- markus@cvs.openbsd.org 2002/01/11 13:39:36

[auth2.c dispatch.c dispatch.h kex.c]
     a single dispatch_protocol_error() that sends a message of type 'UNIMPLEMENTED'
     dispatch_range(): set handler for a ranges message types
     use dispatch_protocol_ignore() for authentication requests after
     	successful authentication (the drafts requirement).
     serverloop/clientloop now send a 'UNIMPLEMENTED' message instead of exiting.

ChangeLog

@@ -128,6 +128,15 @@
    - markus@cvs.openbsd.org 2002/01/11 13:36:43
      [ssh2.h]
      add defines for msg type ranges
+   - markus@cvs.openbsd.org 2002/01/11 13:39:36
+     [auth2.c dispatch.c dispatch.h kex.c]
+     a single dispatch_protocol_error() that sends a message of 
+     type 'UNIMPLEMENTED'
+     dispatch_range(): set handler for a ranges message types
+     use dispatch_protocol_ignore() for authentication requests after
+     successful authentication (the drafts requirement).
+     serverloop/clientloop now send a 'UNIMPLEMENTED' message instead 
+     of exiting.
 
 
 20020121
@@ -7276,4 +7285,4 @@
  - Wrote replacements for strlcpy and mkdtemp
  - Released 1.0pre1
 
-$Id: ChangeLog,v 1.1760 2002/01/22 12:23:41 djm Exp $
+$Id: ChangeLog,v 1.1761 2002/01/22 12:24:13 djm Exp $

auth2.c

@@ -23,7 +23,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: auth2.c,v 1.80 2001/12/28 15:06:00 markus Exp $");
+RCSID("$OpenBSD: auth2.c,v 1.81 2002/01/11 13:39:36 markus Exp $");
 
 #include <openssl/evp.h>
 
@@ -71,7 +71,6 @@ struct Authmethod {
 
 static void input_service_request(int, u_int32_t, void *);
 static void input_userauth_request(int, u_int32_t, void *);
-static void protocol_error(int, u_int32_t, void *);
 
 /* helper */
 static Authmethod *authmethod_lookup(const char *);
@@ -123,22 +122,12 @@ do_authentication2(void)
 	if (options.pam_authentication_via_kbd_int)
 		options.kbd_interactive_authentication = 1;
 
-	dispatch_init(&protocol_error);
+	dispatch_init(&dispatch_protocol_error);
 	dispatch_set(SSH2_MSG_SERVICE_REQUEST, &input_service_request);
 	dispatch_run(DISPATCH_BLOCK, &authctxt->success, authctxt);
 	do_authenticated(authctxt);
 }
 
-static void
-protocol_error(int type, u_int32_t seq, void *ctxt)
-{
-	log("auth: protocol error: type %d", type);
-	packet_start(SSH2_MSG_UNIMPLEMENTED);
-	packet_put_int(seq);
-	packet_send();
-	packet_write_wait();
-}
-
 static void
 input_service_request(int type, u_int32_t seq, void *ctxt)
 {
@@ -265,7 +254,7 @@ userauth_finish(Authctxt *authctxt, int authenticated, char *method)
 	/* XXX todo: check if multiple auth methods are needed */
 	if (authenticated == 1) {
 		/* turn off userauth */
-		dispatch_set(SSH2_MSG_USERAUTH_REQUEST, &protocol_error);
+		dispatch_set(SSH2_MSG_USERAUTH_REQUEST, &dispatch_protocol_ignore);
 		packet_start(SSH2_MSG_USERAUTH_SUCCESS);
 		packet_send();
 		packet_write_wait();

dispatch.c

@@ -22,7 +22,7 @@
  * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  */
 #include "includes.h"
-RCSID("$OpenBSD: dispatch.c,v 1.14 2001/12/28 15:06:00 markus Exp $");
+RCSID("$OpenBSD: dispatch.c,v 1.15 2002/01/11 13:39:36 markus Exp $");
 
 #include "ssh1.h"
 #include "ssh2.h"
@@ -39,16 +39,38 @@ dispatch_fn *dispatch[DISPATCH_MAX];
 void
 dispatch_protocol_error(int type, u_int32_t seq, void *ctxt)
 {
-	fatal("dispatch_protocol_error: type %d seq %u", type, seq);
+	log("dispatch_protocol_error: type %d seq %u", type, seq);
+	if (!compat20)
+		fatal("protocol error");
+	packet_start(SSH2_MSG_UNIMPLEMENTED);
+	packet_put_int(seq);
+	packet_send();
+	packet_write_wait();
+}
+void
+dispatch_protocol_ignore(int type, u_int32_t seq, void *ctxt)
+{
+	log("dispatch_protocol_ignore: type %d seq %u", type, seq);
 }
 void
 dispatch_init(dispatch_fn *dflt)
 {
-	int i;
+	u_int i;
 	for (i = 0; i < DISPATCH_MAX; i++)
 		dispatch[i] = dflt;
 }
 void
+dispatch_range(u_int from, u_int to, dispatch_fn *fn)
+{
+	u_int i;
+
+	for (i = from; i <= to; i++) {
+		if (i >= DISPATCH_MAX)
+			break;
+		dispatch[i] = fn;
+	}
+}
+void
 dispatch_set(int type, dispatch_fn *fn)
 {
 	dispatch[type] = fn;

dispatch.h

@@ -1,4 +1,4 @@
-/*	$OpenBSD: dispatch.h,v 1.8 2001/12/28 15:06:00 markus Exp $	*/
+/*	$OpenBSD: dispatch.h,v 1.9 2002/01/11 13:39:36 markus Exp $	*/
 
 /*
  * Copyright (c) 2000 Markus Friedl.  All rights reserved.
@@ -32,5 +32,7 @@ typedef void dispatch_fn(int, u_int32_t, void *);
 
 void	 dispatch_init(dispatch_fn *);
 void	 dispatch_set(int, dispatch_fn *);
+void	 dispatch_range(u_int, u_int, dispatch_fn *);
 void	 dispatch_run(int, int *, void *);
 void	 dispatch_protocol_error(int, u_int32_t, void *);
+void	 dispatch_protocol_ignore(int, u_int32_t, void *);

kex.c

@@ -23,7 +23,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: kex.c,v 1.41 2001/12/28 15:06:00 markus Exp $");
+RCSID("$OpenBSD: kex.c,v 1.42 2002/01/11 13:39:36 markus Exp $");
 
 #include <openssl/crypto.h>
 
@@ -115,11 +115,8 @@ kex_protocol_error(int type, u_int32_t seq, void *ctxt)
 static void
 kex_clear_dispatch(void)
 {
-	int i;
-
-	/* Numbers 30-49 are used for kex packets */
-	for (i = 30; i <= 49; i++)
-		dispatch_set(i, &kex_protocol_error);
+	dispatch_range(SSH2_MSG_TRANSPORT_MIN,
+	    SSH2_MSG_TRANSPORT_MAX, &kex_protocol_error);
 }
 
 void