Peter Schellenbach's patch: re-implement the PuTTY cryptographic

[u/mdw/putty] / scpssh.c

diff --git a/scpssh.c b/scpssh.c
index b51cbb8..3d2c824 100644 (file)
--- a/scpssh.c
+++ b/scpssh.c
@@ -27,6 +27,7 @@
 #define SSH_CMSG_EOF           19
 #define SSH_SMSG_EXIT_STATUS   20
 #define SSH_CMSG_EXIT_CONFIRMATION     33
+#define SSH_MSG_IGNORE         32
 #define SSH_MSG_DEBUG          36
 
 #define GET_32BIT(cp) \
@@ -36,10 +37,10 @@
     ((unsigned long)(unsigned char)(cp)[3]))
 
 #define PUT_32BIT(cp, value) { \
-    (cp)[0] = (value) >> 24; \
-    (cp)[1] = (value) >> 16; \
-    (cp)[2] = (value) >> 8; \
-    (cp)[3] = (value); }
+    (cp)[0] = (unsigned char)((value) >> 24); \
+    (cp)[1] = (unsigned char)((value) >> 16); \
+    (cp)[2] = (unsigned char)((value) >> 8); \
+    (cp)[3] = (unsigned char)(value); }
 
 static SOCKET s = INVALID_SOCKET;
 
@@ -87,7 +88,7 @@ static int s_read (char *buf, int len) {
 /*
  * Read and decrypt one incoming SSH packet.
  */
-static void get_packet()
+static void get_packet(void)
 {
     unsigned char buf[4];
     int ret;
@@ -120,8 +121,15 @@ next_packet:
     pktin.length = len;
     if (pktin.maxlen < biglen) {
        pktin.maxlen = biglen;
+#ifdef MSCRYPTOAPI
+       /* allocate enough buffer space for extra block
+        * for MS CryptEncrypt() */
+       pktin.data = (pktin.data == NULL) ?
+           smalloc(biglen+8) : srealloc(pktin.data, biglen+8);
+#else
        pktin.data = (pktin.data == NULL) ? 
-                    smalloc(biglen) : srealloc(pktin.data, biglen);
+           smalloc(biglen) : srealloc(pktin.data, biglen);
+#endif
     }
 
     ret = s_read(pktin.data, biglen);
@@ -146,6 +154,9 @@ next_packet:
        }
        goto next_packet;
     }
+    if (pktin.type == SSH_MSG_IGNORE) {
+       goto next_packet;
+    }
 }
 
 static void s_wrpkt_start(int type, int len) {
@@ -158,8 +169,15 @@ static void s_wrpkt_start(int type, int len) {
     pktout.length = len-5;
     if (pktout.maxlen < biglen) {
        pktout.maxlen = biglen;
+#ifdef MSCRYPTOAPI
+       /* Allocate enough buffer space for extra block
+        * for MS CryptEncrypt() */
+       pktout.data = (pktout.data == NULL ? malloc(biglen+8) :
+                      realloc(pktout.data, biglen+8));
+#else
        pktout.data = (pktout.data == NULL ? malloc(biglen+4) :
                       realloc(pktout.data, biglen+4));
+#endif
        if (!pktout.data)
            fatalbox("Out of memory");
     }
@@ -277,7 +295,21 @@ static void ssh_login(char *username, char *cmd)
     if (!rsabuf)
        fatalbox("Out of memory");
 
-    verify_ssh_host_key(savedhost, &hostkey);
+    /*
+     * Verify the host key.
+     */
+    {
+        /*
+         * First format the key into a string.
+         */
+        int len = rsastr_len(&hostkey);
+        char *keystr = malloc(len);
+        if (!keystr)
+            fatalbox("Out of memory");
+        rsastr_fmt(keystr, &hostkey);
+        verify_ssh_host_key(savedhost, keystr);
+        free(keystr);
+    }
 
     for (i=0; i<32; i++) {
        rsabuf[i] = session_key[i];
@@ -470,6 +502,11 @@ char *ssh_init(char *host, int port, char *cmd, char **realhost) {
     int FWport;
 #endif
 
+#ifdef MSCRYPTOAPI
+    if(crypto_startup() == 0)
+       return "Microsoft high encryption pack not installed!";
+#endif
+
     savedhost = malloc(1+strlen(host));
     if (!savedhost)
        fatalbox("Out of memory");