version 1.101, 2000/04/12 07:03:06 |
version 1.102, 2000/04/12 07:45:44 |
|
|
*/ |
*/ |
int IPv4or6 = AF_UNSPEC; |
int IPv4or6 = AF_UNSPEC; |
|
|
/* Flag indicating whether SSH2 is enabled */ |
|
int allow_ssh2 = 0; |
|
|
|
/* |
/* |
* Debug mode flag. This can be set on the command line. If debug |
* Debug mode flag. This can be set on the command line. If debug |
* mode is enabled, extra debugging output will be sent to the system |
* mode is enabled, extra debugging output will be sent to the system |
|
|
void |
void |
sshd_exchange_identification(int sock_in, int sock_out) |
sshd_exchange_identification(int sock_in, int sock_out) |
{ |
{ |
int i; |
int i, mismatch; |
int remote_major, remote_minor; |
int remote_major, remote_minor; |
|
int major, minor; |
char *s; |
char *s; |
char buf[256]; /* Must not be larger than remote_version. */ |
char buf[256]; /* Must not be larger than remote_version. */ |
char remote_version[256]; /* Must be at least as big as buf. */ |
char remote_version[256]; /* Must be at least as big as buf. */ |
|
|
snprintf(buf, sizeof buf, "SSH-%d.%d-%.100s\n", |
if (options.protocol & (SSH_PROTO_1|SSH_PROTO_2)) { |
allow_ssh2 ? 1 : PROTOCOL_MAJOR, |
major = PROTOCOL_MAJOR_1; |
allow_ssh2 ? 99 : PROTOCOL_MINOR, |
minor = 99; |
SSH_VERSION); |
} else if (options.protocol & SSH_PROTO_2) { |
|
major = PROTOCOL_MAJOR_2; |
|
minor = PROTOCOL_MINOR_2; |
|
} else { |
|
major = PROTOCOL_MAJOR_1; |
|
minor = PROTOCOL_MINOR_1; |
|
} |
|
snprintf(buf, sizeof buf, "SSH-%d.%d-%.100s\n", major, minor, SSH_VERSION); |
server_version_string = xstrdup(buf); |
server_version_string = xstrdup(buf); |
|
|
if (client_version_string == NULL) { |
if (client_version_string == NULL) { |
|
|
buf[i] = '\n'; |
buf[i] = '\n'; |
buf[i + 1] = 0; |
buf[i + 1] = 0; |
continue; |
continue; |
//break; |
|
} |
} |
if (buf[i] == '\n') { |
if (buf[i] == '\n') { |
/* buf[i] == '\n' */ |
/* buf[i] == '\n' */ |
|
|
|
|
compat_datafellows(remote_version); |
compat_datafellows(remote_version); |
|
|
|
mismatch = 0; |
switch(remote_major) { |
switch(remote_major) { |
case 1: |
case 1: |
|
if (!(options.protocol & SSH_PROTO_1)) { |
|
mismatch = 1; |
|
break; |
|
} |
if (remote_minor < 3) { |
if (remote_minor < 3) { |
packet_disconnect("Your ssh version is too old and" |
packet_disconnect("Your ssh version is too old and" |
"is no longer supported. Please install a newer version."); |
"is no longer supported. Please install a newer version."); |
|
|
/* note that this disables agent-forwarding */ |
/* note that this disables agent-forwarding */ |
enable_compat13(); |
enable_compat13(); |
} |
} |
if (remote_minor != 99) |
if (remote_minor == 99) { |
break; |
if (options.protocol & SSH_PROTO_2) |
/* FALLTHROUGH */ |
enable_compat20(); |
|
else |
|
mismatch = 1; |
|
} |
|
break; |
case 2: |
case 2: |
if (allow_ssh2) { |
if (options.protocol & SSH_PROTO_2) { |
enable_compat20(); |
enable_compat20(); |
break; |
break; |
} |
} |
/* FALLTHROUGH */ |
/* FALLTHROUGH */ |
default: |
default: |
|
mismatch = 1; |
|
break; |
|
} |
|
chop(server_version_string); |
|
chop(client_version_string); |
|
debug("Local version string %.200s", server_version_string); |
|
|
|
if (mismatch) { |
s = "Protocol major versions differ.\n"; |
s = "Protocol major versions differ.\n"; |
(void) atomicio(write, sock_out, s, strlen(s)); |
(void) atomicio(write, sock_out, s, strlen(s)); |
close(sock_in); |
close(sock_in); |
close(sock_out); |
close(sock_out); |
log("Protocol major versions differ for %s: %d vs. %d", |
log("Protocol major versions differ for %s: %.200s vs. %.200s", |
get_remote_ipaddr(), PROTOCOL_MAJOR, remote_major); |
get_remote_ipaddr(), |
|
server_version_string, client_version_string); |
fatal_cleanup(); |
fatal_cleanup(); |
break; |
|
} |
} |
chop(server_version_string); |
|
chop(client_version_string); |
|
} |
} |
|
|
/* |
/* |
|
|
initialize_server_options(&options); |
initialize_server_options(&options); |
|
|
/* Parse command-line arguments. */ |
/* Parse command-line arguments. */ |
while ((opt = getopt(ac, av, "f:p:b:k:h:g:V:diqQ246")) != EOF) { |
while ((opt = getopt(ac, av, "f:p:b:k:h:g:V:diqQ46")) != EOF) { |
switch (opt) { |
switch (opt) { |
case '2': |
|
allow_ssh2 = 1; |
|
break; |
|
case '4': |
case '4': |
IPv4or6 = AF_INET; |
IPv4or6 = AF_INET; |
break; |
break; |
|
|
public_key = RSA_new(); |
public_key = RSA_new(); |
sensitive_data.private_key = RSA_new(); |
sensitive_data.private_key = RSA_new(); |
|
|
|
/* XXX check options.protocol */ |
log("Generating %d bit RSA key.", options.server_key_bits); |
log("Generating %d bit RSA key.", options.server_key_bits); |
rsa_generate_key(sensitive_data.private_key, public_key, |
rsa_generate_key(sensitive_data.private_key, public_key, |
options.server_key_bits); |
options.server_key_bits); |
|
|
char *sprop[PROPOSAL_MAX]; |
char *sprop[PROPOSAL_MAX]; |
|
|
/* KEXINIT */ |
/* KEXINIT */ |
|
|
|
if (options.ciphers != NULL) { |
|
myproposal[PROPOSAL_ENC_ALGS_CTOS] = |
|
myproposal[PROPOSAL_ENC_ALGS_STOC] = options.ciphers; |
|
} |
|
|
debug("Sending KEX init."); |
debug("Sending KEX init."); |
|
|