diff options
author | Damien Miller <djm@mindrot.org> | 2013-02-16 17:32:31 +1100 |
---|---|---|
committer | Damien Miller <djm@mindrot.org> | 2013-02-16 17:32:31 +1100 |
commit | 5d7b9565bc2cc2b0734a6e8b0b7ab781745d35f9 (patch) | |
tree | 0cfa2603bfae0bc7d7d6951a29282032aba57c1e | |
parent | 2991d288db4355a54f0860be184c31343cb2c139 (diff) |
- djm@cvs.openbsd.org 2013/02/16 06:08:45
[integrity.sh]
make sure the fuzz offset is actually past the end of KEX for all KEX
types. diffie-hellman-group-exchange-sha256 requires an offset around
2700. Noticed via test failures in portable OpenSSH on platforms that
lack ECC and this the more byte-frugal ECDH KEX algorithms.
-rw-r--r-- | ChangeLog | 9 | ||||
-rw-r--r-- | regress/integrity.sh | 6 |
2 files changed, 12 insertions, 3 deletions
@@ -1,3 +1,12 @@ +20130216 + - OpenBSD CVS Sync + - djm@cvs.openbsd.org 2013/02/16 06:08:45 + [integrity.sh] + make sure the fuzz offset is actually past the end of KEX for all KEX + types. diffie-hellman-group-exchange-sha256 requires an offset around + 2700. Noticed via test failures in portable OpenSSH on platforms that + lack ECC and this the more byte-frugal ECDH KEX algorithms. + 20130215 - (djm) [contrib/suse/rc.sshd] Use SSHD_BIN consistently; bz#2056 from Iain Morgan diff --git a/regress/integrity.sh b/regress/integrity.sh index bcace97e..d779aa93 100644 --- a/regress/integrity.sh +++ b/regress/integrity.sh @@ -1,13 +1,13 @@ -# $OpenBSD: integrity.sh,v 1.2 2013/01/12 11:23:53 djm Exp $ +# $OpenBSD: integrity.sh,v 1.3 2013/02/16 06:08:45 djm Exp $ # Placed in the Public Domain. tid="integrity" -# start at byte 2500 (i.e. after kex) and corrupt at different offsets +# start at byte 2800 (i.e. after kex) and corrupt at different offsets # XXX the test hangs if we modify the low bytes of the packet length # XXX and ssh tries to read... tries=10 -startoffset=2500 +startoffset=2800 macs="hmac-sha1 hmac-md5 umac-64@openssh.com umac-128@openssh.com hmac-sha1-96 hmac-md5-96 hmac-sha2-256 hmac-sha2-512 hmac-sha1-etm@openssh.com hmac-md5-etm@openssh.com |