Pkt_KCtx pkt_kctx;
Pkt_ACtx pkt_actx;
- void *x11auth;
+ struct X11Display *x11disp;
int version;
int conn_throttle_count;
PKT_INCOMING, st->pktin->type,
ssh1_pkt_type(st->pktin->type),
st->pktin->body, st->pktin->length,
- nblanks, &blank);
+ nblanks, &blank, NULL);
}
crFinish(st->pktin);
ssh2_pkt_type(ssh->pkt_kctx, ssh->pkt_actx,
st->pktin->type),
st->pktin->data+6, st->pktin->length-6,
- nblanks, &blank);
+ nblanks, &blank, &st->pktin->sequence);
}
crFinish(st->pktin);
log_packet(ssh->logctx, PKT_OUTGOING, pkt->data[12],
ssh1_pkt_type(pkt->data[12]),
pkt->body, pkt->length - (pkt->body - pkt->data),
- pkt->nblanks, pkt->blanks);
+ pkt->nblanks, pkt->blanks, NULL);
sfree(pkt->blanks); pkt->blanks = NULL;
pkt->nblanks = 0;
static int s_write(Ssh ssh, void *data, int len)
{
if (ssh->logctx)
- log_packet(ssh->logctx, PKT_OUTGOING, -1, NULL, data, len, 0, NULL);
+ log_packet(ssh->logctx, PKT_OUTGOING, -1, NULL, data, len,
+ 0, NULL, NULL);
return sk_write(ssh->s, (char *)data, len);
}
log_packet(ssh->logctx, PKT_OUTGOING, pkt->data[5],
ssh2_pkt_type(ssh->pkt_kctx, ssh->pkt_actx, pkt->data[5]),
pkt->body, pkt->length - (pkt->body - pkt->data),
- pkt->nblanks, pkt->blanks);
+ pkt->nblanks, pkt->blanks, &ssh->v2_outgoing_sequence);
sfree(pkt->blanks); pkt->blanks = NULL;
pkt->nblanks = 0;
/* Log raw data, if we're in that mode. */
if (ssh->logctx)
log_packet(ssh->logctx, PKT_INCOMING, -1, NULL, data, datalen,
- 0, NULL);
+ 0, NULL, NULL);
crBegin(ssh->ssh_gotdata_crstate);
fflush(stdout); /* FIXME eh? */
{
- if (!*ssh->cfg.username) {
+ if (!get_remote_username(&ssh->cfg, s->username,
+ sizeof(s->username))) {
int ret; /* need not be kept over crReturn */
s->cur_prompt = new_prompts(ssh->frontend);
s->cur_prompt->to_server = TRUE;
memcpy(s->username, s->cur_prompt->prompts[0]->result,
lenof(s->username));
free_prompts(s->cur_prompt);
- } else {
- strncpy(s->username, ssh->cfg.username, sizeof(s->username));
- s->username[sizeof(s->username)-1] = '\0';
}
send_packet(ssh, SSH1_CMSG_USER, PKT_STR, s->username, PKT_END);
c = snew(struct ssh_channel);
c->ssh = ssh;
- if (x11_init(&c->u.x11.s, ssh->cfg.x11_display, c,
- ssh->x11auth, NULL, -1, &ssh->cfg) != NULL) {
+ if (x11_init(&c->u.x11.s, ssh->x11disp, c,
+ NULL, -1, &ssh->cfg) != NULL) {
logevent("Opening X11 forward connection failed");
sfree(c);
send_packet(ssh, SSH1_MSG_CHANNEL_OPEN_FAILURE,
}
if (ssh->cfg.x11_forward) {
- char proto[20], data[64];
logevent("Requesting X11 forwarding");
- ssh->x11auth = x11_invent_auth(proto, sizeof(proto),
- data, sizeof(data), ssh->cfg.x11_auth);
- x11_get_real_auth(ssh->x11auth, ssh->cfg.x11_display);
+ ssh->x11disp = x11_setup_display(ssh->cfg.x11_display,
+ ssh->cfg.x11_auth, &ssh->cfg);
/*
* Note that while we blank the X authentication data here, we don't
* take any special action to blank the start of an X11 channel,
*/
if (ssh->v1_local_protoflags & SSH1_PROTOFLAG_SCREEN_NUMBER) {
send_packet(ssh, SSH1_CMSG_X11_REQUEST_FORWARDING,
- PKT_STR, proto,
- PKTT_PASSWORD, PKT_STR, data, PKTT_OTHER,
- PKT_INT, x11_get_screen_number(ssh->cfg.x11_display),
+ PKT_STR, ssh->x11disp->remoteauthprotoname,
+ PKTT_PASSWORD,
+ PKT_STR, ssh->x11disp->remoteauthdatastring,
+ PKTT_OTHER,
+ PKT_INT, ssh->x11disp->screennum,
PKT_END);
} else {
send_packet(ssh, SSH1_CMSG_X11_REQUEST_FORWARDING,
- PKT_STR, proto,
- PKTT_PASSWORD, PKT_STR, data, PKTT_OTHER, PKT_END);
+ PKT_STR, ssh->x11disp->remoteauthprotoname,
+ PKTT_PASSWORD,
+ PKT_STR, ssh->x11disp->remoteauthdatastring,
+ PKTT_OTHER,
+ PKT_END);
}
do {
crReturnV;
if (!ssh->X11_fwd_enabled)
error = "X11 forwarding is not enabled";
- else if (x11_init(&c->u.x11.s, ssh->cfg.x11_display, c,
- ssh->x11auth, addrstr, peerport,
- &ssh->cfg) != NULL) {
+ else if (x11_init(&c->u.x11.s, ssh->x11disp, c,
+ addrstr, peerport, &ssh->cfg) != NULL) {
error = "Unable to open an X11 connection";
} else {
logevent("Opening X11 forward connection succeeded");
* with change_username turned off we don't try to get
* it again.
