Develop and Download Open Source Software

Tera Term

Browse Subversion Repository

/[ttssh2]/trunk/ttssh2/ttxssh/pkt.c

Contents of /trunk/ttssh2/ttxssh/pkt.c

Parent Directory Parent Directory | Revision Log Revision Log

Revision 6969 - (show annotations) (download) (as text)
Thu Nov 2 11:37:41 2017 UTC (6 years, 5 months ago) by doda
File MIME type: text/x-csrc
File size: 8751 byte(s) 
OpenSSH の EtM 方式の MAC に対応。#31495

以下の MAC 方式に対応。
  ・hmac-sha2-256-etm@openssh.comhmac-sha2-512-etm@openssh.comhmac-sha1-etm@openssh.comhmac-md5-etm@openssh.com (*1)
  ・hmac-ripemd160-etm@openssh.com (*1, *2)
  ・hmac-sha1-96-etm@openssh.com (*1, *3)
  ・hmac-md5-96-etm@openssh.com (*1, *3)

検討事項:
  ・*1 の方式は現在のOpenSSHではデフォルトでは使わないようになっているが、
    サポートする価値はある?  (サーバ: 6.7以降, クライアント:7.2以降)
  ・*2 の ripemd160 は OpenSSH 7.6 ではサポートがはずされて使えなくなった。
    OpenSSH 7.5 以前なら(設定すれば)使えるが、サポートする価値はある?
  ・*3 の 96bit truncate な MAC は優先度を NONE より下にしてデフォルトでは
    使わないようにした。今時 96bit truncate な MAC をサポートする価値ある?
  ・OpenSSH では EtM な MAC を優先するようになっており、ttssh もそれに
    習って順番を決めた。しかしアップグレードインストールでは末尾に追加
    される為、優先度が低くなる。ア
    ップグレー時にも優先度を高くする方法はないか?
1 /*
2 * Copyright (c) 1998-2001, Robert O'Callahan
3 * (C) 2004-2017 TeraTerm Project
4 * All rights reserved.
5 *
6 * Redistribution and use in source and binary forms, with or without
7 * modification, are permitted provided that the following conditions
8 * are met:
9 *
10 * 1. Redistributions of source code must retain the above copyright
11 * notice, this list of conditions and the following disclaimer.
12 * 2. Redistributions in binary form must reproduce the above copyright
13 * notice, this list of conditions and the following disclaimer in the
14 * documentation and/or other materials provided with the distribution.
15 * 3. The name of the author may not be used to endorse or promote products
16 * derived from this software without specific prior written permission.
17 *
18 * THIS SOFTWARE IS PROVIDED BY THE AUTHORS ``AS IS'' AND ANY EXPRESS OR
19 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
20 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
21 * IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR ANY DIRECT, INDIRECT,
22 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
23 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
24 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
25 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
26 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
27 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
28 */
29
30 /*
31 This code is copyright (C) 1998-1999 Robert O'Callahan.
32 See LICENSE.TXT for the license.
33 */
34
35 #include "ttxssh.h"
36 #include "util.h"
37 #include "pkt.h"
38
39 #define READAMOUNT CHAN_SES_WINDOW_DEFAULT
40
41 void PKT_init(PTInstVar pvar)
42 {
43 buf_create(&pvar->pkt_state.buf, &pvar->pkt_state.buflen);
44 pvar->pkt_state.datastart = 0;
45 pvar->pkt_state.datalen = 0;
46 pvar->pkt_state.seen_server_ID = FALSE;
47 pvar->pkt_state.seen_newline = FALSE;
48 pvar->pkt_state.predecrypted_packet = FALSE;
49 }
50
51 /* Read some data, leave no more than up_to_amount bytes in the buffer,
52 return the number of bytes read or -1 on error or blocking. */
53 static int recv_data(PTInstVar pvar, unsigned long up_to_amount)
54 {
