untrusted comment: verify with openbsd-72-base.pub

untrusted comment: verify with openbsd-72-base.pub
RWQTKNnK3CZZ8CZbJoe2AYVyXoqs65KK6MW/cYstAyqvdkfxmIxGqLUSU3p6udcx5H3Ia7qHmytYCF9iu5zl3im3YFRSbsGzUwM=

OpenBSD 7.2 errata 032, July 19, 2023:

In ssh-agent(1)'s PKCS#11 provider support, remote execution was
possible due to controllable access in low-quality libraries. In
addition to fixing this, the ability to remotely load PKCS#11
libraries is now disabled by default (re-enable with
'-Oallow-remote-pkcs11').

Apply by doing:
signify -Vep /etc/signify/openbsd-72-base.pub \
-x 032_ssh_agent.patch.sig -m - | (cd /usr/src && patch -p0)

And then rebuild and install ssh-agent(1) and ssh-pkcs11-helper(8).
cd /usr/src/usr.bin/ssh
make obj
make
make install

Index: usr.bin/ssh/ssh-agent.1
===================================================================
RCS file: /cvs/src/usr.bin/ssh/ssh-agent.1,v
diff -u -p -u -r1.73 ssh-agent.1
--- usr.bin/ssh/ssh-agent.1 31 Mar 2022 17:27:27 -0000 1.73
+++ usr.bin/ssh/ssh-agent.1 14 Jul 2023 12:17:25 -0000
@@ -34,7 +34,7 @@
.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
.\"
-.Dd $Mdocdate: March 31 2022 $
+.Dd $Mdocdate: October 7 2022 $
.Dt SSH-AGENT 1
.Os
.Sh NAME
@@ -46,11 +46,13 @@
.Op Fl \&Dd
.Op Fl a Ar bind_address
.Op Fl E Ar fingerprint_hash
+.Op Fl O Ar option
.Op Fl P Ar allowed_providers
.Op Fl t Ar life
.Nm ssh-agent
.Op Fl a Ar bind_address
.Op Fl E Ar fingerprint_hash
+.Op Fl O Ar option
.Op Fl P Ar allowed_providers
.Op Fl t Ar life
.Ar command Op Ar arg ...
@@ -102,6 +104,45 @@ The default is
Kill the current agent (given by the
.Ev SSH_AGENT_PID
environment variable).
+.It Fl O Ar option
+Specify an option when starting
+.Nm .
+Currently two options are supported:
+.Cm allow-remote-pkcs11
+and
+.Cm no-restrict-websafe .
+.Pp
+The
+.Cm allow-remote-pkcs11
+option allows clients of a forwarded
+.Nm
+to load PKCS#11 or FIDO provider libraries.
+By default only local clients may perform this operation.
+Note that signalling that a
+.Nm
+client remote is performed by
+.Xr ssh 1 ,
+and use of other tools to forward access to the agent socket may circumvent
+this restriction.
+.Pp
+The
+.Cm no-restrict-websafe ,
+instructs
+.Nm
+to permit signatures using FIDO keys that might be web authentication
+requests.
+By default,
+.Nm
+refuses signature requests for FIDO keys where the key application string
+does not start with
+.Dq ssh:
+and when the data to be signed does not appear to be a
+.Xr ssh 1
+user authentication request or a
+.Xr ssh-keygen 1
+signature.
+The default behaviour prevents forwarded access to a FIDO key from also
+implicitly forwarding the ability to authenticate to websites.
.It Fl P Ar allowed_providers
Specify a pattern-list of acceptable paths for PKCS#11 provider and FIDO
authenticator middleware shared libraries that may be used with the
@@ -157,7 +198,8 @@ which in turn can be evaluated in the ca
.Pp
In both cases,
.Xr ssh 1
-looks at these environment variables and uses them to establish a connection to the agent.
+looks at these environment variables
+and uses them to establish a connection to the agent.
.Pp
The agent initially does not have any private keys.
Keys are added using
Index: usr.bin/ssh/ssh-agent.c
===================================================================
RCS file: /cvs/src/usr.bin/ssh/ssh-agent.c,v
diff -u -p -u -r1.292 ssh-agent.c
--- usr.bin/ssh/ssh-agent.c 17 Sep 2022 10:11:29 -0000 1.292
+++ usr.bin/ssh/ssh-agent.c 14 Jul 2023 12:09:42 -0000
@@ -158,6 +158,12 @@ char socket_dir[PATH_MAX];
/* Pattern-list of allowed PKCS#11/Security key paths */
static char *allowed_providers;

+/*
+ * Allows PKCS11 providers or SK keys that use non-internal providers to
+ * be added over a remote connection (identified by [email protected]).
+ */
+static int remote_add_provider;
+
/* locking */
#define LOCK_SIZE 32
#define LOCK_SALT_SIZE 16
@@ -1217,6 +1223,12 @@ process_add_identity(SocketEntry *e)
if (strcasecmp(sk_provider, "internal") == 0) {
debug_f("internal provider");
} else {
+ if (e->nsession_ids != 0 && !remote_add_provider) {
+ verbose("failed add of SK provider \"%.100s\": "
+ "remote addition of providers is disabled",
+ sk_provider);
+ goto out;
+ }
if (realpath(sk_provider, canonical_provider) == NULL) {
verbose("failed provider \"%.100s\": "
"realpath: %s", sk_provider,
@@ -1380,6 +1392,11 @@ process_add_smartcard_key(SocketEntry *e
error_f("failed to parse constraints");
goto send;
}
+ if (e->nsession_ids != 0 && !remote_add_provider) {
+ verbose("failed PKCS#11 add of \"%.100s\": remote addition of "
+ "providers is disabled", provider);
+ goto send;
+ }
if (realpath(provider, canonical_provider) == NULL) {
verbose("failed PKCS#11 add of \"%.100s\": realpath: %s",
provider, strerror(errno));
@@ -2035,7 +2052,9 @@ main(int ac, char **av)
break;
case 'O':
if (strcmp(optarg, "no-restrict-websafe") == 0)
- restrict_websafe = 0;
+ restrict_websafe = 0;
+ else if (strcmp(optarg, "allow-remote-pkcs11") == 0)
+ remote_add_provider = 1;
else
fatal("Unknown -O option");
break;
Index: usr.bin/ssh/ssh-pkcs11.c
===================================================================
RCS file: /cvs/src/usr.bin/ssh/ssh-pkcs11.c,v
diff -u -p -u -r1.55 ssh-pkcs11.c
--- usr.bin/ssh/ssh-pkcs11.c 18 Nov 2021 21:11:01 -0000 1.55
+++ usr.bin/ssh/ssh-pkcs11.c 14 Jul 2023 12:09:42 -0000
@@ -1512,10 +1512,8 @@ pkcs11_register_provider(char *provider_
error("dlopen %s failed: %s", provider_id, dlerror());
goto fail;
}
- if ((getfunctionlist = dlsym(handle, "C_GetFunctionList")) == NULL) {
- error("dlsym(C_GetFunctionList) failed: %s", dlerror());
- goto fail;
- }
+ if ((getfunctionlist = dlsym(handle, "C_GetFunctionList")) == NULL)
+ fatal("dlsym(C_GetFunctionList) failed: %s", dlerror());
p = xcalloc(1, sizeof(*p));
p->name = xstrdup(provider_id);
p->handle = handle;