Subversion Repositories lsh

Compare Revisions

Ignore whitespace Rev 147 → Rev 136

/trunk/debian/changelog
1,24 → 1,3
lsh-utils (2.1-10) unstable; urgency=low
 
* Add missing lsb-base dependency.
* missing_include.patch: Add a missing include to fix FTBFS with bindnow
and PIE enabled (Closes: #837665, LP: #1628178).
* Increase Debhelper compat level to 9.
* Add Brazilian Portuguese debconf templates translation (Closes:
#816948).
* Drop the blacklisting of vulnerable SSH keys. OpenSSH did so three
years ago; the vulnerability was eight years ago.
* Bump Standards-Version to 3.9.8.
 
-- Magnus Holmgren <holmgren@debian.org> Tue, 18 Oct 2016 19:55:20 +0200
 
lsh-utils (2.1-9) unstable; urgency=medium
 
* nettle3.patch: also cast length arguments to nettle_sexp_vformat() to
size_t.
 
-- Magnus Holmgren <holmgren@debian.org> Thu, 25 Feb 2016 00:16:44 +0100
 
lsh-utils (2.1-8) unstable; urgency=low
 
* Build with MIT Kerberos instead of Heimdal (Closes: #806266, #812813).
/trunk/debian/control
3,8 → 3,8
Priority: extra
Maintainer: Magnus Holmgren <holmgren@debian.org>
Uploaders: Stefan Pfetzing <dreamind@dreamind.de>
Standards-Version: 3.9.8
Build-Depends: dpkg-dev (>= 1.15.7), debhelper (>= 9), dh-autoreconf, dh-systemd (>= 1.5), automake,
Standards-Version: 3.9.6
Build-Depends: dpkg-dev (>= 1.15.7), debhelper (>= 7), dh-autoreconf, dh-systemd (>= 1.5), automake,
libgmp-dev, zlib1g-dev | libz-dev, liboop-dev, libxau-dev, nettle-dev (>= 3.0~), nettle-bin,
texinfo (>= 4.2), libkrb5-dev, libwrap0-dev | libwrap-dev,
libpam0g-dev | libpam-dev, libreadline-dev, m4
13,6 → 13,7
Package: lsh-utils
Architecture: any
Depends: nettle-bin (>= 2.0-2), ${shlibs:Depends}, ${misc:Depends}
Recommends: openssh-blacklist, openssh-blacklist-extra
Suggests: lsh-server, lsh-client, lsh-doc
Description: Secure Shell v2 (SSH2) protocol utilities
lsh is a GPLed implementation of the Secure SHell protocol version 2
31,8 → 32,9
Package: lsh-server
Architecture: any
Provides: ssh-server
Depends: lsh-utils (= ${binary:Version}),
lsb-base (>= 3.0-6), ${shlibs:Depends}, ${misc:Depends}
Depends: lsh-utils (= ${binary:Version}), openssh-blacklist,
${shlibs:Depends}, ${misc:Depends}
Recommends: openssh-blacklist-extra
Suggests: lsh-client | openssh-client, lsh-doc
Description: Secure Shell v2 (SSH2) protocol server
lsh is a GPLed implementation of the Secure SHell protocol version 2
/trunk/debian/patches/missing_include.patch
File deleted
/trunk/debian/patches/series
1,8 → 1,8
sftp-server-mansection.patch
blacklist.patch
new-readline-completion-function-typedef.patch
