1 diff -up openssh-6.8p1/Makefile.in.audit openssh-6.8p1/Makefile.in
2 --- openssh-6.8p1/Makefile.in.audit 2015-03-20 13:41:15.065883826 +0100
3 +++ openssh-6.8p1/Makefile.in 2015-03-20 13:41:15.100883769 +0100
4 @@ -98,7 +98,7 @@ LIBSSH_OBJS=${LIBOPENSSH_OBJS} \
5 sc25519.o ge25519.o fe25519.o ed25519.o verify.o hash.o blocks.o \
6 kex.o kexdh.o kexgex.o kexecdh.o kexc25519.o \
7 kexdhc.o kexgexc.o kexecdhc.o kexc25519c.o \
8 - kexdhs.o kexgexs.o kexecdhs.o kexc25519s.o
9 + kexdhs.o kexgexs.o kexecdhs.o kexc25519s.o auditstub.o
11 SSHOBJS= ssh.o readconf.o clientloop.o sshtty.o \
12 sshconnect.o sshconnect1.o sshconnect2.o mux.o \
13 diff -up openssh-6.8p1/audit-bsm.c.audit openssh-6.8p1/audit-bsm.c
14 --- openssh-6.8p1/audit-bsm.c.audit 2015-03-17 06:49:20.000000000 +0100
15 +++ openssh-6.8p1/audit-bsm.c 2015-03-20 13:41:15.092883782 +0100
16 @@ -375,10 +375,23 @@ audit_connection_from(const char *host,
22 audit_run_command(const char *command)
29 +audit_end_command(int handle, const char *command)
31 + /* not implemented */
35 +audit_count_session_open(void)
41 @@ -393,6 +406,12 @@ audit_session_close(struct logininfo *li)
46 +audit_keyusage(int host_user, const char *type, unsigned bits, char *fp, int rv)
48 + /* not implemented */
52 audit_event(ssh_audit_event_t event)
54 @@ -454,4 +473,40 @@ audit_event(ssh_audit_event_t event)
55 debug("%s: unhandled event %d", __func__, event);
60 +audit_unsupported_body(int what)
62 + /* not implemented */
66 +audit_kex_body(int ctos, char *enc, char *mac, char *compress, char *pfs, pid_t pid, uid_t uid)
68 + /* not implemented */
72 +audit_session_key_free_body(int ctos, pid_t pid, uid_t uid)
74 + /* not implemented */
78 +audit_destroy_sensitive_data(const char *fp)
80 + /* not implemented */
84 +audit_destroy_sensitive_data(const char *fp, pid_t pid, uid_t uid)
86 + /* not implemented */
90 +audit_generate_ephemeral_server_key(const char *fp)
92 + /* not implemented */
95 diff -up openssh-6.8p1/audit-linux.c.audit openssh-6.8p1/audit-linux.c
96 --- openssh-6.8p1/audit-linux.c.audit 2015-03-17 06:49:20.000000000 +0100
97 +++ openssh-6.8p1/audit-linux.c 2015-03-20 13:41:15.093883780 +0100
103 +#include "hostfile.h"
105 +#include "misc.h" /* servconf.h needs misc.h for struct ForwardOptions */
106 +#include "servconf.h"
107 #include "canohost.h"
111 +#define AUDIT_LOG_SIZE 256
113 +extern ServerOptions options;
114 +extern Authctxt *the_authctxt;
115 +extern u_int utmp_len;
116 const char* audit_username(void);
119 -linux_audit_record_event(int uid, const char *username,
120 - const char *hostname, const char *ip, const char *ttyn, int success)
122 +linux_audit_user_logxxx(int uid, const char *username,
123 + const char *hostname, const char *ip, const char *ttyn, int success, int event)
125 int audit_fd, rc, saved_errno;
127 @@ -49,11 +61,11 @@ linux_audit_record_event(int uid, const char *username,
129 if (errno == EINVAL || errno == EPROTONOSUPPORT ||
130 errno == EAFNOSUPPORT)
131 - return 1; /* No audit support in kernel */
132 + return; /* No audit support in kernel */
134 - return 0; /* Must prevent login */
135 + goto fatal_report; /* Must prevent login */
137 - rc = audit_log_acct_message(audit_fd, AUDIT_USER_LOGIN,
138 + rc = audit_log_acct_message(audit_fd, event,
139 NULL, "login", username ? username : "(unknown)",
140 username == NULL ? uid : -1, hostname, ip, ttyn, success);
142 @@ -65,35 +77,154 @@ linux_audit_record_event(int uid, const char *username,
143 if ((rc == -EPERM) && (geteuid() != 0))
149 + fatal("linux_audit_write_entry failed: %s", strerror(errno));
154 +linux_audit_user_auth(int uid, const char *username,
155 + const char *hostname, const char *ip, const char *ttyn, int success, int event)
157 + int audit_fd, rc, saved_errno;
158 + static const char *event_name[] = {
159 + "maxtries exceeded",
164 + "challenge-response",
170 + "connection closed",
171 + "connection abandoned",
175 + audit_fd = audit_open();
176 + if (audit_fd < 0) {
177 + if (errno == EINVAL || errno == EPROTONOSUPPORT ||
178 + errno == EAFNOSUPPORT)
179 + return; /* No audit support in kernel */
181 + goto fatal_report; /* Must prevent login */
184 + if ((event < 0) || (event > SSH_AUDIT_UNKNOWN))
185 + event = SSH_AUDIT_UNKNOWN;
187 + rc = audit_log_acct_message(audit_fd, AUDIT_USER_AUTH,
188 + NULL, event_name[event], username ? username : "(unknown)",
189 + username == NULL ? uid : -1, hostname, ip, ttyn, success);
190 + saved_errno = errno;
193 + * Do not report error if the error is EPERM and sshd is run as non
196 + if ((rc == -EPERM) && (geteuid() != 0))
198 + errno = saved_errno;
201 + fatal("linux_audit_write_entry failed: %s", strerror(errno));
206 +audit_keyusage(int host_user, const char *type, unsigned bits, char *fp, int rv)
208 + char buf[AUDIT_LOG_SIZE];
209 + int audit_fd, rc, saved_errno;
211 + audit_fd = audit_open();
212 + if (audit_fd < 0) {
213 + if (errno == EINVAL || errno == EPROTONOSUPPORT ||
214 + errno == EAFNOSUPPORT)
215 + return 1; /* No audit support in kernel */
217 + return 0; /* Must prevent login */
219 + snprintf(buf, sizeof(buf), "%s_auth rport=%d", host_user ? "pubkey" : "hostbased", get_remote_port());
220 + rc = audit_log_acct_message(audit_fd, AUDIT_USER_AUTH, NULL,
221 + buf, audit_username(), -1, NULL, get_remote_ipaddr(), NULL, rv);
222 + if ((rc < 0) && ((rc != -1) || (getuid() == 0)))
224 + /* is the fingerprint_prefix() still needed?
225 + snprintf(buf, sizeof(buf), "key algo=%s size=%d fp=%s%s rport=%d",
226 + type, bits, sshkey_fingerprint_prefix(), fp, get_remote_port());
228 + snprintf(buf, sizeof(buf), "key algo=%s size=%d fp=%s rport=%d",
229 + type, bits, fp, get_remote_port());
230 + rc = audit_log_acct_message(audit_fd, AUDIT_USER_AUTH, NULL,
231 + buf, audit_username(), -1, NULL, get_remote_ipaddr(), NULL, rv);
233 + saved_errno = errno;
234 + audit_close(audit_fd);
235 + errno = saved_errno;
236 + /* do not report error if the error is EPERM and sshd is run as non root user */
237 + return (rc >= 0) || ((rc == -EPERM) && (getuid() != 0));
240 +static int user_login_count = 0;
242 /* Below is the sshd audit API code */
245 audit_connection_from(const char *host, int port)
248 /* not implemented */
253 audit_run_command(const char *command)
255 - /* not implemented */
256 + if (!user_login_count++)
257 + linux_audit_user_logxxx(the_authctxt->pw->pw_uid, NULL, get_remote_name_or_ip(utmp_len, options.use_dns),
258 + NULL, "ssh", 1, AUDIT_USER_LOGIN);
259 + linux_audit_user_logxxx(the_authctxt->pw->pw_uid, NULL, get_remote_name_or_ip(utmp_len, options.use_dns),
260 + NULL, "ssh", 1, AUDIT_USER_START);
265 +audit_end_command(int handle, const char *command)
267 + linux_audit_user_logxxx(the_authctxt->pw->pw_uid, NULL, get_remote_name_or_ip(utmp_len, options.use_dns),
268 + NULL, "ssh", 1, AUDIT_USER_END);
269 + if (user_login_count && !--user_login_count)
270 + linux_audit_user_logxxx(the_authctxt->pw->pw_uid, NULL, get_remote_name_or_ip(utmp_len, options.use_dns),
271 + NULL, "ssh", 1, AUDIT_USER_LOGOUT);
275 +audit_count_session_open(void)
277 + user_login_count++;
281 audit_session_open(struct logininfo *li)
283 - if (linux_audit_record_event(li->uid, NULL, li->hostname,
284 - NULL, li->line, 1) == 0)
285 - fatal("linux_audit_write_entry failed: %s", strerror(errno));
286 + if (!user_login_count++)
287 + linux_audit_user_logxxx(li->uid, NULL, li->hostname,
288 + NULL, li->line, 1, AUDIT_USER_LOGIN);
289 + linux_audit_user_logxxx(li->uid, NULL, li->hostname,
290 + NULL, li->line, 1, AUDIT_USER_START);
294 audit_session_close(struct logininfo *li)
296 - /* not implemented */
297 + linux_audit_user_logxxx(li->uid, NULL, li->hostname,
298 + NULL, li->line, 1, AUDIT_USER_END);
299 + if (user_login_count && !--user_login_count)
300 + linux_audit_user_logxxx(li->uid, NULL, li->hostname,
301 + NULL, li->line, 1, AUDIT_USER_LOGOUT);
305 @@ -101,21 +232,43 @@ audit_event(ssh_audit_event_t event)
308 case SSH_AUTH_SUCCESS:
309 - case SSH_CONNECTION_CLOSE:
310 + linux_audit_user_auth(-1, audit_username(), NULL,
311 + get_remote_ipaddr(), "ssh", 1, event);
315 - case SSH_LOGIN_EXCEED_MAXTRIES:
316 case SSH_LOGIN_ROOT_DENIED:
317 + linux_audit_user_auth(-1, audit_username(), NULL,
318 + get_remote_ipaddr(), "ssh", 0, event);
319 + linux_audit_user_logxxx(-1, audit_username(), NULL,
320 + get_remote_ipaddr(), "ssh", 0, AUDIT_USER_LOGIN);
323 + case SSH_LOGIN_EXCEED_MAXTRIES:
324 case SSH_AUTH_FAIL_NONE:
325 case SSH_AUTH_FAIL_PASSWD:
