bugzilla-daemon at mindrot.org
2002-Mar-07 17:49 UTC
[Bug 138] Incorrect OpenSSL version requirment?
http://bugzilla.mindrot.org/show_bug.cgi?id=138
mouring at eviladmin.org changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |vjo at dulug.duke.edu
------- Additional Comments From mouring at eviladmin.org 2002-03-08 04:49
-------
*** Bug 139 has been marked as a duplicate of this bug. ***
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
bugzilla-daemon at mindrot.org
2002-Mar-07 17:51 UTC
[Bug 138] Incorrect OpenSSL version requirment?
http://bugzilla.mindrot.org/show_bug.cgi?id=138 ------- Additional Comments From mouring at eviladmin.org 2002-03-08 04:51 ------- Documentation has been corrected. Yes 0.9.6 is required at this time. ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee.
bugzilla-daemon at mindrot.org
2002-Mar-07 17:51 UTC
[Bug 138] Incorrect OpenSSL version requirment?
http://bugzilla.mindrot.org/show_bug.cgi?id=138
mouring at eviladmin.org changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |RESOLVED
Resolution| |FIXED
------- Additional Comments From mouring at eviladmin.org 2002-03-08 04:51
-------
Documentation has been corrected. Yes 0.9.6 is required at this time.
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
bugzilla-daemon at mindrot.org
2002-Mar-07 19:39 UTC
[Bug 138] Incorrect OpenSSL version requirment?
http://bugzilla.mindrot.org/show_bug.cgi?id=138 ------- Additional Comments From markus at openbsd.org 2002-03-08 06:39 ------- does this patch help http://bugzilla.mindrot.org/showattachment.cgi?attach_id=32 ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee.
bugzilla-daemon at mindrot.org
2002-Mar-08 17:01 UTC
[Bug 138] Incorrect OpenSSL version requirment?
http://bugzilla.mindrot.org/show_bug.cgi?id=138 ------- Additional Comments From burt at bnl.gov 2002-03-09 04:01 ------- Markus, Your patch did allow us to compile with OpenSSL 0.9.5a. ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee.
bugzilla-daemon at mindrot.org
2002-Mar-08 17:24 UTC
[Bug 138] Incorrect OpenSSL version requirment?
http://bugzilla.mindrot.org/show_bug.cgi?id=138 ------- Additional Comments From burt at bnl.gov 2002-03-09 04:24 ------- ... but apparently breaks ssh1 compatibility (or something miscompiled to do so: $ ssh -v -1 bar.chm.bnl.gov OpenSSH_3.1p1, SSH protocols 1.5/2.0, OpenSSL 0x0090581f [ ... ] debug1: Remote protocol version 1.99, remote software version OpenSSH_3.1p1 debug1: match: OpenSSH_3.1p1 pat OpenSSH* debug1: Local version string SSH-1.5-OpenSSH_3.1p1 [ ... ] debug1: Sent encrypted session key. debug1: Installing crc compensation attack detector. Disconnecting: Corrupted check bytes on input. debug1: Calling cleanup 0x8060fb8(0x0) ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee.
bugzilla-daemon at mindrot.org
2002-Mar-08 17:35 UTC
[Bug 138] Incorrect OpenSSL version requirment?
http://bugzilla.mindrot.org/show_bug.cgi?id=138
markus at openbsd.org changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|RESOLVED |REOPENED
Resolution|FIXED |
------- Additional Comments From markus at openbsd.org 2002-03-09 04:35 -------
what happens if you additionally replace
cipher_init from cipher.c with
void
cipher_init(CipherContext *cc, Cipher *cipher,
const u_char *key, u_int keylen, const u_char *iv, u_int ivlen,
int encrypt)
{
static int dowarn = 1;
EVP_CIPHER *type;
int klen;
if (cipher->number == SSH_CIPHER_DES) {
if (dowarn) {
error("Warning: use of DES is strongly discouraged
"
"due to cryptographic weaknesses");
dowarn = 0;
}
if (keylen > 8)
keylen = 8;
}
cc->plaintext = (cipher->number == SSH_CIPHER_NONE);
if (keylen < cipher->key_len)
fatal("cipher_init: key length %d is insufficient for
%s.",
keylen, cipher->name);
if (iv != NULL && ivlen < cipher->block_size)
fatal("cipher_init: iv length %d is insufficient for
%s.",
ivlen, cipher->name);
cc->cipher = cipher;
type = (*cipher->evptype)();
if (type->key_len < cipher->key_len)
type->key_len = cipher->key_len;
EVP_CIPHER_CTX_init(&cc->evp);
EVP_CipherInit(&cc->evp, type, (u_char *)key, (u_char *)iv,
(encrypt == CIPHER_ENCRYPT));
}
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
bugzilla-daemon at mindrot.org
2002-Mar-08 22:29 UTC
[Bug 138] Incorrect OpenSSL version requirment?
