Overview

File CVE-2014-0017-reseed-random.patch of Package libssh.openSUSE_13.1_Update

From 0ea1cbf1e29a7ae774de6c225e14818138e5203c Mon Sep 17 00:00:00 2001
From: Aris Adamantiadis <aris@0xbadc0de.be>
Date: Wed, 5 Feb 2014 21:24:12 +0100
Subject: [PATCH] security: fix for vulnerability CVE-2014-0017

When accepting a new connection, a forking server based on libssh forks
and the child process handles the request. The RAND_bytes() function of
openssl doesn't reset its state after the fork, but simply adds the
current process id (getpid) to the PRNG state, which is not guaranteed
to be unique.
This can cause several children to end up with same PRNG state which is
a security issue.
---
 include/libssh/wrapper.h | 1 +
 src/bind.c               | 2 ++
 src/libcrypto.c          | 9 +++++++++
 src/libgcrypt.c          | 3 +++
 4 files changed, 15 insertions(+)

Index: libssh-0.5.5/include/libssh/wrapper.h
===================================================================
--- libssh-0.5.5.orig/include/libssh/wrapper.h
+++ libssh-0.5.5/include/libssh/wrapper.h
@@ -44,5 +44,6 @@ int crypt_set_algorithms_server(ssh_sess
 struct ssh_crypto_struct *crypto_new(void);
 void crypto_free(struct ssh_crypto_struct *crypto);
 
+void ssh_reseed(void);
 
 #endif /* WRAPPER_H_ */
Index: libssh-0.5.5/src/libcrypto.c
===================================================================
--- libssh-0.5.5.orig/src/libcrypto.c
+++ libssh-0.5.5/src/libcrypto.c
@@ -23,6 +23,7 @@
 #include <stdlib.h>
 #include <stdio.h>
 #include <string.h>
+#include <sys/time.h>
 
 #include "libssh/priv.h"
 #include "libssh/session.h"
@@ -38,6 +39,8 @@
 #include <openssl/rsa.h>
 #include <openssl/hmac.h>
 #include <openssl/opensslv.h>
+#include <openssl/rand.h>
+
 #ifdef HAVE_OPENSSL_AES_H
 #define HAS_AES
 #include <openssl/aes.h>
@@ -66,6 +69,12 @@ static int alloc_key(struct crypto_struc
     return 0;
 }
 
+void ssh_reseed(void){
+    struct timeval tv;
+    gettimeofday(&tv, NULL);
+    RAND_add(&tv, sizeof(tv), 0.0);
+}
+
 SHACTX sha1_init(void) {
   SHACTX c = malloc(sizeof(*c));
   if (c == NULL) {
Index: libssh-0.5.5/src/libgcrypt.c
===================================================================
--- libssh-0.5.5.orig/src/libgcrypt.c
+++ libssh-0.5.5/src/libgcrypt.c
@@ -41,6 +41,9 @@ static int alloc_key(struct crypto_struc
     return 0;
 }
 
+void ssh_reseed(void){
+       }
+
 SHACTX sha1_init(void) {
   SHACTX ctx = NULL;
   gcry_md_open(&ctx, GCRY_MD_SHA1, 0);
Index: libssh-0.5.5/src/bind.c
===================================================================
--- libssh-0.5.5.orig/src/bind.c
+++ libssh-0.5.5/src/bind.c
@@ -375,6 +375,8 @@ int ssh_bind_accept(ssh_bind sshbind, ss
   session->dsa_key = dsa;
   session->rsa_key = rsa;
 
+  /* force PRNG to change state in case we fork after ssh_bind_accept */
+  ssh_reseed();
   return SSH_OK;
 }
openSUSE Build Service is sponsored by
Places