Mercurial > dropbear
comparison process-packet.c @ 910:89555751c489 asm
merge up to 2013.63, improve ASM makefile rules a bit
author | Matt Johnston <matt@ucc.asn.au> |
---|---|
date | Thu, 27 Feb 2014 21:35:58 +0800 |
parents | cbc73a5aefb0 |
children | bae0b34bc059 b8208506322e |
comparison
equal
deleted
inserted
replaced
909:e4b75744acab | 910:89555751c489 |
---|---|
28 #include "dbutil.h" | 28 #include "dbutil.h" |
29 #include "ssh.h" | 29 #include "ssh.h" |
30 #include "algo.h" | 30 #include "algo.h" |
31 #include "buffer.h" | 31 #include "buffer.h" |
32 #include "kex.h" | 32 #include "kex.h" |
33 #include "random.h" | 33 #include "dbrandom.h" |
34 #include "service.h" | 34 #include "service.h" |
35 #include "auth.h" | 35 #include "auth.h" |
36 #include "channel.h" | 36 #include "channel.h" |
37 | 37 |
38 #define MAX_UNAUTH_PACKET_TYPE SSH_MSG_USERAUTH_PK_OK | 38 #define MAX_UNAUTH_PACKET_TYPE SSH_MSG_USERAUTH_PK_OK |
72 dropbear_close("Disconnect received"); | 72 dropbear_close("Disconnect received"); |
73 } | 73 } |
74 | 74 |
75 /* This applies for KEX, where the spec says the next packet MUST be | 75 /* This applies for KEX, where the spec says the next packet MUST be |
76 * NEWKEYS */ | 76 * NEWKEYS */ |
77 if (ses.requirenext[0] != 0) { | 77 if (ses.requirenext != 0) { |
78 if (ses.requirenext[0] != type | 78 if (ses.requirenext == type) |
79 && (ses.requirenext[1] == 0 || ses.requirenext[1] != type)) { | 79 { |
80 dropbear_exit("Unexpected packet type %d, expected [%d,%d]", type, | |
81 ses.requirenext[0], ses.requirenext[1]); | |
82 } else { | |
83 /* Got what we expected */ | 80 /* Got what we expected */ |
84 ses.requirenext[0] = 0; | 81 TRACE(("got expected packet %d during kexinit", type)) |
85 ses.requirenext[1] = 0; | 82 } |
83 else | |
84 { | |
85 /* RFC4253 7.1 - various messages are allowed at this point. | |
86 The only ones we know about have already been handled though, | |
87 so just return "unimplemented" */ | |
88 if (type >= 1 && type <= 49 | |
89 && type != SSH_MSG_SERVICE_REQUEST | |
90 && type != SSH_MSG_SERVICE_ACCEPT | |
91 && type != SSH_MSG_KEXINIT) | |
92 { | |
93 TRACE(("unknown allowed packet during kexinit")) | |
94 recv_unimplemented(); | |
95 goto out; | |
96 } | |
97 else | |
98 { | |
99 TRACE(("disallowed packet during kexinit")) | |
100 dropbear_exit("Unexpected packet type %d, expected %d", type, | |
101 ses.requirenext); | |
102 } | |
86 } | 103 } |
87 } | 104 } |
88 | 105 |
89 /* Check if we should ignore this packet. Used currently only for | 106 /* Check if we should ignore this packet. Used currently only for |
90 * KEX code, with first_kex_packet_follows */ | 107 * KEX code, with first_kex_packet_follows */ |
91 if (ses.ignorenext) { | 108 if (ses.ignorenext) { |
92 TRACE(("Ignoring packet, type = %d", type)) | 109 TRACE(("Ignoring packet, type = %d", type)) |
93 ses.ignorenext = 0; | 110 ses.ignorenext = 0; |
94 goto out; | 111 goto out; |
112 } | |
113 | |
114 /* Only clear the flag after we have checked ignorenext */ | |
115 if (ses.requirenext != 0 && ses.requirenext == type) | |
116 { | |
117 ses.requirenext = 0; | |
95 } | 118 } |
96 | 119 |
97 | 120 |
98 /* Kindly the protocol authors gave all the preauth packets type values | 121 /* Kindly the protocol authors gave all the preauth packets type values |
99 * less-than-or-equal-to 60 ( == MAX_UNAUTH_PACKET_TYPE ). | 122 * less-than-or-equal-to 60 ( == MAX_UNAUTH_PACKET_TYPE ). |