- djm@cvs.openbsd.org 2013/02/16 06:08:45

[integrity.sh] make sure the fuzz offset is actually past the end of KEX for all KEX types. diffie-hellman-group-exchange-sha256 requires an offset around 2700. Noticed via test failures in portable OpenSSH on platforms that lack ECC and this the more byte-frugal ECDH KEX algorithms.
2024-12-27 12:22:09 +00:00 · 2013-02-16 17:32:31 +11:00 · 2013-02-16 17:32:31 +11:00 · 5d7b9565bc
commit 5d7b9565bc
parent 2991d288db
2 changed files with 12 additions and 3 deletions
--- a/9
+++ b/9
@ -1,3 +1,12 @@
+20130216
+ - OpenBSD CVS Sync
+   - djm@cvs.openbsd.org 2013/02/16 06:08:45
+     [integrity.sh]
+     make sure the fuzz offset is actually past the end of KEX for all KEX
+     types. diffie-hellman-group-exchange-sha256 requires an offset around
+     2700. Noticed via test failures in portable OpenSSH on platforms that
+     lack ECC and this the more byte-frugal ECDH KEX algorithms.
+
 20130215
 - (djm) [contrib/suse/rc.sshd] Use SSHD_BIN consistently; bz#2056 from
   Iain Morgan
--- a/regress/integrity.sh
+++ b/regress/integrity.sh
@ -1,13 +1,13 @@
-#	$OpenBSD: integrity.sh,v 1.2 2013/01/12 11:23:53 djm Exp $
+#	$OpenBSD: integrity.sh,v 1.3 2013/02/16 06:08:45 djm Exp $
 #	Placed in the Public Domain.

 tid="integrity"

-# start at byte 2500 (i.e. after kex) and corrupt at different offsets
+# start at byte 2800 (i.e. after kex) and corrupt at different offsets
 # XXX the test hangs if we modify the low bytes of the packet length
 # XXX and ssh tries to read...
 tries=10
-startoffset=2500
+startoffset=2800
 macs="hmac-sha1 hmac-md5 umac-64@openssh.com umac-128@openssh.com
 	hmac-sha1-96 hmac-md5-96 hmac-sha2-256 hmac-sha2-512
 	hmac-sha1-etm@openssh.com hmac-md5-etm@openssh.com