Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package openssh for openSUSE:Factory checked in at 2024-09-26 18:52:30 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/openssh (Old) and /work/SRC/openSUSE:Factory/.openssh.new.29891 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "openssh" Thu Sep 26 18:52:30 2024 rev:185 rq:1203550 version:9.9p1 Changes: -------- --- /work/SRC/openSUSE:Factory/openssh/openssh-askpass-gnome.changes 2024-08-29 15:43:26.885433583 +0200 +++ /work/SRC/openSUSE:Factory/.openssh.new.29891/openssh-askpass-gnome.changes 2024-09-26 18:52:31.339180682 +0200 @@ -1,0 +2,7 @@ +Mon Sep 23 06:16:59 UTC 2024 - Antonio Larrosa <alarr...@suse.com> + +- Update to openssh 9.9p1: + * No changes for askpass, see main package changelog for + details. + +------------------------------------------------------------------- --- /work/SRC/openSUSE:Factory/openssh/openssh.changes 2024-09-13 14:26:34.276425357 +0200 +++ /work/SRC/openSUSE:Factory/.openssh.new.29891/openssh.changes 2024-09-26 18:52:31.359181511 +0200 @@ -1,0 +2,154 @@ +Wed Sep 25 10:45:17 UTC 2024 - Antonio Larrosa <alarr...@suse.com> + +- Add a const to the openssl 1.1/RSA section of sshkey_is_private + to keep it similar to what it used before the 9.9 rebase: + * openssh-8.1p1-audit.patch +- Add a openssl11 bcond to the spec file for the SLE12 case + instead of checking suse_version in different parts. +- Move conditional patches to a number >= 1000. + +------------------------------------------------------------------- +Mon Sep 23 06:16:59 UTC 2024 - Antonio Larrosa <alarr...@suse.com> + +- Update to openssh 9.9p1: + = Future deprecation notice + * OpenSSH plans to remove support for the DSA signature algorithm + in early 2025. This release disables DSA by default at compile + time. DSA, as specified in the SSHv2 protocol, is inherently + weak - being limited to a 160 bit private key and use of the + SHA1 digest. Its estimated security level is only 80 bits + symmetric equivalent. + OpenSSH has disabled DSA keys by default since 2015 but has + retained run-time optional support for them. DSA was the only + mandatory-to-implement algorithm in the SSHv2 RFCs, mostly + because alternative algorithms were encumbered by patents when + the SSHv2 protocol was specified. + This has not been the case for decades at this point and better + algorithms are well supported by all actively-maintained SSH + implementations. We do not consider the costs of maintaining + DSA in OpenSSH to be justified and hope that removing it from + OpenSSH can accelerate its wider deprecation in supporting + cryptography libraries. + + = Potentially-incompatible changes + * ssh(1): remove support for pre-authentication compression. + OpenSSH has only supported post-authentication compression in + the server for some years. Compression before authentication + significantly increases the attack surface of SSH servers and + risks creating oracles that reveal information about + information sent during authentication. + * ssh(1), sshd(8): processing of the arguments to the "Match" + configuration directive now follows more shell-like rules for + quoted strings, including allowing nested quotes and \-escaped + characters. If configurations contained workarounds for the + previous simplistic quote handling then they may need to be + adjusted. If this is the case, it's most likely to be in the + arguments to a "Match exec" confition. In this case, moving the + command to be evaluated from the Match line to an external + shell script is easiest way to preserve compatibility with both + the old and new versions. + + = New features + * ssh(1), sshd(8): add support for a new hybrid post-quantum key + exchange based on the FIPS 203 Module-Lattice Key Enapsulation + mechanism (ML-KEM) combined with X25519 ECDH as described by + https://datatracker.ietf.org/doc/html/draft-kampanakis-curdle-ssh-pq-ke-03 + This algorithm "mlkem768x25519-sha256" is available by default. + * ssh(1): the ssh_config "Include" directive can now expand + environment as well as the same set of %-tokens "Match Exec" + supports. + * sshd(8): add a sshd_config "RefuseConnection" option that, if + set will terminate the connection at the first authentication + request. + * sshd(8): add a "refuseconnection" penalty class to sshd_config + PerSourcePenalties that is applied when a connection is dropped + by the new RefuseConnection keyword. + * sshd(8): add a "Match invalid-user" predicate to sshd_config + Match options that matches when the target username is not + valid on the server. + * ssh(1), sshd(8): update the Streamlined NTRUPrime code to a + substantially faster implementation. + * ssh(1), sshd(8): the hybrid Streamlined NTRUPrime/X25519 key + exchange algorithm now has an IANA-assigned name in addition to + the "@openssh.com" vendor extension name. This algorithm is now + also available under this name "sntrup761x25519-sha512" + * ssh(1), sshd(8), ssh-agent(1): prevent private keys from being + included in core dump files for most of their lifespans. This + is in addition to pre-existing controls in ssh-agent(1) and + sshd(8) that prevented coredumps. This feature is supported on + OpenBSD, Linux and FreeBSD. + * All: convert key handling to use the libcrypto EVP_PKEY API, + with the exception of DSA. + * sshd(8): add a random amount of jitter (up to 4 seconds) to the + grace login time to make its expiry unpredictable. + + = Bugfixes + * sshd(8): relax absolute path requirement back to what it was + prior to OpenSSH 9.8, which incorrectly required that sshd was + started with an absolute path in inetd mode. bz3717 + * sshd(8): fix regression introduced in openssh-9.8 that swapped + the order of source and destination addresses in some sshd log + messages. + * sshd(8): do not apply authorized_keys options when signature + verification fails. Prevents more restrictive key options being + incorrectly applied to subsequent keys in authorized_keys. + bz3733 + * ssh-keygen(1): include pathname in some of ssh-keygen's + passphrase prompts. Helps the user know what's going on when + ssh-keygen is invoked via other tools. Requested in GHPR503 + * ssh(1), ssh-add(1): make parsing user@host consistently look + for the last '@' in