X-Git-Url: https://git.distorted.org.uk/u/mdw/putty/blobdiff_plain/6f64ce130842a47be060331c7c83de06c086c1ba..a8756193fe9c253f9456eea4ac252889c56d195c:/ssh.c diff --git a/ssh.c b/ssh.c index 736c1fb1..bf223bcd 100644 --- a/ssh.c +++ b/ssh.c @@ -106,6 +106,7 @@ */ #define SSH2_PKTCTX_DHGROUP 0x0001 #define SSH2_PKTCTX_DHGEX 0x0002 +#define SSH2_PKTCTX_KEX_MASK 0x000F #define SSH2_PKTCTX_PUBLICKEY 0x0010 #define SSH2_PKTCTX_PASSWORD 0x0020 #define SSH2_PKTCTX_KBDINTER 0x0040 @@ -162,7 +163,7 @@ static const char *const ssh2_disconnect_reasons[] = { #define BUG_CHOKES_ON_RSA 8 #define BUG_SSH2_RSA_PADDING 16 #define BUG_SSH2_DERIVEKEY 32 -/* 64 was BUG_SSH2_DH_GEX, now spare */ +#define BUG_SSH2_REKEY 64 #define BUG_SSH2_PK_SESSIONID 128 #define translate(x) if (type == x) return #x @@ -359,6 +360,7 @@ static void do_ssh2_authconn(Ssh ssh, unsigned char *in, int inlen, #define SSH1_BUFFER_LIMIT 32768 #define SSH_MAX_BACKLOG 32768 #define OUR_V2_WINSIZE 16384 +#define OUR_V2_MAXPKT 0x4000UL const static struct ssh_signkey *hostkey_algs[] = { &ssh_rsa, &ssh_dss }; @@ -531,6 +533,7 @@ struct ssh_portfwd { struct Packet { long length; + long forcepad; /* Force padding to at least this length */ int type; unsigned long sequence; unsigned char *data; @@ -547,9 +550,9 @@ struct Packet { struct logblank_t *blanks; }; -static void ssh1_protocol(Ssh ssh, unsigned char *in, int inlen, +static void ssh1_protocol(Ssh ssh, void *vin, int inlen, struct Packet *pktin); -static void ssh2_protocol(Ssh ssh, unsigned char *in, int inlen, +static void ssh2_protocol(Ssh ssh, void *vin, int inlen, struct Packet *pktin); static void ssh1_protocol_setup(Ssh ssh); static void ssh2_protocol_setup(Ssh ssh); @@ -560,12 +563,12 @@ static void ssh2_add_channel_data(struct ssh_channel *c, char *buf, int len); static void ssh_throttle_all(Ssh ssh, int enable, int bufsize); static void ssh2_set_window(struct ssh_channel *c, unsigned newwin); static int ssh_sendbuffer(void *handle); -static void ssh_do_close(Ssh ssh); +static int ssh_do_close(Ssh ssh, int notify_exit); static unsigned long ssh_pkt_getuint32(struct Packet *pkt); static int ssh2_pkt_getbool(struct Packet *pkt); static void ssh_pkt_getstring(struct Packet *pkt, char **p, int *length); static void ssh2_timer(void *ctx, long now); -static int do_ssh2_transport(Ssh ssh, unsigned char *in, int inlen, +static int do_ssh2_transport(Ssh ssh, void *vin, int inlen, struct Packet *pktin); struct rdpkt1_state_tag { @@ -641,6 +644,7 @@ struct ssh_tag { tree234 *channels; /* indexed by local id */ struct ssh_channel *mainchan; /* primary session channel */ int exitcode; + int close_expected; tree234 *rportfwds, *portfwds; @@ -685,7 +689,7 @@ struct ssh_tag { int overall_bufsize; int throttled_all; int v1_stdout_throttling; - int v2_outgoing_sequence; + unsigned long v2_outgoing_sequence; int ssh1_rdpkt_crstate; int ssh2_rdpkt_crstate; @@ -707,7 +711,7 @@ struct ssh_tag { /* ssh1 and ssh2 use this for different things, but both use it */ int protocol_initial_phase_done; - void (*protocol) (Ssh ssh, unsigned char *in, int inlen, + void (*protocol) (Ssh ssh, void *vin, int inlen, struct Packet *pkt); struct Packet *(*s_rdpkt) (Ssh ssh, unsigned char **data, int *datalen); @@ -771,7 +775,7 @@ static void logeventf(Ssh ssh, const char *fmt, ...) #define bombout(msg) \ do { \ char *text = dupprintf msg; \ - ssh_do_close(ssh); \ + ssh_do_close(ssh, FALSE); \ logevent(text); \ connection_fatal(ssh->frontend, "%s", text); \ sfree(text); \ @@ -1569,6 +1573,7 @@ static struct Packet *ssh2_pkt_init(int pkt_type) { struct Packet *pkt = ssh_new_packet(); pkt->length = 5; + pkt->forcepad = 0; ssh2_pkt_addbyte(pkt, (unsigned char) pkt_type); return pkt; } @@ -1665,12 +1670,17 @@ static int ssh2_pkt_construct(Ssh ssh, struct Packet *pkt) /* * Add padding. At least four bytes, and must also bring total * length (minus MAC) up to a multiple of the block size. + * If pkt->forcepad is set, make sure the packet is at least that size + * after padding. */ cipherblk = ssh->cscipher ? ssh->cscipher->blksize : 8; /* block size */ cipherblk = cipherblk < 8 ? 8 : cipherblk; /* or 8 if blksize < 8 */ padding = 4; + if (pkt->length + padding < pkt->forcepad) + padding = pkt->forcepad - pkt->length; padding += (cipherblk - (pkt->length + padding) % cipherblk) % cipherblk; + assert(padding <= 255); maclen = ssh->csmac ? ssh->csmac->len : 0; ssh2_pkt_ensure(pkt, pkt->length + padding + maclen); pkt->data[4] = padding; @@ -1738,8 +1748,7 @@ static void ssh2_pkt_send_noqueue(Ssh ssh, struct Packet *pkt) if (!ssh->kex_in_progress && ssh->max_data_size != 0 && ssh->outgoing_data_size > ssh->max_data_size) - do_ssh2_transport(ssh, "Initiating key re-exchange " - "(too much data sent)", -1, NULL); + do_ssh2_transport(ssh, "too much data sent", -1, NULL); ssh_free_packet(pkt); } @@ -1789,6 +1798,7 @@ static void ssh2_pkt_send(Ssh ssh, struct Packet *pkt) ssh2_pkt_send_noqueue(ssh, pkt); } +#if 0 /* disused */ /* * Either queue or defer a packet, depending on whether queueing is * set. @@ -1800,6 +1810,7 @@ static void ssh2_pkt_defer(Ssh ssh, struct Packet *pkt) else ssh2_pkt_defer_noqueue(ssh, pkt); } +#endif /* * Send the whole deferred data block constructed by @@ -1829,8 +1840,7 @@ static void ssh_pkt_defersend(Ssh ssh) if (!ssh->kex_in_progress && ssh->max_data_size != 0 && ssh->outgoing_data_size > ssh->max_data_size) - do_ssh2_transport(ssh, "Initiating key re-exchange " - "(too much data sent)", -1, NULL); + do_ssh2_transport(ssh, "too much data sent", -1, NULL); ssh->deferred_data_size = 0; } @@ -2137,6 +2147,19 @@ static void ssh_detect_bugs(Ssh ssh, char *vstring) ssh->remote_bugs |= BUG_SSH2_PK_SESSIONID; logevent("We believe remote version has SSH2 public-key-session-ID bug"); } + + if (ssh->cfg.sshbug_rekey2 == FORCE_ON || + (ssh->cfg.sshbug_rekey2 == AUTO && + (wc_match("OpenSSH_2.[0-4]*", imp) || + wc_match("OpenSSH_2.5.[0-3]*", imp) || + wc_match("Sun_SSH_1.0", imp) || + wc_match("Sun_SSH_1.0.1", imp)))) { + /* + * These versions have the SSH2 rekey bug. + */ + ssh->remote_bugs |= BUG_SSH2_REKEY; + logevent("We believe remote version has SSH2 rekey bug"); + } } /* @@ -2356,16 +2379,19 @@ static void ssh_gotdata(Ssh ssh, unsigned char *data, int datalen) crFinishV; } -static void ssh_do_close(Ssh ssh) +static int ssh_do_close(Ssh ssh, int notify_exit) { - int i; + int i, ret = 0; struct ssh_channel *c; ssh->state = SSH_STATE_CLOSED; if (ssh->s) { sk_close(ssh->s); ssh->s = NULL; - notify_remote_exit(ssh->frontend); + if (notify_exit) + notify_remote_exit(ssh->frontend); + else + ret = 1; } /* * Now we must shut down any port and X forwardings going @@ -2387,20 +2413,45 @@ static void ssh_do_close(Ssh ssh) sfree(c); } } + + return ret; +} + +static void ssh_log(Plug plug, int type, SockAddr addr, int port, + const char *error_msg, int error_code) +{ + Ssh ssh = (Ssh) plug; + char addrbuf[256], *msg; + + sk_getaddr(addr, addrbuf, lenof(addrbuf)); + + if (type == 0) + msg = dupprintf("Connecting to %s port %d", addrbuf, port); + else + msg = dupprintf("Failed to connect to %s: %s", addrbuf, error_msg); + + logevent(msg); } static int ssh_closing(Plug plug, const char *error_msg, int error_code, int calling_back) { Ssh ssh = (Ssh) plug; - ssh_do_close(ssh); + int need_notify = ssh_do_close(ssh, FALSE); + + if (!error_msg && !ssh->close_expected) { + error_msg = "Server unexpectedly closed network connection"; + } + if (error_msg) { /* A socket error has occurred. */ logevent(error_msg); connection_fatal(ssh->frontend, "%s", error_msg); } else { - /* Otherwise, the remote side closed the connection normally. */ + logevent("Server closed network connection"); } + if (need_notify) + notify_remote_exit(ssh->frontend); return 0; } @@ -2409,7 +2460,7 @@ static int ssh_receive(Plug plug, int urgent, char *data, int len) Ssh ssh = (Ssh) plug; ssh_gotdata(ssh, (unsigned char *)data, len); if (ssh->state == SSH_STATE_CLOSED) { - ssh_do_close(ssh); + ssh_do_close(ssh, TRUE); return 0; } return 1; @@ -2436,6 +2487,7 @@ static const char *connect_to_host(Ssh ssh, char *host, int port, char **realhost, int nodelay, int keepalive) { static const struct plug_function_table fn_table = { + ssh_log, ssh_closing, ssh_receive, ssh_sent, @@ -2470,11 +2522,6 @@ static const char *connect_to_host(Ssh ssh, char *host, int port, /* * Open socket. */ - { - char addrbuf[100]; - sk_getaddr(addr, addrbuf, 100); - logeventf(ssh, "Connecting to %s port %d", addrbuf, port); - } ssh->fn = &fn_table; ssh->s = new_connection(addr, *realhost, port, 0, 1, nodelay, keepalive, (Plug) ssh, &ssh->cfg); @@ -2910,6 +2957,7 @@ static int do_ssh1_login(Ssh ssh, unsigned char *in, int inlen, * Terminate. */ logevent("No username provided. Abandoning session."); + ssh->close_expected = TRUE; ssh_closing((Plug)ssh, NULL, 0, 0); crStop(1); } @@ -3258,6 +3306,7 @@ static int do_ssh1_login(Ssh ssh, unsigned char *in, int inlen, PKT_END); logevent("Unable to authenticate"); connection_fatal(ssh->frontend, "Unable