Attachment #1327 for bug #1340

Lines 87-92 Link Here

(-)openssh.bak/cipher.c (+3 lines)
87	#ifdef USE_CIPHER_ACSS	87	#ifdef USE_CIPHER_ACSS
88	{ "acss@openssh.org", SSH_CIPHER_SSH2, 16, 5, 0, EVP_acss },	88	{ "acss@openssh.org", SSH_CIPHER_SSH2, 16, 5, 0, EVP_acss },
89	#endif	89	#endif
		90	{ "camellia128-cbc", SSH_CIPHER_SSH2, 16, 16, 0, EVP_camellia_128_cbc },
		91	{ "camellia192-cbc", SSH_CIPHER_SSH2, 16, 24, 0, EVP_camellia_192_cbc },
		92	{ "camellia256-cbc", SSH_CIPHER_SSH2, 16, 32, 0, EVP_camellia_256_cbc },
90	{ NULL, SSH_CIPHER_INVALID, 0, 0, 0, NULL }	93	{ NULL, SSH_CIPHER_INVALID, 0, 0, 0, NULL }
91	};	94	};
92		95




	]
)

# Check for OpenSSL without EVP_camellia_{128,192,256}_cbc
AC_MSG_CHECKING([whether OpenSSL has Camellia support])
AC_LINK_IFELSE(
	[AC_LANG_SOURCE([[
#include <string.h>
#include <openssl/evp.h>
int main(void) { exit(EVP_camellia_128_cbc() == NULL
	|| EVP_camellia_192_cbc() == NULL || EVP_camellia_256_cbc() == NULL);}
	]])],
	[
		AC_MSG_RESULT(yes)
	],
	[
		AC_MSG_ERROR(libcrypto is missing Camellia functions)
	]
)

# Some systems want crypt() from libcrypt, *not* the version in OpenSSL,
# because the system crypt() is more featureful.
if test "x$check_for_libcrypt_before" = "x1"; then

Lines 42-49 Link Here

(-)openssh.bak/myproposal.h (+2 lines)
42		42
43	#define KEX_DEFAULT_PK_ALG "ssh-rsa,ssh-dss"	43	#define KEX_DEFAULT_PK_ALG "ssh-rsa,ssh-dss"
44	#define KEX_DEFAULT_ENCRYPT \	44	#define KEX_DEFAULT_ENCRYPT \
		45	"camellia128-cbc," \
45	"aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc," \	46	"aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc," \
46	"arcfour128,arcfour256,arcfour," \	47	"arcfour128,arcfour256,arcfour," \
		48	"camellia192-cbc,camellia256-cbc," \
47	"aes192-cbc,aes256-cbc,rijndael-cbc@lysator.liu.se," \	49	"aes192-cbc,aes256-cbc,rijndael-cbc@lysator.liu.se," \
48	"aes128-ctr,aes192-ctr,aes256-ctr"	50	"aes128-ctr,aes192-ctr,aes256-ctr"
49	#define KEX_DEFAULT_MAC \	51	#define KEX_DEFAULT_MAC \




arcfour256,
arcfour,
blowfish-cbc,
camellia128-cbc,
camellia192-cbc,
camellia256-cbc,
and
cast128-cbc.
The default is:
.Bd -literal -offset indent
camellia128-cbc,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,
arcfour128,arcfour256,arcfour,camellia192-cbc,camellia256-cbc,
aes192-cbc,aes256-cbc,aes128-ctr,aes192-ctr,aes256-ctr
.Ed
.It Fl D Xo
.Sm off




.Dq arcfour256 ,
.Dq arcfour ,
.Dq blowfish-cbc ,
.Dq camellia128-cbc ,
.Dq camellia192-cbc ,
.Dq camellia256-cbc ,
and
.Dq cast128-cbc .
The default is:
.Bd -literal -offset 3n
camellia128-cbc,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,
arcfour128,arcfour256,arcfour,camellia192-cbc,camellia256-cbc,
aes192-cbc,aes256-cbc,aes128-ctr,aes192-ctr,aes256-ctr
.Ed
.It Cm ClearAllForwardings
Specifies that all local, remote, and dynamic port forwardings




.Dq arcfour256 ,
.Dq arcfour ,
.Dq blowfish-cbc ,
.Dq camellia128-cbc ,
.Dq camellia192-cbc ,
.Dq camellia256-cbc ,
and
.Dq cast128-cbc .
The default is:
.Bd -literal -offset 3n
camellia128-cbc,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,
arcfour128,arcfour256,arcfour,camellia192-cbc,camellia256-cbc,
aes192-cbc,aes256-cbc,aes128-ctr,aes192-ctr,aes256-ctr
.Ed
.It Cm ClientAliveCountMax
Sets the number of client alive messages (see below) which may be

