diff options
author | Damien Miller <djm@mindrot.org> | 2002-01-22 23:11:40 +1100 |
---|---|---|
committer | Damien Miller <djm@mindrot.org> | 2002-01-22 23:11:40 +1100 |
commit | 48b03fc5460390318e94462707182b72dfaba91f (patch) | |
tree | 5fca9bcb09bab53083b274e0121a92dc8c1fbb16 | |
parent | 66823cddbe80d1d22ac44d503b8c121f071e7105 (diff) |
- markus@cvs.openbsd.org 2001/12/27 20:39:58
[auth1.c auth-rsa.c channels.c clientloop.c packet.c packet.h serverloop.c session.c ssh.c sshconnect1.c sshd.c ttymodes.c]
get rid of packet_integrity_check, use packet_done() instead.
-rw-r--r-- | ChangeLog | 6 | ||||
-rw-r--r-- | auth-rsa.c | 4 | ||||
-rw-r--r-- | auth1.c | 16 | ||||
-rw-r--r-- | auth2-chall.c | 4 | ||||
-rw-r--r-- | auth2.c | 14 | ||||
-rw-r--r-- | channels.c | 26 | ||||
-rw-r--r-- | clientloop.c | 14 | ||||
-rw-r--r-- | kex.c | 4 | ||||
-rw-r--r-- | kexdh.c | 4 | ||||
-rw-r--r-- | kexgex.c | 8 | ||||
-rw-r--r-- | packet.c | 4 | ||||
-rw-r--r-- | packet.h | 5 | ||||
-rw-r--r-- | serverloop.c | 12 | ||||
-rw-r--r-- | session.c | 26 | ||||
-rw-r--r-- | ssh.c | 6 | ||||
-rw-r--r-- | sshconnect1.c | 16 | ||||
-rw-r--r-- | sshconnect2.c | 10 | ||||
-rw-r--r-- | sshd.c | 4 | ||||
-rw-r--r-- | ttymodes.c | 3 |
19 files changed, 95 insertions, 91 deletions
@@ -55,6 +55,10 @@ | |||
55 | [auth1.c auth-rsa.c channels.c clientloop.c packet.c packet.h] | 55 | [auth1.c auth-rsa.c channels.c clientloop.c packet.c packet.h] |
56 | [serverloop.c session.c ssh.c sshconnect1.c sshd.c ttymodes.c] | 56 | [serverloop.c session.c ssh.c sshconnect1.c sshd.c ttymodes.c] |
57 | get rid of packet_integrity_check, use packet_done() instead. | 57 | get rid of packet_integrity_check, use packet_done() instead. |
58 | - markus@cvs.openbsd.org 2001/12/27 20:39:58 | ||
59 | [auth1.c auth-rsa.c channels.c clientloop.c packet.c packet.h] | ||
60 | [serverloop.c session.c ssh.c sshconnect1.c sshd.c ttymodes.c] | ||
61 | get rid of packet_integrity_check, use packet_done() instead. | ||
58 | 62 | ||
59 | 20020121 | 63 | 20020121 |
60 | - (djm) Rework ssh-rand-helper: | 64 | - (djm) Rework ssh-rand-helper: |
@@ -7202,4 +7206,4 @@ | |||
7202 | - Wrote replacements for strlcpy and mkdtemp | 7206 | - Wrote replacements for strlcpy and mkdtemp |
7203 | - Released 1.0pre1 | 7207 | - Released 1.0pre1 |
7204 | 7208 | ||
7205 | $Id: ChangeLog,v 1.1738 2002/01/22 12:11:38 djm Exp $ | 7209 | $Id: ChangeLog,v 1.1739 2002/01/22 12:12:11 djm Exp $ |
diff --git a/auth-rsa.c b/auth-rsa.c index 1d74a79cd..4403c1490 100644 --- a/auth-rsa.c +++ b/auth-rsa.c | |||
@@ -14,7 +14,7 @@ | |||
14 | */ | 14 | */ |
15 | 15 | ||
16 | #include "includes.h" | 16 | #include "includes.h" |
17 | RCSID("$OpenBSD: auth-rsa.c,v 1.48 2001/12/27 20:39:58 markus Exp $"); | 17 | RCSID("$OpenBSD: auth-rsa.c,v 1.49 2001/12/28 12:14:27 markus Exp $"); |
18 | 18 | ||
19 | #include <openssl/rsa.h> | 19 | #include <openssl/rsa.h> |
20 | #include <openssl/md5.h> | 20 | #include <openssl/md5.h> |
@@ -94,7 +94,7 @@ auth_rsa_challenge_dialog(RSA *pk) | |||
94 | packet_read_expect(&plen, SSH_CMSG_AUTH_RSA_RESPONSE); | 94 | packet_read_expect(&plen, SSH_CMSG_AUTH_RSA_RESPONSE); |
95 | for (i = 0; i < 16; i++) | 95 | for (i = 0; i < 16; i++) |
96 | response[i] = packet_get_char(); | 96 | response[i] = packet_get_char(); |
97 | packet_done(); | 97 | packet_check_eom(); |
98 | 98 | ||
99 | /* The response is MD5 of decrypted challenge plus session id. */ | 99 | /* The response is MD5 of decrypted challenge plus session id. */ |
100 | len = BN_num_bytes(challenge); | 100 | len = BN_num_bytes(challenge); |
@@ -10,7 +10,7 @@ | |||
10 | */ | 10 | */ |
11 | 11 | ||
12 | #include "includes.h" | 12 | #include "includes.h" |
13 | RCSID("$OpenBSD: auth1.c,v 1.31 2001/12/27 20:39:58 markus Exp $"); | 13 | RCSID("$OpenBSD: auth1.c,v 1.32 2001/12/28 12:14:27 markus Exp $"); |
14 | 14 | ||
15 | #include "xmalloc.h" | 15 | #include "xmalloc.h" |
16 | #include "rsa.h" | 16 | #include "rsa.h" |
@@ -120,7 +120,7 @@ do_authloop(Authctxt *authctxt) | |||
120 | verbose("Kerberos authentication disabled."); | 120 | verbose("Kerberos authentication disabled."); |
121 | } else { | 121 | } else { |
122 | char *kdata = packet_get_string(&dlen); | 122 | char *kdata = packet_get_string(&dlen); |
123 | packet_done(); | 123 | packet_check_eom(); |
124 | 124 | ||
125 | if (kdata[0] == 4) { /* KRB_PROT_VERSION */ | 125 | if (kdata[0] == 4) { /* KRB_PROT_VERSION */ |
126 | #ifdef KRB4 | 126 | #ifdef KRB4 |
@@ -180,7 +180,7 @@ do_authloop(Authctxt *authctxt) | |||
180 | * IP-spoofing on a local network.) | 180 | * IP-spoofing on a local network.) |
181 | */ | 181 | */ |
182 | client_user = packet_get_string(&ulen); | 182 | client_user = packet_get_string(&ulen); |
183 | packet_done(); | 183 | packet_check_eom(); |
184 | 184 | ||
185 | /* Try to authenticate using /etc/hosts.equiv and .rhosts. */ | 185 | /* Try to authenticate using /etc/hosts.equiv and .rhosts. */ |
186 | authenticated = auth_rhosts(pw, client_user); | 186 | authenticated = auth_rhosts(pw, client_user); |
@@ -210,7 +210,7 @@ do_authloop(Authctxt *authctxt) | |||
210 | verbose("Warning: keysize mismatch for client_host_key: " | 210 | verbose("Warning: keysize mismatch for client_host_key: " |
211 | "actual %d, announced %d", | 211 | "actual %d, announced %d", |
212 | BN_num_bits(client_host_key->rsa->n), bits); | 212 | BN_num_bits(client_host_key->rsa->n), bits); |
213 | packet_done(); | 213 | packet_check_eom(); |
214 | 214 | ||
215 | authenticated = auth_rhosts_rsa(pw, client_user, | 215 | authenticated = auth_rhosts_rsa(pw, client_user, |
216 | client_host_key); | 216 | client_host_key); |
@@ -228,7 +228,7 @@ do_authloop(Authctxt *authctxt) | |||
228 | if ((n = BN_new()) == NULL) | 228 | if ((n = BN_new()) == NULL) |
229 | fatal("do_authloop: BN_new failed"); | 229 | fatal("do_authloop: BN_new failed"); |
230 | packet_get_bignum(n, &nlen); | 230 | packet_get_bignum(n, &nlen); |
231 | packet_done(); | 231 | packet_check_eom(); |
232 | authenticated = auth_rsa(pw, n); | 232 | authenticated = auth_rsa(pw, n); |
