+++ /dev/null
-From 6e43be5c7b99dbee49dc72b6f989f29fdd7e9356 Mon Sep 17 00:00:00 2001
-From: Matt Johnston <matt@ucc.asn.au>
-Date: Mon, 20 Nov 2023 14:02:47 +0800
-Subject: Implement Strict KEX mode
-
-As specified by OpenSSH with kex-strict-c-v00@openssh.com and
-kex-strict-s-v00@openssh.com.
----
- cli-session.c | 11 +++++++++++
- common-algo.c | 6 ++++++
- common-kex.c | 26 +++++++++++++++++++++++++-
- kex.h | 3 +++
- process-packet.c | 34 +++++++++++++++++++---------------
- ssh.h | 4 ++++
- svr-session.c | 3 +++
- 7 files changed, 71 insertions(+), 16 deletions(-)
-
---- a/cli-session.c
-+++ b/cli-session.c
-@@ -46,6 +46,7 @@ static void cli_finished(void) ATTRIB_NO
- static void recv_msg_service_accept(void);
- static void cli_session_cleanup(void);
- static void recv_msg_global_request_cli(void);
-+static void cli_algos_initialise(void);
-
- struct clientsession cli_ses; /* GLOBAL */
-
-@@ -117,6 +118,7 @@ void cli_session(int sock_in, int sock_o
- }
-
- chaninitialise(cli_chantypes);
-+ cli_algos_initialise();
-
- /* Set up cli_ses vars */
- cli_session_init(proxy_cmd_pid);
-@@ -487,3 +489,12 @@ void cli_dropbear_log(int priority, cons
- fflush(stderr);
- }
-
-+static void cli_algos_initialise(void) {
-+ algo_type *algo;
-+ for (algo = sshkex; algo->name; algo++) {
-+ if (strcmp(algo->name, SSH_STRICT_KEX_S) == 0) {
-+ algo->usable = 0;
-+ }
-+ }
-+}
-+
---- a/common-algo.c
-+++ b/common-algo.c
-@@ -308,6 +308,12 @@ algo_type sshkex[] = {
- {SSH_EXT_INFO_C, 0, NULL, 1, NULL},
- #endif
- #endif
-+#if DROPBEAR_CLIENT
-+ {SSH_STRICT_KEX_C, 0, NULL, 1, NULL},
-+#endif
-+#if DROPBEAR_SERVER
-+ {SSH_STRICT_KEX_S, 0, NULL, 1, NULL},
-+#endif
- {NULL, 0, NULL, 0, NULL}
- };
-
---- a/common-kex.c
-+++ b/common-kex.c
-@@ -183,6 +183,10 @@ void send_msg_newkeys() {
- gen_new_keys();
- switch_keys();
-
-+ if (ses.kexstate.strict_kex) {
-+ ses.transseq = 0;
-+ }
-+
- TRACE(("leave send_msg_newkeys"))
- }
-
-@@ -193,7 +197,11 @@ void recv_msg_newkeys() {
-
- ses.kexstate.recvnewkeys = 1;
- switch_keys();
--
-+
-+ if (ses.kexstate.strict_kex) {
-+ ses.recvseq = 0;
-+ }
-+
- TRACE(("leave recv_msg_newkeys"))
- }
-
-@@ -550,6 +558,10 @@ void recv_msg_kexinit() {
-
- ses.kexstate.recvkexinit = 1;
-
-+ if (ses.kexstate.strict_kex && !ses.kexstate.donefirstkex && ses.recvseq != 1) {
-+ dropbear_exit("First packet wasn't kexinit");
-+ }
-+
- TRACE(("leave recv_msg_kexinit"))
- }
-
-@@ -859,6 +871,18 @@ static void read_kex_algos() {
- }
- #endif
-
-+ if (!ses.kexstate.donefirstkex) {
-+ const char* strict_name;
-+ if (IS_DROPBEAR_CLIENT) {
-+ strict_name = SSH_STRICT_KEX_S;
-+ } else {
-+ strict_name = SSH_STRICT_KEX_C;
-+ }
-+ if (buf_has_algo(ses.payload, strict_name) == DROPBEAR_SUCCESS) {
