#define BUG_SSH2_RSA_PADDING 16
#define BUG_SSH2_DERIVEKEY 32
#define BUG_SSH2_DH_GEX 64
+#define BUG_SSH2_PK_SESSIONID 128
#define translate(x) if (type == x) return #x
#define translatec(x,ctx) if (type == x && (pkt_ctx & ctx)) return #x
enum { PKT_END, PKT_INT, PKT_CHAR, PKT_DATA, PKT_STR, PKT_BIGNUM };
-/* Coroutine mechanics for the sillier bits of the code */
+/*
+ * Coroutine mechanics for the sillier bits of the code. If these
+ * macros look impenetrable to you, you might find it helpful to
+ * read
+ *
+ * http://www.chiark.greenend.org.uk/~sgtatham/coroutines.html
+ *
+ * which explains the theory behind these macros.
+ *
+ * In particular, if you are getting `case expression not constant'
+ * errors when building with MS Visual Studio, this is because MS's
+ * Edit and Continue debugging feature causes their compiler to
+ * violate ANSI C. To disable Edit and Continue debugging:
+ *
+ * - right-click ssh.c in the FileView
+ * - click Settings
+ * - select the C/C++ tab and the General category
+ * - under `Debug info:', select anything _other_ than `Program
+ * Database for Edit and Continue'.
+ */
#define crBegin(v) { int *crLine = &v; switch(v) { case 0:;
#define crState(t) \
struct t *s; \
- if (!ssh->t) ssh->t = smalloc(sizeof(struct t)); \
+ if (!ssh->t) ssh->t = snew(struct t); \
s = ssh->t;
#define crFinish(z) } *crLine = 0; return (z); }
#define crFinishV } *crLine = 0; return; }
return low + 1 + CHANNEL_NUMBER_OFFSET;
}
-static void c_write(Ssh ssh, char *buf, int len)
+static void c_write(Ssh ssh, const char *buf, int len)
{
if ((flags & FLAG_STDERR)) {
int i;
from_backend(ssh->frontend, 1, buf, len);
}
-static void c_write_untrusted(Ssh ssh, char *buf, int len)
+static void c_write_untrusted(Ssh ssh, const char *buf, int len)
{
int i;
for (i = 0; i < len; i++) {
}
}
-static void c_write_str(Ssh ssh, char *buf)
+static void c_write_str(Ssh ssh, const char *buf)
{
c_write(ssh, buf, strlen(buf));
}
if (ssh->pktin.maxlen < st->biglen) {
ssh->pktin.maxlen = st->biglen;
- ssh->pktin.data = srealloc(ssh->pktin.data, st->biglen + APIEXTRA);
+ ssh->pktin.data = sresize(ssh->pktin.data, st->biglen + APIEXTRA,
+ unsigned char);
}
st->to_read = st->biglen;
if (ssh->pktin.maxlen < st->pad + decomplen) {
ssh->pktin.maxlen = st->pad + decomplen;
- ssh->pktin.data = srealloc(ssh->pktin.data,
- ssh->pktin.maxlen + APIEXTRA);
+ ssh->pktin.data = sresize(ssh->pktin.data,
+ ssh->pktin.maxlen + APIEXTRA,
+ unsigned char);
ssh->pktin.body = ssh->pktin.data + st->pad + 1;
}
if (ssh->pktin.maxlen < st->cipherblk) {
ssh->pktin.maxlen = st->cipherblk;
- ssh->pktin.data = srealloc(ssh->pktin.data, st->cipherblk + APIEXTRA);
+ ssh->pktin.data = sresize(ssh->pktin.data, st->cipherblk + APIEXTRA,
+ unsigned char);
}
/*
*/
if (ssh->pktin.maxlen < st->packetlen + st->maclen) {
ssh->pktin.maxlen = st->packetlen + st->maclen;
- ssh->pktin.data = srealloc(ssh->pktin.data,
- ssh->pktin.maxlen + APIEXTRA);
+ ssh->pktin.data = sresize(ssh->pktin.data,
+ ssh->pktin.maxlen + APIEXTRA,
+ unsigned char);
}
/*
&newpayload, &newlen)) {
if (ssh->pktin.maxlen < newlen + 5) {
