changeset 937:4ad38e223ccd

Send a failure response if a client receives a global request
author Matt Johnston <matt@ucc.asn.au>
date Tue, 08 Jul 2014 21:59:36 +0800
parents d93a6bcf616f
children c88dce72f6d2
files channel.h cli-session.c common-channel.c svr-tcpfwd.c
diffstat 4 files changed, 24 insertions(+), 18 deletions(-) [+]
line wrap: on
line diff
--- a/channel.h	Wed Jun 25 23:42:39 2014 +0800
+++ b/channel.h	Tue Jul 08 21:59:36 2014 +0800
@@ -129,4 +129,7 @@
 void recv_msg_channel_open_failure();
 #endif
 
+void send_msg_request_success();
+void send_msg_request_failure();
+
 #endif /* _CHANNEL_H_ */
--- a/cli-session.c	Wed Jun 25 23:42:39 2014 +0800
+++ b/cli-session.c	Tue Jul 08 21:59:36 2014 +0800
@@ -44,6 +44,7 @@
 static void cli_finished();
 static void recv_msg_service_accept(void);
 static void cli_session_cleanup(void);
+static void recv_msg_global_request_cli(void);
 
 struct clientsession cli_ses; /* GLOBAL */
 
@@ -68,6 +69,7 @@
 	{SSH_MSG_CHANNEL_OPEN_FAILURE, recv_msg_channel_open_failure},
 	{SSH_MSG_USERAUTH_BANNER, recv_msg_userauth_banner}, /* client */
 	{SSH_MSG_USERAUTH_SPECIFIC_60, recv_msg_userauth_specific_60}, /* client */
+	{SSH_MSG_GLOBAL_REQUEST, recv_msg_global_request_cli},
 #ifdef  ENABLE_CLI_REMOTETCPFWD
 	{SSH_MSG_REQUEST_SUCCESS, cli_recv_msg_request_success}, /* client */
 	{SSH_MSG_REQUEST_FAILURE, cli_recv_msg_request_failure}, /* client */
@@ -366,3 +368,9 @@
 	/* Null terminate */
 	dirtytext[j] = '\0';
 }
+
+static void recv_msg_global_request_cli(void) {
+	TRACE(("recv_msg_global_request_cli"))
+	/* Send a proper rejection */
+	send_msg_request_failure();
+}
--- a/common-channel.c	Wed Jun 25 23:42:39 2014 +0800
+++ b/common-channel.c	Tue Jul 08 21:59:36 2014 +0800
@@ -1099,3 +1099,16 @@
 	remove_channel(channel);
 }
 #endif /* USING_LISTENERS */
+
+void send_msg_request_success() {
+	CHECKCLEARTOWRITE();
+	buf_putbyte(ses.writepayload, SSH_MSG_REQUEST_SUCCESS);
+	encrypt_packet();
+}
+
+void send_msg_request_failure() {
+	CHECKCLEARTOWRITE();
+	buf_putbyte(ses.writepayload, SSH_MSG_REQUEST_FAILURE);
+	encrypt_packet();
+}
+
--- a/svr-tcpfwd.c	Wed Jun 25 23:42:39 2014 +0800
+++ b/svr-tcpfwd.c	Tue Jul 08 21:59:36 2014 +0800
@@ -34,14 +34,6 @@
 #include "runopts.h"
 #include "auth.h"
 
-static void send_msg_request_failure();
-
-static void send_msg_request_failure() {
-	CHECKCLEARTOWRITE();
-	buf_putbyte(ses.writepayload, SSH_MSG_REQUEST_FAILURE);
-	encrypt_packet();
-}
-
 #ifndef ENABLE_SVR_REMOTETCPFWD
 
 /* This is better than SSH_MSG_UNIMPLEMENTED */
@@ -53,7 +45,6 @@
 /* */
 #endif /* !ENABLE_SVR_REMOTETCPFWD */
 
-static void send_msg_request_success();
 static int svr_cancelremotetcp();
 static int svr_remotetcpreq();
 static int newtcpdirect(struct Channel * channel);
@@ -115,15 +106,6 @@
 	TRACE(("leave recv_msg_global_request"))
 }
 
-
-static void send_msg_request_success() {
-
-	CHECKCLEARTOWRITE();
-	buf_putbyte(ses.writepayload, SSH_MSG_REQUEST_SUCCESS);
-	encrypt_packet();
-
-}
-
 static int matchtcp(void* typedata1, void* typedata2) {
 
 	const struct TCPListener *info1 = (struct TCPListener*)typedata1;