Clone CryptoWishList when filtering

To avoid overwriting the original CryptoWishList, clone it before
modifying it. Additionally move the "ext-info-c" into the filtering
stage so that even custom lists of algorithms have it included.

Author: kruton

src/main/java/com/trilead/ssh2/crypto/CryptoWishList.java

@@ -13,14 +13,41 @@
  * @author Christian Plattner, plattner@trilead.com
  * @version $Id: CryptoWishList.java,v 1.1 2007/10/15 12:49:56 cplattne Exp $
  */
-public class CryptoWishList
+public class CryptoWishList implements Cloneable
 {
-	public String[] kexAlgorithms = KexManager.getDefaultKexAlgorithmList();
-	public String[] serverHostKeyAlgorithms = KexManager.getDefaultServerHostkeyAlgorithmList();
-	public String[] c2s_enc_algos = BlockCipherFactory.getDefaultCipherList();
-	public String[] s2c_enc_algos = BlockCipherFactory.getDefaultCipherList();
-	public String[] c2s_mac_algos = MACs.getMacList();
-	public String[] s2c_mac_algos = MACs.getMacList();
-	public String[] c2s_comp_algos = CompressionFactory.getDefaultCompressorList();
-	public String[] s2c_comp_algos = CompressionFactory.getDefaultCompressorList();
+	public CryptoWishList() {
+		kexAlgorithms = KexManager.getDefaultKexAlgorithmList();
+		serverHostKeyAlgorithms = KexManager.getDefaultServerHostkeyAlgorithmList();
+		c2s_enc_algos = BlockCipherFactory.getDefaultCipherList();
+		s2c_enc_algos = BlockCipherFactory.getDefaultCipherList();
+		c2s_mac_algos = MACs.getMacList();
+		s2c_mac_algos = MACs.getMacList();
+		c2s_comp_algos = CompressionFactory.getDefaultCompressorList();
+		s2c_comp_algos = CompressionFactory.getDefaultCompressorList();
+	}
+
+	public CryptoWishList(CryptoWishList other) {
+		kexAlgorithms = other.kexAlgorithms.clone();
+		serverHostKeyAlgorithms = other.serverHostKeyAlgorithms.clone();
+		c2s_enc_algos = other.c2s_enc_algos.clone();
+		s2c_enc_algos = other.s2c_enc_algos.clone();
+		c2s_mac_algos = other.c2s_mac_algos.clone();
+		s2c_mac_algos = other.s2c_mac_algos.clone();
+		c2s_comp_algos = other.c2s_comp_algos.clone();
+		s2c_comp_algos = other.s2c_comp_algos.clone();
+	}
+
+	public String[] kexAlgorithms;
+	public String[] serverHostKeyAlgorithms;
+	public String[] c2s_enc_algos;
+	public String[] s2c_enc_algos;
+	public String[] c2s_mac_algos;
+	public String[] s2c_mac_algos;
+	public String[] c2s_comp_algos;
+	public String[] s2c_comp_algos;
+
+	@Override
+	public CryptoWishList clone() {
+		return new CryptoWishList(this);
+	}
 }

src/main/java/com/trilead/ssh2/transport/KexManager.java

@@ -98,11 +98,11 @@ public class KexManager
 		KEX_ALGS.add("diffie-hellman-group-exchange-sha1");
 		KEX_ALGS.add("diffie-hellman-group14-sha1");
 		KEX_ALGS.add("diffie-hellman-group1-sha1");
-
-		// Indicate client support for ext-info
-		KEX_ALGS.add("ext-info-c");
 	}
 
+	/** RFC 8308 Section 2 */
+	private static final String EXT_INFO_C = "ext-info-c";
+
 	private KexState kxs;
 	private int kexCount = 0;
 	private KeyMaterial km;
@@ -279,8 +279,9 @@ private NegotiatedParameters mergeKexParameters(KexParameters client, KexParamet
 
 	public synchronized void initiateKEX(CryptoWishList cwl, DHGexParameters dhgex) throws IOException
 	{
-		nextKEXcryptoWishList = cwl;
+		nextKEXcryptoWishList = cwl.clone();
 		filterHostKeyTypes(nextKEXcryptoWishList);
+		addExtraKexAlgorithms(nextKEXcryptoWishList);
 
 		nextKEXdhgexParameters = dhgex;
 
@@ -295,6 +296,24 @@ public synchronized void initiateKEX(CryptoWishList cwl, DHGexParameters dhgex)
 		}
 	}
 
+	/**
+	 * Adds the pseudo-key-exchange algorithms to the crypto wishlist.
+	 *
+	 * @param cwl the crypto wishlist to which the key exchange algo
+	 *            should be added.
+	 */
+	private static void addExtraKexAlgorithms(CryptoWishList cwl) {
+		String[] oldKexAlgorithms = cwl.kexAlgorithms;
+		List<String> kexAlgorithms = new ArrayList<>(oldKexAlgorithms.length + 1);
+		for (String algo : oldKexAlgorithms)
+		{
+			if (!algo.equals(EXT_INFO_C))
+				kexAlgorithms.add(algo);
+		}
+		kexAlgorithms.add(EXT_INFO_C);
+		cwl.kexAlgorithms = kexAlgorithms.toArray(new String[0]);
+	}
+
 	/**
 	 * If the verifier can indicate which algorithms it knows about for this host, then
 	 * filter out our crypto wish list to only include those algorithms. Otherwise we'll