233 | BN_clear_free(n); | 233 | BN_clear_free(n); |
234 | break; | 234 | break; |
@@ -244,7 +244,7 @@ do_authloop(Authctxt *authctxt) | |||
244 | * not visible to an outside observer. | 244 | * not visible to an outside observer. |
245 | */ | 245 | */ |
246 | password = packet_get_string(&dlen); | 246 | password = packet_get_string(&dlen); |
247 | packet_done(); | 247 | packet_check_eom(); |
248 | 248 | ||
249 | #ifdef USE_PAM | 249 | #ifdef USE_PAM |
250 | /* Do PAM auth with password */ | 250 | /* Do PAM auth with password */ |
@@ -282,7 +282,7 @@ do_authloop(Authctxt *authctxt) | |||
282 | if (options.challenge_response_authentication == 1) { | 282 | if (options.challenge_response_authentication == 1) { |
283 | char *response = packet_get_string(&dlen); | 283 | char *response = packet_get_string(&dlen); |
284 | debug("got response '%s'", response); | 284 | debug("got response '%s'", response); |
285 | packet_done(); | 285 | packet_check_eom(); |
286 | authenticated = verify_response(authctxt, response); | 286 | authenticated = verify_response(authctxt, response); |
287 | memset(response, 'r', dlen); | 287 | memset(response, 'r', dlen); |
288 | xfree(response); | 288 | xfree(response); |
@@ -369,7 +369,7 @@ do_authentication(void) | |||
369 | 369 | ||
370 | /* Get the user name. */ | 370 | /* Get the user name. */ |
371 | user = packet_get_string(&ulen); | 371 | user = packet_get_string(&ulen); |
372 | packet_done(); | 372 | packet_check_eom(); |
373 | 373 | ||
374 | if ((style = strchr(user, ':')) != NULL) | 374 | if ((style = strchr(user, ':')) != NULL) |
375 | *style++ = '\0'; | 375 | *style++ = '\0'; |
diff --git a/auth2-chall.c b/auth2-chall.c index 8679f632f..4211b0f64 100644 --- a/auth2-chall.c +++ b/auth2-chall.c | |||
@@ -23,7 +23,7 @@ | |||
23 | * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. | 23 | * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |
24 | */ | 24 | */ |
25 | #include "includes.h" | 25 | #include "includes.h" |
26 | RCSID("$OpenBSD: auth2-chall.c,v 1.11 2001/12/20 22:50:24 djm Exp $"); | 26 | RCSID("$OpenBSD: auth2-chall.c,v 1.12 2001/12/28 12:14:27 markus Exp $"); |
27 | 27 | ||
28 | #include "ssh2.h" | 28 | #include "ssh2.h" |
29 | #include "auth.h" | 29 | #include "auth.h" |
@@ -257,7 +257,7 @@ input_userauth_info_response(int type, int plen, u_int32_t seq, void *ctxt) | |||
257 | for (i = 0; i < nresp; i++) | 257 | for (i = 0; i < nresp; i++) |
258 | response[i] = packet_get_string(NULL); | 258 | response[i] = packet_get_string(NULL); |
259 | } | 259 | } |
260 | packet_done(); | 260 | packet_check_eom(); |
261 | 261 | ||
262 | if (authctxt->valid) { | 262 | if (authctxt->valid) { |
263 | res = kbdintctxt->device->respond(kbdintctxt->ctxt, | 263 | res = kbdintctxt->device->respond(kbdintctxt->ctxt, |
@@ -23,7 +23,7 @@ | |||
23 | */ | 23 | */ |
24 | 24 | ||
25 | #include "includes.h" | 25 | #include "includes.h" |
26 | RCSID("$OpenBSD: auth2.c,v 1.78 2001/12/20 22:50:24 djm Exp $"); | 26 | RCSID("$OpenBSD: auth2.c,v 1.79 2001/12/28 12:14:27 markus Exp $"); |
27 | 27 | ||
28 | #include <openssl/evp.h> | 28 | #include <openssl/evp.h> |
29 | 29 | ||
@@ -146,7 +146,7 @@ input_service_request(int type, int plen, u_int32_t seq, void *ctxt) | |||
146 | u_int len; | 146 | u_int len; |
147 | int accept = 0; | 147 | int accept = 0; |
148 | char *service = packet_get_string(&len); | 148 | char *service = packet_get_string(&len); |
149 | packet_done(); | 149 | packet_check_eom(); |
150 | 150 | ||
151 | if (authctxt == NULL) | 151 | if (authctxt == NULL) |
152 | fatal("input_service_request: no authctxt"); | 152 | fatal("input_service_request: no authctxt"); |
@@ -328,7 +328,7 @@ userauth_none(Authctxt *authctxt) | |||
328 | Authmethod *m = authmethod_lookup("none"); | 328 | Authmethod *m = authmethod_lookup("none"); |
329 | if (m != NULL) | 329 | if (m != NULL) |
330 | m->enabled = NULL; | 330 | m->enabled = NULL; |
331 | packet_done(); | 331 | packet_check_eom(); |
332 | userauth_banner(); | 332 | userauth_banner(); |
333 | 333 | ||
334 | if (authctxt->valid == 0) | 334 | if (authctxt->valid == 0) |
@@ -358,7 +358,7 @@ userauth_passwd(Authctxt *authctxt) | |||
358 | if (change) | 358 | if (change) |
359 | log("password change not supported"); | 359 | log("password change not supported"); |
360 | password = packet_get_string(&len); | 360 | password = packet_get_string(&len); |
361 | packet_done(); | 361 | packet_check_eom(); |
362 | if (authctxt->valid && | 362 | if (authctxt->valid && |
363 | #ifdef HAVE_CYGWIN | 363 | #ifdef HAVE_CYGWIN |
364 | check_nt_auth(1, authctxt->pw) && | 364 | check_nt_auth(1, authctxt->pw) && |
@@ -384,7 +384,7 @@ userauth_kbdint(Authctxt *authctxt) | |||
384 | 384 | ||
385 | lang = packet_get_string(NULL); | 385 | lang = packet_get_string(NULL); |
386 | devs = packet_get_string(NULL); | 386 | devs = packet_get_string(NULL); |
387 | packet_done(); | 387 | packet_check_eom(); |
388 | 388 | ||
389 | debug("keyboard-interactive devs %s", devs); | 389 | debug("keyboard-interactive devs %s", devs); |
390 | 390 | ||
@@ -444,7 +444,7 @@ userauth_pubkey(Authctxt *authctxt) | |||
444 | if (key != NULL) { | 444 | if (key != NULL) { |
445 | if (have_sig) { | 445 | if (have_sig) { |
446 | sig = packet_get_string(&slen); | 446 | sig = packet_get_string(&slen); |
447 | packet_done(); | 447 | packet_check_eom(); |
448 | buffer_init(&b); | 448 | buffer_init(&b); |
449 | if (datafellows & SSH_OLD_SESSIONID) { | 449 | if (datafellows & SSH_OLD_SESSIONID) { |
450 | buffer_append(&b, session_id2, session_id2_len); | 450 | buffer_append(&b, session_id2, session_id2_len); |
@@ -477,7 +477,7 @@ userauth_pubkey(Authctxt *authctxt) | |||
477 | xfree(sig); | 477 | xfree(sig); |
478 | } else { | 478 | } else { |
479 | debug("test whether pkalg/pkblob are acceptable"); | 479 | debug("test whether pkalg/pkblob are acceptable"); |
480 | packet_done(); | 480 | packet_check_eom(); |
481 | 481 | ||
482 | /* XXX fake reply and always send PK_OK ? */ | 482 | /* XXX fake reply and always send PK_OK ? */ |
483 | /* | 483 | /* |
