Attachment #2627 for bug #2209

Lines 150-155 compat_datafellows(const char *version) Link Here

(-)compat.c (+1 lines)
150	"1.2.22*", SSH_BUG_IGNOREMSG },	150	"1.2.22*", SSH_BUG_IGNOREMSG },
151	{ "1.3.2", / F-Secure */	151	{ "1.3.2", / F-Secure */
152	SSH_BUG_IGNOREMSG },	152	SSH_BUG_IGNOREMSG },
		153	{ "Cisco-1.*", SSH_BUG_DHGEX_4K },
153	{ "SSH Compatible Server", /* Netscreen */	154	{ "SSH Compatible Server", /* Netscreen */
154	SSH_BUG_PASSWORDPAD },	155	SSH_BUG_PASSWORDPAD },
155	{ "OSU_0,"	156	{ "OSU_0,"

Lines 61-66 Link Here

(-)compat.h (+1 lines)
61	#define SSH_BUG_DYNAMIC_RPORT 0x08000000	61	#define SSH_BUG_DYNAMIC_RPORT 0x08000000
62	#define SSH_BUG_CURVE25519PAD 0x10000000	62	#define SSH_BUG_CURVE25519PAD 0x10000000
63	#define SSH_BUG_HOSTKEYS 0x20000000	63	#define SSH_BUG_HOSTKEYS 0x20000000
		64	#define SSH_BUG_DHGEX_4K 0x40000000
64		65
65	void enable_compat13(void);	66	void enable_compat13(void);
66	void enable_compat20(void);	67	void enable_compat20(void);

Lines 24-29 Link Here

(-)kexgexc.c (+3 lines)
24	* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.	24	* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
25	*/	25	*/
26		26
		27	#include <sys/param.h>
27	#include <sys/types.h>	28	#include <sys/types.h>
28		29
29	#include <openssl/dh.h>	30	#include <openssl/dh.h>
Lines 60-65 kexgex_client(struct ssh *ssh) Link Here
60	kex->min = DH_GRP_MIN;	61	kex->min = DH_GRP_MIN;
61	kex->max = DH_GRP_MAX;	62	kex->max = DH_GRP_MAX;
62	kex->nbits = nbits;	63	kex->nbits = nbits;
		64	if (datafellows & SSH_BUG_DHGEX_4K)
		65	kex->nbits = MAX(kex->nbits, 4096);
63	/* New GEX request */	66	/* New GEX request */
64	if ((r = sshpkt_start(ssh, SSH2_MSG_KEX_DH_GEX_REQUEST)) != 0 \|\|	67	if ((r = sshpkt_start(ssh, SSH2_MSG_KEX_DH_GEX_REQUEST)) != 0 \|\|
65	(r = sshpkt_put_u32(ssh, kex->min)) != 0 \|\|	68	(r = sshpkt_put_u32(ssh, kex->min)) != 0 \|\|

Return to bug 2209