source: trunk/third/openssh/packet.c @ 22570

Revision 22570, 38.5 KB checked in by ghudson, 18 years ago (diff)
This commit was generated by cvs2svn to compensate for changes in r22569, which included commits to RCS files with non-trunk default branches.
Line 
1/*
2 * Author: Tatu Ylonen <ylo@cs.hut.fi>
3 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
4 *                    All rights reserved
5 * This file contains code implementing the packet protocol and communication
6 * with the other side.  This same code is used both on client and server side.
7 *
8 * As far as I am concerned, the code I have written for this software
9 * can be used freely for any purpose.  Any derived versions of this
10 * software must be clearly marked as such, and if the derived work is
11 * incompatible with the protocol description in the RFC file, it must be
12 * called by a name other than "ssh" or "Secure Shell".
13 *
14 *
15 * SSH2 packet format added by Markus Friedl.
16 * Copyright (c) 2000, 2001 Markus Friedl.  All rights reserved.
17 *
18 * Redistribution and use in source and binary forms, with or without
19 * modification, are permitted provided that the following conditions
20 * are met:
21 * 1. Redistributions of source code must retain the above copyright
22 *    notice, this list of conditions and the following disclaimer.
23 * 2. Redistributions in binary form must reproduce the above copyright
24 *    notice, this list of conditions and the following disclaimer in the
25 *    documentation and/or other materials provided with the distribution.
26 *
27 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
28 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
29 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
30 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
31 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
32 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
33 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
34 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
35 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
36 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
37 */
38
39#include "includes.h"
40RCSID("$OpenBSD: packet.c,v 1.119 2005/07/28 17:36:22 markus Exp $");
41
42#include "openbsd-compat/sys-queue.h"
43
44#include "xmalloc.h"
45#include "buffer.h"
46#include "packet.h"
47#include "bufaux.h"
48#include "crc32.h"
49#include "getput.h"
50
51#include "compress.h"
52#include "deattack.h"
53#include "channels.h"
54
55#include "compat.h"
56#include "ssh1.h"
57#include "ssh2.h"
58
59#include "cipher.h"
60#include "kex.h"
61#include "mac.h"
62#include "log.h"
63#include "canohost.h"
64#include "misc.h"
65#include "ssh.h"
66
67#ifdef PACKET_DEBUG
68#define DBG(x) x
69#else
70#define DBG(x)
71#endif
72
73/*
74 * This variable contains the file descriptors used for communicating with
75 * the other side.  connection_in is used for reading; connection_out for
76 * writing.  These can be the same descriptor, in which case it is assumed to
77 * be a socket.
78 */
79static int connection_in = -1;
80static int connection_out = -1;
81
82/* Protocol flags for the remote side. */
83static u_int remote_protocol_flags = 0;
84
85/* Encryption context for receiving data.  This is only used for decryption. */
86static CipherContext receive_context;
87
88/* Encryption context for sending data.  This is only used for encryption. */
89static CipherContext send_context;
90
91/* Buffer for raw input data from the socket. */
92Buffer input;
93
94/* Buffer for raw output data going to the socket. */
95Buffer output;
96
97/* Buffer for the partial outgoing packet being constructed. */
98static Buffer outgoing_packet;
99
100/* Buffer for the incoming packet currently being processed. */
101static Buffer incoming_packet;
102
103/* Scratch buffer for packet compression/decompression. */
104static Buffer compression_buffer;
105static int compression_buffer_ready = 0;
106
107/* Flag indicating whether packet compression/decompression is enabled. */
108static int packet_compression = 0;
109
110/* default maximum packet size */
111u_int max_packet_size = 32768;
112
113/* Flag indicating whether this module has been initialized. */
114static int initialized = 0;
115
116/* Set to true if the connection is interactive. */
117static int interactive_mode = 0;
118
119/* Set to true if we are the server side. */
120static int server_side = 0;
121
122/* Set to true if we are authenticated. */
123static int after_authentication = 0;
124
125/* Session key information for Encryption and MAC */
126Newkeys *newkeys[MODE_MAX];
127static struct packet_state {
128        u_int32_t seqnr;
129        u_int32_t packets;
130        u_int64_t blocks;
131} p_read, p_send;
132
133static u_int64_t max_blocks_in, max_blocks_out;
134static u_int32_t rekey_limit;
135
136/* Session key for protocol v1 */
137static u_char ssh1_key[SSH_SESSION_KEY_LENGTH];
138static u_int ssh1_keylen;
139
140/* roundup current message to extra_pad bytes */
141static u_char extra_pad = 0;
142
143struct packet {
144        TAILQ_ENTRY(packet) next;
145        u_char type;
146        Buffer payload;
147};
148TAILQ_HEAD(, packet) outgoing;
149
150/*
151 * Sets the descriptors used for communication.  Disables encryption until
152 * packet_set_encryption_key is called.
153 */
154void
155packet_set_connection(int fd_in, int fd_out)
156{
157        Cipher *none = cipher_by_name("none");
158
159        if (none == NULL)
160                fatal("packet_set_connection: cannot load cipher 'none'");
161        connection_in = fd_in;
162        connection_out = fd_out;
163        cipher_init(&send_context, none, (const u_char *)"",
164            0, NULL, 0, CIPHER_ENCRYPT);
165        cipher_init(&receive_context, none, (const u_char *)"",
166            0, NULL, 0, CIPHER_DECRYPT);
167        newkeys[MODE_IN] = newkeys[MODE_OUT] = NULL;
168        if (!initialized) {
169                initialized = 1;
170                buffer_init(&input);
171                buffer_init(&output);
172                buffer_init(&outgoing_packet);
173                buffer_init(&incoming_packet);
174                TAILQ_INIT(&outgoing);
175        }
176}
177
178/* Returns 1 if remote host is connected via socket, 0 if not. */
179
180int
181packet_connection_is_on_socket(void)
182{
183        struct sockaddr_storage from, to;
184        socklen_t fromlen, tolen;
185
186        /* filedescriptors in and out are the same, so it's a socket */
187        if (connection_in == connection_out)
188                return 1;
189        fromlen = sizeof(from);
190        memset(&from, 0, sizeof(from));
191        if (getpeername(connection_in, (struct sockaddr *)&from, &fromlen) < 0)
192                return 0;
193        tolen = sizeof(to);
194        memset(&to, 0, sizeof(to));
195        if (getpeername(connection_out, (struct sockaddr *)&to, &tolen) < 0)
196                return 0;
197        if (fromlen != tolen || memcmp(&from, &to, fromlen) != 0)
198                return 0;
199        if (from.ss_family != AF_INET && from.ss_family != AF_INET6)
200                return 0;
201        return 1;
202}
203
204/*
205 * Exports an IV from the CipherContext required to export the key
206 * state back from the unprivileged child to the privileged parent
207 * process.
