diff options
-rw-r--r-- | CVE-2016-0787.patch | 30 | ||||
-rw-r--r-- | libssh2-1.7.0-openssl11-memleak.patch | 38 | ||||
-rw-r--r-- | libssh2-1.7.0-openssl11.patch | 304 | ||||
-rw-r--r-- | libssh2.spec | 29 |
4 files changed, 10 insertions, 391 deletions
diff --git a/CVE-2016-0787.patch b/CVE-2016-0787.patch deleted file mode 100644 index 8827c5d..0000000 --- a/CVE-2016-0787.patch +++ /dev/null @@ -1,30 +0,0 @@ -From 8a453a7b0f1e667b7369eb73b00843a8decdecc9 Mon Sep 17 00:00:00 2001 -From: Daniel Stenberg <daniel@haxx.se> -Date: Thu, 11 Feb 2016 13:52:20 +0100 -Subject: [PATCH] diffie_hellman_sha1: convert bytes to bits - -As otherwise we get far too small numbers. - -CVE-2016-0787 - -Signed-off-by: Kamil Dudka <kdudka@redhat.com> ---- - src/kex.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/src/kex.c b/src/kex.c -index 6349457..e89b36c 100644 ---- a/src/kex.c -+++ b/src/kex.c -@@ -133,7 +133,7 @@ static int diffie_hellman_sha1(LIBSSH2_SESSION *session, - memset(&exchange_state->req_state, 0, sizeof(packet_require_state_t)); - - /* Generate x and e */ -- _libssh2_bn_rand(exchange_state->x, group_order, 0, -1); -+ _libssh2_bn_rand(exchange_state->x, group_order * 8 - 1, 0, -1); - _libssh2_bn_mod_exp(exchange_state->e, g, exchange_state->x, p, - exchange_state->ctx); - --- -2.7.0 - diff --git a/libssh2-1.7.0-openssl11-memleak.patch b/libssh2-1.7.0-openssl11-memleak.patch deleted file mode 100644 index 94f88c0..0000000 --- a/libssh2-1.7.0-openssl11-memleak.patch +++ /dev/null @@ -1,38 +0,0 @@ -From c43eb3bae2b63affe5b16bfdab028a65cdc055db Mon Sep 17 00:00:00 2001 -From: Kamil Dudka <kdudka@redhat.com> -Date: Thu, 20 Oct 2016 17:22:31 +0200 -Subject: [PATCH] Revert "aes: the init function fails when OpenSSL has AES - support" - -This partially reverts commit f4f2298ef3635acd031cc2ee0e71026cdcda5864 -because it caused the compatibility code to call initialization routines -redundantly, leading to memory leakage with OpenSSL 1.1 and broken curl -test-suite in Fedora: - -88 bytes in 1 blocks are definitely lost in loss record 5 of 8 - at 0x4C2DB8D: malloc (vg_replace_malloc.c:299) - by 0x72C607D: CRYPTO_zalloc (mem.c:100) - by 0x72A2480: EVP_CIPHER_meth_new (cmeth_lib.c:18) - by 0x4E5A550: make_ctr_evp.isra.0 (openssl.c:407) - by 0x4E5A8E8: _libssh2_init_aes_ctr (openssl.c:471) - by 0x4E5BB5A: libssh2_init (global.c:49) ---- - src/openssl.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/src/openssl.c b/src/openssl.c -index a31e2dd..4f63ef9 100644 ---- a/src/openssl.c -+++ b/src/openssl.c -@@ -265,7 +265,7 @@ _libssh2_cipher_crypt(_libssh2_cipher_ctx * ctx, - return ret == 1 ? 