diff options
| -rw-r--r-- | clientloop.c | 5 | ||||
| -rw-r--r-- | myproposal.h | 138 | ||||
| -rw-r--r-- | readconf.c | 53 | ||||
| -rw-r--r-- | readconf.h | 3 | ||||
| -rw-r--r-- | servconf.c | 47 | ||||
| -rw-r--r-- | sshconnect2.c | 8 |
6 files changed, 92 insertions, 162 deletions
diff --git a/clientloop.c b/clientloop.c index 8f0332df4..4acf2806d 100644 --- a/clientloop.c +++ b/clientloop.c @@ -1,4 +1,4 @@ -/* $OpenBSD: clientloop.c,v 1.330 2019/12/21 02:19:13 djm Exp $ */ +/* $OpenBSD: clientloop.c,v 1.331 2020/01/23 02:46:49 dtucker Exp $ */ /* * Author: Tatu Ylonen <ylo@cs.hut.fi> * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland @@ -2046,8 +2046,7 @@ static int key_accepted_by_hostkeyalgs(const struct sshkey *key) { const char *ktype = sshkey_ssh_name(key); - const char *hostkeyalgs = options.hostkeyalgorithms != NULL ? - options.hostkeyalgorithms : KEX_DEFAULT_PK_ALG; + const char *hostkeyalgs = options.hostkeyalgorithms; if (key == NULL || key->type == KEY_UNSPEC) return 0; diff --git a/myproposal.h b/myproposal.h index 145704f49..dd2499d66 100644 --- a/myproposal.h +++ b/myproposal.h @@ -1,4 +1,4 @@ -/* $OpenBSD: myproposal.h,v 1.65 2020/01/22 04:58:23 tedu Exp $ */ +/* $OpenBSD: myproposal.h,v 1.66 2020/01/23 02:46:49 dtucker Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. @@ -24,110 +24,47 @@ * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ -#ifdef WITH_OPENSSL -#include <openssl/opensslv.h> -#endif - -/* conditional algorithm support */ - -#ifdef OPENSSL_HAS_ECC -# ifdef OPENSSL_HAS_NISTP521 -# define KEX_ECDH_METHODS \ +#define KEX_SERVER_KEX \ + "curve25519-sha256," \ + "curve25519-sha256@libssh.org," \ "ecdh-sha2-nistp256," \ "ecdh-sha2-nistp384," \ - "ecdh-sha2-nistp521," -# define HOSTKEY_ECDSA_CERT_METHODS \ - "ecdsa-sha2-nistp256-cert-v01@openssh.com," \ - "ecdsa-sha2-nistp384-cert-v01@openssh.com," \ - "ecdsa-sha2-nistp521-cert-v01@openssh.com," \ - "sk-ecdsa-sha2-nistp256-cert-v01@openssh.com," -# define HOSTKEY_ECDSA_METHODS \ - "ecdsa-sha2-nistp256," \ - "ecdsa-sha2-nistp384," \ - "ecdsa-sha2-nistp521," \ - "sk-ecdsa-sha2-nistp256@openssh.com," -# else /* OPENSSL_HAS_NISTP521 */ -# define KEX_ECDH_METHODS \ - "ecdh-sha2-nistp256," \ - "ecdh-sha2-nistp384," -# define HOSTKEY_ECDSA_CERT_METHODS \ - "ecdsa-sha2-nistp256-cert-v01@openssh.com," \ - "ecdsa-sha2-nistp384-cert-v01@openssh.com," \ - "sk-ecdsa-sha2-nistp256-cert-v01@openssh.com," -# define HOSTKEY_ECDSA_METHODS \ - "ecdsa-sha2-nistp256," \ - "ecdsa-sha2-nistp384," \ - "sk-ecdsa-sha2-nistp256@openssh.com," -# endif /* OPENSSL_HAS_NISTP521 */ -#else /* OPENSSL_HAS_ECC */ -# define KEX_ECDH_METHODS -# define HOSTKEY_ECDSA_CERT_METHODS -# define HOSTKEY_ECDSA_METHODS -#endif /* OPENSSL_HAS_ECC */ - -#ifdef OPENSSL_HAVE_EVPGCM -# define