tyler.durden
/
openssh-portable
mirror of https://github.com/PowerShell/openssh-portable.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

- markus@cvs.openbsd.org 2003/04/01 10:31:26 

[compat.c compat.h kex.c]
     bugfix causes stalled connections for ssh.com < 3.0; noticed by ho@;
     tested by ho@ and myself
This commit is contained in:
Damien Miller 2003-04-01 21:44:37 +10:00
parent 2dc074ef4b
commit d32090426b
4 changed files with 23 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
ChangeLog
View File

@ -24,6 +24,10 @@
[clientloop.c monitor.c monitor_wrap.c packet.c packet.h readconf.c] [clientloop.c monitor.c monitor_wrap.c packet.c packet.h readconf.c]
[readconf.h serverloop.c sshconnect2.c] [readconf.h serverloop.c sshconnect2.c]
backout rekeying changes (for 3.6.1) backout rekeying changes (for 3.6.1)
- markus@cvs.openbsd.org 2003/04/01 10:31:26
[compat.c compat.h kex.c]
bugfix causes stalled connections for ssh.com < 3.0; noticed by ho@;
tested by ho@ and myself
20030326 20030326
- (djm) OpenBSD CVS Sync - (djm) OpenBSD CVS Sync
@ -1286,4 +1290,4 @@
save auth method before monitor_reset_key_state(); bugzilla bug #284; save auth method before monitor_reset_key_state(); bugzilla bug #284;
ok provos@ ok provos@
$Id: ChangeLog,v 1.2644 2003/04/01 11:43:39 djm Exp $ $Id: ChangeLog,v 1.2645 2003/04/01 11:44:37 djm Exp $

22
compat.c
View File

@ -23,7 +23,7 @@
*/ */
#include "includes.h" #include "includes.h"
RCSID("$OpenBSD: compat.c,v 1.65 2002/09/27 10:42:09 mickey Exp $"); RCSID("$OpenBSD: compat.c,v 1.66 2003/04/01 10:31:26 markus Exp $");
#include "buffer.h" #include "buffer.h"
#include "packet.h" #include "packet.h"
@ -85,10 +85,12 @@ compat_datafellows(const char *version)
{ "*MindTerm*", 0 }, { "*MindTerm*", 0 },
{ "2.1.0*", SSH_BUG_SIGBLOB|SSH_BUG_HMAC| { "2.1.0*", SSH_BUG_SIGBLOB|SSH_BUG_HMAC|
SSH_OLD_SESSIONID|SSH_BUG_DEBUG| SSH_OLD_SESSIONID|SSH_BUG_DEBUG|
SSH_BUG_RSASIGMD5|SSH_BUG_HBSERVICE }, SSH_BUG_RSASIGMD5|SSH_BUG_HBSERVICE|
SSH_BUG_FIRSTKEX },
{ "2.1 *", SSH_BUG_SIGBLOB|SSH_BUG_HMAC| { "2.1 *", SSH_BUG_SIGBLOB|SSH_BUG_HMAC|
SSH_OLD_SESSIONID|SSH_BUG_DEBUG| SSH_OLD_SESSIONID|SSH_BUG_DEBUG|
SSH_BUG_RSASIGMD5|SSH_BUG_HBSERVICE }, SSH_BUG_RSASIGMD5|SSH_BUG_HBSERVICE|
SSH_BUG_FIRSTKEX },
{ "2.0.13*," { "2.0.13*,"
"2.0.14*," "2.0.14*,"
"2.0.15*," "2.0.15*,"
@ -100,26 +102,28 @@ compat_datafellows(const char *version)
SSH_BUG_PKSERVICE|SSH_BUG_X11FWD| SSH_BUG_PKSERVICE|SSH_BUG_X11FWD|
SSH_BUG_PKOK|SSH_BUG_RSASIGMD5| SSH_BUG_PKOK|SSH_BUG_RSASIGMD5|
SSH_BUG_HBSERVICE|SSH_BUG_OPENFAILURE| SSH_BUG_HBSERVICE|SSH_BUG_OPENFAILURE|
SSH_BUG_DUMMYCHAN }, SSH_BUG_DUMMYCHAN|SSH_BUG_FIRSTKEX },
{ "2.0.11*," { "2.0.11*,"
"2.0.12*", SSH_BUG_SIGBLOB|SSH_BUG_HMAC| "2.0.12*", SSH_BUG_SIGBLOB|SSH_BUG_HMAC|
SSH_OLD_SESSIONID|SSH_BUG_DEBUG| SSH_OLD_SESSIONID|SSH_BUG_DEBUG|
SSH_BUG_PKSERVICE|SSH_BUG_X11FWD| SSH_BUG_PKSERVICE|SSH_BUG_X11FWD|
SSH_BUG_PKAUTH|SSH_BUG_PKOK| SSH_BUG_PKAUTH|SSH_BUG_PKOK|
SSH_BUG_RSASIGMD5|SSH_BUG_OPENFAILURE| SSH_BUG_RSASIGMD5|SSH_BUG_OPENFAILURE|
SSH_BUG_DUMMYCHAN }, SSH_BUG_DUMMYCHAN|SSH_BUG_FIRSTKEX },
{ "2.0.*", SSH_BUG_SIGBLOB|SSH_BUG_HMAC| { "2.0.*", SSH_BUG_SIGBLOB|SSH_BUG_HMAC|
SSH_OLD_SESSIONID|SSH_BUG_DEBUG| SSH_OLD_SESSIONID|SSH_BUG_DEBUG|
SSH_BUG_PKSERVICE|SSH_BUG_X11FWD| SSH_BUG_PKSERVICE|SSH_BUG_X11FWD|
SSH_BUG_PKAUTH|SSH_BUG_PKOK| SSH_BUG_PKAUTH|SSH_BUG_PKOK|
SSH_BUG_RSASIGMD5|SSH_BUG_OPENFAILURE| SSH_BUG_RSASIGMD5|SSH_BUG_OPENFAILURE|
SSH_BUG_DERIVEKEY|SSH_BUG_DUMMYCHAN }, SSH_BUG_DERIVEKEY|SSH_BUG_DUMMYCHAN|
SSH_BUG_FIRSTKEX },
{ "2.2.0*," { "2.2.0*,"
"2.3.0*", SSH_BUG_HMAC|SSH_BUG_DEBUG| "2.3.0*", SSH_BUG_HMAC|SSH_BUG_DEBUG|
SSH_BUG_RSASIGMD5 }, SSH_BUG_RSASIGMD5|SSH_BUG_FIRSTKEX },
{ "2.3.*", SSH_BUG_DEBUG|SSH_BUG_RSASIGMD5 }, { "2.3.*", SSH_BUG_DEBUG|SSH_BUG_RSASIGMD5|
SSH_BUG_FIRSTKEX },
{ "2.4", SSH_OLD_SESSIONID }, /* Van Dyke */ { "2.4", SSH_OLD_SESSIONID }, /* Van Dyke */
{ "2.*", SSH_BUG_DEBUG }, { "2.*", SSH_BUG_DEBUG|SSH_BUG_FIRSTKEX },
{ "3.0.*", SSH_BUG_DEBUG }, { "3.0.*", SSH_BUG_DEBUG },
{ "3.0 SecureCRT*", SSH_OLD_SESSIONID }, { "3.0 SecureCRT*", SSH_OLD_SESSIONID },
{ "1.7 SecureFX*", SSH_OLD_SESSIONID }, { "1.7 SecureFX*", SSH_OLD_SESSIONID },