diff --git a/channels.c b/channels.c index 9f042d44e..163312c57 100644 --- a/channels.c +++ b/channels.c | |||
@@ -39,7 +39,7 @@ | |||
39 | */ | 39 | */ |
40 | 40 | ||
41 | #include "includes.h" | 41 | #include "includes.h" |
42 | RCSID("$OpenBSD: channels.c,v 1.151 2001/12/27 20:39:58 markus Exp $"); | 42 | RCSID("$OpenBSD: channels.c,v 1.152 2001/12/28 12:14:27 markus Exp $"); |
43 | 43 | ||
44 | #include "ssh.h" | 44 | #include "ssh.h" |
45 | #include "ssh1.h" | 45 | #include "ssh1.h" |
@@ -1748,7 +1748,7 @@ channel_input_data(int type, int plen, u_int32_t seq, void *ctxt) | |||
1748 | } | 1748 | } |
1749 | c->local_window -= data_len; | 1749 | c->local_window -= data_len; |
1750 | } | 1750 | } |
1751 | packet_done(); | 1751 | packet_check_eom(); |
1752 | buffer_append(&c->output, data, data_len); | 1752 | buffer_append(&c->output, data, data_len); |
1753 | xfree(data); | 1753 | xfree(data); |
1754 | } | 1754 | } |
@@ -1780,7 +1780,7 @@ channel_input_extended_data(int type, int plen, u_int32_t seq, void *ctxt) | |||
1780 | return; | 1780 | return; |
1781 | } | 1781 | } |
1782 | data = packet_get_string(&data_len); | 1782 | data = packet_get_string(&data_len); |
1783 | packet_done(); | 1783 | packet_check_eom(); |
1784 | if (data_len > c->local_window) { | 1784 | if (data_len > c->local_window) { |
1785 | log("channel %d: rcvd too much extended_data %d, win %d", | 1785 | log("channel %d: rcvd too much extended_data %d, win %d", |
1786 | c->self, data_len, c->local_window); | 1786 | c->self, data_len, c->local_window); |
@@ -1800,7 +1800,7 @@ channel_input_ieof(int type, int plen, u_int32_t seq, void *ctxt) | |||
1800 | Channel *c; | 1800 | Channel *c; |
1801 | 1801 | ||
1802 | id = packet_get_int(); | 1802 | id = packet_get_int(); |
1803 | packet_done(); | 1803 | packet_check_eom(); |
1804 | c = channel_lookup(id); | 1804 | c = channel_lookup(id); |
1805 | if (c == NULL) | 1805 | if (c == NULL) |
1806 | packet_disconnect("Received ieof for nonexistent channel %d.", id); | 1806 | packet_disconnect("Received ieof for nonexistent channel %d.", id); |
@@ -1821,7 +1821,7 @@ channel_input_close(int type, int plen, u_int32_t seq, void *ctxt) | |||
1821 | Channel *c; | 1821 | Channel *c; |
1822 | 1822 | ||
1823 | id = packet_get_int(); | 1823 | id = packet_get_int(); |
1824 | packet_done(); | 1824 | packet_check_eom(); |
1825 | c = channel_lookup(id); | 1825 | c = channel_lookup(id); |
1826 | if (c == NULL) | 1826 | if (c == NULL) |
1827 | packet_disconnect("Received close for nonexistent channel %d.", id); | 1827 | packet_disconnect("Received close for nonexistent channel %d.", id); |
@@ -1858,7 +1858,7 @@ channel_input_oclose(int type, int plen, u_int32_t seq, void *ctxt) | |||
1858 | int id = packet_get_int(); | 1858 | int id = packet_get_int(); |
1859 | Channel *c = channel_lookup(id); | 1859 | Channel *c = channel_lookup(id); |
1860 | 1860 | ||
1861 | packet_done(); | 1861 | packet_check_eom(); |
1862 | if (c == NULL) | 1862 | if (c == NULL) |
1863 | packet_disconnect("Received oclose for nonexistent channel %d.", id); | 1863 | packet_disconnect("Received oclose for nonexistent channel %d.", id); |
1864 | chan_rcvd_oclose(c); | 1864 | chan_rcvd_oclose(c); |
@@ -1870,7 +1870,7 @@ channel_input_close_confirmation(int type, int plen, u_int32_t seq, void *ctxt) | |||
1870 | int id = packet_get_int(); | 1870 | int id = packet_get_int(); |
1871 | Channel *c = channel_lookup(id); | 1871 | Channel *c = channel_lookup(id); |
1872 | 1872 | ||
1873 | packet_done(); | 1873 | packet_check_eom(); |
1874 | if (c == NULL) | 1874 | if (c == NULL) |
1875 | packet_disconnect("Received close confirmation for " | 1875 | packet_disconnect("Received close confirmation for " |
1876 | "out-of-range channel %d.", id); | 1876 | "out-of-range channel %d.", id); |
@@ -1908,7 +1908,7 @@ channel_input_open_confirmation(int type, int plen, u_int32_t seq, void *ctxt) | |||
1908 | debug("channel %d: open confirm rwindow %d rmax %d", c->self, | 1908 | debug("channel %d: open confirm rwindow %d rmax %d", c->self, |
1909 | c->remote_window, c->remote_maxpacket); | 1909 | c->remote_window, c->remote_maxpacket); |
1910 | } | 1910 | } |
1911 | packet_done(); | 1911 | packet_check_eom(); |
1912 | } | 1912 | } |
1913 | 1913 | ||
1914 | static char * | 1914 | static char * |
@@ -1953,7 +1953,7 @@ channel_input_open_failure(int type, int plen, u_int32_t seq, void *ctxt) | |||
1953 | if (lang != NULL) | 1953 | if (lang != NULL) |
1954 | xfree(lang); | 1954 | xfree(lang); |
1955 | } | 1955 | } |
1956 | packet_done(); | 1956 | packet_check_eom(); |
1957 | /* Free the channel. This will also close the socket. */ | 1957 | /* Free the channel. This will also close the socket. */ |
1958 | channel_free(c); | 1958 | channel_free(c); |
1959 | } | 1959 | } |
@@ -2002,7 +2002,7 @@ channel_input_window_adjust(int type, int plen, u_int32_t seq, void *ctxt) | |||
2002 | return; | 2002 | return; |
2003 | } | 2003 | } |
2004 | adjust = packet_get_int(); | 2004 | adjust = packet_get_int(); |
2005 | packet_done(); | 2005 | packet_check_eom(); |
2006 | debug2("channel %d: rcvd adjust %d", id, adjust); | 2006 | debug2("channel %d: rcvd adjust %d", id, adjust); |
2007 | c->remote_window += adjust; | 2007 | c->remote_window += adjust; |
2008 | } | 2008 | } |
@@ -2024,7 +2024,7 @@ channel_input_port_open(int type, int plen, u_int32_t seq, void *ctxt) | |||
2024 | } else { | 2024 | } else { |
2025 | originator_string = xstrdup("unknown (remote did not supply name)"); | 2025 | originator_string = xstrdup("unknown (remote did not supply name)"); |
2026 | } | 2026 | } |
2027 | packet_done(); | 2027 | packet_check_eom(); |
2028 | sock = channel_connect_to(host, host_port); | 2028 | sock = channel_connect_to(host, host_port); |
2029 | if (sock != -1) { | 2029 | if (sock != -1) { |
2030 | c = channel_new("connected socket", | 2030 | c = channel_new("connected socket", |
@@ -2630,7 +2630,7 @@ x11_input_open(int type, int plen, u_int32_t seq, void *ctxt) | |||
2630 | } else { | 2630 | } else { |
