_int16_t) __attribute__((__bounded__( __minbytes__, 1, 2))); @@ -9762,7 +9862,7 @@ diff -Nur openssh-9.9p1.orig/misc.h openssh-9.9p1/misc.h struct bwlimit { size_t buflen; u_int64_t rate; /* desired rate in kbit/s */ -@@ -258,4 +252,16 @@ +@@ -259,4 +253,16 @@ /* On OpenBSD time_t is int64_t which is long long. */ /* #define SSH_TIME_T_MAX LLONG_MAX */ @@ -9779,22 +9879,20 @@ diff -Nur openssh-9.9p1.orig/misc.h openssh-9.9p1/misc.h +void read_mem_stats(struct statm_t *, int); + #endif /* _MISC_H */ -diff -Nur openssh-9.9p1.orig/myproposal.h openssh-9.9p1/myproposal.h ---- openssh-9.9p1.orig/myproposal.h 2025-01-20 20:48:33.407582133 +0100 -+++ openssh-9.9p1/myproposal.h 2025-01-20 20:50:04.583813809 +0100 -@@ -71,7 +71,8 @@ +diff -Nur openssh-10.0p1.orig/myproposal.h openssh-10.0p1/myproposal.h +--- openssh-10.0p1.orig/myproposal.h 2025-06-14 10:53:01.775906378 +0200 ++++ openssh-10.0p1/myproposal.h 2025-06-14 10:54:01.323105546 +0200 +@@ -71,6 +71,7 @@ "rsa-sha2-256" #define KEX_SERVER_ENCRYPT \ -- "chacha20-poly1305@openssh.com," \ + "chacha20-poly1305-mt@hpnssh.org," \ -+ "chacha20-poly1305@openssh.com," \ - "aes128-ctr,aes192-ctr,aes256-ctr," \ - "aes128-gcm@openssh.com,aes256-gcm@openssh.com" - -diff -Nur openssh-9.9p1.orig/num.c openssh-9.9p1/num.c ---- openssh-9.9p1.orig/num.c 1970-01-01 01:00:00.000000000 +0100 -+++ openssh-9.9p1/num.c 2025-01-20 20:50:04.583813809 +0100 + "chacha20-poly1305@openssh.com," \ + "aes128-gcm@openssh.com,aes256-gcm@openssh.com," \ + "aes128-ctr,aes192-ctr,aes256-ctr" +diff -Nur openssh-10.0p1.orig/num.c openssh-10.0p1/num.c +--- openssh-10.0p1.orig/num.c 1970-01-01 01:00:00.000000000 +0100 ++++ openssh-10.0p1/num.c 2025-06-14 10:54:01.323584938 +0200 @@ -0,0 +1,156 @@ +/* CC0 license applied, see LICENCE.md */ + @@ -9952,9 +10050,9 @@ diff -Nur openssh-9.9p1.orig/num.c openssh-9.9p1/num.c +implement_provnum(size_t, OSSL_PARAM_UNSIGNED_INTEGER) + +#endif /* WITH_OPENSSL3 */ -diff -Nur openssh-9.9p1.orig/num.h openssh-9.9p1/num.h ---- openssh-9.9p1.orig/num.h 1970-01-01 01:00:00.000000000 +0100 -+++ openssh-9.9p1/num.h 2025-01-20 20:50:04.584813812 +0100 +diff -Nur openssh-10.0p1.orig/num.h openssh-10.0p1/num.h +--- openssh-10.0p1.orig/num.h 1970-01-01 01:00:00.000000000 +0100 ++++ openssh-10.0p1/num.h 2025-06-14 10:54:01.323769040 +0200 @@ -0,0 +1,15 @@ +/* CC0 license applied, see LICENCE.md */ + @@ -9971,9 +10069,9 @@ diff -Nur openssh-9.9p1.orig/num.h openssh-9.9p1/num.h +#define PROVNUM_E_TOOBIG -2 +#define PROVNUM_E_UNSUPPORTED -3 +#endif /* WITH_OPENSSL3 */ -diff -Nur openssh-9.9p1.orig/ossl3-provider-err.c openssh-9.9p1/ossl3-provider-err.c ---- openssh-9.9p1.orig/ossl3-provider-err.c 1970-01-01 01:00:00.000000000 +0100 -+++ openssh-9.9p1/ossl3-provider-err.c 2025-01-20 20:50:04.584813812 +0100 +diff -Nur openssh-10.0p1.orig/ossl3-provider-err.c openssh-10.0p1/ossl3-provider-err.c +--- openssh-10.0p1.orig/ossl3-provider-err.c 1970-01-01 01:00:00.000000000 +0100 ++++ openssh-10.0p1/ossl3-provider-err.c 2025-06-14 10:54:01.323964806 +0200 @@ -0,0 +1,108 @@ +/* CC0 license applied, see LICENCE.md */ + @@ -10083,9 +10181,9 @@ diff -Nur openssh-9.9p1.orig/ossl3-provider-err.c openssh-9.9p1/ossl3-provider-e +} + +#endif /* WITH_OPENSSL3 */ -diff -Nur openssh-9.9p1.orig/ossl3-provider-err.h openssh-9.9p1/ossl3-provider-err.h ---- openssh-9.9p1.orig/ossl3-provider-err.h 1970-01-01 01:00:00.000000000 +0100 -+++ openssh-9.9p1/ossl3-provider-err.h 2025-01-20 20:50:04.584813812 +0100 +diff -Nur openssh-10.0p1.orig/ossl3-provider-err.h openssh-10.0p1/ossl3-provider-err.h +--- openssh-10.0p1.orig/ossl3-provider-err.h 1970-01-01 01:00:00.000000000 +0100 ++++ openssh-10.0p1/ossl3-provider-err.h 2025-06-14 10:54:01.324153727 +0200 @@ -0,0 +1,73 @@ +/* CC0 license applied, see LICENCE.md */ + @@ -10160,9 +10258,9 @@ diff -Nur openssh-9.9p1.orig/ossl3-provider-err.h openssh-9.9p1/ossl3-provider-e +void proverr_set_error(const struct proverr_functions_st *handle, + uint32_t reason, const char *fmt, ...); +#endif /* WITH_OPENSSL3 */ -diff -Nur openssh-9.9p1.orig/packet.c openssh-9.9p1/packet.c ---- openssh-9.9p1.orig/packet.c 2025-01-20 20:48:33.396582105 +0100 -+++ openssh-9.9p1/packet.c 2025-01-20 20:50:04.585813814 +0100 +diff -Nur openssh-10.0p1.orig/packet.c openssh-10.0p1/packet.c +--- openssh-10.0p1.orig/packet.c 2025-06-14 10:53:01.719334626 +0200 ++++ openssh-10.0p1/packet.c 2025-06-14 10:54:01.324483728 +0200 @@ -63,6 +63,9 @@ #endif #include @@ -10308,20 +10406,17 @@ diff -Nur openssh-9.9p1.orig/packet.c openssh-9.9p1/packet.c - *max_blocks = (u_int64_t)1 << (enc->block_size*2); - else - *max_blocks = ((u_int64_t)1 << 30) / enc->block_size; -- if (state->rekey_limit) -- *max_blocks = MINIMUM(*max_blocks, -- state->rekey_limit / enc->block_size); -- debug("rekey %s after %llu blocks", dir, -- (unsigned long long)*max_blocks); + + /* get the maximum number of blocks the cipher can + * handle safely */ + *max_blocks = cipher_rekey_blocks(enc->cipher); + + /* if we have a custom oRekeyLimit use that. */ -+ if (state->rekey_limit) -+ *max_blocks = MINIMUM(*max_blocks, -+ state->rekey_limit / enc->block_size); + if (state->rekey_limit) + *max_blocks = MINIMUM(*max_blocks, + state->rekey_limit / enc->block_size); +- debug("rekey %s after %llu blocks", dir, +- (unsigned long long)*max_blocks); + + /* these lines support the debug */ + strlcpy(blocks_s, "?", sizeof(blocks_s)); @@ -10370,17 +10465,6 @@ diff -Nur openssh-9.9p1.orig/packet.c openssh-9.9p1/packet.c /* Time-based rekeying */ if (state->rekey_interval != 0 && (int64_t)state->rekey_time + state->rekey_interval <= monotime()) -@@ -1293,8 +1373,8 @@ - sshbuf_len(state->outgoing_packet) + authlen, &cp)) != 0) - goto out; - if ((r = cipher_crypt(state->send_context, state->p_send.seqnr, cp, -- sshbuf_ptr(state->outgoing_packet), -- len - aadlen, aadlen, authlen)) != 0) -+ sshbuf_ptr(state->outgoing_packet), len - aadlen, aadlen, authlen)) -+ != 0) - goto out; - /* append unencrypted MAC */ - if (mac && mac->enabled) { @@ -1445,7 +1525,7 @@ struct session_state *state = ssh->state; int len, r, ms_remain = 0; @@ -10449,7 +10533,7 @@ diff -Nur openssh-9.9p1.orig/packet.c openssh-9.9p1/packet.c } /* Remove MAC from input buffer */ DBG(debug("MAC #%d ok", state->p_read.seqnr)); -@@ -1930,7 +2010,7 @@ +@@ -1938,7 +2018,7 @@ int r; size_t rlen; @@ -10458,7 +10542,7 @@ diff -Nur openssh-9.9p1.orig/packet.c openssh-9.9p1/packet.c return r; if (state->packet_discard) { -@@ -2009,17 +2089,21 @@ +@@ -2017,17 +2097,21 @@ switch (r) { case SSH_ERR_CONN_CLOSED: ssh_packet_clear_keys(ssh); @@ -10480,7 +10564,7 @@ diff -Nur openssh-9.9p1.orig/packet.c openssh-9.9p1/packet.c logdie("Connection reset by %s", remote_id); } /* FALLTHROUGH */ -@@ -2061,6 +2145,24 @@ +@@ -2069,6 +2153,24 @@ logdie_f("should have exited"); } @@ -10505,7 +10589,7 @@ diff -Nur openssh-9.9p1.orig/packet.c openssh-9.9p1/packet.c /* * Logs the error plus constructs and sends a disconnect packet, closes the * connection, and exits. This function never returns. The error message -@@ -2315,10 +2417,19 @@ +@@ -2323,10 +2425,19 @@ ssh->kex->server = 1; /* XXX unify? */ } @@ -10525,7 +10609,7 @@ diff -Nur openssh-9.9p1.orig/packet.c openssh-9.9p1/packet.c } void * -@@ -2941,3 +3052,17 @@ +@@ -2949,3 +3060,17 @@ ssh->state->extra_pad = pad; return 0; } @@ -10543,9 +10627,9 @@ diff -Nur openssh-9.9p1.orig/packet.c openssh-9.9p1/packet.c +{ + return ssh->state->receive_context; +} -diff -Nur openssh-9.9p1.orig/packet.h openssh-9.9p1/packet.h ---- openssh-9.9p1.orig/packet.h 2025-01-20 20:48:33.397582108 +0100 -+++ openssh-9.9p1/packet.h 2025-01-20 20:50:04.585813814 +0100 +diff -Nur openssh-10.0p1.orig/packet.h openssh-10.0p1/packet.h +--- openssh-10.0p1.orig/packet.h 2025-06-14 10:53:01.719644792 +0200 ++++ openssh-10.0p1/packet.h 2025-06-14 10:54:01.325502017 +0200 @@ -88,6 +88,17 @@ /* APP data */ @@ -10587,9 +10671,9 @@ diff -Nur openssh-9.9p1.orig/packet.h openssh-9.9p1/packet.h /* new API */ int sshpkt_start(struct ssh *ssh, u_char type); -diff -Nur openssh-9.9p1.orig/poly1305.c openssh-9.9p1/poly1305.c ---- openssh-9.9p1.orig/poly1305.c 2024-09-20 00:20:48.000000000 +0200 -+++ openssh-9.9p1/poly1305.c 2025-01-20 20:50:04.586813817 +0100 +diff -Nur openssh-10.0p1.orig/poly1305.c openssh-10.0p1/poly1305.c +--- openssh-10.0p1.orig/poly1305.c 2025-04-09 09:02:43.000000000 +0200 ++++ openssh-10.0p1/poly1305.c 2025-06-14 10:54:01.325842914 +0200 @@ -13,6 +13,16 @@ #include "poly1305.h" @@ -10621,9 +10705,9 @@ diff -Nur openssh-9.9p1.orig/poly1305.c openssh-9.9p1/poly1305.c U32TO8_LE(&out[12], f3); } +#endif /* OPENSSL_HAVE_POLY_EVP */ -diff -Nur openssh-9.9p1.orig/poly1305.h openssh-9.9p1/poly1305.h ---- openssh-9.9p1.orig/poly1305.h 2024-09-20 00:20:48.000000000 +0200 -+++ openssh-9.9p1/poly1305.h 2025-01-20 20:50:04.586813817 +0100 +diff -Nur openssh-10.0p1.orig/poly1305.h openssh-10.0p1/poly1305.h +--- openssh-10.0p1.orig/poly1305.h 2025-04-09 09:02:43.000000000 +0200 ++++ openssh-10.0p1/poly1305.h 2025-06-14 10:54:01.326132826 +0200 @@ -13,8 +13,15 @@ #define POLY1305_KEYLEN 32 #define POLY1305_TAGLEN 16 @@ -10641,10 +10725,10 @@ diff -Nur openssh-9.9p1.orig/poly1305.h openssh-9.9p1/poly1305.h __attribute__((__bounded__(__minbytes__, 1, POLY1305_TAGLEN))) __attribute__((__bounded__(__buffer__, 2, 3))) __attribute__((__bounded__(__minbytes__, 4, POLY1305_KEYLEN))); -diff -Nur openssh-9.9p1.orig/progressmeter.c openssh-9.9p1/progressmeter.c ---- openssh-9.9p1.orig/progressmeter.c 2024-09-20 00:20:48.000000000 +0200 -+++ openssh-9.9p1/progressmeter.c 2025-01-20 20:50:04.586813817 +0100 -@@ -66,6 +66,8 @@ +diff -Nur openssh-10.0p1.orig/progressmeter.c openssh-10.0p1/progressmeter.c +--- openssh-10.0p1.orig/progressmeter.c 2025-04-09 09:02:43.000000000 +0200 ++++ openssh-10.0p1/progressmeter.c 2025-06-14 10:54:01.326416661 +0200 +@@ -65,6 +65,8 @@ static off_t start_pos; /* initial position of transfer */ static off_t end_pos; /* ending position of transfer */ static off_t cur_pos; /* transfer position as of last refresh */ @@ -10653,7 +10737,7 @@ diff -Nur openssh-9.9p1.orig/progressmeter.c openssh-9.9p1/progressmeter.c static volatile off_t *counter; /* progress counter */ static long stalled; /* how long we have been stalled */ static int bytes_per_second; /* current speed in bytes per second */ -@@ -132,6 +134,7 @@ +@@ -131,6 +133,7 @@ int cur_speed; int hours, minutes, seconds; int file_len, cols; @@ -10661,7 +10745,7 @@ diff -Nur openssh-9.9p1.orig/progressmeter.c openssh-9.9p1/progressmeter.c if ((!force_update && !alarm_fired && !win_resized) || !can_output()) return; -@@ -147,6 +150,10 @@ +@@ -146,6 +149,10 @@ now = monotime_double(); bytes_left = end_pos - cur_pos; @@ -10672,7 +10756,7 @@ diff -Nur openssh-9.9p1.orig/progressmeter.c openssh-9.9p1/progressmeter.c if (bytes_left > 0) elapsed = now - last_update; else { -@@ -176,7 +183,7 @@ +@@ -175,7 +182,7 @@ return; /* filename */ @@ -10681,7 +10765,7 @@ diff -Nur openssh-9.9p1.orig/progressmeter.c openssh-9.9p1/progressmeter.c if (file_len > 0) { asmprintf(&buf, INT_MAX, &cols, "%-*s", file_len, file); /* If we used fewer columns than expected then pad */ -@@ -193,6 +200,12 @@ +@@ -192,6 +199,12 @@ xextendf(&buf, NULL, " %3d%% %s %s/s ", percent, format_size(cur_pos), format_rate((off_t)bytes_per_second)); @@ -10694,7 +10778,7 @@ diff -Nur openssh-9.9p1.orig/progressmeter.c openssh-9.9p1/progressmeter.c /* ETA */ if (!transferred) stalled += elapsed; -@@ -235,6 +248,7 @@ +@@ -234,6 +247,7 @@ } free(buf); free(obuf); @@ -10702,35 +10786,36 @@ diff -Nur openssh-9.9p1.orig/progressmeter.c openssh-9.9p1/progressmeter.c } static void -diff -Nur openssh-9.9p1.orig/readconf.c openssh-9.9p1/readconf.c ---- openssh-9.9p1.orig/readconf.c 2025-01-20 20:48:33.452582247 +0100 -+++ openssh-9.9p1/readconf.c 2025-01-20 21:03:08.963813150 +0100 -@@ -72,6 +72,7 @@ +diff -Nur openssh-10.0p1.orig/readconf.c openssh-10.0p1/readconf.c +--- openssh-10.0p1.orig/readconf.c 2025-06-14 10:53:02.021809909 +0200 ++++ openssh-10.0p1/readconf.c 2025-06-14 10:54:01.327045863 +0200 +@@ -71,6 +71,7 @@ + #include "uidswap.h" #include "myproposal.h" #include "digest.h" - #include "ssh-gss.h" +#include "sshbuf.h" + #include "version.h" + #include "ssh-gss.h" - /* Format of the configuration file: - -@@ -173,6 +174,10 @@ +@@ -174,6 +175,10 @@ oHashKnownHosts, oTunnel, oTunnelDevice, oLocalCommand, oPermitLocalCommand, oRemoteCommand, + oTcpRcvBufPoll, oHPNDisabled, + oNoneEnabled, oNoneMacEnabled, oNoneSwitch, -+ oDisableMTAES, ++ oDisableMTAES, oUseMPTCP, + oMetrics, oMetricsPath, oMetricsInterval, oFallback, oFallbackPort, oVisualHostKey, oKexAlgorithms, oIPQoS, oRequestTTY, oSessionType, oStdinNull, oForkAfterAuthentication, oIgnoreUnknown, oProxyUseFdpass, -@@ -319,6 +324,15 @@ +@@ -321,6 +326,16 @@ { "kexalgorithms", oKexAlgorithms }, { "ipqos", oIPQoS }, { "requesttty", oRequestTTY }, + { "noneenabled", oNoneEnabled }, + { "nonemacenabled", oNoneMacEnabled }, + { "noneswitch", oNoneSwitch }, ++ { "usemptcp", oUseMPTCP}, + { "disablemtaes", oDisableMTAES }, + { "metrics", oMetrics }, + { "metricspath", oMetricsPath }, @@ -10740,7 +10825,7 @@ diff -Nur openssh-9.9p1.orig/readconf.c openssh-9.9p1/readconf.c { "sessiontype", oSessionType }, { "stdinnull", oStdinNull }, { "forkafterauthentication", oForkAfterAuthentication }, -@@ -341,6 +355,8 @@ +@@ -343,6 +358,8 @@ { "proxyjump", oProxyJump }, { "securitykeyprovider", oSecurityKeyProvider }, { "knownhostscommand", oKnownHostsCommand }, @@ -10749,7 +10834,7 @@ diff -Nur openssh-9.9p1.orig/readconf.c openssh-9.9p1/readconf.c { "requiredrsasize", oRequiredRSASize }, { "rsaminsize", oRequiredRSASize }, /* alias */ { "enableescapecommandline", oEnableEscapeCommandline }, -@@ -539,7 +555,7 @@ +@@ -542,7 +559,7 @@ if (port == 0) { sp = getservbyname(SSH_SERVICE_NAME, "tcp"); @@ -10758,7 +10843,7 @@ diff -Nur openssh-9.9p1.orig/readconf.c openssh-9.9p1/readconf.c } return port; } -@@ -1317,6 +1333,63 @@ +@@ -1381,6 +1398,67 @@ intptr = &options->check_host_ip; goto parse_flag; @@ -10778,6 +10863,10 @@ diff -Nur openssh-9.9p1.orig/readconf.c openssh-9.9p1/readconf.c + intptr = &options->nonemac_enabled; + goto parse_flag; + ++ case oUseMPTCP: ++ intptr = &options->use_mptcp; ++ goto parse_flag; ++ + case oDisableMTAES: + intptr = &options->disable_multithreaded; + goto parse_flag; @@ -10822,13 +10911,14 @@ diff -Nur openssh-9.9p1.orig/readconf.c openssh-9.9p1/readconf.c case oVerifyHostKeyDNS: intptr = &options->verify_host_key_dns; multistate_ptr = multistate_yesnoask; -@@ -2712,6 +2785,17 @@ +@@ -2798,6 +2876,18 @@ options->ip_qos_interactive = -1; options->ip_qos_bulk = -1; options->request_tty = -1; + options->none_switch = -1; + options->none_enabled = -1; + options->nonemac_enabled = -1; ++ options->use_mptcp = -1; + options->disable_multithreaded = -1; + options->metrics = -1; + options->metrics_path = NULL; @@ -10840,7 +10930,7 @@ diff -Nur openssh-9.9p1.orig/readconf.c openssh-9.9p1/readconf.c options->session_type = -1; options->stdin_null = -1; options->fork_after_authentication = -1; -@@ -2895,8 +2979,37 @@ +@@ -2982,8 +3072,39 @@ options->server_alive_interval = 0; if (options->server_alive_count_max == -1) options->server_alive_count_max = 3; @@ -10863,6 +10953,8 @@ diff -Nur openssh-9.9p1.orig/readconf.c openssh-9.9p1/readconf.c + fprintf(stderr, "None MAC can only be used with the None cipher. None MAC disabled.\n"); + options->nonemac_enabled = 0; + } ++ if (options->use_mptcp == -1) ++ options->use_mptcp = 0; + if (options->disable_multithreaded == -1) + options->disable_multithreaded = 0; + if (options->metrics == -1) @@ -10878,23 +10970,49 @@ diff -Nur openssh-9.9p1.orig/readconf.c openssh-9.9p1/readconf.c if (options->control_persist == -1) { options->control_persist = 0; options->control_persist_timeout = 0; -diff -Nur openssh-9.9p1.orig/readconf.h openssh-9.9p1/readconf.h ---- openssh-9.9p1.orig/readconf.h 2025-01-20 20:48:33.452582247 +0100 -+++ openssh-9.9p1/readconf.h 2025-01-21 07:26:17.608445051 +0100 -@@ -56,6 +56,8 @@ - int strict_host_key_checking; /* Strict host key checking. */ - int compression; /* Compress packets in both directions. */ - int tcp_keep_alive; /* Set SO_KEEPALIVE. */ -+ int tcp_rcv_buf_poll; /* Option to poll recv buf every window transfer */ -+ int hpn_disabled; /* Switch to disable HPN buffer management */ - int ip_qos_interactive; /* IP ToS/DSCP/class for interactive */ - int ip_qos_bulk; /* IP ToS/DSCP/class for bulk traffic */ - SyslogFacility log_facility; /* Facility for system logging. */ -@@ -129,6 +131,17 @@ +@@ -3757,6 +3878,14 @@ + dump_cfg_fmtint(oVisualHostKey, o->visual_host_key); + dump_cfg_fmtint(oUpdateHostkeys, o->update_hostkeys); + dump_cfg_fmtint(oEnableEscapeCommandline, o->enable_escape_commandline); ++ dump_cfg_fmtint(oTcpRcvBufPoll, o->tcp_rcv_buf_poll); ++ dump_cfg_fmtint(oHPNDisabled, o->hpn_disabled); ++ dump_cfg_fmtint(oNoneSwitch, o->none_switch); ++ dump_cfg_fmtint(oNoneEnabled, o->none_enabled); ++ dump_cfg_fmtint(oNoneMacEnabled, o->nonemac_enabled); ++ dump_cfg_fmtint(oFallback, o->fallback); ++ dump_cfg_fmtint(oMetrics, o->metrics); ++ + + /* Integer options */ + dump_cfg_int(oCanonicalizeMaxDots, o->canonicalize_max_dots); +@@ -3768,6 +3897,8 @@ + dump_cfg_int(oRequiredRSASize, o->required_rsa_size); + dump_cfg_int(oObscureKeystrokeTiming, + o->obscure_keystroke_timing_interval); ++ dump_cfg_int(oMetricsInterval, o->metrics_interval); ++ dump_cfg_int(oFallbackPort, o->fallback_port); + + /* String options */ + dump_cfg_string(oBindAddress, o->bind_address); +@@ -3796,6 +3927,7 @@ + dump_cfg_string(oXAuthLocation, o->xauth_location); + dump_cfg_string(oKnownHostsCommand, o->known_hosts_command); + dump_cfg_string(oTag, o->tag); ++ dump_cfg_string(oMetricsPath, o->metrics_path); + dump_cfg_string(oVersionAddendum, o->version_addendum); + + /* Forwards */ +diff -Nur openssh-10.0p1.orig/readconf.h openssh-10.0p1/readconf.h +--- openssh-10.0p1.orig/readconf.h 2025-06-14 10:53:02.022395739 +0200 ++++ openssh-10.0p1/readconf.h 2025-06-14 10:54:01.328092159 +0200 +@@ -128,6 +128,21 @@ int enable_ssh_keysign; int64_t rekey_limit; int rekey_interval; + ++ /* hpnssh options */ ++ int