summaryrefslogtreecommitdiffhomepage
path: root/common-session.c
diff options
context:
space:
mode:
authorMatt Johnston <matt@ucc.asn.au>2007-02-03 08:20:34 +0000
committerMatt Johnston <matt@ucc.asn.au>2007-02-03 08:20:34 +0000
commitd9aeb2773e236e662c8b493f4bcee978f9908d7c (patch)
treebac48e388bf3ac739ae14cdf98da0eb4bb9d17bf /common-session.c
parent056b92bd4c8a42ce1843493310d382159166edb8 (diff)
parentc5fd7dd5548f28e32d846e39d17e5c4de4e769af (diff)
merge of '5fdf69ca60d1683cdd9f4c2595134bed26394834'
and '6b61c50f4cf888bea302ac8fcf5dbb573b443251' --HG-- extra : convert_revision : b1dd3b94e60a07a176dba2b035ac79968595990a
Diffstat (limited to 'common-session.c')
-rw-r--r--common-session.c16
1 files changed, 10 insertions, 6 deletions
diff --git a/common-session.c b/common-session.c
index e8dc650..b8ea6f7 100644
--- a/common-session.c
+++ b/common-session.c
@@ -229,13 +229,11 @@ void session_identification() {
/* write our version string, this blocks */
if (atomicio(write, ses.sock, LOCAL_IDENT "\r\n",
strlen(LOCAL_IDENT "\r\n")) == DROPBEAR_FAILURE) {
- dropbear_exit("Error writing ident string");
+ ses.remoteclosed();
}
- /* We allow up to 9 lines before the actual version string, to
- * account for wrappers/cruft etc. According to the spec only the client
- * needs to handle this, but no harm in letting the server handle it too */
- for (i = 0; i < 10; i++) {
+ /* If they send more than 50 lines, something is wrong */
+ for (i = 0; i < 50; i++) {
len = ident_readln(ses.sock, linebuf, sizeof(linebuf));
if (len < 0 && errno != EINTR) {
@@ -252,13 +250,19 @@ void session_identification() {
if (!done) {
TRACE(("err: %s for '%s'\n", strerror(errno), linebuf))
- dropbear_exit("Failed to get remote version");
+ ses.remoteclosed();
} else {
/* linebuf is already null terminated */
ses.remoteident = m_malloc(len);
memcpy(ses.remoteident, linebuf, len);
}
+ /* Shall assume that 2.x will be backwards compatible. */
+ if (strncmp(ses.remoteident, "SSH-2.", 6) != 0
+ && strncmp(ses.remoteident, "SSH-1.99-", 9) != 0) {
+ dropbear_exit("Incompatible remote version '%s'", ses.remoteident);
+ }
+
TRACE(("remoteident: %s", ses.remoteident))
}