(cp)[2] = (unsigned char)((value) >> 8); \
(cp)[3] = (unsigned char)(value); }
-enum { PKT_END, PKT_INT, PKT_CHAR, PKT_DATA, PKT_STR, PKT_BIGNUM };
+/* Enumeration values for fields in SSH-1 packets */
+enum {
+ PKT_END, PKT_INT, PKT_CHAR, PKT_DATA, PKT_STR, PKT_BIGNUM,
+ /* These values are for communicating relevant semantics of
+ * fields to the packet logging code. */
+ PKTT_OTHER, PKTT_PASSWORD, PKTT_DATA
+};
/*
* Coroutine mechanics for the sillier bits of the code. If these
int deferred_len, deferred_size;
/*
+ * State associated with packet logging
+ */
+ int pktout_logmode;
+ int pktout_nblanks;
+ struct logblank_t *pktout_blanks;
+
+ /*
* Gross hack: pscp will try to start SFTP but fall back to
* scp1 if that fails. This variable is the means by which
* scp.c can reach into the SSH code and find out which one it
sfree(text); \
} while (0)
+/* Functions to leave bits out of the SSH packet log file. */
+
+static void dont_log_password(Ssh ssh, int blanktype)
+{
+ if (ssh->cfg.logomitpass)
+ ssh->pktout_logmode = blanktype;
+}
+
+static void dont_log_data(Ssh ssh, int blanktype)
+{
+ if (ssh->cfg.logomitdata)
+ ssh->pktout_logmode = blanktype;
+}
+
+static void end_log_omission(Ssh ssh)
+{
+ ssh->pktout_logmode = PKTLOG_EMIT;
+}
+
static int ssh_channelcmp(void *av, void *bv)
{
struct ssh_channel *a = (struct ssh_channel *) av;
ssh->pktin.type = ssh->pktin.body[-1];
- if (ssh->logctx)
+ /*
+ * Log incoming packet, possibly omitting sensitive fields.
+ */
+ if (ssh->logctx) {
+ int nblanks = 0;
+ struct logblank_t blank;
+ if (ssh->cfg.logomitdata) {
+ int do_blank = FALSE, blank_prefix = 0;
+ /* "Session data" packets - omit the data field */
+ if ((ssh->pktin.type == SSH1_SMSG_STDOUT_DATA) ||
+ (ssh->pktin.type == SSH1_SMSG_STDERR_DATA)) {
+ do_blank = TRUE; blank_prefix = 0;
+ } else if (ssh->pktin.type == SSH1_MSG_CHANNEL_DATA) {
+ do_blank = TRUE; blank_prefix = 4;
+ }
+ if (do_blank) {
+ blank.offset = blank_prefix;
+ blank.len = ssh->pktin.length;
+ blank.type = PKTLOG_OMIT;
+ nblanks = 1;
+ }
+ }
log_packet(ssh->logctx,
PKT_INCOMING, ssh->pktin.type,
ssh1_pkt_type(ssh->pktin.type),
- ssh->pktin.body, ssh->pktin.length);
+ ssh->pktin.body, ssh->pktin.length,
+ nblanks, &blank);
+ }
if (ssh->pktin.type == SSH1_SMSG_STDOUT_DATA ||
ssh->pktin.type == SSH1_SMSG_STDERR_DATA ||
ssh->pktin.body = ssh->pktin.data;
ssh->pktin.type = ssh->pktin.data[5];
- if (ssh->logctx)
+ /*
+ * Log incoming packet, possibly omitting sensitive fields.
