summaryrefslogtreecommitdiff
path: root/kexgssc.c
diff options
context:
space:
mode:
authorColin Watson <cjwatson@debian.org>2010-01-01 23:53:30 +0000
committerColin Watson <cjwatson@debian.org>2010-01-01 23:53:30 +0000
commitdf03186a4f9e0c2ece398b5c0571cb6263d7a752 (patch)
tree1aab079441dff9615274769b19f2d734ddf508dd /kexgssc.c
parent6ad6994c288662fca6949f42bf91fec2aff00bca (diff)
parent99b402ea4c8457b0a3cafff37f5b3410a8dc6476 (diff)
* New upstream release (closes: #536182). Yes, I know 5.3p1 has been out
for a while, but there's no GSSAPI patch available for it yet. - Change the default cipher order to prefer the AES CTR modes and the revised "arcfour256" mode to CBC mode ciphers that are susceptible to CPNI-957037 "Plaintext Recovery Attack Against SSH". - Add countermeasures to mitigate CPNI-957037-style attacks against the SSH protocol's use of CBC-mode ciphers. Upon detection of an invalid packet length or Message Authentication Code, ssh/sshd will continue reading up to the maximum supported packet length rather than immediately terminating the connection. This eliminates most of the known differences in behaviour that leaked information about the plaintext of injected data which formed the basis of this attack (closes: #506115, LP: #379329). - ForceCommand directive now accepts commandline arguments for the internal-sftp server (closes: #524423, LP: #362511). - Add AllowAgentForwarding to available Match keywords list (closes: #540623). - Make ssh(1) send the correct channel number for SSH2_MSG_CHANNEL_SUCCESS and SSH2_MSG_CHANNEL_FAILURE messages to avoid triggering 'Non-public channel' error messages on sshd(8) in openssh-5.1. - Avoid printing 'Non-public channel' warnings in sshd(8), since the ssh(1) has sent incorrect channel numbers since ~2004 (this reverts a behaviour introduced in openssh-5.1; closes: #496017). * Update to GSSAPI patch from http://www.sxw.org.uk/computing/patches/openssh-5.2p1-gsskex-all-20090726.patch, including cascading credentials support (LP: #416958).
Diffstat (limited to 'kexgssc.c')
-rw-r--r--kexgssc.c25
1 files changed, 20 insertions, 5 deletions
diff --git a/kexgssc.c b/kexgssc.c
index 7c4a56f45..39be40531 100644
--- a/kexgssc.c
+++ b/kexgssc.c
@@ -1,5 +1,5 @@
1/* 1/*
2 * Copyright (c) 2001-2006 Simon Wilkinson. All rights reserved. 2 * Copyright (c) 2001-2009 Simon Wilkinson. All rights reserved.
3 * 3 *
4 * Redistribution and use in source and binary forms, with or without 4 * Redistribution and use in source and binary forms, with or without
5 * modification, are permitted provided that the following conditions 5 * modification, are permitted provided that the following conditions
@@ -59,6 +59,7 @@ kexgss_client(Kex *kex) {
59 BIGNUM *g = NULL; 59 BIGNUM *g = NULL;
60 u_char *kbuf, *hash; 60 u_char *kbuf, *hash;
61 u_char *serverhostkey = NULL; 61 u_char *serverhostkey = NULL;
62 u_char *empty = "";
62 char *msg; 63 char *msg;
63 char *lang; 64 char *lang;
64 int type = 0; 65 int type = 0;
@@ -73,7 +74,11 @@ kexgss_client(Kex *kex) {
73 74
74 if (ssh_gssapi_import_name(ctxt, kex->gss_host)) 75 if (ssh_gssapi_import_name(ctxt, kex->gss_host))
75 fatal("Couldn't import hostname"); 76 fatal("Couldn't import hostname");
76 77
78 if (kex->gss_client &&
79 ssh_gssapi_client_identity(ctxt, kex->gss_client))
80 fatal("Couldn't acquire client credentials");
81
77 switch (kex->kex_type) { 82 switch (kex->kex_type) {
78 case KEX_GSS_GRP1_SHA1: 83 case KEX_GSS_GRP1_SHA1:
79 dh = dh_new_group1(); 84 dh = dh_new_group1();
@@ -245,9 +250,16 @@ kexgss_client(Kex *kex) {
245 klen = DH_size(dh); 250 klen = DH_size(dh);
246 kbuf = xmalloc(klen); 251 kbuf = xmalloc(klen);
247 kout = DH_compute_key(kbuf, dh_server_pub, dh); 252 kout = DH_compute_key(kbuf, dh_server_pub, dh);
253 if (kout < 0)
254 fatal("DH_compute_key: failed");
248 255
249 shared_secret = BN_new(); 256 shared_secret = BN_new();
250 BN_bin2bn(kbuf,kout, shared_secret); 257 if (shared_secret == NULL)
258 fatal("kexgss_client: BN_new failed");
259
260 if (BN_bin2bn(kbuf, kout, shared_secret) == NULL)
261 fatal("kexdh_client: BN_bin2bn failed");
262
251 memset(kbuf, 0, klen); 263 memset(kbuf, 0, klen);
252 xfree(kbuf); 264 xfree(kbuf);
253 265
@@ -258,7 +270,7 @@ kexgss_client(Kex *kex) {
258 kex->server_version_string, 270 kex->server_version_string,
259 buffer_ptr(&kex->my), buffer_len(&kex->my), 271 buffer_ptr(&kex->my), buffer_len(&kex->my),
260 buffer_ptr(&kex->peer), buffer_len(&kex->peer), 272 buffer_ptr(&kex->peer), buffer_len(&kex->peer),
261 serverhostkey, slen, /* server host key */ 273 (serverhostkey ? serverhostkey : empty), slen,
262 dh->pub_key, /* e */ 274 dh->pub_key, /* e */
263 dh_server_pub, /* f */ 275 dh_server_pub, /* f */
264 shared_secret, /* K */ 276 shared_secret, /* K */
@@ -272,7 +284,7 @@ kexgss_client(Kex *kex) {
272 kex->server_version_string, 284 kex->server_version_string,
273 buffer_ptr(&kex->my), buffer_len(&kex->my), 285 buffer_ptr(&kex->my), buffer_len(&kex->my),
274 buffer_ptr(&kex->peer), buffer_len(&kex->peer), 286 buffer_ptr(&kex->peer), buffer_len(&kex->peer),
275 serverhostkey, slen, 287 (serverhostkey ? serverhostkey : empty), slen,
276 min, nbits, max, 288 min, nbits, max,
277 dh->p, dh->g, 289 dh->p, dh->g,
278 dh->pub_key, 290 dh->pub_key,
@@ -306,6 +318,9 @@ kexgss_client(Kex *kex) {
306 memcpy(kex->session_id, hash, kex->session_id_len); 318 memcpy(kex->session_id, hash, kex->session_id_len);
307 } 319 }
308 320
321 if (kex->gss_deleg_creds)
322 ssh_gssapi_credentials_updated(ctxt);
323
309 if (gss_kex_context == NULL) 324 if (gss_kex_context == NULL)
310 gss_kex_context = ctxt; 325 gss_kex_context = ctxt;
311 else 326 else
generated by cgit v1.2.3 (git 2.39.1) at 2024-08-30 21:09:42 +0000