[prev in list] [next in list] [prev in thread] [next in thread]
List: proftpd-committers
Subject: [ProFTPD-committers] CVS: proftpd/contrib/mod_sftp kex.c, 1.9,
From: "TJ Saunders" <castaglia () users ! sourceforge ! net>
Date: 2009-08-25 5:07:17
Message-ID: E1MfoFZ-0001Ve-3r () ddv4jf1 ! ch3 ! sourceforge ! com
[Download RAW message or body]
Update of /cvsroot/proftp/proftpd/contrib/mod_sftp
In directory ddv4jf1.ch3.sourceforge.com:/tmp/cvs-serv5724/contrib/mod_sftp
Modified Files:
kex.c mod_sftp.c tap.c tap.h
Log Message:
Protect against the Rogaway CBC mode attack (see RFC4251, Section 9.3.1) by
sending IGNORE messages before every outgoing message if a CBC mode cipher
is chosen for server-to-client messages.
Index: kex.c
===================================================================
RCS file: /cvsroot/proftp/proftpd/contrib/mod_sftp/kex.c,v
retrieving revision 1.9
retrieving revision 1.10
diff -u -r1.9 -r1.10
--- kex.c 4 Jul 2009 00:34:08 -0000 1.9
+++ kex.c 25 Aug 2009 05:07:14 -0000 1.10
@@ -37,6 +37,7 @@
#include "crypto.h"
#include "disconnect.h"
#include "interop.h"
+#include "tap.h"
#define SFTP_DH_PRIV_KEY_RANDOM_BITS 2048
@@ -1818,6 +1819,22 @@
sftp_ssh2_packet_rekey_reset();
kex_rekey_kex = NULL;
+
+ /* If any CBC mode ciphers have been negotiated for the server-to-client
+ * stream, then we need to use the 'cbc-mode' TAP policy.
+ */
+ k = sftp_cipher_get_write_algo();
+ if (strncmp(k + strlen(k) - 4, "-cbc", 4) == 0) {
+ const char *policy = "cbc-mode";
+
+ pr_trace_msg("ssh2", 4, "CBC mode cipher chosen for server-to-client "
+ "messages, automatically enabling '%s' TAP policy", policy);
+
+ if (sftp_tap_set_policy(policy) < 0) {
+ (void) pr_log_writefile(sftp_logfd, MOD_SFTP_VERSION,
+ "error setting TrafficPolicy '%s': %s", policy, strerror(errno));
+ }
+ }
return 0;
}
Index: mod_sftp.c
===================================================================
RCS file: /cvsroot/proftp/proftpd/contrib/mod_sftp/mod_sftp.c,v
retrieving revision 1.14
retrieving revision 1.15
diff -u -r1.14 -r1.15
--- mod_sftp.c 3 Jul 2009 23:02:09 -0000 1.14
+++ mod_sftp.c 25 Aug 2009 05:07:14 -0000 1.15
@@ -1405,7 +1405,15 @@
*/
c = find_config(main_server->conf, CONF_PARAM, "SFTPTrafficPolicy", FALSE);
if (c) {
- sftp_tap_set_policy(c->argv[0]);
+ const char *policy = c->argv[0];
+
+ if (sftp_tap_set_policy(policy) < 0) {
+ (void) pr_log_writefile(sftp_logfd, MOD_SFTP_VERSION,
+ "error setting TrafficPolicy '%s': %s", policy, strerror(errno));
+
+ } else {
+ pr_trace_msg("ssh2", 9, "using TAP policy '%s'", policy);
+ }
}
/* Use our own "authenticated yet?" check. */
Index: tap.c
===================================================================
RCS file: /cvsroot/proftp/proftpd/contrib/mod_sftp/tap.c,v
retrieving revision 1.2
retrieving revision 1.3
diff -u -r1.2 -r1.3
--- tap.c 13 Feb 2009 23:41:19 -0000 1.2
+++ tap.c 25 Aug 2009 05:07:14 -0000 1.3
@@ -57,6 +57,7 @@
{ "medium", 100, 0, 32, 768, 5, 10, 60 },
{ "high", 10, 0, 16, 2048, 1, 5, 15 },
{ "paranoid", 1, 0, 0, 0, 1, 1, 5 },
+ { "cbc-mode", 1, 0, 64, 256, 0, 0, 0 },
{ NULL, 0, 0, 0, 0, 0, 0, 0 }
};
@@ -245,6 +246,11 @@
if (tap_pool) {
destroy_pool(tap_pool);
+
+ if (tap_timerno > 0) {
+ pr_timer_remove(tap_timerno, &sftp_module);
+ tap_timerno = -1;
+ }
}
tap_pool = make_sub_pool(sftp_pool);
Index: tap.h
===================================================================
RCS file: /cvsroot/proftp/proftpd/contrib/mod_sftp/tap.h,v
retrieving revision 1.2
retrieving revision 1.3
diff -u -r1.2 -r1.3
--- tap.h 13 Feb 2009 23:41:19 -0000 1.2
+++ tap.h 25 Aug 2009 05:07:14 -0000 1.3
@@ -31,7 +31,7 @@
int sftp_tap_have_policy(const char *);
-/* May sends an SSH2_MSG_IGNORE packet of random length, filled with random
+/* May send an SSH2_MSG_IGNORE packet of random length, filled with random
* data to the client, depending on the selected policy. These messages can
* be injected into the SSH session in order to make traffic analysis harder.
* Returns -1 if there was an error while sending the packet.
@@ -55,6 +55,13 @@
* 16 to 2048 bytes of random data.
*
* "paranoid" - always send SSH2_MSG_IGNORE packets, of lengths up to 8KB.
+ *
+ * Note that there is an additional TAP policy called 'cbc-mode'. This
+ * policy is automatically used if the negotiated server-to-client cipher
+ * is any of the CBC ciphers. The purpose of the 'cbc-mode' TAP policy is
+ * to implement the mitigation of the Rogaway CBC mode attack (see RFC4251,
+ * Section 9.3.1) via the use of IGNORE packets. The use of the 'cbc-mode'
+ * policy is hardcoded, and will override any configured TAP policy.
*/
int sftp_tap_set_policy(const char *);
------------------------------------------------------------------------------
Let Crystal Reports handle the reporting - Free Crystal Reports 2008 30-Day
trial. Simplify your report design, integration and deployment - and focus on
what you do best, core application coding. Discover what's new with
Crystal Reports now. http://p.sf.net/sfu/bobj-july
_______________________________________________
ProFTPD Committers Mailing List
proftpd-committers@proftpd.org
https://lists.sourceforge.net/lists/listinfo/proftp-committers
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic