*/
#include "includes.h"
-RCSID("$OpenBSD: packet.c,v 1.105 2003/04/02 09:48:07 markus Exp $");
+RCSID("$OpenBSD: packet.c,v 1.113 2004/05/11 19:01:43 deraadt Exp $");
-#include <sys/queue.h>
+#include "openbsd-compat/sys-queue.h"
#include "xmalloc.h"
#include "buffer.h"
static int packet_compression = 0;
/* default maximum packet size */
-int max_packet_size = 32768;
+u_int max_packet_size = 32768;
/* Flag indicating whether this module has been initialized. */
static int initialized = 0;
fatal("packet_set_connection: cannot load cipher 'none'");
connection_in = fd_in;
connection_out = fd_out;
- cipher_init(&send_context, none, "", 0, NULL, 0, CIPHER_ENCRYPT);
- cipher_init(&receive_context, none, "", 0, NULL, 0, CIPHER_DECRYPT);
+ cipher_init(&send_context, none, (const u_char *)"",
+ 0, NULL, 0, CIPHER_ENCRYPT);
+ cipher_init(&receive_context, none, (const u_char *)"",
+ 0, NULL, 0, CIPHER_DECRYPT);
newkeys[MODE_IN] = newkeys[MODE_OUT] = NULL;
if (!initialized) {
initialized = 1;
buffer_init(&incoming_packet);
TAILQ_INIT(&outgoing);
}
- /* Kludge: arrange the close function to be called from fatal(). */
- fatal_add_cleanup((void (*) (void *)) packet_close, NULL);
}
/* Returns 1 if remote host is connected via socket, 0 if not. */
cipher_set_keyiv(cc, dat);
}
int
-packet_get_ssh1_cipher()
+packet_get_ssh1_cipher(void)
{
return (cipher_get_number(receive_context.cipher));
}
if (to.ss_family == AF_INET)
return 1;
#ifdef IPV4_IN_IPV6
- if (to.ss_family == AF_INET6 &&
+ if (to.ss_family == AF_INET6 &&
IN6_IS_ADDR_V4MAPPED(&((struct sockaddr_in6 *)&to)->sin6_addr))
return 1;
#endif
buffer_compress_init_recv();
comp->enabled = 1;
}
- *max_blocks = ((u_int64_t)1 << (enc->block_size*2));
+ /*
+ * The 2^(blocksize*2) limit is too expensive for 3DES,
+ * blowfish, etc, so enforce a 1GB limit for small blocksizes.
+ */
+ if (enc->block_size >= 16)
+ *max_blocks = (u_int64_t)1 << (enc->block_size*2);
+ else
+ *max_blocks = ((u_int64_t)1 << 30) / enc->block_size;
if (rekey_limit)
*max_blocks = MIN(*max_blocks, rekey_limit / enc->block_size);
}
#endif
/* increment sequence number for outgoing packets */
if (++p_send.seqnr == 0)
- log("outgoing seqnr wraps around");
+ logit("outgoing seqnr wraps around");
if (++p_send.packets == 0)
if (!(datafellows & SSH_BUG_NOREKEY))
fatal("XXX too many packets with same key");
/* Read data from the socket. */
len = read(connection_in, buf, sizeof(buf));
if (len == 0) {
- log("Connection closed by %.200s", get_remote_ipaddr());
- fatal_cleanup();
+ logit("Connection closed by %.200s", get_remote_ipaddr());
+ cleanup_exit(255);
}
if (len < 0)
fatal("Read from socket failed: %.100s", strerror(errno));
cp = buffer_ptr(&incoming_packet);
packet_length = GET_32BIT(cp);
if (packet_length < 1 + 4 || packet_length > 256 * 1024) {
+#ifdef PACKET_DEBUG
buffer_dump(&incoming_packet);
+#endif
packet_disconnect("Bad packet length %u.", packet_length);
}
DBG(debug("input: packet len %u", packet_length+4));
if (seqnr_p != NULL)
*seqnr_p = p_read.seqnr;
if (++p_read.seqnr == 0)
- log("incoming seqnr wraps around");
+ logit("incoming seqnr wraps around");
if (++p_read.packets == 0)
if (!(datafellows & SSH_BUG_NOREKEY))
fatal("XXX too many packets with same key");
case SSH2_MSG_DISCONNECT:
reason = packet_get_int();
msg = packet_get_string(NULL);
- log("Received disconnect from %s: %u: %.400s",
+ logit("Received disconnect from %s: %u: %.400s",
get_remote_ipaddr(), reason, msg);
xfree(msg);
- fatal_cleanup();
+ cleanup_exit(255);
break;
case SSH2_MSG_UNIMPLEMENTED:
seqnr = packet_get_int();
break;
case SSH_MSG_DISCONNECT:
msg = packet_get_string(NULL);
- log("Received disconnect from %s: %.400s",
+ logit("Received disconnect from %s: %.400s",
get_remote_ipaddr(), msg);
- fatal_cleanup();
+ cleanup_exit(255);
xfree(msg);
break;
default:
va_end(args);
/* Display the error locally */
- log("Disconnecting: %.100s", buf);
+ logit("Disconnecting: %.100s", buf);
/* Send the disconnect message to the other side, and wait for it to get sent. */
if (compat20) {
/* Close the connection. */
packet_close();
-
- fatal_cleanup();
+ cleanup_exit(255);
}
/* Checks if there is any buffered output, and tries to write some of the output. */
}
-#if defined(IP_TOS) && !defined(IP_TOS_IS_BROKEN)
static void
packet_set_tos(int interactive)
{
+#if defined(IP_TOS) && !defined(IP_TOS_IS_BROKEN)
int tos = interactive ? IPTOS_LOWDELAY : IPTOS_THROUGHPUT;
if (!packet_connection_is_on_socket() ||
sizeof(tos)) < 0)
error("setsockopt IP_TOS %d: %.100s:",
tos, strerror(errno));
-}
#endif
+}
/* Informs that the current session is interactive. Sets IP flags for that. */
/* Only set socket options if using a socket. */
if (!packet_connection_is_on_socket())
+ return;
if (interactive)
set_nodelay(connection_in);
-#if defined(IP_TOS) && !defined(IP_TOS_IS_BROKEN)
packet_set_tos(interactive);
-#endif
-
}
/* Returns true if the current connection is interactive. */
}
int
-packet_set_maxsize(int s)
+packet_set_maxsize(u_int s)
{
static int called = 0;
if (called) {
- log("packet_set_maxsize: called twice: old %d new %d",
+ logit("packet_set_maxsize: called twice: old %d new %d",
max_packet_size, s);
return -1;
}
if (s < 4 * 1024 || s > 1024 * 1024) {
- log("packet_set_maxsize: bad size %d", s);
+ logit("packet_set_maxsize: bad size %d", s);
return -1;
}
called = 1;
}
}
-#define MAX_PACKETS (1<<31)
+#define MAX_PACKETS (1U<<31)
int
packet_need_rekeying(void)
{
andersk / openssh.git / blobdiff