Fix user enumeration vulnerability

Apply upstream patch to delay bailout for invalid authenticating user until after the packet containing the request has been fully parsed. Closes: #906236
author: Colin Watson <cjwatson@debian.org> 2018-08-17 12:28:26 +0100
committer: Colin Watson <cjwatson@debian.org> 2018-08-17 12:31:27 +0100
commit: 4641c58a3279f6b118f9562babaa0ee050a38619 (patch)
tree: 87718b668ec8a737c1729ee568207c2a384f6d61 /debian
parent: daf34b85afe25c10fac13e9cff16b25c3e3914e9 (diff)
parent: c4ca1497658e0508e8595ad74978c07bc92a18e3 (diff)
4 files changed, 164 insertions, 2 deletions
diff --git a/debian/.git-dpm b/debian/.git-dpm
index 0f4069a2f..40345f1a3 100644
--- a/debian/.git-dpm
+++ b/debian/.git-dpm
@@ -1,6 +1,6 @@
 # see git-dpm(1) from git-dpm package
-60256f28189c3d0650a78e737eb0ca4753478a4b
+c4ca1497658e0508e8595ad74978c07bc92a18e3
-60256f28189c3d0650a78e737eb0ca4753478a4b
+c4ca1497658e0508e8595ad74978c07bc92a18e3
 ed6ae9c1a014a08ff5db3d768f01f2e427eeb476
 ed6ae9c1a014a08ff5db3d768f01f2e427eeb476
 openssh_7.7p1.orig.tar.gz
diff --git a/debian/changelog b/debian/changelog
index 15024f76b..d9de16199 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,11 @@
+openssh (1:7.7p1-4) UNRELEASED; urgency=high
+  * Apply upstream patch to delay bailout for invalid authenticating user
+    until after the packet containing the request has been fully parsed
+    (closes: #906236).
+ -- Colin Watson <cjwatson@debian.org>  Fri, 17 Aug 2018 12:30:13 +0100
 openssh (1:7.7p1-3) unstable; urgency=medium
  [ Colin Watson ]
diff --git a/debian/patches/series b/debian/patches/series
index 9f89f7347..e1eb16773 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -25,3 +25,4 @@ seccomp-s390-flock-ipc.patch
 seccomp-getuid-geteuid.patch
 seccomp-s390-ioctl-ep11-crypto.patch
 upstream-relax-checking-of-authorized_keys-environme.patch
+upstream-delay-bailout-for-invalid-authenticating-user.patch
diff --git a/debian/patches/upstream-delay-bailout-for-invalid-authenticating-user.patch b/debian/patches/upstream-delay-bailout-for-invalid-authenticating-user.patch
new file mode 100644
index 000000000..737a9f48d
--- /dev/null
+++ b/debian/patches/upstream-delay-bailout-for-invalid-authenticating-user.patch
@@ -0,0 +1,153 @@
+From c4ca1497658e0508e8595ad74978c07bc92a18e3 Mon Sep 17 00:00:00 2001
+From: "djm@openbsd.org" <djm@openbsd.org>
+Date: Tue, 31 Jul 2018 03:10:27 +0000
+Subject: upstream: delay bailout for invalid authenticating user
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+... until after the packet containing the request has been fully parsed.