rl_completion-segfault.patch
bsd_connreset_test_fail.patch
skip-argp.patch
nettle3.patch
missing_include.patch
mit-kerberos.patch
/trunk/debian/patches/nettle3.patch
268,74 → 268,3
const uint8_t *subexpr = sexp_iterator_subexpr(i, &length);
return subexpr ? ssh_format("%ls", length, subexpr) : NULL;
--- a/src/lsh.c
+++ b/src/lsh.c
@@ -524,8 +524,8 @@ do_lsh_lookup(struct lookup_verifier *c,
}
acl = lsh_string_format_sexp(0, "(acl(entry(subject%l)%l))",
- subject->key_length, subject->key,
- STRING_LD(self->access));
+ (size_t)subject->key_length, subject->key,
+ (size_t)STRING_LD(self->access));
/* FIXME: Seems awkward to pick the acl apart again. */
if (!spki_iterator_first(&i, STRING_LD(acl)))
@@ -540,7 +540,7 @@ do_lsh_lookup(struct lookup_verifier *c,
A_WRITE(self->file,
ssh_format("\n; ACL for host %lz\n"
"%lfS\n",
- self->host, lsh_string_format_sexp(1, "%l", STRING_LD(acl))));
+ self->host, lsh_string_format_sexp(1, "%l", (size_t)STRING_LD(acl))));
lsh_string_free(acl);
}
--- a/src/spki.c
+++ b/src/spki.c
@@ -98,7 +98,7 @@ make_ssh_hostkey_tag(const char *host)
}
tag = lsh_string_format_sexp(0, "(tag(ssh-hostkey%s))",
- STRING_LD(reversed));
+ (size_t)STRING_LD(reversed));
lsh_string_free(reversed);
return tag;
@@ -207,7 +207,7 @@ spki_hash_data(const struct hash_algorit
out = lsh_string_format_sexp(0, "(hash%0s%s)",
"hash", get_atom_name(algorithm_name),
- STRING_LD(digest));
+ (size_t)STRING_LD(digest));
KILL(hash);
lsh_string_free(digest);
@@ -376,13 +376,13 @@ spki_pkcs5_encrypt(struct randomness *r,
value = lsh_string_format_sexp(0, "(password-encrypted%s(Xpkcs5v2%0s"
"(iterations%i)(salt%s))"
"(%0s(iv%s)(data%s)))",
- STRING_LD(label),
+ (size_t)STRING_LD(label),
get_atom_name(prf_name),
iterations,
- STRING_LD(salt),
+ (size_t)STRING_LD(salt),
get_atom_name(crypto_name),
- STRING_LD(iv),
- STRING_LD(encrypted));
+ (size_t)STRING_LD(iv),
+ (size_t)STRING_LD(encrypted));
lsh_string_free(key);
lsh_string_free(salt);
--- a/src/srp_exchange.c
+++ b/src/srp_exchange.c
@@ -112,7 +112,7 @@ srp_make_verifier(const struct zn_group
zn_exp(G, x, G->generator, x);
expr = lsh_string_format_sexp(0, "(srp-verifier ssh-ring1%s%b)",
- STRING_LD(salt),
+ (size_t)STRING_LD(salt),
x);
mpz_clear(x);
/trunk/debian/patches/blacklist.patch
0,0 → 1,382
Author: Magnus Holmgren <holmgren@debian.org>
Description: Check keys against openssh-blacklist
Check keys before accepting for pubkey authentication as well as on conversion
by lsh-writekey and lsh-decode-key.
.
blacklist.c code copied from the openssh package and adapted for LSH.
 
