version 1.17, 2019/09/06 05:23:55 |
version 1.18, 2019/09/13 04:36:43 |
|
|
const char *mismatch = "Protocol mismatch.\r\n"; |
const char *mismatch = "Protocol mismatch.\r\n"; |
const u_char *s = sshbuf_ptr(input); |
const u_char *s = sshbuf_ptr(input); |
u_char c; |
u_char c; |
char *cp, *remote_version; |
char *cp = NULL, *remote_version = NULL; |
int r, remote_major, remote_minor, expect_nl; |
int r = 0, remote_major, remote_minor, expect_nl; |
size_t n, j; |
size_t n, j; |
|
|
for (j = n = 0;;) { |
for (j = n = 0;;) { |
|
|
if (sshbuf_len(banner) >= 4 && |
if (sshbuf_len(banner) >= 4 && |
memcmp(sshbuf_ptr(banner), "SSH-", 4) == 0) |
memcmp(sshbuf_ptr(banner), "SSH-", 4) == 0) |
break; |
break; |
if ((cp = sshbuf_dup_string(banner)) == NULL) |
debug("%s: %.*s", __func__, (int)sshbuf_len(banner), |
return SSH_ERR_ALLOC_FAIL; |
sshbuf_ptr(banner)); |
debug("%s: %s", __func__, cp); |
|
free(cp); |
|
/* Accept lines before banner only on client */ |
/* Accept lines before banner only on client */ |
if (ssh->kex->server || ++n > SSH_MAX_PRE_BANNER_LINES) { |
if (ssh->kex->server || ++n > SSH_MAX_PRE_BANNER_LINES) { |
bad: |
bad: |
|
|
if ((r = sshbuf_consume(input, j)) != 0) |
if ((r = sshbuf_consume(input, j)) != 0) |
return r; |
return r; |
|
|
if ((cp = sshbuf_dup_string(banner)) == NULL) |
|
return SSH_ERR_ALLOC_FAIL; |
|
/* XXX remote version must be the same size as banner for sscanf */ |
/* XXX remote version must be the same size as banner for sscanf */ |
if ((remote_version = calloc(1, sshbuf_len(banner))) == NULL) |
if ((cp = sshbuf_dup_string(banner)) == NULL || |
return SSH_ERR_ALLOC_FAIL; |
(remote_version = calloc(1, sshbuf_len(banner))) == NULL) { |
|
r = SSH_ERR_ALLOC_FAIL; |
|
goto out; |
|
} |
|
|
/* |
/* |
* Check that the versions match. In future this might accept |
* Check that the versions match. In future this might accept |
* several versions and set appropriate flags to handle them. |
* several versions and set appropriate flags to handle them. |
*/ |
*/ |
if (sscanf(cp, "SSH-%d.%d-%[^\n]\n", |
if (sscanf(cp, "SSH-%d.%d-%[^\n]\n", |
&remote_major, &remote_minor, remote_version) != 3) |
&remote_major, &remote_minor, remote_version) != 3) { |
return SSH_ERR_INVALID_FORMAT; |
r = SSH_ERR_INVALID_FORMAT; |
|
goto out; |
|
} |
debug("Remote protocol version %d.%d, remote software version %.100s", |
debug("Remote protocol version %d.%d, remote software version %.100s", |
remote_major, remote_minor, remote_version); |
remote_major, remote_minor, remote_version); |
|
|
|
|
remote_minor = 0; |
remote_minor = 0; |
} |
} |
if (remote_major != 2) |
if (remote_major != 2) |
return SSH_ERR_PROTOCOL_MISMATCH; |
r = SSH_ERR_PROTOCOL_MISMATCH; |
|
|
debug("Remote version string %.100s", cp); |
debug("Remote version string %.100s", cp); |
|
out: |
free(cp); |
free(cp); |
return 0; |
free(remote_version); |
|
return r; |
} |
} |
|
|
/* Send our own protocol version identification. */ |
/* Send our own protocol version identification. */ |