diff options
-rw-r--r-- | dh.c | 83 | ||||
-rw-r--r-- | dh.h | 4 | ||||
-rw-r--r-- | kex.c | 7 | ||||
-rw-r--r-- | kex.h | 12 | ||||
-rw-r--r-- | kexdh.c | 9 | ||||
-rw-r--r-- | kexdhc.c | 10 | ||||
-rw-r--r-- | kexdhs.c | 10 | ||||
-rw-r--r-- | monitor.c | 5 | ||||
-rw-r--r-- | myproposal.h | 15 | ||||
-rw-r--r-- | ssh-keyscan.c | 5 | ||||
-rw-r--r-- | ssh_api.c | 8 | ||||
-rw-r--r-- | sshconnect2.c | 5 | ||||
-rw-r--r-- | sshd.c | 5 |
13 files changed, 146 insertions, 32 deletions
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: dh.c,v 1.59 2016/03/31 05:24:06 dtucker Exp $ */ | 1 | /* $OpenBSD: dh.c,v 1.60 2016/05/02 10:26:04 djm Exp $ */ |
2 | /* | 2 | /* |
3 | * Copyright (c) 2000 Niels Provos. All rights reserved. | 3 | * Copyright (c) 2000 Niels Provos. All rights reserved. |
4 | * | 4 | * |
@@ -314,6 +314,7 @@ dh_new_group(BIGNUM *gen, BIGNUM *modulus) | |||
314 | return (dh); | 314 | return (dh); |
315 | } | 315 | } |
316 | 316 | ||
317 | /* rfc2409 "Second Oakley Group" (1024 bits) */ | ||
317 | DH * | 318 | DH * |
318 | dh_new_group1(void) | 319 | dh_new_group1(void) |
319 | { | 320 | { |
@@ -328,6 +329,7 @@ dh_new_group1(void) | |||
328 | return (dh_new_group_asc(gen, group1)); | 329 | return (dh_new_group_asc(gen, group1)); |
329 | } | 330 | } |
330 | 331 | ||
332 | /* rfc3526 group 14 "2048-bit MODP Group" */ | ||
331 | DH * | 333 | DH * |
332 | dh_new_group14(void) | 334 | dh_new_group14(void) |
333 | { | 335 | { |
@@ -347,12 +349,9 @@ dh_new_group14(void) | |||
347 | return (dh_new_group_asc(gen, group14)); | 349 | return (dh_new_group_asc(gen, group14)); |
348 | } | 350 | } |
349 | 351 | ||
350 | /* | 352 | /* rfc3526 group 16 "4096-bit MODP Group" */ |
351 | * 4k bit fallback group used by DH-GEX if moduli file cannot be read. | ||
352 | * Source: MODP group 16 from RFC3526. | ||
353 | */ | ||
354 | DH * | 353 | DH * |
355 | dh_new_group_fallback(int max) | 354 | dh_new_group16(void) |
356 | { | 355 | { |
357 | static char *gen = "2", *group16 = | 356 | static char *gen = "2", *group16 = |
358 | "FFFFFFFF" "FFFFFFFF" "C90FDAA2" "2168C234" "C4C6628B" "80DC1CD1" | 357 | "FFFFFFFF" "FFFFFFFF" "C90FDAA2" "2168C234" "C4C6628B" "80DC1CD1" |
@@ -378,12 +377,75 @@ dh_new_group_fallback(int max) | |||
378 | "93B4EA98" "8D8FDDC1" "86FFB7DC" "90A6C08F" "4DF435C9" "34063199" | 377 | "93B4EA98" "8D8FDDC1" "86FFB7DC" "90A6C08F" "4DF435C9" "34063199" |
379 | "FFFFFFFF" "FFFFFFFF"; | 378 | "FFFFFFFF" "FFFFFFFF"; |
380 | 379 | ||
381 | if (max < 4096) { | 380 | return (dh_new_group_asc(gen, group16)); |
382 | debug3("requested max size %d, using 2k bit group 14", max); | 381 | } |
382 | |||
383 | /* rfc3526 group 18 "8192-bit MODP Group" */ | ||
384 | DH * | ||
385 | dh_new_group18(void) | ||
386 | { | ||
387 | static char *gen = "2", *group16 = | ||
388 | "FFFFFFFF" "FFFFFFFF" "C90FDAA2" "2168C234" "C4C6628B" "80DC1CD1" | ||
389 | "29024E08" "8A67CC74" "020BBEA6" "3B139B22" "514A0879" "8E3404DD" | ||
390 | "EF9519B3" "CD3A431B" "302B0A6D" "F25F1437" "4FE1356D" "6D51C245" | ||
391 | "E485B576" "625E7EC6" "F44C42E9" "A637ED6B" "0BFF5CB6" "F406B7ED" | ||
392 | "EE386BFB" "5A899FA5" "AE9F2411" "7C4B1FE6" "49286651" "ECE45B3D" | ||
393 | "C2007CB8" "A163BF05" "98DA4836" "1C55D39A" "69163FA8" "FD24CF5F" | ||
