summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--compat.c24
-rw-r--r--kexgexc.c30
-rw-r--r--kexgexs.c49
3 files changed, 38 insertions, 65 deletions
diff --git a/compat.c b/compat.c
index 0934de90f..cea63d268 100644
--- a/compat.c
+++ b/compat.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: compat.c,v 1.89 2015/04/10 05:16:50 dtucker Exp $ */ 1/* $OpenBSD: compat.c,v 1.90 2015/04/13 02:04:08 djm Exp $ */
2/* 2/*
3 * Copyright (c) 1999, 2000, 2001, 2002 Markus Friedl. All rights reserved. 3 * Copyright (c) 1999, 2000, 2001, 2002 Markus Friedl. All rights reserved.
4 * 4 *
@@ -165,6 +165,7 @@ compat_datafellows(const char *version)
165 "OSU_1.5alpha3*", SSH_BUG_PASSWORDPAD }, 165 "OSU_1.5alpha3*", SSH_BUG_PASSWORDPAD },
166 { "*SSH_Version_Mapper*", 166 { "*SSH_Version_Mapper*",
167 SSH_BUG_SCANNER }, 167 SSH_BUG_SCANNER },
168 { "PuTTY*", SSH_OLD_DHGEX },
168 { "Probe-*", 169 { "Probe-*",
169 SSH_BUG_PROBE }, 170 SSH_BUG_PROBE },
170 { "TeraTerm SSH*," 171 { "TeraTerm SSH*,"
@@ -284,15 +285,20 @@ compat_pkalg_proposal(char *pkalg_prop)
284} 285}
285 286
286char * 287char *
287compat_kex_proposal(char *kex_prop) 288compat_kex_proposal(char *p)
288{ 289{
289 if (!(datafellows & SSH_BUG_CURVE25519PAD)) 290 if ((datafellows & (SSH_BUG_CURVE25519PAD|SSH_OLD_DHGEX)) == 0)
290 return kex_prop; 291 return p;
291 debug2("%s: original KEX proposal: %s", __func__, kex_prop); 292 debug2("%s: original KEX proposal: %s", __func__, p);
292 kex_prop = filter_proposal(kex_prop, "curve25519-sha256@libssh.org"); 293 if ((datafellows & SSH_BUG_CURVE25519PAD) != 0)
293 debug2("%s: compat KEX proposal: %s", __func__, kex_prop); 294 p = filter_proposal(p, "curve25519-sha256@libssh.org");
294 if (*kex_prop == '\0') 295 if ((datafellows & SSH_OLD_DHGEX) != 0) {
296 p = filter_proposal(p, "diffie-hellman-group-exchange-sha256");
297 p = filter_proposal(p, "diffie-hellman-group-exchange-sha1");
298 }
299 debug2("%s: compat KEX proposal: %s", __func__, p);
300 if (*p == '\0')
295 fatal("No supported key exchange algorithms found"); 301 fatal("No supported key exchange algorithms found");
296 return kex_prop; 302 return p;
297} 303}
298 304
diff --git a/kexgexc.c b/kexgexc.c
index e8e059a88..3f20491c4 100644
--- a/kexgexc.c
+++ b/kexgexc.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: kexgexc.c,v 1.20 2015/01/26 06:10:03 djm Exp $ */ 1/* $OpenBSD: kexgexc.c,v 1.21 2015/04/13 02:04:08 djm Exp $ */
2/* 2/*
3 * Copyright (c) 2000 Niels Provos. All rights reserved. 3 * Copyright (c) 2000 Niels Provos. All rights reserved.
4 * Copyright (c) 2001 Markus Friedl. All rights reserved. 4 * Copyright (c) 2001 Markus Friedl. All rights reserved.
