lib/libssh
1
0
Fork 0
mirror of https://git.libssh.org/projects/libssh.git synced 2025-08-08 19:02:06 +03:00
Code Activity

buffers: adapt messages.c to ssh_buffer_(un)pack()

Browse Source 
Reviewed-by: Andreas Schneider <asn@samba.org>
This commit is contained in:
Aris Adamantiadis
2014-04-16 20:37:26 +02:00
committed by Andreas Schneider
parent 3703389feb
commit cfd2e4894e
1 changed files with 161 additions and 425 deletions
Download Patch File Download Diff File Expand all files Collapse all files

586
src/messages.c
View File

@@ -585,104 +585,34 @@ static ssh_buffer ssh_msg_userauth_build_digest(ssh_session session,
session->current_crypto ? session->current_crypto :
session->next_crypto;
ssh_buffer buffer;
ssh_string str;
ssh_string str=NULL;
int rc;
buffer = ssh_buffer_new();
if (buffer == NULL) {
return NULL;
}
/* Add session id */
str = ssh_string_new(crypto->digest_len);
if (str == NULL) {
ssh_buffer_free(buffer);
return NULL;
}
ssh_string_fill(str, crypto->session_id, crypto->digest_len);
rc = buffer_add_ssh_string(buffer, str);
ssh_string_free(str);
if (rc < 0) {
ssh_buffer_free(buffer);
return NULL;
}
/* Add the type */
rc = buffer_add_u8(buffer, SSH2_MSG_USERAUTH_REQUEST);
if (rc < 0) {
ssh_buffer_free(buffer);
return NULL;
}
/* Add the username */
str = ssh_string_from_char(msg->auth_request.username);
if (str == NULL) {
ssh_buffer_free(buffer);
return NULL;
}
rc = buffer_add_ssh_string(buffer, str);
ssh_string_free(str);
if (rc < 0) {
ssh_buffer_free(buffer);
return NULL;
}
/* Add the service name */
str = ssh_string_from_char(service);
if (str == NULL) {
ssh_buffer_free(buffer);
return NULL;
}
rc = buffer_add_ssh_string(buffer, str);
ssh_string_free(str);
if (rc < 0) {
ssh_buffer_free(buffer);
return NULL;
}
/* Add the method (publickey) */
str = ssh_string_from_char("publickey");
if (str == NULL) {
ssh_buffer_free(buffer);
return NULL;
}
rc = buffer_add_ssh_string(buffer, str);
ssh_string_free(str);
if (rc < 0) {
ssh_buffer_free(buffer);
return NULL;
}
/* Has been signed (TRUE) */
rc = buffer_add_u8(buffer, 1);
if (rc < 0) {
ssh_buffer_free(buffer);
return NULL;
}
/* Add the public key algorithm */
str = ssh_string_from_char(msg->auth_request.pubkey->type_c);
if (str == NULL) {
ssh_buffer_free(buffer);
return NULL;
}
rc = buffer_add_ssh_string(buffer, str);
ssh_string_free(str);
if (rc < 0) {
ssh_buffer_free(buffer);
return NULL;
}
/* Add the publickey as blob */
rc = ssh_pki_export_pubkey_blob(msg->auth_request.pubkey, &str);
if (rc < 0) {
ssh_buffer_free(buffer);
return NULL;
}
rc = buffer_add_ssh_string(buffer, str);
rc = ssh_buffer_pack(buffer,
"dPbsssbsS",
crypto->digest_len, /* session ID string */
(size_t)crypto->digest_len, crypto->session_id,
SSH2_MSG_USERAUTH_REQUEST, /* type */
msg->auth_request.username,
service,
"publickey", /* method */
1, /* has to be signed (true) */
msg->auth_request.pubkey->type_c, /* pubkey algorithm */
str); /* public key as a blob */
ssh_string_free(str);
if (rc < 0) {
if (rc != SSH_OK) {
ssh_set_error_oom(session);
ssh_buffer_free(buffer);
return NULL;
}
@@ -697,11 +627,10 @@ static ssh_buffer ssh_msg_userauth_build_digest(ssh_session session,
* SSH Message
*/
SSH_PACKET_CALLBACK(ssh_packet_userauth_request){
ssh_string str;
ssh_message msg = NULL;
char *service = NULL;
