mirror of
https://github.com/clearml/dropbear
synced 2025-04-10 15:35:41 +00:00
buf_getstring and buf_putstring now use non-unsigned char*
This commit is contained in:
Matt Johnston
parent
e7ac4c1ab3
commit
1a4db21fe4
10
buffer.c
10
buffer.c
@ -203,10 +203,10 @@ unsigned char* buf_getwriteptr(buffer* buf, unsigned int len) {
|
||||
/* Return a null-terminated string, it is malloced, so must be free()ed
|
||||
* Note that the string isn't checked for null bytes, hence the retlen
|
||||
* may be longer than what is returned by strlen */
|
||||
unsigned char* buf_getstring(buffer* buf, unsigned int *retlen) {
|
||||
char* buf_getstring(buffer* buf, unsigned int *retlen) {
|
||||
|
||||
unsigned int len;
|
||||
unsigned char* ret;
|
||||
char* ret;
|
||||
len = buf_getint(buf);
|
||||
if (len > MAX_STRING_LEN) {
|
||||
dropbear_exit("String too long");
|
||||
@ -262,16 +262,16 @@ void buf_putint(buffer* buf, int unsigned val) {
|
||||
}
|
||||
|
||||
/* put a SSH style string into the buffer, increasing buffer len if required */
|
||||
void buf_putstring(buffer* buf, const unsigned char* str, unsigned int len) {
|
||||
void buf_putstring(buffer* buf, const char* str, unsigned int len) {
|
||||
|
||||
buf_putint(buf, len);
|
||||
buf_putbytes(buf, str, len);
|
||||
buf_putbytes(buf, (const unsigned char*)str, len);
|
||||
|
||||
}
|
||||
|
||||
/* puts an entire buffer as a SSH string. ignore pos of buf_str. */
|
||||
void buf_putbufstring(buffer *buf, const buffer* buf_str) {
|
||||
buf_putstring(buf, buf_str->data, buf_str->len);
|
||||
buf_putstring(buf, (const char*)buf_str->data, buf_str->len);
|
||||
}
|
||||
|
||||
/* put the set of len bytes into the buffer, incrementing the pos, increasing
|
||||
|
||||
4
buffer.h
4
buffer.h
@ -56,11 +56,11 @@ unsigned char buf_getbool(buffer* buf);
|
||||
void buf_putbyte(buffer* buf, unsigned char val);
|
||||
unsigned char* buf_getptr(buffer* buf, unsigned int len);
|
||||
unsigned char* buf_getwriteptr(buffer* buf, unsigned int len);
|
||||
unsigned char* buf_getstring(buffer* buf, unsigned int *retlen);
|
||||
char* buf_getstring(buffer* buf, unsigned int *retlen);
|
||||
buffer * buf_getstringbuf(buffer *buf);
|
||||
void buf_eatstring(buffer *buf);
|
||||
void buf_putint(buffer* buf, unsigned int val);
|
||||
void buf_putstring(buffer* buf, const unsigned char* str, unsigned int len);
|
||||
void buf_putstring(buffer* buf, const char* str, unsigned int len);
|
||||
void buf_putbufstring(buffer *buf, const buffer* buf_str);
|
||||
void buf_putbytes(buffer *buf, const unsigned char *bytes, unsigned int len);
|
||||
void buf_putmpint(buffer* buf, mp_int * mp);
|
||||
|
||||
10
cli-auth.c
10
cli-auth.c
@ -43,11 +43,11 @@ void cli_auth_getmethods() {
|
||||
TRACE(("enter cli_auth_getmethods"))
|
||||
CHECKCLEARTOWRITE();
|
||||
buf_putbyte(ses.writepayload, SSH_MSG_USERAUTH_REQUEST);
|
||||
buf_putstring(ses.writepayload, (const unsigned char *)cli_opts.username,
|
||||
buf_putstring(ses.writepayload, cli_opts.username,
|
||||
strlen(cli_opts.username));
|
||||
buf_putstring(ses.writepayload, (const unsigned char *)SSH_SERVICE_CONNECTION,
|
||||
buf_putstring(ses.writepayload, SSH_SERVICE_CONNECTION,
|
||||
SSH_SERVICE_CONNECTION_LEN);
|
||||
buf_putstring(ses.writepayload, (const unsigned char *)"none", 4); /* 'none' method */
|
||||
buf_putstring(ses.writepayload, "none", 4); /* 'none' method */
|
||||
|
||||
encrypt_packet();
|
||||
|
||||
@ -85,7 +85,7 @@ void recv_msg_userauth_banner() {
|
||||
return;
|
||||
}
|
||||
|
||||
banner = (char *)buf_getstring(ses.payload, &bannerlen);
|
||||
banner = buf_getstring(ses.payload, &bannerlen);
|
||||
buf_eatstring(ses.payload); /* The language string */
|
||||
|
||||
if (bannerlen > MAX_BANNER_SIZE) {
|
||||
@ -201,7 +201,7 @@ void recv_msg_userauth_failure() {
|
||||
cli_ses.lastauthtype = AUTH_TYPE_NONE;
|
||||
}
|
||||
|
||||
methods = (char *)buf_getstring(ses.payload, &methlen);
|
||||
methods = buf_getstring(ses.payload, &methlen);
|
||||
|
||||
partial = buf_getbool(ses.payload);
|
||||
|
||||
|
||||
@ -84,8 +84,8 @@ void recv_msg_userauth_info_request() {
|
||||
}
|
||||
cli_ses.interact_request_received = 1;
|
||||
|
||||
name = (char *)buf_getstring(ses.payload, NULL);
|
||||
instruction = (char *)buf_getstring(ses.payload, NULL);
|
||||
name = buf_getstring(ses.payload, NULL);
|
||||
instruction = buf_getstring(ses.payload, NULL);
|
||||
|
||||
/* language tag */
|
||||
buf_eatstring(ses.payload);
|
||||
@ -115,7 +115,7 @@ void recv_msg_userauth_info_request() {
|
||||
|
||||
for (i = 0; i < num_prompts; i++) {
|
||||
unsigned int response_len = 0;
|
||||
prompt = (char *)buf_getstring(ses.payload, NULL);
|
||||
prompt = buf_getstring(ses.payload, NULL);
|
||||
cleantext(prompt);
|
||||
|
||||
