diff options
author | Damien Miller <djm@mindrot.org> | 2014-04-20 13:25:30 +1000 |
---|---|---|
committer | Damien Miller <djm@mindrot.org> | 2014-04-20 13:25:30 +1000 |
commit | 9395b28223334826837c15e8c1bb4dfb3b0d2ca5 (patch) | |
tree | eea6ad14b14f5fe4f3eb0b791a76f73b706635dc /compat.h | |
parent | 8c492da58f8ceb85cf5f7066f23e26fb813a963d (diff) |
- djm@cvs.openbsd.org 2014/04/18 23:52:25
[compat.c compat.h sshconnect2.c sshd.c version.h]
OpenSSH 6.5 and 6.6 have a bug that causes ~0.2% of connections
using the curve25519-sha256@libssh.org KEX exchange method to fail
when connecting with something that implements the spec properly.
Disable this KEX method when speaking to one of the affected
versions.
reported by Aris Adamantiadis; ok markus@
Diffstat (limited to 'compat.h')
-rw-r--r-- | compat.h | 4 |
1 files changed, 3 insertions, 1 deletions
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: compat.h,v 1.44 2013/12/30 23:52:27 djm Exp $ */ | 1 | /* $OpenBSD: compat.h,v 1.45 2014/04/18 23:52:25 djm Exp $ */ |
2 | 2 | ||
3 | /* | 3 | /* |
4 | * Copyright (c) 1999, 2000, 2001 Markus Friedl. All rights reserved. | 4 | * Copyright (c) 1999, 2000, 2001 Markus Friedl. All rights reserved. |
@@ -59,6 +59,7 @@ | |||
59 | #define SSH_BUG_RFWD_ADDR 0x02000000 | 59 | #define SSH_BUG_RFWD_ADDR 0x02000000 |
60 | #define SSH_NEW_OPENSSH 0x04000000 | 60 | #define SSH_NEW_OPENSSH 0x04000000 |
61 | #define SSH_BUG_DYNAMIC_RPORT 0x08000000 | 61 | #define SSH_BUG_DYNAMIC_RPORT 0x08000000 |
62 | #define SSH_BUG_CURVE25519PAD 0x10000000 | ||
62 | 63 | ||
63 | void enable_compat13(void); | 64 | void enable_compat13(void); |
64 | void enable_compat20(void); | 65 | void enable_compat20(void); |
@@ -66,6 +67,7 @@ void compat_datafellows(const char *); | |||
66 | int proto_spec(const char *); | 67 | int proto_spec(const char *); |
67 | char *compat_cipher_proposal(char *); | 68 | char *compat_cipher_proposal(char *); |
68 | char *compat_pkalg_proposal(char *); | 69 | char *compat_pkalg_proposal(char *); |
70 | char *compat_kex_proposal(char *); | ||
69 | 71 | ||
70 | extern int compat13; | 72 | extern int compat13; |
71 | extern int compat20; | 73 | extern int compat20; |