X-Git-Url: https://git.distorted.org.uk/u/mdw/putty/blobdiff_plain/38d228a25df956ea1c28bd5d5b234bd07b0140a7..70cd2027d47923b19665b4b1e31f462ec63f8c57:/ssh.c?ds=sidebyside diff --git a/ssh.c b/ssh.c index a3ac60b4..19c93df4 100644 --- a/ssh.c +++ b/ssh.c @@ -182,6 +182,7 @@ static const char *const ssh2_disconnect_reasons[] = { #define BUG_NEEDS_SSH1_PLAIN_PASSWORD 4 #define BUG_CHOKES_ON_RSA 8 #define BUG_SSH2_RSA_PADDING 16 +#define BUG_SSH2_DERIVEKEY 32 static int ssh_pkt_ctx = 0; @@ -885,6 +886,15 @@ static int ssh2_rdpkt(unsigned char **data, int *datalen) st->pad = pktin.data[4]; /* + * _Completely_ silly lengths should be stomped on before they + * do us any more damage. + */ + if (st->len < 0 || st->pad < 0 || st->len + st->pad < 0) { + bombout(("Incoming packet was garbled on decryption")); + crReturn(0); + } + + /* * This enables us to deduce the payload length. */ st->payload = st->len - st->pad - 1; @@ -1692,6 +1702,16 @@ static void ssh_detect_bugs(char *vstring) logevent("We believe remote version has SSH2 HMAC bug"); } + if (!strncmp(imp, "2.0.", 4)) { + /* + * These versions have the key-derivation bug (failing to + * include the literal shared secret in the hashes that + * generate the keys). + */ + ssh_remote_bugs |= BUG_SSH2_DERIVEKEY; + logevent("We believe remote version has SSH2 key-derivation bug"); + } + if ((!strncmp(imp, "OpenSSH_2.", 10) && imp[10]>='5' && imp[10]<='9') || (!strncmp(imp, "OpenSSH_3.", 10) && imp[10]>='0' && imp[10]<='2')) { /* @@ -1773,7 +1793,7 @@ static int do_ssh_init(unsigned char c) /* Anything strictly below "2.0" means protocol 1 is supported. */ proto1 = ssh_versioncmp(version, "2.0") < 0; /* Anything greater or equal to "1.99" means protocol 2 is supported. */ - proto2 = ssh_versioncmp(version, "1.99") > 0; + proto2 = ssh_versioncmp(version, "1.99") >= 0; if (cfg.sshprot == 0 && !proto1) { bombout(("SSH protocol version 1 required by user but not provided by server")); @@ -1784,7 +1804,7 @@ static int do_ssh_init(unsigned char c) crReturn(0); } - if (proto2 && (cfg.sshprot == 2 || !proto1)) { + if (proto2 && (cfg.sshprot >= 2 || !proto1)) { /* * Use v2 protocol. */ @@ -2049,6 +2069,76 @@ static void ssh_throttle_all(int enable, int bufsize) } /* + * Username and password input, abstracted off into reusable + * routines (hopefully even reusable between SSH1 and SSH2!). + */ +static char *ssh_userpass_input_buffer; +static int ssh_userpass_input_buflen; +static int ssh_userpass_input_bufpos; +static int ssh_userpass_input_echo; + +/* Set up a username or password input loop on a given buffer. */ +void setup_userpass_input(char *buffer, int buflen, int echo) +{ + ssh_userpass_input_buffer = buffer; + ssh_userpass_input_buflen = buflen; + ssh_userpass_input_bufpos = 0; + ssh_userpass_input_echo = echo; +} + +/* + * Process some terminal data in the course of username/password + * input. Returns >0 for success (line of input returned in + * buffer), <0 for failure (user hit ^C/^D, bomb out and exit), 0 + * for inconclusive (keep waiting for more input please). + */ +int process_userpass_input(unsigned char *in, int inlen) +{ + char c; + + while (inlen--) { + switch (c = *in++) { + case 10: + case 13: + ssh_userpass_input_buffer[ssh_userpass_input_bufpos] = 