echo = buf_getbool(ses.payload);
|
||||
@ -129,7 +129,7 @@ void recv_msg_userauth_info_request() {
|
||||
}
|
||||
|
||||
response_len = strlen(response);
|
||||
buf_putstring(ses.writepayload, (const unsigned char *)response, response_len);
|
||||
buf_putstring(ses.writepayload, response, response_len);
|
||||
m_burn(response, response_len);
|
||||
m_free(prompt);
|
||||
m_free(response);
|
||||
@ -149,22 +149,22 @@ void cli_auth_interactive() {
|
||||
buf_putbyte(ses.writepayload, SSH_MSG_USERAUTH_REQUEST);
|
||||
|
||||
/* username */
|
||||
buf_putstring(ses.writepayload, (const unsigned char *)cli_opts.username,
|
||||
buf_putstring(ses.writepayload, cli_opts.username,
|
||||
strlen(cli_opts.username));
|
||||
|
||||
/* service name */
|
||||
buf_putstring(ses.writepayload, (const unsigned char *)SSH_SERVICE_CONNECTION,
|
||||
buf_putstring(ses.writepayload, SSH_SERVICE_CONNECTION,
|
||||
SSH_SERVICE_CONNECTION_LEN);
|
||||
|
||||
/* method */
|
||||
buf_putstring(ses.writepayload, (const unsigned char *)AUTH_METHOD_INTERACT,
|
||||
buf_putstring(ses.writepayload, AUTH_METHOD_INTERACT,
|
||||
AUTH_METHOD_INTERACT_LEN);
|
||||
|
||||
/* empty language tag */
|
||||
buf_putstring(ses.writepayload, (const unsigned char *)"", 0);
|
||||
buf_putstring(ses.writepayload, "", 0);
|
||||
|
||||
/* empty submethods */
|
||||
buf_putstring(ses.writepayload, (const unsigned char *)"", 0);
|
||||
buf_putstring(ses.writepayload, "", 0);
|
||||
|
||||
encrypt_packet();
|
||||
cli_ses.interact_request_received = 0;
|
||||
|
||||
@ -140,18 +140,18 @@ void cli_auth_password() {
|
||||
|
||||
buf_putbyte(ses.writepayload, SSH_MSG_USERAUTH_REQUEST);
|
||||
|
||||
buf_putstring(ses.writepayload, (const unsigned char *)cli_opts.username,
|
||||
buf_putstring(ses.writepayload, cli_opts.username,
|
||||
strlen(cli_opts.username));
|
||||
|
||||
buf_putstring(ses.writepayload, (const unsigned char *)SSH_SERVICE_CONNECTION,
|
||||
buf_putstring(ses.writepayload, SSH_SERVICE_CONNECTION,
|
||||
SSH_SERVICE_CONNECTION_LEN);
|
||||
|
||||
buf_putstring(ses.writepayload, (const unsigned char *)AUTH_METHOD_PASSWORD,
|
||||
buf_putstring(ses.writepayload, AUTH_METHOD_PASSWORD,
|
||||
AUTH_METHOD_PASSWORD_LEN);
|
||||
|
||||
buf_putbyte(ses.writepayload, 0); /* FALSE - so says the spec */
|
||||
|
||||
buf_putstring(ses.writepayload, (const unsigned char *)password, strlen(password));
|
||||
buf_putstring(ses.writepayload, password, strlen(password));
|
||||
|
||||
encrypt_packet();
|
||||
m_burn(password, strlen(password));
|
||||
|
||||
@ -63,7 +63,7 @@ void recv_msg_userauth_pk_ok() {
|
||||
|
||||
TRACE(("enter recv_msg_userauth_pk_ok"))
|
||||
|
||||
algotype = (char *)buf_getstring(ses.payload, &algolen);
|
||||
algotype = buf_getstring(ses.payload, &algolen);
|
||||
keytype = signkey_type_from_name(algotype, algolen);
|
||||
TRACE(("recv_msg_userauth_pk_ok: type %d", keytype))
|
||||
m_free(algotype);
|
||||
@ -149,20 +149,20 @@ static void send_msg_userauth_pubkey(sign_key *key, int type, int realsign) {
|
||||
|
||||
buf_putbyte(ses.writepayload, SSH_MSG_USERAUTH_REQUEST);
|
||||
|
||||
buf_putstring(ses.writepayload, (const unsigned char *)cli_opts.username,
|
||||
buf_putstring(ses.writepayload, cli_opts.username,
|
||||
strlen(cli_opts.username));
|
||||
|
||||
buf_putstring(ses.writepayload, (const unsigned char *)SSH_SERVICE_CONNECTION,
|
||||
buf_putstring(ses.writepayload, SSH_SERVICE_CONNECTION,
|
||||
SSH_SERVICE_CONNECTION_LEN);
|
||||
|
||||
buf_putstring(ses.writepayload, (const unsigned char *)AUTH_METHOD_PUBKEY,
|
||||
buf_putstring(ses.writepayload, AUTH_METHOD_PUBKEY,
|
||||
AUTH_METHOD_PUBKEY_LEN);
|
||||
|
||||
buf_putbyte(ses.writepayload, realsign);
|
||||
|
||||
algoname = signkey_name_from_type(type, &algolen);
|
||||
|
||||
buf_putstring(ses.writepayload, (const unsigned char *)algoname, algolen);
|
||||
buf_putstring(ses.writepayload, algoname, algolen);
|
||||
buf_put_pub_key(ses.writepayload, key, type);
|
||||
|
||||
if (realsign) {
|
||||
|
||||
@ -61,7 +61,7 @@ static void cli_chansessreq(struct Channel *channel) {
|
||||
|
||||
TRACE(("enter cli_chansessreq"))
|
||||
|
||||
type = (char *) buf_getstring(ses.payload, NULL);
|
||||
type = buf_getstring(ses.payload, NULL);
|
||||
wantreply = buf_getbool(ses.payload);
|
||||
|
||||
if (strcmp(type, "exit-status") == 0) {
|
||||
@ -261,7 +261,7 @@ void cli_chansess_winchange() {
|
||||
CHECKCLEARTOWRITE();
|
||||
buf_putbyte(ses.writepayload, SSH_MSG_CHANNEL_REQUEST);
|
||||
buf_putint(ses.writepayload, channel->remotechan);
|
||||
buf_putstring(ses.writepayload, (const unsigned char *) "window-change", 13);
|
||||
buf_putstring(ses.writepayload, "window-change", 13);
|
||||
buf_putbyte(ses.writepayload, 0); /* FALSE says the spec */
|
||||
