| Summary: | RekeyLimit max value is too restrictive | ||||||||
|---|---|---|---|---|---|---|---|---|---|
| Product: | Portable OpenSSH | Reporter: | Jan Pechanec <Jan.Pechanec> | ||||||
| Component: | ssh | Assignee: | Assigned to nobody <unassigned-bugs> | ||||||
| Status: | CLOSED FIXED | ||||||||
| Severity: | normal | CC: | djm, dtucker | ||||||
| Priority: | P2 | ||||||||
| Version: | 4.7p1 | ||||||||
| Hardware: | All | ||||||||
| OS: | All | ||||||||
| Bug Depends on: | |||||||||
| Bug Blocks: | 1353 | ||||||||
| Attachments: |
|
||||||||
Created attachment 1381 [details]
fixed patch
I forgot about the initial -1 value... So, the following line was not correct in the patch then:
if (*activep && options->rekey_limit == -1)
possible solution is to use int64_t for options.rekey_limit and explicitly cast it to u_int32_t in set_packet_rekey_limit(). Since rekey_limit is tested against UINT_MAX it's OK.
corrected patch uploaded.
Target 4.8 Comment on attachment 1381 [details]
fixed patch
This looks OK to me. Darren?
fix applied - thanks! Fix shipped in 4.9/4.9p1 release. |
Created attachment 1380 [details] patch against 4.7p1 RekeyLimit option allows to set the limit up to 2^31 bytes only since it's a signed integer. However, the default value for rekeying limit is 2^32 since AES's block size is 16 bytes (limit set in packet.c). 2^(block_size * 2) = 2^32 since there is no support for ciphers with block sizes of 32 bytes it's enough to use u_int32_t for rekey_limit + fix the casting and replace INT_MAX with UINT_MAX. patch attached.