[openssh-commits] [openssh] 07/22: upstream commit

git+noreply at mindrot.org git+noreply at mindrot.org
Mon May 1 12:02:10 AEST 2017


This is an automated email from the git hooks/post-receive script.

djm pushed a commit to branch master
in repository openssh.

commit cdccebdf85204bf7542b7fcc1aa2ea3f36661833
Author: djm at openbsd.org <djm at openbsd.org>
Date:   Sun Apr 30 23:15:04 2017 +0000

    upstream commit
    
    remove SSHv1 ciphers; ok markus@
    
    Upstream-ID: e5ebc5e540d7f23a8c1266db1839794d4d177890
---
 Makefile.in    |   2 +-
 cipher-3des1.c | 158 -------------------------------------
 cipher-bf1.c   | 106 -------------------------
 cipher.c       | 241 ++++++++++++++++++---------------------------------------
 cipher.h       |  25 +-----
 readconf.c     |  25 +-----
 readconf.h     |   3 +-
 ssh.c          |  21 +----
 sshkey.c       |   8 +-
 9 files changed, 88 insertions(+), 501 deletions(-)

diff --git a/Makefile.in b/Makefile.in
index e247c0de..f6625734 100644
--- a/Makefile.in
+++ b/Makefile.in
@@ -78,7 +78,7 @@ LIBOPENSSH_OBJS=\
 LIBSSH_OBJS=${LIBOPENSSH_OBJS} \
 	authfd.o authfile.o bufaux.o bufbn.o bufec.o buffer.o \
 	canohost.o channels.o cipher.o cipher-aes.o cipher-aesctr.o \
-	cipher-bf1.o cipher-ctr.o cipher-3des1.o cleanup.o \
+	cipher-ctr.o cleanup.o \
 	compat.o crc32.o deattack.o fatal.o hostfile.o \
 	log.o match.o moduli.o nchan.o packet.o opacket.o \
 	readpass.o rsa.o ttymodes.o xmalloc.o addrmatch.o \
diff --git a/cipher-3des1.c b/cipher-3des1.c
deleted file mode 100644
index 9fcc2785..00000000
--- a/cipher-3des1.c
+++ /dev/null
@@ -1,158 +0,0 @@
-/* $OpenBSD: cipher-3des1.c,v 1.12 2015/01/14 10:24:42 markus Exp $ */
-/*
- * Copyright (c) 2003 Markus Friedl.  All rights reserved.
- *
- * Permission to use, copy, modify, and distribute this software for any
- * purpose with or without fee is hereby granted, provided that the above
- * copyright notice and this permission notice appear in all copies.
- *
- * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
- * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
- * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
- * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
- * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
- * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
- * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
- * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
- * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
- */
-
-#include "includes.h"
-
-#ifdef WITH_SSH1
-
-#include <sys/types.h>
-#include <string.h>
-#include <openssl/evp.h>
-
-#include "ssherr.h"
-
-/*
- * This is used by SSH1:
- *
- * What kind of triple DES are these 2 routines?
- *
- * Why is there a redundant initialization vector?
- *
- * If only iv3 was used, then, this would till effect have been
- * outer-cbc. However, there is also a private iv1 == iv2 which
- * perhaps makes differential analysis easier. On the other hand, the
- * private iv1 probably makes the CRC-32 attack ineffective. This is a
- * result of that there is no longer any known iv1 to use when
- * choosing the X block.
- */
-struct ssh1_3des_ctx
-{
-	EVP_CIPHER_CTX	k1, k2, k3;
-};
-
-const EVP_CIPHER * evp_ssh1_3des(void);
-int ssh1_3des_iv(EVP_CIPHER_CTX *, int, u_char *, int);
-
-static int
-ssh1_3des_init(EVP_CIPHER_CTX *ctx, const u_char *key, const u_char *iv,
-    int enc)
-{
-	struct ssh1_3des_ctx *c;
-	u_char *k1, *k2, *k3;
-
-	if ((c = EVP_CIPHER_CTX_get_app_data(ctx)) == NULL) {
-		if ((c = calloc(1, sizeof(*c))) == NULL)
-			return 0;
-		EVP_CIPHER_CTX_set_app_data(ctx, c);
-	}
-	if (key == NULL)
-		return 1;
-	if (enc == -1)
-		enc = ctx->encrypt;
-	k1 = k2 = k3 = (u_char *) key;
-	k2 += 8;
-	if (EVP_CIPHER_CTX_key_length(ctx) >= 16+8) {
-		if (enc)
-			k3 += 16;
-		else
-			k1 += 16;
-	}
-	EVP_CIPHER_CTX_init(&c->k1);
-	EVP_CIPHER_CTX_init(&c->k2);
-	EVP_CIPHER_CTX_init(&c->k3);
-	if (EVP_CipherInit(&c->k1, EVP_des_cbc(), k1, NULL, enc) == 0 ||
-	    EVP_CipherInit(&c->k2, EVP_des_cbc(), k2, NULL, !enc) == 0 ||
-	    EVP_CipherInit(&c->k3, EVP_des_cbc(), k3, NULL, enc) == 0) {
-		explicit_bzero(c, sizeof(*c));
-		free(c);
-		EVP_CIPHER_CTX_set_app_data(ctx, NULL);
-		return 0;
-	}
-	return 1;
-}
-
-static int
-ssh1_3des_cbc(EVP_CIPHER_CTX *ctx, u_char *dest, const u_char *src, size_t len)
-{
-	struct ssh1_3des_ctx *c;
-
-	if ((c = EVP_CIPHER_CTX_get_app_data(ctx)) == NULL)
-		return 0;
-	if (EVP_Cipher(&c->k1, dest, (u_char *)src, len) == 0 ||
-	    EVP_Cipher(&c->k2, dest, dest, len) == 0 ||
-	    EVP_Cipher(&c->k3, dest, dest, len) == 0)
-		return 0;
-	return 1;
-}
-
-static int
-ssh1_3des_cleanup(EVP_CIPHER_CTX *ctx)
-{
-	struct ssh1_3des_ctx *c;
-
-	if ((c = EVP_CIPHER_CTX_get_app_data(ctx)) != NULL) {
-		EVP_CIPHER_CTX_cleanup(&c->k1);
-		EVP_CIPHER_CTX_cleanup(&c->k2);
-		EVP_CIPHER_CTX_cleanup(&c->k3);
-		explicit_bzero(c, sizeof(*c));
-		free(c);
-		EVP_CIPHER_CTX_set_app_data(ctx, NULL);
-	}
-	return 1;
-}
-
-int
-ssh1_3des_iv(EVP_CIPHER_CTX *evp, int doset, u_char *iv, int len)
-{
-	struct ssh1_3des_ctx *c;
-
-	if (len != 24)
-		return SSH_ERR_INVALID_ARGUMENT;
-	if ((c = EVP_CIPHER_CTX_get_app_data(evp)) == NULL)
-		return SSH_ERR_INTERNAL_ERROR;
-	if (doset) {
-		memcpy(c->k1.iv, iv, 8);
-		memcpy(c->k2.iv, iv + 8, 8);
-		memcpy(c->k3.iv, iv + 16, 8);
-	} else {
-		memcpy(iv, c->k1.iv, 8);
-		memcpy(iv + 8, c->k2.iv, 8);
-		memcpy(iv + 16, c->k3.iv, 8);
-	}
-	return 0;
-}
-
-const EVP_CIPHER *
-evp_ssh1_3des(void)
-{
-	static EVP_CIPHER ssh1_3des;
-
-	memset(&ssh1_3des, 0, sizeof(ssh1_3des));
-	ssh1_3des.nid = NID_undef;
-	ssh1_3des.block_size = 8;
-	ssh1_3des.iv_len = 0;
-	ssh1_3des.key_len = 16;
-	ssh1_3des.init = ssh1_3des_init;
-	ssh1_3des.cleanup = ssh1_3des_cleanup;
-	ssh1_3des.do_cipher = ssh1_3des_cbc;
-	ssh1_3des.flags = EVP_CIPH_CBC_MODE | EVP_CIPH_VARIABLE_LENGTH;
-	return &ssh1_3des;
-}
-#endif /* WITH_SSH1 */
diff --git a/cipher-bf1.c b/cipher-bf1.c
deleted file mode 100644
index c205b077..00000000
--- a/cipher-bf1.c
+++ /dev/null
@@ -1,106 +0,0 @@
-/* $OpenBSD: cipher-bf1.c,v 1.7 2015/01/14 10:24:42 markus Exp $ */
-/*
- * Copyright (c) 2003 Markus Friedl.  All rights reserved.
- *
- * Permission to use, copy, modify, and distribute this software for any
- * purpose with or without fee is hereby granted, provided that the above
- * copyright notice and this permission notice appear in all copies.
- *
- * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
- * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
- * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
- * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
- * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
- * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
- * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
- * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
- * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
- */
-
-#include "includes.h"
-
-#ifdef WITH_SSH1
-#if defined(WITH_OPENSSL) && !defined(OPENSSL_NO_BF)
-
-#include <sys/types.h>
-
-#include <stdarg.h>
-#include <string.h>
-
-#include <openssl/evp.h>
-
-#include "openbsd-compat/openssl-compat.h"
-
-/*
- * SSH1 uses a variation on Blowfish, all bytes must be swapped before
- * and after encryption/decryption. Thus the swap_bytes stuff (yuk).
- */
-
-const EVP_CIPHER * evp_ssh1_bf(void);
-
-static void
-swap_bytes(const u_char *src, u_char *dst, int n)
-{
-	u_char c[4];
-
-	/* Process 4 bytes every lap. */
-	for (n = n / 4; n > 0; n--) {
-		c[3] = *src++;
-		c[2] = *src++;
-		c[1] = *src++;
-		c[0] = *src++;
-
-		*dst++ = c[0];
-		*dst++ = c[1];
-		*dst++ = c[2];
-		*dst++ = c[3];
-	}
-}
-
-#ifdef SSH_OLD_EVP
-static void bf_ssh1_init (EVP_CIPHER_CTX * ctx, const unsigned char *key,
-			  const unsigned char *iv, int enc)
-{
-	if (iv != NULL)
-		memcpy (&(ctx->oiv[0]), iv, 8);
-	memcpy (&(ctx->iv[0]), &(ctx->oiv[0]), 8);
-	if (key != NULL)
-		BF_set_key (&(ctx->c.bf_ks), EVP_CIPHER_CTX_key_length (ctx),
-			    key);
-}
-#endif
-
-static int (*orig_bf)(EVP_CIPHER_CTX *, u_char *,
-    const u_char *, LIBCRYPTO_EVP_INL_TYPE) = NULL;
-
-static int
-bf_ssh1_cipher(EVP_CIPHER_CTX *ctx, u_char *out, const u_char *in,
-    LIBCRYPTO_EVP_INL_TYPE len)
-{
-	int ret;
-
-	swap_bytes(in, out, len);
-	ret = (*orig_bf)(ctx, out, out, len);
-	swap_bytes(out, out, len);
-	return (ret);
-}
-
-const EVP_CIPHER *
-evp_ssh1_bf(void)
-{
-	static EVP_CIPHER ssh1_bf;
-
-	memcpy(&ssh1_bf, EVP_bf_cbc(), sizeof(EVP_CIPHER));
-	orig_bf = ssh1_bf.do_cipher;
-	ssh1_bf.nid = NID_undef;
-#ifdef SSH_OLD_EVP
-	ssh1_bf.init = bf_ssh1_init;
-#endif
-	ssh1_bf.do_cipher = bf_ssh1_cipher;
-	ssh1_bf.key_len = 32;
-	return (&ssh1_bf);
-}
-#endif /* defined(WITH_OPENSSL) && !defined(OPENSSL_NO_BF) */
-
-#endif /* WITH_SSH1 */
diff --git a/cipher.c b/cipher.c
index 2df2b84b..622e745d 100644
--- a/cipher.c
+++ b/cipher.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: cipher.c,v 1.103 2017/04/30 23:10:43 djm Exp $ */
+/* $OpenBSD: cipher.c,v 1.104 2017/04/30 23:15:04 djm Exp $ */
 /*
  * Author: Tatu Ylonen <ylo at cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo at cs.hut.fi>, Espoo, Finland
@@ -63,7 +63,6 @@ struct sshcipher_ctx {
 
