summaryrefslogtreecommitdiffstats
path: root/network/dsniff/24_Fix-OpenSSL1.1.0-Build.patch
diff options
context:
space:
mode:
Diffstat (limited to 'network/dsniff/24_Fix-OpenSSL1.1.0-Build.patch')
-rw-r--r--network/dsniff/24_Fix-OpenSSL1.1.0-Build.patch202
1 files changed, 202 insertions, 0 deletions
diff --git a/network/dsniff/24_Fix-OpenSSL1.1.0-Build.patch b/network/dsniff/24_Fix-OpenSSL1.1.0-Build.patch
new file mode 100644
index 0000000000..db7739ee34
--- /dev/null
+++ b/network/dsniff/24_Fix-OpenSSL1.1.0-Build.patch
@@ -0,0 +1,202 @@
+Description: Fix build with OpenSSL 1.1.0
+Author: Christoph Biedl <debian.axhn@manchmal.in-ulm.de>
+---
+This patch header follows DEP-3: http://dep.debian.net/deps/dep3/
+
+
+--- a/ssh.c
++++ b/ssh.c
+@@ -234,7 +234,10 @@
+ u_char *p, cipher, cookie[8], msg[1024];
+ u_int32_t num;
+ int i;
+-
++
++ const BIGNUM *servkey_e, *servkey_n;
++ const BIGNUM *hostkey_e, *hostkey_n;
++
+ /* Generate anti-spoofing cookie. */
+ RAND_bytes(cookie, sizeof(cookie));
+
+@@ -243,11 +246,13 @@
+ *p++ = SSH_SMSG_PUBLIC_KEY; /* type */
+ memcpy(p, cookie, 8); p += 8; /* cookie */
+ num = 768; PUTLONG(num, p); /* servkey bits */
+- put_bn(ssh->ctx->servkey->e, &p); /* servkey exponent */
+- put_bn(ssh->ctx->servkey->n, &p); /* servkey modulus */
++ RSA_get0_key(ssh->ctx->servkey, &servkey_n, &servkey_e, NULL);
++ put_bn(servkey_e, &p); /* servkey exponent */
++ put_bn(servkey_n, &p); /* servkey modulus */
+ num = 1024; PUTLONG(num, p); /* hostkey bits */
+- put_bn(ssh->ctx->hostkey->e, &p); /* hostkey exponent */
+- put_bn(ssh->ctx->hostkey->n, &p); /* hostkey modulus */
++ RSA_get0_key(ssh->ctx->hostkey, &hostkey_n, &hostkey_e, NULL);
++ put_bn(hostkey_e, &p); /* hostkey exponent */
++ put_bn(hostkey_n, &p); /* hostkey modulus */
+ num = 0; PUTLONG(num, p); /* protocol flags */
+ num = ssh->ctx->encmask; PUTLONG(num, p); /* ciphers */
+ num = ssh->ctx->authmask; PUTLONG(num, p); /* authmask */
+@@ -298,7 +303,7 @@
+ SKIP(p, i, 4);
+
+ /* Decrypt session key. */
+- if (BN_cmp(ssh->ctx->servkey->n, ssh->ctx->hostkey->n) > 0) {
++ if (BN_cmp(servkey_n, hostkey_n) > 0) {
+ rsa_private_decrypt(enckey, enckey, ssh->ctx->servkey);
+ rsa_private_decrypt(enckey, enckey, ssh->ctx->hostkey);
+ }
+@@ -318,8 +323,8 @@
+ BN_clear_free(enckey);
+
+ /* Derive real session key using session id. */
+- if ((p = ssh_session_id(cookie, ssh->ctx->hostkey->n,
+- ssh->ctx->servkey->n)) == NULL) {
++ if ((p = ssh_session_id(cookie, hostkey_n,
++ servkey_n)) == NULL) {
+ warn("ssh_session_id");
+ return (-1);
+ }
+@@ -328,10 +333,8 @@
+ }
+ /* Set cipher. */
+ if (cipher == SSH_CIPHER_3DES) {
+- ssh->estate = des3_init(ssh->sesskey, sizeof(ssh->sesskey));
+- ssh->dstate = des3_init(ssh->sesskey, sizeof(ssh->sesskey));
+- ssh->encrypt = des3_encrypt;
+- ssh->decrypt = des3_decrypt;
++ warnx("cipher 3des no longer supported");
++ return (-1);
+ }
+ else if (cipher == SSH_CIPHER_BLOWFISH) {
+ ssh->estate = blowfish_init(ssh->sesskey,sizeof(ssh->sesskey));
+@@ -357,7 +360,10 @@
+ u_char *p, cipher, cookie[8], msg[1024];
+ u_int32_t num;
+ int i;
+-
++
++ BIGNUM *servkey_n, *servkey_e;
++ BIGNUM *hostkey_n, *hostkey_e;
++
+ /* Get public key. */
