static char *savedhost;
static int savedport;
static int ssh_send_ok;
+static int ssh_echoing, ssh_editing;
static tree234 *ssh_channels; /* indexed by local id */
static struct ssh_channel *mainchan; /* primary session channel */
}
static int ssh_receive(Socket skt, int urgent, char *data, int len) {
+ if (urgent==3) {
+ /* A socket error has occurred. */
+ ssh_state = SSH_STATE_CLOSED;
+ s = NULL;
+ connection_fatal(data);
+ len = 0;
+ }
if (!len) {
/* Connection has closed. */
ssh_state = SSH_STATE_CLOSED;
crReturnV;
} else if (pktin.type == SSH1_SMSG_FAILURE) {
c_write("Server refused to allocate pty\r\n", 32);
+ ssh_editing = ssh_echoing = 1;
}
logevent("Allocated pty");
+ } else {
+ ssh_editing = ssh_echoing = 1;
}
if (cfg.compression) {
if (eof_needed)
ssh_special(TS_EOF);
+ ldisc_send(NULL, 0); /* cause ldisc to notice changes */
ssh_send_ok = 1;
ssh_channels = newtree234(ssh_channelcmp);
- begin_session();
while (1) {
crReturnV;
if (ispkt) {
/*
* SSH2 key creation method.
*/
-static void ssh2_mkkey(Bignum K, char *H, char chr, char *keyspace) {
+static void ssh2_mkkey(Bignum K, char *H, char *sessid, char chr, char *keyspace) {
SHA_State s;
/* First 20 bytes. */
SHA_Init(&s);
sha_mpint(&s, K);
SHA_Bytes(&s, H, 20);
SHA_Bytes(&s, &chr, 1);
- SHA_Bytes(&s, H, 20);
+ SHA_Bytes(&s, sessid, 20);
SHA_Final(&s, keyspace);
/* Next 20 bytes. */
SHA_Init(&s);
static int hostkeylen, siglen;
static void *hkey; /* actual host key */
static unsigned char exchange_hash[20];
+ static unsigned char first_exchange_hash[20];
static unsigned char keyspace[40];
static const struct ssh_cipher *preferred_cipher;
static const struct ssh_compress *preferred_comp;
fingerprint = hostkey->fingerprint(hkey);
verify_ssh_host_key(savedhost, savedport, hostkey->keytype,
keystr, fingerprint);
- logevent("Host key fingerprint is:");
- logevent(fingerprint);
+ if (first_kex) { /* don't bother logging this in rekeys */
+ logevent("Host key fingerprint is:");
+ logevent(fingerprint);
+ }
sfree(fingerprint);
sfree(keystr);
hostkey->freekey(hkey);
cscomp->compress_init();
sccomp->decompress_init();
/*
- * Set IVs after keys.
+ * Set IVs after keys. Here we use the exchange hash from the
+ * _first_ key exchange.
*/
- ssh2_mkkey(K, exchange_hash, 'C', keyspace); cscipher->setcskey(keyspace);
- ssh2_mkkey(K, exchange_hash, 'D', keyspace); sccipher->setsckey(keyspace);
- ssh2_mkkey(K, exchange_hash, 'A', keyspace); cscipher->setcsiv(keyspace);
- ssh2_mkkey(K, exchange_hash, 'B', keyspace); sccipher->setsciv(keyspace);
- ssh2_mkkey(K, exchange_hash, 'E', keyspace); csmac->setcskey(keyspace);
- ssh2_mkkey(K, exchange_hash, 'F', keyspace); scmac->setsckey(keyspace);
+ if (first_kex)
+ memcpy(first_exchange_hash, exchange_hash, sizeof(exchange_hash));
+ ssh2_mkkey(K, exchange_hash, first_exchange_hash, 'C', keyspace);
+ cscipher->setcskey(keyspace);
+ ssh2_mkkey(K, exchange_hash, first_exchange_hash, 'D', keyspace);
+ sccipher->setsckey(keyspace);
+ ssh2_mkkey(K, exchange_hash, first_exchange_hash, 'A', keyspace);
+ cscipher->setcsiv(keyspace);
+ ssh2_mkkey(K, exchange_hash, first_exchange_hash, 'B', keyspace);
+ sccipher->setsciv(keyspace);
+ ssh2_mkkey(K, exchange_hash, first_exchange_hash, 'E', keyspace);
+ csmac->setcskey(keyspace);
+ ssh2_mkkey(K, exchange_hash, first_exchange_hash, 'F', keyspace);
+ scmac->setsckey(keyspace);
/*
* If this is the first key exchange phase, we must pass the
do {
crReturn(1);
} while (!(ispkt && pktin.type == SSH2_MSG_KEXINIT));
+ logevent("Server initiated key re-exchange");
goto begin_key_exchange;
crFinish(1);
crReturnV;
}
c_write("Server refused to allocate pty\r\n", 32);
+ ssh_editing = ssh_echoing = 1;
} else {
logevent("Allocated pty");
}
+ } else {
+ ssh_editing = ssh_echoing = 1;
}
/*
/*
* Transfer data!
*/
+ ldisc_send(NULL, 0); /* cause ldisc to notice changes */
ssh_send_ok = 1;
- begin_session();
while (1) {
static int try_send;
crReturnV;
#endif
ssh_send_ok = 0;
+ ssh_editing = 0;
+ ssh_echoing = 0;
p = connect_to_host(host, port, realhost);
if (p != NULL)
static int ssh_sendok(void) { return ssh_send_ok; }
+static int ssh_ldisc(int option) {
+ if (option == LD_ECHO) return ssh_echoing;
+ if (option == LD_EDIT) return ssh_editing;
+ return FALSE;
+}
+
Backend ssh_backend = {
ssh_init,
ssh_send,
ssh_special,
ssh_socket,
ssh_sendok,
+ ssh_ldisc,
22
};