 struct sshcipher {
 	char	*name;
-	int	number;		/* for ssh1 only */
 	u_int	block_size;
 	u_int	key_len;
 	u_int	iv_len;		/* defaults to block_size */
@@ -74,6 +73,7 @@ struct sshcipher {
 #define CFLAG_CHACHAPOLY	(1<<1)
 #define CFLAG_AESCTR		(1<<2)
 #define CFLAG_NONE		(1<<3)
+#define CFLAG_INTERNAL		CFLAG_NONE /* Don't use "none" for packets */
 #ifdef WITH_OPENSSL
 	const EVP_CIPHER	*(*evptype)(void);
 #else
@@ -83,45 +83,42 @@ struct sshcipher {
 
 static const struct sshcipher ciphers[] = {
 #ifdef WITH_OPENSSL
-	{ "none",	SSH_CIPHER_NONE, 8, 0, 0, 0, 0, 0, EVP_enc_null },
-	{ "3des-cbc",	SSH_CIPHER_SSH2, 8, 24, 0, 0, 0, 1, EVP_des_ede3_cbc },
+	{ "3des-cbc",		8, 24, 0, 0, 0, 1, EVP_des_ede3_cbc },
 # ifndef OPENSSL_NO_BF
-	{ "blowfish-cbc",
-			SSH_CIPHER_SSH2, 8, 16, 0, 0, 0, 1, EVP_bf_cbc },
+	{ "blowfish-cbc",	8, 16, 0, 0, 0, 1, EVP_bf_cbc },
 # endif /* OPENSSL_NO_BF */
 # ifndef OPENSSL_NO_CAST
-	{ "cast128-cbc",
-			SSH_CIPHER_SSH2, 8, 16, 0, 0, 0, 1, EVP_cast5_cbc },
+	{ "cast128-cbc",	8, 16, 0, 0, 0, 1, EVP_cast5_cbc },
 # endif /* OPENSSL_NO_CAST */
 # ifndef OPENSSL_NO_RC4
-	{ "arcfour",	SSH_CIPHER_SSH2, 8, 16, 0, 0, 0, 0, EVP_rc4 },
-	{ "arcfour128",	SSH_CIPHER_SSH2, 8, 16, 0, 0, 1536, 0, EVP_rc4 },
-	{ "arcfour256",	SSH_CIPHER_SSH2, 8, 32, 0, 0, 1536, 0, EVP_rc4 },
+	{ "arcfour",		8, 16, 0, 0, 0, 0, EVP_rc4 },
+	{ "arcfour128",		8, 16, 0, 0, 1536, 0, EVP_rc4 },
+	{ "arcfour256",		8, 32, 0, 0, 1536, 0, EVP_rc4 },
 # endif /* OPENSSL_NO_RC4 */
-	{ "aes128-cbc",	SSH_CIPHER_SSH2, 16, 16, 0, 0, 0, 1, EVP_aes_128_cbc },
-	{ "aes192-cbc",	SSH_CIPHER_SSH2, 16, 24, 0, 0, 0, 1, EVP_aes_192_cbc },
-	{ "aes256-cbc",	SSH_CIPHER_SSH2, 16, 32, 0, 0, 0, 1, EVP_aes_256_cbc },
+	{ "aes128-cbc",		16, 16, 0, 0, 0, 1, EVP_aes_128_cbc },
+	{ "aes192-cbc",		16, 24, 0, 0, 0, 1, EVP_aes_192_cbc },
+	{ "aes256-cbc",		16, 32, 0, 0, 0, 1, EVP_aes_256_cbc },
 	{ "rijndael-cbc at lysator.liu.se",
-			SSH_CIPHER_SSH2, 16, 32, 0, 0, 0, 1, EVP_aes_256_cbc },
-	{ "aes128-ctr",	SSH_CIPHER_SSH2, 16, 16, 0, 0, 0, 0, EVP_aes_128_ctr },
-	{ "aes192-ctr",	SSH_CIPHER_SSH2, 16, 24, 0, 0, 0, 0, EVP_aes_192_ctr },
-	{ "aes256-ctr",	SSH_CIPHER_SSH2, 16, 32, 0, 0, 0, 0, EVP_aes_256_ctr },
+				16, 32, 0, 0, 0, 1, EVP_aes_256_cbc },
+	{ "aes128-ctr",		16, 16, 0, 0, 0, 0, EVP_aes_128_ctr },
+	{ "aes192-ctr",		16, 24, 0, 0, 0, 0, EVP_aes_192_ctr },