@@ -65,25 +65,15 @@ kexgex_client(struct ssh *ssh)
65 kex->min = DH_GRP_MIN; 65 kex->min = DH_GRP_MIN;
66 kex->max = DH_GRP_MAX; 66 kex->max = DH_GRP_MAX;
67 kex->nbits = nbits; 67 kex->nbits = nbits;
68 if (ssh->compat & SSH_OLD_DHGEX) { 68 /* New GEX request */
69 /* Old GEX request */ 69 if ((r = sshpkt_start(ssh, SSH2_MSG_KEX_DH_GEX_REQUEST)) != 0 ||
70 if ((r = sshpkt_start(ssh, SSH2_MSG_KEX_DH_GEX_REQUEST_OLD)) 70 (r = sshpkt_put_u32(ssh, kex->min)) != 0 ||
71 != 0 || 71 (r = sshpkt_put_u32(ssh, kex->nbits)) != 0 ||
72 (r = sshpkt_put_u32(ssh, kex->nbits)) != 0 || 72 (r = sshpkt_put_u32(ssh, kex->max)) != 0 ||
73 (r = sshpkt_send(ssh)) != 0) 73 (r = sshpkt_send(ssh)) != 0)
74 goto out; 74 goto out;
75 debug("SSH2_MSG_KEX_DH_GEX_REQUEST_OLD(%u) sent", kex->nbits); 75 debug("SSH2_MSG_KEX_DH_GEX_REQUEST(%u<%u<%u) sent",
76 } else { 76 kex->min, kex->nbits, kex->max);
77 /* New GEX request */
78 if ((r = sshpkt_start(ssh, SSH2_MSG_KEX_DH_GEX_REQUEST)) != 0 ||
79 (r = sshpkt_put_u32(ssh, kex->min)) != 0 ||
80 (r = sshpkt_put_u32(ssh, kex->nbits)) != 0 ||
81 (r = sshpkt_put_u32(ssh, kex->max)) != 0 ||
82 (r = sshpkt_send(ssh)) != 0)
83 goto out;
84 debug("SSH2_MSG_KEX_DH_GEX_REQUEST(%u<%u<%u) sent",
85 kex->min, kex->nbits, kex->max);
86 }
87#ifdef DEBUG_KEXDH 77#ifdef DEBUG_KEXDH
88 fprintf(stderr, "\nmin = %d, nbits = %d, max = %d\n", 78 fprintf(stderr, "\nmin = %d, nbits = %d, max = %d\n",
89 kex->min, kex->nbits, kex->max); 79 kex->min, kex->nbits, kex->max);
diff --git a/kexgexs.c b/kexgexs.c
index 9c281d288..ff6c6879e 100644
--- a/kexgexs.c
+++ b/kexgexs.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: kexgexs.c,v 1.24 2015/01/26 06:10:03 djm Exp $ */ 1/* $OpenBSD: kexgexs.c,v 1.25 2015/04/13 02:04:08 djm Exp $ */
2/* 2/*
3 * Copyright (c) 2000 Niels Provos. All rights reserved. 3 * Copyright (c) 2000 Niels Provos. All rights reserved.
4 * Copyright (c) 2001 Markus Friedl. All rights reserved. 4 * Copyright (c) 2001 Markus Friedl. All rights reserved.
