diff -Naur openssh-3.4p1.orig/debian/changelog openssh-3.4p1/debian/changelog --- openssh-3.4p1.orig/debian/changelog Sat Aug 10 12:13:23 2002 +++ openssh-3.4p1/debian/changelog Sat Aug 10 14:47:08 2002 @@ -1,3 +1,9 @@ +openssh (10:3.4p1-1) testing; urgency=high + + * Initial Cleartext Keyword added + + -- Claus Fischer Sat, 10 Aug 2002 12:30:00 +0200 + openssh (1:3.4p1-1) testing; urgency=high * Extend my tendrils back into this package (Closes: #150915, #151098) diff -Naur openssh-3.4p1.orig/scp.c openssh-3.4p1/scp.c --- openssh-3.4p1.orig/scp.c Sat Aug 10 12:13:23 2002 +++ openssh-3.4p1/scp.c Sat Aug 10 15:48:43 2002 @@ -233,7 +233,7 @@ addargs(&args, "-oClearAllForwardings yes"); fflag = tflag = 0; - while ((ch = getopt(argc, argv, "dfprtvBCc:i:P:q1246S:o:F:")) != -1) + while ((ch = getopt(argc, argv, "dfprtvBCc:i:P:q1246S:o:F:K:")) != -1) switch (ch) { /* User-visible flags. */ case '1': @@ -249,6 +249,9 @@ case 'F': addargs(&args, "-%c%s", ch, optarg); break; + case 'K': + addargs(&args, "-%c%s", ch, optarg); + break; case 'P': addargs(&args, "-p%s", optarg); break; @@ -958,7 +961,7 @@ { (void) fprintf(stderr, "usage: scp [-pqrvBC46] [-F config] [-S program] [-P port]\n" - " [-c cipher] [-i identity] [-o option]\n" + " [-c cipher] [-i identity] [-o option] [-K keyword]\n" " [[user@]host1:]file1 [...] [[user@]host2:]file2\n"); exit(1); } diff -Naur openssh-3.4p1.orig/servconf.c openssh-3.4p1/servconf.c --- openssh-3.4p1.orig/servconf.c Tue Jun 25 05:22:04 2002 +++ openssh-3.4p1/servconf.c Sat Aug 10 14:46:29 2002 @@ -122,6 +122,7 @@ options->client_alive_count_max = -1; options->authorized_keys_file = NULL; options->authorized_keys_file2 = NULL; + options->initial_cleartext_keyword = NULL; /* Needs to be accessable in many places */ use_privsep = -1; @@ -298,7 +299,7 @@ sBanner, sVerifyReverseMapping, sHostbasedAuthentication, sHostbasedUsesNameFromPacketOnly, sClientAliveInterval, sClientAliveCountMax, sAuthorizedKeysFile, sAuthorizedKeysFile2, - sUsePrivilegeSeparation, + sUsePrivilegeSeparation, sInitialCleartextKeyword, sDeprecated } ServerOpCodes; @@ -376,6 +377,7 @@ { "authorizedkeysfile", sAuthorizedKeysFile }, { "authorizedkeysfile2", sAuthorizedKeysFile2 }, { "useprivilegeseparation", sUsePrivilegeSeparation}, + { "initialcleartextkeyword", sInitialCleartextKeyword }, { NULL, sBadOption } }; @@ -900,6 +902,30 @@ case sClientAliveCountMax: intptr = &options->client_alive_count_max; goto parse_int; + + case sInitialCleartextKeyword: + arg = strdelim(&cp); + if (!arg || *arg == '\0') + { + fatal("%s line %d: missing cleartext keyword value.", + filename,linenum); + } + else + { + char *ick = xstrdup(arg); + long ick1,ick2; + + /* Use only ASCII letters and digits from ick */ + for (ick1 = 0, ick2 = 0; ick[ick1] != '\0'; ick1++) + { + if ((ick[ick1] & 0x7f) == ick[ick1] && + (isalpha(ick[ick1]) || isdigit(ick[ick1]))) + ick[ick2++] = ick[ick1]; + } + ick[ick2] = '\0'; + options->initial_cleartext_keyword = ick; + } + break; case sDeprecated: log("%s line %d: Deprecated option %s", diff -Naur openssh-3.4p1.orig/servconf.h openssh-3.4p1/servconf.h --- openssh-3.4p1.orig/servconf.h Fri Jun 21 03:09:47 2002 +++ openssh-3.4p1/servconf.h Sat Aug 10 14:46:29 2002 @@ -130,6 +130,7 @@ char *authorized_keys_file; /* File containing public keys */ char *authorized_keys_file2; + char *initial_cleartext_keyword; int pam_authentication_via_kbd_int; } ServerOptions; diff -Naur openssh-3.4p1.orig/ssh.1 openssh-3.4p1/ssh.1 --- openssh-3.4p1.orig/ssh.1 Sat Aug 10 12:13:23 2002 +++ openssh-3.4p1/ssh.1 Sat Aug 10 14:46:29 2002 @@ -470,6 +470,8 @@ .Nm should