Date: Sat, 22 Mar 2014 15:23:38 +0000 (UTC) From: Dag-Erling Smørgrav <des@FreeBSD.org> To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-vendor@freebsd.org Subject: svn commit: r263635 - in vendor-crypto/openssh/dist: . contrib/caldera contrib/redhat contrib/suse openbsd-compat regress Message-ID: <201403221523.s2MFNcZm068910@svn.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: des Date: Sat Mar 22 15:23:38 2014 New Revision: 263635 URL: http://svnweb.freebsd.org/changeset/base/263635 Log: Vendor import of OpenSSH 6.6p1. Added: vendor-crypto/openssh/dist/digest-libc.c (contents, props changed) vendor-crypto/openssh/dist/digest-openssl.c (contents, props changed) vendor-crypto/openssh/dist/hmac.c (contents, props changed) vendor-crypto/openssh/dist/hmac.h (contents, props changed) vendor-crypto/openssh/dist/openbsd-compat/explicit_bzero.c (contents, props changed) vendor-crypto/openssh/dist/regress/dhgex.sh (contents, props changed) Deleted: vendor-crypto/openssh/dist/auth2-jpake.c vendor-crypto/openssh/dist/digest.c vendor-crypto/openssh/dist/jpake.c vendor-crypto/openssh/dist/jpake.h vendor-crypto/openssh/dist/schnorr.c vendor-crypto/openssh/dist/schnorr.h Modified: vendor-crypto/openssh/dist/ChangeLog vendor-crypto/openssh/dist/Makefile.in vendor-crypto/openssh/dist/README vendor-crypto/openssh/dist/auth-rsa.c vendor-crypto/openssh/dist/auth.h vendor-crypto/openssh/dist/auth1.c vendor-crypto/openssh/dist/auth2-chall.c vendor-crypto/openssh/dist/auth2-gss.c vendor-crypto/openssh/dist/auth2-passwd.c vendor-crypto/openssh/dist/auth2.c vendor-crypto/openssh/dist/authfd.c vendor-crypto/openssh/dist/authfile.c vendor-crypto/openssh/dist/bufaux.c vendor-crypto/openssh/dist/bufbn.c vendor-crypto/openssh/dist/bufec.c vendor-crypto/openssh/dist/buffer.c vendor-crypto/openssh/dist/canohost.c vendor-crypto/openssh/dist/channels.c vendor-crypto/openssh/dist/cipher-3des1.c vendor-crypto/openssh/dist/cipher-chachapoly.c vendor-crypto/openssh/dist/cipher.c vendor-crypto/openssh/dist/clientloop.c vendor-crypto/openssh/dist/config.h.in vendor-crypto/openssh/dist/configure vendor-crypto/openssh/dist/configure.ac vendor-crypto/openssh/dist/contrib/caldera/openssh.spec vendor-crypto/openssh/dist/contrib/redhat/openssh.spec vendor-crypto/openssh/dist/contrib/suse/openssh.spec vendor-crypto/openssh/dist/digest.h vendor-crypto/openssh/dist/gss-serv.c vendor-crypto/openssh/dist/hostfile.c vendor-crypto/openssh/dist/kex.c vendor-crypto/openssh/dist/kex.h vendor-crypto/openssh/dist/kexc25519.c vendor-crypto/openssh/dist/kexdhc.c vendor-crypto/openssh/dist/kexdhs.c vendor-crypto/openssh/dist/kexecdhc.c vendor-crypto/openssh/dist/kexecdhs.c vendor-crypto/openssh/dist/kexgexc.c vendor-crypto/openssh/dist/kexgexs.c vendor-crypto/openssh/dist/key.c vendor-crypto/openssh/dist/krl.c vendor-crypto/openssh/dist/mac.c vendor-crypto/openssh/dist/moduli.0 vendor-crypto/openssh/dist/monitor.c vendor-crypto/openssh/dist/monitor.h vendor-crypto/openssh/dist/monitor_wrap.c vendor-crypto/openssh/dist/monitor_wrap.h vendor-crypto/openssh/dist/openbsd-compat/Makefile.in vendor-crypto/openssh/dist/openbsd-compat/bsd-poll.c vendor-crypto/openssh/dist/openbsd-compat/openbsd-compat.h vendor-crypto/openssh/dist/openbsd-compat/openssl-compat.c vendor-crypto/openssh/dist/openbsd-compat/openssl-compat.h vendor-crypto/openssh/dist/packet.c vendor-crypto/openssh/dist/readconf.c vendor-crypto/openssh/dist/readconf.h vendor-crypto/openssh/dist/readpass.c vendor-crypto/openssh/dist/regress/Makefile vendor-crypto/openssh/dist/regress/agent-ptrace.sh vendor-crypto/openssh/dist/regress/agent.sh vendor-crypto/openssh/dist/regress/cert-hostkey.sh vendor-crypto/openssh/dist/regress/host-expand.sh vendor-crypto/openssh/dist/regress/login-timeout.sh vendor-crypto/openssh/dist/regress/scp-ssh-wrapper.sh vendor-crypto/openssh/dist/regress/scp.sh vendor-crypto/openssh/dist/regress/setuid-allowed.c vendor-crypto/openssh/dist/regress/sftp-chroot.sh vendor-crypto/openssh/dist/rsa.c vendor-crypto/openssh/dist/sandbox-capsicum.c vendor-crypto/openssh/dist/sandbox-seccomp-filter.c vendor-crypto/openssh/dist/sandbox-systrace.c vendor-crypto/openssh/dist/scp.0 vendor-crypto/openssh/dist/servconf.c vendor-crypto/openssh/dist/servconf.h vendor-crypto/openssh/dist/serverloop.c vendor-crypto/openssh/dist/session.c vendor-crypto/openssh/dist/sftp-client.c vendor-crypto/openssh/dist/sftp-server.0 vendor-crypto/openssh/dist/sftp.0 vendor-crypto/openssh/dist/ssh-add.0 vendor-crypto/openssh/dist/ssh-add.c vendor-crypto/openssh/dist/ssh-agent.0 vendor-crypto/openssh/dist/ssh-agent.c vendor-crypto/openssh/dist/ssh-dss.c vendor-crypto/openssh/dist/ssh-ecdsa.c vendor-crypto/openssh/dist/ssh-ed25519.c vendor-crypto/openssh/dist/ssh-gss.h vendor-crypto/openssh/dist/ssh-keygen.0 vendor-crypto/openssh/dist/ssh-keygen.1 vendor-crypto/openssh/dist/ssh-keygen.c vendor-crypto/openssh/dist/ssh-keyscan.0 vendor-crypto/openssh/dist/ssh-keyscan.1 vendor-crypto/openssh/dist/ssh-keysign.0 vendor-crypto/openssh/dist/ssh-pkcs11-helper.0 vendor-crypto/openssh/dist/ssh-rsa.c vendor-crypto/openssh/dist/ssh.0 vendor-crypto/openssh/dist/ssh.c vendor-crypto/openssh/dist/ssh2.h vendor-crypto/openssh/dist/ssh_config.0 vendor-crypto/openssh/dist/ssh_config.5 vendor-crypto/openssh/dist/sshconnect.c vendor-crypto/openssh/dist/sshconnect1.c vendor-crypto/openssh/dist/sshconnect2.c vendor-crypto/openssh/dist/sshd.0 