diff options
Diffstat (limited to 'compat.c')
-rw-r--r-- | compat.c | 24 |
1 files changed, 15 insertions, 9 deletions
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: compat.c,v 1.89 2015/04/10 05:16:50 dtucker Exp $ */ | 1 | /* $OpenBSD: compat.c,v 1.90 2015/04/13 02:04:08 djm Exp $ */ |
2 | /* | 2 | /* |
3 | * Copyright (c) 1999, 2000, 2001, 2002 Markus Friedl. All rights reserved. | 3 | * Copyright (c) 1999, 2000, 2001, 2002 Markus Friedl. All rights reserved. |
4 | * | 4 | * |
@@ -165,6 +165,7 @@ compat_datafellows(const char *version) | |||
165 | "OSU_1.5alpha3*", SSH_BUG_PASSWORDPAD }, | 165 | "OSU_1.5alpha3*", SSH_BUG_PASSWORDPAD }, |
166 | { "*SSH_Version_Mapper*", | 166 | { "*SSH_Version_Mapper*", |
167 | SSH_BUG_SCANNER }, | 167 | SSH_BUG_SCANNER }, |
168 | { "PuTTY*", SSH_OLD_DHGEX }, | ||
168 | { "Probe-*", | 169 | { "Probe-*", |
169 | SSH_BUG_PROBE }, | 170 | SSH_BUG_PROBE }, |
170 | { "TeraTerm SSH*," | 171 | { "TeraTerm SSH*," |
@@ -284,15 +285,20 @@ compat_pkalg_proposal(char *pkalg_prop) | |||
284 | } | 285 | } |
285 | 286 | ||
286 | char * | 287 | char * |
287 | compat_kex_proposal(char *kex_prop) | 288 | compat_kex_proposal(char *p) |
288 | { | 289 | { |
289 | if (!(datafellows & SSH_BUG_CURVE25519PAD)) | 290 | if ((datafellows & (SSH_BUG_CURVE25519PAD|SSH_OLD_DHGEX)) == 0) |
290 | return kex_prop; | 291 | return p; |
291 | debug2("%s: original KEX proposal: %s", __func__, kex_prop); | 292 | debug2("%s: original KEX proposal: %s", __func__, p); |
292 | kex_prop = filter_proposal(kex_prop, "curve25519-sha256@libssh.org"); | 293 | if ((datafellows & SSH_BUG_CURVE25519PAD) != 0) |
293 | debug2("%s: compat KEX proposal: %s", __func__, kex_prop); | 294 | p = filter_proposal(p, "curve25519-sha256@libssh.org"); |
294 | if (*kex_prop == '\0') | 295 | if ((datafellows & SSH_OLD_DHGEX) != 0) { |
296 | p = filter_proposal(p, "diffie-hellman-group-exchange-sha256"); | ||
297 | p = filter_proposal(p, "diffie-hellman-group-exchange-sha1"); | ||
298 | } | ||
299 | debug2("%s: compat KEX proposal: %s", __func__, p); | ||
300 | if (*p == '\0') | ||
295 | fatal("No supported key exchange algorithms found"); | 301 | fatal("No supported key exchange algorithms found"); |
296 | return kex_prop; | 302 | return p; |
297 | } | 303 | } |
298 | 304 | ||