X-Git-Url: https://git.distorted.org.uk/u/mdw/putty/blobdiff_plain/cba1e4b5171a9ee902db283e21272984a6ddf79a..96bd26de129f3e8c088d2c426a2f43584e6ca3ec:/ssh.c?ds=sidebyside diff --git a/ssh.c b/ssh.c index 55cecbd2..ee9345e4 100644 --- a/ssh.c +++ b/ssh.c @@ -2245,10 +2245,13 @@ static void ssh_detect_bugs(Ssh ssh, char *vstring) if (ssh->cfg.sshbug_rekey2 == FORCE_ON || (ssh->cfg.sshbug_rekey2 == AUTO && - (wc_match("OpenSSH_2.[0-4]*", imp) || + (wc_match("DigiSSH_2.0", imp) || + wc_match("OpenSSH_2.[0-4]*", imp) || wc_match("OpenSSH_2.5.[0-3]*", imp) || wc_match("Sun_SSH_1.0", imp) || - wc_match("Sun_SSH_1.0.1", imp)))) { + wc_match("Sun_SSH_1.0.1", imp) || + /* All versions <= 1.2.6 (they changed their format in 1.2.7) */ + wc_match("WeOnlyDo-*", imp)))) { /* * These versions have the SSH-2 rekey bug. */ @@ -2294,23 +2297,20 @@ static int do_ssh_init(Ssh ssh, unsigned char c) crBegin(ssh->do_ssh_init_crstate); - /* Search for the string "SSH-" in the input. */ - s->i = 0; - while (1) { - static const int transS[] = { 1, 2, 2, 1 }; - static const int transH[] = { 0, 0, 3, 0 }; - static const int transminus[] = { 0, 0, 0, -1 }; - if (c == 'S') - s->i = transS[s->i]; - else if (c == 'H') - s->i = transH[s->i]; - else if (c == '-') - s->i = transminus[s->i]; - else - s->i = 0; - if (s->i < 0) - break; - crReturn(1); /* get another character */ + /* Search for a line beginning with the string "SSH-" in the input. */ + for (;;) { + if (c != 'S') goto no; + crReturn(1); + if (c != 'S') goto no; + crReturn(1); + if (c != 'H') goto no; + crReturn(1); + if (c != '-') goto no; + break; + no: + while (c != '\012') + crReturn(1); + crReturn(1); } s->vstrsize = 16; @@ -2497,24 +2497,29 @@ static void ssh_gotdata(Ssh ssh, unsigned char *data, int datalen) * everything to s_rdpkt, and then pass the resulting packets * to the proper protocol handler. */ - if (datalen == 0) - crReturnV; - - /* - * Process queued data if there is any. - */ - ssh_process_queued_incoming_data(ssh); while (1) { - while (datalen > 0) { - if (ssh->frozen) + while (bufchain_size(&ssh->queued_incoming_data) > 0 || datalen > 0) { + if (ssh->frozen) { ssh_queue_incoming_data(ssh, &data, &datalen); - - ssh_process_incoming_data(ssh, &data, &datalen); - + /* This uses up all data and cannot cause anything interesting + * to happen; indeed, for anything to happen at all, we must + * return, so break out. */ + break; + } else if (bufchain_size(&ssh->queued_incoming_data) > 0) { + /* This uses up some or all data, and may freeze the + * session. */ + ssh_process_queued_incoming_data(ssh); + } else { + /* This uses up some or all data, and may freeze the + * session. */ + ssh_process_incoming_data(ssh, &data, &datalen); + } + /* FIXME this is probably EBW. */ if (ssh->state == SSH_STATE_CLOSED) return; } + /* We're out of data. Go and get some more. */ crReturnV; } crFinishV; @@ -5724,7 +5729,7 @@ static int do_ssh2_transport(Ssh ssh, void *vin, int inlen, * it would only confuse the layer above. */ if (s->activated_authconn) { - crReturn(1); + crReturn(0); } s->activated_authconn = TRUE;