crypto/openssh/compat.c

   1 /* $OpenBSD: compat.c,v 1.106 2018/02/16 04:43:11 dtucker Exp $ */
   2 /*
   3  * Copyright (c) 1999, 2000, 2001, 2002 Markus Friedl.  All rights reserved.
   4  *
   5  * Redistribution and use in source and binary forms, with or without
   6  * modification, are permitted provided that the following conditions
   7  * are met:
   8  * 1. Redistributions of source code must retain the above copyright
   9  *    notice, this list of conditions and the following disclaimer.
  10  * 2. Redistributions in binary form must reproduce the above copyright
  11  *    notice, this list of conditions and the following disclaimer in the
  12  *    documentation and/or other materials provided with the distribution.
  13  *
  14  * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
  15  * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
  16  * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
  17  * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
  18  * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
  19  * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
  20  * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
  21  * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
  22  * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
  23  * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  24  */
  25
  26 #include "includes.h"
  27
  28 #include <sys/types.h>
  29
  30 #include <stdlib.h>
  31 #include <string.h>
  32 #include <stdarg.h>
  33
  34 #include "xmalloc.h"
  35 #include "buffer.h"
  36 #include "packet.h"
  37 #include "compat.h"
  38 #include "log.h"
  39 #include "match.h"
  40 #include "kex.h"
  41
  42 int datafellows = 0;
  43
  44 /* datafellows bug compatibility */
  45 u_int
  46 compat_datafellows(const char *version)
  47 {
  48         int i;
  49         static struct {
  50                 char    *pat;
  51                 int     bugs;
  52         } check[] = {
  53                 { "OpenSSH_2.*,"
  54                   "OpenSSH_3.0*,"
  55                   "OpenSSH_3.1*",       SSH_BUG_EXTEOF|SSH_OLD_FORWARD_ADDR},
  56                 { "OpenSSH_3.*",        SSH_OLD_FORWARD_ADDR },
  57                 { "Sun_SSH_1.0*",       SSH_BUG_NOREKEY|SSH_BUG_EXTEOF},
  58                 { "OpenSSH_2*,"
  59                   "OpenSSH_3*,"
  60                   "OpenSSH_4*",         0 },
  61                 { "OpenSSH_5*",         SSH_NEW_OPENSSH|SSH_BUG_DYNAMIC_RPORT},
  62                 { "OpenSSH_6.6.1*",     SSH_NEW_OPENSSH},
  63                 { "OpenSSH_6.5*,"
  64                   "OpenSSH_6.6*",       SSH_NEW_OPENSSH|SSH_BUG_CURVE25519PAD},
  65                 { "OpenSSH*",           SSH_NEW_OPENSSH },
  66                 { "*MindTerm*",         0 },
  67                 { "3.0.*",              SSH_BUG_DEBUG },
  68                 { "3.0 SecureCRT*",     SSH_OLD_SESSIONID },
  69                 { "1.7 SecureFX*",      SSH_OLD_SESSIONID },
  70                 { "1.2.18*,"
  71                   "1.2.19*,"
  72                   "1.2.20*,"
  73                   "1.2.21*,"
  74                   "1.2.22*",            SSH_BUG_IGNOREMSG },
  75                 { "1.3.2*",             /* F-Secure */
  76                                         SSH_BUG_IGNOREMSG },
  77                 { "Cisco-1.*",          SSH_BUG_DHGEX_LARGE|
  78                                         SSH_BUG_HOSTKEYS },
  79                 { "*SSH Compatible Server*",                    /* Netscreen */
  80                                         SSH_BUG_PASSWORDPAD },
  81                 { "*OSU_0*,"
  82                   "OSU_1.0*,"
  83                   "OSU_1.1*,"
  84                   "OSU_1.2*,"
  85                   "OSU_1.3*,"
  86                   "OSU_1.4*,"
  87                   "OSU_1.5alpha1*,"
  88                   "OSU_1.5alpha2*,"
  89                   "OSU_1.5alpha3*",     SSH_BUG_PASSWORDPAD },
  90                 { "*SSH_Version_Mapper*",
  91                                         SSH_BUG_SCANNER },
  92                 { "PuTTY_Local:*,"      /* dev versions < Sep 2014 */
  93                   "PuTTY-Release-0.5*," /* 0.50-0.57, DH-GEX in >=0.52 */
  94                   "PuTTY_Release_0.5*," /* 0.58-0.59 */
  95                   "PuTTY_Release_0.60*,"
  96                   "PuTTY_Release_0.61*,"
  97                   "PuTTY_Release_0.62*,"
  98                   "PuTTY_Release_0.63*,"
  99                   "PuTTY_Release_0.64*",
 100                                         SSH_OLD_DHGEX },
 101                 { "FuTTY*",             SSH_OLD_DHGEX }, /* Putty Fork */
 102                 { "Probe-*",
 103                                         SSH_BUG_PROBE },
 104                 { "TeraTerm SSH*,"
