diff options
| -rw-r--r-- | ChangeLog | 6 | ||||
| -rw-r--r-- | kex.c | 12 | ||||
| -rw-r--r-- | kexgex.c | 4 | ||||
| -rw-r--r-- | serverloop.c | 17 |
4 files changed, 28 insertions, 11 deletions
| @@ -20,6 +20,10 @@ | |||
| 20 | - markus@cvs.openbsd.org 2001/04/04 20:32:56 | 20 | - markus@cvs.openbsd.org 2001/04/04 20:32:56 |
| 21 | [auth2.c] | 21 | [auth2.c] |
| 22 | we don't care about missing bannerfiles; from tsoome@ut.ee, ok deraadt@ | 22 | we don't care about missing bannerfiles; from tsoome@ut.ee, ok deraadt@ |
| 23 | - markus@cvs.openbsd.org 2001/04/04 22:04:35 | ||
| 24 | [kex.c kexgex.c serverloop.c] | ||
| 25 | parse full kexinit packet. | ||
| 26 | make server-side more robust, too. | ||
| 23 | 27 | ||
| 24 | 20010404 | 28 | 20010404 |
| 25 | - OpenBSD CVS Sync | 29 | - OpenBSD CVS Sync |
| @@ -4859,4 +4863,4 @@ | |||
| 4859 | - Wrote replacements for strlcpy and mkdtemp | 4863 | - Wrote replacements for strlcpy and mkdtemp |
| 4860 | - Released 1.0pre1 | 4864 | - Released 1.0pre1 |
| 4861 | 4865 | ||
| 4862 | $Id: ChangeLog,v 1.1059 2001/04/04 23:47:52 mouring Exp $ | 4866 | $Id: ChangeLog,v 1.1060 2001/04/04 23:50:21 mouring Exp $ |
| @@ -23,7 +23,7 @@ | |||
| 23 | */ | 23 | */ |
| 24 | 24 | ||
| 25 | #include "includes.h" | 25 | #include "includes.h" |
| 26 | RCSID("$OpenBSD: kex.c,v 1.30 2001/04/04 20:25:37 markus Exp $"); | 26 | RCSID("$OpenBSD: kex.c,v 1.31 2001/04/04 22:04:34 markus Exp $"); |
| 27 | 27 | ||
| 28 | #include <openssl/crypto.h> | 28 | #include <openssl/crypto.h> |
| 29 | 29 | ||
| @@ -166,6 +166,7 @@ kex_input_kexinit(int type, int plen, void *ctxt) | |||
| 166 | { | 166 | { |
| 167 | char *ptr; | 167 | char *ptr; |
| 168 | int dlen; | 168 | int dlen; |
| 169 | int i; | ||
| 169 | Kex *kex = (Kex *)ctxt; | 170 | Kex *kex = (Kex *)ctxt; |
| 170 | 171 | ||
| 171 | debug("SSH2_MSG_KEXINIT received"); | 172 | debug("SSH2_MSG_KEXINIT received"); |
| @@ -175,6 +176,15 @@ kex_input_kexinit(int type, int plen, void *ctxt) | |||
| 175 | ptr = packet_get_raw(&dlen); | 176 | ptr = packet_get_raw(&dlen); |
| 176 | buffer_append(&kex->peer, ptr, dlen); | 177 | buffer_append(&kex->peer, ptr, dlen); |
| 177 | 178 | ||
| 179 | /* discard packet */ | ||
| 180 | for (i = 0; i < KEX_COOKIE_LEN; i++) | ||
| 181 | packet_get_char(); | ||
| 182 | for (i = 0; i < PROPOSAL_MAX; i++) | ||
| 183 | xfree(packet_get_string(NULL)); | ||
| 184 | packet_get_char(); | ||
| 185 | packet_get_int(); | ||
| 186 | packet_done(); | ||
| 187 | |||
| 178 | kex_kexinit_finish(kex); | 188 | kex_kexinit_finish(kex); |
| 179 | } | 189 | } |
| 180 | 190 | ||
| @@ -24,7 +24,7 @@ | |||
| 24 | */ | 24 | */ |
| 25 | 25 | ||
| 26 | #include "includes.h" | 26 | #include "includes.h" |
| 27 | RCSID("$OpenBSD: kexgex.c,v 1.3 2001/04/04 09:48:34 markus Exp $"); | 27 | RCSID("$OpenBSD: kexgex.c,v 1.4 2001/04/04 22:04:35 markus Exp $"); |
| 28 | 28 | ||
| 29 | #include <openssl/bn.h> | 29 | #include <openssl/bn.h> |
| 30 | 30 | ||
| @@ -286,7 +286,7 @@ kexgex_server(Kex *kex) | |||