+Reported by Dariusz Tytko and Michał Sajdak; ok deraadt
+OpenBSD-Commit-ID: b4891882fbe413f230fe8ac8a37349b03bd0b70d
+Origin: backport, http://anongit.mindrot.org/openssh.git/commit/?id=74287f5df9966a0648b4a68417451dd18f079ab8
+Bug-Debian: https://bugs.debian.org/906236
+Last-Update: 2018-08-17
+Patch-Name: upstream-delay-bailout-for-invalid-authenticating-user.patch
+---
+ auth2-gss.c       |  9 ++++++---
+ auth2-hostbased.c |  9 +++++----
+ auth2-pubkey.c    | 23 ++++++++++++++---------
+ 3 files changed, 25 insertions(+), 16 deletions(-)
+diff --git a/auth2-gss.c b/auth2-gss.c
+index fd411d3a7..88bc3ae7b 100644
+--- a/auth2-gss.c
+++ b/auth2-gss.c
+@@ -104,9 +104,6 @@ userauth_gssapi(struct ssh *ssh)
+        u_int len;
+        u_char *doid = NULL;
+ 
+-       if (!authctxt->valid || authctxt->user == NULL)
+-               return (0);
+-
+        mechs = packet_get_int();
+        if (mechs == 0) {
+                debug("Mechanism negotiation is not supported");
+@@ -137,6 +134,12 @@ userauth_gssapi(struct ssh *ssh)
+                return (0);
+        }
+ 
+       if (!authctxt->valid || authctxt->user == NULL) {
+               debug2("%s: disabled because of invalid user", __func__);
+               free(doid);
+               return (0);
+       }
+
+        if (GSS_ERROR(PRIVSEP(ssh_gssapi_server_ctx(&ctxt, &goid)))) {
+                if (ctxt != NULL)
+                        ssh_gssapi_delete_ctx(&ctxt);
+diff --git a/auth2-hostbased.c b/auth2-hostbased.c
+index 8996f7e05..82a7dcdae 100644
+--- a/auth2-hostbased.c
+++ b/auth2-hostbased.c
+@@ -67,10 +67,6 @@ userauth_hostbased(struct ssh *ssh)
+        size_t alen, blen, slen;
+        int r, pktype, authenticated = 0;
+ 
+-       if (!authctxt->valid) {
+-               debug2("%s: disabled because of invalid user", __func__);
+-               return 0;
+-       }
+        /* XXX use sshkey_froms() */
+        if ((r = sshpkt_get_cstring(ssh, &pkalg, &alen)) != 0 ||
+            (r = sshpkt_get_string(ssh, &pkblob, &blen)) != 0 ||
+@@ -118,6 +114,11 @@ userauth_hostbased(struct ssh *ssh)
+                goto done;
+        }
+ 
+       if (!authctxt->valid || authctxt->user == NULL) {
+               debug2("%s: disabled because of invalid user", __func__);
+               goto done;
+       }
+
+        if ((b = sshbuf_new()) == NULL)
+                fatal("%s: sshbuf_new failed", __func__);
+        /* reconstruct packet */
+diff --git a/auth2-pubkey.c b/auth2-pubkey.c
+index 8024b1d6a..a9272b97f 100644
+--- a/auth2-pubkey.c
+++ b/auth2-pubkey.c
+@@ -89,19 +89,15 @@ userauth_pubkey(struct ssh *ssh)
+ {
+        Authctxt *authctxt = ssh->authctxt;
+        struct passwd *pw = authctxt->pw;
+-       struct sshbuf *b;
+       struct sshbuf *b = NULL;
+        struct sshkey *key = NULL;
+-       char *pkalg, *userstyle = NULL, *key_s = NULL, *ca_s = NULL;
+-       u_char *pkblob, *sig, have_sig;
+       char *pkalg = NULL, *userstyle = NULL, *key_s = NULL, *ca_s = NULL;
+       u_char *pkblob = NULL, *sig = NULL, have_sig;
+        size_t blen, slen;
+        int r, pktype;
+        int authenticated = 0;
+        struct sshauthopt *authopts = NULL;
+ 
+-       if (!authctxt->valid) {
+-               debug2("%s: disabled because of invalid user", __func__);
+-               return 0;
+-       }
+        if ((r = sshpkt_get_u8(ssh, &have_sig)) != 0 ||