put_winsize();
|
||||
encrypt_packet();
|
||||
@ -286,7 +286,7 @@ static void send_chansess_pty_req(struct Channel *channel) {
|
||||
if (term == NULL) {
|
||||
term = "vt100"; /* Seems a safe default */
|
||||
}
|
||||
buf_putstring(ses.writepayload, (const unsigned char *)term, strlen(term));
|
||||
buf_putstring(ses.writepayload, term, strlen(term));
|
||||
|
||||
/* Window size */
|
||||
put_winsize();
|
||||
@ -324,7 +324,7 @@ static void send_chansess_shell_req(struct Channel *channel) {
|
||||
/* XXX TODO */
|
||||
buf_putbyte(ses.writepayload, 0); /* Don't want replies */
|
||||
if (cli_opts.cmd) {
|
||||
buf_putstring(ses.writepayload, (const unsigned char *)cli_opts.cmd, strlen(cli_opts.cmd));
|
||||
buf_putstring(ses.writepayload, cli_opts.cmd, strlen(cli_opts.cmd));
|
||||
}
|
||||
|
||||
encrypt_packet();
|
||||
@ -403,12 +403,12 @@ void cli_send_netcat_request() {
|
||||
dropbear_exit("Couldn't open initial channel");
|
||||
}
|
||||
|
||||
buf_putstring(ses.writepayload, (const unsigned char *)cli_opts.netcat_host,
|
||||
buf_putstring(ses.writepayload, cli_opts.netcat_host,
|
||||
strlen(cli_opts.netcat_host));
|
||||
buf_putint(ses.writepayload, cli_opts.netcat_port);
|
||||
|
||||
/* originator ip - localhost is accurate enough */
|
||||
buf_putstring(ses.writepayload, (const unsigned char *)source_host, strlen(source_host));
|
||||
buf_putstring(ses.writepayload, source_host, strlen(source_host));
|
||||
buf_putint(ses.writepayload, source_port);
|
||||
|
||||
encrypt_packet();
|
||||
|
||||
@ -79,7 +79,7 @@ void send_msg_kexdh_init() {
|
||||
}
|
||||
cli_ses.curve25519_param = gen_kexcurve25519_param();
|
||||
}
|
||||
buf_putstring(ses.writepayload, cli_ses.curve25519_param->pub, CURVE25519_LEN);
|
||||
buf_putstring(ses.writepayload, (const char*)cli_ses.curve25519_param->pub, CURVE25519_LEN);
|
||||
#endif
|
||||
break;
|
||||
}
|
||||
|
||||
@ -194,7 +194,7 @@ static void send_msg_service_request(char* servicename) {
|
||||
CHECKCLEARTOWRITE();
|
||||
|
||||
buf_putbyte(ses.writepayload, SSH_MSG_SERVICE_REQUEST);
|
||||
buf_putstring(ses.writepayload, (const unsigned char *)servicename, strlen(servicename));
|
||||
buf_putstring(ses.writepayload, servicename, strlen(servicename));
|
||||
|
||||
encrypt_packet();
|
||||
TRACE(("leave send_msg_service_request"))
|
||||
|
||||
@ -136,9 +136,9 @@ static void send_msg_global_request_remotetcp(const char *addr, int port) {
|
||||
|
||||
CHECKCLEARTOWRITE();
|
||||
buf_putbyte(ses.writepayload, SSH_MSG_GLOBAL_REQUEST);
|
||||
buf_putstring(ses.writepayload, (const unsigned char *)"tcpip-forward", 13);
|
||||
buf_putstring(ses.writepayload, "tcpip-forward", 13);
|
||||
buf_putbyte(ses.writepayload, 1); /* want_reply */
|
||||
buf_putstring(ses.writepayload, (const unsigned char *)addr, strlen(addr));
|
||||
buf_putstring(ses.writepayload, addr, strlen(addr));
|
||||
buf_putint(ses.writepayload, port);
|
||||
|
||||
encrypt_packet();
|
||||
@ -218,7 +218,7 @@ static int newtcpforwarded(struct Channel * channel) {
|
||||
char portstring[NI_MAXSERV];
|
||||
int err = SSH_OPEN_ADMINISTRATIVELY_PROHIBITED;
|
||||
|
||||
origaddr = (char *)buf_getstring(ses.payload, NULL);
|
||||
origaddr = buf_getstring(ses.payload, NULL);
|
||||
origport = buf_getint(ses.payload);
|
||||
|
||||
/* Find which port corresponds. First try and match address as well as port,
|
||||
|
||||
@ -328,7 +328,7 @@ void buf_put_algolist(buffer * buf, algo_type localalgos[]) {
|
||||
buf_putbytes(algolist, (const unsigned char *) localalgos[i].name, len);
|
||||
}
|
||||
}
|
||||
buf_putstring(buf, algolist->data, algolist->len);
|
||||
buf_putstring(buf, (const char*)algolist->data, algolist->len);
|
||||
buf_free(algolist);
|
||||
}
|
||||
|
||||
@ -353,7 +353,7 @@ algo_type * buf_match_algo(buffer* buf, algo_type localalgos[],
|
||||
}
|
||||
|
||||
/* get the comma-separated list from the buffer ie "algo1,algo2,algo3" */
|
||||
algolist = (char *) buf_getstring(buf, &len);
|
||||
algolist = buf_getstring(buf, &len);
|
||||
TRACE(("buf_match_algo: %s", algolist))
|
||||
if (len > MAX_PROPOSED_ALGO*(MAX_NAME_LEN+1)) {
|
||||
goto out;
|
||||
|
||||
@ -934,7 +934,7 @@ void recv_msg_channel_open() {
|
||||
TRACE(("enter recv_msg_channel_open"))
|
||||
|
||||
/* get the packet contents */
|
||||
type = (char *) buf_getstring(ses.payload, &typelen);
|
||||
type = buf_getstring(ses.payload, &typelen);
|
||||
|
||||
remotechan = buf_getint(ses.payload);
|
||||
transwindow = buf_getint(ses.payload);
|
||||
@ -1047,8 +1047,8 @@ static void send_msg_channel_open_failure(unsigned int remotechan,
|
||||
buf_putbyte(ses.writepayload, SSH_MSG_CHANNEL_OPEN_FAILURE);
|
||||
buf_putint(ses.writepayload, remotechan);
|
||||
buf_putint(ses.writepayload, reason);
|
||||