326 case SSH_AUTH_FAIL_KBDINT:
327 case SSH_AUTH_FAIL_PUBKEY:
328 case SSH_AUTH_FAIL_HOSTBASED:
329 case SSH_AUTH_FAIL_GSSAPI:
330 + linux_audit_user_auth(-1, audit_username(), NULL,
331 + get_remote_ipaddr(), "ssh", 0, event);
334 + case SSH_CONNECTION_CLOSE:
335 + if (user_login_count) {
336 + while (user_login_count--)
337 + linux_audit_user_logxxx(the_authctxt->pw->pw_uid, NULL, get_remote_name_or_ip(utmp_len, options.use_dns),
338 + NULL, "ssh", 1, AUDIT_USER_END);
339 + linux_audit_user_logxxx(the_authctxt->pw->pw_uid, NULL, get_remote_name_or_ip(utmp_len, options.use_dns),
340 + NULL, "ssh", 1, AUDIT_USER_LOGOUT);
344 + case SSH_CONNECTION_ABANDON:
345 case SSH_INVALID_USER:
346 - linux_audit_record_event(-1, audit_username(), NULL,
347 - get_remote_ipaddr(), "sshd", 0);
348 + linux_audit_user_logxxx(-1, audit_username(), NULL,
349 + get_remote_ipaddr(), "ssh", 0, AUDIT_USER_LOGIN);
353 @@ -123,4 +276,135 @@ audit_event(ssh_audit_event_t event)
358 +audit_unsupported_body(int what)
360 +#ifdef AUDIT_CRYPTO_SESSION
361 + char buf[AUDIT_LOG_SIZE];
362 + const static char *name[] = { "cipher", "mac", "comp" };
366 + snprintf(buf, sizeof(buf), "op=unsupported-%s direction=? cipher=? ksize=? rport=%d laddr=%s lport=%d ",
367 + name[what], get_remote_port(), (s = get_local_ipaddr(packet_get_connection_in())),
370 + audit_fd = audit_open();
372 + /* no problem, the next instruction will be fatal() */
374 + audit_log_user_message(audit_fd, AUDIT_CRYPTO_SESSION,
375 + buf, NULL, get_remote_ipaddr(), NULL, 0);
376 + audit_close(audit_fd);
380 +const static char *direction[] = { "from-server", "from-client", "both" };
383 +audit_kex_body(int ctos, char *enc, char *mac, char *compress, char *pfs, pid_t pid,
386 +#ifdef AUDIT_CRYPTO_SESSION
387 + char buf[AUDIT_LOG_SIZE];
388 + int audit_fd, audit_ok;
389 + const Cipher *cipher = cipher_by_name(enc);
392 + snprintf(buf, sizeof(buf), "op=start direction=%s cipher=%s ksize=%d mac=%s pfs=%s spid=%jd suid=%jd rport=%d laddr=%s lport=%d ",
393 + direction[ctos], enc, cipher ? 8 * cipher->key_len : 0, mac, pfs,
394 + (intmax_t)pid, (intmax_t)uid,
395 + get_remote_port(), (s = get_local_ipaddr(packet_get_connection_in())), get_local_port());
397 + audit_fd = audit_open();
398 + if (audit_fd < 0) {
399 + if (errno == EINVAL || errno == EPROTONOSUPPORT ||
400 + errno == EAFNOSUPPORT)
401 + return; /* No audit support in kernel */
403 + fatal("cannot open audit"); /* Must prevent login */
405 + audit_ok = audit_log_user_message(audit_fd, AUDIT_CRYPTO_SESSION,
406 + buf, NULL, get_remote_ipaddr(), NULL, 1);
407 + audit_close(audit_fd);
408 + /* do not abort if the error is EPERM and sshd is run as non root user */
409 + if ((audit_ok < 0) && ((audit_ok != -1) || (getuid() == 0)))
410 + fatal("cannot write into audit"); /* Must prevent login */
415 +audit_session_key_free_body(int ctos, pid_t pid, uid_t uid)
417 + char buf[AUDIT_LOG_SIZE];
418 + int audit_fd, audit_ok;
421 + snprintf(buf, sizeof(buf), "op=destroy kind=session fp=? direction=%s spid=%jd suid=%jd rport=%d laddr=%s lport=%d ",
422 + direction[ctos], (intmax_t)pid, (intmax_t)uid,
424 + (s = get_local_ipaddr(packet_get_connection_in())),
427 + audit_fd = audit_open();
428 + if (audit_fd < 0) {
429 + if (errno != EINVAL && errno != EPROTONOSUPPORT &&
430 + errno != EAFNOSUPPORT)
431 + error("cannot open audit");
434 + audit_ok = audit_log_user_message(audit_fd, AUDIT_CRYPTO_KEY_USER,
435 + buf, NULL, get_remote_ipaddr(), NULL, 1);
436 + audit_close(audit_fd);
437 + /* do not abort if the error is EPERM and sshd is run as non root user */
438 + if ((audit_ok < 0) && ((audit_ok != -1) || (getuid() == 0)))
439 + error("cannot write into audit");
443 +audit_destroy_sensitive_data(const char *fp, pid_t pid, uid_t uid)
445 + char buf[AUDIT_LOG_SIZE];
446 + int audit_fd, audit_ok;
448 + snprintf(buf, sizeof(buf), "op=destroy kind=server fp=%s direction=? spid=%jd suid=%jd ",
449 + fp, (intmax_t)pid, (intmax_t)uid);
450 + audit_fd = audit_open();
451 + if (audit_fd < 0) {
452 + if (errno != EINVAL && errno != EPROTONOSUPPORT &&
453 + errno != EAFNOSUPPORT)
454 + error("cannot open audit");
457 + audit_ok = audit_log_user_message(audit_fd, AUDIT_CRYPTO_KEY_USER,
459 + listening_for_clients() ? get_remote_ipaddr() : NULL,
461 + audit_close(audit_fd);
462 + /* do not abort if the error is EPERM and sshd is run as non root user */
463 + if ((audit_ok < 0) && ((audit_ok != -1) || (getuid() == 0)))
464 + error("cannot write into audit");
468 +audit_generate_ephemeral_server_key(const char *fp)
470 + char buf[AUDIT_LOG_SIZE];
471 + int audit_fd, audit_ok;
473 + snprintf(buf, sizeof(buf), "op=create kind=server fp=%s direction=? ", fp);
474 + audit_fd = audit_open();
475 + if (audit_fd < 0) {
476 + if (errno != EINVAL && errno != EPROTONOSUPPORT &&
477 + errno != EAFNOSUPPORT)
478 + error("cannot open audit");
481 + audit_ok = audit_log_user_message(audit_fd, AUDIT_CRYPTO_KEY_USER,
482 + buf, NULL, 0, NULL, 1);
483 + audit_close(audit_fd);
484 + /* do not abort if the error is EPERM and sshd is run as non root user */
485 + if ((audit_ok < 0) && ((audit_ok != -1) || (getuid() == 0)))
486 + error("cannot write into audit");
488 #endif /* USE_LINUX_AUDIT */
489 diff -up openssh-6.8p1/audit.c.audit openssh-6.8p1/audit.c
490 --- openssh-6.8p1/audit.c.audit 2015-03-17 06:49:20.000000000 +0100
491 +++ openssh-6.8p1/audit.c 2015-03-20 13:41:15.093883780 +0100
498 #ifdef SSH_AUDIT_EVENTS
502 #include "hostfile.h"
504 +#include "ssh-gss.h"
505 +#include "monitor_wrap.h"
506 +#include "xmalloc.h"
508 +#include "servconf.h"
511 * Care must be taken when using this since it WILL NOT be initialized when
513 * audit_event(CONNECTION_ABANDON) is called. Test for NULL before using.
515 extern Authctxt *the_authctxt;
516 +extern ServerOptions options;
518 /* Maybe add the audit class to struct Authmethod? */
520 @@ -71,13 +78,10 @@ audit_classify_auth(const char *method)
524 - static const char unknownuser[] = "(unknown user)";
525 - static const char invaliduser[] = "(invalid user)";
526 + static const char unknownuser[] = "(unknown)";
528 - if (the_authctxt == NULL || the_authctxt->user == NULL)
529 + if (the_authctxt == NULL || the_authctxt->user == NULL || !the_authctxt->valid)
530 return (unknownuser);
531 - if (!the_authctxt->valid)
532 - return (invaliduser);
533 return (the_authctxt->user);
536 @@ -111,6 +115,40 @@ audit_event_lookup(ssh_audit_event_t ev)
537 return(event_lookup[i].name);
541 +audit_key(int host_user, int *rv, const Key *key)
544 + const char *crypto_name;
546 + fp = sshkey_fingerprint(key, options.fingerprint_hash, SSH_FP_HEX);
547 + if (key->type == KEY_RSA1)
548 + crypto_name = "ssh-rsa1";
550 + crypto_name = key_ssh_name(key);
551 + if (audit_keyusage(host_user, crypto_name, key_size(key), fp, *rv) == 0)
557 +audit_unsupported(int what)
559 + PRIVSEP(audit_unsupported_body(what));
563 +audit_kex(int ctos, char *enc, char *mac, char *comp, char *pfs)
565 + PRIVSEP(audit_kex_body(ctos, enc, mac, comp, pfs, getpid(), getuid()));
569 +audit_session_key_free(int ctos)
571 + PRIVSEP(audit_session_key_free_body(ctos, getpid(), getuid()));
574 # ifndef CUSTOM_SSH_AUDIT_EVENTS
576 * Null implementations of audit functions.
577 @@ -140,6 +178,17 @@ audit_event(ssh_audit_event_t event)
581 + * Called when a child process has called, or will soon call,
582 + * audit_session_open.
585 +audit_count_session_open(void)
587 + debug("audit count session open euid %d user %s", geteuid(),
592 * Called when a user session is started. Argument is the tty allocated to
593 * the session, or NULL if no tty was allocated.
595 @@ -174,13 +223,91 @@ audit_session_close(struct logininfo *li)
597 * This will be called when a user runs a non-interactive command. Note that
598 * it may be called multiple times for a single connection since SSH2 allows
599 - * multiple sessions within a single connection.
600 + * multiple sessions within a single connection. Returns a "handle" for
601 + * audit_end_command.
605 audit_run_command(const char *command)
607 debug("audit run command euid %d user %s command '%.200s'", geteuid(),
608 audit_username(), command);
613 + * This will be called when the non-interactive command finishes. Note that
614 + * it may be called multiple times for a single connection since SSH2 allows
615 + * multiple sessions within a single connection. "handle" should come from
616 + * the corresponding audit_run_command.
