Retire the NONE cipher option.

This commit is contained in:
Dag-Erling Smørgrav 2015-11-23 12:48:13 +00:00
parent 2e59a758fd
commit 1765946ba9
21 changed files with 4 additions and 247 deletions

View File

@ -1,14 +1,5 @@
Notes:
NONE CIPHER:
To use the NONE option you must have the NoneEnabled switch set on the server
and you MUST have *both* NoneEnabled and NoneSwitch set to yes on the client.
The NONE feature works with ALL ssh subsystems (as far as we can tell)
as long as there is no tty allocated.
If a user uses the -T switch to prevent a tty being created the NONE cipher
will be disabled.
PERFORMANCE:
The performance increase will only be as good as the network and TCP stack
tuning on the reciever side of the connection allows. As a rule of thumb a
@ -93,22 +84,6 @@ HPN SPECIFIC CONFIGURATION OPTIONS:
the throughput will be no more than n/RTT. The minimum buffer size is 1KB.
Default is the current system wide TCP receive buffer size.
- NoneEnabled=[yes/no] client/server
Enable or disable the use of the None cipher. Care must always be used when
enabling this as it will allow users to send data in the clear. However, it
is important to note that authentication information remains encrypted even
if this option is enabled. Set to no by default.
- NoneSwitch=[yes/no] client
Switch the encryption cipher being used to the None cipher after
authentication takes place. NoneEnabled must be enabled on both the client
and server side of the connection. When the connection switches to the NONE
cipher a warning is sent to STDERR. The connection attempt will fail with an
error if a client requests a NoneSwitch from the server that does not
explicitly have NoneEnabled set to yes.
Note: The NONE cipher cannot be used in interactive (shell) sessions and it
will fail silently. Set to no by default.
CREDITS:

View File

@ -36,7 +36,6 @@
*/
#include "includes.h"
__RCSID("$FreeBSD$");
#include <sys/types.h>
@ -225,12 +224,7 @@ ciphers_valid(const char *names)
for ((p = strsep(&cp, CIPHER_SEP)); p && *p != '\0';
(p = strsep(&cp, CIPHER_SEP))) {
c = cipher_by_name(p);
#ifdef NONE_CIPHER_ENABLED
if (c == NULL || (c->number != SSH_CIPHER_SSH2 &&
c->number != SSH_CIPHER_NONE)) {
#else
if (c == NULL || (c->number != SSH_CIPHER_SSH2)) {
#endif
if (c == NULL || c->number != SSH_CIPHER_SSH2) {
debug("bad cipher %s [%s]", p, names);
free(cipher_list);
return 0;
@ -485,9 +479,6 @@ cipher_get_keyiv(CipherContext *cc, u_char *iv, u_int len)
}
switch (c->number) {
#ifdef NONE_CIPHER_ENABLED
case SSH_CIPHER_NONE:
#endif
case SSH_CIPHER_SSH2:
case SSH_CIPHER_DES:
case SSH_CIPHER_BLOWFISH:
@ -527,9 +518,6 @@ cipher_set_keyiv(CipherContext *cc, u_char *iv)
return;
switch (c->number) {
#ifdef NONE_CIPHER_ENABLED
case SSH_CIPHER_NONE:
#endif
case SSH_CIPHER_SSH2:
case SSH_CIPHER_DES:
case SSH_CIPHER_BLOWFISH:

View File

@ -24,7 +24,6 @@
*/
#include "includes.h"
__RCSID("$FreeBSD$");
#include <sys/param.h>
@ -146,13 +145,8 @@ kex_names_valid(const char *names)
return 1;
}
/* put algorithm proposal into buffer. */
#ifndef NONE_CIPHER_ENABLED
/* put algorithm proposal into buffer */
static void
#else
/* Also used in sshconnect2.c. */
void
#endif
kex_prop2buf(Buffer *b, char *proposal[PROPOSAL_MAX])
{
u_int i;
@ -466,9 +460,6 @@ kex_choose_conf(Kex *kex)
int nenc, nmac, ncomp;
u_int mode, ctos, need, dh_need, authlen;
int first_kex_follows, type;
#ifdef NONE_CIPHER_ENABLED
int auth_flag;
#endif
my = kex_buf2prop(&kex->my, NULL);
peer = kex_buf2prop(&kex->peer, &first_kex_follows);
@ -492,10 +483,6 @@ kex_choose_conf(Kex *kex)
}
/* Algorithm Negotiation */
#ifdef NONE_CIPHER_ENABLED
auth_flag = packet_get_authentication_state();
debug ("AUTH STATE is %d", auth_flag);
#endif
for (mode = 0; mode < MODE_MAX; mode++) {
newkeys = xcalloc(1, sizeof(*newkeys));
kex->newkeys[mode] = newkeys;
@ -510,17 +497,6 @@ kex_choose_conf(Kex *kex)
if (authlen == 0)
choose_mac(&newkeys->mac, cprop[nmac], sprop[nmac]);
choose_comp(&newkeys->comp, cprop[ncomp], sprop[ncomp]);
#ifdef NONE_CIPHER_ENABLED
debug("REQUESTED ENC.NAME is '%s'", newkeys->enc.name);
if (strcmp(newkeys->enc.name, "none") == 0) {
debug("Requesting NONE. Authflag is %d", auth_flag);
if (auth_flag == 1)
debug("None requested post authentication.");
else
fatal("Pre-authentication none cipher requests "
"are not allowed.");
}
#endif
debug("kex: %s %s %s %s",
ctos ? "client->server" : "server->client",
newkeys->enc.name,

View File

@ -1,5 +1,4 @@
/* $OpenBSD: kex.h,v 1.62 2014/01/27 18:58:14 markus Exp $ */
/* $FreeBSD$ */
/*
* Copyright (c) 2000, 2001 Markus Friedl. All rights reserved.
@ -149,10 +148,6 @@ struct Kex {
int kex_names_valid(const char *);
char *kex_alg_list(char);
#ifdef NONE_CIPHER_ENABLED
void kex_prop2buf(Buffer *, char *[PROPOSAL_MAX]);
#endif
Kex *kex_setup(char *[PROPOSAL_MAX]);
void kex_finish(Kex *);

View File

@ -1,5 +1,4 @@
/* $OpenBSD: myproposal.h,v 1.35 2013/12/06 13:39:49 markus Exp $ */
/* $FreeBSD$ */
/*
* Copyright (c) 2000 Markus Friedl. All rights reserved.
@ -110,10 +109,6 @@
"chacha20-poly1305@openssh.com," \
"aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc," \
"aes192-cbc,aes256-cbc,arcfour,rijndael-cbc@lysator.liu.se"
#ifdef NONE_CIPHER_ENABLED
#define KEX_ENCRYPT_INCLUDE_NONE KEX_DEFAULT_ENCRYPT \
",none"
#endif
#define KEX_DEFAULT_MAC \
"hmac-md5-etm@openssh.com," \

View File

@ -20,7 +20,6 @@
#define _BSD_MISC_H
#include "includes.h"
__RCSID("$FreeBSD$");
char *ssh_get_progname(char *);

View File

@ -202,9 +202,6 @@ struct session_state {
};
static struct session_state *active_state, *backup_state;
#ifdef NONE_CIPHER_ENABLED
static int rekey_requested = 0;
#endif
static struct session_state *
alloc_session_state(void)
@ -1316,7 +1313,6 @@ packet_read_poll2(u_int32_t *seqnr_p)
buffer_ptr(&active_state->input), block_size, 0, 0) != 0)
fatal("Decryption integrity check failed");
cp = buffer_ptr(&active_state->incoming_packet);
active_state->packlen = get_u32(cp);
if (active_state->packlen < 1 + 4 ||
active_state->packlen > PACKET_MAX_SIZE) {
@ -1943,26 +1939,12 @@ packet_send_ignore(int nbytes)
}
}
#ifdef NONE_CIPHER_ENABLED
void
packet_request_rekeying(void)
{
rekey_requested = 1;
}
#endif
#define MAX_PACKETS (1U<<31)
int
packet_need_rekeying(void)
{
if (datafellows & SSH_BUG_NOREKEY)
return 0;
#ifdef NONE_CIPHER_ENABLED
if (rekey_requested == 1) {
rekey_requested = 0;
return 1;
}
#endif
return
(active_state->p_send.packets > MAX_PACKETS) ||
(active_state->p_read.packets > MAX_PACKETS) ||
@ -2074,11 +2056,3 @@ packet_restore_state(void)
add_recv_bytes(len);
}
}
#ifdef NONE_CIPHER_ENABLED
int
packet_get_authentication_state(void)
{
return (active_state->after_authentication);
}
#endif

