[auth1.c auth-rsa.c channels.c dispatch.c kex.c kexdh.c kexgex.c packet.c packet.h serverloop.c session.c ssh.c sshconnect1.c sshconnect2.c sshd.c]
     packet_read* no longer return the packet length, since it's not used.
This commit is contained in:
Damien Miller 2002-01-22 23:16:32 +11:00
Родитель 76e1e368b5
Коммит dff5099f13
16 изменённых файлов: 95 добавлений и 113 удалений

Просмотреть файл

@ -66,6 +66,11 @@
- markus@cvs.openbsd.org 2001/12/28 14:13:13
[bufaux.c bufaux.h packet.c]
buffer_get_bignum: int -> void
- markus@cvs.openbsd.org 2001/12/28 14:50:54
[auth1.c auth-rsa.c channels.c dispatch.c kex.c kexdh.c kexgex.c]
[packet.c packet.h serverloop.c session.c ssh.c sshconnect1.c]
[sshconnect2.c sshd.c]
packet_read* no longer return the packet length, since it's not used.
20020121
@ -7214,4 +7219,4 @@
- Wrote replacements for strlcpy and mkdtemp
- Released 1.0pre1
$Id: ChangeLog,v 1.1742 2002/01/22 12:15:57 djm Exp $
$Id: ChangeLog,v 1.1743 2002/01/22 12:16:32 djm Exp $

Просмотреть файл

@ -14,7 +14,7 @@
*/
#include "includes.h"
RCSID("$OpenBSD: auth-rsa.c,v 1.49 2001/12/28 12:14:27 markus Exp $");
RCSID("$OpenBSD: auth-rsa.c,v 1.50 2001/12/28 14:50:54 markus Exp $");
#include <openssl/rsa.h>
#include <openssl/md5.h>
@ -66,7 +66,7 @@ auth_rsa_challenge_dialog(RSA *pk)
u_char buf[32], mdbuf[16], response[16];
MD5_CTX md;
u_int i;
int plen, len;
int len;
if ((encrypted_challenge = BN_new()) == NULL)
fatal("auth_rsa_challenge_dialog: BN_new() failed");
@ -91,7 +91,7 @@ auth_rsa_challenge_dialog(RSA *pk)
packet_write_wait();
/* Wait for a response. */
packet_read_expect(&plen, SSH_CMSG_AUTH_RSA_RESPONSE);
packet_read_expect(SSH_CMSG_AUTH_RSA_RESPONSE);
for (i = 0; i < 16; i++)
response[i] = packet_get_char();
packet_check_eom();

Просмотреть файл

@ -10,7 +10,7 @@
*/
#include "includes.h"
RCSID("$OpenBSD: auth1.c,v 1.33 2001/12/28 13:57:33 markus Exp $");
RCSID("$OpenBSD: auth1.c,v 1.34 2001/12/28 14:50:54 markus Exp $");
#include "xmalloc.h"
#include "rsa.h"
@ -71,7 +71,6 @@ do_authloop(Authctxt *authctxt)
char *client_user, *password;
char info[1024];
u_int dlen;
int plen;
u_int ulen;
int type = 0;
struct passwd *pw = authctxt->pw;
@ -109,7 +108,7 @@ do_authloop(Authctxt *authctxt)
info[0] = '\0';
/* Get a packet from the client. */
type = packet_read(&plen);
type = packet_read();
/* Process the packet. */
switch (type) {
@ -360,12 +359,11 @@ do_authentication(void)
{
Authctxt *authctxt;
struct passwd *pw;
int plen;
u_int ulen;
char *p, *user, *style = NULL;
/* Get the name of the user that we wish to log in as. */
packet_read_expect(&plen, SSH_CMSG_USER);
packet_read_expect(SSH_CMSG_USER);
/* Get the user name. */
user = packet_get_string(&ulen);

