version 1.61, 2001/04/05 10:42:51 |
version 1.62, 2001/05/28 23:58:35 |
|
|
static int connection_in = -1; |
static int connection_in = -1; |
static int connection_out = -1; |
static int connection_out = -1; |
|
|
/* |
|
* Cipher type. This value is only used to determine whether to pad the |
|
* packets with zeroes or random data. |
|
*/ |
|
static int cipher_type = SSH_CIPHER_NONE; |
|
|
|
/* Protocol flags for the remote side. */ |
/* Protocol flags for the remote side. */ |
static u_int remote_protocol_flags = 0; |
static u_int remote_protocol_flags = 0; |
|
|
|
|
/* Set to true if the connection is interactive. */ |
/* Set to true if the connection is interactive. */ |
static int interactive_mode = 0; |
static int interactive_mode = 0; |
|
|
/* True if SSH2 packet format is used */ |
|
int use_ssh2_packet_format = 0; |
|
|
|
/* Session key information for Encryption and MAC */ |
/* Session key information for Encryption and MAC */ |
Newkeys *newkeys[MODE_MAX]; |
Newkeys *newkeys[MODE_MAX]; |
|
|
void |
|
packet_set_ssh2_format(void) |
|
{ |
|
DBG(debug("use_ssh2_packet_format")); |
|
use_ssh2_packet_format = 1; |
|
newkeys[MODE_IN] = newkeys[MODE_OUT] = NULL; |
|
} |
|
|
|
/* |
/* |
* Sets the descriptors used for communication. Disables encryption until |
* Sets the descriptors used for communication. Disables encryption until |
* packet_set_encryption_key is called. |
* packet_set_encryption_key is called. |
|
|
fatal("packet_set_connection: cannot load cipher 'none'"); |
fatal("packet_set_connection: cannot load cipher 'none'"); |
connection_in = fd_in; |
connection_in = fd_in; |
connection_out = fd_out; |
connection_out = fd_out; |
cipher_type = SSH_CIPHER_NONE; |
|
cipher_init(&send_context, none, (u_char *) "", 0, NULL, 0); |
cipher_init(&send_context, none, (u_char *) "", 0, NULL, 0); |
cipher_init(&receive_context, none, (u_char *) "", 0, NULL, 0); |
cipher_init(&receive_context, none, (u_char *) "", 0, NULL, 0); |
|
newkeys[MODE_IN] = newkeys[MODE_OUT] = NULL; |
if (!initialized) { |
if (!initialized) { |
initialized = 1; |
initialized = 1; |
buffer_init(&input); |
buffer_init(&input); |
|
|
void |
void |
packet_start_compression(int level) |
packet_start_compression(int level) |
{ |
{ |
if (packet_compression && !use_ssh2_packet_format) |
if (packet_compression && !compat20) |
fatal("Compression already enabled."); |
fatal("Compression already enabled."); |
packet_compression = 1; |
packet_compression = 1; |
packet_init_compression(); |
packet_init_compression(); |
|
|
} |
} |
|
|
/* |
/* |
* Encrypts the given number of bytes, copying from src to dest. bytes is |
|
* known to be a multiple of 8. |
|
*/ |
|
|
|
void |
|
packet_encrypt(CipherContext * cc, void *dest, void *src, |
|
u_int bytes) |
|
{ |
|
cipher_encrypt(cc, dest, src, bytes); |
|
} |
|
|
|
/* |
|
* Decrypts the given number of bytes, copying from src to dest. bytes is |
|
* known to be a multiple of 8. |
|
*/ |
|
|
|
void |
|
packet_decrypt(CipherContext *context, void *dest, void *src, u_int bytes) |
|
{ |
|
/* |
|
* Cryptographic attack detector for ssh - Modifications for packet.c |
|
* (C)1998 CORE-SDI, Buenos Aires Argentina Ariel Futoransky(futo@core-sdi.com) |
|
*/ |
|
if (!compat20 && |
|
context->cipher->number != SSH_CIPHER_NONE && |
|
detect_attack(src, bytes, NULL) == DEATTACK_DETECTED) |
|
packet_disconnect("crc32 compensation attack: network attack detected"); |
|
|
|
cipher_decrypt(context, dest, src, bytes); |