char *method = NULL;
uint32_t method_size = 0;
int rc;
(void)user;
(void)type;
@@ -712,35 +641,13 @@ SSH_PACKET_CALLBACK(ssh_packet_userauth_request){
goto error;
}
msg->type = SSH_REQUEST_AUTH;
rc = ssh_buffer_unpack(packet, "ss",
&msg->auth_request.username,
&service,
&method
);
str = buffer_get_ssh_string(packet);
if (str == NULL) {
goto error;
}
msg->auth_request.username = ssh_string_to_char(str);
ssh_string_free(str);
if (msg->auth_request.username == NULL) {
goto error;
}
str = buffer_get_ssh_string(packet);
if (str == NULL) {
goto error;
}
service = ssh_string_to_char(str);
ssh_string_free(str);
if (service == NULL) {
goto error;
}
str = buffer_get_ssh_string(packet);
if (str == NULL) {
goto error;
}
method = ssh_string_to_char(str);
method_size = ssh_string_len(str);
ssh_string_free(str);
if (method == NULL) {
if (rc != SSH_OK) {
goto error;
}
@@ -750,32 +657,23 @@ SSH_PACKET_CALLBACK(ssh_packet_userauth_request){
msg->auth_request.username);
if (strncmp(method, "none", method_size) == 0) {
if (strcmp(method, "none") == 0) {
msg->auth_request.method = SSH_AUTH_METHOD_NONE;
goto end;
}
if (strncmp(method, "password", method_size) == 0) {
ssh_string pass = NULL;
if (strcmp(method, "password") == 0) {
uint8_t tmp;
msg->auth_request.method = SSH_AUTH_METHOD_PASSWORD;
buffer_get_u8(packet, &tmp);
pass = buffer_get_ssh_string(packet);
if (pass == NULL) {
goto error;
}
msg->auth_request.password = ssh_string_to_char(pass);
ssh_string_burn(pass);
ssh_string_free(pass);
pass = NULL;
if (msg->auth_request.password == NULL) {
rc = ssh_buffer_unpack(packet, "bs", &tmp, &msg->auth_request.password);
if (rc != SSH_OK) {
goto error;
}
goto end;
}
if (strncmp(method, "keyboard-interactive", method_size) == 0) {
if (strcmp(method, "keyboard-interactive") == 0) {
ssh_string lang = NULL;
ssh_string submethods = NULL;
@@ -805,23 +703,20 @@ SSH_PACKET_CALLBACK(ssh_packet_userauth_request){
goto end;
}
if (strncmp(method, "publickey", method_size) == 0) {
if (strcmp(method, "publickey") == 0) {
ssh_string algo = NULL;
ssh_string pubkey_blob = NULL;
uint8_t has_sign;
int rc;
msg->auth_request.method = SSH_AUTH_METHOD_PUBLICKEY;
SAFE_FREE(method);
buffer_get_u8(packet, &has_sign);
algo = buffer_get_ssh_string(packet);
if (algo == NULL) {
goto error;
}
pubkey_blob = buffer_get_ssh_string(packet);
if (pubkey_blob == NULL) {
ssh_string_free(algo);
algo = NULL;
rc = ssh_buffer_unpack(packet, "bSS",
&has_sign,
&algo,
&pubkey_blob
);
if (rc != SSH_OK) {
goto error;
}
ssh_string_free(algo);
@@ -876,7 +771,7 @@ SSH_PACKET_CALLBACK(ssh_packet_userauth_request){
goto end;
}
#ifdef WITH_GSSAPI
if (strncmp(method, "gssapi-with-mic", method_size) == 0) {
if (strcmp(method, "gssapi-with-mic") == 0) {
uint32_t n_oid;
ssh_string *oids;
ssh_string oid;
@@ -992,7 +887,7 @@ SSH_PACKET_CALLBACK(ssh_packet_userauth_info_response){
msg->auth_request.username = NULL;
#endif
buffer_get_u32(packet, &nanswers);
ssh_buffer_unpack(packet, "d", &nanswers);
if (session->kbdint == NULL) {
SSH_LOG(SSH_LOG_PROTOCOL, "Warning: Got a keyboard-interactive "
@@ -1006,7 +901,6 @@ SSH_PACKET_CALLBACK(ssh_packet_userauth_info_response){
}
}
nanswers = ntohl(nanswers);
SSH_LOG(SSH_LOG_PACKET,"kbdint: %d answers",nanswers);
if (nanswers > KBDINT_MAX_PROMPT) {
