* http://www.chiark.greenend.org.uk/~sgtatham/coroutines.html
*
* which explains the theory behind these macros.
+ *
+ * In particular, if you are getting `case expression not constant'
+ * errors when building with MS Visual Studio, this is because MS's
+ * Edit and Continue debugging feature causes their compiler to
+ * violate ANSI C. To disable Edit and Continue debugging:
+ *
+ * - right-click ssh.c in the FileView
+ * - click Settings
+ * - select the C/C++ tab and the General category
+ * - under `Debug info:', select anything _other_ than `Program
+ * Database for Edit and Continue'.
*/
#define crBegin(v) { int *crLine = &v; switch(v) { case 0:;
#define crState(t) \
struct t *s; \
- if (!ssh->t) ssh->t = smalloc(sizeof(struct t)); \
+ if (!ssh->t) ssh->t = snew(struct t); \
s = ssh->t;
#define crFinish(z) } *crLine = 0; return (z); }
#define crFinishV } *crLine = 0; return; }
sfree(buf);
}
-#define bombout(msg) ( ssh->state = SSH_STATE_CLOSED, \
- (ssh->s ? sk_close(ssh->s), ssh->s = NULL : 0), \
- logeventf msg, connection_fatal msg )
+#define bombout(msg) \
+ do { \
+ char *text = dupprintf msg; \
+ ssh->state = SSH_STATE_CLOSED; \
+ if (ssh->s) { sk_close(ssh->s); ssh->s = NULL; } \
+ logevent(text); \
+ connection_fatal(ssh->frontend, "%s", text); \
+ sfree(text); \
+ } while (0)
static int ssh_channelcmp(void *av, void *bv)
{
if (ssh->pktin.maxlen < st->biglen) {
ssh->pktin.maxlen = st->biglen;
- ssh->pktin.data = srealloc(ssh->pktin.data, st->biglen + APIEXTRA);
+ ssh->pktin.data = sresize(ssh->pktin.data, st->biglen + APIEXTRA,
+ unsigned char);
}
st->to_read = st->biglen;
if (ssh->cipher && detect_attack(ssh->crcda_ctx, ssh->pktin.data,
st->biglen, NULL)) {
- bombout((ssh,"Network attack (CRC compensation) detected!"));
- crReturn(0);
+ bombout(("Network attack (CRC compensation) detected!"));
+ crStop(0);
}
if (ssh->cipher)
st->realcrc = crc32(ssh->pktin.data, st->biglen - 4);
st->gotcrc = GET_32BIT(ssh->pktin.data + st->biglen - 4);
if (st->gotcrc != st->realcrc) {
- bombout((ssh,"Incorrect CRC received on packet"));
- crReturn(0);
+ bombout(("Incorrect CRC received on packet"));
+ crStop(0);
}
ssh->pktin.body = ssh->pktin.data + st->pad + 1;
if (ssh->pktin.maxlen < st->pad + decomplen) {
ssh->pktin.maxlen = st->pad + decomplen;
- ssh->pktin.data = srealloc(ssh->pktin.data,
- ssh->pktin.maxlen + APIEXTRA);
+ ssh->pktin.data = sresize(ssh->pktin.data,
+ ssh->pktin.maxlen + APIEXTRA,
+ unsigned char);
ssh->pktin.body = ssh->pktin.data + st->pad + 1;
}
ssh->pktin.type == SSH1_SMSG_AUTH_CCARD_CHALLENGE) {
long stringlen = GET_32BIT(ssh->pktin.body);
if (stringlen + 4 != ssh->pktin.length) {
- bombout((ssh,"Received data packet with bogus string length"));
- crReturn(0);
+ bombout(("Received data packet with bogus string length"));
+ crStop(0);
}
}
memcpy(buf + nowlen, ssh->pktin.body + 4, msglen);
buf[nowlen + msglen] = '\0';
/* logevent(buf); (this is now done within the bombout macro) */
- bombout((ssh,"Server sent disconnect message:\n\"%s\"", buf+nowlen));
- crReturn(0);
+ bombout(("Server sent disconnect message:\n\"%s\"", buf+nowlen));
+ crStop(0);
}
crFinish(0);
if (ssh->pktin.maxlen < st->cipherblk) {
ssh->pktin.maxlen = st->cipherblk;
- ssh->pktin.data = srealloc(ssh->pktin.data, st->cipherblk + APIEXTRA);
+ ssh->pktin.data = sresize(ssh->pktin.data, st->cipherblk + APIEXTRA,
+ unsigned char);
}
/*
* do us any more damage.
