Line | Source | Count |
1 | | - |
2 | | - |
3 | | - |
4 | | - |
5 | | - |
6 | | - |
7 | int datafellows = 0; | - |
8 | | - |
9 | | - |
10 | u_int | - |
11 | compat_datafellows(const char *version) | - |
12 | { | - |
13 | int i; | - |
14 | static struct { | - |
15 | char *pat; | - |
16 | int bugs; | - |
17 | } check[] = { | - |
18 | { "OpenSSH_2.*," | - |
19 | "OpenSSH_3.0*," | - |
20 | "OpenSSH_3.1*", 0x00200000|0x01000000| | - |
21 | 0x00000002}, | - |
22 | { "OpenSSH_3.*", 0x01000000|0x00000002 }, | - |
23 | { "Sun_SSH_1.0*", 0x00008000|0x00200000| | - |
24 | 0x00000002}, | - |
25 | { "OpenSSH_2*," | - |
26 | "OpenSSH_3*," | - |
27 | "OpenSSH_4*", 0x00000002 }, | - |
28 | { "OpenSSH_5*", 0x04000000|0x08000000| | - |
29 | 0x00000002}, | - |
30 | { "OpenSSH_6.6.1*", 0x04000000|0x00000002}, | - |
31 | { "OpenSSH_6.5*," | - |
32 | "OpenSSH_6.6*", 0x04000000|0x10000000| | - |
33 | 0x00000002}, | - |
34 | { "OpenSSH_7.0*," | - |
35 | "OpenSSH_7.1*," | - |
36 | "OpenSSH_7.2*," | - |
37 | "OpenSSH_7.3*," | - |
38 | "OpenSSH_7.4*," | - |
39 | "OpenSSH_7.5*," | - |
40 | "OpenSSH_7.6*," | - |
41 | "OpenSSH_7.7*", 0x04000000|0x00000002}, | - |
42 | { "OpenSSH*", 0x04000000 }, | - |
43 | { "*MindTerm*", 0 }, | - |
44 | { "3.0.*", 0x00000040 }, | - |
45 | { "3.0 SecureCRT*", 0x00000010 }, | - |
46 | { "1.7 SecureFX*", 0x00000010 }, | - |
47 | { "1.2.18*," | - |
48 | "1.2.19*," | - |
49 | "1.2.20*," | - |
50 | "1.2.21*," | - |
51 | "1.2.22*", 0x00000100 }, | - |
52 | { "1.3.2*", | - |
53 | 0x00000100 }, | - |
54 | { "Cisco-1.*", 0x40000000| | - |
55 | 0x20000000 }, | - |
56 | { "*SSH Compatible Server*", | - |
57 | 0x00000400 }, | - |
58 | { "*OSU_0*," | - |
59 | "OSU_1.0*," | - |
60 | "OSU_1.1*," | - |
61 | "OSU_1.2*," | - |
62 | "OSU_1.3*," | - |
63 | "OSU_1.4*," | - |
64 | "OSU_1.5alpha1*," | - |
65 | "OSU_1.5alpha2*," | - |
66 | "OSU_1.5alpha3*", 0x00000400 }, | - |
67 | { "*SSH_Version_Mapper*", | - |
68 | 0x00000800 }, | - |
69 | { "PuTTY_Local:*," | - |
70 | "PuTTY-Release-0.5*," | - |
71 | "PuTTY_Release_0.5*," | - |
72 | "PuTTY_Release_0.60*," | - |
73 | "PuTTY_Release_0.61*," | - |
74 | "PuTTY_Release_0.62*," | - |
75 | "PuTTY_Release_0.63*," | - |
76 | "PuTTY_Release_0.64*", | - |
77 | 0x00004000 }, | - |
78 | { "FuTTY*", 0x00004000 }, | - |
79 | { "Probe-*", | - |
80 | 0x00400000 }, | - |
81 | { "TeraTerm SSH*," | - |
82 | "TTSSH/1.5.*," | - |
83 | "TTSSH/2.1*," | - |
84 | "TTSSH/2.2*," | - |
85 | "TTSSH/2.3*," | - |
86 | "TTSSH/2.4*," | - |
87 | "TTSSH/2.5*," | - |
88 | "TTSSH/2.6*," | - |
89 | "TTSSH/2.70*," | - |
90 | "TTSSH/2.71*," | - |
91 | "TTSSH/2.72*", 0x20000000 }, | - |
92 | { "WinSCP_release_4*," | - |
93 | "WinSCP_release_5.0*," | - |
94 | "WinSCP_release_5.1," | - |
95 | "WinSCP_release_5.1.*," | - |
96 | "WinSCP_release_5.5," | - |
97 | "WinSCP_release_5.5.*," | - |
98 | "WinSCP_release_5.6," | - |
99 | "WinSCP_release_5.6.*," | - |
100 | "WinSCP_release_5.7," | - |
101 | "WinSCP_release_5.7.1," | - |
102 | "WinSCP_release_5.7.2," | - |
103 | "WinSCP_release_5.7.3," | - |
104 | "WinSCP_release_5.7.4", | - |
105 | 0x00004000 }, | - |
106 | { "ConfD-*", | - |
107 | 0x00000001 }, | - |
108 | { "Twisted_*", 0 }, | - |
109 | { "Twisted*", 0x00000040 }, | - |
110 | { | - |
111 | ((void *)0) | - |
112 | , 0 } | - |
113 | }; | - |
114 | | - |
115 | | - |