394 | "83655D23" "DCA3AD96" "1C62F356" "208552BB" "9ED52907" "7096966D" | ||
395 | "670C354E" "4ABC9804" "F1746C08" "CA18217C" "32905E46" "2E36CE3B" | ||
396 | "E39E772C" "180E8603" "9B2783A2" "EC07A28F" "B5C55DF0" "6F4C52C9" | ||
397 | "DE2BCBF6" "95581718" "3995497C" "EA956AE5" "15D22618" "98FA0510" | ||
398 | "15728E5A" "8AAAC42D" "AD33170D" "04507A33" "A85521AB" "DF1CBA64" | ||
399 | "ECFB8504" "58DBEF0A" "8AEA7157" "5D060C7D" "B3970F85" "A6E1E4C7" | ||
400 | "ABF5AE8C" "DB0933D7" "1E8C94E0" "4A25619D" "CEE3D226" "1AD2EE6B" | ||
401 | "F12FFA06" "D98A0864" "D8760273" "3EC86A64" "521F2B18" "177B200C" | ||
402 | "BBE11757" "7A615D6C" "770988C0" "BAD946E2" "08E24FA0" "74E5AB31" | ||
403 | "43DB5BFC" "E0FD108E" "4B82D120" "A9210801" "1A723C12" "A787E6D7" | ||
404 | "88719A10" "BDBA5B26" "99C32718" "6AF4E23C" "1A946834" "B6150BDA" | ||
405 | "2583E9CA" "2AD44CE8" "DBBBC2DB" "04DE8EF9" "2E8EFC14" "1FBECAA6" | ||
406 | "287C5947" "4E6BC05D" "99B2964F" "A090C3A2" "233BA186" "515BE7ED" | ||
407 | "1F612970" "CEE2D7AF" "B81BDD76" "2170481C" "D0069127" "D5B05AA9" | ||
408 | "93B4EA98" "8D8FDDC1" "86FFB7DC" "90A6C08F" "4DF435C9" "34028492" | ||
409 | "36C3FAB4" "D27C7026" "C1D4DCB2" "602646DE" "C9751E76" "3DBA37BD" | ||
410 | "F8FF9406" "AD9E530E" "E5DB382F" "413001AE" "B06A53ED" "9027D831" | ||
411 | "179727B0" "865A8918" "DA3EDBEB" "CF9B14ED" "44CE6CBA" "CED4BB1B" | ||
412 | "DB7F1447" "E6CC254B" "33205151" "2BD7AF42" "6FB8F401" "378CD2BF" | ||
413 | "5983CA01" "C64B92EC" "F032EA15" "D1721D03" "F482D7CE" "6E74FEF6" | ||
414 | "D55E702F" "46980C82" "B5A84031" "900B1C9E" "59E7C97F" "BEC7E8F3" | ||
415 | "23A97A7E" "36CC88BE" "0F1D45B7" "FF585AC5" "4BD407B2" "2B4154AA" | ||
416 | "CC8F6D7E" "BF48E1D8" "14CC5ED2" "0F8037E0" "A79715EE" "F29BE328" | ||
417 | "06A1D58B" "B7C5DA76" "F550AA3D" "8A1FBFF0" "EB19CCB1" "A313D55C" | ||
418 | "DA56C9EC" "2EF29632" "387FE8D7" "6E3C0468" "043E8F66" "3F4860EE" | ||
419 | "12BF2D5B" "0B7474D6" "E694F91E" "6DBE1159" "74A3926F" "12FEE5E4" | ||
420 | "38777CB6" "A932DF8C" "D8BEC4D0" "73B931BA" "3BC832B6" "8D9DD300" | ||
421 | "741FA7BF" "8AFC47ED" "2576F693" "6BA42466" "3AAB639C" "5AE4F568" | ||
422 | "3423B474" "2BF1C978" "238F16CB" "E39D652D" "E3FDB8BE" "FC848AD9" | ||
423 | "22222E04" "A4037C07" "13EB57A8" "1A23F0C7" "3473FC64" "6CEA306B" | ||
424 | "4BCBC886" "2F8385DD" "FA9D4B7F" "A2C087E8" "79683303" "ED5BDD3A" | ||
425 | "062B3CF5" "B3A278A6" "6D2A13F8" "3F44F82D" "DF310EE0" "74AB6A36" | ||
426 | "4597E899" "A0255DC1" "64F31CC5" "0846851D" "F9AB4819" "5DED7EA1" | ||
427 | "B1D510BD" "7EE74D73" "FAF36BC3" "1ECFA268" "359046F4" "EB879F92" | ||
428 | "4009438B" "481C6CD7" "889A002E" "D5EE382B" "C9190DA6" "FC026E47" | ||
429 | "9558E447" "5677E9AA" "9E3050E2" "765694DF" "C81F56E8" "80B96E71" | ||
430 | "60C980DD" "98EDD3DF" "FFFFFFFF" "FFFFFFFF"; | ||
431 | |||
432 | return (dh_new_group_asc(gen, group16)); | ||
433 | } | ||
434 | |||
435 | /* Select fallback group used by DH-GEX if moduli file cannot be read. */ | ||
436 | DH * | ||
437 | dh_new_group_fallback(int max) | ||
438 | { | ||
439 | debug3("%s: requested max size %d", __func__, max); | ||
440 | if (max < 3072) { | ||
441 | debug3("using 2k bit group 14"); | ||
383 | return dh_new_group14(); | 442 | return dh_new_group14(); |
443 | } else if (max < 6144) { | ||
444 | debug3("using 4k bit group 16"); | ||
445 | return dh_new_group16(); | ||
384 | } | 446 | } |
385 | debug3("using 4k bit group 16"); | 447 | debug3("using 8k bit group 18"); |
386 | return (dh_new_group_asc(gen, group16)); | 448 | return dh_new_group18(); |
387 | } | 449 | } |
388 | 450 | ||
389 | /* | 451 | /* |
@@ -393,7 +455,6 @@ dh_new_group_fallback(int max) | |||
393 | * Management Part 1 (rev 3) limited by the recommended maximum value | 455 | * Management Part 1 (rev 3) limited by the recommended maximum value |
394 | * from RFC4419 section 3. | 456 | * from RFC4419 section 3. |
395 | */ | 457 | */ |
396 | |||
397 | u_int | 458 | u_int |
398 | dh_estimate(int bits) | 459 | dh_estimate(int bits) |
399 | { | 460 | { |
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: dh.h,v 1.14 2015/10/16 22:32:22 djm Exp $ */ | 1 | /* $OpenBSD: dh.h,v 1.15 2016/05/02 10:26:04 djm Exp $ */ |
2 | 2 | ||
3 | /* | 3 | /* |
4 | * Copyright (c) 2000 Niels Provos. All rights reserved. | 4 | * Copyright (c) 2000 Niels Provos. All rights reserved. |
@@ -37,6 +37,8 @@ DH *dh_new_group_asc(const char *, const char *); | |||
37 | DH *dh_new_group(BIGNUM *, BIGNUM *); | 37 | DH *dh_new_group(BIGNUM *, BIGNUM *); |
38 | DH *dh_new_group1(void); | 38 | DH *dh_new_group1(void); |
39 | DH *dh_new_group14(void); | 39 | DH *dh_new_group14(void); |
40 | DH *dh_new_group16(void); | ||
41 | DH *dh_new_group18(void); | ||
40 | DH *dh_new_group_fallback(int); | 42 | DH *dh_new_group_fallback(int); |
41 | 43 | ||
42 | int dh_gen_key(DH *, int); | 44 | int dh_gen_key(DH *, int); |
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: kex.c,v 1.117 2016/02/08 10:57:07 djm Exp $ */ | 1 | /* $OpenBSD: kex.c,v 1.118 2016/05/02 10:26:04 djm Exp $ */ |
2 | /* | 2 | /* |
3 | * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. | 3 | * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. |
4 | * | 4 | * |
@@ -88,7 +88,10 @@ struct kexalg { | |||
88 | static const struct kexalg kexalgs[] = { | 88 | static const struct kexalg kexalgs[] = { |
89 | #ifdef WITH_OPENSSL | 89 | #ifdef WITH_OPENSSL |
90 | { KEX_DH1, KEX_DH_GRP1_SHA1, 0, SSH_DIGEST_SHA1 }, | 90 | { KEX_DH1, KEX_DH_GRP1_SHA1, 0, SSH_DIGEST_SHA1 }, |
91 | { KEX_DH14, KEX_DH_GRP14_SHA1, 0, SSH_DIGEST_SHA1 }, | 91 | { KEX_DH14_SHA1, KEX_DH_GRP14_SHA1, 0, SSH_DIGEST_SHA1 }, |
92 | { KEX_DH14_SHA256, KEX_DH_GRP14_SHA256, 0, SSH_DIGEST_SHA256 }, | ||
93 | { KEX_DH16_SHA512, KEX_DH_GRP16_SHA512, 0, SSH_DIGEST_SHA512 }, | ||
94 | { KEX_DH18_SHA512, KEX_DH_GRP18_SHA512, 0, SSH_DIGEST_SHA512 }, | ||
92 | { KEX_DHGEX_SHA1, KEX_DH_GEX_SHA1, 0, SSH_DIGEST_SHA1 }, | 95 | { KEX_DHGEX_SHA1, KEX_DH_GEX_SHA1, 0, SSH_DIGEST_SHA1 }, |
93 | #ifdef HAVE_EVP_SHA256 | 96 | #ifdef HAVE_EVP_SHA256 |
94 | { KEX_DHGEX_SHA256, KEX_DH_GEX_SHA256, 0, SSH_DIGEST_SHA256 }, | 97 | { KEX_DHGEX_SHA256, KEX_DH_GEX_SHA256, 0, SSH_DIGEST_SHA256 }, |
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: kex.h,v 1.77 2016/05/02 08:49:03 djm Exp $ */ | 1 | /* $OpenBSD: kex.h,v 1.78 2016/05/02 10:26:04 djm Exp $ */ |
2 | 2 | ||
3 | /* | 3 | /* |
4 | * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. | 4 | * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. |
@@ -51,7 +51,10 @@ | |||
51 | #define KEX_COOKIE_LEN 16 | 51 | #define KEX_COOKIE_LEN 16 |
52 | 52 | ||
53 | #define KEX_DH1 "diffie-hellman-group1-sha1" | 53 | #define KEX_DH1 "diffie-hellman-group1-sha1" |
54 | #define KEX_DH14 "diffie-hellman-group14-sha1" | 54 | #define KEX_DH14_SHA1 "diffie-hellman-group14-sha1" |
55 | #define KEX_DH14_SHA256 "diffie-hellman-group14-sha256" | ||
56 | #define KEX_DH16_SHA512 "diffie-hellman-group16-sha512" | ||
57 | #define KEX_DH18_SHA512 "diffie-hellman-group18-sha512" | ||
55 | #define KEX_DHGEX_SHA1 "diffie-hellman-group-exchange-sha1" | 58 | #define KEX_DHGEX_SHA1 "diffie-hellman-group-exchange-sha1" |
56 | #define KEX_DHGEX_SHA256 "diffie-hellman-group-exchange-sha256" | 59 | #define KEX_DHGEX_SHA256 "diffie-hellman-group-exchange-sha256" |
57 | #define KEX_ECDH_SHA2_NISTP256 "ecdh-sha2-nistp256" | 60 | #define KEX_ECDH_SHA2_NISTP256 "ecdh-sha2-nistp256" |
@@ -88,6 +91,9 @@ enum kex_modes { | |||
88 | enum kex_exchange { | 91 | enum kex_exchange { |
89 | KEX_DH_GRP1_SHA1, | 92 | KEX_DH_GRP1_SHA1, |
90 | KEX_DH_GRP14_SHA1, | 93 | KEX_DH_GRP14_SHA1, |
94 | KEX_DH_GRP14_SHA256, | ||
95 | KEX_DH_GRP16_SHA512, | ||
96 | KEX_DH_GRP18_SHA512, | ||
91 | KEX_DH_GEX_SHA1, | 97 | KEX_DH_GEX_SHA1, |
92 | KEX_DH_GEX_SHA256, | 98 | KEX_DH_GEX_SHA256, |
93 | KEX_ECDH_SHA2, | 99 | KEX_ECDH_SHA2, |
@@ -190,7 +196,7 @@ int kexecdh_server(struct ssh *); | |||
190 | int kexc25519_client(struct ssh *); | 196 | int kexc25519_client(struct ssh *); |
191 | int kexc25519_server(struct ssh *); | 197 | int kexc25519_server(struct ssh *); |
192 | 198 | ||
193 | int kex_dh_hash(const char *, const char *, | 199 | int kex_dh_hash(int, const char *, const char *, |
194 | const u_char *, size_t, const u_char *, size_t, const u_char *, size_t, | 200 | const u_char *, size_t, const u_char *, size_t, const u_char *, size_t, |
195 | const BIGNUM *, const BIGNUM *, const BIGNUM *, u_char *, size_t *); | 201 | const BIGNUM *, const BIGNUM *, const BIGNUM *, u_char *, size_t *); |
196 | 202 | ||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: kexdh.c,v 1.25 2015/01/19 20:16:15 markus Exp $ */ | 1 | /* $OpenBSD: kexdh.c,v 1.26 2016/05/02 10:26:04 djm Exp $ */ |
2 | /* | 2 | /* |
3 | * Copyright (c) 2001 Markus Friedl. All rights reserved. | 3 | * Copyright (c) 2001 Markus Friedl. All rights reserved. |
4 | * | 4 | * |
@@ -43,6 +43,7 @@ | |||
43 | 43 | ||
44 | int | 44 | int |
45 | kex_dh_hash( | 45 | kex_dh_hash( |
46 | int hash_alg, | ||
46 | const char *client_version_string, | 47 | const char *client_version_string, |
47 | const char *server_version_string, | 48 | const char *server_version_string, |
48 | const u_char *ckexinit, size_t ckexinitlen, | 49 | const u_char *ckexinit, size_t ckexinitlen, |
@@ -56,7 +57,7 @@ kex_dh_hash( | |||
56 | struct sshbuf *b; | 57 | struct sshbuf *b; |
57 | int r; | 58 | int r; |
58 | 59 | ||
59 | if (*hashlen < ssh_digest_bytes(SSH_DIGEST_SHA1)) | 60 | if (*hashlen < ssh_digest_bytes(hash_alg)) |
60 | return SSH_ERR_INVALID_ARGUMENT; | 61 | return SSH_ERR_INVALID_ARGUMENT; |
61 | if ((b = sshbuf_new()) == NULL) | 62 | if ((b = sshbuf_new()) == NULL) |
