- OpenBSD CVS updates:

- [channels.c] repair x11-fwd - [sshconnect.c] fix passwd prompt for ssh2, less debugging output. - [clientloop.c compat.c dsa.c kex.c sshd.c] less debugging output - [kex.c kex.h sshconnect.c sshd.c] check for reasonable public DH values - [README.openssh2 cipher.c cipher.h compat.c compat.h readconf.c] [readconf.h servconf.c servconf.h ssh.c ssh.h sshconnect.c sshd.c] add Cipher and Protocol options to ssh/sshd, e.g.: ssh -o 'Protocol 1,2' if you prefer proto 1, ssh -o 'Ciphers arcfour,3des-cbc' - [sshd.c] print 1.99 only if server supports both
author: Damien Miller <djm@mindrot.org> 2000-04-12 20:17:38 +1000
committer: Damien Miller <djm@mindrot.org> 2000-04-12 20:17:38 +1000
commit: 78928793fb23a3a4c80ae62eca6a7826b2987690 (patch)
tree: add8a953ac4cf06877b91624fe7f647b17e6cf6f /cipher.c
parent: efb4afe0265333ce554f699c2a19ae249dd8d1b5 (diff)
1 files changed, 31 insertions, 6 deletions
diff --git a/cipher.c b/cipher.c
index 8911ffef6..27debf90f 100644
--- a/cipher.c
+++ b/cipher.c
@@ -12,11 +12,11 @@
 */
 #include "includes.h"
-RCSID("$Id: cipher.c,v 1.16 2000/04/06 02:32:39 damien Exp $");
+RCSID("$Id: cipher.c,v 1.17 2000/04/12 10:17:39 damien Exp $");
 #include "ssh.h"
 #include "cipher.h"
-#include "config.h"
+#include "xmalloc.h"
 #ifdef HAVE_OPENSSL
 #include <openssl/md5.h>
@@ -26,7 +26,9 @@ RCSID("$Id: cipher.c,v 1.16 2000/04/06 02:32:39 damien Exp $");
 #endif
 /*
- * What kind of tripple DES are these 2 routines?
+ * This is used by SSH1:
+ *
+ * What kind of triple DES are these 2 routines?
 *
 * Why is there a redundant initialization vector?
 *
@@ -81,7 +83,7 @@ SSH_3CBC_DECRYPT(des_key_schedule ks1,
 }
 /*
- * SSH uses a variation on Blowfish, all bytes must be swapped before
+ * SSH1 uses a variation on Blowfish, all bytes must be swapped before
 * and after encryption/decryption. Thus the swap_bytes stuff (yuk).
 */
 static void
@@ -167,10 +169,34 @@ cipher_name(int cipher)
 {
        if (cipher < 0 || cipher >= sizeof(cipher_names) / sizeof(cipher_names[0]) ||
            cipher_names[cipher] == NULL)
-                fatal("cipher_name: bad cipher number: %d", cipher);
+                fatal("cipher_name: bad cipher name: %d", cipher);
        return cipher_names[cipher];
 }
+/* Returns 1 if the name of the ciphers are valid. */
+#define CIPHER_SEP      ","
+int
+ciphers_valid(const char *names)
+{
+        char *ciphers;
+        char *p;
+        int i;
+        if (strcmp(names, "") == 0)
+                return 0;
+        ciphers = xstrdup(names);
+        for ((p = strtok(ciphers, CIPHER_SEP)); p; (p = strtok(NULL, CIPHER_SEP))) {
+                i = cipher_number(p);
+                if (i == -1 || !(cipher_mask2() & (1 << i))) {
+                        xfree(ciphers);
+                        return 0;
+                }
+        }
+        xfree(ciphers);
+        return 1;
+}
 /*
 * Parses the name of the cipher.  Returns the number of the corresponding
 * cipher, or -1 on error.
@@ -271,7 +297,6 @@ cipher_set_key(CipherContext *context, int cipher, const unsigned char *key,
        memset(padded, 0, sizeof(padded));
 }
 void 
 cipher_set_key_iv(CipherContext * context, int cipher,
    const unsigned char *key, int keylen,
author	Damien Miller <djm@mindrot.org>	2000-04-12 20:17:38 +1000
committer	Damien Miller <djm@mindrot.org>	2000-04-12 20:17:38 +1000
commit	78928793fb23a3a4c80ae62eca6a7826b2987690 (patch)
tree	add8a953ac4cf06877b91624fe7f647b17e6cf6f /cipher.c
parent	efb4afe0265333ce554f699c2a19ae249dd8d1b5 (diff)