[auth1.c auth-rsa.c channels.c clientloop.c packet.c packet.h serverloop.c session.c ssh.c sshconnect1.c sshd.c ttymodes.c]
get rid of packet_integrity_check, use packet_done() instead.
*/
#include "includes.h"
-RCSID("$OpenBSD: auth-rsa.c,v 1.47 2001/12/27 18:22:16 markus Exp $");
+RCSID("$OpenBSD: auth-rsa.c,v 1.48 2001/12/27 20:39:58 markus Exp $");
#include <openssl/rsa.h>
#include <openssl/md5.h>
/* Wait for a response. */
packet_read_expect(&plen, SSH_CMSG_AUTH_RSA_RESPONSE);
- packet_integrity_check(plen, 16, SSH_CMSG_AUTH_RSA_RESPONSE);
for (i = 0; i < 16; i++)
response[i] = packet_get_char();
+ packet_done();
/* The response is MD5 of decrypted challenge plus session id. */
len = BN_num_bytes(challenge);
*/
#include "includes.h"
-RCSID("$OpenBSD: auth1.c,v 1.30 2001/12/27 19:54:53 markus Exp $");
+RCSID("$OpenBSD: auth1.c,v 1.31 2001/12/27 20:39:58 markus Exp $");
#include "xmalloc.h"
#include "rsa.h"
verbose("Kerberos authentication disabled.");
} else {
char *kdata = packet_get_string(&dlen);
-
- packet_integrity_check(plen, 4 + dlen, type);
+ packet_done();
if (kdata[0] == 4) { /* KRB_PROT_VERSION */
#ifdef KRB4
* IP-spoofing on a local network.)
*/
client_user = packet_get_string(&ulen);
- packet_integrity_check(plen, 4 + ulen, type);
+ packet_done();
/* Try to authenticate using /etc/hosts.equiv and .rhosts. */
authenticated = auth_rhosts(pw, client_user);
verbose("Warning: keysize mismatch for client_host_key: "
"actual %d, announced %d",
BN_num_bits(client_host_key->rsa->n), bits);
- packet_integrity_check(plen, (4 + ulen) + 4 + elen + nlen, type);
+ packet_done();
authenticated = auth_rhosts_rsa(pw, client_user,
client_host_key);
if ((n = BN_new()) == NULL)
fatal("do_authloop: BN_new failed");
packet_get_bignum(n, &nlen);
- packet_integrity_check(plen, nlen, type);
+ packet_done();
authenticated = auth_rsa(pw, n);
BN_clear_free(n);
break;
* not visible to an outside observer.
*/
password = packet_get_string(&dlen);
- packet_integrity_check(plen, 4 + dlen, type);
+ packet_done();
#ifdef USE_PAM
/* Do PAM auth with password */
if (options.challenge_response_authentication == 1) {
char *response = packet_get_string(&dlen);
debug("got response '%s'", response);
- packet_integrity_check(plen, 4 + dlen, type);
+ packet_done();
authenticated = verify_response(authctxt, response);
memset(response, 'r', dlen);
xfree(response);
/* Get the user name. */
user = packet_get_string(&ulen);
- packet_integrity_check(plen, (4 + ulen), SSH_CMSG_USER);
+ packet_done();
if ((style = strchr(user, ':')) != NULL)
*style++ = '\0';
*/
#include "includes.h"
-RCSID("$OpenBSD: channels.c,v 1.150 2001/12/20 22:50:24 djm Exp $");
+RCSID("$OpenBSD: channels.c,v 1.151 2001/12/27 20:39:58 markus Exp $");
#include "ssh.h"
#include "ssh1.h"
/* Get the data. */
data = packet_get_string(&data_len);
- packet_done();
if (compat20) {
if (data_len > c->local_maxpacket) {
return;
}
c->local_window -= data_len;
- }else{
- packet_integrity_check(plen, 4 + 4 + data_len, type);
}
+ packet_done();
buffer_append(&c->output, data, data_len);
xfree(data);
}
int id;
Channel *c;
- packet_integrity_check(plen, 4, type);
-
id = packet_get_int();
+ packet_done();
c = channel_lookup(id);
if (c == NULL)
packet_disconnect("Received ieof for nonexistent channel %d.", id);
int id;
Channel *c;
- packet_integrity_check(plen, 4, type);
-
id = packet_get_int();
+ packet_done();
c = channel_lookup(id);
if (c == NULL)
packet_disconnect("Received close for nonexistent channel %d.", id);
{
int id = packet_get_int();
Channel *c = channel_lookup(id);
- packet_integrity_check(plen, 4, type);
+
+ packet_done();
if (c == NULL)
packet_disconnect("Received oclose for nonexistent channel %d.", id);
