Update golang.org/x/crypto (#19097)

* Update golang.org/x/crypto

- Update dependency to include fix for CVE.
- See https://groups.google.com/g/golang-announce/c/-cp44ypCT5s/m/wmegxkLiAQAJ?utm_medium=email&utm_source=footer

* Fix deprecation notice

* Remove workaround

- Introduced in https://github.com/go-gitea/gitea/pull/17281
- Fixed in x/crypto:
- https://github.com/golang/crypto/commit/5d542ad81a58c89581d596f49d0ba5d435481bcf
- & https://github.com/golang/crypto/commit/3147a52a75dda54ac3a611ef8978640d85188a2a

* Update Kex Algorithms

- Use standardized name for curve22519-sha256. https://github.com/golang/crypto/commit/9b076918e3c7e908b2bdea932f272a9979f2488a
- Prefer SHA256 version over SHA1 version. https://github.com/golang/crypto/commit/e4b3678e5f38521e67eba223ddd1902ceb3a303c

diff --git a/custom/conf/app.example.ini b/custom/conf/app.example.ini
index ad58e6bda36d89fcf30c7e0b9333a5acad0fb579..c4d5413a6c257fed29a474a106cfb8a2d81a6d64 100644 (file)
--- a/custom/conf/app.example.ini
+++ b/custom/conf/app.example.ini
@@ -117,7 +117,7 @@ RUN_MODE = ; prod
 ;;
 ;; For the built-in SSH server, choose the key exchange algorithms to support for SSH connections,
 ;; for system SSH this setting has no effect
-;SSH_SERVER_KEY_EXCHANGES = curve25519-sha256@libssh.org, ecdh-sha2-nistp256, ecdh-sha2-nistp384, ecdh-sha2-nistp521, diffie-hellman-group14-sha1
+;SSH_SERVER_KEY_EXCHANGES = curve25519-sha256, ecdh-sha2-nistp256, ecdh-sha2-nistp384, ecdh-sha2-nistp521, diffie-hellman-group14-sha256, diffie-hellman-group14-sha1
 ;;
 ;; For the built-in SSH server, choose the MACs to support for SSH connections,
 ;; for system SSH this setting has no effect

diff --git a/docs/content/doc/advanced/config-cheat-sheet.en-us.md b/docs/content/doc/advanced/config-cheat-sheet.en-us.md
index 70bc2ee8293e1be59580b07eb08d14753743f552..2fbfdde6bd62f61244ec1ca9c628aa03b17c1c40 100644 (file)
--- a/docs/content/doc/advanced/config-cheat-sheet.en-us.md
+++ b/docs/content/doc/advanced/config-cheat-sheet.en-us.md
@@ -280,7 +280,7 @@ The following configuration set `Content-Type: application/vnd.android.package-a
 - `SSH_AUTHORIZED_PRINCIPALS_BACKUP`: **false/true**: Enable SSH Authorized Principals Backup when rewriting all keys, default is true if `SSH_AUTHORIZED_PRINCIPALS_ALLOW` is not `off`.
 - `SSH_AUTHORIZED_KEYS_COMMAND_TEMPLATE`: **{{.AppPath}} --config={{.CustomConf}} serv key-{{.Key.ID}}**: Set the template for the command to passed on authorized keys. Possible keys are: AppPath, AppWorkPath, CustomConf, CustomPath, Key - where Key is a `models/asymkey.PublicKey` and the others are strings which are shellquoted.
 - `SSH_SERVER_CIPHERS`: **chacha20-poly1305@openssh.com, aes128-ctr, aes192-ctr, aes256-ctr, aes128-gcm@openssh.com, aes256-gcm@openssh.com**: For the built-in SSH server, choose the ciphers to support for SSH connections, for system SSH this setting has no effect.
-- `SSH_SERVER_KEY_EXCHANGES`: **curve25519-sha256@libssh.org, ecdh-sha2-nistp256, ecdh-sha2-nistp384, ecdh-sha2-nistp521, diffie-hellman-group14-sha1**: For the built-in SSH server, choose the key exchange algorithms to support for SSH connections, for system SSH this setting has no effect.
+- `SSH_SERVER_KEY_EXCHANGES`: **curve25519-sha256, ecdh-sha2-nistp256, ecdh-sha2-nistp384, ecdh-sha2-nistp521, diffie-hellman-group14-sha256, diffie-hellman-group14-sha1**: For the built-in SSH server, choose the key exchange algorithms to support for SSH connections, for system SSH this setting has no effect.
 - `SSH_SERVER_MACS`: **hmac-sha2-256-etm@openssh.com, hmac-sha2-256, hmac-sha1**: For the built-in SSH server, choose the MACs to support for SSH connections, for system SSH this setting has no effect
 - `SSH_SERVER_HOST_KEYS`: **ssh/gitea.rsa, ssh/gogs.rsa**: For the built-in SSH server, choose the keypairs to offer as the host key. The private key should be at `SSH_SERVER_HOST_KEY` and the public `SSH_SERVER_HOST_KEY.pub`. Relative paths are made absolute relative to the `APP_DATA_PATH`. If no key exists a 4096 bit RSA key will be created for you.
 - `SSH_KEY_TEST_PATH`: **/tmp**: Directory to create temporary files in when testing public keys using ssh-keygen, default is the system temporary directory.

