ENABLE_USER_ALGO_LIST should work for the client

4 files changed, 27 insertions, 65 deletions

diff --git a/algo.h b/algo.h
index 73712c3..ad57037 100644
--- a/algo.h
+++ b/algo.h
@@ -89,7 +89,7 @@ algo_type * cli_buf_match_algo(buffer* buf, algo_type localalgos[],
 		int *goodguess);
 
 #ifdef ENABLE_USER_ALGO_LIST
-int check_user_algos(char* user_algo_list, algo_type * algos, 
+int check_user_algos(const char* user_algo_list, algo_type * algos, 
 		const char *algo_desc);
 char * algolist_string(algo_type algos[]);
 #endif
diff --git a/common-algo.c b/common-algo.c
index 5ed809b..65fb7b1 100644
--- a/common-algo.c
+++ b/common-algo.c
@@ -297,7 +297,7 @@ algolist_string(algo_type algos[])
 	return ret_list;
 }
 
-static int
+static algo_type*
 check_algo(const char* algo_name, algo_type *algos)
 {
 	algo_type *a;
@@ -305,32 +305,25 @@ check_algo(const char* algo_name, algo_type *algos)
 	{
 		if (strcmp(a->name, algo_name) == 0)
 		{
-			a->usable = 2;
-			return DROPBEAR_SUCCESS;
+			return a;
 		}
 	}
 
-	return DROPBEAR_FAILURE;
+	return NULL;
 }
 
-/* helper for check_user_algos */
 static void
 try_add_algo(const char *algo_name, algo_type *algos, 
-		const char *algo_desc, char ** out_list, int *num_ret)
+		const char *algo_desc, algo_type * new_algos, int *num_ret)
 {
-	if (check_algo(algo_name, algos) == DROPBEAR_FAILURE)
+	algo_type *match_algo = check_algo(algo_name, algos);
+	if (!match_algo)
 	{
 		dropbear_log(LOG_WARNING, "This Dropbear program does not support '%s' %s algorithm", algo_name, algo_desc);
 		return;
 	}
 
-	if (*num_ret != 0)
-	{
-		**out_list = ',';
-		(*out_list)++;
-	}
-
-	*out_list += sprintf(*out_list, "%s", algo_name);
+	new_algos[*num_ret] = *match_algo;
 	(*num_ret)++;
 }
 
@@ -338,41 +331,32 @@ try_add_algo(const char *algo_name, algo_type *algos,
  * options. Any that are not acceptable are removed in-place. Returns the
  * number of valid algorithms. */
 int
-check_user_algos(char* user_algo_list, algo_type * algos, 
+check_user_algos(const char* user_algo_list, algo_type * algos, 
 		const char *algo_desc)
 {
+	algo_type new_algos[MAX_PROPOSED_ALGO];
 	/* this has two passes. first we sweep through the given list of
 	 * algorithms and mark them as usable=2 in the algo_type[] array... */
 	int num_ret = 0;
 	char *work_list = m_strdup(user_algo_list);
 	char *last_name = work_list;
-	char *out_list = user_algo_list;
 	char *c;
 	for (c = work_list; *c; c++)
 	{
 		if (*c == ',')
 		{
 			*c = '\0';
-			try_add_algo(last_name, algos, algo_desc, &out_list, &num_ret);
+			try_add_algo(last_name, algos, algo_desc, new_algos, &num_ret);
 			last_name = c++;
 		}
 	}
-	try_add_algo(last_name, algos, algo_desc, &out_list, &num_ret);
+	try_add_algo(last_name, algos, algo_desc, new_algos, &num_ret);
 	m_free(work_list);
 
-	/* ...then we mark anything with usable==1 as usable=0, and 
-	 * usable==2 as usable=1. */
-	algo_type *a;
-	for (a = algos; a->name != NULL; a++)
-	{
-		if (a->usable == 1)
-		{
-			a->usable = 0;
-		} else if (a->usable == 2)
-		{
-			a->usable = 1;
-		}
-	}
+	new_algos[num_ret].name = NULL;
+
+	/* Copy one more as a blank delimiter */
+	memcpy(algos, new_algos, sizeof(*new_algos) * (num_ret+1));
 	return num_ret;
 }
 #endif // ENABLE_USER_ALGO_LIST
diff --git a/common-kex.c b/common-kex.c
index d4de5cb..4bd9b78 100644
--- a/common-kex.c
+++ b/common-kex.c
@@ -106,39 +106,17 @@ void send_msg_kexinit() {
 	/* server_host_key_algorithms */
 	buf_put_algolist(ses.writepayload, sshhostkey);
 
-#ifdef ENABLE_USER_ALGO_LIST
-	if (opts.cipher_list)
-	{
-		/* encryption_algorithms_client_to_server */
-		buf_putbytes(ses.writepayload, opts.cipher_list, strlen(opts.cipher_list));
-		/* encryption_algorithms_server_to_client */
-		buf_putbytes(ses.writepayload, opts.cipher_list, strlen(opts.cipher_list));
-	}
-	else
-#endif
-	{
-		/* encryption_algorithms_client_to_server */
-		buf_put_algolist(ses.writepayload, sshciphers);
-		/* encryption_algorithms_server_to_client */
-		buf_put_algolist(ses.writepayload, sshciphers);
-	}
+	/* encryption_algorithms_client_to_server */
+	buf_put_algolist(ses.writepayload, sshciphers);
 
-#ifdef ENABLE_USER_ALGO_LIST
-	if (opts.mac_list)
-	{
-		/* mac_algorithms_client_to_server */
-		buf_putbytes(ses.writepayload, opts.mac_list, strlen(opts.mac_list));
-		/* mac_algorithms_server_to_client */
-		buf_putbytes(ses.writepayload, opts.mac_list, strlen(opts.mac_list));
-	}
-	else
-#endif
-	{
-		/* mac_algorithms_client_to_server */
-		buf_put_algolist(ses.writepayload, sshhashes);
-		/* mac_algorithms_server_to_client */
-		buf_put_algolist(ses.writepayload, sshhashes);
-	}
+	/* encryption_algorithms_server_to_client */
+	buf_put_algolist(ses.writepayload, sshciphers);
+
+	/* mac_algorithms_client_to_server */
+	buf_put_algolist(ses.writepayload, sshhashes);
+
+	/* mac_algorithms_server_to_client */
+	buf_put_algolist(ses.writepayload, sshhashes);
 
 
 	/* compression_algorithms_client_to_server */
diff --git a/options.h b/options.h
index c0e25f5..9fdec4b 100644
--- a/options.h
+++ b/options.h
@@ -81,7 +81,7 @@ much traffic. */
 #define ENABLE_CLI_NETCAT
 
 /* Whether to support "-c" and "-m" flags to choose ciphers/MACs at runtime */
-/* #define ENABLE_USER_ALGO_LIST*/
+#define ENABLE_USER_ALGO_LIST
 
 /* Encryption - at least one required.
  * Protocol RFC requires 3DES and recommends AES128 for interoperability.