0 : 1; - } - --#if LIBSSH2_AES_CTR -+#if LIBSSH2_AES_CTR && !defined(HAVE_EVP_AES_128_CTR) - - #include <openssl/aes.h> - #include <openssl/evp.h> --- -2.7.4 - diff --git a/libssh2-1.7.0-openssl11.patch b/libssh2-1.7.0-openssl11.patch deleted file mode 100644 index bb32c3d..0000000 --- a/libssh2-1.7.0-openssl11.patch +++ /dev/null @@ -1,304 +0,0 @@ -commit 64ebfd8182a9b6e637e65c3059e3798e199274b3 -Author: Taylor Holberton <taylorcholberton@gmail.com> -Date: Mon Sep 5 06:28:51 2016 -0400 - - openssl: add OpenSSL 1.1.0 compatibility - -diff --git a/src/openssl.c b/src/openssl.c -index b0c695d..a31e2dd 100644 ---- a/src/openssl.c -+++ b/src/openssl.c -@@ -66,33 +66,63 @@ _libssh2_rsa_new(libssh2_rsa_ctx ** rsa, - unsigned long e2len, - const unsigned char *coeffdata, unsigned long coefflen) - { -- *rsa = RSA_new(); -+ BIGNUM * e; -+ BIGNUM * n; -+ BIGNUM * d = 0; -+ BIGNUM * p = 0; -+ BIGNUM * q = 0; -+ BIGNUM * dmp1 = 0; -+ BIGNUM * dmq1 = 0; -+ BIGNUM * iqmp = 0; - -- (*rsa)->e = BN_new(); -- BN_bin2bn(edata, elen, (*rsa)->e); -+ e = BN_new(); -+ BN_bin2bn(edata, elen, e); - -- (*rsa)->n = BN_new(); -- BN_bin2bn(ndata, nlen, (*rsa)->n); -+ n = BN_new(); -+ BN_bin2bn(ndata, nlen, n); - - if (ddata) { -- (*rsa)->d = BN_new(); -- BN_bin2bn(ddata, dlen, (*rsa)->d); -+ d = BN_new(); -+ BN_bin2bn(ddata, dlen, d); - -- (*rsa)->p = BN_new(); -- BN_bin2bn(pdata, plen, (*rsa)->p); -+ p = BN_new(); -+ BN_bin2bn(pdata, plen, p); - -- (*rsa)->q = BN_new(); -- BN_bin2bn(qdata, qlen, (*rsa)->q); -+ q = BN_new(); -+ BN_bin2bn(qdata, qlen, q); - -- (*rsa)->dmp1 = BN_new(); -- BN_bin2bn(e1data, e1len, (*rsa)->dmp1); -+ dmp1 = BN_new(); -+ BN_bin2bn(e1data, e1len, dmp1); - -- (*rsa)->dmq1 = BN_new(); -- BN_bin2bn(e2data, e2len, (*rsa)->dmq1); -+ dmq1 = BN_new(); -+ BN_bin2bn(e2data, e2len, dmq1); - -- (*rsa)->iqmp = BN_new(); -- BN_bin2bn(coeffdata, coefflen, (*rsa)->iqmp); -+ iqmp = BN_new(); -+ BN_bin2bn(coeffdata, coefflen, iqmp); - } -+ -+ *rsa = RSA_new(); -+#ifdef HAVE_OPAQUE_STRUCTS -+ RSA_set0_key(*rsa, n, e, d); -+#else -+ (*rsa)->e = e; -+ (*rsa)->n = n; -+#endif -+ -+#ifdef HAVE_OPAQUE_STRUCTS -+ RSA_set0_factors(*rsa, p, q); -+#else -+ (*rsa)->p = p; -+ (*rsa)->q = q; -+#endif -+ -+#ifdef HAVE_OPAQUE_STRUCTS -+ RSA_set0_crt_params(*rsa, dmp1, dmq1, iqmp); -+#else -+ (*rsa)->dmp1 = dmp1; -+ (*rsa)->dmq1 = dmq1; -+ (*rsa)->iqmp = iqmp; -+#endif - return 0; - } - -@@ -125,25 +155,45 @@ _libssh2_dsa_new(libssh2_dsa_ctx ** dsactx, - unsigned long y_len, - const unsigned char *x, unsigned