Return to bug 1340

Lines 1981-1986 Link Here

(-)openssh.bak/configure.ac (+17 lines)
1981	]	1981	]
1982	)	1982	)
1983		1983
		1984	# Check for OpenSSL without EVP_camellia_{128,192,256}_cbc
		1985	AC_MSG_CHECKING([whether OpenSSL has Camellia support])
		1986	AC_LINK_IFELSE(
		1987	[AC_LANG_SOURCE([[
		1988	#include <string.h>
		1989	#include <openssl/evp.h>
		1990	int main(void) { exit(EVP_camellia_128_cbc() == NULL
		1991	\|\| EVP_camellia_192_cbc() == NULL \|\| EVP_camellia_256_cbc() == NULL);}
		1992	]])],
		1993	[
		1994	AC_MSG_RESULT(yes)
		1995	],
		1996	[
		1997	AC_MSG_ERROR(libcrypto is missing Camellia functions)
		1998	]
		1999	)
		2000
1984	# Some systems want crypt() from libcrypt, not the version in OpenSSL,	2001	# Some systems want crypt() from libcrypt, not the version in OpenSSL,
1985	# because the system crypt() is more featureful.	2002	# because the system crypt() is more featureful.
1986	if test "x$check_for_libcrypt_before" = "x1"; then	2003	if test "x$check_for_libcrypt_before" = "x1"; then

Lines 203-215 Link Here

(-)openssh.bak/ssh.1 (-3 / +6 lines)
203	arcfour256,	203	arcfour256,
204	arcfour,	204	arcfour,
205	blowfish-cbc,	205	blowfish-cbc,
		206	camellia128-cbc,
		207	camellia192-cbc,
		208	camellia256-cbc,
206	and	209	and
207	cast128-cbc.	210	cast128-cbc.
208	The default is:	211	The default is:
209	.Bd -literal -offset indent	212	.Bd -literal -offset indent
210	aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour128,	213	camellia128-cbc,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,
211	arcfour256,arcfour,aes192-cbc,aes256-cbc,aes128-ctr,	214	arcfour128,arcfour256,arcfour,camellia192-cbc,camellia256-cbc,
212	aes192-ctr,aes256-ctr	215	aes192-cbc,aes256-cbc,aes128-ctr,aes192-ctr,aes256-ctr
213	.Ed	216	.Ed
214	.It Fl D Xo	217	.It Fl D Xo
215	.Sm off	218	.Sm off

Lines 199-211 Link Here

(-)openssh.bak/ssh_config.5 (-3 / +6 lines)
199	.Dq arcfour256 ,	199	.Dq arcfour256 ,
200	.Dq arcfour ,	200	.Dq arcfour ,
201	.Dq blowfish-cbc ,	201	.Dq blowfish-cbc ,
		202	.Dq camellia128-cbc ,
		203	.Dq camellia192-cbc ,
		204	.Dq camellia256-cbc ,
202	and	205	and
203	.Dq cast128-cbc .	206	.Dq cast128-cbc .
204	The default is:	207	The default is:
205	.Bd -literal -offset 3n	208	.Bd -literal -offset 3n
206	aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour128,	209	camellia128-cbc,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,
207	arcfour256,arcfour,aes192-cbc,aes256-cbc,aes128-ctr,	210	arcfour128,arcfour256,arcfour,camellia192-cbc,camellia256-cbc,
208	aes192-ctr,aes256-ctr	211	aes192-cbc,aes256-cbc,aes128-ctr,aes192-ctr,aes256-ctr
209	.Ed	212	.Ed
210	.It Cm ClearAllForwardings	213	.It Cm ClearAllForwardings
211	Specifies that all local, remote, and dynamic port forwardings	214	Specifies that all local, remote, and dynamic port forwardings

Lines 187-199 Link Here

(-)openssh.bak/sshd_config.5 (-3 / +6 lines)
187	.Dq arcfour256 ,	187	.Dq arcfour256 ,
188	.Dq arcfour ,	188	.Dq arcfour ,
189	.Dq blowfish-cbc ,	189	.Dq blowfish-cbc ,
		190	.Dq camellia128-cbc ,
		191	.Dq camellia192-cbc ,
		192	.Dq camellia256-cbc ,
190	and	193	and
191	.Dq cast128-cbc .	194	.Dq cast128-cbc .
192	The default is:	195	The default is:
193	.Bd -literal -offset 3n	196	.Bd -literal -offset 3n
194	aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour128,	197	camellia128-cbc,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,
195	arcfour256,arcfour,aes192-cbc,aes256-cbc,aes128-ctr,	198	arcfour128,arcfour256,arcfour,camellia192-cbc,camellia256-cbc,
196	aes192-ctr,aes256-ctr	199	aes192-cbc,aes256-cbc,aes128-ctr,aes192-ctr,aes256-ctr
197	.Ed	200	.Ed
198	.It Cm ClientAliveCountMax	201	.It Cm ClientAliveCountMax
199	Sets the number of client alive messages (see below) which may be	202	Sets the number of client alive messages (see below) which may be