gnu: libssh: Update to 0.7.3 [fixes CVE-2016-0739].
* gnu/packages/patches/libssh-CVE-2014-0017.patch: Delete file. * gnu/packages/patches/libssh-0.6.5-CVE-2016-0739.patch: New file. * gnu-system.am (dist_patch_DATA): Adjust accordingly. * gnu/packages/ssh.scm (libssh): Update to 0.7.3. (libssh-0.5): Rename to... (libssh-0.6): ... this. Update to 0.6.5. [source]: Add patch for CVE-2016-0739. (guile-ssh)[inputs]: Use libssh-0.6. Modified-By: Mark H Weaver <mhw@netris.org>
This commit is contained in:
parent
78d80c5c6a
commit
85267efb2a
|
@ -566,12 +566,12 @@ dist_patch_DATA = \
|
||||||
gnu/packages/patches/libmad-armv7-thumb-pt2.patch \
|
gnu/packages/patches/libmad-armv7-thumb-pt2.patch \
|
||||||
gnu/packages/patches/libmad-frame-length.patch \
|
gnu/packages/patches/libmad-frame-length.patch \
|
||||||
gnu/packages/patches/libmad-mips-newgcc.patch \
|
gnu/packages/patches/libmad-mips-newgcc.patch \
|
||||||
|
gnu/packages/patches/libssh-0.6.5-CVE-2016-0739.patch \
|
||||||
gnu/packages/patches/libtheora-config-guess.patch \
|
gnu/packages/patches/libtheora-config-guess.patch \
|
||||||
gnu/packages/patches/libtiff-CVE-2015-8665+CVE-2015-8683.patch \
|
gnu/packages/patches/libtiff-CVE-2015-8665+CVE-2015-8683.patch \
|
||||||
gnu/packages/patches/libtiff-oob-accesses-in-decode.patch \
|
gnu/packages/patches/libtiff-oob-accesses-in-decode.patch \
|
||||||
gnu/packages/patches/libtiff-oob-write-in-nextdecode.patch \
|
gnu/packages/patches/libtiff-oob-write-in-nextdecode.patch \
|
||||||
gnu/packages/patches/libtool-skip-tests2.patch \
|
gnu/packages/patches/libtool-skip-tests2.patch \
|
||||||
gnu/packages/patches/libssh-CVE-2014-0017.patch \
|
|
||||||
gnu/packages/patches/libunwind-CVE-2015-3239.patch \
|
gnu/packages/patches/libunwind-CVE-2015-3239.patch \
|
||||||
gnu/packages/patches/libwmf-CAN-2004-0941.patch \
|
gnu/packages/patches/libwmf-CAN-2004-0941.patch \
|
||||||
gnu/packages/patches/libwmf-CVE-2006-3376.patch \
|
gnu/packages/patches/libwmf-CVE-2006-3376.patch \
|
||||||
|
|
|
@ -0,0 +1,77 @@
|
||||||
|
Fix CVE-2016-0739 (Weak Diffie-Hellman secret generation in
|
||||||
|
dh_generate_x() and dh_generate_y()).
|
||||||
|
|
||||||
|
"Due to a byte/bit confusion, the DH secret was too short. This file was
|
||||||
|
completely reworked and will be commited in a future version."
|
||||||
|
Source:
|
||||||
|
https://git.libssh.org/projects/libssh.git/commit/?id=f8d0026c65fc8a55748ae481758e2cf376c26c86
|
||||||
|
|
||||||
|
This patch was created by upstream for libssh-0.7.3, but applied without
|
||||||
|
modification to libssh-0.6.3 by Debian. In Guix, we apply it without
|
||||||
|
modification to libssh-0.6.5.