-+ ses.kexstate.strict_kex = 1;
-+ }
-+ }
-+
- algo = buf_match_algo(ses.payload, sshkex, kexguess2, &goodguess);
- allgood &= goodguess;
- if (algo == NULL || algo->data == NULL) {
---- a/kex.h
-+++ b/kex.h
-@@ -83,6 +83,9 @@ struct KEXState {
-
- unsigned our_first_follows_matches : 1;
-
-+ /* Boolean indicating that strict kex mode is in use */
-+ unsigned int strict_kex;
-+
- time_t lastkextime; /* time of the last kex */
- unsigned int datatrans; /* data transmitted since last kex */
- unsigned int datarecv; /* data received since last kex */
---- a/process-packet.c
-+++ b/process-packet.c
-@@ -44,6 +44,7 @@ void process_packet() {
-
- unsigned char type;
- unsigned int i;
-+ unsigned int first_strict_kex = ses.kexstate.strict_kex && !ses.kexstate.donefirstkex;
- time_t now;
-
- TRACE2(("enter process_packet"))
-@@ -54,22 +55,24 @@ void process_packet() {
- now = monotonic_now();
- ses.last_packet_time_keepalive_recv = now;
-
-- /* These packets we can receive at any time */
-- switch(type) {
-
-- case SSH_MSG_IGNORE:
-- goto out;
-- case SSH_MSG_DEBUG:
-- goto out;
--
-- case SSH_MSG_UNIMPLEMENTED:
-- /* debugging XXX */
-- TRACE(("SSH_MSG_UNIMPLEMENTED"))
-- goto out;
--
-- case SSH_MSG_DISCONNECT:
-- /* TODO cleanup? */
-- dropbear_close("Disconnect received");
-+ if (type == SSH_MSG_DISCONNECT) {
-+ /* Allowed at any time */
-+ dropbear_close("Disconnect received");
-+ }
-+
-+ /* These packets may be received at any time,
-+ except during first kex with strict kex */
-+ if (!first_strict_kex) {
-+ switch(type) {
-+ case SSH_MSG_IGNORE:
-+ goto out;
-+ case SSH_MSG_DEBUG:
-+ goto out;
-+ case SSH_MSG_UNIMPLEMENTED:
-+ TRACE(("SSH_MSG_UNIMPLEMENTED"))
-+ goto out;
-+ }
- }
-
- /* Ignore these packet types so that keepalives don't interfere with
-@@ -98,7 +101,8 @@ void process_packet() {
- if (type >= 1 && type <= 49
- && type != SSH_MSG_SERVICE_REQUEST
- && type != SSH_MSG_SERVICE_ACCEPT
-- && type != SSH_MSG_KEXINIT)
-+ && type != SSH_MSG_KEXINIT
-+ && !first_strict_kex)
- {
- TRACE(("unknown allowed packet during kexinit"))
- recv_unimplemented();
---- a/ssh.h
-+++ b/ssh.h
-@@ -100,6 +100,10 @@
- #define SSH_EXT_INFO_C "ext-info-c"
- #define SSH_SERVER_SIG_ALGS "server-sig-algs"
-
-+/* OpenSSH strict KEX feature */
-+#define SSH_STRICT_KEX_S "kex-strict-s-v00@openssh.com"
-+#define SSH_STRICT_KEX_C "kex-strict-c-v00@openssh.com"
-+
- /* service types */
- #define SSH_SERVICE_USERAUTH "ssh-userauth"
- #define SSH_SERVICE_USERAUTH_LEN 12
---- a/svr-session.c
-+++ b/svr-session.c
-@@ -370,6 +370,9 @@ static void svr_algos_initialise(void) {
- algo->usable = 0;
- }
- #endif
-+ if (strcmp(algo->name, SSH_STRICT_KEX_C) == 0) {
-+ algo->usable = 0;
-+ }
- }
- }
-
projects / openwrt / openwrt.git / blobdiff