sfree(buf);
}
-#define bombout(msg) ( ssh->state = SSH_STATE_CLOSED, \
- (ssh->s ? sk_close(ssh->s), ssh->s = NULL : 0), \
- logeventf msg, connection_fatal msg )
+#define bombout(msg) \
+ do { \
+ char *text = dupprintf msg; \
+ ssh->state = SSH_STATE_CLOSED; \
+ if (ssh->s) { sk_close(ssh->s); ssh->s = NULL; } \
+ logevent(text); \
+ connection_fatal(ssh->frontend, "%s", text); \
+ sfree(text); \
+ } while (0)
static int ssh_channelcmp(void *av, void *bv)
{
if (ssh->cipher && detect_attack(ssh->crcda_ctx, ssh->pktin.data,
st->biglen, NULL)) {
- bombout((ssh,"Network attack (CRC compensation) detected!"));
+ bombout(("Network attack (CRC compensation) detected!"));
crReturn(0);
}
st->realcrc = crc32(ssh->pktin.data, st->biglen - 4);
st->gotcrc = GET_32BIT(ssh->pktin.data + st->biglen - 4);
if (st->gotcrc != st->realcrc) {
- bombout((ssh,"Incorrect CRC received on packet"));
+ bombout(("Incorrect CRC received on packet"));
crReturn(0);
}
ssh->pktin.type == SSH1_SMSG_AUTH_CCARD_CHALLENGE) {
long stringlen = GET_32BIT(ssh->pktin.body);
if (stringlen + 4 != ssh->pktin.length) {
- bombout((ssh,"Received data packet with bogus string length"));
+ bombout(("Received data packet with bogus string length"));
crReturn(0);
}
}
memcpy(buf + nowlen, ssh->pktin.body + 4, msglen);
buf[nowlen + msglen] = '\0';
/* logevent(buf); (this is now done within the bombout macro) */
- bombout((ssh,"Server sent disconnect message:\n\"%s\"", buf+nowlen));
+ bombout(("Server sent disconnect message:\n\"%s\"", buf+nowlen));
crReturn(0);
}
* do us any more damage.
*/
if (st->len < 0 || st->pad < 0 || st->len + st->pad < 0) {
- bombout((ssh,"Incoming packet was garbled on decryption"));
+ bombout(("Incoming packet was garbled on decryption"));
crReturn(0);
}
if (ssh->scmac
&& !ssh->scmac->verify(ssh->sc_mac_ctx, ssh->pktin.data, st->len + 4,
st->incoming_sequence)) {
- bombout((ssh,"Incorrect MAC received on packet"));
+ bombout(("Incorrect MAC received on packet"));
crReturn(0);
}
st->incoming_sequence++; /* whether or not we MACed */
buf = dupprintf("Disconnection message text: %n%.*s",
&nowlen, msglen, ssh->pktin.data + 14);
logevent(buf);
- bombout((ssh,"Server sent disconnect message\ntype %d (%s):\n\"%s\"",
+ bombout(("Server sent disconnect message\ntype %d (%s):\n\"%s\"",
reason,
(reason > 0 && reason < lenof(ssh2_disconnect_reasons)) ?
ssh2_disconnect_reasons[reason] : "unknown",
if (!p)
return NULL;
if (p[0] & 0x80) {
- bombout((ssh,"internal error: Can't handle negative mpints"));
+ bombout(("internal error: Can't handle negative mpints"));
return NULL;
}
b = bignum_from_bytes((unsigned char *)p, length);
s->proto2 = ssh_versioncmp(s->version, "1.99") >= 0;
if (ssh->cfg.sshprot == 0 && !s->proto1) {
- bombout((ssh,"SSH protocol version 1 required by user but not provided by server"));
+ bombout(("SSH protocol version 1 required by user but not provided by server"));
crReturn(0);
}
if (ssh->cfg.sshprot == 3 && !s->proto2) {
- bombout((ssh,"SSH protocol version 2 required by user but not provided by server"));
+ bombout(("SSH protocol version 2 required by user but not provided by server"));
crReturn(0);
}
ssh->version = 1;
ssh->s_rdpkt = ssh1_rdpkt;
}
+ update_specials_menu(ssh->frontend);
ssh->state = SSH_STATE_BEFORE_SIZE;
sfree(s->vstring);
crWaitUntil(ispkt);
if (ssh->pktin.type != SSH1_SMSG_PUBLIC_KEY) {
- bombout((ssh,"Public key packet not received"));
+ bombout(("Public key packet not received"));
crReturn(0);
}
}
if (!cipher_chosen) {
if ((s->supported_ciphers_mask & (1 << SSH_CIPHER_3DES)) == 0)
- bombout((ssh,"Server violates SSH 1 protocol by not "
+ bombout(("Server violates SSH 1 protocol by not "
"supporting 3DES encryption"));
else
/* shouldn't happen */
- bombout((ssh,"No supported ciphers found"));
+ bombout(("No supported ciphers found"));
crReturn(0);
}
crWaitUntil(ispkt);
if (ssh->pktin.type != SSH1_SMSG_SUCCESS) {
- bombout((ssh,"Encryption not successfully enabled"));
+ bombout(("Encryption not successfully enabled"));
crReturn(0);
}
* Terminate.
