diff options
author | djm@openbsd.org <djm@openbsd.org> | 2017-04-30 23:15:04 +0000 |
---|---|---|
committer | Damien Miller <djm@mindrot.org> | 2017-05-01 10:04:58 +1000 |
commit | cdccebdf85204bf7542b7fcc1aa2ea3f36661833 (patch) | |
tree | fd07acdcdebd7da5dc027e58261a446a807466ba | |
parent | 97f4d3083b036ce3e68d6346a6140a22123d5864 (diff) |
upstream commit
remove SSHv1 ciphers; ok markus@
Upstream-ID: e5ebc5e540d7f23a8c1266db1839794d4d177890
-rw-r--r-- | Makefile.in | 2 | ||||
-rw-r--r-- | cipher-3des1.c | 158 | ||||
-rw-r--r-- | cipher-bf1.c | 106 | ||||
-rw-r--r-- | cipher.c | 237 | ||||
-rw-r--r-- | cipher.h | 25 | ||||
-rw-r--r-- | readconf.c | 25 | ||||
-rw-r--r-- | readconf.h | 3 | ||||
-rw-r--r-- | ssh.c | 21 | ||||
-rw-r--r-- | sshkey.c | 8 |
9 files changed, 86 insertions, 499 deletions
diff --git a/Makefile.in b/Makefile.in index e247c0de7..f6625734a 100644 --- a/Makefile.in +++ b/Makefile.in | |||
@@ -78,7 +78,7 @@ LIBOPENSSH_OBJS=\ | |||
78 | LIBSSH_OBJS=${LIBOPENSSH_OBJS} \ | 78 | LIBSSH_OBJS=${LIBOPENSSH_OBJS} \ |
79 | authfd.o authfile.o bufaux.o bufbn.o bufec.o buffer.o \ | 79 | authfd.o authfile.o bufaux.o bufbn.o bufec.o buffer.o \ |
80 | canohost.o channels.o cipher.o cipher-aes.o cipher-aesctr.o \ | 80 | canohost.o channels.o cipher.o cipher-aes.o cipher-aesctr.o \ |
81 | cipher-bf1.o cipher-ctr.o cipher-3des1.o cleanup.o \ | 81 | cipher-ctr.o cleanup.o \ |
82 | compat.o crc32.o deattack.o fatal.o hostfile.o \ | 82 | compat.o crc32.o deattack.o fatal.o hostfile.o \ |
83 | log.o match.o moduli.o nchan.o packet.o opacket.o \ | 83 | log.o match.o moduli.o nchan.o packet.o opacket.o \ |
84 | readpass.o rsa.o ttymodes.o xmalloc.o addrmatch.o \ | 84 | readpass.o rsa.o ttymodes.o xmalloc.o addrmatch.o \ |
diff --git a/cipher-3des1.c b/cipher-3des1.c deleted file mode 100644 index 9fcc2785a..000000000 --- a/cipher-3des1.c +++ /dev/null | |||
@@ -1,158 +0,0 @@ | |||
1 | /* $OpenBSD: cipher-3des1.c,v 1.12 2015/01/14 10:24:42 markus Exp $ */ | ||
2 | /* | ||
3 | * Copyright (c) 2003 Markus Friedl. All rights reserved. | ||
4 | * | ||
5 | * Permission to use, copy, modify, and distribute this software for any | ||
6 | * purpose with or without fee is hereby granted, provided that the above | ||
7 | * copyright notice and this permission notice appear in all copies. | ||
8 | * | ||
9 | * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR | ||
10 | * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES | ||
11 | * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. | ||
12 | * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, | ||
13 | * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT | ||
14 | * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, | ||
15 | * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY | ||
16 | * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT | ||
17 | * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF | ||
18 | * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. | ||
19 | */ | ||
20 | |||
21 | #include "includes.h" | ||
22 | |||
23 | #ifdef WITH_SSH1 | ||
24 | |||
25 | #include <sys/types.h> | ||
26 | #include <string.h> | ||
27 | #include <openssl/evp.h> | ||
28 | |||
29 | #include "ssherr.h" | ||
30 | |||
31 | /* | ||
32 | * This is used by SSH1: | ||
33 | * | ||
34 | * What kind of triple DES are these 2 routines? | ||
35 | * | ||
36 | * Why is there a redundant initialization vector? | ||
37 | * | ||
38 | * If only iv3 was used, then, this would till effect have been | ||
39 | * outer-cbc. However, there is also a private iv1 == iv2 which | ||
40 | * perhaps makes differential analysis easier. On the other hand, the | ||
41 | * private iv1 probably makes the CRC-32 attack ineffective. This is a | ||
42 | * result of that there is no longer any known iv1 to use when | ||
43 | * choosing the X block. | ||
44 | */ | ||
45 | struct ssh1_3des_ctx | ||
46 | { | ||
47 | EVP_CIPHER_CTX k1, k2, k3; | ||
48 | }; | ||
49 | |||
50 | const EVP_CIPHER * evp_ssh1_3des(void); | ||
51 | int ssh1_3des_iv(EVP_CIPHER_CTX *, int, u_char *, int); | ||
52 | |||
53 | static int | ||
54 | ssh1_3des_init(EVP_CIPHER_CTX *ctx, const u_char *key, const u_char *iv, | ||
55 | int enc) | ||
56 | { | ||
57 | struct ssh1_3des_ctx *c; | ||
58 | u_char *k1, *k2, *k3; | ||
59 | |||
60 | if ((c = EVP_CIPHER_CTX_get_app_data(ctx)) == NULL) { | ||
61 | if ((c = calloc(1, sizeof(*c))) == NULL) | ||
62 | return 0; | ||
63 | EVP_CIPHER_CTX_set_app_data(ctx, c); | ||
64 | } | ||
65 | if (key == NULL) | ||
66 | return 1; | ||
67 | if (enc == -1) | ||
68 | enc = ctx->encrypt; | ||
69 | k1 = k2 = k3 = (u_char *) key; | ||
70 | k2 += 8; | ||
71 | if (EVP_CIPHER_CTX_key_length(ctx) >= 16+8) { | ||
72 | if (enc) | ||
73 | k3 += 16; | ||
74 | else | ||
75 | k1 += 16; | ||
76 | } | ||
77 | EVP_CIPHER_CTX_init(&c->k1); | ||
78 | EVP_CIPHER_CTX_init(&c->k2); | ||
79 | EVP_CIPHER_CTX_init(&c->k3); | ||
80 | if (EVP_CipherInit(&c->k1, EVP_des_cbc(), k1, NULL, enc) == 0 || | ||
81 | EVP_CipherInit(&c->k2, EVP_des_cbc(), k2, NULL, !enc) == 0 || | ||