ssh->pktin.maxlen = newlen + 5;
- ssh->pktin.data = srealloc(ssh->pktin.data,
- ssh->pktin.maxlen + APIEXTRA);
+ ssh->pktin.data = sresize(ssh->pktin.data,
+ ssh->pktin.maxlen + APIEXTRA,
+ unsigned char);
}
ssh->pktin.length = 5 + newlen;
memcpy(ssh->pktin.data + 5, newpayload, newlen);
#ifdef MSCRYPTOAPI
/* Allocate enough buffer space for extra block
* for MS CryptEncrypt() */
- ssh->pktout.data = srealloc(ssh->pktout.data, biglen + 12);
+ ssh->pktout.data = sresize(ssh->pktout.data, biglen + 12,
+ unsigned char);
#else
- ssh->pktout.data = srealloc(ssh->pktout.data, biglen + 4);
+ ssh->pktout.data = sresize(ssh->pktout.data, biglen + 4,
+ unsigned char);
#endif
}
ssh->pktout.body = ssh->pktout.data + 4 + pad + 1;
static int s_wrpkt_prepare(Ssh ssh)
{
- int pad, len, biglen, i;
+ int pad, biglen, i;
unsigned long crc;
+#ifdef __SC__
+ /*
+ * XXX various versions of SC (including 8.8.4) screw up the
+ * register allocation in this function and use the same register
+ * (D6) for len and as a temporary, with predictable results. The
+ * following sledgehammer prevents this.
+ */
+ volatile
+#endif
+ int len;
ssh->pktout.body[-1] = ssh->pktout.type;
len = s_wrpkt_prepare(ssh);
if (ssh->deferred_len + len > ssh->deferred_size) {
ssh->deferred_size = ssh->deferred_len + len + 128;
- ssh->deferred_send_data = srealloc(ssh->deferred_send_data,
- ssh->deferred_size);
+ ssh->deferred_send_data = sresize(ssh->deferred_send_data,
+ ssh->deferred_size,
+ unsigned char);
}
memcpy(ssh->deferred_send_data + ssh->deferred_len, ssh->pktout.data, len);
ssh->deferred_len += len;
{
if (ssh->pktout.maxlen < length) {
ssh->pktout.maxlen = length + 256;
- ssh->pktout.data = srealloc(ssh->pktout.data,
- ssh->pktout.maxlen + APIEXTRA);
+ ssh->pktout.data = sresize(ssh->pktout.data,
+ ssh->pktout.maxlen + APIEXTRA,
+ unsigned char);
if (!ssh->pktout.data)
fatalbox("Out of memory");
}
{
unsigned char *p;
int i, n = (bignum_bitcount(b) + 7) / 8;
- p = smalloc(n + 1);
+ p = snewn(n + 1, unsigned char);
if (!p)
fatalbox("out of memory");
p[0] = 0;
int len = ssh2_pkt_construct(ssh);
if (ssh->deferred_len + len > ssh->deferred_size) {
ssh->deferred_size = ssh->deferred_len + len + 128;
- ssh->deferred_send_data = srealloc(ssh->deferred_send_data,
- ssh->deferred_size);
+ ssh->deferred_send_data = sresize(ssh->deferred_send_data,
+ ssh->deferred_size,
+ unsigned char);
}
memcpy(ssh->deferred_send_data + ssh->deferred_len, ssh->pktout.data, len);
ssh->deferred_len += len;
if (ssh->cfg.sshbug_derivekey2 == FORCE_ON ||
(ssh->cfg.sshbug_derivekey2 == AUTO &&
- (wc_match("2.0.0*", imp) || wc_match("2.0.1[01]*", imp) ))) {
+ (wc_match("2.0.0*", imp) || wc_match("2.0.10*", imp) ))) {
/*
* These versions have the key-derivation bug (failing to
* include the literal shared secret in the hashes that
logevent("We believe remote version has SSH2 RSA padding bug");
}
+ if (ssh->cfg.sshbug_pksessid2 == FORCE_ON ||
+ (ssh->cfg.sshbug_pksessid2 == AUTO &&
+ wc_match("OpenSSH_2.[0-2]*", imp))) {
+ /*
+ * These versions have the SSH2 session-ID bug in
+ * public-key authentication.
