Retire the NONE cipher option.

2015-11-23 12:48:13 +00:00 · 2015-11-23 12:48:13 +00:00 · 24641fd80b
commit 24641fd80b
parent 643090321a
21 changed files with 4 additions and 247 deletions
--- a/crypto/openssh/README.hpn
+++ b/crypto/openssh/README.hpn
@ -1,14 +1,5 @@
 Notes:
 NONE CIPHER:
  To use the NONE option you must have the NoneEnabled switch set on the server
  and you MUST have *both* NoneEnabled and NoneSwitch set to yes on the client.
  The NONE feature works with ALL ssh subsystems (as far as we can tell)
  as long as there is no tty allocated.
  If a user uses the -T switch to prevent a tty being created the NONE cipher
  will be disabled. 
 PERFORMANCE:
  The performance increase will only be as good as the network and TCP stack
  tuning on the reciever side of the connection allows.  As a rule of thumb a
@ -93,22 +84,6 @@ HPN SPECIFIC CONFIGURATION OPTIONS:
  the throughput will be no more than n/RTT.  The minimum buffer size is 1KB. 
  Default is the current system wide TCP receive buffer size.
 - NoneEnabled=[yes/no] client/server
  Enable or disable the use of the None cipher.  Care must always be used when
  enabling this as it will allow users to send data in the clear.  However, it
  is important to note that authentication information remains encrypted even
  if this option is enabled.  Set to no by default.
 - NoneSwitch=[yes/no] client
  Switch the encryption cipher being used to the None cipher after
  authentication takes place.  NoneEnabled must be enabled on both the client
  and server side of the connection.  When the connection switches to the NONE
  cipher a warning is sent to STDERR.  The connection attempt will fail with an
  error if a client requests a NoneSwitch from the server that does not
  explicitly have NoneEnabled set to yes.
  Note: The NONE cipher cannot be used in interactive (shell) sessions and it
  will fail silently.  Set to no by default.
 CREDITS:
--- a/crypto/openssh/cipher.c
+++ b/crypto/openssh/cipher.c
@ -36,7 +36,6 @@
 */
 #include "includes.h"
 __RCSID("$FreeBSD$");
 #include <sys/types.h>
@ -225,12 +224,7 @@ ciphers_valid(const char *names)
 	for ((p = strsep(&cp, CIPHER_SEP)); p && *p != '\0';
 	    (p = strsep(&cp, CIPHER_SEP))) {
 		c = cipher_by_name(p);
-#ifdef NONE_CIPHER_ENABLED
+		if (c == NULL || c->number != SSH_CIPHER_SSH2) {
 		if (c == NULL || (c->number != SSH_CIPHER_SSH2 &&
 		    c->number != SSH_CIPHER_NONE)) {
 #else
 		if (c == NULL || (c->number != SSH_CIPHER_SSH2)) {
 #endif
 			debug("bad cipher %s [%s]", p, names);
 			free(cipher_list);
 			return 0;
@ -485,9 +479,6 @@ cipher_get_keyiv(CipherContext *cc, u_char *iv, u_int len)
 	}
 	switch (c->number) {
 #ifdef	NONE_CIPHER_ENABLED
 	case SSH_CIPHER_NONE:
 #endif
