> On Thu, 31 Dec 1998, Mr Spooty wrote: > > > This patch, along with the domestic version of the most recently > > released telnet sources from Berkeley, are available via anonymous ftp > > from net-dist.mit.edu in the directory /pub/telnet. > > As of Sun Jan 3 20:42:04 GMT 1999 the /pub/telnet directory is > not world readable or searchable, and thus this patch cannot be > downloaded. > > Does anyone have a copy of this patch, and perhaps more details on > what it does? I have no problem seeing into that directory, despite the unusual permissions. The original post was little more than a copy of a message sent by Ted Ts'o on 15-Feb-1995, nearly 4 years ago. The gist of the bug, IIRC, was that the method used in the telnet client to generate the session encryption key (the one used to actually encrypt the data stream, not the session key in the Kerberos tickets) would result in a key with bad parity 255/256 of the time. This, in turn, could result in one of three situations, depending on how carefully error checking was done at each end: (a) Encryption negotiation fails, and the stream is unencrypted (b) Encryption negotiation succeeds, and the stream is encrypted, but using a highly predictable DES key schedule instead of one derived from a randomly-chosen session key. This was the most dangerous case, and I believe also the most common. (c) Encryption negotiation succeeds, and the stream is encrypted, but one end uses the bogus key schedule as in (b), while the other uses a different schedule (IIRC, derived from the randomly-chosen key, after forcing the parity bits). The result is that neither end can communicate with the other. The patch also appears to fix a fatal bug in the challenge-response calculation, and to make changes to parsing of authentication types, which I'd have to go read the full telnet source to understand. I've CC'd Ted Ts'o on this message, in case he wants to make additional comments about the nature of the original problem, or the other changes made by that patch. -- Jeffrey T. Hutzelman (N3NHS) <jhutz+@cmu.edu> Sr. Research Systems Programmer School of Computer Science - Research Computing Facility Carnegie Mellon University - Pittsburgh, PA
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:27:59 PDT