Modify bug-compatibility checks to use wildcards. Should have exactly the

same behaviour as before (tested a little bit), but should be easier to
expand.
(This is the easy bit -- work still needs to be done to fix
ssh2-keyderive-nonbug, vshell-no-bug-compat, etc -- but should be easier
now.)

[originally from svn r2293]

diff --git a/Recipe b/Recipe
index 778eb0d0a9214a7b2730d3e3e16c1d97830d454a..3b1ed12d6aa1f505d314133a1ecbf6e9ae056911 100644 (file)
--- a/Recipe
+++ b/Recipe
@@ -98,7 +98,7 @@ NONSSH   = telnet raw rlogin ldisc
 # SSH back end (putty, plink, pscp, psftp).
 SSH      = ssh sshcrc sshdes sshmd5 sshrsa sshrand sshsha sshblowf
          + sshdh sshcrcda sshpubk sshzlib sshdss x11fwd portfwd
-         + sshaes sshsh512 sshbn
+         + sshaes sshsh512 sshbn wildcard
 WINSSH   = SSH noise pageantc
 UXSSH    = SSH uxnoise uxagentc
 

diff --git a/ssh.c b/ssh.c
index 99721f85e2b1b49d2401ed227374e0c9392953e8..6c60bd2a6a1739886b37eeb9df6c03d10938ada8 100644 (file)
--- a/ssh.c
+++ b/ssh.c
@@ -1776,9 +1776,9 @@ static void ssh_detect_bugs(Ssh ssh, char *vstring)
 
     if (cfg.sshbug_hmac2 == BUG_ON ||
        (cfg.sshbug_hmac2 == BUG_AUTO &&
-        (!strncmp(imp, "2.1.0", 5) || !strncmp(imp, "2.0.", 4) ||
-         !strncmp(imp, "2.2.0", 5) || !strncmp(imp, "2.3.0", 5) ||
-         !strncmp(imp, "2.1 ", 4)))) {
+        (wc_match("2.1.0*", imp) || wc_match("2.0.*", imp) ||
+         wc_match("2.2.0*", imp) || wc_match("2.3.0*", imp) ||
+         wc_match("2.1 *", imp)))) {
        /*
         * These versions have the HMAC bug.
         */
@@ -1788,7 +1788,7 @@ static void ssh_detect_bugs(Ssh ssh, char *vstring)
 
     if (cfg.sshbug_derivekey2 == BUG_ON ||
        (cfg.sshbug_derivekey2 == BUG_AUTO &&
-        (!strncmp(imp, "2.0.", 4)))) {
+        (wc_match("2.0.*", imp)))) {
        /*
         * These versions have the key-derivation bug (failing to
         * include the literal shared secret in the hashes that
@@ -1800,8 +1800,8 @@ static void ssh_detect_bugs(Ssh ssh, char *vstring)
 
     if (cfg.sshbug_rsapad2 == BUG_ON ||
        (cfg.sshbug_rsapad2 == BUG_AUTO &&
-        ((!strncmp(imp, "OpenSSH_2.", 10) && imp[10]>='5' && imp[10]<='9') ||
-         (!strncmp(imp, "OpenSSH_3.", 10) && imp[10]>='0' && imp[10]<='2')))){
+        (wc_match("OpenSSH_2.[5-9]*", imp) ||
+         wc_match("OpenSSH_3.[0-2]*", imp)))) {
        /*
         * These versions have the SSH2 RSA padding bug.
         */
@@ -1811,7 +1811,7 @@ static void ssh_detect_bugs(Ssh ssh, char *vstring)
 
     if (cfg.sshbug_dhgex2 == BUG_ON) {
        /*
-        * These versions have the SSH2 DH GEX bug.
+        * User specified the SSH2 DH GEX bug.
         */
        ssh->remote_bugs |= BUG_SSH2_DH_GEX;
        logevent("We believe remote version has SSH2 DH group exchange bug");