From 95500969652dbe32f924217f71b2abed67f85228 Mon Sep 17 00:00:00 2001 From: djm Date: Tue, 22 Jan 2002 12:11:38 +0000 Subject: [PATCH] - markus@cvs.openbsd.org 2001/12/27 20:39:58 [auth1.c auth-rsa.c channels.c clientloop.c packet.c packet.h serverloop.c session.c ssh.c sshconnect1.c sshd.c ttymodes.c] get rid of packet_integrity_check, use packet_done() instead. --- ChangeLog | 4 ++++ auth-rsa.c | 4 ++-- auth1.c | 16 ++++++++-------- auth2-chall.c | 4 ++-- auth2.c | 14 +++++++------- channels.c | 26 +++++++++++++------------- clientloop.c | 14 +++++++------- kex.c | 4 ++-- kexdh.c | 4 ++-- kexgex.c | 8 ++++---- packet.c | 4 ++-- packet.h | 5 +++-- serverloop.c | 12 ++++++------ session.c | 26 +++++++++++++------------- ssh.c | 6 +++--- sshconnect1.c | 16 ++++++++-------- sshconnect2.c | 10 +++++----- sshd.c | 4 ++-- ttymodes.c | 3 +-- 19 files changed, 94 insertions(+), 90 deletions(-) diff --git a/ChangeLog b/ChangeLog index 2e31e34a..1a6e3193 100644 --- a/ChangeLog +++ b/ChangeLog @@ -51,6 +51,10 @@ - markus@cvs.openbsd.org 2001/12/27 19:54:53 [auth1.c auth.h auth-rh-rsa.c] auth_rhosts_rsa now accept generic keys. + - markus@cvs.openbsd.org 2001/12/27 20:39:58 + [auth1.c auth-rsa.c channels.c clientloop.c packet.c packet.h] + [serverloop.c session.c ssh.c sshconnect1.c sshd.c ttymodes.c] + get rid of packet_integrity_check, use packet_done() instead. 20020121 - (djm) Rework ssh-rand-helper: diff --git a/auth-rsa.c b/auth-rsa.c index 1d74a79c..4403c149 100644 --- a/auth-rsa.c +++ b/auth-rsa.c @@ -14,7 +14,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: auth-rsa.c,v 1.48 2001/12/27 20:39:58 markus Exp $"); +RCSID("$OpenBSD: auth-rsa.c,v 1.49 2001/12/28 12:14:27 markus Exp $"); #include #include @@ -94,7 +94,7 @@ auth_rsa_challenge_dialog(RSA *pk) packet_read_expect(&plen, SSH_CMSG_AUTH_RSA_RESPONSE); for (i = 0; i < 16; i++) response[i] = packet_get_char(); - packet_done(); + packet_check_eom(); /* The response is MD5 of decrypted challenge plus session id. */ len = BN_num_bytes(challenge); diff --git a/auth1.c b/auth1.c index 2ea638b9..42524cc9 100644 --- a/auth1.c +++ b/auth1.c @@ -10,7 +10,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: auth1.c,v 1.31 2001/12/27 20:39:58 markus Exp $"); +RCSID("$OpenBSD: auth1.c,v 1.32 2001/12/28 12:14:27 markus Exp $"); #include "xmalloc.h" #include "rsa.h" @@ -120,7 +120,7 @@ do_authloop(Authctxt *authctxt) verbose("Kerberos authentication disabled."); } else { char *kdata = packet_get_string(&dlen); - packet_done(); + packet_check_eom(); if (kdata[0] == 4) { /* KRB_PROT_VERSION */ #ifdef KRB4 @@ -180,7 +180,7 @@ do_authloop(Authctxt *authctxt) * IP-spoofing on a local network.) */ client_user = packet_get_string(&ulen); - packet_done(); + packet_check_eom(); /* Try to authenticate using /etc/hosts.equiv and .rhosts. */ authenticated = auth_rhosts(pw, client_user); @@ -210,7 +210,7 @@ do_authloop(Authctxt *authctxt) verbose("Warning: keysize mismatch for client_host_key: " "actual %d, announced %d", BN_num_bits(client_host_key->rsa->n), bits); - packet_done(); + packet_check_eom(); authenticated = auth_rhosts_rsa(pw, client_user, client_host_key); @@ -228,7 +228,7 @@ do_authloop(Authctxt *authctxt) if ((n = BN_new()) == NULL) fatal("do_authloop: BN_new failed"); packet_get_bignum(n, &nlen); - packet_done(); + packet_check_eom(); authenticated = auth_rsa(pw, n); BN_clear_free(n); break; @@ -244,7 +244,7 @@ do_authloop(Authctxt *authctxt) * not visible to an outside observer. */ password = packet_get_string(&dlen); - packet_done(); + packet_check_eom(); #ifdef USE_PAM /* Do PAM auth with password */ @@ -282,7 +282,7 @@ do_authloop(Authctxt *authctxt) if (options.challenge_response_authentication == 1) { char *response = packet_get_string(&dlen); debug("got response '%s'", response); - packet_done(); + packet_check_eom(); authenticated = verify_response(authctxt, response); memset(response, 'r', dlen); xfree(response); @@ -369,7 +369,7 @@ do_authentication(void) /* Get the user name. */ user = packet_get_string(&ulen); - packet_done(); + packet_check_eom(); if ((style = strchr(user, ':')) != NULL) *style++ = '\0'; diff --git a/auth2-chall.c b/auth2-chall.c index 8679f632..4211b0f6 100644 --- a/auth2-chall.c +++ b/auth2-chall.c @@ -23,7 +23,7 @@ * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ #include "includes.h" -RCSID("$OpenBSD: auth2-chall.c,v 1.11 2001/12/20 22:50:24 djm Exp $"); +RCSID("$OpenBSD: auth2-chall.c,v 1.12 2001/12/28 12:14:27 markus Exp $"); #include "ssh2.h" #include "auth.h" @@ -257,7 +257,7 @@ input_userauth_info_response(int type, int plen, u_int32_t seq, void *ctxt) for (i = 0; i < nresp; i++) response[i] = packet_get_string(NULL); } - packet_done(); + packet_check_eom(); if (authctxt->valid) { res = kbdintctxt->device->respond(kbdintctxt->ctxt, diff --git a/auth2.c b/auth2.c index 2b23651f..1ad905f1 100644 --- a/auth2.c +++ b/auth2.c @@ -23,7 +23,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: auth2.c,v 1.78 2001/12/20 22:50:24 djm Exp $"); +RCSID("$OpenBSD: auth2.c,v 1.79 2001/12/28 12:14:27 markus Exp $"); #include @@ -146,7 +146,7 @@ input_service_request(int type, int plen, u_int32_t seq, void *ctxt) u_int len; int accept = 0; char *service = packet_get_string(&len); - packet_done(); + packet_check_eom(); if (authctxt == NULL) fatal("input_service_request: no authctxt"); @@ -328,7 +328,7 @@ userauth_none(Authctxt *authctxt) Authmethod *m = authmethod_lookup("none"); if (m != NULL) m->enabled = NULL; - packet_done(); + packet_check_eom(); userauth_banner(); if (authctxt->valid == 0) @@ -358,7 +358,7 @@ userauth_passwd(Authctxt *authctxt) if (change) log("password change not supported"); password = packet_get_string(&len); - packet_done(); + packet_check_eom(); if (authctxt->valid && #ifdef HAVE_CYGWIN check_nt_auth(1, authctxt->pw) && @@ -384,7 +384,7 @@ userauth_kbdint(Authctxt *authctxt) lang = packet_get_string(NULL); devs = packet_get_string(NULL); - packet_done(); + packet_check_eom(); debug("keyboard-interactive devs %s", devs); @@ -444,7 +444,7 @@ userauth_pubkey(Authctxt *authctxt) if (key != NULL) { if (have_sig) { sig = packet_get_string(&slen); - packet_done(); + packet_check_eom(); buffer_init(&b); if (datafellows & SSH_OLD_SESSIONID) { buffer_append(&b, session_id2, session_id2_len); @@ -477,7 +477,7 @@ userauth_pubkey(Authctxt *authctxt) xfree(sig); } else { debug("test whether pkalg/pkblob are acceptable"); - packet_done(); + packet_check_eom(); /* XXX fake reply and always send PK_OK ? */ /* diff --git a/channels.c b/channels.c index 9f042d44..163312c5 100644 --- a/channels.c +++ b/channels.c @@ -39,7 +39,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: channels.c,v 1.151 2001/12/27 20:39:58 markus Exp $"); +RCSID("$OpenBSD: channels.c,v 1.152 2001/12/28 12:14:27 markus Exp $"); #include "ssh.h" #include "ssh1.h" @@ -1748,7 +1748,7 @@ channel_input_data(int type, int plen, u_int32_t seq, void *ctxt) } c->local_window -= data_len; } - packet_done(); + packet_check_eom(); buffer_append(&c->output, data, data_len); xfree(data); } @@ -1780,7 +1780,7 @@ channel_input_extended_data(int type, int plen, u_int32_t seq, void *ctxt) return; } data = packet_get_string(&data_len); - packet_done(); + packet_check_eom(); if (data_len > c->local_window) { log("channel %d: rcvd too much extended_data %d, win %d", c->self, data_len, c->local_window); @@ -1800,7 +1800,7 @@ channel_input_ieof(int type, int plen, u_int32_t seq, void *ctxt) Channel *c; id = packet_get_int(); - packet_done(); + packet_check_eom(); c = channel_lookup(id); if (c == NULL) packet_disconnect("Received ieof for nonexistent channel %d.", id); @@ -1821,7 +1821,7 @@ channel_input_close(int type, int plen, u_int32_t seq, void *ctxt) Channel *c; id = packet_get_int(); - packet_done(); + packet_check_eom(); c = channel_lookup(id); if (c == NULL) packet_disconnect("Received close for nonexistent channel %d.", id); @@ -1858,7 +1858,7 @@ channel_input_oclose(int type, int plen, u_int32_t seq, void *ctxt) int id = packet_get_int(); Channel *c = channel_lookup(id); - packet_done(); + packet_check_eom(); if (c == NULL) packet_disconnect("Received oclose for nonexistent channel %d.", id); chan_rcvd_oclose(c); @@ -1870,7 +1870,7 @@ channel_input_close_confirmation(int type, int plen, u_int32_t seq, void *ctxt) int id = packet_get_int(); Channel *c = channel_lookup(id); - packet_done(); + packet_check_eom(); if (c == NULL) packet_disconnect("Received close confirmation for " "out-of-range channel %d.", id); @@ -1908,7 +1908,7 @@ channel_input_open_confirmation(int type, int plen, u_int32_t seq, void *ctxt) debug("channel %d: open confirm rwindow %d rmax %d", c->self, c->remote_window, c->remote_maxpacket); } - packet_done(); + packet_check_eom(); } static char * @@ -1953,7 +1953,7 @@ channel_input_open_failure(int type, int plen, u_int32_t seq, void *ctxt) if (lang != NULL) xfree(lang); } - packet_done(); + packet_check_eom(); /* Free the channel. This will also close the socket. */ channel_free(c); } @@ -2002,7 +2002,7 @@ channel_input_window_adjust(int type, int plen, u_int32_t seq, void *ctxt) return; } adjust = packet_get_int(); - packet_done(); + packet_check_eom(); debug2("channel %d: rcvd adjust %d", id, adjust); c->remote_window += adjust; } @@ -2024,7 +2024,7 @@ channel_input_port_open(int type, int plen, u_int32_t seq, void *ctxt) } else { originator_string = xstrdup("unknown (remote did not supply name)"); } - packet_done(); + packet_check_eom(); sock = channel_connect_to(host, host_port); if (sock != -1) { c = channel_new("connected socket", @@ -2630,7 +2630,7 @@ x11_input_open(int type, int plen, u_int32_t seq, void *ctxt) } else { remote_host = xstrdup("unknown (remote