unsigned char buf[4];
int ret;
int len, pad, biglen;
+ unsigned long realcrc, gotcrc;
next_packet:
pktin.length = len;
if (pktin.maxlen < biglen) {
pktin.maxlen = biglen;
+#ifdef MSCRYPTOAPI
+ /* allocate enough buffer space for extra block
+ * for MS CryptEncrypt() */
+ pktin.data = (pktin.data == NULL) ?
+ smalloc(biglen+8) : srealloc(pktin.data, biglen+8);
+#else
pktin.data = (pktin.data == NULL) ?
- smalloc(biglen) : srealloc(pktin.data, biglen);
+ smalloc(biglen) : srealloc(pktin.data, biglen);
+#endif
}
ret = s_read(pktin.data, biglen);
pktin.type = pktin.data[pad];
pktin.body = pktin.data + pad + 1;
+ realcrc = crc32(pktin.data, biglen-4);
+ gotcrc = (pktin.data[biglen-4] << 24);
+ gotcrc |= (pktin.data[biglen-3] << 16);
+ gotcrc |= (pktin.data[biglen-2] << 8);
+ gotcrc |= (pktin.data[biglen-1] << 0);
+ if (gotcrc != realcrc) {
+ fatalbox("Incorrect CRC received on packet");
+ }
+
if (pktin.type == SSH_MSG_DEBUG) {
if (verbose) {
int len = GET_32BIT(pktin.body);
pktout.length = len-5;
if (pktout.maxlen < biglen) {
pktout.maxlen = biglen;
+#ifdef MSCRYPTOAPI
+ /* Allocate enough buffer space for extra block
+ * for MS CryptEncrypt() */
+ pktout.data = (pktout.data == NULL ? malloc(biglen+8) :
+ realloc(pktout.data, biglen+8));
+#else
pktout.data = (pktout.data == NULL ? malloc(biglen+4) :
realloc(pktout.data, biglen+4));
+#endif
if (!pktout.data)
fatalbox("Out of memory");
}
if (!rsabuf)
fatalbox("Out of memory");
- verify_ssh_host_key(savedhost, &hostkey);
+ /*
+ * Verify the host key.
+ */
+ {
+ /*
+ * First format the key into a string.
+ */
+ int len = rsastr_len(&hostkey);
+ char *keystr = malloc(len);
+ if (!keystr)
+ fatalbox("Out of memory");
+ rsastr_fmt(keystr, &hostkey);
+ verify_ssh_host_key(savedhost, keystr);
+ free(keystr);
+ }
for (i=0; i<32; i++) {
rsabuf[i] = session_key[i];
return 0;
if (pktin.type == SSH_SMSG_STDOUT_DATA) {
int plen = GET_32BIT(pktin.body);
- if (plen <= to_read) {
+ if (plen+4 != pktin.length) {
+ fprintf(stderr, "Received data packet with bogus string length"
+ ", ignoring\n");
+ } else if (plen <= to_read) {
memcpy(buf, pktin.body + 4, plen);
buf += plen;
to_read -= plen;
}
} else if (pktin.type == SSH_SMSG_STDERR_DATA) {
int plen = GET_32BIT(pktin.body);
- fwrite(pktin.body + 4, plen, 1, stderr);
+ if (plen+4 != pktin.length) {
+ fprintf(stderr, "Received data packet with bogus string length"
+ ", ignoring\n");
+ } else
+ fwrite(pktin.body + 4, plen, 1, stderr);
} else if (pktin.type == SSH_MSG_DISCONNECT) {
} else if (pktin.type == SSH_SMSG_SUCCESS ||
pktin.type == SSH_SMSG_FAILURE) {
int FWport;
#endif
+#ifdef MSCRYPTOAPI
+ if(crypto_startup() == 0)
+ return "Microsoft high encryption pack not installed!";
+#endif
+
savedhost = malloc(1+strlen(host));
if (!savedhost)
fatalbox("Out of memory");