diff options
| author | Colin Watson <cjwatson@debian.org> | 2007-06-12 16:16:35 +0000 |
|---|---|---|
| committer | Colin Watson <cjwatson@debian.org> | 2007-06-12 16:16:35 +0000 |
| commit | b7e40fa9da0b5491534a429dadb321eab5a77558 (patch) | |
| tree | bed1da11e9f829925797aa093e379fc0b5868ecd /kex.c | |
| parent | 4f84beedf1005e44ff33c854abd6b711ffc0adb7 (diff) | |
| parent | 086ea76990b1e6287c24b6db74adffd4605eb3b0 (diff) | |
* New upstream release (closes: #395507, #397961, #420035). Important
changes not previously backported to 4.3p2:
- 4.4/4.4p1 (http://www.openssh.org/txt/release-4.4):
+ On portable OpenSSH, fix a GSSAPI authentication abort that could be
used to determine the validity of usernames on some platforms.
+ Implemented conditional configuration in sshd_config(5) using the
"Match" directive. This allows some configuration options to be
selectively overridden if specific criteria (based on user, group,
hostname and/or address) are met. So far a useful subset of
post-authentication options are supported and more are expected to
be added in future releases.
+ Add support for Diffie-Hellman group exchange key agreement with a
final hash of SHA256.
+ Added a "ForceCommand" directive to sshd_config(5). Similar to the
command="..." option accepted in ~/.ssh/authorized_keys, this forces
the execution of the specified command regardless of what the user
requested. This is very useful in conjunction with the new "Match"
option.
+ Add a "PermitOpen" directive to sshd_config(5). This mirrors the
permitopen="..." authorized_keys option, allowing fine-grained
control over the port-forwardings that a user is allowed to
establish.
+ Add optional logging of transactions to sftp-server(8).
+ ssh(1) will now record port numbers for hosts stored in
~/.ssh/known_hosts when a non-standard port has been requested
(closes: #50612).
+ Add an "ExitOnForwardFailure" option to cause ssh(1) to exit (with a
non-zero exit code) when requested port forwardings could not be
established.
+ Extend sshd_config(5) "SubSystem" declarations to allow the
specification of command-line arguments.
+ Replacement of all integer overflow susceptible invocations of
malloc(3) and realloc(3) with overflow-checking equivalents.
+ Many manpage fixes and improvements.
+ Add optional support for OpenSSL hardware accelerators (engines),
enabled using the --with-ssl-engine configure option.
+ Tokens in configuration files may be double-quoted in order to
contain spaces (closes: #319639).
+ Move a debug() call out of a SIGCHLD handler, fixing a hang when the
session exits very quickly (closes: #307890).
+ Fix some incorrect buffer allocation calculations (closes: #410599).
+ ssh-add doesn't ask for a passphrase if key file permissions are too
liberal (closes: #103677).
+ Likewise, ssh doesn't ask either (closes: #99675).
- 4.6/4.6p1 (http://www.openssh.org/txt/release-4.6):
+ sshd now allows the enabling and disabling of authentication methods
on a per user, group, host and network basis via the Match directive
in sshd_config.
+ Fixed an inconsistent check for a terminal when displaying scp
progress meter (closes: #257524).
+ Fix "hang on exit" when background processes are running at the time
of exit on a ttyful/login session (closes: #88337).
* Update to current GSSAPI patch from
http://www.sxw.org.uk/computing/patches/openssh-4.6p1-gsskex-20070312.patch;
install ChangeLog.gssapi.