208 */
209
210void
211packet_get_keyiv(int mode, u_char *iv, u_int len)
212{
213        CipherContext *cc;
214
215        if (mode == MODE_OUT)
216                cc = &send_context;
217        else
218                cc = &receive_context;
219
220        cipher_get_keyiv(cc, iv, len);
221}
222
223int
224packet_get_keycontext(int mode, u_char *dat)
225{
226        CipherContext *cc;
227
228        if (mode == MODE_OUT)
229                cc = &send_context;
230        else
231                cc = &receive_context;
232
233        return (cipher_get_keycontext(cc, dat));
234}
235
236void
237packet_set_keycontext(int mode, u_char *dat)
238{
239        CipherContext *cc;
240
241        if (mode == MODE_OUT)
242                cc = &send_context;
243        else
244                cc = &receive_context;
245
246        cipher_set_keycontext(cc, dat);
247}
248
249int
250packet_get_keyiv_len(int mode)
251{
252        CipherContext *cc;
253
254        if (mode == MODE_OUT)
255                cc = &send_context;
256        else
257                cc = &receive_context;
258
259        return (cipher_get_keyiv_len(cc));
260}
261void
262packet_set_iv(int mode, u_char *dat)
263{
264        CipherContext *cc;
265
266        if (mode == MODE_OUT)
267                cc = &send_context;
268        else
269                cc = &receive_context;
270
271        cipher_set_keyiv(cc, dat);
272}
273int
274packet_get_ssh1_cipher(void)
275{
276        return (cipher_get_number(receive_context.cipher));
277}
278
279void
280packet_get_state(int mode, u_int32_t *seqnr, u_int64_t *blocks, u_int32_t *packets)
281{
282        struct packet_state *state;
283
284        state = (mode == MODE_IN) ? &p_read : &p_send;
285        *seqnr = state->seqnr;
286        *blocks = state->blocks;
287        *packets = state->packets;
288}
289
290void
291packet_set_state(int mode, u_int32_t seqnr, u_int64_t blocks, u_int32_t packets)
292{
293        struct packet_state *state;
294
295        state = (mode == MODE_IN) ? &p_read : &p_send;
296        state->seqnr = seqnr;
297        state->blocks = blocks;
298        state->packets = packets;
299}
300
301/* returns 1 if connection is via ipv4 */
302
303int
304packet_connection_is_ipv4(void)
305{
306        struct sockaddr_storage to;
307        socklen_t tolen = sizeof(to);
308
309        memset(&to, 0, sizeof(to));
310        if (getsockname(connection_out, (struct sockaddr *)&to, &tolen) < 0)
311                return 0;
312        if (to.ss_family == AF_INET)
313                return 1;
314#ifdef IPV4_IN_IPV6
315        if (to.ss_family == AF_INET6 &&
316            IN6_IS_ADDR_V4MAPPED(&((struct sockaddr_in6 *)&to)->sin6_addr))
317                return 1;
318#endif
319        return 0;
320}
321
322/* Sets the connection into non-blocking mode. */
323
324void
325packet_set_nonblocking(void)
326{
327        /* Set the socket into non-blocking mode. */
328        set_nonblock(connection_in);
329
330        if (connection_out != connection_in)
331                set_nonblock(connection_out);
332}
333
334/* Returns the socket used for reading. */
335
336int
337packet_get_connection_in(void)
338{
339        return connection_in;
340}
341
342/* Returns the descriptor used for writing. */
343
344int
345packet_get_connection_out(void)
346{
347        return connection_out;
348}
349
350/* Closes the connection and clears and frees internal data structures. */
351
352void
353packet_close(void)
354{
355        if (!initialized)
356                return;
357        initialized = 0;
358        if (connection_in == connection_out) {
359                shutdown(connection_out, SHUT_RDWR);
360                close(connection_out);
361        } else {
362                close(connection_in);
363                close(connection_out);
364        }
365        buffer_free(&input);
366        buffer_free(&output);
367        buffer_free(&outgoing_packet);
368        buffer_free(&incoming_packet);
369        if (compression_buffer_ready) {
370                buffer_free(&compression_buffer);
371                buffer_compress_uninit();
372        }
373        cipher_cleanup(&send_context);
374        cipher_cleanup(&receive_context);
375}
376
377/* Sets remote side protocol flags. */
378
379void
380packet_set_protocol_flags(u_int protocol_flags)
381{
382        remote_protocol_flags = protocol_flags;
383}
384
385/* Returns the remote protocol flags set earlier by the above function. */
386
387u_int
388packet_get_protocol_flags(void)
389{
390        return remote_protocol_flags;
391}
392
393/*
394 * Starts packet compression from the next packet on in both directions.
395 * Level is compression level 1 (fastest) - 9 (slow, best) as in gzip.
396 */
397
398static void
399packet_init_compression(void)
400{
401        if (compression_buffer_ready == 1)
402                return;
403        compression_buffer_ready = 1;
404        buffer_init(&compression_buffer);
405}
406
407void
408packet_start_compression(int level)
409{
410        if (packet_compression && !compat20)
411                fatal("Compression already enabled.");
412        packet_compression = 1;
413        packet_init_compression();
414        buffer_compress_init_send(level);
415        buffer_compress_init_recv();
416}
417
418/*
419 * Causes any further packets to be encrypted using the given key.  The same
420 * key is used for both sending and reception.  However, both directions are
421 * encrypted independently of each other.
