diff options
-rw-r--r-- | ChangeLog | 5 | ||||
-rw-r--r-- | compat.c | 112 | ||||
-rw-r--r-- | match.c | 26 | ||||
-rw-r--r-- | match.h | 7 |
4 files changed, 85 insertions, 65 deletions
@@ -65,6 +65,9 @@ | |||
65 | - markus@cvs.openbsd.org 2001/12/05 15:04:48 | 65 | - markus@cvs.openbsd.org 2001/12/05 15:04:48 |
66 | [version.h] | 66 | [version.h] |
67 | post 3.0.2 | 67 | post 3.0.2 |
68 | - markus@cvs.openbsd.org 2001/12/05 16:54:51 | ||
69 | [compat.c match.c match.h] | ||
70 | make theo and djm happy: bye bye regexp | ||
68 | 71 | ||
69 | 20011126 | 72 | 20011126 |
70 | - (tim) [contrib/cygwin/README, openbsd-compat/bsd-cygwin_util.c, | 73 | - (tim) [contrib/cygwin/README, openbsd-compat/bsd-cygwin_util.c, |
@@ -6987,4 +6990,4 @@ | |||
6987 | - Wrote replacements for strlcpy and mkdtemp | 6990 | - Wrote replacements for strlcpy and mkdtemp |
6988 | - Released 1.0pre1 | 6991 | - Released 1.0pre1 |
6989 | 6992 | ||
6990 | $Id: ChangeLog,v 1.1685 2001/12/06 18:02:59 mouring Exp $ | 6993 | $Id: ChangeLog,v 1.1686 2001/12/06 18:06:05 mouring Exp $ |
@@ -23,22 +23,13 @@ | |||
23 | */ | 23 | */ |
24 | 24 | ||
25 | #include "includes.h" | 25 | #include "includes.h" |
26 | RCSID("$OpenBSD: compat.c,v 1.54 2001/12/05 10:06:12 deraadt Exp $"); | 26 | RCSID("$OpenBSD: compat.c,v 1.55 2001/12/05 16:54:51 markus Exp $"); |
27 | |||
28 | #ifdef HAVE_LIBPCRE | ||
29 | # include <pcreposix.h> | ||
30 | #else /* Use native regex libraries */ | ||
31 | # ifdef HAVE_REGEX_H | ||
32 | # include <regex.h> | ||
33 | # else | ||
34 | # include "openbsd-compat/fake-regex.h" | ||
35 | # endif | ||
36 | #endif /* HAVE_LIBPCRE */ | ||
37 | 27 | ||
38 | #include "packet.h" | 28 | #include "packet.h" |
39 | #include "xmalloc.h" | 29 | #include "xmalloc.h" |
40 | #include "compat.h" | 30 | #include "compat.h" |
41 | #include "log.h" | 31 | #include "log.h" |
32 | #include "match.h" | ||
42 | 33 | ||
43 | int compat13 = 0; | 34 | int compat13 = 0; |
44 | int compat20 = 0; | 35 | int compat20 = 0; |
@@ -60,86 +51,97 @@ enable_compat13(void) | |||
60 | void | 51 | void |
61 | compat_datafellows(const char *version) | 52 | compat_datafellows(const char *version) |
62 | { | 53 | { |
63 | int i, ret; | 54 | int i; |
64 | char ebuf[1024]; | ||
65 | regex_t reg; | ||
66 | static struct { | 55 | static struct { |
67 | char *pat; | 56 | char *pat; |
68 | int bugs; | 57 | int bugs; |
69 | } check[] = { | 58 | } check[] = { |
70 | { "^OpenSSH[-_]2\\.[012]", | 59 | { "OpenSSH-2.0*," |
71 | SSH_OLD_SESSIONID|SSH_BUG_BANNER| | 60 | "OpenSSH-2.1*," |
61 | "OpenSSH_2.1*," | ||
62 | "OpenSSH_2.2*", SSH_OLD_SESSIONID|SSH_BUG_BANNER| | ||
72 | SSH_OLD_DHGEX|SSH_BUG_NOREKEY }, | 63 | SSH_OLD_DHGEX|SSH_BUG_NOREKEY }, |
