- markus@cvs.openbsd.org 2001/12/27 20:39:58

     [auth1.c auth-rsa.c channels.c clientloop.c packet.c packet.h serverloop.c session.c ssh.c sshconnect1.c sshd.c ttymodes.c]
     get rid of packet_integrity_check, use packet_done() instead.

diff --git a/ChangeLog b/ChangeLog
index 2e31e34a1048c0b0aec3eef07806b3c42e2914e3..1a6e31939383b81f3d229ed6dea07506bf1d66d2 100644 (file)
--- a/ChangeLog
+++ b/ChangeLog
@@ -51,6 +51,10 @@
    - markus@cvs.openbsd.org 2001/12/27 19:54:53
      [auth1.c auth.h auth-rh-rsa.c]
      auth_rhosts_rsa now accept generic keys.
+   - markus@cvs.openbsd.org 2001/12/27 20:39:58
+     [auth1.c auth-rsa.c channels.c clientloop.c packet.c packet.h]
+     [serverloop.c session.c ssh.c sshconnect1.c sshd.c ttymodes.c]
+     get rid of packet_integrity_check, use packet_done() instead.
 
 20020121
  - (djm) Rework ssh-rand-helper:

diff --git a/auth-rsa.c b/auth-rsa.c
index 1d74a79cd86eff137bc93be5946155704dc22e1d..4403c149082026906f22bdb3863255b60c7a48f2 100644 (file)
--- a/auth-rsa.c
+++ b/auth-rsa.c
@@ -14,7 +14,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: auth-rsa.c,v 1.48 2001/12/27 20:39:58 markus Exp $");
+RCSID("$OpenBSD: auth-rsa.c,v 1.49 2001/12/28 12:14:27 markus Exp $");
 
 #include <openssl/rsa.h>
 #include <openssl/md5.h>
@@ -94,7 +94,7 @@ auth_rsa_challenge_dialog(RSA *pk)
        packet_read_expect(&plen, SSH_CMSG_AUTH_RSA_RESPONSE);
        for (i = 0; i < 16; i++)
                response[i] = packet_get_char();
-       packet_done();
+       packet_check_eom();
 
        /* The response is MD5 of decrypted challenge plus session id. */
        len = BN_num_bytes(challenge);

diff --git a/auth1.c b/auth1.c
index 2ea638b9a77287c7f17ae1f3d6db778ecd8bd62a..42524cc96fe3a706e761f7f3eebd4bdbffef1256 100644 (file)
--- a/auth1.c
+++ b/auth1.c
@@ -10,7 +10,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: auth1.c,v 1.31 2001/12/27 20:39:58 markus Exp $");
+RCSID("$OpenBSD: auth1.c,v 1.32 2001/12/28 12:14:27 markus Exp $");
 
 #include "xmalloc.h"
 #include "rsa.h"
@@ -120,7 +120,7 @@ do_authloop(Authctxt *authctxt)
                                verbose("Kerberos authentication disabled.");
                        } else {
                                char *kdata = packet_get_string(&dlen);
-                               packet_done();
+                               packet_check_eom();
 
                                if (kdata[0] == 4) { /* KRB_PROT_VERSION */
 #ifdef KRB4
@@ -180,7 +180,7 @@ do_authloop(Authctxt *authctxt)
                         * IP-spoofing on a local network.)
                         */
                        client_user = packet_get_string(&ulen);
-                       packet_done();
+                       packet_check_eom();
 
                        /* Try to authenticate using /etc/hosts.equiv and .rhosts. */
                        authenticated = auth_rhosts(pw, client_user);
@@ -210,7 +210,7 @@ do_authloop(Authctxt *authctxt)
                                verbose("Warning: keysize mismatch for client_host_key: "
                                    "actual %d, announced %d",
                                     BN_num_bits(client_host_key->rsa->n), bits);
-                       packet_done();
+                       packet_check_eom();
 
                        authenticated = auth_rhosts_rsa(pw, client_user,
                            client_host_key);
@@ -228,7 +228,7 @@ do_authloop(Authctxt *authctxt)
                        if ((n = BN_new()) == NULL)
                                fatal("do_authloop: BN_new failed");
                        packet_get_bignum(n, &nlen);
-                       packet_done();
+                       packet_check_eom();
                        authenticated = auth_rsa(pw, n);
                        BN_clear_free(n);
                        break;
@@ -244,7 +244,7 @@ do_authloop(Authctxt *authctxt)
                         * not visible to an outside observer.
                         */
                        password = packet_get_string(&dlen);
-                       packet_done();
+                       packet_check_eom();
 
 #ifdef USE_PAM
                        /* Do PAM auth with password */
@@ -282,7 +282,7 @@ do_authloop(Authctxt *authctxt)
                        if (options.challenge_response_authentication == 1) {
                                char *response = packet_get_string(&dlen);
                                debug("got response '%s'", response);
-                               packet_done();
+                               packet_check_eom();
                                authenticated = verify_response(authctxt, response);
                                memset(response, 'r', dlen);
                                xfree(response);
@@ -369,7 +369,7 @@ do_authentication(void)
 
        /* Get the user name. */
        user = packet_get_string(&ulen);
-       packet_done();
+       packet_check_eom();
 
        if ((style = strchr(user, ':')) != NULL)
                *style++ = '\0';

diff --git a/auth2-chall.c b/auth2-chall.c
index 8679f632ff8cb95692d7a6f67989c84aefb45b05..4211b0f6410a3504c880f6a8dc195b950fad2dbd 100644 (file)
--- a/auth2-chall.c
+++ b/auth2-chall.c
@@ -23,7 +23,7 @@
  * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  */
 #include "includes.h"
-RCSID("$OpenBSD: auth2-chall.c,v 1.11 2001/12/20 22:50:24 djm Exp $");
+RCSID("$OpenBSD: auth2-chall.c,v 1.12 2001/12/28 12:14:27 markus Exp $");
 
 #include "ssh2.h"
 #include "auth.h"
@@ -257,7 +257,7 @@ input_userauth_info_response(int type, int plen, u_int32_t seq, void *ctxt)
                for (i = 0; i < nresp; i++)
                        response[i] = packet_get_string(NULL);
        }
-       packet_done();
+       packet_check_eom();
 
        if (authctxt->valid) {
                res = kbdintctxt->device->respond(kbdintctxt->ctxt,

diff --git a/auth2.c b/auth2.c
index 2b23651ffd491b8c511fdc6ef0699c9fdd54f2db..1ad905f18ef4bc4b6f4efbc65bb02617e5ce4451 100644 (file)
--- a/auth2.c
+++ b/auth2.c
@@ -23,7 +23,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: auth2.c,v 1.78 2001/12/20 22:50:24 djm Exp $");
+RCSID("$OpenBSD: auth2.c,v 1.79 2001/12/28 12:14:27 markus Exp $");
 
 #include <openssl/evp.h>
 
@@ -146,7 +146,7 @@ input_service_request(int type, int plen, u_int32_t seq, void *ctxt)
        u_int len;
        int accept = 0;
        char *service = packet_get_string(&len);
-       packet_done();
+       packet_check_eom();
 
        if (authctxt == NULL)
                fatal("input_service_request: no authctxt");
@@ -328,7 +328,7 @@ userauth_none(Authctxt *authctxt)
        Authmethod *m = authmethod_lookup("none");
        if (m != NULL)
                m->enabled = NULL;
-       packet_done();
+       packet_check_eom();
        userauth_banner();
 
        if (authctxt->valid == 0)
@@ -358,7 +358,7 @@ userauth_passwd(Authctxt *authctxt)
        if (change)
                log("password change not supported");
        password = packet_get_string(&len);
-       packet_done();
+       packet_check_eom();
        if (authctxt->valid &&
 #ifdef HAVE_CYGWIN
            check_nt_auth(1, authctxt->pw) &&
@@ -384,7 +384,7 @@ userauth_kbdint(Authctxt *authctxt)
 
        lang = packet_get_string(NULL);
        devs = packet_get_string(NULL);
-       packet_done();
+       packet_check_eom();
 
        debug("keyboard-interactive devs %s", devs);
 
@@ -444,7 +444,7 @@ userauth_pubkey(Authctxt *authctxt)
        if (key != NULL) {
                if (have_sig) {
                        sig = packet_get_string(&slen);
-                       packet_done();
+                       packet_check_eom();
                        buffer_init(&b);
                        if (datafellows & SSH_OLD_SESSIONID) {
                                buffer_append(&b, session_id2, session_id2_len);
@@ -477,7 +477,7 @@ userauth_pubkey(Authctxt *authctxt)
                        xfree(sig);
                } else {
                        debug("test whether pkalg/pkblob are acceptable");
-                       packet_done();
+                       packet_check_eom();
 
                        /* XXX fake reply and always send PK_OK ? */
                        /*

diff --git a/channels.c b/channels.c
index 9f042d44ee02ee32c671a63c7c4b2cced2e5a55c..163312c579cea4ce6a32447fa1ec6c5fbeba8700 100644 (file)
--- a/channels.c
+++ b/channels.c
@@ -39,7 +39,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: channels.c,v 1.151 2001/12/27 20:39:58 markus Exp $");
+RCSID("$OpenBSD: channels.c,v 1.152 2001/12/28 12:14:27 markus Exp $");
 
 #include "ssh.h"
 #include "ssh1.h"
@@ -1748,7 +1748,7 @@ channel_input_data(int type, int plen, u_int32_t seq, void *ctxt)
                }
                c->local_window -= data_len;
        }
-       packet_done();
+       packet_check_eom();
        buffer_append(&c->output, data, data_len);
        xfree(data);
 }
@@ -1780,7 +1780,7 @@ channel_input_extended_data(int type, int plen, u_int32_t seq, void *ctxt)
                return;
        }
        data = packet_get_string(&data_len);
-       packet_done();
+       packet_check_eom();
        if (data_len > c->local_window) {
                log("channel %d: rcvd too much extended_data %d, win %d",
                    c->self, data_len, c->local_window);
@@ -1800,7 +1800,7 @@ channel_input_ieof(int type, int plen, u_int32_t seq, void *ctxt)
        Channel *c;
 
        id = packet_get_int();
-       packet_done();
+       packet_check_eom();
        c = channel_lookup(id);
        if (c == NULL)
                packet_disconnect("Received ieof for nonexistent channel %d.", id);
@@ -1821,7 +1821,7 @@ channel_input_close(int type, int plen, u_int32_t seq, void *ctxt)
        Channel *c;
 
        id = packet_get_int();
-       packet_done();
+       packet_check_eom();
        c = channel_lookup(id);
        if (c == NULL)
                packet_disconnect("Received close for nonexistent channel %d.", id);
@@ -1858,7 +1858,7 @@ channel_input_oclose(int type, int plen, u_int32_t seq, void *ctxt)
        int id = packet_get_int();
        Channel *c = channel_lookup(id);
 
-       packet_done();
+       packet_check_eom();
        if (c == NULL)
                packet_disconnect("Received oclose for nonexistent channel %d.", id);
        chan_rcvd_oclose(c);
@@ -1870,7 +1870,7 @@ channel_input_close_confirmation(int type, int plen, u_int32_t seq, void *ctxt)
        int id = packet_get_int();
        Channel *c = channel_lookup(id);
 
-       packet_done();
+       packet_check_eom();
        if (c == NULL)
                packet_disconnect("Received close confirmation for "
                    "out-of-range channel %d.", id);
@@ -1908,7 +1908,7 @@ channel_input_open_confirmation(int type, int plen, u_int32_t seq, void *ctxt)
                debug("channel %d: open confirm rwindow %d rmax %d", c->self,
                    c->remote_window, c->remote_maxpacket);
        }
-       packet_done();
+       packet_check_eom();
 }
 
 static char *
@@ -1953,7 +1953,7 @@ channel_input_open_failure(int type, int plen, u_int32_t seq, void *ctxt)
                if (lang != NULL)
                        xfree(lang);
        }
-       packet_done();
+       packet_check_eom();
        /* Free the channel.  This will also close the socket. */
        channel_free(c);
 }
@@ -2002,7 +2002,7 @@ channel_input_window_adjust(int type, int plen, u_int32_t seq, void *ctxt)
                return;
        }
        adjust = packet_get_int();
-       packet_done();
+       packet_check_eom();
        debug2("channel %d: rcvd adjust %d", id, adjust);
        c->remote_window += adjust;
 }
@@ -2024,7 +2024,7 @@ channel_input_port_open(int type, int plen, u_int32_t seq, void *ctxt)
        } else {
                originator_string = xstrdup("unknown (remote did not supply name)");
        }
-       packet_done();
+       packet_check_eom();
        sock = channel_connect_to(host, host_port);
        if (sock != -1) {
                c = channel_new("connected socket",
@@ -2630,7 +2630,7 @@ x11_input_open(int type, int plen, u_int32_t seq, void *ctxt)
        } else {
                remote_host = xstrdup("unknown (remote did not supply name)");
        }
-       packet_done();
+       packet_check_eom();
 
        /* Obtain a connection to the real X display. */
        sock = x11_connect_display();
@@ -2881,7 +2881,7 @@ auth_input_open_request(int type, int plen, u_int32_t seq, void *ctxt)
 
        /* Read the remote channel number from the message. */
        remote_id = packet_get_int();
-       packet_done();
+       packet_check_eom();
 
        /*
         * Get a connection to the local authentication agent (this may again

diff --git a/clientloop.c b/clientloop.c
index f71717554b0c85ec751bd51c655658540663cd9a..3231b212e5c2d6e199b23e876d2ad1c0723b17dd 100644 (file)
--- a/clientloop.c
+++ b/clientloop.c
@@ -59,7 +59,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: clientloop.c,v 1.92 2001/12/27 20:39:58 markus Exp $");
+RCSID("$OpenBSD: clientloop.c,v 1.93 2001/12/28 12:14:27 markus Exp $");
 
 #include "ssh.h"
 #include "ssh1.h"
@@ -1012,7 +1012,7 @@ client_input_stdout_data(int type, int plen, u_int32_t seq, void *ctxt)
 {
        u_int data_len;
        char *data = packet_get_string(&data_len);
-       packet_done();
+       packet_check_eom();
        buffer_append(&stdout_buffer, data, data_len);
        memset(data, 0, data_len);
        xfree(data);
@@ -1022,7 +1022,7 @@ client_input_stderr_data(int type, int plen, u_int32_t seq, void *ctxt)
 {
        u_int data_len;
        char *data = packet_get_string(&data_len);
-       packet_done();
+       packet_check_eom();
        buffer_append(&stderr_buffer, data, data_len);
        memset(data, 0, data_len);
        xfree(data);
@@ -1031,7 +1031,7 @@ static void
 client_input_exit_status(int type, int plen, u_int32_t seq, void *ctxt)
 {
        exit_status = packet_get_int();
-       packet_done();
+       packet_check_eom();
        /* Acknowledge the exit. */
        packet_start(SSH_CMSG_EXIT_CONFIRMATION);
        packet_send();
@@ -1057,7 +1057,7 @@ client_request_forwarded_tcpip(const char *request_type, int rchan)
        listen_port = packet_get_int();
        originator_address = packet_get_string(NULL);
        originator_port = packet_get_int();
-       packet_done();
+       packet_check_eom();
 
        debug("client_request_forwarded_tcpip: listen %s port %d, originator %s port %d",
            listen_address, listen_port, originator_address, originator_port);
@@ -1101,7 +1101,7 @@ client_request_x11(const char *request_type, int rchan)
        } else {
                originator_port = packet_get_int();
        }
-       packet_done();
+       packet_check_eom();
        /* XXX check permission */
        debug("client_request_x11: request from %s %d", originator,
            originator_port);
@@ -1226,7 +1226,7 @@ client_input_channel_req(int type, int plen, u_int32_t seq, void *ctxt)
        } else if (strcmp(rtype, "exit-status") == 0) {
                success = 1;
                exit_status = packet_get_int();
-               packet_done();
+               packet_check_eom();
        }
        if (reply) {
                packet_start(success ?

diff --git a/kex.c b/kex.c
index 8e3d83befde0eb7ec924fb88824bda46570811ba..e4163214de1160d5f2673df2f48f1669d6d95e59 100644 (file)
--- a/kex.c
+++ b/kex.c
@@ -23,7 +23,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: kex.c,v 1.38 2001/12/20 22:50:24 djm Exp $");
+RCSID("$OpenBSD: kex.c,v 1.39 2001/12/28 12:14:27 markus Exp $");
 
 #include <openssl/crypto.h>
 
@@ -187,7 +187,7 @@ kex_input_kexinit(int type, int plen, u_int32_t seq, void *ctxt)
                xfree(packet_get_string(NULL));
        packet_get_char();
        packet_get_int();
-       packet_done();
+       packet_check_eom();
 
        kex_kexinit_finish(kex);
 }

diff --git a/kexdh.c b/kexdh.c
index 059b41c4157661d342cf6e62e5bb4ab4286e81fe..43a14f5584b389f009d1f6934820675daf882241 100644 (file)
--- a/kexdh.c
+++ b/kexdh.c
@@ -23,7 +23,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: kexdh.c,v 1.9 2001/12/27 19:37:22 markus Exp $");
+RCSID("$OpenBSD: kexdh.c,v 1.10 2001/12/28 12:14:27 markus Exp $");
 
 #include <openssl/crypto.h>
 #include <openssl/bn.h>
@@ -142,7 +142,7 @@ kexdh_client(Kex *kex)
 
        /* signed H */
        signature = packet_get_string(&slen);
-       packet_done();
+       packet_check_eom();
 
        if (!dh_pub_is_valid(dh, dh_server_pub))
                packet_disconnect("bad server public DH value");

diff --git a/kexgex.c b/kexgex.c
index 8822c8dcd7362b8c617faf1840fa5610b39583a6..49f639c61cab0ffa81437e1f45c4a0fd7e123326 100644 (file)
--- a/kexgex.c
+++ b/kexgex.c
@@ -24,7 +24,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: kexgex.c,v 1.12 2001/12/27 19:37:23 markus Exp $");
+RCSID("$OpenBSD: kexgex.c,v 1.13 2001/12/28 12:14:27 markus Exp $");
 