*/
if (st->len < 0 || st->pad < 0 || st->len + st->pad < 0) {
- bombout((ssh,"Incoming packet was garbled on decryption"));
- crReturn(0);
+ bombout(("Incoming packet was garbled on decryption"));
+ crStop(0);
}
/*
*/
if (ssh->pktin.maxlen < st->packetlen + st->maclen) {
ssh->pktin.maxlen = st->packetlen + st->maclen;
- ssh->pktin.data = srealloc(ssh->pktin.data,
- ssh->pktin.maxlen + APIEXTRA);
+ ssh->pktin.data = sresize(ssh->pktin.data,
+ ssh->pktin.maxlen + APIEXTRA,
+ unsigned char);
}
/*
if (ssh->scmac
&& !ssh->scmac->verify(ssh->sc_mac_ctx, ssh->pktin.data, st->len + 4,
st->incoming_sequence)) {
- bombout((ssh,"Incorrect MAC received on packet"));
- crReturn(0);
+ bombout(("Incorrect MAC received on packet"));
+ crStop(0);
}
st->incoming_sequence++; /* whether or not we MACed */
&newpayload, &newlen)) {
if (ssh->pktin.maxlen < newlen + 5) {
ssh->pktin.maxlen = newlen + 5;
- ssh->pktin.data = srealloc(ssh->pktin.data,
- ssh->pktin.maxlen + APIEXTRA);
+ ssh->pktin.data = sresize(ssh->pktin.data,
+ ssh->pktin.maxlen + APIEXTRA,
+ unsigned char);
}
ssh->pktin.length = 5 + newlen;
memcpy(ssh->pktin.data + 5, newpayload, newlen);
buf = dupprintf("Disconnection message text: %n%.*s",
&nowlen, msglen, ssh->pktin.data + 14);
logevent(buf);
- bombout((ssh,"Server sent disconnect message\ntype %d (%s):\n\"%s\"",
+ bombout(("Server sent disconnect message\ntype %d (%s):\n\"%s\"",
reason,
(reason > 0 && reason < lenof(ssh2_disconnect_reasons)) ?
ssh2_disconnect_reasons[reason] : "unknown",
buf+nowlen));
sfree(buf);
- crReturn(0);
+ crStop(0);
}
break;
case SSH2_MSG_IGNORE:
#ifdef MSCRYPTOAPI
/* Allocate enough buffer space for extra block
* for MS CryptEncrypt() */
- ssh->pktout.data = srealloc(ssh->pktout.data, biglen + 12);
+ ssh->pktout.data = sresize(ssh->pktout.data, biglen + 12,
+ unsigned char);
#else
- ssh->pktout.data = srealloc(ssh->pktout.data, biglen + 4);
+ ssh->pktout.data = sresize(ssh->pktout.data, biglen + 4,
+ unsigned char);
#endif
}
ssh->pktout.body = ssh->pktout.data + 4 + pad + 1;
len = s_wrpkt_prepare(ssh);
if (ssh->deferred_len + len > ssh->deferred_size) {
ssh->deferred_size = ssh->deferred_len + len + 128;
- ssh->deferred_send_data = srealloc(ssh->deferred_send_data,
- ssh->deferred_size);
+ ssh->deferred_send_data = sresize(ssh->deferred_send_data,
+ ssh->deferred_size,
+ unsigned char);
}
memcpy(ssh->deferred_send_data + ssh->deferred_len, ssh->pktout.data, len);
ssh->deferred_len += len;
{
if (ssh->pktout.maxlen < length) {
ssh->pktout.maxlen = length + 256;
- ssh->pktout.data = srealloc(ssh->pktout.data,
- ssh->pktout.maxlen + APIEXTRA);
+ ssh->pktout.data = sresize(ssh->pktout.data,
+ ssh->pktout.maxlen + APIEXTRA,
+ unsigned char);
if (!ssh->pktout.data)
fatalbox("Out of memory");
}
{
unsigned char *p;
int i, n = (bignum_bitcount(b) + 7) / 8;
- p = smalloc(n + 1);
+ p = snewn(n + 1, unsigned char);
if (!p)
fatalbox("out of memory");
p[0] = 0;
int len = ssh2_pkt_construct(ssh);
if (ssh->deferred_len + len > ssh->deferred_size) {
ssh->deferred_size = ssh->deferred_len + len + 128;
- ssh->deferred_send_data = srealloc(ssh->deferred_send_data,
- ssh->deferred_size);
+ ssh->deferred_send_data = sresize(ssh->deferred_send_data,
+ ssh->deferred_size,
+ unsigned char);
}
memcpy(ssh->deferred_send_data + ssh->deferred_len, ssh->pktout.data, len);
ssh->deferred_len += len;
if (!p)
return NULL;
if (p[0] & 0x80) {
- bombout((ssh,"internal error: Can't handle negative mpints"));
+ bombout(("internal error: Can't handle negative mpints"));
return NULL;
}
b = bignum_from_bytes((unsigned char *)p, length);
}
s->vstrsize = 16;
- s->vstring = smalloc(s->vstrsize);
+ s->vstring = snewn(s->vstrsize, char);
strcpy(s->vstring, "SSH-");
s->vslen = 4;
s->i = 0;
crReturn(1); /* get another char */
if (s->vslen >= s->vstrsize - 1) {
s->vstrsize += 16;
- s->vstring = srealloc(s->vstring, s->vstrsize);
+ s->vstring = sresize(s->vstring, s->vstrsize, char);
}
s->vstring[s->vslen++] = c;
if (s->i >= 0) {
s->vstring[strcspn(s->vstring, "\r\n")] = '\0';/* remove EOL chars */