55 int amount_read;
56
57 /* Shuffle data to the start of the buffer */
58 if (pvar->pkt_state.datastart != 0) {
59 memmove(pvar->pkt_state.buf,
60 pvar->pkt_state.buf + pvar->pkt_state.datastart,
61 pvar->pkt_state.datalen);
62 pvar->pkt_state.datastart = 0;
63 }
64
65 buf_ensure_size(&pvar->pkt_state.buf, &pvar->pkt_state.buflen, up_to_amount);
66
67 _ASSERT(pvar->pkt_state.buf != NULL);
68
69 amount_read = (pvar->Precv) (pvar->socket,
70 pvar->pkt_state.buf + pvar->pkt_state.datalen,
71 up_to_amount - pvar->pkt_state.datalen,
72 0);
73
74 if (amount_read > 0) {
75 /* Update seen_newline if necessary */
76 if (!pvar->pkt_state.seen_server_ID && !pvar->pkt_state.seen_newline) {
77 int i;
78
79 for (i = 0; i < amount_read; i++) {
80 if (pvar->pkt_state.buf[pvar->pkt_state.datalen + i] == '\n') {
81 pvar->pkt_state.seen_newline = 1;
82 }
83 }
84 }
85 pvar->pkt_state.datalen += amount_read;
86 }
87
88 return amount_read;
89 }
90
91
92 // ���s�R�[�h���o��������������
93 static int recv_line_data(PTInstVar pvar)
94 {
95 int amount_read;
96 char buf[256];
97 size_t up_to_amount = sizeof(buf);
98 int i;
99
100 /* Shuffle data to the start of the buffer */
101 if (pvar->pkt_state.datastart != 0) {
102 memmove(pvar->pkt_state.buf,
103 pvar->pkt_state.buf + pvar->pkt_state.datastart,
104 pvar->pkt_state.datalen);
105 pvar->pkt_state.datastart = 0;
106 }
107
108 buf_ensure_size(&pvar->pkt_state.buf, &pvar->pkt_state.buflen, up_to_amount);
109
110 for (i = 0 ; i < (int)up_to_amount ; i++) {
111 amount_read = (pvar->Precv) (pvar->socket, &buf[i], 1, 0);
112 if (amount_read != 1) {
113 return 0; // error
114 }
115
116 pvar->pkt_state.datalen += amount_read;
117
118 if (buf[i] == '\n') { // 0x0a
119 buf[i+1] = 0;
120 break;
121 }
122 }
123 amount_read = i + 1; // ���������T�C�Y�iLF�������j
124 memcpy(pvar->pkt_state.buf, buf, amount_read);
125
126 pvar->pkt_state.seen_newline = 1;
127
128 return amount_read;
129 }
130
131
132 /* This function does two things:
133 -- reads data from the sshd and feeds the SSH protocol packets to ssh.c
134 -- copies any available decrypted session data into the application buffer
135 */
136 int PKT_recv(PTInstVar pvar, char *buf, int buflen)
137 {
138 int amount_in_buf = 0;
139 BOOL connection_closed = FALSE;
140
141 while (SSH_is_any_payload(pvar) ? buflen > 0 : !connection_closed) {
142 if (SSH_is_any_payload(pvar)) {
143 /* ssh.c has some session data for us to give to Tera Term. */
144 int grabbed = SSH_extract_payload(pvar, buf, buflen);
145
146 amount_in_buf += grabbed;
147 buf += grabbed;
148 buflen -= grabbed;
149 }
150 else if (!pvar->pkt_state.seen_server_ID && (pvar->pkt_state.seen_newline || pvar->pkt_state.datalen >= 255)) {
151 /*
152 * We're looking for the initial ID string and either we've seen the
153 * terminating newline, or we've exceeded the limit at which we should see a newline.
154 */
155 unsigned int i;
156
157 for (i = 0; pvar->pkt_state.buf[i] != '\n' && i < pvar->pkt_state.datalen; i++) {
158 }
159 if (pvar->pkt_state.buf[i] == '\n') {
160 i++;
161 }
162
163 // SSH�T�[�o���o�[�W�����`�F�b�N���s��
164 if (SSH_handle_server_ID(pvar, pvar->pkt_state.buf, i)) {
165 pvar->pkt_state.seen_server_ID = 1;
166
167 if (SSHv2(pvar)) {
168 // send Key Exchange Init
169 SSH2_send_kexinit(pvar);