ssh_set_error(session, SSH_FATAL,
@@ -1070,9 +964,9 @@ error:
SSH_PACKET_CALLBACK(ssh_packet_channel_open){
ssh_message msg = NULL;
ssh_string type_s = NULL, originator = NULL, destination = NULL;
char *type_c = NULL;
uint32_t sender, window, packet_size, originator_port, destination_port;
uint32_t originator_port, destination_port;
int rc;
(void)type;
(void)user;
@@ -1083,30 +977,18 @@ SSH_PACKET_CALLBACK(ssh_packet_channel_open){
}
msg->type = SSH_REQUEST_CHANNEL_OPEN;
type_s = buffer_get_ssh_string(packet);
if (type_s == NULL) {
ssh_set_error_oom(session);
goto error;
}
type_c = ssh_string_to_char(type_s);
if (type_c == NULL) {
ssh_set_error_oom(session);
goto error;
rc = ssh_buffer_unpack(packet, "s", &type_c);
if (rc != SSH_OK){
goto error;
}
SSH_LOG(SSH_LOG_PACKET,
"Clients wants to open a %s channel", type_c);
ssh_string_free(type_s);
type_s=NULL;
buffer_get_u32(packet, &sender);
buffer_get_u32(packet, &window);
buffer_get_u32(packet, &packet_size);
msg->channel_request_open.sender = ntohl(sender);
msg->channel_request_open.window = ntohl(window);
msg->channel_request_open.packet_size = ntohl(packet_size);
ssh_buffer_unpack(packet,"ddd",
&msg->channel_request_open.sender,
&msg->channel_request_open.window,
&msg->channel_request_open.packet_size);
if (session->session_state != SSH_SESSION_STATE_AUTHENTICATED){
ssh_set_error(session,SSH_FATAL, "Invalid state when receiving channel open request (must be authenticated)");
@@ -1120,96 +1002,45 @@ SSH_PACKET_CALLBACK(ssh_packet_channel_open){
}
if (strcmp(type_c,"direct-tcpip") == 0) {
destination = buffer_get_ssh_string(packet);
if (destination == NULL) {
ssh_set_error_oom(session);
rc = ssh_buffer_unpack(packet, "sds",
&msg->channel_request_open.destination,
&destination_port,
&msg->channel_request_open.originator,
&originator_port);
if (rc != SSH_OK) {
goto error;
}
msg->channel_request_open.destination = ssh_string_to_char(destination);
if (msg->channel_request_open.destination == NULL) {
ssh_set_error_oom(session);
ssh_string_free(destination);
goto error;
}
ssh_string_free(destination);
buffer_get_u32(packet, &destination_port);
msg->channel_request_open.destination_port = (uint16_t) ntohl(destination_port);
originator = buffer_get_ssh_string(packet);
if (originator == NULL) {
ssh_set_error_oom(session);
goto error;
}
msg->channel_request_open.originator = ssh_string_to_char(originator);
if (msg->channel_request_open.originator == NULL) {
ssh_set_error_oom(session);
ssh_string_free(originator);
goto error;
}
ssh_string_free(originator);
buffer_get_u32(packet, &originator_port);
msg->channel_request_open.originator_port = (uint16_t) ntohl(originator_port);
msg->channel_request_open.destination_port = (uint16_t) destination_port;
msg->channel_request_open.originator_port = (uint16_t) originator_port;
msg->channel_request_open.type = SSH_CHANNEL_DIRECT_TCPIP;
goto end;
}
if (strcmp(type_c,"forwarded-tcpip") == 0) {
destination = buffer_get_ssh_string(packet);
if (destination == NULL) {
ssh_set_error_oom(session);
goto error;
}
msg->channel_request_open.destination = ssh_string_to_char(destination);
if (msg->channel_request_open.destination == NULL) {
ssh_set_error_oom(session);
ssh_string_free(destination);
goto error;
}
ssh_string_free(destination);
buffer_get_u32(packet, &destination_port);
