From nobody Tue Aug 1 20:06:25 2023 X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4RFmMl1Jqgz4pnm3; Tue, 1 Aug 2023 20:06:25 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4RFmMj37y1z3Gp4; Tue, 1 Aug 2023 20:06:25 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1690920385; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=C8Y0w8D8ByyjTDxYmDWiTkn6I8HupM6JD1xXoP7LC9c=; b=CCGa8onUQU1V4wEX3a/l513zAtOdfyol7fX/SMnPSHzoCWwIAdYWzClt6A13BUQOQ2oBn+ /5AZ9O1JCaUx4uVEa2so2XcWh46dRR7I0Bj19d2Ox1nhzcYWO0yvKqZhmmOJ9c+vhJrvSJ V25KFBFrq934aoxxfwyyWhrd7OYgvhl2S41FYGb59nvfIuLEDxCQkF+6QmhATkUhP9R+pC HGetd8CqTmVnIwgE3kK/6lW1uQkJne/ltoGREmjij5uDuUfroAC7apEo/16N/Tt6ZsRVqh deIOIXxcRVHJt6NBdypYjG2QnQhwWSjEeOhDBTnlKum0I5kd478t3rUjxgDNVg== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1690920385; a=rsa-sha256; cv=none; b=FlwbGup6KFf8Fskt49zKo7i0823yui9u/fFuqCvt56DoVyJpVEiYRuw+vgXoc7IXgv/EmN Pr8I2OiYMDpbFt3xJ4wXKIj9HKRaIn1QDxM5clGmwcMSiuFa0T3WhU/xsPLwcE2P57DV1Z qK6ubzuvx5FSgytS8hghxKFh69CbhwLu+Rp/5lPnpsHA1D0KVskilsmEoAg0mqMrD3nSPC 6rzzeZsgDeTt1pbV1+5kNZklmYbdiZkXbSyWZI0TI1n9IK0wLlpo8z5ufzV+SpxYSDKFgt jYxHkwWMJRfcHDdZ6JEWHvyMrorBer/j1IPz8rQQYiLY/uk4n8TOBikR2YyF3w== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1690920385; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=C8Y0w8D8ByyjTDxYmDWiTkn6I8HupM6JD1xXoP7LC9c=; b=aeCX4/1bOhy/bRBf/lbgAHpW8oxMAheg4DopRSlkiIxtyXFCODUZW3nYP/LKRUH2nKVcbR Ad4E+Qi5LcFd7ktvCFfYwFRmW37dfLS51dfqmP2RW1EF51n3VxemmEACczF87ps4PxvLrH 56bjzL87V92aQpEZyvAHgpWhO/jYCXCYkKwJ85MoMIEAf0CJYciSJlzoFnsbbcAQcL8C3h le6Lq6abdj0cRed44N2anOTk5M40twkv+sVC8FkHu7uxKHBOu+h0Siz1rPOXESCC7KejBY EEn468i+6Z6HJy+LDnhFIZVE7/JUygJ9r9DmgMRUyE9xf0LfwYVjXr6DoyxRhg== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4RFmMj1TzjzrMN; Tue, 1 Aug 2023 20:06:25 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.17.1/8.17.1) with ESMTP id 371K6PMI014092; Tue, 1 Aug 2023 20:06:25 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.17.1/8.17.1/Submit) id 371K6PSH014091; Tue, 1 Aug 2023 20:06:25 GMT (envelope-from git) Date: Tue, 1 Aug 2023 20:06:25 GMT Message-Id: <202308012006.371K6PSH014091@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Mark Johnston Subject: git: 4286578bb1d4 - releng/12.4 - ssh: Apply CVE-2023-38408 fix from OpenSSH 9.3p2 List-Id: Commits to the stable branches of the FreeBSD src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-dev-commits-src-branches@freebsd.org X-BeenThere: dev-commits-src-branches@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: markj X-Git-Repository: src X-Git-Refname: refs/heads/releng/12.4 X-Git-Reftype: branch X-Git-Commit: 4286578bb1d432301ba7de49855d5c53289da5f4 Auto-Submitted: auto-generated The branch releng/12.4 has been updated by markj: URL: https://cgit.FreeBSD.org/src/commit/?id=4286578bb1d432301ba7de49855d5c53289da5f4 commit 4286578bb1d432301ba7de49855d5c53289da5f4 Author: Ed Maste AuthorDate: 2023-08-01 14:40:42 +0000 Commit: Mark Johnston CommitDate: 2023-08-01 19:47:00 +0000 ssh: Apply CVE-2023-38408 fix from OpenSSH 9.3p2 Approved by: so Security: FreeBSD-SA-23:08.ssh Security: CVE-2023-38408 --- crypto/openssh/ssh-agent.1 | 45 ++++++++++++++++++++++++++++++++++++++++++-- crypto/openssh/ssh-agent.c | 29 +++++++++++++++++++++++----- crypto/openssh/ssh-pkcs11.c | 6 ++---- crypto/openssh/sshd_config | 2 +- crypto/openssh/sshd_config.5 | 2 +- crypto/openssh/version.h | 2 +- 6 files changed, 72 insertions(+), 14 deletions(-) diff --git a/crypto/openssh/ssh-agent.1 b/crypto/openssh/ssh-agent.1 index 8844b2eb45e8..a0ea506bdc93 100644 --- a/crypto/openssh/ssh-agent.1 +++ b/crypto/openssh/ssh-agent.1 @@ -1,4 +1,4 @@ -.