if (ssh->cipher && detect_attack(ssh->crcda_ctx, ssh->pktin.data,
st->biglen, NULL)) {
bombout(("Network attack (CRC compensation) detected!"));
- crReturn(0);
+ crStop(0);
}
if (ssh->cipher)
st->gotcrc = GET_32BIT(ssh->pktin.data + st->biglen - 4);
if (st->gotcrc != st->realcrc) {
bombout(("Incorrect CRC received on packet"));
- crReturn(0);
+ crStop(0);
}
ssh->pktin.body = ssh->pktin.data + st->pad + 1;
long stringlen = GET_32BIT(ssh->pktin.body);
if (stringlen + 4 != ssh->pktin.length) {
bombout(("Received data packet with bogus string length"));
- crReturn(0);
+ crStop(0);
}
}
buf[nowlen + msglen] = '\0';
/* logevent(buf); (this is now done within the bombout macro) */
bombout(("Server sent disconnect message:\n\"%s\"", buf+nowlen));
- crReturn(0);
+ crStop(0);
}
crFinish(0);
*/
if (st->len < 0 || st->pad < 0 || st->len + st->pad < 0) {
bombout(("Incoming packet was garbled on decryption"));
- crReturn(0);
+ crStop(0);
}
/*
&& !ssh->scmac->verify(ssh->sc_mac_ctx, ssh->pktin.data, st->len + 4,
st->incoming_sequence)) {
bombout(("Incorrect MAC received on packet"));
- crReturn(0);
+ crStop(0);
}
st->incoming_sequence++; /* whether or not we MACed */
ssh2_disconnect_reasons[reason] : "unknown",
buf+nowlen));
sfree(buf);
- crReturn(0);
+ crStop(0);
}
break;
case SSH2_MSG_IGNORE:
if (ssh->cfg.sshprot == 0 && !s->proto1) {
bombout(("SSH protocol version 1 required by user but not provided by server"));
- crReturn(0);
+ crStop(0);
}
if (ssh->cfg.sshprot == 3 && !s->proto2) {
bombout(("SSH protocol version 2 required by user but not provided by server"));
- crReturn(0);
+ crStop(0);
}
if (s->proto2 && (ssh->cfg.sshprot >= 2 || !s->proto1)) {
ssh->version = 1;
ssh->s_rdpkt = ssh1_rdpkt;
}
+ update_specials_menu(ssh->frontend);
ssh->state = SSH_STATE_BEFORE_SIZE;
sfree(s->vstring);
if (ssh->pktin.type != SSH1_SMSG_PUBLIC_KEY) {
bombout(("Public key packet not received"));
- crReturn(0);
+ crStop(0);
}
logevent("Received public keys");
else
/* shouldn't happen */
bombout(("No supported ciphers found"));
- crReturn(0);
+ crStop(0);
}
/* Warn about chosen cipher if necessary. */
if (ssh->pktin.type != SSH1_SMSG_SUCCESS) {
bombout(("Encryption not successfully enabled"));
- crReturn(0);
+ crStop(0);
}
logevent("Successfully started encryption");
*/
logevent("No username provided. Abandoning session.");
ssh_closing((Plug)ssh, NULL, 0, 0);
- crReturn(1);
+ crStop(1);
}
} else {
int ret; /* need not be kept over crReturn */
logevent("Unable to authenticate");
connection_fatal(ssh->frontend, "Unable to authenticate");
ssh_closing((Plug)ssh, NULL, 0, 0);
- crReturn(1);
+ crStop(1);
}
} else {
/* Prompt may have come from server. We've munged it a bit, so
}
if (ssh->pktin.type != SSH1_SMSG_AUTH_RSA_CHALLENGE) {
bombout(("Bizarre response to offer of public key"));
- crReturn(0);
+ crStop(0);
}
{
