- markus@cvs.openbsd.org 2001/02/11 12:59:25

[Makefile.in sshd.8 sshconnect2.c readconf.h readconf.c packet.c sshd.c ssh.c ssh.1 servconf.h servconf.c myproposal.h kex.h kex.c] 1) clean up the MAC support for SSH-2 2) allow you to specify the MAC with 'ssh -m' 3) or the 'MACs' keyword in ssh(d)_config 4) add hmac-{md5,sha1}-96 ok stevesk@, provos@
2025-07-31 01:35:11 +02:00 · 2001-02-15 03:01:59 +00:00 · 2001-02-15 03:01:59 +00:00 · 06b33aa0e8
commit 06b33aa0e8
parent 4272ed803f
18 changed files with 252 additions and 119 deletions
--- a/10
+++ b/10
@ -7,6 +7,14 @@
   - markus@cvs.openbsd.org 2001/02/12 12:45:06
     [sshconnect1.c]
     fix xmalloc(0), ok dugsong@
   - markus@cvs.openbsd.org 2001/02/11 12:59:25
     [Makefile.in sshd.8 sshconnect2.c readconf.h readconf.c packet.c
      sshd.c ssh.c ssh.1 servconf.h servconf.c myproposal.h kex.h kex.c]
     1) clean up the MAC support for SSH-2
     2) allow you to specify the MAC with 'ssh -m'
     3) or the 'MACs' keyword in ssh(d)_config
     4) add hmac-{md5,sha1}-96
             ok stevesk@, provos@
 20010214
 - (djm) Don't try to close PAM session or delete credentials if the
@ -3935,4 +3943,4 @@
 - Wrote replacements for strlcpy and mkdtemp
 - Released 1.0pre1
-$Id: ChangeLog,v 1.762 2001/02/15 02:36:46 mouring Exp $
+$Id: ChangeLog,v 1.763 2001/02/15 03:01:59 mouring Exp $
--- a/Makefile.in
+++ b/Makefile.in
@ -1,4 +1,4 @@
-# $Id: Makefile.in,v 1.151 2001/02/13 14:25:23 djm Exp $
+# $Id: Makefile.in,v 1.152 2001/02/15 03:01:59 mouring Exp $
 prefix=@prefix@
 exec_prefix=@exec_prefix@
@ -44,7 +44,7 @@ INSTALL_SSH_PRNG_CMDS=@INSTALL_SSH_PRNG_CMDS@
 TARGETS=ssh$(EXEEXT) sshd$(EXEEXT) ssh-add$(EXEEXT) ssh-keygen$(EXEEXT) ssh-keyscan${EXEEXT} ssh-agent$(EXEEXT) scp$(EXEEXT) $(SFTP_PROGS)
-LIBSSH_OBJS=atomicio.o authfd.o authfile.o bufaux.o buffer.o canohost.o channels.o cipher.o cli.o compat.o compress.o crc32.o deattack.o dispatch.o hmac.o hostfile.o key.o kex.o log.o match.o misc.o mpaux.o nchan.o packet.o radix.o rijndael.o entropy.o readpass.o rsa.o ssh-dss.o ssh-rsa.o tildexpand.o ttymodes.o uidswap.o uuencode.o xmalloc.o 
+LIBSSH_OBJS=atomicio.o authfd.o authfile.o bufaux.o buffer.o canohost.o channels.o cipher.o cli.o compat.o compress.o crc32.o deattack.o dispatch.o mac.o hostfile.o key.o kex.o log.o match.o misc.o mpaux.o nchan.o packet.o radix.o rijndael.o entropy.o readpass.o rsa.o ssh-dss.o ssh-rsa.o tildexpand.o ttymodes.o uidswap.o uuencode.o xmalloc.o 
 SSHOBJS= ssh.o sshconnect.o sshconnect1.o sshconnect2.o log-client.o readconf.o clientloop.o
--- a/hmac.c
+++ b/hmac.c
@ -1,56 +0,0 @@
 /*
 * Copyright (c) 2000 Markus Friedl.  All rights reserved.
