src/usr.bin/ssh/packet.c - diff

Return to packet.c CVS log

Up to [local] / src / usr.bin / ssh

Diff for /src/usr.bin/ssh/packet.c between version 1.38.2.8 and 1.39

version 1.38.2.8, 2002/03/08 17:04:42

version 1.39, 2000/12/06 22:58:15

Line 13

* SSH2 packet format added by Markus Friedl.

* Redistribution and use in source and binary forms, with or without

* modification, are permitted provided that the following conditions

Line 43

#include "buffer.h"

#include "packet.h"

#include "bufaux.h"

#include "ssh.h"

#include "crc32.h"

#include "getput.h"

Line 51

Line 52

#include "channels.h"

#include "compat.h"

#include "ssh1.h"

#include "ssh2.h"

#include <openssl/bn.h>

#include <openssl/dh.h>

#include <openssl/hmac.h>

#include "buffer.h"

#include "cipher.h"

#include "kex.h"

#include "mac.h"

#include "hmac.h"

#include "log.h"

#include "canohost.h"

#include "misc.h"

#ifdef PACKET_DEBUG

#define DBG(x) x

Line 76

Line 77

static int connection_in = -1;

static int connection_out = -1;

* Cipher type. This value is only used to determine whether to pad the

* packets with zeroes or random data.

static int cipher_type = SSH_CIPHER_NONE;

/* Protocol flags for the remote side. */

static u_int remote_protocol_flags = 0;

static unsigned int remote_protocol_flags = 0;

/* Encryption context for receiving data. This is only used for decryption. */

static CipherContext receive_context;

Line 99

Line 106

/* Scratch buffer for packet compression/decompression. */

static Buffer compression_buffer;

static int compression_buffer_ready = 0;

/* Flag indicating whether packet compression/decompression is enabled. */

static int packet_compression = 0;

Line 113

Line 119

/* Set to true if the connection is interactive. */

static int interactive_mode = 0;

/* True if SSH2 packet format is used */

int use_ssh2_packet_format = 0;

/* Session key information for Encryption and MAC */

Newkeys *newkeys[MODE_MAX];

Kex *kex = NULL;

/* roundup current message to extra_pad bytes */

void

static u_char extra_pad = 0;

packet_set_kex(Kex *k)

{

if( k->mac[MODE_IN ].key == NULL ||

k->enc[MODE_IN ].key == NULL ||

k->enc[MODE_IN ].iv == NULL ||

k->mac[MODE_OUT].key == NULL ||

k->enc[MODE_OUT].key == NULL ||

k->enc[MODE_OUT].iv == NULL)

fatal("bad KEX");

kex = k;

}

void

clear_enc_keys(Enc *enc, int len)

{

memset(enc->iv, 0, len);

memset(enc->key, 0, len);

xfree(enc->iv);

xfree(enc->key);

enc->iv = NULL;

enc->key = NULL;

}

void

packet_set_ssh2_format(void)

{

DBG(debug("use_ssh2_packet_format"));

use_ssh2_packet_format = 1;

}

* Sets the descriptors used for communication. Disables encryption until

Line 131

Line 166

fatal("packet_set_connection: cannot load cipher 'none'");

connection_in = fd_in;

connection_out = fd_out;

cipher_init(&send_context, none, "", 0, NULL, 0, CIPHER_ENCRYPT);

cipher_type = SSH_CIPHER_NONE;

cipher_init(&receive_context, none, "", 0, NULL, 0, CIPHER_DECRYPT);

cipher_init(&send_context, none, (unsigned char *) "", 0, NULL, 0);

newkeys[MODE_IN] = newkeys[MODE_OUT] = NULL;

cipher_init(&receive_context, none, (unsigned char *) "", 0, NULL, 0);

if (!initialized) {

initialized = 1;

buffer_init(&input);

Line 148

Line 183

/* Returns 1 if remote host is connected via socket, 0 if not. */

int

packet_connection_is_on_socket(void)

packet_connection_is_on_socket()

{

struct sockaddr_storage from, to;

socklen_t fromlen, tolen;

Line 174

Line 209

/* returns 1 if connection is via ipv4 */

int

packet_connection_is_ipv4(void)

packet_connection_is_ipv4()

{

struct sockaddr_storage to;

socklen_t tolen = sizeof(to);

Line 190

Line 225

/* Sets the connection into non-blocking mode. */

void

packet_set_nonblocking(void)

packet_set_nonblocking()

{

/* Set the socket into non-blocking mode. */

if (fcntl(connection_in, F_SETFL, O_NONBLOCK) < 0)

Line 205

Line 240

/* Returns the socket used for reading. */

int

packet_get_connection_in(void)

packet_get_connection_in()

{

return connection_in;

}

Line 213

Line 248

/* Returns the descriptor used for writing. */

int

packet_get_connection_out(void)

packet_get_connection_out()

{

return connection_out;

}

Line 221

Line 256

/* Closes the connection and clears and frees internal data structures. */

void

packet_close(void)

packet_close()

{

if (!initialized)

return;

Line 237

Line 272

buffer_free(&output);

buffer_free(&outgoing_packet);

buffer_free(&incoming_packet);

if (compression_buffer_ready) {

if (packet_compression) {

buffer_free(&compression_buffer);

buffer_compress_uninit();

}

cipher_cleanup(&send_context);

cipher_cleanup(&receive_context);

}

/* Sets remote side protocol flags. */

void

packet_set_protocol_flags(u_int protocol_flags)

packet_set_protocol_flags(unsigned int protocol_flags)

{

remote_protocol_flags = protocol_flags;

channel_set_options((protocol_flags & SSH_PROTOFLAG_HOST_IN_FWD_OPEN) != 0);

}

/* Returns the remote protocol flags set earlier by the above function. */

u_int

unsigned int

packet_get_protocol_flags(void)

packet_get_protocol_flags()

{

return remote_protocol_flags;

}

Line 266

Line 300

* Level is compression level 1 (fastest) - 9 (slow, best) as in gzip.

static void

/*** XXXXX todo: kex means re-init */

packet_init_compression(void)

void

packet_start_compression(int level)

{

if (compression_buffer_ready == 1)

if (packet_compression)

return;

fatal("Compression already enabled.");

compression_buffer_ready = 1;

packet_compression = 1;

buffer_init(&compression_buffer);

buffer_compress_init(level);

}

* Encrypts the given number of bytes, copying from src to dest. bytes is

* known to be a multiple of 8.

void

packet_start_compression(int level)

packet_encrypt(CipherContext * cc, void *dest, void *src,

unsigned int bytes)

{

if (packet_compression && !compat20)

cipher_encrypt(cc, dest, src, bytes);

fatal("Compression already enabled.");

packet_compression = 1;

packet_init_compression();

buffer_compress_init_send(level);

buffer_compress_init_recv();

}

* Decrypts the given number of bytes, copying from src to dest. bytes is

* known to be a multiple of 8.

void

packet_decrypt(CipherContext *context, void *dest, void *src, unsigned int bytes)

{

* Cryptographic attack detector for ssh - Modifications for packet.c

if (!compat20 &&

context->cipher->number != SSH_CIPHER_NONE &&

detect_attack(src, bytes, NULL) == DEATTACK_DETECTED)

packet_disconnect("crc32 compensation attack: network attack detected");

cipher_decrypt(context, dest, src, bytes);

}

* Causes any further packets to be encrypted using the given key. The same

* key is used for both sending and reception. However, both directions are

* encrypted independently of each other.

void

packet_set_encryption_key(const u_char *key, u_int keylen,

packet_set_encryption_key(const unsigned char *key, unsigned int keylen,

int number)

{

Cipher *cipher = cipher_by_number(number);

Line 300

Line 358

fatal("packet_set_encryption_key: unknown cipher number %d", number);

if (keylen < 20)

fatal("packet_set_encryption_key: keylen too small: %d", keylen);

cipher_init(&send_context, cipher, key, keylen, NULL, 0, CIPHER_ENCRYPT);

cipher_init(&receive_context, cipher, key, keylen, NULL, 0);

cipher_init(&receive_context, cipher, key, keylen, NULL, 0, CIPHER_DECRYPT);

cipher_init(&send_context, cipher, key, keylen, NULL, 0);

}

/* Start constructing a packet to send. */

/* Starts constructing a packet to send. */

void

packet_start(u_char type)

packet_start1(int type)

{

u_char buf[9];

char buf[9];

int len;

DBG(debug("packet_start[%d]", type));

len = compat20 ? 6 : 9;

memset(buf, 0, len - 1);

buf[len - 1] = type;

buffer_clear(&outgoing_packet);

buffer_append(&outgoing_packet, buf, len);

memset(buf, 0, 8);

buf[8] = type;

buffer_append(&outgoing_packet, buf, 9);

}

/* Append payload. */

void

packet_start2(int type)

{

char buf[4+1+1];

buffer_clear(&outgoing_packet);

memset(buf, 0, sizeof buf);

/* buf[0..3] = payload_len; */

/* buf[4] = pad_len; */

buf[5] = type & 0xff;

buffer_append(&outgoing_packet, buf, sizeof buf);

}

void

packet_start(int type)

{

DBG(debug("packet_start[%d]",type));

if (use_ssh2_packet_format)

packet_start2(type);

else

packet_start1(type);

}

/* Appends a character to the packet data. */

void

packet_put_char(int value)

{

char ch = value;

buffer_append(&outgoing_packet, &ch, 1);

}

/* Appends an integer to the packet data. */

void

packet_put_int(u_int value)

packet_put_int(unsigned int value)