{
char *vlog;
- vlog = smalloc(20 + s->vslen);
+ vlog = snewn(20 + s->vslen, char);
sprintf(vlog, "Server version: %s", s->vstring);
logevent(vlog);
sfree(vlog);
s->proto2 = ssh_versioncmp(s->version, "1.99") >= 0;
if (ssh->cfg.sshprot == 0 && !s->proto1) {
- bombout((ssh,"SSH protocol version 1 required by user but not provided by server"));
- crReturn(0);
+ bombout(("SSH protocol version 1 required by user but not provided by server"));
+ crStop(0);
}
if (ssh->cfg.sshprot == 3 && !s->proto2) {
- bombout((ssh,"SSH protocol version 2 required by user but not provided by server"));
- crReturn(0);
+ bombout(("SSH protocol version 2 required by user but not provided by server"));
+ crStop(0);
}
if (s->proto2 && (ssh->cfg.sshprot >= 2 || !s->proto1)) {
ssh->version = 1;
ssh->s_rdpkt = ssh1_rdpkt;
}
+ update_specials_menu(ssh->frontend);
ssh->state = SSH_STATE_BEFORE_SIZE;
sfree(s->vstring);
SockAddr addr;
char *err;
- ssh->savedhost = smalloc(1 + strlen(host));
+ ssh->savedhost = snewn(1 + strlen(host), char);
if (!ssh->savedhost)
fatalbox("Out of memory");
strcpy(ssh->savedhost, host);
crWaitUntil(ispkt);
if (ssh->pktin.type != SSH1_SMSG_PUBLIC_KEY) {
- bombout((ssh,"Public key packet not received"));
- crReturn(0);
+ bombout(("Public key packet not received"));
+ crStop(0);
}
logevent("Received public keys");
s->len = (hostkey.bytes > servkey.bytes ? hostkey.bytes : servkey.bytes);
- s->rsabuf = smalloc(s->len);
+ s->rsabuf = snewn(s->len, unsigned char);
if (!s->rsabuf)
fatalbox("Out of memory");
*/
int len = rsastr_len(&hostkey);
char fingerprint[100];
- char *keystr = smalloc(len);
+ char *keystr = snewn(len, char);
if (!keystr)
fatalbox("Out of memory");
rsastr_fmt(keystr, &hostkey);
}
if (!cipher_chosen) {
if ((s->supported_ciphers_mask & (1 << SSH_CIPHER_3DES)) == 0)
- bombout((ssh,"Server violates SSH 1 protocol by not "
+ bombout(("Server violates SSH 1 protocol by not "
"supporting 3DES encryption"));
else
/* shouldn't happen */
- bombout((ssh,"No supported ciphers found"));
- crReturn(0);
+ bombout(("No supported ciphers found"));
+ crStop(0);
}
/* Warn about chosen cipher if necessary. */
crWaitUntil(ispkt);
if (ssh->pktin.type != SSH1_SMSG_SUCCESS) {
- bombout((ssh,"Encryption not successfully enabled"));
- crReturn(0);
+ bombout(("Encryption not successfully enabled"));
+ crStop(0);
}
logevent("Successfully started encryption");
* Terminate.
*/
logevent("No username provided. Abandoning session.");
- ssh->state = SSH_STATE_CLOSED;
- crReturn(1);
+ ssh_closing((Plug)ssh, NULL, 0, 0);
+ crStop(1);
}
} else {
int ret; /* need not be kept over crReturn */
len += ssh1_bignum_length(s->challenge);
len += 16; /* session id */
len += 4; /* response format */
- agentreq = smalloc(4 + len);
+ agentreq = snewn(4 + len, char);
PUT_32BIT(agentreq, len);
q = agentreq + 4;
*q++ = SSH1_AGENTC_RSA_CHALLENGE;
PKT_END);
logevent("Unable to authenticate");
connection_fatal(ssh->frontend, "Unable to authenticate");
- ssh->state = SSH_STATE_CLOSED;
- crReturn(1);
+ ssh_closing((Plug)ssh, NULL, 0, 0);
+ crStop(1);
}
} else {
/* Prompt may have come from server. We've munged it a bit, so
continue; /* go and try password */
}
if (ssh->pktin.type != SSH1_SMSG_AUTH_RSA_CHALLENGE) {
- bombout((ssh,"Bizarre response to offer of public key"));
- crReturn(0);
+ bombout(("Bizarre response to offer of public key"));
+ crStop(0);
}
{
" our public key.\r\n");
continue; /* go and try password */
} else if (ssh->pktin.type != SSH1_SMSG_SUCCESS) {
- bombout((ssh,"Bizarre response to RSA authentication response"));
- crReturn(0);
+ bombout(("Bizarre response to RSA authentication response"));
+ crStop(0);
}
break; /* we're through! */
assert(pwlen >= bottom && pwlen <= top);
- randomstr = smalloc(top + 1);
+ randomstr = snewn(top + 1, char);
for (i = bottom; i <= top; i++) {
if (i == pwlen)
c_write_str(ssh, "Access denied\r\n");
logevent("Authentication refused");
} else if (ssh->pktin.type != SSH1_SMSG_SUCCESS) {
- bombout((ssh,"Strange packet received, type %d", ssh->pktin.type));
- crReturn(0);