--- a/src/Makefile.am
+++ b/src/Makefile.am
@@ -69,7 +69,8 @@ liblsh_a_SOURCES = abstract_io.c abstrac
unix_interact.c unix_process.c unix_random.c unix_user.c \
userauth.c \
werror.c write_buffer.c write_packet.c \
- xalloc.c xauth.c zlib.c
+ xalloc.c xauth.c zlib.c \
+ blacklist.c
liblsh_a_LIBADD = @LIBOBJS@
--- a/src/abstract_crypto.h
+++ b/src/abstract_crypto.h
@@ -162,7 +162,9 @@ MAC_DIGEST((instance), lsh_string_alloc(
(public_key method (string))
; Returns (public-key (<pub-sig-alg-id> <s-expr>*))
- (public_spki_key method (string) "int transport")))
+ (public_spki_key method (string) "int transport")
+
+ (key_size method uint32_t)))
*/
#define VERIFY(verifier, algorithm, length, data, slength, sdata) \
@@ -170,7 +172,7 @@ MAC_DIGEST((instance), lsh_string_alloc(
#define PUBLIC_KEY(verifier) ((verifier)->public_key((verifier)))
#define PUBLIC_SPKI_KEY(verifier, t) ((verifier)->public_spki_key((verifier), (t)))
-
+#define KEY_SIZE(verifier) ((verifier)->key_size((verifier)))
/* GABA:
(class
--- a/src/abstract_crypto.h.x
+++ b/src/abstract_crypto.h.x
@@ -161,6 +161,7 @@ struct verifier
int (*(verify))(struct verifier *self,int algorithm,uint32_t length,const uint8_t *data,uint32_t signature_length,const uint8_t *signature_data);
struct lsh_string *(*(public_key))(struct verifier *self);
struct lsh_string *(*(public_spki_key))(struct verifier *self,int transport);
+ uint32_t *(*(key_size))(struct verifier *self);
};
extern struct lsh_class verifier_class;
#endif /* !GABA_DEFINE */
--- /dev/null
+++ b/src/blacklist.c
@@ -0,0 +1,152 @@
+#if HAVE_CONFIG_H
+#include "config.h"
+#endif
+
+#include <assert.h>
+
+#include "atoms.h"
+#include "format.h"
+#include "lsh_string.h"
+#include "werror.h"
+#include "crypto.h"
+
+#include <sys/types.h>
+#include <sys/stat.h>
+#include <unistd.h>
+#include <fcntl.h>
+#include <string.h>
+
+int blacklisted_key(struct verifier *v, int method);
+
+/* Scan a blacklist of known-vulnerable keys in blacklist_file. */
+static int
+blacklisted_key_in_file(struct lsh_string *lsh_hash, struct lsh_string *blacklist_file)
+{
+ int fd = -1;
+ const char *hash = 0;
+ uint32_t line_len;
+ struct stat st;
+ char buf[256];
+ off_t start, lower, upper;
+ int ret = 0;
+
+ debug("Checking blacklist file %S\n", blacklist_file);
+ fd = open(lsh_get_cstring(blacklist_file), O_RDONLY);
+ if (fd < 0) {
+ ret = -1;
+ goto out;
+ }
+
+ hash = lsh_get_cstring(lsh_hash) + 12;
+ line_len = strlen(hash);
+ if (line_len != 20)
+ goto out;
+
+ /* Skip leading comments */
+ start = 0;
+ for (;;) {
+ ssize_t r;
+ char *newline;
+
+ r = read(fd, buf, sizeof(buf));
+ if (r <= 0)
+ goto out;
+ if (buf[0] != '#')
+ break;
+
+ newline = memchr(buf, '\n', sizeof(buf));
+ if (!newline)
+ goto out;
+ start += newline + 1 - buf;
+ if (lseek(fd, start, SEEK_SET) < 0)
+ goto out;
+ }
+
+ /* Initialise binary search record numbers */
+ if (fstat(fd, &st) < 0)
+ goto out;
+ lower = 0;
+ upper = (st.st_size - start) / (line_len + 1);
+
+ while (lower != upper) {
+ off_t cur;
+ int cmp;
+
+ cur = lower + (upper - lower) / 2;
+
+ /* Read this line and compare to digest; this is
+ * overflow-safe since cur < max(off_t) / (line_len + 1) */
