version 1.115.2.1, 2005/03/10 16:28:27 |
version 1.115.2.2, 2005/09/02 03:45:00 |
|
|
/* Set to true if the connection is interactive. */ |
/* Set to true if the connection is interactive. */ |
static int interactive_mode = 0; |
static int interactive_mode = 0; |
|
|
|
/* Set to true if we are the server side. */ |
|
static int server_side = 0; |
|
|
|
/* Set to true if we are authenticated. */ |
|
static int after_authentication = 0; |
|
|
/* Session key information for Encryption and MAC */ |
/* Session key information for Encryption and MAC */ |
Newkeys *newkeys[MODE_MAX]; |
Newkeys *newkeys[MODE_MAX]; |
static struct packet_state { |
static struct packet_state { |
|
|
/* Deleting the keys does not gain extra security */ |
/* Deleting the keys does not gain extra security */ |
/* memset(enc->iv, 0, enc->block_size); |
/* memset(enc->iv, 0, enc->block_size); |
memset(enc->key, 0, enc->key_len); */ |
memset(enc->key, 0, enc->key_len); */ |
if (comp->type != 0 && comp->enabled == 0) { |
if ((comp->type == COMP_ZLIB || |
|
(comp->type == COMP_DELAYED && after_authentication)) && |
|
comp->enabled == 0) { |
packet_init_compression(); |
packet_init_compression(); |
if (mode == MODE_OUT) |
if (mode == MODE_OUT) |
buffer_compress_init_send(6); |
buffer_compress_init_send(6); |
|
|
} |
} |
|
|
/* |
/* |
|
* Delayed compression for SSH2 is enabled after authentication: |
|
* This happans on the server side after a SSH2_MSG_USERAUTH_SUCCESS is sent, |
|
* and on the client side after a SSH2_MSG_USERAUTH_SUCCESS is received. |
|
*/ |
|
static void |
|
packet_enable_delayed_compress(void) |
|
{ |
|
Comp *comp = NULL; |
|
int mode; |
|
|
|
/* |
|
* Remember that we are past the authentication step, so rekeying |
|
* with COMP_DELAYED will turn on compression immediately. |
|
*/ |
|
after_authentication = 1; |
|
for (mode = 0; mode < MODE_MAX; mode++) { |
|
comp = &newkeys[mode]->comp; |
|
if (comp && !comp->enabled && comp->type == COMP_DELAYED) { |
|
packet_init_compression(); |
|
if (mode == MODE_OUT) |
|
buffer_compress_init_send(6); |
|
else |
|
buffer_compress_init_recv(); |
|
comp->enabled = 1; |
|
} |
|
} |
|
} |
|
|
|
/* |
* Finalize packet in SSH2 format (compress, mac, encrypt, enqueue) |
* Finalize packet in SSH2 format (compress, mac, encrypt, enqueue) |
*/ |
*/ |
static void |
static void |
|
|
|
|
if (type == SSH2_MSG_NEWKEYS) |
if (type == SSH2_MSG_NEWKEYS) |
set_newkeys(MODE_OUT); |
set_newkeys(MODE_OUT); |
|
else if (type == SSH2_MSG_USERAUTH_SUCCESS && server_side) |
|
packet_enable_delayed_compress(); |
} |
} |
|
|
static void |
static void |
|
|
static u_int packet_length = 0; |
static u_int packet_length = 0; |
u_int padlen, need; |
u_int padlen, need; |
u_char *macbuf, *cp, type; |
u_char *macbuf, *cp, type; |
int maclen, block_size; |
u_int maclen, block_size; |
Enc *enc = NULL; |
Enc *enc = NULL; |
Mac *mac = NULL; |
Mac *mac = NULL; |
Comp *comp = NULL; |
Comp *comp = NULL; |
|
|
packet_disconnect("Invalid ssh2 packet type: %d", type); |
packet_disconnect("Invalid ssh2 packet type: %d", type); |
if (type == SSH2_MSG_NEWKEYS) |
if (type == SSH2_MSG_NEWKEYS) |
set_newkeys(MODE_IN); |
set_newkeys(MODE_IN); |
|
else if (type == SSH2_MSG_USERAUTH_SUCCESS && !server_side) |
|
packet_enable_delayed_compress(); |
#ifdef PACKET_DEBUG |
#ifdef PACKET_DEBUG |
fprintf(stderr, "read/plain[%d]:\r\n", type); |
fprintf(stderr, "read/plain[%d]:\r\n", type); |
buffer_dump(&incoming_packet); |
buffer_dump(&incoming_packet); |
|
|
} |
} |
|
|
void * |
void * |
packet_get_raw(int *length_ptr) |
packet_get_raw(u_int *length_ptr) |
{ |
{ |
int bytes = buffer_len(&incoming_packet); |
u_int bytes = buffer_len(&incoming_packet); |
|
|
if (length_ptr != NULL) |
if (length_ptr != NULL) |
*length_ptr = bytes; |
*length_ptr = bytes; |
|
|
packet_set_rekey_limit(u_int32_t bytes) |
packet_set_rekey_limit(u_int32_t bytes) |
{ |
{ |
rekey_limit = bytes; |
rekey_limit = bytes; |
|
} |
|
|
|
void |
|
packet_set_server(void) |
|
{ |
|
server_side = 1; |
|
} |
|
|
|
void |
|
packet_set_authenticated(void) |
|
{ |
|
after_authentication = 1; |
} |
} |