Attachment 939 Details for Bug 1023 – New diffie-hellman-group-exchange-sha256 exchange

[patch] New diffie-hellman-group-exchange-sha256 exchange

openssh-dhgex-sha256_04.diff (text/plain), 19.34 KB, created by Damien Miller on 2005-07-17 18:33:05 AEST

(hide)

Description:

Filename:

MIME Type:

Creator: Damien Miller

Created: 2005-07-17 18:33:05 AEST

Size: 19.34 KB

patch

obsolete

>Index: Makefile.inc
>===================================================================
>RCS file: /cvs/src/usr.bin/ssh/Makefile.inc,v
>retrieving revision 1.30
>diff -u -p -r1.30 Makefile.inc
>--- Makefile.inc	17 Jun 2005 02:45:19 -0000	1.30
>+++ Makefile.inc	17 Jul 2005 08:14:46 -0000
>@@ -3,7 +3,7 @@
> CFLAGS+=	-I${.CURDIR}/..
> 
> CDIAGFLAGS=	-Wall
>-#CDIAGFLAGS+=	-Werror
>+CDIAGFLAGS+=	-Werror
> CDIAGFLAGS+=	-Wpointer-arith
> CDIAGFLAGS+=	-Wno-uninitialized
> CDIAGFLAGS+=	-Wstrict-prototypes
>Index: kex.c
>===================================================================
>RCS file: /cvs/src/usr.bin/ssh/kex.c,v
>retrieving revision 1.63
>diff -u -p -r1.63 kex.c
>--- kex.c	17 Jul 2005 07:17:55 -0000	1.63
>+++ kex.c	17 Jul 2005 08:14:46 -0000
>@@ -44,6 +44,8 @@ RCSID("$OpenBSD: kex.c,v 1.63 2005/07/17
> 
> #define KEX_COOKIE_LEN	16
> 
>+extern const EVP_MD *evp_ssh_sha256(void);
>+
> /* prototype */
> static void kex_kexinit_finish(Kex *);
> static void kex_choose_conf(Kex *);
>@@ -294,8 +296,10 @@ choose_kex(Kex *k, char *client, char *s
> 		k->kex_type = KEX_DH_GRP1_SHA1;
> 	} else if (strcmp(k->name, KEX_DH14) == 0) {
> 		k->kex_type = KEX_DH_GRP14_SHA1;
>-	} else if (strcmp(k->name, KEX_DHGEX) == 0) {
>+	} else if (strcmp(k->name, KEX_DHGEX_SHA1) == 0) {
> 		k->kex_type = KEX_DH_GEX_SHA1;
>+	} else if (strcmp(k->name, KEX_DHGEX_SHA256) == 0) {
>+		k->kex_type = KEX_DH_GEX_SHA256;
> 	} else
> 		fatal("bad kex alg %s", k->name);
> }
>@@ -402,28 +406,43 @@ kex_choose_conf(Kex *kex)
> }
> 
> static u_char *
>-derive_key(Kex *kex, int id, u_int need, u_char *hash, BIGNUM *shared_secret)
>+derive_key(Kex *kex, int id, u_int need, u_char *hash, u_int hashlen,
>+    BIGNUM *shared_secret)
> {
> 	Buffer b;
>-	const EVP_MD *evp_md = EVP_sha1();
>+	const EVP_MD *evp_md;
> 	EVP_MD_CTX md;
> 	char c = id;
> 	u_int have;
>-	int mdsz = EVP_MD_size(evp_md);
>+	int mdsz;
> 	u_char *digest;
> 
>+	buffer_init(&b);
>+	buffer_put_bignum2(&b, shared_secret);
>+
>+	switch (kex->kex_type) {
>+	case KEX_DH_GRP1_SHA1:
>+	case KEX_DH_GRP14_SHA1:
>+	case KEX_DH_GEX_SHA1:
>+		evp_md = EVP_sha1();
>+		break;
>+	case KEX_DH_GEX_SHA256:
>+		evp_md = evp_ssh_sha256();
>+		break;
>+	default:
