nhyatt/putty-source
1
0
Fork 0
mirror of https://git.tartarus.org/simon/putty.git synced 2025-03-22 14:39:24 -05:00
Code Issues Projects Releases Wiki Activity

do_ssh1_login: make 'cookie' a coroutine variable.

Browse Source 
Previously it was local, which _mostly_ worked, except that if the SSH
host key needed verifying via a non-modal dialog box, there could be a
crReturn in between writing it and reading it.

It's pretty tempting to suggest that because nobody has noticed this
before, SSH-1 can't be needed any more! But actually I suspect the
intervening crReturn has only appeared since the last release,
probably around November when I was messing about with GTK dialog box
modality. (I observed the problem just now on the GTK build, while
trying to check that a completely different set of changes hadn't
broken SSH-1.)
This commit is contained in:
Simon Tatham 2018-05-17 19:41:25 +01:00
parent d68a772bf7
commit 14a69dc632
1 changed files with 5 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
ssh.c
View File

@ -4119,7 +4119,7 @@ static int do_ssh1_login(Ssh ssh, const unsigned char *in, int inlen,
struct Packet *pktin) struct Packet *pktin)
{ {
int i, j, ret; int i, j, ret;
unsigned char cookie[8], *ptr; unsigned char *ptr;
struct MD5Context md5c; struct MD5Context md5c;
struct do_ssh1_login_state { struct do_ssh1_login_state {
int crLine; int crLine;
@ -4129,6 +4129,7 @@ static int do_ssh1_login(Ssh ssh, const unsigned char *in, int inlen,
unsigned long supported_ciphers_mask, supported_auths_mask; unsigned long supported_ciphers_mask, supported_auths_mask;
int tried_publickey, tried_agent; int tried_publickey, tried_agent;
int tis_auth_refused, ccard_auth_refused; int tis_auth_refused, ccard_auth_refused;
unsigned char cookie[8];
unsigned char session_id[16]; unsigned char session_id[16];
int cipher_type; int cipher_type;
void *publickey_blob; void *publickey_blob;
@ -4169,7 +4170,7 @@ static int do_ssh1_login(Ssh ssh, const unsigned char *in, int inlen,
bombout(("SSH-1 public key packet stopped before random cookie")); bombout(("SSH-1 public key packet stopped before random cookie"));
crStop(0); crStop(0);
} }
memcpy(cookie, ptr, 8); memcpy(s->cookie, ptr, 8);
if (!ssh1_pkt_getrsakey(pktin, &s->servkey, &s->keystr1) || if (!ssh1_pkt_getrsakey(pktin, &s->servkey, &s->keystr1) ||
!ssh1_pkt_getrsakey(pktin, &s->hostkey, &s->keystr2)) { !ssh1_pkt_getrsakey(pktin, &s->hostkey, &s->keystr2)) {
@ -4203,7 +4204,7 @@ static int do_ssh1_login(Ssh ssh, const unsigned char *in, int inlen,
MD5Init(&md5c); MD5Init(&md5c);
MD5Update(&md5c, s->keystr2, s->hostkey.bytes); MD5Update(&md5c, s->keystr2, s->hostkey.bytes);
MD5Update(&md5c, s->keystr1, s->servkey.bytes); MD5Update(&md5c, s->keystr1, s->servkey.bytes);
MD5Update(&md5c, cookie, 8); MD5Update(&md5c, s->cookie, 8);
MD5Final(s->session_id, &md5c); MD5Final(s->session_id, &md5c);
for (i = 0; i < 32; i++) for (i = 0; i < 32; i++)
@ -4372,7 +4373,7 @@ static int do_ssh1_login(Ssh ssh, const unsigned char *in, int inlen,
send_packet(ssh, SSH1_CMSG_SESSION_KEY, send_packet(ssh, SSH1_CMSG_SESSION_KEY,
PKT_CHAR, s->cipher_type, PKT_CHAR, s->cipher_type,
PKT_DATA, cookie, 8, PKT_DATA, s->cookie, 8,
PKT_CHAR, (s->len * 8) >> 8, PKT_CHAR, (s->len * 8) & 0xFF, PKT_CHAR, (s->len * 8) >> 8, PKT_CHAR, (s->len * 8) & 0xFF,
PKT_DATA, s->rsabuf, s->len, PKT_DATA, s->rsabuf, s->len,
PKT_INT, ssh->v1_local_protoflags, PKT_END); PKT_INT, ssh->v1_local_protoflags, PKT_END);