buf_putstring(ses.writepayload, (const unsigned char *) text, strlen(text));
|
||||
buf_putstring(ses.writepayload, (const unsigned char *) lang, strlen(lang));
|
||||
buf_putstring(ses.writepayload, text, strlen(text));
|
||||
buf_putstring(ses.writepayload, lang, strlen(lang));
|
||||
|
||||
encrypt_packet();
|
||||
TRACE(("leave send_msg_channel_open_failure"))
|
||||
@ -1149,7 +1149,7 @@ int send_msg_channel_open_init(int fd, const struct ChanType *type) {
|
||||
CHECKCLEARTOWRITE();
|
||||
|
||||
buf_putbyte(ses.writepayload, SSH_MSG_CHANNEL_OPEN);
|
||||
buf_putstring(ses.writepayload, (const unsigned char *) type->name, strlen(type->name));
|
||||
buf_putstring(ses.writepayload, type->name, strlen(type->name));
|
||||
buf_putint(ses.writepayload, chan->index);
|
||||
buf_putint(ses.writepayload, opts.recv_window);
|
||||
buf_putint(ses.writepayload, RECV_MAX_CHANNEL_DATA_LEN);
|
||||
@ -1250,6 +1250,6 @@ void start_send_channel_request(struct Channel *channel,
|
||||
buf_putbyte(ses.writepayload, SSH_MSG_CHANNEL_REQUEST);
|
||||
buf_putint(ses.writepayload, channel->remotechan);
|
||||
|
||||
buf_putstring(ses.writepayload, (const unsigned char *) type, strlen(type));
|
||||
buf_putstring(ses.writepayload, type, strlen(type));
|
||||
|
||||
}
|
||||
|
||||
26
common-kex.c
26
common-kex.c
@ -128,10 +128,10 @@ void send_msg_kexinit() {
|
||||
buf_put_algolist(ses.writepayload, ses.compress_algos);
|
||||
|
||||
/* languages_client_to_server */
|
||||
buf_putstring(ses.writepayload, (const unsigned char *) "", 0);
|
||||
buf_putstring(ses.writepayload, "", 0);
|
||||
|
||||
/* languages_server_to_client */
|
||||
buf_putstring(ses.writepayload, (const unsigned char *) "", 0);
|
||||
buf_putstring(ses.writepayload, "", 0);
|
||||
|
||||
/* first_kex_packet_follows */
|
||||
buf_putbyte(ses.writepayload, (ses.send_kex_first_guess != NULL));
|
||||
@ -525,18 +525,17 @@ void recv_msg_kexinit() {
|
||||
read_kex_algos();
|
||||
|
||||
/* V_C, the client's version string (CR and NL excluded) */
|
||||
buf_putstring(ses.kexhashbuf,
|
||||
(unsigned char*)LOCAL_IDENT, local_ident_len);
|
||||
buf_putstring(ses.kexhashbuf, LOCAL_IDENT, local_ident_len);
|
||||
/* V_S, the server's version string (CR and NL excluded) */
|
||||
buf_putstring(ses.kexhashbuf, (unsigned char*)ses.remoteident, remote_ident_len);
|
||||
buf_putstring(ses.kexhashbuf, ses.remoteident, remote_ident_len);
|
||||
|
||||
/* I_C, the payload of the client's SSH_MSG_KEXINIT */
|
||||
buf_putstring(ses.kexhashbuf,
|
||||
ses.transkexinit->data, ses.transkexinit->len);
|
||||
(const char*)ses.transkexinit->data, ses.transkexinit->len);
|
||||
/* I_S, the payload of the server's SSH_MSG_KEXINIT */
|
||||
buf_setpos(ses.payload, ses.payload_beginning);
|
||||
buf_putstring(ses.kexhashbuf,
|
||||
buf_getptr(ses.payload, ses.payload->len-ses.payload->pos),
|
||||
(const char*)buf_getptr(ses.payload, ses.payload->len-ses.payload->pos),
|
||||
ses.payload->len-ses.payload->pos);
|
||||
ses.requirenext = SSH_MSG_KEXDH_REPLY;
|
||||
} else {
|
||||
@ -545,20 +544,19 @@ void recv_msg_kexinit() {
|
||||
/* read the peer's choice of algos */
|
||||
read_kex_algos();
|
||||
/* V_C, the client's version string (CR and NL excluded) */
|
||||
buf_putstring(ses.kexhashbuf, (unsigned char*)ses.remoteident, remote_ident_len);
|
||||
buf_putstring(ses.kexhashbuf, ses.remoteident, remote_ident_len);
|
||||
/* V_S, the server's version string (CR and NL excluded) */
|
||||
buf_putstring(ses.kexhashbuf,
|
||||
(unsigned char*)LOCAL_IDENT, local_ident_len);
|
||||
buf_putstring(ses.kexhashbuf, LOCAL_IDENT, local_ident_len);
|
||||
|
||||
/* I_C, the payload of the client's SSH_MSG_KEXINIT */
|
||||
buf_setpos(ses.payload, ses.payload_beginning);
|
||||
buf_putstring(ses.kexhashbuf,
|
||||
buf_getptr(ses.payload, ses.payload->len-ses.payload->pos),
|
||||
(const char*)buf_getptr(ses.payload, ses.payload->len-ses.payload->pos),
|
||||
ses.payload->len-ses.payload->pos);
|
||||
|
||||
/* I_S, the payload of the server's SSH_MSG_KEXINIT */
|
||||
buf_putstring(ses.kexhashbuf,
|
||||
ses.transkexinit->data, ses.transkexinit->len);
|
||||
(const char*)ses.transkexinit->data, ses.transkexinit->len);
|
||||
|
||||
ses.requirenext = SSH_MSG_KEXDH_INIT;
|
||||
}
|
||||
@ -783,9 +781,9 @@ void kexcurve25519_comb_key(struct kex_curve25519_param *param, buffer *buf_pub_
|
||||
/* K_S, the host key */
|
||||
buf_put_pub_key(ses.kexhashbuf, hostkey, ses.newkeys->algo_hostkey);
|
||||
/* Q_C, client's ephemeral public key octet string */
|
||||
buf_putstring(ses.kexhashbuf, Q_C, CURVE25519_LEN);
|
||||
buf_putstring(ses.kexhashbuf, (const char*)Q_C, CURVE25519_LEN);
|
||||
/* Q_S, server's ephemeral public key octet string */
|
||||
buf_putstring(ses.kexhashbuf, Q_S, CURVE25519_LEN);
