Bugzilla – Attachment 2627 Details for
Bug 2209
Problem logging into Cisco devices under 6.5p1 (kexgexc.c)
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
Cap DH-GEX sizes for buggy Cisco servers.
ssh-cisco-dhgex-4k.patch (text/plain), 1.81 KB, created by
Darren Tucker
on 2015-05-22 13:41:09 AEST
(
hide
)
Description:
Cap DH-GEX sizes for buggy Cisco servers.
Filename:
MIME Type:
Creator:
Darren Tucker
Created:
2015-05-22 13:41:09 AEST
Size:
1.81 KB
patch
obsolete
>? ssh-agent.c.daz3 >Index: compat.c >=================================================================== >RCS file: /cvs/src/usr.bin/ssh/compat.c,v >retrieving revision 1.93 >diff -u -p -r1.93 compat.c >--- compat.c 6 May 2015 04:07:18 -0000 1.93 >+++ compat.c 22 May 2015 03:38:54 -0000 >@@ -150,6 +150,7 @@ compat_datafellows(const char *version) > "1.2.22*", SSH_BUG_IGNOREMSG }, > { "1.3.2*", /* F-Secure */ > SSH_BUG_IGNOREMSG }, >+ { "Cisco-1.*", SSH_BUG_DHGEX_4K }, > { "*SSH Compatible Server*", /* Netscreen */ > SSH_BUG_PASSWORDPAD }, > { "*OSU_0*," >Index: compat.h >=================================================================== >RCS file: /cvs/src/usr.bin/ssh/compat.h,v >retrieving revision 1.47 >diff -u -p -r1.47 compat.h >--- compat.h 10 Apr 2015 05:16:50 -0000 1.47 >+++ compat.h 22 May 2015 03:38:54 -0000 >@@ -61,6 +61,7 @@ > #define SSH_BUG_DYNAMIC_RPORT 0x08000000 > #define SSH_BUG_CURVE25519PAD 0x10000000 > #define SSH_BUG_HOSTKEYS 0x20000000 >+#define SSH_BUG_DHGEX_4K 0x40000000 > > void enable_compat13(void); > void enable_compat20(void); >Index: kexgexc.c >=================================================================== >RCS file: /cvs/src/usr.bin/ssh/kexgexc.c,v >retrieving revision 1.21 >diff -u -p -r1.21 kexgexc.c >--- kexgexc.c 13 Apr 2015 02:04:08 -0000 1.21 >+++ kexgexc.c 22 May 2015 03:38:54 -0000 >@@ -24,6 +24,7 @@ > * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. > */ > >+#include <sys/param.h> > #include <sys/types.h> > > #include <openssl/dh.h> >@@ -60,6 +61,8 @@ kexgex_client(struct ssh *ssh) > kex->min = DH_GRP_MIN; > kex->max = DH_GRP_MAX; > kex->nbits = nbits; >+ if (datafellows & SSH_BUG_DHGEX_4K) >+ kex->nbits = MAX(kex->nbits, 4096); > /* New GEX request */ > if ((r = sshpkt_start(ssh, SSH2_MSG_KEX_DH_GEX_REQUEST)) != 0 || > (r = sshpkt_put_u32(ssh, kex->min)) != 0 ||
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=2627">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 2209
:
2627
|
2629