to authenticate"); + ssh->close_expected = TRUE; ssh_closing((Plug)ssh, NULL, 0, 0); crStop(1); } @@ -4230,7 +4279,7 @@ static void ssh1_msg_channel_data(Ssh ssh, struct Packet *pktin) /* Data sent down one of our channels. */ int i = ssh_pkt_getuint32(pktin); char *p; - unsigned int len; + int len; struct ssh_channel *c; ssh_pkt_getstring(pktin, &p, &len); @@ -4310,6 +4359,7 @@ static void ssh1_smsg_exit_status(Ssh ssh, struct Packet *pktin) * encrypted packet, we close the session once * we've sent EXIT_CONFIRMATION. */ + ssh->close_expected = TRUE; ssh_closing((Plug)ssh, NULL, 0, 0); } @@ -4549,9 +4599,10 @@ static void ssh1_protocol_setup(Ssh ssh) ssh->packet_dispatch[SSH1_MSG_DEBUG] = ssh1_msg_debug; } -static void ssh1_protocol(Ssh ssh, unsigned char *in, int inlen, +static void ssh1_protocol(Ssh ssh, void *vin, int inlen, struct Packet *pktin) { + unsigned char *in=(unsigned char*)vin; if (ssh->state == SSH_STATE_CLOSED) return; @@ -4629,9 +4680,10 @@ static void ssh2_mkkey(Ssh ssh, Bignum K, unsigned char *H, /* * Handle the SSH2 transport layer. */ -static int do_ssh2_transport(Ssh ssh, unsigned char *in, int inlen, +static int do_ssh2_transport(Ssh ssh, void *vin, int inlen, struct Packet *pktin) { + unsigned char *in = (unsigned char *)vin; struct do_ssh2_transport_state { int nbits, pbits, warn; Bignum p, g, e, f, K; @@ -4675,6 +4727,7 @@ static int do_ssh2_transport(Ssh ssh, unsigned char *in, int inlen, s->maclist = macs, s->nmacs = lenof(macs); begin_key_exchange: + ssh->pkt_ctx &= ~SSH2_PKTCTX_KEX_MASK; { int i, j, commalist_started; @@ -5305,12 +5358,34 @@ static int do_ssh2_transport(Ssh ssh, unsigned char *in, int inlen, */ while (!((pktin && pktin->type == SSH2_MSG_KEXINIT) || (!pktin && inlen == -1))) { + wait_for_rekey: crReturn(1); } if (pktin) { logevent("Server initiated key re-exchange"); } else { - logevent((char *)in); + /* + * Special case: if the server bug is set that doesn't + * allow rekeying, we give a different log message and + * continue waiting. (If such a server _initiates_ a rekey, + * we process it anyway!) + */ + if ((ssh->remote_bugs & BUG_SSH2_REKEY)) { + logeventf(ssh, "Server bug prevents key re-exchange (%s)", + (char *)in); + /* Reset the counters, so that at least this message doesn't + * hit the event log _too_ often. */ + ssh->outgoing_data_size = 0; + ssh->incoming_data_size = 0; + if (ssh->cfg.ssh_rekey_time != 0) { + ssh->next_rekey = + schedule_timer(ssh->cfg.ssh_rekey_time*60*TICKSPERSEC, + ssh2_timer, ssh); + } + goto wait_for_rekey; /* this is utterly horrid */ + } else { + logeventf(ssh, "Initiating key re-exchange (%s)", (char *)in); + } } goto begin_key_exchange; @@ -5375,7 +5450,14 @@ static void ssh2_set_window(struct ssh_channel *c, unsigned newwin) if (c->closes != 0) return; - if (newwin > c->v.v2.locwindow) { + /* + * Only send a WINDOW_ADJUST if there's significantly more window + * available than the other end thinks there is. This saves us + * sending a WINDOW_ADJUST for every