Diffstat (limited to 'kex.c')
| -rw-r--r-- | kex.c | 54 |
1 files changed, 40 insertions, 14 deletions
| @@ -1,3 +1,4 @@ | |||
| 1 | /* $OpenBSD: kex.c,v 1.77 2007/01/21 01:41:54 stevesk Exp $ */ | ||
| 1 | /* | 2 | /* |
| 2 | * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. | 3 | * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. |
| 3 | * | 4 | * |
| @@ -23,19 +24,25 @@ | |||
| 23 | */ | 24 | */ |
| 24 | 25 | ||
| 25 | #include "includes.h" | 26 | #include "includes.h" |
| 26 | RCSID("$OpenBSD: kex.c,v 1.65 2005/11/04 05:15:59 djm Exp $"); | 27 | |
| 28 | #include <sys/param.h> | ||
| 29 | |||
| 30 | #include <signal.h> | ||
| 31 | #include <stdarg.h> | ||
| 32 | #include <stdio.h> | ||
| 33 | #include <stdlib.h> | ||
| 34 | #include <string.h> | ||
| 27 | 35 | ||
| 28 | #include <openssl/crypto.h> | 36 | #include <openssl/crypto.h> |
| 29 | 37 | ||
| 30 | #include "ssh2.h" | ||
| 31 | #include "xmalloc.h" | 38 | #include "xmalloc.h" |
| 39 | #include "ssh2.h" | ||
| 32 | #include "buffer.h" | 40 | #include "buffer.h" |
| 33 | #include "bufaux.h" | ||
| 34 | #include "packet.h" | 41 | #include "packet.h" |
| 35 | #include "compat.h" | 42 | #include "compat.h" |
| 36 | #include "cipher.h" | 43 | #include "cipher.h" |
| 37 | #include "kex.h" | ||
| 38 | #include "key.h" | 44 | #include "key.h" |
| 45 | #include "kex.h" | ||
| 39 | #include "log.h" | 46 | #include "log.h" |
| 40 | #include "mac.h" | 47 | #include "mac.h" |
| 41 | #include "match.h" | 48 | #include "match.h" |
| @@ -48,6 +55,14 @@ RCSID("$OpenBSD: kex.c,v 1.65 2005/11/04 05:15:59 djm Exp $"); | |||
| 48 | 55 | ||
| 49 | #define KEX_COOKIE_LEN 16 | 56 | #define KEX_COOKIE_LEN 16 |
| 50 | 57 | ||
| 58 | #if OPENSSL_VERSION_NUMBER >= 0x00907000L | ||
| 59 | # if defined(HAVE_EVP_SHA256) | ||
| 60 | # define evp_ssh_sha256 EVP_sha256 | ||
| 61 | # else | ||
| 62 | extern const EVP_MD *evp_ssh_sha256(void); | ||
| 63 | # endif | ||
| 64 | #endif | ||
| 65 | |||
| 51 | /* prototype */ | 66 | /* prototype */ |
| 52 | static void kex_kexinit_finish(Kex *); | 67 | static void kex_kexinit_finish(Kex *); |
| 53 | static void kex_choose_conf(Kex *); | 68 | static void kex_choose_conf(Kex *); |
| @@ -79,7 +94,7 @@ kex_buf2prop(Buffer *raw, int *first_kex_follows) | |||
| 79 | int i; | 94 | int i; |
| 80 | char **proposal; | 95 | char **proposal; |
| 81 | 96 | ||
| 82 | proposal = xmalloc(PROPOSAL_MAX * sizeof(char *)); | 97 | proposal = xcalloc(PROPOSAL_MAX, sizeof(char *)); |
| 83 | 98 | ||
| 84 | buffer_init(&b); | 99 | buffer_init(&b); |
| 85 | buffer_append(&b, buffer_ptr(raw), buffer_len(raw)); | 100 | buffer_append(&b, buffer_ptr(raw), buffer_len(raw)); |
| @@ -214,8 +229,7 @@ kex_setup(char *proposal[PROPOSAL_MAX]) | |||
| 214 | { | 229 | { |
| 215 | Kex *kex; | 230 | Kex *kex; |
| 216 | 231 | ||
| 217 | kex = xmalloc(sizeof(*kex)); | 232 | kex = xcalloc(1, sizeof(*kex)); |
| 218 | memset(kex, 0, sizeof(*kex)); | ||