diff --git a/go.mod b/go.mod
index e859e24c6e10f9af05952a14942f35dd9f9a05d8..d1f4b7c4cf98014afe5f1bfb247c91f96a8d4e60 100644 (file)
--- a/go.mod
+++ b/go.mod
@@ -122,7 +122,7 @@ require (
        go.uber.org/atomic v1.9.0 // indirect
        go.uber.org/multierr v1.8.0 // indirect
        go.uber.org/zap v1.21.0 // indirect
-       golang.org/x/crypto v0.0.0-20220214200702-86341886e292
+       golang.org/x/crypto v0.0.0-20220315160706-3147a52a75dd
        golang.org/x/net v0.0.0-20220225172249-27dd8689420f
        golang.org/x/oauth2 v0.0.0-20220223155221-ee480838109b
        golang.org/x/sys v0.0.0-20220227234510-4e6760a101f9

diff --git a/go.sum b/go.sum
index cec6e231ab9926ad119fc9aa4c996398b158b89d..f1e719284de2d2b5c53e095772e62d4814b2eafe 100644 (file)
--- a/go.sum
+++ b/go.sum
@@ -1683,8 +1683,8 @@ golang.org/x/crypto v0.0.0-20210817164053-32db794688a5/go.mod h1:GvvjBRRGRdwPK5y
 golang.org/x/crypto v0.0.0-20211108221036-ceb1ce70b4fa/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc=
 golang.org/x/crypto v0.0.0-20211117183948-ae814b36b871/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4=
 golang.org/x/crypto v0.0.0-20220112180741-5e0467b6c7ce/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4=
-golang.org/x/crypto v0.0.0-20220214200702-86341886e292 h1:f+lwQ+GtmgoY+A2YaQxlSOnDjXcQ7ZRLWOHbC6HtRqE=
-golang.org/x/crypto v0.0.0-20220214200702-86341886e292/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4=
+golang.org/x/crypto v0.0.0-20220315160706-3147a52a75dd h1:XcWmESyNjXJMLahc3mqVQJcgSTDxFxhETVlfk9uGc38=
+golang.org/x/crypto v0.0.0-20220315160706-3147a52a75dd/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4=
 golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
 golang.org/x/exp v0.0.0-20190306152737-a1d7652674e8/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
 golang.org/x/exp v0.0.0-20190510132918-efd6b22b2522/go.mod h1:ZjyILWgesfNpC6sMxTJOJm9Kp84zZh5NQWvqDGG3Qr8=

