diff options
| author | djm@openbsd.org <djm@openbsd.org> | 2017-04-30 23:11:45 +0000 |
|---|---|---|
| committer | Damien Miller <djm@mindrot.org> | 2017-05-01 09:38:46 +1000 |
| commit | 99f95ba82673d33215dce17bfa1512b57f54ec09 (patch) | |
| tree | a2fcb5c8410cf2d524b25609271b4197728779d5 /sshconnect.c | |
| parent | 56912dea6ef63dae4eb1194e5d88973a7c6c5740 (diff) | |
upstream commit
remove options.protocol and client Protocol
configuration knob
ok markus@
Upstream-ID: 5a967f5d06e2d004b0235457b6de3a9a314e9366
Diffstat (limited to 'sshconnect.c')
| -rw-r--r-- | sshconnect.c | 49 |
1 files changed, 10 insertions, 39 deletions
diff --git a/sshconnect.c b/sshconnect.c index 26ffbc802..d48f2e06c 100644 --- a/sshconnect.c +++ b/sshconnect.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: sshconnect.c,v 1.274 2017/04/30 23:10:43 djm Exp $ */ | 1 | /* $OpenBSD: sshconnect.c,v 1.275 2017/04/30 23:11:45 djm Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> | 3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> |
| 4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland | 4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
| @@ -549,7 +549,7 @@ ssh_exchange_identification(int timeout_ms) | |||
| 549 | int remote_major, remote_minor, mismatch; | 549 | int remote_major, remote_minor, mismatch; |
| 550 | int connection_in = packet_get_connection_in(); | 550 | int connection_in = packet_get_connection_in(); |
| 551 | int connection_out = packet_get_connection_out(); | 551 | int connection_out = packet_get_connection_out(); |
| 552 | int minor1 = PROTOCOL_MINOR_1, client_banner_sent = 0; | 552 | int client_banner_sent = 0; |
| 553 | u_int i, n; | 553 | u_int i, n; |
| 554 | size_t len; | 554 | size_t len; |
| 555 | int fdsetsz, remaining, rc; | 555 | int fdsetsz, remaining, rc; |
| @@ -559,15 +559,9 @@ ssh_exchange_identification(int timeout_ms) | |||
| 559 | fdsetsz = howmany(connection_in + 1, NFDBITS) * sizeof(fd_mask); | 559 | fdsetsz = howmany(connection_in + 1, NFDBITS) * sizeof(fd_mask); |
| 560 | fdset = xcalloc(1, fdsetsz); | 560 | fdset = xcalloc(1, fdsetsz); |
| 561 | 561 | ||
| 562 | /* | 562 | enable_compat20(); |
| 563 | * If we are SSH2-only then we can send the banner immediately and | 563 | send_client_banner(connection_out, 0); |
| 564 | * save a round-trip. | 564 | client_banner_sent = 1; |
| 565 | */ | ||
| 566 | if (options.protocol == SSH_PROTO_2) { | ||
| 567 | enable_compat20(); | ||
| 568 | send_client_banner(connection_out, 0); | ||
| 569 | client_banner_sent = 1; | ||
| 570 | } | ||
| 571 | 565 | ||
| 572 | /* Read other side's version identification. */ | 566 | /* Read other side's version identification. */ |
| 573 | remaining = timeout_ms; | 567 | remaining = timeout_ms; |
| @@ -635,50 +629,27 @@ ssh_exchange_identification(int timeout_ms) | |||
| 635 | 629 | ||
| 636 | switch (remote_major) { | 630 | switch (remote_major) { |
| 637 | case 1: | 631 | case 1: |
| 638 | if (remote_minor == 99 && | 632 | if (remote_minor == 99) |
| 639 | (options.protocol & SSH_PROTO_2) && | ||
| 640 | !(options.protocol & SSH_PROTO_1_PREFERRED)) { | ||
| 641 | enable_compat20(); | 633 | enable_compat20(); |
| 642 | break; | 634 | else |
| 643 | } | ||
| 644 | if (!(options.protocol & SSH_PROTO_1)) { | ||
| 645 | mismatch = 1; | 635 | mismatch = 1; |
| 646 | break; | ||
| 647 | } | ||
| 648 | if (remote_minor < 3) { | ||
| 649 | fatal("Remote machine has too old SSH software version."); | ||
| 650 | } else if (remote_minor == 3 || remote_minor == 4) { | ||
| 651 | /* We speak 1.3, too. */ | ||
| 652 | enable_compat13(); | ||
| 653 | minor1 = 3; | ||
| 654 | if (options.forward_agent) { | ||
| 655 | logit("Agent forwarding disabled for protocol 1.3"); | ||
| 656 | options.forward_agent = 0; | ||
| 657 | } | ||
| 658 | } | ||
| 659 | break; | 636 | break; |
| 660 | case 2: | 637 | case 2: |
| 661 | if (options.protocol & SSH_PROTO_2) { | 638 | enable_compat20(); |
| 662 | enable_compat20(); | 639 | break; |
| 663 | break; | ||
| 664 | } | ||
| 665 | /* FALLTHROUGH */ | ||
| 666 | default: | 640 | default: |
| 667 | mismatch = 1; | 641 | mismatch = 1; |
| 668 | break; | 642 | break; |
| 669 | } | 643 | } |
| 670 | if (mismatch) | 644 | if (mismatch) |
| 671 | fatal("Protocol major versions differ: %d vs. %d", | 645 | fatal("Protocol major versions differ: %d vs. %d", |
| 672 | (options.protocol & SSH_PROTO_2) ? PROTOCOL_MAJOR_2 : PROTOCOL_MAJOR_1, | 646 | PROTOCOL_MAJOR_2, remote_major); |
| 673 | remote_major); | ||
| 674 | if ((datafellows & SSH_BUG_DERIVEKEY) != 0) | 647 | if ((datafellows & SSH_BUG_DERIVEKEY) != 0) |
| 675 | fatal("Server version \"%.100s\" uses unsafe key agreement; " | 648 | fatal("Server version \"%.100s\" uses unsafe key agreement; " |
| 676 | "refusing connection", remote_version); | 649 | "refusing connection", remote_version); |
| 677 | if ((datafellows & SSH_BUG_RSASIGMD5) != 0) | 650 | if ((datafellows & SSH_BUG_RSASIGMD5) != 0) |
| 678 | logit("Server version \"%.100s\" uses unsafe RSA signature " | 651 | logit("Server version \"%.100s\" uses unsafe RSA signature " |
| 679 | "scheme; disabling use of RSA keys", remote_version); | 652 | "scheme; disabling use of RSA keys", remote_version); |
| 680 | if (!client_banner_sent) | ||
| 681 | send_client_banner(connection_out, minor1); | ||
| 682 | chop(server_version_string); | 653 | chop(server_version_string); |
| 683 | } | 654 | } |
| 684 | 655 | ||