# HG changeset patch # User Matt Johnston # Date 1337185572 -28800 # Node ID 63f8d6c469cf51624c9a48dbac1f2ae9b4cd82b6 # Parent 4edea9f363d0c67705f74e0170b0a9098085a954 ENABLE_USER_ALGO_LIST should work for the client diff -r 4edea9f363d0 -r 63f8d6c469cf algo.h --- a/algo.h Thu May 17 00:12:42 2012 +0800 +++ b/algo.h Thu May 17 00:26:12 2012 +0800 @@ -89,7 +89,7 @@ int *goodguess); #ifdef ENABLE_USER_ALGO_LIST -int check_user_algos(char* user_algo_list, algo_type * algos, +int check_user_algos(const char* user_algo_list, algo_type * algos, const char *algo_desc); char * algolist_string(algo_type algos[]); #endif diff -r 4edea9f363d0 -r 63f8d6c469cf common-algo.c --- a/common-algo.c Thu May 17 00:12:42 2012 +0800 +++ b/common-algo.c Thu May 17 00:26:12 2012 +0800 @@ -297,7 +297,7 @@ return ret_list; } -static int +static algo_type* check_algo(const char* algo_name, algo_type *algos) { algo_type *a; @@ -305,32 +305,25 @@ { if (strcmp(a->name, algo_name) == 0) { - a->usable = 2; - return DROPBEAR_SUCCESS; + return a; } } - return DROPBEAR_FAILURE; + return NULL; } -/* helper for check_user_algos */ static void try_add_algo(const char *algo_name, algo_type *algos, - const char *algo_desc, char ** out_list, int *num_ret) + const char *algo_desc, algo_type * new_algos, int *num_ret) { - if (check_algo(algo_name, algos) == DROPBEAR_FAILURE) + algo_type *match_algo = check_algo(algo_name, algos); + if (!match_algo) { dropbear_log(LOG_WARNING, "This Dropbear program does not support '%s' %s algorithm", algo_name, algo_desc); return; } - if (*num_ret != 0) - { - **out_list = ','; - (*out_list)++; - } - - *out_list += sprintf(*out_list, "%s", algo_name); + new_algos[*num_ret] = *match_algo; (*num_ret)++; } @@ -338,41 +331,32 @@ * options. Any that are not acceptable are removed in-place. Returns the * number of valid algorithms. */ int -check_user_algos(char* user_algo_list, algo_type * algos, +check_user_algos(const char* user_algo_list, algo_type * algos, const char *algo_desc) { + algo_type new_algos[MAX_PROPOSED_ALGO]; /* this has two passes. first we sweep through the given list of * algorithms and mark them as usable=2 in the algo_type[] array... */ int num_ret = 0; char *work_list = m_strdup(user_algo_list); char *last_name = work_list; - char *out_list = user_algo_list; char *c; for (c = work_list; *c; c++) { if (*c == ',') { *c = '\0'; - try_add_algo(last_name, algos, algo_desc, &out_list, &num_ret); + try_add_algo(last_name, algos, algo_desc, new_algos, &num_ret); last_name = c++; } } - try_add_algo(last_name, algos, algo_desc, &out_list, &num_ret); + try_add_algo(last_name, algos, algo_desc, new_algos, &num_ret); m_free(work_list); - /* ...then we mark anything with usable==1 as usable=0, and - * usable==2 as usable=1. */ - algo_type *a; - for (a = algos; a->name != NULL; a++) - { - if (a->usable == 1) - { - a->usable = 0; - } else if (a->usable == 2) - { - a->usable = 1; - } - } + new_algos[num_ret].name = NULL; + + /* Copy one more as a blank delimiter */ + memcpy(algos, new_algos, sizeof(*new_algos) * (num_ret+1)); return num_ret; } #endif // ENABLE_USER_ALGO_LIST diff -r 4edea9f363d0 -r 63f8d6c469cf common-kex.c --- a/common-kex.c Thu May 17 00:12:42 2012 +0800 +++ b/common-kex.c Thu May 17 00:26:12 2012 +0800 @@ -106,39 +106,17 @@ /* server_host_key_algorithms */ buf_put_algolist(ses.writepayload, sshhostkey); -#ifdef ENABLE_USER_ALGO_LIST - if (opts.cipher_list) - { - /* encryption_algorithms_client_to_server */ - buf_putbytes(ses.writepayload, opts.cipher_list, strlen(opts.cipher_list)); - /* encryption_algorithms_server_to_client */ - buf_putbytes(ses.writepayload, opts.cipher_list, strlen(opts.cipher_list)); - } - else -#endif - { - /* encryption_algorithms_client_to_server */ - buf_put_algolist(ses.writepayload, sshciphers); - /* encryption_algorithms_server_to_client */ - buf_put_algolist(ses.writepayload, sshciphers); - } + /* encryption_algorithms_client_to_server */ + buf_put_algolist(ses.writepayload, sshciphers); + + /* encryption_algorithms_server_to_client */ + buf_put_algolist(ses.writepayload, sshciphers); -#ifdef ENABLE_USER_ALGO_LIST - if (opts.mac_list) - { - /* mac_algorithms_client_to_server */ - buf_putbytes(ses.writepayload, opts.mac_list, strlen(opts.mac_list)); - /* mac_algorithms_server_to_client */ - buf_putbytes(ses.writepayload, opts.mac_list, strlen(opts.mac_list)); - } - else -#endif - { - /* mac_algorithms_client_to_server */ - buf_put_algolist(ses.writepayload, sshhashes); - /* mac_algorithms_server_to_client */ - buf_put_algolist(ses.writepayload, sshhashes); - } + /* mac_algorithms_client_to_server */ + buf_put_algolist(ses.writepayload, sshhashes); + + /* mac_algorithms_server_to_client */ + buf_put_algolist(ses.writepayload, sshhashes); /* compression_algorithms_client_to_server */ diff -r 4edea9f363d0 -r 63f8d6c469cf options.h --- a/options.h Thu May 17 00:12:42 2012 +0800 +++ b/options.h Thu May 17 00:26:12 2012 +0800 @@ -81,7 +81,7 @@ #define ENABLE_CLI_NETCAT /* Whether to support "-c" and "-m" flags to choose ciphers/MACs at runtime */ -/* #define ENABLE_USER_ALGO_LIST*/ +#define ENABLE_USER_ALGO_LIST /* Encryption - at least one required. * Protocol RFC requires 3DES and recommends AES128 for interoperability.