diff --git a/ssh/auth2-hostbased.c b/ssh/auth2-hostbased.c index d73a241..3be3f40 100644 --- a/ssh/auth2-hostbased.c +++ b/ssh/auth2-hostbased.c @@ -103,7 +103,7 @@ userauth_hostbased(struct ssh *ssh) "(received %d, expected %d)", __func__, key->type, pktype); goto done; } - service = datafellows & SSH_BUG_HBSERVICE ? "ssh-userauth" : + service = ssh->compat & SSH_BUG_HBSERVICE ? "ssh-userauth" : authctxt->service; buffer_init(&b); buffer_put_string(&b, session_id2, session_id2_len); @@ -123,7 +123,7 @@ userauth_hostbased(struct ssh *ssh) authenticated = 0; if (PRIVSEP(hostbased_key_allowed(authctxt->pw, cuser, chost, key)) && PRIVSEP(sshkey_verify(key, sig, slen, - buffer_ptr(&b), buffer_len(&b), datafellows)) == 0) + buffer_ptr(&b), buffer_len(&b), ssh->compat)) == 0) authenticated = 1; buffer_free(&b); diff --git a/ssh/auth2-pubkey.c b/ssh/auth2-pubkey.c index ac37cc5..53d0f53 100644 --- a/ssh/auth2-pubkey.c +++ b/ssh/auth2-pubkey.c @@ -81,7 +81,7 @@ userauth_pubkey(struct ssh *ssh) return 0; } have_sig = ssh_packet_get_char(ssh); - if (datafellows & SSH_BUG_PKAUTH) { + if (ssh->compat & SSH_BUG_PKAUTH) { debug2("%s: SSH_BUG_PKAUTH", __func__); /* no explicit pkalg given */ pkblob = ssh_packet_get_string(ssh, &blen); @@ -118,7 +118,7 @@ userauth_pubkey(struct ssh *ssh) sig = ssh_packet_get_string(ssh, &slen); ssh_packet_check_eom(ssh); buffer_init(&b); - if (datafellows & SSH_OLD_SESSIONID) { + if (ssh->compat & SSH_OLD_SESSIONID) { buffer_append(&b, session_id2, session_id2_len); } else { buffer_put_string(&b, session_id2, session_id2_len); @@ -127,10 +127,10 @@ userauth_pubkey(struct ssh *ssh) buffer_put_char(&b, SSH2_MSG_USERAUTH_REQUEST); buffer_put_cstring(&b, authctxt->user); buffer_put_cstring(&b, - datafellows & SSH_BUG_PKSERVICE ? + ssh->compat & SSH_BUG_PKSERVICE ? "ssh-userauth" : authctxt->service); - if (datafellows & SSH_BUG_PKAUTH) { + if (ssh->compat & SSH_BUG_PKAUTH) { buffer_put_char(&b, have_sig); } else { buffer_put_cstring(&b, "publickey"); @@ -145,7 +145,7 @@ userauth_pubkey(struct ssh *ssh) authenticated = 0; if (PRIVSEP(user_key_allowed(authctxt->pw, key)) && PRIVSEP(sshkey_verify(key, sig, slen, buffer_ptr(&b), - buffer_len(&b), datafellows)) == 0) + buffer_len(&b), ssh->compat)) == 0) authenticated = 1; buffer_free(&b); xfree(sig); diff --git a/ssh/auth2.c b/ssh/auth2.c index 8d24c32..c096ca9 100644 --- a/ssh/auth2.c +++ b/ssh/auth2.c @@ -136,7 +136,7 @@ userauth_banner(struct ssh *ssh) if (options.banner == NULL || strcasecmp(options.banner, "none") == 0 || - (datafellows & SSH_BUG_BANNER) != 0) + (ssh->compat & SSH_BUG_BANNER) != 0) return; if ((banner = PRIVSEP(auth2_read_banner())) == NULL) diff --git a/ssh/authfd.c b/ssh/authfd.c index 88d7101..fb4001f 100644 --- a/ssh/authfd.c +++ b/ssh/authfd.c @@ -418,9 +418,8 @@ int ssh_agent_sign(AuthenticationConnection *auth, struct sshkey *key, u_char **sigp, u_int *lenp, - u_char *data, u_int datalen) + u_char *data, u_int datalen, u_int compat) { - extern int datafellows; Buffer msg; u_char *blob; u_int blen; @@ -432,7 +431,7 @@ ssh_agent_sign(AuthenticationConnection *auth, return SSH_ERR_INVALID_ARGUMENT; } - if (datafellows & SSH_BUG_SIGBLOB) + if (compat & SSH_BUG_SIGBLOB) flags = SSH_AGENT_OLD_SIGNATURE; buffer_init(&msg); diff --git a/ssh/authfd.h b/ssh/authfd.h index 1ccc812..3f0d784 100644 --- a/ssh/authfd.h +++ b/ssh/authfd.h @@ -88,6 +88,6 @@ int ssh_decrypt_challenge(AuthenticationConnection *, struct sshkey *, int ssh_agent_sign(AuthenticationConnection *, struct sshkey *, - u_char **, u_int *, u_char *, u_int); + u_char **, u_int *, u_char *, u_int, u_int); #endif /* AUTHFD_H */ diff --git a/ssh/channels.c b/ssh/channels.c index 5588946..dfecaea 100644 --- a/ssh/channels.c +++ b/ssh/channels.c @@ -1353,7 +1353,7 @@ channel_post_x11_listener(Channel *c, fd_set *readset, fd_set *writeset) packet_put_int(nc->local_maxpacket); /* originator ipaddr and port */ packet_put_cstring(remote_ipaddr); - if (datafellows & SSH_BUG_X11FWD) { + if (active_state->compat & SSH_BUG_X11FWD) { debug2("ssh2 x11 bug compat mode"); } else { packet_put_int(remote_port); @@ -1576,7 +1576,7 @@ channel_post_connecting(Channel *c, fd_set *readset, fd_set *writeset) packet_start(SSH2_MSG_CHANNEL_OPEN_FAILURE); packet_put_int(c->remote_id); packet_put_int(SSH2_OPEN_CONNECT_FAILED); - if (!(datafellows & SSH_BUG_OPENFAILURE)) { + if (!(active_state->compat & SSH_BUG_OPENFAILURE)) { packet_put_cstring(strerror(err)); packet_put_cstring(""); } @@ -2324,7 +2324,7 @@ channel_input_extended_data(int type, u_int32_t seq, struct ssh *ssh) return 0; } if (c->flags & CHAN_EOF_RCVD) { - if (datafellows & SSH_BUG_EXTEOF) + if (active_state->compat & SSH_BUG_EXTEOF) debug("channel %d: accepting ext data after eof", id); else packet_disconnect("Received extended_data after EOF " @@ -2513,7 +2513,7 @@ channel_input_open_failure(int type, u_int32_t seq, struct ssh *ssh) "non-opening channel %d.", id); if (compat20) { reason = packet_get_int(); - if (!(datafellows & SSH_BUG_OPENFAILURE)) { + if (!(active_state->compat & SSH_BUG_OPENFAILURE)) { msg = packet_get_string(NULL); lang = packet_get_string(NULL); } @@ -2657,7 +2657,7 @@ channel_fwd_bind_addr(const char *listen_addr, int *wildcardp, if (gateway_ports) wildcard = 1; } else if (gateway_ports || is_client) { - if (((datafellows & SSH_OLD_FORWARD_ADDR) && + if (((active_state->compat & SSH_OLD_FORWARD_ADDR) && strcmp(listen_addr, "0.0.0.0") == 0 && is_client == 0) || *listen_addr == '\0' || strcmp(listen_addr, "*") == 0 || (!is_client && gateway_ports == 1)) @@ -2797,7 +2797,7 @@ channel_setup_fwd_listener(int type, const char *listen_addr, c->host_port = port_to_connect; c->listening_addr = addr == NULL ? NULL : xstrdup(addr); if (listen_port == 0 && allocated_listen_port != NULL && - !(datafellows & SSH_BUG_DYNAMIC_RPORT)) + !(active_state->compat & SSH_BUG_DYNAMIC_RPORT)) c->listening_port = *allocated_listen_port; else c->listening_port = listen_port; @@ -2893,12 +2893,12 @@ static const char * channel_rfwd_bind_host(const char *listen_host) { if (listen_host == NULL) { - if (datafellows & SSH_BUG_RFWD_ADDR) + if (active_state->compat & SSH_BUG_RFWD_ADDR) return "127.0.0.1"; else return "localhost"; } else if (*listen_host == '\0' || strcmp(listen_host, "*") == 0) { - if (datafellows & SSH_BUG_RFWD_ADDR) + if (active_state->compat & SSH_BUG_RFWD_ADDR) return "0.0.0.0"; else return ""; @@ -3083,7 +3083,7 @@ channel_update_permitted_opens(int idx, int newport) permitted_opens[idx].port_to_connect); if (newport >= 0) { permitted_opens[idx].listen_port = - (datafellows & SSH_BUG_DYNAMIC_RPORT) ? 0 : newport; + (active_state->compat & SSH_BUG_DYNAMIC_RPORT) ? 