зеркало из https://github.com/Azure/sonic-openssh.git
- markus@cvs.openbsd.org 2001/12/28 14:50:54
[auth1.c auth-rsa.c channels.c dispatch.c kex.c kexdh.c kexgex.c packet.c packet.h serverloop.c session.c ssh.c sshconnect1.c sshconnect2.c sshd.c] packet_read* no longer return the packet length, since it's not used.
This commit is contained in:
Родитель
76e1e368b5
Коммит
dff5099f13
|
@ -66,6 +66,11 @@
|
||||||
- markus@cvs.openbsd.org 2001/12/28 14:13:13
|
- markus@cvs.openbsd.org 2001/12/28 14:13:13
|
||||||
[bufaux.c bufaux.h packet.c]
|
[bufaux.c bufaux.h packet.c]
|
||||||
buffer_get_bignum: int -> void
|
buffer_get_bignum: int -> void
|
||||||
|
- markus@cvs.openbsd.org 2001/12/28 14:50:54
|
||||||
|
[auth1.c auth-rsa.c channels.c dispatch.c kex.c kexdh.c kexgex.c]
|
||||||
|
[packet.c packet.h serverloop.c session.c ssh.c sshconnect1.c]
|
||||||
|
[sshconnect2.c sshd.c]
|
||||||
|
packet_read* no longer return the packet length, since it's not used.
|
||||||
|
|
||||||
|
|
||||||
20020121
|
20020121
|
||||||
|
@ -7214,4 +7219,4 @@
|
||||||
- Wrote replacements for strlcpy and mkdtemp
|
- Wrote replacements for strlcpy and mkdtemp
|
||||||
- Released 1.0pre1
|
- Released 1.0pre1
|
||||||
|
|
||||||
$Id: ChangeLog,v 1.1742 2002/01/22 12:15:57 djm Exp $
|
$Id: ChangeLog,v 1.1743 2002/01/22 12:16:32 djm Exp $
|
||||||
|
|
|
@ -14,7 +14,7 @@
|
||||||
*/
|
*/
|
||||||
|
|
||||||
#include "includes.h"
|
#include "includes.h"
|
||||||
RCSID("$OpenBSD: auth-rsa.c,v 1.49 2001/12/28 12:14:27 markus Exp $");
|
RCSID("$OpenBSD: auth-rsa.c,v 1.50 2001/12/28 14:50:54 markus Exp $");
|
||||||
|
|
||||||
#include <openssl/rsa.h>
|
#include <openssl/rsa.h>
|
||||||
#include <openssl/md5.h>
|
#include <openssl/md5.h>
|
||||||
|
@ -66,7 +66,7 @@ auth_rsa_challenge_dialog(RSA *pk)
|
||||||
u_char buf[32], mdbuf[16], response[16];
|
u_char buf[32], mdbuf[16], response[16];
|
||||||
MD5_CTX md;
|
MD5_CTX md;
|
||||||
u_int i;
|
u_int i;
|
||||||
int plen, len;
|
int len;
|
||||||
|
|
||||||
if ((encrypted_challenge = BN_new()) == NULL)
|
if ((encrypted_challenge = BN_new()) == NULL)
|
||||||
fatal("auth_rsa_challenge_dialog: BN_new() failed");
|
fatal("auth_rsa_challenge_dialog: BN_new() failed");
|
||||||
|
@ -91,7 +91,7 @@ auth_rsa_challenge_dialog(RSA *pk)
|
||||||
packet_write_wait();
|
packet_write_wait();
|
||||||
|
|
||||||
/* Wait for a response. */
|
/* Wait for a response. */
|
||||||
packet_read_expect(&plen, SSH_CMSG_AUTH_RSA_RESPONSE);
|
packet_read_expect(SSH_CMSG_AUTH_RSA_RESPONSE);
|
||||||
for (i = 0; i < 16; i++)
|
for (i = 0; i < 16; i++)
|
||||||
response[i] = packet_get_char();
|
response[i] = packet_get_char();
|
||||||
packet_check_eom();
|
packet_check_eom();
|
||||||
|
|
8
auth1.c
8
auth1.c
|
@ -10,7 +10,7 @@
|
||||||
*/
|
*/
|
||||||
|
|
||||||
#include "includes.h"
|
#include "includes.h"
|
||||||
RCSID("$OpenBSD: auth1.c,v 1.33 2001/12/28 13:57:33 markus Exp $");
|
RCSID("$OpenBSD: auth1.c,v 1.34 2001/12/28 14:50:54 markus Exp $");
|
||||||
|
|
||||||
#include "xmalloc.h"
|
#include "xmalloc.h"
|
||||||
#include "rsa.h"
|
#include "rsa.h"
|
||||||
|
@ -71,7 +71,6 @@ do_authloop(Authctxt *authctxt)
|
||||||
char *client_user, *password;
|
char *client_user, *password;
|
||||||
char info[1024];
|
char info[1024];
|
||||||
u_int dlen;
|
u_int dlen;
|
||||||
int plen;
|
|
||||||
u_int ulen;
|
u_int ulen;
|
||||||
int type = 0;
|
int type = 0;
|
||||||
struct passwd *pw = authctxt->pw;
|
struct passwd *pw = authctxt->pw;
|
||||||
|
@ -109,7 +108,7 @@ do_authloop(Authctxt *authctxt)
|
||||||
info[0] = '\0';
|
info[0] = '\0';
|
||||||
|
|
||||||
/* Get a packet from the client. */
|
/* Get a packet from the client. */
|
||||||
type = packet_read(&plen);
|
type = packet_read();
|
||||||
|
|
||||||
/* Process the packet. */
|
/* Process the packet. */
|
||||||
switch (type) {
|
switch (type) {
|
||||||
|
@ -360,12 +359,11 @@ do_authentication(void)
|
||||||
{
|
{
|
||||||
Authctxt *authctxt;
|
Authctxt *authctxt;
|
||||||
struct passwd *pw;
|
struct passwd *pw;
|
||||||
int plen;
|
|
||||||
u_int ulen;
|
u_int ulen;
|
||||||
char *p, *user, *style = NULL;
|
char *p, *user, *style = NULL;
|
||||||
|
|
||||||
/* Get the name of the user that we wish to log in as. */
|
/* Get the name of the user that we wish to log in as. */
|
||||||
packet_read_expect(&plen, SSH_CMSG_USER);
|
packet_read_expect(SSH_CMSG_USER);
|
||||||
|
|
||||||
/* Get the user name. */
|
/* Get the user name. */
|
||||||
user = packet_get_string(&ulen);
|
user = packet_get_string(&ulen);
|
||||||
|
|
|
@ -39,7 +39,7 @@
|
||||||
*/
|
*/
|
||||||
|
|
||||||
#include "includes.h"
|
#include "includes.h"
|
||||||
RCSID("$OpenBSD: channels.c,v 1.152 2001/12/28 12:14:27 markus Exp $");
|
RCSID("$OpenBSD: channels.c,v 1.153 2001/12/28 14:50:54 markus Exp $");
|
||||||
|
|
||||||
#include "ssh.h"
|
#include "ssh.h"
|
||||||
#include "ssh1.h"
|
#include "ssh1.h"
|
||||||
|
@ -2185,7 +2185,7 @@ void
|
||||||
channel_request_remote_forwarding(u_short listen_port,
|
channel_request_remote_forwarding(u_short listen_port,
|
||||||
const char *host_to_connect, u_short port_to_connect)
|
const char *host_to_connect, u_short port_to_connect)
|
||||||
{
|
{
|
||||||
int payload_len, type, success = 0;
|
int type, success = 0;
|
||||||
|
|
||||||
/* Record locally that connection to this host/port is permitted. */
|
/* Record locally that connection to this host/port is permitted. */
|
||||||
if (num_permitted_opens >= SSH_MAX_FORWARDS_PER_DIRECTION)
|
if (num_permitted_opens >= SSH_MAX_FORWARDS_PER_DIRECTION)
|
||||||
|
@ -2212,7 +2212,7 @@ channel_request_remote_forwarding(u_short listen_port,
|
||||||
packet_write_wait();
|
packet_write_wait();
|
||||||
|
|
||||||