82 | EVP_CipherInit(&c->k3, EVP_des_cbc(), k3, NULL, enc) == 0) { | ||
83 | explicit_bzero(c, sizeof(*c)); | ||
84 | free(c); | ||
85 | EVP_CIPHER_CTX_set_app_data(ctx, NULL); | ||
86 | return 0; | ||
87 | } | ||
88 | return 1; | ||
89 | } | ||
90 | |||
91 | static int | ||
92 | ssh1_3des_cbc(EVP_CIPHER_CTX *ctx, u_char *dest, const u_char *src, size_t len) | ||
93 | { | ||
94 | struct ssh1_3des_ctx *c; | ||
95 | |||
96 | if ((c = EVP_CIPHER_CTX_get_app_data(ctx)) == NULL) | ||
97 | return 0; | ||
98 | if (EVP_Cipher(&c->k1, dest, (u_char *)src, len) == 0 || | ||
99 | EVP_Cipher(&c->k2, dest, dest, len) == 0 || | ||
100 | EVP_Cipher(&c->k3, dest, dest, len) == 0) | ||
101 | return 0; | ||
102 | return 1; | ||
103 | } | ||
104 | |||
105 | static int | ||
106 | ssh1_3des_cleanup(EVP_CIPHER_CTX *ctx) | ||
107 | { | ||
108 | struct ssh1_3des_ctx *c; | ||
109 | |||
110 | if ((c = EVP_CIPHER_CTX_get_app_data(ctx)) != NULL) { | ||
111 | EVP_CIPHER_CTX_cleanup(&c->k1); | ||
112 | EVP_CIPHER_CTX_cleanup(&c->k2); | ||
113 | EVP_CIPHER_CTX_cleanup(&c->k3); | ||
114 | explicit_bzero(c, sizeof(*c)); | ||
115 | free(c); | ||
116 | EVP_CIPHER_CTX_set_app_data(ctx, NULL); | ||
117 | } | ||
118 | return 1; | ||
119 | } | ||
120 | |||
121 | int | ||
122 | ssh1_3des_iv(EVP_CIPHER_CTX *evp, int doset, u_char *iv, int len) | ||
123 | { | ||
124 | struct ssh1_3des_ctx *c; | ||
125 | |||
126 | if (len != 24) | ||
127 | return SSH_ERR_INVALID_ARGUMENT; | ||
128 | if ((c = EVP_CIPHER_CTX_get_app_data(evp)) == NULL) | ||
129 | return SSH_ERR_INTERNAL_ERROR; | ||
130 | if (doset) { | ||
131 | memcpy(c->k1.iv, iv, 8); | ||
132 | memcpy(c->k2.iv, iv + 8, 8); | ||
133 | memcpy(c->k3.iv, iv + 16, 8); | ||
134 | } else { | ||
135 | memcpy(iv, c->k1.iv, 8); | ||
136 | memcpy(iv + 8, c->k2.iv, 8); | ||
137 | memcpy(iv + 16, c->k3.iv, 8); | ||
138 | } | ||
139 | return 0; | ||
140 | } | ||
141 | |||
142 | const EVP_CIPHER * | ||
143 | evp_ssh1_3des(void) | ||
144 | { | ||
145 | static EVP_CIPHER ssh1_3des; | ||
146 | |||
147 | memset(&ssh1_3des, 0, sizeof(ssh1_3des)); | ||
148 | ssh1_3des.nid = NID_undef; | ||
149 | ssh1_3des.block_size = 8; | ||
150 | ssh1_3des.iv_len = 0; | ||
151 | ssh1_3des.key_len = 16; | ||
152 | ssh1_3des.init = ssh1_3des_init; | ||
153 | ssh1_3des.cleanup = ssh1_3des_cleanup; | ||
154 | ssh1_3des.do_cipher = ssh1_3des_cbc; | ||
155 | ssh1_3des.flags = EVP_CIPH_CBC_MODE | EVP_CIPH_VARIABLE_LENGTH; | ||
156 | return &ssh1_3des; | ||
157 | } | ||
158 | #endif /* WITH_SSH1 */ | ||
diff --git a/cipher-bf1.c b/cipher-bf1.c deleted file mode 100644 index c205b077c..000000000 --- a/cipher-bf1.c +++ /dev/null | |||
@@ -1,106 +0,0 @@ | |||
1 | /* $OpenBSD: cipher-bf1.c,v 1.7 2015/01/14 10:24:42 markus Exp $ */ | ||
2 | /* | ||
3 | * Copyright (c) 2003 Markus Friedl. All rights reserved. | ||
4 | * | ||
5 | * Permission to use, copy, modify, and distribute this software for any | ||
6 | * purpose with or without fee is hereby granted, provided that the above | ||
7 | * copyright notice and this permission notice appear in all copies. | ||
8 | * | ||
9 | * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR | ||
10 | * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES | ||
11 | * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. | ||
12 | * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, | ||
13 | * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT | ||
14 | * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, | ||
15 | * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY | ||
16 | * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT | ||
17 | * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF | ||
18 | * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. | ||
19 | */ | ||
20 | |||
21 | #include "includes.h" | ||
22 | |||
23 | #ifdef WITH_SSH1 | ||
24 | #if defined(WITH_OPENSSL) && !defined(OPENSSL_NO_BF) | ||
25 | |||
26 | #include <sys/types.h> | ||
27 | |||
28 | #include <stdarg.h> | ||
29 | #include <string.h> | ||
30 | |||
31 | #include <openssl/evp.h> | ||
32 | |||
33 | #include "openbsd-compat/openssl-compat.h" | ||
34 | |||
35 | /* | ||
36 | * SSH1 uses a variation on Blowfish, all bytes must be swapped before | ||
37 | * and after encryption/decryption. Thus the swap_bytes stuff (yuk). | ||
38 | */ | ||
39 | |||
40 | const EVP_CIPHER * evp_ssh1_bf(void); | ||
41 | |||
42 | static void | ||
43 | swap_bytes(const u_char *src, u_char *dst, int n) | ||
44 | { | ||
45 | u_char c[4]; | ||
46 | |||
47 | /* Process 4 bytes every lap. */ | ||
48 | for (n = n / 4; n > 0; n--) { | ||
49 | c[3] = *src++; | ||
50 | c[2] = *src++; | ||
51 | c[1] = *src++; | ||
52 | c[0] = *src++; | ||
53 | |||
54 | *dst++ = c[0]; | ||
55 | *dst++ = c[1]; | ||
56 | *dst++ = c[2]; | ||
57 | *dst++ = c[3]; | ||
58 | } | ||
59 | } | ||
60 | |||
61 | #ifdef SSH_OLD_EVP | ||
62 | static void bf_ssh1_init (EVP_CIPHER_CTX * ctx, const unsigned char *key, | ||
63 | const unsigned char *iv, int enc) | ||
64 | { | ||
65 | if (iv != NULL) | ||
66 | memcpy (&(ctx->oiv[0]), iv, 8); | ||