+            (r = sshpkt_get_cstring(ssh, &pkalg, NULL)) != 0 ||
+            (r = sshpkt_get_string(ssh, &pkblob, &blen)) != 0)
+@@ -168,6 +164,11 @@ userauth_pubkey(struct ssh *ssh)
+                                fatal("%s: sshbuf_put_string session id: %s",
+                                    __func__, ssh_err(r));
+                }
+               if (!authctxt->valid || authctxt->user == NULL) {
+                       debug2("%s: disabled because of invalid user",
+                           __func__);
+                       goto done;
+               }
+                /* reconstruct packet */
+                xasprintf(&userstyle, "%s%s%s", authctxt->user,
+                    authctxt->style ? ":" : "",
+@@ -184,7 +185,6 @@ userauth_pubkey(struct ssh *ssh)
+ #ifdef DEBUG_PK
+                sshbuf_dump(b, stderr);
+ #endif
+-
+                /* test for correct signature */
+                authenticated = 0;
+                if (PRIVSEP(user_key_allowed(ssh, pw, key, 1, &authopts)) &&
+@@ -193,7 +193,6 @@ userauth_pubkey(struct ssh *ssh)
+                        authenticated = 1;
+                }
+                sshbuf_free(b);
+-               free(sig);
+                auth2_record_key(authctxt, authenticated, key);
+        } else {
+                debug("%s: test pkalg %s pkblob %s%s%s",
+@@ -204,6 +203,11 @@ userauth_pubkey(struct ssh *ssh)
+                if ((r = sshpkt_get_end(ssh)) != 0)
+                        fatal("%s: %s", __func__, ssh_err(r));
+ 
+               if (!authctxt->valid || authctxt->user == NULL) {
+                       debug2("%s: disabled because of invalid user",
+                           __func__);
+                       goto done;
+               }
+                /* XXX fake reply and always send PK_OK ? */
+                /*
+                 * XXX this allows testing whether a user is allowed
+@@ -237,6 +241,7 @@ done:
+        free(pkblob);
+        free(key_s);
+        free(ca_s);
+       free(sig);
+        return authenticated;
+ }
+
author	Colin Watson <cjwatson@debian.org>	2018-08-17 12:28:26 +0100
committer	Colin Watson <cjwatson@debian.org>	2018-08-17 12:31:27 +0100
commit	4641c58a3279f6b118f9562babaa0ee050a38619 (patch)
tree	87718b668ec8a737c1729ee568207c2a384f6d61 /debian
parent	daf34b85afe25c10fac13e9cff16b25c3e3914e9 (diff)
parent	c4ca1497658e0508e8595ad74978c07bc92a18e3 (diff)

diff --git a/debian/.git-dpm b/debian/.git-dpm index 0f4069a2f..40345f1a3 100644 --- a/debian/.git-dpm +++ b/debian/.git-dpm
@@ -1,6 +1,6 @@
1	# see git-dpm(1) from git-dpm package	1	# see git-dpm(1) from git-dpm package
2	60256f28189c3d0650a78e737eb0ca4753478a4b	2	c4ca1497658e0508e8595ad74978c07bc92a18e3
3	60256f28189c3d0650a78e737eb0ca4753478a4b	3	c4ca1497658e0508e8595ad74978c07bc92a18e3
4	ed6ae9c1a014a08ff5db3d768f01f2e427eeb476	4	ed6ae9c1a014a08ff5db3d768f01f2e427eeb476
5	ed6ae9c1a014a08ff5db3d768f01f2e427eeb476	5	ed6ae9c1a014a08ff5db3d768f01f2e427eeb476
6	openssh_7.7p1.orig.tar.gz	6	openssh_7.7p1.orig.tar.gz


diff --git a/debian/changelog b/debian/changelog index 15024f76b..d9de16199 100644 --- a/debian/changelog +++ b/debian/changelog
@@ -1,3 +1,11 @@
		1	openssh (1:7.7p1-4) UNRELEASED; urgency=high
		2
		3	* Apply upstream patch to delay bailout for invalid authenticating user
		4	until after the packet containing the request has been fully parsed
		5	(closes: #906236).