>+		fatal("derive_key: unknown kex_type %d", kex->kex_type);
>+	}
>+
>+	mdsz = EVP_MD_size(evp_md);
> 	if (mdsz < 0)
> 		fatal("derive_key: mdsz < 0");
> 	digest = xmalloc(roundup(need, mdsz));
> 
>-	buffer_init(&b);
>-	buffer_put_bignum2(&b, shared_secret);
>-
> 	/* K1 = HASH(K || H || "A" || session_id) */
> 	EVP_DigestInit(&md, evp_md);
> 	if (!(datafellows & SSH_BUG_DERIVEKEY))
> 		EVP_DigestUpdate(&md, buffer_ptr(&b), buffer_len(&b));
>-	EVP_DigestUpdate(&md, hash, mdsz);
>+	EVP_DigestUpdate(&md, hash, hashlen);
> 	EVP_DigestUpdate(&md, &c, 1);
> 	EVP_DigestUpdate(&md, kex->session_id, kex->session_id_len);
> 	EVP_DigestFinal(&md, digest, NULL);
>@@ -433,7 +452,13 @@ derive_key(Kex *kex, int id, u_int need,
> 	 * Kn = HASH(K || H || K1 || K2 || ... || Kn-1)
> 	 * Key = K1 || K2 || ... || Kn
> 	 */
>+#ifdef DEBUG_KEX
>+	fprintf(stderr, "expand key: mdsz %d need %d\n", mdsz, need);
>+#endif
> 	for (have = mdsz; need > have; have += mdsz) {
>+#ifdef DEBUG_KEX
>+		fprintf(stderr, "expand key: have %d\n", have);
>+#endif
> 		EVP_DigestInit(&md, evp_md);
> 		if (!(datafellows & SSH_BUG_DERIVEKEY))
> 			EVP_DigestUpdate(&md, buffer_ptr(&b), buffer_len(&b));
>@@ -453,13 +478,15 @@ Newkeys *current_keys[MODE_MAX];
> 
> #define NKEYS	6
> void
>-kex_derive_keys(Kex *kex, u_char *hash, BIGNUM *shared_secret)
>+kex_derive_keys(Kex *kex, u_char *hash, u_int hashlen, BIGNUM *shared_secret)
> {
> 	u_char *keys[NKEYS];
> 	u_int i, mode, ctos;
> 
>-	for (i = 0; i < NKEYS; i++)
>-		keys[i] = derive_key(kex, 'A'+i, kex->we_need, hash, shared_secret);
>+	for (i = 0; i < NKEYS; i++) {
>+		keys[i] = derive_key(kex, 'A'+i, kex->we_need, hash, hashlen,
>+		    shared_secret);
>+	}
> 
> 	debug2("kex_derive_keys");
> 	for (mode = 0; mode < MODE_MAX; mode++) {
>Index: kex.h
>===================================================================
>RCS file: /cvs/src/usr.bin/ssh/kex.h,v
>retrieving revision 1.36
>diff -u -p -r1.36 kex.h
>--- kex.h	17 Jun 2005 02:44:32 -0000	1.36
>+++ kex.h	17 Jul 2005 08:14:46 -0000
>@@ -31,9 +31,10 @@
> #include "cipher.h"
> #include "key.h"
> 
>-#define	KEX_DH1		"diffie-hellman-group1-sha1"
>-#define	KEX_DH14	"diffie-hellman-group14-sha1"
>-#define	KEX_DHGEX	"diffie-hellman-group-exchange-sha1"
>+#define	KEX_DH1			"diffie-hellman-group1-sha1"
>+#define	KEX_DH14		"diffie-hellman-group14-sha1"
>+#define	KEX_DHGEX_SHA1		"diffie-hellman-group-exchange-sha1"
>+#define	KEX_DHGEX_SHA256	"diffie-hellman-group-exchange-sha256"
> 
> enum kex_init_proposals {
> 	PROPOSAL_KEX_ALGS,
>@@ -59,6 +60,7 @@ enum kex_exchange {
> 	KEX_DH_GRP1_SHA1,
> 	KEX_DH_GRP14_SHA1,
> 	KEX_DH_GEX_SHA1,