@@ -60,8 +60,6 @@ static int input_kex_dh_gex_init(int, u_int32_t, void *);
60int 60int
61kexgex_server(struct ssh *ssh) 61kexgex_server(struct ssh *ssh)
62{ 62{
63 ssh_dispatch_set(ssh, SSH2_MSG_KEX_DH_GEX_REQUEST_OLD,
64 &input_kex_dh_gex_request);
65 ssh_dispatch_set(ssh, SSH2_MSG_KEX_DH_GEX_REQUEST, 63 ssh_dispatch_set(ssh, SSH2_MSG_KEX_DH_GEX_REQUEST,
66 &input_kex_dh_gex_request); 64 &input_kex_dh_gex_request);
67 debug("expecting SSH2_MSG_KEX_DH_GEX_REQUEST"); 65 debug("expecting SSH2_MSG_KEX_DH_GEX_REQUEST");
@@ -76,36 +74,19 @@ input_kex_dh_gex_request(int type, u_int32_t seq, void *ctxt)
76 int r; 74 int r;
77 u_int min = 0, max = 0, nbits = 0; 75 u_int min = 0, max = 0, nbits = 0;
78 76
79 switch (type) { 77 debug("SSH2_MSG_KEX_DH_GEX_REQUEST received");
80 case SSH2_MSG_KEX_DH_GEX_REQUEST: 78 if ((r = sshpkt_get_u32(ssh, &min)) != 0 ||
81 debug("SSH2_MSG_KEX_DH_GEX_REQUEST received"); 79 (r = sshpkt_get_u32(ssh, &nbits)) != 0 ||
82 if ((r = sshpkt_get_u32(ssh, &min)) != 0 || 80 (r = sshpkt_get_u32(ssh, &max)) != 0 ||
83 (r = sshpkt_get_u32(ssh, &nbits)) != 0 || 81 (r = sshpkt_get_end(ssh)) != 0)
84 (r = sshpkt_get_u32(ssh, &max)) != 0 ||
85 (r = sshpkt_get_end(ssh)) != 0)
86 goto out;
87 kex->nbits = nbits;
88 kex->min = min;
89 kex->max = max;
90 min = MAX(DH_GRP_MIN, min);
91 max = MIN(DH_GRP_MAX, max);
92 nbits = MAX(DH_GRP_MIN, nbits);
93 nbits = MIN(DH_GRP_MAX, nbits);
94 break;
95 case SSH2_MSG_KEX_DH_GEX_REQUEST_OLD:
96 debug("SSH2_MSG_KEX_DH_GEX_REQUEST_OLD received");
97 if ((r = sshpkt_get_u32(ssh, &nbits)) != 0 ||
98 (r = sshpkt_get_end(ssh)) != 0)
99 goto out;
100 kex->nbits = nbits;
101 /* unused for old GEX */
102 kex->min = min = DH_GRP_MIN;
103 kex->max = max = DH_GRP_MAX;
104 break;
105 default:
106 r = SSH_ERR_INVALID_ARGUMENT;
107 goto out; 82 goto out;
108 } 83 kex->nbits = nbits;
84 kex->min = min;
85 kex->max = max;
86 min = MAX(DH_GRP_MIN, min);
87 max = MIN(DH_GRP_MAX, max);
88 nbits = MAX(DH_GRP_MIN, nbits);
89 nbits = MIN(DH_GRP_MAX, nbits);
109 90
110 if (kex->max < kex->min || kex->nbits < kex->min || 91 if (kex->max < kex->min || kex->nbits < kex->min ||
111 kex->max < kex->nbits) { 92 kex->max < kex->nbits) {
@@ -131,10 +112,6 @@ input_kex_dh_gex_request(int type, u_int32_t seq, void *ctxt)
131 if ((r = dh_gen_key(kex->dh, kex->we_need * 8)) != 0) 112 if ((r = dh_gen_key(kex->dh, kex->we_need * 8)) != 0)
132 goto out; 113 goto out;
133 114
134 /* old KEX does not use min/max in kexgex_hash() */
135 if (type == SSH2_MSG_KEX_DH_GEX_REQUEST_OLD)
136 kex->min = kex->max = -1;
137
138 debug("expecting SSH2_MSG_KEX_DH_GEX_INIT"); 115 debug("expecting SSH2_MSG_KEX_DH_GEX_INIT");
139 ssh_dispatch_set(ssh, SSH2_MSG_KEX_DH_GEX_INIT, &input_kex_dh_gex_init); 116 ssh_dispatch_set(ssh, SSH2_MSG_KEX_DH_GEX_INIT, &input_kex_dh_gex_init);
140 r = 0; 117 r = 0;
generated by cgit v1.2.3 (git 2.39.1) at 2024-06-27 18:36:09 +0000