Attachment #2242 for bug #2089

View | Details | Raw Unified | Return to bug 2089
Collapse All | Expand All




	return -1;
}

const char *
key_names_filter_invalid(const char *names)
{
	char *s, *cp, *p, *filtered;

	if (names == NULL || strcmp(names, "") == 0)
		return xstrdup("");
	s = cp = xstrdup(names);
	filtered = xmalloc(strlen(names) + 1);
	*filtered = '\0';
	for ((p = strsep(&cp, ",")); p && *p != '\0';
	    (p = strsep(&cp, ","))) {
		switch (key_type_from_name(p)) {
		case KEY_RSA1:
		case KEY_UNSPEC:
			error("Bad protocol 2 host key algorithm '%s'", p);
			continue;
		}
		if (*filtered != '\0')
			strcat(filtered, ",");
		strcat(filtered, p);
	}
	debug3("key names ok: [%s]", names);
	xfree(s);
	return filtered;
}

static int

Lines 132-138 Link Here

(-)key.h (-1 / +1 lines)
132	int key_to_blob(const Key , u_char , u_int );	132	int key_to_blob(const Key , u_char , u_int );
133	const char key_ssh_name(const Key );	133	const char key_ssh_name(const Key );
134	const char key_ssh_name_plain(const Key );	134	const char key_ssh_name_plain(const Key );
135	int key_names_valid2(const char *);	135	const char key_names_filter_invalid(const char );
136		136
137	int key_sign(const Key , u_char , u_int , const u_char *, u_int);	137	int key_sign(const Key , u_char , u_int , const u_char *, u_int);
138	int key_verify(const Key , const u_char , u_int, const u_char *, u_int);	138	int key_verify(const Key , const u_char , u_int, const u_char *, u_int);

Lines 741-751 Link Here

(-)readconf.c (-4 / +1 lines)
741	arg = strdelim(&s);	741	arg = strdelim(&s);
742	if (!arg \|\| *arg == '\0')	742	if (!arg \|\| *arg == '\0')
743	fatal("%.200s line %d: Missing argument.", filename, linenum);	743	fatal("%.200s line %d: Missing argument.", filename, linenum);
744	if (!key_names_valid2(arg))
745	fatal("%.200s line %d: Bad protocol 2 host key algorithms '%s'.",
746	filename, linenum, arg ? arg : "<NONE>");
747	if (*activep && options->hostkeyalgorithms == NULL)	744	if (*activep && options->hostkeyalgorithms == NULL)
748	options->hostkeyalgorithms = xstrdup(arg);	745	options->hostkeyalgorithms = key_names_filter_invalid(arg);
749	break;	746	break;
750		747
751	case oProtocol:	748	case oProtocol:

Return to bug 2089

Lines 1306-1331 Link Here

(-)key.c (-8 / +12 lines)
1306	return -1;	1306	return -1;
1307	}	1307	}
1308		1308
1309	int	1309	const char *
1310	key_names_valid2(const char *names)	1310	key_names_filter_invalid(const char *names)
1311	{	1311	{
1312	char s, cp, *p;	1312	char s, cp, p, filtered;
1313		1313
1314	if (names == NULL \|\| strcmp(names, "") == 0)	1314	if (names == NULL \|\| strcmp(names, "") == 0)
1315	return 0;	1315	return xstrdup("");
1316	s = cp = xstrdup(names);	1316	s = cp = xstrdup(names);
		1317	filtered = xmalloc(strlen(names) + 1);
		1318	*filtered = '\0';
1317	for ((p = strsep(&cp, ",")); p && *p != '\0';	1319	for ((p = strsep(&cp, ",")); p && *p != '\0';
1318	(p = strsep(&cp, ","))) {	1320	(p = strsep(&cp, ","))) {
1319	switch (key_type_from_name(p)) {	1321	switch (key_type_from_name(p)) {
1320	case KEY_RSA1:	1322	case KEY_RSA1:
1321	case KEY_UNSPEC:	1323	case KEY_UNSPEC:
1322	xfree(s);	1324	error("Bad protocol 2 host key algorithm '%s'", p);
1323	return 0;	1325	continue;
1324	}	1326	}
		1327	if (*filtered != '\0')
		1328	strcat(filtered, ",");
		1329	strcat(filtered, p);
1325	}	1330	}
1326	debug3("key names ok: [%s]", names);
1327	xfree(s);	1331	xfree(s);
1328	return 1;	1332	return filtered;
1329	}	1333	}
1330		1334
1331	static int	1335	static int