compat.c

   1 /*
   2  * Copyright (c) 1999, 2000, 2001 Markus Friedl.  All rights reserved.
   3  *
   4  * Redistribution and use in source and binary forms, with or without
   5  * modification, are permitted provided that the following conditions
   6  * are met:
   7  * 1. Redistributions of source code must retain the above copyright
   8  *    notice, this list of conditions and the following disclaimer.
   9  * 2. Redistributions in binary form must reproduce the above copyright
  10  *    notice, this list of conditions and the following disclaimer in the
  11  *    documentation and/or other materials provided with the distribution.
  12  *
  13  * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
  14  * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
  15  * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
  16  * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
  17  * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
  18  * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
  19  * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
  20  * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
  21  * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
  22  * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  23  */
  24
  25 #include "includes.h"
  26 RCSID("$OpenBSD: compat.c,v 1.51 2001/06/25 08:25:37 markus Exp $");
  27
  28 #ifdef HAVE_LIBPCRE
  29 #  include <pcreposix.h>
  30 #else /* Use native regex libraries */
  31 #  ifdef HAVE_REGEX_H
  32 #    include <regex.h>
  33 #  else
  34 #    include "openbsd-compat/fake-regex.h"
  35 #  endif
  36 #endif /* HAVE_LIBPCRE */
  37
  38 #include "packet.h"
  39 #include "xmalloc.h"
  40 #include "compat.h"
  41 #include "log.h"
  42
  43 int compat13 = 0;
  44 int compat20 = 0;
  45 int datafellows = 0;
  46
  47 void
  48 enable_compat20(void)
  49 {
  50         verbose("Enabling compatibility mode for protocol 2.0");
  51         compat20 = 1;
  52 }
  53 void
  54 enable_compat13(void)
  55 {
  56         verbose("Enabling compatibility mode for protocol 1.3");
  57         compat13 = 1;
  58 }
  59 /* datafellows bug compatibility */
  60 void
  61 compat_datafellows(const char *version)
  62 {
  63         int i, ret;
  64         char ebuf[1024];
  65         regex_t reg;
  66         static struct {
  67                 char    *pat;
  68                 int     bugs;
  69         } check[] = {
  70                 { "^OpenSSH[-_]2\\.[012]",
  71                                         SSH_OLD_SESSIONID|SSH_BUG_BANNER|
  72                                         SSH_OLD_DHGEX|SSH_BUG_NOREKEY },
  73                 { "^OpenSSH_2\\.3\\.0", SSH_BUG_BANNER|SSH_BUG_BIGENDIANAES|
  74                                         SSH_OLD_DHGEX|SSH_BUG_NOREKEY},
  75                 { "^OpenSSH_2\\.3\\.",  SSH_BUG_BIGENDIANAES|SSH_OLD_DHGEX|
  76                                         SSH_BUG_NOREKEY},
  77                 { "^OpenSSH_2\\.5\\.[01]p1",
  78                                         SSH_BUG_BIGENDIANAES|SSH_OLD_DHGEX|
  79                                         SSH_BUG_NOREKEY },
  80                 { "^OpenSSH_2\\.5\\.[012]",
  81                                         SSH_OLD_DHGEX|SSH_BUG_NOREKEY },
  82                 { "^OpenSSH_2\\.5\\.3",
  83                                         SSH_BUG_NOREKEY },
  84                 { "^OpenSSH",           0 },
  85                 { "MindTerm",           0 },
  86                 { "^2\\.1\\.0",         SSH_BUG_SIGBLOB|SSH_BUG_HMAC|
  87                                         SSH_OLD_SESSIONID|SSH_BUG_DEBUG|
  88                                         SSH_BUG_RSASIGMD5|SSH_BUG_HBSERVICE },
  89                 { "^2\\.1 ",            SSH_BUG_SIGBLOB|SSH_BUG_HMAC|
  90                                         SSH_OLD_SESSIONID|SSH_BUG_DEBUG|
  91                                         SSH_BUG_RSASIGMD5|SSH_BUG_HBSERVICE },
  92                 { "^2\\.0\\.1[3-9]",    SSH_BUG_SIGBLOB|SSH_BUG_HMAC|
  93                                         SSH_OLD_SESSIONID|SSH_BUG_DEBUG|
  94                                         SSH_BUG_PKSERVICE|SSH_BUG_X11FWD|
  95                                         SSH_BUG_PKOK|SSH_BUG_RSASIGMD5|
  96                                         SSH_BUG_HBSERVICE|SSH_BUG_OPENFAILURE },
  97                 { "^2\\.0\\.1[1-2]",    SSH_BUG_SIGBLOB|SSH_BUG_HMAC|
  98                                         SSH_OLD_SESSIONID|SSH_BUG_DEBUG|
  99                                         SSH_BUG_PKSERVICE|SSH_BUG_X11FWD|
 100                                         SSH_BUG_PKAUTH|SSH_BUG_PKOK|