67 | memcpy (&(ctx->iv[0]), &(ctx->oiv[0]), 8); | ||
68 | if (key != NULL) | ||
69 | BF_set_key (&(ctx->c.bf_ks), EVP_CIPHER_CTX_key_length (ctx), | ||
70 | key); | ||
71 | } | ||
72 | #endif | ||
73 | |||
74 | static int (*orig_bf)(EVP_CIPHER_CTX *, u_char *, | ||
75 | const u_char *, LIBCRYPTO_EVP_INL_TYPE) = NULL; | ||
76 | |||
77 | static int | ||
78 | bf_ssh1_cipher(EVP_CIPHER_CTX *ctx, u_char *out, const u_char *in, | ||
79 | LIBCRYPTO_EVP_INL_TYPE len) | ||
80 | { | ||
81 | int ret; | ||
82 | |||
83 | swap_bytes(in, out, len); | ||
84 | ret = (*orig_bf)(ctx, out, out, len); | ||
85 | swap_bytes(out, out, len); | ||
86 | return (ret); | ||
87 | } | ||
88 | |||
89 | const EVP_CIPHER * | ||
90 | evp_ssh1_bf(void) | ||
91 | { | ||
92 | static EVP_CIPHER ssh1_bf; | ||
93 | |||
94 | memcpy(&ssh1_bf, EVP_bf_cbc(), sizeof(EVP_CIPHER)); | ||
95 | orig_bf = ssh1_bf.do_cipher; | ||
96 | ssh1_bf.nid = NID_undef; | ||
97 | #ifdef SSH_OLD_EVP | ||
98 | ssh1_bf.init = bf_ssh1_init; | ||
99 | #endif | ||
100 | ssh1_bf.do_cipher = bf_ssh1_cipher; | ||
101 | ssh1_bf.key_len = 32; | ||
102 | return (&ssh1_bf); | ||
103 | } | ||
104 | #endif /* defined(WITH_OPENSSL) && !defined(OPENSSL_NO_BF) */ | ||
105 | |||
106 | #endif /* WITH_SSH1 */ | ||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: cipher.c,v 1.103 2017/04/30 23:10:43 djm Exp $ */ | 1 | /* $OpenBSD: cipher.c,v 1.104 2017/04/30 23:15:04 djm Exp $ */ |
2 | /* | 2 | /* |
3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> | 3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> |
4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland | 4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
@@ -63,7 +63,6 @@ struct sshcipher_ctx { | |||
63 | 63 | ||
64 | struct sshcipher { | 64 | struct sshcipher { |
65 | char *name; | 65 | char *name; |
66 | int number; /* for ssh1 only */ | ||
67 | u_int block_size; | 66 | u_int block_size; |
68 | u_int key_len; | 67 | u_int key_len; |
69 | u_int iv_len; /* defaults to block_size */ | 68 | u_int iv_len; /* defaults to block_size */ |
@@ -74,6 +73,7 @@ struct sshcipher { | |||
74 | #define CFLAG_CHACHAPOLY (1<<1) | 73 | #define CFLAG_CHACHAPOLY (1<<1) |
75 | #define CFLAG_AESCTR (1<<2) | 74 | #define CFLAG_AESCTR (1<<2) |
76 | #define CFLAG_NONE (1<<3) | 75 | #define CFLAG_NONE (1<<3) |
76 | #define CFLAG_INTERNAL CFLAG_NONE /* Don't use "none" for packets */ | ||
77 | #ifdef WITH_OPENSSL | 77 | #ifdef WITH_OPENSSL |
78 | const EVP_CIPHER *(*evptype)(void); | 78 | const EVP_CIPHER *(*evptype)(void); |
79 | #else | 79 | #else |
@@ -83,45 +83,42 @@ struct sshcipher { | |||
83 | 83 | ||
84 | static const struct sshcipher ciphers[] = { | 84 | static const struct sshcipher ciphers[] = { |
85 | #ifdef WITH_OPENSSL | 85 | #ifdef WITH_OPENSSL |
86 | { "none", SSH_CIPHER_NONE, 8, 0, 0, 0, 0, 0, EVP_enc_null }, | 86 | { "3des-cbc", 8, 24, 0, 0, 0, 1, EVP_des_ede3_cbc }, |
87 | { "3des-cbc", SSH_CIPHER_SSH2, 8, 24, 0, 0, 0, 1, EVP_des_ede3_cbc }, | ||
88 | # ifndef OPENSSL_NO_BF | 87 | # ifndef OPENSSL_NO_BF |
89 | { "blowfish-cbc", | 88 | { "blowfish-cbc", 8, 16, 0, 0, 0, 1, EVP_bf_cbc }, |
90 | SSH_CIPHER_SSH2, 8, 16, 0, 0, 0, 1, EVP_bf_cbc }, | ||
91 | # endif /* OPENSSL_NO_BF */ | 89 | # endif /* OPENSSL_NO_BF */ |
92 | # ifndef OPENSSL_NO_CAST | 90 | # ifndef OPENSSL_NO_CAST |
93 | { "cast128-cbc", | 91 | { "cast128-cbc", 8, 16, 0, 0, 0, 1, EVP_cast5_cbc }, |
94 | SSH_CIPHER_SSH2, 8, 16, 0, 0, 0, 1, EVP_cast5_cbc }, | ||
95 | # endif /* OPENSSL_NO_CAST */ | 92 | # endif /* OPENSSL_NO_CAST */ |
96 | # ifndef OPENSSL_NO_RC4 | 93 | # ifndef OPENSSL_NO_RC4 |
97 | { "arcfour", SSH_CIPHER_SSH2, 8, 16, 0, 0, 0, 0, EVP_rc4 }, | 94 | { "arcfour", 8, 16, 0, 0, 0, 0, EVP_rc4 }, |
98 | { "arcfour128", SSH_CIPHER_SSH2, 8, 16, 0, 0, 1536, 0, EVP_rc4 }, | 95 | { "arcfour128", 8, 16, 0, 0, 1536, 0, EVP_rc4 }, |
99 | { "arcfour256", SSH_CIPHER_SSH2, 8, 32, 0, 0, 1536, 0, EVP_rc4 }, | 96 | { "arcfour256", 8, 32, 0, 0, 1536, 0, EVP_rc4 }, |
100 | # endif /* OPENSSL_NO_RC4 */ | 97 | # endif /* OPENSSL_NO_RC4 */ |
101 | { "aes128-cbc", SSH_CIPHER_SSH2, 16, 16, 0, 0, 0, 1, EVP_aes_128_cbc }, | 98 | { "aes128-cbc", 16, 16, 0, 0, 0, 1, EVP_aes_128_cbc }, |
102 | { "aes192-cbc", SSH_CIPHER_SSH2, 16, 24, 0, 0, 0, 1, EVP_aes_192_cbc }, | 99 | { "aes192-cbc", 16, 24, 0, 0, 0, 1, EVP_aes_192_cbc }, |
103 | { "aes256-cbc", SSH_CIPHER_SSH2, 16, 32, 0, 0, 0, 1, EVP_aes_256_cbc }, | 100 | { "aes256-cbc", 16, 32, 0, 0, 0, 1, EVP_aes_256_cbc }, |
104 | { "rijndael-cbc@lysator.liu.se", | 101 | { "rijndael-cbc@lysator.liu.se", |
105 | SSH_CIPHER_SSH2, 16, 32, 0, 0, 0, 1, EVP_aes_256_cbc }, | 102 | 16, 32, 0, 0, 0, 1, EVP_aes_256_cbc }, |
106 | { "aes128-ctr", SSH_CIPHER_SSH2, 16, 16, 0, 0, 0, 0, EVP_aes_128_ctr }, | 103 | { "aes128-ctr", 16, 16, 0, 0, 0, 0, EVP_aes_128_ctr }, |
107 | { "aes192-ctr", SSH_CIPHER_SSH2, 16, 24, 0, 0, 0, 0, EVP_aes_192_ctr }, | 104 | { "aes192-ctr", 16, 24, 0, 0, 0, 0, EVP_aes_192_ctr }, |
108 | { "aes256-ctr", SSH_CIPHER_SSH2, 16, 32, 0, 0, 0, 0, EVP_aes_256_ctr }, | 105 | { "aes256-ctr", 16, 32, 0, 0, 0, 0, EVP_aes_256_ctr }, |
