| version 1.120, 2022/07/01 03:35:45 |
version 1.121, 2023/02/02 12:10:05 |
|
|
| char * |
char * |
| compat_kex_proposal(struct ssh *ssh, char *p) |
compat_kex_proposal(struct ssh *ssh, char *p) |
| { |
{ |
| char *cp = NULL; |
char *cp = NULL, *cp2 = NULL; |
| |
|
| if ((ssh->compat & (SSH_BUG_CURVE25519PAD|SSH_OLD_DHGEX)) == 0) |
if ((ssh->compat & (SSH_BUG_CURVE25519PAD|SSH_OLD_DHGEX)) == 0) |
| return xstrdup(p); |
return xstrdup(p); |
| debug2_f("original KEX proposal: %s", p); |
debug2_f("original KEX proposal: %s", p); |
| if ((ssh->compat & SSH_BUG_CURVE25519PAD) != 0) |
if ((ssh->compat & SSH_BUG_CURVE25519PAD) != 0) |
| if ((p = match_filter_denylist(p, |
if ((cp = match_filter_denylist(p, |
| "curve25519-sha256@libssh.org")) == NULL) |
"curve25519-sha256@libssh.org")) == NULL) |
| fatal("match_filter_denylist failed"); |
fatal("match_filter_denylist failed"); |
| if ((ssh->compat & SSH_OLD_DHGEX) != 0) { |
if ((ssh->compat & SSH_OLD_DHGEX) != 0) { |
| cp = p; |
if ((cp2 = match_filter_denylist(cp ? cp : p, |
| if ((p = match_filter_denylist(p, |
|
| "diffie-hellman-group-exchange-sha256," |
"diffie-hellman-group-exchange-sha256," |
| "diffie-hellman-group-exchange-sha1")) == NULL) |
"diffie-hellman-group-exchange-sha1")) == NULL) |
| fatal("match_filter_denylist failed"); |
fatal("match_filter_denylist failed"); |
| free(cp); |
free(cp); |
| |
cp = cp2; |
| } |
} |
| debug2_f("compat KEX proposal: %s", p); |
if (cp == NULL || *cp == '\0') |
| if (*p == '\0') |
|
| fatal("No supported key exchange algorithms found"); |
fatal("No supported key exchange algorithms found"); |
| return p; |
debug2_f("compat KEX proposal: %s", cp); |
| |
return cp; |
| } |
} |
| |
|
![[BACK]](/icons/back.gif){kind=icon}
Return to compat.c CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [local] / src / usr.bin / ssh