#include <stdarg.h>
#include <assert.h>
#include <limits.h>
+#include <signal.h>
#include "putty.h"
#include "tree234.h"
ssh2_pkt_send_noqueue(ssh, pkt);
}
-#if 0 /* disused */
/*
* Either queue or defer a packet, depending on whether queueing is
* set.
else
ssh2_pkt_defer_noqueue(ssh, pkt, FALSE);
}
-#endif
/*
* Send the whole deferred data block constructed by
ssh->deferred_data_size = 0;
}
+/*
+ * Send a packet whose length needs to be disguised (typically
+ * passwords or keyboard-interactive responses).
+ */
+static void ssh2_pkt_send_with_padding(Ssh ssh, struct Packet *pkt,
+ int padsize)
+{
+#if 0
+ if (0) {
+ /*
+ * The simplest way to do this is to adjust the
+ * variable-length padding field in the outgoing packet.
+ *
+ * Currently compiled out, because some Cisco SSH servers
+ * don't like excessively padded packets (bah, why's it
+ * always Cisco?)
+ */
+ pkt->forcepad = padsize;
+ ssh2_pkt_send(ssh, pkt);
+ } else
+#endif
+ {
+ /*
+ * If we can't do that, however, an alternative approach is
+ * to use the pkt_defer mechanism to bundle the packet
+ * tightly together with an SSH_MSG_IGNORE such that their
+ * combined length is a constant. So first we construct the
+ * final form of this packet and defer its sending.
+ */
+ ssh2_pkt_defer(ssh, pkt);
+
+ /*
+ * Now construct an SSH_MSG_IGNORE which includes a string
+ * that's an exact multiple of the cipher block size. (If
+ * the cipher is NULL so that the block size is
+ * unavailable, we don't do this trick at all, because we
+ * gain nothing by it.)
+ */
+ if (ssh->cscipher) {
+ int stringlen, i;
+
+ stringlen = (256 - ssh->deferred_len);
+ stringlen += ssh->cscipher->blksize - 1;
+ stringlen -= (stringlen % ssh->cscipher->blksize);
+ if (ssh->cscomp) {
+ /*
+ * Temporarily disable actual compression, so we
+ * can guarantee to get this string exactly the
+ * length we want it. The compression-disabling
+ * routine should return an integer indicating how
+ * many bytes we should adjust our string length
+ * by.
+ */
+ stringlen -=
+ ssh->cscomp->disable_compression(ssh->cs_comp_ctx);
+ }
+ pkt = ssh2_pkt_init(SSH2_MSG_IGNORE);
+ ssh2_pkt_addstring_start(pkt);
+ for (i = 0; i < stringlen; i++) {
+ char c = (char) random_byte();
+ ssh2_pkt_addstring_data(pkt, &c, 1);
+ }
+ ssh2_pkt_defer(ssh, pkt);
+ }
+ ssh_pkt_defersend(ssh);
+ }
+}
+
/*
* Send all queued SSH-2 packets. We send them by means of
* ssh2_pkt_defer_noqueue(), in case they included a pair of
error_msg = "Server closed network connection";
}
+ if (ssh->close_expected && ssh->clean_exit && ssh->exitcode < 0)
+ ssh->exitcode = 0;
+
if (need_notify)
notify_remote_exit(ssh->frontend);
/* and try again */
} else {
assert(0 && "unexpected return from loadrsakey()");
+ got_passphrase = FALSE; /* placate optimisers */
}
}
/* Data for an agent message. Buffer it. */
while (len > 0) {
if (c->u.a.lensofar < 4) {
- unsigned int l = min(4 - c->u.a.lensofar, len);
+ unsigned int l = min(4 - c->u.a.lensofar, (unsigned)len);
memcpy(c->u.a.msglen + c->u.a.lensofar, p,
l);
p += l;
if (c->u.a.lensofar >= 4 && len > 0) {
unsigned int l =
min(c->u.a.totallen - c->u.a.lensofar,
- len);
+ (unsigned)len);
memcpy(c->u.a.message + c->u.a.lensofar, p,
l);
p += l;
case CHAN_AGENT:
while (length > 0) {
if (c->u.a.lensofar < 4) {
- unsigned int l = min(4 - c->u.a.lensofar, length);
+ unsigned int l = min(4 - c->u.a.lensofar,
+ (unsigned)length);
memcpy(c->u.a.msglen + c->u.a.lensofar,
data, l);
data += l;
if (c->u.a.lensofar >= 4 && length > 0) {
unsigned int l =
min(c->u.a.totallen - c->u.a.lensofar,
- length);
+ (unsigned)length);
memcpy(c->u.a.message + c->u.a.lensofar,
data, l);
data += l;
is_plausible = FALSE;
}
}
+ ssh->exitcode = 128; /* means `unknown signal' */
if (is_plausible) {
if (is_int) {
/* Old non-standard OpenSSH. */
int signum = ssh_pkt_getuint32(pktin);
fmt_sig = dupprintf(" %d", signum);
+ ssh->exitcode = 128 + signum;
} else {
/* As per the drafts. */
char *sig;
fmt_sig = dupprintf(" \"%.*s\"",
siglen, sig);
}
+
+ /*
+ * Really hideous method of translating the
+ * signal description back into a locally
+ * meaningful number.