long x_len) - { -- *dsactx = DSA_new(); -+ BIGNUM * p_bn; -+ BIGNUM * q_bn; -+ BIGNUM * g_bn; -+ BIGNUM * pub_key; -+ BIGNUM * priv_key = NULL; - -- (*dsactx)->p = BN_new(); -- BN_bin2bn(p, p_len, (*dsactx)->p); -+ p_bn = BN_new(); -+ BN_bin2bn(p, p_len, p_bn); - -- (*dsactx)->q = BN_new(); -- BN_bin2bn(q, q_len, (*dsactx)->q); -+ q_bn = BN_new(); -+ BN_bin2bn(q, q_len, q_bn); - -- (*dsactx)->g = BN_new(); -- BN_bin2bn(g, g_len, (*dsactx)->g); -+ g_bn = BN_new(); -+ BN_bin2bn(g, g_len, g_bn); - -- (*dsactx)->pub_key = BN_new(); -- BN_bin2bn(y, y_len, (*dsactx)->pub_key); -+ pub_key = BN_new(); -+ BN_bin2bn(y, y_len, pub_key); - - if (x_len) { -- (*dsactx)->priv_key = BN_new(); -- BN_bin2bn(x, x_len, (*dsactx)->priv_key); -+ priv_key = BN_new(); -+ BN_bin2bn(x, x_len, priv_key); - } - -+ *dsactx = DSA_new(); -+ -+#ifdef HAVE_OPAQUE_STRUCTS -+ DSA_set0_pqg(*dsactx, p_bn, q_bn, g_bn); -+#else -+ (*dsactx)->p = p_bn; -+ (*dsactx)->g = g_bn; -+ (*dsactx)->q = q_bn; -+#endif -+ -+#ifdef HAVE_OPAQUE_STRUCTS -+ DSA_set0_key(*dsactx, pub_key, priv_key); -+#else -+ (*dsactx)->pub_key = pub_key; -+ (*dsactx)->priv_key = priv_key; -+#endif - return 0; - } - -@@ -153,20 +203,28 @@ _libssh2_dsa_sha1_verify(libssh2_dsa_ctx * dsactx, - const unsigned char *m, unsigned long m_len) - { - unsigned char hash[SHA_DIGEST_LENGTH]; -- DSA_SIG dsasig; -+ DSA_SIG * dsasig; -+ BIGNUM * r; -+ BIGNUM * s; - int ret = -1; - -- dsasig.r = BN_new(); -- BN_bin2bn(sig, 20, dsasig.r); -- dsasig.s = BN_new(); -- BN_bin2bn(sig + 20, 20, dsasig.s); -+ r = BN_new(); -+ BN_bin2bn(sig, 20, r); -+ s = BN_new(); -+ BN_bin2bn(sig + 20, 20, s); - -+ dsasig = DSA_SIG_new(); -+#ifdef HAVE_OPAQUE_STRUCTS -+ DSA_SIG_set0(dsasig, r, s); -+#else -+ dsasig->r = r; -+ dsasig->s = s; -+#endif - if (!_libssh2_sha1(m, m_len, hash)) - /* _libssh2_sha1() succeeded */ -- ret = DSA_do_verify(hash, SHA_DIGEST_LENGTH, &dsasig, dsactx); -+ ret = DSA_do_verify(hash, SHA_DIGEST_LENGTH, dsasig, dsactx); - -- BN_clear_free(dsasig.s); -- BN_clear_free(dsasig.r); -+ DSA_SIG_free(dsasig); - - return (ret == 1) ? 0 : -1; - } -@@ -586,6 +644,8 @@ _libssh2_dsa_sha1_sign(libssh2_dsa_ctx * dsactx, - unsigned long hash_len, unsigned char *signature) - { - DSA_SIG *sig; -+ const BIGNUM * r; -+ const BIGNUM * s; - int r_len, s_len; - (void) hash_len; - -@@ -594,12 +654,18 @@ _libssh2_dsa_sha1_sign(libssh2_dsa_ctx * dsactx, - return -1; - } - -- r_len = BN_num_bytes(sig->r); -+#ifdef HAVE_OPAQUE_STRUCTS -+ DSA_SIG_get0(sig, &r, &s); -+#else -+ r = sig->r; -+ s = sig->s; -+#endif -+ r_len = BN_num_bytes(r); - if (r_len < 1 || r_len > 20) { - DSA_SIG_free(sig); - return -1; - } -- s_len = BN_num_bytes(sig->s); -+ s_len = BN_num_bytes(s); - if (s_len < 1 || s_len > 20) { - DSA_SIG_free(sig); - return -1; -@@ -607,8 +673,8 @@ _libssh2_dsa_sha1_sign(libssh2_dsa_ctx * dsactx, - - memset(signature, 0, 40); - -- BN_bn2bin(sig->r, signature + (20 - r_len)); -- BN_bn2bin(sig->s, signature + 20 + (20 - s_len)); -+ BN_bn2bin(r, signature + (20 - r_len)); -+ BN_bn2bin(s, signature + 20 + (20 - s_len)); - - DSA_SIG_free(sig); - -@@ -768,9 +834,16 @@ gen_publickey_from_rsa(LIBSSH2_SESSION *session, RSA *rsa, - unsigned long len; - unsigned char* key; - unsigned char* p; -- -- e_bytes = BN_num_bytes(rsa->e) + 1; -- n_bytes = BN_num_bytes(rsa->n) + 1; -+ const BIGNUM * e; -+ const BIGNUM * n; -+#ifdef HAVE_OPAQUE_STRUCTS -+ RSA_get0_key(rsa, &n, &e, NULL); -+#else -+ e = rsa->e; -+ n = rsa->n; -+#endif -+ e_bytes = BN_num_bytes(e) + 1; -+ n_bytes = BN_num_bytes(n) + 1; - - /* Key form is "ssh-rsa" + e + n. */ - len = 4 + 7 + 4 + e_bytes + 4 + n_bytes; -@@ -788,8 +861,8 @@ gen_publickey_from_rsa(LIBSSH2_SESSION *session, RSA *rsa, - memcpy(p, "ssh-rsa", 7); - p += 7; - -- p = write_bn(p, rsa->e, e_bytes); -- p = write_bn(p, rsa->n, n_bytes); -+ p = write_bn(p, e, e_bytes); -+ p = write_bn(p, n, n_bytes); - - *key_len = (size_t)(p - key); - return key; -@@ -805,10 +878,27 @@ gen_publickey_from_dsa(LIBSSH2_SESSION* session, DSA *dsa, - unsigned char* key; - unsigned char* p; - -- p_bytes = BN_num_bytes(dsa->p) + 1; -- q_bytes = BN_num_bytes(dsa->q) + 1; -- g_bytes = BN_num_bytes(dsa->g) + 1; -- k_bytes = BN_num_bytes(dsa->pub_key) + 1; -+ const BIGNUM * p_bn; -+ const BIGNUM * q; -+ const BIGNUM * g; -+ const BIGNUM * pub_key; -+#ifdef HAVE_OPAQUE_STRUCTS -+ DSA_get0_pqg(dsa, &p_bn, &q, &g); -+#else -+ p_bn = dsa->p; -+ q = dsa->q; -+ g = dsa->g; -+#endif -+ -+#ifdef HAVE_OPAQUE_STRUCTS -+ DSA_get0_key(dsa, &pub_key, NULL); -+#else -+ pub_key = dsa->pub_key; -+#endif -+ p_bytes = BN_num_bytes(p_bn) + 1; -+ q_bytes = BN_num_bytes(q) + 1; -+ g_bytes = BN_num_bytes(g) + 1; -+ k_bytes = BN_num_bytes(pub_key) + 1; - - /* Key form is "ssh-dss" + p + q + g + pub_key. */ - len = 4 + 7 + 4 + p_bytes + 4 + q_bytes + 4 + g_bytes + 4 + k_bytes; -@@ -826,10 +916,10 @@ gen_publickey_from_dsa(LIBSSH2_SESSION* session, DSA *dsa, - memcpy(p, "ssh-dss", 7); - p += 7; - -- p = write_bn(p, dsa->p, p_bytes); -- p = write_bn(p, dsa->q, q_bytes); -- p = write_bn(p, dsa->g, g_bytes); -- p = write_bn(p, dsa->pub_key, k_bytes); -+ p = write_bn(p, p_bn, p_bytes); -+ p = write_bn(p, q, q_bytes); -+ p = write_bn(p, g, g_bytes); -+ p = write_bn(p, pub_key, k_bytes); - - *key_len = (size_t)(p - key); - return key; diff --git a/libssh2.spec b/libssh2.spec index 4c1514a..dcb51ae 100644 --- a/libssh2.spec +++ b/libssh2.spec @@ -11,16 +11,13 @@ %{!?