1 files changed, 419 insertions, 440 deletions
diff --git a/packet.c b/packet.c
index 74bb38230..0e60dd5ec 100644
--- a/packet.c
+++ b/packet.c
@@ -1,21 +1,21 @@
 /*
+ * 
-packet.c
+ * packet.c
+ * 
-Author: Tatu Ylonen <ylo@cs.hut.fi>
+ * Author: Tatu Ylonen <ylo@cs.hut.fi>
+ * 
-Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
+ * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
-                   All rights reserved
+ *                    All rights reserved
+ * 
-Created: Sat Mar 18 02:40:40 1995 ylo
+ * Created: Sat Mar 18 02:40:40 1995 ylo
+ * 
-This file contains code implementing the packet protocol and communication
+ * This file contains code implementing the packet protocol and communication
-with the other side.  This same code is used both on client and server side.
+ * with the other side.  This same code is used both on client and server side.
+ * 
-*/
+ */
 #include "includes.h"
-RCSID("$Id: packet.c,v 1.4 1999/11/21 02:23:53 damien Exp $");
+RCSID("$Id: packet.c,v 1.5 1999/11/24 13:26:22 damien Exp $");
 #include "xmalloc.h"
 #include "buffer.h"
@@ -45,7 +45,8 @@ static unsigned int remote_protocol_flags = 0;
 /* Encryption context for receiving data.  This is only used for decryption. */
 static CipherContext receive_context;
-/* Encryption coontext for sending data.  This is only used for encryption. */
+/* Encryption context for sending data.  This is only used for encryption. */
 static CipherContext send_context;
 /* Buffer for raw input data from the socket. */
@@ -81,22 +82,20 @@ static int interactive_mode = 0;
 void
 packet_set_connection(int fd_in, int fd_out)
 {
-  connection_in = fd_in;
+        connection_in = fd_in;
-  connection_out = fd_out;
+        connection_out = fd_out;
-  cipher_type = SSH_CIPHER_NONE;
+        cipher_type = SSH_CIPHER_NONE;
-  cipher_set_key(&send_context, SSH_CIPHER_NONE, (unsigned char *)"", 0, 1);
+        cipher_set_key(&send_context, SSH_CIPHER_NONE, (unsigned char *) "", 0, 1);
-  cipher_set_key(&receive_context, SSH_CIPHER_NONE, (unsigned char *)"", 0, 0);
+        cipher_set_key(&receive_context, SSH_CIPHER_NONE, (unsigned char *) "", 0, 0);
-  if (!initialized)
+        if (!initialized) {
-    {
+                initialized = 1;
-      initialized = 1;
+                buffer_init(&input);
-      buffer_init(&input);
+                buffer_init(&output);
-      buffer_init(&output);
+                buffer_init(&outgoing_packet);
-      buffer_init(&outgoing_packet);
+                buffer_init(&incoming_packet);
-      buffer_init(&incoming_packet);
+        }
-    }
+        /* Kludge: arrange the close function to be called from fatal(). */
+        fatal_add_cleanup((void (*) (void *)) packet_close, NULL);
-  /* Kludge: arrange the close function to be called from fatal(). */
-  fatal_add_cleanup((void (*)(void *))packet_close, NULL);
 }
 /* Sets the connection into non-blocking mode. */
@@ -104,15 +103,14 @@ packet_set_connection(int fd_in, int fd_out)
 void
 packet_set_nonblocking()
 {
-  /* Set the socket into non-blocking mode. */
+        /* Set the socket into non-blocking mode. */
-  if (fcntl(connection_in, F_SETFL, O_NONBLOCK) < 0)
+        if (fcntl(connection_in, F_SETFL, O_NONBLOCK) < 0)
-    error("fcntl O_NONBLOCK: %.100s", strerror(errno));
+                error("fcntl O_NONBLOCK: %.100s", strerror(errno));
-  if (connection_out != connection_in)
+        if (connection_out != connection_in) {
-    {
+                if (fcntl(connection_out, F_SETFL, O_NONBLOCK) < 0)
-      if (fcntl(connection_out, F_SETFL, O_NONBLOCK) < 0)
+                        error("fcntl O_NONBLOCK: %.100s", strerror(errno));
-        error("fcntl O_NONBLOCK: %.100s", strerror(errno));
+        }
-    }
 }
 /* Returns the socket used for reading. */
@@ -120,7 +118,7 @@ packet_set_nonblocking()
 int
 packet_get_connection_in()
 {
-  return connection_in;
+        return connection_in;
 }
 /* Returns the descriptor used for writing. */
@@ -128,7 +126,7 @@ packet_get_connection_in()
 int
 packet_get_connection_out()
 {
-  return connection_out;
+        return connection_out;
 }
 /* Closes the connection and clears and frees internal data structures. */
@@ -136,28 +134,24 @@ packet_get_connection_out()
 void
 packet_close()
 {
-  if (!initialized)
+        if (!initialized)
-    return;
+                return;
-  initialized = 0;
+        initialized = 0;
-  if (connection_in == connection_out)
+        if (connection_in == connection_out) {
-    {
+                shutdown(connection_out, SHUT_RDWR);
-      shutdown(connection_out, SHUT_RDWR);
+                close(connection_out);
-      close(connection_out);
+        } else {
-    }
+                close(connection_in);
-  else
+                close(connection_out);
-    {
+        }