 *
 * Redistribution and use in source and binary forms, with or without
 * modification, are permitted provided that the following conditions
 * are met:
 * 1. Redistributions of source code must retain the above copyright
 *    notice, this list of conditions and the following disclaimer.
 * 2. Redistributions in binary form must reproduce the above copyright
 *    notice, this list of conditions and the following disclaimer in the
 *    documentation and/or other materials provided with the distribution.
 *
 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 */
 #include "includes.h"
 RCSID("$OpenBSD: hmac.c,v 1.7 2001/02/08 19:30:51 itojun Exp $");
 #include "xmalloc.h"
 #include "getput.h"
 #include "log.h"
 #include <openssl/hmac.h>
 #include "hmac.h"
 u_char *
 hmac(
    EVP_MD *evp_md,
    u_int seqno,
    u_char *data, int datalen,
    u_char *key, int keylen)
 {
 	HMAC_CTX c;
 	static u_char m[EVP_MAX_MD_SIZE];
 	u_char b[4];
 	if (key == NULL)
 		fatal("hmac: no key");
 	HMAC_Init(&c, key, keylen, evp_md);
 	PUT_32BIT(b, seqno);
 	HMAC_Update(&c, b, sizeof b);
 	HMAC_Update(&c, data, datalen);
 	HMAC_Final(&c, m, NULL);
 	HMAC_cleanup(&c);
 	return(m);
 }
--- a/kex.c
+++ b/kex.c
@ -23,7 +23,7 @@
 */
 #include "includes.h"
-RCSID("$OpenBSD: kex.c,v 1.20 2001/02/08 19:30:51 itojun Exp $");
+RCSID("$OpenBSD: kex.c,v 1.21 2001/02/11 12:59:24 markus Exp $");
 #include <openssl/crypto.h>
 #include <openssl/bio.h>
@ -41,6 +41,7 @@ RCSID("$OpenBSD: kex.c,v 1.20 2001/02/08 19:30:51 itojun Exp $");
 #include "kex.h"
 #include "key.h"
 #include "log.h"
 #include "mac.h"
 #define KEX_COOKIE_LEN	16
@ -412,18 +413,12 @@ choose_mac(Mac *mac, char *client, char *server)
 	char *name = get_match(client, server);
 	if (name == NULL)
 		fatal("no matching mac found: client %s server %s", client, server);
-	if (strcmp(name, "hmac-md5") == 0) {
+	if (mac_init(mac, name) < 0)
 		mac->md = EVP_md5();
 	} else if (strcmp(name, "hmac-sha1") == 0) {
 		mac->md = EVP_sha1();
 	} else if (strcmp(name, "hmac-ripemd160@openssh.com") == 0) {
 		mac->md = EVP_ripemd160();
 	} else {
 		fatal("unsupported mac %s", name);
-	}
+	/* truncate the key */
 	if (datafellows & SSH_BUG_HMAC)
 		mac->key_len = 16;
 	mac->name = name;
 	mac->mac_len = mac->md->md_size;
 	mac->key_len = (datafellows & SSH_BUG_HMAC) ? 16 : mac->mac_len;
 	mac->key = NULL;
 	mac->enabled = 0;
 }
--- a/kex.h
+++ b/kex.h
@ -1,4 +1,4 @@
-/*	$OpenBSD: kex.h,v 1.13 2001/02/04 15:32:24 stevesk Exp $	*/
+/*	$OpenBSD: kex.h,v 1.14 2001/02/11 12:59:24 markus Exp $	*/
 /*
 * Copyright (c) 2000 Markus Friedl.  All rights reserved.
@ -26,9 +26,11 @@
 #ifndef KEX_H
 #define KEX_H
 #include <openssl/evp.h>
 #include "buffer.h"
 #define	KEX_DH1		"diffie-hellman-group1-sha1"
 #define	KEX_DHGEX	"diffie-hellman-group-exchange-sha1"
 #define	KEX_DSS		"ssh-dss"
 enum kex_init_proposals {
 	PROPOSAL_KEX_ALGS,
--- a/mac.c
+++ b/mac.c
@ -0,0 +1,114 @@
 /*
 * Copyright (c) 2001 Markus Friedl.  All rights reserved.