|
||||
buf_putstring(ses.kexhashbuf, (const char*)Q_S, CURVE25519_LEN);
|
||||
/* K, the shared secret */
|
||||
buf_putmpint(ses.kexhashbuf, ses.dh_K);
|
||||
|
||||
|
||||
@ -467,7 +467,7 @@ static void send_msg_keepalive() {
|
||||
/* Some peers will reply with SSH_MSG_REQUEST_FAILURE,
|
||||
some will reply with SSH_MSG_UNIMPLEMENTED, some will exit. */
|
||||
buf_putbyte(ses.writepayload, SSH_MSG_GLOBAL_REQUEST);
|
||||
buf_putstring(ses.writepayload, (const unsigned char *) DROPBEAR_KEEPALIVE_STRING,
|
||||
buf_putstring(ses.writepayload, DROPBEAR_KEEPALIVE_STRING,
|
||||
strlen(DROPBEAR_KEEPALIVE_STRING));
|
||||
}
|
||||
buf_putbyte(ses.writepayload, 1); /* want_reply */
|
||||
|
||||
6
dss.c
6
dss.c
@ -136,7 +136,7 @@ void dss_key_free(dropbear_dss_key *key) {
|
||||
void buf_put_dss_pub_key(buffer* buf, dropbear_dss_key *key) {
|
||||
|
||||
dropbear_assert(key != NULL);
|
||||
buf_putstring(buf, (const unsigned char*) SSH_SIGNKEY_DSS, SSH_SIGNKEY_DSS_LEN);
|
||||
buf_putstring(buf, SSH_SIGNKEY_DSS, SSH_SIGNKEY_DSS_LEN);
|
||||
buf_putmpint(buf, key->p);
|
||||
buf_putmpint(buf, key->q);
|
||||
buf_putmpint(buf, key->g);
|
||||
@ -173,7 +173,7 @@ int buf_dss_verify(buffer* buf, dropbear_dss_key *key, buffer *data_buf) {
|
||||
m_mp_init_multi(&val1, &val2, &val3, &val4, NULL);
|
||||
|
||||
/* get blob, check length */
|
||||
string = (char*) buf_getstring(buf, &stringlen);
|
||||
string = buf_getstring(buf, &stringlen);
|
||||
if (stringlen != 2*SHA1_HASH_SIZE) {
|
||||
goto out;
|
||||
}
|
||||
@ -310,7 +310,7 @@ void buf_put_dss_sign(buffer* buf, dropbear_dss_key *key, buffer *data_buf) {
|
||||
dropbear_exit("DSS error");
|
||||
}
|
||||
|
||||
buf_putstring(buf, (const unsigned char*) SSH_SIGNKEY_DSS, SSH_SIGNKEY_DSS_LEN);
|
||||
buf_putstring(buf, SSH_SIGNKEY_DSS, SSH_SIGNKEY_DSS_LEN);
|
||||
buf_putint(buf, 2*SHA1_HASH_SIZE);
|
||||
|
||||
writelen = mp_unsigned_bin_size(&dss_r);
|
||||
|
||||
10
ecdsa.c
10
ecdsa.c
@ -83,9 +83,9 @@ ecc_key *buf_get_ecdsa_pub_key(buffer* buf) {
|
||||
ecc_key *new_key = NULL;
|
||||
|
||||
/* string "ecdsa-sha2-[identifier]" */
|
||||
key_ident = buf_getstring(buf, &key_ident_len);
|
||||
key_ident = (unsigned char*)buf_getstring(buf, &key_ident_len);
|
||||
/* string "[identifier]" */
|
||||
identifier = buf_getstring(buf, &identifier_len);
|
||||
identifier = (unsigned char*)buf_getstring(buf, &identifier_len);
|
||||
|
||||
if (key_ident_len != identifier_len + strlen("ecdsa-sha2-")) {
|
||||
TRACE(("Bad identifier lengths"))
|
||||
@ -144,8 +144,8 @@ void buf_put_ecdsa_pub_key(buffer *buf, ecc_key *key) {
|
||||
|
||||
curve = curve_for_dp(key->dp);
|
||||
snprintf(key_ident, sizeof(key_ident), "ecdsa-sha2-%s", curve->name);
|
||||
buf_putstring(buf, (const unsigned char *) key_ident, strlen(key_ident));
|
||||
buf_putstring(buf, (const unsigned char *) curve->name, strlen(curve->name));
|
||||
buf_putstring(buf, key_ident, strlen(key_ident));
|
||||
buf_putstring(buf, curve->name, strlen(curve->name));
|
||||
buf_put_ecc_raw_pubkey_string(buf, key);
|
||||
}
|
||||
|
||||
@ -223,7 +223,7 @@ void buf_put_ecdsa_sign(buffer *buf, ecc_key *key, buffer *data_buf) {
|
||||
}
|
||||
|
||||
snprintf(key_ident, sizeof(key_ident), "ecdsa-sha2-%s", curve->name);
|
||||
buf_putstring(buf, (const unsigned char *) key_ident, strlen(key_ident));
|
||||
buf_putstring(buf, key_ident, strlen(key_ident));
|
||||
/* enough for nistp521 */
|
||||
sigbuf = buf_new(200);
|
||||
buf_putmpint(sigbuf, (mp_int*)r);
|
||||
|
||||
10
keyimport.c
10
keyimport.c
@ -602,13 +602,13 @@ static sign_key *openssh_read(const char *filename, char * UNUSED(passphrase))
|
||||
|
||||
#ifdef DROPBEAR_DSS
|
||||
if (key->type == OSSH_DSA) {
|
||||
buf_putstring(blobbuf, (const unsigned char *)"ssh-dss", 7);
|
||||
buf_putstring(blobbuf, "ssh-dss", 7);
|
||||
retkey->type = DROPBEAR_SIGNKEY_DSS;
|
||||
}
|
||||
#endif
|
||||
#ifdef DROPBEAR_RSA
|
||||
if (key->type == OSSH_RSA) {
|
||||
buf_putstring(blobbuf, (const unsigned char *)"ssh-rsa", 7);
|
||||
buf_putstring(blobbuf, "ssh-rsa", 7);
|
||||
retkey->type = DROPBEAR_SIGNKEY_RSA;
|
||||
}
|
||||
#endif
|
||||
@ -649,9 +649,9 @@ static sign_key *openssh_read(const char *filename, char * UNUSED(passphrase))
|
||||
modptr = p;
|
||||
modlen = len;
|
||||
} else if (i >= 2 && i <= 5) {
|
||||
buf_putstring(blobbuf, p, len);
|
||||
buf_putstring(blobbuf, (const char*)p, len);
|
||||
if (i == 2) {
|
||||
buf_putstring(blobbuf, modptr, modlen);
|
||||
buf_putstring(blobbuf, (const char*)modptr, modlen);
|
||||
}
|
||||
}
|
||||
} else if (key->type == OSSH_DSA) {
|
||||
@ -659,7 +659,7 @@ static sign_key *openssh_read(const char *filename, char * UNUSED(passphrase))
|
||||
* OpenSSH key order is p, q, g, y, x,
|
||||
* we want the same.