 #include <openssl/bn.h>
 
@@ -146,7 +146,7 @@ kexgex_client(Kex *kex)
        if ((g = BN_new()) == NULL)
                fatal("BN_new");
        packet_get_bignum2(g, &dlen);
-       packet_done();
+       packet_check_eom();
 
        if (BN_num_bits(p) < min || BN_num_bits(p) > max)
                fatal("DH_GEX group out of range: %d !< %d !< %d",
@@ -196,7 +196,7 @@ kexgex_client(Kex *kex)
 
        /* signed H */
        signature = packet_get_string(&slen);
-       packet_done();
+       packet_check_eom();
 
        if (!dh_pub_is_valid(dh, dh_server_pub))
                packet_disconnect("bad server public DH value");
@@ -289,7 +289,7 @@ kexgex_server(Kex *kex)
        default:
                fatal("protocol error during kex, no DH_GEX_REQUEST: %d", type);
        }
-       packet_done();
+       packet_check_eom();
 
        if (max < min || nbits < min || max < nbits)
                fatal("DH_GEX_REQUEST, bad parameters: %d !< %d !< %d",

diff --git a/packet.c b/packet.c
index ee64060eb012e0aeb84e4c0b7826bc3edd9e90e4..ea16847d93b6882e2be1ee22a17a416b9a885d9c 100644 (file)
--- a/packet.c
+++ b/packet.c
@@ -37,7 +37,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: packet.c,v 1.78 2001/12/27 20:39:58 markus Exp $");
+RCSID("$OpenBSD: packet.c,v 1.79 2001/12/28 12:14:27 markus Exp $");
 
 #include "xmalloc.h"
 #include "buffer.h"
@@ -632,7 +632,7 @@ packet_read_seqnr(int *payload_len_ptr, u_int32_t *seqnr_p)
                    || type == SSH_SMSG_FAILURE
                    || type == SSH_CMSG_EOF
                    || type == SSH_CMSG_EXIT_CONFIRMATION))
-                       packet_done();
+                       packet_check_eom();
                /* If we got a packet, return it. */
                if (type != SSH_MSG_NONE) {
                        xfree(setp);

diff --git a/packet.h b/packet.h
index 11e8be8c07803ae2a3013e243866a1913dd88037..269b4c7f80daf316df7f6abf2af5c4a2e1af6044 100644 (file)
--- a/packet.h
+++ b/packet.h
@@ -11,7 +11,7 @@
  * called by a name other than "ssh" or "Secure Shell".
  */
 
-/* RCSID("$OpenBSD: packet.h,v 1.29 2001/12/27 20:39:58 markus Exp $"); */
+/* RCSID("$OpenBSD: packet.h,v 1.30 2001/12/28 12:14:27 markus Exp $"); */
 
 #ifndef PACKET_H
 #define PACKET_H
@@ -74,7 +74,8 @@ extern int max_packet_size;
 int      packet_set_maxsize(int);
 #define  packet_get_maxsize() max_packet_size
 
-#define packet_done() \
+/* don't allow remaining bytes after the end of the message */
+#define packet_check_eom() \
 do { \
        int _len = packet_remaining(); \
        if (_len > 0) { \

diff --git a/serverloop.c b/serverloop.c
index 39aa1560e5ef212cd670f3797a2c1c0a7c2c44d2..aa74bf9a2319d92ec54a6df3338a537f57e755b1 100644 (file)
--- a/serverloop.c
+++ b/serverloop.c
@@ -35,7 +35,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: serverloop.c,v 1.90 2001/12/27 20:39:58 markus Exp $");
+RCSID("$OpenBSD: serverloop.c,v 1.91 2001/12/28 12:14:27 markus Exp $");
 
 #include "xmalloc.h"
 #include "packet.h"
@@ -806,7 +806,7 @@ server_input_stdin_data(int type, int plen, u_int32_t seq, void *ctxt)
        if (fdin == -1)
                return;
        data = packet_get_string(&data_len);
-       packet_done();
+       packet_check_eom();
        buffer_append(&stdin_buffer, data, data_len);
        memset(data, 0, data_len);
        xfree(data);
@@ -821,7 +821,7 @@ server_input_eof(int type, int plen, u_int32_t seq, void *ctxt)
         * drained.
         */
        debug("EOF received for stdin.");
-       packet_done();
+       packet_check_eom();
        stdin_eof = 1;
 }
 
