diff options
author | Markus Friedl <markus@cvs.openbsd.org> | 2001-02-11 12:59:27 +0000 |
---|---|---|
committer | Markus Friedl <markus@cvs.openbsd.org> | 2001-02-11 12:59:27 +0000 |
commit | 6cd470778fe498d5509d5098522743c94a3f3a81 (patch) | |
tree | 803d6ea76487c5272d9bca5d3a8e4ddf9ebe05c2 | |
parent | 8892fc1a51799002a13e596d5e2d4b118335553b (diff) |
1) clean up the MAC support for SSH-2
2) allow you to specify the MAC with 'ssh -m'
3) or the 'MACs' keyword in ssh(d)_config
4) add hmac-{md5,sha1}-96
ok stevesk@, provos@
-rw-r--r-- | usr.bin/ssh/hmac.c | 56 | ||||
-rw-r--r-- | usr.bin/ssh/kex.c | 17 | ||||
-rw-r--r-- | usr.bin/ssh/kex.h | 6 | ||||
-rw-r--r-- | usr.bin/ssh/lib/Makefile | 4 | ||||
-rw-r--r-- | usr.bin/ssh/mac.c | 114 | ||||
-rw-r--r-- | usr.bin/ssh/mac.h (renamed from usr.bin/ssh/hmac.h) | 18 | ||||
-rw-r--r-- | usr.bin/ssh/myproposal.h | 7 | ||||
-rw-r--r-- | usr.bin/ssh/packet.c | 25 | ||||
-rw-r--r-- | usr.bin/ssh/readconf.c | 20 | ||||
-rw-r--r-- | usr.bin/ssh/readconf.h | 3 | ||||
-rw-r--r-- | usr.bin/ssh/servconf.c | 19 | ||||
-rw-r--r-- | usr.bin/ssh/servconf.h | 7 | ||||
-rw-r--r-- | usr.bin/ssh/ssh.1 | 22 | ||||
-rw-r--r-- | usr.bin/ssh/ssh.c | 14 | ||||
-rw-r--r-- | usr.bin/ssh/sshconnect2.c | 10 | ||||
-rw-r--r-- | usr.bin/ssh/sshd.8 | 13 | ||||
-rw-r--r-- | usr.bin/ssh/sshd.c | 6 |
17 files changed, 243 insertions, 118 deletions
diff --git a/usr.bin/ssh/hmac.c b/usr.bin/ssh/hmac.c deleted file mode 100644 index 831dd243a35..00000000000 --- a/usr.bin/ssh/hmac.c +++ /dev/null @@ -1,56 +0,0 @@ -/* - * Copyright (c) 2000 Markus Friedl. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR - * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES - * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. - * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, - * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, - * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY - * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT - * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF - * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - */ - -#include "includes.h" -RCSID("$OpenBSD: hmac.c,v 1.7 2001/02/08 19:30:51 itojun Exp $"); - -#include "xmalloc.h" -#include "getput.h" -#include "log.h" - -#include <openssl/hmac.h> - -#include "hmac.h" - -u_char * -hmac( - EVP_MD *evp_md, - u_int seqno, - u_char *data, int datalen, - u_char *key, int keylen) -{ - HMAC_CTX c; - static u_char m[EVP_MAX_MD_SIZE]; - u_char b[4]; - - if (key == NULL) - fatal("hmac: no key"); - HMAC_Init(&c, key, keylen, evp_md); - PUT_32BIT(b, seqno); - HMAC_Update(&c, b, sizeof b); - HMAC_Update(&c, data, datalen); - HMAC_Final(&c, m, NULL); - HMAC_cleanup(&c); - return(m); -} diff --git a/usr.bin/ssh/kex.c b/usr.bin/ssh/kex.c index 7c1326ed09e..1038546cadf 100644 --- a/usr.bin/ssh/kex.c +++ b/usr.bin/ssh/kex.c @@ -23,7 +23,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: kex.c,v 1.20 2001/02/08 19:30:51 itojun Exp $"); +RCSID("$OpenBSD: kex.c,v 1.21 2001/02/11 12:59:24 markus Exp $"); #include <openssl/crypto.h> #include <openssl/bio.h> @@ -41,6 +41,7 @@ RCSID("$OpenBSD: kex.c,v 1.20 2001/02/08 19:30:51 itojun Exp $"); #include "kex.h" #include "key.h" #include "log.h" +#include "mac.h" #define KEX_COOKIE_LEN 16 @@ -412,18 +413,12 @@ choose_mac(Mac *mac, char *client, char *server) char *name = get_match(client, server); if (name == NULL) fatal("no matching mac found: client %s server %s", client, server); - if (strcmp(name, "hmac-md5") == 0) { - mac->md = EVP_md5(); - } else if (strcmp(name, "hmac-sha1") == 0) { - mac->md = EVP_sha1(); - } else if (strcmp(name, "hmac-ripemd160@openssh.com") == 0) { - mac->md = EVP_ripemd160(); - } else { + if (mac_init(mac, name) < 0) fatal("unsupported mac %s", name); - } + /* truncate the key */ + if (datafellows & SSH_BUG_HMAC) + mac->key_len = 16; mac->name = name; - mac->mac_len = mac->md->md_size; - mac->key_len = (datafellows & SSH_BUG_HMAC) ? 16 : mac->mac_len; mac->key = NULL; mac->enabled = 0; } diff --git a/usr.bin/ssh/kex.h b/usr.bin/ssh/kex.h index d8f37c1a67d..90496fbdf46 100644 --- a/usr.bin/ssh/kex.h +++ b/usr.bin/ssh/kex.h @@ -1,4 +1,4 @@ -/* $OpenBSD: kex.h,v 1.13 2001/02/04 15:32:24 stevesk Exp $ */ +/* $OpenBSD: kex.h,v 1.14 2001/02/11 12:59:24 markus Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. @@ -26,9 +26,11 @@ #ifndef KEX_H #define KEX_H +#include <openssl/evp.h> +#include "buffer.h" + #define KEX_DH1 "diffie-hellman-group1-sha1" #define KEX_DHGEX "diffie-hellman-group-exchange-sha1" -#define KEX_DSS "ssh-dss" enum kex_init_proposals { PROPOSAL_KEX_ALGS, diff --git a/usr.bin/ssh/lib/Makefile b/usr.bin/ssh/lib/Makefile index dd6dbda8765..439049470c6 100644 --- a/usr.bin/ssh/lib/Makefile +++ b/usr.bin/ssh/lib/Makefile @@ -1,4 +1,4 @@ -# $OpenBSD: Makefile,v 1.19 2001/01/29 01:58:19 niklas Exp $ +# $OpenBSD: Makefile,v 1.20 2001/02/11 12:59:26 markus Exp $ .PATH: ${.CURDIR}/.. @@ -7,7 +7,7 @@ SRCS= authfd.c authfile.c bufaux.c buffer.c canohost.c channels.c \ cipher.c compat.c compress.c crc32.c deattack.c \ hostfile.c log.c match.c mpaux.c nchan.c packet.c readpass.c \ rsa.c tildexpand.c ttymodes.c uidswap.c xmalloc.c atomicio.c \ - key.c dispatch.c kex.c hmac.c uuencode.c misc.c \ + key.c dispatch.c kex.c mac.c uuencode.c misc.c \ cli.c rijndael.c ssh-dss.c ssh-rsa.c NOPROFILE= yes diff --git a/usr.bin/ssh/mac.c b/usr.bin/ssh/mac.c new file mode 100644 index 00000000000..3ff107c8a64 --- /dev/null +++ b/usr.bin/ssh/mac.c @@ -0,0 +1,114 @@ +/* + * Copyright (c) 2001 Markus Friedl. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR + * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES + * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. + * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, + * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, + * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY + * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT + * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF + * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ + +#include "includes.h" +RCSID("$OpenBSD: mac.c,v 1.1 2001/02/11 12:59:24 markus Exp $"); + +#include <openssl/hmac.h> + +#include "xmalloc.h" +#include "getput.h" +#include "log.h" +#include "cipher.h" +#include "kex.h" +#include "mac.h" + +struct { + char *name; + EVP_MD * (*mdfunc)(void); + int truncatebits; /* truncate digest if != 0 */ +} macs[] = { + { "hmac-sha1", EVP_sha1, 0, }, + { "hmac-sha1-96", EVP_sha1, 96 }, + { "hmac-md5", EVP_md5, 0 }, + { "hmac-md5-96", EVP_md5, 96 }, + { "hmac-ripemd160", EVP_ripemd160, 0 }, + { "hmac-ripemd160@openssh.com", EVP_ripemd160, 0 }, + { NULL, NULL, 0 } +}; + +int +mac_init(Mac *mac, char *name) +{ + int i; + for (i = 0; macs[i].name; i++) { + if (strcmp(name, macs[i].name) == 0) { + if (mac != NULL) { + mac->md = (*macs[i].mdfunc)(); + mac->key_len = mac->mac_len = mac->md->md_size; + if (macs[i].truncatebits != 0) + mac->mac_len = macs[i].truncatebits/8; + } + debug2("mac_init: found %s", name); + return (0); + } + } + debug2("mac_init: unknown %s", name); + return (-1); +} + +u_char * +mac_compute(Mac *mac, u_int32_t seqno, u_char *data, int datalen) +{ + HMAC_CTX c; + static u_char m[EVP_MAX_MD_SIZE]; + u_char b[4]; + + if (mac->key == NULL) + fatal("mac_compute: no key"); + if (mac->mac_len > sizeof(m)) + fatal("mac_compute: mac too long"); + HMAC_Init(&c, mac->key, mac->key_len, mac->md); + PUT_32BIT(b, seqno); + HMAC_Update(&c, b, sizeof(b)); + HMAC_Update(&c, data, datalen); + HMAC_Final(&c, m, NULL); + HMAC_cleanup(&c); + return (m); +} + +/* XXX copied from ciphers_valid */ +#define MAC_SEP "," +int +mac_valid(const char *names) +{ + char *maclist, *cp, *p; + + if (names == NULL || strcmp(names, "") == 0) + return (0); + maclist = cp = xstrdup(names); + for ((p = strsep(&cp, MAC_SEP)); p && *p != '\0'; + (p = strsep(&cp, MAC_SEP))) { + if (mac_init(NULL, p) < 0) { + debug("bad mac %s [%s]", p, names); + xfree(maclist); + return (0); + } else { + debug3("mac ok: %s [%s]", p, names); + } + } + debug3("macs ok: [%s]", names); + xfree(maclist); + return (1); +} diff --git a/usr.bin/ssh/hmac.h b/usr.bin/ssh/mac.h index d9dc048a74b..6173eaa66a4 100644 --- a/usr.bin/ssh/hmac.h +++ b/usr.bin/ssh/mac.h @@ -1,7 +1,6 @@ -/* $OpenBSD: hmac.h,v 1.4 2001/01/29 01:58:15 niklas Exp $ */ - +/* $OpenBSD: mac.h,v 1.1 2001/02/11 12:59:24 markus Exp $ */ /* - * Copyright (c) 2000 Markus Friedl. All rights reserved. + * Copyright (c) 2001 Markus Friedl. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -23,14 +22,7 @@ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ -#ifndef HMAC_H -#define HMAC_H - -u_char * -hmac( - EVP_MD *evp_md, - u_int seqno, - u_char *data, int datalen, - u_char *key, int len); -#endif +int mac_valid(const char *names); +int mac_init(Mac *mac, char *name); +u_char *mac_compute(Mac *mac, u_int32_t seqno, u_char *data, int datalen); diff --git a/usr.bin/ssh/myproposal.h