+	{ "aes256-ctr",		16, 32, 0, 0, 0, 0, EVP_aes_256_ctr },
 # ifdef OPENSSL_HAVE_EVPGCM
 	{ "aes128-gcm at openssh.com",
-			SSH_CIPHER_SSH2, 16, 16, 12, 16, 0, 0, EVP_aes_128_gcm },
+				16, 16, 12, 16, 0, 0, EVP_aes_128_gcm },
 	{ "aes256-gcm at openssh.com",
-			SSH_CIPHER_SSH2, 16, 32, 12, 16, 0, 0, EVP_aes_256_gcm },
+				16, 32, 12, 16, 0, 0, EVP_aes_256_gcm },
 # endif /* OPENSSL_HAVE_EVPGCM */
-#else /* WITH_OPENSSL */
-	{ "aes128-ctr",	SSH_CIPHER_SSH2, 16, 16, 0, 0, 0, CFLAG_AESCTR, NULL },
-	{ "aes192-ctr",	SSH_CIPHER_SSH2, 16, 24, 0, 0, 0, CFLAG_AESCTR, NULL },
-	{ "aes256-ctr",	SSH_CIPHER_SSH2, 16, 32, 0, 0, 0, CFLAG_AESCTR, NULL },
-	{ "none",	SSH_CIPHER_NONE, 8, 0, 0, 0, 0, CFLAG_NONE, NULL },
-#endif /* WITH_OPENSSL */
+#else
+	{ "aes128-ctr",		16, 16, 0, 0, 0, CFLAG_AESCTR, NULL },
+	{ "aes192-ctr",		16, 24, 0, 0, 0, CFLAG_AESCTR, NULL },
+	{ "aes256-ctr",		16, 32, 0, 0, 0, CFLAG_AESCTR, NULL },
+#endif
 	{ "chacha20-poly1305 at openssh.com",
-			SSH_CIPHER_SSH2, 8, 64, 0, 16, 0, CFLAG_CHACHAPOLY, NULL },
+				8, 64, 0, 16, 0, CFLAG_CHACHAPOLY, NULL },
+	{ "none",		8, 0, 0, 0, 0, CFLAG_NONE, NULL },
 
-	{ NULL,		SSH_CIPHER_INVALID, 0, 0, 0, 0, 0, 0, NULL }
+	{ NULL,			0, 0, 0, 0, 0, 0, NULL }
 };
 
 /*--*/
@@ -135,7 +132,7 @@ cipher_alg_list(char sep, int auth_only)
 	const struct sshcipher *c;
 
 	for (c = ciphers; c->name != NULL; c++) {
-		if (c->number != SSH_CIPHER_SSH2)
+		if ((c->flags & CFLAG_INTERNAL) != 0)
 			continue;
 		if (auth_only && c->auth_len == 0)
 			continue;
@@ -191,12 +188,6 @@ cipher_ivlen(const struct sshcipher *c)
 }
 
 u_int
-cipher_get_number(const struct sshcipher *c)
-{
-	return (c->number);
-}
-
-u_int
 cipher_is_cbc(const struct sshcipher *c)
 {
 	return (c->flags & CFLAG_CBC) != 0;
@@ -208,24 +199,6 @@ cipher_ctx_is_plaintext(struct sshcipher_ctx *cc)
 	return cc->plaintext;
 }
 
-u_int
-cipher_ctx_get_number(struct sshcipher_ctx *cc)
-{
-	return cc->cipher->number;
-}
-
-u_int
-cipher_mask_ssh1(int client)
-{
-	u_int mask = 0;
-	mask |= 1 << SSH_CIPHER_3DES;		/* Mandatory */
-	mask |= 1 << SSH_CIPHER_BLOWFISH;
-	if (client) {
-		mask |= 1 << SSH_CIPHER_DES;
-	}
-	return mask;
-}
-
 const struct sshcipher *
 cipher_by_name(const char *name)
 {
@@ -236,16 +209,6 @@ cipher_by_name(const char *name)
 	return NULL;
 }
 
