summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorMarkus Friedl <markus@cvs.openbsd.org>2001-02-11 12:59:27 +0000
committerMarkus Friedl <markus@cvs.openbsd.org>2001-02-11 12:59:27 +0000
commit6cd470778fe498d5509d5098522743c94a3f3a81 (patch)
tree803d6ea76487c5272d9bca5d3a8e4ddf9ebe05c2
parent8892fc1a51799002a13e596d5e2d4b118335553b (diff)
1) clean up the MAC support for SSH-2
2) allow you to specify the MAC with 'ssh -m' 3) or the 'MACs' keyword in ssh(d)_config 4) add hmac-{md5,sha1}-96 ok stevesk@, provos@
-rw-r--r--usr.bin/ssh/hmac.c56
-rw-r--r--usr.bin/ssh/kex.c17
-rw-r--r--usr.bin/ssh/kex.h6
-rw-r--r--usr.bin/ssh/lib/Makefile4
-rw-r--r--usr.bin/ssh/mac.c114
-rw-r--r--usr.bin/ssh/mac.h (renamed from usr.bin/ssh/hmac.h)18
-rw-r--r--usr.bin/ssh/myproposal.h7
-rw-r--r--usr.bin/ssh/packet.c25
-rw-r--r--usr.bin/ssh/readconf.c20
-rw-r--r--usr.bin/ssh/readconf.h3
-rw-r--r--usr.bin/ssh/servconf.c19
-rw-r--r--usr.bin/ssh/servconf.h7
-rw-r--r--usr.bin/ssh/ssh.122
-rw-r--r--usr.bin/ssh/ssh.c14
-rw-r--r--usr.bin/ssh/sshconnect2.c10
-rw-r--r--usr.bin/ssh/sshd.813
-rw-r--r--usr.bin/ssh/sshd.c6
17 files changed, 243 insertions, 118 deletions
diff --git a/usr.bin/ssh/hmac.c b/usr.bin/ssh/hmac.c
deleted file mode 100644
index 831dd243a35..00000000000
--- a/usr.bin/ssh/hmac.c
+++ /dev/null
@@ -1,56 +0,0 @@
-/*
- * Copyright (c) 2000 Markus Friedl. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- *
- * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
- * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
- * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
- * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
- * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
- * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
- * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
- * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
- * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
- */
-
-#include "includes.h"
-RCSID("$OpenBSD: hmac.c,v 1.7 2001/02/08 19:30:51 itojun Exp $");
-
-#include "xmalloc.h"
-#include "getput.h"
-#include "log.h"
-
-#include <openssl/hmac.h>
-
-#include "hmac.h"
-
-u_char *
-hmac(
- EVP_MD *evp_md,
- u_int seqno,
- u_char *data, int datalen,
- u_char *key, int keylen)
-{
- HMAC_CTX c;
- static u_char m[EVP_MAX_MD_SIZE];
- u_char b[4];
-
- if (key == NULL)
- fatal("hmac: no key");
- HMAC_Init(&c, key, keylen, evp_md);
- PUT_32BIT(b, seqno);
- HMAC_Update(&c, b, sizeof b);
- HMAC_Update(&c, data, datalen);
- HMAC_Final(&c, m, NULL);
- HMAC_cleanup(&c);
- return(m);
-}
diff --git a/usr.bin/ssh/kex.c b/usr.bin/ssh/kex.c
index 7c1326ed09e..1038546cadf 100644
--- a/usr.bin/ssh/kex.c
+++ b/usr.bin/ssh/kex.c
@@ -23,7 +23,7 @@
*/
#include "includes.h"
-RCSID("$OpenBSD: kex.c,v 1.20 2001/02/08 19:30:51 itojun Exp $");
+RCSID("$OpenBSD: kex.c,v 1.21 2001/02/11 12:59:24 markus Exp $");
#include <openssl/crypto.h>
#include <openssl/bio.h>
@@ -41,6 +41,7 @@ RCSID("$OpenBSD: kex.c,v 1.20 2001/02/08 19:30:51 itojun Exp $");
