From 1fb593a3f198b75787c5c5974fe256122427d1d3 Mon Sep 17 00:00:00 2001 From: Damien Miller Date: Wed, 12 Dec 2012 10:54:37 +1100 Subject: - markus@cvs.openbsd.org 2012/12/11 22:42:11 [regress/Makefile regress/modpipe.c regress/integrity.sh] test the integrity of the packets; with djm@ --- regress/integrity.sh | 58 ++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 58 insertions(+) create mode 100644 regress/integrity.sh (limited to 'regress/integrity.sh') diff --git a/regress/integrity.sh b/regress/integrity.sh new file mode 100644 index 000000000..23135685c --- /dev/null +++ b/regress/integrity.sh @@ -0,0 +1,58 @@ +# $OpenBSD: integrity.sh,v 1.1 2012/12/11 22:42:11 markus Exp $ +# Placed in the Public Domain. + +tid="integrity" + +# start at byte 2300 (i.e. after kex) and corrupt at different offsets +# XXX the test hangs if we modify the low bytes of the packet length +# XXX and ssh tries to read... +tries=10 +startoffset=2300 +macs="hmac-sha1 hmac-md5 umac-64@openssh.com umac-128@openssh.com + hmac-sha1-96 hmac-md5-96 hmac-sha2-256 hmac-sha2-512 + hmac-sha1-etm@openssh.com hmac-md5-etm@openssh.com + umac-64-etm@openssh.com umac-128-etm@openssh.com + hmac-sha1-96-etm@openssh.com hmac-md5-96-etm@openssh.com + hmac-sha2-256-etm@openssh.com hmac-sha2-512-etm@openssh.com" + +# sshd-command for proxy (see test-exec.sh) +cmd="sh ${SRC}/sshd-log-wrapper.sh ${SSHD} ${TEST_SSH_LOGFILE} -i -f $OBJ/sshd_proxy" + +for m in $macs; do + trace "test $tid: mac $m" + elen=0 + epad=0 + emac=0 + ecnt=0 + skip=0 + for off in $(jot $tries $startoffset); do + if [ $((skip--)) -gt 0 ]; then + # avoid modifying the high bytes of the length + continue + fi + # modify output from sshd at offset $off + pxy="proxycommand=$cmd | $OBJ/modpipe -m xor:$off:1" + output=$(${SSH} -m $m -2F $OBJ/ssh_proxy -o "$pxy" \ + 999.999.999.999 true 2>&1) + if [ $? -eq 0 ]; then + fail "ssh -m $m succeeds with bit-flip at $off" + fi + ecnt=$((ecnt+1)) + output=$(echo $output | tr -s '\r\n' '.') + verbose "test $tid: $m @$off $output" + case "$output" in + Bad?packet*) elen=$((elen+1)); skip=2;; + Corrupted?MAC*) emac=$((emac+1)); skip=0;; + padding*) epad=$((epad+1)); skip=0;; + *) fail "unexpected error mac $m at $off";; + esac + done + verbose "test $tid: $ecnt errors: mac $emac padding $epad length $elen" + if [ $emac -eq 0 ]; then + fail "$m: no mac errors" + fi + expect=$((ecnt-epad-elen)) + if [ $emac -ne $expect ]; then + fail "$m: expected $expect mac errors, got $emac" + fi +done -- cgit v1.2.3 From 9fec296b0ac3e17ea1dcdf01761870297f7fd50a Mon Sep 17 00:00:00 2001 From: Damien Miller Date: Wed, 12 Dec 2012 12:10:10 +1100 Subject: - (djm) [regress/Makefile regress/integrity.sh] Make the integrity.sh test work on platforms without 'jot' --- regress/Makefile | 8 ++++---- regress/integrity.sh | 7 ++++++- 2 files changed, 10 insertions(+), 5 deletions(-) (limited to 'regress/integrity.sh') diff --git a/regress/Makefile b/regress/Makefile index 2eb2e3181..636858662 100644 --- a/regress/Makefile +++ b/regress/Makefile @@ -81,7 +81,7 @@ CLEANFILES= t2.out t3.out t6.out1 t6.out2 t7.out t7.out.pub copy.1 copy.2 \ putty.rsa2 sshd_proxy_orig ssh_proxy_bak \ key.rsa-* key.dsa-* key.ecdsa-* \ authorized_principals_${USER} expect actual ready \ - sshd_proxy.* authorized_keys_${USER}.* + sshd_proxy.* authorized_keys_${USER}.* modpipe # Enable all malloc(3) randomisations and checks @@ -143,15 +143,15 @@ t9: $(OBJ)/t9.out test "${TEST_SSH_ECC}" != yes || \ ${TEST_SSH_SSHKEYGEN} -Bf $(OBJ)/t9.out > /dev/null -modpipe: modpipe.c - -t-exec: modpipe ${LTESTS:=.sh} +t-exec: ${LTESTS:=.sh} modpipe @if [ "x$?" = "x" ]; then exit 0; fi; \ for TEST in ""$?; do \ echo "run test $${TEST}" ... 