diff options
| -rw-r--r-- | ChangeLog | 6 | ||||
| -rw-r--r-- | compat.c | 22 | ||||
| -rw-r--r-- | compat.h | 3 | ||||
| -rw-r--r-- | kex.c | 5 |
4 files changed, 23 insertions, 13 deletions
| @@ -24,6 +24,10 @@ | |||
| 24 | [clientloop.c monitor.c monitor_wrap.c packet.c packet.h readconf.c] | 24 | [clientloop.c monitor.c monitor_wrap.c packet.c packet.h readconf.c] |
| 25 | [readconf.h serverloop.c sshconnect2.c] | 25 | [readconf.h serverloop.c sshconnect2.c] |
| 26 | backout rekeying changes (for 3.6.1) | 26 | backout rekeying changes (for 3.6.1) |
| 27 | - markus@cvs.openbsd.org 2003/04/01 10:31:26 | ||
| 28 | [compat.c compat.h kex.c] | ||
| 29 | bugfix causes stalled connections for ssh.com < 3.0; noticed by ho@; | ||
| 30 | tested by ho@ and myself | ||
| 27 | 31 | ||
| 28 | 20030326 | 32 | 20030326 |
| 29 | - (djm) OpenBSD CVS Sync | 33 | - (djm) OpenBSD CVS Sync |
| @@ -1286,4 +1290,4 @@ | |||
| 1286 | save auth method before monitor_reset_key_state(); bugzilla bug #284; | 1290 | save auth method before monitor_reset_key_state(); bugzilla bug #284; |
| 1287 | ok provos@ | 1291 | ok provos@ |
| 1288 | 1292 | ||
| 1289 | $Id: ChangeLog,v 1.2644 2003/04/01 11:43:39 djm Exp $ | 1293 | $Id: ChangeLog,v 1.2645 2003/04/01 11:44:37 djm Exp $ |
| @@ -23,7 +23,7 @@ | |||
| 23 | */ | 23 | */ |
| 24 | 24 | ||
| 25 | #include "includes.h" | 25 | #include "includes.h" |
| 26 | RCSID("$OpenBSD: compat.c,v 1.65 2002/09/27 10:42:09 mickey Exp $"); | 26 | RCSID("$OpenBSD: compat.c,v 1.66 2003/04/01 10:31:26 markus Exp $"); |
| 27 | 27 | ||
| 28 | #include "buffer.h" | 28 | #include "buffer.h" |
| 29 | #include "packet.h" | 29 | #include "packet.h" |
| @@ -85,10 +85,12 @@ compat_datafellows(const char *version) | |||
| 85 | { "*MindTerm*", 0 }, | 85 | { "*MindTerm*", 0 }, |
| 86 | { "2.1.0*", SSH_BUG_SIGBLOB|SSH_BUG_HMAC| | 86 | { "2.1.0*", SSH_BUG_SIGBLOB|SSH_BUG_HMAC| |
| 87 | SSH_OLD_SESSIONID|SSH_BUG_DEBUG| | 87 | SSH_OLD_SESSIONID|SSH_BUG_DEBUG| |
| 88 | SSH_BUG_RSASIGMD5|SSH_BUG_HBSERVICE }, | 88 | SSH_BUG_RSASIGMD5|SSH_BUG_HBSERVICE| |
| 89 | SSH_BUG_FIRSTKEX }, | ||
| 89 | { "2.1 *", SSH_BUG_SIGBLOB|SSH_BUG_HMAC| | 90 | { "2.1 *", SSH_BUG_SIGBLOB|SSH_BUG_HMAC| |
| 90 | SSH_OLD_SESSIONID|SSH_BUG_DEBUG| | 91 | SSH_OLD_SESSIONID|SSH_BUG_DEBUG| |
