From 4a1c7aa640fb97d3472d51b215b6a0ec0fd025c7 Mon Sep 17 00:00:00 2001
From: Damien Miller <djm@mindrot.org>
Date: Tue, 4 Feb 2014 11:03:36 +1100
Subject:    - markus@cvs.openbsd.org 2014/01/27 19:18:54      [auth-rsa.c
 cipher.c ssh-agent.c sshconnect1.c sshd.c]      replace openssl MD5 with our
 ssh_digest_*; ok djm@

---
 auth-rsa.c | 22 +++++++++++++---------
 1 file changed, 13 insertions(+), 9 deletions(-)

(limited to 'auth-rsa.c')

diff --git a/auth-rsa.c b/auth-rsa.c
index 545aa496a..5dad6c3dc 100644
--- a/auth-rsa.c
+++ b/auth-rsa.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: auth-rsa.c,v 1.85 2013/07/12 00:19:58 djm Exp $ */
+/* $OpenBSD: auth-rsa.c,v 1.86 2014/01/27 19:18:54 markus Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -20,7 +20,6 @@
 #include <sys/stat.h>
 
 #include <openssl/rsa.h>
-#include <openssl/md5.h>
 
 #include <pwd.h>
 #include <stdio.h>
@@ -48,6 +47,8 @@
 #include "ssh.h"
 #include "misc.h"
 
+#include "digest.h"
+
 /* import */
 extern ServerOptions options;
 
@@ -91,12 +92,13 @@ int
 auth_rsa_verify_response(Key *key, BIGNUM *challenge, u_char response[16])
 {
 	u_char buf[32], mdbuf[16];
-	MD5_CTX md;
+	struct ssh_digest_ctx *md;
 	int len;
 
 	/* don't allow short keys */
 	if (BN_num_bits(key->rsa->n) < SSH_RSA_MINIMUM_MODULUS_SIZE) {
-		error("auth_rsa_verify_response: RSA modulus too small: %d < minimum %d bits",
+		error("%s: RSA modulus too small: %d < minimum %d bits",
+		    __func__,
 		    BN_num_bits(key->rsa->n), SSH_RSA_MINIMUM_MODULUS_SIZE);
 		return (0);
 	}
@@ -104,13 +106,15 @@ auth_rsa_verify_response(Key *key, BIGNUM *challenge, u_char response[16])
 	/* The response is MD5 of decrypted challenge plus session id. */
 	len = BN_num_bytes(challenge);
 	if (len <= 0 || len > 32)
-		fatal("auth_rsa_verify_response: bad challenge length %d", len);
+		fatal("%s: bad challenge length %d", __func__, len);
 	memset(buf, 0, 32);
 	BN_bn2bin(challenge, buf + 32 - len);
-	MD5_Init(&md);
-	MD5_Update(&md, buf, 32);
-	MD5_Update(&md, session_id, 16);
-	MD5_Final(mdbuf, &md);
+	if ((md = ssh_digest_start(SSH_DIGEST_MD5)) == NULL ||
+	    ssh_digest_update(md, buf, 32) < 0 ||
+	    ssh_digest_update(md, session_id, 16) < 0 ||
+	    ssh_digest_final(md, mdbuf, sizeof(mdbuf)) < 0)
+		fatal("%s: md5 failed", __func__);
+	ssh_digest_free(md);
 
 	/* Verify that the response is the original challenge. */
 	if (timingsafe_bcmp(response, mdbuf, 16) != 0) {
-- 
cgit v1.2.3


From 283322f493ee7dc75511f6cf9e9b88e536de0874 Mon Sep 17 00:00:00 2001
From: Colin Watson <cjwatson@debian.org>
Date: Sun, 9 Feb 2014 16:10:02 +0000
Subject: Quieten logs when multiple from= restrictions are used

Bug-Debian: http://bugs.debian.org/630606
Forwarded: no
Last-Update: 2013-09-14

Patch-Name: auth-log-verbosity.patch
---
 auth-options.c | 35 ++++++++++++++++++++++++++---------
 auth-options.h |  1 +
 auth-rsa.c     |  2 ++
 auth2-pubkey.c |  3 +++
 4 files changed, 32 insertions(+), 9 deletions(-)

(limited to 'auth-rsa.c')

diff --git a/auth-options.c b/auth-options.c
index fa209eaab..df6133037 100644
--- a/auth-options.c
+++ b/auth-options.c
@@ -54,8 +54,19 @@ int forced_tun_device = -1;
 /* "principals=" option. */
 char *authorized_principals = NULL;
 
