Port openssh-7.7p1-fips.patch from Fedora https://src.fedoraproject.org/rpms/openssh.git (as of commit 0ca1614ae221578b6b57c61d18fda6cc970a19ce)
Signed-off-by: Hongxu Jia <hongxu....@windriver.com> --- .../openssh/openssh/0001-openssh-8.0p1-fips.patch | 529 +++++++++++++++++++++ recipes-connectivity/openssh/openssh_8.%.bbappend | 4 + recipes-connectivity/openssh/openssh_fips.inc | 8 + 3 files changed, 541 insertions(+) create mode 100644 recipes-connectivity/openssh/openssh/0001-openssh-8.0p1-fips.patch create mode 100644 recipes-connectivity/openssh/openssh_8.%.bbappend create mode 100644 recipes-connectivity/openssh/openssh_fips.inc diff --git a/recipes-connectivity/openssh/openssh/0001-openssh-8.0p1-fips.patch b/recipes-connectivity/openssh/openssh/0001-openssh-8.0p1-fips.patch new file mode 100644 index 0000000..a4b5836 --- /dev/null +++ b/recipes-connectivity/openssh/openssh/0001-openssh-8.0p1-fips.patch @@ -0,0 +1,529 @@ +From 255e5dcdec36df7222f69b253dfc05be63927ed2 Mon Sep 17 00:00:00 2001 +From: Hongxu Jia <hongxu....@windriver.com> +Date: Fri, 20 Sep 2019 17:59:00 +0800 +Subject: [PATCH] openssh 8.0p1 fips + +Port openssh-7.7p1-fips.patch from Fedora +https://src.fedoraproject.org/rpms/openssh.git +(as of commit 0ca1614ae221578b6b57c61d18fda6cc970a19ce) + +Upstream-Status: Inappropriate [oe specific] + +Signed-off-by: Hongxu Jia <hongxu....@windriver.com> +--- + Makefile.in | 14 +++++++------- + cipher-ctr.c | 3 ++- + clientloop.c | 3 ++- + dh.c | 40 ++++++++++++++++++++++++++++++++++++++++ + dh.h | 1 + + kex.c | 5 ++++- + kexgexc.c | 5 +++++ + myproposal.h | 40 ++++++++++++++++++++++++++++++++++++++++ + readconf.c | 17 +++++++++-------- + sandbox-seccomp-filter.c | 3 +++ + servconf.c | 19 ++++++++++--------- + ssh-keygen.c | 6 ++++++ + ssh.c | 16 ++++++++++++++++ + sshconnect2.c | 11 ++++++++--- + sshd.c | 19 +++++++++++++++++++ + sshkey.c | 4 ++++ + 16 files changed, 176 insertions(+), 30 deletions(-) + +diff --git a/Makefile.in b/Makefile.in +index 6f001bb..ddd1804 100644 +--- a/Makefile.in ++++ b/Makefile.in +@@ -170,31 +170,31 @@ libssh.a: $(LIBSSH_OBJS) + $(RANLIB) $@ + + ssh$(EXEEXT): $(LIBCOMPAT) libssh.a $(SSHOBJS) +- $(LD) -o $@ $(SSHOBJS) $(LDFLAGS) -lssh -lopenbsd-compat $(SSHLIBS) $(LIBS) $(GSSLIBS) ++ $(LD) -o $@ $(SSHOBJS) $(LDFLAGS) -lssh -lopenbsd-compat -lfipscheck $(SSHLIBS) $(LIBS) $(GSSLIBS) + + sshd$(EXEEXT): libssh.a $(LIBCOMPAT) $(SSHDOBJS) +- $(LD) -o $@ $(SSHDOBJS) $(LDFLAGS) -lssh -lopenbsd-compat $(SSHDLIBS) $(LIBS) $(GSSLIBS) $(K5LIBS) ++ $(LD) -o $@ $(SSHDOBJS) $(LDFLAGS) -lssh -lopenbsd-compat -lfipscheck $(SSHDLIBS) $(LIBS) $(GSSLIBS) $(K5LIBS) + + scp$(EXEEXT): $(LIBCOMPAT) libssh.a scp.o progressmeter.o + $(LD) -o $@ scp.o progressmeter.