lib/libssh
1
0
Fork 0
mirror of https://git.libssh.org/projects/libssh.git synced 2025-08-10 06:23:01 +03:00
Code Activity

Add more error checks to packet_send2().

Browse Source 
git-svn-id: svn+ssh://svn.berlios.de/svnroot/repos/libssh/trunk@459 7dcaeef0-15fb-0310-b436-a5af3365683c
This commit is contained in:
Andreas Schneider
2009-04-14 09:05:57 +00:00
parent 749e95cbf1
commit 02ebbfdeca
1 changed files with 64 additions and 37 deletions
Download Patch File Download Diff File Expand all files Collapse all files

101
libssh/packet.c
View File

@@ -431,46 +431,73 @@ static int packet_write(SSH_SESSION *session) {
return rc; return rc;
} }
static int packet_send2(SSH_SESSION *session){ static int packet_send2(SSH_SESSION *session) {
char padstring[32]; unsigned int blocksize = (session->current_crypto ?
u32 finallen; session->current_crypto->out_cipher->blocksize : 8);
u8 padding; u32 currentlen = buffer_get_len(session->out_buffer);
u32 currentlen=buffer_get_len(session->out_buffer); unsigned char *hmac = NULL;
unsigned char *hmac; char padstring[32] = {0};
int ret=0; int rc = SSH_ERROR;
unsigned int blocksize=(session->current_crypto?session->current_crypto->out_cipher->blocksize:8); u32 finallen;
enter_function(); u8 padding;
ssh_log(session, SSH_LOG_RARE,
"Writing on the wire a packet having %u bytes before", currentlen); enter_function();
ssh_log(session, SSH_LOG_RARE,
"Writing on the wire a packet having %u bytes before", currentlen);
#if defined(HAVE_LIBZ) && defined(WITH_LIBZ) #if defined(HAVE_LIBZ) && defined(WITH_LIBZ)
if(session->current_crypto && session->current_crypto->do_compress_out){ if (session->current_crypto && session->current_crypto->do_compress_out) {
ssh_log(session, SSH_LOG_RARE, "Compressing in_buffer ..."); ssh_log(session, SSH_LOG_RARE, "Compressing in_buffer ...");
compress_buffer(session,session->out_buffer); if (compress_buffer(session,session->out_buffer) < 0) {
currentlen=buffer_get_len(session->out_buffer); goto error;
} }
currentlen = buffer_get_len(session->out_buffer);
}
#endif #endif
padding=(blocksize- ((currentlen+5) % blocksize)); padding = (blocksize - ((currentlen +5) % blocksize));
if(padding<4) if(padding < 4) {
padding+=blocksize; padding += blocksize;
if(session->current_crypto) }
ssh_get_random(padstring,padding,0);
else if (session->current_crypto) {
memset(padstring,0,padding); ssh_get_random(padstring, padding, 0);
finallen=htonl(currentlen+padding+1); } else {
ssh_log(session, SSH_LOG_RARE, memset(padstring,0,padding);
"%d bytes after comp + %d padding bytes = %d bytes packet", }
currentlen, padding, (ntohl(finallen)));
buffer_add_data_begin(session->out_buffer,&padding,sizeof(u8)); finallen = htonl(currentlen + padding + 1);
buffer_add_data_begin(session->out_buffer,&finallen,sizeof(u32)); ssh_log(session, SSH_LOG_RARE,
buffer_add_data(session->out_buffer,padstring,padding); "%d bytes after comp + %d padding bytes = %d bytes packet",
hmac=packet_encrypt(session,buffer_get(session->out_buffer),buffer_get_len(session->out_buffer)); currentlen, padding, (ntohl(finallen)));
if(hmac)
buffer_add_data(session->out_buffer,hmac,20); if (buffer_add_data_begin(session->out_buffer, &padding, sizeof(u8)) < 0) {
ret=packet_write(session); goto error;
session->send_seq++; }
buffer_reinit(session->out_buffer); if (buffer_add_data_begin(session->out_buffer, &finallen, sizeof(u32)) < 0) {
leave_function(); goto error;
return ret; /* SSH_OK, AGAIN or ERROR */ }
if (buffer_add_data(session->out_buffer, padstring, padding) < 0) {
goto error;
}
hmac = packet_encrypt(session, buffer_get(session->out_buffer),
buffer_get_len(session->out_buffer));
if (hmac) {
if (buffer_add_data(session->out_buffer, hmac, 20) < 0) {
goto error;
}
}
rc = packet_write(session);
session->send_seq++;
if (buffer_reinit(session->out_buffer) < 0) {
rc = SSH_ERROR;
}
error:
leave_function();
return rc; /* SSH_OK, AGAIN or ERROR */
} }
#ifdef HAVE_SSH1 #ifdef HAVE_SSH1