+ bombout(("Strange packet received, type %d", ssh->pktin.type));
+ crStop(0);
}
}
} while (!ispkt);
if (ssh->pktin.type != SSH1_SMSG_SUCCESS
&& ssh->pktin.type != SSH1_SMSG_FAILURE) {
- bombout((ssh,"Protocol confusion"));
- crReturnV;
+ bombout(("Protocol confusion"));
+ crStopV;
} else if (ssh->pktin.type == SSH1_SMSG_FAILURE) {
logevent("Agent forwarding refused");
} else {
} while (!ispkt);
if (ssh->pktin.type != SSH1_SMSG_SUCCESS
&& ssh->pktin.type != SSH1_SMSG_FAILURE) {
- bombout((ssh,"Protocol confusion"));
- crReturnV;
+ bombout(("Protocol confusion"));
+ crStopV;
} else if (ssh->pktin.type == SSH1_SMSG_FAILURE) {
logevent("X11 forwarding refused");
} else {
if (n < 255) sports[n++] = *ssh->portfwd_strptr++;
}
sports[n] = 0;
- if (*ssh->portfwd_strptr == '\t')
- ssh->portfwd_strptr++;
- n = 0;
- while (*ssh->portfwd_strptr && *ssh->portfwd_strptr != ':') {
- if (n < 255) host[n++] = *ssh->portfwd_strptr++;
- }
- host[n] = 0;
- if (*ssh->portfwd_strptr == ':')
+ if (type != 'D') {
+ if (*ssh->portfwd_strptr == '\t')
+ ssh->portfwd_strptr++;
+ n = 0;
+ while (*ssh->portfwd_strptr && *ssh->portfwd_strptr != ':') {
+ if (n < 255) host[n++] = *ssh->portfwd_strptr++;
+ }
+ host[n] = 0;
+ if (*ssh->portfwd_strptr == ':')
+ ssh->portfwd_strptr++;
+ n = 0;
+ while (*ssh->portfwd_strptr) {
+ if (n < 255) dports[n++] = *ssh->portfwd_strptr++;
+ }
+ dports[n] = 0;
ssh->portfwd_strptr++;
- n = 0;
- while (*ssh->portfwd_strptr) {
- if (n < 255) dports[n++] = *ssh->portfwd_strptr++;
- }
- dports[n] = 0;
- ssh->portfwd_strptr++;
- dport = atoi(dports);
- dserv = 0;
- if (dport == 0) {
- dserv = 1;
- dport = net_service_lookup(dports);
- if (!dport) {
- logeventf(ssh, "Service lookup failed for"
- " destination port \"%s\"", dports);
+ dport = atoi(dports);
+ dserv = 0;
+ if (dport == 0) {
+ dserv = 1;
+ dport = net_service_lookup(dports);
+ if (!dport) {
+ logeventf(ssh, "Service lookup failed for"
+ " destination port \"%s\"", dports);
+ }
}
+ } else {
+ while (*ssh->portfwd_strptr) ssh->portfwd_strptr++;
+ dport = dserv = -1;
}
sport = atoi(sports);
sserv = 0;
host,
(int)(dserv ? strlen(dports) : 0), dports,
dserv, "(", dport, dserv, ")");
+ } else if (type == 'D') {
+ pfd_addforward(NULL, -1, *saddr ? saddr : NULL,
+ sport, ssh, &ssh->cfg);
+ logeventf(ssh, "Local port %.*s%.*s%.*s%.*s%d%.*s"
+ " doing SOCKS dynamic forwarding",
+ (int)(*saddr?strlen(saddr):0), *saddr?saddr:NULL,
+ (int)(*saddr?1:0), ":",
+ (int)(sserv ? strlen(sports) : 0), sports,
+ sserv, "(", sport, sserv, ")");
} else {
struct ssh_rportfwd *pf;
- pf = smalloc(sizeof(*pf));
+ pf = snew(struct ssh_rportfwd);
strcpy(pf->dhost, host);
pf->dport = dport;
if (saddr) {
} while (!ispkt);
if (ssh->pktin.type != SSH1_SMSG_SUCCESS
&& ssh->pktin.type != SSH1_SMSG_FAILURE) {
- bombout((ssh,"Protocol confusion"));
- crReturnV;
+ bombout(("Protocol confusion"));
+ crStopV;
} else if (ssh->pktin.type == SSH1_SMSG_FAILURE) {
c_write_str(ssh, "Server refused port"
" forwarding\r\n");
} while (!ispkt);
if (ssh->pktin.type != SSH1_SMSG_SUCCESS
&& ssh->pktin.type != SSH1_SMSG_FAILURE) {
- bombout((ssh,"Protocol confusion"));
- crReturnV;
+ bombout(("Protocol confusion"));
+ crStopV;
} else if (ssh->pktin.type == SSH1_SMSG_FAILURE) {
c_write_str(ssh, "Server refused to allocate pty\r\n");
ssh->editing = ssh->echoing = 1;
} while (!ispkt);
if (ssh->pktin.type != SSH1_SMSG_SUCCESS
&& ssh->pktin.type != SSH1_SMSG_FAILURE) {
- bombout((ssh,"Protocol confusion"));
- crReturnV;
+ bombout(("Protocol confusion"));
+ crStopV;
} else if (ssh->pktin.type == SSH1_SMSG_FAILURE) {
c_write_str(ssh, "Server refused to compress\r\n");
}
ssh1_throttle(ssh, +1);
}
} else if (ssh->pktin.type == SSH1_MSG_DISCONNECT) {
- ssh->state = SSH_STATE_CLOSED;
+ ssh_closing((Plug)ssh, NULL, 0, 0);
logevent("Received disconnect request");
- crReturnV;
+ crStopV;
} else if (ssh->pktin.type == SSH1_SMSG_X11_OPEN) {
/* Remote side is trying to open a channel to talk to our
* X-Server. Give them back a local channel number. */
PKT_INT, GET_32BIT(ssh->pktin.body), PKT_END);
