diff options
| -rw-r--r-- | ChangeLog | 11 | ||||
| -rw-r--r-- | cipher.c | 10 | ||||
| -rw-r--r-- | cipher.h | 3 | ||||
| -rw-r--r-- | kex.c | 9 | ||||
| -rw-r--r-- | kex.h | 3 | ||||
| -rw-r--r-- | kexgexc.c | 4 |
6 files changed, 32 insertions, 8 deletions
| @@ -1,3 +1,14 @@ | |||
| 1 | 20130126 | ||
| 2 | - OpenBSD CVS Sync | ||
| 3 | - dtucker@cvs.openbsd.org 2014/01/25 10:12:50 | ||
| 4 | [cipher.c cipher.h kex.c kex.h kexgexc.c] | ||
| 5 | Add a special case for the DH group size for 3des-cbc, which has an | ||
| 6 | effective strength much lower than the key size. This causes problems | ||
| 7 | with some cryptlib implementations, which don't support group sizes larger | ||
| 8 | than 4k but also don't use the largest group size it does support as | ||
| 9 | specified in the RFC. Based on a patch from Petr Lautrbach at Redhat, | ||
| 10 | reduced by me with input from Markus. ok djm@ markus@ | ||
| 11 | |||
| 1 | 20130125 | 12 | 20130125 |
| 2 | - (djm) [configure.ac] Fix detection of capsicum sandbox on FreeBSD | 13 | - (djm) [configure.ac] Fix detection of capsicum sandbox on FreeBSD |
| 3 | - (djm) [configure.ac] Do not attempt to use capsicum sandbox unless | 14 | - (djm) [configure.ac] Do not attempt to use capsicum sandbox unless |
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: cipher.c,v 1.93 2013/12/06 13:34:54 markus Exp $ */ | 1 | /* $OpenBSD: cipher.c,v 1.94 2014/01/25 10:12:50 dtucker Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> | 3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> |
| 4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland | 4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
| @@ -142,6 +142,14 @@ cipher_keylen(const Cipher *c) | |||
| 142 | } | 142 | } |
| 143 | 143 | ||
| 144 | u_int | 144 | u_int |
| 145 | cipher_seclen(const Cipher *c) | ||
| 146 | { | ||
| 147 | if (strcmp("3des-cbc", c->name) == 0) | ||
| 148 | return 14; | ||
| 149 | return cipher_keylen(c); | ||
| 150 | } | ||
| 151 | |||
| 152 | u_int | ||
| 145 | cipher_authlen(const Cipher *c) | 153 | cipher_authlen(const Cipher *c) |
| 146 | { | 154 | { |
| 147 | return (c->auth_len); | 155 | return (c->auth_len); |
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: cipher.h,v 1.43 2013/12/06 13:34:54 markus Exp $ */ | 1 | /* $OpenBSD: cipher.h,v 1.44 2014/01/25 10:12:50 dtucker Exp $ */ |
| 2 | 2 | ||
| 3 | /* | 3 | /* |
| 4 | * Author: Tatu Ylonen <ylo@cs.hut.fi> | 4 | * Author: Tatu Ylonen <ylo@cs.hut.fi> |
| @@ -89,6 +89,7 @@ void cipher_cleanup(CipherContext *); | |||
| 89 | void cipher_set_key_string(CipherContext *, const Cipher *, const char *, int); | 89 | void cipher_set_key_string(CipherContext *, const Cipher *, const char *, int); |
| 90 | u_int cipher_blocksize(const Cipher *); | 90 | u_int cipher_blocksize(const Cipher *); |
| 91 | u_int cipher_keylen(const Cipher *); | 91 | u_int cipher_keylen(const Cipher *); |
| 92 | u_int cipher_seclen(const Cipher *); | ||
| 92 | u_int cipher_authlen(const Cipher *); | 93 | u_int cipher_authlen(const Cipher *); |
| 93 | u_int cipher_ivlen(const Cipher *); | 94 | u_int cipher_ivlen(const Cipher *); |
| 94 | u_int cipher_is_cbc(const Cipher *); | 95 | u_int cipher_is_cbc(const Cipher *); |
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: kex.c,v 1.95 2014/01/12 08:13:13 djm Exp $ */ | 1 | /* $OpenBSD: kex.c,v 1.96 2014/01/25 10:12:50 dtucker Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. | 3 | * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. |
| 4 | * | 4 | * |
| @@ -458,7 +458,7 @@ kex_choose_conf(Kex *kex) | |||
| 458 | char **my, **peer; | 458 | char **my, **peer; |