109 | # ifdef OPENSSL_HAVE_EVPGCM | 106 | # ifdef OPENSSL_HAVE_EVPGCM |
110 | { "aes128-gcm@openssh.com", | 107 | { "aes128-gcm@openssh.com", |
111 | SSH_CIPHER_SSH2, 16, 16, 12, 16, 0, 0, EVP_aes_128_gcm }, | 108 | 16, 16, 12, 16, 0, 0, EVP_aes_128_gcm }, |
112 | { "aes256-gcm@openssh.com", | 109 | { "aes256-gcm@openssh.com", |
113 | SSH_CIPHER_SSH2, 16, 32, 12, 16, 0, 0, EVP_aes_256_gcm }, | 110 | 16, 32, 12, 16, 0, 0, EVP_aes_256_gcm }, |
114 | # endif /* OPENSSL_HAVE_EVPGCM */ | 111 | # endif /* OPENSSL_HAVE_EVPGCM */ |
115 | #else /* WITH_OPENSSL */ | 112 | #else |
116 | { "aes128-ctr", SSH_CIPHER_SSH2, 16, 16, 0, 0, 0, CFLAG_AESCTR, NULL }, | 113 | { "aes128-ctr", 16, 16, 0, 0, 0, CFLAG_AESCTR, NULL }, |
117 | { "aes192-ctr", SSH_CIPHER_SSH2, 16, 24, 0, 0, 0, CFLAG_AESCTR, NULL }, | 114 | { "aes192-ctr", 16, 24, 0, 0, 0, CFLAG_AESCTR, NULL }, |
118 | { "aes256-ctr", SSH_CIPHER_SSH2, 16, 32, 0, 0, 0, CFLAG_AESCTR, NULL }, | 115 | { "aes256-ctr", 16, 32, 0, 0, 0, CFLAG_AESCTR, NULL }, |
119 | { "none", SSH_CIPHER_NONE, 8, 0, 0, 0, 0, CFLAG_NONE, NULL }, | 116 | #endif |
120 | #endif /* WITH_OPENSSL */ | ||
121 | { "chacha20-poly1305@openssh.com", | 117 | { "chacha20-poly1305@openssh.com", |
122 | SSH_CIPHER_SSH2, 8, 64, 0, 16, 0, CFLAG_CHACHAPOLY, NULL }, | 118 | 8, 64, 0, 16, 0, CFLAG_CHACHAPOLY, NULL }, |
119 | { "none", 8, 0, 0, 0, 0, CFLAG_NONE, NULL }, | ||
123 | 120 | ||
124 | { NULL, SSH_CIPHER_INVALID, 0, 0, 0, 0, 0, 0, NULL } | 121 | { NULL, 0, 0, 0, 0, 0, 0, NULL } |
125 | }; | 122 | }; |
126 | 123 | ||
127 | /*--*/ | 124 | /*--*/ |
@@ -135,7 +132,7 @@ cipher_alg_list(char sep, int auth_only) | |||
135 | const struct sshcipher *c; | 132 | const struct sshcipher *c; |
136 | 133 | ||
137 | for (c = ciphers; c->name != NULL; c++) { | 134 | for (c = ciphers; c->name != NULL; c++) { |
138 | if (c->number != SSH_CIPHER_SSH2) | 135 | if ((c->flags & CFLAG_INTERNAL) != 0) |
139 | continue; | 136 | continue; |
140 | if (auth_only && c->auth_len == 0) | 137 | if (auth_only && c->auth_len == 0) |
141 | continue; | 138 | continue; |
@@ -191,12 +188,6 @@ cipher_ivlen(const struct sshcipher *c) | |||
191 | } | 188 | } |
192 | 189 | ||
193 | u_int | 190 | u_int |
194 | cipher_get_number(const struct sshcipher *c) | ||
195 | { | ||
196 | return (c->number); | ||
197 | } | ||
198 | |||
199 | u_int | ||
200 | cipher_is_cbc(const struct sshcipher *c) | 191 | cipher_is_cbc(const struct sshcipher *c) |
201 | { | 192 | { |
202 | return (c->flags & CFLAG_CBC) != 0; | 193 | return (c->flags & CFLAG_CBC) != 0; |
@@ -208,24 +199,6 @@ cipher_ctx_is_plaintext(struct sshcipher_ctx *cc) | |||
208 | return cc->plaintext; | 199 | return cc->plaintext; |
209 | } | 200 | } |
210 | 201 | ||
211 | u_int | ||
212 | cipher_ctx_get_number(struct sshcipher_ctx *cc) | ||
213 | { | ||
214 | return cc->cipher->number; | ||
215 | } | ||
216 | |||
217 | u_int | ||
218 | cipher_mask_ssh1(int client) | ||
219 | { | ||
220 | u_int mask = 0; | ||
221 | mask |= 1 << SSH_CIPHER_3DES; /* Mandatory */ | ||
222 | mask |= 1 << SSH_CIPHER_BLOWFISH; | ||
223 | if (client) { | ||
224 | mask |= 1 << SSH_CIPHER_DES; | ||
225 | } | ||
226 | return mask; | ||
227 | } | ||
228 | |||
229 | const struct sshcipher * | 202 | const struct sshcipher * |
230 | cipher_by_name(const char *name) | 203 | cipher_by_name(const char *name) |
231 | { | 204 | { |
@@ -236,16 +209,6 @@ cipher_by_name(const char *name) | |||
236 | return NULL; | 209 | return NULL; |
237 | } | 210 | } |
238 | 211 | ||
239 | const struct sshcipher * | ||
240 | cipher_by_number(int id) | ||
241 | { | ||
242 | const struct sshcipher *c; | ||
243 | for (c = ciphers; c->name != NULL; c++) | ||
244 | if (c->number == id) | ||
245 | return c; | ||
246 | return NULL; | ||
247 | } | ||
248 | |||
249 | #define CIPHER_SEP "," | 212 | #define CIPHER_SEP "," |
250 | int | 213 | int |
251 | ciphers_valid(const char *names) | 214 | ciphers_valid(const char *names) |
@@ -261,7 +224,7 @@ ciphers_valid(const char *names) | |||
261 | for ((p = strsep(&cp, CIPHER_SEP)); p && *p != '\0'; | 224 | for ((p = strsep(&cp, CIPHER_SEP)); p && *p != '\0'; |
262 | (p = strsep(&cp, CIPHER_SEP))) { | 225 | (p = strsep(&cp, CIPHER_SEP))) { |
263 | c = cipher_by_name(p); | 226 | c = cipher_by_name(p); |
264 | if (c == NULL || c->number != SSH_CIPHER_SSH2) { | 227 | if (c == NULL || (c->flags & CFLAG_INTERNAL) != 0) { |
265 | free(cipher_list); | 228 | free(cipher_list); |
266 | return 0; | 229 | return 0; |
267 | } | 230 | } |
@@ -270,38 +233,12 @@ ciphers_valid(const char *names) | |||
270 | return 1; | 233 | return 1; |
271 | } | 234 | } |
272 | 235 | ||
273 | /* | ||
274 | * Parses the name of the cipher. Returns the number of the corresponding | ||
275 | * cipher, or -1 on error. | ||
276 | */ | ||
277 | |||
278 | int | ||
279 | cipher_number(const char *name) | ||
280 | { | ||
281 | const struct sshcipher *c; | ||
282 | if (name == NULL) | ||
283 | return -1; | ||
284 | for (c = ciphers; c->name != NULL; c++) | ||
285 | if (strcasecmp(c->name, name) == 0) | ||
