diff options
-rw-r--r-- | ChangeLog | 11 | ||||
-rw-r--r-- | cipher.c | 10 | ||||
-rw-r--r-- | cipher.h | 3 | ||||
-rw-r--r-- | kex.c | 9 | ||||
-rw-r--r-- | kex.h | 3 | ||||
-rw-r--r-- | kexgexc.c | 4 |
6 files changed, 32 insertions, 8 deletions
@@ -1,3 +1,14 @@ | |||
1 | 20130126 | ||
2 | - OpenBSD CVS Sync | ||
3 | - dtucker@cvs.openbsd.org 2014/01/25 10:12:50 | ||
4 | [cipher.c cipher.h kex.c kex.h kexgexc.c] | ||
5 | Add a special case for the DH group size for 3des-cbc, which has an | ||
6 | effective strength much lower than the key size. This causes problems | ||
7 | with some cryptlib implementations, which don't support group sizes larger | ||
8 | than 4k but also don't use the largest group size it does support as | ||
9 | specified in the RFC. Based on a patch from Petr Lautrbach at Redhat, | ||
10 | reduced by me with input from Markus. ok djm@ markus@ | ||
11 | |||
1 | 20130125 | 12 | 20130125 |
2 | - (djm) [configure.ac] Fix detection of capsicum sandbox on FreeBSD | 13 | - (djm) [configure.ac] Fix detection of capsicum sandbox on FreeBSD |
3 | - (djm) [configure.ac] Do not attempt to use capsicum sandbox unless | 14 | - (djm) [configure.ac] Do not attempt to use capsicum sandbox unless |
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: cipher.c,v 1.93 2013/12/06 13:34:54 markus Exp $ */ | 1 | /* $OpenBSD: cipher.c,v 1.94 2014/01/25 10:12:50 dtucker Exp $ */ |
2 | /* | 2 | /* |
3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> | 3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> |
4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland | 4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
@@ -142,6 +142,14 @@ cipher_keylen(const Cipher *c) | |||
142 | } | 142 | } |
143 | 143 | ||
144 | u_int | 144 | u_int |
145 | cipher_seclen(const Cipher *c) | ||
146 | { | ||
147 | if (strcmp("3des-cbc", c->name) == 0) | ||
148 | return 14; | ||
149 | return cipher_keylen(c); | ||
150 | } | ||
151 | |||
152 | u_int | ||
145 | cipher_authlen(const Cipher *c) | 153 | cipher_authlen(const Cipher *c) |
146 | { | 154 | { |
147 | return (c->auth_len); | 155 | return (c->auth_len); |
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: cipher.h,v 1.43 2013/12/06 13:34:54 markus Exp $ */ | 1 | /* $OpenBSD: cipher.h,v 1.44 2014/01/25 10:12:50 dtucker Exp $ */ |
2 | 2 | ||
3 | /* | 3 | /* |
4 | * Author: Tatu Ylonen <ylo@cs.hut.fi> | 4 | * Author: Tatu Ylonen <ylo@cs.hut.fi> |
@@ -89,6 +89,7 @@ void cipher_cleanup(CipherContext *); | |||
89 | void cipher_set_key_string(CipherContext *, const Cipher *, const char *, int); | 89 | void cipher_set_key_string(CipherContext *, const Cipher *, const char *, int); |
90 | u_int cipher_blocksize(const Cipher *); | 90 | u_int cipher_blocksize(const Cipher *); |
91 | u_int cipher_keylen(const Cipher *); | 91 | u_int cipher_keylen(const Cipher *); |
92 | u_int cipher_seclen(const Cipher *); | ||
92 | u_int cipher_authlen(const Cipher *); | 93 | u_int cipher_authlen(const Cipher *); |
93 | u_int cipher_ivlen(const Cipher *); | 94 | u_int cipher_ivlen(const Cipher *); |
94 | u_int cipher_is_cbc(const Cipher *); | 95 | u_int cipher_is_cbc(const Cipher *); |
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: kex.c,v 1.95 2014/01/12 08:13:13 djm Exp $ */ | 1 | /* $OpenBSD: kex.c,v 1.96 2014/01/25 10:12:50 dtucker Exp $ */ |
2 | /* | 2 | /* |
3 | * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. | 3 | * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. |
4 | * | 4 | * |
@@ -458,7 +458,7 @@ kex_choose_conf(Kex *kex) | |||