*/
logevent("No username provided. Abandoning session.");
- ssh->state = SSH_STATE_CLOSED;
+ ssh_closing((Plug)ssh, NULL, 0, 0);
crReturn(1);
}
} else {
PKT_END);
logevent("Unable to authenticate");
connection_fatal(ssh->frontend, "Unable to authenticate");
- ssh->state = SSH_STATE_CLOSED;
+ ssh_closing((Plug)ssh, NULL, 0, 0);
crReturn(1);
}
} else {
continue; /* go and try password */
}
if (ssh->pktin.type != SSH1_SMSG_AUTH_RSA_CHALLENGE) {
- bombout((ssh,"Bizarre response to offer of public key"));
+ bombout(("Bizarre response to offer of public key"));
crReturn(0);
}
" our public key.\r\n");
continue; /* go and try password */
} else if (ssh->pktin.type != SSH1_SMSG_SUCCESS) {
- bombout((ssh,"Bizarre response to RSA authentication response"));
+ bombout(("Bizarre response to RSA authentication response"));
crReturn(0);
}
c_write_str(ssh, "Access denied\r\n");
logevent("Authentication refused");
} else if (ssh->pktin.type != SSH1_SMSG_SUCCESS) {
- bombout((ssh,"Strange packet received, type %d", ssh->pktin.type));
+ bombout(("Strange packet received, type %d", ssh->pktin.type));
crReturn(0);
}
}
} while (!ispkt);
if (ssh->pktin.type != SSH1_SMSG_SUCCESS
&& ssh->pktin.type != SSH1_SMSG_FAILURE) {
- bombout((ssh,"Protocol confusion"));
+ bombout(("Protocol confusion"));
crReturnV;
} else if (ssh->pktin.type == SSH1_SMSG_FAILURE) {
logevent("Agent forwarding refused");
} while (!ispkt);
if (ssh->pktin.type != SSH1_SMSG_SUCCESS
&& ssh->pktin.type != SSH1_SMSG_FAILURE) {
- bombout((ssh,"Protocol confusion"));
+ bombout(("Protocol confusion"));
crReturnV;
} else if (ssh->pktin.type == SSH1_SMSG_FAILURE) {
logevent("X11 forwarding refused");
} while (!ispkt);
if (ssh->pktin.type != SSH1_SMSG_SUCCESS
&& ssh->pktin.type != SSH1_SMSG_FAILURE) {
- bombout((ssh,"Protocol confusion"));
+ bombout(("Protocol confusion"));
crReturnV;
} else if (ssh->pktin.type == SSH1_SMSG_FAILURE) {
c_write_str(ssh, "Server refused port"
} while (!ispkt);
if (ssh->pktin.type != SSH1_SMSG_SUCCESS
&& ssh->pktin.type != SSH1_SMSG_FAILURE) {
- bombout((ssh,"Protocol confusion"));
+ bombout(("Protocol confusion"));
crReturnV;
} else if (ssh->pktin.type == SSH1_SMSG_FAILURE) {
c_write_str(ssh, "Server refused to allocate pty\r\n");
} while (!ispkt);
if (ssh->pktin.type != SSH1_SMSG_SUCCESS
&& ssh->pktin.type != SSH1_SMSG_FAILURE) {
- bombout((ssh,"Protocol confusion"));
+ bombout(("Protocol confusion"));
crReturnV;
} else if (ssh->pktin.type == SSH1_SMSG_FAILURE) {
c_write_str(ssh, "Server refused to compress\r\n");
ssh1_throttle(ssh, +1);
}
} else if (ssh->pktin.type == SSH1_MSG_DISCONNECT) {
- ssh->state = SSH_STATE_CLOSED;
+ ssh_closing((Plug)ssh, NULL, 0, 0);
logevent("Received disconnect request");
crReturnV;
} else if (ssh->pktin.type == SSH1_SMSG_X11_OPEN) {
sfree(c);
}
} else {
- bombout((ssh,"Received CHANNEL_CLOSE%s for %s channel %d\n",
+ bombout(("Received CHANNEL_CLOSE%s for %s channel %d\n",
ssh->pktin.type == SSH1_MSG_CHANNEL_CLOSE ? "" :
"_CONFIRMATION", c ? "half-open" : "nonexistent",
i));
* encrypted packet, we close the session once
* we've sent EXIT_CONFIRMATION.