		6
		7	-- Colin Watson <cjwatson@debian.org> Fri, 17 Aug 2018 12:30:13 +0100
		8
1	openssh (1:7.7p1-3) unstable; urgency=medium	9	openssh (1:7.7p1-3) unstable; urgency=medium
2		10
3	[ Colin Watson ]	11	[ Colin Watson ]


diff --git a/debian/patches/series b/debian/patches/series index 9f89f7347..e1eb16773 100644 --- a/debian/patches/series +++ b/debian/patches/series
@@ -25,3 +25,4 @@ seccomp-s390-flock-ipc.patch
25	seccomp-getuid-geteuid.patch	25	seccomp-getuid-geteuid.patch
26	seccomp-s390-ioctl-ep11-crypto.patch	26	seccomp-s390-ioctl-ep11-crypto.patch
27	upstream-relax-checking-of-authorized_keys-environme.patch	27	upstream-relax-checking-of-authorized_keys-environme.patch
		28	upstream-delay-bailout-for-invalid-authenticating-user.patch


diff --git a/debian/patches/upstream-delay-bailout-for-invalid-authenticating-user.patch b/debian/patches/upstream-delay-bailout-for-invalid-authenticating-user.patch new file mode 100644 index 000000000..737a9f48d --- /dev/null +++ b/debian/patches/upstream-delay-bailout-for-invalid-authenticating-user.patch
@@ -0,0 +1,153 @@
		1	From c4ca1497658e0508e8595ad74978c07bc92a18e3 Mon Sep 17 00:00:00 2001
		2	From: "djm@openbsd.org" <djm@openbsd.org>
		3	Date: Tue, 31 Jul 2018 03:10:27 +0000
		4	Subject: upstream: delay bailout for invalid authenticating user
		5	MIME-Version: 1.0
		6	Content-Type: text/plain; charset=UTF-8
		7	Content-Transfer-Encoding: 8bit
		8
		9	... until after the packet containing the request has been fully parsed.
		10	Reported by Dariusz Tytko and Michał Sajdak; ok deraadt
		11
		12	OpenBSD-Commit-ID: b4891882fbe413f230fe8ac8a37349b03bd0b70d
		13
		14	Origin: backport, http://anongit.mindrot.org/openssh.git/commit/?id=74287f5df9966a0648b4a68417451dd18f079ab8
		15	Bug-Debian: https://bugs.debian.org/906236
		16	Last-Update: 2018-08-17
		17
		18	Patch-Name: upstream-delay-bailout-for-invalid-authenticating-user.patch
		19	---
		20	auth2-gss.c \| 9 ++++++---
		21	auth2-hostbased.c \| 9 +++++----
		22	auth2-pubkey.c \| 23 ++++++++++++++---------
		23	3 files changed, 25 insertions(+), 16 deletions(-)
		24
		25	diff --git a/auth2-gss.c b/auth2-gss.c
		26	index fd411d3a7..88bc3ae7b 100644
		27	--- a/auth2-gss.c
		28	+++ b/auth2-gss.c
		29	@@ -104,9 +104,6 @@ userauth_gssapi(struct ssh *ssh)
		30	u_int len;
		31	u_char *doid = NULL;
		32
		33	- if (!authctxt->valid \|\| authctxt->user == NULL)
		34	- return (0);
		35	-
		36	mechs = packet_get_int();
		37	if (mechs == 0) {
		38	debug("Mechanism negotiation is not supported");
		39	@@ -137,6 +134,12 @@ userauth_gssapi(struct ssh *ssh)
		40	return (0);
		41	}
		42
		43	+ if (!authctxt->valid \|\| authctxt->user == NULL) {
		44	+ debug2("%s: disabled because of invalid user", __func__);
		45	+ free(doid);
		46	+ return (0);
		47	+ }
		48	+
		49	if (GSS_ERROR(PRIVSEP(ssh_gssapi_server_ctx(&ctxt, &goid)))) {
		50	if (ctxt != NULL)
		51	ssh_gssapi_delete_ctx(&ctxt);
		52	diff --git a/auth2-hostbased.c b/auth2-hostbased.c
		53	index 8996f7e05..82a7dcdae 100644
		54	--- a/auth2-hostbased.c
		55	+++ b/auth2-hostbased.c
		56	@@ -67,10 +67,6 @@ userauth_hostbased(struct ssh *ssh)
		57	size_t alen, blen, slen;
		58	int r, pktype, authenticated = 0;
