jonathancammack / rpms / openssh

Forked from rpms/openssh 9 months ago
Clone

Blame SOURCES/openssh-8.7p1-nohostsha1proof.patch

2b784c
diff -up openssh-8.7p1/compat.c.sshrsacheck openssh-8.7p1/compat.c
2b784c
--- openssh-8.7p1/compat.c.sshrsacheck	2023-01-12 13:29:06.338710923 +0100
2b784c
+++ openssh-8.7p1/compat.c	2023-01-12 13:29:06.357711165 +0100
2b784c
@@ -43,6 +43,7 @@ void
2b784c
 compat_banner(struct ssh *ssh, const char *version)
2b784c
 {
2b784c
 	int i;
2b784c
+	int forbid_ssh_rsa = 0;
2b784c
 	static struct {
2b784c
 		char	*pat;
2b784c
 		int	bugs;
2b784c
@@ -145,16 +146,21 @@ compat_banner(struct ssh *ssh, const cha
2b784c
 	};
2b784c
 
2b784c
 	/* process table, return first match */
2b784c
+	forbid_ssh_rsa = (ssh->compat & SSH_RH_RSASIGSHA);
2b784c
 	ssh->compat = 0;
2b784c
 	for (i = 0; check[i].pat; i++) {
2b784c
 		if (match_pattern_list(version, check[i].pat, 0) == 1) {
2b784c
 			debug_f("match: %s pat %s compat 0x%08x",
2b784c
 			    version, check[i].pat, check[i].bugs);
2b784c
 			ssh->compat = check[i].bugs;
2b784c
+	if (forbid_ssh_rsa)
2b784c
+		ssh->compat |= SSH_RH_RSASIGSHA;
2b784c
 			return;
2b784c
 		}
2b784c
 	}
2b784c
 	debug_f("no match: %s", version);
2b784c
+	if (forbid_ssh_rsa)
2b784c
+		ssh->compat |= SSH_RH_RSASIGSHA;
2b784c
 }
2b784c
 
2b784c
 /* Always returns pointer to allocated memory, caller must free. */
2b784c
diff -up openssh-8.7p1/compat.h.sshrsacheck openssh-8.7p1/compat.h
2b784c
--- openssh-8.7p1/compat.h.sshrsacheck	2021-08-20 06:03:49.000000000 +0200
2b784c
+++ openssh-8.7p1/compat.h	2023-01-12 13:29:06.358711178 +0100
2b784c
@@ -30,7 +30,7 @@
2b784c
 #define SSH_BUG_UTF8TTYMODE	0x00000001
2b784c
 #define SSH_BUG_SIGTYPE		0x00000002
2b784c
 #define SSH_BUG_SIGTYPE74	0x00000004
2b784c
-/* #define unused		0x00000008 */
2b784c
+#define SSH_RH_RSASIGSHA	0x00000008
2b784c
 #define SSH_OLD_SESSIONID	0x00000010
2b784c
 /* #define unused		0x00000020 */
2b784c
 #define SSH_BUG_DEBUG		0x00000040
2b784c
diff -up openssh-8.7p1/serverloop.c.sshrsacheck openssh-8.7p1/serverloop.c
2b784c
--- openssh-8.7p1/serverloop.c.sshrsacheck	2023-01-12 14:57:08.118400073 +0100
2b784c
+++ openssh-8.7p1/serverloop.c	2023-01-12 14:59:17.330470518 +0100
2b784c
@@ -737,6 +737,10 @@ server_input_hostkeys_prove(struct ssh *
2b784c
 			else if (ssh->kex->flags & KEX_RSA_SHA2_256_SUPPORTED)
2b784c
 				sigalg = "rsa-sha2-256";
2b784c
 		}
2b784c
+		if (ssh->compat & SSH_RH_RSASIGSHA && sigalg == NULL) {
2b784c
+			sigalg = "rsa-sha2-512";
2b784c
+			debug3_f("SHA1 signature is not supported, falling back to %s", sigalg);
2b784c
+		}
2b784c
 		debug3_f("sign %s key (index %d) using sigalg %s",
2b784c
 		sshkey_type(key), ndx, sigalg == NULL ? "default" : sigalg);
2b784c
 		if ((r = sshbuf_put_cstring(sigbuf,
2b784c
diff -up openssh-8.7p1/sshd.c.sshrsacheck openssh-8.7p1/sshd.c
2b784c
--- openssh-8.7p1/sshd.c.sshrsacheck	2023-01-12 13:29:06.355711140 +0100
2b784c
+++ openssh-8.7p1/sshd.c	2023-01-12 13:29:06.358711178 +0100
2b784c
@@ -1640,6 +1651,7 @@ main(int ac, char **av)
2b784c
 	int keytype;
2b784c
 	Authctxt *authctxt;
2b784c
 	struct connection_info *connection_info = NULL;
2b784c
+	int forbid_ssh_rsa = 0;
2b784c
 
2b784c
 #ifdef HAVE_SECUREWARE
2b784c
 	(void)set_auth_parameters(ac, av);
2b784c
@@ -1938,6 +1950,19 @@ main(int ac, char **av)
2b784c
 		    key = NULL;
2b784c
 		    continue;
2b784c
 		}
2b784c
+		if (key && (sshkey_type_plain(key->type) == KEY_RSA || sshkey_type_plain(key->type) == KEY_RSA_CERT)) {
2b784c
+		    size_t sign_size = 0;
2b784c
+		    u_char *tmp = NULL;
2b784c
+		    u_char data[] = "Test SHA1 vector";
2b784c
+		    int res;
2b784c
+
2b784c
+		    res = ssh_rsa_sign(key, &tmp, &sign_size, data, sizeof(data), NULL);
2b784c
+		    free(tmp);
2b784c
+		    if (res == SSH_ERR_LIBCRYPTO_ERROR) {
2b784c
+			logit_f("sshd: ssh-rsa algorithm is disabled");
2b784c
+		    	forbid_ssh_rsa = 1;
2b784c
+		    }
2b784c
+		}
2b784c
 		if (sshkey_is_sk(key) &&
2b784c
 		    key->sk_flags & SSH_SK_USER_PRESENCE_REQD) {
2b784c
 			debug("host key %s requires user presence, ignoring",
2b784c
@@ -2275,6 +2306,9 @@ main(int ac, char **av)
2b784c
 
2b784c
 	check_ip_options(ssh);
2b784c
 
2b784c
+	if (forbid_ssh_rsa)
2b784c
+		ssh->compat |= SSH_RH_RSASIGSHA;
2b784c
+
2b784c
 	/* Prepare the channels layer */
2b784c
 	channel_init_channels(ssh);
2b784c
 	channel_set_af(ssh, options.address_family);