*/
- ssh->state = SSH_STATE_CLOSED;
+ ssh_closing((Plug)ssh, NULL, 0, 0);
crReturnV;
} else {
- bombout((ssh,"Strange packet received: type %d", ssh->pktin.type));
+ bombout(("Strange packet received: type %d", ssh->pktin.type));
crReturnV;
}
} else {
int i, j, len;
if (ssh->pktin.type != SSH2_MSG_KEXINIT) {
- bombout((ssh,"expected key exchange packet from server"));
+ bombout(("expected key exchange packet from server"));
crReturn(0);
}
ssh->kex = NULL;
}
}
if (!s->cscipher_tobe) {
- bombout((ssh,"Couldn't agree a client-to-server cipher (available: %s)",
+ bombout(("Couldn't agree a client-to-server cipher (available: %s)",
str ? str : "(null)"));
crReturn(0);
}
}
}
if (!s->sccipher_tobe) {
- bombout((ssh,"Couldn't agree a server-to-client cipher (available: %s)",
+ bombout(("Couldn't agree a server-to-client cipher (available: %s)",
str ? str : "(null)"));
crReturn(0);
}
crWaitUntil(ispkt);
if (ssh->pktin.type != SSH2_MSG_KEX_DH_GEX_GROUP) {
- bombout((ssh,"expected key exchange group packet from server"));
+ bombout(("expected key exchange group packet from server"));
crReturn(0);
}
s->p = ssh2_pkt_getmp(ssh);
crWaitUntil(ispkt);
if (ssh->pktin.type != s->kex_reply_value) {
- bombout((ssh,"expected key exchange reply packet from server"));
+ bombout(("expected key exchange reply packet from server"));
crReturn(0);
}
ssh2_pkt_getstring(ssh, &s->hostkeydata, &s->hostkeylen);
if (!s->hkey ||
!ssh->hostkey->verifysig(s->hkey, s->sigdata, s->siglen,
(char *)s->exchange_hash, 20)) {
- bombout((ssh,"Server's host key did not match the signature supplied"));
+ bombout(("Server's host key did not match the signature supplied"));
crReturn(0);
}
*/
crWaitUntil(ispkt);
if (ssh->pktin.type != SSH2_MSG_NEWKEYS) {
- bombout((ssh,"expected new-keys packet from server"));
+ bombout(("expected new-keys packet from server"));
crReturn(0);
}
ssh2_pkt_send(ssh);
crWaitUntilV(ispkt);
if (ssh->pktin.type != SSH2_MSG_SERVICE_ACCEPT) {
- bombout((ssh,"Server refused user authentication protocol"));
+ bombout(("Server refused user authentication protocol"));
crReturnV;
}
* Terminate.
