Attachment #31 for bug #132

Lines 51-56 Link Here

(-)compat.h~ (+1 lines)
51	#define SSH_BUG_OPENFAILURE 0x00020000	51	#define SSH_BUG_OPENFAILURE 0x00020000
52	#define SSH_BUG_DERIVEKEY 0x00040000	52	#define SSH_BUG_DERIVEKEY 0x00040000
53	#define SSH_BUG_DUMMYCHAN 0x00100000	53	#define SSH_BUG_DUMMYCHAN 0x00100000
		54	#define SSH_BUG_SERVERLIESSIZE 0x00200000
54		55
55	void enable_compat13(void);	56	void enable_compat13(void);
56	void enable_compat20(void);	57	void enable_compat20(void);

Lines 122-127 Link Here

(-)compat.c~ (+2 lines)
122	"1.2.20*,"	122	"1.2.20*,"
123	"1.2.21*,"	123	"1.2.21*,"
124	"1.2.22*", SSH_BUG_IGNOREMSG },	124	"1.2.22*", SSH_BUG_IGNOREMSG },
		125	{ "1.2.2*,"
		126	"1.2.3*", SSH_BUG_SERVERLIESSIZE },
125	{ "1.3.2", SSH_BUG_IGNOREMSG }, / f-secure */	127	{ "1.3.2", SSH_BUG_IGNOREMSG }, / f-secure */
126	{ "SSH Compatible Server", /* Netscreen */	128	{ "SSH Compatible Server", /* Netscreen */
127	SSH_BUG_PASSWORDPAD },	129	SSH_BUG_PASSWORDPAD },




#include "packet.h"
#include "mpaux.h"
#include "uidswap.h"
#include "compat.h"
#include "log.h"
#include "readconf.h"
#include "key.h"


	rbits = BN_num_bits(server_key->rsa->n);
	if (bits != rbits) {
		verbose("Warning: Server lies about size of server public key: "
		    "actual size is %d bits vs. announced %d.", rbits, bits);
		verbose("Warning: This may be due to an old implementation of ssh.");
	}
	/* Get the host key. */
	host_key = key_new(KEY_RSA1);


	rbits = BN_num_bits(host_key->rsa->n);
	if (bits != rbits) {
		/* 
		 * sshd 1.2.2* has been observed to sometimes announce host
		 *   key sizes one bit more than actual size when the actual
		 *   size is an odd number of bits.
		 */
		verbose("Warning: Server lies about size of server host key: "
		    "actual size is %d bits vs. announced %d.", rbits, bits);
		verbose("Warning: This may be due to an old implementation of ssh.");
	}

	/* Get protocol flags. */

Lines 1263-1269 Link Here

(-)sshd.c~ (-1 / +6 lines)
1263	packet_put_bignum(sensitive_data.server_key->rsa->n);	1263	packet_put_bignum(sensitive_data.server_key->rsa->n);
1264		1264
1265	/* Store our public host RSA key. */	1265	/* Store our public host RSA key. */
1266	packet_put_int(BN_num_bits(sensitive_data.ssh1_host_key->rsa->n));	1266	len = BN_num_bits(sensitive_data.ssh1_host_key->rsa->n);
		1267	if ((datafellows & SSH_BUG_SERVERLIESSIZE) && (len & 1)) {
		1268	/* old ssh client expects even number for host key */
		1269	len += 1;
		1270	}
		1271	packet_put_int(len);
1267	packet_put_bignum(sensitive_data.ssh1_host_key->rsa->e);	1272	packet_put_bignum(sensitive_data.ssh1_host_key->rsa->e);
1268	packet_put_bignum(sensitive_data.ssh1_host_key->rsa->n);	1273	packet_put_bignum(sensitive_data.ssh1_host_key->rsa->n);
1269		1274

Return to bug 132

Lines 37-42 Link Here

(-)sshconnect1.c~ (-4 / +10 lines)
37	#include "packet.h"	37	#include "packet.h"
38	#include "mpaux.h"	38	#include "mpaux.h"
39	#include "uidswap.h"	39	#include "uidswap.h"
		40	#include "compat.h"
40	#include "log.h"	41	#include "log.h"
41	#include "readconf.h"	42	#include "readconf.h"
42	#include "key.h"	43	#include "key.h"
Lines 933-941 Link Here
933		934
934	rbits = BN_num_bits(server_key->rsa->n);	935	rbits = BN_num_bits(server_key->rsa->n);
935	if (bits != rbits) {	936	if (bits != rbits) {
936	log("Warning: Server lies about size of server public key: "	937	verbose("Warning: Server lies about size of server public key: "
937	"actual size is %d bits vs. announced %d.", rbits, bits);	938	"actual size is %d bits vs. announced %d.", rbits, bits);
938	log("Warning: This may be due to an old implementation of ssh.");	939	verbose("Warning: This may be due to an old implementation of ssh.");
939	}	940	}
940	/* Get the host key. */	941	/* Get the host key. */
941	host_key = key_new(KEY_RSA1);	942	host_key = key_new(KEY_RSA1);
Lines 945-953 Link Here
945		946
946	rbits = BN_num_bits(host_key->rsa->n);	947	rbits = BN_num_bits(host_key->rsa->n);
947	if (bits != rbits) {	948	if (bits != rbits) {
948	log("Warning: Server lies about size of server host key: "	949	/*
		950	* sshd 1.2.2* has been observed to sometimes announce host
		951	* key sizes one bit more than actual size when the actual
		952	* size is an odd number of bits.
		953	*/
		954	verbose("Warning: Server lies about size of server host key: "
949	"actual size is %d bits vs. announced %d.", rbits, bits);	955	"actual size is %d bits vs. announced %d.", rbits, bits);
950	log("Warning: This may be due to an old implementation of ssh.");	956	verbose("Warning: This may be due to an old implementation of ssh.");
951	}	957	}
952		958
953	/* Get protocol flags. */	959	/* Get protocol flags. */