1 | /* |
---|
2 | * Copyright (c) 1999, 2000, 2001 Markus Friedl. All rights reserved. |
---|
3 | * |
---|
4 | * Redistribution and use in source and binary forms, with or without |
---|
5 | * modification, are permitted provided that the following conditions |
---|
6 | * are met: |
---|
7 | * 1. Redistributions of source code must retain the above copyright |
---|
8 | * notice, this list of conditions and the following disclaimer. |
---|
9 | * 2. Redistributions in binary form must reproduce the above copyright |
---|
10 | * notice, this list of conditions and the following disclaimer in the |
---|
11 | * documentation and/or other materials provided with the distribution. |
---|
12 | * |
---|
13 | * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR |
---|
14 | * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES |
---|
15 | * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. |
---|
16 | * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, |
---|
17 | * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT |
---|
18 | * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, |
---|
19 | * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY |
---|
20 | * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT |
---|
21 | * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF |
---|
22 | * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |
---|
23 | */ |
---|
24 | |
---|
25 | #include "includes.h" |
---|
26 | RCSID("$OpenBSD: compat.c,v 1.53 2001/09/20 13:50:40 markus Exp $"); |
---|
27 | |
---|
28 | #ifdef HAVE_LIBPCRE |
---|
29 | # include <pcreposix.h> |
---|
30 | #else /* Use native regex libraries */ |
---|
31 | # ifdef HAVE_REGEX_H |
---|
32 | # include <regex.h> |
---|
33 | # else |
---|
34 | # include "openbsd-compat/fake-regex.h" |
---|
35 | # endif |
---|
36 | #endif /* HAVE_LIBPCRE */ |
---|
37 | |
---|
38 | #include "packet.h" |
---|
39 | #include "xmalloc.h" |
---|
40 | #include "compat.h" |
---|
41 | #include "log.h" |
---|
42 | |
---|
43 | int compat13 = 0; |
---|
44 | int compat20 = 0; |
---|
45 | int datafellows = 0; |
---|
46 | |
---|
47 | void |
---|
48 | enable_compat20(void) |
---|
49 | { |
---|
50 | verbose("Enabling compatibility mode for protocol 2.0"); |
---|
51 | compat20 = 1; |
---|
52 | } |
---|
53 | void |
---|
54 | enable_compat13(void) |
---|
55 | { |
---|
56 | verbose("Enabling compatibility mode for protocol 1.3"); |
---|
57 | compat13 = 1; |
---|
58 | } |
---|
59 | /* datafellows bug compatibility */ |
---|
60 | void |
---|
61 | compat_datafellows(const char *version) |
---|
62 | { |
---|
63 | int i, ret; |
---|
64 | char ebuf[1024]; |
---|
65 | regex_t reg; |
---|
66 | static struct { |
---|
67 | char *pat; |
---|
68 | int bugs; |
---|
69 | } check[] = { |
---|
