April Fools on the Net
    Home       The Net       Comics       Links       Stories       Buy Stuff    

1997 Fools: patch for ssh-1.2.18


Subject:      patch for ssh-1.2.18
From:         mitch@earth.execpc.com (Mitchell Blank Jr)
Date:         1997/04/01
Message-ID:   <5hqbgr$465$1@earth.execpc.com>
Newsgroups:   comp.security.ssh

(My apologies for posting this to the newsgroup AND the mailing list.
 Obviously it's timely information)

Here is my patch to ssh-1.2.18 to implement rot13 encryption.  To use it,
you need to configure --with-rot13.  It is off by default.

Enjoy, and happy holiday.

-Mitchell Blank Jr
 mitch@execpc.com
 Exec-PC, Systems Administration

diff -cwr ssh-1.2.18-VIRGIN/cipher.c ssh-1.2.18-ROT13/cipher.c
*** ssh-1.2.18-VIRGIN/cipher.c  Thu Mar 27 00:04:13 1997
--- ssh-1.2.18-ROT13/cipher.c   Mon Mar 31 23:18:53 1997
***************
*** 59,68 ****
  #include "ssh.h"
  #include "cipher.h"
  
  /* Names of all encryption algorithms.  These must match the numbers defined
     int cipher.h. */
  static char *cipher_names[] =
! { "none", "idea", "des", "3des", "tss", "arcfour", "blowfish" };
  
  /* Returns a bit mask indicating which ciphers are supported by this
     implementation.  The bit mask has the corresponding bit set of each
--- 59,79 ----
  #include "ssh.h"
  #include "cipher.h"
  
+ #ifdef WITH_ROT13
+ void rot13cpy(char *dest,char *src,unsigned len) {
+   while(len--) {
+     if((*src>='a')&&(*src<='m')) *dest=(*src)+13;
+     else if((*src>='n')&&(*src<='z')) *dest=(*src)-13;
+     else if((*src>='A')&&(*src<='M')) *dest=(*src)+13;
+     else if((*src>='N')&&(*src<='Z')) *dest=(*src)-13;
+     else *dest=*src;
+     dest++, src++; }; }
+ #endif
+ 
  /* Names of all encryption algorithms.  These must match the numbers defined
     int cipher.h. */
  static char *cipher_names[] =
! { "none", "idea", "des", "3des", "tss", "arcfour", "blowfish", "rot13" };
  
  /* Returns a bit mask indicating which ciphers are supported by this
     implementation.  The bit mask has the corresponding bit set of each
***************
*** 97,102 ****
--- 108,117 ----
  #ifdef WITH_BLOWFISH
    mask |= 1 << SSH_CIPHER_BLOWFISH;
  #endif /* WITH_BLOWFISH */
+ 
+ #ifdef WITH_ROT13
+   mask |= 1 << SSH_CIPHER_ROT13;
+ #endif /* WITH_ROT13 */
    return mask;
  }
  
***************
*** 249,254 ****
--- 264,273 ----
        blowfish_set_key(&context->u.blowfish, key, keylen, for_encryption);
        break;
  #endif /* WITH_BLOWFISH */
+ #ifdef WITH_ROT13
+     case SSH_CIPHER_ROT13:
+       break;
+ #endif /* WITH_ROT13 */
      default:
        fatal("cipher_set_key: unknown cipher: %d", cipher);
      }
***************
*** 305,310 ****
--- 324,335 ----
        break;
  #endif /* WITH_BLOWFISH */
  
+ #ifdef WITH_ROT13
+     case SSH_CIPHER_ROT13:
+       rot13cpy(dest, src, len);
+       break;
+ #endif
+ 
      default:
        fatal("cipher_encrypt: unknown cipher: %d", context->type);
      }
***************
*** 360,365 ****
--- 385,396 ----
        break;
  #endif /* WITH_BLOWFISH */
        
+ #ifdef WITH_ROT13
+     case SSH_CIPHER_ROT13:
+       rot13cpy(dest, src, len);
+       break;
+ #endif
+ 
      default:
        fatal("cipher_decrypt: unknown cipher: %d", context->type);
      }
diff -cwr ssh-1.2.18-VIRGIN/cipher.h ssh-1.2.18-ROT13/cipher.h
*** ssh-1.2.18-VIRGIN/cipher.h  Thu Mar 27 00:04:14 1997
--- ssh-1.2.18-ROT13/cipher.h   Mon Mar 31 23:06:48 1997
***************
*** 72,77 ****
--- 72,78 ----
  #define SSH_CIPHER_TSS                4 /* TRI's Simple Stream encryption CBC */
  #define SSH_CIPHER_ARCFOUR    5 /* Arcfour */
  #define SSH_CIPHER_BLOWFISH     6 /* Bruce Schneier's Blowfish */
+ #define SSH_CIPHER_ROT13      7
  
  typedef struct {
    unsigned int type;
diff -cwr ssh-1.2.18-VIRGIN/config.h.in ssh-1.2.18-ROT13/config.h.in
*** ssh-1.2.18-VIRGIN/config.h.in       Thu Mar 27 00:04:06 1997
--- ssh-1.2.18-ROT13/config.h.in        Mon Mar 31 23:01:43 1997
***************
*** 251,256 ****
--- 251,257 ----
  #undef WITH_ARCFOUR
  #undef WITH_BLOWFISH
  #undef WITH_NONE
+ #undef WITH_ROT13
  
  /* Define this to include libwrap (tcp_wrappers) support. */
  #undef LIBWRAP
diff -cwr ssh-1.2.18-VIRGIN/configure ssh-1.2.18-ROT13/configure
*** ssh-1.2.18-VIRGIN/configure Thu Mar 27 00:04:06 1997
--- ssh-1.2.18-ROT13/configure  Mon Mar 31 23:01:58 1997
***************
*** 28,33 ****
--- 28,36 ----
    --with-arcfour          Include arcfour (DO NOT ENABLE, unless you know the security implications of this settings. See README.CIPHERS for more info).
    --without-arcfour       Don't include arcfour (default)"
  ac_help="$ac_help
+   --with-rot13            Include rot13 (DO NOT ENABLE).
+   --without-rot13         Don't include rot13 (default)"
+ ac_help="$ac_help
    --with-tss              Include TSS encryption algorithm.
    --without-tss           Don't include TSS (default)"
  ac_help="$ac_help
***************
*** 5460,5466 ****
--- 5463,5490 ----
  
  fi
  
+ echo $ac_n "checking whether to include the ROT13 encryption algorithm""... $ac_c" 1>&6
+ echo "configure:5443: checking whether to include the ROT13 encryption algorithm" >&5
+ # Check whether --with-rot13 or --without-rot13 was given.
+ if test "${with_rot13+set}" = set; then
+   withval="$with_rot13"
+    case "$withval" in
+   yes)
+     echo "$ac_t""yes" 1>&6
+     cat >> confdefs.h <<\EOF
+ #define WITH_ROT13 1
+ EOF
  
+     ;;
+   *)
+     echo "$ac_t""no" 1>&6
+     ;;
+   esac 
+ else
+   echo "$ac_t""no" 1>&6
+ 
+ fi
+ 
  echo $ac_n "checking whether to include the TSS encryption algorithm""... $ac_c" 1>&6
  echo "configure:5466: checking whether to include the TSS encryption algorithm" >&5
  # Check whether --with-tss or --without-tss was given.
diff -cwr ssh-1.2.18-VIRGIN/configure.in ssh-1.2.18-ROT13/configure.in
*** ssh-1.2.18-VIRGIN/configure.in      Thu Mar 27 00:04:06 1997
--- ssh-1.2.18-ROT13/configure.in       Mon Mar 31 23:19:45 1997
***************
*** 934,939 ****
--- 934,955 ----
    AC_MSG_RESULT(no)
  )
  
+ AC_MSG_CHECKING(whether to include the ROT13 encryption algorithm)
+ AC_ARG_WITH(rot13,
+ [  --with-rot13           Include rot13 (DO NOT ENABLE).
+   --without-rot13         Don't include rot13 (default)],
+ [ case "$withval" in
+   yes)
+     AC_MSG_RESULT(yes)
+     AC_DEFINE(WITH_ROT13)
+     ;;
+   *)
+     AC_MSG_RESULT(no)
+     ;;

+   esac ],
+   AC_MSG_RESULT(no)
+ )
+ 
  AC_MSG_CHECKING(whether to include the TSS encryption algorithm)
  AC_ARG_WITH(tss,
  [  --with-tss              Include TSS encryption algorithm.
Common subdirectories: ssh-1.2.18-VIRGIN/gmp-2.0.2-ssh-2 and ssh-1.2.18-ROT13/gmp-2.0.2-ssh-2
diff -cwr ssh-1.2.18-VIRGIN/ssh.c ssh-1.2.18-ROT13/ssh.c
*** ssh-1.2.18-VIRGIN/ssh.c     Thu Mar 27 00:04:10 1997
--- ssh-1.2.18-ROT13/ssh.c      Mon Mar 31 23:21:02 1997
***************
*** 256,261 ****
--- 256,264 ----
  #ifdef WITH_BLOWFISH
          "``blowfish'', "
  #endif /* WITH_BLOWFISH */
+ #ifdef WITH_ROT13
+           "``rot13'', "
+ #endif /* WITH_ROT13 */
          "``3des''\n");
    fprintf(stderr, "  -p port     Connect to this port.  Server must be on the same port.\n");
    fprintf(stderr, "  -P          Dont use priviledged source port.\n");
diff -cwr ssh-1.2.18-VIRGIN/sshd.c ssh-1.2.18-ROT13/sshd.c
*** ssh-1.2.18-VIRGIN/sshd.c    Thu Mar 27 00:04:08 1997
--- ssh-1.2.18-ROT13/sshd.c     Mon Mar 31 23:21:55 1997
***************
*** 1842,1847 ****
--- 1842,1853 ----
              log_msg("RhostsRsa authentication not available for session encrypted with arcfour.");
              break;
            }
+         if (cipher_type == SSH_CIPHER_ROT13)
+           {
+             packet_get_all();
+             log_msg("RhostsRsa authentication not available for session encrypted with rot13.");
+             break;
+           }
  
          /* Get client user name.  Note that we just have to trust the client;
             root on the client machine can claim to be any user. */

Go Back