2631 | remote_host = xstrdup("unknown (remote did not supply name)"); | 2631 | remote_host = xstrdup("unknown (remote did not supply name)"); |
2632 | } | 2632 | } |
2633 | packet_done(); | 2633 | packet_check_eom(); |
2634 | 2634 | ||
2635 | /* Obtain a connection to the real X display. */ | 2635 | /* Obtain a connection to the real X display. */ |
2636 | sock = x11_connect_display(); | 2636 | sock = x11_connect_display(); |
@@ -2881,7 +2881,7 @@ auth_input_open_request(int type, int plen, u_int32_t seq, void *ctxt) | |||
2881 | 2881 | ||
2882 | /* Read the remote channel number from the message. */ | 2882 | /* Read the remote channel number from the message. */ |
2883 | remote_id = packet_get_int(); | 2883 | remote_id = packet_get_int(); |
2884 | packet_done(); | 2884 | packet_check_eom(); |
2885 | 2885 | ||
2886 | /* | 2886 | /* |
2887 | * Get a connection to the local authentication agent (this may again | 2887 | * Get a connection to the local authentication agent (this may again |
diff --git a/clientloop.c b/clientloop.c index f71717554..3231b212e 100644 --- a/clientloop.c +++ b/clientloop.c | |||
@@ -59,7 +59,7 @@ | |||
59 | */ | 59 | */ |
60 | 60 | ||
61 | #include "includes.h" | 61 | #include "includes.h" |
62 | RCSID("$OpenBSD: clientloop.c,v 1.92 2001/12/27 20:39:58 markus Exp $"); | 62 | RCSID("$OpenBSD: clientloop.c,v 1.93 2001/12/28 12:14:27 markus Exp $"); |
63 | 63 | ||
64 | #include "ssh.h" | 64 | #include "ssh.h" |
65 | #include "ssh1.h" | 65 | #include "ssh1.h" |
@@ -1012,7 +1012,7 @@ client_input_stdout_data(int type, int plen, u_int32_t seq, void *ctxt) | |||
1012 | { | 1012 | { |
1013 | u_int data_len; | 1013 | u_int data_len; |
1014 | char *data = packet_get_string(&data_len); | 1014 | char *data = packet_get_string(&data_len); |
1015 | packet_done(); | 1015 | packet_check_eom(); |
1016 | buffer_append(&stdout_buffer, data, data_len); | 1016 | buffer_append(&stdout_buffer, data, data_len); |
1017 | memset(data, 0, data_len); | 1017 | memset(data, 0, data_len); |
1018 | xfree(data); | 1018 | xfree(data); |
@@ -1022,7 +1022,7 @@ client_input_stderr_data(int type, int plen, u_int32_t seq, void *ctxt) | |||
1022 | { | 1022 | { |
1023 | u_int data_len; | 1023 | u_int data_len; |
1024 | char *data = packet_get_string(&data_len); | 1024 | char *data = packet_get_string(&data_len); |
1025 | packet_done(); | 1025 | packet_check_eom(); |
1026 | buffer_append(&stderr_buffer, data, data_len); | 1026 | buffer_append(&stderr_buffer, data, data_len); |
1027 | memset(data, 0, data_len); | 1027 | memset(data, 0, data_len); |
1028 | xfree(data); | 1028 | xfree(data); |
@@ -1031,7 +1031,7 @@ static void | |||
1031 | client_input_exit_status(int type, int plen, u_int32_t seq, void *ctxt) | 1031 | client_input_exit_status(int type, int plen, u_int32_t seq, void *ctxt) |
1032 | { | 1032 | { |
1033 | exit_status = packet_get_int(); | 1033 | exit_status = packet_get_int(); |
1034 | packet_done(); | 1034 | packet_check_eom(); |
1035 | /* Acknowledge the exit. */ | 1035 | /* Acknowledge the exit. */ |
1036 | packet_start(SSH_CMSG_EXIT_CONFIRMATION); | 1036 | packet_start(SSH_CMSG_EXIT_CONFIRMATION); |
1037 | packet_send(); | 1037 | packet_send(); |
@@ -1057,7 +1057,7 @@ client_request_forwarded_tcpip(const char *request_type, int rchan) | |||
1057 | listen_port = packet_get_int(); | 1057 | listen_port = packet_get_int(); |
1058 | originator_address = packet_get_string(NULL); | 1058 | originator_address = packet_get_string(NULL); |
1059 | originator_port = packet_get_int(); | 1059 | originator_port = packet_get_int(); |
1060 | packet_done(); | 1060 | packet_check_eom(); |
1061 | 1061 | ||
1062 | debug("client_request_forwarded_tcpip: listen %s port %d, originator %s port %d", | 1062 | debug("client_request_forwarded_tcpip: listen %s port %d, originator %s port %d", |
1063 | listen_address, listen_port, originator_address, originator_port); | 1063 | listen_address, listen_port, originator_address, originator_port); |
@@ -1101,7 +1101,7 @@ client_request_x11(const char *request_type, int rchan) | |||
1101 | } else { | 1101 | } else { |
1102 | originator_port = packet_get_int(); | 1102 | originator_port = packet_get_int(); |
1103 | } | 1103 | } |
1104 | packet_done(); | 1104 | packet_check_eom(); |
1105 | /* XXX check permission */ | 1105 | /* XXX check permission */ |
1106 | debug("client_request_x11: request from %s %d", originator, | 1106 | debug("client_request_x11: request from %s %d", originator, |
1107 | originator_port); | 1107 | originator_port); |
@@ -1226,7 +1226,7 @@ client_input_channel_req(int type, int plen, u_int32_t seq, void *ctxt) | |||
1226 | } else if (strcmp(rtype, "exit-status") == 0) { | 1226 | } else if (strcmp(rtype, "exit-status") == 0) { |
1227 | success = 1; | 1227 | success = 1; |
1228 | exit_status = packet_get_int(); | 1228 | exit_status = packet_get_int(); |
1229 | packet_done(); | 1229 | packet_check_eom(); |
1230 | } | 1230 | } |
1231 | if (reply) { | 1231 | if (reply) { |
1232 | packet_start(success ? | 1232 | packet_start(success ? |
@@ -23,7 +23,7 @@ | |||
23 | */ | 23 | */ |
24 | 24 | ||
25 | #include "includes.h" | 25 | #include "includes.h" |
26 | RCSID("$OpenBSD: kex.c,v 1.38 2001/12/20 22:50:24 djm Exp $"); | 26 | RCSID("$OpenBSD: kex.c,v 1.39 2001/12/28 12:14:27 markus Exp $"); |
27 | 27 | ||
28 | #include <openssl/crypto.h> | 28 | #include <openssl/crypto.h> |
29 | 29 | ||
@@ -187,7 +187,7 @@ kex_input_kexinit(int type, int plen, u_int32_t seq, void *ctxt) | |||
187 | xfree(packet_get_string(NULL)); | 187 | xfree(packet_get_string(NULL)); |
188 | packet_get_char(); | 188 | packet_get_char(); |
189 | packet_get_int(); | 189 | packet_get_int(); |
190 | packet_done(); | 190 | packet_check_eom(); |
191 | 191 | ||
192 | kex_kexinit_finish(kex); | 192 | kex_kexinit_finish(kex); |
193 | } | 193 | } |
@@ -23,7 +23,7 @@ | |||
23 | */ | 23 | */ |
24 | 24 | ||
25 | #include "includes.h" | 25 | #include "includes.h" |
26 | RCSID("$OpenBSD: kexdh.c,v 1.9 2001/12/27 19:37:22 markus Exp $"); | 26 | RCSID("$OpenBSD: kexdh.c,v 1.10 2001/12/28 12:14:27 markus Exp $"); |
