[Bug 2053146] Re: openssh 8.9p1 for Jammy auth2-gss patch for gssapi-keyex method is slightly wrong

Robie Basak 2053146 at bugs.launchpad.net
Mon Feb 19 13:28:26 UTC 2024 

I'm flagging this as Critical. It sounds like everyone agrees that the
distro patch we're carrying is bad. I think it's possible that it's bad
in quite a serious way, so we should investigate immediately without
delay until we've understood the severity of this, especially because by
carrying the distro patch we should be maintaining it. If it turns out
to be benign then we can downgrade the bug importance.

** Changed in: openssh (Ubuntu)
   Importance: Undecided => Critical

** Tags added: server-todo

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to openssh in Ubuntu.
https://bugs.launchpad.net/bugs/2053146

Title:
  openssh 8.9p1 for Jammy auth2-gss patch for gssapi-keyex method is
  slightly wrong

Status in openssh package in Ubuntu:
  Incomplete

Bug description:
  The Authmethod struct now have 4 entries but the initialization of the
  method_gsskeyex in the debian/patches/gssapi.patch only have 3
  entries.

  The struct was changed in upstream commit dbb339f015c33d63484261d140c84ad875a9e548 as
  ===
  @@ -104,7 +104,8 @@ struct Authctxt {
   
   struct Authmethod {
          char    *name;
  -       int     (*userauth)(struct ssh *);
  +       char    *synonym;
  +       int     (*userauth)(struct ssh *, const char *);
          int     *enabled;
   };

  ===

  The incorrect code does
  ===
  +Authmethod method_gsskeyex = {
  +       "gssapi-keyex",
  +       userauth_gsskeyex,
  +       &options.gss_authentication
  +};
  ===
  but should have a NULL between the "gssapi-keyex" string and userauth_gsskeyex

  
  This is now (change from Focal) causing gssapi-keyex to be disabled.

  
  ===
  lsb_release -rd
  Description:	Ubuntu 22.04.3 LTS
  Release:	22.04

  ===
  apt-cache policy openssh-server
  openssh-server:
    Installed: 1:8.9p1-3ubuntu0.6
    Candidate: 1:8.9p1-3ubuntu0.6
    Version table:
   *** 1:8.9p1-3ubuntu0.6 500
          500 http://faiserver.hpc2n.umu.se/mirrors/ubuntu/ubuntu jammy-updates/main amd64 Packages
          500 http://faiserver.hpc2n.umu.se/mirrors/ubuntu/ubuntu jammy-security/main amd64 Packages
          100 /var/lib/dpkg/status
       1:8.9p1-3 500
          500 http://faiserver.hpc2n.umu.se/mirrors/ubuntu/ubuntu jammy/main amd64 Packages

  ===

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/openssh/+bug/2053146/+subscriptions

More information about the foundations-bugs mailing list