use to communicate with a smartcard used for storing the user's private RSA key. +.It Fl K Ar keyword +Specifies the initial cleartext keyword to use when connecting to the server. .It Fl k Disables forwarding of Kerberos tickets and AFS tokens. This may also be specified on a per-host basis in the configuration file. diff -Naur openssh-3.4p1.orig/ssh.c openssh-3.4p1/ssh.c --- openssh-3.4p1.orig/ssh.c Sat Aug 10 12:13:23 2002 +++ openssh-3.4p1/ssh.c Sat Aug 10 14:46:29 2002 @@ -169,6 +169,7 @@ #ifdef SMARTCARD fprintf(stderr, " -I reader Set smartcard reader.\n"); #endif + fprintf(stderr, " -K keyword Use the specified initial cleartext keyword.\n"); fprintf(stderr, " -t Tty; allocate a tty even if command is given.\n"); fprintf(stderr, " -T Do not allocate a tty.\n"); fprintf(stderr, " -v Verbose; display verbose debugging messages.\n"); @@ -219,6 +220,7 @@ int dummy; extern int optind, optreset; extern char *optarg; + char const *initial_cleartext_keyword = NULL; __progname = get_progname(av[0]); init_rng(); @@ -273,7 +275,7 @@ again: while ((opt = getopt(ac, av, - "1246ab:c:e:fgi:kl:m:no:p:qstvxACD:F:I:L:NPR:TVX")) != -1) { + "1246ab:c:e:fgi:kl:m:no:p:qstvxACD:F:I:K:L:NPR:TVX")) != -1) { switch (opt) { case '1': options.protocol = SSH_PROTO_1; @@ -338,6 +340,9 @@ fprintf(stderr, "no support for smartcards.\n"); #endif break; + case 'K': + initial_cleartext_keyword = xstrdup(optarg); + break; case 't': if (tty_flag) force_tty_flag = 1; @@ -697,6 +702,10 @@ tilde_expand_filename(options.user_hostfile2, original_real_uid); signal(SIGPIPE, SIG_IGN); /* ignore SIGPIPE early */ + + /* Send initial cleartext keyword */ + if (initial_cleartext_keyword) + ssh_send_initial_cleartext_keyword(initial_cleartext_keyword); /* Log into the remote system. This never returns if the login fails. */ ssh_login(&sensitive_data, host, (struct sockaddr *)&hostaddr, pw); diff -Naur openssh-3.4p1.orig/sshconnect.c openssh-3.4p1/sshconnect.c --- openssh-3.4p1.orig/sshconnect.c Sat Aug 10 12:13:23 2002 +++ openssh-3.4p1/sshconnect.c Sat Aug 10 14:46:29 2002 @@ -366,6 +366,147 @@ } /* + * Waits for the server initial cleartext keyword challenge, + * and sends the initial cleartext keyword. + */ +void +ssh_send_initial_cleartext_keyword(char const *initial_cleartext_keyword) +{ + char const *ick_challenge = "SSH-ICK\n"; + char const *ick_success = "SSH-ICK OK\n"; + char const *ick_failure = "SSH-ICK FAILED\n"; + char *ick; + long ick1,ick2; + char receive_buffer[100]; + int i; + int connection_in = packet_get_connection_in(); + int connection_out = packet_get_connection_out(); + struct sigaction sa, osa; + + if (!initial_cleartext_keyword) + return; + + debug("ssh_send_initial_cleartext_keword: sending keyword"); + + /* Clean up keyword */ + ick = xmalloc(strlen(initial_cleartext_keyword)+2); + strcpy(ick,initial_cleartext_keyword); + /* Use only ASCII letters and digits from ick */ + for (ick1 = 0, ick2 = 0; ick[ick1] != '\0'; ick1++) + { + if ((ick[ick1] & 0x7f) == ick[ick1] && + (isalpha(ick[ick1]) || isdigit(ick[ick1]))) + ick[ick2++] = ick[ick1]; + } + ick[ick2] = '\n'; + ick[ick2+1] = '\0'; + + + /* If SetupTimeOut has been set, give up after + * the specified amount of time + */ + if (options.setuptimeout > 0) + { + memset(&sa,0,sizeof(sa)); + sa.sa_handler = banner_alarm_catch; + /* throw away any pending alarms since we'd block otherwise */ + alarm(0); + sigaction(SIGALRM,&sa,&osa); + alarm(options.setuptimeout); + } + + + /* Read challenge */ + for (i = 0; i < sizeof(receive_buffer) - 1; ) + { + int len = read(connection_in, &receive_buffer[i], 1); + if (banner_timedout) + goto