diff options
| -rw-r--r-- | auth-rsa.c | 4 | ||||
| -rw-r--r-- | auth1.c | 17 | ||||
| -rw-r--r-- | channels.c | 28 | ||||
| -rw-r--r-- | clientloop.c | 8 | ||||
| -rw-r--r-- | packet.c | 4 | ||||
| -rw-r--r-- | packet.h | 12 | ||||
| -rw-r--r-- | serverloop.c | 8 | ||||
| -rw-r--r-- | session.c | 8 | ||||
| -rw-r--r-- | ssh.c | 4 | ||||
| -rw-r--r-- | sshconnect1.c | 22 | ||||
| -rw-r--r-- | sshd.c | 5 |
11 files changed, 46 insertions, 74 deletions
@@ -14,7 +14,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: auth-rsa.c,v 1.47 2001/12/27 18:22:16 markus Exp $"); +RCSID("$OpenBSD: auth-rsa.c,v 1.48 2001/12/27 20:39:58 markus Exp $"); #include <openssl/rsa.h> #include <openssl/md5.h> @@ -92,9 +92,9 @@ auth_rsa_challenge_dialog(RSA *pk) /* Wait for a response. */ packet_read_expect(&plen, SSH_CMSG_AUTH_RSA_RESPONSE); - packet_integrity_check(plen, 16, SSH_CMSG_AUTH_RSA_RESPONSE); for (i = 0; i < 16; i++) response[i] = packet_get_char(); + packet_done(); /* The response is MD5 of decrypted challenge plus session id. */ len = BN_num_bytes(challenge); @@ -10,7 +10,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: auth1.c,v 1.30 2001/12/27 19:54:53 markus Exp $"); +RCSID("$OpenBSD: auth1.c,v 1.31 2001/12/27 20:39:58 markus Exp $"); #include "xmalloc.h" #include "rsa.h" @@ -120,8 +120,7 @@ do_authloop(Authctxt *authctxt) verbose("Kerberos authentication disabled."); } else { char *kdata = packet_get_string(&dlen); - - packet_integrity_check(plen, 4 + dlen, type); + packet_done(); if (kdata[0] == 4) { /* KRB_PROT_VERSION */ #ifdef KRB4 @@ -181,7 +180,7 @@ do_authloop(Authctxt *authctxt) * IP-spoofing on a local network.) */ client_user = packet_get_string(&ulen); - packet_integrity_check(plen, 4 + ulen, type); + packet_done(); /* Try to authenticate using /etc/hosts.equiv and .rhosts. */ authenticated = auth_rhosts(pw, client_user); @@ -211,7 +210,7 @@ do_authloop(Authctxt *authctxt) verbose("Warning: keysize mismatch for client_host_key: " "actual %d, announced %d", BN_num_bits(client_host_key->rsa->n), bits); - packet_integrity_check(plen, (4 + ulen) + 4 + elen + nlen, type); + packet_done(); authenticated = auth_rhosts_rsa(pw, client_user, client_host_key); @@ -229,7 +228,7 @@ do_authloop(Authctxt *authctxt) if ((n = BN_new()) == NULL) fatal("do_authloop: BN_new failed"); packet_get_bignum(n, &nlen); - packet_integrity_check(plen, nlen, type); + packet_done(); authenticated = auth_rsa(pw, n); BN_clear_free(n); break; @@ -245,7 +244,7 @@ do_authloop(Authctxt *authctxt) * not visible to an outside observer. */ password = packet_get_string(&dlen); - packet_integrity_check(plen, 4 + dlen, type); + packet_done(); #ifdef USE_PAM /* Do PAM auth with password */ @@ -283,7 +282,7 @@ do_authloop(Authctxt *authctxt) if (options.challenge_response_authentication == 1) { char *response = packet_get_string(&dlen); debug("got response '%s'", response); - packet_integrity_check(plen, 4 + dlen, type); + packet_done(); authenticated = verify_response(authctxt, response); memset(response, 'r', dlen); xfree(response); @@ -370,7 +369,7 @@ do_authentication(void) /* Get the user name. */ user = packet_get_string(&ulen); - packet_integrity_check(plen, (4 + ulen), SSH_CMSG_USER); + packet_done(); if ((style = strchr(user, ':')) != NULL) *style++ = '\0'; @@ -39,7 +39,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: channels.c,v 1.150 2001/12/20 22:50:24 djm Exp $"); +RCSID("$OpenBSD: channels.c,v 1.151 2001/12/27 20:39:58 markus Exp $"); #include "ssh.h" #include "ssh1.h" @@ -1734,7 +1734,6 @@ channel_input_data(int type, int plen, u_int32_t seq, void *ctxt) /* Get the data. */ data = packet_get_string(&data_len); - packet_done(); if (compat20) { if (data_len > c->local_maxpacket) { @@ -1748,9 +1747,8 @@ channel_input_data(int type, int plen, u_int32_t seq, void *ctxt) return; } c->local_window -= data_len; - }else{ - packet_integrity_check(plen, 4 + 4 + data_len, type); } + packet_done(); buffer_append(&c->output, data, data_len); xfree(data); } @@ -1801,9 +1799,8 @@ channel_input_ieof(int type, int plen, u_int32_t seq, void *ctxt) int id; Channel *c; - packet_integrity_check(plen, 4, type); - id = packet_get_int(); + packet_done(); c = channel_lookup(id); if (c == NULL) packet_disconnect("Received ieof for nonexistent channel %d.", id); @@ -1823,9 +1820,8 @@ channel_input_close(int type, int plen, u_int32_t seq, void *ctxt) int id; Channel *c; - packet_integrity_check(plen, 4, type); - id = packet_get_int(); + packet_done(); c = channel_lookup(id); if (c == NULL) packet_disconnect("Received close for nonexistent channel %d.", id); @@ -1861,7 +1857,8 @@ channel_input_oclose(int type, int plen, u_int32_t seq, void *ctxt) { int id = packet_get_int(); Channel *c = channel_lookup(id); - packet_integrity_check(plen, 4, type); + + packet_done(); if (c == NULL) packet_disconnect("Received oclose for nonexistent channel %d.", id); chan_rcvd_oclose(c); @@ -1889,9 +1886,6 @@ channel_input_open_confirmation(int type, int plen, u_int32_t seq, void *ctxt) int id, remote_id; Channel *c; - if (!compat20) - packet_integrity_check(plen, 4 + 4, type); - id = packet_get_int(); c = channel_lookup(id); @@ -1906,7 +1900,6 @@ channel_input_open_confirmation(int type, int plen, u_int32_t seq, void *ctxt) if (compat20) { c->remote_window = packet_get_int(); c->remote_maxpacket = packet_get_int(); - packet_done(); if (c->cb_fn != NULL && c->cb_event == type) { debug2("callback start"); c->cb_fn(c->self, c->cb_arg); @@ -1915,6 +1908,7 @@ channel_input_open_confirmation(int type, int plen, u_int32_t seq, void *ctxt) debug("channel %d: open confirm rwindow %d rmax %d", c->self, c->remote_window, c->remote_maxpacket); } + packet_done(); } static char * @@ -1940,9 +1934,6 @@ channel_input_open_failure(int type, int plen, u_int32_t seq, void *ctxt) char *msg = NULL, *lang = NULL; Channel *c; - if (!compat20) - packet_integrity_check(plen, 4, type); - id = packet_get_int(); c = channel_lookup(id); @@ -1955,7 +1946,6 @@ channel_input_open_failure(int type, int plen, u_int32_t seq, void *ctxt) msg = packet_get_string(NULL); lang = packet_get_string(NULL); } - packet_done(); log("channel %d: open failed: %s%s%s", id, reason2txt(reason), msg ? ": ": "", msg ? msg : ""); if (msg != NULL) @@ -1963,6 +1953,7 @@ channel_input_open_failure(int type, int plen, u_int32_t seq, void *ctxt) if (lang != NULL) xfree(lang); } + packet_done(); /* Free the channel. This will also close the socket. */ channel_free(c); } @@ -2888,10 +2879,9 @@ auth_input_open_request(int type, int plen, u_int32_t seq, void *ctxt) int remote_id, sock; char *name; - packet_integrity_check(plen, 4, type); - /* Read the remote channel number from the message. */ remote_id = packet_get_int(); + packet_done(); /* * Get a connection to the local authentication agent (this may again diff --git a/clientloop.c b/clientloop.c index 9e4f247c..f7171755 100644 --- a/clientloop.c +++ b/clientloop.c @@ -59,7 +59,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: clientloop.c,v 1.91 2001/12/20 22:50:24 djm Exp $"); +RCSID("$OpenBSD: clientloop.c,v 1.92 2001/12/27 20:39:58 markus Exp $"); #include "ssh.h" #include "ssh1.h" @@ -1012,7 +1012,7 @@ client_input_stdout_data(int type, int plen, u_int32_t seq, void *ctxt) { u_int data_len; char *data = packet_get_string(&data_len); - packet_integrity_check(plen, 4 + data_len, type); + packet_done(); buffer_append(&stdout_buffer, data, data_len); memset(data, 0, data_len); xfree(data); @@ -1022,7 +1022,7 @@ client_input_stderr_data(int type, int plen, u_int32_t seq, void *ctxt) { u_int data_len; char *data = packet_get_string(&data_len); - packet_integrity_check(plen, 4 + data_len, type); + packet_done(); buffer_append(&stderr_buffer, data, data_len); memset(data, 0, data_len); xfree(data); @@ -1030,8 +1030,8 @@ client_input_stderr_data(int type, int plen, u_int32_t seq, void *ctxt) static void client_input_exit_status(int type, int plen, u_int32_t seq, void *ctxt) { - packet_integrity_check(plen, 4, type); exit_status = packet_get_int(); + packet_done(); /* Acknowledge the exit. */ packet_start(SSH_CMSG_EXIT_CONFIRMATION); packet_send(); @@ -37,7 +37,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: packet.c,v 1.77 2001/12/20 22:50:24 djm Exp $"); +RCSID("$OpenBSD: packet.c,v 1.78 2001/12/27 20:39:58 markus Exp $"); #include "xmalloc.h" #include "buffer.h" @@ -632,7 +632,7 @@ packet_read_seqnr(int *payload_len_ptr, u_int32_t *seqnr_p) || type == SSH_SMSG_FAILURE || type == SSH_CMSG_EOF || type == SSH_CMSG_EXIT_CONFIRMATION)) - packet_integrity_check(*payload_len_ptr, 0, type); + packet_done(); /* If we got a packet, return it. */ if (type != SSH_MSG_NONE) { xfree(setp); @@ -11,7 +11,7 @@ * called by a name other than "ssh" or "Secure Shell". */ -/* RCSID("$OpenBSD: packet.h,v 1.28 2001/12/20 22:50:24 djm Exp $"); */ +/* RCSID("$OpenBSD: packet.h,v 1.29 2001/12/27 20:39:58 markus Exp $"); */ #ifndef PACKET_H #define PACKET_H @@ -74,16 +74,6 @@ extern int max_packet_size; int packet_set_maxsize(int); #define packet_get_maxsize() max_packet_size -#define packet_integrity_check(payload_len, expected_len, type) \ -do { \ - int _p = (payload_len), _e = (expected_len); \ - if (_p != _e) { \ - log("Packet integrity error (%d != %d) at %s:%d", \ - _p, _e, __FILE__, __LINE__); \ - packet_disconnect("Packet integrity error. (%d)", (type)); \ - } \ -} while (0) - #define packet_done() \ do { \ int _len = packet_remaining(); \ diff --git a/serverloop.c b/serverloop.c index d28b8611..39aa1560 100644 --- a/serverloop.c +++ b/serverloop.c @@ -35,7 +35,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: serverloop.c,v 1.89 2001/12/21 12:17:33 markus Exp $"); +RCSID("$OpenBSD: serverloop.c,v 1.90 2001/12/27 20:39:58 markus Exp $"); #include "xmalloc.h" #include "packet.h" @@ -806,7 +806,7 @@ server_input_stdin_data(int type, int plen, u_int32_t seq, void *ctxt) if (fdin == -1) return; data = packet_get_string(&data_len); - packet_integrity_check(plen, (4 + data_len), type); + packet_done(); buffer_append(&stdin_buffer, data, data_len); memset(data, 0, data_len); xfree(data); @@ -821,7 +821,7 @@ server_input_eof(int type, int plen, u_int32_t seq, void *ctxt) * drained. */ debug("EOF received for stdin."); - packet_integrity_check(plen, 0, type); + packet_done(); stdin_eof = 1; } @@ -834,7 +834,7 @@ server_input_window_size(int type, int plen, u_int32_t seq, void *ctxt) int ypixel = packet_get_int(); debug("Window change received."); - packet_integrity_check(plen, 4 * 4, type); + packet_done(); if (fdin != -1) pty_change_window_size(fdin, row, col, xpixel, ypixel); } @@ -33,7 +33,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: session.c,v 1.114 2001/12/20 16:37:29 markus Exp $"); +RCSID("$OpenBSD: session.c,v 1.115 2001/12/27 20:39:58 markus Exp $"); #include "ssh.h" #include "ssh1.h" @@ -254,8 +254,8 @@ do_authenticated1(Authctxt *authctxt) /* Process the packet. */ switch (type) { case SSH_CMSG_REQUEST_COMPRESSION: - packet_integrity_check(plen, 4, type); compression_level = packet_get_int(); + packet_done(); if (compression_level < 1 || compression_level > 9) { packet_send_debug("Received illegal compression level %d.", compression_level); @@ -330,7 +330,7 @@ do_authenticated1(Authctxt *authctxt) verbose("Kerberos TGT passing disabled."); } else { char *kdata = packet_get_string(&dlen); - packet_integrity_check(plen, 4 + dlen, type); + packet_done(); /* XXX - 0x41, see creds_to_radix version */ if (kdata[0] != 0x41) { @@ -364,7 +364,7 @@ do_authenticated1(Authctxt *authctxt) } else { /* Accept AFS token. */ char *token = packet_get_string(&dlen); - packet_integrity_check(plen, 4 + dlen, type); + packet_done(); if (auth_afs_token(s->authctxt, token)) success = 1; @@ -39,7 +39,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: ssh.c,v 1.153 2001/12/20 22:50:24 djm Exp $"); +RCSID("$OpenBSD: ssh.c,v 1.154 2001/12/27 20:39:58 markus Exp $"); #include <openssl/evp.h> #include <openssl/err.h> @@ -976,7 +976,7 @@ ssh_session(void) /* Read response from the server. */ type = packet_read(&plen); - packet_integrity_check(plen, 0, type); + packet_done(); if (type != SSH_SMSG_SUCCESS) log("Warning: Remote host denied authentication agent forwarding."); } diff --git a/sshconnect1.c b/sshconnect1.c index 166e392e..240bdffe 100644 --- a/sshconnect1.c +++ b/sshconnect1.c @@ -13,7 +13,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: sshconnect1.c,v 1.43 2001/12/27 18:22:16 markus Exp $"); +RCSID("$OpenBSD: sshconnect1.c,v 1.44 2001/12/27 20:39:58 markus Exp $"); #include <openssl/bn.h> #include <openssl/evp.h> @@ -109,8 +109,7 @@ try_agent_authentication(void) type); packet_get_bignum(challenge, &clen); - - packet_integrity_check(plen, clen, type); + packet_done(); debug("Received RSA challenge from server."); @@ -244,8 +243,7 @@ try_rsa_authentication(int idx) if ((challenge = BN_new()) == NULL) fatal("try_rsa_authentication: BN_new failed"); packet_get_bignum(challenge, &clen); - - packet_integrity_check(plen, clen, type); + packet_done(); debug("Received RSA challenge from server."); @@ -359,8 +357,7 @@ try_rhosts_rsa_authentication(const char *local_user, Key * host_key) if ((challenge = BN_new()) == NULL) fatal("try_rhosts_rsa_authentication: BN_new failed"); packet_get_bignum(challenge, &clen); - - packet_integrity_check(plen, clen, type); + packet_done(); debug("Received RSA challenge for host key from server."); @@ -467,7 +464,7 @@ try_krb4_authentication(void) memcpy(auth.dat, reply, auth.length); xfree(reply); - packet_integrity_check(plen, 4 + auth.length, type); + packet_done(); /* * If his response isn't properly encrypted with the session @@ -576,8 +573,7 @@ try_krb5_authentication(krb5_context *context, krb5_auth_context *auth_context) /* Get server's response. */ ap.data = packet_get_string((unsigned int *) &ap.length); - - packet_integrity_check(payload_len, 4 + ap.length, type); + packet_done(); /* XXX je to dobre? */ problem = krb5_rd_rep(*context, *auth_context, &ap, &reply); @@ -842,7 +838,7 @@ try_challenge_response_authentication(void) return 0; } challenge = packet_get_string(&clen); - packet_integrity_check(payload_len, (4 + clen), type); + packet_done(); snprintf(prompt, sizeof prompt, "%s%s", challenge, strchr(challenge, '\n') ? "" : "\nResponse: "); xfree(challenge); @@ -968,13 +964,11 @@ ssh_kex(char *host, struct sockaddr *hostaddr) supported_ciphers = packet_get_int(); supported_authentications = packet_get_int(); + packet_done(); debug("Received server public key (%d bits) and host key (%d bits).", BN_num_bits(server_key->rsa->n), BN_num_bits(host_key->rsa->n)); - packet_integrity_check(payload_len, - 8 + 4 + sum_len + 0 + 4 + 0 + 0 + 4 + 4 + 4, - SSH_SMSG_PUBLIC_KEY); if (verify_host_key(host, hostaddr, host_key) == -1) fatal("Host key verification failed."); @@ -40,7 +40,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: sshd.c,v 1.218 2001/12/27 18:22:16 markus Exp $"); +RCSID("$OpenBSD: sshd.c,v 1.219 2001/12/27 20:39:58 markus Exp $"); #include <openssl/dh.h> #include <openssl/bn.h> @@ -1358,8 +1358,7 @@ do_ssh1_kex(void) protocol_flags = packet_get_int(); packet_set_protocol_flags(protocol_flags); - - packet_integrity_check(plen, 1 + 8 + slen + 4, SSH_CMSG_SESSION_KEY); + packet_done(); /* * Decrypt it using our private server key and private host key (key |