continue; /* go and try password */
} else if (ssh->pktin.type != SSH1_SMSG_SUCCESS) {
bombout(("Bizarre response to RSA authentication response"));
- crReturn(0);
+ crStop(0);
}
break; /* we're through! */
logevent("Authentication refused");
} else if (ssh->pktin.type != SSH1_SMSG_SUCCESS) {
bombout(("Strange packet received, type %d", ssh->pktin.type));
- crReturn(0);
+ crStop(0);
}
}
if (ssh->pktin.type != SSH1_SMSG_SUCCESS
&& ssh->pktin.type != SSH1_SMSG_FAILURE) {
bombout(("Protocol confusion"));
- crReturnV;
+ crStopV;
} else if (ssh->pktin.type == SSH1_SMSG_FAILURE) {
logevent("Agent forwarding refused");
} else {
if (ssh->pktin.type != SSH1_SMSG_SUCCESS
&& ssh->pktin.type != SSH1_SMSG_FAILURE) {
bombout(("Protocol confusion"));
- crReturnV;
+ crStopV;
} else if (ssh->pktin.type == SSH1_SMSG_FAILURE) {
logevent("X11 forwarding refused");
} else {
if (n < 255) sports[n++] = *ssh->portfwd_strptr++;
}
sports[n] = 0;
- if (*ssh->portfwd_strptr == '\t')
- ssh->portfwd_strptr++;
- n = 0;
- while (*ssh->portfwd_strptr && *ssh->portfwd_strptr != ':') {
- if (n < 255) host[n++] = *ssh->portfwd_strptr++;
- }
- host[n] = 0;
- if (*ssh->portfwd_strptr == ':')
+ if (type != 'D') {
+ if (*ssh->portfwd_strptr == '\t')
+ ssh->portfwd_strptr++;
+ n = 0;
+ while (*ssh->portfwd_strptr && *ssh->portfwd_strptr != ':') {
+ if (n < 255) host[n++] = *ssh->portfwd_strptr++;
+ }
+ host[n] = 0;
+ if (*ssh->portfwd_strptr == ':')
+ ssh->portfwd_strptr++;
+ n = 0;
+ while (*ssh->portfwd_strptr) {
+ if (n < 255) dports[n++] = *ssh->portfwd_strptr++;
+ }
+ dports[n] = 0;
ssh->portfwd_strptr++;
- n = 0;
- while (*ssh->portfwd_strptr) {
- if (n < 255) dports[n++] = *ssh->portfwd_strptr++;
- }
- dports[n] = 0;
- ssh->portfwd_strptr++;
- dport = atoi(dports);
- dserv = 0;
- if (dport == 0) {
- dserv = 1;
- dport = net_service_lookup(dports);
- if (!dport) {
- logeventf(ssh, "Service lookup failed for"
- " destination port \"%s\"", dports);
+ dport = atoi(dports);
+ dserv = 0;
+ if (dport == 0) {
+ dserv = 1;
+ dport = net_service_lookup(dports);
+ if (!dport) {
+ logeventf(ssh, "Service lookup failed for"
+ " destination port \"%s\"", dports);
+ }
}
+ } else {
+ while (*ssh->portfwd_strptr) ssh->portfwd_strptr++;
+ dport = dserv = -1;
}
sport = atoi(sports);
sserv = 0;
host,
(int)(dserv ? strlen(dports) : 0), dports,
dserv, "(", dport, dserv, ")");
+ } else if (type == 'D') {
+ pfd_addforward(NULL, -1, *saddr ? saddr : NULL,
+ sport, ssh, &ssh->cfg);
+ logeventf(ssh, "Local port %.*s%.*s%.*s%.*s%d%.*s"
+ " doing SOCKS dynamic forwarding",
+ (int)(*saddr?strlen(saddr):0), *saddr?saddr:NULL,
+ (int)(*saddr?1:0), ":",
+ (int)(sserv ? strlen(sports) : 0), sports,
+ sserv, "(", sport, sserv, ")");
} else {
struct ssh_rportfwd *pf;
pf = snew(struct ssh_rportfwd);
if (ssh->pktin.type != SSH1_SMSG_SUCCESS
