# HG changeset patch # User Matt Johnston # Date 1222654984 0 # Node ID d58c478bd39955f6496578336ef6021c396a2b66 # Parent f3ca5ebc319a4069a8b0e6ea9cbf00d1c1b297aa Add support for zlib@openssh.com delayed compression. Are still advertising 'zlib' for the server, need to allow delayed-only as an option diff -r f3ca5ebc319a -r d58c478bd399 cli-auth.c --- a/cli-auth.c Tue Sep 23 16:02:51 2008 +0000 +++ b/cli-auth.c Mon Sep 29 02:23:04 2008 +0000 @@ -229,6 +229,8 @@ void recv_msg_userauth_success() { TRACE(("received msg_userauth_success")) + /* Note: in delayed-zlib mode, setting authdone here + * will enable compression in the transport layer */ ses.authstate.authdone = 1; cli_ses.state = USERAUTH_SUCCESS_RCVD; cli_ses.lastauthtype = AUTH_TYPE_NONE; diff -r f3ca5ebc319a -r d58c478bd399 common-algo.c --- a/common-algo.c Tue Sep 23 16:02:51 2008 +0000 +++ b/common-algo.c Mon Sep 29 02:23:04 2008 +0000 @@ -124,6 +124,7 @@ algo_type sshcompress[] = { #ifndef DISABLE_ZLIB {"zlib", DROPBEAR_COMP_ZLIB, NULL, 1}, + {"zlib@openssh.com", DROPBEAR_COMP_ZLIB_DELAY, NULL, 1}, #endif {"none", DROPBEAR_COMP_NONE, NULL, 1}, {NULL, 0, NULL, 0} diff -r f3ca5ebc319a -r d58c478bd399 common-kex.c --- a/common-kex.c Tue Sep 23 16:02:51 2008 +0000 +++ b/common-kex.c Mon Sep 29 02:23:04 2008 +0000 @@ -331,12 +331,26 @@ } #ifndef DISABLE_ZLIB + +int is_compress_trans() { + return ses.keys->trans_algo_comp == DROPBEAR_COMP_ZLIB + || (ses.authstate.authdone + && ses.keys->trans_algo_comp == DROPBEAR_COMP_ZLIB_DELAY); +} + +int is_compress_recv() { + return ses.keys->recv_algo_comp == DROPBEAR_COMP_ZLIB + || (ses.authstate.authdone + && ses.keys->recv_algo_comp == DROPBEAR_COMP_ZLIB_DELAY); +} + /* Set up new zlib compression streams, close the old ones. Only * called from gen_new_keys() */ static void gen_new_zstreams() { /* create new zstreams */ - if (ses.newkeys->recv_algo_comp == DROPBEAR_COMP_ZLIB) { + if (ses.newkeys->recv_algo_comp == DROPBEAR_COMP_ZLIB + || ses.newkeys->recv_algo_comp == DROPBEAR_COMP_ZLIB_DELAY) { ses.newkeys->recv_zstream = (z_streamp)m_malloc(sizeof(z_stream)); ses.newkeys->recv_zstream->zalloc = Z_NULL; ses.newkeys->recv_zstream->zfree = Z_NULL; @@ -348,7 +362,8 @@ ses.newkeys->recv_zstream = NULL; } - if (ses.newkeys->trans_algo_comp == DROPBEAR_COMP_ZLIB) { + if (ses.newkeys->trans_algo_comp == DROPBEAR_COMP_ZLIB + || ses.newkeys->trans_algo_comp == DROPBEAR_COMP_ZLIB_DELAY) { ses.newkeys->trans_zstream = (z_streamp)m_malloc(sizeof(z_stream)); ses.newkeys->trans_zstream->zalloc = Z_NULL; ses.newkeys->trans_zstream->zfree = Z_NULL; @@ -360,7 +375,7 @@ } else { ses.newkeys->trans_zstream = NULL; } - + /* clean up old keys */ if (ses.keys->recv_zstream != NULL) { if (inflateEnd(ses.keys->recv_zstream) == Z_STREAM_ERROR) { @@ -377,7 +392,7 @@ m_free(ses.keys->trans_zstream); } } -#endif +#endif /* DISABLE_ZLIB */ /* Executed upon receiving a kexinit message from the client to initiate diff -r f3ca5ebc319a -r d58c478bd399 dbclient.1 --- a/dbclient.1 Tue Sep 23 16:02:51 2008 +0000 +++ b/dbclient.1 Mon Sep 29 02:23:04 2008 +0000 @@ -10,6 +10,7 @@ .I l\fR:\fIh\fR:\fIr\fR] [\-l .IR user ] .I host +.RI [ command ] .SH DESCRIPTION .B