projects
/
u
/
mdw
/
putty
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
Introduce a sane interface function, from_backend(), for backends to
[u/mdw/putty]
/
ssh.c
diff --git
a/ssh.c
b/ssh.c
index
509ea3a
..
c065f2f
100644
(file)
--- a/
ssh.c
+++ b/
ssh.c
@@
-25,7
+25,7
@@
if ((flags & FLAG_STDERR) && (flags & FLAG_VERBOSE)) \
fprintf(stderr, "%s\n", s); }
if ((flags & FLAG_STDERR) && (flags & FLAG_VERBOSE)) \
fprintf(stderr, "%s\n", s); }
-#define bombout(msg) ( ssh_state =
=
SSH_STATE_CLOSED, closesocket(s), \
+#define bombout(msg) ( ssh_state = SSH_STATE_CLOSED, closesocket(s), \
s = INVALID_SOCKET, connection_fatal msg )
#define SSH1_MSG_DISCONNECT 1 /* 0x1 */
s = INVALID_SOCKET, connection_fatal msg )
#define SSH1_MSG_DISCONNECT 1 /* 0x1 */
@@
-167,7
+167,7
@@
const static struct ssh_kex *kex_algs[] = { &ssh_diffiehellman };
extern const struct ssh_hostkey ssh_dss;
const static struct ssh_hostkey *hostkey_algs[] = { &ssh_dss };
extern const struct ssh_hostkey ssh_dss;
const static struct ssh_hostkey *hostkey_algs[] = { &ssh_dss };
-extern const struct ssh_mac ssh_
sha1
;
+extern const struct ssh_mac ssh_
md5, ssh_sha1, ssh_sha1_buggy
;
static void nullmac_key(unsigned char *key) { }
static void nullmac_generate(unsigned char *blk, int len, unsigned long seq) { }
static void nullmac_key(unsigned char *key) { }
static void nullmac_generate(unsigned char *blk, int len, unsigned long seq) { }
@@
-175,7
+175,10
@@
static int nullmac_verify(unsigned char *blk, int len, unsigned long seq) { retu
const static struct ssh_mac ssh_mac_none = {
nullmac_key, nullmac_key, nullmac_generate, nullmac_verify, "none", 0
};
const static struct ssh_mac ssh_mac_none = {
nullmac_key, nullmac_key, nullmac_generate, nullmac_verify, "none", 0
};
-const static struct ssh_mac *macs[] = { &ssh_sha1, &ssh_mac_none };
+const static struct ssh_mac *macs[] = {
+ &ssh_sha1, &ssh_md5, &ssh_mac_none };
+const static struct ssh_mac *buggymacs[] = {
+ &ssh_sha1_buggy, &ssh_md5, &ssh_mac_none };
const static struct ssh_compress ssh_comp_none = {
"none"
const static struct ssh_compress ssh_comp_none = {
"none"
@@
-319,13
+322,7
@@
static void c_write (char *buf, int len) {
fputc(buf[i], stderr);
return;
}
fputc(buf[i], stderr);
return;
}
- while (len--)
- c_write1(*buf++);
-}
-
-static void c_writedata (char *buf, int len) {
- while (len--)
- c_write1(*buf++);
+ from_backend(1, buf, len);
}
/*
}
/*
@@
-389,6
+386,12
@@
next_packet:
if (cipher)
cipher->decrypt(pktin.data, st->biglen);
if (cipher)
cipher->decrypt(pktin.data, st->biglen);
+#if 0
+ debug(("Got packet len=%d pad=%d\r\n", st->len, st->pad));
+ for (st->i = 0; st->i < st->biglen; st->i++)
+ debug((" %02x", (unsigned char)pktin.data[st->i]));
+ debug(("\r\n"));
+#endif
pktin.type = pktin.data[st->pad];
