Skip to content

Commit

Permalink
Merge pull request #1 from waylayio/fix/remove-BAD_DHGEX-compatibilit…
Browse files Browse the repository at this point in the history
…y-flag

fix: remove BAD_DHGEX compatibility flag
  • Loading branch information
claudiu-muresan-pfa authored Jul 15, 2024
2 parents f96c43e + db89f42 commit 64e4948
Show file tree
Hide file tree
Showing 4 changed files with 10 additions and 58 deletions.
4 changes: 4 additions & 0 deletions .gitignore
Original file line number Diff line number Diff line change
@@ -0,0 +1,4 @@
node_modules
.eslintcache
package-lock.json
lib/protocol/crypto/**
2 changes: 0 additions & 2 deletions lib/protocol/constants.js
Original file line number Diff line number Diff line change
Expand Up @@ -155,7 +155,6 @@ const SUPPORTED_COMPRESSION = DEFAULT_COMPRESSION.concat([


const COMPAT = {
BAD_DHGEX: 1 << 0,
OLD_EXIT: 1 << 1,
DYN_RPORT_BUG: 1 << 2,
BUG_DHGEX_LARGE: 1 << 3,
Expand Down Expand Up @@ -328,7 +327,6 @@ module.exports = {

COMPAT,
COMPAT_CHECKS: [
[ 'Cisco-1.25', COMPAT.BAD_DHGEX ],
[ /^Cisco-1[.]/, COMPAT.BUG_DHGEX_LARGE ],
[ /^[0-9.]+$/, COMPAT.OLD_EXIT ], // old SSH.com implementations
[ /^OpenSSH_5[.][0-9]+/, COMPAT.DYN_RPORT_BUG ],
Expand Down
56 changes: 3 additions & 53 deletions lib/protocol/kex.js
Original file line number Diff line number Diff line change
Expand Up @@ -73,45 +73,8 @@ function kexinit(self) {
uint32 0 (reserved for future extension)
*/

let payload;
if (self._compatFlags & COMPAT.BAD_DHGEX) {
const entry = self._offer.lists.kex;
let kex = entry.array;
let found = false;
for (let i = 0; i < kex.length; ++i) {
if (kex[i].includes('group-exchange')) {
if (!found) {
found = true;
// Copy array lazily
kex = kex.slice();
}
kex.splice(i--, 1);
}
}
if (found) {
let len = 1 + 16 + self._offer.totalSize + 1 + 4;
const newKexBuf = Buffer.from(kex.join(','));
len -= (entry.buffer.length - newKexBuf.length);

const all = self._offer.lists.all;
const rest = new Uint8Array(
all.buffer,
all.byteOffset + 4 + entry.buffer.length,
all.length - (4 + entry.buffer.length)
);

payload = Buffer.allocUnsafe(len);
writeUInt32BE(payload, newKexBuf.length, 17);
payload.set(newKexBuf, 17 + 4);
payload.set(rest, 17 + 4 + newKexBuf.length);
}
}

if (payload === undefined) {
payload = Buffer.allocUnsafe(1 + 16 + self._offer.totalSize + 1 + 4);
self._offer.copyAllTo(payload, 17);
}

const payload = Buffer.allocUnsafe(1 + 16 + self._offer.totalSize + 1 + 4);
self._offer.copyAllTo(payload, 17);
self._debug && self._debug('Outbound: Sending KEXINIT');

payload[0] = MESSAGE.KEXINIT;
Expand Down Expand Up @@ -197,20 +160,7 @@ function handleKexInit(self, payload) {
const local = self._offer;
const remote = init;

let localKex = local.lists.kex.array;
if (self._compatFlags & COMPAT.BAD_DHGEX) {
let found = false;
for (let i = 0; i < localKex.length; ++i) {
if (localKex[i].indexOf('group-exchange') !== -1) {
if (!found) {
found = true;
// Copy array lazily
localKex = localKex.slice();
}
localKex.splice(i--, 1);
}
}
}
const localKex = local.lists.kex.array;

let clientList;
let serverList;
Expand Down
6 changes: 3 additions & 3 deletions package.json
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
{
"name": "ssh2",
"name": "@waylay/ssh2",
"version": "1.15.0",
"author": "Brian White <[email protected]>",
"description": "SSH2 client and server modules written in pure JavaScript for node.js",
Expand Down Expand Up @@ -39,11 +39,11 @@
"licenses": [
{
"type": "MIT",
"url": "http://github.com/mscdex/ssh2/raw/master/LICENSE"
"url": "http://github.com/@waylay/ssh2/raw/master/LICENSE"
}
],
"repository": {
"type": "git",
"url": "http://github.com/mscdex/ssh2.git"
"url": "http://github.com/@waylay/ssh2.git"
}
}

0 comments on commit 64e4948

Please sign in to comment.