*/
logevent("No username provided. Abandoning session.");
- ssh->state = SSH_STATE_CLOSED;
+ ssh_closing((Plug)ssh, NULL, 0, 0);
crReturnV;
}
} else {
if (!s->gotit)
s->curr_prompt = 0;
} else if (ssh->pktin.type != SSH2_MSG_USERAUTH_FAILURE) {
- bombout((ssh,"Strange packet received during authentication: type %d",
+ bombout(("Strange packet received during authentication: type %d",
ssh->pktin.type));
crReturnV;
}
logevent("Unable to authenticate");
connection_fatal(ssh->frontend,
"Unable to authenticate");
- ssh->state = SSH_STATE_CLOSED;
+ ssh_closing((Plug)ssh, NULL, 0, 0);
crReturnV;
}
} else {
sigdata_len = ssh->pktout.length - 5 + 4 + 20;
if (ssh->remote_bugs & BUG_SSH2_PK_SESSIONID)
sigdata_len -= 4;
- sigdata = snewn(sigdata_len, char);
+ sigdata = snewn(sigdata_len, unsigned char);
p = 0;
if (!(ssh->remote_bugs & BUG_SSH2_PK_SESSIONID)) {
PUT_32BIT(sigdata+p, 20);
" methods available");
ssh2_pkt_addstring(ssh, "en"); /* language tag */
ssh2_pkt_send(ssh);
- ssh->state = SSH_STATE_CLOSED;
+ ssh_closing((Plug)ssh, NULL, 0, 0);
crReturnV;
}
}
ssh2_pkt_send(ssh);
crWaitUntilV(ispkt);
if (ssh->pktin.type != SSH2_MSG_CHANNEL_OPEN_CONFIRMATION) {
- bombout((ssh,"Server refused to open a session"));
+ bombout(("Server refused to open a session"));
crReturnV;
/* FIXME: error data comes back in FAILURE packet */
}
if (ssh2_pkt_getuint32(ssh) != ssh->mainchan->localid) {
- bombout((ssh,"Server's channel confirmation cited wrong channel"));
+ bombout(("Server's channel confirmation cited wrong channel"));
crReturnV;
}
ssh->mainchan->remoteid = ssh2_pkt_getuint32(ssh);
if (ssh->pktin.type != SSH2_MSG_CHANNEL_SUCCESS) {
if (ssh->pktin.type != SSH2_MSG_CHANNEL_FAILURE) {
- bombout((ssh,"Unexpected response to X11 forwarding request:"
+ bombout(("Unexpected response to X11 forwarding request:"
" packet type %d", ssh->pktin.type));
crReturnV;
}
if (ssh->pktin.type != SSH2_MSG_REQUEST_SUCCESS) {
if (ssh->pktin.type != SSH2_MSG_REQUEST_FAILURE) {
- bombout((ssh,"Unexpected response to port "
+ bombout(("Unexpected response to port "
"forwarding request: packet type %d",
ssh->pktin.type));
crReturnV;
if (ssh->pktin.type != SSH2_MSG_CHANNEL_SUCCESS) {
if (ssh->pktin.type != SSH2_MSG_CHANNEL_FAILURE) {
- bombout((ssh,"Unexpected response to agent forwarding request:"
+ bombout(("Unexpected response to agent forwarding request:"
" packet type %d", ssh->pktin.type));
crReturnV;
}
if (ssh->pktin.type != SSH2_MSG_CHANNEL_SUCCESS) {
if (ssh->pktin.type != SSH2_MSG_CHANNEL_FAILURE) {
- bombout((ssh,"Unexpected response to pty request:"
+ bombout(("Unexpected response to pty request:"
" packet type %d", ssh->pktin.type));
crReturnV;
}
} while (ssh->pktin.type == SSH2_MSG_CHANNEL_WINDOW_ADJUST);
if (ssh->pktin.type != SSH2_MSG_CHANNEL_SUCCESS) {
if (ssh->pktin.type != SSH2_MSG_CHANNEL_FAILURE) {
- bombout((ssh,"Unexpected response to shell/command request:"
+ bombout(("Unexpected response to shell/command request:"
" packet type %d", ssh->pktin.type));
crReturnV;
}
ssh->fallback_cmd = TRUE;
continue;
}
- bombout((ssh,"Server refused to start a shell/command"));
+ bombout(("Server refused to start a shell/command"));
crReturnV;
} else {
logevent("Started a shell/command");
c = find234(ssh->channels, &i, ssh_channelfind);
if (!c || ((int)c->remoteid) == -1) {
- bombout((ssh,"Received CHANNEL_CLOSE for %s channel %d\n",
+ bombout(("Received CHANNEL_CLOSE for %s channel %d\n",
c ? "half-open" : "nonexistent", i));
}
/* Do pre-close processing on the channel. */
* See if that was the last channel left open.
