From 5d7b9565bc2cc2b0734a6e8b0b7ab781745d35f9 Mon Sep 17 00:00:00 2001 From: Damien Miller Date: Sat, 16 Feb 2013 17:32:31 +1100 Subject: [PATCH] - djm@cvs.openbsd.org 2013/02/16 06:08:45 [integrity.sh] make sure the fuzz offset is actually past the end of KEX for all KEX types. diffie-hellman-group-exchange-sha256 requires an offset around 2700. Noticed via test failures in portable OpenSSH on platforms that lack ECC and this the more byte-frugal ECDH KEX algorithms. --- ChangeLog | 9 +++++++++ regress/integrity.sh | 6 +++--- 2 files changed, 12 insertions(+), 3 deletions(-) diff --git a/ChangeLog b/ChangeLog index 8dd37b2c0..406a609a6 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,12 @@ +20130216 + - OpenBSD CVS Sync + - djm@cvs.openbsd.org 2013/02/16 06:08:45 + [integrity.sh] + make sure the fuzz offset is actually past the end of KEX for all KEX + types. diffie-hellman-group-exchange-sha256 requires an offset around + 2700. Noticed via test failures in portable OpenSSH on platforms that + lack ECC and this the more byte-frugal ECDH KEX algorithms. + 20130215 - (djm) [contrib/suse/rc.sshd] Use SSHD_BIN consistently; bz#2056 from Iain Morgan diff --git a/regress/integrity.sh b/regress/integrity.sh index bcace97e6..d779aa930 100644 --- a/regress/integrity.sh +++ b/regress/integrity.sh @@ -1,13 +1,13 @@ -# $OpenBSD: integrity.sh,v 1.2 2013/01/12 11:23:53 djm Exp $ +# $OpenBSD: integrity.sh,v 1.3 2013/02/16 06:08:45 djm Exp $ # Placed in the Public Domain. tid="integrity" -# start at byte 2500 (i.e. after kex) and corrupt at different offsets +# start at byte 2800 (i.e. after kex) and corrupt at different offsets # XXX the test hangs if we modify the low bytes of the packet length # XXX and ssh tries to read... tries=10 -startoffset=2500 +startoffset=2800 macs="hmac-sha1 hmac-md5 umac-64@openssh.com umac-128@openssh.com hmac-sha1-96 hmac-md5-96 hmac-sha2-256 hmac-sha2-512 hmac-sha1-etm@openssh.com hmac-md5-etm@openssh.com