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS) + + ssh-add$(EXEEXT): $(LIBCOMPAT) libssh.a ssh-add.o +- $(LD) -o $@ ssh-add.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS) ++ $(LD) -o $@ ssh-add.o $(LDFLAGS) -lssh -lopenbsd-compat -lfipscheck $(LIBS) + + ssh-agent$(EXEEXT): $(LIBCOMPAT) libssh.a ssh-agent.o ssh-pkcs11-client.o +- $(LD) -o $@ ssh-agent.o ssh-pkcs11-client.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS) ++ $(LD) -o $@ ssh-agent.o ssh-pkcs11-client.o $(LDFLAGS) -lssh -lopenbsd-compat -lfipscheck $(LIBS) + + ssh-keygen$(EXEEXT): $(LIBCOMPAT) libssh.a ssh-keygen.o +- $(LD) -o $@ ssh-keygen.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS) ++ $(LD) -o $@ ssh-keygen.o $(LDFLAGS) -lssh -lopenbsd-compat -lfipscheck $(LIBS) + + ssh-keysign$(EXEEXT): $(LIBCOMPAT) libssh.a ssh-keysign.o readconf.o uidswap.o compat.o +- $(LD) -o $@ ssh-keysign.o readconf.o uidswap.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS) ++ $(LD) -o $@ ssh-keysign.o readconf.o uidswap.o $(LDFLAGS) -lssh -lopenbsd-compat -lfipscheck $(LIBS) + + ssh-pkcs11-helper$(EXEEXT): $(LIBCOMPAT) libssh.a ssh-pkcs11-helper.o ssh-pkcs11.o + $(LD) -o $@ ssh-pkcs11-helper.o ssh-pkcs11.o $(LDFLAGS) -lssh -lopenbsd-compat -lssh -lopenbsd-compat $(LIBS) + + ssh-keyscan$(EXEEXT): $(LIBCOMPAT) libssh.a ssh-keyscan.o +- $(LD) -o $@ ssh-keyscan.o $(LDFLAGS) -lssh -lopenbsd-compat -lssh $(LIBS) ++ $(LD) -o $@ ssh-keyscan.o $(LDFLAGS) -lssh -lopenbsd-compat -lssh -lfipscheck $(LIBS) + + sftp-server$(EXEEXT): $(LIBCOMPAT) libssh.a sftp.o sftp-common.o sftp-server.o sftp-server-main.o + $(LD) -o $@ sftp-server.o sftp-common.o sftp-server-main.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS) +diff --git a/cipher-ctr.c b/cipher-ctr.c +index 32771f2..74fac3b 100644 +--- a/cipher-ctr.c ++++ b/cipher-ctr.c +@@ -138,7 +138,8 @@ evp_aes_128_ctr(void) + aes_ctr.do_cipher = ssh_aes_ctr; + #ifndef SSH_OLD_EVP + aes_ctr.flags = EVP_CIPH_CBC_MODE | EVP_CIPH_VARIABLE_LENGTH | +- EVP_CIPH_ALWAYS_CALL_INIT | EVP_CIPH_CUSTOM_IV; ++ EVP_CIPH_ALWAYS_CALL_INIT | EVP_CIPH_CUSTOM_IV | ++ EVP_CIPH_FLAG_FIPS; + #endif + return (&aes_ctr); + } +diff --git a/clientloop.c b/clientloop.c +index 086c0df..0b308d4 100644 +--- a/clientloop.c ++++ b/clientloop.c +@@ -2036,7 +2036,8 @@ key_accepted_by_hostkeyalgs(const struct sshkey *key) + { + const char *ktype = sshkey_ssh_name(key); + const char *hostkeyalgs = options.hostkeyalgorithms != NULL ? +- options.hostkeyalgorithms : KEX_DEFAULT_PK_ALG; ++ options.hostkeyalgorithms : (FIPS_mode() ? ++ KEX_FIPS_PK_ALG : KEX_DEFAULT_PK_ALG); + + if (key == NULL || key->type == KEY_UNSPEC) + return 0; +diff --git a/dh.c b/dh.c +index a98d39e..92e800a 100644 +--- a/dh.c ++++ b/dh.c +@@ -152,6 +152,12 @@ choose_dh(int min, int wantbits, int max) + int best, bestcount, which, linenum; + struct dhgroup dhg; + ++ if (FIPS_mode()) { ++ logit("Using arbitrary primes is not allowed in FIPS mode." ++ " Falling back to known groups."); ++ return (dh_new_group_fallback(max)); ++ } ++ + if ((f = fopen(_PATH_DH_MODULI, "r")) == NULL) { + logit("WARNING: could not open %s (%s), using fixed modulus", + _PATH_DH_MODULI, strerror(errno)); +@@ -489,4 +495,38 @@ dh_estimate(int bits) + return 8192; + } + ++/* ++ * Compares the received DH parameters with known-good groups, ++ * which might be either from group14, group16 or group18. ++ */ ++int ++dh_is_known_group(const DH *dh) ++{ ++ const BIGNUM *p, *g; ++ const BIGNUM *known_p, *known_g; ++ DH *known = NULL; ++ int bits = 0, rv = 0; ++ ++ DH_get0_pqg(dh, &p, NULL, &g); ++ bits = BN_num_bits(p); ++ ++ if (bits <= 3072) { ++ known = dh_new_group14(); ++ } else if (bits <= 6144) { ++ known = dh_new_group16(); ++ } else { ++ known = dh_new_group18(); ++ } ++ ++ DH_get0_pqg(known, &known_p, NULL, &known_g); ++ ++ if (BN_cmp(g, known_g) == 0 && ++ BN_cmp(p, known_p) == 0) { ++ rv = 1; ++ } ++ ++ DH_free(known); ++ return rv; ++} ++ + #endif /* WITH_OPENSSL */ +diff --git a/dh.h b/dh.h +index adb643a..5d1cad5 100644 +--- a/dh.h ++++ b/dh.h +@@ -43,6 +43,7 @@ DH *dh_new_group_fallback(int); + + int dh_gen_key(DH *, int); + int dh_pub_is_valid(const DH *, const BIGNUM *); ++int dh_is_known_group(const DH *); + + u_int dh_estimate(int); + +diff --git a/kex.c b/kex.c +index 34808b5..b356a26 100644 +--- a/kex.c ++++ b/kex.c +@@ -161,7 +161,10 @@ kex_names_valid(const char *names) + for ((p = strsep(&cp, ",")); p && *p != '\0'; + (p = strsep(&cp, ","))) { + if (kex_alg_by_name(p) == NULL) { +- error("Unsupported KEX algorithm \"%.100s\"", p); ++ if (FIPS_mode()) ++ error("\"%.100s\" is not allowed in FIPS mode", p); ++ else ++ error("Unsupported KEX algorithm \"%.100s\"", p); + free(s); + return 0; + } +diff --git a/kexgexc.c b/kexgexc.c +index 1c65b8a..b6b25bf 100644 +--- a/kexgexc.c ++++ b/kexgexc.c +@@ -28,6 +28,7 @@ + + #ifdef WITH_OPENSSL + ++#include <openssl/crypto.h> + #include <sys/types.h> + + #include <openssl/dh.h> +@@ -113,6 +114,10 @@ input_kex_dh_gex_group(int type, u_int32_t seq, struct ssh *ssh) + r = SSH_ERR_ALLOC_FAIL; + goto out; + } ++ if (FIPS_mode() && dh_is_known_group(kex->dh) == 0) { ++ r = SSH_ERR_INVALID_ARGUMENT; ++ goto out; ++ } + p = g = NULL; /* belong to kex->dh now */ + + /* generate and send 'e', client DH public key */ +diff --git a/myproposal.h b/myproposal.h +index f167298..812d9a2 100644 +--- a/myproposal.h ++++ b/myproposal.h +@@ -111,6 +111,14 @@ + "rsa-sha2-256," \ + "ssh-rsa" + ++#define KEX_FIPS_PK_ALG \ ++ HOSTKEY_ECDSA_CERT_METHODS \ ++ "ssh-rsa-cert-...