dbclient is a SSH 2 client designed to be small enough to be used in small memory diff -r f3ca5ebc319a -r d58c478bd399 kex.h --- a/kex.h Tue Sep 23 16:02:51 2008 +0000 +++ b/kex.h Mon Sep 29 02:23:04 2008 +0000 @@ -37,6 +37,11 @@ void kexdh_comb_key(mp_int *dh_pub_us, mp_int *dh_priv, mp_int *dh_pub_them, sign_key *hostkey); +#ifndef DISABLE_ZLIB +int is_compress_trans(); +int is_compress_recv(); +#endif + void recv_msg_kexdh_init(); /* server */ void send_msg_kexdh_init(); /* client */ diff -r f3ca5ebc319a -r d58c478bd399 packet.c --- a/packet.c Tue Sep 23 16:02:51 2008 +0000 +++ b/packet.c Mon Sep 29 02:23:04 2008 +0000 @@ -290,10 +290,9 @@ buf_setpos(ses.decryptreadbuf, PACKET_PAYLOAD_OFF); #ifndef DISABLE_ZLIB - if (ses.keys->recv_algo_comp == DROPBEAR_COMP_ZLIB) { + if (is_compress_recv()) { /* decompress */ ses.payload = buf_decompress(ses.decryptreadbuf, len); - } else #endif { @@ -469,6 +468,7 @@ buffer * writebuf; /* the packet which will go on the wire */ buffer * clearwritebuf; /* unencrypted, possibly compressed */ unsigned char type; + unsigned int clear_len; type = ses.writepayload->data[0]; TRACE(("enter encrypt_packet()")) @@ -488,11 +488,12 @@ /* Encrypted packet len is payload+5, then worst case is if we are 3 away * from a blocksize multiple. In which case we need to pad to the * multiple, then add another blocksize (or MIN_PACKET_LEN) */ - clearwritebuf = buf_new((ses.writepayload->len+4+1) + MIN_PACKET_LEN + 3 + clear_len = (ses.writepayload->len+4+1) + MIN_PACKET_LEN + 3; + #ifndef DISABLE_ZLIB - + ZLIB_COMPRESS_INCR /* bit of a kludge, but we can't know len*/ + clear_len += ZLIB_COMPRESS_INCR; /* bit of a kludge, but we can't know len*/ #endif - ); + clearwritebuf = buf_new(clear_len); buf_setlen(clearwritebuf, PACKET_PAYLOAD_OFF); buf_setpos(clearwritebuf, PACKET_PAYLOAD_OFF); @@ -500,7 +501,7 @@ #ifndef DISABLE_ZLIB /* compression */ - if (ses.keys->trans_algo_comp == DROPBEAR_COMP_ZLIB) { + if (is_compress_trans()) { buf_compress(clearwritebuf, ses.writepayload, ses.writepayload->len); } else #endif diff -r f3ca5ebc319a -r d58c478bd399 session.h --- a/session.h Tue Sep 23 16:02:51 2008 +0000 +++ b/session.h Mon Sep 29 02:23:04 2008 +0000 @@ -71,6 +71,8 @@ char recv_algo_comp; /* compression */ char trans_algo_comp; + int allow_compress; /* whether compression has started (useful in + zlib@openssh.com delayed compression case) */ #ifndef DISABLE_ZLIB z_streamp recv_zstream; z_streamp trans_zstream; diff -r f3ca5ebc319a -r d58c478bd399 svr-auth.c --- a/svr-auth.c Tue Sep 23 16:02:51 2008 +0000 +++ b/svr-auth.c Mon Sep 29 02:23:04 2008 +0000 @@ -368,6 +368,8 @@ buf_putbyte(ses.writepayload, SSH_MSG_USERAUTH_SUCCESS); encrypt_packet(); + /* authdone must be set after encrypt_packet() for + * delayed-zlib mode */ ses.authstate.authdone = 1; ses.connect_time = 0; diff -r f3ca5ebc319a -r d58c478bd399 sysoptions.h --- a/sysoptions.h Tue Sep 23 16:02:51 2008 +0000 +++ b/sysoptions.h Mon Sep 29 02:23:04 2008 +0000 @@ -68,6 +68,7 @@ #define DROPBEAR_COMP_NONE 0 #define DROPBEAR_COMP_ZLIB 1 +#define DROPBEAR_COMP_ZLIB_DELAY 2 /* Required for pubkey auth */ #if defined(ENABLE_SVR_PUBKEY_AUTH) || defined(DROPBEAR_CLIENT)