tcp_rcv_buf_poll; /* Option to poll recv buf every window transfer */ ++ int hpn_disabled; /* Switch to disable HPN buffer management */ + int none_switch; /* Use none cipher */ + int none_enabled; /* Allow none to be used */ + int nonemac_enabled; /* Allow none to be used */ @@ -10904,26 +11022,29 @@ diff -Nur openssh-9.9p1.orig/readconf.h openssh-9.9p1/readconf.h + char *metrics_path; /* path for the metrics files */ + int fallback; /* en|disable fallback port (def: true) */ + int fallback_port; /* port to fallback to (def: 22) */ ++ int use_mptcp; + int no_host_authentication_for_localhost; int identities_only; int server_alive_interval; -diff -Nur openssh-9.9p1.orig/README.md openssh-9.9p1/README.md ---- openssh-9.9p1.orig/README.md 2024-09-20 00:20:48.000000000 +0200 -+++ openssh-9.9p1/README.md 2025-01-20 20:50:04.588813822 +0100 -@@ -1,12 +1,16 @@ +diff -Nur openssh-10.0p1.orig/README.md openssh-10.0p1/README.md +--- openssh-10.0p1.orig/README.md 2025-04-09 09:02:43.000000000 +0200 ++++ openssh-10.0p1/README.md 2025-06-14 10:54:01.328596415 +0200 +@@ -1,16 +1,22 @@ -# Portable OpenSSH +# HPNSSH: Based on Portable OpenSSH -[![C/C++ CI](https://github.com/openssh/openssh-portable/actions/workflows/c-cpp.yml/badge.svg)](https://github.com/openssh/openssh-portable/actions/workflows/c-cpp.yml) -[![Fuzzing Status](https://oss-fuzz-build-logs.storage.googleapis.com/badges/openssh.svg)](https://bugs.chromium.org/p/oss-fuzz/issues/list?sort=-opened&can=1&q=proj:openssh) -[![Coverity Status](https://scan.coverity.com/projects/21341/badge.svg)](https://scan.coverity.com/projects/openssh-portable) -+Starting with version HPN17v0 there will be significant changes to the naming convention used for executables and installation locations. The last version that does not include these changes is HPN16v1 corresponding to the HPN-8_8_P1 tag on the master branch. ++HPN-SSH is a high performance soft fork of OpenSSH that can provide significnatly faster throughput for bulk data transfers over a wide range of network paths. In some situations we've seen throughput rates more than 100 times faster than OpenSSH. HPN-SSH is able to do this by optimizing the application layer receive buffer to match the TCP receive buffer. Notably, to see performance improvements HPN-SSH only needs to be the data receiver so users can see notable improvements with many other SSH implementations. HPN-SSH also incorporate two parallelized ciphers, AES-CTR and Chacha20 (the default). When using these ciphers a throughput performance increase of 30% is typical. More information on how we do this work and other features of HPN-SSH is available from [https://hpnssh.org](https://hpnssh.org). -OpenSSH is a complete implementation of the SSH protocol (version 2) for secure remote login, command execution and file transfer. It includes a client ``ssh`` and server ``sshd``, file transfer utilities ``scp`` and ``sftp`` as well as tools for key generation (``ssh-keygen``), run-time key storage (``ssh-agent``) and a number of supporting programs. -+HPNSSH is a variant of OpenSSH. It a complete implementation of the SSH protocol (version 2) for secure remote login, command execution and file transfer. It includes a client ``hpnssh`` and server ``hpnsshd``, file transfer utilities ``hpnscp`` and ``hpnsftp`` as well as tools for key generation (``hpnssh-keygen``), run-time key storage (``hpnssh-agent``) and a number of supporting programs. It includes numerous performance and functionality enhancements focused on high performance networks and computing envrironments. Complete information can be found in the HPN-README file. ++Starting with version HPN17v0 there will be significant changes to the naming convention used for executables and installation locations. The last version that does not include these changes is HPN16v1 corresponding to the HPN-8_8_P1 tag on the master branch. -This is a port of OpenBSD's [OpenSSH](https://openssh.com) to most Unix-like operating systems, including Linux, OS X and Cygwin. Portable OpenSSH polyfills OpenBSD APIs that are not available elsewhere, adds sshd sandboxing for more operating systems and includes support for OS-native authentication and auditing (e.g. using PAM). ++HPNSSH is a variant of OpenSSH. It a complete implementation of the SSH protocol (version 2) for secure remote login, command execution and file transfer. It includes a client ``hpnssh`` and server ``hpnsshd``, file transfer utilities ``hpnscp`` and ``hpnsftp`` as well as tools for key generation (``hpnssh-keygen``), run-time key storage (``hpnssh-agent``) and a number of supporting programs. It includes numerous performance and functionality enhancements focused on high performance networks and computing envrironments. Complete information can be found in the HPN-README file. ++ +It is fully compatible with all compliant implementations of the SSH protocol and OpenSSH in particular. + +This version of HPNSSH is significant departure in terms of naming executables and installation locations. Specifically, all executables are now prefixed with ``hpn``. So ``ssh`` becomes ``hpnssh`` and ``scp`` is now ``hpnscp``. Configuation files and host keys can now be found in ``/etc/hpnssh``. By default ``hpnsshd`` now runs on port 2222 but this is configurable. This change was made in order to prevent installations of hpnssh, particularly from package distributions, from interfering with default installations of OpenSSH. HPNSSH is backwards compatible with all versions of OpenSSH including configuration files, keys, and run time options. Additionally, the client will, by default attempt to connect to port 2222 but will automatically fall back to port 22. This is also user configurable. @@ -10934,7 +11055,12 @@ diff -Nur openssh-9.9p1.orig/README.md openssh-9.9p1/README.md ## Documentation -@@ -21,15 +25,15 @@ +-The official documentation for OpenSSH are the man pages for each tool: ++The official documentation for OpenSSH are the man pages for each tool. + + * [ssh(1)](https://man.openbsd.org/ssh.1) + * [sshd(8)](https://man.openbsd.org/sshd.8) +@@ -21,15 +27,15 @@ * [ssh-keyscan(8)](https://man.openbsd.org/ssh-keyscan.8) * [sftp-server(8)](https://man.openbsd.org/sftp-server.8) @@ -10954,8 +11080,8 @@ diff -Nur openssh-9.9p1.orig/README.md openssh-9.9p1/README.md ``libcrypto`` from either [LibreSSL](https://www.libressl.org/) or [OpenSSL](https://www.openssl.org) may also be used. OpenSSH may be built without either of these, but the resulting binaries will have only a subset of the cryptographic algorithms normally available. -@@ -44,8 +48,9 @@ - Releases include a pre-built copy of the ``configure`` script and may be built using: +@@ -44,8 +50,9 @@ + Release tarballs and release branches in git include a pre-built copy of the ``configure`` script and may be built using: ``` -tar zxvf openssh-X.YpZ.tar.gz @@ -10966,8 +11092,8 @@ diff -Nur openssh-9.9p1.orig/README.md openssh-9.9p1/README.md ./configure # [options] make && make tests ``` -@@ -57,9 +62,9 @@ - If building from git, you'll need [autoconf](https://www.gnu.org/software/autoconf/) installed to build the ``configure`` script. The following commands will check out and build portable OpenSSH from git: +@@ -57,9 +64,9 @@ + If building from the git master branch, you'll need [autoconf](https://www.gnu.org/software/autoconf/) installed to build the ``configure`` script. The following commands will check out and build portable OpenSSH from git: ``` -git clone https://github.com/openssh/openssh-portable # or https://anongit.mindrot.org/openssh.git @@ -10979,7 +11105,7 @@ diff -Nur openssh-9.9p1.orig/README.md openssh-9.9p1/README.md ./configure make && make tests ``` -@@ -76,6 +81,7 @@ +@@ -76,6 +83,7 @@ ``--with-libedit`` | Enable [libedit](https://www.thrysoee.dk/editline/) support for sftp. ``--with-kerberos5`` | Enable Kerberos/GSSAPI support. Both [Heimdal](https://www.h5l.org/) and [MIT](https://web.mit.edu/kerberos/) Kerberos implementations are supported. ``--with-selinux`` | Enable [SELinux](https://en.wikipedia.org/wiki/Security-Enhanced_Linux) support. @@ -10987,9 +11113,14 @@ diff -Nur openssh-9.9p1.orig/README.md openssh-9.9p1/README.md ## Development -diff -Nur openssh-9.9p1.orig/sandbox-seccomp-filter.c openssh-9.9p1/sandbox-seccomp-filter.c ---- openssh-9.9p1.orig/sandbox-seccomp-filter.c 2025-01-20 20:48:33.408582135 +0100 -+++ openssh-9.9p1/sandbox-seccomp-filter.c 2025-01-20 20:50:04.589813825 +0100 +@@ -84,3 +92,4 @@ + ## Reporting bugs + + _Non-security_ bugs may be reported to the developers via [Bugzilla](https://bugzilla.mindrot.org/) or via the mailing list above. Security bugs should be reported to [openssh@openssh.com](mailto:openssh.openssh.com). ++ +diff -Nur openssh-10.0p1.orig/sandbox-seccomp-filter.c openssh-10.0p1/sandbox-seccomp-filter.c +--- openssh-10.0p1.orig/sandbox-seccomp-filter.c 2025-06-14 10:53:01.776677219 +0200 ++++ openssh-10.0p1/sandbox-seccomp-filter.c 2025-06-14 10:54:01.328916358 +0200 @@ -295,6 +295,9 @@ #ifdef __NR_geteuid32 SC_ALLOW(__NR_geteuid32), @@ -11010,9 +11141,9 @@ diff -Nur openssh-9.9p1.orig/sandbox-seccomp-filter.c openssh-9.9p1/sandbox-secc #ifdef __NR_time SC_ALLOW(__NR_time), #endif -diff -Nur openssh-9.9p1.orig/scp.1 openssh-9.9p1/scp.1 ---- openssh-9.9p1.orig/scp.1 2025-01-20 20:48:33.380582065 +0100 -+++ openssh-9.9p1/scp.1 2025-01-20 22:18:33.595608452 +0100 +diff -Nur openssh-10.0p1.orig/scp.1 openssh-10.0p1/scp.1 +--- openssh-10.0p1.orig/scp.1 2025-06-14 10:53:01.646933368 +0200 ++++ openssh-10.0p1/scp.1 2025-06-14 10:54:01.329403433 +0200 @@ -18,7 +18,7 @@ .Nd OpenSSH secure file copy .Sh SYNOPSIS @@ -11022,17 +11153,35 @@ diff -Nur openssh-9.9p1.orig/scp.1 openssh-9.9p1/scp.1 .Op Fl c Ar cipher .Op Fl D Ar sftp_server_path .Op Fl F Ar ssh_config -@@ -252,6 +252,9 @@ +@@ -33,6 +33,8 @@ + .Sh DESCRIPTION + .Nm + copies files between hosts on a network. ++It is binary compatible with OpenSSH's scp including ++the use of the same directives and configuration options except where noted. + .Pp + .Nm + uses the SFTP protocol over a +@@ -257,6 +259,7 @@ + .It Tunnel + .It TunnelDevice + .It UpdateHostKeys ++.It UseMPTCP + .It User + .It UserKnownHostsFile + .It VerifyHostKeyDNS +@@ -291,6 +294,10 @@ Note that .Nm follows symbolic links encountered in the tree traversal. +.It Fl Z +Resume failed or interrupted transfer. Identical files will be skipped. Remote must have resume option. -+HPN-SSH only option. ++.Nm ++only option. .It Fl S Ar program Name of .Ar program -@@ -259,6 +262,13 @@ +@@ -298,6 +305,14 @@ The program must understand .Xr ssh 1 options. @@ -11040,13 +11189,14 @@ diff -Nur openssh-9.9p1.orig/scp.1 openssh-9.9p1/scp.1 +Path to hpnscp on remote system. Useful if remote has multiple scp installs. +For example, using the resume option but the default remote scp does not have the resume option. +Use -z to point the version that does - e.g. -z /opt/hpnssh/bin/hpnscp. -+HPN-SSH only option. ++.Nm ++only option. +.It Fl s +Use the SFTP protocol for transfers rather than the original scp protocol. .It Fl T Disable strict filename checking. By default when copying files from a remote host to a local directory -@@ -285,10 +295,13 @@ +@@ -324,10 +339,13 @@ .It Cm nrequests Ns = Ns Ar value Controls how many concurrent SFTP read or write requests may be in progress at any point in time during a download or upload. @@ -11061,7 +11211,7 @@ diff -Nur openssh-9.9p1.orig/scp.1 openssh-9.9p1/scp.1 By default a 32KB buffer is used. .El .El -@@ -322,6 +335,7 @@ +@@ -361,6 +379,7 @@ .Sh AUTHORS .An Timo Rinne Aq Mt tri@iki.fi .An Tatu Ylonen Aq Mt ylo@cs.hut.fi @@ -11069,9 +11219,9 @@ diff -Nur openssh-9.9p1.orig/scp.1 openssh-9.9p1/scp.1 .Sh CAVEATS The legacy SCP protocol (selected by the .Fl O -diff -Nur openssh-9.9p1.orig/scp.c openssh-9.9p1/scp.c ---- openssh-9.9p1.orig/scp.c 2025-01-20 20:48:33.382582070 +0100 -+++ openssh-9.9p1/scp.c 2025-01-21 07:44:00.216159475 +0100 +diff -Nur openssh-10.0p1.orig/scp.c openssh-10.0p1/scp.c +--- openssh-10.0p1.orig/scp.c 2025-06-14 10:53:01.663335155 +0200 ++++ openssh-10.0p1/scp.c 2025-06-14 12:35:32.946245567 +0200 @@ -17,6 +17,7 @@ /* * Copyright (c) 1999 Theo de Raadt. All rights reserved. @@ -11160,7 +11310,7 @@ diff -Nur openssh-9.9p1.orig/scp.c openssh-9.9p1/scp.c /* Copy argv, because we modify it */ argv0 = argv[0]; newargv = xcalloc(MAXIMUM(argc + 1, 1), sizeof(*newargv)); -@@ -508,7 +542,7 @@ +@@ -509,7 +543,7 @@ fflag = Tflag = tflag = 0; while ((ch = getopt(argc, argv, @@ -11169,7 +11319,7 @@ diff -Nur openssh-9.9p1.orig/scp.c openssh-9.9p1/scp.c switch (ch) { /* User-visible flags. */ case '1': -@@ -589,24 +623,36 @@ +@@ -590,24 +624,36 @@ addargs(&remote_remote_args, "-q"); showprogress = 0; break; @@ -11193,8 +11343,9 @@ diff -Nur openssh-9.9p1.orig/scp.c openssh-9.9p1/scp.c } if (r == -1) { - fatal("Invalid buffer size \"%s\": %s", -+ fatal("Invalid buffer size. Must be between 1B and 255KB. \"%s\": %s", - optarg + 7, strerror(errno)); +- optarg + 7, strerror(errno)); ++ fatal("Invalid buffer size. Must be between 1B and 255KB." ++ "\"%s\": %s", optarg + 7, strerror(errno)); } sftp_copy_buflen = (size_t)llv; } else if (strncmp(optarg, "nrequests=", 10) == 0) { @@ -11210,30 +11361,32 @@ diff -Nur openssh-9.9p1.orig/scp.c openssh-9.9p1/scp.c "\"%s\": %s", optarg + 10, errstr); } sftp_nrequests = (size_t)llv; -@@ -694,11 +740,20 @@ +@@ -695,11 +741,20 @@ remin = remout = -1; do_cmd_pid = -1; /* Command to be executed on remote system using "ssh". */ - (void) snprintf(cmd, sizeof cmd, "scp%s%s%s%s", +- verbose_mode ? " -v" : "", +- iamrecursive ? " -r" : "", pflag ? " -p" : "", +- targetshouldbedirectory ? " -d" : ""); + /* In the event of an hpn to hpn connection the scp + * command is rewritten to hpnscp. This happens in + * clientloop.c -cjr 12/12/2022 */ -+ + + (void) snprintf(cmd, sizeof cmd, "%s%s%s%s%s%s", + remote_path ? remote_path : "scp", - verbose_mode ? " -v" : "", - iamrecursive ? " -r" : "", pflag ? " -p" : "", -- targetshouldbedirectory ? " -d" : ""); ++ verbose_mode ? " -v" : "", ++ iamrecursive ? " -r" : "", ++ pflag ? " -p" : "", + targetshouldbedirectory ? " -d" : "", + resume_flag ? " -Z" : ""); - +#ifdef DEBUG + fprintf(stderr, "%s: Sending cmd %s\n", hostname, cmd); +#endif (void) ssh_signal(SIGPIPE, lostconn); if (colon(argv[argc - 1])) /* Dest is remote host. */ -@@ -1323,6 +1378,74 @@ +@@ -1324,6 +1379,74 @@ free(src); } @@ -11308,7 +11461,7 @@ diff -Nur openssh-9.9p1.orig/scp.c openssh-9.9p1/scp.c /* Prepare remote path, handling ~ by assuming cwd is the homedir */ static char * prepare_remote_path(struct sftp_conn *conn, const char *path) -@@ -1406,14 +1529,23 @@ +@@ -1407,14 +1530,23 @@ struct stat stb; static BUF buffer; BUF *bp; @@ -11334,7 +11487,7 @@ diff -Nur openssh-9.9p1.orig/scp.c openssh-9.9p1/scp.c statbytes = 0; len = strlen(name); while (len > 1 && name[len-1] == '/') -@@ -1435,6 +1567,14 @@ +@@ -1436,6 +1568,14 @@ unset_nonblock(fd); switch (stb.st_mode & S_IFMT) { case S_IFREG: @@ -11349,7 +11502,7 @@ diff -Nur openssh-9.9p1.orig/scp.c openssh-9.9p1/scp.c break; case S_IFDIR: if (iamrecursive) { -@@ -1456,14 +1596,133 @@ +@@ -1457,14 +1597,133 @@ goto next; } #define FILEMODEMASK (S_ISUID|S_ISGID|S_IRWXU|S_IRWXG|S_IRWXO) @@ -11361,12 +11514,12 @@ diff -Nur openssh-9.9p1.orig/scp.c openssh-9.9p1/scp.c + /* Add a hash of the file along with the filemode if in resume */ + if (resume_flag) + snprintf(buf, sizeof buf, "C%04o %lld %s %s\n", -+ (u_int) (stb.st_mode & FILEMODEMASK), -+ (long long)stb.st_size, hashsum, last); ++ (u_int) (stb.st_mode & FILEMODEMASK), ++ (long long)stb.st_size, hashsum, last); + else + snprintf(buf, sizeof buf, "C%04o %lld %s\n", -+ (u_int) (stb.st_mode & FILEMODEMASK), -+ (long long)stb.st_size, last); ++ (u_int) (stb.st_mode & FILEMODEMASK), ++ (long long)stb.st_size, last); + +#ifdef DEBUG + fprintf(stderr, "%s: Sending file modes: %s", hostname, buf); @@ -11489,7 +11642,7 @@ diff -Nur openssh-9.9p1.orig/scp.c openssh-9.9p1/scp.c if ((bp = allocbuf(&buffer, fd, COPY_BUFLEN)) == NULL) { next: if (fd != -1) { (void) close(fd); -@@ -1471,13 +1730,17 @@ +@@ -1472,13 +1731,17 @@ } continue; } @@ -11511,7 +11664,7 @@ diff -Nur openssh-9.9p1.orig/scp.c openssh-9.9p1/scp.c if (!haderr) { if ((nr = atomicio(read, fd, bp->buf, amt)) != amt) { -@@ -1674,24 +1937,36 @@ +@@ -1675,24 +1938,35 @@ sink(int argc, char **argv, const char *src) { static BUF buffer; @@ -11539,19 +11692,18 @@ diff -Nur openssh-9.9p1.orig/scp.c openssh-9.9p1/scp.c + int bad_match_flag = 0; + np = NULL; /* this was originally '/0' but that's wrong */ + np_tmp = NULL; -+ #define atime tv[0] #define mtime tv[1] #define SCREWUP(str) { why = str; goto screwup; } +#ifdef DEBUG -+ fprintf (stderr, "%s: LOCAL In sink with %s\n", hostname, src); ++ fprintf (stderr, "%s: LOCAL In sink with %s\n", hostname, src); +#endif if (TYPE_OVERFLOW(time_t, 0) || TYPE_OVERFLOW(off_t, 0)) SCREWUP("Unexpected off_t/time_t size"); -@@ -1707,9 +1982,16 @@ +@@ -1708,9 +1982,16 @@ if (targetshouldbedirectory) verifydir(targ); @@ -11568,7 +11720,7 @@ diff -Nur openssh-9.9p1.orig/scp.c openssh-9.9p1/scp.c if (src != NULL && !iamrecursive && !Tflag) { /* * Prepare to try to restrict incoming filenames to match -@@ -1719,6 +2001,10 @@ +@@ -1720,6 +2001,10 @@ fatal_f("could not expand pattern"); } for (first = 1;; first = 0) { @@ -11579,7 +11731,7 @@ diff -Nur openssh-9.9p1.orig/scp.c openssh-9.9p1/scp.c cp = buf; if (atomicio(read, remin, cp, 1) != 1) goto done; -@@ -1746,6 +2032,9 @@ +@@ -1747,6 +2032,9 @@ continue; } if (buf[0] == 'E') { @@ -11589,7 +11741,7 @@ diff -Nur openssh-9.9p1.orig/scp.c openssh-9.9p1/scp.c (void) atomicio(vwrite, remout, "", 1); goto done; } -@@ -1753,6 +2042,9 @@ +@@ -1754,6 +2042,9 @@ *--cp = 0; cp = buf; @@ -11599,7 +11751,7 @@ diff -Nur openssh-9.9p1.orig/scp.c openssh-9.9p1/scp.c if (*cp == 'T') { setimes++; cp++; -@@ -1780,9 +2072,19 @@ +@@ -1781,9 +2072,19 @@ if (!cp || *cp++ != '\0' || atime.tv_usec < 0 || atime.tv_usec > 999999) SCREWUP("atime.usec not delimited"); @@ -11619,7 +11771,7 @@ diff -Nur openssh-9.9p1.orig/scp.c openssh-9.9p1/scp.c if (*cp != 'C' && *cp != 'D') { /* * Check for the case "rcp