Fix ssh2-cisco-pw-pad by reverting r5122. However, I've kept the

ability to easily re-enable the r5122 behaviour, in case we need to conditionally switch between the two at a later date. [originally from svn r7073] [r5122 == 8a20515844] [this svn revision also touched putty-wishlist]
2025-01-10 09:58:01 +00:00 · 2007-01-07 14:30:24 +00:00 · 2007-01-07 14:30:24 +00:00 · 274f6a60f7
commit 274f6a60f7
parent 720693cfab
1 changed files with 71 additions and 8 deletions
--- a/ssh.c
+++ b/ssh.c
@ -1905,7 +1905,6 @@ static void ssh2_pkt_send(Ssh ssh, struct Packet *pkt)
 	ssh2_pkt_send_noqueue(ssh, pkt);
 }

-#if 0 /* disused */
 /*
 * Either queue or defer a packet, depending on whether queueing is
 * set.
@ -1917,7 +1916,6 @@ static void ssh2_pkt_defer(Ssh ssh, struct Packet *pkt)
    else
 	ssh2_pkt_defer_noqueue(ssh, pkt, FALSE);
 }
-#endif

 /*
 * Send the whole deferred data block constructed by
@ -1950,6 +1948,74 @@ static void ssh_pkt_defersend(Ssh ssh)
    ssh->deferred_data_size = 0;
 }

+/*
+ * Send a packet whose length needs to be disguised (typically
+ * passwords or keyboard-interactive responses).
+ */
+static void ssh2_pkt_send_with_padding(Ssh ssh, struct Packet *pkt,
+				       int padsize)
+{
+#if 0
+    if (0) {
+	/*
+	 * The simplest way to do this is to adjust the
+	 * variable-length padding field in the outgoing packet.
+	 * 
+	 * Currently compiled out, because some Cisco SSH servers
+	 * don't like excessively padded packets (bah, why's it
+	 * always Cisco?)
+	 */
+	pkt->forcepad = padsize;
+	ssh2_pkt_send(ssh, pkt);
+    } else
+#endif
+    {
+	/*
+	 * If we can't do that, however, an alternative approach is
+	 * to use the pkt_defer mechanism to bundle the packet
+	 * tightly together with an SSH_MSG_IGNORE such that their
+	 * combined length is a constant. So first we construct the
+	 * final form of this packet and defer its sending.
+	 */
+	ssh2_pkt_defer(ssh, pkt);
+
+	/*
+	 * Now construct an SSH_MSG_IGNORE which includes a string
+	 * that's an exact multiple of the cipher block size. (If
+	 * the cipher is NULL so that the block size is
+	 * unavailable, we don't do this trick at all, because we
+	 * gain nothing by it.)
+	 */
+	if (ssh->cscipher) {
+	    int stringlen, i;
+
+	    stringlen = (256 - ssh->deferred_len);
+	    stringlen += ssh->cscipher->blksize - 1;
+	    stringlen -= (stringlen % ssh->cscipher->blksize);
+	    if (ssh->cscomp) {
+		/*
+		 * Temporarily disable actual compression, so we
+		 * can guarantee to get this string exactly the
+		 * length we want it. The compression-disabling
+		 * routine should return an integer indicating how
+		 * many bytes we should adjust our string length
+		 * by.
+		 */
+		stringlen -=
+		    ssh->cscomp->disable_compression(ssh->cs_comp_ctx);
+	    }
+	    pkt = ssh2_pkt_init(SSH2_MSG_IGNORE);
+	    ssh2_pkt_addstring_start(pkt);
+	    for (i = 0; i < stringlen; i++) {
+		char c = (char) random_byte();
+		ssh2_pkt_addstring_data(pkt, &c, 1);
+	    }
+	    ssh2_pkt_defer(ssh, pkt);
+	}
+	ssh_pkt_defersend(ssh);
+    }
+}
+
 /*
 * Send all queued SSH-2 packets. We send them by means of
 * ssh2_pkt_defer_noqueue(), in case they included a pair of
@ -7374,7 +7440,6 @@ static void do_ssh2_authconn(Ssh ssh, unsigned char *in, int inlen,
 		     * Send the responses to the server.
 		     */
 		    s->pktout = ssh2_pkt_init(SSH2_MSG_USERAUTH_INFO_RESPONSE);
-		    s->pktout->forcepad = 256;
 		    ssh2_pkt_adduint32(s->pktout, s->num_prompts);
 		    for (i=0; i < s->num_prompts; i++) {
 			dont_log_password(ssh, s->pktout, PKTLOG_BLANK);
@ -7382,7 +7447,7 @@ static void do_ssh2_authconn(Ssh ssh, unsigned char *in, int inlen,
 					   s->cur_prompt->prompts[i]->result);
 			end_log_omission(ssh, s->pktout);
 		    }
-		    ssh2_pkt_send(ssh, s->pktout);
+		    ssh2_pkt_send_with_padding(ssh, s->pktout, 256);

 		    /*
 		     * Get the next packet in case it's another
@ -7452,7 +7517,6 @@ static void do_ssh2_authconn(Ssh ssh, unsigned char *in, int inlen,
 		 * people who find out how long their password is!
 		 */
 		s->pktout = ssh2_pkt_init(SSH2_MSG_USERAUTH_REQUEST);
-		s->pktout->forcepad = 256;
 		ssh2_pkt_addstring(s->pktout, s->username);
 		ssh2_pkt_addstring(s->pktout, "ssh-connection");
 							/* service requested */
@ -7461,7 +7525,7 @@ static void do_ssh2_authconn(Ssh ssh, unsigned char *in, int inlen,
 		dont_log_password(ssh, s->pktout, PKTLOG_BLANK);
 		ssh2_pkt_addstring(s->pktout, s->password);
 		end_log_omission(ssh, s->pktout);
-		ssh2_pkt_send(ssh, s->pktout);
+		ssh2_pkt_send_with_padding(ssh, s->pktout, 256);
 		logevent("Sent password");
 		s->type = AUTH_TYPE_PASSWORD;

@ -7582,7 +7646,6 @@ static void do_ssh2_authconn(Ssh ssh, unsigned char *in, int inlen,
 		     * (see above for padding rationale)
 		     */
 		    s->pktout = ssh2_pkt_init(SSH2_MSG_USERAUTH_REQUEST);
-		    s->pktout->forcepad = 256;
 		    ssh2_pkt_addstring(s->pktout, s->username);
 		    ssh2_pkt_addstring(s->pktout, "ssh-connection");
 							/* service requested */
@ -7594,7 +7657,7 @@ static void do_ssh2_authconn(Ssh ssh, unsigned char *in, int inlen,
 				       s->cur_prompt->prompts[1]->result);
 		    free_prompts(s->cur_prompt);
 		    end_log_omission(ssh, s->pktout);
-		    ssh2_pkt_send(ssh, s->pktout);
+		    ssh2_pkt_send_with_padding(ssh, s->pktout, 256);
 		    logevent("Sent new password");
 		    
 		    /*