char * compat_kex_proposal(ncrack_ssh_state *nstate, char *p) { if ((nstate->datafellows & (SSH_BUG_CURVE25519PAD|SSH_OLD_DHGEX)) == 0) return p; debug2("%s: original KEX proposal: %s", __func__, p); if ((nstate->datafellows & SSH_BUG_CURVE25519PAD) != 0) p = filter_proposal(p, "*****@*****.**"); if ((nstate->datafellows & SSH_OLD_DHGEX) != 0) { p = filter_proposal(p, "diffie-hellman-group-exchange-sha256"); p = filter_proposal(p, "diffie-hellman-group-exchange-sha1"); } debug2("%s: compat KEX proposal: %s", __func__, p); if (*p == '\0') fatal("No supported key exchange algorithms found"); return p; }
char * compat_pkalg_proposal(ncrack_ssh_state *nstate, char *pkalg_prop) { if (!(nstate->datafellows & SSH_BUG_RSASIGMD5)) return pkalg_prop; debug2("%s: original public key proposal: %s", __func__, pkalg_prop); pkalg_prop = filter_proposal(pkalg_prop, "ssh-rsa"); debug2("%s: compat public key proposal: %s", __func__, pkalg_prop); if (*pkalg_prop == '\0') fatal("No supported PK algorithms found"); return pkalg_prop; }
char * compat_cipher_proposal(ncrack_ssh_state *nstate, char *cipher_prop) { if (!(nstate->datafellows & SSH_BUG_BIGENDIANAES)) return cipher_prop; debug2("%s: original cipher proposal: %s", __func__, cipher_prop); cipher_prop = filter_proposal(cipher_prop, "aes*"); debug2("%s: compat cipher proposal: %s", __func__, cipher_prop); if (*cipher_prop == '\0') fatal("No supported ciphers found"); return cipher_prop; }
char * compat_kex_proposal(char *kex_prop, u_int compat) { if (!(compat & SSH_BUG_CURVE25519PAD)) return kex_prop; debug2("%s: original KEX proposal: %s", __func__, kex_prop); kex_prop = filter_proposal(kex_prop, "*****@*****.**"); debug2("%s: compat KEX proposal: %s", __func__, kex_prop); if (*kex_prop == '\0') fatal("No supported key exchange algorithms found"); return kex_prop; }
char * compat_pkalg_proposal(char *pkalg_prop, u_int compat) { if (!(compat & SSH_BUG_RSASIGMD5)) return pkalg_prop; debug2("%s: original public key proposal: %s", __func__, pkalg_prop); pkalg_prop = filter_proposal(pkalg_prop, "ssh-rsa"); debug2("%s: compat public key proposal: %s", __func__, pkalg_prop); if (*pkalg_prop == '\0') fatal("No supported PK algorithms found"); return pkalg_prop; }
char * compat_cipher_proposal(char *cipher_prop, u_int compat) { if (!(compat & SSH_BUG_BIGENDIANAES)) return cipher_prop; debug2("%s: original cipher proposal: %s", __func__, cipher_prop); cipher_prop = filter_proposal(cipher_prop, "aes*"); debug2("%s: compat cipher proposal: %s", __func__, cipher_prop); if (*cipher_prop == '\0') fatal("No supported ciphers found"); return cipher_prop; }