Mercurial > dropbear
annotate process-packet.c @ 1902:4a6725ac957c
Revert "Don't include sk keys at all in KEX list"
This reverts git commit f972813ecdc7bb981d25b5a63638bd158f1c8e72.
The sk algorithms need to remain in the sigalgs list so that they
are included in the server-sig-algs ext-info message sent by
the server. RFC8308 for server-sig-algs requires that all algorithms are
listed (though OpenSSH client 8.4p1 tested doesn't require that)
author | Matt Johnston <matt@ucc.asn.au> |
---|---|
date | Thu, 24 Mar 2022 13:42:08 +0800 |
parents | 41bf8f216644 |
children |
rev | line source |
---|---|
22
c1e5d9195402
merge of abac2150ee4f4031a98016241fbd136d24fed127
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
1 /* |
c1e5d9195402
merge of abac2150ee4f4031a98016241fbd136d24fed127
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
2 * Dropbear - a SSH2 server |
c1e5d9195402
merge of abac2150ee4f4031a98016241fbd136d24fed127
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
3 * |
c1e5d9195402
merge of abac2150ee4f4031a98016241fbd136d24fed127
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
4 * Copyright (c) 2002-2004 Matt Johnston |
c1e5d9195402
merge of abac2150ee4f4031a98016241fbd136d24fed127
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
5 * All rights reserved. |
c1e5d9195402
merge of abac2150ee4f4031a98016241fbd136d24fed127
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
6 * |
c1e5d9195402
merge of abac2150ee4f4031a98016241fbd136d24fed127
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
7 * Permission is hereby granted, free of charge, to any person obtaining a copy |
c1e5d9195402
merge of abac2150ee4f4031a98016241fbd136d24fed127
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
8 * of this software and associated documentation files (the "Software"), to deal |
c1e5d9195402
merge of abac2150ee4f4031a98016241fbd136d24fed127
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
9 * in the Software without restriction, including without limitation the rights |
c1e5d9195402
merge of abac2150ee4f4031a98016241fbd136d24fed127
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
10 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell |
c1e5d9195402
merge of abac2150ee4f4031a98016241fbd136d24fed127
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
11 * copies of the Software, and to permit persons to whom the Software is |
c1e5d9195402
merge of abac2150ee4f4031a98016241fbd136d24fed127
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
12 * furnished to do so, subject to the following conditions: |
c1e5d9195402
merge of abac2150ee4f4031a98016241fbd136d24fed127
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
13 * |
c1e5d9195402
merge of abac2150ee4f4031a98016241fbd136d24fed127
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
14 * The above copyright notice and this permission notice shall be included in |
c1e5d9195402
merge of abac2150ee4f4031a98016241fbd136d24fed127
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
15 * all copies or substantial portions of the Software. |
c1e5d9195402
merge of abac2150ee4f4031a98016241fbd136d24fed127
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
16 * |
c1e5d9195402
merge of abac2150ee4f4031a98016241fbd136d24fed127
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
17 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR |
c1e5d9195402
merge of abac2150ee4f4031a98016241fbd136d24fed127
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
18 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, |
c1e5d9195402
merge of abac2150ee4f4031a98016241fbd136d24fed127
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
19 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE |
c1e5d9195402
merge of abac2150ee4f4031a98016241fbd136d24fed127
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
20 * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER |
c1e5d9195402
merge of abac2150ee4f4031a98016241fbd136d24fed127
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
