dropbear: common-session.c comparison

Exit with a message if the ssh protocol version is incompatible

comparison

equal deleted inserted replaced

-:8438ff0cdb74
+:7f9adaf85fca
 	if (atomicio(write, ses.sock, LOCAL_IDENT "\r\n",
 				strlen(LOCAL_IDENT "\r\n")) == DROPBEAR_FAILURE) {
 		dropbear_exit("Error writing ident string");
 	}
-	/* We allow up to 9 lines before the actual version string, to
+/* If they send more than 50 lines, something is wrong */
-	 * account for wrappers/cruft etc. According to the spec only the client
+	for (i = 0; i < 50; i++) {
-	 * needs to handle this, but no harm in letting the server handle it too */
-	for (i = 0; i < 10; i++) {
 		len = ident_readln(ses.sock, linebuf, sizeof(linebuf));
 		if (len < 0 && errno != EINTR) {
 			/* It failed */
 			break;
 	} else {
 		/* linebuf is already null terminated */
 		ses.remoteident = m_malloc(len);
 		memcpy(ses.remoteident, linebuf, len);
 	}
+/* Shall assume that 2.x will be backwards compatible. */
+if (strncmp(ses.remoteident, "SSH-2.", 6) != 0
+&& strncmp(ses.remoteident, "SSH-1.99-", 9) != 0) {
+dropbear_exit("Incompatible remote version '%s'", ses.remoteident);
+}
 	TRACE(("remoteident: %s", ses.remoteident))
 }

Mercurial > dropbear