Просмотреть файл

@ -39,7 +39,7 @@
*/
#include "includes.h"
RCSID("$OpenBSD: channels.c,v 1.152 2001/12/28 12:14:27 markus Exp $");
RCSID("$OpenBSD: channels.c,v 1.153 2001/12/28 14:50:54 markus Exp $");
#include "ssh.h"
#include "ssh1.h"
@ -2185,7 +2185,7 @@ void
channel_request_remote_forwarding(u_short listen_port,
const char *host_to_connect, u_short port_to_connect)
{
int payload_len, type, success = 0;
int type, success = 0;
/* Record locally that connection to this host/port is permitted. */
if (num_permitted_opens >= SSH_MAX_FORWARDS_PER_DIRECTION)
@ -2212,7 +2212,7 @@ channel_request_remote_forwarding(u_short listen_port,
packet_write_wait();
/* Wait for response from the remote side. */
type = packet_read(&payload_len);
type = packet_read();
switch (type) {
case SSH_SMSG_SUCCESS:
success = 1;

Просмотреть файл

@ -22,7 +22,7 @@
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
#include "includes.h"
RCSID("$OpenBSD: dispatch.c,v 1.12 2001/12/20 22:50:24 djm Exp $");
RCSID("$OpenBSD: dispatch.c,v 1.13 2001/12/28 14:50:54 markus Exp $");
#include "ssh1.h"
#include "ssh2.h"
@ -58,19 +58,18 @@ void
dispatch_run(int mode, int *done, void *ctxt)
{
for (;;) {
int plen;
int type;
u_int32_t seqnr;
if (mode == DISPATCH_BLOCK) {
type = packet_read_seqnr(&plen, &seqnr);
type = packet_read_seqnr(&seqnr);
} else {
type = packet_read_poll_seqnr(&plen, &seqnr);
type = packet_read_poll_seqnr(&seqnr);
if (type == SSH_MSG_NONE)
return;
}
if (type > 0 && type < DISPATCH_MAX && dispatch[type] != NULL)
(*dispatch[type])(type, plen, seqnr, ctxt);
(*dispatch[type])(type, 1234, seqnr, ctxt);
else
packet_disconnect("protocol error: rcvd type %d", type);
if (done != NULL && *done)

6
kex.c
Просмотреть файл

@ -23,7 +23,7 @@
*/
#include "includes.h"
RCSID("$OpenBSD: kex.c,v 1.39 2001/12/28 12:14:27 markus Exp $");
RCSID("$OpenBSD: kex.c,v 1.40 2001/12/28 14:50:54 markus Exp $");
#include <openssl/crypto.h>
@ -125,8 +125,6 @@ kex_clear_dispatch(void)
void
kex_finish(Kex *kex)
{
int plen;
kex_clear_dispatch();
packet_start(SSH2_MSG_NEWKEYS);
@ -135,7 +133,7 @@ kex_finish(Kex *kex)
debug("SSH2_MSG_NEWKEYS sent");
debug("waiting for SSH2_MSG_NEWKEYS");
packet_read_expect(&plen, SSH2_MSG_NEWKEYS);
packet_read_expect(SSH2_MSG_NEWKEYS);
debug("SSH2_MSG_NEWKEYS received");
kex->done = 1;

Просмотреть файл

@ -23,7 +23,7 @@
*/
#include "includes.h"
RCSID("$OpenBSD: kexdh.c,v 1.11 2001/12/28 13:57:33 markus Exp $");
RCSID("$OpenBSD: kexdh.c,v 1.12 2001/12/28 14:50:54 markus Exp $");
#include <openssl/crypto.h>
#include <openssl/bn.h>
@ -97,7 +97,6 @@ kexdh_client(Kex *kex)
u_char *server_host_key_blob = NULL, *signature = NULL;
u_char *kbuf, *hash;
u_int klen, kout, slen, sbloblen;
int plen;
/* generate and send 'e', client DH public key */
dh = dh_new_group1();
@ -115,7 +114,7 @@ kexdh_client(Kex *kex)
#endif
debug("expecting SSH2_MSG_KEXDH_REPLY");
packet_read_expect(&plen, SSH2_MSG_KEXDH_REPLY);
packet_read_expect(SSH2_MSG_KEXDH_REPLY);
/* key, cert */
server_host_key_blob = packet_get_string(&sbloblen);
@ -201,14 +200,14 @@ kexdh_server(Kex *kex)
Key *server_host_key;
u_char *kbuf, *hash, *signature = NULL, *server_host_key_blob = NULL;
u_int sbloblen, klen, kout;
int slen, plen;
int slen;
/* generate server DH public key */
dh = dh_new_group1();
dh_gen_key(dh, kex->we_need * 8);
debug("expecting SSH2_MSG_KEXDH_INIT");
packet_read_expect(&plen, SSH2_MSG_KEXDH_INIT);
packet_read_expect(SSH2_MSG_KEXDH_INIT);
if (kex->load_host_key == NULL)
fatal("Cannot load hostkey");