 105                   "TTSSH/1.5.*,"
 106                   "TTSSH/2.1*,"
 107                   "TTSSH/2.2*,"
 108                   "TTSSH/2.3*,"
 109                   "TTSSH/2.4*,"
 110                   "TTSSH/2.5*,"
 111                   "TTSSH/2.6*,"
 112                   "TTSSH/2.70*,"
 113                   "TTSSH/2.71*,"
 114                   "TTSSH/2.72*",        SSH_BUG_HOSTKEYS },
 115                 { "WinSCP_release_4*,"
 116                   "WinSCP_release_5.0*,"
 117                   "WinSCP_release_5.1,"
 118                   "WinSCP_release_5.1.*,"
 119                   "WinSCP_release_5.5,"
 120                   "WinSCP_release_5.5.*,"
 121                   "WinSCP_release_5.6,"
 122                   "WinSCP_release_5.6.*,"
 123                   "WinSCP_release_5.7,"
 124                   "WinSCP_release_5.7.1,"
 125                   "WinSCP_release_5.7.2,"
 126                   "WinSCP_release_5.7.3,"
 127                   "WinSCP_release_5.7.4",
 128                                         SSH_OLD_DHGEX },
 129                 { "ConfD-*",
 130                                         SSH_BUG_UTF8TTYMODE },
 131                 { NULL,                 0 }
 132         };
 133
 134         /* process table, return first match */
 135         for (i = 0; check[i].pat; i++) {
 136                 if (match_pattern_list(version, check[i].pat, 0) == 1) {
 137                         debug("match: %s pat %s compat 0x%08x",
 138                             version, check[i].pat, check[i].bugs);
 139                         datafellows = check[i].bugs;    /* XXX for now */
 140                         return check[i].bugs;
 141                 }
 142         }
 143         debug("no match: %s", version);
 144         return 0;
 145 }
 146
 147 #define SEP     ","
 148 int
 149 proto_spec(const char *spec)
 150 {
 151         char *s, *p, *q;
 152         int ret = SSH_PROTO_UNKNOWN;
 153
 154         if (spec == NULL)
 155                 return ret;
 156         q = s = strdup(spec);
 157         if (s == NULL)
 158                 return ret;
 159         for ((p = strsep(&q, SEP)); p && *p != '\0'; (p = strsep(&q, SEP))) {
 160                 switch (atoi(p)) {
 161                 case 2:
 162                         ret |= SSH_PROTO_2;
 163                         break;
 164                 default:
 165                         logit("ignoring bad proto spec: '%s'.", p);
 166                         break;
 167                 }
 168         }
 169         free(s);
 170         return ret;
 171 }
 172
 173 char *
 174 compat_cipher_proposal(char *cipher_prop)
 175 {
 176         if (!(datafellows & SSH_BUG_BIGENDIANAES))
 177                 return cipher_prop;
 178         debug2("%s: original cipher proposal: %s", __func__, cipher_prop);
 179         if ((cipher_prop = match_filter_list(cipher_prop, "aes*")) == NULL)
 180                 fatal("match_filter_list failed");
 181         debug2("%s: compat cipher proposal: %s", __func__, cipher_prop);
 182         if (*cipher_prop == '\0')
 183                 fatal("No supported ciphers found");
 184         return cipher_prop;
 185 }
 186
 187 char *
 188 compat_pkalg_proposal(char *pkalg_prop)
 189 {
 190         if (!(datafellows & SSH_BUG_RSASIGMD5))
 191                 return pkalg_prop;
 192         debug2("%s: original public key proposal: %s", __func__, pkalg_prop);
 193         if ((pkalg_prop = match_filter_list(pkalg_prop, "ssh-rsa")) == NULL)
 194                 fatal("match_filter_list failed");
 195         debug2("%s: compat public key proposal: %s", __func__, pkalg_prop);
 196         if (*pkalg_prop == '\0')
 197                 fatal("No supported PK algorithms found");
 198         return pkalg_prop;
 199 }
 200
 201 char *
 202 compat_kex_proposal(char *p)
 203 {
 204         if ((datafellows & (SSH_BUG_CURVE25519PAD|SSH_OLD_DHGEX)) == 0)
 205                 return p;
 206         debug2("%s: original KEX proposal: %s", __func__, p);
 207         if ((datafellows & SSH_BUG_CURVE25519PAD) != 0)
 208                 if ((p = match_filter_list(p,
 209                     "curve25519-sha256@libssh.org")) == NULL)
 210                         fatal("match_filter_list failed");
 211         if ((datafellows & SSH_OLD_DHGEX) != 0) {
 212                 if ((p = match_filter_list(p,
 213                     "diffie-hellman-group-exchange-sha256,"
 214                     "diffie-hellman-group-exchange-sha1")) == NULL)
 215                         fatal("match_filter_list failed");
 216         }
 217         debug2("%s: compat KEX proposal: %s", __func__, p);
 218         if (*p == '\0')
 219                 fatal("No supported key exchange algorithms found");
 220         return p;
 221 }
 222