- djm@cvs.openbsd.org 2001/03/23 11:04:07
[compat.c compat.h sshconnect2.c sshd.c]
Compat for OpenSSH with broken Rijndael/AES. ok markus@
diff --git a/ChangeLog b/ChangeLog
index 60df643..ca06552 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,5 +1,9 @@
20010324
- Fixed permissions ssh-keyscan. Thanks to Christopher Linn <celinn@mtu.edu>.
+ - OpenBSD CVS Sync
+ - djm@cvs.openbsd.org 2001/03/23 11:04:07
+ [compat.c compat.h sshconnect2.c sshd.c]
+ Compat for OpenSSH with broken Rijndael/AES. ok markus@
20010323
- OpenBSD CVS Sync
@@ -4691,4 +4695,4 @@
- Wrote replacements for strlcpy and mkdtemp
- Released 1.0pre1
-$Id: ChangeLog,v 1.1010 2001/03/24 00:20:56 mouring Exp $
+$Id: ChangeLog,v 1.1011 2001/03/24 00:35:19 mouring Exp $
diff --git a/compat.c b/compat.c
index 4fb2b44..705121c 100644
--- a/compat.c
+++ b/compat.c
@@ -23,7 +23,7 @@
*/
#include "includes.h"
-RCSID("$OpenBSD: compat.c,v 1.39 2001/03/18 23:30:55 deraadt Exp $");
+RCSID("$OpenBSD: compat.c,v 1.40 2001/03/23 11:04:06 djm Exp $");
#ifdef HAVE_LIBPCRE
# include <pcreposix.h>
@@ -69,7 +69,9 @@
} check[] = {
{ "^OpenSSH[-_]2\\.[012]",
SSH_OLD_SESSIONID|SSH_BUG_BANNER },
- { "^OpenSSH_2\\.3\\.0", SSH_BUG_BANNER },
+ { "^OpenSSH_2\\.3\\.0", SSH_BUG_BANNER|SSH_BUG_BIGENDIANAES },
+ { "^OpenSSH_2\\.5\\.[01]p1",
+ SSH_BUG_BIGENDIANAES },
{ "^OpenSSH", 0 },
{ "MindTerm", 0 },
{ "^2\\.1\\.0", SSH_BUG_SIGBLOB|SSH_BUG_HMAC|
@@ -149,3 +151,33 @@
xfree(s);
return ret;
}
+
+char *
+compat_cipher_proposal(char *cipher_prop)
+{
+ char *orig_prop, *fix_ciphers;
+ char *cp, *tmp;
+ size_t len;
+
+ if (!(datafellows & SSH_BUG_BIGENDIANAES))
+ return(cipher_prop);
+
+ len = strlen(cipher_prop) + 1;
+ fix_ciphers = xmalloc(len);
+ *fix_ciphers = '\0';
+ tmp = orig_prop = xstrdup(cipher_prop);
+ while((cp = strsep(&tmp, ",")) != NULL) {
+ if (strncmp(cp, "aes", 3) && strncmp(cp, "rijndael", 8)) {
+ if (*fix_ciphers)
+ strlcat(fix_ciphers, ",", len);
+ strlcat(fix_ciphers, cp, len);
+ }
+ }
+ xfree(orig_prop);
+ debug2("Original cipher proposal: %s", cipher_prop);
+ debug2("Compat cipher proposal: %s", fix_ciphers);
+ if (!*fix_ciphers)
+ fatal("No available ciphers found.");
+
+ return(fix_ciphers);
+}
diff --git a/compat.h b/compat.h
index 41d6af0..707726f 100644
--- a/compat.h
+++ b/compat.h
@@ -21,7 +21,7 @@
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
-/* RCSID("$OpenBSD: compat.h,v 1.18 2001/03/18 23:30:55 deraadt Exp $"); */
+/* RCSID("$OpenBSD: compat.h,v 1.19 2001/03/23 11:04:06 djm Exp $"); */
#ifndef COMPAT_H
#define COMPAT_H
@@ -43,11 +43,13 @@
#define SSH_BUG_PKOK 0x0200
#define SSH_BUG_PASSWORDPAD 0x0400
#define SSH_BUG_SCANNER 0x0800
+#define SSH_BUG_BIGENDIANAES 0x1000
void enable_compat13(void);
void enable_compat20(void);
void compat_datafellows(const char *s);
int proto_spec(const char *spec);
+char *compat_cipher_proposal(char *cipher_prop);
extern int compat13;
extern int compat20;
extern int datafellows;
diff --git a/sshconnect2.c b/sshconnect2.c
index 046d746..86f3bb9 100644
--- a/sshconnect2.c
+++ b/sshconnect2.c
@@ -23,7 +23,7 @@
*/
#include "includes.h"
-RCSID("$OpenBSD: sshconnect2.c,v 1.54 2001/03/12 22:02:02 markus Exp $");
+RCSID("$OpenBSD: sshconnect2.c,v 1.55 2001/03/23 11:04:07 djm Exp $");
#include <openssl/bn.h>
#include <openssl/md5.h>
@@ -96,6 +96,9 @@
myproposal[PROPOSAL_MAC_ALGS_STOC] = options.macs;
}
+ myproposal[PROPOSAL_ENC_ALGS_STOC] =
+ compat_cipher_proposal(myproposal[PROPOSAL_ENC_ALGS_STOC]);
+
/* buffers with raw kexinit messages */
server_kexinit = xmalloc(sizeof(*server_kexinit));
buffer_init(server_kexinit);
diff --git a/sshd.c b/sshd.c
index d32e580..a12e921 100644
--- a/sshd.c
+++ b/sshd.c
@@ -40,7 +40,7 @@
*/
#include "includes.h"
-RCSID("$OpenBSD: sshd.c,v 1.176 2001/03/22 20:22:55 deraadt Exp $");
+RCSID("$OpenBSD: sshd.c,v 1.177 2001/03/23 11:04:07 djm Exp $");
#include <openssl/dh.h>
#include <openssl/bn.h>
@@ -1450,6 +1450,9 @@
}
myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = list_hostkey_types();
+ myproposal[PROPOSAL_ENC_ALGS_STOC] =
+ compat_cipher_proposal(myproposal[PROPOSAL_ENC_ALGS_STOC]);
+
server_kexinit = kex_init(myproposal);
client_kexinit = xmalloc(sizeof(*client_kexinit));
buffer_init(client_kexinit);