diff --git a/ChangeLog b/ChangeLog index 057d1fc10..16be5f953 100644 --- a/ChangeLog +++ b/ChangeLog @@ -13,6 +13,9 @@ - provos@cvs.openbsd.org 2001/03/29 14:24:59 [sshconnect2.c] use recommended defaults + - stevesk@cvs.openbsd.org 2001/03/29 21:06:21 + [sshconnect2.c sshd.c] + need to set both STOC and CTOS for SSH_BUG_BIGENDIANAES; ok markus@ 20010329 - OpenBSD CVS Sync @@ -4783,4 +4786,4 @@ - Wrote replacements for strlcpy and mkdtemp - Released 1.0pre1 -$Id: ChangeLog,v 1.1039 2001/03/30 00:49:05 djm Exp $ +$Id: ChangeLog,v 1.1040 2001/03/30 00:49:35 djm Exp $ diff --git a/sshconnect2.c b/sshconnect2.c index 69249c384..460d614f0 100644 --- a/sshconnect2.c +++ b/sshconnect2.c @@ -23,7 +23,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: sshconnect2.c,v 1.59 2001/03/29 14:24:59 provos Exp $"); +RCSID("$OpenBSD: sshconnect2.c,v 1.60 2001/03/29 21:06:21 stevesk Exp $"); #include #include @@ -85,6 +85,10 @@ ssh_kex2(char *host, struct sockaddr *hostaddr) myproposal[PROPOSAL_ENC_ALGS_CTOS] = myproposal[PROPOSAL_ENC_ALGS_STOC] = options.ciphers; } + myproposal[PROPOSAL_ENC_ALGS_CTOS] = + compat_cipher_proposal(myproposal[PROPOSAL_ENC_ALGS_CTOS]); + myproposal[PROPOSAL_ENC_ALGS_STOC] = + compat_cipher_proposal(myproposal[PROPOSAL_ENC_ALGS_STOC]); if (options.compression) { myproposal[PROPOSAL_COMP_ALGS_CTOS] = myproposal[PROPOSAL_COMP_ALGS_STOC] = "zlib"; @@ -97,9 +101,6 @@ ssh_kex2(char *host, struct sockaddr *hostaddr) myproposal[PROPOSAL_MAC_ALGS_STOC] = options.macs; } - myproposal[PROPOSAL_ENC_ALGS_STOC] = - compat_cipher_proposal(myproposal[PROPOSAL_ENC_ALGS_STOC]); - /* buffers with raw kexinit messages */ server_kexinit = xmalloc(sizeof(*server_kexinit)); buffer_init(server_kexinit); diff --git a/sshd.c b/sshd.c index d9d3780fb..d35403f20 100644 --- a/sshd.c +++ b/sshd.c @@ -40,7 +40,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: sshd.c,v 1.183 2001/03/28 21:59:41 provos Exp $"); +RCSID("$OpenBSD: sshd.c,v 1.184 2001/03/29 21:06:21 stevesk Exp $"); #include #include @@ -1419,15 +1419,17 @@ do_ssh2_kex(void) myproposal[PROPOSAL_ENC_ALGS_CTOS] = myproposal[PROPOSAL_ENC_ALGS_STOC] = options.ciphers; } + myproposal[PROPOSAL_ENC_ALGS_CTOS] = + compat_cipher_proposal(myproposal[PROPOSAL_ENC_ALGS_CTOS]); + myproposal[PROPOSAL_ENC_ALGS_STOC] = + compat_cipher_proposal(myproposal[PROPOSAL_ENC_ALGS_STOC]); + if (options.macs != NULL) { myproposal[PROPOSAL_MAC_ALGS_CTOS] = myproposal[PROPOSAL_MAC_ALGS_STOC] = options.macs; } myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = list_hostkey_types(); - myproposal[PROPOSAL_ENC_ALGS_STOC] = - compat_cipher_proposal(myproposal[PROPOSAL_ENC_ALGS_STOC]); - server_kexinit = kex_init(myproposal); client_kexinit = xmalloc(sizeof(*client_kexinit)); buffer_init(client_kexinit);