0 : newport; } else { permitted_opens[idx].listen_port = 0; permitted_opens[idx].port_to_connect = 0; diff --git a/ssh/clientloop.c b/ssh/clientloop.c index 840dce0..5a1a8ff 100644 --- a/ssh/clientloop.c +++ b/ssh/clientloop.c @@ -1058,7 +1058,7 @@ process_escapes(struct ssh *ssh, Channel *c, Buffer *bin, Buffer *bout, case 'R': if (compat20) { - if (datafellows & SSH_BUG_NOREKEY) + if (ssh->compat & SSH_BUG_NOREKEY) logit("Server does not " "support re-keying"); else @@ -1790,7 +1790,7 @@ client_request_x11(struct ssh *ssh, const char *request_type, int rchan) return NULL; } originator = ssh_packet_get_string(ssh, NULL); - if (datafellows & SSH_BUG_X11FWD) { + if (ssh->compat & SSH_BUG_X11FWD) { debug2("buggy server: x11 request w/o originator_port"); originator_port = 0; } else { @@ -1916,7 +1916,7 @@ client_input_channel_open(int type, u_int32_t seq, struct ssh *ssh) ssh_packet_start(ssh, SSH2_MSG_CHANNEL_OPEN_FAILURE); ssh_packet_put_int(ssh, rchan); ssh_packet_put_int(ssh, SSH2_OPEN_ADMINISTRATIVELY_PROHIBITED); - if (!(datafellows & SSH_BUG_OPENFAILURE)) { + if (!(ssh->compat & SSH_BUG_OPENFAILURE)) { ssh_packet_put_cstring(ssh, "open failed"); ssh_packet_put_cstring(ssh, ""); } diff --git a/ssh/compat.c b/ssh/compat.c index 8988c42..02f3f84 100644 --- a/ssh/compat.c +++ b/ssh/compat.c @@ -35,7 +35,6 @@ int compat13 = 0; int compat20 = 0; -int datafellows = 0; void enable_compat20(void) @@ -50,7 +49,7 @@ enable_compat13(void) compat13 = 1; } /* datafellows bug compatibility */ -int +u_int compat_datafellows(const char *version) { int i; @@ -165,12 +164,11 @@ compat_datafellows(const char *version) if (match_pattern_list(version, check[i].pat, strlen(check[i].pat), 0) == 1) { debug("match: %s pat %s", version, check[i].pat); - datafellows = check[i].bugs; - return (datafellows); + return check[i].bugs; } } debug("no match: %s", version); - return (0); + return 0; } #define SEP "," @@ -205,12 +203,12 @@ proto_spec(const char *spec) } char * -compat_cipher_proposal(char *cipher_prop) +compat_cipher_proposal(char *cipher_prop, u_int compat) { char *orig_prop, *fix_ciphers, *cp, *tmp; size_t maxlen; - if (!(datafellows & SSH_BUG_BIGENDIANAES)) + if (compat & SSH_BUG_BIGENDIANAES) return cipher_prop; tmp = orig_prop = strdup(cipher_prop); diff --git a/ssh/compat.h b/ssh/compat.h index 375bc6b..827d8db 100644 --- a/ssh/compat.h +++ b/ssh/compat.h @@ -62,11 +62,10 @@ void enable_compat13(void); void enable_compat20(void); -int compat_datafellows(const char *); +u_int compat_datafellows(const char *); int proto_spec(const char *); -char *compat_cipher_proposal(char *); +char *compat_cipher_proposal(char *, u_int); extern int compat13; extern int compat20; -extern int datafellows; #endif diff --git a/ssh/kex.c b/ssh/kex.c index a2b1996..d42aa05 100644 --- a/ssh/kex.c +++ b/ssh/kex.c @@ -366,7 +366,7 @@ choose_mac(struct ssh *ssh, Mac *mac, char *client, char *server) if (mac_setup(mac, name) < 0) return SSH_ERR_INTERNAL_ERROR; /* truncate the key */ - if (ssh->datafellows & SSH_BUG_HMAC) + if (ssh->compat & SSH_BUG_HMAC) mac->key_len = 16; mac->name = name; mac->key = NULL; @@ -541,7 +541,7 @@ kex_choose_conf(struct ssh *ssh) /* ignore the next message if the proposals do not match */ if (first_kex_follows && !proposals_match(my, peer) && - !(ssh->datafellows & SSH_BUG_FIRSTKEX)) + !(ssh->compat & SSH_BUG_FIRSTKEX)) ssh->skip_packets = 1; r = 0; out: @@ -574,7 +574,7 @@ derive_key(struct ssh *ssh, int id, u_int need, u_char *hash, u_int hashlen, /* K1 = HASH(K || H || "A" || session_id) */ if (EVP_DigestInit(&md, kex->evp_md) != 1 || - (!(ssh->datafellows & SSH_BUG_DERIVEKEY) && + (!(ssh->compat & SSH_BUG_DERIVEKEY) && EVP_DigestUpdate(&md, sshbuf_ptr(b), sshbuf_len(b)) != 1) || EVP_DigestUpdate(&md, hash, hashlen) != 1 || EVP_DigestUpdate(&md, &c, 1) != 1 || @@ -591,7 +591,7 @@ derive_key(struct ssh *ssh, int id, u_int need, u_char *hash, u_int hashlen, */ for (have = mdsz; need > have; have += mdsz) { if (EVP_DigestInit(&md, kex->evp_md) != 1 || - (!(ssh->datafellows & SSH_BUG_DERIVEKEY) && + (!(ssh->compat & SSH_BUG_DERIVEKEY) && EVP_DigestUpdate(&md, sshbuf_ptr(b), sshbuf_len(b)) != 1) || EVP_DigestUpdate(&md, hash, hashlen) != 1 || EVP_DigestUpdate(&md, digest, have) != 1 || diff --git a/ssh/kexdhc.c b/ssh/kexdhc.c index 38856f1..7e8520c 100644 --- a/ssh/kexdhc.c +++ b/ssh/kexdhc.c @@ -166,7 +166,7 @@ input_kex_dh(int type, u_int32_t seq, struct ssh *ssh) goto out; if ((r = sshkey_verify(server_host_key, signature, slen, hash, hashlen, - ssh->datafellows)) != 0) + ssh->compat)) != 0) goto out; /* save session id */ diff --git a/ssh/kexdhs.c b/ssh/kexdhs.c index 5320eca..58e2d2c 100644 --- a/ssh/kexdhs.c +++ b/ssh/kexdhs.c @@ -175,8 +175,8 @@ input_kex_dh_init(int type, u_int32_t seq, struct ssh *ssh) } /* sign H */ - if ((r = PRIVSEP(sshkey_sign(server_host_private, &signature, &slen, hash, - hashlen, ssh->datafellows))) < 0) + if ((r = PRIVSEP(sshkey_sign(server_host_private, &signature, &slen, + hash, hashlen, ssh->compat))) < 0) goto out; /* destroy_sensitive_data(); */ diff --git a/ssh/kexecdhc.c b/ssh/kexecdhc.c index 3e677a5..74fb89c 100644 --- a/ssh/kexecdhc.c +++ b/ssh/kexecdhc.c @@ -183,7 +183,7 @@ input_kex_ecdh_reply(int type, u_int32_t seq, struct ssh *ssh) goto out; if ((r = sshkey_verify(server_host_key, signature, slen, hash, - hashlen, ssh->datafellows)) != 0) + hashlen, ssh->compat)) != 0) goto out; /* save session id */ diff --git a/ssh/kexecdhs.c b/ssh/kexecdhs.c index 059df1f..4ffe4de 100644 --- a/ssh/kexecdhs.c +++ b/ssh/kexecdhs.c @@ -169,7 +169,7 @@ input_kex_ecdh_init(int type, u_int32_t seq, struct ssh *ssh) /* sign H */ if ((r = PRIVSEP(sshkey_sign(server_host_private, &signature, &slen, - hash, hashlen, ssh->datafellows))) < 0) + hash, hashlen, ssh->compat))) < 0) goto out; /* destroy_sensitive_data(); */ diff --git a/ssh/kexgexc.c b/ssh/kexgexc.c index 1663429..30b6e41 100644 --- a/ssh/kexgexc.c +++ b/ssh/kexgexc.c @@ -58,7 +58,7 @@ kexgex_client(struct ssh *ssh) kex->min = DH_GRP_MIN; kex->max = DH_GRP_MAX; kex->nbits = nbits; - if (ssh->datafellows & SSH_OLD_DHGEX) { + if (ssh->compat & SSH_OLD_DHGEX) { /* Old GEX request */ if ((r = sshpkt_start(ssh, SSH2_MSG_KEX_DH_GEX_REQUEST_OLD)) != 0 || @@ -205,7 +205,7 @@ input_kex_dh_gex_reply(int type, u_int32_t seq, struct ssh *ssh) #ifdef DEBUG_KEXDH dump_digest("shared secret", kbuf, kout); #endif - if (ssh->datafellows & SSH_OLD_DHGEX) + if (ssh->compat & SSH_OLD_DHGEX) kex->min = kex->max = -1; /* calc and verify H */ @@ -225,7 +225,7 @@ input_kex_dh_gex_reply(int type, u_int32_t seq, struct ssh *ssh) goto out; if ((r = sshkey_verify(server_host_key, signature, slen, hash, - hashlen, ssh->datafellows)) != 0) + hashlen, ssh->compat)) != 0) goto out; /* save session id */ diff --git a/ssh/kexgexs.c b/ssh/kexgexs.c index b452ebe..7b314dd 100644 --- a/ssh/kexgexs.c +++ b/ssh/kexgexs.c @@ -232,8 +232,8 @@ input_kex_dh_gex_init(int type, u_int32_t seq, struct ssh *ssh) } /* sign H */ - if ((r = PRIVSEP(sshkey_sign(server_host_private, &signature, &slen, hash, - hashlen, ssh->datafellows))) < 0) + if ((r = PRIVSEP(sshkey_sign(server_host_private, &signature, &slen, + hash, hashlen, ssh->compat))) < 0) goto out; /* destroy_sensitive_data(); */ diff --git a/ssh/monitor.c b/ssh/monitor.c index 6f5e157..b041af8 100644 --- a/ssh/monitor.c +++ b/ssh/monitor.c @@ -632,7 +632,7 @@ mm_answer_sign(int sock, Buffer *m) if ((key = get_hostkey_by_index(keyid)) == NULL) fatal("%s: no hostkey from index %d", __func__, keyid); if ((r = sshkey_sign(key, &signature, &siglen, p, datlen, - datafellows)) != 0) + active_state->compat)) != 