| 219 | buffer_init(&kex->peer); | 233 | buffer_init(&kex->peer); |
| 220 | buffer_init(&kex->my); | 234 | buffer_init(&kex->my); |
| 221 | kex_prop2buf(&kex->my, proposal); | 235 | kex_prop2buf(&kex->my, proposal); |
| @@ -258,6 +272,7 @@ choose_enc(Enc *enc, char *client, char *server) | |||
| 258 | enc->key_len = cipher_keylen(enc->cipher); | 272 | enc->key_len = cipher_keylen(enc->cipher); |
| 259 | enc->block_size = cipher_blocksize(enc->cipher); | 273 | enc->block_size = cipher_blocksize(enc->cipher); |
| 260 | } | 274 | } |
| 275 | |||
| 261 | static void | 276 | static void |
| 262 | choose_mac(Mac *mac, char *client, char *server) | 277 | choose_mac(Mac *mac, char *client, char *server) |
| 263 | { | 278 | { |
| @@ -273,6 +288,7 @@ choose_mac(Mac *mac, char *client, char *server) | |||
| 273 | mac->key = NULL; | 288 | mac->key = NULL; |
| 274 | mac->enabled = 0; | 289 | mac->enabled = 0; |
| 275 | } | 290 | } |
| 291 | |||
| 276 | static void | 292 | static void |
| 277 | choose_comp(Comp *comp, char *client, char *server) | 293 | choose_comp(Comp *comp, char *client, char *server) |
| 278 | { | 294 | { |
| @@ -290,6 +306,7 @@ choose_comp(Comp *comp, char *client, char *server) | |||
| 290 | } | 306 | } |
| 291 | comp->name = name; | 307 | comp->name = name; |
| 292 | } | 308 | } |
| 309 | |||
| 293 | static void | 310 | static void |
| 294 | choose_kex(Kex *k, char *client, char *server) | 311 | choose_kex(Kex *k, char *client, char *server) |
| 295 | { | 312 | { |
| @@ -305,15 +322,24 @@ choose_kex(Kex *k, char *client, char *server) | |||
| 305 | } else if (strcmp(k->name, KEX_DHGEX_SHA1) == 0) { | 322 | } else if (strcmp(k->name, KEX_DHGEX_SHA1) == 0) { |
| 306 | k->kex_type = KEX_DH_GEX_SHA1; | 323 | k->kex_type = KEX_DH_GEX_SHA1; |
| 307 | k->evp_md = EVP_sha1(); | 324 | k->evp_md = EVP_sha1(); |
| 325 | #if OPENSSL_VERSION_NUMBER >= 0x00907000L | ||
| 326 | } else if (strcmp(k->name, KEX_DHGEX_SHA256) == 0) { | ||
| 327 | k->kex_type = KEX_DH_GEX_SHA256; | ||
| 328 | k->evp_md = evp_ssh_sha256(); | ||
| 329 | #endif | ||
| 308 | #ifdef GSSAPI | 330 | #ifdef GSSAPI |
| 309 | } else if (strncmp(k->name, KEX_GSS_GEX_SHA1_ID, | 331 | } else if (strncmp(k->name, KEX_GSS_GEX_SHA1_ID, |
| 310 | sizeof(KEX_GSS_GEX_SHA1_ID)-1) == 0) { | 332 | sizeof(KEX_GSS_GEX_SHA1_ID) - 1) == 0) { |
| 311 | k->kex_type = KEX_GSS_GEX_SHA1; | 333 | k->kex_type = KEX_GSS_GEX_SHA1; |
| 312 | k->evp_md = EVP_sha1(); | 334 | k->evp_md = EVP_sha1(); |
| 313 | } else if (strncmp(k->name, KEX_GSS_GRP1_SHA1_ID, | 335 | } else if (strncmp(k->name, KEX_GSS_GRP1_SHA1_ID, |
| 314 | sizeof(KEX_GSS_GRP1_SHA1_ID)-1) == 0) { | 336 | sizeof(KEX_GSS_GRP1_SHA1_ID) - 1) == 0) { |
| 315 | k->kex_type = KEX_GSS_GRP1_SHA1; | 337 | k->kex_type = KEX_GSS_GRP1_SHA1; |
| 316 | k->evp_md = EVP_sha1(); | 338 | k->evp_md = EVP_sha1(); |
| 339 | } else if (strncmp(k->name, KEX_GSS_GRP14_SHA1_ID, | ||
| 340 | sizeof(KEX_GSS_GRP14_SHA1_ID) - 1) == 0) { | ||
| 341 | k->kex_type = KEX_GSS_GRP14_SHA1; | ||
