-/* $OpenBSD: channels.c,v 1.358 2017/04/30 23:13:25 djm Exp $ */
+/* $OpenBSD: channels.c,v 1.359 2017/04/30 23:28:41 djm Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
#include "xmalloc.h"
#include "ssh.h"
-#include "ssh1.h"
#include "ssh2.h"
#include "ssherr.h"
#include "packet.h"
return 0;
}
-/* ARGSUSED */
-int
-channel_input_close(int type, u_int32_t seq, void *ctxt)
-{
- int id;
- Channel *c;
-
- id = packet_get_int();
- packet_check_eom();
- c = channel_lookup(id);
- if (c == NULL)
- packet_disconnect("Received close for nonexistent channel %d.", id);
- if (channel_proxy_upstream(c, type, seq, ctxt))
- return 0;
- /*
- * Send a confirmation that we have closed the channel and no more
- * data is coming for it.
- */
- packet_start(SSH_MSG_CHANNEL_CLOSE_CONFIRMATION);
- packet_put_int(c->remote_id);
- packet_send();
-
- /*
- * If the channel is in closed state, we have sent a close request,
- * and the other side will eventually respond with a confirmation.
- * Thus, we cannot free the channel here, because then there would be
- * no-one to receive the confirmation. The channel gets freed when
- * the confirmation arrives.
- */
- if (c->type != SSH_CHANNEL_CLOSED) {
- /*
- * Not a closed channel - mark it as draining, which will
- * cause it to be freed later.
- */
- buffer_clear(&c->input);
- c->type = SSH_CHANNEL_OUTPUT_DRAINING;
- }
- return 0;
-}
-
/* proto version 1.5 overloads CLOSE_CONFIRMATION with OCLOSE */
/* ARGSUSED */
int
return 0;
}
-/* ARGSUSED */
-int
-channel_input_port_open(int type, u_int32_t seq, void *ctxt)
-{
- Channel *c = NULL;
- u_short host_port;
- char *host, *originator_string;
- int remote_id;
-
- remote_id = packet_get_int();
- host = packet_get_string(NULL);
- host_port = packet_get_int();
-
- if (packet_get_protocol_flags() & SSH_PROTOFLAG_HOST_IN_FWD_OPEN) {
- originator_string = packet_get_string(NULL);
- } else {
- originator_string = xstrdup("unknown (remote did not supply name)");
- }
- packet_check_eom();
- c = channel_connect_to_port(host, host_port,
- "connected socket", originator_string, NULL, NULL);
- free(originator_string);
- free(host);
- if (c == NULL) {
- packet_start(SSH_MSG_CHANNEL_OPEN_FAILURE);
- packet_put_int(remote_id);
- packet_send();
- } else
- c->remote_id = remote_id;
- return 0;
-}
-
/* ARGSUSED */
int
channel_input_status_confirm(int type, u_int32_t seq, void *ctxt)
return sock;
}
-/*
- * This is called when SSH_SMSG_X11_OPEN is received. The packet contains
- * the remote channel number. We should do whatever we want, and respond
- * with either SSH_MSG_OPEN_CONFIRMATION or SSH_MSG_OPEN_FAILURE.