logevent("Rejected X11 connect request");
} else {
- c = smalloc(sizeof(struct ssh_channel));
+ c = snew(struct ssh_channel);
c->ssh = ssh;
if (x11_init(&c->u.x11.s, ssh->cfg.x11_display, c,
send_packet(ssh, SSH1_MSG_CHANNEL_OPEN_FAILURE,
PKT_INT, GET_32BIT(ssh->pktin.body), PKT_END);
} else {
- c = smalloc(sizeof(struct ssh_channel));
+ c = snew(struct ssh_channel);
c->ssh = ssh;
c->remoteid = GET_32BIT(ssh->pktin.body);
c->localid = alloc_channel_id(ssh);
int hostsize, port;
char host[256], buf[1024];
char *p, *h, *e;
- c = smalloc(sizeof(struct ssh_channel));
+ c = snew(struct ssh_channel);
c->ssh = ssh;
hostsize = GET_32BIT(ssh->pktin.body+4);
sfree(c);
}
} else {
- bombout((ssh,"Received CHANNEL_CLOSE%s for %s channel %d\n",
+ bombout(("Received CHANNEL_CLOSE%s for %s channel %d\n",
ssh->pktin.type == SSH1_MSG_CHANNEL_CLOSE ? "" :
"_CONFIRMATION", c ? "half-open" : "nonexistent",
i));
+ crStopV;
}
} else if (ssh->pktin.type == SSH1_MSG_CHANNEL_DATA) {
/* Data sent down one of our channels. */
struct ssh_channel *c;
c = find234(ssh->channels, &i, ssh_channelfind);
if (c) {
- int bufsize;
+ int bufsize = 0;
switch (c->type) {
case CHAN_X11:
bufsize = x11_send(c->u.x11.s, (char *)p, len);
if (c->u.a.lensofar == 4) {
c->u.a.totallen =
4 + GET_32BIT(c->u.a.msglen);
- c->u.a.message = smalloc(c->u.a.totallen);
+ c->u.a.message = snewn(c->u.a.totallen,
+ unsigned char);
memcpy(c->u.a.message, c->u.a.msglen, 4);
}
if (c->u.a.lensofar >= 4 && len > 0) {
* encrypted packet, we close the session once
* we've sent EXIT_CONFIRMATION.
*/
- ssh->state = SSH_STATE_CLOSED;
- crReturnV;
+ ssh_closing((Plug)ssh, NULL, 0, 0);
+ crStopV;
} else {
- bombout((ssh,"Strange packet received: type %d", ssh->pktin.type));
- crReturnV;
+ bombout(("Strange packet received: type %d", ssh->pktin.type));
+ crStopV;
}
} else {
while (inlen > 0) {
int i, j, len;
if (ssh->pktin.type != SSH2_MSG_KEXINIT) {
- bombout((ssh,"expected key exchange packet from server"));
- crReturn(0);
+ bombout(("expected key exchange packet from server"));
+ crStop(0);
}
ssh->kex = NULL;
ssh->hostkey = NULL;
}
}
if (!s->cscipher_tobe) {
- bombout((ssh,"Couldn't agree a client-to-server cipher (available: %s)",
+ bombout(("Couldn't agree a client-to-server cipher (available: %s)",
str ? str : "(null)"));
- crReturn(0);
+ crStop(0);
}
ssh2_pkt_getstring(ssh, &str, &len); /* server->client cipher */
}
}
if (!s->sccipher_tobe) {
- bombout((ssh,"Couldn't agree a server-to-client cipher (available: %s)",
+ bombout(("Couldn't agree a server-to-client cipher (available: %s)",
str ? str : "(null)"));
- crReturn(0);
+ crStop(0);
}
ssh2_pkt_getstring(ssh, &str, &len); /* client->server mac */
crWaitUntil(ispkt);
if (ssh->pktin.type != SSH2_MSG_KEX_DH_GEX_GROUP) {
- bombout((ssh,"expected key exchange group packet from server"));
- crReturn(0);
+ bombout(("expected key exchange group packet from server"));
+ crStop(0);
}
s->p = ssh2_pkt_getmp(ssh);
s->g = ssh2_pkt_getmp(ssh);
crWaitUntil(ispkt);
if (ssh->pktin.type != s->kex_reply_value) {
- bombout((ssh,"expected key exchange reply packet from server"));
- crReturn(0);
+ bombout(("expected key exchange reply packet from server"));
+ crStop(0);
}
ssh2_pkt_getstring(ssh, &s->hostkeydata, &s->hostkeylen);
s->f = ssh2_pkt_getmp(ssh);
if (!s->hkey ||
!ssh->hostkey->verifysig(s->hkey, s->sigdata, s->siglen,
(char *)s->exchange_hash, 20)) {
- bombout((ssh,"Server's host key did not match the signature supplied"));
- crReturn(0);
+ bombout(("Server's host key did not match the signature supplied"));
+ crStop(0);
}
/*
*/
crWaitUntil(ispkt);
if (ssh->pktin.type != SSH2_MSG_NEWKEYS) {
- bombout((ssh,"expected new-keys packet from server"));
- crReturn(0);
+ bombout(("expected new-keys packet from server"));
+ crStop(0);
}
/*
ssh2_pkt_send(ssh);
crWaitUntilV(ispkt);
if (ssh->pktin.type != SSH2_MSG_SERVICE_ACCEPT) {
- bombout((ssh,"Server refused user authentication protocol"));
- crReturnV;
+ bombout(("Server refused user authentication protocol"));
+ crStopV;
}
/*
* Terminate.
