diff options
-rw-r--r-- | usr.bin/ssh/channels.c | 10 | ||||
-rw-r--r-- | usr.bin/ssh/clientloop.c | 6 | ||||
-rw-r--r-- | usr.bin/ssh/packet.c | 22 | ||||
-rw-r--r-- | usr.bin/ssh/packet.h | 7 | ||||
-rw-r--r-- | usr.bin/ssh/serverloop.c | 8 | ||||
-rw-r--r-- | usr.bin/ssh/sshconnect.c | 4 | ||||
-rw-r--r-- | usr.bin/ssh/sshd.c | 11 |
7 files changed, 47 insertions, 21 deletions
diff --git a/usr.bin/ssh/channels.c b/usr.bin/ssh/channels.c index c0c4c87bb9a..94d7156b9f9 100644 --- a/usr.bin/ssh/channels.c +++ b/usr.bin/ssh/channels.c @@ -16,7 +16,7 @@ arbitrary tcp/ip connections, and the authentication agent connection. */ #include "includes.h" -RCSID("$Id: channels.c,v 1.22 1999/11/19 19:18:20 deraadt Exp $"); +RCSID("$Id: channels.c,v 1.23 1999/11/19 19:58:18 markus Exp $"); #include "ssh.h" #include "packet.h" @@ -208,7 +208,7 @@ void channel_prepare_select(fd_set *readset, fd_set *writeset) case SSH_CHANNEL_OPEN: if(compat13){ - if (buffer_len(&ch->input) < 32768) + if (buffer_len(&ch->input) < packet_get_maxsize()) FD_SET(ch->sock, readset); if (buffer_len(&ch->output) > 0) FD_SET(ch->sock, writeset); @@ -216,7 +216,7 @@ void channel_prepare_select(fd_set *readset, fd_set *writeset) } /* test whether sockets are 'alive' for read/write */ if (ch->istate == CHAN_INPUT_OPEN) - if (buffer_len(&ch->input) < 32768) + if (buffer_len(&ch->input) < packet_get_maxsize()) FD_SET(ch->sock, readset); if (ch->ostate == CHAN_OUTPUT_OPEN || ch->ostate == CHAN_OUTPUT_WAIT_DRAIN){ if (buffer_len(&ch->output) > 0){ @@ -611,9 +611,9 @@ int channel_not_very_much_buffered_data() case SSH_CHANNEL_AUTH_SOCKET: continue; case SSH_CHANNEL_OPEN: - if (buffer_len(&ch->input) > 32768) + if (buffer_len(&ch->input) > packet_get_maxsize()) return 0; - if (buffer_len(&ch->output) > 32768) + if (buffer_len(&ch->output) > packet_get_maxsize()) return 0; continue; case SSH_CHANNEL_INPUT_DRAINING: diff --git a/usr.bin/ssh/clientloop.c b/usr.bin/ssh/clientloop.c index 122b7fb0ca3..1f22f2fa268 100644 --- a/usr.bin/ssh/clientloop.c +++ b/usr.bin/ssh/clientloop.c @@ -15,7 +15,7 @@ The main loop for the interactive session (client side). */ #include "includes.h" -RCSID("$Id: clientloop.c,v 1.9 1999/11/11 23:36:53 markus Exp $"); +RCSID("$Id: clientloop.c,v 1.10 1999/11/19 19:58:18 markus Exp $"); #include "xmalloc.h" #include "ssh.h" @@ -322,8 +322,8 @@ void client_make_packets_from_stdin_data() packet_not_very_much_data_to_write()) { len = buffer_len(&stdin_buffer); - if (len > 32768) - len = 32768; /* Keep the packets at reasonable size. */ + if (len > packet_get_maxsize()) + len = packet_get_maxsize(); /* Keep the packets at reasonable size. */ packet_start(SSH_CMSG_STDIN_DATA); packet_put_string(buffer_ptr(&stdin_buffer), len); packet_send(); diff --git a/usr.bin/ssh/packet.c b/usr.bin/ssh/packet.c index bc9f08b301f..6f0f3f0022d 100644 --- a/usr.bin/ssh/packet.c +++ b/usr.bin/ssh/packet.c @@ -15,7 +15,7 @@ with the other side. This same code is used both on client and server side. */ #include "includes.h" -RCSID("$Id: packet.c,v 1.11 1999/11/15 21:38:54 markus Exp $"); +RCSID("$Id: packet.c,v 1.12 1999/11/19 19:58:18 markus Exp $"); #include "xmalloc.h" #include "buffer.h" @@ -66,6 +66,9 @@ static Buffer compression_buffer; /* Flag indicating whether packet compression/decompression is enabled. */ static int packet_compression = 0; +/* default maximum packet size */ +int max_packet_size = 32768; + /* Flag indicating whether this module has been initialized. */ static int initialized = 0; @@ -745,3 +748,20 @@ packet_is_interactive() { return interactive_mode; } + +int +packet_set_maxsize(int s) +{ + static int called = 0; + if (called) { + log("packet_set_maxsize: called twice: old %d new %d", max_packet_size, s); + return -1; + } + if (s < 4*1024 || s > 1024*1024) { + log("packet_set_maxsize: bad size %d", s); + return -1; + } + log("packet_set_maxsize: setting to %d", s); + max_packet_size = s; + return s; +} diff --git a/usr.bin/ssh/packet.h b/usr.bin/ssh/packet.h index f4ecd67edab..f729894219b 100644 --- a/usr.bin/ssh/packet.h +++ b/usr.bin/ssh/packet.h @@ -13,7 +13,7 @@ Interface for the packet protocol functions. */ -/* RCSID("$Id: packet.h,v 1.3 1999/11/15 21:38:54 markus Exp $"); */ +/* RCSID("$Id: packet.h,v 1.4 1999/11/19 19:58:18 markus Exp $"); */ #ifndef PACKET_H #define PACKET_H @@ -147,6 +147,11 @@ int packet_have_data_to_write(void); /* Returns true if there is not too much data to write to the connection. */ int packet_not_very_much_data_to_write(void); +/* maximum packet size, requested by client with SSH_CMSG_MAX_PACKET_SIZE */ +extern int max_packet_size; +int packet_set_maxsize(int s); +#define packet_get_maxsize() max_packet_size + /* Stores tty modes from the fd into current packet. */ void tty_make_modes(int fd); diff --git a/usr.bin/ssh/serverloop.c b/usr.bin/ssh/serverloop.c index 2aec2cf194e..9961170a5b3 100644 --- a/usr.bin/ssh/serverloop.c +++ b/usr.bin/ssh/serverloop.c @@ -176,8 +176,8 @@ void make_packets_from_stderr_data() } else { - if (len > 32768) - len = 32768; /* Keep the packets at reasonable size. */ + if (len > packet_get_maxsize()) + len = packet_get_maxsize(); /* Keep the packets at reasonable size. */ } packet_start(SSH_SMSG_STDERR_DATA); packet_put_string(buffer_ptr(&stderr_buffer), len); @@ -206,8 +206,8 @@ void make_packets_from_stdout_data() } else { - if (len > 32768) - len = 32768; /* Keep the packets at reasonable size. */ + if (len > packet_get_maxsize()) + len = packet_get_maxsize(); /* Keep the packets at reasonable size. */ } packet_start(SSH_SMSG_STDOUT_DATA); packet_put_string(buffer_ptr(&stdout_buffer), len); diff --git a/usr.bin/ssh/sshconnect.c b/usr.bin/ssh/sshconnect.c index 23418cfe240..2a2a43189cc 100644 --- a/usr.bin/ssh/sshconnect.c +++ b/usr.bin/ssh/sshconnect.c @@ -15,7 +15,7 @@ login (authentication) dialog. */ #include "includes.h" -RCSID("$Id: sshconnect.c,v 1.35 1999/11/18 14:00:49 markus Exp $"); +RCSID("$Id: sshconnect.c,v 1.36 1999/11/19 19:58:18 markus Exp $"); #include <ssl/bn.h> #include "xmalloc.h" @@ -900,7 +900,7 @@ void ssh_exchange_identification() for (i = 0; i < sizeof(buf) - 1; i++) { if (read(connection_in, &buf[i], 1) != 1) - fatal("read: %.100s", strerror(errno)); + fatal("ssh_exchange_identification: read: %.100s", strerror(errno)); if (buf[i] == '\r') { buf[i] = '\n'; diff --git a/usr.bin/ssh/sshd.c b/usr.bin/ssh/sshd.c index 8ab869b0bd9..d085e4d3857 100644 --- a/usr.bin/ssh/sshd.c +++ b/usr.bin/ssh/sshd.c @@ -18,7 +18,7 @@ agent connections. */ #include "includes.h" -RCSID("$Id: sshd.c,v 1.58 1999/11/18 14:00:49 markus Exp $"); +RCSID("$Id: sshd.c,v 1.59 1999/11/19 19:58:18 markus Exp $"); #include "xmalloc.h" #include "rsa.h" @@ -1536,6 +1536,11 @@ void do_authenticated(struct passwd *pw) channel_input_port_forward_request(pw->pw_uid == 0); break; + case SSH_CMSG_MAX_PACKET_SIZE: + if (packet_set_maxsize(packet_get_int()) < 0) + goto fail; + break; + case SSH_CMSG_EXEC_SHELL: /* Set interactive/non-interactive mode. */ packet_set_interactive(have_pty || display != NULL, @@ -1574,10 +1579,6 @@ void do_authenticated(struct passwd *pw) xfree(command); return; - case SSH_CMSG_MAX_PACKET_SIZE: - debug("The server does not support limiting packet size."); - goto fail; - default: /* Any unknown messages in this phase are ignored, and a failure message is returned. */ |