summaryrefslogtreecommitdiffstats
path: root/meta-oe/recipes-support/libssh/files/CVE-2016-0739.patch
diff options
context:
space:
mode:
Diffstat (limited to 'meta-oe/recipes-support/libssh/files/CVE-2016-0739.patch')
-rw-r--r--meta-oe/recipes-support/libssh/files/CVE-2016-0739.patch73
1 files changed, 73 insertions, 0 deletions
diff --git a/meta-oe/recipes-support/libssh/files/CVE-2016-0739.patch b/meta-oe/recipes-support/libssh/files/CVE-2016-0739.patch
new file mode 100644
index 0000000..ebe012c
--- /dev/null
+++ b/meta-oe/recipes-support/libssh/files/CVE-2016-0739.patch
@@ -0,0 +1,73 @@
1From f8d0026c65fc8a55748ae481758e2cf376c26c86 Mon Sep 17 00:00:00 2001
2From: Aris Adamantiadis <aris@0xbadc0de.be>
3Date: Tue, 9 Feb 2016 15:09:27 +0100
4Subject: [PATCH] dh: Fix CVE-2016-0739
5
6Due to a byte/bit confusion, the DH secret was too short. This file was
7completely reworked and will be commited in a future version.
8
9Upstream-Status: Backport
10
11Signed-off-by: Aris Adamantiadis <aris@0xbadc0de.be>
12Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
13Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
14---
15 src/dh.c | 22 +++++++++++++++++-----
16 1 file changed, 17 insertions(+), 5 deletions(-)
17
18diff --git a/src/dh.c b/src/dh.c
19index e489a1d..d27b66e 100644
20--- a/src/dh.c
21+++ b/src/dh.c
22@@ -227,15 +227,21 @@ void ssh_crypto_finalize(void) {
23 }
24
25 int dh_generate_x(ssh_session session) {
26+ int keysize;
27+ if (session->next_crypto->kex_type == SSH_KEX_DH_GROUP1_SHA1) {
28+ keysize = 1023;
29+ } else {
30+ keysize = 2047;
31+ }
32 session->next_crypto->x = bignum_new();
33 if (session->next_crypto->x == NULL) {
34 return -1;
35 }
36
37 #ifdef HAVE_LIBGCRYPT
38- bignum_rand(session->next_crypto->x, 128);
39+ bignum_rand(session->next_crypto->x, keysize);
40 #elif defined HAVE_LIBCRYPTO
41- bignum_rand(session->next_crypto->x, 128, 0, -1);
42+ bignum_rand(session->next_crypto->x, keysize, -1, 0);
43 #endif
44
45 /* not harder than this */
46@@ -248,15 +254,21 @@ int dh_generate_x(ssh_session session) {
47
48 /* used by server */
49 int dh_generate_y(ssh_session session) {
50- session->next_crypto->y = bignum_new();
51+ int keysize;
52+ if (session->next_crypto->kex_type == SSH_KEX_DH_GROUP1_SHA1) {
53+ keysize = 1023;
54+ } else {
55+ keysize = 2047;
56+ }
57+ session->next_crypto->y = bignum_new();
58 if (session->next_crypto->y == NULL) {
59 return -1;
60 }
61
62 #ifdef HAVE_LIBGCRYPT
63- bignum_rand(session->next_crypto->y, 128);
64+ bignum_rand(session->next_crypto->y, keysize);
65 #elif defined HAVE_LIBCRYPTO
66- bignum_rand(session->next_crypto->y, 128, 0, -1);
67+ bignum_rand(session->next_crypto->y, keysize, -1, 0);
68 #endif
69
70 /* not harder than this */
71--
721.9.1
73