- markus@cvs.openbsd.org 2003/04/01 10:31:26
[compat.c compat.h kex.c] bugfix causes stalled connections for ssh.com < 3.0; noticed by ho@; tested by ho@ and myself
This commit is contained in:
parent
2dc074ef4b
commit
d32090426b
|
@ -24,6 +24,10 @@
|
|||
[clientloop.c monitor.c monitor_wrap.c packet.c packet.h readconf.c]
|
||||
[readconf.h serverloop.c sshconnect2.c]
|
||||
backout rekeying changes (for 3.6.1)
|
||||
- markus@cvs.openbsd.org 2003/04/01 10:31:26
|
||||
[compat.c compat.h kex.c]
|
||||
bugfix causes stalled connections for ssh.com < 3.0; noticed by ho@;
|
||||
tested by ho@ and myself
|
||||
|
||||
20030326
|
||||
- (djm) OpenBSD CVS Sync
|
||||
|
@ -1286,4 +1290,4 @@
|
|||
save auth method before monitor_reset_key_state(); bugzilla bug #284;
|
||||
ok provos@
|
||||
|
||||
$Id: ChangeLog,v 1.2644 2003/04/01 11:43:39 djm Exp $
|
||||
$Id: ChangeLog,v 1.2645 2003/04/01 11:44:37 djm Exp $
|
||||
|
|
22
compat.c
22
compat.c
|
@ -23,7 +23,7 @@
|
|||
*/
|
||||
|
||||
#include "includes.h"
|
||||
RCSID("$OpenBSD: compat.c,v 1.65 2002/09/27 10:42:09 mickey Exp $");
|
||||
RCSID("$OpenBSD: compat.c,v 1.66 2003/04/01 10:31:26 markus Exp $");
|
||||
|
||||
#include "buffer.h"
|
||||
#include "packet.h"
|
||||
|
@ -85,10 +85,12 @@ compat_datafellows(const char *version)
|
|||
{ "*MindTerm*", 0 },
|
||||
{ "2.1.0*", SSH_BUG_SIGBLOB|SSH_BUG_HMAC|
|
||||
SSH_OLD_SESSIONID|SSH_BUG_DEBUG|
|
||||
SSH_BUG_RSASIGMD5|SSH_BUG_HBSERVICE },
|
||||
SSH_BUG_RSASIGMD5|SSH_BUG_HBSERVICE|
|
||||
SSH_BUG_FIRSTKEX },
|
||||
{ "2.1 *", SSH_BUG_SIGBLOB|SSH_BUG_HMAC|
|
||||
SSH_OLD_SESSIONID|SSH_BUG_DEBUG|
|
||||
SSH_BUG_RSASIGMD5|SSH_BUG_HBSERVICE },
|
||||
SSH_BUG_RSASIGMD5|SSH_BUG_HBSERVICE|
|
||||
SSH_BUG_FIRSTKEX },
|
||||
{ "2.0.13*,"
|
||||
"2.0.14*,"
|
||||
"2.0.15*,"
|
||||
|
@ -100,26 +102,28 @@ compat_datafellows(const char *version)
|
|||
SSH_BUG_PKSERVICE|SSH_BUG_X11FWD|
|
||||
SSH_BUG_PKOK|SSH_BUG_RSASIGMD5|
|
||||
SSH_BUG_HBSERVICE|SSH_BUG_OPENFAILURE|
|
||||
SSH_BUG_DUMMYCHAN },
|
||||
SSH_BUG_DUMMYCHAN|SSH_BUG_FIRSTKEX },
|
||||
{ "2.0.11*,"
|
||||
"2.0.12*", SSH_BUG_SIGBLOB|SSH_BUG_HMAC|
|
||||
SSH_OLD_SESSIONID|SSH_BUG_DEBUG|
|
||||
SSH_BUG_PKSERVICE|SSH_BUG_X11FWD|
|
||||
SSH_BUG_PKAUTH|SSH_BUG_PKOK|
|
||||
SSH_BUG_RSASIGMD5|SSH_BUG_OPENFAILURE|
|
||||
SSH_BUG_DUMMYCHAN },
|
||||
SSH_BUG_DUMMYCHAN|SSH_BUG_FIRSTKEX },
|
||||
{ "2.0.*", SSH_BUG_SIGBLOB|SSH_BUG_HMAC|
|
||||
SSH_OLD_SESSIONID|SSH_BUG_DEBUG|
|
||||
SSH_BUG_PKSERVICE|SSH_BUG_X11FWD|
|
||||
SSH_BUG_PKAUTH|SSH_BUG_PKOK|
|
||||
SSH_BUG_RSASIGMD5|SSH_BUG_OPENFAILURE|
|
||||
SSH_BUG_DERIVEKEY|SSH_BUG_DUMMYCHAN },
|
||||
SSH_BUG_DERIVEKEY|SSH_BUG_DUMMYCHAN|
|
||||
SSH_BUG_FIRSTKEX },
|
||||
{ "2.2.0*,"
|
||||
"2.3.0*", SSH_BUG_HMAC|SSH_BUG_DEBUG|
|
||||
SSH_BUG_RSASIGMD5 },
|
||||
{ "2.3.*", SSH_BUG_DEBUG|SSH_BUG_RSASIGMD5 },
|
||||
SSH_BUG_RSASIGMD5|SSH_BUG_FIRSTKEX },
|
||||
{ "2.3.*", SSH_BUG_DEBUG|SSH_BUG_RSASIGMD5|
|
||||
SSH_BUG_FIRSTKEX },
|
||||
{ "2.4", SSH_OLD_SESSIONID }, /* Van Dyke */
|
||||
{ "2.*", SSH_BUG_DEBUG },
|
||||
{ "2.*", SSH_BUG_DEBUG|SSH_BUG_FIRSTKEX },
|
||||
{ "3.0.*", SSH_BUG_DEBUG },
|
||||
{ "3.0 SecureCRT*", SSH_OLD_SESSIONID },
|
||||
{ "1.7 SecureFX*", SSH_OLD_SESSIONID },
|
||||
|
|
3
compat.h
3
compat.h
|
@ -1,4 +1,4 @@
|
|||
/* $OpenBSD: compat.h,v 1.33 2002/09/27 10:42:09 mickey Exp $ */
|
||||
/* $OpenBSD: compat.h,v 1.34 2003/04/01 10:31:26 markus Exp $ */
|
||||
|
||||
/*
|
||||
* Copyright (c) 1999, 2000, 2001 Markus Friedl. All rights reserved.
|
||||
|
@ -55,6 +55,7 @@
|
|||
#define SSH_BUG_EXTEOF 0x00200000
|
||||
#define SSH_BUG_K5USER 0x00400000
|
||||
#define SSH_BUG_PROBE 0x00800000
|
||||
#define SSH_BUG_FIRSTKEX 0x01000000
|
||||
|
||||
void enable_compat13(void);
|
||||
void enable_compat20(void);
|
||||
|
|
5
kex.c
5
kex.c
|
@ -23,7 +23,7 @@
|
|||
*/
|
||||
|
||||
#include "includes.h"
|
||||
RCSID("$OpenBSD: kex.c,v 1.54 2003/02/16 17:09:57 markus Exp $");
|
||||
RCSID("$OpenBSD: kex.c,v 1.55 2003/04/01 10:31:26 markus Exp $");
|
||||
|
||||
#include <openssl/crypto.h>
|
||||
|
||||
|
@ -392,7 +392,8 @@ kex_choose_conf(Kex *kex)
|
|||
kex->we_need = need;
|
||||
|
||||
/* ignore the next message if the proposals do not match */
|
||||
if (first_kex_follows && !proposals_match(my, peer)) {
|
||||
if (first_kex_follows && !proposals_match(my, peer) &&
|
||||
!(datafellows & SSH_BUG_FIRSTKEX)) {
|
||||
type = packet_read();
|
||||
debug2("skipping next packet (type %u)", type);
|
||||
}
|
||||
|
|
Loading…
Reference in New Issue