&& ssh->pktin.type != SSH1_SMSG_FAILURE) {
bombout(("Protocol confusion"));
- crReturnV;
+ crStopV;
} else if (ssh->pktin.type == SSH1_SMSG_FAILURE) {
c_write_str(ssh, "Server refused port"
" forwarding\r\n");
if (ssh->pktin.type != SSH1_SMSG_SUCCESS
&& ssh->pktin.type != SSH1_SMSG_FAILURE) {
bombout(("Protocol confusion"));
- crReturnV;
+ crStopV;
} else if (ssh->pktin.type == SSH1_SMSG_FAILURE) {
c_write_str(ssh, "Server refused to allocate pty\r\n");
ssh->editing = ssh->echoing = 1;
if (ssh->pktin.type != SSH1_SMSG_SUCCESS
&& ssh->pktin.type != SSH1_SMSG_FAILURE) {
bombout(("Protocol confusion"));
- crReturnV;
+ crStopV;
} else if (ssh->pktin.type == SSH1_SMSG_FAILURE) {
c_write_str(ssh, "Server refused to compress\r\n");
}
} else if (ssh->pktin.type == SSH1_MSG_DISCONNECT) {
ssh_closing((Plug)ssh, NULL, 0, 0);
logevent("Received disconnect request");
- crReturnV;
+ crStopV;
} else if (ssh->pktin.type == SSH1_SMSG_X11_OPEN) {
/* Remote side is trying to open a channel to talk to our
* X-Server. Give them back a local channel number. */
ssh->pktin.type == SSH1_MSG_CHANNEL_CLOSE ? "" :
"_CONFIRMATION", c ? "half-open" : "nonexistent",
i));
+ crStopV;
}
} else if (ssh->pktin.type == SSH1_MSG_CHANNEL_DATA) {
/* Data sent down one of our channels. */
struct ssh_channel *c;
c = find234(ssh->channels, &i, ssh_channelfind);
if (c) {
- int bufsize;
+ int bufsize = 0;
switch (c->type) {
case CHAN_X11:
bufsize = x11_send(c->u.x11.s, (char *)p, len);
* we've sent EXIT_CONFIRMATION.
*/
ssh_closing((Plug)ssh, NULL, 0, 0);
- crReturnV;
+ crStopV;
} else {
bombout(("Strange packet received: type %d", ssh->pktin.type));
- crReturnV;
+ crStopV;
}
} else {
while (inlen > 0) {
if (ssh->pktin.type != SSH2_MSG_KEXINIT) {
bombout(("expected key exchange packet from server"));
- crReturn(0);
+ crStop(0);
}
ssh->kex = NULL;
ssh->hostkey = NULL;
if (!s->cscipher_tobe) {
bombout(("Couldn't agree a client-to-server cipher (available: %s)",
str ? str : "(null)"));
- crReturn(0);
+ crStop(0);
}
ssh2_pkt_getstring(ssh, &str, &len); /* server->client cipher */
if (!s->sccipher_tobe) {
bombout(("Couldn't agree a server-to-client cipher (available: %s)",
str ? str : "(null)"));
- crReturn(0);
+ crStop(0);
}
ssh2_pkt_getstring(ssh, &str, &len); /* client->server mac */
crWaitUntil(ispkt);
if (ssh->pktin.type != SSH2_MSG_KEX_DH_GEX_GROUP) {
bombout(("expected key exchange group packet from server"));
- crReturn(0);
+ crStop(0);
}
s->p = ssh2_pkt_getmp(ssh);
s->g = ssh2_pkt_getmp(ssh);
crWaitUntil(ispkt);
if (ssh->pktin.type != s->kex_reply_value) {
bombout(("expected key exchange reply packet from server"));
- crReturn(0);
+ crStop(0);
}
ssh2_pkt_getstring(ssh, &s->hostkeydata, &s->hostkeylen);
s->f = ssh2_pkt_getmp(ssh);
!ssh->hostkey->verifysig(s->hkey, s->sigdata, s->siglen,
(char *)s->exchange_hash, 20)) {