-      close(connection_in);
+        buffer_free(&input);
-      close(connection_out);
+        buffer_free(&output);
-    }
+        buffer_free(&outgoing_packet);
-  buffer_free(&input);
+        buffer_free(&incoming_packet);
-  buffer_free(&output);
+        if (packet_compression) {
-  buffer_free(&outgoing_packet);
+                buffer_free(&compression_buffer);
-  buffer_free(&incoming_packet);
+                buffer_compress_uninit();
-  if (packet_compression)
+        }
-    {
-      buffer_free(&compression_buffer);
-      buffer_compress_uninit();
-    }
 }
 /* Sets remote side protocol flags. */
@@ -165,8 +159,8 @@ packet_close()
 void
 packet_set_protocol_flags(unsigned int protocol_flags)
 {
-  remote_protocol_flags = protocol_flags;
+        remote_protocol_flags = protocol_flags;
-  channel_set_options((protocol_flags & SSH_PROTOFLAG_HOST_IN_FWD_OPEN) != 0);
+        channel_set_options((protocol_flags & SSH_PROTOFLAG_HOST_IN_FWD_OPEN) != 0);
 }
 /* Returns the remote protocol flags set earlier by the above function. */
@@ -174,63 +168,60 @@ packet_set_protocol_flags(unsigned int protocol_flags)
 unsigned int
 packet_get_protocol_flags()
 {
-  return remote_protocol_flags;
+        return remote_protocol_flags;
 }
-/* Starts packet compression from the next packet on in both directions. 
+/* Starts packet compression from the next packet on in both directions.
   Level is compression level 1 (fastest) - 9 (slow, best) as in gzip. */
 void
 packet_start_compression(int level)
 {
-  if (packet_compression)
+        if (packet_compression)
-    fatal("Compression already enabled.");
+                fatal("Compression already enabled.");
-  packet_compression = 1;
+        packet_compression = 1;
-  buffer_init(&compression_buffer);
+        buffer_init(&compression_buffer);
-  buffer_compress_init(level);
+        buffer_compress_init(level);
 }
 /* Encrypts the given number of bytes, copying from src to dest.
   bytes is known to be a multiple of 8. */
 void
-packet_encrypt(CipherContext *cc, void *dest, void *src, 
+packet_encrypt(CipherContext * cc, void *dest, void *src,
               unsigned int bytes)
 {
-  cipher_encrypt(cc, dest, src, bytes);
+        cipher_encrypt(cc, dest, src, bytes);
 }
 /* Decrypts the given number of bytes, copying from src to dest.
   bytes is known to be a multiple of 8. */
 void
-packet_decrypt(CipherContext *cc, void *dest, void *src, 
+packet_decrypt(CipherContext * cc, void *dest, void *src,
               unsigned int bytes)
 {
-  int i;
+        int i;
-  
-  if ((bytes % 8) != 0)
+        if ((bytes % 8) != 0)
-    fatal("packet_decrypt: bad ciphertext length %d", bytes);
+                fatal("packet_decrypt: bad ciphertext length %d", bytes);
-  
-  /*
+        /* Cryptographic attack detector for ssh - Modifications for packet.c
-    Cryptographic attack detector for ssh - Modifications for packet.c 
+          (C)1998 CORE-SDI, Buenos Aires Argentina Ariel Futoransky(futo@core-sdi.com) */
-    (C)1998 CORE-SDI, Buenos Aires Argentina
-    Ariel Futoransky(futo@core-sdi.com)
+        switch (cc->type) {
-  */
+        case SSH_CIPHER_NONE:
-  switch (cc->type)
+                i = DEATTACK_OK;
-    {
+                break;
-    case SSH_CIPHER_NONE:
+        default:
-      i = DEATTACK_OK;
+                i = detect_attack(src, bytes, NULL);
-      break;
+                break;
-    default:
+        }
-      i = detect_attack(src, bytes, NULL);
-      break;
+        if (i == DEATTACK_DETECTED)
-    }
+                packet_disconnect("crc32 compensation attack: network attack detected");
-  
-  if (i == DEATTACK_DETECTED)
+        cipher_decrypt(cc, dest, src, bytes);
-    packet_disconnect("crc32 compensation attack: network attack detected");
-  
-  cipher_decrypt(cc, dest, src, bytes);
 }
 /* Causes any further packets to be encrypted using the given key.  The same
@@ -241,9 +232,9 @@ void
 packet_set_encryption_key(const unsigned char *key, unsigned int keylen,
                          int cipher)
 {
-  /* All other ciphers use the same key in both directions for now. */
+        /* All other ciphers use the same key in both directions for now. */
-  cipher_set_key(&receive_context, cipher, key, keylen, 0);
+        cipher_set_key(&receive_context, cipher, key, keylen, 0);
-  cipher_set_key(&send_context, cipher, key, keylen, 1);
+        cipher_set_key(&send_context, cipher, key, keylen, 1);
 }
 /* Starts constructing a packet to send. */
@@ -251,12 +242,12 @@ packet_set_encryption_key(const unsigned char *key, unsigned int keylen,
 void
 packet_start(int type)
 {
-  char buf[9];
+        char buf[9];
-  buffer_clear(&outgoing_packet);
+        buffer_clear(&outgoing_packet);
-  memset(buf, 0, 8);
+        memset(buf, 0, 8);
-  buf[8] = type;