@@ -834,7 +834,7 @@ server_input_window_size(int type, int plen, u_int32_t seq, void *ctxt)
        int ypixel = packet_get_int();
 
        debug("Window change received.");
-       packet_done();
+       packet_check_eom();
        if (fdin != -1)
                pty_change_window_size(fdin, row, col, xpixel, ypixel);
 }
@@ -851,7 +851,7 @@ server_request_direct_tcpip(char *ctype)
        target_port = packet_get_int();
        originator = packet_get_string(NULL);
        originator_port = packet_get_int();
-       packet_done();
+       packet_check_eom();
 
        debug("server_request_direct_tcpip: originator %s port %d, target %s port %d",
           originator, originator_port, target, target_port);
@@ -878,7 +878,7 @@ server_request_session(char *ctype)
        Channel *c;
 
        debug("input_session_request");
-       packet_done();
+       packet_check_eom();
        /*
         * A server session has no fd to read or write until a
         * CHANNEL_REQUEST for a shell is made, so we set the type to

diff --git a/session.c b/session.c
index 61284104908db4ff08e43ee77d9b8ebbed1b6b05..43cbd00b92be42e894276c0efcd2e71acc5f9364 100644 (file)
--- a/session.c
+++ b/session.c
@@ -33,7 +33,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: session.c,v 1.115 2001/12/27 20:39:58 markus Exp $");
+RCSID("$OpenBSD: session.c,v 1.116 2001/12/28 12:14:27 markus Exp $");
 
 #include "ssh.h"
 #include "ssh1.h"
@@ -255,7 +255,7 @@ do_authenticated1(Authctxt *authctxt)
                switch (type) {
                case SSH_CMSG_REQUEST_COMPRESSION:
                        compression_level = packet_get_int();
-                       packet_done();
+                       packet_check_eom();
                        if (compression_level < 1 || compression_level > 9) {
                                packet_send_debug("Received illegal compression level %d.",
                                    compression_level);
@@ -286,7 +286,7 @@ do_authenticated1(Authctxt *authctxt)
                        } else {
                                s->screen = 0;
                        }
-                       packet_done();
+                       packet_check_eom();
                        success = session_setup_x11fwd(s);
                        if (!success) {
                                xfree(s->auth_proto);
@@ -330,7 +330,7 @@ do_authenticated1(Authctxt *authctxt)
                                verbose("Kerberos TGT passing disabled.");
                        } else {
                                char *kdata = packet_get_string(&dlen);
-                               packet_done();
+                               packet_check_eom();
 
                                /* XXX - 0x41, see creds_to_radix version */
                                if (kdata[0] != 0x41) {
@@ -364,7 +364,7 @@ do_authenticated1(Authctxt *authctxt)
                        } else {
                                /* Accept AFS token. */
                                char *token = packet_get_string(&dlen);
-                               packet_done();
+                               packet_check_eom();
 
                                if (auth_afs_token(s->authctxt, token))
                                        success = 1;
@@ -386,7 +386,7 @@ do_authenticated1(Authctxt *authctxt)
                        } else {
                                do_exec(s, NULL);
                        }
-                       packet_done();
+                       packet_check_eom();
                        session_close(s);
                        return;
 
@@ -1575,7 +1575,7 @@ session_window_change_req(Session *s)
        s->row = packet_get_int();
        s->xpixel = packet_get_int();
        s->ypixel = packet_get_int();
-       packet_done();
+       packet_check_eom();
        pty_change_window_size(s->ptyfd, s->row, s->col, s->xpixel, s->ypixel);
        return 1;
 }
@@ -1640,7 +1640,7 @@ session_pty_req(Session *s)
        /* Set window size from the packet. */
        pty_change_window_size(s->ptyfd, s->row, s->col, s->xpixel, s->ypixel);
 
-       packet_done();
+       packet_check_eom();
        session_proctitle(s);
        return 1;
 }
@@ -1654,7 +1654,7 @@ session_subsystem_req(Session *s)
        char *cmd, *subsys = packet_get_string(&len);
        int i;
 
