Bugzilla – Attachment 885 Details for
Bug 1022
arcfourfixes cipher support
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
Add support for arcfourfixes
arcfourfixes.diff (text/plain), 4.10 KB, created by
Damien Miller
on 2005-04-21 08:36:29 AEST
(
hide
)
Description:
Add support for arcfourfixes
Filename:
MIME Type:
Creator:
Damien Miller
Created:
2005-04-21 08:36:29 AEST
Size:
4.10 KB
patch
obsolete
>Index: cipher.c >=================================================================== >RCS file: /cvs/src/usr.bin/ssh/cipher.c,v >retrieving revision 1.73 >diff -u -p -r1.73 cipher.c >--- cipher.c 23 Jan 2005 10:18:12 -0000 1.73 >+++ cipher.c 27 Mar 2005 13:10:17 -0000 >@@ -54,26 +54,31 @@ struct Cipher { > int number; /* for ssh1 only */ > u_int block_size; > u_int key_len; >+ u_int discard_len; > const EVP_CIPHER *(*evptype)(void); > } ciphers[] = { >- { "none", SSH_CIPHER_NONE, 8, 0, EVP_enc_null }, >- { "des", SSH_CIPHER_DES, 8, 8, EVP_des_cbc }, >- { "3des", SSH_CIPHER_3DES, 8, 16, evp_ssh1_3des }, >- { "blowfish", SSH_CIPHER_BLOWFISH, 8, 32, evp_ssh1_bf }, >- >- { "3des-cbc", SSH_CIPHER_SSH2, 8, 24, EVP_des_ede3_cbc }, >- { "blowfish-cbc", SSH_CIPHER_SSH2, 8, 16, EVP_bf_cbc }, >- { "cast128-cbc", SSH_CIPHER_SSH2, 8, 16, EVP_cast5_cbc }, >- { "arcfour", SSH_CIPHER_SSH2, 8, 16, EVP_rc4 }, >- { "aes128-cbc", SSH_CIPHER_SSH2, 16, 16, EVP_aes_128_cbc }, >- { "aes192-cbc", SSH_CIPHER_SSH2, 16, 24, EVP_aes_192_cbc }, >- { "aes256-cbc", SSH_CIPHER_SSH2, 16, 32, EVP_aes_256_cbc }, >+ { "none", SSH_CIPHER_NONE, 8, 0, 0, EVP_enc_null }, >+ { "des", SSH_CIPHER_DES, 8, 8, 0, EVP_des_cbc }, >+ { "3des", SSH_CIPHER_3DES, 8, 16, 0, evp_ssh1_3des }, >+ { "blowfish", SSH_CIPHER_BLOWFISH, 8, 32, 0, evp_ssh1_bf }, >+ >+ { "3des-cbc", SSH_CIPHER_SSH2, 8, 24, 0, EVP_des_ede3_cbc }, >+ { "blowfish-cbc", SSH_CIPHER_SSH2, 8, 16, 0, EVP_bf_cbc }, >+ { "cast128-cbc", SSH_CIPHER_SSH2, 8, 16, 0, EVP_cast5_cbc }, >+ { "arcfour", SSH_CIPHER_SSH2, 8, 16, 0, EVP_rc4 }, >+ { "arcfour128-draft-00@putty.projects.tartarus.org", >+ SSH_CIPHER_SSH2, 8, 16, 1536, EVP_rc4 }, >+ { "arcfour256-draft-00@putty.projects.tartarus.org", >+ SSH_CIPHER_SSH2, 8, 32, 1536, EVP_rc4 }, >+ { "aes128-cbc", SSH_CIPHER_SSH2, 16, 16, 0, EVP_aes_128_cbc }, >+ { "aes192-cbc", SSH_CIPHER_SSH2, 16, 24, 0, EVP_aes_192_cbc }, >+ { "aes256-cbc", SSH_CIPHER_SSH2, 16, 32, 0, EVP_aes_256_cbc }, > { "rijndael-cbc@lysator.liu.se", >- SSH_CIPHER_SSH2, 16, 32, EVP_aes_256_cbc }, >- { "aes128-ctr", SSH_CIPHER_SSH2, 16, 16, evp_aes_128_ctr }, >- { "aes192-ctr", SSH_CIPHER_SSH2, 16, 24, evp_aes_128_ctr }, >- { "aes256-ctr", SSH_CIPHER_SSH2, 16, 32, evp_aes_128_ctr }, >- { "acss@openssh.org", SSH_CIPHER_SSH2, 16, 5, EVP_acss }, >+ SSH_CIPHER_SSH2, 16, 32, 0, EVP_aes_256_cbc }, >+ { "aes128-ctr", SSH_CIPHER_SSH2, 16, 16, 0, evp_aes_128_ctr }, >+ { "aes192-ctr", SSH_CIPHER_SSH2, 16, 24, 0, evp_aes_128_ctr }, >+ { "aes256-ctr", SSH_CIPHER_SSH2, 16, 32, 0, evp_aes_128_ctr }, >+ { "acss@openssh.org", SSH_CIPHER_SSH2, 16, 5, 0, EVP_acss }, > > { NULL, SSH_CIPHER_INVALID, 0, 0, NULL } > }; >@@ -189,6 +194,7 @@ cipher_init(CipherContext *cc, Cipher *c > static int dowarn = 1; > const EVP_CIPHER *type; > int klen; >+ u_char *zero, *discard; > > if (cipher->number == SSH_CIPHER_DES) { > if (dowarn) { >@@ -226,6 +232,17 @@ cipher_init(CipherContext *cc, Cipher *c > if (EVP_CipherInit(&cc->evp, NULL, (u_char *)key, NULL, -1) == 0) > fatal("cipher_init: EVP_CipherInit: set key failed for %s", > cipher->name); >+ >+ if (cipher->discard_len > 0) { >+ zero = xmalloc(cipher->discard_len); >+ discard = xmalloc(cipher->discard_len); >+ if (EVP_Cipher(&cc->evp, discard, zero, >+ cipher->discard_len) == 0) >+ fatal("evp_crypt: EVP_Cipher failed during discard"); >+ memset(discard, 0, cipher->discard_len); >+ xfree(zero); >+ xfree(discard); >+ } > } > > void >Index: myproposal.h >=================================================================== >RCS file: /cvs/src/usr.bin/ssh/myproposal.h,v >retrieving revision 1.16 >diff -u -p -r1.16 myproposal.h >--- myproposal.h 13 Jun 2004 12:53:24 -0000 1.16 >+++ myproposal.h 27 Mar 2005 13:10:17 -0000 >@@ -28,7 +28,10 @@ > "diffie-hellman-group1-sha1" > #define KEX_DEFAULT_PK_ALG "ssh-rsa,ssh-dss" > #define KEX_DEFAULT_ENCRYPT \ >- "aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour," \ >+ "aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc," \ >+ "arcfour128-draft-00@putty.projects.tartarus.org," \ >+ "arcfour256-draft-00@putty.projects.tartarus.org," \ >+ "arcfour," \ > "aes192-cbc,aes256-cbc,rijndael-cbc@lysator.liu.se," \ > "aes128-ctr,aes192-ctr,aes256-ctr" > #define KEX_DEFAULT_MAC \
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=885">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 1022
:
885
|
904