21 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, |
c1e5d9195402
merge of abac2150ee4f4031a98016241fbd136d24fed127
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
22 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE |
c1e5d9195402
merge of abac2150ee4f4031a98016241fbd136d24fed127
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
23 * SOFTWARE. */ |
c1e5d9195402
merge of abac2150ee4f4031a98016241fbd136d24fed127
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
24 |
c1e5d9195402
merge of abac2150ee4f4031a98016241fbd136d24fed127
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
25 #include "includes.h" |
c1e5d9195402
merge of abac2150ee4f4031a98016241fbd136d24fed127
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
26 #include "packet.h" |
c1e5d9195402
merge of abac2150ee4f4031a98016241fbd136d24fed127
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
27 #include "session.h" |
c1e5d9195402
merge of abac2150ee4f4031a98016241fbd136d24fed127
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
28 #include "dbutil.h" |
c1e5d9195402
merge of abac2150ee4f4031a98016241fbd136d24fed127
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
29 #include "ssh.h" |
c1e5d9195402
merge of abac2150ee4f4031a98016241fbd136d24fed127
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
30 #include "algo.h" |
c1e5d9195402
merge of abac2150ee4f4031a98016241fbd136d24fed127
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
31 #include "buffer.h" |
c1e5d9195402
merge of abac2150ee4f4031a98016241fbd136d24fed127
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
32 #include "kex.h" |
858
220f55d540ae
rename random.h to dbrandom.h since some OSes have a system random.h
Matt Johnston <matt@ucc.asn.au>
parents:
778
diff
changeset
|
33 #include "dbrandom.h" |
22
c1e5d9195402
merge of abac2150ee4f4031a98016241fbd136d24fed127
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
34 #include "service.h" |
c1e5d9195402
merge of abac2150ee4f4031a98016241fbd136d24fed127
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
35 #include "auth.h" |
c1e5d9195402
merge of abac2150ee4f4031a98016241fbd136d24fed127
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
36 #include "channel.h" |
c1e5d9195402
merge of abac2150ee4f4031a98016241fbd136d24fed127
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
37 |
c1e5d9195402
merge of abac2150ee4f4031a98016241fbd136d24fed127
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
38 #define MAX_UNAUTH_PACKET_TYPE SSH_MSG_USERAUTH_PK_OK |
c1e5d9195402
merge of abac2150ee4f4031a98016241fbd136d24fed127
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
39 |
1276
9169e4e7cbee
fix empty C prototypes
Francois Perrad <francois.perrad@gadz.org>
parents:
939
diff
changeset
|
40 static void recv_unimplemented(void); |
22
c1e5d9195402
merge of abac2150ee4f4031a98016241fbd136d24fed127
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
41 |
c1e5d9195402
merge of abac2150ee4f4031a98016241fbd136d24fed127
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
42 /* process a decrypted packet, call the appropriate handler */ |
c1e5d9195402
merge of abac2150ee4f4031a98016241fbd136d24fed127
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
43 void process_packet() { |
c1e5d9195402
merge of abac2150ee4f4031a98016241fbd136d24fed127
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
44 |
c1e5d9195402
merge of abac2150ee4f4031a98016241fbd136d24fed127
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
45 unsigned char type; |
c1e5d9195402
merge of abac2150ee4f4031a98016241fbd136d24fed127
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
46 unsigned int i; |
939
a0819ecfee0b
Make -K keepalive behave like OpenSSH's ServerAliveInterval
Matt Johnston <matt@ucc.asn.au>
parents:
928
diff
changeset
|
47 time_t now; |
22
c1e5d9195402
merge of abac2150ee4f4031a98016241fbd136d24fed127
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
48 |
731
9a5438271556
Move the more verbose TRACE() statements into TRACE2()