1>&2; \ (env SUDO="${SUDO}" TEST_ENV=${TEST_ENV} sh ${.CURDIR}/test-exec.sh ${.OBJDIR} ${.CURDIR}/$${TEST}) || exit $$?; \ done +modpipe: modpipe.c + t-exec-interop: ${INTEROP_TESTS:=.sh} @if [ "x$?" = "x" ]; then exit 0; fi; \ for TEST in ""$?; do \ diff --git a/regress/integrity.sh b/regress/integrity.sh index 23135685c..f6e5c1963 100644 --- a/regress/integrity.sh +++ b/regress/integrity.sh @@ -18,6 +18,10 @@ macs="hmac-sha1 hmac-md5 umac-64@openssh.com umac-128@openssh.com # sshd-command for proxy (see test-exec.sh) cmd="sh ${SRC}/sshd-log-wrapper.sh ${SSHD} ${TEST_SSH_LOGFILE} -i -f $OBJ/sshd_proxy" +jot() { + awk 'BEGIN { for (i = $2; i < $2 + $1; i++) { printf "%d\n", i } }' +} +set -x for m in $macs; do trace "test $tid: mac $m" elen=0 @@ -26,7 +30,8 @@ for m in $macs; do ecnt=0 skip=0 for off in $(jot $tries $startoffset); do - if [ $((skip--)) -gt 0 ]; then + skip=$((skip - 1)) + if [ $skip -gt 0 ]; then # avoid modifying the high bytes of the length continue fi -- cgit v1.2.3 From 37461d7391e0944d880757b9ac8c98d1feb15a40 Mon Sep 17 00:00:00 2001 From: Damien Miller Date: Wed, 12 Dec 2012 12:37:32 +1100 Subject: - (djm) [regress/integrity.sh] Fix awk quoting, packet length skip --- ChangeLog | 3 +++ regress/integrity.sh | 6 +++--- 2 files changed, 6 insertions(+), 3 deletions(-) (limited to 'regress/integrity.sh') diff --git a/ChangeLog b/ChangeLog index ed58d1ced..9473d60ca 100644 --- a/ChangeLog +++ b/ChangeLog @@ -25,6 +25,9 @@ [try-ciphers.sh] add hmac-ripemd160-etm@openssh.com - (djm) [mac.c] fix merge botch + - (djm) [regress/Makefile regress/integrity.sh] Make the integrity.sh test + work on platforms without 'jot' + - (djm) [regress/integrity.sh] Fix awk quoting, packet length skip 20121207 - (dtucker) OpenBSD CVS Sync diff --git a/regress/integrity.sh b/regress/integrity.sh index f6e5c1963..0185490c1 100644 --- a/regress/integrity.sh +++ b/regress/integrity.sh @@ -19,9 +19,9 @@ macs="hmac-sha1 hmac-md5 umac-64@openssh.com umac-128@openssh.com cmd="sh ${SRC}/sshd-log-wrapper.sh ${SSHD} ${TEST_SSH_LOGFILE} -i -f $OBJ/sshd_proxy" jot() { - awk 'BEGIN { for (i = $2; i < $2 + $1; i++) { printf "%d\n", i } }' + awk "BEGIN { for (i = $2; i < $2 + $1; i++) { printf \"%d\n\", i } }" } -set -x + for m in $macs; do trace "test $tid: mac $m" elen=0 @@ -46,7 +46,7 @@ for m in $macs; do output=$(echo $output | tr -s '\r\n' '.') verbose "test $tid: $m @$off $output" case "$output" in - Bad?packet*) elen=$((elen+1)); skip=2;; + Bad?packet*) elen=$((elen+1)); skip=3;; Corrupted?MAC*) emac=$((emac+1)); skip=0;; padding*) epad=$((epad+1)); skip=0;; *) fail "unexpected error mac $m at $off";; -- cgit v1.2.3 From 846dc7f21c0dd52bc8cc8f433d464a6561066d00 Mon Sep 17 00:00:00 2001 From: Damien Miller Date: Sat, 12 Jan 2013 22:46:26 +1100 Subject: - djm@cvs.openbsd.org 2013/01/12 11:23:53 [regress/cipher-speed.sh regress/integrity.sh regress/try-ciphers.sh] test AES-GCM modes; feedback markus@ --- ChangeLog | 3 +++ regress/cipher-speed.sh | 11 +++++++++-- regress/integrity.sh | 14 +++++++++++--- regress/try-ciphers.sh | 11 +++++++++-- 4 files changed, 32 insertions(+), 7 deletions(-) (limited to 'regress/integrity.sh') diff --git a/ChangeLog b/ChangeLog index 3be438c75..dd847610f 100644 --- a/ChangeLog +++ b/ChangeLog @@ -3,6 +3,9 @@ - djm@cvs.openbsd.org 2013/01/12 11:22:04 [cipher.c] improve error message for integrity failure in AES-GCM modes; ok markus@ + - djm@cvs.openbsd.org 2013/01/12 11:23:53 + [regress/cipher-speed.sh regress/integrity.sh regress/try-ciphers.sh] + test AES-GCM modes; feedback markus@ 20130109 - (djm) OpenBSD CVS Sync diff --git a/regress/cipher-speed.sh b/regress/cipher-speed.sh index 4f26f7e96..ed7c6f320 100644 --- a/regress/cipher-speed.sh +++ b/regress/cipher-speed.sh @@ -1,4 +1,4 @@ -# $OpenBSD: cipher-speed.sh,v 1.6 2012/10/05 02:20:48 dtucker Exp $ +# $OpenBSD: cipher-speed.sh,v 1.7 2013/01/12 11:23:53 djm Exp $ # Placed in the Public Domain. tid="cipher speed" @@ -16,12 +16,14 @@ ciphers="aes128-cbc 3des-cbc blowfish-cbc cast128-cbc arcfour128 arcfour256 arcfour aes192-cbc aes256-cbc rijndael-cbc@lysator.liu.se aes128-ctr aes192-ctr aes256-ctr" +config_defined OPENSSL_HAVE_EVPGCM && + ciphers="$ciphers aes128-gcm@openssh.com aes256-gcm@openssh.com" macs="hmac-sha1 hmac-md5 umac-64@openssh.com umac-128@openssh.com hmac-sha1-96 hmac-md5-96" config_defined HAVE_EVP_SHA256 && macs="$macs hmac-sha2-256 hmac-sha2-512" -for c in $ciphers; do for m in $macs; do +for c in $ciphers; do n=0; for m in $macs; do trace "proto 2 cipher $c mac $m" for x in $tries; do echon "$c/$m:\t" @@ -34,6 +36,11 @@ for c in $ciphers; do for m in $macs; do