diff options
| author | Colin Watson <cjwatson@debian.org> | 2015-08-19 17:00:17 +0100 |
|---|---|---|
| committer | Colin Watson <cjwatson@debian.org> | 2015-08-19 17:00:17 +0100 |
| commit | 544df7a04ae5b5c1fc30be7c445ad685d7a02dc9 (patch) | |
| tree | 33d2a87dd50fe5894ac6ec4579c83401b7ab00a4 /compat.c | |
| parent | baccdb349b31c47cd76fb63211f754ed33a9707e (diff) | |
| parent | 7de4b03a6e4071d454b72927ffaf52949fa34545 (diff) | |
Import openssh_6.9p1.orig.tar.gz
Diffstat (limited to 'compat.c')
| -rw-r--r-- | compat.c | 51 |
1 files changed, 39 insertions, 12 deletions
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: compat.c,v 1.87 2015/01/19 20:20:20 markus Exp $ */ | 1 | /* $OpenBSD: compat.c,v 1.94 2015/05/26 23:23:40 dtucker Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * Copyright (c) 1999, 2000, 2001, 2002 Markus Friedl. All rights reserved. | 3 | * Copyright (c) 1999, 2000, 2001, 2002 Markus Friedl. All rights reserved. |
| 4 | * | 4 | * |
| @@ -152,6 +152,7 @@ compat_datafellows(const char *version) | |||
| 152 | "1.2.22*", SSH_BUG_IGNOREMSG }, | 152 | "1.2.22*", SSH_BUG_IGNOREMSG }, |
| 153 | { "1.3.2*", /* F-Secure */ | 153 | { "1.3.2*", /* F-Secure */ |
| 154 | SSH_BUG_IGNOREMSG }, | 154 | SSH_BUG_IGNOREMSG }, |
| 155 | { "Cisco-1.*", SSH_BUG_DHGEX_LARGE }, | ||
| 155 | { "*SSH Compatible Server*", /* Netscreen */ | 156 | { "*SSH Compatible Server*", /* Netscreen */ |
| 156 | SSH_BUG_PASSWORDPAD }, | 157 | SSH_BUG_PASSWORDPAD }, |
| 157 | { "*OSU_0*," | 158 | { "*OSU_0*," |
| @@ -165,15 +166,34 @@ compat_datafellows(const char *version) | |||
| 165 | "OSU_1.5alpha3*", SSH_BUG_PASSWORDPAD }, | 166 | "OSU_1.5alpha3*", SSH_BUG_PASSWORDPAD }, |
| 166 | { "*SSH_Version_Mapper*", | 167 | { "*SSH_Version_Mapper*", |
| 167 | SSH_BUG_SCANNER }, | 168 | SSH_BUG_SCANNER }, |
| 169 | { "PuTTY-Release-0.5*," /* 0.50-0.57, DH-GEX in >=0.52 */ | ||
| 170 | "PuTTY_Release_0.5*," /* 0.58-0.59 */ | ||
| 171 | "PuTTY_Release_0.60*," | ||
| 172 | "PuTTY_Release_0.61*," | ||
| 173 | "PuTTY_Release_0.62*," | ||
| 174 | "PuTTY_Release_0.63*," | ||
| 175 | "PuTTY_Release_0.64*", | ||
| 176 | SSH_OLD_DHGEX }, | ||
| 168 | { "Probe-*", | 177 | { "Probe-*", |
| 169 | SSH_BUG_PROBE }, | 178 | SSH_BUG_PROBE }, |
| 179 | { "TeraTerm SSH*," | ||
| 180 | "TTSSH/1.5.*," | ||
| 181 | "TTSSH/2.1*," | ||
| 182 | "TTSSH/2.2*," | ||
| 183 | "TTSSH/2.3*," | ||
| 184 | "TTSSH/2.4*," | ||
| 185 | "TTSSH/2.5*," | ||
| 186 | "TTSSH/2.6*," | ||
| 187 | "TTSSH/2.70*," | ||
| 188 | "TTSSH/2.71*," | ||
| 189 | "TTSSH/2.72*", SSH_BUG_HOSTKEYS }, | ||
| 190 | { "WinSCP*", SSH_OLD_DHGEX }, | ||
| 170 | { NULL, 0 } | 191 | { NULL, 0 } |
| 171 | }; | 192 | }; |
| 172 | 193 | ||
| 173 | /* process table, return first match */ | 194 | /* process table, return first match */ |
| 174 | for (i = 0; check[i].pat; i++) { | 195 | for (i = 0; check[i].pat; i++) { |
| 175 | if (match_pattern_list(version, check[i].pat, | 196 | if (match_pattern_list(version, check[i].pat, 0) == 1) { |
| 176 | strlen(check[i].pat), 0) == 1) { | ||
