Rivoreo Source Code Repositories
src.rivoreo.one / security / openssh-library / 9395b28223334826837c15e8c1bb4dfb3b0d2ca5
commit9395b28223334826837c15e8c1bb4dfb3b0d2ca5[log] [download]
authorDamien Miller <djm@mindrot.org>Sun Apr 20 13:25:30 2014 +1000
committerDamien Miller <djm@mindrot.org>Sun Apr 20 13:25:30 2014 +1000
treeeea6ad14b14f5fe4f3eb0b791a76f73b706635dc
parent8c492da58f8ceb85cf5f7066f23e26fb813a963d [diff]
   - djm@cvs.openbsd.org 2014/04/18 23:52:25
     [compat.c compat.h sshconnect2.c sshd.c version.h]
     OpenSSH 6.5 and 6.6 have a bug that causes ~0.2% of connections
     using the curve25519-sha256@libssh.org KEX exchange method to fail
     when connecting with something that implements the spec properly.

     Disable this KEX method when speaking to one of the affected
     versions.

     reported by Aris Adamantiadis; ok markus@
6 files changed
tree: eea6ad14b14f5fe4f3eb0b791a76f73b706635dc
  1. .cvsignore
  2. CREDITS
  3. ChangeLog
  4. INSTALL
  5. LICENCE
  6. Makefile.in
  7. OVERVIEW
  8. PROTOCOL
  9. PROTOCOL.agent
  10. PROTOCOL.certkeys
  11. PROTOCOL.chacha20poly1305
  12. PROTOCOL.key
  13. PROTOCOL.krl
  14. PROTOCOL.mux
  15. README
  16. README.dns
  17. README.platform
  18. README.privsep
  19. README.tun
  20. TODO
  21. aclocal.m4
  22. addrmatch.c
  23. atomicio.c
  24. atomicio.h
  25. audit-bsm.c
  26. audit-linux.c
  27. audit.c
  28. audit.h
  29. auth-bsdauth.c
  30. auth-chall.c
  31. auth-krb5.c
  32. auth-options.c
  33. auth-options.h
  34. auth-pam.c
  35. auth-pam.h
  36. auth-passwd.c
  37. auth-rh-rsa.c
  38. auth-rhosts.c
  39. auth-rsa.c
  40. auth-shadow.c
  41. auth-sia.c
  42. auth-sia.h
  43. auth-skey.c
  44. auth.c
  45. auth.h
  46. auth1.c
  47. auth2-chall.c
  48. auth2-gss.c
  49. auth2-hostbased.c
  50. auth2-kbdint.c
  51. auth2-none.c
  52. auth2-passwd.c
  53. auth2-pubkey.c
  54. auth2.c
  55. authfd.c
  56. authfd.h
  57. authfile.c
  58. authfile.h
  59. blocks.c
  60. bufaux.c
  61. bufbn.c
  62. bufec.c
  63. buffer.c
  64. buffer.h
  65. buildpkg.sh.in
  66. canohost.c
  67. canohost.h
  68. chacha.c
  69. chacha.h
  70. channels.c
  71. channels.h
  72. cipher-3des1.c
  73. cipher-aes.c
  74. cipher-bf1.c
  75. cipher-chachapoly.c
  76. cipher-chachapoly.h
  77. cipher-ctr.c
  78. cipher.c
  79. cipher.h
  80. cleanup.c
  81. clientloop.c
  82. clientloop.h
  83. compat.c
  84. compat.h
  85. compress.c
  86. compress.h
  87. config.guess
  88. config.sub
  89. configure.ac
  90. contrib/
  91. crc32.c
  92. crc32.h
  93. crypto_api.h
  94. deattack.c
  95. deattack.h
  96. defines.h
  97. dh.c
  98. dh.h
  99. digest-libc.c
  100. digest-openssl.c
  101. digest.h
  102. dispatch.c
  103. dispatch.h
  104. dns.c
  105. dns.h
  106. ed25519.c
  107. entropy.c
  108. entropy.h
  109. fatal.c
  110. fe25519.c
  111. fe25519.h
  112. fixalgorithms
  113. fixpaths
  114. fixprogs
  115. ge25519.c
  116. ge25519.h
  117. ge25519_base.data
  118. groupaccess.c
  119. groupaccess.h
  120. gss-genr.c
  121. gss-serv-krb5.c