pktin.body = pktin.data + st->pad + 1;
pktin.type = pktin.data[st->pad];
pktin.body = pktin.data + st->pad + 1;
@@
-596,6
+599,12
@@
static void s_wrpkt(void) {
PUT_32BIT(pktout.data+biglen, crc);
PUT_32BIT(pktout.data, len);
PUT_32BIT(pktout.data+biglen, crc);
PUT_32BIT(pktout.data, len);
+#if 0
+ debug(("Sending packet len=%d\r\n", biglen+4));
+ for (i = 0; i < biglen+4; i++)
+ debug((" %02x", (unsigned char)pktout.data[i]));
+ debug(("\r\n"));
+#endif
if (cipher)
cipher->encrypt(pktout.data+4, biglen);
if (cipher)
cipher->encrypt(pktout.data+4, biglen);
@@
-1516,7
+1525,7
@@
static int do_ssh1_login(unsigned char *in, int inlen, int ispkt)
static unsigned char buffer[32];
tried_publickey = 1;
static unsigned char buffer[32];
tried_publickey = 1;
- i = loadrsakey(cfg.keyfile, &pubkey, password);
+ i = loadrsakey(cfg.keyfile, &pubkey,
NULL,
password);
if (i == 0) {
c_write("Couldn't load public key from ", 30);
c_write(cfg.keyfile, strlen(cfg.keyfile));
if (i == 0) {
c_write("Couldn't load public key from ", 30);
c_write(cfg.keyfile, strlen(cfg.keyfile));
@@
-1659,7
+1668,8
@@
static void ssh1_protocol(unsigned char *in, int inlen, int ispkt) {
if (pktin.type == SSH1_SMSG_STDOUT_DATA ||
pktin.type == SSH1_SMSG_STDERR_DATA) {
long len = GET_32BIT(pktin.body);
if (pktin.type == SSH1_SMSG_STDOUT_DATA ||
pktin.type == SSH1_SMSG_STDERR_DATA) {
long len = GET_32BIT(pktin.body);
- c_writedata(pktin.body+4, len);
+ from_backend(pktin.type == SSH1_SMSG_STDERR_DATA,
+ pktin.body+4, len);
} else if (pktin.type == SSH1_MSG_DISCONNECT) {
ssh_state = SSH_STATE_CLOSED;
logevent("Received disconnect request");
} else if (pktin.type == SSH1_MSG_DISCONNECT) {
ssh_state = SSH_STATE_CLOSED;
logevent("Received disconnect request");
@@
-1828,6
+1838,8
@@
static int do_ssh2_transport(unsigned char *in, int inlen, int ispkt)
static int i, len;
static char *str;
static Bignum e, f, K;
static int i, len;
static char *str;
static Bignum e, f, K;
+ static const struct ssh_mac **maclist;
+ static int nmacs;
static const struct ssh_cipher *cscipher_tobe = NULL;
static const struct ssh_cipher *sccipher_tobe = NULL;
static const struct ssh_mac *csmac_tobe = NULL;
static const struct ssh_cipher *cscipher_tobe = NULL;
static const struct ssh_cipher *sccipher_tobe = NULL;
static const struct ssh_mac *csmac_tobe = NULL;
@@
-1858,6
+1870,14
@@
static int do_ssh2_transport(unsigned char *in, int inlen, int ispkt)
preferred_cipher = &ssh_3des_ssh2;
}
preferred_cipher = &ssh_3des_ssh2;
}
+ /*
+ * Be prepared to work around the buggy MAC problem.
+ */
+ if (cfg.buggymac)
+ maclist = buggymacs, nmacs = lenof(buggymacs);
+ else
+ maclist = macs, nmacs = lenof(macs);
+
begin_key_exchange:
/*
* Construct and send our key exchange packet.
begin_key_exchange:
/*
* Construct and send our key exchange packet.
@@
-1897,16
+1917,16
@@
static int do_ssh2_transport(unsigned char *in, int inlen, int ispkt)
}
/* List client->server MAC algorithms. */
ssh2_pkt_addstring_start();
}
/* List client->server MAC algorithms. */
ssh2_pkt_addstring_start();
- for (i = 0; i <
lenof(macs)
; i++) {
- ssh2_pkt_addstring_str(mac
s
[i]->name);
- if (i <
lenof(macs)
-1)
+ for (i = 0; i <
nmacs
; i++) {
+ ssh2_pkt_addstring_str(mac
list
[i]->name);
+ if (i <
nmacs
-1)
ssh2_pkt_addstring_str(",");
}
/* List server->client MAC algorithms. */
ssh2_pkt_addstring_start();
ssh2_pkt_addstring_str(",");
}
/* List server->client MAC algorithms. */
ssh2_pkt_addstring_start();
- for (i = 0; i <
lenof(macs)
; i++) {
- ssh2_pkt_addstring_str(mac
s
[i]->name);
- if (i <
lenof(macs)
-1)
+ for (i = 0; i <
nmacs
; i++) {
+ ssh2_pkt_addstring_str(mac
list
[i]->name);
+ if (i <
nmacs
-1)
ssh2_pkt_addstring_str(",");
}
/* List client->server compression algorithms. */
ssh2_pkt_addstring_str(",");
}
/* List client->server compression algorithms. */
@@
-1979,16
+1999,16
@@
static int do_ssh2_transport(unsigned char *in, int inlen, int ispkt)
}
}
ssh2_pkt_getstring(&str, &len); /* client->server mac */
}
}
ssh2_pkt_getstring(&str, &len); /* client->server mac */
- for (i = 0; i <
lenof(macs)
; i++) {
- if (in_commasep_string(mac
s
[i]->name, str, len)) {
- csmac_tobe = mac
s
[i];
+ for (i = 0; i <
nmacs
; i++) {
+ if (in_commasep_string(mac
list
[i]->name, str, len)) {
+ csmac_tobe = mac
list
[i];
break;
}
}
ssh2_pkt_getstring(&str, &len); /* server->client mac */
break;
}
}
ssh2_pkt_getstring(&str, &len); /* server->client mac */
- for (i = 0; i <
lenof(macs)
; i++) {
- if (in_commasep_string(mac
s
[i]->name, str, len)) {
- scmac_tobe = mac
s
[i];
+ for (i = 0; i <
nmacs
; i++) {
+ if (in_commasep_string(mac
list
[i]->name, str, len)) {
+ scmac_tobe = mac
list
[i];
break;
}
}
break;
}
}
@@
-2275,7
+2295,7
@@
static void do_ssh2_authconn(unsigned char *in, int inlen, int ispkt)
ssh2_pkt_init(SSH2_MSG_CHANNEL_OPEN);
ssh2_pkt_addstring("session");
ssh2_pkt_adduint32(mainchan->localid);
ssh2_pkt_init(SSH2_MSG_CHANNEL_OPEN);
ssh2_pkt_addstring("session");
ssh2_pkt_adduint32(mainchan->localid);
- ssh2_pkt_adduint32(0x
7FFFFFFF
UL); /* our window size */
+ ssh2_pkt_adduint32(0x
8000
UL); /* our window size */
ssh2_pkt_adduint32(0x4000UL); /* our max pkt size */
ssh2_pkt_send();
crWaitUntilV(ispkt);
ssh2_pkt_adduint32(0x4000UL); /* our max pkt size */
ssh2_pkt_send();
crWaitUntilV(ispkt);
@@
-2389,7
+2409,8
@@
static void do_ssh2_authconn(unsigned char *in, int inlen, int ispkt)
continue; /* extended but not stderr */
ssh2_pkt_getstring(&data, &length);
if (data) {
continue; /* extended but not stderr */
ssh2_pkt_getstring(&data, &length);
if (data) {
- c_writedata(data, length);
+ from_backend(pktin.type == SSH2_MSG_CHANNEL_EXTENDED_DATA,
+ data, length);
/*
* Enlarge the window again at the remote side,
* just in case it ever runs down and they fail
/*
* Enlarge the window again at the remote side,
* just in case it ever runs down and they fail
@@
-2419,6
+2440,9
@@
static void do_ssh2_authconn(unsigned char *in, int inlen, int ispkt)
logevent("All channels closed. Disconnecting");
ssh2_pkt_init(SSH2_MSG_DISCONNECT);
ssh2_pkt_send();
logevent("All channels closed. Disconnecting");
ssh2_pkt_init(SSH2_MSG_DISCONNECT);
ssh2_pkt_send();
+ ssh_state = SSH_STATE_CLOSED;
+ closesocket(s);
+ s = INVALID_SOCKET;
}
continue; /* remote sends close; ignore (FIXME) */
} else if (pktin.type == SSH2_MSG_CHANNEL_WINDOW_ADJUST) {
}
continue; /* remote sends close; ignore (FIXME) */
} else if (pktin.type == SSH2_MSG_CHANNEL_WINDOW_ADJUST) {