X-Git-Url: https://git.distorted.org.uk/u/mdw/putty/blobdiff_plain/5e8358ad8127c0ffc2010ddfed3a5258ba24704d..8d5de7770cde9b808c276bd86a0214189a8f7578:/ssh.c diff --git a/ssh.c b/ssh.c index ff6e8377..fddb68d1 100644 --- a/ssh.c +++ b/ssh.c @@ -17,9 +17,12 @@ #endif #define logevent(s) { logevent(s); \ - if (!(flags & FLAG_CONNECTION) && (flags & FLAG_VERBOSE)) \ + if ((flags & FLAG_STDERR) && (flags & FLAG_VERBOSE)) \ fprintf(stderr, "%s\n", s); } +#define bombout(msg) ( ssh_state == SSH_STATE_CLOSED, closesocket(s), \ + s = INVALID_SOCKET, connection_fatal msg ) + #define SSH1_MSG_DISCONNECT 1 /* 0x1 */ #define SSH1_SMSG_PUBLIC_KEY 2 /* 0x2 */ #define SSH1_CMSG_SESSION_KEY 3 /* 0x3 */ @@ -248,8 +251,10 @@ static void s_write (char *buf, int len) { while (len > 0) { int i = send (s, buf, len, 0); noise_ultralight(i); - if (i <= 0) - fatalbox("Lost connection while sending"); + if (i <= 0) { + bombout(("Lost connection while sending")); + return; + } if (i > 0) len -= i, buf += i; } @@ -269,7 +274,7 @@ static int s_read (char *buf, int len) { } static void c_write (char *buf, int len) { - if (!(flags & FLAG_CONNECTION)) { + if ((flags & FLAG_STDERR)) { int i; for (i = 0; i < len; i++) if (buf[i] != '\r') @@ -372,7 +377,8 @@ next_packet: realcrc = crc32(pktin.data, biglen-4); gotcrc = GET_32BIT(pktin.data+biglen-4); if (gotcrc != realcrc) { - fatalbox("Incorrect CRC received on packet"); + bombout(("Incorrect CRC received on packet")); + crReturn(0); } if (pktin.type == SSH1_SMSG_STDOUT_DATA || @@ -381,8 +387,10 @@ next_packet: pktin.type == SSH1_SMSG_AUTH_TIS_CHALLENGE || pktin.type == SSH1_SMSG_AUTH_CCARD_CHALLENGE) { long strlen = GET_32BIT(pktin.body); - if (strlen + 4 != pktin.length) - fatalbox("Received data packet with bogus string length"); + if (strlen + 4 != pktin.length) { + bombout(("Received data packet with bogus string length")); + crReturn(0); + } } if (pktin.type == SSH1_MSG_DEBUG) { @@ -503,8 +511,10 @@ next_packet: /* * Check the MAC. */ - if (scmac && !scmac->verify(pktin.data, len+4, incoming_sequence)) - fatalbox("Incorrect MAC received on packet"); + if (scmac && !scmac->verify(pktin.data, len+4, incoming_sequence)) { + bombout(("Incorrect MAC received on packet")); + crReturn(0); + } incoming_sequence++; /* whether or not we MACed */ pktin.savedpos = 6; @@ -950,8 +960,10 @@ Bignum ssh2_pkt_getmp(void) { ssh2_pkt_getstring(&p, &length); if (!p) return NULL; - if (p[0] & 0x80) - fatalbox("internal error: Can't handle negative mpints"); + if (p[0] & 0x80) { + bombout(("internal error: Can't handle negative mpints")); + return NULL; + } b = newbn((length+1)/2); for (i = 0; i < length; i++) { j = length - 1 - i; @@ -1069,8 +1081,10 @@ static int do_ssh1_login(unsigned char *in, int inlen, int ispkt) if (!ispkt) crWaitUntil(ispkt); - if (pktin.type != SSH1_SMSG_PUBLIC_KEY) - fatalbox("Public key packet not received"); + if (pktin.type != SSH1_SMSG_PUBLIC_KEY) { + bombout(("Public key packet not received")); + crReturn(0); + } logevent("Received public keys"); @@ -1180,8 +1194,10 @@ static int do_ssh1_login(unsigned char *in, int inlen, int ispkt) crWaitUntil(ispkt); - if (pktin.type != SSH1_SMSG_SUCCESS) - fatalbox("Encryption not successfully enabled"); + if (pktin.type != SSH1_SMSG_SUCCESS) { + bombout(("Encryption not successfully enabled")); + crReturn(0); + } logevent("Successfully started encryption"); @@ -1190,8 +1206,9 @@ static int do_ssh1_login(unsigned char *in, int inlen, int ispkt) static char username[100]; static int pos = 0; static char c; - if ((flags & FLAG_CONNECTION) && !