vendor-crypto/openssh/dist/sshd.c vendor-crypto/openssh/dist/sshd_config.0 vendor-crypto/openssh/dist/sshd_config.5 vendor-crypto/openssh/dist/sshlogin.c vendor-crypto/openssh/dist/version.h Modified: vendor-crypto/openssh/dist/ChangeLog ============================================================================== --- vendor-crypto/openssh/dist/ChangeLog Sat Mar 22 14:14:31 2014 (r263634) +++ vendor-crypto/openssh/dist/ChangeLog Sat Mar 22 15:23:38 2014 (r263635) @@ -1,3 +1,224 @@ +20140313 + - (djm) Release OpenSSH 6.6 + +20140304 + - OpenBSD CVS Sync + - djm@cvs.openbsd.org 2014/03/03 22:22:30 + [session.c] + ignore enviornment variables with embedded '=' or '\0' characters; + spotted by Jann Horn; ok deraadt@ + +20140301 + - (djm) [regress/Makefile] Disable dhgex regress test; it breaks when + no moduli file exists at the expected location. + +20140228 + - OpenBSD CVS Sync + - djm@cvs.openbsd.org 2014/02/27 00:41:49 + [bufbn.c] + fix unsigned overflow that could lead to reading a short ssh protocol + 1 bignum value; found by Ben Hawkes; ok deraadt@ + - djm@cvs.openbsd.org 2014/02/27 08:25:09 + [bufbn.c] + off by one in range check + - djm@cvs.openbsd.org 2014/02/27 22:47:07 + [sshd_config.5] + bz#2184 clarify behaviour of a keyword that appears in multiple + matching Match blocks; ok dtucker@ + - djm@cvs.openbsd.org 2014/02/27 22:57:40 + [version.h] + openssh-6.6 + - dtucker@cvs.openbsd.org 2014/01/19 23:43:02 + [regress/sftp-chroot.sh] + Don't use -q on sftp as it suppresses logging, instead redirect the + output to the regress logfile. + - dtucker@cvs.openbsd.org 2014/01/20 00:00:30 + [sregress/ftp-chroot.sh] + append to rather than truncating the log file + - dtucker@cvs.openbsd.org 2014/01/25 04:35:32 + [regress/Makefile regress/dhgex.sh] + Add a test for DH GEX sizes + - djm@cvs.openbsd.org 2014/01/26 10:22:10 + [regress/cert-hostkey.sh] + automatically generate revoked keys from listed keys rather than + manually specifying each type; from portable + (Id sync only) + - djm@cvs.openbsd.org 2014/01/26 10:49:17 + [scp-ssh-wrapper.sh scp.sh] + make sure $SCP is tested on the remote end rather than whichever one + happens to be in $PATH; from portable + (Id sync only) + - djm@cvs.openbsd.org 2014/02/27 20:04:16 + [login-timeout.sh] + remove any existing LoginGraceTime from sshd_config before adding + a specific one for the test back in + - djm@cvs.openbsd.org 2014/02/27 21:21:25 + [agent-ptrace.sh agent.sh] + keep return values that are printed in error messages; + from portable + (Id sync only) + - (djm) [README contrib/caldera/openssh.spec contrib/redhat/openssh.spec] + [contrib/suse/openssh.spec] Crank version numbers + - (djm) [regress/host-expand.sh] Add RCS Id + +20140227 + - OpenBSD CVS Sync + - djm@cvs.openbsd.org 2014/02/26 20:18:37 + [ssh.c] + bz#2205: avoid early hostname lookups unless canonicalisation is enabled; + ok dtucker@ markus@ + - djm@cvs.openbsd.org 2014/02/26 20:28:44 + [auth2-gss.c gss-serv.c ssh-gss.h sshd.c] + bz#2107 - cache OIDs of supported GSSAPI mechanisms before privsep + sandboxing, as running this code in the sandbox can cause violations; + ok markus@ + - djm@cvs.openbsd.org 2014/02/26 20:29:29 + [channels.c] + don't assume that the socks4 username is \0 terminated; + spotted by Ben Hawkes; ok markus@ + - markus@cvs.openbsd.org 2014/02/26 21:53:37 + [sshd.c] + ssh_gssapi_prepare_supported_oids needs GSSAPI + +20140224 + - OpenBSD CVS Sync + - djm@cvs.openbsd.org 2014/02/07 06:55:54 + [cipher.c mac.c] + remove some logging that makes ssh debugging output very verbose; + ok markus + - djm@cvs.openbsd.org 2014/02/15 23:05:36 + [channels.c] + avoid spurious "getsockname failed: Bad file descriptor" errors in ssh -W; + bz#2200, debian#738692 via Colin Watson; ok dtucker@ + - djm@cvs.openbsd.org 2014/02/22 01:32:19 + [readconf.c] + when processing Match blocks, skip 'exec' clauses if previous predicates + failed to match; ok markus@ + - djm@cvs.openbsd.org 2014/02/23 20:03:42 + [ssh-ed25519.c] + check for unsigned overflow; not reachable in OpenSSH but others might + copy our code... + - djm@cvs.openbsd.org 2014/02/23 20:11:36 + [readconf.c readconf.h ssh.c ssh_config.5] + reparse ssh_config and ~/.ssh/config if hostname canonicalisation changes + the hostname. This allows users to write configurations that always + refer to canonical hostnames, e.g. + + CanonicalizeHostname yes + CanonicalDomains int.example.org example.org + CanonicalizeFallbackLocal no + + Host *.int.example.org + Compression off + Host *.example.org + User djm + + ok markus@ + +20140213 + - (dtucker) [configure.ac openbsd-compat/openssl-compat.