422 */
423
424void
425packet_set_encryption_key(const u_char *key, u_int keylen,
426    int number)
427{
428        Cipher *cipher = cipher_by_number(number);
429
430        if (cipher == NULL)
431                fatal("packet_set_encryption_key: unknown cipher number %d", number);
432        if (keylen < 20)
433                fatal("packet_set_encryption_key: keylen too small: %d", keylen);
434        if (keylen > SSH_SESSION_KEY_LENGTH)
435                fatal("packet_set_encryption_key: keylen too big: %d", keylen);
436        memcpy(ssh1_key, key, keylen);
437        ssh1_keylen = keylen;
438        cipher_init(&send_context, cipher, key, keylen, NULL, 0, CIPHER_ENCRYPT);
439        cipher_init(&receive_context, cipher, key, keylen, NULL, 0, CIPHER_DECRYPT);
440}
441
442u_int
443packet_get_encryption_key(u_char *key)
444{
445        if (key == NULL)
446                return (ssh1_keylen);
447        memcpy(key, ssh1_key, ssh1_keylen);
448        return (ssh1_keylen);
449}
450
451/* Start constructing a packet to send. */
452void
453packet_start(u_char type)
454{
455        u_char buf[9];
456        int len;
457
458        DBG(debug("packet_start[%d]", type));
459        len = compat20 ? 6 : 9;
460        memset(buf, 0, len - 1);
461        buf[len - 1] = type;
462        buffer_clear(&outgoing_packet);
463        buffer_append(&outgoing_packet, buf, len);
464}
465
466/* Append payload. */
467void
468packet_put_char(int value)
469{
470        char ch = value;
471
472        buffer_append(&outgoing_packet, &ch, 1);
473}
474void
475packet_put_int(u_int value)
476{
477        buffer_put_int(&outgoing_packet, value);
478}
479void
480packet_put_string(const void *buf, u_int len)
481{
482        buffer_put_string(&outgoing_packet, buf, len);
483}
484void
485packet_put_cstring(const char *str)
486{
487        buffer_put_cstring(&outgoing_packet, str);
488}
489void
490packet_put_raw(const void *buf, u_int len)
491{
492        buffer_append(&outgoing_packet, buf, len);
493}
494void
495packet_put_bignum(BIGNUM * value)
496{
497        buffer_put_bignum(&outgoing_packet, value);
498}
499void
500packet_put_bignum2(BIGNUM * value)
501{
502        buffer_put_bignum2(&outgoing_packet, value);
503}
504
505/*
506 * Finalizes and sends the packet.  If the encryption key has been set,
507 * encrypts the packet before sending.
508 */
509
510static void
511packet_send1(void)
512{
513        u_char buf[8], *cp;
514        int i, padding, len;
515        u_int checksum;
516        u_int32_t rnd = 0;
517
518        /*
519         * If using packet compression, compress the payload of the outgoing
520         * packet.
521         */
522        if (packet_compression) {
523                buffer_clear(&compression_buffer);
524                /* Skip padding. */
525                buffer_consume(&outgoing_packet, 8);
526                /* padding */
527                buffer_append(&compression_buffer, "\0\0\0\0\0\0\0\0", 8);
528                buffer_compress(&outgoing_packet, &compression_buffer);
529                buffer_clear(&outgoing_packet);
530                buffer_append(&outgoing_packet, buffer_ptr(&compression_buffer),
531                    buffer_len(&compression_buffer));
532        }
533        /* Compute packet length without padding (add checksum, remove padding). */
534        len = buffer_len(&outgoing_packet) + 4 - 8;
535
536        /* Insert padding. Initialized to zero in packet_start1() */
537        padding = 8 - len % 8;
538        if (!send_context.plaintext) {
539                cp = buffer_ptr(&outgoing_packet);
540                for (i = 0; i < padding; i++) {
541                        if (i % 4 == 0)
542                                rnd = arc4random();
543                        cp[7 - i] = rnd & 0xff;
544                        rnd >>= 8;
545                }
546        }
547        buffer_consume(&outgoing_packet, 8 - padding);
548
549        /* Add check bytes. */
550        checksum = ssh_crc32(buffer_ptr(&outgoing_packet),
551            buffer_len(&outgoing_packet));
552        PUT_32BIT(buf, checksum);
553        buffer_append(&outgoing_packet, buf, 4);
554
555#ifdef PACKET_DEBUG
556        fprintf(stderr, "packet_send plain: ");
557        buffer_dump(&outgoing_packet);
558#endif
559
560        /* Append to output. */
561        PUT_32BIT(buf, len);
562        buffer_append(&output, buf, 4);
563        cp = buffer_append_space(&output, buffer_len(&outgoing_packet));
564        cipher_crypt(&send_context, cp, buffer_ptr(&outgoing_packet),
565            buffer_len(&outgoing_packet));
566
567#ifdef PACKET_DEBUG
568        fprintf(stderr, "encrypted: ");
569        buffer_dump(&output);
570#endif
571
572        buffer_clear(&outgoing_packet);
573
574        /*
575         * Note that the packet is now only buffered in output.  It won\'t be
576         * actually sent until packet_write_wait or packet_write_poll is
577         * called.
578         */
579}
580
581void
582set_newkeys(int mode)
583{
584        Enc *enc;
585        Mac *mac;
586        Comp *comp;
587        CipherContext *cc;
588        u_int64_t *max_blocks;
589        int crypt_type;
590
591        debug2("set_newkeys: mode %d", mode);
592
593        if (mode == MODE_OUT) {
594                cc = &send_context;
595                crypt_type = CIPHER_ENCRYPT;
596                p_send.packets = p_send.blocks = 0;
597                max_blocks = &max_blocks_out;
598        } else {
599                cc = &receive_context;
600                crypt_type = CIPHER_DECRYPT;
601                p_read.packets = p_read.blocks = 0;
602                max_blocks = &max_blocks_in;
603        }
604        if (newkeys[mode] != NULL) {
605                debug("set_newkeys: rekeying");
606                cipher_cleanup(cc);
607                enc  = &newkeys[mode]->enc;
608                mac  = &newkeys[mode]->mac;
609                comp = &newkeys[mode]->comp;
610                memset(mac->key, 0, mac->key_len);
611                xfree(enc->name);
612                xfree(enc->iv);
613                xfree(enc->key);
614                xfree(mac->name);
615                xfree(mac->key);
616                xfree(comp->name);
617                xfree(newkeys[mode]);
618        }
619        newkeys[mode] = kex_get_newkeys(mode);
620        if (newkeys[mode] == NULL)
621                fatal("newkeys: no keys for mode %d", mode);
622        enc  = &newkeys[mode]->enc;
623        mac  = &newkeys[mode]->mac;
624        comp = &newkeys[mode]->comp;
625        if (mac->md != NULL)
626                mac->enabled = 1;
627        DBG(debug("cipher_init_context: %d", mode));
628        cipher_init(cc, enc->cipher, enc->key, enc->key_len,
629            enc->iv, enc->block_size, crypt_type);
630        /* Deleting the keys does not gain extra security */
631        /* memset(enc->iv,  0, enc->block_size);
632           memset(enc->key, 0, enc->key_len); */
633        if ((comp->type == COMP_ZLIB ||
634            (comp->type == COMP_DELAYED && after_authentication)) &&
635            comp->enabled == 0) {
636                packet_init_compression();
637                if (mode == MODE_OUT)
638                        buffer_compress_init_send(6);
639                else
640                        buffer_compress_init_recv();
641                comp->enabled = 1;
642        }
643        /*
644         * The 2^(blocksize*2) limit is too expensive for 3DES,
645         * blowfish, etc, so enforce a 1GB limit for small blocksizes.
646         */
647        if (enc->block_size >= 16)
648                *max_blocks = (u_int64_t)1 << (enc->block_size*2);
649        else
650                *max_blocks = ((u_int64_t)1 << 30) / enc->block_size;
651        if (rekey_limit)
652                *max_blocks = MIN(*max_blocks, rekey_limit / enc->block_size);
653}
654
655/*
656 * Delayed compression for SSH2 is enabled after authentication:
657 * This happans on the server side after a SSH2_MSG_USERAUTH_SUCCESS is sent,
658 * and on the client side after a SSH2_MSG_USERAUTH_SUCCESS is received.
659 */
660static void
661packet_enable_delayed_compress(void)
662{
663        Comp *comp = NULL;
664        int mode;
665
666        /*
667         * Remember that we are past the authentication step, so rekeying
668         * with COMP_DELAYED will turn on compression immediately.
669         */
670        after_authentication = 1;
671        for (mode = 0; mode < MODE_MAX; mode++) {
672                comp = &newkeys[mode]->comp;
673                if (comp && !comp->enabled && comp->type == COMP_DELAYED) {
674                        packet_init_compression();
675                        if (mode == MODE_OUT)
676                                buffer_compress_init_send(6);
677                        else
678                                buffer_compress_init_recv();
679                        comp->enabled = 1;
680                }
681        }
682}
683
684/*
685 * Finalize packet in SSH2 format (compress, mac, encrypt, enqueue)
686 */
687static void
688packet_send2_wrapped(void)
689{
690        u_char type, *cp, *macbuf = NULL;
691        u_char padlen, pad;
692        u_int packet_length = 0;
693        u_int i, len;
694        u_int32_t rnd = 0;
695        Enc *enc   = NULL;
696        Mac *mac   = NULL;
697        Comp *comp = NULL;
698        int block_size;
699
700        if (newkeys[MODE_OUT] != NULL) {
701                enc  = &newkeys[MODE_OUT]->enc;
702                mac  = &newkeys[MODE_OUT]->mac;
703                comp = &newkeys[MODE_OUT]->comp;
704        }
705        block_size = enc ? enc->block_size : 8;
706
707        cp = buffer_ptr(&outgoing_packet);
708        type = cp[5];
709
710#ifdef PACKET_DEBUG
711        fprintf(stderr, "plain:     ");
712        buffer_dump(&outgoing_packet);
713#endif
714
715        if (comp && comp->enabled) {
716                len = buffer_len(&outgoing_packet);
717                /* skip header, compress only payload */
718                buffer_consume(&outgoing_packet, 5);
719                buffer_clear(&compression_buffer);
720                buffer_compress(&outgoing_packet, &compression_buffer);
721                buffer_clear(&outgoing_packet);
722                buffer_append(&outgoing_packet, "\0\0\0\0\0", 5);
723                buffer_append(&outgoing_packet, buffer_ptr(&compression_buffer),
724                    buffer_len(&compression_buffer));
725                DBG(debug("compression: raw %d compressed %d", len,
726                    buffer_len(&outgoing_packet)));
727        }
728
729        /* sizeof (packet_len + pad_len + payload) */
730        len = buffer_len(&outgoing_packet);
731
732        /*
733         * calc size of padding, alloc space, get random data,
734         * minimum padding is 4 bytes
735         */
736        padlen = block_size - (len % block_size);
737        if (padlen < 4)
738                padlen += block_size;
739        if (extra_pad) {
740                /* will wrap if extra_pad+padlen > 255 */
741                extra_pad  = roundup(extra_pad, block_size);
742                pad = extra_pad - ((len + padlen) % extra_pad);
743                debug3("packet_send2: adding %d (len %d padlen %d extra_pad %d)",
744                    pad, len, padlen, extra_pad);
745                padlen += pad;
746                extra_pad = 0;
747        }
748        cp = buffer_append_space(&outgoing_packet, padlen);
749        if (enc && !send_context.plaintext) {
750                /* random padding */
751                for (i = 0; i < padlen; i++) {
752                        if (i % 4 == 0)
753                                rnd = arc4random();
754                        cp[i] = rnd & 0xff;
755                        rnd >>= 8;
756                }
757        } else {
758                /* clear padding */
759                memset(cp, 0, padlen);
760        }
761        /* packet_length includes payload, padding and padding length field */
762        packet_length = buffer_len(&outgoing_packet) - 4;
763        cp = buffer_ptr(&outgoing_packet);
764        PUT_32BIT(cp, packet_length);
765        cp[4] = padlen;
766        DBG(debug("send: len %d (includes padlen %d)", packet_length+4, padlen));
767
768        /* compute MAC over seqnr and packet(length fields, payload, padding) */
769        if (mac && mac->enabled) {
770                macbuf = mac_compute(mac, p_send.seqnr,
771                    buffer_ptr(&outgoing_packet),
772                    buffer_len(&outgoing_packet));
773                DBG(debug("done calc MAC out #%d", p_send.seqnr));
774        }
775        /* encrypt packet and append to output buffer. */
776        cp = buffer_append_space(&output, buffer_len(&outgoing_packet));
777        cipher_crypt(&send_context, cp, buffer_ptr(&outgoing_packet),
778            buffer_len(&outgoing_packet));
779        /* append unencrypted MAC */
780        if (mac && mac->enabled)
781                buffer_append(&output, (char *)macbuf, mac->mac_len);
782#ifdef PACKET_DEBUG
783        fprintf(stderr, "encrypted: ");
784        buffer_dump(&output);
785#endif
786        /* increment sequence number for outgoing packets */
787        if (++p_send.seqnr == 0)
788                logit("outgoing seqnr wraps around");
789        if (++p_send.packets == 0)
790                if (!(datafellows & SSH_BUG_NOREKEY))
791                        fatal("XXX too many packets with same key");
792        p_send.blocks += (packet_length + 4) / block_size;
793        buffer_clear(&outgoing_packet);
794
795        if (type == SSH2_MSG_NEWKEYS)
796                set_newkeys(MODE_OUT);
797        else if (type == SSH2_MSG_USERAUTH_SUCCESS && server_side)
798                packet_enable_delayed_compress();
799}
800
801static void
802packet_send2(void)
803{
804        static int rekeying = 0;
805        struct packet *p;
806        u_char type, *cp;
807
808        cp = buffer_ptr(&outgoing_packet);
809        type = cp[5];
810
811        /* during rekeying we can only send key exchange messages */
812        if (rekeying) {
813                if (!((type >= SSH2_MSG_TRANSPORT_MIN) &&
814                    (type <= SSH2_MSG_TRANSPORT_MAX))) {
815                        debug("enqueue packet: %u", type);
816                        p = xmalloc(sizeof(*p));
817                        p->type = type;
818                        memcpy(&p->payload, &outgoing_packet, sizeof(Buffer));
819                        buffer_init(&outgoing_packet);
820                        TAILQ_INSERT_TAIL(&outgoing, p, next);
821                        return;
822                }
823        }
824
825        /* rekeying starts with sending KEXINIT */
826        if (type == SSH2_MSG_KEXINIT)
827                rekeying = 1;
828
829        packet_send2_wrapped();
830
831        /* after a NEWKEYS message we can send the complete queue */
832        if (type == SSH2_MSG_NEWKEYS) {
833                rekeying = 0;
834                while ((p = TAILQ_FIRST(&outgoing))) {
835                        type = p->type;
836                        debug("dequeue packet: %u", type);
837                        buffer_free(&outgoing_packet);
838                        memcpy(&outgoing_packet, &p->payload,
839                            sizeof(Buffer));
840                        TAILQ_REMOVE(&outgoing, p, next);
841                        xfree(p);
842                        packet_send2_wrapped();
843                }
844        }
845}
846
847void
848packet_send(void)
849{
850        if (compat20)
851                packet_send2();
852        else
853                packet_send1();
854        DBG(debug("packet_send done"));
855}
856
857/*
858 * Waits until a packet has been received, and returns its type.  Note that
859 * no other data is processed until this returns, so this function should not
860 * be used during the interactive session.
