From owner-cvs-all Sun Feb 11 22:45: 2 2001 Delivered-To: cvs-all@freebsd.org Received: from freefall.freebsd.org (freefall.freebsd.org [216.136.204.21]) by hub.freebsd.org (Postfix) with ESMTP id 617A737B401; Sun, 11 Feb 2001 22:44:52 -0800 (PST) Received: (from kris@localhost) by freefall.freebsd.org (8.11.1/8.11.1) id f1C6iqj18540; Sun, 11 Feb 2001 22:44:52 -0800 (PST) (envelope-from kris) Message-Id: <200102120644.f1C6iqj18540@freefall.freebsd.org> From: Kris Kennaway Date: Sun, 11 Feb 2001 22:44:52 -0800 (PST) To: cvs-committers@FreeBSD.org, cvs-all@FreeBSD.org Subject: cvs commit: src/crypto/openssh rsa.c rsa.h ssh-agent.c sshconnect1.c sshd.c X-FreeBSD-CVS-Branch: HEAD Sender: owner-cvs-all@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG kris 2001/02/11 22:44:52 PST Modified files: crypto/openssh rsa.c rsa.h ssh-agent.c sshconnect1.c sshd.c Log: Patches backported from later development version of OpenSSH which prevent (instead of just mitigating through connection limits) the Bleichenbacher attack which can lead to guessing of the server key (not host key) by regenerating it when an RSA failure is detected. Reviewed by: rwatson Revision Changes Path 1.9 +8 -7 src/crypto/openssh/rsa.c 1.7 +2 -2 src/crypto/openssh/rsa.h 1.10 +3 -2 src/crypto/openssh/ssh-agent.c 1.6 +7 -4 src/crypto/openssh/sshconnect1.c 1.22 +38 -18 src/crypto/openssh/sshd.c To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe cvs-all" in the body of the message