diff options
Diffstat (limited to 'libgo/go/exp/ssh/transport.go')
| -rw-r--r-- | libgo/go/exp/ssh/transport.go | 36 |
1 files changed, 17 insertions, 19 deletions
diff --git a/libgo/go/exp/ssh/transport.go b/libgo/go/exp/ssh/transport.go index 2e7c955..e21bc4b 100644 --- a/libgo/go/exp/ssh/transport.go +++ b/libgo/go/exp/ssh/transport.go @@ -9,6 +9,7 @@ import ( "crypto" "crypto/cipher" "crypto/hmac" + "crypto/sha1" "crypto/subtle" "errors" "hash" @@ -266,7 +267,7 @@ func (c *common) setupKeys(d direction, K, H, sessionId []byte, hashFunc crypto. generateKeyMaterial(key, d.keyTag, K, H, sessionId, h) generateKeyMaterial(macKey, d.macKeyTag, K, H, sessionId, h) - c.mac = truncatingMAC{12, hmac.NewSHA1(macKey)} + c.mac = truncatingMAC{12, hmac.New(sha1.New, macKey)} cipher, err := cipherMode.createCipher(key, iv) if err != nil { @@ -328,6 +329,8 @@ func (t truncatingMAC) Size() int { return t.length } +func (t truncatingMAC) BlockSize() int { return t.hmac.BlockSize() } + // maxVersionStringBytes is the maximum number of bytes that we'll accept as a // version string. In the event that the client is talking a different protocol // we need to set a limit otherwise we will keep using more and more memory @@ -337,7 +340,7 @@ const maxVersionStringBytes = 1024 // Read version string as specified by RFC 4253, section 4.2. func readVersion(r io.Reader) ([]byte, error) { versionString := make([]byte, 0, 64) - var ok, seenCR bool + var ok bool var buf [1]byte forEachByte: for len(versionString) < maxVersionStringBytes { @@ -345,27 +348,22 @@ forEachByte: if err != nil { return nil, err } - b := buf[0] - - if !seenCR { - if b == '\r' { - seenCR = true - } - } else { - if b == '\n' { - ok = true - break forEachByte - } else { - seenCR = false - } + // The RFC says that the version should be terminated with \r\n + // but several SSH servers actually only send a \n. + if buf[0] == '\n' { + ok = true + break forEachByte } - versionString = append(versionString, b) + versionString = append(versionString, buf[0]) } if !ok { - return nil, errors.New("failed to read version string") + return nil, errors.New("ssh: failed to read version string") } - // We need to remove the CR from versionString - return versionString[:len(versionString)-1], nil + // There might be a '\r' on the end which we should remove. + if len(versionString) > 0 && versionString[len(versionString)-1] == '\r' { + versionString = versionString[:len(versionString)-1] + } + return versionString, nil } |