b/usr.bin/ssh/myproposal.h index 9dfecdafc13..03f76839bda 100644 --- a/usr.bin/ssh/myproposal.h +++ b/usr.bin/ssh/myproposal.h @@ -1,4 +1,4 @@ -/* $OpenBSD: myproposal.h,v 1.10 2001/01/29 01:58:17 niklas Exp $ */ +/* $OpenBSD: myproposal.h,v 1.11 2001/02/11 12:59:24 markus Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. @@ -30,7 +30,10 @@ "aes128-cbc,aes192-cbc,aes256-cbc," \ "rijndael128-cbc,rijndael192-cbc,rijndael256-cbc," \ "rijndael-cbc@lysator.liu.se" -#define KEX_DEFAULT_MAC "hmac-sha1,hmac-md5,hmac-ripemd160@openssh.com" +#define KEX_DEFAULT_MAC \ + "hmac-sha1,hmac-md5,hmac-ripemd160," \ + "hmac-ripemd160@openssh.com," \ + "hmac-sha1-96,hmac-md5-96" #define KEX_DEFAULT_COMP "none,zlib" #define KEX_DEFAULT_LANG "" diff --git a/usr.bin/ssh/packet.c b/usr.bin/ssh/packet.c index f34ec700dd5..5b42e8d603a 100644 --- a/usr.bin/ssh/packet.c +++ b/usr.bin/ssh/packet.c @@ -37,7 +37,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: packet.c,v 1.49 2001/02/08 19:30:52 itojun Exp $"); +RCSID("$OpenBSD: packet.c,v 1.50 2001/02/11 12:59:25 markus Exp $"); #include "xmalloc.h" #include "buffer.h" @@ -54,12 +54,9 @@ RCSID("$OpenBSD: packet.c,v 1.49 2001/02/08 19:30:52 itojun Exp $"); #include "ssh1.h" #include "ssh2.h" -#include <openssl/bn.h> -#include <openssl/dh.h> -#include <openssl/hmac.h> #include "cipher.h" #include "kex.h" -#include "hmac.h" +#include "mac.h" #include "log.h" #include "canohost.h" @@ -531,12 +528,12 @@ packet_send1(void) void packet_send2(void) { + static u_int32_t seqnr = 0; u_char *macbuf = NULL; char *cp; u_int packet_length = 0; u_int i, padlen, len; u_int32_t rand = 0; - static u_int seqnr = 0; int type; Enc *enc = NULL; Mac *mac = NULL; @@ -604,11 +601,9 @@ packet_send2(void) /* compute MAC over seqnr and packet(length fields, payload, padding) */ if (mac && mac->enabled) { - macbuf = hmac( mac->md, seqnr, + macbuf = mac_compute(mac, seqnr, (u_char *) buffer_ptr(&outgoing_packet), - buffer_len(&outgoing_packet), - mac->key, mac->key_len - ); + buffer_len(&outgoing_packet)); DBG(debug("done calc MAC out #%d", seqnr)); } /* encrypt packet and append to output buffer. */ @@ -818,12 +813,12 @@ packet_read_poll1(int *payload_len_ptr) int packet_read_poll2(int *payload_len_ptr) { + static u_int32_t seqnr = 0; + static u_int packet_length = 0; u_int padlen, need; u_char buf[8], *macbuf; u_char *ucp; char *cp; - static u_int packet_length = 0; - static u_int seqnr = 0; int type; int maclen, block_size; Enc *enc = NULL; @@ -883,11 +878,9 @@ packet_read_poll2(int *payload_len_ptr) * increment sequence number for incoming packet */ if (mac && mac->enabled) { - macbuf = hmac( mac->md, seqnr, + macbuf = mac_compute(mac, seqnr, (u_char *) buffer_ptr(&incoming_packet), - buffer_len(&incoming_packet), - mac->key, mac->key_len - ); + buffer_len(&incoming_packet)); if (memcmp(macbuf, buffer_ptr(&input), mac->mac_len) != 0) packet_disconnect("Corrupted MAC on input."); DBG(debug("MAC #%d ok", seqnr)); diff --git a/usr.bin/ssh/readconf.c