+ */
+ ssh->remote_bugs |= BUG_SSH2_PK_SESSIONID;
+ logevent("We believe remote version has SSH2 public-key-session-ID bug");
+ }
+
if (ssh->cfg.sshbug_dhgex2 == FORCE_ON) {
/*
* User specified the SSH2 DH GEX bug.
}
s->vstrsize = 16;
- s->vstring = smalloc(s->vstrsize);
+ s->vstring = snewn(s->vstrsize, char);
strcpy(s->vstring, "SSH-");
s->vslen = 4;
s->i = 0;
crReturn(1); /* get another char */
if (s->vslen >= s->vstrsize - 1) {
s->vstrsize += 16;
- s->vstring = srealloc(s->vstring, s->vstrsize);
+ s->vstring = sresize(s->vstring, s->vstrsize, char);
}
s->vstring[s->vslen++] = c;
if (s->i >= 0) {
s->vstring[strcspn(s->vstring, "\r\n")] = '\0';/* remove EOL chars */
{
char *vlog;
- vlog = smalloc(20 + s->vslen);
+ vlog = snewn(20 + s->vslen, char);
sprintf(vlog, "Server version: %s", s->vstring);
logevent(vlog);
sfree(vlog);
SockAddr addr;
char *err;
- ssh->savedhost = smalloc(1 + strlen(host));
+ ssh->savedhost = snewn(1 + strlen(host), char);
if (!ssh->savedhost)
fatalbox("Out of memory");
strcpy(ssh->savedhost, host);
return -1;
break;
default:
- if (((c >= ' ' && c <= '~') ||
+ /*
+ * This simplistic check for printability is disabled
+ * when we're doing password input, because some people
+ * have control characters in their passwords.o
+ */
+ if ((!ssh->userpass_input_echo ||
+ (c >= ' ' && c <= '~') ||
((unsigned char) c >= 160))
&& ssh->userpass_input_bufpos < ssh->userpass_input_buflen-1) {
ssh->userpass_input_buffer[ssh->userpass_input_bufpos++] = c;
s->len = (hostkey.bytes > servkey.bytes ? hostkey.bytes : servkey.bytes);
- s->rsabuf = smalloc(s->len);
+ s->rsabuf = snewn(s->len, unsigned char);
if (!s->rsabuf)
fatalbox("Out of memory");
*/
int len = rsastr_len(&hostkey);
char fingerprint[100];
- char *keystr = smalloc(len);
+ char *keystr = snewn(len, char);
if (!keystr)
fatalbox("Out of memory");
rsastr_fmt(keystr, &hostkey);
len += ssh1_bignum_length(s->challenge);
len += 16; /* session id */
len += 4; /* response format */
- agentreq = smalloc(4 + len);
+ agentreq = snewn(4 + len, char);
PUT_32BIT(agentreq, len);
q = agentreq + 4;
*q++ = SSH1_AGENTC_RSA_CHALLENGE;
char msgbuf[256];
if (flags & FLAG_VERBOSE)
c_write_str(ssh, "Trying public key authentication.\r\n");
- logeventf(ssh, "Trying public key \"%s\"", ssh->cfg.keyfile);
+ logeventf(ssh, "Trying public key \"%s\"",
+ filename_to_str(&ssh->cfg.keyfile));
type = key_type(&ssh->cfg.keyfile);
if (type != SSH_KEYTYPE_SSH1) {
sprintf(msgbuf, "Key is of wrong type (%s)",
int ret = loadrsakey(&ssh->cfg.keyfile, &s->key, s->password);
if (ret == 0) {
c_write_str(ssh, "Couldn't load private key from ");
- c_write_str(ssh, filename_to_str(ssh->cfg.keyfile));
+ c_write_str(ssh, filename_to_str(&ssh->cfg.keyfile));
c_write_str(ssh, ".\r\n");
continue; /* go and try password */
}
assert(pwlen >= bottom && pwlen <= top);
- randomstr = smalloc(top + 1);