 	case SSH_CIPHER_SSH2:
 	case SSH_CIPHER_DES:
 	case SSH_CIPHER_BLOWFISH:
@ -527,9 +518,6 @@ cipher_set_keyiv(CipherContext *cc, u_char *iv)
 		return;
 	switch (c->number) {
 #ifdef	NONE_CIPHER_ENABLED
 	case SSH_CIPHER_NONE:
 #endif
 	case SSH_CIPHER_SSH2:
 	case SSH_CIPHER_DES:
 	case SSH_CIPHER_BLOWFISH:
--- a/crypto/openssh/kex.c
+++ b/crypto/openssh/kex.c
@ -24,7 +24,6 @@
 */
 #include "includes.h"
 __RCSID("$FreeBSD$");
 #include <sys/param.h>
@ -146,13 +145,8 @@ kex_names_valid(const char *names)
 	return 1;
 }
-/* put algorithm proposal into buffer. */
+/* put algorithm proposal into buffer */
 #ifndef NONE_CIPHER_ENABLED
 static void
 #else
 /* Also used in sshconnect2.c. */
 void
 #endif
 kex_prop2buf(Buffer *b, char *proposal[PROPOSAL_MAX])
 {
 	u_int i;
@ -466,9 +460,6 @@ kex_choose_conf(Kex *kex)
 	int nenc, nmac, ncomp;
 	u_int mode, ctos, need, dh_need, authlen;
 	int first_kex_follows, type;
 #ifdef	NONE_CIPHER_ENABLED
 	int auth_flag;
 #endif
 	my   = kex_buf2prop(&kex->my, NULL);
 	peer = kex_buf2prop(&kex->peer, &first_kex_follows);
@ -492,10 +483,6 @@ kex_choose_conf(Kex *kex)
 	}
 	/* Algorithm Negotiation */
 #ifdef	NONE_CIPHER_ENABLED
 	auth_flag = packet_get_authentication_state();
 	debug ("AUTH STATE is %d", auth_flag);
 #endif
 	for (mode = 0; mode < MODE_MAX; mode++) {
 		newkeys = xcalloc(1, sizeof(*newkeys));
 		kex->newkeys[mode] = newkeys;
@ -510,17 +497,6 @@ kex_choose_conf(Kex *kex)
 		if (authlen == 0)
 			choose_mac(&newkeys->mac, cprop[nmac], sprop[nmac]);
 		choose_comp(&newkeys->comp, cprop[ncomp], sprop[ncomp]);
 #ifdef	NONE_CIPHER_ENABLED
 		debug("REQUESTED ENC.NAME is '%s'", newkeys->enc.name);
 		if (strcmp(newkeys->enc.name, "none") == 0) {
 			debug("Requesting NONE. Authflag is %d", auth_flag);
 			if (auth_flag == 1)
 				debug("None requested post authentication.");
 			else
 				fatal("Pre-authentication none cipher requests "
 				    "are not allowed.");
 		}
 #endif
 		debug("kex: %s %s %s %s",
 		    ctos ? "client->server" : "server->client",
 		    newkeys->enc.name,
--- a/crypto/openssh/kex.h
+++ b/crypto/openssh/kex.h
@ -1,5 +1,4 @@
 /* $OpenBSD: kex.h,v 1.62 2014/01/27 18:58:14 markus Exp $ */
 /* $FreeBSD$ */
 /*
 * Copyright (c) 2000, 2001 Markus Friedl.  All rights reserved.
@ -149,10 +148,6 @@ struct Kex {
 int	 kex_names_valid(const char *);
 char	*kex_alg_list(char);
 #ifdef	NONE_CIPHER_ENABLED
 void	 kex_prop2buf(Buffer *, char *[PROPOSAL_MAX]);
 #endif
 Kex	*kex_setup(char *[PROPOSAL_MAX]);
 void	 kex_finish(Kex *);
--- a/crypto/openssh/myproposal.h
+++ b/crypto/openssh/myproposal.h
@ -1,5 +1,4 @@
 /* $OpenBSD: myproposal.h,v 1.35 2013/12/06 13:39:49 markus Exp $ */
 /* $FreeBSD$ */
 /*
 * Copyright (c) 2000 Markus Friedl.  All rights reserved.