| 91 | SSH_BUG_RSASIGMD5|SSH_BUG_HBSERVICE }, | 92 | SSH_BUG_RSASIGMD5|SSH_BUG_HBSERVICE| |
| 93 | SSH_BUG_FIRSTKEX }, | ||
| 92 | { "2.0.13*," | 94 | { "2.0.13*," |
| 93 | "2.0.14*," | 95 | "2.0.14*," |
| 94 | "2.0.15*," | 96 | "2.0.15*," |
| @@ -100,26 +102,28 @@ compat_datafellows(const char *version) | |||
| 100 | SSH_BUG_PKSERVICE|SSH_BUG_X11FWD| | 102 | SSH_BUG_PKSERVICE|SSH_BUG_X11FWD| |
| 101 | SSH_BUG_PKOK|SSH_BUG_RSASIGMD5| | 103 | SSH_BUG_PKOK|SSH_BUG_RSASIGMD5| |
| 102 | SSH_BUG_HBSERVICE|SSH_BUG_OPENFAILURE| | 104 | SSH_BUG_HBSERVICE|SSH_BUG_OPENFAILURE| |
| 103 | SSH_BUG_DUMMYCHAN }, | 105 | SSH_BUG_DUMMYCHAN|SSH_BUG_FIRSTKEX }, |
| 104 | { "2.0.11*," | 106 | { "2.0.11*," |
| 105 | "2.0.12*", SSH_BUG_SIGBLOB|SSH_BUG_HMAC| | 107 | "2.0.12*", SSH_BUG_SIGBLOB|SSH_BUG_HMAC| |
| 106 | SSH_OLD_SESSIONID|SSH_BUG_DEBUG| | 108 | SSH_OLD_SESSIONID|SSH_BUG_DEBUG| |
| 107 | SSH_BUG_PKSERVICE|SSH_BUG_X11FWD| | 109 | SSH_BUG_PKSERVICE|SSH_BUG_X11FWD| |
| 108 | SSH_BUG_PKAUTH|SSH_BUG_PKOK| | 110 | SSH_BUG_PKAUTH|SSH_BUG_PKOK| |
| 109 | SSH_BUG_RSASIGMD5|SSH_BUG_OPENFAILURE| | 111 | SSH_BUG_RSASIGMD5|SSH_BUG_OPENFAILURE| |
| 110 | SSH_BUG_DUMMYCHAN }, | 112 | SSH_BUG_DUMMYCHAN|SSH_BUG_FIRSTKEX }, |
| 111 | { "2.0.*", SSH_BUG_SIGBLOB|SSH_BUG_HMAC| | 113 | { "2.0.*", SSH_BUG_SIGBLOB|SSH_BUG_HMAC| |
| 112 | SSH_OLD_SESSIONID|SSH_BUG_DEBUG| | 114 | SSH_OLD_SESSIONID|SSH_BUG_DEBUG| |
| 113 | SSH_BUG_PKSERVICE|SSH_BUG_X11FWD| | 115 | SSH_BUG_PKSERVICE|SSH_BUG_X11FWD| |
| 114 | SSH_BUG_PKAUTH|SSH_BUG_PKOK| | 116 | SSH_BUG_PKAUTH|SSH_BUG_PKOK| |
| 115 | SSH_BUG_RSASIGMD5|SSH_BUG_OPENFAILURE| | 117 | SSH_BUG_RSASIGMD5|SSH_BUG_OPENFAILURE| |
| 116 | SSH_BUG_DERIVEKEY|SSH_BUG_DUMMYCHAN }, | 118 | SSH_BUG_DERIVEKEY|SSH_BUG_DUMMYCHAN| |
| 119 | SSH_BUG_FIRSTKEX }, | ||
| 117 | { "2.2.0*," | 120 | { "2.2.0*," |
| 118 | "2.3.0*", SSH_BUG_HMAC|SSH_BUG_DEBUG| | 121 | "2.3.0*", SSH_BUG_HMAC|SSH_BUG_DEBUG| |
| 119 | SSH_BUG_RSASIGMD5 }, | 122 | SSH_BUG_RSASIGMD5|SSH_BUG_FIRSTKEX }, |
| 120 | { "2.3.*", SSH_BUG_DEBUG|SSH_BUG_RSASIGMD5 }, | 123 | { "2.3.*", SSH_BUG_DEBUG|SSH_BUG_RSASIGMD5| |
| 124 | SSH_BUG_FIRSTKEX }, | ||
| 121 | { "2.4", SSH_OLD_SESSIONID }, /* Van Dyke */ | 125 | { "2.4", SSH_OLD_SESSIONID }, /* Van Dyke */ |
| 122 | { "2.*", SSH_BUG_DEBUG }, | 126 | { "2.*", SSH_BUG_DEBUG|SSH_BUG_FIRSTKEX }, |
| 123 | { "3.0.*", SSH_BUG_DEBUG }, | 127 | { "3.0.*", SSH_BUG_DEBUG }, |
| 124 | { "3.0 SecureCRT*", SSH_OLD_SESSIONID }, | 128 | { "3.0 SecureCRT*", SSH_OLD_SESSIONID }, |
| 125 | { "1.7 SecureFX*", SSH_OLD_SESSIONID }, | 129 | { "1.7 SecureFX*", SSH_OLD_SESSIONID }, |
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: compat.h,v 1.33 2002/09/27 10:42:09 mickey Exp $ */ | 1 | /* $OpenBSD: compat.h,v 1.34 2003/04/01 10:31:26 markus Exp $ */ |
| 2 | 2 | ||
| 3 | /* | 3 | /* |
| 4 | * Copyright (c) 1999, 2000, 2001 Markus Friedl. All rights reserved. | 4 | * Copyright (c) 1999, 2000, 2001 Markus Friedl. All rights reserved. |
| @@ -55,6 +55,7 @@ | |||
| 55 | #define SSH_BUG_EXTEOF 0x00200000 | 55 | #define SSH_BUG_EXTEOF 0x00200000 |
| 56 | #define SSH_BUG_K5USER 0x00400000 | 56 | #define SSH_BUG_K5USER 0x00400000 |
| 57 | #define SSH_BUG_PROBE 0x00800000 | 57 | #define SSH_BUG_PROBE 0x00800000 |
| 58 | #define SSH_BUG_FIRSTKEX 0x01000000 | ||
| 58 | 59 | ||
| 59 | void enable_compat13(void); | 60 | void enable_compat13(void); |
| 60 | void enable_compat20(void); | 61 | void enable_compat20(void); |
| @@ -23,7 +23,7 @@ | |||
| 23 | */ | 23 | */ |
| 24 | 24 | ||
| 25 | #include "includes.h" | 25 | #include "includes.h" |
| 26 | RCSID("$OpenBSD: kex.c,v 1.54 2003/02/16 17:09:57 markus Exp $"); | 26 | RCSID("$OpenBSD: kex.c,v 1.55 2003/04/01 10:31:26 markus Exp $"); |
| 27 | 27 | ||
| 28 | #include <openssl/crypto.h> | 28 | #include <openssl/crypto.h> |
| 29 | 29 | ||
| @@ -392,7 +392,8 @@ kex_choose_conf(Kex *kex) | |||
| 392 | kex->we_need = need; | 392 | kex->we_need = need; |
| 393 | 393 | ||
| 394 | /* ignore the next message if the proposals do not match */ | 394 | /* ignore the next message if the proposals do not match */ |
| 395 | if (first_kex_follows && !proposals_match(my, peer)) { | 395 | if (first_kex_follows && !proposals_match(my, peer) && |
| 396 | !(datafellows & SSH_BUG_FIRSTKEX)) { | ||
| 396 | type = packet_read(); | 397 | type = packet_read(); |
| 397 | debug2("skipping next packet (type %u)", type); | 398 | debug2("skipping next packet (type %u)", type); |
| 398 | } | 399 | } |