]> andersk Git - openssh.git/blame - packet.c
andersk / openssh.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
- Merged very large OpenBSD source code reformat
[openssh.git] / packet.c
CommitLineData
8efc0c15 1/*
5260325f 2 *
3 * packet.c
4 *
5 * Author: Tatu Ylonen <ylo@cs.hut.fi>
6 *
7 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
8 * All rights reserved
9 *
10 * Created: Sat Mar 18 02:40:40 1995 ylo
11 *
12 * This file contains code implementing the packet protocol and communication
13 * with the other side. This same code is used both on client and server side.
14 *
15 */
8efc0c15 16
17#include "includes.h"
18RCSID("$Id$");
19
20#include "xmalloc.h"
21#include "buffer.h"
22#include "packet.h"
23#include "bufaux.h"
24#include "ssh.h"
25#include "crc32.h"
26#include "cipher.h"
27#include "getput.h"
28
29#include "compress.h"
30#include "deattack.h"
31
32/* This variable contains the file descriptors used for communicating with
33 the other side. connection_in is used for reading; connection_out
34 for writing. These can be the same descriptor, in which case it is
35 assumed to be a socket. */
36static int connection_in = -1;
37static int connection_out = -1;
38
39/* Cipher type. This value is only used to determine whether to pad the
40 packets with zeroes or random data. */
41static int cipher_type = SSH_CIPHER_NONE;
42
43/* Protocol flags for the remote side. */
44static unsigned int remote_protocol_flags = 0;
45
46/* Encryption context for receiving data. This is only used for decryption. */
47static CipherContext receive_context;
5260325f 48
49/* Encryption context for sending data. This is only used for encryption. */
8efc0c15 50static CipherContext send_context;
51
52/* Buffer for raw input data from the socket. */
53static Buffer input;
54
55/* Buffer for raw output data going to the socket. */
56static Buffer output;
57
58/* Buffer for the partial outgoing packet being constructed. */
59static Buffer outgoing_packet;
60
61/* Buffer for the incoming packet currently being processed. */
62static Buffer incoming_packet;
63
64/* Scratch buffer for packet compression/decompression. */
65static Buffer compression_buffer;
66
67/* Flag indicating whether packet compression/decompression is enabled. */
68static int packet_compression = 0;
69
9d6b7add 70/* default maximum packet size */
71int max_packet_size = 32768;
72
8efc0c15 73/* Flag indicating whether this module has been initialized. */
74static int initialized = 0;
75
76/* Set to true if the connection is interactive. */
77static int interactive_mode = 0;
78
79/* Sets the descriptors used for communication. Disables encryption until
80 packet_set_encryption_key is called. */
81
82void
83packet_set_connection(int fd_in, int fd_out)
84{
5260325f 85 connection_in = fd_in;
86 connection_out = fd_out;
87 cipher_type = SSH_CIPHER_NONE;
88 cipher_set_key(&send_context, SSH_CIPHER_NONE, (unsigned char *) "", 0, 1);
89 cipher_set_key(&receive_context, SSH_CIPHER_NONE, (unsigned char *) "", 0, 0);
90 if (!initialized) {
91 initialized = 1;
92 buffer_init(&input);
93 buffer_init(&output);
94 buffer_init(&outgoing_packet);
95 buffer_init(&incoming_packet);
96 }
97 /* Kludge: arrange the close function to be called from fatal(). */
98 fatal_add_cleanup((void (*) (void *)) packet_close, NULL);
8efc0c15 99}
100
101/* Sets the connection into non-blocking mode. */
102
103void
104packet_set_nonblocking()
105{
5260325f 106 /* Set the socket into non-blocking mode. */
107 if (fcntl(connection_in, F_SETFL, O_NONBLOCK) < 0)
108 error("fcntl O_NONBLOCK: %.100s", strerror(errno));
8efc0c15 109
5260325f 110 if (connection_out != connection_in) {
111 if (fcntl(connection_out, F_SETFL, O_NONBLOCK) < 0)
112 error("fcntl O_NONBLOCK: %.100s", strerror(errno));
113 }
8efc0c15 114}
115
116/* Returns the socket used for reading. */
117
118int
119packet_get_connection_in()
120{
5260325f 121 return connection_in;
8efc0c15 122}
123
124/* Returns the descriptor used for writing. */
125
126int
127packet_get_connection_out()
128{
5260325f 129 return connection_out;
8efc0c15 130}
131
132/* Closes the connection and clears and frees internal data structures. */
133
134void
135packet_close()
136{
5260325f 137 if (!initialized)
138 return;
139 initialized = 0;
140 if (connection_in == connection_out) {
141 shutdown(connection_out, SHUT_RDWR);
142 close(connection_out);
143 } else {
144 close(connection_in);
145 close(connection_out);
146 }
147 buffer_free(&input);
148 buffer_free(&output);
149 buffer_free(&outgoing_packet);
150 buffer_free(&incoming_packet);
151 if (packet_compression) {
152 buffer_free(&compression_buffer);
153 buffer_compress_uninit();
154 }
8efc0c15 155}
156
157/* Sets remote side protocol flags. */
158
159void
160packet_set_protocol_flags(unsigned int protocol_flags)
161{
5260325f 162 remote_protocol_flags = protocol_flags;
163 channel_set_options((protocol_flags & SSH_PROTOFLAG_HOST_IN_FWD_OPEN) != 0);
8efc0c15 164}
165
166/* Returns the remote protocol flags set earlier by the above function. */
167
168unsigned int
169packet_get_protocol_flags()
170{
5260325f 171 return remote_protocol_flags;
8efc0c15 172}
173
5260325f 174/* Starts packet compression from the next packet on in both directions.
8efc0c15 175 Level is compression level 1 (fastest) - 9 (slow, best) as in gzip. */
176
177void
178packet_start_compression(int level)
179{
5260325f 180 if (packet_compression)
181 fatal("Compression already enabled.");
182 packet_compression = 1;
183 buffer_init(&compression_buffer);
184 buffer_compress_init(level);
8efc0c15 185}
186
187/* Encrypts the given number of bytes, copying from src to dest.
188 bytes is known to be a multiple of 8. */
189
190void
5260325f 191packet_encrypt(CipherContext * cc, void *dest, void *src,
8efc0c15 192 unsigned int bytes)
193{
5260325f 194 cipher_encrypt(cc, dest, src, bytes);
8efc0c15 195}
196
197/* Decrypts the given number of bytes, copying from src to dest.
198 bytes is known to be a multiple of 8. */
199
200void
5260325f 201packet_decrypt(CipherContext * cc, void *dest, void *src,
8efc0c15 202 unsigned int bytes)
203{
5260325f 204 int i;
205
206 if ((bytes % 8) != 0)
207 fatal("packet_decrypt: bad ciphertext length %d", bytes);
208
209 /* Cryptographic attack detector for ssh - Modifications for packet.c
210 (C)1998 CORE-SDI, Buenos Aires Argentina Ariel Futoransky(futo@core-sdi.com) */
211
212 switch (cc->type) {
213 case SSH_CIPHER_NONE:
214 i = DEATTACK_OK;
215 break;
216 default:
217 i = detect_attack(src, bytes, NULL);
218 break;
219 }
220
221 if (i == DEATTACK_DETECTED)
222 packet_disconnect("crc32 compensation attack: network attack detected");
223
224 cipher_decrypt(cc, dest, src, bytes);
8efc0c15 225}
226
227/* Causes any further packets to be encrypted using the given key. The same
228 key is used for both sending and reception. However, both directions
229 are encrypted independently of each other. */
230
231void
232packet_set_encryption_key(const unsigned char *key, unsigned int keylen,
4d195447 233 int cipher)
8efc0c15 234{
5260325f 235 /* All other ciphers use the same key in both directions for now. */
236 cipher_set_key(&receive_context, cipher, key, keylen, 0);
237 cipher_set_key(&send_context, cipher, key, keylen, 1);
8efc0c15 238}
239
240/* Starts constructing a packet to send. */
241
242void
243packet_start(int type)
244{
5260325f 245 char buf[9];
8efc0c15 246
5260325f 247 buffer_clear(&outgoing_packet);