#include "kex.h"
#include "key.h"
#include "log.h"
+#include "mac.h"
#define KEX_COOKIE_LEN 16
@@ -412,18 +413,12 @@ choose_mac(Mac *mac, char *client, char *server)
char *name = get_match(client, server);
if (name == NULL)
fatal("no matching mac found: client %s server %s", client, server);
- if (strcmp(name, "hmac-md5") == 0) {
- mac->md = EVP_md5();
- } else if (strcmp(name, "hmac-sha1") == 0) {
- mac->md = EVP_sha1();
- } else if (strcmp(name, "hmac-ripemd160@openssh.com") == 0) {
- mac->md = EVP_ripemd160();
- } else {
+ if (mac_init(mac, name) < 0)
fatal("unsupported mac %s", name);
- }
+ /* truncate the key */
+ if (datafellows & SSH_BUG_HMAC)
+ mac->key_len = 16;
mac->name = name;
- mac->mac_len = mac->md->md_size;
- mac->key_len = (datafellows & SSH_BUG_HMAC) ? 16 : mac->mac_len;
mac->key = NULL;
mac->enabled = 0;
}
diff --git a/usr.bin/ssh/kex.h b/usr.bin/ssh/kex.h
index d8f37c1a67d..90496fbdf46 100644
--- a/usr.bin/ssh/kex.h
+++ b/usr.bin/ssh/kex.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: kex.h,v 1.13 2001/02/04 15:32:24 stevesk Exp $ */
+/* $OpenBSD: kex.h,v 1.14 2001/02/11 12:59:24 markus Exp $ */
/*
* Copyright (c) 2000 Markus Friedl. All rights reserved.
@@ -26,9 +26,11 @@
#ifndef KEX_H
#define KEX_H
+#include <openssl/evp.h>
+#include "buffer.h"
+
#define KEX_DH1 "diffie-hellman-group1-sha1"
#define KEX_DHGEX "diffie-hellman-group-exchange-sha1"
-#define KEX_DSS "ssh-dss"
enum kex_init_proposals {
PROPOSAL_KEX_ALGS,
diff --git a/usr.bin/ssh/lib/Makefile b/usr.bin/ssh/lib/Makefile
index dd6dbda8765..439049470c6 100644
--- a/usr.bin/ssh/lib/Makefile
+++ b/usr.bin/ssh/lib/Makefile
@@ -1,4 +1,4 @@
-# $OpenBSD: Makefile,v 1.19 2001/01/29 01:58:19 niklas Exp $
+# $OpenBSD: Makefile,v 1.20 2001/02/11 12:59:26 markus Exp $
.PATH: ${.CURDIR}/..
@@ -7,7 +7,7 @@ SRCS= authfd.c authfile.c bufaux.c buffer.c canohost.c channels.c \
cipher.c compat.c compress.c crc32.c deattack.c \
hostfile.c log.c match.c mpaux.c nchan.c packet.c readpass.c \
rsa.c tildexpand.c ttymodes.c uidswap.c xmalloc.c atomicio.c \
- key.c dispatch.c kex.c hmac.c uuencode.c misc.c \
+ key.c dispatch.c kex.c mac.c uuencode.c misc.c \
cli.c rijndael.c ssh-dss.c ssh-rsa.c
NOPROFILE= yes
diff --git a/usr.bin/ssh/mac.c b/usr.bin/ssh/mac.c
new file mode 100644
index 00000000000..3ff107c8a64
--- /dev/null
+++ b/usr.bin/ssh/mac.c
@@ -0,0 +1,114 @@
+/*
+ * Copyright (c) 2001 Markus Friedl. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
+ * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
+ * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
+ * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
+ * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
+ * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include "includes.h"
+RCSID("$OpenBSD: mac.c,v 1.1 2001/02/11 12:59:24 markus Exp $");
+
+#include <openssl/hmac.h>
+
+#include "xmalloc.h"
+#include "getput.h"
+#include "log.h"
+#include "cipher.h"
+#include "kex.h"
+#include "mac.h"
+
+struct {