0) fatal("%s: sshkey_sign failed: %s", __func__, ssh_err(r)); debug3("%s: signature %p(%u)", __func__, signature, siglen); @@ -947,7 +947,7 @@ monitor_valid_userblob(u_char *data, u_int datalen) buffer_init(&b); buffer_append(&b, data, datalen); - if (datafellows & SSH_OLD_SESSIONID) { + if (active_state->compat & SSH_OLD_SESSIONID) { p = buffer_ptr(&b); len = buffer_len(&b); if ((session_id2 == NULL) || @@ -973,7 +973,7 @@ monitor_valid_userblob(u_char *data, u_int datalen) } xfree(p); buffer_skip_string(&b); - if (datafellows & SSH_BUG_PKAUTH) { + if (active_state->compat & SSH_BUG_PKAUTH) { if (!buffer_get_char(&b)) fail++; } else { @@ -1083,7 +1083,7 @@ mm_answer_keyverify(int sock, Buffer *m) fatal("%s: bad signature data blob", __func__); r = sshkey_verify(key, signature, signaturelen, data, datalen, - datafellows); + active_state->compat); debug3("%s: key %p signature %s", __func__, key, (r == 0) ? "verified" : "unverified"); diff --git a/ssh/nchan.c b/ssh/nchan.c index 3e786cb..843b859 100644 --- a/ssh/nchan.c +++ b/ssh/nchan.c @@ -390,7 +390,7 @@ chan_send_eow2(Channel *c) c->self); return; } - if (!(datafellows & SSH_NEW_OPENSSH)) + if (!(active_state->compat & SSH_NEW_OPENSSH)) return; packet_start(SSH2_MSG_CHANNEL_REQUEST); packet_put_int(c->remote_id); @@ -449,7 +449,7 @@ chan_is_dead(Channel *c, int do_send) debug2("channel %d: is dead", c->self); return 1; } - if ((datafellows & SSH_BUG_EXTEOF) && + if ((active_state->compat & SSH_BUG_EXTEOF) && c->extended_usage == CHAN_EXTENDED_WRITE && c->efd != -1 && buffer_len(&c->extended) > 0) { diff --git a/ssh/packet.c b/ssh/packet.c index 14e0999..de23362 100644 --- a/ssh/packet.c +++ b/ssh/packet.c @@ -1327,7 +1327,7 @@ ssh_packet_send2_wrapped(struct ssh *ssh) if (++state->p_send.seqnr == 0) logit("outgoing seqnr wraps around"); if (++state->p_send.packets == 0) - if (!(ssh->datafellows & SSH_BUG_NOREKEY)) + if (!(ssh->compat & SSH_BUG_NOREKEY)) return SSH_ERR_NEED_REKEY; state->p_send.blocks += (packet_length + 4) / block_size; state->p_send.bytes += packet_length + 4; @@ -1766,7 +1766,7 @@ ssh_packet_read_poll2(struct ssh *ssh, u_char *typep, u_int32_t *seqnr_p) if (++state->p_read.seqnr == 0) logit("incoming seqnr wraps around"); if (++state->p_read.packets == 0) - if (!(ssh->datafellows & SSH_BUG_NOREKEY)) + if (!(ssh->compat & SSH_BUG_NOREKEY)) return SSH_ERR_NEED_REKEY; state->p_read.blocks += (state->packlen + 4) / block_size; state->p_read.bytes += state->packlen + 4; @@ -2078,7 +2078,7 @@ ssh_packet_send_debug(struct ssh *ssh, const char *fmt,...) char buf[1024]; va_list args; - if (compat20 && (ssh->datafellows & SSH_BUG_DEBUG)) + if (compat20 && (ssh->compat & SSH_BUG_DEBUG)) return; va_start(args, fmt); @@ -2379,7 +2379,7 @@ ssh_packet_need_rekeying(struct ssh *ssh) { struct session_state *state = ssh->state; - if (ssh->datafellows & SSH_BUG_NOREKEY) + if (ssh->compat & SSH_BUG_NOREKEY) return 0; return (state->p_send.packets > MAX_PACKETS) || diff --git a/ssh/packet.h b/ssh/packet.h index 4dbb7a8..3f9fa0b 100644 --- a/ssh/packet.h +++ b/ssh/packet.h @@ -59,7 +59,7 @@ struct ssh { int skip_packets; /* datafellows */ - int datafellows; + int compat; /* Lists for private and public keys */ TAILQ_HEAD(, key_entry) private_keys; diff --git a/ssh/serverloop.c b/ssh/serverloop.c index cf156b1..144cb34 100644 --- a/ssh/serverloop.c +++ b/ssh/serverloop.c @@ -555,7 +555,7 @@ server_loop(pid_t pid, int fdin_arg, int fdout_arg, int fderr_arg) if (fderr != -1) set_nonblock(fderr); - if (!(datafellows & SSH_BUG_IGNOREMSG) && isatty(fdin)) + if (!