From 60a4381f1a6ebc2f8eeeb2ba4e005ede91ac9af3 Mon Sep 17 00:00:00 2001 From: Ben Lindstrom Date: Thu, 29 Mar 2001 00:32:56 +0000 Subject: [PATCH] - markus@cvs.openbsd.org 2001/03/27 10:57:00 [compat.c compat.h ssh-rsa.c] some older systems use NID_md5 instead of NID_sha1 for RSASSA-PKCS1-v1_5 signatures in SSH protocol 2, ok djm@ --- ChangeLog | 6 +++++- compat.c | 16 ++++++++++------ compat.h | 3 ++- ssh-rsa.c | 7 ++++--- 4 files changed, 21 insertions(+), 11 deletions(-) diff --git a/ChangeLog b/ChangeLog index 5954eeaa5..c892bd0d8 100644 --- a/ChangeLog +++ b/ChangeLog @@ -12,6 +12,10 @@ - markus@cvs.openbsd.org 2001/03/27 10:34:08 [ssh-rsa.c sshd.c] use EVP_get_digestbynid, reorder some calls and fix missing free. + - markus@cvs.openbsd.org 2001/03/27 10:57:00 + [compat.c compat.h ssh-rsa.c] + some older systems use NID_md5 instead of NID_sha1 for RSASSA-PKCS1-v1_5 + signatures in SSH protocol 2, ok djm@ 20010328 - (djm) Reorder tests and library inclusion for Krb4/AFS to try to @@ -4750,4 +4754,4 @@ - Wrote replacements for strlcpy and mkdtemp - Released 1.0pre1 -$Id: ChangeLog,v 1.1029 2001/03/29 00:31:20 mouring Exp $ +$Id: ChangeLog,v 1.1030 2001/03/29 00:32:56 mouring Exp $ diff --git a/compat.c b/compat.c index 705121c3a..98372e202 100644 --- a/compat.c +++ b/compat.c @@ -23,7 +23,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: compat.c,v 1.40 2001/03/23 11:04:06 djm Exp $"); +RCSID("$OpenBSD: compat.c,v 1.41 2001/03/27 10:57:00 markus Exp $"); #ifdef HAVE_LIBPCRE # include @@ -75,18 +75,22 @@ compat_datafellows(const char *version) { "^OpenSSH", 0 }, { "MindTerm", 0 }, { "^2\\.1\\.0", SSH_BUG_SIGBLOB|SSH_BUG_HMAC| - SSH_OLD_SESSIONID|SSH_BUG_DEBUG }, + SSH_OLD_SESSIONID|SSH_BUG_DEBUG| + SSH_BUG_RSASIGMD5 }, { "^2\\.1 ", SSH_BUG_SIGBLOB|SSH_BUG_HMAC| - SSH_OLD_SESSIONID|SSH_BUG_DEBUG }, + SSH_OLD_SESSIONID|SSH_BUG_DEBUG| + SSH_BUG_RSASIGMD5 }, { "^2\\.0\\.1[3-9]", SSH_BUG_SIGBLOB|SSH_BUG_HMAC| SSH_OLD_SESSIONID|SSH_BUG_DEBUG| SSH_BUG_PKSERVICE|SSH_BUG_X11FWD| - SSH_BUG_PKOK }, + SSH_BUG_PKOK|SSH_BUG_RSASIGMD5 }, { "^2\\.0\\.", SSH_BUG_SIGBLOB|SSH_BUG_HMAC| SSH_OLD_SESSIONID|SSH_BUG_DEBUG| SSH_BUG_PKSERVICE|SSH_BUG_X11FWD| - SSH_BUG_PKAUTH|SSH_BUG_PKOK }, - { "^2\\.[23]\\.0", SSH_BUG_HMAC }, + SSH_BUG_PKAUTH|SSH_BUG_PKOK| + SSH_BUG_RSASIGMD5 }, + { "^2\\.[23]\\.0", SSH_BUG_HMAC|SSH_BUG_RSASIGMD5 }, + { "^2\\.3\\.", SSH_BUG_RSASIGMD5 }, { "^2\\.[2-9]\\.", 0 }, { "^2\\.4$", SSH_OLD_SESSIONID }, /* Van Dyke */ { "^3\\.0 SecureCRT", SSH_OLD_SESSIONID }, diff --git a/compat.h b/compat.h index 707726fa9..03f236117 100644 --- a/compat.h +++ b/compat.h @@ -21,7 +21,7 @@ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ -/* RCSID("$OpenBSD: compat.h,v 1.19 2001/03/23 11:04:06 djm Exp $"); */ +/* RCSID("$OpenBSD: compat.h,v 1.20 2001/03/27 10:57:00 markus Exp $"); */ #ifndef COMPAT_H #define COMPAT_H @@ -44,6 +44,7 @@ #define SSH_BUG_PASSWORDPAD 0x0400 #define SSH_BUG_SCANNER 0x0800 #define SSH_BUG_BIGENDIANAES 0x1000 +#define SSH_BUG_RSASIGMD5 0x2000 void enable_compat13(void); void enable_compat20(void); diff --git a/ssh-rsa.c b/ssh-rsa.c index a2153bd1a..b502ddb6e 100644 --- a/ssh-rsa.c +++ b/ssh-rsa.c @@ -23,7 +23,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: ssh-rsa.c,v 1.7 2001/03/27 10:34:08 markus Exp $"); +RCSID("$OpenBSD: ssh-rsa.c,v 1.8 2001/03/27 10:57:00 markus Exp $"); #include #include @@ -34,6 +34,7 @@ RCSID("$OpenBSD: ssh-rsa.c,v 1.7 2001/03/27 10:34:08 markus Exp $"); #include "bufaux.h" #include "key.h" #include "ssh-rsa.h" +#include "compat.h" /* RSASSA-PKCS1-v1_5 (PKCS #1 v2.0 signature) with SHA1 */ int @@ -53,7 +54,7 @@ ssh_rsa_sign( error("ssh_rsa_sign: no RSA key"); return -1; } - nid = NID_sha1; + nid = (datafellows & SSH_BUG_RSASIGMD5) ? NID_md5 : NID_sha1; if ((evp_md = EVP_get_digestbynid(nid)) == NULL) { error("ssh_rsa_sign: EVP_get_digestbynid %d failed", nid); return -1; @@ -147,7 +148,7 @@ ssh_rsa_verify( error("ssh_rsa_verify: remaining bytes in signature %d", rlen); return -1; } - nid = NID_sha1; + nid = (datafellows & SSH_BUG_RSASIGMD5) ? NID_md5 : NID_sha1; if ((evp_md = EVP_get_digestbynid(nid)) == NULL) { xfree(sigblob); error("ssh_rsa_verify: EVP_get_digestbynid %d failed", nid);