619 +audit_end_command(int handle, const char *command)
621 + debug("audit end nopty exec euid %d user %s command '%.200s'", geteuid(),
622 + audit_username(), command);
626 + * This will be called when user is successfully autherized by the RSA1/RSA/DSA key.
628 + * Type is the key type, len is the key length(byte) and fp is the fingerprint of the key.
631 +audit_keyusage(int host_user, const char *type, unsigned bits, char *fp, int rv)
633 + debug("audit %s key usage euid %d user %s key type %s key length %d fingerprint %s%s, result %d",
634 + host_user ? "pubkey" : "hostbased", geteuid(), audit_username(), type, bits,
635 + sshkey_fingerprint_prefix(), fp, rv);
639 + * This will be called when the protocol negotiation fails.
642 +audit_unsupported_body(int what)
644 + debug("audit unsupported protocol euid %d type %d", geteuid(), what);
648 + * This will be called on succesfull protocol negotiation.
651 +audit_kex_body(int ctos, char *enc, char *mac, char *compress, char *pfs, pid_t pid,
654 + debug("audit protocol negotiation euid %d direction %d cipher %s mac %s compresion %s pfs %s from pid %ld uid %u",
655 + (unsigned)geteuid(), ctos, enc, mac, compress, pfs, (long)pid,
660 + * This will be called on succesfull session key discard
663 +audit_session_key_free_body(int ctos, pid_t pid, uid_t uid)
665 + debug("audit session key discard euid %u direction %d from pid %ld uid %u",
666 + (unsigned)geteuid(), ctos, (long)pid, (unsigned)uid);
670 + * This will be called on destroy private part of the server key
673 +audit_destroy_sensitive_data(const char *fp, pid_t pid, uid_t uid)
675 + debug("audit destroy sensitive data euid %d fingerprint %s from pid %ld uid %u",
676 + geteuid(), fp, (long)pid, (unsigned)uid);
680 + * This will be called on generation of the ephemeral server key
683 +audit_generate_ephemeral_server_key(const char *)
685 + debug("audit create ephemeral server key euid %d fingerprint %s", geteuid(), fp);
687 # endif /* !defined CUSTOM_SSH_AUDIT_EVENTS */
688 #endif /* SSH_AUDIT_EVENTS */
689 diff -up openssh-6.8p1/audit.h.audit openssh-6.8p1/audit.h
690 --- openssh-6.8p1/audit.h.audit 2015-03-17 06:49:20.000000000 +0100
691 +++ openssh-6.8p1/audit.h 2015-03-20 13:41:15.093883780 +0100
693 # define _SSH_AUDIT_H
695 #include "loginrec.h"
698 enum ssh_audit_event_type {
699 SSH_LOGIN_EXCEED_MAXTRIES,
700 @@ -47,11 +48,25 @@ enum ssh_audit_event_type {
702 typedef enum ssh_audit_event_type ssh_audit_event_t;
704 +int listening_for_clients(void);
706 void audit_connection_from(const char *, int);
707 void audit_event(ssh_audit_event_t);
708 +void audit_count_session_open(void);
709 void audit_session_open(struct logininfo *);
710 void audit_session_close(struct logininfo *);
711 -void audit_run_command(const char *);
712 +int audit_run_command(const char *);
713 +void audit_end_command(int, const char *);
714 ssh_audit_event_t audit_classify_auth(const char *);
715 +int audit_keyusage(int, const char *, unsigned, char *, int);
716 +void audit_key(int, int *, const Key *);
717 +void audit_unsupported(int);
718 +void audit_kex(int, char *, char *, char *, char *);
719 +void audit_unsupported_body(int);
720 +void audit_kex_body(int, char *, char *, char *, char *, pid_t, uid_t);
721 +void audit_session_key_free(int ctos);
722 +void audit_session_key_free_body(int ctos, pid_t, uid_t);
723 +void audit_destroy_sensitive_data(const char *, pid_t, uid_t);
724 +void audit_generate_ephemeral_server_key(const char *);
726 #endif /* _SSH_AUDIT_H */
727 diff -up openssh-6.8p1/auditstub.c.audit openssh-6.8p1/auditstub.c
728 --- openssh-6.8p1/auditstub.c.audit 2015-03-20 13:41:15.093883780 +0100
729 +++ openssh-6.8p1/auditstub.c 2015-03-20 13:41:15.093883780 +0100
731 +/* $Id: auditstub.c,v 1.1 jfch Exp $ */
734 + * Copyright 2010 Red Hat, Inc. All rights reserved.
735 + * Use is subject to license terms.
737 + * Redistribution and use in source and binary forms, with or without
738 + * modification, are permitted provided that the following conditions
740 + * 1. Redistributions of source code must retain the above copyright
741 + * notice, this list of conditions and the following disclaimer.
742 + * 2. Redistributions in binary form must reproduce the above copyright
743 + * notice, this list of conditions and the following disclaimer in the
744 + * documentation and/or other materials provided with the distribution.
746 + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
747 + * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
748 + * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
749 + * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
750 + * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
751 + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
752 + * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
753 + * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
754 + * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
755 + * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
757 + * Red Hat author: Jan F. Chadima <jchadima@redhat.com>
760 +#include <sys/types.h>
763 +audit_unsupported(int n)
768 +audit_kex(int ctos, char *enc, char *mac, char *comp, char *pfs)
773 +audit_session_key_free(int ctos)
778 +audit_session_key_free_body(int ctos, pid_t pid, uid_t uid)
781 diff -up openssh-6.8p1/auth-rsa.c.audit openssh-6.8p1/auth-rsa.c
782 --- openssh-6.8p1/auth-rsa.c.audit 2015-03-17 06:49:20.000000000 +0100
783 +++ openssh-6.8p1/auth-rsa.c 2015-03-20 13:41:15.094883779 +0100
784 @@ -95,7 +95,10 @@ auth_rsa_verify_response(Key *key, BIGNUM *challenge, u_char response[16])
786 u_char buf[32], mdbuf[16];
787 struct ssh_digest_ctx *md;
790 +#ifdef SSH_AUDIT_EVENTS
794 /* don't allow short keys */
795 if (BN_num_bits(key->rsa->n) < SSH_RSA_MINIMUM_MODULUS_SIZE) {
796 @@ -119,12 +122,18 @@ auth_rsa_verify_response(Key *key, BIGNUM *challenge, u_char response[16])
799 /* Verify that the response is the original challenge. */
800 - if (timingsafe_bcmp(response, mdbuf, 16) != 0) {
801 - /* Wrong answer. */
803 + rv = timingsafe_bcmp(response, mdbuf, 16) == 0;
805 +#ifdef SSH_AUDIT_EVENTS
806 + fp = sshkey_fingerprint(key, options.fingerprint_hash, SSH_FP_HEX);
807 + if (audit_keyusage(1, "ssh-rsa1", RSA_size(key->rsa) * 8, fp, rv) == 0) {
808 + debug("unsuccessful audit");
811 - /* Correct answer. */
820 diff -up openssh-6.8p1/auth.c.audit openssh-6.8p1/auth.c
821 --- openssh-6.8p1/auth.c.audit 2015-03-17 06:49:20.000000000 +0100
822 +++ openssh-6.8p1/auth.c 2015-03-20 13:41:15.094883779 +0100
823 @@ -644,9 +644,6 @@ getpwnamallow(const char *user)
824 record_failed_login(user,
825 get_canonical_hostname(options.use_dns), "ssh");
827 -#ifdef SSH_AUDIT_EVENTS
828 - audit_event(SSH_INVALID_USER);
829 -#endif /* SSH_AUDIT_EVENTS */
832 if (!allowed_user(pw))
833 diff -up openssh-6.8p1/auth.h.audit openssh-6.8p1/auth.h
834 --- openssh-6.8p1/auth.h.audit 2015-03-20 13:41:15.002883927 +0100
835 +++ openssh-6.8p1/auth.h 2015-03-20 13:41:15.094883779 +0100
836 @@ -195,6 +195,7 @@ void abandon_challenge_response(Authctxt
838 char *expand_authorized_keys(const char *, struct passwd *pw);
839 char *authorized_principals_file(struct passwd *);
840 +int user_key_verify(const Key *, const u_char *, u_int, const u_char *, u_int);
842 FILE *auth_openkeyfile(const char *, struct passwd *, int);
843 FILE *auth_openprincipals(const char *, struct passwd *, int);
844 @@ -213,6 +214,7 @@ int get_hostkey_index(Key *, int, struc
845 int ssh1_session_key(BIGNUM *);
846 int sshd_hostkey_sign(Key *, Key *, u_char **, size_t *,
847 const u_char *, size_t, u_int);