62 | return SSH_ERR_ALLOC_FAIL; | 63 | return SSH_ERR_ALLOC_FAIL; |
@@ -79,12 +80,12 @@ kex_dh_hash( | |||
79 | #ifdef DEBUG_KEX | 80 | #ifdef DEBUG_KEX |
80 | sshbuf_dump(b, stderr); | 81 | sshbuf_dump(b, stderr); |
81 | #endif | 82 | #endif |
82 | if (ssh_digest_buffer(SSH_DIGEST_SHA1, b, hash, *hashlen) != 0) { | 83 | if (ssh_digest_buffer(hash_alg, b, hash, *hashlen) != 0) { |
83 | sshbuf_free(b); | 84 | sshbuf_free(b); |
84 | return SSH_ERR_LIBCRYPTO_ERROR; | 85 | return SSH_ERR_LIBCRYPTO_ERROR; |
85 | } | 86 | } |
86 | sshbuf_free(b); | 87 | sshbuf_free(b); |
87 | *hashlen = ssh_digest_bytes(SSH_DIGEST_SHA1); | 88 | *hashlen = ssh_digest_bytes(hash_alg); |
88 | #ifdef DEBUG_KEX | 89 | #ifdef DEBUG_KEX |
89 | dump_digest("hash", hash, *hashlen); | 90 | dump_digest("hash", hash, *hashlen); |
90 | #endif | 91 | #endif |
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: kexdhc.c,v 1.18 2015/01/26 06:10:03 djm Exp $ */ | 1 | /* $OpenBSD: kexdhc.c,v 1.19 2016/05/02 10:26:04 djm Exp $ */ |
2 | /* | 2 | /* |
3 | * Copyright (c) 2001 Markus Friedl. All rights reserved. | 3 | * Copyright (c) 2001 Markus Friedl. All rights reserved. |
4 | * | 4 | * |
@@ -63,8 +63,15 @@ kexdh_client(struct ssh *ssh) | |||
63 | kex->dh = dh_new_group1(); | 63 | kex->dh = dh_new_group1(); |
64 | break; | 64 | break; |
65 | case KEX_DH_GRP14_SHA1: | 65 | case KEX_DH_GRP14_SHA1: |
66 | case KEX_DH_GRP14_SHA256: | ||
66 | kex->dh = dh_new_group14(); | 67 | kex->dh = dh_new_group14(); |
67 | break; | 68 | break; |
69 | case KEX_DH_GRP16_SHA512: | ||
70 | kex->dh = dh_new_group16(); | ||
71 | break; | ||
72 | case KEX_DH_GRP18_SHA512: | ||
73 | kex->dh = dh_new_group18(); | ||
74 | break; | ||
68 | default: | 75 | default: |
69 | r = SSH_ERR_INVALID_ARGUMENT; | 76 | r = SSH_ERR_INVALID_ARGUMENT; |
70 | goto out; | 77 | goto out; |
@@ -164,6 +171,7 @@ input_kex_dh(int type, u_int32_t seq, void *ctxt) | |||
164 | /* calc and verify H */ | 171 | /* calc and verify H */ |
165 | hashlen = sizeof(hash); | 172 | hashlen = sizeof(hash); |
166 | if ((r = kex_dh_hash( | 173 | if ((r = kex_dh_hash( |
174 | kex->hash_alg, | ||
167 | kex->client_version_string, | 175 | kex->client_version_string, |
168 | kex->server_version_string, | 176 | kex->server_version_string, |
169 | sshbuf_ptr(kex->my), sshbuf_len(kex->my), | 177 | sshbuf_ptr(kex->my), sshbuf_len(kex->my), |
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: kexdhs.c,v 1.23 2015/12/04 16:41:28 markus Exp $ */ | 1 | /* $OpenBSD: kexdhs.c,v 1.24 2016/05/02 10:26:04 djm Exp $ */ |
2 | /* | 2 | /* |
3 | * Copyright (c) 2001 Markus Friedl. All rights reserved. | 3 | * Copyright (c) 2001 Markus Friedl. All rights reserved. |
4 | * | 4 | * |
@@ -63,8 +63,15 @@ kexdh_server(struct ssh *ssh) | |||
63 | kex->dh = dh_new_group1(); | 63 | kex->dh = dh_new_group1(); |
64 | break; | 64 | break; |
65 | case KEX_DH_GRP14_SHA1: | 65 | case KEX_DH_GRP14_SHA1: |
66 | case KEX_DH_GRP14_SHA256: | ||
66 | kex->dh = dh_new_group14(); | 67 | kex->dh = dh_new_group14(); |
67 | break; | 68 | break; |
69 | case KEX_DH_GRP16_SHA512: | ||
70 | kex->dh = dh_new_group16(); | ||
71 | break; | ||
72 | case KEX_DH_GRP18_SHA512: | ||
73 | kex->dh = dh_new_group18(); | ||
74 | break; | ||
68 | default: | 75 | default: |
69 | r = SSH_ERR_INVALID_ARGUMENT; | 76 | r = SSH_ERR_INVALID_ARGUMENT; |
70 | goto out; | 77 | goto out; |
@@ -158,6 +165,7 @@ input_kex_dh_init(int type, u_int32_t seq, void *ctxt) | |||
158 | /* calc H */ | 165 | /* calc H */ |
159 | hashlen = sizeof(hash); | 166 | hashlen = sizeof(hash); |
160 | if ((r = kex_dh_hash( | 167 | if ((r = kex_dh_hash( |
168 | kex->hash_alg, | ||
161 | kex->client_version_string, | 169 | kex->client_version_string, |
162 | kex->server_version_string, | 170 | kex->server_version_string, |
163 | sshbuf_ptr(kex->peer), sshbuf_len(kex->peer), | 171 | sshbuf_ptr(kex->peer), sshbuf_len(kex->peer), |
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: monitor.c,v 1.159 2016/05/02 08:49:03 djm Exp $ */ | 1 | /* $OpenBSD: monitor.c,v 1.160 2016/05/02 10:26:04 djm Exp $ */ |
2 | /* | 2 | /* |
3 | * Copyright 2002 Niels Provos <provos@citi.umich.edu> | 3 | * Copyright 2002 Niels Provos <provos@citi.umich.edu> |
4 | * Copyright 2002 Markus Friedl <markus@openbsd.org> | 4 | * Copyright 2002 Markus Friedl <markus@openbsd.org> |
@@ -1860,6 +1860,9 @@ monitor_apply_keystate(struct monitor *pmonitor) | |||
1860 | #ifdef WITH_OPENSSL | 1860 | #ifdef WITH_OPENSSL |
1861 | kex->kex[KEX_DH_GRP1_SHA1] = kexdh_server; | 1861 | kex->kex[KEX_DH_GRP1_SHA1] = kexdh_server; |
1862 | kex->kex[KEX_DH_GRP14_SHA1] = kexdh_server; | 1862 | kex->kex[KEX_DH_GRP14_SHA1] = kexdh_server; |
1863 | kex->kex[KEX_DH_GRP14_SHA256] = kexdh_server; | ||
1864 | kex->kex[KEX_DH_GRP16_SHA512] = kexdh_server; | ||
1865 | kex->kex[KEX_DH_GRP18_SHA512] = kexdh_server; | ||
1863 | kex->kex[KEX_DH_GEX_SHA1] = kexgex_server; | 1866 | kex->kex[KEX_DH_GEX_SHA1] = kexgex_server; |
1864 | kex->kex[KEX_DH_GEX_SHA256] = kexgex_server; | 1867 | kex->kex[KEX_DH_GEX_SHA256] = kexgex_server; |
1865 | # ifdef OPENSSL_HAS_ECC | 1868 | # ifdef OPENSSL_HAS_ECC |
diff --git a/myproposal.h b/myproposal.h index bdd05966f..597090164 100644 --- a/myproposal.h +++ b/myproposal.h | |||
@@ -67,13 +67,18 @@ | |||
67 | #endif | 67 | #endif |
68 | 68 | ||
69 | #ifdef HAVE_EVP_SHA256 | 69 | #ifdef HAVE_EVP_SHA256 |
70 | # define KEX_SHA256_METHODS \ | 70 | # define KEX_SHA2_METHODS \ |
71 | "diffie-hellman-group-exchange-sha256," | 71 | "diffie-hellman-group-exchange-sha256," \ |
72 | "diffie-hellman-group16-sha512," \ | ||
73 | "diffie-hellman-group18-sha512," | ||
74 | # define KEX_SHA2_GROUP14 \ | ||
75 | "diffie-hellman-group14-sha256," | ||
72 | #define SHA2_HMAC_MODES \ | 76 | #define SHA2_HMAC_MODES \ |
73 | "hmac-sha2-256," \ | 77 | "hmac-sha2-256," \ |
74 | "hmac-sha2-512," | 78 | "hmac-sha2-512," |
75 | #else | 79 | #else |
76 | # define KEX_SHA256_METHODS | 80 | # define KEX_SHA2_METHODS |
81 | # define KEX_SHA2_GROUP14 | ||
77 | # define SHA2_HMAC_MODES | 82 | # define SHA2_HMAC_MODES |
78 | #endif | 83 | #endif |
79 | 84 | ||
@@ -86,13 +91,15 @@ | |||
86 | #define KEX_COMMON_KEX \ | 91 | #define KEX_COMMON_KEX \ |
87 | KEX_CURVE25519_METHODS \ | 92 | KEX_CURVE25519_METHODS \ |
88 | KEX_ECDH_METHODS \ | 93 | KEX_ECDH_METHODS \ |
89 | KEX_SHA256_METHODS | 94 | KEX_SHA2_METHODS |
90 | 95 | ||
91 | #define KEX_SERVER_KEX KEX_COMMON_KEX \ | 96 | #define KEX_SERVER_KEX KEX_COMMON_KEX \ |
97 | KEX_SHA2_GROUP14 \ | ||
92 | "diffie-hellman-group14-sha1" \ | 98 | "diffie-hellman-group14-sha1" \ |
93 | 99 | ||
94 | #define KEX_CLIENT_KEX KEX_COMMON_KEX \ | 100 | #define KEX_CLIENT_KEX KEX_COMMON_KEX \ |
95 | "diffie-hellman-group-exchange-sha1," \ | 101 | "diffie-hellman-group-exchange-sha1," \ |
102 | KEX_SHA2_GROUP14 \ | ||
96 | "diffie-hellman-group14-sha1" | 103 | "diffie-hellman-group14-sha1" |
97 | 104 | ||
98 | #define KEX_DEFAULT_PK_ALG \ | 105 | #define KEX_DEFAULT_PK_ALG \ |
diff --git a/ssh-keyscan.c b/ssh-keyscan.c index 7fe61e4e1..c30d54e62 100644 --- a/ssh-keyscan.c +++ b/ssh-keyscan.c | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: ssh-keyscan.c,v 1.105 2016/02/15 09:47:49 dtucker Exp $ */ | 1 | /* $OpenBSD: ssh-keyscan.c,v 1.106 2016/05/02 10:26:04 djm Exp $ */ |
2 | /* | 2 | /* |
3 | * Copyright 1995, 1996 by David Mazieres <dm@lcs.mit.edu>. | 3 | * Copyright 1995, 1996 by David Mazieres <dm@lcs.mit.edu>. |
4 | * | 4 | * |
@@ -302,6 +302,9 @@ keygrab_ssh2(con *c) | |||
302 | #ifdef WITH_OPENSSL | 302 | #ifdef WITH_OPENSSL |
303 | c->c_ssh->kex->kex[KEX_DH_GRP1_SHA1] = kexdh_client; | 303 | c->c_ssh->kex->kex[KEX_DH_GRP1_SHA1] = kexdh_client; |
304 | c->c_ssh->kex->kex[KEX_DH_GRP14_SHA1] = kexdh_client; | 304 | c->c_ssh->kex->kex[KEX_DH_GRP14_SHA1] = kexdh_client; |
305 | c->c_ssh->kex->kex[KEX_DH_GRP14_SHA256] = kexdh_client; | ||
306 | c->c_ssh->kex->kex[KEX_DH_GRP16_SHA512] = kexdh_client; | ||
307 | c->c_ssh->kex->kex[KEX_DH_GRP18_SHA512] = kexdh_client; | ||
305 | c->c_ssh->kex->kex[KEX_DH_GEX_SHA1] = kexgex_client; | 308 | c->c_ssh->kex->kex[KEX_DH_GEX_SHA1] = kexgex_client; |
306 | c->c_ssh->kex->kex[KEX_DH_GEX_SHA256] = kexgex_client; | 309 | c->c_ssh->kex->kex[KEX_DH_GEX_SHA256] = kexgex_client; |
307 | # ifdef OPENSSL_HAS_ECC | 310 | # ifdef OPENSSL_HAS_ECC |
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: ssh_api.c,v 1.5 2015/12/04 16:41:28 markus Exp $ */ | 1 | /* $OpenBSD: ssh_api.c,v 1.6 2016/05/02 10:26:04 djm Exp $ */ |
2 | /* | 2 | /* |
3 | * Copyright (c) 2012 Markus Friedl. All rights reserved. | 3 | * Copyright (c) 2012 Markus Friedl. All rights reserved. |
4 | * | 4 | * |
@@ -103,6 +103,9 @@ ssh_init(struct ssh **sshp, int is_server, struct kex_params *kex_params) | |||
103 | #ifdef WITH_OPENSSL | 103 | #ifdef WITH_OPENSSL |
104 | ssh->kex->kex[KEX_DH_GRP1_SHA1] = kexdh_server; | 104 | ssh->kex->kex[KEX_DH_GRP1_SHA1] = kexdh_server; |
105 | ssh->kex->kex[KEX_DH_GRP14_SHA1] = kexdh_server; | 105 | ssh->kex->kex[KEX_DH_GRP14_SHA1] = kexdh_server; |
106 | ssh->kex->kex[KEX_DH_GRP14_SHA256] = kexdh_server; | ||
107 | ssh->kex->kex[KEX_DH_GRP16_SHA512] = kexdh_server; | ||
108 | ssh->kex->kex[KEX_DH_GRP18_SHA512] = kexdh_server; | ||
106 | ssh->kex->kex[KEX_DH_GEX_SHA1] = kexgex_server; | 109 | ssh->kex->kex[KEX_DH_GEX_SHA1] = kexgex_server; |
107 | ssh->kex->kex[KEX_DH_GEX_SHA256] = kexgex_server; | 110 | ssh->kex->kex[KEX_DH_GEX_SHA256] = kexgex_server; |
108 | # ifdef OPENSSL_HAS_ECC | 111 | # ifdef OPENSSL_HAS_ECC |
@@ -117,6 +120,9 @@ ssh_init(struct ssh **sshp, int is_server, struct kex_params *kex_params) | |||
117 | #ifdef WITH_OPENSSL | 120 | #ifdef WITH_OPENSSL |
