X-Git-Url: https://git.distorted.org.uk/u/mdw/putty/blobdiff_plain/3b6606c73ff0723f80146f1befa4838d59d3f8cf..58070d221740f21df8c354ab653c49a184d37ebf:/ssh.c diff --git a/ssh.c b/ssh.c index 69972e49..24391d38 100644 --- a/ssh.c +++ b/ssh.c @@ -721,6 +721,7 @@ struct ssh_tag { struct ssh_channel *mainchan; /* primary session channel */ int exitcode; int close_expected; + int clean_exit; tree234 *rportfwds, *portfwds; @@ -1266,7 +1267,8 @@ static struct Packet *ssh2_rdpkt(Ssh ssh, unsigned char **data, int *datalen) * _Completely_ silly lengths should be stomped on before they * do us any more damage. */ - if (st->len < 0 || st->pad < 0 || st->len + st->pad < 0) { + if (st->len < 0 || st->len > 35000 || st->pad < 4 || + st->len - st->pad < 1 || (st->len + 4) % st->cipherblk != 0) { bombout(("Incoming packet was garbled on decryption")); ssh_free_packet(st->pktin); crStop(NULL); @@ -1651,8 +1653,6 @@ static unsigned char *ssh2_mpint_fmt(Bignum b, int *len) unsigned char *p; int i, n = (bignum_bitcount(b) + 7) / 8; p = snewn(n + 1, unsigned char); - if (!p) - fatalbox("out of memory"); p[0] = 0; for (i = 1; i <= n; i++) p[i] = bignum_byte(b, n - i); @@ -2596,20 +2596,20 @@ static int ssh_closing(Plug plug, const char *error_msg, int error_code, Ssh ssh = (Ssh) plug; int need_notify = ssh_do_close(ssh, FALSE); - if (!error_msg && !ssh->close_expected) { - error_msg = "Server unexpectedly closed network connection"; + if (!error_msg) { + if (!ssh->close_expected) + error_msg = "Server unexpectedly closed network connection"; + else + error_msg = "Server closed network connection"; } if (need_notify) notify_remote_exit(ssh->frontend); - if (error_msg) { - /* A socket error has occurred. */ + if (error_msg) logevent(error_msg); + if (!ssh->close_expected || !ssh->clean_exit) connection_fatal(ssh->frontend, "%s", error_msg); - } else { - logevent("Server closed network connection"); - } return 0; } @@ -2656,8 +2656,6 @@ static const char *connect_to_host(Ssh ssh, char *host, int port, const char *err; ssh->savedhost = snewn(1 + strlen(host), char); - if (!ssh->savedhost) - fatalbox("Out of memory"); strcpy(ssh->savedhost, host); if (port < 0) @@ -2873,6 +2871,39 @@ static void ssh_agentf_callback(void *cv, void *reply, int replylen) } /* + * Client-initiated disconnection. Send a DISCONNECT if `wire_reason' + * non-NULL, otherwise just close the connection. `client_reason' == NULL + * => log `wire_reason'. + */ +static void ssh_disconnect(Ssh ssh, char *client_reason, char *wire_reason, + int code, int clean_exit) +{ + char *error; + if (!client_reason) + client_reason = wire_reason; + if (client_reason) + error = dupprintf("Disconnected: %s", client_reason); + else + error = dupstr("Disconnected"); + if (wire_reason) { + if (ssh->version == 1) { + send_packet(ssh, SSH1_MSG_DISCONNECT, PKT_STR, wire_reason, + PKT_END); + } else if (ssh->version == 2) { + struct Packet *pktout = ssh2_pkt_init(SSH2_MSG_DISCONNECT); + ssh2_pkt_adduint32(pktout, code); + ssh2_pkt_addstring(pktout, wire_reason); + ssh2_pkt_addstring(pktout, "en"); /* language tag */ + ssh2_pkt_send_noqueue(ssh, pktout); + } + } + ssh->close_expected = TRUE; + ssh->clean_exit = clean_exit; + ssh_closing((Plug)ssh, error, 0, 0); + sfree(error); +} + +/* * Handle the key exchange and user authentication phases. */ static int do_ssh1_login(Ssh ssh, unsigned char *in, int inlen, @@ -2977,8 +3008,6 @@ static int do_ssh1_login(Ssh ssh, unsigned char *in, int inlen, s->len = (hostkey.bytes > servkey.bytes ? hostkey.bytes : servkey.bytes); s->rsabuf = snewn(s->len, unsigned char); - if (!s->rsabuf) - fatalbox("Out of memory"); /* * Verify the host key. @@ -2990,8 +3019,6 @@ static int do_ssh1_login(Ssh ssh, unsigned char *in, int inlen, int len = rsastr_len(&hostkey); char fingerprint[100]; char *keystr = snewn(len, char); - if (!keystr) - fatalbox("Out of memory"); rsastr_fmt(keystr, &hostkey); rsa_fingerprint(fingerprint, sizeof(fingerprint), &hostkey); @@ -3015,8 +3042,8 @@ static int do_ssh1_login(Ssh ssh, unsigned char *in, int inlen, ssh_set_frozen(ssh, 0); if (s->dlgret == 0) { - ssh->close_expected = TRUE; - ssh_closing((Plug)ssh, NULL, 0, 0); + ssh_disconnect(ssh, "User aborted at host key verification", + NULL, 0, TRUE); crStop(0); } } @@ -3096,8 +3123,8 @@ static int do_ssh1_login(Ssh ssh, unsigned char *in, int inlen, } ssh_set_frozen(ssh, 0); if (s->dlgret == 0) { - ssh->close_expected = TRUE; - ssh_closing((Plug)ssh, NULL, 0, 0); + ssh_disconnect(ssh, "User aborted at cipher warning", NULL, + 0, TRUE); crStop(0); } } @@ -3171,9 +3198,7 @@ static int do_ssh1_login(Ssh ssh, unsigned char *in, int inlen, * get_line failed to get a username. * Terminate. */ - logevent("No username provided. Abandoning session."); - ssh->close_expected = TRUE; - ssh_closing((Plug)ssh, NULL, 0, 0); + ssh_disconnect(ssh, "No username provided", NULL, 0, TRUE); crStop(1); } } else { @@ -3510,13 +3535,7 @@ static int do_ssh1_login(Ssh ssh, unsigned char *in, int inlen, * because one was supplied on the command line * which has already failed to work). Terminate. */ - send_packet(ssh, SSH1_MSG_DISCONNECT, - PKT_STR, "No more passwords available to try", - PKT_END); - logevent("Unable to authenticate"); - connection_fatal(ssh->frontend, "Unable to authenticate"); - ssh->close_expected = TRUE; - ssh_closing((Plug)ssh, NULL, 0, 0); + ssh_disconnect(ssh, NULL, "Unable to authenticate", 0, FALSE); crStop(1); } } else { @@ -4564,8 +4583,7 @@ static void ssh1_smsg_exit_status(Ssh ssh, struct Packet *pktin) * encrypted packet, we close the session once * we've sent EXIT_CONFIRMATION. */ - ssh->close_expected = TRUE; - ssh_closing((Plug)ssh, NULL, 0, 0); + ssh_disconnect(ssh, NULL, NULL, 0, TRUE); } /* Helper function to deal with sending tty modes for REQUEST_PTY */ @@ -5340,8 +5358,8 @@ static int do_ssh2_transport(Ssh ssh, void *vin, int inlen, } ssh_set_frozen(ssh, 0); if (s->dlgret == 0) { - ssh->close_expected = TRUE; - ssh_closing((Plug)ssh, NULL, 0, 