AESGCM_CIPHER_MODES \ - ",aes128-gcm@openssh.com,aes256-gcm@openssh.com" -#else -# define AESGCM_CIPHER_MODES -#endif - -#ifdef HAVE_EVP_SHA256 -# define KEX_SHA2_METHODS \ + "ecdh-sha2-nistp521," \ "diffie-hellman-group-exchange-sha256," \ "diffie-hellman-group16-sha512," \ - "diffie-hellman-group18-sha512," -# define KEX_SHA2_GROUP14 \ - "diffie-hellman-group14-sha256," -#define SHA2_HMAC_MODES \ - "hmac-sha2-256," \ - "hmac-sha2-512," -#else -# define KEX_SHA2_METHODS -# define KEX_SHA2_GROUP14 -# define SHA2_HMAC_MODES -#endif - -#ifdef WITH_OPENSSL -# ifdef HAVE_EVP_SHA256 -# define KEX_CURVE25519_METHODS \ - "curve25519-sha256," \ - "curve25519-sha256@libssh.org," -# else -# define KEX_CURVE25519_METHODS "" -# endif -#define KEX_SERVER_KEX \ - KEX_CURVE25519_METHODS \ - KEX_ECDH_METHODS \ - KEX_SHA2_METHODS \ - KEX_SHA2_GROUP14 + "diffie-hellman-group18-sha512," \ + "diffie-hellman-group14-sha256" #define KEX_CLIENT_KEX KEX_SERVER_KEX #define KEX_DEFAULT_PK_ALG \ - HOSTKEY_ECDSA_CERT_METHODS \ + "ecdsa-sha2-nistp256-cert-v01@openssh.com," \ + "ecdsa-sha2-nistp384-cert-v01@openssh.com," \ + "ecdsa-sha2-nistp521-cert-v01@openssh.com," \ + "sk-ecdsa-sha2-nistp256-cert-v01@openssh.com," \ "ssh-ed25519-cert-v01@openssh.com," \ "sk-ssh-ed25519-cert-v01@openssh.com," \ "rsa-sha2-512-cert-v01@openssh.com," \ "rsa-sha2-256-cert-v01@openssh.com," \ "ssh-rsa-cert-v01@openssh.com," \ - HOSTKEY_ECDSA_METHODS \ + "ecdsa-sha2-nistp256," \ + "ecdsa-sha2-nistp384," \ + "ecdsa-sha2-nistp521," \ + "sk-ecdsa-sha2-nistp256@openssh.com," \ "ssh-ed25519," \ "sk-ssh-ed25519@openssh.com," \ "rsa-sha2-512," \ "rsa-sha2-256," \ "ssh-rsa" -/* the actual algorithms */ - -#define KEX_SERVER_ENCRYPT \ +#define KEX_SERVER_ENCRYPT \ "chacha20-poly1305@openssh.com," \ - "aes128-ctr,aes192-ctr,aes256-ctr" \ - AESGCM_CIPHER_MODES + "aes128-ctr,aes192-ctr,aes256-ctr," \ + "aes128-gcm@openssh.com,aes256-gcm@openssh.com" #define KEX_CLIENT_ENCRYPT KEX_SERVER_ENCRYPT -#define KEX_SERVER_MAC \ +#define KEX_SERVER_MAC \ "umac-64-etm@openssh.com," \ "umac-128-etm@openssh.com," \ "hmac-sha2-256-etm@openssh.com," \ @@ -143,44 +80,16 @@ /* Not a KEX value, but here so all the algorithm defaults are together */ #define SSH_ALLOWED_CA_SIGALGS \ - HOSTKEY_ECDSA_METHODS \ + "ecdsa-sha2-nistp256," \ + "ecdsa-sha2-nistp384," \ + "ecdsa-sha2-nistp521," \ + "sk-ecdsa-sha2-nistp256@openssh.com," \ "ssh-ed25519," \ "sk-ssh-ed25519@openssh.com," \ "rsa-sha2-512," \ "rsa-sha2-256," \ "ssh-rsa" -#else /* WITH_OPENSSL */ - -#define KEX_SERVER_KEX \ - "curve25519-sha256," \ - "curve25519-sha256@libssh.org" -#define KEX_DEFAULT_PK_ALG \ - "ssh-ed25519-cert-v01@openssh.com," \ - "ssh-ed25519" -#define KEX_SERVER_ENCRYPT \ - "chacha20-poly1305@openssh.com," \ - "aes128-ctr,aes192-ctr,aes256-ctr" -#define