 101                                         SSH_BUG_RSASIGMD5|SSH_BUG_OPENFAILURE },
 102                 { "^2\\.0\\.",          SSH_BUG_SIGBLOB|SSH_BUG_HMAC|
 103                                         SSH_OLD_SESSIONID|SSH_BUG_DEBUG|
 104                                         SSH_BUG_PKSERVICE|SSH_BUG_X11FWD|
 105                                         SSH_BUG_PKAUTH|SSH_BUG_PKOK|
 106                                         SSH_BUG_RSASIGMD5|SSH_BUG_OPENFAILURE|
 107                                         SSH_BUG_DERIVEKEY },
 108                 { "^2\\.[23]\\.0",      SSH_BUG_HMAC|SSH_BUG_RSASIGMD5 },
 109                 { "^2\\.3\\.",          SSH_BUG_RSASIGMD5 },
 110                 { "^2\\.[2-9]\\.",      0 },
 111                 { "^2\\.4$",            SSH_OLD_SESSIONID },    /* Van Dyke */
 112                 { "^3\\.0 SecureCRT",   SSH_OLD_SESSIONID },
 113                 { "^1\\.7 SecureFX",    SSH_OLD_SESSIONID },
 114                 { "^1\\.2\\.1[89]",     SSH_BUG_IGNOREMSG },
 115                 { "^1\\.2\\.2[012]",    SSH_BUG_IGNOREMSG },
 116                 { "^1\\.3\\.2",         SSH_BUG_IGNOREMSG },    /* f-secure */
 117                 { "^SSH Compatible Server",                     /* Netscreen */
 118                                         SSH_BUG_PASSWORDPAD },
 119                 { "^OSU_0",             SSH_BUG_PASSWORDPAD },
 120                 { "^OSU_1\\.[0-4]",     SSH_BUG_PASSWORDPAD },
 121                 { "^OSU_1\\.5alpha[1-3]",
 122                                         SSH_BUG_PASSWORDPAD },
 123                 { "^SSH_Version_Mapper",
 124                                         SSH_BUG_SCANNER },
 125                 { NULL,                 0 }
 126         };
 127         /* process table, return first match */
 128         for (i = 0; check[i].pat; i++) {
 129                 ret = regcomp(&reg, check[i].pat, REG_EXTENDED|REG_NOSUB);
 130                 if (ret != 0) {
 131                         regerror(ret, &reg, ebuf, sizeof(ebuf));
 132                         ebuf[sizeof(ebuf)-1] = '\0';
 133                         error("regerror: %s", ebuf);
 134                         continue;
 135                 }
 136                 ret = regexec(&reg, version, 0, NULL, 0);
 137                 regfree(&reg);
 138                 if (ret == 0) {
 139                         debug("match: %s pat %s", version, check[i].pat);
 140                         datafellows = check[i].bugs;
 141                         return;
 142                 }
 143         }
 144         debug("no match: %s", version);
 145 }
 146
 147 #define SEP     ","
 148 int
 149 proto_spec(const char *spec)
 150 {
 151         char *s, *p, *q;
 152         int ret = SSH_PROTO_UNKNOWN;
 153
 154         if (spec == NULL)
 155                 return ret;
 156         q = s = xstrdup(spec);
 157         for ((p = strsep(&q, SEP)); p && *p != '\0'; (p = strsep(&q, SEP))) {
 158                 switch(atoi(p)) {
 159                 case 1:
 160                         if (ret == SSH_PROTO_UNKNOWN)
 161                                 ret |= SSH_PROTO_1_PREFERRED;
 162                         ret |= SSH_PROTO_1;
 163                         break;
 164                 case 2:
 165                         ret |= SSH_PROTO_2;
 166                         break;
 167                 default:
 168                         log("ignoring bad proto spec: '%s'.", p);
 169                         break;
 170                 }
 171         }
 172         xfree(s);
 173         return ret;
 174 }
 175
 176 char *
 177 compat_cipher_proposal(char *cipher_prop)
 178 {
 179         char *orig_prop, *fix_ciphers;
 180         char *cp, *tmp;
 181         size_t len;
 182
 183         if (!(datafellows & SSH_BUG_BIGENDIANAES))
 184                 return(cipher_prop);
 185
 186         len = strlen(cipher_prop) + 1;
 187         fix_ciphers = xmalloc(len);
 188         *fix_ciphers = '\0';
 189         tmp = orig_prop = xstrdup(cipher_prop);
 190         while((cp = strsep(&tmp, ",")) != NULL) {
 191                 if (strncmp(cp, "aes", 3) && strncmp(cp, "rijndael", 8)) {
 192                         if (*fix_ciphers)
 193                                 strlcat(fix_ciphers, ",", len);
 194                         strlcat(fix_ciphers, cp, len);
 195                 }
 196         }
 197         xfree(orig_prop);
 198         debug2("Original cipher proposal: %s", cipher_prop);
 199         debug2("Compat cipher proposal: %s", fix_ciphers);
 200         if (!*fix_ciphers)
 201                 fatal("No available ciphers found.");
 202
 203         return(fix_ciphers);
 204 }