| 177 | debug("match: %s pat %s compat 0x%08x", | 197 | debug("match: %s pat %s compat 0x%08x", |
| 178 | version, check[i].pat, check[i].bugs); | 198 | version, check[i].pat, check[i].bugs); |
| 179 | datafellows = check[i].bugs; /* XXX for now */ | 199 | datafellows = check[i].bugs; /* XXX for now */ |
| @@ -199,9 +219,11 @@ proto_spec(const char *spec) | |||
| 199 | for ((p = strsep(&q, SEP)); p && *p != '\0'; (p = strsep(&q, SEP))) { | 219 | for ((p = strsep(&q, SEP)); p && *p != '\0'; (p = strsep(&q, SEP))) { |
| 200 | switch (atoi(p)) { | 220 | switch (atoi(p)) { |
| 201 | case 1: | 221 | case 1: |
| 222 | #ifdef WITH_SSH1 | ||
| 202 | if (ret == SSH_PROTO_UNKNOWN) | 223 | if (ret == SSH_PROTO_UNKNOWN) |
| 203 | ret |= SSH_PROTO_1_PREFERRED; | 224 | ret |= SSH_PROTO_1_PREFERRED; |
| 204 | ret |= SSH_PROTO_1; | 225 | ret |= SSH_PROTO_1; |
| 226 | #endif | ||
| 205 | break; | 227 | break; |
| 206 | case 2: | 228 | case 2: |
| 207 | ret |= SSH_PROTO_2; | 229 | ret |= SSH_PROTO_2; |
| @@ -229,7 +251,7 @@ filter_proposal(char *proposal, const char *filter) | |||
| 229 | buffer_init(&b); | 251 | buffer_init(&b); |
| 230 | tmp = orig_prop = xstrdup(proposal); | 252 | tmp = orig_prop = xstrdup(proposal); |
| 231 | while ((cp = strsep(&tmp, ",")) != NULL) { | 253 | while ((cp = strsep(&tmp, ",")) != NULL) { |
| 232 | if (match_pattern_list(cp, filter, strlen(cp), 0) != 1) { | 254 | if (match_pattern_list(cp, filter, 0) != 1) { |
| 233 | if (buffer_len(&b) > 0) | 255 | if (buffer_len(&b) > 0) |
| 234 | buffer_append(&b, ",", 1); | 256 | buffer_append(&b, ",", 1); |
| 235 | buffer_append(&b, cp, strlen(cp)); | 257 | buffer_append(&b, cp, strlen(cp)); |
| @@ -271,15 +293,20 @@ compat_pkalg_proposal(char *pkalg_prop) | |||
| 271 | } | 293 | } |
| 272 | 294 | ||
| 273 | char * | 295 | char * |
| 274 | compat_kex_proposal(char *kex_prop) | 296 | compat_kex_proposal(char *p) |
| 275 | { | 297 | { |
| 276 | if (!(datafellows & SSH_BUG_CURVE25519PAD)) | 298 | if ((datafellows & (SSH_BUG_CURVE25519PAD|SSH_OLD_DHGEX)) == 0) |
| 277 | return kex_prop; | 299 | return p; |
| 278 | debug2("%s: original KEX proposal: %s", __func__, kex_prop); | 300 | debug2("%s: original KEX proposal: %s", __func__, p); |
| 279 | kex_prop = filter_proposal(kex_prop, "curve25519-sha256@libssh.org"); | 301 | if ((datafellows & SSH_BUG_CURVE25519PAD) != 0) |
| 280 | debug2("%s: compat KEX proposal: %s", __func__, kex_prop); | 302 | p = filter_proposal(p, "curve25519-sha256@libssh.org"); |
| 281 | if (*kex_prop == '\0') | 303 | if ((datafellows & SSH_OLD_DHGEX) != 0) { |
| 304 | p = filter_proposal(p, "diffie-hellman-group-exchange-sha256"); | ||
| 305 | p = filter_proposal(p, "diffie-hellman-group-exchange-sha1"); | ||
| 306 | } | ||
| 307 | debug2("%s: compat KEX proposal: %s", __func__, p); | ||
| 308 | if (*p == '\0') | ||
| 282 | fatal("No supported key exchange algorithms found"); | 309 | fatal("No supported key exchange algorithms found"); |
| 283 | return kex_prop; | 310 | return p; |
| 284 | } | 311 | } |
| 285 | 312 | ||