+ randomstr = snewn(top + 1, char);
for (i = bottom; i <= top; i++) {
if (i == pwlen)
dserv, "(", dport, dserv, ")");
} else {
struct ssh_rportfwd *pf;
- pf = smalloc(sizeof(*pf));
+ pf = snew(struct ssh_rportfwd);
strcpy(pf->dhost, host);
pf->dport = dport;
if (saddr) {
PKT_INT, GET_32BIT(ssh->pktin.body), PKT_END);
logevent("Rejected X11 connect request");
} else {
- c = smalloc(sizeof(struct ssh_channel));
+ c = snew(struct ssh_channel);
c->ssh = ssh;
if (x11_init(&c->u.x11.s, ssh->cfg.x11_display, c,
send_packet(ssh, SSH1_MSG_CHANNEL_OPEN_FAILURE,
PKT_INT, GET_32BIT(ssh->pktin.body), PKT_END);
} else {
- c = smalloc(sizeof(struct ssh_channel));
+ c = snew(struct ssh_channel);
c->ssh = ssh;
c->remoteid = GET_32BIT(ssh->pktin.body);
c->localid = alloc_channel_id(ssh);
int hostsize, port;
char host[256], buf[1024];
char *p, *h, *e;
- c = smalloc(sizeof(struct ssh_channel));
+ c = snew(struct ssh_channel);
c->ssh = ssh;
hostsize = GET_32BIT(ssh->pktin.body+4);
if (c->u.a.lensofar == 4) {
c->u.a.totallen =
4 + GET_32BIT(c->u.a.msglen);
- c->u.a.message = smalloc(c->u.a.totallen);
+ c->u.a.message = snewn(c->u.a.totallen,
+ unsigned char);
memcpy(c->u.a.message, c->u.a.msglen, 4);
}
if (c->u.a.lensofar >= 4 && len > 0) {
/* Load the pub half of ssh->cfg.keyfile so we notice if it's in Pageant */
if (!filename_is_null(ssh->cfg.keyfile)) {
int keytype;
- logeventf(ssh, "Reading private key file \"%.150s\"", ssh->cfg.keyfile);
+ logeventf(ssh, "Reading private key file \"%.150s\"",
+ filename_to_str(&ssh->cfg.keyfile));
keytype = key_type(&ssh->cfg.keyfile);
if (keytype == SSH_KEYTYPE_SSH2) {
s->publickey_blob =
logeventf(ssh, "Unable to use this key file (%s)",
key_type_to_str(keytype));
msgbuf = dupprintf("Unable to use key file \"%.150s\""
- " (%s)\r\n", ssh->cfg.keyfile,
+ " (%s)\r\n",
+ filename_to_str(&ssh->cfg.keyfile),
key_type_to_str(keytype));
c_write_str(ssh, msgbuf);
sfree(msgbuf);
ssh2_pkt_addstring_data(ssh, s->pkblob, s->pklen);
s->siglen = ssh->pktout.length - 5 + 4 + 20;
+ if (ssh->remote_bugs & BUG_SSH2_PK_SESSIONID)
+ s->siglen -= 4;
s->len = 1; /* message type */
s->len += 4 + s->pklen; /* key blob */
s->len += 4 + s->siglen; /* data to sign */
s->len += 4; /* flags */
- s->agentreq = smalloc(4 + s->len);
+ s->agentreq = snewn(4 + s->len, char);
PUT_32BIT(s->agentreq, s->len);
s->q = s->agentreq + 4;
*s->q++ = SSH2_AGENTC_SIGN_REQUEST;
PUT_32BIT(s->q, s->siglen);
s->q += 4;
/* Now the data to be signed... */
- PUT_32BIT(s->q, 20);
- s->q += 4;
+ if (!(ssh->remote_bugs & BUG_SSH2_PK_SESSIONID)) {
+ PUT_32BIT(s->q, 20);
+ s->q += 4;
+ }
memcpy(s->q, ssh->v2_session_id, 20);
s->q += 20;
memcpy(s->q, ssh->pktout.data + 5,
} else {
unsigned char *pkblob, *sigblob, *sigdata;
int pkblob_len, sigblob_len, sigdata_len;
+ int p;
/*
* We have loaded the private key and the server
* outgoing packet.
