# HG changeset patch # User Tomas Kuthan # Date 1474368880 25200 # Node ID 31ef2580c45d6f4d8693ed3e16c6c169bc98dbdb # Parent e7955ccacd45ad89dd20d52e771681d0d3ba1014 24525860 upgrade OpenSSH to 7.3p1 24320031 problem in UTILITY/OPENSSH 24461706 problem in UTILITY/OPENSSH diff -r e7955ccacd45 -r 31ef2580c45d components/openssh/Makefile --- a/components/openssh/Makefile Mon Sep 19 14:01:08 2016 -0700 +++ b/components/openssh/Makefile Tue Sep 20 03:54:40 2016 -0700 @@ -27,19 +27,19 @@ include ../../make-rules/shared-macros.mk COMPONENT_NAME= openssh -COMPONENT_VERSION= 7.2p2 +COMPONENT_VERSION= 7.3p1 HUMAN_VERSION= $(COMPONENT_VERSION) # Version for IPS. The encoding rules are: # OpenSSH .p => IPS ..0. # OpenSSH ..p => IPS ... -IPS_COMPONENT_VERSION= 7.2.0.2 +IPS_COMPONENT_VERSION= 7.3.0.1 COMPONENT_PROJECT_URL= http://www.openssh.org/ -COMPONENT_ARCHIVE_HASH= sha256:a72781d1a043876a224ff1b0032daa4094d87565a68528759c1c2cab5482548c +COMPONENT_ARCHIVE_HASH= sha256:3ffb989a6dcaa69594c3b550d4855a5a2e1718ccdde7f5e36387b424220fbecc COMPONENT_ARCHIVE_URL= http://mirrors.sonic.net/pub/OpenBSD/OpenSSH/portable/$(COMPONENT_ARCHIVE) -TPNO_OPENSSH= 27414 +TPNO_OPENSSH= 30602 TPNO_GSSKEX= 20377 # Because of set up requirements, test suite is in stc gate. @@ -64,9 +64,9 @@ CFLAGS += -DPAM_BUGFIX CFLAGS += -DOPTION_DEFAULT_VALUE CFLAGS += -DPER_SESSION_XAUTHFILE -CFLAGS += -DWITHOUT_CAST128 +CFLAGS += -DOPENSSL_NO_CAST CFLAGS += -DENABLE_OPENSSL_FIPS -CFLAGS += -DWITHOUT_ARCFOUR +CFLAGS += -DOPENSSL_NO_RC4 CFLAGS += -DWITHOUT_HMAC_MD5 # We need to disable lazyloading of dynamic dependent libraries. During the diff -r e7955ccacd45 -r 31ef2580c45d components/openssh/patches/014-disable_banner.patch --- a/components/openssh/patches/014-disable_banner.patch Mon Sep 19 14:01:08 2016 -0700 +++ b/components/openssh/patches/014-disable_banner.patch Tue Sep 20 03:54:40 2016 -0700 @@ -6,54 +6,54 @@ # In the future, if this feature is accepted by the upsteam in a later release, # we will remove this patch when we upgrade to that release. # -diff -pur old/readconf.c new/readconf.c ---- old/readconf.c 2015-03-28 21:57:35.551727235 +0100 -+++ new/readconf.c 2015-03-28 22:06:01.694836272 +0100 -@@ -150,6 +150,9 @@ typedef enum { +--- orig/readconf.c Mon Aug 15 15:45:25 2016 ++++ new/readconf.c Mon Aug 15 15:53:23 2016 +@@ -163,6 +163,9 @@ oServerAliveInterval, oServerAliveCountMax, oIdentitiesOnly, oSendEnv, oControlPath, oControlMaster, oControlPersist, oHashKnownHosts, +#ifdef DISABLE_BANNER -+ oDisableBanner, ++ oDisableBanner, +#endif oTunnel, oTunnelDevice, oLocalCommand, oPermitLocalCommand, - oVisualHostKey, oUseRoaming, + oVisualHostKey, oKexAlgorithms, oIPQoS, oRequestTTY, oIgnoreUnknown, oProxyUseFdpass, -@@ -254,6 +257,9 @@ static struct { +@@ -271,6 +274,9 @@ { "controlmaster", oControlMaster }, { "controlpersist", oControlPersist }, { "hashknownhosts", oHashKnownHosts }, +#ifdef DISABLE_BANNER -+ { "disablebanner", oDisableBanner }, ++ { "disablebanner", oDisableBanner }, +#endif + { "include", oInclude }, { "tunnel", oTunnel }, { "tunneldevice", oTunnelDevice }, - { "localcommand", oLocalCommand }, -@@ -754,6 +760,17 @@ static const struct multistate multistat +@@ -794,6 +800,18 @@ { NULL, -1 } }; ++ +#ifdef DISABLE_BANNER +static const struct multistate multistate_disablebanner[] = { -+ { "true", SSH_DISABLEBANNER_YES }, -+ { "false", SSH_DISABLEBANNER_NO }, -+ { "yes", SSH_DISABLEBANNER_YES }, -+ { "no", SSH_DISABLEBANNER_NO }, -+ { "in-exec-mode", SSH_DISABLEBANNER_INEXECMODE }, -+ { NULL, -1 } ++ { "true", SSH_DISABLEBANNER_YES }, ++ { "false", SSH_DISABLEBANNER_NO }, ++ { "yes", SSH_DISABLEBANNER_YES }, ++ { "no", SSH_DISABLEBANNER_NO }, ++ { "in-exec-mode", SSH_DISABLEBANNER_INEXECMODE }, ++ { NULL, -1 } +}; +#endif + /* * Processes a single option line as used in the configuration files. This * only sets those values that have not already been set. -@@ -1514,6 +1531,13 @@ parse_int: - *charptr = xstrdup(arg); - break; +@@ -1657,6 +1675,13 @@ + charptr = &options->identity_agent; + goto parse_string; +#ifdef DISABLE_BANNER -+ case oDisableBanner: -+ intptr = &options->disable_banner; ++ case oDisableBanner: ++ intptr = &options->disable_banner; + multistate_ptr = multistate_disablebanner; + goto parse_multistate; +#endif @@ -61,32 +61,31 @@ case oDeprecated: debug("%s line %d: Deprecated option \"%s\"", filename, linenum, keyword); -@@ -1684,6 +1708,9 @@ initialize_options(Options * options) +@@ -1847,6 +1872,9 @@ options->ip_qos_bulk = -1; options->request_tty = -1; options->proxy_use_fdpass = -1; +#ifdef DISABLE_BANNER -+ options->disable_banner = -1; ++ options->disable_banner = -1; +#endif options->ignored_unknown = NULL; options->num_canonical_domains = 0; options->num_permitted_cnames = 0; -@@ -1871,6 +1898,10 @@ fill_default_options(Options * options) +@@ -2041,6 +2069,10 @@ options->canonicalize_fallback_local = 1; if (options->canonicalize_hostname == -1) options->canonicalize_hostname = SSH_CANONICALISE_NO; +#ifdef DISABLE_BANNER -+ if (options->disable_banner == -1) -+ options->disable_banner = 0; ++ if (options->disable_banner == -1) ++ options->disable_banner = 0; +#endif if (options->fingerprint_hash == -1) options->fingerprint_hash = SSH_FP_HASH_DEFAULT; if (options->update_hostkeys == -1) -diff -pur old/readconf.h new/readconf.h ---- old/readconf.h 2015-03-17 06:49:20.000000000 +0100 -+++ new/readconf.h 2015-03-28 21:57:35.684348892 +0100 -@@ -153,6 +153,9 @@ typedef struct { - char *hostbased_key_types; +--- orig/readconf.h Mon Aug 15 15:45:28 2016 ++++ new/readconf.h Mon Aug 15 15:55:00 2016 +@@ -169,6 +169,9 @@ + char *jump_extra; char *ignored_unknown; /* Pattern list of unknown tokens to ignore */ +#ifdef DISABLE_BANNER @@ -95,23 +94,22 @@ } Options; #define SSH_CANONICALISE_NO 0 -@@ -178,6 +181,12 @@ typedef struct { +@@ -195,6 +198,12 @@ #define SSH_UPDATE_HOSTKEYS_YES 1 #define SSH_UPDATE_HOSTKEYS_ASK 2 +#ifdef DISABLE_BANNER -+#define SSH_DISABLEBANNER_NO 0 -+#define SSH_DISABLEBANNER_YES 1 -+#define SSH_DISABLEBANNER_INEXECMODE 2 ++#define SSH_DISABLEBANNER_NO 0 ++#define SSH_DISABLEBANNER_YES 1 ++#define SSH_DISABLEBANNER_INEXECMODE 2 +#endif + void initialize_options(Options *); void fill_default_options(Options *); void fill_default_options_for_canonicalization(Options *); -diff -pur old/ssh_config.5 new/ssh_config.5 ---- old/ssh_config.5 2015-03-28 21:57:35.544033907 +0100 -+++ new/ssh_config.5 2015-03-28 21:57:35.684635985 +0100 -@@ -566,6 +566,14 @@ If set to a time in seconds, or a time i +--- orig/ssh_config.5 Mon Aug 15 15:45:37 2016 ++++ new/ssh_config.5 Mon Aug 15 15:57:36 2016 +@@ -643,6 +643,14 @@ then the backgrounded master connection will automatically terminate after it has remained idle (with no client connections) for the specified time. @@ -122,14 +120,13 @@ +.Pp +The default value is no, which means that the banner is displayed unless the +log level is QUIET, FATAL, or ERROR. See also the Banner option in -+.Xr sshd_config 4 . This option applies to protocol version 2 only. +++.Xr sshd_config 5 . This option applies to protocol version 2 only. .It Cm DynamicForward Specifies that a TCP port on the local machine be forwarded over the secure channel, and the application -diff -pur old/sshconnect2.c new/sshconnect2.c ---- old/sshconnect2.c 2015-03-17 06:49:20.000000000 +0100 -+++ new/sshconnect2.c 2015-03-28 21:57:35.684940995 +0100 -@@ -81,6 +81,10 @@ extern char *client_version_string; +--- orig/sshconnect2.c Mon Aug 15 15:45:44 2016 ++++ new/sshconnect2.c Thu Aug 18 18:28:20 2016 +@@ -82,6 +82,10 @@ extern char *server_version_string; extern Options options; @@ -140,24 +137,24 @@ /* * SSH2 key exchange */ -@@ -480,7 +484,20 @@ input_userauth_banner(int type, u_int32_ - debug3("input_userauth_banner"); - raw = packet_get_string(&len); +@@ -502,7 +506,20 @@ + debug3("%s", __func__); + msg = packet_get_string(&len); lang = packet_get_string(NULL); + +#ifdef DISABLE_BANNER -+ /* -+ * Banner is a warning message according to RFC 4252. So, never print -+ * a banner in error log level or lower. If the log level is higher, -+ * use DisableBanner option to decide whether to display it or not. -+ */ -+ if (len > 0 && options.log_level >= SYSLOG_LEVEL_INFO && ++ /* ++ * Banner is a warning message according to RFC 4252. So, never print ++ * a banner in error log level or lower. If the log level is higher, ++ * use DisableBanner option to decide whether to display it or not. ++ */ ++ if (len > 0 && options.log_level >= SYSLOG_LEVEL_INFO && + (options.disable_banner == SSH_DISABLEBANNER_NO || + (options.disable_banner == SSH_DISABLEBANNER_INEXECMODE && -+ buffer_len(&command) == 0))) { ++ buffer_len(&command) == 0))) +#else - if (len > 0 && options.log_level >= SYSLOG_LEVEL_INFO) { + if (len > 0 && options.log_level >= SYSLOG_LEVEL_INFO) +#endif - if (len > 65536) - len = 65536; - msg = xmalloc(len * 4 + 1); /* max expansion from strnvis() */ + fmprintf(stderr, "%s", msg); + free(msg); + free(lang); diff -r e7955ccacd45 -r 31ef2580c45d components/openssh/patches/015-pam_conversation_fix.patch --- a/components/openssh/patches/015-pam_conversation_fix.patch Mon Sep 19 14:01:08 2016 -0700 +++ b/components/openssh/patches/015-pam_conversation_fix.patch Tue Sep 20 03:54:40 2016 -0700 @@ -4,9 +4,9 @@ # 2009, but it was not accepted by the upstream. For more information, see # https://bugzilla.mindrot.org/show_bug.cgi?id=1681. # ---- orig/auth-pam.c Mon Oct 27 14:40:01 2014 -+++ new/auth-pam.c Tue Oct 28 12:40:59 2014 -@@ -1111,11 +1111,13 @@ +--- orig/auth-pam.c Mon Aug 15 16:16:17 2016 ++++ new/auth-pam.c Mon Aug 15 16:26:40 2016 +@@ -1138,11 +1138,13 @@ free(env); } @@ -20,25 +20,25 @@ static int sshpam_passwd_conv(int