character in a shell session. + * + * "Significant" is arbitrarily defined as half the window size. + */ + if (newwin > c->v.v2.locwindow * 2) { struct Packet *pktout; pktout = ssh2_pkt_init(SSH2_MSG_CHANNEL_WINDOW_ADJUST); @@ -5398,7 +5480,7 @@ static void ssh2_msg_channel_window_adjust(Ssh ssh, struct Packet *pktin) static void ssh2_msg_channel_data(Ssh ssh, struct Packet *pktin) { char *data; - unsigned int length; + int length; unsigned i = ssh_pkt_getuint32(pktin); struct ssh_channel *c; c = find234(ssh->channels, &i, ssh_channelfind); @@ -5565,6 +5647,7 @@ static void ssh2_msg_channel_close(Ssh ssh, struct Packet *pktin) ssh2_pkt_addstring(s->pktout, "en"); /* language tag */ ssh2_pkt_send_noqueue(ssh, s->pktout); #endif + ssh->close_expected = TRUE; ssh_closing((Plug)ssh, NULL, 0, 0); } } @@ -5665,6 +5748,7 @@ static void ssh2_msg_channel_request(Ssh ssh, struct Packet *pktin) ssh2_pkt_addstring(pktout, "en"); /* language tag */ ssh2_pkt_send_noqueue(ssh, pktout); connection_fatal(ssh->frontend, "%s", buf); + ssh->close_expected = TRUE; ssh_closing((Plug)ssh, NULL, 0, 0); return; } @@ -5715,7 +5799,7 @@ static void ssh2_msg_channel_request(Ssh ssh, struct Packet *pktin) if (q >= 0 && q+4 <= len) { \ q = q + 4 + GET_32BIT(p+q); \ if (q >= 0 && q+4 <= len && \ - (q = q + 4 + GET_32BIT(p+q)) && q == len) \ + ((q = q + 4 + GET_32BIT(p+q))!= 0) && q == len) \ result = TRUE; \ } \ } while(0) @@ -5908,7 +5992,7 @@ static void ssh2_msg_channel_open(Ssh ssh, struct Packet *pktin) ssh2_pkt_adduint32(pktout, c->remoteid); ssh2_pkt_adduint32(pktout, c->localid); ssh2_pkt_adduint32(pktout, c->v.v2.locwindow); - ssh2_pkt_adduint32(pktout, 0x4000UL); /* our max pkt size */ + ssh2_pkt_adduint32(pktout, OUR_V2_MAXPKT); /* our max pkt size */ ssh2_pkt_send(ssh, pktout); } } @@ -6018,6 +6102,7 @@ static void do_ssh2_authconn(Ssh ssh, unsigned char *in, int inlen, * Terminate. */ logevent("No username provided. Abandoning session."); + ssh->close_expected = TRUE; ssh_closing((Plug)ssh, NULL, 0, 0); crStopV; } @@ -6579,6 +6664,7 @@ static void do_ssh2_authconn(Ssh ssh, unsigned char *in, int inlen, logevent("Unable to authenticate"); connection_fatal(ssh->frontend, "Unable to authenticate"); + ssh->close_expected = TRUE; ssh_closing((Plug)ssh, NULL, 0, 0); crStopV; } @@ -6681,20 +6767,16 @@ static void do_ssh2_authconn(Ssh ssh, unsigned char *in, int inlen, } } else if (s->method == AUTH_PASSWORD) { /* - * We send the password packet lumped tightly together with - * an SSH_MSG_IGNORE packet. The IGNORE packet contains a - * string long enough to make the total length of the two - * packets constant. This should ensure that a passive - * listener doing traffic analyis can't work out the length - * of the password. + * We pad out the password packet to 256 bytes to make + * it harder for an attacker to find the length of the + * user's password. * - * For this to work, we need an assumption about the - * maximum length of the password packet. I think 256 is - * pretty