bugzilla-daemon at bugzilla.mindrot.org
2007-Nov-09 17:14 UTC
[Bug 1390] New: RekeyLimit max value is too restrictive
https://bugzilla.mindrot.org/show_bug.cgi?id=1390
Summary: RekeyLimit max value is too restrictive
Classification: Unclassified
Product: Portable OpenSSH
Version: 4.7p1
Platform: All
OS/Version: All
Status: NEW
Severity: normal
Priority: P2
Component: ssh
AssignedTo: bitbucket at mindrot.org
ReportedBy: Jan.Pechanec at Sun.COM
Created an attachment (id=1380)
--> (http://bugzilla.mindrot.org/attachment.cgi?id=1380)
patch against 4.7p1
RekeyLimit option allows to set the limit up to 2^31 bytes only since
it's a signed integer. However, the default value for rekeying limit is
2^32 since AES's block size is 16 bytes (limit set in packet.c).
2^(block_size * 2) = 2^32
since there is no support for ciphers with block sizes of 32 bytes it's
enough to use u_int32_t for rekey_limit + fix the casting and replace
INT_MAX with UINT_MAX.
patch attached.
--
Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching the assignee of the bug.
bugzilla-daemon at bugzilla.mindrot.org
2007-Nov-12 22:53 UTC
[Bug 1390] RekeyLimit max value is too restrictive
https://bugzilla.mindrot.org/show_bug.cgi?id=1390
Jan Pechanec <Jan.Pechanec at Sun.COM> changed:
What |Removed |Added
----------------------------------------------------------------------------
Attachment #1380 is|0 |1
obsolete| |
--- Comment #1 from Jan Pechanec <Jan.Pechanec at Sun.COM> 2007-11-13
09:53:18 ---
Created an attachment (id=1381)
--> (http://bugzilla.mindrot.org/attachment.cgi?id=1381)
fixed patch
I forgot about the initial -1 value... So, the following line was not
correct in the patch then:
if (*activep && options->rekey_limit == -1)
possible solution is to use int64_t for options.rekey_limit and
explicitly cast it to u_int32_t in set_packet_rekey_limit(). Since
rekey_limit is tested against UINT_MAX it's OK.
corrected patch uploaded.
--
Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching the assignee of the bug.
bugzilla-daemon at bugzilla.mindrot.org
2007-Dec-31 12:56 UTC
[Bug 1390] RekeyLimit max value is too restrictive
https://bugzilla.mindrot.org/show_bug.cgi?id=1390
Darren Tucker <dtucker at zip.com.au> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |dtucker at zip.com.au
Blocks| |1353
--- Comment #2 from Darren Tucker <dtucker at zip.com.au> 2007-12-31
23:56:23 ---
Target 4.8
--
Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.
bugzilla-daemon at bugzilla.mindrot.org
2008-Jan-19 21:12 UTC
[Bug 1390] RekeyLimit max value is too restrictive
https://bugzilla.mindrot.org/show_bug.cgi?id=1390
Damien Miller <djm at mindrot.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Attachment #1381| |ok?(dtucker at zip.com.au)
Flag| |
--- Comment #3 from Damien Miller <djm at mindrot.org> 2008-01-20
08:12:20 ---
(From update of attachment 1381)
This looks OK to me. Darren?
--
Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.
bugzilla-daemon at bugzilla.mindrot.org
2008-Jan-19 23:01 UTC
[Bug 1390] RekeyLimit max value is too restrictive
https://bugzilla.mindrot.org/show_bug.cgi?id=1390
Darren Tucker <dtucker at zip.com.au> changed:
What |Removed |Added
----------------------------------------------------------------------------
Attachment #1381|ok?(dtucker at zip.com.au) |ok+
Flag| |
--
Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.
bugzilla-daemon at bugzilla.mindrot.org
2008-Jan-19 23:12 UTC
[Bug 1390] RekeyLimit max value is too restrictive
https://bugzilla.mindrot.org/show_bug.cgi?id=1390
Damien Miller <djm at mindrot.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |RESOLVED
Resolution| |FIXED
CC| |djm at mindrot.org
--- Comment #4 from Damien Miller <djm at mindrot.org> 2008-01-20
10:12:52 ---
fix applied - thanks!
--
Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.
bugzilla-daemon at bugzilla.mindrot.org
2008-Mar-31 04:22 UTC
[Bug 1390] RekeyLimit max value is too restrictive
https://bugzilla.mindrot.org/show_bug.cgi?id=1390
Damien Miller <djm at mindrot.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|RESOLVED |CLOSED
--- Comment #5 from Damien Miller <djm at mindrot.org> 2008-03-31
15:22:30 ---
Fix shipped in 4.9/4.9p1 release.
--
Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.
Possibly Parallel Threads
- [Bug 1056] RekeyLimit can be ridiculously low and is undocumented.
- [Bug 2264] New: RekeyLimit option does not allow '4G' value when UINT_MAX is 0xffffffff
- [Bug 1380] New: incorrect check for strlen(fwd->connect_host) in parse_forward()
- VisualHostKey vs. RekeyLimit vs. VerifyHostKeyDNS
- [Bug 1056] RekeyLimit can be ridiculously low and is undocumented.