Attachment #3015 for bug #2745

View | Details | Raw Unified | Return to bug 2745
Collapse All | Expand All

Lines 171-177 typedef enum { Link Here

(-)a/readconf.c (-1 / +13 lines)
171	oCanonicalizeFallbackLocal, oCanonicalizePermittedCNAMEs,	171	oCanonicalizeFallbackLocal, oCanonicalizePermittedCNAMEs,
172	oStreamLocalBindMask, oStreamLocalBindUnlink, oRevokedHostKeys,	172	oStreamLocalBindMask, oStreamLocalBindUnlink, oRevokedHostKeys,
173	oFingerprintHash, oUpdateHostkeys, oHostbasedKeyTypes,	173	oFingerprintHash, oUpdateHostkeys, oHostbasedKeyTypes,
174	oPubkeyAcceptedKeyTypes, oProxyJump,	174	oPubkeyAcceptedKeyTypes, oProxyJump, oVersionAddendum,
175	oIgnore, oIgnoredUnknownOption, oDeprecated, oUnsupported	175	oIgnore, oIgnoredUnknownOption, oDeprecated, oUnsupported
176	} OpCodes;	176	} OpCodes;
177		177
Lines 305-310 static struct { Link Here
305	{ "pubkeyacceptedkeytypes", oPubkeyAcceptedKeyTypes },	305	{ "pubkeyacceptedkeytypes", oPubkeyAcceptedKeyTypes },
306	{ "ignoreunknown", oIgnoreUnknown },	306	{ "ignoreunknown", oIgnoreUnknown },
307	{ "proxyjump", oProxyJump },	307	{ "proxyjump", oProxyJump },
		308	{ "versionaddendum", oVersionAddendum },
308		309
309	{ NULL, oBadOption }	310	{ NULL, oBadOption }
310	};	311	};
Lines 1653-1658 parse_keytypes: Link Here
1653	charptr = &options->identity_agent;	1654	charptr = &options->identity_agent;
1654	goto parse_string;	1655	goto parse_string;
1655		1656
		1657	case oVersionAddendum:
		1658	charptr = &options->version_addendum;
		1659	goto parse_string;
		1660
1656	case oDeprecated:	1661	case oDeprecated:
1657	debug("%s line %d: Deprecated option \"%s\"",	1662	debug("%s line %d: Deprecated option \"%s\"",
1658	filename, linenum, keyword);	1663	filename, linenum, keyword);
Lines 1853-1858 initialize_options(Options * options) Link Here
1853	options->update_hostkeys = -1;	1858	options->update_hostkeys = -1;
1854	options->hostbased_key_types = NULL;	1859	options->hostbased_key_types = NULL;
1855	options->pubkey_key_types = NULL;	1860	options->pubkey_key_types = NULL;
		1861	options->version_addendum = NULL;
1856	}	1862	}
1857		1863
1858	/*	1864	/*
Lines 2022-2027 fill_default_options(Options * options) Link Here
2022	options->fingerprint_hash = SSH_FP_HASH_DEFAULT;	2028	options->fingerprint_hash = SSH_FP_HASH_DEFAULT;
2023	if (options->update_hostkeys == -1)	2029	if (options->update_hostkeys == -1)
2024	options->update_hostkeys = 0;	2030	options->update_hostkeys = 0;
		2031	if (options->version_addendum == NULL)
		2032	options->version_addendum = xstrdup("");
		2033	if(strcasecmp(options->version_addendum, "none") == 0)
		2034	options->version_addendum = xstrdup("");
2025	if (kex_assemble_names(KEX_CLIENT_ENCRYPT, &options->ciphers) != 0 \|\|	2035	if (kex_assemble_names(KEX_CLIENT_ENCRYPT, &options->ciphers) != 0 \|\|
2026	kex_assemble_names(KEX_CLIENT_MAC, &options->macs) != 0 \|\|	2036	kex_assemble_names(KEX_CLIENT_MAC, &options->macs) != 0 \|\|
2027	kex_assemble_names(KEX_CLIENT_KEX, &options->kex_algorithms) != 0 \|\|	2037	kex_assemble_names(KEX_CLIENT_KEX, &options->kex_algorithms) != 0 \|\|
Lines 2527-2532 dump_client_config(Options o, const char host) Link Here
2527	dump_cfg_string(oPubkeyAcceptedKeyTypes, o->pubkey_key_types);	2537	dump_cfg_string(oPubkeyAcceptedKeyTypes, o->pubkey_key_types);
2528	dump_cfg_string(oRevokedHostKeys, o->revoked_host_keys);	2538	dump_cfg_string(oRevokedHostKeys, o->revoked_host_keys);
2529	dump_cfg_string(oXAuthLocation, o->xauth_location);	2539	dump_cfg_string(oXAuthLocation, o->xauth_location);
		2540	dump_cfg_string(oVersionAddendum, *o->version_addendum == '\0'
		2541	? "none" : o->version_addendum);
2530		2542
2531	/* Forwards */	2543	/* Forwards */
2532	dump_cfg_forwards(oDynamicForward, o->num_local_forwards, o->local_forwards);	2544	dump_cfg_forwards(oDynamicForward, o->num_local_forwards, o->local_forwards);

Lines 164-169 typedef struct { Link Here

(-)a/readconf.h (+1 lines)
164	char *jump_extra;	164	char *jump_extra;
165		165
166	char ignored_unknown; / Pattern list of unknown tokens to ignore */	166	char ignored_unknown; / Pattern list of unknown tokens to ignore */
		167	char version_addendum; / Appended to SSH banner */
167	} Options;	168	} Options;
168		169
169	#define SSH_CANONICALISE_NO 0	170	#define SSH_CANONICALISE_NO 0




