diff options
author | Ben Lindstrom <mouring@eviladmin.org> | 2001-04-04 23:50:21 +0000 |
---|---|---|
committer | Ben Lindstrom <mouring@eviladmin.org> | 2001-04-04 23:50:21 +0000 |
commit | 8e312f3db05059499cf6655663ce31e73d508817 (patch) | |
tree | dcf867a6a612d588a31427948ac16adf791b84d5 | |
parent | 0cae04005ec358e5f64ee141af5e38eb3a756a30 (diff) | |
download | openssh-git-8e312f3db05059499cf6655663ce31e73d508817.tar.gz |
- markus@cvs.openbsd.org 2001/04/04 22:04:35
[kex.c kexgex.c serverloop.c]
parse full kexinit packet.
make server-side more robust, too.
-rw-r--r-- | ChangeLog | 6 | ||||
-rw-r--r-- | kex.c | 12 | ||||
-rw-r--r-- | kexgex.c | 4 | ||||
-rw-r--r-- | serverloop.c | 17 |
4 files changed, 28 insertions, 11 deletions
@@ -20,6 +20,10 @@ - markus@cvs.openbsd.org 2001/04/04 20:32:56 [auth2.c] we don't care about missing bannerfiles; from tsoome@ut.ee, ok deraadt@ + - markus@cvs.openbsd.org 2001/04/04 22:04:35 + [kex.c kexgex.c serverloop.c] + parse full kexinit packet. + make server-side more robust, too. 20010404 - OpenBSD CVS Sync @@ -4859,4 +4863,4 @@ - Wrote replacements for strlcpy and mkdtemp - Released 1.0pre1 -$Id: ChangeLog,v 1.1059 2001/04/04 23:47:52 mouring Exp $ +$Id: ChangeLog,v 1.1060 2001/04/04 23:50:21 mouring Exp $ @@ -23,7 +23,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: kex.c,v 1.30 2001/04/04 20:25:37 markus Exp $"); +RCSID("$OpenBSD: kex.c,v 1.31 2001/04/04 22:04:34 markus Exp $"); #include <openssl/crypto.h> @@ -166,6 +166,7 @@ kex_input_kexinit(int type, int plen, void *ctxt) { char *ptr; int dlen; + int i; Kex *kex = (Kex *)ctxt; debug("SSH2_MSG_KEXINIT received"); @@ -175,6 +176,15 @@ kex_input_kexinit(int type, int plen, void *ctxt) ptr = packet_get_raw(&dlen); buffer_append(&kex->peer, ptr, dlen); + /* discard packet */ + for (i = 0; i < KEX_COOKIE_LEN; i++) + packet_get_char(); + for (i = 0; i < PROPOSAL_MAX; i++) + xfree(packet_get_string(NULL)); + packet_get_char(); + packet_get_int(); + packet_done(); + kex_kexinit_finish(kex); } @@ -24,7 +24,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: kexgex.c,v 1.3 2001/04/04 09:48:34 markus Exp $"); +RCSID("$OpenBSD: kexgex.c,v 1.4 2001/04/04 22:04:35 markus Exp $"); #include <openssl/bn.h> @@ -286,7 +286,7 @@ kexgex_server(Kex *kex) /* unused for old GEX */ break; default: - fatal("protocol error during kex, no DH_GEX_REQUEST"); + fatal("protocol error during kex, no DH_GEX_REQUEST: %d", type); } packet_done(); diff --git a/serverloop.c b/serverloop.c index ab7472b7..4f6c8269 100644 --- a/serverloop.c +++ b/serverloop.c @@ -35,7 +35,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: serverloop.c,v 1.57 2001/04/04 20:25:37 markus Exp $"); +RCSID("$OpenBSD: serverloop.c,v 1.58 2001/04/04 22:04:35 markus Exp $"); #include "xmalloc.h" #include "packet.h" @@ -650,9 +650,7 @@ void server_loop2(void) { fd_set *readset = NULL, *writeset = NULL; - int max_fd; - int had_channel = 0; - int status; + int had_channel = 0, rekeying = 0, max_fd, status; pid_t pid; debug("Entering interactive session for SSH2."); @@ -668,21 +666,26 @@ server_loop2(void) for (;;) { process_buffered_input_packets(); + + rekeying = (xxx_kex != NULL && !xxx_kex->done); + if (!had_channel && channel_still_open()) had_channel = 1; if (had_channel && !channel_still_open()) { debug("!channel_still_open."); break; } - if (packet_not_very_much_data_to_write()) + if (!rekeying && packet_not_very_much_data_to_write()) channel_output_poll(); - wait_until_can_do_something(&readset, &writeset, &max_fd, 0); + wait_until_can_do_something(&readset, &writeset, &max_fd, + rekeying); if (child_terminated) { while ((pid = waitpid(-1, &status, WNOHANG)) > 0) session_close_by_pid(pid, status); child_terminated = 0; } - channel_after_select(readset, writeset); + if (!rekeying) + channel_after_select(readset, writeset); process_input(readset); process_output(writeset); } |