X-Git-Url: https://git.distorted.org.uk/u/mdw/putty/blobdiff_plain/055817455466c8eb60392f30bb7c689763962e17..954d5c5a66596eb50a379e81c20372e922aa89a5:/ssh.c diff --git a/ssh.c b/ssh.c index 170253b2..cf957b44 100644 --- a/ssh.c +++ b/ssh.c @@ -106,6 +106,7 @@ */ #define SSH2_PKTCTX_DHGROUP 0x0001 #define SSH2_PKTCTX_DHGEX 0x0002 +#define SSH2_PKTCTX_KEX_MASK 0x000F #define SSH2_PKTCTX_PUBLICKEY 0x0010 #define SSH2_PKTCTX_PASSWORD 0x0020 #define SSH2_PKTCTX_KBDINTER 0x0040 @@ -162,7 +163,7 @@ static const char *const ssh2_disconnect_reasons[] = { #define BUG_CHOKES_ON_RSA 8 #define BUG_SSH2_RSA_PADDING 16 #define BUG_SSH2_DERIVEKEY 32 -/* 64 was BUG_SSH2_DH_GEX, now spare */ +#define BUG_SSH2_REKEY 64 #define BUG_SSH2_PK_SESSIONID 128 #define translate(x) if (type == x) return #x @@ -359,6 +360,7 @@ static void do_ssh2_authconn(Ssh ssh, unsigned char *in, int inlen, #define SSH1_BUFFER_LIMIT 32768 #define SSH_MAX_BACKLOG 32768 #define OUR_V2_WINSIZE 16384 +#define OUR_V2_MAXPKT 0x4000UL const static struct ssh_signkey *hostkey_algs[] = { &ssh_rsa, &ssh_dss }; @@ -516,16 +518,18 @@ struct ssh_rportfwd { * it. */ struct ssh_portfwd { - int keep; + enum { DESTROY, KEEP, CREATE } status; int type; unsigned sport, dport; char *saddr, *daddr; + char *sserv, *dserv; struct ssh_rportfwd *remote; int addressfamily; void *local; }; #define free_portfwd(pf) ( \ - ((pf) ? (sfree((pf)->saddr), sfree((pf)->daddr)) : (void)0 ), sfree(pf) ) + ((pf) ? (sfree((pf)->saddr), sfree((pf)->daddr), \ + sfree((pf)->sserv), sfree((pf)->dserv)) : (void)0 ), sfree(pf) ) struct Packet { long length; @@ -558,7 +562,7 @@ static void ssh2_add_channel_data(struct ssh_channel *c, char *buf, int len); static void ssh_throttle_all(Ssh ssh, int enable, int bufsize); static void ssh2_set_window(struct ssh_channel *c, unsigned newwin); static int ssh_sendbuffer(void *handle); -static void ssh_do_close(Ssh ssh); +static int ssh_do_close(Ssh ssh, int notify_exit); static unsigned long ssh_pkt_getuint32(struct Packet *pkt); static int ssh2_pkt_getbool(struct Packet *pkt); static void ssh_pkt_getstring(struct Packet *pkt, char **p, int *length); @@ -639,6 +643,7 @@ struct ssh_tag { tree234 *channels; /* indexed by local id */ struct ssh_channel *mainchan; /* primary session channel */ int exitcode; + int close_expected; tree234 *rportfwds, *portfwds; @@ -748,6 +753,7 @@ struct ssh_tag { unsigned long max_data_size; int kex_in_progress; long next_rekey, last_rekey; + char *deferred_rekey_reason; /* points to STATIC string; don't free */ }; #define logevent(s) logevent(ssh->frontend, s) @@ -768,7 +774,7 @@ static void logeventf(Ssh ssh, const char *fmt, ...) #define bombout(msg) \ do { \ char *text = dupprintf msg; \ - ssh_do_close(ssh); \ + ssh_do_close(ssh, FALSE); \ logevent(text); \ connection_fatal(ssh->frontend, "%s", text); \ sfree(text); \ @@ -864,6 +870,10 @@ static int ssh_portcmp(void *av, void *bv) return +1; if (a->type < b->type) return -1; + if (a->addressfamily > b->addressfamily) + return +1; + if (a->addressfamily < b->addressfamily) + return -1; if ( (i = nullstrcmp(a->saddr, b->saddr)) != 0) return i < 0 ? -1 : +1; if (a->sport > b->sport) @@ -1731,8 +1741,7 @@ static void ssh2_pkt_send_noqueue(Ssh ssh, struct Packet *pkt) if (!ssh->kex_in_progress && ssh->max_data_size != 0 && ssh->outgoing_data_size > ssh->max_data_size) - do_ssh2_transport(ssh, "Initiating key re-exchange " - "(too much data sent)", -1, NULL); + do_ssh2_transport(ssh, "too much data sent", -1, NULL); ssh_free_packet(pkt); } @@ -1822,8 +1831,7 @@ static void ssh_pkt_defersend(Ssh ssh) if (!ssh->kex_in_progress && ssh->max_data_size != 0 && ssh->outgoing_data_size > ssh->max_data_size) - do_ssh2_transport(ssh, "Initiating key re-exchange " - "(too much data sent)", -1, NULL); + do_ssh2_transport(ssh, "too much data sent", -1, NULL); ssh->deferred_data_size = 0; } @@ -2130,6 +2138,19 @@ static void ssh_detect_bugs(Ssh ssh, char *vstring) ssh->remote_bugs |= BUG_SSH2_PK_SESSIONID; logevent("We believe remote version has SSH2 public-key-session-ID bug"); } + + if (ssh->cfg.sshbug_rekey2 == FORCE_ON || + (ssh->cfg.sshbug_rekey2 == AUTO && + (wc_match("OpenSSH_2.[0-4]*", imp) || + wc_match("OpenSSH_2.5.[0-3]*", imp) || + wc_match("Sun_SSH_1.0", imp) || + wc_match("Sun_SSH_1.0.1", imp)))) { + /* + * These versions have the SSH2 rekey bug. + */ + ssh->remote_bugs |= BUG_SSH2_REKEY; + logevent("We believe remote version has SSH2 rekey bug"); + } } /* @@ -2349,16 +2370,19 @@ static void ssh_gotdata(Ssh ssh, unsigned char *data, int datalen) crFinishV; } -static void ssh_do_close(Ssh ssh) +static int ssh_do_close(Ssh ssh, int notify_exit) { - int i; + int i, ret = 0; struct ssh_channel *c; ssh->state = SSH_STATE_CLOSED; if (ssh->s) { sk_close(ssh->s); ssh->s = NULL; - notify_remote_exit(ssh->frontend); + if (notify_exit) + notify_remote_exit(ssh->frontend); + else + ret = 1; } /* * Now we must shut down any port and X forwardings going @@ -2380,20 +2404,29 @@ static void ssh_do_close(Ssh ssh) sfree(c); } } + + return ret; } static int ssh_closing(Plug plug, const char *error_msg, int error_code, int calling_back) { Ssh ssh = (Ssh) plug; - ssh_do_close(ssh); + int need_notify = ssh_do_close(ssh, FALSE); + + if (!error_msg && !ssh->close_expected) { + error_msg = "Server unexpectedly closed network connection"; + } + if (error_msg) { /* A socket error has occurred. */ logevent(error_msg); connection_fatal(ssh->frontend, "%s", error_msg); } else { - /* Otherwise, the remote side closed the connection normally. */ + logevent("Server closed network connection"); } + if (need_notify) + notify_remote_exit(ssh->frontend); return 0; } @@ -2402,7 +2435,7 @@ static int ssh_receive(Plug plug, int urgent, char *data, int len) Ssh ssh = (Ssh) plug; ssh_gotdata(ssh, (unsigned char *)data, len); if (ssh->state == SSH_STATE_CLOSED) { - ssh_do_close(ssh); + ssh_do_close(ssh, TRUE); return 0; } return 1; @@ -2827,8 +2860,11 @@ static int do_ssh1_login(Ssh ssh, unsigned char *in, int inlen, } /* Warn about chosen cipher if necessary. */ - if (warn) + if (warn) { + sk_set_frozen(ssh->s, 1); askalg(ssh->frontend, "cipher", cipher_string); + sk_set_frozen(ssh->s, 0); + } } switch (s->cipher_type) { @@ -2900,6 +2936,7 @@ static int do_ssh1_login(Ssh ssh, unsigned char *in, int inlen, * Terminate. */ logevent("No username provided. Abandoning session."); + ssh->close_expected = TRUE; ssh_closing((Plug)ssh, NULL, 0, 0); crStop(1); } @@ -3248,6 +3285,7 @@ static int do_ssh1_login(Ssh ssh, unsigned char *in, int inlen, PKT_END); logevent("Unable to authenticate"); connection_fatal(ssh->frontend, "Unable to authenticate"); + ssh->close_expected = TRUE; ssh_closing((Plug)ssh, NULL, 0, 0); crStop(1); } @@ -3670,43 +3708,42 @@ static void ssh_rportfwd_succfail(Ssh ssh, struct Packet *pktin, void *ctx) static void ssh_setup_portfwd(Ssh ssh, const Config *cfg) { - char address_family, type; - int n; - int sport,dport,sserv,dserv; - char sports[256], dports[256], saddr[256], host[256]; - const char *portfwd_strptr; - - portfwd_strptr = cfg->portfwd; + const char *portfwd_strptr = cfg->portfwd; + struct ssh_portfwd *epf; + int i; if (!ssh->portfwds) { ssh->portfwds = newtree234(ssh_portcmp); } else { /* * Go through the existing port forwardings and tag them - * with keep==FALSE. Any that we want to keep will be - * re-enabled as we go through the configuration and find - * out which bits are the same as they were before. + * with status==DESTROY. Any that we want to keep will be + * re-enabled (status==KEEP) as we go through the + * configuration and find out which bits are the same as + * they were before. */ struct ssh_portfwd *epf; int i; for (i = 0; (epf = index234(ssh->portfwds, i)) != NULL; i++) - epf->keep = FALSE; + epf->status = DESTROY; } while (*portfwd_strptr) { + char address_family, type; + int sport,dport,sserv,dserv; + char sports[256], dports[256], saddr[256], host[256]; + int n; + address_family = 'A'; type = 'L'; - while (*portfwd_strptr && *portfwd_strptr != '\t') { - if (*portfwd_strptr == 'A' || - *portfwd_strptr == '4' || - *portfwd_strptr == '6') - address_family = *portfwd_strptr; - else if (*portfwd_strptr == 'L' || - *portfwd_strptr == 'R' || - *portfwd_strptr == 'D') - type = *portfwd_strptr; - portfwd_strptr++; - } + if (*portfwd_strptr == 'A' || + *portfwd_strptr == '4' || + *portfwd_strptr == '6') + address_family = *portfwd_strptr++; + if (*portfwd_strptr == 'L' || + *portfwd_strptr == 'R' || + *portfwd_strptr == 'D') + type = *portfwd_strptr++; saddr[0] = '\0'; @@ -3777,18 +3814,14 @@ static void ssh_setup_portfwd(Ssh ssh, const Config *cfg) if (sport && dport) { /* Set up a description of the source port. */ struct ssh_portfwd *pfrec, *epfrec; - char *sportdesc; - sportdesc = dupprintf("%.*s%.*s%.*s%.*s%d%.*s", - (int)(*saddr?strlen(saddr):0), *saddr?saddr:NULL, - (int)(*saddr?1:0), ":", - (int)(sserv ? strlen(sports) : 0), sports, - sserv, "(", sport, sserv, ")"); pfrec = snew(struct ssh_portfwd); pfrec->type = type; pfrec->saddr = *saddr ? dupstr(saddr) : NULL; + pfrec->sserv = sserv ? dupstr(sports) : NULL; pfrec->sport = sport; - pfrec->daddr = dupstr(host); + pfrec->daddr = *host ? dupstr(host) : NULL; + pfrec->dserv = dserv ? dupstr(dports) : NULL; pfrec->dport = dport; pfrec->local = NULL; pfrec->remote = NULL; @@ -3801,41 +3834,132 @@ static void ssh_setup_portfwd(Ssh ssh, const Config *cfg) /* * We already have a port forwarding with precisely * these parameters. Hence, no need to do anything; - * simply tag the existing one as `keep'. + * simply tag the existing one as KEEP. */ - epfrec->keep = TRUE; + epfrec->status = KEEP; free_portfwd(pfrec); - } else if (type == 'L') { - /* Verbose description of the destination port */ - char *dportdesc = dupprintf("%s:%.*s%.*s%d%.*s", - host, - (int)(dserv ? strlen(dports) : 0), dports, - dserv, "(", dport, dserv, ")"); - const char *err = pfd_addforward(host, dport, - *saddr ? saddr : NULL, - sport, ssh, &ssh->cfg, - &pfrec->local, - pfrec->addressfamily); - - logeventf(ssh, "Local %sport %s forward to %s%s%s", - pfrec->addressfamily == ADDRTYPE_IPV4 ? "IPv4 " : - pfrec->addressfamily == ADDRTYPE_IPV6 ? "IPv6 " : "", - sportdesc, dportdesc, - err ? " failed: " : "", err); + } else { + pfrec->status = CREATE; + } + } + } + + /* + * Now go through and destroy any port forwardings which were + * not re-enabled. + */ + for (i = 0; (epf = index234(ssh->portfwds, i)) != NULL; i++) + if (epf->status == DESTROY) { + char *message; + + message = dupprintf("%s port forwarding from %s%s%d", + epf->type == 'L' ? "local" : + epf->type == 'R' ? "remote" : "dynamic", + epf->saddr ? epf->saddr : "", + epf->saddr ? ":" : "", + epf->sport); + + if (epf->type != 'D') { + char *msg2 = dupprintf("%s to %s:%d", message, + epf->daddr, epf->dport); + sfree(message); + message = msg2; + } + + logeventf(ssh, "Cancelling %s", message); + sfree(message); + + if (epf->remote) { + struct ssh_rportfwd *rpf = epf->remote; + struct Packet *pktout; + + /* + * Cancel the port forwarding at the server + * end. + */ + if (ssh->version == 1) { + /* + * We cannot cancel listening ports on the + * server side in SSH1! There's no message + * to support it. Instead, we simply remove + * the rportfwd record from the local end + * so that any connections the server tries + * to make on it are rejected. + */ + } else { + pktout = ssh2_pkt_init(SSH2_MSG_GLOBAL_REQUEST); + ssh2_pkt_addstring(pktout, "cancel-tcpip-forward"); + ssh2_pkt_addbool(pktout, 0);/* _don't_ want reply */ + if (epf->saddr) { + ssh2_pkt_addstring(pktout, epf->saddr); + } else if (ssh->cfg.rport_acceptall) { + ssh2_pkt_addstring(pktout, "0.0.0.0"); + } else { + ssh2_pkt_addstring(pktout, "127.0.0.1"); + } + ssh2_pkt_adduint32(pktout, epf->sport); + ssh2_pkt_send(ssh, pktout); + } + + del234(ssh->rportfwds, rpf); + free_rportfwd(rpf); + } else if (epf->local) { + pfd_terminate(epf->local); + } - sfree(dportdesc); - } else if (type == 'D') { + delpos234(ssh->portfwds, i); + free_portfwd(epf); + i--; /* so we don't skip one in the list */ + } + + /* + * And finally, set up any new port forwardings (status==CREATE). + */ + for (i = 0; (epf = index234(ssh->portfwds, i)) != NULL; i++) + if (epf->status == CREATE) { + char *sportdesc, *dportdesc; + sportdesc = dupprintf("%s%s%s%s%d%s", + epf->saddr ? epf->saddr : "", + epf->saddr ? ":" : "", + epf->sserv ? epf->sserv : "", + epf->sserv ? "(" : "", + epf->sport, + epf->sserv ? ")" : ""); + if (epf->type == 'D') { + dportdesc = NULL; + } else { + dportdesc = dupprintf("%s:%s%s%d%s", + epf->daddr, + epf->dserv ? epf->dserv : "", + epf->dserv ? "(" : "", + epf->dport, + epf->dserv ? ")" : ""); + } + + if (epf->type == 'L') { + const char *err = pfd_addforward(epf->daddr, epf->dport, + epf->saddr, epf->sport, + ssh, &ssh->cfg, + &epf->local, + epf->addressfamily); + + logeventf(ssh, "Local %sport %s forwarding to %s%s%s", + epf->addressfamily == ADDRTYPE_IPV4 ? "IPv4 " : + epf->addressfamily == ADDRTYPE_IPV6 ? "IPv6 " : "", + sportdesc, dportdesc, + err ? " failed: " : "", err ? err : ""); + } else if (epf->type == 'D') { const char *err = pfd_addforward(NULL, -1, - *saddr ? saddr : NULL, - sport, ssh, &ssh->cfg, - &pfrec->local, - pfrec->addressfamily); - - logeventf(ssh, "Local %sport %s SOCKS dynamic forward%s%s", - pfrec->addressfamily == ADDRTYPE_IPV4 ? "IPv4 " : - pfrec->addressfamily == ADDRTYPE_IPV6 ? "IPv6 " : "", - sportdesc, - err ? " setup failed: " : "", err); + epf->saddr, epf->sport, + ssh, &ssh->cfg, + &epf->local, + epf->addressfamily); + + logeventf(ssh, "Local %sport %s SOCKS dynamic forwarding%s%s", + epf->addressfamily == ADDRTYPE_IPV4 ? "IPv4 " : + epf->addressfamily == ADDRTYPE_IPV6 ? "IPv6 " : "", + sportdesc, + err ? " failed: " : "", err ? err : ""); } else { struct ssh_rportfwd *pf; @@ -3850,30 +3974,28 @@ static void ssh_setup_portfwd(Ssh ssh, const Config *cfg) } pf = snew(struct ssh_rportfwd); - strcpy(pf->dhost, host); - pf->dport = dport; - pf->sport = sport; + strncpy(pf->dhost, epf->daddr, lenof(pf->dhost)-1); + pf->dhost[lenof(pf->dhost)-1] = '\0'; + pf->dport = epf->dport; + pf->sport = epf->sport; if (add234(ssh->rportfwds, pf) != pf) { logeventf(ssh, "Duplicate remote port forwarding to %s:%d", - host, dport); + epf->daddr, epf->dport); sfree(pf); } else { logeventf(ssh, "Requesting remote port %s" - " forward to %s:%.*s%.*s%d%.*s", - sportdesc, host, - (int)(dserv ? strlen(dports) : 0), dports, - dserv, "(", dport, dserv, ")"); + " forward to %s", sportdesc, dportdesc); pf->sportdesc = sportdesc; sportdesc = NULL; - pfrec->remote = pf; - pf->pfrec = pfrec; + epf->remote = pf; + pf->pfrec = epf; if (ssh->version == 1) { send_packet(ssh, SSH1_CMSG_PORT_FORWARD_REQUEST, - PKT_INT, sport, - PKT_STR, host, - PKT_INT, dport, + PKT_INT, epf->sport, + PKT_STR, epf->daddr, + PKT_INT, epf->dport, PKT_END); ssh_queue_handler(ssh, SSH1_SMSG_SUCCESS, SSH1_SMSG_FAILURE, @@ -3883,14 +4005,14 @@ static void ssh_setup_portfwd(Ssh ssh, const Config *cfg) pktout = ssh2_pkt_init(SSH2_MSG_GLOBAL_REQUEST); ssh2_pkt_addstring(pktout, "tcpip-forward"); ssh2_pkt_addbool(pktout, 1);/* want reply */ - if (*saddr) { - ssh2_pkt_addstring(pktout, saddr); + if (epf->saddr) { + ssh2_pkt_addstring(pktout, epf->saddr); } else if (ssh->cfg.rport_acceptall) { ssh2_pkt_addstring(pktout, "0.0.0.0"); } else { ssh2_pkt_addstring(pktout, "127.0.0.1"); } - ssh2_pkt_adduint32(pktout, sport); + ssh2_pkt_adduint32(pktout, epf->sport); ssh2_pkt_send(ssh, pktout); ssh_queue_handler(ssh, SSH2_MSG_REQUEST_SUCCESS, @@ -3900,80 +4022,8 @@ static void ssh_setup_portfwd(Ssh ssh, const Config *cfg) } } sfree(sportdesc); + sfree(dportdesc); } - } - - /* - * Now go through and destroy any port forwardings which were - * not re-enabled. - */ - { - struct ssh_portfwd *epf; - int i; - for (i = 0; (epf = index234(ssh->portfwds, i)) != NULL; i++) - if (!epf->keep) { - char *message; - - message = dupprintf("%s port forwarding from %s%s%d", - epf->type == 'L' ? "local" : - epf->type == 'R' ? "remote" : "dynamic", - epf->saddr ? epf->saddr : "", - epf->saddr ? ":" : "", - epf->sport); - - if (epf->type != 'D') { - char *msg2 = dupprintf("%s to %s:%d", message, - epf->daddr, epf->dport); - sfree(message); - message = msg2; - } - - logeventf(ssh, "Cancelling %s", message); - sfree(message); - - if (epf->remote) { - struct ssh_rportfwd *rpf = epf->remote; - struct Packet *pktout; - - /* - * Cancel the port forwarding at the server - * end. - */ - if (ssh->version == 1) { - /* - * We cannot cancel listening ports on the - * server side in SSH1! There's no message - * to support it. Instead, we simply remove - * the rportfwd record from the local end - * so that any connections the server tries - * to make on it are rejected. - */ - } else { - pktout = ssh2_pkt_init(SSH2_MSG_GLOBAL_REQUEST); - ssh2_pkt_addstring(pktout, "cancel-tcpip-forward"); - ssh2_pkt_addbool(pktout, 0);/* _don't_ want reply */ - if (epf->saddr) { - ssh2_pkt_addstring(pktout, epf->saddr); - } else if (ssh->cfg.rport_acceptall) { - ssh2_pkt_addstring(pktout, "0.0.0.0"); - } else { - ssh2_pkt_addstring(pktout, "127.0.0.1"); - } - ssh2_pkt_adduint32(pktout, epf->sport); - ssh2_pkt_send(ssh, pktout); - } - - del234(ssh->rportfwds, rpf); - free_rportfwd(rpf); - } else if (epf->local) { - pfd_terminate(epf->local); - } - - delpos234(ssh->portfwds, i); - free_portfwd(epf); - i--; /* so we don't skip one in the list */ - } - } } static void ssh1_smsg_stdout_stderr_data(Ssh ssh, struct Packet *pktin) @@ -4288,6 +4338,7 @@ static void ssh1_smsg_exit_status(Ssh ssh, struct Packet *pktin) * encrypted packet, we close the session once * we've sent EXIT_CONFIRMATION. */ + ssh->close_expected = TRUE; ssh_closing((Plug)ssh, NULL, 0, 0); } @@ -4631,7 +4682,7 @@ static int do_ssh2_transport(Ssh ssh, unsigned char *in, int inlen, int n_preferred_ciphers; const struct ssh2_ciphers *preferred_ciphers[CIPHER_MAX]; const struct ssh_compress *preferred_comp; - int first_kex; + int got_session_id, activated_authconn; struct Packet *pktout; }; crState(do_ssh2_transport_state); @@ -4642,10 +4693,21 @@ static int do_ssh2_transport(Ssh ssh, unsigned char *in, int inlen, s->csmac_tobe = s->scmac_tobe = NULL; s->cscomp_tobe = s->sccomp_tobe = NULL; - s->first_kex = 1; + s->got_session_id = s->activated_authconn = FALSE; + + /* + * Be prepared to work around the buggy MAC problem. + */ + if (ssh->remote_bugs & BUG_SSH2_HMAC) + s->maclist = buggymacs, s->nmacs = lenof(buggymacs); + else + s->maclist = macs, s->nmacs = lenof(macs); + begin_key_exchange: + ssh->pkt_ctx &= ~SSH2_PKTCTX_KEX_MASK; { - int i; + int i, j, commalist_started; + /* * Set up the preferred key exchange. (NULL => warn below here) */ @@ -4673,10 +4735,7 @@ static int do_ssh2_transport(Ssh ssh, unsigned char *in, int inlen, break; } } - } - { - int i; /* * Set up the preferred ciphers. (NULL => warn below here) */ @@ -4706,27 +4765,14 @@ static int do_ssh2_transport(Ssh ssh, unsigned char *in, int inlen, break; } } - } - - /* - * Set up preferred compression. - */ - if (ssh->cfg.compression) - s->preferred_comp = &ssh_zlib; - else - s->preferred_comp = &ssh_comp_none; - - /* - * Be prepared to work around the buggy MAC problem. - */ - if (ssh->remote_bugs & BUG_SSH2_HMAC) - s->maclist = buggymacs, s->nmacs = lenof(buggymacs); - else - s->maclist = macs, s->nmacs = lenof(macs); - begin_key_exchange: - { - int i, j, commalist_started; + /* + * Set up preferred compression. + */ + if (ssh->cfg.compression) + s->preferred_comp = &ssh_zlib; + else + s->preferred_comp = &ssh_comp_none; /* * Enable queueing of outgoing auth- or connection-layer @@ -4876,9 +4922,12 @@ static int do_ssh2_transport(Ssh ssh, unsigned char *in, int inlen, ssh->kex = k; } if (ssh->kex) { - if (s->warn) + if (s->warn) { + sk_set_frozen(ssh->s, 1); askalg(ssh->frontend, "key-exchange algorithm", ssh->kex->name); + sk_set_frozen(ssh->s, 0); + } break; } } @@ -4909,9 +4958,12 @@ static int do_ssh2_transport(Ssh ssh, unsigned char *in, int inlen, } } if (s->cscipher_tobe) { - if (s->warn) + if (s->warn) { + sk_set_frozen(ssh->s, 1); askalg(ssh->frontend, "client-to-server cipher", s->cscipher_tobe->name); + sk_set_frozen(ssh->s, 0); + } break; } } @@ -4936,9 +4988,12 @@ static int do_ssh2_transport(Ssh ssh, unsigned char *in, int inlen, } } if (s->sccipher_tobe) { - if (s->warn) + if (s->warn) { + sk_set_frozen(ssh->s, 1); askalg(ssh->frontend, "server-to-client cipher", s->sccipher_tobe->name); + sk_set_frozen(ssh->s, 0); + } break; } } @@ -5095,10 +5150,12 @@ static int do_ssh2_transport(Ssh ssh, unsigned char *in, int inlen, */ s->keystr = ssh->hostkey->fmtkey(s->hkey); s->fingerprint = ssh->hostkey->fingerprint(s->hkey); + sk_set_frozen(ssh->s, 1); verify_ssh_host_key(ssh->frontend, ssh->savedhost, ssh->savedport, ssh->hostkey->keytype, s->keystr, s->fingerprint); - if (s->first_kex) { /* don't bother logging this in rekeys */ + sk_set_frozen(ssh->s, 0); + if (!s->got_session_id) { /* don't bother logging this in rekeys */ logevent("Host key fingerprint is:"); logevent(s->fingerprint); } @@ -5111,9 +5168,11 @@ static int do_ssh2_transport(Ssh ssh, unsigned char *in, int inlen, * the session id, used in session key construction and * authentication. */ - if (s->first_kex) + if (!s->got_session_id) { memcpy(ssh->v2_session_id, s->exchange_hash, sizeof(s->exchange_hash)); + s->got_session_id = TRUE; + } /* * Send SSH2_MSG_NEWKEYS. @@ -5231,14 +5290,25 @@ static int do_ssh2_transport(Ssh ssh, unsigned char *in, int inlen, } /* - * Key exchange is over. Schedule a timer for our next rekey. + * Key exchange is over. Loop straight back round if we have a + * deferred rekey reason. + */ + if (ssh->deferred_rekey_reason) { + logevent(ssh->deferred_rekey_reason); + pktin = NULL; + ssh->deferred_rekey_reason = NULL; + goto begin_key_exchange; + } + + /* + * Otherwise, schedule a timer for our next rekey. */ ssh->kex_in_progress = FALSE; ssh->last_rekey = GETTICKCOUNT(); if (ssh->cfg.ssh_rekey_time != 0) ssh->next_rekey = schedule_timer(ssh->cfg.ssh_rekey_time*60*TICKSPERSEC, ssh2_timer, ssh); - + /* * If this is the first key exchange phase, we must pass the * SSH2_MSG_NEWKEYS packet to the next layer, not because it @@ -5247,10 +5317,10 @@ static int do_ssh2_transport(Ssh ssh, unsigned char *in, int inlen, * exchange phases, we don't pass SSH2_MSG_NEWKEYS on, because * it would only confuse the layer above. */ - if (!s->first_kex) { + if (s->activated_authconn) { crReturn(1); } - s->first_kex = 0; + s->activated_authconn = TRUE; /* * Now we're encrypting. Begin returning 1 to the protocol main @@ -5265,12 +5335,34 @@ static int do_ssh2_transport(Ssh ssh, unsigned char *in, int inlen, */ while (!((pktin && pktin->type == SSH2_MSG_KEXINIT) || (!pktin && inlen == -1))) { + wait_for_rekey: crReturn(1); } if (pktin) { logevent("Server initiated key re-exchange"); } else { - logevent((char *)in); + /* + * Special case: if the server bug is set that doesn't + * allow rekeying, we give a different log message and + * continue waiting. (If such a server _initiates_ a rekey, + * we process it anyway!) + */ + if ((ssh->remote_bugs & BUG_SSH2_REKEY)) { + logeventf(ssh, "Server bug prevents key re-exchange (%s)", + (char *)in); + /* Reset the counters, so that at least this message doesn't + * hit the event log _too_ often. */ + ssh->outgoing_data_size = 0; + ssh->incoming_data_size = 0; + if (ssh->cfg.ssh_rekey_time != 0) { + ssh->next_rekey = + schedule_timer(ssh->cfg.ssh_rekey_time*60*TICKSPERSEC, + ssh2_timer, ssh); + } + goto wait_for_rekey; /* this is utterly horrid */ + } else { + logeventf(ssh, "Initiating key re-exchange (%s)", (char *)in); + } } goto begin_key_exchange; @@ -5525,6 +5617,7 @@ static void ssh2_msg_channel_close(Ssh ssh, struct Packet *pktin) ssh2_pkt_addstring(s->pktout, "en"); /* language tag */ ssh2_pkt_send_noqueue(ssh, s->pktout); #endif + ssh->close_expected = TRUE; ssh_closing((Plug)ssh, NULL, 0, 0); } } @@ -5625,6 +5718,7 @@ static void ssh2_msg_channel_request(Ssh ssh, struct Packet *pktin) ssh2_pkt_addstring(pktout, "en"); /* language tag */ ssh2_pkt_send_noqueue(ssh, pktout); connection_fatal(ssh->frontend, "%s", buf); + ssh->close_expected = TRUE; ssh_closing((Plug)ssh, NULL, 0, 0); return; } @@ -5868,7 +5962,7 @@ static void ssh2_msg_channel_open(Ssh ssh, struct Packet *pktin) ssh2_pkt_adduint32(pktout, c->remoteid); ssh2_pkt_adduint32(pktout, c->localid); ssh2_pkt_adduint32(pktout, c->v.v2.locwindow); - ssh2_pkt_adduint32(pktout, 0x4000UL); /* our max pkt size */ + ssh2_pkt_adduint32(pktout, OUR_V2_MAXPKT); /* our max pkt size */ ssh2_pkt_send(ssh, pktout); } } @@ -5895,8 +5989,8 @@ static void do_ssh2_authconn(Ssh ssh, unsigned char *in, int inlen, AUTH_TYPE_KEYBOARD_INTERACTIVE_QUIET } type; int gotit, need_pw, can_pubkey, can_passwd, can_keyb_inter; - int tried_pubkey_config, tried_agent, tried_keyb_inter; - int kbd_inter_running; + int tried_pubkey_config, tried_agent; + int kbd_inter_running, kbd_inter_refused; int we_are_in; int num_prompts, curr_prompt, echo; char username[100]; @@ -5978,6 +6072,7 @@ static void do_ssh2_authconn(Ssh ssh, unsigned char *in, int inlen, * Terminate. */ logevent("No username provided. Abandoning session."); + ssh->close_expected = TRUE; ssh_closing((Plug)ssh, NULL, 0, 0); crStopV; } @@ -6025,8 +6120,8 @@ static void do_ssh2_authconn(Ssh ssh, unsigned char *in, int inlen, s->tried_pubkey_config = FALSE; s->tried_agent = FALSE; - s->tried_keyb_inter = FALSE; s->kbd_inter_running = FALSE; + s->kbd_inter_refused = FALSE; /* Load the pub half of ssh->cfg.keyfile so we notice if it's in Pageant */ if (!filename_is_null(ssh->cfg.keyfile)) { int keytype; @@ -6093,6 +6188,10 @@ static void do_ssh2_authconn(Ssh ssh, unsigned char *in, int inlen, */ if (!s->gotit) s->curr_prompt = 0; + } else if (pktin->type == SSH2_MSG_USERAUTH_PASSWD_CHANGEREQ) { + /* FIXME: perhaps we should support this? */ + bombout(("PASSWD_CHANGEREQ not yet supported")); + crStopV; } else if (pktin->type != SSH2_MSG_USERAUTH_FAILURE) { bombout(("Strange packet received during authentication: type %d", pktin->type)); @@ -6417,10 +6516,10 @@ static void do_ssh2_authconn(Ssh ssh, unsigned char *in, int inlen, } } - if (!s->method && s->can_keyb_inter && !s->tried_keyb_inter) { + if (!s->method && s->can_keyb_inter && !s->kbd_inter_refused && + !s->kbd_inter_running) { s->method = AUTH_KEYBOARD_INTERACTIVE; s->type = AUTH_TYPE_KEYBOARD_INTERACTIVE; - s->tried_keyb_inter = TRUE; ssh->pkt_ctx &= ~SSH2_PKTCTX_AUTH_MASK; ssh->pkt_ctx |= SSH2_PKTCTX_KBDINTER; @@ -6439,6 +6538,7 @@ static void do_ssh2_authconn(Ssh ssh, unsigned char *in, int inlen, s->gotit = TRUE; logevent("Keyboard-interactive authentication refused"); s->type = AUTH_TYPE_KEYBOARD_INTERACTIVE_QUIET; + s->kbd_inter_refused = TRUE; /* don't try it again */ continue; } @@ -6449,7 +6549,6 @@ static void do_ssh2_authconn(Ssh ssh, unsigned char *in, int inlen, if (s->kbd_inter_running) { s->method = AUTH_KEYBOARD_INTERACTIVE; s->type = AUTH_TYPE_KEYBOARD_INTERACTIVE; - s->tried_keyb_inter = TRUE; ssh->pkt_ctx &= ~SSH2_PKTCTX_AUTH_MASK; ssh->pkt_ctx |= SSH2_PKTCTX_KBDINTER; @@ -6535,6 +6634,7 @@ static void do_ssh2_authconn(Ssh ssh, unsigned char *in, int inlen, logevent("Unable to authenticate"); connection_fatal(ssh->frontend, "Unable to authenticate"); + ssh->close_expected = TRUE; ssh_closing((Plug)ssh, NULL, 0, 0); crStopV; } @@ -6733,6 +6833,7 @@ static void do_ssh2_authconn(Ssh ssh, unsigned char *in, int inlen, " methods available"); ssh2_pkt_addstring(s->pktout, "en"); /* language tag */ ssh2_pkt_send_noqueue(ssh, s->pktout); + ssh->close_expected = TRUE; ssh_closing((Plug)ssh, NULL, 0, 0); crStopV; } @@ -6768,7 +6869,7 @@ static void do_ssh2_authconn(Ssh ssh, unsigned char *in, int inlen, ssh2_pkt_adduint32(s->pktout, ssh->mainchan->localid); ssh->mainchan->v.v2.locwindow = OUR_V2_WINSIZE; ssh2_pkt_adduint32(s->pktout, ssh->mainchan->v.v2.locwindow);/* our window size */ - ssh2_pkt_adduint32(s->pktout, 0x4000UL); /* our max pkt size */ + ssh2_pkt_adduint32(s->pktout, OUR_V2_MAXPKT); /* our max pkt size */ ssh2_pkt_send(ssh, s->pktout); crWaitUntilV(pktin); if (pktin->type != SSH2_MSG_CHANNEL_OPEN_CONFIRMATION) { @@ -7240,8 +7341,7 @@ static void ssh2_timer(void *ctx, long now) if (!ssh->kex_in_progress && ssh->cfg.ssh_rekey_time != 0 && now - ssh->next_rekey >= 0) { - do_ssh2_transport(ssh, "Initiating key re-exchange (timeout)", - -1, NULL); + do_ssh2_transport(ssh, "timeout", -1, NULL); } } @@ -7256,8 +7356,7 @@ static void ssh2_protocol(Ssh ssh, unsigned char *in, int inlen, if (!ssh->kex_in_progress && ssh->max_data_size != 0 && ssh->incoming_data_size > ssh->max_data_size) - do_ssh2_transport(ssh, "Initiating key re-exchange " - "(too much data received)", -1, NULL); + do_ssh2_transport(ssh, "too much data received", -1, NULL); } if (pktin && ssh->packet_dispatch[pktin->type]) { @@ -7316,6 +7415,7 @@ static const char *ssh_init(void *frontend_handle, void **backend_handle, ssh->kex_ctx = NULL; ssh->hostkey = NULL; ssh->exitcode = -1; + ssh->close_expected = FALSE; ssh->state = SSH_STATE_PREPACKET; ssh->size_needed = FALSE; ssh->eof_needed = FALSE; @@ -7348,6 +7448,7 @@ static const char *ssh_init(void *frontend_handle, void **backend_handle, ssh->queuelen = ssh->queuesize = 0; ssh->queueing = FALSE; ssh->qhead = ssh->qtail = NULL; + ssh->deferred_rekey_reason = NULL; *backend_handle = ssh; @@ -7470,7 +7571,7 @@ static void ssh_free(void *handle) ssh->crcda_ctx = NULL; } if (ssh->s) - ssh_do_close(ssh); + ssh_do_close(ssh, TRUE); expire_timer_context(ssh); if (ssh->pinger) pinger_free(ssh->pinger); @@ -7485,7 +7586,7 @@ static void ssh_free(void *handle) static void ssh_reconfig(void *handle, Config *cfg) { Ssh ssh = (Ssh) handle; - char *rekeying = NULL; + char *rekeying = NULL, rekey_mandatory = FALSE; unsigned long old_max_data_size; pinger_reconfig(ssh->pinger, &ssh->cfg, cfg); @@ -7497,7 +7598,7 @@ static void ssh_reconfig(void *handle, Config *cfg) long now = GETTICKCOUNT(); if (new_next - now < 0) { - rekeying = "Initiating key re-exchange (timeout shortened)"; + rekeying = "timeout shortened"; } else { ssh->next_rekey = schedule_timer(new_next - now, ssh2_timer, ssh); } @@ -7509,14 +7610,30 @@ static void ssh_reconfig(void *handle, Config *cfg) ssh->max_data_size != 0) { if (ssh->outgoing_data_size > ssh->max_data_size || ssh->incoming_data_size > ssh->max_data_size) - rekeying = "Initiating key re-exchange (data limit lowered)"; + rekeying = "data limit lowered"; + } + + if (ssh->cfg.compression != cfg->compression) { + rekeying = "compression setting changed"; + rekey_mandatory = TRUE; } - if (rekeying && !ssh->kex_in_progress) { - do_ssh2_transport(ssh, rekeying, -1, NULL); + if (ssh->cfg.ssh2_des_cbc != cfg->ssh2_des_cbc || + memcmp(ssh->cfg.ssh_cipherlist, cfg->ssh_cipherlist, + sizeof(ssh->cfg.ssh_cipherlist))) { + rekeying = "cipher settings changed"; + rekey_mandatory = TRUE; } ssh->cfg = *cfg; /* STRUCTURE COPY */ + + if (rekeying) { + if (!ssh->kex_in_progress) { + do_ssh2_transport(ssh, rekeying, -1, NULL); + } else if (rekey_mandatory) { + ssh->deferred_rekey_reason = rekeying; + } + } } /* @@ -7717,8 +7834,7 @@ static void ssh_special(void *handle, Telnet_Special code) } } else if (code == TS_REKEY) { if (!ssh->kex_in_progress && ssh->version == 2) { - do_ssh2_transport(ssh, "Initiating key re-exchange at" - " user request", -1, NULL); + do_ssh2_transport(ssh, "at user request", -1, NULL); } } else if (code == TS_BRK) { if (ssh->state == SSH_STATE_CLOSED @@ -7826,7 +7942,7 @@ void ssh_send_port_open(void *channel, char *hostname, int port, char *org) ssh2_pkt_adduint32(pktout, c->localid); c->v.v2.locwindow = OUR_V2_WINSIZE; ssh2_pkt_adduint32(pktout, c->v.v2.locwindow);/* our window size */ - ssh2_pkt_adduint32(pktout, 0x4000UL); /* our max pkt size */ + ssh2_pkt_adduint32(pktout, OUR_V2_MAXPKT); /* our max pkt size */ ssh2_pkt_addstring(pktout, hostname); ssh2_pkt_adduint32(pktout, port); /*