{c,h}] Add compat + code for older OpenSSL versions that don't have EVP_MD_CTX_copy_ex. + +20140207 + - OpenBSD CVS Sync + - naddy@cvs.openbsd.org 2014/02/05 20:13:25 + [ssh-keygen.1 ssh-keygen.c] + tweak synopsis: calling ssh-keygen without any arguments is fine; ok jmc@ + while here, fix ordering in usage(); requested by jmc@ + - djm@cvs.openbsd.org 2014/02/06 22:21:01 + [sshconnect.c] + in ssh_create_socket(), only do the getaddrinfo for BindAddress when + BindAddress is actually specified. Fixes regression in 6.5 for + UsePrivilegedPort=yes; patch from Corinna Vinschen + +20140206 + - (dtucker) [openbsd-compat/bsd-poll.c] Don't bother checking for non-NULL + before freeing since free(NULL) is a no-op. ok djm. + - (djm) [sandbox-seccomp-filter.c] Not all Linux architectures define + __NR_shutdown; some go via the socketcall(2) multiplexer. + +20140205 + - (djm) [sandbox-capsicum.c] Don't fatal if Capsicum is offered by + headers/libc but not supported by the kernel. Patch from Loganaden + Velvindron @ AfriNIC + +20140204 + - OpenBSD CVS Sync + - markus@cvs.openbsd.org 2014/01/27 18:58:14 + [Makefile.in digest.c digest.h hostfile.c kex.h mac.c hmac.c hmac.h] + replace openssl HMAC with an implementation based on our ssh_digest_* + ok and feedback djm@ + - markus@cvs.openbsd.org 2014/01/27 19:18:54 + [auth-rsa.c cipher.c ssh-agent.c sshconnect1.c sshd.c] + replace openssl MD5 with our ssh_digest_*; ok djm@ + - markus@cvs.openbsd.org 2014/01/27 20:13:46 + [digest.c digest-openssl.c digest-libc.c Makefile.in] + rename digest.c to digest-openssl.c and add libc variant; ok djm@ + - jmc@cvs.openbsd.org 2014/01/28 14:13:39 + [ssh-keyscan.1] + kill some bad Pa; + From: Jan Stary + - djm@cvs.openbsd.org 2014/01/29 00:19:26 + [sshd.c] + use kill(0, ...) instead of killpg(0, ...); on most operating systems + they are equivalent, but SUSv2 describes the latter as having undefined + behaviour; from portable; ok dtucker + (Id sync only; change is already in portable) + - djm@cvs.openbsd.org 2014/01/29 06:18:35 + [Makefile.in auth.h auth2-jpake.c auth2.c jpake.c jpake.h monitor.c] + [monitor.h monitor_wrap.c monitor_wrap.h readconf.c readconf.h] + [schnorr.c schnorr.h servconf.c servconf.h ssh2.h sshconnect2.c] + remove experimental, never-enabled JPAKE code; ok markus@ + - jmc@cvs.openbsd.org 2014/01/29 14:04:51 + [sshd_config.5] + document kbdinteractiveauthentication; + requested From: Ross L Richardson + + dtucker/markus helped explain its workings; + - djm@cvs.openbsd.org 2014/01/30 22:26:14 + [sandbox-systrace.c] + allow shutdown(2) syscall in sandbox - it may be called by packet_close() + from portable + (Id sync only; change is already in portable) + - tedu@cvs.openbsd.org 2014/01/31 16:39:19 + [auth2-chall.c authfd.c authfile.c bufaux.c bufec.c canohost.c] + [channels.c cipher-chachapoly.c clientloop.c configure.ac hostfile.c] + [kexc25519.c krl.c monitor.c sandbox-systrace.c session.c] + [sftp-client.c ssh-keygen.c ssh.c sshconnect2.c sshd.c sshlogin.c] + [openbsd-compat/explicit_bzero.c openbsd-compat/openbsd-compat.h] + replace most bzero with explicit_bzero, except a few that cna be memset + ok djm dtucker + - djm@cvs.openbsd.org 2014/02/02 03:44:32 + [auth1.c auth2-chall.c auth2-passwd.c authfile.c bufaux.c bufbn.c] + [buffer.c cipher-3des1.c cipher.c clientloop.c gss-serv.c kex.c] + [kexdhc.c kexdhs.c kexecdhc.c kexgexc.c kexecdhs.c kexgexs.c key.c] + [monitor.c monitor_wrap.c packet.c readpass.c rsa.c serverloop.c] + [ssh-add.c ssh-agent.c ssh-dss.c ssh-ecdsa.c ssh-ed25519.c] + [ssh-keygen.c ssh-rsa.c sshconnect.c sshconnect1.c sshconnect2.c] + [sshd.c] + convert memset of potentially-private data to explicit_bzero() + - djm@cvs.openbsd.org 2014/02/03 23:28:00 + [ssh-ecdsa.c] + fix memory leak; ECDSA_SIG_new() allocates 'r' and 's' for us, unlike + DSA_SIG_new. Reported by Batz Spear; ok markus@ + - djm@cvs.openbsd.org 2014/02/02 03:44:31 + [digest-libc.c digest-openssl.c] + convert memset of potentially-private data to explicit_bzero() + - djm@cvs.openbsd.org 2014/02/04 00:24:29 + [ssh.c] + delay lowercasing of hostname until right before hostname + canonicalisation to unbreak case-sensitive matching of ssh_config; + reported by Ike Devolder; ok markus@ + - (djm) [openbsd-compat/Makefile.in] Add missing explicit_bzero.o + - (djm) [regress/setuid-allowed.c] Missing string.h for strerror() + +20140131 + - (djm) [sandbox-seccomp-filter.c sandbox-systrace.c] Allow shutdown(2) + syscall from sandboxes; it may be called by packet_close. + - (dtucker) [readconf.c] Include <arpa/inet.h> for the hton macros. Fixes + build with HP-UX's compiler. Patch from Kevin Brott. + - (tim) [Makefile.in] build regress/setuid-allow. + 20140130 - (djm) [configure.ac] Only check for width-specified integer types in headers that actually exist. patch from Tom G. Christensen; @@ -2663,3 +2884,4 @@ [contrib/suse/openssh.spec] Update for release 6.0 - (djm) [README] Update URL to release notes. - (djm) Release openssh-6.0 + Modified: vendor-crypto/openssh/dist/Makefile.in ============================================================================== --- vendor-crypto/openssh/dist/Makefile.in Sat Mar 22 14:14:31 2014 (r263634) +++ vendor-crypto/openssh/dist/Makefile.in Sat Mar 22 15:23:38 2014 (r263635) @@ -1,4 +1,4 @@ -# $Id: Makefile.in,v 1.352 2014/01/27 06:35:04 dtucker Exp $ +# $Id: Makefile.in,v 1.356 2014/02/04 00:12:56 djm Exp $ # uncomment if you run a non bourne compatable shell. Ie. csh #SHELL = @SH@ @@ -73,9 +73,9 @@ LIBSSH_OBJS=authfd.o authfile.o bufaux.o monitor_fdpass.o rijndael.o ssh-dss.o ssh-ecdsa.o ssh-rsa.o dh.o \ kexdh.o kexgex.o kexdhc.o kexgexc.o bufec.o kexecdh.o kexecdhc.o \ msg.o progressmeter.o dns.o entropy.o gss-genr.o umac.o umac128.o \ - jpake.o schnorr.o ssh-pkcs11.o krl.o smult_curve25519_ref.o \ + ssh-pkcs11.o krl.o smult_curve25519_ref.o \ kexc25519.o kexc25519c.o poly1305.o chacha.o cipher-chachapoly.o \ - ssh-ed25519.o digest.o \ + ssh-ed25519.o digest-openssl.o hmac.o \ sc25519.o ge25519.o fe25519.o ed25519.o verify.o hash.o blocks.o SSHOBJS= ssh.o readconf.o clientloop.o sshtty.o \ @@ -88,7 +88,7 @@ SSHDOBJS=sshd.o auth-rhosts.o auth-passw auth.o auth1.o auth2.o auth-options.o session.o \ auth-chall.o auth2-chall.o groupaccess.o \ auth-skey.o auth-bsdauth.o auth2-hostbased.o auth2-kbdint.o \ - auth2-none.o auth2-passwd.o auth2-pubkey.o auth2-jpake.o \ + auth2-none.o auth2-passwd.o auth2-pubkey.o \ monitor_mm.o monitor.o monitor_wrap.o kexdhs.o kexgexs.o kexecdhs.o \ kexc25519s.o auth-krb5.o \ auth2-gss.o gss-serv.o gss-serv-krb5.o \ @@ -408,7 +408,7 @@ regress/setuid-allowed$(EXEEXT): $(srcdi $(CC) $(CFLAGS) $(CPPFLAGS) -o $@ $? \ $(LDFLAGS) -lssh -lopenbsd-compat -lssh -lopenbsd-compat $(LIBS) -tests interop-tests: $(TARGETS) regress/modpipe$(EXEEXT) +tests interop-tests: $(TARGETS) regress/modpipe$(EXEEXT) regress/setuid-allowed$(EXEEXT) BUILDDIR=`pwd`; \ TEST_SHELL="@TEST_SHELL@"; \ TEST_SSH_SCP="$${BUILDDIR}/scp"; \ Modified: vendor-crypto/openssh/dist/README ============================================================================== --- vendor-crypto/openssh/dist/README Sat Mar 22 14:14:31 2014 (r263634) +++ vendor-crypto/openssh/dist/README Sat Mar 22 15:23:38 2014 (r263635) @@ -1,4 +1,4 @@ -See http://www.openssh.com/txt/release-6.5 for the release notes. +See http://www.openssh.com/txt/release-6.6 for the release notes. - A Japanese translation of this document and of the OpenSSH FAQ is - available at http://www.unixuser.org/~haruyama/security/openssh/index.html @@ -62,4 +62,4 @@ References - [6] http://www.openbsd.org/cgi-bin/man.cgi?query=style&sektion=9 [7] http://www.openssh.com/faq.html -$Id: README,v 1.85 2014/01/16 07:51:45 djm Exp $ +$Id: README,v 1.86 2014/02/27 23:03:53 djm Exp $ Modified: vendor-crypto/openssh/dist/auth-rsa.c ============================================================================== --- vendor-crypto/openssh/dist/auth-rsa.c Sat Mar 22 14:14:31 2014 (r263634) +++ vendor-crypto/openssh/dist/auth-rsa.c Sat Mar 22 15:23:38 2014 (r263635) @@ -1,4 +1,4 @@ -/* $OpenBSD: auth-rsa.c,v 1.85 2013/07/12 00:19:58 djm Exp $ */ +/* $OpenBSD: auth-rsa.c,v 1.86 2014/01/27 19:18:54 markus Exp $ */ /* * Author: Tatu Ylonen <ylo@cs.hut.fi> * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland @@ -20,7 +20,6 @@ #include <sys/stat.h> #include <openssl/rsa.h> -#include <openssl/md5.h> #include <pwd.h> #include <stdio.h> @@ -48,6 +47,8 @@ #include "ssh.h" #include "misc.h" +#include "digest.h" + /* import */ extern ServerOptions options; @@ -91,12 +92,13 @@ int auth_rsa_verify_response(Key *key, BIGNUM *challenge, u_char response[16]) { u_char buf[32], mdbuf[16]; - MD5_CTX md; + struct ssh_digest_ctx *md; int len; /* don't allow short keys */ if (BN_num_bits(key->rsa->n) < SSH_RSA_MINIMUM_MODULUS_SIZE) { - error("auth_rsa_verify_response: RSA modulus too small: %d < minimum %d bits", + error("%s: RSA modulus too small: %d < minimum %d bits", + __func__, BN_num_bits(key->rsa->n), SSH_RSA_MINIMUM_MODULUS_SIZE); return (0); } @@ -104,13 +106,15 @@ auth_rsa_verify_response(Key *key, BIGNU /* The response is MD5 of decrypted challenge plus session id. */ len = BN_num_bytes(challenge); if (len <= 0 || len > 32) - fatal("auth_rsa_verify_response: bad challenge length %d", len); + fatal("%s: bad challenge length %d", __func__, len); memset(buf, 0, 32); BN_bn2bin(challenge, buf + 32 - len); - MD5_Init(&md); - MD5_Update(&md, buf, 32); - MD5_Update(&md, session_id, 16); - MD5_Final(mdbuf, &md); + if ((md = ssh_digest_start(SSH_DIGEST_MD5)) == NULL || + ssh_digest_update(md, buf, 32) < 0 || + ssh_digest_update(md, session_id, 16) < 0 || + ssh_digest_final(md, mdbuf, sizeof(mdbuf)) < 0) + fatal("%s: md5 failed", __func__); + ssh_digest_free(md); /* Verify that the response is the original challenge. */ if (timingsafe_bcmp(response, mdbuf, 16) != 0) { Modified: vendor-crypto/openssh/dist/auth.h ============================================================================== --- vendor-crypto/openssh/dist/auth.h Sat Mar 22 14:14:31 2014 (r263634) +++ vendor-crypto/openssh/dist/auth.h Sat Mar 22 15:23:38 2014 (r263635) @@ -1,4 +1,4 @@ -/* $OpenBSD: auth.h,v 1.76 2013/07/19 07:37:48 markus Exp $ */ +/* $OpenBSD: auth.h,v 1.77 2014/01/29 06:18:35 djm Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. @@ -61,7 +61,6 @@ struct Authctxt { char *style; void *kbdintctxt; char *info; /* Extra info for next auth_log */ - void *jpake_ctx; #ifdef BSD_AUTH auth_session_t *as; #endif @@ -175,9 +174,6 @@ int bsdauth_respond(void *, u_int, char int skey_query(void *, char **, char **, u_int *, char ***, u_int **); int skey_respond(void *, u_int, char **); -void auth2_jpake_get_pwdata(Authctxt *, BIGNUM **, char **, char **); -void auth2_jpake_stop(Authctxt *); - int allowed_user(struct passwd *); struct passwd * getpwnamallow(const char *user); Modified: vendor-crypto/openssh/dist/auth1.c ============================================================================== --- vendor-crypto/openssh/dist/auth1.c Sat Mar 22 14:14:31 2014 (r263634) +++ vendor-crypto/openssh/dist/auth1.c Sat Mar 22 15:23:38 2014 (r263635) @@ -1,4 +1,4 @@ -/* $OpenBSD: auth1.c,v 1.79 2013/05/19 02:42:42 djm Exp $ */ +/* $OpenBSD: auth1.c,v 1.80 2014/02/02 03:44:31 djm Exp $ */ /* * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland * All rights reserved @@ -129,7 +129,7 @@ auth1_process_password(Authctxt *authctx /* Try authentication with the password. */ authenticated = PRIVSEP(auth_password(authctxt, password)); - memset(password, 0, dlen); + explicit_bzero(password, dlen); free(password); return (authenticated); @@ -222,7 +222,7 @@ auth1_process_tis_response(Authctxt *aut response = packet_get_string(&dlen); packet_check_eom(); authenticated = verify_response(authctxt, response); - memset(response, 'r', dlen); + explicit_bzero(response, dlen); free(response); return (authenticated); Modified: vendor-crypto/openssh/dist/auth2-chall.c ============================================================================== --- vendor-crypto/openssh/dist/auth2-chall.c Sat Mar 22 14:14:31 2014 (r263634) +++ vendor-crypto/openssh/dist/auth2-chall.c Sat Mar 22 15:23:38 2014 (r263635) @@ -1,4 +1,4 @@ -/* $OpenBSD: auth2-chall.c,v 1.39 2013/11/08 00:39:14 djm Exp $ */ +/* $OpenBSD: auth2-chall.c,v 1.41 2014/02/02 03:44:31 djm Exp $ */ /* * Copyright (c) 2001 Markus Friedl. All rights reserved. * Copyright (c) 2001 Per Allansson. All rights reserved. @@ -148,7 +148,7 @@ kbdint_free(KbdintAuthctxt *kbdintctxt) if (kbdintctxt->device) kbdint_reset_device(kbdintctxt); free(kbdintctxt->devices); - bzero(kbdintctxt, sizeof(*kbdintctxt)); + explicit_bzero(kbdintctxt, sizeof(*kbdintctxt)); free(kbdintctxt); } /* get next device */ @@ -312,7 +312,7 @@ input_userauth_info_response(int type, u res = kbdintctxt->device->respond(kbdintctxt->ctxt, nresp, response); for (i = 0; i < nresp; i++) { - memset(response[i], 'r', strlen(response[i])); + explicit_bzero(response[i], strlen(response[i])); free(response[i]); } free(response); Modified: vendor-crypto/openssh/dist/auth2-gss.c ============================================================================== --- vendor-crypto/openssh/dist/auth2-gss.c Sat Mar 22 14:14:31 2014 (r263634) +++ vendor-crypto/openssh/dist/auth2-gss.c Sat Mar 22 15:23:38 2014 (r263635) @@ -1,4 +1,4 @@ -/* $OpenBSD: auth2-gss.c,v 1.20 2013/05/17 00:13:13 djm Exp $ */ +/* $OpenBSD: auth2-gss.c,v 1.21 2014/02/26 20:28:44 djm Exp $ */ /* * Copyright (c) 2001-2003 Simon Wilkinson. All rights reserved. @@ -62,7 +62,6 @@ userauth_gssapi(Authctxt *authctxt) gss_OID_desc goid = {0, NULL}; Gssctxt *ctxt = NULL; int mechs; - gss_OID_set supported; int present; OM_uint32 ms; u_int len; @@ -77,7 +76,6 @@ userauth_gssapi(Authctxt *authctxt) return (0); } - ssh_gssapi_supported_oids(&supported); do { mechs--; @@ -90,15 +88,12 @@ userauth_gssapi(Authctxt *authctxt) doid[1] == len - 2) { goid.elements = doid + 2; goid.length = len - 2; - gss_test_oid_set_member(&ms, &goid, supported, - &present); + ssh_gssapi_test_oid_supported(&ms, &goid, &present); } else { logit("Badly formed OID received"); } } while (mechs > 0 && !present); - gss_release_oid_set(&ms, &supported); - if (!present) { free(doid); authctxt->server_caused_failure = 1; Modified: vendor-crypto/openssh/dist/auth2-passwd.c ============================================================================== --- vendor-crypto/openssh/dist/auth2-passwd.c Sat Mar 22 14:14:31 2014 (r263634) +++ vendor-crypto/openssh/dist/auth2-passwd.c Sat Mar 22 15:23:38 2014 (r263635) @@ -1,4 +1,4 @@ -/* $OpenBSD: auth2-passwd.c,v 1.10 2013/05/17 00:13:13 djm Exp $ */ +/* $OpenBSD: auth2-passwd.c,v 1.11 2014/02/02 03:44:31 djm Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. * @@ -59,7 +59,7 @@ userauth_passwd(Authctxt *authctxt) if (change) { /* discard new password from packet */ newpass = packet_get_string(&newlen); - memset(newpass, 0, newlen); + explicit_bzero(newpass, newlen); free(newpass); } packet_check_eom(); @@ -68,7 +68,7 @@ userauth_passwd(Authctxt *authctxt) logit("password change not supported"); else if (PRIVSEP(auth_password(authctxt, password)) == 1) authenticated = 1; - memset(password, 0, len); + explicit_bzero(password, len); free(password); return authenticated; } Modified: vendor-crypto/openssh/dist/auth2.c ============================================================================== --- vendor-crypto/openssh/dist/auth2.c Sat Mar 22 14:14:31 2014 (r263634) +++ vendor-crypto/openssh/dist/auth2.c Sat Mar 22 15:23:38 2014 (r263635) @@ -1,4 +1,4 @@ -/* $OpenBSD: auth2.c,v 1.129 2013/05/19 02:42:42 djm Exp $ */ +/* $OpenBSD: auth2.c,v 1.130 2014/01/29 06:18:35 djm Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. * @@ -71,9 +71,6 @@ extern Authmethod method_hostbased; #ifdef GSSAPI extern Authmethod method_gssapi; #endif -#ifdef JPAKE -extern Authmethod method_jpake; -#endif Authmethod *authmethods[] = { &method_none, @@ -81,9 +78,6 @@ Authmethod *authmethods[] = { #ifdef GSSAPI &method_gssapi, #endif -#ifdef JPAKE - &method_jpake, -#endif &method_passwd, &method_kbdint, &method_hostbased, @@ -270,9 +264,6 @@ input_userauth_request(int type, u_int32 } /* reset state */ auth2_challenge_stop(authctxt); -#ifdef JPAKE - auth2_jpake_stop(authctxt); -#endif #ifdef GSSAPI /* XXX move to auth2_gssapi_stop() */ Modified: vendor-crypto/openssh/dist/authfd.c ============================================================================== --- vendor-crypto/openssh/dist/authfd.c Sat Mar 22 14:14:31 2014 (r263634) +++ vendor-crypto/openssh/dist/authfd.c Sat Mar 22 15:23:38 2014 (r263635) @@ -1,4 +1,4 @@ -/* $OpenBSD: authfd.c,v 1.91 2013/12/29 04:29:25 djm Exp $ */ +/* $OpenBSD: authfd.c,v 1.92 2014/01/31 16:39:19 tedu Exp $ */ /* * Author: Tatu Ylonen <ylo@cs.hut.fi> * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland @@ -102,7 +102,7 @@ ssh_get_authentication_socket(void) if (!authsocket) return -1; - bzero(&sunaddr, sizeof(sunaddr)); + memset(&sunaddr, 0, sizeof(sunaddr)); sunaddr.sun_family = AF_UNIX; strlcpy(sunaddr.sun_path, authsocket, sizeof(sunaddr.sun_path)); Modified: vendor-crypto/openssh/dist/authfile.c ============================================================================== --- vendor-crypto/openssh/dist/authfile.c Sat Mar 22 14:14:31 2014 (r263634) +++ vendor-crypto/openssh/dist/authfile.c Sat Mar 22 15:23:38 2014 (r263635) @@ -1,4 +1,4 @@ -/* $OpenBSD: authfile.c,v 1.101 2013/12/29 04:35:50 djm Exp $ */ +/* $OpenBSD: authfile.c,v 1.103 2014/02/02 03:44:31 djm Exp $ */ /* * Author: Tatu Ylonen <ylo@cs.hut.fi> * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland @@ -131,7 +131,7 @@ key_private_to_blob2(Key *prv, Buffer *b buffer_put_int(&kdf, rounds); } cipher_init(&ctx, c, key, keylen, key + keylen , ivlen, 1); - memset(key, 0, keylen + ivlen); + explicit_bzero(key, keylen + ivlen); free(key); buffer_init(&encoded); @@ -143,7 +143,7 @@ key_private_to_blob2(Key *prv, Buffer *b key_to_blob(prv, &cp, &len); /* public key */ buffer_put_string(&encoded, cp, len); - memset(cp, 0, len); + explicit_bzero(cp, len); free(cp); buffer_free(&kdf); @@ -409,7 +409,7 @@ key_parse_private2(Buffer *blob, int typ free(salt); free(comment); if (key) - memset(key, 0, keylen + ivlen); + explicit_bzero(key, keylen + ivlen); free(key); buffer_free(&encoded); buffer_free(©); @@ -496,10 +496,10 @@ key_private_rsa1_to_blob(Key *key, Buffe buffer_ptr(&buffer), buffer_len(&buffer), 0, 0) != 0) fatal("%s: cipher_crypt failed", __func__); cipher_cleanup(&ciphercontext); - memset(&ciphercontext, 0, sizeof(ciphercontext)); + explicit_bzero(&ciphercontext, sizeof(ciphercontext)); /* Destroy temporary data. */ - memset(buf, 0, sizeof(buf)); + explicit_bzero(buf, sizeof(buf)); buffer_free(&buffer); buffer_append(blob, buffer_ptr(&encrypted), buffer_len(&encrypted)); @@ -703,17 +703,17 @@ key_load_file(int fd, const char *filena __func__, filename == NULL ? "" : filename, filename == NULL ? "" : " ", strerror(errno)); buffer_clear(blob); - bzero(buf, sizeof(buf)); + explicit_bzero(buf, sizeof(buf)); return 0; } buffer_append(blob, buf, len); if (buffer_len(blob) > MAX_KEY_FILE_SIZE) { buffer_clear(blob); - bzero(buf, sizeof(buf)); + explicit_bzero(buf, sizeof(buf)); goto toobig; } } - bzero(buf, sizeof(buf)); + explicit_bzero(buf, sizeof(buf)); if ((st.st_mode & (S_IFSOCK|S_IFCHR|S_IFIFO)) == 0 && st.st_size != buffer_len(blob)) { debug("%s: key file %.200s%schanged size while reading", @@ -831,7 +831,7 @@ key_parse_private_rsa1(Buffer *blob, con buffer_ptr(©), buffer_len(©), 0, 0) != 0) fatal("%s: cipher_crypt failed", __func__); cipher_cleanup(&ciphercontext); - memset(&ciphercontext, 0, sizeof(ciphercontext)); + explicit_bzero(&ciphercontext, sizeof(ciphercontext)); buffer_free(©); check1 = buffer_get_char(&decrypted); Modified: vendor-crypto/openssh/dist/bufaux.c ============================================================================== --- vendor-crypto/openssh/dist/bufaux.c Sat Mar 22 14:14:31 2014 (r263634) +++ vendor-crypto/openssh/dist/bufaux.c Sat Mar 22 15:23:38 2014 (r263635) @@ -1,4 +1,4 @@ -/* $OpenBSD: bufaux.c,v 1.54 2014/01/12 08:13:13 djm Exp $ */ +/* $OpenBSD: bufaux.c,v 1.56 2014/02/02 03:44:31 djm Exp $ */ /* * Author: Tatu Ylonen <ylo@cs.hut.fi> * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland @@ -216,7 +216,7 @@ buffer_get_cstring_ret(Buffer *buffer, u if (cp == ret + length - 1) error("buffer_get_cstring_ret: string contains \\0"); else { - bzero(ret, length); + explicit_bzero(ret, length); free(ret); return NULL; } @@ -346,7 +346,7 @@ buffer_get_bignum2_as_string_ret(Buffer } ret = xmalloc(len); memcpy(ret, p, len); - memset(p, '\0', len); + explicit_bzero(p, len); free(bin); return ret; } @@ -383,7 +383,7 @@ buffer_put_bignum2_from_string(Buffer *b } memcpy(p, s, l); buffer_put_string(buffer, buf, l + pad); - memset(buf, '\0', l + pad); + explicit_bzero(buf, l + pad); free(buf); } Modified: vendor-crypto/openssh/dist/bufbn.c ============================================================================== --- vendor-crypto/openssh/dist/bufbn.c Sat Mar 22 14:14:31 2014 (r263634) +++ vendor-crypto/openssh/dist/bufbn.c Sat Mar 22 15:23:38 2014 (r263635) @@ -1,4 +1,4 @@ -/* $OpenBSD: bufbn.c,v 1.8 2013/11/08 11:15:19 dtucker Exp $*/ +/* $OpenBSD: bufbn.c,v 1.11 2014/02/27 08:25:09 djm Exp $*/ /* * Author: Tatu Ylonen <ylo@cs.hut.fi> * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland @@ -80,7 +80,7 @@ buffer_put_bignum_ret(Buffer *buffer, co /* Store the binary data. */ buffer_append(buffer, buf, oi); - memset(buf, 0, bin_size); + explicit_bzero(buf, bin_size); free(buf); return (0); @@ -108,6 +108,11 @@ buffer_get_bignum_ret(Buffer *buffer, BI return (-1); } bits = get_u16(buf); + if (bits > 65535-7) { + error("buffer_get_bignum_ret: cannot handle BN of size %d", + bits); + return (-1); + } /* Compute the number of binary bytes that follow. */ bytes = (bits + 7) / 8; if (bytes > 8 * 1024) { @@ -173,7 +178,7 @@ buffer_put_bignum2_ret(Buffer *buffer, c } hasnohigh = (buf[1] & 0x80) ? 