0); + ssh_disconnect(ssh, "User aborted at kex warning", NULL, + 0, TRUE); crStop(0); } } @@ -5365,8 +5383,8 @@ static int do_ssh2_transport(Ssh ssh, void *vin, int inlen, } ssh_set_frozen(ssh, 0); if (s->dlgret == 0) { - ssh->close_expected = TRUE; - ssh_closing((Plug)ssh, NULL, 0, 0); + ssh_disconnect(ssh, "User aborted at cipher warning", NULL, + 0, TRUE); crStop(0); } } @@ -5390,8 +5408,8 @@ static int do_ssh2_transport(Ssh ssh, void *vin, int inlen, } ssh_set_frozen(ssh, 0); if (s->dlgret == 0) { - ssh->close_expected = TRUE; - ssh_closing((Plug)ssh, NULL, 0, 0); + ssh_disconnect(ssh, "User aborted at cipher warning", NULL, + 0, TRUE); crStop(0); } } @@ -5539,8 +5557,8 @@ static int do_ssh2_transport(Ssh ssh, void *vin, int inlen, } ssh_set_frozen(ssh, 0); if (s->dlgret == 0) { - ssh->close_expected = TRUE; - ssh_closing((Plug)ssh, NULL, 0, 0); + ssh_disconnect(ssh, "User aborted at host key verification", NULL, + 0, TRUE); crStop(0); } if (!s->got_session_id) { /* don't bother logging this in rekeys */ @@ -5706,7 +5724,7 @@ static int do_ssh2_transport(Ssh ssh, void *vin, int inlen, * it would only confuse the layer above. */ if (s->activated_authconn) { - crReturn(1); + crReturn(0); } s->activated_authconn = TRUE; @@ -6021,8 +6039,6 @@ static void ssh2_msg_channel_close(Ssh ssh, struct Packet *pktin) * not running in -N mode.) */ if (!ssh->cfg.ssh_no_shell && count234(ssh->channels) == 0) { - logevent("All channels closed. Disconnecting"); -#if 0 /* * We used to send SSH_MSG_DISCONNECT here, * because I'd believed that _every_ conforming @@ -6034,14 +6050,7 @@ static void ssh2_msg_channel_close(Ssh ssh, struct Packet *pktin) * this is more polite than sending a * DISCONNECT. So now we don't. */ - s->pktout = ssh2_pkt_init(SSH2_MSG_DISCONNECT); - ssh2_pkt_adduint32(s->pktout, SSH2_DISCONNECT_BY_APPLICATION); - ssh2_pkt_addstring(s->pktout, "All open channels closed"); - ssh2_pkt_addstring(s->pktout, "en"); /* language tag */ - ssh2_pkt_send_noqueue(ssh, s->pktout); -#endif - ssh->close_expected = TRUE; - ssh_closing((Plug)ssh, NULL, 0, 0); + ssh_disconnect(ssh, "All channels closed", NULL, 0, TRUE); } } @@ -6128,18 +6137,10 @@ static void ssh2_msg_channel_request(Ssh ssh, struct Packet *pktin) */ c = find234(ssh->channels, &localid, ssh_channelfind); if (!c) { - char buf[80]; - sprintf(buf, "Received channel request for nonexistent" - " channel %d", localid); - logevent(buf); - pktout = ssh2_pkt_init(SSH2_MSG_DISCONNECT); - ssh2_pkt_adduint32(pktout, SSH2_DISCONNECT_BY_APPLICATION); - ssh2_pkt_addstring(pktout, buf); - ssh2_pkt_addstring(pktout, "en"); /* language tag */ - ssh2_pkt_send_noqueue(ssh, pktout); - connection_fatal(ssh->frontend, "%s", buf); - ssh->close_expected = TRUE; - ssh_closing((Plug)ssh, NULL, 0, 0); + char *buf = dupprintf("Received channel request for nonexistent" + " channel %d", localid); + ssh_disconnect(ssh, NULL, buf, SSH2_DISCONNECT_PROTOCOL_ERROR, FALSE); + sfree(buf); return; } @@ -6349,7 +6350,7 @@ static