96d659bf35
This release fixes a security bug: * sshd(8): fix a memory corruption problem triggered during rekeying when an AES-GCM cipher is selected. Full details of the vulnerability are available at: http://www.openssh.com/txt/gcmrekey.adv Signed-off-by: Peter Wagner <tripolar@gmx.at> git-svn-id: svn://svn.openwrt.org/openwrt/packages@38693 3c298f89-4303-0410-b956-a3cf2f4a3e73
24 lines
938 B
Diff
24 lines
938 B
Diff
--- a/mac.c
|
|
+++ b/mac.c
|
|
@@ -70,8 +70,10 @@ static const struct macalg macs[] = {
|
|
#endif
|
|
{ "hmac-md5", SSH_EVP, EVP_md5, 0, 0, 0, 0 },
|
|
{ "hmac-md5-96", SSH_EVP, EVP_md5, 96, 0, 0, 0 },
|
|
+#ifndef OPENSSL_NO_RIPEMD
|
|
{ "hmac-ripemd160", SSH_EVP, EVP_ripemd160, 0, 0, 0, 0 },
|
|
{ "hmac-ripemd160@openssh.com", SSH_EVP, EVP_ripemd160, 0, 0, 0, 0 },
|
|
+#endif
|
|
{ "umac-64@openssh.com", SSH_UMAC, NULL, 0, 128, 64, 0 },
|
|
{ "umac-128@openssh.com", SSH_UMAC128, NULL, 0, 128, 128, 0 },
|
|
|
|
@@ -84,7 +86,9 @@ static const struct macalg macs[] = {
|
|
#endif
|
|
{ "hmac-md5-etm@openssh.com", SSH_EVP, EVP_md5, 0, 0, 0, 1 },
|
|
{ "hmac-md5-96-etm@openssh.com", SSH_EVP, EVP_md5, 96, 0, 0, 1 },
|
|
+#ifndef OPENSSL_NO_RIPEMD
|
|
{ "hmac-ripemd160-etm@openssh.com", SSH_EVP, EVP_ripemd160, 0, 0, 0, 1 },
|
|
+#endif
|
|
{ "umac-64-etm@openssh.com", SSH_UMAC, NULL, 0, 128, 64, 1 },
|
|
{ "umac-128-etm@openssh.com", SSH_UMAC128, NULL, 0, 128, 128, 1 },
|
|
|