 *
 * Redistribution and use in source and binary forms, with or without
 * modification, are permitted provided that the following conditions
 * are met:
 * 1. Redistributions of source code must retain the above copyright
 *    notice, this list of conditions and the following disclaimer.
 * 2. Redistributions in binary form must reproduce the above copyright
 *    notice, this list of conditions and the following disclaimer in the
 *    documentation and/or other materials provided with the distribution.
 *
 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 */
 #include "includes.h"
 RCSID("$OpenBSD: mac.c,v 1.1 2001/02/11 12:59:24 markus Exp $");
 #include <openssl/hmac.h>
 #include "xmalloc.h"
 #include "getput.h"
 #include "log.h"
 #include "cipher.h"
 #include "kex.h"
 #include "mac.h"
 struct {
 	char		*name;
 	EVP_MD *	(*mdfunc)(void);
 	int		truncatebits;	/* truncate digest if != 0 */
 } macs[] = {
 	{ "hmac-sha1",			EVP_sha1, 0, },
 	{ "hmac-sha1-96",		EVP_sha1, 96 },
 	{ "hmac-md5",			EVP_md5, 0 },
 	{ "hmac-md5-96",		EVP_md5, 96 },
 	{ "hmac-ripemd160",		EVP_ripemd160, 0 },
 	{ "hmac-ripemd160@openssh.com",	EVP_ripemd160, 0 },
        { NULL,				NULL, 0 }
 };
 int
 mac_init(Mac *mac, char *name)
 {
 	int i;
 	for (i = 0; macs[i].name; i++) {
 		if (strcmp(name, macs[i].name) == 0) {
 			if (mac != NULL) {
 				mac->md = (*macs[i].mdfunc)();
 				mac->key_len = mac->mac_len = mac->md->md_size;
 				if (macs[i].truncatebits != 0)
 					mac->mac_len = macs[i].truncatebits/8;
 			}
 			debug2("mac_init: found %s", name);
 			return (0);
 		}
 	}
 	debug2("mac_init: unknown %s", name);
 	return (-1);
 }
 u_char *
 mac_compute(Mac *mac, u_int32_t seqno, u_char *data, int datalen)
 {
 	HMAC_CTX c;
 	static u_char m[EVP_MAX_MD_SIZE];
 	u_char b[4];
 	if (mac->key == NULL)
 		fatal("mac_compute: no key");
 	if (mac->mac_len > sizeof(m))
 		fatal("mac_compute: mac too long");
 	HMAC_Init(&c, mac->key, mac->key_len, mac->md);
 	PUT_32BIT(b, seqno);
 	HMAC_Update(&c, b, sizeof(b));
 	HMAC_Update(&c, data, datalen);
 	HMAC_Final(&c, m, NULL);
 	HMAC_cleanup(&c);
 	return (m);
 }
 /* XXX copied from ciphers_valid */
 #define	MAC_SEP	","
 int
 mac_valid(const char *names)
 {
 	char *maclist, *cp, *p;
 	if (names == NULL || strcmp(names, "") == 0)
 		return (0);
 	maclist = cp = xstrdup(names);
 	for ((p = strsep(&cp, MAC_SEP)); p && *p != '\0';
 	     (p = strsep(&cp, MAC_SEP))) {
 		if (mac_init(NULL, p) < 0) {
 			debug("bad mac %s [%s]", p, names);
 			xfree(maclist);
 			return (0);
 		} else {
 			debug3("mac ok: %s [%s]", p, names);
 		}
 	}
 	debug3("macs ok: [%s]", names);
 	xfree(maclist);
 	return (1);
 }
--- a/hmac.h
+++ b/hmac.h
@ -1,7 +1,6 @@
-/*	$OpenBSD: hmac.h,v 1.4 2001/01/29 01:58:15 niklas Exp $	*/
+/*      $OpenBSD: mac.h,v 1.1 2001/02/11 12:59:24 markus Exp $   */
 /*
- * Copyright (c) 2000 Markus Friedl.  All rights reserved.
+ * Copyright (c) 2001 Markus Friedl.  All rights reserved.