>+	KEX_DH_GEX_SHA256,
> 	KEX_MAX
> };
> 
>@@ -123,7 +125,7 @@ void	 kex_finish(Kex *);
> 
> void	 kex_send_kexinit(Kex *);
> void	 kex_input_kexinit(int, u_int32_t, void *);
>-void	 kex_derive_keys(Kex *, u_char *, BIGNUM *);
>+void	 kex_derive_keys(Kex *, u_char *, u_int, BIGNUM *);
> 
> Newkeys *kex_get_newkeys(int);
> 
>@@ -132,12 +134,13 @@ void	 kexdh_server(Kex *);
> void	 kexgex_client(Kex *);
> void	 kexgex_server(Kex *);
> 
>-u_char *
>+void
> kex_dh_hash(char *, char *, char *, int, char *, int, u_char *, int,
>-    BIGNUM *, BIGNUM *, BIGNUM *);
>-u_char *
>-kexgex_hash(char *, char *, char *, int, char *, int, u_char *, int,
>-    int, int, int, BIGNUM *, BIGNUM *, BIGNUM *, BIGNUM *, BIGNUM *);
>+    BIGNUM *, BIGNUM *, BIGNUM *, u_char **, u_int *);
>+void
>+kexgex_hash(int, char *, char *, char *, int, char *, int, u_char *, int,
>+    int, int, int, BIGNUM *, BIGNUM *, BIGNUM *, BIGNUM *, BIGNUM *,
>+    u_char **, u_int *);
> 
> void
> derive_ssh1_session_id(BIGNUM *, BIGNUM *, u_int8_t[8], u_int8_t[16]);
>Index: kexdh.c
>===================================================================
>RCS file: /cvs/src/usr.bin/ssh/kexdh.c,v
>retrieving revision 1.19
>diff -u -p -r1.19 kexdh.c
>--- kexdh.c	16 Feb 2003 17:09:57 -0000	1.19
>+++ kexdh.c	17 Jul 2005 08:14:46 -0000
>@@ -32,7 +32,7 @@ RCSID("$OpenBSD: kexdh.c,v 1.19 2003/02/
> #include "ssh2.h"
> #include "kex.h"
> 
>-u_char *
>+void
> kex_dh_hash(
>     char *client_version_string,
>     char *server_version_string,
>@@ -41,7 +41,8 @@ kex_dh_hash(
>     u_char *serverhostkeyblob, int sbloblen,
>     BIGNUM *client_dh_pub,
>     BIGNUM *server_dh_pub,
>-    BIGNUM *shared_secret)
>+    BIGNUM *shared_secret,
>+    u_char **hash, u_int *hashlen)
> {
> 	Buffer b;
> 	static u_char digest[EVP_MAX_MD_SIZE];
>@@ -77,5 +78,6 @@ kex_dh_hash(
> #ifdef DEBUG_KEX
> 	dump_digest("hash", digest, EVP_MD_size(evp_md));
> #endif
>-	return digest;
>+	*hash = digest;
>+	*hashlen = EVP_MD_size(evp_md);
> }
>Index: kexdhc.c
>===================================================================
>RCS file: /cvs/src/usr.bin/ssh/kexdhc.c,v
>retrieving revision 1.2
>diff -u -p -r1.2 kexdhc.c
>--- kexdhc.c	13 Jun 2004 12:53:24 -0000	1.2
>+++ kexdhc.c	17 Jul 2005 08:14:46 -0000
>@@ -41,7 +41,7 @@ kexdh_client(Kex *kex)
> 	Key *server_host_key;
> 	u_char *server_host_key_blob = NULL, *signature = NULL;
> 	u_char *kbuf, *hash;
>-	u_int klen, kout, slen, sbloblen;
>+	u_int klen, kout, slen, sbloblen, hashlen;
> 
> 	/* generate and send 'e', client DH public key */
> 	switch (kex->kex_type) {
>@@ -114,7 +114,7 @@ kexdh_client(Kex *kex)
> 	xfree(kbuf);
> 
> 	/* calc and verify H */
>-	hash = kex_dh_hash(
>+	kex_dh_hash(
> 	    kex->client_version_string,
> 	    kex->server_version_string,
> 	    buffer_ptr(&kex->my), buffer_len(&kex->my),
>@@ -122,25 +122,26 @@ kexdh_client(Kex *kex)
> 	    server_host_key_blob, sbloblen,
> 	    dh->pub_key,
> 	    dh_server_pub,
>-	    shared_secret
>+	    shared_secret,
>+	    &hash, &hashlen
> 	);
> 	xfree(server_host_key_blob);
> 	BN_clear_free(dh_server_pub);
> 	DH_free(dh);
> 
>-	if (key_verify(server_host_key, signature, slen, hash, 20) != 1)
>+	if (key_verify(server_host_key, signature, slen, hash, hashlen) != 1)
> 		fatal("key_verify failed for server_host_key");
> 	key_free(server_host_key);
> 	xfree(signature);
> 
> 	/* save session id */
> 	if (kex->session_id == NULL) {
>-		kex->session_id_len = 20;
>+		kex->session_id_len = hashlen;
> 		kex->session_id = xmalloc(kex->session_id_len);
> 		memcpy(kex->session_id, hash, kex->session_id_len);
> 	}
> 
>-	kex_derive_keys(kex, hash, shared_secret);
>+	kex_derive_keys(kex, hash, hashlen, shared_secret);
> 	BN_clear_free(shared_secret);
> 	kex_finish(kex);
> }
>Index: kexdhs.c
>===================================================================
>RCS file: /cvs/src/usr.bin/ssh/kexdhs.c,v
>retrieving revision 1.2
>diff -u -p -r1.2 kexdhs.c
>--- kexdhs.c	13 Jun 2004 12:53:24 -0000	1.2
>+++ kexdhs.c	17 Jul 2005 08:14:46 -0000
>@@ -41,7 +41,7 @@ kexdh_server(Kex *kex)
> 	DH *dh;
> 	Key *server_host_key;
> 	u_char *kbuf, *hash, *signature = NULL, *server_host_key_blob = NULL;
>-	u_int sbloblen, klen, kout;
>+	u_int sbloblen, klen, kout, hashlen;
> 	u_int slen;
> 
> 	/* generate server DH public key */
>@@ -103,7 +103,7 @@ kexdh_server(Kex *kex)
> 	key_to_blob(server_host_key, &server_host_key_blob, &sbloblen);
> 
> 	/* calc H */
>-	hash = kex_dh_hash(
>+	kex_dh_hash(
> 	    kex->client_version_string,
> 	    kex->server_version_string,
> 	    buffer_ptr(&kex->peer), buffer_len(&kex->peer),
>@@ -111,21 +111,20 @@ kexdh_server(Kex *kex)
> 	    server_host_key_blob, sbloblen,
> 	    dh_client_pub,
> 	    dh->pub_key,
>-	    shared_secret
>+	    shared_secret,
>+	    &hash, &hashlen
> 	);
> 	BN_clear_free(dh_client_pub);
> 
> 	/* save session id := H */
>-	/* XXX hashlen depends on KEX */
> 	if (kex->session_id == NULL) {
>-		kex->session_id_len = 20;
>+		kex->session_id_len = hashlen;
> 		kex->session_id = xmalloc(kex->session_id_len);
> 		memcpy(kex->session_id, hash, kex->session_id_len);
> 	}
> 
> 	/* sign H */
>-	/* XXX hashlen depends on KEX */
>-	PRIVSEP(key_sign(server_host_key, &signature, &slen, hash, 20));