Matt Johnston <matt@ucc.asn.au>
parents:
594
diff
changeset
|
49 TRACE2(("enter process_packet")) |
22
c1e5d9195402
merge of abac2150ee4f4031a98016241fbd136d24fed127
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
50 |
c1e5d9195402
merge of abac2150ee4f4031a98016241fbd136d24fed127
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
51 type = buf_getbyte(ses.payload); |
751
685d05f1cc5c
Just put the version string on the queue, don't use atomicio
Matt Johnston <matt@ucc.asn.au>
parents:
731
diff
changeset
|
52 TRACE(("process_packet: packet type = %d, len %d", type, ses.payload->len)) |
22
c1e5d9195402
merge of abac2150ee4f4031a98016241fbd136d24fed127
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
53 |
939
a0819ecfee0b
Make -K keepalive behave like OpenSSH's ServerAliveInterval
Matt Johnston <matt@ucc.asn.au>
parents:
928
diff
changeset
|
54 now = monotonic_now(); |
a0819ecfee0b
Make -K keepalive behave like OpenSSH's ServerAliveInterval
Matt Johnston <matt@ucc.asn.au>
parents:
928
diff
changeset
|
55 ses.last_packet_time_keepalive_recv = now; |
592
afb089e70892
Don't reset last_packet_time when we're transmitting SSH_MSG_IGNORE packets
Matt Johnston <matt@ucc.asn.au>
parents:
513
diff
changeset
|
56 |
22
c1e5d9195402
merge of abac2150ee4f4031a98016241fbd136d24fed127
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
57 /* These packets we can receive at any time */ |
c1e5d9195402
merge of abac2150ee4f4031a98016241fbd136d24fed127
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
58 switch(type) { |
c1e5d9195402
merge of abac2150ee4f4031a98016241fbd136d24fed127
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
59 |
c1e5d9195402
merge of abac2150ee4f4031a98016241fbd136d24fed127
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
60 case SSH_MSG_IGNORE: |
454
7e43f5e473b9
- Add -K keepalive flag for dropbear and dbclient
Matt Johnston <matt@ucc.asn.au>
parents:
426
diff
changeset
|
61 goto out; |
22
c1e5d9195402
merge of abac2150ee4f4031a98016241fbd136d24fed127
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
62 case SSH_MSG_DEBUG: |
c1e5d9195402
merge of abac2150ee4f4031a98016241fbd136d24fed127
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
63 goto out; |
c1e5d9195402
merge of abac2150ee4f4031a98016241fbd136d24fed127
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
64 |
c1e5d9195402
merge of abac2150ee4f4031a98016241fbd136d24fed127
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
65 case SSH_MSG_UNIMPLEMENTED: |
c1e5d9195402
merge of abac2150ee4f4031a98016241fbd136d24fed127
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
66 /* debugging XXX */ |
165
0cfba3034be5
Fixed DEBUG_TRACE macro so that we don't get semicolons left about the place
Matt Johnston <matt@ucc.asn.au>
parents:
42
diff
changeset
|
67 TRACE(("SSH_MSG_UNIMPLEMENTED")) |
939
a0819ecfee0b
Make -K keepalive behave like OpenSSH's ServerAliveInterval
Matt Johnston <matt@ucc.asn.au>
parents:
928
diff
changeset
|
68 goto out; |
22
c1e5d9195402
merge of abac2150ee4f4031a98016241fbd136d24fed127
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
69 |
c1e5d9195402
merge of abac2150ee4f4031a98016241fbd136d24fed127
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
70 case SSH_MSG_DISCONNECT: |
c1e5d9195402
merge of abac2150ee4f4031a98016241fbd136d24fed127
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
71 /* TODO cleanup? */ |
c1e5d9195402
merge of abac2150ee4f4031a98016241fbd136d24fed127
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
72 dropbear_close("Disconnect received"); |
c1e5d9195402
merge of abac2150ee4f4031a98016241fbd136d24fed127
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
73 } |
c1e5d9195402
merge of abac2150ee4f4031a98016241fbd136d24fed127
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
74 |
939
a0819ecfee0b
Make -K keepalive behave like OpenSSH's ServerAliveInterval
Matt Johnston <matt@ucc.asn.au>
parents:
928
diff
changeset
|
75 /* Ignore these packet types so that keepalives don't interfere with |
a0819ecfee0b