bombout(("Server's host key did not match the signature supplied"));
- crReturn(0);
+ crStop(0);
}
/*
crWaitUntil(ispkt);
if (ssh->pktin.type != SSH2_MSG_NEWKEYS) {
bombout(("expected new-keys packet from server"));
- crReturn(0);
+ crStop(0);
}
/*
crWaitUntilV(ispkt);
if (ssh->pktin.type != SSH2_MSG_SERVICE_ACCEPT) {
bombout(("Server refused user authentication protocol"));
- crReturnV;
+ crStopV;
}
/*
*/
logevent("No username provided. Abandoning session.");
ssh_closing((Plug)ssh, NULL, 0, 0);
- crReturnV;
+ crStopV;
}
} else {
int ret; /* need not be saved across crReturn */
} else if (ssh->pktin.type != SSH2_MSG_USERAUTH_FAILURE) {
bombout(("Strange packet received during authentication: type %d",
ssh->pktin.type));
- crReturnV;
+ crStopV;
}
s->gotit = FALSE;
connection_fatal(ssh->frontend,
"Unable to authenticate");
ssh_closing((Plug)ssh, NULL, 0, 0);
- crReturnV;
+ crStopV;
}
} else {
int ret; /* need not be saved across crReturn */
ssh2_pkt_addstring(ssh, "en"); /* language tag */
ssh2_pkt_send(ssh);
ssh_closing((Plug)ssh, NULL, 0, 0);
- crReturnV;
+ crStopV;
}
}
} while (!s->we_are_in);
crWaitUntilV(ispkt);
if (ssh->pktin.type != SSH2_MSG_CHANNEL_OPEN_CONFIRMATION) {
bombout(("Server refused to open a session"));
- crReturnV;
+ crStopV;
/* FIXME: error data comes back in FAILURE packet */
}
if (ssh2_pkt_getuint32(ssh) != ssh->mainchan->localid) {
bombout(("Server's channel confirmation cited wrong channel"));
- crReturnV;
+ crStopV;
}
ssh->mainchan->remoteid = ssh2_pkt_getuint32(ssh);
ssh->mainchan->type = CHAN_MAINSESSION;
if (ssh->pktin.type != SSH2_MSG_CHANNEL_FAILURE) {
bombout(("Unexpected response to X11 forwarding request:"
" packet type %d", ssh->pktin.type));
- crReturnV;
+ crStopV;
}
logevent("X11 forwarding refused");
} else {
if (n < 255) sports[n++] = *ssh->portfwd_strptr++;
}
sports[n] = 0;
- if (*ssh->portfwd_strptr == '\t')
- ssh->portfwd_strptr++;
- n = 0;
- while (*ssh->portfwd_strptr && *ssh->portfwd_strptr != ':') {
- if (n < 255) host[n++] = *ssh->portfwd_strptr++;
- }
- host[n] = 0;
- if (*ssh->portfwd_strptr == ':')
+ if (type != 'D') {
+ if (*ssh->portfwd_strptr == '\t')
+ ssh->portfwd_strptr++;
+ n = 0;
+ while (*ssh->portfwd_strptr && *ssh->portfwd_strptr != ':') {
+ if (n < 255) host[n++] = *ssh->portfwd_strptr++;
+ }
+ host[n] = 0;
+ if (*ssh->portfwd_strptr == ':')
+ ssh->portfwd_strptr++;
+ n = 0;
+ while (*ssh->portfwd_strptr) {
+ if (n < 255) dports[n++] = *ssh->portfwd_strptr++;
+ }
+ dports[n] = 0;
ssh->portfwd_strptr++;
- n = 0;
- while (*ssh->portfwd_strptr) {
- if (n < 255) dports[n++] = *ssh->portfwd_strptr++;
- }
- dports[n] = 0;
- ssh->portfwd_strptr++;
- dport = atoi(dports);
- dserv = 0;
- if (dport == 0) {
- dserv = 1;
- dport = net_service_lookup(dports);
- if (!dport) {
- logeventf(ssh, "Service lookup failed for destination"
- " port \"%s\"", dports);