0 : 1; buffer_put_string(buffer, buf+hasnohigh, bytes-hasnohigh); - memset(buf, 0, bytes); + explicit_bzero(buf, bytes); free(buf); return (0); } Modified: vendor-crypto/openssh/dist/bufec.c ============================================================================== --- vendor-crypto/openssh/dist/bufec.c Sat Mar 22 14:14:31 2014 (r263634) +++ vendor-crypto/openssh/dist/bufec.c Sat Mar 22 15:23:38 2014 (r263635) @@ -1,4 +1,4 @@ -/* $OpenBSD: bufec.c,v 1.2 2013/05/17 00:13:13 djm Exp $ */ +/* $OpenBSD: bufec.c,v 1.3 2014/01/31 16:39:19 tedu Exp $ */ /* * Copyright (c) 2010 Damien Miller <djm@mindrot.org> * @@ -77,7 +77,7 @@ buffer_put_ecpoint_ret(Buffer *buffer, c ret = 0; out: if (buf != NULL) { - bzero(buf, len); + explicit_bzero(buf, len); free(buf); } BN_CTX_free(bnctx); @@ -130,7 +130,7 @@ buffer_get_ecpoint_ret(Buffer *buffer, c ret = 0; out: BN_CTX_free(bnctx); - bzero(buf, len); + explicit_bzero(buf, len); free(buf); return ret; } Modified: vendor-crypto/openssh/dist/buffer.c ============================================================================== --- vendor-crypto/openssh/dist/buffer.c Sat Mar 22 14:14:31 2014 (r263634) +++ vendor-crypto/openssh/dist/buffer.c Sat Mar 22 15:23:38 2014 (r263635) @@ -1,4 +1,4 @@ -/* $OpenBSD: buffer.c,v 1.34 2013/11/08 11:15:19 dtucker Exp $ */ +/* $OpenBSD: buffer.c,v 1.35 2014/02/02 03:44:31 djm Exp $ */ /* * Author: Tatu Ylonen <ylo@cs.hut.fi> * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland @@ -49,7 +49,7 @@ void buffer_free(Buffer *buffer) { if (buffer->alloc > 0) { - memset(buffer->buf, 0, buffer->alloc); + explicit_bzero(buffer->buf, buffer->alloc); buffer->alloc = 0; free(buffer->buf); } Modified: vendor-crypto/openssh/dist/canohost.c ============================================================================== --- vendor-crypto/openssh/dist/canohost.c Sat Mar 22 14:14:31 2014 (r263634) +++ vendor-crypto/openssh/dist/canohost.c Sat Mar 22 15:23:38 2014 (r263635) @@ -192,7 +192,7 @@ ipv64_normalise_mapped(struct sockaddr_s memcpy(&inaddr, ((char *)&a6->sin6_addr) + 12, sizeof(inaddr)); port = a6->sin6_port; - bzero(a4, sizeof(*a4)); + memset(a4, 0, sizeof(*a4)); a4->sin_family = AF_INET; *len = sizeof(*a4); Modified: vendor-crypto/openssh/dist/channels.c ============================================================================== --- vendor-crypto/openssh/dist/channels.c Sat Mar 22 14:14:31 2014 (r263634) +++ vendor-crypto/openssh/dist/channels.c Sat Mar 22 15:23:38 2014 (r263635) @@ -1,4 +1,4 @@ -/* $OpenBSD: channels.c,v 1.328 2013/12/19 01:04:36 djm Exp $ */ +/* $OpenBSD: channels.c,v 1.331 2014/02/26 20:29:29 djm Exp $ */ /* * Author: Tatu Ylonen <ylo@cs.hut.fi> * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland @@ -423,7 +423,7 @@ channel_free(Channel *c) if (cc->abandon_cb != NULL) cc->abandon_cb(c, cc->ctx); TAILQ_REMOVE(&c->status_confirms, cc, entry); - bzero(cc, sizeof(*cc)); + explicit_bzero(cc, sizeof(*cc)); free(cc); } if (c->filter_cleanup != NULL && c->filter_ctx != NULL) @@ -1072,6 +1072,9 @@ channel_decode_socks4(Channel *c, fd_set buffer_get(&c->input, (char *)&s4_req.dest_addr, 4); have = buffer_len(&c->input); p = buffer_ptr(&c->input); + if (memchr(p, '\0', have) == NULL) + fatal("channel %d: decode socks4: user not nul terminated", + c->self); len = strlen(p); debug2("channel %d: decode socks4: user %s/%d", c->self, p, len); len++; /* trailing '\0' */ @@ -1386,7 +1389,7 @@ port_open_helper(Channel *c, char *rtype int direct; char buf[1024]; char *local_ipaddr = get_local_ipaddr(c->sock); - int local_port = get_sock_port(c->sock, 1); + int local_port = c->sock == -1 ? 65536 : get_sock_port(c->sock, 1); char *remote_ipaddr = get_peer_ipaddr(c->sock); int remote_port = get_peer_port(c->sock); @@ -2671,7 +2674,7 @@ channel_input_status_confirm(int type, u return; cc->cb(type, c, cc->ctx); TAILQ_REMOVE(&c->status_confirms, cc, entry); - bzero(cc, sizeof(*cc)); + explicit_bzero(cc, sizeof(*cc)); free(cc); } @@ -3304,9 +3307,7 @@ channel_connect_ctx_free(struct channel_ free(cctx->host); if (cctx->aitop) freeaddrinfo(cctx->aitop); - bzero(cctx, sizeof(*cctx)); - cctx->host = NULL; - cctx->ai = cctx->aitop = NULL; + memset(cctx, 0, sizeof(*cctx)); } /* Return CONNECTING channel to remote host, port */ Modified: vendor-crypto/openssh/dist/cipher-3des1.c ============================================================================== --- vendor-crypto/openssh/dist/cipher-3des1.c Sat Mar 22 14:14:31 2014 (r263634) +++ vendor-crypto/openssh/dist/cipher-3des1.c Sat Mar 22 15:23:38 2014 (r263635) @@ -1,4 +1,4 @@ -/* $OpenBSD: cipher-3des1.c,v 1.9 2013/11/08 00:39:15 djm Exp $ */ +/* $OpenBSD: cipher-3des1.c,v 1.10 2014/02/02 03:44:31 djm Exp $ */ /* * Copyright (c) 2003 Markus Friedl. All rights reserved. * @@ -93,7 +93,7 @@ ssh1_3des_init(EVP_CIPHER_CTX *ctx, cons if (EVP_CipherInit(&c->k1, EVP_des_cbc(), k1, NULL, enc) == 0 || EVP_CipherInit(&c->k2, EVP_des_cbc(), k2, NULL, !enc) == 0 || EVP_CipherInit(&c->k3, EVP_des_cbc(), k3, NULL, enc) == 0) { - memset(c, 0, sizeof(*c)); + explicit_bzero(c, sizeof(*c)); free(c); EVP_CIPHER_CTX_set_app_data(ctx, NULL); return (0); @@ -134,7 +134,7 @@ ssh1_3des_cleanup(EVP_CIPHER_CTX *ctx) EVP_CIPHER_CTX_cleanup(&c->k1); EVP_CIPHER_CTX_cleanup(&c->k2); EVP_CIPHER_CTX_cleanup(&c->k3); - memset(c, 0, sizeof(*c)); + explicit_bzero(c, sizeof(*c)); free(c); EVP_CIPHER_CTX_set_app_data(ctx, NULL); } Modified: vendor-crypto/openssh/dist/cipher-chachapoly.c ============================================================================== --- vendor-crypto/openssh/dist/cipher-chachapoly.c Sat Mar 22 14:14:31 2014 (r263634) +++ vendor-crypto/openssh/dist/cipher-chachapoly.c Sat Mar 22 15:23:38 2014 (r263635) @@ -14,7 +14,7 @@ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */ -/* $OpenBSD: cipher-chachapoly.c,v 1.3 