remote:foo\* local:bar". -@@ -1798,6 +2100,18 @@ +@@ -1799,6 +2100,18 @@ SCREWUP("expected control record"); } mode = 0; @@ -11638,7 +11790,7 @@ diff -Nur openssh-9.9p1.orig/scp.c openssh-9.9p1/scp.c for (++cp; cp < buf + 5; cp++) { if (*cp < '0' || *cp > '7') SCREWUP("bad mode"); -@@ -1808,6 +2122,10 @@ +@@ -1809,6 +2122,10 @@ if (*cp++ != ' ') SCREWUP("mode not delimited"); @@ -11649,7 +11801,7 @@ diff -Nur openssh-9.9p1.orig/scp.c openssh-9.9p1/scp.c if (!isdigit((unsigned char)*cp)) SCREWUP("size not present"); ull = strtoull(cp, &cp, 10); -@@ -1817,11 +2135,32 @@ +@@ -1818,11 +2135,32 @@ SCREWUP("size out of range"); size = (off_t)ull; @@ -11682,7 +11834,7 @@ diff -Nur openssh-9.9p1.orig/scp.c openssh-9.9p1/scp.c if (npatterns > 0) { for (n = 0; n < npatterns; n++) { if (strcmp(patterns[n], cp) == 0 || -@@ -1891,11 +2230,195 @@ +@@ -1892,11 +2230,195 @@ } omode = mode; mode |= S_IWUSR; @@ -11879,7 +12031,7 @@ diff -Nur openssh-9.9p1.orig/scp.c openssh-9.9p1/scp.c if ((bp = allocbuf(&buffer, ofd, COPY_BUFLEN)) == NULL) { (void) close(ofd); continue; -@@ -1910,13 +2433,17 @@ +@@ -1911,13 +2433,17 @@ */ statbytes = 0; if (showprogress) @@ -11901,7 +12053,7 @@ diff -Nur openssh-9.9p1.orig/scp.c openssh-9.9p1/scp.c do { j = atomicio6(read, remin, cp, amt, scpio, &statbytes); -@@ -1951,8 +2478,78 @@ +@@ -1952,8 +2478,78 @@ wrerr = 1; } if (!wrerr && (!exists || S_ISREG(stb.st_mode)) && @@ -11981,7 +12133,7 @@ diff -Nur openssh-9.9p1.orig/scp.c openssh-9.9p1/scp.c if (pflag) { if (exists || omode != mode) #ifdef HAVE_FCHMOD -@@ -1987,8 +2584,17 @@ +@@ -1988,8 +2584,17 @@ } } /* If no error was noted then signal success for this file */ @@ -12000,7 +12152,7 @@ diff -Nur openssh-9.9p1.orig/scp.c openssh-9.9p1/scp.c } done: for (n = 0; n < npatterns; n++) -@@ -2132,11 +2738,20 @@ +@@ -2133,11 +2738,20 @@ void usage(void) { @@ -12021,7 +12173,7 @@ diff -Nur openssh-9.9p1.orig/scp.c openssh-9.9p1/scp.c } void -@@ -2275,6 +2890,18 @@ +@@ -2276,6 +2890,18 @@ exit(1); } @@ -12040,10 +12192,10 @@ diff -Nur openssh-9.9p1.orig/scp.c openssh-9.9p1/scp.c void cleanup_exit(int i) { -diff -Nur openssh-9.9p1.orig/servconf.c openssh-9.9p1/servconf.c ---- openssh-9.9p1.orig/servconf.c 2025-01-20 20:48:33.453582249 +0100 -+++ openssh-9.9p1/servconf.c 2025-01-20 22:27:14.328008145 +0100 -@@ -215,6 +215,11 @@ +diff -Nur openssh-10.0p1.orig/servconf.c openssh-10.0p1/servconf.c +--- openssh-10.0p1.orig/servconf.c 2025-06-14 10:53:02.022835252 +0200 ++++ openssh-10.0p1/servconf.c 2025-06-14 12:36:43.529579310 +0200 +@@ -217,6 +217,12 @@ options->authorized_principals_file = NULL; options->authorized_principals_command = NULL; options->authorized_principals_command_user = NULL; @@ -12051,11 +12203,12 @@ diff -Nur openssh-9.9p1.orig/servconf.c openssh-9.9p1/servconf.c + options->hpn_disabled = -1; + options->none_enabled = -1; + options->nonemac_enabled = -1; ++ options->use_mptcp = -1; + options->disable_multithreaded = -1; options->ip_qos_interactive = -1; options->ip_qos_bulk = -1; options->version_addendum = NULL; -@@ -508,6 +513,18 @@ +@@ -511,6 +517,22 @@ } if (options->permit_tun == -1) options->permit_tun = SSH_TUNMODE_NO; @@ -12067,23 +12220,27 @@ diff -Nur openssh-9.9p1.orig/servconf.c openssh-9.9p1/servconf.c + debug ("Attempted to enabled None MAC without setting None Enabled to true. None MAC disabled."); + options->nonemac_enabled = 0; + } ++ if (options->tcp_rcv_buf_poll == -1) ++ options->tcp_rcv_buf_poll = 1; + if (options->disable_multithreaded == -1) + options->disable_multithreaded = 0; + if (options->hpn_disabled == -1) + options->hpn_disabled = 0; ++ if (options->use_mptcp == -1) ++ options->use_mptcp = 0; if (options->ip_qos_interactive == -1) options->ip_qos_interactive = IPTOS_DSCP_AF21; if (options->ip_qos_bulk == -1) -@@ -590,6 +607,8 @@ +@@ -595,6 +617,8 @@ sKerberosGetAFSToken, sKerberosUniqueCCache, sKerberosUseKuserok, sPasswordAuthentication, sKbdInteractiveAuthentication, sListenAddress, sAddressFamily, sPrintMotd, sPrintLastLog, sIgnoreRhosts, + sNoneEnabled, sNoneMacEnabled, sTcpRcvBufPoll, sHPNDisabled, -+ sDisableMTAES, ++ sDisableMTAES, sUseMPTCP, sX11Forwarding, sX11DisplayOffset, sX11MaxDisplays, sX11UseLocalhost, sPermitTTY, sStrictModes, sEmptyPasswd, sTCPKeepAlive, sPermitUserEnvironment, sAllowTcpForwarding, sCompression, -@@ -797,6 +816,11 @@ +@@ -804,6 +828,12 @@ { "revokedkeys", sRevokedKeys, SSHCFG_ALL }, { "trustedusercakeys", sTrustedUserCAKeys, SSHCFG_ALL }, { "authorizedprincipalsfile", sAuthorizedPrincipalsFile, SSHCFG_ALL }, @@ -12091,11 +12248,12 @@ diff -Nur openssh-9.9p1.orig/servconf.c openssh-9.9p1/servconf.c + { "tcprcvbufpoll", sTcpRcvBufPoll, SSHCFG_ALL }, + { "noneenabled", sNoneEnabled, SSHCFG_ALL }, + { "nonemacenabled", sNoneMacEnabled, SSHCFG_ALL }, ++ { "usemptcp", sUseMPTCP, SSHCFG_GLOBAL }, + { "disableMTAES", sDisableMTAES, SSHCFG_ALL }, { "kexalgorithms", sKexAlgorithms, SSHCFG_GLOBAL }, { "include", sInclude, SSHCFG_ALL }, { "ipqos", sIPQoS, SSHCFG_ALL }, -@@ -861,6 +885,7 @@ +@@ -869,6 +899,7 @@ for (i = 0; keywords[i].name; i++) if (strcasecmp(cp, keywords[i].name) == 0) { @@ -12103,7 +12261,7 @@ diff -Nur openssh-9.9p1.orig/servconf.c openssh-9.9p1/servconf.c *flags = keywords[i].flags; return keywords[i].opcode; } -@@ -1593,12 +1618,32 @@ +@@ -1640,6 +1671,30 @@ multistate_ptr = multistate_ignore_rhosts; goto parse_multistate; @@ -12115,12 +12273,6 @@ diff -Nur openssh-9.9p1.orig/servconf.c openssh-9.9p1/servconf.c + intptr = &options->hpn_disabled; + goto parse_flag; + - case sIgnoreUserKnownHosts: - intptr = &options->ignore_user_known_hosts; - parse_flag: - multistate_ptr = multistate_flag; - goto parse_multistate; - + case sNoneEnabled: + intptr = &options->none_enabled; + goto parse_flag; @@ -12133,28 +12285,45 @@ diff -Nur openssh-9.9p1.orig/servconf.c openssh-9.9p1/servconf.c + intptr = &options->disable_multithreaded; + goto parse_flag; + - case sHostbasedAuthentication: - intptr = &options->hostbased_authentication; - goto parse_flag; -diff -Nur openssh-9.9p1.orig/servconf.h openssh-9.9p1/servconf.h ---- openssh-9.9p1.orig/servconf.h 2025-01-20 20:48:33.453582249 +0100 -+++ openssh-9.9p1/servconf.h 2025-01-20 22:28:39.829229874 +0100 -@@ -226,6 +226,12 @@ ++ case sUseMPTCP: ++ intptr = &options->use_mptcp; ++ goto parse_flag; ++ + case sIgnoreUserKnownHosts: + intptr = &options->ignore_user_known_hosts; + parse_flag: +@@ -3434,6 +3489,11 @@ + dump_cfg_fmtint(sStreamLocalBindUnlink, o->fwd_opts.streamlocal_bind_unlink); + dump_cfg_fmtint(sFingerprintHash, o->fingerprint_hash); + dump_cfg_fmtint(sExposeAuthInfo, o->expose_userauth_info); ++ dump_cfg_fmtint(sHPNDisabled, o->hpn_disabled); ++ dump_cfg_fmtint(sTcpRcvBufPoll, o->tcp_rcv_buf_poll); ++ dump_cfg_fmtint(sNoneEnabled, o->none_enabled); ++ dump_cfg_fmtint(sNoneMacEnabled, o->nonemac_enabled); ++ dump_cfg_fmtint(sUseMPTCP, o->use_mptcp); + dump_cfg_fmtint(sRefuseConnection, o->refuse_connection); + + /* string arguments */ +diff -Nur openssh-10.0p1.orig/servconf.h openssh-10.0p1/servconf.h +--- openssh-10.0p1.orig/servconf.h 2025-06-14 10:53:02.023331755 +0200 ++++ openssh-10.0p1/servconf.h 2025-06-14 10:54:01.332534777 +0200 +@@ -227,6 +227,13 @@ char *pam_service_name; int permit_pam_user_change; /* Allow PAM to change user name */ ++ /* hpnssh options */ + int tcp_rcv_buf_poll; /* poll tcp rcv window in autotuning kernels*/ + int hpn_disabled; /* disable hpn functionality. false by default */ + int none_enabled; /* Enable NONE cipher switch */ + int nonemac_enabled; /* Enable NONE MAC switch */ -+ int disable_multithreaded; /* Disable multithreaded aes-ctr cipher */ -+ ++ int use_mptcp; /* Use MPTCP - Linux only */ ++ int disable_multithreaded; /* Disable multithreaded aes-ctr cipher */ int permit_tun; char **permitted_opens; /* May also be one of PERMITOPEN_* */ -diff -Nur openssh-9.9p1.orig/serverloop.c openssh-9.9p1/serverloop.c ---- openssh-9.9p1.orig/serverloop.c 2025-01-20 20:48:33.440582216 +0100 -+++ openssh-9.9p1/serverloop.c 2025-01-20 22:30:36.463532350 +0100 +diff -Nur openssh-10.0p1.orig/serverloop.c openssh-10.0p1/serverloop.c +--- openssh-10.0p1.orig/serverloop.c 2025-06-14 10:53:01.992010916 +0200 ++++ openssh-10.0p1/serverloop.c 2025-06-14 12:39:09.690199658 +0200 @@ -81,6 +81,8 @@ #include "serverloop.h" #include "ssherr.h" @@ -12276,9 +12445,9 @@ diff -Nur openssh-9.9p1.orig/serverloop.c openssh-9.9p1/serverloop.c } /* XXX sshpkt_get_end() */ if (want_reply) { -diff -Nur openssh-9.9p1.orig/session.c openssh-9.9p1/session.c ---- openssh-9.9p1.orig/session.c 2025-01-20 20:48:33.402582120 +0100 -+++ openssh-9.9p1/session.c 2025-01-20 20:50:04.595813840 +0100 +diff -Nur openssh-10.0p1.orig/session.c openssh-10.0p1/session.c +--- openssh-10.0p1.orig/session.c 2025-06-14 10:53:01.741334418 +0200 ++++ openssh-10.0p1/session.c 2025-06-14 10:54:01.333888095 +0200 @@ -94,6 +94,7 @@ #include "monitor_wrap.h" #include "sftp.h" @@ -12315,10 +12484,20 @@ diff -Nur openssh-9.9p1.orig/session.c openssh-9.9p1/session.c return 0; } -diff -Nur openssh-9.9p1.orig/sftp.1 openssh-9.9p1/sftp.1 ---- openssh-9.9p1.orig/sftp.1 2024-09-20 00:20:48.000000000 +0200 -+++ openssh-9.9p1/sftp.1 2025-01-20 20:50:04.595813840 +0100 -@@ -299,7 +299,8 @@ +diff -Nur openssh-10.0p1.orig/sftp.1 openssh-10.0p1/sftp.1 +--- openssh-10.0p1.orig/sftp.1 2025-04-09 09:02:43.000000000 +0200 ++++ openssh-10.0p1/sftp.1 2025-06-14 10:54:01.334573170 +0200 +@@ -55,6 +55,9 @@ + transport. + It may also use many features of ssh, such as public key authentication and + compression. ++.Nm ++is binary compatible with OpenSSH's sftp and uses the same directive and configuration ++options except where noted. + .Pp + The + .Ar destination +@@ -338,7 +341,8 @@ Specify how many requests may be outstanding at any one time. Increasing this may slightly improve file transfer speed but will increase memory usage. @@ -12328,7 +12507,7 @@ diff -Nur openssh-9.9p1.orig/sftp.1 openssh-9.9p1/sftp.1 .It Fl r Recursively copy entire directories when uploading and downloading. Note that -@@ -328,10 +329,13 @@ +@@ -367,10 +371,13 @@ .It Cm nrequests Ns = Ns Ar value Controls how many concurrent SFTP read or write requests may be in progress at any point in time during a download or upload. @@ -12343,10 +12522,10 @@ diff -Nur openssh-9.9p1.orig/sftp.1 openssh-9.9p1/sftp.1 By default a 32KB buffer is used. .El .El -diff -Nur openssh-9.9p1.orig/sftp.c openssh-9.9p1/sftp.c ---- openssh-9.9p1.orig/sftp.c 2025-01-20 20:48:33.383582072 +0100 -+++ openssh-9.9p1/sftp.c 2025-01-20 20:50:04.596813843 +0100 -@@ -2569,20 +2569,25 @@ +diff -Nur openssh-10.0p1.orig/sftp.c openssh-10.0p1/sftp.c +--- openssh-10.0p1.orig/sftp.c 2025-06-14 10:53:01.664429990 +0200 ++++ openssh-10.0p1/sftp.c 2025-06-14 10:54:01.335020156 +0200 +@@ -2570,20 +2570,25 @@ /* Please keep in sync with ssh.c -X */ if (strncmp(optarg, "buffer=", 7) == 0) { r = scan_scaled(optarg + 7, &llv); @@ -12377,9 +12556,9 @@ diff -Nur openssh-9.9p1.orig/sftp.c openssh-9.9p1/sftp.c "\"%s\": %s", optarg + 10, errstr); } num_requests = (size_t)llv; -diff -Nur openssh-9.9p1.orig/sftp-client.c openssh-9.9p1/sftp-client.c ---- openssh-9.9p1.orig/sftp-client.c 2025-01-20 20:48:33.382582070 +0100 -+++ openssh-9.9p1/sftp-client.c 2025-01-20 20:50:04.596813843 +0100 +diff -Nur openssh-10.0p1.orig/sftp-client.c openssh-10.0p1/sftp-client.c +--- openssh-10.0p1.orig/sftp-client.c 2025-06-14 10:53:01.663814268 +0200 ++++ openssh-10.0p1/sftp-client.c 2025-06-14 10:54:01.335625123 +0200 @@ -72,7 +72,8 @@ #define DEFAULT_COPY_BUFLEN 32768 @@ -12390,9 +12569,9 @@ diff -Nur openssh-9.9p1.orig/sftp-client.c openssh-9.9p1/sftp-client.c /* Minimum amount of data to read at a time */ #define MIN_READ_SIZE 512 -diff -Nur openssh-9.9p1.orig/ssh.1 openssh-9.9p1/ssh.1 ---- openssh-9.9p1.orig/ssh.1 2025-01-20 20:48:33.453582249 +0100 -+++ openssh-9.9p1/ssh.1 2025-01-20 21:06:00.112249282 +0100 +diff -Nur openssh-10.0p1.orig/ssh.1 openssh-10.0p1/ssh.1 +--- openssh-10.0p1.orig/ssh.1 2025-06-14 10:53:02.023904385 +0200 ++++ openssh-10.0p1/ssh.1 2025-06-14 11:29:03.370919913 +0200 @@ -77,6 +77,14 @@ X11 connections, arbitrary TCP ports and .Ux Ns -domain @@ -12408,7 +12587,7 @@ diff -Nur openssh-9.9p1.orig/ssh.1 openssh-9.9p1/ssh.1 .Pp .Nm connects and logs into the specified -@@ -526,11 +534,13 @@ +@@ -527,12 +535,14 @@ .It ControlMaster .It ControlPath .It ControlPersist @@ -12416,24 +12595,25 @@ diff -Nur openssh-9.9p1.orig/ssh.1 openssh-9.9p1/ssh.1 .It DynamicForward .It EnableSSHKeysign .It EnableEscapeCommandline + .It EnableSSHKeysign .It EscapeChar .It ExitOnForwardFailure +.It FallbackPort .It FingerprintHash .It ForkAfterAuthentication .It ForwardAgent -@@ -554,6 +564,7 @@ - .It HostKeyAlgorithms - .It HostKeyAlias +@@ -556,6 +566,7 @@ + .It HostbasedAcceptedAlgorithms + .It HostbasedAuthentication .It Hostname +.It HPNDisabled* + .It IPQoS .It IdentitiesOnly .It IdentityAgent - .It IdentityFile -@@ -570,7 +581,13 @@ +@@ -571,7 +582,13 @@ + .It LogLevel .It LogVerbose .It MACs - .It Match +.It Metrics +.It MetricsInterval +.It MetricsPath @@ -12442,17 +12622,20 @@ diff -Nur openssh-9.9p1.orig/ssh.1 openssh-9.9p1/ssh.1 +.It NoneEnabled* +.It NoneMacEnabled* .It NumberOfPasswordPrompts - .It PasswordAuthentication - .It PermitLocalCommand -@@ -601,6 +618,7 @@ + .It ObscureKeystrokeTiming + .It PKCS11Provider +@@ -605,15 +622,19 @@ .It StrictHostKeyChecking .It SyslogFacility .It TCPKeepAlive +.It TcpRcvBufPoll* + .It Tag .It Tunnel .It TunnelDevice .It UpdateHostKeys -@@ -609,6 +627,8 @@ ++.It UseMPTCP + .It User + .It UserKnownHostsFile .It VerifyHostKeyDNS .It VisualHostKey .It XAuthLocation @@ -12461,7 +12644,7 @@ diff -Nur openssh-9.9p1.orig/ssh.1 openssh-9.9p1/ssh.1 .El .Pp .It Fl P Ar tag -@@ -625,6 +645,13 @@ +@@ -630,6 +651,13 @@ Port to connect to on the remote host. This can be specified on a per-host basis in the configuration file. @@ -12475,7 +12658,7 @@ diff -Nur openssh-9.9p1.orig/ssh.1 openssh-9.9p1/ssh.1 .Pp .It Fl Q Ar query_option Queries for the algorithms supported by one of the following features: -@@ -1816,3 +1843,7 @@ +@@ -1821,3 +1849,7 @@ created OpenSSH. Markus Friedl contributed the support for SSH protocol versions 1.5 and 2.0. @@ -12483,9 +12666,9 @@ diff -Nur openssh-9.9p1.orig/ssh.1 openssh-9.9p1/ssh.1 +the HPN extensions at the Pittsburgh Supercomuting Center with grants +from Cisco, the National Library of Medicine, and the National Science +Foundation. -diff -Nur openssh-9.9p1.orig/ssh_api.c openssh-9.9p1/ssh_api.c ---- openssh-9.9p1.orig/ssh_api.c 2024-09-20 00:20:48.000000000 +0200 -+++ openssh-9.9p1/ssh_api.c 2025-01-20 20:50:04.598813848 +0100 +diff -Nur openssh-10.0p1.orig/ssh_api.c openssh-10.0p1/ssh_api.c +--- openssh-10.0p1.orig/ssh_api.c 2025-04-09 09:02:43.000000000 +0200 ++++ openssh-10.0p1/ssh_api.c 2025-06-14 10:54:01.337078874 +0200 @@ -427,7 +427,7 @@ char *cp; int r; @@ -12495,9 +12678,9 @@ diff -Nur openssh-9.9p1.orig/ssh_api.c openssh-9.9p1/ssh_api.c return r; if ((r = sshbuf_putb(ssh_packet_get_output(ssh), banner)) != 0) return r; -diff -Nur openssh-9.9p1.orig/sshbuf.c openssh-9.9p1/sshbuf.c ---- openssh-9.9p1.orig/sshbuf.c 2024-09-20 00:20:48.000000000 +0200 -+++ openssh-9.9p1/sshbuf.c 2025-01-20 20:50:04.598813848 +0100 +diff -Nur openssh-10.0p1.orig/sshbuf.c openssh-10.0p1/sshbuf.c +--- openssh-10.0p1.orig/sshbuf.c 2025-04-09 09:02:43.000000000 +0200 ++++ openssh-10.0p1/sshbuf.c 2025-06-14 10:54:01.337433040 +0200 @@ -27,6 +27,9 @@ #define SSHBUF_INTERNAL #include "sshbuf.h" @@ -12614,9 +12797,9 @@ diff -Nur openssh-9.9p1.orig/sshbuf.c openssh-9.9p1/sshbuf.c SSHBUF_DBG(("adjusted rlen %zu", rlen)); if ((dp = recallocarray(buf->d, buf->alloc, rlen, 1)) == NULL) { SSHBUF_DBG(("realloc fail")); -diff -Nur openssh-9.9p1.orig/sshbuf.h openssh-9.9p1/sshbuf.h ---- openssh-9.9p1.orig/sshbuf.h 2024-09-20 00:20:48.000000000 +0200 -+++ openssh-9.9p1/sshbuf.h 2025-01-20 20:50:04.598813848 +0100 +diff -Nur openssh-10.0p1.orig/sshbuf.h openssh-10.0p1/sshbuf.h +--- openssh-10.0p1.orig/sshbuf.h 2025-04-09 09:02:43.000000000 +0200 ++++ openssh-10.0p1/sshbuf.h 2025-06-14 10:54:01.337808997 +0200 @@ -29,18 +29,49 @@ # endif /* OPENSSL_HAS_ECC */ #endif /* WITH_OPENSSL */ @@ -12695,18 +12878,18 @@ diff -Nur openssh-9.9p1.orig/sshbuf.h openssh-9.9p1/sshbuf.h /* Internal definitions follow. Exposed for regress tests */ #ifdef SSHBUF_INTERNAL -diff -Nur openssh-9.9p1.orig/ssh.c openssh-9.9p1/ssh.c ---- openssh-9.9p1.orig/ssh.c 2025-01-20 20:48:33.454582252 +0100 -+++ openssh-9.9p1/ssh.c 2025-01-20 20:50:04.599813850 +0100 -@@ -109,6 +109,7 @@ - #include "ssherr.h" +diff -Nur openssh-10.0p1.orig/ssh.c openssh-10.0p1/ssh.c +--- openssh-10.0p1.orig/ssh.c 2025-06-14 10:53:02.024428197 +0200 ++++ openssh-10.0p1/ssh.c 2025-06-14 11:26:41.535259834 +0200 +@@ -111,6 +111,7 @@ #include "myproposal.h" #include "utf8.h" + #include "hostfile.h" +#include "cipher-switch.h" #ifdef ENABLE_PKCS11 #include "ssh-pkcs11.h" -@@ -1113,6 +1114,10 @@ +@@ -1122,6 +1123,10 @@ break; case 'T': options.request_tty = REQUEST_TTY_NO; @@ -12717,7 +12900,7 @@ diff -Nur openssh-9.9p1.orig/ssh.c openssh-9.9p1/ssh.c break; case 'o': line = xstrdup(optarg); -@@ -1682,10 +1687,36 @@ +@@ -1743,10 +1748,36 @@ } /* Open a connection to the remote host. */ @@ -12755,7 +12938,7 @@ diff -Nur openssh-9.9p1.orig/ssh.c openssh-9.9p1/ssh.c if (addrs != NULL) freeaddrinfo(addrs); -@@ -1896,7 +1927,7 @@ +@@ -1957,7 +1988,7 @@ /* Do fork() after authentication. Used by "ssh -f" */ static void @@ -12764,7 +12947,7 @@ diff -Nur openssh-9.9p1.orig/ssh.c openssh-9.9p1/ssh.c { if (need_controlpersist_detach) control_persist_detach(); -@@ -1906,17 +1937,21 @@ +@@ -1967,17 +1998,21 @@ fatal("daemon() failed: %.200s", strerror(errno)); if (stdfd_devnull(1, 1, !