27 | 27 | ||
28 | #include <openssl/crypto.h> | 28 | #include <openssl/crypto.h> |
29 | #include <openssl/bn.h> | 29 | #include <openssl/bn.h> |
@@ -142,7 +142,7 @@ kexdh_client(Kex *kex) | |||
142 | 142 | ||
143 | /* signed H */ | 143 | /* signed H */ |
144 | signature = packet_get_string(&slen); | 144 | signature = packet_get_string(&slen); |
145 | packet_done(); | 145 | packet_check_eom(); |
146 | 146 | ||
147 | if (!dh_pub_is_valid(dh, dh_server_pub)) | 147 | if (!dh_pub_is_valid(dh, dh_server_pub)) |
148 | packet_disconnect("bad server public DH value"); | 148 | packet_disconnect("bad server public DH value"); |
@@ -24,7 +24,7 @@ | |||
24 | */ | 24 | */ |
25 | 25 | ||
26 | #include "includes.h" | 26 | #include "includes.h" |
27 | RCSID("$OpenBSD: kexgex.c,v 1.12 2001/12/27 19:37:23 markus Exp $"); | 27 | RCSID("$OpenBSD: kexgex.c,v 1.13 2001/12/28 12:14:27 markus Exp $"); |
28 | 28 | ||
29 | #include <openssl/bn.h> | 29 | #include <openssl/bn.h> |
30 | 30 | ||
@@ -146,7 +146,7 @@ kexgex_client(Kex *kex) | |||
146 | if ((g = BN_new()) == NULL) | 146 | if ((g = BN_new()) == NULL) |
147 | fatal("BN_new"); | 147 | fatal("BN_new"); |
148 | packet_get_bignum2(g, &dlen); | 148 | packet_get_bignum2(g, &dlen); |
149 | packet_done(); | 149 | packet_check_eom(); |
150 | 150 | ||
151 | if (BN_num_bits(p) < min || BN_num_bits(p) > max) | 151 | if (BN_num_bits(p) < min || BN_num_bits(p) > max) |
152 | fatal("DH_GEX group out of range: %d !< %d !< %d", | 152 | fatal("DH_GEX group out of range: %d !< %d !< %d", |
@@ -196,7 +196,7 @@ kexgex_client(Kex *kex) | |||
196 | 196 | ||
197 | /* signed H */ | 197 | /* signed H */ |
198 | signature = packet_get_string(&slen); | 198 | signature = packet_get_string(&slen); |
199 | packet_done(); | 199 | packet_check_eom(); |
200 | 200 | ||
201 | if (!dh_pub_is_valid(dh, dh_server_pub)) | 201 | if (!dh_pub_is_valid(dh, dh_server_pub)) |
202 | packet_disconnect("bad server public DH value"); | 202 | packet_disconnect("bad server public DH value"); |
@@ -289,7 +289,7 @@ kexgex_server(Kex *kex) | |||
289 | default: | 289 | default: |
290 | fatal("protocol error during kex, no DH_GEX_REQUEST: %d", type); | 290 | fatal("protocol error during kex, no DH_GEX_REQUEST: %d", type); |
291 | } | 291 | } |
292 | packet_done(); | 292 | packet_check_eom(); |
293 | 293 | ||
294 | if (max < min || nbits < min || max < nbits) | 294 | if (max < min || nbits < min || max < nbits) |
295 | fatal("DH_GEX_REQUEST, bad parameters: %d !< %d !< %d", | 295 | fatal("DH_GEX_REQUEST, bad parameters: %d !< %d !< %d", |
@@ -37,7 +37,7 @@ | |||
37 | */ | 37 | */ |
38 | 38 | ||
39 | #include "includes.h" | 39 | #include "includes.h" |
40 | RCSID("$OpenBSD: packet.c,v 1.78 2001/12/27 20:39:58 markus Exp $"); | 40 | RCSID("$OpenBSD: packet.c,v 1.79 2001/12/28 12:14:27 markus Exp $"); |
41 | 41 | ||
42 | #include "xmalloc.h" | 42 | #include "xmalloc.h" |
43 | #include "buffer.h" | 43 | #include "buffer.h" |
@@ -632,7 +632,7 @@ packet_read_seqnr(int *payload_len_ptr, u_int32_t *seqnr_p) | |||
632 | || type == SSH_SMSG_FAILURE | 632 | || type == SSH_SMSG_FAILURE |
633 | || type == SSH_CMSG_EOF | 633 | || type == SSH_CMSG_EOF |
634 | || type == SSH_CMSG_EXIT_CONFIRMATION)) | 634 | || type == SSH_CMSG_EXIT_CONFIRMATION)) |
635 | packet_done(); | 635 | packet_check_eom(); |
636 | /* If we got a packet, return it. */ | 636 | /* If we got a packet, return it. */ |
637 | if (type != SSH_MSG_NONE) { | 637 | if (type != SSH_MSG_NONE) { |
638 | xfree(setp); | 638 | xfree(setp); |
@@ -11,7 +11,7 @@ | |||
11 | * called by a name other than "ssh" or "Secure Shell". | 11 | * called by a name other than "ssh" or "Secure Shell". |
12 | */ | 12 | */ |
13 | 13 | ||
14 | /* RCSID("$OpenBSD: packet.h,v 1.29 2001/12/27 20:39:58 markus Exp $"); */ | 14 | /* RCSID("$OpenBSD: packet.h,v 1.30 2001/12/28 12:14:27 markus Exp $"); */ |
15 | 15 | ||
16 | #ifndef PACKET_H | 16 | #ifndef PACKET_H |
17 | #define PACKET_H | 17 | #define PACKET_H |
@@ -74,7 +74,8 @@ extern int max_packet_size; | |||
74 | int packet_set_maxsize(int); | 74 | int packet_set_maxsize(int); |
75 | #define packet_get_maxsize() max_packet_size | 75 | #define packet_get_maxsize() max_packet_size |
76 | 76 | ||
77 | #define packet_done() \ | 77 | /* don't allow remaining bytes after the end of the message */ |
78 | #define packet_check_eom() \ | ||
78 | do { \ | 79 | do { \ |
79 | int _len = packet_remaining(); \ | 80 | int _len = packet_remaining(); \ |
80 | if (_len > 0) { \ | 81 | if (_len > 0) { \ |
diff --git a/serverloop.c b/serverloop.c index 39aa1560e..aa74bf9a2 100644 --- a/serverloop.c +++ b/serverloop.c | |||
@@ -35,7 +35,7 @@ | |||
35 | */ | 35 | */ |
36 | 36 | ||
37 | #include "includes.h" | 37 | #include "includes.h" |
38 | RCSID("$OpenBSD: serverloop.c,v 1.90 2001/12/27 20:39:58 markus Exp $"); | 38 | RCSID("$OpenBSD: serverloop.c,v 1.91 2001/12/28 12:14:27 markus Exp $"); |
39 | 39 | ||
40 | #include "xmalloc.h" | 40 | #include "xmalloc.h" |
41 | #include "packet.h" | 41 | #include "packet.h" |
@@ -806,7 +806,7 @@ server_input_stdin_data(int type, int plen, u_int32_t seq, void *ctxt) | |||
806 | if (fdin == -1) | 806 | if (fdin == -1) |
807 | return; | 807 | return; |
808 | data = packet_get_string(&data_len); | 808 | data = packet_get_string(&data_len); |
809 | packet_done(); | 809 | packet_check_eom(); |
810 | buffer_append(&stdin_buffer, data, data_len); | 810 | buffer_append(&stdin_buffer, data, data_len); |
811 | memset(data, 0, data_len); | 811 | memset(data, 0, data_len); |
812 | xfree(data); | 812 | xfree(data); |
@@ -821,7 +821,7 @@ server_input_eof(int type, int plen, u_int32_t seq, void *ctxt) | |||
821 | * drained. | 821 | * drained. |
822 | */ | 822 | */ |
823 | debug("EOF received for stdin."); | 823 | debug("EOF received for stdin."); |
824 | packet_done(); | 824 | packet_check_eom(); |
825 | stdin_eof = 1; | 825 | stdin_eof = 1; |
826 | } | 826 | } |
827 | 827 | ||
@@ -834,7 +834,7 @@ server_input_window_size(int type, int plen, u_int32_t seq, void *ctxt) | |||