msg->channel_request_open.destination_port = (uint16_t) ntohl(destination_port);
originator = buffer_get_ssh_string(packet);
if (originator == NULL) {
ssh_set_error_oom(session);
goto error;
}
msg->channel_request_open.originator = ssh_string_to_char(originator);
if (msg->channel_request_open.originator == NULL) {
ssh_set_error_oom(session);
ssh_string_free(originator);
goto error;
}
ssh_string_free(originator);
buffer_get_u32(packet, &originator_port);
msg->channel_request_open.originator_port = (uint16_t) ntohl(originator_port);
rc = ssh_buffer_unpack(packet, "sdsd",
&msg->channel_request_open.destination,
&destination_port,
&msg->channel_request_open.originator,
&originator_port
);
if (rc != SSH_OK){
goto error;
}
msg->channel_request_open.destination_port = (uint16_t) destination_port;
msg->channel_request_open.originator_port = (uint16_t) originator_port;
msg->channel_request_open.type = SSH_CHANNEL_FORWARDED_TCPIP;
goto end;
}
if (strcmp(type_c,"x11") == 0) {
originator = buffer_get_ssh_string(packet);
if (originator == NULL) {
ssh_set_error_oom(session);
goto error;
}
msg->channel_request_open.originator = ssh_string_to_char(originator);
if (msg->channel_request_open.originator == NULL) {
ssh_set_error_oom(session);
ssh_string_free(originator);
goto error;
}
ssh_string_free(originator);
buffer_get_u32(packet, &originator_port);
msg->channel_request_open.originator_port = (uint16_t) ntohl(originator_port);
rc = ssh_buffer_unpack(packet, "sd",
&msg->channel_request_open.originator,
&originator_port);
if (rc != SSH_OK){
goto error;
}
msg->channel_request_open.originator_port = (uint16_t) originator_port;
msg->channel_request_open.type = SSH_CHANNEL_X11;
goto end;
}
@@ -1221,8 +1052,6 @@ error:
ssh_message_free(msg);
msg=NULL;
end:
if(type_s != NULL)
ssh_string_free(type_s);
SAFE_FREE(type_c);
if(msg != NULL)
ssh_message_queue(session,msg);
@@ -1248,28 +1077,15 @@ int ssh_message_channel_request_open_reply_accept_channel(ssh_message msg, ssh_c
chan->remote_window = msg->channel_request_open.window;
chan->state = SSH_CHANNEL_STATE_OPEN;
rc = buffer_add_u8(session->out_buffer, SSH2_MSG_CHANNEL_OPEN_CONFIRMATION);
if (rc < 0) {
return SSH_ERROR;
}
rc = buffer_add_u32(session->out_buffer, htonl(chan->remote_channel));
if (rc < 0) {
return SSH_ERROR;
}
rc =buffer_add_u32(session->out_buffer, htonl(chan->local_channel));
if (rc < 0) {
return SSH_ERROR;
}
rc = buffer_add_u32(session->out_buffer, htonl(chan->local_window));
if (rc < 0) {
return SSH_ERROR;
}
rc = buffer_add_u32(session->out_buffer, htonl(chan->local_maxpacket));
if (rc < 0) {
rc = ssh_buffer_pack(session->out_buffer,
"bdddd",
SSH2_MSG_CHANNEL_OPEN_CONFIRMATION,
chan->remote_channel,
chan->local_channel,
chan->local_window,
chan->local_maxpacket);
if (rc != SSH_OK) {
ssh_set_error_oom(session);
return SSH_ERROR;
}
@@ -1326,6 +1142,7 @@ ssh_channel ssh_message_channel_request_open_reply_accept(ssh_message msg) {
int ssh_message_handle_channel_request(ssh_session session, ssh_channel channel, ssh_buffer packet,
const char *request, uint8_t want_reply) {
ssh_message msg = NULL;
int rc;
msg = ssh_message_new(session);
if (msg == NULL) {
@@ -1342,36 +1159,18 @@ int ssh_message_handle_channel_request(ssh_session session, ssh_channel channel,
