diff options
| author | Ben Lindstrom <mouring@eviladmin.org> | 2001-03-05 06:00:29 +0000 |
|---|---|---|
| committer | Ben Lindstrom <mouring@eviladmin.org> | 2001-03-05 06:00:29 +0000 |
| commit | eb648a749b3fb49c57167877ccc5f0ca8085cfcb (patch) | |
| tree | 739dad5f12adb3ad3b351584d62d372f894e80a4 /ChangeLog | |
| parent | f4c73112d00b970698b42765f925050447acc50a (diff) | |
- markus@cvs.openbsd.org 2001/02/23 18:15:13
[sshd.c]
the random session key depends now on the session_key_int
sent by the 'attacker'
dig1 = md5(cookie|session_key_int);
dig2 = md5(dig1|cookie|session_key_int);
fake_session_key = dig1|dig2;
this change is caused by a mail from anakin@pobox.com
patch based on discussions with my german advisor niels@openbsd.org
Diffstat (limited to 'ChangeLog')
| -rw-r--r-- | ChangeLog | 11 |
1 files changed, 10 insertions, 1 deletions
| @@ -37,6 +37,15 @@ | |||
| 37 | - markus@cvs.openbsd.org 2001/02/23 15:34:53 | 37 | - markus@cvs.openbsd.org 2001/02/23 15:34:53 |
| 38 | [serverloop.c] | 38 | [serverloop.c] |
| 39 | debug2->3 | 39 | debug2->3 |
| 40 | - markus@cvs.openbsd.org 2001/02/23 18:15:13 | ||
| 41 | [sshd.c] | ||
| 42 | the random session key depends now on the session_key_int | ||
| 43 | sent by the 'attacker' | ||
| 44 | dig1 = md5(cookie|session_key_int); | ||
| 45 | dig2 = md5(dig1|cookie|session_key_int); | ||
| 46 | fake_session_key = dig1|dig2; | ||
| 47 | this change is caused by a mail from anakin@pobox.com | ||
| 48 | patch based on discussions with my german advisor niels@openbsd.org | ||
| 40 | 49 | ||
| 41 | 20010304 | 50 | 20010304 |
| 42 | - (bal) Remove make-ssh-known-hosts.1 since it's no longer valid. | 51 | - (bal) Remove make-ssh-known-hosts.1 since it's no longer valid. |
| @@ -4229,4 +4238,4 @@ | |||
| 4229 | - Wrote replacements for strlcpy and mkdtemp | 4238 | - Wrote replacements for strlcpy and mkdtemp |
| 4230 | - Released 1.0pre1 | 4239 | - Released 1.0pre1 |
| 4231 | 4240 | ||
| 4232 | $Id: ChangeLog,v 1.863 2001/03/05 05:58:23 mouring Exp $ | 4241 | $Id: ChangeLog,v 1.864 2001/03/05 06:00:29 mouring Exp $ |