__isa_bits: %global __isa_bits %((echo '#include <bits/wordsize.h>'; echo __WORDSIZE) | cpp - | grep -Ex '32|64')} Name: libssh2 -Version: 1.7.0 -Release: 7%{?dist} +Version: 1.8.0 +Release: 1%{?dist} Summary: A library implementing the SSH2 protocol Group: System Environment/Libraries License: BSD URL: http://www.libssh2.org/ Source0: http://libssh2.org/download/libssh2-%{version}.tar.gz -Patch2: CVE-2016-0787.patch -Patch3: libssh2-1.7.0-openssl11.patch -Patch4: libssh2-1.7.0-openssl11-memleak.patch BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(id -nu) BuildRequires: coreutils @@ -77,15 +74,6 @@ developing applications that use libssh2. # between 32-bit and 64-bit builds running on a single build-host sed -i s/4711/47%{?__isa_bits}/ tests/ssh2.{c,sh} -# diffie_hellman_sha1: Convert bytes to bits (additional fix for CVE-2016-0787) -%patch2 -p1 - -# Build with OpenSSL 1.1.0 from upstream git -%patch3 -p1 - -# make curl test-suite work again with valgrind enabled -%patch4 -p1 - # Make sshd transition appropriately if building in an SELinux environment %if !(0%{?fedora} >= 17 || 0%{?rhel} >= 7) chcon $(/usr/sbin/matchpathcon -n /etc/rc.d/init.d/sshd) tests/ssh2.sh || : @@ -97,9 +85,6 @@ chcon $(/usr/sbin/matchpathcon -n /etc/ssh/ssh_host_key) tests/etc/{host,user} | %configure --disable-silent-rules --disable-static --enable-shared make %{?_smp_mflags} -# Avoid polluting libssh2.pc with linker options (#947813) -sed -i -e 's|[[:space:]]-Wl,[^[:space:]]*||' libssh2.pc - %install rm -rf %{buildroot} make install DESTDIR=%{buildroot} INSTALL="install -p" @@ -160,11 +145,17 @@ rm -rf %{buildroot} %{_libdir}/pkgconfig/libssh2.pc %changelog +* Tue Oct 25 2016 Paul Howarth <paul@city-fan.org> - 1.8.0-1 +- Update to 1.8.0 + - Added a basic dockerised test suite + - crypto: Add support for the mbedTLS backend + - See RELEASE-NOTES for details of bug fixes + * Thu Oct 20 2016 Kamil Dudka <kdudka@redhat.com> - 1.7.0-7 -- make curl test-suite work again with valgrind enabled +- Make curl test-suite work again with valgrind enabled * Tue Oct 11 2016 Tomáš Mráz <tmraz@redhat.com> - 1.7.0-6 -- rebuild with OpenSSL 1.1.0 +- Rebuild with OpenSSL 1.1.0 * Sun Mar 6 2016 Paul Howarth <paul@city-fan.org> - 1.7.0-5 - Revert parts of previous change that broke EL-5 compatibility |