compat.c

   1 /*
   2  * Copyright (c) 1999, 2000, 2001 Markus Friedl.  All rights reserved.
   3  *
   4  * Redistribution and use in source and binary forms, with or without
   5  * modification, are permitted provided that the following conditions
   6  * are met:
   7  * 1. Redistributions of source code must retain the above copyright
   8  *    notice, this list of conditions and the following disclaimer.
   9  * 2. Redistributions in binary form must reproduce the above copyright
  10  *    notice, this list of conditions and the following disclaimer in the
  11  *    documentation and/or other materials provided with the distribution.
  12  *
  13  * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
  14  * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
  15  * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
  16  * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
  17  * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
  18  * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
  19  * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
  20  * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
  21  * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
  22  * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  23  */
  24
  25 #include "includes.h"
  26 RCSID("$OpenBSD: compat.c,v 1.53 2001/09/20 13:50:40 markus Exp $");
  27
  28 #ifdef HAVE_LIBPCRE
  29 #  include <pcreposix.h>
  30 #else /* Use native regex libraries */
  31 #  ifdef HAVE_REGEX_H
  32 #    include <regex.h>
  33 #  else
  34 #    include "openbsd-compat/fake-regex.h"
  35 #  endif
  36 #endif /* HAVE_LIBPCRE */
  37
  38 #include "packet.h"
  39 #include "xmalloc.h"
  40 #include "compat.h"
  41 #include "log.h"
  42
  43 int compat13 = 0;
  44 int compat20 = 0;
  45 int datafellows = 0;
  46
  47 void
  48 enable_compat20(void)
  49 {
  50         verbose("Enabling compatibility mode for protocol 2.0");
  51         compat20 = 1;
  52 }
  53 void
  54 enable_compat13(void)
  55 {
  56         verbose("Enabling compatibility mode for protocol 1.3");
  57         compat13 = 1;
  58 }
  59 /* datafellows bug compatibility */
  60 void
  61 compat_datafellows(const char *version)
  62 {
  63         int i, ret;
  64         char ebuf[1024];
  65         regex_t reg;
  66         static struct {
  67                 char    *pat;
  68                 int     bugs;
  69         } check[] = {
  70                 { "^OpenSSH[-_]2\\.[012]",
  71                                         SSH_OLD_SESSIONID|SSH_BUG_BANNER|
  72                                         SSH_OLD_DHGEX|SSH_BUG_NOREKEY },
  73                 { "^OpenSSH_2\\.3\\.0", SSH_BUG_BANNER|SSH_BUG_BIGENDIANAES|
  74                                         SSH_OLD_DHGEX|SSH_BUG_NOREKEY},
  75                 { "^OpenSSH_2\\.3\\.",  SSH_BUG_BIGENDIANAES|SSH_OLD_DHGEX|
  76                                         SSH_BUG_NOREKEY},
  77                 { "^OpenSSH_2\\.5\\.[01]p1",
  78                                         SSH_BUG_BIGENDIANAES|SSH_OLD_DHGEX|
  79                                         SSH_BUG_NOREKEY },
  80                 { "^OpenSSH_2\\.5\\.[012]",
  81                                         SSH_OLD_DHGEX|SSH_BUG_NOREKEY },
  82                 { "^OpenSSH_2\\.5\\.3",
  83                                         SSH_BUG_NOREKEY },
  84                 { "^OpenSSH",           0 },
  85                 { "MindTerm",           0 },
  86                 { "^2\\.1\\.0",         SSH_BUG_SIGBLOB|SSH_BUG_HMAC|
  87                                         SSH_OLD_SESSIONID|SSH_BUG_DEBUG|
  88                                         SSH_BUG_RSASIGMD5|SSH_BUG_HBSERVICE },
  89                 { "^2\\.1 ",            SSH_BUG_SIGBLOB|SSH_BUG_HMAC|
  90                                         SSH_OLD_SESSIONID|SSH_BUG_DEBUG|
  91                                         SSH_BUG_RSASIGMD5|SSH_BUG_HBSERVICE },
  92                 { "^2\\.0\\.1[3-9]",    SSH_BUG_SIGBLOB|SSH_BUG_HMAC|
  93                                         SSH_OLD_SESSIONID|SSH_BUG_DEBUG|
  94                                         SSH_BUG_PKSERVICE|SSH_BUG_X11FWD|
  95                                         SSH_BUG_PKOK|SSH_BUG_RSASIGMD5|
  96                                         SSH_BUG_HBSERVICE|SSH_BUG_OPENFAILURE|
  97                                         SSH_BUG_DUMMYCHAN },
  98                 { "^2\\.0\\.1[1-2]",    SSH_BUG_SIGBLOB|SSH_BUG_HMAC|
  99                                         SSH_OLD_SESSIONID|SSH_BUG_DEBUG|
 100                                         SSH_BUG_PKSERVICE|SSH_BUG_X11FWD|
 101                                         SSH_BUG_PKAUTH|SSH_BUG_PKOK|
 102                                         SSH_BUG_RSASIGMD5|SSH_BUG_OPENFAILURE|