116 | for (i = 0; check[i].patTRUE | evaluated 576 times by 1 test | FALSE | never evaluated |
; i++) { | 0-576 |
117 | if (match_pattern_list(version, check[i].pat, 0) == 1TRUE | evaluated 64 times by 1 test | FALSE | evaluated 512 times by 1 test |
) { | 64-512 |
118 | debug("match: %s pat %s compat 0x%08x", | - |
119 | version, check[i].pat, check[i].bugs); | - |
120 | datafellows = check[i].bugs; | - |
121 | returnexecuted 64 times by 1 test: return check[i].bugs; check[i].bugs;executed 64 times by 1 test: return check[i].bugs; | 64 |
122 | } | - |
123 | }executed 512 times by 1 test: end of block | 512 |
124 | debug("no match: %s", version); | - |
125 | return never executed: return 0; 0;never executed: return 0; | 0 |
126 | } | - |
127 | | - |
128 | | - |
129 | int | - |
130 | proto_spec(const char *spec) | - |
131 | { | - |
132 | char *s, *p, *q; | - |
133 | int ret = 0x00; | - |
134 | | - |
135 | if (spec == TRUE | never evaluated | FALSE | never evaluated |
| 0 |
136 | ((void *)0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
137 | ) | - |
138 | return never executed: return ret; ret;never executed: return ret; | 0 |
139 | q = s = | - |
140 | (__extension__ (__builtin_constant_p (TRUE | never evaluated | FALSE | never evaluated |
| 0 |
141 | specTRUE | never evaluated | FALSE | never evaluated |
| 0 |
142 | )TRUE | never evaluated | FALSE | never evaluated |
&& ((TRUE | never evaluated | FALSE | never evaluated |
size_t)(const void *)((TRUE | never evaluated | FALSE | never evaluated |
| 0 |
143 | specTRUE | never evaluated | FALSE | never evaluated |
| 0 |
144 | ) + 1) - (size_t)(const void *)(TRUE | never evaluated | FALSE | never evaluated |
| 0 |
145 | specTRUE | never evaluated | FALSE | never evaluated |
| 0 |
146 | ) == 1)TRUE | never evaluated | FALSE | never evaluated |
? (((constTRUE | never evaluated | FALSE | never evaluated |
char *) (TRUE | never evaluated | FALSE | never evaluated |
| 0 |
147 | specTRUE | never evaluated | FALSE | never evaluated |
| 0 |
148 | ))[0] == '\0'TRUE | never evaluated | FALSE | never evaluated |
? (char *) calloc ((size_t) 1, (size_t) 1) : ({ size_t __len = strlen ( | 0 |
149 | spec | - |
150 | ) + 1; char *__retval = (char *) malloc (__len); if (__retval != ((void *)0)TRUE | never evaluated | FALSE | never evaluated |
) __retval = (char *) memcpy (__retval, never executed: __retval = (char *) memcpy (__retval, spec , __len); | 0 |
151 | spec never executed: __retval = (char *) memcpy (__retval, spec , __len); | 0 |
152 | , __len); never executed: __retval = (char *) memcpy (__retval, spec , __len); __retval; })) : __strdup ( | 0 |
153 | spec | - |
154 | ))) | - |
155 | ; | - |
156 | if (s == TRUE | never evaluated | FALSE | never evaluated |
| 0 |
157 | ((void *)0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
158 | ) | - |
159 | return never executed: return ret; ret;never executed: return ret; | 0 |
160 | for ((p = | - |
161 | __extension__ ({ char __r0, __r1, __r2; (__builtin_constant_p ( | - |
162 | "," | - |
163 | ) && ((size_t)(const void *)(( | - |
164 | "," | - |
165 | ) + 1) - (size_t)(const void *)( | - |
166 | "," | - |
167 | ) == 1) && (__r0 = ((const char *) ( | - |
168 | "," | - |
169 | ))[0], ((const char *) ( | - |
170 | "," | - |
171 | ))[0] != '\0') ? ((__r1 = ((const char *) ( | - |
172 | "," | - |
173 | ))[1], ((const char *) ( | - |