*/
- } else if (!*ssh->cfg.username) {
+ } else if (!get_remote_username(&ssh->cfg, s->username,
+ sizeof(s->username))) {
int ret; /* need not be kept over crReturn */
s->cur_prompt = new_prompts(ssh->frontend);
s->cur_prompt->to_server = TRUE;
free_prompts(s->cur_prompt);
} else {
char *stuff;
- strncpy(s->username, ssh->cfg.username, sizeof(s->username));
- s->username[sizeof(s->username)-1] = '\0';
if ((flags & FLAG_VERBOSE) || (flags & FLAG_INTERACTIVE)) {
stuff = dupprintf("Using username \"%s\".\r\n", s->username);
c_write_str(ssh, stuff);
/* GSSAPI Authentication */
- int micoffset;
+ int micoffset, len;
+ char *data;
Ssh_gss_buf mic;
s->type = AUTH_TYPE_GSSAPI;
s->tried_gssapi = TRUE;
ssh2_pkt_adduint32(s->pktout,1);
/* length of OID + 2 */
- ssh2_pkt_adduint32(s->pktout, s->gss_buf.len + 2);
+ ssh2_pkt_adduint32(s->pktout, s->gss_buf.length + 2);
ssh2_pkt_addbyte(s->pktout, SSH2_GSS_OIDTYPE);
/* length of OID */
- ssh2_pkt_addbyte(s->pktout, (unsigned char) s->gss_buf.len);
+ ssh2_pkt_addbyte(s->pktout, (unsigned char) s->gss_buf.length);
- ssh_pkt_adddata(s->pktout, s->gss_buf.data, s->gss_buf.len);
+ ssh_pkt_adddata(s->pktout, s->gss_buf.value,
+ s->gss_buf.length);
ssh2_pkt_send(ssh, s->pktout);
crWaitUntilV(pktin);
if (pktin->type != SSH2_MSG_USERAUTH_GSSAPI_RESPONSE) {
/* check returned packet ... */
- ssh_pkt_getstring(pktin,&s->gss_rcvtok.data,&s->gss_rcvtok.len);
- if (s->gss_rcvtok.len != s->gss_buf.len + 2 ||
- s->gss_rcvtok.data[0] != SSH2_GSS_OIDTYPE ||
- s->gss_rcvtok.data[1] != s->gss_buf.len ||
- memcmp(s->gss_rcvtok.data+2,s->gss_buf.data,s->gss_buf.len) ) {
+ ssh_pkt_getstring(pktin, &data, &len);
+ s->gss_rcvtok.value = data;
+ s->gss_rcvtok.length = len;
+ if (s->gss_rcvtok.length != s->gss_buf.length + 2 ||
+ ((char *)s->gss_rcvtok.value)[0] != SSH2_GSS_OIDTYPE ||
+ ((char *)s->gss_rcvtok.value)[1] != s->gss_buf.length ||
+ memcmp((char *)s->gss_rcvtok.value + 2,
+ s->gss_buf.value,s->gss_buf.length) ) {
logevent("GSSAPI authentication - wrong response from server");
continue;
}
}
/* initial tokens are empty */
- s->gss_rcvtok.len = s->gss_sndtok.len = 0;
- s->gss_rcvtok.data = s->gss_sndtok.data = NULL;
+ SSH_GSS_CLEAR_BUF(&s->gss_rcvtok);
/* now enter the loop */
do {
logevent("GSSAPI authentication initialisation failed");
if (ssh_gss_display_status(s->gss_ctx,&s->gss_buf) == SSH_GSS_OK) {
- logevent(s->gss_buf.data);
- sfree(s->gss_buf.data);
+ logevent(s->gss_buf.value);
+ sfree(s->gss_buf.value);
}
break;
/* Client and server now exchange tokens until GSSAPI
* no longer says CONTINUE_NEEDED */
- if (s->gss_sndtok.len != 0) {
+ if (s->gss_sndtok.length != 0) {
s->pktout = ssh2_pkt_init(SSH2_MSG_USERAUTH_GSSAPI_TOKEN);
ssh_pkt_addstring_start(s->pktout);
- ssh_pkt_addstring_data(s->pktout,s->gss_sndtok.data,s->gss_sndtok.len);