(log_is_on_stderr() && debug_flag)) == -1) error_f("stdfd_devnull failed"); @@ -12788,7 +12971,7 @@ diff -Nur openssh-9.9p1.orig/ssh.c openssh-9.9p1/ssh.c } else { debug2_f("%d expected forwarding replies remaining", forward_confirms_pending); -@@ -1983,7 +2018,7 @@ +@@ -2044,7 +2079,7 @@ "for listen port %d", rfwd->listen_port); } } @@ -12797,7 +12980,7 @@ diff -Nur openssh-9.9p1.orig/ssh.c openssh-9.9p1/ssh.c } static void -@@ -2010,7 +2045,7 @@ +@@ -2071,7 +2106,7 @@ } debug_f("tunnel forward established, id=%d", id); @@ -12806,7 +12989,7 @@ diff -Nur openssh-9.9p1.orig/ssh.c openssh-9.9p1/ssh.c } static void -@@ -2211,6 +2246,15 @@ +@@ -2272,6 +2307,15 @@ NULL, fileno(stdin), command, environ); } @@ -12822,7 +13005,7 @@ diff -Nur openssh-9.9p1.orig/ssh.c openssh-9.9p1/ssh.c /* open new channel for a session */ static int ssh_session2_open(struct ssh *ssh) -@@ -2232,6 +2276,7 @@ +@@ -2293,6 +2337,7 @@ window = CHAN_SES_WINDOW_DEFAULT; packetmax = CHAN_SES_PACKET_DEFAULT; if (tty_flag) { @@ -12830,7 +13013,7 @@ diff -Nur openssh-9.9p1.orig/ssh.c openssh-9.9p1/ssh.c window >>= 1; packetmax >>= 1; } -@@ -2240,6 +2285,12 @@ +@@ -2301,6 +2346,12 @@ window, packetmax, CHAN_EXTENDED_WRITE, "client-session", CHANNEL_NONBLOCK_STDIO); @@ -12843,7 +13026,7 @@ diff -Nur openssh-9.9p1.orig/ssh.c openssh-9.9p1/ssh.c debug3_f("channel_new: %d", c->self); channel_send_open(ssh, c->self); -@@ -2256,6 +2307,13 @@ +@@ -2317,6 +2368,13 @@ int r, interactive, id = -1; char *cp, *tun_fwd_ifname = NULL; @@ -12857,7 +13040,7 @@ diff -Nur openssh-9.9p1.orig/ssh.c openssh-9.9p1/ssh.c /* XXX should be pre-session */ if (!options.control_persist) ssh_init_stdio_forwarding(ssh); -@@ -2354,7 +2412,14 @@ +@@ -2415,7 +2473,14 @@ debug("deferring postauth fork until remote forward " "confirmation received"); } else @@ -12873,9 +13056,20 @@ diff -Nur openssh-9.9p1.orig/ssh.c openssh-9.9p1/ssh.c } return client_loop(ssh, tty_flag, tty_flag ? -diff -Nur openssh-9.9p1.orig/ssh_config.5 openssh-9.9p1/ssh_config.5 ---- openssh-9.9p1.orig/ssh_config.5 2025-01-20 20:48:33.454582252 +0100 -+++ openssh-9.9p1/ssh_config.5 2025-01-20 20:50:04.600813853 +0100 +diff -Nur openssh-10.0p1.orig/ssh_config openssh-10.0p1/ssh_config +--- openssh-10.0p1.orig/ssh_config 2025-06-14 10:53:02.024947608 +0200 ++++ openssh-10.0p1/ssh_config 2025-06-14 11:01:39.412445292 +0200 +@@ -46,6 +46,7 @@ + # ProxyCommand ssh -q -W %h:%p gateway.example.com + # RekeyLimit 1G 1h + # UserKnownHostsFile ~/.ssh/known_hosts.d/%k ++# UseMPTCP no + # + # This system is following system-wide crypto policy. + # To modify the crypto properties (Ciphers, MACs, ...), create a *.conf +diff -Nur openssh-10.0p1.orig/ssh_config.5 openssh-10.0p1/ssh_config.5 +--- openssh-10.0p1.orig/ssh_config.5 2025-06-14 10:53:02.025331736 +0200 ++++ openssh-10.0p1/ssh_config.5 2025-06-14 10:54:01.339955855 +0200 @@ -62,6 +62,19 @@ .Pq Pa /etc/ssh/ssh_config .El @@ -12891,12 +13085,12 @@ diff -Nur openssh-9.9p1.orig/ssh_config.5 openssh-9.9p1/ssh_config.5 +use +.Xr hpnssh 1 +specific directives in their default ssh_config files or ensure that they always use a -+custom config file. ++custom config file. +.Pp Unless noted otherwise, for each parameter, the first obtained value will be used. The configuration files contain sections separated by -@@ -795,6 +808,9 @@ +@@ -833,6 +846,9 @@ or .Cm no (the default). @@ -12906,7 +13100,7 @@ diff -Nur openssh-9.9p1.orig/ssh_config.5 openssh-9.9p1/ssh_config.5 .It Cm FingerprintHash Specifies the hash algorithm used when displaying key fingerprints. Valid options are: -@@ -1121,6 +1137,11 @@ +@@ -1159,6 +1175,11 @@ .Cm Hostname specifications). The default is the name given on the command line. @@ -12918,7 +13112,7 @@ diff -Nur openssh-9.9p1.orig/ssh_config.5 openssh-9.9p1/ssh_config.5 .It Cm IdentitiesOnly Specifies that .Xr ssh 1 -@@ -1502,6 +1523,63 @@ +@@ -1547,6 +1568,63 @@ .Pp The list of available MAC algorithms may also be obtained using .Qq ssh -Q mac . @@ -12982,7 +13176,7 @@ diff -Nur openssh-9.9p1.orig/ssh_config.5 openssh-9.9p1/ssh_config.5 .It Cm NoHostAuthenticationForLocalhost Disable host authentication for localhost (loopback addresses). The argument to this keyword must be -@@ -1509,6 +1587,36 @@ +@@ -1554,6 +1632,36 @@ or .Cm no (the default). @@ -13019,7 +13213,7 @@ diff -Nur openssh-9.9p1.orig/ssh_config.5 openssh-9.9p1/ssh_config.5 .It Cm NumberOfPasswordPrompts Specifies the number of password prompts before giving up. The argument to this keyword must be an integer. -@@ -2066,6 +2174,12 @@ +@@ -2124,6 +2232,12 @@ Specify a configuration tag name that may be later used by a .Cm Match directive to select a block of configuration. @@ -13032,7 +13226,20 @@ diff -Nur openssh-9.9p1.orig/ssh_config.5 openssh-9.9p1/ssh_config.5 .It Cm Tunnel Request .Xr tun 4 -@@ -2424,3 +2538,11 @@ +@@ -2209,6 +2323,12 @@ + from OpenSSH 6.8 and greater support the + .Qq hostkeys@openssh.com + protocol extension used to inform the client of all the server's hostkeys. ++.It Cm UseMPTCP ++If set to ++.Cm yes , ++this will enable Multipath TCP (MPTCP) instead of TCP (this only works on Linux). ++The default is ++.Cm no . + .It Cm User + Specifies the user to log in as. + This can be useful when a different user name is used on different machines. +@@ -2497,3 +2617,11 @@ created OpenSSH. .An Markus Friedl contributed the support for SSH protocol versions 1.5 and 2.0. @@ -13044,9 +13251,9 @@ diff -Nur openssh-9.9p1.orig/ssh_config.5 openssh-9.9p1/ssh_config.5 +developed the HPN extensions at the Pittsburgh Supercomuting Center +with grants from Cisco, the National Library of Medicine, and +the National Science Foundation. -diff -Nur openssh-9.9p1.orig/sshconnect2.c openssh-9.9p1/sshconnect2.c ---- openssh-9.9p1.orig/sshconnect2.c 2025-01-20 20:48:33.455582254 +0100 -+++ openssh-9.9p1/sshconnect2.c 2025-01-20 20:50:04.601813855 +0100 +diff -Nur openssh-10.0p1.orig/sshconnect2.c openssh-10.0p1/sshconnect2.c +--- openssh-10.0p1.orig/sshconnect2.c 2025-06-14 10:53:02.025925109 +0200 ++++ openssh-10.0p1/sshconnect2.c 2025-06-14 10:54:01.340908632 +0200 @@ -76,6 +76,7 @@ #include "utf8.h" #include "ssh-sk.h" @@ -13112,9 +13319,28 @@ diff -Nur openssh-9.9p1.orig/sshconnect2.c openssh-9.9p1/sshconnect2.c if (ssh_packet_connection_is_on_socket(ssh)) { verbose("Authenticated to %s ([%s]:%d) using \"%s\".", host, ssh_remote_ipaddr(ssh), ssh_remote_port(ssh), -diff -Nur openssh-9.9p1.orig/sshd.8 openssh-9.9p1/sshd.8 ---- openssh-9.9p1.orig/sshd.8 2025-01-20 20:48:33.455582254 +0100 -+++ openssh-9.9p1/sshd.8 2025-01-20 20:50:04.601813855 +0100 +diff -Nur openssh-10.0p1.orig/sshconnect.c openssh-10.0p1/sshconnect.c +--- openssh-10.0p1.orig/sshconnect.c 2025-06-14 10:53:01.488393170 +0200 ++++ openssh-10.0p1/sshconnect.c 2025-06-14 10:54:01.341617244 +0200 +@@ -359,9 +359,14 @@ + #endif + char ntop[NI_MAXHOST]; + +- sock = socket(ai->ai_family, ai->ai_socktype, ai->ai_protocol); ++ if (options.use_mptcp) ++ sock = socket(ai->ai_family, ai->ai_socktype, IPPROTO_MPTCP); ++ else ++ sock = socket(ai->ai_family, ai->ai_socktype, ai->ai_protocol); + if (sock == -1) { + error("socket: %s", strerror(errno)); ++ if (options.use_mptcp) ++ error ("You asked to use MPTCP. Please ensure it is enabled."); + return -1; + } + (void)fcntl(sock, F_SETFD, FD_CLOEXEC); +diff -Nur openssh-10.0p1.orig/sshd.8 openssh-10.0p1/sshd.8 +--- openssh-10.0p1.orig/sshd.8 2025-06-14 10:53:02.026331727 +0200 ++++ openssh-10.0p1/sshd.8 2025-06-14 10:54:01.342080852 +0200 @@ -1079,3 +1079,7 @@ protocol versions 1.5 and 2.0. Niels Provos and Markus Friedl contributed support @@ -13123,10 +13349,39 @@ diff -Nur openssh-9.9p1.orig/sshd.8 openssh-9.9p1/sshd.8 +the HPN extensions at the Pittsburgh Supercomuting Center with grants +from Cisco, the National Library of Medicine, and the National Science +Foundation. -diff -Nur openssh-9.9p1.orig/sshd.c openssh-9.9p1/sshd.c ---- openssh-9.9p1.orig/sshd.c 2025-01-20 20:48:33.410582141 +0100 -+++ openssh-9.9p1/sshd.c 2025-01-20 20:50:04.602813858 +0100 -@@ -760,6 +760,8 @@ +diff -Nur openssh-10.0p1.orig/sshd-auth.c openssh-10.0p1/sshd-auth.c +--- openssh-10.0p1.orig/sshd-auth.c 2025-06-14 10:53:01.779184668 +0200 ++++ openssh-10.0p1/sshd-auth.c 2025-06-14 10:54:01.342636371 +0200 +@@ -832,6 +832,25 @@ + struct kex *kex; + int r; + ++ /* this used to be in sshd.c when we read the configuration file ++ * but needed to be moved here as do_ssh2_kex in sshd-auth wasn't ++ * picking up the none options. CJR 4/10/2025 ++ */ ++ if (options.none_enabled == 1) { ++ debug("WARNING: None cipher enabled"); ++ char *old_ciphers = options.ciphers; ++ xasprintf(&options.ciphers, "%s,none", old_ciphers); ++ free(old_ciphers); ++ ++ /* only enable the none MAC in context of the none cipher -cjr */ ++ if (options.nonemac_enabled == 1) { ++ debug("WARNING: None MAC enabled"); ++ char *old_macs = options.macs; ++ xasprintf(&options.macs, "%s,none", old_macs); ++ free(old_macs); ++ } ++ } ++ + if (options.rekey_limit || options.rekey_interval) + ssh_packet_set_rekey_limits(ssh, options.rekey_limit, + options.rekey_interval); +diff -Nur openssh-10.0p1.orig/sshd.c openssh-10.0p1/sshd.c +--- openssh-10.0p1.orig/sshd.c 2025-06-14 10:53:01.779446364 +0200 ++++ openssh-10.0p1/sshd.c 2025-06-14 10:54:01.343195243 +0200 +@@ -822,6 +822,8 @@ int ret, listen_sock; struct addrinfo *ai; char ntop[NI_MAXHOST], strport[NI_MAXSERV]; @@ -13135,7 +13390,27 @@ diff -Nur openssh-9.9p1.orig/sshd.c openssh-9.9p1/sshd.c for (ai = la->addrs; ai; ai = ai->ai_next) { if (ai->ai_family != AF_INET && ai->ai_family != AF_INET6) -@@ -805,6 +807,10 @@ +@@ -837,11 +839,17 @@ + continue; + } + /* Create socket for listening. */ +- listen_sock = socket(ai->ai_family, ai->ai_socktype, +- ai->ai_protocol); ++ if (options.use_mptcp) ++ listen_sock = socket(ai->ai_family, ai->ai_socktype, ++ IPPROTO_MPTCP); ++ else ++ listen_sock = socket(ai->ai_family, ai->ai_socktype, ++ ai->ai_protocol); + if (listen_sock == -1) { + /* kernel may not support ipv6 */ + verbose("socket: %.100s", strerror(errno)); ++ if (options.use_mptcp) ++ verbose("MPTCP requested but may not be available."); + continue; + } + if (set_nonblock(listen_sock) == -1) { +@@ -867,6 +875,10 @@ debug("Bind to port %s on %s.", strport, ntop); @@ -13146,29 +13421,9 @@ diff -Nur openssh-9.9p1.orig/sshd.c openssh-9.9p1/sshd.c /* Bind the socket to the desired port. */ if (bind(listen_sock, ai->ai_addr, ai->ai_addrlen) == -1) { error("Bind to port %s on %s failed: %.200s.", -@@ -1428,6 +1434,19 @@ - /* Fill in default values for those options not explicitly set. */ - fill_default_server_options(&options); - -+ if (options.none_enabled == 1) { -+ char *old_ciphers = options.ciphers; -+ xasprintf(&options.ciphers, "%s,none", old_ciphers); -+ free(old_ciphers); -+ -+ /* only enable the none MAC in context of the none cipher -cjr */ -+ if (options.nonemac_enabled == 1) { -+ char *old_macs = options.macs; -+ xasprintf(&options.macs, "%s,none", old_macs); -+ free(old_macs); -+ } -+ } -+ - /* Check that options are sensible */ - if (options.authorized_keys_command_user == NULL && - (options.authorized_keys_command != NULL && -diff -Nur openssh-9.9p1.orig/sshd_config openssh-9.9p1/sshd_config ---- openssh-9.9p1.orig/sshd_config 2025-01-20 20:48:33.456582257 +0100 -+++ openssh-9.9p1/sshd_config 2025-01-20 21:06:55.293389906 +0100 +diff -Nur openssh-10.0p1.orig/sshd_config openssh-10.0p1/sshd_config +--- openssh-10.0p1.orig/sshd_config 2025-06-14 10:53:02.026903728 +0200 ++++ openssh-10.0p1/sshd_config 2025-06-14 11:00:18.384210561 +0200 @@ -18,7 +18,7 @@ # SELinux about this change. # semanage port -a -t ssh_port_t -p tcp #PORTNUMBER @@ -13178,7 +13433,15 @@ diff -Nur openssh-9.9p1.orig/sshd_config openssh-9.9p1/sshd_config #AddressFamily any #ListenAddress 0.0.0.0 #ListenAddress :: -@@ -127,6 +127,19 @@ +@@ -122,6 +122,7 @@ + #PermitTunnel no + #ChrootDirectory none + #VersionAddendum none ++#UseMPTCP no + + # no default banner path + #Banner none +@@ -129,6 +130,19 @@ # override default of no subsystems Subsystem sftp /usr/libexec/sftp-server @@ -13198,9 +13461,9 @@ diff -Nur openssh-9.9p1.orig/sshd_config openssh-9.9p1/sshd_config # Example of overriding settings on a per-user basis #Match User anoncvs # X11Forwarding no -diff -Nur openssh-9.9p1.orig/sshd_config.5 openssh-9.9p1/sshd_config.5 ---- openssh-9.9p1.orig/sshd_config.5 2025-01-20 20:48:33.456582257 +0100 -+++ openssh-9.9p1/sshd_config.5 2025-01-20 20:50:04.604813863 +0100 +diff -Nur openssh-10.0p1.orig/sshd_config.5 openssh-10.0p1/sshd_config.5 +--- openssh-10.0p1.orig/sshd_config.5 2025-06-14 10:53:02.027286949 +0200 ++++ openssh-10.0p1/sshd_config.5 2025-06-14 10:54:01.344536060 +0200 @@ -56,6 +56,16 @@ .Pq \&" in order to represent arguments containing spaces. @@ -13229,7 +13492,7 @@ diff -Nur openssh-9.9p1.orig/sshd_config.5 openssh-9.9p1/sshd_config.5 .It Cm ExposeAuthInfo Writes a temporary file containing a list of authentication methods and public credentials (e.g. keys) used to authenticate the user. -@@ -900,6 +914,11 @@ +@@ -944,6 +958,11 @@ The default for this option is: The list of available signature algorithms may also be obtained using .Qq ssh -Q HostKeyAlgorithms . @@ -13241,7 +13504,7 @@ diff -Nur openssh-9.9p1.orig/sshd_config.5 openssh-9.9p1/sshd_config.5 .It Cm IgnoreRhosts Specifies whether to ignore per-user .Pa .rhosts -@@ -1415,6 +1434,19 @@ +@@ -1467,6 +1486,19 @@ key exchange methods. The default is .Pa /etc/moduli . @@ -13261,7 +13524,7 @@ diff -Nur openssh-9.9p1.orig/sshd_config.5 openssh-9.9p1/sshd_config.5 .It Cm PAMServiceName Specifies the service name used for Pluggable Authentication Modules (PAM) authentication, authorisation and session controls when -@@ -1976,6 +2008,13 @@ +@@ -2035,6 +2067,13 @@ .Pp To disable TCP keepalive messages, the value should be set to .Cm no . @@ -13275,7 +13538,20 @@ diff -Nur openssh-9.9p1.orig/sshd_config.5 openssh-9.9p1/sshd_config.5 .It Cm TrustedUserCAKeys Specifies a file containing public keys of certificate authorities that are trusted to sign user certificates for authentication, or -@@ -2274,3 +2313,11 @@ +@@ -2095,6 +2134,12 @@ + .Cm Match + .Cm Host + directives. ++.It Cm UseMPTCP ++If set to ++.Cm yes , ++this will enable Multipath TCP (MPTCP) instead of TCP (this only works on Linux). ++The default is ++.Cm no . + .It Cm UsePAM + Enables the Pluggable Authentication Module interface. + If set to +@@ -2333,3 +2378,11 @@ and .An Markus Friedl contributed support for privilege separation. @@ -13287,10 +13563,10 @@ diff -Nur openssh-9.9p1.orig/sshd_config.5 openssh-9.9p1/sshd_config.5 +developed the HPN extensions at the Pittsburgh Supercomuting Center +with grants from Cisco, the National Library of Medicine, and +the National Science Foundation. -diff -Nur openssh-9.9p1.orig/sshd-session.c openssh-9.9p1/sshd-session.c ---- openssh-9.9p1.orig/sshd-session.c 2025-01-20 20:48:33.457582259 +0100 -+++ openssh-9.9p1/sshd-session.c 2025-01-20 20:50:04.604813863 +0100 -@@ -1196,6 +1196,20 @@ +diff -Nur openssh-10.0p1.orig/sshd-session.c openssh-10.0p1/sshd-session.c +--- openssh-10.0p1.orig/sshd-session.c 2025-06-14 10:53:02.028087821 +0200 ++++ openssh-10.0p1/sshd-session.c 2025-06-14 10:54:01.345322405 +0200 +@@ -1164,6 +1164,20 @@ } endpwent(); @@ -13308,10 +13584,10 @@ diff -Nur openssh-9.9p1.orig/sshd-session.c openssh-9.9p1/sshd-session.c + } + } + - if (!debug_flag) { - startup_pipe = dup(REEXEC_STARTUP_PIPE_FD); - close(REEXEC_STARTUP_PIPE_FD); -@@ -1403,6 +1417,9 @@ + if (!debug_flag && !inetd_flag) { + if ((startup_pipe = dup(REEXEC_CONFIG_PASS_FD)) == -1) + fatal("internal error: no startup pipe"); +@@ -1375,6 +1389,9 @@ rdomain == NULL ? "" : "\""); free(laddr); @@ -13321,22 +13597,10 @@ diff -Nur openssh-9.9p1.orig/sshd-session.c openssh-9.9p1/sshd-session.c /* * We don't want to listen forever unless the other side * successfully authenticates itself. So we set up an alarm which is -@@ -1575,6 +1592,11 @@ - struct kex *kex; - int r; - -+ if (options.none_enabled == 1) -+ debug("WARNING: None cipher enabled"); -+ if (options.nonemac_enabled == 1) -+ debug("WARNING: None MAC enabled"); -+ - if (options.rekey_limit || options.rekey_interval) - ssh_packet_set_rekey_limits(ssh, options.rekey_limit, - options.rekey_interval); -diff -Nur openssh-9.9p1.orig/ssh.h openssh-9.9p1/ssh.h ---- openssh-9.9p1.orig/ssh.h 2024-09-20 00:20:48.000000000 +0200 -+++ openssh-9.9p1/ssh.h 2025-01-20 20:50:04.605813865 +0100 -@@ -17,6 +17,7 @@ +diff -Nur openssh-10.0p1.orig/ssh.h openssh-10.0p1/ssh.h +--- openssh-10.0p1.orig/ssh.h 2025-04-09 09:02:43.000000000 +0200 ++++ openssh-10.0p1/ssh.h 2025-06-14 10:54:01.345905093 +0200 +@@ -14,6 +14,7 @@ /* Default port number. */ #define SSH_DEFAULT_PORT 22 @@ -13344,7 +13608,7 @@ diff -Nur openssh-9.9p1.orig/ssh.h openssh-9.9p1/ssh.h /* * Maximum number of certificate files that can be specified -@@ -48,7 +49,7 @@ +@@ -43,7 +44,7 @@ * Name for the service. The port named by this service overrides the * default port if present. */ @@ -13353,10 +13617,10 @@ diff -Nur openssh-9.9p1.orig/ssh.h openssh-9.9p1/ssh.h /* * Name of the environment variable containing the process ID of the -diff -Nur openssh-9.9p1.orig/sshkey.c openssh-9.9p1/sshkey.c ---- openssh-9.9p1.orig/sshkey.c 2025-01-20 20:48:33.411582143 +0100 -+++ openssh-9.9p1/sshkey.c 2025-01-20 20:50:04.606813868 +0100 -@@ -1778,7 +1778,8 @@ +diff -Nur openssh-10.0p1.orig/sshkey.c openssh-10.0p1/sshkey.c +--- openssh-10.0p1.orig/sshkey.c 2025-06-14 10:53:01.935152884 +0200 ++++ openssh-10.0p1/sshkey.c 2025-06-14 10:54:01.346333152 +0200 +@@ -1775,7 +1775,8 @@ stderr); #endif if ((r = cipher_init(&cctx, cipher, keyiv, cipher_keylen(cipher), @@ -13366,7 +13630,7 @@ diff -Nur openssh-9.9p1.orig/sshkey.c openssh-9.9p1/sshkey.c goto out; /* Serialise and encrypt the private key using the ephemeral key */ -@@ -1913,7 +1914,8 @@ +@@ -1910,7 +1911,8 @@ keyiv, SSH_DIGEST_MAX_LENGTH)) != 0) goto out; if ((r = cipher_init(&cctx, cipher, keyiv, cipher_keylen(cipher), @@ -13376,7 +13640,7 @@ diff -Nur openssh-9.9p1.orig/sshkey.c openssh-9.9p1/sshkey.c goto out; #ifdef DEBUG_PK fprintf(stderr, "%s: key+iv\n", __func__); -@@ -2981,6 +2983,13 @@ +@@ -2965,6 +2967,13 @@ kdfname = "none"; } else if (ciphername == NULL) ciphername = DEFAULT_CIPHERNAME; @@ -13390,7 +13654,7 @@ diff -Nur openssh-9.9p1.orig/sshkey.c openssh-9.9p1/sshkey.c if ((cipher = cipher_by_name(ciphername)) == NULL) { r = SSH_ERR_INVALID_ARGUMENT; goto out; -@@ -3016,7 +3025,7 @@ +@@ -3000,7 +3009,7 @@ goto out; } if ((r = cipher_init(&ciphercontext, cipher, key, keylen, @@ -13399,7 +13663,7 @@ diff -Nur