From a44530bd985b14dd2b12053baa69be9eaa3e3777 Mon Sep 17 00:00:00 2001
From: Simon Tatham <anakin@pobox.com>
Date: Thu, 27 Mar 2014 18:07:13 +0000
Subject: [PATCH] Add auto-recognition of BUG_SSH2_RSA_PADDING for ProFTPD.

Martin Prikryl reports that it had the exact same bug as old OpenSSH
(insisting that RSA signature integers be padded with leading zero
bytes to the same length as the RSA modulus, where in fact RFC 4253
section 6.6 says it ought to have _no_ padding), but is recently
fixed. The first version string to not have the bug is reported to be
"mod_sftp/0.9.9", so here we recognise everything less than that as
requiring our existing workaround.

[originally from svn r10161]
---
 ssh.c | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/ssh.c b/ssh.c
index 1333b678..4eb84f89 100644
--- a/ssh.c
+++ b/ssh.c
@@ -2747,7 +2747,9 @@ static void ssh_detect_bugs(Ssh ssh, char *vstring)
     if (conf_get_int(ssh->conf, CONF_sshbug_rsapad2) == FORCE_ON ||
 	(conf_get_int(ssh->conf, CONF_sshbug_rsapad2) == AUTO &&
 	 (wc_match("OpenSSH_2.[5-9]*", imp) ||
-	  wc_match("OpenSSH_3.[0-2]*", imp)))) {
+	  wc_match("OpenSSH_3.[0-2]*", imp) ||
+	  wc_match("mod_sftp/0.[0-8]*", imp) ||
+	  wc_match("mod_sftp/0.9.[0-8]", imp)))) {
 	/*
 	 * These versions have the SSH-2 RSA padding bug.
 	 */