2013/12/15 21:42:35 djm Exp $ */ +/* $OpenBSD: cipher-chachapoly.c,v 1.4 2014/01/31 16:39:19 tedu Exp $ */ #include "includes.h" @@ -58,7 +58,7 @@ chachapoly_crypt(struct chachapoly_ctx * * Run ChaCha20 once to generate the Poly1305 key. The IV is the * packet sequence number. */ - bzero(poly_key, sizeof(poly_key)); + memset(poly_key, 0, sizeof(poly_key)); put_u64(seqbuf, seqnr); chacha_ivsetup(&ctx->main_ctx, seqbuf, NULL); chacha_encrypt_bytes(&ctx->main_ctx, @@ -90,9 +90,9 @@ chachapoly_crypt(struct chachapoly_ctx * r = 0; out: - bzero(expected_tag, sizeof(expected_tag)); - bzero(seqbuf, sizeof(seqbuf)); - bzero(poly_key, sizeof(poly_key)); + explicit_bzero(expected_tag, sizeof(expected_tag)); + explicit_bzero(seqbuf, sizeof(seqbuf)); + explicit_bzero(poly_key, sizeof(poly_key)); return r; } Modified: vendor-crypto/openssh/dist/cipher.c ============================================================================== --- vendor-crypto/openssh/dist/cipher.c Sat Mar 22 14:14:31 2014 (r263634) +++ vendor-crypto/openssh/dist/cipher.c Sat Mar 22 15:23:38 2014 (r263635) @@ -1,4 +1,4 @@ -/* $OpenBSD: cipher.c,v 1.94 2014/01/25 10:12:50 dtucker Exp $ */ +/* $OpenBSD: cipher.c,v 1.97 2014/02/07 06:55:54 djm Exp $ */ /* * Author: Tatu Ylonen <ylo@cs.hut.fi> * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland @@ -39,8 +39,6 @@ #include <sys/types.h> -#include <openssl/md5.h> - #include <string.h> #include <stdarg.h> #include <stdio.h> @@ -49,6 +47,8 @@ #include "log.h" #include "misc.h" #include "cipher.h" +#include "buffer.h" +#include "digest.h" /* compatibility with old or broken OpenSSL versions */ #include "openbsd-compat/openssl-compat.h" @@ -228,8 +228,6 @@ ciphers_valid(const char *names) debug("bad cipher %s [%s]", p, names); free(cipher_list); return 0; - } else { - debug3("cipher ok: %s [%s]", p, names); } } debug3("ciphers ok: [%s]", names); @@ -337,7 +335,7 @@ cipher_init(CipherContext *cc, const Cip if (EVP_Cipher(&cc->evp, discard, junk, cipher->discard_len) == 0) fatal("evp_crypt: EVP_Cipher failed during discard"); - memset(discard, 0, cipher->discard_len); + explicit_bzero(discard, cipher->discard_len); free(junk); free(discard); } @@ -422,7 +420,7 @@ void cipher_cleanup(CipherContext *cc) { if ((cc->cipher->flags & CFLAG_CHACHAPOLY) != 0) - memset(&cc->cp_ctx, 0, sizeof(cc->cp_ctx)); + explicit_bzero(&cc->cp_ctx, sizeof(cc->cp_ctx)); else if (EVP_CIPHER_CTX_cleanup(&cc->evp) == 0) error("cipher_cleanup: EVP_CIPHER_CTX_cleanup failed"); } @@ -436,17 +434,15 @@ void cipher_set_key_string(CipherContext *cc, const Cipher *cipher, const char *passphrase, int do_encrypt) { - MD5_CTX md; u_char digest[16]; - MD5_Init(&md); - MD5_Update(&md, (const u_char *)passphrase, strlen(passphrase)); - MD5_Final(digest, &md); + if (ssh_digest_memory(SSH_DIGEST_MD5, passphrase, strlen(passphrase), + digest, sizeof(digest)) < 0) + fatal("%s: md5 failed", __func__); cipher_init(cc, cipher, digest, 16, NULL, 0, do_encrypt); - memset(digest, 0, sizeof(digest)); - memset(&md, 0, sizeof(md)); + explicit_bzero(digest, sizeof(digest)); } /* Modified: vendor-crypto/openssh/dist/clientloop.c ============================================================================== --- vendor-crypto/openssh/dist/clientloop.c Sat Mar 22 14:14:31 2014 (r263634) +++ vendor-crypto/openssh/dist/clientloop.c Sat Mar 22 15:23:38 2014 (r263635) @@ -1,4 +1,4 @@ -/* $OpenBSD: clientloop.c,v 1.256 2013/11/20 20:54:10 deraadt Exp $ */ +/* $OpenBSD: clientloop.c,v 1.258 2014/02/02 03:44:31 djm Exp $ */ /* * Author: Tatu Ylonen <ylo@cs.hut.fi> * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland @@ -549,7 +549,7 @@ client_global_request_reply(int type, u_ gc->cb(type, seq, gc->ctx); if (--gc->ref_count <= 0) { TAILQ_REMOVE(&global_confirms, gc, entry); - bzero(gc, sizeof(*gc)); + explicit_bzero(gc, sizeof(*gc)); free(gc); } @@ -876,7 +876,7 @@ process_cmdline(void) int cancel_port, ok; Forward fwd; - bzero(&fwd, sizeof(fwd)); + memset(&fwd, 0, sizeof(fwd)); fwd.listen_host = fwd.connect_host = NULL; leave_raw_mode(options.request_tty == REQUEST_TTY_FORCE); @@ -1761,7 +1761,7 @@ client_input_stdout_data(int type, u_int char *data = packet_get_string(&data_len); packet_check_eom(); buffer_append(&stdout_buffer, data, data_len); - memset(data, 0, data_len); + explicit_bzero(data, data_len); free(data); } static void @@ -1771,7 +1771,7 @@ client_input_stderr_data(int type, u_int char *data = packet_get_string(&data_len); packet_check_eom(); buffer_append(&stderr_buffer, data, data_len); - memset(data, 0, data_len); + explicit_bzero(data, data_len); free(data); } static void Modified: vendor-crypto/openssh/dist/config.h.in ============================================================================== --- vendor-crypto/openssh/dist/config.h.in Sat Mar 22 14:14:31 2014 (r263634) +++ vendor-crypto/openssh/dist/config.h.in Sat Mar 22 15:23:38 2014 (r263635) @@ -414,6 +414,9 @@ /* Define to 1 if you have the `EVP_MD_CTX_cleanup' function. */ #undef HAVE_EVP_MD_CTX_CLEANUP +/* Define to 1 if you have the `EVP_MD_CTX_copy_ex' function. */ +#undef HAVE_EVP_MD_CTX_COPY_EX + /* Define to 1 if you have the `EVP_MD_CTX_init' function. */ #undef HAVE_EVP_MD_CTX_INIT @@ -423,6 +426,9 @@ /* Define if you have ut_exit in utmp.h */ #undef HAVE_EXIT_IN_UTMP *** DIFF OUTPUT TRUNCATED AT 1000 LINES ***
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201403221523.s2MFNcZm068910>