From: djm <djm@openbsd.org>
Date: Thu, 9 Jan 2014 23:26:48 +0000 (+0000)
Subject: ban clients/servers that suffer from SSH_BUG_DERIVEKEY, they are ancient,
X-Git-Url: http://artulab.com/gitweb/?a=commitdiff_plain;h=e220a72538972d78ac9902441559ec8ba75505b6;p=openbsd

ban clients/servers that suffer from SSH_BUG_DERIVEKEY, they are ancient,
deranged and might make some attacks on KEX easier; ok markus@
---

diff --git a/usr.bin/ssh/sshconnect.c b/usr.bin/ssh/sshconnect.c
index 28ea1d0f728..f8ecb785b39 100644
--- a/usr.bin/ssh/sshconnect.c
+++ b/usr.bin/ssh/sshconnect.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: sshconnect.c,v 1.243 2013/12/30 23:52:27 djm Exp $ */
+/* $OpenBSD: sshconnect.c,v 1.244 2014/01/09 23:26:48 djm Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -652,6 +652,9 @@ ssh_exchange_identification(int timeout_ms)
 		fatal("Protocol major versions differ: %d vs. %d",
 		    (options.protocol & SSH_PROTO_2) ? PROTOCOL_MAJOR_2 : PROTOCOL_MAJOR_1,
 		    remote_major);
+	if ((datafellows & SSH_BUG_DERIVEKEY) != 0)
+		fatal("Server version \"%.100s\" uses unsafe key agreement; "
+		    "refusing connection", remote_version);
 	if ((datafellows & SSH_BUG_RSASIGMD5) != 0)
 		logit("Server version \"%.100s\" uses unsafe RSA signature "
 		    "scheme; disabling use of RSA keys", remote_version);
diff --git a/usr.bin/ssh/sshd.c b/usr.bin/ssh/sshd.c
index b4fd3478dbc..658e79eb1ca 100644
--- a/usr.bin/ssh/sshd.c
+++ b/usr.bin/ssh/sshd.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: sshd.c,v 1.413 2013/12/30 23:52:28 djm Exp $ */
+/* $OpenBSD: sshd.c,v 1.414 2014/01/09 23:26:48 djm Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -481,9 +481,14 @@ sshd_exchange_identification(int sock_in, int sock_out)
 		    get_remote_ipaddr(), client_version_string);
 		cleanup_exit(255);
 	}
-	if ((datafellows & SSH_BUG_RSASIGMD5) != 0)
+	if ((datafellows & SSH_BUG_RSASIGMD5) != 0) {
 		logit("Client version \"%.100s\" uses unsafe RSA signature "
 		    "scheme; disabling use of RSA keys", remote_version);
+	}
+	if ((datafellows & SSH_BUG_DERIVEKEY) != 0) {
+		fatal("Client version \"%.100s\" uses unsafe key agreement; "
+		    "refusing connection", remote_version);
+	}
 
 	mismatch = 0;
 	switch (remote_major) {