[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: not checking ident in ssh?



Markus, it isn't so much that anything is wrong, as much as my
programmer's gut instinct asks why one is different from the other. I'm
also less than clear why it null-terminates the buffer upon reciept of
\r but then continues to read input.

If, however, you understand this piece of code, and find no problems
with it, that makes me happy enough. :)

* Markus Friedl <markus_(_dot_)_friedl_(_at_)_informatik_(_dot_)_uni-erlangen_(_dot_)_de> [001012 06:47]:
> i don't understand your problem. what is wrong?
> sshd just waits until a '\n' is received and
> parses the remote client version identification string.
> 
> On Wed, Oct 11, 2000 at 04:26:32PM -0700, Seth Arnold wrote:
> > * Jill Lundquist <jill_(_at_)_chezns_(_dot_)_org> [001011 15:25]:
> > > >I'd suggest trying the -V option as described in sshd(8). Let us know
> > > >how it works out. :)
> > > I've not found a version string to give -V that works.  Any ideas?
> > 
> > Sadly, (or gladly? :) none of my ssh clients have given me trouble wrt
> > version strings. :-/ If you have gone through the source, that is about
> > as much as I can do too.. I suggest something similar to: SSH-1.5-99 or
> > SSH-2.0-0 -- based on the code, anyway. (I'm not very good at C...)
> > 
> > On an only slightly related note, could someone with more experience
> > please look at /usr/src/usr.bin/ssh/sshd.c, starting roughly 296 lines
> > into the source...
> > 
> > One `if' statement uses `break', the other `continue'. I'm not entirely
> > sure why it would do different things depending on the next character
> > being \r as compared to \n. Like I said, if someone with experience
> > could look this over, it would make me feel better. :)
> > 
> >                 /* Read other side\'s version identification. */
> >                 for (i = 0; i < sizeof(buf) - 1; i++) {
> >                         if (atomicio(read, sock_in, &buf[i], 1) != 1) {
> >                                 log("Did not receive ident string from %s.", get_remote_ipaddr());
> >                                 fatal_cleanup();
> >                         }
> >                         if (buf[i] == '\r') {
> >                                 buf[i] = '\n';
> >                                 buf[i + 1] = 0;
> >                                 continue;      
> >                         }
> >                         if (buf[i] == '\n') {
> >                                 /* buf[i] == '\n' */
> >                                 buf[i + 1] = 0;
> >                                 break;
> >                         }
> >                 }
> >                 buf[sizeof(buf) - 1] = 0;
> >                 client_version_string = xstrdup(buf);
> > 
> > 




Visit your host, monkey.org