From 11b28ae5c9b0cb64221b47c8932c2780f0ab5d55 Mon Sep 17 00:00:00 2001 From: taca Date: Wed, 27 Sep 2006 16:10:59 +0000 Subject: Add patches to fix the problem reported by Secunia Advisory SA22091 (also CVS-2006-4924); "OpenSSH Identical Blocks Denial of Service Vulnerability" referring to OpenBSD's CVS repository. Bump PKGREVISION. --- security/openssh/Makefile | 3 +- security/openssh/distinfo | 11 ++-- security/openssh/patches/patch-ax | 107 ++++++++++++++++++++++++++++++++++++++ security/openssh/patches/patch-ay | 15 ++++++ security/openssh/patches/patch-az | 36 +++++++++++++ 5 files changed, 167 insertions(+), 5 deletions(-) create mode 100644 security/openssh/patches/patch-ax create mode 100644 security/openssh/patches/patch-ay create mode 100644 security/openssh/patches/patch-az (limited to 'security') diff --git a/security/openssh/Makefile b/security/openssh/Makefile index be64925d94b..4f15df452bb 100644 --- a/security/openssh/Makefile +++ b/security/openssh/Makefile @@ -1,7 +1,8 @@ -# $NetBSD: Makefile,v 1.169 2006/06/04 14:56:37 joerg Exp $ +# $NetBSD: Makefile,v 1.170 2006/09/27 16:10:59 taca Exp $ DISTNAME= openssh-4.3p1 PKGNAME= openssh-4.3.1 +PKGREVISION= 1 SVR4_PKGNAME= ossh CATEGORIES= security MASTER_SITES= ftp://ftp.openssh.com/pub/OpenBSD/OpenSSH/portable/ \ diff --git a/security/openssh/distinfo b/security/openssh/distinfo index 104ea2b664a..888d400b619 100644 --- a/security/openssh/distinfo +++ b/security/openssh/distinfo @@ -1,11 +1,11 @@ -$NetBSD: distinfo,v 1.52 2006/02/23 19:02:50 joerg Exp $ +$NetBSD: distinfo,v 1.53 2006/09/27 16:10:59 taca Exp $ -SHA1 (openssh-4.3p1.tar.gz) = b1f379127829e7e820955b2825130edd1601ba59 -RMD160 (openssh-4.3p1.tar.gz) = c1d69873ecc453b40d825a2f1b3a0909da815f5e -Size (openssh-4.3p1.tar.gz) = 940777 bytes SHA1 (openssh-4.3p1-hpn11.diff) = 22f2c99d314abc400bd1731d9c35b0540cbf2eae RMD160 (openssh-4.3p1-hpn11.diff) = c3b807437fd9f40f2ab73c52586de194b84cce6e Size (openssh-4.3p1-hpn11.diff) = 11024 bytes +SHA1 (openssh-4.3p1.tar.gz) = b1f379127829e7e820955b2825130edd1601ba59 +RMD160 (openssh-4.3p1.tar.gz) = c1d69873ecc453b40d825a2f1b3a0909da815f5e +Size (openssh-4.3p1.tar.gz) = 940777 bytes SHA1 (patch-aa) = 213f5f5a3c7ae0bceafac1b169063fc71806dc7c SHA1 (patch-ab) = 6c71ad1a39a1d6f7e48fc244993a4189c2cd9ef7 SHA1 (patch-ac) = 8c625fdaca4d73c27e4e68b5bb3aa54327eb61ff @@ -29,3 +29,6 @@ SHA1 (patch-at) = ffbcb38cf8578f05319b2af9cfcdb5ada2a57e78 SHA1 (patch-au) = 052b0b6d8869ad09144e4fc9e1b3c5e03c669c44 SHA1 (patch-av) = 5543fcf94eaad26e27043c1527921e23ecfefc77 SHA1 (patch-aw) = 95d49965b0f24bf117e790785d3a8ef553865bda +SHA1 (patch-ax) = 2c6923c767e7549d746d35358ecef2156012b227 +SHA1 (patch-ay) = e64d4266556ce05a5fd5e14ee4e988e7bf075576 +SHA1 (patch-az) = 341c42c82ddb6177bd8ac41813d6ad1e4b6e3839 diff --git a/security/openssh/patches/patch-ax b/security/openssh/patches/patch-ax new file mode 100644 index 00000000000..4f5282ce59f --- /dev/null +++ b/security/openssh/patches/patch-ax @@ -0,0 +1,107 @@ +$NetBSD: patch-ax,v 1.1 2006/09/27 16:10:59 taca Exp $ + +Secunia Advisory SA22091 + +--- deattack.c.orig Mon Sep 22 20:04:23 2003 ++++ deattack.c +@@ -27,6 +27,24 @@ RCSID("$OpenBSD: deattack.c,v 1.19 2003/ + #include "xmalloc.h" + #include "deattack.h" + ++/* ++ * CRC attack detection has a worst-case behaviour that is O(N^3) over ++ * the number of identical blocks in a packet. This behaviour can be ++ * exploited to create a limited denial of service attack. ++ * ++ * However, because we are dealing with encrypted data, identical ++ * blocks should only occur every 2^35 maximally-sized packets or so. ++ * Consequently, we can detect this DoS by looking for identical blocks ++ * in a packet. ++ * ++ * The parameter below determines how many identical blocks we will ++ * accept in a single packet, trading off between attack detection and ++ * likelihood of terminating a legitimate connection. A value of 32 ++ * corresponds to an average of 2^40 messages before an attack is ++ * misdetected ++ */ ++#define MAX_IDENTICAL 32 ++ + /* SSH Constants */ + #define SSH_MAXBLOCKS (32 * 1024) + #define SSH_BLOCKSIZE (8) +@@ -56,17 +74,12 @@ crc_update(u_int32_t *a, u_int32_t b) + + /* detect if a block is used in a particular pattern */ + static int +-check_crc(u_char *S, u_char *buf, u_int32_t len, +- u_char *IV) ++check_crc(u_char *S, u_char *buf, u_int32_t len) + { + u_int32_t crc; + u_char *c; + + crc = 0; +- if (IV && !CMP(S, IV)) { +- crc_update(&crc, 1); +- crc_update(&crc, 0); +- } + for (c = buf; c < buf + len; c += SSH_BLOCKSIZE) { + if (!CMP(S, c)) { + crc_update(&crc, 1); +@@ -82,12 +95,12 @@ check_crc(u_char *S, u_char *buf, u_int3 + + /* Detect a crc32 compensation attack on a packet */ + int +-detect_attack(u_char *buf, u_int32_t len, u_char *IV) ++detect_attack(u_char *buf, u_int32_t len) + { + static u_int16_t *h = (u_int16_t *) NULL; + static u_int32_t n = HASH_MINSIZE / HASH_ENTRYSIZE; + u_int32_t i, j; +- u_int32_t l; ++ u_int32_t l, same; + u_char *c; + u_char *d; + +@@ -111,15 +124,9 @@ detect_attack(u_char *buf, u_int32_t len + + if (len <= HASH_MINBLOCKS) { + for (c = buf; c < buf + len; c += SSH_BLOCKSIZE) { +- if (IV && (!CMP(c, IV))) { +- if ((check_crc(c, buf, len, IV))) +- return (DEATTACK_DETECTED); +- else +- break; +- } + for (d = buf; d < c; d += SSH_BLOCKSIZE) { + if (!CMP(c, d)) { +- if ((check_crc(c, buf, len, IV))) ++ if ((check_crc(c, buf, len))) + return (DEATTACK_DETECTED); + else + break; +@@ -130,21 +137,11 @@ detect_attack(u_char *buf, u_int32_t len + } + memset(h, HASH_UNUSEDCHAR, n * HASH_ENTRYSIZE); + +- if (IV) +- h[HASH(IV) & (n - 1)] = HASH_IV; +- +- for (c = buf, j = 0; c < (buf + len); c += SSH_BLOCKSIZE, j++) { ++ for (c = buf, same = j = 0; c < (buf + len); c += SSH_BLOCKSIZE, j++) { + for (i = HASH(c) & (n - 1); h[i] != HASH_UNUSED; + i = (i + 1) & (n - 1)) { +- if (h[i] == HASH_IV) { +- if (!CMP(c, IV)) { +- if (check_crc(c, buf, len, IV)) +- return (DEATTACK_DETECTED); +- else +- break; +- } +- } else if (!CMP(c, buf + h[i] * SSH_BLOCKSIZE)) { +- if (check_crc(c, buf, len, IV)) ++ if (!CMP(c, buf + h[i] * SSH_BLOCKSIZE)) { ++ if (check_crc(c, buf, len)) + return (DEATTACK_DETECTED); + else + break; diff --git a/security/openssh/patches/patch-ay b/security/openssh/patches/patch-ay new file mode 100644 index 00000000000..ec36f5da855 --- /dev/null +++ b/security/openssh/patches/patch-ay @@ -0,0 +1,15 @@ +$NetBSD: patch-ay,v 1.1 2006/09/27 16:10:59 taca Exp $ + +Secunia Advisory SA22091 + +--- deattack.h.orig Wed Jul 4 13:46:57 2001 ++++ deattack.h +@@ -25,6 +25,7 @@ + /* Return codes */ + #define DEATTACK_OK 0 + #define DEATTACK_DETECTED 1 ++#define DEATTACK_DOS_DETECTED 2 + +-int detect_attack(u_char *, u_int32_t, u_char[8]); ++int detect_attack(u_char *, u_int32_t); + #endif diff --git a/security/openssh/patches/patch-az b/security/openssh/patches/patch-az new file mode 100644 index 00000000000..ee002ae4158 --- /dev/null +++ b/security/openssh/patches/patch-az @@ -0,0 +1,36 @@ +$NetBSD: patch-az,v 1.1 2006/09/27 16:10:59 taca Exp $ + +Secunia Advisory SA22091 + one more OpenBSD's CVS update 1.144-1.145 + +--- packet.c.orig Sat Nov 5 13:15:00 2005 ++++ packet.c +@@ -669,6 +669,9 @@ packet_enable_delayed_compress(void) + */ + after_authentication = 1; + for (mode = 0; mode < MODE_MAX; mode++) { ++ /* protocol error: USERAUTH_SUCCESS received before NEWKEYS */ ++ if (newkeys[mode] == NULL) ++ continue; + comp = &newkeys[mode]->comp; + if (comp && !comp->enabled && comp->type == COMP_DELAYED) { + packet_init_compression(); +@@ -978,9 +981,16 @@ packet_read_poll1(void) + * (C)1998 CORE-SDI, Buenos Aires Argentina + * Ariel Futoransky(futo@core-sdi.com) + */ +- if (!receive_context.plaintext && +- detect_attack(buffer_ptr(&input), padded_len, NULL) == DEATTACK_DETECTED) +- packet_disconnect("crc32 compensation attack: network attack detected"); ++ if (!receive_context.plaintext) { ++ switch (detect_attack(buffer_ptr(&input), padded_len)) { ++ case DEATTACK_DETECTED: ++ packet_disconnect("crc32 compensation attack: " ++ "network attack detected"); ++ case DEATTACK_DOS_DETECTED: ++ packet_disconnect("deattack denial of " ++ "service detected"); ++ } ++ } + + /* Decrypt data to incoming_packet. */ + buffer_clear(&incoming_packet); -- cgit v1.2.3