KEX_SERVER_MAC \ - "umac-64-etm@openssh.com," \ - "umac-128-etm@openssh.com," \ - "hmac-sha2-256-etm@openssh.com," \ - "hmac-sha2-512-etm@openssh.com," \ - "hmac-sha1-etm@openssh.com," \ - "umac-64@openssh.com," \ - "umac-128@openssh.com," \ - "hmac-sha2-256," \ - "hmac-sha2-512," \ - "hmac-sha1" - -#define KEX_CLIENT_KEX KEX_SERVER_KEX -#define KEX_CLIENT_ENCRYPT KEX_SERVER_ENCRYPT -#define KEX_CLIENT_MAC KEX_SERVER_MAC - -#define SSH_ALLOWED_CA_SIGALGS "ssh-ed25519,sk-ssh-ed25519@openssh.com" - -#endif /* WITH_OPENSSL */ - #define KEX_DEFAULT_COMP "none,zlib@openssh.com" #define KEX_DEFAULT_LANG "" @@ -207,4 +116,3 @@ KEX_DEFAULT_COMP, \ KEX_DEFAULT_LANG, \ KEX_DEFAULT_LANG - diff --git a/readconf.c b/readconf.c index cb3ae6dc7..ff551c856 100644 --- a/readconf.c +++ b/readconf.c @@ -1,4 +1,4 @@ -/* $OpenBSD: readconf.c,v 1.319 2019/12/21 02:19:13 djm Exp $ */ +/* $OpenBSD: readconf.c,v 1.320 2020/01/23 02:46:49 dtucker Exp $ */ /* * Author: Tatu Ylonen <ylo@cs.hut.fi> * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland @@ -314,6 +314,16 @@ static struct { { NULL, oBadOption } }; +static char *kex_default_pk_alg_filtered; + +const char * +kex_default_pk_alg(void) +{ + if (kex_default_pk_alg_filtered == NULL) + fatal("kex_default_pk_alg not initialized."); + return kex_default_pk_alg_filtered; +} + /* * Adds a local TCP/IP port forward to options. Never returns if there is an * error. @@ -2003,6 +2013,7 @@ void fill_default_options(Options * options) { char *all_cipher, *all_mac, *all_kex, *all_key, *all_sig; + char *def_cipher, *def_mac, *def_kex, *def_key, *def_sig; int r; if (options->forward_agent == -1) @@ -2167,24 +2178,35 @@ fill_default_options(Options * options) all_kex = kex_alg_list(','); all_key = sshkey_alg_list(0, 0, 1, ','); all_sig = sshkey_alg_list(0, 1, 1, ','); + /* remove unsupported algos from default lists */ + def_cipher = match_filter_whitelist(KEX_CLIENT_ENCRYPT, all_cipher); + def_mac = match_filter_whitelist(KEX_CLIENT_MAC, all_mac); + def_kex = match_filter_whitelist(KEX_CLIENT_KEX, all_kex); + def_key = match_filter_whitelist(KEX_DEFAULT_PK_ALG, all_key); + def_sig = match_filter_whitelist(SSH_ALLOWED_CA_SIGALGS, all_sig); #define ASSEMBLE(what, defaults, all) \ do { \ if ((r = kex_assemble_names(&options->what, \ defaults, all)) != 0) \ fatal("%s: %s: %s", __func__, #what, ssh_err(r)); \ } while (0) - ASSEMBLE(ciphers, KEX_CLIENT_ENCRYPT, all_cipher); - ASSEMBLE(macs, KEX_CLIENT_MAC, all_mac); - ASSEMBLE(kex_algorithms, KEX_CLIENT_KEX, all_kex); - ASSEMBLE(hostbased_key_types, KEX_DEFAULT_PK_ALG, all_key); - ASSEMBLE(pubkey_key_types, KEX_DEFAULT_PK_ALG, all_key); - ASSEMBLE(ca_sign_algorithms, SSH_ALLOWED_CA_SIGALGS, all_sig); + ASSEMBLE(ciphers, def_cipher, all_cipher); + ASSEMBLE(macs, def_mac, all_mac); + ASSEMBLE(kex_algorithms, def_kex, all_kex); + ASSEMBLE(hostbased_key_types, def_key, all_key); + ASSEMBLE(pubkey_key_types, def_key, all_key); + ASSEMBLE(ca_sign_algorithms, def_sig, all_sig); #undef