View File

@ -1,5 +1,4 @@
/* $OpenBSD: packet.h,v 1.59 2013/07/12 00:19:59 djm Exp $ */
/* $FreeBSD$ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
@ -39,9 +38,6 @@ void packet_set_interactive(int, int, int);
int packet_is_interactive(void);
void packet_set_server(void);
void packet_set_authenticated(void);
#ifdef NONE_CIPHER_ENABLED
int packet_get_authentication_state(void);
#endif
void packet_start(u_char);
void packet_put_char(int ch);
@ -119,9 +115,6 @@ do { \
} while (0)
int packet_need_rekeying(void);
#ifdef NONE_CIPHER_ENABLED
void packet_request_rekeying(void);
#endif
void packet_set_rekey_limits(u_int32_t, time_t);
time_t packet_get_rekey_timeout(void);

View File

@ -1,5 +1,4 @@
/* $OpenBSD: pathnames.h,v 1.24 2013/12/06 13:39:49 markus Exp $ */
/* $FreeBSD$ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
@ -122,7 +121,7 @@
* Default location of askpass
*/
#ifndef _PATH_SSH_ASKPASS_DEFAULT
#define _PATH_SSH_ASKPASS_DEFAULT "/usr/local/bin/ssh-askpass"
#define _PATH_SSH_ASKPASS_DEFAULT "/usr/X11R6/bin/ssh-askpass"
#endif
/* Location of ssh-keysign for hostbased authentication */
@ -137,7 +136,7 @@
/* xauth for X11 forwarding */
#ifndef _PATH_XAUTH
#define _PATH_XAUTH "/usr/local/bin/xauth"
#define _PATH_XAUTH "/usr/X11R6/bin/xauth"
#endif
/* UNIX domain socket for X11 server; displaynum will replace %u */

View File

@ -154,9 +154,6 @@ typedef enum {
oCanonicalizeFallbackLocal, oCanonicalizePermittedCNAMEs,
oIgnoredUnknownOption,
oHPNDisabled, oHPNBufferSize, oTcpRcvBufPoll, oTcpRcvBuf,
#ifdef NONE_CIPHER_ENABLED
oNoneEnabled, oNoneSwitch,
#endif
oVersionAddendum, oDeprecated, oUnsupported
} OpCodes;
@ -274,10 +271,6 @@ static struct {
{ "hpnbuffersize", oHPNBufferSize },
{ "tcprcvbufpoll", oTcpRcvBufPoll },
{ "tcprcvbuf", oTcpRcvBuf },
#ifdef NONE_CIPHER_ENABLED
{ "noneenabled", oNoneEnabled },
{ "noneswitch", oNoneSwitch },
#endif
{ "versionaddendum", oVersionAddendum },
{ NULL, oBadOption }
@ -1375,31 +1368,6 @@ process_config_line(Options *options, struct passwd *pw, const char *host,
intptr = &options->tcp_rcv_buf;
goto parse_int;
#ifdef NONE_CIPHER_ENABLED
case oNoneEnabled:
intptr = &options->none_enabled;
goto parse_flag;
/*
* We check to see if the command comes from the command line or not.
* If it does then enable it otherwise fail. NONE must never be a
* default configuration.
*/
case oNoneSwitch:
if (strcmp(filename,"command-line") == 0) {
intptr = &options->none_switch;
goto parse_flag;
} else {
debug("NoneSwitch directive found in %.200s.",
filename);
error("NoneSwitch is found in %.200s.\n"
"You may only use this configuration option "
"from the command line", filename);
error("Continuing...");
return 0;
}
#endif
case oVersionAddendum:
if (s == NULL)
fatal("%.200s line %d: Missing argument.", filename,
@ -1659,10 +1627,6 @@ initialize_options(Options * options)
options->hpn_buffer_size = -1;
options->tcp_rcv_buf_poll = -1;
options->tcp_rcv_buf = -1;
#ifdef NONE_CIPHER_ENABLED
options->none_enabled = -1;
options->none_switch = -1;
#endif
}
/*
@ -1883,11 +1847,6 @@ fill_default_options(Options * options)
options->tcp_rcv_buf *= 1024;
if (options->tcp_rcv_buf_poll == -1)
options->tcp_rcv_buf_poll = 1;
#ifdef NONE_CIPHER_ENABLED
/* options->none_enabled must not be set by default */
if (options->none_switch == -1)
options->none_switch = 0;
#endif
}
/*