248 memset(buf, 0, 8);
249 buf[8] = type;
250 buffer_append(&outgoing_packet, buf, 9);
8efc0c15 251}
252
253/* Appends a character to the packet data. */
254
255void
256packet_put_char(int value)
257{
5260325f 258 char ch = value;
259 buffer_append(&outgoing_packet, &ch, 1);
8efc0c15 260}
261
262/* Appends an integer to the packet data. */
263
264void
265packet_put_int(unsigned int value)
266{
5260325f 267 buffer_put_int(&outgoing_packet, value);
8efc0c15 268}
269
270/* Appends a string to packet data. */
271
272void
273packet_put_string(const char *buf, unsigned int len)
274{
5260325f 275 buffer_put_string(&outgoing_packet, buf, len);
8efc0c15 276}
277
278/* Appends an arbitrary precision integer to packet data. */
279
280void
5260325f 281packet_put_bignum(BIGNUM * value)
8efc0c15 282{
5260325f 283 buffer_put_bignum(&outgoing_packet, value);
8efc0c15 284}
285
286/* Finalizes and sends the packet. If the encryption key has been set,
287 encrypts the packet before sending. */
5260325f 288
8efc0c15 289void
290packet_send()
291{
5260325f 292 char buf[8], *cp;
293 int i, padding, len;
294 unsigned int checksum;
295 u_int32_t rand = 0;
296
297 /* If using packet compression, compress the payload of the
298 outgoing packet. */
299 if (packet_compression) {
300 buffer_clear(&compression_buffer);
301 /* Skip padding. */
302 buffer_consume(&outgoing_packet, 8);
303 /* padding */
304 buffer_append(&compression_buffer, "\0\0\0\0\0\0\0\0", 8);
305 buffer_compress(&outgoing_packet, &compression_buffer);
306 buffer_clear(&outgoing_packet);
307 buffer_append(&outgoing_packet, buffer_ptr(&compression_buffer),
308 buffer_len(&compression_buffer));
309 }
310 /* Compute packet length without padding (add checksum, remove padding). */
311 len = buffer_len(&outgoing_packet) + 4 - 8;
312
313 /* Insert padding. */
314 padding = 8 - len % 8;
315 if (cipher_type != SSH_CIPHER_NONE) {
316 cp = buffer_ptr(&outgoing_packet);
317 for (i = 0; i < padding; i++) {
318 if (i % 4 == 0)
319 rand = arc4random();
320 cp[7 - i] = rand & 0xff;
321 rand >>= 8;
322 }
323 }
324 buffer_consume(&outgoing_packet, 8 - padding);
325
326 /* Add check bytes. */
327 checksum = crc32((unsigned char *) buffer_ptr(&outgoing_packet),
328 buffer_len(&outgoing_packet));
329 PUT_32BIT(buf, checksum);
330 buffer_append(&outgoing_packet, buf, 4);
8efc0c15 331
332#ifdef PACKET_DEBUG
5260325f 333 fprintf(stderr, "packet_send plain: ");
334 buffer_dump(&outgoing_packet);
8efc0c15 335#endif
336
5260325f 337 /* Append to output. */
338 PUT_32BIT(buf, len);
339 buffer_append(&output, buf, 4);
340 buffer_append_space(&output, &cp, buffer_len(&outgoing_packet));
341 packet_encrypt(&send_context, cp, buffer_ptr(&outgoing_packet),
342 buffer_len(&outgoing_packet));
343
8efc0c15 344#ifdef PACKET_DEBUG
5260325f 345 fprintf(stderr, "encrypted: ");
346 buffer_dump(&output);
8efc0c15 347#endif
348
5260325f 349 buffer_clear(&outgoing_packet);
8efc0c15 350
5260325f 351 /* Note that the packet is now only buffered in output. It won\'t
352 be actually sent until packet_write_wait or packet_write_poll
353 is called. */
8efc0c15 354}
355
356/* Waits until a packet has been received, and returns its type. Note that
357 no other data is processed until this returns, so this function should
358 not be used during the interactive session. */
359
360int
361packet_read(int *payload_len_ptr)
362{
5260325f 363 int type, len;
364 fd_set set;
365 char buf[8192];
366
367 /* Since we are blocking, ensure that all written packets have been sent. */
368 packet_write_wait();
369
370 /* Stay in the loop until we have received a complete packet. */
371 for (;;) {
372 /* Try to read a packet from the buffer. */
373 type = packet_read_poll(payload_len_ptr);
374 if (type == SSH_SMSG_SUCCESS
375 || type == SSH_SMSG_FAILURE
376 || type == SSH_CMSG_EOF
377 || type == SSH_CMSG_EXIT_CONFIRMATION)
378 packet_integrity_check(*payload_len_ptr, 0, type);
379 /* If we got a packet, return it. */
380 if (type != SSH_MSG_NONE)
381 return type;
382 /* Otherwise, wait for some data to arrive, add it to the
383 buffer, and try again. */
384 FD_ZERO(&set);
385 FD_SET(connection_in, &set);
386 /* Wait for some data to arrive. */
387 select(connection_in + 1, &set, NULL, NULL, NULL);
388 /* Read data from the socket. */
389 len = read(connection_in, buf, sizeof(buf));
390 if (len == 0)
391 fatal("Connection closed by %.200s", get_remote_ipaddr());
392 if (len < 0)
393 fatal("Read from socket failed: %.100s", strerror(errno));
394 /* Append it to the buffer. */
395 packet_process_incoming(buf, len);
396 }
397 /* NOTREACHED */
8efc0c15 398}
399
400/* Waits until a packet has been received, verifies that its type matches
401 that given, and gives a fatal error and exits if there is a mismatch. */
402
403void
404packet_read_expect(int *payload_len_ptr, int expected_type)
405{
5260325f 406 int type;
8efc0c15 407
5260325f 408 type = packet_read(payload_len_ptr);
409 if (type != expected_type)
410 packet_disconnect("Protocol error: expected packet type %d, got %d",
411 expected_type, type);
8efc0c15 412}
413
414/* Checks if a full packet is available in the data received so far via
5260325f 415 * packet_process_incoming. If so, reads the packet; otherwise returns
416 * SSH_MSG_NONE. This does not wait for data from the connection.
417 *
418 * SSH_MSG_DISCONNECT is handled specially here. Also,
419 * SSH_MSG_IGNORE messages are skipped by this function and are never returned
420 * to higher levels.
421 *
422 * The returned payload_len does include space consumed by:
423 * Packet length
424 * Padding
425 * Packet type
426 * Check bytes
427 */
8efc0c15 428
429int
430packet_read_poll(int *payload_len_ptr)
431{
5260325f 432 unsigned int len, padded_len;
433 unsigned char *ucp;
434 char buf[8], *cp;
435 unsigned int checksum, stored_checksum;
436
437restart:
438
439 /* Check if input size is less than minimum packet size. */
440 if (buffer_len(&input) < 4 + 8)
441 return SSH_MSG_NONE;
442 /* Get length of incoming packet. */
443 ucp = (unsigned char *) buffer_ptr(&input);
444 len = GET_32BIT(ucp);
445 if (len < 1 + 2 + 2 || len > 256 * 1024)
446 packet_disconnect("Bad packet length %d.", len);
447 padded_len = (len + 8) & ~7;
448
449 /* Check if the packet has been entirely received. */
450 if (buffer_len(&input) < 4 + padded_len)
451 return SSH_MSG_NONE;
452
453 /* The entire packet is in buffer. */
454
455 /* Consume packet length. */
456 buffer_consume(&input, 4);
457
458 /* Copy data to incoming_packet. */
459 buffer_clear(&incoming_packet);
460 buffer_append_space(&incoming_packet, &cp, padded_len);
461 packet_decrypt(&receive_context, cp, buffer_ptr(&input), padded_len);
462 buffer_consume(&input, padded_len);
8efc0c15 463
464#ifdef PACKET_DEBUG
5260325f 465 fprintf(stderr, "read_poll plain: ");
466 buffer_dump(&incoming_packet);
8efc0c15 467#endif
5260325f 468
469 /* Compute packet checksum. */
470 checksum = crc32((unsigned char *) buffer_ptr(&incoming_packet),
471 buffer_len(&incoming_packet) - 4);
472
473 /* Skip padding. */
474 buffer_consume(&incoming_packet, 8 - len % 8);
475
476 /* Test check bytes. */
477
478 if (len != buffer_len(&incoming_packet))
479 packet_disconnect("packet_read_poll: len %d != buffer_len %d.",
480 len, buffer_len(&incoming_packet));
481
482 ucp = (unsigned char *) buffer_ptr(&incoming_packet) + len - 4;
483 stored_checksum = GET_32BIT(ucp);
484 if (checksum != stored_checksum)
485 packet_disconnect("Corrupted check bytes on input.");
486 buffer_consume_end(&incoming_packet, 4);
487
488 /* If using packet compression, decompress the packet. */
489 if (packet_compression) {
490 buffer_clear(&compression_buffer);
491 buffer_uncompress(&incoming_packet, &compression_buffer);
492 buffer_clear(&incoming_packet);
493 buffer_append(&incoming_packet, buffer_ptr(&compression_buffer),
494 buffer_len(&compression_buffer));
495 }
496 /* Get packet type. */
497 buffer_get(&incoming_packet, &buf[0], 1);
498
499 /* Return length of payload (without type field). */
500 *payload_len_ptr = buffer_len(&incoming_packet);
501
502 /* Handle disconnect message. */
503 if ((unsigned char) buf[0] == SSH_MSG_DISCONNECT)
504 fatal("Received disconnect: %.900s", packet_get_string(NULL));
505
506 /* Ignore ignore messages. */
507 if ((unsigned char) buf[0] == SSH_MSG_IGNORE)
508 goto restart;
509
510 /* Send debug messages as debugging output. */
511 if ((unsigned char) buf[0] == SSH_MSG_DEBUG) {
512 debug("Remote: %.900s", packet_get_string(NULL));
513 goto restart;
514 }
515 /* Return type. */
516 return (unsigned char) buf[0];
517}
518
8efc0c15 519/* Buffers the given amount of input characters. This is intended to be
520 used together with packet_read_poll. */
521
522void
523packet_process_incoming(const char *buf, unsigned int len)
524{
5260325f 525 buffer_append(&input, buf, len);
8efc0c15 526}
527
528/* Returns a character from the packet. */
529
530unsigned int
531packet_get_char()
532{
5260325f 533 char ch;
534 buffer_get(&incoming_packet, &ch, 1);
535 return (unsigned char) ch;
8efc0c15 536}
537
538/* Returns an integer from the packet data. */
539
540unsigned int
541packet_get_int()
542{
5260325f 543 return buffer_get_int(&incoming_packet);
8efc0c15 544}
545
546/* Returns an arbitrary precision integer from the packet data. The integer
547 must have been initialized before this call. */
548
549void
5260325f 550packet_get_bignum(BIGNUM * value, int *length_ptr)
8efc0c15 551{
5260325f 552 *length_ptr = buffer_get_bignum(&incoming_packet, value);
8efc0c15 553}
554
555/* Returns a string from the packet data. The string is allocated using
556 xmalloc; it is the responsibility of the calling program to free it when
557 no longer needed. The length_ptr argument may be NULL, or point to an
558 integer into which the length of the string is stored. */
559
560char
5260325f 561*
562packet_get_string(unsigned int *length_ptr)
8efc0c15 563{
5260325f 564 return buffer_get_string(&incoming_packet, length_ptr);
8efc0c15 565}
566
567/* Sends a diagnostic message from the server to the client. This message
568 can be sent at any time (but not while constructing another message).
569 The message is printed immediately, but only if the client is being
570 executed in verbose mode. These messages are primarily intended to
571 ease debugging authentication problems. The length of the formatted
572 message must not exceed 1024 bytes. This will automatically call
573 packet_write_wait. */
574
575void
5260325f 576packet_send_debug(const char *fmt,...)
8efc0c15 577{
5260325f 578 char buf[1024];
579 va_list args;
580
581 va_start(args, fmt);
582 vsnprintf(buf, sizeof(buf), fmt, args);
583 va_end(args);
584
585 packet_start(SSH_MSG_DEBUG);
586 packet_put_string(buf, strlen(buf));
587 packet_send();
588 packet_write_wait();
8efc0c15 589}
590
591/* Logs the error plus constructs and sends a disconnect
592 packet, closes the connection, and exits. This function never returns.
593 The error message should not contain a newline. The length of the
594 formatted message must not exceed 1024 bytes. */
595
596void
5260325f 597packet_disconnect(const char *fmt,...)