+ char *name;
+ EVP_MD * (*mdfunc)(void);
+ int truncatebits; /* truncate digest if != 0 */
+} macs[] = {
+ { "hmac-sha1", EVP_sha1, 0, },
+ { "hmac-sha1-96", EVP_sha1, 96 },
+ { "hmac-md5", EVP_md5, 0 },
+ { "hmac-md5-96", EVP_md5, 96 },
+ { "hmac-ripemd160", EVP_ripemd160, 0 },
+ { "hmac-ripemd160@openssh.com", EVP_ripemd160, 0 },
+ { NULL, NULL, 0 }
+};
+
+int
+mac_init(Mac *mac, char *name)
+{
+ int i;
+ for (i = 0; macs[i].name; i++) {
+ if (strcmp(name, macs[i].name) == 0) {
+ if (mac != NULL) {
+ mac->md = (*macs[i].mdfunc)();
+ mac->key_len = mac->mac_len = mac->md->md_size;
+ if (macs[i].truncatebits != 0)
+ mac->mac_len = macs[i].truncatebits/8;
+ }
+ debug2("mac_init: found %s", name);
+ return (0);
+ }
+ }
+ debug2("mac_init: unknown %s", name);
+ return (-1);
+}
+
+u_char *
+mac_compute(Mac *mac, u_int32_t seqno, u_char *data, int datalen)
+{
+ HMAC_CTX c;
+ static u_char m[EVP_MAX_MD_SIZE];
+ u_char b[4];
+
+ if (mac->key == NULL)
+ fatal("mac_compute: no key");
+ if (mac->mac_len > sizeof(m))
+ fatal("mac_compute: mac too long");
+ HMAC_Init(&c, mac->key, mac->key_len, mac->md);
+ PUT_32BIT(b, seqno);
+ HMAC_Update(&c, b, sizeof(b));
+ HMAC_Update(&c, data, datalen);
+ HMAC_Final(&c, m, NULL);
+ HMAC_cleanup(&c);
+ return (m);
+}
+
+/* XXX copied from ciphers_valid */
+#define MAC_SEP ","
+int
+mac_valid(const char *names)
+{
+ char *maclist, *cp, *p;
+
+ if (names == NULL || strcmp(names, "") == 0)
+ return (0);
+ maclist = cp = xstrdup(names);
+ for ((p = strsep(&cp, MAC_SEP)); p && *p != '\0';
+ (p = strsep(&cp, MAC_SEP))) {
+ if (mac_init(NULL, p) < 0) {
+ debug("bad mac %s [%s]", p, names);
+ xfree(maclist);
+ return (0);
+ } else {
+ debug3("mac ok: %s [%s]", p, names);
+ }
+ }
+ debug3("macs ok: [%s]", names);
+ xfree(maclist);
+ return (1);
+}
diff --git a/usr.bin/ssh/hmac.h b/usr.bin/ssh/mac.h
index d9dc048a74b..6173eaa66a4 100644
--- a/usr.bin/ssh/hmac.h
+++ b/usr.bin/ssh/mac.h
@@ -1,7 +1,6 @@
-/* $OpenBSD: hmac.h,v 1.4 2001/01/29 01:58:15 niklas Exp $ */
-
+/* $OpenBSD: mac.h,v 1.1 2001/02/11 12:59:24 markus Exp $ */
/*
- * Copyright (c) 2000 Markus Friedl. All rights reserved.
+ * Copyright (c) 2001 Markus Friedl. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@@ -23,14 +22,7 @@
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
-#ifndef HMAC_H
-#define HMAC_H
-
-u_char *
-hmac(
- EVP_MD *evp_md,
- u_int seqno,
- u_char *data, int datalen,
- u_char *key, int len);
-#endif
+int mac_valid(const char *names);
+int mac_init(Mac *mac, char *name);
+u_char *mac_compute(Mac *mac, u_int32_t seqno, u_char *data, int datalen);
diff --git a/usr.bin/ssh/myproposal.h b/usr.bin/ssh/myproposal.h
index 9dfecdafc13..03f76839bda 100644
--- a/usr.bin/ssh/myproposal.h
+++ b/usr.bin/ssh/myproposal.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: myproposal.h,v 1.10 2001/01/29 01:58:17 niklas Exp $ */
+/* $OpenBSD: myproposal.h,v 1.11 2001/02/11 12:59:24 markus Exp $ */
/*
* Copyright (c) 2000 Markus Friedl. All rights reserved.
