Announce: OpenSSH 6.2 released

Roumen Petrov openssh at roumenpetrov.info
Wed Mar 27 08:36:03 EST 2013 

Corinna Vinschen wrote:
> Hi guys,
>
> On Mar 21 18:38, Damien Miller wrote:
>> Changes since OpenSSH 6.1
>> =========================
>>
>> This release introduces a number of new features:
>>
>> Features:
>>
>>   * ssh(1)/sshd(8): Added support for AES-GCM authenticated encryption in
>>     SSH protocol 2. The new cipher is available as aes128-gcm at openssh.com
>>     and aes256-gcm at openssh.com. It uses an identical packet format to the
>>     AES-GCM mode specified in RFC 5647, but uses simpler and different
>>     selection rules during key exchange.
>>
>>   * ssh(1)/sshd(8): Added support for encrypt-then-mac (EtM) MAC modes
>>     for SSH protocol 2. These modes alter the packet format and compute
>>     the MAC over the packet length and encrypted packet rather than over
>>     the plaintext data. These modes are considered more secure and are
>>     used by default when available.
>>
>>   * ssh(1)/sshd(8): Added support for the UMAC-128 MAC as
>>     "umac-128 at openssh.com" and "umac-128-etm at openssh.com". The latter
>>     being an encrypt-then-mac mode.
> while I can build openssh-6.2p1 fine on Cygwin for i686, I just found
> that it doesn't build on the yet-to-be-released Cygwin for x86_64.
>
> The reason is a clash of the UINT64 type.  It gets defined in umac.c as
> well as in the Windows headers.  The Windows headers define it like
> this:
>
>    typedef unsigned __int64 UINT64,*PUINT64;

winapi:
$ grep  typedef.*UINT b*
basetsd.h:typedef unsigned char UINT8;
basetsd.h:typedef unsigned short UINT16;
basetsd.h:typedef unsigned int UINT32, *PUINT32;
basetsd.h:typedef unsigned __int64 UINT_PTR, *PUINT_PTR;
basetsd.h:typedef  unsigned int UINT_PTR, *PUINT_PTR;
basetsd.h:typedef unsigned __int64 UINT64,  *PUINT64;

openssh:
$ grep  typedef.*UINT u*
umac.c:typedef u_int8_t UINT8;  /* 1 byte   */
umac.c:typedef u_int16_t        UINT16; /* 2 byte   */
umac.c:typedef u_int32_t        UINT32; /* 4 byte   */
umac.c:typedef u_int64_t        UINT64; /* 8 bytes  */

>
> The interesting thing here is that the same clash occurs in the i686
> version, but gcc does not complain.  It only complains when building
> for x86_64 for some reason.  It could be a result of using different
> gcc versions (4.5.3 on i686, 4.8.0 on x86_64), but I'm not sure.
>
> For the time being, I applied the following patch:
>
> Index: openbsd-compat/bsd-cygwin_util.h
> ===================================================================
> RCS file: /cvs/openssh/openbsd-compat/bsd-cygwin_util.h,v
> retrieving revision 1.15
> diff -u -p -r1.15 bsd-cygwin_util.h
> --- openbsd-compat/bsd-cygwin_util.h	28 Aug 2012 09:57:19 -0000	1.15
> +++ openbsd-compat/bsd-cygwin_util.h	26 Mar 2013 19:45:01 -0000
> @@ -37,10 +37,13 @@
>   #undef ERROR
>   
>   #define WIN32_LEAN_AND_MEAN
> +#define UINT64 __UINT64
>   
>   #include <windows.h>
>   #include <sys/cygwin.h>
>   #include <io.h>
> +
> +#undef UINT64
>   
>   /* Make sure _WIN32 isn't defined later in the code, otherwise headers from
>      other packages might get the wrong idea about the target system. */
>
> Is that ok to apply?
Question is if build is fine  for UINTnn where nn < 64 , why fail for 64 ?

May be correct patch is to define u_int64_t to be same as as unsigned 
__int64 ?
Please confirm that u_intNN_t, where NN < 64 are properly (re-)defined ?

>
> Thanks,
> Corinna
>
Regards,
Roumen

-- 
Get X.509 certificates support in OpenSSH:
http://roumenpetrov.info/openssh/

More information about the openssh-unix-dev mailing list