X-Git-Url: http://andersk.mit.edu/gitweb/openssh.git/blobdiff_plain/cbc5abf97adc573b42064fd89661f4ab7b5cf34d..569807fb1390afd71aea47c76813c96d8414d4b9:/compat.c diff --git a/compat.c b/compat.c index b4e99a92..705121c3 100644 --- a/compat.c +++ b/compat.c @@ -23,17 +23,22 @@ */ #include "includes.h" -RCSID("$OpenBSD: compat.c,v 1.30 2000/12/03 11:29:04 markus Exp $"); +RCSID("$OpenBSD: compat.c,v 1.40 2001/03/23 11:04:06 djm Exp $"); -#include "ssh.h" -#include "packet.h" -#include "xmalloc.h" -#include "compat.h" #ifdef HAVE_LIBPCRE # include #else /* Use native regex libraries */ -# include -#endif /* HAVE_LIBRX */ +# ifdef HAVE_REGEX_H +# include +# else +# include "openbsd-compat/fake-regex.h" +# endif +#endif /* HAVE_LIBPCRE */ + +#include "packet.h" +#include "xmalloc.h" +#include "compat.h" +#include "log.h" int compat13 = 0; int compat20 = 0; @@ -62,21 +67,40 @@ compat_datafellows(const char *version) char *pat; int bugs; } check[] = { - { "^OpenSSH[-_]2\\.[012]", SSH_OLD_SESSIONID }, + { "^OpenSSH[-_]2\\.[012]", + SSH_OLD_SESSIONID|SSH_BUG_BANNER }, + { "^OpenSSH_2\\.3\\.0", SSH_BUG_BANNER|SSH_BUG_BIGENDIANAES }, + { "^OpenSSH_2\\.5\\.[01]p1", + SSH_BUG_BIGENDIANAES }, + { "^OpenSSH", 0 }, { "MindTerm", 0 }, { "^2\\.1\\.0", SSH_BUG_SIGBLOB|SSH_BUG_HMAC| - SSH_OLD_SESSIONID }, + SSH_OLD_SESSIONID|SSH_BUG_DEBUG }, + { "^2\\.1 ", SSH_BUG_SIGBLOB|SSH_BUG_HMAC| + SSH_OLD_SESSIONID|SSH_BUG_DEBUG }, { "^2\\.0\\.1[3-9]", SSH_BUG_SIGBLOB|SSH_BUG_HMAC| - SSH_OLD_SESSIONID| - SSH_BUG_PKSERVICE|SSH_BUG_X11FWD }, + SSH_OLD_SESSIONID|SSH_BUG_DEBUG| + SSH_BUG_PKSERVICE|SSH_BUG_X11FWD| + SSH_BUG_PKOK }, { "^2\\.0\\.", SSH_BUG_SIGBLOB|SSH_BUG_HMAC| - SSH_OLD_SESSIONID|SSH_BUG_PKAUTH| - SSH_BUG_PKSERVICE|SSH_BUG_X11FWD }, - { "^2\\.[23]\\.0", SSH_BUG_HMAC}, + SSH_OLD_SESSIONID|SSH_BUG_DEBUG| + SSH_BUG_PKSERVICE|SSH_BUG_X11FWD| + SSH_BUG_PKAUTH|SSH_BUG_PKOK }, + { "^2\\.[23]\\.0", SSH_BUG_HMAC }, { "^2\\.[2-9]\\.", 0 }, - { "^2\\.4$", SSH_OLD_SESSIONID}, /* Van Dyke */ - { "^3\\.0 SecureCRT", SSH_OLD_SESSIONID}, - { "^1\\.7 SecureFX", SSH_OLD_SESSIONID}, + { "^2\\.4$", SSH_OLD_SESSIONID }, /* Van Dyke */ + { "^3\\.0 SecureCRT", SSH_OLD_SESSIONID }, + { "^1\\.7 SecureFX", SSH_OLD_SESSIONID }, + { "^1\\.2\\.1[89]", SSH_BUG_IGNOREMSG }, + { "^1\\.2\\.2[012]", SSH_BUG_IGNOREMSG }, + { "^SSH Compatible Server", /* Netscreen */ + SSH_BUG_PASSWORDPAD }, + { "^OSU_0", SSH_BUG_PASSWORDPAD }, + { "^OSU_1\\.[0-4]", SSH_BUG_PASSWORDPAD }, + { "^OSU_1\\.5alpha[1-3]", + SSH_BUG_PASSWORDPAD }, + { "^SSH_Version_Mapper", + SSH_BUG_SCANNER }, { NULL, 0 } }; /* process table, return first match */ @@ -91,7 +115,7 @@ compat_datafellows(const char *version) ret = regexec(®, version, 0, NULL, 0); regfree(®); if (ret == 0) { - debug("match: %s pat %s\n", version, check[i].pat); + debug("match: %s pat %s", version, check[i].pat); datafellows = check[i].bugs; return; } @@ -127,3 +151,33 @@ proto_spec(const char *spec) xfree(s); return ret; } + +char * +compat_cipher_proposal(char *cipher_prop) +{ + char *orig_prop, *fix_ciphers; + char *cp, *tmp; + size_t len; + + if (!(datafellows & SSH_BUG_BIGENDIANAES)) + return(cipher_prop); + + len = strlen(cipher_prop) + 1; + fix_ciphers = xmalloc(len); + *fix_ciphers = '\0'; + tmp = orig_prop = xstrdup(cipher_prop); + while((cp = strsep(&tmp, ",")) != NULL) { + if (strncmp(cp, "aes", 3) && strncmp(cp, "rijndael", 8)) { + if (*fix_ciphers) + strlcat(fix_ciphers, ",", len); + strlcat(fix_ciphers, cp, len); + } + } + xfree(orig_prop); + debug2("Original cipher proposal: %s", cipher_prop); + debug2("Compat cipher proposal: %s", fix_ciphers); + if (!*fix_ciphers) + fatal("No available ciphers found."); + + return(fix_ciphers); +}