diff options
author | djm@openbsd.org <djm@openbsd.org> | 2018-12-27 03:25:24 +0000 |
---|---|---|
committer | Damien Miller <djm@mindrot.org> | 2018-12-27 14:38:22 +1100 |
commit | 0a843d9a0e805f14653a555f5c7a8ba99d62c12d (patch) | |
tree | 481f36e9fd1918be5449e369a97c086a1a8d2432 /kexdh.c | |
parent | 434b587afe41c19391821e7392005068fda76248 (diff) |
upstream: move client/server SSH-* banners to buffers under
ssh->kex and factor out the banner exchange. This eliminates some common code
from the client and server.
Also be more strict about handling \r characters - these should only
be accepted immediately before \n (pointed out by Jann Horn).
Inspired by a patch from Markus Schmidt.
(lots of) feedback and ok markus@
OpenBSD-Commit-ID: 1cc7885487a6754f63641d7d3279b0941890275b
Diffstat (limited to 'kexdh.c')
-rw-r--r-- | kexdh.c | 10 |
1 files changed, 5 insertions, 5 deletions
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: kexdh.c,v 1.26 2016/05/02 10:26:04 djm Exp $ */ | 1 | /* $OpenBSD: kexdh.c,v 1.27 2018/12/27 03:25:25 djm Exp $ */ |
2 | /* | 2 | /* |
3 | * Copyright (c) 2001 Markus Friedl. All rights reserved. | 3 | * Copyright (c) 2001 Markus Friedl. All rights reserved. |
4 | * | 4 | * |
@@ -46,8 +46,8 @@ | |||
46 | int | 46 | int |
47 | kex_dh_hash( | 47 | kex_dh_hash( |
48 | int hash_alg, | 48 | int hash_alg, |
49 | const char *client_version_string, | 49 | const struct sshbuf *client_version, |
50 | const char *server_version_string, | 50 | const struct sshbuf *server_version, |
51 | const u_char *ckexinit, size_t ckexinitlen, | 51 | const u_char *ckexinit, size_t ckexinitlen, |
52 | const u_char *skexinit, size_t skexinitlen, | 52 | const u_char *skexinit, size_t skexinitlen, |
53 | const u_char *serverhostkeyblob, size_t sbloblen, | 53 | const u_char *serverhostkeyblob, size_t sbloblen, |
@@ -63,8 +63,8 @@ kex_dh_hash( | |||
63 | return SSH_ERR_INVALID_ARGUMENT; | 63 | return SSH_ERR_INVALID_ARGUMENT; |
64 | if ((b = sshbuf_new()) == NULL) | 64 | if ((b = sshbuf_new()) == NULL) |
65 | return SSH_ERR_ALLOC_FAIL; | 65 | return SSH_ERR_ALLOC_FAIL; |
66 | if ((r = sshbuf_put_cstring(b, client_version_string)) != 0 || | 66 | if ((r = sshbuf_put_stringb(b, client_version)) < 0 || |
67 | (r = sshbuf_put_cstring(b, server_version_string)) != 0 || | 67 | (r = sshbuf_put_stringb(b, server_version)) < 0 || |
68 | /* kexinit messages: fake header: len+SSH2_MSG_KEXINIT */ | 68 | /* kexinit messages: fake header: len+SSH2_MSG_KEXINIT */ |
69 | (r = sshbuf_put_u32(b, ckexinitlen+1)) != 0 || | 69 | (r = sshbuf_put_u32(b, ckexinitlen+1)) != 0 || |
70 | (r = sshbuf_put_u8(b, SSH2_MSG_KEXINIT)) != 0 || | 70 | (r = sshbuf_put_u8(b, SSH2_MSG_KEXINIT)) != 0 || |