0; + ssh_userpass_input_buffer[ssh_userpass_input_buflen-1] = 0; + return +1; + break; + case 8: + case 127: + if (ssh_userpass_input_bufpos > 0) { + if (ssh_userpass_input_echo) + c_write_str("\b \b"); + ssh_userpass_input_bufpos--; + } + break; + case 21: + case 27: + while (ssh_userpass_input_bufpos > 0) { + if (ssh_userpass_input_echo) + c_write_str("\b \b"); + ssh_userpass_input_bufpos--; + } + break; + case 3: + case 4: + return -1; + break; + default: + if (((c >= ' ' && c <= '~') || + ((unsigned char) c >= 160)) + && ssh_userpass_input_bufpos < ssh_userpass_input_buflen-1) { + ssh_userpass_input_buffer[ssh_userpass_input_bufpos++] = c; + if (ssh_userpass_input_echo) + c_write(&c, 1); + } + break; + } + } + return 0; +} + +/* * Handle the key exchange and user authentication phases. */ static int do_ssh1_login(unsigned char *in, int inlen, int ispkt) @@ -2233,8 +2323,6 @@ static int do_ssh1_login(unsigned char *in, int inlen, int ispkt) fflush(stdout); { - static int pos = 0; - static char c; if ((flags & FLAG_INTERACTIVE) && !*cfg.username) { if (ssh_get_line && !ssh_getline_pw_only) { if (!ssh_get_line("login as: ", @@ -2248,47 +2336,18 @@ static int do_ssh1_login(unsigned char *in, int inlen, int ispkt) crReturn(1); } } else { + static int ret; c_write_str("login as: "); ssh_send_ok = 1; - while (pos >= 0) { + + setup_userpass_input(username, sizeof(username), 1); + do { crWaitUntil(!ispkt); - while (inlen--) - switch (c = *in++) { - case 10: - case 13: - username[pos] = 0; - pos = -1; - break; - case 8: - case 127: - if (pos > 0) { - c_write_str("\b \b"); - pos--; - } - break; - case 21: - case 27: - while (pos > 0) { - c_write_str("\b \b"); - pos--; - } - break; - case 3: - case 4: - cleanup_exit(0); - break; - default: - if (((c >= ' ' && c <= '~') || - ((unsigned char) c >= 160)) - && pos < sizeof(username)-1) { - username[pos++] = c; - c_write(&c, 1); - } - break; - } - } + ret = process_userpass_input(in, inlen); + } while (ret == 0); + if (ret < 0) + cleanup_exit(0); c_write_str("\r\n"); - username[strcspn(username, "\n\r")] = '\0'; } } else { strncpy(username, cfg.username, 99); @@ -2572,37 +2631,17 @@ static int do_ssh1_login(unsigned char *in, int inlen, int ispkt) } else { /* Prompt may have come from server. We've munged it a bit, so * we know it to be zero-terminated at least once. */ + static int ret; c_write_untrusted(prompt, strlen(prompt)); pos = 0; - ssh_send_ok = 1; - while (pos >= 0) { + + setup_userpass_input(password, sizeof(password), 0); + do { crWaitUntil(!ispkt); - while (inlen--) - switch (c = *in++) { - case 10: - case 13: - password[pos] = 0; - pos = -1; - break; - case 8: - case 127: - if (pos > 0) - pos--; - break; - case 21: - case 27: - pos = 0; - break; - case 3: - case 4: - cleanup_exit(0); - break; - default: - if (pos < sizeof(password)-1) - password[pos++] = c; - break; - } - } + ret = process_userpass_input(in, inlen); + } while (ret == 0); + if (ret < 0) + cleanup_exit(0); c_write_str("\r\n"); } @@ -3469,14 +3508,16 @@ static void ssh2_mkkey(Bignum K, char *H, char *sessid, char chr, SHA_State s; /* First 20 bytes. */ SHA_Init(&s); - sha_mpint(&s, K); + if (!