Single-DES encryption, patch courtesy of Murphy Lam

[u/mdw/putty] / ssh.c

diff --git a/ssh.c b/ssh.c
index f29f87c..edac182 100644 (file)
--- a/ssh.c
+++ b/ssh.c
@@ -76,7 +76,6 @@ static int s_read (char *buf, int len) {
 static void c_write (char *buf, int len) {
     while (len--) {
        int new_head = (inbuf_head + 1) & INBUF_MASK;
-       int c = (unsigned char) *buf;
        if (new_head != inbuf_reap) {
            inbuf[inbuf_head] = *buf++;
            inbuf_head = new_head;
@@ -101,10 +100,8 @@ static void ssh_size(void);
 
 static void ssh_gotdata(unsigned char *data, int datalen) {
     static long len, biglen, to_read;
-    static unsigned char c, *p;
+    static unsigned char *p;
     static int i, pad;
-    static char padding[8];
-    static unsigned char word[4];
 
     crBegin;
     while (1) {
@@ -159,6 +156,8 @@ static void ssh_gotdata(unsigned char *data, int datalen) {
 
        if (pktin.type == 36) {        /* SSH_MSG_DEBUG */
            /* FIXME: log it */
+       } else if (pktin.type == 32) { /* SSH_MSG_IGNORE */
+           /* do nothing */;
        } else
            ssh_protocol(NULL, 0, 1);
     }
@@ -214,6 +213,21 @@ static void s_wrpkt(void) {
     s_write(pktout.data, biglen+4);
 }
 
+static int ssh_versioncmp(char *a, char *b) {
+    char *ae, *be;
+    unsigned long av, bv;
+
+    av = strtoul(a, &ae);
+    bv = strtoul(b, &be);
+    if (av != bv) return (av < bv ? -1 : +1);
+    if (*ae == '.') ae++;
+    if (*be == '.') be++;
+    av = strtoul(ae, &ae);
+    bv = strtoul(be, &be);
+    if (av != bv) return (av < bv ? -1 : +1);
+    return 0;
+}
+
 static int do_ssh_init(void) {
     char c;
     char version[10];
@@ -249,8 +263,8 @@ static int do_ssh_init(void) {
            break;
     }
 
-    sprintf(vstring, "SSH-%s-7.7.7\n",
-           (strcmp(version, "1.5") <= 0 ? version : "1.5"));
+    sprintf(vstring, "SSH-%s-PuTTY\n",
+           (ssh_versioncmp(version, "1.5") <= 0 ? version : "1.5"));
     s_write(vstring, strlen(vstring));
     return 1;
 }
@@ -262,8 +276,12 @@ static void ssh_protocol(unsigned char *in, int inlen, int ispkt) {
     unsigned char cookie[8];
     struct RSAKey servkey, hostkey;
     struct MD5Context md5c;
+    unsigned long supported_ciphers_mask;
+    int cipher_type;
 
     extern struct ssh_cipher ssh_3des;
+    extern struct ssh_cipher ssh_des;
+    extern struct ssh_cipher ssh_blowfish;
 
     crBegin;
 
@@ -283,6 +301,11 @@ static void ssh_protocol(unsigned char *in, int inlen, int ispkt) {
 
     j = makekey(pktin.body+8+i, &hostkey, &keystr2);
 
+    supported_ciphers_mask = (pktin.body[12+i+j] << 24) |
+                             (pktin.body[13+i+j] << 16) |
+                             (pktin.body[14+i+j] << 8) |
+                             (pktin.body[15+i+j]);
+
     MD5Update(&md5c, keystr2, hostkey.bytes);
     MD5Update(&md5c, keystr1, servkey.bytes);
     MD5Update(&md5c, pktin.body, 8);
@@ -314,8 +337,16 @@ static void ssh_protocol(unsigned char *in, int inlen, int ispkt) {
        rsaencrypt(rsabuf, hostkey.bytes, &servkey);
     }
 
+    cipher_type = cfg.cipher == CIPHER_BLOWFISH ? SSH_CIPHER_BLOWFISH :
+                  cfg.cipher == CIPHER_DES ? SSH_CIPHER_DES : 
+                  SSH_CIPHER_3DES;
+    if ((supported_ciphers_mask & (1 << cipher_type)) == 0) {
+       c_write("Selected cipher not supported, falling back to 3DES\r\n", 53);
+       cipher_type = SSH_CIPHER_3DES;
+    }
+
     s_wrpkt_start(3, len+15);
-    pktout.body[0] = 3;                       /* SSH_CIPHER_3DES */
+    pktout.body[0] = cipher_type;
     memcpy(pktout.body+1, cookie, 8);
     pktout.body[9] = (len*8) >> 8;
     pktout.body[10] = (len*8) & 0xFF;
@@ -326,7 +357,9 @@ static void ssh_protocol(unsigned char *in, int inlen, int ispkt) {
 
     free(rsabuf);
 
-    cipher = &ssh_3des;
+    cipher = cipher_type == SSH_CIPHER_BLOWFISH ? &ssh_blowfish :
+             cipher_type == SSH_CIPHER_DES ? &ssh_des :
+             &ssh_3des;
     cipher->sesskey(session_key);
 
     do { crReturnV; } while (!ispkt);