+ if (lseek(fd, start + cur * (line_len + 1), SEEK_SET) < 0)
+ break;
+ if (read(fd, buf, line_len) != line_len)
+ break;
+ cmp = memcmp(buf, hash, line_len);
+ if (cmp < 0) {
+ if (cur == lower)
+ break;
+ lower = cur;
+ } else if (cmp > 0) {
+ if (cur == upper)
+ break;
+ upper = cur;
+ } else {
+ ret = 1;
+ break;
+ }
+ }
+
+out:
+ if (fd >= 0)
+ close(fd);
+ return ret;
+}
+
+/*
+ * Scan blacklists of known-vulnerable keys. If a vulnerable key is found,
+ * its fingerprint is returned in *fp, unless fp is NULL.
+ */
+int
+blacklisted_key(struct verifier *v, int method)
+{
+ const char *keytype;
+ int ret = -1;
+ const char *paths[] = { "/usr/share/ssh/blacklist", "/etc/ssh/blacklist", NULL };
+ const char **pp;
+ struct lsh_string *lsh_hash = ssh_format("%lfxS",
+ hash_string(&crypto_md5_algorithm,
+ PUBLIC_KEY(v), 1));
+ uint32_t keysize = KEY_SIZE(v);
+
+ switch (method)
+ {
+ case ATOM_SSH_DSS:
+ case ATOM_DSA:
+ keytype = "DSA";
+ break;
+ case ATOM_SSH_RSA:
+ case ATOM_RSA_PKCS1_SHA1:
+ case ATOM_RSA_PKCS1_MD5:
+ case ATOM_RSA_PKCS1:
+ keytype = "RSA";
+ break;
+ default:
+ werror("Unrecognized key type");
+ return -1;
+ }
+
+ for (pp = paths; *pp && ret <= 0; pp++) {
+ struct lsh_string *blacklist_file = ssh_format("%lz.%lz-%di",
+ *pp, keytype, keysize);
+ int r = blacklisted_key_in_file(lsh_hash, blacklist_file);
+ lsh_string_free(blacklist_file);
+ if (r > ret) ret = r;
+ }
+
+ if (ret > 0) {
+ werror("Key is compromised: %z %i %fS\n", keytype, keysize,
+ lsh_string_colonize(lsh_hash, 2, 0));
+ } else if (ret < 0) {
+ verbose("No blacklist for key type %z size %i", keytype, keysize);
+ }
+ return ret;
+}
--- a/src/dsa.c
+++ b/src/dsa.c
@@ -187,6 +187,14 @@ do_dsa_public_spki_key(struct verifier *
"y", self->key.y);
}
+static uint32_t
+do_dsa_key_size(struct verifier *v)
+{
+ CAST(dsa_verifier, self, v);
+
+ return mpz_sizeinbase(self->key.p, 2);
+}
+
static void
init_dsa_verifier(struct dsa_verifier *self)
{
@@ -197,6 +205,7 @@ init_dsa_verifier(struct dsa_verifier *s
self->super.verify = do_dsa_verify;
self->super.public_spki_key = do_dsa_public_spki_key;
self->super.public_key = do_dsa_public_key;
+ self->super.key_size = do_dsa_key_size;
}
--- a/src/lsh-decode-key.c
+++ b/src/lsh-decode-key.c
@@ -133,6 +133,10 @@ lsh_decode_key(struct lsh_string *conten
werror("Invalid dsa key.\n");
return NULL;
}
+ else if (blacklisted_key(v, type) > 0)
+ {
+ return NULL;
+ }
else
return PUBLIC_SPKI_KEY(v, 1);
}
@@ -150,6 +154,10 @@ lsh_decode_key(struct lsh_string *conten
werror("Invalid rsa key.\n");
return NULL;
}
+ else if (blacklisted_key(v, type) > 0)
+ {
+ return NULL;
+ }
else
return PUBLIC_SPKI_KEY(v, 1);
}
--- a/src/lsh-writekey.c
+++ b/src/lsh-writekey.c
@@ -397,14 +397,18 @@ process_public(const struct lsh_string *
{
struct signer *s;
struct verifier *v;
+ int algorithm_name;
- s = spki_make_signer(options->signature_algorithms, key, NULL);
+ s = spki_make_signer(options->signature_algorithms, key, &algorithm_name);
if (!s)
return NULL;
v = SIGNER_GET_VERIFIER(s);
assert(v);
+ if (blacklisted_key(v, algorithm_name) > 0) {
+ return NULL;
+ }
return PUBLIC_SPKI_KEY(v, 1);
}
