diff options
author | djm@openbsd.org <djm@openbsd.org> | 2017-02-03 23:01:19 +0000 |
---|---|---|
committer | Damien Miller <djm@mindrot.org> | 2017-02-04 10:08:15 +1100 |
commit | 68bc8cfa7642d3ccbf2cd64281c16b8b9205be59 (patch) | |
tree | 4b2ddc75ee7ac985570c4e85c37abfd8f7be4f47 /kex.c | |
parent | c924b2ef941028a1f31e6e94f54dfeeeef462a4e (diff) |
upstream commit
support =- for removing methods from algorithms lists,
e.g. Ciphers=-*cbc; suggested by Cristian Ionescu-Idbohrn in bz#2671 "I like
it" markus@
Upstream-ID: c78c38f9f81a963b33d0eade559f6048add24a6d
Diffstat (limited to 'kex.c')
-rw-r--r-- | kex.c | 21 |
1 files changed, 13 insertions, 8 deletions
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: kex.c,v 1.127 2016/10/10 19:28:48 markus Exp $ */ | 1 | /* $OpenBSD: kex.c,v 1.128 2017/02/03 23:01:19 djm Exp $ */ |
2 | /* | 2 | /* |
3 | * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. | 3 | * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. |
4 | * | 4 | * |
@@ -211,7 +211,8 @@ kex_names_cat(const char *a, const char *b) | |||
211 | /* | 211 | /* |
212 | * Assemble a list of algorithms from a default list and a string from a | 212 | * Assemble a list of algorithms from a default list and a string from a |
213 | * configuration file. The user-provided string may begin with '+' to | 213 | * configuration file. The user-provided string may begin with '+' to |
214 | * indicate that it should be appended to the default. | 214 | * indicate that it should be appended to the default or '-' that the |
215 | * specified names should be removed. | ||
215 | */ | 216 | */ |
216 | int | 217 | int |
217 | kex_assemble_names(const char *def, char **list) | 218 | kex_assemble_names(const char *def, char **list) |
@@ -222,14 +223,18 @@ kex_assemble_names(const char *def, char **list) | |||
222 | *list = strdup(def); | 223 | *list = strdup(def); |
223 | return 0; | 224 | return 0; |
224 | } | 225 | } |
225 | if (**list != '+') { | 226 | if (**list == '+') { |
226 | return 0; | 227 | if ((ret = kex_names_cat(def, *list + 1)) == NULL) |
228 | return SSH_ERR_ALLOC_FAIL; | ||
229 | free(*list); | ||
230 | *list = ret; | ||
231 | } else if (**list == '-') { | ||
232 | if ((ret = match_filter_list(def, *list + 1)) == NULL) | ||
233 | return SSH_ERR_ALLOC_FAIL; | ||
234 | free(*list); | ||
235 | *list = ret; | ||
227 | } | 236 | } |
228 | 237 | ||
229 | if ((ret = kex_names_cat(def, *list + 1)) == NULL) | ||
230 | return SSH_ERR_ALLOC_FAIL; | ||
231 | free(*list); | ||
232 | *list = ret; | ||
233 | return 0; | 238 | return 0; |
234 | } | 239 | } |
235 | 240 | ||