+ if ((i = SSH_recv(ssh, pkt, sizeof(pkt))) <= 0) {
+ warn("SSH_recv");
+@@ -379,21 +385,23 @@
+
+ /* Get servkey. */
+ ssh->ctx->servkey = RSA_new();
+- ssh->ctx->servkey->n = BN_new();
+- ssh->ctx->servkey->e = BN_new();
++ servkey_n = BN_new();
++ servkey_e = BN_new();
++ RSA_set0_key(ssh->ctx->servkey, servkey_n, servkey_e, NULL);
+
+ SKIP(p, i, 4);
+- get_bn(ssh->ctx->servkey->e, &p, &i);
+- get_bn(ssh->ctx->servkey->n, &p, &i);
++ get_bn(servkey_e, &p, &i);
++ get_bn(servkey_n, &p, &i);
+
+ /* Get hostkey. */
+ ssh->ctx->hostkey = RSA_new();
+- ssh->ctx->hostkey->n = BN_new();
+- ssh->ctx->hostkey->e = BN_new();
++ hostkey_n = BN_new();
++ hostkey_e = BN_new();
++ RSA_set0_key(ssh->ctx->hostkey, hostkey_n, hostkey_e, NULL);
+
+ SKIP(p, i, 4);
+- get_bn(ssh->ctx->hostkey->e, &p, &i);
+- get_bn(ssh->ctx->hostkey->n, &p, &i);
++ get_bn(hostkey_e, &p, &i);
++ get_bn(hostkey_n, &p, &i);
+
+ /* Get cipher, auth masks. */
+ SKIP(p, i, 4);
+@@ -405,8 +413,8 @@
+ RAND_bytes(ssh->sesskey, sizeof(ssh->sesskey));
+
+ /* Obfuscate with session id. */
+- if ((p = ssh_session_id(cookie, ssh->ctx->hostkey->n,
+- ssh->ctx->servkey->n)) == NULL) {
++ if ((p = ssh_session_id(cookie, hostkey_n,
++ servkey_n)) == NULL) {
+ warn("ssh_session_id");
+ return (-1);
+ }
+@@ -422,7 +430,7 @@
+ else BN_add_word(bn, ssh->sesskey[i]);
+ }
+ /* Encrypt session key. */
+- if (BN_cmp(ssh->ctx->servkey->n, ssh->ctx->hostkey->n) < 0) {
++ if (BN_cmp(servkey_n, hostkey_n) < 0) {
+ rsa_public_encrypt(bn, bn, ssh->ctx->servkey);
+ rsa_public_encrypt(bn, bn, ssh->ctx->hostkey);
+ }
+@@ -470,10 +478,8 @@
+ ssh->decrypt = blowfish_decrypt;
+ }
+ else if (cipher == SSH_CIPHER_3DES) {
+- ssh->estate = des3_init(ssh->sesskey, sizeof(ssh->sesskey));
+- ssh->dstate = des3_init(ssh->sesskey, sizeof(ssh->sesskey));
+- ssh->encrypt = des3_encrypt;
+- ssh->decrypt = des3_decrypt;
++ warnx("cipher 3des no longer supported");
++ return (-1);
+ }
+ /* Get server response. */
+ if ((i = SSH_recv(ssh, pkt, sizeof(pkt))) <= 0) {
+--- a/sshcrypto.c
++++ b/sshcrypto.c
+@@ -28,10 +28,12 @@
+ u_char iv[8];
+ };
+
++#if 0
+ struct des3_state {
+ des_key_schedule k1, k2, k3;
+ des_cblock iv1, iv2, iv3;
+ };
++#endif
+
+ void
+ rsa_public_encrypt(BIGNUM *out, BIGNUM *in, RSA *key)
+@@ -39,10 +41,12 @@
+ u_char *inbuf, *outbuf;
+ int len, ilen, olen;
+
+- if (BN_num_bits(key->e) < 2 || !BN_is_odd(key->e))
++ const BIGNUM *n, *e;
++ RSA_get0_key(key, &n, &e, NULL);
++ if (BN_num_bits(e) < 2 || !BN_is_odd(e))
+ errx(1, "rsa_public_encrypt() exponent too small or not odd");
+
+- olen = BN_num_bytes(key->n);
++ olen = BN_num_bytes(n);
+ outbuf = malloc(olen);
+
+ ilen = BN_num_bytes(in);
+@@ -71,7 +75,9 @@
+ u_char *inbuf, *outbuf;
+ int len, ilen, olen;
+
+- olen = BN_num_bytes(key->n);
++ const BIGNUM *n;
++ RSA_get0_key(key, &n, NULL, NULL);
++ olen = BN_num_bytes(n);
+ outbuf = malloc(olen);
+
+ ilen = BN_num_bytes(in);
+@@ -146,6 +152,7 @@
+ swap_bytes(dst, dst, len);
+ }
+
++#if 0
+ /* XXX - SSH1's weirdo 3DES... */
+ void *
+ des3_init(u_char *sesskey, int len)
+@@ -194,3 +201,4 @@
+ des_ncbc_encrypt(dst, dst, len, dstate->k2, &dstate->iv2, DES_ENCRYPT);
+ des_ncbc_encrypt(dst, dst, len, dstate->k1, &dstate->iv1, DES_DECRYPT);
+ }
++#endif