aboutsummaryrefslogtreecommitdiff
path: root/ssh_api.c
diff options
context:
space:
mode:
Diffstat (limited to 'ssh_api.c')
-rw-r--r--ssh_api.c44
1 files changed, 29 insertions, 15 deletions
diff --git a/ssh_api.c b/ssh_api.c
index 57509973b510..03dac0982c92 100644
--- a/ssh_api.c
+++ b/ssh_api.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssh_api.c,v 1.15 2019/01/21 10:38:54 djm Exp $ */
+/* $OpenBSD: ssh_api.c,v 1.18 2019/09/13 04:36:43 dtucker Exp $ */
/*
* Copyright (c) 2012 Markus Friedl. All rights reserved.
*
@@ -17,6 +17,11 @@
#include "includes.h"
+#include <sys/types.h>
+
+#include <stdio.h>
+#include <stdlib.h>
+
#include "ssh_api.h"
#include "compat.h"
#include "log.h"
@@ -50,7 +55,10 @@ int _ssh_host_key_sign(struct ssh *, struct sshkey *, struct sshkey *,
int use_privsep = 0;
int mm_sshkey_sign(struct sshkey *, u_char **, u_int *,
u_char *, u_int, char *, u_int);
+
+#ifdef WITH_OPENSSL
DH *mm_choose_dh(int, int, int);
+#endif
/* Define these two variables here so that they are part of the library */
u_char *session_id2 = NULL;
@@ -63,11 +71,13 @@ mm_sshkey_sign(struct sshkey *key, u_char **sigp, u_int *lenp,
return (-1);
}
+#ifdef WITH_OPENSSL
DH *
mm_choose_dh(int min, int nbits, int max)
{
return (NULL);
}
+#endif
/* API */
@@ -320,8 +330,8 @@ _ssh_read_banner(struct ssh *ssh, struct sshbuf *banner)
const char *mismatch = "Protocol mismatch.\r\n";
const u_char *s = sshbuf_ptr(input);
u_char c;
- char *cp, *remote_version;
- int r, remote_major, remote_minor, expect_nl;
+ char *cp = NULL, *remote_version = NULL;
+ int r = 0, remote_major, remote_minor, expect_nl;
size_t n, j;
for (j = n = 0;;) {
@@ -347,10 +357,8 @@ _ssh_read_banner(struct ssh *ssh, struct sshbuf *banner)
if (sshbuf_len(banner) >= 4 &&
memcmp(sshbuf_ptr(banner), "SSH-", 4) == 0)
break;
- if ((cp = sshbuf_dup_string(banner)) == NULL)
- return SSH_ERR_ALLOC_FAIL;
- debug("%s: %s", __func__, cp);
- free(cp);
+ debug("%s: %.*s", __func__, (int)sshbuf_len(banner),
+ sshbuf_ptr(banner));
/* Accept lines before banner only on client */
if (ssh->kex->server || ++n > SSH_MAX_PRE_BANNER_LINES) {
bad:
@@ -363,19 +371,22 @@ _ssh_read_banner(struct ssh *ssh, struct sshbuf *banner)
if ((r = sshbuf_consume(input, j)) != 0)
return r;
- if ((cp = sshbuf_dup_string(banner)) == NULL)
- return SSH_ERR_ALLOC_FAIL;
/* XXX remote version must be the same size as banner for sscanf */
- if ((remote_version = calloc(1, sshbuf_len(banner))) == NULL)
- return SSH_ERR_ALLOC_FAIL;
+ if ((cp = sshbuf_dup_string(banner)) == NULL ||
+ (remote_version = calloc(1, sshbuf_len(banner))) == NULL) {
+ r = SSH_ERR_ALLOC_FAIL;
+ goto out;
+ }
/*
* Check that the versions match. In future this might accept
* several versions and set appropriate flags to handle them.
*/
if (sscanf(cp, "SSH-%d.%d-%[^\n]\n",
- &remote_major, &remote_minor, remote_version) != 3)
- return SSH_ERR_INVALID_FORMAT;
+ &remote_major, &remote_minor, remote_version) != 3) {
+ r = SSH_ERR_INVALID_FORMAT;
+ goto out;
+ }
debug("Remote protocol version %d.%d, remote software version %.100s",
remote_major, remote_minor, remote_version);
@@ -385,10 +396,13 @@ _ssh_read_banner(struct ssh *ssh, struct sshbuf *banner)
remote_minor = 0;
}
if (remote_major != 2)
- return SSH_ERR_PROTOCOL_MISMATCH;
+ r = SSH_ERR_PROTOCOL_MISMATCH;
+
debug("Remote version string %.100s", cp);
+ out:
free(cp);
- return 0;
+ free(remote_version);
+ return r;
}
/* Send our own protocol version identification. */
generated by cgit v1.2.3 (git 2.25.1) at 2025-06-07 01:22:57 +0000