[gsi-openssh/f21] Based on openssh-6.6.1p1-5.fc21
Mattias Ellert
ellert at fedoraproject.org
Wed Oct 22 17:09:15 UTC 2014
commit 913439ce706adfb8b47df683bbf36c9ff739667d
Author: Mattias Ellert <mattias.ellert at fysast.uu.se>
Date: Wed Oct 22 19:07:34 2014 +0200
Based on openssh-6.6.1p1-5.fc21
gsi-openssh.spec | 27 +-
openssh-6.6.1p1-NI_MAXHOST.patch | 76 +++
openssh-6.6.1p1-partial-success.patch | 16 +
openssh-6.6.1p1-utf8-banner.patch | 994 +++++++++++++++++++++++++++++++++
openssh-6.6p1-audit.patch | 26 +-
openssh-6.6p1-fips.patch | 25 +-
openssh-6.6p1-set_remote_ipaddr.patch | 87 +++
7 files changed, 1228 insertions(+), 23 deletions(-)
---
diff --git a/gsi-openssh.spec b/gsi-openssh.spec
index 52bb233..161c235 100644
--- a/gsi-openssh.spec
+++ b/gsi-openssh.spec
@@ -29,12 +29,12 @@
%global ldap 1
%global openssh_ver 6.6.1p1
-%global openssh_rel 1
+%global openssh_rel 2
Summary: An implementation of the SSH protocol with GSI authentication
Name: gsi-openssh
Version: %{openssh_ver}
-Release: %{openssh_rel}%{?dist}.1
+Release: %{openssh_rel}%{?dist}
Provides: gsissh = %{version}-%{release}
Obsoletes: gsissh < 5.8p2-2
URL: http://www.openssh.com/portable.html
@@ -136,6 +136,18 @@ Patch908: openssh-6.6p1-CVE-2014-2653.patch
# OpenSSH 6.5 and 6.6 sometimes encode a value used in the curve25519 key exchange incorrectly
# Disable the curve25519 KEX when speaking to OpenSSH 6.5 or 6.6
Patch909: openssh-5618210618256bbf5f4f71b2887ff186fd451736.patch
+# standardise on NI_MAXHOST for gethostname() string lengths (#1051490)
+Patch910: openssh-6.6.1p1-NI_MAXHOST.patch
+# set a client's address right after a connection is set
+# http://bugzilla.mindrot.org/show_bug.cgi?id=2257
+Patch911: openssh-6.6p1-set_remote_ipaddr.patch
+# apply RFC3454 stringprep to banners when possible
+# https://bugzilla.mindrot.org/show_bug.cgi?id=2058
+# slightly changed patch from comment 10
+Patch912: openssh-6.6.1p1-utf8-banner.patch
+# don't consider a partial success as a failure
+# https://bugzilla.mindrot.org/show_bug.cgi?id=2270
+Patch913: openssh-6.6.1p1-partial-success.patch
# This is the patch that adds GSI support
# Based on http://grid.ncsa.illinois.edu/ssh/dl/patch/openssh-6.6p1.patch
@@ -285,6 +297,10 @@ This version of OpenSSH has been modified to support GSI authentication.
%patch907 -p1 -b .CLOCK_BOOTTIME
%patch908 -p1 -b .CVE-2014-2653
%patch909 -p1 -b .6.6.1
+%patch910 -p1 -b .NI_MAXHOST
+%patch911 -p1 -b .set_remote_ipaddr
+%patch912 -p1 -b .utf8-banner
+%patch913 -p1 -b .partial-success
%patch200 -p1 -b .audit
%patch700 -p1 -b .fips
@@ -457,7 +473,9 @@ getent passwd sshd >/dev/null || \
%files
%defattr(-,root,root)
-%doc CREDITS ChangeLog INSTALL LICENCE LICENSE.globus_usage OVERVIEW PROTOCOL* README README.platform README.privsep README.tun README.dns README.sshd-and-gsisshd TODO
+%{!?_licensedir:%global license %%doc}
+%license LICENCE LICENSE.globus_usage
+%doc CREDITS ChangeLog INSTALL OVERVIEW PROTOCOL* README README.platform README.privsep README.tun README.dns README.sshd-and-gsisshd TODO
%attr(0755,root,root) %dir %{_sysconfdir}/gsissh
%attr(0644,root,root) %config(noreplace) %{_sysconfdir}/gsissh/moduli
%attr(0755,root,root) %{_bindir}/gsissh-keygen
@@ -501,6 +519,9 @@ getent passwd sshd >/dev/null || \
%attr(0644,root,root) %{_unitdir}/gsisshd-keygen.service
%changelog
+* Wed Oct 22 2014 Mattias Ellert <mattias.ellert at fysast.uu.se> - 6.6.1p1-2
+- Based on openssh-6.6.1p1-5.fc21
+
* Sat Aug 16 2014 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 6.6.1p1-1.1
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
diff --git a/openssh-6.6.1p1-NI_MAXHOST.patch b/openssh-6.6.1p1-NI_MAXHOST.patch
new file mode 100644
index 0000000..7eeee50
--- /dev/null
+++ b/openssh-6.6.1p1-NI_MAXHOST.patch
@@ -0,0 +1,76 @@
+diff --git a/ChangeLog b/ChangeLog
+index 928999d..3887495 100644
+--- a/ChangeLog
++++ b/ChangeLog
+@@ -1,3 +1,10 @@
++20140703
++ - OpenBSD CVS Sync
++ - djm at cvs.openbsd.org 2014/07/03 03:34:09
++ [gss-serv.c session.c ssh-keygen.c]
++ standardise on NI_MAXHOST for gethostname() string lengths; about
++ 1/2 the cases were using it already. Fixes bz#2239 en passant
++
+ 20140420
+ - (djm) [bufaux.c compat.c compat.h sshconnect2.c sshd.c version.h]
+ OpenSSH 6.5 and 6.6 sometimes encode a value used in the curve25519
+diff --git a/gss-serv.c b/gss-serv.c
+index 14f540e..29916d3 100644
+--- a/gss-serv.c
++++ b/gss-serv.c
+@@ -1,4 +1,4 @@
+-/* $OpenBSD: gss-serv.c,v 1.26 2014/02/26 20:28:44 djm Exp $ */
++/* $OpenBSD: gss-serv.c,v 1.27 2014/07/03 03:34:09 djm Exp $ */
+
+ /*
+ * Copyright (c) 2001-2003 Simon Wilkinson. All rights reserved.