@@ -30,7 +30,10 @@
"aes128-cbc,aes192-cbc,aes256-cbc," \
"rijndael128-cbc,rijndael192-cbc,rijndael256-cbc," \
"rijndael-cbc@lysator.liu.se"
-#define KEX_DEFAULT_MAC "hmac-sha1,hmac-md5,hmac-ripemd160@openssh.com"
+#define KEX_DEFAULT_MAC \
+ "hmac-sha1,hmac-md5,hmac-ripemd160," \
+ "hmac-ripemd160@openssh.com," \
+ "hmac-sha1-96,hmac-md5-96"
#define KEX_DEFAULT_COMP "none,zlib"
#define KEX_DEFAULT_LANG ""
diff --git a/usr.bin/ssh/packet.c b/usr.bin/ssh/packet.c
index f34ec700dd5..5b42e8d603a 100644
--- a/usr.bin/ssh/packet.c
+++ b/usr.bin/ssh/packet.c
@@ -37,7 +37,7 @@
*/
#include "includes.h"
-RCSID("$OpenBSD: packet.c,v 1.49 2001/02/08 19:30:52 itojun Exp $");
+RCSID("$OpenBSD: packet.c,v 1.50 2001/02/11 12:59:25 markus Exp $");
#include "xmalloc.h"
#include "buffer.h"
@@ -54,12 +54,9 @@ RCSID("$OpenBSD: packet.c,v 1.49 2001/02/08 19:30:52 itojun Exp $");
#include "ssh1.h"
#include "ssh2.h"
-#include <openssl/bn.h>
-#include <openssl/dh.h>
-#include <openssl/hmac.h>
#include "cipher.h"
#include "kex.h"
-#include "hmac.h"
+#include "mac.h"
#include "log.h"
#include "canohost.h"
@@ -531,12 +528,12 @@ packet_send1(void)
void
packet_send2(void)
{
+ static u_int32_t seqnr = 0;
u_char *macbuf = NULL;
char *cp;
u_int packet_length = 0;
u_int i, padlen, len;
u_int32_t rand = 0;
- static u_int seqnr = 0;
int type;
Enc *enc = NULL;
Mac *mac = NULL;
@@ -604,11 +601,9 @@ packet_send2(void)
/* compute MAC over seqnr and packet(length fields, payload, padding) */
if (mac && mac->enabled) {
- macbuf = hmac( mac->md, seqnr,
+ macbuf = mac_compute(mac, seqnr,
(u_char *) buffer_ptr(&outgoing_packet),
- buffer_len(&outgoing_packet),
- mac->key, mac->key_len
- );
+ buffer_len(&outgoing_packet));
DBG(debug("done calc MAC out #%d", seqnr));
}
/* encrypt packet and append to output buffer. */
@@ -818,12 +813,12 @@ packet_read_poll1(int *payload_len_ptr)
int
packet_read_poll2(int *payload_len_ptr)
{
+ static u_int32_t seqnr = 0;
+ static u_int packet_length = 0;
u_int padlen, need;
u_char buf[8], *macbuf;
u_char *ucp;
char *cp;
- static u_int packet_length = 0;
- static u_int seqnr = 0;
int type;
int maclen, block_size;
Enc *enc = NULL;
@@ -883,11 +878,9 @@ packet_read_poll2(int *payload_len_ptr)
* increment sequence number for incoming packet
*/
if (mac && mac->enabled) {
- macbuf = hmac( mac->md, seqnr,
+ macbuf = mac_compute(mac, seqnr,
(u_char *) buffer_ptr(&incoming_packet),
- buffer_len(&incoming_packet),
- mac->key, mac->key_len
- );
+ buffer_len(&incoming_packet));
if (memcmp(macbuf, buffer_ptr(&input), mac->mac_len) != 0)
packet_disconnect("Corrupted MAC on input.");
DBG(debug("MAC #%d ok", seqnr));