@ -110,10 +109,6 @@
 	"chacha20-poly1305@openssh.com," \
 	"aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc," \
 	"aes192-cbc,aes256-cbc,arcfour,rijndael-cbc@lysator.liu.se"
 #ifdef	NONE_CIPHER_ENABLED
 #define KEX_ENCRYPT_INCLUDE_NONE KEX_DEFAULT_ENCRYPT \
 	",none"
 #endif
 #define	KEX_DEFAULT_MAC \
 	"hmac-md5-etm@openssh.com," \
--- a/crypto/openssh/openbsd-compat/bsd-misc.h
+++ b/crypto/openssh/openbsd-compat/bsd-misc.h
@ -20,7 +20,6 @@
 #define _BSD_MISC_H
 #include "includes.h"
 __RCSID("$FreeBSD$");
 char *ssh_get_progname(char *);
--- a/crypto/openssh/packet.c
+++ b/crypto/openssh/packet.c
@ -202,9 +202,6 @@ struct session_state {
 };
 static struct session_state *active_state, *backup_state;
 #ifdef	NONE_CIPHER_ENABLED
 static int rekey_requested = 0;
 #endif
 static struct session_state *
 alloc_session_state(void)
@ -1316,7 +1313,6 @@ packet_read_poll2(u_int32_t *seqnr_p)
 		    buffer_ptr(&active_state->input), block_size, 0, 0) != 0)
 			fatal("Decryption integrity check failed");
 		cp = buffer_ptr(&active_state->incoming_packet);
 		active_state->packlen = get_u32(cp);
 		if (active_state->packlen < 1 + 4 ||
 		    active_state->packlen > PACKET_MAX_SIZE) {
@ -1943,26 +1939,12 @@ packet_send_ignore(int nbytes)
 	}
 }
 #ifdef	NONE_CIPHER_ENABLED
 void
 packet_request_rekeying(void)
 {
 	rekey_requested = 1;
 }
 #endif
 #define MAX_PACKETS	(1U<<31)
 int
 packet_need_rekeying(void)
 {
 	if (datafellows & SSH_BUG_NOREKEY)
 		return 0;
 #ifdef	NONE_CIPHER_ENABLED
 	if (rekey_requested == 1) {
 		rekey_requested = 0;
 		return 1;
 	}
 #endif
 	return
 	    (active_state->p_send.packets > MAX_PACKETS) ||
 	    (active_state->p_read.packets > MAX_PACKETS) ||
@ -2074,11 +2056,3 @@ packet_restore_state(void)
 		add_recv_bytes(len);
 	}
 }
 #ifdef	NONE_CIPHER_ENABLED
 int
 packet_get_authentication_state(void)
 {
 	return (active_state->after_authentication);
 }
 #endif
--- a/crypto/openssh/packet.h
+++ b/crypto/openssh/packet.h
@ -1,5 +1,4 @@
 /* $OpenBSD: packet.h,v 1.59 2013/07/12 00:19:59 djm Exp $ */
 /* $FreeBSD$ */
 /*
 * Author: Tatu Ylonen <ylo@cs.hut.fi>
@ -39,9 +38,6 @@ void     packet_set_interactive(int, int, int);
 int      packet_is_interactive(void);
 void     packet_set_server(void);
 void     packet_set_authenticated(void);
 #ifdef	NONE_CIPHER_ENABLED
 int      packet_get_authentication_state(void);
 #endif
 void     packet_start(u_char);
 void     packet_put_char(int ch);
@ -119,9 +115,6 @@ do { \
 } while (0)
 int	 packet_need_rekeying(void);
 #ifdef	NONE_CIPHER_ENABLED
 void	 packet_request_rekeying(void);
 #endif
 void	 packet_set_rekey_limits(u_int32_t, time_t);
 time_t	 packet_get_rekey_timeout(void);
--- a/crypto/openssh/pathnames.h
+++ b/crypto/openssh/pathnames.h
@ -1,5 +1,4 @@
 /* $OpenBSD: pathnames.h,v 1.24 2013/12/06 13:39:49 markus Exp $ */
 /* $FreeBSD$ */
 /*
 * Author: Tatu Ylonen <ylo@cs.hut.fi>
@ -122,7 +121,7 @@
 * Default location of askpass
 */
 #ifndef _PATH_SSH_ASKPASS_DEFAULT
-#define _PATH_SSH_ASKPASS_DEFAULT	"/usr/local/bin/ssh-askpass"
+#define _PATH_SSH_ASKPASS_DEFAULT	"/usr/X11R6/bin/ssh-askpass"
