Tera Termの個人的な作業用リポジトリ
Revisão | f0ef6ab022296419a6ea73253b9e7a444be72343 (tree) |
---|---|
Hora | 2020-03-17 00:20:53 |
Autor | IWAMOTO Kouichi <sue@iwmt...> |
Commiter | IWAMOTO Kouichi |
チャネル関連のメッセージ送信前にリモートのチャネル番号のチェックを追加した。
Ticket: #40225, #40226
MFT: r8599
問題:
原因:
対処:
git-svn-id: svn+ssh://svn.osdn.net/svnroot/ttssh2/branches/4-stable@8600 f5f01b69-1e22-0410-acbf-894ab4bd6246
@@ -3275,8 +3275,8 @@ SYNOPSIS: | ||
3275 | 3275 | |
3276 | 3276 | <li>Bug fixes |
3277 | 3277 | <ul> |
3278 | - <li>システムのメモリが不足している時、鍵交換時のホスト鍵による署名検証で不正な署名を正しい物として扱う可能性が有 | |
3279 | -った問題を修正した。</li> | |
3278 | + <!-- li>?V?X?e???̃????????s?????Ă??鎞?A?????????̃z?X?g???ɂ?鏐?????ŕs???ȏ????𐳂??????Ƃ??Ĉ????\?????L?????????C???????B</li --> | |
3279 | + <li>Resizing the VT window immediately after user authentication was completed, connection is closed by server.</li> | |
3280 | 3280 | </ul> |
3281 | 3281 | </li> |
3282 | 3282 |
@@ -3282,6 +3282,7 @@ | ||
3282 | 3282 | <li>バグ修正 |
3283 | 3283 | <ul> |
3284 | 3284 | <li>システムのメモリが不足している時、鍵交換時のホスト鍵による署名検証で不正な署名を正しい物として扱う可能性が有った問題を修正した。</li> |
3285 | + <li>ユーザ認証が完了した直後にVTウィンドウのサイズを変更すると、サーバから切断される問題を修正した。</li> | |
3285 | 3286 | </ul> |
3286 | 3287 | </li> |
3287 | 3288 |
@@ -205,7 +205,7 @@ static Channel_t *ssh2_channel_new(unsigned int window, unsigned int maxpack, | ||
205 | 205 | memset(c, 0, sizeof(Channel_t)); |
206 | 206 | c->used = 1; |
207 | 207 | c->self_id = i; |
208 | - c->remote_id = -1; | |
208 | + c->remote_id = SSH_CHANNEL_INVALID; | |
209 | 209 | c->local_window = window; |
210 | 210 | c->local_window_max = window; |
211 | 211 | c->local_consumed = 0; |
@@ -3046,11 +3046,16 @@ void SSH_notify_win_size(PTInstVar pvar, int cols, int rows) | ||
3046 | 3046 | logprintf(LOG_LEVEL_ERROR, "%s: shell channel not found.", __FUNCTION__); |
3047 | 3047 | return; |
3048 | 3048 | } |
3049 | - | |
3049 | + if (c->remote_id == SSH_CHANNEL_INVALID) { | |
3050 | + // この状況は認証完了直後にウィンドウサイズを変更すると発生する。 | |
3051 | + // まだシェルのチャネルに対する SSH_MSG_OPEN_CONFIRMATION を受けていないので、 | |
3052 | + // 相手側のチャネル番号が判らないので window-change メッセージは送らない。 | |
3053 | + logprintf(LOG_LEVEL_WARNING, "%s: remote shell channel number is unknown.", __FUNCTION__); | |
3054 | + return; | |
3055 | + } | |
3050 | 3056 | |
3051 | 3057 | msg = buffer_init(); |
3052 | 3058 | if (msg == NULL) { |
3053 | - // TODO: error check | |
3054 | 3059 | logprintf(LOG_LEVEL_ERROR, "%s: buffer_init returns NULL.", __FUNCTION__); |
3055 | 3060 | return; |
3056 | 3061 | } |
@@ -3095,6 +3100,13 @@ int SSH_notify_break_signal(PTInstVar pvar) | ||
3095 | 3100 | logprintf(LOG_LEVEL_ERROR, "%s: shell channel not found.", __FUNCTION__); |
3096 | 3101 | goto error; |
3097 | 3102 | } |
3103 | + if (c->remote_id == SSH_CHANNEL_INVALID) { | |
3104 | + // 認証直後に send break を行うと発生する | |
3105 | + // まだシェルのチャネルに対する SSH_MSG_OPEN_CONFIRMATION を受けていないので、 | |
3106 | + // 相手側のチャネル番号が判らないので break メッセージは送らない。 | |
3107 | + logprintf(LOG_LEVEL_WARNING, "%s: remote shell channel number is unknown.", __FUNCTION__); | |
3108 | + goto error; | |
3109 | + } | |
3098 | 3110 | |
3099 | 3111 | msg = buffer_init(); |
3100 | 3112 | if (msg == NULL) { |
@@ -3244,7 +3256,7 @@ void SSH_send(PTInstVar pvar, unsigned char const *buf, unsigned int buflen) | ||