458 | char **my, **peer; | 458 | char **my, **peer; |
459 | char **cprop, **sprop; | 459 | char **cprop, **sprop; |
460 | int nenc, nmac, ncomp; | 460 | int nenc, nmac, ncomp; |
461 | u_int mode, ctos, need, authlen; | 461 | u_int mode, ctos, need, dh_need, authlen; |
462 | int first_kex_follows, type; | 462 | int first_kex_follows, type; |
463 | 463 | ||
464 | my = kex_buf2prop(&kex->my, NULL); | 464 | my = kex_buf2prop(&kex->my, NULL); |
@@ -506,7 +506,7 @@ kex_choose_conf(Kex *kex) | |||
506 | choose_kex(kex, cprop[PROPOSAL_KEX_ALGS], sprop[PROPOSAL_KEX_ALGS]); | 506 | choose_kex(kex, cprop[PROPOSAL_KEX_ALGS], sprop[PROPOSAL_KEX_ALGS]); |
507 | choose_hostkeyalg(kex, cprop[PROPOSAL_SERVER_HOST_KEY_ALGS], | 507 | choose_hostkeyalg(kex, cprop[PROPOSAL_SERVER_HOST_KEY_ALGS], |
508 | sprop[PROPOSAL_SERVER_HOST_KEY_ALGS]); | 508 | sprop[PROPOSAL_SERVER_HOST_KEY_ALGS]); |
509 | need = 0; | 509 | need = dh_need = 0; |
510 | for (mode = 0; mode < MODE_MAX; mode++) { | 510 | for (mode = 0; mode < MODE_MAX; mode++) { |
511 | newkeys = kex->newkeys[mode]; | 511 | newkeys = kex->newkeys[mode]; |
512 | if (need < newkeys->enc.key_len) | 512 | if (need < newkeys->enc.key_len) |
@@ -517,9 +517,12 @@ kex_choose_conf(Kex *kex) | |||
517 | need = newkeys->enc.iv_len; | 517 | need = newkeys->enc.iv_len; |
518 | if (need < newkeys->mac.key_len) | 518 | if (need < newkeys->mac.key_len) |
519 | need = newkeys->mac.key_len; | 519 | need = newkeys->mac.key_len; |
520 | if (dh_need < cipher_seclen(newkeys->enc.cipher)) | ||
521 | dh_need = cipher_seclen(newkeys->enc.cipher); | ||
520 | } | 522 | } |
521 | /* XXX need runden? */ | 523 | /* XXX need runden? */ |
522 | kex->we_need = need; | 524 | kex->we_need = need; |
525 | kex->dh_need = dh_need; | ||
523 | 526 | ||
524 | /* ignore the next message if the proposals do not match */ | 527 | /* ignore the next message if the proposals do not match */ |
525 | if (first_kex_follows && !proposals_match(my, peer) && | 528 | if (first_kex_follows && !proposals_match(my, peer) && |
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: kex.h,v 1.60 2014/01/12 08:13:13 djm Exp $ */ | 1 | /* $OpenBSD: kex.h,v 1.61 2014/01/25 10:12:50 dtucker Exp $ */ |
2 | 2 | ||
3 | /* | 3 | /* |
4 | * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. | 4 | * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. |
@@ -124,6 +124,7 @@ struct Kex { | |||
124 | u_int session_id_len; | 124 | u_int session_id_len; |
125 | Newkeys *newkeys[MODE_MAX]; | 125 | Newkeys *newkeys[MODE_MAX]; |
126 | u_int we_need; | 126 | u_int we_need; |
127 | u_int dh_need; | ||
127 | int server; | 128 | int server; |
128 | char *name; | 129 | char *name; |
129 | int hostkey_type; | 130 | int hostkey_type; |
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: kexgexc.c,v 1.15 2014/01/12 08:13:13 djm Exp $ */ | 1 | /* $OpenBSD: kexgexc.c,v 1.16 2014/01/25 10:12:50 dtucker Exp $ */ |
2 | /* | 2 | /* |
3 | * Copyright (c) 2000 Niels Provos. All rights reserved. | 3 | * Copyright (c) 2000 Niels Provos. All rights reserved. |
4 | * Copyright (c) 2001 Markus Friedl. All rights reserved. | 4 | * Copyright (c) 2001 Markus Friedl. All rights reserved. |
@@ -58,7 +58,7 @@ kexgex_client(Kex *kex) | |||
58 | int min, max, nbits; | 58 | int min, max, nbits; |
59 | DH *dh; | 59 | DH *dh; |
60 | 60 | ||
61 | nbits = dh_estimate(kex->we_need * 8); | 61 | nbits = dh_estimate(kex->dh_need * 8); |
62 | 62 | ||
63 | if (datafellows & SSH_OLD_DHGEX) { | 63 | if (datafellows & SSH_OLD_DHGEX) { |
64 | /* Old GEX request */ | 64 | /* Old GEX request */ |