861 */
862
863int
864packet_read_seqnr(u_int32_t *seqnr_p)
865{
866        int type, len;
867        fd_set *setp;
868        char buf[8192];
869        DBG(debug("packet_read()"));
870
871        setp = (fd_set *)xmalloc(howmany(connection_in+1, NFDBITS) *
872            sizeof(fd_mask));
873
874        /* Since we are blocking, ensure that all written packets have been sent. */
875        packet_write_wait();
876
877        /* Stay in the loop until we have received a complete packet. */
878        for (;;) {
879                /* Try to read a packet from the buffer. */
880                type = packet_read_poll_seqnr(seqnr_p);
881                if (!compat20 && (
882                    type == SSH_SMSG_SUCCESS
883                    || type == SSH_SMSG_FAILURE
884                    || type == SSH_CMSG_EOF
885                    || type == SSH_CMSG_EXIT_CONFIRMATION))
886                        packet_check_eom();
887                /* If we got a packet, return it. */
888                if (type != SSH_MSG_NONE) {
889                        xfree(setp);
890                        return type;
891                }
892                /*
893                 * Otherwise, wait for some data to arrive, add it to the
894                 * buffer, and try again.
895                 */
896                memset(setp, 0, howmany(connection_in + 1, NFDBITS) *
897                    sizeof(fd_mask));
898                FD_SET(connection_in, setp);
899
900                /* Wait for some data to arrive. */
901                while (select(connection_in + 1, setp, NULL, NULL, NULL) == -1 &&
902                    (errno == EAGAIN || errno == EINTR))
903                        ;
904
905                /* Read data from the socket. */
906                len = read(connection_in, buf, sizeof(buf));
907                if (len == 0) {
908                        logit("Connection closed by %.200s", get_remote_ipaddr());
909                        cleanup_exit(255);
910                }
911                if (len < 0)
912                        fatal("Read from socket failed: %.100s", strerror(errno));
913                /* Append it to the buffer. */
914                packet_process_incoming(buf, len);
915        }
916        /* NOTREACHED */
917}
918
919int
920packet_read(void)
921{
922        return packet_read_seqnr(NULL);
923}
924
925/*
926 * Waits until a packet has been received, verifies that its type matches
927 * that given, and gives a fatal error and exits if there is a mismatch.
928 */
929
930void
931packet_read_expect(int expected_type)
932{
933        int type;
934
935        type = packet_read();
936        if (type != expected_type)
937                packet_disconnect("Protocol error: expected packet type %d, got %d",
938                    expected_type, type);
939}
940
941/* Checks if a full packet is available in the data received so far via
942 * packet_process_incoming.  If so, reads the packet; otherwise returns
943 * SSH_MSG_NONE.  This does not wait for data from the connection.
944 *
945 * SSH_MSG_DISCONNECT is handled specially here.  Also,
946 * SSH_MSG_IGNORE messages are skipped by this function and are never returned
947 * to higher levels.
948 */
949
950static int
951packet_read_poll1(void)
952{
953        u_int len, padded_len;
954        u_char *cp, type;
955        u_int checksum, stored_checksum;
956
957        /* Check if input size is less than minimum packet size. */
958        if (buffer_len(&input) < 4 + 8)
959                return SSH_MSG_NONE;
960        /* Get length of incoming packet. */
961        cp = buffer_ptr(&input);
962        len = GET_32BIT(cp);
963        if (len < 1 + 2 + 2 || len > 256 * 1024)
964                packet_disconnect("Bad packet length %u.", len);
965        padded_len = (len + 8) & ~7;
966
967        /* Check if the packet has been entirely received. */
968        if (buffer_len(&input) < 4 + padded_len)
969                return SSH_MSG_NONE;
970
971        /* The entire packet is in buffer. */
972
973        /* Consume packet length. */
974        buffer_consume(&input, 4);
975
976        /*
977         * Cryptographic attack detector for ssh
978         * (C)1998 CORE-SDI, Buenos Aires Argentina
979         * Ariel Futoransky(futo@core-sdi.com)
980         */
981        if (!receive_context.plaintext &&
982            detect_attack(buffer_ptr(&input), padded_len, NULL) == DEATTACK_DETECTED)
983                packet_disconnect("crc32 compensation attack: network attack detected");
984
985        /* Decrypt data to incoming_packet. */
986        buffer_clear(&incoming_packet);
987        cp = buffer_append_space(&incoming_packet, padded_len);
988        cipher_crypt(&receive_context, cp, buffer_ptr(&input), padded_len);
989
990        buffer_consume(&input, padded_len);
991
992#ifdef PACKET_DEBUG
993        fprintf(stderr, "read_poll plain: ");
994        buffer_dump(&incoming_packet);
995#endif
996
997        /* Compute packet checksum. */
998        checksum = ssh_crc32(buffer_ptr(&incoming_packet),
999            buffer_len(&incoming_packet) - 4);
1000
1001        /* Skip padding. */
1002        buffer_consume(&incoming_packet, 8 - len % 8);
1003
1004        /* Test check bytes. */
1005        if (len != buffer_len(&incoming_packet))
1006                packet_disconnect("packet_read_poll1: len %d != buffer_len %d.",
1007                    len, buffer_len(&incoming_packet));
1008
1009        cp = (u_char *)buffer_ptr(&incoming_packet) + len - 4;
1010        stored_checksum = GET_32BIT(cp);
1011        if (checksum != stored_checksum)
1012                packet_disconnect("Corrupted check bytes on input.");
1013        buffer_consume_end(&incoming_packet, 4);
1014
1015        if (packet_compression) {
1016                buffer_clear(&compression_buffer);
1017                buffer_uncompress(&incoming_packet, &compression_buffer);
1018                buffer_clear(&incoming_packet);
1019                buffer_append(&incoming_packet, buffer_ptr(&compression_buffer),
1020                    buffer_len(&compression_buffer));
1021        }
1022        type = buffer_get_char(&incoming_packet);
1023        if (type < SSH_MSG_MIN || type > SSH_MSG_MAX)
1024                packet_disconnect("Invalid ssh1 packet type: %d", type);
1025        return type;
1026}
1027
1028static int
1029packet_read_poll2(u_int32_t *seqnr_p)
1030{
1031        static u_int packet_length = 0;
1032        u_int padlen, need;
1033        u_char *macbuf, *cp, type;
1034        u_int maclen, block_size;
1035        Enc *enc   = NULL;
1036        Mac *mac   = NULL;
1037        Comp *comp = NULL;
1038
1039        if (newkeys[MODE_IN] != NULL) {
1040                enc  = &newkeys[MODE_IN]->enc;
1041                mac  = &newkeys[MODE_IN]->mac;
1042                comp = &newkeys[MODE_IN]->comp;
1043        }
1044        maclen = mac && mac->enabled ? mac->mac_len : 0;
1045        block_size = enc ? enc->block_size : 8;
1046
1047        if (packet_length == 0) {
1048                /*
1049                 * check if input size is less than the cipher block size,
1050                 * decrypt first block and extract length of incoming packet
1051                 */
1052                if (buffer_len(&input) < block_size)
1053                        return SSH_MSG_NONE;
1054                buffer_clear(&incoming_packet);
1055                cp = buffer_append_space(&incoming_packet, block_size);
1056                cipher_crypt(&receive_context, cp, buffer_ptr(&input),
1057                    block_size);
1058                cp = buffer_ptr(&incoming_packet);
1059                packet_length = GET_32BIT(cp);
1060                if (packet_length < 1 + 4 || packet_length > 256 * 1024) {
1061#ifdef PACKET_DEBUG
1062                        buffer_dump(&incoming_packet);
1063#endif
1064                        packet_disconnect("Bad packet length %u.", packet_length);
1065                }
1066                DBG(debug("input: packet len %u", packet_length+4));
1067                buffer_consume(&input, block_size);
1068        }
1069        /* we have a partial packet of block_size bytes */
1070        need = 4 + packet_length - block_size;
1071        DBG(debug("partial packet %d, need %d, maclen %d", block_size,
1072            need, maclen));
1073        if (need % block_size != 0)
1074                fatal("padding error: need %d block %d mod %d",
1075                    need, block_size, need % block_size);
1076        /*
1077         * check if the entire packet has been received and
1078         * decrypt into incoming_packet
1079         */
1080        if (buffer_len(&input) < need + maclen)
1081                return SSH_MSG_NONE;
1082#ifdef PACKET_DEBUG
1083        fprintf(stderr, "read_poll enc/full: ");
1084        buffer_dump(&input);
1085#endif
1086        cp = buffer_append_space(&incoming_packet, need);
1087        cipher_crypt(&receive_context, cp, buffer_ptr(&input), need);
1088        buffer_consume(&input, need);
1089        /*
1090         * compute MAC over seqnr and packet,
1091         * increment sequence number for incoming packet
1092         */
1093        if (mac && mac->enabled) {
1094                macbuf = mac_compute(mac, p_read.seqnr,
1095                    buffer_ptr(&incoming_packet),
1096                    buffer_len(&incoming_packet));
1097                if (memcmp(macbuf, buffer_ptr(&input), mac->mac_len) != 0)
1098                        packet_disconnect("Corrupted MAC on input.");
1099                DBG(debug("MAC #%d ok", p_read.seqnr));
1100                buffer_consume(&input, mac->mac_len);
1101        }
1102        if (seqnr_p != NULL)
1103                *seqnr_p = p_read.seqnr;
1104        if (++p_read.seqnr == 0)
1105                logit("incoming seqnr wraps around");
1106        if (++p_read.packets == 0)
1107                if (!(datafellows & SSH_BUG_NOREKEY))
1108                        fatal("XXX too many packets with same key");
1109        p_read.blocks += (packet_length + 4) / block_size;
1110
1111        /* get padlen */
1112        cp = buffer_ptr(&incoming_packet);
1113        padlen = cp[4];
1114        DBG(debug("input: padlen %d", padlen));
1115        if (padlen < 4)
1116                packet_disconnect("Corrupted padlen %d on input.", padlen);
1117
1118        /* skip packet size + padlen, discard padding */
1119        buffer_consume(&incoming_packet, 4 + 1);
1120        buffer_consume_end(&incoming_packet, padlen);
1121
1122        DBG(debug("input: len before de-compress %d", buffer_len(&incoming_packet)));
1123        if (comp && comp->enabled) {
1124                buffer_clear(&compression_buffer);
1125                buffer_uncompress(&incoming_packet, &compression_buffer);
1126                buffer_clear(&incoming_packet);
1127                buffer_append(&incoming_packet, buffer_ptr(&compression_buffer),
1128                    buffer_len(&compression_buffer));
1129                DBG(debug("input: len after de-compress %d",
1130                    buffer_len(&incoming_packet)));
1131        }
1132        /*
1133         * get packet type, implies consume.