 103                                         SSH_BUG_DUMMYCHAN },
 104                 { "^2\\.0\\.",          SSH_BUG_SIGBLOB|SSH_BUG_HMAC|
 105                                         SSH_OLD_SESSIONID|SSH_BUG_DEBUG|
 106                                         SSH_BUG_PKSERVICE|SSH_BUG_X11FWD|
 107                                         SSH_BUG_PKAUTH|SSH_BUG_PKOK|
 108                                         SSH_BUG_RSASIGMD5|SSH_BUG_OPENFAILURE|
 109                                         SSH_BUG_DERIVEKEY|SSH_BUG_DUMMYCHAN },
 110                 { "^2\\.[23]\\.0",      SSH_BUG_HMAC|SSH_BUG_DEBUG|
 111                                         SSH_BUG_RSASIGMD5 },
 112                 { "^2\\.3\\.",          SSH_BUG_DEBUG|SSH_BUG_RSASIGMD5 },
 113                 { "^2\\.[2-9]\\.",      SSH_BUG_DEBUG },
 114                 { "^3\\.0\\.",          SSH_BUG_DEBUG },
 115                 { "^2\\.4$",            SSH_OLD_SESSIONID },    /* Van Dyke */
 116                 { "^3\\.0 SecureCRT",   SSH_OLD_SESSIONID },
 117                 { "^1\\.7 SecureFX",    SSH_OLD_SESSIONID },
 118                 { "^1\\.2\\.1[89]",     SSH_BUG_IGNOREMSG },
 119                 { "^1\\.2\\.2[012]",    SSH_BUG_IGNOREMSG },
 120                 { "^1\\.3\\.2",         SSH_BUG_IGNOREMSG },    /* f-secure */
 121                 { "^SSH Compatible Server",                     /* Netscreen */
 122                                         SSH_BUG_PASSWORDPAD },
 123                 { "^OSU_0",             SSH_BUG_PASSWORDPAD },
 124                 { "^OSU_1\\.[0-4]",     SSH_BUG_PASSWORDPAD },
 125                 { "^OSU_1\\.5alpha[1-3]",
 126                                         SSH_BUG_PASSWORDPAD },
 127                 { "^SSH_Version_Mapper",
 128                                         SSH_BUG_SCANNER },
 129                 { NULL,                 0 }
 130         };
 131         /* process table, return first match */
 132         for (i = 0; check[i].pat; i++) {
 133                 ret = regcomp(&reg, check[i].pat, REG_EXTENDED|REG_NOSUB);
 134                 if (ret != 0) {
 135                         regerror(ret, &reg, ebuf, sizeof(ebuf));
 136                         ebuf[sizeof(ebuf)-1] = '\0';
 137                         error("regerror: %s", ebuf);
 138                         continue;
 139                 }
 140                 ret = regexec(&reg, version, 0, NULL, 0);
 141                 regfree(&reg);
 142                 if (ret == 0) {
 143                         debug("match: %s pat %s", version, check[i].pat);
 144                         datafellows = check[i].bugs;
 145                         return;
 146                 }
 147         }
 148         debug("no match: %s", version);
 149 }
 150
 151 #define SEP     ","
 152 int
 153 proto_spec(const char *spec)
 154 {
 155         char *s, *p, *q;
 156         int ret = SSH_PROTO_UNKNOWN;
 157
 158         if (spec == NULL)
 159                 return ret;
 160         q = s = xstrdup(spec);
 161         for ((p = strsep(&q, SEP)); p && *p != '\0'; (p = strsep(&q, SEP))) {
 162                 switch(atoi(p)) {
 163                 case 1:
 164                         if (ret == SSH_PROTO_UNKNOWN)
 165                                 ret |= SSH_PROTO_1_PREFERRED;
 166                         ret |= SSH_PROTO_1;
 167                         break;
 168                 case 2:
 169                         ret |= SSH_PROTO_2;
 170                         break;
 171                 default:
 172                         log("ignoring bad proto spec: '%s'.", p);
 173                         break;
 174                 }
 175         }
 176         xfree(s);
 177         return ret;
 178 }
 179
 180 char *
 181 compat_cipher_proposal(char *cipher_prop)
 182 {
 183         char *orig_prop, *fix_ciphers;
 184         char *cp, *tmp;
 185         size_t len;
 186
 187         if (!(datafellows & SSH_BUG_BIGENDIANAES))
 188                 return(cipher_prop);
 189
 190         len = strlen(cipher_prop) + 1;
 191         fix_ciphers = xmalloc(len);
 192         *fix_ciphers = '\0';
 193         tmp = orig_prop = xstrdup(cipher_prop);
 194         while((cp = strsep(&tmp, ",")) != NULL) {
 195                 if (strncmp(cp, "aes", 3) && strncmp(cp, "rijndael", 8)) {
 196                         if (*fix_ciphers)
 197                                 strlcat(fix_ciphers, ",", len);
 198                         strlcat(fix_ciphers, cp, len);
 199                 }
 200         }
 201         xfree(orig_prop);
 202         debug2("Original cipher proposal: %s", cipher_prop);
 203         debug2("Compat cipher proposal: %s", fix_ciphers);
 204         if (!*fix_ciphers)
 205                 fatal("No available ciphers found.");
 206
 207         return(fix_ciphers);
 208 }