msg->channel_request.want_reply = want_reply;
if (strcmp(request, "pty-req") == 0) {
ssh_string term = NULL;
char *term_c = NULL;
term = buffer_get_ssh_string(packet);
if (term == NULL) {
ssh_set_error_oom(session);
goto error;
}
term_c = ssh_string_to_char(term);
if (term_c == NULL) {
ssh_set_error_oom(session);
ssh_string_free(term);
goto error;
}
ssh_string_free(term);
rc = ssh_buffer_unpack(packet, "sddddS",
&msg->channel_request.TERM,
&msg->channel_request.width,
&msg->channel_request.height,
&msg->channel_request.pxwidth,
&msg->channel_request.pxheight,
&msg->channel_request.modes
);
msg->channel_request.type = SSH_CHANNEL_REQUEST_PTY;
msg->channel_request.TERM = term_c;
buffer_get_u32(packet, &msg->channel_request.width);
buffer_get_u32(packet, &msg->channel_request.height);
buffer_get_u32(packet, &msg->channel_request.pxwidth);
buffer_get_u32(packet, &msg->channel_request.pxheight);
msg->channel_request.width = ntohl(msg->channel_request.width);
msg->channel_request.height = ntohl(msg->channel_request.height);
msg->channel_request.pxwidth = ntohl(msg->channel_request.pxwidth);
msg->channel_request.pxheight = ntohl(msg->channel_request.pxheight);
msg->channel_request.modes = buffer_get_ssh_string(packet);
if (msg->channel_request.modes == NULL) {
SAFE_FREE(term_c);
if (rc != SSH_OK) {
goto error;
}
goto end;
@@ -1379,39 +1178,24 @@ int ssh_message_handle_channel_request(ssh_session session, ssh_channel channel,
if (strcmp(request, "window-change") == 0) {
msg->channel_request.type = SSH_CHANNEL_REQUEST_WINDOW_CHANGE;
buffer_get_u32(packet, &msg->channel_request.width);
buffer_get_u32(packet, &msg->channel_request.height);
buffer_get_u32(packet, &msg->channel_request.pxwidth);
buffer_get_u32(packet, &msg->channel_request.pxheight);
msg->channel_request.width = ntohl(msg->channel_request.width);
msg->channel_request.height = ntohl(msg->channel_request.height);
msg->channel_request.pxwidth = ntohl(msg->channel_request.pxwidth);
msg->channel_request.pxheight = ntohl(msg->channel_request.pxheight);
rc = ssh_buffer_unpack(packet, "dddd",
&msg->channel_request.width,
&msg->channel_request.height,
&msg->channel_request.pxwidth,
&msg->channel_request.pxheight);
if (rc != SSH_OK){
goto error;
}
goto end;
}
if (strcmp(request, "subsystem") == 0) {
ssh_string subsys = NULL;
char *subsys_c = NULL;
subsys = buffer_get_ssh_string(packet);
if (subsys == NULL) {
ssh_set_error_oom(session);
goto error;
}
subsys_c = ssh_string_to_char(subsys);
if (subsys_c == NULL) {
ssh_set_error_oom(session);
ssh_string_free(subsys);
goto error;
}
ssh_string_free(subsys);
rc = ssh_buffer_unpack(packet, "s",
&msg->channel_request.subsystem);
msg->channel_request.type = SSH_CHANNEL_REQUEST_SUBSYSTEM;
msg->channel_request.subsystem = subsys_c;
if (rc != SSH_OK){
goto error;
}
goto end;
}
@@ -1421,84 +1205,37 @@ int ssh_message_handle_channel_request(ssh_session session, ssh_channel channel,
}
if (strcmp(request, "exec") == 0) {
ssh_string cmd = NULL;
cmd = buffer_get_ssh_string(packet);
if (cmd == NULL) {
ssh_set_error_oom(session);
goto error;
}
rc = ssh_buffer_unpack(packet, "s",
&msg->channel_request.command);
msg->channel_request.type = SSH_CHANNEL_REQUEST_EXEC;
msg->channel_request.command = ssh_string_to_char(cmd);
ssh_string_free(cmd);
if (msg->channel_request.command == NULL) {
