diff options
Diffstat (limited to 'crypto/openssh/packet.c')
-rw-r--r-- | crypto/openssh/packet.c | 50 |
1 files changed, 34 insertions, 16 deletions
diff --git a/crypto/openssh/packet.c b/crypto/openssh/packet.c index 7884eeb..aca06d7 100644 --- a/crypto/openssh/packet.c +++ b/crypto/openssh/packet.c @@ -1,4 +1,4 @@ -/* $OpenBSD: packet.c,v 1.208 2015/02/13 18:57:00 markus Exp $ */ +/* $OpenBSD: packet.c,v 1.212 2015/05/01 07:10:01 djm Exp $ */ /* * Author: Tatu Ylonen <ylo@cs.hut.fi> * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland @@ -291,6 +291,7 @@ ssh_packet_set_connection(struct ssh *ssh, int fd_in, int fd_out) (r = cipher_init(&state->receive_context, none, (const u_char *)"", 0, NULL, 0, CIPHER_DECRYPT)) != 0) { error("%s: cipher_init failed: %s", __func__, ssh_err(r)); + free(ssh); return NULL; } state->newkeys[MODE_IN] = state->newkeys[MODE_OUT] = NULL; @@ -792,7 +793,9 @@ ssh_packet_set_compress_hooks(struct ssh *ssh, void *ctx, void ssh_packet_set_encryption_key(struct ssh *ssh, const u_char *key, u_int keylen, int number) { -#ifdef WITH_SSH1 +#ifndef WITH_SSH1 + fatal("no SSH protocol 1 support"); +#else /* WITH_SSH1 */ struct session_state *state = ssh->state; const struct sshcipher *cipher = cipher_by_number(number); int r; @@ -1280,7 +1283,7 @@ ssh_packet_read_seqnr(struct ssh *ssh, u_char *typep, u_int32_t *seqnr_p) * been sent. */ if ((r = ssh_packet_write_wait(ssh)) != 0) - return r; + goto out; /* Stay in the loop until we have received a complete packet. */ for (;;) { @@ -1338,15 +1341,20 @@ ssh_packet_read_seqnr(struct ssh *ssh, u_char *typep, u_int32_t *seqnr_p) len = roaming_read(state->connection_in, buf, sizeof(buf), &cont); } while (len == 0 && cont); - if (len == 0) - return SSH_ERR_CONN_CLOSED; - if (len < 0) - return SSH_ERR_SYSTEM_ERROR; + if (len == 0) { + r = SSH_ERR_CONN_CLOSED; + goto out; + } + if (len < 0) { + r = SSH_ERR_SYSTEM_ERROR; + goto out; + } /* Append it to the buffer. */ if ((r = ssh_packet_process_incoming(ssh, buf, len)) != 0) - return r; + goto out; } + out: free(setp); return r; } @@ -1913,9 +1921,19 @@ sshpkt_fatal(struct ssh *ssh, const char *tag, int r) logit("Connection closed by %.200s", ssh_remote_ipaddr(ssh)); cleanup_exit(255); case SSH_ERR_CONN_TIMEOUT: - logit("Connection to %.200s timed out while " - "waiting to write", ssh_remote_ipaddr(ssh)); + logit("Connection to %.200s timed out", ssh_remote_ipaddr(ssh)); cleanup_exit(255); + case SSH_ERR_DISCONNECTED: + logit("Disconnected from %.200s", + ssh_remote_ipaddr(ssh)); + cleanup_exit(255); + case SSH_ERR_SYSTEM_ERROR: + if (errno == ECONNRESET) { + logit("Connection reset by %.200s", + ssh_remote_ipaddr(ssh)); + cleanup_exit(255); + } + /* FALLTHROUGH */ default: fatal("%s%sConnection to %.200s: %s", tag != NULL ? tag : "", tag != NULL ? ": " : "", @@ -2728,13 +2746,14 @@ sshpkt_put_stringb(struct ssh *ssh, const struct sshbuf *v) return sshbuf_put_stringb(ssh->state->outgoing_packet, v); } -#if defined(WITH_OPENSSL) && defined(OPENSSL_HAS_ECC) +#ifdef WITH_OPENSSL +#ifdef OPENSSL_HAS_ECC int sshpkt_put_ec(struct ssh *ssh, const EC_POINT *v, const EC_GROUP *g) { return sshbuf_put_ec(ssh->state->outgoing_packet, v, g); } -#endif /* WITH_OPENSSL && OPENSSL_HAS_ECC */ +#endif /* OPENSSL_HAS_ECC */ #ifdef WITH_SSH1 int @@ -2744,7 +2763,6 @@ sshpkt_put_bignum1(struct ssh *ssh, const BIGNUM *v) } #endif /* WITH_SSH1 */ -#ifdef WITH_OPENSSL int sshpkt_put_bignum2(struct ssh *ssh, const BIGNUM *v) { @@ -2796,13 +2814,14 @@ sshpkt_get_cstring(struct ssh *ssh, char **valp, size_t *lenp) return sshbuf_get_cstring(ssh->state->incoming_packet, valp, lenp); } -#if defined(WITH_OPENSSL) && defined(OPENSSL_HAS_ECC) +#ifdef WITH_OPENSSL +#ifdef OPENSSL_HAS_ECC int sshpkt_get_ec(struct ssh *ssh, EC_POINT *v, const EC_GROUP *g) { return sshbuf_get_ec(ssh->state->incoming_packet, v, g); } -#endif /* WITH_OPENSSL && OPENSSL_HAS_ECC */ +#endif /* OPENSSL_HAS_ECC */ #ifdef WITH_SSH1 int @@ -2812,7 +2831,6 @@ sshpkt_get_bignum1(struct ssh *ssh, BIGNUM *v) } #endif /* WITH_SSH1 */ -#ifdef WITH_OPENSSL int sshpkt_get_bignum2(struct ssh *ssh, BIGNUM *v) { |