nhyatt/putty-source
1
0
Fork 0
mirror of https://git.tartarus.org/simon/putty.git synced 2025-05-28 23:34:49 -05:00
Code Issues Projects Releases Wiki Activity

Add auto-recognition of BUG_SSH2_RSA_PADDING for ProFTPD.

Browse Source 
Martin Prikryl reports that it had the exact same bug as old OpenSSH
(insisting that RSA signature integers be padded with leading zero
bytes to the same length as the RSA modulus, where in fact RFC 4253
section 6.6 says it ought to have _no_ padding), but is recently
fixed. The first version string to not have the bug is reported to be
"mod_sftp/0.9.9", so here we recognise everything less than that as
requiring our existing workaround.

[originally from svn r10161]
This commit is contained in:
Simon Tatham 2014-03-27 18:07:13 +00:00
parent 549e5e8b7b
commit a44530bd98
1 changed files with 3 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
ssh.c
View File

@ -2747,7 +2747,9 @@ static void ssh_detect_bugs(Ssh ssh, char *vstring)
if (conf_get_int(ssh->conf, CONF_sshbug_rsapad2) == FORCE_ON ||
(conf_get_int(ssh->conf, CONF_sshbug_rsapad2) == AUTO &&
(wc_match("OpenSSH_2.[5-9]*", imp) ||
wc_match("OpenSSH_3.[0-2]*", imp)))) {
wc_match("OpenSSH_3.[0-2]*", imp) ||
wc_match("mod_sftp/0.[0-8]*", imp) ||
wc_match("mod_sftp/0.9.[0-8]", imp)))) {
/*
* These versions have the SSH-2 RSA padding bug.
*/