>+	PRIVSEP(key_sign(server_host_key, &signature, &slen, hash, hashlen));
> 
> 	/* destroy_sensitive_data(); */
> 
>@@ -141,7 +140,7 @@ kexdh_server(Kex *kex)
> 	/* have keys, free DH */
> 	DH_free(dh);
> 
>-	kex_derive_keys(kex, hash, shared_secret);
>+	kex_derive_keys(kex, hash, hashlen, shared_secret);
> 	BN_clear_free(shared_secret);
> 	kex_finish(kex);
> }
>Index: kexgex.c
>===================================================================
>RCS file: /cvs/src/usr.bin/ssh/kexgex.c,v
>retrieving revision 1.23
>diff -u -p -r1.23 kexgex.c
>--- kexgex.c	16 Feb 2003 17:09:57 -0000	1.23
>+++ kexgex.c	17 Jul 2005 08:14:46 -0000
>@@ -26,15 +26,19 @@
> #include "includes.h"
> RCSID("$OpenBSD: kexgex.c,v 1.23 2003/02/16 17:09:57 markus Exp $");
> 
>-#include <openssl/evp.h>
>+#include <openssl/sha.h>
> 
> #include "buffer.h"
> #include "bufaux.h"
> #include "kex.h"
> #include "ssh2.h"
>+#include "log.h"
> 
>-u_char *
>+extern const EVP_MD *evp_ssh_sha256(void);
>+
>+void
> kexgex_hash(
>+    int kex_type,
>     char *client_version_string,
>     char *server_version_string,
>     char *ckexinit, int ckexinitlen,
>@@ -43,11 +47,12 @@ kexgex_hash(
>     int min, int wantbits, int max, BIGNUM *prime, BIGNUM *gen,
>     BIGNUM *client_dh_pub,
>     BIGNUM *server_dh_pub,
>-    BIGNUM *shared_secret)
>+    BIGNUM *shared_secret,
>+    u_char **hash, u_int *hashlen)
> {
> 	Buffer b;
>-	static u_char digest[EVP_MAX_MD_SIZE];
>-	const EVP_MD *evp_md = EVP_sha1();
>+	static u_char digest[64];
>+	const EVP_MD *evp_md;
> 	EVP_MD_CTX md;
> 
> 	buffer_init(&b);
>@@ -79,14 +84,26 @@ kexgex_hash(
> #ifdef DEBUG_KEXDH
> 	buffer_dump(&b);
> #endif
>+
>+	switch (kex_type) {
>+	case KEX_DH_GEX_SHA1:
>+		evp_md = EVP_sha1();
>+		break;
>+	case KEX_DH_GEX_SHA256:
>+		evp_md = evp_ssh_sha256();
>+		break;
>+	default:
>+		fatal("kexgex_hash: unknown kex_type %d", kex_type);
>+	}
>+
> 	EVP_DigestInit(&md, evp_md);
> 	EVP_DigestUpdate(&md, buffer_ptr(&b), buffer_len(&b));
> 	EVP_DigestFinal(&md, digest, NULL);
>-
>+	
> 	buffer_free(&b);
>-
>+	*hash = digest;
>+	*hashlen = EVP_MD_size(evp_md);
> #ifdef DEBUG_KEXDH
>-	dump_digest("hash", digest, EVP_MD_size(evp_md));
>+	dump_digest("hash", digest, *hashlen);
> #endif
>-	return digest;
> }
>Index: kexgexc.c
>===================================================================
>RCS file: /cvs/src/usr.bin/ssh/kexgexc.c,v
>retrieving revision 1.2
>diff -u -p -r1.2 kexgexc.c
>--- kexgexc.c	8 Dec 2003 11:00:47 -0000	1.2
>+++ kexgexc.c	17 Jul 2005 08:14:46 -0000
>@@ -42,7 +42,7 @@ kexgex_client(Kex *kex)
> 	BIGNUM *p = NULL, *g = NULL;
> 	Key *server_host_key;