73 | { "^OpenSSH_2\\.3\\.0", SSH_BUG_BANNER|SSH_BUG_BIGENDIANAES| | 64 | { "OpenSSH_2.3.0*", SSH_BUG_BANNER|SSH_BUG_BIGENDIANAES| |
74 | SSH_OLD_DHGEX|SSH_BUG_NOREKEY}, | 65 | SSH_OLD_DHGEX|SSH_BUG_NOREKEY}, |
75 | { "^OpenSSH_2\\.3\\.", SSH_BUG_BIGENDIANAES|SSH_OLD_DHGEX| | 66 | { "OpenSSH_2.3.*", SSH_BUG_BIGENDIANAES|SSH_OLD_DHGEX| |
76 | SSH_BUG_NOREKEY}, | 67 | SSH_BUG_NOREKEY}, |
77 | { "^OpenSSH_2\\.5\\.[01]p1", | 68 | { "OpenSSH_2.5.0p1*," |
69 | "OpenSSH_2.5.1p1*", | ||
78 | SSH_BUG_BIGENDIANAES|SSH_OLD_DHGEX| | 70 | SSH_BUG_BIGENDIANAES|SSH_OLD_DHGEX| |
79 | SSH_BUG_NOREKEY }, | 71 | SSH_BUG_NOREKEY }, |
80 | { "^OpenSSH_2\\.5\\.[012]", | 72 | { "OpenSSH_2.5.0*," |
81 | SSH_OLD_DHGEX|SSH_BUG_NOREKEY }, | 73 | "OpenSSH_2.5.1*," |
82 | { "^OpenSSH_2\\.5\\.3", | 74 | "OpenSSH_2.5.2*", SSH_OLD_DHGEX|SSH_BUG_NOREKEY }, |
75 | { "OpenSSH_2.5.3*", | ||
83 | SSH_BUG_NOREKEY }, | 76 | SSH_BUG_NOREKEY }, |
84 | { "^OpenSSH", 0 }, | 77 | { "OpenSSH*", 0 }, |
85 | { "MindTerm", 0 }, | 78 | { "*MindTerm*", 0 }, |
86 | { "^2\\.1\\.0", SSH_BUG_SIGBLOB|SSH_BUG_HMAC| | 79 | { "2.1.0*", SSH_BUG_SIGBLOB|SSH_BUG_HMAC| |
87 | SSH_OLD_SESSIONID|SSH_BUG_DEBUG| | 80 | SSH_OLD_SESSIONID|SSH_BUG_DEBUG| |
88 | SSH_BUG_RSASIGMD5|SSH_BUG_HBSERVICE }, | 81 | SSH_BUG_RSASIGMD5|SSH_BUG_HBSERVICE }, |
89 | { "^2\\.1 ", SSH_BUG_SIGBLOB|SSH_BUG_HMAC| | 82 | { "2.1 *", SSH_BUG_SIGBLOB|SSH_BUG_HMAC| |
90 | SSH_OLD_SESSIONID|SSH_BUG_DEBUG| | 83 | SSH_OLD_SESSIONID|SSH_BUG_DEBUG| |
91 | SSH_BUG_RSASIGMD5|SSH_BUG_HBSERVICE }, | 84 | SSH_BUG_RSASIGMD5|SSH_BUG_HBSERVICE }, |
92 | { "^2\\.0\\.1[3-9]", SSH_BUG_SIGBLOB|SSH_BUG_HMAC| | 85 | { "2.0.13*," |
86 | "2.0.14*," | ||
87 | "2.0.15*," | ||
88 | "2.0.16*," | ||
89 | "2.0.17*," | ||
90 | "2.0.18*," | ||
91 | "2.0.19*", SSH_BUG_SIGBLOB|SSH_BUG_HMAC| | ||
93 | SSH_OLD_SESSIONID|SSH_BUG_DEBUG| | 92 | SSH_OLD_SESSIONID|SSH_BUG_DEBUG| |
94 | SSH_BUG_PKSERVICE|SSH_BUG_X11FWD| | 93 | SSH_BUG_PKSERVICE|SSH_BUG_X11FWD| |
95 | SSH_BUG_PKOK|SSH_BUG_RSASIGMD5| | 94 | SSH_BUG_PKOK|SSH_BUG_RSASIGMD5| |
96 | SSH_BUG_HBSERVICE|SSH_BUG_OPENFAILURE| | 95 | SSH_BUG_HBSERVICE|SSH_BUG_OPENFAILURE| |
97 | SSH_BUG_DUMMYCHAN }, | 96 | SSH_BUG_DUMMYCHAN }, |
98 | { "^2\\.0\\.1[1-2]", SSH_BUG_SIGBLOB|SSH_BUG_HMAC| | 97 | { "2.0.11*," |
98 | "2.0.12*", SSH_BUG_SIGBLOB|SSH_BUG_HMAC| | ||
99 | SSH_OLD_SESSIONID|SSH_BUG_DEBUG| | 99 | SSH_OLD_SESSIONID|SSH_BUG_DEBUG| |
100 | SSH_BUG_PKSERVICE|SSH_BUG_X11FWD| | 100 | SSH_BUG_PKSERVICE|SSH_BUG_X11FWD| |
101 | SSH_BUG_PKAUTH|SSH_BUG_PKOK| | 101 | SSH_BUG_PKAUTH|SSH_BUG_PKOK| |
102 | SSH_BUG_RSASIGMD5|SSH_BUG_OPENFAILURE| | 102 | SSH_BUG_RSASIGMD5|SSH_BUG_OPENFAILURE| |
103 | SSH_BUG_DUMMYCHAN }, | 103 | SSH_BUG_DUMMYCHAN }, |