conservative. Anyone using a password longer than - * that probably doesn't have much to worry about from + * Anyone using a password longer than 256 bytes + * probably doesn't have much to worry about from * people who find out how long their password is! */ s->pktout = ssh2_pkt_init(SSH2_MSG_USERAUTH_REQUEST); + s->pktout->forcepad = 256; ssh2_pkt_addstring(s->pktout, s->username); ssh2_pkt_addstring(s->pktout, "ssh-connection"); /* service requested */ ssh2_pkt_addstring(s->pktout, "password"); @@ -6703,41 +6785,7 @@ static void do_ssh2_authconn(Ssh ssh, unsigned char *in, int inlen, ssh2_pkt_addstring(s->pktout, s->password); memset(s->password, 0, sizeof(s->password)); end_log_omission(ssh, s->pktout); - ssh2_pkt_defer(ssh, s->pktout); - /* - * We'll include a string that's an exact multiple of the - * cipher block size. If the cipher is NULL for some - * reason, we don't do this trick at all because we gain - * nothing by it. - */ - if (ssh->cscipher) { - int stringlen, i; - - stringlen = (256 - ssh->deferred_len); - stringlen += ssh->cscipher->blksize - 1; - stringlen -= (stringlen % ssh->cscipher->blksize); - if (ssh->cscomp) { - /* - * Temporarily disable actual compression, - * so we can guarantee to get this string - * exactly the length we want it. The - * compression-disabling routine should - * return an integer indicating how many - * bytes we should adjust our string length - * by. - */ - stringlen -= - ssh->cscomp->disable_compression(ssh->cs_comp_ctx); - } - s->pktout = ssh2_pkt_init(SSH2_MSG_IGNORE); - ssh2_pkt_addstring_start(s->pktout); - for (i = 0; i < stringlen; i++) { - char c = (char) random_byte(); - ssh2_pkt_addstring_data(s->pktout, &c, 1); - } - ssh2_pkt_defer(ssh, s->pktout); - } - ssh_pkt_defersend(ssh); + ssh2_pkt_send(ssh, s->pktout); logevent("Sent password"); s->type = AUTH_TYPE_PASSWORD; } else if (s->method == AUTH_KEYBOARD_INTERACTIVE) { @@ -6777,6 +6825,7 @@ static void do_ssh2_authconn(Ssh ssh, unsigned char *in, int inlen, " methods available"); ssh2_pkt_addstring(s->pktout, "en"); /* language tag */ ssh2_pkt_send_noqueue(ssh, s->pktout); + ssh->close_expected = TRUE; ssh_closing((Plug)ssh, NULL, 0, 0); crStopV; } @@ -6812,7 +6861,7 @@ static void do_ssh2_authconn(Ssh ssh, unsigned char *in, int inlen, ssh2_pkt_adduint32(s->pktout, ssh->mainchan->localid); ssh->mainchan->v.v2.locwindow = OUR_V2_WINSIZE; ssh2_pkt_adduint32(s->pktout, ssh->mainchan->v.v2.locwindow);/* our window size */ - ssh2_pkt_adduint32(s->pktout, 0x4000UL); /* our max pkt size */ + ssh2_pkt_adduint32(s->pktout, OUR_V2_MAXPKT); /* our max pkt size */ ssh2_pkt_send(ssh, s->pktout); crWaitUntilV(pktin); if (pktin->type != SSH2_MSG_CHANNEL_OPEN_CONFIRMATION) { @@ -7284,14 +7333,14 @@ static void ssh2_timer(void *ctx, long now) if (!ssh->kex_in_progress && ssh->cfg.ssh_rekey_time != 0 && now - ssh->next_rekey >= 0) { - do_ssh2_transport(ssh, "Initiating key re-exchange (timeout)", - -1, NULL); + do_ssh2_transport(ssh, "timeout", -1, NULL); } } -static