summaryrefslogtreecommitdiff
path: root/kex.c
diff options
context:
space:
mode:
authordjm@openbsd.org <djm@openbsd.org>2017-02-03 23:01:19 +0000
committerDamien Miller <djm@mindrot.org>2017-02-04 10:08:15 +1100
commit68bc8cfa7642d3ccbf2cd64281c16b8b9205be59 (patch)
tree4b2ddc75ee7ac985570c4e85c37abfd8f7be4f47 /kex.c
parentc924b2ef941028a1f31e6e94f54dfeeeef462a4e (diff)
upstream commit
support =- for removing methods from algorithms lists, e.g. Ciphers=-*cbc; suggested by Cristian Ionescu-Idbohrn in bz#2671 "I like it" markus@ Upstream-ID: c78c38f9f81a963b33d0eade559f6048add24a6d
Diffstat (limited to 'kex.c')
-rw-r--r--kex.c21
1 files changed, 13 insertions, 8 deletions
diff --git a/kex.c b/kex.c
index 6a94bc535..a30dabe5f 100644
--- a/kex.c
+++ b/kex.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: kex.c,v 1.127 2016/10/10 19:28:48 markus Exp $ */ 1/* $OpenBSD: kex.c,v 1.128 2017/02/03 23:01:19 djm Exp $ */
2/* 2/*
3 * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. 3 * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved.
4 * 4 *
@@ -211,7 +211,8 @@ kex_names_cat(const char *a, const char *b)
211/* 211/*
212 * Assemble a list of algorithms from a default list and a string from a 212 * Assemble a list of algorithms from a default list and a string from a
213 * configuration file. The user-provided string may begin with '+' to 213 * configuration file. The user-provided string may begin with '+' to
214 * indicate that it should be appended to the default. 214 * indicate that it should be appended to the default or '-' that the
215 * specified names should be removed.
215 */ 216 */
216int 217int
217kex_assemble_names(const char *def, char **list) 218kex_assemble_names(const char *def, char **list)
@@ -222,14 +223,18 @@ kex_assemble_names(const char *def, char **list)
222 *list = strdup(def); 223 *list = strdup(def);
223 return 0; 224 return 0;
224 } 225 }
225 if (**list != '+') { 226 if (**list == '+') {
226 return 0; 227 if ((ret = kex_names_cat(def, *list + 1)) == NULL)
228 return SSH_ERR_ALLOC_FAIL;
229 free(*list);
230 *list = ret;
231 } else if (**list == '-') {
232 if ((ret = match_filter_list(def, *list + 1)) == NULL)
233 return SSH_ERR_ALLOC_FAIL;
234 free(*list);
235 *list = ret;
227 } 236 }
228 237
229 if ((ret = kex_names_cat(def, *list + 1)) == NULL)
230 return SSH_ERR_ALLOC_FAIL;
231 free(*list);
232 *list = ret;
233 return 0; 238 return 0;
234} 239}
235 240