|
||||
*/
|
||||
buf_putstring(blobbuf, p, len);
|
||||
buf_putstring(blobbuf, (const char*)p, len);
|
||||
}
|
||||
|
||||
/* Skip past the number. */
|
||||
|
||||
4
rsa.c
4
rsa.c
@ -174,7 +174,7 @@ void buf_put_rsa_pub_key(buffer* buf, dropbear_rsa_key *key) {
|
||||
TRACE(("enter buf_put_rsa_pub_key"))
|
||||
dropbear_assert(key != NULL);
|
||||
|
||||
buf_putstring(buf, (const unsigned char *) SSH_SIGNKEY_RSA, SSH_SIGNKEY_RSA_LEN);
|
||||
buf_putstring(buf, SSH_SIGNKEY_RSA, SSH_SIGNKEY_RSA_LEN);
|
||||
buf_putmpint(buf, key->e);
|
||||
buf_putmpint(buf, key->n);
|
||||
|
||||
@ -327,7 +327,7 @@ void buf_put_rsa_sign(buffer* buf, dropbear_rsa_key *key, buffer *data_buf) {
|
||||
mp_clear_multi(&rsa_tmp1, &rsa_tmp2, &rsa_tmp3, NULL);
|
||||
|
||||
/* create the signature to return */
|
||||
buf_putstring(buf, (const unsigned char *) SSH_SIGNKEY_RSA, SSH_SIGNKEY_RSA_LEN);
|
||||
buf_putstring(buf, SSH_SIGNKEY_RSA, SSH_SIGNKEY_RSA_LEN);
|
||||
|
||||
nsize = mp_unsigned_bin_size(key->n);
|
||||
|
||||
|
||||
@ -145,7 +145,7 @@ int buf_get_pub_key(buffer *buf, sign_key *key, enum signkey_type *type) {
|
||||
|
||||
TRACE2(("enter buf_get_pub_key"))
|
||||
|
||||
ident = (char *) buf_getstring(buf, &len);
|
||||
ident = buf_getstring(buf, &len);
|
||||
keytype = signkey_type_from_name(ident, len);
|
||||
m_free(ident);
|
||||
|
||||
@ -216,7 +216,7 @@ int buf_get_priv_key(buffer *buf, sign_key *key, enum signkey_type *type) {
|
||||
|
||||
TRACE2(("enter buf_get_priv_key"))
|
||||
|
||||
ident = (char *)buf_getstring(buf, &len);
|
||||
ident = buf_getstring(buf, &len);
|
||||
keytype = signkey_type_from_name(ident, len);
|
||||
m_free(ident);
|
||||
|
||||
@ -522,7 +522,7 @@ int buf_verify(buffer * buf, sign_key *key, buffer *data_buf) {
|
||||
TRACE(("enter buf_verify"))
|
||||
|
||||
buf_getint(buf); /* blob length */
|
||||
type_name = (char *) buf_getstring(buf, &type_name_len);
|
||||
type_name = buf_getstring(buf, &type_name_len);
|
||||
type = signkey_type_from_name(type_name, type_name_len);
|
||||
m_free(type_name);
|
||||
|
||||
|
||||
@ -89,7 +89,7 @@ void send_msg_userauth_banner(buffer *banner) {
|
||||
|
||||
buf_putbyte(ses.writepayload, SSH_MSG_USERAUTH_BANNER);
|
||||
buf_putbufstring(ses.writepayload, banner);
|
||||
buf_putstring(ses.writepayload, (const unsigned char *)"en", 2);
|
||||
buf_putstring(ses.writepayload, "en", 2);
|
||||
|
||||
encrypt_packet();
|
||||
|
||||
@ -119,9 +119,9 @@ void recv_msg_userauth_request() {
|
||||
svr_opts.banner = NULL;
|
||||
}
|
||||
|
||||
username = (char *)buf_getstring(ses.payload, &userlen);
|
||||
servicename = (char *)buf_getstring(ses.payload, &servicelen);
|
||||
methodname = (char *)buf_getstring(ses.payload, &methodlen);
|
||||
username = buf_getstring(ses.payload, &userlen);
|
||||
servicename = buf_getstring(ses.payload, &servicelen);
|
||||
methodname = buf_getstring(ses.payload, &methodlen);
|
||||
|
||||
/* only handle 'ssh-connection' currently */
|
||||
if (servicelen != SSH_SERVICE_CONNECTION_LEN
|
||||
|
||||
@ -188,7 +188,7 @@ void svr_auth_pam() {
|
||||
|
||||
pam_handle_t* pamHandlep = NULL;
|
||||
|
||||
unsigned char * password = NULL;
|
||||
char * password = NULL;
|
||||
unsigned int passwordlen;
|
||||
|
||||
int rc = PAM_SUCCESS;
|
||||
|
||||
@ -52,7 +52,7 @@ void svr_auth_password() {
|
||||
|
||||
char * passwdcrypt = NULL; /* the crypt from /etc/passwd or /etc/shadow */
|
||||
char * testcrypt = NULL; /* crypt generated from the user's password sent */
|
||||
unsigned char * password;
|
||||
char * password;
|
||||
unsigned int passwordlen;
|
||||
|
||||
unsigned int changepw;
|
||||
@ -75,7 +75,7 @@ void svr_auth_password() {
|
||||
password = buf_getstring(ses.payload, &passwordlen);
|
||||
|
||||
/* the first bytes of passwdcrypt are the salt */
|
||||
testcrypt = crypt((char*)password, passwdcrypt);
|
||||
testcrypt = crypt(password, passwdcrypt);
|
||||
m_burn(password, passwordlen);
|
||||
m_free(password);
|
||||
|
||||
|
||||
@ -98,7 +98,7 @@ void svr_auth_pubkey() {
|
||||
* actual attempt*/
|
||||