 #endif
 /* Location of ssh-keysign for hostbased authentication */
@ -137,7 +136,7 @@
 /* xauth for X11 forwarding */
 #ifndef _PATH_XAUTH
-#define _PATH_XAUTH			"/usr/local/bin/xauth"
+#define _PATH_XAUTH			"/usr/X11R6/bin/xauth"
 #endif
 /* UNIX domain socket for X11 server; displaynum will replace %u */
--- a/crypto/openssh/readconf.c
+++ b/crypto/openssh/readconf.c
@ -154,9 +154,6 @@ typedef enum {
 	oCanonicalizeFallbackLocal, oCanonicalizePermittedCNAMEs,
 	oIgnoredUnknownOption,
 	oHPNDisabled, oHPNBufferSize, oTcpRcvBufPoll, oTcpRcvBuf,
 #ifdef NONE_CIPHER_ENABLED
 	oNoneEnabled, oNoneSwitch,
 #endif
 	oVersionAddendum, oDeprecated, oUnsupported
 } OpCodes;
@ -274,10 +271,6 @@ static struct {
 	{ "hpnbuffersize", oHPNBufferSize },
 	{ "tcprcvbufpoll", oTcpRcvBufPoll },
 	{ "tcprcvbuf", oTcpRcvBuf },
 #ifdef	NONE_CIPHER_ENABLED
 	{ "noneenabled", oNoneEnabled },
 	{ "noneswitch", oNoneSwitch },
 #endif
 	{ "versionaddendum", oVersionAddendum },
 	{ NULL, oBadOption }
@ -1375,31 +1368,6 @@ parse_int:
 		intptr = &options->tcp_rcv_buf;
 		goto parse_int;
 #ifdef	NONE_CIPHER_ENABLED
 	case oNoneEnabled:
 		intptr = &options->none_enabled;
 		goto parse_flag;
 	/*
 	 * We check to see if the command comes from the command line or not.
 	 * If it does then enable it otherwise fail.  NONE must never be a
 	 * default configuration.
 	 */
 	case oNoneSwitch:
 		if (strcmp(filename,"command-line") == 0) {
 			intptr = &options->none_switch;
 			goto parse_flag;
 		} else {
 			debug("NoneSwitch directive found in %.200s.",
 			    filename);
 			error("NoneSwitch is found in %.200s.\n"
 			    "You may only use this configuration option "
 			    "from the command line", filename);
 			error("Continuing...");
 			return 0;
 		}
 #endif
 	case oVersionAddendum:
 		if (s == NULL)
 			fatal("%.200s line %d: Missing argument.", filename,
@ -1659,10 +1627,6 @@ initialize_options(Options * options)
 	options->hpn_buffer_size = -1;
 	options->tcp_rcv_buf_poll = -1;
 	options->tcp_rcv_buf = -1;
 #ifdef NONE_CIPHER_ENABLED
 	options->none_enabled = -1;
 	options->none_switch = -1;
 #endif
 }
 /*
@ -1883,11 +1847,6 @@ fill_default_options(Options * options)
 		options->tcp_rcv_buf *= 1024;
 	if (options->tcp_rcv_buf_poll == -1)
 		options->tcp_rcv_buf_poll = 1;
 #ifdef	NONE_CIPHER_ENABLED
 	/* options->none_enabled must not be set by default */
 	if (options->none_switch == -1)
 		options->none_switch = 0;
 #endif
 }
 /*
--- a/crypto/openssh/readconf.h
+++ b/crypto/openssh/readconf.h
@ -1,5 +1,4 @@
 /* $OpenBSD: readconf.h,v 1.101 2014/02/23 20:11:36 djm Exp $ */
 /* $FreeBSD$ */
 /*
 * Author: Tatu Ylonen <ylo@cs.hut.fi>
@ -165,10 +164,6 @@ typedef struct {
 					 * transfer. */
 	int	tcp_rcv_buf;	/* User switch to set tcp recv buffer. */
 #ifdef	NONE_CIPHER_ENABLED
 	int	none_enabled;	/* Allow none to be used */
 	int	none_switch;	/* Use none cipher */
 #endif
 }       Options;
 #define SSH_CANONICALISE_NO	0
--- a/crypto/openssh/servconf.c
+++ b/crypto/openssh/servconf.c
@ -158,9 +158,6 @@ initialize_server_options(ServerOptions *options)