 *
 * Redistribution and use in source and binary forms, with or without
 * modification, are permitted provided that the following conditions
@ -23,14 +22,7 @@
 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 */
 #ifndef HMAC_H
 #define HMAC_H
-u_char *
+int	mac_valid(const char *names);
-hmac(
+int	mac_init(Mac *mac, char *name);
-    EVP_MD *evp_md,
+u_char	*mac_compute(Mac *mac, u_int32_t seqno, u_char *data, int datalen);
    u_int seqno,
    u_char *data, int datalen,
    u_char *key, int len);
 #endif
--- a/myproposal.h
+++ b/myproposal.h
@ -1,4 +1,4 @@
-/*	$OpenBSD: myproposal.h,v 1.10 2001/01/29 01:58:17 niklas Exp $	*/
+/*	$OpenBSD: myproposal.h,v 1.11 2001/02/11 12:59:24 markus Exp $	*/
 /*
 * Copyright (c) 2000 Markus Friedl.  All rights reserved.
@ -30,7 +30,10 @@
 	"aes128-cbc,aes192-cbc,aes256-cbc," \
 	"rijndael128-cbc,rijndael192-cbc,rijndael256-cbc," \
 	"rijndael-cbc@lysator.liu.se"
-#define	KEX_DEFAULT_MAC		"hmac-sha1,hmac-md5,hmac-ripemd160@openssh.com"
+#define	KEX_DEFAULT_MAC \
 	"hmac-sha1,hmac-md5,hmac-ripemd160," \
 	"hmac-ripemd160@openssh.com," \
 	"hmac-sha1-96,hmac-md5-96"
 #define	KEX_DEFAULT_COMP	"none,zlib"
 #define	KEX_DEFAULT_LANG	""
--- a/packet.c
+++ b/packet.c
@ -37,7 +37,7 @@
 */
 #include "includes.h"
-RCSID("$OpenBSD: packet.c,v 1.49 2001/02/08 19:30:52 itojun Exp $");
+RCSID("$OpenBSD: packet.c,v 1.50 2001/02/11 12:59:25 markus Exp $");
 #include "xmalloc.h"
 #include "buffer.h"
@ -54,12 +54,9 @@ RCSID("$OpenBSD: packet.c,v 1.49 2001/02/08 19:30:52 itojun Exp $");
 #include "ssh1.h"
 #include "ssh2.h"
 #include <openssl/bn.h>
 #include <openssl/dh.h>
 #include <openssl/hmac.h>
 #include "cipher.h"
 #include "kex.h"
-#include "hmac.h"
+#include "mac.h"
 #include "log.h"
 #include "canohost.h"
@ -531,12 +528,12 @@ packet_send1(void)
 void
 packet_send2(void)
 {
 	static u_int32_t seqnr = 0;
 	u_char *macbuf = NULL;
 	char *cp;
 	u_int packet_length = 0;
 	u_int i, padlen, len;
 	u_int32_t rand = 0;
 	static u_int seqnr = 0;
 	int type;
 	Enc *enc   = NULL;
 	Mac *mac   = NULL;
@ -604,11 +601,9 @@ packet_send2(void)
 	/* compute MAC over seqnr and packet(length fields, payload, padding) */
 	if (mac && mac->enabled) {
-		macbuf = hmac( mac->md, seqnr,
+		macbuf = mac_compute(mac, seqnr,
 		    (u_char *) buffer_ptr(&outgoing_packet),
-		    buffer_len(&outgoing_packet),
+		    buffer_len(&outgoing_packet));
 		    mac->key, mac->key_len
 		);
 		DBG(debug("done calc MAC out #%d", seqnr));
 	}
 	/* encrypt packet and append to output buffer. */
@ -818,12 +813,12 @@ packet_read_poll1(int *payload_len_ptr)
 int
 packet_read_poll2(int *payload_len_ptr)
 {
 	static u_int32_t seqnr = 0;
 	static u_int packet_length = 0;
 	u_int padlen, need;
 	u_char buf[8], *macbuf;
 	u_char *ucp;
 	char *cp;
 	static u_int packet_length = 0;
 	static u_int seqnr = 0;
 	int type;
 	int maclen, block_size;
 	Enc *enc   = NULL;
@ -883,11 +878,9 @@ packet_read_poll2(int *payload_len_ptr)