|
} |
|
|
|
/* |
|
* Causes any further packets to be encrypted using the given key. The same |
* Causes any further packets to be encrypted using the given key. The same |
* key is used for both sending and reception. However, both directions are |
* key is used for both sending and reception. However, both directions are |
* encrypted independently of each other. |
* encrypted independently of each other. |
*/ |
*/ |
|
|
void |
void |
packet_set_encryption_key(const u_char *key, u_int keylen, |
packet_set_encryption_key(const u_char *key, u_int keylen, |
int number) |
int number) |
|
|
cipher_init(&send_context, cipher, key, keylen, NULL, 0); |
cipher_init(&send_context, cipher, key, keylen, NULL, 0); |
} |
} |
|
|
/* Starts constructing a packet to send. */ |
/* Start constructing a packet to send. */ |
|
|
void |
void |
packet_start1(int type) |
packet_start(u_char type) |
{ |
{ |
char buf[9]; |
u_char buf[9]; |
|
int len; |
|
|
|
DBG(debug("packet_start[%d]", type)); |
|
len = compat20 ? 6 : 9; |
|
memset(buf, 0, len - 1); |
|
buf[len - 1] = type; |
buffer_clear(&outgoing_packet); |
buffer_clear(&outgoing_packet); |
memset(buf, 0, 8); |
buffer_append(&outgoing_packet, buf, len); |
buf[8] = type; |
|
buffer_append(&outgoing_packet, buf, 9); |
|
} |
} |
|
|
|
/* Append payload. */ |
void |
void |
packet_start2(int type) |
|
{ |
|
char buf[4+1+1]; |
|
|
|
buffer_clear(&outgoing_packet); |
|
memset(buf, 0, sizeof buf); |
|
/* buf[0..3] = payload_len; */ |
|
/* buf[4] = pad_len; */ |
|
buf[5] = type & 0xff; |
|
buffer_append(&outgoing_packet, buf, sizeof buf); |
|
} |
|
|
|
void |
|
packet_start(int type) |
|
{ |
|
DBG(debug("packet_start[%d]", type)); |
|
if (use_ssh2_packet_format) |
|
packet_start2(type); |
|
else |
|
packet_start1(type); |
|
} |
|
|
|
/* Appends a character to the packet data. */ |
|
|
|
void |
|
packet_put_char(int value) |
packet_put_char(int value) |
{ |
{ |
char ch = value; |
char ch = value; |
buffer_append(&outgoing_packet, &ch, 1); |
buffer_append(&outgoing_packet, &ch, 1); |
} |
} |
|
|
/* Appends an integer to the packet data. */ |
|
|
|
void |
void |
packet_put_int(u_int value) |
packet_put_int(u_int value) |
{ |
{ |
buffer_put_int(&outgoing_packet, value); |
buffer_put_int(&outgoing_packet, value); |
} |
} |
|
|
/* Appends a string to packet data. */ |
|
|
|
void |
void |
packet_put_string(const char *buf, u_int len) |
packet_put_string(const char *buf, u_int len) |
{ |
{ |
|
|
{ |
{ |
buffer_put_string(&outgoing_packet, str, strlen(str)); |
buffer_put_string(&outgoing_packet, str, strlen(str)); |
} |
} |
|
|
void |
void |
packet_put_raw(const char *buf, u_int len) |
packet_put_raw(const char *buf, u_int len) |
{ |
{ |
buffer_append(&outgoing_packet, buf, len); |
buffer_append(&outgoing_packet, buf, len); |
} |
} |
|
|
|
|
/* Appends an arbitrary precision integer to packet data. */ |
|
|
|
void |
void |
packet_put_bignum(BIGNUM * value) |
packet_put_bignum(BIGNUM * value) |
{ |
{ |
|
|
|
|
/* Insert padding. Initialized to zero in packet_start1() */ |
/* Insert padding. Initialized to zero in packet_start1() */ |
padding = 8 - len % 8; |
padding = 8 - len % 8; |
if (cipher_type != SSH_CIPHER_NONE) { |
if (send_context.cipher->number != SSH_CIPHER_NONE) { |
cp = buffer_ptr(&outgoing_packet); |
cp = buffer_ptr(&outgoing_packet); |
for (i = 0; i < padding; i++) { |
for (i = 0; i < padding; i++) { |
if (i % 4 == 0) |
if (i % 4 == 0) |
|
|
PUT_32BIT(buf, len); |
PUT_32BIT(buf, len); |
