[project @ Arch-1:robey@lag.net--2003-public%secsh--dev--1.0--patch-11]

in server mode, don't offer keys we don't have
(from Paolo Losi) in server mode, when advertising which key methods we
support, don't list methods that we don't have any existing keys for.
This commit is contained in:
Robey Pointer 2003-12-23 06:44:56 +00:00
parent 11815d4d83
commit e7715095b6
1 changed files with 8 additions and 2 deletions

View File

@ -524,11 +524,15 @@ class BaseTransport(threading.Thread):
# FIXME: can't do group-exchange (gex) yet -- too slow # FIXME: can't do group-exchange (gex) yet -- too slow
if 'diffie-hellman-group-exchange-sha1' in self.preferred_kex: if 'diffie-hellman-group-exchange-sha1' in self.preferred_kex:
self.preferred_kex.remove('diffie-hellman-group-exchange-sha1') self.preferred_kex.remove('diffie-hellman-group-exchange-sha1')
available_server_keys = filter(self.server_key_dict.keys().__contains__,
self.preferred_keys)
m = Message() m = Message()
m.add_byte(chr(MSG_KEXINIT)) m.add_byte(chr(MSG_KEXINIT))
m.add_bytes(randpool.get_bytes(16)) m.add_bytes(randpool.get_bytes(16))
m.add(','.join(self.preferred_kex)) m.add(','.join(self.preferred_kex))
m.add(','.join(self.preferred_keys)) m.add(','.join(self.available_server_keys))
m.add(','.join(self.preferred_ciphers)) m.add(','.join(self.preferred_ciphers))
m.add(','.join(self.preferred_ciphers)) m.add(','.join(self.preferred_ciphers))
m.add(','.join(self.preferred_macs)) m.add(','.join(self.preferred_macs))
@ -579,7 +583,9 @@ class BaseTransport(threading.Thread):
self.kex_engine = self.kex_info[agreed_kex[0]](self) self.kex_engine = self.kex_info[agreed_kex[0]](self)
if self.server_mode: if self.server_mode:
agreed_keys = filter(self.preferred_keys.__contains__, server_key_algo_list) available_server_keys = filter(self.server_key_dict.keys().__contains__,
self.preferred_keys)
agreed_keys = filter(available_server_keys.__contains__, server_key_algo_list)
else: else:
agreed_keys = filter(server_key_algo_list.__contains__, self.preferred_keys) agreed_keys = filter(server_key_algo_list.__contains__, self.preferred_keys)
if len(agreed_keys) == 0: if len(agreed_keys) == 0: