1 /* 2 * Dropbear - a SSH2 server 3 * SSH client implementation 4 * 5 * Copyright (c) 2002,2003 Matt Johnston 6 * Copyright (c) 2004 by Mihnea Stoenescu 7 * All rights reserved. 8 * 9 * Permission is hereby granted, free of charge, to any person obtaining a copy 10 * of this software and associated documentation files (the "Software"), to deal 11 * in the Software without restriction, including without limitation the rights 12 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell 13 * copies of the Software, and to permit persons to whom the Software is 14 * furnished to do so, subject to the following conditions: 15 * 16 * The above copyright notice and this permission notice shall be included in 17 * all copies or substantial portions of the Software. 18 * 19 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 20 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 21 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE 22 * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 23 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, 24 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE 25 * SOFTWARE. */ 26 27 #include "algo.h" 28 #include "dbutil.h" 29 30 /* match the first algorithm in the comma-separated list in buf which is 31 * also in localalgos[], or return NULL on failure. 32 * (*goodguess) is set to 1 if the preferred client/server algos match, 33 * 0 otherwise. This is used for checking if the kexalgo/hostkeyalgos are 34 * guessed correctly */ 35 algo_type * svr_buf_match_algo(buffer* buf, algo_type localalgos[], 36 int *goodguess) 37 { 38 39 unsigned char * algolist = NULL; 40 unsigned char * remotealgos[MAX_PROPOSED_ALGO]; 41 unsigned int len; 42 unsigned int count, i, j; 43 algo_type * ret = NULL; 44 45 *goodguess = 0; 46 47 /* get the comma-separated list from the buffer ie "algo1,algo2,algo3" */ 48 algolist = buf_getstring(buf, &len); 49 /* Debug this */ 50 TRACE(("buf_match_algo: %s", algolist)) 51 if (len > MAX_PROPOSED_ALGO*(MAX_NAME_LEN+1)) { 52 goto out; /* just a sanity check, no other use */ 53 } 54 55 /* remotealgos will contain a list of the strings parsed out */ 56 /* We will have at least one string (even if it's just "") */ 57 remotealgos[0] = algolist; 58 count = 1; 59 /* Iterate through, replacing ','s with NULs, to split it into 60 * words. */ 61 for (i = 0; i < len; i++) { 62 if (algolist[i] == '\0') { 63 /* someone is trying something strange */ 64 goto out; 65 } 66 if (algolist[i] == ',') { 67 algolist[i] = '\0'; 68 remotealgos[count] = &algolist[i+1]; 69 count++; 70 } 71 if (count == MAX_PROPOSED_ALGO) { 72 break; 73 } 74 } 75 76 /* iterate and find the first match */ 77 for (i = 0; i < count; i++) { 78 79 len = strlen(remotealgos[i]); 80 81 for (j = 0; localalgos[j].name != NULL; j++) { 82 if (localalgos[j].usable) { 83 if (len == strlen(localalgos[j].name) && 84 strncmp(localalgos[j].name, remotealgos[i], len) == 0) { 85 /* set if it was a good guess */ 86 if (i == 0 && j == 0) { 87 *goodguess = 1; 88 } 89 /* set the algo to return */ 90 ret = &localalgos[j]; 91 goto out; 92 } 93 } 94 } 95 } 96 97 out: 98 m_free(algolist); 99 return ret; 100 } 101
