summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--ChangeLog5
-rw-r--r--compat.c112
-rw-r--r--match.c26
-rw-r--r--match.h7
4 files changed, 85 insertions, 65 deletions
diff --git a/ChangeLog b/ChangeLog
index d47f11af9..f4f1f790e 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -65,6 +65,9 @@
65 - markus@cvs.openbsd.org 2001/12/05 15:04:48 65 - markus@cvs.openbsd.org 2001/12/05 15:04:48
66 [version.h] 66 [version.h]
67 post 3.0.2 67 post 3.0.2
68 - markus@cvs.openbsd.org 2001/12/05 16:54:51
69 [compat.c match.c match.h]
70 make theo and djm happy: bye bye regexp
68 71
6920011126 7220011126
70 - (tim) [contrib/cygwin/README, openbsd-compat/bsd-cygwin_util.c, 73 - (tim) [contrib/cygwin/README, openbsd-compat/bsd-cygwin_util.c,
@@ -6987,4 +6990,4 @@
6987 - Wrote replacements for strlcpy and mkdtemp 6990 - Wrote replacements for strlcpy and mkdtemp
6988 - Released 1.0pre1 6991 - Released 1.0pre1
6989 6992
6990$Id: ChangeLog,v 1.1685 2001/12/06 18:02:59 mouring Exp $ 6993$Id: ChangeLog,v 1.1686 2001/12/06 18:06:05 mouring Exp $
diff --git a/compat.c b/compat.c
index 0b8d53822..09ca4a447 100644
--- a/compat.c
+++ b/compat.c
@@ -23,22 +23,13 @@
23 */ 23 */
24 24
25#include "includes.h" 25#include "includes.h"
26RCSID("$OpenBSD: compat.c,v 1.54 2001/12/05 10:06:12 deraadt Exp $"); 26RCSID("$OpenBSD: compat.c,v 1.55 2001/12/05 16:54:51 markus Exp $");
27
28#ifdef HAVE_LIBPCRE
29# include <pcreposix.h>
30#else /* Use native regex libraries */
31# ifdef HAVE_REGEX_H
32# include <regex.h>
33# else
34# include "openbsd-compat/fake-regex.h"
35# endif
36#endif /* HAVE_LIBPCRE */
37 27
38#include "packet.h" 28#include "packet.h"
39#include "xmalloc.h" 29#include "xmalloc.h"
40#include "compat.h" 30#include "compat.h"
41#include "log.h" 31#include "log.h"
32#include "match.h"
42 33
43int compat13 = 0; 34int compat13 = 0;
44int compat20 = 0; 35int compat20 = 0;
@@ -60,86 +51,97 @@ enable_compat13(void)
60void 51void
61compat_datafellows(const char *version) 52compat_datafellows(const char *version)
62{ 53{
63 int i, ret; 54 int i;
64 char ebuf[1024];
65 regex_t reg;
66 static struct { 55 static struct {
67 char *pat; 56 char *pat;
68 int bugs; 57 int bugs;
69 } check[] = { 58 } check[] = {
70 { "^OpenSSH[-_]2\\.[012]", 59 { "OpenSSH-2.0*,"
71 SSH_OLD_SESSIONID|SSH_BUG_BANNER| 60 "OpenSSH-2.1*,"
61 "OpenSSH_2.1*,"
62 "OpenSSH_2.2*", SSH_OLD_SESSIONID|SSH_BUG_BANNER|
72 SSH_OLD_DHGEX|SSH_BUG_NOREKEY }, 63 SSH_OLD_DHGEX|SSH_BUG_NOREKEY },
73 { "^OpenSSH_2\\.3\\.0", SSH_BUG_BANNER|SSH_BUG_BIGENDIANAES| 64 { "OpenSSH_2.3.0*", SSH_BUG_BANNER|SSH_BUG_BIGENDIANAES|
74 SSH_OLD_DHGEX|SSH_BUG_NOREKEY}, 65 SSH_OLD_DHGEX|SSH_BUG_NOREKEY},
75 { "^OpenSSH_2\\.3\\.", SSH_BUG_BIGENDIANAES|SSH_OLD_DHGEX| 66 { "OpenSSH_2.3.*", SSH_BUG_BIGENDIANAES|SSH_OLD_DHGEX|
76 SSH_BUG_NOREKEY}, 67 SSH_BUG_NOREKEY},
77 { "^OpenSSH_2\\.5\\.[01]p1", 68 { "OpenSSH_2.5.0p1*,"
69 "OpenSSH_2.5.1p1*",
