diff options
Diffstat (limited to 'meta/recipes-connectivity/openssh/openssh/CVE-2016-6210_p2.patch')
| -rw-r--r-- | meta/recipes-connectivity/openssh/openssh/CVE-2016-6210_p2.patch | 110 |
1 files changed, 110 insertions, 0 deletions
diff --git a/meta/recipes-connectivity/openssh/openssh/CVE-2016-6210_p2.patch b/meta/recipes-connectivity/openssh/openssh/CVE-2016-6210_p2.patch new file mode 100644 index 0000000000..f27c74c7c1 --- /dev/null +++ b/meta/recipes-connectivity/openssh/openssh/CVE-2016-6210_p2.patch @@ -0,0 +1,110 @@ +From 283b97ff33ea2c641161950849931bd578de6946 Mon Sep 17 00:00:00 2001 +From: Darren Tucker <dtucker@zip.com.au> +Date: Fri, 15 Jul 2016 13:49:44 +1000 +Subject: [PATCH] Mitigate timing of disallowed users PAM logins. + +When sshd decides to not allow a login (eg PermitRootLogin=no) and +it's using PAM, it sends a fake password to PAM so that the timing for +the failure is not noticeably different whether or not the password +is correct. This behaviour can be detected by sending a very long +password string which is slower to hash than the fake password. + +Mitigate by constructing an invalid password that is the same length +as the one from the client and thus takes the same time to hash. +Diff from djm@ + +Upstream-Status: Backport +CVE: CVE-2016-6210 patch2 +Signed-off-by: Armin Kuster <akuster@mvista.com> + +--- + auth-pam.c | 35 +++++++++++++++++++++++++++++++---- + 1 file changed, 31 insertions(+), 4 deletions(-) + +Index: openssh-7.1p2/auth-pam.c +=================================================================== +--- openssh-7.1p2.orig/auth-pam.c ++++ openssh-7.1p2/auth-pam.c +@@ -231,7 +231,6 @@ static int sshpam_account_status = -1; + static char **sshpam_env = NULL; + static Authctxt *sshpam_authctxt = NULL; + static const char *sshpam_password = NULL; +-static char badpw[] = "\b\n\r\177INCORRECT"; + + /* Some PAM implementations don't implement this */ + #ifndef HAVE_PAM_GETENVLIST +@@ -809,12 +808,35 @@ sshpam_query(void *ctx, char **name, cha + return (-1); + } + ++/* ++ * Returns a junk password of identical length to that the user supplied. ++ * Used to mitigate timing attacks against crypt(3)/PAM stacks that ++ * vary processing time in proportion to password length. ++ */ ++static char * ++fake_password(const char *wire_password) ++{ ++ const char junk[] = "\b\n\r\177INCORRECT"; ++ char *ret = NULL; ++ size_t i, l = wire_password != NULL ? strlen(wire_password) : 0; ++ ++ if (l >= INT_MAX) ++ fatal("%s: password length too long: %zu", __func__, l); ++ ++ ret = malloc(l + 1); ++ for (i = 0; i < l; i++) ++ ret[i] = junk[i % (sizeof(junk) - 1)]; ++ ret[i] = '\0'; ++ return ret; ++} ++ + /* XXX - see also comment in auth-chall.c:verify_response */ + static int + sshpam_respond(void *ctx, u_int num, char **resp) + { + Buffer buffer; + struct pam_ctxt *ctxt = ctx; ++ char *fake; + + debug2("PAM: %s entering, %u responses", __func__, num); + switch (ctxt->pam_done) { +@@ -835,8 +857,11 @@ sshpam_respond(void *ctx, u_int num, cha + (sshpam_authctxt->pw->pw_uid != 0 || + options.permit_root_login == PERMIT_YES)) + buffer_put_cstring(&buffer, *resp); +- else +- buffer_put_cstring(&buffer, badpw); ++ else { ++ fake = fake_password(*resp); ++ buffer_put_cstring(&buffer, fake); ++ free(fake); ++ } + if (ssh_msg_send(ctxt->pam_psock, PAM_AUTHTOK, &buffer) == -1) { + buffer_free(&buffer); + return (-1); +@@ -1180,6 +1205,7 @@ sshpam_auth_passwd(Authctxt *authctxt, c + { + int flags = (options.permit_empty_passwd == 0 ? + PAM_DISALLOW_NULL_AUTHTOK : 0); ++ char *fake = NULL; + + if (!options.use_pam || sshpam_handle == NULL) + fatal("PAM: %s called when PAM disabled or failed to " +@@ -1195,7 +1221,7 @@ sshpam_auth_passwd(Authctxt *authctxt, c + */ + if (!authctxt->valid || (authctxt->pw->pw_uid == 0 && + options.permit_root_login != PERMIT_YES)) +- sshpam_password = badpw; ++ sshpam_password = fake = fake_password(password); + + sshpam_err = pam_set_item(sshpam_handle, PAM_CONV, + (const void *)&passwd_conv); +@@ -1205,6 +1231,7 @@ sshpam_auth_passwd(Authctxt *authctxt, c + + sshpam_err = pam_authenticate(sshpam_handle, flags); + sshpam_password = NULL; ++ free(fake); + if (sshpam_err == PAM_SUCCESS && authctxt->valid) { + debug("PAM: password authentication accepted for %.100s", + authctxt->user); |