 	options->hpn_disabled = -1;
 	options->hpn_buffer_size = -1;
 	options->tcp_rcv_buf_poll = -1;
 #ifdef	NONE_CIPHER_ENABLED
 	options->none_enabled = -1;
 #endif
 }
 void
@ -389,9 +386,6 @@ typedef enum {
 	sAuthorizedKeysCommand, sAuthorizedKeysCommandUser,
 	sAuthenticationMethods, sHostKeyAgent,
 	sHPNDisabled, sHPNBufferSize, sTcpRcvBufPoll,
 #ifdef NONE_CIPHER_ENABLED
 	sNoneEnabled,
 #endif
 	sDeprecated, sUnsupported
 } ServerOpCodes;
@ -521,9 +515,6 @@ static struct {
 	{ "hpndisabled", sHPNDisabled, SSHCFG_ALL },
 	{ "hpnbuffersize", sHPNBufferSize, SSHCFG_ALL },
 	{ "tcprcvbufpoll", sTcpRcvBufPoll, SSHCFG_ALL },
 #ifdef NONE_CIPHER_ENABLED
 	{ "noneenabled", sNoneEnabled, SSHCFG_ALL },
 #endif
 	{ NULL, sBadOption, 0 }
 };
@ -1682,12 +1673,6 @@ process_server_config_line(ServerOptions *options, char *line,
 		intptr = &options->tcp_rcv_buf_poll;
 		goto parse_flag;
 #ifdef	NONE_CIPHER_ENABLED
 	case sNoneEnabled:
 		intptr = &options->none_enabled;
 		goto parse_flag;
 #endif
 	case sDeprecated:
 		logit("%s line %d: Deprecated option %s",
 		    filename, linenum, arg);
--- a/crypto/openssh/servconf.h
+++ b/crypto/openssh/servconf.h
@ -1,5 +1,4 @@
 /* $OpenBSD: servconf.h,v 1.112 2014/01/29 06:18:35 djm Exp $ */
 /* $FreeBSD$ */
 /*
 * Author: Tatu Ylonen <ylo@cs.hut.fi>
@ -188,10 +187,6 @@ typedef struct {
 					 * kernels. */
 	u_int	num_auth_methods;
 	char   *auth_methods[MAX_AUTH_METHODS];
 #ifdef	NONE_CIPHER_ENABLED
 	int	none_enabled;		/* Enable NONE cipher switch. */
 #endif
 }       ServerOptions;
 /* Information about the incoming connection as used by Match */
--- a/crypto/openssh/ssh.c
+++ b/crypto/openssh/ssh.c
@ -782,15 +782,6 @@ main(int ac, char **av)
 			break;
 		case 'T':
 			options.request_tty = REQUEST_TTY_NO;
 #ifdef	NONE_CIPHER_ENABLED
 			/*
 			 * Ensure that the user does not try to backdoor a
 			 * NONE cipher switch on an interactive session by
 			 * explicitly disabling it if the user asks for a
 			 * session without a tty.
 			 */
 			options.none_switch = 0;
 #endif
 			break;
 		case 'o':
 			line = xstrdup(optarg);
--- a/crypto/openssh/sshconnect2.c
+++ b/crypto/openssh/sshconnect2.c
@ -25,7 +25,6 @@
 */
 #include "includes.h"
 __RCSID("$FreeBSD$");
 #include <sys/types.h>
 #include <sys/socket.h>
@ -80,16 +79,6 @@ __RCSID("$FreeBSD$");
 extern char *client_version_string;
 extern char *server_version_string;
 extern Options options;
 #ifdef	NONE_CIPHER_ENABLED
 extern Kex *xxx_kex;
 /*
 * tty_flag is set in ssh.c so we can use it here.  If set then prevent
 * the switch to the null cipher.
 */
 extern int tty_flag;
 #endif
 /*
 * SSH2 key exchange
@ -422,29 +411,6 @@ ssh_userauth2(const char *local_user, const char *server_user, char *host,
 	pubkey_cleanup(&authctxt);
 	dispatch_range(SSH2_MSG_USERAUTH_MIN, SSH2_MSG_USERAUTH_MAX, NULL);
 #ifdef	NONE_CIPHER_ENABLED
 	/*
 	 * If the user explicitly requests to use the none cipher enable it
 	 * post authentication and only if the right conditions are met: both
 	 * of the NONE switches must be true and there must be no tty allocated.