if (rc != SSH_OK) {
goto error;
}
goto end;
}
if (strcmp(request, "env") == 0) {
ssh_string name = NULL;
ssh_string value = NULL;
name = buffer_get_ssh_string(packet);
if (name == NULL) {
ssh_set_error_oom(session);
goto error;
}
value = buffer_get_ssh_string(packet);
if (value == NULL) {
ssh_set_error_oom(session);
ssh_string_free(name);
goto error;
}
rc = ssh_buffer_unpack(packet, "ss",
&msg->channel_request.var_name,
&msg->channel_request.var_value);
msg->channel_request.type = SSH_CHANNEL_REQUEST_ENV;
msg->channel_request.var_name = ssh_string_to_char(name);
msg->channel_request.var_value = ssh_string_to_char(value);
if (msg->channel_request.var_name == NULL ||
msg->channel_request.var_value == NULL) {
ssh_string_free(name);
ssh_string_free(value);
if (rc != SSH_OK) {
goto error;
}
ssh_string_free(name);
ssh_string_free(value);
goto end;
}
if (strcmp(request, "x11-req") == 0) {
ssh_string auth_protocol = NULL;
ssh_string auth_cookie = NULL;
uint32_t screen_number;
buffer_get_u8(packet, &msg->channel_request.x11_single_connection);
auth_protocol = buffer_get_ssh_string(packet);
if (auth_protocol == NULL) {
ssh_set_error_oom(session);
goto error;
}
auth_cookie = buffer_get_ssh_string(packet);
if (auth_cookie == NULL) {
ssh_set_error_oom(session);
ssh_string_free(auth_protocol);
goto error;
}
rc = ssh_buffer_unpack(packet, "bssd",
&msg->channel_request.x11_single_connection,
&msg->channel_request.x11_auth_protocol,
&msg->channel_request.x11_auth_cookie,
&msg->channel_request.x11_screen_number);
msg->channel_request.type = SSH_CHANNEL_REQUEST_X11;
msg->channel_request.x11_auth_protocol = ssh_string_to_char(auth_protocol);
msg->channel_request.x11_auth_cookie = ssh_string_to_char(auth_cookie);
if (msg->channel_request.x11_auth_protocol == NULL ||
msg->channel_request.x11_auth_cookie == NULL) {
ssh_string_free(auth_protocol);
ssh_string_free(auth_cookie);
if (rc != SSH_OK) {
goto error;
}
ssh_string_free(auth_protocol);
ssh_string_free(auth_cookie);
buffer_get_u32(packet, &screen_number);
msg->channel_request.x11_screen_number = ntohl(screen_number);
goto end;
}
@@ -1516,6 +1253,7 @@ error:
int ssh_message_channel_request_reply_success(ssh_message msg) {
uint32_t channel;
int rc;
if (msg == NULL) {
return SSH_ERROR;
@@ -1527,10 +1265,12 @@ int ssh_message_channel_request_reply_success(ssh_message msg) {
SSH_LOG(SSH_LOG_PACKET,
"Sending a channel_request success to channel %d", channel);
if (buffer_add_u8(msg->session->out_buffer, SSH2_MSG_CHANNEL_SUCCESS) < 0) {
return SSH_ERROR;
}
if (buffer_add_u32(msg->session->out_buffer, htonl(channel)) < 0) {
rc = ssh_buffer_pack(msg->session->out_buffer,
"bd",
SSH2_MSG_CHANNEL_SUCCESS,
channel);
if (rc != SSH_OK){
ssh_set_error_oom(msg->session);
return SSH_ERROR;
}
@@ -1546,72 +1286,65 @@ int ssh_message_channel_request_reply_success(ssh_message msg) {
#ifdef WITH_SERVER
SSH_PACKET_CALLBACK(ssh_packet_global_request){
ssh_message msg = NULL;
ssh_string request_s=NULL;
char *request=NULL;
ssh_string bind_addr_s=NULL;
char *bind_addr=NULL;
uint32_t bind_port;
uint8_t want_reply;
int rc = SSH_PACKET_USED;
int r;
(void)user;
(void)type;
(void)packet;
request_s = buffer_get_ssh_string(packet);
if (request_s != NULL) {
request = ssh_string_to_char(request_s);
ssh_string_free(request_s);