|
||||||
|
|
||||||
|
References:
|
||||||
|
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-0739
|
||||||
|
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0739
|
||||||
|
https://security-tracker.debian.org/tracker/CVE-2016-0739
|
||||||
|
|
||||||
|
---
|
||||||
|
src/dh.c | 22 +++++++++++++++++-----
|
||||||
|
1 file changed, 17 insertions(+), 5 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/src/dh.c b/src/dh.c
|
||||||
|
index e489a1d..d27b66e 100644
|
||||||
|
--- a/src/dh.c
|
||||||
|
+++ b/src/dh.c
|
||||||
|
@@ -227,15 +227,21 @@ void ssh_crypto_finalize(void) {
|
||||||
|
}
|
||||||
|
|
||||||
|
int dh_generate_x(ssh_session session) {
|
||||||
|
+ int keysize;
|
||||||
|
+ if (session->next_crypto->kex_type == SSH_KEX_DH_GROUP1_SHA1) {
|
||||||
|
+ keysize = 1023;
|
||||||
|
+ } else {
|
||||||
|
+ keysize = 2047;
|
||||||
|
+ }
|
||||||
|
session->next_crypto->x = bignum_new();
|
||||||
|
if (session->next_crypto->x == NULL) {
|
||||||
|
return -1;
|
||||||
|
}
|
||||||
|
|
||||||
|
#ifdef HAVE_LIBGCRYPT
|
||||||
|
- bignum_rand(session->next_crypto->x, 128);
|
||||||
|
+ bignum_rand(session->next_crypto->x, keysize);
|
||||||
|
#elif defined HAVE_LIBCRYPTO
|
||||||
|
- bignum_rand(session->next_crypto->x, 128, 0, -1);
|
||||||
|
+ bignum_rand(session->next_crypto->x, keysize, -1, 0);
|
||||||
|
#endif
|
||||||
|
|
||||||
|
/* not harder than this */
|
||||||
|
@@ -248,15 +254,21 @@ int dh_generate_x(ssh_session session) {
|
||||||
|
|
||||||
|
/* used by server */
|
||||||
|
int dh_generate_y(ssh_session session) {
|
||||||
|
- session->next_crypto->y = bignum_new();
|
||||||
|
+ int keysize;
|
||||||
|
+ if (session->next_crypto->kex_type == SSH_KEX_DH_GROUP1_SHA1) {
|
||||||
|
+ keysize = 1023;
|
||||||
|
+ } else {
|
||||||
|
+ keysize = 2047;
|
||||||
|
+ }
|
||||||
|
+ session->next_crypto->y = bignum_new();
|
||||||
|
if (session->next_crypto->y == NULL) {
|
||||||
|
return -1;
|
||||||
|
}
|
||||||
|
|
||||||
|
#ifdef HAVE_LIBGCRYPT
|
||||||
|
- bignum_rand(session->next_crypto->y, 128);
|
||||||
|
+ bignum_rand(session->next_crypto->y, keysize);
|
||||||
|
#elif defined HAVE_LIBCRYPTO
|
||||||
|
- bignum_rand(session->next_crypto->y, 128, 0, -1);
|
||||||
|
+ bignum_rand(session->next_crypto->y, keysize, -1, 0);
|
||||||
|
#endif
|
||||||
|
|
||||||
|
/* not harder than this */
|
||||||
|
--
|
||||||
|
cgit v0.12
|
||||||
|
|
|
@ -1,89 +0,0 @@
|
||||||
Patch from libssh 0.6, with bind.c hunk adjusted for 0.5.5.
|
|
||||||
|
|
||||||
From e99246246b4061f7e71463f8806b9dcad65affa0 Mon Sep 17 00:00:00 2001
|
|
||||||
From: Aris Adamantiadis <aris@0xbadc0de.be>
|
|
||||||
Date: Wed, 05 Feb 2014 20:24:12 +0000
|
|
||||||
Subject: security: fix for vulnerability CVE-2014-0017
|
|
||||||
|
|
||||||
When accepting a new connection, a forking server based on libssh forks
|
|
||||||
and the child process handles the request. The RAND_bytes() function of
|
|
||||||
openssl doesn't reset its state after the fork, but simply adds the
|
|
||||||
current process id (getpid) to the PRNG state, which is not guaranteed
|
|
||||||
to be unique.
