Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / external / openssh / 78928793fb23a3a4c80ae62eca6a7826b2987690^! / . / cipher.c
commit78928793fb23a3a4c80ae62eca6a7826b2987690[log] [tgz]
authorDamien Miller <djm@mindrot.org>Wed Apr 12 20:17:38 2000 +1000
committerDamien Miller <djm@mindrot.org>Wed Apr 12 20:17:38 2000 +1000
treeadd8a953ac4cf06877b91624fe7f647b17e6cf6f
parentefb4afe0265333ce554f699c2a19ae249dd8d1b5 [diff] [blame]
 - OpenBSD CVS updates:
   - [channels.c]
     repair x11-fwd
   - [sshconnect.c]
     fix passwd prompt for ssh2, less debugging output.
   - [clientloop.c compat.c dsa.c kex.c sshd.c]
     less debugging output
   - [kex.c kex.h sshconnect.c sshd.c]
     check for reasonable public DH values
   - [README.openssh2 cipher.c cipher.h compat.c compat.h readconf.c]
     [readconf.h servconf.c servconf.h ssh.c ssh.h sshconnect.c sshd.c]
     add Cipher and Protocol options to ssh/sshd, e.g.:
     ssh -o 'Protocol 1,2' if you prefer proto 1, ssh -o 'Ciphers
     arcfour,3des-cbc'
   - [sshd.c]
     print 1.99 only if server supports both

diff --git a/cipher.c b/cipher.c
index 8911ffe..27debf9 100644
--- a/cipher.c
+++ b/cipher.c

@@ -12,11 +12,11 @@
  */
 
 #include "includes.h"
-RCSID("$Id: cipher.c,v 1.16 2000/04/06 02:32:39 damien Exp $");
+RCSID("$Id: cipher.c,v 1.17 2000/04/12 10:17:39 damien Exp $");
 
 #include "ssh.h"
 #include "cipher.h"
-#include "config.h"
+#include "xmalloc.h"
 
 #ifdef HAVE_OPENSSL
 #include <openssl/md5.h>
@@ -26,7 +26,9 @@
 #endif
 
 /*
- * What kind of tripple DES are these 2 routines?
+ * This is used by SSH1:
+ *
+ * What kind of triple DES are these 2 routines?
  *
  * Why is there a redundant initialization vector?
  *
@@ -81,7 +83,7 @@
 }
 
 /*
- * SSH uses a variation on Blowfish, all bytes must be swapped before
+ * SSH1 uses a variation on Blowfish, all bytes must be swapped before
  * and after encryption/decryption. Thus the swap_bytes stuff (yuk).
  */
 static void
@@ -167,10 +169,34 @@
 {
 	if (cipher < 0 || cipher >= sizeof(cipher_names) / sizeof(cipher_names[0]) ||
 	    cipher_names[cipher] == NULL)
-		fatal("cipher_name: bad cipher number: %d", cipher);
+		fatal("cipher_name: bad cipher name: %d", cipher);
 	return cipher_names[cipher];
 }
 
+/* Returns 1 if the name of the ciphers are valid. */
+
+#define	CIPHER_SEP	","
+int
+ciphers_valid(const char *names)
+{
+	char *ciphers;
+	char *p;
+	int i;
+
+	if (strcmp(names, "") == 0)
+		return 0;
+	ciphers = xstrdup(names);
+	for ((p = strtok(ciphers, CIPHER_SEP)); p; (p = strtok(NULL, CIPHER_SEP))) {
+		i = cipher_number(p);
+		if (i == -1 || !(cipher_mask2() & (1 << i))) {
+			xfree(ciphers);
+			return 0;
+		}
+	}
+	xfree(ciphers);
+	return 1;
+}
+
 /*
  * Parses the name of the cipher.  Returns the number of the corresponding
  * cipher, or -1 on error.
@@ -271,7 +297,6 @@
 	memset(padded, 0, sizeof(padded));
 }
 
-
 void 
 cipher_set_key_iv(CipherContext * context, int cipher,
     const unsigned char *key, int keylen,