Make -K keepalive behave like OpenSSH's ServerAliveInterval
Matt Johnston <matt@ucc.asn.au>
parents:
928
diff
changeset
|
76 idle detection. This is slightly incorrect since a tcp forwarded |
a0819ecfee0b
Make -K keepalive behave like OpenSSH's ServerAliveInterval
Matt Johnston <matt@ucc.asn.au>
parents:
928
diff
changeset
|
77 global request with failure won't trigger the idle timeout, |
a0819ecfee0b
Make -K keepalive behave like OpenSSH's ServerAliveInterval
Matt Johnston <matt@ucc.asn.au>
parents:
928
diff
changeset
|
78 but that's probably acceptable */ |
1670
aeda68938596
Add files via upload (#90)
jcmathews <jesselcmathews@yahoo.co.in>
parents:
1276
diff
changeset
|
79 if (!(type == SSH_MSG_GLOBAL_REQUEST |
aeda68938596
Add files via upload (#90)
jcmathews <jesselcmathews@yahoo.co.in>
parents:
1276
diff
changeset
|
80 || type == SSH_MSG_REQUEST_FAILURE |
aeda68938596
Add files via upload (#90)
jcmathews <jesselcmathews@yahoo.co.in>
parents:
1276
diff
changeset
|
81 || type == SSH_MSG_CHANNEL_FAILURE)) { |
939
a0819ecfee0b
Make -K keepalive behave like OpenSSH's ServerAliveInterval
Matt Johnston <matt@ucc.asn.au>
parents:
928
diff
changeset
|
82 ses.last_packet_time_idle = now; |
a0819ecfee0b
Make -K keepalive behave like OpenSSH's ServerAliveInterval
Matt Johnston <matt@ucc.asn.au>
parents:
928
diff
changeset
|
83 } |
a0819ecfee0b
Make -K keepalive behave like OpenSSH's ServerAliveInterval
Matt Johnston <matt@ucc.asn.au>
parents:
928
diff
changeset
|
84 |
22
c1e5d9195402
merge of abac2150ee4f4031a98016241fbd136d24fed127
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
85 /* This applies for KEX, where the spec says the next packet MUST be |
c1e5d9195402
merge of abac2150ee4f4031a98016241fbd136d24fed127
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
86 * NEWKEYS */ |
886
cbc73a5aefb0
requirenext doesn't need two values
Matt Johnston <matt@ucc.asn.au>
parents:
885
diff
changeset
|
87 if (ses.requirenext != 0) { |
cbc73a5aefb0
requirenext doesn't need two values
Matt Johnston <matt@ucc.asn.au>
parents:
885
diff
changeset
|
88 if (ses.requirenext == type) |
885
19ce21bd198a
Fix failing rekeying when we receive a still-in-flight packet
Matt Johnston <matt@ucc.asn.au>
parents:
858
diff
changeset
|
89 { |
22
c1e5d9195402
merge of abac2150ee4f4031a98016241fbd136d24fed127
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
90 /* Got what we expected */ |
886
cbc73a5aefb0
requirenext doesn't need two values
Matt Johnston <matt@ucc.asn.au>
parents:
885
diff
changeset
|
91 TRACE(("got expected packet %d during kexinit", type)) |
22
c1e5d9195402
merge of abac2150ee4f4031a98016241fbd136d24fed127
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
92 } |
885
19ce21bd198a
Fix failing rekeying when we receive a still-in-flight packet
Matt Johnston <matt@ucc.asn.au>
parents:
858
diff
changeset
|
93 else |
19ce21bd198a
Fix failing rekeying when we receive a still-in-flight packet
Matt Johnston <matt@ucc.asn.au>
parents:
858
diff
changeset
|
94 { |
19ce21bd198a
Fix failing rekeying when we receive a still-in-flight packet
Matt Johnston <matt@ucc.asn.au>
parents:
858
diff
changeset
|
95 /* RFC4253 7.1 - various messages are allowed at this point. |
19ce21bd198a
Fix failing rekeying when we receive a still-in-flight packet
Matt Johnston <matt@ucc.asn.au>
parents:
858
diff
changeset
|
96 The only ones we know about have already been handled though, |
19ce21bd198a
Fix failing rekeying when we receive a still-in-flight packet
Matt Johnston <matt@ucc.asn.au>
parents:
858
diff
changeset
|
97 so just return "unimplemented" */ |
19ce21bd198a
Fix failing rekeying when we receive a still-in-flight packet
Matt Johnston <matt@ucc.asn.au>
parents:
858
diff
changeset
|
98 if (type >= 1 && type <= 49 |
19ce21bd198a
Fix failing rekeying when we receive a still-in-flight packet
Matt Johnston <matt@ucc.asn.au>
parents:
858
diff
changeset
|
99 && type != SSH_MSG_SERVICE_REQUEST |
19ce21bd198a
Fix failing rekeying when we receive a still-in-flight packet
Matt Johnston <matt@ucc.asn.au>