174 | "," | - |
175 | ))[1] == '\0') ? __strsep_1c ( | - |
176 | &q | - |
177 | , __r0) : ((__r2 = ((const char *) ( | - |
178 | "," | - |
179 | ))[2], __r2 == '\0') ? __strsep_2c ( | - |
180 | &q | - |
181 | , __r0, __r1) : (((const char *) ( | - |
182 | "," | - |
183 | ))[3] == '\0' ? __strsep_3c ( | - |
184 | &q | - |
185 | , __r0, __r1, __r2) : __strsep_g ( | - |
186 | &q | - |
187 | , | - |
188 | "," | - |
189 | )))) : __strsep_g ( | - |
190 | &q | - |
191 | , | - |
192 | "," | - |
193 | )); }) | - |
194 | ); pTRUE | never evaluated | FALSE | never evaluated |
&& *TRUE | never evaluated | FALSE | never evaluated |
p != '\0'TRUE | never evaluated | FALSE | never evaluated |
; (p = | 0 |
195 | __extension__ ({ char __r0, __r1, __r2; (__builtin_constant_p ( | - |
196 | "," | - |
197 | ) && ((size_t)(const void *)(( | - |
198 | "," | - |
199 | ) + 1) - (size_t)(const void *)( | - |
200 | "," | - |
201 | ) == 1) && (__r0 = ((const char *) ( | - |
202 | "," | - |
203 | ))[0], ((const char *) ( | - |
204 | "," | - |
205 | ))[0] != '\0') ? ((__r1 = ((const char *) ( | - |
206 | "," | - |
207 | ))[1], ((const char *) ( | - |
208 | "," | - |
209 | ))[1] == '\0') ? __strsep_1c ( | - |
210 | &q | - |
211 | , __r0) : ((__r2 = ((const char *) ( | - |
212 | "," | - |
213 | ))[2], __r2 == '\0') ? __strsep_2c ( | - |
214 | &q | - |
215 | , __r0, __r1) : (((const char *) ( | - |
216 | "," | - |
217 | ))[3] == '\0' ? __strsep_3c ( | - |
218 | &q | - |
219 | , __r0, __r1, __r2) : __strsep_g ( | - |
220 | &q | - |
221 | , | - |
222 | "," | - |
223 | )))) : __strsep_g ( | - |
224 | &q | - |
225 | , | - |
226 | "," | - |
227 | )); }) | - |
228 | )) { | - |
229 | switch (atoi(p)) { | - |
230 | case never executed: case 2: 2:never executed: case 2: | 0 |
231 | ret |= 0x04; | - |
232 | break; never executed: break; | 0 |
233 | default never executed: default: :never executed: default: | 0 |
234 | logit("ignoring bad proto spec: '%s'.", p); | - |
235 | break; never executed: break; | 0 |
236 | } | - |
237 | } | - |
238 | free(s); | - |
239 | return never executed: return ret; ret;never executed: return ret; | 0 |
240 | } | - |
241 | | - |
242 | char * | - |
243 | compat_cipher_proposal(char *cipher_prop) | - |
244 | { | - |
245 | if (!(datafellows & 0x00001000)TRUE | never evaluated | FALSE | never evaluated |
) | 0 |
246 | return never executed: return cipher_prop; cipher_prop;never executed: return cipher_prop; | 0 |
247 | debug2("%s: original cipher proposal: %s", __func__, cipher_prop); | - |
248 | if ((TRUE | never evaluated | FALSE | never evaluated |
cipher_prop = match_filter_blacklist(cipher_prop, "aes*")) == TRUE | never evaluated | FALSE | never evaluated |
| 0 |
249 | ((void *)0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
250 | ) | - |
251 | fatal("match_filter_blacklist failed"); never executed: fatal("match_filter_blacklist failed"); | 0 |
252 | debug2("%s: compat cipher proposal: %s", __func__, cipher_prop); | - |
253 | if (*TRUE | never evaluated | FALSE | never evaluated |
cipher_prop == '\0'TRUE | never evaluated | FALSE | never evaluated |
) | 0 |
254 | fatal("No supported ciphers found"); never executed: fatal("No supported ciphers found"); | 0 |
255 | return never executed: return cipher_prop; cipher_prop;never executed: return cipher_prop; | 0 |
256 | } | - |
