Blame SOURCES/openssh-8.7p1-nohostsha1proof.patch

2bc7a8
diff -up openssh-8.7p1/compat.c.sshrsacheck openssh-8.7p1/compat.c
2bc7a8
--- openssh-8.7p1/compat.c.sshrsacheck	2023-01-12 13:29:06.338710923 +0100
2bc7a8
+++ openssh-8.7p1/compat.c	2023-01-12 13:29:06.357711165 +0100
2bc7a8
@@ -43,6 +43,7 @@ void
2bc7a8
 compat_banner(struct ssh *ssh, const char *version)
2bc7a8
 {
2bc7a8
 	int i;
2bc7a8
+	int forbid_ssh_rsa = 0;
2bc7a8
 	static struct {
2bc7a8
 		char	*pat;
2bc7a8
 		int	bugs;
2bc7a8
@@ -145,16 +146,21 @@ compat_banner(struct ssh *ssh, const cha
2bc7a8
 	};
2bc7a8
 
2bc7a8
 	/* process table, return first match */
2bc7a8
+	forbid_ssh_rsa = (ssh->compat & SSH_RH_RSASIGSHA);
2bc7a8
 	ssh->compat = 0;
2bc7a8
 	for (i = 0; check[i].pat; i++) {
2bc7a8
 		if (match_pattern_list(version, check[i].pat, 0) == 1) {
2bc7a8
 			debug_f("match: %s pat %s compat 0x%08x",
2bc7a8
 			    version, check[i].pat, check[i].bugs);
2bc7a8
 			ssh->compat = check[i].bugs;
2bc7a8
+	if (forbid_ssh_rsa)
2bc7a8
+		ssh->compat |= SSH_RH_RSASIGSHA;
2bc7a8
 			return;
2bc7a8
 		}
2bc7a8
 	}
2bc7a8
 	debug_f("no match: %s", version);
2bc7a8
+	if (forbid_ssh_rsa)
2bc7a8
+		ssh->compat |= SSH_RH_RSASIGSHA;
2bc7a8
 }
2bc7a8
 
2bc7a8
 /* Always returns pointer to allocated memory, caller must free. */
2bc7a8
diff -up openssh-8.7p1/compat.h.sshrsacheck openssh-8.7p1/compat.h
2bc7a8
--- openssh-8.7p1/compat.h.sshrsacheck	2021-08-20 06:03:49.000000000 +0200
2bc7a8
+++ openssh-8.7p1/compat.h	2023-01-12 13:29:06.358711178 +0100
2bc7a8
@@ -30,7 +30,7 @@
2bc7a8
 #define SSH_BUG_UTF8TTYMODE	0x00000001
2bc7a8
 #define SSH_BUG_SIGTYPE		0x00000002
2bc7a8
 #define SSH_BUG_SIGTYPE74	0x00000004
2bc7a8
-/* #define unused		0x00000008 */
2bc7a8
+#define SSH_RH_RSASIGSHA	0x00000008
2bc7a8
 #define SSH_OLD_SESSIONID	0x00000010
2bc7a8
 /* #define unused		0x00000020 */
2bc7a8
 #define SSH_BUG_DEBUG		0x00000040
2bc7a8
diff -up openssh-8.7p1/serverloop.c.sshrsacheck openssh-8.7p1/serverloop.c
2bc7a8
--- openssh-8.7p1/serverloop.c.sshrsacheck	2023-01-12 14:57:08.118400073 +0100
2bc7a8
+++ openssh-8.7p1/serverloop.c	2023-01-12 14:59:17.330470518 +0100
2bc7a8
@@ -737,6 +737,10 @@ server_input_hostkeys_prove(struct ssh *
2bc7a8
 			else if (ssh->kex->flags & KEX_RSA_SHA2_256_SUPPORTED)
2bc7a8
 				sigalg = "rsa-sha2-256";
2bc7a8
 		}
2bc7a8
+		if (ssh->compat & SSH_RH_RSASIGSHA && sigalg == NULL) {
2bc7a8
+			sigalg = "rsa-sha2-512";
2bc7a8
+			debug3_f("SHA1 signature is not supported, falling back to %s", sigalg);
2bc7a8
+		}
2bc7a8
 		debug3_f("sign %s key (index %d) using sigalg %s",
2bc7a8
 		sshkey_type(key), ndx, sigalg == NULL ? "default" : sigalg);
2bc7a8
 		if ((r = sshbuf_put_cstring(sigbuf,
2bc7a8
diff -up openssh-8.7p1/sshd.c.sshrsacheck openssh-8.7p1/sshd.c
2bc7a8
--- openssh-8.7p1/sshd.c.sshrsacheck	2023-01-12 13:29:06.355711140 +0100
2bc7a8
+++ openssh-8.7p1/sshd.c	2023-01-12 13:29:06.358711178 +0100
2bc7a8
@@ -1640,6 +1651,7 @@ main(int ac, char **av)
2bc7a8
 	int keytype;
2bc7a8
 	Authctxt *authctxt;
2bc7a8
 	struct connection_info *connection_info = NULL;
2bc7a8
+	int forbid_ssh_rsa = 0;
2bc7a8
 
2bc7a8
 #ifdef HAVE_SECUREWARE
2bc7a8
 	(void)set_auth_parameters(ac, av);
2bc7a8
@@ -1938,6 +1950,19 @@ main(int ac, char **av)
2bc7a8
 		    key = NULL;
2bc7a8
 		    continue;
2bc7a8
 		}
2bc7a8
+		if (key && (sshkey_type_plain(key->type) == KEY_RSA || sshkey_type_plain(key->type) == KEY_RSA_CERT)) {
2bc7a8
+		    size_t sign_size = 0;
2bc7a8
+		    u_char *tmp = NULL;
2bc7a8
+		    u_char data[] = "Test SHA1 vector";
2bc7a8
+		    int res;
2bc7a8
+
2bc7a8
+		    res = ssh_rsa_sign(key, &tmp, &sign_size, data, sizeof(data), NULL);
2bc7a8
+		    free(tmp);
2bc7a8
+		    if (res == SSH_ERR_LIBCRYPTO_ERROR) {
2bc7a8
+			logit_f("sshd: ssh-rsa algorithm is disabled");
2bc7a8
+		    	forbid_ssh_rsa = 1;
2bc7a8
+		    }
2bc7a8
+		}
2bc7a8
 		if (sshkey_is_sk(key) &&
2bc7a8
 		    key->sk_flags & SSH_SK_USER_PRESENCE_REQD) {
2bc7a8
 			debug("host key %s requires user presence, ignoring",
2bc7a8
@@ -2275,6 +2306,9 @@ main(int ac, char **av)
2bc7a8
 
2bc7a8
 	check_ip_options(ssh);
2bc7a8
 
2bc7a8
+	if (forbid_ssh_rsa)
2bc7a8
+		ssh->compat |= SSH_RH_RSASIGSHA;
2bc7a8
+
2bc7a8
 	/* Prepare the channels layer */
2bc7a8
 	channel_init_channels(ssh);
2bc7a8
 	channel_set_af(ssh, options.address_family);