- */
-
-/* ARGSUSED */
-int
-x11_input_open(int type, u_int32_t seq, void *ctxt)
-{
- Channel *c = NULL;
- int remote_id, sock = 0;
- char *remote_host;
-
- debug("Received X11 open request.");
-
- remote_id = packet_get_int();
-
- if (packet_get_protocol_flags() & SSH_PROTOFLAG_HOST_IN_FWD_OPEN) {
- remote_host = packet_get_string(NULL);
- } else {
- remote_host = xstrdup("unknown (remote did not supply name)");
- }
- packet_check_eom();
-
- /* Obtain a connection to the real X display. */
- sock = x11_connect_display();
- if (sock != -1) {
- /* Allocate a channel for this connection. */
- c = channel_new("connected x11 socket",
- SSH_CHANNEL_X11_OPEN, sock, sock, -1, 0, 0, 0,
- remote_host, 1);
- c->remote_id = remote_id;
- c->force_drain = 1;
- }
- free(remote_host);
- if (c == NULL) {
- /* Send refusal to the remote host. */
- packet_start(SSH_MSG_CHANNEL_OPEN_FAILURE);
- packet_put_int(remote_id);
- } else {
- /* Send a confirmation to the remote host. */
- packet_start(SSH_MSG_CHANNEL_OPEN_CONFIRMATION);
- packet_put_int(remote_id);
- packet_put_int(c->self);
- }
- packet_send();
- return 0;
-}
-
-/* dummy protocol handler that denies SSH-1 requests (agent/x11) */
-/* ARGSUSED */
-int
-deny_input_open(int type, u_int32_t seq, void *ctxt)
-{
- int rchan = packet_get_int();
-
- switch (type) {
- case SSH_SMSG_AGENT_OPEN:
- error("Warning: ssh server tried agent forwarding.");
- break;
- case SSH_SMSG_X11_OPEN:
- error("Warning: ssh server tried X11 forwarding.");
- break;
- default:
- error("deny_input_open: type %d", type);
- break;
- }
- error("Warning: this is probably a break-in attempt by a malicious server.");
- packet_start(SSH_MSG_CHANNEL_OPEN_FAILURE);
- packet_put_int(rchan);
- packet_send();
- return 0;
-}
-
/*
* Requests forwarding of X11 connections, generates fake authentication
* data, and enables authentication spoofing.
packet_write_wait();
free(new_data);
}
-
-
-/* -- agent forwarding */
-
-/* Sends a message to the server to request authentication fd forwarding. */
-
-void
-auth_request_forwarding(void)
-{
- packet_start(SSH_CMSG_AGENT_REQUEST_FORWARDING);
- packet_send();
- packet_write_wait();
-}
-/* $OpenBSD: channels.h,v 1.122 2017/04/30 23:13:25 djm Exp $ */
+/* $OpenBSD: channels.h,v 1.123 2017/04/30 23:28:41 djm Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
/* protocol handler */
-int channel_input_close(int, u_int32_t, void *);
int channel_input_close_confirmation(int, u_int32_t, void *);
int channel_input_data(int, u_int32_t, void *);
int channel_input_extended_data(int, u_int32_t, void *);
int channel_input_oclose(int, u_int32_t, void *);
int channel_input_open_confirmation(int, u_int32_t, void *);
int channel_input_open_failure(int, u_int32_t, void *);
-int channel_input_port_open(int, u_int32_t, void *);
int channel_input_window_adjust(int, u_int32_t, void *);
int channel_input_status_confirm(int, u_int32_t, void *);
void channel_set_x11_refuse_time(u_int);
int x11_connect_display(void);
int x11_create_display_inet(int, int, int, u_int *, int **);
-int x11_input_open(int, u_int32_t, void *);
void x11_request_forwarding_with_spoofing(int, const char *, const char *,
const char *, int);
-int deny_input_open(int, u_int32_t, void *);
-
-/* agent forwarding */
-
-void auth_request_forwarding(void);
/* channel close */
-/* $OpenBSD: clientloop.c,v 1.294 2017/04/30 23:21:54 djm Exp $ */
+/* $OpenBSD: clientloop.c,v 1.295 2017/04/30 23:28:41 djm Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
#include "xmalloc.h"
#include "ssh.h"
-#include "ssh1.h"
#include "ssh2.h"
#include "packet.h"
#include "buffer.h"
-/* $OpenBSD: dispatch.c,v 1.28 2017/04/30 23:13:25 djm Exp $ */
+/* $OpenBSD: dispatch.c,v 1.29 2017/04/30 23:28:42 djm Exp $ */
/*
* Copyright (c) 2000 Markus Friedl. All rights reserved.