*/
sigdata_len = ssh->pktout.length - 5 + 4 + 20;
- sigdata = smalloc(sigdata_len);
- PUT_32BIT(sigdata, 20);
- memcpy(sigdata + 4, ssh->v2_session_id, 20);
- memcpy(sigdata + 24, ssh->pktout.data + 5,
+ if (ssh->remote_bugs & BUG_SSH2_PK_SESSIONID)
+ sigdata_len -= 4;
+ sigdata = snewn(sigdata_len, char);
+ p = 0;
+ if (!(ssh->remote_bugs & BUG_SSH2_PK_SESSIONID)) {
+ PUT_32BIT(sigdata+p, 20);
+ p += 4;
+ }
+ memcpy(sigdata+p, ssh->v2_session_id, 20); p += 20;
+ memcpy(sigdata+p, ssh->pktout.data + 5,
ssh->pktout.length - 5);
+ p += ssh->pktout.length - 5;
+ assert(p == sigdata_len);
sigblob = key->alg->sign(key->data, (char *)sigdata,
sigdata_len, &sigblob_len);
ssh2_add_sigblob(ssh, pkblob, pkblob_len,
* So now create a channel with a session in it.
*/
ssh->channels = newtree234(ssh_channelcmp);
- ssh->mainchan = smalloc(sizeof(struct ssh_channel));
+ ssh->mainchan = snew(struct ssh_channel);
ssh->mainchan->ssh = ssh;
ssh->mainchan->localid = alloc_channel_id(ssh);
ssh2_pkt_init(ssh, SSH2_MSG_CHANNEL_OPEN);
dserv, "(", dport, dserv, ")");
} else {
struct ssh_rportfwd *pf;
- pf = smalloc(sizeof(*pf));
+ pf = snew(struct ssh_rportfwd);
strcpy(pf->dhost, host);
pf->dport = dport;
pf->sport = sport;
if (c->u.a.lensofar == 4) {
c->u.a.totallen =
4 + GET_32BIT(c->u.a.msglen);
- c->u.a.message = smalloc(c->u.a.totallen);
+ c->u.a.message = snewn(c->u.a.totallen,
+ unsigned char);
memcpy(c->u.a.message, c->u.a.msglen, 4);
}
if (c->u.a.lensofar >= 4 && length > 0) {
struct ssh_channel *c;
unsigned remid, winsize, pktsize;
ssh2_pkt_getstring(ssh, &type, &typelen);
- c = smalloc(sizeof(struct ssh_channel));
+ c = snew(struct ssh_channel);
c->ssh = ssh;
remid = ssh2_pkt_getuint32(ssh);
port = ssh2_pkt_getuint32(ssh);
if (typelen == 3 && !memcmp(type, "x11", 3)) {
- char *addrstr = smalloc(peeraddrlen+1);
+ char *addrstr = snewn(peeraddrlen+1, char);
memcpy(addrstr, peeraddr, peeraddrlen);
peeraddr[peeraddrlen] = '\0';
char *p;
Ssh ssh;
- ssh = smalloc(sizeof(*ssh));
+ ssh = snew(struct ssh_tag);
ssh->cfg = *cfg; /* STRUCTURE COPY */
ssh->s = NULL;
ssh->cipher = NULL;
{
Ssh ssh = (Ssh) handle;
struct ssh_channel *c;
- c = smalloc(sizeof(struct ssh_channel));
+ c = snew(struct ssh_channel);
c->ssh = ssh;
if (c) {