+        buf[8] = type;
-  buffer_append(&outgoing_packet, buf, 9);
+        buffer_append(&outgoing_packet, buf, 9);
 }
 /* Appends a character to the packet data. */
@@ -264,8 +255,8 @@ packet_start(int type)
 void
 packet_put_char(int value)
 {
-  char ch = value;
+        char ch = value;
-  buffer_append(&outgoing_packet, &ch, 1);
+        buffer_append(&outgoing_packet, &ch, 1);
 }
 /* Appends an integer to the packet data. */
@@ -273,7 +264,7 @@ packet_put_char(int value)
 void
 packet_put_int(unsigned int value)
 {
-  buffer_put_int(&outgoing_packet, value);
+        buffer_put_int(&outgoing_packet, value);
 }
 /* Appends a string to packet data. */
@@ -281,84 +272,85 @@ packet_put_int(unsigned int value)
 void
 packet_put_string(const char *buf, unsigned int len)
 {
-  buffer_put_string(&outgoing_packet, buf, len);
+        buffer_put_string(&outgoing_packet, buf, len);
 }
 /* Appends an arbitrary precision integer to packet data. */
 void
-packet_put_bignum(BIGNUM *value)
+packet_put_bignum(BIGNUM * value)
 {
-  buffer_put_bignum(&outgoing_packet, value);
+        buffer_put_bignum(&outgoing_packet, value);
 }
 /* Finalizes and sends the packet.  If the encryption key has been set,
   encrypts the packet before sending. */
-  
 void
 packet_send()
 {
-  char buf[8], *cp;
+        char buf[8], *cp;
-  int i, padding, len;
+        int i, padding, len;
-  unsigned int checksum;
+        unsigned int checksum;
-  u_int32_t rand = 0;
+        u_int32_t rand = 0;
-  /* If using packet compression, compress the payload of the outgoing
+        /* If using packet compression, compress the payload of the
-     packet. */
+           outgoing packet. */
-  if (packet_compression)
+        if (packet_compression) {
-    {
+                buffer_clear(&compression_buffer);
-      buffer_clear(&compression_buffer);
+                /* Skip padding. */
-      buffer_consume(&outgoing_packet, 8); /* Skip padding. */
+                buffer_consume(&outgoing_packet, 8);
-      buffer_append(&compression_buffer, "\0\0\0\0\0\0\0\0", 8); /* padding */
+                /* padding */
-      buffer_compress(&outgoing_packet, &compression_buffer);
+                buffer_append(&compression_buffer, "\0\0\0\0\0\0\0\0", 8);
-      buffer_clear(&outgoing_packet);
+                buffer_compress(&outgoing_packet, &compression_buffer);
-      buffer_append(&outgoing_packet, buffer_ptr(&compression_buffer),
+                buffer_clear(&outgoing_packet);
-                    buffer_len(&compression_buffer));
+                buffer_append(&outgoing_packet, buffer_ptr(&compression_buffer),
-    }
+                              buffer_len(&compression_buffer));
+        }
-  /* Compute packet length without padding (add checksum, remove padding). */
+        /* Compute packet length without padding (add checksum, remove padding). */
-  len = buffer_len(&outgoing_packet) + 4 - 8;
+        len = buffer_len(&outgoing_packet) + 4 - 8;
-  
-  /* Insert padding. */
+        /* Insert padding. */
-  padding = 8 - len % 8;
+        padding = 8 - len % 8;
-  if (cipher_type != SSH_CIPHER_NONE)
+        if (cipher_type != SSH_CIPHER_NONE) {
-    {
+                cp = buffer_ptr(&outgoing_packet);
-      cp = buffer_ptr(&outgoing_packet);
+                for (i = 0; i < padding; i++) {
-      for (i = 0; i < padding; i++) {
+                        if (i % 4 == 0)
-        if (i % 4 == 0)
+                                rand = arc4random();
-          rand = arc4random();
+                        cp[7 - i] = rand & 0xff;
-        cp[7 - i] = rand & 0xff;
+                        rand >>= 8;
-        rand >>= 8;
+                }
-      }
+        }
-    }
+        buffer_consume(&outgoing_packet, 8 - padding);
-  buffer_consume(&outgoing_packet, 8 - padding);
-  
+        /* Add check bytes. */
-  /* Add check bytes. */
+        checksum = crc32((unsigned char *) buffer_ptr(&outgoing_packet),
-  checksum = crc32((unsigned char *)buffer_ptr(&outgoing_packet),
+                         buffer_len(&outgoing_packet));
-                   buffer_len(&outgoing_packet));
+        PUT_32BIT(buf, checksum);
-  PUT_32BIT(buf, checksum);
+        buffer_append(&outgoing_packet, buf, 4);
-  buffer_append(&outgoing_packet, buf, 4);
 #ifdef PACKET_DEBUG
-  fprintf(stderr, "packet_send plain: ");
+        fprintf(stderr, "packet_send plain: ");
-  buffer_dump(&outgoing_packet);
+        buffer_dump(&outgoing_packet);
 #endif
-  /* Append to output. */
+        /* Append to output. */
-  PUT_32BIT(buf, len);
+        PUT_32BIT(buf, len);
-  buffer_append(&output, buf, 4);
+        buffer_append(&output, buf, 4);
-  buffer_append_space(&output, &cp, buffer_len(&outgoing_packet));
+        buffer_append_space(&output, &cp, buffer_len(&outgoing_packet));