-const struct sshcipher *
-cipher_by_number(int id)
-{
-	const struct sshcipher *c;
-	for (c = ciphers; c->name != NULL; c++)
-		if (c->number == id)
-			return c;
-	return NULL;
-}
-
 #define	CIPHER_SEP	","
 int
 ciphers_valid(const char *names)
@@ -261,7 +224,7 @@ ciphers_valid(const char *names)
 	for ((p = strsep(&cp, CIPHER_SEP)); p && *p != '\0';
 	    (p = strsep(&cp, CIPHER_SEP))) {
 		c = cipher_by_name(p);
-		if (c == NULL || c->number != SSH_CIPHER_SSH2) {
+		if (c == NULL || (c->flags & CFLAG_INTERNAL) != 0) {
 			free(cipher_list);
 			return 0;
 		}
@@ -270,38 +233,12 @@ ciphers_valid(const char *names)
 	return 1;
 }
 
-/*
- * Parses the name of the cipher.  Returns the number of the corresponding
- * cipher, or -1 on error.
- */
-
-int
-cipher_number(const char *name)
-{
-	const struct sshcipher *c;
-	if (name == NULL)
-		return -1;
-	for (c = ciphers; c->name != NULL; c++)
-		if (strcasecmp(c->name, name) == 0)
-			return c->number;
-	return -1;
-}
-
-char *
-cipher_name(int id)
-{
-	const struct sshcipher *c = cipher_by_number(id);
-	return (c==NULL) ? "<unknown>" : c->name;
-}
-
 const char *
 cipher_warning_message(const struct sshcipher_ctx *cc)
 {
 	if (cc == NULL || cc->cipher == NULL)
 		return NULL;
-	if (cc->cipher->number == SSH_CIPHER_DES)
-		return "use of DES is strongly discouraged due to "
-		    "cryptographic weaknesses";
+	/* XXX repurpose for CBC warning */
 	return NULL;
 }
 
@@ -322,12 +259,7 @@ cipher_init(struct sshcipher_ctx **ccp, const struct sshcipher *cipher,
 	if ((cc = calloc(sizeof(*cc), 1)) == NULL)
 		return SSH_ERR_ALLOC_FAIL;
 
-	if (cipher->number == SSH_CIPHER_DES) {
-		if (keylen > 8)
-			keylen = 8;
-	}
-
-	cc->plaintext = (cipher->number == SSH_CIPHER_NONE);
+	cc->plaintext = 0; /* XXX */
 	cc->encrypt = do_encrypt;
 
 	if (keylen < cipher->key_len ||
@@ -341,6 +273,10 @@ cipher_init(struct sshcipher_ctx **ccp, const struct sshcipher *cipher,
 		ret = chachapoly_init(&cc->cp_ctx, key, keylen);
 		goto out;
 	}
+	if ((cc->cipher->flags & CFLAG_NONE) != 0) {
+		ret = 0;
+		goto out;
+	}
 #ifndef WITH_OPENSSL
 	if ((cc->cipher->flags & CFLAG_AESCTR) != 0) {
 		aesctr_keysetup(&cc->ac_ctx, key, 8 * keylen, 8 * ivlen);
@@ -348,10 +284,6 @@ cipher_init(struct sshcipher_ctx **ccp, const struct sshcipher *cipher,
 		ret = 0;
 		goto out;
 	}
-	if ((cc->cipher->flags & CFLAG_NONE) != 0) {
-		ret = 0;
-		goto out;
-	}
 	ret = SSH_ERR_INVALID_ARGUMENT;
 	goto out;
 #else /* WITH_OPENSSL */
@@ -436,6 +368,10 @@ cipher_crypt(struct sshcipher_ctx *cc, u_int seqnr, u_char *dest,
 		return chachapoly_crypt(&cc->cp_ctx, seqnr, dest, src,
 		    len, aadlen, authlen, cc->encrypt);
 	}
+	if ((cc->cipher->flags & CFLAG_NONE) != 0) {
+		memcpy(dest, src, aadlen + len);
+		return 0;
+	}
 #ifndef WITH_OPENSSL
 	if ((cc->cipher->flags & CFLAG_AESCTR) != 0) {
 		if (aadlen)
@@ -444,10 +380,6 @@ cipher_crypt(struct sshcipher_ctx *cc, u_int seqnr, u_char *dest,
 		    dest + aadlen, len);
 		return 0;
 	}
-	if ((cc->cipher->flags & CFLAG_NONE) != 0) {
-		memcpy(dest, src, aadlen + len);
-		return 0;
-	}
 	return SSH_ERR_INVALID_ARGUMENT;
 #else
 	if (authlen) {
@@ -554,19 +486,16 @@ int
 cipher_get_keyiv_len(const struct sshcipher_ctx *cc)
 {
 	const struct sshcipher *c = cc->cipher;
-	int ivlen = 0;
 