diff --git a/modules/setting/setting.go b/modules/setting/setting.go
index f93dc53c32104febc1fe115067eb23dfd27e9a8f..2a189ec9b3f2b7a3ae48e8ff47d1f694ae7f9770 100644 (file)
--- a/modules/setting/setting.go
+++ b/modules/setting/setting.go
@@ -164,7 +164,7 @@ var (
                Domain:                        "",
                Port:                          22,
                ServerCiphers:                 []string{"chacha20-poly1305@openssh.com", "aes128-ctr", "aes192-ctr", "aes256-ctr", "aes128-gcm@openssh.com", "aes256-gcm@openssh.com"},
-               ServerKeyExchanges:            []string{"curve25519-sha256@libssh.org", "ecdh-sha2-nistp256", "ecdh-sha2-nistp384", "ecdh-sha2-nistp521", "diffie-hellman-group14-sha1"},
+               ServerKeyExchanges:            []string{"curve25519-sha256", "ecdh-sha2-nistp256", "ecdh-sha2-nistp384", "ecdh-sha2-nistp521", "diffie-hellman-group14-sha256", "diffie-hellman-group14-sha1"},
                ServerMACs:                    []string{"hmac-sha2-256-etm@openssh.com", "hmac-sha2-256", "hmac-sha1"},
                KeygenPath:                    "ssh-keygen",
                MinimumKeySizeCheck:           true,

diff --git a/modules/ssh/ssh.go b/modules/ssh/ssh.go
index 6f4e9934576e576a0ee93c05005d9260d25f3fdf..1a92edb79514865aff4aa370836015d963deb7c8 100644 (file)
--- a/modules/ssh/ssh.go
+++ b/modules/ssh/ssh.go
@@ -317,65 +317,9 @@ func Listen(host string, port int, ciphers, keyExchanges, macs []string) {
                }
        }
 
-       // Workaround slightly broken behaviour in x/crypto/ssh/handshake.go:458-463
-       //
-       // Fundamentally the issue here is that HostKeyAlgos make the incorrect assumption
-       // that the PublicKey().Type() matches the signature algorithm.
-       //
-       // Therefore we need to add duplicates for the RSA with different signing algorithms.
-       signers := make([]ssh.Signer, 0, len(srv.HostSigners))
-       for _, signer := range srv.HostSigners {
-               if signer.PublicKey().Type() == "ssh-rsa" {
-                       signers = append(signers,
-                               &wrapSigner{
-                                       Signer:    signer,
-                                       algorithm: gossh.SigAlgoRSASHA2512,
-                               },
-                               &wrapSigner{
-                                       Signer:    signer,
-                                       algorithm: gossh.SigAlgoRSASHA2256,
-                               },
-                       )
-               }
-               signers = append(signers, signer)
-       }
-       srv.HostSigners = signers
-
        go listen(&srv)
 }
 
-// wrapSigner wraps a signer and overrides its public key type with the provided algorithm
-type wrapSigner struct {
-       ssh.Signer
-       algorithm string
-}
-
-// PublicKey returns an associated PublicKey instance.
-func (s *wrapSigner) PublicKey() gossh.PublicKey {
-       return &wrapPublicKey{
-               PublicKey: s.Signer.PublicKey(),
-               algorithm: s.algorithm,
-       }
-}
-
-// Sign returns raw signature for the given data. This method
-// will apply the hash specified for the keytype to the data using
-// the algorithm assigned for this key
-func (s *wrapSigner) Sign(rand io.Reader, data []byte) (*gossh.Signature, error) {
-       return s.Signer.(gossh.AlgorithmSigner).SignWithAlgorithm(rand, data, s.algorithm)
-}
-
-// wrapPublicKey wraps a PublicKey and overrides its type
-type wrapPublicKey struct {
-       gossh.PublicKey
-       algorithm string
-}
-
-// Type returns the algorithm
-func (k *wrapPublicKey) Type() string {
-       return k.algorithm
-}
-
 // GenKeyPair make a pair of public and private keys for SSH access.
 // Public key is encoded in the format for inclusion in an OpenSSH authorized_keys file.
 // Private Key generated is PEM encoded