170 }
171 } else {
172 // reset flag to re-read server ID (2008.1.24 yutaka)
173 pvar->pkt_state.seen_newline = 0;
174 }
175
176 pvar->pkt_state.datastart += i;
177 pvar->pkt_state.datalen -= i;
178 }
179 else if (pvar->pkt_state.seen_server_ID && pvar->pkt_state.datalen >= (unsigned int) SSH_get_min_packet_size(pvar)) {
180 char *data = pvar->pkt_state.buf + pvar->pkt_state.datastart;
181 uint32 padding;
182 uint32 pktsize;
183 uint32 total_packet_size;
184 struct Mac *mac = &pvar->ssh2_keys[MODE_IN].mac;
185 int etm;
186
187 etm = mac && mac->enabled && mac->etm;
188
189 // �������p�P�b�g�������������������B
190 if (!pvar->pkt_state.predecrypted_packet && !etm) {
191 SSH_predecrpyt_packet(pvar, data);
192 pvar->pkt_state.predecrypted_packet = TRUE;
193 }
194
195 if (SSHv1(pvar)) {
196 uint32 realpktsize = get_uint32_MSBfirst(data);
197
198 padding = 8 - (realpktsize % 8);
199 pktsize = realpktsize + padding;
200 } else {
201 // SSH2���p�P�b�g�������� packet-size(4)+padding(1)+type(1) �������B
202 pktsize = get_uint32_MSBfirst(data);
203 if (etm) {
204 padding = 0;
205 }
206 else {
207 padding = (unsigned char) data[4];
208 }
209 }
210
211 // �p�P�b�g(TCP�y�C���[�h)���S�����T�C�Y���ASSH�y�C���[�h�{4�i�{MAC�j�������B
212 // +4���ASSH�y�C���[�h���T�C�Y���i�[�������������iint�^�j�B
213 total_packet_size = pktsize + 4 + SSH_get_clear_MAC_size(pvar);
214
215 if (total_packet_size <= pvar->pkt_state.datalen) {
216 /* the data must be 4 byte aligned. */
217 if (SSHv1(pvar)) {
218 SSH_handle_packet1(pvar, data, pktsize, padding);
219 }
220 else {
221 SSH_handle_packet2(pvar, data, pktsize, padding, etm);
222 }
223 pvar->pkt_state.predecrypted_packet = FALSE;
224
225 pvar->pkt_state.datastart += total_packet_size;
226 pvar->pkt_state.datalen -= total_packet_size;
227
228 } else if (total_packet_size > PACKET_MAX_SIZE) {
229 // 4MB���������������p�P�b�g�����������A�����I�������B
230 // ���������f�[�^�������������s�����A���F�����������������B
231 UTIL_get_lang_msg("MSG_PKT_OVERSIZED_ERROR", pvar,
232 "Oversized packet received from server; connection will close.");
233 notify_fatal_error(pvar, pvar->ts->UIMsg, TRUE);
234 } else {
235 int amount_read = recv_data(pvar, max(total_packet_size, READAMOUNT));
236
237 if (amount_read == SOCKET_ERROR) {
238 if (amount_in_buf == 0) {
239 return SOCKET_ERROR;
240 } else {
241 return amount_in_buf;
242 }
243 } else {
244 if (amount_read == 0) {
245 connection_closed = TRUE;
246 }
247 }
248 }
249 } else {
250 // �p�P�b�g�����M
251 int amount_read;
252
253 amount_read = recv_data(pvar, READAMOUNT);
254
255 if (amount_read == SOCKET_ERROR) {
256 if (amount_in_buf == 0) {
257 return SOCKET_ERROR;
258 } else {
259 return amount_in_buf;
260 }
261 } else if (amount_read == 0) {
262 connection_closed = TRUE;
263 }
264 }
265
266 if (pvar->fatal_error) {
267 return amount_in_buf;
268 }
269 }
270
271 if (SSH_is_any_payload(pvar)) {
272 PostMessage(pvar->NotificationWindow, WM_USER_COMMNOTIFY, pvar->socket, MAKELPARAM(FD_READ, 0));
273 }
274
275 return amount_in_buf;
276 }
277
278 void PKT_end(PTInstVar pvar)
279 {
280 buf_destroy(&pvar->pkt_state.buf, &pvar->pkt_state.buflen);
281 }
Back to OSDN">Back to OSDN
 ViewVC Help
Powered by ViewVC 1.1.26  
About OSDN
Find Software
Develop Software
Help