-       packet_done();
+       packet_check_eom();
        log("subsystem request for %s", subsys);
 
        for (i = 0; i < options.num_subsystems; i++) {
@@ -1689,7 +1689,7 @@ session_x11_req(Session *s)
        s->auth_proto = packet_get_string(NULL);
        s->auth_data = packet_get_string(NULL);
        s->screen = packet_get_int();
-       packet_done();
+       packet_check_eom();
 
        success = session_setup_x11fwd(s);
        if (!success) {
@@ -1704,7 +1704,7 @@ session_x11_req(Session *s)
 static int
 session_shell_req(Session *s)
 {
-       packet_done();
+       packet_check_eom();
        do_exec(s, NULL);
        return 1;
 }
@@ -1714,7 +1714,7 @@ session_exec_req(Session *s)
 {
        u_int len;
        char *command = packet_get_string(&len);
-       packet_done();
+       packet_check_eom();
        do_exec(s, command);
        xfree(command);
        return 1;
@@ -1724,7 +1724,7 @@ static int
 session_auth_agent_req(Session *s)
 {
        static int called = 0;
-       packet_done();
+       packet_check_eom();
        if (no_agent_forwarding_flag) {
                debug("session_auth_agent_req: no_agent_forwarding_flag");
                return 0;

diff --git a/ssh.c b/ssh.c
index b6728f4dc29efc9b36f1f9fdcf8cd039359309b2..76d45c96aa9ef6e6def3251bf0668e4a728080dc 100644 (file)
--- a/ssh.c
+++ b/ssh.c
@@ -39,7 +39,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: ssh.c,v 1.154 2001/12/27 20:39:58 markus Exp $");
+RCSID("$OpenBSD: ssh.c,v 1.155 2001/12/28 12:14:27 markus Exp $");
 
 #include <openssl/evp.h>
 #include <openssl/err.h>
@@ -976,7 +976,7 @@ ssh_session(void)
 
                /* Read response from the server. */
                type = packet_read(&plen);
-               packet_done();
+               packet_check_eom();
                if (type != SSH_SMSG_SUCCESS)
                        log("Warning: Remote host denied authentication agent forwarding.");
        }
@@ -1023,7 +1023,7 @@ client_subsystem_reply(int type, int plen, u_int32_t seq, void *ctxt)
        len = buffer_len(&command);
        if (len > 900)
                len = 900;
-       packet_done();
+       packet_check_eom();
        if (type == SSH2_MSG_CHANNEL_FAILURE)
                fatal("Request for subsystem '%.*s' failed on channel %d",
                    len, (u_char *)buffer_ptr(&command), id);

diff --git a/sshconnect1.c b/sshconnect1.c
index 240bdffe2c4d6dccc5cc5deae1142828da5eb317..a5fef1036d46f051fe198b3a1d05afe371dc2579 100644 (file)
--- a/sshconnect1.c
+++ b/sshconnect1.c
@@ -13,7 +13,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: sshconnect1.c,v 1.44 2001/12/27 20:39:58 markus Exp $");
+RCSID("$OpenBSD: sshconnect1.c,v 1.45 2001/12/28 12:14:27 markus Exp $");
 
 #include <openssl/bn.h>
 #include <openssl/evp.h>
@@ -109,7 +109,7 @@ try_agent_authentication(void)
                                          type);
 
                packet_get_bignum(challenge, &clen);
-               packet_done();
+               packet_check_eom();
 
                debug("Received RSA challenge from server.");
 
@@ -243,7 +243,7 @@ try_rsa_authentication(int idx)
        if ((challenge = BN_new()) == NULL)
                fatal("try_rsa_authentication: BN_new failed");
        packet_get_bignum(challenge, &clen);
-       packet_done();
+       packet_check_eom();
 
        debug("Received RSA challenge from server.");
 
@@ -357,7 +357,7 @@ try_rhosts_rsa_authentication(const char *local_user, Key * host_key)
        if ((challenge = BN_new()) == NULL)
                fatal("try_rhosts_rsa_authentication: BN_new failed");
        packet_get_bignum(challenge, &clen);
-       packet_done();
+       packet_check_eom();
 
        debug("Received RSA challenge for host key from server.");
 
@@ -464,7 +464,7 @@ try_krb4_authentication(void)
                memcpy(auth.dat, reply, auth.length);
                xfree(reply);
 
-               packet_done();
+               packet_check_eom();
 
                /*
                 * If his response isn't properly encrypted with the session
@@ -573,7 +573,7 @@ try_krb5_authentication(krb5_context *context, krb5_auth_context *auth_context)
 