(ssh_remote_bugs & BUG_SSH2_DERIVEKEY)) + sha_mpint(&s, K); SHA_Bytes(&s, H, 20); SHA_Bytes(&s, &chr, 1); SHA_Bytes(&s, sessid, 20); SHA_Final(&s, keyspace); /* Next 20 bytes. */ SHA_Init(&s); - sha_mpint(&s, K); + if (!(ssh_remote_bugs & BUG_SSH2_DERIVEKEY)) + sha_mpint(&s, K); SHA_Bytes(&s, H, 20); SHA_Bytes(&s, keyspace, 20); SHA_Final(&s, keyspace + 20); @@ -4092,13 +4133,9 @@ static void do_ssh2_authconn(unsigned char *in, int inlen, int ispkt) username[0] = '\0'; got_username = FALSE; do { - static int pos; - static char c; - /* * Get a username. */ - pos = 0; if (got_username && !cfg.change_username) { /* * We got a username last time round this loop, and @@ -4118,45 +4155,16 @@ static void do_ssh2_authconn(unsigned char *in, int inlen, int ispkt) crReturnV; } } else { + static int ret; c_write_str("login as: "); ssh_send_ok = 1; - while (pos >= 0) { + setup_userpass_input(username, sizeof(username), 1); + do { crWaitUntilV(!ispkt); - while (inlen--) - switch (c = *in++) { - case 10: - case 13: - username[pos] = 0; - pos = -1; - break; - case 8: - case 127: - if (pos > 0) { - c_write_str("\b \b"); - pos--; - } - break; - case 21: - case 27: - while (pos > 0) { - c_write_str("\b \b"); - pos--; - } - break; - case 3: - case 4: - cleanup_exit(0); - break; - default: - if (((c >= ' ' && c <= '~') || - ((unsigned char) c >= 160)) - && pos < sizeof(username)-1) { - username[pos++] = c; - c_write(&c, 1); - } - break; - } - } + ret = process_userpass_input(in, inlen); + } while (ret == 0); + if (ret < 0) + cleanup_exit(0); } c_write_str("\r\n"); username[strcspn(username, "\n\r")] = '\0'; @@ -4325,6 +4333,14 @@ static void do_ssh2_authconn(unsigned char *in, int inlen, int ispkt) method = 0; ssh_pkt_ctx &= ~SSH2_PKTCTX_AUTH_MASK; + /* + * Most password/passphrase prompts will be + * non-echoing, so we set this to 0 by default. + * Exception is that some keyboard-interactive prompts + * can be echoing, in which case we'll set this to 1. + */ + echo = 0; + if (!method && can_pubkey && agent_exists() && !tried_agent) { /* * Attempt public-key authentication using Pageant. @@ -4579,11 +4595,11 @@ static void do_ssh2_authconn(unsigned char *in, int inlen, int ispkt) ssh2_pkt_getstring(&lang, &lang_len); if (name_len > 0) { c_write_untrusted(name, name_len); - c_write_str("\n"); + c_write_str("\r\n"); } if (inst_len > 0) { c_write_untrusted(inst, inst_len); - c_write_str("\n"); + c_write_str("\r\n"); } num_prompts = ssh2_pkt_getuint32(); } @@ -4642,41 +4658,17 @@ static void do_ssh2_authconn(unsigned char *in, int inlen, int ispkt) crReturnV; } } else { - static int pos = 0; - static char c; - + static int ret; c_write_untrusted(pwprompt, strlen(pwprompt)); ssh_send_ok = 1; - pos = 0; - while (pos >= 0) { + setup_userpass_input(password, sizeof(password), echo); + do { crWaitUntilV(!ispkt); - while (inlen--) - switch (c = *in++) { - case 10: - case 13: - password[pos] = 0; - pos = -1; - break; - case 8: - case 127: - if (pos > 0) - pos--; - break; - case 21: - case 27: - pos = 0; - break; - case 3: - case 4: - cleanup_exit(0); - break; - default: - if (pos < sizeof(password)-1) - password[pos++] = c; - break; - } - } + ret = process_userpass_input(in, inlen); + } while (ret == 0); + if (ret < 0) + cleanup_exit(0); c_write_str("\r\n"); } }