chan_rcvd_oclose(c);
int id, remote_id;
Channel *c;
- if (!compat20)
- packet_integrity_check(plen, 4 + 4, type);
-
id = packet_get_int();
c = channel_lookup(id);
if (compat20) {
c->remote_window = packet_get_int();
c->remote_maxpacket = packet_get_int();
- packet_done();
if (c->cb_fn != NULL && c->cb_event == type) {
debug2("callback start");
c->cb_fn(c->self, c->cb_arg);
debug("channel %d: open confirm rwindow %d rmax %d", c->self,
c->remote_window, c->remote_maxpacket);
}
+ packet_done();
}
static char *
char *msg = NULL, *lang = NULL;
Channel *c;
- if (!compat20)
- packet_integrity_check(plen, 4, type);
-
id = packet_get_int();
c = channel_lookup(id);
msg = packet_get_string(NULL);
lang = packet_get_string(NULL);
}
- packet_done();
log("channel %d: open failed: %s%s%s", id,
reason2txt(reason), msg ? ": ": "", msg ? msg : "");
if (msg != NULL)
if (lang != NULL)
xfree(lang);
}
+ packet_done();
/* Free the channel. This will also close the socket. */
channel_free(c);
}
int remote_id, sock;
char *name;
- packet_integrity_check(plen, 4, type);
-
/* Read the remote channel number from the message. */
remote_id = packet_get_int();
+ packet_done();
/*
* Get a connection to the local authentication agent (this may again
*/
#include "includes.h"
-RCSID("$OpenBSD: clientloop.c,v 1.91 2001/12/20 22:50:24 djm Exp $");
+RCSID("$OpenBSD: clientloop.c,v 1.92 2001/12/27 20:39:58 markus Exp $");
#include "ssh.h"
#include "ssh1.h"
{
u_int data_len;
char *data = packet_get_string(&data_len);
- packet_integrity_check(plen, 4 + data_len, type);
+ packet_done();
buffer_append(&stdout_buffer, data, data_len);
memset(data, 0, data_len);
xfree(data);
{
u_int data_len;
char *data = packet_get_string(&data_len);
- packet_integrity_check(plen, 4 + data_len, type);
+ packet_done();
buffer_append(&stderr_buffer, data, data_len);
memset(data, 0, data_len);
xfree(data);
static void
client_input_exit_status(int type, int plen, u_int32_t seq, void *ctxt)
{
- packet_integrity_check(plen, 4, type);
exit_status = packet_get_int();
+ packet_done();
/* Acknowledge the exit. */
packet_start(SSH_CMSG_EXIT_CONFIRMATION);
packet_send();
*/
#include "includes.h"
-RCSID("$OpenBSD: packet.c,v 1.77 2001/12/20 22:50:24 djm Exp $");
+RCSID("$OpenBSD: packet.c,v 1.78 2001/12/27 20:39:58 markus Exp $");
#include "xmalloc.h"
#include "buffer.h"
|| type == SSH_SMSG_FAILURE
|| type == SSH_CMSG_EOF
|| type == SSH_CMSG_EXIT_CONFIRMATION))
- packet_integrity_check(*payload_len_ptr, 0, type);
+ packet_done();
/* If we got a packet, return it. */
if (type != SSH_MSG_NONE) {
xfree(setp);
* called by a name other than "ssh" or "Secure Shell".
*/
-/* RCSID("$OpenBSD: packet.h,v 1.28 2001/12/20 22:50:24 djm Exp $"); */
+/* RCSID("$OpenBSD: packet.h,v 1.29 2001/12/27 20:39:58 markus Exp $"); */
#ifndef PACKET_H
#define PACKET_H
int packet_set_maxsize(int);
#define packet_get_maxsize() max_packet_size
-#define packet_integrity_check(payload_len, expected_len, type) \
-do { \
- int _p = (payload_len), _e = (expected_len); \
- if (_p != _e) { \
- log("Packet integrity error (%d != %d) at %s:%d", \
- _p, _e, __FILE__, __LINE__); \
- packet_disconnect("Packet integrity error. (%d)", (type)); \
- } \
-} while (0)
-
#define packet_done() \
do { \
int _len = packet_remaining(); \
*/
#include "includes.h"
-RCSID("$OpenBSD: serverloop.c,v 1.89 2001/12/21 12:17:33 markus Exp $");
+RCSID("$OpenBSD: serverloop.c,v 1.90 2001/12/27 20:39:58 markus Exp $");
#include "xmalloc.h"
#include "packet.h"
if (fdin == -1)
return;
data = packet_get_string(&data_len);
- packet_integrity_check(plen, (4 + data_len), type);
+ packet_done();
buffer_append(&stdin_buffer, data, data_len);
memset(data, 0, data_len);
xfree(data);
* drained.
