[arch-commits] Commit in openssh/trunk (PKGBUILD keyboard-interactive.patch)

Gaetan Bisson bisson at archlinux.org
Thu Jul 23 02:38:37 UTC 2015


    Date: Thursday, July 23, 2015 @ 04:38:36
  Author: bisson
Revision: 242452

fix https://kingcope.wordpress.com/2015/07/16/openssh-keyboard-interactive-authentication-brute-force-vulnerability-maxauthtries-bypass/

Added:
  openssh/trunk/keyboard-interactive.patch
Modified:
  openssh/trunk/PKGBUILD

----------------------------+
 PKGBUILD                   |    9 ++++++-
 keyboard-interactive.patch |   52 +++++++++++++++++++++++++++++++++++++++++++
 2 files changed, 60 insertions(+), 1 deletion(-)

Modified: PKGBUILD
===================================================================
--- PKGBUILD	2015-07-23 00:53:11 UTC (rev 242451)
+++ PKGBUILD	2015-07-23 02:38:36 UTC (rev 242452)
@@ -5,7 +5,7 @@
 
 pkgname=openssh
 pkgver=6.9p1
-pkgrel=1
+pkgrel=2
 pkgdesc='Free version of the SSH connectivity tools'
 url='http://www.openssh.org/portable.html'
 license=('custom:BSD')
@@ -16,6 +16,7 @@
             'x11-ssh-askpass: input passphrase in X')
 validpgpkeys=('59C2118ED206D927E667EBE3D3E5F56B6D920D30')
 source=("ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/${pkgname}-${pkgver}.tar.gz"{,.asc}
+        'keyboard-interactive.patch'
         'sshdgenkeys.service'
         'sshd at .service'
         'sshd.service'
@@ -23,6 +24,7 @@
         'sshd.conf'
         'sshd.pam')
 sha1sums=('86ab57f00d0fd9bf302760f2f6deac1b6e9df265' 'SKIP'
+          'ef9e9327a943839abb3d202783b318e9cd2bdcd5'
           'cc1ceec606c98c7407e7ac21ade23aed81e31405'
           '6a0ff3305692cf83aca96e10f3bb51e1c26fccda'
           'ec49c6beba923e201505f5669cea48cad29014db'
@@ -34,6 +36,11 @@
 
 install=install
 
+prepare() {
+	cd "${srcdir}/${pkgname}-${pkgver}"
+	patch -p1 -i ../keyboard-interactive.patch
+}
+
 build() {
 	cd "${srcdir}/${pkgname}-${pkgver}"
 

Added: keyboard-interactive.patch
===================================================================
--- keyboard-interactive.patch	                        (rev 0)
+++ keyboard-interactive.patch	2015-07-23 02:38:36 UTC (rev 242452)
@@ -0,0 +1,52 @@
+From 5b64f85bb811246c59ebab70aed331f26ba37b18 Mon Sep 17 00:00:00 2001
+From: "djm at openbsd.org" <djm at openbsd.org>
+Date: Sat, 18 Jul 2015 07:57:14 +0000
+Subject: upstream commit
+
+only query each keyboard-interactive device once per
+ authentication request regardless of how many times it is listed; ok markus@
+
+Upstream-ID: d73fafba6e86030436ff673656ec1f33d9ffeda1
+---
+ auth2-chall.c | 11 ++++++++---
+ 1 file changed, 8 insertions(+), 3 deletions(-)
+
+diff --git a/auth2-chall.c b/auth2-chall.c
+index ddabe1a..4aff09d 100644
+--- a/auth2-chall.c
++++ b/auth2-chall.c
+@@ -1,4 +1,4 @@
+-/* $OpenBSD: auth2-chall.c,v 1.42 2015/01/19 20:07:45 markus Exp $ */
++/* $OpenBSD: auth2-chall.c,v 1.43 2015/07/18 07:57:14 djm Exp $ */
+ /*
+  * Copyright (c) 2001 Markus Friedl.  All rights reserved.
+  * Copyright (c) 2001 Per Allansson.  All rights reserved.
+@@ -83,6 +83,7 @@ struct KbdintAuthctxt
+ 	void *ctxt;
+ 	KbdintDevice *device;
+ 	u_int nreq;
++	u_int devices_done;
+ };
+ 
+ #ifdef USE_PAM
+@@ -169,11 +170,15 @@ kbdint_next_device(Authctxt *authctxt, KbdintAuthctxt *kbdintctxt)
+ 		if (len == 0)
+ 			break;
+ 		for (i = 0; devices[i]; i++) {
+-			if (!auth2_method_allowed(authctxt,
++			if ((kbdintctxt->devices_done & (1 << i)) != 0 ||
++			    !auth2_method_allowed(authctxt,
+ 			    "keyboard-interactive", devices[i]->name))
+ 				continue;
+-			if (strncmp(kbdintctxt->devices, devices[i]->name, len) == 0)
++			if (strncmp(kbdintctxt->devices, devices[i]->name,
++			    len) == 0) {
+ 				kbdintctxt->device = devices[i];
++				kbdintctxt->devices_done |= 1 << i;
++			}
+ 		}
+ 		t = kbdintctxt->devices;
+ 		kbdintctxt->devices = t[len] ? xstrdup(t+len+1) : NULL;
+-- 
+cgit v0.11.2
+



More information about the arch-commits mailing list