848 +int hostbased_key_verify(const Key *, const u_char *, u_int, const u_char *, u_int);
850 /* debug messages during authentication */
851 void auth_debug_add(const char *fmt,...) __attribute__((format(printf, 1, 2)));
852 diff -up openssh-6.8p1/auth2-hostbased.c.audit openssh-6.8p1/auth2-hostbased.c
853 --- openssh-6.8p1/auth2-hostbased.c.audit 2015-03-20 13:41:15.002883927 +0100
854 +++ openssh-6.8p1/auth2-hostbased.c 2015-03-20 13:41:15.093883780 +0100
855 @@ -147,7 +147,7 @@ userauth_hostbased(Authctxt *authctxt)
856 /* test for allowed key and correct signature */
858 if (PRIVSEP(hostbased_key_allowed(authctxt->pw, cuser, chost, key)) &&
859 - PRIVSEP(key_verify(key, sig, slen, buffer_ptr(&b),
860 + PRIVSEP(hostbased_key_verify(key, sig, slen, buffer_ptr(&b),
861 buffer_len(&b))) == 1)
864 @@ -164,6 +164,18 @@ done:
865 return authenticated;
869 +hostbased_key_verify(const Key *key, const u_char *sig, u_int slen, const u_char *data, u_int datalen)
873 + rv = key_verify(key, sig, slen, data, datalen);
874 +#ifdef SSH_AUDIT_EVENTS
875 + audit_key(0, &rv, key);
880 /* return 1 if given hostkey is allowed */
882 hostbased_key_allowed(struct passwd *pw, const char *cuser, char *chost,
883 diff -up openssh-6.8p1/auth2-pubkey.c.audit openssh-6.8p1/auth2-pubkey.c
884 --- openssh-6.8p1/auth2-pubkey.c.audit 2015-03-20 13:41:15.013883910 +0100
885 +++ openssh-6.8p1/auth2-pubkey.c 2015-03-20 13:41:15.094883779 +0100
886 @@ -172,7 +172,7 @@ userauth_pubkey(Authctxt *authctxt)
887 /* test for correct signature */
889 if (PRIVSEP(user_key_allowed(authctxt->pw, key)) &&
890 - PRIVSEP(key_verify(key, sig, slen, buffer_ptr(&b),
891 + PRIVSEP(user_key_verify(key, sig, slen, buffer_ptr(&b),
892 buffer_len(&b))) == 1) {
894 /* Record the successful key to prevent reuse */
895 @@ -250,6 +250,18 @@ pubkey_auth_info(Authctxt *authctxt, con
900 +user_key_verify(const Key *key, const u_char *sig, u_int slen, const u_char *data, u_int datalen)
904 + rv = key_verify(key, sig, slen, data, datalen);
905 +#ifdef SSH_AUDIT_EVENTS
906 + audit_key(1, &rv, key);
912 match_principals_option(const char *principal_list, struct sshkey_cert *cert)
914 diff -up openssh-6.8p1/auth2.c.audit openssh-6.8p1/auth2.c
915 --- openssh-6.8p1/auth2.c.audit 2015-03-20 13:41:15.044883860 +0100
916 +++ openssh-6.8p1/auth2.c 2015-03-20 13:41:15.093883780 +0100
917 @@ -249,9 +249,6 @@ input_userauth_request(int type, u_int32
919 logit("input_userauth_request: invalid user %s", user);
920 authctxt->pw = fakepw();
921 -#ifdef SSH_AUDIT_EVENTS
922 - PRIVSEP(audit_event(SSH_INVALID_USER));
927 diff -up openssh-6.8p1/cipher.c.audit openssh-6.8p1/cipher.c
928 --- openssh-6.8p1/cipher.c.audit 2015-03-17 06:49:20.000000000 +0100
929 +++ openssh-6.8p1/cipher.c 2015-03-20 13:41:15.101883767 +0100
930 @@ -57,26 +59,6 @@ extern const EVP_CIPHER *evp_ssh1_3des(v
931 extern int ssh1_3des_iv(EVP_CIPHER_CTX *, int, u_char *, int);
936 - int number; /* for ssh1 only */
939 - u_int iv_len; /* defaults to block_size */
943 -#define CFLAG_CBC (1<<0)
944 -#define CFLAG_CHACHAPOLY (1<<1)
945 -#define CFLAG_AESCTR (1<<2)
946 -#define CFLAG_NONE (1<<3)
948 - const EVP_CIPHER *(*evptype)(void);
954 static const struct sshcipher ciphers[] = {
956 { "des", SSH_CIPHER_DES, 8, 8, 0, 0, 0, 1, EVP_des_cbc },
957 diff -up openssh-6.8p1/cipher.h.audit openssh-6.8p1/cipher.h
958 --- openssh-6.8p1/cipher.h.audit 2015-03-17 06:49:20.000000000 +0100
959 +++ openssh-6.8p1/cipher.h 2015-03-20 13:41:15.094883779 +0100
961 #define CIPHER_ENCRYPT 1
962 #define CIPHER_DECRYPT 0
967 + int number; /* for ssh1 only */
970 + u_int iv_len; /* defaults to block_size */
974 +#define CFLAG_CBC (1<<0)
975 +#define CFLAG_CHACHAPOLY (1<<1)
976 +#define CFLAG_AESCTR (1<<2)
977 +#define CFLAG_NONE (1<<3)
979 + const EVP_CIPHER *(*evptype)(void);
985 struct sshcipher_ctx {
988 diff -up openssh-6.8p1/kex.c.audit openssh-6.8p1/kex.c
989 --- openssh-6.8p1/kex.c.audit 2015-03-20 13:41:15.046883856 +0100
990 +++ openssh-6.8p1/kex.c 2015-03-20 13:41:15.101883767 +0100
999 @@ -484,8 +508,12 @@ choose_enc(struct sshenc *enc, char *cli
1001 char *name = match_list(client, server, NULL);
1004 + if (name == NULL) {
1005 +#ifdef SSH_AUDIT_EVENTS
1006 + audit_unsupported(0);
1008 return SSH_ERR_NO_CIPHER_ALG_MATCH;
1010 if ((enc->cipher = cipher_by_name(name)) == NULL)
1011 return SSH_ERR_INTERNAL_ERROR;
1013 @@ -503,8 +531,12 @@ choose_mac(struct ssh *ssh, struct sshma
1015 char *name = match_list(client, server, NULL);
1018 + if (name == NULL) {
1019 +#ifdef SSH_AUDIT_EVENTS
1020 + audit_unsupported(1);
1022 return SSH_ERR_NO_MAC_ALG_MATCH;
1024 if (mac_setup(mac, name) < 0)
1025 return SSH_ERR_INTERNAL_ERROR;
1026 /* truncate the key */
1027 @@ -521,8 +553,12 @@ choose_comp(struct sshcomp *comp, char *
1029 char *name = match_list(client, server, NULL);
1032 + if (name == NULL) {
1033 +#ifdef SSH_AUDIT_EVENTS
1034 + audit_unsupported(2);
1036 return SSH_ERR_NO_COMPRESS_ALG_MATCH;
1038 if (strcmp(name, "zlib@openssh.com") == 0) {
1039 comp->type = COMP_DELAYED;
1040 } else if (strcmp(name, "zlib") == 0) {
1041 @@ -672,6 +708,10 @@ kex_choose_conf(struct ssh *ssh)
1042 dh_need = MAX(dh_need, newkeys->enc.block_size);
1043 dh_need = MAX(dh_need, newkeys->enc.iv_len);
1044 dh_need = MAX(dh_need, newkeys->mac.key_len);
1045 + debug("kex: %s need=%d dh_need=%d", kex->name, need, dh_need);
1046 +#ifdef SSH_AUDIT_EVENTS
1047 + audit_kex(mode, newkeys->enc.name, newkeys->mac.name, newkeys->comp.name, kex->name);
1050 /* XXX need runden? */
1051 kex->we_need = need;
1052 @@ -847,3 +887,34 @@ dump_digest(char *msg, u_char *digest, i
1053 sshbuf_dump_data(digest, len, stderr);
1058 +enc_destroy(struct sshenc *enc)
1064 + memset(enc->key, 0, enc->key_len);
1069 + memset(enc->iv, 0, enc->block_size);
1073 + memset(enc, 0, sizeof(*enc));
1077 +newkeys_destroy(struct newkeys *newkeys)
1079 + if (newkeys == NULL)
1082 + enc_destroy(&newkeys->enc);
1083 + mac_destroy(&newkeys->mac);
1084 + memset(&newkeys->comp, 0, sizeof(newkeys->comp));
1087 diff -up openssh-6.8p1/kex.h.audit openssh-6.8p1/kex.h
1088 --- openssh-6.8p1/kex.h.audit 2015-03-20 13:41:15.046883856 +0100
1089 +++ openssh-6.8p1/kex.h 2015-03-20 13:41:15.095883777 +0100
1090 @@ -199,6 +199,8 @@ int kexgss_client(struct ssh *);
1091 int kexgss_server(struct ssh *);
1094 +void newkeys_destroy(struct newkeys *newkeys);
1096 int kex_dh_hash(const char *, const char *,
1097 const u_char *, size_t, const u_char *, size_t, const u_char *, size_t,
1098 const BIGNUM *, const BIGNUM *, const BIGNUM *, u_char *, size_t *);
1099 diff -up openssh-6.8p1/key.h.audit openssh-6.8p1/key.h
1100 --- openssh-6.8p1/key.h.audit 2015-03-17 06:49:20.000000000 +0100
1101 +++ openssh-6.8p1/key.h 2015-03-20 13:41:15.095883777 +0100
1102 @@ -50,6 +50,7 @@ typedef struct sshkey Key;
1103 #define key_ecdsa_bits_to_nid sshkey_ecdsa_bits_to_nid
1104 #define key_ecdsa_key_to_nid sshkey_ecdsa_key_to_nid
1105 #define key_is_cert sshkey_is_cert
1106 +#define key_is_private sshkey_is_private
1107 #define key_type_plain sshkey_type_plain
1108 #define key_cert_is_legacy sshkey_cert_is_legacy
1109 #define key_curve_name_to_nid sshkey_curve_name_to_nid
1110 diff -up openssh-6.8p1/mac.c.audit openssh-6.8p1/mac.c
1111 --- openssh-6.8p1/mac.c.audit 2015-03-17 06:49:20.000000000 +0100
1112 +++ openssh-6.8p1/mac.c 2015-03-20 13:41:15.102883766 +0100
1113 @@ -226,6 +246,20 @@ mac_clear(struct sshmac *mac)
1114 mac->umac_ctx = NULL;
1118 +mac_destroy(struct sshmac *mac)
1124 + memset(mac->key, 0, mac->key_len);
1128 + memset(mac, 0, sizeof(*mac));
1131 /* XXX copied from ciphers_valid */