1134         * return length of payload (without type field)
1135         */
1136        type = buffer_get_char(&incoming_packet);
1137        if (type < SSH2_MSG_MIN || type >= SSH2_MSG_LOCAL_MIN)
1138                packet_disconnect("Invalid ssh2 packet type: %d", type);
1139        if (type == SSH2_MSG_NEWKEYS)
1140                set_newkeys(MODE_IN);
1141        else if (type == SSH2_MSG_USERAUTH_SUCCESS && !server_side)
1142                packet_enable_delayed_compress();
1143#ifdef PACKET_DEBUG
1144        fprintf(stderr, "read/plain[%d]:\r\n", type);
1145        buffer_dump(&incoming_packet);
1146#endif
1147        /* reset for next packet */
1148        packet_length = 0;
1149        return type;
1150}
1151
1152int
1153packet_read_poll_seqnr(u_int32_t *seqnr_p)
1154{
1155        u_int reason, seqnr;
1156        u_char type;
1157        char *msg;
1158
1159        for (;;) {
1160                if (compat20) {
1161                        type = packet_read_poll2(seqnr_p);
1162                        if (type)
1163                                DBG(debug("received packet type %d", type));
1164                        switch (type) {
1165                        case SSH2_MSG_IGNORE:
1166                                break;
1167                        case SSH2_MSG_DEBUG:
1168                                packet_get_char();
1169                                msg = packet_get_string(NULL);
1170                                debug("Remote: %.900s", msg);
1171                                xfree(msg);
1172                                msg = packet_get_string(NULL);
1173                                xfree(msg);
1174                                break;
1175                        case SSH2_MSG_DISCONNECT:
1176                                reason = packet_get_int();
1177                                msg = packet_get_string(NULL);
1178                                logit("Received disconnect from %s: %u: %.400s",
1179                                    get_remote_ipaddr(), reason, msg);
1180                                xfree(msg);
1181                                cleanup_exit(255);
1182                                break;
1183                        case SSH2_MSG_UNIMPLEMENTED:
1184                                seqnr = packet_get_int();
1185                                debug("Received SSH2_MSG_UNIMPLEMENTED for %u",
1186                                    seqnr);
1187                                break;
1188                        default:
1189                                return type;
1190                                break;
1191                        }
1192                } else {
1193                        type = packet_read_poll1();
1194                        switch (type) {
1195                        case SSH_MSG_IGNORE:
1196                                break;
1197                        case SSH_MSG_DEBUG:
1198                                msg = packet_get_string(NULL);
1199                                debug("Remote: %.900s", msg);
1200                                xfree(msg);
1201                                break;
1202                        case SSH_MSG_DISCONNECT:
1203                                msg = packet_get_string(NULL);
1204                                logit("Received disconnect from %s: %.400s",
1205                                    get_remote_ipaddr(), msg);
1206                                cleanup_exit(255);
1207                                xfree(msg);
1208                                break;
1209                        default:
1210                                if (type)
1211                                        DBG(debug("received packet type %d", type));
1212                                return type;
1213                                break;
1214                        }
1215                }
1216        }
1217}
1218
1219int
1220packet_read_poll(void)
1221{
1222        return packet_read_poll_seqnr(NULL);
1223}
1224
1225/*
1226 * Buffers the given amount of input characters.  This is intended to be used
1227 * together with packet_read_poll.
1228 */
1229
1230void
1231packet_process_incoming(const char *buf, u_int len)
1232{
1233        buffer_append(&input, buf, len);
1234}
1235
1236/* Returns a character from the packet. */
1237
1238u_int
1239packet_get_char(void)
1240{
1241        char ch;
1242
1243        buffer_get(&incoming_packet, &ch, 1);
1244        return (u_char) ch;
1245}
1246
1247/* Returns an integer from the packet data. */
1248
1249u_int
1250packet_get_int(void)
1251{
1252        return buffer_get_int(&incoming_packet);
1253}
1254
1255/*
1256 * Returns an arbitrary precision integer from the packet data.  The integer
1257 * must have been initialized before this call.
1258 */
1259
1260void
1261packet_get_bignum(BIGNUM * value)
1262{
1263        buffer_get_bignum(&incoming_packet, value);
1264}
1265
1266void
1267packet_get_bignum2(BIGNUM * value)
1268{
1269        buffer_get_bignum2(&incoming_packet, value);
1270}
1271
1272void *
1273packet_get_raw(u_int *length_ptr)
1274{
1275        u_int bytes = buffer_len(&incoming_packet);
1276
1277        if (length_ptr != NULL)
1278                *length_ptr = bytes;
1279        return buffer_ptr(&incoming_packet);
1280}
1281
1282int
1283packet_remaining(void)
1284{
1285        return buffer_len(&incoming_packet);
1286}
1287
1288/*
1289 * Returns a string from the packet data.  The string is allocated using
1290 * xmalloc; it is the responsibility of the calling program to free it when
1291 * no longer needed.  The length_ptr argument may be NULL, or point to an
1292 * integer into which the length of the string is stored.
1293 */
1294
1295void *
1296packet_get_string(u_int *length_ptr)
1297{
1298        return buffer_get_string(&incoming_packet, length_ptr);
1299}
1300
1301/*
1302 * Sends a diagnostic message from the server to the client.  This message
1303 * can be sent at any time (but not while constructing another message). The
1304 * message is printed immediately, but only if the client is being executed
1305 * in verbose mode.  These messages are primarily intended to ease debugging
1306 * authentication problems.   The length of the formatted message must not
1307 * exceed 1024 bytes.  This will automatically call packet_write_wait.
1308 */
1309
1310void
1311packet_send_debug(const char *fmt,...)
1312{
1313        char buf[1024];
1314        va_list args;
1315
1316        if (compat20 && (datafellows & SSH_BUG_DEBUG))
1317                return;
1318
1319        va_start(args, fmt);
1320        vsnprintf(buf, sizeof(buf), fmt, args);
1321        va_end(args);
1322
1323        if (compat20) {
1324                packet_start(SSH2_MSG_DEBUG);
1325                packet_put_char(0);     /* bool: always display */
1326                packet_put_cstring(buf);
1327                packet_put_cstring("");
1328        } else {
1329                packet_start(SSH_MSG_DEBUG);
1330                packet_put_cstring(buf);
1331        }
1332        packet_send();
1333        packet_write_wait();
1334}
1335
1336/*
1337 * Logs the error plus constructs and sends a disconnect packet, closes the
1338 * connection, and exits.  This function never returns. The error message
1339 * should not contain a newline.  The length of the formatted message must
1340 * not exceed 1024 bytes.
1341 */
1342
1343void
1344packet_disconnect(const char *fmt,...)
1345{
1346        char buf[1024];
1347        va_list args;
1348        static int disconnecting = 0;
1349
1350        if (disconnecting)      /* Guard against recursive invocations. */
1351                fatal("packet_disconnect called recursively.");
1352        disconnecting = 1;
1353
1354        /*
1355         * Format the message.  Note that the caller must make sure the
1356         * message is of limited size.