104 | { "^2\\.0\\.", SSH_BUG_SIGBLOB|SSH_BUG_HMAC| | 104 | { "2.0.*", SSH_BUG_SIGBLOB|SSH_BUG_HMAC| |
105 | SSH_OLD_SESSIONID|SSH_BUG_DEBUG| | 105 | SSH_OLD_SESSIONID|SSH_BUG_DEBUG| |
106 | SSH_BUG_PKSERVICE|SSH_BUG_X11FWD| | 106 | SSH_BUG_PKSERVICE|SSH_BUG_X11FWD| |
107 | SSH_BUG_PKAUTH|SSH_BUG_PKOK| | 107 | SSH_BUG_PKAUTH|SSH_BUG_PKOK| |
108 | SSH_BUG_RSASIGMD5|SSH_BUG_OPENFAILURE| | 108 | SSH_BUG_RSASIGMD5|SSH_BUG_OPENFAILURE| |
109 | SSH_BUG_DERIVEKEY|SSH_BUG_DUMMYCHAN }, | 109 | SSH_BUG_DERIVEKEY|SSH_BUG_DUMMYCHAN }, |
110 | { "^2\\.[23]\\.0", SSH_BUG_HMAC|SSH_BUG_DEBUG| | 110 | { "2.2.0*," |
111 | "2.3.0*", SSH_BUG_HMAC|SSH_BUG_DEBUG| | ||
111 | SSH_BUG_RSASIGMD5 }, | 112 | SSH_BUG_RSASIGMD5 }, |
112 | { "^2\\.3\\.", SSH_BUG_DEBUG|SSH_BUG_RSASIGMD5 }, | 113 | { "2.3.*", SSH_BUG_DEBUG|SSH_BUG_RSASIGMD5 }, |
113 | { "^2\\.[2-9]\\.", SSH_BUG_DEBUG }, | 114 | { "2.4", SSH_OLD_SESSIONID }, /* Van Dyke */ |
114 | { "^3\\.0\\.", SSH_BUG_DEBUG }, | 115 | { "2.*", SSH_BUG_DEBUG }, |
115 | { "^2\\.4$", SSH_OLD_SESSIONID }, /* Van Dyke */ | 116 | { "3.0.*", SSH_BUG_DEBUG }, |
116 | { "^3\\.0 SecureCRT", SSH_OLD_SESSIONID }, | 117 | { "3.0 SecureCRT*", SSH_OLD_SESSIONID }, |
117 | { "^1\\.7 SecureFX", SSH_OLD_SESSIONID }, | 118 | { "1.7 SecureFX*", SSH_OLD_SESSIONID }, |
118 | { "^1\\.2\\.1[89]", SSH_BUG_IGNOREMSG }, | 119 | { "1.2.18*," |
119 | { "^1\\.2\\.2[012]", SSH_BUG_IGNOREMSG }, | 120 | "1.2.19*," |
120 | { "^1\\.3\\.2", SSH_BUG_IGNOREMSG }, /* f-secure */ | 121 | "1.2.20*," |
121 | { "^SSH Compatible Server", /* Netscreen */ | 122 | "1.2.21*," |
122 | SSH_BUG_PASSWORDPAD }, | 123 | "1.2.22*", SSH_BUG_IGNOREMSG }, |
123 | { "^OSU_0", SSH_BUG_PASSWORDPAD }, | 124 | { "1.3.2*", SSH_BUG_IGNOREMSG }, /* f-secure */ |
124 | { "^OSU_1\\.[0-4]", SSH_BUG_PASSWORDPAD }, | 125 | { "*SSH Compatible Server*", /* Netscreen */ |
125 | { "^OSU_1\\.5alpha[1-3]", | ||
126 | SSH_BUG_PASSWORDPAD }, | 126 | SSH_BUG_PASSWORDPAD }, |
127 | { "^SSH_Version_Mapper", | 127 | { "*OSU_0*," |
128 | "OSU_1.0*," | ||
129 | "OSU_1.1*," | ||
130 | "OSU_1.2*," | ||
131 | "OSU_1.3*," | ||
132 | "OSU_1.4*," | ||
133 | "OSU_1.5alpha1*," | ||
134 | "OSU_1.5alpha2*," | ||
135 | "OSU_1.5alpha3*", SSH_BUG_PASSWORDPAD }, | ||
136 | { "*SSH_Version_Mapper*", | ||
128 | SSH_BUG_SCANNER }, | 137 | SSH_BUG_SCANNER }, |
129 | { NULL, 0 } | 138 | { NULL, 0 } |
130 | }; | 139 | }; |
140 | |||
131 | /* process table, return first match */ | 141 | /* process table, return first match */ |
132 | for (i = 0; check[i].pat; i++) { | 142 | for (i = 0; check[i].pat; i++) { |
133 | ret = regcomp(®, check[i].pat, REG_EXTENDED|REG_NOSUB); | 143 | if (match_pattern_list(version, check[i].pat, |
