diff -u ssh-1.2.27.orig/cipher.c ssh-1.2.27/cipher.c --- ssh-1.2.27.orig/cipher.c Tue Jul 20 00:40:16 1999 +++ ssh-1.2.27/cipher.c Tue Jul 20 00:47:07 1999 @@ -69,11 +69,22 @@ #include "ssh.h" #include "cipher.h" +#ifdef WITH_ROT13 +void rot13cpy(char *dest,char *src,unsigned len) { + while(len--) { + if((*src>='a')&&(*src<='m')) *dest=(*src)+13; + else if((*src>='n')&&(*src<='z')) *dest=(*src)-13; + else if((*src>='A')&&(*src<='M')) *dest=(*src)+13; + else if((*src>='N')&&(*src<='Z')) *dest=(*src)-13; + else *dest=*src; + dest++, src++; }; } +#endif + /* Names of all encryption algorithms. These must match the numbers defined int cipher.h. */ static char *cipher_names[] = { "none", "idea", "des", "3des", "used to be tss", "arcfour", "blowfish", - "reserved"}; + "reserved", "rot13"}; /* Returns a bit mask indicating which ciphers are supported by this implementation. The bit mask has the corresponding bit set of each @@ -104,6 +115,10 @@ #ifdef WITH_BLOWFISH mask |= 1 << SSH_CIPHER_BLOWFISH; #endif /* WITH_BLOWFISH */ + +#ifdef WITH_ROT13 + mask |= 1 << SSH_CIPHER_ROT13; +#endif /* WITH_ROT13 */ return mask; } @@ -248,6 +263,12 @@ blowfish_set_key(&context->u.blowfish, key, keylen, for_encryption); break; #endif /* WITH_BLOWFISH */ + +#ifdef WITH_ROT13 + case SSH_CIPHER_ROT13: + break; +#endif /* WITH_ROT13 */ + default: fatal("cipher_set_key: unknown cipher: %d", cipher); } @@ -297,6 +318,12 @@ break; #endif /* WITH_BLOWFISH */ +#ifdef WITH_ROT13 + case SSH_CIPHER_ROT13: + rot13cpy(dest,src,len); + break; +#endif /* WITH_ROT13 */ + default: fatal("cipher_encrypt: unknown cipher: %d", context->type); } @@ -345,6 +372,12 @@ break; #endif /* WITH_BLOWFISH */ +#ifdef WITH_ROT13 + case SSH_CIPHER_ROT13: + rot13cpy(dest,src,len); + break; +#endif /* WITH_ROT13 */ + default: fatal("cipher_decrypt: unknown cipher: %d", context->type); } diff -u ssh-1.2.27.orig/cipher.h ssh-1.2.27/cipher.h --- ssh-1.2.27.orig/cipher.h Tue Jul 20 00:40:50 1999 +++ ssh-1.2.27/cipher.h Tue Jul 20 00:47:44 1999 @@ -77,6 +77,7 @@ #define SSH_CIPHER_BLOWFISH 6 /* Bruce Schneier's Blowfish */ #define SSH_CIPHER_RESERVED 7 /* Reserved for 40 bit crippled encryption, Bernard Perrot */ +#define SSH_CIPHER_ROT13 8 /* ROT13 */ typedef struct { unsigned int type; diff -u ssh-1.2.27.orig/config.h.in ssh-1.2.27/config.h.in --- ssh-1.2.27.orig/config.h.in Tue Jul 20 00:40:59 1999 +++ ssh-1.2.27/config.h.in Tue Jul 20 00:48:05 1999 @@ -165,6 +165,7 @@ #undef WITH_ARCFOUR #undef WITH_BLOWFISH #undef WITH_NONE +#undef WITH_ROT13 /* Define this to include libwrap (tcp_wrappers) support. */ #undef LIBWRAP diff -u ssh-1.2.27.orig/configure.in ssh-1.2.27/configure.in --- ssh-1.2.27.orig/configure.in Tue Jul 20 00:41:23 1999 +++ ssh-1.2.27/configure.in Tue Jul 20 00:51:11 1999 @@ -732,6 +732,22 @@ AC_MSG_RESULT(no) ) +AC_MSG_CHECKING(whether to include the ROT13 encryption algorithm) +AC_ARG_WITH(rot13, +[ --with-rot13 Include ROT13 (Do NOT enable this, it is worthless) + --without-rot13 Don't include ROT13 (default)], +[ case $withval in + yes) + AC_MSG_RESULT(yes) + AC_DEFINE(WITH_ROT13) + ;; + *) + AC_MSG_RESULT(no) + ;; + esac ], + AC_MSG_RESULT(no) +) + AC_MSG_CHECKING(whether to include the none encryption algorithm) AC_ARG_WITH(none, [ --with-none Include support for unencrypted connections diff -u ssh-1.2.27.orig/ssh.c ssh-1.2.27/ssh.c --- ssh-1.2.27.orig/ssh.c Tue Jul 20 00:41:30 1999 +++ ssh-1.2.27/ssh.c Tue Jul 20 00:51:47 1999 @@ -309,6 +309,9 @@ #ifdef WITH_BLOWFISH "``blowfish'', " #endif /* WITH_BLOWFISH */ +#ifdef WITH_ROT13 + "``rot13'', " +#endif /* WITH_ROT13 */ "``3des''\n"); fprintf(stderr, " -p port Connect to this port. Server must be on the same port.\n"); fprintf(stderr, " -P Don't use privileged source port.\n"); diff -u ssh-1.2.27.orig/sshd.c ssh-1.2.27/sshd.c --- ssh-1.2.27.orig/sshd.c Tue Jul 20 00:41:33 1999 +++ ssh-1.2.27/sshd.c Tue Jul 20 00:53:16 1999 @@ -2420,7 +2420,12 @@ log_msg("RhostsRsa authentication not available for session encrypted with arcfour."); break; } - + if (cipher_type == SSH_CIPHER_ROT13) + { + packet_get_all(); + log_msg("RhostsRsa authentication not available for session encrypted with ROT13."); + break; + } /* Get client user name. Note that we just have to trust the client; root on the client machine can claim to be any user. */ client_user = packet_get_string(NULL);