packages/python-paramiko
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
python-paramiko/backport-0001-CVE-2023-48795.patch
zhangpan 30d6fa75a8 fix CVE-2023-48795 
(cherry picked from commit eee395ba519760fae8c5eb1a104027c07fd5a182)
2024-01-12 09:52:41 +08:00

68 lines
2.7 KiB
Diff
Raw Permalink Blame History

From be3ffc18cc466e0b0a877d716721353c12561bcc Mon Sep 17 00:00:00 2001
From: Jeff Forcier <jeff@bitprophet.org>
Date: Fri, 15 Dec 2023 22:14:48 -0500
Subject: [PATCH] Make ext-info faux-KexAlgorithm detection more robust
Reference:https://github.com/paramiko/paramiko/commit/be3ffc18cc466e0b0a877d716721353c12561bcc
Conflict:The context of the changelog is adapted due to different versions
---
paramiko/transport.py | 5 +++--
sites/www/changelog.rst | 3 +++
tests/test_transport.py | 8 ++++++--
3 files changed, 12 insertions(+), 4 deletions(-)
diff --git a/paramiko/transport.py b/paramiko/transport.py
index 68cc195..fd26371 100644
--- a/paramiko/transport.py
+++ b/paramiko/transport.py
@@ -2429,8 +2429,9 @@ class Transport(threading.Thread, ClosingContextManager):
# Strip out ext-info "kex algo"
self._remote_ext_info = None
- if kex_algo_list[-1].startswith("ext-info-"):
- self._remote_ext_info = kex_algo_list.pop()
+ for i, algo in enumerate(kex_algo_list):
+ if algo.startswith("ext-info-"):
+ self._remote_ext_info = kex_algo_list.pop(i)
# as a server, we pick the first item in the client's list that we
# support.
diff --git a/sites/www/changelog.rst b/sites/www/changelog.rst
index 29754bc..f180e77 100644
--- a/sites/www/changelog.rst
+++ b/sites/www/changelog.rst
@@ -2,6 +2,9 @@
Changelog
=========
+- :bug:`-` Tweak ``ext-info-(c|s)`` detection during KEXINIT protocol phase;
+ the original implementation made assumptions based on an OpenSSH
+ implementation detail.
- :release:`2.11.0 <2022-05-16>`
- :release:`2.10.5 <2022-05-16>`
- :release:`2.9.5 <2022-05-16>`
diff --git a/tests/test_transport.py b/tests/test_transport.py
index 98a7d30..6bc0be8 100644
--- a/tests/test_transport.py
+++ b/tests/test_transport.py
@@ -1350,10 +1350,14 @@ class TestSHA2SignatureKeyExchange(unittest.TestCase):
class TestExtInfo(unittest.TestCase):
- def test_ext_info_handshake(self):
+ def test_ext_info_handshake_exposed_in_client_kexinit(self):
with server() as (tc, _):
+ # NOTE: this is latest KEXINIT /sent by us/ (Transport retains it)
kex = tc._get_latest_kex_init()
- assert kex["kex_algo_list"][-1] == "ext-info-c"
+ # flag in KexAlgorithms list
+ assert "ext-info-c" in kex["kex_algo_list"]
+ # data stored on Transport after hearing back from a compatible
+ # server (such as ourselves in server mode)
assert tc.server_extensions == {
"server-sig-algs": b"ssh-ed25519,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,rsa-sha2-512,rsa-sha2-256,ssh-rsa,ssh-dss" # noqa
}
--
2.33.0
Reference in New Issue View Git Blame Copy Permalink