1 files changed, 29 insertions, 6 deletions
diff --git a/sshconnect2.c b/sshconnect2.c
index f636fb3d9..da8c8229c 100644
--- a/sshconnect2.c
+++ b/sshconnect2.c
@@ -23,7 +23,7 @@
 */
 #include "includes.h"
-RCSID("$OpenBSD: sshconnect2.c,v 1.56 2001/03/26 08:07:09 markus Exp $");
+RCSID("$OpenBSD: sshconnect2.c,v 1.57 2001/03/27 17:46:49 provos Exp $");
 #include <openssl/bn.h>
 #include <openssl/md5.h>
@@ -46,6 +46,7 @@ RCSID("$OpenBSD: sshconnect2.c,v 1.56 2001/03/26 08:07:09 markus Exp $");
 #include "sshconnect.h"
 #include "authfile.h"
 #include "cli.h"
+#include "dh.h"
 #include "dispatch.h"
 #include "authfd.h"
 #include "log.h"
@@ -309,7 +310,7 @@ ssh_dhgex_client(Kex *kex, char *host, struct sockaddr *hostaddr,
        int plen, dlen;
        u_int klen, kout;
        char *signature = NULL;
-        u_int slen, nbits;
+        u_int slen, nbits, min, max;
        char *server_host_key_blob = NULL;
        Key *server_host_key;
        u_int sbloblen;
@@ -322,14 +323,31 @@ ssh_dhgex_client(Kex *kex, char *host, struct sockaddr *hostaddr,
        nbits = dh_estimate(kex->we_need * 8);
-        debug("Sending SSH2_MSG_KEX_DH_GEX_REQUEST.");
+        if (datafellows & SSH_OLD_DHGEX) {
-        packet_start(SSH2_MSG_KEX_DH_GEX_REQUEST);
+                debug("Sending SSH2_MSG_KEX_DH_GEX_REQUEST_OLD.");
-        packet_put_int(nbits);
+                /* Old GEX request */
+                packet_start(SSH2_MSG_KEX_DH_GEX_REQUEST_OLD);
+                packet_put_int(nbits);
+                min = DH_GRP_MIN;
+                max = DH_GRP_MAX;
+        } else {
+                debug("Sending SSH2_MSG_KEX_DH_GEX_REQUEST.");
+                /* New GEX request */
+                min = DH_GRP_MIN;
+                max = MIN(DH_GRP_MAX, nbits * 1.25);
+                packet_start(SSH2_MSG_KEX_DH_GEX_REQUEST);
+                packet_put_int(min);
+                packet_put_int(nbits);
+                packet_put_int(max);
+        }
        packet_send();
        packet_write_wait();
 #ifdef DEBUG_KEXDH
-        fprintf(stderr, "\nnbits = %d", nbits);
+        fprintf(stderr, "\nmin = %d, nbits = %d, max = %d", min, nbits, max);
 #endif
        debug("Wait SSH2_MSG_KEX_DH_GEX_GROUP.");
@@ -344,6 +362,11 @@ ssh_dhgex_client(Kex *kex, char *host, struct sockaddr *hostaddr,
        if ((g = BN_new()) == NULL)
                fatal("BN_new");
        packet_get_bignum2(g, &dlen);
+        if (BN_num_bits(p) < min || BN_num_bits(p) > max)
+                fatal("DH_GEX group out of range: %d !< %d !< %d",
+                    min, BN_num_bits(p), max);
        dh = dh_new_group(g, p);
        dh_gen_key(dh, kex->we_need * 8);

diff --git a/sshconnect2.c b/sshconnect2.c index f636fb3d9..da8c8229c 100644 --- a/sshconnect2.c +++ b/sshconnect2.c
@@ -23,7 +23,7 @@
23	*/	23	*/
24		24
25	#include "includes.h"	25	#include "includes.h"