118 | ssh->kex->kex[KEX_DH_GRP1_SHA1] = kexdh_client; | 121 | ssh->kex->kex[KEX_DH_GRP1_SHA1] = kexdh_client; |
119 | ssh->kex->kex[KEX_DH_GRP14_SHA1] = kexdh_client; | 122 | ssh->kex->kex[KEX_DH_GRP14_SHA1] = kexdh_client; |
123 | ssh->kex->kex[KEX_DH_GRP14_SHA256] = kexdh_client; | ||
124 | ssh->kex->kex[KEX_DH_GRP16_SHA512] = kexdh_client; | ||
125 | ssh->kex->kex[KEX_DH_GRP18_SHA512] = kexdh_client; | ||
120 | ssh->kex->kex[KEX_DH_GEX_SHA1] = kexgex_client; | 126 | ssh->kex->kex[KEX_DH_GEX_SHA1] = kexgex_client; |
121 | ssh->kex->kex[KEX_DH_GEX_SHA256] = kexgex_client; | 127 | ssh->kex->kex[KEX_DH_GEX_SHA256] = kexgex_client; |
122 | # ifdef OPENSSL_HAS_ECC | 128 | # ifdef OPENSSL_HAS_ECC |
diff --git a/sshconnect2.c b/sshconnect2.c index 1dddf75aa..945471f15 100644 --- a/sshconnect2.c +++ b/sshconnect2.c | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: sshconnect2.c,v 1.242 2016/05/02 08:49:03 djm Exp $ */ | 1 | /* $OpenBSD: sshconnect2.c,v 1.243 2016/05/02 10:26:04 djm Exp $ */ |
2 | /* | 2 | /* |
3 | * Copyright (c) 2000 Markus Friedl. All rights reserved. | 3 | * Copyright (c) 2000 Markus Friedl. All rights reserved. |
4 | * Copyright (c) 2008 Damien Miller. All rights reserved. | 4 | * Copyright (c) 2008 Damien Miller. All rights reserved. |
@@ -206,6 +206,9 @@ ssh_kex2(char *host, struct sockaddr *hostaddr, u_short port) | |||
206 | #ifdef WITH_OPENSSL | 206 | #ifdef WITH_OPENSSL |
207 | kex->kex[KEX_DH_GRP1_SHA1] = kexdh_client; | 207 | kex->kex[KEX_DH_GRP1_SHA1] = kexdh_client; |
208 | kex->kex[KEX_DH_GRP14_SHA1] = kexdh_client; | 208 | kex->kex[KEX_DH_GRP14_SHA1] = kexdh_client; |
209 | kex->kex[KEX_DH_GRP14_SHA256] = kexdh_client; | ||
210 | kex->kex[KEX_DH_GRP16_SHA512] = kexdh_client; | ||
211 | kex->kex[KEX_DH_GRP18_SHA512] = kexdh_client; | ||
209 | kex->kex[KEX_DH_GEX_SHA1] = kexgex_client; | 212 | kex->kex[KEX_DH_GEX_SHA1] = kexgex_client; |
210 | kex->kex[KEX_DH_GEX_SHA256] = kexgex_client; | 213 | kex->kex[KEX_DH_GEX_SHA256] = kexgex_client; |
211 | # ifdef OPENSSL_HAS_ECC | 214 | # ifdef OPENSSL_HAS_ECC |
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: sshd.c,v 1.467 2016/05/02 08:49:03 djm Exp $ */ | 1 | /* $OpenBSD: sshd.c,v 1.468 2016/05/02 10:26:04 djm Exp $ */ |
2 | /* | 2 | /* |
3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> | 3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> |
4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland | 4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
@@ -2637,6 +2637,9 @@ do_ssh2_kex(void) | |||
2637 | #ifdef WITH_OPENSSL | 2637 | #ifdef WITH_OPENSSL |
2638 | kex->kex[KEX_DH_GRP1_SHA1] = kexdh_server; | 2638 | kex->kex[KEX_DH_GRP1_SHA1] = kexdh_server; |
2639 | kex->kex[KEX_DH_GRP14_SHA1] = kexdh_server; | 2639 | kex->kex[KEX_DH_GRP14_SHA1] = kexdh_server; |
2640 | kex->kex[KEX_DH_GRP14_SHA256] = kexdh_server; | ||
2641 | kex->kex[KEX_DH_GRP16_SHA512] = kexdh_server; | ||
2642 | kex->kex[KEX_DH_GRP18_SHA512] = kexdh_server; | ||
2640 | kex->kex[KEX_DH_GEX_SHA1] = kexgex_server; | 2643 | kex->kex[KEX_DH_GEX_SHA1] = kexgex_server; |
2641 | kex->kex[KEX_DH_GEX_SHA256] = kexgex_server; | 2644 | kex->kex[KEX_DH_GEX_SHA256] = kexgex_server; |
2642 | # ifdef OPENSSL_HAS_ECC | 2645 | # ifdef OPENSSL_HAS_ECC |