| 459 | char **cprop, **sprop; | 459 | char **cprop, **sprop; |
| 460 | int nenc, nmac, ncomp; | 460 | int nenc, nmac, ncomp; |
| 461 | u_int mode, ctos, need, authlen; | 461 | u_int mode, ctos, need, dh_need, authlen; |
| 462 | int first_kex_follows, type; | 462 | int first_kex_follows, type; |
| 463 | 463 | ||
| 464 | my = kex_buf2prop(&kex->my, NULL); | 464 | my = kex_buf2prop(&kex->my, NULL); |
| @@ -506,7 +506,7 @@ kex_choose_conf(Kex *kex) | |||
| 506 | choose_kex(kex, cprop[PROPOSAL_KEX_ALGS], sprop[PROPOSAL_KEX_ALGS]); | 506 | choose_kex(kex, cprop[PROPOSAL_KEX_ALGS], sprop[PROPOSAL_KEX_ALGS]); |
| 507 | choose_hostkeyalg(kex, cprop[PROPOSAL_SERVER_HOST_KEY_ALGS], | 507 | choose_hostkeyalg(kex, cprop[PROPOSAL_SERVER_HOST_KEY_ALGS], |
| 508 | sprop[PROPOSAL_SERVER_HOST_KEY_ALGS]); | 508 | sprop[PROPOSAL_SERVER_HOST_KEY_ALGS]); |
| 509 | need = 0; | 509 | need = dh_need = 0; |
| 510 | for (mode = 0; mode < MODE_MAX; mode++) { | 510 | for (mode = 0; mode < MODE_MAX; mode++) { |
| 511 | newkeys = kex->newkeys[mode]; | 511 | newkeys = kex->newkeys[mode]; |
| 512 | if (need < newkeys->enc.key_len) | 512 | if (need < newkeys->enc.key_len) |
| @@ -517,9 +517,12 @@ kex_choose_conf(Kex *kex) | |||
| 517 | need = newkeys->enc.iv_len; | 517 | need = newkeys->enc.iv_len; |
| 518 | if (need < newkeys->mac.key_len) | 518 | if (need < newkeys->mac.key_len) |
| 519 | need = newkeys->mac.key_len; | 519 | need = newkeys->mac.key_len; |
| 520 | if (dh_need < cipher_seclen(newkeys->enc.cipher)) | ||
| 521 | dh_need = cipher_seclen(newkeys->enc.cipher); | ||
| 520 | } | 522 | } |
| 521 | /* XXX need runden? */ | 523 | /* XXX need runden? */ |
| 522 | kex->we_need = need; | 524 | kex->we_need = need; |
| 525 | kex->dh_need = dh_need; | ||
| 523 | 526 | ||
| 524 | /* ignore the next message if the proposals do not match */ | 527 | /* ignore the next message if the proposals do not match */ |
| 525 | if (first_kex_follows && !proposals_match(my, peer) && | 528 | if (first_kex_follows && !proposals_match(my, peer) && |
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: kex.h,v 1.60 2014/01/12 08:13:13 djm Exp $ */ | 1 | /* $OpenBSD: kex.h,v 1.61 2014/01/25 10:12:50 dtucker Exp $ */ |
| 2 | 2 | ||
| 3 | /* | 3 | /* |
| 4 | * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. | 4 | * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. |
| @@ -124,6 +124,7 @@ struct Kex { | |||
| 124 | u_int session_id_len; | 124 | u_int session_id_len; |
| 125 | Newkeys *newkeys[MODE_MAX]; | 125 | Newkeys *newkeys[MODE_MAX]; |
| 126 | u_int we_need; | 126 | u_int we_need; |
| 127 | u_int dh_need; | ||
| 127 | int server; | 128 | int server; |
| 128 | char *name; | 129 | char *name; |
| 129 | int hostkey_type; | 130 | int hostkey_type; |
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: kexgexc.c,v 1.15 2014/01/12 08:13:13 djm Exp $ */ | 1 | /* $OpenBSD: kexgexc.c,v 1.16 2014/01/25 10:12:50 dtucker Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * Copyright (c) 2000 Niels Provos. All rights reserved. | 3 | * Copyright (c) 2000 Niels Provos. All rights reserved. |
| 4 | * Copyright (c) 2001 Markus Friedl. All rights reserved. | 4 | * Copyright (c) 2001 Markus Friedl. All rights reserved. |
| @@ -58,7 +58,7 @@ kexgex_client(Kex *kex) | |||
| 58 | int min, max, nbits; | 58 | int min, max, nbits; |
| 59 | DH *dh; | 59 | DH *dh; |
| 60 | 60 | ||
| 61 | nbits = dh_estimate(kex->we_need * 8); | 61 | nbits = dh_estimate(kex->dh_need * 8); |
| 62 | 62 | ||
| 63 | if (datafellows & SSH_OLD_DHGEX) { | 63 | if (datafellows & SSH_OLD_DHGEX) { |
| 64 | /* Old GEX request */ | 64 | /* Old GEX request */ |