LogoopenSUSE Build Service > Projects
Sign Up | Log In

View File openssh-rsa512.patch of Package openssh (Project home:msvec)

diff -urw openssh-5.6p1.orig/ssh-rsa.c openssh-5.6p1/ssh-rsa.c
--- openssh-5.6p1.orig/ssh-rsa.c	2010-09-07 18:20:17.000000000 +0200
+++ openssh-5.6p1/ssh-rsa.c	2010-09-07 18:22:39.000000000 +0200
@@ -34,6 +34,7 @@
 #include "ssh.h"
 
 static int openssh_RSA_verify(int, u_char *, u_int, u_char *, u_int, RSA *);
+int ssh_rsa_minimum_modulus_size = SSH_RSA_MINIMUM_MODULUS_SIZE;
 
 /* RSASSA-PKCS1-v1_5 (PKCS #1 v2.0 signature) with SHA1 */
 int
@@ -120,9 +121,9 @@
 		error("ssh_rsa_verify: no RSA key");
 		return -1;
 	}
-	if (BN_num_bits(key->rsa->n) < SSH_RSA_MINIMUM_MODULUS_SIZE) {
+	if (BN_num_bits(key->rsa->n) < ssh_rsa_minimum_modulus_size) {
 		error("ssh_rsa_verify: RSA modulus too small: %d < minimum %d bits",
-		    BN_num_bits(key->rsa->n), SSH_RSA_MINIMUM_MODULUS_SIZE);
+		    BN_num_bits(key->rsa->n), ssh_rsa_minimum_modulus_size);
 		return -1;
 	}
 	buffer_init(&b);
Only in openssh-5.6p1: ssh-rsa.c.orig
diff -urw openssh-5.6p1.orig/ssh.1 openssh-5.6p1/ssh.1
--- openssh-5.6p1.orig/ssh.1	2010-09-07 18:20:17.000000000 +0200
+++ openssh-5.6p1/ssh.1	2010-09-07 18:22:39.000000000 +0200
@@ -658,6 +658,11 @@
 option in
 .Xr ssh_config 5
 or the
+.It Fl z Ar rsa_minimum_modulus_size
+Use
+.Ar rsa_minimum_modulus_size
+as the minimum size of the RSA modulus (useful for older switches and
+other network appliances).
 .Fl 1
 and
 .Fl 2
Only in openssh-5.6p1: ssh.1.orig
diff -urw openssh-5.6p1.orig/ssh.c openssh-5.6p1/ssh.c
--- openssh-5.6p1.orig/ssh.c	2010-09-07 18:20:17.000000000 +0200
+++ openssh-5.6p1/ssh.c	2010-09-07 19:29:21.000000000 +0200
@@ -188,6 +188,7 @@
 /* mux.c */
 extern int muxserver_sock;
 extern u_int muxclient_command;
+extern int ssh_rsa_minimum_modulus_size;
 
 /* Prints a help message to the user.  This function never returns. */
 
@@ -202,6 +203,7 @@
 "           [-l login_name] [-m mac_spec] [-O ctl_cmd] [-o option] [-p port]\n"
 "           [-R [bind_address:]port:host:hostport] [-S ctl_path]\n"
 "           [-W host:port] [-w local_tun[:remote_tun]]\n"
+"           [-z ssh_rsa_minimum_modulus_size]\n"
 "           [user@]hostname [command]\n"
 	);
 	exit(255);
@@ -297,7 +299,7 @@
 	argv0 = av[0];
 
  again:
-	while ((opt = getopt(ac, av, "1246ab:c:e:fgi:kl:m:no:p:qstvx"
+	while ((opt = getopt(ac, av, "1246ab:c:e:fgi:kl:m:no:p:qstvxz:"
 	    "ACD:F:I:KL:MNO:PR:S:TVw:W:XYy")) != -1) {
 		switch (opt) {
 		case '1':
@@ -569,6 +571,9 @@
 		case 'F':
 			config = optarg;
 			break;
+		case 'z':
+			ssh_rsa_minimum_modulus_size = atoi(optarg);
+			break;
 		default:
 			usage();
 		}
diff -urw openssh-5.6p1.orig/ssh.h openssh-5.6p1/ssh.h
--- openssh-5.6p1.orig/ssh.h	2010-09-07 18:20:17.000000000 +0200
+++ openssh-5.6p1/ssh.h	2010-09-07 19:10:14.000000000 +0200
@@ -93,7 +93,7 @@
 #endif
 
 /* Minimum modulus size (n) for RSA keys. */
-#define SSH_RSA_MINIMUM_MODULUS_SIZE	768
+#define SSH_RSA_MINIMUM_MODULUS_SIZE	512
 
 /* Listen backlog for sshd, ssh-agent and forwarding sockets */
 #define SSH_LISTEN_BACKLOG		128