286 | return c->number; | ||
287 | return -1; | ||
288 | } | ||
289 | |||
290 | char * | ||
291 | cipher_name(int id) | ||
292 | { | ||
293 | const struct sshcipher *c = cipher_by_number(id); | ||
294 | return (c==NULL) ? "<unknown>" : c->name; | ||
295 | } | ||
296 | |||
297 | const char * | 236 | const char * |
298 | cipher_warning_message(const struct sshcipher_ctx *cc) | 237 | cipher_warning_message(const struct sshcipher_ctx *cc) |
299 | { | 238 | { |
300 | if (cc == NULL || cc->cipher == NULL) | 239 | if (cc == NULL || cc->cipher == NULL) |
301 | return NULL; | 240 | return NULL; |
302 | if (cc->cipher->number == SSH_CIPHER_DES) | 241 | /* XXX repurpose for CBC warning */ |
303 | return "use of DES is strongly discouraged due to " | ||
304 | "cryptographic weaknesses"; | ||
305 | return NULL; | 242 | return NULL; |
306 | } | 243 | } |
307 | 244 | ||
@@ -322,12 +259,7 @@ cipher_init(struct sshcipher_ctx **ccp, const struct sshcipher *cipher, | |||
322 | if ((cc = calloc(sizeof(*cc), 1)) == NULL) | 259 | if ((cc = calloc(sizeof(*cc), 1)) == NULL) |
323 | return SSH_ERR_ALLOC_FAIL; | 260 | return SSH_ERR_ALLOC_FAIL; |
324 | 261 | ||
325 | if (cipher->number == SSH_CIPHER_DES) { | 262 | cc->plaintext = 0; /* XXX */ |
326 | if (keylen > 8) | ||
327 | keylen = 8; | ||
328 | } | ||
329 | |||
330 | cc->plaintext = (cipher->number == SSH_CIPHER_NONE); | ||
331 | cc->encrypt = do_encrypt; | 263 | cc->encrypt = do_encrypt; |
332 | 264 | ||
333 | if (keylen < cipher->key_len || | 265 | if (keylen < cipher->key_len || |
@@ -341,6 +273,10 @@ cipher_init(struct sshcipher_ctx **ccp, const struct sshcipher *cipher, | |||
341 | ret = chachapoly_init(&cc->cp_ctx, key, keylen); | 273 | ret = chachapoly_init(&cc->cp_ctx, key, keylen); |
342 | goto out; | 274 | goto out; |
343 | } | 275 | } |
276 | if ((cc->cipher->flags & CFLAG_NONE) != 0) { | ||
277 | ret = 0; | ||
278 | goto out; | ||
279 | } | ||
344 | #ifndef WITH_OPENSSL | 280 | #ifndef WITH_OPENSSL |
345 | if ((cc->cipher->flags & CFLAG_AESCTR) != 0) { | 281 | if ((cc->cipher->flags & CFLAG_AESCTR) != 0) { |
346 | aesctr_keysetup(&cc->ac_ctx, key, 8 * keylen, 8 * ivlen); | 282 | aesctr_keysetup(&cc->ac_ctx, key, 8 * keylen, 8 * ivlen); |
@@ -348,10 +284,6 @@ cipher_init(struct sshcipher_ctx **ccp, const struct sshcipher *cipher, | |||
348 | ret = 0; | 284 | ret = 0; |
349 | goto out; | 285 | goto out; |
350 | } | 286 | } |
351 | if ((cc->cipher->flags & CFLAG_NONE) != 0) { | ||
352 | ret = 0; | ||
353 | goto out; | ||
354 | } | ||
355 | ret = SSH_ERR_INVALID_ARGUMENT; | 287 | ret = SSH_ERR_INVALID_ARGUMENT; |
356 | goto out; | 288 | goto out; |
357 | #else /* WITH_OPENSSL */ | 289 | #else /* WITH_OPENSSL */ |
@@ -436,6 +368,10 @@ cipher_crypt(struct sshcipher_ctx *cc, u_int seqnr, u_char *dest, | |||
436 | return chachapoly_crypt(&cc->cp_ctx, seqnr, dest, src, | 368 | return chachapoly_crypt(&cc->cp_ctx, seqnr, dest, src, |
437 | len, aadlen, authlen, cc->encrypt); | 369 | len, aadlen, authlen, cc->encrypt); |
438 | } | 370 | } |
371 | if ((cc->cipher->flags & CFLAG_NONE) != 0) { | ||
372 | memcpy(dest, src, aadlen + len); | ||
373 | return 0; | ||
374 | } | ||
439 | #ifndef WITH_OPENSSL | 375 | #ifndef WITH_OPENSSL |
440 | if ((cc->cipher->flags & CFLAG_AESCTR) != 0) { | 376 | if ((cc->cipher->flags & CFLAG_AESCTR) != 0) { |
441 | if (aadlen) | 377 | if (aadlen) |
@@ -444,10 +380,6 @@ cipher_crypt(struct sshcipher_ctx *cc, u_int seqnr, u_char *dest, | |||
444 | dest + aadlen, len); | 380 | dest + aadlen, len); |
445 | return 0; | 381 | return 0; |
446 | } | 382 | } |
447 | if ((cc->cipher->flags & CFLAG_NONE) != 0) { | ||
448 | memcpy(dest, src, aadlen + len); | ||
449 | return 0; | ||
450 | } | ||
451 | return SSH_ERR_INVALID_ARGUMENT; | 383 | return SSH_ERR_INVALID_ARGUMENT; |
452 | #else | 384 | #else |
453 | if (authlen) { | 385 | if (authlen) { |
@@ -554,19 +486,16 @@ int | |||
554 | cipher_get_keyiv_len(const struct sshcipher_ctx *cc) | 486 | cipher_get_keyiv_len(const struct sshcipher_ctx *cc) |
555 | { | 487 | { |
556 | const struct sshcipher *c = cc->cipher; | 488 | const struct sshcipher *c = cc->cipher; |
557 | int ivlen = 0; | ||
558 | 489 | ||
559 | if (c->number == SSH_CIPHER_3DES) | 490 | if ((c->flags & CFLAG_CHACHAPOLY) != 0) |
560 | ivlen = 24; | 491 | return 0; |
561 | else if ((cc->cipher->flags & CFLAG_CHACHAPOLY) != 0) | 492 | else if ((c->flags & CFLAG_AESCTR) != 0) |
562 | ivlen = 0; | 493 | return sizeof(cc->ac_ctx.ctr); |
563 | else if ((cc->cipher->flags & CFLAG_AESCTR) != 0) | ||
564 | ivlen = sizeof(cc->ac_ctx.ctr); | ||
565 | #ifdef WITH_OPENSSL | 494 | #ifdef WITH_OPENSSL |
566 | else | 495 | return EVP_CIPHER_CTX_iv_length(cc->evp); |
567 | ivlen = EVP_CIPHER_CTX_iv_length(cc->evp); | 496 | #else |
568 | #endif /* WITH_OPENSSL */ | 497 | return 0; |
569 | return (ivlen); | 498 | #endif |
570 | } | 499 | } |
571 | 500 | ||
572 | int | 501 | int |
@@ -591,34 +520,26 @@ cipher_get_keyiv(struct sshcipher_ctx *cc, u_char *iv, u_int len) | |||
591 | if ((cc->cipher->flags & CFLAG_NONE) != 0) | 520 | if ((cc->cipher->flags & CFLAG_NONE) != 0) |
592 | return 0; | 521 | return 0; |
593 | 522 | ||
594 | switch (c->number) { | ||
595 | #ifdef WITH_OPENSSL | 523 | #ifdef WITH_OPENSSL |
596 | case SSH_CIPHER_SSH2: | 524 | evplen = EVP_CIPHER_CTX_iv_length(cc->evp); |
597 | case SSH_CIPHER_DES: | 525 | if (evplen == 0) |
598 | case SSH_CIPHER_BLOWFISH: | 526 | return 0; |
599 | evplen = EVP_CIPHER_CTX_iv_length(cc->evp); | 527 | else if (evplen < 0) |
600 | if (evplen == 0) | 528 | return SSH_ERR_LIBCRYPTO_ERROR; |
601 | return 0; | 529 | if ((u_int)evplen != len) |
602 | else if (evplen < 0) | 530 | return SSH_ERR_INVALID_ARGUMENT; |
603 | return SSH_ERR_LIBCRYPTO_ERROR; | ||
604 | if ((u_int)evplen != len) | ||
605 | return SSH_ERR_INVALID_ARGUMENT; | ||
606 | #ifndef OPENSSL_HAVE_EVPCTR | 531 | #ifndef OPENSSL_HAVE_EVPCTR |
607 | if (c->evptype == evp_aes_128_ctr) | 532 | if (c->evptype == evp_aes_128_ctr) |
608 | ssh_aes_ctr_iv(cc->evp, 0, iv, len); | 533 | ssh_aes_ctr_iv(cc->evp, 0, iv, len); |
609 | else | 534 | else |
610 | #endif | 535 | #endif |
611 | if (cipher_authlen(c)) { | 536 | if (cipher_authlen(c)) { |
612 | if (!EVP_CIPHER_CTX_ctrl(cc->evp, EVP_CTRL_GCM_IV_GEN, | 537 | if (!EVP_CIPHER_CTX_ctrl(cc->evp, EVP_CTRL_GCM_IV_GEN, |
613 | len, iv)) | 538 | len, iv)) |
614 | return SSH_ERR_LIBCRYPTO_ERROR; | 539 | return SSH_ERR_LIBCRYPTO_ERROR; |
615 | } else | 540 | } else |
616 | memcpy(iv, cc->evp->iv, len); | 541 | memcpy(iv, cc->evp->iv, len); |
617 | break; | ||
618 | #endif | 542 | #endif |
619 | default: | ||
620 | return SSH_ERR_INVALID_ARGUMENT; | ||
621 | } | ||
622 | return 0; | 543 | return 0; |
623 | } | 544 | } |
624 | 545 | ||
@@ -635,32 +556,24 @@ cipher_set_keyiv(struct sshcipher_ctx *cc, const u_char *iv) | |||
635 | if ((cc->cipher->flags & CFLAG_NONE) != 0) | 556 | if ((cc->cipher->flags & CFLAG_NONE) != 0) |
636 | return 0; | 557 | return 0; |
637 | 558 | ||
638 | switch (c->number) { | ||
639 | #ifdef WITH_OPENSSL | 559 | #ifdef WITH_OPENSSL |
640 | case SSH_CIPHER_SSH2: | 560 | evplen = EVP_CIPHER_CTX_iv_length(cc->evp); |
641 | case SSH_CIPHER_DES: | 561 | if (evplen <= 0) |
642 | case SSH_CIPHER_BLOWFISH: | 562 | return SSH_ERR_LIBCRYPTO_ERROR; |
643 | evplen = EVP_CIPHER_CTX_iv_length(cc->evp); | ||
644 | if (evplen <= 0) | ||
645 | return SSH_ERR_LIBCRYPTO_ERROR; | ||
646 | #ifndef OPENSSL_HAVE_EVPCTR | 563 | #ifndef OPENSSL_HAVE_EVPCTR |
647 | /* XXX iv arg is const, but ssh_aes_ctr_iv isn't */ | 564 | /* XXX iv arg is const, but ssh_aes_ctr_iv isn't */ |
648 | if (c->evptype == evp_aes_128_ctr) | 565 | if (c->evptype == evp_aes_128_ctr) |
649 | ssh_aes_ctr_iv(cc->evp, 1, (u_char *)iv, evplen); | 566 | ssh_aes_ctr_iv(cc->evp, 1, (u_char *)iv, evplen); |
650 | else | 567 | else |
651 | #endif | 568 | #endif |
652 | if (cipher_authlen(c)) { | 569 | if (cipher_authlen(c)) { |
653 | /* XXX iv arg is const, but EVP_CIPHER_CTX_ctrl isn't */ | 570 | /* XXX iv arg is const, but EVP_CIPHER_CTX_ctrl isn't */ |
654 | if (!EVP_CIPHER_CTX_ctrl(cc->evp, | 571 | if (!EVP_CIPHER_CTX_ctrl(cc->evp, |
655 | EVP_CTRL_GCM_SET_IV_FIXED, -1, (void *)iv)) | 572 | EVP_CTRL_GCM_SET_IV_FIXED, -1, (void *)iv)) |
656 | return SSH_ERR_LIBCRYPTO_ERROR; | 573 | return SSH_ERR_LIBCRYPTO_ERROR; |
657 | } else | 574 | } else |
658 | memcpy(cc->evp->iv, iv, evplen); | 575 | memcpy(cc->evp->iv, iv, evplen); |
659 | break; | ||
660 | #endif | 576 | #endif |
661 | default: | ||
662 | return SSH_ERR_INVALID_ARGUMENT; | ||
663 | } | ||
664 | return 0; | 577 | return 0; |
665 | } | 578 | } |
666 | 579 | ||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: cipher.h,v 1.49 2016/08/03 05:41:57 djm Exp $ */ | 1 | /* $OpenBSD: cipher.h,v 1.50 2017/04/30 23:15:04 djm Exp $ */ |
2 | 2 | ||
3 | /* | 3 | /* |
4 | * Author: Tatu Ylonen <ylo@cs.hut.fi> | 4 | * Author: Tatu Ylonen <ylo@cs.hut.fi> |
@@ -42,34 +42,13 @@ | |||
42 | #include "cipher-chachapoly.h" | 42 | #include "cipher-chachapoly.h" |
43 | #include "cipher-aesctr.h" | 43 | #include "cipher-aesctr.h" |
44 | 44 | ||
45 | /* | ||
46 | * Cipher types for SSH-1. New types can be added, but old types should not | ||
47 | * be removed for compatibility. The maximum allowed value is 31. | ||
48 | */ | ||
49 | #define SSH_CIPHER_SSH2 -3 | ||
50 | #define SSH_CIPHER_INVALID -2 /* No valid cipher selected. */ | ||
51 | #define SSH_CIPHER_NOT_SET -1 /* None selected (invalid number). */ | ||
52 | #define SSH_CIPHER_NONE 0 /* no encryption */ | ||
53 | #define SSH_CIPHER_IDEA 1 /* IDEA CFB */ | ||
54 | #define SSH_CIPHER_DES 2 /* DES CBC */ | ||
55 | #define SSH_CIPHER_3DES 3 /* 3DES CBC */ | ||
56 | #define SSH_CIPHER_BROKEN_TSS 4 /* TRI's Simple Stream encryption CBC */ | ||
57 | #define SSH_CIPHER_BROKEN_RC4 5 /* Alleged RC4 */ | ||
58 | #define SSH_CIPHER_BLOWFISH 6 | ||
59 | #define SSH_CIPHER_RESERVED 7 | ||
60 | #define SSH_CIPHER_MAX 31 | ||
61 | |||
62 | #define CIPHER_ENCRYPT 1 | 45 | #define CIPHER_ENCRYPT 1 |
63 | #define CIPHER_DECRYPT 0 | 46 | #define CIPHER_DECRYPT 0 |
64 | 47 | ||
65 | struct sshcipher; | 48 | struct sshcipher; |