fail "ssh -2 failed with mac $m cipher $c" fi done + # No point trying all MACs for GCM since they are ignored. + case $c in + aes*-gcm@openssh.com) test $n -gt 0 && break;; + esac + n=$(($n + 1)) done; done ciphers="3des blowfish" diff --git a/regress/integrity.sh b/regress/integrity.sh index 0185490c1..608cde0fe 100644 --- a/regress/integrity.sh +++ b/regress/integrity.sh @@ -1,4 +1,4 @@ -# $OpenBSD: integrity.sh,v 1.1 2012/12/11 22:42:11 markus Exp $ +# $OpenBSD: integrity.sh,v 1.2 2013/01/12 11:23:53 djm Exp $ # Placed in the Public Domain. tid="integrity" @@ -14,6 +14,10 @@ macs="hmac-sha1 hmac-md5 umac-64@openssh.com umac-128@openssh.com umac-64-etm@openssh.com umac-128-etm@openssh.com hmac-sha1-96-etm@openssh.com hmac-md5-96-etm@openssh.com hmac-sha2-256-etm@openssh.com hmac-sha2-512-etm@openssh.com" +# The following are not MACs, but ciphers with integrated integrity. They are +# handled specially below. +config_defined OPENSSL_HAVE_EVPGCM && + macs="$macs aes128-gcm@openssh.com aes256-gcm@openssh.com" # sshd-command for proxy (see test-exec.sh) cmd="sh ${SRC}/sshd-log-wrapper.sh ${SSHD} ${TEST_SSH_LOGFILE} -i -f $OBJ/sshd_proxy" @@ -37,7 +41,11 @@ for m in $macs; do fi # modify output from sshd at offset $off pxy="proxycommand=$cmd | $OBJ/modpipe -m xor:$off:1" - output=$(${SSH} -m $m -2F $OBJ/ssh_proxy -o "$pxy" \ + case $m in + aes*gcm*) macopt="-c $m";; + *) macopt="-m $m";; + esac + output=$(${SSH} $macopt -2F $OBJ/ssh_proxy -o "$pxy" \ 999.999.999.999 true 2>&1) if [ $? -eq 0 ]; then fail "ssh -m $m succeeds with bit-flip at $off" @@ -47,7 +55,7 @@ for m in $macs; do verbose "test $tid: $m @$off $output" case "$output" in Bad?packet*) elen=$((elen+1)); skip=3;; - Corrupted?MAC*) emac=$((emac+1)); skip=0;; + Corrupted?MAC* | Decryption?integrity?check?failed*) padding*) epad=$((epad+1)); skip=0;; *) fail "unexpected error mac $m at $off";; esac diff --git a/regress/try-ciphers.sh b/regress/try-ciphers.sh index 2b11b59ea..ca2851713 100644 --- a/regress/try-ciphers.sh +++ b/regress/try-ciphers.sh @@ -1,4 +1,4 @@ -# $OpenBSD: try-ciphers.sh,v 1.17 2012/12/11 23:12:13 markus Exp $ +# $OpenBSD: try-ciphers.sh,v 1.18 2013/01/12 11:23:53 djm Exp $ # Placed in the Public Domain. tid="try ciphers" @@ -6,7 +6,8 @@ tid="try ciphers" ciphers="aes128-cbc 3des-cbc blowfish-cbc cast128-cbc arcfour128 arcfour256 arcfour aes192-cbc aes256-cbc rijndael-cbc@lysator.liu.se - aes128-ctr aes192-ctr aes256-ctr" + aes128-ctr aes192-ctr aes256-ctr + aes128-gcm@openssh.com aes256-gcm@openssh.com" macs="hmac-sha1 hmac-md5 umac-64@openssh.com umac-128@openssh.com hmac-sha1-96 hmac-md5-96 hmac-sha1-etm@openssh.com hmac-md5-etm@openssh.com @@ -18,6 +19,7 @@ config_defined HAVE_EVP_SHA256 && hmac-sha2-256-etm@openssh.com hmac-sha2-512-etm@openssh.com" for c in $ciphers; do + n=0 for m in $macs; do trace "proto 2 cipher $c mac $m" verbose "test $tid: proto 2 cipher $c mac $m" @@ -25,6 +27,11 @@ for c in $ciphers; do if [ $? -ne 0 ]; then fail "ssh -2 failed with mac $m cipher $c" fi + # No point trying all MACs for GCM since they are ignored. + case $c in + aes*-gcm@openssh.com) test $n -gt 0 && break;; + esac + n=$(($n + 1)) done done -- cgit v1.2.3 From efa1c950921659a0f10b9adf30625fba21b3815c Mon Sep 17 00:00:00 2001 From: Damien Miller Date: Sat, 12 Jan 2013 23:10:47 +1100 Subject: - (djm) [regress/integrity.sh] repair botched merge --- ChangeLog | 1 + regress/integrity.sh | 1 + 2 files changed, 2 insertions(+) (limited to 'regress/integrity.sh') diff --git a/ChangeLog b/ChangeLog index dd847610f..92830553e 100644 --- a/ChangeLog +++ b/ChangeLog @@ -6,6 +6,7 @@ - djm@cvs.openbsd.org 2013/01/12 11:23:53 [regress/cipher-speed.sh regress/integrity.sh regress/try-ciphers.sh] test AES-GCM modes; feedback markus@ + - (djm) [regress/integrity.sh] repair botched merge 20130109 - (djm) OpenBSD CVS Sync diff --git a/regress/integrity.sh b/regress/integrity.sh index 608cde0fe..2b4bfeacc 100644 --- a/regress/integrity.sh +++ b/regress/integrity.sh @@ -56,6 +56,7 @@ for m in $macs; do case "$output" in Bad?packet*) elen=$((elen+1)); skip=3;; Corrupted?MAC* | Decryption?integrity?check?failed*) + emac=$((emac+1)); skip=0;; padding*) epad=$((epad+1)); skip=0;; *) fail "unexpected error mac $m at $off";; esac -- cgit v1.2.3 From b26699bbadaffa1b1de2f6b0e175b77aba337de5 Mon Sep 17 00:00:00 2001 From: Damien Miller Date: Thu, 17 Jan 2013 14:31:57 +1100 Subject: - (djm) [regress/cipher-speed.sh regress/integrity.sh regress/try-ciphers.sh] check for GCM support before testing GCM ciphers. --- ChangeLog | 4 ++++ regress/cipher-speed.sh | 4 ++-- regress/integrity.sh | 2 +- regress/try-ciphers.sh | 5 +++-- 4 files changed, 10 insertions(+), 5 deletions(-) (limited to 'regress/integrity.sh') diff --git a/ChangeLog b/ChangeLog index 92830553e..686fe8966 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,7 @@ +20130117 + - (djm) [regress/cipher-speed.sh regress/integrity.sh regress/try-ciphers.sh] + check for GCM support before testing GCM ciphers. + 20130112 - (djm) OpenBSD CVS Sync - djm@cvs.openbsd.org 2013/01/12 11:22:04 diff --git a/regress/cipher-speed.sh b/regress/cipher-speed.sh index ed7c6f320..114191b89 100644 --- a/regress/cipher-speed.sh +++ b/regress/cipher-speed.sh @@ -16,11 +16,11 @@ ciphers="aes128-cbc 3des-cbc blowfish-cbc cast128-cbc arcfour128 arcfour256 arcfour aes192-cbc aes256-cbc rijndael-cbc@lysator.liu.se aes128-ctr aes192-ctr aes256-ctr" -config_defined OPENSSL_HAVE_EVPGCM && +config_defined OPENSSL_HAVE_EVPGCM && \ ciphers="$ciphers aes128-gcm@openssh.com aes256-gcm@openssh.com" macs="hmac-sha1 hmac-md5 umac-64@openssh.com umac-128@openssh.com hmac-sha1-96 hmac-md5-96" -config_defined HAVE_EVP_SHA256 && +config_defined HAVE_EVP_SHA256 && \ macs="$macs hmac-sha2-256 hmac-sha2-512" for c in $ciphers; do n=0; for m in $macs; do diff --git a/regress/integrity.sh b/regress/integrity.sh index 2b4bfeacc..91168fd2e 100644 --- a/regress/integrity.sh +++ b/regress/integrity.sh @@ -16,7 +16,7 @@ macs="hmac-sha1 hmac-md5 umac-64@openssh.com umac-128@openssh.com hmac-sha2-256-etm@openssh.com hmac-sha2-512-etm@openssh.com" # The following are not MACs, but ciphers with integrated integrity. They are # handled specially below. -config_defined OPENSSL_HAVE_EVPGCM && +config_defined OPENSSL_HAVE_EVPGCM && \ macs="$macs aes128-gcm@openssh.com aes256-gcm@openssh.com" # sshd-command for proxy (see test-exec.sh) diff --git a/regress/try-ciphers.sh b/regress/try-ciphers.sh index ca2851713..ef91085c5 100644 --- a/regress/try-ciphers.sh +++ b/regress/try-ciphers.sh @@ -6,8 +6,9 @@ tid="try ciphers" ciphers="aes128-cbc 3des-cbc blowfish-cbc cast128-cbc arcfour128 arcfour256 arcfour aes192-cbc aes256-cbc rijndael-cbc@lysator.liu.se - aes128-ctr aes192-ctr aes256-ctr - aes128-gcm@openssh.com aes256-gcm@openssh.com" + aes128-ctr aes192-ctr aes256-ctr" +config_defined OPENSSL_HAVE_EVPGCM && \ + ciphers="$ciphers aes128-gcm@openssh.com aes256-gcm@openssh.com" macs="hmac-sha1 hmac-md5 umac-64@openssh.com umac-128@openssh.com hmac-sha1-96 hmac-md5-96 hmac-sha1-etm@openssh.com hmac-md5-etm@openssh.com -- cgit v1.2.3 From 57f92185288e0101fe9c3f3dfa29ea1619da8354 Mon Sep 17 00:00:00 2001 From: Damien Miller Date: Thu, 14 Feb 2013 10:32:33 +1100 Subject: - (djm) [regress/integrity.sh] Start fuzzing from offset 2500 (instead of 2300) to avoid clobbering the end of (non-MAC'd) KEX. Verified by Iain Morgan --- ChangeLog | 3 +++ regress/integrity.sh | 4 ++-- 2 files changed, 5 insertions(+), 2 deletions(-) (limited to 'regress/integrity.sh') diff --git a/ChangeLog b/ChangeLog index b77f88b02..c6162496e 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,6 +1,9 @@ 20130214 - (djm) [regress/krl.sh] Don't use ecdsa keys in environment that lack ECC. - (djm) [regress/krl.sh] typo; found by Iain Morgan + - (djm) [regress/integrity.sh] Start fuzzing from offset 2500 (instead + of 2300) to avoid clobbering the end of (non-MAC'd) KEX. Verified by + Iain Morgan 20130212 - (djm) OpenBSD CVS Sync diff --git a/regress/integrity.sh b/regress/integrity.sh index 91168fd2e..bcace97e6 100644 --- a/regress/integrity.sh +++ b/regress/integrity.sh @@ -3,11 +3,11 @@ tid="integrity" -# start at byte 2300 (i.e. after kex) and corrupt at different offsets +# start at byte 2500 (i.e. after kex) and corrupt at different offsets # XXX the test hangs if we modify