                /* Get server's response. */
                ap.data = packet_get_string((unsigned int *) &ap.length);
-               packet_done();
+               packet_check_eom();
                /* XXX je to dobre? */
 
                problem = krb5_rd_rep(*context, *auth_context, &ap, &reply);
@@ -838,7 +838,7 @@ try_challenge_response_authentication(void)
                        return 0;
                }
                challenge = packet_get_string(&clen);
-               packet_done();
+               packet_check_eom();
                snprintf(prompt, sizeof prompt, "%s%s", challenge,
                    strchr(challenge, '\n') ? "" : "\nResponse: ");
                xfree(challenge);
@@ -964,7 +964,7 @@ ssh_kex(char *host, struct sockaddr *hostaddr)
 
        supported_ciphers = packet_get_int();
        supported_authentications = packet_get_int();
-       packet_done();
+       packet_check_eom();
 
        debug("Received server public key (%d bits) and host key (%d bits).",
            BN_num_bits(server_key->rsa->n), BN_num_bits(host_key->rsa->n));

diff --git a/sshconnect2.c b/sshconnect2.c
index d7143cd18bda0a7f62bf94542d718a17912b959d..cf873b8dddd290207d5d5e775aff9fd64aa9fc25 100644 (file)
--- a/sshconnect2.c
+++ b/sshconnect2.c
@@ -23,7 +23,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: sshconnect2.c,v 1.89 2001/12/20 22:50:24 djm Exp $");
+RCSID("$OpenBSD: sshconnect2.c,v 1.90 2001/12/28 12:14:27 markus Exp $");
 
 #include <openssl/bn.h>
 #include <openssl/md5.h>
@@ -247,7 +247,7 @@ ssh_userauth2(const char *local_user, const char *server_user, char *host,
        } else {
                debug("buggy server: service_accept w/o service");
        }
-       packet_done();
+       packet_check_eom();
        debug("got SSH2_MSG_SERVICE_ACCEPT");
 
        if (options.preferred_authentications == NULL)
@@ -347,7 +347,7 @@ input_userauth_failure(int type, int plen, u_int32_t seq, void *ctxt)
 
        authlist = packet_get_string(NULL);
        partial = packet_get_char();
-       packet_done();
+       packet_check_eom();
 
        if (partial != 0)
                log("Authenticated with partial success.");
@@ -379,7 +379,7 @@ input_userauth_pk_ok(int type, int plen, u_int32_t seq, void *ctxt)
                pkalg = packet_get_string(&alen);
                pkblob = packet_get_string(&blen);
        }
-       packet_done();
+       packet_check_eom();
 
        debug("input_userauth_pk_ok: pkalg %s blen %d lastkey %p hint %d",
            pkalg, blen, authctxt->last_key, authctxt->last_key_hint);
@@ -815,7 +815,7 @@ input_userauth_info_req(int type, int plen, u_int32_t seq, void *ctxt)
                xfree(response);
                xfree(prompt);
        }
-       packet_done(); /* done with parsing incoming message. */
+       packet_check_eom(); /* done with parsing incoming message. */
 
        packet_add_padding(64);
        packet_send();

diff --git a/sshd.c b/sshd.c
index 5307542038272002c18028ad6dd4da1978c4e489..b5f995c0657e2a2d3f17dd6b33554b64605d9efb 100644 (file)
--- a/sshd.c
+++ b/sshd.c
@@ -40,7 +40,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: sshd.c,v 1.219 2001/12/27 20:39:58 markus Exp $");
+RCSID("$OpenBSD: sshd.c,v 1.220 2001/12/28 12:14:27 markus Exp $");
 
 #include <openssl/dh.h>
 #include <openssl/bn.h>
@@ -1358,7 +1358,7 @@ do_ssh1_kex(void)
 
        protocol_flags = packet_get_int();
        packet_set_protocol_flags(protocol_flags);
-       packet_done();
+       packet_check_eom();
 
        /*
         * Decrypt it using our private server key and private host key (key

diff --git a/ttymodes.c b/ttymodes.c
index ada3a1481e5c8d8638f821246616db9f2046d831..ccc001f200197c5e0ce4ba168a17600e012b9fd0 100644 (file)
--- a/ttymodes.c
+++ b/ttymodes.c
@@ -43,7 +43,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: ttymodes.c,v 1.15 2001/12/19 07:18:56 deraadt Exp $");
+RCSID("$OpenBSD: ttymodes.c,v 1.16 2001/12/27 20:39:58 markus Exp $");
 
 #include "packet.h"
 #include "log.h"
@@ -422,7 +422,6 @@ tty_parse_modes(int fd, int *n_bytes_ptr)
                                         * more coming after the mode data.
                                         */
                                        log("parse_tty_modes: unknown opcode %d", opcode);
-                                       packet_integrity_check(0, 1, SSH_CMSG_REQUEST_PTY);
                                        goto set;
                                }
                        } else {