-	if (c->number == SSH_CIPHER_3DES)
-		ivlen = 24;
-	else if ((cc->cipher->flags & CFLAG_CHACHAPOLY) != 0)
-		ivlen = 0;
-	else if ((cc->cipher->flags & CFLAG_AESCTR) != 0)
-		ivlen = sizeof(cc->ac_ctx.ctr);
+	if ((c->flags & CFLAG_CHACHAPOLY) != 0)
+		return 0;
+	else if ((c->flags & CFLAG_AESCTR) != 0)
+		return sizeof(cc->ac_ctx.ctr);
 #ifdef WITH_OPENSSL
-	else
-		ivlen = EVP_CIPHER_CTX_iv_length(cc->evp);
-#endif /* WITH_OPENSSL */
-	return (ivlen);
+	return EVP_CIPHER_CTX_iv_length(cc->evp);
+#else
+	return 0;
+#endif
 }
 
 int
@@ -591,34 +520,26 @@ cipher_get_keyiv(struct sshcipher_ctx *cc, u_char *iv, u_int len)
 	if ((cc->cipher->flags & CFLAG_NONE) != 0)
 		return 0;
 
-	switch (c->number) {
 #ifdef WITH_OPENSSL
-	case SSH_CIPHER_SSH2:
-	case SSH_CIPHER_DES:
-	case SSH_CIPHER_BLOWFISH:
-		evplen = EVP_CIPHER_CTX_iv_length(cc->evp);
-		if (evplen == 0)
-			return 0;
-		else if (evplen < 0)
-			return SSH_ERR_LIBCRYPTO_ERROR;
-		if ((u_int)evplen != len)
-			return SSH_ERR_INVALID_ARGUMENT;
-#ifndef OPENSSL_HAVE_EVPCTR
-		if (c->evptype == evp_aes_128_ctr)
-			ssh_aes_ctr_iv(cc->evp, 0, iv, len);
-		else
-#endif
-		if (cipher_authlen(c)) {
-			if (!EVP_CIPHER_CTX_ctrl(cc->evp, EVP_CTRL_GCM_IV_GEN,
-			   len, iv))
-			       return SSH_ERR_LIBCRYPTO_ERROR;
-		} else
-			memcpy(iv, cc->evp->iv, len);
-		break;
-#endif
-	default:
+	evplen = EVP_CIPHER_CTX_iv_length(cc->evp);
+	if (evplen == 0)
+		return 0;
+	else if (evplen < 0)
+		return SSH_ERR_LIBCRYPTO_ERROR;
+	if ((u_int)evplen != len)
 		return SSH_ERR_INVALID_ARGUMENT;
-	}
+#ifndef OPENSSL_HAVE_EVPCTR
+	if (c->evptype == evp_aes_128_ctr)
+		ssh_aes_ctr_iv(cc->evp, 0, iv, len);
+	else
+#endif
+	if (cipher_authlen(c)) {
+		if (!EVP_CIPHER_CTX_ctrl(cc->evp, EVP_CTRL_GCM_IV_GEN,
+		   len, iv))
+		       return SSH_ERR_LIBCRYPTO_ERROR;
+	} else
+		memcpy(iv, cc->evp->iv, len);
+#endif
 	return 0;
 }
 
@@ -635,32 +556,24 @@ cipher_set_keyiv(struct sshcipher_ctx *cc, const u_char *iv)
 	if ((cc->cipher->flags & CFLAG_NONE) != 0)
 		return 0;
 
-	switch (c->number) {
 #ifdef WITH_OPENSSL
-	case SSH_CIPHER_SSH2:
-	case SSH_CIPHER_DES:
-	case SSH_CIPHER_BLOWFISH:
-		evplen = EVP_CIPHER_CTX_iv_length(cc->evp);
-		if (evplen <= 0)
-			return SSH_ERR_LIBCRYPTO_ERROR;
+	evplen = EVP_CIPHER_CTX_iv_length(cc->evp);
+	if (evplen <= 0)
+		return SSH_ERR_LIBCRYPTO_ERROR;
 #ifndef OPENSSL_HAVE_EVPCTR
-		/* XXX iv arg is const, but ssh_aes_ctr_iv isn't */
-		if (c->evptype == evp_aes_128_ctr)
-			ssh_aes_ctr_iv(cc->evp, 1, (u_char *)iv, evplen);
-		else
+	/* XXX iv arg is const, but ssh_aes_ctr_iv isn't */
+	if (c->evptype == evp_aes_128_ctr)
+		ssh_aes_ctr_iv(cc->evp, 1, (u_char *)iv, evplen);
+	else
 #endif
-		if (cipher_authlen(c)) {
-			/* XXX iv arg is const, but EVP_CIPHER_CTX_ctrl isn't */
-			if (!EVP_CIPHER_CTX_ctrl(cc->evp,
-			    EVP_CTRL_GCM_SET_IV_FIXED, -1, (void *)iv))
-				return SSH_ERR_LIBCRYPTO_ERROR;
-		} else
-			memcpy(cc->evp->iv, iv, evplen);
-		break;
+	if (cipher_authlen(c)) {
+		/* XXX iv arg is const, but EVP_CIPHER_CTX_ctrl isn't */
+		if (!EVP_CIPHER_CTX_ctrl(cc->evp,
+		    EVP_CTRL_GCM_SET_IV_FIXED, -1, (void *)iv))
+			return SSH_ERR_LIBCRYPTO_ERROR;
+	} else
+		memcpy(cc->evp->iv, iv, evplen);
 #endif
-	default:
-		return SSH_ERR_INVALID_ARGUMENT;
-	}
 	return 0;
 }
 
diff --git a/cipher.h b/cipher.h
index f4bca628..312bbc8a 100644
--- a/cipher.h
+++ b/cipher.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: cipher.h,v 1.49 2016/08/03 05:41:57 djm Exp $ */
+/* $OpenBSD: cipher.h,v 1.50 2017/04/30 23:15:04 djm Exp $ */
 