the low bytes of the packet length # XXX and ssh tries to read... tries=10 -startoffset=2300 +startoffset=2500 macs="hmac-sha1 hmac-md5 umac-64@openssh.com umac-128@openssh.com hmac-sha1-96 hmac-md5-96 hmac-sha2-256 hmac-sha2-512 hmac-sha1-etm@openssh.com hmac-md5-etm@openssh.com -- cgit v1.2.3 From 5d7b9565bc2cc2b0734a6e8b0b7ab781745d35f9 Mon Sep 17 00:00:00 2001 From: Damien Miller Date: Sat, 16 Feb 2013 17:32:31 +1100 Subject: - djm@cvs.openbsd.org 2013/02/16 06:08:45 [integrity.sh] make sure the fuzz offset is actually past the end of KEX for all KEX types. diffie-hellman-group-exchange-sha256 requires an offset around 2700. Noticed via test failures in portable OpenSSH on platforms that lack ECC and this the more byte-frugal ECDH KEX algorithms. --- ChangeLog | 9 +++++++++ regress/integrity.sh | 6 +++--- 2 files changed, 12 insertions(+), 3 deletions(-) (limited to 'regress/integrity.sh') diff --git a/ChangeLog b/ChangeLog index 8dd37b2c0..406a609a6 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,12 @@ +20130216 + - OpenBSD CVS Sync + - djm@cvs.openbsd.org 2013/02/16 06:08:45 + [integrity.sh] + make sure the fuzz offset is actually past the end of KEX for all KEX + types. diffie-hellman-group-exchange-sha256 requires an offset around + 2700. Noticed via test failures in portable OpenSSH on platforms that + lack ECC and this the more byte-frugal ECDH KEX algorithms. + 20130215 - (djm) [contrib/suse/rc.sshd] Use SSHD_BIN consistently; bz#2056 from Iain Morgan diff --git a/regress/integrity.sh b/regress/integrity.sh index bcace97e6..d779aa930 100644 --- a/regress/integrity.sh +++ b/regress/integrity.sh @@ -1,13 +1,13 @@ -# $OpenBSD: integrity.sh,v 1.2 2013/01/12 11:23:53 djm Exp $ +# $OpenBSD: integrity.sh,v 1.3 2013/02/16 06:08:45 djm Exp $ # Placed in the Public Domain. tid="integrity" -# start at byte 2500 (i.e. after kex) and corrupt at different offsets +# start at byte 2800 (i.e. after kex) and corrupt at different offsets # XXX the test hangs if we modify the low bytes of the packet length # XXX and ssh tries to read... tries=10 -startoffset=2500 +startoffset=2800 macs="hmac-sha1 hmac-md5 umac-64@openssh.com umac-128@openssh.com hmac-sha1-96 hmac-md5-96 hmac-sha2-256 hmac-sha2-512 hmac-sha1-etm@openssh.com hmac-md5-etm@openssh.com -- cgit v1.2.3 From 33d52566bc8e36091b74fbd532df1bc4d2368576 Mon Sep 17 00:00:00 2001 From: Damien Miller Date: Mon, 18 Feb 2013 10:18:05 +1100 Subject: - djm@cvs.openbsd.org 2013/02/17 23:16:55 [integrity.sh] make the ssh command generates some output to ensure that there are at least offset+tries bytes in the stream. --- ChangeLog | 7 +++++++ regress/integrity.sh | 4 ++-- 2 files changed, 9 insertions(+), 2 deletions(-) (limited to 'regress/integrity.sh') diff --git a/ChangeLog b/ChangeLog index 406a609a6..6f3a224a0 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,10 @@ +20130217 + - OpenBSD CVS Sync + - djm@cvs.openbsd.org 2013/02/17 23:16:55 + [integrity.sh] + make the ssh command generates some output to ensure that there are at + least offset+tries bytes in the stream. + 20130216 - OpenBSD CVS Sync - djm@cvs.openbsd.org 2013/02/16 06:08:45 diff --git a/regress/integrity.sh b/regress/integrity.sh index d779aa930..4d104c145 100644 --- a/regress/integrity.sh +++ b/regress/integrity.sh @@ -1,4 +1,4 @@ -# $OpenBSD: integrity.sh,v 1.3 2013/02/16 06:08:45 djm Exp $ +# $OpenBSD: integrity.sh,v 1.4 2013/02/17 23:16:55 djm Exp $ # Placed in the Public Domain. tid="integrity" @@ -46,7 +46,7 @@ for m in $macs; do *) macopt="-m $m";; esac output=$(${SSH} $macopt -2F $OBJ/ssh_proxy -o "$pxy" \ - 999.999.999.999 true 2>&1) + 999.999.999.999 'printf "%2048s" " "' 2>&1) if [ $? -eq 0 ]; then fail "ssh -m $m succeeds with bit-flip at $off" fi -- cgit v1.2.3 From 0dc3bc908e702cc2db460446f11628654c9c602e Mon Sep 17 00:00:00 2001 From: Damien Miller Date: Tue, 19 Feb 2013 09:28:32 +1100 Subject: - djm@cvs.openbsd.org 2013/02/18 22:26:47 [integrity.sh] crank the offset yet again; it was still fuzzing KEX one of Darren's portable test hosts at 2800 --- ChangeLog | 7 +++++++ regress/integrity.sh | 6 +++--- 2 files changed, 10 insertions(+), 3 deletions(-) (limited