| 286 | /* unused for old GEX */ | 286 | /* unused for old GEX */ |
| 287 | break; | 287 | break; |
| 288 | default: | 288 | default: |
| 289 | fatal("protocol error during kex, no DH_GEX_REQUEST"); | 289 | fatal("protocol error during kex, no DH_GEX_REQUEST: %d", type); |
| 290 | } | 290 | } |
| 291 | packet_done(); | 291 | packet_done(); |
| 292 | 292 | ||
diff --git a/serverloop.c b/serverloop.c index ab7472b77..4f6c82694 100644 --- a/serverloop.c +++ b/serverloop.c | |||
| @@ -35,7 +35,7 @@ | |||
| 35 | */ | 35 | */ |
| 36 | 36 | ||
| 37 | #include "includes.h" | 37 | #include "includes.h" |
| 38 | RCSID("$OpenBSD: serverloop.c,v 1.57 2001/04/04 20:25:37 markus Exp $"); | 38 | RCSID("$OpenBSD: serverloop.c,v 1.58 2001/04/04 22:04:35 markus Exp $"); |
| 39 | 39 | ||
| 40 | #include "xmalloc.h" | 40 | #include "xmalloc.h" |
| 41 | #include "packet.h" | 41 | #include "packet.h" |
| @@ -650,9 +650,7 @@ void | |||
| 650 | server_loop2(void) | 650 | server_loop2(void) |
| 651 | { | 651 | { |
| 652 | fd_set *readset = NULL, *writeset = NULL; | 652 | fd_set *readset = NULL, *writeset = NULL; |
| 653 | int max_fd; | 653 | int had_channel = 0, rekeying = 0, max_fd, status; |
| 654 | int had_channel = 0; | ||
| 655 | int status; | ||
| 656 | pid_t pid; | 654 | pid_t pid; |
| 657 | 655 | ||
| 658 | debug("Entering interactive session for SSH2."); | 656 | debug("Entering interactive session for SSH2."); |
| @@ -668,21 +666,26 @@ server_loop2(void) | |||
| 668 | 666 | ||
| 669 | for (;;) { | 667 | for (;;) { |
| 670 | process_buffered_input_packets(); | 668 | process_buffered_input_packets(); |
| 669 | |||
| 670 | rekeying = (xxx_kex != NULL && !xxx_kex->done); | ||
| 671 | |||
| 671 | if (!had_channel && channel_still_open()) | 672 | if (!had_channel && channel_still_open()) |
| 672 | had_channel = 1; | 673 | had_channel = 1; |
| 673 | if (had_channel && !channel_still_open()) { | 674 | if (had_channel && !channel_still_open()) { |
| 674 | debug("!channel_still_open."); | 675 | debug("!channel_still_open."); |
| 675 | break; | 676 | break; |
| 676 | } | 677 | } |
| 677 | if (packet_not_very_much_data_to_write()) | 678 | if (!rekeying && packet_not_very_much_data_to_write()) |
| 678 | channel_output_poll(); | 679 | channel_output_poll(); |
| 679 | wait_until_can_do_something(&readset, &writeset, &max_fd, 0); | 680 | wait_until_can_do_something(&readset, &writeset, &max_fd, |
| 681 | rekeying); | ||
| 680 | if (child_terminated) { | 682 | if (child_terminated) { |
| 681 | while ((pid = waitpid(-1, &status, WNOHANG)) > 0) | 683 | while ((pid = waitpid(-1, &status, WNOHANG)) > 0) |
| 682 | session_close_by_pid(pid, status); | 684 | session_close_by_pid(pid, status); |
| 683 | child_terminated = 0; | 685 | child_terminated = 0; |
| 684 | } | 686 | } |
| 685 | channel_after_select(readset, writeset); | 687 | if (!rekeying) |
| 688 | channel_after_select(readset, writeset); | ||
| 686 | process_input(readset); | 689 | process_input(readset); |
| 687 | process_output(writeset); | 690 | process_output(writeset); |
| 688 | } | 691 | } |