78 SSH_BUG_BIGENDIANAES|SSH_OLD_DHGEX| 70 SSH_BUG_BIGENDIANAES|SSH_OLD_DHGEX|
79 SSH_BUG_NOREKEY }, 71 SSH_BUG_NOREKEY },
80 { "^OpenSSH_2\\.5\\.[012]", 72 { "OpenSSH_2.5.0*,"
81 SSH_OLD_DHGEX|SSH_BUG_NOREKEY }, 73 "OpenSSH_2.5.1*,"
82 { "^OpenSSH_2\\.5\\.3", 74 "OpenSSH_2.5.2*", SSH_OLD_DHGEX|SSH_BUG_NOREKEY },
75 { "OpenSSH_2.5.3*",
83 SSH_BUG_NOREKEY }, 76 SSH_BUG_NOREKEY },
84 { "^OpenSSH", 0 }, 77 { "OpenSSH*", 0 },
85 { "MindTerm", 0 }, 78 { "*MindTerm*", 0 },
86 { "^2\\.1\\.0", SSH_BUG_SIGBLOB|SSH_BUG_HMAC| 79 { "2.1.0*", SSH_BUG_SIGBLOB|SSH_BUG_HMAC|
87 SSH_OLD_SESSIONID|SSH_BUG_DEBUG| 80 SSH_OLD_SESSIONID|SSH_BUG_DEBUG|
88 SSH_BUG_RSASIGMD5|SSH_BUG_HBSERVICE }, 81 SSH_BUG_RSASIGMD5|SSH_BUG_HBSERVICE },
89 { "^2\\.1 ", SSH_BUG_SIGBLOB|SSH_BUG_HMAC| 82 { "2.1 *", SSH_BUG_SIGBLOB|SSH_BUG_HMAC|
90 SSH_OLD_SESSIONID|SSH_BUG_DEBUG| 83 SSH_OLD_SESSIONID|SSH_BUG_DEBUG|
91 SSH_BUG_RSASIGMD5|SSH_BUG_HBSERVICE }, 84 SSH_BUG_RSASIGMD5|SSH_BUG_HBSERVICE },
92 { "^2\\.0\\.1[3-9]", SSH_BUG_SIGBLOB|SSH_BUG_HMAC| 85 { "2.0.13*,"
86 "2.0.14*,"
87 "2.0.15*,"
88 "2.0.16*,"
89 "2.0.17*,"
90 "2.0.18*,"
91 "2.0.19*", SSH_BUG_SIGBLOB|SSH_BUG_HMAC|
93 SSH_OLD_SESSIONID|SSH_BUG_DEBUG| 92 SSH_OLD_SESSIONID|SSH_BUG_DEBUG|
94 SSH_BUG_PKSERVICE|SSH_BUG_X11FWD| 93 SSH_BUG_PKSERVICE|SSH_BUG_X11FWD|
95 SSH_BUG_PKOK|SSH_BUG_RSASIGMD5| 94 SSH_BUG_PKOK|SSH_BUG_RSASIGMD5|
96 SSH_BUG_HBSERVICE|SSH_BUG_OPENFAILURE| 95 SSH_BUG_HBSERVICE|SSH_BUG_OPENFAILURE|
97 SSH_BUG_DUMMYCHAN }, 96 SSH_BUG_DUMMYCHAN },
98 { "^2\\.0\\.1[1-2]", SSH_BUG_SIGBLOB|SSH_BUG_HMAC| 97 { "2.0.11*,"
98 "2.0.12*", SSH_BUG_SIGBLOB|SSH_BUG_HMAC|
99 SSH_OLD_SESSIONID|SSH_BUG_DEBUG| 99 SSH_OLD_SESSIONID|SSH_BUG_DEBUG|
100 SSH_BUG_PKSERVICE|SSH_BUG_X11FWD| 100 SSH_BUG_PKSERVICE|SSH_BUG_X11FWD|
101 SSH_BUG_PKAUTH|SSH_BUG_PKOK| 101 SSH_BUG_PKAUTH|SSH_BUG_PKOK|
102 SSH_BUG_RSASIGMD5|SSH_BUG_OPENFAILURE| 102 SSH_BUG_RSASIGMD5|SSH_BUG_OPENFAILURE|
103 SSH_BUG_DUMMYCHAN }, 103 SSH_BUG_DUMMYCHAN },
104 { "^2\\.0\\.", SSH_BUG_SIGBLOB|SSH_BUG_HMAC| 104 { "2.0.*", SSH_BUG_SIGBLOB|SSH_BUG_HMAC|
105 SSH_OLD_SESSIONID|SSH_BUG_DEBUG| 105 SSH_OLD_SESSIONID|SSH_BUG_DEBUG|
106 SSH_BUG_PKSERVICE|SSH_BUG_X11FWD| 106 SSH_BUG_PKSERVICE|SSH_BUG_X11FWD|
107 SSH_BUG_PKAUTH|SSH_BUG_PKOK| 107 SSH_BUG_PKAUTH|SSH_BUG_PKOK|
108 SSH_BUG_RSASIGMD5|SSH_BUG_OPENFAILURE| 108 SSH_BUG_RSASIGMD5|SSH_BUG_OPENFAILURE|
109 SSH_BUG_DERIVEKEY|SSH_BUG_DUMMYCHAN }, 109 SSH_BUG_DERIVEKEY|SSH_BUG_DUMMYCHAN },
110 { "^2\\.[23]\\.0", SSH_BUG_HMAC|SSH_BUG_DEBUG| 110 { "2.2.0*,"
111 "2.3.0*", SSH_BUG_HMAC|SSH_BUG_DEBUG|
111 SSH_BUG_RSASIGMD5 }, 112 SSH_BUG_RSASIGMD5 },
112 { "^2\\.3\\.", SSH_BUG_DEBUG|SSH_BUG_RSASIGMD5 }, 113 { "2.3.*", SSH_BUG_DEBUG|SSH_BUG_RSASIGMD5 },
113 { "^2\\.[2-9]\\.", SSH_BUG_DEBUG }, 114 { "2.4", SSH_OLD_SESSIONID }, /* Van Dyke */
114 { "^3\\.0\\.", SSH_BUG_DEBUG }, 115 { "2.*", SSH_BUG_DEBUG },
115 { "^2\\.4$", SSH_OLD_SESSIONID }, /* Van Dyke */ 116 { "3.0.*", SSH_BUG_DEBUG },