3
compat.h
View File

@ -1,4 +1,4 @@
/* $OpenBSD: compat.h,v 1.33 2002/09/27 10:42:09 mickey Exp $ */ /* $OpenBSD: compat.h,v 1.34 2003/04/01 10:31:26 markus Exp $ */
/* /*
* Copyright (c) 1999, 2000, 2001 Markus Friedl. All rights reserved. * Copyright (c) 1999, 2000, 2001 Markus Friedl. All rights reserved.
@ -55,6 +55,7 @@
#define SSH_BUG_EXTEOF 0x00200000 #define SSH_BUG_EXTEOF 0x00200000
#define SSH_BUG_K5USER 0x00400000 #define SSH_BUG_K5USER 0x00400000
#define SSH_BUG_PROBE 0x00800000 #define SSH_BUG_PROBE 0x00800000
#define SSH_BUG_FIRSTKEX 0x01000000
void enable_compat13(void); void enable_compat13(void);
void enable_compat20(void); void enable_compat20(void);

5
kex.c
View File

@ -23,7 +23,7 @@
*/ */
#include "includes.h" #include "includes.h"
RCSID("$OpenBSD: kex.c,v 1.54 2003/02/16 17:09:57 markus Exp $"); RCSID("$OpenBSD: kex.c,v 1.55 2003/04/01 10:31:26 markus Exp $");
#include <openssl/crypto.h> #include <openssl/crypto.h>
@ -392,7 +392,8 @@ kex_choose_conf(Kex *kex)
kex->we_need = need; kex->we_need = need;
/* ignore the next message if the proposals do not match */ /* ignore the next message if the proposals do not match */
if (first_kex_follows && !proposals_match(my, peer)) { if (first_kex_follows && !proposals_match(my, peer) &&
!(datafellows & SSH_BUG_FIRSTKEX)) {
type = packet_read(); type = packet_read();
debug2("skipping next packet (type %u)", type); debug2("skipping next packet (type %u)", type);
} }