You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
157 lines
4.6 KiB
157 lines
4.6 KiB
From 4893f9515da2696490e6bbe9aaf51f2ef9678b0f Mon Sep 17 00:00:00 2001
|
|
From: Nikos Mavrogiannopoulos <nmav@redhat.com>
|
|
Date: Thu, 24 Aug 2017 16:28:39 +0200
|
|
Subject: [PATCH 2/2] ssh_options_set_algo: ensure we only set known algorithms
|
|
internally
|
|
|
|
That way, we will not fail later on key exchange phase when something
|
|
unknown is negotiated.
|
|
|
|
Fixes T37
|
|
|
|
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
|
|
Reviewed-by: Andreas Schneider <asn@samba.org>
|
|
(cherry picked from commit 895055ab38e7716390019aae5e11771a88b99d26)
|
|
Signed-off-by: Mihai Moldovan <ionic@ionic.de>
|
|
---
|
|
include/libssh/kex.h | 1 +
|
|
src/kex.c | 75 ++++++++++++++++++++++++++++++++++++++++++++++++++++
|
|
src/options.c | 11 ++++----
|
|
3 files changed, 81 insertions(+), 6 deletions(-)
|
|
|
|
diff --git a/include/libssh/kex.h b/include/libssh/kex.h
|
|
index 1a5b6d41..23594985 100644
|
|
--- a/include/libssh/kex.h
|
|
+++ b/include/libssh/kex.h
|
|
@@ -41,6 +41,7 @@ void ssh_list_kex(struct ssh_kex_struct *kex);
|
|
int set_client_kex(ssh_session session);
|
|
int ssh_kex_select_methods(ssh_session session);
|
|
int verify_existing_algo(int algo, const char *name);
|
|
+char *keep_known_algos(int algo, const char *list);
|
|
char **space_tokenize(const char *chain);
|
|
int ssh_get_kex1(ssh_session session);
|
|
char *ssh_find_matching(const char *in_d, const char *what_d);
|
|
diff --git a/src/kex.c b/src/kex.c
|
|
index 519d79ce..f0c9d067 100644
|
|
--- a/src/kex.c
|
|
+++ b/src/kex.c
|
|
@@ -281,6 +281,71 @@ char *ssh_find_matching(const char *available_d, const char *preferred_d){
|
|
return NULL;
|
|
}
|
|
|
|
+static char *ssh_find_all_matching(const char *available_d,
|
|
+ const char *preferred_d)
|
|
+{
|
|
+ char **tok_available, **tok_preferred;
|
|
+ int i_avail, i_pref;
|
|
+ char *ret;
|
|
+ unsigned max, len, pos = 0;
|
|
+
|
|
+ if ((available_d == NULL) || (preferred_d == NULL)) {
|
|
+ return NULL; /* don't deal with null args */
|
|
+ }
|
|
+
|
|
+ max = MAX(strlen(available_d), strlen(preferred_d));
|
|
+
|
|
+ ret = malloc(max+1);
|
|
+ if (ret == NULL) {
|
|
+ return NULL;
|
|
+ }
|
|
+ ret[0] = 0;
|
|
+
|
|
+ tok_available = tokenize(available_d);
|
|
+ if (tok_available == NULL) {
|
|
+ SAFE_FREE(ret);
|
|
+ return NULL;
|
|
+ }
|
|
+
|
|
+ tok_preferred = tokenize(preferred_d);
|
|
+ if (tok_preferred == NULL) {
|
|
+ SAFE_FREE(ret);
|
|
+ SAFE_FREE(tok_available[0]);
|
|
+ SAFE_FREE(tok_available);
|
|
+ return NULL;
|
|
+ }
|
|
+
|
|
+ for (i_pref = 0; tok_preferred[i_pref] ; ++i_pref) {
|
|
+ for (i_avail = 0; tok_available[i_avail]; ++i_avail) {
|
|
+ int cmp = strcmp(tok_available[i_avail],tok_preferred[i_pref]);
|
|
+ if (cmp == 0) {
|
|
+ /* match */
|
|
+ if (pos != 0) {
|
|
+ ret[pos] = ',';
|
|
+ pos++;
|
|
+ }
|
|
+
|
|
+ len = strlen(tok_available[i_avail]);
|
|
+ memcpy(&ret[pos], tok_available[i_avail], len);
|
|
+ pos += len;
|
|
+ ret[pos] = '\0';
|
|
+ }
|
|
+ }
|
|
+ }
|
|
+
|
|
+ if (ret[0] == '\0') {
|
|
+ SAFE_FREE(ret);
|
|
+ ret = NULL;
|
|
+ }
|
|
+
|
|
+ SAFE_FREE(tok_available[0]);
|
|
+ SAFE_FREE(tok_preferred[0]);
|
|
+ SAFE_FREE(tok_available);
|
|
+ SAFE_FREE(tok_preferred);
|
|
+
|
|
+ return ret;
|
|
+}
|
|
+
|
|
/**
|
|
* @internal
|
|
* @brief returns whether the first client key exchange algorithm or
|
|
@@ -668,4 +733,14 @@ int verify_existing_algo(int algo, const char *name){
|
|
return 0;
|
|
}
|
|
|
|
+/* returns a copy of the provided list if everything is supported,
|
|
+ * otherwise a new list of the supported algorithms */
|
|
+char *keep_known_algos(int algo, const char *list)
|
|
+{
|
|
+ if ((algo > 9) || (algo < 0)) {
|
|
+ return NULL;
|
|
+ }
|
|
+
|
|
+ return ssh_find_all_matching(supported_methods[algo], list);
|
|
+}
|
|
/* vim: set ts=2 sw=2 et cindent: */
|
|
diff --git a/src/options.c b/src/options.c
|
|
index aed2dda5..34fe9cc7 100644
|
|
--- a/src/options.c
|
|
+++ b/src/options.c
|
|
@@ -164,7 +164,10 @@ int ssh_options_copy(ssh_session src, ssh_session *dest) {
|
|
|
|
int ssh_options_set_algo(ssh_session session, int algo,
|
|
const char *list) {
|
|
- if (!verify_existing_algo(algo, list)) {
|
|
+ char *p = NULL;
|
|
+
|
|
+ p = keep_known_algos(algo, list);
|
|
+ if (p == NULL) {
|
|
ssh_set_error(session, SSH_REQUEST_DENIED,
|
|
"Setting method: no algorithm for method \"%s\" (%s)\n",
|
|
ssh_kex_get_description(algo), list);
|
|
@@ -172,11 +175,7 @@ int ssh_options_set_algo(ssh_session session, int algo,
|
|
}
|
|
|
|
SAFE_FREE(session->opts.wanted_methods[algo]);
|
|
- session->opts.wanted_methods[algo] = strdup(list);
|
|
- if (session->opts.wanted_methods[algo] == NULL) {
|
|
- ssh_set_error_oom(session);
|
|
- return -1;
|
|
- }
|
|
+ session->opts.wanted_methods[algo] = p;
|
|
|
|
return 0;
|
|
}
|
|
--
|
|
2.15.1
|
|
|