+@@ -102,14 +102,14 @@ static OM_uint32
+ ssh_gssapi_acquire_cred(Gssctxt *ctx)
+ {
+ OM_uint32 status;
+- char lname[MAXHOSTNAMELEN];
++ char lname[NI_MAXHOST];
+ gss_OID_set oidset;
+
+ if (options.gss_strict_acceptor) {
+ gss_create_empty_oid_set(&status, &oidset);
+ gss_add_oid_set_member(&status, ctx->oid, &oidset);
+
+- if (gethostname(lname, MAXHOSTNAMELEN)) {
++ if (gethostname(lname, sizeof(lname))) {
+ gss_release_oid_set(&status, &oidset);
+ return (-1);
+ }
+diff --git a/session.c b/session.c
+index ba4589b..e4add93 100644
+--- a/session.c
++++ b/session.c
+@@ -49,6 +49,7 @@
+ #include <errno.h>
+ #include <fcntl.h>
+ #include <grp.h>
++#include <netdb.h>
+ #ifdef HAVE_PATHS_H
+ #include <paths.h>
+ #endif
+@@ -2669,7 +2670,7 @@ session_setup_x11fwd(Session *s)
+ {
+ struct stat st;
+ char display[512], auth_display[512];
+- char hostname[MAXHOSTNAMELEN];
++ char hostname[NI_MAXHOST];
+ u_int i;
+
+ if (no_x11_forwarding_flag) {
+diff --git a/ssh-keygen.c b/ssh-keygen.c
+index 482dc1c..66198e6 100644
+--- a/ssh-keygen.c
++++ b/ssh-keygen.c
+@@ -165,7 +165,7 @@ int rounds = 0;
+ /* argv0 */
+ extern char *__progname;
+
+-char hostname[MAXHOSTNAMELEN];
++char hostname[NI_MAXHOST];
+
+ /* moduli.c */
+ int gen_candidates(FILE *, u_int32_t, u_int32_t, BIGNUM *);
diff --git a/openssh-6.6.1p1-partial-success.patch b/openssh-6.6.1p1-partial-success.patch
new file mode 100644
index 0000000..b5c61cf
--- /dev/null
+++ b/openssh-6.6.1p1-partial-success.patch
@@ -0,0 +1,16 @@
+diff --git a/auth2.c b/auth2.c
+index d9b440a..ec0bf12 100644
+--- a/auth2.c
++++ b/auth2.c
+@@ -355,8 +355,9 @@ userauth_finish(Authctxt *authctxt, int authenticated, const char *method,
+ authctxt->success = 1;
+ } else {
+
+- /* Allow initial try of "none" auth without failure penalty */
+- if (!authctxt->server_caused_failure &&
++ /* Allow initial try of "none" auth without failure penalty
++ * Partial succes is not failure */
++ if (!authctxt->server_caused_failure && !partial &&
+ (authctxt->attempt > 1 || strcmp(method, "none") != 0))
+ authctxt->failures++;
+ if (authctxt->failures >= options.max_authtries) {
diff --git a/openssh-6.6.1p1-utf8-banner.patch b/openssh-6.6.1p1-utf8-banner.patch
new file mode 100644
index 0000000..1ab8ade
--- /dev/null
+++ b/openssh-6.6.1p1-utf8-banner.patch
@@ -0,0 +1,994 @@
+diff --git a/Makefile.in b/Makefile.in
+index 2ad26ff..0f0d39f 100644
+--- a/Makefile.in
++++ b/Makefile.in
+@@ -81,7 +81,7 @@ LIBSSH_OBJS=authfd.o authfile.o bufaux.o bufbn.o buffer.o \
+ msg.o progressmeter.o dns.o entropy.o gss-genr.o umac.o umac128.o \
+ ssh-pkcs11.o krl.o smult_curve25519_ref.o \
+ kexc25519.o kexc25519c.o poly1305.o chacha.o cipher-chachapoly.o \
+- ssh-ed25519.o digest-openssl.o hmac.o \
++ ssh-ed25519.o digest-openssl.o hmac.o utf8_stringprep.o \
+ sc25519.o ge25519.o fe25519.o ed25519.o verify.o hash.o blocks.o
+
+ SSHOBJS= ssh.o readconf.o clientloop.o sshtty.o \
+diff --git a/misc.h b/misc.h
+index d4df619..d98b83d 100644
+--- a/misc.h
++++ b/misc.h
+@@ -106,4 +106,7 @@ char *read_passphrase(const char *, int);
+ int ask_permission(const char *, ...) __attribute__((format(printf, 1, 2)));
+ int read_keyfile_line(FILE *, const char *, char *, size_t, u_long *);
+
++/* utf8_stringprep.c */
++int utf8_stringprep(const char *, char *, size_t);
++
+ #endif /* _MISC_H */
+diff --git a/sshconnect2.c b/sshconnect2.c
+index b00658b..08064f4 100644
+--- a/sshconnect2.c
++++ b/sshconnect2.c
+@@ -33,6 +33,8 @@
+
+ #include <errno.h>
+ #include <fcntl.h>
++#include <langinfo.h>
++#include <locale.h>
+ #include <netdb.h>
+ #include <pwd.h>
+ #include <signal.h>
+@@ -519,21 +521,51 @@ input_userauth_error(int type, u_int32_t seq, void *ctxt)
+ "type %d", type);
+ }
+
++/* Check whether we can display UTF-8 safely */
++static int
++utf8_ok(void)
++{
++ static int ret = -1;
++ char *cp;
++
++ if (ret == -1) {
++ setlocale(LC_CTYPE, "");
++ cp = nl_langinfo(CODESET);
++ ret = strcmp(cp, "UTF-8") == 0;
++ }
++ return ret;
++}
++
+ /* ARGSUSED */
+ void
+ input_userauth_banner(int type, u_int32_t seq, void *ctxt)
+ {
+ char *msg, *raw, *lang;
+- u_int len;
++ u_int done, len;
+
+ debug3("input_userauth_banner");
++
+ raw = packet_get_string(&len);
+ lang = packet_get_string(NULL);
+ if (len > 0 && options.log_level >= SYSLOG_LEVEL_INFO) {
+ if (len > 65536)
+ len = 65536;
+ msg = xmalloc(len * 4 + 1); /* max expansion from strnvis() */
+- strnvis(msg, raw, len * 4 + 1, VIS_SAFE|VIS_OCTAL|VIS_NOSLASH);
++ done = 0;
++ if (utf8_ok()) {
++ if (utf8_stringprep(raw, msg, len * 4 + 1) == 0)
++ done = 1;
++ else
++ debug2("%s: UTF8 stringprep failed", __func__);
++ }
++ /*
++ * Fallback to strnvis if UTF8 display not supported or
++ * conversion failed.
++ */
++ if (!done) {