openssh-9.9p1.orig/sshkey.c openssh-9.9p1/sshkey.c goto out; if ((r = sshbuf_put(encoded, AUTH_MAGIC, sizeof(AUTH_MAGIC))) != 0 || -@@ -3203,6 +3212,8 @@ +@@ -3187,6 +3196,8 @@ (r = sshbuf_get_u32(decoded, &encrypted_len)) != 0) goto out; @@ -13408,7 +13672,7 @@ diff -Nur openssh-9.9p1.orig/sshkey.c openssh-9.9p1/sshkey.c if ((cipher = cipher_by_name(ciphername)) == NULL) { r = SSH_ERR_KEY_UNKNOWN_CIPHER; goto out; -@@ -3258,7 +3269,7 @@ +@@ -3242,7 +3253,7 @@ /* decrypt private portion of key */ if ((r = sshbuf_reserve(decrypted, encrypted_len, &dp)) != 0 || (r = cipher_init(&ciphercontext, cipher, key, keylen, @@ -13417,9 +13681,9 @@ diff -Nur openssh-9.9p1.orig/sshkey.c openssh-9.9p1/sshkey.c goto out; if ((r = cipher_crypt(ciphercontext, 0, dp, sshbuf_ptr(decoded), encrypted_len, 0, authlen)) != 0) { -diff -Nur openssh-9.9p1.orig/sshkey-xmss.c openssh-9.9p1/sshkey-xmss.c ---- openssh-9.9p1.orig/sshkey-xmss.c 2024-09-20 00:20:48.000000000 +0200 -+++ openssh-9.9p1/sshkey-xmss.c 2025-01-20 20:50:04.606813868 +0100 +diff -Nur openssh-10.0p1.orig/sshkey-xmss.c openssh-10.0p1/sshkey-xmss.c +--- openssh-10.0p1.orig/sshkey-xmss.c 2025-04-09 09:02:43.000000000 +0200 ++++ openssh-10.0p1/sshkey-xmss.c 2025-06-14 10:54:01.347175650 +0200 @@ -903,9 +903,29 @@ state->enc_keyiv == NULL || state->enc_ciphername == NULL) @@ -13504,9 +13768,9 @@ diff -Nur openssh-9.9p1.orig/sshkey-xmss.c openssh-9.9p1/sshkey-xmss.c (r = cipher_crypt(ciphercontext, 0, dp, sshbuf_ptr(copy), encrypted_len, aadlen, authlen)) != 0) goto out; -diff -Nur openssh-9.9p1.orig/umac.c openssh-9.9p1/umac.c ---- openssh-9.9p1.orig/umac.c 2024-09-20 00:20:48.000000000 +0200 -+++ openssh-9.9p1/umac.c 2025-01-20 20:50:04.607813871 +0100 +diff -Nur openssh-10.0p1.orig/umac.c openssh-10.0p1/umac.c +--- openssh-10.0p1.orig/umac.c 2025-04-09 09:02:43.000000000 +0200 ++++ openssh-10.0p1/umac.c 2025-06-14 10:54:01.347637721 +0200 @@ -134,15 +134,48 @@ /* --- Endian Conversion --- Forcing assembly on some platforms */ /* ---------------------------------------------------------------------- */ @@ -13559,9 +13823,9 @@ diff -Nur openssh-9.9p1.orig/umac.c openssh-9.9p1/umac.c #define STORE_UINT32_BIG(p,v) put_u32(p, v) /* ---------------------------------------------------------------------- */ -diff -Nur openssh-9.9p1.orig/uthash.h openssh-9.9p1/uthash.h ---- openssh-9.9p1.orig/uthash.h 1970-01-01 01:00:00.000000000 +0100 -+++ openssh-9.9p1/uthash.h 2025-01-20 20:50:04.608813873 +0100 +diff -Nur openssh-10.0p1.orig/uthash.h openssh-10.0p1/uthash.h +--- openssh-10.0p1.orig/uthash.h 1970-01-01 01:00:00.000000000 +0100 ++++ openssh-10.0p1/uthash.h 2025-06-14 10:54:01.348457241 +0200 @@ -0,0 +1,1140 @@ +/* +Copyright (c) 2003-2022, Troy D. Hanson https://troydhanson.github.io/uthash/ @@ -14703,14 +14967,14 @@ diff -Nur openssh-9.9p1.orig/uthash.h openssh-9.9p1/uthash.h +} UT_hash_handle; + +#endif /* UTHASH_H */ -diff -Nur openssh-9.9p1.orig/version.h openssh-9.9p1/version.h ---- openssh-9.9p1.orig/version.h 2025-01-20 20:48:33.457582259 +0100 -+++ openssh-9.9p1/version.h 2025-01-20 21:09:18.648755010 +0100 +diff -Nur openssh-10.0p1.orig/version.h openssh-10.0p1/version.h +--- openssh-10.0p1.orig/version.h 2025-06-14 10:53:02.028786585 +0200 ++++ openssh-10.0p1/version.h 2025-06-14 11:34:35.359783615 +0200 @@ -16,5 +16,6 @@ - #define SSH_PORTABLE "p1" + #define SSH_PORTABLE "p2" #define GSI_PORTABLE "c-GSI" -#define SSH_RELEASE SSH_VERSION SSH_PORTABLE GSI_PORTABLE \ -+#define SSH_HPN "_hpn18.6.0" ++#define SSH_HPN "_hpn18.7.0" +#define SSH_RELEASE SSH_VERSION SSH_PORTABLE GSI_PORTABLE SSH_HPN \ GSI_VERSION KRB5_VERSION diff --git a/gsi-openssh.spec b/gsi-openssh.spec index b61f6d3..f932031 100644 --- a/gsi-openssh.spec +++ b/gsi-openssh.spec @@ -23,12 +23,12 @@ # Do we want libedit support %global libedit 1 -%global openssh_ver 9.9p1 +%global openssh_ver 10.0p1 Summary: An implementation of the SSH protocol with GSI authentication Name: gsi-openssh Version: %{openssh_ver} -Release: 6%{?dist} +Release: 1%{?dist} Provides: gsissh = %{version}-%{release} Obsoletes: gsissh < 5.8p2-2 URL: http://www.openssh.com/portable.html @@ -48,151 +48,134 @@ Source20: gsissh-host-keys-migration.sh Source21: gsissh-host-keys-migration.service Source99: README.sshd-and-gsisshd -#https://bugzilla.mindrot.org/show_bug.cgi?id=2581 -Patch100: openssh-6.7p1-coverity.patch - -#https://bugzilla.mindrot.org/show_bug.cgi?id=1402 -# https://bugzilla.redhat.com/show_bug.cgi?id=1171248 -# record pfs= field in CRYPTO_SESSION audit event -Patch200: openssh-7.6p1-audit.patch -# Audit race condition in forked child (#1310684) -Patch201: openssh-7.1p2-audit-race-condition.patch -# https://bugzilla.redhat.com/show_bug.cgi?id=2049947 -Patch202: openssh-9.0p1-audit-log.patch - #https://bugzilla.mindrot.org/show_bug.cgi?id=1641 (WONTFIX) -Patch400: openssh-7.8p1-role-mls.patch +Patch0001: 0001-openssh-7.8p1-role-mls.patch #https://bugzilla.redhat.com/show_bug.cgi?id=781634 -Patch404: openssh-6.6p1-privsep-selinux.patch -#? -Patch502: openssh-6.6p1-keycat.patch - +Patch0002: 0002-openssh-6.6p1-privsep-selinux.patch +Patch0003: 0003-openssh-6.6p1-keycat.patch #https://bugzilla.mindrot.org/show_bug.cgi?id=1644 -Patch601: openssh-6.6p1-allow-ip-opts.patch +Patch0004: 0004-openssh-6.6p1-allow-ip-opts.patch #(drop?) https://bugzilla.mindrot.org/show_bug.cgi?id=1925 -Patch606: openssh-5.9p1-ipv6man.patch -#? -Patch607: openssh-5.8p2-sigpipe.patch +Patch0005: 0005-openssh-5.9p1-ipv6man.patch +Patch0006: 0006-openssh-5.8p2-sigpipe.patch #https://bugzilla.mindrot.org/show_bug.cgi?id=1789 -Patch609: openssh-7.2p2-x11.patch - -#? -Patch700: openssh-7.7p1-fips.patch -#? -Patch702: openssh-5.1p1-askpass-progress.patch +Patch0007: 0007-openssh-7.2p2-x11.patch +Patch0008: 0008-openssh-5.1p1-askpass-progress.patch #https://bugzilla.redhat.com/show_bug.cgi?id=198332 -Patch703: openssh-4.3p2-askpass-grab-info.patch +Patch0009: 0009-openssh-4.3p2-askpass-grab-info.patch #https://bugzilla.mindrot.org/show_bug.cgi?id=1635 (WONTFIX) -Patch707: openssh-8.7p1-redhat.patch +Patch0010: 0010-openssh-8.7p1-redhat.patch # warn users for unsupported UsePAM=no (#757545) -Patch711: openssh-7.8p1-UsePAM-warning.patch - +Patch0011: 0011-openssh-7.8p1-UsePAM-warning.patch # GSSAPI Key Exchange (RFC 4462 + RFC 8732) # from https://github.com/openssh-gsskex/openssh-gsskex/tree/fedora/master # and # Reenable MONITOR_REQ_GSSCHECKMIC after gssapi-with-mic failures # upstream MR: # https://github.com/openssh-gsskex/openssh-gsskex/pull/21 -Patch800: openssh-9.6p1-gssapi-keyex.patch +Patch0012: 0012-openssh-9.6p1-gssapi-keyex.patch #http://www.mail-archive.com/kerberos@mit.edu/msg17591.html -Patch801: openssh-6.6p1-force_krb.patch -# add new option GSSAPIEnablek5users and disable using ~/.k5users by default (#1169843) -# CVE-2014-9278 -Patch802: openssh-6.6p1-GSSAPIEnablek5users.patch +Patch0013: 0013-openssh-6.6p1-force_krb.patch # Improve ccache handling in openssh (#991186, #1199363, #1566494) # https://bugzilla.mindrot.org/show_bug.cgi?id=2775 -Patch804: openssh-7.7p1-gssapi-new-unique.patch +Patch0014: 0014-openssh-7.7p1-gssapi-new-unique.patch # Respect k5login_directory option in krk5.conf (#1328243) -Patch805: openssh-7.2p2-k5login_directory.patch - +Patch0015: 0015-openssh-7.2p2-k5login_directory.patch #https://bugzilla.mindrot.org/show_bug.cgi?id=1780 -Patch901: openssh-6.6p1-kuserok.patch +Patch0016: 0016-openssh-6.6p1-kuserok.patch # Use tty allocation for a remote scp (#985650) -Patch906: openssh-6.4p1-fromto-remote.patch +Patch0017: 0017-openssh-6.4p1-fromto-remote.patch # privsep_preauth: use SELinux context from selinux-policy (#1008580) -Patch916: openssh-6.6.1p1-selinux-contexts.patch +Patch0018: 0018-openssh-6.6.1p1-selinux-contexts.patch # log via monitor in chroots without /dev/log (#2681) -Patch918: openssh-6.6.1p1-log-in-chroot.patch +Patch0019: 0019-openssh-6.6.1p1-log-in-chroot.patch # scp file into non-existing directory (#1142223) -Patch919: openssh-6.6.1p1-scp-non-existing-directory.patch +Patch0020: 0020-openssh-6.6.1p1-scp-non-existing-directory.patch +# add new option GSSAPIEnablek5users and disable using ~/.k5users by default (#1169843) +# CVE-2014-9278 +Patch0021: 0021-openssh-6.6p1-GSSAPIEnablek5users.patch # apply upstream patch and make sshd -T more consistent (#1187521) -Patch922: openssh-6.8p1-sshdT-output.patch +Patch0022: 0022-openssh-6.8p1-sshdT-output.patch # Add sftp option to force mode of created files (#1191055) -Patch926: openssh-6.7p1-sftp-force-permission.patch +Patch0023: 0023-openssh-6.7p1-sftp-force-permission.patch # make s390 use /dev/ crypto devices -- ignore closefrom -Patch939: openssh-7.2p2-s390-closefrom.patch +Patch0024: 0024-openssh-7.2p2-s390-closefrom.patch # Move MAX_DISPLAYS to a configuration option (#1341302) -Patch944: openssh-7.3p1-x11-max-displays.patch +Patch0025: 0025-openssh-7.3p1-x11-max-displays.patch # Pass inetd flags for SELinux down to openbsd compat level -Patch949: openssh-7.6p1-cleanup-selinux.patch +Patch0026: 0026-openssh-7.6p1-cleanup-selinux.patch # Sandbox adjustments for s390 and audit -Patch950: openssh-7.5p1-sandbox.patch +Patch0027: 0027-openssh-7.5p1-sandbox.patch # PKCS#11 URIs (upstream #2817, 2nd iteration) # https://github.com/Jakuje/openssh-portable/commits/jjelen-pkcs11 # git show > ~/devel/fedora/openssh/openssh-8.0p1-pkcs11-uri.patch -Patch951: openssh-8.0p1-pkcs11-uri.patch +Patch0028: 0028-openssh-8.0p1-pkcs11-uri.patch # Unbreak scp between two IPv6 hosts (#1620333) -Patch953: openssh-7.8p1-scp-ipv6.patch +Patch0029: 0029-openssh-7.8p1-scp-ipv6.patch # Mention crypto-policies in manual pages (#1668325) # clarify rhbz#2068423 on the man page of ssh_config -Patch962: openssh-8.0p1-crypto-policies.patch +Patch0030: 0030-openssh-8.0p1-crypto-policies.patch # Use OpenSSL KDF (#1631761) -Patch964: openssh-8.0p1-openssl-kdf.patch +Patch0031: 0031-openssh-8.0p1-openssl-kdf.patch # sk-dummy.so built with -fvisibility=hidden does not work -Patch965: openssh-8.2p1-visibility.patch +Patch0032: 0032-openssh-8.2p1-visibility.patch # Do not break X11 without IPv6 -Patch966: openssh-8.2p1-x11-without-ipv6.patch -# ssh-keygen printing fingerprint issue with Windows keys (#1901518) -Patch974: openssh-8.0p1-keygen-strip-doseol.patch +Patch0033: 0033-openssh-8.2p1-x11-without-ipv6.patch # sshd provides PAM an incorrect error code (#1879503) -Patch975: openssh-8.0p1-preserve-pam-errors.patch +Patch0034: 0034-openssh-8.0p1-preserve-pam-errors.patch # Implement kill switch for SCP protocol -Patch977: openssh-8.7p1-scp-kill-switch.patch +Patch0035: 0035-openssh-8.7p1-scp-kill-switch.patch # Workaround for lack of sftp_realpath in older versions of RHEL # https://bugzilla.redhat.com/show_bug.cgi?id=2038854 # https://github.com/openssh/openssh-portable/pull/299 # downstream only -Patch981: openssh-8.7p1-recursive-scp.patch -# https://github.com/djmdjm/openssh-wip/pull/13 -Patch982: openssh-8.7p1-minrsabits.patch +Patch0036: 0036-openssh-8.7p1-recursive-scp.patch +# Downstream alias for MinRSABits +Patch0037: 0037-openssh-8.7p1-minrsabits.patch # downstream only, IBMCA tentative fix # From https://bugzilla.redhat.com/show_bug.cgi?id=1976202#c14 -Patch984: openssh-8.7p1-ibmca.patch - +Patch0038: 0038-openssh-8.7p1-ibmca.patch +#https://bugzilla.mindrot.org/show_bug.cgi?id=1402 +# https://bugzilla.redhat.com/show_bug.cgi?id=1171248 +# record pfs= field in CRYPTO_SESSION audit event +Patch0039: 0039-openssh-7.6p1-audit.patch +# Audit race condition in forked child (#1310684) +Patch0040: 0040-openssh-7.1p2-audit-race-condition.patch +# https://bugzilla.redhat.com/show_bug.cgi?id=2049947 +Patch0041: 0041-openssh-9.0p1-audit-log.patch +Patch0042: 0042-openssh-7.7p1-fips.patch # Add missing options from ssh_config into ssh manpage # upstream bug: # https://bugzilla.mindrot.org/show_bug.cgi?id=3455 -Patch1002: openssh-8.7p1-ssh-manpage.patch +Patch0043: 0043-openssh-8.7p1-ssh-manpage.patch # Don't propose disallowed algorithms during hostkey negotiation # upstream MR: # https://github.com/openssh/openssh-portable/pull/323 -Patch1006: openssh-8.7p1-negotiate-supported-algs.patch +Patch0044: 0044-openssh-8.7p1-negotiate-supported-algs.patch +Patch0045: 0045-openssh-9.0p1-evp-fips-kex.patch +Patch0046: 0046-openssh-8.7p1-nohostsha1proof.patch +Patch0047: 0047-openssh-9.6p1-pam-rhost.patch +Patch0048: 0048-openssh-9.9p1-separate-keysign.patch +Patch0049: 0049-openssh-9.9p1-openssl-mlkem.patch +# https://www.openwall.com/lists/oss-security/2025/02/22/1 +Patch0050: 0050-openssh-9.9p2-error_processing.patch +# https://github.com/openssh/openssh-portable/pull/564 +Patch0051: 0051-Provide-better-error-for-non-supported-private-keys.patch +# https://github.com/openssh/openssh-portable/pull/567 +Patch0052: 0052-Ignore-bad-hostkeys-in-known_hosts-file.patch +# https://github.com/openssh/openssh-portable/pull/500 +Patch0053: 0053-support-authentication-indicators-in-GSSAPI.patch -Patch1012: openssh-9.0p1-evp-fips-kex.patch -Patch1014: openssh-8.7p1-nohostsha1proof.patch - -Patch1015: openssh-9.6p1-pam-rhost.patch -Patch1016: openssh-9.9p1-separate-keysign.patch -# upstream cf3e48ee8ba1beeccddd2f203b558fa102be67a2 -# upstream 0c3927c45f8a57b511c874c4d51a8c89414f74ef -Patch1017: openssh-9.9p1-mlkembe.patch -# upstream 3f02368e8e9121847727c46b280efc280e5eb615 -# upstream 67a115e7a56dbdc3f5a58c64b29231151f3670f5 -Patch1020: openssh-9.9p1-match-regression.patch -# upstream 6ce00f0c2ecbb9f75023dbe627ee6460bcec78c2 -# upstream 0832aac79517611dd4de93ad0a83577994d9c907 -# added https://www.openwall.com/lists/oss-security/2025/02/22/1 -Patch1021: openssh-9.9p2-error_processing.patch -# Downstream patch, OpenSSL based MLKEM implementation -Patch1022: openssh-9.9p1-openssl-mlkem.patch +#https://bugzilla.mindrot.org/show_bug.cgi?id=2581 +Patch1000: 1000-openssh-coverity.patch # This is the patch that adds GSI support # Based on hpn_isshd-gsi.7.5p1b.patch from Globus upstream -Patch98: openssh-9.9p1-gsissh.patch +Patch2000: 2000-openssh-10.0p1-gsissh.patch # This is the HPN patch -# Based on https://github.com/rapier1/hpn-ssh/ tag: hpn-18.6.0 -Patch99: openssh-9.9p1-hpn-18.6.0.patch +# Based on https://github.com/rapier1/hpn-ssh/ tag: hpn-18.7.0 +Patch2001: 2001-openssh-10.0p1-hpn-18.7.0.patch License: BSD-3-Clause AND BSD-2-Clause AND ISC AND SSH-OpenSSH AND ssh-keyscan AND sprintf AND LicenseRef-Fedora-Public-Domain AND X11-distribute-modifications-variant Requires: /sbin/nologin @@ -297,72 +280,7 @@ This version of OpenSSH has been modified to support GSI authentication. %prep gpgv2 --quiet --keyring %{SOURCE3} %{SOURCE1} %{SOURCE0} -%setup -q -n openssh-%{version} - -%patch -P 400 -p1 -b .role-mls -%patch -P 404 -p1 -b .privsep-selinux - -%patch -P 502 -p1 -b .keycat - -%patch -P 601 -p1 -b .ip-opts -%patch -P 606 -p1 -b .ipv6man -%patch -P 607 -p1 -b .sigpipe -%patch -P 609 -p1 -b .x11 - -%patch -P 702 -p1 -b .progress -%patch -P 703 -p1 -b .grab-info -%patch -P 707 -p1 -b .redhat -%patch -P 711 -p1 -b .log-usepam-no - -%patch -P 800 -p1 -b .gsskex -%patch -P 801 -p1 -b .force_krb -%patch -P 804 -p1 -b .ccache_name -%patch -P 805 -p1 -b .k5login - -%patch -P 901 -p1 -b .kuserok -%patch -P 906 -p1 -b .fromto-remote -%patch -P 916 -p1 -b .contexts -%patch -P 918 -p1 -b .log-in-chroot -%patch -P 919 -p1 -b .scp -%patch -P 802 -p1 -b .GSSAPIEnablek5users -%patch -P 922 -p1 -b .sshdt -%patch -P 926 -p1 -b .sftp-force-mode -%patch -P 939 -p1 -b .s390-dev -%patch -P 944 -p1 -b .x11max -%patch -P 949 -p1 -b .refactor -%patch -P 950 -p1 -b .sandbox -%patch -P 951 -p1 -b .pkcs11-uri -%patch -P 953 -p1 -b .scp-ipv6 -%patch -P 962 -p1 -b .crypto-policies -%patch -P 964 -p1 -b .openssl-kdf -%patch -P 965 -p1 -b .visibility -%patch -P 966 -p1 -b .x11-ipv6 -%patch -P 974 -p1 -b .keygen-strip-doseol -%patch -P 975 -p1 -b .preserve-pam-errors -%patch -P 977 -p1 -b .kill-scp -%patch -P 981 -p1 -b .scp-sftpdirs -%patch -P 982 -p1 -b .minrsabits -%patch -P 984 -p1 -b .ibmca - -%patch -P 200 -p1 -b .audit -%patch -P 201 -p1 -b .audit-race -%patch -P 202 -p1 -b .audit-log -%patch -P 700 -p1 -b .fips - -%patch -P 1002 -p1 -b .ssh-manpage -%patch -P 1006 -p1 -b .negotiate-supported-algs -%patch -P 1012 -p1 -b .evp-fips-dh -%patch -P 1014 -p1 -b .nosha1hostproof -%patch -P 1015 -p1 -b .pam-rhost -%patch -P 1016 -p1 -b .sep-keysign -%patch -P 1017 -p1 -b .mlkembe -%patch -P 1020 -p1 -b .match -%patch -P 1021 -p1 -b .errcode_set -%patch -P 1022 -p1 -b .openssl-mlkem - -%patch -P 100 -p1 -b .coverity -%patch -P 98 -p1 -b .gsi -%patch -P 99 -p1 -b .hpn +%autosetup -T -b 0 -p1 -n openssh-%{version} sed 's/sshd.pid/gsisshd.pid/' -i pathnames.h sed 's!$(piddir)/sshd.pid!