\" $OpenBSD: ssh-agent.1,v 1.73 2022/03/31 17:27:27 naddy Exp $ +.\" $OpenBSD: ssh-agent.1,v 1.75 2022/10/07 06:00:58 jmc Exp $ .\" $FreeBSD$ .\" .\" Author: Tatu Ylonen @@ -35,7 +35,7 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.Dd $Mdocdate: March 31 2022 $ +.Dd $Mdocdate: October 7 2022 $ .Dt SSH-AGENT 1 .Os .Sh NAME @@ -47,11 +47,13 @@ .Op Fl \&Ddx .Op Fl a Ar bind_address .Op Fl E Ar fingerprint_hash +.Op Fl O Ar option .Op Fl P Ar allowed_providers .Op Fl t Ar life .Nm ssh-agent .Op Fl a Ar bind_address .Op Fl E Ar fingerprint_hash +.Op Fl O Ar option .Op Fl P Ar allowed_providers .Op Fl t Ar life .Ar command Op Ar arg ... @@ -103,6 +105,45 @@ The default is Kill the current agent (given by the .Ev SSH_AGENT_PID environment variable). +.It Fl O Ar option +Specify an option when starting +.Nm . +Currently two options are supported: +.Cm allow-remote-pkcs11 +and +.Cm no-restrict-websafe . +.Pp +The +.Cm allow-remote-pkcs11 +option allows clients of a forwarded +.Nm +to load PKCS#11 or FIDO provider libraries. +By default only local clients may perform this operation. +Note that signalling that a +.Nm +client remote is performed by +.Xr ssh 1 , +and use of other tools to forward access to the agent socket may circumvent +this restriction. +.Pp +The +.Cm no-restrict-websafe , +instructs +.Nm +to permit signatures using FIDO keys that might be web authentication +requests. +By default, +.Nm +refuses signature requests for FIDO keys where the key application string +does not start with +.Dq ssh: +and when the data to be signed does not appear to be a +.Xr ssh 1 +user authentication request or a +.Xr ssh-keygen 1 +signature. +The default behaviour prevents forwarded access to a FIDO key from also +implicitly forwarding the ability to authenticate to websites. .It Fl P Ar allowed_providers Specify a pattern-list of acceptable paths for PKCS#11 provider and FIDO authenticator middleware shared libraries that may be used with the diff --git a/crypto/openssh/ssh-agent.c b/crypto/openssh/ssh-agent.c index 2c2c7a639907..0e218390a21c 100644 --- a/crypto/openssh/ssh-agent.c +++ b/crypto/openssh/ssh-agent.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh-agent.c,v 1.292 2022/09/17 10:11:29 djm Exp $ */ +/* $OpenBSD: ssh-agent.c,v 1.293 2022/10/07 06:00:58 jmc Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -172,6 +172,12 @@ char socket_dir[PATH_MAX]; /* Pattern-list of allowed PKCS#11/Security key paths */ static char *allowed_providers; +/* + * Allows PKCS11 providers or SK keys that use non-internal providers to + * be added over a remote connection (identified by session-bind@openssh.com). + */ +static int remote_add_provider; + /* locking */ #define LOCK_SIZE 32 #define LOCK_SALT_SIZE 16 @@ -1249,6 +1255,12 @@ process_add_identity(SocketEntry *e) if (strcasecmp(sk_provider, "internal") == 0) { debug_f("internal provider"); } else { + if (e->nsession_ids != 0 && !remote_add_provider) { + verbose("failed add of SK