66 | struct sshcipher_ctx; | 49 | struct sshcipher_ctx; |
67 | 50 | ||
68 | u_int cipher_mask_ssh1(int); | ||
69 | const struct sshcipher *cipher_by_name(const char *); | 51 | const struct sshcipher *cipher_by_name(const char *); |
70 | const struct sshcipher *cipher_by_number(int); | ||
71 | int cipher_number(const char *); | ||
72 | char *cipher_name(int); | ||
73 | const char *cipher_warning_message(const struct sshcipher_ctx *); | 52 | const char *cipher_warning_message(const struct sshcipher_ctx *); |
74 | int ciphers_valid(const char *); | 53 | int ciphers_valid(const char *); |
75 | char *cipher_alg_list(char, int); | 54 | char *cipher_alg_list(char, int); |
@@ -90,9 +69,7 @@ u_int cipher_ivlen(const struct sshcipher *); | |||
90 | u_int cipher_is_cbc(const struct sshcipher *); | 69 | u_int cipher_is_cbc(const struct sshcipher *); |
91 | 70 | ||
92 | u_int cipher_ctx_is_plaintext(struct sshcipher_ctx *); | 71 | u_int cipher_ctx_is_plaintext(struct sshcipher_ctx *); |
93 | u_int cipher_ctx_get_number(struct sshcipher_ctx *); | ||
94 | 72 | ||
95 | u_int cipher_get_number(const struct sshcipher *); | ||
96 | int cipher_get_keyiv(struct sshcipher_ctx *, u_char *, u_int); | 73 | int cipher_get_keyiv(struct sshcipher_ctx *, u_char *, u_int); |
97 | int cipher_set_keyiv(struct sshcipher_ctx *, const u_char *); | 74 | int cipher_set_keyiv(struct sshcipher_ctx *, const u_char *); |
98 | int cipher_get_keyiv_len(const struct sshcipher_ctx *); | 75 | int cipher_get_keyiv_len(const struct sshcipher_ctx *); |
diff --git a/readconf.c b/readconf.c index 963c648b9..5a7197c14 100644 --- a/readconf.c +++ b/readconf.c | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: readconf.c,v 1.273 2017/04/30 23:11:45 djm Exp $ */ | 1 | /* $OpenBSD: readconf.c,v 1.274 2017/04/30 23:15:04 djm Exp $ */ |
2 | /* | 2 | /* |
3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> | 3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> |
4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland | 4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
@@ -182,6 +182,7 @@ static struct { | |||
182 | } keywords[] = { | 182 | } keywords[] = { |
183 | /* Deprecated options */ | 183 | /* Deprecated options */ |
184 | { "protocol", oIgnore }, /* NB. silently ignored */ | 184 | { "protocol", oIgnore }, /* NB. silently ignored */ |
185 | { "cipher", oDeprecated }, | ||
185 | { "fallbacktorsh", oDeprecated }, | 186 | { "fallbacktorsh", oDeprecated }, |
186 | { "globalknownhostsfile2", oDeprecated }, | 187 | { "globalknownhostsfile2", oDeprecated }, |
187 | { "rhostsauthentication", oDeprecated }, | 188 | { "rhostsauthentication", oDeprecated }, |
@@ -240,7 +241,6 @@ static struct { | |||
240 | { "hostkeyalias", oHostKeyAlias }, | 241 | { "hostkeyalias", oHostKeyAlias }, |
241 | { "proxycommand", oProxyCommand }, | 242 | { "proxycommand", oProxyCommand }, |
242 | { "port", oPort }, | 243 | { "port", oPort }, |
243 | { "cipher", oCipher }, | ||
244 | { "ciphers", oCiphers }, | 244 | { "ciphers", oCiphers }, |
245 | { "macs", oMacs }, | 245 | { "macs", oMacs }, |
246 | { "remoteforward", oRemoteForward }, | 246 | { "remoteforward", oRemoteForward }, |
@@ -1175,19 +1175,6 @@ parse_int: | |||
1175 | intptr = &options->connection_attempts; | 1175 | intptr = &options->connection_attempts; |
1176 | goto parse_int; | 1176 | goto parse_int; |
1177 | 1177 | ||
1178 | case oCipher: | ||
1179 | intptr = &options->cipher; | ||
1180 | arg = strdelim(&s); | ||
1181 | if (!arg || *arg == '\0') | ||
1182 | fatal("%.200s line %d: Missing argument.", filename, linenum); | ||
1183 | value = cipher_number(arg); | ||
1184 | if (value == -1) | ||
1185 | fatal("%.200s line %d: Bad cipher '%s'.", | ||
1186 | filename, linenum, arg ? arg : "<NONE>"); | ||
1187 | if (*activep && *intptr == -1) | ||
1188 | *intptr = value; | ||
1189 | break; | ||
1190 | |||
1191 | case oCiphers: | 1178 | case oCiphers: |
1192 | arg = strdelim(&s); | 1179 | arg = strdelim(&s); |
1193 | if (!arg || *arg == '\0') | 1180 | if (!arg || *arg == '\0') |
@@ -1811,7 +1798,6 @@ initialize_options(Options * options) | |||
1811 | options->connection_attempts = -1; | 1798 | options->connection_attempts = -1; |
1812 | options->connection_timeout = -1; | 1799 | options->connection_timeout = -1; |
1813 | options->number_of_password_prompts = -1; | 1800 | options->number_of_password_prompts = -1; |
1814 | options->cipher = -1; | ||
1815 | options->ciphers = NULL; | 1801 | options->ciphers = NULL; |
1816 | options->macs = NULL; | 1802 | options->macs = NULL; |
1817 | options->kex_algorithms = NULL; | 1803 | options->kex_algorithms = NULL; |
@@ -1968,9 +1954,6 @@ fill_default_options(Options * options) | |||
1968 | options->connection_attempts = 1; | 1954 | options->connection_attempts = 1; |
1969 | if (options->number_of_password_prompts == -1) | 1955 | if (options->number_of_password_prompts == -1) |
1970 | options->number_of_password_prompts = 3; | 1956 | options->number_of_password_prompts = 3; |
1971 | /* Selected in ssh_login(). */ | ||
1972 | if (options->cipher == -1) | ||
