Mercurial > dropbear

comparison process-packet.c @ 22:c1e5d9195402

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
merge of abac2150ee4f4031a98016241fbd136d24fed127 and ffa047425729e478a5b49b1ab0f8ec71c08a1421
author Matt Johnston <matt@ucc.asn.au>
date Wed, 23 Jun 2004 07:14:16 +0000
parents
children 0969767bca0d
comparison
equal deleted inserted replaced
14:5ae28f6101c1 22:c1e5d9195402
1 /*
2 * Dropbear - a SSH2 server
3 *
4 * Copyright (c) 2002-2004 Matt Johnston
5 * All rights reserved.
6 *
7 * Permission is hereby granted, free of charge, to any person obtaining a copy
8 * of this software and associated documentation files (the "Software"), to deal
9 * in the Software without restriction, including without limitation the rights
10 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
11 * copies of the Software, and to permit persons to whom the Software is
12 * furnished to do so, subject to the following conditions:
13 *
14 * The above copyright notice and this permission notice shall be included in
15 * all copies or substantial portions of the Software.
16 *
17 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
18 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
19 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
20 * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
21 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
22 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
23 * SOFTWARE. */
24
25 #include "includes.h"
26 #include "packet.h"
27 #include "session.h"
28 #include "dbutil.h"
29 #include "ssh.h"
30 #include "algo.h"
31 #include "buffer.h"
32 #include "kex.h"
33 #include "random.h"
34 #include "service.h"
35 #include "auth.h"
36 #include "channel.h"
37
38 #define MAX_UNAUTH_PACKET_TYPE SSH_MSG_USERAUTH_PK_OK
39
40 static void recv_unimplemented();
41
42 /* process a decrypted packet, call the appropriate handler */
43 void process_packet() {
44
45 unsigned char type;
46 unsigned int i;
47
48 TRACE(("enter process_packet"));
49
50 type = buf_getbyte(ses.payload);
51 TRACE(("process_packet: packet type = %d", type));
52
53 /* These packets we can receive at any time */
54 switch(type) {
55
56 case SSH_MSG_IGNORE:
57 case SSH_MSG_DEBUG:
58 TRACE(("received SSH_MSG_IGNORE or SSH_MSG_DEBUG"));
59 goto out;
60
61 case SSH_MSG_UNIMPLEMENTED:
62 /* debugging XXX */
63 TRACE(("SSH_MSG_UNIMPLEMENTED"));
64 dropbear_exit("received SSH_MSG_UNIMPLEMENTED");
65
66 case SSH_MSG_DISCONNECT:
67 /* TODO cleanup? */
68 dropbear_close("Disconnect received");
69 }
70
71
72 /* This applies for KEX, where the spec says the next packet MUST be
73 * NEWKEYS */
74 if (ses.requirenext != 0) {
75 if (ses.requirenext != type) {
76 /* TODO send disconnect? */
77 dropbear_exit("unexpected packet type %d, expected %d", type,
78 ses.requirenext);
79 } else {
80 /* Got what we expected */
81 ses.requirenext = 0;
82 }
83 }
84
85 /* Check if we should ignore this packet. Used currently only for
86 * KEX code, with first_kex_packet_follows */
87 if (ses.ignorenext) {
88 TRACE(("Ignoring packet, type = %d", type));
89 ses.ignorenext = 0;
90 goto out;
91 }
92
93 /* XXX This code somewhere else perhaps? */
94 #ifdef DROPBEAR_CLIENT
95 if (IS_DROPBEAR_CLIENT) {
96
97 /* XXX - needs changing */
98 /* In client mode, we REUSE ses.expecting to proceed to the
99 * next phase when a packet was received.
100 * If the "expecting" flag is set to a non-null value, it will
101 * be reset when a packet of that type is received.
102 * This is different from the server-mode behaviour, when
103 * a packet type mismatch would have caused sudden death.
104 */
105
106 /* check that we aren't expecting a particular packet */
107 if (cli_ses.expecting && cli_ses.expecting == type) {
108 cli_ses.expecting = 0;
109 }
110 }
111 #endif
112
113 /* Kindly the protocol authors gave all the preauth packets type values
114 * less-than-or-equal-to 60 ( == MAX_UNAUTH_PACKET_TYPE ).
115 * NOTE: if the protocol changes and new types are added, revisit this
116 * assumption */
117 if ( !ses.authdone && type > MAX_UNAUTH_PACKET_TYPE ) {
118 dropbear_exit("received message %d before userauth", type);
119 }
120
121 for (i = 0; ; i++) {
122 if (ses.packettypes[i].type == 0) {
123 /* end of list */
124 break;
125 }
126
127 if (ses.packettypes[i].type == type) {
128 ses.packettypes[i].handler();
129 goto out;
130 }
131 }
132
133
134 /* TODO do something more here? */
135 TRACE(("preauth unknown packet"));
136 recv_unimplemented();
137
138 out:
139 buf_free(ses.payload);
140 ses.payload = NULL;
141
142 TRACE(("leave process_packet"));
143 }
144
145
146
147 /* This must be called directly after receiving the unimplemented packet.
148 * Isn't the most clean implementation, it relies on packet processing
149 * occurring directly after decryption (direct use of ses.recvseq).
150 * This is reasonably valid, since there is only a single decryption buffer */
151 static void recv_unimplemented() {
152
153 CHECKCLEARTOWRITE();
154
155 buf_putbyte(ses.writepayload, SSH_MSG_UNIMPLEMENTED);
156 /* the decryption routine increments the sequence number, we must
157 * decrement */
158 buf_putint(ses.writepayload, ses.recvseq - 1);
159
160 encrypt_packet();
161 }