 	 */
 	if (options.none_switch == 1 && options.none_enabled == 1) {
 		if (!tty_flag) {
 			debug("Requesting none cipher re-keying...");
 			myproposal[PROPOSAL_ENC_ALGS_STOC] = "none";
 			myproposal[PROPOSAL_ENC_ALGS_CTOS] = "none";
 			kex_prop2buf(&xxx_kex->my, myproposal);
 			packet_request_rekeying();
 			fprintf(stderr, "WARNING: enabled NONE cipher\n");
 		} else {
 			/* Requested NONE cipher on an interactive session. */
 			debug("Cannot switch to NONE cipher with tty "
 			    "allocated");
 			fprintf(stderr, "NONE cipher switch disabled given "
 			    "a TTY is allocated\n");
 		}
 	}
 #endif
 	debug("Authentication succeeded (%s).", authctxt.method->name);
 }
--- a/crypto/openssh/sshd.c
+++ b/crypto/openssh/sshd.c
@ -2501,12 +2501,6 @@ do_ssh2_kex(void)
 	if (options.ciphers != NULL) {
 		myproposal[PROPOSAL_ENC_ALGS_CTOS] =
 		myproposal[PROPOSAL_ENC_ALGS_STOC] = options.ciphers;
 #ifdef	NONE_CIPHER_ENABLED
 	} else if (options.none_enabled == 1) {
 		debug ("WARNING: None cipher enabled");
 		myproposal[PROPOSAL_ENC_ALGS_CTOS] =
 		myproposal[PROPOSAL_ENC_ALGS_STOC] = KEX_ENCRYPT_INCLUDE_NONE;
 #endif
 	}
 	myproposal[PROPOSAL_ENC_ALGS_CTOS] =
 	    compat_cipher_proposal(myproposal[PROPOSAL_ENC_ALGS_CTOS]);
--- a/secure/lib/libssh/Makefile
+++ b/secure/lib/libssh/Makefile
@ -43,10 +43,6 @@ CFLAGS+= -I${SSHDIR} -include ssh_namespace.h
 CFLAGS+= -include krb5_config.h
 .endif
 .if ${MK_OPENSSH_NONE_CIPHER} != "no"
 CFLAGS+= -DNONE_CIPHER_ENABLED
 .endif
 NO_LINT=
 LIBADD+=	crypto crypt z
--- a/secure/usr.bin/ssh/Makefile
+++ b/secure/usr.bin/ssh/Makefile
@ -26,10 +26,6 @@ CFLAGS+= -include krb5_config.h
 LIBADD+=	gssapi
 .endif
 .if ${MK_OPENSSH_NONE_CIPHER} != "no"
 CFLAGS+= -DNONE_CIPHER_ENABLED
 .endif
 LIBADD+=	crypto
 .if defined(LOCALBASE)
--- a/secure/usr.sbin/sshd/Makefile
+++ b/secure/usr.sbin/sshd/Makefile
@ -44,10 +44,6 @@ CFLAGS+= -include krb5_config.h
 LIBADD+=	gssapi_krb5 gssapi krb5
 .endif
 .if ${MK_OPENSSH_NONE_CIPHER} != "no"
 CFLAGS+= -DNONE_CIPHER_ENABLED
 .endif
 LIBADD+=	crypto
 .if defined(LOCALBASE)
--- a/share/mk/src.opts.mk
+++ b/share/mk/src.opts.mk
@ -184,7 +184,6 @@ __DEFAULT_NO_OPTIONS = \
    NAND \
    OFED \
    OPENLDAP \
    OPENSSH_NONE_CIPHER \
    SHARED_TOOLCHAIN \
    SORT_THREADS \
    SVN
--- a/tools/build/options/WITH_OPENSSH_NONE_CIPHER
+++ b/tools/build/options/WITH_OPENSSH_NONE_CIPHER
@ -1,9 +0,0 @@
 .\" $FreeBSD$
 Set to include the "None" cipher support in OpenSSH and its libraries.
 Additional adjustments may need to be done to system configuration
 files, such as
 .Xr sshd_config 5 ,
 to enable this cipher.
 Please see
 .Pa /usr/src/crypto/openssh/README.hpn
 for full details.