version 1.81, 2013/05/17 00:13:13 |
version 1.82, 2013/12/30 23:52:27 |
|
|
for (i = 0; check[i].pat; i++) { |
for (i = 0; check[i].pat; i++) { |
if (match_pattern_list(version, check[i].pat, |
if (match_pattern_list(version, check[i].pat, |
strlen(check[i].pat), 0) == 1) { |
strlen(check[i].pat), 0) == 1) { |
debug("match: %s pat %s", version, check[i].pat); |
|
datafellows = check[i].bugs; |
datafellows = check[i].bugs; |
|
debug("match: %s pat %s compat 0x%08x", |
|
version, check[i].pat, datafellows); |
return; |
return; |
} |
} |
} |
} |
|
|
return ret; |
return ret; |
} |
} |
|
|
char * |
/* |
compat_cipher_proposal(char *cipher_prop) |
* Filters a proposal string, excluding any algorithm matching the 'filter' |
|
* pattern list. |
|
*/ |
|
static char * |
|
filter_proposal(char *proposal, const char *filter) |
{ |
{ |
Buffer b; |
Buffer b; |
char *orig_prop, *fix_ciphers; |
char *orig_prop, *fix_prop; |
char *cp, *tmp; |
char *cp, *tmp; |
|
|
if (!(datafellows & SSH_BUG_BIGENDIANAES)) |
|
return(cipher_prop); |
|
|
|
buffer_init(&b); |
buffer_init(&b); |
tmp = orig_prop = xstrdup(cipher_prop); |
tmp = orig_prop = xstrdup(proposal); |
while ((cp = strsep(&tmp, ",")) != NULL) { |
while ((cp = strsep(&tmp, ",")) != NULL) { |
if (strncmp(cp, "aes", 3) != 0) { |
if (match_pattern_list(cp, filter, strlen(cp), 0) != 1) { |
if (buffer_len(&b) > 0) |
if (buffer_len(&b) > 0) |
buffer_append(&b, ",", 1); |
buffer_append(&b, ",", 1); |
buffer_append(&b, cp, strlen(cp)); |
buffer_append(&b, cp, strlen(cp)); |
} |
} else |
|
debug2("Compat: skipping algorithm \"%s\"", cp); |
} |
} |
buffer_append(&b, "\0", 1); |
buffer_append(&b, "\0", 1); |
fix_ciphers = xstrdup(buffer_ptr(&b)); |
fix_prop = xstrdup(buffer_ptr(&b)); |
buffer_free(&b); |
buffer_free(&b); |
free(orig_prop); |
free(orig_prop); |
debug2("Original cipher proposal: %s", cipher_prop); |
|
debug2("Compat cipher proposal: %s", fix_ciphers); |
|
if (!*fix_ciphers) |
|
fatal("No available ciphers found."); |
|
|
|
return(fix_ciphers); |
return fix_prop; |
} |
} |
|
|
|
char * |
|
compat_cipher_proposal(char *cipher_prop) |
|
{ |
|
if (!(datafellows & SSH_BUG_BIGENDIANAES)) |
|
return cipher_prop; |
|
debug2("%s: original cipher proposal: %s", __func__, cipher_prop); |
|
cipher_prop = filter_proposal(cipher_prop, "aes*"); |
|
debug2("%s: compat cipher proposal: %s", __func__, cipher_prop); |
|
if (*cipher_prop == '\0') |
|
fatal("No supported ciphers found"); |
|
return cipher_prop; |
|
} |
|
|
|
|
|
char * |
|
compat_pkalg_proposal(char *pkalg_prop) |
|
{ |
|
if (!(datafellows & SSH_BUG_RSASIGMD5)) |
|
return pkalg_prop; |
|
debug2("%s: original public key proposal: %s", __func__, pkalg_prop); |
|
pkalg_prop = filter_proposal(pkalg_prop, "ssh-rsa"); |
|
debug2("%s: compat public key proposal: %s", __func__, pkalg_prop); |
|
if (*pkalg_prop == '\0') |
|
fatal("No supported PK algorithms found"); |
|
return pkalg_prop; |
|
} |
|
|