Mercurial > dropbear
annotate scpmisc.h @ 1715:3974f087d9c0
Disallow leading lines before the ident for server (#102)
Per RFC4253 4.2 clients must be able to process other lines of data
before the version string, server behavior is not defined neither
with MUST/SHOULD nor with MAY.
If server process up to 50 lines too - it may cause too long hanging
session with invalid/evil client that consume host resources and
potentially may lead to DDoS on poor embedded boxes.
Let's require first line from client to be version string and fail
early if it's not - matches both RFC and real OpenSSH behavior.
| author | Vladislav Grishenko <themiron@users.noreply.github.com> |
|---|---|
| date | Mon, 15 Jun 2020 18:22:18 +0500 |
| parents | 292f79307600 |
| children |
| rev | line source |
|---|---|
|
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
1 /* $OpenBSD: misc.h,v 1.12 2002/03/19 10:49:35 markus Exp $ */ |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
2 |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
3 /* |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
4 * Author: Tatu Ylonen <[email protected]> |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
5 * Copyright (c) 1995 Tatu Ylonen <[email protected]>, Espoo, Finland |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
6 * All rights reserved |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
7 * |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
8 * As far as I am concerned, the code I have written for this software |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
9 * can be used freely for any purpose. Any derived versions of this |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
10 * software must be clearly marked as such, and if the derived work is |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
11 * incompatible with the protocol description in the RFC file, it must be |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
12 * called by a name other than "ssh" or "Secure Shell". |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
13 */ |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
14 |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
15 char *chop(char *); |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
16 char *strdelim(char **); |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
17 void set_nonblock(int); |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
18 void unset_nonblock(int); |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
19 void set_nodelay(int); |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
20 int a2port(const char *); |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
21 char *cleanhostname(char *); |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
22 char *colon(char *); |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
23 long convtime(const char *); |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
24 |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
25 struct passwd *pwcopy(struct passwd *); |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
26 |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
27 typedef struct arglist arglist; |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
28 struct arglist { |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
29 char **list; |
|
1631
292f79307600
fix some gcc warnings (#73)
François Perrad <francois.perrad@gadz.org>
parents:
1323
diff
changeset
|
30 u_int num; |
|
292f79307600
fix some gcc warnings (#73)
François Perrad <francois.perrad@gadz.org>
parents:
1323
diff
changeset
|
31 u_int nalloc; |
|
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
32 }; |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
33 void addargs(arglist *, char *, ...); |
|
287
b72f98803e46
Update to scp from OpenSSH portable 4.3p2
Matt Johnston <matt@ucc.asn.au>
parents:
4
diff
changeset
|
34 void replacearg(arglist *, u_int, char *, ...); |
|
b72f98803e46
Update to scp from OpenSSH portable 4.3p2
Matt Johnston <matt@ucc.asn.au>
parents:
4
diff
changeset
|
35 void freeargs(arglist *); |
|
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
36 |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
37 /* from xmalloc.h */ |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
38 void *xmalloc(size_t); |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
39 void *xrealloc(void *, size_t); |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
40 void xfree(void *); |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
41 char *xstrdup(const char *); |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
42 |
|
287
b72f98803e46
Update to scp from OpenSSH portable 4.3p2
Matt Johnston <matt@ucc.asn.au>
parents:
4
diff
changeset
|
43 char *ssh_get_progname(char *); |
|
b72f98803e46
Update to scp from OpenSSH portable 4.3p2
Matt Johnston <matt@ucc.asn.au>
parents:
4
diff
changeset
|
44 void fatal(char* fmt,...); |
|
b72f98803e46
Update to scp from OpenSSH portable 4.3p2
Matt Johnston <matt@ucc.asn.au>
parents:
4
diff
changeset
|
45 void sanitise_stdfd(void); |
|
294
5686ee0a3338
put back the TIMEVAL_TO_TIMESPEC and timersub macros for Linux
Matt Johnston <matt@ucc.asn.au>
parents:
287
diff
changeset
|
46 |
|
5686ee0a3338
put back the TIMEVAL_TO_TIMESPEC and timersub macros for Linux
Matt Johnston <matt@ucc.asn.au>
parents:
287
diff
changeset
|
47 /* Required for non-BSD platforms, from OpenSSH's defines.h */ |
|
5686ee0a3338
put back the TIMEVAL_TO_TIMESPEC and timersub macros for Linux
Matt Johnston <matt@ucc.asn.au>
parents:
287
diff
changeset
|
48 #ifndef timersub |
|
5686ee0a3338
put back the TIMEVAL_TO_TIMESPEC and timersub macros for Linux
Matt Johnston <matt@ucc.asn.au>
parents:
287
diff
changeset
|
49 #define timersub(a, b, result) \ |
|
5686ee0a3338
put back the TIMEVAL_TO_TIMESPEC and timersub macros for Linux
Matt Johnston <matt@ucc.asn.au>
parents:
287
diff
changeset
|
50 do { \ |
|
5686ee0a3338
put back the TIMEVAL_TO_TIMESPEC and timersub macros for Linux
Matt Johnston <matt@ucc.asn.au>
parents:
287
diff
changeset
|
51 (result)->tv_sec = (a)->tv_sec - (b)->tv_sec; \ |
|
5686ee0a3338
put back the TIMEVAL_TO_TIMESPEC and timersub macros for Linux
Matt Johnston <matt@ucc.asn.au>
parents:
287
diff
changeset
|
52 (result)->tv_usec = (a)->tv_usec - (b)->tv_usec; \ |
|
5686ee0a3338
put back the TIMEVAL_TO_TIMESPEC and timersub macros for Linux
Matt Johnston <matt@ucc.asn.au>
parents:
287
diff
changeset
|
53 if ((result)->tv_usec < 0) { \ |
|
5686ee0a3338
put back the TIMEVAL_TO_TIMESPEC and timersub macros for Linux
Matt Johnston <matt@ucc.asn.au>
parents:
287
diff
changeset
|
54 --(result)->tv_sec; \ |
|
5686ee0a3338
put back the TIMEVAL_TO_TIMESPEC and timersub macros for Linux
Matt Johnston <matt@ucc.asn.au>
parents:
287
diff
changeset
|
55 (result)->tv_usec += 1000000; \ |
|
5686ee0a3338
put back the TIMEVAL_TO_TIMESPEC and timersub macros for Linux
Matt Johnston <matt@ucc.asn.au>
parents:
287
diff
changeset
|
56 } \ |
|
5686ee0a3338
put back the TIMEVAL_TO_TIMESPEC and timersub macros for Linux
Matt Johnston <matt@ucc.asn.au>
parents:
287
diff
changeset
|
57 } while (0) |
|
5686ee0a3338
put back the TIMEVAL_TO_TIMESPEC and timersub macros for Linux
Matt Johnston <matt@ucc.asn.au>
parents:
287
diff
changeset
|
58 #endif |
|
5686ee0a3338
put back the TIMEVAL_TO_TIMESPEC and timersub macros for Linux
Matt Johnston <matt@ucc.asn.au>
parents:
287
diff
changeset
|
59 |
|
5686ee0a3338
put back the TIMEVAL_TO_TIMESPEC and timersub macros for Linux
Matt Johnston <matt@ucc.asn.au>
parents:
287
diff
changeset
|
60 #ifndef TIMEVAL_TO_TIMESPEC |
|
5686ee0a3338
put back the TIMEVAL_TO_TIMESPEC and timersub macros for Linux
Matt Johnston <matt@ucc.asn.au>
parents:
287
diff
changeset
|
61 #define TIMEVAL_TO_TIMESPEC(tv, ts) { \ |
|
5686ee0a3338
put back the TIMEVAL_TO_TIMESPEC and timersub macros for Linux
Matt Johnston <matt@ucc.asn.au>
parents:
287
diff
changeset
|
62 (ts)->tv_sec = (tv)->tv_sec; \ |
|
5686ee0a3338
put back the TIMEVAL_TO_TIMESPEC and timersub macros for Linux
Matt Johnston <matt@ucc.asn.au>
parents:
287
diff
changeset
|
63 (ts)->tv_nsec = (tv)->tv_usec * 1000; \ |
|
5686ee0a3338
put back the TIMEVAL_TO_TIMESPEC and timersub macros for Linux
Matt Johnston <matt@ucc.asn.au>
parents:
287
diff
changeset
|
64 } |
|
5686ee0a3338
put back the TIMEVAL_TO_TIMESPEC and timersub macros for Linux
Matt Johnston <matt@ucc.asn.au>
parents:
287
diff
changeset
|
65 #endif |
|
5686ee0a3338
put back the TIMEVAL_TO_TIMESPEC and timersub macros for Linux
Matt Johnston <matt@ucc.asn.au>
parents:
287
diff
changeset
|
66 |