Mercurial > dropbear
diff common-session.c @ 293:9d110777f345 contrib-blacklist
propagate from branch 'au.asn.ucc.matt.dropbear' (head 7ad1775ed65e75dbece27fe6b65bf1a234db386a)
to branch 'au.asn.ucc.matt.dropbear.contrib.blacklist' (head 1d86a4f0a401cc68c2670d821a2f6366c37af143)
| author | Matt Johnston <matt@ucc.asn.au> |
|---|---|
| date | Fri, 10 Mar 2006 06:31:29 +0000 |
| parents | 7f9adaf85fca |
| children | bf29e6659fb9 |
line wrap: on
line diff
--- a/common-session.c Tue Sep 06 04:57:14 2005 +0000 +++ b/common-session.c Fri Mar 10 06:31:29 2006 +0000 @@ -232,10 +232,8 @@ dropbear_exit("Error writing ident string"); } - /* We allow up to 9 lines before the actual version string, to - * account for wrappers/cruft etc. According to the spec only the client - * needs to handle this, but no harm in letting the server handle it too */ - for (i = 0; i < 10; i++) { + /* If they send more than 50 lines, something is wrong */ + for (i = 0; i < 50; i++) { len = ident_readln(ses.sock, linebuf, sizeof(linebuf)); if (len < 0 && errno != EINTR) { @@ -259,6 +257,12 @@ memcpy(ses.remoteident, linebuf, len); } + /* Shall assume that 2.x will be backwards compatible. */ + if (strncmp(ses.remoteident, "SSH-2.", 6) != 0 + && strncmp(ses.remoteident, "SSH-1.99-", 9) != 0) { + dropbear_exit("Incompatible remote version '%s'", ses.remoteident); + } + TRACE(("remoteident: %s", ses.remoteident)) }