(active_state->compat & SSH_BUG_IGNOREMSG) && isatty(fdin)) fdin_is_tty = 1; connection_in = packet_get_connection_in(); @@ -1057,7 +1057,7 @@ server_input_channel_open(int type, u_int32_t seq, struct ssh *ssh) packet_start(SSH2_MSG_CHANNEL_OPEN_FAILURE); packet_put_int(rchan); packet_put_int(SSH2_OPEN_ADMINISTRATIVELY_PROHIBITED); - if (!(datafellows & SSH_BUG_OPENFAILURE)) { + if (!(ssh->compat & SSH_BUG_OPENFAILURE)) { packet_put_cstring("open failed"); packet_put_cstring(""); } diff --git a/ssh/ssh-keyscan.c b/ssh/ssh-keyscan.c index 2fda427..08821ec 100644 --- a/ssh/ssh-keyscan.c +++ b/ssh/ssh-keyscan.c @@ -434,9 +434,9 @@ congreet(int s) *cp = '\0'; if (sscanf(buf, "SSH-%d.%d-%[^\n]\n", &remote_major, &remote_minor, remote_version) == 3) - compat_datafellows(remote_version); + c->c_ssh->compat = compat_datafellows(remote_version); else - datafellows = 0; + c->c_ssh->compat = 0; if (c->c_keytype != KT_RSA1) { if (!ssh2_capable(remote_major, remote_minor)) { debug("%s doesn't support ssh2", c->c_name); diff --git a/ssh/ssh.c b/ssh/ssh.c index 9d70d71..8ad4482 100644 --- a/ssh/ssh.c +++ b/ssh/ssh.c @@ -1411,12 +1411,12 @@ ssh_session2(struct ssh *ssh) if (options.control_persist && muxserver_sock == -1) ssh_init_stdio_forwarding(); - if (!no_shell_flag || (datafellows & SSH_BUG_DUMMYCHAN)) + if (!no_shell_flag || (active_state->compat & SSH_BUG_DUMMYCHAN)) id = ssh_session2_open(ssh); /* If we don't expect to open a new session, then disallow it */ if (options.control_master == SSHCTL_MASTER_NO && - (datafellows & SSH_NEW_OPENSSH)) { + (ssh->compat & SSH_NEW_OPENSSH)) { debug("Requesting no-more-sessions@openssh.com"); ssh_packet_start(ssh, SSH2_MSG_GLOBAL_REQUEST); ssh_packet_put_cstring(ssh, "no-more-sessions@openssh.com"); diff --git a/ssh/ssh_api.c b/ssh/ssh_api.c index 281fe57..2d4fbe8 100644 --- a/ssh/ssh_api.c +++ b/ssh/ssh_api.c @@ -291,7 +291,7 @@ _ssh_read_banner(struct ssh *ssh, char **bannerp) debug("Remote protocol version %d.%d, remote software version %.100s", remote_major, remote_minor, remote_version); - ssh->datafellows = compat_datafellows(remote_version); + ssh->compat = compat_datafellows(remote_version); if (remote_major == 1 && remote_minor == 99) { remote_major = 2; remote_minor = 0; @@ -381,7 +381,7 @@ _ssh_host_private_key(int type, struct ssh *ssh) { struct key_entry *k; - datafellows = ssh->datafellows; /* XXX */ + ssh->compat = ssh->compat; /* XXX */ debug3("%s: need %d", __func__, type); TAILQ_FOREACH(k, &ssh->private_keys, next) { debug3("%s: check %s", __func__, sshkey_type(k->key)); diff --git a/ssh/sshconnect.c b/ssh/sshconnect.c index 58cc072..484107d 100644 --- a/ssh/sshconnect.c +++ b/ssh/sshconnect.c @@ -504,7 +504,7 @@ ssh_exchange_identification(struct ssh *ssh, int timeout_ms) debug("Remote protocol version %d.%d, remote software version %.100s", remote_major, remote_minor, remote_version); - compat_datafellows(remote_version); + ssh->compat = compat_datafellows(remote_version); mismatch = 0; switch (remote_major) { @@ -1167,12 +1167,12 @@ ssh_login(struct ssh *ssh, Sensitive *sensitive, const char *orighost, } void -ssh_put_password(char *password) +ssh_put_password(struct ssh *ssh, char *password) { int size; char *padded; - if (datafellows & SSH_BUG_PASSWORDPAD) { + if (ssh->compat & SSH_BUG_PASSWORDPAD) { packet_put_cstring(password); return; } diff --git a/ssh/sshconnect.h b/ssh/sshconnect.h index 377db54..a56e854 100644 --- a/ssh/sshconnect.h +++ b/ssh/sshconnect.h @@ -53,7 +53,7 @@ void ssh_kex2(struct ssh *, u_short); void ssh_userauth1(const char *, const char *, char *, Sensitive *); void ssh_userauth2(struct ssh *, const char *, const char *, Sensitive *); -void ssh_put_password(char *); +void ssh_put_password(struct ssh *, char *); int ssh_local_cmd(const char *); /* diff --git a/ssh/sshconnect1.c b/ssh/sshconnect1.c index 6fb5e9a..6bedc29 100644 --- a/ssh/sshconnect1.c +++ b/ssh/sshconnect1.c @@ -422,7 +422,7 @@ try_challenge_response_authentication(void) break; } packet_start(SSH_CMSG_AUTH_TIS_RESPONSE); - ssh_put_password(response); + ssh_put_password(active_state, response); memset(response, 0, strlen(response)); xfree(response); packet_send(); @@ -455,7 +455,7 @@ try_password_authentication(char *prompt) error("Permission denied, please try again."); password = read_passphrase(prompt, 0); packet_start(SSH_CMSG_AUTH_PASSWORD); - ssh_put_password(password); + ssh_put_password(active_state, password); memset(password, 0, strlen(password)); xfree(password); packet_send(); diff --git a/ssh/sshconnect2.c b/ssh/sshconnect2.c index 89f5942..a5e8242 100644 --- a/ssh/sshconnect2.c +++ b/ssh/sshconnect2.c @@ -162,9 +162,9 @@ ssh_kex2(struct ssh *ssh, u_short port) myproposal[PROPOSAL_ENC_ALGS_STOC] = options.ciphers; } myproposal[PROPOSAL_ENC_ALGS_CTOS] = - compat_cipher_proposal(myproposal[PROPOSAL_ENC_ALGS_CTOS]); + compat_cipher_proposal(myproposal[PROPOSAL_ENC_ALGS_CTOS], ssh->compat); myproposal[PROPOSAL_ENC_ALGS_STOC] = - compat_cipher_proposal(myproposal[PROPOSAL_ENC_ALGS_STOC]); + compat_cipher_proposal(myproposal[PROPOSAL_ENC_ALGS_STOC], ssh->compat); if (myproposal[PROPOSAL_ENC_ALGS_CTOS] == NULL || myproposal[PROPOSAL_ENC_ALGS_STOC] == NULL) fatal("no compatible ciphers found"); @@ -576,7 +576,7 @@ input_userauth_pk_ok(int type, u_int32_t seq, struct ssh *ssh) if (authctxt == NULL) fatal("input_userauth_pk_ok: no authentication context"); - if (datafellows & SSH_BUG_PKOK) { + if (ssh->compat & SSH_BUG_PKOK) { /* this is similar to SSH_BUG_PKAUTH */ debug2("input_userauth_pk_ok: SSH_BUG_PKOK"); pkblob = ssh_packet_get_string(ssh, &blen); @@ -1194,7 +1194,7 @@ input_userauth_jpake_server_confirm(int type, u_int32_t seq, struct ssh *ssh) static int identity_sign(Identity *id, u_char **sigp, u_int *lenp, - u_char *data, u_int datalen) + u_char *data, u_int datalen, u_int compat) { struct sshkey *prv; int ret; @@ -1202,18 +1202,18 @@ identity_sign(Identity *id, u_char **sigp, u_int *lenp, /* the agent supports this key */ if (id->ac) return (ssh_agent_sign(id->ac, id->key, sigp, lenp, - data, datalen)); + data, datalen, compat)); /* * we have already loaded the private key or * the private key is stored in external hardware */ if (id->isprivate || (id->key->flags & SSHKEY_FLAG_EXT)) return (sshkey_sign(id->key, sigp, lenp, data, datalen, - datafellows)); + compat)); /* load the private key from the file */ if ((prv = load_identity_file(id->filename)) == NULL) return (-1); - ret = sshkey_sign(prv, sigp, lenp, data, datalen, datafellows); + ret = sshkey_sign(prv, sigp, lenp, data, datalen, compat); sshkey_free(prv); return (ret); } @@ -1241,7 +1241,7 @@ sign_and_send_pubkey(struct ssh *ssh, Identity *id) } /* data to be signed */ buffer_init(&b); - if (datafellows & SSH_OLD_SESSIONID) { + if (ssh->compat & SSH_OLD_SESSIONID) { buffer_append(&b, ssh->kex->session_id, ssh->kex->session_id_len); skip = ssh->kex->session_id_len; @@ -1253,10 +1253,10 @@ sign_and_send_pubkey(struct ssh *ssh, Identity *id) buffer_put_char(&b, SSH2_MSG_USERAUTH_REQUEST); buffer_put_cstring(&b, authctxt->server_user); buffer_put_cstring(&b, - datafellows & SSH_BUG_PKSERVICE ? + ssh->compat & SSH_BUG_PKSERVICE ? "ssh-userauth" : authctxt->service); - if (datafellows & SSH_BUG_PKAUTH) { + if (ssh->compat & SSH_BUG_PKAUTH) { buffer_put_char(&b, have_sig); } else { buffer_put_cstring(&b, authctxt->method->name); @@ -1267,7 +1267,7 @@ sign_and_send_pubkey(struct ssh *ssh, Identity *id) /* generate signature */ if ((ret = identity_sign(id, &signature, &slen, - buffer_ptr(&b), buffer_len(&b))) != 0) { + buffer_ptr(&b), buffer_len(&b), ssh->compat)) != 0) { error("signature failed: %s", ssh_err(ret)); xfree(blob); buffer_free(&b); @@ -1276,7 +1276,7 @@ sign_and_send_pubkey(struct ssh *ssh, Identity *id) #ifdef DEBUG_PK buffer_dump(&b); #endif - if (datafellows & SSH_BUG_PKSERVICE) { + if (ssh->compat & SSH_BUG_PKSERVICE) { buffer_clear(&b); buffer_append(&b, ssh->kex->session_id, ssh->kex->session_id_len); @@ -1286,7 +1286,7 @@ sign_and_send_pubkey(struct ssh *ssh, Identity *id) buffer_put_cstring(&b, authctxt->service); buffer_put_cstring(&b, authctxt->method->name); buffer_put_char(&b, have_sig); - if (!(datafellows & SSH_BUG_PKAUTH)) + if (!(ssh->compat & SSH_BUG_PKAUTH)) buffer_put_cstring(&b, sshkey_ssh_name(id->key)); buffer_put_string(&b, blob, bloblen); } @@ -1333,7 +1333,7 @@ send_pubkey_test(struct ssh *ssh, Identity *id) ssh_packet_put_cstring(ssh, authctxt->service); ssh_packet_put_cstring(ssh, authctxt->method->name); ssh_packet_put_char(ssh, have_sig); - if (!(datafellows & SSH_BUG_PKAUTH)) + if (!(ssh->compat & SSH_BUG_PKAUTH)) ssh_packet_put_cstring(ssh, sshkey_ssh_name(id->key)); ssh_packet_put_string(ssh, blob, bloblen); xfree(blob); @@ -1726,7 +1726,7 @@ userauth_hostbased(struct ssh *ssh) debug2("userauth_hostbased: chost %s", chost); xfree(p); - service = datafellows & SSH_BUG_HBSERVICE ? "ssh-userauth" : + service = ssh->compat & SSH_BUG_HBSERVICE ? "ssh-userauth" : authctxt->service; pkalg = xstrdup(sshkey_ssh_name(private)); buffer_init(&b); @@ -1748,7 +1748,7 @@ userauth_hostbased(struct ssh *ssh) buffer_ptr(&b), buffer_len(&b)); else ok = sshkey_sign(private, &signature, &slen, - buffer_ptr(&b), buffer_len(&b), datafellows); + buffer_ptr(&b), buffer_len(&b), ssh->compat); sshkey_free(private); buffer_free(&b); if (ok != 0) { diff --git a/ssh/sshd.c b/ssh/sshd.c index ccc53b6..730f79b 100644 --- a/ssh/sshd.c +++ b/ssh/sshd.c @@ -454,15 +454,15 @@ sshd_exchange_identification(int sock_in, int sock_out) debug("Client protocol version %d.%d; client software version %.100s", remote_major, remote_minor, remote_version); - compat_datafellows(remote_version); + active_state->compat = compat_datafellows(remote_version); - if (datafellows & SSH_BUG_PROBE) { + if (active_state->compat & SSH_BUG_PROBE) { logit("probed from %s with %s. Don't panic.", get_remote_ipaddr(), client_version_string); cleanup_exit(255); } - if (datafellows & SSH_BUG_SCANNER) { + if (active_state->compat & SSH_BUG_SCANNER) { logit("scanned from %s with %s. Don't panic.", get_remote_ipaddr(), client_version_string); cleanup_exit(255); @@ -2177,9 +2177,11 @@ do_ssh2_kex(void) myproposal[PROPOSAL_ENC_ALGS_STOC] = options.ciphers; } myproposal[PROPOSAL_ENC_ALGS_CTOS] = - compat_cipher_proposal(myproposal[PROPOSAL_ENC_ALGS_CTOS]); + compat_cipher_proposal(myproposal[PROPOSAL_ENC_ALGS_CTOS], + active_state->compat); myproposal[PROPOSAL_ENC_ALGS_STOC] = - compat_cipher_proposal(myproposal[PROPOSAL_ENC_ALGS_STOC]); + compat_cipher_proposal(myproposal[PROPOSAL_ENC_ALGS_STOC], + active_state->compat); if (myproposal[PROPOSAL_ENC_ALGS_CTOS] == NULL || myproposal[PROPOSAL_ENC_ALGS_STOC] == NULL) fatal("no compatible ciphers found");