X-Git-Url: https://git.distorted.org.uk/u/mdw/putty/blobdiff_plain/8406eaf9d5803bf5d5896220134de398aec6fb56..2c2f4dba28ea405dd544aecfd752cd9c99760828:/ssh.c

diff --git a/ssh.c b/ssh.c
index 7943d071..baa811fb 100644
--- a/ssh.c
+++ b/ssh.c
@@ -236,15 +236,13 @@ extern void pfd_override_throttle(Socket s, int enable);
 #define OUR_V2_WINSIZE 16384
 
 /*
- * Ciphers for SSH2. We miss out single-DES because it isn't
- * supported; also 3DES and Blowfish are both done differently from
- * SSH1. (3DES uses outer chaining; Blowfish has the opposite
- * endianness and different-sized keys.)
+ * Ciphers for SSH2.
  */
 const static struct ssh2_ciphers *ciphers[] = {
     &ssh2_aes,
     &ssh2_blowfish,
     &ssh2_3des,
+    &ssh2_des,
 };
 
 const static struct ssh_kex *kex_algs[] = {
@@ -3172,7 +3170,8 @@ static int do_ssh2_transport(unsigned char *in, int inlen, int ispkt)
 	    n_preferred_ciphers++;
 	    break;
 	  case CIPHER_DES:
-	    /* Not supported in SSH2; silently drop */
+	    preferred_ciphers[n_preferred_ciphers] = &ssh2_des;
+	    n_preferred_ciphers++;
 	    break;
 	  case CIPHER_3DES:
 	    preferred_ciphers[n_preferred_ciphers] = &ssh2_3des;
@@ -3353,6 +3352,11 @@ static int do_ssh2_transport(unsigned char *in, int inlen, int ispkt)
 	    break;
 	}
     }
+    if (!cscipher_tobe) {
+	bombout(("Couldn't agree a client-to-server cipher (available: %s)", str));
+	crReturn(0);
+    }
+
     ssh2_pkt_getstring(&str, &len);    /* server->client cipher */
     warn = 0;
     for (i = 0; i < n_preferred_ciphers; i++) {
@@ -3373,6 +3377,11 @@ static int do_ssh2_transport(unsigned char *in, int inlen, int ispkt)
 	    break;
 	}
     }
+    if (!sccipher_tobe) {
+	bombout(("Couldn't agree a server-to-client cipher (available: %s)", str));
+	crReturn(0);
+    }
+
     ssh2_pkt_getstring(&str, &len);    /* client->server mac */
     for (i = 0; i < nmacs; i++) {
 	if (in_commasep_string(maclist[i]->name, str, len)) {
@@ -4146,6 +4155,8 @@ static void do_ssh2_authconn(unsigned char *in, int inlen, int ispkt)
 
 		    ssh2_pkt_getstring(&prompt, &prompt_len);
 		    strncpy(pwprompt, prompt, sizeof(pwprompt));
+		    pwprompt[prompt_len < sizeof(pwprompt) ?
+			     prompt_len : sizeof(pwprompt)-1] = '\0';
 		    need_pw = TRUE;
 
 		    echo = ssh2_pkt_getbool();