diff --git a/usr.bin/ssh/readconf.c b/usr.bin/ssh/readconf.c
index 889fef4828e..359b8264982 100644
--- a/usr.bin/ssh/readconf.c
+++ b/usr.bin/ssh/readconf.c
@@ -12,7 +12,7 @@
*/
#include "includes.h"
-RCSID("$OpenBSD: readconf.c,v 1.61 2001/02/08 14:39:36 deraadt Exp $");
+RCSID("$OpenBSD: readconf.c,v 1.62 2001/02/11 12:59:25 markus Exp $");
#include "ssh.h"
#include "xmalloc.h"
@@ -23,6 +23,8 @@ RCSID("$OpenBSD: readconf.c,v 1.61 2001/02/08 14:39:36 deraadt Exp $");
#include "readconf.h"
#include "match.h"
#include "misc.h"
+#include "kex.h"
+#include "mac.h"
/* Format of the configuration file:
@@ -105,7 +107,7 @@ typedef enum {
oGlobalKnownHostsFile, oUserKnownHostsFile, oConnectionAttempts,
oBatchMode, oCheckHostIP, oStrictHostKeyChecking, oCompression,
oCompressionLevel, oKeepAlives, oNumberOfPasswordPrompts,
- oUsePrivilegedPort, oLogLevel, oCiphers, oProtocol,
+ oUsePrivilegedPort, oLogLevel, oCiphers, oProtocol, oMacs,
oGlobalKnownHostsFile2, oUserKnownHostsFile2, oPubkeyAuthentication,
oKbdInteractiveAuthentication, oKbdInteractiveDevices, oHostKeyAlias
} OpCodes;
@@ -148,6 +150,7 @@ static struct {
{ "port", oPort },
{ "cipher", oCipher },
{ "ciphers", oCiphers },
+ { "macs", oMacs },
{ "protocol", oProtocol },
{ "remoteforward", oRemoteForward },
{ "localforward", oLocalForward },
@@ -500,6 +503,17 @@ parse_int:
options->ciphers = xstrdup(arg);
break;
+ case oMacs:
+ arg = strdelim(&s);
+ if (!arg || *arg == '\0')
+ fatal("%.200s line %d: Missing argument.", filename, linenum);
+ if (!mac_valid(arg))
+ fatal("%.200s line %d: Bad SSH2 Mac spec '%s'.",
+ filename, linenum, arg ? arg : "<NONE>");
+ if (*activep && options->macs == NULL)
+ options->macs = xstrdup(arg);
+ break;
+
case oProtocol:
intptr = &options->protocol;
arg = strdelim(&s);
@@ -691,6 +705,7 @@ initialize_options(Options * options)
options->number_of_password_prompts = -1;
options->cipher = -1;
options->ciphers = NULL;
+ options->macs = NULL;
options->protocol = SSH_PROTO_UNKNOWN;
options->num_identity_files = 0;
options->hostname = NULL;
@@ -779,6 +794,7 @@ fill_default_options(Options * options)
if (options->cipher == -1)
options->cipher = SSH_CIPHER_NOT_SET;
/* options->ciphers, default set in myproposals.h */
+ /* options->macs, default set in myproposals.h */
if (options->protocol == SSH_PROTO_UNKNOWN)
options->protocol = SSH_PROTO_1|SSH_PROTO_2|SSH_PROTO_1_PREFERRED;
if (options->num_identity_files == 0) {
diff --git a/usr.bin/ssh/readconf.h b/usr.bin/ssh/readconf.h
index 241b7165c0a..575b2646da9 100644
--- a/usr.bin/ssh/readconf.h
+++ b/usr.bin/ssh/readconf.h
@@ -11,7 +11,7 @@
* called by a name other than "ssh" or "Secure Shell".