  122. gss-serv.c
  123. hash.c
  124. hmac.c
  125. hmac.h
  126. hostfile.c
  127. hostfile.h
  128. includes.h
  129. install-sh
  130. kex.c
  131. kex.h
  132. kexc25519.c
  133. kexc25519c.c
  134. kexc25519s.c
  135. kexdh.c
  136. kexdhc.c
  137. kexdhs.c
  138. kexecdh.c
  139. kexecdhc.c
  140. kexecdhs.c
  141. kexgex.c
  142. kexgexc.c
  143. kexgexs.c
  144. key.c
  145. key.h
  146. krl.c
  147. krl.h
  148. log.c
  149. log.h
  150. loginrec.c
  151. loginrec.h
  152. logintest.c
  153. mac.c
  154. mac.h
  155. match.c
  156. match.h
  157. md-sha256.c
  158. md5crypt.c
  159. md5crypt.h
  160. mdoc2man.awk
  161. misc.c
  162. misc.h
  163. mkinstalldirs
  164. moduli
  165. moduli.5
  166. moduli.c
  167. monitor.c
  168. monitor.h
  169. monitor_fdpass.c
  170. monitor_fdpass.h
  171. monitor_mm.c
  172. monitor_mm.h
  173. monitor_wrap.c
  174. monitor_wrap.h
  175. msg.c
  176. msg.h
  177. mux.c
  178. myproposal.h
  179. nchan.c
  180. nchan.ms
  181. nchan2.ms
  182. openbsd-compat/
  183. openssh.xml.in
  184. opensshd.init.in
  185. packet.c
  186. packet.h
  187. pathnames.h
  188. pkcs11.h
  189. platform.c
  190. platform.h
  191. poly1305.c
  192. poly1305.h
  193. progressmeter.c
  194. progressmeter.h
  195. readconf.c
  196. readconf.h
  197. readpass.c
  198. regress/
  199. rijndael.c
  200. rijndael.h
  201. roaming.h
  202. roaming_client.c
  203. roaming_common.c
  204. roaming_dummy.c
  205. roaming_serv.c
  206. rsa.c
  207. rsa.h
  208. sandbox-capsicum.c
  209. sandbox-darwin.c
  210. sandbox-null.c
  211. sandbox-rlimit.c
  212. sandbox-seccomp-filter.c
  213. sandbox-systrace.c
  214. sc25519.c
  215. sc25519.h
  216. scard/
  217. scp.1
  218. scp.c
  219. servconf.c
  220. servconf.h
  221. serverloop.c
  222. serverloop.h
  223. session.c
  224. session.h
  225. sftp-client.c
  226. sftp-client.h
  227. sftp-common.c
  228. sftp-common.h
  229. sftp-glob.c
  230. sftp-server-main.c
  231. sftp-server.8
  232. sftp-server.c
  233. sftp.1
  234. sftp.c
  235. sftp.h
  236. smult_curve25519_ref.c
  237. ssh-add.1
  238. ssh-add.c
  239. ssh-agent.1
  240. ssh-agent.c
  241. ssh-dss.c
  242. ssh-ecdsa.c
  243. ssh-ed25519.c
  244. ssh-gss.h
  245. ssh-keygen.1
  246. ssh-keygen.c
  247. ssh-keyscan.1
  248. ssh-keyscan.c
  249. ssh-keysign.8
  250. ssh-keysign.c
  251. ssh-pkcs11-client.c
  252. ssh-pkcs11-helper.8
  253. ssh-pkcs11-helper.c
  254. ssh-pkcs11.c
  255. ssh-pkcs11.h
  256. ssh-rsa.c
  257. ssh-sandbox.h
  258. ssh.1
  259. ssh.c
  260. ssh.h
  261. ssh1.h
  262. ssh2.h
  263. ssh_config
  264. ssh_config.5
  265. sshconnect.c
  266. sshconnect.h
  267. sshconnect1.c
  268. sshconnect2.c
  269. sshd.8
  270. sshd.c
  271. sshd_config
  272. sshd_config.5
  273. sshlogin.c
  274. sshlogin.h
  275. sshpty.c
  276. sshpty.h
  277. sshtty.c
  278. survey.sh.in
  279. ttymodes.c
  280. ttymodes.h
  281. uidswap.c
  282. uidswap.h
  283. umac.c
  284. umac.h
  285. uuencode.c
  286. uuencode.h
  287. verify.c
  288. version.h
  289. xmalloc.c
  290. xmalloc.h