X-Git-Url: https://git.distorted.org.uk/u/mdw/putty/blobdiff_plain/7cb41bb2b2998e73cd2d336f1b6fd361b9947620..a8756193fe9c253f9456eea4ac252889c56d195c:/ssh.c diff --git a/ssh.c b/ssh.c index 6312d8a7..bf223bcd 100644 --- a/ssh.c +++ b/ssh.c @@ -360,6 +360,7 @@ static void do_ssh2_authconn(Ssh ssh, unsigned char *in, int inlen, #define SSH1_BUFFER_LIMIT 32768 #define SSH_MAX_BACKLOG 32768 #define OUR_V2_WINSIZE 16384 +#define OUR_V2_MAXPKT 0x4000UL const static struct ssh_signkey *hostkey_algs[] = { &ssh_rsa, &ssh_dss }; @@ -532,6 +533,7 @@ struct ssh_portfwd { struct Packet { long length; + long forcepad; /* Force padding to at least this length */ int type; unsigned long sequence; unsigned char *data; @@ -548,9 +550,9 @@ struct Packet { struct logblank_t *blanks; }; -static void ssh1_protocol(Ssh ssh, unsigned char *in, int inlen, +static void ssh1_protocol(Ssh ssh, void *vin, int inlen, struct Packet *pktin); -static void ssh2_protocol(Ssh ssh, unsigned char *in, int inlen, +static void ssh2_protocol(Ssh ssh, void *vin, int inlen, struct Packet *pktin); static void ssh1_protocol_setup(Ssh ssh); static void ssh2_protocol_setup(Ssh ssh); @@ -561,12 +563,12 @@ static void ssh2_add_channel_data(struct ssh_channel *c, char *buf, int len); static void ssh_throttle_all(Ssh ssh, int enable, int bufsize); static void ssh2_set_window(struct ssh_channel *c, unsigned newwin); static int ssh_sendbuffer(void *handle); -static void ssh_do_close(Ssh ssh); +static int ssh_do_close(Ssh ssh, int notify_exit); static unsigned long ssh_pkt_getuint32(struct Packet *pkt); static int ssh2_pkt_getbool(struct Packet *pkt); static void ssh_pkt_getstring(struct Packet *pkt, char **p, int *length); static void ssh2_timer(void *ctx, long now); -static int do_ssh2_transport(Ssh ssh, unsigned char *in, int inlen, +static int do_ssh2_transport(Ssh ssh, void *vin, int inlen, struct Packet *pktin); struct rdpkt1_state_tag { @@ -642,6 +644,7 @@ struct ssh_tag { tree234 *channels; /* indexed by local id */ struct ssh_channel *mainchan; /* primary session channel */ int exitcode; + int close_expected; tree234 *rportfwds, *portfwds; @@ -686,7 +689,7 @@ struct ssh_tag { int overall_bufsize; int throttled_all; int v1_stdout_throttling; - int v2_outgoing_sequence; + unsigned long v2_outgoing_sequence; int ssh1_rdpkt_crstate; int ssh2_rdpkt_crstate; @@ -708,7 +711,7 @@ struct ssh_tag { /* ssh1 and ssh2 use this for different things, but both use it */ int protocol_initial_phase_done; - void (*protocol) (Ssh ssh, unsigned char *in, int inlen, + void (*protocol) (Ssh ssh, void *vin, int inlen, struct Packet *pkt); struct Packet *(*s_rdpkt) (Ssh ssh, unsigned char **data, int *datalen); @@ -772,7 +775,7 @@ static void logeventf(Ssh ssh, const char *fmt, ...) #define bombout(msg) \ do { \ char *text = dupprintf msg; \ - ssh_do_close(ssh); \ + ssh_do_close(ssh, FALSE); \ logevent(text); \ connection_fatal(ssh->frontend, "%s", text); \ sfree(text); \ @@ -1570,6 +1573,7 @@ static struct Packet *ssh2_pkt_init(int pkt_type) { struct Packet *pkt = ssh_new_packet(); pkt->length = 5; + pkt->forcepad = 0; ssh2_pkt_addbyte(pkt, (unsigned char) pkt_type); return pkt; } @@ -1666,12 +1670,17 @@ static int ssh2_pkt_construct(Ssh ssh, struct Packet *pkt) /* * Add padding. At least four bytes, and must also bring total * length (minus MAC) up to a multiple of the block size. + * If pkt->forcepad is set, make sure the packet is at least that size + * after padding. */ cipherblk = ssh->cscipher ? ssh->cscipher->blksize : 8; /* block size */ cipherblk = cipherblk < 8 ? 8 : cipherblk; /* or 8 if blksize < 8 */ padding = 4; + if (pkt->length + padding < pkt->forcepad) + padding = pkt->forcepad - pkt->length; padding += (cipherblk - (pkt->length + padding) % cipherblk) % cipherblk; + assert(padding <= 255); maclen = ssh->csmac ? ssh->csmac->len : 0; ssh2_pkt_ensure(pkt, pkt->length + padding + maclen); pkt->data[4] = padding; @@ -1789,6 +1798,7 @@ static void ssh2_pkt_send(Ssh ssh, struct Packet *pkt) ssh2_pkt_send_noqueue(ssh, pkt); } +#if 0 /* disused */ /* * Either queue or defer a packet, depending on whether queueing is * set. @@ -1800,6 +1810,7 @@ static void ssh2_pkt_defer(Ssh ssh, struct Packet *pkt) else ssh2_pkt_defer_noqueue(ssh, pkt); } +#endif /* * Send the whole deferred data block constructed by @@ -2139,13 +2150,15 @@ static void ssh_detect_bugs(Ssh ssh, char *vstring) if (ssh->cfg.sshbug_rekey2 == FORCE_ON || (ssh->cfg.sshbug_rekey2 == AUTO && - (wc_match("Sun_SSH_1.0", imp) || + (wc_match("OpenSSH_2.[0-4]*", imp) || + wc_match("OpenSSH_2.5.[0-3]*", imp) || + wc_match("Sun_SSH_1.0", imp) || wc_match("Sun_SSH_1.0.1", imp)))) { /* - * These versions have the SSH2 ignore-rekey bug. + * These versions have the SSH2 rekey bug. */ ssh->remote_bugs |= BUG_SSH2_REKEY; - logevent("We believe remote version has SSH2 ignore-rekey bug"); + logevent("We believe remote version has SSH2 rekey bug"); } } @@ -2366,16 +2379,19 @@ static void ssh_gotdata(Ssh ssh, unsigned char *data, int datalen) crFinishV; } -static void ssh_do_close(Ssh ssh) +static int ssh_do_close(Ssh ssh, int notify_exit) { - int i; + int i, ret = 0; struct ssh_channel *c; ssh->state = SSH_STATE_CLOSED; if (ssh->s) { sk_close(ssh->s); ssh->s = NULL; - notify_remote_exit(ssh->frontend); + if (notify_exit) + notify_remote_exit(ssh->frontend); + else + ret = 1; } /* * Now we must shut down any port and X forwardings going @@ -2397,20 +2413,45 @@ static void ssh_do_close(Ssh ssh) sfree(c); } } + + return ret; +} + +static void ssh_log(Plug plug, int type, SockAddr addr, int port, + const char *error_msg, int error_code) +{ + Ssh ssh = (Ssh) plug; + char addrbuf[256], *msg; + + sk_getaddr(addr, addrbuf, lenof(addrbuf)); + + if (type == 0) + msg = dupprintf("Connecting to %s port %d", addrbuf, port); + else + msg = dupprintf("Failed to connect to %s: %s", addrbuf, error_msg); + + logevent(msg); } static int ssh_closing(Plug plug, const char *error_msg, int error_code, int calling_back) { Ssh ssh = (Ssh) plug; - ssh_do_close(ssh); + int need_notify = ssh_do_close(ssh, FALSE); + + if (!error_msg && !ssh->close_expected) { + error_msg = "Server unexpectedly closed network connection"; + } + if (error_msg) { /* A socket error has occurred. */ logevent(error_msg); connection_fatal(ssh->frontend, "%s", error_msg); } else { - /* Otherwise, the remote side closed the connection normally. */ + logevent("Server closed network connection"); } + if (need_notify) + notify_remote_exit(ssh->frontend); return 0; } @@ -2419,7 +2460,7 @@ static int ssh_receive(Plug plug, int urgent, char *data, int len) Ssh ssh = (Ssh) plug; ssh_gotdata(ssh, (unsigned char *)data, len); if (ssh->state == SSH_STATE_CLOSED) { - ssh_do_close(ssh); + ssh_do_close(ssh, TRUE); return 0; } return 1; @@ -2446,6 +2487,7 @@ static const char *connect_to_host(Ssh ssh, char *host, int port, char **realhost, int nodelay, int keepalive) { static const struct plug_function_table fn_table = { + ssh_log, ssh_closing, ssh_receive, ssh_sent, @@ -2480,11 +2522,6 @@ static const char *connect_to_host(Ssh ssh, char *host, int port, /* * Open socket. */ - { - char addrbuf[100]; - sk_getaddr(addr, addrbuf, 100); - logeventf(ssh, "Connecting to %s port %d", addrbuf, port); - } ssh->fn = &fn_table; ssh->s = new_connection(addr, *realhost, port, 0, 1, nodelay, keepalive, (Plug) ssh, &ssh->cfg); @@ -2920,6 +2957,7 @@ static int do_ssh1_login(Ssh ssh, unsigned char *in, int inlen, * Terminate. */ logevent("No username provided. Abandoning session."); + ssh->close_expected = TRUE; ssh_closing((Plug)ssh, NULL, 0, 0); crStop(1); } @@ -3268,6 +3306,7 @@ static int do_ssh1_login(Ssh ssh, unsigned char *in, int inlen, PKT_END); logevent("Unable to authenticate"); connection_fatal(ssh->frontend, "Unable to authenticate"); + ssh->close_expected = TRUE; ssh_closing((Plug)ssh, NULL, 0, 0); crStop(1); } @@ -4240,7 +4279,7 @@ static void ssh1_msg_channel_data(Ssh ssh, struct Packet *pktin) /* Data sent down one of our channels. */ int i = ssh_pkt_getuint32(pktin); char *p; - unsigned int len; + int len; struct ssh_channel *c; ssh_pkt_getstring(pktin, &p, &len); @@ -4320,6 +4359,7 @@ static void ssh1_smsg_exit_status(Ssh ssh, struct Packet *pktin) * encrypted packet, we close the session once * we've sent EXIT_CONFIRMATION. */ + ssh->close_expected = TRUE; ssh_closing((Plug)ssh, NULL, 0, 0); } @@ -4559,9 +4599,10 @@ static void ssh1_protocol_setup(Ssh ssh) ssh->packet_dispatch[SSH1_MSG_DEBUG] = ssh1_msg_debug; } -static void ssh1_protocol(Ssh ssh, unsigned char *in, int inlen, +static void ssh1_protocol(Ssh ssh, void *vin, int inlen, struct Packet *pktin) { + unsigned char *in=(unsigned char*)vin; if (ssh->state == SSH_STATE_CLOSED) return; @@ -4639,9 +4680,10 @@ static void ssh2_mkkey(Ssh ssh, Bignum K, unsigned char *H, /* * Handle the SSH2 transport layer. */ -static int do_ssh2_transport(Ssh ssh, unsigned char *in, int inlen, +static int do_ssh2_transport(Ssh ssh, void *vin, int inlen, struct Packet *pktin) { + unsigned char *in = (unsigned char *)vin; struct do_ssh2_transport_state { int nbits, pbits, warn; Bignum p, g, e, f, K; @@ -5343,7 +5385,6 @@ static int do_ssh2_transport(Ssh ssh, unsigned char *in, int inlen, goto wait_for_rekey; /* this is utterly horrid */ } else { logeventf(ssh, "Initiating key re-exchange (%s)", (char *)in); - logevent((char *)in); } } goto begin_key_exchange; @@ -5409,7 +5450,14 @@ static void ssh2_set_window(struct ssh_channel *c, unsigned newwin) if (c->closes != 0) return; - if (newwin > c->v.v2.locwindow) { + /* + * Only send a WINDOW_ADJUST if there's significantly more window + * available than the other end thinks there is. This saves us + * sending a WINDOW_ADJUST for every character in a shell session. + * + * "Significant" is arbitrarily defined as half the window size. + */ + if (newwin > c->v.v2.locwindow * 2) { struct Packet *pktout; pktout = ssh2_pkt_init(SSH2_MSG_CHANNEL_WINDOW_ADJUST); @@ -5432,7 +5480,7 @@ static void ssh2_msg_channel_window_adjust(Ssh ssh, struct Packet *pktin) static void ssh2_msg_channel_data(Ssh ssh, struct Packet *pktin) { char *data; - unsigned int length; + int length; unsigned i = ssh_pkt_getuint32(pktin); struct ssh_channel *c; c = find234(ssh->channels, &i, ssh_channelfind); @@ -5599,6 +5647,7 @@ static void ssh2_msg_channel_close(Ssh ssh, struct Packet *pktin) ssh2_pkt_addstring(s->pktout, "en"); /* language tag */ ssh2_pkt_send_noqueue(ssh, s->pktout); #endif + ssh->close_expected = TRUE; ssh_closing((Plug)ssh, NULL, 0, 0); } } @@ -5699,6 +5748,7 @@ static void ssh2_msg_channel_request(Ssh ssh, struct Packet *pktin) ssh2_pkt_addstring(pktout, "en"); /* language tag */ ssh2_pkt_send_noqueue(ssh, pktout); connection_fatal(ssh->frontend, "%s", buf); + ssh->close_expected = TRUE; ssh_closing((Plug)ssh, NULL, 0, 0); return; } @@ -5749,7 +5799,7 @@ static void ssh2_msg_channel_request(Ssh ssh, struct Packet *pktin) if (q >= 0 && q+4 <= len) { \ q = q + 4 + GET_32BIT(p+q); \ if (q >= 0 && q+4 <= len && \ - (q = q + 4 + GET_32BIT(p+q)) && q == len) \ + ((q = q + 4 + GET_32BIT(p+q))!= 0) && q == len) \ result = TRUE; \ } \ } while(0) @@ -5942,7 +5992,7 @@ static void ssh2_msg_channel_open(Ssh ssh, struct Packet *pktin) ssh2_pkt_adduint32(pktout, c->remoteid); ssh2_pkt_adduint32(pktout, c->localid); ssh2_pkt_adduint32(pktout, c->v.v2.locwindow); - ssh2_pkt_adduint32(pktout, 0x4000UL); /* our max pkt size */ + ssh2_pkt_adduint32(pktout, OUR_V2_MAXPKT); /* our max pkt size */ ssh2_pkt_send(ssh, pktout); } } @@ -6052,6 +6102,7 @@ static void do_ssh2_authconn(Ssh ssh, unsigned char *in, int inlen, * Terminate. */ logevent("No username provided. Abandoning session."); + ssh->close_expected = TRUE; ssh_closing((Plug)ssh, NULL, 0, 0); crStopV; } @@ -6613,6 +6664,7 @@ static void do_ssh2_authconn(Ssh ssh, unsigned char *in, int inlen, logevent("Unable to authenticate"); connection_fatal(ssh->frontend, "Unable to authenticate"); + ssh->close_expected = TRUE; ssh_closing((Plug)ssh, NULL, 0, 0); crStopV; } @@ -6715,20 +6767,16 @@ static void do_ssh2_authconn(Ssh ssh, unsigned char *in, int inlen, } } else if (s->method == AUTH_PASSWORD) { /* - * We send the password packet lumped tightly together with - * an SSH_MSG_IGNORE packet. The IGNORE packet contains a - * string long enough to make the total length of the two - * packets constant. This should ensure that a passive - * listener doing traffic analyis can't work out the length - * of the password. + * We pad out the password packet to 256 bytes to make + * it harder for an attacker to find the length of the + * user's password. * - * For this to work, we need an assumption about the - * maximum length of the password packet. I think 256 is - * pretty conservative. Anyone using a password longer than - * that probably doesn't have much to worry about from + * Anyone using a password longer than 256 bytes + * probably doesn't have much to worry about from * people who find out how long their password is! */ s->pktout = ssh2_pkt_init(SSH2_MSG_USERAUTH_REQUEST); + s->pktout->forcepad = 256; ssh2_pkt_addstring(s->pktout, s->username); ssh2_pkt_addstring(s->pktout, "ssh-connection"); /* service requested */ ssh2_pkt_addstring(s->pktout, "password"); @@ -6737,41 +6785,7 @@ static void do_ssh2_authconn(Ssh ssh, unsigned char *in, int inlen, ssh2_pkt_addstring(s->pktout, s->password); memset(s->password, 0, sizeof(s->password)); end_log_omission(ssh, s->pktout); - ssh2_pkt_defer(ssh, s->pktout); - /* - * We'll include a string that's an exact multiple of the - * cipher block size. If the cipher is NULL for some - * reason, we don't do this trick at all because we gain - * nothing by it. - */ - if (ssh->cscipher) { - int stringlen, i; - - stringlen = (256 - ssh->deferred_len); - stringlen += ssh->cscipher->blksize - 1; - stringlen -= (stringlen % ssh->cscipher->blksize); - if (ssh->cscomp) { - /* - * Temporarily disable actual compression, - * so we can guarantee to get this string - * exactly the length we want it. The - * compression-disabling routine should - * return an integer indicating how many - * bytes we should adjust our string length - * by. - */ - stringlen -= - ssh->cscomp->disable_compression(ssh->cs_comp_ctx); - } - s->pktout = ssh2_pkt_init(SSH2_MSG_IGNORE); - ssh2_pkt_addstring_start(s->pktout); - for (i = 0; i < stringlen; i++) { - char c = (char) random_byte(); - ssh2_pkt_addstring_data(s->pktout, &c, 1); - } - ssh2_pkt_defer(ssh, s->pktout); - } - ssh_pkt_defersend(ssh); + ssh2_pkt_send(ssh, s->pktout); logevent("Sent password"); s->type = AUTH_TYPE_PASSWORD; } else if (s->method == AUTH_KEYBOARD_INTERACTIVE) { @@ -6811,6 +6825,7 @@ static void do_ssh2_authconn(Ssh ssh, unsigned char *in, int inlen, " methods available"); ssh2_pkt_addstring(s->pktout, "en"); /* language tag */ ssh2_pkt_send_noqueue(ssh, s->pktout); + ssh->close_expected = TRUE; ssh_closing((Plug)ssh, NULL, 0, 0); crStopV; } @@ -6846,7 +6861,7 @@ static void do_ssh2_authconn(Ssh ssh, unsigned char *in, int inlen, ssh2_pkt_adduint32(s->pktout, ssh->mainchan->localid); ssh->mainchan->v.v2.locwindow = OUR_V2_WINSIZE; ssh2_pkt_adduint32(s->pktout, ssh->mainchan->v.v2.locwindow);/* our window size */ - ssh2_pkt_adduint32(s->pktout, 0x4000UL); /* our max pkt size */ + ssh2_pkt_adduint32(s->pktout, OUR_V2_MAXPKT); /* our max pkt size */ ssh2_pkt_send(ssh, s->pktout); crWaitUntilV(pktin); if (pktin->type != SSH2_MSG_CHANNEL_OPEN_CONFIRMATION) { @@ -7322,9 +7337,10 @@ static void ssh2_timer(void *ctx, long now) } } -static void ssh2_protocol(Ssh ssh, unsigned char *in, int inlen, +static void ssh2_protocol(Ssh ssh, void *vin, int inlen, struct Packet *pktin) { + unsigned char *in = (unsigned char *)vin; if (ssh->state == SSH_STATE_CLOSED) return; @@ -7392,6 +7408,7 @@ static const char *ssh_init(void *frontend_handle, void **backend_handle, ssh->kex_ctx = NULL; ssh->hostkey = NULL; ssh->exitcode = -1; + ssh->close_expected = FALSE; ssh->state = SSH_STATE_PREPACKET; ssh->size_needed = FALSE; ssh->eof_needed = FALSE; @@ -7547,7 +7564,7 @@ static void ssh_free(void *handle) ssh->crcda_ctx = NULL; } if (ssh->s) - ssh_do_close(ssh); + ssh_do_close(ssh, TRUE); expire_timer_context(ssh); if (ssh->pinger) pinger_free(ssh->pinger); @@ -7918,7 +7935,7 @@ void ssh_send_port_open(void *channel, char *hostname, int port, char *org) ssh2_pkt_adduint32(pktout, c->localid); c->v.v2.locwindow = OUR_V2_WINSIZE; ssh2_pkt_adduint32(pktout, c->v.v2.locwindow);/* our window size */ - ssh2_pkt_adduint32(pktout, 0x4000UL); /* our max pkt size */ + ssh2_pkt_adduint32(pktout, OUR_V2_MAXPKT); /* our max pkt size */ ssh2_pkt_addstring(pktout, hostname); ssh2_pkt_adduint32(pktout, port); /*