*/
-/* RCSID("$OpenBSD: readconf.h,v 1.25 2001/01/22 23:06:39 markus Exp $"); */
+/* RCSID("$OpenBSD: readconf.h,v 1.26 2001/02/11 12:59:25 markus Exp $"); */
#ifndef READCONF_H
#define READCONF_H
@@ -68,6 +68,7 @@ typedef struct {
* prompts. */
int cipher; /* Cipher to use. */
char *ciphers; /* SSH2 ciphers in order of preference. */
+ char *macs; /* SSH2 macs in order of preference. */
int protocol; /* Protocol in order of preference. */
char *hostname; /* Real host to connect. */
char *host_key_alias; /* hostname alias for .ssh/known_hosts */
diff --git a/usr.bin/ssh/servconf.c b/usr.bin/ssh/servconf.c
index 59687e16d9b..43a2c111e62 100644
--- a/usr.bin/ssh/servconf.c
+++ b/usr.bin/ssh/servconf.c
@@ -10,7 +10,7 @@
*/
#include "includes.h"
-RCSID("$OpenBSD: servconf.c,v 1.65 2001/02/04 15:32:24 stevesk Exp $");
+RCSID("$OpenBSD: servconf.c,v 1.66 2001/02/11 12:59:25 markus Exp $");
#ifdef KRB4
#include <krb.h>
@@ -28,6 +28,8 @@ RCSID("$OpenBSD: servconf.c,v 1.65 2001/02/04 15:32:24 stevesk Exp $");
#include "tildexpand.h"
#include "misc.h"
#include "cipher.h"
+#include "kex.h"
+#include "mac.h"
/* add listen address */
void add_listen_addr(ServerOptions *options, char *addr);
@@ -85,6 +87,7 @@ initialize_server_options(ServerOptions *options)
options->num_allow_groups = 0;
options->num_deny_groups = 0;
options->ciphers = NULL;
+ options->macs = NULL;
options->protocol = SSH_PROTO_UNKNOWN;
options->gateway_ports = -1;
options->num_subsystems = 0;
@@ -209,7 +212,7 @@ typedef enum {
sStrictModes, sEmptyPasswd, sRandomSeedFile, sKeepAlives, sCheckMail,
sUseLogin, sAllowTcpForwarding,
sAllowUsers, sDenyUsers, sAllowGroups, sDenyGroups,
- sIgnoreUserKnownHosts, sCiphers, sProtocol, sPidFile,
+ sIgnoreUserKnownHosts, sCiphers, sMacs, sProtocol, sPidFile,
sGatewayPorts, sPubkeyAuthentication, sXAuthLocation, sSubsystem, sMaxStartups,
sBanner, sReverseMappingCheck
} ServerOpCodes;
@@ -266,6 +269,7 @@ static struct {
{ "allowgroups", sAllowGroups },
{ "denygroups", sDenyGroups },
{ "ciphers", sCiphers },
+ { "macs", sMacs },
{ "protocol", sProtocol },
{ "gatewayports", sGatewayPorts },
{ "subsystem", sSubsystem },
@@ -658,6 +662,17 @@ parse_flag:
options->ciphers = xstrdup(arg);
break;
+ case sMacs:
+ arg = strdelim(&cp);
+ if (!arg || *arg == '\0')
+ fatal("%s line %d: Missing argument.", filename, linenum);
+ if (!mac_valid(arg))
+ fatal("%s line %d: Bad SSH2 mac spec '%s'.",
+ filename, linenum, arg ? arg : "<NONE>");
+ if (options->macs == NULL)
+ options->macs = xstrdup(arg);
+ break;
+
case sProtocol:
intptr = &options->protocol;
arg = strdelim(&cp);
diff --git a/usr.bin/ssh/servconf.h b/usr.bin/ssh/servconf.h
index e7abb94d8ea..8236a639189 100644
--- a/usr.bin/ssh/servconf.h
+++ b/usr.bin/ssh/servconf.h
@@ -11,7 +11,7 @@
* called by a name other than "ssh" or "Secure Shell".