void ssh2_protocol(Ssh ssh, unsigned char *in, int inlen, +static void ssh2_protocol(Ssh ssh, void *vin, int inlen, struct Packet *pktin) { + unsigned char *in = (unsigned char *)vin; if (ssh->state == SSH_STATE_CLOSED) return; @@ -7300,8 +7349,7 @@ static void ssh2_protocol(Ssh ssh, unsigned char *in, int inlen, if (!ssh->kex_in_progress && ssh->max_data_size != 0 && ssh->incoming_data_size > ssh->max_data_size) - do_ssh2_transport(ssh, "Initiating key re-exchange " - "(too much data received)", -1, NULL); + do_ssh2_transport(ssh, "too much data received", -1, NULL); } if (pktin && ssh->packet_dispatch[pktin->type]) { @@ -7360,6 +7408,7 @@ static const char *ssh_init(void *frontend_handle, void **backend_handle, ssh->kex_ctx = NULL; ssh->hostkey = NULL; ssh->exitcode = -1; + ssh->close_expected = FALSE; ssh->state = SSH_STATE_PREPACKET; ssh->size_needed = FALSE; ssh->eof_needed = FALSE; @@ -7515,7 +7564,7 @@ static void ssh_free(void *handle) ssh->crcda_ctx = NULL; } if (ssh->s) - ssh_do_close(ssh); + ssh_do_close(ssh, TRUE); expire_timer_context(ssh); if (ssh->pinger) pinger_free(ssh->pinger); @@ -7542,7 +7591,7 @@ static void ssh_reconfig(void *handle, Config *cfg) long now = GETTICKCOUNT(); if (new_next - now < 0) { - rekeying = "Initiating key re-exchange (timeout shortened)"; + rekeying = "timeout shortened"; } else { ssh->next_rekey = schedule_timer(new_next - now, ssh2_timer, ssh); } @@ -7554,18 +7603,18 @@ static void ssh_reconfig(void *handle, Config *cfg) ssh->max_data_size != 0) { if (ssh->outgoing_data_size > ssh->max_data_size || ssh->incoming_data_size > ssh->max_data_size) - rekeying = "Initiating key re-exchange (data limit lowered)"; + rekeying = "data limit lowered"; } if (ssh->cfg.compression != cfg->compression) { - rekeying = "Initiating key re-exchange (compression setting changed)"; + rekeying = "compression setting changed"; rekey_mandatory = TRUE; } if (ssh->cfg.ssh2_des_cbc != cfg->ssh2_des_cbc || memcmp(ssh->cfg.ssh_cipherlist, cfg->ssh_cipherlist, sizeof(ssh->cfg.ssh_cipherlist))) { - rekeying = "Initiating key re-exchange (cipher settings changed)"; + rekeying = "cipher settings changed"; rekey_mandatory = TRUE; } @@ -7778,8 +7827,7 @@ static void ssh_special(void *handle, Telnet_Special code) } } else if (code == TS_REKEY) { if (!ssh->kex_in_progress && ssh->version == 2) { - do_ssh2_transport(ssh, "Initiating key re-exchange at" - " user request", -1, NULL); + do_ssh2_transport(ssh, "at user request", -1, NULL); } } else if (code == TS_BRK) { if (ssh->state == SSH_STATE_CLOSED @@ -7887,7 +7935,7 @@ void ssh_send_port_open(void *channel, char *hostname, int port, char *org) ssh2_pkt_adduint32(pktout, c->localid); c->v.v2.locwindow = OUR_V2_WINSIZE; ssh2_pkt_adduint32(pktout, c->v.v2.locwindow);/* our window size */ - ssh2_pkt_adduint32(pktout, 0x4000UL); /* our max pkt size */ + ssh2_pkt_adduint32(pktout, OUR_V2_MAXPKT); /* our max pkt size */ ssh2_pkt_addstring(pktout, hostname); ssh2_pkt_adduint32(pktout, port); /*