+ */
+
+ if (0)
+ ;
+#ifdef SIGABRT
+ else if (siglen == lenof("ABRT")-1 &&
+ !memcmp(sig, "ABRT", siglen))
+ ssh->exitcode = 128 + SIGABRT;
+#endif
+#ifdef SIGALRM
+ else if (siglen == lenof("ALRM")-1 &&
+ !memcmp(sig, "ALRM", siglen))
+ ssh->exitcode = 128 + SIGALRM;
+#endif
+#ifdef SIGFPE
+ else if (siglen == lenof("FPE")-1 &&
+ !memcmp(sig, "FPE", siglen))
+ ssh->exitcode = 128 + SIGFPE;
+#endif
+#ifdef SIGHUP
+ else if (siglen == lenof("HUP")-1 &&
+ !memcmp(sig, "HUP", siglen))
+ ssh->exitcode = 128 + SIGHUP;
+#endif
+#ifdef SIGILL
+ else if (siglen == lenof("ILL")-1 &&
+ !memcmp(sig, "ILL", siglen))
+ ssh->exitcode = 128 + SIGILL;
+#endif
+#ifdef SIGINT
+ else if (siglen == lenof("INT")-1 &&
+ !memcmp(sig, "INT", siglen))
+ ssh->exitcode = 128 + SIGINT;
+#endif
+#ifdef SIGKILL
+ else if (siglen == lenof("KILL")-1 &&
+ !memcmp(sig, "KILL", siglen))
+ ssh->exitcode = 128 + SIGKILL;
+#endif
+#ifdef SIGPIPE
+ else if (siglen == lenof("PIPE")-1 &&
+ !memcmp(sig, "PIPE", siglen))
+ ssh->exitcode = 128 + SIGPIPE;
+#endif
+#ifdef SIGQUIT
+ else if (siglen == lenof("QUIT")-1 &&
+ !memcmp(sig, "QUIT", siglen))
+ ssh->exitcode = 128 + SIGQUIT;
+#endif
+#ifdef SIGSEGV
+ else if (siglen == lenof("SEGV")-1 &&
+ !memcmp(sig, "SEGV", siglen))
+ ssh->exitcode = 128 + SIGSEGV;
+#endif
+#ifdef SIGTERM
+ else if (siglen == lenof("TERM")-1 &&
+ !memcmp(sig, "TERM", siglen))
+ ssh->exitcode = 128 + SIGTERM;
+#endif
+#ifdef SIGUSR1
+ else if (siglen == lenof("USR1")-1 &&
+ !memcmp(sig, "USR1", siglen))
+ ssh->exitcode = 128 + SIGUSR1;
+#endif
+#ifdef SIGUSR2
+ else if (siglen == lenof("USR2")-1 &&
+ !memcmp(sig, "USR2", siglen))
+ ssh->exitcode = 128 + SIGUSR2;
+#endif
+ else
+ ssh->exitcode = 128;
}
core = ssh2_pkt_getbool(pktin);
ssh_pkt_getstring(pktin, &msg, &msglen);
* Send the responses to the server.
*/
s->pktout = ssh2_pkt_init(SSH2_MSG_USERAUTH_INFO_RESPONSE);
- s->pktout->forcepad = 256;
ssh2_pkt_adduint32(s->pktout, s->num_prompts);
for (i=0; i < s->num_prompts; i++) {
dont_log_password(ssh, s->pktout, PKTLOG_BLANK);
s->cur_prompt->prompts[i]->result);
end_log_omission(ssh, s->pktout);
}
- ssh2_pkt_send(ssh, s->pktout);
+ ssh2_pkt_send_with_padding(ssh, s->pktout, 256);
/*
* Get the next packet in case it's another
* people who find out how long their password is!
*/
s->pktout = ssh2_pkt_init(SSH2_MSG_USERAUTH_REQUEST);
- s->pktout->forcepad = 256;
ssh2_pkt_addstring(s->pktout, s->username);
ssh2_pkt_addstring(s->pktout, "ssh-connection");
/* service requested */
dont_log_password(ssh, s->pktout, PKTLOG_BLANK);
ssh2_pkt_addstring(s->pktout, s->password);
end_log_omission(ssh, s->pktout);
- ssh2_pkt_send(ssh, s->pktout);
+ ssh2_pkt_send_with_padding(ssh, s->pktout, 256);
logevent("Sent password");
s->type = AUTH_TYPE_PASSWORD;
* (see above for padding rationale)
*/
s->pktout = ssh2_pkt_init(SSH2_MSG_USERAUTH_REQUEST);
- s->pktout->forcepad = 256;
ssh2_pkt_addstring(s->pktout, s->username);
ssh2_pkt_addstring(s->pktout, "ssh-connection");
/* service requested */
s->cur_prompt->prompts[1]->result);
free_prompts(s->cur_prompt);
end_log_omission(ssh, s->pktout);
- ssh2_pkt_send(ssh, s->pktout);
+ ssh2_pkt_send_with_padding(ssh, s->pktout, 256);
logevent("Sent new password");
/*