|
|
||||||
This can cause several children to end up with same PRNG state which is
|
|
||||||
a security issue.
|
|
||||||
---
|
|
||||||
diff --git a/include/libssh/wrapper.h b/include/libssh/wrapper.h
|
|
||||||
index 7374a88..e8ff32c 100644
|
|
||||||
--- a/include/libssh/wrapper.h
|
|
||||||
+++ b/include/libssh/wrapper.h
|
|
||||||
@@ -70,5 +70,6 @@ int crypt_set_algorithms_server(ssh_session session);
|
|
||||||
struct ssh_crypto_struct *crypto_new(void);
|
|
||||||
void crypto_free(struct ssh_crypto_struct *crypto);
|
|
||||||
|
|
||||||
+void ssh_reseed(void);
|
|
||||||
|
|
||||||
#endif /* WRAPPER_H_ */
|
|
||||||
diff --git a/src/bind.c b/src/bind.c
|
|
||||||
index 8d82d0d..03d3403 100644
|
|
||||||
--- a/src/bind.c
|
|
||||||
+++ b/src/bind.c
|
|
||||||
@@ -375,6 +375,8 @@ int ssh_bind_accept(ssh_bind sshbind, ss
|
|
||||||
session->dsa_key = dsa;
|
|
||||||
session->rsa_key = rsa;
|
|
||||||
|
|
||||||
+ /* force PRNG to change state in case we fork after ssh_bind_accept */
|
|
||||||
+ ssh_reseed();
|
|
||||||
return SSH_OK;
|
|
||||||
}
|
|
||||||
|
|
||||||
diff --git a/src/libcrypto.c b/src/libcrypto.c
|
|
||||||
index bb1d96a..d8cc795 100644
|
|
||||||
--- a/src/libcrypto.c
|
|
||||||
+++ b/src/libcrypto.c
|
|
||||||
@@ -23,6 +23,7 @@
|
|
||||||
#include <stdlib.h>
|
|
||||||
#include <stdio.h>
|
|
||||||
#include <string.h>
|
|
||||||
+#include <sys/time.h>
|
|
||||||
|
|
||||||
#include "libssh/priv.h"
|
|
||||||
#include "libssh/session.h"
|
|
||||||
@@ -38,6 +39,8 @@
|
|
||||||
#include <openssl/rsa.h>
|
|
||||||
#include <openssl/hmac.h>
|
|
||||||
#include <openssl/opensslv.h>
|
|
||||||
+#include <openssl/rand.h>
|
|
||||||
+
|
|
||||||
#ifdef HAVE_OPENSSL_AES_H
|
|
||||||
#define HAS_AES
|
|
||||||
#include <openssl/aes.h>
|
|
||||||
@@ -74,6 +77,12 @@ static int alloc_key(struct ssh_cipher_struct *cipher) {
|
|
||||||
return 0;
|
|
||||||
}
|
|
||||||
|
|
||||||
+void ssh_reseed(void){
|
|
||||||
+ struct timeval tv;
|
|
||||||
+ gettimeofday(&tv, NULL);
|
|
||||||
+ RAND_add(&tv, sizeof(tv), 0.0);
|
|
||||||
+}
|
|
||||||
+
|
|
||||||
SHACTX sha1_init(void) {
|
|
||||||
SHACTX c = malloc(sizeof(*c));
|
|
||||||
if (c == NULL) {
|
|
||||||
diff --git a/src/libgcrypt.c b/src/libgcrypt.c
|
|
||||||
index 899bccd..4617901 100644
|
|
||||||
--- a/src/libgcrypt.c
|
|
||||||
+++ b/src/libgcrypt.c
|
|
||||||
@@ -45,6 +45,9 @@ static int alloc_key(struct ssh_cipher_struct *cipher) {
|
|
||||||
return 0;
|
|
||||||
}
|
|
||||||
|
|
||||||
+void ssh_reseed(void){
|
|
||||||
+ }
|
|
||||||
+
|
|
||||||
SHACTX sha1_init(void) {
|
|
||||||
SHACTX ctx = NULL;
|
|
||||||
gcry_md_open(&ctx, GCRY_MD_SHA1, 0);
|
|
||||||
--
|