		59
		60	- if (!authctxt->valid) {
		61	- debug2("%s: disabled because of invalid user", __func__);
		62	- return 0;
		63	- }
		64	/* XXX use sshkey_froms() */
		65	if ((r = sshpkt_get_cstring(ssh, &pkalg, &alen)) != 0 \|\|
		66	(r = sshpkt_get_string(ssh, &pkblob, &blen)) != 0 \|\|
		67	@@ -118,6 +114,11 @@ userauth_hostbased(struct ssh *ssh)
		68	goto done;
		69	}
		70
		71	+ if (!authctxt->valid \|\| authctxt->user == NULL) {
		72	+ debug2("%s: disabled because of invalid user", __func__);
		73	+ goto done;
		74	+ }
		75	+
		76	if ((b = sshbuf_new()) == NULL)
		77	fatal("%s: sshbuf_new failed", __func__);
		78	/* reconstruct packet */
		79	diff --git a/auth2-pubkey.c b/auth2-pubkey.c
		80	index 8024b1d6a..a9272b97f 100644
		81	--- a/auth2-pubkey.c
		82	+++ b/auth2-pubkey.c
		83	@@ -89,19 +89,15 @@ userauth_pubkey(struct ssh *ssh)
		84	{
		85	Authctxt *authctxt = ssh->authctxt;
		86	struct passwd *pw = authctxt->pw;
		87	- struct sshbuf *b;
		88	+ struct sshbuf *b = NULL;
		89	struct sshkey *key = NULL;
		90	- char pkalg, userstyle = NULL, key_s = NULL, ca_s = NULL;
		91	- u_char pkblob, sig, have_sig;
		92	+ char pkalg = NULL, userstyle = NULL, key_s = NULL, ca_s = NULL;
		93	+ u_char pkblob = NULL, sig = NULL, have_sig;
		94	size_t blen, slen;
		95	int r, pktype;
		96	int authenticated = 0;
		97	struct sshauthopt *authopts = NULL;
		98
		99	- if (!authctxt->valid) {
		100	- debug2("%s: disabled because of invalid user", __func__);
		101	- return 0;
		102	- }
		103	if ((r = sshpkt_get_u8(ssh, &have_sig)) != 0 \|\|
		104	(r = sshpkt_get_cstring(ssh, &pkalg, NULL)) != 0 \|\|
		105	(r = sshpkt_get_string(ssh, &pkblob, &blen)) != 0)
		106	@@ -168,6 +164,11 @@ userauth_pubkey(struct ssh *ssh)
		107	fatal("%s: sshbuf_put_string session id: %s",
		108	__func__, ssh_err(r));
		109	}
		110	+ if (!authctxt->valid \|\| authctxt->user == NULL) {
		111	+ debug2("%s: disabled because of invalid user",
		112	+ __func__);
		113	+ goto done;
		114	+ }
		115	/* reconstruct packet */
		116	xasprintf(&userstyle, "%s%s%s", authctxt->user,
		117	authctxt->style ? ":" : "",
		118	@@ -184,7 +185,6 @@ userauth_pubkey(struct ssh *ssh)
		119	#ifdef DEBUG_PK
		120	sshbuf_dump(b, stderr);
		121	#endif
		122	-
		123	/* test for correct signature */
		124	authenticated = 0;
		125	if (PRIVSEP(user_key_allowed(ssh, pw, key, 1, &authopts)) &&
		126	@@ -193,7 +193,6 @@ userauth_pubkey(struct ssh *ssh)
		127	authenticated = 1;
		128	}
		129	sshbuf_free(b);
		130	- free(sig);
		131	auth2_record_key(authctxt, authenticated, key);
		132	} else {
		133	debug("%s: test pkalg %s pkblob %s%s%s",
		134	@@ -204,6 +203,11 @@ userauth_pubkey(struct ssh *ssh)
		135	if ((r = sshpkt_get_end(ssh)) != 0)
		136	fatal("%s: %s", __func__, ssh_err(r));
		137
		138	+ if (!authctxt->valid \|\| authctxt->user == NULL) {
		139	+ debug2("%s: disabled because of invalid user",
		140	+ __func__);
		141	+ goto done;
		142	+ }
		143	/* XXX fake reply and always send PK_OK ? */
		144	/*
		145	* XXX this allows testing whether a user is allowed
		146	@@ -237,6 +241,7 @@ done:
		147	free(pkblob);
		148	free(key_s);
		149	free(ca_s);
		150	+ free(sig);
		151	return authenticated;
		152	}
		153