116 { "^3\\.0 SecureCRT", SSH_OLD_SESSIONID }, 117 { "3.0 SecureCRT*", SSH_OLD_SESSIONID },
117 { "^1\\.7 SecureFX", SSH_OLD_SESSIONID }, 118 { "1.7 SecureFX*", SSH_OLD_SESSIONID },
118 { "^1\\.2\\.1[89]", SSH_BUG_IGNOREMSG }, 119 { "1.2.18*,"
119 { "^1\\.2\\.2[012]", SSH_BUG_IGNOREMSG }, 120 "1.2.19*,"
120 { "^1\\.3\\.2", SSH_BUG_IGNOREMSG }, /* f-secure */ 121 "1.2.20*,"
121 { "^SSH Compatible Server", /* Netscreen */ 122 "1.2.21*,"
122 SSH_BUG_PASSWORDPAD }, 123 "1.2.22*", SSH_BUG_IGNOREMSG },
123 { "^OSU_0", SSH_BUG_PASSWORDPAD }, 124 { "1.3.2*", SSH_BUG_IGNOREMSG }, /* f-secure */
124 { "^OSU_1\\.[0-4]", SSH_BUG_PASSWORDPAD }, 125 { "*SSH Compatible Server*", /* Netscreen */
125 { "^OSU_1\\.5alpha[1-3]",
126 SSH_BUG_PASSWORDPAD }, 126 SSH_BUG_PASSWORDPAD },
127 { "^SSH_Version_Mapper", 127 { "*OSU_0*,"
128 "OSU_1.0*,"
129 "OSU_1.1*,"
130 "OSU_1.2*,"
131 "OSU_1.3*,"
132 "OSU_1.4*,"
133 "OSU_1.5alpha1*,"
134 "OSU_1.5alpha2*,"
135 "OSU_1.5alpha3*", SSH_BUG_PASSWORDPAD },
136 { "*SSH_Version_Mapper*",
128 SSH_BUG_SCANNER }, 137 SSH_BUG_SCANNER },
129 { NULL, 0 } 138 { NULL, 0 }
130 }; 139 };
140
131 /* process table, return first match */ 141 /* process table, return first match */
132 for (i = 0; check[i].pat; i++) { 142 for (i = 0; check[i].pat; i++) {
133 ret = regcomp(&reg, check[i].pat, REG_EXTENDED|REG_NOSUB); 143 if (match_pattern_list(version, check[i].pat,
134 if (ret != 0) { 144 strlen(check[i].pat), 0) == 1) {
135 regerror(ret, &reg, ebuf, sizeof(ebuf));
136 ebuf[sizeof(ebuf)-1] = '\0';
137 error("regerror: %s", ebuf);
138 continue;
139 }
140 ret = regexec(&reg, version, 0, NULL, 0);
141 regfree(&reg);
142 if (ret == 0) {
143 debug("match: %s pat %s", version, check[i].pat); 145 debug("match: %s pat %s", version, check[i].pat);
144 datafellows = check[i].bugs; 146 datafellows = check[i].bugs;
145 return; 147 return;
diff --git a/match.c b/match.c
index 188b9a416..ca4d92c40 100644
--- a/match.c
+++ b/match.c
@@ -35,7 +35,7 @@
35 */ 35 */
36 36
37#include "includes.h" 37#include "includes.h"
38RCSID("$OpenBSD: match.c,v 1.14 2001/06/27 04:48:53 markus Exp $"); 38RCSID("$OpenBSD: match.c,v 1.15 2001/12/05 16:54:51 markus Exp $");
39 39
40#include "match.h" 40#include "match.h"
41#include "xmalloc.h" 41#include "xmalloc.h"
@@ -104,14 +104,15 @@ match_pattern(const char *s, const char *pattern)
104} 104}
105 105
106/* 106/*
107 * Tries to match the host name (which must be in all lowercase) against the 107 * Tries to match the string against the
108 * comma-separated sequence of subpatterns (each possibly preceded by ! to 108 * comma-separated sequence of subpatterns (each possibly preceded by ! to
109 * indicate negation). Returns -1 if negation matches, 1 if there is 109 * indicate negation). Returns -1 if negation matches, 1 if there is
110 * a positive match, 0 if there is no match at all. 110 * a positive match, 0 if there is no match at all.