did not supply name)"); } - packet_done(); + packet_check_eom(); /* Obtain a connection to the real X display. */ sock = x11_connect_display(); @@ -2881,7 +2881,7 @@ auth_input_open_request(int type, int plen, u_int32_t seq, void *ctxt) /* Read the remote channel number from the message. */ remote_id = packet_get_int(); - packet_done(); + packet_check_eom(); /* * Get a connection to the local authentication agent (this may again diff --git a/clientloop.c b/clientloop.c index f7171755..3231b212 100644 --- a/clientloop.c +++ b/clientloop.c @@ -59,7 +59,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: clientloop.c,v 1.92 2001/12/27 20:39:58 markus Exp $"); +RCSID("$OpenBSD: clientloop.c,v 1.93 2001/12/28 12:14:27 markus Exp $"); #include "ssh.h" #include "ssh1.h" @@ -1012,7 +1012,7 @@ client_input_stdout_data(int type, int plen, u_int32_t seq, void *ctxt) { u_int data_len; char *data = packet_get_string(&data_len); - packet_done(); + packet_check_eom(); buffer_append(&stdout_buffer, data, data_len); memset(data, 0, data_len); xfree(data); @@ -1022,7 +1022,7 @@ client_input_stderr_data(int type, int plen, u_int32_t seq, void *ctxt) { u_int data_len; char *data = packet_get_string(&data_len); - packet_done(); + packet_check_eom(); buffer_append(&stderr_buffer, data, data_len); memset(data, 0, data_len); xfree(data); @@ -1031,7 +1031,7 @@ static void client_input_exit_status(int type, int plen, u_int32_t seq, void *ctxt) { exit_status = packet_get_int(); - packet_done(); + packet_check_eom(); /* Acknowledge the exit. */ packet_start(SSH_CMSG_EXIT_CONFIRMATION); packet_send(); @@ -1057,7 +1057,7 @@ client_request_forwarded_tcpip(const char *request_type, int rchan) listen_port = packet_get_int(); originator_address = packet_get_string(NULL); originator_port = packet_get_int(); - packet_done(); + packet_check_eom(); debug("client_request_forwarded_tcpip: listen %s port %d, originator %s port %d", listen_address, listen_port, originator_address, originator_port); @@ -1101,7 +1101,7 @@ client_request_x11(const char *request_type, int rchan) } else { originator_port = packet_get_int(); } - packet_done(); + packet_check_eom(); /* XXX check permission */ debug("client_request_x11: request from %s %d", originator, originator_port); @@ -1226,7 +1226,7 @@ client_input_channel_req(int type, int plen, u_int32_t seq, void *ctxt) } else if (strcmp(rtype, "exit-status") == 0) { success = 1; exit_status = packet_get_int(); - packet_done(); + packet_check_eom(); } if (reply) { packet_start(success ? diff --git a/kex.c b/kex.c index 8e3d83be..e4163214 100644 --- a/kex.c +++ b/kex.c @@ -23,7 +23,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: kex.c,v 1.38 2001/12/20 22:50:24 djm Exp $"); +RCSID("$OpenBSD: kex.c,v 1.39 2001/12/28 12:14:27 markus Exp $"); #include @@ -187,7 +187,7 @@ kex_input_kexinit(int type, int plen, u_int32_t seq, void *ctxt) xfree(packet_get_string(NULL)); packet_get_char(); packet_get_int(); - packet_done(); + packet_check_eom(); kex_kexinit_finish(kex); } diff --git a/kexdh.c b/kexdh.c index 059b41c4..43a14f55 100644 --- a/kexdh.c +++ b/kexdh.c @@ -23,7 +23,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: kexdh.c,v 1.9 2001/12/27 19:37:22 markus Exp $"); +RCSID("$OpenBSD: kexdh.c,v 1.10 2001/12/28 12:14:27 markus Exp $"); #include #include @@ -142,7 +142,7 @@ kexdh_client(Kex *kex) /* signed H */ signature = packet_get_string(&slen); - packet_done(); + packet_check_eom(); if (!dh_pub_is_valid(dh, dh_server_pub)) packet_disconnect("bad server public DH value"); diff --git a/kexgex.c b/kexgex.c index 8822c8dc..49f639c6 100644 --- a/kexgex.c +++ b/kexgex.c @@ -24,7 +24,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: kexgex.c,v 1.12 2001/12/27 19:37:23 markus Exp $"); +RCSID("$OpenBSD: kexgex.c,v 1.13 2001/12/28 12:14:27 markus Exp $"); #include @@ -146,7 +146,7 @@ kexgex_client(Kex *kex) if ((g = BN_new()) == NULL) fatal("BN_new"); packet_get_bignum2(g, &dlen); - packet_done(); + packet_check_eom(); if (BN_num_bits(p) < min || BN_num_bits(p) > max) fatal("DH_GEX group out of range: %d !< %d !< %d", @@ -196,7 +196,7 @@ kexgex_client(Kex *kex) /* signed H */ signature = packet_get_string(&slen); - packet_done(); + packet_check_eom(); if (!dh_pub_is_valid(dh, dh_server_pub)) packet_disconnect("bad server public DH value"); @@ -289,7 +289,7 @@ kexgex_server(Kex *kex) default: fatal("protocol error during kex, no DH_GEX_REQUEST: %d", type); } - packet_done(); + packet_check_eom(); if (max < min || nbits < min || max < nbits) fatal("DH_GEX_REQUEST, bad parameters: %d !< %d !< %d", diff --git a/packet.c b/packet.c index ee64060e..ea16847d 100644 --- a/packet.c +++ b/packet.c @@ -37,7 +37,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: packet.c,v 1.78 2001/12/27 20:39:58 markus Exp $"); +RCSID("$OpenBSD: packet.c,v 1.79 2001/12/28 12:14:27 markus Exp $"); #include "xmalloc.h" #include "buffer.h" @@ -632,7 +632,7 @@ packet_read_seqnr(int *payload_len_ptr, u_int32_t *seqnr_p) || type == SSH_SMSG_FAILURE || type == SSH_CMSG_EOF || type == SSH_CMSG_EXIT_CONFIRMATION)) - packet_done(); + packet_check_eom(); /* If we got a packet, return it. */ if (type != SSH_MSG_NONE) { xfree(setp); diff --git a/packet.h b/packet.h index 11e8be8c..269b4c7f 100644 --- a/packet.h +++ b/packet.h @@ -11,7 +11,7 @@ * called by a name other than "ssh" or "Secure Shell". */ -/* RCSID("$OpenBSD: packet.h,v 1.29 2001/12/27 20:39:58 markus Exp $"); */ +/* RCSID("$OpenBSD: packet.h,v 1.30 2001/12/28 12:14:27 markus Exp $"); */ #ifndef PACKET_H #define PACKET_H @@ -74,7 +74,8 @@ extern int max_packet_size; int packet_set_maxsize(int); #define packet_get_maxsize() max_packet_size -#define packet_done() \ +/* don't allow remaining bytes after the end of the message */ +#define packet_check_eom() \ do { \ int _len = packet_remaining(); \ if (_len > 0) { \ diff --git a/serverloop.c b/serverloop.c index 39aa1560..aa74bf9a 100644 --- a/serverloop.c +++ b/serverloop.c @@ -35,7 +35,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: serverloop.c,v 1.90 2001/12/27 20:39:58 markus Exp $"); +RCSID("$OpenBSD: serverloop.c,v 1.91 2001/12/28 12:14:27 markus Exp $"); #include "xmalloc.h" #include "packet.h" @@ -806,7 +806,7 @@ server_input_stdin_data(int type, int plen, u_int32_t seq, void *ctxt) if (fdin == -1) return; data = packet_get_string(&data_len); - packet_done(); + packet_check_eom(); buffer_append(&stdin_buffer, data, data_len); memset(data, 0, data_len); xfree(data); @@ -821,7 +821,7 @@ server_input_eof(int type, int plen, u_int32_t seq, void *ctxt) * drained. */ debug("EOF received for stdin."); - packet_done(); + packet_check_eom(); stdin_eof = 1; } @@ -834,7 +834,7 @@ server_input_window_size(int type, int plen, u_int32_t seq, void *ctxt) int ypixel = packet_get_int(); debug("Window change received."); - packet_done(); + packet_check_eom(); if (fdin != -1) pty_change_window_size(fdin, row, col, xpixel, ypixel); } @@ -851,7 +851,7 @@ server_request_direct_tcpip(char *ctype) target_port = packet_get_int(); originator = packet_get_string(NULL); originator_port = packet_get_int(); - packet_done(); + packet_check_eom(); debug("server_request_direct_tcpip: originator %s port %d, target %s port %d", originator, originator_port, target, target_port); @@ -878,7 +878,7 @@ server_request_session(char *ctype) Channel *c; debug("input_session_request"); - packet_done(); + packet_check_eom(); /* * A server session has no fd to read or write until a * CHANNEL_REQUEST for a shell is made, so we set the type to diff --git a/session.c b/session.c index 61284104..43cbd00b 100644 --- a/session.c +++ b/session.c @@ -33,7 +33,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: session.c,v 1.115 2001/12/27 20:39:58 markus Exp $"); +RCSID("$OpenBSD: session.c,v 1.116 2001/12/28 12:14:27 markus Exp $"); #include "ssh.h" #include "ssh1.h" @@ -255,7 +255,7 @@ do_authenticated1(Authctxt *authctxt) switch (type) { case SSH_CMSG_REQUEST_COMPRESSION: compression_level = packet_get_int(); - packet_done(); + packet_check_eom(); if (compression_level < 1 || compression_level > 9) { packet_send_debug("Received illegal compression level %d.", compression_level); @@ -286,7 +286,7 @@ do_authenticated1(Authctxt *authctxt) } else { s->screen = 0; } - packet_done(); + packet_check_eom(); success = session_setup_x11fwd(s); if (!success) { xfree(s->auth_proto); @@ -330,7 +330,7 @@ do_authenticated1(Authctxt *authctxt) verbose("Kerberos TGT passing disabled."); } else { char *kdata = packet_get_string(&dlen); - packet_done(); + packet_check_eom(); /* XXX - 0x41, see creds_to_radix version */ if (kdata[0] != 0x41) { @@ -364,7 +364,7 @@ do_authenticated1(Authctxt *authctxt) } else { /* Accept AFS token. */ char *token = packet_get_string(&dlen); - packet_done(); + packet_check_eom(); if (auth_afs_token(s->authctxt, token)) success = 1; @@ -386,7 +386,7 @@ do_authenticated1(Authctxt *authctxt) } else { do_exec(s, NULL); } - packet_done(); + packet_check_eom(); session_close(s); return; @@ -1575,7 +1575,7 @@ session_window_change_req(Session *s) s->row = packet_get_int(); s->xpixel = packet_get_int(); s->ypixel = packet_get_int(); - packet_done(); + packet_check_eom(); pty_change_window_size(s->ptyfd, s->row, s->col, s->xpixel, s->ypixel); return 1; } @@ -1640,7 +1640,7 @@ session_pty_req(Session *s) /* Set window size from the packet. */ pty_change_window_size(s->ptyfd, s->row, s->col, s->xpixel, s->ypixel); - packet_done(); + packet_check_eom(); session_proctitle(s); return 1; } @@ -1654,7 +1654,7 @@ session_subsystem_req(Session *s) char *cmd, *subsys = packet_get_string(&len); int i; - packet_done(); + packet_check_eom(); log("subsystem request for %s", subsys); for (i = 0; i < options.num_subsystems; i++) { @@ -1689,7 +1689,7 @@ session_x11_req(Session *s) s->auth_proto = packet_get_string(NULL); s->auth_data = packet_get_string(NULL); s->screen = packet_get_int(); - packet_done(); + packet_check_eom(); success = session_setup_x11fwd(s); if (!success) { @@ -1704,7 +1704,7 @@ session_x11_req(Session *s) static int session_shell_req(Session *s) { - packet_done(); + packet_check_eom(); do_exec(s, NULL); return 1; } @@ -1714,7 +1714,7 @@ session_exec_req(Session *s) { u_int len; char *command = packet_get_string(&len); - packet_done(); + packet_check_eom(); do_exec(s, command); xfree(command); return 1; @@ -1724,7 +1724,7 @@ static int session_auth_agent_req(Session *s) { static int called = 0; - packet_done(); + packet_check_eom(); if (no_agent_forwarding_flag) { debug("session_auth_agent_req: no_agent_forwarding_flag"); return 0; diff --git a/ssh.c b/ssh.c index b6728f4d..76d45c96 100644 --- a/ssh.c +++ b/ssh.c @@ -39,7 +39,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: ssh.c,v 1.154 2001/12/27 20:39:58 markus Exp $"); +RCSID("$OpenBSD: ssh.c,v 1.155 2001/12/28 12:14:27 markus Exp $"); #include #include @@ -976,7 +976,7 @@ ssh_session(void) /* Read response from the server. */ type = packet_read(&plen); - packet_done(); + packet_check_eom(); if (type != SSH_SMSG_SUCCESS) log("Warning: Remote host denied authentication agent forwarding."); } @@ -1023,7 +1023,7 @@ client_subsystem_reply(int type, int plen, u_int32_t seq, void *ctxt) len = buffer_len(&command); if (len > 900) len = 900; - packet_done(); + packet_check_eom(); if (type == SSH2_MSG_CHANNEL_FAILURE) fatal("Request for subsystem '%.*s' failed on channel %d", len, (u_char *)buffer_ptr(&command), id); diff --git a/sshconnect1.c b/sshconnect1.c index 240bdffe..a5fef103 100644 --- a/sshconnect1.c +++ b/sshconnect1.c @@ -13,7 +13,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: sshconnect1.c,v 1.44 2001/12/27 20:39:58 markus Exp $"); +RCSID("$OpenBSD: sshconnect1.c,v 1.45 2001/12/28 12:14:27 markus Exp $"); #include #include @@ -109,7 +109,7 @@ try_agent_authentication(void) type); packet_get_bignum(challenge, &clen); - packet_done(); + packet_check_eom(); debug("Received RSA challenge from server."); @@ -243,7 +243,7 @@ try_rsa_authentication(int idx) if ((challenge = BN_new()) == NULL) fatal("try_rsa_authentication: BN_new failed"); packet_get_bignum(challenge, &clen); - packet_done(); + packet_check_eom(); debug("Received RSA challenge from server."); @@ -357,7 +357,7 @@ try_rhosts_rsa_authentication(const char *local_user, Key * host_key) if ((challenge = BN_new()) == NULL) fatal("try_rhosts_rsa_authentication: BN_new failed"); packet_get_bignum(challenge, &clen); - packet_done(); + packet_check_eom(); debug("Received RSA challenge for host key from server."); @@ -464,7 +464,7 @@ try_krb4_authentication(void) memcpy(auth.dat, reply, auth.length); xfree(reply); - packet_done(); + packet_check_eom(); /* * If his response isn't properly encrypted with the session @@ -573,7 +573,7 @@ try_krb5_authentication(krb5_context *context, krb5_auth_context *auth_context) /* Get server's response. */ ap.data = packet_get_string((unsigned int *) &ap.length); - packet_done(); + packet_check_eom(); /* XXX je to dobre? */ problem = krb5_rd_rep(*context, *auth_context, &ap, &reply); @@ -838,7 +838,7 @@ try_challenge_response_authentication(void) return 0; } challenge = packet_get_string(&clen); - packet_done(); + packet_check_eom(); snprintf(prompt, sizeof prompt, "%s%s", challenge, strchr(challenge, '\n') ? "" : "\nResponse: "); xfree(challenge); @@ -964,7 +964,7 @@ ssh_kex(char *host, struct sockaddr *hostaddr) supported_ciphers = packet_get_int(); supported_authentications = packet_get_int(); - packet_done(); + packet_check_eom(); debug("Received server public key (%d bits) and host key (%d bits).", BN_num_bits(server_key->rsa->n), BN_num_bits(host_key->rsa->n)); diff --git a/sshconnect2.c b/sshconnect2.c index d7143cd1..cf873b8d 100644 --- a/sshconnect2.c +++ b/sshconnect2.c @@ -23,7 +23,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: sshconnect2.c,v 1.89 2001/12/20 22:50:24 djm Exp $"); +RCSID("$OpenBSD: sshconnect2.c,v 1.90 2001/12/28 12:14:27 markus Exp $"); #include #include @@ -247,7 +247,7 @@ ssh_userauth2(const char *local_user, const char *server_user, char *host, } else { debug("buggy server: service_accept w/o service"); } - packet_done(); + packet_check_eom(); debug("got SSH2_MSG_SERVICE_ACCEPT"); if (options.preferred_authentications == NULL) @@ -347,7 +347,7 @@ input_userauth_failure(int type, int plen, u_int32_t seq, void *ctxt) authlist = packet_get_string(NULL); partial = packet_get_char(); - packet_done(); + packet_check_eom(); if (partial != 0) log("Authenticated with partial success."); @@ -379,7 +379,7 @@ input_userauth_pk_ok(int type, int plen, u_int32_t seq, void *ctxt) pkalg = packet_get_string(&alen); pkblob = packet_get_string(&blen); } - packet_done(); + packet_check_eom(); debug("input_userauth_pk_ok: pkalg %s blen %d lastkey %p hint %d", pkalg, blen, authctxt->last_key, authctxt->last_key_hint); @@ -815,7 +815,7 @@ input_userauth_info_req(int type, int plen, u_int32_t seq, void *ctxt) xfree(response); xfree(prompt); } - packet_done(); /* done with parsing incoming message. */ + packet_check_eom(); /* done with parsing incoming message. */ packet_add_padding(64); packet_send(); diff --git a/sshd.c b/sshd.c index 53075420..b5f995c0 100644 --- a/sshd.c +++ b/sshd.c @@ -40,7 +40,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: sshd.c,v 1.219 2001/12/27 20:39:58 markus Exp $"); +RCSID("$OpenBSD: sshd.c,v 1.220 2001/12/28 12:14:27 markus Exp $"); #include #include @@ -1358,7 +1358,7 @@ do_ssh1_kex(void) protocol_flags = packet_get_int(); packet_set_protocol_flags(protocol_flags); - packet_done(); + packet_check_eom(); /* * Decrypt it using our private server key and private host key (key diff --git a/ttymodes.c b/ttymodes.c index ada3a148..ccc001f2 100644 --- a/ttymodes.c +++ b/ttymodes.c @@ -43,7 +43,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: ttymodes.c,v 1.15 2001/12/19 07:18:56 deraadt Exp $"); +RCSID("$OpenBSD: ttymodes.c,v 1.16 2001/12/27 20:39:58 markus Exp $"); #include "packet.h" #include "log.h" @@ -422,7 +422,6 @@ tty_parse_modes(int fd, int *n_bytes_ptr) * more coming after the mode data. */ log("parse_tty_modes: unknown opcode %d", opcode); - packet_integrity_check(0, 1, SSH_CMSG_REQUEST_PTY); goto set; } } else { -- 2.45.1