Control of 'addr' is now handed over to {platform_,}new_connection() and

[u/mdw/putty] / ssh.c

diff --git a/ssh.c b/ssh.c
index 81ca0c8..23602f6 100644 (file)
--- a/ssh.c
+++ b/ssh.c
@@ -662,7 +662,7 @@ struct ssh_tag {
 #define logevent(s) logevent(ssh->frontend, s)
 
 /* logevent, only printf-formatted. */
-static void logeventf(Ssh ssh, char *fmt, ...)
+static void logeventf(Ssh ssh, const char *fmt, ...)
 {
     va_list ap;
     char *buf;
@@ -856,7 +856,7 @@ static int ssh1_rdpkt(Ssh ssh, unsigned char **data, int *datalen)
     if (ssh->cipher)
        ssh->cipher->decrypt(ssh->v1_cipher_ctx, ssh->pktin.data, st->biglen);
 
-    st->realcrc = crc32(ssh->pktin.data, st->biglen - 4);
+    st->realcrc = crc32_compute(ssh->pktin.data, st->biglen - 4);
     st->gotcrc = GET_32BIT(ssh->pktin.data + st->biglen - 4);
     if (st->gotcrc != st->realcrc) {
        bombout(("Incorrect CRC received on packet"));
@@ -868,9 +868,12 @@ static int ssh1_rdpkt(Ssh ssh, unsigned char **data, int *datalen)
     if (ssh->v1_compressing) {
        unsigned char *decompblk;
        int decomplen;
-       zlib_decompress_block(ssh->sc_comp_ctx,
-                             ssh->pktin.body - 1, ssh->pktin.length + 1,
-                             &decompblk, &decomplen);
+       if (!zlib_decompress_block(ssh->sc_comp_ctx,
+                                  ssh->pktin.body - 1, ssh->pktin.length + 1,
+                                  &decompblk, &decomplen)) {
+           bombout(("Zlib decompression encountered invalid data"));
+           crStop(0);
+       }
 
        if (ssh->pktin.maxlen < st->pad + decomplen) {
            ssh->pktin.maxlen = st->pad + decomplen;
@@ -1244,7 +1247,7 @@ static int s_wrpkt_prepare(Ssh ssh)
 
     for (i = 0; i < pad; i++)
        ssh->pktout.data[i + 4] = random_byte();
-    crc = crc32(ssh->pktout.data + 4, biglen - 4);
+    crc = crc32_compute(ssh->pktout.data + 4, biglen - 4);
     PUT_32BIT(ssh->pktout.data + biglen, crc);
     PUT_32BIT(ssh->pktout.data, len);
 
@@ -1777,7 +1780,8 @@ static void ssh_detect_bugs(Ssh ssh, char *vstring)
        (ssh->cfg.sshbug_ignore1 == AUTO &&
         (!strcmp(imp, "1.2.18") || !strcmp(imp, "1.2.19") ||
          !strcmp(imp, "1.2.20") || !strcmp(imp, "1.2.21") ||
-         !strcmp(imp, "1.2.22") || !strcmp(imp, "Cisco-1.25")))) {
+         !strcmp(imp, "1.2.22") || !strcmp(imp, "Cisco-1.25") ||
+         !strcmp(imp, "OSU_1.4alpha3")))) {
        /*
         * These versions don't support SSH1_MSG_IGNORE, so we have
         * to use a different defence against password length
@@ -1789,7 +1793,7 @@ static void ssh_detect_bugs(Ssh ssh, char *vstring)
 
     if (ssh->cfg.sshbug_plainpw1 == FORCE_ON ||
        (ssh->cfg.sshbug_plainpw1 == AUTO &&
-        (!strcmp(imp, "Cisco-1.25")))) {
+        (!strcmp(imp, "Cisco-1.25") || !strcmp(imp, "OSU_1.4alpha3")))) {
        /*
         * These versions need a plain password sent; they can't
         * handle having a null and a random length of data after
@@ -1813,6 +1817,7 @@ static void ssh_detect_bugs(Ssh ssh, char *vstring)
 
     if (ssh->cfg.sshbug_hmac2 == FORCE_ON ||
        (ssh->cfg.sshbug_hmac2 == AUTO &&
+        !wc_match("* VShell", imp) &&
         (wc_match("2.1.0*", imp) || wc_match("2.0.*", imp) ||
          wc_match("2.2.0*", imp) || wc_match("2.3.0*", imp) ||
          wc_match("2.1 *", imp)))) {
@@ -1825,6 +1830,7 @@ static void ssh_detect_bugs(Ssh ssh, char *vstring)
 
     if (ssh->cfg.sshbug_derivekey2 == FORCE_ON ||
        (ssh->cfg.sshbug_derivekey2 == AUTO &&
+        !wc_match("* VShell", imp) &&
         (wc_match("2.0.0*", imp) || wc_match("2.0.10*", imp) ))) {
        /*
         * These versions have the key-derivation bug (failing to
@@ -2077,7 +2083,7 @@ static void ssh_do_close(Ssh ssh)
     }
 }
 
