Mercurial > dropbear
changeset 937:4ad38e223ccd
Send a failure response if a client receives a global request
| author | Matt Johnston <matt@ucc.asn.au> |
|---|---|
| date | Tue, 08 Jul 2014 21:59:36 +0800 |
| parents | d93a6bcf616f |
| children | c88dce72f6d2 |
| files | channel.h cli-session.c common-channel.c svr-tcpfwd.c |
| diffstat | 4 files changed, 24 insertions(+), 18 deletions(-) [+] |
line wrap: on
line diff
--- a/channel.h Wed Jun 25 23:42:39 2014 +0800 +++ b/channel.h Tue Jul 08 21:59:36 2014 +0800 @@ -129,4 +129,7 @@ void recv_msg_channel_open_failure(); #endif +void send_msg_request_success(); +void send_msg_request_failure(); + #endif /* _CHANNEL_H_ */
--- a/cli-session.c Wed Jun 25 23:42:39 2014 +0800 +++ b/cli-session.c Tue Jul 08 21:59:36 2014 +0800 @@ -44,6 +44,7 @@ static void cli_finished(); static void recv_msg_service_accept(void); static void cli_session_cleanup(void); +static void recv_msg_global_request_cli(void); struct clientsession cli_ses; /* GLOBAL */ @@ -68,6 +69,7 @@ {SSH_MSG_CHANNEL_OPEN_FAILURE, recv_msg_channel_open_failure}, {SSH_MSG_USERAUTH_BANNER, recv_msg_userauth_banner}, /* client */ {SSH_MSG_USERAUTH_SPECIFIC_60, recv_msg_userauth_specific_60}, /* client */ + {SSH_MSG_GLOBAL_REQUEST, recv_msg_global_request_cli}, #ifdef ENABLE_CLI_REMOTETCPFWD {SSH_MSG_REQUEST_SUCCESS, cli_recv_msg_request_success}, /* client */ {SSH_MSG_REQUEST_FAILURE, cli_recv_msg_request_failure}, /* client */ @@ -366,3 +368,9 @@ /* Null terminate */ dirtytext[j] = '\0'; } + +static void recv_msg_global_request_cli(void) { + TRACE(("recv_msg_global_request_cli")) + /* Send a proper rejection */ + send_msg_request_failure(); +}
--- a/common-channel.c Wed Jun 25 23:42:39 2014 +0800 +++ b/common-channel.c Tue Jul 08 21:59:36 2014 +0800 @@ -1099,3 +1099,16 @@ remove_channel(channel); } #endif /* USING_LISTENERS */ + +void send_msg_request_success() { + CHECKCLEARTOWRITE(); + buf_putbyte(ses.writepayload, SSH_MSG_REQUEST_SUCCESS); + encrypt_packet(); +} + +void send_msg_request_failure() { + CHECKCLEARTOWRITE(); + buf_putbyte(ses.writepayload, SSH_MSG_REQUEST_FAILURE); + encrypt_packet(); +} +
--- a/svr-tcpfwd.c Wed Jun 25 23:42:39 2014 +0800 +++ b/svr-tcpfwd.c Tue Jul 08 21:59:36 2014 +0800 @@ -34,14 +34,6 @@ #include "runopts.h" #include "auth.h" -static void send_msg_request_failure(); - -static void send_msg_request_failure() { - CHECKCLEARTOWRITE(); - buf_putbyte(ses.writepayload, SSH_MSG_REQUEST_FAILURE); - encrypt_packet(); -} - #ifndef ENABLE_SVR_REMOTETCPFWD /* This is better than SSH_MSG_UNIMPLEMENTED */ @@ -53,7 +45,6 @@ /* */ #endif /* !ENABLE_SVR_REMOTETCPFWD */ -static void send_msg_request_success(); static int svr_cancelremotetcp(); static int svr_remotetcpreq(); static int newtcpdirect(struct Channel * channel); @@ -115,15 +106,6 @@ TRACE(("leave recv_msg_global_request")) } - -static void send_msg_request_success() { - - CHECKCLEARTOWRITE(); - buf_putbyte(ses.writepayload, SSH_MSG_REQUEST_SUCCESS); - encrypt_packet(); - -} - static int matchtcp(void* typedata1, void* typedata2) { const struct TCPListener *info1 = (struct TCPListener*)typedata1;