@@ -416,7 +420,8 @@ main(int argc, char **argv)
int private_fd;
int public_fd;
struct lsh_string *input;
- struct lsh_string *output;
+ struct lsh_string *priv_output;
+ struct lsh_string *pub_output;
const struct exception *e;
argp_parse(&main_argp, argc, argv, 0, NULL, options);
@@ -439,16 +444,22 @@ main(int argc, char **argv)
return EXIT_FAILURE;
}
- output = process_private(input, options);
- if (!output)
+ pub_output = process_public(input, options);
+ if (!pub_output)
+ return EXIT_FAILURE;
+
+ priv_output = process_private(input, options);
+ if (!priv_output)
return EXIT_FAILURE;
+ lsh_string_free(input);
+
private_fd = open_file(options->private_file);
if (private_fd < 0)
return EXIT_FAILURE;
- e = write_raw(private_fd, STRING_LD(output));
- lsh_string_free(output);
+ e = write_raw(private_fd, STRING_LD(priv_output));
+ lsh_string_free(priv_output);
if (e)
{
@@ -457,18 +468,12 @@ main(int argc, char **argv)
return EXIT_FAILURE;
}
- output = process_public(input, options);
- lsh_string_free(input);
-
- if (!output)
- return EXIT_FAILURE;
-
public_fd = open_file(options->public_file);
if (public_fd < 0)
return EXIT_FAILURE;
- e = write_raw(public_fd, STRING_LD(output));
- lsh_string_free(output);
+ e = write_raw(public_fd, STRING_LD(pub_output));
+ lsh_string_free(pub_output);
if (e)
{
--- a/src/publickey_crypto.h
+++ b/src/publickey_crypto.h
@@ -203,5 +203,7 @@ parse_ssh_dss_public(struct simple_buffe
struct verifier *
make_ssh_dss_verifier(const struct lsh_string *public);
+int
+blacklisted_key(struct verifier *v, int method);
#endif /* LSH_PUBLICKEY_CRYPTO_H_INCLUDED */
--- a/src/rsa.c
+++ b/src/rsa.c
@@ -167,6 +167,14 @@ do_rsa_public_spki_key(struct verifier *
self->key.n, self->key.e);
}
+static uint32_t
+do_rsa_key_size(struct verifier *v)
+{
+ CAST(rsa_verifier, self, v);
+
+ return mpz_sizeinbase(self->key.n, 2);
+}
+
/* NOTE: To initialize an rsa verifier, one must
*
@@ -184,6 +192,7 @@ init_rsa_verifier(struct rsa_verifier *s
self->super.verify = do_rsa_verify;
self->super.public_key = do_rsa_public_key;
self->super.public_spki_key = do_rsa_public_spki_key;
+ self->super.key_size = do_rsa_key_size;
}
/* Alternative constructor using a key of type ssh-rsa, when the atom
--- a/src/server_authorization.c
+++ b/src/server_authorization.c
@@ -93,7 +93,8 @@ do_key_lookup(struct lookup_verifier *c,
PUBLIC_SPKI_KEY(v, 0),
1));
- if (USER_FILE_EXISTS(keyholder, filename, 1))
+ if (USER_FILE_EXISTS(keyholder, filename, 1)
+ && blacklisted_key(v, method) < 1)
return v;
return NULL;
Property changes:
Added: svn:executable
## -0,0 +1 ##
+*
\ No newline at end of property
Index: debian/po/pt_BR.po
===================================================================
--- debian/po/pt_BR.po (.../tags/2.1-10) (revision 147)
+++ debian/po/pt_BR.po (.../trunk) (nonexistent)
@@ -1,96 +0,0 @@
-# Debconf translations for lsh-utils.
-# Copyright (C) 2016 Adriano Rafael Gomes <adrianorg@arg.eti.br>, 2016.
-# This file is distributed under the same license as the lsh-utils package.
-msgid ""
-msgstr ""
-"Project-Id-Version: lsh-utils\n"
-"Report-Msgid-Bugs-To: lsh-utils@packages.debian.org\n"
-"POT-Creation-Date: 2012-09-29 12:42-0400\n"