111 */ 111 */
112 112
113int 113int
114match_hostname(const char *host, const char *pattern, u_int len) 114match_pattern_list(const char *string, const char *pattern, u_int len,
115 int dolower)
115{ 116{
116 char sub[1024]; 117 char sub[1024];
117 int negated; 118 int negated;
@@ -134,7 +135,8 @@ match_hostname(const char *host, const char *pattern, u_int len)
134 for (subi = 0; 135 for (subi = 0;
135 i < len && subi < sizeof(sub) - 1 && pattern[i] != ','; 136 i < len && subi < sizeof(sub) - 1 && pattern[i] != ',';
136 subi++, i++) 137 subi++, i++)
137 sub[subi] = isupper(pattern[i]) ? tolower(pattern[i]) : pattern[i]; 138 sub[subi] = dolower && isupper(pattern[i]) ?
139 tolower(pattern[i]) : pattern[i];
138 /* If subpattern too long, return failure (no match). */ 140 /* If subpattern too long, return failure (no match). */
139 if (subi >= sizeof(sub) - 1) 141 if (subi >= sizeof(sub) - 1)
140 return 0; 142 return 0;
@@ -146,8 +148,8 @@ match_hostname(const char *host, const char *pattern, u_int len)
146 /* Null-terminate the subpattern. */ 148 /* Null-terminate the subpattern. */
147 sub[subi] = '\0'; 149 sub[subi] = '\0';
148 150
149 /* Try to match the subpattern against the host name. */ 151 /* Try to match the subpattern against the string. */
150 if (match_pattern(host, sub)) { 152 if (match_pattern(string, sub)) {
151 if (negated) 153 if (negated)
152 return -1; /* Negative */ 154 return -1; /* Negative */
153 else 155 else
@@ -163,6 +165,18 @@ match_hostname(const char *host, const char *pattern, u_int len)
163} 165}
164 166
165/* 167/*
168 * Tries to match the host name (which must be in all lowercase) against the
169 * comma-separated sequence of subpatterns (each possibly preceded by ! to
170 * indicate negation). Returns -1 if negation matches, 1 if there is
171 * a positive match, 0 if there is no match at all.
172 */
173int
174match_hostname(const char *host, const char *pattern, u_int len)
175{
176 return match_pattern_list(host, pattern, len, 1);
177}
178
179/*
166 * returns 0 if we get a negative match for the hostname or the ip 180 * returns 0 if we get a negative match for the hostname or the ip
167 * or if we get no match at all. returns 1 otherwise. 181 * or if we get no match at all. returns 1 otherwise.
168 */ 182 */
diff --git a/match.h b/match.h
index f05fe9b37..7b777de3d 100644
--- a/match.h
+++ b/match.h
@@ -1,4 +1,4 @@
1/* $OpenBSD: match.h,v 1.9 2001/06/26 06:32:56 itojun Exp $ */ 1/* $OpenBSD: match.h,v 1.10 2001/12/05 16:54:51 markus Exp $ */
2 2
3/* 3/*
4 * Author: Tatu Ylonen <ylo@cs.hut.fi> 4 * Author: Tatu Ylonen <ylo@cs.hut.fi>
@@ -14,8 +14,9 @@
14#ifndef MATCH_H 14#ifndef MATCH_H
15#define MATCH_H 15#define MATCH_H
16 16
17int match_pattern(const char *, const char *); 17int match_pattern(const char *, const char *);
18int match_hostname(const char *, const char *, u_int); 18int match_pattern_list(const char *, const char *, u_int, int);
19int match_hostname(const char *, const char *, u_int);
19int match_host_and_ip(const char *, const char *, const char *); 20int match_host_and_ip(const char *, const char *, const char *);
20int match_user(const char *, const char *, const char *, const char *); 21int match_user(const char *, const char *, const char *, const char *);
21char *match_list(const char *, const char *, u_int *); 22char *match_list(const char *, const char *, u_int *);
generated by cgit v1.2.3 (git 2.39.1) at 2024-06-29 02:10:15 +0000