http://bugzilla.mindrot.org/show_bug.cgi?id=138
djm at mindrot.org changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |hatlas at depaul.edu
------- Additional Comments From djm at mindrot.org 2002-03-09 09:29 -------
*** Bug 154 has been marked as a duplicate of this bug. ***
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
bugzilla-daemon at mindrot.org
2002-Mar-08 22:43 UTC
[Bug 138] Incorrect OpenSSL version requirment?
http://bugzilla.mindrot.org/show_bug.cgi?id=138 ------- Additional Comments From skvidal at phy.duke.edu 2002-03-09 09:43 ------- the cipher_init change does not help the problem debug1: cipher_init: set keylen (16 -> 32) debug1: cipher_init: set keylen (16 -> 32) debug1: Installing crc compensation attack detector. Disconnecting: Corrupted check bytes on input. debug1: Calling cleanup 0x8063550(0x0) still throwing an error on any ssh1 connection ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee.
bugzilla-daemon at mindrot.org
2002-Mar-09 09:30 UTC
[Bug 138] Incorrect OpenSSL version requirment?
http://bugzilla.mindrot.org/show_bug.cgi?id=138 ------- Additional Comments From markus at openbsd.org 2002-03-09 20:30 ------- this should help for 3des/ssh1 http://bugzilla.mindrot.org/showattachment.cgi?attach_id=35 ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee.
bugzilla-daemon at mindrot.org
2002-Mar-10 00:03 UTC
[Bug 138] Incorrect OpenSSL version requirment?
http://bugzilla.mindrot.org/show_bug.cgi?id=138 ------- Additional Comments From patl at cag.lcs.mit.edu 2002-03-10 11:03 ------- With http://bugzilla.mindrot.org/showattachment.cgi?attach_id=35 applied I get exactly the same failure as with the earlier patch: host1$ ./ssh -v -1 host2 [stuff elided] debug1: Encryption type: 3des debug1: Sent encrypted session key. debug1: Installing crc compensation attack detector. Disconnecting: Corrupted check bytes on input. debug1: Calling cleanup 0x8063930(0x0) I am running Red Hat 6.2 with all current updates. ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee.
bugzilla-daemon at mindrot.org
2002-Mar-10 19:30 UTC
[Bug 138] Incorrect OpenSSL version requirment?
http://bugzilla.mindrot.org/show_bug.cgi?id=138 ------- Additional Comments From markus at openbsd.org 2002-03-11 06:30 ------- http://bugzilla.mindrot.org/showattachment.cgi?attach_id=37 ^^ this works for me with 3des-ssh1 and aes256-cbc (as used by PUTTY) ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee.
bugzilla-daemon at mindrot.org
2002-Mar-10 19:41 UTC
[Bug 138] Incorrect OpenSSL version requirment?
http://bugzilla.mindrot.org/show_bug.cgi?id=138 ------- Additional Comments From patl at cag.lcs.mit.edu 2002-03-11 06:41 ------- Yup, that makes 3des with protocol 1 work. Thanks! "blowfish" is still broken, though. Any chance of fixing it, too? We have some automated scripts here which specify Blowfish for speed. Yes, we should migrate to protocol 2 and AES. But not this weekend :-). ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee.
bugzilla-daemon at mindrot.org
2002-Mar-16 17:26 UTC
[Bug 138] Incorrect OpenSSL version requirment?
http://bugzilla.mindrot.org/show_bug.cgi?id=138
markus at openbsd.org changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |wzeikat at gmx.de
------- Additional Comments From markus at openbsd.org 2002-03-17 04:26 -------
*** Bug 169 has been marked as a duplicate of this bug. ***
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
bugzilla-daemon at mindrot.org
2002-Mar-16 18:03 UTC
[Bug 138] Incorrect OpenSSL version requirment?