++ strnvis(msg, raw, len * 4 + 1,
++ VIS_SAFE|VIS_OCTAL|VIS_NOSLASH);
++ }
+ fprintf(stderr, "%s", msg);
+ free(msg);
+ }
+diff --git a/stringprep-tables.c b/stringprep-tables.c
+new file mode 100644
+index 0000000..49f4d9d
+--- /dev/null
++++ b/stringprep-tables.c
+@@ -0,0 +1,661 @@
++/* Public domain. */
++
++/* $OpenBSD$ */
++
++/*
++ * Tables for RFC3454 stringprep algorithm, updated with a table of allocated
++ * characters generated from Unicode.6.2's UnicodeData.txt
++ *
++ * Intended to be included directly from utf8_stringprep.c
++ */
++
++/* Unassigned characters in Unicode 6.2 */
++static const struct u32_range unassigned[] = {
++ { 0x0378, 0x0379 },
++ { 0x037F, 0x0383 },
++ { 0x038B, 0x038B },
++ { 0x038D, 0x038D },
++ { 0x03A2, 0x03A2 },
++ { 0x0528, 0x0530 },
++ { 0x0557, 0x0558 },
++ { 0x0560, 0x0560 },
++ { 0x0588, 0x0588 },
++ { 0x058B, 0x058E },
++ { 0x0590, 0x0590 },
++ { 0x05C8, 0x05CF },
++ { 0x05EB, 0x05EF },
++ { 0x05F5, 0x05FF },
++ { 0x0605, 0x0605 },
++ { 0x061C, 0x061D },
++ { 0x070E, 0x070E },
++ { 0x074B, 0x074C },
++ { 0x07B2, 0x07BF },
++ { 0x07FB, 0x07FF },
++ { 0x082E, 0x082F },
++ { 0x083F, 0x083F },
++ { 0x085C, 0x085D },
++ { 0x085F, 0x089F },
++ { 0x08A1, 0x08A1 },
++ { 0x08AD, 0x08E3 },
++ { 0x08FF, 0x08FF },
++ { 0x0978, 0x0978 },
++ { 0x0980, 0x0980 },
++ { 0x0984, 0x0984 },
++ { 0x098D, 0x098E },
++ { 0x0991, 0x0992 },
++ { 0x09A9, 0x09A9 },
++ { 0x09B1, 0x09B1 },
++ { 0x09B3, 0x09B5 },
++ { 0x09BA, 0x09BB },
++ { 0x09C5, 0x09C6 },
++ { 0x09C9, 0x09CA },
++ { 0x09CF, 0x09D6 },
++ { 0x09D8, 0x09DB },
++ { 0x09DE, 0x09DE },
++ { 0x09E4, 0x09E5 },
++ { 0x09FC, 0x0A00 },
++ { 0x0A04, 0x0A04 },
++ { 0x0A0B, 0x0A0E },
++ { 0x0A11, 0x0A12 },
++ { 0x0A29, 0x0A29 },
++ { 0x0A31, 0x0A31 },
++ { 0x0A34, 0x0A34 },
++ { 0x0A37, 0x0A37 },
++ { 0x0A3A, 0x0A3B },
++ { 0x0A3D, 0x0A3D },
++ { 0x0A43, 0x0A46 },
++ { 0x0A49, 0x0A4A },
++ { 0x0A4E, 0x0A50 },
++ { 0x0A52, 0x0A58 },
++ { 0x0A5D, 0x0A5D },
++ { 0x0A5F, 0x0A65 },
++ { 0x0A76, 0x0A80 },
++ { 0x0A84, 0x0A84 },
++ { 0x0A8E, 0x0A8E },
++ { 0x0A92, 0x0A92 },
++ { 0x0AA9, 0x0AA9 },
++ { 0x0AB1, 0x0AB1 },
++ { 0x0AB4, 0x0AB4 },
++ { 0x0ABA, 0x0ABB },
++ { 0x0AC6, 0x0AC6 },
++ { 0x0ACA, 0x0ACA },
++ { 0x0ACE, 0x0ACF },
++ { 0x0AD1, 0x0ADF },
++ { 0x0AE4, 0x0AE5 },
++ { 0x0AF2, 0x0B00 },
++ { 0x0B04, 0x0B04 },
++ { 0x0B0D, 0x0B0E },
++ { 0x0B11, 0x0B12 },
++ { 0x0B29, 0x0B29 },
++ { 0x0B31, 0x0B31 },
++ { 0x0B34, 0x0B34 },
++ { 0x0B3A, 0x0B3B },
++ { 0x0B45, 0x0B46 },
++ { 0x0B49, 0x0B4A },
++ { 0x0B4E, 0x0B55 },
++ { 0x0B58, 0x0B5B },
++ { 0x0B5E, 0x0B5E },
++ { 0x0B64, 0x0B65 },
++ { 0x0B78, 0x0B81 },
++ { 0x0B84, 0x0B84 },
++ { 0x0B8B, 0x0B8D },
++ { 0x0B91, 0x0B91 },
++ { 0x0B96, 0x0B98 },
++ { 0x0B9B, 0x0B9B },
++ { 0x0B9D, 0x0B9D },
++ { 0x0BA0, 0x0BA2 },
++ { 0x0BA5, 0x0BA7 },
++ { 0x0BAB, 0x0BAD },
++ { 0x0BBA, 0x0BBD },
++ { 0x0BC3, 0x0BC5 },
++ { 0x0BC9, 0x0BC9 },
++ { 0x0BCE, 0x0BCF },
++ { 0x0BD1, 0x0BD6 },
++ { 0x0BD8, 0x0BE5 },
++ { 0x0BFB, 0x0C00 },
++ { 0x0C04, 0x0C04 },
++ { 0x0C0D, 0x0C0D },
++ { 0x0C11, 0x0C11 },
++ { 0x0C29, 0x0C29 },
++ { 0x0C34, 0x0C34 },
++ { 0x0C3A, 0x0C3C },
++ { 0x0C45, 0x0C45 },
++ { 0x0C49, 0x0C49 },
++ { 0x0C4E, 0x0C54 },
++ { 0x0C57, 0x0C57 },
++ { 0x0C5A, 0x0C5F },
++ { 0x0C64, 0x0C65 },
++ { 0x0C70, 0x0C77 },
++ { 0x0C80, 0x0C81 },
++ { 0x0C84, 0x0C84 },
++ { 0x0C8D, 0x0C8D },
++ { 0x0C91, 0x0C91 },
++ { 0x0CA9, 0x0CA9 },
++ { 0x0CB4, 0x0CB4 },
++ { 0x0CBA, 0x0CBB },
++ { 0x0CC5, 0x0CC5 },
++ { 0x0CC9, 0x0CC9 },
++ { 0x0CCE, 0x0CD4 },
++ { 0x0CD7, 0x0CDD },
++ { 0x0CDF, 0x0CDF },
++ { 0x0CE4, 0x0CE5 },
++ { 0x0CF0, 0x0CF0 },
++ { 0x0CF3, 0x0D01 },
++ { 0x0D04, 0x0D04 },
++ { 0x0D0D, 0x0D0D },
++ { 0x0D11, 0x0D11 },
++ { 0x0D3B, 0x0D3C },
++ { 0x0D45, 0x0D45 },
++ { 0x0D49, 0x0D49 },
++ { 0x0D4F, 0x0D56 },
++ { 0x0D58, 0x0D5F },
++ { 0x0D64, 0x0D65 },
++ { 0x0D76, 0x0D78 },
++ { 0x0D80, 0x0D81 },
++ { 0x0D84, 0x0D84 },
++ { 0x0D97, 0x0D99 },
++ { 0x0DB2, 0x0DB2 },
++ { 0x0DBC, 0x0DBC },
++ { 0x0DBE, 0x0DBF },
++ { 0x0DC7, 0x0DC9 },
++ { 0x0DCB, 0x0DCE },
++ { 0x0DD5, 0x0DD5 },
++ { 0x0DD7, 0x0DD7 },
++ { 0x0DE0, 0x0DF1 },
++ { 0x0DF5, 0x0E00 },
++ { 0x0E3B, 0x0E3E },
++ { 0x0E5C, 0x0E80 },
++ { 0x0E83, 0x0E83 },
++ { 0x0E85, 0x0E86 },
++ { 0x0E89, 0x0E89 },
++ { 0x0E8B, 0x0E8C },
++ { 0x0E8E, 0x0E93 },
++ { 0x0E98, 0x0E98 },
++ { 0x0EA0, 0x0EA0 },
++ { 0x0EA4, 0x0EA4 },
++ { 0x0EA6, 0x0EA6 },
++ { 0x0EA8, 0x0EA9 },
++ { 0x0EAC, 0x0EAC },
++ { 0x0EBA, 0x0EBA },
++ { 0x0EBE, 0x0EBF },
++ { 0x0EC5, 0x0EC5 },
++ { 0x0EC7, 0x0EC7 },
++ { 0x0ECE, 0x0ECF },
++ { 0x0EDA, 0x0EDB },
++ { 0x0EE0, 0x0EFF },
++ { 0x0F48, 0x0F48 },
++ { 0x0F6D, 0x0F70 },
++ { 0x0F98, 0x0F98 },
++ { 0x0FBD, 0x0FBD },
++ { 0x0FCD, 0x0FCD },
++ { 0x0FDB, 0x0FFF },
++ { 0x10C6, 0x10C6 },
++ { 0x10C8, 0x10CC },
++ { 0x10CE, 0x10CF },
++ { 0x1249, 0x1249 },
++ { 0x124E, 0x124F },
++ { 0x1257, 0x1257 },
++ { 0x1259, 0x1259 },
++ { 0x125E, 0x125F },
++ { 0x1289, 0x1289 },
++ { 0x128E, 0x128F },
++ { 0x12B1, 0x12B1 },
++ { 0x12B6, 0x12B7 },
++ { 0x12BF, 0x12BF },
++ { 0x12C1, 0x12C1 },
++ { 0x12C6, 0x12C7 },
++ { 0x12D7, 0x12D7 },
++ { 0x1311, 0x1311 },
++ { 0x1316, 0x1317 },
++ { 0x135B, 0x135C },
++ { 0x137D, 0x137F },
++ { 0x139A, 0x139F },
++ { 0x13F5, 0x13FF },
++ { 0x169D, 0x169F },
++ { 0x16F1, 0x16FF },
++ { 0x170D, 0x170D },
++ { 0x1715, 0x171F },
++ { 0x1737, 0x173F },
++ { 0x1754, 0x175F },
++ { 0x176D, 0x176D },
++ { 0x1771, 0x1771 },
++ { 0x1774, 0x177F },
++ { 0x17DE, 0x17DF },
++ { 0x17EA, 0x17EF },
++ { 0x17FA, 0x17FF },
++ { 0x180F, 0x180F },
++ { 0x181A, 0x181F },
++ { 0x1878, 0x187F },
++ { 0x18AB, 0x18AF },
++ { 0x18F6, 0x18FF },
++ { 0x191D, 0x191F },
++ { 0x192C, 0x192F },
++ { 0x193C, 0x193F },
++ { 0x1941, 0x1943 },
++ { 0x196E, 0x196F },
++ { 0x1975, 0x197F },
++ { 0x19AC, 0x19AF },
++ { 0x19CA, 0x19CF },
++ { 0x19DB, 0x19DD },
++ { 0x1A1C, 0x1A1D },
++ { 0x1A5F, 0x1A5F },
++ { 0x1A7D, 0x1A7E },
++ { 0x1A8A, 0x1A8F },
++ { 0x1A9A, 0x1A9F },
++ { 0x1AAE, 0x1AFF },
++ { 0x1B4C, 0x1B4F },
++ { 0x1B7D, 0x1B7F },
++ { 0x1BF4, 0x1BFB },
++ { 0x1C38, 0x1C3A },
++ { 0x1C4A, 0x1C4C },
++ { 0x1C80, 0x1CBF },
++ { 0x1CC8, 0x1CCF },
++ { 0x1CF7, 0x1CFF },
++ { 0x1DE7, 0x1DFB },
++ { 0x1F16, 0x1F17 },
++ { 0x1F1E, 0x1F1F },
++ { 0x1F46, 0x1F47 },
++ { 0x1F4E, 0x1F4F },
++ { 0x1F58, 0x1F58 },
++ { 0x1F5A, 0x1F5A },
++ { 0x1F5C, 0x1F5C },
++ { 0x1F5E, 0x1F5E },
++ { 0x1F7E, 0x1F7F },
++ { 0x1FB5, 0x1FB5 },
++ { 0x1FC5, 0x1FC5 },
++ { 0x1FD4, 0x1FD5 },
++ { 0x1FDC, 0x1FDC },
++ { 0x1FF0, 0x1FF1 },
++ { 0x1FF5, 0x1FF5 },
++ { 0x1FFF, 0x1FFF },
++ { 0x2065, 0x2069 },
++ { 0x2072, 0x2073 },
++ { 0x208F, 0x208F },
++ { 0x209D, 0x209F },
++ { 0x20BB, 0x20CF },
++ { 0x20F1, 0x20FF },
++ { 0x218A, 0x218F },
++ { 0x23F4, 0x23FF },
++ { 0x2427, 0x243F },
++ { 0x244B, 0x245F },
++ { 0x2700, 0x2700 },
++ { 0x2B4D, 0x2B4F },
++ { 0x2B5A, 0x2BFF },
++ { 0x2C2F, 0x2C2F },
++ { 0x2C5F, 0x2C5F },
++ { 0x2CF4, 0x2CF8 },
++ { 0x2D26, 0x2D26 },
++ { 0x2D28, 0x2D2C },
++ { 0x2D2E, 0x2D2F },
++ { 0x2D68, 0x2D6E },
++ { 0x2D71, 0x2D7E },
++ { 0x2D97, 0x2D9F },
++ { 0x2DA7, 0x2DA7 },
++ { 0x2DAF, 0x2DAF },
++ { 0x2DB7, 0x2DB7 },
++ { 0x2DBF, 0x2DBF },
++ { 0x2DC7, 0x2DC7 },
++ { 0x2DCF, 0x2DCF },
++ { 0x2DD7, 0x2DD7 },
++ { 0x2DDF, 0x2DDF },
++ { 0x2E3C, 0x2E7F },
++ { 0x2E9A, 0x2E9A },
++ { 0x2EF4, 0x2EFF },
++ { 0x2FD6, 0x2FEF },
++ { 0x2FFC, 0x2FFF },
++ { 0x3040, 0x3040 },
++ { 0x3097, 0x3098 },
++ { 0x3100, 0x3104 },
++ { 0x312E, 0x3130 },
++ { 0x318F, 0x318F },
++ { 0x31BB, 0x31BF },
++ { 0x31E4, 0x31EF },
++ { 0x321F, 0x321F },
++ { 0x32FF, 0x32FF },
++ { 0x4DB6, 0x4DBF },
++ { 0x9FA6, 0x9FCB },
++ { 0x9FCD, 0x9FFF },
++ { 0xA48D, 0xA48F },
++ { 0xA4C7, 0xA4CF },
++ { 0xA62C, 0xA63F },
++ { 0xA698, 0xA69E },
++ { 0xA6F8, 0xA6FF },
++ { 0xA78F, 0xA78F },
++ { 0xA794, 0xA79F },
++ { 0xA7AB, 0xA7F7 },
++ { 0xA82C, 0xA82F },
++ { 0xA83A, 0xA83F },
++ { 0xA878, 0xA87F },
++ { 0xA8C5, 0xA8CD },
++ { 0xA8DA, 0xA8DF },
++ { 0xA8FC, 0xA8FF },
++ { 0xA954, 0xA95E },
++ { 0xA97D, 0xA97F },
++ { 0xA9CE, 0xA9CE },
++ { 0xA9DA, 0xA9DD },
++ { 0xA9E0, 0xA9FF },
++ { 0xAA37, 0xAA3F },
++ { 0xAA4E, 0xAA4F },
++ { 0xAA5A, 0xAA5B },
++ { 0xAA7C, 0xAA7F },
++ { 0xAAC3, 0xAADA },
++ { 0xAAF7, 0xAB00 },
++ { 0xAB07, 0xAB08 },
++ { 0xAB0F, 0xAB10 },
++ { 0xAB17, 0xAB1F },
++ { 0xAB27, 0xAB27 },
++ { 0xAB2F, 0xABBF },
++ { 0xABEE, 0xABEF },
++ { 0xABFA, 0xABFF },
++ { 0xD7A4, 0xD7AF },
++ { 0xD7C7, 0xD7CA },
++ { 0xD7FC, 0xD7FF },
++ { 0xFA6E, 0xFA6F },
++ { 0xFADA, 0xFAFF },
++ { 0xFB07, 0xFB12 },
++ { 0xFB18, 0xFB1C },
++ { 0xFB37, 0xFB37 },
++ { 0xFB3D, 0xFB3D },
++ { 0xFB3F, 0xFB3F },
++ { 0xFB42, 0xFB42 },
++ { 0xFB45, 0xFB45 },
++ { 0xFBC2, 0xFBD2 },
++ { 0xFD40, 0xFD4F },
++ { 0xFD90, 0xFD91 },
++ { 0xFDC8, 0xFDCF },
++ { 0xFDFE, 0xFDFF },
++ { 0xFE1A, 0xFE1F },
++ { 0xFE27, 0xFE2F },
++ { 0xFE53, 0xFE53 },
++ { 0xFE67, 0xFE67 },
++ { 0xFE6C, 0xFE6F },
++ { 0xFE75, 0xFE75 },
++ { 0xFEFD, 0xFEFE },
++ { 0xFF00, 0xFF00 },
++ { 0xFFBF, 0xFFC1 },
++ { 0xFFC8, 0xFFC9 },
++ { 0xFFD0, 0xFFD1 },
++ { 0xFFD8, 0xFFD9 },
++ { 0xFFDD, 0xFFDF },
++ { 0xFFE7, 0xFFE7 },
++ { 0xFFEF, 0xFFF8 },
++ { 0x1000C, 0x1000C },
++ { 0x10027, 0x10027 },
++ { 0x1003B, 0x1003B },
++ { 0x1003E, 0x1003E },
++ { 0x1004E, 0x1004F },
++ { 0x1005E, 0x1007F },
++ { 0x100FB, 0x100FF },
++ { 0x10103, 0x10106 },
++ { 0x10134, 0x10136 },
++ { 0x1018B, 0x1018F },
++ { 0x1019C, 0x101CF },
++ { 0x101FE, 0x1027F },
++ { 0x1029D, 0x1029F },
++ { 0x102D1, 0x102FF },
++ { 0x1031F, 0x1031F },
++ { 0x10324, 0x1032F },
++ { 0x1034B, 0x1037F },
++ { 0x1039E, 0x1039E },
++ { 0x103C4, 0x103C7 },
++ { 0x103D6, 0x103FF },
++ { 0x1049E, 0x1049F },
++ { 0x104AA, 0x107FF },
++ { 0x10806, 0x10807 },
++ { 0x10809, 0x10809 },
++ { 0x10836, 0x10836 },
++ { 0x10839, 0x1083B },
++ { 0x1083D, 0x1083E },
++ { 0x10856, 0x10856 },
++ { 0x10860, 0x108FF },
++ { 0x1091C, 0x1091E },
++ { 0x1093A, 0x1093E },
++ { 0x10940, 0x1097F },
++ { 0x109B8, 0x109BD },
++ { 0x109C0, 0x109FF },
++ { 0x10A04, 0x10A04 },
++ { 0x10A07, 0x10A0B },
++ { 0x10A14, 0x10A14 },
++ { 0x10A18, 0x10A18 },
++ { 0x10A34, 0x10A37 },
++ { 0x10A3B, 0x10A3E },
++ { 0x10A48, 0x10A4F },
++ { 0x10A59, 0x10A5F },
++ { 0x10A80, 0x10AFF },
++ { 0x10B36, 0x10B38 },
++ { 0x10B56, 0x10B57 },
++ { 0x10B73, 0x10B77 },
++ { 0x10B80, 0x10BFF },
++ { 0x10C49, 0x10E5F },
++ { 0x10E7F, 0x10FFF },
++ { 0x1104E, 0x11051 },
++ { 0x11070, 0x1107F },
++ { 0x110C2, 0x110CF },
++ { 0x110E9, 0x110EF },
++ { 0x110FA, 0x110FF },
++ { 0x11135, 0x11135 },
++ { 0x11144, 0x1117F },
++ { 0x111C9, 0x111CF },
++ { 0x111DA, 0x1167F },
++ { 0x116B8, 0x116BF },
++ { 0x116CA, 0x11FFF },
++ { 0x1236F, 0x123FF },
++ { 0x12463, 0x1246F },
++ { 0x12474, 0x12FFF },
++ { 0x1342F, 0x167FF },
++ { 0x16A39, 0x16EFF },
++ { 0x16F45, 0x16F4F },
++ { 0x16F7F, 0x16F8E },
++ { 0x16FA0, 0x1AFFF },
++ { 0x1B002, 0x1CFFF },
++ { 0x1D0F6, 0x1D0FF },
++ { 0x1D127, 0x1D128 },
++ { 0x1D1DE, 0x1D1FF },
++ { 0x1D246, 0x1D2FF },
++ { 0x1D357, 0x1D35F },
++ { 0x1D372, 0x1D3FF },
++ { 0x1D455, 0x1D455 },
++ { 0x1D49D, 0x1D49D },
++ { 0x1D4A0, 0x1D4A1 },
++ { 0x1D4A3, 0x1D4A4 },
++ { 0x1D4A7, 0x1D4A8 },
++ { 0x1D4AD, 0x1D4AD },
++ { 0x1D4BA, 0x1D4BA },
++ { 0x1D4BC, 0x1D4BC },
++ { 0x1D4C4, 0x1D4C4 },
++ { 0x1D506, 0x1D506 },
++ { 0x1D50B, 0x1D50C },
++ { 0x1D515, 0x1D515 },
++ { 0x1D51D, 0x1D51D },
++ { 0x1D53A, 0x1D53A },
++ { 0x1D53F, 0x1D53F },
++ { 0x1D545, 0x1D545 },
++ { 0x1D547, 0x1D549 },
++ { 0x1D551, 0x1D551 },
++ { 0x1D6A6, 0x1D6A7 },
++ { 0x1D7CC, 0x1D7CD },
++ { 0x1D800, 0x1EDFF },
++ { 0x1EE04, 0x1EE04 },
++ { 0x1EE20, 0x1EE20 },
++ { 0x1EE23, 0x1EE23 },
++ { 0x1EE25, 0x1EE26 },
++ { 0x1EE28, 0x1EE28 },
++ { 0x1EE33, 0x1EE33 },
++ { 0x1EE38, 0x1EE38 },
++ { 0x1EE3A, 0x1EE3A },
++ { 0x1EE3C, 0x1EE41 },
++ { 0x1EE43, 0x1EE46 },
++ { 0x1EE48, 0x1EE48 },
++ { 0x1EE4A, 0x1EE4A },
++ { 0x1EE4C, 0x1EE4C },
++ { 0x1EE50, 0x1EE50 },
++ { 0x1EE53, 0x1EE53 },
++ { 0x1EE55, 0x1EE56 },
++ { 0x1EE58, 0x1EE58 },
++ { 0x1EE5A, 0x1EE5A },
++ { 0x1EE5C, 0x1EE5C },
++ { 0x1EE5E, 0x1EE5E },
++ { 0x1EE60, 0x1EE60 },
++ { 0x1EE63, 0x1EE63 },
++ { 0x1EE65, 0x1EE66 },
++ { 0x1EE6B, 0x1EE6B },
++ { 0x1EE73, 0x1EE73 },
++ { 0x1EE78, 0x1EE78 },
++ { 0x1EE7D, 0x1EE7D },
++ { 0x1EE7F, 0x1EE7F },
++ { 0x1EE8A, 0x1EE8A },
++ { 0x1EE9C, 0x1EEA0 },
++ { 0x1EEA4, 0x1EEA4 },
++ { 0x1EEAA, 0x1EEAA },
++ { 0x1EEBC, 0x1EEEF },
++ { 0x1EEF2, 0x1EFFF },
++ { 0x1F02C, 0x1F02F },
++ { 0x1F094, 0x1F09F },
++ { 0x1F0AF, 0x1F0B0 },
++ { 0x1F0BF, 0x1F0C0 },
++ { 0x1F0D0, 0x1F0D0 },
++ { 0x1F0E0, 0x1F0FF },
++ { 0x1F10B, 0x1F10F },
++ { 0x1F12F, 0x1F12F },
++ { 0x1F16C, 0x1F16F },
++ { 0x1F19B, 0x1F1E5 },
++ { 0x1F203, 0x1F20F },
++ { 0x1F23B, 0x1F23F },
++ { 0x1F249, 0x1F24F },
++ { 0x1F252, 0x1F2FF },
++ { 0x1F321, 0x1F32F },
++ { 0x1F336, 0x1F336 },
++ { 0x1F37D, 0x1F37F },
++ { 0x1F394, 0x1F39F },
++ { 0x1F3C5, 0x1F3C5 },
++ { 0x1F3CB, 0x1F3DF },
++ { 0x1F3F1, 0x1F3FF },
++ { 0x1F43F, 0x1F43F },
++ { 0x1F441, 0x1F441 },
++ { 0x1F4F8, 0x1F4F8 },
++ { 0x1F4FD, 0x1F4FF },
++ { 0x1F53E, 0x1F53F },
++ { 0x1F544, 0x1F54F },
++ { 0x1F568, 0x1F5FA },
++ { 0x1F641, 0x1F644 },
++ { 0x1F650, 0x1F67F },
++ { 0x1F6C6, 0x1F6FF },
++ { 0x1F774, 0x1FFFD },
++ { 0x2A6D7, 0x2A6FF },
++ { 0x2A701, 0x2B733 },
++ { 0x2B735, 0x2B73F },
++ { 0x2B741, 0x2B81C },
++ { 0x2B81E, 0x2F7FF },
++ { 0x2FA1E, 0x2FFFD },
++ { 0x30000, 0x3FFFD },
++ { 0x40000, 0x4FFFD },
++ { 0x50000, 0x5FFFD },
++ { 0x60000, 0x6FFFD },
++ { 0x70000, 0x7FFFD },
++ { 0x80000, 0x8FFFD },
++ { 0x90000, 0x9FFFD },
++ { 0xA0000, 0xAFFFD },
++ { 0xB0000, 0xBFFFD },
++ { 0xC0000, 0xCFFFD },
++ { 0xD0000, 0xDFFFD },
++ { 0xE0000, 0xE0000 },
++ { 0xE0002, 0xE001F },
++ { 0xE0080, 0xE00FF },
++ { 0xE01F0, 0xEFFFD },
++};
++
++/* RFC3454 Table B.1 */
++static const struct u32_range map_to_nothing[] = {
++ { 0x00AD, 0x00AD },
++ { 0x034F, 0x034F },
++ { 0x1806, 0x1806 },
++ { 0x180B, 0x180D },
++ { 0x200B, 0x200D },
++ { 0x2060, 0x2060 },
++ { 0xFE00, 0xFE0F },
++ { 0xFEFF, 0xFEFF },
++};
++
++/* Local: allow tab, CR and LF */
++static const struct u32_range whitelist[] = {
++ { 0x09, 0x09 },
++ { 0x0a, 0x0a },
++ { 0x0d, 0x0d },
++};
++
++/* RFC3454 Tables in appendix C */
++static const struct u32_range prohibited[] = {
++ /* C.2.1 ASCII control characters */
++ { 0x0000, 0x001F },
++ { 0x007F, 0x007F },
++ /* C.2.2 Non-ASCII control characters */
++ { 0x0080, 0x009F },
++ { 0x06DD, 0x06DD },
++ { 0x070F, 0x070F },
++ { 0x180E, 0x180E },
++ { 0x200C, 0x200C },
++ { 0x200D, 0x200D },
++ { 0x2028, 0x2028 },
++ { 0x2029, 0x2029 },
++ { 0x2060, 0x2060 },
++ { 0x2061, 0x2061 },
++ { 0x2062, 0x2062 },
++ { 0x2063, 0x2063 },
++ { 0x206A, 0x206F },
++ { 0xFEFF, 0xFEFF },
++ { 0xFFF9, 0xFFFC },
++ { 0x1D173, 0x1D17A },
++ /* C.3 Private use */
++ { 0xE000, 0xF8FF },
++ { 0xF0000, 0xFFFFD },
++ { 0x100000, 0x10FFFD },
++ /* C.4 Non-character code points */
++ { 0xFDD0, 0xFDEF },
++ { 0xFFFE, 0xFFFF },
++ { 0x1FFFE, 0x1FFFF },
++ { 0x2FFFE, 0x2FFFF },
++ { 0x3FFFE, 0x3FFFF },
++ { 0x4FFFE, 0x4FFFF },
++ { 0x5FFFE, 0x5FFFF },
++ { 0x6FFFE, 0x6FFFF },
++ { 0x7FFFE, 0x7FFFF },
++ { 0x8FFFE, 0x8FFFF },
++ { 0x9FFFE, 0x9FFFF },
++ { 0xAFFFE, 0xAFFFF },
++ { 0xBFFFE, 0xBFFFF },
++ { 0xCFFFE, 0xCFFFF },
++ { 0xDFFFE, 0xDFFFF },
++ { 0xEFFFE, 0xEFFFF },
++ { 0xFFFFE, 0xFFFFF },
++ { 0x10FFFE, 0x10FFFF },
++ /* C.5 Surrogate codes */
++ { 0xD800, 0xDFFF },
++ /* C.6 Inappropriate for plain text */
++ { 0xFFF9, 0xFFF9 },
++ { 0xFFFA, 0xFFFA },
++ { 0xFFFB, 0xFFFB },
++ { 0xFFFC, 0xFFFC },
++ { 0xFFFD, 0xFFFD },
++ /* C.7 Inappropriate for canonical representation */
++ { 0x2FF0, 0x2FFB },
++ /* C.8 Change display properties or are deprecated */
++ { 0x0340, 0x0340 },
++ { 0x0341, 0x0341 },
++ { 0x200E, 0x200E },
++ { 0x200F, 0x200F },
++ { 0x202A, 0x202A },
++ { 0x202B, 0x202B },
++ { 0x202C, 0x202C },
++ { 0x202D, 0x202D },
++ { 0x202E, 0x202E },
++ { 0x206A, 0x206A },
++ { 0x206B, 0x206B },
++ { 0x206C, 0x206C },
++ { 0x206D, 0x206D },
++ { 0x206E, 0x206E },
++ { 0x206F, 0x206F },
++ /* C.9 Tagging characters */
++ { 0xE0001, 0xE0001 },
++ { 0xE0020, 0xE007F },
++};
++
+diff --git a/utf8_stringprep.c b/utf8_stringprep.c
+new file mode 100644
+index 0000000..bcafae7
+--- /dev/null
++++ b/utf8_stringprep.c
+@@ -0,0 +1,229 @@
++/*
++ * Copyright (c) 2013 Damien Miller <djm at mindrot.org>
++ *
++ * Permission to use, copy, modify, and distribute this software for any
++ * purpose with or without fee is hereby granted, provided that the above
++ * copyright notice and this permission notice appear in all copies.
++ *
++ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
++ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
++ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
++ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
++ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
++ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
++ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
++ */
++
++/*
++ * This is a simple RFC3454 stringprep profile to sanitise UTF-8 strings
++ * from untrusted sources.
++ *
++ * It is intended to be used prior to display of untrusted strings only.
++ * It should not be used for logging because of bi-di ambiguity. It
++ * should also not be used in any case where lack of normalisation may
++ * cause problems.
++ *
++ * This profile uses the prohibition and mapping tables from RFC3454
++ * (listed below) but the unassigned character table has been updated to
++ * Unicode 6.2. It uses a local whitelist of whitespace characters (\n,
++ * \a and \t). Unicode normalisation and bi-di testing are not used.
++ *
++ * XXX: implement bi-di handling (needed for logs)
++ * XXX: implement KC normalisation (needed for passing to libs/syscalls)
++ */
++
++#include <sys/types.h>
++#include <stdio.h>
++#include <stdlib.h>
++#include <string.h>
++#include <limits.h>
++#include <ctype.h>
++
++#include "misc.h"
++
++struct u32_range {
++ u_int32_t lo, hi; /* Inclusive */
++};
++
++#include "stringprep-tables.c"
++
++/* Returns 1 if code 'c' appears in the table or 0 otherwise */
++static int
++code_in_table(u_int32_t c, const struct u32_range *table, size_t tlen)
++{
++ const struct u32_range *e, *end = (void *)(tlen + (char *)table);
++
++ for (e = table; e < end; e++) {
++ if (c >= e->lo && c <= e->hi)
++ return 1;
++ }
++ return 0;
++}
++
++/*
++ * Decode the next valid UCS character from a UTF-8 string, skipping past bad
++ * codes. Returns the decoded character or 0 for end-of-string and updates
++ * nextc to point to the start of the next character (if any).
++ * had_error is set if an invalid code was encountered.
++ */
++static u_int32_t
++decode_utf8(const char *in, const char **nextc, int *had_error)
++{
++ int state = 0;
++ size_t i;
++ u_int32_t c, e;
++
++ e = c = 0;
++ for (i = 0; in[i] != '\0'; i++) {
++ e = (u_char)in[i];
++ /* Invalid code point state */
++ if (state == -1) {
++ /*
++ * Continue eating continuation characters until
++ * a new start character comes along.
++ */
++ if ((e & 0xc0) == 0x80)
++ continue;
++ state = 0;
++ }
++
++ /* New code point state */
++ if (state == 0) {
++ if ((e & 0x80) == 0) { /* 7 bit code */
++ c = e & 0x7f;
++ goto have_code;
++ } else if ((e & 0xe0) == 0xc0) { /* 11 bit code point */
++ state = 1;
++ c = (e & 0x1f) << 6;
++ } else if ((e & 0xf0) == 0xe0) { /* 16 bit code point */
++ state = 2;
++ c = (e & 0xf) << 12;
++ } else if ((e & 0xf8) == 0xf0) { /* 21 bit code point */
++ state = 3;
++ c = (e & 0x7) << 18;
++ } else {
++ /* A five or six byte header, or 0xff */
++ goto bad_encoding;
++ }
++ /*
++ * Check that the header byte has some non-zero data
++ * after masking off the length marker. If not it is
++ * an invalid encoding.
++ */
++ if (c == 0) {
++ bad_encoding:
++ c = 0;
++ state = -1;
++ if (had_error != NULL)
++ *had_error = 1;
++ }
++ continue;
++ }
++
++ /* Sanity check: should never happen */
++ if (state < 1 || state > 5) {
++ *nextc = NULL;
++ if (had_error != NULL)
++ *had_error = 1;
++ return 0;
++ }
++ /* Multibyte code point state */
++ state--;
++ c |= (e & 0x3f) << (state * 6);
++ if (state > 0)
++ continue;
++
++ /* RFC3629 bans codepoints > U+10FFFF */
++ if (c > 0x10FFFF) {
++ if (had_error != NULL)
++ *had_error = 1;
++ continue;
++ }
++ have_code:
++ *nextc = in + i + 1;
++ return c;
++ }
++ if (state != 0 && had_error != NULL)
++ *had_error = 1;
++ *nextc = in + i;
++ return 0;
++}
++
++/*
++ * Attempt to encode a UCS character as a UTF-8 sequence. Returns the number
++ * of characters used or -1 on error (insufficient space or bad code).
++ */
++static int
++encode_utf8(u_int32_t c, char *s, size_t slen)
++{
++ size_t i, need;
++ u_char h;
++
++ if (c < 0x80) {
++ if (slen >= 1) {
++ s[0] = (char)c;
++ }
++ return 1;
++ } else if (c < 0x800) {
++ need = 2;
++ h = 0xc0;
++ } else if (c < 0x10000) {
++ need = 3;
++ h = 0xe0;
++ } else if (c < 0x200000) {
++ need = 4;
++ h = 0xf0;
++ } else {
++ /* Invalid code point > U+10FFFF */
++ return -1;
++ }
++ if (need > slen)
++ return -1;
++ for (i = 0; i < need; i++) {
++ s[i] = (i == 0 ? h : 0x80);
++ s[i] |= (c >> (need - i - 1) * 6) & 0x3f;
++ }
++ return need;
++}
++
++
++/*
++ * Normalise a UTF-8 string using the RFC3454 stringprep algorithm.
++ * Returns 0 on success or -1 on failure (prohibited code or insufficient
++ * length in the output string.
++ * Requires an output buffer at most the same length as the input.
++ */
++int
++utf8_stringprep(const char *in, char *out, size_t olen)
++{
++ int r;
++ size_t o;
++ u_int32_t c;
++
++ if (olen < 1)
++ return -1;
++
++ for (o = 0; (c = decode_utf8(in, &in, NULL)) != 0;) {
++ /* Mapping */
++ if (code_in_table(c, map_to_nothing, sizeof(map_to_nothing)))
++ continue;
++
++ /* Prohibitied output */
++ if (code_in_table(c, prohibited, sizeof(prohibited)) &&
++ !code_in_table(c, whitelist, sizeof(whitelist)))
++ return -1;
++
++ /* Map unassigned code points to U+FFFD */
++ if (code_in_table(c, unassigned, sizeof(unassigned)))
++ c = 0xFFFD;
++
++ /* Encode the character */
++ r = encode_utf8(c, out + o, olen - o - 1);
++ if (r < 0)
++ return -1;
++ o += r;
++ }
++ out[o] = '\0';
++ return 0;
++}
++
diff --git a/openssh-6.6p1-audit.patch b/openssh-6.6p1-audit.patch
index f205436..b83b46a 100644
--- a/openssh-6.6p1-audit.patch
+++ b/openssh-6.6p1-audit.patch
@@ -1,11 +1,11 @@
diff --git a/Makefile.in b/Makefile.in
-index 2ad26ff..3bb7f00 100644
+index 0f0d39f..9d8c2eb 100644
--- a/Makefile.in
+++ b/Makefile.in
@@ -82,7 +82,8 @@ LIBSSH_OBJS=authfd.o authfile.o bufaux.o bufbn.o buffer.o \
ssh-pkcs11.o krl.o smult_curve25519_ref.o \
kexc25519.o kexc25519c.o poly1305.o chacha.o cipher-chachapoly.o \
- ssh-ed25519.o digest-openssl.o hmac.o \
+ ssh-ed25519.o digest-openssl.o hmac.o utf8_stringprep.o \
- sc25519.o ge25519.o fe25519.o ed25519.o verify.o hash.o blocks.o
+ sc25519.o ge25519.o fe25519.o ed25519.o verify.o hash.o blocks.o \
+ auditstub.o
@@ -1860,10 +1860,10 @@ index f8edf85..c36c812 100644
+void packet_destroy_all(int, int);
#endif /* PACKET_H */
diff --git a/session.c b/session.c
-index ba4589b..4a297f1 100644
+index e4add93..626a642 100644
--- a/session.c
+++ b/session.c
-@@ -137,7 +137,7 @@ extern int log_stderr;
+@@ -138,7 +138,7 @@ extern int log_stderr;
extern int debug_flag;
extern u_int utmp_len;
extern int startup_pipe;
@@ -1872,7 +1872,7 @@ index ba4589b..4a297f1 100644
extern Buffer loginmsg;
/* original command from peer. */
-@@ -745,6 +745,14 @@ do_exec_pty(Session *s, const char *command)
+@@ -746,6 +746,14 @@ do_exec_pty(Session *s, const char *command)
/* Parent. Close the slave side of the pseudo tty. */
close(ttyfd);
@@ -1887,7 +1887,7 @@ index ba4589b..4a297f1 100644
/* Enter interactive session. */
s->ptymaster = ptymaster;
packet_set_interactive(1,
-@@ -862,15 +870,19 @@ do_exec(Session *s, const char *command)
+@@ -863,15 +871,19 @@ do_exec(Session *s, const char *command)
get_remote_port());
#ifdef SSH_AUDIT_EVENTS
@@ -1909,7 +1909,7 @@ index ba4589b..4a297f1 100644
#endif
if (s->ttyfd != -1)
ret = do_exec_pty(s, command);
-@@ -1707,7 +1719,10 @@ do_child(Session *s, const char *command)
+@@ -1708,7 +1720,10 @@ do_child(Session *s, const char *command)
int r = 0;
/* remove hostkey from the child's memory */
@@ -1921,7 +1921,7 @@ index ba4589b..4a297f1 100644
/* Force a password change */
if (s->authctxt->force_pwchange) {
-@@ -1931,6 +1946,7 @@ session_unused(int id)
+@@ -1932,6 +1947,7 @@ session_unused(int id)
sessions[id].ttyfd = -1;
sessions[id].ptymaster = -1;
sessions[id].x11_chanids = NULL;
@@ -1929,7 +1929,7 @@ index ba4589b..4a297f1 100644
sessions[id].next_unused = sessions_first_unused;
sessions_first_unused = id;
}
-@@ -2013,6 +2029,19 @@ session_open(Authctxt *authctxt, int chanid)
+@@ -2014,6 +2030,19 @@ session_open(Authctxt *authctxt, int chanid)
}
Session *
@@ -1949,7 +1949,7 @@ index ba4589b..4a297f1 100644
session_by_tty(char *tty)
{
int i;
-@@ -2529,6 +2558,30 @@ session_exit_message(Session *s, int status)
+@@ -2530,6 +2559,30 @@ session_exit_message(Session *s, int status)
chan_write_failed(c);
}
@@ -1980,7 +1980,7 @@ index ba4589b..4a297f1 100644
void
session_close(Session *s)
{
-@@ -2537,6 +2590,10 @@ session_close(Session *s)
+@@ -2538,6 +2591,10 @@ session_close(Session *s)
debug("session_close: session %d pid %ld", s->self, (long)s->pid);
if (s->ttyfd != -1)
session_pty_cleanup(s);
@@ -1991,7 +1991,7 @@ index ba4589b..4a297f1 100644
free(s->term);
free(s->display);
free(s->x11_chanids);
-@@ -2751,6 +2808,15 @@ do_authenticated2(Authctxt *authctxt)
+@@ -2752,6 +2809,15 @@ do_authenticated2(Authctxt *authctxt)
server_loop2(authctxt);
}
@@ -2007,7 +2007,7 @@ index ba4589b..4a297f1 100644
void
do_cleanup(Authctxt *authctxt)
{
-@@ -2799,5 +2865,5 @@ do_cleanup(Authctxt *authctxt)
+@@ -2800,5 +2866,5 @@ do_cleanup(Authctxt *authctxt)
* or if running in monitor.
