1
0
mirror of https://git.tartarus.org/simon/putty.git synced 2025-01-10 01:48:00 +00:00

Uppity: enable the des-cbc cipher.

There was no way to enable it for testing purposes at all until now.
Overriding the server KEX string to mention it doesn't help when it
was prevented from getting into the list that scan_kexinit_lists will
go through afterwards to find pointers to algorithm structures.
This commit is contained in:
Simon Tatham 2019-03-31 10:08:53 +01:00
parent d990dfc395
commit b9db527102
3 changed files with 16 additions and 2 deletions

View File

@ -216,6 +216,19 @@ void ssh_conn_processed_data(Ssh *ssh)
* around a peculiarity of the GUI event loop, I haven't yet. */
}
Conf *make_ssh_server_conf(void)
{
Conf *conf = conf_new();
load_open_settings(NULL, conf);
/* In Uppity, we support even the legacy des-cbc cipher by
* default, so that it will be available if the user forces it by
* overriding the KEXINIT strings. If the user wants it _not_
* supported, of course, they can override KEXINIT in the other
* direction. */
conf_set_bool(conf, CONF_ssh2_des_cbc, true);
return conf;
}
static const PlugVtable ssh_server_plugvt = {
server_socket_log,
server_closing,

View File

@ -119,3 +119,5 @@ int platform_make_x11_server(Plug *plug, const char *progname, int mindisp,
const char *screen_number_suffix,
ptrlen authproto, ptrlen authdata,
Socket **sockets, Conf *conf);
Conf *make_ssh_server_conf(void);

View File

@ -489,8 +489,7 @@ int main(int argc, char **argv)
AuthPolicy ap;
SshServerConfig ssc;
Conf *conf = conf_new();
load_open_settings(NULL, conf);
Conf *conf = make_ssh_server_conf();
ap.kbdint_state = 0;
ap.ssh1keys = NULL;