Hi, attached is the security fix for libssh 0.5.5 we have in OpenBSD 5.5.
Any ok? Cheers, Remi.
Index: patches/patch-include_libssh_wrapper_h =================================================================== RCS file: patches/patch-include_libssh_wrapper_h diff -N patches/patch-include_libssh_wrapper_h --- /dev/null 1 Jan 1970 00:00:00 -0000 +++ patches/patch-include_libssh_wrapper_h 14 Mar 2014 10:14:53 -0000 @@ -0,0 +1,13 @@ +$OpenBSD$ +security: fix for vulnerability CVE-2014-0017 +http://git.libssh.org/projects/libssh.git/commit/?h=v0-5 + +--- include/libssh/wrapper.h.orig Fri Jul 26 08:39:39 2013 ++++ include/libssh/wrapper.h Fri Mar 14 11:10:39 2014 +@@ -44,5 +44,6 @@ int crypt_set_algorithms_server(ssh_session session); + struct ssh_crypto_struct *crypto_new(void); + void crypto_free(struct ssh_crypto_struct *crypto); + ++void ssh_reseed(void); + + #endif /* WRAPPER_H_ */ Index: patches/patch-src_bind_c =================================================================== RCS file: patches/patch-src_bind_c diff -N patches/patch-src_bind_c --- /dev/null 1 Jan 1970 00:00:00 -0000 +++ patches/patch-src_bind_c 14 Mar 2014 10:14:53 -0000 @@ -0,0 +1,16 @@ +$OpenBSD$ +security: fix for vulnerability CVE-2014-0017 +http://git.libssh.org/projects/libssh.git/commit/?h=v0-5 + +--- src/bind.c.orig Fri Jul 26 08:39:39 2013 ++++ src/bind.c Fri Mar 14 11:10:39 2014 +@@ -374,7 +374,8 @@ int ssh_bind_accept(ssh_bind sshbind, ssh_session sess + ssh_socket_get_poll_handle_out(session->socket); + session->dsa_key = dsa; + session->rsa_key = rsa; +- ++ /* force PRNG to change state in case we fork after ssh_bind_accept */ ++ ssh_reseed(); + return SSH_OK; + } + Index: patches/patch-src_libcrypto_c =================================================================== RCS file: patches/patch-src_libcrypto_c diff -N patches/patch-src_libcrypto_c --- /dev/null 1 Jan 1970 00:00:00 -0000 +++ patches/patch-src_libcrypto_c 14 Mar 2014 10:14:53 -0000 @@ -0,0 +1,36 @@ +$OpenBSD$ +security: fix for vulnerability CVE-2014-0017 +http://git.libssh.org/projects/libssh.git/commit/?h=v0-5 + +--- src/libcrypto.c.orig Fri Jul 26 08:39:39 2013 ++++ src/libcrypto.c Fri Mar 14 11:10:39 2014 +@@ -23,6 +23,7 @@ + #include <stdlib.h> + #include <stdio.h> + #include <string.h> ++#include <sys/time.h> + + #include "libssh/priv.h" + #include "libssh/session.h" +@@ -38,6 +39,8 @@ + #include <openssl/rsa.h> + #include <openssl/hmac.h> + #include <openssl/opensslv.h> ++#include <openssl/rand.h> ++ + #ifdef HAVE_OPENSSL_AES_H + #define HAS_AES + #include <openssl/aes.h> +@@ -64,6 +67,12 @@ static int alloc_key(struct crypto_struct *cipher) { + } + + return 0; ++} ++ ++void ssh_reseed(void){ ++ struct timeval tv; ++ gettimeofday(&tv, NULL); ++ RAND_add(&tv, sizeof(tv), 0.0); + } + + SHACTX sha1_init(void) { Index: patches/patch-src_libgcrypt_c =================================================================== RCS file: patches/patch-src_libgcrypt_c diff -N patches/patch-src_libgcrypt_c --- /dev/null 1 Jan 1970 00:00:00 -0000 +++ patches/patch-src_libgcrypt_c 14 Mar 2014 10:14:53 -0000 @@ -0,0 +1,16 @@ +$OpenBSD$ +security: fix for vulnerability CVE-2014-0017 +http://git.libssh.org/projects/libssh.git/commit/?h=v0-5 + +--- src/libgcrypt.c.orig Fri Jul 26 08:39:39 2013 ++++ src/libgcrypt.c Fri Mar 14 11:10:39 2014 +@@ -41,6 +41,9 @@ static int alloc_key(struct crypto_struct *cipher) { + return 0; + } + ++void ssh_reseed(void){ ++ } ++ + SHACTX sha1_init(void) { + SHACTX ctx = NULL; + gcry_md_open(&ctx, GCRY_MD_SHA1, 0);