 	 * increment sequence number for incoming packet
 	 */
 	if (mac && mac->enabled) {
-		macbuf = hmac( mac->md, seqnr,
+		macbuf = mac_compute(mac, seqnr,
 		    (u_char *) buffer_ptr(&incoming_packet),
-		    buffer_len(&incoming_packet),
+		    buffer_len(&incoming_packet));
 		    mac->key, mac->key_len
 		);
 		if (memcmp(macbuf, buffer_ptr(&input), mac->mac_len) != 0)
 			packet_disconnect("Corrupted MAC on input.");
 		DBG(debug("MAC #%d ok", seqnr));
--- a/readconf.c
+++ b/readconf.c
@ -12,7 +12,7 @@
 */
 #include "includes.h"
-RCSID("$OpenBSD: readconf.c,v 1.61 2001/02/08 14:39:36 deraadt Exp $");
+RCSID("$OpenBSD: readconf.c,v 1.62 2001/02/11 12:59:25 markus Exp $");
 #include "ssh.h"
 #include "xmalloc.h"
@ -23,6 +23,8 @@ RCSID("$OpenBSD: readconf.c,v 1.61 2001/02/08 14:39:36 deraadt Exp $");
 #include "readconf.h"
 #include "match.h"
 #include "misc.h"
 #include "kex.h"
 #include "mac.h"
 /* Format of the configuration file:
@ -105,7 +107,7 @@ typedef enum {
 	oGlobalKnownHostsFile, oUserKnownHostsFile, oConnectionAttempts,
 	oBatchMode, oCheckHostIP, oStrictHostKeyChecking, oCompression,
 	oCompressionLevel, oKeepAlives, oNumberOfPasswordPrompts,
-	oUsePrivilegedPort, oLogLevel, oCiphers, oProtocol,
+	oUsePrivilegedPort, oLogLevel, oCiphers, oProtocol, oMacs,
 	oGlobalKnownHostsFile2, oUserKnownHostsFile2, oPubkeyAuthentication,
 	oKbdInteractiveAuthentication, oKbdInteractiveDevices, oHostKeyAlias
 } OpCodes;
@ -148,6 +150,7 @@ static struct {
 	{ "port", oPort },
 	{ "cipher", oCipher },
 	{ "ciphers", oCiphers },
 	{ "macs", oMacs },
 	{ "protocol", oProtocol },
 	{ "remoteforward", oRemoteForward },
 	{ "localforward", oLocalForward },
@ -502,6 +505,17 @@ parse_int:
 			options->ciphers = xstrdup(arg);
 		break;
 	case oMacs:
 		arg = strdelim(&s);
 		if (!arg || *arg == '\0')
 			fatal("%.200s line %d: Missing argument.", filename, linenum);
 		if (!mac_valid(arg))
 			fatal("%.200s line %d: Bad SSH2 Mac spec '%s'.",
 			      filename, linenum, arg ? arg : "<NONE>");
 		if (*activep && options->macs == NULL)
 			options->macs = xstrdup(arg);
 		break;
 	case oProtocol:
 		intptr = &options->protocol;
 		arg = strdelim(&s);
@ -693,6 +707,7 @@ initialize_options(Options * options)
 	options->number_of_password_prompts = -1;
 	options->cipher = -1;
 	options->ciphers = NULL;
 	options->macs = NULL;
 	options->protocol = SSH_PROTO_UNKNOWN;
 	options->num_identity_files = 0;
 	options->hostname = NULL;
@ -781,6 +796,7 @@ fill_default_options(Options * options)
 	if (options->cipher == -1)
 		options->cipher = SSH_CIPHER_NOT_SET;
 	/* options->ciphers, default set in myproposals.h */
 	/* options->macs, default set in myproposals.h */
 	if (options->protocol == SSH_PROTO_UNKNOWN)
 		options->protocol = SSH_PROTO_1|SSH_PROTO_2|SSH_PROTO_1_PREFERRED;
 	if (options->num_identity_files == 0) {
--- a/readconf.h
+++ b/readconf.h
@ -11,7 +11,7 @@
 * called by a name other than "ssh" or "Secure Shell".