70 | { "^OpenSSH[-_]2\\.[012]", |
---|
71 | SSH_OLD_SESSIONID|SSH_BUG_BANNER| |
---|
72 | SSH_OLD_DHGEX|SSH_BUG_NOREKEY }, |
---|
73 | { "^OpenSSH_2\\.3\\.0", SSH_BUG_BANNER|SSH_BUG_BIGENDIANAES| |
---|
74 | SSH_OLD_DHGEX|SSH_BUG_NOREKEY}, |
---|
75 | { "^OpenSSH_2\\.3\\.", SSH_BUG_BIGENDIANAES|SSH_OLD_DHGEX| |
---|
76 | SSH_BUG_NOREKEY}, |
---|
77 | { "^OpenSSH_2\\.5\\.[01]p1", |
---|
78 | SSH_BUG_BIGENDIANAES|SSH_OLD_DHGEX| |
---|
79 | SSH_BUG_NOREKEY }, |
---|
80 | { "^OpenSSH_2\\.5\\.[012]", |
---|
81 | SSH_OLD_DHGEX|SSH_BUG_NOREKEY }, |
---|
82 | { "^OpenSSH_2\\.5\\.3", |
---|
83 | SSH_BUG_NOREKEY }, |
---|
84 | { "^OpenSSH", 0 }, |
---|
85 | { "MindTerm", 0 }, |
---|
86 | { "^2\\.1\\.0", SSH_BUG_SIGBLOB|SSH_BUG_HMAC| |
---|
87 | SSH_OLD_SESSIONID|SSH_BUG_DEBUG| |
---|
88 | SSH_BUG_RSASIGMD5|SSH_BUG_HBSERVICE }, |
---|
89 | { "^2\\.1 ", SSH_BUG_SIGBLOB|SSH_BUG_HMAC| |
---|
90 | SSH_OLD_SESSIONID|SSH_BUG_DEBUG| |
---|
91 | SSH_BUG_RSASIGMD5|SSH_BUG_HBSERVICE }, |
---|
92 | { "^2\\.0\\.1[3-9]", SSH_BUG_SIGBLOB|SSH_BUG_HMAC| |
---|
93 | SSH_OLD_SESSIONID|SSH_BUG_DEBUG| |
---|
94 | SSH_BUG_PKSERVICE|SSH_BUG_X11FWD| |
---|
95 | SSH_BUG_PKOK|SSH_BUG_RSASIGMD5| |
---|
96 | SSH_BUG_HBSERVICE|SSH_BUG_OPENFAILURE| |
---|
97 | SSH_BUG_DUMMYCHAN }, |
---|
98 | { "^2\\.0\\.1[1-2]", SSH_BUG_SIGBLOB|SSH_BUG_HMAC| |
---|
99 | SSH_OLD_SESSIONID|SSH_BUG_DEBUG| |
---|
100 | SSH_BUG_PKSERVICE|SSH_BUG_X11FWD| |
---|
101 | SSH_BUG_PKAUTH|SSH_BUG_PKOK| |
---|
102 | SSH_BUG_RSASIGMD5|SSH_BUG_OPENFAILURE| |
---|
103 | SSH_BUG_DUMMYCHAN }, |
---|
104 | { "^2\\.0\\.", SSH_BUG_SIGBLOB|SSH_BUG_HMAC| |
---|
105 | SSH_OLD_SESSIONID|SSH_BUG_DEBUG| |
---|
106 | SSH_BUG_PKSERVICE|SSH_BUG_X11FWD| |
---|
107 | SSH_BUG_PKAUTH|SSH_BUG_PKOK| |
---|
108 | SSH_BUG_RSASIGMD5|SSH_BUG_OPENFAILURE| |
---|
109 | SSH_BUG_DERIVEKEY|SSH_BUG_DUMMYCHAN }, |
---|
110 | { "^2\\.[23]\\.0", SSH_BUG_HMAC|SSH_BUG_DEBUG| |
---|
111 | SSH_BUG_RSASIGMD5 }, |
---|
112 | { "^2\\.3\\.", SSH_BUG_DEBUG|SSH_BUG_RSASIGMD5 }, |
---|
113 | { "^2\\.[2-9]\\.", SSH_BUG_DEBUG }, |
---|
114 | { "^3\\.0\\.", SSH_BUG_DEBUG }, |
---|
115 | { "^2\\.4$", SSH_OLD_SESSIONID }, /* Van Dyke */ |
---|
116 | { "^3\\.0 SecureCRT", SSH_OLD_SESSIONID }, |
---|
117 | { "^1\\.7 SecureFX", SSH_OLD_SESSIONID }, |
---|
118 | { "^1\\.2\\.1[89]", SSH_BUG_IGNOREMSG|SSH_OLD_KRB5 }, |
---|
119 | { "^1\\.2\\.2[012]", SSH_BUG_IGNOREMSG|SSH_OLD_KRB5 }, |
---|
120 | { "^1\\.3\\.2", SSH_BUG_IGNOREMSG|SSH_OLD_KRB5 }, |
---|
121 | /* f-secure */ |
---|
122 | { "^1\\.", SSH_OLD_KRB5 }, |
---|
123 | { "^SSH Compatible Server", /* Netscreen */ |
---|
124 | SSH_BUG_PASSWORDPAD }, |
---|
125 | { "^OSU_0", SSH_BUG_PASSWORDPAD }, |
---|
126 | { "^OSU_1\\.[0-4]", SSH_BUG_PASSWORDPAD }, |
---|
127 | { "^OSU_1\\.5alpha[1-3]", |
---|
128 | SSH_BUG_PASSWORDPAD }, |
---|
129 | { "^SSH_Version_Mapper", |
---|
130 | SSH_BUG_SCANNER }, |
---|
131 | { NULL, 0 } |
---|
132 | }; |
---|
133 | /* process table, return first match */ |
---|
134 | for (i = 0; check[i].pat; i++) { |
---|
135 | ret = regcomp(®, check[i].pat, REG_EXTENDED|REG_NOSUB); |
---|
136 | if (ret != 0) { |
---|
137 | regerror(ret, ®, ebuf, sizeof(ebuf)); |
---|
138 | ebuf[sizeof(ebuf)-1] = '\0'; |
---|
139 | error("regerror: %s", ebuf); |
---|
140 | continue; |
---|
141 | } |
---|
142 | ret = regexec(®, version, 0, NULL, 0); |
---|
143 | regfree(®); |
---|
144 | if (ret == 0) { |
---|
145 | debug("match: %s pat %s", version, check[i].pat); |
---|
146 | datafellows = check[i].bugs; |
---|
147 | return; |
---|
148 | } |
---|
149 | } |
---|
150 | debug("no match: %s", version); |
---|
151 | } |
---|
152 | |
---|
153 | #define SEP "," |
---|
154 | int |
---|
155 | proto_spec(const char *spec) |
---|
156 | { |
---|
157 | char *s, *p, *q; |
---|
158 | int ret = SSH_PROTO_UNKNOWN; |
---|
159 | |
---|
160 | if (spec == NULL) |
---|
161 | return ret; |
---|
162 | q = s = xstrdup(spec); |
---|
163 | for ((p = strsep(&q, SEP)); p && *p != '\0'; (p = strsep(&q, SEP))) { |
---|
164 | switch(atoi(p)) { |
---|
165 | case 1: |
---|
166 | if (ret == SSH_PROTO_UNKNOWN) |
---|
167 | ret |= SSH_PROTO_1_PREFERRED; |
---|
168 | ret |= SSH_PROTO_1; |
---|
169 | break; |
---|
170 | case 2: |
---|
171 | ret |= SSH_PROTO_2; |
---|
172 | break; |
---|
173 | default: |
---|
174 | log("ignoring bad proto spec: '%s'.", p); |
---|
175 | break; |
---|
176 | } |
---|
177 | } |
---|
178 | xfree(s); |
---|
179 | return ret; |
---|
180 | } |
---|
181 | |
---|
182 | char * |
---|
183 | compat_cipher_proposal(char *cipher_prop) |
---|
184 | { |
---|
185 | char *orig_prop, *fix_ciphers; |
---|
186 | char *cp, *tmp; |
---|
187 | size_t len; |
---|
188 | |
---|
189 | if (!(datafellows & SSH_BUG_BIGENDIANAES)) |
---|
190 | return(cipher_prop); |
---|
191 | |
---|
192 | len = strlen(cipher_prop) + 1; |
---|
193 | fix_ciphers = xmalloc(len); |
---|
194 | *fix_ciphers = '\0'; |
---|
195 | tmp = orig_prop = xstrdup(cipher_prop); |
---|
196 | while((cp = strsep(&tmp, ",")) != NULL) { |
---|
197 | if (strncmp(cp, "aes", 3) && strncmp(cp, "rijndael", 8)) { |
---|
198 | if (*fix_ciphers) |
---|
199 | strlcat(fix_ciphers, ",", len); |
---|
200 | strlcat(fix_ciphers, cp, len); |
---|
201 | } |
---|
202 | } |
---|
203 | xfree(orig_prop); |
---|
204 | debug2("Original cipher proposal: %s", cipher_prop); |
---|
205 | debug2("Compat cipher proposal: %s", fix_ciphers); |
---|
206 | if (!*fix_ciphers) |
---|
207 | fatal("No available ciphers found."); |
---|
208 | |
---|
209 | return(fix_ciphers); |
---|
210 | } |
---|