to 'regress/integrity.sh') diff --git a/ChangeLog b/ChangeLog index 6f3a224a0..afde4d9b2 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,10 @@ +20130219 + - OpenBSD CVS Sync + - djm@cvs.openbsd.org 2013/02/18 22:26:47 + [integrity.sh] + crank the offset yet again; it was still fuzzing KEX one of Darren's + portable test hosts at 2800 + 20130217 - OpenBSD CVS Sync - djm@cvs.openbsd.org 2013/02/17 23:16:55 diff --git a/regress/integrity.sh b/regress/integrity.sh index 4d104c145..261e9f9a9 100644 --- a/regress/integrity.sh +++ b/regress/integrity.sh @@ -1,13 +1,13 @@ -# $OpenBSD: integrity.sh,v 1.4 2013/02/17 23:16:55 djm Exp $ +# $OpenBSD: integrity.sh,v 1.5 2013/02/18 22:26:47 djm Exp $ # Placed in the Public Domain. tid="integrity" -# start at byte 2800 (i.e. after kex) and corrupt at different offsets +# start at byte 2900 (i.e. after kex) and corrupt at different offsets # XXX the test hangs if we modify the low bytes of the packet length # XXX and ssh tries to read... tries=10 -startoffset=2800 +startoffset=2900 macs="hmac-sha1 hmac-md5 umac-64@openssh.com umac-128@openssh.com hmac-sha1-96 hmac-md5-96 hmac-sha2-256 hmac-sha2-512 hmac-sha1-etm@openssh.com hmac-md5-etm@openssh.com -- cgit v1.2.3 From b3764e12024e70296d35877a3da2c4d575dafdb9 Mon Sep 17 00:00:00 2001 From: Damien Miller Date: Tue, 19 Feb 2013 13:15:01 +1100 Subject: - djm@cvs.openbsd.org 2013/02/19 02:14:09 [integrity.sh] oops, forgot to increase the output of the ssh command to ensure that we actually reach $offset --- ChangeLog | 4 ++++ regress/Makefile | 2 ++ regress/integrity.sh | 4 ++-- regress/modpipe.c | 32 ++++++++++++++++++++++++++++++-- 4 files changed, 38 insertions(+), 4 deletions(-) (limited to 'regress/integrity.sh') diff --git a/ChangeLog b/ChangeLog index afde4d9b2..bac8998c0 100644 --- a/ChangeLog +++ b/ChangeLog @@ -4,6 +4,10 @@ [integrity.sh] crank the offset yet again; it was still fuzzing KEX one of Darren's portable test hosts at 2800 + - djm@cvs.openbsd.org 2013/02/19 02:14:09 + [integrity.sh] + oops, forgot to increase the output of the ssh command to ensure that + we actually reach $offset 20130217 - OpenBSD CVS Sync diff --git a/regress/Makefile b/regress/Makefile index 18f9f124c..c3aec43fc 100644 --- a/regress/Makefile +++ b/regress/Makefile @@ -90,6 +90,8 @@ TEST_ENV= "MALLOC_OPTIONS=AFGJPRX" TEST_SSH_SSHKEYGEN?=ssh-keygen +CPPFLAGS=-I.. + t1: ${TEST_SSH_SSHKEYGEN} -if ${.CURDIR}/rsa_ssh2.prv | diff - ${.CURDIR}/rsa_openssh.prv tr '\n' '\r' <${.CURDIR}/rsa_ssh2.prv > ${.OBJDIR}/rsa_ssh2_cr.prv diff --git a/regress/integrity.sh b/regress/integrity.sh index 261e9f9a9..0a0146e05 100644 --- a/regress/integrity.sh +++ b/regress/integrity.sh @@ -1,4 +1,4 @@ -# $OpenBSD: integrity.sh,v 1.5 2013/02/18 22:26:47 djm Exp $ +# $OpenBSD: integrity.sh,v 1.6 2013/02/19 02:14:09 djm Exp $ # Placed in the Public Domain. tid="integrity" @@ -46,7 +46,7 @@ for m in $macs; do *) macopt="-m $m";; esac output=$(${SSH} $macopt -2F $OBJ/ssh_proxy -o "$pxy" \ - 999.999.999.999 'printf "%2048s" " "' 2>&1) + 999.999.999.999 'printf "%4096s" " "' 2>&1) if [ $? -eq 0 ]; then fail "ssh -m $m succeeds with bit-flip at $off" fi diff --git a/regress/modpipe.c b/regress/modpipe.c index 439be4c9d..b05915b63 100755 --- a/regress/modpipe.c +++ b/regress/modpipe.c @@ -14,16 +14,44 @@ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: modpipe.c,v 1.1 2012/12/11 23:54:40 djm Exp $ */ +/* $Id: modpipe.c,v 1.2 2013/02/19 02:15:08 djm Exp $ */ #include #include #include #include +#include #include -#include #include +static void err(int, const char *, ...) __attribute__((format(printf, 2, 3))); +static void errx(int, const char *, ...) __attribute__((format(printf, 2, 3))); + +static void +err(int r, const char *fmt, ...) +{ + va_list args; + + va_start(args, fmt); + fprintf(stderr, "%s: ", strerror(errno)); + vfprintf(stderr, fmt, args); + fputc('\n', stderr); + va_end(args); + exit(r); +} + +static void +errx(int r, const char *fmt, ...) +{ + va_list args; + + va_start(args, fmt); + vfprintf(stderr, fmt, args); + fputc('\n', stderr); + va_end(args); + exit(r); +} + static void usage(void) { -- cgit v1.2.3 From dae85cc3ad02a068b58f42fddc2ccc4f3a9b8311 