*/
if (count234(ssh->channels) == 0) {
+ logevent("All channels closed. Disconnecting");
#if 0
/*
* We used to send SSH_MSG_DISCONNECT here,
* this is more polite than sending a
* DISCONNECT. So now we don't.
*/
- logevent("All channels closed. Disconnecting");
ssh2_pkt_init(ssh, SSH2_MSG_DISCONNECT);
ssh2_pkt_adduint32(ssh, SSH2_DISCONNECT_BY_APPLICATION);
ssh2_pkt_addstring(ssh, "All open channels closed");
ssh2_pkt_addstring(ssh, "en"); /* language tag */
ssh2_pkt_send(ssh);
#endif
- ssh->state = SSH_STATE_CLOSED;
+ ssh_closing((Plug)ssh, NULL, 0, 0);
crReturnV;
}
continue; /* remote sends close; ignore (FIXME) */
ssh2_pkt_addstring(ssh, buf);
ssh2_pkt_addstring(ssh, "en"); /* language tag */
ssh2_pkt_send(ssh);
- connection_fatal("%s", buf);
- ssh->state = SSH_STATE_CLOSED;
+ connection_fatal(ssh->frontend, "%s", buf);
+ ssh_closing((Plug)ssh, NULL, 0, 0);
crReturnV;
}
ssh2_pkt_send(ssh);
}
} else {
- bombout((ssh,"Strange packet received: type %d", ssh->pktin.type));
+ bombout(("Strange packet received: type %d", ssh->pktin.type));
crReturnV;
}
} else {
ssh = snew(struct ssh_tag);
ssh->cfg = *cfg; /* STRUCTURE COPY */
+ ssh->version = 0; /* when not ready yet */
ssh->s = NULL;
ssh->cipher = NULL;
ssh->v1_cipher_ctx = NULL;
}
/*
+ * Return a list of the special codes that make sense in this
+ * protocol.
+ */
+static const struct telnet_special *ssh_get_specials(void *handle)
+{
+ Ssh ssh = (Ssh) handle;
+
+ if (ssh->version == 1) {
+ static const struct telnet_special ssh1_specials[] = {
+ {"IGNORE message", TS_NOP},
+ {NULL, 0}
+ };
+ return ssh1_specials;
+ } else if (ssh->version == 2) {
+ static const struct telnet_special ssh2_specials[] = {
+ {"Break", TS_BRK},
+ {"IGNORE message", TS_NOP},
+ {NULL, 0}
+ };
+ return ssh2_specials;
+ } else
+ return NULL;
+}
+
+/*
* Send Telnet special codes. TS_EOF is useful for `plink', so you
* can send an EOF and collect resulting output (e.g. `plink
* hostname sort').
ssh2_pkt_send(ssh);
}
logevent("Sent EOF message");
- } else if (code == TS_PING) {
+ } else if (code == TS_PING || code == TS_NOP) {
if (ssh->state == SSH_STATE_CLOSED
|| ssh->state == SSH_STATE_PREPACKET) return;
if (ssh->version == 1) {
ssh2_pkt_addstring_start(ssh);
ssh2_pkt_send(ssh);
}
+ } else if (code == TS_BRK) {
+ if (ssh->state == SSH_STATE_CLOSED
+ || ssh->state == SSH_STATE_PREPACKET) return;
+ if (ssh->version == 1) {
+ logevent("Unable to send BREAK signal in SSH1");
+ } else {
+ ssh2_pkt_init(ssh, SSH2_MSG_CHANNEL_REQUEST);
+ ssh2_pkt_adduint32(ssh, ssh->mainchan->remoteid);
+ ssh2_pkt_addstring(ssh, "break");
+ ssh2_pkt_addbool(ssh, 0);
+ ssh2_pkt_adduint32(ssh, 0); /* default break length */
+ ssh2_pkt_send(ssh);
+ }
} else {
/* do nothing */
}
static int ssh_return_exitcode(void *handle)
{
Ssh ssh = (Ssh) handle;
- return ssh->exitcode;
+ if (ssh->s != NULL)
+ return -1;
+ else
+ return (ssh->exitcode >= 0 ? ssh->exitcode : 0);
}
/*
ssh_sendbuffer,
ssh_size,
ssh_special,
+ ssh_get_specials,
ssh_socket,
ssh_return_exitcode,
ssh_sendok,
projects / u / mdw / putty / blobdiff