*/
logevent("No username provided. Abandoning session.");
- ssh->state = SSH_STATE_CLOSED;
- crReturnV;
+ ssh_closing((Plug)ssh, NULL, 0, 0);
+ crStopV;
}
} else {
int ret; /* need not be saved across crReturn */
if (!s->gotit)
s->curr_prompt = 0;
} else if (ssh->pktin.type != SSH2_MSG_USERAUTH_FAILURE) {
- bombout((ssh,"Strange packet received during authentication: type %d",
+ bombout(("Strange packet received during authentication: type %d",
ssh->pktin.type));
- crReturnV;
+ crStopV;
}
s->gotit = FALSE;
s->len += 4 + s->pklen; /* key blob */
s->len += 4 + s->siglen; /* data to sign */
s->len += 4; /* flags */
- s->agentreq = smalloc(4 + s->len);
+ s->agentreq = snewn(4 + s->len, char);
PUT_32BIT(s->agentreq, s->len);
s->q = s->agentreq + 4;
*s->q++ = SSH2_AGENTC_SIGN_REQUEST;
logevent("Unable to authenticate");
connection_fatal(ssh->frontend,
"Unable to authenticate");
- ssh->state = SSH_STATE_CLOSED;
- crReturnV;
+ ssh_closing((Plug)ssh, NULL, 0, 0);
+ crStopV;
}
} else {
int ret; /* need not be saved across crReturn */
sigdata_len = ssh->pktout.length - 5 + 4 + 20;
if (ssh->remote_bugs & BUG_SSH2_PK_SESSIONID)
sigdata_len -= 4;
- sigdata = smalloc(sigdata_len);
+ sigdata = snewn(sigdata_len, unsigned char);
p = 0;
if (!(ssh->remote_bugs & BUG_SSH2_PK_SESSIONID)) {
PUT_32BIT(sigdata+p, 20);
" methods available");
ssh2_pkt_addstring(ssh, "en"); /* language tag */
ssh2_pkt_send(ssh);
- ssh->state = SSH_STATE_CLOSED;
- crReturnV;
+ ssh_closing((Plug)ssh, NULL, 0, 0);
+ crStopV;
}
}
} while (!s->we_are_in);
* So now create a channel with a session in it.
*/
ssh->channels = newtree234(ssh_channelcmp);
- ssh->mainchan = smalloc(sizeof(struct ssh_channel));
+ ssh->mainchan = snew(struct ssh_channel);
ssh->mainchan->ssh = ssh;
ssh->mainchan->localid = alloc_channel_id(ssh);
ssh2_pkt_init(ssh, SSH2_MSG_CHANNEL_OPEN);
ssh2_pkt_send(ssh);
crWaitUntilV(ispkt);
if (ssh->pktin.type != SSH2_MSG_CHANNEL_OPEN_CONFIRMATION) {
- bombout((ssh,"Server refused to open a session"));
- crReturnV;
+ bombout(("Server refused to open a session"));
+ crStopV;
/* FIXME: error data comes back in FAILURE packet */
}
if (ssh2_pkt_getuint32(ssh) != ssh->mainchan->localid) {
- bombout((ssh,"Server's channel confirmation cited wrong channel"));
- crReturnV;
+ bombout(("Server's channel confirmation cited wrong channel"));
+ crStopV;
}
ssh->mainchan->remoteid = ssh2_pkt_getuint32(ssh);
ssh->mainchan->type = CHAN_MAINSESSION;
if (ssh->pktin.type != SSH2_MSG_CHANNEL_SUCCESS) {
if (ssh->pktin.type != SSH2_MSG_CHANNEL_FAILURE) {
- bombout((ssh,"Unexpected response to X11 forwarding request:"
+ bombout(("Unexpected response to X11 forwarding request:"
" packet type %d", ssh->pktin.type));
- crReturnV;
+ crStopV;
}
logevent("X11 forwarding refused");
} else {
if (n < 255) sports[n++] = *ssh->portfwd_strptr++;
}
sports[n] = 0;
- if (*ssh->portfwd_strptr == '\t')
- ssh->portfwd_strptr++;
- n = 0;
- while (*ssh->portfwd_strptr && *ssh->portfwd_strptr != ':') {
- if (n < 255) host[n++] = *ssh->portfwd_strptr++;
- }
- host[n] = 0;
- if (*ssh->portfwd_strptr == ':')
+ if (type != 'D') {
+ if (*ssh->portfwd_strptr == '\t')
+ ssh->portfwd_strptr++;
+ n = 0;
+ while (*ssh->portfwd_strptr && *ssh->portfwd_strptr != ':') {
+ if (n < 255) host[n++] = *ssh->portfwd_strptr++;
+ }
+ host[n] = 0;
+ if (*ssh->portfwd_strptr == ':')
+ ssh->portfwd_strptr++;
+ n = 0;
+ while (*ssh->portfwd_strptr) {
+ if (n < 255) dports[n++] = *ssh->portfwd_strptr++;
+ }
+ dports[n] = 0;
ssh->portfwd_strptr++;
- n = 0;
- while (*ssh->portfwd_strptr) {
- if (n < 255) dports[n++] = *ssh->portfwd_strptr++;
- }
- dports[n] = 0;
- ssh->portfwd_strptr++;
- dport = atoi(dports);
- dserv = 0;
- if (dport == 0) {
- dserv = 1;
- dport = net_service_lookup(dports);