+ ssh_pkt_addstring_data(s->pktout,s->gss_sndtok.value,s->gss_sndtok.length);
ssh2_pkt_send(ssh, s->pktout);
ssh_gss_free_tok(&s->gss_sndtok);
}
s->gss_stat = SSH_GSS_FAILURE;
break;
}
- ssh_pkt_getstring(pktin,&s->gss_rcvtok.data,&s->gss_rcvtok.len);
+ ssh_pkt_getstring(pktin, &data, &len);
+ s->gss_rcvtok.value = data;
+ s->gss_rcvtok.length = len;
}
} while (s-> gss_stat == SSH_GSS_S_CONTINUE_NEEDED);
ssh_pkt_addstring(s->pktout, "ssh-connection");
ssh_pkt_addstring(s->pktout, "gssapi-with-mic");
- s->gss_buf.data = (char *)s->pktout->data + micoffset;
- s->gss_buf.len = s->pktout->length - micoffset;
+ s->gss_buf.value = (char *)s->pktout->data + micoffset;
+ s->gss_buf.length = s->pktout->length - micoffset;
ssh_gss_get_mic(s->gss_ctx, &s->gss_buf, &mic);
s->pktout = ssh2_pkt_init(SSH2_MSG_USERAUTH_GSSAPI_MIC);
ssh_pkt_addstring_start(s->pktout);
- ssh_pkt_addstring_data(s->pktout, mic.data, mic.len);
+ ssh_pkt_addstring_data(s->pktout, mic.value, mic.length);
ssh2_pkt_send(ssh, s->pktout);
ssh_gss_free_mic(&mic);
* Potentially enable X11 forwarding.
*/
if (ssh->mainchan && !ssh->ncmode && ssh->cfg.x11_forward) {
- char proto[20], data[64];
logevent("Requesting X11 forwarding");
- ssh->x11auth = x11_invent_auth(proto, sizeof(proto),
- data, sizeof(data), ssh->cfg.x11_auth);
- x11_get_real_auth(ssh->x11auth, ssh->cfg.x11_display);
+ ssh->x11disp = x11_setup_display(ssh->cfg.x11_display,
+ ssh->cfg.x11_auth, &ssh->cfg);
s->pktout = ssh2_pkt_init(SSH2_MSG_CHANNEL_REQUEST);
ssh2_pkt_adduint32(s->pktout, ssh->mainchan->remoteid);
ssh2_pkt_addstring(s->pktout, "x11-req");
ssh2_pkt_addbool(s->pktout, 1); /* want reply */
ssh2_pkt_addbool(s->pktout, 0); /* many connections */
- ssh2_pkt_addstring(s->pktout, proto);
+ ssh2_pkt_addstring(s->pktout, ssh->x11disp->remoteauthprotoname);
/*
* Note that while we blank the X authentication data here, we don't
* take any special action to blank the start of an X11 channel,
* cookie into the log.
*/
dont_log_password(ssh, s->pktout, PKTLOG_BLANK);
- ssh2_pkt_addstring(s->pktout, data);
+ ssh2_pkt_addstring(s->pktout, ssh->x11disp->remoteauthdatastring);
end_log_omission(ssh, s->pktout);
- ssh2_pkt_adduint32(s->pktout, x11_get_screen_number(ssh->cfg.x11_display));
+ ssh2_pkt_adduint32(s->pktout, ssh->x11disp->screennum);
ssh2_pkt_send(ssh, s->pktout);
crWaitUntilV(pktin);
ssh->fallback_cmd = 0;
ssh->pkt_kctx = SSH2_PKTCTX_NOKEX;
ssh->pkt_actx = SSH2_PKTCTX_NOAUTH;
- ssh->x11auth = NULL;
+ ssh->x11disp = NULL;
ssh->v1_compressing = FALSE;
ssh->v2_outgoing_sequence = 0;
ssh->ssh1_rdpkt_crstate = 0;
ssh->rportfwds = NULL;
}
sfree(ssh->deferred_send_data);
- if (ssh->x11auth)
- x11_free_auth(ssh->x11auth);
+ if (ssh->x11disp)
+ x11_free_display(ssh->x11disp);
sfree(ssh->do_ssh_init_state);
sfree(ssh->do_ssh1_login_state);
sfree(ssh->do_ssh2_transport_state);