View File

@ -1,5 +1,4 @@
/* $OpenBSD: readconf.h,v 1.101 2014/02/23 20:11:36 djm Exp $ */
/* $FreeBSD$ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
@ -165,10 +164,6 @@ typedef struct {
* transfer. */
int tcp_rcv_buf; /* User switch to set tcp recv buffer. */
#ifdef NONE_CIPHER_ENABLED
int none_enabled; /* Allow none to be used */
int none_switch; /* Use none cipher */
#endif
} Options;
#define SSH_CANONICALISE_NO 0

View File

@ -158,9 +158,6 @@ initialize_server_options(ServerOptions *options)
options->hpn_disabled = -1;
options->hpn_buffer_size = -1;
options->tcp_rcv_buf_poll = -1;
#ifdef NONE_CIPHER_ENABLED
options->none_enabled = -1;
#endif
}
void
@ -389,9 +386,6 @@ typedef enum {
sAuthorizedKeysCommand, sAuthorizedKeysCommandUser,
sAuthenticationMethods, sHostKeyAgent,
sHPNDisabled, sHPNBufferSize, sTcpRcvBufPoll,
#ifdef NONE_CIPHER_ENABLED
sNoneEnabled,
#endif
sDeprecated, sUnsupported
} ServerOpCodes;
@ -521,9 +515,6 @@ static struct {
{ "hpndisabled", sHPNDisabled, SSHCFG_ALL },
{ "hpnbuffersize", sHPNBufferSize, SSHCFG_ALL },
{ "tcprcvbufpoll", sTcpRcvBufPoll, SSHCFG_ALL },
#ifdef NONE_CIPHER_ENABLED
{ "noneenabled", sNoneEnabled, SSHCFG_ALL },
#endif
{ NULL, sBadOption, 0 }
};
@ -1682,12 +1673,6 @@ process_server_config_line(ServerOptions *options, char *line,
intptr = &options->tcp_rcv_buf_poll;
goto parse_flag;
#ifdef NONE_CIPHER_ENABLED
case sNoneEnabled:
intptr = &options->none_enabled;
goto parse_flag;
#endif
case sDeprecated:
logit("%s line %d: Deprecated option %s",
filename, linenum, arg);

View File

@ -1,5 +1,4 @@
/* $OpenBSD: servconf.h,v 1.112 2014/01/29 06:18:35 djm Exp $ */
/* $FreeBSD$ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
@ -188,10 +187,6 @@ typedef struct {
* kernels. */
u_int num_auth_methods;
char *auth_methods[MAX_AUTH_METHODS];
#ifdef NONE_CIPHER_ENABLED
int none_enabled; /* Enable NONE cipher switch. */
#endif
} ServerOptions;
/* Information about the incoming connection as used by Match */

View File

@ -782,15 +782,6 @@ main(int ac, char **av)
break;
case 'T':
options.request_tty = REQUEST_TTY_NO;
#ifdef NONE_CIPHER_ENABLED
/*
* Ensure that the user does not try to backdoor a
* NONE cipher switch on an interactive session by
* explicitly disabling it if the user asks for a
* session without a tty.
*/
options.none_switch = 0;
#endif
break;
case 'o':
line = xstrdup(optarg);