 */
-/* RCSID("$OpenBSD: readconf.h,v 1.25 2001/01/22 23:06:39 markus Exp $"); */
+/* RCSID("$OpenBSD: readconf.h,v 1.26 2001/02/11 12:59:25 markus Exp $"); */
 #ifndef READCONF_H
 #define READCONF_H
@ -68,6 +68,7 @@ typedef struct {
 						 * prompts. */
 	int     cipher;		/* Cipher to use. */
 	char   *ciphers;	/* SSH2 ciphers in order of preference. */
 	char   *macs;		/* SSH2 macs in order of preference. */
 	int	protocol;	/* Protocol in order of preference. */
 	char   *hostname;	/* Real host to connect. */
 	char   *host_key_alias;	/* hostname alias for .ssh/known_hosts */
--- a/servconf.c
+++ b/servconf.c
@ -10,7 +10,7 @@
 */
 #include "includes.h"
-RCSID("$OpenBSD: servconf.c,v 1.65 2001/02/04 15:32:24 stevesk Exp $");
+RCSID("$OpenBSD: servconf.c,v 1.66 2001/02/11 12:59:25 markus Exp $");
 #ifdef KRB4
 #include <krb.h>
@ -28,6 +28,8 @@ RCSID("$OpenBSD: servconf.c,v 1.65 2001/02/04 15:32:24 stevesk Exp $");
 #include "tildexpand.h"
 #include "misc.h"
 #include "cipher.h"
 #include "kex.h"
 #include "mac.h"
 /* add listen address */
 void add_listen_addr(ServerOptions *options, char *addr);
@ -85,6 +87,7 @@ initialize_server_options(ServerOptions *options)
 	options->num_allow_groups = 0;
 	options->num_deny_groups = 0;
 	options->ciphers = NULL;
 	options->macs = NULL;
 	options->protocol = SSH_PROTO_UNKNOWN;
 	options->gateway_ports = -1;
 	options->num_subsystems = 0;
@ -209,7 +212,7 @@ typedef enum {
 	sStrictModes, sEmptyPasswd, sRandomSeedFile, sKeepAlives, sCheckMail,
 	sUseLogin, sAllowTcpForwarding,
 	sAllowUsers, sDenyUsers, sAllowGroups, sDenyGroups,
-	sIgnoreUserKnownHosts, sCiphers, sProtocol, sPidFile,
+	sIgnoreUserKnownHosts, sCiphers, sMacs, sProtocol, sPidFile,
 	sGatewayPorts, sPubkeyAuthentication, sXAuthLocation, sSubsystem, sMaxStartups,
 	sBanner, sReverseMappingCheck
 } ServerOpCodes;
@ -266,6 +269,7 @@ static struct {
 	{ "allowgroups", sAllowGroups },
 	{ "denygroups", sDenyGroups },
 	{ "ciphers", sCiphers },
 	{ "macs", sMacs },
 	{ "protocol", sProtocol },
 	{ "gatewayports", sGatewayPorts },
 	{ "subsystem", sSubsystem },
@ -658,6 +662,17 @@ parse_flag:
 				options->ciphers = xstrdup(arg);
 			break;
 		case sMacs:
 			arg = strdelim(&cp);
 			if (!arg || *arg == '\0')
 				fatal("%s line %d: Missing argument.", filename, linenum);
 			if (!mac_valid(arg))
 				fatal("%s line %d: Bad SSH2 mac spec '%s'.",
 				    filename, linenum, arg ? arg : "<NONE>");
 			if (options->macs == NULL)
 				options->macs = xstrdup(arg);
 			break;
 		case sProtocol:
 			intptr = &options->protocol;
 			arg = strdelim(&cp);
--- a/servconf.h
+++ b/servconf.h
@ -11,7 +11,7 @@
 * called by a name other than "ssh" or "Secure Shell".