provider \"%.100s\": " + "remote addition of providers is disabled", + sk_provider); + goto out; + } if (realpath(sk_provider, canonical_provider) == NULL) { verbose("failed provider \"%.100s\": " "realpath: %s", sk_provider, @@ -1412,6 +1424,11 @@ process_add_smartcard_key(SocketEntry *e) error_f("failed to parse constraints"); goto send; } + if (e->nsession_ids != 0 && !remote_add_provider) { + verbose("failed PKCS#11 add of \"%.100s\": remote addition of " + "providers is disabled", provider); + goto send; + } if (realpath(provider, canonical_provider) == NULL) { verbose("failed PKCS#11 add of \"%.100s\": realpath: %s", provider, strerror(errno)); @@ -2015,9 +2032,9 @@ usage(void) { fprintf(stderr, "usage: ssh-agent [-c | -s] [-Ddx] [-a bind_address] [-E fingerprint_hash]\n" - " [-P allowed_providers] [-t life]\n" - " ssh-agent [-a bind_address] [-E fingerprint_hash] [-P allowed_providers]\n" - " [-t life] command [arg ...]\n" + " [-O option] [-P allowed_providers] [-t life]\n" + " ssh-agent [-a bind_address] [-E fingerprint_hash] [-O option]\n" + " [-P allowed_providers] [-t life] command [arg ...]\n" " ssh-agent [-c | -s] -k\n"); exit(1); } @@ -2077,7 +2094,9 @@ main(int ac, char **av) break; case 'O': if (strcmp(optarg, "no-restrict-websafe") == 0) - restrict_websafe = 0; + restrict_websafe = 0; + else if (strcmp(optarg, "allow-remote-pkcs11") == 0) + remote_add_provider = 1; else fatal("Unknown -O option"); break; diff --git a/crypto/openssh/ssh-pkcs11.c b/crypto/openssh/ssh-pkcs11.c index b2e2b32a5078..9e48c134e411 100644 --- a/crypto/openssh/ssh-pkcs11.c +++ b/crypto/openssh/ssh-pkcs11.c @@ -1537,10 +1537,8 @@ pkcs11_register_provider(char *provider_id, char *pin, error("dlopen %s failed: %s", provider_id, dlerror()); goto fail; } - if ((getfunctionlist = dlsym(handle, "C_GetFunctionList")) == NULL) { - error("dlsym(C_GetFunctionList) failed: %s", dlerror()); - goto fail; - } + if ((getfunctionlist = dlsym(handle, "C_GetFunctionList")) == NULL) + fatal("dlsym(C_GetFunctionList) failed: %s", dlerror()); p = xcalloc(1, sizeof(*p)); p->name = xstrdup(provider_id); p->handle = handle; diff --git a/crypto/openssh/sshd_config b/crypto/openssh/sshd_config index 33c6e9a3b130..14a58ef4ddbb 100644 --- a/crypto/openssh/sshd_config +++ b/crypto/openssh/sshd_config @@ -106,7 +106,7 @@ AuthorizedKeysFile .ssh/authorized_keys #PermitTunnel no #ChrootDirectory none #UseBlacklist no -#VersionAddendum FreeBSD-20221019 +#VersionAddendum FreeBSD-20230719 # no default banner path #Banner none diff --git a/crypto/openssh/sshd_config.5 b/crypto/openssh/sshd_config.5 index 34dc3648ed26..dd8623d9b4dd 100644 --- a/crypto/openssh/sshd_config.5 +++ b/crypto/openssh/sshd_config.5 @@ -1822,7 +1822,7 @@ The default is Optionally specifies additional text to append to the SSH protocol banner sent by the server upon connection. The default is -.Qq FreeBSD-20221019 . +.Qq FreeBSD-20230719 . The value .Cm none may be used to disable this. diff --git a/crypto/openssh/version.h b/crypto/openssh/version.h index 30539ed442ca..3f7069aba20f 100644 --- a/crypto/openssh/version.h +++ b/crypto/openssh/version.h @@ -6,4 +6,4 @@ #define SSH_PORTABLE "p1" #define SSH_RELEASE SSH_VERSION SSH_PORTABLE -#define SSH_VERSION_FREEBSD "FreeBSD-20221019" +#define SSH_VERSION_FREEBSD "FreeBSD-20230719"