834 | int ypixel = packet_get_int(); | 834 | int ypixel = packet_get_int(); |
835 | 835 | ||
836 | debug("Window change received."); | 836 | debug("Window change received."); |
837 | packet_done(); | 837 | packet_check_eom(); |
838 | if (fdin != -1) | 838 | if (fdin != -1) |
839 | pty_change_window_size(fdin, row, col, xpixel, ypixel); | 839 | pty_change_window_size(fdin, row, col, xpixel, ypixel); |
840 | } | 840 | } |
@@ -851,7 +851,7 @@ server_request_direct_tcpip(char *ctype) | |||
851 | target_port = packet_get_int(); | 851 | target_port = packet_get_int(); |
852 | originator = packet_get_string(NULL); | 852 | originator = packet_get_string(NULL); |
853 | originator_port = packet_get_int(); | 853 | originator_port = packet_get_int(); |
854 | packet_done(); | 854 | packet_check_eom(); |
855 | 855 | ||
856 | debug("server_request_direct_tcpip: originator %s port %d, target %s port %d", | 856 | debug("server_request_direct_tcpip: originator %s port %d, target %s port %d", |
857 | originator, originator_port, target, target_port); | 857 | originator, originator_port, target, target_port); |
@@ -878,7 +878,7 @@ server_request_session(char *ctype) | |||
878 | Channel *c; | 878 | Channel *c; |
879 | 879 | ||
880 | debug("input_session_request"); | 880 | debug("input_session_request"); |
881 | packet_done(); | 881 | packet_check_eom(); |
882 | /* | 882 | /* |
883 | * A server session has no fd to read or write until a | 883 | * A server session has no fd to read or write until a |
884 | * CHANNEL_REQUEST for a shell is made, so we set the type to | 884 | * CHANNEL_REQUEST for a shell is made, so we set the type to |
@@ -33,7 +33,7 @@ | |||
33 | */ | 33 | */ |
34 | 34 | ||
35 | #include "includes.h" | 35 | #include "includes.h" |
36 | RCSID("$OpenBSD: session.c,v 1.115 2001/12/27 20:39:58 markus Exp $"); | 36 | RCSID("$OpenBSD: session.c,v 1.116 2001/12/28 12:14:27 markus Exp $"); |
37 | 37 | ||
38 | #include "ssh.h" | 38 | #include "ssh.h" |
39 | #include "ssh1.h" | 39 | #include "ssh1.h" |
@@ -255,7 +255,7 @@ do_authenticated1(Authctxt *authctxt) | |||
255 | switch (type) { | 255 | switch (type) { |
256 | case SSH_CMSG_REQUEST_COMPRESSION: | 256 | case SSH_CMSG_REQUEST_COMPRESSION: |
257 | compression_level = packet_get_int(); | 257 | compression_level = packet_get_int(); |
258 | packet_done(); | 258 | packet_check_eom(); |
259 | if (compression_level < 1 || compression_level > 9) { | 259 | if (compression_level < 1 || compression_level > 9) { |
260 | packet_send_debug("Received illegal compression level %d.", | 260 | packet_send_debug("Received illegal compression level %d.", |
261 | compression_level); | 261 | compression_level); |
@@ -286,7 +286,7 @@ do_authenticated1(Authctxt *authctxt) | |||
286 | } else { | 286 | } else { |
287 | s->screen = 0; | 287 | s->screen = 0; |
288 | } | 288 | } |
289 | packet_done(); | 289 | packet_check_eom(); |
290 | success = session_setup_x11fwd(s); | 290 | success = session_setup_x11fwd(s); |
291 | if (!success) { | 291 | if (!success) { |
292 | xfree(s->auth_proto); | 292 | xfree(s->auth_proto); |
@@ -330,7 +330,7 @@ do_authenticated1(Authctxt *authctxt) | |||
330 | verbose("Kerberos TGT passing disabled."); | 330 | verbose("Kerberos TGT passing disabled."); |
331 | } else { | 331 | } else { |
332 | char *kdata = packet_get_string(&dlen); | 332 | char *kdata = packet_get_string(&dlen); |
333 | packet_done(); | 333 | packet_check_eom(); |
334 | 334 | ||
335 | /* XXX - 0x41, see creds_to_radix version */ | 335 | /* XXX - 0x41, see creds_to_radix version */ |
336 | if (kdata[0] != 0x41) { | 336 | if (kdata[0] != 0x41) { |
@@ -364,7 +364,7 @@ do_authenticated1(Authctxt *authctxt) | |||
364 | } else { | 364 | } else { |
365 | /* Accept AFS token. */ | 365 | /* Accept AFS token. */ |
366 | char *token = packet_get_string(&dlen); | 366 | char *token = packet_get_string(&dlen); |
367 | packet_done(); | 367 | packet_check_eom(); |
368 | 368 | ||
369 | if (auth_afs_token(s->authctxt, token)) | 369 | if (auth_afs_token(s->authctxt, token)) |
370 | success = 1; | 370 | success = 1; |
@@ -386,7 +386,7 @@ do_authenticated1(Authctxt *authctxt) | |||
386 | } else { | 386 | } else { |
387 | do_exec(s, NULL); | 387 | do_exec(s, NULL); |
388 | } | 388 | } |
389 | packet_done(); | 389 | packet_check_eom(); |
390 | session_close(s); | 390 | session_close(s); |
391 | return; | 391 | return; |
392 | 392 | ||
@@ -1575,7 +1575,7 @@ session_window_change_req(Session *s) | |||
1575 | s->row = packet_get_int(); | 1575 | s->row = packet_get_int(); |
1576 | s->xpixel = packet_get_int(); | 1576 | s->xpixel = packet_get_int(); |
1577 | s->ypixel = packet_get_int(); | 1577 | s->ypixel = packet_get_int(); |
1578 | packet_done(); | 1578 | packet_check_eom(); |
1579 | pty_change_window_size(s->ptyfd, s->row, s->col, s->xpixel, s->ypixel); | 1579 | pty_change_window_size(s->ptyfd, s->row, s->col, s->xpixel, s->ypixel); |
1580 | return 1; | 1580 | return 1; |
1581 | } | 1581 | } |
@@ -1640,7 +1640,7 @@ session_pty_req(Session *s) | |||
1640 | /* Set window size from the packet. */ | 1640 | /* Set window size from the packet. */ |
1641 | pty_change_window_size(s->ptyfd, s->row, s->col, s->xpixel, s->ypixel); | 1641 | pty_change_window_size(s->ptyfd, s->row, s->col, s->xpixel, s->ypixel); |
1642 | 1642 | ||
1643 | packet_done(); | 1643 | packet_check_eom(); |
1644 | session_proctitle(s); | 1644 | session_proctitle(s); |
1645 | return 1; | 1645 | return 1; |
1646 | } | 1646 | } |
@@ -1654,7 +1654,7 @@ session_subsystem_req(Session *s) | |||
1654 | char *cmd, *subsys = packet_get_string(&len); | 1654 | char *cmd, *subsys = packet_get_string(&len); |
1655 | int i; | 1655 | int i; |
1656 | 1656 | ||
1657 | packet_done(); | 1657 | packet_check_eom(); |
1658 | log("subsystem request for %s", subsys); | 1658 | log("subsystem request for %s", subsys); |
1659 | 1659 | ||
1660 | for (i = 0; i < options.num_subsystems; i++) { | 1660 | for (i = 0; i < options.num_subsystems; i++) { |
@@ -1689,7 +1689,7 @@ session_x11_req(Session *s) | |||
1689 | s->auth_proto = packet_get_string(NULL); | 1689 | s->auth_proto = packet_get_string(NULL); |