+ dport = atoi(dports);
+ dserv = 0;
+ if (dport == 0) {
+ dserv = 1;
+ dport = net_service_lookup(dports);
+ if (!dport) {
+ logeventf(ssh, "Service lookup failed for destination"
+ " port \"%s\"", dports);
+ }
}
+ } else {
+ while (*ssh->portfwd_strptr) ssh->portfwd_strptr++;
+ dport = dserv = -1;
}
sport = atoi(sports);
sserv = 0;
host,
(int)(dserv ? strlen(dports) : 0), dports,
dserv, "(", dport, dserv, ")");
+ } else if (type == 'D') {
+ pfd_addforward(NULL, -1, *saddr ? saddr : NULL,
+ sport, ssh, &ssh->cfg);
+ logeventf(ssh, "Local port %.*s%.*s%.*s%.*s%d%.*s"
+ " doing SOCKS dynamic forwarding",
+ (int)(*saddr?strlen(saddr):0), *saddr?saddr:NULL,
+ (int)(*saddr?1:0), ":",
+ (int)(sserv ? strlen(sports) : 0), sports,
+ sserv, "(", sport, sserv, ")");
} else {
struct ssh_rportfwd *pf;
pf = snew(struct ssh_rportfwd);
bombout(("Unexpected response to port "
"forwarding request: packet type %d",
ssh->pktin.type));
- crReturnV;
+ crStopV;
}
logevent("Server refused this port forwarding");
} else {
if (ssh->pktin.type != SSH2_MSG_CHANNEL_FAILURE) {
bombout(("Unexpected response to agent forwarding request:"
" packet type %d", ssh->pktin.type));
- crReturnV;
+ crStopV;
}
logevent("Agent forwarding refused");
} else {
if (ssh->pktin.type != SSH2_MSG_CHANNEL_FAILURE) {
bombout(("Unexpected response to pty request:"
" packet type %d", ssh->pktin.type));
- crReturnV;
+ crStopV;
}
c_write_str(ssh, "Server refused to allocate pty\r\n");
ssh->editing = ssh->echoing = 1;
if (ssh->pktin.type != SSH2_MSG_CHANNEL_FAILURE) {
bombout(("Unexpected response to shell/command request:"
" packet type %d", ssh->pktin.type));
- crReturnV;
+ crStopV;
}
/*
* We failed to start the command. If this is the
continue;
}
bombout(("Server refused to start a shell/command"));
- crReturnV;
+ crStopV;
} else {
logevent("Started a shell/command");
}
continue; /* extended but not stderr */
ssh2_pkt_getstring(ssh, &data, &length);
if (data) {
- int bufsize;
+ int bufsize = 0;
c->v.v2.locwindow -= length;
switch (c->type) {
case CHAN_MAINSESSION:
if (!c || ((int)c->remoteid) == -1) {
bombout(("Received CHANNEL_CLOSE for %s channel %d\n",
c ? "half-open" : "nonexistent", i));
+ crStopV;
}
/* Do pre-close processing on the channel. */
switch (c->type) {
ssh2_pkt_send(ssh);
#endif
ssh_closing((Plug)ssh, NULL, 0, 0);
- crReturnV;
+ crStopV;
}
continue; /* remote sends close; ignore (FIXME) */
} else if (ssh->pktin.type == SSH2_MSG_CHANNEL_WINDOW_ADJUST) {
ssh2_pkt_send(ssh);
connection_fatal(ssh->frontend, "%s", buf);
ssh_closing((Plug)ssh, NULL, 0, 0);
- crReturnV;
+ crStopV;
}
/*
int typelen;
char *peeraddr;
int peeraddrlen;
- int port;
+ int peerport;
char *error = NULL;
struct ssh_channel *c;
unsigned remid, winsize, pktsize;
remid = ssh2_pkt_getuint32(ssh);
winsize = ssh2_pkt_getuint32(ssh);
pktsize = ssh2_pkt_getuint32(ssh);
