diff options
author | djm@openbsd.org <djm@openbsd.org> | 2017-04-30 23:11:45 +0000 |
---|---|---|
committer | Damien Miller <djm@mindrot.org> | 2017-05-01 09:38:46 +1000 |
commit | 99f95ba82673d33215dce17bfa1512b57f54ec09 (patch) | |
tree | a2fcb5c8410cf2d524b25609271b4197728779d5 /sshconnect.c | |
parent | 56912dea6ef63dae4eb1194e5d88973a7c6c5740 (diff) |
upstream commit
remove options.protocol and client Protocol
configuration knob
ok markus@
Upstream-ID: 5a967f5d06e2d004b0235457b6de3a9a314e9366
Diffstat (limited to 'sshconnect.c')
-rw-r--r-- | sshconnect.c | 49 |
1 files changed, 10 insertions, 39 deletions
diff --git a/sshconnect.c b/sshconnect.c index 26ffbc802..d48f2e06c 100644 --- a/sshconnect.c +++ b/sshconnect.c | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: sshconnect.c,v 1.274 2017/04/30 23:10:43 djm Exp $ */ | 1 | /* $OpenBSD: sshconnect.c,v 1.275 2017/04/30 23:11:45 djm Exp $ */ |
2 | /* | 2 | /* |
3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> | 3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> |
4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland | 4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
@@ -549,7 +549,7 @@ ssh_exchange_identification(int timeout_ms) | |||
549 | int remote_major, remote_minor, mismatch; | 549 | int remote_major, remote_minor, mismatch; |
550 | int connection_in = packet_get_connection_in(); | 550 | int connection_in = packet_get_connection_in(); |
551 | int connection_out = packet_get_connection_out(); | 551 | int connection_out = packet_get_connection_out(); |
552 | int minor1 = PROTOCOL_MINOR_1, client_banner_sent = 0; | 552 | int client_banner_sent = 0; |
553 | u_int i, n; | 553 | u_int i, n; |
554 | size_t len; | 554 | size_t len; |
555 | int fdsetsz, remaining, rc; | 555 | int fdsetsz, remaining, rc; |
@@ -559,15 +559,9 @@ ssh_exchange_identification(int timeout_ms) | |||
559 | fdsetsz = howmany(connection_in + 1, NFDBITS) * sizeof(fd_mask); | 559 | fdsetsz = howmany(connection_in + 1, NFDBITS) * sizeof(fd_mask); |
560 | fdset = xcalloc(1, fdsetsz); | 560 | fdset = xcalloc(1, fdsetsz); |
561 | 561 | ||
562 | /* | 562 | enable_compat20(); |
563 | * If we are SSH2-only then we can send the banner immediately and | 563 | send_client_banner(connection_out, 0); |
564 | * save a round-trip. | 564 | client_banner_sent = 1; |
565 | */ | ||
566 | if (options.protocol == SSH_PROTO_2) { | ||
567 | enable_compat20(); | ||
568 | send_client_banner(connection_out, 0); | ||
569 | client_banner_sent = 1; | ||
570 | } | ||
571 | 565 | ||
572 | /* Read other side's version identification. */ | 566 | /* Read other side's version identification. */ |
573 | remaining = timeout_ms; | 567 | remaining = timeout_ms; |
@@ -635,50 +629,27 @@ ssh_exchange_identification(int timeout_ms) | |||
635 | 629 | ||
636 | switch (remote_major) { | 630 | switch (remote_major) { |
637 | case 1: | 631 | case 1: |
638 | if (remote_minor == 99 && | 632 | if (remote_minor == 99) |
639 | (options.protocol & SSH_PROTO_2) && | ||
640 | !(options.protocol & SSH_PROTO_1_PREFERRED)) { | ||
641 | enable_compat20(); | 633 | enable_compat20(); |
642 | break; | 634 | else |
643 | } | ||
644 | if (!(options.protocol & SSH_PROTO_1)) { | ||
645 | mismatch = 1; | 635 | mismatch = 1; |
646 | break; | ||
647 | } | ||
648 | if (remote_minor < 3) { | ||
649 | fatal("Remote machine has too old SSH software version."); | ||
650 | } else if (remote_minor == 3 || remote_minor == 4) { | ||
651 | /* We speak 1.3, too. */ | ||
652 | enable_compat13(); | ||
653 | minor1 = 3; | ||
654 | if (options.forward_agent) { | ||
655 | logit("Agent forwarding disabled for protocol 1.3"); | ||
656 | options.forward_agent = 0; | ||
657 | } | ||
658 | } | ||
659 | break; | 636 | break; |
660 | case 2: | 637 | case 2: |
661 | if (options.protocol & SSH_PROTO_2) { | 638 | enable_compat20(); |
662 | enable_compat20(); | 639 | break; |
663 | break; | ||
664 | } | ||
665 | /* FALLTHROUGH */ | ||
666 | default: | 640 | default: |
667 | mismatch = 1; | 641 | mismatch = 1; |
668 | break; | 642 | break; |
669 | } | 643 | } |
670 | if (mismatch) | 644 | if (mismatch) |
671 | fatal("Protocol major versions differ: %d vs. %d", | 645 | fatal("Protocol major versions differ: %d vs. %d", |
672 | (options.protocol & SSH_PROTO_2) ? PROTOCOL_MAJOR_2 : PROTOCOL_MAJOR_1, | 646 | PROTOCOL_MAJOR_2, remote_major); |
673 | remote_major); | ||
674 | if ((datafellows & SSH_BUG_DERIVEKEY) != 0) | 647 | if ((datafellows & SSH_BUG_DERIVEKEY) != 0) |
675 | fatal("Server version \"%.100s\" uses unsafe key agreement; " | 648 | fatal("Server version \"%.100s\" uses unsafe key agreement; " |
676 | "refusing connection", remote_version); | 649 | "refusing connection", remote_version); |
677 | if ((datafellows & SSH_BUG_RSASIGMD5) != 0) | 650 | if ((datafellows & SSH_BUG_RSASIGMD5) != 0) |
678 | logit("Server version \"%.100s\" uses unsafe RSA signature " | 651 | logit("Server version \"%.100s\" uses unsafe RSA signature " |
679 | "scheme; disabling use of RSA keys", remote_version); | 652 | "scheme; disabling use of RSA keys", remote_version); |
680 | if (!client_banner_sent) | ||
681 | send_client_banner(connection_out, minor1); | ||
682 | chop(server_version_string); | 653 | chop(server_version_string); |
683 | } | 654 | } |
684 | 655 | ||