*/
-/* RCSID("$OpenBSD: servconf.h,v 1.36 2001/02/03 10:08:37 markus Exp $"); */
+/* RCSID("$OpenBSD: servconf.h,v 1.37 2001/02/11 12:59:25 markus Exp $"); */
#ifndef SERVCONF_H
#define SERVCONF_H
@@ -50,8 +50,9 @@ typedef struct {
char *xauth_location; /* Location of xauth program */
int strict_modes; /* If true, require string home dir modes. */
int keepalives; /* If true, set SO_KEEPALIVE. */
- char *ciphers; /* Ciphers in order of preference. */
- int protocol; /* Protocol in order of preference. */
+ char *ciphers; /* Supported SSH2 ciphers. */
+ char *macs; /* Supported SSH2 macs. */
+ int protocol; /* Supported protocol versions. */
int gateway_ports; /* If true, allow remote connects to forwarded ports. */
SyslogFacility log_facility; /* Facility for system logging. */
LogLevel log_level; /* Level for system logging. */
diff --git a/usr.bin/ssh/ssh.1 b/usr.bin/ssh/ssh.1
index dc177c8ba47..eeeab9bd15a 100644
--- a/usr.bin/ssh/ssh.1
+++ b/usr.bin/ssh/ssh.1
@@ -34,7 +34,7 @@
.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
.\"
-.\" $OpenBSD: ssh.1,v 1.90 2001/02/10 16:03:29 markus Exp $
+.\" $OpenBSD: ssh.1,v 1.91 2001/02/11 12:59:25 markus Exp $
.Dd September 25, 1999
.Dt SSH 1
.Os
@@ -53,6 +53,7 @@
.Op Fl e Ar escape_char
.Op Fl i Ar identity_file
.Op Fl l Ar login_name
+.Op Fl m Ar mac_spec
.Op Fl o Ar option
.Op Fl p Ar port
.Oo Fl L Xo
@@ -425,6 +426,13 @@ This may also be specified on a per-host basis in the configuration file.
.It Fl l Ar login_name
Specifies the user to log in as on the remote machine.
This also may be specified on a per-host basis in the configuration file.
+.It Fl m Ar mac_spec
+Additionally, for protocol version 2 a comma-separated list of MAC
+(message authentication code) algorithms can
+be specified in order of preference.
+See the
+.Cm MACs
+keyword for more information.
.It Fl n
Redirects stdin from
.Pa /dev/null
@@ -814,6 +822,18 @@ Gives the verbosity level that is used when logging messages from
The possible values are:
QUIET, FATAL, ERROR, INFO, VERBOSE and DEBUG.
The default is INFO.
+.It Cm MACs
+Specifies the MAC (message authentication code) algorithms
+in order of preference.
+The MAC algorithm is used in protocol version 2
+for data integrity protection.
+Multiple algorithms must be comma-separated.
+The default is
+.Pp
+.Bd -literal
+ ``hmac-sha1,hmac-md5,hmac-ripemd160,hmac-ripemd160@openssh.com,
+ hmac-sha1-96,hmac-md5-96''
+.Ed
.It Cm NumberOfPasswordPrompts
Specifies the number of password prompts before giving up.
The argument to this keyword must be an integer.
diff --git a/usr.bin/ssh/ssh.c b/usr.bin/ssh/ssh.c
index 5dd9a8bef3f..ec76e060310 100644
--- a/usr.bin/ssh/ssh.c
+++ b/usr.bin/ssh/ssh.c
@@ -39,7 +39,7 @@
*/
#include "includes.h"
-RCSID("$OpenBSD: ssh.c,v 1.94 2001/02/10 01:46:28 markus Exp $");
+RCSID("$OpenBSD: ssh.c,v 1.95 2001/02/11 12:59:25 markus Exp $");
#include <openssl/evp.h>
#include <openssl/err.h>
@@ -65,6 +65,8 @@ RCSID("$OpenBSD: ssh.c,v 1.94 2001/02/10 01:46:28 markus Exp $");
#include "tildexpand.h"
#include "dispatch.h"
#include "misc.h"
+#include "kex.h"
+#include "mac.h"
extern char *__progname;
@@ -292,7 +294,7 @@ main(int ac, char **av)
opt = av[optind][1];
if (!opt)
usage();