1134 diff -up openssh-6.8p1/mac.h.audit openssh-6.8p1/mac.h
1135 --- openssh-6.8p1/mac.h.audit 2015-03-17 06:49:20.000000000 +0100
1136 +++ openssh-6.8p1/mac.h 2015-03-20 13:41:15.095883777 +0100
1137 @@ -47,5 +47,6 @@ int mac_init(struct sshmac *);
1138 int mac_compute(struct sshmac *, u_int32_t, const u_char *, int,
1140 void mac_clear(struct sshmac *);
1141 +void mac_destroy(struct sshmac *);
1143 #endif /* SSHMAC_H */
1144 diff -up openssh-6.8p1/monitor.c.audit openssh-6.8p1/monitor.c
1145 --- openssh-6.8p1/monitor.c.audit 2015-03-20 13:41:15.072883814 +0100
1146 +++ openssh-6.8p1/monitor.c 2015-03-20 13:41:15.107883758 +0100
1149 #include "roaming.h"
1155 @@ -117,6 +118,8 @@ extern Buffer auth_debug;
1156 extern int auth_debug_init;
1157 extern Buffer loginmsg;
1159 +extern void destroy_sensitive_data(int);
1161 /* State exported from the child */
1162 static struct sshbuf *child_state;
1164 @@ -167,6 +170,11 @@ int mm_answer_gss_updatecreds(int, Buffe
1165 #ifdef SSH_AUDIT_EVENTS
1166 int mm_answer_audit_event(int, Buffer *);
1167 int mm_answer_audit_command(int, Buffer *);
1168 +int mm_answer_audit_end_command(int, Buffer *);
1169 +int mm_answer_audit_unsupported_body(int, Buffer *);
1170 +int mm_answer_audit_kex_body(int, Buffer *);
1171 +int mm_answer_audit_session_key_free_body(int, Buffer *);
1172 +int mm_answer_audit_server_key_free(int, Buffer *);
1175 static int monitor_read_log(struct monitor *);
1176 @@ -226,6 +234,10 @@ struct mon_table mon_dispatch_proto20[]
1178 #ifdef SSH_AUDIT_EVENTS
1179 {MONITOR_REQ_AUDIT_EVENT, MON_PERMIT, mm_answer_audit_event},
1180 + {MONITOR_REQ_AUDIT_UNSUPPORTED, MON_PERMIT, mm_answer_audit_unsupported_body},
1181 + {MONITOR_REQ_AUDIT_KEX, MON_PERMIT, mm_answer_audit_kex_body},
1182 + {MONITOR_REQ_AUDIT_SESSION_KEY_FREE, MON_PERMIT, mm_answer_audit_session_key_free_body},
1183 + {MONITOR_REQ_AUDIT_SERVER_KEY_FREE, MON_PERMIT, mm_answer_audit_server_key_free},
1186 {MONITOR_REQ_BSDAUTHQUERY, MON_ISAUTH, mm_answer_bsdauthquery},
1187 @@ -264,6 +276,11 @@ struct mon_table mon_dispatch_postauth20
1188 #ifdef SSH_AUDIT_EVENTS
1189 {MONITOR_REQ_AUDIT_EVENT, MON_PERMIT, mm_answer_audit_event},
1190 {MONITOR_REQ_AUDIT_COMMAND, MON_PERMIT, mm_answer_audit_command},
1191 + {MONITOR_REQ_AUDIT_END_COMMAND, MON_PERMIT, mm_answer_audit_end_command},
1192 + {MONITOR_REQ_AUDIT_UNSUPPORTED, MON_PERMIT, mm_answer_audit_unsupported_body},
1193 + {MONITOR_REQ_AUDIT_KEX, MON_PERMIT, mm_answer_audit_kex_body},
1194 + {MONITOR_REQ_AUDIT_SESSION_KEY_FREE, MON_PERMIT, mm_answer_audit_session_key_free_body},
1195 + {MONITOR_REQ_AUDIT_SERVER_KEY_FREE, MON_PERMIT, mm_answer_audit_server_key_free},
1199 @@ -296,6 +313,10 @@ struct mon_table mon_dispatch_proto15[]
1201 #ifdef SSH_AUDIT_EVENTS
1202 {MONITOR_REQ_AUDIT_EVENT, MON_PERMIT, mm_answer_audit_event},
1203 + {MONITOR_REQ_AUDIT_UNSUPPORTED, MON_PERMIT, mm_answer_audit_unsupported_body},
1204 + {MONITOR_REQ_AUDIT_KEX, MON_PERMIT, mm_answer_audit_kex_body},
1205 + {MONITOR_REQ_AUDIT_SESSION_KEY_FREE, MON_PERMIT, mm_answer_audit_session_key_free_body},
1206 + {MONITOR_REQ_AUDIT_SERVER_KEY_FREE, MON_PERMIT, mm_answer_audit_server_key_free},
1208 #endif /* WITH_SSH1 */
1210 @@ -309,6 +330,11 @@ struct mon_table mon_dispatch_postauth15
1211 #ifdef SSH_AUDIT_EVENTS
1212 {MONITOR_REQ_AUDIT_EVENT, MON_PERMIT, mm_answer_audit_event},
1213 {MONITOR_REQ_AUDIT_COMMAND, MON_PERMIT|MON_ONCE, mm_answer_audit_command},
1214 + {MONITOR_REQ_AUDIT_END_COMMAND, MON_PERMIT, mm_answer_audit_end_command},
1215 + {MONITOR_REQ_AUDIT_UNSUPPORTED, MON_PERMIT, mm_answer_audit_unsupported_body},
1216 + {MONITOR_REQ_AUDIT_KEX, MON_PERMIT, mm_answer_audit_kex_body},
1217 + {MONITOR_REQ_AUDIT_SESSION_KEY_FREE, MON_PERMIT, mm_answer_audit_session_key_free_body},
1218 + {MONITOR_REQ_AUDIT_SERVER_KEY_FREE, MON_PERMIT, mm_answer_audit_server_key_free},
1220 #endif /* WITH_SSH1 */
1222 @@ -1466,9 +1493,11 @@ mm_answer_keyverify(int sock, Buffer *m)
1224 u_char *signature, *data, *blob;
1225 u_int signaturelen, datalen, bloblen;
1230 + type = buffer_get_int(m);
1231 blob = buffer_get_string(m, &bloblen);
1232 signature = buffer_get_string(m, &signaturelen);
1233 data = buffer_get_string(m, &datalen);
1234 @@ -1476,6 +1505,8 @@ mm_answer_keyverify(int sock, Buffer *m)
1235 if (hostbased_cuser == NULL || hostbased_chost == NULL ||
1236 !monitor_allowed_key(blob, bloblen))
1237 fatal("%s: bad key, not previously allowed", __func__);
1238 + if (type != key_blobtype)
1239 + fatal("%s: bad key type", __func__);
1241 key = key_from_blob(blob, bloblen);
1243 @@ -1496,7 +1527,17 @@ mm_answer_keyverify(int sock, Buffer *m)
1245 fatal("%s: bad signature data blob", __func__);
1247 - verified = key_verify(key, signature, signaturelen, data, datalen);
1248 + switch (key_blobtype) {
1250 + verified = user_key_verify(key, signature, signaturelen, data, datalen);
1253 + verified = hostbased_key_verify(key, signature, signaturelen, data, datalen);
1259 debug3("%s: key %p signature %s",
1260 __func__, key, (verified == 1) ? "verified" : "unverified");
1262 @@ -1554,6 +1595,12 @@ mm_session_close(Session *s)
1263 debug3("%s: tty %s ptyfd %d", __func__, s->tty, s->ptyfd);
1264 session_pty_cleanup2(s);
1266 +#ifdef SSH_AUDIT_EVENTS
1267 + if (s->command != NULL) {
1268 + debug3("%s: command %d", __func__, s->command_handle);
1269 + session_end_command2(s);
1272 session_unused(s->self);
1275 @@ -1836,6 +1883,8 @@ mm_answer_term(int sock, Buffer *req)
1279 + destroy_sensitive_data(0);
1281 while (waitpid(pmonitor->m_pid, &status, 0) == -1)
1284 @@ -1878,11 +1927,43 @@ mm_answer_audit_command(int socket, Buff
1290 debug3("%s entering", __func__);
1291 cmd = buffer_get_string(m, &len);
1293 /* sanity check command, if so how? */
1294 - audit_run_command(cmd);
1295 + s = session_new();
1297 + fatal("%s: error allocating a session", __func__);
1299 + s->command_handle = audit_run_command(cmd);
1302 + buffer_put_int(m, s->self);
1304 + mm_request_send(socket, MONITOR_ANS_AUDIT_COMMAND, m);
1310 +mm_answer_audit_end_command(int socket, Buffer *m)
1317 + debug3("%s entering", __func__);
1318 + handle = buffer_get_int(m);
1319 + cmd = buffer_get_string(m, &len);
1321 + s = session_by_id(handle);
1322 + if (s == NULL || s->ttyfd != -1 || s->command == NULL ||
1323 + strcmp(s->command, cmd) != 0)
1324 + fatal("%s: invalid handle", __func__);
1325 + mm_session_close(s);
1329 @@ -1936,6 +2017,7 @@
1331 mm_get_keystate(struct monitor *pmonitor)
1334 debug3("%s: Waiting for new keys", __func__);
1336 if ((child_state = sshbuf_new()) == NULL)
1337 @@ -1946,6 +2027,21 @@ mm_get_keystate(struct monitor *pmonitor
1338 mm_request_receive_expect(pmonitor->m_sendfd, MONITOR_REQ_KEYEXPORT,
1340 debug3("%s: GOT new keys", __func__);
1342 +#ifdef SSH_AUDIT_EVENTS
1345 + mm_request_receive_expect(pmonitor->m_sendfd,
1346 + MONITOR_REQ_AUDIT_SESSION_KEY_FREE, &m);
1347 + mm_answer_audit_session_key_free_body(pmonitor->m_sendfd, &m);
1352 + /* Drain any buffered messages from the child */
1353 + while (pmonitor->m_log_recvfd >= 0 && monitor_read_log(pmonitor) == 0)
1359 @@ -2212,3 +2308,87 @@ mm_answer_gss_updatecreds(int socket, Bu
1363 +#ifdef SSH_AUDIT_EVENTS
1365 +mm_answer_audit_unsupported_body(int sock, Buffer *m)
1369 + what = buffer_get_int(m);
1371 + audit_unsupported_body(what);
1375 + mm_request_send(sock, MONITOR_ANS_AUDIT_UNSUPPORTED, m);
1380 +mm_answer_audit_kex_body(int sock, Buffer *m)
1383 + char *cipher, *mac, *compress, *pfs;
1387 + ctos = buffer_get_int(m);
1388 + cipher = buffer_get_string(m, &len);
1389 + mac = buffer_get_string(m, &len);