parents:
858
diff
changeset
|
100 && type != SSH_MSG_SERVICE_ACCEPT |
19ce21bd198a
Fix failing rekeying when we receive a still-in-flight packet
Matt Johnston <matt@ucc.asn.au>
parents:
858
diff
changeset
|
101 && type != SSH_MSG_KEXINIT) |
19ce21bd198a
Fix failing rekeying when we receive a still-in-flight packet
Matt Johnston <matt@ucc.asn.au>
parents:
858
diff
changeset
|
102 { |
19ce21bd198a
Fix failing rekeying when we receive a still-in-flight packet
Matt Johnston <matt@ucc.asn.au>
parents:
858
diff
changeset
|
103 TRACE(("unknown allowed packet during kexinit")) |
19ce21bd198a
Fix failing rekeying when we receive a still-in-flight packet
Matt Johnston <matt@ucc.asn.au>
parents:
858
diff
changeset
|
104 recv_unimplemented(); |
19ce21bd198a
Fix failing rekeying when we receive a still-in-flight packet
Matt Johnston <matt@ucc.asn.au>
parents:
858
diff
changeset
|
105 goto out; |
19ce21bd198a
Fix failing rekeying when we receive a still-in-flight packet
Matt Johnston <matt@ucc.asn.au>
parents:
858
diff
changeset
|
106 } |
19ce21bd198a
Fix failing rekeying when we receive a still-in-flight packet
Matt Johnston <matt@ucc.asn.au>
parents:
858
diff
changeset
|
107 else |
19ce21bd198a
Fix failing rekeying when we receive a still-in-flight packet
Matt Johnston <matt@ucc.asn.au>
parents:
858
diff
changeset
|
108 { |
19ce21bd198a
Fix failing rekeying when we receive a still-in-flight packet
Matt Johnston <matt@ucc.asn.au>
parents:
858
diff
changeset
|
109 TRACE(("disallowed packet during kexinit")) |
886
cbc73a5aefb0
requirenext doesn't need two values
Matt Johnston <matt@ucc.asn.au>
parents:
885
diff
changeset
|
110 dropbear_exit("Unexpected packet type %d, expected %d", type, |
cbc73a5aefb0
requirenext doesn't need two values
Matt Johnston <matt@ucc.asn.au>
parents:
885
diff
changeset
|
111 ses.requirenext); |
885
19ce21bd198a
Fix failing rekeying when we receive a still-in-flight packet
Matt Johnston <matt@ucc.asn.au>
parents:
858
diff
changeset
|
112 } |
19ce21bd198a
Fix failing rekeying when we receive a still-in-flight packet
Matt Johnston <matt@ucc.asn.au>
parents:
858
diff
changeset
|
113 } |
22
c1e5d9195402
merge of abac2150ee4f4031a98016241fbd136d24fed127
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
114 } |
c1e5d9195402
merge of abac2150ee4f4031a98016241fbd136d24fed127
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
115 |
c1e5d9195402
merge of abac2150ee4f4031a98016241fbd136d24fed127
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
116 /* Check if we should ignore this packet. Used currently only for |
c1e5d9195402
merge of abac2150ee4f4031a98016241fbd136d24fed127
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
117 * KEX code, with first_kex_packet_follows */ |
c1e5d9195402
merge of abac2150ee4f4031a98016241fbd136d24fed127
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
118 if (ses.ignorenext) { |
165
0cfba3034be5
Fixed DEBUG_TRACE macro so that we don't get semicolons left about the place
Matt Johnston <matt@ucc.asn.au>
parents:
42
diff
changeset
|
119 TRACE(("Ignoring packet, type = %d", type)) |
22
c1e5d9195402
merge of abac2150ee4f4031a98016241fbd136d24fed127
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
120 ses.ignorenext = 0; |
c1e5d9195402
merge of abac2150ee4f4031a98016241fbd136d24fed127
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
121 goto out; |
c1e5d9195402
merge of abac2150ee4f4031a98016241fbd136d24fed127
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
122 } |
c1e5d9195402
merge of abac2150ee4f4031a98016241fbd136d24fed127
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
123 |
886
cbc73a5aefb0
requirenext doesn't need two values
Matt Johnston <matt@ucc.asn.au>
parents:
885
diff
changeset
|
124 /* Only clear the flag after we have checked ignorenext */ |
cbc73a5aefb0
requirenext doesn't need two values
Matt Johnston <matt@ucc.asn.au>
parents:
885
diff
changeset
|
125 if (ses.requirenext != 0 && ses.requirenext == type) |
cbc73a5aefb0
requirenext doesn't need two values