> 	u_char *kbuf, *hash, *signature = NULL, *server_host_key_blob = NULL;
>-	u_int klen, kout, slen, sbloblen;
>+	u_int klen, kout, slen, sbloblen, hashlen;
> 	int min, max, nbits;
> 	DH *dh;
> 
>@@ -155,7 +155,8 @@ kexgex_client(Kex *kex)
> 		min = max = -1;
> 
> 	/* calc and verify H */
>-	hash = kexgex_hash(
>+	kexgex_hash(
>+	    kex->kex_type,
> 	    kex->client_version_string,
> 	    kex->server_version_string,
> 	    buffer_ptr(&kex->my), buffer_len(&kex->my),
>@@ -165,25 +166,27 @@ kexgex_client(Kex *kex)
> 	    dh->p, dh->g,
> 	    dh->pub_key,
> 	    dh_server_pub,
>-	    shared_secret
>+	    shared_secret,
>+	    &hash, &hashlen
> 	);
>+
> 	/* have keys, free DH */
> 	DH_free(dh);
> 	xfree(server_host_key_blob);
> 	BN_clear_free(dh_server_pub);
> 
>-	if (key_verify(server_host_key, signature, slen, hash, 20) != 1)
>+	if (key_verify(server_host_key, signature, slen, hash, hashlen) != 1)
> 		fatal("key_verify failed for server_host_key");
> 	key_free(server_host_key);
> 	xfree(signature);
> 
> 	/* save session id */
> 	if (kex->session_id == NULL) {
>-		kex->session_id_len = 20;
>+		kex->session_id_len = hashlen;
> 		kex->session_id = xmalloc(kex->session_id_len);
> 		memcpy(kex->session_id, hash, kex->session_id_len);
> 	}
>-	kex_derive_keys(kex, hash, shared_secret);
>+	kex_derive_keys(kex, hash, hashlen, shared_secret);
> 	BN_clear_free(shared_secret);
> 
> 	kex_finish(kex);
>Index: kexgexs.c
>===================================================================
>RCS file: /cvs/src/usr.bin/ssh/kexgexs.c,v
>retrieving revision 1.1
>diff -u -p -r1.1 kexgexs.c
>--- kexgexs.c	16 Feb 2003 17:09:57 -0000	1.1
>+++ kexgexs.c	17 Jul 2005 08:14:46 -0000
>@@ -43,7 +43,7 @@ kexgex_server(Kex *kex)
> 	Key *server_host_key;
> 	DH *dh;
> 	u_char *kbuf, *hash, *signature = NULL, *server_host_key_blob = NULL;
>-	u_int sbloblen, klen, kout, slen;
>+	u_int sbloblen, klen, kout, slen, hashlen;
> 	int min = -1, max = -1, nbits = -1, type;
> 
> 	if (kex->load_host_key == NULL)
>@@ -138,7 +138,8 @@ kexgex_server(Kex *kex)
> 		min = max = -1;
> 
> 	/* calc H */			/* XXX depends on 'kex' */
>-	hash = kexgex_hash(
>+	kexgex_hash(
>+	    kex->kex_type,
> 	    kex->client_version_string,
> 	    kex->server_version_string,
> 	    buffer_ptr(&kex->peer), buffer_len(&kex->peer),
>@@ -148,21 +149,20 @@ kexgex_server(Kex *kex)
> 	    dh->p, dh->g,
> 	    dh_client_pub,
> 	    dh->pub_key,
>-	    shared_secret
>+	    shared_secret,
>+	    &hash, &hashlen
> 	);
> 	BN_clear_free(dh_client_pub);
> 
> 	/* save session id := H */
>-	/* XXX hashlen depends on KEX */
> 	if (kex->session_id == NULL) {
