nhyatt/putty-source
1
0
Fork 0
mirror of https://git.tartarus.org/simon/putty.git synced 2025-06-30 19:12:48 -05:00
Code Issues Projects Releases Wiki Activity

Enforce acceptable range for Diffie-Hellman server value.

Browse Source 
Florent Daigniere of Matta points out that RFC 4253 actually
_requires_ us to refuse to accept out-of-range values, though it isn't
completely clear to me why this should be a MUST on the receiving end.

Matta considers this to be a security vulnerability, on the grounds
that if a server should accidentally send an obviously useless value
such as 1 then we will fail to reject it and agree a key that an
eavesdropper could also figure out. Their id for this vulnerability is
MATTA-2015-002.
This commit is contained in:
Simon Tatham
2015-02-05 19:39:17 +00:00
parent db9385b3ce
commit 174476813f
3 changed files with 31 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
ssh.c
View File

@ -6645,6 +6645,13 @@ static void do_ssh2_transport(Ssh ssh, void *vin, int inlen,
}
ssh_pkt_getstring(pktin, &s->sigdata, &s->siglen);
{
const char *err = dh_validate_f(ssh->kex_ctx, s->f);
if (err) {
bombout(("key exchange reply failed validation: %s", err));
crStopV;
}
}
s->K = dh_find_K(ssh->kex_ctx, s->f);
/* We assume everything from now on will be quick, and it might