testkey = (buf_getbool(ses.payload) == 0);
|
||||
|
||||
algo = (char *) buf_getstring(ses.payload, &algolen);
|
||||
algo = buf_getstring(ses.payload, &algolen);
|
||||
keybloblen = buf_getint(ses.payload);
|
||||
keyblob = buf_getptr(ses.payload, keybloblen);
|
||||
|
||||
@ -180,8 +180,8 @@ static void send_msg_userauth_pk_ok(char* algo, unsigned int algolen,
|
||||
CHECKCLEARTOWRITE();
|
||||
|
||||
buf_putbyte(ses.writepayload, SSH_MSG_USERAUTH_PK_OK);
|
||||
buf_putstring(ses.writepayload, (const unsigned char *) algo, algolen);
|
||||
buf_putstring(ses.writepayload, keyblob, keybloblen);
|
||||
buf_putstring(ses.writepayload, algo, algolen);
|
||||
buf_putstring(ses.writepayload, (const char*)keyblob, keybloblen);
|
||||
|
||||
encrypt_packet();
|
||||
TRACE(("leave send_msg_userauth_pk_ok"))
|
||||
|
||||
@ -183,7 +183,7 @@ static void send_msg_chansess_exitstatus(struct Channel * channel,
|
||||
|
||||
buf_putbyte(ses.writepayload, SSH_MSG_CHANNEL_REQUEST);
|
||||
buf_putint(ses.writepayload, channel->remotechan);
|
||||
buf_putstring(ses.writepayload, (const unsigned char *) "exit-status", 11);
|
||||
buf_putstring(ses.writepayload, "exit-status", 11);
|
||||
buf_putbyte(ses.writepayload, 0); /* boolean FALSE */
|
||||
buf_putint(ses.writepayload, chansess->exit.exitstatus);
|
||||
|
||||
@ -219,12 +219,12 @@ static void send_msg_chansess_exitsignal(struct Channel * channel,
|
||||
|
||||
buf_putbyte(ses.writepayload, SSH_MSG_CHANNEL_REQUEST);
|
||||
buf_putint(ses.writepayload, channel->remotechan);
|
||||
buf_putstring(ses.writepayload, (const unsigned char *) "exit-signal", 11);
|
||||
buf_putstring(ses.writepayload, "exit-signal", 11);
|
||||
buf_putbyte(ses.writepayload, 0); /* boolean FALSE */
|
||||
buf_putstring(ses.writepayload, (const unsigned char *) signame, strlen(signame));
|
||||
buf_putstring(ses.writepayload, signame, strlen(signame));
|
||||
buf_putbyte(ses.writepayload, chansess->exit.exitcore);
|
||||
buf_putstring(ses.writepayload, (const unsigned char *) "", 0); /* error msg */
|
||||
buf_putstring(ses.writepayload, (const unsigned char *) "", 0); /* lang */
|
||||
buf_putstring(ses.writepayload, "", 0); /* error msg */
|
||||
buf_putstring(ses.writepayload, "", 0); /* lang */
|
||||
|
||||
encrypt_packet();
|
||||
}
|
||||
@ -351,7 +351,7 @@ static void chansessionrequest(struct Channel *channel) {
|
||||
|
||||
TRACE(("enter chansessionrequest"))
|
||||
|
||||
type = (char *) buf_getstring(ses.payload, &typelen);
|
||||
type = buf_getstring(ses.payload, &typelen);
|
||||
wantreply = buf_getbool(ses.payload);
|
||||
|
||||
if (typelen > MAX_NAME_LEN) {
|
||||
@ -414,7 +414,7 @@ static int sessionsignal(struct ChanSess *chansess) {
|
||||
return DROPBEAR_FAILURE;
|
||||
}
|
||||
|
||||
signame = (char *) buf_getstring(ses.payload, NULL);
|
||||
signame = buf_getstring(ses.payload, NULL);
|
||||
|
||||
i = 0;
|
||||
while (signames[i].name != 0) {
|
||||
@ -567,7 +567,7 @@ static int sessionpty(struct ChanSess * chansess) {
|
||||
return DROPBEAR_FAILURE;
|
||||
}
|
||||
|
||||
chansess->term = (char *) buf_getstring(ses.payload, &termlen);
|
||||
chansess->term = buf_getstring(ses.payload, &termlen);
|
||||
if (termlen > MAX_TERM_LEN) {
|
||||
/* TODO send disconnect ? */
|
||||
TRACE(("leave sessionpty: term len too long"))
|
||||
@ -649,7 +649,7 @@ static int sessioncommand(struct Channel *channel, struct ChanSess *chansess,
|
||||
if (iscmd) {
|
||||
/* "exec" */
|
||||
if (chansess->cmd == NULL) {
|
||||
chansess->cmd = (char *) buf_getstring(ses.payload, &cmdlen);
|
||||
chansess->cmd = buf_getstring(ses.payload, &cmdlen);
|
||||
|
||||
if (cmdlen > MAX_CMD_LEN) {
|
||||
m_free(chansess->cmd);
|
||||
|
||||
@ -247,7 +247,7 @@ static void send_msg_kexdh_reply(mp_int *dh_e, buffer *ecdh_qs) {
|
||||
{
|
||||
struct kex_curve25519_param *param = gen_kexcurve25519_param();
|
||||
kexcurve25519_comb_key(param, ecdh_qs, svr_opts.hostkey);
|
||||
buf_putstring(ses.writepayload, param->pub, CURVE25519_LEN);
|
||||
buf_putstring(ses.writepayload, (const char*)param->pub, CURVE25519_LEN);
|
||||
