20010330
- (djm) Another openbsd-compat/glob.c sync
+ - (djm) OpenBSD CVS Sync
+ - provos@cvs.openbsd.org 2001/03/28 21:59:41
+ [kex.c kex.h sshconnect2.c sshd.c]
+ forgot to include min and max params in hash, okay markus@
20010329
- OpenBSD CVS Sync
*/
#include "includes.h"
-RCSID("$OpenBSD: kex.c,v 1.23 2001/03/10 17:51:04 markus Exp $");
+RCSID("$OpenBSD: kex.c,v 1.24 2001/03/28 21:59:40 provos Exp $");
#include <openssl/crypto.h>
#include <openssl/bio.h>
char *ckexinit, int ckexinitlen,
char *skexinit, int skexinitlen,
char *serverhostkeyblob, int sbloblen,
- int minbits, BIGNUM *prime, BIGNUM *gen,
+ int min, int wantbits, int max, BIGNUM *prime, BIGNUM *gen,
BIGNUM *client_dh_pub,
BIGNUM *server_dh_pub,
BIGNUM *shared_secret)
buffer_append(&b, skexinit, skexinitlen);
buffer_put_string(&b, serverhostkeyblob, sbloblen);
- buffer_put_int(&b, minbits);
+ if (min == -1 || max == -1)
+ buffer_put_int(&b, wantbits);
+ else {
+ buffer_put_int(&b, min);
+ buffer_put_int(&b, wantbits);
+ buffer_put_int(&b, max);
+ }
buffer_put_bignum2(&b, prime);
buffer_put_bignum2(&b, gen);
buffer_put_bignum2(&b, client_dh_pub);
-/* $OpenBSD: kex.h,v 1.15 2001/03/05 17:17:20 markus Exp $ */
+/* $OpenBSD: kex.h,v 1.16 2001/03/28 21:59:40 provos Exp $ */
/*
* Copyright (c) 2000 Markus Friedl. All rights reserved.
char *ckexinit, int ckexinitlen,
char *skexinit, int skexinitlen,
char *serverhostkeyblob, int sbloblen,
- int minbits, BIGNUM *prime, BIGNUM *gen,
+ int min, int wantbits, int max,
+ BIGNUM *prime, BIGNUM *gen,
BIGNUM *client_dh_pub,
BIGNUM *server_dh_pub,
BIGNUM *shared_secret);
*/
#include "includes.h"
-RCSID("$OpenBSD: sshconnect2.c,v 1.57 2001/03/27 17:46:49 provos Exp $");
+RCSID("$OpenBSD: sshconnect2.c,v 1.58 2001/03/28 21:59:40 provos Exp $");
#include <openssl/bn.h>
#include <openssl/md5.h>
memset(kbuf, 0, klen);
xfree(kbuf);
+ if (datafellows & SSH_OLD_DHGEX) {
+ /* These values are not included in the hash */
+ min = -1;
+ max = -1;
+ }
+
/* calc and verify H */
hash = kex_hash_gex(
client_version_string,
buffer_ptr(client_kexinit), buffer_len(client_kexinit),
buffer_ptr(server_kexinit), buffer_len(server_kexinit),
server_host_key_blob, sbloblen,
- nbits, dh->p, dh->g,
+ min, nbits, max,
+ dh->p, dh->g,
dh->pub_key,
dh_server_pub,
shared_secret
*/
#include "includes.h"
-RCSID("$OpenBSD: sshd.c,v 1.182 2001/03/28 20:50:45 markus Exp $");
+RCSID("$OpenBSD: sshd.c,v 1.183 2001/03/28 21:59:41 provos Exp $");
#include <openssl/dh.h>
#include <openssl/bn.h>
/* XXX precompute? */
key_to_blob(hostkey, &server_host_key_blob, &sbloblen);
+ if (type == SSH2_MSG_KEX_DH_GEX_REQUEST_OLD) {
+ /* These values are not included in the hash */
+ min = -1;
+ max = -1;
+ }
+
/* calc H */ /* XXX depends on 'kex' */
hash = kex_hash_gex(
client_version_string,
buffer_ptr(client_kexinit), buffer_len(client_kexinit),
buffer_ptr(server_kexinit), buffer_len(server_kexinit),
(char *)server_host_key_blob, sbloblen,
- nbits, dh->p, dh->g,
+ min, nbits, max,
+ dh->p, dh->g,
dh_client_pub,
dh->pub_key,
shared_secret