*cfg.username) { + if ((flags & FLAG_INTERACTIVE) && !*cfg.username) { c_write("login as: ", 10); + ssh_send_ok = 1; while (pos >= 0) { crWaitUntil(!ispkt); while (inlen--) switch (c = *in++) { @@ -1230,7 +1247,7 @@ static int do_ssh1_login(unsigned char *in, int inlen, int ispkt) char stuff[200]; strncpy(username, cfg.username, 99); username[99] = '\0'; - if (flags & FLAG_VERBOSE) { + if ((flags & FLAG_VERBOSE) || (flags & FLAG_INTERACTIVE)) { sprintf(stuff, "Sent username \"%s\".\r\n", username); c_write(stuff, strlen(stuff)); } @@ -1362,7 +1379,8 @@ static int do_ssh1_login(unsigned char *in, int inlen, int ispkt) if (*cfg.keyfile && !tried_publickey) pwpkt_type = SSH1_CMSG_AUTH_RSA; - if (pwpkt_type == SSH1_CMSG_AUTH_PASSWORD && !FLAG_WINDOWED) { + if (pwpkt_type == SSH1_CMSG_AUTH_PASSWORD && + !(flags & FLAG_INTERACTIVE)) { char prompt[200]; sprintf(prompt, "%s@%s's password: ", cfg.username, savedhost); if (!ssh_get_password(prompt, password, sizeof(password))) { @@ -1431,6 +1449,7 @@ static int do_ssh1_login(unsigned char *in, int inlen, int ispkt) } pos = 0; + ssh_send_ok = 1; while (pos >= 0) { crWaitUntil(!ispkt); while (inlen--) switch (c = *in++) { @@ -1497,8 +1516,10 @@ static int do_ssh1_login(unsigned char *in, int inlen, int ispkt) c_write("Server refused our public key.\r\n", 32); continue; /* go and try password */ } - if (pktin.type != SSH1_SMSG_AUTH_RSA_CHALLENGE) - fatalbox("Bizarre response to offer of public key"); + if (pktin.type != SSH1_SMSG_AUTH_RSA_CHALLENGE) { + bombout(("Bizarre response to offer of public key")); + crReturn(0); + } ssh1_read_bignum(pktin.body, &challenge); response = rsadecrypt(challenge, &pubkey); freebn(pubkey.private_exponent); /* burn the evidence */ @@ -1523,7 +1544,8 @@ static int do_ssh1_login(unsigned char *in, int inlen, int ispkt) 45); continue; /* go and try password */ } else if (pktin.type != SSH1_SMSG_SUCCESS) { - fatalbox("Bizarre response to RSA authentication response"); + bombout(("Bizarre response to RSA authentication response")); + crReturn(0); } break; /* we're through! */ @@ -1542,7 +1564,8 @@ static int do_ssh1_login(unsigned char *in, int inlen, int ispkt) ssh_state = SSH_STATE_CLOSED; crReturn(1); } else if (pktin.type != SSH1_SMSG_SUCCESS) { - fatalbox("Strange packet received, type %d", pktin.type); + bombout(("Strange packet received, type %d", pktin.type)); + crReturn(0); } } @@ -1567,7 +1590,8 @@ static void ssh1_protocol(unsigned char *in, int inlen, int ispkt) { send_packet(SSH1_CMSG_AGENT_REQUEST_FORWARDING, PKT_END); do { crReturnV; } while (!ispkt); if (pktin.type != SSH1_SMSG_SUCCESS && pktin.type != SSH1_SMSG_FAILURE) { - fatalbox("Protocol confusion"); + bombout(("Protocol confusion")); + crReturnV; } else if (pktin.type == SSH1_SMSG_FAILURE) { logevent("Agent forwarding refused"); } else @@ -1584,7 +1608,8 @@ static void ssh1_protocol(unsigned char *in, int