free_kexcurve25519_param(param);
|
||||
}
|
||||
#endif
|
||||
|
||||
@ -41,7 +41,7 @@ void recv_msg_service_request() {
|
||||
|
||||
TRACE(("enter recv_msg_service_request"))
|
||||
|
||||
name = (char *) buf_getstring(ses.payload, &len);
|
||||
name = buf_getstring(ses.payload, &len);
|
||||
|
||||
/* ssh-userauth */
|
||||
if (len == SSH_SERVICE_USERAUTH_LEN &&
|
||||
@ -80,7 +80,7 @@ static void send_msg_service_accept(char *name, int len) {
|
||||
CHECKCLEARTOWRITE();
|
||||
|
||||
buf_putbyte(ses.writepayload, SSH_MSG_SERVICE_ACCEPT);
|
||||
buf_putstring(ses.writepayload, (const unsigned char *) name, len);
|
||||
buf_putstring(ses.writepayload, name, len);
|
||||
|
||||
encrypt_packet();
|
||||
|
||||
|
||||
10
svr-tcpfwd.c
10
svr-tcpfwd.c
@ -77,7 +77,7 @@ void recv_msg_global_request_remotetcp() {
|
||||
goto out;
|
||||
}
|
||||
|
||||
reqname = (char *)buf_getstring(ses.payload, &namelen);
|
||||
reqname = buf_getstring(ses.payload, &namelen);
|
||||
wantreply = buf_getbool(ses.payload);
|
||||
|
||||
if (namelen > MAX_NAME_LEN) {
|
||||
@ -128,7 +128,7 @@ static int svr_cancelremotetcp() {
|
||||
|
||||
TRACE(("enter cancelremotetcp"))
|
||||
|
||||
bindaddr = (char *)buf_getstring(ses.payload, &addrlen);
|
||||
bindaddr = buf_getstring(ses.payload, &addrlen);
|
||||
if (addrlen > MAX_IP_LEN) {
|
||||
TRACE(("addr len too long: %d", addrlen))
|
||||
goto out;
|
||||
@ -162,7 +162,7 @@ static int svr_remotetcpreq() {
|
||||
|
||||
TRACE(("enter remotetcpreq"))
|
||||
|
||||
request_addr = (char *)buf_getstring(ses.payload, &addrlen);
|
||||
request_addr = buf_getstring(ses.payload, &addrlen);
|
||||
if (addrlen > MAX_IP_LEN) {
|
||||
TRACE(("addr len too long: %d", addrlen))
|
||||
goto out;
|
||||
@ -247,7 +247,7 @@ static int newtcpdirect(struct Channel * channel) {
|
||||
goto out;
|
||||
}
|
||||
|
||||
desthost = (char *)buf_getstring(ses.payload, &len);
|
||||
desthost = buf_getstring(ses.payload, &len);
|
||||
if (len > MAX_HOST_LEN) {
|
||||
TRACE(("leave newtcpdirect: desthost too long"))
|
||||
goto out;
|
||||
@ -255,7 +255,7 @@ static int newtcpdirect(struct Channel * channel) {
|
||||
|
||||
destport = buf_getint(ses.payload);
|
||||
|
||||
orighost = (char *)buf_getstring(ses.payload, &len);
|
||||
orighost = buf_getstring(ses.payload, &len);
|
||||
if (len > MAX_HOST_LEN) {
|
||||
TRACE(("leave newtcpdirect: orighost too long"))
|
||||
goto out;
|
||||
|
||||
@ -58,8 +58,8 @@ int x11req(struct ChanSess * chansess) {
|
||||
}
|
||||
|
||||
chansess->x11singleconn = buf_getbool(ses.payload);
|
||||
chansess->x11authprot = (char *)buf_getstring(ses.payload, NULL);
|
||||
chansess->x11authcookie = (char *)buf_getstring(ses.payload, NULL);
|
||||
chansess->x11authprot = buf_getstring(ses.payload, NULL);
|
||||
chansess->x11authcookie = buf_getstring(ses.payload, NULL);
|
||||
chansess->x11screennum = buf_getint(ses.payload);
|
||||
|
||||
/* create listening socket */
|
||||
@ -203,7 +203,7 @@ static int send_msg_channel_open_x11(int fd, struct sockaddr_in* addr) {
|
||||
|
||||
if (send_msg_channel_open_init(fd, &chan_x11) == DROPBEAR_SUCCESS) {
|
||||
ipstring = inet_ntoa(addr->sin_addr);
|
||||
buf_putstring(ses.writepayload, (const unsigned char *)ipstring, strlen(ipstring));
|
||||
buf_putstring(ses.writepayload, ipstring, strlen(ipstring));
|
||||
buf_putint(ses.writepayload, addr->sin_port);
|
||||
|
||||
encrypt_packet();
|
||||
|
||||
@ -94,11 +94,11 @@ static void tcp_acceptor(struct Listener *listener, int sock) {
|
||||
if (addr == NULL) {
|
||||
addr = "localhost";
|
||||
}
|
||||
buf_putstring(ses.writepayload, (const unsigned char *)addr, strlen(addr));
|
||||
buf_putstring(ses.writepayload, addr, strlen(addr));
|
||||
buf_putint(ses.writepayload, port);
|
||||
|
||||
/* originator ip */
|
||||
buf_putstring(ses.writepayload, (const unsigned char *)ipstring, strlen(ipstring));
|
||||
buf_putstring(ses.writepayload, ipstring, strlen(ipstring));
|
||||
/* originator port */
|
||||
buf_putint(ses.writepayload, atol(portstring));
|
||||
|
||||
|
||||
Loading…
Reference in New Issue
Block a user