@openssh.com," \ ++ HOSTKEY_ECDSA_METHODS \ ++ "rsa-sha2-512," \ ++ "rsa-sha2-256," \ ++ "ssh-rsa" ++ + /* the actual algorithms */ + + #define KEX_SERVER_ENCRYPT \ +@@ -134,6 +142,38 @@ + + #define KEX_CLIENT_MAC KEX_SERVER_MAC + ++#define KEX_FIPS_ENCRYPT \ ++ "aes128-ctr,aes192-ctr,aes256-ctr," \ ++ "aes128-cbc,3des-cbc," \ ++ "aes192-cbc,aes256-cbc,rijndael-...@lysator.liu.se" \ ++ AESGCM_CIPHER_MODES ++#ifdef HAVE_EVP_SHA256 ++# define KEX_DEFAULT_KEX_FIPS \ ++ KEX_ECDH_METHODS \ ++ KEX_SHA2_METHODS \ ++ "diffie-hellman-group14-sha256" ++# define KEX_FIPS_MAC \ ++ "hmac-sha1," \ ++ "hmac-sha2-256," \ ++ "hmac-sha2-512," \ ++ "hmac-sha1-...@openssh.com," \ ++ "hmac-sha2-256-...@openssh.com," \ ++ "hmac-sha2-512-...@openssh.com" ++#else ++# ifdef OPENSSL_HAS_NISTP521 ++# define KEX_DEFAULT_KEX_FIPS \ ++ "ecdh-sha2-nistp256," \ ++ "ecdh-sha2-nistp384," \ ++ "ecdh-sha2-nistp521" ++# else ++# define KEX_DEFAULT_KEX_FIPS \ ++ "ecdh-sha2-nistp256," \ ++ "ecdh-sha2-nistp384" ++# endif ++#define KEX_FIPS_MAC \ ++ "hmac-sha1" ++#endif ++ + /* Not a KEX value, but here so all the algorithm defaults are together */ + #define SSH_ALLOWED_CA_SIGALGS \ + "ecdsa-sha2-nistp256," \ +diff --git a/readconf.c b/readconf.c +index ec497e7..1f1a16d 100644 +--- a/readconf.c ++++ b/readconf.c +@@ -2116,18 +2116,19 @@ fill_default_options(Options * options) + all_kex = kex_alg_list(','); + all_key = sshkey_alg_list(0, 0, 1, ','); + all_sig = sshkey_alg_list(0, 1, 1, ','); +-#define ASSEMBLE(what, defaults, all) \ ++#define ASSEMBLE(what, defaults, fips_defaults, all) \ + do { \ + if ((r = kex_assemble_names(&options->what, \ +- defaults, all)) != 0) \ ++ (FIPS_mode() ? fips_defaults : defaults), \ ++ all)) != 0) \ + fatal("%s: %s: %s", __func__, #what, ssh_err(r)); \ + } while (0) +- ASSEMBLE(ciphers, KEX_CLIENT_ENCRYPT, all_cipher); +- ASSEMBLE(macs, KEX_CLIENT_MAC, all_mac); +- ASSEMBLE(kex_algorithms, KEX_CLIENT_KEX, all_kex); +- ASSEMBLE(hostbased_key_types, KEX_DEFAULT_PK_ALG, all_key); +- ASSEMBLE(pubkey_key_types, KEX_DEFAULT_PK_ALG, all_key); +- ASSEMBLE(ca_sign_algorithms, SSH_ALLOWED_CA_SIGALGS, all_sig); ++ ASSEMBLE(ciphers, KEX_CLIENT_ENCRYPT, KEX_FIPS_ENCRYPT, all_cipher); ++ ASSEMBLE(macs, KEX_CLIENT_MAC, KEX_FIPS_MAC, all_mac); ++ ASSEMBLE(kex_algorithms, KEX_CLIENT_KEX, KEX_DEFAULT_KEX_FIPS, all_kex); ++ ASSEMBLE(hostbased_key_types, KEX_DEFAULT_PK_ALG, KEX_FIPS_PK_ALG, all_key); ++ ASSEMBLE(pubkey_key_types, KEX_DEFAULT_PK_ALG, KEX_FIPS_PK_ALG, all_key); ++ ASSEMBLE(ca_sign_algorithms, SSH_ALLOWED_CA_SIGALGS, KEX_FIPS_PK_ALG, all_sig); + #undef ASSEMBLE + free(all_cipher); + free(all_mac); +diff --git a/sandbox-seccomp-filter.c b/sandbox-seccomp-filter.c +index 5edbc69..3c40136 