- markus@cvs.openbsd.org 2001/04/30 15:50:46

[compat.c compat.h kex.c]
     allow interop with weaker key generation used by ssh-2.0.x, x < 10

ChangeLog

@@ -3,6 +3,9 @@
    - markus@cvs.openbsd.org 2001/04/30 11:18:52
      [readconf.c readconf.h ssh.1 ssh.c sshconnect.c]
      implement 'ssh -b bind_address' like 'telnet -b'
+   - markus@cvs.openbsd.org 2001/04/30 15:50:46
+     [compat.c compat.h kex.c]
+     allow interop with weaker key generation used by ssh-2.0.x, x < 10
  - (tim) [contrib/caldera/openssh.spec] add Requires line for Caldera 3.1
 
 20010430
@@ -5289,4 +5292,4 @@
  - Wrote replacements for strlcpy and mkdtemp
  - Released 1.0pre1
 
-$Id: ChangeLog,v 1.1186 2001/04/30 18:00:11 tim Exp $
+$Id: ChangeLog,v 1.1187 2001/04/30 23:06:57 mouring Exp $

compat.c

@@ -23,7 +23,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: compat.c,v 1.48 2001/04/29 19:16:52 markus Exp $");
+RCSID("$OpenBSD: compat.c,v 1.49 2001/04/30 15:50:46 markus Exp $");
 
 #ifdef HAVE_LIBPCRE
 #  include <pcreposix.h>
@@ -94,11 +94,17 @@ compat_datafellows(const char *version)
 					SSH_BUG_PKSERVICE|SSH_BUG_X11FWD|
 					SSH_BUG_PKOK|SSH_BUG_RSASIGMD5|
 					SSH_BUG_HBSERVICE|SSH_BUG_OPENFAILURE },
-		{ "^2\\.0\\.",		SSH_BUG_SIGBLOB|SSH_BUG_HMAC|
+		{ "^2\\.0\\.1[0-2]",	SSH_BUG_SIGBLOB|SSH_BUG_HMAC|
 					SSH_OLD_SESSIONID|SSH_BUG_DEBUG|
 					SSH_BUG_PKSERVICE|SSH_BUG_X11FWD|
 					SSH_BUG_PKAUTH|SSH_BUG_PKOK|
 					SSH_BUG_RSASIGMD5|SSH_BUG_OPENFAILURE },
+		{ "^2\\.0\\.",		SSH_BUG_SIGBLOB|SSH_BUG_HMAC|
+					SSH_OLD_SESSIONID|SSH_BUG_DEBUG|
+					SSH_BUG_PKSERVICE|SSH_BUG_X11FWD|
+					SSH_BUG_PKAUTH|SSH_BUG_PKOK|
+					SSH_BUG_RSASIGMD5|SSH_BUG_OPENFAILURE|
+					SSH_BUG_DERIVEKEY },
 		{ "^2\\.[23]\\.0",	SSH_BUG_HMAC|SSH_BUG_RSASIGMD5 },
 		{ "^2\\.3\\.",		SSH_BUG_RSASIGMD5 },
 		{ "^2\\.[2-9]\\.",	0 },

compat.h

@@ -21,7 +21,7 @@
  * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
  * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  */
-/* RCSID("$OpenBSD: compat.h,v 1.24 2001/04/29 19:16:52 markus Exp $"); */
+/* RCSID("$OpenBSD: compat.h,v 1.25 2001/04/30 15:50:46 markus Exp $"); */
 
 #ifndef COMPAT_H
 #define COMPAT_H
@@ -49,6 +49,7 @@
 #define SSH_BUG_NOREKEY		0x00008000
 #define SSH_BUG_HBSERVICE	0x00010000
 #define SSH_BUG_OPENFAILURE	0x00020000
+#define SSH_BUG_DERIVEKEY	0x00040000
 
 void    enable_compat13(void);
 void    enable_compat20(void);

kex.c

@@ -23,7 +23,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: kex.c,v 1.33 2001/04/05 10:42:50 markus Exp $");
+RCSID("$OpenBSD: kex.c,v 1.34 2001/04/30 15:50:46 markus Exp $");
 
 #include <openssl/crypto.h>
 
@@ -375,6 +375,7 @@ derive_key(Kex *kex, int id, int need, u_char *hash, BIGNUM *shared_secret)
 
 	/* K1 = HASH(K || H || "A" || session_id) */
 	EVP_DigestInit(&md, evp_md);
+	if (!(datafellows & SSH_BUG_DERIVEKEY))
 		EVP_DigestUpdate(&md, buffer_ptr(&b), buffer_len(&b));
 	EVP_DigestUpdate(&md, hash, mdsz);
 	EVP_DigestUpdate(&md, &c, 1);
@@ -388,6 +389,7 @@ derive_key(Kex *kex, int id, int need, u_char *hash, BIGNUM *shared_secret)
 	 */
 	for (have = mdsz; need > have; have += mdsz) {
 		EVP_DigestInit(&md, evp_md);
+		if (!(datafellows & SSH_BUG_DERIVEKEY))
 			EVP_DigestUpdate(&md, buffer_ptr(&b), buffer_len(&b));
 		EVP_DigestUpdate(&md, hash, mdsz);
 		EVP_DigestUpdate(&md, digest, have);