version 1.109.2.2, 2004/08/19 22:37:31 |
version 1.110, 2003/09/19 09:02:02 |
|
|
fatal("packet_set_connection: cannot load cipher 'none'"); |
fatal("packet_set_connection: cannot load cipher 'none'"); |
connection_in = fd_in; |
connection_in = fd_in; |
connection_out = fd_out; |
connection_out = fd_out; |
cipher_init(&send_context, none, (const u_char *)"", |
cipher_init(&send_context, none, "", 0, NULL, 0, CIPHER_ENCRYPT); |
0, NULL, 0, CIPHER_ENCRYPT); |
cipher_init(&receive_context, none, "", 0, NULL, 0, CIPHER_DECRYPT); |
cipher_init(&receive_context, none, (const u_char *)"", |
|
0, NULL, 0, CIPHER_DECRYPT); |
|
newkeys[MODE_IN] = newkeys[MODE_OUT] = NULL; |
newkeys[MODE_IN] = newkeys[MODE_OUT] = NULL; |
if (!initialized) { |
if (!initialized) { |
initialized = 1; |
initialized = 1; |
|
|
buffer_init(&incoming_packet); |
buffer_init(&incoming_packet); |
TAILQ_INIT(&outgoing); |
TAILQ_INIT(&outgoing); |
} |
} |
|
/* Kludge: arrange the close function to be called from fatal(). */ |
|
fatal_add_cleanup((void (*) (void *)) packet_close, NULL); |
} |
} |
|
|
/* Returns 1 if remote host is connected via socket, 0 if not. */ |
/* Returns 1 if remote host is connected via socket, 0 if not. */ |
|
|
packet_set_nonblocking(void) |
packet_set_nonblocking(void) |
{ |
{ |
/* Set the socket into non-blocking mode. */ |
/* Set the socket into non-blocking mode. */ |
set_nonblock(connection_in); |
if (fcntl(connection_in, F_SETFL, O_NONBLOCK) < 0) |
|
error("fcntl O_NONBLOCK: %.100s", strerror(errno)); |
|
|
if (connection_out != connection_in) |
if (connection_out != connection_in) { |
set_nonblock(connection_out); |
if (fcntl(connection_out, F_SETFL, O_NONBLOCK) < 0) |
|
error("fcntl O_NONBLOCK: %.100s", strerror(errno)); |
|
} |
} |
} |
|
|
/* Returns the socket used for reading. */ |
/* Returns the socket used for reading. */ |
|
|
u_char buf[8], *cp; |
u_char buf[8], *cp; |
int i, padding, len; |
int i, padding, len; |
u_int checksum; |
u_int checksum; |
u_int32_t rnd = 0; |
u_int32_t rand = 0; |
|
|
/* |
/* |
* If using packet compression, compress the payload of the outgoing |
* If using packet compression, compress the payload of the outgoing |
|
|
cp = buffer_ptr(&outgoing_packet); |
cp = buffer_ptr(&outgoing_packet); |
for (i = 0; i < padding; i++) { |
for (i = 0; i < padding; i++) { |
if (i % 4 == 0) |
if (i % 4 == 0) |
rnd = arc4random(); |
rand = arc4random(); |
cp[7 - i] = rnd & 0xff; |
cp[7 - i] = rand & 0xff; |
rnd >>= 8; |
rand >>= 8; |
} |
} |
} |
} |
buffer_consume(&outgoing_packet, 8 - padding); |
buffer_consume(&outgoing_packet, 8 - padding); |
|
|
Comp *comp; |
Comp *comp; |
CipherContext *cc; |
CipherContext *cc; |
u_int64_t *max_blocks; |
u_int64_t *max_blocks; |
int crypt_type; |
int encrypt; |
|
|
debug2("set_newkeys: mode %d", mode); |
debug2("set_newkeys: mode %d", mode); |
|
|
if (mode == MODE_OUT) { |
if (mode == MODE_OUT) { |
cc = &send_context; |
cc = &send_context; |
crypt_type = CIPHER_ENCRYPT; |
encrypt = CIPHER_ENCRYPT; |
p_send.packets = p_send.blocks = 0; |
p_send.packets = p_send.blocks = 0; |
max_blocks = &max_blocks_out; |
max_blocks = &max_blocks_out; |
} else { |
} else { |
cc = &receive_context; |
cc = &receive_context; |
crypt_type = CIPHER_DECRYPT; |
encrypt = CIPHER_DECRYPT; |
p_read.packets = p_read.blocks = 0; |
p_read.packets = p_read.blocks = 0; |
max_blocks = &max_blocks_in; |
max_blocks = &max_blocks_in; |
} |
} |
|
|
mac->enabled = 1; |
mac->enabled = 1; |
DBG(debug("cipher_init_context: %d", mode)); |
DBG(debug("cipher_init_context: %d", mode)); |
cipher_init(cc, enc->cipher, enc->key, enc->key_len, |
cipher_init(cc, enc->cipher, enc->key, enc->key_len, |
enc->iv, enc->block_size, crypt_type); |
enc->iv, enc->block_size, encrypt); |
/* Deleting the keys does not gain extra security */ |
/* Deleting the keys does not gain extra security */ |
/* memset(enc->iv, 0, enc->block_size); |
/* memset(enc->iv, 0, enc->block_size); |
memset(enc->key, 0, enc->key_len); */ |
memset(enc->key, 0, enc->key_len); */ |
|
|
u_char padlen, pad; |
u_char padlen, pad; |
u_int packet_length = 0; |
u_int packet_length = 0; |
u_int i, len; |
u_int i, len; |
u_int32_t rnd = 0; |
u_int32_t rand = 0; |
Enc *enc = NULL; |
Enc *enc = NULL; |
Mac *mac = NULL; |
Mac *mac = NULL; |
Comp *comp = NULL; |
Comp *comp = NULL; |
|
|
/* random padding */ |
/* random padding */ |
for (i = 0; i < padlen; i++) { |
for (i = 0; i < padlen; i++) { |
if (i % 4 == 0) |
if (i % 4 == 0) |
rnd = arc4random(); |
rand = arc4random(); |
cp[i] = rnd & 0xff; |
cp[i] = rand & 0xff; |
rnd >>= 8; |
rand >>= 8; |
} |
} |
} else { |
} else { |
/* clear padding */ |
/* clear padding */ |
|
|
len = read(connection_in, buf, sizeof(buf)); |
len = read(connection_in, buf, sizeof(buf)); |
if (len == 0) { |
if (len == 0) { |
logit("Connection closed by %.200s", get_remote_ipaddr()); |
logit("Connection closed by %.200s", get_remote_ipaddr()); |
cleanup_exit(255); |
fatal_cleanup(); |
} |
} |
if (len < 0) |
if (len < 0) |
fatal("Read from socket failed: %.100s", strerror(errno)); |
fatal("Read from socket failed: %.100s", strerror(errno)); |
|
|
logit("Received disconnect from %s: %u: %.400s", |
logit("Received disconnect from %s: %u: %.400s", |
get_remote_ipaddr(), reason, msg); |
get_remote_ipaddr(), reason, msg); |
xfree(msg); |
xfree(msg); |
cleanup_exit(255); |
fatal_cleanup(); |
break; |
break; |
case SSH2_MSG_UNIMPLEMENTED: |
case SSH2_MSG_UNIMPLEMENTED: |
seqnr = packet_get_int(); |
seqnr = packet_get_int(); |
|
|
msg = packet_get_string(NULL); |
msg = packet_get_string(NULL); |
logit("Received disconnect from %s: %.400s", |
logit("Received disconnect from %s: %.400s", |
get_remote_ipaddr(), msg); |
get_remote_ipaddr(), msg); |
cleanup_exit(255); |
fatal_cleanup(); |
xfree(msg); |
xfree(msg); |
break; |
break; |
default: |
default: |
|
|
|
|
/* Close the connection. */ |
/* Close the connection. */ |
packet_close(); |
packet_close(); |
cleanup_exit(255); |
|
|
fatal_cleanup(); |
} |
} |
|
|
/* Checks if there is any buffered output, and tries to write some of the output. */ |
/* Checks if there is any buffered output, and tries to write some of the output. */ |
|
|
return interactive_mode; |
return interactive_mode; |
} |
} |
|
|
int |
u_int |
packet_set_maxsize(u_int s) |
packet_set_maxsize(u_int s) |
{ |
{ |
static int called = 0; |
static int called = 0; |
|
|
void |
void |
packet_send_ignore(int nbytes) |
packet_send_ignore(int nbytes) |
{ |
{ |
u_int32_t rnd = 0; |
u_int32_t rand = 0; |
int i; |
int i; |
|
|
packet_start(compat20 ? SSH2_MSG_IGNORE : SSH_MSG_IGNORE); |
packet_start(compat20 ? SSH2_MSG_IGNORE : SSH_MSG_IGNORE); |
packet_put_int(nbytes); |
packet_put_int(nbytes); |
for (i = 0; i < nbytes; i++) { |
for (i = 0; i < nbytes; i++) { |
if (i % 4 == 0) |
if (i % 4 == 0) |
rnd = arc4random(); |
rand = arc4random(); |
packet_put_char(rnd & 0xff); |
packet_put_char(rand & 0xff); |
rnd >>= 8; |
rand >>= 8; |
} |
} |
} |
} |
|
|
#define MAX_PACKETS (1U<<31) |
#define MAX_PACKETS (1<<31) |
int |
int |
packet_need_rekeying(void) |
packet_need_rekeying(void) |
{ |
{ |