*
#include <signal.h>
#include <stdarg.h>
-#include "ssh1.h"
#include "ssh2.h"
#include "log.h"
#include "dispatch.h"
-/* $OpenBSD: nchan.c,v 1.64 2017/04/30 23:13:25 djm Exp $ */
+/* $OpenBSD: nchan.c,v 1.65 2017/04/30 23:28:42 djm Exp $ */
/*
* Copyright (c) 1999, 2000, 2001, 2002 Markus Friedl. All rights reserved.
*
#include <string.h>
#include <stdarg.h>
-#include "ssh1.h"
#include "ssh2.h"
#include "buffer.h"
#include "packet.h"
-/* $OpenBSD: packet.c,v 1.251 2017/04/30 23:26:16 djm Exp $ */
+/* $OpenBSD: packet.c,v 1.252 2017/04/30 23:28:42 djm Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
#include "xmalloc.h"
#include "crc32.h"
#include "compat.h"
-#include "ssh1.h"
#include "ssh2.h"
#include "cipher.h"
#include "sshkey.h"
-/* $OpenBSD: ssh-keyscan.c,v 1.112 2017/04/30 23:18:44 djm Exp $ */
+/* $OpenBSD: ssh-keyscan.c,v 1.113 2017/04/30 23:28:42 djm Exp $ */
/*
* Copyright 1995, 1996 by David Mazieres <dm@lcs.mit.edu>.
*
#include "xmalloc.h"
#include "ssh.h"
-#include "ssh1.h"
#include "sshbuf.h"
#include "sshkey.h"
#include "cipher.h"
-/* $OpenBSD: ssh.c,v 1.457 2017/04/30 23:18:44 djm Exp $ */
+/* $OpenBSD: ssh.c,v 1.458 2017/04/30 23:28:42 djm Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
#include "xmalloc.h"
#include "ssh.h"
-#include "ssh1.h"
#include "ssh2.h"
#include "canohost.h"
#include "compat.h"
-/* $OpenBSD: ssh1.h,v 1.7 2016/05/04 14:22:33 markus Exp $ */
-
-/*
- * Author: Tatu Ylonen <ylo@cs.hut.fi>
- * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
- * All rights reserved
- *
- * As far as I am concerned, the code I have written for this software
- * can be used freely for any purpose. Any derived versions of this
- * software must be clearly marked as such, and if the derived work is
- * incompatible with the protocol description in the RFC file, it must be
- * called by a name other than "ssh" or "Secure Shell".
- */
-
-/*
- * Definition of message types. New values can be added, but old values
- * should not be removed or without careful consideration of the consequences
- * for compatibility. The maximum value is 254; value 255 is reserved for
- * future extension.
- */
-/* Ranges */
-#define SSH_MSG_MIN 1
-#define SSH_MSG_MAX 254
-/* Message name */ /* msg code */ /* arguments */
-#define SSH_MSG_DISCONNECT 1 /* cause (string) */
-#define SSH_SMSG_PUBLIC_KEY 2 /* ck,msk,srvk,hostk */
-#define SSH_CMSG_SESSION_KEY 3 /* key (BIGNUM) */
-#define SSH_CMSG_USER 4 /* user (string) */
-#define SSH_CMSG_AUTH_RHOSTS 5 /* user (string) */
-#define SSH_CMSG_AUTH_RSA 6 /* modulus (BIGNUM) */
-#define SSH_SMSG_AUTH_RSA_CHALLENGE 7 /* int (BIGNUM) */
-#define SSH_CMSG_AUTH_RSA_RESPONSE 8 /* int (BIGNUM) */
-#define SSH_CMSG_AUTH_PASSWORD 9 /* pass (string) */