{

buffer_put_int(&outgoing_packet, value);

}

/* Appends a string to packet data. */

void

packet_put_string(const void *buf, u_int len)

packet_put_string(const char *buf, unsigned int len)

{

buffer_put_string(&outgoing_packet, buf, len);

}

void

packet_put_cstring(const char *str)

{

buffer_put_cstring(&outgoing_packet, str);

buffer_put_string(&outgoing_packet, str, strlen(str));

}

void

packet_put_raw(const void *buf, u_int len)

packet_put_raw(const char *buf, unsigned int len)

{

buffer_append(&outgoing_packet, buf, len);

}

/* Appends an arbitrary precision integer to packet data. */

void

packet_put_bignum(BIGNUM * value)

{

Line 362

Line 453

* encrypts the packet before sending.

static void

void

packet_send1(void)

packet_send1()

{

u_char buf[8], *cp;

char buf[8], *cp;

int i, padding, len;

u_int checksum;

unsigned int checksum;

u_int32_t rand = 0;

Line 383

Line 474

buffer_compress(&outgoing_packet, &compression_buffer);

buffer_clear(&outgoing_packet);

buffer_append(&outgoing_packet, buffer_ptr(&compression_buffer),

buffer_len(&compression_buffer));

}

/* Compute packet length without padding (add checksum, remove padding). */

len = buffer_len(&outgoing_packet) + 4 - 8;

/* Insert padding. Initialized to zero in packet_start1() */

padding = 8 - len % 8;

if (!send_context.plaintext) {

if (cipher_type != SSH_CIPHER_NONE) {

cp = buffer_ptr(&outgoing_packet);

for (i = 0; i < padding; i++) {

if (i % 4 == 0)

Line 402

Line 493

buffer_consume(&outgoing_packet, 8 - padding);

/* Add check bytes. */

checksum = ssh_crc32(buffer_ptr(&outgoing_packet),

checksum = ssh_crc32((unsigned char *) buffer_ptr(&outgoing_packet),

buffer_len(&outgoing_packet));

PUT_32BIT(buf, checksum);

buffer_append(&outgoing_packet, buf, 4);

Line 415

Line 506

/* Append to output. */

PUT_32BIT(buf, len);

buffer_append(&output, buf, 4);

cp = buffer_append_space(&output, buffer_len(&outgoing_packet));

buffer_append_space(&output, &cp, buffer_len(&outgoing_packet));

cipher_crypt(&send_context, cp, buffer_ptr(&outgoing_packet),

packet_encrypt(&send_context, cp, buffer_ptr(&outgoing_packet),

buffer_len(&outgoing_packet));

#ifdef PACKET_DEBUG

fprintf(stderr, "encrypted: ");

Line 433

Line 524

}

static void

set_newkeys(int mode)

{

Enc *enc;

Mac *mac;

Comp *comp;

CipherContext *cc;

int encrypt;

debug("newkeys: mode %d", mode);

if (mode == MODE_OUT) {

cc = &send_context;

encrypt = CIPHER_ENCRYPT;

} else {

cc = &receive_context;

encrypt = CIPHER_DECRYPT;

}

if (newkeys[mode] != NULL) {

debug("newkeys: rekeying");

cipher_cleanup(cc);

enc = &newkeys[mode]->enc;

mac = &newkeys[mode]->mac;

comp = &newkeys[mode]->comp;

memset(mac->key, 0, mac->key_len);

xfree(enc->name);

xfree(enc->iv);

xfree(enc->key);

xfree(mac->name);

xfree(mac->key);

xfree(comp->name);

xfree(newkeys[mode]);

}

newkeys[mode] = kex_get_newkeys(mode);

if (newkeys[mode] == NULL)

fatal("newkeys: no keys for mode %d", mode);

enc = &newkeys[mode]->enc;

mac = &newkeys[mode]->mac;

comp = &newkeys[mode]->comp;

if (mac->md != NULL)

mac->enabled = 1;

DBG(debug("cipher_init_context: %d", mode));

cipher_init(cc, enc->cipher, enc->key, enc->key_len,

enc->iv, enc->block_size, encrypt);

memset(enc->iv, 0, enc->block_size);

memset(enc->key, 0, enc->key_len);

if (comp->type != 0 && comp->enabled == 0) {

packet_init_compression();

if (mode == MODE_OUT)

buffer_compress_init_send(6);

else

buffer_compress_init_recv();

comp->enabled = 1;

}

* Finalize packet in SSH2 format (compress, mac, encrypt, enqueue)

static void

void

packet_send2(void)

packet_send2()

{

static u_int32_t seqnr = 0;

unsigned char *macbuf = NULL;

u_char type, *cp, *macbuf = NULL;

char *cp;

u_char padlen, pad;

unsigned int packet_length = 0;

u_int packet_length = 0;

unsigned int i, padlen, len;

u_int i, len;

u_int32_t rand = 0;

static unsigned int seqnr = 0;

int type;

Enc *enc = NULL;

Mac *mac = NULL;

Comp *comp = NULL;

int block_size;

if (newkeys[MODE_OUT] != NULL) {

if (kex != NULL) {

enc = &newkeys[MODE_OUT]->enc;

enc = &kex->enc[MODE_OUT];

mac = &newkeys[MODE_OUT]->mac;

mac = &kex->mac[MODE_OUT];

comp = &newkeys[MODE_OUT]->comp;

comp = &kex->comp[MODE_OUT];

}

block_size = enc ? enc->block_size : 8;

block_size = enc ? enc->cipher->block_size : 8;

cp = buffer_ptr(&outgoing_packet);

type = cp[5];

type = cp[5] & 0xff;

#ifdef PACKET_DEBUG

fprintf(stderr, "plain: ");

Line 545

Line 581

padlen = block_size - (len % block_size);

if (padlen < 4)

padlen += block_size;

if (extra_pad) {

buffer_append_space(&outgoing_packet, &cp, padlen);

/* will wrap if extra_pad+padlen > 255 */

if (enc && enc->cipher->number != SSH_CIPHER_NONE) {

extra_pad = roundup(extra_pad, block_size);

pad = extra_pad - ((len + padlen) % extra_pad);

debug("packet_send2: adding %d (len %d padlen %d extra_pad %d)",

pad, len, padlen, extra_pad);

padlen += pad;

extra_pad = 0;

}

cp = buffer_append_space(&outgoing_packet, padlen);

if (enc && !send_context.plaintext) {

/* random padding */

for (i = 0; i < padlen; i++) {

if (i % 4 == 0)

rand = arc4random();

cp[i] = rand & 0xff;

rand >>= 8;

rand <<= 8;

}

} else {

/* clear padding */

Line 571

Line 598

packet_length = buffer_len(&outgoing_packet) - 4;

cp = buffer_ptr(&outgoing_packet);

PUT_32BIT(cp, packet_length);

cp[4] = padlen;

cp[4] = padlen & 0xff;

DBG(debug("send: len %d (includes padlen %d)", packet_length+4, padlen));

/* compute MAC over seqnr and packet(length fields, payload, padding) */

if (mac && mac->enabled) {

macbuf = mac_compute(mac, seqnr,

macbuf = hmac( mac->md, seqnr,

buffer_ptr(&outgoing_packet),

(unsigned char *) buffer_ptr(&outgoing_packet),

buffer_len(&outgoing_packet));

buffer_len(&outgoing_packet),

mac->key, mac->key_len

);

DBG(debug("done calc MAC out #%d", seqnr));

}

/* encrypt packet and append to output buffer. */

cp = buffer_append_space(&output, buffer_len(&outgoing_packet));

buffer_append_space(&output, &cp, buffer_len(&outgoing_packet));

cipher_crypt(&send_context, cp, buffer_ptr(&outgoing_packet),

packet_encrypt(&send_context, cp, buffer_ptr(&outgoing_packet),

buffer_len(&outgoing_packet));

/* append unencrypted MAC */

if (mac && mac->enabled)

Line 597

Line 626

log("outgoing seqnr wraps around");

buffer_clear(&outgoing_packet);

if (type == SSH2_MSG_NEWKEYS)

if (type == SSH2_MSG_NEWKEYS) {

set_newkeys(MODE_OUT);

if (kex==NULL || mac==NULL || enc==NULL || comp==NULL)

fatal("packet_send2: no KEX");

if (mac->md != NULL)

mac->enabled = 1;

DBG(debug("cipher_init send_context"));

cipher_init(&send_context, enc->cipher,

enc->key, enc->cipher->key_len,

enc->iv, enc->cipher->block_size);

clear_enc_keys(enc, kex->we_need);

if (comp->type != 0 && comp->enabled == 0) {

comp->enabled = 1;

if (! packet_compression)

packet_start_compression(6);

}

void

packet_send(void)

packet_send()

{

if (compat20)

if (use_ssh2_packet_format)

packet_send2();

else

packet_send1();

Line 618

Line 661

int

packet_read_seqnr(u_int32_t *seqnr_p)

packet_read(int *payload_len_ptr)

{

int type, len;

fd_set *setp;

fd_set set;

char buf[8192];

DBG(debug("packet_read()"));

setp = (fd_set *)xmalloc(howmany(connection_in+1, NFDBITS) *

sizeof(fd_mask));

/* Since we are blocking, ensure that all written packets have been sent. */

packet_write_wait();

/* Stay in the loop until we have received a complete packet. */

for (;;) {

/* Try to read a packet from the buffer. */

type = packet_read_poll_seqnr(seqnr_p);

type = packet_read_poll(payload_len_ptr);

if (!compat20 && (

if (!use_ssh2_packet_format && (

type == SSH_SMSG_SUCCESS

|| type == SSH_SMSG_FAILURE

|| type == SSH_CMSG_EOF

|| type == SSH_CMSG_EXIT_CONFIRMATION))

packet_check_eom();

packet_integrity_check(*payload_len_ptr, 0, type);

/* If we got a packet, return it. */

if (type != SSH_MSG_NONE) {

if (type != SSH_MSG_NONE)

xfree(setp);

return type;

}

* Otherwise, wait for some data to arrive, add it to the

* buffer, and try again.

memset(setp, 0, howmany(connection_in + 1, NFDBITS) *

FD_ZERO(&set);

sizeof(fd_mask));

FD_SET(connection_in, &set);

FD_SET(connection_in, setp);

/* Wait for some data to arrive. */

while (select(connection_in + 1, setp, NULL, NULL, NULL) == -1 &&

select(connection_in + 1, &set, NULL, NULL, NULL);

(errno == EAGAIN || errno == EINTR))

;

/* Read data from the socket. */

len = read(connection_in, buf, sizeof(buf));

Line 673

Line 708

/* NOTREACHED */

}

int

packet_read(void)

{

return packet_read_seqnr(NULL);

}

* Waits until a packet has been received, verifies that its type matches

* that given, and gives a fatal error and exits if there is a mismatch.

void

packet_read_expect(int expected_type)

packet_read_expect(int *payload_len_ptr, int expected_type)

{

int type;

type = packet_read();

type = packet_read(payload_len_ptr);

if (type != expected_type)

packet_disconnect("Protocol error: expected packet type %d, got %d",

expected_type, type);

Line 702

Line 731

* SSH_MSG_DISCONNECT is handled specially here. Also,

* SSH_MSG_IGNORE messages are skipped by this function and are never returned

* to higher levels.

* The returned payload_len does include space consumed by:

* Packet length

* Padding

* Packet type

* Check bytes

static int

int

packet_read_poll1(void)

packet_read_poll1(int *payload_len_ptr)

{

u_int len, padded_len;

unsigned int len, padded_len;

u_char *cp, type;

unsigned char *ucp;

u_int checksum, stored_checksum;

char buf[8], *cp;

unsigned int checksum, stored_checksum;

/* Check if input size is less than minimum packet size. */

if (buffer_len(&input) < 4 + 8)

return SSH_MSG_NONE;

/* Get length of incoming packet. */

cp = buffer_ptr(&input);

ucp = (unsigned char *) buffer_ptr(&input);

len = GET_32BIT(cp);

len = GET_32BIT(ucp);

if (len < 1 + 2 + 2 || len > 256 * 1024)

packet_disconnect("Bad packet length %d.", len);

padded_len = (len + 8) & ~7;

Line 730

Line 766

/* Consume packet length. */

buffer_consume(&input, 4);

/* Copy data to incoming_packet. */

* Cryptographic attack detector for ssh

* Ariel Futoransky(futo@core-sdi.com)

if (!receive_context.plaintext &&

detect_attack(buffer_ptr(&input), padded_len, NULL) == DEATTACK_DETECTED)

packet_disconnect("crc32 compensation attack: network attack detected");

/* Decrypt data to incoming_packet. */

buffer_clear(&incoming_packet);

cp = buffer_append_space(&incoming_packet, padded_len);

buffer_append_space(&incoming_packet, &cp, padded_len);

cipher_crypt(&receive_context, cp, buffer_ptr(&input), padded_len);

packet_decrypt(&receive_context, cp, buffer_ptr(&input), padded_len);

buffer_consume(&input, padded_len);

#ifdef PACKET_DEBUG

Line 752

Line 778

#endif

/* Compute packet checksum. */

checksum = ssh_crc32(buffer_ptr(&incoming_packet),

checksum = ssh_crc32((unsigned char *) buffer_ptr(&incoming_packet),

buffer_len(&incoming_packet) - 4);

/* Skip padding. */

buffer_consume(&incoming_packet, 8 - len % 8);

/* Test check bytes. */

if (len != buffer_len(&incoming_packet))

packet_disconnect("packet_read_poll1: len %d != buffer_len %d.",

packet_disconnect("packet_read_poll: len %d != buffer_len %d.",

len, buffer_len(&incoming_packet));

cp = (u_char *)buffer_ptr(&incoming_packet) + len - 4;

ucp = (unsigned char *) buffer_ptr(&incoming_packet) + len - 4;

stored_checksum = GET_32BIT(cp);

stored_checksum = GET_32BIT(ucp);

if (checksum != stored_checksum)

packet_disconnect("Corrupted check bytes on input.");

buffer_consume_end(&incoming_packet, 4);

/* If using packet compression, decompress the packet. */

if (packet_compression) {

buffer_clear(&compression_buffer);

buffer_uncompress(&incoming_packet, &compression_buffer);

Line 776

Line 804

buffer_append(&incoming_packet, buffer_ptr(&compression_buffer),

buffer_len(&compression_buffer));

}

type = buffer_get_char(&incoming_packet);

/* Get packet type. */

return type;

buffer_get(&incoming_packet, &buf[0], 1);

/* Return length of payload (without type field). */

*payload_len_ptr = buffer_len(&incoming_packet);

/* Return type. */

return (unsigned char) buf[0];

}

static int

int

packet_read_poll2(u_int32_t *seqnr_p)

packet_read_poll2(int *payload_len_ptr)

{

static u_int32_t seqnr = 0;

unsigned int padlen, need;

static u_int packet_length = 0;

unsigned char buf[8], *macbuf;

u_int padlen, need;

unsigned char *ucp;

u_char *macbuf, *cp, type;

char *cp;

static unsigned int packet_length = 0;

static unsigned int seqnr = 0;

int type;

int maclen, block_size;

Enc *enc = NULL;

Mac *mac = NULL;

Comp *comp = NULL;

if (newkeys[MODE_IN] != NULL) {

if (kex != NULL) {

enc = &newkeys[MODE_IN]->enc;

enc = &kex->enc[MODE_IN];

mac = &newkeys[MODE_IN]->mac;

mac = &kex->mac[MODE_IN];

comp = &newkeys[MODE_IN]->comp;

comp = &kex->comp[MODE_IN];

}

maclen = mac && mac->enabled ? mac->mac_len : 0;

block_size = enc ? enc->block_size : 8;

block_size = enc ? enc->cipher->block_size : 8;

if (packet_length == 0) {

Line 808

Line 845

if (buffer_len(&input) < block_size)

return SSH_MSG_NONE;

buffer_clear(&incoming_packet);

cp = buffer_append_space(&incoming_packet, block_size);

buffer_append_space(&incoming_packet, &cp, block_size);

cipher_crypt(&receive_context, cp, buffer_ptr(&input),

packet_decrypt(&receive_context, cp, buffer_ptr(&input),

block_size);

cp = buffer_ptr(&incoming_packet);

ucp = (unsigned char *) buffer_ptr(&incoming_packet);

packet_length = GET_32BIT(cp);

packet_length = GET_32BIT(ucp);

if (packet_length < 1 + 4 || packet_length > 256 * 1024) {

buffer_dump(&incoming_packet);

packet_disconnect("Bad packet length %d.", packet_length);

Line 837

Line 874

fprintf(stderr, "read_poll enc/full: ");

buffer_dump(&input);

#endif

cp = buffer_append_space(&incoming_packet, need);

buffer_append_space(&incoming_packet, &cp, need);

cipher_crypt(&receive_context, cp, buffer_ptr(&input), need);

packet_decrypt(&receive_context, cp, buffer_ptr(&input), need);

buffer_consume(&input, need);

* compute MAC over seqnr and packet,

* increment sequence number for incoming packet

if (mac && mac->enabled) {

macbuf = mac_compute(mac, seqnr,

macbuf = hmac( mac->md, seqnr,

buffer_ptr(&incoming_packet),

(unsigned char *) buffer_ptr(&incoming_packet),

buffer_len(&incoming_packet));

buffer_len(&incoming_packet),

mac->key, mac->key_len

);

if (memcmp(macbuf, buffer_ptr(&input), mac->mac_len) != 0)

packet_disconnect("Corrupted MAC on input.");

DBG(debug("MAC #%d ok", seqnr));

buffer_consume(&input, mac->mac_len);

}

if (seqnr_p != NULL)

*seqnr_p = seqnr;

if (++seqnr == 0)

log("incoming seqnr wraps around");

/* get padlen */

cp = buffer_ptr(&incoming_packet);

cp = buffer_ptr(&incoming_packet) + 4;

padlen = cp[4];

padlen = *cp & 0xff;

DBG(debug("input: padlen %d", padlen));

if (padlen < 4)

packet_disconnect("Corrupted padlen %d on input.", padlen);

Line 882

Line 919

* get packet type, implies consume.

* return length of payload (without type field)

type = buffer_get_char(&incoming_packet);

buffer_get(&incoming_packet, (char *)&buf[0], 1);

if (type == SSH2_MSG_NEWKEYS)

*payload_len_ptr = buffer_len(&incoming_packet);

set_newkeys(MODE_IN);

/* reset for next packet */

packet_length = 0;

/* extract packet type */

type = (unsigned char)buf[0];

if (type == SSH2_MSG_NEWKEYS) {

if (kex==NULL || mac==NULL || enc==NULL || comp==NULL)

fatal("packet_read_poll2: no KEX");

if (mac->md != NULL)

mac->enabled = 1;

DBG(debug("cipher_init receive_context"));

cipher_init(&receive_context, enc->cipher,

enc->key, enc->cipher->key_len,

enc->iv, enc->cipher->block_size);

clear_enc_keys(enc, kex->we_need);

if (comp->type != 0 && comp->enabled == 0) {

comp->enabled = 1;

if (! packet_compression)

packet_start_compression(6);

}

#ifdef PACKET_DEBUG

fprintf(stderr, "read/plain[%d]:\r\n", type);

fprintf(stderr, "read/plain[%d]:\r\n",type);

buffer_dump(&incoming_packet);

#endif

/* reset for next packet */

return (unsigned char)type;

packet_length = 0;

return type;

}

int

packet_read_poll_seqnr(u_int32_t *seqnr_p)

packet_read_poll(int *payload_len_ptr)

{

int reason, seqnr;

u_char type;

char *msg;

for (;;) {

if (compat20) {

int type = use_ssh2_packet_format ?

type = packet_read_poll2(seqnr_p);

packet_read_poll2(payload_len_ptr):

if (type)

packet_read_poll1(payload_len_ptr);

if(compat20) {

int reason;

if (type != 0)

DBG(debug("received packet type %d", type));

switch (type) {

switch(type) {

case SSH2_MSG_IGNORE:

break;

case SSH2_MSG_DEBUG:

Line 920

Line 979

case SSH2_MSG_DISCONNECT:

reason = packet_get_int();

msg = packet_get_string(NULL);

log("Received disconnect from %s: %d: %.400s", get_remote_ipaddr(),

log("Received disconnect: %d: %.900s", reason, msg);

reason, msg);

xfree(msg);

fatal_cleanup();

break;

case SSH2_MSG_UNIMPLEMENTED:

seqnr = packet_get_int();

debug("Received SSH2_MSG_UNIMPLEMENTED for %d", seqnr);

break;

default:

return type;

break;

}

} else {

type = packet_read_poll1();

switch(type) {

switch (type) {

case SSH_MSG_IGNORE:

break;

case SSH_MSG_DEBUG:

Line 945

Line 998

break;

case SSH_MSG_DISCONNECT:

msg = packet_get_string(NULL);

log("Received disconnect from %s: %.400s", get_remote_ipaddr(),

log("Received disconnect: %.900s", msg);

msg);

fatal_cleanup();

xfree(msg);

break;

default:

if (type)

if (type != 0)

DBG(debug("received packet type %d", type));

return type;

break;

}

int

packet_read_poll(void)

{

return packet_read_poll_seqnr(NULL);

}

* Buffers the given amount of input characters. This is intended to be used

* together with packet_read_poll.

void

packet_process_incoming(const char *buf, u_int len)

packet_process_incoming(const char *buf, unsigned int len)

{

buffer_append(&input, buf, len);

}

/* Returns a character from the packet. */

u_int

unsigned int

packet_get_char(void)

packet_get_char()

{

char ch;

buffer_get(&incoming_packet, &ch, 1);

return (u_char) ch;

return (unsigned char) ch;

}

/* Returns an integer from the packet data. */

u_int

unsigned int

packet_get_int(void)

packet_get_int()

{

return buffer_get_int(&incoming_packet);

}

Line 1001

Line 1047

void

packet_get_bignum(BIGNUM * value)

packet_get_bignum(BIGNUM * value, int *length_ptr)

{

buffer_get_bignum(&incoming_packet, value);

*length_ptr = buffer_get_bignum(&incoming_packet, value);

}

void

packet_get_bignum2(BIGNUM * value)

packet_get_bignum2(BIGNUM * value, int *length_ptr)

{

buffer_get_bignum2(&incoming_packet, value);

*length_ptr = buffer_get_bignum2(&incoming_packet, value);

}

void *

char *

packet_get_raw(int *length_ptr)

{

int bytes = buffer_len(&incoming_packet);

Line 1034

Line 1080

* integer into which the length of the string is stored.

void *

char *

packet_get_string(u_int *length_ptr)

packet_get_string(unsigned int *length_ptr)

{

return buffer_get_string(&incoming_packet, length_ptr);

}

Line 1108

Line 1154

packet_put_cstring("");

} else {

packet_start(SSH_MSG_DISCONNECT);

packet_put_cstring(buf);

packet_put_string(buf, strlen(buf));

}

packet_send();

packet_write_wait();

/* Stop listening for connections. */

channel_close_all();

channel_stop_listening();

/* Close the connection. */

packet_close();

Line 1127

Line 1173

/* Checks if there is any buffered output, and tries to write some of the output. */

void

packet_write_poll(void)

packet_write_poll()

{

int len = buffer_len(&output);

if (len > 0) {

Line 1148

Line 1194

void

packet_write_wait(void)

packet_write_wait()

{

fd_set *setp;

setp = (fd_set *)xmalloc(howmany(connection_out + 1, NFDBITS) *

sizeof(fd_mask));

packet_write_poll();

while (packet_have_data_to_write()) {

memset(setp, 0, howmany(connection_out + 1, NFDBITS) *

fd_set set;

sizeof(fd_mask));

FD_ZERO(&set);

FD_SET(connection_out, setp);

FD_SET(connection_out, &set);

while (select(connection_out + 1, NULL, setp, NULL, NULL) == -1 &&

select(connection_out + 1, NULL, &set, NULL, NULL);

(errno == EAGAIN || errno == EINTR))

;

packet_write_poll();

}

xfree(setp);

}

/* Returns true if there is buffered data to write to the connection. */

int

packet_have_data_to_write(void)

packet_have_data_to_write()

{

return buffer_len(&output) != 0;

}

Line 1178

Line 1217

/* Returns true if there is not too much data to write to the connection. */

int

packet_not_very_much_data_to_write(void)

packet_not_very_much_data_to_write()

{

if (interactive_mode)

return buffer_len(&output) < 16384;

Line 1189

Line 1228

/* Informs that the current session is interactive. Sets IP flags for that. */

void

packet_set_interactive(int interactive)

packet_set_interactive(int interactive, int keepalives)

{

static int called = 0;

int on = 1;

int lowdelay = IPTOS_LOWDELAY;

int throughput = IPTOS_THROUGHPUT;

if (called)

return;

called = 1;

/* Record that we are in interactive mode. */

interactive_mode = interactive;

/* Only set socket options if using a socket. */

if (!packet_connection_is_on_socket())

return;

if (keepalives) {

/* Set keepalives if requested. */

if (setsockopt(connection_in, SOL_SOCKET, SO_KEEPALIVE, (void *) &on,

sizeof(on)) < 0)

error("setsockopt SO_KEEPALIVE: %.100s", strerror(errno));

}

* IPTOS_LOWDELAY and IPTOS_THROUGHPUT are IPv4 only

* IPTOS_LOWDELAY, TCP_NODELAY and IPTOS_THROUGHPUT are IPv4 only

if (!packet_connection_is_ipv4())

return;

if (interactive) {

* Set IP options for an interactive connection. Use

* IPTOS_LOWDELAY and TCP_NODELAY.

if (packet_connection_is_ipv4()) {

int lowdelay = IPTOS_LOWDELAY;

if (setsockopt(connection_in, IPPROTO_IP, IP_TOS,

if (setsockopt(connection_in, IPPROTO_IP, IP_TOS, (void *) &lowdelay,

&lowdelay, sizeof(lowdelay)) < 0)

sizeof(lowdelay)) < 0)

error("setsockopt IPTOS_LOWDELAY: %.100s",

error("setsockopt IPTOS_LOWDELAY: %.100s", strerror(errno));

strerror(errno));

if (setsockopt(connection_in, IPPROTO_TCP, TCP_NODELAY, (void *) &on,

}

sizeof(on)) < 0)

set_nodelay(connection_in);

error("setsockopt TCP_NODELAY: %.100s", strerror(errno));

} else if (packet_connection_is_ipv4()) {

} else {

* Set IP options for a non-interactive connection. Use

* IPTOS_THROUGHPUT.

if (setsockopt(connection_in, IPPROTO_IP, IP_TOS, &throughput,

int throughput = IPTOS_THROUGHPUT;

if (setsockopt(connection_in, IPPROTO_IP, IP_TOS, (void *) &throughput,

sizeof(throughput)) < 0)

error("setsockopt IPTOS_THROUGHPUT: %.100s", strerror(errno));

}

Line 1234

Line 1276

/* Returns true if the current connection is interactive. */

int

packet_is_interactive(void)

packet_is_interactive()

{

return interactive_mode;

}

Line 1252

Line 1294

log("packet_set_maxsize: bad size %d", s);

return -1;

}

called = 1;

log("packet_set_maxsize: setting to %d", s);

debug("packet_set_maxsize: setting to %d", s);

max_packet_size = s;

return s;

}

/* roundup current message to pad bytes */

void

packet_add_padding(u_char pad)

{

extra_pad = pad;

}

* 9.2. Ignored Data Message

* byte SSH_MSG_IGNORE

* string data

* All implementations MUST understand (and ignore) this message at any

* time (after receiving the protocol version). No implementation is

* required to send them. This message can be used as an additional

* protection measure against advanced traffic analysis techniques.

void

packet_send_ignore(int nbytes)

{

u_int32_t rand = 0;

int i;

packet_start(compat20 ? SSH2_MSG_IGNORE : SSH_MSG_IGNORE);

packet_put_int(nbytes);

for (i = 0; i < nbytes; i++) {

if (i % 4 == 0)

rand = arc4random();

packet_put_char(rand & 0xff);

rand >>= 8;

}