[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

SSH version or banner string maximum length?


Need confirmation on the maximum length of the version or banner string that an SSH server can send to the client. According to RFC-4253 it is 255.  Can someone please confirm.  If it is 255 there may be an error in procedure callback_receive_banner() in client.c - around line# 129

Thanks,
Saju

/**
* @internal
*
* @brief Gets the banner from socket and saves it in session.
* Updates the session state
*
* @param  data pointer to the beginning of header
* @param  len size of the banner
* @param  user is a pointer to session
* @returns Number of bytes processed, or zero if the banner is not complete.
*/
static int callback_receive_banner(const void *data, size_t len, void *user) {
  char *buffer = (char *)data;
  ssh_session session=(ssh_session) user;
  char *str = NULL;
  size_t i;
  int ret=0;

  if(session->session_state != SSH_SESSION_STATE_SOCKET_CONNECTED){
                ssh_set_error(session,SSH_FATAL,"Wrong state in callback_receive_banner : %d",session->session_state);

                return SSH_ERROR;
  }
  for(i=0;i<len;++i){
#ifdef WITH_PCAP
                if(session->pcap_ctx && buffer[i] == '\n'){
                                ssh_pcap_context_write(session->pcap_ctx,SSH_PCAP_DIR_IN,buffer,i+1,i+1);
                }
#endif
    if(buffer[i]=='\r') {
        buffer[i]='\0';
    }
    if (buffer[i]=='\n') {
        buffer[i] = '\0';
        str = strdup(buffer);
        if (str == NULL) {
            return SSH_ERROR;
        }
        /* number of bytes read */
        ret = i + 1;
        session->serverbanner = str;
                                session->session_state=SSH_SESSION_STATE_BANNER_RECEIVED;
                                SSH_LOG(SSH_LOG_PACKET,"Received banner: %s",str);
                                session->ssh_connection_callback(session);

                                return ret;
                }
                if(i>127){
                                /* Too big banner */
                                session->session_state=SSH_SESSION_STATE_ERROR;
                                ssh_set_error(session,SSH_FATAL,"Receiving banner: too large banner");

                                return 0;
                }
  }

  return ret;
}



Archive administrator: postmaster@lists.cynapses.org