Mon Sep 17 00:00:00 2001 From: Damien Miller Date: Tue, 19 Feb 2013 14:27:44 +1100 Subject: - (djm) [regress/integrity.sh] Skip SHA2-based MACs on configurations that lack support for SHA2. --- ChangeLog | 2 ++ regress/integrity.sh | 8 +++++--- 2 files changed, 7 insertions(+), 3 deletions(-) (limited to 'regress/integrity.sh') diff --git a/ChangeLog b/ChangeLog index bac8998c0..09d5c1304 100644 --- a/ChangeLog +++ b/ChangeLog @@ -8,6 +8,8 @@ [integrity.sh] oops, forgot to increase the output of the ssh command to ensure that we actually reach $offset + - (djm) [regress/integrity.sh] Skip SHA2-based MACs on configurations that + lack support for SHA2. 20130217 - OpenBSD CVS Sync diff --git a/regress/integrity.sh b/regress/integrity.sh index 0a0146e05..2a93372fc 100644 --- a/regress/integrity.sh +++ b/regress/integrity.sh @@ -9,11 +9,13 @@ tid="integrity" tries=10 startoffset=2900 macs="hmac-sha1 hmac-md5 umac-64@openssh.com umac-128@openssh.com - hmac-sha1-96 hmac-md5-96 hmac-sha2-256 hmac-sha2-512 + hmac-sha1-96 hmac-md5-96 hmac-sha1-etm@openssh.com hmac-md5-etm@openssh.com umac-64-etm@openssh.com umac-128-etm@openssh.com - hmac-sha1-96-etm@openssh.com hmac-md5-96-etm@openssh.com - hmac-sha2-256-etm@openssh.com hmac-sha2-512-etm@openssh.com" + hmac-sha1-96-etm@openssh.com hmac-md5-96-etm@openssh.com" +config_defined HAVE_EVP_SHA256 && + macs="$macs hmac-sha2-256 hmac-sha2-512 + hmac-sha2-256-etm@openssh.com hmac-sha2-512-etm@openssh.com" # The following are not MACs, but ciphers with integrated integrity. They are # handled specially below. config_defined OPENSSL_HAVE_EVPGCM && \ -- cgit v1.2.3 From 1e657d592d1afa169ffb0a7a1a407b4fe5c97686 Mon Sep 17 00:00:00 2001 From: Damien Miller Date: Tue, 26 Feb 2013 18:58:06 +1100 Subject: - djm@cvs.openbsd.org 2013/02/20 08:27:50 [integrity.sh] Add an option to modpipe that warns if the modification offset it not reached in it's stream and turn it on for t-integrity. This should catch cases where the session is not fuzzed for being too short (cf. my last "oops" commit) --- ChangeLog | 9 +++++++++ regress/integrity.sh | 4 ++-- 2 files changed, 11 insertions(+), 2 deletions(-) (limited to 'regress/integrity.sh') diff --git a/ChangeLog b/ChangeLog index 0d0340f8f..076aca702 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,12 @@ +20130226 + - OpenBSD CVS Sync + - djm@cvs.openbsd.org 2013/02/20 08:27:50 + [integrity.sh] + Add an option to modpipe that warns if the modification offset it not + reached in it's stream and turn it on for t-integrity. This should catch + cases where the session is not fuzzed for being too short (cf. my last + "oops" commit) + 20130225 - (dtucker) [configure.ac ssh-gss.h] bz#2073: additional #includes needed to use Solaris native GSS libs. Patch from Pierre Ossman. diff --git a/regress/integrity.sh b/regress/integrity.sh index 2a93372fc..a57ec87f9 100644 --- a/regress/integrity.sh +++ b/regress/integrity.sh @@ -1,4 +1,4 @@ -# $OpenBSD: integrity.sh,v 1.6 2013/02/19 02:14:09 djm Exp $ +# $OpenBSD: integrity.sh,v 1.7 2013/02/20 08:27:50 djm Exp $ # Placed in the Public Domain. tid="integrity" @@ -42,7 +42,7 @@ for m in $macs; do continue fi # modify output from sshd at offset $off - pxy="proxycommand=$cmd | $OBJ/modpipe -m xor:$off:1" + pxy="proxycommand=$cmd | $OBJ/modpipe -wm xor:$off:1" case $m in aes*gcm*) macopt="-c $m";; *) macopt="-m $m";; -- cgit v1.2.3 From 6c21bb8c4ae2104f8fff44a9a966897353175b4d Mon Sep 17 00:00:00 2001 From: Damien Miller Date: Tue, 26 Feb 2013 19:41:30 +1100 Subject: - (djm) [regress/integrity.sh] Run sshd via $SUDO; fixes tinderbox breakage for UsePAM=yes configuration --- ChangeLog | 2 ++ regress/integrity.sh | 2 +- 2 files changed, 3 insertions(+), 1 deletion(-) (limited to 'regress/integrity.sh') diff --git a/ChangeLog b/ChangeLog index 076aca702..f363ef2cf 100644 --- a/ChangeLog +++ b/ChangeLog @@ -6,6 +6,8 @@ reached in it's stream and turn it on for t-integrity. This should catch cases where the session is not fuzzed for being too short (cf. my last "oops" commit) + - (djm) [regress/integrity.sh] Run sshd via $SUDO; fixes tinderbox breakage + for UsePAM=yes configuration 20130225 - (dtucker) [configure.ac ssh-gss.h] bz#2073: additional #includes needed diff --git a/regress/integrity.sh b/regress/integrity.sh index a57ec87f9..78fb53260 100644 --- a/regress/integrity.sh +++ b/regress/integrity.sh @@ -22,7 +22,7 @@ config_defined OPENSSL_HAVE_EVPGCM && \ macs="$macs aes128-gcm@openssh.com aes256-gcm@openssh.com" # sshd-command for proxy (see test-exec.sh) -cmd="sh ${SRC}/sshd-log-wrapper.sh ${SSHD} ${TEST_SSH_LOGFILE} -i -f $OBJ/sshd_proxy" +cmd="$SUDO sh ${SRC}/sshd-log-wrapper.sh ${SSHD} ${TEST_SSH_LOGFILE} -i -f $OBJ/sshd_proxy" jot() { awk "BEGIN { for (i = $2; i < $2 + $1; i++) { printf \"%d\n\", i } }" -- cgit v1.2.3 From f9e2060ca9d350733ac82ed9858b010a2b1ba5c1 Mon Sep 17 00:00:00 2001 From: Tim Rice Date: Tue, 26 Feb 2013 20:27:29 -0800 Subject: - (tim) [regress/integrity.sh] shell portability fix. --- ChangeLog | 1 + regress/integrity.sh | 20 ++++++++++---------- 2 files changed, 11 insertions(+), 10 deletions(-) (limited to 'regress/integrity.sh') diff --git a/ChangeLog b/ChangeLog index c58b09997..2adfc510f 100644 --- a/ChangeLog +++ b/ChangeLog @@ -2,6 +2,7 @@ - (djm) [README contrib/caldera/openssh.spec contrib/redhat/openssh.spec] [contrib/suse/openssh.spec] Crank version numbers - (tim) [regress/forward-control.sh] use sh in case login shell is csh. + - (tim) [regress/integrity.sh] shell portability fix. 20130226 - OpenBSD CVS Sync diff --git a/regress/integrity.sh b/regress/integrity.sh index 78fb53260..8ed8d080e 100644 --- a/regress/integrity.sh +++ b/regress/integrity.sh @@ -35,8 +35,8 @@ for m in $macs; do emac=0 ecnt=0 skip=0 - for off in $(jot $tries $startoffset); do - skip=$((skip - 1)) + for off in `jot $tries $startoffset`; do + skip=`expr $skip - 1` if [ $skip -gt 0 ]; then # avoid modifying the high bytes of the length continue @@ -47,19 +47,19 @@ for m in $macs; do aes*gcm*) macopt="-c $m";; *) macopt="-m $m";; esac - output=$(${SSH} $macopt -2F $OBJ/ssh_proxy -o "$pxy" \ - 999.999.999.999 'printf "%4096s" " "' 2>&1) + output=`${SSH} $macopt -2F $OBJ/ssh_proxy -o "$pxy" \ + 999.999.999.999 'printf "%4096s" " "' 2>&1` if [ $? -eq 0 ]; then fail "ssh -m $m succeeds with bit-flip at $off" fi - ecnt=$((ecnt+1)) - output=$(echo $output | tr -s '\r\n' '.') + ecnt=`expr $ecnt + 1` + output=`echo $output | tr -s '\r\n' '.'` verbose "test $tid: $m @$off $output" case "$output" in - Bad?packet*) elen=$((elen+1)); skip=3;; + Bad?packet*) elen=`expr $elen + 1`; skip=3;; Corrupted?MAC* | Decryption?integrity?check?failed*) - emac=$((emac+1)); skip=0;; - padding*) epad=$((epad+1)); skip=0;; + emac=`expr $emac + 1`; skip=0;; + padding*) epad=`expr $epad + 1`; skip=0;; *) fail "unexpected error mac $m at $off";; esac done @@ -67,7 +67,7 @@ for m in $macs; do if [ $emac -eq 0 ]; then fail "$m: no mac errors" fi - expect=$((ecnt-epad-elen)) + expect=`expr $ecnt - $epad - $elen` if [ $emac -ne $expect ]; then fail "$m: expected $expect mac errors, got $emac" fi -- cgit v1.2.3 From ada7e17ae504b0bbbc04e380986f41ee8f67c437 Mon Sep 17 00:00:00 2001 From: Tim Rice Date: Tue, 26 Feb 2013 21:49:09 -0800 Subject: - (tim) [regress/integrity.sh] keep old solaris awk from hanging. --- ChangeLog | 1 + regress/integrity.sh | 2 +- 2 files changed, 2 insertions(+), 1 deletion(-) (limited to 'regress/integrity.sh') diff --git a/ChangeLog b/ChangeLog index 2adfc510f..9c5b1e577 100644 --- a/ChangeLog +++ b/ChangeLog @@ -3,6 +3,7 @@ [contrib/suse/openssh.spec] Crank version numbers - (tim) [regress/forward-control.sh] use sh in case login shell is csh. - (tim) [regress/integrity.sh] shell portability fix. + - (tim) [regress/integrity.sh] keep old solaris awk from hanging. 20130226 - OpenBSD CVS Sync diff --git a/regress/integrity.sh b/regress/integrity.sh index 8ed8d080e..4d46926d5 100644 --- a/regress/integrity.sh +++ b/regress/integrity.sh @@ -25,7 +25,7 @@ config_defined OPENSSL_HAVE_EVPGCM && \ cmd="$SUDO sh ${SRC}/sshd-log-wrapper.sh ${SSHD} ${TEST_SSH_LOGFILE} -i -f $OBJ/sshd_proxy" jot() { - awk "BEGIN { for (i = $2; i < $2 + $1; i++) { printf \"%d\n\", i } }" + awk "BEGIN { for (i = $2; i < $2 + $1; i++) { printf \"%d\n\", i } exit }" } for m in $macs; do -- cgit v1.2.3