From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 From: Luke Date: Sat, 30 Apr 2022 10:58:10 +0000 Subject: [PATCH] Assume SSH 2.0 and sidestep some scanf issues Co-Authored-By: Patrick Meyer --- kex.c | 13 +++++++++++-- 1 file changed, 11 insertions(+), 2 deletions(-) diff --git a/kex.c b/kex.c index 0bcd27d..2539cc2 100644 --- a/kex.c +++ b/kex.c @@ -1229,7 +1229,7 @@ kex_exchange_identification(struct ssh *ssh, int timeout_ms, sshbuf_reset(our_version); if (version_addendum != NULL && *version_addendum == '\0') version_addendum = NULL; - if ((r = sshbuf_putf(our_version, "SSH-%d.%d-%.100s%s%s\r\n", + if ((r = sshbuf_putf(our_version, "SSH-%d.%d-%s%s%s\r\n", PROTOCOL_MAJOR_2, PROTOCOL_MINOR_2, SSH_VERSION, version_addendum == NULL ? "" : " ", version_addendum == NULL ? "" : version_addendum)) != 0) { @@ -1257,7 +1257,7 @@ kex_exchange_identification(struct ssh *ssh, int timeout_ms, r = SSH_ERR_ALLOC_FAIL; goto out; } - debug("Local version string %.100s", our_version_string); + debug("Local version string %s", our_version_string); /* Read other side's version identification. */ for (n = 0; ; n++) { @@ -1353,6 +1353,7 @@ kex_exchange_identification(struct ssh *ssh, int timeout_ms, goto out; } +#ifndef __serenity__ /* * Check that the versions match. In future this might accept * several versions and set appropriate flags to handle them. @@ -1361,11 +1362,19 @@ kex_exchange_identification(struct ssh *ssh, int timeout_ms, &remote_major, &remote_minor, remote_version) != 3) { error("Bad remote protocol version identification: '%.100s'", peer_version_string); +#else + // Assume SSH2.0 for now + remote_major = 2; + remote_minor = 0; + // Don't want this executing with other paths but we still need the invalid label. + if (0) + { invalid: send_error(ssh, "Invalid SSH identification string."); r = SSH_ERR_INVALID_FORMAT; goto out; } +#endif debug("Remote protocol version %d.%d, remote software version %.100s", remote_major, remote_minor, remote_version); compat_banner(ssh, remote_version);