ServerLiesWarning

[Mordechai T. Abzug]

I'm trying to replace some sshv1 clients and servers in a modular way,
and the "Server Lies" warning (when the server says the key has one
more bit than it really has) is causing heartache.  Per the FAQ, this
is relatively benign.  Here's a patch that allows an admin or user to
disable the warning.

- Morty


diff -Nur openssh-3.7.1p2/readconf.c openssh-3.7.1p2-serverlieswarning/readconf.c
--- openssh-3.7.1p2/readconf.c	2003-09-02 08:58:22.000000000 -0400
+++ openssh-3.7.1p2-serverlieswarning/readconf.c	2003-11-04 02:32:50.000000000 -0500
@@ -104,7 +104,7 @@
 	oHostKeyAlgorithms, oBindAddress, oSmartcardDevice,
 	oClearAllForwardings, oNoHostAuthenticationForLocalhost,
 	oEnableSSHKeysign, oRekeyLimit, oVerifyHostKeyDNS, oConnectTimeout,
-	oAddressFamily, oGssAuthentication, oGssDelegateCreds,
+	oAddressFamily, oGssAuthentication, oGssDelegateCreds, oServerLiesWarning,
 	oDeprecated, oUnsupported
 } OpCodes;
 
@@ -166,6 +166,7 @@
 	{ "batchmode", oBatchMode },
 	{ "checkhostip", oCheckHostIP },
 	{ "stricthostkeychecking", oStrictHostKeyChecking },
+	{ "serverlieswarning", oServerLiesWarning },
 	{ "compression", oCompression },
 	{ "compressionlevel", oCompressionLevel },
 	{ "keepalive", oKeepAlives },
@@ -402,6 +403,10 @@
 		intptr = &options->verify_host_key_dns;
 		goto parse_flag;
 
+	case oServerLiesWarning:
+		intptr = &options->server_lies_warning;
+		goto parse_flag;
+
 	case oStrictHostKeyChecking:
 		intptr = &options->strict_host_key_checking;
 		arg = strdelim(&s);
@@ -856,6 +861,7 @@
 	options->no_host_authentication_for_localhost = - 1;
 	options->rekey_limit = - 1;
 	options->verify_host_key_dns = -1;
+	options->server_lies_warning = -1;
 }
 
 /*
@@ -968,6 +974,8 @@
 		options->rekey_limit = 0;
 	if (options->verify_host_key_dns == -1)
 		options->verify_host_key_dns = 0;
+	if (options->server_lies_warning == -1)
+		options->server_lies_warning = 1;
 	/* options->proxy_command should not be set by default */
 	/* options->user will be set in the main program if appropriate */
 	/* options->hostname will be set in the main program if appropriate */
diff -Nur openssh-3.7.1p2/readconf.h openssh-3.7.1p2-serverlieswarning/readconf.h
--- openssh-3.7.1p2/readconf.h	2003-09-02 08:58:22.000000000 -0400
+++ openssh-3.7.1p2-serverlieswarning/readconf.h	2003-11-04 02:19:21.000000000 -0500
@@ -82,6 +82,7 @@
 	char   *bind_address;	/* local socket address for connection to sshd */
 	char   *smartcard_device; /* Smartcard reader device */
 	int	verify_host_key_dns;	/* Verify host key using DNS */
+	int  server_lies_warning; /* display warning about server lying */
 
 	int     num_identity_files;	/* Number of files for RSA/DSA identities. */
 	char   *identity_files[SSH_MAX_IDENTITY_FILES];
diff -Nur openssh-3.7.1p2/ssh_config.5 openssh-3.7.1p2-serverlieswarning/ssh_config.5
--- openssh-3.7.1p2/ssh_config.5	2003-09-02 22:13:30.000000000 -0400
+++ openssh-3.7.1p2-serverlieswarning/ssh_config.5	2003-11-04 02:45:47.000000000 -0500
@@ -553,6 +553,12 @@
 The default is
 .Dq yes .
 Note that this option applies to protocol version 1 only.
+.It Cm ServerLiesWarning
+Specifies whether or not the client should display the "Server lies" warning
+when the server claims that a key is one bit longer than it is.  
+The default is 
+.Dq yes .
+Disabling this allows better compatibility with older ssh versions.
 .It Cm SmartcardDevice
 Specifies which smartcard device to use.
 The argument to this keyword is the device
diff -Nur openssh-3.7.1p2/sshconnect1.c openssh-3.7.1p2-serverlieswarning/sshconnect1.c
--- openssh-3.7.1p2/sshconnect1.c	2003-09-02 08:51:17.000000000 -0400
+++ openssh-3.7.1p2-serverlieswarning/sshconnect1.c	2003-11-04 02:29:50.000000000 -0500
@@ -494,7 +494,8 @@
 	packet_get_bignum(server_key->rsa->n);
 
 	rbits = BN_num_bits(server_key->rsa->n);
-	if (bits != rbits) {
+	if (bits == rbits + 1 && ! options.server_lies_warning) {
+	} else if (bits != rbits) {
 		logit("Warning: Server lies about size of server public key: "
 		    "actual size is %d bits vs. announced %d.", rbits, bits);
 		logit("Warning: This may be due to an old implementation of ssh.");
@@ -506,7 +507,8 @@
 	packet_get_bignum(host_key->rsa->n);
 
 	rbits = BN_num_bits(host_key->rsa->n);
-	if (bits != rbits) {
+	if (bits == rbits + 1 && ! options.server_lies_warning) {
+	} else if (bits != rbits) {
 		logit("Warning: Server lies about size of server host key: "
 		    "actual size is %d bits vs. announced %d.", rbits, bits);
 		logit("Warning: This may be due to an old implementation of ssh.");