+/* Throttle log messages. */
+int logged_from_hostip = 0;
+int logged_cert_hostip = 0;
+
 extern ServerOptions options;
 
+void
+auth_start_parse_options(void)
+{
+	logged_from_hostip = 0;
+	logged_cert_hostip = 0;
+}
+
 void
 auth_clear_options(void)
 {
@@ -284,10 +295,13 @@ auth_parse_options(struct passwd *pw, char *opts, char *file, u_long linenum)
 				/* FALLTHROUGH */
 			case 0:
 				free(patterns);
-				logit("Authentication tried for %.100s with "
-				    "correct key but not from a permitted "
-				    "host (host=%.200s, ip=%.200s).",
-				    pw->pw_name, remote_host, remote_ip);
+				if (!logged_from_hostip) {
+					logit("Authentication tried for %.100s with "
+					    "correct key but not from a permitted "
+					    "host (host=%.200s, ip=%.200s).",
+					    pw->pw_name, remote_host, remote_ip);
+					logged_from_hostip = 1;
+				}
 				auth_debug_add("Your host '%.200s' is not "
 				    "permitted to use this key for login.",
 				    remote_host);
@@ -510,11 +524,14 @@ parse_option_list(u_char *optblob, size_t optblob_len, struct passwd *pw,
 					break;
 				case 0:
 					/* no match */
-					logit("Authentication tried for %.100s "
-					    "with valid certificate but not "
-					    "from a permitted host "
-					    "(ip=%.200s).", pw->pw_name,
-					    remote_ip);
+					if (!logged_cert_hostip) {
+						logit("Authentication tried for %.100s "
+						    "with valid certificate but not "
+						    "from a permitted host "
+						    "(ip=%.200s).", pw->pw_name,
+						    remote_ip);
+						logged_cert_hostip = 1;
+					}
 					auth_debug_add("Your address '%.200s' "
 					    "is not permitted to use this "
 					    "certificate for login.",
diff --git a/auth-options.h b/auth-options.h
index 7455c9454..a3f0a02da 100644
--- a/auth-options.h
+++ b/auth-options.h
@@ -33,6 +33,7 @@ extern int forced_tun_device;
 extern int key_is_cert_authority;
 extern char *authorized_principals;
 
+void	auth_start_parse_options(void);
 int	auth_parse_options(struct passwd *, char *, char *, u_long);
 void	auth_clear_options(void);
 int	auth_cert_options(Key *, struct passwd *);
diff --git a/auth-rsa.c b/auth-rsa.c
index 5dad6c3dc..260ce2f98 100644
--- a/auth-rsa.c
+++ b/auth-rsa.c
@@ -178,6 +178,8 @@ rsa_key_allowed_in_file(struct passwd *pw, char *file,
 	if ((f = auth_openkeyfile(file, pw, options.strict_modes)) == NULL)
 		return 0;
 
+	auth_start_parse_options();
+
 	/*
 	 * Go though the accepted keys, looking for the current key.  If
 	 * found, perform a challenge-response dialog to verify that the
diff --git a/auth2-pubkey.c b/auth2-pubkey.c
index 0fd27bb92..7c5692750 100644
--- a/auth2-pubkey.c
+++ b/auth2-pubkey.c
@@ -263,6 +263,7 @@ match_principals_file(char *file, struct passwd *pw, struct KeyCert *cert)
 		restore_uid();
 		return 0;
 	}
+	auth_start_parse_options();
 	while (read_keyfile_line(f, file, line, sizeof(line), &linenum) != -1) {
 		/* Skip leading whitespace. */
 		for (cp = line; *cp == ' ' || *cp == '\t'; cp++)
@@ -324,6 +325,7 @@ check_authkeys_file(FILE *f, char *file, Key* key, struct passwd *pw)
 	found_key = 0;
 
 	found = NULL;
+	auth_start_parse_options();
 	while (read_keyfile_line(f, file, line, sizeof(line), &linenum) != -1) {
 		char *cp, *key_options = NULL;
 		if (found != NULL)
@@ -459,6 +461,7 @@ user_cert_trusted_ca(struct passwd *pw, Key *key)
 	if (key_cert_check_authority(key, 0, 1,
 	    principals_file == NULL ? pw->pw_name : NULL, &reason) != 0)
 		goto fail_reason;
+	auth_start_parse_options();
 	if (auth_cert_options(key, pw) != 0)
 		goto out;
 
-- 
cgit v1.2.3