*/
debug("EOF received for stdin.");
- packet_integrity_check(plen, 0, type);
+ packet_done();
stdin_eof = 1;
}
int ypixel = packet_get_int();
debug("Window change received.");
- packet_integrity_check(plen, 4 * 4, type);
+ packet_done();
if (fdin != -1)
pty_change_window_size(fdin, row, col, xpixel, ypixel);
}
*/
#include "includes.h"
-RCSID("$OpenBSD: session.c,v 1.114 2001/12/20 16:37:29 markus Exp $");
+RCSID("$OpenBSD: session.c,v 1.115 2001/12/27 20:39:58 markus Exp $");
#include "ssh.h"
#include "ssh1.h"
/* Process the packet. */
switch (type) {
case SSH_CMSG_REQUEST_COMPRESSION:
- packet_integrity_check(plen, 4, type);
compression_level = packet_get_int();
+ packet_done();
if (compression_level < 1 || compression_level > 9) {
packet_send_debug("Received illegal compression level %d.",
compression_level);
verbose("Kerberos TGT passing disabled.");
} else {
char *kdata = packet_get_string(&dlen);
- packet_integrity_check(plen, 4 + dlen, type);
+ packet_done();
/* XXX - 0x41, see creds_to_radix version */
if (kdata[0] != 0x41) {
} else {
/* Accept AFS token. */
char *token = packet_get_string(&dlen);
- packet_integrity_check(plen, 4 + dlen, type);
+ packet_done();
if (auth_afs_token(s->authctxt, token))
success = 1;
*/
#include "includes.h"
-RCSID("$OpenBSD: ssh.c,v 1.153 2001/12/20 22:50:24 djm Exp $");
+RCSID("$OpenBSD: ssh.c,v 1.154 2001/12/27 20:39:58 markus Exp $");
#include <openssl/evp.h>
#include <openssl/err.h>
/* Read response from the server. */
type = packet_read(&plen);
- packet_integrity_check(plen, 0, type);
+ packet_done();
if (type != SSH_SMSG_SUCCESS)
log("Warning: Remote host denied authentication agent forwarding.");
}
*/
#include "includes.h"
-RCSID("$OpenBSD: sshconnect1.c,v 1.43 2001/12/27 18:22:16 markus Exp $");
+RCSID("$OpenBSD: sshconnect1.c,v 1.44 2001/12/27 20:39:58 markus Exp $");
#include <openssl/bn.h>
#include <openssl/evp.h>
type);
packet_get_bignum(challenge, &clen);
-
- packet_integrity_check(plen, clen, type);
+ packet_done();
debug("Received RSA challenge from server.");
if ((challenge = BN_new()) == NULL)
fatal("try_rsa_authentication: BN_new failed");
packet_get_bignum(challenge, &clen);
-
- packet_integrity_check(plen, clen, type);
+ packet_done();
debug("Received RSA challenge from server.");
if ((challenge = BN_new()) == NULL)
fatal("try_rhosts_rsa_authentication: BN_new failed");
packet_get_bignum(challenge, &clen);
-
- packet_integrity_check(plen, clen, type);
+ packet_done();
debug("Received RSA challenge for host key from server.");
memcpy(auth.dat, reply, auth.length);
xfree(reply);
- packet_integrity_check(plen, 4 + auth.length, type);
+ packet_done();
/*
* If his response isn't properly encrypted with the session
/* Get server's response. */
ap.data = packet_get_string((unsigned int *) &ap.length);
-
- packet_integrity_check(payload_len, 4 + ap.length, type);
+ packet_done();
/* XXX je to dobre? */
problem = krb5_rd_rep(*context, *auth_context, &ap, &reply);
return 0;
}
challenge = packet_get_string(&clen);
- packet_integrity_check(payload_len, (4 + clen), type);
+ packet_done();
snprintf(prompt, sizeof prompt, "%s%s", challenge,
strchr(challenge, '\n') ? "" : "\nResponse: ");
xfree(challenge);
supported_ciphers = packet_get_int();
supported_authentications = packet_get_int();
+ packet_done();
debug("Received server public key (%d bits) and host key (%d bits).",
BN_num_bits(server_key->rsa->n), BN_num_bits(host_key->rsa->n));
- packet_integrity_check(payload_len,
- 8 + 4 + sum_len + 0 + 4 + 0 + 0 + 4 + 4 + 4,
- SSH_SMSG_PUBLIC_KEY);
if (verify_host_key(host, hostaddr, host_key) == -1)
fatal("Host key verification failed.");
*/
#include "includes.h"
-RCSID("$OpenBSD: sshd.c,v 1.218 2001/12/27 18:22:16 markus Exp $");
+RCSID("$OpenBSD: sshd.c,v 1.219 2001/12/27 20:39:58 markus Exp $");
#include <openssl/dh.h>
#include <openssl/bn.h>
protocol_flags = packet_get_int();
packet_set_protocol_flags(protocol_flags);
-
- packet_integrity_check(plen, 1 + 8 + slen + 4, SSH_CMSG_SESSION_KEY);
+ packet_done();
/*
* Decrypt it using our private server key and private host key (key
andersk / openssh.git / commitdiff