/* Wait for response from the remote side. */
|
/* Wait for response from the remote side. */
|
||||||
type = packet_read(&payload_len);
|
type = packet_read();
|
||||||
switch (type) {
|
switch (type) {
|
||||||
case SSH_SMSG_SUCCESS:
|
case SSH_SMSG_SUCCESS:
|
||||||
success = 1;
|
success = 1;
|
||||||
|
|
|
@ -22,7 +22,7 @@
|
||||||
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
||||||
*/
|
*/
|
||||||
#include "includes.h"
|
#include "includes.h"
|
||||||
RCSID("$OpenBSD: dispatch.c,v 1.12 2001/12/20 22:50:24 djm Exp $");
|
RCSID("$OpenBSD: dispatch.c,v 1.13 2001/12/28 14:50:54 markus Exp $");
|
||||||
|
|
||||||
#include "ssh1.h"
|
#include "ssh1.h"
|
||||||
#include "ssh2.h"
|
#include "ssh2.h"
|
||||||
|
@ -58,19 +58,18 @@ void
|
||||||
dispatch_run(int mode, int *done, void *ctxt)
|
dispatch_run(int mode, int *done, void *ctxt)
|
||||||
{
|
{
|
||||||
for (;;) {
|
for (;;) {
|
||||||
int plen;
|
|
||||||
int type;
|
int type;
|
||||||
u_int32_t seqnr;
|
u_int32_t seqnr;
|
||||||
|
|
||||||
if (mode == DISPATCH_BLOCK) {
|
if (mode == DISPATCH_BLOCK) {
|
||||||
type = packet_read_seqnr(&plen, &seqnr);
|
type = packet_read_seqnr(&seqnr);
|
||||||
} else {
|
} else {
|
||||||
type = packet_read_poll_seqnr(&plen, &seqnr);
|
type = packet_read_poll_seqnr(&seqnr);
|
||||||
if (type == SSH_MSG_NONE)
|
if (type == SSH_MSG_NONE)
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
if (type > 0 && type < DISPATCH_MAX && dispatch[type] != NULL)
|
if (type > 0 && type < DISPATCH_MAX && dispatch[type] != NULL)
|
||||||
(*dispatch[type])(type, plen, seqnr, ctxt);
|
(*dispatch[type])(type, 1234, seqnr, ctxt);
|
||||||
else
|
else
|
||||||
packet_disconnect("protocol error: rcvd type %d", type);
|
packet_disconnect("protocol error: rcvd type %d", type);
|
||||||
if (done != NULL && *done)
|
if (done != NULL && *done)
|
||||||
|
|
6
kex.c
6
kex.c
|
@ -23,7 +23,7 @@
|
||||||
*/
|
*/
|
||||||
|
|
||||||
#include "includes.h"
|
#include "includes.h"
|
||||||
RCSID("$OpenBSD: kex.c,v 1.39 2001/12/28 12:14:27 markus Exp $");
|
RCSID("$OpenBSD: kex.c,v 1.40 2001/12/28 14:50:54 markus Exp $");
|
||||||
|
|
||||||
#include <openssl/crypto.h>
|
#include <openssl/crypto.h>
|
||||||
|
|
||||||
|
@ -125,8 +125,6 @@ kex_clear_dispatch(void)
|
||||||
void
|
void
|
||||||
kex_finish(Kex *kex)
|
kex_finish(Kex *kex)
|
||||||
{
|
{
|
||||||
int plen;
|
|
||||||
|
|
||||||
kex_clear_dispatch();
|
kex_clear_dispatch();
|
||||||
|
|
||||||
packet_start(SSH2_MSG_NEWKEYS);
|
packet_start(SSH2_MSG_NEWKEYS);
|
||||||
|
@ -135,7 +133,7 @@ kex_finish(Kex *kex)
|
||||||
debug("SSH2_MSG_NEWKEYS sent");
|
debug("SSH2_MSG_NEWKEYS sent");
|
||||||
|
|
||||||
debug("waiting for SSH2_MSG_NEWKEYS");
|
debug("waiting for SSH2_MSG_NEWKEYS");
|
||||||
packet_read_expect(&plen, SSH2_MSG_NEWKEYS);
|
packet_read_expect(SSH2_MSG_NEWKEYS);
|
||||||
debug("SSH2_MSG_NEWKEYS received");
|
debug("SSH2_MSG_NEWKEYS received");
|
||||||
|
|
||||||
kex->done = 1;
|
kex->done = 1;
|
||||||
|
|
9
kexdh.c
9
kexdh.c
|
@ -23,7 +23,7 @@
|
||||||
*/
|
*/
|
||||||
|
|
||||||
#include "includes.h"
|
#include "includes.h"
|
||||||
RCSID("$OpenBSD: kexdh.c,v 1.11 2001/12/28 13:57:33 markus Exp $");
|
RCSID("$OpenBSD: kexdh.c,v 1.12 2001/12/28 14:50:54 markus Exp $");
|
||||||
|
|
||||||
#include <openssl/crypto.h>
|
#include <openssl/crypto.h>
|
||||||
#include <openssl/bn.h>
|
#include <openssl/bn.h>
|
||||||
|
@ -97,7 +97,6 @@ kexdh_client(Kex *kex)
|
||||||
u_char *server_host_key_blob = NULL, *signature = NULL;
|
u_char *server_host_key_blob = NULL, *signature = NULL;
|
||||||
u_char *kbuf, *hash;
|
u_char *kbuf, *hash;
|
||||||
u_int klen, kout, slen, sbloblen;
|
u_int klen, kout, slen, sbloblen;
|
||||||
int plen;
|
|
||||||
|
|
||||||
/* generate and send 'e', client DH public key */
|
/* generate and send 'e', client DH public key */
|
||||||
dh = dh_new_group1();
|
dh = dh_new_group1();
|
||||||
|
@ -115,7 +114,7 @@ kexdh_client(Kex *kex)
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
debug("expecting SSH2_MSG_KEXDH_REPLY");
|
debug("expecting SSH2_MSG_KEXDH_REPLY");
|
||||||
packet_read_expect(&plen, SSH2_MSG_KEXDH_REPLY);
|
packet_read_expect(SSH2_MSG_KEXDH_REPLY);
|
||||||
|
|
||||||
/* key, cert */
|
/* key, cert */
|
||||||
server_host_key_blob = packet_get_string(&sbloblen);
|
server_host_key_blob = packet_get_string(&sbloblen);
|
||||||
|
@ -201,14 +200,14 @@ kexdh_server(Kex *kex)
|
||||||
Key *server_host_key;
|
Key *server_host_key;
|
||||||
u_char *kbuf, *hash, *signature = NULL, *server_host_key_blob = NULL;
|
u_char *kbuf, *hash, *signature = NULL, *server_host_key_blob = NULL;
|
||||||
u_int sbloblen, klen, kout;
|
u_int sbloblen, klen, kout;
|
||||||
int slen, plen;
|
int slen;
|
||||||
|
|
||||||
/* generate server DH public key */
|
/* generate server DH public key */
|
||||||
dh = dh_new_group1();
|
dh = dh_new_group1();
|
||||||
dh_gen_key(dh, kex->we_need * 8);
|
dh_gen_key(dh, kex->we_need * 8);
|
||||||
|
|
||||||
debug("expecting SSH2_MSG_KEXDH_INIT");
|
debug("expecting SSH2_MSG_KEXDH_INIT");
|
||||||
packet_read_expect(&plen, SSH2_MSG_KEXDH_INIT);
|
packet_read_expect(SSH2_MSG_KEXDH_INIT);
|
||||||
|
|
||||||
if (kex->load_host_key == NULL)
|
if (kex->load_host_key == NULL)
|
||||||
fatal("Cannot load hostkey");
|
fatal("Cannot load hostkey");
|
||||||
|
|
14
kexgex.c
14
kexgex.c
|
@ -24,7 +24,7 @@
|
||||||
*/
|
*/
|
||||||
|
|
||||||
#include "includes.h"
|
#include "includes.h"
|
||||||
RCSID("$OpenBSD: kexgex.c,v 1.14 2001/12/28 13:57:33 markus Exp $");
|
RCSID("$OpenBSD: kexgex.c,v 1.15 2001/12/28 14:50:54 markus Exp $");
|
||||||
|
|
||||||
#include <openssl/bn.h>
|
#include <openssl/bn.h>
|
||||||
|
|
||||||
|
@ -107,7 +107,7 @@ kexgex_client(Kex *kex)
|
||||||
Key *server_host_key;
|
Key *server_host_key;
|
||||||
u_char *kbuf, *hash, *signature = NULL, *server_host_key_blob = NULL;
|
u_char *kbuf, *hash, *signature = NULL, *server_host_key_blob = NULL;
|
||||||
u_int klen, kout, slen, sbloblen;
|
u_int klen, kout, slen, sbloblen;
|
||||||
int plen, min, max, nbits;
|
int min, max, nbits;
|
||||||
DH *dh;
|
DH *dh;
|
||||||
|
|
||||||
nbits = dh_estimate(kex->we_need * 8);
|
nbits = dh_estimate(kex->we_need * 8);
|
||||||
|
@ -138,7 +138,7 @@ kexgex_client(Kex *kex)
|
||||||
packet_send();
|
packet_send();
|
||||||
|
|
||||||
debug("expecting SSH2_MSG_KEX_DH_GEX_GROUP");
|
debug("expecting SSH2_MSG_KEX_DH_GEX_GROUP");
|
||||||
packet_read_expect(&plen, SSH2_MSG_KEX_DH_GEX_GROUP);
|
packet_read_expect(SSH2_MSG_KEX_DH_GEX_GROUP);
|
||||||
|
|
||||||
if ((p = BN_new()) == NULL)
|
if ((p = BN_new()) == NULL)
|
||||||
fatal("BN_new");
|
fatal("BN_new");
|
||||||
|
@ -169,7 +169,7 @@ kexgex_client(Kex *kex)
|
||||||
packet_send();
|
packet_send();
|
||||||
|
|
||||||
debug("expecting SSH2_MSG_KEX_DH_GEX_REPLY");
|
debug("expecting SSH2_MSG_KEX_DH_GEX_REPLY");
|
||||||
packet_read_expect(&plen, SSH2_MSG_KEX_DH_GEX_REPLY);
|
packet_read_expect(SSH2_MSG_KEX_DH_GEX_REPLY);
|
||||||
|
|
||||||
/* key, cert */
|
/* key, cert */
|
||||||
server_host_key_blob = packet_get_string(&sbloblen);
|
server_host_key_blob = packet_get_string(&sbloblen);
|
||||||
|
@ -261,7 +261,7 @@ kexgex_server(Kex *kex)
|
||||||
DH *dh = dh;
|
DH *dh = dh;
|
||||||
u_char *kbuf, *hash, *signature = NULL, *server_host_key_blob = NULL;
|
u_char *kbuf, *hash, *signature = NULL, *server_host_key_blob = NULL;
|
||||||
u_int sbloblen, klen, kout;
|
u_int sbloblen, klen, kout;
|
||||||
int min = -1, max = -1, nbits = -1, type, plen, slen;
|
int min = -1, max = -1, nbits = -1, type, slen;
|
||||||
|
|
||||||
if (kex->load_host_key == NULL)
|
if (kex->load_host_key == NULL)
|
||||||
fatal("Cannot load hostkey");
|
fatal("Cannot load hostkey");
|
||||||
|
@ -269,7 +269,7 @@ kexgex_server(Kex *kex)
|
||||||
if (server_host_key == NULL)
|
if (server_host_key == NULL)
|
||||||
fatal("Unsupported hostkey type %d", kex->hostkey_type);
|
fatal("Unsupported hostkey type %d", kex->hostkey_type);
|
||||||
|
|
||||||
type = packet_read(&plen);
|
type = packet_read();
|
||||||
switch (type) {
|
switch (type) {
|
||||||
case SSH2_MSG_KEX_DH_GEX_REQUEST:
|
case SSH2_MSG_KEX_DH_GEX_REQUEST:
|
||||||
debug("SSH2_MSG_KEX_DH_GEX_REQUEST received");
|
debug("SSH2_MSG_KEX_DH_GEX_REQUEST received");
|
||||||
|
@ -312,7 +312,7 @@ kexgex_server(Kex *kex)
|
||||||
dh_gen_key(dh, kex->we_need * 8);
|
dh_gen_key(dh, kex->we_need * 8);
|
||||||
|
|
||||||
debug("expecting SSH2_MSG_KEX_DH_GEX_INIT");
|
debug("expecting SSH2_MSG_KEX_DH_GEX_INIT");
|
||||||
packet_read_expect(&plen, SSH2_MSG_KEX_DH_GEX_INIT);
|
packet_read_expect(SSH2_MSG_KEX_DH_GEX_INIT);
|
||||||
|
|
||||||
/* key, cert */
|
/* key, cert */
|
||||||
if ((dh_client_pub = BN_new()) == NULL)
|
if ((dh_client_pub = BN_new()) == NULL)
|
||||||
|
|
36
packet.c
36
packet.c
|
@ -37,7 +37,7 @@
|
||||||
*/
|
*/
|
||||||
|
|
||||||
#include "includes.h"
|
#include "includes.h"
|
||||||
RCSID("$OpenBSD: packet.c,v 1.81 2001/12/28 14:13:13 markus Exp $");
|
RCSID("$OpenBSD: packet.c,v 1.82 2001/12/28 14:50:54 markus Exp $");
|
||||||
|
|
||||||
#include "xmalloc.h"
|
#include "xmalloc.h"
|
||||||
#include "buffer.h"
|
#include "buffer.h"
|
||||||
|
@ -610,7 +610,7 @@ packet_send(void)
|
||||||
*/
|
*/
|
||||||
|
|
||||||
int
|
int
|
||||||
packet_read_seqnr(int *payload_len_ptr, u_int32_t *seqnr_p)
|
packet_read_seqnr(u_int32_t *seqnr_p)
|
||||||
{
|
{
|
||||||
int type, len;
|
int type, len;
|
||||||
fd_set *setp;
|
fd_set *setp;
|
||||||
|
@ -626,7 +626,7 @@ packet_read_seqnr(int *payload_len_ptr, u_int32_t *seqnr_p)
|
||||||
/* Stay in the loop until we have received a complete packet. */
|
/* Stay in the loop until we have received a complete packet. */
|
||||||
for (;;) {
|
for (;;) {
|
||||||
/* Try to read a packet from the buffer. */
|
/* Try to read a packet from the buffer. */
|
||||||
type = packet_read_poll_seqnr(payload_len_ptr, seqnr_p);
|
type = packet_read_poll_seqnr(seqnr_p);
|
||||||
if (!compat20 && (
|
if (!compat20 && (
|
||||||
type == SSH_SMSG_SUCCESS
|
type == SSH_SMSG_SUCCESS
|
||||||
|| type == SSH_SMSG_FAILURE
|
|| type == SSH_SMSG_FAILURE
|
||||||
|
@ -666,9 +666,9 @@ packet_read_seqnr(int *payload_len_ptr, u_int32_t *seqnr_p)
|
||||||
}
|
}
|
||||||
|
|
||||||
int
|
int
|
||||||
packet_read(int *payload_len_ptr)
|
packet_read(void)
|
||||||
{
|
{
|
||||||
return packet_read_seqnr(payload_len_ptr, NULL);
|
return packet_read_seqnr(NULL);
|
||||||
}
|
}
|
||||||
|
|
||||||
/*
|
/*
|
||||||
|
@ -677,11 +677,11 @@ packet_read(int *payload_len_ptr)
|
||||||
*/
|
*/
|
||||||
|
|
||||||
void
|
void
|
||||||
packet_read_expect(int *payload_len_ptr, int expected_type)
|
packet_read_expect(int expected_type)
|
||||||
{
|
{
|
||||||
int type;
|
int type;
|
||||||
|
|
||||||
type = packet_read(payload_len_ptr);
|
type = packet_read();
|
||||||
if (type != expected_type)
|
if (type != expected_type)
|
||||||
packet_disconnect("Protocol error: expected packet type %d, got %d",
|
packet_disconnect("Protocol error: expected packet type %d, got %d",
|
||||||
expected_type, type);
|
expected_type, type);
|
||||||
|
@ -694,16 +694,10 @@ packet_read_expect(int *payload_len_ptr, int expected_type)
|
||||||
* SSH_MSG_DISCONNECT is handled specially here. Also,
|
* SSH_MSG_DISCONNECT is handled specially here. Also,
|
||||||
* SSH_MSG_IGNORE messages are skipped by this function and are never returned
|
* SSH_MSG_IGNORE messages are skipped by this function and are never returned
|
||||||
* to higher levels.
|
* to higher levels.
|
||||||
*
|
|
||||||
* The returned payload_len does include space consumed by:
|
|
||||||
* Packet length
|
|
||||||
* Padding
|
|
||||||
* Packet type
|
|
||||||
* Check bytes
|
|
||||||
*/
|
*/
|
||||||
|
|
||||||
static int
|
static int
|
||||||
packet_read_poll1(int *payload_len_ptr)
|
packet_read_poll1(void)
|
||||||
{
|
{
|
||||||
u_int len, padded_len;
|
u_int len, padded_len;
|
||||||
u_char *ucp, type;
|
u_char *ucp, type;
|
||||||
|
@ -776,12 +770,11 @@ packet_read_poll1(int *payload_len_ptr)
|
||||||
buffer_len(&compression_buffer));
|
buffer_len(&compression_buffer));
|
||||||
}
|
}
|
||||||
type = buffer_get_char(&incoming_packet);
|
type = buffer_get_char(&incoming_packet);
|
||||||
*payload_len_ptr = buffer_len(&incoming_packet);
|
|
||||||
return type;
|
return type;
|
||||||
}
|
}
|
||||||
|
|
||||||
static int
|
static int
|
||||||
packet_read_poll2(int *payload_len_ptr, u_int32_t *seqnr_p)
|
packet_read_poll2(u_int32_t *seqnr_p)
|
||||||
{
|
{
|
||||||
static u_int32_t seqnr = 0;
|
static u_int32_t seqnr = 0;
|
||||||
static u_int packet_length = 0;
|
static u_int packet_length = 0;
|
||||||
|
@ -887,7 +880,6 @@ packet_read_poll2(int *payload_len_ptr, u_int32_t *seqnr_p)
|
||||||
type = buffer_get_char(&incoming_packet);
|
type = buffer_get_char(&incoming_packet);
|
||||||
if (type == SSH2_MSG_NEWKEYS)
|
if (type == SSH2_MSG_NEWKEYS)
|
||||||
set_newkeys(MODE_IN);
|
set_newkeys(MODE_IN);
|
||||||
*payload_len_ptr = buffer_len(&incoming_packet);
|
|
||||||
#ifdef PACKET_DEBUG
|
#ifdef PACKET_DEBUG
|
||||||
fprintf(stderr, "read/plain[%d]:\r\n", type);
|
fprintf(stderr, "read/plain[%d]:\r\n", type);
|
||||||
buffer_dump(&incoming_packet);
|
buffer_dump(&incoming_packet);
|
||||||
|
@ -898,7 +890,7 @@ packet_read_poll2(int *payload_len_ptr, u_int32_t *seqnr_p)
|
||||||
}
|
}
|
||||||
|
|
||||||
int
|
int
|
||||||
packet_read_poll_seqnr(int *payload_len_ptr, u_int32_t *seqnr_p)
|
packet_read_poll_seqnr(u_int32_t *seqnr_p)
|
||||||
{
|
{
|
||||||
int reason;
|
int reason;
|
||||||
u_char type;
|
u_char type;
|
||||||
|
@ -906,7 +898,7 @@ packet_read_poll_seqnr(int *payload_len_ptr, u_int32_t *seqnr_p)
|
||||||
|
|
||||||
for (;;) {
|
for (;;) {
|
||||||
if (compat20) {
|
if (compat20) {
|
||||||
type = packet_read_poll2(payload_len_ptr, seqnr_p);
|
type = packet_read_poll2(seqnr_p);
|
||||||
if (type)
|
if (type)
|
||||||
DBG(debug("received packet type %d", type));
|
DBG(debug("received packet type %d", type));
|
||||||
switch (type) {
|
switch (type) {
|
||||||
|
@ -933,7 +925,7 @@ packet_read_poll_seqnr(int *payload_len_ptr, u_int32_t *seqnr_p)
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
} else {
|
} else {
|
||||||
type = packet_read_poll1(payload_len_ptr);
|
type = packet_read_poll1();
|
||||||
switch (type) {
|
switch (type) {
|
||||||
case SSH_MSG_IGNORE:
|
case SSH_MSG_IGNORE:
|
||||||
break;
|
break;
|
||||||
|
@ -960,9 +952,9 @@ packet_read_poll_seqnr(int *payload_len_ptr, u_int32_t *seqnr_p)
|
||||||
}
|
}
|
||||||
|
|
||||||
int
|
int
|
||||||
packet_read_poll(int *payload_len_ptr)
|
packet_read_poll(void)
|
||||||
{
|
{
|
||||||
return packet_read_poll_seqnr(payload_len_ptr, NULL);
|
return packet_read_poll_seqnr(NULL);
|
||||||
}
|
}
|
||||||
|
|
||||||
/*
|
/*
|
||||||
|
|
12
packet.h
12
packet.h
|
@ -11,7 +11,7 @@
|
||||||
* called by a name other than "ssh" or "Secure Shell".
|
* called by a name other than "ssh" or "Secure Shell".
|
||||||
*/
|
*/
|
||||||
|
|
||||||
/* RCSID("$OpenBSD: packet.h,v 1.31 2001/12/28 13:57:33 markus Exp $"); */
|
/* RCSID("$OpenBSD: packet.h,v 1.32 2001/12/28 14:50:54 markus Exp $"); */
|
||||||
|
|
||||||
#ifndef PACKET_H
|
#ifndef PACKET_H
|
||||||
#define PACKET_H
|
#define PACKET_H
|
||||||
|
@ -40,12 +40,12 @@ void packet_put_cstring(const char *str);
|
||||||
void packet_put_raw(const void *buf, u_int len);
|
void packet_put_raw(const void *buf, u_int len);
|
||||||
void packet_send(void);
|
void packet_send(void);
|
||||||
|
|
||||||
int packet_read(int *payload_len_ptr);
|
int packet_read(void);
|
||||||
void packet_read_expect(int *payload_len_ptr, int type);
|
void packet_read_expect(int type);
|
||||||
int packet_read_poll(int *packet_len_ptr);
|
int packet_read_poll(void);
|
||||||
void packet_process_incoming(const char *buf, u_int len);
|
void packet_process_incoming(const char *buf, u_int len);
|
||||||
int packet_read_seqnr(int *payload_len_ptr, u_int32_t *seqnr_p);
|
int packet_read_seqnr(u_int32_t *seqnr_p);
|
||||||
int packet_read_poll_seqnr(int *packet_len_ptr, u_int32_t *seqnr_p);
|
int packet_read_poll_seqnr(u_int32_t *seqnr_p);
|
||||||
|
|
||||||
u_int packet_get_char(void);
|
u_int packet_get_char(void);
|
||||||
u_int packet_get_int(void);
|
u_int packet_get_int(void);
|
||||||
|
|
|
@ -35,7 +35,7 @@
|
||||||
*/
|
*/
|
||||||
|
|
||||||
#include "includes.h"
|
#include "includes.h"
|
||||||
RCSID("$OpenBSD: serverloop.c,v 1.91 2001/12/28 12:14:27 markus Exp $");
|
RCSID("$OpenBSD: serverloop.c,v 1.92 2001/12/28 14:50:54 markus Exp $");
|
||||||
|
|
||||||
#include "xmalloc.h"
|
#include "xmalloc.h"
|
||||||
#include "packet.h"
|
#include "packet.h"
|
||||||
|
@ -691,8 +691,7 @@ server_loop(pid_t pid, int fdin_arg, int fdout_arg, int fderr_arg)
|
||||||
* the exit status.
|
* the exit status.
|
||||||
*/
|
*/
|
||||||
do {
|
do {
|
||||||
int plen;
|
type = packet_read();
|
||||||
type = packet_read(&plen);
|
|
||||||
}
|
}
|
||||||
while (type != SSH_CMSG_EXIT_CONFIRMATION);
|
while (type != SSH_CMSG_EXIT_CONFIRMATION);
|
||||||
|
|
||||||
|
|
|
@ -33,7 +33,7 @@
|
||||||
*/
|
*/
|
||||||
|
|
||||||
#include "includes.h"
|
#include "includes.h"
|
||||||
RCSID("$OpenBSD: session.c,v 1.116 2001/12/28 12:14:27 markus Exp $");
|
RCSID("$OpenBSD: session.c,v 1.117 2001/12/28 14:50:54 markus Exp $");
|
||||||
|
|
||||||
#include "ssh.h"
|
#include "ssh.h"
|
||||||
#include "ssh1.h"
|
#include "ssh1.h"
|
||||||
|
@ -233,7 +233,7 @@ do_authenticated1(Authctxt *authctxt)
|
||||||
{
|
{
|
||||||
Session *s;
|
Session *s;
|
||||||
char *command;
|
char *command;
|
||||||
int success, type, plen, screen_flag;
|
int success, type, screen_flag;
|
||||||
int compression_level = 0, enable_compression_after_reply = 0;
|
int compression_level = 0, enable_compression_after_reply = 0;
|
||||||
u_int proto_len, data_len, dlen;
|
u_int proto_len, data_len, dlen;
|
||||||
|
|
||||||
|
@ -249,7 +249,7 @@ do_authenticated1(Authctxt *authctxt)
|
||||||
success = 0;
|
success = 0;
|
||||||
|
|
||||||
/* Get a packet from the client. */
|
/* Get a packet from the client. */
|
||||||
type = packet_read(&plen);
|
type = packet_read();
|
||||||
|
|
||||||
/* Process the packet. */
|
/* Process the packet. */
|
||||||
switch (type) {
|
switch (type) {
|
||||||
|
|
11
ssh.c
11
ssh.c
|
@ -39,7 +39,7 @@
|
||||||
*/
|
*/
|
||||||
|
|
||||||
#include "includes.h"
|
#include "includes.h"
|
||||||
RCSID("$OpenBSD: ssh.c,v 1.155 2001/12/28 12:14:27 markus Exp $");
|
RCSID("$OpenBSD: ssh.c,v 1.156 2001/12/28 14:50:54 markus Exp $");
|
||||||
|
|
||||||
#include <openssl/evp.h>
|
#include <openssl/evp.h>
|
||||||
#include <openssl/err.h>
|
#include <openssl/err.h>
|
||||||
|
@ -880,7 +880,6 @@ static int
|
||||||
ssh_session(void)
|
ssh_session(void)
|
||||||
{
|
{
|
||||||
int type;
|
int type;
|
||||||
int plen;
|
|
||||||
int interactive = 0;
|
int interactive = 0;
|
||||||
int have_tty = 0;
|
int have_tty = 0;
|
||||||
struct winsize ws;
|
struct winsize ws;
|
||||||
|
@ -898,7 +897,7 @@ ssh_session(void)
|
||||||
packet_put_int(options.compression_level);
|
packet_put_int(options.compression_level);
|
||||||
packet_send();
|
packet_send();
|
||||||
packet_write_wait();
|
packet_write_wait();
|
||||||
type = packet_read(&plen);
|
type = packet_read();
|
||||||
if (type == SSH_SMSG_SUCCESS)
|
if (type == SSH_SMSG_SUCCESS)
|
||||||
packet_start_compression(options.compression_level);
|
packet_start_compression(options.compression_level);
|
||||||
else if (type == SSH_SMSG_FAILURE)
|
else if (type == SSH_SMSG_FAILURE)
|
||||||
|
@ -936,7 +935,7 @@ ssh_session(void)
|
||||||
packet_write_wait();
|
packet_write_wait();
|
||||||
|
|
||||||
/* Read response from the server. */
|
/* Read response from the server. */
|
||||||
type = packet_read(&plen);
|
type = packet_read();
|
||||||
if (type == SSH_SMSG_SUCCESS) {
|
if (type == SSH_SMSG_SUCCESS) {
|
||||||
interactive = 1;
|
interactive = 1;
|
||||||
have_tty = 1;
|
have_tty = 1;
|
||||||
|
@ -955,7 +954,7 @@ ssh_session(void)
|
||||||
x11_request_forwarding_with_spoofing(0, proto, data);
|
x11_request_forwarding_with_spoofing(0, proto, data);
|
||||||
|
|
||||||
/* Read response from the server. */
|
/* Read response from the server. */
|
||||||
type = packet_read(&plen);
|
type = packet_read();
|
||||||
if (type == SSH_SMSG_SUCCESS) {
|
if (type == SSH_SMSG_SUCCESS) {
|
||||||
interactive = 1;
|
interactive = 1;
|
||||||
} else if (type == SSH_SMSG_FAILURE) {
|
} else if (type == SSH_SMSG_FAILURE) {
|
||||||
|
@ -975,7 +974,7 @@ ssh_session(void)
|
||||||
auth_request_forwarding();
|
auth_request_forwarding();
|
||||||
|
|
||||||
/* Read response from the server. */
|
/* Read response from the server. */
|
||||||
type = packet_read(&plen);
|
type = packet_read();
|
||||||
packet_check_eom();
|
packet_check_eom();
|
||||||
if (type != SSH_SMSG_SUCCESS)
|
if (type != SSH_SMSG_SUCCESS)
|
||||||
log("Warning: Remote host denied authentication agent forwarding.");
|
log("Warning: Remote host denied authentication agent forwarding.");
|
||||||
|
|
|
@ -13,7 +13,7 @@
|
||||||
*/
|
*/
|
||||||
|
|
||||||
#include "includes.h"
|
#include "includes.h"
|
||||||
RCSID("$OpenBSD: sshconnect1.c,v 1.46 2001/12/28 13:57:33 markus Exp $");
|
RCSID("$OpenBSD: sshconnect1.c,v 1.47 2001/12/28 14:50:54 markus Exp $");
|
||||||
|
|
||||||
#include <openssl/bn.h>
|
#include <openssl/bn.h>
|
||||||
#include <openssl/evp.h>
|
#include <openssl/evp.h>
|
||||||
|
@ -67,7 +67,6 @@ try_agent_authentication(void)
|
||||||
AuthenticationConnection *auth;
|
AuthenticationConnection *auth;
|
||||||
u_char response[16];
|
u_char response[16];
|
||||||
u_int i;
|
u_int i;
|
||||||
int plen;
|
|
||||||
Key *key;
|
Key *key;
|
||||||
BIGNUM *challenge;
|
BIGNUM *challenge;
|
||||||
|
|
||||||
|
@ -94,7 +93,7 @@ try_agent_authentication(void)
|
||||||
packet_write_wait();
|
packet_write_wait();
|
||||||
|
|
||||||
/* Wait for server's response. */
|
/* Wait for server's response. */
|
||||||
type = packet_read(&plen);
|
type = packet_read();
|
||||||
|
|
||||||
/* The server sends failure if it doesn\'t like our key or
|
/* The server sends failure if it doesn\'t like our key or
|
||||||
does not support RSA authentication. */
|
does not support RSA authentication. */
|
||||||
|
@ -134,7 +133,7 @@ try_agent_authentication(void)
|
||||||
packet_write_wait();
|
packet_write_wait();
|
||||||
|
|
||||||
/* Wait for response from the server. */
|
/* Wait for response from the server. */
|
||||||
type = packet_read(&plen);
|
type = packet_read();
|
||||||
|
|
||||||
/* The server returns success if it accepted the authentication. */
|
/* The server returns success if it accepted the authentication. */
|
||||||
if (type == SSH_SMSG_SUCCESS) {
|
if (type == SSH_SMSG_SUCCESS) {
|
||||||
|
@ -209,7 +208,7 @@ try_rsa_authentication(int idx)
|
||||||
BIGNUM *challenge;
|
BIGNUM *challenge;
|
||||||
Key *public, *private;
|
Key *public, *private;
|
||||||
char buf[300], *passphrase, *comment, *authfile;
|
char buf[300], *passphrase, *comment, *authfile;
|
||||||
int i, type, quit, plen;
|
int i, type, quit;
|
||||||
|
|
||||||
public = options.identity_keys[idx];
|
public = options.identity_keys[idx];
|
||||||
authfile = options.identity_files[idx];
|
authfile = options.identity_files[idx];
|
||||||
|
@ -224,7 +223,7 @@ try_rsa_authentication(int idx)
|
||||||
packet_write_wait();
|
packet_write_wait();
|
||||||
|
|
||||||
/* Wait for server's response. */
|
/* Wait for server's response. */
|
||||||
type = packet_read(&plen);
|
type = packet_read();
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* The server responds with failure if it doesn\'t like our key or
|
* The server responds with failure if it doesn\'t like our key or
|
||||||
|
@ -291,7 +290,7 @@ try_rsa_authentication(int idx)
|
||||||
packet_write_wait();
|
packet_write_wait();
|
||||||
|
|
||||||
/* Expect the server to reject it... */
|
/* Expect the server to reject it... */
|
||||||
packet_read_expect(&plen, SSH_SMSG_FAILURE);
|
packet_read_expect(SSH_SMSG_FAILURE);
|
||||||
BN_clear_free(challenge);
|
BN_clear_free(challenge);
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
@ -307,7 +306,7 @@ try_rsa_authentication(int idx)
|
||||||
BN_clear_free(challenge);
|
BN_clear_free(challenge);
|
||||||
|
|
||||||
/* Wait for response from the server. */
|
/* Wait for response from the server. */
|
||||||
type = packet_read(&plen);
|
type = packet_read();
|
||||||
if (type == SSH_SMSG_SUCCESS) {
|
if (type == SSH_SMSG_SUCCESS) {
|
||||||
debug("RSA authentication accepted by server.");
|
debug("RSA authentication accepted by server.");
|
||||||
return 1;
|
return 1;
|
||||||
|
@ -327,7 +326,6 @@ try_rhosts_rsa_authentication(const char *local_user, Key * host_key)
|
||||||
{
|
{
|
||||||
int type;
|
int type;
|
||||||
BIGNUM *challenge;
|
BIGNUM *challenge;
|
||||||
int plen;
|
|
||||||
|
|
||||||
debug("Trying rhosts or /etc/hosts.equiv with RSA host authentication.");
|
debug("Trying rhosts or /etc/hosts.equiv with RSA host authentication.");
|
||||||
|
|
||||||
|
@ -341,7 +339,7 @@ try_rhosts_rsa_authentication(const char *local_user, Key * host_key)
|
||||||
packet_write_wait();
|
packet_write_wait();
|
||||||
|
|
||||||
/* Wait for server's response. */
|
/* Wait for server's response. */
|
||||||
type = packet_read(&plen);
|
type = packet_read();
|
||||||
|
|
||||||
/* The server responds with failure if it doesn't admit our
|
/* The server responds with failure if it doesn't admit our
|
||||||
.rhosts authentication or doesn't know our host key. */
|
.rhosts authentication or doesn't know our host key. */
|
||||||
|
@ -368,7 +366,7 @@ try_rhosts_rsa_authentication(const char *local_user, Key * host_key)
|
||||||
BN_clear_free(challenge);
|
BN_clear_free(challenge);
|
||||||
|
|
||||||
/* Wait for response from the server. */
|
/* Wait for response from the server. */
|
||||||
type = packet_read(&plen);
|
type = packet_read();
|
||||||
if (type == SSH_SMSG_SUCCESS) {
|
if (type == SSH_SMSG_SUCCESS) {
|
||||||
debug("Rhosts or /etc/hosts.equiv with RSA host authentication accepted by server.");
|
debug("Rhosts or /etc/hosts.equiv with RSA host authentication accepted by server.");
|
||||||
return 1;
|
return 1;
|
||||||
|
@ -388,7 +386,7 @@ try_krb4_authentication(void)
|
||||||
char inst[INST_SZ];
|
char inst[INST_SZ];
|
||||||
char *realm;
|
char *realm;
|
||||||
CREDENTIALS cred;
|
CREDENTIALS cred;
|
||||||
int r, type, plen;
|
int r, type;
|
||||||
socklen_t slen;
|
socklen_t slen;
|
||||||
Key_schedule schedule;
|
Key_schedule schedule;
|
||||||
u_long checksum, cksum;
|
u_long checksum, cksum;
|
||||||
|
@ -447,7 +445,7 @@ try_krb4_authentication(void)
|
||||||
fatal_cleanup();
|
fatal_cleanup();
|
||||||
}
|
}
|
||||||
/* Get server reply. */
|
/* Get server reply. */
|
||||||
type = packet_read(&plen);
|
type = packet_read();
|
||||||
switch (type) {
|
switch (type) {
|
||||||
case SSH_SMSG_FAILURE:
|
case SSH_SMSG_FAILURE:
|
||||||
/* Should really be SSH_SMSG_AUTH_KERBEROS_FAILURE */
|
/* Should really be SSH_SMSG_AUTH_KERBEROS_FAILURE */
|
||||||
|
@ -509,7 +507,7 @@ try_krb5_authentication(krb5_context *context, krb5_auth_context *auth_context)
|
||||||
krb5_ccache ccache = NULL;
|
krb5_ccache ccache = NULL;
|
||||||
const char *remotehost;
|
const char *remotehost;
|
||||||
krb5_data ap;
|
krb5_data ap;
|
||||||
int type, payload_len;
|
int type;
|
||||||
krb5_ap_rep_enc_part *reply = NULL;
|
krb5_ap_rep_enc_part *reply = NULL;
|
||||||
int ret;
|
int ret;
|
||||||
|
|
||||||
|
@ -559,7 +557,7 @@ try_krb5_authentication(krb5_context *context, krb5_auth_context *auth_context)
|
||||||
xfree(ap.data);
|
xfree(ap.data);
|
||||||
ap.length = 0;
|
ap.length = 0;
|
||||||
|
|
||||||
type = packet_read(&payload_len);
|
type = packet_read();
|
||||||
switch (type) {
|
switch (type) {
|
||||||
case SSH_SMSG_FAILURE:
|
case SSH_SMSG_FAILURE:
|
||||||
/* Should really be SSH_SMSG_AUTH_KERBEROS_FAILURE */
|
/* Should really be SSH_SMSG_AUTH_KERBEROS_FAILURE */
|
||||||
|
@ -605,7 +603,7 @@ try_krb5_authentication(krb5_context *context, krb5_auth_context *auth_context)
|
||||||
static void
|
static void
|
||||||
send_krb5_tgt(krb5_context context, krb5_auth_context auth_context)
|
send_krb5_tgt(krb5_context context, krb5_auth_context auth_context)
|
||||||
{
|
{
|
||||||
int fd, type, payload_len;
|
int fd, type;
|
||||||
krb5_error_code problem;
|
krb5_error_code problem;
|
||||||
krb5_data outbuf;
|
krb5_data outbuf;
|
||||||
krb5_ccache ccache = NULL;
|
krb5_ccache ccache = NULL;
|
||||||
|
@ -655,7 +653,7 @@ send_krb5_tgt(krb5_context context, krb5_auth_context auth_context)
|
||||||
packet_send();
|
packet_send();
|
||||||
packet_write_wait();
|
packet_write_wait();
|
||||||
|
|
||||||
type = packet_read(&payload_len);
|
type = packet_read();
|
||||||
|
|
||||||
if (type == SSH_SMSG_SUCCESS) {
|
if (type == SSH_SMSG_SUCCESS) {
|
||||||
char *pname;
|
char *pname;
|
||||||
|
@ -690,7 +688,7 @@ send_krb4_tgt(void)
|
||||||
CREDENTIALS *creds;
|
CREDENTIALS *creds;
|
||||||
struct stat st;
|
struct stat st;
|
||||||
char buffer[4096], pname[ANAME_SZ], pinst[INST_SZ], prealm[REALM_SZ];
|
char buffer[4096], pname[ANAME_SZ], pinst[INST_SZ], prealm[REALM_SZ];
|
||||||
int problem, type, len;
|
int problem, type;
|
||||||
|
|
||||||
/* Don't do anything if we don't have any tickets. */
|
/* Don't do anything if we don't have any tickets. */
|
||||||
if (stat(tkt_string(), &st) < 0)
|
if (stat(tkt_string(), &st) < 0)
|
||||||
|
@ -717,7 +715,7 @@ send_krb4_tgt(void)
|
||||||
packet_send();
|
packet_send();
|
||||||
packet_write_wait();
|
packet_write_wait();
|
||||||
|
|
||||||
type = packet_read(&len);
|
type = packet_read();
|
||||||
|
|
||||||
if (type == SSH_SMSG_SUCCESS)
|
if (type == SSH_SMSG_SUCCESS)
|
||||||
debug("Kerberos v4 TGT forwarded (%s%s%s@%s).",
|
debug("Kerberos v4 TGT forwarded (%s%s%s@%s).",
|
||||||
|
@ -795,7 +793,7 @@ send_afs_tokens(void)
|
||||||
|
|
||||||
/* Roger, Roger. Clearance, Clarence. What's your vector,
|
/* Roger, Roger. Clearance, Clarence. What's your vector,
|
||||||
Victor? */
|
Victor? */
|
||||||
type = packet_read(&len);
|
type = packet_read();
|
||||||
|
|
||||||
if (type == SSH_SMSG_FAILURE)
|
if (type == SSH_SMSG_FAILURE)
|
||||||
debug("AFS token for cell %s rejected.", server_cell);
|
debug("AFS token for cell %s rejected.", server_cell);
|
||||||
|
@ -814,7 +812,6 @@ static int
|
||||||
try_challenge_response_authentication(void)
|
try_challenge_response_authentication(void)
|
||||||
{
|
{
|
||||||
int type, i;
|
int type, i;
|
||||||
int payload_len;
|
|
||||||
u_int clen;
|
u_int clen;
|
||||||
char prompt[1024];
|
char prompt[1024];
|
||||||
char *challenge, *response;
|
char *challenge, *response;
|
||||||
|
@ -827,7 +824,7 @@ try_challenge_response_authentication(void)
|
||||||
packet_send();
|
packet_send();
|
||||||
packet_write_wait();
|
packet_write_wait();
|
||||||
|
|
||||||
type = packet_read(&payload_len);
|
type = packet_read();
|
||||||
if (type != SSH_SMSG_FAILURE &&
|
if (type != SSH_SMSG_FAILURE &&
|
||||||
type != SSH_SMSG_AUTH_TIS_CHALLENGE) {
|
type != SSH_SMSG_AUTH_TIS_CHALLENGE) {
|
||||||
packet_disconnect("Protocol error: got %d in response "
|
packet_disconnect("Protocol error: got %d in response "
|
||||||
|
@ -858,7 +855,7 @@ try_challenge_response_authentication(void)
|
||||||
xfree(response);
|
xfree(response);
|
||||||
packet_send();
|
packet_send();
|
||||||
packet_write_wait();
|
packet_write_wait();
|
||||||
type = packet_read(&payload_len);
|
type = packet_read();
|
||||||
if (type == SSH_SMSG_SUCCESS)
|
if (type == SSH_SMSG_SUCCESS)
|
||||||
return 1;
|
return 1;
|
||||||
if (type != SSH_SMSG_FAILURE)
|
if (type != SSH_SMSG_FAILURE)
|
||||||
|
@ -875,7 +872,7 @@ try_challenge_response_authentication(void)
|
||||||
static int
|
static int
|
||||||
try_password_authentication(char *prompt)
|
try_password_authentication(char *prompt)
|
||||||
{
|
{
|
||||||
int type, i, payload_len;
|
int type, i;
|
||||||
char *password;
|
char *password;
|
||||||
|
|
||||||
debug("Doing password authentication.");
|
debug("Doing password authentication.");
|
||||||
|
@ -892,7 +889,7 @@ try_password_authentication(char *prompt)
|
||||||
packet_send();
|
packet_send();
|
||||||
packet_write_wait();
|
packet_write_wait();
|
||||||
|
|
||||||
type = packet_read(&payload_len);
|
type = packet_read();
|
||||||
if (type == SSH_SMSG_SUCCESS)
|
if (type == SSH_SMSG_SUCCESS)
|
||||||
return 1;
|
return 1;
|
||||||
if (type != SSH_SMSG_FAILURE)
|
if (type != SSH_SMSG_FAILURE)
|
||||||
|
@ -917,13 +914,12 @@ ssh_kex(char *host, struct sockaddr *hostaddr)
|
||||||
u_char cookie[8];
|
u_char cookie[8];
|
||||||
u_int supported_ciphers;
|
u_int supported_ciphers;
|
||||||
u_int server_flags, client_flags;
|
u_int server_flags, client_flags;
|
||||||
int payload_len;
|
|
||||||
u_int32_t rand = 0;
|
u_int32_t rand = 0;
|
||||||
|
|
||||||
debug("Waiting for server public key.");
|
debug("Waiting for server public key.");
|
||||||
|
|
||||||
/* Wait for a public key packet from the server. */
|
/* Wait for a public key packet from the server. */
|
||||||
packet_read_expect(&payload_len, SSH_SMSG_PUBLIC_KEY);
|
packet_read_expect(SSH_SMSG_PUBLIC_KEY);
|
||||||
|
|
||||||
/* Get cookie from the packet. */
|
/* Get cookie from the packet. */
|
||||||
for (i = 0; i < 8; i++)
|
for (i = 0; i < 8; i++)
|
||||||
|
@ -1084,7 +1080,7 @@ ssh_kex(char *host, struct sockaddr *hostaddr)
|
||||||
* Expect a success message from the server. Note that this message
|
* Expect a success message from the server. Note that this message
|
||||||
* will be received in encrypted form.
|
* will be received in encrypted form.
|
||||||
*/
|
*/
|
||||||
packet_read_expect(&payload_len, SSH_SMSG_SUCCESS);
|
packet_read_expect(SSH_SMSG_SUCCESS);
|
||||||
|
|
||||||
debug("Received encrypted confirmation.");
|
debug("Received encrypted confirmation.");
|
||||||
}
|
}
|
||||||
|
@ -1101,7 +1097,6 @@ ssh_userauth1(const char *local_user, const char *server_user, char *host,
|
||||||
krb5_auth_context auth_context = NULL;
|
krb5_auth_context auth_context = NULL;
|
||||||
#endif
|
#endif
|
||||||
int i, type;
|
int i, type;
|
||||||
int payload_len;
|
|
||||||
|
|
||||||
if (supported_authentications == 0)
|
if (supported_authentications == 0)
|
||||||
fatal("ssh_userauth1: server supports no auth methods");
|
fatal("ssh_userauth1: server supports no auth methods");
|
||||||
|
@ -1117,7 +1112,7 @@ ssh_userauth1(const char *local_user, const char *server_user, char *host,
|
||||||
* needed (the user has no password). Otherwise the server responds
|
* needed (the user has no password). Otherwise the server responds
|
||||||
* with failure.
|
* with failure.
|
||||||
*/
|
*/
|
||||||
type = packet_read(&payload_len);
|
type = packet_read();
|
||||||
|
|
||||||
/* check whether the connection was accepted without authentication. */
|
/* check whether the connection was accepted without authentication. */
|
||||||
if (type == SSH_SMSG_SUCCESS)
|
if (type == SSH_SMSG_SUCCESS)
|
||||||
|
@ -1131,7 +1126,7 @@ ssh_userauth1(const char *local_user, const char *server_user, char *host,
|
||||||
debug("Trying Kerberos v5 authentication.");
|
debug("Trying Kerberos v5 authentication.");
|
||||||
|
|
||||||
if (try_krb5_authentication(&context, &auth_context)) {
|
if (try_krb5_authentication(&context, &auth_context)) {
|
||||||
type = packet_read(&payload_len);
|
type = packet_read();
|
||||||
if (type == SSH_SMSG_SUCCESS)
|
if (type == SSH_SMSG_SUCCESS)
|
||||||
goto success;
|
goto success;
|
||||||
if (type != SSH_SMSG_FAILURE)
|
if (type != SSH_SMSG_FAILURE)
|
||||||
|
@ -1146,7 +1141,7 @@ ssh_userauth1(const char *local_user, const char *server_user, char *host,
|
||||||
debug("Trying Kerberos v4 authentication.");
|
debug("Trying Kerberos v4 authentication.");
|
||||||
|
|
||||||
if (try_krb4_authentication()) {
|
if (try_krb4_authentication()) {
|
||||||
type = packet_read(&payload_len);
|
type = packet_read();
|
||||||
if (type == SSH_SMSG_SUCCESS)
|
if (type == SSH_SMSG_SUCCESS)
|
||||||
goto success;
|
goto success;
|
||||||
if (type != SSH_SMSG_FAILURE)
|
if (type != SSH_SMSG_FAILURE)
|
||||||
|
@ -1168,7 +1163,7 @@ ssh_userauth1(const char *local_user, const char *server_user, char *host,
|
||||||
packet_write_wait();
|
packet_write_wait();
|
||||||
|
|
||||||
/* The server should respond with success or failure. */
|
/* The server should respond with success or failure. */
|
||||||
type = packet_read(&payload_len);
|
type = packet_read();
|
||||||
if (type == SSH_SMSG_SUCCESS)
|
if (type == SSH_SMSG_SUCCESS)
|
||||||
goto success;
|
goto success;
|
||||||
if (type != SSH_SMSG_FAILURE)
|
if (type != SSH_SMSG_FAILURE)
|
||||||
|
|
|
@ -23,7 +23,7 @@
|
||||||
*/
|
*/
|
||||||
|
|
||||||
#include "includes.h"
|
#include "includes.h"
|
||||||
RCSID("$OpenBSD: sshconnect2.c,v 1.90 2001/12/28 12:14:27 markus Exp $");
|
RCSID("$OpenBSD: sshconnect2.c,v 1.91 2001/12/28 14:50:54 markus Exp $");
|
||||||
|
|
||||||
#include <openssl/bn.h>
|
#include <openssl/bn.h>
|
||||||
#include <openssl/md5.h>
|
#include <openssl/md5.h>
|
||||||
|
@ -226,7 +226,6 @@ ssh_userauth2(const char *local_user, const char *server_user, char *host,
|
||||||
{
|
{
|
||||||
Authctxt authctxt;
|
Authctxt authctxt;
|
||||||
int type;
|
int type;
|
||||||
int plen;
|
|
||||||
|
|
||||||
if (options.challenge_response_authentication)
|
if (options.challenge_response_authentication)
|
||||||
options.kbd_interactive_authentication = 1;
|
options.kbd_interactive_authentication = 1;
|
||||||
|
@ -236,12 +235,12 @@ ssh_userauth2(const char *local_user, const char *server_user, char *host,
|
||||||
packet_put_cstring("ssh-userauth");
|
packet_put_cstring("ssh-userauth");
|
||||||
packet_send();
|
packet_send();
|
||||||
packet_write_wait();
|
packet_write_wait();
|
||||||
type = packet_read(&plen);
|
type = packet_read();
|
||||||
if (type != SSH2_MSG_SERVICE_ACCEPT) {
|
if (type != SSH2_MSG_SERVICE_ACCEPT) {
|
||||||
fatal("denied SSH2_MSG_SERVICE_ACCEPT: %d", type);
|
fatal("denied SSH2_MSG_SERVICE_ACCEPT: %d", type);
|
||||||
}
|
}
|
||||||
if (packet_remaining() > 0) {
|
if (packet_remaining() > 0) {
|
||||||
char *reply = packet_get_string(&plen);
|
char *reply = packet_get_string(NULL);
|
||||||
debug("service_accept: %s", reply);
|
debug("service_accept: %s", reply);
|
||||||
xfree(reply);
|
xfree(reply);
|
||||||
} else {
|
} else {
|
||||||
|
|
5
sshd.c
5
sshd.c
|
@ -40,7 +40,7 @@
|
||||||
*/
|
*/
|
||||||
|
|
||||||
#include "includes.h"
|
#include "includes.h"
|
||||||
RCSID("$OpenBSD: sshd.c,v 1.221 2001/12/28 13:57:33 markus Exp $");
|
RCSID("$OpenBSD: sshd.c,v 1.222 2001/12/28 14:50:54 markus Exp $");
|
||||||
|
|
||||||
#include <openssl/dh.h>
|
#include <openssl/dh.h>
|
||||||
#include <openssl/bn.h>
|
#include <openssl/bn.h>
|
||||||
|
@ -1251,7 +1251,6 @@ static void
|
||||||
do_ssh1_kex(void)
|
do_ssh1_kex(void)
|
||||||
{
|
{
|
||||||
int i, len;
|
int i, len;
|
||||||
int plen;
|
|
||||||
int rsafail = 0;
|
int rsafail = 0;
|
||||||
BIGNUM *session_key_int;
|
BIGNUM *session_key_int;
|
||||||
u_char session_key[SSH_SESSION_KEY_LENGTH];
|
u_char session_key[SSH_SESSION_KEY_LENGTH];
|
||||||
|
@ -1335,7 +1334,7 @@ do_ssh1_kex(void)
|
||||||
BN_num_bits(sensitive_data.ssh1_host_key->rsa->n));
|
BN_num_bits(sensitive_data.ssh1_host_key->rsa->n));
|
||||||
|
|
||||||
/* Read clients reply (cipher type and session key). */
|
/* Read clients reply (cipher type and session key). */
|
||||||
packet_read_expect(&plen, SSH_CMSG_SESSION_KEY);
|
packet_read_expect(SSH_CMSG_SESSION_KEY);
|
||||||
|
|
||||||
/* Get cipher type and check whether we accept this. */
|
/* Get cipher type and check whether we accept this. */
|
||||||
cipher_type = packet_get_char();
|
cipher_type = packet_get_char();
|
||||||
|
|
Загрузка…
Ссылка в новой задаче