- ssh2_pkt_getstring(ssh, &peeraddr, &peeraddrlen);
- port = ssh2_pkt_getuint32(ssh);
if (typelen == 3 && !memcmp(type, "x11", 3)) {
- char *addrstr = snewn(peeraddrlen+1, char);
+ char *addrstr;
+
+ ssh2_pkt_getstring(ssh, &peeraddr, &peeraddrlen);
+ addrstr = snewn(peeraddrlen+1, char);
memcpy(addrstr, peeraddr, peeraddrlen);
peeraddr[peeraddrlen] = '\0';
+ peerport = ssh2_pkt_getuint32(ssh);
if (!ssh->X11_fwd_enabled)
error = "X11 forwarding is not enabled";
else if (x11_init(&c->u.x11.s, ssh->cfg.x11_display, c,
- ssh->x11auth, addrstr, port,
+ ssh->x11auth, addrstr, peerport,
&ssh->cfg) != NULL) {
error = "Unable to open an X11 connection";
} else {
int dummylen;
ssh2_pkt_getstring(ssh, &dummy, &dummylen);/* skip address */
pf.sport = ssh2_pkt_getuint32(ssh);
+ ssh2_pkt_getstring(ssh, &peeraddr, &peeraddrlen);
+ peerport = ssh2_pkt_getuint32(ssh);
realpf = find234(ssh->rportfwds, &pf, NULL);
if (realpf == NULL) {
error = "Remote port is not recognised";
}
} else {
bombout(("Strange packet received: type %d", ssh->pktin.type));
- crReturnV;
+ crStopV;
}
} else {
/*
ssh = snew(struct ssh_tag);
ssh->cfg = *cfg; /* STRUCTURE COPY */
+ ssh->version = 0; /* when not ready yet */
ssh->s = NULL;
ssh->cipher = NULL;
ssh->v1_cipher_ctx = NULL;
}
/*
+ * Return a list of the special codes that make sense in this
+ * protocol.
+ */
+static const struct telnet_special *ssh_get_specials(void *handle)
+{
+ Ssh ssh = (Ssh) handle;
+
+ if (ssh->version == 1) {
+ static const struct telnet_special ssh1_specials[] = {
+ {"IGNORE message", TS_NOP},
+ {NULL, 0}
+ };
+ return ssh1_specials;
+ } else if (ssh->version == 2) {
+ static const struct telnet_special ssh2_specials[] = {
+ {"Break", TS_BRK},
+ {"IGNORE message", TS_NOP},
+ {NULL, 0}
+ };
+ return ssh2_specials;
+ } else
+ return NULL;
+}
+
+/*
* Send Telnet special codes. TS_EOF is useful for `plink', so you
* can send an EOF and collect resulting output (e.g. `plink
* hostname sort').
ssh2_pkt_send(ssh);
}
logevent("Sent EOF message");
- } else if (code == TS_PING) {
+ } else if (code == TS_PING || code == TS_NOP) {
if (ssh->state == SSH_STATE_CLOSED
|| ssh->state == SSH_STATE_PREPACKET) return;
if (ssh->version == 1) {
ssh2_pkt_addstring_start(ssh);
ssh2_pkt_send(ssh);
}
+ } else if (code == TS_BRK) {
+ if (ssh->state == SSH_STATE_CLOSED
+ || ssh->state == SSH_STATE_PREPACKET) return;
+ if (ssh->version == 1) {
+ logevent("Unable to send BREAK signal in SSH1");
+ } else {
+ ssh2_pkt_init(ssh, SSH2_MSG_CHANNEL_REQUEST);
+ ssh2_pkt_adduint32(ssh, ssh->mainchan->remoteid);
+ ssh2_pkt_addstring(ssh, "break");
+ ssh2_pkt_addbool(ssh, 0);
+ ssh2_pkt_adduint32(ssh, 0); /* default break length */
+ ssh2_pkt_send(ssh);
+ }
} else {
/* do nothing */
}
ssh_sendbuffer,
ssh_size,
ssh_special,
+ ssh_get_specials,
ssh_socket,
ssh_return_exitcode,
ssh_sendok,