diff --git a/ChangeLog b/ChangeLog index a6b1ee8fa..3b9dd2f2c 100644 --- a/ChangeLog +++ b/ChangeLog @@ -17,6 +17,9 @@ sftp-glob.h sftp-int.c sftp-server.c sftp.c ssh-keygen.c sshconnect.c sshconnect2.c sshd.c] fix whitespace: unexpand + trailing spaces. + - markus@cvs.openbsd.org 2001/04/05 11:09:17 + [clientloop.c compat.c compat.h] + add SSH_BUG_NOREKEY and detect broken (=all old) openssh versions. 20010405 - OpenBSD CVS Sync @@ -4889,4 +4892,4 @@ - Wrote replacements for strlcpy and mkdtemp - Released 1.0pre1 -$Id: ChangeLog,v 1.1067 2001/04/05 23:26:32 mouring Exp $ +$Id: ChangeLog,v 1.1068 2001/04/05 23:28:36 mouring Exp $ diff --git a/clientloop.c b/clientloop.c index 71eda80e6..41920e0f3 100644 --- a/clientloop.c +++ b/clientloop.c @@ -59,7 +59,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: clientloop.c,v 1.57 2001/04/05 10:42:49 markus Exp $"); +RCSID("$OpenBSD: clientloop.c,v 1.58 2001/04/05 11:09:15 markus Exp $"); #include "ssh.h" #include "ssh1.h" @@ -554,7 +554,7 @@ process_escapes(Buffer *bin, Buffer *bout, Buffer *berr, char *buf, int len) continue; case 'R': - if (compat20) + if (compat20 && !(datafellows && SSH_BUG_NOREKEY)) need_rekeying = 1; continue; diff --git a/compat.c b/compat.c index 85446999a..f96a6c63c 100644 --- a/compat.c +++ b/compat.c @@ -23,7 +23,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: compat.c,v 1.44 2001/04/05 10:00:06 markus Exp $"); +RCSID("$OpenBSD: compat.c,v 1.45 2001/04/05 11:09:16 markus Exp $"); #ifdef HAVE_LIBPCRE # include @@ -69,14 +69,18 @@ compat_datafellows(const char *version) } check[] = { { "^OpenSSH[-_]2\\.[012]", SSH_OLD_SESSIONID|SSH_BUG_BANNER| - SSH_OLD_DHGEX }, + SSH_OLD_DHGEX|SSH_BUG_NOREKEY }, { "^OpenSSH_2\\.3\\.0", SSH_BUG_BANNER|SSH_BUG_BIGENDIANAES| - SSH_OLD_DHGEX}, - { "^OpenSSH_2\\.3\\.", SSH_BUG_BIGENDIANAES|SSH_OLD_DHGEX}, + SSH_OLD_DHGEX|SSH_BUG_NOREKEY}, + { "^OpenSSH_2\\.3\\.", SSH_BUG_BIGENDIANAES|SSH_OLD_DHGEX| + SSH_BUG_NOREKEY}, { "^OpenSSH_2\\.5\\.[01]p1", - SSH_BUG_BIGENDIANAES|SSH_OLD_DHGEX }, + SSH_BUG_BIGENDIANAES|SSH_OLD_DHGEX| + SSH_BUG_NOREKEY }, { "^OpenSSH_2\\.5\\.[012]", - SSH_OLD_DHGEX }, + SSH_OLD_DHGEX|SSH_BUG_NOREKEY }, + { "^OpenSSH_2\\.5\\.3", + SSH_BUG_NOREKEY }, { "^OpenSSH", 0 }, { "MindTerm", 0 }, { "^2\\.1\\.0", SSH_BUG_SIGBLOB|SSH_BUG_HMAC| diff --git a/compat.h b/compat.h index e4ca5c1bc..244cd1aa7 100644 --- a/compat.h +++ b/compat.h @@ -21,7 +21,7 @@ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ -/* RCSID("$OpenBSD: compat.h,v 1.21 2001/03/27 17:46:49 provos Exp $"); */ +/* RCSID("$OpenBSD: compat.h,v 1.22 2001/04/05 11:09:17 markus Exp $"); */ #ifndef COMPAT_H #define COMPAT_H @@ -46,6 +46,7 @@ #define SSH_BUG_BIGENDIANAES 0x1000 #define SSH_BUG_RSASIGMD5 0x2000 #define SSH_OLD_DHGEX 0x4000 +#define SSH_BUG_NOREKEY 0x8000 void enable_compat13(void); void enable_compat20(void);