 */
-/* RCSID("$OpenBSD: servconf.h,v 1.36 2001/02/03 10:08:37 markus Exp $"); */
+/* RCSID("$OpenBSD: servconf.h,v 1.37 2001/02/11 12:59:25 markus Exp $"); */
 #ifndef SERVCONF_H
 #define SERVCONF_H
@ -50,8 +50,9 @@ typedef struct {
 	char   *xauth_location;	/* Location of xauth program */
 	int     strict_modes;	/* If true, require string home dir modes. */
 	int     keepalives;	/* If true, set SO_KEEPALIVE. */
-	char   *ciphers;	/* Ciphers in order of preference. */
+	char   *ciphers;	/* Supported SSH2 ciphers. */
-	int	protocol;	/* Protocol in order of preference. */
+	char   *macs;		/* Supported SSH2 macs. */
 	int	protocol;	/* Supported protocol versions. */
 	int     gateway_ports;	/* If true, allow remote connects to forwarded ports. */
 	SyslogFacility log_facility;	/* Facility for system logging. */
 	LogLevel log_level;	/* Level for system logging. */
--- a/ssh.1
+++ b/ssh.1
@ -34,7 +34,7 @@
 .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
 .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.\" $OpenBSD: ssh.1,v 1.90 2001/02/10 16:03:29 markus Exp $
+.\" $OpenBSD: ssh.1,v 1.91 2001/02/11 12:59:25 markus Exp $
 .Dd September 25, 1999
 .Dt SSH 1
 .Os
@ -53,6 +53,7 @@
 .Op Fl e Ar escape_char
 .Op Fl i Ar identity_file
 .Op Fl l Ar login_name
 .Op Fl m Ar mac_spec
 .Op Fl o Ar option
 .Op Fl p Ar port
 .Oo Fl L Xo
@ -425,6 +426,13 @@ This may also be specified on a per-host basis in the configuration file.
 .It Fl l Ar login_name
 Specifies the user to log in as on the remote machine.
 This also may be specified on a per-host basis in the configuration file.
 .It Fl m Ar mac_spec
 Additionally, for protocol version 2 a comma-separated list of MAC
 (message authentication code) algorithms can
 be specified in order of preference.
 See the
 .Cm MACs
 keyword for more information.
 .It Fl n
 Redirects stdin from
 .Pa /dev/null
@ -814,6 +822,18 @@ Gives the verbosity level that is used when logging messages from
 The possible values are:
 QUIET, FATAL, ERROR, INFO, VERBOSE and DEBUG.
 The default is INFO.
 .It Cm MACs
 Specifies the MAC (message authentication code) algorithms 
 in order of preference.
 The MAC algorithm is used in protocol version 2
 for data integrity protection.
 Multiple algorithms must be comma-separated.
 The default is
 .Pp
 .Bd -literal
  ``hmac-sha1,hmac-md5,hmac-ripemd160,hmac-ripemd160@openssh.com,
    hmac-sha1-96,hmac-md5-96''
 .Ed
 .It Cm NumberOfPasswordPrompts
 Specifies the number of password prompts before giving up.
 The argument to this keyword must be an integer.