598{
599 char buf[1024];
600 va_list args;
601 static int disconnecting = 0;
602 if (disconnecting) /* Guard against recursive invocations. */
603 fatal("packet_disconnect called recursively.");
604 disconnecting = 1;
605
606 /* Format the message. Note that the caller must make sure the
607 message is of limited size. */
608 va_start(args, fmt);
609 vsnprintf(buf, sizeof(buf), fmt, args);
610 va_end(args);
611
612 /* Send the disconnect message to the other side, and wait for it to get sent. */
613 packet_start(SSH_MSG_DISCONNECT);
614 packet_put_string(buf, strlen(buf));
615 packet_send();
616 packet_write_wait();
617
618 /* Stop listening for connections. */
619 channel_stop_listening();
620
621 /* Close the connection. */
622 packet_close();
623
624 /* Display the error locally and exit. */
625 fatal("Disconnecting: %.100s", buf);
8efc0c15 626}
627
628/* Checks if there is any buffered output, and tries to write some of the
629 output. */
630
631void
632packet_write_poll()
633{
5260325f 634 int len = buffer_len(&output);
635 if (len > 0) {
636 len = write(connection_out, buffer_ptr(&output), len);
637 if (len <= 0) {
638 if (errno == EAGAIN)
639 return;
640 else
641 fatal("Write failed: %.100s", strerror(errno));
642 }
643 buffer_consume(&output, len);
644 }
8efc0c15 645}
646
647/* Calls packet_write_poll repeatedly until all pending output data has
648 been written. */
649
650void
651packet_write_wait()
652{
5260325f 653 packet_write_poll();
654 while (packet_have_data_to_write()) {
655 fd_set set;
656 FD_ZERO(&set);
657 FD_SET(connection_out, &set);
658 select(connection_out + 1, NULL, &set, NULL, NULL);
659 packet_write_poll();
660 }
8efc0c15 661}
662
663/* Returns true if there is buffered data to write to the connection. */
664
665int
666packet_have_data_to_write()
667{
5260325f 668 return buffer_len(&output) != 0;
8efc0c15 669}
670
671/* Returns true if there is not too much data to write to the connection. */
672
673int
674packet_not_very_much_data_to_write()
675{
5260325f 676 if (interactive_mode)
677 return buffer_len(&output) < 16384;
678 else
679 return buffer_len(&output) < 128 * 1024;
8efc0c15 680}
681
682/* Informs that the current session is interactive. Sets IP flags for that. */
683
684void
685packet_set_interactive(int interactive, int keepalives)
686{
5260325f 687 int on = 1;
688
689 /* Record that we are in interactive mode. */
690 interactive_mode = interactive;
691
692 /* Only set socket options if using a socket (as indicated by the
693 descriptors being the same). */
694 if (connection_in != connection_out)
695 return;
696
697 if (keepalives) {
698 /* Set keepalives if requested. */
699 if (setsockopt(connection_in, SOL_SOCKET, SO_KEEPALIVE, (void *) &on,
700 sizeof(on)) < 0)
701 error("setsockopt SO_KEEPALIVE: %.100s", strerror(errno));
702 }
703 if (interactive) {
704 /* Set IP options for an interactive connection. Use
705 IPTOS_LOWDELAY and TCP_NODELAY. */
706 int lowdelay = IPTOS_LOWDELAY;
707 if (setsockopt(connection_in, IPPROTO_IP, IP_TOS, (void *) &lowdelay,
708 sizeof(lowdelay)) < 0)
709 error("setsockopt IPTOS_LOWDELAY: %.100s", strerror(errno));
710 if (setsockopt(connection_in, IPPROTO_TCP, TCP_NODELAY, (void *) &on,
711 sizeof(on)) < 0)
712 error("setsockopt TCP_NODELAY: %.100s", strerror(errno));
713 } else {
714 /* Set IP options for a non-interactive connection. Use
715 IPTOS_THROUGHPUT. */
716 int throughput = IPTOS_THROUGHPUT;
717 if (setsockopt(connection_in, IPPROTO_IP, IP_TOS, (void *) &throughput,
718 sizeof(throughput)) < 0)
719 error("setsockopt IPTOS_THROUGHPUT: %.100s", strerror(errno));
720 }
8efc0c15 721}
722
723/* Returns true if the current connection is interactive. */
724
725int
726packet_is_interactive()
727{
5260325f 728 return interactive_mode;
8efc0c15 729}
9d6b7add 730
731int
732packet_set_maxsize(int s)
733{
5260325f 734 static int called = 0;
735 if (called) {
736 log("packet_set_maxsize: called twice: old %d new %d", max_packet_size, s);
737 return -1;
738 }
739 if (s < 4 * 1024 || s > 1024 * 1024) {
740 log("packet_set_maxsize: bad size %d", s);
741 return -1;
742 }
743 log("packet_set_maxsize: setting to %d", s);
744 max_packet_size = s;
745 return s;
9d6b7add 746}
git-cvsimport mirror of OpenSSH
This page took 2.023536 seconds and 5 git commands to generate.