-  packet_encrypt(&send_context, cp, buffer_ptr(&outgoing_packet),
+        packet_encrypt(&send_context, cp, buffer_ptr(&outgoing_packet),
-                 buffer_len(&outgoing_packet));
+                       buffer_len(&outgoing_packet));
-  
 #ifdef PACKET_DEBUG
-  fprintf(stderr, "encrypted: "); buffer_dump(&output);
+        fprintf(stderr, "encrypted: ");
+        buffer_dump(&output);
 #endif
-  buffer_clear(&outgoing_packet);
+        buffer_clear(&outgoing_packet);
-  /* Note that the packet is now only buffered in output.  It won\'t be
+        /* Note that the packet is now only buffered in output.  It won\'t
-     actually sent until packet_write_wait or packet_write_poll is called. */
+           be actually sent until packet_write_wait or packet_write_poll
+           is called. */
 }
 /* Waits until a packet has been received, and returns its type.  Note that
@@ -368,42 +360,41 @@ packet_send()
 int
 packet_read(int *payload_len_ptr)
 {
-  int type, len;
+        int type, len;
-  fd_set set;
+        fd_set set;
-  char buf[8192];
+        char buf[8192];
-  /* Since we are blocking, ensure that all written packets have been sent. */
+        /* Since we are blocking, ensure that all written packets have been sent. */
-  packet_write_wait();
+        packet_write_wait();
-  /* Stay in the loop until we have received a complete packet. */
+        /* Stay in the loop until we have received a complete packet. */
-  for (;;)
+        for (;;) {
-    {
+                /* Try to read a packet from the buffer. */
-      /* Try to read a packet from the buffer. */
+                type = packet_read_poll(payload_len_ptr);
-      type = packet_read_poll(payload_len_ptr);
+                if (type == SSH_SMSG_SUCCESS
-      if (type == SSH_SMSG_SUCCESS
+                    || type == SSH_SMSG_FAILURE
-          || type == SSH_SMSG_FAILURE
+                    || type == SSH_CMSG_EOF
-          || type == SSH_CMSG_EOF
+                    || type == SSH_CMSG_EXIT_CONFIRMATION)
-          || type == SSH_CMSG_EXIT_CONFIRMATION)
+                        packet_integrity_check(*payload_len_ptr, 0, type);
-        packet_integrity_check(*payload_len_ptr, 0, type);
+                /* If we got a packet, return it. */
-      /* If we got a packet, return it. */
+                if (type != SSH_MSG_NONE)
-      if (type != SSH_MSG_NONE)
+                        return type;
-        return type;
+                /* Otherwise, wait for some data to arrive, add it to the
-      /* Otherwise, wait for some data to arrive, add it to the buffer,
+                   buffer, and try again. */
-         and try again. */
+                FD_ZERO(&set);
-      FD_ZERO(&set);
+                FD_SET(connection_in, &set);
-      FD_SET(connection_in, &set);
+                /* Wait for some data to arrive. */
-      /* Wait for some data to arrive. */
+                select(connection_in + 1, &set, NULL, NULL, NULL);
-      select(connection_in + 1, &set, NULL, NULL, NULL);
+                /* Read data from the socket. */
-      /* Read data from the socket. */
+                len = read(connection_in, buf, sizeof(buf));
-      len = read(connection_in, buf, sizeof(buf));
+                if (len == 0)
-      if (len == 0)
+                        fatal("Connection closed by %.200s", get_remote_ipaddr());
-        fatal("Connection closed by remote host.");
+                if (len < 0)
-      if (len < 0)
+                        fatal("Read from socket failed: %.100s", strerror(errno));
-        fatal("Read from socket failed: %.100s", strerror(errno));
+                /* Append it to the buffer. */
-      /* Append it to the buffer. */
+                packet_process_incoming(buf, len);
-      packet_process_incoming(buf, len);
+        }
-    }
+        /* NOTREACHED */
-  /*NOTREACHED*/
 }
 /* Waits until a packet has been received, verifies that its type matches
@@ -412,131 +403,126 @@ packet_read(int *payload_len_ptr)
 void
 packet_read_expect(int *payload_len_ptr, int expected_type)
 {
-  int type;
+        int type;
-  type = packet_read(payload_len_ptr);
+        type = packet_read(payload_len_ptr);
-  if (type != expected_type)
+        if (type != expected_type)
-    packet_disconnect("Protocol error: expected packet type %d, got %d",
+                packet_disconnect("Protocol error: expected packet type %d, got %d",
-                      expected_type, type);
+                                  expected_type, type);
 }
 /* Checks if a full packet is available in the data received so far via
-   packet_process_incoming.  If so, reads the packet; otherwise returns
+ * packet_process_incoming.  If so, reads the packet; otherwise returns
-   SSH_MSG_NONE.  This does not wait for data from the connection. 
+ * SSH_MSG_NONE.  This does not wait for data from the connection.
-   
+ *
-   SSH_MSG_DISCONNECT is handled specially here.  Also,
+ * SSH_MSG_DISCONNECT is handled specially here.  Also,
-   SSH_MSG_IGNORE messages are skipped by this function and are never returned
+ * SSH_MSG_IGNORE messages are skipped by this function and are never returned
-   to higher levels.
+ * to higher levels.
+ *
-   The returned payload_len does include space consumed by:
+ * The returned payload_len does include space consumed by:
-   Packet length
+ *      Packet length
-   Padding
+ *      Padding
-   Packet type
+ *      Packet type
-   Check bytes
+ *      Check bytes
+ */
-   
-   */
 int
 packet_read_poll(int *payload_len_ptr)
 {
-  unsigned int len, padded_len;
+        unsigned int len, padded_len;
-  unsigned char *ucp;
+        unsigned char *ucp;
-  char buf[8], *cp;
+        char buf[8], *cp;
-  unsigned int checksum, stored_checksum;
+        unsigned int checksum, stored_checksum;
-  
- restart:
+restart:
-  /* Check if input size is less than minimum packet size. */
+        /* Check if input size is less than minimum packet size. */
-  if (buffer_len(&input) < 4 + 8)
+        if (buffer_len(&input) < 4 + 8)
-    return SSH_MSG_NONE;
+                return SSH_MSG_NONE;
-  /* Get length of incoming packet. */
+        /* Get length of incoming packet. */
-  ucp = (unsigned char *)buffer_ptr(&input);
+        ucp = (unsigned char *) buffer_ptr(&input);
-  len = GET_32BIT(ucp);
+        len = GET_32BIT(ucp);
-  if (len < 1 + 2 + 2 || len > 256*1024)
+        if (len < 1 + 2 + 2 || len > 256 * 1024)
-    packet_disconnect("Bad packet length %d.", len);
+                packet_disconnect("Bad packet length %d.", len);
-  padded_len = (len + 8) & ~7;
+        padded_len = (len + 8) & ~7;
-  /* Check if the packet has been entirely received. */
+        /* Check if the packet has been entirely received. */
-  if (buffer_len(&input) < 4 + padded_len)
+        if (buffer_len(&input) < 4 + padded_len)
-    return SSH_MSG_NONE;
+                return SSH_MSG_NONE;
-  /* The entire packet is in buffer. */
+        /* The entire packet is in buffer. */
-  /* Consume packet length. */
+        /* Consume packet length. */
-  buffer_consume(&input, 4);
+        buffer_consume(&input, 4);
-  /* Copy data to incoming_packet. */
+        /* Copy data to incoming_packet. */
-  buffer_clear(&incoming_packet);
+        buffer_clear(&incoming_packet);
-  buffer_append_space(&incoming_packet, &cp, padded_len);
+        buffer_append_space(&incoming_packet, &cp, padded_len);
-  packet_decrypt(&receive_context, cp, buffer_ptr(&input), padded_len);
+        packet_decrypt(&receive_context, cp, buffer_ptr(&input), padded_len);
-  buffer_consume(&input, padded_len);
+        buffer_consume(&input, padded_len);
 #ifdef PACKET_DEBUG
-  fprintf(stderr, "read_poll plain: "); buffer_dump(&incoming_packet);
+        fprintf(stderr, "read_poll plain: ");
+        buffer_dump(&incoming_packet);
 #endif
-  
-  /* Compute packet checksum. */
+        /* Compute packet checksum. */
-  checksum = crc32((unsigned char *)buffer_ptr(&incoming_packet),
+        checksum = crc32((unsigned char *) buffer_ptr(&incoming_packet),
-                   buffer_len(&incoming_packet) - 4);
+                         buffer_len(&incoming_packet) - 4);
-  /* Skip padding. */
+        /* Skip padding. */
-  buffer_consume(&incoming_packet, 8 - len % 8);
+        buffer_consume(&incoming_packet, 8 - len % 8);
-  /* Test check bytes. */
+        /* Test check bytes. */
-  if (len != buffer_len(&incoming_packet))
+        if (len != buffer_len(&incoming_packet))
-    packet_disconnect("packet_read_poll: len %d != buffer_len %d.",
+                packet_disconnect("packet_read_poll: len %d != buffer_len %d.",
-                      len, buffer_len(&incoming_packet));
+                                  len, buffer_len(&incoming_packet));
-  ucp = (unsigned char *)buffer_ptr(&incoming_packet) + len - 4;
+        ucp = (unsigned char *) buffer_ptr(&incoming_packet) + len - 4;
-  stored_checksum = GET_32BIT(ucp);
+        stored_checksum = GET_32BIT(ucp);
-  if (checksum != stored_checksum)
+        if (checksum != stored_checksum)
-    packet_disconnect("Corrupted check bytes on input.");
+                packet_disconnect("Corrupted check bytes on input.");
-  buffer_consume_end(&incoming_packet, 4);
+        buffer_consume_end(&incoming_packet, 4);
-  /* If using packet compression, decompress the packet. */
+        /* If using packet compression, decompress the packet. */
-  if (packet_compression)
+        if (packet_compression) {
-    {
+                buffer_clear(&compression_buffer);
-      buffer_clear(&compression_buffer);
+                buffer_uncompress(&incoming_packet, &compression_buffer);
-      buffer_uncompress(&incoming_packet, &compression_buffer);
+                buffer_clear(&incoming_packet);
-      buffer_clear(&incoming_packet);
+                buffer_append(&incoming_packet, buffer_ptr(&compression_buffer),
-      buffer_append(&incoming_packet, buffer_ptr(&compression_buffer),
+                              buffer_len(&compression_buffer));
-                    buffer_len(&compression_buffer));
+        }
-    }
+        /* Get packet type. */
+        buffer_get(&incoming_packet, &buf[0], 1);
-  /* Get packet type. */
-  buffer_get(&incoming_packet, &buf[0], 1);
+        /* Return length of payload (without type field). */
+        *payload_len_ptr = buffer_len(&incoming_packet);
-  /* Return length of payload (without type field). */
-  *payload_len_ptr = buffer_len(&incoming_packet);
+        /* Handle disconnect message. */
+        if ((unsigned char) buf[0] == SSH_MSG_DISCONNECT)
-  /* Handle disconnect message. */
+                fatal("Received disconnect: %.900s", packet_get_string(NULL));
-  if ((unsigned char)buf[0] == SSH_MSG_DISCONNECT)
-    fatal("%.900s", packet_get_string(NULL));
+        /* Ignore ignore messages. */
+        if ((unsigned char) buf[0] == SSH_MSG_IGNORE)
-  /* Ignore ignore messages. */
+                goto restart;
-  if ((unsigned char)buf[0] == SSH_MSG_IGNORE)
-    goto restart;
+        /* Send debug messages as debugging output. */
+        if ((unsigned char) buf[0] == SSH_MSG_DEBUG) {
-  /* Send debug messages as debugging output. */
+                debug("Remote: %.900s", packet_get_string(NULL));
-  if ((unsigned char)buf[0] == SSH_MSG_DEBUG)
+                goto restart;
-    {
+        }
-      debug("Remote: %.900s", packet_get_string(NULL));
+        /* Return type. */
-      goto restart;
+        return (unsigned char) buf[0];
-    }
+}
-  /* Return type. */
-  return (unsigned char)buf[0];
-}
-  
 /* Buffers the given amount of input characters.  This is intended to be
   used together with packet_read_poll. */
 void
 packet_process_incoming(const char *buf, unsigned int len)
 {
-  buffer_append(&input, buf, len);
+        buffer_append(&input, buf, len);
 }
 /* Returns a character from the packet. */
@@ -544,9 +530,9 @@ packet_process_incoming(const char *buf, unsigned int len)
 unsigned int
 packet_get_char()
 {
-  char ch;
+        char ch;
-  buffer_get(&incoming_packet, &ch, 1);
+        buffer_get(&incoming_packet, &ch, 1);
-  return (unsigned char)ch;
+        return (unsigned char) ch;
 }
 /* Returns an integer from the packet data. */
@@ -554,16 +540,16 @@ packet_get_char()
 unsigned int
 packet_get_int()
 {
-  return buffer_get_int(&incoming_packet);
+        return buffer_get_int(&incoming_packet);
 }
 /* Returns an arbitrary precision integer from the packet data.  The integer
   must have been initialized before this call. */
 void
-packet_get_bignum(BIGNUM *value, int *length_ptr)
+packet_get_bignum(BIGNUM * value, int *length_ptr)
 {
-  *length_ptr = buffer_get_bignum(&incoming_packet, value);
+        *length_ptr = buffer_get_bignum(&incoming_packet, value);
 }
 /* Returns a string from the packet data.  The string is allocated using
@@ -572,9 +558,10 @@ packet_get_bignum(BIGNUM *value, int *length_ptr)
   integer into which the length of the string is stored. */
 char
-*packet_get_string(unsigned int *length_ptr)
+*
+packet_get_string(unsigned int *length_ptr)
 {
-  return buffer_get_string(&incoming_packet, length_ptr);
+        return buffer_get_string(&incoming_packet, length_ptr);
 }
 /* Sends a diagnostic message from the server to the client.  This message
@@ -586,19 +573,19 @@ char
   packet_write_wait. */
 void
-packet_send_debug(const char *fmt, ...)
+packet_send_debug(const char *fmt,...)
 {
-  char buf[1024];
+        char buf[1024];
-  va_list args;
+        va_list args;
-  
-  va_start(args, fmt);
+        va_start(args, fmt);
-  vsnprintf(buf, sizeof(buf), fmt, args);
+        vsnprintf(buf, sizeof(buf), fmt, args);
-  va_end(args);
+        va_end(args);
-  
-  packet_start(SSH_MSG_DEBUG);
+        packet_start(SSH_MSG_DEBUG);
-  packet_put_string(buf, strlen(buf));
+        packet_put_string(buf, strlen(buf));
-  packet_send();
+        packet_send();
-  packet_write_wait();
+        packet_write_wait();
 }
 /* Logs the error plus constructs and sends a disconnect
@@ -607,36 +594,35 @@ packet_send_debug(const char *fmt, ...)
   formatted message must not exceed 1024 bytes. */
 void
-packet_disconnect(const char *fmt, ...)
+packet_disconnect(const char *fmt,...)
-{
+{
-  char buf[1024];
+        char buf[1024];
-  va_list args;
+        va_list args;
-  static int disconnecting = 0;
+        static int disconnecting = 0;
-  if (disconnecting) /* Guard against recursive invocations. */
+        if (disconnecting)      /* Guard against recursive invocations. */
-    fatal("packet_disconnect called recursively.");
+                fatal("packet_disconnect called recursively.");
-  disconnecting = 1;
+        disconnecting = 1;
-  /* Format the message.  Note that the caller must make sure the message
+        /* Format the message.  Note that the caller must make sure the
-     is of limited size. */
+           message is of limited size. */
-  va_start(args, fmt);
+        va_start(args, fmt);
-  vsnprintf(buf, sizeof(buf), fmt, args);
+        vsnprintf(buf, sizeof(buf), fmt, args);
-  va_end(args);
+        va_end(args);
-  /* Send the disconnect message to the other side, and wait for it to get 
+        /* Send the disconnect message to the other side, and wait for it to get sent. */
-     sent. */
+        packet_start(SSH_MSG_DISCONNECT);
-  packet_start(SSH_MSG_DISCONNECT);
+        packet_put_string(buf, strlen(buf));
-  packet_put_string(buf, strlen(buf));
+        packet_send();
-  packet_send();
+        packet_write_wait();
-  packet_write_wait();
+        /* Stop listening for connections. */
-  /* Stop listening for connections. */
+        channel_stop_listening();
-  channel_stop_listening();
-  
+        /* Close the connection. */
-  /* Close the connection. */
+        packet_close();
-  packet_close();
+        /* Display the error locally and exit. */
-  /* Display the error locally and exit. */
+        fatal("Disconnecting: %.100s", buf);
-  fatal("Local: %.100s", buf);
 }
 /* Checks if there is any buffered output, and tries to write some of the
@@ -645,18 +631,17 @@ packet_disconnect(const char *fmt, ...)
 void
 packet_write_poll()
 {
-  int len = buffer_len(&output);
+        int len = buffer_len(&output);
-  if (len > 0)
+        if (len > 0) {
-    {
+                len = write(connection_out, buffer_ptr(&output), len);
-      len = write(connection_out, buffer_ptr(&output), len);
+                if (len <= 0) {
-      if (len <= 0) {
+                        if (errno == EAGAIN)
-        if (errno == EAGAIN)
+                                return;
-          return;
+                        else
-        else
+                                fatal("Write failed: %.100s", strerror(errno));
-          fatal("Write failed: %.100s", strerror(errno));
+                }
-      }
+                buffer_consume(&output, len);
-      buffer_consume(&output, len);
+        }
-    }
 }
 /* Calls packet_write_poll repeatedly until all pending output data has
@@ -665,15 +650,14 @@ packet_write_poll()
 void
 packet_write_wait()
 {
-  packet_write_poll();
+        packet_write_poll();
-  while (packet_have_data_to_write())
+        while (packet_have_data_to_write()) {
-    {
+                fd_set set;
-      fd_set set;
+                FD_ZERO(&set);
-      FD_ZERO(&set);
+                FD_SET(connection_out, &set);
-      FD_SET(connection_out, &set);
+                select(connection_out + 1, NULL, &set, NULL, NULL);
-      select(connection_out + 1, NULL, &set, NULL, NULL);
+                packet_write_poll();
-      packet_write_poll();
+        }
-    }
 }
 /* Returns true if there is buffered data to write to the connection. */
@@ -681,7 +665,7 @@ packet_write_wait()
 int
 packet_have_data_to_write()
 {
-  return buffer_len(&output) != 0;
+        return buffer_len(&output) != 0;
 }
 /* Returns true if there is not too much data to write to the connection. */
@@ -689,10 +673,10 @@ packet_have_data_to_write()
 int
 packet_not_very_much_data_to_write()
 {
-  if (interactive_mode)
+        if (interactive_mode)
-    return buffer_len(&output) < 16384;
+                return buffer_len(&output) < 16384;
-  else
+        else
-    return buffer_len(&output) < 128*1024;
+                return buffer_len(&output) < 128 * 1024;
 }
 /* Informs that the current session is interactive.  Sets IP flags for that. */
@@ -700,45 +684,40 @@ packet_not_very_much_data_to_write()
 void
 packet_set_interactive(int interactive, int keepalives)
 {
-  int on = 1;
+        int on = 1;
-  /* Record that we are in interactive mode. */
+        /* Record that we are in interactive mode. */
-  interactive_mode = interactive;
+        interactive_mode = interactive;
-  /* Only set socket options if using a socket (as indicated by the descriptors
+        /* Only set socket options if using a socket (as indicated by the
-     being the same). */
+           descriptors being the same). */
-  if (connection_in != connection_out)
+        if (connection_in != connection_out)
-    return;
+                return;
-  if (keepalives)
+        if (keepalives) {
-    {
+                /* Set keepalives if requested. */
-      /* Set keepalives if requested. */
+                if (setsockopt(connection_in, SOL_SOCKET, SO_KEEPALIVE, (void *) &on,
-      if (setsockopt(connection_in, SOL_SOCKET, SO_KEEPALIVE, (void *)&on, 
+                               sizeof(on)) < 0)
-                     sizeof(on)) < 0)
+                        error("setsockopt SO_KEEPALIVE: %.100s", strerror(errno));
-        error("setsockopt SO_KEEPALIVE: %.100s", strerror(errno));
+        }
-    }
+        if (interactive) {
+                /* Set IP options for an interactive connection.  Use
-  if (interactive)
+                   IPTOS_LOWDELAY and TCP_NODELAY. */
-    {
+                int lowdelay = IPTOS_LOWDELAY;
-      /* Set IP options for an interactive connection.  Use IPTOS_LOWDELAY
+                if (setsockopt(connection_in, IPPROTO_IP, IP_TOS, (void *) &lowdelay,
-         and TCP_NODELAY. */
+                               sizeof(lowdelay)) < 0)
-      int lowdelay = IPTOS_LOWDELAY;
+                        error("setsockopt IPTOS_LOWDELAY: %.100s", strerror(errno));
-      if (setsockopt(connection_in, IPPROTO_IP, IP_TOS, (void *)&lowdelay, 
+                if (setsockopt(connection_in, IPPROTO_TCP, TCP_NODELAY, (void *) &on,
-                     sizeof(lowdelay)) < 0)
+                               sizeof(on)) < 0)
-        error("setsockopt IPTOS_LOWDELAY: %.100s", strerror(errno));
+                        error("setsockopt TCP_NODELAY: %.100s", strerror(errno));
-      if (setsockopt(connection_in, IPPROTO_TCP, TCP_NODELAY, (void *)&on, 
+        } else {
-                     sizeof(on)) < 0)
+                /* Set IP options for a non-interactive connection.  Use
-        error("setsockopt TCP_NODELAY: %.100s", strerror(errno));
+                   IPTOS_THROUGHPUT. */
-    }
+                int throughput = IPTOS_THROUGHPUT;
-  else
+                if (setsockopt(connection_in, IPPROTO_IP, IP_TOS, (void *) &throughput,
-    {
+                               sizeof(throughput)) < 0)
-      /* Set IP options for a non-interactive connection.  Use 
+                        error("setsockopt IPTOS_THROUGHPUT: %.100s", strerror(errno));
-         IPTOS_THROUGHPUT. */
+        }
-      int throughput = IPTOS_THROUGHPUT;
-      if (setsockopt(connection_in, IPPROTO_IP, IP_TOS, (void *)&throughput, 
-                     sizeof(throughput)) < 0)
-        error("setsockopt IPTOS_THROUGHPUT: %.100s", strerror(errno));
-    }
 }
 /* Returns true if the current connection is interactive. */
@@ -746,22 +725,22 @@ packet_set_interactive(int interactive, int keepalives)
 int
 packet_is_interactive()
 {
-  return interactive_mode;
+        return interactive_mode;
 }
 int
 packet_set_maxsize(int s)
 {
-  static int called = 0;
+        static int called = 0;
-  if (called) {
+        if (called) {
-    log("packet_set_maxsize: called twice: old %d new %d", max_packet_size, s);
+                log("packet_set_maxsize: called twice: old %d new %d", max_packet_size, s);
-    return -1;
+                return -1;
-  }
+        }
-  if (s < 4*1024 || s > 1024*1024) {
+        if (s < 4 * 1024 || s > 1024 * 1024) {
-    log("packet_set_maxsize: bad size %d", s);
+                log("packet_set_maxsize: bad size %d", s);
-    return -1;
+                return -1;
-  }
+        }
-  log("packet_set_maxsize: setting to %d", s);
+        log("packet_set_maxsize: setting to %d", s);
-  max_packet_size = s;
+        max_packet_size = s;
-  return s;
+        return s;
 }