http://bugzilla.mindrot.org/show_bug.cgi?id=138 ------- Additional Comments From wzeikat at gmx.de 2002-03-17 05:03 ------- http://bugzilla.mindrot.org/showattachment.cgi?attach_id=37 - how do i apply that? if i simply replace cipher.c with it, i get this error: # make install (cd openbsd-compat && make) gcc -g -O2 -Wall -Wpointer-arith -Wno-uninitialized -I. -I. -I/opt -DSSHDIR=\"/opt/etc\" -D_PATH_SSH_PROGRAM=\"/opt/bin/ssh\" -D_PATH_SSH_ASKPASS_DEFAULT=\"/opt/libexec/ssh-askpass\" -D_PATH_SFTP_SERVER=\"/opt/libexec/sftp-server\" -D_PATH_SSH_PIDDIR=\"/var/run\" -DSSH_RAND_HELPER=\"/opt/libexec/ssh-rand-helper\" -DHAVE_CONFIG_H -c cipher.c cipher.c:74: unterminated comment make: *** [cipher.o] Error 1 make: *** Waiting for unfinished jobs.... make[1]: Entering directory `/home/software/install/openssh-3.1p1/openbsd-compat' make[1]: Nothing to be done for `all'. make[1]: Leaving directory `/home/software/install/openssh-3.1p1/openbsd-compat' ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee.
bugzilla-daemon at mindrot.org
2002-Mar-16 19:25 UTC
[Bug 138] Incorrect OpenSSL version requirment?
http://bugzilla.mindrot.org/show_bug.cgi?id=138 ------- Additional Comments From wzeikat at gmx.de 2002-03-17 06:25 ------- thanks, that solved the problem with "make install" for me on RedHat 6.2 ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee.
bugzilla-daemon at mindrot.org
2002-Mar-16 19:29 UTC
[Bug 138] Incorrect OpenSSL version requirment?
http://bugzilla.mindrot.org/show_bug.cgi?id=138 ------- Additional Comments From wzeikat at gmx.de 2002-03-17 06:29 ------- In the previous episode (16.03.2002, 13:47:51), Pat said:> > http://bugzilla.mindrot.org/showattachment.cgi?attach_id=37 - how do i > apply > > that? > > You use the "patch" utility. Something like this: > > cd /usr/local/src/openssh-3.1p1 > patch -p0 < ../patch.txt > > - Pat >thanks, that solved the problem with "make install" for me on RedHat 6.2 ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee.
bugzilla-daemon at mindrot.org
2002-Mar-17 12:41 UTC
[Bug 138] Incorrect OpenSSL version requirment?
http://bugzilla.mindrot.org/show_bug.cgi?id=138
markus at openbsd.org changed:
What |Removed |Added
----------------------------------------------------------------------------
Severity|minor |major
Component|Documentation |Miscellaneous
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
bugzilla-daemon at mindrot.org
2002-Mar-26 23:28 UTC
[Bug 138] Incorrect OpenSSL version requirment?
http://bugzilla.mindrot.org/show_bug.cgi?id=138
markus at openbsd.org changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |malcolm.locke at rivalsdm.com
------- Additional Comments From markus at openbsd.org 2002-03-27 10:28 -------
*** Bug 186 has been marked as a duplicate of this bug. ***
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
bugzilla-daemon at mindrot.org
2002-Apr-05 19:25 UTC
[Bug 138] Incorrect OpenSSL version requirment?
http://bugzilla.mindrot.org/show_bug.cgi?id=138
mouring at eviladmin.org changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|REOPENED |RESOLVED
Resolution| |FIXED
------- Additional Comments From mouring at eviladmin.org 2002-04-06 05:25
-------
This should be fixed in the CVS tree. If this is still an issue please reopen
before OpenSSH 3.2 goes gold.
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
bugzilla-daemon at mindrot.org
2002-Apr-06 16:53 UTC
[Bug 138] Incorrect OpenSSL version requirment?
http://bugzilla.mindrot.org/show_bug.cgi?id=138 ------- Additional Comments From markus at openbsd.org 2002-04-07 02:53 ------- blowfish w/ ssh1 could still be broken. please check. ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee.
Possibly Parallel Threads
- [Bug 141] openssh-3.1p1-1.src.rpm will not build on RedHat Linux 6.1
- [Bug 165] Problem with SSH1 Keys on RedHat7.2
- [Bug 227] 2nd Client Instance Can Login Without Authorization
- Possible problem with hostbased protocol 1 rhosts authentication
- 3.1p1 + OpenSSL 0.9.5a -> no can do