diff options
author | Ludovic Courtès <ludo@gnu.org> | 2014-04-04 22:00:23 +0200 |
---|---|---|
committer | Ludovic Courtès <ludo@gnu.org> | 2014-04-04 22:04:44 +0200 |
commit | 9c333da6f1b465e70767254ab19d9ec27681bb7b (patch) | |
tree | 5214117b798c9009679482d7249d2d2663e95461 /gnu/packages/patches/libssh-CVE-2014-0017.patch | |
parent | bde8c0e6d9c7d943cf09c8fd4bc3201ab8f4799e (diff) |
gnu: guile-ssh: Use libssh 0.5.5 patched for CVE-2014-0017.
* gnu/packages/patches/libssh-CVE-2014-0017.patch: New file.
* gnu-system.am (dist_patch_DATA): Add it.
* gnu/packages/ssh.scm (libssh-0.5): New variable.
(guile-ssh): Use it.
Diffstat (limited to 'gnu/packages/patches/libssh-CVE-2014-0017.patch')
-rw-r--r-- | gnu/packages/patches/libssh-CVE-2014-0017.patch | 89 |
1 files changed, 89 insertions, 0 deletions
diff --git a/gnu/packages/patches/libssh-CVE-2014-0017.patch b/gnu/packages/patches/libssh-CVE-2014-0017.patch new file mode 100644 index 0000000000..94d8cc33d2 --- /dev/null +++ b/gnu/packages/patches/libssh-CVE-2014-0017.patch @@ -0,0 +1,89 @@ +Patch from libssh 0.6, with bind.c hunk adjusted for 0.5.5. + +From e99246246b4061f7e71463f8806b9dcad65affa0 Mon Sep 17 00:00:00 2001 +From: Aris Adamantiadis <aris@0xbadc0de.be> +Date: Wed, 05 Feb 2014 20:24:12 +0000 +Subject: security: fix for vulnerability CVE-2014-0017 + +When accepting a new connection, a forking server based on libssh forks +and the child process handles the request. The RAND_bytes() function of +openssl doesn't reset its state after the fork, but simply adds the +current process id (getpid) to the PRNG state, which is not guaranteed +to be unique. +This can cause several children to end up with same PRNG state which is +a security issue. +--- +diff --git a/include/libssh/wrapper.h b/include/libssh/wrapper.h +index 7374a88..e8ff32c 100644 +--- a/include/libssh/wrapper.h ++++ b/include/libssh/wrapper.h +@@ -70,5 +70,6 @@ int crypt_set_algorithms_server(ssh_session session); + struct ssh_crypto_struct *crypto_new(void); + void crypto_free(struct ssh_crypto_struct *crypto); + ++void ssh_reseed(void); + + #endif /* WRAPPER_H_ */ +diff --git a/src/bind.c b/src/bind.c +index 8d82d0d..03d3403 100644 +--- a/src/bind.c ++++ b/src/bind.c +@@ -375,6 +375,8 @@ int ssh_bind_accept(ssh_bind sshbind, ss + session->dsa_key = dsa; + session->rsa_key = rsa; + ++ /* force PRNG to change state in case we fork after ssh_bind_accept */ ++ ssh_reseed(); + return SSH_OK; + } + +diff --git a/src/libcrypto.c b/src/libcrypto.c +index bb1d96a..d8cc795 100644 +--- a/src/libcrypto.c ++++ b/src/libcrypto.c +@@ -23,6 +23,7 @@ + #include <stdlib.h> + #include <stdio.h> + #include <string.h> ++#include <sys/time.h> + + #include "libssh/priv.h" + #include "libssh/session.h" +@@ -38,6 +39,8 @@ + #include <openssl/rsa.h> + #include <openssl/hmac.h> + #include <openssl/opensslv.h> ++#include <openssl/rand.h> ++ + #ifdef HAVE_OPENSSL_AES_H + #define HAS_AES + #include <openssl/aes.h> +@@ -74,6 +77,12 @@ static int alloc_key(struct ssh_cipher_struct *cipher) { + return 0; + } + ++void ssh_reseed(void){ ++ struct timeval tv; ++ gettimeofday(&tv, NULL); ++ RAND_add(&tv, sizeof(tv), 0.0); ++} ++ + SHACTX sha1_init(void) { + SHACTX c = malloc(sizeof(*c)); + if (c == NULL) { +diff --git a/src/libgcrypt.c b/src/libgcrypt.c +index 899bccd..4617901 100644 +--- a/src/libgcrypt.c ++++ b/src/libgcrypt.c +@@ -45,6 +45,9 @@ static int alloc_key(struct ssh_cipher_struct *cipher) { + return 0; + } + ++void ssh_reseed(void){ ++ } ++ + SHACTX sha1_init(void) { + SHACTX ctx = NULL; + gcry_md_open(&ctx, GCRY_MD_SHA1, 0); +-- +cgit v0.9.1 |