b/usr.bin/ssh/readconf.c index 889fef4828e..359b8264982 100644 --- a/usr.bin/ssh/readconf.c +++ b/usr.bin/ssh/readconf.c @@ -12,7 +12,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: readconf.c,v 1.61 2001/02/08 14:39:36 deraadt Exp $"); +RCSID("$OpenBSD: readconf.c,v 1.62 2001/02/11 12:59:25 markus Exp $"); #include "ssh.h" #include "xmalloc.h" @@ -23,6 +23,8 @@ RCSID("$OpenBSD: readconf.c,v 1.61 2001/02/08 14:39:36 deraadt Exp $"); #include "readconf.h" #include "match.h" #include "misc.h" +#include "kex.h" +#include "mac.h" /* Format of the configuration file: @@ -105,7 +107,7 @@ typedef enum { oGlobalKnownHostsFile, oUserKnownHostsFile, oConnectionAttempts, oBatchMode, oCheckHostIP, oStrictHostKeyChecking, oCompression, oCompressionLevel, oKeepAlives, oNumberOfPasswordPrompts, - oUsePrivilegedPort, oLogLevel, oCiphers, oProtocol, + oUsePrivilegedPort, oLogLevel, oCiphers, oProtocol, oMacs, oGlobalKnownHostsFile2, oUserKnownHostsFile2, oPubkeyAuthentication, oKbdInteractiveAuthentication, oKbdInteractiveDevices, oHostKeyAlias } OpCodes; @@ -148,6 +150,7 @@ static struct { { "port", oPort }, { "cipher", oCipher }, { "ciphers", oCiphers }, + { "macs", oMacs }, { "protocol", oProtocol }, { "remoteforward", oRemoteForward }, { "localforward", oLocalForward }, @@ -500,6 +503,17 @@ parse_int: options->ciphers = xstrdup(arg); break; + case oMacs: + arg = strdelim(&s); + if (!arg || *arg == '\0') + fatal("%.200s line %d: Missing argument.", filename, linenum); + if (!mac_valid(arg)) + fatal("%.200s line %d: Bad SSH2 Mac spec '%s'.", + filename, linenum, arg ? arg : "<NONE>"); + if (*activep && options->macs == NULL) + options->macs = xstrdup(arg); + break; + case oProtocol: intptr = &options->protocol; arg = strdelim(&s); @@ -691,6 +705,7 @@ initialize_options(Options * options) options->number_of_password_prompts = -1; options->cipher = -1; options->ciphers = NULL; + options->macs = NULL; options->protocol = SSH_PROTO_UNKNOWN; options->num_identity_files = 0; options->hostname = NULL; @@ -779,6 +794,7 @@ fill_default_options(Options * options) if (options->cipher == -1) options->cipher = SSH_CIPHER_NOT_SET; /* options->ciphers, default set in myproposals.h */ + /* options->macs, default set in myproposals.h */ if (options->protocol == SSH_PROTO_UNKNOWN) options->protocol = SSH_PROTO_1|SSH_PROTO_2|SSH_PROTO_1_PREFERRED; if (options->num_identity_files == 0) { diff --git a/usr.bin/ssh/readconf.h b/usr.bin/ssh/readconf.h index 241b7165c0a..575b2646da9 100644 --- a/usr.bin/ssh/readconf.h +++ b/usr.bin/ssh/readconf.h @@ -11,7 +11,7 @@ * called by a name other than "ssh" or "Secure Shell". */ -/* RCSID("$OpenBSD: readconf.h,v 1.25 2001/01/22 23:06:39 markus Exp $"); */ +/* RCSID("$OpenBSD: readconf.h,v 1.26 2001/02/11 12:59:25 markus Exp $"); */ #ifndef READCONF_H #define READCONF_H @@ -68,6 +68,7 @@ typedef struct { * prompts. */ int cipher; /* Cipher to use. */ char *ciphers; /* SSH2 ciphers in order of preference. */ + char *macs; /* SSH2 