>-		kex->session_id_len = 20;
>+		kex->session_id_len = hashlen;
> 		kex->session_id = xmalloc(kex->session_id_len);
> 		memcpy(kex->session_id, hash, kex->session_id_len);
> 	}
> 
> 	/* sign H */
>-	/* XXX hashlen depends on KEX */
>-	PRIVSEP(key_sign(server_host_key, &signature, &slen, hash, 20));
>+	PRIVSEP(key_sign(server_host_key, &signature, &slen, hash, hashlen));
> 
> 	/* destroy_sensitive_data(); */
> 
>@@ -179,7 +179,7 @@ kexgex_server(Kex *kex)
> 	/* have keys, free DH */
> 	DH_free(dh);
> 
>-	kex_derive_keys(kex, hash, shared_secret);
>+	kex_derive_keys(kex, hash, hashlen, shared_secret);
> 	BN_clear_free(shared_secret);
> 
> 	kex_finish(kex);
>Index: monitor.c
>===================================================================
>RCS file: /cvs/src/usr.bin/ssh/monitor.c,v
>retrieving revision 1.63
>diff -u -p -r1.63 monitor.c
>--- monitor.c	10 Mar 2005 22:01:05 -0000	1.63
>+++ monitor.c	17 Jul 2005 08:14:47 -0000
>@@ -473,7 +473,11 @@ mm_answer_sign(int sock, Buffer *m)
> 	keyid = buffer_get_int(m);
> 	p = buffer_get_string(m, &datlen);
> 
>-	if (datlen != 20)
>+	/*
>+	 * Supported KEX types will only return SHA1 (20 byte) or 
>+	 * SHA256 (32 byte) hashes
>+	 */
>+	if (datlen != 20 && datlen != 32)
> 		fatal("%s: data length incorrect: %u", __func__, datlen);
> 
> 	/* save session id, it will be passed on the first call */
>@@ -1375,6 +1379,7 @@ mm_get_kex(Buffer *m)
> 	kex->kex[KEX_DH_GRP1_SHA1] = kexdh_server;
> 	kex->kex[KEX_DH_GRP14_SHA1] = kexdh_server;
> 	kex->kex[KEX_DH_GEX_SHA1] = kexgex_server;
>+	kex->kex[KEX_DH_GEX_SHA256] = kexgex_server;
> 	kex->server = 1;
> 	kex->hostkey_type = buffer_get_int(m);
> 	kex->kex_type = buffer_get_int(m);
>Index: myproposal.h
>===================================================================
>RCS file: /cvs/src/usr.bin/ssh/myproposal.h,v
>retrieving revision 1.17
>diff -u -p -r1.17 myproposal.h
>--- myproposal.h	23 May 2005 23:32:46 -0000	1.17
>+++ myproposal.h	17 Jul 2005 08:14:47 -0000
>@@ -23,9 +23,11 @@
>  * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
>  * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
>  */
>-#define KEX_DEFAULT_KEX		"diffie-hellman-group-exchange-sha1," \
>-	"diffie-hellman-group14-sha1," \
>-	"diffie-hellman-group1-sha1"
>+#define KEX_DEFAULT_KEX		\
>+	"diffie-hellman-group-exchange-sha256," \
>+	"diffie-hellman-group-exchange-sha1," \
>+ 	"diffie-hellman-group14-sha1," \
>+ 	"diffie-hellman-group1-sha1"
> #define	KEX_DEFAULT_PK_ALG	"ssh-rsa,ssh-dss"
> #define	KEX_DEFAULT_ENCRYPT \
> 	"aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc," \
>Index: ssh-keyscan.c
