Fixes the broken algorithm choice for server
Этот коммит содержится в:
Aris Adamantiadis
родитель
7d49e49e74
Коммит
9da13d4ff8
48
libssh/kex.c
48
libssh/kex.c
@ -195,48 +195,48 @@ char **space_tokenize(const char *chain){
|
||||
return tokens;
|
||||
}
|
||||
|
||||
/* find_matching gets 2 parameters : a list of available objects (in_d), separated by colons,*/
|
||||
/* and a list of prefered objects (what_d) */
|
||||
/* find_matching gets 2 parameters : a list of available objects (available_d), separated by colons,*/
|
||||
/* and a list of preferred objects (preferred_d) */
|
||||
/* it will return a strduped pointer on the first prefered object found in the available objects list */
|
||||
|
||||
char *ssh_find_matching(const char *in_d, const char *what_d){
|
||||
char ** tok_in, **tok_what;
|
||||
int i_in, i_what;
|
||||
char *ssh_find_matching(const char *available_d, const char *preferred_d){
|
||||
char ** tok_available, **tok_preferred;
|
||||
int i_avail, i_pref;
|
||||
char *ret;
|
||||
|
||||
if ((in_d == NULL) || (what_d == NULL)) {
|
||||
if ((available_d == NULL) || (preferred_d == NULL)) {
|
||||
return NULL; /* don't deal with null args */
|
||||
}
|
||||
|
||||
tok_in = tokenize(in_d);
|
||||
if (tok_in == NULL) {
|
||||
tok_available = tokenize(available_d);
|
||||
if (tok_available == NULL) {
|
||||
return NULL;
|
||||
}
|
||||
|
||||
tok_what = tokenize(what_d);
|
||||
if (tok_what == NULL) {
|
||||
SAFE_FREE(tok_in[0]);
|
||||
SAFE_FREE(tok_in);
|
||||
tok_preferred = tokenize(preferred_d);
|
||||
if (tok_preferred == NULL) {
|
||||
SAFE_FREE(tok_available[0]);
|
||||
SAFE_FREE(tok_available);
|
||||
}
|
||||
|
||||
for(i_what=0; tok_what[i_what] ; ++i_what){
|
||||
for(i_in=0; tok_in[i_in]; ++i_in){
|
||||
if(!strcmp(tok_in[i_in],tok_what[i_what])){
|
||||
for(i_pref=0; tok_preferred[i_pref] ; ++i_pref){
|
||||
for(i_avail=0; tok_available[i_avail]; ++i_avail){
|
||||
if(!strcmp(tok_available[i_avail],tok_preferred[i_pref])){
|
||||
/* match */
|
||||
ret=strdup(tok_in[i_in]);
|
||||
ret=strdup(tok_available[i_avail]);
|
||||
/* free the tokens */
|
||||
free(tok_in[0]);
|
||||
free(tok_what[0]);
|
||||
free(tok_in);
|
||||
free(tok_what);
|
||||
free(tok_available[0]);
|
||||
free(tok_preferred[0]);
|
||||
free(tok_available);
|
||||
free(tok_preferred);
|
||||
return ret;
|
||||
}
|
||||
}
|
||||
}
|
||||
free(tok_in[0]);
|
||||
free(tok_what[0]);
|
||||
free(tok_in);
|
||||
free(tok_what);
|
||||
free(tok_available[0]);
|
||||
free(tok_preferred[0]);
|
||||
free(tok_available);
|
||||
free(tok_preferred);
|
||||
return NULL;
|
||||
}
|
||||
|
||||
|
||||
@ -1001,7 +1001,8 @@ int crypt_set_algorithms_server(ssh_session session){
|
||||
/* out */
|
||||
server = session->server_kex.methods[SSH_CRYPT_S_C];
|
||||
client = session->client_kex.methods[SSH_CRYPT_S_C];
|
||||
match = ssh_find_matching(client, server);
|
||||
/* That's the client algorithms that are more important */
|
||||
match = ssh_find_matching(server,client);
|
||||
|
||||
if(!match){
|
||||
ssh_set_error(session,SSH_FATAL,"Crypt_set_algorithms_server : no matching algorithm function found for %s",server);
|
||||
@ -1030,7 +1031,7 @@ int crypt_set_algorithms_server(ssh_session session){
|
||||
/* in */
|
||||
client=session->client_kex.methods[SSH_CRYPT_C_S];
|
||||
server=session->server_kex.methods[SSH_CRYPT_S_C];
|
||||
match=ssh_find_matching(client,server);
|
||||
match=ssh_find_matching(server,client);
|
||||
if(!match){
|
||||
ssh_set_error(session,SSH_FATAL,"Crypt_set_algorithms_server : no matching algorithm function found for %s",server);
|
||||
free(match);
|
||||
@ -1058,7 +1059,7 @@ int crypt_set_algorithms_server(ssh_session session){
|
||||
/* compression */
|
||||
client=session->client_kex.methods[SSH_CRYPT_C_S];
|
||||
server=session->server_kex.methods[SSH_CRYPT_C_S];
|
||||
match=ssh_find_matching(client,server);
|
||||
match=ssh_find_matching(server,client);
|
||||
if(match && !strcmp(match,"zlib")){
|
||||
ssh_log(session,SSH_LOG_PACKET,"enabling C->S compression");
|
||||
session->next_crypto->do_compress_in=1;
|
||||
@ -1067,7 +1068,7 @@ int crypt_set_algorithms_server(ssh_session session){
|
||||
|
||||
client=session->client_kex.methods[SSH_CRYPT_S_C];
|
||||
server=session->server_kex.methods[SSH_CRYPT_S_C];
|
||||
match=ssh_find_matching(client,server);
|
||||
match=ssh_find_matching(server,client);
|
||||
if(match && !strcmp(match,"zlib")){
|
||||
ssh_log(session,SSH_LOG_PACKET,"enabling S->C compression\n");
|
||||
session->next_crypto->do_compress_out=1;
|
||||
@ -1076,7 +1077,7 @@ int crypt_set_algorithms_server(ssh_session session){
|
||||
|
||||
server=session->server_kex.methods[SSH_HOSTKEYS];
|
||||
client=session->client_kex.methods[SSH_HOSTKEYS];
|
||||
match=ssh_find_matching(client,server);
|
||||
match=ssh_find_matching(server,client);
|
||||
if(match && !strcmp(match,"ssh-dss"))
|
||||
session->hostkeys=TYPE_DSS;
|
||||
else if(match && !strcmp(match,"ssh-rsa"))
|
||||
|
||||
Загрузка…
x
Ссылка в новой задаче
Block a user