macs in order of preference. */ int protocol; /* Protocol in order of preference. */ char *hostname; /* Real host to connect. */ char *host_key_alias; /* hostname alias for .ssh/known_hosts */ diff --git a/usr.bin/ssh/servconf.c b/usr.bin/ssh/servconf.c index 59687e16d9b..43a2c111e62 100644 --- a/usr.bin/ssh/servconf.c +++ b/usr.bin/ssh/servconf.c @@ -10,7 +10,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: servconf.c,v 1.65 2001/02/04 15:32:24 stevesk Exp $"); +RCSID("$OpenBSD: servconf.c,v 1.66 2001/02/11 12:59:25 markus Exp $"); #ifdef KRB4 #include <krb.h> @@ -28,6 +28,8 @@ RCSID("$OpenBSD: servconf.c,v 1.65 2001/02/04 15:32:24 stevesk Exp $"); #include "tildexpand.h" #include "misc.h" #include "cipher.h" +#include "kex.h" +#include "mac.h" /* add listen address */ void add_listen_addr(ServerOptions *options, char *addr); @@ -85,6 +87,7 @@ initialize_server_options(ServerOptions *options) options->num_allow_groups = 0; options->num_deny_groups = 0; options->ciphers = NULL; + options->macs = NULL; options->protocol = SSH_PROTO_UNKNOWN; options->gateway_ports = -1; options->num_subsystems = 0; @@ -209,7 +212,7 @@ typedef enum { sStrictModes, sEmptyPasswd, sRandomSeedFile, sKeepAlives, sCheckMail, sUseLogin, sAllowTcpForwarding, sAllowUsers, sDenyUsers, sAllowGroups, sDenyGroups, - sIgnoreUserKnownHosts, sCiphers, sProtocol, sPidFile, + sIgnoreUserKnownHosts, sCiphers, sMacs, sProtocol, sPidFile, sGatewayPorts, sPubkeyAuthentication, sXAuthLocation, sSubsystem, sMaxStartups, sBanner, sReverseMappingCheck } ServerOpCodes; @@ -266,6 +269,7 @@ static struct { { "allowgroups", sAllowGroups }, { "denygroups", sDenyGroups }, { "ciphers", sCiphers }, + { "macs", sMacs }, { "protocol", sProtocol }, { "gatewayports", sGatewayPorts }, { "subsystem", sSubsystem }, @@ -658,6 +662,17 @@ parse_flag: options->ciphers = xstrdup(arg); break; + case sMacs: + arg = strdelim(&cp); + if (!arg || *arg == '\0') + fatal("%s line %d: Missing argument.", filename, linenum); + if (!mac_valid(arg)) + fatal("%s line %d: Bad SSH2 mac spec '%s'.", + filename, linenum, arg ? arg : "<NONE>"); + if (options->macs == NULL) + options->macs = xstrdup(arg); + break; + case sProtocol: intptr = &options->protocol; arg = strdelim(&cp); diff --git a/usr.bin/ssh/servconf.h b/usr.bin/ssh/servconf.h index e7abb94d8ea..8236a639189 100644 --- a/usr.bin/ssh/servconf.h +++ b/usr.bin/ssh/servconf.h @@ -11,7 +11,7 @@ * called by a name other than "ssh" or "Secure Shell". */ -/* RCSID("$OpenBSD: servconf.h,v 1.36 2001/02/03 10:08:37 markus Exp $"); */ +/* RCSID("$OpenBSD: servconf.h,v 1.37 2001/02/11 12:59:25 markus Exp $"); */ #ifndef SERVCONF_H #define SERVCONF_H @@ -50,8 +50,9 @@ typedef struct { char *xauth_location; /* Location of xauth program */ int strict_modes; /* If true, require string home dir modes. */ int keepalives; /* If true, set SO_KEEPALIVE. */ - char *ciphers; /* Ciphers in order of preference. */ - int protocol; /* Protocol in order of preference. */ + char *ciphers; /* Supported SSH2 ciphers. */ + char *macs; /* Supported SSH2 macs. */ + int protocol; /* Supported protocol versions. */ int gateway_ports; /* If true, allow remote connects to forwarded ports. */ SyslogFacility log_facility; /* Facility for system logging. */ LogLevel log_level; /* Level for system logging. */ diff --git a/usr.bin/ssh/ssh.1 b/usr.bin/ssh/ssh.1 index dc177c8ba47..eeeab9bd15a 100644 --- a/usr.bin/ssh/ssh.1 +++ b/usr.bin/ssh/ssh.1 @@ -34,7 +34,7 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.\" $OpenBSD: ssh.1,v 1.90 2001/02/10 16:03:29 markus Exp $ +.\" $OpenBSD: ssh.1,v 1.91 2001/02/11 12:59:25 markus Exp $ .Dd September 25, 1999 .Dt SSH 1 .Os @@ -53,6 +53,7 @@ .Op Fl e Ar escape_char .Op Fl i Ar identity_file .Op Fl l Ar login_name +.Op Fl m Ar mac_spec .Op Fl o Ar option .Op Fl p Ar port .Oo Fl L Xo @@ -425,6 +426,13 @@ This may also be specified on a per-host basis in the configuration file. .It Fl l Ar login_name Specifies the user to log in as on the remote machine. This also may be specified on a per-host basis in the configuration file. +.It Fl m Ar mac_spec +Additionally, for protocol version 2 a comma-separated list of MAC +(message authentication code) algorithms can +be specified in order of preference. +See the +.Cm MACs +keyword for more information. .It Fl n Redirects stdin from .Pa /dev/null @@ -814,6 +822,18 @@ Gives the verbosity level that is used when logging messages from The possible values are: QUIET, FATAL, ERROR, INFO, VERBOSE and DEBUG. The default is INFO. +.It Cm MACs +Specifies the MAC (message authentication code) algorithms +in order of preference. +The MAC algorithm is used in protocol version 2 +for data integrity protection. +Multiple algorithms must be comma-separated. +The default is +.Pp +.Bd -literal + ``hmac-sha1,hmac-md5,hmac-ripemd160,hmac-ripemd160@openssh.com, + hmac-sha1-96,hmac-md5-96'' +.Ed .It Cm NumberOfPasswordPrompts Specifies the number of password prompts before giving up. The argument to this keyword must be an integer. diff --git a/usr.bin/ssh/ssh.c b/usr.bin/ssh/ssh.c index 5dd9a8bef3f..ec76e060310 100644 --- a/usr.bin/ssh/ssh.c +++ b/usr.bin/ssh/ssh.c @@ -39,7 +39,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: ssh.c,v 1.94 2001/02/10 01:46:28 markus Exp $"); +RCSID("$OpenBSD: ssh.c,v 1.95 2001/02/11 12:59:25 markus Exp $"); #include <openssl/evp.h> #include <openssl/err.h> @@ -65,6 +65,8 @@ RCSID("$OpenBSD: ssh.c,v 1.94 2001/02/10 01:46:28 markus Exp $"); #include "tildexpand.h" #include "dispatch.h" #include "misc.h" +#include "kex.h" +#include "mac.h" extern char *__progname; @@ -292,7 +294,7 @@ main(int ac, char **av) opt = av[optind][1]; if (!opt) usage(); - if (strchr("eilcpLRo", opt)) { /* options with arguments */ + if (strchr("eilcmpLRo", opt)) { /* options with arguments */ optarg = av[optind] + 2; if (strcmp(optarg, "") == 0) { if (optind >= ac - 1) @@ -421,6 +423,14 @@ main(int ac, char **av) } } break; + case 'm': + if (mac_valid(optarg)) + options.macs = xstrdup(optarg); + else { + fprintf(stderr, "Unknown mac type '%s'\n", optarg); + exit(1); + } + break; case 'p': options.port = atoi(optarg); break; diff --git a/usr.bin/ssh/sshconnect2.c b/usr.bin/ssh/sshconnect2.c index 031f719baef..9681ca2d4d8 100644 --- a/usr.bin/ssh/sshconnect2.c +++ b/usr.bin/ssh/sshconnect2.c @@ -23,7 +23,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: sshconnect2.c,v 1.46 2001/02/10 12:09:21 markus Exp $"); +RCSID("$OpenBSD: sshconnect2.c,v 1.47 2001/02/11 12:59:25 markus Exp $"); #include <openssl/bn.h> #include <openssl/md5.h> @@ -84,12 +84,16 @@ ssh_kex2(char *host, struct sockaddr *hostaddr) myproposal[PROPOSAL_ENC_ALGS_STOC] = options.ciphers; } if (options.compression) { - myproposal[PROPOSAL_COMP_ALGS_CTOS] = "zlib"; + myproposal[PROPOSAL_COMP_ALGS_CTOS] = myproposal[PROPOSAL_COMP_ALGS_STOC] = "zlib"; } else { - myproposal[PROPOSAL_COMP_ALGS_CTOS] = "none"; + myproposal[PROPOSAL_COMP_ALGS_CTOS] = myproposal[PROPOSAL_COMP_ALGS_STOC] = "none"; } + if (options.macs != NULL) { + myproposal[PROPOSAL_MAC_ALGS_CTOS] = + myproposal[PROPOSAL_MAC_ALGS_STOC] = options.macs; + } /* buffers with raw kexinit messages */ server_kexinit = xmalloc(sizeof(*server_kexinit)); diff --git a/usr.bin/ssh/sshd.8 b/usr.bin/ssh/sshd.8 index 5bf0b3a6e09..1b1e9645cfd 100644 --- a/usr.bin/ssh/sshd.8 +++ b/usr.bin/ssh/sshd.8 @@ -34,7 +34,7 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.\" $OpenBSD: sshd.8,v 1.92 2001/02/09 23:38:11 deraadt Exp $ +.\" $OpenBSD: sshd.8,v 1.93 2001/02/11 12:59:25 markus Exp $ .Dd September 25, 1999 .Dt SSHD 8 .Os @@ -501,6 +501,17 @@ QUIET, FATAL, ERROR, INFO, VERBOSE and DEBUG. The default is INFO. Logging with level DEBUG violates the privacy of users and is not recommended. +.It Cm MACs +Specifies the available MAC (message authentication code) algorithms. +The MAC algorithm is used in protocol version 2 +for data integrity protection. +Multiple algorithms must be comma-separated. +The default is +.Pp +.Bd -literal + ``hmac-sha1,hmac-md5,hmac-ripemd160,hmac-ripemd160@openssh.com, + hmac-sha1-96,hmac-md5-96'' +.Ed .It Cm MaxStartups Specifies the maximum number of concurrent unauthenticated connections to the .Nm diff --git a/usr.bin/ssh/sshd.c b/usr.bin/ssh/sshd.c index 21dbf995818..236021c84b5 100644 --- a/usr.bin/ssh/sshd.c +++ b/usr.bin/ssh/sshd.c @@ -40,7 +40,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: sshd.c,v 1.165 2001/02/08 19:30:53 itojun Exp $"); +RCSID("$OpenBSD: sshd.c,v 1.166 2001/02/11 12:59:25 markus Exp $"); #include <openssl/dh.h> #include <openssl/bn.h> @@ -1388,6 +1388,10 @@ do_ssh2_kex(void) myproposal[PROPOSAL_ENC_ALGS_CTOS] = myproposal[PROPOSAL_ENC_ALGS_STOC] = options.ciphers; } + if (options.macs != NULL) { + myproposal[PROPOSAL_MAC_ALGS_CTOS] = + myproposal[PROPOSAL_MAC_ALGS_STOC] = options.macs; + } myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = list_hostkey_types(); server_kexinit = kex_init(myproposal); |