+ */
+ if (ssh->logctx) {
+ int nblanks = 0;
+ struct logblank_t blank;
+ if (ssh->cfg.logomitdata) {
+ int do_blank = FALSE, blank_prefix = 0;
+ /* "Session data" packets - omit the data field */
+ if (ssh->pktin.type == SSH2_MSG_CHANNEL_DATA) {
+ do_blank = TRUE; blank_prefix = 4;
+ } else if (ssh->pktin.type == SSH2_MSG_CHANNEL_EXTENDED_DATA) {
+ do_blank = TRUE; blank_prefix = 8;
+ }
+ if (do_blank) {
+ blank.offset = blank_prefix;
+ blank.len = (ssh->pktin.length-6) - blank_prefix;
+ blank.type = PKTLOG_OMIT;
+ nblanks = 1;
+ }
+ }
log_packet(ssh->logctx, PKT_INCOMING, ssh->pktin.type,
ssh2_pkt_type(ssh->pkt_ctx, ssh->pktin.type),
- ssh->pktin.data+6, ssh->pktin.length-6);
+ ssh->pktin.data+6, ssh->pktin.length-6,
+ nblanks, &blank);
+ }
switch (ssh->pktin.type) {
/*
{
ssh1_pktout_size(ssh, len);
ssh->pktout.type = type;
+ /* Initialise log omission state */
+ ssh->pktout_nblanks = 0;
+ ssh->pktout_blanks = NULL;
}
static int s_wrpkt_prepare(Ssh ssh)
if (ssh->logctx)
log_packet(ssh->logctx, PKT_OUTGOING, ssh->pktout.type,
ssh1_pkt_type(ssh->pktout.type),
- ssh->pktout.body, ssh->pktout.length);
+ ssh->pktout.body, ssh->pktout.length,
+ ssh->pktout_nblanks, ssh->pktout_blanks);
+ sfree(ssh->pktout_blanks); ssh->pktout_blanks = NULL;
+ ssh->pktout_nblanks = 0;
if (ssh->v1_compressing) {
unsigned char *compblk;
bn = va_arg(ap1, Bignum);
pktlen += ssh1_bignum_length(bn);
break;
+ case PKTT_PASSWORD:
+ case PKTT_DATA:
+ case PKTT_OTHER:
+ /* ignore this pass */
+ break;
default:
assert(0);
}
p = ssh->pktout.body;
while ((argtype = va_arg(ap2, int)) != PKT_END) {
+ int offset = p - ssh->pktout.body, len = 0;
switch (argtype) {
+ /* Actual fields in the packet */
case PKT_INT:
argint = va_arg(ap2, int);
PUT_32BIT(p, argint);
- p += 4;
+ len = 4;
break;
case PKT_CHAR:
argchar = (unsigned char) va_arg(ap2, int);
*p = argchar;
- p++;
+ len = 1;
break;
case PKT_DATA:
argp = va_arg(ap2, unsigned char *);
arglen = va_arg(ap2, int);
memcpy(p, argp, arglen);
- p += arglen;
+ len = arglen;
break;
case PKT_STR:
argp = va_arg(ap2, unsigned char *);
arglen = strlen((char *)argp);
PUT_32BIT(p, arglen);
memcpy(p + 4, argp, arglen);
- p += 4 + arglen;
+ len = arglen + 4;
break;
case PKT_BIGNUM:
bn = va_arg(ap2, Bignum);
- p += ssh1_write_bignum(p, bn);
+ len = ssh1_write_bignum(p, bn);
+ break;
+ /* Tokens for modifications to packet logging */
+ case PKTT_PASSWORD:
+ dont_log_password(ssh, PKTLOG_BLANK);
+ break;
+ case PKTT_DATA:
+ dont_log_data(ssh, PKTLOG_OMIT);
+ break;
+ case PKTT_OTHER:
+ end_log_omission(ssh);
break;
}
+ p += len;
+ /* Deal with logfile omission, if required. */
+ if (len && (ssh->pktout_logmode != PKTLOG_EMIT)) {
+ ssh->pktout_nblanks++;
+ ssh->pktout_blanks = sresize(ssh->pktout_blanks,
+ ssh->pktout_nblanks,
+ struct logblank_t);
+ ssh->pktout_blanks[ssh->pktout_nblanks-1].offset = offset;
+ ssh->pktout_blanks[ssh->pktout_nblanks-1].len = len;
+ ssh->pktout_blanks[ssh->pktout_nblanks-1].type =
+ ssh->pktout_logmode;
+ }
}
}
}
static void ssh2_pkt_adddata(Ssh ssh, void *data, int len)
{
+ if (ssh->pktout_logmode != PKTLOG_EMIT) {
+ ssh->pktout_nblanks++;
+ ssh->pktout_blanks = sresize(ssh->pktout_blanks, ssh->pktout_nblanks,
+ struct logblank_t);
+ ssh->pktout_blanks[ssh->pktout_nblanks-1].offset =
+ ssh->pktout.length - 6;
+ ssh->pktout_blanks[ssh->pktout_nblanks-1].len = len;
+ ssh->pktout_blanks[ssh->pktout_nblanks-1].type = ssh->pktout_logmode;
+ }
ssh->pktout.length += len;
ssh2_pkt_ensure(ssh, ssh->pktout.length);
memcpy(ssh->pktout.data + ssh->pktout.length - len, data, len);
static void ssh2_pkt_init(Ssh ssh, int pkt_type)
{
ssh->pktout.length = 5;
+ ssh->pktout_nblanks = 0; ssh->pktout_blanks = NULL;
ssh2_pkt_addbyte(ssh, (unsigned char) pkt_type);
}
static void ssh2_pkt_addbool(Ssh ssh, unsigned char value)
if (ssh->logctx)
log_packet(ssh->logctx, PKT_OUTGOING, ssh->pktout.data[5],
ssh2_pkt_type(ssh->pkt_ctx, ssh->pktout.data[5]),
- ssh->pktout.data + 6, ssh->pktout.length - 6);
+ ssh->pktout.data + 6, ssh->pktout.length - 6,
+ ssh->pktout_nblanks, ssh->pktout_blanks);
+ sfree(ssh->pktout_blanks); ssh->pktout_blanks = NULL;
+ ssh->pktout_nblanks = 0;
/*
* Compress packet payload.
} else {
send_packet(ssh, SSH1_MSG_CHANNEL_DATA,
PKT_INT, c->remoteid,
+ PKTT_DATA,
PKT_INT, replylen,
PKT_DATA, sentreply, replylen,
+ PKTT_OTHER,
PKT_END);
}
if (reply)
randomstr = snewn(top + 1, char);
for (i = bottom; i <= top; i++) {
- if (i == pwlen)
+ if (i == pwlen) {
defer_packet(ssh, s->pwpkt_type,
- PKT_STR, s->password, PKT_END);
- else {
+ PKTT_PASSWORD, PKT_STR, s->password,
+ PKTT_OTHER, PKT_END);
+ } else {
for (j = 0; j < i; j++) {
do {
randomstr[j] = random_byte();
ss = s->password;
}
logevent("Sending length-padded password");
- send_packet(ssh, s->pwpkt_type, PKT_INT, len,
- PKT_DATA, ss, len, PKT_END);
+ send_packet(ssh, s->pwpkt_type, PKTT_PASSWORD,
+ PKT_INT, len, PKT_DATA, ss, len,
+ PKTT_OTHER, PKT_END);
} else {
/*
* The server has _both_
int len;
len = strlen(s->password);
logevent("Sending unpadded password");
- send_packet(ssh, s->pwpkt_type, PKT_INT, len,
- PKT_DATA, s->password, len, PKT_END);
+ send_packet(ssh, s->pwpkt_type,
+ PKTT_PASSWORD, PKT_INT, len,
+ PKT_DATA, s->password, len,
+ PKTT_OTHER, PKT_END);
}
} else {
- send_packet(ssh, s->pwpkt_type, PKT_STR, s->password, PKT_END);
+ send_packet(ssh, s->pwpkt_type, PKTT_PASSWORD,
+ PKT_STR, s->password, PKTT_OTHER, PKT_END);
}
}
logevent("Sent password");
if (ssh->version == 1) {
send_packet(ssh, SSH1_MSG_CHANNEL_DATA,
PKT_INT, c->remoteid,
- PKT_INT, len, PKT_DATA, buf, len, PKT_END);
+ PKTT_DATA,
+ PKT_INT, len, PKT_DATA, buf, len,
+ PKTT_OTHER, PKT_END);
/*
* In SSH1 we can return 0 here - implying that forwarded
* connections are never individually throttled - because
} else {
while (inlen > 0) {
int len = min(inlen, 512);
- send_packet(ssh, SSH1_CMSG_STDIN_DATA,
- PKT_INT, len, PKT_DATA, in, len, PKT_END);
+ send_packet(ssh, SSH1_CMSG_STDIN_DATA, PKTT_DATA,
+ PKT_INT, len, PKT_DATA, in, len,
+ PKTT_OTHER, PKT_END);
in += len;
inlen -= len;
}
ssh->cscipher->text_name);
logeventf(ssh, "Initialised %.200s server->client encryption",
ssh->sccipher->text_name);
+ logeventf(ssh, "Initialised %.200s client->server MAC algorithm",
+ ssh->csmac->text_name);
+ logeventf(ssh, "Initialised %.200s server->client MAC algorithm",
+ ssh->scmac->text_name);
if (ssh->cscomp->text_name)
logeventf(ssh, "Initialised %s compression",
ssh->cscomp->text_name);
len = c->v.v2.remmaxpkt;
ssh2_pkt_init(ssh, SSH2_MSG_CHANNEL_DATA);
ssh2_pkt_adduint32(ssh, c->remoteid);
+ dont_log_data(ssh, PKTLOG_OMIT);
ssh2_pkt_addstring_start(ssh);
ssh2_pkt_addstring_data(ssh, data, len);
+ end_log_omission(ssh);
ssh2_pkt_send(ssh);
bufchain_consume(&c->v.v2.outbuffer, len);
c->v.v2.remwindow -= len;
int siglen, retlen, len;
char *q, *agentreq, *ret;
int try_send;
+ int num_env, env_left, env_ok;
};
crState(do_ssh2_authconn_state);
ssh2_pkt_addstring(ssh, "ssh-connection"); /* service requested */
ssh2_pkt_addstring(ssh, "password");
ssh2_pkt_addbool(ssh, FALSE);
+ dont_log_password(ssh, PKTLOG_BLANK);
ssh2_pkt_addstring(ssh, s->password);
memset(s->password, 0, sizeof(s->password));
+ end_log_omission(ssh);
ssh2_pkt_defer(ssh);
/*
* We'll include a string that's an exact multiple of the
ssh2_pkt_adduint32(ssh, s->num_prompts);
}
if (s->need_pw) { /* only add pw if we just got one! */
+ dont_log_password(ssh, PKTLOG_BLANK);
ssh2_pkt_addstring(ssh, s->password);
memset(s->password, 0, sizeof(s->password));
+ end_log_omission(ssh);
s->curr_prompt++;
}
if (s->curr_prompt >= s->num_prompts) {
* point; there's no need to send SERVICE_REQUEST.
*/
+ ssh->channels = newtree234(ssh_channelcmp);
+
/*
- * So now create a channel with a session in it.
+ * Create the main session channel.
*/
- ssh->channels = newtree234(ssh_channelcmp);
- ssh->mainchan = snew(struct ssh_channel);
- ssh->mainchan->ssh = ssh;
- ssh->mainchan->localid = alloc_channel_id(ssh);
- ssh2_pkt_init(ssh, SSH2_MSG_CHANNEL_OPEN);
- ssh2_pkt_addstring(ssh, "session");
- ssh2_pkt_adduint32(ssh, ssh->mainchan->localid);
- ssh->mainchan->v.v2.locwindow = OUR_V2_WINSIZE;
- ssh2_pkt_adduint32(ssh, ssh->mainchan->v.v2.locwindow);/* our window size */
- ssh2_pkt_adduint32(ssh, 0x4000UL); /* our max pkt size */
- ssh2_pkt_send(ssh);
- crWaitUntilV(ispkt);
- if (ssh->pktin.type != SSH2_MSG_CHANNEL_OPEN_CONFIRMATION) {
- bombout(("Server refused to open a session"));
- crStopV;
- /* FIXME: error data comes back in FAILURE packet */
- }
- if (ssh_pkt_getuint32(ssh) != ssh->mainchan->localid) {
- bombout(("Server's channel confirmation cited wrong channel"));
- crStopV;
- }
- ssh->mainchan->remoteid = ssh_pkt_getuint32(ssh);
- ssh->mainchan->type = CHAN_MAINSESSION;
- ssh->mainchan->closes = 0;
- ssh->mainchan->v.v2.remwindow = ssh_pkt_getuint32(ssh);
- ssh->mainchan->v.v2.remmaxpkt = ssh_pkt_getuint32(ssh);
- bufchain_init(&ssh->mainchan->v.v2.outbuffer);
- add234(ssh->channels, ssh->mainchan);
- logevent("Opened channel for session");
+ if (!ssh->cfg.ssh_no_shell) {
+ ssh->mainchan = snew(struct ssh_channel);
+ ssh->mainchan->ssh = ssh;
+ ssh->mainchan->localid = alloc_channel_id(ssh);
+ ssh2_pkt_init(ssh, SSH2_MSG_CHANNEL_OPEN);
+ ssh2_pkt_addstring(ssh, "session");
+ ssh2_pkt_adduint32(ssh, ssh->mainchan->localid);
+ ssh->mainchan->v.v2.locwindow = OUR_V2_WINSIZE;
+ ssh2_pkt_adduint32(ssh, ssh->mainchan->v.v2.locwindow);/* our window size */
+ ssh2_pkt_adduint32(ssh, 0x4000UL); /* our max pkt size */
+ ssh2_pkt_send(ssh);
+ crWaitUntilV(ispkt);
+ if (ssh->pktin.type != SSH2_MSG_CHANNEL_OPEN_CONFIRMATION) {
+ bombout(("Server refused to open a session"));
+ crStopV;
+ /* FIXME: error data comes back in FAILURE packet */
+ }
+ if (ssh_pkt_getuint32(ssh) != ssh->mainchan->localid) {
+ bombout(("Server's channel confirmation cited wrong channel"));
+ crStopV;
+ }
+ ssh->mainchan->remoteid = ssh_pkt_getuint32(ssh);
+ ssh->mainchan->type = CHAN_MAINSESSION;
+ ssh->mainchan->closes = 0;
+ ssh->mainchan->v.v2.remwindow = ssh_pkt_getuint32(ssh);
+ ssh->mainchan->v.v2.remmaxpkt = ssh_pkt_getuint32(ssh);
+ bufchain_init(&ssh->mainchan->v.v2.outbuffer);
+ add234(ssh->channels, ssh->mainchan);
+ logevent("Opened channel for session");
+ } else
+ ssh->mainchan = NULL;
/*
* Potentially enable X11 forwarding.
*/
- if (ssh->cfg.x11_forward) {
+ if (ssh->mainchan && ssh->cfg.x11_forward) {
char proto[20], data[64];
logevent("Requesting X11 forwarding");
ssh->x11auth = x11_invent_auth(proto, sizeof(proto),
/*
* Potentially enable agent forwarding.
*/
- if (ssh->cfg.agentfwd && agent_exists()) {
+ if (ssh->mainchan && ssh->cfg.agentfwd && agent_exists()) {
logevent("Requesting OpenSSH-style agent forwarding");
ssh2_pkt_init(ssh, SSH2_MSG_CHANNEL_REQUEST);
ssh2_pkt_adduint32(ssh, ssh->mainchan->remoteid);
/*
* Now allocate a pty for the session.
*/
- if (!ssh->cfg.nopty) {
+ if (ssh->mainchan && !ssh->cfg.nopty) {
/* Unpick the terminal-speed string. */
/* XXX perhaps we should allow no speeds to be sent. */
ssh->ospeed = 38400; ssh->ispeed = 38400; /* last-resort defaults */
}
/*
+ * Send environment variables.
+ *
+ * Simplest thing here is to send all the requests at once, and
+ * then wait for a whole bunch of successes or failures.
+ */
+ if (ssh->mainchan && *ssh->cfg.environmt) {
+ char *e = ssh->cfg.environmt;
+ char *var, *varend, *val;
+
+ s->num_env = 0;
+
+ while (*e) {
+ var = e;
+ while (*e && *e != '\t') e++;
+ varend = e;
+ if (*e == '\t') e++;
+ val = e;
+ while (*e) e++;
+ e++;
+
+ ssh2_pkt_init(ssh, SSH2_MSG_CHANNEL_REQUEST);
+ ssh2_pkt_adduint32(ssh, ssh->mainchan->remoteid);
+ ssh2_pkt_addstring(ssh, "env");
+ ssh2_pkt_addbool(ssh, 1); /* want reply */
+ ssh2_pkt_addstring_start(ssh);
+ ssh2_pkt_addstring_data(ssh, var, varend-var);
+ ssh2_pkt_addstring(ssh, val);
+ ssh2_pkt_send(ssh);
+
+ s->num_env++;
+ }
+
+ logeventf(ssh, "Sent %d environment variables", s->num_env);
+
+ s->env_ok = 0;
+ s->env_left = s->num_env;
+
+ while (s->env_left > 0) {
+ do {
+ crWaitUntilV(ispkt);
+ if (ssh->pktin.type == SSH2_MSG_CHANNEL_WINDOW_ADJUST) {
+ unsigned i = ssh_pkt_getuint32(ssh);
+ struct ssh_channel *c;
+ c = find234(ssh->channels, &i, ssh_channelfind);
+ if (!c)
+ continue; /* nonexistent channel */
+ c->v.v2.remwindow += ssh_pkt_getuint32(ssh);
+ }
+ } while (ssh->pktin.type == SSH2_MSG_CHANNEL_WINDOW_ADJUST);
+
+ if (ssh->pktin.type != SSH2_MSG_CHANNEL_SUCCESS) {
+ if (ssh->pktin.type != SSH2_MSG_CHANNEL_FAILURE) {
+ bombout(("Unexpected response to environment request:"
+ " packet type %d", ssh->pktin.type));
+ crStopV;
+ }
+ } else {
+ s->env_ok++;
+ }
+
+ s->env_left--;
+ }
+
+ if (s->env_ok == s->num_env) {
+ logevent("All environment variables successfully set");
+ } else if (s->env_ok == 0) {
+ logevent("All environment variables refused");
+ c_write_str(ssh, "Server refused to set environment variables\r\n");
+ } else {
+ logeventf(ssh, "%d environment variables refused",
+ s->num_env - s->env_ok);
+ c_write_str(ssh, "Server refused to set all environment variables\r\n");
+ }
+ }
+
+ /*
* Start a shell or a remote command. We may have to attempt
* this twice if the config data has provided a second choice
* of command.
*/
- while (1) {
+ if (ssh->mainchan) while (1) {
int subsys;
char *cmd;
*/
if (ssh->ldisc)
ldisc_send(ssh->ldisc, NULL, 0, 0);/* cause ldisc to notice changes */
- ssh->send_ok = 1;
+ if (ssh->mainchan)
+ ssh->send_ok = 1;
while (1) {
crReturnV;
s->try_send = FALSE;
/*
* See if that was the last channel left open.
+ * (This is only our termination condition if we're
+ * not running in -N mode.)
*/
- if (count234(ssh->channels) == 0) {
+ if (!ssh->cfg.ssh_no_shell && count234(ssh->channels) == 0) {
logevent("All channels closed. Disconnecting");
#if 0
/*
bombout(("Strange packet received: type %d", ssh->pktin.type));
crStopV;
}
- } else {
+ } else if (ssh->mainchan) {
/*
* We have spare data. Add it to the channel buffer.
*/
ssh->deferred_send_data = NULL;
ssh->deferred_len = 0;
ssh->deferred_size = 0;
+ ssh->pktout_logmode = PKTLOG_EMIT;
+ ssh->pktout_nblanks = 0;
+ ssh->pktout_blanks = NULL;
ssh->fallback_cmd = 0;
ssh->pkt_ctx = 0;
ssh->x11auth = NULL;
PKT_INT, ssh->term_height,
PKT_INT, ssh->term_width,
PKT_INT, 0, PKT_INT, 0, PKT_END);
- } else {
+ } else if (ssh->mainchan) {
ssh2_pkt_init(ssh, SSH2_MSG_CHANNEL_REQUEST);
ssh2_pkt_adduint32(ssh, ssh->mainchan->remoteid);
ssh2_pkt_addstring(ssh, "window-change");
}
if (ssh->version == 1) {
send_packet(ssh, SSH1_CMSG_EOF, PKT_END);
- } else {
+ } else if (ssh->mainchan) {
ssh2_pkt_init(ssh, SSH2_MSG_CHANNEL_EOF);
ssh2_pkt_adduint32(ssh, ssh->mainchan->remoteid);
ssh2_pkt_send(ssh);
|| ssh->state == SSH_STATE_PREPACKET) return;
if (ssh->version == 1) {
logevent("Unable to send BREAK signal in SSH1");
- } else {
+ } else if (ssh->mainchan) {
ssh2_pkt_init(ssh, SSH2_MSG_CHANNEL_REQUEST);
ssh2_pkt_adduint32(ssh, ssh->mainchan->remoteid);
ssh2_pkt_addstring(ssh, "break");