3244 | 3256 | |
3245 | 3257 | } else { // for SSH2(yutaka) |
3246 | 3258 | Channel_t *c = ssh2_channel_lookup(pvar->shell_id); |
3247 | - if (c == NULL) { | |
3259 | + if (c == NULL || c->remote_id == SSH_CHANNEL_INVALID) { | |
3248 | 3260 | logprintf(LOG_LEVEL_ERROR, "%s: shell channel not found.", __FUNCTION__); |
3249 | 3261 | } |
3250 | 3262 | else { |
@@ -3457,7 +3469,6 @@ void SSH_end(PTInstVar pvar) | ||
3457 | 3469 | pvar->session_id_len = 0; |
3458 | 3470 | |
3459 | 3471 | pvar->userauth_success = 0; |
3460 | - //pvar->remote_id = 0; | |
3461 | 3472 | pvar->shell_id = SSH_CHANNEL_INVALID; |
3462 | 3473 | pvar->session_nego_status = 0; |
3463 | 3474 |
@@ -3537,7 +3548,6 @@ void SSH2_send_channel_data(PTInstVar pvar, Channel_t *c, unsigned char *buf, un | ||
3537 | 3548 | if (buflen > 0) { |
3538 | 3549 | msg = buffer_init(); |
3539 | 3550 | if (msg == NULL) { |
3540 | - // TODO: error check | |
3541 | 3551 | logprintf(LOG_LEVEL_ERROR, "%s: buffer_init returns NULL.", __FUNCTION__); |
3542 | 3552 | return; |
3543 | 3553 | } |
@@ -3666,7 +3676,6 @@ void SSH2_confirm_channel_open(PTInstVar pvar, Channel_t *c) | ||
3666 | 3676 | |
3667 | 3677 | msg = buffer_init(); |
3668 | 3678 | if (msg == NULL) { |
3669 | - // TODO: error check | |
3670 | 3679 | logprintf(LOG_LEVEL_ERROR, "%s: buffer_init returns NULL.", __FUNCTION__); |
3671 | 3680 | return; |
3672 | 3681 | } |
@@ -3745,7 +3754,6 @@ void SSH2_channel_input_eof(PTInstVar pvar, Channel_t *c) | ||
3745 | 3754 | |
3746 | 3755 | msg = buffer_init(); |
3747 | 3756 | if (msg == NULL) { |
3748 | - // TODO: error check | |
3749 | 3757 | logprintf(LOG_LEVEL_ERROR, "%s: buffer_init returns NULL.", __FUNCTION__); |
3750 | 3758 | return; |
3751 | 3759 | } |
@@ -3914,7 +3922,6 @@ void SSH_request_X11_forwarding(PTInstVar pvar, | ||
3914 | 3922 | |
3915 | 3923 | msg = buffer_init(); |
3916 | 3924 | if (msg == NULL) { |
3917 | - // TODO: error check | |
3918 | 3925 | logprintf(LOG_LEVEL_ERROR, "%s: buffer_init returns NULL.", __FUNCTION__); |
3919 | 3926 | return; |
3920 | 3927 | } |
@@ -3924,6 +3931,10 @@ void SSH_request_X11_forwarding(PTInstVar pvar, | ||
3924 | 3931 | logprintf(LOG_LEVEL_ERROR, "%s: shell channel not found.", __FUNCTION__); |
3925 | 3932 | return; |
3926 | 3933 | } |
3934 | + if (c->remote_id == SSH_CHANNEL_INVALID) { | |
3935 | + logprintf(LOG_LEVEL_ERROR, "%s: remote shell channel number is unknown.", __FUNCTION__); | |
3936 | + return; | |
3937 | + } | |
3927 | 3938 | |
3928 | 3939 | // making the fake data |
3929 | 3940 | newlen = 2 * auth_data_len + 1; |
@@ -8093,6 +8104,11 @@ static BOOL send_channel_request_gen(PTInstVar pvar, Channel_t *c, unsigned char | ||
8093 | 8104 | |
8094 | 8105 | msg = buffer_init(); |
8095 | 8106 | if (msg == NULL) { |
8107 | + logprintf(LOG_LEVEL_ERROR, "%s: buffer_init returns NULL.", __FUNCTION__); | |
8108 | + return FALSE; | |
8109 | + } | |
8110 | + if (c->remote_id == SSH_CHANNEL_INVALID) { | |
8111 | + logprintf(LOG_LEVEL_ERROR, "%s: invalid remote channel number (%d).", __FUNCTION__, c->remote_id); | |
8096 | 8112 | return FALSE; |
8097 | 8113 | } |
8098 | 8114 |