$(piddir)/gsisshd.pid!' -i Makefile.in @@ -560,6 +478,7 @@ fi %dir %attr(0711,root,root) %{_datadir}/empty.sshd %attr(0755,root,root) %{_sbindir}/gsisshd %attr(0755,root,root) %{_libexecdir}/gsissh/sshd-session +%attr(0755,root,root) %{_libexecdir}/gsissh/sshd-auth %attr(0755,root,root) %{_libexecdir}/gsissh/sftp-server %attr(0755,root,root) %{_libexecdir}/gsissh/sshd-keygen %attr(0644,root,root) %{_mandir}/man5/gsisshd_config.5* diff --git a/openssh-5.8p2-sigpipe.patch b/openssh-5.8p2-sigpipe.patch deleted file mode 100644 index 554e346..0000000 --- a/openssh-5.8p2-sigpipe.patch +++ /dev/null @@ -1,14 +0,0 @@ -diff -up openssh-5.8p2/ssh-keyscan.c.sigpipe openssh-5.8p2/ssh-keyscan.c ---- openssh-5.8p2/ssh-keyscan.c.sigpipe 2011-08-23 18:30:33.873025916 +0200 -+++ openssh-5.8p2/ssh-keyscan.c 2011-08-23 18:32:24.574025362 +0200 -@@ -715,6 +715,9 @@ main(int argc, char **argv) - if (maxfd > fdlim_get(0)) - fdlim_set(maxfd); - fdcon = xcalloc(maxfd, sizeof(con)); -+ -+ signal(SIGPIPE, SIG_IGN); -+ - read_wait = xcalloc(maxfd, sizeof(struct pollfd)); - for (j = 0; j < maxfd; j++) - read_wait[j].fd = -1; - diff --git a/openssh-6.4p1-fromto-remote.patch b/openssh-6.4p1-fromto-remote.patch deleted file mode 100644 index 4a7d849..0000000 --- a/openssh-6.4p1-fromto-remote.patch +++ /dev/null @@ -1,16 +0,0 @@ -diff --git a/scp.c b/scp.c -index d98fa67..25d347b 100644 ---- a/scp.c -+++ b/scp.c -@@ -638,7 +638,10 @@ toremote(char *targ, int argc, char **argv) - addargs(&alist, "%s", ssh_program); - addargs(&alist, "-x"); - addargs(&alist, "-oClearAllForwardings=yes"); -- addargs(&alist, "-n"); -+ if (isatty(fileno(stdin))) -+ addargs(&alist, "-t"); -+ else -+ addargs(&alist, "-n"); - for (j = 0; j < remote_remote_args.num; j++) { - addargs(&alist, "%s", - remote_remote_args.list[j]); diff --git a/openssh-6.6.1p1-scp-non-existing-directory.patch b/openssh-6.6.1p1-scp-non-existing-directory.patch deleted file mode 100644 index bb55c0b..0000000 --- a/openssh-6.6.1p1-scp-non-existing-directory.patch +++ /dev/null @@ -1,14 +0,0 @@ ---- a/scp.c -+++ a/scp.c -@@ -1084,6 +1084,10 @@ sink(int argc, char **argv) - free(vect[0]); - continue; - } -+ if (buf[0] == 'C' && ! exists && np[strlen(np)-1] == '/') { -+ errno = ENOTDIR; -+ goto bad; -+ } - omode = mode; - mode |= S_IWUSR; - if ((ofd = open(np, O_WRONLY|O_CREAT, mode)) == -1) { --- diff --git a/openssh-6.7p1-coverity.patch b/openssh-6.7p1-coverity.patch deleted file mode 100644 index ffe0c69..0000000 --- a/openssh-6.7p1-coverity.patch +++ /dev/null @@ -1,248 +0,0 @@ -diff -up openssh-8.5p1/auth-krb5.c.coverity openssh-8.5p1/auth-krb5.c ---- openssh-8.5p1/auth-krb5.c.coverity 2021-03-24 12:03:33.724967756 +0100 -+++ openssh-8.5p1/auth-krb5.c 2021-03-24 12:03:33.782968159 +0100 -@@ -426,6 +426,7 @@ ssh_krb5_cc_new_unique(krb5_context ctx, - umask(old_umask); - if (tmpfd == -1) { - logit("mkstemp(): %.100s", strerror(oerrno)); -+ free(ccname); - return oerrno; - } - -@@ -433,6 +434,7 @@ ssh_krb5_cc_new_unique(krb5_context ctx, - oerrno = errno; - logit("fchmod(): %.100s", strerror(oerrno)); - close(tmpfd); -+ free(ccname); - return oerrno; - } - /* make sure the KRB5CCNAME is set for non-standard location */ -diff -up openssh-8.5p1/gss-genr.c.coverity openssh-8.5p1/gss-genr.c ---- openssh-8.5p1/gss-genr.c.coverity 2021-03-26 11:52:46.613942552 +0100 -+++ openssh-8.5p1/gss-genr.c 2021-03-26 11:54:37.881726318 +0100 -@@ -167,8 +167,9 @@ ssh_gssapi_kex_mechs(gss_OID_set gss_sup - enclen = __b64_ntop(digest, - ssh_digest_bytes(SSH_DIGEST_MD5), encoded, - ssh_digest_bytes(SSH_DIGEST_MD5) * 2); -- -+#pragma GCC diagnostic ignored "-Wstringop-overflow" - cp = strncpy(s, kex, strlen(kex)); -+#pragma GCC diagnostic pop - for ((p = strsep(&cp, ",")); p && *p != '\0'; - (p = strsep(&cp, ","))) { - if (sshbuf_len(buf) != 0 && -diff -up openssh-8.5p1/krl.c.coverity openssh-8.5p1/krl.c ---- openssh-8.5p1/krl.c.coverity 2021-03-02 11:31:47.000000000 +0100 -+++ openssh-8.5p1/krl.c 2021-03-24 12:03:33.783968166 +0100 -@@ -1261,6 +1262,7 @@ is_key_revoked(struct ssh_krl *krl, cons - return r; - erb = RB_FIND(revoked_blob_tree, &krl->revoked_sha1s, &rb); - free(rb.blob); -+ rb.blob = NULL; /* make coverity happy */ - if (erb != NULL) { - KRL_DBG(("revoked by key SHA1")); - return SSH_ERR_KEY_REVOKED; -@@ -1271,6 +1273,7 @@ is_key_revoked(struct ssh_krl *krl, cons - return r; - erb = RB_FIND(revoked_blob_tree, &krl->revoked_sha256s, &rb); - free(rb.blob); -+ rb.blob = NULL; /* make coverity happy */ - if (erb != NULL) { - KRL_DBG(("revoked by key SHA256")); - return SSH_ERR_KEY_REVOKED; -@@ -1282,6 +1285,7 @@ is_key_revoked(struct ssh_krl *krl, cons - return r; - erb = RB_FIND(revoked_blob_tree, &krl->revoked_keys, &rb); - free(rb.blob); -+ rb.blob = NULL; /* make coverity happy */ - if (erb != NULL) { - KRL_DBG(("revoked by explicit key")); - return SSH_ERR_KEY_REVOKED; -diff -up openssh-8.5p1/loginrec.c.coverity openssh-8.5p1/loginrec.c ---- openssh-8.5p1/loginrec.c.coverity 2021-03-24 13:18:53.793225885 +0100 -+++ openssh-8.5p1/loginrec.c 2021-03-24 13:21:27.948404751 +0100 -@@ -690,9 +690,11 @@ construct_utmp(struct logininfo *li, - */ - - /* Use strncpy because we don't necessarily want null termination */ -+ /* coverity[buffer_size_warning : FALSE] */ - strncpy(ut->ut_name, li->username, - MIN_SIZEOF(ut->ut_name, li->username)); - # ifdef HAVE_HOST_IN_UTMP -+ /* coverity[buffer_size_warning : FALSE] */ - strncpy(ut->ut_host, li->hostname, - MIN_SIZEOF(ut->ut_host, li->hostname)); - # endif -diff -up openssh-8.5p1/misc.c.coverity openssh-8.5p1/misc.c ---- openssh-8.5p1/misc.c.coverity 2021-03-24 12:03:33.745967902 +0100 -+++ openssh-8.5p1/misc.c 2021-03-24 13:31:47.037079617 +0100 -@@ -1425,6 +1425,8 @@ sanitise_stdfd(void) - } - if (nullfd > STDERR_FILENO) - close(nullfd); -+ /* coverity[leaked_handle : FALSE]*/ -+ /* coverity[leaked_handle : FALSE]*/ - } - - char * -@@ -2511,6 +2513,7 @@ stdfd_devnull(int do_stdin, int do_stdou - } - if (devnull > STDERR_FILENO) - close(devnull); -+ /* coverity[leaked_handle : FALSE]*/ - return ret; - } - -diff -up openssh-7.4p1/monitor.c.coverity openssh-7.4p1/monitor.c ---- openssh-7.4p1/monitor.c.coverity 2016-12-23 16:40:26.888788688 +0100 -+++ openssh-7.4p1/monitor.c 2016-12-23 16:40:26.900788691 +0100 -@@ -411,7 +411,7 @@ monitor_child_preauth(Authctxt *_authctx - mm_get_keystate(ssh, pmonitor); - - /* Drain any buffered messages from the child */ -- while (pmonitor->m_log_recvfd != -1 && monitor_read_log(pmonitor) == 0) -+ while (pmonitor->m_log_recvfd >= 0 && monitor_read_log(pmonitor) == 0) - ; - - if (pmonitor->m_recvfd >= 0) -@@ -1678,7 +1678,7 @@ mm_answer_pty(struct ssh *ssh, int sock, - s->ptymaster = s->ptyfd; - - debug3_f("tty %s ptyfd %d", s->tty, s->ttyfd); -- -+ /* coverity[leaked_handle : FALSE] */ - return (0); - - error: -diff -up openssh-7.4p1/openbsd-compat/bindresvport.c.coverity openssh-7.4p1/openbsd-compat/bindresvport.c ---- openssh-7.4p1/openbsd-compat/bindresvport.c.coverity 2016-12-19 05:59:41.000000000 +0100 -+++ openssh-7.4p1/openbsd-compat/bindresvport.c 2016-12-23 16:40:26.901788691 +0100 -@@ -58,7 +58,7 @@ bindresvport_sa(int sd, struct sockaddr - struct sockaddr_in6 *in6; - u_int16_t *portp; - u_int16_t port; -- socklen_t salen; -+ socklen_t salen = sizeof(struct sockaddr_storage); - int i; - - if (sa == NULL) { -diff -up openssh-8.7p1/openbsd-compat/bsd-pselect.c.coverity openssh-8.7p1/openbsd-compat/bsd-pselect.c ---- openssh-8.7p1/openbsd-compat/bsd-pselect.c.coverity 2021-08-30 16:36:11.357288009 +0200 -+++ openssh-8.7p1/openbsd-compat/bsd-pselect.c 2021-08-30 16:37:21.791897976 +0200 -@@ -113,13 +113,13 @@ pselect_notify_setup(void) - static void - pselect_notify_parent(void) - { -- if (notify_pipe[1] != -1) -+ if (notify_pipe[1] >= 0) - (void)write(notify_pipe[1], "", 1); - } - static void - pselect_notify_prepare(fd_set *readset) - { -- if (notify_pipe[0] != -1) -+ if (notify_pipe[0] >= 0) - FD_SET(notify_pipe[0], readset); - } - static void -@@ -127,8 +127,8 @@ pselect_notify_done(fd_set *readset) - { - char c; - -- if (notify_pipe[0] != -1 && FD_ISSET(notify_pipe[0], readset)) { -- while (read(notify_pipe[0], &c, 1) != -1) -+ if (notify_pipe[0] >= 0 && FD_ISSET(notify_pipe[0], readset)) { -+ while (read(notify_pipe[0], &c, 1) >= 0) - debug2_f("reading"); - FD_CLR(notify_pipe[0], readset); - } -diff -up openssh-8.5p1/readconf.c.coverity openssh-8.5p1/readconf.c ---- openssh-8.5p1/readconf.c.coverity 2021-03-24 12:03:33.778968131 +0100 -+++ openssh-8.5p1/readconf.c 2021-03-24 12:03:33.785968180 +0100 -@@ -1847,6 +1847,7 @@ parse_pubkey_algos: - } else if (r != 0) { - error("%.200s line %d: glob failed for %s.", - filename, linenum, arg2); -+ free(arg2); - goto out; - } - free(arg2); -diff -up openssh-7.4p1/servconf.c.coverity openssh-7.4p1/servconf.c ---- openssh-7.4p1/servconf.c.coverity 2016-12-23 16:40:26.896788690 +0100 -+++ openssh-7.4p1/servconf.c 2016-12-23 16:40:26.901788691 +0100 -@@ -1638,8 +1638,9 @@ process_server_config_line(ServerOptions - if (*activep && *charptr == NULL) { - *charptr = tilde_expand_filename(arg, getuid()); - /* increase optional counter */ -- if (intptr != NULL) -- *intptr = *intptr + 1; -+ /* DEAD CODE intptr is still NULL ;) -+ if (intptr != NULL) -+ *intptr = *intptr + 1; */ - } - break; - -diff -up openssh-8.7p1/serverloop.c.coverity openssh-8.7p1/serverloop.c ---- openssh-8.7p1/serverloop.c.coverity 2021-08-20 06:03:49.000000000 +0200 -+++ openssh-8.7p1/serverloop.c 2021-08-30 16:28:22.416226981 +0200 -@@ -547,7 +547,7 @@ server_request_tun(struct ssh *ssh) - debug_f("invalid tun"); - goto done; - } -- if (auth_opts->force_tun_device != -1) { -+ if (auth_opts->force_tun_device >= 0) { - if (tun != SSH_TUNID_ANY && - auth_opts->force_tun_device != (int)tun) - goto done; -diff -up openssh-7.4p1/ssh-agent.c.coverity openssh-7.4p1/ssh-agent.c ---- openssh-7.4p1/ssh-agent.c.coverity 2016-12-19 05:59:41.000000000 +0100 -+++ openssh-7.4p1/ssh-agent.c 2016-12-23 16:40:26.903788691 +0100 -@@ -869,6 +869,7 @@ sanitize_pkcs11_provider(const char *pro - - if (pkcs11_uri_parse(provider, uri) != 0) { - error("Failed to parse PKCS#11 URI"); -+ pkcs11_uri_cleanup(uri); - return NULL; - } - /* validate also provider from URI */ -diff -up openssh-7.4p1/sshd-session.c.coverity openssh-7.4p1/sshd-session.c ---- openssh-7.4p1/sshd-session.c.coverity 2016-12-23 16:40:26.897788690 +0100 -+++ openssh-7.4p1/sshd-session.c 2016-12-23 16:40:26.904788692 +0100 -@@ -691,8 +691,10 @@ privsep_preauth(Authctxt *authctxt) - - privsep_preauth_child(ssh); - setproctitle("%s", "[net]"); -- if (box != NULL) -+ if (box != NULL) { - ssh_sandbox_child(box); -+ free(box); -+ } - - return 0; - } -@@ -2519,8 +2524,11 @@ do_ssh2_kex(struct ssh *ssh) - - if (newstr) - myproposal[PROPOSAL_KEX_ALGS] = newstr; -- else -+ else { - fatal("No supported key exchange algorithms"); -+ free(gss); -+ } -+ /* coverity[leaked_storage: FALSE]*/ - } - #endif - -diff -up openssh-8.5p1/ssh-keygen.c.coverity openssh-8.5p1/ssh-keygen.c ---- openssh-8.5p1/ssh-keygen.c.coverity 2021-03-24 12:03:33.780968145 +0100 -+++ openssh-8.5p1/ssh-keygen.c 2021-03-24 12:03:33.787968194 +0100 -@@ -2332,6 +2332,9 @@ update_krl_from_file(struct passwd *pw, - r = ssh_krl_revoke_key_sha256(krl, blob, blen); - if (r != 0) - fatal_fr(r, "revoke key failed"); -+ freezero(blob, blen); -+ blob = NULL; -+ blen = 0; - } else { - if (strncasecmp(cp, "key:", 4) == 0) { - cp += 4; diff --git a/openssh-6.8p1-sshdT-output.patch b/openssh-6.8p1-sshdT-output.patch deleted file mode 100644 index 156e66d..0000000 --- a/openssh-6.8p1-sshdT-output.patch +++ /dev/null @@ -1,12 +0,0 @@ -diff -up openssh/servconf.c.sshdt openssh/servconf.c ---- openssh/servconf.c.sshdt 2015-06-24 11:42:29.041078704 +0200 -+++ openssh/servconf.c 2015-06-24 11:44:39.734745802 +0200 -@@ -2317,7 +2317,7 @@ dump_config(ServerOptions *o) - dump_cfg_string(sXAuthLocation, o->xauth_location); - dump_cfg_string(sCiphers, o->ciphers); - dump_cfg_string(sMacs, o->macs); -- dump_cfg_string(sBanner, o->banner); -+ dump_cfg_string(sBanner, o->banner != NULL ? o->banner : "none"); - dump_cfg_string(sForceCommand, o->adm_forced_command); - dump_cfg_string(sChrootDirectory, o->chroot_directory); - dump_cfg_string(sTrustedUserCAKeys, o->trusted_user_ca_keys); diff --git a/openssh-7.5p1-sandbox.patch b/openssh-7.5p1-sandbox.patch deleted file mode 100644 index 90640a0..0000000 --- a/openssh-7.5p1-sandbox.patch +++ /dev/null @@ -1,86 +0,0 @@ -In order to use the OpenSSL-ibmpkcs11 engine it is needed to allow flock -and ipc calls, because this engine calls OpenCryptoki (a PKCS#11 -implementation) which calls the libraries that will communicate with the -crypto cards. OpenCryptoki makes use of flock and ipc and, as of now, -this is only need on s390 architecture. - -Signed-off-by: Eduardo Barretto ---- - sandbox-seccomp-filter.c | 6 ++++++ - 1 file changed, 6 insertions(+) - -diff --git a/sandbox-seccomp-filter.c b/sandbox-seccomp-filter.c -index ca75cc7..6e7de31 100644 ---- a/sandbox-seccomp-filter.c -+++ b/sandbox-seccomp-filter.c -@@ -166,6 +166,9 @@ static const struct sock_filter preauth_insns[] = { - #ifdef __NR_exit_group - SC_ALLOW(__NR_exit_group), - #endif -+#if defined(__NR_flock) && defined(__s390__) -+ SC_ALLOW(__NR_flock), -+#endif - #ifdef __NR_futex - SC_FUTEX(__NR_futex), - #endif -@@ -178,6 +181,9 @@ static const struct sock_filter preauth_insns[] = { - #ifdef __NR_gettimeofday - SC_ALLOW(__NR_gettimeofday), - #endif -+#if defined(__NR_ipc) && defined(__s390__) -+ SC_ALLOW(__NR_ipc), -+#endif - #ifdef __NR_getuid - SC_ALLOW(__NR_getuid), - #endif --- -1.9.1 - -getuid and geteuid are needed when using an openssl engine that calls a -crypto card, e.g. ICA (libica). -Those syscalls are also needed by the distros for audit code. - -Signed-off-by: Eduardo Barretto ---- - sandbox-seccomp-filter.c | 12 ++++++++++++ - 1 file changed, 12 insertions(+) - -diff --git a/sandbox-seccomp-filter.c b/sandbox-seccomp-filter.c -index 6e7de31..e86aa2c 100644 ---- a/sandbox-seccomp-filter.c -+++ b/sandbox-seccomp-filter.c -@@ -175,6 +175,18 @@ static const struct sock_filter preauth_insns[] = { - #ifdef __NR_getpid - SC_ALLOW(__NR_getpid), - #endif -+#ifdef __NR_getuid -+ SC_ALLOW(__NR_getuid), -+#endif -+#ifdef __NR_getuid32 -+ SC_ALLOW(__NR_getuid32), -+#endif -+#ifdef __NR_geteuid -+ SC_ALLOW(__NR_geteuid), -+#endif -+#ifdef __NR_geteuid32 -+ SC_ALLOW(__NR_geteuid32), -+#endif - #ifdef __NR_getrandom - SC_ALLOW(__NR_getrandom), - #endif --- 1.9.1 -1.9.1 -diff -up openssh-7.6p1/sandbox-seccomp-filter.c.sandbox openssh-7.6p1/sandbox-seccomp-filter.c ---- openssh-7.6p1/sandbox-seccomp-filter.c.sandbox 2017-12-12 13:59:30.563874059 +0100 -+++ openssh-7.6p1/sandbox-seccomp-filter.c 2017-12-12 13:59:14.842784083 +0100 -@@ -190,6 +190,9 @@ static const struct sock_filter preauth_ - #ifdef __NR_geteuid32 - SC_ALLOW(__NR_geteuid32), - #endif -+#ifdef __NR_gettid -+ SC_ALLOW(__NR_gettid), -+#endif - #ifdef __NR_getrandom - SC_ALLOW(__NR_getrandom), - #endif - diff --git a/openssh-8.0p1-keygen-strip-doseol.patch b/openssh-8.0p1-keygen-strip-doseol.patch deleted file mode 100644 index 3117a7a..0000000 --- a/openssh-8.0p1-keygen-strip-doseol.patch +++ /dev/null @@ -1,12 +0,0 @@ -diff -up openssh-8.0p1/ssh-keygen.c.strip-doseol openssh-8.0p1/ssh-keygen.c ---- openssh-8.0p1/ssh-keygen.c.strip-doseol 2021-03-18 17:41:34.472404994 +0100 -+++ openssh-8.0p1/ssh-keygen.c 2021-03-18 17:41:55.255538761 +0100 -@@ -901,7 +901,7 @@ do_fingerprint(struct passwd *pw) - while (getline(&line, &linesize, f) != -1) { - lnum++; - cp = line; -- cp[strcspn(cp, "\n")] = '\0'; -+ cp[strcspn(cp, "\r\n")] = '\0'; - /* Trim leading space and comments */ - cp = line + strspn(line, " \t"); - if (*cp == '#' || *cp == '\0') diff --git a/openssh-8.7p1-ibmca.patch b/openssh-8.7p1-ibmca.patch deleted file mode 100644 index 88914bf..0000000 --- a/openssh-8.7p1-ibmca.patch +++ /dev/null @@ -1,11 +0,0 @@ ---- openssh-8.7p1/openbsd-compat/bsd-closefrom.c.orig 2022-04-12 15:47:03.815044607 +0200 -+++ openssh-8.7p1/openbsd-compat/bsd-closefrom.c 2022-04-12 15:48:12.464963511 +0200 -@@ -16,7 +16,7 @@ - - #include "includes.h" - --#if !defined(HAVE_CLOSEFROM) || defined(BROKEN_CLOSEFROM) -+#if !defined(HAVE_CLOSEFROM) || defined(BROKEN_CLOSEFROM) || (defined __s390__) - - #include - #include diff --git a/openssh-8.7p1-ssh-manpage.patch b/openssh-8.7p1-ssh-manpage.patch deleted file mode 100644 index c7f6f1e..0000000 --- a/openssh-8.7p1-ssh-manpage.patch +++ /dev/null @@ -1,53 +0,0 @@ -diff --color -ru a/ssh.1 b/ssh.1 ---- a/ssh.1 2022-07-12 11:47:51.307295880 +0200 -+++ b/ssh.1 2022-07-12 11:50:28.793363263 +0200 -@@ -493,6 +493,7 @@ - .It AddressFamily - .It BatchMode - .It BindAddress -+.It BindInterface - .It CanonicalDomains - .It CanonicalizeFallbackLocal - .It CanonicalizeHostname -@@ -510,6 +511,7 @@ - .It ControlPath - .It ControlPersist - .It DynamicForward -+.It EnableSSHKeysign - .It EnableEscapeCommandline - .It EscapeChar - .It ExitOnForwardFailure -@@ -538,6 +540,8 @@ - .It IdentitiesOnly - .It IdentityAgent - .It IdentityFile -+.It IgnoreUnknown -+.It Include - .It IPQoS - .It KbdInteractiveAuthentication - .It KbdInteractiveDevices -@@ -546,6 +550,7 @@ - .It LocalCommand - .It LocalForward - .It LogLevel -+.It LogVerbose - .It MACs - .It Match - .It NoHostAuthenticationForLocalhost -@@ -566,6 +571,8 @@ - .It RemoteCommand - .It RemoteForward - .It RequestTTY -+.It RevokedHostKeys -+.It SecurityKeyProvider - .It RequiredRSASize - .It SendEnv - .It ServerAliveInterval -@@ -575,6 +582,7 @@ - .It StreamLocalBindMask - .It StreamLocalBindUnlink - .It StrictHostKeyChecking -+.It SyslogFacility - .It TCPKeepAlive - .It Tunnel - .It TunnelDevice diff --git a/openssh-9.6p1-pam-rhost.patch b/openssh-9.6p1-pam-rhost.patch deleted file mode 100644 index b1b0d04..0000000 --- a/openssh-9.6p1-pam-rhost.patch +++ /dev/null @@ -1,32 +0,0 @@ -From 26f366e263e575c4e1a18e2e64ba418f58878b37 Mon Sep 17 00:00:00 2001 -From: Daan De Meyer -Date: Mon, 20 Mar 2023 20:22:14 +0100 -Subject: [PATCH] Only set PAM_RHOST if the remote host is not "UNKNOWN" - -When using sshd's -i option with stdio that is not a AF_INET/AF_INET6 -socket, auth_get_canonical_hostname() returns "UNKNOWN" which is then -set as the value of PAM_RHOST, causing pam to try to do a reverse DNS -query of "UNKNOWN", which times out multiple times, causing a -substantial slowdown when logging in. - -To fix this, let's only set PAM_RHOST if the hostname is not "UNKNOWN". ---- - auth-pam.