Date: Sun, 20 Apr 2014 11:17:45 +0000 (UTC) From: Dag-Erling Smørgrav <des@FreeBSD.org> To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-vendor@freebsd.org Subject: svn commit: r264690 - vendor-crypto/openssh/dist Message-ID: <201404201117.s3KBHjWS091032@svn.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: des Date: Sun Apr 20 11:17:44 2014 New Revision: 264690 URL: http://svnweb.freebsd.org/changeset/base/264690 Log: Apply upstream patch for EC calculation bug that breaks EC key exchange about one out of 512 times. Modified: vendor-crypto/openssh/dist/bufaux.c vendor-crypto/openssh/dist/compat.c vendor-crypto/openssh/dist/compat.h vendor-crypto/openssh/dist/sshconnect2.c vendor-crypto/openssh/dist/sshd.c vendor-crypto/openssh/dist/version.h Modified: vendor-crypto/openssh/dist/bufaux.c ============================================================================== --- vendor-crypto/openssh/dist/bufaux.c Sun Apr 20 09:17:48 2014 (r264689) +++ vendor-crypto/openssh/dist/bufaux.c Sun Apr 20 11:17:44 2014 (r264690) @@ -1,4 +1,4 @@ -/* $OpenBSD: bufaux.c,v 1.56 2014/02/02 03:44:31 djm Exp $ */ +/* $OpenBSD: bufaux.c,v 1.57 2014/04/16 23:22:45 djm Exp $ */ /* * Author: Tatu Ylonen <ylo@cs.hut.fi> * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland @@ -372,6 +372,9 @@ buffer_put_bignum2_from_string(Buffer *b if (l > 8 * 1024) fatal("%s: length %u too long", __func__, l); + /* Skip leading zero bytes */ + for (; l > 0 && *s == 0; l--, s++) + ; p = buf = xmalloc(l + 1); /* * If most significant bit is set then prepend a zero byte to Modified: vendor-crypto/openssh/dist/compat.c ============================================================================== --- vendor-crypto/openssh/dist/compat.c Sun Apr 20 09:17:48 2014 (r264689) +++ vendor-crypto/openssh/dist/compat.c Sun Apr 20 11:17:44 2014 (r264690) @@ -95,6 +95,9 @@ compat_datafellows(const char *version) { "Sun_SSH_1.0*", SSH_BUG_NOREKEY|SSH_BUG_EXTEOF}, { "OpenSSH_4*", 0 }, { "OpenSSH_5*", SSH_NEW_OPENSSH|SSH_BUG_DYNAMIC_RPORT}, + { "OpenSSH_6.6.1*", SSH_NEW_OPENSSH}, + { "OpenSSH_6.5*," + "OpenSSH_6.6*", SSH_NEW_OPENSSH|SSH_BUG_CURVE25519PAD}, { "OpenSSH*", SSH_NEW_OPENSSH }, { "*MindTerm*", 0 }, { "2.1.0*", SSH_BUG_SIGBLOB|SSH_BUG_HMAC| @@ -251,7 +254,6 @@ compat_cipher_proposal(char *cipher_prop return cipher_prop; } - char * compat_pkalg_proposal(char *pkalg_prop) { @@ -265,3 +267,16 @@ compat_pkalg_proposal(char *pkalg_prop) return pkalg_prop; } +char * +compat_kex_proposal(char *kex_prop) +{ + if (!(datafellows & SSH_BUG_CURVE25519PAD)) + return kex_prop; + debug2("%s: original KEX proposal: %s", __func__, kex_prop); + kex_prop = filter_proposal(kex_prop, "curve25519-sha256@libssh.org"); + debug2("%s: compat KEX proposal: %s", __func__, kex_prop); + if (*kex_prop == '\0') + fatal("No supported key exchange algorithms found"); + return kex_prop; +} + Modified: vendor-crypto/openssh/dist/compat.h ============================================================================== --- vendor-crypto/openssh/dist/compat.h Sun Apr 20 09:17:48 2014 (r264689) +++ vendor-crypto/openssh/dist/compat.h Sun Apr 20 11:17:44 2014 (r264690) @@ -59,6 +59,7 @@ #define SSH_BUG_RFWD_ADDR 0x02000000 #define SSH_NEW_OPENSSH 0x04000000 #define SSH_BUG_DYNAMIC_RPORT 0x08000000 +#define SSH_BUG_CURVE25519PAD 0x10000000 void enable_compat13(void); void enable_compat20(void); @@ -66,6 +67,7 @@ void compat_datafellows(const char * int proto_spec(const char *); char *compat_cipher_proposal(char *); char *compat_pkalg_proposal(char *); +char *compat_kex_proposal(char *); extern int compat13; extern int compat20; Modified: vendor-crypto/openssh/dist/sshconnect2.c ============================================================================== --- vendor-crypto/openssh/dist/sshconnect2.c Sun Apr 20 09:17:48 2014 (r264689) +++ vendor-crypto/openssh/dist/sshconnect2.c Sun Apr 20 11:17:44 2014 (r264690) @@ -195,6 +195,8 @@ ssh_kex2(char *host, struct sockaddr *ho } if (options.kex_algorithms != NULL) myproposal[PROPOSAL_KEX_ALGS] = options.kex_algorithms; + myproposal[PROPOSAL_KEX_ALGS] = compat_kex_proposal( + myproposal[PROPOSAL_KEX_ALGS]); if (options.rekey_limit || options.rekey_interval) packet_set_rekey_limits((u_int32_t)options.rekey_limit, Modified: vendor-crypto/openssh/dist/sshd.c ============================================================================== --- vendor-crypto/openssh/dist/sshd.c Sun Apr 20 09:17:48 2014 (r264689) +++ vendor-crypto/openssh/dist/sshd.c Sun Apr 20 11:17:44 2014 (r264690) @@ -2462,6 +2462,9 @@ do_ssh2_kex(void) if (options.kex_algorithms != NULL) myproposal[PROPOSAL_KEX_ALGS] = options.kex_algorithms; + myproposal[PROPOSAL_KEX_ALGS] = compat_kex_proposal( + myproposal[PROPOSAL_KEX_ALGS]); + if (options.rekey_limit || options.rekey_interval) packet_set_rekey_limits((u_int32_t)options.rekey_limit, (time_t)options.rekey_interval); Modified: vendor-crypto/openssh/dist/version.h ============================================================================== --- vendor-crypto/openssh/dist/version.h Sun Apr 20 09:17:48 2014 (r264689) +++ vendor-crypto/openssh/dist/version.h Sun Apr 20 11:17:44 2014 (r264690) @@ -1,6 +1,6 @@ /* $OpenBSD: version.h,v 1.70 2014/02/27 22:57:40 djm Exp $ */ -#define SSH_VERSION "OpenSSH_6.6" +#define SSH_VERSION "OpenSSH_6.6.1" #define SSH_PORTABLE "p1" #define SSH_RELEASE SSH_VERSION SSH_PORTABLE
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201404201117.s3KBHjWS091032>