}

static void
send_client_banner(int connection_out, int minor1, const char *host)
{
	/* Send our own protocol version identification. */
	char *tmp, *expanded;
	xasprintf(&tmp, "%s%s", *options.version_addendum == '\0' ? "" : " ", 
              options.version_addendum); 
	expanded = percent_expand(tmp, "h", host, (char *)NULL);	
	if (strchr(expanded, '\r') != NULL)
		fatal("send_client_banner: cannot include carriage return " 
			"in version addendum");	
	xasprintf(&client_version_string, "SSH-%d.%d-%.100s%s\r\n",
	    PROTOCOL_MAJOR_2, PROTOCOL_MINOR_2, SSH_VERSION, expanded);
	free(tmp);
	free(expanded);
	if(strlen(client_version_string) > 255)
		fatal("send_client_banner: banner too long: %.255s", 
			client_version_string);	
	if (atomicio(vwrite, connection_out, client_version_string,
	    strlen(client_version_string)) != strlen(client_version_string))
		fatal("write: %.100s", strerror(errno));

 * identification string.
 */
void
ssh_exchange_identification(int timeout_ms, const char *host)
{
	char buf[256], remote_version[256];	/* must be same size! */
	int remote_major, remote_minor, mismatch;

	size_t len;
	int rc;

	send_client_banner(connection_out, 0, host);

	/* Read other side's version identification. */
	for (n = 0;;) {

	lowercase(host);

	/* Exchange protocol version identification strings with the server. */
	ssh_exchange_identification(timeout_ms, host);

	/* Put the connection into non-blocking mode. */
	packet_set_nonblocking();

Lines 39-45 void ssh_kill_proxy_command(void); Link Here

(-)a/sshconnect.h (-2 / +1 lines)
39	void ssh_login(Sensitive , const char , struct sockaddr *, u_short,	39	void ssh_login(Sensitive , const char , struct sockaddr *, u_short,
40	struct passwd *, int);	40	struct passwd *, int);
41		41
42	void ssh_exchange_identification(int);	42	void ssh_exchange_identification(int, const char *);
43		43
44	int verify_host_key(char , struct sockaddr , struct sshkey *);	44	int verify_host_key(char , struct sockaddr , struct sshkey *);
45		45
46	-

Return to bug 2745

Lines 508-518 ssh_connect(const char host, struct addrinfo addrs, Link Here

(-)a/sshconnect.c (-6 / +18 lines)
508	}	508	}
509		509
510	static void	510	static void
511	send_client_banner(int connection_out, int minor1)	511	send_client_banner(int connection_out, int minor1, const char *host)
512	{	512	{
513	/* Send our own protocol version identification. */	513	/* Send our own protocol version identification. */
514	xasprintf(&client_version_string, "SSH-%d.%d-%.100s\r\n",	514	char tmp, expanded;
515	PROTOCOL_MAJOR_2, PROTOCOL_MINOR_2, SSH_VERSION);	515	xasprintf(&tmp, "%s%s", *options.version_addendum == '\0' ? "" : " ",
		516	options.version_addendum);
		517	expanded = percent_expand(tmp, "h", host, (char *)NULL);
		518	if (strchr(expanded, '\r') != NULL)
		519	fatal("send_client_banner: cannot include carriage return "
		520	"in version addendum");
		521	xasprintf(&client_version_string, "SSH-%d.%d-%.100s%s\r\n",
		522	PROTOCOL_MAJOR_2, PROTOCOL_MINOR_2, SSH_VERSION, expanded);
		523	free(tmp);
		524	free(expanded);
		525	if(strlen(client_version_string) > 255)
		526	fatal("send_client_banner: banner too long: %.255s",
		527	client_version_string);
516	if (atomicio(vwrite, connection_out, client_version_string,	528	if (atomicio(vwrite, connection_out, client_version_string,
517	strlen(client_version_string)) != strlen(client_version_string))	529	strlen(client_version_string)) != strlen(client_version_string))
518	fatal("write: %.100s", strerror(errno));	530	fatal("write: %.100s", strerror(errno));
Lines 525-531 send_client_banner(int connection_out, int minor1) Link Here
525	* identification string.	537	* identification string.
526	*/	538	*/
527	void	539	void
528	ssh_exchange_identification(int timeout_ms)	540	ssh_exchange_identification(int timeout_ms, const char *host)
529	{	541	{
530	char buf[256], remote_version[256]; /* must be same size! */	542	char buf[256], remote_version[256]; /* must be same size! */
531	int remote_major, remote_minor, mismatch;	543	int remote_major, remote_minor, mismatch;
Lines 535-541 ssh_exchange_identification(int timeout_ms) Link Here
535	size_t len;	547	size_t len;
536	int rc;	548	int rc;
537		549
538	send_client_banner(connection_out, 0);	550	send_client_banner(connection_out, 0, host);
539		551
540	/* Read other side's version identification. */	552	/* Read other side's version identification. */
541	for (n = 0;;) {	553	for (n = 0;;) {
Lines 1306-1312 ssh_login(Sensitive sensitive, const char orighost, Link Here
1306	lowercase(host);	1318	lowercase(host);
1307		1319
1308	/* Exchange protocol version identification strings with the server. */	1320	/* Exchange protocol version identification strings with the server. */
1309	ssh_exchange_identification(timeout_ms);	1321	ssh_exchange_identification(timeout_ms, host);
1310		1322
1311	/* Put the connection into non-blocking mode. */	1323	/* Put the connection into non-blocking mode. */
1312	packet_set_nonblocking();	1324	packet_set_nonblocking();