-#define SSH_CMSG_REQUEST_PTY 10 /* TERM, tty modes */
-#define SSH_CMSG_WINDOW_SIZE 11 /* row,col,xpix,ypix */
-#define SSH_CMSG_EXEC_SHELL 12 /* */
-#define SSH_CMSG_EXEC_CMD 13 /* cmd (string) */
-#define SSH_SMSG_SUCCESS 14 /* */
-#define SSH_SMSG_FAILURE 15 /* */
-#define SSH_CMSG_STDIN_DATA 16 /* data (string) */
-#define SSH_SMSG_STDOUT_DATA 17 /* data (string) */
-#define SSH_SMSG_STDERR_DATA 18 /* data (string) */
-#define SSH_CMSG_EOF 19 /* */
-#define SSH_SMSG_EXITSTATUS 20 /* status (int) */
-#define SSH_MSG_CHANNEL_OPEN_CONFIRMATION 21 /* channel (int) */
-#define SSH_MSG_CHANNEL_OPEN_FAILURE 22 /* channel (int) */
-#define SSH_MSG_CHANNEL_DATA 23 /* ch,data (int,str) */
-#define SSH_MSG_CHANNEL_CLOSE 24 /* channel (int) */
-#define SSH_MSG_CHANNEL_CLOSE_CONFIRMATION 25 /* channel (int) */
-/* SSH_CMSG_X11_REQUEST_FORWARDING 26 OBSOLETE */
-#define SSH_SMSG_X11_OPEN 27 /* channel (int) */
-#define SSH_CMSG_PORT_FORWARD_REQUEST 28 /* p,host,hp (i,s,i) */
-#define SSH_MSG_PORT_OPEN 29 /* ch,h,p (i,s,i) */
-#define SSH_CMSG_AGENT_REQUEST_FORWARDING 30 /* */
-#define SSH_SMSG_AGENT_OPEN 31 /* port (int) */
-#define SSH_MSG_IGNORE 32 /* string */
-#define SSH_CMSG_EXIT_CONFIRMATION 33 /* */
-#define SSH_CMSG_X11_REQUEST_FORWARDING 34 /* proto,data (s,s) */
-#define SSH_CMSG_AUTH_RHOSTS_RSA 35 /* user,mod (s,mpi) */
-#define SSH_MSG_DEBUG 36 /* string */
-#define SSH_CMSG_REQUEST_COMPRESSION 37 /* level 1-9 (int) */
-#define SSH_CMSG_MAX_PACKET_SIZE 38 /* size 4k-1024k (int) */
-#define SSH_CMSG_AUTH_TIS 39 /* we use this for s/key */
-#define SSH_SMSG_AUTH_TIS_CHALLENGE 40 /* challenge (string) */
-#define SSH_CMSG_AUTH_TIS_RESPONSE 41 /* response (string) */
-#define SSH_CMSG_AUTH_KERBEROS 42 /* (KTEXT) */
-#define SSH_SMSG_AUTH_KERBEROS_RESPONSE 43 /* (KTEXT) */
-#define SSH_CMSG_HAVE_KERBEROS_TGT 44 /* credentials (s) */
-#define SSH_CMSG_HAVE_AFS_TOKEN 65 /* token (s) */
-
-/* protocol version 1.5 overloads some version 1.3 message types */
-#define SSH_MSG_CHANNEL_INPUT_EOF SSH_MSG_CHANNEL_CLOSE
-#define SSH_MSG_CHANNEL_OUTPUT_CLOSE SSH_MSG_CHANNEL_CLOSE_CONFIRMATION
-
-/*
- * Authentication methods. New types can be added, but old types should not
- * be removed for compatibility. The maximum allowed value is 31.
- */
-#define SSH_AUTH_RHOSTS 1
-#define SSH_AUTH_RSA 2
-#define SSH_AUTH_PASSWORD 3
-#define SSH_AUTH_RHOSTS_RSA 4
-#define SSH_AUTH_TIS 5
-#define SSH_AUTH_KERBEROS 6
-#define SSH_PASS_KERBEROS_TGT 7
- /* 8 to 15 are reserved */
-#define SSH_PASS_AFS_TOKEN 21
-
-/* Protocol flags. These are bit masks. */
-#define SSH_PROTOFLAG_SCREEN_NUMBER 1 /* X11 forwarding includes screen */
-#define SSH_PROTOFLAG_HOST_IN_FWD_OPEN 2 /* forwarding opens contain host */
projects / openbsd / commitdiff