Bugzilla – Attachment 31 Details for
Bug 132
connects to 1.2.2? vintage sshd sometimes gets "Server lies" about host key size off by 1 bit
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
New patch changing server lies log()s to verbose()s
serverlies.patch (text/plain), 2.59 KB, created by
Dave Dykstra
on 2002-03-05 03:35:08 AEDT
(
hide
)
Description:
New patch changing server lies log()s to verbose()s
Filename:
MIME Type:
Creator:
Dave Dykstra
Created:
2002-03-05 03:35:08 AEDT
Size:
2.59 KB
patch
obsolete
>--- compat.h~ Fri Oct 12 15:39:40 2001 >+++ compat.h Mon Mar 4 10:06:39 2002 >@@ -51,6 +51,7 @@ > #define SSH_BUG_OPENFAILURE 0x00020000 > #define SSH_BUG_DERIVEKEY 0x00040000 > #define SSH_BUG_DUMMYCHAN 0x00100000 >+#define SSH_BUG_SERVERLIESSIZE 0x00200000 > > void enable_compat13(void); > void enable_compat20(void); >--- compat.c~ Thu Feb 28 14:01:19 2002 >+++ compat.c Mon Mar 4 10:06:39 2002 >@@ -122,6 +122,8 @@ > "1.2.20*," > "1.2.21*," > "1.2.22*", SSH_BUG_IGNOREMSG }, >+ { "1.2.2*," >+ "1.2.3*", SSH_BUG_SERVERLIESSIZE }, > { "1.3.2*", SSH_BUG_IGNOREMSG }, /* f-secure */ > { "*SSH Compatible Server*", /* Netscreen */ > SSH_BUG_PASSWORDPAD }, >--- sshconnect1.c~ Thu Feb 28 14:01:32 2002 >+++ sshconnect1.c Mon Mar 4 10:06:39 2002 >@@ -37,6 +37,7 @@ > #include "packet.h" > #include "mpaux.h" > #include "uidswap.h" >+#include "compat.h" > #include "log.h" > #include "readconf.h" > #include "key.h" >@@ -933,9 +934,9 @@ > > rbits = BN_num_bits(server_key->rsa->n); > if (bits != rbits) { >- log("Warning: Server lies about size of server public key: " >+ verbose("Warning: Server lies about size of server public key: " > "actual size is %d bits vs. announced %d.", rbits, bits); >- log("Warning: This may be due to an old implementation of ssh."); >+ verbose("Warning: This may be due to an old implementation of ssh."); > } > /* Get the host key. */ > host_key = key_new(KEY_RSA1); >@@ -945,9 +946,14 @@ > > rbits = BN_num_bits(host_key->rsa->n); > if (bits != rbits) { >- log("Warning: Server lies about size of server host key: " >+ /* >+ * sshd 1.2.2* has been observed to sometimes announce host >+ * key sizes one bit more than actual size when the actual >+ * size is an odd number of bits. >+ */ >+ verbose("Warning: Server lies about size of server host key: " > "actual size is %d bits vs. announced %d.", rbits, bits); >- log("Warning: This may be due to an old implementation of ssh."); >+ verbose("Warning: This may be due to an old implementation of ssh."); > } > > /* Get protocol flags. */ >--- sshd.c~ Thu Feb 28 14:01:34 2002 >+++ sshd.c Mon Mar 4 10:06:40 2002 >@@ -1263,7 +1263,12 @@ > packet_put_bignum(sensitive_data.server_key->rsa->n); > > /* Store our public host RSA key. */ >- packet_put_int(BN_num_bits(sensitive_data.ssh1_host_key->rsa->n)); >+ len = BN_num_bits(sensitive_data.ssh1_host_key->rsa->n); >+ if ((datafellows & SSH_BUG_SERVERLIESSIZE) && (len & 1)) { >+ /* old ssh client expects even number for host key */ >+ len += 1; >+ } >+ packet_put_int(len); > packet_put_bignum(sensitive_data.ssh1_host_key->rsa->e); > packet_put_bignum(sensitive_data.ssh1_host_key->rsa->n); >
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=31">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 132
:
30
| 31