1357         */
1358        va_start(args, fmt);
1359        vsnprintf(buf, sizeof(buf), fmt, args);
1360        va_end(args);
1361
1362        /* Display the error locally */
1363        logit("Disconnecting: %.100s", buf);
1364
1365        /* Send the disconnect message to the other side, and wait for it to get sent. */
1366        if (compat20) {
1367                packet_start(SSH2_MSG_DISCONNECT);
1368                packet_put_int(SSH2_DISCONNECT_PROTOCOL_ERROR);
1369                packet_put_cstring(buf);
1370                packet_put_cstring("");
1371        } else {
1372                packet_start(SSH_MSG_DISCONNECT);
1373                packet_put_cstring(buf);
1374        }
1375        packet_send();
1376        packet_write_wait();
1377
1378        /* Stop listening for connections. */
1379        channel_close_all();
1380
1381        /* Close the connection. */
1382        packet_close();
1383        cleanup_exit(255);
1384}
1385
1386/* Checks if there is any buffered output, and tries to write some of the output. */
1387
1388void
1389packet_write_poll(void)
1390{
1391        int len = buffer_len(&output);
1392
1393        if (len > 0) {
1394                len = write(connection_out, buffer_ptr(&output), len);
1395                if (len <= 0) {
1396                        if (errno == EAGAIN)
1397                                return;
1398                        else
1399                                fatal("Write failed: %.100s", strerror(errno));
1400                }
1401                buffer_consume(&output, len);
1402        }
1403}
1404
1405/*
1406 * Calls packet_write_poll repeatedly until all pending output data has been
1407 * written.
1408 */
1409
1410void
1411packet_write_wait(void)
1412{
1413        fd_set *setp;
1414
1415        setp = (fd_set *)xmalloc(howmany(connection_out + 1, NFDBITS) *
1416            sizeof(fd_mask));
1417        packet_write_poll();
1418        while (packet_have_data_to_write()) {
1419                memset(setp, 0, howmany(connection_out + 1, NFDBITS) *
1420                    sizeof(fd_mask));
1421                FD_SET(connection_out, setp);
1422                while (select(connection_out + 1, NULL, setp, NULL, NULL) == -1 &&
1423                    (errno == EAGAIN || errno == EINTR))
1424                        ;
1425                packet_write_poll();
1426        }
1427        xfree(setp);
1428}
1429
1430/* Returns true if there is buffered data to write to the connection. */
1431
1432int
1433packet_have_data_to_write(void)
1434{
1435        return buffer_len(&output) != 0;
1436}
1437
1438/* Returns true if there is not too much data to write to the connection. */
1439
1440int
1441packet_not_very_much_data_to_write(void)
1442{
1443        if (interactive_mode)
1444                return buffer_len(&output) < 16384;
1445        else
1446                return buffer_len(&output) < 128 * 1024;
1447}
1448
1449
1450static void
1451packet_set_tos(int interactive)
1452{
1453#if defined(IP_TOS) && !defined(IP_TOS_IS_BROKEN)
1454        int tos = interactive ? IPTOS_LOWDELAY : IPTOS_THROUGHPUT;
1455
1456        if (!packet_connection_is_on_socket() ||
1457            !packet_connection_is_ipv4())
1458                return;
1459        if (setsockopt(connection_in, IPPROTO_IP, IP_TOS, &tos,
1460            sizeof(tos)) < 0)
1461                error("setsockopt IP_TOS %d: %.100s:",
1462                    tos, strerror(errno));
1463#endif
1464}
1465
1466/* Informs that the current session is interactive.  Sets IP flags for that. */
1467
1468void
1469packet_set_interactive(int interactive)
1470{
1471        static int called = 0;
1472
1473        if (called)
1474                return;
1475        called = 1;
1476
1477        /* Record that we are in interactive mode. */
1478        interactive_mode = interactive;
1479
1480        /* Only set socket options if using a socket.  */
1481        if (!packet_connection_is_on_socket())
1482                return;
1483        if (interactive)
1484                set_nodelay(connection_in);
1485        packet_set_tos(interactive);
1486}
1487
1488/* Returns true if the current connection is interactive. */
1489
1490int
1491packet_is_interactive(void)
1492{
1493        return interactive_mode;
1494}
1495
1496int
1497packet_set_maxsize(u_int s)
1498{
1499        static int called = 0;
1500
1501        if (called) {
1502                logit("packet_set_maxsize: called twice: old %d new %d",
1503                    max_packet_size, s);
1504                return -1;
1505        }
1506        if (s < 4 * 1024 || s > 1024 * 1024) {
1507                logit("packet_set_maxsize: bad size %d", s);
1508                return -1;
1509        }
1510        called = 1;
1511        debug("packet_set_maxsize: setting to %d", s);
1512        max_packet_size = s;
1513        return s;
1514}
1515
1516/* roundup current message to pad bytes */
1517void
1518packet_add_padding(u_char pad)
1519{
1520        extra_pad = pad;
1521}
1522
1523/*
1524 * 9.2.  Ignored Data Message
1525 *
1526 *   byte      SSH_MSG_IGNORE
1527 *   string    data
1528 *
1529 * All implementations MUST understand (and ignore) this message at any
1530 * time (after receiving the protocol version). No implementation is
1531 * required to send them. This message can be used as an additional
1532 * protection measure against advanced traffic analysis techniques.
1533 */
1534void
1535packet_send_ignore(int nbytes)
1536{
1537        u_int32_t rnd = 0;
1538        int i;
1539
1540        packet_start(compat20 ? SSH2_MSG_IGNORE : SSH_MSG_IGNORE);
1541        packet_put_int(nbytes);
1542        for (i = 0; i < nbytes; i++) {
1543                if (i % 4 == 0)
1544                        rnd = arc4random();
1545                packet_put_char(rnd & 0xff);
1546                rnd >>= 8;
1547        }
1548}
1549
1550#define MAX_PACKETS     (1U<<31)
1551int
1552packet_need_rekeying(void)
1553{
1554        if (datafellows & SSH_BUG_NOREKEY)
1555                return 0;
1556        return
1557            (p_send.packets > MAX_PACKETS) ||
1558            (p_read.packets > MAX_PACKETS) ||
1559            (max_blocks_out && (p_send.blocks > max_blocks_out)) ||
1560            (max_blocks_in  && (p_read.blocks > max_blocks_in));
1561}
1562
1563void
1564packet_set_rekey_limit(u_int32_t bytes)
1565{
1566        rekey_limit = bytes;
1567}
1568
1569void
1570packet_set_server(void)
1571{
1572        server_side = 1;
1573}
1574
1575void
1576packet_set_authenticated(void)
1577{
1578        after_authentication = 1;
1579}
Note: See TracBrowser for help on using the repository browser.