Implement hmac-sha1-96. It's RECOMMENDED in the current transport draft,

[u/mdw/putty] / ssh.c

diff --git a/ssh.c b/ssh.c
index 91bfa88..d1b7acc 100644 (file)
--- a/ssh.c
+++ b/ssh.c
@@ -462,10 +462,10 @@ static void do_ssh2_authconn(Ssh ssh, unsigned char *in, int inlen,
 const static struct ssh_signkey *hostkey_algs[] = { &ssh_rsa, &ssh_dss };
 
 const static struct ssh_mac *macs[] = {
-    &ssh_hmac_sha1, &ssh_hmac_md5
+    &ssh_hmac_sha1, &ssh_hmac_sha1_96, &ssh_hmac_md5
 };
 const static struct ssh_mac *buggymacs[] = {
-    &ssh_hmac_sha1_buggy, &ssh_hmac_md5
+    &ssh_hmac_sha1_buggy, &ssh_hmac_sha1_96_buggy, &ssh_hmac_md5
 };
 
 static void *ssh_comp_none_init(void)
@@ -705,7 +705,7 @@ struct ssh_tag {
     void *cs_comp_ctx, *sc_comp_ctx;
     const struct ssh_kex *kex;
     const struct ssh_signkey *hostkey;
-    unsigned char v2_session_id[20];
+    unsigned char v2_session_id[32];
     int v2_session_id_len;
     void *kex_ctx;
 
@@ -4994,7 +4994,7 @@ static int do_ssh2_transport(Ssh ssh, void *vin, int inlen,
        char *hostkeydata, *sigdata, *keystr, *fingerprint;
        int hostkeylen, siglen;
        void *hkey;                    /* actual host key */
-       unsigned char exchange_hash[20];
+       unsigned char exchange_hash[32];
        int n_preferred_kex;
        const struct ssh_kexes *preferred_kex[KEX_MAX];
        int n_preferred_ciphers;