upstream: move client/server SSH-* banners to buffers under

ssh->kex and factor out the banner exchange. This eliminates some common code
from the client and server.

Also be more strict about handling \r characters - these should only
be accepted immediately before \n (pointed out by Jann Horn).

Inspired by a patch from Markus Schmidt.
(lots of) feedback and ok markus@

OpenBSD-Commit-ID: 1cc7885487a6754f63641d7d3279b0941890275b

1 files changed, 5 insertions, 5 deletions

diff --git a/kexc25519.c b/kexc25519.c
index 0897b8c51..712dd523d 100644
--- a/kexc25519.c
+++ b/kexc25519.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: kexc25519.c,v 1.10 2016/05/02 08:49:03 djm Exp $ */
+/* $OpenBSD: kexc25519.c,v 1.11 2018/12/27 03:25:25 djm Exp $ */
 /*
  * Copyright (c) 2001, 2013 Markus Friedl.  All rights reserved.
  * Copyright (c) 2010 Damien Miller.  All rights reserved.
@@ -84,8 +84,8 @@ kexc25519_shared_key(const u_char key[CURVE25519_SIZE],
 int
 kex_c25519_hash(
     int hash_alg,
-    const char *client_version_string,
-    const char *server_version_string,
+    const struct sshbuf *client_version,
+    const struct sshbuf *server_version,
     const u_char *ckexinit, size_t ckexinitlen,
     const u_char *skexinit, size_t skexinitlen,
     const u_char *serverhostkeyblob, size_t sbloblen,
@@ -101,8 +101,8 @@ kex_c25519_hash(
                 return SSH_ERR_INVALID_ARGUMENT;
         if ((b = sshbuf_new()) == NULL)
                 return SSH_ERR_ALLOC_FAIL;
-        if ((r = sshbuf_put_cstring(b, client_version_string)) < 0 ||
-            (r = sshbuf_put_cstring(b, server_version_string)) < 0 ||
+        if ((r = sshbuf_put_stringb(b, client_version)) < 0 ||
+            (r = sshbuf_put_stringb(b, server_version)) < 0 ||
             /* kexinit messages: fake header: len+SSH2_MSG_KEXINIT */
             (r = sshbuf_put_u32(b, ckexinitlen+1)) < 0 ||
             (r = sshbuf_put_u8(b, SSH2_MSG_KEXINIT)) < 0 ||