*/
if (!use_privsep || mm_is_monitor())
diff --git a/openssh-6.6p1-fips.patch b/openssh-6.6p1-fips.patch
index 2869d2f..9227b37 100644
--- a/openssh-6.6p1-fips.patch
+++ b/openssh-6.6p1-fips.patch
@@ -366,7 +366,7 @@ index 770ad28..9d4fc6d 100644
break;
default:
diff --git a/key.c b/key.c
-index 62f3edb..c13b644 100644
+index 62f3edb..a2050f6 100644
--- a/key.c
+++ b/key.c
@@ -42,6 +42,7 @@
@@ -394,6 +394,19 @@ index 62f3edb..c13b644 100644
rv_defined = 1;
}
return rv;
+@@ -1168,8 +1173,11 @@ rsa_generate_private_key(u_int bits)
+ fatal("%s: BN_new failed", __func__);
+ if (!BN_set_word(f4, RSA_F4))
+ fatal("%s: BN_new failed", __func__);
+- if (!RSA_generate_key_ex(private, bits, f4, NULL))
++ if (!RSA_generate_key_ex(private, bits, f4, NULL)) {
++ if (FIPS_mode())
++ logit("%s: the key length might be unsupported by FIPS mode approved key generation method", __func__);
+ fatal("%s: key generation failed.", __func__);
++ }
+ BN_free(f4);
+ return private;
+ }
diff --git a/mac.c b/mac.c
index 9388af4..cd7b034 100644
--- a/mac.c
@@ -500,25 +513,23 @@ index 3a0f5ae..4f35a44 100644
static char *myproposal[PROPOSAL_MAX] = {
KEX_DEFAULT_KEX,
diff --git a/ssh-keygen.c b/ssh-keygen.c
-index 482dc1c..fd2eb94 100644
+index 66198e6..ccf22c8 100644
--- a/ssh-keygen.c
+++ b/ssh-keygen.c
-@@ -195,6 +195,14 @@ type_bits_valid(int type, u_int32_t *bitsp)
+@@ -195,6 +195,12 @@ type_bits_valid(int type, u_int32_t *bitsp)
fprintf(stderr, "key bits exceeds maximum %d\n", maxbits);
exit(1);
}
+ if (FIPS_mode()) {
+ if (type == KEY_DSA)
+ fatal("DSA keys are not allowed in FIPS mode");
-+ if (type == KEY_RSA && bits != 2048 && bits != 3072)
-+ fatal("RSA keys must be either 2048 bits or 3072 bits in FIPS mode");
+ if (type == KEY_ED25519)
+ fatal("ED25519 keys are not allowed in FIPS mode");
+ }
if (type == KEY_DSA && *bitsp != 1024)
fatal("DSA keys must be 1024 bits");
else if (type != KEY_ECDSA && type != KEY_ED25519 && *bitsp < 768)
-@@ -746,7 +754,7 @@ do_download(struct passwd *pw)
+@@ -746,7 +752,7 @@ do_download(struct passwd *pw)
enum fp_type fptype;
char *fp, *ra;
@@ -527,7 +538,7 @@ index 482dc1c..fd2eb94 100644
rep = print_bubblebabble ? SSH_FP_BUBBLEBABBLE : SSH_FP_HEX;
pkcs11_init(0);
-@@ -756,8 +764,7 @@ do_download(struct passwd *pw)
+@@ -756,8 +762,7 @@ do_download(struct passwd *pw)
for (i = 0; i < nkeys; i++) {
if (print_fingerprint) {
fp = key_fingerprint(keys[i], fptype, rep);
diff --git a/openssh-6.6p1-set_remote_ipaddr.patch b/openssh-6.6p1-set_remote_ipaddr.patch
new file mode 100644
index 0000000..166e569
--- /dev/null
+++ b/openssh-6.6p1-set_remote_ipaddr.patch
@@ -0,0 +1,87 @@
+diff --git a/canohost.c b/canohost.c
+index 97ce58c..1f9320a 100644
+--- a/canohost.c
++++ b/canohost.c
+@@ -338,6 +338,21 @@ clear_cached_addr(void)
+ cached_port = -1;
+ }
+
++void set_remote_ipaddr(void) {
++ if (canonical_host_ip != NULL)
++ free(canonical_host_ip);
++
++ if (packet_connection_is_on_socket()) {
++ canonical_host_ip =
++ get_peer_ipaddr(packet_get_connection_in());
++ if (canonical_host_ip == NULL)
++ cleanup_exit(255);
++ } else {
++ /* If not on socket, return UNKNOWN. */
++ canonical_host_ip = xstrdup("UNKNOWN");
++ }
++}
++
+ /*
+ * Returns the IP-address of the remote host as a string. The returned
+ * string must not be freed.
+@@ -347,17 +362,9 @@ const char *
+ get_remote_ipaddr(void)
+ {
+ /* Check whether we have cached the ipaddr. */
+- if (canonical_host_ip == NULL) {
+- if (packet_connection_is_on_socket()) {
+- canonical_host_ip =
+- get_peer_ipaddr(packet_get_connection_in());
+- if (canonical_host_ip == NULL)
+- cleanup_exit(255);
+- } else {
+- /* If not on socket, return UNKNOWN. */
+- canonical_host_ip = xstrdup("UNKNOWN");
+- }
+- }
++ if (canonical_host_ip == NULL)
++ set_remote_ipaddr();
++
+ return canonical_host_ip;
+ }
+
+diff --git a/canohost.h b/canohost.h
+index 4c8636f..4079953 100644
+--- a/canohost.h
++++ b/canohost.h
+@@ -13,6 +13,7 @@
+ */
+
+ const char *get_canonical_hostname(int);
++void set_remote_ipaddr(void);
+ const char *get_remote_ipaddr(void);
+ const char *get_remote_name_or_ip(u_int, int);
+
+diff --git a/sshconnect.c b/sshconnect.c
+index e636f33..451a58b 100644
+--- a/sshconnect.c
++++ b/sshconnect.c
+@@ -62,6 +62,7 @@
+ #include "monitor_fdpass.h"
+ #include "ssh2.h"
+ #include "version.h"
++#include "canohost.h"
+
+ char *client_version_string = NULL;
+ char *server_version_string = NULL;
+@@ -170,6 +171,7 @@ ssh_proxy_fdpass_connect(const char *host, u_short port,
+
+ /* Set the connection file descriptors. */
+ packet_set_connection(sock, sock);
++ set_remote_ipaddr();
+
+ return 0;
+ }
+@@ -492,6 +494,7 @@ ssh_connect_direct(const char *host, struct addrinfo *aitop,
+
+ /* Set the connection. */
+ packet_set_connection(sock, sock);
++ set_remote_ipaddr();
+
+ return 0;
+ }
More information about the scm-commits
mailing list