summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorDamien Miller <djm@mindrot.org>2002-09-30 11:59:21 +1000
committerDamien Miller <djm@mindrot.org>2002-09-30 11:59:21 +1000
commite9264973ad26e4ee2acebf01126e28a712cca2a8 (patch)
tree54efe8f53ce21d3697fd921dd7411213a022f608
parentaeaf2bee192f612bfea644bd1fda2596a7496a04 (diff)
- (djm) OpenBSD CVS Sync
- mickey@cvs.openbsd.org 2002/09/27 10:42:09 [compat.c compat.h sshd.c] add a generic match for a prober, such as sie big brother; idea from stevesk@; markus@ ok
-rw-r--r--ChangeLog10
-rw-r--r--compat.c4
-rw-r--r--compat.h3
-rw-r--r--sshd.c8
4 files changed, 20 insertions, 5 deletions
diff --git a/ChangeLog b/ChangeLog
index efb44797a..d8adacccb 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,5 +1,11 @@
120020930 120020930
2 - (djm) Tidy contrib/, add Makefile for GNOME passphrase dialogs, tweak README 2 - (djm) Tidy contrib/, add Makefile for GNOME passphrase dialogs,
3 tweak README
4 - (djm) OpenBSD CVS Sync
5 - mickey@cvs.openbsd.org 2002/09/27 10:42:09
6 [compat.c compat.h sshd.c]
7 add a generic match for a prober, such as sie big brother;
8 idea from stevesk@; markus@ ok
3 9
420020927 1020020927
5 - (djm) OpenBSD CVS Sync 11 - (djm) OpenBSD CVS Sync
@@ -737,4 +743,4 @@
737 save auth method before monitor_reset_key_state(); bugzilla bug #284; 743 save auth method before monitor_reset_key_state(); bugzilla bug #284;
738 ok provos@ 744 ok provos@
739 745
740$Id: ChangeLog,v 1.2486 2002/09/30 00:40:39 djm Exp $ 746$Id: ChangeLog,v 1.2487 2002/09/30 01:59:21 djm Exp $
diff --git a/compat.c b/compat.c
index e49aa0d2a..757b0e679 100644
--- a/compat.c
+++ b/compat.c
@@ -23,7 +23,7 @@
23 */ 23 */
24 24
25#include "includes.h" 25#include "includes.h"
26RCSID("$OpenBSD: compat.c,v 1.64 2002/09/19 14:53:14 stevesk Exp $"); 26RCSID("$OpenBSD: compat.c,v 1.65 2002/09/27 10:42:09 mickey Exp $");
27 27
28#include "buffer.h" 28#include "buffer.h"
29#include "packet.h" 29#include "packet.h"
@@ -146,6 +146,8 @@ compat_datafellows(const char *version)
146 "OSU_1.5alpha3*", SSH_BUG_PASSWORDPAD }, 146 "OSU_1.5alpha3*", SSH_BUG_PASSWORDPAD },
147 { "*SSH_Version_Mapper*", 147 { "*SSH_Version_Mapper*",
148 SSH_BUG_SCANNER }, 148 SSH_BUG_SCANNER },
149 { "Probe-*",
150 SSH_BUG_PROBE },
149 { NULL, 0 } 151 { NULL, 0 }
150 }; 152 };
151 153
diff --git a/compat.h b/compat.h
index 7afca0460..9299805af 100644
--- a/compat.h
+++ b/compat.h
@@ -1,4 +1,4 @@
1/* $OpenBSD: compat.h,v 1.32 2002/04/10 08:21:47 markus Exp $ */ 1/* $OpenBSD: compat.h,v 1.33 2002/09/27 10:42:09 mickey Exp $ */
2 2
3/* 3/*
4 * Copyright (c) 1999, 2000, 2001 Markus Friedl. All rights reserved. 4 * Copyright (c) 1999, 2000, 2001 Markus Friedl. All rights reserved.
@@ -54,6 +54,7 @@
54#define SSH_BUG_DUMMYCHAN 0x00100000 54#define SSH_BUG_DUMMYCHAN 0x00100000
55#define SSH_BUG_EXTEOF 0x00200000 55#define SSH_BUG_EXTEOF 0x00200000
56#define SSH_BUG_K5USER 0x00400000 56#define SSH_BUG_K5USER 0x00400000
57#define SSH_BUG_PROBE 0x00800000
57 58
58void enable_compat13(void); 59void enable_compat13(void);
59void enable_compat20(void); 60void enable_compat20(void);
diff --git a/sshd.c b/sshd.c
index 986c71273..f8bd7ce54 100644
--- a/sshd.c
+++ b/sshd.c
@@ -42,7 +42,7 @@
42 */ 42 */
43 43
44#include "includes.h" 44#include "includes.h"
45RCSID("$OpenBSD: sshd.c,v 1.259 2002/09/25 15:19:02 markus Exp $"); 45RCSID("$OpenBSD: sshd.c,v 1.260 2002/09/27 10:42:09 mickey Exp $");
46 46
47#include <openssl/dh.h> 47#include <openssl/dh.h>
48#include <openssl/bn.h> 48#include <openssl/bn.h>
@@ -424,6 +424,12 @@ sshd_exchange_identification(int sock_in, int sock_out)
424 424
425 compat_datafellows(remote_version); 425 compat_datafellows(remote_version);
426 426
427 if (datafellows & SSH_BUG_PROBE) {
428 log("probed from %s with %s. Don't panic.",
429 get_remote_ipaddr(), client_version_string);
430 fatal_cleanup();
431 }
432
427 if (datafellows & SSH_BUG_SCANNER) { 433 if (datafellows & SSH_BUG_SCANNER) {
428 log("scanned from %s with %s. Don't panic.", 434 log("scanned from %s with %s. Don't panic.",
429 get_remote_ipaddr(), client_version_string); 435 get_remote_ipaddr(), client_version_string);