26	RCSID("$OpenBSD: sshconnect2.c,v 1.56 2001/03/26 08:07:09 markus Exp $");	26	RCSID("$OpenBSD: sshconnect2.c,v 1.57 2001/03/27 17:46:49 provos Exp $");
27		27
28	#include <openssl/bn.h>	28	#include <openssl/bn.h>
29	#include <openssl/md5.h>	29	#include <openssl/md5.h>
@@ -46,6 +46,7 @@ RCSID("$OpenBSD: sshconnect2.c,v 1.56 2001/03/26 08:07:09 markus Exp $");
46	#include "sshconnect.h"	46	#include "sshconnect.h"
47	#include "authfile.h"	47	#include "authfile.h"
48	#include "cli.h"	48	#include "cli.h"
		49	#include "dh.h"
49	#include "dispatch.h"	50	#include "dispatch.h"
50	#include "authfd.h"	51	#include "authfd.h"
51	#include "log.h"	52	#include "log.h"
@@ -309,7 +310,7 @@ ssh_dhgex_client(Kex kex, char host, struct sockaddr *hostaddr,
309	int plen, dlen;	310	int plen, dlen;
310	u_int klen, kout;	311	u_int klen, kout;
311	char *signature = NULL;	312	char *signature = NULL;
312	u_int slen, nbits;	313	u_int slen, nbits, min, max;
313	char *server_host_key_blob = NULL;	314	char *server_host_key_blob = NULL;
314	Key *server_host_key;	315	Key *server_host_key;
315	u_int sbloblen;	316	u_int sbloblen;
@@ -322,14 +323,31 @@ ssh_dhgex_client(Kex kex, char host, struct sockaddr *hostaddr,
322		323
323	nbits = dh_estimate(kex->we_need * 8);	324	nbits = dh_estimate(kex->we_need * 8);
324		325
325	debug("Sending SSH2_MSG_KEX_DH_GEX_REQUEST.");	326	if (datafellows & SSH_OLD_DHGEX) {
326	packet_start(SSH2_MSG_KEX_DH_GEX_REQUEST);	327	debug("Sending SSH2_MSG_KEX_DH_GEX_REQUEST_OLD.");
327	packet_put_int(nbits);	328
		329	/* Old GEX request */
		330	packet_start(SSH2_MSG_KEX_DH_GEX_REQUEST_OLD);
		331	packet_put_int(nbits);
		332	min = DH_GRP_MIN;
		333	max = DH_GRP_MAX;
		334	} else {
		335	debug("Sending SSH2_MSG_KEX_DH_GEX_REQUEST.");
		336
		337	/* New GEX request */
		338	min = DH_GRP_MIN;
		339	max = MIN(DH_GRP_MAX, nbits * 1.25);
		340
		341	packet_start(SSH2_MSG_KEX_DH_GEX_REQUEST);
		342	packet_put_int(min);
		343	packet_put_int(nbits);
		344	packet_put_int(max);
		345	}
328	packet_send();	346	packet_send();
329	packet_write_wait();	347	packet_write_wait();
330		348
331	#ifdef DEBUG_KEXDH	349	#ifdef DEBUG_KEXDH
332	fprintf(stderr, "\nnbits = %d", nbits);	350	fprintf(stderr, "\nmin = %d, nbits = %d, max = %d", min, nbits, max);
333	#endif	351	#endif
334		352
335	debug("Wait SSH2_MSG_KEX_DH_GEX_GROUP.");	353	debug("Wait SSH2_MSG_KEX_DH_GEX_GROUP.");
@@ -344,6 +362,11 @@ ssh_dhgex_client(Kex kex, char host, struct sockaddr *hostaddr,
344	if ((g = BN_new()) == NULL)	362	if ((g = BN_new()) == NULL)
345	fatal("BN_new");	363	fatal("BN_new");
346	packet_get_bignum2(g, &dlen);	364	packet_get_bignum2(g, &dlen);
		365
		366	if (BN_num_bits(p) < min \|\| BN_num_bits(p) > max)
		367	fatal("DH_GEX group out of range: %d !< %d !< %d",
		368	min, BN_num_bits(p), max);
		369
347	dh = dh_new_group(g, p);	370	dh = dh_new_group(g, p);
348		371
349	dh_gen_key(dh, kex->we_need * 8);	372	dh_gen_key(dh, kex->we_need * 8);