View File

@ -25,7 +25,6 @@
*/
#include "includes.h"
__RCSID("$FreeBSD$");
#include <sys/types.h>
#include <sys/socket.h>
@ -80,16 +79,6 @@ __RCSID("$FreeBSD$");
extern char *client_version_string;
extern char *server_version_string;
extern Options options;
#ifdef NONE_CIPHER_ENABLED
extern Kex *xxx_kex;
/*
* tty_flag is set in ssh.c so we can use it here. If set then prevent
* the switch to the null cipher.
*/
extern int tty_flag;
#endif
/*
* SSH2 key exchange
@ -422,29 +411,6 @@ ssh_userauth2(const char *local_user, const char *server_user, char *host,
pubkey_cleanup(&authctxt);
dispatch_range(SSH2_MSG_USERAUTH_MIN, SSH2_MSG_USERAUTH_MAX, NULL);
#ifdef NONE_CIPHER_ENABLED
/*
* If the user explicitly requests to use the none cipher enable it
* post authentication and only if the right conditions are met: both
* of the NONE switches must be true and there must be no tty allocated.
*/
if (options.none_switch == 1 && options.none_enabled == 1) {
if (!tty_flag) {
debug("Requesting none cipher re-keying...");
myproposal[PROPOSAL_ENC_ALGS_STOC] = "none";
myproposal[PROPOSAL_ENC_ALGS_CTOS] = "none";
kex_prop2buf(&xxx_kex->my, myproposal);
packet_request_rekeying();
fprintf(stderr, "WARNING: enabled NONE cipher\n");
} else {
/* Requested NONE cipher on an interactive session. */
debug("Cannot switch to NONE cipher with tty "
"allocated");
fprintf(stderr, "NONE cipher switch disabled given "
"a TTY is allocated\n");
}
}
#endif
debug("Authentication succeeded (%s).", authctxt.method->name);
}

View File

@ -2501,12 +2501,6 @@ do_ssh2_kex(void)
if (options.ciphers != NULL) {
myproposal[PROPOSAL_ENC_ALGS_CTOS] =
myproposal[PROPOSAL_ENC_ALGS_STOC] = options.ciphers;
#ifdef NONE_CIPHER_ENABLED
} else if (options.none_enabled == 1) {
debug ("WARNING: None cipher enabled");
myproposal[PROPOSAL_ENC_ALGS_CTOS] =
myproposal[PROPOSAL_ENC_ALGS_STOC] = KEX_ENCRYPT_INCLUDE_NONE;
#endif
}
myproposal[PROPOSAL_ENC_ALGS_CTOS] =
compat_cipher_proposal(myproposal[PROPOSAL_ENC_ALGS_CTOS]);

View File

@ -43,10 +43,6 @@ CFLAGS+= -I${SSHDIR} -include ssh_namespace.h
CFLAGS+= -include krb5_config.h
.endif
.if ${MK_OPENSSH_NONE_CIPHER} != "no"
CFLAGS+= -DNONE_CIPHER_ENABLED
.endif
NO_LINT=
LIBADD+= crypto crypt z

View File

@ -26,10 +26,6 @@ CFLAGS+= -include krb5_config.h
LIBADD+= gssapi
.endif
.if ${MK_OPENSSH_NONE_CIPHER} != "no"
CFLAGS+= -DNONE_CIPHER_ENABLED
.endif
LIBADD+= crypto
.if defined(LOCALBASE)

View File

@ -44,10 +44,6 @@ CFLAGS+= -include krb5_config.h
LIBADD+= gssapi_krb5 gssapi krb5
.endif
.if ${MK_OPENSSH_NONE_CIPHER} != "no"
CFLAGS+= -DNONE_CIPHER_ENABLED
.endif
LIBADD+= crypto
.if defined(LOCALBASE)

View File

@ -184,7 +184,6 @@ __DEFAULT_NO_OPTIONS = \
NAND \
OFED \
OPENLDAP \
OPENSSH_NONE_CIPHER \
SHARED_TOOLCHAIN \
SORT_THREADS \
SVN

View File

@ -1,9 +0,0 @@
.\" $FreeBSD$
Set to include the "None" cipher support in OpenSSH and its libraries.
Additional adjustments may need to be done to system configuration
files, such as
.Xr sshd_config 5 ,
to enable this cipher.
Please see
.Pa /usr/src/crypto/openssh/README.hpn
for full details.