1690 | s->auth_data = packet_get_string(NULL); | 1690 | s->auth_data = packet_get_string(NULL); |
1691 | s->screen = packet_get_int(); | 1691 | s->screen = packet_get_int(); |
1692 | packet_done(); | 1692 | packet_check_eom(); |
1693 | 1693 | ||
1694 | success = session_setup_x11fwd(s); | 1694 | success = session_setup_x11fwd(s); |
1695 | if (!success) { | 1695 | if (!success) { |
@@ -1704,7 +1704,7 @@ session_x11_req(Session *s) | |||
1704 | static int | 1704 | static int |
1705 | session_shell_req(Session *s) | 1705 | session_shell_req(Session *s) |
1706 | { | 1706 | { |
1707 | packet_done(); | 1707 | packet_check_eom(); |
1708 | do_exec(s, NULL); | 1708 | do_exec(s, NULL); |
1709 | return 1; | 1709 | return 1; |
1710 | } | 1710 | } |
@@ -1714,7 +1714,7 @@ session_exec_req(Session *s) | |||
1714 | { | 1714 | { |
1715 | u_int len; | 1715 | u_int len; |
1716 | char *command = packet_get_string(&len); | 1716 | char *command = packet_get_string(&len); |
1717 | packet_done(); | 1717 | packet_check_eom(); |
1718 | do_exec(s, command); | 1718 | do_exec(s, command); |
1719 | xfree(command); | 1719 | xfree(command); |
1720 | return 1; | 1720 | return 1; |
@@ -1724,7 +1724,7 @@ static int | |||
1724 | session_auth_agent_req(Session *s) | 1724 | session_auth_agent_req(Session *s) |
1725 | { | 1725 | { |
1726 | static int called = 0; | 1726 | static int called = 0; |
1727 | packet_done(); | 1727 | packet_check_eom(); |
1728 | if (no_agent_forwarding_flag) { | 1728 | if (no_agent_forwarding_flag) { |
1729 | debug("session_auth_agent_req: no_agent_forwarding_flag"); | 1729 | debug("session_auth_agent_req: no_agent_forwarding_flag"); |
1730 | return 0; | 1730 | return 0; |
@@ -39,7 +39,7 @@ | |||
39 | */ | 39 | */ |
40 | 40 | ||
41 | #include "includes.h" | 41 | #include "includes.h" |
42 | RCSID("$OpenBSD: ssh.c,v 1.154 2001/12/27 20:39:58 markus Exp $"); | 42 | RCSID("$OpenBSD: ssh.c,v 1.155 2001/12/28 12:14:27 markus Exp $"); |
43 | 43 | ||
44 | #include <openssl/evp.h> | 44 | #include <openssl/evp.h> |
45 | #include <openssl/err.h> | 45 | #include <openssl/err.h> |
@@ -976,7 +976,7 @@ ssh_session(void) | |||
976 | 976 | ||
977 | /* Read response from the server. */ | 977 | /* Read response from the server. */ |
978 | type = packet_read(&plen); | 978 | type = packet_read(&plen); |
979 | packet_done(); | 979 | packet_check_eom(); |
980 | if (type != SSH_SMSG_SUCCESS) | 980 | if (type != SSH_SMSG_SUCCESS) |
981 | log("Warning: Remote host denied authentication agent forwarding."); | 981 | log("Warning: Remote host denied authentication agent forwarding."); |
982 | } | 982 | } |
@@ -1023,7 +1023,7 @@ client_subsystem_reply(int type, int plen, u_int32_t seq, void *ctxt) | |||
1023 | len = buffer_len(&command); | 1023 | len = buffer_len(&command); |
1024 | if (len > 900) | 1024 | if (len > 900) |
1025 | len = 900; | 1025 | len = 900; |
1026 | packet_done(); | 1026 | packet_check_eom(); |
1027 | if (type == SSH2_MSG_CHANNEL_FAILURE) | 1027 | if (type == SSH2_MSG_CHANNEL_FAILURE) |
1028 | fatal("Request for subsystem '%.*s' failed on channel %d", | 1028 | fatal("Request for subsystem '%.*s' failed on channel %d", |
1029 | len, (u_char *)buffer_ptr(&command), id); | 1029 | len, (u_char *)buffer_ptr(&command), id); |
diff --git a/sshconnect1.c b/sshconnect1.c index 240bdffe2..a5fef1036 100644 --- a/sshconnect1.c +++ b/sshconnect1.c | |||
@@ -13,7 +13,7 @@ | |||
13 | */ | 13 | */ |
14 | 14 | ||
15 | #include "includes.h" | 15 | #include "includes.h" |
16 | RCSID("$OpenBSD: sshconnect1.c,v 1.44 2001/12/27 20:39:58 markus Exp $"); | 16 | RCSID("$OpenBSD: sshconnect1.c,v 1.45 2001/12/28 12:14:27 markus Exp $"); |
17 | 17 | ||
18 | #include <openssl/bn.h> | 18 | #include <openssl/bn.h> |
19 | #include <openssl/evp.h> | 19 | #include <openssl/evp.h> |
@@ -109,7 +109,7 @@ try_agent_authentication(void) | |||
109 | type); | 109 | type); |
110 | 110 | ||
111 | packet_get_bignum(challenge, &clen); | 111 | packet_get_bignum(challenge, &clen); |
112 | packet_done(); | 112 | packet_check_eom(); |
113 | 113 | ||
114 | debug("Received RSA challenge from server."); | 114 | debug("Received RSA challenge from server."); |
115 | 115 | ||
@@ -243,7 +243,7 @@ try_rsa_authentication(int idx) | |||
243 | if ((challenge = BN_new()) == NULL) | 243 | if ((challenge = BN_new()) == NULL) |
244 | fatal("try_rsa_authentication: BN_new failed"); | 244 | fatal("try_rsa_authentication: BN_new failed"); |
245 | packet_get_bignum(challenge, &clen); | 245 | packet_get_bignum(challenge, &clen); |
246 | packet_done(); | 246 | packet_check_eom(); |
247 | 247 | ||
248 | debug("Received RSA challenge from server."); | 248 | debug("Received RSA challenge from server."); |
249 | 249 | ||
@@ -357,7 +357,7 @@ try_rhosts_rsa_authentication(const char *local_user, Key * host_key) | |||
357 | if ((challenge = BN_new()) == NULL) | 357 | if ((challenge = BN_new()) == NULL) |
358 | fatal("try_rhosts_rsa_authentication: BN_new failed"); | 358 | fatal("try_rhosts_rsa_authentication: BN_new failed"); |
359 | packet_get_bignum(challenge, &clen); | 359 | packet_get_bignum(challenge, &clen); |
360 | packet_done(); | 360 | packet_check_eom(); |
361 | 361 | ||
362 | debug("Received RSA challenge for host key from server."); | 362 | debug("Received RSA challenge for host key from server."); |
363 | 363 | ||
@@ -464,7 +464,7 @@ try_krb4_authentication(void) | |||
464 | memcpy(auth.dat, reply, auth.length); | 464 | memcpy(auth.dat, reply, auth.length); |
465 | xfree(reply); | 465 | xfree(reply); |
466 | 466 | ||
467 | packet_done(); | 467 | packet_check_eom(); |
468 | 468 | ||
469 | /* | 469 | /* |
470 | * If his response isn't properly encrypted with the session | 470 | * If his response isn't properly encrypted with the session |
@@ -573,7 +573,7 @@ try_krb5_authentication(krb5_context *context, krb5_auth_context *auth_context) | |||
573 | 573 | ||
574 | /* Get server's response. */ | 574 | /* Get server's response. */ |
575 | ap.data = packet_get_string((unsigned int *) &ap.length); | 575 | ap.data = packet_get_string((unsigned int *) &ap.length); |
