diff --git a/libssh/kex.c b/libssh/kex.c index 20982748..4aceb43a 100644 --- a/libssh/kex.c +++ b/libssh/kex.c @@ -195,48 +195,48 @@ char **space_tokenize(const char *chain){ return tokens; } -/* find_matching gets 2 parameters : a list of available objects (in_d), separated by colons,*/ -/* and a list of prefered objects (what_d) */ +/* find_matching gets 2 parameters : a list of available objects (available_d), separated by colons,*/ +/* and a list of preferred objects (preferred_d) */ /* it will return a strduped pointer on the first prefered object found in the available objects list */ -char *ssh_find_matching(const char *in_d, const char *what_d){ - char ** tok_in, **tok_what; - int i_in, i_what; +char *ssh_find_matching(const char *available_d, const char *preferred_d){ + char ** tok_available, **tok_preferred; + int i_avail, i_pref; char *ret; - if ((in_d == NULL) || (what_d == NULL)) { + if ((available_d == NULL) || (preferred_d == NULL)) { return NULL; /* don't deal with null args */ } - tok_in = tokenize(in_d); - if (tok_in == NULL) { + tok_available = tokenize(available_d); + if (tok_available == NULL) { return NULL; } - tok_what = tokenize(what_d); - if (tok_what == NULL) { - SAFE_FREE(tok_in[0]); - SAFE_FREE(tok_in); + tok_preferred = tokenize(preferred_d); + if (tok_preferred == NULL) { + SAFE_FREE(tok_available[0]); + SAFE_FREE(tok_available); } - for(i_what=0; tok_what[i_what] ; ++i_what){ - for(i_in=0; tok_in[i_in]; ++i_in){ - if(!strcmp(tok_in[i_in],tok_what[i_what])){ + for(i_pref=0; tok_preferred[i_pref] ; ++i_pref){ + for(i_avail=0; tok_available[i_avail]; ++i_avail){ + if(!strcmp(tok_available[i_avail],tok_preferred[i_pref])){ /* match */ - ret=strdup(tok_in[i_in]); + ret=strdup(tok_available[i_avail]); /* free the tokens */ - free(tok_in[0]); - free(tok_what[0]); - free(tok_in); - free(tok_what); + free(tok_available[0]); + free(tok_preferred[0]); + free(tok_available); + free(tok_preferred); return ret; } } } - free(tok_in[0]); - free(tok_what[0]); - free(tok_in); - free(tok_what); + free(tok_available[0]); + free(tok_preferred[0]); + free(tok_available); + free(tok_preferred); return NULL; } diff --git a/libssh/wrapper.c b/libssh/wrapper.c index a42c2367..807f743a 100644 --- a/libssh/wrapper.c +++ b/libssh/wrapper.c @@ -1001,7 +1001,8 @@ int crypt_set_algorithms_server(ssh_session session){ /* out */ server = session->server_kex.methods[SSH_CRYPT_S_C]; client = session->client_kex.methods[SSH_CRYPT_S_C]; - match = ssh_find_matching(client, server); + /* That's the client algorithms that are more important */ + match = ssh_find_matching(server,client); if(!match){ ssh_set_error(session,SSH_FATAL,"Crypt_set_algorithms_server : no matching algorithm function found for %s",server); @@ -1030,7 +1031,7 @@ int crypt_set_algorithms_server(ssh_session session){ /* in */ client=session->client_kex.methods[SSH_CRYPT_C_S]; server=session->server_kex.methods[SSH_CRYPT_S_C]; - match=ssh_find_matching(client,server); + match=ssh_find_matching(server,client); if(!match){ ssh_set_error(session,SSH_FATAL,"Crypt_set_algorithms_server : no matching algorithm function found for %s",server); free(match); @@ -1058,7 +1059,7 @@ int crypt_set_algorithms_server(ssh_session session){ /* compression */ client=session->client_kex.methods[SSH_CRYPT_C_S]; server=session->server_kex.methods[SSH_CRYPT_C_S]; - match=ssh_find_matching(client,server); + match=ssh_find_matching(server,client); if(match && !strcmp(match,"zlib")){ ssh_log(session,SSH_LOG_PACKET,"enabling C->S compression"); session->next_crypto->do_compress_in=1; @@ -1067,7 +1068,7 @@ int crypt_set_algorithms_server(ssh_session session){ client=session->client_kex.methods[SSH_CRYPT_S_C]; server=session->server_kex.methods[SSH_CRYPT_S_C]; - match=ssh_find_matching(client,server); + match=ssh_find_matching(server,client); if(match && !strcmp(match,"zlib")){ ssh_log(session,SSH_LOG_PACKET,"enabling S->C compression\n"); session->next_crypto->do_compress_out=1; @@ -1076,7 +1077,7 @@ int crypt_set_algorithms_server(ssh_session session){ server=session->server_kex.methods[SSH_HOSTKEYS]; client=session->client_kex.methods[SSH_HOSTKEYS]; - match=ssh_find_matching(client,server); + match=ssh_find_matching(server,client); if(match && !strcmp(match,"ssh-dss")) session->hostkeys=TYPE_DSS; else if(match && !strcmp(match,"ssh-rsa"))