got_timeout; + if (len < 0) + { + if (errno == EINTR) + continue; + goto error_on_read; + } + if (len != 1) + goto connection_closed; + if (receive_buffer[i] == '\r') + continue; + if (receive_buffer[i] == '\n') + { + receive_buffer[i+1] = 0; + break; + } + i++; + } + receive_buffer[sizeof(receive_buffer)-1] = '\0'; + if (strcmp(receive_buffer,ick_challenge) != 0) + { + fatal("ssh_send_initial_cleartext_keyword: Server does not request keyword. Please call client without keyword."); + } + + /* Send initial cleartext keyword. */ + if (atomicio(write, connection_out, ick, strlen(ick)) != strlen(ick)) + fatal("ssh_send_initial_cleartext_keyword: write: %.100s", + strerror(errno)); + + /* Read success/failure */ + for (i = 0; i < sizeof(receive_buffer) - 1; ) + { + int len = read(connection_in, &receive_buffer[i], 1); + if (banner_timedout) + goto got_timeout; + if (len < 0) + { + if (errno == EINTR) + continue; + goto error_on_read; + } + if (len != 1) + goto connection_closed; + if (receive_buffer[i] == '\r') + continue; + if (receive_buffer[i] == '\n') + { + receive_buffer[i+1] = 0; + break; + } + i++; + } + receive_buffer[sizeof(receive_buffer)-1] = '\0'; + if (strcmp(receive_buffer,ick_failure) == 0) + { + fatal("ssh_send_initial_cleartext_keyword: Server says wrong keyword."); + } + else if (strcmp(receive_buffer,ick_success) != 0) + { + fatal("ssh_send_initial_cleartext_keyword: Bad response from server."); + } + + + /* Disable timer */ + if (options.setuptimeout > 0) + { + alarm(0); + sigaction(SIGALRM,&osa,NULL); + } + + + /* Success */ + return; + + got_timeout: + fatal("ssh_send_initial_cleartext_keyword: Timeout waiting for challenge."); + + error_on_read: + fatal("ssh_send_initial_cleartext_keyword: read: %.100s",strerror(errno)); + + connection_closed: + fatal("ssh_send_initial_cleartext_keyword: Connection closed by remote host"); +} + + +/* * Waits for the server identification string, and sends our own * identification string. */ @@ -414,6 +555,11 @@ i++; } buf[sizeof(buf) - 1] = 0; + + /* Check if the server requests an initial cleartext keyword. */ + if (strcmp(buf,"SSH-ICK\n") == 0) + fatal("Server requests initial cleartext keyword. Please provide one."); + if (strncmp(buf, "SSH-", 4) == 0) break; debug("ssh_exchange_identification: %s", buf); diff -Naur openssh-3.4p1.orig/sshconnect.h openssh-3.4p1/sshconnect.h --- openssh-3.4p1.orig/sshconnect.h Fri Jun 21 02:41:53 2002 +++ openssh-3.4p1/sshconnect.h Sat Aug 10 14:46:29 2002 @@ -38,6 +38,9 @@ int, const char *); void +ssh_send_initial_cleartext_keyword(char const *ick); + +void ssh_login(Sensitive *, const char *, struct sockaddr *, struct passwd *); int verify_host_key(char *, struct sockaddr *, Key *); diff -Naur openssh-3.4p1.orig/sshd.c openssh-3.4p1/sshd.c --- openssh-3.4p1.orig/sshd.c Sat Aug 10 12:13:23 2002 +++ openssh-3.4p1/sshd.c Sat Aug 10 14:46:29 2002 @@ -351,6 +351,92 @@ } static void +initial_cleartext_keyword_alarm_handler(int sig) +{ + /* Log error and exit. */ + fatal("Timeout before initial cleartext keyword for %s.", + get_remote_ipaddr()); +} + +static void +initial_cleartext_challenge(int sock_in, int sock_out) +{ + long i; + char *ick_challenge = "SSH-ICK\n"; + char *ick_success = "SSH-ICK OK\n"; + char *ick_failure = "SSH-ICK FAILED\n"; + + if (options.initial_cleartext_keyword == NULL) + return; + + /* We are not really concerned that all data gets written. + It is the client's job to ensure this. */ + if (!atomicio(write, sock_out, ick_challenge, strlen(ick_challenge))) + { + fatal("Could not write \"%s\" to %s", + ick_challenge,get_remote_ipaddr()); + } + + /* Read characters and compare with initial cleartext keyword */ + i = 0; + for (;;) + { + char received_char; + if (atomicio(read, sock_in, &received_char, 1) != 1) + { + fatal("Could not read initial cleartext keyword from %s", + get_remote_ipaddr()); + } + + /* Challenge is terminated by a '\n' character */ + if (received_char == '\r') + continue; + if (received_char == '\n') + break; + + if ((received_char & 0x7f) == received_char && + (isalpha(received_char) || isdigit(received_char))) + { + if (options.initial_cleartext_keyword[i] != received_char) + goto failed_loop; + i++; + } + } + if (options.initial_cleartext_keyword[i] != '\0') + { + /* Don't care about result */ + atomicio(write, sock_out, ick_failure, strlen(ick_failure)); + fatal("initial cleartext keyword challenge failed"); + } + + /* Successfully completed challenge */ + if (!atomicio(write, sock_out, ick_success, strlen(ick_success))) + { + fatal("Could not write \"%s\" to %s", + ick_success,get_remote_ipaddr()); + } + + return; + +failed_loop: + log("initial cleartext keyword challenge failed, completing read of bad keyword"); + for (;;) + { + char received_char; + if (atomicio(read, sock_in, &received_char, 1) != 1) + { + fatal("Could not read initial cleartext keyword from %s", + get_remote_ipaddr()); + } + if (received_char == '\n') + break; + } + /* Don't care about result */ + atomicio(write, sock_out, ick_failure, strlen(ick_failure)); + fatal_cleanup(); +} + +static void sshd_exchange_identification(int sock_in, int sock_out) { int i, mismatch; @@ -1414,6 +1500,19 @@ setsockopt(sock_in, SOL_SOCKET, SO_KEEPALIVE, &on, sizeof(on)) < 0) error("setsockopt SO_KEEPALIVE: %.100s", strerror(errno)); + + /* + * Perform initial cleartext keyword challenge. + */ + if (options.initial_cleartext_keyword != NULL) + { + signal(SIGALRM, initial_cleartext_keyword_alarm_handler); + if (!debug_flag) + alarm(options.login_grace_time); + initial_cleartext_challenge(sock_in,sock_out); + alarm(0); + signal(SIGALRM, SIG_DFL); + } /* * Register our connection. This turns encryption off because we do diff -Naur openssh-3.4p1.orig/sshd_config openssh-3.4p1/sshd_config --- openssh-3.4p1.orig/sshd_config Fri Jun 21 03:11:36 2002 +++ openssh-3.4p1/sshd_config Sat Aug 10 14:46:29 2002 @@ -59,6 +59,13 @@ # Change to no to disable s/key passwords #ChallengeResponseAuthentication yes +# Uncomment and choose a long keyword to create a hurdle against +# Internet hacking attacks. Note that all your clients must be able +# to supply such an initial cleartext keyword, so it is not suitable +# in all situations. It also breaks the RFC. +# Keyword must contain letters and digits only. +# InitialCleartextKeyword longwordthathackerswillnotguess + # Kerberos options #KerberosAuthentication no #KerberosOrLocalPasswd yes diff -Naur openssh-3.4p1.orig/sshd_config.5 openssh-3.4p1/sshd_config.5 --- openssh-3.4p1.orig/sshd_config.5 Wed Jun 26 15:05:16 2002 +++ openssh-3.4p1/sshd_config.5 Sat Aug 10 14:46:29 2002 @@ -537,6 +537,12 @@ .It Cm ServerKeyBits Defines the number of bits in the ephemeral protocol version 1 server key. The minimum value is 512, and the default is 768. +.It Cm InitialCleartextKeyword +Gives an initial cleartext keyword that the client must supply immediately +after connecting. This keyword presents a hurdle that will hopefully make +hacking attacks from the Internet less successful. This breaks the protocol +RFC and can only be used with clients that understand the initial cleartext +keyword option, thus it is unsuitable in some situations. .It Cm StrictModes Specifies whether .Nm sshd