1390 + compress = buffer_get_string(m, &len);
1391 + pfs = buffer_get_string(m, &len);
1392 + pid = buffer_get_int64(m);
1393 + uid = buffer_get_int64(m);
1395 + audit_kex_body(ctos, cipher, mac, compress, pfs, pid, uid);
1403 + mm_request_send(sock, MONITOR_ANS_AUDIT_KEX, m);
1408 +mm_answer_audit_session_key_free_body(int sock, Buffer *m)
1414 + ctos = buffer_get_int(m);
1415 + pid = buffer_get_int64(m);
1416 + uid = buffer_get_int64(m);
1418 + audit_session_key_free_body(ctos, pid, uid);
1422 + mm_request_send(sock, MONITOR_ANS_AUDIT_SESSION_KEY_FREE, m);
1427 +mm_answer_audit_server_key_free(int sock, Buffer *m)
1434 + fp = buffer_get_string(m, &len);
1435 + pid = buffer_get_int64(m);
1436 + uid = buffer_get_int64(m);
1438 + audit_destroy_sensitive_data(fp, pid, uid);
1443 + mm_request_send(sock, MONITOR_ANS_AUDIT_SERVER_KEY_FREE, m);
1446 +#endif /* SSH_AUDIT_EVENTS */
1447 diff -up openssh-6.8p1/monitor.h.audit openssh-6.8p1/monitor.h
1448 --- openssh-6.8p1/monitor.h.audit 2015-03-20 13:41:15.072883814 +0100
1449 +++ openssh-6.8p1/monitor.h 2015-03-20 13:41:15.096883775 +0100
1450 @@ -69,7 +69,13 @@ enum monitor_reqtype {
1451 MONITOR_REQ_PAM_QUERY = 106, MONITOR_ANS_PAM_QUERY = 107,
1452 MONITOR_REQ_PAM_RESPOND = 108, MONITOR_ANS_PAM_RESPOND = 109,
1453 MONITOR_REQ_PAM_FREE_CTX = 110, MONITOR_ANS_PAM_FREE_CTX = 111,
1454 - MONITOR_REQ_AUDIT_EVENT = 112, MONITOR_REQ_AUDIT_COMMAND = 113,
1455 + MONITOR_REQ_AUDIT_EVENT = 112,
1456 + MONITOR_REQ_AUDIT_COMMAND = 114, MONITOR_ANS_AUDIT_COMMAND = 115,
1457 + MONITOR_REQ_AUDIT_END_COMMAND = 116,
1458 + MONITOR_REQ_AUDIT_UNSUPPORTED = 118, MONITOR_ANS_AUDIT_UNSUPPORTED = 119,
1459 + MONITOR_REQ_AUDIT_KEX = 120, MONITOR_ANS_AUDIT_KEX = 121,
1460 + MONITOR_REQ_AUDIT_SESSION_KEY_FREE = 122, MONITOR_ANS_AUDIT_SESSION_KEY_FREE = 123,
1461 + MONITOR_REQ_AUDIT_SERVER_KEY_FREE = 124, MONITOR_ANS_AUDIT_SERVER_KEY_FREE = 125
1465 diff -up openssh-6.8p1/monitor_wrap.c.audit openssh-6.8p1/monitor_wrap.c
1466 --- openssh-6.8p1/monitor_wrap.c.audit 2015-03-20 13:41:15.047883855 +0100
1467 +++ openssh-6.8p1/monitor_wrap.c 2015-03-20 13:41:15.108883756 +0100
1468 @@ -461,7 +461,7 @@ mm_key_allowed(enum mm_keytype type, cha
1472 -mm_key_verify(Key *key, u_char *sig, u_int siglen, u_char *data, u_int datalen)
1473 +mm_key_verify(enum mm_keytype type, Key *key, u_char *sig, u_int siglen, u_char *data, u_int datalen)
1477 @@ -475,6 +475,7 @@ mm_key_verify(Key *key, u_char *sig, u_i
1481 + buffer_put_int(&m, type);
1482 buffer_put_string(&m, blob, len);
1483 buffer_put_string(&m, sig, siglen);
1484 buffer_put_string(&m, data, datalen);
1485 @@ -492,6 +493,18 @@ mm_key_verify(Key *key, u_char *sig, u_i
1490 +mm_hostbased_key_verify(Key *key, u_char *sig, u_int siglen, u_char *data, u_int datalen)
1492 + return mm_key_verify(MM_HOSTKEY, key, sig, siglen, data, datalen);
1496 +mm_user_key_verify(Key *key, u_char *sig, u_int siglen, u_char *data, u_int datalen)
1498 + return mm_key_verify(MM_USERKEY, key, sig, siglen, data, datalen);
1502 mm_send_keystate(struct monitor *monitor)
1504 @@ -1005,10 +1018,11 @@ mm_audit_event(ssh_audit_event_t event)
1510 mm_audit_run_command(const char *command)
1515 debug3("%s entering command %s", __func__, command);
1517 @@ -1016,6 +1030,26 @@ mm_audit_run_command(const char *command
1518 buffer_put_cstring(&m, command);
1520 mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_AUDIT_COMMAND, &m);
1521 + mm_request_receive_expect(pmonitor->m_recvfd, MONITOR_ANS_AUDIT_COMMAND, &m);
1523 + handle = buffer_get_int(&m);
1530 +mm_audit_end_command(int handle, const char *command)
1534 + debug3("%s entering command %s", __func__, command);
1537 + buffer_put_int(&m, handle);
1538 + buffer_put_cstring(&m, command);
1540 + mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_AUDIT_END_COMMAND, &m);
1543 #endif /* SSH_AUDIT_EVENTS */
1544 @@ -1151,3 +1185,72 @@ mm_ssh_gssapi_update_creds(ssh_gssapi_cc
1548 +#ifdef SSH_AUDIT_EVENTS
1550 +mm_audit_unsupported_body(int what)
1555 + buffer_put_int(&m, what);
1557 + mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_AUDIT_UNSUPPORTED, &m);
1558 + mm_request_receive_expect(pmonitor->m_recvfd, MONITOR_ANS_AUDIT_UNSUPPORTED,
1565 +mm_audit_kex_body(int ctos, char *cipher, char *mac, char *compress, char *fps, pid_t pid,
1571 + buffer_put_int(&m, ctos);
1572 + buffer_put_cstring(&m, cipher);
1573 + buffer_put_cstring(&m, (mac ? mac : ""));
1574 + buffer_put_cstring(&m, compress);
1575 + buffer_put_cstring(&m, fps);
1576 + buffer_put_int64(&m, pid);
1577 + buffer_put_int64(&m, uid);
1579 + mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_AUDIT_KEX, &m);
1580 + mm_request_receive_expect(pmonitor->m_recvfd, MONITOR_ANS_AUDIT_KEX,
1587 +mm_audit_session_key_free_body(int ctos, pid_t pid, uid_t uid)
1592 + buffer_put_int(&m, ctos);
1593 + buffer_put_int64(&m, pid);
1594 + buffer_put_int64(&m, uid);
1595 + mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_AUDIT_SESSION_KEY_FREE, &m);
1596 + mm_request_receive_expect(pmonitor->m_recvfd, MONITOR_ANS_AUDIT_SESSION_KEY_FREE,
1602 +mm_audit_destroy_sensitive_data(const char *fp, pid_t pid, uid_t uid)
1607 + buffer_put_cstring(&m, fp);
1608 + buffer_put_int64(&m, pid);
1609 + buffer_put_int64(&m, uid);
1611 + mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_AUDIT_SERVER_KEY_FREE, &m);
1612 + mm_request_receive_expect(pmonitor->m_recvfd, MONITOR_ANS_AUDIT_SERVER_KEY_FREE,
1616 +#endif /* SSH_AUDIT_EVENTS */
1617 diff -up openssh-6.8p1/monitor_wrap.h.audit openssh-6.8p1/monitor_wrap.h
1618 --- openssh-6.8p1/monitor_wrap.h.audit 2015-03-20 13:41:15.048883853 +0100
1619 +++ openssh-6.8p1/monitor_wrap.h 2015-03-20 13:41:15.096883775 +0100
1620 @@ -52,7 +52,8 @@ int mm_key_allowed(enum mm_keytype, char
1621 int mm_user_key_allowed(struct passwd *, Key *);
1622 int mm_hostbased_key_allowed(struct passwd *, char *, char *, Key *);
1623 int mm_auth_rhosts_rsa_key_allowed(struct passwd *, char *, char *, Key *);
1624 -int mm_key_verify(Key *, u_char *, u_int, u_char *, u_int);
1625 +int mm_hostbased_key_verify(Key *, u_char *, u_int, u_char *, u_int);
1626 +int mm_user_key_verify(Key *, u_char *, u_int, u_char *, u_int);
1627 int mm_auth_rsa_key_allowed(struct passwd *, BIGNUM *, Key **);
1628 int mm_auth_rsa_verify_response(Key *, BIGNUM *, u_char *);
1629 BIGNUM *mm_auth_rsa_generate_challenge(Key *);
1630 @@ -79,7 +80,12 @@ void mm_sshpam_free_ctx(void *);
1631 #ifdef SSH_AUDIT_EVENTS
1633 void mm_audit_event(ssh_audit_event_t);
1634 -void mm_audit_run_command(const char *);
1635 +int mm_audit_run_command(const char *);
1636 +void mm_audit_end_command(int, const char *);
1637 +void mm_audit_unsupported_body(int);
1638 +void mm_audit_kex_body(int, char *, char *, char *, char *, pid_t, uid_t);
1639 +void mm_audit_session_key_free_body(int, pid_t, uid_t);
1640 +void mm_audit_destroy_sensitive_data(const char *, pid_t, uid_t);
1644 diff -up openssh-6.8p1/packet.c.audit openssh-6.8p1/packet.c
1645 --- openssh-6.8p1/packet.c.audit 2015-03-20 13:41:14.990883947 +0100
1646 +++ openssh-6.8p1/packet.c 2015-03-20 13:41:15.097883774 +0100
1648 #include "key.h" /* typedefs XXX */
1650 #include "xmalloc.h"
1653 #include "deattack.h"
1655 @@ -448,6 +449,13 @@ ssh_packet_get_connection_out(struct ssh
1656 return ssh->state->connection_out;
1660 +packet_state_has_keys (const struct session_state *state)
1662 + return state != NULL &&
1663 + (state->newkeys[MODE_IN] != NULL || state->newkeys[MODE_OUT] != NULL);
1667 * Returns the IP-address of the remote host as a string. The returned
1668 * string must not be freed.
