fix/redo OLD_DHGEX compat
git-svn-id: file:///home/svn/framework3/trunk@10573 4d416f70-5f16-0410-b530-b9f4589650daunstable
parent
64ad40dc17
commit
87cc978ed9
|
@ -26,5 +26,11 @@ module Net; module SSH; module Transport
|
|||
KEXDH_INIT = 30
|
||||
KEXDH_REPLY = 31
|
||||
|
||||
#--
|
||||
# Compatability flags
|
||||
#++
|
||||
|
||||
COMPAT_OLD_DHGEX = 0x1
|
||||
|
||||
end
|
||||
end; end; end
|
|
@ -35,20 +35,11 @@ module Net::SSH::Transport::Kex
|
|||
def get_parameters
|
||||
compute_need_bits
|
||||
|
||||
# Do we need to use the old request?
|
||||
do_SSH_OLD_DHGEX = false
|
||||
if (data[:server_version_string] =~ /OpenSSH_2\.[0-3]/)
|
||||
do_SSH_OLD_DHGEX = true
|
||||
elsif (data[:server_version_string] =~ /OpenSSH_2\.5\.[0-2]/)
|
||||
do_SSH_OLD_DHGEX = true
|
||||
end
|
||||
|
||||
if (do_SSH_OLD_DHGEX)
|
||||
# request the DH key parameters for the given number of bits.
|
||||
if connection.compat_flags & COMPAT_OLD_DHGEX
|
||||
buffer = Net::SSH::Buffer.from(:byte, KEXDH_GEX_REQUEST_OLD, :long,
|
||||
data[:need_bits])
|
||||
else
|
||||
# request the DH key parameters for the given number of bits.
|
||||
buffer = Net::SSH::Buffer.from(:byte, KEXDH_GEX_REQUEST, :long, MINIMUM_BITS,
|
||||
:long, data[:need_bits], :long, MAXIMUM_BITS)
|
||||
end
|
||||
|
@ -80,9 +71,11 @@ module Net::SSH::Transport::Kex
|
|||
data[:client_algorithm_packet],
|
||||
data[:server_algorithm_packet],
|
||||
result[:key_blob]
|
||||
response.write_long MINIMUM_BITS,
|
||||
data[:need_bits],
|
||||
MAXIMUM_BITS
|
||||
|
||||
response.write_long MINIMUM_BITS if not connection.compat_flags & COMPAT_OLD_DHGEX
|
||||
response.write_long data[:need_bits]
|
||||
response.write_long MAXIMUM_BITS if not connection.compat_flags & COMPAT_OLD_DHGEX
|
||||
|
||||
response.write_bignum dh.p, dh.g, dh.pub_key,
|
||||
result[:server_dh_pubkey],
|
||||
result[:shared_secret]
|
||||
|
|
|
@ -40,6 +40,9 @@ module Net; module SSH; module Transport
|
|||
# version.
|
||||
attr_reader :server_version
|
||||
|
||||
# Internal compatability flags (hacks/tweaks/etc)
|
||||
attr_reader :compat_flags
|
||||
|
||||
# The Algorithms instance used to perform key exchanges.
|
||||
attr_reader :algorithms
|
||||
|
||||
|
@ -76,6 +79,8 @@ module Net; module SSH; module Transport
|
|||
}
|
||||
)
|
||||
}
|
||||
# Tell MSF to automatically close this socket on error or completion...
|
||||
# This prevents resource leaks.
|
||||
options[:msfmodule].add_socket(@socket)
|
||||
end
|
||||
|
||||
|
@ -90,6 +95,13 @@ module Net; module SSH; module Transport
|
|||
|
||||
@server_version = ServerVersion.new(socket, logger)
|
||||
|
||||
# Compatability settings
|
||||
ver = @server_version.version
|
||||
@compat_flags = 0
|
||||
if ver =~ /OpenSSH_2\.[0-3]/ or ver =~ /OpenSSH_2\.5\.[0-2]/
|
||||
@compat_flags |= COMPAT_OLD_DHGEX
|
||||
end
|
||||
|
||||
@algorithms = Algorithms.new(self, options)
|
||||
wait { algorithms.initialized? }
|
||||
end
|
||||
|
|
Loading…
Reference in New Issue