576 | packet_done(); | 576 | packet_check_eom(); |
577 | /* XXX je to dobre? */ | 577 | /* XXX je to dobre? */ |
578 | 578 | ||
579 | problem = krb5_rd_rep(*context, *auth_context, &ap, &reply); | 579 | problem = krb5_rd_rep(*context, *auth_context, &ap, &reply); |
@@ -838,7 +838,7 @@ try_challenge_response_authentication(void) | |||
838 | return 0; | 838 | return 0; |
839 | } | 839 | } |
840 | challenge = packet_get_string(&clen); | 840 | challenge = packet_get_string(&clen); |
841 | packet_done(); | 841 | packet_check_eom(); |
842 | snprintf(prompt, sizeof prompt, "%s%s", challenge, | 842 | snprintf(prompt, sizeof prompt, "%s%s", challenge, |
843 | strchr(challenge, '\n') ? "" : "\nResponse: "); | 843 | strchr(challenge, '\n') ? "" : "\nResponse: "); |
844 | xfree(challenge); | 844 | xfree(challenge); |
@@ -964,7 +964,7 @@ ssh_kex(char *host, struct sockaddr *hostaddr) | |||
964 | 964 | ||
965 | supported_ciphers = packet_get_int(); | 965 | supported_ciphers = packet_get_int(); |
966 | supported_authentications = packet_get_int(); | 966 | supported_authentications = packet_get_int(); |
967 | packet_done(); | 967 | packet_check_eom(); |
968 | 968 | ||
969 | debug("Received server public key (%d bits) and host key (%d bits).", | 969 | debug("Received server public key (%d bits) and host key (%d bits).", |
970 | BN_num_bits(server_key->rsa->n), BN_num_bits(host_key->rsa->n)); | 970 | BN_num_bits(server_key->rsa->n), BN_num_bits(host_key->rsa->n)); |
diff --git a/sshconnect2.c b/sshconnect2.c index d7143cd18..cf873b8dd 100644 --- a/sshconnect2.c +++ b/sshconnect2.c | |||
@@ -23,7 +23,7 @@ | |||
23 | */ | 23 | */ |
24 | 24 | ||
25 | #include "includes.h" | 25 | #include "includes.h" |
26 | RCSID("$OpenBSD: sshconnect2.c,v 1.89 2001/12/20 22:50:24 djm Exp $"); | 26 | RCSID("$OpenBSD: sshconnect2.c,v 1.90 2001/12/28 12:14:27 markus Exp $"); |
27 | 27 | ||
28 | #include <openssl/bn.h> | 28 | #include <openssl/bn.h> |
29 | #include <openssl/md5.h> | 29 | #include <openssl/md5.h> |
@@ -247,7 +247,7 @@ ssh_userauth2(const char *local_user, const char *server_user, char *host, | |||
247 | } else { | 247 | } else { |
248 | debug("buggy server: service_accept w/o service"); | 248 | debug("buggy server: service_accept w/o service"); |
249 | } | 249 | } |
250 | packet_done(); | 250 | packet_check_eom(); |
251 | debug("got SSH2_MSG_SERVICE_ACCEPT"); | 251 | debug("got SSH2_MSG_SERVICE_ACCEPT"); |
252 | 252 | ||
253 | if (options.preferred_authentications == NULL) | 253 | if (options.preferred_authentications == NULL) |
@@ -347,7 +347,7 @@ input_userauth_failure(int type, int plen, u_int32_t seq, void *ctxt) | |||
347 | 347 | ||
348 | authlist = packet_get_string(NULL); | 348 | authlist = packet_get_string(NULL); |
349 | partial = packet_get_char(); | 349 | partial = packet_get_char(); |
350 | packet_done(); | 350 | packet_check_eom(); |
351 | 351 | ||
352 | if (partial != 0) | 352 | if (partial != 0) |
353 | log("Authenticated with partial success."); | 353 | log("Authenticated with partial success."); |
@@ -379,7 +379,7 @@ input_userauth_pk_ok(int type, int plen, u_int32_t seq, void *ctxt) | |||
379 | pkalg = packet_get_string(&alen); | 379 | pkalg = packet_get_string(&alen); |
380 | pkblob = packet_get_string(&blen); | 380 | pkblob = packet_get_string(&blen); |
381 | } | 381 | } |
382 | packet_done(); | 382 | packet_check_eom(); |
383 | 383 | ||
384 | debug("input_userauth_pk_ok: pkalg %s blen %d lastkey %p hint %d", | 384 | debug("input_userauth_pk_ok: pkalg %s blen %d lastkey %p hint %d", |
385 | pkalg, blen, authctxt->last_key, authctxt->last_key_hint); | 385 | pkalg, blen, authctxt->last_key, authctxt->last_key_hint); |
@@ -815,7 +815,7 @@ input_userauth_info_req(int type, int plen, u_int32_t seq, void *ctxt) | |||
815 | xfree(response); | 815 | xfree(response); |
816 | xfree(prompt); | 816 | xfree(prompt); |
817 | } | 817 | } |
818 | packet_done(); /* done with parsing incoming message. */ | 818 | packet_check_eom(); /* done with parsing incoming message. */ |
819 | 819 | ||
820 | packet_add_padding(64); | 820 | packet_add_padding(64); |
821 | packet_send(); | 821 | packet_send(); |
@@ -40,7 +40,7 @@ | |||
40 | */ | 40 | */ |
41 | 41 | ||
42 | #include "includes.h" | 42 | #include "includes.h" |
43 | RCSID("$OpenBSD: sshd.c,v 1.219 2001/12/27 20:39:58 markus Exp $"); | 43 | RCSID("$OpenBSD: sshd.c,v 1.220 2001/12/28 12:14:27 markus Exp $"); |
44 | 44 | ||
45 | #include <openssl/dh.h> | 45 | #include <openssl/dh.h> |
46 | #include <openssl/bn.h> | 46 | #include <openssl/bn.h> |
@@ -1358,7 +1358,7 @@ do_ssh1_kex(void) | |||
1358 | 1358 | ||
1359 | protocol_flags = packet_get_int(); | 1359 | protocol_flags = packet_get_int(); |
1360 | packet_set_protocol_flags(protocol_flags); | 1360 | packet_set_protocol_flags(protocol_flags); |
1361 | packet_done(); | 1361 | packet_check_eom(); |
1362 | 1362 | ||
1363 | /* | 1363 | /* |
1364 | * Decrypt it using our private server key and private host key (key | 1364 | * Decrypt it using our private server key and private host key (key |
diff --git a/ttymodes.c b/ttymodes.c index ada3a1481..ccc001f20 100644 --- a/ttymodes.c +++ b/ttymodes.c | |||
@@ -43,7 +43,7 @@ | |||
43 | */ | 43 | */ |
44 | 44 | ||
45 | #include "includes.h" | 45 | #include "includes.h" |
46 | RCSID("$OpenBSD: ttymodes.c,v 1.15 2001/12/19 07:18:56 deraadt Exp $"); | 46 | RCSID("$OpenBSD: ttymodes.c,v 1.16 2001/12/27 20:39:58 markus Exp $"); |
47 | 47 | ||
48 | #include "packet.h" | 48 | #include "packet.h" |
49 | #include "log.h" | 49 | #include "log.h" |
@@ -422,7 +422,6 @@ tty_parse_modes(int fd, int *n_bytes_ptr) | |||
422 | * more coming after the mode data. | 422 | * more coming after the mode data. |
423 | */ | 423 | */ |
424 | log("parse_tty_modes: unknown opcode %d", opcode); | 424 | log("parse_tty_modes: unknown opcode %d", opcode); |
425 | packet_integrity_check(0, 1, SSH_CMSG_REQUEST_PTY); | ||
426 | goto set; | 425 | goto set; |
427 | } | 426 | } |
428 | } else { | 427 | } else { |