the string rather than the first. This + makes it possible to more consistently use usernames that + contain '@' characters. + * ssh(1), sshd(8): be more strict in parsing key type names. Only + allow short names (e.g "rsa") in user-interface code and + require full SSH protocol names (e.g. "ssh-rsa") everywhere + else. bz3725 + * regress: many performance and correctness improvements to the + re-keying regression test. + * ssh-keygen(1): clarify that ed25519 is the default key type + generated and clarify that rsa-sha2-512 is the default + signature scheme when RSA is in use. GHPR505 + * sshd(8): fix minor memory leak in Subsystem option parsing; + GHPR515 + * All: additional hardening and consistency checks for the sshbuf + code. + * sshd(8): reduce default logingrace penalty to ensure that a + single forgotton login that times out will be below the penalty + threshold. + * ssh(1): fix proxy multiplexing (-O proxy) bug. If a mux started + with ControlPersist then later has a forwarding added using mux + proxy connection and the forwarding was used, then when the mux + proxy session terminated, the mux master process would issue a + bad message that terminated the connection. + + = Portability + * sync contrib/ssh-copy-id to the latest upstream version. + * regress: improve portablility for some awk(1) usage + (e.g. Solaris) + * In the contrib/redhat RPM spec file, without_openssl was + previously incorrectly enabled unconditionally. + * sshd(8) restore audit call before exit that regressed in + openssh-9.8. Fixes an issue where the SSH_CONNECTION_ABANDON + event was not recorded. + * sshd(8): add support for class-imposed loging restrictions on + FreeBSD. Allowing auth_hostok(3) and auth_timeok(3) to control + logins. + * Build fixes for Musl libc. + * Fix detection of setres*id on GNU/Hurd + +- Drop patches that were already merged by upstream: + * fix-memleak-in-process_server_config_line_depth.patch + * fix-audit-fail-attempt.patch +- Rebase patch with significant changes: + * openssh-8.1p1-audit.patch +- Rebase patches with context or trivial changes: + * openssh-7.7p1-fips.patch + * openssh-8.0p1-gssapi-keyex.patch + * openssh-9.6p1-crypto-policies-man.patch + * openssh-mitigate-lingering-secrets.patch +- Several spec file fixes so the package builds and can be + installed in SLE 15 SP5 and SLE 12 SP5 +- Use gcc11 when building in SLE12 and SLE15. + +------------------------------------------------------------------- Old: ---- fix-audit-fail-attempt.patch fix-memleak-in-process_server_config_line_depth.patch openssh-9.8p1.tar.gz openssh-9.8p1.tar.gz.asc New: ---- openssh-9.9p1.tar.gz openssh-9.9p1.tar.gz.asc BETA DEBUG BEGIN: Old:/work/SRC/openSUSE:Factory/.openssh.new.29891/openssh.changes- * fix-memleak-in-process_server_config_line_depth.patch /work/SRC/openSUSE:Factory/.openssh.new.29891/openssh.changes: * fix-audit-fail-attempt.patch /work/SRC/openSUSE:Factory/.openssh.new.29891/openssh.changes-- Rebase patch with significant changes: Old:/work/SRC/openSUSE:Factory/.openssh.new.29891/openssh.changes-- Drop patches that were already merged by upstream: /work/SRC/openSUSE:Factory/.openssh.new.29891/openssh.changes: * fix-memleak-in-process_server_config_line_depth.patch /work/SRC/openSUSE:Factory/.openssh.new.29891/openssh.changes- * fix-audit-fail-attempt.patch BETA DEBUG END: ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ openssh-askpass-gnome.spec ++++++ --- /var/tmp/diff_new_pack.THP8NG/_old 2024-09-26 18:52:37.607440657 +0200 +++ /var/tmp/diff_new_pack.THP8NG/_new 2024-09-26 18:52:37.607440657 +0200 @@ -18,7 +18,7 @@ %define _name openssh Name: openssh-askpass-gnome -Version: 9.8p1 +Version: 9.9p1 Release: 0 Summary: A GNOME-Based Passphrase Dialog for OpenSSH License: BSD-2-Clause ++++++ openssh.spec ++++++ --- /var/tmp/diff_new_pack.THP8NG/_old 2024-09-26 18:52:37.639441984 +0200 +++ /var/tmp/diff_new_pack.THP8NG/_new 2024-09-26 18:52:37.643442150 +0200 @@ -34,12 +34,24 @@ %bcond_without allow_root_password_login_by_default %endif +%if 0%{?suse_version} >= 1550 || 0%{?sle_version} >= 150600 +%bcond_without crypto_policies +%else +%bcond_with crypto_policies +%endif + +%if 0%{?suse_version} < 1500 +%bcond_without openssl11 +%else +%bcond_with openssl11 +%endif + #Compat macro for new _fillupdir macro introduced in Nov 2017 %if ! %{defined _fillupdir} %define _fillupdir %{_localstatedir}/adm/fillup-templates %endif Name: openssh -Version: 9.8p1 +Version: 9.9p1 Release: 0 Summary: Secure Shell Client and Server (Remote Login Program) License: BSD-2-Clause AND MIT @@ -126,20 +138,22 @@ Patch104: openssh-6.6p1-keycat.patch Patch105: openssh-6.6.1p1-selinux-contexts.patch Patch106: openssh-7.6p1-cleanup-selinux.patch -# PATCH-FIX-OPENSUSE bsc#1211301 Add crypto-policies support -Patch107: openssh-9.6p1-crypto-policies.patch -Patch108: openssh-9.6p1-crypto-policies-man.patch -Patch109: fix-memleak-in-process_server_config_line_depth.patch -# PATCH-FIX-UPSTREAM alarr...@suse.com -- https://github.com/openssh/openssh-portable/pull/516 -Patch110: fix-audit-fail-attempt.patch +# 200 - 300 -- Patches submitted to upstream # PATCH-FIX-UPSTREAM -- https://github.com/openssh/openssh-portable/pull/452 boo#1229010 -Patch111: 0001-auth-pam-Immediately-report-instructions-to-clients-and-fix-handling-in-ssh-client.patch +Patch200: 0001-auth-pam-Immediately-report-instructions-to-clients-and-fix-handling-in-ssh-client.patch +# 1000 - 2000 -- Conditional patches +# PATCH-FIX-OPENSUSE bsc#1211301 Add crypto-policies support +%if 0%{with crypto_policies} +Patch1000: openssh-9.6p1-crypto-policies.patch +Patch1001: openssh-9.6p1-crypto-policies-man.patch +%endif %if 0%{with allow_root_password_login_by_default} -Patch1000: openssh-7.7p1-allow_root_password_login.patch +# PATCH-FIX-SLE Allow root login with password by default (for SLE12 and SLE15) +Patch1002: openssh-7.7p1-allow_root_password_login.patch %endif BuildRequires: audit-devel BuildRequires: automake -%if 0%{?sle_version} >= 150500 +%if 0%{?suse_version} <= 1600 BuildRequires: gcc11 %endif BuildRequires: groff @@ -148,7 +162,12 @@ %if %{with ldap} BuildRequires: openldap2-devel %endif +%if 0%{with openssl11} +BuildRequires: libopenssl-1_1-devel +BuildRequires: openssl-1_1 +%else