-"PO-Revision-Date: 2016-01-06 12:58-0200\n"
-"Last-Translator: Adriano Rafael Gomes <adrianorg@arg.eti.br>\n"
-"Language-Team: Brazilian Portuguese <debian-l10n-portuguese@lists.debian."
-"org>\n"
-"Language: pt_BR\n"
-"MIME-Version: 1.0\n"
-"Content-Type: text/plain; charset=UTF-8\n"
-"Content-Transfer-Encoding: 8bit\n"
-
-#. Type: string
-#. Description
-#: ../lsh-server.templates:2001
-msgid "lsh server port:"
-msgstr "Porta do servidor lsh:"
-
-#. Type: string
-#. Description
-#: ../lsh-server.templates:2001
-msgid ""
-"The default port for lshd is 22. If lshd should run on a different port, "
-"please specify the alternative port here. If you specify 22, you will need "
-"to manually disable any other SSH servers running on port 22, other than "
-"OpenSSH (from the package openssh-server), which will be disabled "
-"automatically if you choose 22 here."
-msgstr ""
-"A porta padrão para o lshd é a 22. Se o lshd deverá executar em uma porta "
-"diferente, por favor, especifique a porta alternativa aqui. Se você "
-"especificar 22, você precisará desabilitar manualmente quaisquer outros "
-"servidores SSH que estejam executando na porta 22, diferentes do OpenSSH (do "
-"pacote openssh-server), o qual será desabilitado automaticamente se você "
-"escolher 22 aqui."
-
-#. Type: boolean
-#. Description
-#: ../lsh-server.templates:3001
-msgid "Enable the SFTP subsystem?"
-msgstr "Habilitar o subsistema SFTP?"
-
-#. Type: boolean
-#. Description
-#: ../lsh-server.templates:3001
-msgid ""
-"Please choose whether you want to use the EXPERIMENTAL lsh SFTP support."
-msgstr ""
-"Por favor, escolha se você quer usar o suporte EXPERIMENTAL a SFTP do lsh."
-
-#. Type: boolean
-#. Description
-#: ../lsh-server.templates:3001
-msgid ""
-"Since it is experimental, the default is for it to be disabled, but it can "
-"be enabled now or later by manually changing /etc/default/lsh-server."
-msgstr ""
-"Uma vez que é experimental, o padrão é que seja desabilitado, mas isso pode "
-"ser habilitado agora ou mais tarde alterando /etc/default/lsh-server "
-"manualmente."
-
-#. Type: boolean
-#. Description
-#: ../lsh-server.templates:4001
-msgid "Remove host key on purge?"
-msgstr "Remover chave da máquina ao expurgar?"
-
-#. Type: boolean
-#. Description
-#: ../lsh-server.templates:4001
-msgid ""
-"When this package is installed, a host key is generated to authenticate your "
-"host."
-msgstr ""
-"Quando esse pacote é instalado, uma chave da máquina é gerada para "
-"autenticar a sua máquina."
-
-#. Type: boolean
-#. Description
-#: ../lsh-server.templates:4001
-msgid ""
-"Please choose whether you want to purge the host key when the package is "
-"removed."
-msgstr ""
-"Por favor, escolha se você quer expurgar a chave da máquina quando o pacote "
-"for removido."
-
-#. Type: string
-#. Description
-#: ../lsh-server.templates:5001
-msgid "Additional arguments to pass to lshd:"
-msgstr "Argumentos adicionais para passar ao lshd:"
Index: debian/compat
===================================================================
--- debian/compat (.../tags/2.1-10) (revision 147)
+++ debian/compat (.../trunk) (revision 136)
@@ -1 +1 @@
-9
+7