Fix CVE-2016-0739 (Weak Diffie-Hellman secret generation in
dh_generate_x() and dh_generate_y()).
"Due to a byte/bit confusion, the DH secret was too short. This file was
completely reworked and will be commited in a future version."
Source:
https://git.libssh.org/projects/libssh.git/commit/?id=f8d0026c65fc8a55748ae481758e2cf376c26c86
This patch was created by upstream for libssh-0.7.3, but applied without
modification to libssh-0.6.3 by Debian. In Guix, we apply it without
modification to libssh-0.6.5.
References:
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-0739
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0739
https://security-tracker.debian.org/tracker/CVE-2016-0739
---
src/dh.c | 22 +++++++++++++++++-----
1 file changed, 17 insertions(+), 5 deletions(-)
diff --git a/src/dh.c b/src/dh.c
index e489a1d..d27b66e 100644
--- a/src/dh.c
+++ b/src/dh.c
@@ -227,15 +227,21 @@ void ssh_crypto_finalize(void) {
}
int dh_generate_x(ssh_session session) {
+ int keysize;
+ if (session->next_crypto->kex_type == SSH_KEX_DH_GROUP1_SHA1) {
+ keysize = 1023;
+ } else {
+ keysize = 2047;
+ }
session->next_crypto->x = bignum_new();
if (session->next_crypto->x == NULL) {
return -1;
}
#ifdef HAVE_LIBGCRYPT
- bignum_rand(session->next_crypto->x, 128);
+ bignum_rand(session->next_crypto->x, keysize);
#elif defined HAVE_LIBCRYPTO
- bignum_rand(session->next_crypto->x, 128, 0, -1);
+ bignum_rand(session->next_crypto->x, keysize, -1, 0);
#endif
/* not harder than this */
@@ -248,15 +254,21 @@ int dh_generate_x(ssh_session session) {
/* used by server */
int dh_generate_y(ssh_session session) {
- session->next_crypto->y = bignum_new();
+ int keysize;
+ if (session->next_crypto->kex_type == SSH_KEX_DH_GROUP1_SHA1) {
+ keysize = 1023;
+ } else {
+ keysize = 2047;
+ }
+ session->next_crypto->y = bignum_new();
if (session->next_crypto->y == NULL) {
return -1;
}
#ifdef HAVE_LIBGCRYPT
- bignum_rand(session->next_crypto->y, 128);
+ bignum_rand(session->next_crypto->y, keysize);
#elif defined HAVE_LIBCRYPTO
- bignum_rand(session->next_crypto->y, 128, 0, -1);
+ bignum_rand(session->next_crypto->y, keysize, -1, 0);
#endif
/* not harder than this */
--
cgit v0.12
'nohover'>| Age | Commit message (Expand) | Author |
| 2022-05-29 | bash completion: Fix & unify option parsing....We now correctly recognise ‘guix -Abcdef’ as equivalent to ‘guix -f’.
* etc/completion/bash/guix (_guix_is_short_option, guix_is_long_option):
New functions.
(_guix_is_dash_f, _guix_is_dash_l, _guix_is_dash_L, _guix_is_dash_m)
(_guix_is_dash_C, _guix_is_dash_p): Use them.
| Tobias Geerinckx-Rice |
| 2022-01-17 | bash completion: Complete "guix home" sub-commands....* etc/completion/bash/guix (_guix_complete): Treat "guix home" like
"guix system".
| Ludovic Courtès |
| 2022-01-16 | bash completion: Fix options completion....Fixes, for example, "guix import pypi --<TAB>", which would previously
fail to show '--recursive'.
* etc/completion/bash/guix (_guix_complete_option): Fix options
completion for first subcommand.
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
| Fulbert |
| 2021-12-08 | bash completion: Complete ‘guix shell -f’....* etc/completion/bash/guix (_guix_complete): Suggest a file name
following ‘guix shell […] -f’.
| Tobias Geerinckx-Rice |
| 2021-10-31 | bash completion: Complete top-level options....* etc/completion/bash/guix (_guix_complete_option): Fix operation without a {,sub}command.
(_guix_complete): Call it also when no command is given.
| Tobias Geerinckx-Rice |
| 2021-10-31 | bash completion: Don't hard-code "guix" binary name....* etc/completion/bash/guix (_guix_complete_command):
Use ${COMP_WORDS[0]} instead of hard-coding "guix".
| Tobias Geerinckx-Rice |
| 2021-10-25 | Add 'guix shell'....* guix/scripts/shell.scm, tests/guix-shell.sh: New files.
* Makefile.am (MODULES): Add 'shell.scm'.
(SH_TESTS): Add 'tests/guix-shell.sh'.
* guix/scripts/environment.scm (show-environment-options-help): New
procedure.
(show-help): Use it.
(guix-environment*): New procedure.
(guix-environment): Use it.
* po/guix/POTFILES.in: Add it.
* doc/guix.texi (Features): Refer to "guix shell"
(Invoking guix package): Likewise.
(Development): Likewise.
(Invoking guix shell): New node.
(Invoking guix environment): Add deprecation warning.
(Debugging Build Failures): Use 'guix shell' in examples.
(Invoking guix container): Refer to 'guix shell'.
(Invoking guix processes, Virtualization Services): Adjust examples to
use 'guix shell'.
* doc/contributing.texi (Building from Git): Refer to 'guix shell'.
* etc/completion/bash/guix: Handle "shell".
| Ludovic Courtès |
| 2021-10-24 | etc: completion: Filter gratuitous spaces from available packages....Tested with:
guix environment --{ad-hoc,pure} zsh guix bash-completion coreutils -- zsh
% fpath=(~/guix/etc/completion/zsh $fpath)
% autoload -U compinit; compinit
* etc/completion/zsh/_guix (_guix_list_available_packages): Remove spaces.
Co-authored-by: Tobias Geerinckx-Rice <me@tobias.gr>
| Liliana Marie Prikler |