@@ -8135,13 +8151,11 @@ BOOL send_pty_request(PTInstVar pvar, Channel_t *c) | ||
8135 | 8151 | // pty open |
8136 | 8152 | msg = buffer_init(); |
8137 | 8153 | if (msg == NULL) { |
8138 | - // TODO: error check | |
8139 | 8154 | logprintf(LOG_LEVEL_ERROR, "%s: buffer_init returns NULL. (msg)", __FUNCTION__); |
8140 | 8155 | return FALSE; |
8141 | 8156 | } |
8142 | 8157 | ttymsg = buffer_init(); |
8143 | 8158 | if (ttymsg == NULL) { |
8144 | - // TODO: error check | |
8145 | 8159 | logprintf(LOG_LEVEL_ERROR, "%s: buffer_init returns NULL. (ttymsg)", __FUNCTION__); |
8146 | 8160 | buffer_free(msg); |
8147 | 8161 | return FALSE; |
@@ -8241,12 +8255,10 @@ static BOOL handle_SSH2_open_confirm(PTInstVar pvar) | ||
8241 | 8255 | |
8242 | 8256 | c = ssh2_channel_lookup(id); |
8243 | 8257 | if (c == NULL) { |
8244 | - // TODO: | |
8245 | 8258 | logprintf(LOG_LEVEL_ERROR, "%s: channel not found. (%d)", __FUNCTION__, id); |
8246 | 8259 | return FALSE; |
8247 | 8260 | } |
8248 | 8261 | |
8249 | - // TODO: id check | |
8250 | 8262 | remote_id = get_uint32_MSBfirst(data); |
8251 | 8263 | data += 4; |
8252 | 8264 |
@@ -8355,7 +8367,6 @@ static BOOL handle_SSH2_open_failure(PTInstVar pvar) | ||
8355 | 8367 | |
8356 | 8368 | c = ssh2_channel_lookup(id); |
8357 | 8369 | if (c == NULL) { |
8358 | - // TODO: SSH2_MSG_DISCONNECTを送る | |
8359 | 8370 | logprintf(LOG_LEVEL_ERROR, "%s: channel not found. (%d)", __FUNCTION__, id); |
8360 | 8371 | return FALSE; |
8361 | 8372 | } |
@@ -8498,26 +8509,30 @@ static BOOL handle_SSH2_channel_success(PTInstVar pvar) | ||
8498 | 8509 | pvar->session_nego_status); |
8499 | 8510 | |
8500 | 8511 | if (pvar->session_nego_status == 1) { |
8501 | - // find channel by shell id(2005.2.27 yutaka) | |
8502 | 8512 | c = ssh2_channel_lookup(pvar->shell_id); |
8503 | 8513 | if (c == NULL) { |
8504 | - // TODO: error check | |
8505 | 8514 | logprintf(LOG_LEVEL_ERROR, "%s: shell channel not found.", __FUNCTION__); |
8506 | 8515 | return FALSE; |
8507 | 8516 | } |
8517 | + if (c->remote_id == SSH_CHANNEL_INVALID) { | |
8518 | + logprintf(LOG_LEVEL_ERROR, "%s: remote shell channel number is unknown.", __FUNCTION__); | |
8519 | + return FALSE; | |
8520 | + } | |
8508 | 8521 | pvar->agentfwd_enable = TRUE; |
8509 | 8522 | return send_pty_request(pvar, c); |
8510 | 8523 | |
8511 | 8524 | } else if (pvar->session_nego_status == 2) { |
8512 | 8525 | pvar->session_nego_status = 3; |
8513 | 8526 | |
8514 | - // find channel by shell id(2005.2.27 yutaka) | |
8515 | 8527 | c = ssh2_channel_lookup(pvar->shell_id); |
8516 | 8528 | if (c == NULL) { |
8517 | - // TODO: error check | |
8518 | 8529 | logprintf(LOG_LEVEL_ERROR, "%s: shell channel not found.", __FUNCTION__); |
8519 | 8530 | return FALSE; |
8520 | 8531 | } |
8532 | + if (c->remote_id == SSH_CHANNEL_INVALID) { | |
8533 | + logprintf(LOG_LEVEL_ERROR, "%s: remote shell channel number is unknown.", __FUNCTION__); | |
8534 | + return FALSE; | |
8535 | + } | |
8521 | 8536 | |
8522 | 8537 | if (!send_channel_request_gen(pvar, c, "shell", want_reply, NULL, NULL)) { |
8523 | 8538 | return FALSE;; |
@@ -8550,7 +8565,6 @@ static BOOL handle_SSH2_channel_failure(PTInstVar pvar) | ||
8550 | 8565 | |