>===================================================================
>RCS file: /cvs/src/usr.bin/ssh/ssh-keyscan.c,v
>retrieving revision 1.55
>diff -u -p -r1.55 ssh-keyscan.c
>--- ssh-keyscan.c	17 Jun 2005 02:44:33 -0000	1.55
>+++ ssh-keyscan.c	17 Jul 2005 08:14:47 -0000
>@@ -341,6 +341,7 @@ keygrab_ssh2(con *c)
> 	c->c_kex->kex[KEX_DH_GRP1_SHA1] = kexdh_client;
> 	c->c_kex->kex[KEX_DH_GRP14_SHA1] = kexdh_client;
> 	c->c_kex->kex[KEX_DH_GEX_SHA1] = kexgex_client;
>+	c->c_kex->kex[KEX_DH_GEX_SHA256] = kexgex_client;
> 	c->c_kex->verify_host_key = hostjump;
> 
> 	if (!(j = setjmp(kexjmp))) {
>Index: sshconnect2.c
>===================================================================
>RCS file: /cvs/src/usr.bin/ssh/sshconnect2.c,v
>retrieving revision 1.140
>diff -u -p -r1.140 sshconnect2.c
>--- sshconnect2.c	17 Jul 2005 07:17:55 -0000	1.140
>+++ sshconnect2.c	17 Jul 2005 08:14:48 -0000
>@@ -120,6 +120,7 @@ ssh_kex2(char *host, struct sockaddr *ho
> 	kex->kex[KEX_DH_GRP1_SHA1] = kexdh_client;
> 	kex->kex[KEX_DH_GRP14_SHA1] = kexdh_client;
> 	kex->kex[KEX_DH_GEX_SHA1] = kexgex_client;
>+	kex->kex[KEX_DH_GEX_SHA256] = kexgex_client;
> 	kex->client_version_string=client_version_string;
> 	kex->server_version_string=server_version_string;
> 	kex->verify_host_key=&verify_host_key_callback;
>Index: sshd.c
>===================================================================
>RCS file: /cvs/src/usr.bin/ssh/sshd.c,v
>retrieving revision 1.311
>diff -u -p -r1.311 sshd.c
>--- sshd.c	17 Jun 2005 02:44:33 -0000	1.311
>+++ sshd.c	17 Jul 2005 08:14:48 -0000
>@@ -1910,6 +1910,7 @@ do_ssh2_kex(void)
> 	kex->kex[KEX_DH_GRP1_SHA1] = kexdh_server;
> 	kex->kex[KEX_DH_GRP14_SHA1] = kexdh_server;
> 	kex->kex[KEX_DH_GEX_SHA1] = kexgex_server;
>+	kex->kex[KEX_DH_GEX_SHA256] = kexgex_server;
> 	kex->server = 1;
> 	kex->client_version_string=client_version_string;
> 	kex->server_version_string=server_version_string;
>Index: lib/Makefile
>===================================================================
>RCS file: /cvs/src/usr.bin/ssh/lib/Makefile,v
>retrieving revision 1.51
>diff -u -p -r1.51 Makefile
>--- lib/Makefile	9 Apr 2005 04:32:54 -0000	1.51
>+++ lib/Makefile	17 Jul 2005 08:14:48 -0000
>@@ -11,7 +11,7 @@ SRCS=	authfd.c authfile.c bufaux.c buffe
> 	key.c dispatch.c kex.c mac.c uidswap.c uuencode.c misc.c \
> 	ssh-dss.c ssh-rsa.c dh.c kexdh.c kexgex.c \
> 	kexdhc.c kexgexc.c scard.c msg.c progressmeter.c dns.c \
>-	monitor_fdpass.c
>+	monitor_fdpass.c md-sha256.c
> 
> DEBUGLIBS= no
> NOPROFILE= yes

Actions: View | Diff

Attachments on bug 1023: 886 | 906 | 907 | 939 | 940 | 942 | 1019