[Bug 1055] Problem with arcfour cipher and OpenSSL 0.9.7g

[bugzilla-daemon at mindrot.org]

http://bugzilla.mindrot.org/show_bug.cgi?id=1055

           Summary: Problem with arcfour cipher and OpenSSL 0.9.7g
           Product: Portable OpenSSH
           Version: 4.1p1
          Platform: Itanium2
        OS/Version: Linux
            Status: NEW
          Severity: major
          Priority: P2
         Component: sshd
        AssignedTo: bitbucket at mindrot.org
        ReportedBy: imorgan at nas.nasa.gov


When building OpenSSH 4.1p1 against OpenSSL 0.9.7g, 'make tests'
indicates that the arcfour cipher fails in regress/try-ciphers.sh. All
other ciphers are successful.

The ssh client can successfully use arcfour when talking to previous
builds of OpenSSH compiled against OpenSSL 0.9.7e. However, when connecting
to the newly built sshd with either the newly built ssh or the previous
(OpwnSSH 3.9p1) build, the connection is broken immediately after
authentication with a "Bad packet length" message.

Note that OpenSSL 0.9.7f introduced assembler code for the RC4 algorithm
on the IA64 architecture. Building OpenSSL with the 'no_asm' flag eliminates
the issue, but also kills performance. Running OpenSSL's 'make test'
shows no problem with the RC4 algorithm. Further, comparing the output
from 'make test' for version 0.9.7g against 0.9.7e shows no difference
in regards to RC4.

A slightly more elegant workaround for this issue is to set the RC4_CHAR
flage _and_ edit crypto/rc4/asm/rc4-ia64.S; changing SZ=4 to SZ=1.

Since this problem seems to only affect sshd and only occurs after
authentication, I'm wondering if there could be an issue with the key
exchange that appears to occur after authentication.



------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.