Mercurial > dropbear
comparison process-packet.c @ 910:89555751c489 asm
merge up to 2013.63, improve ASM makefile rules a bit
| author | Matt Johnston <matt@ucc.asn.au> |
|---|---|
| date | Thu, 27 Feb 2014 21:35:58 +0800 |
| parents | cbc73a5aefb0 |
| children | bae0b34bc059 b8208506322e |
comparison
equal
deleted
inserted
replaced
| 909:e4b75744acab | 910:89555751c489 |
|---|---|
| 28 #include "dbutil.h" | 28 #include "dbutil.h" |
| 29 #include "ssh.h" | 29 #include "ssh.h" |
| 30 #include "algo.h" | 30 #include "algo.h" |
| 31 #include "buffer.h" | 31 #include "buffer.h" |
| 32 #include "kex.h" | 32 #include "kex.h" |
| 33 #include "random.h" | 33 #include "dbrandom.h" |
| 34 #include "service.h" | 34 #include "service.h" |
| 35 #include "auth.h" | 35 #include "auth.h" |
| 36 #include "channel.h" | 36 #include "channel.h" |
| 37 | 37 |
| 38 #define MAX_UNAUTH_PACKET_TYPE SSH_MSG_USERAUTH_PK_OK | 38 #define MAX_UNAUTH_PACKET_TYPE SSH_MSG_USERAUTH_PK_OK |
| 72 dropbear_close("Disconnect received"); | 72 dropbear_close("Disconnect received"); |
| 73 } | 73 } |
| 74 | 74 |
| 75 /* This applies for KEX, where the spec says the next packet MUST be | 75 /* This applies for KEX, where the spec says the next packet MUST be |
| 76 * NEWKEYS */ | 76 * NEWKEYS */ |
| 77 if (ses.requirenext[0] != 0) { | 77 if (ses.requirenext != 0) { |
| 78 if (ses.requirenext[0] != type | 78 if (ses.requirenext == type) |
| 79 && (ses.requirenext[1] == 0 || ses.requirenext[1] != type)) { | 79 { |
| 80 dropbear_exit("Unexpected packet type %d, expected [%d,%d]", type, | |
| 81 ses.requirenext[0], ses.requirenext[1]); | |
| 82 } else { | |
| 83 /* Got what we expected */ | 80 /* Got what we expected */ |
| 84 ses.requirenext[0] = 0; | 81 TRACE(("got expected packet %d during kexinit", type)) |
| 85 ses.requirenext[1] = 0; | 82 } |
| 83 else | |
| 84 { | |
| 85 /* RFC4253 7.1 - various messages are allowed at this point. | |
| 86 The only ones we know about have already been handled though, | |
| 87 so just return "unimplemented" */ | |
| 88 if (type >= 1 && type <= 49 | |
| 89 && type != SSH_MSG_SERVICE_REQUEST | |
| 90 && type != SSH_MSG_SERVICE_ACCEPT | |
| 91 && type != SSH_MSG_KEXINIT) | |
| 92 { | |
| 93 TRACE(("unknown allowed packet during kexinit")) | |
| 94 recv_unimplemented(); | |
| 95 goto out; | |
| 96 } | |
| 97 else | |
| 98 { | |
| 99 TRACE(("disallowed packet during kexinit")) | |
| 100 dropbear_exit("Unexpected packet type %d, expected %d", type, | |
| 101 ses.requirenext); | |
| 102 } | |
| 86 } | 103 } |
| 87 } | 104 } |
| 88 | 105 |
| 89 /* Check if we should ignore this packet. Used currently only for | 106 /* Check if we should ignore this packet. Used currently only for |
| 90 * KEX code, with first_kex_packet_follows */ | 107 * KEX code, with first_kex_packet_follows */ |
| 91 if (ses.ignorenext) { | 108 if (ses.ignorenext) { |
| 92 TRACE(("Ignoring packet, type = %d", type)) | 109 TRACE(("Ignoring packet, type = %d", type)) |
| 93 ses.ignorenext = 0; | 110 ses.ignorenext = 0; |
| 94 goto out; | 111 goto out; |
| 112 } | |
| 113 | |
| 114 /* Only clear the flag after we have checked ignorenext */ | |
| 115 if (ses.requirenext != 0 && ses.requirenext == type) | |
| 116 { | |
| 117 ses.requirenext = 0; | |
| 95 } | 118 } |
| 96 | 119 |
| 97 | 120 |
| 98 /* Kindly the protocol authors gave all the preauth packets type values | 121 /* Kindly the protocol authors gave all the preauth packets type values |
| 99 * less-than-or-equal-to 60 ( == MAX_UNAUTH_PACKET_TYPE ). | 122 * less-than-or-equal-to 60 ( == MAX_UNAUTH_PACKET_TYPE ). |