ASSEMBLE free(all_cipher); free(all_mac); free(all_kex); free(all_key); free(all_sig); + free(def_cipher); + free(def_mac); + free(def_kex); + kex_default_pk_alg_filtered = def_key; /* save for later use */ + free(def_sig); #define CLEAR_ON_NONE(v) \ do { \ @@ -2634,14 +2656,7 @@ void dump_client_config(Options *o, const char *host) { int i; - char buf[8], *all_key; - - /* This is normally prepared in ssh_kex2 */ - all_key = sshkey_alg_list(0, 0, 1, ','); - if (kex_assemble_names( &o->hostkeyalgorithms, - KEX_DEFAULT_PK_ALG, all_key) != 0) - fatal("%s: kex_assemble_names failed", __func__); - free(all_key); + char buf[8]; /* Most interesting options first: user, host, port */ dump_cfg_string(oUser, o->user); @@ -2698,7 +2713,7 @@ dump_client_config(Options *o, const char *host) /* String options */ dump_cfg_string(oBindAddress, o->bind_address); dump_cfg_string(oBindInterface, o->bind_interface); - dump_cfg_string(oCiphers, o->ciphers ? o->ciphers : KEX_CLIENT_ENCRYPT); + dump_cfg_string(oCiphers, o->ciphers); dump_cfg_string(oControlPath, o->control_path); dump_cfg_string(oHostKeyAlgorithms, o->hostkeyalgorithms); dump_cfg_string(oHostKeyAlias, o->host_key_alias); @@ -2706,12 +2721,12 @@ dump_client_config(Options *o, const char *host) dump_cfg_string(oIdentityAgent, o->identity_agent); dump_cfg_string(oIgnoreUnknown, o->ignored_unknown); dump_cfg_string(oKbdInteractiveDevices, o->kbd_interactive_devices); - dump_cfg_string(oKexAlgorithms, o->kex_algorithms ? o->kex_algorithms : KEX_CLIENT_KEX); - dump_cfg_string(oCASignatureAlgorithms, o->ca_sign_algorithms ? o->ca_sign_algorithms : SSH_ALLOWED_CA_SIGALGS); + dump_cfg_string(oKexAlgorithms, o->kex_algorithms); + dump_cfg_string(oCASignatureAlgorithms, o->ca_sign_algorithms); dump_cfg_string(oLocalCommand, o->local_command); dump_cfg_string(oRemoteCommand, o->remote_command); dump_cfg_string(oLogLevel, log_level_name(o->log_level)); - dump_cfg_string(oMacs, o->macs ? o->macs : KEX_CLIENT_MAC); + dump_cfg_string(oMacs, o->macs); #ifdef ENABLE_PKCS11 dump_cfg_string(oPKCS11Provider, o->pkcs11_provider); #endif diff --git a/readconf.h b/readconf.h index dcecfc54a..feedb3d20 100644 --- a/readconf.h +++ b/readconf.h @@ -1,4 +1,4 @@ -/* $OpenBSD: readconf.h,v 1.131 2019/12/21 02:19:13 djm Exp $ */ +/* $OpenBSD: readconf.h,v 1.132 2020/01/23 02:46:49 dtucker Exp $ */ /* * Author: Tatu Ylonen <ylo@cs.hut.fi> @@ -199,6 +199,7 @@ typedef struct { #define SSH_STRICT_HOSTKEY_YES 2 #define SSH_STRICT_HOSTKEY_ASK 3 +const char *kex_default_pk_alg(void); void initialize_options(Options *); void fill_default_options(Options *); void fill_default_options_for_canonicalization(Options *); diff --git a/servconf.c b/servconf.c index 09e9df8bd..1a4c49907 100644 --- a/servconf.c +++ b/servconf.c @@ -1,5 +1,5 @@ -/* $OpenBSD: servconf.c,v 1.357 2019/12/15 20:59:23 djm Exp $ */ +/* $OpenBSD: servconf.c,v 1.358 2020/01/23 02:46:49 dtucker Exp $ */ /* * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland * All rights reserved @@ -195,6 +195,7 @@ static void assemble_algorithms(ServerOptions *o) { char *all_cipher, *all_mac, *all_kex, *all_key, *all_sig; + char *def_cipher, *def_mac, *def_kex, *def_key, *def_sig; int r; all_cipher = cipher_alg_list(',', 0); @@ -202,24 +203,35 @@ assemble_algorithms(ServerOptions *o) all_kex = kex_alg_list(','); all_key = sshkey_alg_list(0, 0, 1, ','); all_sig = sshkey_alg_list(0, 1, 1, ','); + /* remove unsupported algos from default lists */ + def_cipher = match_filter_whitelist(KEX_SERVER_ENCRYPT, all_cipher); + def_mac = match_filter_whitelist(KEX_SERVER_MAC, all_mac); + def_kex = match_filter_whitelist(KEX_SERVER_KEX, all_kex); + def_key = match_filter_whitelist(KEX_DEFAULT_PK_ALG, all_key); + def_sig = match_filter_whitelist(SSH_ALLOWED_CA_SIGALGS, all_sig); #define ASSEMBLE(what, defaults, all) \ do { \ if ((r = kex_assemble_names(&o->what, defaults, all)) != 0) \ fatal("%s: %s: %s", __func__, #what, ssh_err(r)); \ } while (0) - ASSEMBLE(ciphers, KEX_SERVER_ENCRYPT, all_cipher); - ASSEMBLE(macs, KEX_SERVER_MAC, all_mac); - ASSEMBLE(kex_algorithms, KEX_SERVER_KEX, all_kex); - ASSEMBLE(hostkeyalgorithms, KEX_DEFAULT_PK_ALG, all_key); - ASSEMBLE(hostbased_key_types, KEX_DEFAULT_PK_ALG, all_key); - ASSEMBLE(pubkey_key_types, KEX_DEFAULT_PK_ALG, all_key); - ASSEMBLE(ca_sign_algorithms, SSH_ALLOWED_CA_SIGALGS, all_sig); + ASSEMBLE(ciphers, def_cipher, all_cipher); + ASSEMBLE(macs, def_mac, all_mac); + ASSEMBLE(kex_algorithms, def_kex, all_kex); + ASSEMBLE(hostkeyalgorithms, def_key, all_key); + ASSEMBLE(hostbased_key_types, def_key, all_key); + ASSEMBLE(pubkey_key_types, def_key, all_key); + ASSEMBLE(ca_sign_algorithms, def_sig, all_sig); #undef ASSEMBLE free(all_cipher); free(all_mac); free(all_kex); free(all_key); free(all_sig); + free(def_cipher); + free(def_mac); + free(def_kex); + free(def_key); + free(def_sig); } static void @@ -2660,8 +2672,8 @@ dump_config(ServerOptions *o) /* string arguments */ dump_cfg_string(sPidFile, o->pid_file); dump_cfg_string(sXAuthLocation, o->xauth_location); - dump_cfg_string(sCiphers, o->ciphers ? o->ciphers : KEX_SERVER_ENCRYPT); - dump_cfg_string(sMacs, o->macs ? o->macs : KEX_SERVER_MAC); + dump_cfg_string(sCiphers, o->ciphers); + dump_cfg_string(sMacs, o->macs); dump_cfg_string(sBanner, o->banner); dump_cfg_string(sForceCommand, o->adm_forced_command); dump_cfg_string(sChrootDirectory, o->chroot_directory); @@ -2677,16 +2689,11 @@ dump_config(ServerOptions *o) dump_cfg_string(sAuthorizedPrincipalsCommand, o->authorized_principals_command); dump_cfg_string(sAuthorizedPrincipalsCommandUser, o->authorized_principals_command_user); dump_cfg_string(sHostKeyAgent, o->host_key_agent); - dump_cfg_string(sKexAlgorithms, - o->kex_algorithms ? o->kex_algorithms : KEX_SERVER_KEX); - dump_cfg_string(sCASignatureAlgorithms, o->ca_sign_algorithms ? - o->ca_sign_algorithms : SSH_ALLOWED_CA_SIGALGS); - dump_cfg_string(sHostbasedAcceptedKeyTypes, o->hostbased_key_types ? - o->hostbased_key_types : KEX_DEFAULT_PK_ALG); - dump_cfg_string(sHostKeyAlgorithms, o->hostkeyalgorithms ? - o->hostkeyalgorithms : KEX_DEFAULT_PK_ALG); - dump_cfg_string(sPubkeyAcceptedKeyTypes, o->pubkey_key_types ? - o->pubkey_key_types : KEX_DEFAULT_PK_ALG); + dump_cfg_string(sKexAlgorithms, o->kex_algorithms); + dump_cfg_string(sCASignatureAlgorithms, o->ca_sign_algorithms); + dump_cfg_string(sHostbasedAcceptedKeyTypes, o->hostbased_key_types); + dump_cfg_string(sHostKeyAlgorithms, o->hostkeyalgorithms); + dump_cfg_string(sPubkeyAcceptedKeyTypes, o->pubkey_key_types); dump_cfg_string(sRDomain, o->routing_domain); /* string arguments requiring a lookup */ diff --git a/sshconnect2.c b/sshconnect2.c index 6f9ee42cd..7f52cc55e 100644 --- a/sshconnect2.c +++ b/sshconnect2.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sshconnect2.c,v 1.315 2020/01/21 05:56:27 djm Exp $ */ +/* $OpenBSD: sshconnect2.c,v 1.316 2020/01/23 02:46:49 dtucker Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. * Copyright (c) 2008 Damien Miller. All rights reserved. @@ -119,7 +119,7 @@ order_hostkeyalgs(char *host, struct sockaddr *hostaddr, u_short port) for (i = 0; i < options.num_system_hostfiles; i++) load_hostkeys(hostkeys, hostname, options.system_hostfiles[i]); - oavail = avail = xstrdup(KEX_DEFAULT_PK_ALG); + oavail = avail = xstrdup(kex_default_pk_alg()); maxlen = strlen(avail) + 1; first = xmalloc(maxlen); last = xmalloc(maxlen); @@ -181,14 +181,14 @@ ssh_kex2(struct ssh *ssh, char *host, struct sockaddr *hostaddr, u_short port) if (options.hostkeyalgorithms != NULL) { all_key = sshkey_alg_list(0, 0, 1, ','); if (kex_assemble_names(&options.hostkeyalgorithms, - KEX_DEFAULT_PK_ALG, all_key) != 0) + kex_default_pk_alg(), all_key) != 0) fatal("%s: kex_assemble_namelist", __func__); free(all_key); myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = compat_pkalg_proposal(options.hostkeyalgorithms); } else { /* Enforce default */ - options.hostkeyalgorithms = xstrdup(KEX_DEFAULT_PK_ALG); + options.hostkeyalgorithms = xstrdup(kex_default_pk_alg()); /* Prefer algorithms that we already have keys for */ myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = compat_pkalg_proposal( |