100644 +--- a/sandbox-seccomp-filter.c ++++ b/sandbox-seccomp-filter.c +@@ -137,6 +137,9 @@ static const struct sock_filter preauth_insns[] = { + #ifdef __NR_open + SC_DENY(__NR_open, EACCES), + #endif ++#ifdef __NR_socket ++ SC_DENY(__NR_socket, EACCES), ++#endif + #ifdef __NR_openat + SC_DENY(__NR_openat, EACCES), + #endif +diff --git a/servconf.c b/servconf.c +index ffac5d2..7ad0e4e 100644 +--- a/servconf.c ++++ b/servconf.c +@@ -200,18 +200,19 @@ assemble_algorithms(ServerOptions *o) + all_kex = kex_alg_list(','); + all_key = sshkey_alg_list(0, 0, 1, ','); + all_sig = sshkey_alg_list(0, 1, 1, ','); +-#define ASSEMBLE(what, defaults, all) \ ++#define ASSEMBLE(what, defaults, fips_defaults, all) \ + do { \ +- if ((r = kex_assemble_names(&o->what, defaults, all)) != 0) \ ++ if ((r = kex_assemble_names(&o->what, (FIPS_mode() \ ++ ? fips_defaults : defaults), all)) != 0) \ + fatal("%s: %s: %s", __func__, #what, ssh_err(r)); \ + } while (0) +- ASSEMBLE(ciphers, KEX_SERVER_ENCRYPT, all_cipher); +- ASSEMBLE(macs, KEX_SERVER_MAC, all_mac); +- ASSEMBLE(kex_algorithms, KEX_SERVER_KEX, all_kex); +- ASSEMBLE(hostkeyalgorithms, KEX_DEFAULT_PK_ALG, all_key); +- ASSEMBLE(hostbased_key_types, KEX_DEFAULT_PK_ALG, all_key); +- ASSEMBLE(pubkey_key_types, KEX_DEFAULT_PK_ALG, all_key); +- ASSEMBLE(ca_sign_algorithms, SSH_ALLOWED_CA_SIGALGS, all_sig); ++ ASSEMBLE(ciphers, KEX_SERVER_ENCRYPT, KEX_FIPS_ENCRYPT, all_cipher); ++ ASSEMBLE(macs, KEX_SERVER_MAC, KEX_FIPS_MAC, all_mac); ++ ASSEMBLE(kex_algorithms, KEX_SERVER_KEX, KEX_DEFAULT_KEX_FIPS, all_kex); ++ ASSEMBLE(hostkeyalgorithms, KEX_DEFAULT_PK_ALG, KEX_FIPS_PK_ALG, all_key); ++ ASSEMBLE(hostbased_key_types, KEX_DEFAULT_PK_ALG, KEX_FIPS_PK_ALG, all_key); ++ ASSEMBLE(pubkey_key_types, KEX_DEFAULT_PK_ALG, KEX_FIPS_PK_ALG, all_key); ++ ASSEMBLE(ca_sign_algorithms, SSH_ALLOWED_CA_SIGALGS, KEX_FIPS_PK_ALG, all_sig); + #undef ASSEMBLE + free(all_cipher); + free(all_mac); +diff --git a/ssh-keygen.c b/ssh-keygen.c +index 3898b28..f3f4975 100644 +--- a/ssh-keygen.c ++++ b/ssh-keygen.c +@@ -199,6 +199,12 @@ type_bits_valid(int type, const char *name, u_int32_t *bitsp) + OPENSSL_DSA_MAX_MODULUS_BITS : OPENSSL_RSA_MAX_MODULUS_BITS; + if (*bitsp > maxbits) + fatal("key bits exceeds maximum %d", maxbits); ++ if (FIPS_mode()) { ++ if (type == KEY_DSA) ++ fatal("DSA keys are not allowed in FIPS mode"); ++ if (type == KEY_ED25519) ++ fatal("ED25519 keys are not allowed in FIPS mode"); ++ } + switch (type) { + case KEY_DSA: + if (*bitsp != 1024) +diff --git a/ssh.c b/ssh.c +index 91e7c35..1cf14f6 100644 +--- a/ssh.c ++++ b/ssh.c +@@ -76,6 +76,8 @@ + #include <openssl/evp.h> + #include <openssl/err.h> + #endif ++#include <openssl/crypto.h> ++#include <fipscheck.h> + #include "openbsd-compat/openssl-compat.h" + #include "openbsd-compat/sys-queue.h" + +@@ -600,6 +602,16 @@ main(int ac, char **av) + sanitise_stdfd(); + + __progname = ssh_get_progname(av[0]); ++#if OPENSSL_VERSION_NUMBER < 0x10100000L ++ SSLeay_add_all_algorithms(); ++#endif ++ if (access("/etc/system-fips", F_OK) == 0) ++ if (! FIPSCHECK_verify(NULL, NULL)){ ++ if (FIPS_mode()) ++ fatal("FIPS integrity verification test failed."); ++ else ++ logit("FIPS integrity verification test failed."); ++ } + + #ifndef HAVE_SETPROCTITLE + /* Prepare for later setproctitle emulation */ +@@ -614,6 +626,10 @@ main(int ac, char **av) + + seed_rng(); + ++ if (FIPS_mode()) { ++ logit("FIPS mode initialized"); ++ } ++ + /* + * Discard other fds that are hanging around. These can cause problem + * with backgrounded ssh processes started by ControlPersist. +diff --git a/sshconnect2.c b/sshconnect2.c +index dffee90..28b2554 100644 +--- a/sshconnect2.c ++++ b/sshconnect2.c +@@ -44,6 +44,8 @@ + #include <vis.h> + #endif + ++#include <openssl/crypto.h> ++ + #include "openbsd-compat/sys-queue.h" + + #include "xmalloc.h" +@@ -117,7 +119,8 @@ order_hostkeyalgs(char *host, struct sockaddr *hostaddr, u_short port) + for (i = 0; i < options.num_system_hostfiles; i++) + load_hostkeys(hostkeys, hostname, options.system_hostfiles[i]); + +- oavail = avail = xstrdup(KEX_DEFAULT_PK_ALG); ++ oavail = avail = xstrdup((FIPS_mode() ++ ? KEX_FIPS_PK_ALG : KEX_DEFAULT_PK_ALG)); + maxlen = strlen(avail) + 1; + first = xmalloc(maxlen); + last = xmalloc(maxlen); +@@ -179,14 +182,16 @@ ssh_kex2(struct ssh *ssh, char *host, struct sockaddr *hostaddr, u_short port) + if (options.hostkeyalgorithms != NULL) { + all_key = sshkey_alg_list(0, 0, 1, ','); + if (kex_assemble_names(&options.hostkeyalgorithms, +- KEX_DEFAULT_PK_ALG, all_key) != 0) ++ (FIPS_mode() ? KEX_FIPS_PK_ALG : KEX_DEFAULT_PK_ALG), ++ all_key) != 0) + fatal("%s: kex_assemble_namelist", __func__); + free(all_key); + myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = + compat_pkalg_proposal(options.hostkeyalgorithms); + } else { + /* Enforce default */ +- options.hostkeyalgorithms = xstrdup(KEX_DEFAULT_PK_ALG); ++ options.hostkeyalgorithms = xstrdup((FIPS_mode() ++ ? KEX_FIPS_PK_ALG : KEX_DEFAULT_PK_ALG)); + /* Prefer algorithms that we already have keys for */ + myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = + compat_pkalg_proposal( +diff --git a/sshd.c b/sshd.c +index a3c1975..bf25d76 100644 +--- a/sshd.c ++++ b/sshd.c +@@ -66,6 +66,7 @@ + #include <grp.h> + #include <pwd.h> + #include <signal.h> ++#include <syslog.h> + #include <stdarg.h> + #include <stdio.h> + #include <stdlib.h> +@@ -77,6 +78,8 @@ + #include <openssl/dh.h> + #include <openssl/bn.h> + #include <openssl/rand.h> ++#include <openssl/crypto.h> ++#include <fipscheck.h> + #include "openbsd-compat/openssl-compat.h" + #endif + +@@ -1447,6 +1450,18 @@ main(int ac, char **av) + #endif + __progname = ssh_get_progname(av[0]); + ++ OpenSSL_add_all_algorithms(); ++ if (access("/etc/system-fips", F_OK) == 0) ++ if (! FIPSCHECK_verify(NULL, NULL)) { ++ openlog(__progname, LOG_PID, LOG_AUTHPRIV); ++ if (FIPS_mode()) { ++ syslog(LOG_CRIT, "FIPS integrity verification test failed."); ++ cleanup_exit(255); ++ } ++ else ++ syslog(LOG_INFO, "FIPS integrity verification test failed."); ++ closelog(); ++ } + /* Save argv. Duplicate so setproctitle emulation doesn't clobber it */ + saved_argc = ac; + rexec_argc = ac; +@@ -1905,6 +1920,10 @@ main(int ac, char **av) + /* Reinitialize the log (because of the fork above). */ + log_init(__progname, options.log_level, options.log_facility, log_stderr); + ++ if (FIPS_mode()) { ++ logit("FIPS mode initialized"); ++ } ++ + /* Chdir to the root directory so that the current disk can be + unmounted if desired. */ + if (chdir("/") == -1) +diff --git a/sshkey.c b/sshkey.c +index ad19577..18906cb 100644 +--- a/sshkey.c ++++ b/sshkey.c +@@ -34,6 +34,7 @@ + #include <openssl/evp.h> + #include <openssl/err.h> + #include <openssl/pem.h> ++#include <openssl/crypto.h> + #endif + + #include "crypto_api.h" +@@ -57,6 +58,7 @@ + #include "sshkey.h" + #include "sshkey-xmss.h" + #include "match.h" ++#include "log.h" + + #include "xmss_fast.h" + +@@ -1481,6 +1483,8 @@ rsa_generate_private_key(u_int bits, RSA **rsap) + } + if (!BN_set_word(f4, RSA_F4) || + !RSA_generate_key_ex(private, bits, f4, NULL)) { ++ if (FIPS_mode()) ++ logit("%s: the key length might be unsupported by FIPS mode approved key generation method", __func__); + ret = SSH_ERR_LIBCRYPTO_ERROR; + goto out; + } +-- +2.7.4 + diff --git a/recipes-connectivity/openssh/openssh_8.%.bbappend b/recipes-connectivity/openssh/openssh_8.%.bbappend new file mode 100644 index 0000000..07799f6 --- /dev/null +++ b/recipes-connectivity/openssh/openssh_8.%.bbappend @@ -0,0 +1,4 @@ +FIPSINC = "" +FIPSINC_class-target = "${@'' if d.getVar('OPENSSL_FIPS_ENABLED', True) != '1' else 'openssh_fips.inc'}" + +require ${FIPSINC} diff --git a/recipes-connectivity/openssh/openssh_fips.inc b/recipes-connectivity/openssh/openssh_fips.inc new file mode 100644 index 0000000..99a3482 --- /dev/null +++ b/recipes-connectivity/openssh/openssh_fips.inc @@ -0,0 +1,8 @@ +FILESEXTRAPATHS_prepend := "${THISDIR}/openssh:" +DEPENDS += " \ + openssl-fips \ + fipscheck \ +" +SRC_URI += " \ + file://0001-openssh-8.0p1-fips.patch \ +" -- 2.7.4 -- _______________________________________________ yocto mailing list yocto@yoctoproject.org https://lists.yoctoproject.org/listinfo/yocto