--- a/ssh.c
+++ b/ssh.c
@ -39,7 +39,7 @@
 */
 #include "includes.h"
-RCSID("$OpenBSD: ssh.c,v 1.94 2001/02/10 01:46:28 markus Exp $");
+RCSID("$OpenBSD: ssh.c,v 1.95 2001/02/11 12:59:25 markus Exp $");
 #include <openssl/evp.h>
 #include <openssl/err.h>
@ -65,6 +65,8 @@ RCSID("$OpenBSD: ssh.c,v 1.94 2001/02/10 01:46:28 markus Exp $");
 #include "tildexpand.h"
 #include "dispatch.h"
 #include "misc.h"
 #include "kex.h"
 #include "mac.h"
 #ifdef HAVE___PROGNAME
 extern char *__progname;
@ -305,7 +307,7 @@ main(int ac, char **av)
 		opt = av[optind][1];
 		if (!opt)
 			usage();
-		if (strchr("eilcpLRo", opt)) {	/* options with arguments */
+		if (strchr("eilcmpLRo", opt)) {	/* options with arguments */
 			optarg = av[optind] + 2;
 			if (strcmp(optarg, "") == 0) {
 				if (optind >= ac - 1)
@ -434,6 +436,14 @@ main(int ac, char **av)
 				}
 			}
 			break;
 		case 'm':
 			if (mac_valid(optarg))
 				options.macs = xstrdup(optarg);
 			else {
 				fprintf(stderr, "Unknown mac type '%s'\n", optarg);
 				exit(1);
 			}
 			break;
 		case 'p':
 			options.port = atoi(optarg);
 			break;
--- a/sshconnect2.c
+++ b/sshconnect2.c
@ -23,7 +23,7 @@
 */
 #include "includes.h"
-RCSID("$OpenBSD: sshconnect2.c,v 1.46 2001/02/10 12:09:21 markus Exp $");
+RCSID("$OpenBSD: sshconnect2.c,v 1.47 2001/02/11 12:59:25 markus Exp $");
 #include <openssl/bn.h>
 #include <openssl/md5.h>
@ -84,12 +84,16 @@ ssh_kex2(char *host, struct sockaddr *hostaddr)
 		myproposal[PROPOSAL_ENC_ALGS_STOC] = options.ciphers;
 	}
 	if (options.compression) {
-		myproposal[PROPOSAL_COMP_ALGS_CTOS] = "zlib";
+		myproposal[PROPOSAL_COMP_ALGS_CTOS] =
 		myproposal[PROPOSAL_COMP_ALGS_STOC] = "zlib";
 	} else {
-		myproposal[PROPOSAL_COMP_ALGS_CTOS] = "none";
+		myproposal[PROPOSAL_COMP_ALGS_CTOS] =
 		myproposal[PROPOSAL_COMP_ALGS_STOC] = "none";
 	}
 	if (options.macs != NULL) {
 		myproposal[PROPOSAL_MAC_ALGS_CTOS] =
 		myproposal[PROPOSAL_MAC_ALGS_STOC] = options.macs;
 	}
 	/* buffers with raw kexinit messages */
 	server_kexinit = xmalloc(sizeof(*server_kexinit));
--- a/sshd.8
+++ b/sshd.8
@ -34,7 +34,7 @@
 .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
 .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.\" $OpenBSD: sshd.8,v 1.92 2001/02/09 23:38:11 deraadt Exp $
+.\" $OpenBSD: sshd.8,v 1.93 2001/02/11 12:59:25 markus Exp $
 .Dd September 25, 1999
 .Dt SSHD 8
 .Os
@ -501,6 +501,17 @@ QUIET, FATAL, ERROR, INFO, VERBOSE and DEBUG.
 The default is INFO.
 Logging with level DEBUG violates the privacy of users
 and is not recommended.
 .It Cm MACs
 Specifies the available MAC (message authentication code) algorithms.
 The MAC algorithm is used in protocol version 2
 for data integrity protection.
 Multiple algorithms must be comma-separated.
 The default is
 .Pp
 .Bd -literal
  ``hmac-sha1,hmac-md5,hmac-ripemd160,hmac-ripemd160@openssh.com,
    hmac-sha1-96,hmac-md5-96''
 .Ed
 .It Cm MaxStartups
 Specifies the maximum number of concurrent unauthenticated connections to the
 .Nm
--- a/sshd.c
+++ b/sshd.c
@ -40,7 +40,7 @@
 */
 #include "includes.h"
-RCSID("$OpenBSD: sshd.c,v 1.165 2001/02/08 19:30:53 itojun Exp $");
+RCSID("$OpenBSD: sshd.c,v 1.166 2001/02/11 12:59:25 markus Exp $");
 #include <openssl/dh.h>
 #include <openssl/bn.h>
@ -1412,6 +1412,10 @@ do_ssh2_kex(void)
 		myproposal[PROPOSAL_ENC_ALGS_CTOS] =
 		myproposal[PROPOSAL_ENC_ALGS_STOC] = options.ciphers;
 	}
 	if (options.macs != NULL) {
 		myproposal[PROPOSAL_MAC_ALGS_CTOS] =
 		myproposal[PROPOSAL_MAC_ALGS_STOC] = options.macs;
 	}
 	myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = list_hostkey_types();
 	server_kexinit = kex_init(myproposal);