1973 | options->cipher = SSH_CIPHER_NOT_SET; | ||
1974 | /* options->hostkeyalgorithms, default set in myproposals.h */ | 1957 | /* options->hostkeyalgorithms, default set in myproposals.h */ |
1975 | if (options->add_keys_to_agent == -1) | 1958 | if (options->add_keys_to_agent == -1) |
1976 | options->add_keys_to_agent = 0; | 1959 | options->add_keys_to_agent = 0; |
@@ -2603,10 +2586,6 @@ dump_client_config(Options *o, const char *host) | |||
2603 | printf("\n"); | 2586 | printf("\n"); |
2604 | } | 2587 | } |
2605 | 2588 | ||
2606 | /* oCipher */ | ||
2607 | if (o->cipher != SSH_CIPHER_NOT_SET) | ||
2608 | printf("Cipher %s\n", cipher_name(o->cipher)); | ||
2609 | |||
2610 | /* oControlPersist */ | 2589 | /* oControlPersist */ |
2611 | if (o->control_persist == 0 || o->control_persist_timeout == 0) | 2590 | if (o->control_persist == 0 || o->control_persist_timeout == 0) |
2612 | dump_cfg_fmtint(oControlPersist, o->control_persist); | 2591 | dump_cfg_fmtint(oControlPersist, o->control_persist); |
diff --git a/readconf.h b/readconf.h index f53864854..c2ffd9ed4 100644 --- a/readconf.h +++ b/readconf.h | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: readconf.h,v 1.119 2017/04/30 23:11:45 djm Exp $ */ | 1 | /* $OpenBSD: readconf.h,v 1.120 2017/04/30 23:15:04 djm Exp $ */ |
2 | 2 | ||
3 | /* | 3 | /* |
4 | * Author: Tatu Ylonen <ylo@cs.hut.fi> | 4 | * Author: Tatu Ylonen <ylo@cs.hut.fi> |
@@ -70,7 +70,6 @@ typedef struct { | |||
70 | * aborting connection attempt */ | 70 | * aborting connection attempt */ |
71 | int number_of_password_prompts; /* Max number of password | 71 | int number_of_password_prompts; /* Max number of password |
72 | * prompts. */ | 72 | * prompts. */ |
73 | int cipher; /* Cipher to use. */ | ||
74 | char *ciphers; /* SSH2 ciphers in order of preference. */ | 73 | char *ciphers; /* SSH2 ciphers in order of preference. */ |
75 | char *macs; /* SSH2 macs in order of preference. */ | 74 | char *macs; /* SSH2 macs in order of preference. */ |
76 | char *hostkeyalgorithms; /* SSH2 server key types in order of preference. */ | 75 | char *hostkeyalgorithms; /* SSH2 server key types in order of preference. */ |
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: ssh.c,v 1.455 2017/04/30 23:13:25 djm Exp $ */ | 1 | /* $OpenBSD: ssh.c,v 1.456 2017/04/30 23:15:04 djm Exp $ */ |
2 | /* | 2 | /* |
3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> | 3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> |
4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland | 4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
@@ -813,27 +813,14 @@ main(int ac, char **av) | |||
813 | } | 813 | } |
814 | break; | 814 | break; |
815 | case 'c': | 815 | case 'c': |
816 | if (ciphers_valid(*optarg == '+' ? | 816 | if (!ciphers_valid(*optarg == '+' ? |
817 | optarg + 1 : optarg)) { | 817 | optarg + 1 : optarg)) { |
818 | /* SSH2 only */ | ||
819 | free(options.ciphers); | ||
820 | options.ciphers = xstrdup(optarg); | ||
821 | options.cipher = SSH_CIPHER_INVALID; | ||
822 | break; | ||
823 | } | ||
824 | /* SSH1 only */ | ||
825 | options.cipher = cipher_number(optarg); | ||
826 | if (options.cipher == -1) { | ||
827 | fprintf(stderr, "Unknown cipher type '%s'\n", | 818 | fprintf(stderr, "Unknown cipher type '%s'\n", |
828 | optarg); | 819 | optarg); |
829 | exit(255); | 820 | exit(255); |
830 | } | 821 | } |
831 | if (options.cipher == SSH_CIPHER_3DES) | 822 | free(options.ciphers); |
832 | options.ciphers = xstrdup("3des-cbc"); | 823 | options.ciphers = xstrdup(optarg); |
833 | else if (options.cipher == SSH_CIPHER_BLOWFISH) | ||
834 | options.ciphers = xstrdup("blowfish-cbc"); | ||
835 | else | ||
836 | options.ciphers = xstrdup(KEX_CLIENT_ENCRYPT); | ||
837 | break; | 824 | break; |
838 | case 'm': | 825 | case 'm': |
839 | if (mac_valid(optarg)) { | 826 | if (mac_valid(optarg)) { |
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: sshkey.c,v 1.46 2017/04/30 23:10:43 djm Exp $ */ | 1 | /* $OpenBSD: sshkey.c,v 1.47 2017/04/30 23:15:04 djm Exp $ */ |
2 | /* | 2 | /* |
3 | * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. | 3 | * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. |
4 | * Copyright (c) 2008 Alexander von Gernler. All rights reserved. | 4 | * Copyright (c) 2008 Alexander von Gernler. All rights reserved. |
@@ -2971,12 +2971,8 @@ sshkey_private_to_blob2(const struct sshkey *prv, struct sshbuf *blob, | |||
2971 | kdfname = "none"; | 2971 | kdfname = "none"; |
2972 | } else if (ciphername == NULL) | 2972 | } else if (ciphername == NULL) |
2973 | ciphername = DEFAULT_CIPHERNAME; | 2973 | ciphername = DEFAULT_CIPHERNAME; |
2974 | else if (cipher_number(ciphername) != SSH_CIPHER_SSH2) { | ||
2975 | r = SSH_ERR_INVALID_ARGUMENT; | ||
2976 | goto out; | ||
2977 | } | ||
2978 | if ((cipher = cipher_by_name(ciphername)) == NULL) { | 2974 | if ((cipher = cipher_by_name(ciphername)) == NULL) { |
2979 | r = SSH_ERR_INTERNAL_ERROR; | 2975 | r = SSH_ERR_INVALID_ARGUMENT; |
2980 | goto out; | 2976 | goto out; |
2981 | } | 2977 | } |
2982 | 2978 | ||