BuildRequires: openssl-devel +%endif BuildRequires: pam-devel BuildRequires: pkgconfig BuildRequires: zlib-devel @@ -158,7 +177,7 @@ BuildRequires: sysuser-tools Requires: %{name}-clients = %{version}-%{release} Requires: %{name}-server = %{version}-%{release} -%if 0%{?suse_version} >= 1550 +%if 0%{?suse_version} >= 1550 || 0%{?suse_version} < 1500 BuildRequires: pkgconfig(krb5) %else BuildRequires: krb5-mini-devel @@ -204,7 +223,9 @@ Summary: SSH (Secure Shell) server Group: Productivity/Networking/SSH Requires: %{name}-common = %{version}-%{release} +%if 0%{with crypto_policies} Requires: crypto-policies >= 20220824 +%endif Recommends: audit Requires(pre): findutils Requires(pre): grep @@ -260,7 +281,9 @@ %package clients Summary: SSH (Secure Shell) client applications Group: Productivity/Networking/SSH +%if 0%{with crypto_policies} Requires: crypto-policies >= 20220824 +%endif Requires: %{name}-common = %{version}-%{release} Provides: openssh:%{_bindir}/ssh @@ -329,7 +352,7 @@ ) %build -%if 0%{?sle_version} >= 150500 +%if 0%{?suse_version} <= 1600 export CC=gcc-11 %endif autoreconf -fiv @@ -426,12 +449,14 @@ %endif %endif +%if 0%{with crypto_policies} install -m 644 ssh_config_suse %{buildroot}%{_sysconfdir}/ssh/ssh_config.d/50-suse.conf %if %{defined _distconfdir} install -m 644 sshd_config_suse_cp %{buildroot}%{_distconfdir}/ssh/sshd_config.d/40-suse-crypto-policies.conf %else install -m 644 sshd_config_suse_cp %{buildroot}%{_sysconfdir}/ssh/sshd_config.d/40-suse-crypto-policies.conf %endif +%endif %if 0%{?suse_version} < 1550 # install firewall definitions @@ -457,13 +482,19 @@ # # this shows up earlier because otherwise the %%expand of # the macro is too late. +%if 0%{with openssl11} +%define opensslbin openssl-1_1 +%else +%define opensslbin openssl +%endif + %{expand:%%global __os_install_post {%__os_install_post for b in \ %{_bindir}/ssh \ %{_sbindir}/sshd \ %{_libexecdir}/ssh/sftp-server \ ; do - openssl dgst -sha256 -binary -hmac %{CHECKSUM_HMAC_KEY} < %{buildroot}$b > %{buildroot}$b%{CHECKSUM_SUFFIX} + %{opensslbin} dgst -sha256 -binary -hmac %{CHECKSUM_HMAC_KEY} < %{buildroot}$b > %{buildroot}$b%{CHECKSUM_SUFFIX} done }} @@ -481,6 +512,7 @@ %{fillup_only -n ssh} %service_add_post sshd.service sshd.socket +%if 0%{with crypto_policies} %if ! %{defined _distconfdir} test -f /etc/ssh/sshd_config && (grep -q "^Include /etc/ssh/sshd_config\.d/\*\.conf" /etc/ssh/sshd_config || ( \ echo "WARNING: /etc/ssh/sshd_config doesn't include config files from" @@ -489,6 +521,7 @@ echo "/etc/ssh/sshd_config :" echo "Include /etc/ssh/sshd_config.d/*.conf" ) ) ||: %endif +%endif %preun server %service_del_preun sshd.service sshd.socket @@ -503,6 +536,7 @@ %service_del_postun sshd.service sshd.socket fi +%if 0%{with crypto_policies} %if ! %{defined _distconfdir} %post server-config-disallow-rootlogin test -f /etc/ssh/sshd_config && (grep -q "^Include /etc/ssh/sshd_config\.d/\*\.conf" /etc/ssh/sshd_config || ( \ @@ -512,6 +546,7 @@ echo "the following line is added at the start of /etc/ssh/sshd_config :" echo "Include /etc/ssh/sshd_config.d/*.conf" ) ) ||: %endif +%endif %if %{defined _distconfdir} %posttrans server @@ -526,6 +561,7 @@ test -f /etc/ssh/ssh_config.rpmsave && mv -v /etc/ssh/ssh_config.rpmsave /etc/ssh/ssh_config.rpmsave.old ||: %endif +%if 0%{with crypto_policies} %if ! %{defined _distconfdir} %post clients test -f /etc/ssh/ssh_config && (grep -q "^Include /etc/ssh/ssh_config\.d/\*\.conf" /etc/ssh/ssh_config || ( \ @@ -535,6 +571,7 @@ echo "/etc/ssh/ssh_config :" echo "Include /etc/ssh/ssh_config.d/*.conf" ) ) ||: %endif +%endif %if %{defined _distconfdir} %posttrans clients @@ -582,11 +619,13 @@ %attr(0640,root,root) %config(noreplace) %{_sysconfdir}/ssh/sshd_config %attr(0644,root,root) %config(noreplace) %{_sysconfdir}/pam.d/sshd %endif +%if 0%{with crypto_policies} %if %{defined _distconfdir} %attr(0600,root,root) %config(noreplace) %{_distconfdir}/ssh/sshd_config.d/40-suse-crypto-policies.conf %else %attr(0600,root,root) %config(noreplace) %{_sysconfdir}/ssh/sshd_config.d/40-suse-crypto-policies.conf %endif +%endif %attr(0644,root,root) %{_unitdir}/sshd.service %attr(0644,root,root) %{_unitdir}/sshd@.service %attr(0644,root,root) %{_unitdir}/sshd.socket @@ -624,8 +663,10 @@ %endif %files clients +%if 0%{with crypto_policies} %dir %attr(0755,root,root) %{_sysconfdir}/ssh/ssh_config.d %attr(0644,root,root) %config(noreplace) %{_sysconfdir}/ssh/ssh_config.d/50-suse.conf +%endif %if %{defined _distconfdir} %attr(0644,root,root) %{_distconfdir}/ssh/ssh_config %else ++++++ openssh-7.7p1-fips.patch ++++++ --- /var/tmp/diff_new_pack.THP8NG/_old 2024-09-26 18:52:37.747446463 +0200 +++ /var/tmp/diff_new_pack.THP8NG/_new 2024-09-26 18:52:37.751446629 +0200 @@ -754,7 +754,7 @@ @@ -3794,6 +3815,15 @@ main(int argc, char **argv) key_type_name = DEFAULT_KEY_TYPE_NAME; - type = sshkey_type_from_name(key_type_name); + type = sshkey_type_from_shortname(key_type_name); + + /* protocol v1 is not allowed in FIPS mode, DSA is not acceptable because + * it has to be 1024 bit due to RFC 4253 using SHA-1 which implies 1024 bit ++++++ openssh-8.0p1-gssapi-keyex.patch ++++++ --- /var/tmp/diff_new_pack.THP8NG/_old 2024-09-26 18:52:37.859451109 +0200 +++ /var/tmp/diff_new_pack.THP8NG/_new 2024-09-26 18:52:37.891452436 +0200 @@ -5,7 +5,7 @@ @@ -109,6 +109,7 @@ LIBSSH_OBJS=${LIBOPENSSH_OBJS} \ kex.o kex-names.o kexdh.o kexgex.o kexecdh.o kexc25519.o \ kexgexc.o kexgexs.o \ - kexsntrup761x25519.o sntrup761.o kexgen.o \ + kexsntrup761x25519.o kexmlkem768x25519.o sntrup761.o kexgen.o \ + kexgssc.o \ sftp-realpath.o platform-pledge.o platform-tracing.o platform-misc.o \ sshbuf-io.o @@ -1293,9 +1293,9 @@ --- a/kex.h +++ b/kex.h @@ -102,6 +102,15 @@ enum kex_exchange { - KEX_ECDH_SHA2, KEX_C25519_SHA256, KEX_KEM_SNTRUP761X25519_SHA512, + KEX_KEM_MLKEM768X25519_SHA256, +#ifdef GSSAPI + KEX_GSS_GRP1_SHA1, + KEX_GSS_GRP14_SHA1, @@ -3488,7 +3488,7 @@ free(hkalgs); -@@ -224,14 +256,44 @@ ssh_kex2(struct ssh *ssh, char *host, struct sockaddr *hostaddr, u_short port) +@@ -224,15 +256,45 @@ ssh_kex2(struct ssh *ssh, char *host, struct sockaddr *hostaddr, u_short port) # ifdef OPENSSL_HAS_ECC ssh->kex->kex[KEX_ECDH_SHA2] = kex_gen_client; # endif @@ -3507,6 +3507,7 @@ +#endif /* WITH_OPENSSL */ ssh->kex->kex[KEX_C25519_SHA256] = kex_gen_client; ssh->kex->kex[KEX_KEM_SNTRUP761X25519_SHA512] = kex_gen_client; + ssh->kex->kex[KEX_KEM_MLKEM768X25519_SHA256] = kex_gen_client; ssh->kex->verify_host_key=&verify_host_key_callback; +#if defined(GSSAPI) && defined(WITH_OPENSSL) @@ -3758,7 +3759,7 @@ +#endif /* WITH_OPENSSL */ kex->kex[KEX_C25519_SHA256] = kex_gen_server; kex->kex[KEX_KEM_SNTRUP761X25519_SHA512] = kex_gen_server; - kex->load_host_public_key=&get_hostkey_public_by_type; + kex->kex[KEX_KEM_MLKEM768X25519_SHA256] = kex_gen_server; diff --git a/sshd_config b/sshd_config index 19b7c91a..2c48105f 100644 --- a/sshd_config ++++++ openssh-8.1p1-audit.patch ++++++ --- /var/tmp/diff_new_pack.THP8NG/_old 2024-09-26 18:52:38.043458741 +0200 +++ /var/tmp/diff_new_pack.THP8NG/_new 2024-09-26 18:52:38.063459570 +0200 @@ -3,7 +3,7 @@ --- openssh-8.9p1.orig/Makefile.in +++ openssh-8.9p1/Makefile.in @@ -116,7 +116,7 @@ LIBSSH_OBJS=${LIBOPENSSH_OBJS} \ - kexsntrup761x25519.o sntrup761.o kexgen.o \ + kexsntrup761x25519.o kexmlkem768x25519.o sntrup761.o kexgen.o \ kexgssc.o \ sftp-realpath.o platform-pledge.o platform-tracing.o platform-misc.o \ - sshbuf-io.o @@ -2245,7 +2245,7 @@ if (the_active_state != NULL && the_authctxt != NULL) { @@ -2525,7 +2593,9 @@ cleanup_exit(int i) - _exit(EXIT_AUTH_ATTEMPTED); + } #ifdef SSH_AUDIT_EVENTS /* done after do_cleanup so it can cancel the PAM auth 'thread' */ - if (the_active_state != NULL && mm_is_monitor()) @@ -2254,12 +2254,22 @@ + mm_is_monitor()) audit_event(the_active_state, SSH_CONNECTION_ABANDON); #endif - _exit(i); + /* Override default fatal exit value when auth was attempted */ Index: openssh-8.9p1/sshkey.c =================================================================== --- openssh-8.9p1.orig/sshkey.c +++ openssh-8.9p1/sshkey.c -@@ -400,6 +400,38 @@ sshkey_type_is_valid_ca(int type) +@@ -35,6 +35,9 @@ sshkey_type_is_valid_ca(int type) + #include <openssl/evp.h> + #include <openssl/err.h> + #include <openssl/pem.h> ++# if (OPENSSL_VERSION_NUMBER >= 0x30000000L) ++# include <openssl/core_names.h> ++# endif + #endif + + #include "crypto_api.h" +@@ -400,6 +403,53 @@ sshkey_type_is_valid_ca(int type) } int @@ -2267,23 +2277,38 @@ +{ + switch (k->type) { +#ifdef WITH_OPENSSL ++# if (OPENSSL_VERSION_NUMBER >= 0x30000000L) ++ case KEY_RSA_CERT: ++ case KEY_RSA: ++ case KEY_ECDSA_CERT: ++ case KEY_ECDSA: { ++ BIGNUM *d = NULL; ++ EVP_PKEY_get_bn_param(k->pkey, OSSL_PKEY_PARAM_PRIV_KEY, &d); ++ return d != NULL; ++ } ++# else /* OPENSSL < 3.0.0 */ + case KEY_RSA_CERT: + case KEY_RSA: { -+ const BIGNUM *d; -+ RSA_get0_key(k->rsa, NULL, NULL, &d); ++ const BIGNUM *d = NULL; ++ RSA *rsakey = EVP_PKEY_get0_RSA(k->pkey); ++ if (rsakey) ++ RSA_get0_key(rsakey, NULL, NULL, &d); + return d != NULL; + } ++# ifdef OPENSSL_HAS_ECC ++ case KEY_ECDSA_CERT: ++ case KEY_ECDSA: { ++ EC_KEY *eckey = EVP_PKEY_get0_EC_KEY(k->pkey); ++ return (eckey != NULL) && (EC_KEY_get0_private_key(eckey) != NULL); ++ } ++# endif /* OPENSSL_HAS_ECC */ ++# endif /* OPENSSL < 3.0.0 */ + case KEY_DSA_CERT: + case KEY_DSA: { -+ const BIGNUM *priv_key; ++ const BIGNUM *priv_key = NULL; + DSA_get0_key(k->dsa, NULL, &priv_key); + return priv_key != NULL; + } -+#ifdef OPENSSL_HAS_ECC -+ case KEY_ECDSA_CERT: -+ case KEY_ECDSA: -+ return EC_KEY_get0_private_key(k->ecdsa) != NULL; -+#endif /* OPENSSL_HAS_ECC */ +#endif /* WITH_OPENSSL */ + case KEY_ED25519_CERT: + case KEY_ED25519: @@ -2303,9 +2328,9 @@ --- openssh-8.9p1.orig/sshkey.h +++ openssh-8.9p1/sshkey.h @@ -189,6 +189,7 @@ int sshkey_shield_private(struct sshke - int sshkey_unshield_private(struct sshkey *); int sshkey_type_from_name(const char *); + int sshkey_type_from_shortname(const char *); +int sshkey_is_private(const struct sshkey *); int sshkey_is_cert(const struct sshkey *); int sshkey_is_sk(const struct sshkey *); ++++++ openssh-9.6p1-crypto-policies-man.patch ++++++ --- /var/tmp/diff_new_pack.THP8NG/_old 2024-09-26 18:52:38.199465211 +0200 +++ /var/tmp/diff_new_pack.THP8NG/_new 2024-09-26 18:52:38.227466372 +0200 @@ -160,7 +160,7 @@ .It Cm HostKeyAlias Specifies an alias that should be used instead of the real host name when looking up or saving the host key -@@ -1311,36 +1313,30 @@ it may be zero or more of: +@@ -1311,37 +1313,30 @@ it may be zero or more of: and .Cm pam . .It Cm KexAlgorithms @@ -172,7 +172,7 @@ +.Pp Specifies the permitted KEX (Key Exchange) algorithms that will be used and their preference order. - The selected algorithm will the the first algorithm in this list that + The selected algorithm will be the first algorithm in this list that the server also supports. Multiple algorithms must be comma-separated. .Pp @@ -194,7 +194,8 @@ -.Pp -The default is: -.Bd -literal -offset indent --sntrup761x25519-sha...@openssh.com, +-sntrup761x25519-sha512,sntrup761x25519-sha...@openssh.com, +-mlkem768x25519-sha256, -curve25519-sha256,curve25519-sha...@libssh.org, -ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521, -diffie-hellman-group-exchange-sha256, @@ -534,13 +535,14 @@ .Pp The supported algorithms are: .Pp -@@ -1072,16 +1057,6 @@ ecdh-sha2-nistp521 +@@ -1072,17 +1057,6 @@ ecdh-sha2-nistp521 sntrup761x25519-sha...@openssh.com .El .Pp -The default is: -.Bd -literal -offset indent --sntrup761x25519-sha...@openssh.com, +-sntrup761x25519-sha512,sntrup761x25519-sha...@openssh.com, +-mlkem768x25519-sha256, -curve25519-sha256,curve25519-sha...@libssh.org, -ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521, -diffie-hellman-group-exchange-sha256, ++++++ openssh-9.8p1.tar.gz -> openssh-9.9p1.tar.gz ++++++ ++++ 25324 lines of diff (skipped) ++++++ openssh-mitigate-lingering-secrets.patch ++++++ --- /var/tmp/diff_new_pack.THP8NG/_old 2024-09-26 18:52:38.799490097 +0200 +++ /var/tmp/diff_new_pack.THP8NG/_new 2024-09-26 18:52:38.803490263 +0200 @@ -334,12 +334,13 @@ in_cleanup = 1; extern int auth_attempted; /* monitor.c */ -@@ -1604,5 +1610,7 @@ cleanup_exit(int i) +@@ -1604,6 +1610,8 @@ cleanup_exit(int i) mm_is_monitor()) audit_event(the_active_state, SSH_CONNECTION_ABANDON); #endif + + clobber_stack(); - _exit(i); - } + /* Override default fatal exit value when auth was attempted */ + if (i == 255 && auth_attempted) + _exit(EXIT_AUTH_ATTEMPTED);