- if (!dport) {
- logeventf(ssh, "Service lookup failed for destination"
- " port \"%s\"", dports);
+ dport = atoi(dports);
+ dserv = 0;
+ if (dport == 0) {
+ dserv = 1;
+ dport = net_service_lookup(dports);
+ if (!dport) {
+ logeventf(ssh, "Service lookup failed for destination"
+ " port \"%s\"", dports);
+ }
}
+ } else {
+ while (*ssh->portfwd_strptr) ssh->portfwd_strptr++;
+ dport = dserv = -1;
}
sport = atoi(sports);
sserv = 0;
host,
(int)(dserv ? strlen(dports) : 0), dports,
dserv, "(", dport, dserv, ")");
+ } else if (type == 'D') {
+ pfd_addforward(NULL, -1, *saddr ? saddr : NULL,
+ sport, ssh, &ssh->cfg);
+ logeventf(ssh, "Local port %.*s%.*s%.*s%.*s%d%.*s"
+ " doing SOCKS dynamic forwarding",
+ (int)(*saddr?strlen(saddr):0), *saddr?saddr:NULL,
+ (int)(*saddr?1:0), ":",
+ (int)(sserv ? strlen(sports) : 0), sports,
+ sserv, "(", sport, sserv, ")");
} else {
struct ssh_rportfwd *pf;
- pf = smalloc(sizeof(*pf));
+ pf = snew(struct ssh_rportfwd);
strcpy(pf->dhost, host);
pf->dport = dport;
pf->sport = sport;
if (ssh->pktin.type != SSH2_MSG_REQUEST_SUCCESS) {
if (ssh->pktin.type != SSH2_MSG_REQUEST_FAILURE) {
- bombout((ssh,"Unexpected response to port "
+ bombout(("Unexpected response to port "
"forwarding request: packet type %d",
ssh->pktin.type));
- crReturnV;
+ crStopV;
}
logevent("Server refused this port forwarding");
} else {
if (ssh->pktin.type != SSH2_MSG_CHANNEL_SUCCESS) {
if (ssh->pktin.type != SSH2_MSG_CHANNEL_FAILURE) {
- bombout((ssh,"Unexpected response to agent forwarding request:"
+ bombout(("Unexpected response to agent forwarding request:"
" packet type %d", ssh->pktin.type));
- crReturnV;
+ crStopV;
}
logevent("Agent forwarding refused");
} else {
if (ssh->pktin.type != SSH2_MSG_CHANNEL_SUCCESS) {
if (ssh->pktin.type != SSH2_MSG_CHANNEL_FAILURE) {
- bombout((ssh,"Unexpected response to pty request:"
+ bombout(("Unexpected response to pty request:"
" packet type %d", ssh->pktin.type));
- crReturnV;
+ crStopV;
}
c_write_str(ssh, "Server refused to allocate pty\r\n");
ssh->editing = ssh->echoing = 1;
} while (ssh->pktin.type == SSH2_MSG_CHANNEL_WINDOW_ADJUST);
if (ssh->pktin.type != SSH2_MSG_CHANNEL_SUCCESS) {
if (ssh->pktin.type != SSH2_MSG_CHANNEL_FAILURE) {
- bombout((ssh,"Unexpected response to shell/command request:"
+ bombout(("Unexpected response to shell/command request:"
" packet type %d", ssh->pktin.type));
- crReturnV;
+ crStopV;
}
/*
* We failed to start the command. If this is the
ssh->fallback_cmd = TRUE;
continue;
}
- bombout((ssh,"Server refused to start a shell/command"));
- crReturnV;
+ bombout(("Server refused to start a shell/command"));
+ crStopV;
} else {
logevent("Started a shell/command");
}
continue; /* extended but not stderr */
ssh2_pkt_getstring(ssh, &data, &length);
if (data) {
- int bufsize;
+ int bufsize = 0;
c->v.v2.locwindow -= length;
switch (c->type) {
case CHAN_MAINSESSION:
if (c->u.a.lensofar == 4) {
c->u.a.totallen =
4 + GET_32BIT(c->u.a.msglen);
- c->u.a.message = smalloc(c->u.a.totallen);
+ c->u.a.message = snewn(c->u.a.totallen,
+ unsigned char);
memcpy(c->u.a.message, c->u.a.msglen, 4);
}
if (c->u.a.lensofar >= 4 && length > 0) {
c = find234(ssh->channels, &i, ssh_channelfind);
if (!c || ((int)c->remoteid) == -1) {
- bombout((ssh,"Received CHANNEL_CLOSE for %s channel %d\n",
+ bombout(("Received CHANNEL_CLOSE for %s channel %d\n",
c ? "half-open" : "nonexistent", i));
+ crStopV;
}
/* Do pre-close processing on the channel. */
switch (c->type) {
* See if that was the last channel left open.
*/
if (count234(ssh->channels) == 0) {
+ logevent("All channels closed. Disconnecting");
#if 0
/*
* We used to send SSH_MSG_DISCONNECT here,
* this is more polite than sending a
* DISCONNECT. So now we don't.
