Bugzilla – Attachment 30 Details for
Bug 132
connects to 1.2.2? vintage sshd sometimes gets "Server lies" about host key size off by 1 bit
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
Patch against CVS of March 1, 2003
serverlies.patch (text/plain), 1.90 KB, created by
Dave Dykstra
on 2002-03-02 02:29:15 AEDT
(
hide
)
Description:
Patch against CVS of March 1, 2003
Filename:
MIME Type:
Creator:
Dave Dykstra
Created:
2002-03-02 02:29:15 AEDT
Size:
1.90 KB
patch
obsolete
>--- compat.h~ Thu Sep 20 18:13:50 2001 >+++ compat.h Fri Mar 1 09:04:07 2002 >@@ -51,6 +51,7 @@ > #define SSH_BUG_OPENFAILURE 0x00020000 > #define SSH_BUG_DERIVEKEY 0x00040000 > #define SSH_BUG_DUMMYCHAN 0x00100000 >+#define SSH_BUG_SERVERLIESSIZE 0x00200000 > > void enable_compat13(void); > void enable_compat20(void); >--- compat.c~ Tue Jan 22 11:19:05 2002 >+++ compat.c Fri Mar 1 09:04:07 2002 >@@ -122,6 +122,8 @@ > "1.2.20*," > "1.2.21*," > "1.2.22*", SSH_BUG_IGNOREMSG }, >+ { "1.2.2*," >+ "1.2.3*", SSH_BUG_SERVERLIESSIZE }, > { "1.3.2*", SSH_BUG_IGNOREMSG }, /* f-secure */ > { "*SSH Compatible Server*", /* Netscreen */ > SSH_BUG_PASSWORDPAD }, >--- sshconnect1.c~ Fri Mar 1 09:02:07 2002 >+++ sshconnect1.c Fri Mar 1 09:04:07 2002 >@@ -37,6 +37,7 @@ > #include "packet.h" > #include "mpaux.h" > #include "uidswap.h" >+#include "compat.h" > #include "log.h" > #include "readconf.h" > #include "key.h" >@@ -944,7 +945,8 @@ > packet_get_bignum(host_key->rsa->n); > > rbits = BN_num_bits(host_key->rsa->n); >- if (bits != rbits) { >+ if (bits != rbits && >+ !((datafellows & SSH_BUG_SERVERLIESSIZE) && (rbits + 1 == bits))) { > log("Warning: Server lies about size of server host key: " > "actual size is %d bits vs. announced %d.", rbits, bits); > log("Warning: This may be due to an old implementation of ssh."); >--- sshd.c~ Fri Mar 1 09:02:08 2002 >+++ sshd.c Fri Mar 1 09:04:07 2002 >@@ -1296,7 +1296,12 @@ > packet_put_bignum(sensitive_data.server_key->rsa->n); > > /* Store our public host RSA key. */ >- packet_put_int(BN_num_bits(sensitive_data.ssh1_host_key->rsa->n)); >+ len = BN_num_bits(sensitive_data.ssh1_host_key->rsa->n); >+ if ((datafellows & SSH_BUG_SERVERLIESSIZE) && (len & 1)) { >+ /* old ssh client expects even number for host key */ >+ len += 1; >+ } >+ packet_put_int(len); > packet_put_bignum(sensitive_data.ssh1_host_key->rsa->e); > packet_put_bignum(sensitive_data.ssh1_host_key->rsa->n); >
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=30">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 132
: 30 |
31