n, sshpam_const struct pam_message **msg, struct pam_response **resp, void *data) -@@ -1137,6 +1139,17 @@ +@@ -1164,6 +1166,17 @@ for (i = 0; i < n; ++i) { switch (PAM_MSG_MEMBER(msg, i, msg_style)) { case PAM_PROMPT_ECHO_OFF: +#ifdef PAM_BUGFIX + /* + * PAM conversation function for the password userauth -+ * method (non-interactive) really cannot do any -+ * prompting. We set the PAM_AUTHTOK item in ++ * method (non-interactive) really cannot do any ++ * prompting. We set the PAM_AUTHTOK item in + * sshpam_auth_passwd()to avoid conversation. If some -+ * modules still try to converse, then the password -+ * userauth will fail. -+ */ -+ goto fail; ++ * modules still try to converse, then the password ++ * userauth will fail. ++ */ ++ goto fail; +#else if (sshpam_password == NULL) goto fail; if ((reply[i].resp = strdup(sshpam_password)) == NULL) -@@ -1143,6 +1156,7 @@ +@@ -1170,6 +1183,7 @@ goto fail; reply[i].resp_retcode = PAM_SUCCESS; break; @@ -46,7 +46,7 @@ case PAM_ERROR_MSG: case PAM_TEXT_INFO: len = strlen(PAM_MSG_MEMBER(msg, i, msg)); -@@ -1178,6 +1192,9 @@ +@@ -1205,6 +1219,9 @@ int sshpam_auth_passwd(Authctxt *authctxt, const char *password) { @@ -55,35 +55,35 @@ +#endif int flags = (options.permit_empty_passwd == 0 ? PAM_DISALLOW_NULL_AUTHTOK : 0); - -@@ -1197,6 +1214,15 @@ + char *fake = NULL; +@@ -1225,6 +1242,15 @@ options.permit_root_login != PERMIT_YES)) - sshpam_password = badpw; + sshpam_password = fake = fake_password(password); +#ifdef PAM_BUGFIX -+ sshpam_err = pam_set_item(sshpam_handle, PAM_AUTHTOK, password); -+ if (sshpam_err != PAM_SUCCESS) { -+ debug("PAM: %s: failed to set PAM_AUTHTOK: %s", __func__, -+ pam_strerror(sshpam_handle, sshpam_err)); -+ return 0; -+ } ++ sshpam_err = pam_set_item(sshpam_handle, PAM_AUTHTOK, password); ++ if (sshpam_err != PAM_SUCCESS) { ++ debug("PAM: %s: failed to set PAM_AUTHTOK: %s", __func__, ++ pam_strerror(sshpam_handle, sshpam_err)); ++ return 0; ++ } +#endif + sshpam_err = pam_set_item(sshpam_handle, PAM_CONV, (const void *)&passwd_conv); if (sshpam_err != PAM_SUCCESS) -@@ -1205,6 +1231,16 @@ - - sshpam_err = pam_authenticate(sshpam_handle, flags); - sshpam_password = NULL; +@@ -1236,6 +1262,16 @@ + free(fake); + if (sshpam_err == PAM_MAXTRIES) + sshpam_set_maxtries_reached(1); + +#ifdef PAM_BUGFIX + set_item_rtn = pam_set_item(sshpam_handle, PAM_AUTHTOK, NULL); -+ if (set_item_rtn != PAM_SUCCESS) { -+ debug("PAM: %s: failed to set PAM_AUTHTOK: %s", __func__, -+ pam_strerror(sshpam_handle, set_item_rtn)); -+ return 0; -+ } ++ if (set_item_rtn != PAM_SUCCESS) { ++ debug("PAM: %s: failed to set PAM_AUTHTOK: %s", __func__, ++ pam_strerror(sshpam_handle, set_item_rtn)); ++ return 0; ++ } +#endif + if (sshpam_err == PAM_SUCCESS && authctxt->valid) { diff -r e7955ccacd45 -r 31ef2580c45d components/openssh/patches/023-gsskex.patch --- a/components/openssh/patches/023-gsskex.patch Mon Sep 19 14:01:08 2016 -0700 +++ b/components/openssh/patches/023-gsskex.patch Tue Sep 20 03:54:40 2016 -0700 @@ -6,6 +6,17 @@ # Default value for GSSAPIKeyExchange changed to yes to match SunSSH behavior. # New files kexgssc.c and kexgsss.c moved to ../sources/ and made cstyle clean. # +# Update Sep 5, 2016: +# Upstream renamed and moved canohost.c`get_canonical_hostname to sshd-specific +# auth.c`auth_get_canonical_hostname. In Solaris specific GSS-API key exchange +# code we need this functionality on the client side too, for canonicalizing +# server hostbased service principal. We have moved remote_hostname back to +# canohost.c. +# +# TODO: +# When we upgrade Kerberos in Solaris to future version 1.15, we will use +# krb5_expand_hostname for hostname canonicalization instead. +# # Upstream rejected GSS-API key exchange several times before. # diff -pur old/Makefile.in new/Makefile.in @@ -28,6 +39,109 @@ loginrec.o auth-pam.o auth-shadow.o auth-sia.o md5crypt.o \ sftp-server.o sftp-common.o sftp_provider.o \ sandbox-null.o sandbox-rlimit.o sandbox-systrace.o sandbox-darwin.o \ +diff -pur old/auth.c new/auth.c +--- old/auth.c ++++ new/auth.c +@@ -786,99 +786,6 @@ fakepw(void) + } + + /* +- * Returns the remote DNS hostname as a string. The returned string must not +- * be freed. NB. this will usually trigger a DNS query the first time it is +- * called. +- * This function does additional checks on the hostname to mitigate some +- * attacks on legacy rhosts-style authentication. +- * XXX is RhostsRSAAuthentication vulnerable to these? +- * XXX Can we remove these checks? (or if not, remove RhostsRSAAuthentication?) +- */ +- +-static char * +-remote_hostname(struct ssh *ssh) +-{ +- struct sockaddr_storage from; +- socklen_t fromlen; +- struct addrinfo hints, *ai, *aitop; +- char name[NI_MAXHOST], ntop2[NI_MAXHOST]; +- const char *ntop = ssh_remote_ipaddr(ssh); +- +- /* Get IP address of client. */ +- fromlen = sizeof(from); +- memset(&from, 0, sizeof(from)); +- if (getpeername(ssh_packet_get_connection_in(ssh), +- (struct sockaddr *)&from, &fromlen) < 0) { +- debug("getpeername failed: %.100s", strerror(errno)); +- return strdup(ntop); +- } +- +- ipv64_normalise_mapped(&from, &fromlen); +- if (from.ss_family == AF_INET6) +- fromlen = sizeof(struct sockaddr_in6); +- +- debug3("Trying to reverse map address %.100s.", ntop); +- /* Map the IP address to a host name. */ +- if (getnameinfo((struct sockaddr *)&from, fromlen, name, sizeof(name), +- NULL, 0, NI_NAMEREQD) != 0) { +- /* Host name not found. Use ip address. */ +- return strdup(ntop); +- } +- +- /* +- * if reverse lookup result looks like a numeric hostname, +- * someone is trying to trick us by PTR record like following: +- * 1.1.1.10.in-addr.arpa. IN PTR 2.3.4.5 +- */ +- memset(&hints, 0, sizeof(hints)); +- hints.ai_socktype = SOCK_DGRAM; /*dummy*/ +- hints.ai_flags = AI_NUMERICHOST; +- if (getaddrinfo(name, NULL, &hints, &ai) == 0) { +- logit("Nasty PTR record \"%s\" is set up for %s, ignoring", +- name, ntop); +- freeaddrinfo(ai); +- return strdup(ntop); +- } +- +- /* Names are stored in lowercase. */ +- lowercase(name); +- +- /* +- * Map it back to an IP address and check that the given +- * address actually is an address of this host. This is +- * necessary because anyone with access to a name server can +- * define arbitrary names for an IP address. Mapping from +- * name to IP address can be trusted better (but can still be +- * fooled if the intruder has access to the name server of +- * the domain). +- */ +- memset(&hints, 0, sizeof(hints)); +- hints.ai_family = from.ss_family; +- hints.ai_socktype = SOCK_STREAM; +- if (getaddrinfo(name, NULL, &hints, &aitop) != 0) { +- logit("reverse mapping checking getaddrinfo for %.700s " +- "[%s] failed.", name, ntop); +- return strdup(ntop); +- } +- /* Look for the address from the list of addresses. */ +- for (ai = aitop; ai; ai = ai->ai_next) { +- if (getnameinfo(ai->ai_addr, ai->ai_addrlen, ntop2, +- sizeof(ntop2), NULL, 0, NI_NUMERICHOST) == 0 && +- (strcmp(ntop, ntop2) == 0)) +- break; +- } +- freeaddrinfo(aitop); +- /* If we reached the end of the list, the address was not there. */ +- if (ai == NULL) { +- /* Address not found for the host name. */ +- logit("Address %.100s maps to %.600s, but this does not " +- "map back to the address.", ntop, name); +- return strdup(ntop); +- } +- return strdup(name); +-} +- +-/* + * Return the canonical name of the host in the other side of the current + * connection. The host name is cached, so it is efficient to call this + * several times. diff -pur old/auth2-gss.c new/auth2-gss.c --- old/auth2-gss.c +++ new/auth2-gss.c @@ -112,6 +226,120 @@ &method_gssapi, #endif &method_passwd, +diff -pur old/canohost.c new/canohost.c +--- old/canohost.c ++++ new/canohost.c +@@ -202,3 +202,97 @@ get_local_port(int sock) + { + return get_sock_port(sock, 1); + } ++ ++/* ++ * Returns the remote DNS hostname as a string. The returned string must not ++ * be freed. NB. this will usually trigger a DNS query the first time it is ++ * called. ++ * This function does additional checks on the hostname to mitigate some ++ * attacks on legacy rhosts-style authentication. ++ * XXX is RhostsRSAAuthentication vulnerable to these? ++ * XXX Can we remove these checks? (or if not, remove RhostsRSAAuthentication?) ++ */ ++ ++/* Oracle Solaris - moved out of auth.c for use in GSSKEX in sshconnect2.c */ ++char * ++remote_hostname(struct ssh *ssh) ++{ ++ struct sockaddr_storage from; ++ socklen_t fromlen; ++ struct addrinfo hints, *ai, *aitop; ++ char name[NI_MAXHOST], ntop2[NI_MAXHOST]; ++ const char *ntop = ssh_remote_ipaddr(ssh); ++ ++ /* Get IP address of client. */ ++ fromlen = sizeof(from); ++ memset(&from, 0, sizeof(from)); ++ if (getpeername(ssh_packet_get_connection_in(ssh), ++ (struct sockaddr *)&from, &fromlen) < 0) { ++ debug("getpeername failed: %.100s", strerror(errno)); ++ return strdup(ntop); ++ } ++ ++ ipv64_normalise_mapped(&from, &fromlen); ++ if (from.ss_family == AF_INET6) ++ fromlen = sizeof(struct sockaddr_in6); ++ ++ debug3("Trying to reverse map address %.100s.", ntop); ++ /* Map the IP address to a host name. */ ++ if (getnameinfo((struct sockaddr *)&from, fromlen, name, sizeof(name), ++ NULL, 0, NI_NAMEREQD) != 0) { ++ /* Host name not found. Use ip address. */ ++ return strdup(ntop); ++ } ++ ++ /* ++ * if reverse lookup result looks like a numeric hostname, ++ * someone is trying to trick us by PTR record like following: ++ * 1.1.1.10.in-addr.arpa. IN PTR 2.3.4.5 ++ */ ++ memset(&hints, 0, sizeof(hints)); ++ hints.ai_socktype = SOCK_DGRAM; /*dummy*/ ++ hints.ai_flags = AI_NUMERICHOST; ++ if (getaddrinfo(name, NULL, &hints, &ai) == 0) { ++ logit("Nasty PTR record \"%s\" is set up for %s, ignoring", ++ name, ntop); ++ freeaddrinfo(ai); ++ return strdup(ntop); ++ } ++ ++ /* Names are stored in lowercase. */ ++ lowercase(name); ++ ++ /* ++ * Map it back to an IP address and check that the given ++ * address actually is an address of this host. This is ++ * necessary because anyone with access to a name server can ++ * define arbitrary names for an IP address. Mapping from ++ * name to IP address can be trusted better (but can still be ++ * fooled if the intruder has access to the name server of ++ * the domain). ++ */ ++ memset(&hints, 0, sizeof(hints)); ++ hints.ai_family = from.ss_family; ++ hints.ai_socktype = SOCK_STREAM; ++ if (getaddrinfo(name, NULL, &hints, &aitop) != 0) { ++ logit("reverse mapping checking getaddrinfo for %.700s " ++ "[%s] failed.", name, ntop); ++ return strdup(ntop); ++ } ++ /* Look for the address from the list of addresses. */ ++ for (ai = aitop; ai; ai = ai->ai_next) { ++ if (getnameinfo(ai->ai_addr, ai->ai_addrlen, ntop2, ++ sizeof(ntop2), NULL, 0, NI_NUMERICHOST) == 0 && ++ (strcmp(ntop, ntop2) == 0)) ++ break; ++ } ++ freeaddrinfo(aitop); ++ /* If we reached the end of the list, the address was not there. */ ++ if (ai == NULL) { ++ /* Address not found for the host name. */ ++ logit("Address %.100s maps to %.600s, but this does not " ++ "map back to the address.", ntop, name); ++ return strdup(ntop); ++ } ++ return strdup(name); ++} +diff -pur old/canohost.h new/canohost.h +--- old/canohost.h ++++ new/canohost.h +@@ -21,6 +21,9 @@ char *get_local_ipaddr(int); + char *get_local_name(int); + int get_local_port(int); + ++#include "packet.h" ++char *remote_hostname(struct ssh *); ++ + #endif /* _CANOHOST_H */ + + void ipv64_normalise_mapped(struct sockaddr_storage *, socklen_t *); diff -pur old/gss-genr.c new/gss-genr.c --- old/gss-genr.c +++ new/gss-genr.c @@ -420,7 +648,7 @@ diff -pur old/kex.c new/kex.c --- old/kex.c +++ new/kex.c -@@ -54,6 +54,10 @@ +@@ -55,6 +55,10 @@ #include "sshbuf.h" #include "digest.h" @@ -431,7 +659,7 @@ #if OPENSSL_VERSION_NUMBER >= 0x00907000L # if defined(HAVE_EVP_SHA256) # define evp_ssh_sha256 EVP_sha256 -@@ -107,6 +111,11 @@ static const struct kexalg kexalgs[] = { +@@ -111,6 +115,11 @@ static const struct kexalg kexalgs[] = { #if defined(HAVE_EVP_SHA256) || !defined(WITH_OPENSSL) { KEX_CURVE25519_SHA256, KEX_C25519_SHA256, 0, SSH_DIGEST_SHA256 }, #endif /* HAVE_EVP_SHA256 || !WITH_OPENSSL */ @@ -443,7 +671,7 @@ { NULL, -1, -1, -1}, }; -@@ -138,7 +147,7 @@ kex_alg_by_name(const char *name) +@@ -142,7 +151,7 @@ kex_alg_by_name(const char *name) const struct kexalg *k; for (k = kexalgs; k->name != NULL; k++) { @@ -455,7 +683,7 @@ diff -pur old/kex.h new/kex.h --- old/kex.h +++ new/kex.h -@@ -92,6 +92,9 @@ enum kex_exchange { +@@ -98,6 +98,9 @@ enum kex_exchange { KEX_DH_GEX_SHA256, KEX_ECDH_SHA2, KEX_C25519_SHA256, @@ -465,7 +693,7 @@ KEX_MAX }; -@@ -140,6 +143,10 @@ struct kex { +@@ -146,6 +149,10 @@ struct kex { u_int flags; int hash_alg; int ec_nid; @@ -476,7 +704,7 @@ char *client_version_string; char *server_version_string; char *failed_choice; -@@ -189,6 +196,10 @@ int kexecdh_client(struct ssh *); +@@ -195,6 +202,10 @@ int kexecdh_client(struct ssh *); int kexecdh_server(struct ssh *); int kexc25519_client(struct ssh *); int kexc25519_server(struct ssh *); @@ -485,12 +713,12 @@ +int kexgss_server(struct ssh *); +#endif - int kex_dh_hash(const char *, const char *, + int kex_dh_hash(int, const char *, const char *, const u_char *, size_t, const u_char *, size_t, const u_char *, size_t, diff -pur old/monitor.c new/monitor.c --- old/monitor.c +++ new/monitor.c -@@ -159,6 +159,7 @@ int mm_answer_gss_setup_ctx(int, Buffer +@@ -161,6 +161,7 @@ int mm_answer_gss_setup_ctx(int, Buffer int mm_answer_gss_accept_ctx(int, Buffer *); int mm_answer_gss_userok(int, Buffer *); int mm_answer_gss_checkmic(int, Buffer *); @@ -498,7 +726,7 @@ #endif #ifdef SSH_AUDIT_EVENTS -@@ -243,11 +244,17 @@ struct mon_table mon_dispatch_proto20[] +@@ -245,11 +246,17 @@ struct mon_table mon_dispatch_proto20[] {MONITOR_REQ_GSSSTEP, MON_ISAUTH, mm_answer_gss_accept_ctx}, {MONITOR_REQ_GSSUSEROK, MON_AUTH, mm_answer_gss_userok}, {MONITOR_REQ_GSSCHECKMIC, MON_ISAUTH, mm_answer_gss_checkmic}, @@ -516,7 +744,7 @@ #ifdef WITH_OPENSSL {MONITOR_REQ_MODULI, 0, mm_answer_moduli}, #endif -@@ -362,6 +369,10 @@ monitor_child_preauth(Authctxt *_authctx +@@ -364,6 +371,10 @@ monitor_child_preauth(Authctxt *_authctx /* Permit requests for moduli and signatures */ monitor_permit(mon_dispatch, MONITOR_REQ_MODULI, 1); monitor_permit(mon_dispatch, MONITOR_REQ_SIGN, 1); @@ -527,7 +755,7 @@ } else { mon_dispatch = mon_dispatch_proto15; -@@ -501,6 +512,10 @@ monitor_child_postauth(struct monitor *p +@@ -503,6 +514,10 @@ monitor_child_postauth(struct monitor *p monitor_permit(mon_dispatch, MONITOR_REQ_MODULI, 1); monitor_permit(mon_dispatch, MONITOR_REQ_SIGN, 1); monitor_permit(mon_dispatch, MONITOR_REQ_TERM, 1); @@ -538,7 +766,7 @@ } else { mon_dispatch = mon_dispatch_postauth15; monitor_permit(mon_dispatch, MONITOR_REQ_TERM, 1); -@@ -1924,6 +1939,13 @@ monitor_apply_keystate(struct monitor *p +@@ -1939,6 +1954,13 @@ monitor_apply_keystate(struct monitor *p # endif #endif /* WITH_OPENSSL */ kex->kex[KEX_C25519_SHA256] = kexc25519_server; @@ -552,7 +780,7 @@ kex->load_host_public_key=&get_hostkey_public_by_type; kex->load_host_private_key=&get_hostkey_private_by_type; kex->host_key_index=&get_hostkey_index; -@@ -2023,6 +2045,9 @@ mm_answer_gss_setup_ctx(int sock, Buffer +@@ -2038,6 +2060,9 @@ mm_answer_gss_setup_ctx(int sock, Buffer OM_uint32 major; u_int len; @@ -562,7 +790,7 @@ goid.elements = buffer_get_string(m, &len); goid.length = len; -@@ -2050,6 +2075,9 @@ mm_answer_gss_accept_ctx(int sock, Buffe +@@ -2065,6 +2090,9 @@ mm_answer_gss_accept_ctx(int sock, Buffe OM_uint32 flags = 0; /* GSI needs this */ u_int len; @@ -572,7 +800,7 @@ in.value = buffer_get_string(m, &len); in.length = len; major = ssh_gssapi_accept_ctx(gsscontext, &in, &out, &flags); -@@ -2067,6 +2095,7 @@ mm_answer_gss_accept_ctx(int sock, Buffe +@@ -2082,6 +2110,7 @@ mm_answer_gss_accept_ctx(int sock, Buffe monitor_permit(mon_dispatch, MONITOR_REQ_GSSSTEP, 0); monitor_permit(mon_dispatch, MONITOR_REQ_GSSUSEROK, 1); monitor_permit(mon_dispatch, MONITOR_REQ_GSSCHECKMIC, 1); @@ -580,7 +808,7 @@ } return (0); } -@@ -2078,6 +2107,9 @@ mm_answer_gss_checkmic(int sock, Buffer +@@ -2093,6 +2122,9 @@ mm_answer_gss_checkmic(int sock, Buffer OM_uint32 ret; u_int len; @@ -590,7 +818,7 @@ gssbuf.value = buffer_get_string(m, &len); gssbuf.length = len; mic.value = buffer_get_string(m, &len); -@@ -2104,6 +2136,9 @@ mm_answer_gss_userok(int sock, Buffer *m +@@ -2119,6 +2151,9 @@ mm_answer_gss_userok(int sock, Buffer *m { int authenticated; @@ -600,7 +828,7 @@ authenticated = authctxt->valid && ssh_gssapi_userok(authctxt->user); buffer_clear(m); -@@ -2117,5 +2152,47 @@ mm_answer_gss_userok(int sock, Buffer *m +@@ -2132,5 +2167,47 @@ mm_answer_gss_userok(int sock, Buffer *m /* Monitor loop will terminate if authenticated */ return (authenticated); } @@ -664,7 +892,7 @@ diff -pur old/monitor_wrap.c new/monitor_wrap.c --- old/monitor_wrap.c +++ new/monitor_wrap.c -@@ -1103,5 +1103,28 @@ mm_ssh_gssapi_userok(char *user) +@@ -1108,5 +1108,28 @@ mm_ssh_gssapi_userok(char *user) debug3("%s: user %sauthenticated",__func__, authenticated ? "" : "not "); return (authenticated); } @@ -696,7 +924,7 @@ diff -pur old/monitor_wrap.h new/monitor_wrap.h --- old/monitor_wrap.h +++ new/monitor_wrap.h -@@ -60,6 +60,7 @@ OM_uint32 mm_ssh_gssapi_accept_ctx(Gssct +@@ -62,6 +62,7 @@ OM_uint32 mm_ssh_gssapi_accept_ctx(Gssct gss_buffer_desc *, gss_buffer_desc *, OM_uint32 *); int mm_ssh_gssapi_userok(char *user); OM_uint32 mm_ssh_gssapi_checkmic(Gssctxt *, gss_buffer_t, gss_buffer_t); @@ -707,7 +935,7 @@ diff -pur old/readconf.c new/readconf.c --- old/readconf.c +++ new/readconf.c -@@ -148,6 +148,7 @@ typedef enum { +@@ -160,6 +160,7 @@ typedef enum { oClearAllForwardings, oNoHostAuthenticationForLocalhost, oEnableSSHKeysign, oRekeyLimit, oVerifyHostKeyDNS, oConnectTimeout, oAddressFamily, oGssAuthentication, oGssDelegateCreds, @@ -715,7 +943,7 @@ oServerAliveInterval, oServerAliveCountMax, oIdentitiesOnly, oSendEnv, oControlPath, oControlMaster, oControlPersist, oHashKnownHosts, -@@ -199,11 +200,15 @@ static struct { +@@ -211,11 +212,15 @@ static struct { { "gssauthentication", oGssAuthentication }, /* alias */ { "gssapidelegatecredentials", oGssDelegateCreds }, { "gssdelegatecreds", oGssDelegateCreds }, /* alias */ @@ -731,7 +959,7 @@ #endif { "fallbacktorsh", oDeprecated }, { "usersh", oDeprecated }, -@@ -965,6 +970,10 @@ parse_time: +@@ -1002,6 +1007,10 @@ parse_time: intptr = &options->gss_authentication; goto parse_flag; @@ -742,7 +970,7 @@ case oGssDelegateCreds: intptr = &options->gss_deleg_creds; goto parse_flag; -@@ -1694,6 +1703,7 @@ initialize_options(Options * options) +@@ -1824,6 +1833,7 @@ initialize_options(Options * options) options->pubkey_authentication = -1; options->challenge_response_authentication = -1; options->gss_authentication = -1; @@ -750,7 +978,7 @@ options->gss_deleg_creds = -1; options->password_authentication = -1; options->kbd_interactive_authentication = -1; -@@ -1834,6 +1844,12 @@ fill_default_options(Options * options) +@@ -1979,6 +1989,12 @@ fill_default_options(Options * options) #else options->gss_authentication = 0; #endif @@ -798,7 +1026,7 @@ if (options->gss_cleanup_creds == -1) options->gss_cleanup_creds = 1; if (options->gss_strict_acceptor == -1) -@@ -449,6 +456,7 @@ typedef enum { +@@ -457,6 +464,7 @@ typedef enum { sHostbasedUsesNameFromPacketOnly, sHostbasedAcceptedKeyTypes, sHostKeyAlgorithms, sClientAliveInterval, sClientAliveCountMax, sAuthorizedKeysFile, @@ -806,7 +1034,7 @@ sGssAuthentication, sGssCleanupCreds, sGssStrictAcceptor, sAcceptEnv, sPermitTunnel, sMatch, sPermitOpen, sForceCommand, sChrootDirectory, -@@ -526,6 +534,8 @@ static struct { +@@ -534,6 +542,8 @@ static struct { #ifdef GSSAPI { "gssapiauthentication", sGssAuthentication, SSHCFG_ALL }, { "gssauthentication", sGssAuthentication, SSHCFG_ALL }, /* alias */ @@ -815,7 +1043,7 @@ #ifdef USE_GSS_STORE_CRED { "gssapicleanupcredentials", sUnsupported, SSHCFG_GLOBAL }, #else /* USE_GSS_STORE_CRED */ -@@ -535,6 +545,8 @@ static struct { +@@ -543,6 +553,8 @@ static struct { #else { "gssapiauthentication", sUnsupported, SSHCFG_ALL }, { "gssauthentication", sUnsupported, SSHCFG_ALL }, /* alias */ @@ -824,7 +1052,7 @@ { "gssapicleanupcredentials", sUnsupported, SSHCFG_GLOBAL }, { "gssapistrictacceptorcheck", sUnsupported, SSHCFG_GLOBAL }, #endif -@@ -1319,6 +1331,10 @@ process_server_config_line(ServerOptions +@@ -1328,6 +1340,10 @@ process_server_config_line(ServerOptions intptr = &options->gss_authentication; goto parse_flag; @@ -835,7 +1063,7 @@ case sGssCleanupCreds: intptr = &options->gss_cleanup_creds; goto parse_flag; -@@ -2373,6 +2389,7 @@ dump_config(ServerOptions *o) +@@ -2416,6 +2432,7 @@ dump_config(ServerOptions *o) #endif #ifdef GSSAPI dump_cfg_fmtint(sGssAuthentication, o->gss_authentication); @@ -923,7 +1151,7 @@ diff -pur old/sshconnect2.c new/sshconnect2.c --- old/sshconnect2.c +++ new/sshconnect2.c -@@ -164,11 +164,35 @@ ssh_kex2(char *host, struct sockaddr *ho +@@ -165,11 +165,35 @@ ssh_kex2(char *host, struct sockaddr *ho char *s; struct kex *kex; int r; @@ -945,7 +1173,7 @@ + * client to the key exchange algorithm proposal */ + orig = myproposal[PROPOSAL_KEX_ALGS]; + -+ gss_host = (char *)get_canonical_hostname(1); ++ gss_host = (char *)remote_hostname(active_state); + + gss = ssh_gssapi_client_mechanisms(gss_host); + if (gss) { @@ -960,7 +1188,7 @@ fatal("%s: kex_names_cat", __func__); myproposal[PROPOSAL_KEX_ALGS] = compat_kex_proposal(s); myproposal[PROPOSAL_ENC_ALGS_CTOS] = -@@ -199,6 +223,17 @@ ssh_kex2(char *host, struct sockaddr *ho +@@ -196,6 +220,17 @@ ssh_kex2(char *host, struct sockaddr *ho order_hostkeyalgs(host, hostaddr, port)); } @@ -1021,7 +1249,7 @@ {"gssapi-with-mic", userauth_gssapi, NULL, -@@ -678,7 +732,10 @@ userauth_gssapi(Authctxt *authctxt) +@@ -672,7 +726,10 @@ userauth_gssapi(Authctxt *authctxt) * once. */ if (gss_supported == NULL) @@ -1033,7 +1261,7 @@ /* Check to see if the mechanism is usable before we offer it */ while (mech < gss_supported->count && !ok) { -@@ -782,8 +839,8 @@ input_gssapi_response(int type, u_int32_ +@@ -776,8 +833,8 @@ input_gssapi_response(int type, u_int32_ { Authctxt *authctxt = ctxt; Gssctxt *gssctxt; @@ -1044,7 +1272,7 @@ if (authctxt == NULL) fatal("input_gssapi_response: no authentication context"); -@@ -896,6 +953,48 @@ input_gssapi_error(int type, u_int32_t p +@@ -890,6 +947,48 @@ input_gssapi_error(int type, u_int32_t p free(lang); return 0; } @@ -1096,7 +1324,7 @@ diff -pur old/sshd.c new/sshd.c --- old/sshd.c +++ new/sshd.c -@@ -1833,10 +1833,13 @@ main(int ac, char **av) +@@ -1892,10 +1892,13 @@ main(int ac, char **av) logit("Disabling protocol version 1. Could not load host key"); options.protocol &= ~SSH_PROTO_1; } @@ -1110,7 +1338,7 @@ if (!(options.protocol & (SSH_PROTO_1|SSH_PROTO_2))) { logit("sshd: no hostkeys available -- exiting."); exit(1); -@@ -2596,6 +2599,48 @@ do_ssh2_kex(void) +@@ -2656,6 +2659,48 @@ do_ssh2_kex(void) myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = compat_pkalg_proposal( list_hostkey_types()); @@ -1159,7 +1387,7 @@ /* start key exchange */ if ((r = kex_setup(active_state, myproposal)) != 0) fatal("kex_setup: %s", ssh_err(r)); -@@ -2610,6 +2655,13 @@ do_ssh2_kex(void) +@@ -2673,6 +2718,13 @@ do_ssh2_kex(void) # endif #endif kex->kex[KEX_C25519_SHA256] = kexc25519_server; @@ -1176,7 +1404,7 @@ diff -pur old/sshd_config.5 new/sshd_config.5 --- old/sshd_config.5 +++ new/sshd_config.5 -@@ -623,6 +623,11 @@ The default is +@@ -632,6 +632,11 @@ The default is Specifies whether user authentication based on GSSAPI is allowed. The default on Solaris is .Dq yes . diff -r e7955ccacd45 -r 31ef2580c45d components/openssh/patches/033-without_cast128.patch --- a/components/openssh/patches/033-without_cast128.patch Mon Sep 19 14:01:08 2016 -0700 +++ b/components/openssh/patches/033-without_cast128.patch Tue Sep 20 03:54:40 2016 -0700 @@ -12,26 +12,16 @@ # relevant ssh implementations also provide several more common encryption # algorithms (aes256-ctr, aes128-cbc, ...) on top of cast128-cbc. # +# Update Aug 29, 2016: +# This used to be implemented by Solaris specific macro WITHOUT_CAST, +# but now upstream OPENSSL_NO_CAST is used instead. This patch now just +# removes cast references from manpages. +# # This is a Solaris specific patch and it is not likely to be accepted upstream. # -diff -pur old/cipher.c new/cipher.c ---- old/cipher.c -+++ new/cipher.c -@@ -88,8 +88,10 @@ static const struct sshcipher ciphers[] - { "3des-cbc", SSH_CIPHER_SSH2, 8, 24, 0, 0, 0, 1, EVP_des_ede3_cbc }, - { "blowfish-cbc", - SSH_CIPHER_SSH2, 8, 16, 0, 0, 0, 1, EVP_bf_cbc }, -+#ifndef WITHOUT_CAST128 - { "cast128-cbc", - SSH_CIPHER_SSH2, 8, 16, 0, 0, 0, 1, EVP_cast5_cbc }, -+#endif - { "arcfour", SSH_CIPHER_SSH2, 8, 16, 0, 0, 0, 0, EVP_rc4 }, - { "arcfour128", SSH_CIPHER_SSH2, 8, 16, 0, 0, 1536, 0, EVP_rc4 }, - { "arcfour256", SSH_CIPHER_SSH2, 8, 32, 0, 0, 1536, 0, EVP_rc4 }, -diff -pur old/ssh_config.5 new/ssh_config.5 ---- old/ssh_config.5 -+++ new/ssh_config.5 -@@ -478,8 +478,6 @@ arcfour256 +--- orig/ssh_config.5 Mon Aug 15 17:22:20 2016 ++++ new/ssh_config.5 Mon Aug 15 17:25:28 2016 +@@ -478,8 +478,6 @@ .It blowfish-cbc .It @@ -40,10 +30,20 @@ chacha20-poly1305@openssh.com .El .Pp -diff -pur old/sshd.8 new/sshd.8 ---- old/sshd.8 -+++ new/sshd.8 -@@ -307,7 +307,7 @@ For protocol 2, +--- orig/sshd_config.5 Mon Aug 15 17:22:29 2016 ++++ new/sshd_config.5 Mon Aug 15 17:25:58 2016 +@@ -479,8 +479,6 @@ + .It + blowfish-cbc + .It +-cast128-cbc +-.It + chacha20-poly1305@openssh.com + .El + .Pp +--- orig/sshd.8 Mon Aug 15 17:22:36 2016 ++++ new/sshd.8 Mon Aug 15 17:26:48 2016 +@@ -307,7 +307,7 @@ forward security is provided through a Diffie-Hellman key agreement. This key agreement results in a shared session key. The rest of the session is encrypted using a symmetric cipher, currently @@ -52,15 +52,3 @@ The client selects the encryption algorithm to use from those offered by the server. Additionally, session integrity is provided -diff -pur old/sshd_config.5 new/sshd_config.5 ---- old/sshd_config.5 -+++ new/sshd_config.5 -@@ -472,8 +472,6 @@ arcfour256 - .It - blowfish-cbc - .It --cast128-cbc --.It - chacha20-poly1305@openssh.com - .El - .Pp diff -r e7955ccacd45 -r 31ef2580c45d components/openssh/patches/034-getaddrinfo_with_ai_addrconfig.patch --- a/components/openssh/patches/034-getaddrinfo_with_ai_addrconfig.patch Mon Sep 19 14:01:08 2016 -0700 +++ b/components/openssh/patches/034-getaddrinfo_with_ai_addrconfig.patch Tue Sep 20 03:54:40 2016 -0700 @@ -8,9 +8,10 @@ # In the future, if this fix is accepted by the upsteam in a later release, we # will remove this patch when we upgrade to that release. # ---- a/canohost.c Sun Oct 25 20:11:35 2015 -+++ b/canohost.c Sun Oct 25 20:11:57 2015 -@@ -113,6 +113,10 @@ +diff -pur old/canohost.c new/canohost.c +--- old/canohost.c ++++ new/canohost.c +@@ -274,6 +274,10 @@ remote_hostname(struct ssh *ssh) memset(&hints, 0, sizeof(hints)); hints.ai_family = from.ss_family; hints.ai_socktype = SOCK_STREAM; @@ -20,10 +21,11 @@ +#endif /* AI_ADDRCONFIG */ if (getaddrinfo(name, NULL, &hints, &aitop) != 0) { logit("reverse mapping checking getaddrinfo for %.700s " - "[%s] failed - POSSIBLE BREAK-IN ATTEMPT!", name, ntop); ---- a/channels.c Sun Oct 25 19:30:33 2015 -+++ b/channels.c Sun Oct 25 19:54:36 2015 -@@ -2853,8 +2853,12 @@ + "[%s] failed.", name, ntop); +diff -pur old/channels.c new/channels.c +--- old/channels.c ++++ new/channels.c +@@ -2856,8 +2856,12 @@ channel_setup_fwd_listener_tcpip(int typ */ memset(&hints, 0, sizeof(hints)); hints.ai_family = IPv4or6; @@ -37,7 +39,7 @@ snprintf(strport, sizeof strport, "%d", fwd->listen_port); if ((r = getaddrinfo(addr, strport, &hints, &aitop)) != 0) { if (addr == NULL) { -@@ -3736,6 +3740,10 @@ +@@ -3740,6 +3744,10 @@ connect_to(const char *name, int port, c memset(&hints, 0, sizeof(hints)); hints.ai_family = IPv4or6; hints.ai_socktype = SOCK_STREAM; @@ -48,7 +50,7 @@ snprintf(strport, sizeof strport, "%d", port); if ((gaierr = getaddrinfo(name, strport, &hints, &cctx.aitop)) != 0) { error("connect_to %.100s: unknown host (%s)", name, -@@ -3908,8 +3916,12 @@ +@@ -3912,8 +3920,12 @@ x11_create_display_inet(int x11_display_ port = 6000 + display_number; memset(&hints, 0, sizeof(hints)); hints.ai_family = IPv4or6; @@ -62,7 +64,7 @@ snprintf(strport, sizeof strport, "%d", port); if ((gaierr = getaddrinfo(NULL, strport, &hints, &aitop)) != 0) { error("getaddrinfo: %.100s", ssh_gai_strerror(gaierr)); -@@ -4090,6 +4102,10 @@ +@@ -4094,6 +4106,10 @@ x11_connect_display(void) memset(&hints, 0, sizeof(hints)); hints.ai_family = IPv4or6; hints.ai_socktype = SOCK_STREAM; @@ -73,72 +75,10 @@ snprintf(strport, sizeof strport, "%u", 6000 + display_number); if ((gaierr = getaddrinfo(buf, strport, &hints, &aitop)) != 0) { error("%.100s: unknown host. (%s)", buf, ---- a/servconf.c Sun Oct 25 19:39:38 2015 -+++ b/servconf.c Sun Oct 25 19:45:16 2015 -@@ -722,6 +722,10 @@ - hints.ai_family = options->address_family; - hints.ai_socktype = SOCK_STREAM; - hints.ai_flags = (addr == NULL) ? AI_PASSIVE : 0; -+#ifdef AI_ADDRCONFIG -+ if (hints.ai_family == AF_UNSPEC) -+ hints.ai_flags |= AI_ADDRCONFIG; -+#endif /* AI_ADDRCONFIG */ - snprintf(strport, sizeof strport, "%d", port); - if ((gaierr = getaddrinfo(addr, strport, &hints, &aitop)) != 0) - fatal("bad addr or host: %s (%s)", ---- a/ssh-keyscan.c Sun Oct 25 19:46:28 2015 -+++ b/ssh-keyscan.c Sun Oct 25 19:54:55 2015 -@@ -326,6 +326,10 @@ - memset(&hints, 0, sizeof(hints)); - hints.ai_family = IPv4or6; - hints.ai_socktype = SOCK_STREAM; -+#ifdef AI_ADDRCONFIG -+ if (hints.ai_family == AF_UNSPEC) -+ hints.ai_flags = AI_ADDRCONFIG; -+#endif /* AI_ADDRCONFIG */ - if ((gaierr = getaddrinfo(host, strport, &hints, &aitop)) != 0) { - error("getaddrinfo %s: %s", host, ssh_gai_strerror(gaierr)); - return -1; ---- a/ssh.c Sun Oct 25 19:49:46 2015 -+++ b/ssh.c Sun Oct 25 19:55:15 2015 -@@ -259,6 +259,10 @@ - hints.ai_socktype = SOCK_STREAM; - if (cname != NULL) - hints.ai_flags = AI_CANONNAME; -+#ifdef AI_ADDRCONFIG -+ if (hints.ai_family == AF_UNSPEC) -+ hints.ai_flags |= AI_ADDRCONFIG; -+#endif /* AI_ADDRCONFIG */ - if ((gaierr = getaddrinfo(name, strport, &hints, &res)) != 0) { - if (logerr || (gaierr != EAI_NONAME && gaierr != EAI_NODATA)) - loglevel = SYSLOG_LEVEL_ERROR; -@@ -298,6 +302,10 @@ - AF_UNSPEC : options.address_family; - hints.ai_socktype = SOCK_STREAM; - hints.ai_flags = AI_NUMERICHOST|AI_NUMERICSERV; -+#ifdef AI_ADDRCONFIG -+ if (hints.ai_family == AF_UNSPEC) -+ hints.ai_flags |= AI_ADDRCONFIG; -+#endif /* AI_ADDRCONFIG */ - if ((gaierr = getaddrinfo(name, strport, &hints, &res)) != 0) { - debug2("%s: could not resolve name %.100s as address: %s", - __func__, name, ssh_gai_strerror(gaierr)); ---- a/sshconnect.c Sun Oct 25 19:57:46 2015 -+++ b/sshconnect.c Sun Oct 25 19:58:19 2015 -@@ -292,6 +292,10 @@ - hints.ai_socktype = ai->ai_socktype; - hints.ai_protocol = ai->ai_protocol; - hints.ai_flags = AI_PASSIVE; -+#ifdef AI_ADDRCONFIG -+ if (hints.ai_family == AF_UNSPEC) -+ hints.ai_flags |= AI_ADDRCONFIG; -+#endif /* AI_ADDRCONFIG */ - gaierr = getaddrinfo(options.bind_address, NULL, &hints, &res); - if (gaierr) { - error("getaddrinfo: %s: %s", options.bind_address, ---- a/regress/netcat.c Sun Oct 25 19:59:44 2015 -+++ b/regress/netcat.c Sun Oct 25 20:07:05 2015 -@@ -371,6 +371,10 @@ +diff -pur old/regress/netcat.c new/regress/netcat.c +--- old/regress/netcat.c ++++ new/regress/netcat.c +@@ -334,6 +334,10 @@ main(int argc, char *argv[]) hints.ai_protocol = uflag ? IPPROTO_UDP : IPPROTO_TCP; if (nflag) hints.ai_flags |= AI_NUMERICHOST; @@ -149,7 +89,7 @@ } if (xflag) { -@@ -399,6 +403,10 @@ +@@ -362,6 +366,10 @@ main(int argc, char *argv[]) proxyhints.ai_protocol = IPPROTO_TCP; if (nflag) proxyhints.ai_flags |= AI_NUMERICHOST; @@ -160,7 +100,7 @@ } if (lflag) { -@@ -673,6 +681,10 @@ +@@ -636,6 +644,10 @@ remote_connect(const char *host, const c ahints.ai_socktype = uflag ? SOCK_DGRAM : SOCK_STREAM; ahints.ai_protocol = uflag ? IPPROTO_UDP : IPPROTO_TCP; ahints.ai_flags = AI_PASSIVE; @@ -171,7 +111,7 @@ if ((error = getaddrinfo(sflag, pflag, &ahints, &ares))) errx(1, "getaddrinfo: %s", gai_strerror(error)); -@@ -1422,8 +1434,12 @@ +@@ -1385,8 +1397,12 @@ decode_addrport(const char *h, const cha bzero(&hints, sizeof(hints)); hints.ai_family = v4only ? PF_INET : PF_UNSPEC; @@ -185,3 +125,70 @@ r = getaddrinfo(h, p, &hints, &res); /* Don't fatal when attempting to convert a numeric address */ if (r != 0) { +diff -pur old/servconf.c new/servconf.c +--- old/servconf.c ++++ new/servconf.c +@@ -735,6 +735,10 @@ add_one_listen_addr(ServerOptions *optio + hints.ai_family = options->address_family; + hints.ai_socktype = SOCK_STREAM; + hints.ai_flags = (addr == NULL) ? AI_PASSIVE : 0; ++#ifdef AI_ADDRCONFIG ++ if (hints.ai_family == AF_UNSPEC) ++ hints.ai_flags |= AI_ADDRCONFIG; ++#endif /* AI_ADDRCONFIG */ + snprintf(strport, sizeof strport, "%d", port); + if ((gaierr = getaddrinfo(addr, strport, &hints, &aitop)) != 0) + fatal("bad addr or host: %s (%s)", +diff -pur old/ssh-keyscan.c new/ssh-keyscan.c +--- old/ssh-keyscan.c ++++ new/ssh-keyscan.c +@@ -365,6 +365,10 @@ tcpconnect(char *host) + memset(&hints, 0, sizeof(hints)); + hints.ai_family = IPv4or6; + hints.ai_socktype = SOCK_STREAM; ++#ifdef AI_ADDRCONFIG ++ if (hints.ai_family == AF_UNSPEC) ++ hints.ai_flags = AI_ADDRCONFIG; ++#endif /* AI_ADDRCONFIG */ + if ((gaierr = getaddrinfo(host, strport, &hints, &aitop)) != 0) { + error("getaddrinfo %s: %s", host, ssh_gai_strerror(gaierr)); + return -1; +diff -pur old/ssh.c new/ssh.c +--- old/ssh.c ++++ new/ssh.c +@@ -254,6 +254,10 @@ resolve_host(const char *name, int port, + hints.ai_socktype = SOCK_STREAM; + if (cname != NULL) + hints.ai_flags = AI_CANONNAME; ++#ifdef AI_ADDRCONFIG ++ if (hints.ai_family == AF_UNSPEC) ++ hints.ai_flags |= AI_ADDRCONFIG; ++#endif /* AI_ADDRCONFIG */ + if ((gaierr = getaddrinfo(name, strport, &hints, &res)) != 0) { + if (logerr || (gaierr != EAI_NONAME && gaierr != EAI_NODATA)) + loglevel = SYSLOG_LEVEL_ERROR; +@@ -293,6 +297,10 @@ resolve_addr(const char *name, int port, + AF_UNSPEC : options.address_family; + hints.ai_socktype = SOCK_STREAM; + hints.ai_flags = AI_NUMERICHOST|AI_NUMERICSERV; ++#ifdef AI_ADDRCONFIG ++ if (hints.ai_family == AF_UNSPEC) ++ hints.ai_flags |= AI_ADDRCONFIG; ++#endif /* AI_ADDRCONFIG */ + if ((gaierr = getaddrinfo(name, strport, &hints, &res)) != 0) { + debug2("%s: could not resolve name %.100s as address: %s", + __func__, name, ssh_gai_strerror(gaierr)); +diff -pur old/sshconnect.c new/sshconnect.c +--- old/sshconnect.c ++++ new/sshconnect.c +@@ -293,6 +293,10 @@ ssh_create_socket(int privileged, struct + hints.ai_socktype = ai->ai_socktype; + hints.ai_protocol = ai->ai_protocol; + hints.ai_flags = AI_PASSIVE; ++#ifdef AI_ADDRCONFIG ++ if (hints.ai_family == AF_UNSPEC) ++ hints.ai_flags |= AI_ADDRCONFIG; ++#endif /* AI_ADDRCONFIG */ + gaierr = getaddrinfo(options.bind_address, NULL, &hints, &res); + if (gaierr) { + error("getaddrinfo: %s: %s", options.bind_address, diff -r e7955ccacd45 -r 31ef2580c45d components/openssh/patches/035-fips.patch --- a/components/openssh/patches/035-fips.patch Mon Sep 19 14:01:08 2016 -0700 +++ b/components/openssh/patches/035-fips.patch Tue Sep 20 03:54:40 2016 -0700 @@ -45,7 +45,15 @@ diff -pur old/digest-openssl.c new/digest-openssl.c --- old/digest-openssl.c +++ new/digest-openssl.c -@@ -53,8 +53,22 @@ struct ssh_digest { +@@ -31,6 +31,7 @@ + #include "sshbuf.h" + #include "digest.h" + #include "ssherr.h" ++#include "misc.h" + + #ifndef HAVE_EVP_RIPEMD160 + # define EVP_ripemd160 NULL +@@ -53,8 +54,22 @@ struct ssh_digest { const EVP_MD *(*mdfunc)(void); }; @@ -68,7 +76,7 @@ { SSH_DIGEST_MD5, "MD5", 16, EVP_md5 }, { SSH_DIGEST_RIPEMD160, "RIPEMD160", 20, EVP_ripemd160 }, { SSH_DIGEST_SHA1, "SHA1", 20, EVP_sha1 }, -@@ -67,6 +81,9 @@ const struct ssh_digest digests[] = { +@@ -67,6 +82,9 @@ const struct ssh_digest digests[] = { static const struct ssh_digest * ssh_digest_by_alg(int alg) { @@ -78,7 +86,7 @@ if (alg < 0 || alg >= SSH_DIGEST_MAX) return NULL; if (digests[alg].id != alg) /* sanity */ -@@ -79,6 +96,9 @@ ssh_digest_by_alg(int alg) +@@ -79,6 +97,9 @@ ssh_digest_by_alg(int alg) int ssh_digest_alg_by_name(const char *name) { @@ -91,7 +99,15 @@ diff -pur old/gss-genr.c new/gss-genr.c --- old/gss-genr.c +++ new/gss-genr.c -@@ -100,6 +100,7 @@ ssh_gssapi_kex_mechs(gss_OID_set gss_sup +@@ -44,6 +44,7 @@ + #include "cipher.h" + #include "key.h" + #include "kex.h" ++#include "misc.h" + #include + + #include "ssh-gss.h" +@@ -100,6 +101,7 @@ ssh_gssapi_kex_mechs(gss_OID_set gss_sup char deroid[2]; const EVP_MD *evp_md = EVP_md5(); EVP_MD_CTX md; @@ -99,7 +115,7 @@ if (gss_enc2oid != NULL) { for (i = 0; gss_enc2oid[i].encoded != NULL; i++) -@@ -112,6 +113,14 @@ ssh_gssapi_kex_mechs(gss_OID_set gss_sup +@@ -112,6 +114,14 @@ ssh_gssapi_kex_mechs(gss_OID_set gss_sup buffer_init(&buf); @@ -114,7 +130,7 @@ oidpos = 0; for (i = 0; i < gss_supported->count; i++) { if (gss_supported->elements[i].length < 128 && -@@ -119,7 +128,6 @@ ssh_gssapi_kex_mechs(gss_OID_set gss_sup +@@ -119,7 +129,6 @@ ssh_gssapi_kex_mechs(gss_OID_set gss_sup deroid[0] = SSH_GSS_OIDTYPE; deroid[1] = gss_supported->elements[i].length; @@ -122,7 +138,7 @@ EVP_DigestInit(&md, evp_md); EVP_DigestUpdate(&md, deroid, 2); EVP_DigestUpdate(&md, -@@ -151,6 +159,12 @@ ssh_gssapi_kex_mechs(gss_OID_set gss_sup +@@ -151,6 +160,12 @@ ssh_gssapi_kex_mechs(gss_OID_set gss_sup oidpos++; } } @@ -138,7 +154,7 @@ diff -pur old/kex.c new/kex.c --- old/kex.c +++ new/kex.c -@@ -89,7 +89,40 @@ struct kexalg { +@@ -90,7 +90,43 @@ struct kexalg { int ec_nid; int hash_alg; }; @@ -149,7 +165,10 @@ +static const struct kexalg kexalgs_fips[] = { +#ifdef WITH_OPENSSL + { KEX_DH1, KEX_DH_GRP1_SHA1, 0, SSH_DIGEST_SHA1 }, -+ { KEX_DH14, KEX_DH_GRP14_SHA1, 0, SSH_DIGEST_SHA1 }, ++ { KEX_DH14_SHA1, KEX_DH_GRP14_SHA1, 0, SSH_DIGEST_SHA1 }, ++ { KEX_DH14_SHA256, KEX_DH_GRP14_SHA256, 0, SSH_DIGEST_SHA256 }, ++ { KEX_DH16_SHA512, KEX_DH_GRP16_SHA512, 0, SSH_DIGEST_SHA512 }, ++ { KEX_DH18_SHA512, KEX_DH_GRP18_SHA512, 0, SSH_DIGEST_SHA512 }, + { KEX_DHGEX_SHA1, KEX_DH_GEX_SHA1, 0, SSH_DIGEST_SHA1 }, +#ifdef HAVE_EVP_SHA256 + { KEX_DHGEX_SHA256, KEX_DH_GEX_SHA256, 0, SSH_DIGEST_SHA256 }, @@ -178,7 +197,7 @@ +#endif #ifdef WITH_OPENSSL { KEX_DH1, KEX_DH_GRP1_SHA1, 0, SSH_DIGEST_SHA1 }, - { KEX_DH14, KEX_DH_GRP14_SHA1, 0, SSH_DIGEST_SHA1 }, + { KEX_DH14_SHA1, KEX_DH_GRP14_SHA1, 0, SSH_DIGEST_SHA1 }, diff -pur old/mac.c new/mac.c --- old/mac.c +++ new/mac.c @@ -219,7 +238,7 @@ diff -pur old/misc.c new/misc.c --- old/misc.c +++ new/misc.c -@@ -39,12 +39,15 @@ +@@ -39,12 +39,16 @@ #include #include #include @@ -231,11 +250,12 @@ #include +#include ++#include + #include #include #include -@@ -78,6 +81,60 @@ chop(char *s) +@@ -78,6 +82,60 @@ chop(char *s) } @@ -299,7 +319,7 @@ diff -pur old/misc.h new/misc.h --- old/misc.h +++ new/misc.h -@@ -38,6 +38,11 @@ struct ForwardOptions { +@@ -40,6 +40,11 @@ struct ForwardOptions { char *chop(char *); char *strdelim(char **); @@ -314,7 +334,7 @@ diff -pur old/myproposal.h new/myproposal.h --- old/myproposal.h +++ new/myproposal.h -@@ -83,19 +83,31 @@ +@@ -88,21 +88,33 @@ # else # define KEX_CURVE25519_METHODS "" # endif @@ -323,21 +343,23 @@ +#define KEX_COMMON_KEX_DFLT \ KEX_CURVE25519_METHODS \ KEX_ECDH_METHODS \ - KEX_SHA256_METHODS + KEX_SHA2_METHODS -#define KEX_SERVER_KEX KEX_COMMON_KEX \ +#define KEX_SERVER_KEX_DFLT KEX_COMMON_KEX_DFLT \ + KEX_SHA2_GROUP14 \ "diffie-hellman-group14-sha1" \ -#define KEX_CLIENT_KEX KEX_COMMON_KEX \ +#define KEX_CLIENT_KEX_DFLT KEX_COMMON_KEX_DFLT \ "diffie-hellman-group-exchange-sha1," \ + KEX_SHA2_GROUP14 \ "diffie-hellman-group14-sha1" -#define KEX_DEFAULT_PK_ALG \ +#define KEX_COMMON_KEX_FIPS \ + KEX_ECDH_METHODS \ -+ KEX_SHA256_METHODS ++ KEX_SHA2_METHODS + +#define KEX_SERVER_KEX_FIPS KEX_COMMON_KEX_FIPS \ + "diffie-hellman-group14-sha1" \ @@ -350,7 +372,7 @@ HOSTKEY_ECDSA_CERT_METHODS \ "ssh-ed25519-cert-v01@openssh.com," \ "ssh-rsa-cert-v01@openssh.com," \ -@@ -105,17 +117,32 @@ +@@ -112,17 +124,32 @@ "rsa-sha2-256," \ "ssh-rsa" @@ -386,7 +408,7 @@ "umac-64-etm@openssh.com," \ "umac-128-etm@openssh.com," \ "hmac-sha2-256-etm@openssh.com," \ -@@ -127,7 +154,42 @@ +@@ -134,7 +161,42 @@ "hmac-sha2-512," \ "hmac-sha1" @@ -473,7 +495,7 @@ diff -pur old/ssh-agent.c new/ssh-agent.c --- old/ssh-agent.c +++ new/ssh-agent.c -@@ -1199,6 +1199,7 @@ main(int ac, char **av) +@@ -1196,6 +1196,7 @@ main(int ac, char **av) struct timeval *tvp = NULL; size_t len; mode_t prev_mask; @@ -481,9 +503,9 @@ ssh_malloc_init(); /* must be called before any mallocs */ /* Ensure that fds 0, 1 and 2 are open or directed to /dev/null */ -@@ -1213,6 +1214,9 @@ main(int ac, char **av) - prctl(PR_SET_DUMPABLE, 0); - #endif +@@ -1207,6 +1208,9 @@ main(int ac, char **av) + + platform_disable_tracing(0); /* strict=no */ +#ifdef ENABLE_OPENSSL_FIPS + fips_err = ssh_FIPS_mode_set_if_capable(); @@ -491,7 +513,7 @@ #ifdef WITH_OPENSSL OpenSSL_add_all_algorithms(); #endif -@@ -1343,8 +1347,19 @@ main(int ac, char **av) +@@ -1337,8 +1341,19 @@ main(int ac, char **av) printf(format, SSH_AUTHSOCKET_ENV_NAME, socket_name, SSH_AUTHSOCKET_ENV_NAME); printf("echo Agent pid %ld;\n", (long)parent_pid); @@ -514,7 +536,7 @@ diff -pur old/ssh-keygen.1 new/ssh-keygen.1 --- old/ssh-keygen.1 +++ new/ssh-keygen.1 -@@ -283,6 +283,8 @@ and +@@ -284,6 +284,8 @@ and .Dq sha256 . The default is .Dq sha256 . @@ -526,7 +548,7 @@ diff -pur old/ssh-keygen.c new/ssh-keygen.c --- old/ssh-keygen.c +++ new/ssh-keygen.c -@@ -2267,11 +2267,18 @@ main(int argc, char **argv) +@@ -2273,11 +2273,18 @@ main(int argc, char **argv) __progname = ssh_get_progname(argv[0]); @@ -576,7 +598,7 @@ diff -pur old/ssh.1 new/ssh.1 --- old/ssh.1 +++ new/ssh.1 -@@ -91,6 +91,9 @@ If +@@ -92,6 +92,9 @@ If is specified, it is executed on the remote host instead of a login shell. .Pp @@ -589,7 +611,7 @@ diff -pur old/ssh.c new/ssh.c --- old/ssh.c +++ new/ssh.c -@@ -606,6 +606,11 @@ main(int ac, char **av) +@@ -609,6 +609,11 @@ main(int ac, char **av) */ initialize_options(&options); @@ -601,7 +623,7 @@ /* Parse command-line arguments. */ host = NULL; use_syslog = 0; -@@ -1016,6 +1021,10 @@ main(int ac, char **av) +@@ -1028,6 +1033,10 @@ main(int ac, char **av) #endif ); @@ -615,7 +637,7 @@ diff -pur old/ssh_api.c new/ssh_api.c --- old/ssh_api.c +++ new/ssh_api.c -@@ -81,6 +81,10 @@ ssh_init(struct ssh **sshp, int is_serve +@@ -79,6 +79,10 @@ ssh_init(struct ssh **sshp, int is_serve int r; if (!called) { @@ -652,7 +674,7 @@ .It Cm ForwardAgent Specifies whether the connection to the authentication agent (if any) will be forwarded to the remote machine. -@@ -1200,6 +1209,16 @@ umac-64@openssh.com,umac-128@openssh.com +@@ -1249,6 +1258,16 @@ umac-64@openssh.com,umac-128@openssh.com hmac-sha2-256,hmac-sha2-512,hmac-sha1 .Ed .Pp @@ -703,7 +725,7 @@ diff -pur old/sshd.c new/sshd.c --- old/sshd.c +++ new/sshd.c -@@ -430,10 +430,18 @@ sshd_exchange_identification(int sock_in +@@ -431,10 +431,18 @@ sshd_exchange_identification(struct ssh minor = PROTOCOL_MINOR_1; } @@ -722,7 +744,7 @@ /* Send our protocol version identification. */ if (atomicio(vwrite, sock_out, server_version_string, -@@ -1503,6 +1511,10 @@ main(int ac, char **av) +@@ -1562,6 +1570,10 @@ main(int ac, char **av) /* Ensure that fds 0, 1 and 2 are open or directed to /dev/null */ sanitise_stdfd(); @@ -733,7 +755,7 @@ /* Initialize configuration options to their default values. */ initialize_server_options(&options); -@@ -1653,6 +1665,10 @@ main(int ac, char **av) +@@ -1712,6 +1724,10 @@ main(int ac, char **av) SYSLOG_FACILITY_AUTH : options.log_facility, log_stderr || !inetd_flag); @@ -747,7 +769,7 @@ diff -pur old/sshd_config.5 new/sshd_config.5 --- old/sshd_config.5 +++ new/sshd_config.5 -@@ -482,6 +482,13 @@ aes128-ctr,aes192-ctr,aes256-ctr, +@@ -489,6 +489,13 @@ aes128-ctr,aes192-ctr,aes256-ctr, aes128-gcm@openssh.com,aes256-gcm@openssh.com .Ed .Pp @@ -761,7 +783,7 @@ The list of available ciphers may also be obtained using the .Fl Q option of -@@ -576,6 +583,8 @@ and +@@ -585,6 +592,8 @@ and .Dq sha256 . The default is .Dq sha256 . @@ -770,7 +792,7 @@ .It Cm ForceCommand Forces the execution of the command specified by .Cm ForceCommand , -@@ -1025,6 +1034,16 @@ umac-64@openssh.com,umac-128@openssh.com +@@ -1034,6 +1043,16 @@ umac-64@openssh.com,umac-128@openssh.com hmac-sha2-256,hmac-sha2-512,hmac-sha1 .Ed .Pp diff -r e7955ccacd45 -r 31ef2580c45d components/openssh/patches/036-fipsrandom.patch --- a/components/openssh/patches/036-fipsrandom.patch Mon Sep 19 14:01:08 2016 -0700 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,119 +0,0 @@ -# -# Replace arc4random* calls with FIPS compliant implementation in FIPS mode. -# -# Once libc:arc4random* are FIPS compliant (20816957), this patch will be -# dropped. -# -# This is a temporary patch and is not intented for upstream contribution. -# -diff -pur old/misc.c new/misc.c ---- old/misc.c -+++ new/misc.c -@@ -1164,3 +1164,87 @@ sock_set_v6only(int s) - error("setsockopt IPV6_V6ONLY: %s", strerror(errno)); - #endif - } -+ -+#ifdef ENABLE_OPENSSL_FIPS -+/* cancel arc4random* -> fips_arc4random* defines from misc.h */ -+#undef arc4random -+#undef arc4random_buf -+#undef arc4random_stir -+#undef arc4random_uniform -+ -+/* FIPS compliant alternative for arc4random */ -+static uint32_t -+fips_arc4random_impl() -+{ -+ unsigned int r = 0; -+ -+ if (RAND_bytes((unsigned char *)&r, sizeof (r)) <= 0) { -+ fatal("RAND_bytes() failed. Aborting the process"); -+ } -+ -+ return (r); -+} -+ -+uint32_t -+fips_arc4random() -+{ -+ if (!ssh_FIPS_mode()) -+ return arc4random(); -+ else -+ return fips_arc4random_impl(); -+} -+ -+/* implementation taken from openbsd-compat/arc4random.c */ -+void -+fips_arc4random_buf(void *_buf, size_t n) -+{ -+ size_t i; -+ uint32_t r = 0; -+ char *buf = (char *)_buf; -+ -+ if (!ssh_FIPS_mode()) -+ return arc4random_buf(_buf, n); -+ -+ for (i = 0; i < n; i++) { -+ if (i % 4 == 0) -+ r = fips_arc4random_impl(); -+ buf[i] = r & 0xff; -+ r >>= 8; -+ } -+ explicit_bzero(&r, sizeof(r)); -+} -+ -+void -+fips_arc4random_stir(void) -+{ -+ if (!ssh_FIPS_mode()) -+ return arc4random_stir(); -+} -+ -+/* implementation taken from openbsd-compat/arc4random.c */ -+uint32_t -+fips_arc4random_uniform(uint32_t upper_bound) -+{ -+ uint32_t r, min; -+ -+ if (upper_bound < 2) -+ return 0; -+ -+ /* 2**32 % x == (2**32 - x) % x */ -+ min = -upper_bound % upper_bound; -+ -+ /* -+ * This could theoretically loop forever but each retry has -+ * p > 0.5 (worst case, usually far better) of selecting a -+ * number inside the range we need, so it should rarely need -+ * to re-roll. -+ */ -+ for (;;) { -+ r = fips_arc4random_impl(); -+ if (r >= min) -+ break; -+ } -+ -+ return r % upper_bound; -+} -+#endif /* ENABLE_OPENSSL_FIPS */ -diff -pur old/misc.h new/misc.h ---- old/misc.h -+++ new/misc.h -@@ -140,4 +140,16 @@ char *read_passphrase(const char *, int) - int ask_permission(const char *, ...) __attribute__((format(printf, 1, 2))); - int read_keyfile_line(FILE *, const char *, char *, size_t, u_long *); - -+#ifdef ENABLE_OPENSSL_FIPS -+/* arc4random* FIPS alternatives */ -+uint32_t fips_arc4random(void); -+void fips_arc4random_buf(void *, size_t); -+void fips_arc4random_stir(void); -+uint32_t fips_arc4random_uniform(uint32_t upper_bound); -+#define arc4random fips_arc4random -+#define arc4random_buf fips_arc4random_buf -+#define arc4random_stir fips_arc4random_stir -+#define arc4random_uniform fips_arc4random_uniform -+#endif /* ENABLE_OPENSSL_FIPS */ -+ - #endif /* _MISC_H */ diff -r e7955ccacd45 -r 31ef2580c45d components/openssh/patches/040-default_config_files.patch --- a/components/openssh/patches/040-default_config_files.patch Mon Sep 19 14:01:08 2016 -0700 +++ b/components/openssh/patches/040-default_config_files.patch Tue Sep 20 03:54:40 2016 -0700 @@ -30,9 +30,9 @@ diff -pur old/sshd_config new/sshd_config --- old/sshd_config +++ new/sshd_config -@@ -1,133 +1,96 @@ --# $OpenBSD: sshd_config,v 1.98 2016/02/17 05:29:04 djm Exp $ -+# $OpenBSD: sshd_config,v 1.97 2015/08/06 14:53:21 deraadt Exp $ +@@ -1,132 +1,96 @@ +-# $OpenBSD: sshd_config,v 1.99 2016/07/11 03:19:44 tedu Exp $ ++# $OpenBSD: sshd_config,v 1.99 2016/07/11 03:19:44 tedu Exp $ # This is the sshd server system-wide configuration file. See # sshd_config(5) for more information. @@ -79,7 +79,6 @@ -#RekeyLimit default none - -# Logging --# obsoletes QuietMode and FascistLogging -#SyslogFacility AUTH -#LogLevel INFO +# X11 tunneling options diff -r e7955ccacd45 -r 31ef2580c45d components/openssh/patches/041-pam_ctx_preserve.patch --- a/components/openssh/patches/041-pam_ctx_preserve.patch Mon Sep 19 14:01:08 2016 -0700 +++ b/components/openssh/patches/041-pam_ctx_preserve.patch Tue Sep 20 03:54:40 2016 -0700 @@ -22,11 +22,10 @@ # Reported upstream: # https://bugzilla.mindrot.org/show_bug.cgi?id=2548 # - diff -pur old/auth-pam.c new/auth-pam.c --- old/auth-pam.c +++ new/auth-pam.c -@@ -97,6 +97,7 @@ +@@ -98,6 +98,7 @@ #include "ssh-gss.h" #endif #include "monitor_wrap.h" @@ -34,7 +33,7 @@ extern ServerOptions options; extern Buffer loginmsg; -@@ -109,38 +110,26 @@ extern u_int utmp_len; +@@ -110,38 +111,26 @@ extern u_int utmp_len; #endif /* @@ -83,7 +82,7 @@ static mysig_t sshpam_oldsig; static void -@@ -149,78 +138,22 @@ sshpam_sigchld_handler(int sig) +@@ -150,85 +139,25 @@ sshpam_sigchld_handler(int sig) signal(SIGCHLD, SIG_DFL); if (cleanup_ctxt == NULL) return; /* handler called after PAM cleanup, shouldn't happen */ @@ -92,12 +91,16 @@ <= 0) { - /* PAM thread has not exitted, privsep slave must have */ - kill(cleanup_ctxt->pam_thread, SIGTERM); -- if (waitpid(cleanup_ctxt->pam_thread, &sshpam_thread_status, 0) +- while (waitpid(cleanup_ctxt->pam_thread, +- &sshpam_thread_status, 0) == -1) { + /* callback child has not exited, privsep slave must have */ + kill(cleanup_ctxt->pam_child, SIGTERM); -+ if (waitpid(cleanup_ctxt->pam_child, &sshpam_child_status, 0) - <= 0) - return; /* could not wait */ ++ while (waitpid(cleanup_ctxt->pam_child, ++ &sshpam_child_status, 0) == -1) { + if (errno == EINTR) + continue; + return; + } } - if (WIFSIGNALED(sshpam_thread_status) && - WTERMSIG(sshpam_thread_status) == SIGTERM) @@ -158,7 +161,11 @@ - if (sshpam_thread_status != -1) - return (sshpam_thread_status); - signal(SIGCHLD, sshpam_oldsig); -- waitpid(thread, &status, 0); +- while (waitpid(thread, &status, 0) == -1) { +- if (errno == EINTR) +- continue; +- fatal("%s: waitpid: %s", __func__, strerror(errno)); +- } - return (status); + if (WIFSIGNALED(sshpam_child_status) && + WTERMSIG(sshpam_child_status) == SIGTERM) @@ -173,7 +180,7 @@ static pam_handle_t *sshpam_handle = NULL; static int sshpam_err = 0; -@@ -290,55 +223,11 @@ sshpam_password_change_required(int reqd +@@ -298,55 +227,11 @@ sshpam_password_change_required(int reqd } } @@ -231,7 +238,7 @@ struct pam_response **resp, void *data) { Buffer buffer; -@@ -420,48 +309,84 @@ sshpam_thread_conv(int n, sshpam_const s +@@ -411,48 +296,85 @@ sshpam_thread_conv(int n, sshpam_const s } /* @@ -310,15 +317,15 @@ + close(ctxt->pam_csock); + ctxt->pam_csock = -1; +} -+ + +- sshpam_conv.conv = sshpam_thread_conv; +int +get_pam_done(void *ctxt) +{ + struct pam_ctxt *pctxt = (struct pam_ctxt *)ctxt; + return (pctxt->pam_done); +} - -- sshpam_conv.conv = sshpam_thread_conv; ++ +/* + * Perform PAM authentication. + * @@ -333,6 +340,7 @@ + struct pam_conv sshpam_conv; + int flags = (options.permit_empty_passwd == 0 ? + PAM_DISALLOW_NULL_AUTHTOK : 0); ++ struct ssh *ssh = active_state; /* XXX */ + + sshpam_conv.conv = sshpam_child_conv; sshpam_conv.appdata_ptr = ctxt; @@ -346,7 +354,7 @@ sshpam_err = pam_set_item(sshpam_handle, PAM_CONV, (const void *)&sshpam_conv); if (sshpam_err != PAM_SUCCESS) -@@ -484,60 +409,34 @@ sshpam_thread(void *ctxtp) +@@ -477,63 +399,35 @@ sshpam_thread(void *ctxtp) } } @@ -385,6 +393,8 @@ - /* XXX - can't do much about an error here */ - if (sshpam_err == PAM_ACCT_EXPIRED) - ssh_msg_send(ctxt->pam_csock, PAM_ACCT_EXPIRED, &buffer); +- else if (sshpam_maxtries_reached) +- ssh_msg_send(ctxt->pam_csock, PAM_MAXTRIES, &buffer); - else - ssh_msg_send(ctxt->pam_csock, PAM_AUTH_ERR, &buffer); - buffer_free(&buffer); @@ -396,7 +406,7 @@ + pam_strerror(sshpam_handle, sshpam_err), + sshpam_authctxt->valid ? "" : "illegal user ", + sshpam_authctxt->user, -+ get_remote_name_or_ip(utmp_len, options.use_dns)); ++ auth_get_canonical_hostname(ssh, options.use_dns)); + relieve_from_duty(ctxt); } @@ -413,6 +423,7 @@ - close(ctxt->pam_psock); - close(ctxt->pam_csock); - memset(ctxt, 0, sizeof(*ctxt)); +- cleanup_ctxt = NULL; + if (ctxt != NULL && ctxt->pam_child != 0) { + signal(SIGCHLD, sshpam_oldsig); + /* callback child should have had exited by now */ @@ -423,18 +434,19 @@ + close(ctxt->pam_csock); + if (sshpam_child_status == -1) + waitpid(ctxt->pam_child, &sshpam_child_status, 0); - cleanup_ctxt = NULL; ++ cleanup_ctxt = NULL; } } -@@ -686,7 +585,6 @@ derive_pam_service_name(Authctxt *authct + +@@ -681,7 +575,6 @@ derive_pam_service_name(Authctxt *authct static int sshpam_init(Authctxt *authctxt) { - extern char *__progname; const char *pam_rhost, *pam_user, *user = authctxt->user; const char **ptr_pam_user = &pam_user; - -@@ -792,6 +690,7 @@ sshpam_init_ctx(Authctxt *authctxt) + struct ssh *ssh = active_state; /* XXX */ +@@ -788,6 +681,7 @@ sshpam_init_ctx(Authctxt *authctxt) { struct pam_ctxt *ctxt; int socks[2]; @@ -442,7 +454,7 @@ debug3("PAM: %s entering", __func__); /* -@@ -809,7 +708,7 @@ sshpam_init_ctx(Authctxt *authctxt) +@@ -805,7 +699,7 @@ sshpam_init_ctx(Authctxt *authctxt) ctxt = xcalloc(1, sizeof *ctxt); @@ -451,7 +463,7 @@ if (socketpair(AF_UNIX, SOCK_STREAM, PF_UNSPEC, socks) == -1) { error("PAM: failed create sockets: %s", strerror(errno)); free(ctxt); -@@ -817,15 +716,29 @@ sshpam_init_ctx(Authctxt *authctxt) +@@ -813,15 +707,29 @@ sshpam_init_ctx(Authctxt *authctxt) } ctxt->pam_psock = socks[0]; ctxt->pam_csock = socks[1]; @@ -485,11 +497,10 @@ return (ctxt); } -@@ -839,8 +752,11 @@ sshpam_query(void *ctx, char **name, cha +@@ -836,8 +744,10 @@ sshpam_query(void *ctx, char **name, cha u_char type; char *msg; size_t len, mlen; -+ struct ssh *ssh; + int r; debug3("PAM: %s entering", __func__); @@ -497,7 +508,7 @@ buffer_init(&buffer); *name = xstrdup(""); *info = xstrdup(""); -@@ -848,6 +764,17 @@ sshpam_query(void *ctx, char **name, cha +@@ -845,6 +755,17 @@ sshpam_query(void *ctx, char **name, cha **prompts = NULL; plen = 0; *echo_on = xmalloc(sizeof(u_int)); @@ -515,7 +526,7 @@ while (ssh_msg_recv(ctxt->pam_psock, &buffer) == 0) { type = buffer_get_char(&buffer); msg = buffer_get_string(&buffer, NULL); -@@ -879,15 +806,6 @@ sshpam_query(void *ctx, char **name, cha +@@ -880,15 +801,6 @@ sshpam_query(void *ctx, char **name, cha /* FALLTHROUGH */ case PAM_AUTH_ERR: debug3("PAM: %s", pam_strerror(sshpam_handle, type)); @@ -531,7 +542,7 @@ /* FALLTHROUGH */ case PAM_SUCCESS: if (**prompts != NULL) { -@@ -898,25 +816,21 @@ sshpam_query(void *ctx, char **name, cha +@@ -899,25 +811,20 @@ sshpam_query(void *ctx, char **name, cha free(**prompts); **prompts = NULL; } @@ -553,16 +564,15 @@ + buffer_put_cstring(&buffer, buffer_ptr(&loginmsg)); + if (!use_privsep) { + /* sync packet state with parrent */ -+ ssh = active_state; + r = ssh_packet_get_state(ssh, &buffer); + if (r != 0) + fatal("%s: get_state failed: %s", -+ __func__, ssh_err(r)); ++ __func__, ssh_err(r)); } - error("PAM: %s for %s%.100s from %.100s", msg, - sshpam_authctxt->valid ? "" : "illegal user ", - sshpam_authctxt->user, -- get_remote_name_or_ip(utmp_len, options.use_dns)); +- auth_get_canonical_hostname(ssh, options.use_dns)); - /* FALLTHROUGH */ + ssh_msg_send(ctxt->pam_psock, type, &buffer); + /* callback child ends here */ @@ -571,7 +581,7 @@ default: *num = 0; **echo_on = 0; -@@ -970,7 +884,7 @@ sshpam_free_ctx(void *ctxtp) +@@ -997,7 +904,7 @@ sshpam_free_ctx(void *ctxtp) struct pam_ctxt *ctxt = ctxtp; debug3("PAM: %s entering", __func__); @@ -583,22 +593,20 @@ diff -pur old/auth-pam.h new/auth-pam.h --- old/auth-pam.h +++ new/auth-pam.h -@@ -45,9 +45,10 @@ int do_pam_putenv(char *, char *); +@@ -45,7 +45,8 @@ int do_pam_putenv(char *, char *); char ** fetch_pam_environment(void); char ** fetch_pam_child_environment(void); void free_pam_environment(char **); -void sshpam_thread_cleanup(void); +void sshpam_child_cleanup(void); ++int get_pam_done(void *); void sshpam_cleanup(void); int sshpam_auth_passwd(Authctxt *, const char *); - int is_pam_session_open(void); -+int get_pam_done(void *); - - #endif /* USE_PAM */ + int sshpam_get_maxtries_reached(void); diff -pur old/monitor.c new/monitor.c --- old/monitor.c +++ new/monitor.c -@@ -1179,12 +1179,38 @@ mm_answer_pam_init_ctx(int sock, Buffer +@@ -1184,12 +1184,39 @@ mm_answer_pam_init_ctx(int sock, Buffer sshpam_ctxt = (sshpam_device.init_ctx)(authctxt); sshpam_authok = NULL; buffer_clear(m); @@ -629,6 +637,7 @@ + buffer_len(&loginmsg)); + buffer_clear(&loginmsg); + } ++ buffer_put_int(m, sshpam_get_maxtries_reached()); + buffer_put_int(m, 0); /* num */ + mm_request_send(sock, MONITOR_ANS_PAM_QUERY, m); + return (0); @@ -637,7 +646,7 @@ mm_request_send(sock, MONITOR_ANS_PAM_INIT_CTX, m); return (0); } -@@ -1938,7 +1964,8 @@ monitor_apply_keystate(struct monitor *p +@@ -1947,7 +1974,8 @@ monitor_apply_keystate(struct monitor *p int r; debug3("%s: packet_set_state", __func__); @@ -650,7 +659,7 @@ diff -pur old/packet.c new/packet.c --- old/packet.c +++ new/packet.c -@@ -2345,7 +2345,7 @@ ssh_packet_restore_state(struct ssh *ssh +@@ -2449,7 +2449,7 @@ ssh_packet_get_output(struct ssh *ssh) } /* Reset after_authentication and reset compression in post-auth privsep */ @@ -659,7 +668,7 @@ ssh_packet_set_postauth(struct ssh *ssh) { struct sshcomp *comp; -@@ -2682,8 +2682,7 @@ ssh_packet_set_state(struct ssh *ssh, st +@@ -2775,8 +2775,7 @@ ssh_packet_set_state(struct ssh *ssh, st cipher_set_keycontext(&state->send_context, keyout); cipher_set_keycontext(&state->receive_context, keyin); @@ -672,18 +681,18 @@ diff -pur old/packet.h new/packet.h --- old/packet.h +++ new/packet.h -@@ -141,6 +141,7 @@ u_int ssh_packet_get_maxsize(struct ssh +@@ -144,6 +144,7 @@ u_int ssh_packet_get_maxsize(struct ssh int ssh_packet_get_state(struct ssh *, struct sshbuf *); int