*/
- logevent("All channels closed. Disconnecting");
ssh2_pkt_init(ssh, SSH2_MSG_DISCONNECT);
ssh2_pkt_adduint32(ssh, SSH2_DISCONNECT_BY_APPLICATION);
ssh2_pkt_addstring(ssh, "All open channels closed");
ssh2_pkt_addstring(ssh, "en"); /* language tag */
ssh2_pkt_send(ssh);
#endif
- ssh->state = SSH_STATE_CLOSED;
- crReturnV;
+ ssh_closing((Plug)ssh, NULL, 0, 0);
+ crStopV;
}
continue; /* remote sends close; ignore (FIXME) */
} else if (ssh->pktin.type == SSH2_MSG_CHANNEL_WINDOW_ADJUST) {
ssh2_pkt_addstring(ssh, buf);
ssh2_pkt_addstring(ssh, "en"); /* language tag */
ssh2_pkt_send(ssh);
- connection_fatal("%s", buf);
- ssh->state = SSH_STATE_CLOSED;
- crReturnV;
+ connection_fatal(ssh->frontend, "%s", buf);
+ ssh_closing((Plug)ssh, NULL, 0, 0);
+ crStopV;
}
/*
int typelen;
char *peeraddr;
int peeraddrlen;
- int port;
+ int peerport;
char *error = NULL;
struct ssh_channel *c;
unsigned remid, winsize, pktsize;
ssh2_pkt_getstring(ssh, &type, &typelen);
- c = smalloc(sizeof(struct ssh_channel));
+ c = snew(struct ssh_channel);
c->ssh = ssh;
remid = ssh2_pkt_getuint32(ssh);
winsize = ssh2_pkt_getuint32(ssh);
pktsize = ssh2_pkt_getuint32(ssh);
- ssh2_pkt_getstring(ssh, &peeraddr, &peeraddrlen);
- port = ssh2_pkt_getuint32(ssh);
if (typelen == 3 && !memcmp(type, "x11", 3)) {
- char *addrstr = smalloc(peeraddrlen+1);
+ char *addrstr;
+
+ ssh2_pkt_getstring(ssh, &peeraddr, &peeraddrlen);
+ addrstr = snewn(peeraddrlen+1, char);
memcpy(addrstr, peeraddr, peeraddrlen);
peeraddr[peeraddrlen] = '\0';
+ peerport = ssh2_pkt_getuint32(ssh);
if (!ssh->X11_fwd_enabled)
error = "X11 forwarding is not enabled";
else if (x11_init(&c->u.x11.s, ssh->cfg.x11_display, c,
- ssh->x11auth, addrstr, port,
+ ssh->x11auth, addrstr, peerport,
&ssh->cfg) != NULL) {
error = "Unable to open an X11 connection";
} else {
int dummylen;
ssh2_pkt_getstring(ssh, &dummy, &dummylen);/* skip address */
pf.sport = ssh2_pkt_getuint32(ssh);
+ ssh2_pkt_getstring(ssh, &peeraddr, &peeraddrlen);
+ peerport = ssh2_pkt_getuint32(ssh);
realpf = find234(ssh->rportfwds, &pf, NULL);
if (realpf == NULL) {
error = "Remote port is not recognised";
ssh2_pkt_send(ssh);
}
} else {
- bombout((ssh,"Strange packet received: type %d", ssh->pktin.type));
- crReturnV;
+ bombout(("Strange packet received: type %d", ssh->pktin.type));
+ crStopV;
}
} else {
/*
char *p;
Ssh ssh;
- ssh = smalloc(sizeof(*ssh));
+ ssh = snew(struct ssh_tag);
ssh->cfg = *cfg; /* STRUCTURE COPY */
+ ssh->version = 0; /* when not ready yet */
ssh->s = NULL;
ssh->cipher = NULL;
ssh->v1_cipher_ctx = NULL;
}
/*
+ * Return a list of the special codes that make sense in this
+ * protocol.
+ */
+static const struct telnet_special *ssh_get_specials(void *handle)
+{
+ Ssh ssh = (Ssh) handle;
+
+ if (ssh->version == 1) {
+ static const struct telnet_special ssh1_specials[] = {
+ {"IGNORE message", TS_NOP},
+ {NULL, 0}
+ };
+ return ssh1_specials;
+ } else if (ssh->version == 2) {
+ static const struct telnet_special ssh2_specials[] = {
+ {"Break", TS_BRK},
+ {"IGNORE message", TS_NOP},
+ {NULL, 0}
+ };
+ return ssh2_specials;
+ } else
+ return NULL;
+}
+
+/*
* Send Telnet special codes. TS_EOF is useful for `plink', so you
* can send an EOF and collect resulting output (e.g. `plink
* hostname sort').
ssh2_pkt_send(ssh);
}
logevent("Sent EOF message");
- } else if (code == TS_PING) {
+ } else if (code == TS_PING || code == TS_NOP) {
if (ssh->state == SSH_STATE_CLOSED
|| ssh->state == SSH_STATE_PREPACKET) return;
if (ssh->version == 1) {
ssh2_pkt_addstring_start(ssh);
ssh2_pkt_send(ssh);
}
+ } else if (code == TS_BRK) {
+ if (ssh->state == SSH_STATE_CLOSED
+ || ssh->state == SSH_STATE_PREPACKET) return;
+ if (ssh->version == 1) {
+ logevent("Unable to send BREAK signal in SSH1");
+ } else {
+ ssh2_pkt_init(ssh, SSH2_MSG_CHANNEL_REQUEST);
+ ssh2_pkt_adduint32(ssh, ssh->mainchan->remoteid);
+ ssh2_pkt_addstring(ssh, "break");
+ ssh2_pkt_addbool(ssh, 0);
+ ssh2_pkt_adduint32(ssh, 0); /* default break length */
+ ssh2_pkt_send(ssh);
+ }
} else {
/* do nothing */
}
{
Ssh ssh = (Ssh) handle;
struct ssh_channel *c;
- c = smalloc(sizeof(struct ssh_channel));
+ c = snew(struct ssh_channel);
c->ssh = ssh;
if (c) {
static int ssh_return_exitcode(void *handle)
{
Ssh ssh = (Ssh) handle;
- return ssh->exitcode;
+ if (ssh->s != NULL)
+ return -1;
+ else
+ return (ssh->exitcode >= 0 ? ssh->exitcode : 0);
}
/*
ssh_sendbuffer,
ssh_size,
ssh_special,
+ ssh_get_specials,
ssh_socket,
ssh_return_exitcode,
ssh_sendok,