buffer_append(&output, buf, 4); |
buffer_append(&output, buf, 4); |
buffer_append_space(&output, &cp, buffer_len(&outgoing_packet)); |
buffer_append_space(&output, &cp, buffer_len(&outgoing_packet)); |
packet_encrypt(&send_context, cp, buffer_ptr(&outgoing_packet), |
cipher_encrypt(&send_context, cp, buffer_ptr(&outgoing_packet), |
buffer_len(&outgoing_packet)); |
buffer_len(&outgoing_packet)); |
|
|
#ifdef PACKET_DEBUG |
#ifdef PACKET_DEBUG |
|
|
packet_send2(void) |
packet_send2(void) |
{ |
{ |
static u_int32_t seqnr = 0; |
static u_int32_t seqnr = 0; |
u_char *macbuf = NULL; |
u_char type, *ucp, *macbuf = NULL; |
char *cp; |
char *cp; |
u_int packet_length = 0; |
u_int packet_length = 0; |
u_int i, padlen, len; |
u_int i, padlen, len; |
u_int32_t rand = 0; |
u_int32_t rand = 0; |
int type; |
|
Enc *enc = NULL; |
Enc *enc = NULL; |
Mac *mac = NULL; |
Mac *mac = NULL; |
Comp *comp = NULL; |
Comp *comp = NULL; |
|
|
} |
} |
block_size = enc ? enc->cipher->block_size : 8; |
block_size = enc ? enc->cipher->block_size : 8; |
|
|
cp = buffer_ptr(&outgoing_packet); |
ucp = (u_char *) buffer_ptr(&outgoing_packet); |
type = cp[5] & 0xff; |
type = ucp[5]; |
|
|
#ifdef PACKET_DEBUG |
#ifdef PACKET_DEBUG |
fprintf(stderr, "plain: "); |
fprintf(stderr, "plain: "); |
|
|
} |
} |
/* packet_length includes payload, padding and padding length field */ |
/* packet_length includes payload, padding and padding length field */ |
packet_length = buffer_len(&outgoing_packet) - 4; |
packet_length = buffer_len(&outgoing_packet) - 4; |
cp = buffer_ptr(&outgoing_packet); |
ucp = (u_char *)buffer_ptr(&outgoing_packet); |
PUT_32BIT(cp, packet_length); |
PUT_32BIT(ucp, packet_length); |
cp[4] = padlen & 0xff; |
ucp[4] = padlen; |
DBG(debug("send: len %d (includes padlen %d)", packet_length+4, padlen)); |
DBG(debug("send: len %d (includes padlen %d)", packet_length+4, padlen)); |
|
|
/* compute MAC over seqnr and packet(length fields, payload, padding) */ |
/* compute MAC over seqnr and packet(length fields, payload, padding) */ |
|
|
} |
} |
/* encrypt packet and append to output buffer. */ |
/* encrypt packet and append to output buffer. */ |
buffer_append_space(&output, &cp, buffer_len(&outgoing_packet)); |
buffer_append_space(&output, &cp, buffer_len(&outgoing_packet)); |
packet_encrypt(&send_context, cp, buffer_ptr(&outgoing_packet), |
cipher_encrypt(&send_context, cp, buffer_ptr(&outgoing_packet), |
buffer_len(&outgoing_packet)); |
buffer_len(&outgoing_packet)); |
/* append unencrypted MAC */ |
/* append unencrypted MAC */ |
if (mac && mac->enabled) |
if (mac && mac->enabled) |
|
|
void |
void |
packet_send() |
packet_send() |
{ |
{ |
if (use_ssh2_packet_format) |
if (compat20) |
packet_send2(); |
packet_send2(); |
else |
else |
packet_send1(); |
packet_send1(); |
|
|
for (;;) { |
for (;;) { |
/* Try to read a packet from the buffer. */ |
/* Try to read a packet from the buffer. */ |
type = packet_read_poll(payload_len_ptr); |
type = packet_read_poll(payload_len_ptr); |
if (!use_ssh2_packet_format && ( |
if (!compat20 && ( |
type == SSH_SMSG_SUCCESS |
type == SSH_SMSG_SUCCESS |
|| type == SSH_SMSG_FAILURE |
|| type == SSH_SMSG_FAILURE |
|| type == SSH_CMSG_EOF |
|| type == SSH_CMSG_EOF |
|
|
packet_read_poll1(int *payload_len_ptr) |
packet_read_poll1(int *payload_len_ptr) |
{ |
{ |
u_int len, padded_len; |
u_int len, padded_len; |
u_char *ucp; |
u_char *ucp, type; |
char buf[8], *cp; |
char *cp; |
u_int checksum, stored_checksum; |