ssh_packet_set_state(struct ssh *, struct sshbuf *); +int ssh_packet_set_postauth(struct ssh *ssh); const char *ssh_remote_ipaddr(struct ssh *); - + int ssh_remote_port(struct ssh *); diff -pur old/servconf.c new/servconf.c --- old/servconf.c +++ new/servconf.c -@@ -433,6 +433,18 @@ fill_default_server_options(ServerOption +@@ -435,6 +435,18 @@ fill_default_server_options(ServerOption options->compression = 0; } #endif @@ -705,7 +714,7 @@ diff -pur old/session.c new/session.c --- old/session.c +++ new/session.c -@@ -2850,7 +2850,7 @@ do_cleanup(Authctxt *authctxt) +@@ -2890,7 +2890,7 @@ do_cleanup(Authctxt *authctxt) #ifdef USE_PAM if (options.use_pam) { sshpam_cleanup(); diff -r e7955ccacd45 -r 31ef2580c45d components/openssh/patches/043-protect_agent_sftpserver.patch --- a/components/openssh/patches/043-protect_agent_sftpserver.patch Mon Sep 19 14:01:08 2016 -0700 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,96 +0,0 @@ -# -# This patch is to make ssh-agent and sftp-server untraceable on Solaris -# without using the sgid bit. The OpenSSH upstream contains code for -# Linux to disable ptrace on these two programs. This patch provides the -# equivalent Solaris implementation. -# -# This Solaris-specific patch has been contributed back to OpenSSH upstream. -# For more information, see https://bugzilla.mindrot.org/show_bug.cgi?id=2584. -# In the future, if this is accepted by the upsteam in a later release, we will -# remove this patch when we upgrade to that release. -# ---- orig/config.h.in Mon Jun 6 19:22:23 2016 -+++ new/config.h.in Mon Jun 6 19:25:05 2016 -@@ -962,6 +962,9 @@ - /* Define to 1 if you have the `setpcred' function. */ - #undef HAVE_SETPCRED - -+/* Define to 1 if you have the `setpflags' function. */ -+#undef HAVE_SETPFLAGS -+ - /* Define to 1 if you have the `setppriv' function. */ - #undef HAVE_SETPPRIV - ---- orig/configure.ac Mon Jun 6 16:03:27 2016 -+++ new/configure.ac Mon Jun 6 19:17:06 2016 -@@ -899,6 +899,8 @@ - else - AC_MSG_RESULT([no]) - fi -+ -+ AC_CHECK_FUNCS([setpflags]) - AC_CHECK_FUNCS([setppriv]) - AC_CHECK_FUNCS([priv_basicset]) - AC_CHECK_HEADERS([priv.h]) ---- orig/sftp-server.c Tue Jun 7 11:16:34 2016 -+++ new/sftp-server.c Tue Jun 7 16:48:09 2016 -@@ -32,6 +32,9 @@ - #ifdef HAVE_SYS_PRCTL_H - #include - #endif -+#ifdef HAVE_PRIV_H -+#include /* For setpflags() and __PROC_PROTECT */ -+#endif - - #include - #include -@@ -1588,6 +1591,11 @@ - - log_init(__progname, log_level, log_facility, log_stderr); - -+#if defined(HAVE_SETPFLAGS) && defined(__PROC_PROTECT) -+ /* On Solaris, we should make this process untraceable */ -+ if (setpflags(__PROC_PROTECT, 1) != 0) -+ fatal("unable to make the process untraceable"); -+#else - #if defined(HAVE_PRCTL) && defined(PR_SET_DUMPABLE) - /* - * On Linux, we should try to avoid making /proc/self/{mem,maps} -@@ -1598,6 +1606,7 @@ - if (prctl(PR_SET_DUMPABLE, 0) != 0) - fatal("unable to make the process undumpable"); - #endif /* defined(HAVE_PRCTL) && defined(PR_SET_DUMPABLE) */ -+#endif - - /* Drop any fine-grained privileges we don't need */ - platform_pledge_sftp_server(); ---- orig/ssh-agent.c Mon Jun 6 19:04:38 2016 -+++ new/ssh-agent.c Tue Jun 7 12:18:11 2016 -@@ -92,6 +92,10 @@ - #include /* For prctl() and PR_SET_DUMPABLE */ - #endif - -+#if defined(HAVE_PRIV_H) -+#include /* For setpflags() and __PROC_PROTECT */ -+#endif -+ - typedef enum { - AUTH_UNUSED, - AUTH_SOCKET, -@@ -1209,10 +1213,16 @@ - setegid(getgid()); - setgid(getgid()); - -+#if defined(HAVE_SETPFLAGS) && defined(__PROC_PROTECT) -+ /* make it untraceable on Solaris */ -+ (void) setpflags(__PROC_PROTECT, 1); -+ -+#else - #if defined(HAVE_PRCTL) && defined(PR_SET_DUMPABLE) - /* Disable ptrace on Linux without sgid bit */ - prctl(PR_SET_DUMPABLE, 0); - #endif -+#endif - - #ifdef ENABLE_OPENSSL_FIPS - fips_err = ssh_FIPS_mode_set_if_capable(); diff -r e7955ccacd45 -r 31ef2580c45d components/openssh/patches/045-remove_unacceptable_algs.patch --- a/components/openssh/patches/045-remove_unacceptable_algs.patch Mon Sep 19 14:01:08 2016 -0700 +++ b/components/openssh/patches/045-remove_unacceptable_algs.patch Tue Sep 20 03:54:40 2016 -0700 @@ -4,23 +4,12 @@ # and hmac-md5 Messages Authentication Codes (MACs). Besides that, disable # deprecated 3des-cbc by default on client (already disabled on the server). # +# Update Aug 29, 2016: +# Disabling arcfour used to be implemented by Solaris specific macro +# WITHOUT_ARCFOUR, but now upstream OPENSSL_NO_RC4 is used instead. +# # Patch source: in-house # -diff -pur old/cipher.c new/cipher.c ---- old/cipher.c -+++ new/cipher.c -@@ -119,9 +119,11 @@ static const struct sshcipher ciphers[] - { "cast128-cbc", - SSH_CIPHER_SSH2, 8, 16, 0, 0, 0, 1, EVP_cast5_cbc }, - #endif -+#ifndef WITHOUT_ARCFOUR - { "arcfour", SSH_CIPHER_SSH2, 8, 16, 0, 0, 0, 0, EVP_rc4 }, - { "arcfour128", SSH_CIPHER_SSH2, 8, 16, 0, 0, 1536, 0, EVP_rc4 }, - { "arcfour256", SSH_CIPHER_SSH2, 8, 32, 0, 0, 1536, 0, EVP_rc4 }, -+#endif - { "aes128-cbc", SSH_CIPHER_SSH2, 16, 16, 0, 0, 0, 1, EVP_aes_128_cbc }, - { "aes192-cbc", SSH_CIPHER_SSH2, 16, 24, 0, 0, 0, 1, EVP_aes_192_cbc }, - { "aes256-cbc", SSH_CIPHER_SSH2, 16, 32, 0, 0, 0, 1, EVP_aes_256_cbc }, diff -pur old/mac.c new/mac.c --- old/mac.c +++ new/mac.c @@ -49,7 +38,7 @@ diff -pur old/myproposal.h new/myproposal.h --- old/myproposal.h +++ new/myproposal.h -@@ -133,14 +133,14 @@ +@@ -140,14 +140,14 @@ AESGCM_CIPHER_MODES #define KEX_CLIENT_ENCRYPT_DFLT KEX_SERVER_ENCRYPT_DFLT "," \ @@ -91,44 +80,6 @@ .Ed .Pp The following ciphers are FIPS-140 approved and are supported in FIPS-140 mode: -diff -pur old/sshd_config.5 new/sshd_config.5 ---- old/sshd_config.5 -+++ new/sshd_config.5 -@@ -464,12 +464,6 @@ aes128-gcm@openssh.com - .It - aes256-gcm@openssh.com - .It --arcfour --.It --arcfour128 --.It --arcfour256 --.It - blowfish-cbc - .It - chacha20-poly1305@openssh.com -@@ -988,10 +982,6 @@ The supported MACs are: - .Pp - .Bl -item -compact -offset indent - .It --hmac-md5 --.It --hmac-md5-96 --.It - hmac-ripemd160 - .It - hmac-sha1 -@@ -1006,10 +996,6 @@ umac-64@openssh.com - .It - umac-128@openssh.com - .It --hmac-md5-etm@openssh.com --.It --hmac-md5-96-etm@openssh.com --.It - hmac-ripemd160-etm@openssh.com - .It - hmac-sha1-etm@openssh.com diff -pur old/sshd.8 new/sshd.8 --- old/sshd.8 +++ new/sshd.8 @@ -147,3 +98,41 @@ hmac-sha2-256 or hmac-sha2-512). .Pp Finally, the server and the client enter an authentication dialog. +diff -pur old/sshd_config.5 new/sshd_config.5 +--- old/sshd_config.5 ++++ new/sshd_config.5 +@@ -471,12 +471,6 @@ aes128-gcm@openssh.com + .It + aes256-gcm@openssh.com + .It +-arcfour +-.It +-arcfour128 +-.It +-arcfour256 +-.It + blowfish-cbc + .It + chacha20-poly1305@openssh.com +@@ -1009,10 +1003,6 @@ The supported MACs are: + .Pp + .Bl -item -compact -offset indent + .It +-hmac-md5 +-.It +-hmac-md5-96 +-.It + hmac-ripemd160 + .It + hmac-sha1 +@@ -1027,10 +1017,6 @@ umac-64@openssh.com + .It + umac-128@openssh.com + .It +-hmac-md5-etm@openssh.com +-.It +-hmac-md5-96-etm@openssh.com +-.It + hmac-ripemd160-etm@openssh.com + .It + hmac-sha1-etm@openssh.com diff -r e7955ccacd45 -r 31ef2580c45d components/openssh/patches/046-73_solaris_build_issue.patch --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/components/openssh/patches/046-73_solaris_build_issue.patch Tue Sep 20 03:54:40 2016 -0700 @@ -0,0 +1,31 @@ +# +# Unbreak ./configure on Solaris. +# +# Patch source: upstream +# https://marc.info/?l=openssh-unix-dev&m=147011381114561&w=2 +# +--- orig/configure.ac Thu Aug 18 14:41:57 2016 ++++ new/configure.ac Thu Aug 18 14:44:59 2016 +@@ -751,6 +751,9 @@ + use_pie=auto + check_for_libcrypt_later=1 + check_for_openpty_ctty_bug=1 ++ dnl Target SUSv3/POSIX.1-2001 plus BSD specifics. ++ dnl _DEFAULT_SOURCE is the new name for _BSD_SOURCE ++ CPPFLAGS="$CPPFLAGS -D_XOPEN_SOURCE=600 -D_BSD_SOURCE -D_DEFAULT_SOURCE" + AC_DEFINE([PAM_TTY_KLUDGE], [1], + [Work around problematic Linux PAM modules handling of PAM_TTY]) + AC_DEFINE([LOCKED_PASSWD_PREFIX], ["!"], +@@ -1790,11 +1793,8 @@ + warn \ + ]) + +-dnl Wide character support. Linux man page says it needs _XOPEN_SOURCE. +-saved_CFLAGS="$CFLAGS" +-CFLAGS="$CFLAGS -D_XOPEN_SOURCE" ++dnl Wide character support. + AC_CHECK_FUNCS([mblen mbtowc nl_langinfo wcwidth]) +-CFLAGS="$saved_CFLAGS" + + AC_LINK_IFELSE( + [AC_LANG_PROGRAM( diff -r e7955ccacd45 -r 31ef2580c45d components/openssh/sources/kexgssc.c --- a/components/openssh/sources/kexgssc.c Mon Sep 19 14:01:08 2016 -0700 +++ b/components/openssh/sources/kexgssc.c Tue Sep 20 03:54:40 2016 -0700 @@ -63,7 +63,6 @@ Gssctxt *ctxt; OM_uint32 maj_status, min_status, ret_flags; uint_t klen, kout, slen = 0, strlen; - DH *dh; BIGNUM *dh_server_pub = NULL; BIGNUM *shared_secret = NULL; BIGNUM *p = NULL; @@ -284,7 +283,9 @@ switch (kex->kex_type) { case KEX_GSS_GRP1_SHA1: case KEX_GSS_GRP14_SHA1: - kex_dh_hash(kex->client_version_string, + kex_dh_hash( + kex->hash_alg, + kex->client_version_string, kex->server_version_string, buffer_ptr(kex->my), buffer_len(kex->my), buffer_ptr(kex->peer), buffer_len(kex->peer), diff -r e7955ccacd45 -r 31ef2580c45d components/openssh/sources/kexgsss.c --- a/components/openssh/sources/kexgsss.c Mon Sep 19 14:01:08 2016 -0700 +++ b/components/openssh/sources/kexgsss.c Tue Sep 20 03:54:40 2016 -0700 @@ -76,7 +76,6 @@ Gssctxt *ctxt = NULL; uint_t slen, klen, kout; uchar_t *kbuf; - DH *dh; int min = -1, max = -1, nbits = -1; BIGNUM *shared_secret = NULL; BIGNUM *dh_client_pub = NULL; @@ -236,6 +235,7 @@ case KEX_GSS_GRP1_SHA1: case KEX_GSS_GRP14_SHA1: kex_dh_hash( + kex->hash_alg, kex->client_version_string, kex->server_version_string, buffer_ptr(kex->peer), buffer_len(kex->peer), buffer_ptr(kex->my), buffer_len(kex->my),