[Bug 2209] New: Problem logging into Cisco devices under 6.5p1 (kexgexc.c)

Fri Mar 7 12:35:27 EST 2014

https://bugzilla.mindrot.org/show_bug.cgi?id=2209

            Bug ID: 2209
           Summary: Problem logging into Cisco devices under 6.5p1
                    (kexgexc.c)
           Product: Portable OpenSSH
           Version: 6.5p1
          Hardware: amd64
                OS: FreeBSD
            Status: NEW
          Severity: normal
          Priority: P5
         Component: ssh
          Assignee: unassigned-bugs at mindrot.org
          Reporter: openssh at pki2.com

With the upgrade to 6.5 under FreeBSD I can no longer log into Cisco
devices. I traced the problem down to the code fragment below, which
was a change made in late January.

During the key exchange under 6.5 this is a clue:

debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<8192<8192) sent

Compared to 6.2:

debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<4096<8192) sent

I reverted the patch in my source and the problem goes away. I am
unfamiliar with the OpenSSH source so I do not know what is the correct
thing to do.




Index: kexgexc.c
===================================================================
RCS file: /cvs/src/usr.bin/ssh/kexgexc.c,v
retrieving revision 1.15
diff -u -p -r1.15 kexgexc.c

--- kexgexc.c   12 Jan 2014 08:13:13 -0000      1.15
+++ kexgexc.c   25 Jan 2014 10:04:23 -0000
@@ -55,7 +55,7 @@ kexgex_client(Kex *kex)
        int min, max, nbits;
        DH *dh;

-       nbits = dh_estimate(kex->we_need * 8);
+       nbits = dh_estimate(kex->dh_need * 8);

        if (datafellows & SSH_OLD_DHGEX) {
                /* Old GEX request */

-- 
You are receiving this mail because:
You are watching the assignee of the bug.
