#define BUG_CHOKES_ON_RSA 8
#define BUG_SSH2_RSA_PADDING 16
#define BUG_SSH2_DERIVEKEY 32
+#define BUG_SSH2_DH_GEX 64
static int ssh_pkt_ctx = 0;
static int ssh_send_ok;
static int ssh_echoing, ssh_editing;
+static void *frontend;
+
+static int ssh_term_width, ssh_term_height;
+
static tree234 *ssh_channels; /* indexed by local id */
static struct ssh_channel *mainchan; /* primary session channel */
static int ssh_exitcode = -1;
static void (*ssh_protocol) (unsigned char *in, int inlen, int ispkt);
static void ssh1_protocol(unsigned char *in, int inlen, int ispkt);
static void ssh2_protocol(unsigned char *in, int inlen, int ispkt);
-static void ssh_size(void);
+static void ssh_size(int width, int height);
static void ssh_special(Telnet_Special);
static int ssh2_try_send(struct ssh_channel *c);
static void ssh2_add_channel_data(struct ssh_channel *c, char *buf,
fputc(buf[i], stderr);
return;
}
- from_backend(1, buf, len);
+ from_backend(frontend, 1, buf, len);
}
static void c_write_untrusted(char *buf, int len)
ssh_remote_bugs |= BUG_SSH2_RSA_PADDING;
logevent("We believe remote version has SSH2 RSA padding bug");
}
+
+ if (cfg.sshbug_dhgex2 == BUG_ON) {
+ /*
+ * These versions have the SSH2 DH GEX bug.
+ */
+ ssh_remote_bugs |= BUG_SSH2_DH_GEX;
+ logevent("We believe remote version has SSH2 DH group exchange bug");
+ }
}
static int do_ssh_init(unsigned char c)
if (!cfg.nopty) {
send_packet(SSH1_CMSG_REQUEST_PTY,
PKT_STR, cfg.termtype,
- PKT_INT, rows, PKT_INT, cols,
+ PKT_INT, ssh_term_height,
+ PKT_INT, ssh_term_width,
PKT_INT, 0, PKT_INT, 0, PKT_CHAR, 0, PKT_END);
ssh_state = SSH_STATE_INTERMED;
do {
ssh_state = SSH_STATE_SESSION;
if (size_needed)
- ssh_size();
+ ssh_size(ssh_term_width, ssh_term_height);
if (eof_needed)
ssh_special(TS_EOF);
pktin.type == SSH1_SMSG_STDERR_DATA) {
long len = GET_32BIT(pktin.body);
int bufsize =
- from_backend(pktin.type == SSH1_SMSG_STDERR_DATA,
+ from_backend(frontend, pktin.type == SSH1_SMSG_STDERR_DATA,
pktin.body + 4, len);
if (!ssh1_stdout_throttling && bufsize > SSH1_BUFFER_LIMIT) {
ssh1_stdout_throttling = 1;
/*
* Be prepared to work around the buggy MAC problem.
*/
- if (cfg.buggymac || (ssh_remote_bugs & BUG_SSH2_HMAC))
+ if (ssh_remote_bugs & BUG_SSH2_HMAC)
maclist = buggymacs, nmacs = lenof(buggymacs);
else
maclist = macs, nmacs = lenof(macs);
/* List key exchange algorithms. */
ssh2_pkt_addstring_start();
for (i = 0; i < lenof(kex_algs); i++) {
+ if (kex_algs[i] == &ssh_diffiehellman_gex &&
+ (ssh_remote_bugs & BUG_SSH2_DH_GEX))
+ continue;
ssh2_pkt_addstring_str(kex_algs[i]->name);
if (i < lenof(kex_algs) - 1)
ssh2_pkt_addstring_str(",");
pktin.savedpos += 16; /* skip garbage cookie */
ssh2_pkt_getstring(&str, &len); /* key exchange algorithms */
for (i = 0; i < lenof(kex_algs); i++) {
+ if (kex_algs[i] == &ssh_diffiehellman_gex &&
+ (ssh_remote_bugs & BUG_SSH2_DH_GEX))
+ continue;
if (in_commasep_string(kex_algs[i]->name, str, len)) {
kex = kex_algs[i];
break;
ssh2_pkt_addstring("pty-req");
ssh2_pkt_addbool(1); /* want reply */
ssh2_pkt_addstring(cfg.termtype);
- ssh2_pkt_adduint32(cols);
- ssh2_pkt_adduint32(rows);
+ ssh2_pkt_adduint32(ssh_term_width);
+ ssh2_pkt_adduint32(ssh_term_height);
ssh2_pkt_adduint32(0); /* pixel width */
ssh2_pkt_adduint32(0); /* pixel height */
ssh2_pkt_addstring_start();
ssh_state = SSH_STATE_SESSION;
if (size_needed)
- ssh_size();
+ ssh_size(ssh_term_width, ssh_term_height);
if (eof_needed)
ssh_special(TS_EOF);
switch (c->type) {
case CHAN_MAINSESSION:
bufsize =
- from_backend(pktin.type ==
+ from_backend(frontend, pktin.type ==
SSH2_MSG_CHANNEL_EXTENDED_DATA,
data, length);
break;
*
* Returns an error message, or NULL on success.
*/
-static char *ssh_init(char *host, int port, char **realhost, int nodelay)
+static char *ssh_init(void *frontend_handle,
+ char *host, int port, char **realhost, int nodelay)
{
char *p;
return "Microsoft high encryption pack not installed!";
#endif
+ frontend = frontend_handle;
+ ssh_term_width = cfg.width;
+ ssh_term_height = cfg.height;
+
ssh_send_ok = 0;
ssh_editing = 0;
ssh_echoing = 0;
/*
* Called to set the size of the window from SSH's POV.
*/
-static void ssh_size(void)
+static void ssh_size(int width, int height)
{
+ ssh_term_width = width;
+ ssh_term_height = height;
+
switch (ssh_state) {
case SSH_STATE_BEFORE_SIZE:
case SSH_STATE_PREPACKET:
break;
case SSH_STATE_SESSION:
if (!cfg.nopty) {
+ if (!term)
+ return;
if (ssh_version == 1) {
send_packet(SSH1_CMSG_WINDOW_SIZE,
- PKT_INT, rows, PKT_INT, cols,
+ PKT_INT, ssh_term_height, PKT_INT, ssh_term_width,
PKT_INT, 0, PKT_INT, 0, PKT_END);
} else {
ssh2_pkt_init(SSH2_MSG_CHANNEL_REQUEST);
ssh2_pkt_adduint32(mainchan->remoteid);
ssh2_pkt_addstring("window-change");
ssh2_pkt_addbool(0);
- ssh2_pkt_adduint32(cols);
- ssh2_pkt_adduint32(rows);
+ ssh2_pkt_adduint32(ssh_term_width);
+ ssh2_pkt_adduint32(ssh_term_height);
ssh2_pkt_adduint32(0);
ssh2_pkt_adduint32(0);
ssh2_pkt_send();