1669 @@ -478,13 +486,6 @@ ssh_packet_close(struct ssh *ssh)
1670 if (!state->initialized)
1672 state->initialized = 0;
1673 - if (state->connection_in == state->connection_out) {
1674 - shutdown(state->connection_out, SHUT_RDWR);
1675 - close(state->connection_out);
1677 - close(state->connection_in);
1678 - close(state->connection_out);
1680 sshbuf_free(state->input);
1681 sshbuf_free(state->output);
1682 sshbuf_free(state->outgoing_packet);
1683 @@ -516,14 +517,24 @@ ssh_packet_close(struct ssh *ssh)
1687 - if ((r = cipher_cleanup(&state->send_context)) != 0)
1688 - error("%s: cipher_cleanup failed: %s", __func__, ssh_err(r));
1689 - if ((r = cipher_cleanup(&state->receive_context)) != 0)
1690 - error("%s: cipher_cleanup failed: %s", __func__, ssh_err(r));
1691 + if (packet_state_has_keys(state)) {
1692 + if ((r = cipher_cleanup(&state->send_context)) != 0)
1693 + error("%s: cipher_cleanup failed: %s", __func__, ssh_err(r));
1694 + if ((r = cipher_cleanup(&state->receive_context)) != 0)
1695 + error("%s: cipher_cleanup failed: %s", __func__, ssh_err(r));
1696 + audit_session_key_free(2);
1698 if (ssh->remote_ipaddr) {
1699 free(ssh->remote_ipaddr);
1700 ssh->remote_ipaddr = NULL;
1702 + if (state->connection_in == state->connection_out) {
1703 + shutdown(state->connection_out, SHUT_RDWR);
1704 + close(state->connection_out);
1706 + close(state->connection_in);
1707 + close(state->connection_out);
1712 @@ -941,6 +952,7 @@ ssh_set_newkeys(struct ssh *ssh, int mod
1714 if (state->newkeys[mode] != NULL) {
1715 debug("set_newkeys: rekeying");
1716 + audit_session_key_free(mode);
1717 if ((r = cipher_cleanup(cc)) != 0)
1719 enc = &state->newkeys[mode]->enc;
1720 @@ -2263,6 +2275,75 @@ ssh_packet_get_output(struct ssh *ssh)
1721 return (void *)ssh->state->output;
1725 +newkeys_destroy_and_free(struct newkeys *newkeys)
1727 + if (newkeys == NULL)
1730 + free(newkeys->enc.name);
1732 + if (newkeys->mac.enabled) {
1733 + mac_clear(&newkeys->mac);
1734 + free(newkeys->mac.name);
1737 + free(newkeys->comp.name);
1739 + newkeys_destroy(newkeys);
1744 +packet_destroy_state(struct session_state *state)
1746 + if (state == NULL)
1749 + cipher_cleanup(&state->receive_context);
1750 + cipher_cleanup(&state->send_context);
1752 + buffer_free(state->input);
1753 + state->input = NULL;
1754 + buffer_free(state->output);
1755 + state->output = NULL;
1756 + buffer_free(state->outgoing_packet);
1757 + state->outgoing_packet = NULL;
1758 + buffer_free(state->incoming_packet);
1759 + state->incoming_packet = NULL;
1760 + if( state->compression_buffer ) {
1761 + buffer_free(state->compression_buffer);
1762 + state->compression_buffer = NULL;
1764 + newkeys_destroy_and_free(state->newkeys[MODE_IN]);
1765 + state->newkeys[MODE_IN] = NULL;
1766 + newkeys_destroy_and_free(state->newkeys[MODE_OUT]);
1767 + state->newkeys[MODE_OUT] = NULL;
1768 + mac_destroy(state->packet_discard_mac);
1769 +// TAILQ_HEAD(, packet) outgoing;
1770 +// memset(state, 0, sizeof(state));
1774 +packet_destroy_all(int audit_it, int privsep)
1777 + audit_it = (active_state != NULL && packet_state_has_keys(active_state->state))
1778 + || (backup_state != NULL && packet_state_has_keys(backup_state->state));
1779 + if (active_state != NULL)
1780 + packet_destroy_state(active_state->state);
1781 + if (backup_state != NULL)
1782 + packet_destroy_state(backup_state->state);
1784 +#ifdef SSH_AUDIT_EVENTS
1786 + audit_session_key_free(2);
1788 + audit_session_key_free_body(2, getpid(), getuid());
1793 /* XXX TODO update roaming to new API (does not work anyway) */
1795 * Save the state for the real connection, and use a separate state when
1796 @@ -2272,18 +2373,12 @@ void
1797 ssh_packet_backup_state(struct ssh *ssh,
1798 struct ssh *backup_state)
1802 close(ssh->state->connection_in);
1803 ssh->state->connection_in = -1;
1804 close(ssh->state->connection_out);
1805 ssh->state->connection_out = -1;
1807 - tmp = backup_state;
1809 - tmp = ssh_alloc_session_state();
1812 + ssh = ssh_alloc_session_state();
1815 /* XXX FIXME FIXME FIXME */
1816 @@ -2302,9 +2397,7 @@ ssh_packet_restore_state(struct ssh *ssh
1819 ssh->state->connection_in = backup_state->state->connection_in;
1820 - backup_state->state->connection_in = -1;
1821 ssh->state->connection_out = backup_state->state->connection_out;
1822 - backup_state->state->connection_out = -1;
1823 len = sshbuf_len(backup_state->state->input);
1825 if ((r = sshbuf_putb(ssh->state->input,
1826 @@ -2313,6 +2406,11 @@ ssh_packet_restore_state(struct ssh *ssh
1827 sshbuf_reset(backup_state->state->input);
1828 add_recv_bytes(len);
1830 + backup_state->state->connection_in = -1;
1831 + backup_state->state->connection_out = -1;
1832 + packet_destroy_state(backup_state->state);
1833 + free(backup_state);
1834 + backup_state = NULL;
1837 /* Reset after_authentication and reset compression in post-auth privsep */
1838 diff -up openssh-6.8p1/packet.h.audit openssh-6.8p1/packet.h
1839 --- openssh-6.8p1/packet.h.audit 2015-03-17 06:49:20.000000000 +0100
1840 +++ openssh-6.8p1/packet.h 2015-03-20 13:41:15.097883774 +0100
1841 @@ -189,7 +189,7 @@ int sshpkt_get_end(struct ssh *ssh);
1842 const u_char *sshpkt_ptr(struct ssh *, size_t *lenp);
1845 -extern struct ssh *active_state;
1846 +extern struct ssh *active_state, *backup_state;
1847 #include "opacket.h"
1849 #if !defined(WITH_OPENSSL)
1850 @@ -203,4 +203,5 @@ extern struct ssh *active_state;
1854 +void packet_destroy_all(int, int);
1855 #endif /* PACKET_H */
1856 diff -up openssh-6.8p1/session.c.audit openssh-6.8p1/session.c
1857 --- openssh-6.8p1/session.c.audit 2015-03-20 13:41:15.073883813 +0100
1858 +++ openssh-6.8p1/session.c 2015-03-20 13:41:15.097883774 +0100
1859 @@ -139,7 +139,7 @@ extern int log_stderr;
1860 extern int debug_flag;
1861 extern u_int utmp_len;
1862 extern int startup_pipe;
1863 -extern void destroy_sensitive_data(void);
1864 +extern void destroy_sensitive_data(int);
1865 extern Buffer loginmsg;
1867 /* original command from peer. */
1868 @@ -731,6 +731,14 @@ do_exec_pty(Session *s, const char *comm
1869 /* Parent. Close the slave side of the pseudo tty. */
1872 +#ifndef HAVE_OSF_SIA
1873 + /* do_login in the child did not affect state in this process,
1874 + compensate. From an architectural standpoint, this is extremely
1876 + if (!(options.use_login && command == NULL))
1877 + audit_count_session_open();
1880 /* Enter interactive session. */
1881 s->ptymaster = ptymaster;
1882 packet_set_interactive(1,
1883 @@ -853,15 +861,19 @@ do_exec(Session *s, const char *command)
1886 #ifdef SSH_AUDIT_EVENTS
1887 + if (s->command != NULL || s->command_handle != -1)
1888 + fatal("do_exec: command already set");
1889 if (command != NULL)
1890 - PRIVSEP(audit_run_command(command));
1891 + s->command = xstrdup(command);
1892 else if (s->ttyfd == -1) {
1893 char *shell = s->pw->pw_shell;
1895 if (shell[0] == '\0') /* empty shell means /bin/sh */
1896 shell =_PATH_BSHELL;
1897 - PRIVSEP(audit_run_command(shell));
1898 + s->command = xstrdup(shell);
1900 + if (s->command != NULL && s->ptyfd == -1)
1901 + s->command_handle = PRIVSEP(audit_run_command(s->command));
1904 ret = do_exec_pty(s, command);
1905 @@ -1704,7 +1716,10 @@ do_child(Session *s, const char *command
1908 /* remove hostkey from the child's memory */
1909 - destroy_sensitive_data();
1910 + destroy_sensitive_data(1);
1911 + /* Don't audit this - both us and the parent would be talking to the
1912 + monitor over a single socket, with no synchronization. */
1913 + packet_destroy_all(0, 1);
1915 /* Force a password change */
1916 if (s->authctxt->force_pwchange) {
1917 @@ -1934,6 +1949,7 @@ session_unused(int id)
1918 sessions[id].ttyfd = -1;
1919 sessions[id].ptymaster = -1;
1920 sessions[id].x11_chanids = NULL;
1921 + sessions[id].command_handle = -1;
1922 sessions[id].next_unused = sessions_first_unused;
1923 sessions_first_unused = id;
1925 @@ -2016,6 +2032,19 @@ session_open(Authctxt *authctxt, int cha
1929 +session_by_id(int id)
1931 + if (id >= 0 && id < sessions_nalloc) {
1932 + Session *s = &sessions[id];
1936 + debug("session_by_id: unknown id %d", id);
1942 session_by_tty(char *tty)
1945 @@ -2532,6 +2561,32 @@ session_exit_message(Session *s, int sta
1946 chan_write_failed(c);
1949 +#ifdef SSH_AUDIT_EVENTS
1951 +session_end_command2(Session *s)
1953 + if (s->command != NULL) {
1954 + if (s->command_handle != -1)
1955 + audit_end_command(s->command_handle, s->command);
1957 + s->command = NULL;
1958 + s->command_handle = -1;
1963 +session_end_command(Session *s)
1965 + if (s->command != NULL) {
1966 + if (s->command_handle != -1)
1967 + PRIVSEP(audit_end_command(s->command_handle, s->command));
1969 + s->command = NULL;
1970 + s->command_handle = -1;
1976 session_close(Session *s)
1978 @@ -2540,6 +2593,10 @@ session_close(Session *s)
1979 debug("session_close: session %d pid %ld", s->self, (long)s->pid);
1981 session_pty_cleanup(s);
1982 +#ifdef SSH_AUDIT_EVENTS
1984 + session_end_command(s);
1988 free(s->x11_chanids);
1989 @@ -2754,6 +2811,15 @@ do_authenticated2(Authctxt *authctxt)
1990 server_loop2(authctxt);
1994 +do_cleanup_one_session(Session *s)
1996 + session_pty_cleanup2(s);
1997 +#ifdef SSH_AUDIT_EVENTS
1998 + session_end_command2(s);
2003 do_cleanup(Authctxt *authctxt)
2005 @@ -2802,5 +2868,5 @@ do_cleanup(Authctxt *authctxt)
2006 * or if running in monitor.