Просмотреть файл

@ -24,7 +24,7 @@
*/
#include "includes.h"
RCSID("$OpenBSD: kexgex.c,v 1.14 2001/12/28 13:57:33 markus Exp $");
RCSID("$OpenBSD: kexgex.c,v 1.15 2001/12/28 14:50:54 markus Exp $");
#include <openssl/bn.h>
@ -107,7 +107,7 @@ kexgex_client(Kex *kex)
Key *server_host_key;
u_char *kbuf, *hash, *signature = NULL, *server_host_key_blob = NULL;
u_int klen, kout, slen, sbloblen;
int plen, min, max, nbits;
int min, max, nbits;
DH *dh;
nbits = dh_estimate(kex->we_need * 8);
@ -138,7 +138,7 @@ kexgex_client(Kex *kex)
packet_send();
debug("expecting SSH2_MSG_KEX_DH_GEX_GROUP");
packet_read_expect(&plen, SSH2_MSG_KEX_DH_GEX_GROUP);
packet_read_expect(SSH2_MSG_KEX_DH_GEX_GROUP);
if ((p = BN_new()) == NULL)
fatal("BN_new");
@ -169,7 +169,7 @@ kexgex_client(Kex *kex)
packet_send();
debug("expecting SSH2_MSG_KEX_DH_GEX_REPLY");
packet_read_expect(&plen, SSH2_MSG_KEX_DH_GEX_REPLY);
packet_read_expect(SSH2_MSG_KEX_DH_GEX_REPLY);
/* key, cert */
server_host_key_blob = packet_get_string(&sbloblen);
@ -261,7 +261,7 @@ kexgex_server(Kex *kex)
DH *dh = dh;
u_char *kbuf, *hash, *signature = NULL, *server_host_key_blob = NULL;
u_int sbloblen, klen, kout;
int min = -1, max = -1, nbits = -1, type, plen, slen;
int min = -1, max = -1, nbits = -1, type, slen;
if (kex->load_host_key == NULL)
fatal("Cannot load hostkey");
@ -269,7 +269,7 @@ kexgex_server(Kex *kex)
if (server_host_key == NULL)
fatal("Unsupported hostkey type %d", kex->hostkey_type);
type = packet_read(&plen);
type = packet_read();
switch (type) {
case SSH2_MSG_KEX_DH_GEX_REQUEST:
debug("SSH2_MSG_KEX_DH_GEX_REQUEST received");
@ -312,7 +312,7 @@ kexgex_server(Kex *kex)
dh_gen_key(dh, kex->we_need * 8);
debug("expecting SSH2_MSG_KEX_DH_GEX_INIT");
packet_read_expect(&plen, SSH2_MSG_KEX_DH_GEX_INIT);
packet_read_expect(SSH2_MSG_KEX_DH_GEX_INIT);
/* key, cert */
if ((dh_client_pub = BN_new()) == NULL)

Просмотреть файл

@ -37,7 +37,7 @@
*/
#include "includes.h"
RCSID("$OpenBSD: packet.c,v 1.81 2001/12/28 14:13:13 markus Exp $");
RCSID("$OpenBSD: packet.c,v 1.82 2001/12/28 14:50:54 markus Exp $");
#include "xmalloc.h"
#include "buffer.h"
@ -610,7 +610,7 @@ packet_send(void)
*/
int
packet_read_seqnr(int *payload_len_ptr, u_int32_t *seqnr_p)
packet_read_seqnr(u_int32_t *seqnr_p)
{
int type, len;
fd_set *setp;
@ -626,7 +626,7 @@ packet_read_seqnr(int *payload_len_ptr, u_int32_t *seqnr_p)
/* Stay in the loop until we have received a complete packet. */
for (;;) {
/* Try to read a packet from the buffer. */
type = packet_read_poll_seqnr(payload_len_ptr, seqnr_p);
type = packet_read_poll_seqnr(seqnr_p);
if (!compat20 && (
type == SSH_SMSG_SUCCESS
|| type == SSH_SMSG_FAILURE
@ -666,9 +666,9 @@ packet_read_seqnr(int *payload_len_ptr, u_int32_t *seqnr_p)
}
int
packet_read(int *payload_len_ptr)
packet_read(void)
{
return packet_read_seqnr(payload_len_ptr, NULL);
return packet_read_seqnr(NULL);
}
/*
@ -677,11 +677,11 @@ packet_read(int *payload_len_ptr)
*/
void
packet_read_expect(int *payload_len_ptr, int expected_type)
packet_read_expect(int expected_type)
{
int type;
type = packet_read(payload_len_ptr);
type = packet_read();
if (type != expected_type)
packet_disconnect("Protocol error: expected packet type %d, got %d",
expected_type, type);
@ -694,16 +694,10 @@ packet_read_expect(int *payload_len_ptr, int expected_type)
* SSH_MSG_DISCONNECT is handled specially here. Also,
* SSH_MSG_IGNORE messages are skipped by this function and are never returned
* to higher levels.
*
* The returned payload_len does include space consumed by:
* Packet length
* Padding
* Packet type
* Check bytes
*/
static int
packet_read_poll1(int *payload_len_ptr)
packet_read_poll1(void)
{
u_int len, padded_len;
u_char *ucp, type;
@ -776,12 +770,11 @@ packet_read_poll1(int *payload_len_ptr)
buffer_len(&compression_buffer));
}
type = buffer_get_char(&incoming_packet);
*payload_len_ptr = buffer_len(&incoming_packet);
return type;
}
static int
packet_read_poll2(int *payload_len_ptr, u_int32_t *seqnr_p)
packet_read_poll2(u_int32_t *seqnr_p)
{
static u_int32_t seqnr = 0;
static u_int packet_length = 0;
@ -887,7 +880,6 @@ packet_read_poll2(int *payload_len_ptr, u_int32_t *seqnr_p)
type = buffer_get_char(&incoming_packet);
if (type == SSH2_MSG_NEWKEYS)
set_newkeys(MODE_IN);
*payload_len_ptr = buffer_len(&incoming_packet);
#ifdef PACKET_DEBUG
fprintf(stderr, "read/plain[%d]:\r\n", type);
buffer_dump(&incoming_packet);
@ -898,7 +890,7 @@ packet_read_poll2(int *payload_len_ptr, u_int32_t *seqnr_p)
}
int
packet_read_poll_seqnr(int *payload_len_ptr, u_int32_t *seqnr_p)
packet_read_poll_seqnr(u_int32_t *seqnr_p)
{
int reason;
u_char type;
@ -906,7 +898,7 @@ packet_read_poll_seqnr(int *payload_len_ptr, u_int32_t *seqnr_p)
for (;;) {
if (compat20) {
type = packet_read_poll2(payload_len_ptr, seqnr_p);
type = packet_read_poll2(seqnr_p);
if (type)
DBG(debug("received packet type %d", type));
switch (type) {
@ -933,7 +925,7 @@ packet_read_poll_seqnr(int *payload_len_ptr, u_int32_t *seqnr_p)
break;
}
} else {
type = packet_read_poll1(payload_len_ptr);
type = packet_read_poll1();
switch (type) {
case SSH_MSG_IGNORE:
break;
@ -960,9 +952,9 @@ packet_read_poll_seqnr(int *payload_len_ptr, u_int32_t *seqnr_p)
}
int
packet_read_poll(int *payload_len_ptr)
packet_read_poll(void)
{
return packet_read_poll_seqnr(payload_len_ptr, NULL);
return packet_read_poll_seqnr(NULL);
}
/*

Просмотреть файл

@ -11,7 +11,7 @@
* called by a name other than "ssh" or "Secure Shell".
*/
/* RCSID("$OpenBSD: packet.h,v 1.31 2001/12/28 13:57:33 markus Exp $"); */
/* RCSID("$OpenBSD: packet.h,v 1.32 2001/12/28 14:50:54 markus Exp $"); */
#ifndef PACKET_H
#define PACKET_H
@ -40,12 +40,12 @@ void packet_put_cstring(const char *str);
void packet_put_raw(const void *buf, u_int len);
void packet_send(void);
int packet_read(int *payload_len_ptr);
void packet_read_expect(int *payload_len_ptr, int type);
int packet_read_poll(int *packet_len_ptr);
int packet_read(void);
void packet_read_expect(int type);
int packet_read_poll(void);
void packet_process_incoming(const char *buf, u_int len);
int packet_read_seqnr(int *payload_len_ptr, u_int32_t *seqnr_p);
int packet_read_poll_seqnr(int *packet_len_ptr, u_int32_t *seqnr_p);
int packet_read_seqnr(u_int32_t *seqnr_p);
int packet_read_poll_seqnr(u_int32_t *seqnr_p);
u_int packet_get_char(void);
u_int packet_get_int(void);

Просмотреть файл

@ -35,7 +35,7 @@
*/
#include "includes.h"
RCSID("$OpenBSD: serverloop.c,v 1.91 2001/12/28 12:14:27 markus Exp $");
RCSID("$OpenBSD: serverloop.c,v 1.92 2001/12/28 14:50:54 markus Exp $");
#include "xmalloc.h"
#include "packet.h"
@ -691,8 +691,7 @@ server_loop(pid_t pid, int fdin_arg, int fdout_arg, int fderr_arg)
* the exit status.
*/
do {
int plen;
type = packet_read(&plen);
type = packet_read();
}
while (type != SSH_CMSG_EXIT_CONFIRMATION);

Просмотреть файл

@ -33,7 +33,7 @@
*/
#include "includes.h"
RCSID("$OpenBSD: session.c,v 1.116 2001/12/28 12:14:27 markus Exp $");
RCSID("$OpenBSD: session.c,v 1.117 2001/12/28 14:50:54 markus Exp $");
#include "ssh.h"
#include "ssh1.h"
@ -233,7 +233,7 @@ do_authenticated1(Authctxt *authctxt)
{
Session *s;
char *command;
int success, type, plen, screen_flag;
int success, type, screen_flag;
int compression_level = 0, enable_compression_after_reply = 0;
u_int proto_len, data_len, dlen;
@ -249,7 +249,7 @@ do_authenticated1(Authctxt *authctxt)
success = 0;
/* Get a packet from the client. */
type = packet_read(&plen);
type = packet_read();
/* Process the packet. */
switch (type) {

11
ssh.c
Просмотреть файл

@ -39,7 +39,7 @@
*/
#include "includes.h"
RCSID("$OpenBSD: ssh.c,v 1.155 2001/12/28 12:14:27 markus Exp $");
RCSID("$OpenBSD: ssh.c,v 1.156 2001/12/28 14:50:54 markus Exp $");
#include <openssl/evp.h>
#include <openssl/err.h>
@ -880,7 +880,6 @@ static int
ssh_session(void)
{
int type;
int plen;
int interactive = 0;
int have_tty = 0;
struct winsize ws;
@ -898,7 +897,7 @@ ssh_session(void)
packet_put_int(options.compression_level);
packet_send();
packet_write_wait();
type = packet_read(&plen);
type = packet_read();
if (type == SSH_SMSG_SUCCESS)
packet_start_compression(options.compression_level);
else if (type == SSH_SMSG_FAILURE)
@ -936,7 +935,7 @@ ssh_session(void)
packet_write_wait();
/* Read response from the server. */
type = packet_read(&plen);
type = packet_read();
if (type == SSH_SMSG_SUCCESS) {
interactive = 1;
have_tty = 1;
@ -955,7 +954,7 @@ ssh_session(void)
x11_request_forwarding_with_spoofing(0, proto, data);
/* Read response from the server. */
type = packet_read(&plen);
type = packet_read();
if (type == SSH_SMSG_SUCCESS) {
interactive = 1;
} else if (type == SSH_SMSG_FAILURE) {
@ -975,7 +974,7 @@ ssh_session(void)
auth_request_forwarding();
/* Read response from the server. */
type = packet_read(&plen);
type = packet_read();
packet_check_eom();
if (type != SSH_SMSG_SUCCESS)
log("Warning: Remote host denied authentication agent forwarding.");

Просмотреть файл

@ -13,7 +13,7 @@
*/
#include "includes.h"
RCSID("$OpenBSD: sshconnect1.c,v 1.46 2001/12/28 13:57:33 markus Exp $");
RCSID("$OpenBSD: sshconnect1.c,v 1.47 2001/12/28 14:50:54 markus Exp $");
#include <openssl/bn.h>
#include <openssl/evp.h>
@ -67,7 +67,6 @@ try_agent_authentication(void)
AuthenticationConnection *auth;
u_char response[16];
u_int i;
int plen;
Key *key;
BIGNUM *challenge;
@ -94,7 +93,7 @@ try_agent_authentication(void)
packet_write_wait();
/* Wait for server's response. */
type = packet_read(&plen);
type = packet_read();
/* The server sends failure if it doesn\'t like our key or
does not support RSA authentication. */
@ -134,7 +133,7 @@ try_agent_authentication(void)
packet_write_wait();
/* Wait for response from the server. */
type = packet_read(&plen);
type = packet_read();
/* The server returns success if it accepted the authentication. */
if (type == SSH_SMSG_SUCCESS) {
@ -209,7 +208,7 @@ try_rsa_authentication(int idx)
BIGNUM *challenge;
Key *public, *private;
char buf[300], *passphrase, *comment, *authfile;
int i, type, quit, plen;
int i, type, quit;
public = options.identity_keys[idx];
authfile = options.identity_files[idx];
@ -224,7 +223,7 @@ try_rsa_authentication(int idx)
packet_write_wait();
/* Wait for server's response. */
type = packet_read(&plen);
type = packet_read();
/*
* The server responds with failure if it doesn\'t like our key or
@ -291,7 +290,7 @@ try_rsa_authentication(int idx)
packet_write_wait();
/* Expect the server to reject it... */
packet_read_expect(&plen, SSH_SMSG_FAILURE);
packet_read_expect(SSH_SMSG_FAILURE);
BN_clear_free(challenge);
return 0;
}
@ -307,7 +306,7 @@ try_rsa_authentication(int idx)
BN_clear_free(challenge);
/* Wait for response from the server. */
type = packet_read(&plen);
type = packet_read();
if (type == SSH_SMSG_SUCCESS) {
debug("RSA authentication accepted by server.");
return 1;
@ -327,7 +326,6 @@ try_rhosts_rsa_authentication(const char *local_user, Key * host_key)
{
int type;
BIGNUM *challenge;
int plen;
debug("Trying rhosts or /etc/hosts.equiv with RSA host authentication.");
@ -341,7 +339,7 @@ try_rhosts_rsa_authentication(const char *local_user, Key * host_key)
packet_write_wait();
/* Wait for server's response. */
type = packet_read(&plen);
type = packet_read();
/* The server responds with failure if it doesn't admit our
.rhosts authentication or doesn't know our host key. */
@ -368,7 +366,7 @@ try_rhosts_rsa_authentication(const char *local_user, Key * host_key)
BN_clear_free(challenge);
/* Wait for response from the server. */
type = packet_read(&plen);
type = packet_read();
if (type == SSH_SMSG_SUCCESS) {
debug("Rhosts or /etc/hosts.equiv with RSA host authentication accepted by server.");
return 1;
@ -388,7 +386,7 @@ try_krb4_authentication(void)
char inst[INST_SZ];
char *realm;
CREDENTIALS cred;
int r, type, plen;
int r, type;
socklen_t slen;
Key_schedule schedule;
u_long checksum, cksum;
@ -447,7 +445,7 @@ try_krb4_authentication(void)
fatal_cleanup();
}
/* Get server reply. */
type = packet_read(&plen);
type = packet_read();
switch (type) {
case SSH_SMSG_FAILURE:
/* Should really be SSH_SMSG_AUTH_KERBEROS_FAILURE */
@ -509,7 +507,7 @@ try_krb5_authentication(krb5_context *context, krb5_auth_context *auth_context)
krb5_ccache ccache = NULL;
const char *remotehost;
krb5_data ap;
int type, payload_len;
int type;
krb5_ap_rep_enc_part *reply = NULL;
int ret;
@ -559,7 +557,7 @@ try_krb5_authentication(krb5_context *context, krb5_auth_context *auth_context)
xfree(ap.data);
ap.length = 0;
type = packet_read(&payload_len);
type = packet_read();
switch (type) {
case SSH_SMSG_FAILURE:
/* Should really be SSH_SMSG_AUTH_KERBEROS_FAILURE */
@ -605,7 +603,7 @@ try_krb5_authentication(krb5_context *context, krb5_auth_context *auth_context)
static void
send_krb5_tgt(krb5_context context, krb5_auth_context auth_context)
{
int fd, type, payload_len;
int fd, type;
krb5_error_code problem;
krb5_data outbuf;
krb5_ccache ccache = NULL;
@ -655,7 +653,7 @@ send_krb5_tgt(krb5_context context, krb5_auth_context auth_context)
packet_send();
packet_write_wait();
type = packet_read(&payload_len);
type = packet_read();
if (type == SSH_SMSG_SUCCESS) {
char *pname;
@ -690,7 +688,7 @@ send_krb4_tgt(void)
CREDENTIALS *creds;
struct stat st;
char buffer[4096], pname[ANAME_SZ], pinst[INST_SZ], prealm[REALM_SZ];
int problem, type, len;
int problem, type;
/* Don't do anything if we don't have any tickets. */
if (stat(tkt_string(), &st) < 0)
@ -717,7 +715,7 @@ send_krb4_tgt(void)
packet_send();
packet_write_wait();
type = packet_read(&len);
type = packet_read();
if (type == SSH_SMSG_SUCCESS)
debug("Kerberos v4 TGT forwarded (%s%s%s@%s).",
@ -795,7 +793,7 @@ send_afs_tokens(void)
/* Roger, Roger. Clearance, Clarence. What's your vector,
Victor? */
type = packet_read(&len);
type = packet_read();
if (type == SSH_SMSG_FAILURE)
debug("AFS token for cell %s rejected.", server_cell);
@ -814,7 +812,6 @@ static int
try_challenge_response_authentication(void)
{
int type, i;
int payload_len;
u_int clen;
char prompt[1024];
char *challenge, *response;
@ -827,7 +824,7 @@ try_challenge_response_authentication(void)
packet_send();
packet_write_wait();
type = packet_read(&payload_len);
type = packet_read();
if (type != SSH_SMSG_FAILURE &&
type != SSH_SMSG_AUTH_TIS_CHALLENGE) {
packet_disconnect("Protocol error: got %d in response "
@ -858,7 +855,7 @@ try_challenge_response_authentication(void)
xfree(response);
packet_send();
packet_write_wait();
type = packet_read(&payload_len);
type = packet_read();
if (type == SSH_SMSG_SUCCESS)
return 1;
if (type != SSH_SMSG_FAILURE)
@ -875,7 +872,7 @@ try_challenge_response_authentication(void)
static int
try_password_authentication(char *prompt)
{
int type, i, payload_len;
int type, i;
char *password;
debug("Doing password authentication.");
@ -892,7 +889,7 @@ try_password_authentication(char *prompt)
packet_send();
packet_write_wait();
type = packet_read(&payload_len);
type = packet_read();
if (type == SSH_SMSG_SUCCESS)
return 1;
if (type != SSH_SMSG_FAILURE)
@ -917,13 +914,12 @@ ssh_kex(char *host, struct sockaddr *hostaddr)
u_char cookie[8];
u_int supported_ciphers;
u_int server_flags, client_flags;
int payload_len;
u_int32_t rand = 0;
debug("Waiting for server public key.");
/* Wait for a public key packet from the server. */
packet_read_expect(&payload_len, SSH_SMSG_PUBLIC_KEY);
packet_read_expect(SSH_SMSG_PUBLIC_KEY);
/* Get cookie from the packet. */
for (i = 0; i < 8; i++)
@ -1084,7 +1080,7 @@ ssh_kex(char *host, struct sockaddr *hostaddr)
* Expect a success message from the server. Note that this message
* will be received in encrypted form.
*/
packet_read_expect(&payload_len, SSH_SMSG_SUCCESS);
packet_read_expect(SSH_SMSG_SUCCESS);
debug("Received encrypted confirmation.");
}
@ -1101,7 +1097,6 @@ ssh_userauth1(const char *local_user, const char *server_user, char *host,
krb5_auth_context auth_context = NULL;
#endif
int i, type;
int payload_len;
if (supported_authentications == 0)
fatal("ssh_userauth1: server supports no auth methods");
@ -1117,7 +1112,7 @@ ssh_userauth1(const char *local_user, const char *server_user, char *host,
* needed (the user has no password). Otherwise the server responds
* with failure.
*/
type = packet_read(&payload_len);
type = packet_read();
/* check whether the connection was accepted without authentication. */
if (type == SSH_SMSG_SUCCESS)
@ -1131,7 +1126,7 @@ ssh_userauth1(const char *local_user, const char *server_user, char *host,
debug("Trying Kerberos v5 authentication.");
if (try_krb5_authentication(&context, &auth_context)) {
type = packet_read(&payload_len);
type = packet_read();
if (type == SSH_SMSG_SUCCESS)
goto success;
if (type != SSH_SMSG_FAILURE)
@ -1146,7 +1141,7 @@ ssh_userauth1(const char *local_user, const char *server_user, char *host,
debug("Trying Kerberos v4 authentication.");
if (try_krb4_authentication()) {
type = packet_read(&payload_len);
type = packet_read();
if (type == SSH_SMSG_SUCCESS)
goto success;
if (type != SSH_SMSG_FAILURE)
@ -1168,7 +1163,7 @@ ssh_userauth1(const char *local_user, const char *server_user, char *host,
packet_write_wait();
/* The server should respond with success or failure. */
type = packet_read(&payload_len);
type = packet_read();
if (type == SSH_SMSG_SUCCESS)
goto success;
if (type != SSH_SMSG_FAILURE)

Просмотреть файл

@ -23,7 +23,7 @@
*/
#include "includes.h"
RCSID("$OpenBSD: sshconnect2.c,v 1.90 2001/12/28 12:14:27 markus Exp $");
RCSID("$OpenBSD: sshconnect2.c,v 1.91 2001/12/28 14:50:54 markus Exp $");
#include <openssl/bn.h>
#include <openssl/md5.h>
@ -226,7 +226,6 @@ ssh_userauth2(const char *local_user, const char *server_user, char *host,
{
Authctxt authctxt;
int type;
int plen;
if (options.challenge_response_authentication)
options.kbd_interactive_authentication = 1;
@ -236,12 +235,12 @@ ssh_userauth2(const char *local_user, const char *server_user, char *host,
packet_put_cstring("ssh-userauth");
packet_send();
packet_write_wait();
type = packet_read(&plen);
type = packet_read();
if (type != SSH2_MSG_SERVICE_ACCEPT) {
fatal("denied SSH2_MSG_SERVICE_ACCEPT: %d", type);
}
if (packet_remaining() > 0) {
char *reply = packet_get_string(&plen);
char *reply = packet_get_string(NULL);
debug("service_accept: %s", reply);
xfree(reply);
} else {

5
sshd.c
Просмотреть файл

@ -40,7 +40,7 @@
*/
#include "includes.h"
RCSID("$OpenBSD: sshd.c,v 1.221 2001/12/28 13:57:33 markus Exp $");
RCSID("$OpenBSD: sshd.c,v 1.222 2001/12/28 14:50:54 markus Exp $");
#include <openssl/dh.h>
#include <openssl/bn.h>
@ -1251,7 +1251,6 @@ static void
do_ssh1_kex(void)
{
int i, len;
int plen;
int rsafail = 0;
BIGNUM *session_key_int;
u_char session_key[SSH_SESSION_KEY_LENGTH];
@ -1335,7 +1334,7 @@ do_ssh1_kex(void)
BN_num_bits(sensitive_data.ssh1_host_key->rsa->n));
/* Read clients reply (cipher type and session key). */
packet_read_expect(&plen, SSH_CMSG_SESSION_KEY);
packet_read_expect(SSH_CMSG_SESSION_KEY);
/* Get cipher type and check whether we accept this. */
cipher_type = packet_get_char();