134 | if (ret != 0) { | 144 | strlen(check[i].pat), 0) == 1) { |
135 | regerror(ret, ®, ebuf, sizeof(ebuf)); | ||
136 | ebuf[sizeof(ebuf)-1] = '\0'; | ||
137 | error("regerror: %s", ebuf); | ||
138 | continue; | ||
139 | } | ||
140 | ret = regexec(®, version, 0, NULL, 0); | ||
141 | regfree(®); | ||
142 | if (ret == 0) { | ||
143 | debug("match: %s pat %s", version, check[i].pat); | 145 | debug("match: %s pat %s", version, check[i].pat); |
144 | datafellows = check[i].bugs; | 146 | datafellows = check[i].bugs; |
145 | return; | 147 | return; |
@@ -35,7 +35,7 @@ | |||
35 | */ | 35 | */ |
36 | 36 | ||
37 | #include "includes.h" | 37 | #include "includes.h" |
38 | RCSID("$OpenBSD: match.c,v 1.14 2001/06/27 04:48:53 markus Exp $"); | 38 | RCSID("$OpenBSD: match.c,v 1.15 2001/12/05 16:54:51 markus Exp $"); |
39 | 39 | ||
40 | #include "match.h" | 40 | #include "match.h" |
41 | #include "xmalloc.h" | 41 | #include "xmalloc.h" |
@@ -104,14 +104,15 @@ match_pattern(const char *s, const char *pattern) | |||
104 | } | 104 | } |
105 | 105 | ||
106 | /* | 106 | /* |
107 | * Tries to match the host name (which must be in all lowercase) against the | 107 | * Tries to match the string against the |
108 | * comma-separated sequence of subpatterns (each possibly preceded by ! to | 108 | * comma-separated sequence of subpatterns (each possibly preceded by ! to |
109 | * indicate negation). Returns -1 if negation matches, 1 if there is | 109 | * indicate negation). Returns -1 if negation matches, 1 if there is |
110 | * a positive match, 0 if there is no match at all. | 110 | * a positive match, 0 if there is no match at all. |
111 | */ | 111 | */ |
112 | 112 | ||
113 | int | 113 | int |
114 | match_hostname(const char *host, const char *pattern, u_int len) | 114 | match_pattern_list(const char *string, const char *pattern, u_int len, |
115 | int dolower) | ||
115 | { | 116 | { |
116 | char sub[1024]; | 117 | char sub[1024]; |
117 | int negated; | 118 | int negated; |
@@ -134,7 +135,8 @@ match_hostname(const char *host, const char *pattern, u_int len) | |||
134 | for (subi = 0; | 135 | for (subi = 0; |
135 | i < len && subi < sizeof(sub) - 1 && pattern[i] != ','; | 136 | i < len && subi < sizeof(sub) - 1 && pattern[i] != ','; |
136 | subi++, i++) | 137 | subi++, i++) |
137 | sub[subi] = isupper(pattern[i]) ? tolower(pattern[i]) : pattern[i]; | 138 | sub[subi] = dolower && isupper(pattern[i]) ? |
139 | tolower(pattern[i]) : pattern[i]; | ||
138 | /* If subpattern too long, return failure (no match). */ | 140 | /* If subpattern too long, return failure (no match). */ |
139 | if (subi >= sizeof(sub) - 1) | 141 | if (subi >= sizeof(sub) - 1) |
140 | return 0; | 142 | return 0; |
@@ -146,8 +148,8 @@ match_hostname(const char *host, const char *pattern, u_int len) | |||
146 | /* Null-terminate the subpattern. */ | 148 | /* Null-terminate the subpattern. */ |
147 | sub[subi] = '\0'; | 149 | sub[subi] = '\0'; |
148 | 150 | ||
149 | /* Try to match the subpattern against the host name. */ | 151 | /* Try to match the subpattern against the string. */ |
150 | if (match_pattern(host, sub)) { | 152 | if (match_pattern(string, sub)) { |
151 | if (negated) | 153 | if (negated) |
152 | return -1; /* Negative */ | 154 | return -1; /* Negative */ |
153 | else | 155 | else |
@@ -163,6 +165,18 @@ match_hostname(const char *host, const char *pattern, u_int len) | |||
163 | } | 165 | } |
164 | 166 | ||
165 | /* | 167 | /* |
168 | * Tries to match the host name (which must be in all lowercase) against the | ||
169 | * comma-separated sequence of subpatterns (each possibly preceded by ! to | ||
170 | * indicate negation). Returns -1 if negation matches, 1 if there is | ||
171 | * a positive match, 0 if there is no match at all. | ||
172 | */ | ||
173 | int | ||
174 | match_hostname(const char *host, const char *pattern, u_int len) | ||
175 | { | ||
176 | return match_pattern_list(host, pattern, len, 1); | ||
177 | } | ||
178 | |||
179 | /* | ||
166 | * returns 0 if we get a negative match for the hostname or the ip | 180 | * returns 0 if we get a negative match for the hostname or the ip |
167 | * or if we get no match at all. returns 1 otherwise. | 181 | * or if we get no match at all. returns 1 otherwise. |
168 | */ | 182 | */ |
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: match.h,v 1.9 2001/06/26 06:32:56 itojun Exp $ */ | 1 | /* $OpenBSD: match.h,v 1.10 2001/12/05 16:54:51 markus Exp $ */ |
2 | 2 | ||
3 | /* | 3 | /* |
4 | * Author: Tatu Ylonen <ylo@cs.hut.fi> | 4 | * Author: Tatu Ylonen <ylo@cs.hut.fi> |
@@ -14,8 +14,9 @@ | |||
14 | #ifndef MATCH_H | 14 | #ifndef MATCH_H |
15 | #define MATCH_H | 15 | #define MATCH_H |
16 | 16 | ||
17 | int match_pattern(const char *, const char *); | 17 | int match_pattern(const char *, const char *); |
18 | int match_hostname(const char *, const char *, u_int); | 18 | int match_pattern_list(const char *, const char *, u_int, int); |
19 | int match_hostname(const char *, const char *, u_int); | ||
19 | int match_host_and_ip(const char *, const char *, const char *); | 20 | int match_host_and_ip(const char *, const char *, const char *); |
20 | int match_user(const char *, const char *, const char *, const char *); | 21 | int match_user(const char *, const char *, const char *, const char *); |
21 | char *match_list(const char *, const char *, u_int *); | 22 | char *match_list(const char *, const char *, u_int *); |