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/auth-pam.c b/auth-pam.c -index e143304e3..39b4e4563 100644 ---- a/auth-pam.c -+++ b/auth-pam.c -@@ -735,7 +735,7 @@ sshpam_init(struct ssh *ssh, Authctxt *authctxt) - sshpam_laddr = get_local_ipaddr( - ssh_packet_get_connection_in(ssh)); - } -- if (sshpam_rhost != NULL) { -+ if (sshpam_rhost != NULL && strcmp(sshpam_rhost, "UNKNOWN") != 0) { - debug("PAM: setting PAM_RHOST to \"%s\"", sshpam_rhost); - sshpam_err = pam_set_item(sshpam_handle, PAM_RHOST, - sshpam_rhost); --- -2.44.0 - diff --git a/openssh-9.9p1-match-regression.patch b/openssh-9.9p1-match-regression.patch deleted file mode 100644 index 73ea964..0000000 --- a/openssh-9.9p1-match-regression.patch +++ /dev/null @@ -1,471 +0,0 @@ -diff --git a/misc.c b/misc.c -index afdf5142..1b4b55c5 100644 ---- a/misc.c -+++ b/misc.c -@@ -107,6 +107,27 @@ rtrim(char *s) - } - } - -+/* -+ * returns pointer to character after 'prefix' in 's' or otherwise NULL -+ * if the prefix is not present. -+ */ -+const char * -+strprefix(const char *s, const char *prefix, int ignorecase) -+{ -+ size_t prefixlen; -+ -+ if ((prefixlen = strlen(prefix)) == 0) -+ return s; -+ if (ignorecase) { -+ if (strncasecmp(s, prefix, prefixlen) != 0) -+ return NULL; -+ } else { -+ if (strncmp(s, prefix, prefixlen) != 0) -+ return NULL; -+ } -+ return s + prefixlen; -+} -+ - /* set/unset filedescriptor to non-blocking */ - int - set_nonblock(int fd) -diff --git a/misc.h b/misc.h -index 11340389..efecdf1a 100644 ---- a/misc.h -+++ b/misc.h -@@ -56,6 +56,7 @@ struct ForwardOptions { - char *chop(char *); - void rtrim(char *); - void skip_space(char **); -+const char *strprefix(const char *, const char *, int); - char *strdelim(char **); - char *strdelimw(char **); - int set_nonblock(int); -diff --git a/readconf.c b/readconf.c -index 3d9cc6db..9f559269 100644 ---- a/readconf.c -+++ b/readconf.c -@@ -710,7 +710,7 @@ match_cfg_line(Options *options, const char *full_line, int *acp, char ***avp, - struct passwd *pw, const char *host_arg, const char *original_host, - int final_pass, int *want_final_pass, const char *filename, int linenum) - { -- char *arg, *oattrib, *attrib, *cmd, *host, *criteria; -+ char *arg, *oattrib = NULL, *attrib = NULL, *cmd, *host, *criteria; - const char *ruser; - int r, this_result, result = 1, attributes = 0, negate; - -@@ -731,7 +731,8 @@ match_cfg_line(Options *options, const char *full_line, int *acp, char ***avp, - - debug2("checking match for '%s' host %s originally %s", - full_line, host, original_host); -- while ((oattrib = attrib = argv_next(acp, avp)) != NULL) { -+ while ((attrib = argv_next(acp, avp)) != NULL) { -+ attrib = oattrib = xstrdup(attrib); - /* Terminate on comment */ - if (*attrib == '#') { - argv_consume(acp); -@@ -777,9 +778,23 @@ match_cfg_line(Options *options, const char *full_line, int *acp, char ***avp, - this_result ? "" : "not ", oattrib); - continue; - } -+ -+ /* Keep this list in sync with below */ -+ if (strprefix(attrib, "host=", 1) != NULL || -+ strprefix(attrib, "originalhost=", 1) != NULL || -+ strprefix(attrib, "user=", 1) != NULL || -+ strprefix(attrib, "localuser=", 1) != NULL || -+ strprefix(attrib, "localnetwork=", 1) != NULL || -+ strprefix(attrib, "tagged=", 1) != NULL || -+ strprefix(attrib, "exec=", 1) != NULL) { -+ arg = strchr(attrib, '='); -+ *(arg++) = '\0'; -+ } else { -+ arg = argv_next(acp, avp); -+ } -+ - /* All other criteria require an argument */ -- if ((arg = argv_next(acp, avp)) == NULL || -- *arg == '\0' || *arg == '#') { -+ if (arg == NULL || *arg == '\0' || *arg == '#') { - error("Missing Match criteria for %s", attrib); - result = -1; - goto out; -@@ -856,6 +871,8 @@ match_cfg_line(Options *options, const char *full_line, int *acp, char ***avp, - criteria == NULL ? "" : criteria, - criteria == NULL ? "" : "\""); - free(criteria); -+ free(oattrib); -+ oattrib = attrib = NULL; - } - if (attributes == 0) { - error("One or more attributes required for Match"); -@@ -865,6 +882,7 @@ match_cfg_line(Options *options, const char *full_line, int *acp, char ***avp, - out: - if (result != -1) - debug2("match %sfound", result ? "" : "not "); -+ free(oattrib); - free(host); - return result; - } -diff --git a/servconf.c b/servconf.c -index 89b8413e..dd774f46 100644 ---- a/servconf.c -+++ b/servconf.c -@@ -1,4 +1,4 @@ --/* $OpenBSD: servconf.c,v 1.418 2024/09/15 03:09:44 djm Exp $ */ -+/* $OpenBSD: servconf.c,v 1.419 2024/09/25 01:24:04 djm Exp $ */ - /* - * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland - * All rights reserved -@@ -1033,7 +1033,7 @@ match_cfg_line(const char *full_line, int *acp, char ***avp, - int line, struct connection_info *ci) - { - int result = 1, attributes = 0, port; -- char *arg, *attrib; -+ char *arg, *attrib = NULL, *oattrib; - - if (ci == NULL) - debug3("checking syntax for 'Match %s'", full_line); -@@ -1047,7 +1047,8 @@ match_cfg_line(const char *full_line, int *acp, char ***avp, - ci->laddress ? ci->laddress : "(null)", ci->lport); - } - -- while ((attrib = argv_next(acp, avp)) != NULL) { -+ while ((oattrib = argv_next(acp, avp)) != NULL) { -+ attrib = xstrdup(oattrib); - /* Terminate on comment */ - if (*attrib == '#') { - argv_consume(acp); /* mark all arguments consumed */ -@@ -1062,16 +1063,20 @@ match_cfg_line(const char *full_line, int *acp, char ***avp, - *arg != '\0' && *arg != '#')) { - error("'all' cannot be combined with other " - "Match attributes"); -- return -1; -+ result = -1; -+ goto out; - } - if (arg != NULL && *arg == '#') - argv_consume(acp); /* consume remaining args */ -- return 1; -+ result = 1; -+ goto out; - } - /* Criterion "invalid-user" also has no argument */ - if (strcasecmp(attrib, "invalid-user") == 0) { -- if (ci == NULL) -+ if (ci == NULL) { -+ result = 0; - continue; -+ } - if (ci->user_invalid == 0) - result = 0; - else -@@ -1078,11 +1081,26 @@ match_cfg_line(const char *full_line, int *acp, char ***avp, - debug("matched invalid-user at line %d", line); - continue; - } -+ -+ /* Keep this list in sync with below */ -+ if (strprefix(attrib, "user=", 1) != NULL || -+ strprefix(attrib, "group=", 1) != NULL || -+ strprefix(attrib, "host=", 1) != NULL || -+ strprefix(attrib, "address=", 1) != NULL || -+ strprefix(attrib, "localaddress=", 1) != NULL || -+ strprefix(attrib, "localport=", 1) != NULL || -+ strprefix(attrib, "rdomain=", 1) != NULL) { -+ arg = strchr(attrib, '='); -+ *(arg++) = '\0'; -+ } else { -+ arg = argv_next(acp, avp); -+ } -+ - /* All other criteria require an argument */ -- if ((arg = argv_next(acp, avp)) == NULL || -- *arg == '\0' || *arg == '#') { -+ if (arg == NULL || *arg == '\0' || *arg == '#') { - error("Missing Match criteria for %s", attrib); -- return -1; -+ result = -1; -+ goto out; - } - if (strcasecmp(attrib, "user") == 0) { - if (ci == NULL || (ci->test && ci->user == NULL)) { -@@ -1105,7 +1123,8 @@ match_cfg_line(const char *full_line, int *acp, char ***avp, - match_test_missing_fatal("Group", "user"); - switch (match_cfg_line_group(arg, line, ci->user)) { - case -1: -- return -1; -+ result = -1; -+ goto out; - case 0: - result = 0; - } -@@ -1141,7 +1160,8 @@ match_cfg_line(const char *full_line, int *acp, char ***avp, - result = 0; - break; - case -2: -- return -1; -+ result = -1; -+ goto out; - } - } else if (strcasecmp(attrib, "localaddress") == 0){ - if (ci == NULL || (ci->test && ci->laddress == NULL)) { -@@ -1166,13 +1186,15 @@ match_cfg_line(const char *full_line, int *acp, char ***avp, - result = 0; - break; - case -2: -- return -1; -+ result = -1; -+ goto out; - } - } else if (strcasecmp(attrib, "localport") == 0) { - if ((port = a2port(arg)) == -1) { - error("Invalid LocalPort '%s' on Match line", - arg); -- return -1; -+ result = -1; -+ goto out; - } - if (ci == NULL || (ci->test && ci->lport == -1)) { - result = 0; -@@ -1200,16 +1222,21 @@ match_cfg_line(const char *full_line, int *acp, char ***avp, - debug("user %.100s matched 'RDomain %.100s' at " - "line %d", ci->rdomain, arg, line); - } else { -- error("Unsupported Match attribute %s", attrib); -- return -1; -+ error("Unsupported Match attribute %s", oattrib); -+ result = -1; -+ goto out; - } -+ free(attrib); -+ attrib = NULL; - } - if (attributes == 0) { - error("One or more attributes required for Match"); - return -1; - } -- if (ci != NULL) -+ out: -+ if (ci != NULL && result != -1) - debug3("match %sfound", result ? "" : "not "); -+ free(attrib); - return result; - } - -diff --git a/regress/cfginclude.sh b/regress/cfginclude.sh -index d442cdd6..97fd816f 100644 ---- a/regress/cfginclude.sh -+++ b/regress/cfginclude.sh -@@ -1,4 +1,4 @@ --# $OpenBSD: cfginclude.sh,v 1.4 2024/09/03 05:58:56 djm Exp $ -+# $OpenBSD: cfginclude.sh,v 1.5 2024/09/27 01:05:54 djm Exp $ - # Placed in the Public Domain. - - tid="config include" -@@ -10,7 +10,7 @@ cat > $OBJ/ssh_config.i << _EOF - Match host a - Hostname aa - --Match host b # comment -+Match host=b # comment - Hostname bb - Include $OBJ/ssh_config.i.* - -@@ -18,7 +18,7 @@ Match host c - Include $OBJ/ssh_config.i.* - Hostname cc - --Match host m -+Match host=m !user xxxyfake - Include $OBJ/ssh_config.i.* # comment - - Host d -@@ -41,7 +41,7 @@ Match host xxxxxx - _EOF - - cat > $OBJ/ssh_config.i.1 << _EOF --Match host a -+Match host=a - Hostname aaa - - Match host b -@@ -64,10 +64,10 @@ cat > $OBJ/ssh_config.i.2 << _EOF - Match host a - Hostname aaaa - --Match host b -+Match host=b !user blahblahfake - Hostname bbbb - --Match host c -+Match host=c - Hostname cccc - - Host d -@@ -142,7 +142,7 @@ trial a aa - - # cleanup - rm -f $OBJ/ssh_config.i $OBJ/ssh_config.i.* $OBJ/ssh_config.out --# $OpenBSD: cfginclude.sh,v 1.4 2024/09/03 05:58:56 djm Exp $ -+# $OpenBSD: cfginclude.sh,v 1.5 2024/09/27 01:05:54 djm Exp $ - # Placed in the Public Domain. - - tid="config include" -diff --git a/regress/cfgmatch.sh b/regress/cfgmatch.sh -index 05a66685..2737a5f9 100644 ---- a/regress/cfgmatch.sh -+++ b/regress/cfgmatch.sh -@@ -1,4 +1,4 @@ --# $OpenBSD: cfgmatch.sh,v 1.13 2021/06/08 06:52:43 djm Exp $ -+# $OpenBSD: cfgmatch.sh,v 1.14 2024/09/27 01:05:54 djm Exp $ - # Placed in the Public Domain. - - tid="sshd_config match" -@@ -26,7 +26,7 @@ start_client() - kill $client_pid - fatal "timeout waiting for background ssh" - fi -- done -+ done - } - - stop_client() -@@ -119,40 +119,42 @@ stop_client - # requires knowledge of actual group memberships user running the test). - params="user:user:u1 host:host:h1 address:addr:1.2.3.4 \ - localaddress:laddr:5.6.7.8 rdomain:rdomain:rdom1" --cp $OBJ/sshd_proxy_bak $OBJ/sshd_config --echo 'Banner /nomatch' >>$OBJ/sshd_config --for i in $params; do -- config=`echo $i | cut -f1 -d:` -- criteria=`echo $i | cut -f2 -d:` -- value=`echo $i | cut -f3 -d:` -- cat >>$OBJ/sshd_config </dev/null || \ -+ fail "validate config for w/out spec" -+ -+ # Test matching each criteria. -+ for i in $params; do -+ testcriteria=`echo $i | cut -f2 -d:` -+ expected=/`echo $i | cut -f3 -d:` -+ spec="" -+ for j in $params; do -+ config=`echo $j | cut -f1 -d:` -+ criteria=`echo $j | cut -f2 -d:` -+ value=`echo $j | cut -f3 -d:` -+ if [ "$criteria" = "$testcriteria" ]; then -+ spec="$criteria=$value,$spec" -+ else -+ spec="$criteria=1$value,$spec" -+ fi -+ done -+ trace "test spec $spec" -+ result=`${SUDO} ${SSHD} -f $OBJ/sshd_config -T -C "$spec" | \ -+ awk '$1=="banner"{print $2}'` -+ if [ "$result" != "$expected" ]; then -+ fail "match $config expected $expected got $result" - fi - done -- trace "test spec $spec" -- result=`${SUDO} ${SSHD} -f $OBJ/sshd_config -T -C "$spec" | \ -- awk '$1=="banner"{print $2}'` -- if [ "$result" != "$expected" ]; then -- fail "match $config expected $expected got $result" -- fi - done -diff --git a/regress/servcfginclude.sh b/regress/servcfginclude.sh -index 518a703d..f67c3caa 100644 ---- a/regress/servcfginclude.sh -+++ b/regress/servcfginclude.sh -@@ -4,14 +4,14 @@ tid="server config include" - - cat > $OBJ/sshd_config.i << _EOF - HostKey $OBJ/host.ssh-ed25519 --Match host a -+Match host=a - Banner /aa - - Match host b - Banner /bb - Include $OBJ/sshd_config.i.* # comment - --Match host c -+Match host=c - Include $OBJ/sshd_config.i.* # comment - Banner /cc - -@@ -25,7 +25,7 @@ Match Host e - Banner /ee - Include $OBJ/sshd_config.i.* - --Match Host f -+Match Host=f - Include $OBJ/sshd_config.i.* - Banner /ff - -@@ -47,13 +47,13 @@ Match host b - Match host c - Banner /ccc - --Match Host d -+Match Host=d - Banner /ddd - - Match Host e - Banner /eee - --Match Host f -+Match Host=f - Banner /fff - _EOF - -@@ -61,13 +61,13 @@ cat > $OBJ/sshd_config.i.2 << _EOF - Match host a - Banner /aaaa - --Match host b -+Match host=b - Banner /bbbb - - Match host c # comment - Banner /cccc - --Match Host d -+Match Host=d - Banner /dddd - - Match Host e diff --git a/openssh-9.9p1-mlkembe.patch b/openssh-9.9p1-mlkembe.patch deleted file mode 100644 index aa0c26c..0000000 --- a/openssh-9.9p1-mlkembe.patch +++ /dev/null @@ -1,98 +0,0 @@ -diff --git a/kexmlkem768x25519.c b/kexmlkem768x25519.c -index 679446e9..2b5d3960 100644 ---- a/kexmlkem768x25519.c -+++ b/kexmlkem768x25519.c -@@ -1,4 +1,4 @@ --/* $OpenBSD: kexmlkem768x25519.c,v 1.1 2024/09/02 12:13:56 djm Exp $ */ -+/* $OpenBSD: kexmlkem768x25519.c,v 1.2 2024/10/27 02:06:59 djm Exp $ */ - /* - * Copyright (c) 2023 Markus Friedl. All rights reserved. - * -@@ -34,6 +34,9 @@ - #include - #include - #include -+#ifdef HAVE_ENDIAN_H -+# include -+#endif - - #include "sshkey.h" - #include "kex.h" -diff --git a/libcrux_mlkem768_sha3.h b/libcrux_mlkem768_sha3.h -index a82d60e8..b8ac1436 100644 ---- a/libcrux_mlkem768_sha3.h -+++ b/libcrux_mlkem768_sha3.h -@@ -1,4 +1,5 @@ --/* $OpenBSD: libcrux_mlkem768_sha3.h,v 1.1 2024/09/02 12:13:56 djm Exp $ */ -+/* $OpenBSD: libcrux_mlkem768_sha3.h,v 1.2 2024/10/27 02:06:01 djm Exp $ */ -+ - /* Extracted from libcrux revision 84c5d87b3092c59294345aa269ceefe0eb97cc35 */ - - /* -@@ -160,18 +161,19 @@ static inline void Eurydice_slice_to_array3(uint8_t *dst_tag, char *dst_ok, - // CORE STUFF (conversions, endianness, ...) - - static inline void core_num__u64_9__to_le_bytes(uint64_t v, uint8_t buf[8]) { -+ v = htole64(v); - memcpy(buf, &v, sizeof(v)); - } - static inline uint64_t core_num__u64_9__from_le_bytes(uint8_t buf[8]) { - uint64_t v; - memcpy(&v, buf, sizeof(v)); -- return v; -+ return le64toh(v); - } - - static inline uint32_t core_num__u32_8__from_le_bytes(uint8_t buf[4]) { - uint32_t v; - memcpy(&v, buf, sizeof(v)); -- return v; -+ return le32toh(v); - } - - static inline uint32_t core_num__u8_6__count_ones(uint8_t x0) { -diff --git a/mlkem768.sh b/mlkem768.sh -index 2fdc2831..3d12b2ed 100644 ---- a/mlkem768.sh -+++ b/mlkem768.sh -@@ -1,9 +1,10 @@ - #!/bin/sh --# $OpenBSD: mlkem768.sh,v 1.2 2024/09/04 05:11:33 djm Exp $ -+# $OpenBSD: mlkem768.sh,v 1.3 2024/10/27 02:06:01 djm Exp $ - # Placed in the Public Domain. - # - --WANT_LIBCRUX_REVISION="origin/main" -+#WANT_LIBCRUX_REVISION="origin/main" -+WANT_LIBCRUX_REVISION="84c5d87b3092c59294345aa269ceefe0eb97cc35" - - FILES=" - libcrux/libcrux-ml-kem/cg/eurydice_glue.h -@@ -47,6 +48,7 @@ echo '#define KRML_NOINLINE __attribute__((noinline, unused))' - echo '#define KRML_HOST_EPRINTF(...)' - echo '#define KRML_HOST_EXIT(x) fatal_f("internal error")' - echo -+ - for i in $FILES; do - echo "/* from $i */" - # Changes to all files: -@@ -56,11 +58,16 @@ for i in $FILES; do - -e 's/[ ]*$//' \ - $i | \ - case "$i" in -- # XXX per-file handling goes here. -+ */libcrux-ml-kem/cg/eurydice_glue.h) -+ # Replace endian functions with versions that work. -+ perl -0777 -pe 's/(static inline void core_num__u64_9__to_le_bytes.*\n)([^}]*\n)/\1 v = htole64(v);\n\2/' | -+ perl -0777 -pe 's/(static inline uint64_t core_num__u64_9__from_le_bytes.*?)return v;/\1return le64toh(v);/s' | -+ perl -0777 -pe 's/(static inline uint32_t core_num__u32_8__from_le_bytes.*?)return v;/\1return le32toh(v);/s' -+ ;; - # Default: pass through. - *) -- cat -- ;; -+ cat -+ ;; - esac - echo - done diff --git a/openssh-9.9p1-separate-keysign.patch b/openssh-9.9p1-separate-keysign.patch deleted file mode 100644 index ff0e35f..0000000 --- a/openssh-9.9p1-separate-keysign.patch +++ /dev/null @@ -1,12 +0,0 @@ -diff -up openssh-9.9p1/ssh_config.5.xxx openssh-9.9p1/ssh_config.5 ---- openssh-9.9p1/ssh_config.5.xxx 2024-10-11 12:01:14.260566303 +0200 -+++ openssh-9.9p1/ssh_config.5 2024-10-11 12:01:59.725654775 +0200 -@@ -759,7 +759,7 @@ or - This option should be placed in the non-hostspecific section. - See - .Xr ssh-keysign 8 --for more information. -+for more information. ssh-keysign should be installed explicitly. - .It Cm EscapeChar - Sets the escape character (default: - .Ql ~ ) . diff --git a/openssh-9.9p2-error_processing.patch b/openssh-9.9p2-error_processing.patch deleted file mode 100644 index dd71716..0000000 --- a/openssh-9.9p2-error_processing.patch +++ /dev/null @@ -1,161 +0,0 @@ -diff --git a/krl.c b/krl.c -index e2efdf06..0d0f6953 100644 ---- a/krl.c -+++ b/krl.c -@@ -674,6 +674,7 @@ revoked_certs_generate(struct revoked_certs *rc, struct sshbuf *buf) - break; - case KRL_SECTION_CERT_SERIAL_BITMAP: - if (rs->lo - bitmap_start > INT_MAX) { -+ r = SSH_ERR_INVALID_FORMAT; - error_f("insane bitmap gap"); - goto out; - } -@@ -1059,6 +1060,7 @@ ssh_krl_from_blob(struct sshbuf *buf, struct ssh_krl **krlp) - } - - if ((krl = ssh_krl_init()) == NULL) { -+ r = SSH_ERR_ALLOC_FAIL; - error_f("alloc failed"); - goto out; - } -diff --git a/packet.c b/packet.c -index 486f8515..9dea2cfc 100644 ---- a/packet.c -+++ b/packet.c -@@ -1864,6 +1864,14 @@ ssh_packet_read_poll_seqnr(struct ssh *ssh, u_char *typep, u_int32_t *seqnr_p) - if ((r = sshpkt_get_string_direct(ssh, &d, &len)) != 0) - return r; - DBG(debug("Received SSH2_MSG_PING len %zu", len)); -+ if (!ssh->state->after_authentication) { -+ DBG(debug("Won't reply to PING in preauth")); -+ break; -+ } -+ if (ssh_packet_is_rekeying(ssh)) { -+ DBG(debug("Won't reply to PING during KEX")); -+ break; -+ } - if ((r = sshpkt_start(ssh, SSH2_MSG_PONG)) != 0 || - (r = sshpkt_put_string(ssh, d, len)) != 0 || - (r = sshpkt_send(ssh)) != 0) -diff --git a/ssh-agent.c b/ssh-agent.c -index 48973b2c..c27c5a95 100644 ---- a/ssh-agent.c -+++ b/ssh-agent.c -@@ -1220,6 +1220,7 @@ parse_key_constraint_extension(struct sshbuf *m, char **sk_providerp, - "restrict-destination-v00@openssh.com") == 0) { - if (*dcsp != NULL) { - error_f("%s already set", ext_name); -+ r = SSH_ERR_INVALID_FORMAT; - goto out; - } - if ((r = sshbuf_froms(m, &b)) != 0) { -@@ -1229,6 +1230,7 @@ parse_key_constraint_extension(struct sshbuf *m, char **sk_providerp, - while (sshbuf_len(b) != 0) { - if (*ndcsp >= AGENT_MAX_DEST_CONSTRAINTS) { - error_f("too many %s constraints", ext_name); -+ r = SSH_ERR_INVALID_FORMAT; - goto out; - } - *dcsp = xrecallocarray(*dcsp, *ndcsp, *ndcsp + 1, -@@ -1246,6 +1248,7 @@ parse_key_constraint_extension(struct sshbuf *m, char **sk_providerp, - } - if (*certs != NULL) { - error_f("%s already set", ext_name); -+ r = SSH_ERR_INVALID_FORMAT; - goto out; - } - if ((r = sshbuf_get_u8(m, &v)) != 0 || -@@ -1257,6 +1260,7 @@ parse_key_constraint_extension(struct sshbuf *m, char **sk_providerp, - while (sshbuf_len(b) != 0) { - if (*ncerts >= AGENT_MAX_EXT_CERTS) { - error_f("too many %s constraints", ext_name); -+ r = SSH_ERR_INVALID_FORMAT; - goto out; - } - *certs = xrecallocarray(*certs, *ncerts, *ncerts + 1, -@@ -1360,6 +1360,8 @@ process_add_identity(SocketEntry *e) - if ((r = sshkey_private_deserialize(e->request, &k)) != 0 || - k == NULL || - (r = sshbuf_get_cstring(e->request, &comment, NULL)) != 0) { -+ if (!r) /* k == NULL */ -+ r = SSH_ERR_INTERNAL_ERROR; - error_fr(r, "parse"); - goto out; - } -@@ -1757,6 +1761,7 @@ process_ext_session_bind(SocketEntry *e) - /* record new key/sid */ - if (e->nsession_ids >= AGENT_MAX_SESSION_IDS) { - error_f("too many session IDs recorded"); -+ r = -1; - goto out; - } - e->session_ids = xrecallocarray(e->session_ids, e->nsession_ids, -diff --git a/ssh-sk-client.c b/ssh-sk-client.c -index 321fe53a..06fad221 100644 ---- a/ssh-sk-client.c -+++ b/ssh-sk-client.c -@@ -439,6 +439,7 @@ sshsk_load_resident(const char *provider_path, const char *device, - } - if ((srk = calloc(1, sizeof(*srk))) == NULL) { - error_f("calloc failed"); -+ r = SSH_ERR_ALLOC_FAIL; - goto out; - } - srk->key = key; -@@ -450,6 +451,7 @@ sshsk_load_resident(const char *provider_path, const char *device, - if ((tmp = recallocarray(srks, nsrks, nsrks + 1, - sizeof(*srks))) == NULL) { - error_f("recallocarray keys failed"); -+ r = SSH_ERR_ALLOC_FAIL; - goto out; - } - debug_f("srks[%zu]: %s %s uidlen %zu", nsrks, -diff --git a/sshconnect2.c b/sshconnect2.c -index a69c4da1..1ee6000a 100644 ---- a/sshconnect2.c -+++ b/sshconnect2.c -@@ -99,7 +99,7 @@ verify_host_key_callback(struct sshkey *hostkey, struct ssh *ssh) - options.required_rsa_size)) != 0) - fatal_r(r, "Bad server host key"); - if (verify_host_key(xxx_host, xxx_hostaddr, hostkey, -- xxx_conn_info) == -1) -+ xxx_conn_info) != 0) - fatal("Host key verification failed."); - return 0; - } -@@ -699,6 +699,7 @@ input_userauth_pk_ok(int type, u_int32_t seq, struct ssh *ssh) - - if ((pktype = sshkey_type_from_name(pkalg)) == KEY_UNSPEC) { - debug_f("server sent unknown pkalg %s", pkalg); -+ r = SSH_ERR_INVALID_FORMAT; - goto done; - } - if ((r = sshkey_from_blob(pkblob, blen, &key)) != 0) { -@@ -709,6 +710,7 @@ input_userauth_pk_ok(int type, u_int32_t seq, struct ssh *ssh) - error("input_userauth_pk_ok: type mismatch " - "for decoded key (received %d, expected %d)", - key->type, pktype); -+ r = SSH_ERR_INVALID_FORMAT; - goto done; - } - -@@ -728,6 +730,7 @@ input_userauth_pk_ok(int type, u_int32_t seq, struct ssh *ssh) - SSH_FP_DEFAULT); - error_f("server replied with unknown key: %s %s", - sshkey_type(key), fp == NULL ? "" : fp); -+ r = SSH_ERR_INVALID_FORMAT; - goto done; - } - ident = format_identity(id); -diff --git a/sshsig.c b/sshsig.c -index 6e03c0b0..3da005d6 100644 ---- a/sshsig.c -+++ b/sshsig.c -@@ -879,6 +879,7 @@ cert_filter_principals(const char *path, u_long linenum, - } - if ((principals = sshbuf_dup_string(nprincipals)) == NULL) { - error_f("buffer error"); -+ r = SSH_ERR_ALLOC_FAIL; - goto out; - } - /* success */ From ab8e6d64cd789dfa1c491918d16a828376eadb7e Mon Sep 17 00:00:00 2001 From: Mattias Ellert Date: Mon, 16 Jun 2025 07:43:14 +0200 Subject: [PATCH 41/44] Update sources file --- gsi-openssh.spec | 3 +++ sources | 4 ++-- 2 files changed, 5 insertions(+), 2 deletions(-) diff --git a/gsi-openssh.spec b/gsi-openssh.spec index f932031..b52d648 100644 --- a/gsi-openssh.spec +++ b/gsi-openssh.spec @@ -502,6 +502,9 @@ fi %ghost %attr(0644,root,root) %{_localstatedir}/lib/.gsissh-host-keys-migration %changelog +* Mon Jun 16 2025 Mattias Ellert - 10.0p1-1 +- Based on openssh-10.0p1-3.fc43 + * Sun Apr 20 2025 Mattias Ellert - 9.9p1-6 - Based on openssh-9.9p1-15.fc43 diff --git a/sources b/sources index e88b6d9..10b461b 100644 --- a/sources +++ b/sources @@ -1,3 +1,3 @@ -SHA512 (openssh-9.9p1.tar.gz) = 3cc0ed97f3e29ecbd882eca79239f02eb5a1606fce4f3119ddc3c5e86128aa3ff12dc85000879fccc87b60e7d651cfe37376607ac66075fede2118deaa685d6d -SHA512 (openssh-9.9p1.tar.gz.asc) = 916e975c54eb68c0b2f0b0006522b241cbe54c4caa88d31537a6278490c93d9d732c2ab3a080ac084bf75cbdd5402901ec68583cbe7c7cde4a8e40e7a8b78c28 +SHA512 (openssh-10.0p1.tar.gz) = 2daa1fcf95793b23810142077e68ddfabdf3732b207ef4f033a027f72d733d0e9bcdb6f757e7f3a5934b972de05bfaae3baae381cfc7a400cd8ab4d4e277a0ed +SHA512 (openssh-10.0p1.tar.gz.asc) = 6ab9deb4233ff159e55a18c9fc07d5ff8a41723dad74aa3d803e1476b585f5662aba34f8a7a1f5fe1d248f3ff3cd663f2c2fb8e399c6a4723b6215b0eb423d13 SHA512 (gpgkey-736060BA.gpg) = df44f3fdbcd1d596705348c7f5aed3f738c5f626a55955e0642f7c6c082995cf36a1b1891bb41b8715cb2aff34fef1c877e0eff0d3507dd00a055ba695757a21 From 261508c76cccd0b348746b2e4e21f165b5a38b8d Mon Sep 17 00:00:00 2001 From: Fedora Release Engineering Date: Thu, 24 Jul 2025 16:39:59 +0000 Subject: [PATCH 42/44] Rebuilt for https://fedoraproject.org/wiki/Fedora_43_Mass_Rebuild --- gsi-openssh.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/gsi-openssh.spec b/gsi-openssh.spec index b52d648..740600b 100644 --- a/gsi-openssh.spec +++ b/gsi-openssh.spec @@ -28,7 +28,7 @@ Summary: An implementation of the SSH protocol with GSI authentication Name: gsi-openssh Version: %{openssh_ver} -Release: 1%{?dist} +Release: 2%{?dist} Provides: gsissh = %{version}-%{release} Obsoletes: gsissh < 5.8p2-2 URL: http://www.openssh.com/portable.html @@ -502,6 +502,9 @@ fi %ghost %attr(0644,root,root) %{_localstatedir}/lib/.gsissh-host-keys-migration %changelog +* Thu Jul 24 2025 Fedora Release Engineering - 10.0p1-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_43_Mass_Rebuild + * Mon Jun 16 2025 Mattias Ellert - 10.0p1-1 - Based on openssh-10.0p1-3.fc43 From 17373deae61ba4043c12c51a486788ec146bb5bc Mon Sep 17 00:00:00 2001 From: Mattias Ellert Date: Mon, 1 Sep 2025 10:19:42 +0200 Subject: [PATCH 43/44] Based on openssh-10.0p1-4.fc43 --- gsi-openssh.spec | 5 ++++- gsisshd@.service | 2 ++ 2 files changed, 6 insertions(+), 1 deletion(-) diff --git a/gsi-openssh.spec b/gsi-openssh.spec index 740600b..0dfbed9 100644 --- a/gsi-openssh.spec +++ b/gsi-openssh.spec @@ -28,7 +28,7 @@ Summary: An implementation of the SSH protocol with GSI authentication Name: gsi-openssh Version: %{openssh_ver} -Release: 2%{?dist} +Release: 3%{?dist} Provides: gsissh = %{version}-%{release} Obsoletes: gsissh < 5.8p2-2 URL: http://www.openssh.com/portable.html @@ -502,6 +502,9 @@ fi %ghost %attr(0644,root,root) %{_localstatedir}/lib/.gsissh-host-keys-migration %changelog +* Mon Sep 01 2025 Mattias Ellert - 10.0p1-3 +- Based on openssh-10.0p1-4.fc43 + * Thu Jul 24 2025 Fedora Release Engineering - 10.0p1-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_43_Mass_Rebuild diff --git a/gsisshd@.service b/gsisshd@.service index acc3d85..093931e 100644 --- a/gsisshd@.service +++ b/gsisshd@.service @@ -13,4 +13,6 @@ Wants=gsissh-host-keys-migration.service Environment=OPTIONS= EnvironmentFile=-/etc/sysconfig/gsisshd ExecStart=-/usr/sbin/gsisshd -i $OPTIONS +ExecStart=-/usr/sbin/gsisshd -i $OPTIONS -o "AuthorizedKeysFile ${CREDENTIALS_DIRECTORY}/ssh.ephemeral-authorized_keys-all .ssh/authorized_keys" StandardInput=socket +ImportCredential=ssh.ephemeral-authorized_keys-all From 93af84c40a3032f7dffb5ca13d3494851f02732c Mon Sep 17 00:00:00 2001 From: Mattias Ellert Date: Mon, 1 Sep 2025 10:25:58 +0200 Subject: [PATCH 44/44] Based on openssh-10.0p1-6.fc44 --- 0042-openssh-7.7p1-fips.patch | 178 ++++++++++++---------------------- gsi-openssh.spec | 5 +- 2 files changed, 68 insertions(+), 115 deletions(-) diff --git a/0042-openssh-7.7p1-fips.patch b/0042-openssh-7.7p1-fips.patch index f4729d7..9a81cc0 100644 --- a/0042-openssh-7.7p1-fips.patch +++ b/0042-openssh-7.7p1-fips.patch @@ -1,7 +1,7 @@ -From 6e0e7462959e8bc6a99f50dbf9a5b42ae74c2c87 Mon Sep 17 00:00:00 2001 +From 79f9b2763d85ec592cb7e54dcf1c695d8dd138b1 Mon Sep 17 00:00:00 2001 From: Dmitry Belyavskiy -Date: Thu, 15 May 2025 13:43:29 +0200 -Subject: [PATCH 42/50] openssh-7.7p1-fips +Date: Thu, 28 Aug 2025 14:01:38 +0200 +Subject: [PATCH 42/54] openssh-7.7p1-fips --- dh.c | 41 ++++++++++++++++++++++ @@ -15,17 +15,18 @@ Subject: [PATCH 42/50] openssh-7.7p1-fips sandbox-seccomp-filter.c | 3 ++ servconf.c | 16 ++++++--- ssh-ed25519.c | 9 +++++ + ssh-gss.h | 5 +++ ssh-keygen.c | 22 ++++++++++-- ssh-rsa.c | 3 ++ ssh.c | 5 +++ - sshconnect2.c | 61 ++++++++++++++++++--------------- - sshd-auth.c | 13 ++++--- + sshconnect2.c | 9 ++++- + sshd-session.c | 1 + sshd.c | 13 +++++++ sshkey.c | 37 ++++++++++++++++++++ - 18 files changed, 301 insertions(+), 60 deletions(-) + 19 files changed, 272 insertions(+), 30 deletions(-) diff --git a/dh.c b/dh.c -index 168dea1d..8c9a29fa 100644 +index 168dea1dd..8c9a29fa7 100644 --- a/dh.c +++ b/dh.c @@ -36,6 +36,7 @@ @@ -89,7 +90,7 @@ index 168dea1d..8c9a29fa 100644 + #endif /* WITH_OPENSSL */ diff --git a/dh.h b/dh.h -index c6326a39..e51e292b 100644 +index c6326a39d..e51e292b8 100644 --- a/dh.h +++ b/dh.h @@ -45,6 +45,7 @@ DH *dh_new_group_fallback(int); @@ -101,7 +102,7 @@ index c6326a39..e51e292b 100644 u_int dh_estimate(int); void dh_set_moduli_file(const char *); diff --git a/kex-names.c b/kex-names.c -index 6c0b7c2b..cd3902ad 100644 +index 6c0b7c2b3..cd3902ad2 100644 --- a/kex-names.c +++ b/kex-names.c @@ -33,6 +33,7 @@ @@ -125,7 +126,7 @@ index 6c0b7c2b..cd3902ad 100644 return 0; } diff --git a/kex.c b/kex.c -index 62f607d6..71fbe5cb 100644 +index 62f607d6f..71fbe5cbe 100644 --- a/kex.c +++ b/kex.c @@ -40,6 +40,7 @@ @@ -146,7 +147,7 @@ index 62f607d6..71fbe5cb 100644 "ext-info-s,kex-strict-s-v00@openssh.com" : "ext-info-c,kex-strict-c-v00@openssh.com")) == NULL) diff --git a/kexgen.c b/kexgen.c -index 15df591c..eecdceba 100644 +index 15df591ca..eecdceba2 100644 --- a/kexgen.c +++ b/kexgen.c @@ -31,6 +31,7 @@ @@ -264,7 +265,7 @@ index 15df591c..eecdceba 100644 default: r = SSH_ERR_INVALID_ARGUMENT; diff --git a/kexgexc.c b/kexgexc.c -index e99e0cf2..4c3feae0 100644 +index e99e0cf21..4c3feae09 100644 --- a/kexgexc.c +++ b/kexgexc.c @@ -28,6 +28,7 @@ @@ -287,7 +288,7 @@ index e99e0cf2..4c3feae0 100644 /* generate and send 'e', client DH public key */ diff --git a/myproposal.h b/myproposal.h -index 8fe9276c..3e0ec682 100644 +index 8fe9276c2..3e0ec6826 100644 --- a/myproposal.h +++ b/myproposal.h @@ -58,6 +58,18 @@ @@ -338,7 +339,7 @@ index 8fe9276c..3e0ec682 100644 #define SSH_ALLOWED_CA_SIGALGS \ "ssh-ed25519," \ diff --git a/readconf.c b/readconf.c -index f340bf50..ea9d293c 100644 +index f340bf501..ea9d293c3 100644 --- a/readconf.c +++ b/readconf.c @@ -43,6 +43,7 @@ @@ -372,7 +373,7 @@ index f340bf50..ea9d293c 100644 do { \ if ((r = kex_assemble_names(&options->what, \ diff --git a/sandbox-seccomp-filter.c b/sandbox-seccomp-filter.c -index 1fabf99d..ccb61586 100644 +index 1fabf99d0..ccb61586e 100644 --- a/sandbox-seccomp-filter.c +++ b/sandbox-seccomp-filter.c @@ -230,6 +230,9 @@ static const struct sock_filter preauth_insns[] = { @@ -386,7 +387,7 @@ index 1fabf99d..ccb61586 100644 SC_DENY(__NR_openat, EACCES), #endif diff --git a/servconf.c b/servconf.c -index 84891544..8b708cbf 100644 +index 84891544b..8b708cbf4 100644 --- a/servconf.c +++ b/servconf.c @@ -37,6 +37,7 @@ @@ -420,7 +421,7 @@ index 84891544..8b708cbf 100644 do { \ if ((r = kex_assemble_names(&o->what, defaults, all)) != 0) \ diff --git a/ssh-ed25519.c b/ssh-ed25519.c -index 22d8db02..41942f4e 100644 +index 22d8db026..41942f4e5 100644 --- a/ssh-ed25519.c +++ b/ssh-ed25519.c @@ -24,6 +24,7 @@ @@ -453,8 +454,24 @@ index 22d8db02..41942f4e 100644 if ((b = sshbuf_from(sig, siglen)) == NULL) return SSH_ERR_ALLOC_FAIL; +diff --git a/ssh-gss.h b/ssh-gss.h +index a894e23c9..329dc9da0 100644 +--- a/ssh-gss.h ++++ b/ssh-gss.h +@@ -88,6 +88,11 @@ extern char **k5users_allowed_cmds; + KEX_GSS_GRP14_SHA1_ID "," \ + KEX_GSS_GEX_SHA1_ID + ++#define GSS_KEX_DEFAULT_KEX_FIPS \ ++ KEX_GSS_GRP14_SHA256_ID "," \ ++ KEX_GSS_GRP16_SHA512_ID "," \ ++ KEX_GSS_NISTP256_SHA256_ID ++ + #include "digest.h" /* SSH_DIGEST_MAX_LENGTH */ + + typedef struct { diff --git a/ssh-keygen.c b/ssh-keygen.c -index 16cff947..792aafde 100644 +index 16cff9473..792aafde0 100644 --- a/ssh-keygen.c +++ b/ssh-keygen.c @@ -20,6 +20,7 @@ @@ -524,7 +541,7 @@ index 16cff947..792aafde 100644 type = sshkey_type_from_shortname(key_type_name); type_bits_valid(type, key_type_name, &bits); diff --git a/ssh-rsa.c b/ssh-rsa.c -index 3ad1fddc..6c2f771a 100644 +index 3ad1fddc4..6c2f771a3 100644 --- a/ssh-rsa.c +++ b/ssh-rsa.c @@ -23,6 +23,7 @@ @@ -545,7 +562,7 @@ index 3ad1fddc..6c2f771a 100644 goto out; } diff --git a/ssh.c b/ssh.c -index 98b103c9..abc8b843 100644 +index 98b103c9e..abc8b8439 100644 --- a/ssh.c +++ b/ssh.c @@ -78,6 +78,7 @@ @@ -568,7 +585,7 @@ index 98b103c9..abc8b843 100644 if (options.sk_provider != NULL && *options.sk_provider == '$' && strlen(options.sk_provider) > 1) { diff --git a/sshconnect2.c b/sshconnect2.c -index 0af15bcc..14f7671a 100644 +index 0af15bcc1..3e02f485d 100644 --- a/sshconnect2.c +++ b/sshconnect2.c @@ -45,6 +45,8 @@ @@ -580,108 +597,41 @@ index 0af15bcc..14f7671a 100644 #include "openbsd-compat/sys-queue.h" #include "xmalloc.h" -@@ -262,36 +264,41 @@ ssh_kex2(struct ssh *ssh, char *host, struct sockaddr *hostaddr, u_short port, +@@ -262,6 +264,9 @@ ssh_kex2(struct ssh *ssh, char *host, struct sockaddr *hostaddr, u_short port, #if defined(GSSAPI) && defined(WITH_OPENSSL) if (options.gss_keyex) { -- /* Add the GSSAPI mechanisms currently supported on this -- * client to the key exchange algorithm proposal */ -- orig = myproposal[PROPOSAL_KEX_ALGS]; -- -- if (options.gss_server_identity) { -- gss_host = xstrdup(options.gss_server_identity); -- } else if (options.gss_trust_dns) { -- gss_host = remote_hostname(ssh); -- /* Fall back to specified host if we are using proxy command -- * and can not use DNS on that socket */ -- if (strcmp(gss_host, "UNKNOWN") == 0) { -- free(gss_host); -+ if (FIPS_mode()) { -+ logit("Disabling GSSAPIKeyExchange. Not usable in FIPS mode"); -+ options.gss_keyex = 0; -+ } else { -+ /* Add the GSSAPI mechanisms currently supported on this -+ * client to the key exchange algorithm proposal */ -+ orig = myproposal[PROPOSAL_KEX_ALGS]; ++ char * gss_kex_filtered = FIPS_mode() ? ++ match_filter_allowlist(options.gss_kex_algorithms, GSS_KEX_DEFAULT_KEX_FIPS) : xstrdup(options.gss_kex_algorithms); + -+ if (options.gss_server_identity) { -+ gss_host = xstrdup(options.gss_server_identity); -+ } else if (options.gss_trust_dns) { -+ gss_host = remote_hostname(ssh); -+ /* Fall back to specified host if we are using proxy command -+ * and can not use DNS on that socket */ -+ if (strcmp(gss_host, "UNKNOWN") == 0) { -+ free(gss_host); -+ gss_host = xstrdup(host); -+ } -+ } else { - gss_host = xstrdup(host); - } -- } else { -- gss_host = xstrdup(host); -- } - -- gss = ssh_gssapi_client_mechanisms(gss_host, -- options.gss_client_identity, options.gss_kex_algorithms); -- if (gss) { -- debug("Offering GSSAPI proposal: %s", gss); -- xasprintf(&myproposal[PROPOSAL_KEX_ALGS], -- "%s,%s", gss, orig); -- -- /* If we've got GSSAPI algorithms, then we also support the -- * 'null' hostkey, as a last resort */ -- orig = myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS]; -- xasprintf(&myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS], -- "%s,null", orig); -+ gss = ssh_gssapi_client_mechanisms(gss_host, -+ options.gss_client_identity, options.gss_kex_algorithms); -+ if (gss) { -+ debug("Offering GSSAPI proposal: %s", gss); -+ xasprintf(&myproposal[PROPOSAL_KEX_ALGS], -+ "%s,%s", gss, orig); -+ -+ /* If we've got GSSAPI algorithms, then we also support the -+ * 'null' hostkey, as a last resort */ -+ orig = myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS]; -+ xasprintf(&myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS], -+ "%s,null", orig); -+ } + /* Add the GSSAPI mechanisms currently supported on this + * client to the key exchange algorithm proposal */ + orig = myproposal[PROPOSAL_KEX_ALGS]; +@@ -281,7 +286,9 @@ ssh_kex2(struct ssh *ssh, char *host, struct sockaddr *hostaddr, u_short port, } - } - #endif -diff --git a/sshd-auth.c b/sshd-auth.c -index 897db9b4..eaf32981 100644 ---- a/sshd-auth.c -+++ b/sshd-auth.c -@@ -58,6 +58,7 @@ - #ifdef WITH_OPENSSL + + gss = ssh_gssapi_client_mechanisms(gss_host, +- options.gss_client_identity, options.gss_kex_algorithms); ++ options.gss_client_identity, gss_kex_filtered); ++ free(gss_kex_filtered); ++ + if (gss) { + debug("Offering GSSAPI proposal: %s", gss); + xasprintf(&myproposal[PROPOSAL_KEX_ALGS], +diff --git a/sshd-session.c b/sshd-session.c +index a808ac9a6..a67a78391 100644 +--- a/sshd-session.c ++++ b/sshd-session.c +@@ -62,6 +62,7 @@ #include #include + #include +#include + #include "openbsd-compat/openssl-compat.h" #endif - #include "xmalloc.h" -@@ -859,10 +860,14 @@ do_ssh2_kex(struct ssh *ssh) - if (strlen(myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS]) == 0) - orig = NULL; - -- if (options.gss_keyex) -- gss = ssh_gssapi_server_mechanisms(); -- else -- gss = NULL; -+ if (options.gss_keyex) { -+ if (FIPS_mode()) { -+ logit("Disabling GSSAPIKeyExchange. Not usable in FIPS mode"); -+ options.gss_keyex = 0; -+ } else { -+ gss = ssh_gssapi_server_mechanisms(); -+ } -+ } - - if (gss && orig) - xasprintf(&newstr, "%s,%s", gss, orig); diff --git a/sshd.c b/sshd.c -index 8a99f0b2..5ff0b5ff 100644 +index 8a99f0b29..5ff0b5ff0 100644 --- a/sshd.c +++ b/sshd.c @@ -52,6 +52,7 @@ @@ -726,7 +676,7 @@ index 8a99f0b2..5ff0b5ff 100644 * Chdir to the root directory so that the current disk can be * unmounted if desired. diff --git a/sshkey.c b/sshkey.c -index 4e41a78c..ca1cdb64 100644 +index 4e41a78c7..ca1cdb642 100644 --- a/sshkey.c +++ b/sshkey.c @@ -35,6 +35,7 @@ @@ -809,5 +759,5 @@ index 4e41a78c..ca1cdb64 100644 return SSH_ERR_KEY_TYPE_UNKNOWN; return impl->funcs->verify(key, sig, siglen, data, dlen, -- -2.49.0 +2.51.0 diff --git a/gsi-openssh.spec b/gsi-openssh.spec index 0dfbed9..ef847b1 100644 --- a/gsi-openssh.spec +++ b/gsi-openssh.spec @@ -28,7 +28,7 @@ Summary: An implementation of the SSH protocol with GSI authentication Name: gsi-openssh Version: %{openssh_ver} -Release: 3%{?dist} +Release: 4%{?dist} Provides: gsissh = %{version}-%{release} Obsoletes: gsissh < 5.8p2-2 URL: http://www.openssh.com/portable.html @@ -502,6 +502,9 @@ fi %ghost %attr(0644,root,root) %{_localstatedir}/lib/.gsissh-host-keys-migration %changelog +* Mon Sep 01 2025 Mattias Ellert - 10.0p1-4 +- Based on openssh-10.0p1-6.fc44 + * Mon Sep 01 2025 Mattias Ellert - 10.0p1-3 - Based on openssh-10.0p1-4.fc43