| 342 | k->evp_md = EVP_sha1(); | ||
| 317 | #endif | 343 | #endif |
| 318 | } else | 344 | } else |
| 319 | fatal("bad kex alg %s", k->name); | 345 | fatal("bad kex alg %s", k->name); |
| @@ -378,8 +404,7 @@ kex_choose_conf(Kex *kex) | |||
| 378 | 404 | ||
| 379 | /* Algorithm Negotiation */ | 405 | /* Algorithm Negotiation */ |
| 380 | for (mode = 0; mode < MODE_MAX; mode++) { | 406 | for (mode = 0; mode < MODE_MAX; mode++) { |
| 381 | newkeys = xmalloc(sizeof(*newkeys)); | 407 | newkeys = xcalloc(1, sizeof(*newkeys)); |
| 382 | memset(newkeys, 0, sizeof(*newkeys)); | ||
| 383 | kex->newkeys[mode] = newkeys; | 408 | kex->newkeys[mode] = newkeys; |
| 384 | ctos = (!kex->server && mode == MODE_OUT) || (kex->server && mode == MODE_IN); | 409 | ctos = (!kex->server && mode == MODE_OUT) || (kex->server && mode == MODE_IN); |
| 385 | nenc = ctos ? PROPOSAL_ENC_ALGS_CTOS : PROPOSAL_ENC_ALGS_STOC; | 410 | nenc = ctos ? PROPOSAL_ENC_ALGS_CTOS : PROPOSAL_ENC_ALGS_STOC; |
| @@ -434,7 +459,7 @@ derive_key(Kex *kex, int id, u_int need, u_char *hash, u_int hashlen, | |||
| 434 | 459 | ||
| 435 | if ((mdsz = EVP_MD_size(kex->evp_md)) <= 0) | 460 | if ((mdsz = EVP_MD_size(kex->evp_md)) <= 0) |
| 436 | fatal("bad kex md size %d", mdsz); | 461 | fatal("bad kex md size %d", mdsz); |
| 437 | digest = xmalloc(roundup(need, mdsz)); | 462 | digest = xmalloc(roundup(need, mdsz)); |
| 438 | 463 | ||
| 439 | buffer_init(&b); | 464 | buffer_init(&b); |
| 440 | buffer_put_bignum2(&b, shared_secret); | 465 | buffer_put_bignum2(&b, shared_secret); |
| @@ -487,7 +512,8 @@ kex_derive_keys(Kex *kex, u_char *hash, u_int hashlen, BIGNUM *shared_secret) | |||
| 487 | for (mode = 0; mode < MODE_MAX; mode++) { | 512 | for (mode = 0; mode < MODE_MAX; mode++) { |
| 488 | current_keys[mode] = kex->newkeys[mode]; | 513 | current_keys[mode] = kex->newkeys[mode]; |
| 489 | kex->newkeys[mode] = NULL; | 514 | kex->newkeys[mode] = NULL; |
| 490 | ctos = (!kex->server && mode == MODE_OUT) || (kex->server && mode == MODE_IN); | 515 | ctos = (!kex->server && mode == MODE_OUT) || |
| 516 | (kex->server && mode == MODE_IN); | ||
| 491 | current_keys[mode]->enc.iv = keys[ctos ? 0 : 1]; | 517 | current_keys[mode]->enc.iv = keys[ctos ? 0 : 1]; |
| 492 | current_keys[mode]->enc.key = keys[ctos ? 2 : 3]; | 518 | current_keys[mode]->enc.key = keys[ctos ? 2 : 3]; |
| 493 | current_keys[mode]->mac.key = keys[ctos ? 4 : 5]; | 519 | current_keys[mode]->mac.key = keys[ctos ? 4 : 5]; |
| @@ -544,7 +570,7 @@ dump_digest(char *msg, u_char *digest, int len) | |||
| 544 | u_int i; | 570 | u_int i; |
| 545 | 571 | ||
| 546 | fprintf(stderr, "%s\n", msg); | 572 | fprintf(stderr, "%s\n", msg); |
| 547 | for (i = 0; i< len; i++) { | 573 | for (i = 0; i < len; i++) { |
| 548 | fprintf(stderr, "%02x", digest[i]); | 574 | fprintf(stderr, "%02x", digest[i]); |
| 549 | if (i%32 == 31) | 575 | if (i%32 == 31) |
| 550 | fprintf(stderr, "\n"); | 576 | fprintf(stderr, "\n"); |