- if (strchr("eilcpLRo", opt)) { /* options with arguments */
+ if (strchr("eilcmpLRo", opt)) { /* options with arguments */
optarg = av[optind] + 2;
if (strcmp(optarg, "") == 0) {
if (optind >= ac - 1)
@@ -421,6 +423,14 @@ main(int ac, char **av)
}
}
break;
+ case 'm':
+ if (mac_valid(optarg))
+ options.macs = xstrdup(optarg);
+ else {
+ fprintf(stderr, "Unknown mac type '%s'\n", optarg);
+ exit(1);
+ }
+ break;
case 'p':
options.port = atoi(optarg);
break;
diff --git a/usr.bin/ssh/sshconnect2.c b/usr.bin/ssh/sshconnect2.c
index 031f719baef..9681ca2d4d8 100644
--- a/usr.bin/ssh/sshconnect2.c
+++ b/usr.bin/ssh/sshconnect2.c
@@ -23,7 +23,7 @@
*/
#include "includes.h"
-RCSID("$OpenBSD: sshconnect2.c,v 1.46 2001/02/10 12:09:21 markus Exp $");
+RCSID("$OpenBSD: sshconnect2.c,v 1.47 2001/02/11 12:59:25 markus Exp $");
#include <openssl/bn.h>
#include <openssl/md5.h>
@@ -84,12 +84,16 @@ ssh_kex2(char *host, struct sockaddr *hostaddr)
myproposal[PROPOSAL_ENC_ALGS_STOC] = options.ciphers;
}
if (options.compression) {
- myproposal[PROPOSAL_COMP_ALGS_CTOS] = "zlib";
+ myproposal[PROPOSAL_COMP_ALGS_CTOS] =
myproposal[PROPOSAL_COMP_ALGS_STOC] = "zlib";
} else {
- myproposal[PROPOSAL_COMP_ALGS_CTOS] = "none";
+ myproposal[PROPOSAL_COMP_ALGS_CTOS] =
myproposal[PROPOSAL_COMP_ALGS_STOC] = "none";
}
+ if (options.macs != NULL) {
+ myproposal[PROPOSAL_MAC_ALGS_CTOS] =
+ myproposal[PROPOSAL_MAC_ALGS_STOC] = options.macs;
+ }
/* buffers with raw kexinit messages */
server_kexinit = xmalloc(sizeof(*server_kexinit));
diff --git a/usr.bin/ssh/sshd.8 b/usr.bin/ssh/sshd.8
index 5bf0b3a6e09..1b1e9645cfd 100644
--- a/usr.bin/ssh/sshd.8
+++ b/usr.bin/ssh/sshd.8
@@ -34,7 +34,7 @@
.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
.\"
-.\" $OpenBSD: sshd.8,v 1.92 2001/02/09 23:38:11 deraadt Exp $
+.\" $OpenBSD: sshd.8,v 1.93 2001/02/11 12:59:25 markus Exp $
.Dd September 25, 1999
.Dt SSHD 8
.Os
@@ -501,6 +501,17 @@ QUIET, FATAL, ERROR, INFO, VERBOSE and DEBUG.
The default is INFO.
Logging with level DEBUG violates the privacy of users
and is not recommended.
+.It Cm MACs
+Specifies the available MAC (message authentication code) algorithms.
+The MAC algorithm is used in protocol version 2
+for data integrity protection.
+Multiple algorithms must be comma-separated.
+The default is
+.Pp
+.Bd -literal
+ ``hmac-sha1,hmac-md5,hmac-ripemd160,hmac-ripemd160@openssh.com,
+ hmac-sha1-96,hmac-md5-96''
+.Ed
.It Cm MaxStartups
Specifies the maximum number of concurrent unauthenticated connections to the
.Nm
diff --git a/usr.bin/ssh/sshd.c b/usr.bin/ssh/sshd.c
index 21dbf995818..236021c84b5 100644
--- a/usr.bin/ssh/sshd.c
+++ b/usr.bin/ssh/sshd.c
@@ -40,7 +40,7 @@
*/
#include "includes.h"
-RCSID("$OpenBSD: sshd.c,v 1.165 2001/02/08 19:30:53 itojun Exp $");
+RCSID("$OpenBSD: sshd.c,v 1.166 2001/02/11 12:59:25 markus Exp $");
#include <openssl/dh.h>
#include <openssl/bn.h>
@@ -1388,6 +1388,10 @@ do_ssh2_kex(void)
myproposal[PROPOSAL_ENC_ALGS_CTOS] =
myproposal[PROPOSAL_ENC_ALGS_STOC] = options.ciphers;
}
+ if (options.macs != NULL) {
+ myproposal[PROPOSAL_MAC_ALGS_CTOS] =
+ myproposal[PROPOSAL_MAC_ALGS_STOC] = options.macs;
+ }
myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = list_hostkey_types();
server_kexinit = kex_init(myproposal);