misc: relax fatal errors in ssh_analyze_banner
Relax the cases where `ssh_analyze_banner` fails to extract a major and minor version from banners which appear like OpenSSH banners. Update the tests to demonstrate that now a banner as might be sent by `ssh-keyscan(1)` ("SSH-2.0-OpenSSH-keyscan") no longer returns failure. Signed-off-by: Jon Simons <jon@jonsimons.org> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
Этот коммит содержится в:
родитель
e66f370682
Коммит
380390c4b6
17
src/misc.c
17
src/misc.c
@ -844,6 +844,7 @@ int ssh_analyze_banner(ssh_session session, int server, int *ssh1, int *ssh2) {
|
|||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/* Make a best-effort to extract OpenSSH version numbers. */
|
||||||
openssh = strstr(banner, "OpenSSH");
|
openssh = strstr(banner, "OpenSSH");
|
||||||
if (openssh != NULL) {
|
if (openssh != NULL) {
|
||||||
char *tmp = NULL;
|
char *tmp = NULL;
|
||||||
@ -861,11 +862,8 @@ int ssh_analyze_banner(ssh_session session, int server, int *ssh1, int *ssh2) {
|
|||||||
((errno == ERANGE) && (major == ULONG_MAX)) ||
|
((errno == ERANGE) && (major == ULONG_MAX)) ||
|
||||||
((errno != 0) && (major == 0)) ||
|
((errno != 0) && (major == 0)) ||
|
||||||
((major < 1) || (major > 100))) {
|
((major < 1) || (major > 100))) {
|
||||||
ssh_set_error(session,
|
/* invalid major */
|
||||||
SSH_FATAL,
|
goto done;
|
||||||
"Invalid major version number: %s",
|
|
||||||
banner);
|
|
||||||
return -1;
|
|
||||||
}
|
}
|
||||||
|
|
||||||
minor = strtoul(openssh + 10, &tmp, 10);
|
minor = strtoul(openssh + 10, &tmp, 10);
|
||||||
@ -873,12 +871,10 @@ int ssh_analyze_banner(ssh_session session, int server, int *ssh1, int *ssh2) {
|
|||||||
((errno == ERANGE) && (major == ULONG_MAX)) ||
|
((errno == ERANGE) && (major == ULONG_MAX)) ||
|
||||||
((errno != 0) && (major == 0)) ||
|
((errno != 0) && (major == 0)) ||
|
||||||
(minor > 100)) {
|
(minor > 100)) {
|
||||||
ssh_set_error(session,
|
/* invalid minor */
|
||||||
SSH_FATAL,
|
goto done;
|
||||||
"Invalid minor version number: %s",
|
|
||||||
banner);
|
|
||||||
return -1;
|
|
||||||
}
|
}
|
||||||
|
|
||||||
session->openssh = SSH_VERSION_INT(((int) major), ((int) minor), 0);
|
session->openssh = SSH_VERSION_INT(((int) major), ((int) minor), 0);
|
||||||
|
|
||||||
SSH_LOG(SSH_LOG_RARE,
|
SSH_LOG(SSH_LOG_RARE,
|
||||||
@ -887,6 +883,7 @@ int ssh_analyze_banner(ssh_session session, int server, int *ssh1, int *ssh2) {
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
done:
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -315,35 +315,33 @@ static void torture_ssh_analyze_banner(void **state) {
|
|||||||
assert_server_banner_accepted("SSH-2.0-OpenSSH_1.99", 0, 1);
|
assert_server_banner_accepted("SSH-2.0-OpenSSH_1.99", 0, 1);
|
||||||
assert_int_equal(SSH_VERSION_INT(1, 99, 0), session->openssh);
|
assert_int_equal(SSH_VERSION_INT(1, 99, 0), session->openssh);
|
||||||
|
|
||||||
/* OpenSSH banners: major, minor version limits */
|
/* OpenSSH banners: major, minor version limits result in zero */
|
||||||
reset_banner_test();
|
assert_client_banner_accepted("SSH-2.0-OpenSSH_0.99p1", 0, 1);
|
||||||
assert_client_banner_rejected("SSH-2.0-OpenSSH_0.99p1");
|
assert_int_equal(0, session->openssh);
|
||||||
reset_banner_test();
|
assert_server_banner_accepted("SSH-2.0-OpenSSH_0.99p1", 0, 1);
|
||||||
assert_server_banner_rejected("SSH-2.0-OpenSSH_0.99p1");
|
assert_int_equal(0, session->openssh);
|
||||||
reset_banner_test();
|
assert_client_banner_accepted("SSH-2.0-OpenSSH_1.101p1", 0, 1);
|
||||||
assert_client_banner_rejected("SSH-2.0-OpenSSH_1.101p1");
|
assert_int_equal(0, session->openssh);
|
||||||
reset_banner_test();
|
assert_server_banner_accepted("SSH-2.0-OpenSSH_1.101p1", 0, 1);
|
||||||
assert_server_banner_rejected("SSH-2.0-OpenSSH_1.101p1");
|
assert_int_equal(0, session->openssh);
|
||||||
|
|
||||||
/* OpenSSH banners: bogus major */
|
/* OpenSSH banners: bogus major results in zero */
|
||||||
reset_banner_test();
|
assert_client_banner_accepted("SSH-2.0-OpenSSH_X.9p1", 0, 1);
|
||||||
assert_client_banner_rejected("SSH-2.0-OpenSSH_X.9p1");
|
assert_int_equal(0, session->openssh);
|
||||||
reset_banner_test();
|
assert_server_banner_accepted("SSH-2.0-OpenSSH_X.9p1", 0, 1);
|
||||||
assert_server_banner_rejected("SSH-2.0-OpenSSH_X.9p1");
|
assert_int_equal(0, session->openssh);
|
||||||
|
|
||||||
/* OpenSSH banners: bogus minor */
|
/* OpenSSH banners: bogus minor results in zero */
|
||||||
reset_banner_test();
|
assert_server_banner_accepted("SSH-2.0-OpenSSH_5.Yp1", 0, 1);
|
||||||
assert_server_banner_rejected("SSH-2.0-OpenSSH_5.Yp1");
|
assert_int_equal(0, session->openssh);
|
||||||
reset_banner_test();
|
assert_client_banner_accepted("SSH-2.0-OpenSSH_5.Yp1", 0, 1);
|
||||||
assert_client_banner_rejected("SSH-2.0-OpenSSH_5.Yp1");
|
assert_int_equal(0, session->openssh);
|
||||||
|
|
||||||
/* OpenSSH banners: ssh-keyscan(1) */
|
/* OpenSSH banners: ssh-keyscan(1) */
|
||||||
#if 0 /* these don't pass */
|
|
||||||
assert_client_banner_accepted("SSH-2.0-OpenSSH-keyscan", 0, 1);
|
assert_client_banner_accepted("SSH-2.0-OpenSSH-keyscan", 0, 1);
|
||||||
assert_int_equal(0, session->openssh);
|
assert_int_equal(0, session->openssh);
|
||||||
assert_server_banner_accepted("SSH-2.0-OpenSSH-keyscan", 0, 1);
|
assert_server_banner_accepted("SSH-2.0-OpenSSH-keyscan", 0, 1);
|
||||||
assert_int_equal(0, session->openssh);
|
assert_int_equal(0, session->openssh);
|
||||||
#endif /* these don't pass */
|
|
||||||
|
|
||||||
ssh_free(session);
|
ssh_free(session);
|
||||||
}
|
}
|
||||||
|
Загрузка…
x
Ссылка в новой задаче
Block a user