}
buffer_get_u8(packet, &want_reply);
SSH_LOG(SSH_LOG_PROTOCOL,"Received SSH_MSG_GLOBAL_REQUEST packet");
r = ssh_buffer_unpack(packet, "sb",
&request,
&want_reply);
if (r != SSH_OK){
goto error;
}
msg = ssh_message_new(session);
if (msg == NULL) {
ssh_string_free_char(request);
return SSH_PACKET_NOT_USED;
ssh_set_error_oom(session);
goto error;
}
msg->type = SSH_REQUEST_GLOBAL;
if (request && strcmp(request, "tcpip-forward") == 0) {
bind_addr_s = buffer_get_ssh_string(packet);
if (bind_addr_s != NULL) {
bind_addr = ssh_string_to_char(bind_addr_s);
ssh_string_free(bind_addr_s);
if (strcmp(request, "tcpip-forward") == 0) {
r = ssh_buffer_unpack(packet, "sd",
&msg->global_request.bind_address,
&msg->global_request.bind_port
);
if (r != SSH_OK){
goto error;
}
buffer_get_u32(packet, &bind_port);
bind_port = ntohl(bind_port);
msg->global_request.type = SSH_GLOBAL_REQUEST_TCPIP_FORWARD;
msg->global_request.want_reply = want_reply;
msg->global_request.bind_address = bind_addr;
msg->global_request.bind_port = bind_port;
SSH_LOG(SSH_LOG_PROTOCOL, "Received SSH_MSG_GLOBAL_REQUEST %s %d %s:%d", request, want_reply, bind_addr, bind_port);
SSH_LOG(SSH_LOG_PROTOCOL, "Received SSH_MSG_GLOBAL_REQUEST %s %d %s:%d", request, want_reply,
msg->global_request.bind_address,
msg->global_request.bind_port);
if(ssh_callbacks_exists(session->common.callbacks, global_request_function)) {
SSH_LOG(SSH_LOG_PROTOCOL, "Calling callback for SSH_MSG_GLOBAL_REQUEST %s %d %s:%d", request, want_reply, bind_addr, bind_port);
SSH_LOG(SSH_LOG_PROTOCOL, "Calling callback for SSH_MSG_GLOBAL_REQUEST %s %d %s:%d", request,
want_reply, msg->global_request.bind_address,
msg->global_request.bind_port);
session->common.callbacks->global_request_function(session, msg, session->common.callbacks->userdata);
} else {
ssh_message_reply_default(msg);
}
} else if (request && strcmp(request, "cancel-tcpip-forward") == 0) {
bind_addr_s = buffer_get_ssh_string(packet);
if (bind_addr_s != NULL) {
bind_addr = ssh_string_to_char(bind_addr_s);
ssh_string_free(bind_addr_s);
} else if (strcmp(request, "cancel-tcpip-forward") == 0) {
r = ssh_buffer_unpack(packet, "sd",
&msg->global_request.bind_address,
&msg->global_request.bind_port);
if (r != SSH_OK){
goto error;
}
buffer_get_u32(packet, &bind_port);
bind_port = ntohl(bind_port);
msg->global_request.type = SSH_GLOBAL_REQUEST_CANCEL_TCPIP_FORWARD;
msg->global_request.want_reply = want_reply;
msg->global_request.bind_address = bind_addr;
msg->global_request.bind_port = bind_port;
SSH_LOG(SSH_LOG_PROTOCOL, "Received SSH_MSG_GLOBAL_REQUEST %s %d %s:%d", request, want_reply, bind_addr, bind_port);
SSH_LOG(SSH_LOG_PROTOCOL, "Received SSH_MSG_GLOBAL_REQUEST %s %d %s:%d", request, want_reply,
msg->global_request.bind_address,
msg->global_request.bind_port);
if(ssh_callbacks_exists(session->common.callbacks, global_request_function)) {
session->common.callbacks->global_request_function(session, msg, session->common.callbacks->userdata);
@@ -1625,9 +1358,12 @@ SSH_PACKET_CALLBACK(ssh_packet_global_request){
SAFE_FREE(msg);
SAFE_FREE(request);
SAFE_FREE(bind_addr);
return rc;
error:
SAFE_FREE(msg);
SAFE_FREE(request);
SSH_LOG(SSH_LOG_WARNING, "Invalid SSH_MSG_GLOBAL_REQUEST packet");
return SSH_PACKET_NOT_USED;
}
#endif /* WITH_SERVER */