Bugzilla – Attachment 161 Details for
Bug 148
Key Exchange Guesses not supported
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
Proposed patch for the Bug
patch (text/plain), 3.11 KB, created by
Avraham H. Fraenkel
on 2002-10-28 00:58:54 AEDT
(
hide
)
Description:
Proposed patch for the Bug
Filename:
MIME Type:
Creator:
Avraham H. Fraenkel
Created:
2002-10-28 00:58:54 AEDT
Size:
3.11 KB
patch
obsolete
>diff -w -ur openssh-3.5p1/kex.c openssh-patch/kex.c >--- openssh-3.5p1/kex.c Wed Jun 26 02:19:13 2002 >+++ openssh-patch/kex.c Sun Oct 27 15:54:59 2002 >@@ -74,7 +74,7 @@ > > /* parse buffer and return algorithm proposal */ > static char ** >-kex_buf2prop(Buffer *raw) >+kex_buf2prop(Buffer *raw,int *first_kex_follows) > { > Buffer b; > int i; >@@ -93,8 +93,8 @@ > debug2("kex_parse_kexinit: %s", proposal[i]); > } > /* first kex follows / reserved */ >- i = buffer_get_char(&b); >- debug2("kex_parse_kexinit: first_kex_follows %d ", i); >+ *first_kex_follows = buffer_get_char(&b); >+ debug2("kex_parse_kexinit: first_kex_follows %d ",*first_kex_follows ); > i = buffer_get_int(&b); > debug2("kex_parse_kexinit: reserved %d ", i); > buffer_free(&b); >@@ -317,6 +317,33 @@ > xfree(hostkeyalg); > } > >+/* After kex_choose_conf each entry in the proposal array is NULL terminated so >+ Only the fist index should be checked*/ >+static int >+check_guess(char *my[PROPOSAL_MAX],char *peer[PROPOSAL_MAX]){ >+ if(strcmp(my[PROPOSAL_KEX_ALGS],peer[PROPOSAL_KEX_ALGS])!=0) >+ return 1; >+ if(strcmp(my[PROPOSAL_SERVER_HOST_KEY_ALGS],peer[PROPOSAL_SERVER_HOST_KEY_ALGS])!=0) >+ return 1; >+ if(strcmp(my[PROPOSAL_ENC_ALGS_CTOS],peer[PROPOSAL_ENC_ALGS_STOC])!=0) >+ return 1; >+ if(strcmp(my[PROPOSAL_ENC_ALGS_STOC],peer[PROPOSAL_ENC_ALGS_CTOS])!=0) >+ return 1; >+ if(strcmp(my[PROPOSAL_MAC_ALGS_CTOS],peer[PROPOSAL_MAC_ALGS_STOC])!=0) >+ return 1; >+ if(strcmp(my[PROPOSAL_MAC_ALGS_STOC],peer[PROPOSAL_MAC_ALGS_CTOS])!=0) >+ return 1; >+ if(strcmp(my[PROPOSAL_COMP_ALGS_CTOS],peer[PROPOSAL_COMP_ALGS_STOC])!=0) >+ return 1; >+ if(strcmp(my[PROPOSAL_COMP_ALGS_STOC],peer[PROPOSAL_COMP_ALGS_CTOS])!=0) >+ return 1; >+ if(strcmp(my[PROPOSAL_LANG_CTOS],peer[PROPOSAL_LANG_STOC])!=0) >+ return 1; >+ if(strcmp(my[PROPOSAL_LANG_STOC],peer[PROPOSAL_LANG_CTOS])!=0) >+ return 1; >+ return 0; >+} >+ > static void > kex_choose_conf(Kex *kex) > { >@@ -327,9 +354,10 @@ > int mode; > int ctos; /* direction: if true client-to-server */ > int need; >+ int first_kex_follows; > >- my = kex_buf2prop(&kex->my); >- peer = kex_buf2prop(&kex->peer); >+ my = kex_buf2prop(&kex->my,&first_kex_follows); >+ peer = kex_buf2prop(&kex->peer,&first_kex_follows);/* Only the peer value have meaning*/ > > if (kex->server) { > cprop=peer; >@@ -372,6 +400,15 @@ > } > /* XXX need runden? */ > kex->we_need = need; >+ >+ if(first_kex_follows){ >+ /* If the guess is correct continue as usual*/ >+ first_kex_follows=check_guess(my,peer); >+ } >+ if(first_kex_follows){/* nor correct guess*/ >+ /* casuse to ignore the following message */ >+ packet_read_expect(SSH2_MSG_MAX); >+ } > > kex_prop_free(my); > kex_prop_free(peer); >diff -w -ur openssh-3.5p1/packet.c openssh-patch/packet.c >--- openssh-3.5p1/packet.c Mon Jul 8 01:11:51 2002 >+++ openssh-patch/packet.c Sun Oct 27 15:52:22 2002 >@@ -812,7 +812,7 @@ > int type; > > type = packet_read(); >- if (type != expected_type) >+ if ((type != expected_type) && (expected_type != SSH2_MSG_MAX)) > packet_disconnect("Protocol error: expected packet type %d, got %d", > expected_type, type); > }
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=161">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 148
:
161
|
208
|
210
|
211