void ssh2_msg_channel_open(Ssh ssh, struct Packet *pktin) } } } else if (typelen == 22 && - !memcmp(type, "auth-agent@openssh.com", 3)) { + !memcmp(type, "auth-agent@openssh.com", 22)) { if (!ssh->agentfwd_enabled) error = "Agent forwarding is not enabled"; else { @@ -6548,9 +6549,7 @@ static void do_ssh2_authconn(Ssh ssh, unsigned char *in, int inlen, * get_line failed to get a username. * Terminate. */ - logevent("No username provided. Abandoning session."); - ssh->close_expected = TRUE; - ssh_closing((Plug)ssh, NULL, 0, 0); + ssh_disconnect(ssh, "No username provided", NULL, 0, TRUE); crStopV; } } else { @@ -7101,17 +7100,9 @@ static void do_ssh2_authconn(Ssh ssh, unsigned char *in, int inlen, * command line which has already failed to * work). Terminate. */ - s->pktout = ssh2_pkt_init(SSH2_MSG_DISCONNECT); - ssh2_pkt_adduint32(s->pktout,SSH2_DISCONNECT_BY_APPLICATION); - ssh2_pkt_addstring(s->pktout, "No more passwords available" - " to try"); - ssh2_pkt_addstring(s->pktout, "en"); /* language tag */ - ssh2_pkt_send_noqueue(ssh, s->pktout); - logevent("Unable to authenticate"); - connection_fatal(ssh->frontend, - "Unable to authenticate"); - ssh->close_expected = TRUE; - ssh_closing((Plug)ssh, NULL, 0, 0); + ssh_disconnect(ssh, NULL, "Unable to authenticate", + SSH2_DISCONNECT_AUTH_CANCELLED_BY_USER, + FALSE); crStopV; } } else { @@ -7262,18 +7253,10 @@ static void do_ssh2_authconn(Ssh ssh, unsigned char *in, int inlen, } s->type = AUTH_TYPE_KEYBOARD_INTERACTIVE; } else { - c_write_str(ssh, "No supported authentication methods" - " left to try!\r\n"); - logevent("No supported authentications offered." - " Disconnecting"); - s->pktout = ssh2_pkt_init(SSH2_MSG_DISCONNECT); - ssh2_pkt_adduint32(s->pktout, SSH2_DISCONNECT_BY_APPLICATION); - ssh2_pkt_addstring(s->pktout, "No supported authentication" - " methods available"); - ssh2_pkt_addstring(s->pktout, "en"); /* language tag */ - ssh2_pkt_send_noqueue(ssh, s->pktout); - ssh->close_expected = TRUE; - ssh_closing((Plug)ssh, NULL, 0, 0); + ssh_disconnect(ssh, NULL, + "No supported authentication methods available", + SSH2_DISCONNECT_NO_MORE_AUTH_METHODS_AVAILABLE, + FALSE); crStopV; } } @@ -7847,6 +7830,7 @@ static const char *ssh_init(void *frontend_handle, void **backend_handle, ssh->hostkey = NULL; ssh->exitcode = -1; ssh->close_expected = FALSE; + ssh->clean_exit = FALSE; ssh->state = SSH_STATE_PREPACKET; ssh->size_needed = FALSE; ssh->eof_needed = FALSE; @@ -8072,7 +8056,7 @@ static void ssh_reconfig(void *handle, Config *cfg) } /* - * Called to send data down the Telnet connection. + * Called to send data down the SSH connection. */ static int ssh_send(void *handle, char *buf, int len) { @@ -8229,7 +8213,7 @@ static const struct telnet_special *ssh_get_specials(void *handle) } /* - * Send Telnet special codes. TS_EOF is useful for `plink', so you + * Send special codes. TS_EOF is useful for `plink', so you * can send an EOF and collect resulting output (e.g. `plink * hostname sort'). */