 /*
  * Author: Tatu Ylonen <ylo at cs.hut.fi>
@@ -42,34 +42,13 @@
 #include "cipher-chachapoly.h"
 #include "cipher-aesctr.h"
 
-/*
- * Cipher types for SSH-1.  New types can be added, but old types should not
- * be removed for compatibility.  The maximum allowed value is 31.
- */
-#define SSH_CIPHER_SSH2		-3
-#define SSH_CIPHER_INVALID	-2	/* No valid cipher selected. */
-#define SSH_CIPHER_NOT_SET	-1	/* None selected (invalid number). */
-#define SSH_CIPHER_NONE		0	/* no encryption */
-#define SSH_CIPHER_IDEA		1	/* IDEA CFB */
-#define SSH_CIPHER_DES		2	/* DES CBC */
-#define SSH_CIPHER_3DES		3	/* 3DES CBC */
-#define SSH_CIPHER_BROKEN_TSS	4	/* TRI's Simple Stream encryption CBC */
-#define SSH_CIPHER_BROKEN_RC4	5	/* Alleged RC4 */
-#define SSH_CIPHER_BLOWFISH	6
-#define SSH_CIPHER_RESERVED	7
-#define SSH_CIPHER_MAX		31
-
 #define CIPHER_ENCRYPT		1
 #define CIPHER_DECRYPT		0
 
 struct sshcipher;
 struct sshcipher_ctx;
 
-u_int	 cipher_mask_ssh1(int);
 const struct sshcipher *cipher_by_name(const char *);
-const struct sshcipher *cipher_by_number(int);
-int	 cipher_number(const char *);
-char	*cipher_name(int);
 const char *cipher_warning_message(const struct sshcipher_ctx *);
 int	 ciphers_valid(const char *);
 char	*cipher_alg_list(char, int);
@@ -90,9 +69,7 @@ u_int	 cipher_ivlen(const struct sshcipher *);
 u_int	 cipher_is_cbc(const struct sshcipher *);
 
 u_int	 cipher_ctx_is_plaintext(struct sshcipher_ctx *);
-u_int	 cipher_ctx_get_number(struct sshcipher_ctx *);
 
-u_int	 cipher_get_number(const struct sshcipher *);
 int	 cipher_get_keyiv(struct sshcipher_ctx *, u_char *, u_int);
 int	 cipher_set_keyiv(struct sshcipher_ctx *, const u_char *);
 int	 cipher_get_keyiv_len(const struct sshcipher_ctx *);
diff --git a/readconf.c b/readconf.c
index 963c648b..5a7197c1 100644
--- a/readconf.c
+++ b/readconf.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: readconf.c,v 1.273 2017/04/30 23:11:45 djm Exp $ */
+/* $OpenBSD: readconf.c,v 1.274 2017/04/30 23:15:04 djm Exp $ */
 /*
  * Author: Tatu Ylonen <ylo at cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo at cs.hut.fi>, Espoo, Finland
@@ -182,6 +182,7 @@ static struct {
 } keywords[] = {
 	/* Deprecated options */
 	{ "protocol", oIgnore }, /* NB. silently ignored */
+	{ "cipher", oDeprecated },
 	{ "fallbacktorsh", oDeprecated },
 	{ "globalknownhostsfile2", oDeprecated },
 	{ "rhostsauthentication", oDeprecated },
@@ -240,7 +241,6 @@ static struct {
 	{ "hostkeyalias", oHostKeyAlias },
 	{ "proxycommand", oProxyCommand },
 	{ "port", oPort },
-	{ "cipher", oCipher },
 	{ "ciphers", oCiphers },
 	{ "macs", oMacs },
 	{ "remoteforward", oRemoteForward },
@@ -1175,19 +1175,6 @@ parse_int:
 		intptr = &options->connection_attempts;
 		goto parse_int;
 