2008 if (!use_privsep || mm_is_monitor())
2009 - session_destroy_all(session_pty_cleanup2);
2010 + session_destroy_all(do_cleanup_one_session);
2012 diff -up openssh-6.8p1/session.h.audit openssh-6.8p1/session.h
2013 --- openssh-6.8p1/session.h.audit 2015-03-17 06:49:20.000000000 +0100
2014 +++ openssh-6.8p1/session.h 2015-03-20 13:41:15.097883774 +0100
2015 @@ -61,6 +61,12 @@ struct Session {
2021 +#ifdef SSH_AUDIT_EVENTS
2022 + int command_handle;
2027 void do_authenticated(Authctxt *);
2028 @@ -73,8 +79,10 @@ void session_close_by_pid(pid_t, int);
2029 void session_close_by_channel(int, void *);
2030 void session_destroy_all(void (*)(Session *));
2031 void session_pty_cleanup2(Session *);
2032 +void session_end_command2(Session *);
2034 Session *session_new(void);
2035 +Session *session_by_id(int);
2036 Session *session_by_tty(char *);
2037 void session_close(Session *);
2038 void do_setusercontext(struct passwd *);
2039 diff -up openssh-6.8p1/sshd.c.audit openssh-6.8p1/sshd.c
2040 --- openssh-6.8p1/sshd.c.audit 2015-03-20 13:41:15.083883796 +0100
2041 +++ openssh-6.8p1/sshd.c 2015-03-20 13:41:15.110883753 +0100
2044 #include "monitor_wrap.h"
2045 #include "roaming.h"
2047 #include "ssh-sandbox.h"
2048 #include "version.h"
2050 @@ -260,7 +264,7 @@ Buffer loginmsg;
2051 struct passwd *privsep_pw = NULL;
2053 /* Prototypes for various functions defined later in this file. */
2054 -void destroy_sensitive_data(void);
2055 +void destroy_sensitive_data(int);
2056 void demote_sensitive_data(void);
2059 @@ -281,6 +285,15 @@ close_listen_socks(void)
2060 num_listen_socks = -1;
2064 + * Is this process listening for clients (i.e. not specific to any specific
2065 + * client connection?)
2067 +int listening_for_clients(void)
2069 + return num_listen_socks > 0;
2073 close_startup_pipes(void)
2075 @@ -560,22 +573,45 @@ sshd_exchange_identification(int sock_in
2079 -/* Destroy the host and server keys. They will no longer be needed. */
2081 + * Destroy the host and server keys. They will no longer be needed. Careful,
2082 + * this can be called from cleanup_exit() - i.e. from just about anywhere.
2085 -destroy_sensitive_data(void)
2086 +destroy_sensitive_data(int privsep)
2092 if (sensitive_data.server_key) {
2093 key_free(sensitive_data.server_key);
2094 sensitive_data.server_key = NULL;
2098 for (i = 0; i < options.num_host_key_files; i++) {
2099 if (sensitive_data.host_keys[i]) {
2102 + if (key_is_private(sensitive_data.host_keys[i]))
2103 + fp = sshkey_fingerprint(sensitive_data.host_keys[i], options.fingerprint_hash, SSH_FP_HEX);
2106 key_free(sensitive_data.host_keys[i]);
2107 sensitive_data.host_keys[i] = NULL;
2110 + PRIVSEP(audit_destroy_sensitive_data(fp,
2113 + audit_destroy_sensitive_data(fp,
2118 - if (sensitive_data.host_certificates[i]) {
2119 + if (sensitive_data.host_certificates
2120 + && sensitive_data.host_certificates[i]) {
2121 key_free(sensitive_data.host_certificates[i]);
2122 sensitive_data.host_certificates[i] = NULL;
2124 @@ -589,6 +625,8 @@ void
2125 demote_sensitive_data(void)
2132 if (sensitive_data.server_key) {
2133 @@ -597,13 +635,25 @@ demote_sensitive_data(void)
2134 sensitive_data.server_key = tmp;
2139 for (i = 0; i < options.num_host_key_files; i++) {
2140 if (sensitive_data.host_keys[i]) {
2143 + if (key_is_private(sensitive_data.host_keys[i]))
2144 + fp = sshkey_fingerprint(sensitive_data.host_keys[i], options.fingerprint_hash, SSH_FP_HEX);
2147 tmp = key_demote(sensitive_data.host_keys[i]);
2148 key_free(sensitive_data.host_keys[i]);
2149 sensitive_data.host_keys[i] = tmp;
2150 if (tmp->type == KEY_RSA1)
2151 sensitive_data.ssh1_host_key = tmp;
2153 + audit_destroy_sensitive_data(fp, pid, uid);
2157 /* Certs do not need demotion */
2159 @@ -675,7 +725,7 @@ privsep_preauth(Authctxt *authctxt)
2161 if (use_privsep == PRIVSEP_ON)
2162 box = ssh_sandbox_init(pmonitor);
2164 + pmonitor->m_pid = pid = fork();
2166 fatal("fork of unprivileged child failed");
2167 } else if (pid != 0) {
2168 @@ -759,6 +811,12 @@ privsep_postauth(Authctxt *authctxt)
2169 else if (pmonitor->m_pid != 0) {
2170 verbose("User child is on pid %ld", (long)pmonitor->m_pid);
2171 buffer_clear(&loginmsg);
2172 + if (*pmonitor->m_pkex != NULL ){
2173 + newkeys_destroy((*pmonitor->m_pkex)->newkeys[MODE_OUT]);
2174 + newkeys_destroy((*pmonitor->m_pkex)->newkeys[MODE_IN]);
2175 + audit_session_key_free_body(2, getpid(), getuid());
2176 + packet_destroy_all(0, 0);
2178 monitor_child_postauth(pmonitor);
2181 @@ -1286,6 +1341,7 @@ server_accept_loop(int *sock_in, int *so
2182 if (received_sigterm) {
2183 logit("Received signal %d; terminating.",
2184 (int) received_sigterm);
2185 + destroy_sensitive_data(0);
2186 close_listen_socks();
2187 if (options.pid_file != NULL)
2188 unlink(options.pid_file);
2189 @@ -2242,6 +2321,7 @@ main(int ac, char **av)
2192 mm_send_keystate(pmonitor);
2193 + packet_destroy_all(1, 1);
2197 @@ -2287,7 +2367,7 @@ main(int ac, char **av)
2198 privsep_postauth(authctxt);
2199 /* the monitor process [priv] will not return */
2201 - destroy_sensitive_data();
2202 + destroy_sensitive_data(0);
2205 packet_set_timeout(options.client_alive_interval,
2206 @@ -2301,6 +2381,9 @@ main(int ac, char **av)
2207 do_authenticated(authctxt);
2209 /* The connection has been terminated. */
2210 + packet_destroy_all(1, 1);
2211 + destroy_sensitive_data(1);
2213 packet_get_bytes(&ibytes, &obytes);
2214 verbose("Transferred: sent %llu, received %llu bytes",
2215 (unsigned long long)obytes, (unsigned long long)ibytes);
2216 @@ -2461,6 +2544,10 @@ do_ssh1_kex(void)
2217 if (cookie[i] != packet_get_char())
2218 packet_disconnect("IP Spoofing check bytes do not match.");
2220 +#ifdef SSH_AUDIT_EVENTS
2221 + audit_kex(2, cipher_name(cipher_type), "crc", "none", "none");
2224 debug("Encryption type: %.200s", cipher_name(cipher_type));
2226 /* Get the encrypted integer. */
2227 @@ -2520,7 +2607,7 @@ do_ssh1_kex(void)
2230 /* Destroy the private and public keys. No longer. */
2231 - destroy_sensitive_data();
2232 + destroy_sensitive_data(1);
2235 mm_ssh1_session_id(session_id);
2236 @@ -2703,6 +2802,16 @@ do_ssh2_kex(void)
2240 + static int in_cleanup = 0;
2241 + int is_privsep_child;
2243 + /* cleanup_exit can be called at the very least from the privsep
2244 + wrappers used for auditing. Make sure we don't recurse
2251 do_cleanup(the_authctxt);
2252 if (use_privsep && privsep_is_preauth &&
2253 @@ -2714,9 +2823,14 @@ cleanup_exit(int i)
2254 pmonitor->m_pid, strerror(errno));
2257 + is_privsep_child = use_privsep && pmonitor != NULL && pmonitor->m_pid == 0;
2258 + if (sensitive_data.host_keys != NULL)
2259 + destroy_sensitive_data(is_privsep_child);
2260 + packet_destroy_all(1, is_privsep_child);
2261 #ifdef SSH_AUDIT_EVENTS
2262 /* done after do_cleanup so it can cancel the PAM auth 'thread' */
2263 - if (!use_privsep || mm_is_monitor())
2264 + if ((the_authctxt == NULL || !the_authctxt->authenticated) &&
2265 + (!use_privsep || mm_is_monitor()))
2266 audit_event(SSH_CONNECTION_ABANDON);
2269 diff -up openssh-6.8p1/sshkey.c.audit openssh-6.8p1/sshkey.c
2270 --- openssh-6.8p1/sshkey.c.audit 2015-03-17 06:49:20.000000000 +0100
2271 +++ openssh-6.8p1/sshkey.c 2015-03-20 13:41:15.111883751 +0100
2272 @@ -317,6 +319,33 @@ sshkey_type_is_valid_ca(int type)
2276 +sshkey_is_private(const struct sshkey *k)
2278 + switch (k->type) {
2279 + case KEY_RSA_CERT_V00:
2280 + case KEY_RSA_CERT:
2283 + return k->rsa->d != NULL;
2284 + case KEY_DSA_CERT_V00:
2285 + case KEY_DSA_CERT:
2287 + return k->dsa->priv_key != NULL;
2288 +#ifdef OPENSSL_HAS_ECC
2289 + case KEY_ECDSA_CERT:
2291 + return EC_KEY_get0_private_key(k->ecdsa) != NULL;
2293 + case KEY_ED25519_CERT:
2295 + return (k->ed25519_pk != NULL);
2297 + /* fatal("key_is_private: bad key type %d", k->type); */
2303 sshkey_is_cert(const struct sshkey *k)
2306 diff -up openssh-6.8p1/sshkey.h.audit openssh-6.8p1/sshkey.h
2307 --- openssh-6.8p1/sshkey.h.audit 2015-03-17 06:49:20.000000000 +0100
2308 +++ openssh-6.8p1/sshkey.h 2015-03-20 13:41:15.098883772 +0100
2309 @@ -134,6 +134,7 @@ u_int sshkey_size(const struct sshkey
2310 int sshkey_generate(int type, u_int bits, struct sshkey **keyp);
2311 int sshkey_from_private(const struct sshkey *, struct sshkey **);
2312 int sshkey_type_from_name(const char *);
2313 +int sshkey_is_private(const struct sshkey *);
2314 int sshkey_is_cert(const struct sshkey *);
2315 int sshkey_type_is_cert(int);
2316 int sshkey_type_plain(int);
2317 diff -up openssh-6.8p1/sandbox-seccomp-filter.c.audit openssh-6.8p1/sandbox-seccomp-filter.c
2318 --- openssh-6.8p1/sandbox-seccomp-filter.c.audit 2015-03-20 13:41:15.088883788 +0100
2319 +++ openssh-6.8p1/sandbox-seccomp-filter.c 2015-03-20 13:41:15.097883774 +0100
2320 @@ -110,6 +110,12 @@ static const struct sock_filter preauth_
2321 #ifdef __NR_time /* not defined on EABI ARM */
2324 +#ifdef SSH_AUDIT_EVENTS
2326 +#ifdef __NR_getuid32 /* not defined on x86_64 */
2327 + SC_ALLOW(getuid32),