Matt Johnston <matt@ucc.asn.au>
parents:
885
diff
changeset
|
126 { |
cbc73a5aefb0
requirenext doesn't need two values
Matt Johnston <matt@ucc.asn.au>
parents:
885
diff
changeset
|
127 ses.requirenext = 0; |
cbc73a5aefb0
requirenext doesn't need two values
Matt Johnston <matt@ucc.asn.au>
parents:
885
diff
changeset
|
128 } |
cbc73a5aefb0
requirenext doesn't need two values
Matt Johnston <matt@ucc.asn.au>
parents:
885
diff
changeset
|
129 |
22
c1e5d9195402
merge of abac2150ee4f4031a98016241fbd136d24fed127
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
130 |
c1e5d9195402
merge of abac2150ee4f4031a98016241fbd136d24fed127
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
131 /* Kindly the protocol authors gave all the preauth packets type values |
c1e5d9195402
merge of abac2150ee4f4031a98016241fbd136d24fed127
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
132 * less-than-or-equal-to 60 ( == MAX_UNAUTH_PACKET_TYPE ). |
c1e5d9195402
merge of abac2150ee4f4031a98016241fbd136d24fed127
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
133 * NOTE: if the protocol changes and new types are added, revisit this |
c1e5d9195402
merge of abac2150ee4f4031a98016241fbd136d24fed127
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
134 * assumption */ |
27
08da099e8337
- Rename common-packet.c to packet.c
Matt Johnston <matt@ucc.asn.au>
parents:
26
diff
changeset
|
135 if ( !ses.authstate.authdone && type > MAX_UNAUTH_PACKET_TYPE ) { |
594
a98a2138364a
Improve capitalisation for all logged strings
Matt Johnston <matt@ucc.asn.au>
parents:
592
diff
changeset
|
136 dropbear_exit("Received message %d before userauth", type); |
22
c1e5d9195402
merge of abac2150ee4f4031a98016241fbd136d24fed127
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
137 } |
c1e5d9195402
merge of abac2150ee4f4031a98016241fbd136d24fed127
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
138 |
c1e5d9195402
merge of abac2150ee4f4031a98016241fbd136d24fed127
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
139 for (i = 0; ; i++) { |
c1e5d9195402
merge of abac2150ee4f4031a98016241fbd136d24fed127
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
140 if (ses.packettypes[i].type == 0) { |
c1e5d9195402
merge of abac2150ee4f4031a98016241fbd136d24fed127
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
141 /* end of list */ |
c1e5d9195402
merge of abac2150ee4f4031a98016241fbd136d24fed127
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
142 break; |
c1e5d9195402
merge of abac2150ee4f4031a98016241fbd136d24fed127
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
143 } |
c1e5d9195402
merge of abac2150ee4f4031a98016241fbd136d24fed127
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
144 |
c1e5d9195402
merge of abac2150ee4f4031a98016241fbd136d24fed127
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
145 if (ses.packettypes[i].type == type) { |
c1e5d9195402
merge of abac2150ee4f4031a98016241fbd136d24fed127
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
146 ses.packettypes[i].handler(); |
c1e5d9195402
merge of abac2150ee4f4031a98016241fbd136d24fed127
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
147 goto out; |
c1e5d9195402
merge of abac2150ee4f4031a98016241fbd136d24fed127
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
148 } |
c1e5d9195402
merge of abac2150ee4f4031a98016241fbd136d24fed127
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
149 } |
c1e5d9195402
merge of abac2150ee4f4031a98016241fbd136d24fed127
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
150 |
c1e5d9195402
merge of abac2150ee4f4031a98016241fbd136d24fed127
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
151 |
c1e5d9195402
merge of abac2150ee4f4031a98016241fbd136d24fed127
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
152 /* TODO do something more here? */ |
165
0cfba3034be5
Fixed DEBUG_TRACE macro so that we don't get semicolons left about the place
Matt Johnston <matt@ucc.asn.au>
parents:
42
diff
changeset
|
153 TRACE(("preauth unknown packet")) |
22
c1e5d9195402
