summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--ChangeLog6
-rw-r--r--compat.c4
-rw-r--r--compat.h3
-rw-r--r--sshd.c8
4 files changed, 17 insertions, 4 deletions
diff --git a/ChangeLog b/ChangeLog
index 43f808038..57e246fc1 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -17,6 +17,10 @@
17 - djm@cvs.openbsd.org 2001/03/19 03:52:51 17 - djm@cvs.openbsd.org 2001/03/19 03:52:51
18 [sftp-client.c] 18 [sftp-client.c]
19 Report ssh connection closing correctly; ok deraadt@ 19 Report ssh connection closing correctly; ok deraadt@
20 - deraadt@cvs.openbsd.org 2001/03/18 23:30:55
21 [compat.c compat.h sshd.c]
22 specifically version match on ssh scanners. do not log scan
23 information to the console
20 24
2120010318 2520010318
22 - (bal) Fixed scp type casing issue which causes "scp: protocol error: 26 - (bal) Fixed scp type casing issue which causes "scp: protocol error:
@@ -4616,4 +4620,4 @@
4616 - Wrote replacements for strlcpy and mkdtemp 4620 - Wrote replacements for strlcpy and mkdtemp
4617 - Released 1.0pre1 4621 - Released 1.0pre1
4618 4622
4619$Id: ChangeLog,v 1.980 2001/03/19 11:29:46 djm Exp $ 4623$Id: ChangeLog,v 1.981 2001/03/19 11:36:20 djm Exp $
diff --git a/compat.c b/compat.c
index 9d23f9a03..4fb2b441a 100644
--- a/compat.c
+++ b/compat.c
@@ -23,7 +23,7 @@
23 */ 23 */
24 24
25#include "includes.h" 25#include "includes.h"
26RCSID("$OpenBSD: compat.c,v 1.38 2001/03/10 15:31:00 deraadt Exp $"); 26RCSID("$OpenBSD: compat.c,v 1.39 2001/03/18 23:30:55 deraadt Exp $");
27 27
28#ifdef HAVE_LIBPCRE 28#ifdef HAVE_LIBPCRE
29# include <pcreposix.h> 29# include <pcreposix.h>
@@ -97,6 +97,8 @@ compat_datafellows(const char *version)
97 { "^OSU_1\\.[0-4]", SSH_BUG_PASSWORDPAD }, 97 { "^OSU_1\\.[0-4]", SSH_BUG_PASSWORDPAD },
98 { "^OSU_1\\.5alpha[1-3]", 98 { "^OSU_1\\.5alpha[1-3]",
99 SSH_BUG_PASSWORDPAD }, 99 SSH_BUG_PASSWORDPAD },
100 { "^SSH_Version_Mapper",
101 SSH_BUG_SCANNER },
100 { NULL, 0 } 102 { NULL, 0 }
101 }; 103 };
102 /* process table, return first match */ 104 /* process table, return first match */
diff --git a/compat.h b/compat.h
index a1fdbe764..41d6af0fb 100644
--- a/compat.h
+++ b/compat.h
@@ -21,7 +21,7 @@
21 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 21 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
22 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 22 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
23 */ 23 */
24/* RCSID("$OpenBSD: compat.h,v 1.17 2001/03/10 15:31:00 deraadt Exp $"); */ 24/* RCSID("$OpenBSD: compat.h,v 1.18 2001/03/18 23:30:55 deraadt Exp $"); */
25 25
26#ifndef COMPAT_H 26#ifndef COMPAT_H
27#define COMPAT_H 27#define COMPAT_H
@@ -42,6 +42,7 @@
42#define SSH_BUG_IGNOREMSG 0x0100 42#define SSH_BUG_IGNOREMSG 0x0100
43#define SSH_BUG_PKOK 0x0200 43#define SSH_BUG_PKOK 0x0200
44#define SSH_BUG_PASSWORDPAD 0x0400 44#define SSH_BUG_PASSWORDPAD 0x0400
45#define SSH_BUG_SCANNER 0x0800
45 46
46void enable_compat13(void); 47void enable_compat13(void);
47void enable_compat20(void); 48void enable_compat20(void);
diff --git a/sshd.c b/sshd.c
index 0a1048cd3..384d4082d 100644
--- a/sshd.c
+++ b/sshd.c
@@ -40,7 +40,7 @@
40 */ 40 */
41 41
42#include "includes.h" 42#include "includes.h"
43RCSID("$OpenBSD: sshd.c,v 1.174 2001/03/09 12:30:29 deraadt Exp $"); 43RCSID("$OpenBSD: sshd.c,v 1.175 2001/03/18 23:30:55 deraadt Exp $");
44 44
45#include <openssl/dh.h> 45#include <openssl/dh.h>
46#include <openssl/bn.h> 46#include <openssl/bn.h>
@@ -381,6 +381,12 @@ sshd_exchange_identification(int sock_in, int sock_out)
381 381
382 compat_datafellows(remote_version); 382 compat_datafellows(remote_version);
383 383
384 if (datafellows & SSH_BUG_SCANNER) {
385 log("scanned from %s with %s. Don't panic.",
386 get_remote_ipaddr(), client_version_string);
387 fatal_cleanup();
388 }
389
384 mismatch = 0; 390 mismatch = 0;
385 switch(remote_major) { 391 switch(remote_major) {
386 case 1: 392 case 1:
generated by cgit v1.2.3 (git 2.39.1) at 2024-06-23 02:48:39 +0000