-	case oCipher:
-		intptr = &options->cipher;
-		arg = strdelim(&s);
-		if (!arg || *arg == '\0')
-			fatal("%.200s line %d: Missing argument.", filename, linenum);
-		value = cipher_number(arg);
-		if (value == -1)
-			fatal("%.200s line %d: Bad cipher '%s'.",
-			    filename, linenum, arg ? arg : "<NONE>");
-		if (*activep && *intptr == -1)
-			*intptr = value;
-		break;
-
 	case oCiphers:
 		arg = strdelim(&s);
 		if (!arg || *arg == '\0')
@@ -1811,7 +1798,6 @@ initialize_options(Options * options)
 	options->connection_attempts = -1;
 	options->connection_timeout = -1;
 	options->number_of_password_prompts = -1;
-	options->cipher = -1;
 	options->ciphers = NULL;
 	options->macs = NULL;
 	options->kex_algorithms = NULL;
@@ -1968,9 +1954,6 @@ fill_default_options(Options * options)
 		options->connection_attempts = 1;
 	if (options->number_of_password_prompts == -1)
 		options->number_of_password_prompts = 3;
-	/* Selected in ssh_login(). */
-	if (options->cipher == -1)
-		options->cipher = SSH_CIPHER_NOT_SET;
 	/* options->hostkeyalgorithms, default set in myproposals.h */
 	if (options->add_keys_to_agent == -1)
 		options->add_keys_to_agent = 0;
@@ -2603,10 +2586,6 @@ dump_client_config(Options *o, const char *host)
 		printf("\n");
 	}
 
-	/* oCipher */
-	if (o->cipher != SSH_CIPHER_NOT_SET)
-		printf("Cipher %s\n", cipher_name(o->cipher));
-
 	/* oControlPersist */
 	if (o->control_persist == 0 || o->control_persist_timeout == 0)
 		dump_cfg_fmtint(oControlPersist, o->control_persist);
diff --git a/readconf.h b/readconf.h
index f5386485..c2ffd9ed 100644
--- a/readconf.h
+++ b/readconf.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: readconf.h,v 1.119 2017/04/30 23:11:45 djm Exp $ */
+/* $OpenBSD: readconf.h,v 1.120 2017/04/30 23:15:04 djm Exp $ */
 
 /*
  * Author: Tatu Ylonen <ylo at cs.hut.fi>
@@ -70,7 +70,6 @@ typedef struct {
 					 * aborting connection attempt */
 	int     number_of_password_prompts;	/* Max number of password
 						 * prompts. */
-	int     cipher;		/* Cipher to use. */
 	char   *ciphers;	/* SSH2 ciphers in order of preference. */
 	char   *macs;		/* SSH2 macs in order of preference. */
 	char   *hostkeyalgorithms;	/* SSH2 server key types in order of preference. */
diff --git a/ssh.c b/ssh.c
index a682ce91..c1316f44 100644
--- a/ssh.c
+++ b/ssh.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssh.c,v 1.455 2017/04/30 23:13:25 djm Exp $ */
+/* $OpenBSD: ssh.c,v 1.456 2017/04/30 23:15:04 djm Exp $ */
 /*
  * Author: Tatu Ylonen <ylo at cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo at cs.hut.fi>, Espoo, Finland
@@ -813,27 +813,14 @@ main(int ac, char **av)
 			}
 			break;
 		case 'c':
-			if (ciphers_valid(*optarg == '+' ?
+			if (!ciphers_valid(*optarg == '+' ?
 			    optarg + 1 : optarg)) {
-				/* SSH2 only */
-				free(options.ciphers);
-				options.ciphers = xstrdup(optarg);
-				options.cipher = SSH_CIPHER_INVALID;
-				break;
-			}
-			/* SSH1 only */
-			options.cipher = cipher_number(optarg);
-			if (options.cipher == -1) {
 				fprintf(stderr, "Unknown cipher type '%s'\n",
 				    optarg);
 				exit(255);
 			}
-			if (options.cipher == SSH_CIPHER_3DES)
-				options.ciphers = xstrdup("3des-cbc");
-			else if (options.cipher == SSH_CIPHER_BLOWFISH)
-				options.ciphers = xstrdup("blowfish-cbc");
-			else
-				options.ciphers = xstrdup(KEX_CLIENT_ENCRYPT);
+			free(options.ciphers);
+			options.ciphers = xstrdup(optarg);
 			break;
 		case 'm':
 			if (mac_valid(optarg)) {
diff --git a/sshkey.c b/sshkey.c
index 045f1284..1741d9b1 100644
--- a/sshkey.c
+++ b/sshkey.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: sshkey.c,v 1.46 2017/04/30 23:10:43 djm Exp $ */
+/* $OpenBSD: sshkey.c,v 1.47 2017/04/30 23:15:04 djm Exp $ */
 /*
  * Copyright (c) 2000, 2001 Markus Friedl.  All rights reserved.
  * Copyright (c) 2008 Alexander von Gernler.  All rights reserved.
@@ -2971,12 +2971,8 @@ sshkey_private_to_blob2(const struct sshkey *prv, struct sshbuf *blob,
 		kdfname = "none";
 	} else if (ciphername == NULL)
 		ciphername = DEFAULT_CIPHERNAME;
-	else if (cipher_number(ciphername) != SSH_CIPHER_SSH2) {
-		r = SSH_ERR_INVALID_ARGUMENT;
-		goto out;
-	}
 	if ((cipher = cipher_by_name(ciphername)) == NULL) {
-		r = SSH_ERR_INTERNAL_ERROR;
+		r = SSH_ERR_INVALID_ARGUMENT;
 		goto out;
 	}
 

-- 
To stop receiving notification emails like this one, please contact
djm at mindrot.org.


More information about the openssh-commits mailing list