[Bug 2680] New: Regression in server-sig-algs offer in 7.4p1 (Deprecation of SHA1 is not being enforced)

bugzilla-daemon at bugzilla.mindrot.org bugzilla-daemon at bugzilla.mindrot.org
Sat Feb 18 03:13:59 AEDT 2017


https://bugzilla.mindrot.org/show_bug.cgi?id=2680

            Bug ID: 2680
           Summary: Regression in server-sig-algs offer in 7.4p1
                    (Deprecation of SHA1 is not being enforced)
           Product: Portable OpenSSH
           Version: 7.4p1
          Hardware: Other
                OS: Linux
            Status: NEW
          Severity: enhancement
          Priority: P5
         Component: ssh
          Assignee: unassigned-bugs at mindrot.org
          Reporter: jjelen at redhat.com

Cross-filled from the mailing list to get some more attention:

The server-sig algorithms changed with commit 130f5d

before: server-sig-algs=<rsa-sha2-256,rsa-sha2-512>
after:
server-sig-algs=<ssh-ed25519,ssh-rsa,ssh-dss,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521>

http://lists.mindrot.org/pipermail/openssh-unix-dev/2017-February/035785.html

Can we get that fixed? It prevents using the new signatures and falls
back unconditionally to sha1.
---------------------- original email ------------------------------
The side effect of this bug is that my "problem" originally reported
disappeared from 7.3p1 to 7.4p1. It was fixed by properly supporting
rsa-sha2-256 from OpenSC (my pkcs11 lib) side, but during tests we
found out that 7.4p1 was not using rsa-sha2-256 anymore.

Bug was introduced with commit:

https://github.com/openssh/openssh-portable/commit/130f5df4fa37cace8c079dccb690e5cafbf00751.

Due to:

https://bugzilla.mindrot.org/show_bug.cgi?id=2547

>From this commit rsa-sha2-256 and rsa-sha2-512 are no longer offered
so all is downgraded to rsa-sha.

A fix applied at current master could be:

diff --git a/kex.c b/kex.c
index a30dabe..13bb9aa 100644
--- a/kex.c
+++ b/kex.c
@@ -348,7 +348,7 @@ kex_send_ext_info(struct ssh *ssh)
  int r;
  char *algs;

- if ((algs = sshkey_alg_list(0, 1, ',')) == NULL)
+ if ((algs = sshkey_alg_list(0, 1, 1, ',')) == NULL)
  return SSH_ERR_ALLOC_FAIL;
  if ((r = sshpkt_start(ssh, SSH2_MSG_EXT_INFO)) != 0 ||
     (r = sshpkt_put_u32(ssh, 1)) != 0 ||
diff --git a/ssh.c b/ssh.c
index ee0b16d..edef335 100644
--- a/ssh.c
+++ b/ssh.c
@@ -684,11 +684,11 @@ main(int ac, char **av)
  else if (strcmp(optarg, "kex") == 0)
  cp = kex_alg_list('\n');
  else if (strcmp(optarg, "key") == 0)
- cp = sshkey_alg_list(0, 0, '\n');
+ cp = sshkey_alg_list(0, 0, 0, '\n');
  else if (strcmp(optarg, "key-cert") == 0)
- cp = sshkey_alg_list(1, 0, '\n');
+ cp = sshkey_alg_list(1, 0, 0, '\n');
  else if (strcmp(optarg, "key-plain") == 0)
- cp = sshkey_alg_list(0, 1, '\n');
+ cp = sshkey_alg_list(0, 1, 0, '\n');
  else if (strcmp(optarg, "protocol-version") == 0) {
 #ifdef WITH_SSH1
  cp = xstrdup("1\n2");
diff --git a/sshkey.c b/sshkey.c
index 31710e5..1c5dfdb 100644
--- a/sshkey.c
+++ b/sshkey.c
@@ -195,14 +195,16 @@ sshkey_ecdsa_nid_from_name(const char *name)
 }

 char *
-sshkey_alg_list(int certs_only, int plain_only, char sep)
+sshkey_alg_list(int certs_only, int plain_only, int sigonly_also, char
sep)
 {
  char *tmp, *ret = NULL;
  size_t nlen, rlen = 0;
  const struct keytype *kt;

  for (kt = keytypes; kt->type != -1; kt++) {
- if (kt->name == NULL || kt->sigonly)
+ if (kt->name == NULL)
+ continue;
+ if (!sigonly_also && kt->sigonly)
  continue;
  if ((certs_only && !kt->cert) || (plain_only && kt->cert))
  continue;
diff --git a/sshkey.h b/sshkey.h
index f393638..6a3ff2f 100644
--- a/sshkey.h
+++ b/sshkey.h
@@ -156,7 +156,7 @@ int sshkey_ec_validate_private(const EC_KEY *);
 const char *sshkey_ssh_name(const struct sshkey *);
 const char *sshkey_ssh_name_plain(const struct sshkey *);
 int sshkey_names_valid2(const char *, int);
-char *sshkey_alg_list(int, int, char);
+char *sshkey_alg_list(int, int, int, char);

 int sshkey_from_blob(const u_char *, size_t, struct sshkey **);
 int sshkey_fromb(struct sshbuf *, struct sshkey **);

-- 
You are receiving this mail because:
You are watching the assignee of the bug.


More information about the openssh-bugs mailing list