inlen, int ispkt) { ssh_state = SSH_STATE_INTERMED; do { crReturnV; } while (!ispkt); if (pktin.type != SSH1_SMSG_SUCCESS && pktin.type != SSH1_SMSG_FAILURE) { - fatalbox("Protocol confusion"); + bombout(("Protocol confusion")); + crReturnV; } else if (pktin.type == SSH1_SMSG_FAILURE) { c_write("Server refused to allocate pty\r\n", 32); } @@ -1710,7 +1735,8 @@ static void ssh1_protocol(unsigned char *in, int inlen, int ispkt) { } else if (pktin.type == SSH1_SMSG_EXIT_STATUS) { send_packet(SSH1_CMSG_EXIT_CONFIRMATION, PKT_END); } else { - fatalbox("Strange packet received: type %d", pktin.type); + bombout(("Strange packet received: type %d", pktin.type)); + crReturnV; } } else { send_packet(SSH1_CMSG_STDIN_DATA, @@ -1887,7 +1913,8 @@ static int do_ssh2_transport(unsigned char *in, int inlen, int ispkt) * to. */ if (pktin.type != SSH2_MSG_KEXINIT) { - fatalbox("expected key exchange packet from server"); + bombout(("expected key exchange packet from server")); + crReturn(0); } kex = NULL; hostkey = NULL; cscipher_tobe = NULL; sccipher_tobe = NULL; csmac_tobe = NULL; scmac_tobe = NULL; cscomp_tobe = NULL; sccomp_tobe = NULL; @@ -1953,8 +1980,10 @@ static int do_ssh2_transport(unsigned char *in, int inlen, int ispkt) * Currently we only support Diffie-Hellman and DSS, so let's * bomb out if those aren't selected. */ - if (kex != &ssh_diffiehellman || hostkey != &ssh_dss) - fatalbox("internal fault: chaos in SSH 2 transport layer"); + if (kex != &ssh_diffiehellman || hostkey != &ssh_dss) { + bombout(("internal fault: chaos in SSH 2 transport layer")); + crReturn(0); + } /* * Now we begin the fun. Generate and send e for Diffie-Hellman. @@ -1966,7 +1995,8 @@ static int do_ssh2_transport(unsigned char *in, int inlen, int ispkt) crWaitUntil(ispkt); if (pktin.type != SSH2_MSG_KEXDH_REPLY) { - fatalbox("expected key exchange packet from server"); + bombout(("expected key exchange packet from server")); + crReturn(0); } ssh2_pkt_getstring(&hostkeydata, &hostkeylen); f = ssh2_pkt_getmp(); @@ -1988,15 +2018,19 @@ static int do_ssh2_transport(unsigned char *in, int inlen, int ispkt) #endif hostkey->setkey(hostkeydata, hostkeylen); - if (!hostkey->verifysig(sigdata, siglen, exchange_hash, 20)) - fatalbox("Server failed host key check"); + if (!hostkey->verifysig(sigdata, siglen, exchange_hash, 20)) { + bombout(("Server failed host key check")); + crReturn(0); + } /* * Expect SSH2_MSG_NEWKEYS from server. */ crWaitUntil(ispkt); - if (pktin.type != SSH2_MSG_NEWKEYS) - fatalbox("expected new-keys packet from server"); + if (pktin.type != SSH2_MSG_NEWKEYS) { + bombout(("expected new-keys packet from server")); + crReturn(0); + } /* * Authenticate remote host: verify host key. (We've already @@ -2062,8 +2096,10 @@ static void do_ssh2_authconn(unsigned char *in, int inlen, int ispkt) ssh2_pkt_addstring("ssh-userauth"); ssh2_pkt_send(); crWaitUntilV(ispkt); - if (pktin.type != SSH2_MSG_SERVICE_ACCEPT) - fatalbox("Server refused user authentication protocol"); + if (pktin.type != SSH2_MSG_SERVICE_ACCEPT) { + bombout(("Server refused user authentication protocol")); + crReturnV; + } /* * FIXME: currently we support only password authentication. @@ -2079,8 +2115,9 @@ static void do_ssh2_authconn(unsigned char *in, int inlen, int ispkt) static int pos = 0; static char c; - if ((flags & FLAG_CONNECTION) && !*cfg.username) { + if ((flags & FLAG_INTERACTIVE) && !*cfg.username) { c_write("login as: ", 10); + ssh_send_ok = 1; while (pos >= 0) { crWaitUntilV(!ispkt); while (inlen--) switch (c = *in++) { @@ -2119,13 +2156,13 @@ static void do_ssh2_authconn(unsigned char *in, int inlen, int ispkt) char stuff[200]; strncpy(username, cfg.username, 99); username[99] = '\0'; - if (flags & FLAG_VERBOSE) { + if ((flags & FLAG_VERBOSE) || (flags & FLAG_INTERACTIVE)) { sprintf(stuff, "Using username \"%s\".\r\n", username); c_write(stuff, strlen(stuff)); } } - if (!(flags & FLAG_WINDOWED)) { + if (!(flags & FLAG_INTERACTIVE)) { char prompt[200]; sprintf(prompt, "%s@%s's password: ", cfg.username, savedhost); if (!ssh_get_password(prompt, password, sizeof(password))) { @@ -2141,6 +2178,7 @@ static void do_ssh2_authconn(unsigned char *in, int inlen, int ispkt) } } else { c_write("password: ", 10); + ssh_send_ok = 1; pos = 0; while (pos >= 0) { @@ -2206,11 +2244,13 @@ static void do_ssh2_authconn(unsigned char *in, int inlen, int ispkt) ssh2_pkt_send(); crWaitUntilV(ispkt); if (pktin.type != SSH2_MSG_CHANNEL_OPEN_CONFIRMATION) { - fatalbox("Server refused to open a session"); + bombout(("Server refused to open a session")); + crReturnV; /* FIXME: error data comes back in FAILURE packet */ } if (ssh2_pkt_getuint32() != mainchan->localid) { - fatalbox("Server's channel confirmation cited wrong channel"); + bombout(("Server's channel confirmation cited wrong channel")); + crReturnV; } mainchan->remoteid = ssh2_pkt_getuint32(); mainchan->u.v2.remwindow = ssh2_pkt_getuint32(); @@ -2222,39 +2262,54 @@ static void do_ssh2_authconn(unsigned char *in, int inlen, int ispkt) /* * Now allocate a pty for the session. */ - ssh2_pkt_init(SSH2_MSG_CHANNEL_REQUEST); - ssh2_pkt_adduint32(mainchan->remoteid); /* recipient channel */ - ssh2_pkt_addstring("pty-req"); - ssh2_pkt_addbool(1); /* want reply */ - ssh2_pkt_addstring(cfg.termtype); - ssh2_pkt_adduint32(cols); - ssh2_pkt_adduint32(rows); - ssh2_pkt_adduint32(0); /* pixel width */ - ssh2_pkt_adduint32(0); /* pixel height */ - ssh2_pkt_addstring_start(); - ssh2_pkt_addstring_data("\0", 1); /* TTY_OP_END, no special options */ - ssh2_pkt_send(); + if (!cfg.nopty) { + ssh2_pkt_init(SSH2_MSG_CHANNEL_REQUEST); + ssh2_pkt_adduint32(mainchan->remoteid); /* recipient channel */ + ssh2_pkt_addstring("pty-req"); + ssh2_pkt_addbool(1); /* want reply */ + ssh2_pkt_addstring(cfg.termtype); + ssh2_pkt_adduint32(cols); + ssh2_pkt_adduint32(rows); + ssh2_pkt_adduint32(0); /* pixel width */ + ssh2_pkt_adduint32(0); /* pixel height */ + ssh2_pkt_addstring_start(); + ssh2_pkt_addstring_data("\0", 1);/* TTY_OP_END, no special options */ + ssh2_pkt_send(); - do { /* FIXME: pay attention to these */ - crWaitUntilV(ispkt); - } while (pktin.type == SSH2_MSG_CHANNEL_WINDOW_ADJUST); + do { + crWaitUntilV(ispkt); + if (pktin.type == SSH2_MSG_CHANNEL_WINDOW_ADJUST) { + /* FIXME: be able to handle other channels here */ + if (ssh2_pkt_getuint32() != mainchan->localid) + continue; /* wrong channel */ + mainchan->u.v2.remwindow += ssh2_pkt_getuint32(); + } + } while (pktin.type == SSH2_MSG_CHANNEL_WINDOW_ADJUST); - if (pktin.type != SSH2_MSG_CHANNEL_SUCCESS) { - if (pktin.type != SSH2_MSG_CHANNEL_FAILURE) { - fatalbox("Server got confused by pty request"); + if (pktin.type != SSH2_MSG_CHANNEL_SUCCESS) { + if (pktin.type != SSH2_MSG_CHANNEL_FAILURE) { + bombout(("Server got confused by pty request")); + crReturnV; + } + c_write("Server refused to allocate pty\r\n", 32); + } else { + logevent("Allocated pty"); } - c_write("Server refused to allocate pty\r\n", 32); - } else { - logevent("Allocated pty"); } /* - * Start a shell. + * Start a shell or a remote command. */ ssh2_pkt_init(SSH2_MSG_CHANNEL_REQUEST); ssh2_pkt_adduint32(mainchan->remoteid); /* recipient channel */ - ssh2_pkt_addstring("shell"); - ssh2_pkt_addbool(1); /* want reply */ + if (*cfg.remote_cmd) { + ssh2_pkt_addstring("exec"); + ssh2_pkt_addbool(1); /* want reply */ + ssh2_pkt_addstring(cfg.remote_cmd); + } else { + ssh2_pkt_addstring("shell"); + ssh2_pkt_addbool(1); /* want reply */ + } ssh2_pkt_send(); do { crWaitUntilV(ispkt); @@ -2267,11 +2322,13 @@ static void do_ssh2_authconn(unsigned char *in, int inlen, int ispkt) } while (pktin.type == SSH2_MSG_CHANNEL_WINDOW_ADJUST); if (pktin.type != SSH2_MSG_CHANNEL_SUCCESS) { if (pktin.type != SSH2_MSG_CHANNEL_FAILURE) { - fatalbox("Server got confused by shell request"); + bombout(("Server got confused by shell/command request")); + crReturnV; } - fatalbox("Server refused to start a shell"); + bombout(("Server refused to start a shell/command")); + crReturnV; } else { - logevent("Started a shell"); + logevent("Started a shell/command"); } /* @@ -2334,7 +2391,8 @@ static void do_ssh2_authconn(unsigned char *in, int inlen, int ispkt) mainchan->u.v2.remwindow += ssh2_pkt_getuint32(); try_send = TRUE; } else { - fatalbox("Strange packet received: type %d", pktin.type); + bombout(("Strange packet received: type %d", pktin.type)); + crReturnV; } } else { /* @@ -2439,8 +2497,11 @@ static int ssh_msg (WPARAM wParam, LPARAM lParam) { if (s == INVALID_SOCKET) return 1; - if (WSAGETSELECTERROR(lParam) != 0) + if (WSAGETSELECTERROR(lParam) != 0) { + closesocket(s); + s = INVALID_SOCKET; return -WSAGETSELECTERROR(lParam); + } switch (WSAGETSELECTEVENT(lParam)) { case FD_READ: @@ -2448,8 +2509,11 @@ static int ssh_msg (WPARAM wParam, LPARAM lParam) { ret = recv(s, buf, sizeof(buf), 0); if (ret < 0 && WSAGetLastError() == WSAEWOULDBLOCK) return 1; - if (ret < 0) /* any _other_ error */ + if (ret < 0) { /* any _other_ error */ + closesocket(s); + s = INVALID_SOCKET; return -10000-WSAGetLastError(); + } if (ret == 0) { s = INVALID_SOCKET; return 0; @@ -2502,13 +2566,14 @@ static void ssh_size(void) { */ static void ssh_special (Telnet_Special code) { if (code == TS_EOF) { - if (ssh_version = 1) { + if (ssh_version == 1) { send_packet(SSH1_CMSG_EOF, PKT_END); } else { ssh2_pkt_init(SSH2_MSG_CHANNEL_EOF); ssh2_pkt_adduint32(mainchan->remoteid); ssh2_pkt_send(); } + logevent("Sent EOF message"); } else { /* do nothing */ } @@ -2602,7 +2667,8 @@ int ssh_scp_recv(unsigned char *buf, int len) closesocket(s); s = INVALID_SOCKET; } else { - fatalbox("Strange packet received: type %d", pktin.type); + bombout(("Strange packet received: type %d", pktin.type)); + return 0; } }