Re: bad bignum encoding for curve25519-sha256@xxxxxxxxxx

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

 



Le 20/04/14 20:26, mancha a écrit :
> On Sun, Apr 20, 2014 at 05:14:08PM +1000, Damien Miller wrote:
>> Hi,
>>
>> The patch fixes the bug and makes OpenSSH identify itself as 6.6.1 so as
>> to distinguish itself from the incorrect versions so the compatibility
>> code to disable the affected KEX isn't activated.
>
> Thanks for the patch. I can provide independent confirmation it fixes
> things. I got 0 failures during key exchange post-patch using my
> custom KEX checker (built against libssl). Pre-patch I was experiencing
> about a 0.17% failure rate.
>
> --mancha
>
>
A libssh contributor noticed this as well. We'll introduce the same
workaround as OpenSSH to avoid interoperability problems.

Aris

_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@xxxxxxxxxxx
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev





[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux