X-Git-Url: https://git.distorted.org.uk/u/mdw/putty/blobdiff_plain/9a30e26b7801d63e4ccfe8d36169299c09b89dff..a460b361fe6734325bead016ef2dd39e4da302f4:/ssh.c diff --git a/ssh.c b/ssh.c index 9ffb47e9..25dee28f 100644 --- a/ssh.c +++ b/ssh.c @@ -163,6 +163,7 @@ static const char *const ssh2_disconnect_reasons[] = { #define BUG_SSH2_RSA_PADDING 16 #define BUG_SSH2_DERIVEKEY 32 #define BUG_SSH2_DH_GEX 64 +#define BUG_SSH2_PK_SESSIONID 128 #define translate(x) if (type == x) return #x #define translatec(x,ctx) if (type == x && (pkt_ctx & ctx)) return #x @@ -268,11 +269,30 @@ static char *ssh2_pkt_type(int pkt_ctx, int type) enum { PKT_END, PKT_INT, PKT_CHAR, PKT_DATA, PKT_STR, PKT_BIGNUM }; -/* Coroutine mechanics for the sillier bits of the code */ +/* + * Coroutine mechanics for the sillier bits of the code. If these + * macros look impenetrable to you, you might find it helpful to + * read + * + * http://www.chiark.greenend.org.uk/~sgtatham/coroutines.html + * + * which explains the theory behind these macros. + * + * In particular, if you are getting `case expression not constant' + * errors when building with MS Visual Studio, this is because MS's + * Edit and Continue debugging feature causes their compiler to + * violate ANSI C. To disable Edit and Continue debugging: + * + * - right-click ssh.c in the FileView + * - click Settings + * - select the C/C++ tab and the General category + * - under `Debug info:', select anything _other_ than `Program + * Database for Edit and Continue'. + */ #define crBegin(v) { int *crLine = &v; switch(v) { case 0:; #define crState(t) \ struct t *s; \ - if (!ssh->t) ssh->t = smalloc(sizeof(struct t)); \ + if (!ssh->t) ssh->t = snew(struct t); \ s = ssh->t; #define crFinish(z) } *crLine = 0; return (z); } #define crFinishV } *crLine = 0; return; } @@ -734,7 +754,7 @@ static int alloc_channel_id(Ssh ssh) return low + 1 + CHANNEL_NUMBER_OFFSET; } -static void c_write(Ssh ssh, char *buf, int len) +static void c_write(Ssh ssh, const char *buf, int len) { if ((flags & FLAG_STDERR)) { int i; @@ -746,7 +766,7 @@ static void c_write(Ssh ssh, char *buf, int len) from_backend(ssh->frontend, 1, buf, len); } -static void c_write_untrusted(Ssh ssh, char *buf, int len) +static void c_write_untrusted(Ssh ssh, const char *buf, int len) { int i; for (i = 0; i < len; i++) { @@ -757,7 +777,7 @@ static void c_write_untrusted(Ssh ssh, char *buf, int len) } } -static void c_write_str(Ssh ssh, char *buf) +static void c_write_str(Ssh ssh, const char *buf) { c_write(ssh, buf, strlen(buf)); } @@ -794,7 +814,8 @@ static int ssh1_rdpkt(Ssh ssh, unsigned char **data, int *datalen) if (ssh->pktin.maxlen < st->biglen) { ssh->pktin.maxlen = st->biglen; - ssh->pktin.data = srealloc(ssh->pktin.data, st->biglen + APIEXTRA); + ssh->pktin.data = sresize(ssh->pktin.data, st->biglen + APIEXTRA, + unsigned char); } st->to_read = st->biglen; @@ -839,8 +860,9 @@ static int ssh1_rdpkt(Ssh ssh, unsigned char **data, int *datalen) if (ssh->pktin.maxlen < st->pad + decomplen) { ssh->pktin.maxlen = st->pad + decomplen; - ssh->pktin.data = srealloc(ssh->pktin.data, - ssh->pktin.maxlen + APIEXTRA); + ssh->pktin.data = sresize(ssh->pktin.data, + ssh->pktin.maxlen + APIEXTRA, + unsigned char); ssh->pktin.body = ssh->pktin.data + st->pad + 1; } @@ -922,7 +944,8 @@ static int ssh2_rdpkt(Ssh ssh, unsigned char **data, int *datalen) if (ssh->pktin.maxlen < st->cipherblk) { ssh->pktin.maxlen = st->cipherblk; - ssh->pktin.data = srealloc(ssh->pktin.data, st->cipherblk + APIEXTRA); + ssh->pktin.data = sresize(ssh->pktin.data, st->cipherblk + APIEXTRA, + unsigned char); } /* @@ -973,8 +996,9 @@ static int ssh2_rdpkt(Ssh ssh, unsigned char **data, int *datalen) */ if (ssh->pktin.maxlen < st->packetlen + st->maclen) { ssh->pktin.maxlen = st->packetlen + st->maclen; - ssh->pktin.data = srealloc(ssh->pktin.data, - ssh->pktin.maxlen + APIEXTRA); + ssh->pktin.data = sresize(ssh->pktin.data, + ssh->pktin.maxlen + APIEXTRA, + unsigned char); } /* @@ -1016,8 +1040,9 @@ static int ssh2_rdpkt(Ssh ssh, unsigned char **data, int *datalen) &newpayload, &newlen)) { if (ssh->pktin.maxlen < newlen + 5) { ssh->pktin.maxlen = newlen + 5; - ssh->pktin.data = srealloc(ssh->pktin.data, - ssh->pktin.maxlen + APIEXTRA); + ssh->pktin.data = sresize(ssh->pktin.data, + ssh->pktin.maxlen + APIEXTRA, + unsigned char); } ssh->pktin.length = 5 + newlen; memcpy(ssh->pktin.data + 5, newpayload, newlen); @@ -1150,9 +1175,11 @@ static void ssh1_pktout_size(Ssh ssh, int len) #ifdef MSCRYPTOAPI /* Allocate enough buffer space for extra block * for MS CryptEncrypt() */ - ssh->pktout.data = srealloc(ssh->pktout.data, biglen + 12); + ssh->pktout.data = sresize(ssh->pktout.data, biglen + 12, + unsigned char); #else - ssh->pktout.data = srealloc(ssh->pktout.data, biglen + 4); + ssh->pktout.data = sresize(ssh->pktout.data, biglen + 4, + unsigned char); #endif } ssh->pktout.body = ssh->pktout.data + 4 + pad + 1; @@ -1166,8 +1193,18 @@ static void s_wrpkt_start(Ssh ssh, int type, int len) static int s_wrpkt_prepare(Ssh ssh) { - int pad, len, biglen, i; + int pad, biglen, i; unsigned long crc; +#ifdef __SC__ + /* + * XXX various versions of SC (including 8.8.4) screw up the + * register allocation in this function and use the same register + * (D6) for len and as a temporary, with predictable results. The + * following sledgehammer prevents this. + */ + volatile +#endif + int len; ssh->pktout.body[-1] = ssh->pktout.type; @@ -1218,8 +1255,9 @@ static void s_wrpkt_defer(Ssh ssh) len = s_wrpkt_prepare(ssh); if (ssh->deferred_len + len > ssh->deferred_size) { ssh->deferred_size = ssh->deferred_len + len + 128; - ssh->deferred_send_data = srealloc(ssh->deferred_send_data, - ssh->deferred_size); + ssh->deferred_send_data = sresize(ssh->deferred_send_data, + ssh->deferred_size, + unsigned char); } memcpy(ssh->deferred_send_data + ssh->deferred_len, ssh->pktout.data, len); ssh->deferred_len += len; @@ -1366,8 +1404,9 @@ static void ssh2_pkt_ensure(Ssh ssh, int length) { if (ssh->pktout.maxlen < length) { ssh->pktout.maxlen = length + 256; - ssh->pktout.data = srealloc(ssh->pktout.data, - ssh->pktout.maxlen + APIEXTRA); + ssh->pktout.data = sresize(ssh->pktout.data, + ssh->pktout.maxlen + APIEXTRA, + unsigned char); if (!ssh->pktout.data) fatalbox("Out of memory"); } @@ -1423,7 +1462,7 @@ static unsigned char *ssh2_mpint_fmt(Bignum b, int *len) { unsigned char *p; int i, n = (bignum_bitcount(b) + 7) / 8; - p = smalloc(n + 1); + p = snewn(n + 1, unsigned char); if (!p) fatalbox("out of memory"); p[0] = 0; @@ -1534,8 +1573,9 @@ static void ssh2_pkt_defer(Ssh ssh) int len = ssh2_pkt_construct(ssh); if (ssh->deferred_len + len > ssh->deferred_size) { ssh->deferred_size = ssh->deferred_len + len + 128; - ssh->deferred_send_data = srealloc(ssh->deferred_send_data, - ssh->deferred_size); + ssh->deferred_send_data = sresize(ssh->deferred_send_data, + ssh->deferred_size, + unsigned char); } memcpy(ssh->deferred_send_data + ssh->deferred_len, ssh->pktout.data, len); ssh->deferred_len += len; @@ -1771,7 +1811,7 @@ static void ssh_detect_bugs(Ssh ssh, char *vstring) if (ssh->cfg.sshbug_derivekey2 == FORCE_ON || (ssh->cfg.sshbug_derivekey2 == AUTO && - (wc_match("2.0.0*", imp) || wc_match("2.0.1[01]*", imp) ))) { + (wc_match("2.0.0*", imp) || wc_match("2.0.10*", imp) ))) { /* * These versions have the key-derivation bug (failing to * include the literal shared secret in the hashes that @@ -1792,6 +1832,17 @@ static void ssh_detect_bugs(Ssh ssh, char *vstring) logevent("We believe remote version has SSH2 RSA padding bug"); } + if (ssh->cfg.sshbug_pksessid2 == FORCE_ON || + (ssh->cfg.sshbug_pksessid2 == AUTO && + wc_match("OpenSSH_2.[0-2]*", imp))) { + /* + * These versions have the SSH2 session-ID bug in + * public-key authentication. + */ + ssh->remote_bugs |= BUG_SSH2_PK_SESSIONID; + logevent("We believe remote version has SSH2 public-key-session-ID bug"); + } + if (ssh->cfg.sshbug_dhgex2 == FORCE_ON) { /* * User specified the SSH2 DH GEX bug. @@ -1835,7 +1886,7 @@ static int do_ssh_init(Ssh ssh, unsigned char c) } s->vstrsize = 16; - s->vstring = smalloc(s->vstrsize); + s->vstring = snewn(s->vstrsize, char); strcpy(s->vstring, "SSH-"); s->vslen = 4; s->i = 0; @@ -1843,7 +1894,7 @@ static int do_ssh_init(Ssh ssh, unsigned char c) crReturn(1); /* get another char */ if (s->vslen >= s->vstrsize - 1) { s->vstrsize += 16; - s->vstring = srealloc(s->vstring, s->vstrsize); + s->vstring = sresize(s->vstring, s->vstrsize, char); } s->vstring[s->vslen++] = c; if (s->i >= 0) { @@ -1863,7 +1914,7 @@ static int do_ssh_init(Ssh ssh, unsigned char c) s->vstring[strcspn(s->vstring, "\r\n")] = '\0';/* remove EOL chars */ { char *vlog; - vlog = smalloc(20 + s->vslen); + vlog = snewn(20 + s->vslen, char); sprintf(vlog, "Server version: %s", s->vstring); logevent(vlog); sfree(vlog); @@ -2042,7 +2093,7 @@ static char *connect_to_host(Ssh ssh, char *host, int port, SockAddr addr; char *err; - ssh->savedhost = smalloc(1 + strlen(host)); + ssh->savedhost = snewn(1 + strlen(host), char); if (!ssh->savedhost) fatalbox("Out of memory"); strcpy(ssh->savedhost, host); @@ -2181,7 +2232,13 @@ static int process_userpass_input(Ssh ssh, unsigned char *in, int inlen) return -1; break; default: - if (((c >= ' ' && c <= '~') || + /* + * This simplistic check for printability is disabled + * when we're doing password input, because some people + * have control characters in their passwords.o + */ + if ((!ssh->userpass_input_echo || + (c >= ' ' && c <= '~') || ((unsigned char) c >= 160)) && ssh->userpass_input_bufpos < ssh->userpass_input_buflen-1) { ssh->userpass_input_buffer[ssh->userpass_input_bufpos++] = c; @@ -2279,7 +2336,7 @@ static int do_ssh1_login(Ssh ssh, unsigned char *in, int inlen, int ispkt) s->len = (hostkey.bytes > servkey.bytes ? hostkey.bytes : servkey.bytes); - s->rsabuf = smalloc(s->len); + s->rsabuf = snewn(s->len, unsigned char); if (!s->rsabuf) fatalbox("Out of memory"); @@ -2292,7 +2349,7 @@ static int do_ssh1_login(Ssh ssh, unsigned char *in, int inlen, int ispkt) */ int len = rsastr_len(&hostkey); char fingerprint[100]; - char *keystr = smalloc(len); + char *keystr = snewn(len, char); if (!keystr) fatalbox("Out of memory"); rsastr_fmt(keystr, &hostkey); @@ -2530,7 +2587,7 @@ static int do_ssh1_login(Ssh ssh, unsigned char *in, int inlen, int ispkt) len += ssh1_bignum_length(s->challenge); len += 16; /* session id */ len += 4; /* response format */ - agentreq = smalloc(4 + len); + agentreq = snewn(4 + len, char); PUT_32BIT(agentreq, len); q = agentreq + 4; *q++ = SSH1_AGENTC_RSA_CHALLENGE; @@ -2651,7 +2708,8 @@ static int do_ssh1_login(Ssh ssh, unsigned char *in, int inlen, int ispkt) char msgbuf[256]; if (flags & FLAG_VERBOSE) c_write_str(ssh, "Trying public key authentication.\r\n"); - logeventf(ssh, "Trying public key \"%s\"", ssh->cfg.keyfile); + logeventf(ssh, "Trying public key \"%s\"", + filename_to_str(&ssh->cfg.keyfile)); type = key_type(&ssh->cfg.keyfile); if (type != SSH_KEYTYPE_SSH1) { sprintf(msgbuf, "Key is of wrong type (%s)", @@ -2721,7 +2779,7 @@ static int do_ssh1_login(Ssh ssh, unsigned char *in, int inlen, int ispkt) int ret = loadrsakey(&ssh->cfg.keyfile, &s->key, s->password); if (ret == 0) { c_write_str(ssh, "Couldn't load private key from "); - c_write_str(ssh, filename_to_str(ssh->cfg.keyfile)); + c_write_str(ssh, filename_to_str(&ssh->cfg.keyfile)); c_write_str(ssh, ".\r\n"); continue; /* go and try password */ } @@ -2844,7 +2902,7 @@ static int do_ssh1_login(Ssh ssh, unsigned char *in, int inlen, int ispkt) assert(pwlen >= bottom && pwlen <= top); - randomstr = smalloc(top + 1); + randomstr = snewn(top + 1, char); for (i = bottom; i <= top; i++) { if (i == pwlen) @@ -3134,7 +3192,7 @@ static void ssh1_protocol(Ssh ssh, unsigned char *in, int inlen, int ispkt) dserv, "(", dport, dserv, ")"); } else { struct ssh_rportfwd *pf; - pf = smalloc(sizeof(*pf)); + pf = snew(struct ssh_rportfwd); strcpy(pf->dhost, host); pf->dport = dport; if (saddr) { @@ -3282,7 +3340,7 @@ static void ssh1_protocol(Ssh ssh, unsigned char *in, int inlen, int ispkt) PKT_INT, GET_32BIT(ssh->pktin.body), PKT_END); logevent("Rejected X11 connect request"); } else { - c = smalloc(sizeof(struct ssh_channel)); + c = snew(struct ssh_channel); c->ssh = ssh; if (x11_init(&c->u.x11.s, ssh->cfg.x11_display, c, @@ -3317,7 +3375,7 @@ static void ssh1_protocol(Ssh ssh, unsigned char *in, int inlen, int ispkt) send_packet(ssh, SSH1_MSG_CHANNEL_OPEN_FAILURE, PKT_INT, GET_32BIT(ssh->pktin.body), PKT_END); } else { - c = smalloc(sizeof(struct ssh_channel)); + c = snew(struct ssh_channel); c->ssh = ssh; c->remoteid = GET_32BIT(ssh->pktin.body); c->localid = alloc_channel_id(ssh); @@ -3338,7 +3396,7 @@ static void ssh1_protocol(Ssh ssh, unsigned char *in, int inlen, int ispkt) int hostsize, port; char host[256], buf[1024]; char *p, *h, *e; - c = smalloc(sizeof(struct ssh_channel)); + c = snew(struct ssh_channel); c->ssh = ssh; hostsize = GET_32BIT(ssh->pktin.body+4); @@ -3494,7 +3552,8 @@ static void ssh1_protocol(Ssh ssh, unsigned char *in, int inlen, int ispkt) if (c->u.a.lensofar == 4) { c->u.a.totallen = 4 + GET_32BIT(c->u.a.msglen); - c->u.a.message = smalloc(c->u.a.totallen); + c->u.a.message = snewn(c->u.a.totallen, + unsigned char); memcpy(c->u.a.message, c->u.a.msglen, 4); } if (c->u.a.lensofar >= 4 && len > 0) { @@ -4390,7 +4449,8 @@ static void do_ssh2_authconn(Ssh ssh, unsigned char *in, int inlen, int ispkt) /* Load the pub half of ssh->cfg.keyfile so we notice if it's in Pageant */ if (!filename_is_null(ssh->cfg.keyfile)) { int keytype; - logeventf(ssh, "Reading private key file \"%.150s\"", ssh->cfg.keyfile); + logeventf(ssh, "Reading private key file \"%.150s\"", + filename_to_str(&ssh->cfg.keyfile)); keytype = key_type(&ssh->cfg.keyfile); if (keytype == SSH_KEYTYPE_SSH2) { s->publickey_blob = @@ -4401,7 +4461,8 @@ static void do_ssh2_authconn(Ssh ssh, unsigned char *in, int inlen, int ispkt) logeventf(ssh, "Unable to use this key file (%s)", key_type_to_str(keytype)); msgbuf = dupprintf("Unable to use key file \"%.150s\"" - " (%s)\r\n", ssh->cfg.keyfile, + " (%s)\r\n", + filename_to_str(&ssh->cfg.keyfile), key_type_to_str(keytype)); c_write_str(ssh, msgbuf); sfree(msgbuf); @@ -4626,11 +4687,13 @@ static void do_ssh2_authconn(Ssh ssh, unsigned char *in, int inlen, int ispkt) ssh2_pkt_addstring_data(ssh, s->pkblob, s->pklen); s->siglen = ssh->pktout.length - 5 + 4 + 20; + if (ssh->remote_bugs & BUG_SSH2_PK_SESSIONID) + s->siglen -= 4; s->len = 1; /* message type */ s->len += 4 + s->pklen; /* key blob */ s->len += 4 + s->siglen; /* data to sign */ s->len += 4; /* flags */ - s->agentreq = smalloc(4 + s->len); + s->agentreq = snewn(4 + s->len, char); PUT_32BIT(s->agentreq, s->len); s->q = s->agentreq + 4; *s->q++ = SSH2_AGENTC_SIGN_REQUEST; @@ -4641,8 +4704,10 @@ static void do_ssh2_authconn(Ssh ssh, unsigned char *in, int inlen, int ispkt) PUT_32BIT(s->q, s->siglen); s->q += 4; /* Now the data to be signed... */ - PUT_32BIT(s->q, 20); - s->q += 4; + if (!(ssh->remote_bugs & BUG_SSH2_PK_SESSIONID)) { + PUT_32BIT(s->q, 20); + s->q += 4; + } memcpy(s->q, ssh->v2_session_id, 20); s->q += 20; memcpy(s->q, ssh->pktout.data + 5, @@ -4891,6 +4956,7 @@ static void do_ssh2_authconn(Ssh ssh, unsigned char *in, int inlen, int ispkt) } else { unsigned char *pkblob, *sigblob, *sigdata; int pkblob_len, sigblob_len, sigdata_len; + int p; /* * We have loaded the private key and the server @@ -4916,11 +4982,19 @@ static void do_ssh2_authconn(Ssh ssh, unsigned char *in, int inlen, int ispkt) * outgoing packet. */ sigdata_len = ssh->pktout.length - 5 + 4 + 20; - sigdata = smalloc(sigdata_len); - PUT_32BIT(sigdata, 20); - memcpy(sigdata + 4, ssh->v2_session_id, 20); - memcpy(sigdata + 24, ssh->pktout.data + 5, + if (ssh->remote_bugs & BUG_SSH2_PK_SESSIONID) + sigdata_len -= 4; + sigdata = snewn(sigdata_len, char); + p = 0; + if (!(ssh->remote_bugs & BUG_SSH2_PK_SESSIONID)) { + PUT_32BIT(sigdata+p, 20); + p += 4; + } + memcpy(sigdata+p, ssh->v2_session_id, 20); p += 20; + memcpy(sigdata+p, ssh->pktout.data + 5, ssh->pktout.length - 5); + p += ssh->pktout.length - 5; + assert(p == sigdata_len); sigblob = key->alg->sign(key->data, (char *)sigdata, sigdata_len, &sigblob_len); ssh2_add_sigblob(ssh, pkblob, pkblob_len, @@ -5042,7 +5116,7 @@ static void do_ssh2_authconn(Ssh ssh, unsigned char *in, int inlen, int ispkt) * So now create a channel with a session in it. */ ssh->channels = newtree234(ssh_channelcmp); - ssh->mainchan = smalloc(sizeof(struct ssh_channel)); + ssh->mainchan = snew(struct ssh_channel); ssh->mainchan->ssh = ssh; ssh->mainchan->localid = alloc_channel_id(ssh); ssh2_pkt_init(ssh, SSH2_MSG_CHANNEL_OPEN); @@ -5199,7 +5273,7 @@ static void do_ssh2_authconn(Ssh ssh, unsigned char *in, int inlen, int ispkt) dserv, "(", dport, dserv, ")"); } else { struct ssh_rportfwd *pf; - pf = smalloc(sizeof(*pf)); + pf = snew(struct ssh_rportfwd); strcpy(pf->dhost, host); pf->dport = dport; pf->sport = sport; @@ -5467,7 +5541,8 @@ static void do_ssh2_authconn(Ssh ssh, unsigned char *in, int inlen, int ispkt) if (c->u.a.lensofar == 4) { c->u.a.totallen = 4 + GET_32BIT(c->u.a.msglen); - c->u.a.message = smalloc(c->u.a.totallen); + c->u.a.message = snewn(c->u.a.totallen, + unsigned char); memcpy(c->u.a.message, c->u.a.msglen, 4); } if (c->u.a.lensofar >= 4 && length > 0) { @@ -5731,7 +5806,7 @@ static void do_ssh2_authconn(Ssh ssh, unsigned char *in, int inlen, int ispkt) struct ssh_channel *c; unsigned remid, winsize, pktsize; ssh2_pkt_getstring(ssh, &type, &typelen); - c = smalloc(sizeof(struct ssh_channel)); + c = snew(struct ssh_channel); c->ssh = ssh; remid = ssh2_pkt_getuint32(ssh); @@ -5741,7 +5816,7 @@ static void do_ssh2_authconn(Ssh ssh, unsigned char *in, int inlen, int ispkt) port = ssh2_pkt_getuint32(ssh); if (typelen == 3 && !memcmp(type, "x11", 3)) { - char *addrstr = smalloc(peeraddrlen+1); + char *addrstr = snewn(peeraddrlen+1, char); memcpy(addrstr, peeraddr, peeraddrlen); peeraddr[peeraddrlen] = '\0'; @@ -5884,7 +5959,7 @@ static char *ssh_init(void *frontend_handle, void **backend_handle, char *p; Ssh ssh; - ssh = smalloc(sizeof(*ssh)); + ssh = snew(struct ssh_tag); ssh->cfg = *cfg; /* STRUCTURE COPY */ ssh->s = NULL; ssh->cipher = NULL; @@ -6178,7 +6253,7 @@ void *new_sock_channel(void *handle, Socket s) { Ssh ssh = (Ssh) handle; struct ssh_channel *c; - c = smalloc(sizeof(struct ssh_channel)); + c = snew(struct ssh_channel); c->ssh = ssh; if (c) {