-static int ssh_closing(Plug plug, char *error_msg, int error_code,
+static int ssh_closing(Plug plug, const char *error_msg, int error_code,
                       int calling_back)
 {
     Ssh ssh = (Ssh) plug;
@@ -2085,7 +2091,7 @@ static int ssh_closing(Plug plug, char *error_msg, int error_code,
     if (error_msg) {
        /* A socket error has occurred. */
        logevent(error_msg);
-       connection_fatal(ssh->frontend, error_msg);
+       connection_fatal(ssh->frontend, "%s", error_msg);
     } else {
        /* Otherwise, the remote side closed the connection normally. */
     }
@@ -2120,8 +2126,8 @@ static void ssh_sent(Plug plug, int bufsize)
  * Also places the canonical host name into `realhost'. It must be
  * freed by the caller.
  */
-static char *connect_to_host(Ssh ssh, char *host, int port,
-                            char **realhost, int nodelay)
+static const char *connect_to_host(Ssh ssh, char *host, int port,
+                                  char **realhost, int nodelay)
 {
     static const struct plug_function_table fn_table = {
        ssh_closing,
@@ -2131,7 +2137,7 @@ static char *connect_to_host(Ssh ssh, char *host, int port,
     };
 
     SockAddr addr;
-    char *err;
+    const char *err;
 
     ssh->savedhost = snewn(1 + strlen(host), char);
     if (!ssh->savedhost)
@@ -2147,8 +2153,10 @@ static char *connect_to_host(Ssh ssh, char *host, int port,
      */
     logeventf(ssh, "Looking up host \"%s\"", host);
     addr = name_lookup(host, port, realhost, &ssh->cfg);
-    if ((err = sk_addr_error(addr)) != NULL)
+    if ((err = sk_addr_error(addr)) != NULL) {
+       sk_addr_free(addr);
        return err;
+    }
 
     /*
      * Open socket.
@@ -2291,7 +2299,7 @@ static int process_userpass_input(Ssh ssh, unsigned char *in, int inlen)
     return 0;
 }
 
-void ssh_agent_callback(void *sshv, void *reply, int replylen)
+static void ssh_agent_callback(void *sshv, void *reply, int replylen)
 {
     Ssh ssh = (Ssh) sshv;
 
@@ -2304,7 +2312,7 @@ void ssh_agent_callback(void *sshv, void *reply, int replylen)
        do_ssh2_authconn(ssh, NULL, -1, 0);
 }
 
-void ssh_agentf_callback(void *cv, void *reply, int replylen)
+static void ssh_agentf_callback(void *cv, void *reply, int replylen)
 {
     struct ssh_channel *c = (struct ssh_channel *)cv;
     Ssh ssh = c->ssh;
@@ -3528,7 +3536,8 @@ static void ssh1_protocol(Ssh ssh, unsigned char *in, int inlen, int ispkt)
                struct ssh_rportfwd pf;
                int hostsize, port;
                char host[256], buf[1024];
-               char *p, *h, *e;
+               char *p, *h;
+               const char *e;
                c = snew(struct ssh_channel);
                c->ssh = ssh;
 
@@ -6000,8 +6009,10 @@ static void do_ssh2_authconn(Ssh ssh, unsigned char *in, int inlen, int ispkt)
                    if (realpf == NULL) {
                        error = "Remote port is not recognised";
                    } else {
-                       char *e = pfd_newconnect(&c->u.pfd.s, realpf->dhost,
-                                                realpf->dport, c, &ssh->cfg);
+                       const char *e = pfd_newconnect(&c->u.pfd.s,
+                                                      realpf->dhost,
+                                                      realpf->dport, c,
+                                                      &ssh->cfg);
                        logeventf(ssh, "Received remote port open request"
                                  " for %s:%d", realpf->dhost, realpf->dport);
                        if (e != NULL) {
@@ -6110,11 +6121,11 @@ static void ssh2_protocol(Ssh ssh, unsigned char *in, int inlen, int ispkt)
  *
  * Returns an error message, or NULL on success.
  */
-static char *ssh_init(void *frontend_handle, void **backend_handle,
-                     Config *cfg,
-                     char *host, int port, char **realhost, int nodelay)
+static const char *ssh_init(void *frontend_handle, void **backend_handle,
+                           Config *cfg,
+                           char *host, int port, char **realhost, int nodelay)
 {
-    char *p;
+    const char *p;
     Ssh ssh;
 
     ssh = snew(struct ssh_tag);