Mercurial > dropbear

comparison common-algo.c @ 1678:4b4cfc92c5b7

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Make server send SSH_MSG_EXT_INFO Ensure that only valid hostkey algorithms are sent in the first kex guess
author Matt Johnston <matt@ucc.asn.au>
date Thu, 21 May 2020 23:00:22 +0800
parents d5cdc60db08e
children 435cfb9ec96e
comparison
equal deleted inserted replaced
1677:e05c0e394f1d 1678:4b4cfc92c5b7
220 algo_type ssh_nocompress[] = { 220 algo_type ssh_nocompress[] = {
221 {"none", DROPBEAR_COMP_NONE, NULL, 1, NULL}, 221 {"none", DROPBEAR_COMP_NONE, NULL, 1, NULL},
222 {NULL, 0, NULL, 0, NULL} 222 {NULL, 0, NULL, 0, NULL}
223 }; 223 };
224 224
225 algo_type sshhostkey[] = { 225 algo_type sigalgs[] = {
226 #if DROPBEAR_ED25519 226 #if DROPBEAR_ED25519
227 {"ssh-ed25519", DROPBEAR_SIGNATURE_ED25519, NULL, 1, NULL}, 227 {"ssh-ed25519", DROPBEAR_SIGNATURE_ED25519, NULL, 1, NULL},
228 #endif 228 #endif
229 #if DROPBEAR_ECDSA 229 #if DROPBEAR_ECDSA
230 #if DROPBEAR_ECC_256 230 #if DROPBEAR_ECC_256
319 #endif 319 #endif
320 {NULL, 0, NULL, 0, NULL} 320 {NULL, 0, NULL, 0, NULL}
321 }; 321 };
322 322
323 /* Output a comma separated list of algorithms to a buffer */ 323 /* Output a comma separated list of algorithms to a buffer */
324 void buf_put_algolist(buffer * buf, const algo_type localalgos[]) { 324 void buf_put_algolist_all(buffer * buf, const algo_type localalgos[], int useall) {
325
326 unsigned int i, len; 325 unsigned int i, len;
327 unsigned int donefirst = 0; 326 unsigned int donefirst = 0;
328 buffer *algolist = NULL; 327 unsigned int startpos;
329 328
330 algolist = buf_new(300); 329 startpos = buf->pos;
330 /* Placeholder for length */
331 buf_putint(buf, 0);
331 for (i = 0; localalgos[i].name != NULL; i++) { 332 for (i = 0; localalgos[i].name != NULL; i++) {
332 if (localalgos[i].usable) { 333 if (localalgos[i].usable || useall) {
333 if (donefirst) 334 if (donefirst) {
334 buf_putbyte(algolist, ','); 335 buf_putbyte(buf, ',');
336 }
335 donefirst = 1; 337 donefirst = 1;
336 len = strlen(localalgos[i].name); 338 len = strlen(localalgos[i].name);
337 buf_putbytes(algolist, (const unsigned char *) localalgos[i].name, len); 339 buf_putbytes(buf, (const unsigned char *) localalgos[i].name, len);
338 } 340 }
339 } 341 }
340 buf_putstring(buf, (const char*)algolist->data, algolist->len); 342 /* Fill out the length */
341 TRACE(("algolist add '%*s'", algolist->len, algolist->data)) 343 len = buf->pos - startpos - 4;
342 buf_free(algolist); 344 buf_setpos(buf, startpos);
345 buf_putint(buf, len);
346 TRACE(("algolist add %d '%*s'", len, len, buf_getptr(buf, len)))
347 buf_incrwritepos(buf, len);
348 }
349
350 void buf_put_algolist(buffer * buf, const algo_type localalgos[]) {
351 buf_put_algolist_all(buf, localalgos, 0);
343 } 352 }
344 353
345 /* returns a list of pointers into algolist, of null-terminated names. 354 /* returns a list of pointers into algolist, of null-terminated names.
346 ret_list should be passed in with space for *ret_count elements, 355 ret_list should be passed in with space for *ret_count elements,
347 on return *ret_count has the number of names filled. 356 on return *ret_count has the number of names filled.
404 if (algolist) { 413 if (algolist) {
405 m_free(algolist); 414 m_free(algolist);
406 } 415 }
407 buf_setpos(buf, orig_pos); 416 buf_setpos(buf, orig_pos);
408 return ret; 417 return ret;
418 }
419
420 algo_type * first_usable_algo(algo_type algos[]) {
421 int i;
422 for (i = 0; algos[i].name != NULL; i++) {
423 if (algos[i].usable) {
424 return &algos[i];
425 }
426 }
427 return NULL;
409 } 428 }
410 429
411 /* match the first algorithm in the comma-separated list in buf which is 430 /* match the first algorithm in the comma-separated list in buf which is
412 * also in localalgos[], or return NULL on failure. 431 * also in localalgos[], or return NULL on failure.
413 * (*goodguess) is set to 1 if the preferred client/server algos match, 432 * (*goodguess) is set to 1 if the preferred client/server algos match,