merge of abac2150ee4f4031a98016241fbd136d24fed127
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
154 recv_unimplemented(); |
c1e5d9195402
merge of abac2150ee4f4031a98016241fbd136d24fed127
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
155 |
c1e5d9195402
merge of abac2150ee4f4031a98016241fbd136d24fed127
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
156 out: |
1681
435cfb9ec96e
send and handle SSH_MSG_EXT_INFO only at the correct point
Matt Johnston <matt@ucc.asn.au>
parents:
1276
diff
changeset
|
157 ses.lastpacket = type; |
22
c1e5d9195402
merge of abac2150ee4f4031a98016241fbd136d24fed127
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
158 buf_free(ses.payload); |
c1e5d9195402
merge of abac2150ee4f4031a98016241fbd136d24fed127
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
159 ses.payload = NULL; |
c1e5d9195402
merge of abac2150ee4f4031a98016241fbd136d24fed127
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
160 |
731
9a5438271556
Move the more verbose TRACE() statements into TRACE2()
Matt Johnston <matt@ucc.asn.au>
parents:
594
diff
changeset
|
161 TRACE2(("leave process_packet")) |
22
c1e5d9195402
merge of abac2150ee4f4031a98016241fbd136d24fed127
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
162 } |
c1e5d9195402
merge of abac2150ee4f4031a98016241fbd136d24fed127
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
163 |
c1e5d9195402
merge of abac2150ee4f4031a98016241fbd136d24fed127
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
164 |
c1e5d9195402
merge of abac2150ee4f4031a98016241fbd136d24fed127
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
165 |
c1e5d9195402
merge of abac2150ee4f4031a98016241fbd136d24fed127
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
166 /* This must be called directly after receiving the unimplemented packet. |
c1e5d9195402
merge of abac2150ee4f4031a98016241fbd136d24fed127
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
167 * Isn't the most clean implementation, it relies on packet processing |
c1e5d9195402
merge of abac2150ee4f4031a98016241fbd136d24fed127
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
168 * occurring directly after decryption (direct use of ses.recvseq). |
c1e5d9195402
merge of abac2150ee4f4031a98016241fbd136d24fed127
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
169 * This is reasonably valid, since there is only a single decryption buffer */ |
c1e5d9195402
merge of abac2150ee4f4031a98016241fbd136d24fed127
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
170 static void recv_unimplemented() { |
c1e5d9195402
merge of abac2150ee4f4031a98016241fbd136d24fed127
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
171 |
c1e5d9195402
merge of abac2150ee4f4031a98016241fbd136d24fed127
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
172 CHECKCLEARTOWRITE(); |
c1e5d9195402
merge of abac2150ee4f4031a98016241fbd136d24fed127
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
173 |
c1e5d9195402
merge of abac2150ee4f4031a98016241fbd136d24fed127
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
174 buf_putbyte(ses.writepayload, SSH_MSG_UNIMPLEMENTED); |
c1e5d9195402
merge of abac2150ee4f4031a98016241fbd136d24fed127
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
175 /* the decryption routine increments the sequence number, we must |
c1e5d9195402
merge of abac2150ee4f4031a98016241fbd136d24fed127
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
176 * decrement */ |
c1e5d9195402
merge of abac2150ee4f4031a98016241fbd136d24fed127
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
177 buf_putint(ses.writepayload, ses.recvseq - 1); |
c1e5d9195402
merge of abac2150ee4f4031a98016241fbd136d24fed127
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
178 |
c1e5d9195402
merge of abac2150ee4f4031a98016241fbd136d24fed127
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
179 encrypt_packet(); |
c1e5d9195402
merge of abac2150ee4f4031a98016241fbd136d24fed127
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
180 } |