From cbd166a43d6c5042151b558158529c0253b6f2f9 Mon Sep 17 00:00:00 2001
From: Jacob Barthelmeh <jacob@wolfssl.com>
Date: Fri, 25 Oct 2019 16:14:00 -0600
Subject: [PATCH 1/4] be more lenient on CR with protocol exchange

---
 src/internal.c | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/src/internal.c b/src/internal.c
index 41dec3f..2a49070 100644
--- a/src/internal.c
+++ b/src/internal.c
@@ -1404,6 +1404,15 @@ static int GetInputText(WOLFSSH* ssh, byte** pEol)
 
         eol = WSTRNSTR((const char*)ssh->inputBuffer.buffer, "\r\n",
                        ssh->inputBuffer.length);
+#ifndef WOLFSSH_STRICT_PROTOCOL_EXCHANGE
+        /* section 4.2 in RFC 4253 states that can be lenient on the CR for
+         * interop with older or undocumented versions of SSH */
+        if (!eol) {
+            WLOG(WS_LOG_DEBUG, "Checking for older version of protocol exchange");
+            eol = WSTRNSTR((const char*)ssh->inputBuffer.buffer, "\n",
+                       ssh->inputBuffer.length);
+        }
+#endif
 
         if (eol)
             gotLine = 1;

From 0b881933b0e07797282a82c475542f02b63c834b Mon Sep 17 00:00:00 2001
From: Jacob Barthelmeh <jacob@wolfssl.com>
Date: Thu, 5 Mar 2020 14:05:35 -0700
Subject: [PATCH 2/4] always turn on interop with older protocol exchange

---
 src/internal.c | 5 ++---
 1 file changed, 2 insertions(+), 3 deletions(-)

diff --git a/src/internal.c b/src/internal.c
index 2a49070..337484e 100644
--- a/src/internal.c
+++ b/src/internal.c
@@ -1404,15 +1404,14 @@ static int GetInputText(WOLFSSH* ssh, byte** pEol)
 
         eol = WSTRNSTR((const char*)ssh->inputBuffer.buffer, "\r\n",
                        ssh->inputBuffer.length);
-#ifndef WOLFSSH_STRICT_PROTOCOL_EXCHANGE
+
         /* section 4.2 in RFC 4253 states that can be lenient on the CR for
          * interop with older or undocumented versions of SSH */
         if (!eol) {
-            WLOG(WS_LOG_DEBUG, "Checking for older version of protocol exchange");
+            WLOG(WS_LOG_DEBUG, "Checking for old version of protocol exchange");
             eol = WSTRNSTR((const char*)ssh->inputBuffer.buffer, "\n",
                        ssh->inputBuffer.length);
         }
-#endif
 
         if (eol)
             gotLine = 1;

From 2c603653077993761e75efed9d9ee5ac59b311c0 Mon Sep 17 00:00:00 2001
From: Jacob Barthelmeh <jacob@wolfssl.com>
Date: Thu, 5 Mar 2020 16:21:51 -0700
Subject: [PATCH 3/4] account for proto size difference

---
 src/internal.c     | 9 +++++++++
 wolfssh/internal.h | 1 -
 2 files changed, 9 insertions(+), 1 deletion(-)

diff --git a/src/internal.c b/src/internal.c
index 337484e..d81d432 100644
--- a/src/internal.c
+++ b/src/internal.c
@@ -2235,7 +2235,12 @@ static int DoKexInit(WOLFSSH* ssh, byte* buf, word32 len, word32* idx)
         }
 
         if (ret == WS_SUCCESS) {
+            byte SSH_PROTO_EOL_SZ = 1;
+
             strSz = (word32)WSTRLEN(sshProtoIdStr) - SSH_PROTO_EOL_SZ;
+            if (strSz > 1 && sshProtoIdStr[strSz - 1] == '\r') {
+                strSz--; /* subtract 1 more for CR */
+            }
             c32toa(strSz, scratchLen);
             ret = wc_HashUpdate(&ssh->handshake->hash, enmhashId,
                                 scratchLen, LENGTH_SZ);
@@ -5216,6 +5221,7 @@ int DoProtoId(WOLFSSH* ssh)
     int ret;
     word32 idSz;
     byte* eol;
+    byte  SSH_PROTO_EOL_SZ = 1;
 
     if ( (ret = GetInputText(ssh, &eol)) < 0) {
         WLOG(WS_LOG_DEBUG, "get input text failed");
@@ -5244,6 +5250,9 @@ int DoProtoId(WOLFSSH* ssh)
         ssh->clientOpenSSH = 1;
     }
 
+    if (*eol == '\r') {
+        SSH_PROTO_EOL_SZ++;
+    }
     *eol = 0;
 
     idSz = (word32)WSTRLEN((char*)ssh->inputBuffer.buffer);
diff --git a/wolfssh/internal.h b/wolfssh/internal.h
index 0da8b7b..9957f15 100644
--- a/wolfssh/internal.h
+++ b/wolfssh/internal.h
@@ -123,7 +123,6 @@ enum {
 #define SHA1_96_SZ 12
 #define UINT32_SZ 4
 #define SSH_PROTO_SZ 7 /* "SSH-2.0" */
-#define SSH_PROTO_EOL_SZ 2 /* Just the CRLF */
 #define AEAD_IMP_IV_SZ 4
 #define AEAD_EXP_IV_SZ 8
 #define AEAD_NONCE_SZ (AEAD_IMP_IV_SZ+AEAD_EXP_IV_SZ)

From 6dd22d29e6ee6128c9c69cf3a775712314ece177 Mon Sep 17 00:00:00 2001
From: Jacob Barthelmeh <jacob@wolfssl.com>
Date: Tue, 17 Mar 2020 18:42:48 -0600
Subject: [PATCH 4/4] account for wolfSSH always sending carriage return and
 new line

---
 src/internal.c | 5 +----
 1 file changed, 1 insertion(+), 4 deletions(-)

diff --git a/src/internal.c b/src/internal.c
index d81d432..874a3df 100644
--- a/src/internal.c
+++ b/src/internal.c
@@ -2235,12 +2235,9 @@ static int DoKexInit(WOLFSSH* ssh, byte* buf, word32 len, word32* idx)
         }
 
         if (ret == WS_SUCCESS) {
-            byte SSH_PROTO_EOL_SZ = 1;
+            byte SSH_PROTO_EOL_SZ = 2;
 
             strSz = (word32)WSTRLEN(sshProtoIdStr) - SSH_PROTO_EOL_SZ;
-            if (strSz > 1 && sshProtoIdStr[strSz - 1] == '\r') {
-                strSz--; /* subtract 1 more for CR */
-            }
             c32toa(strSz, scratchLen);
             ret = wc_HashUpdate(&ssh->handshake->hash, enmhashId,
                                 scratchLen, LENGTH_SZ);