# HG changeset patch # User Matt Johnston # Date 1404827976 -28800 # Node ID 4ad38e223ccdfe24637ccebd3e11f624c0c021db # Parent d93a6bcf616f0ed25ad546d50f5db0e0255b7e57 Send a failure response if a client receives a global request diff -r d93a6bcf616f -r 4ad38e223ccd channel.h --- a/channel.h Wed Jun 25 23:42:39 2014 +0800 +++ b/channel.h Tue Jul 08 21:59:36 2014 +0800 @@ -129,4 +129,7 @@ void recv_msg_channel_open_failure(); #endif +void send_msg_request_success(); +void send_msg_request_failure(); + #endif /* _CHANNEL_H_ */ diff -r d93a6bcf616f -r 4ad38e223ccd cli-session.c --- a/cli-session.c Wed Jun 25 23:42:39 2014 +0800 +++ b/cli-session.c Tue Jul 08 21:59:36 2014 +0800 @@ -44,6 +44,7 @@ static void cli_finished(); static void recv_msg_service_accept(void); static void cli_session_cleanup(void); +static void recv_msg_global_request_cli(void); struct clientsession cli_ses; /* GLOBAL */ @@ -68,6 +69,7 @@ {SSH_MSG_CHANNEL_OPEN_FAILURE, recv_msg_channel_open_failure}, {SSH_MSG_USERAUTH_BANNER, recv_msg_userauth_banner}, /* client */ {SSH_MSG_USERAUTH_SPECIFIC_60, recv_msg_userauth_specific_60}, /* client */ + {SSH_MSG_GLOBAL_REQUEST, recv_msg_global_request_cli}, #ifdef ENABLE_CLI_REMOTETCPFWD {SSH_MSG_REQUEST_SUCCESS, cli_recv_msg_request_success}, /* client */ {SSH_MSG_REQUEST_FAILURE, cli_recv_msg_request_failure}, /* client */ @@ -366,3 +368,9 @@ /* Null terminate */ dirtytext[j] = '\0'; } + +static void recv_msg_global_request_cli(void) { + TRACE(("recv_msg_global_request_cli")) + /* Send a proper rejection */ + send_msg_request_failure(); +} diff -r d93a6bcf616f -r 4ad38e223ccd common-channel.c --- a/common-channel.c Wed Jun 25 23:42:39 2014 +0800 +++ b/common-channel.c Tue Jul 08 21:59:36 2014 +0800 @@ -1099,3 +1099,16 @@ remove_channel(channel); } #endif /* USING_LISTENERS */ + +void send_msg_request_success() { + CHECKCLEARTOWRITE(); + buf_putbyte(ses.writepayload, SSH_MSG_REQUEST_SUCCESS); + encrypt_packet(); +} + +void send_msg_request_failure() { + CHECKCLEARTOWRITE(); + buf_putbyte(ses.writepayload, SSH_MSG_REQUEST_FAILURE); + encrypt_packet(); +} + diff -r d93a6bcf616f -r 4ad38e223ccd svr-tcpfwd.c --- a/svr-tcpfwd.c Wed Jun 25 23:42:39 2014 +0800 +++ b/svr-tcpfwd.c Tue Jul 08 21:59:36 2014 +0800 @@ -34,14 +34,6 @@ #include "runopts.h" #include "auth.h" -static void send_msg_request_failure(); - -static void send_msg_request_failure() { - CHECKCLEARTOWRITE(); - buf_putbyte(ses.writepayload, SSH_MSG_REQUEST_FAILURE); - encrypt_packet(); -} - #ifndef ENABLE_SVR_REMOTETCPFWD /* This is better than SSH_MSG_UNIMPLEMENTED */ @@ -53,7 +45,6 @@ /* */ #endif /* !ENABLE_SVR_REMOTETCPFWD */ -static void send_msg_request_success(); static int svr_cancelremotetcp(); static int svr_remotetcpreq(); static int newtcpdirect(struct Channel * channel); @@ -115,15 +106,6 @@ TRACE(("leave recv_msg_global_request")) } - -static void send_msg_request_success() { - - CHECKCLEARTOWRITE(); - buf_putbyte(ses.writepayload, SSH_MSG_REQUEST_SUCCESS); - encrypt_packet(); - -} - static int matchtcp(void* typedata1, void* typedata2) { const struct TCPListener *info1 = (struct TCPListener*)typedata1;