|
||||||
cgit v0.9.1
|
|
|
@ -45,15 +45,15 @@
|
||||||
(define-public libssh
|
(define-public libssh
|
||||||
(package
|
(package
|
||||||
(name "libssh")
|
(name "libssh")
|
||||||
(version "0.6.5")
|
(version "0.7.3")
|
||||||
(source (origin
|
(source (origin
|
||||||
(method url-fetch)
|
(method url-fetch)
|
||||||
(uri (string-append
|
(uri (string-append
|
||||||
"https://red.libssh.org/attachments/download/121/libssh-"
|
"https://red.libssh.org/attachments/download/195/libssh-"
|
||||||
version ".tar.xz"))
|
version ".tar.xz"))
|
||||||
(sha256
|
(sha256
|
||||||
(base32
|
(base32
|
||||||
"0b6wyx6bwbb8jpn8x4rhlrdiqwqrwrs0mxjmrnqykm9kw1ijgm8g"))))
|
"165g49i4kmm3bfsjm0n8hm21kadv79g9yjqyq09138jxanz4dvr6"))))
|
||||||
(build-system cmake-build-system)
|
(build-system cmake-build-system)
|
||||||
(arguments
|
(arguments
|
||||||
'(#:configure-flags '("-DWITH_GCRYPT=ON")
|
'(#:configure-flags '("-DWITH_GCRYPT=ON")
|
||||||
|
@ -71,17 +71,19 @@ remote applications.")
|
||||||
(home-page "http://www.libssh.org")
|
(home-page "http://www.libssh.org")
|
||||||
(license license:lgpl2.1+)))
|
(license license:lgpl2.1+)))
|
||||||
|
|
||||||
(define libssh-0.5 ; kept private
|
(define libssh-0.6 ; kept private for use in guile-ssh
|
||||||
(package (inherit libssh)
|
(package (inherit libssh)
|
||||||
(version "0.5.5")
|
(version "0.6.5")
|
||||||
(source (origin
|
(source (origin
|
||||||
(method url-fetch)
|
(method url-fetch)
|
||||||
(uri (string-append "https://red.libssh.org/attachments/download/51/libssh-"
|
(uri (string-append "https://red.libssh.org/attachments/"
|
||||||
version ".tar.gz"))
|
"download/121/libssh-"
|
||||||
|
version ".tar.xz"))
|
||||||
(sha256
|
(sha256
|
||||||
(base32
|
(base32
|
||||||
"17cfdff4hc0ijzrr15biq29fiabafz0bw621zlkbwbc1zh2hzpy0"))
|
"0b6wyx6bwbb8jpn8x4rhlrdiqwqrwrs0mxjmrnqykm9kw1ijgm8g"))
|
||||||
(patches (list (search-patch "libssh-CVE-2014-0017.patch")))))))
|
(patches (list
|
||||||
|
(search-patch "libssh-0.6.5-CVE-2016-0739.patch")))))))
|
||||||
|
|
||||||
(define-public libssh2
|
(define-public libssh2
|
||||||
(package
|
(package
|
||||||
|
@ -255,7 +257,7 @@ Additionally, various channel-specific options can be negotiated.")
|
||||||
("pkg-config" ,pkg-config)
|
("pkg-config" ,pkg-config)
|
||||||
("which" ,which)))
|
("which" ,which)))
|
||||||
(inputs `(("guile" ,guile-2.0)
|
(inputs `(("guile" ,guile-2.0)
|
||||||
("libssh" ,libssh)
|
("libssh" ,libssh-0.6)
|
||||||
("libgcrypt" ,libgcrypt)))
|
("libgcrypt" ,libgcrypt)))
|
||||||
(synopsis "Guile bindings to libssh")
|
(synopsis "Guile bindings to libssh")
|
||||||
(description
|
(description
|
||||||
|
|
Loading…
Reference in New Issue