257 | | - |
258 | char * | - |
259 | compat_pkalg_proposal(char *pkalg_prop) | - |
260 | { | - |
261 | if (!(datafellows & 0x00002000)TRUE | never evaluated | FALSE | never evaluated |
) | 0 |
262 | return never executed: return pkalg_prop; pkalg_prop;never executed: return pkalg_prop; | 0 |
263 | debug2("%s: original public key proposal: %s", __func__, pkalg_prop); | - |
264 | if ((TRUE | never evaluated | FALSE | never evaluated |
pkalg_prop = match_filter_blacklist(pkalg_prop, "ssh-rsa")) == TRUE | never evaluated | FALSE | never evaluated |
| 0 |
265 | ((void *)0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
266 | ) | - |
267 | fatal("match_filter_blacklist failed"); never executed: fatal("match_filter_blacklist failed"); | 0 |
268 | debug2("%s: compat public key proposal: %s", __func__, pkalg_prop); | - |
269 | if (*TRUE | never evaluated | FALSE | never evaluated |
pkalg_prop == '\0'TRUE | never evaluated | FALSE | never evaluated |
) | 0 |
270 | fatal("No supported PK algorithms found"); never executed: fatal("No supported PK algorithms found"); | 0 |
271 | return never executed: return pkalg_prop; pkalg_prop;never executed: return pkalg_prop; | 0 |
272 | } | - |
273 | | - |
274 | char * | - |
275 | compat_kex_proposal(char *p) | - |
276 | { | - |
277 | if ((TRUE | never evaluated | FALSE | never evaluated |
datafellows & (0x10000000|0x00004000)) == 0TRUE | never evaluated | FALSE | never evaluated |
) | 0 |
278 | return never executed: return p; p;never executed: return p; | 0 |
279 | debug2("%s: original KEX proposal: %s", __func__, p); | - |
280 | if ((TRUE | never evaluated | FALSE | never evaluated |
datafellows & 0x10000000) != 0TRUE | never evaluated | FALSE | never evaluated |
) | 0 |
281 | if ((TRUE | never evaluated | FALSE | never evaluated |
p = match_filter_blacklist(p,TRUE | never evaluated | FALSE | never evaluated |
| 0 |
282 | "curve25519-sha256@libssh.org")) == TRUE | never evaluated | FALSE | never evaluated |
| 0 |
283 | ((void *)0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
284 | ) | - |
285 | fatal("match_filter_blacklist failed"); never executed: fatal("match_filter_blacklist failed"); | 0 |
286 | if ((TRUE | never evaluated | FALSE | never evaluated |
datafellows & 0x00004000) != 0TRUE | never evaluated | FALSE | never evaluated |
) { | 0 |
287 | if ((TRUE | never evaluated | FALSE | never evaluated |
p = match_filter_blacklist(p,TRUE | never evaluated | FALSE | never evaluated |
| 0 |
288 | "diffie-hellman-group-exchange-sha256,"TRUE | never evaluated | FALSE | never evaluated |
| 0 |
289 | "diffie-hellman-group-exchange-sha1")) == TRUE | never evaluated | FALSE | never evaluated |
| 0 |
290 | ((void *)0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
291 | ) | - |
292 | fatal("match_filter_blacklist failed"); never executed: fatal("match_filter_blacklist failed"); | 0 |
293 | } never executed: end of block | 0 |
294 | debug2("%s: compat KEX proposal: %s", __func__, p); | - |
295 | if (*TRUE | never evaluated | FALSE | never evaluated |
p == '\0'TRUE | never evaluated | FALSE | never evaluated |
) | 0 |
296 | fatal("No supported key exchange algorithms found"); never executed: fatal("No supported key exchange algorithms found"); | 0 |
297 | return never executed: return p; p;never executed: return p; | 0 |
298 | } | - |
| | |