u_int checksum, stored_checksum; |
|
|
/* Check if input size is less than minimum packet size. */ |
/* Check if input size is less than minimum packet size. */ |
|
|
/* Consume packet length. */ |
/* Consume packet length. */ |
buffer_consume(&input, 4); |
buffer_consume(&input, 4); |
|
|
/* Copy data to incoming_packet. */ |
/* |
|
* Cryptographic attack detector for ssh |
|
* (C)1998 CORE-SDI, Buenos Aires Argentina |
|
* Ariel Futoransky(futo@core-sdi.com) |
|
*/ |
|
if (receive_context.cipher->number != SSH_CIPHER_NONE && |
|
detect_attack(buffer_ptr(&input), padded_len, NULL) == DEATTACK_DETECTED) |
|
packet_disconnect("crc32 compensation attack: network attack detected"); |
|
|
|
/* Decrypt data to incoming_packet. */ |
buffer_clear(&incoming_packet); |
buffer_clear(&incoming_packet); |
buffer_append_space(&incoming_packet, &cp, padded_len); |
buffer_append_space(&incoming_packet, &cp, padded_len); |
packet_decrypt(&receive_context, cp, buffer_ptr(&input), padded_len); |
cipher_decrypt(&receive_context, cp, buffer_ptr(&input), padded_len); |
|
|
buffer_consume(&input, padded_len); |
buffer_consume(&input, padded_len); |
|
|
#ifdef PACKET_DEBUG |
#ifdef PACKET_DEBUG |
|
|
buffer_consume(&incoming_packet, 8 - len % 8); |
buffer_consume(&incoming_packet, 8 - len % 8); |
|
|
/* Test check bytes. */ |
/* Test check bytes. */ |
|
|
if (len != buffer_len(&incoming_packet)) |
if (len != buffer_len(&incoming_packet)) |
packet_disconnect("packet_read_poll: len %d != buffer_len %d.", |
packet_disconnect("packet_read_poll: len %d != buffer_len %d.", |
len, buffer_len(&incoming_packet)); |
len, buffer_len(&incoming_packet)); |
|
|
packet_disconnect("Corrupted check bytes on input."); |
packet_disconnect("Corrupted check bytes on input."); |
buffer_consume_end(&incoming_packet, 4); |
buffer_consume_end(&incoming_packet, 4); |
|
|
/* If using packet compression, decompress the packet. */ |
|
if (packet_compression) { |
if (packet_compression) { |
buffer_clear(&compression_buffer); |
buffer_clear(&compression_buffer); |
buffer_uncompress(&incoming_packet, &compression_buffer); |
buffer_uncompress(&incoming_packet, &compression_buffer); |
|
|
buffer_append(&incoming_packet, buffer_ptr(&compression_buffer), |
buffer_append(&incoming_packet, buffer_ptr(&compression_buffer), |
buffer_len(&compression_buffer)); |
buffer_len(&compression_buffer)); |
} |
} |
/* Get packet type. */ |
type = buffer_get_char(&incoming_packet); |
buffer_get(&incoming_packet, &buf[0], 1); |
|
|
|
/* Return length of payload (without type field). */ |
|
*payload_len_ptr = buffer_len(&incoming_packet); |
*payload_len_ptr = buffer_len(&incoming_packet); |
|
return type; |
/* Return type. */ |
|
return (u_char) buf[0]; |
|
} |
} |
|
|
int |
int |
|
|
static u_int32_t seqnr = 0; |
static u_int32_t seqnr = 0; |
static u_int packet_length = 0; |
static u_int packet_length = 0; |
u_int padlen, need; |
u_int padlen, need; |
u_char buf[8], *macbuf; |
u_char *macbuf, *ucp, type; |
u_char *ucp; |
|
char *cp; |
char *cp; |
int type; |
|
int maclen, block_size; |
int maclen, block_size; |
Enc *enc = NULL; |
Enc *enc = NULL; |
Mac *mac = NULL; |
Mac *mac = NULL; |
|
|
return SSH_MSG_NONE; |
return SSH_MSG_NONE; |
buffer_clear(&incoming_packet); |
buffer_clear(&incoming_packet); |
buffer_append_space(&incoming_packet, &cp, block_size); |
buffer_append_space(&incoming_packet, &cp, block_size); |
packet_decrypt(&receive_context, cp, buffer_ptr(&input), |
cipher_decrypt(&receive_context, cp, buffer_ptr(&input), |
block_size); |
block_size); |
ucp = (u_char *) buffer_ptr(&incoming_packet); |
ucp = (u_char *) buffer_ptr(&incoming_packet); |
packet_length = GET_32BIT(ucp); |
packet_length = GET_32BIT(ucp); |
|
|
buffer_dump(&input); |
buffer_dump(&input); |
#endif |
#endif |
buffer_append_space(&incoming_packet, &cp, need); |
buffer_append_space(&incoming_packet, &cp, need); |
packet_decrypt(&receive_context, cp, buffer_ptr(&input), need); |
cipher_decrypt(&receive_context, cp, buffer_ptr(&input), need); |
buffer_consume(&input, need); |
buffer_consume(&input, need); |
/* |
/* |
* compute MAC over seqnr and packet, |
* compute MAC over seqnr and packet, |
|
|
|
|
/* get padlen */ |
/* get padlen */ |
cp = buffer_ptr(&incoming_packet) + 4; |
cp = buffer_ptr(&incoming_packet) + 4; |
padlen = *cp & 0xff; |
padlen = (u_char) *cp; |
DBG(debug("input: padlen %d", padlen)); |
DBG(debug("input: padlen %d", padlen)); |
if (padlen < 4) |
if (padlen < 4) |
packet_disconnect("Corrupted padlen %d on input.", padlen); |
packet_disconnect("Corrupted padlen %d on input.", padlen); |
|
|
* get packet type, implies consume. |
* get packet type, implies consume. |
* return length of payload (without type field) |
* return length of payload (without type field) |
*/ |
*/ |
buffer_get(&incoming_packet, (char *)&buf[0], 1); |
type = buffer_get_char(&incoming_packet); |
*payload_len_ptr = buffer_len(&incoming_packet); |
|
|
|
/* reset for next packet */ |
|
packet_length = 0; |
|
|
|
/* extract packet type */ |
|
type = (u_char)buf[0]; |
|
|
|
if (type == SSH2_MSG_NEWKEYS) |
if (type == SSH2_MSG_NEWKEYS) |
set_newkeys(MODE_IN); |
set_newkeys(MODE_IN); |
|
*payload_len_ptr = buffer_len(&incoming_packet); |
#ifdef PACKET_DEBUG |
#ifdef PACKET_DEBUG |
fprintf(stderr, "read/plain[%d]:\r\n", type); |
fprintf(stderr, "read/plain[%d]:\r\n", type); |
buffer_dump(&incoming_packet); |
buffer_dump(&incoming_packet); |
#endif |
#endif |
return (u_char)type; |
/* reset for next packet */ |
|
packet_length = 0; |
|
return type; |
} |
} |
|
|
int |
int |
packet_read_poll(int *payload_len_ptr) |
packet_read_poll(int *payload_len_ptr) |
{ |
{ |
|
int reason; |
|
u_char type; |
char *msg; |
char *msg; |
for (;;) { |
|
int type = use_ssh2_packet_format ? |
|
packet_read_poll2(payload_len_ptr): |
|
packet_read_poll1(payload_len_ptr); |
|
|
|
if(compat20) { |
for (;;) { |
int reason; |
if (compat20) { |
if (type != 0) |
type = packet_read_poll2(payload_len_ptr); |
|
if (type) |
DBG(debug("received packet type %d", type)); |
DBG(debug("received packet type %d", type)); |
switch(type) { |
switch(type) { |
case SSH2_MSG_IGNORE: |
case SSH2_MSG_IGNORE: |
|
|
break; |
break; |
} |
} |
} else { |
} else { |
|
type = packet_read_poll1(payload_len_ptr); |
switch(type) { |
switch(type) { |
case SSH_MSG_IGNORE: |
case SSH_MSG_IGNORE: |
break; |
break; |
|
|
xfree(msg); |
xfree(msg); |
break; |
break; |
default: |
default: |
if (type != 0) |
if (type) |
DBG(debug("received packet type %d", type)); |
DBG(debug("received packet type %d", type)); |
return type; |
return type; |
break; |
break; |
|
|
int blocksize, padlen, have, need, nb, mini, nbytes; |
int blocksize, padlen, have, need, nb, mini, nbytes; |
Enc *enc = NULL; |
Enc *enc = NULL; |
|
|
if (use_ssh2_packet_format == 0) |
if (compat20 == 0) |
return; |
return; |
|
|
have = buffer_len(&outgoing_packet); |
have = buffer_len(&outgoing_packet); |