8551 | 8566 | c = ssh2_channel_lookup(channel_id); |
8552 | 8567 | if (c == NULL) { |
8553 | - // TODO: error check | |
8554 | 8568 | logprintf(LOG_LEVEL_ERROR, "%s: channel not found. (%d)", __FUNCTION__, channel_id); |
8555 | 8569 | return FALSE; |
8556 | 8570 | } |
@@ -8599,7 +8613,6 @@ static void do_SSH2_adjust_window_size(PTInstVar pvar, Channel_t *c) | ||
8599 | 8613 | // pty open |
8600 | 8614 | msg = buffer_init(); |
8601 | 8615 | if (msg == NULL) { |
8602 | - // TODO: error check | |
8603 | 8616 | logprintf(LOG_LEVEL_ERROR, "%s: buffer_init returns NULL.", __FUNCTION__); |
8604 | 8617 | return; |
8605 | 8618 | } |
@@ -8635,7 +8648,6 @@ void ssh2_channel_send_close(PTInstVar pvar, Channel_t *c) | ||
8635 | 8648 | // SSH2 serverにchannel closeを伝える |
8636 | 8649 | msg = buffer_init(); |
8637 | 8650 | if (msg == NULL) { |
8638 | - // TODO: error check | |
8639 | 8651 | logprintf(LOG_LEVEL_ERROR, "%s: buffer_init returns NULL.", __FUNCTION__); |
8640 | 8652 | return; |
8641 | 8653 | } |
@@ -9315,10 +9327,13 @@ static BOOL handle_SSH2_channel_data(PTInstVar pvar) | ||
9315 | 9327 | |
9316 | 9328 | c = ssh2_channel_lookup(id); |
9317 | 9329 | if (c == NULL) { |
9318 | - // TODO: | |
9319 | 9330 | logprintf(LOG_LEVEL_ERROR, "%s: channel not found. (%d)", __FUNCTION__, id); |
9320 | 9331 | return FALSE; |
9321 | 9332 | } |
9333 | + if (c->remote_id == SSH_CHANNEL_INVALID) { | |
9334 | + logprintf(LOG_LEVEL_ERROR, "%s: remote shell channel number is unknown.", __FUNCTION__); | |
9335 | + return FALSE; | |
9336 | + } | |
9322 | 9337 | |
9323 | 9338 | // string length |
9324 | 9339 | str_len = get_uint32_MSBfirst(data); |
@@ -9336,7 +9351,6 @@ static BOOL handle_SSH2_channel_data(PTInstVar pvar) | ||
9336 | 9351 | "len:%d local_maxpacket:%d", __FUNCTION__, str_len, c->local_maxpacket); |
9337 | 9352 | } |
9338 | 9353 | if (str_len > c->local_window) { |
9339 | - // TODO: logging | |
9340 | 9354 | // local window sizeより大きなパケットは捨てる |
9341 | 9355 | logprintf(LOG_LEVEL_WARNING, "%s: Data length is larger than local_window. " |
9342 | 9356 | "len:%d local_window:%d", __FUNCTION__, str_len, c->local_window); |
@@ -9400,10 +9414,13 @@ static BOOL handle_SSH2_channel_extended_data(PTInstVar pvar) | ||
9400 | 9414 | |
9401 | 9415 | c = ssh2_channel_lookup(id); |
9402 | 9416 | if (c == NULL) { |
9403 | - // TODO: | |
9404 | 9417 | logprintf(LOG_LEVEL_ERROR, "%s: channel not found. (%d)", __FUNCTION__, id); |
9405 | 9418 | return FALSE; |
9406 | 9419 | } |
9420 | + if (c->remote_id == SSH_CHANNEL_INVALID) { | |
9421 | + logprintf(LOG_LEVEL_ERROR, "%s: remote shell channel number is unknown.", __FUNCTION__); | |
9422 | + return FALSE; | |
9423 | + } | |
9407 | 9424 | |
9408 | 9425 | // data_type_code |
9409 | 9426 | data_type = get_uint32_MSBfirst(data); |
@@ -9415,12 +9432,10 @@ static BOOL handle_SSH2_channel_extended_data(PTInstVar pvar) | ||
9415 | 9432 | |
9416 | 9433 | // バッファサイズのチェック |
9417 | 9434 | if (strlen > c->local_maxpacket) { |
9418 | - // TODO: logging | |
9419 | 9435 | logprintf(LOG_LEVEL_WARNING, "%s: Data length is larger than local_maxpacket. " |
9420 | 9436 | "len:%d local_maxpacket:%d", __FUNCTION__, strlen, c->local_maxpacket); |
9421 | 9437 | } |
9422 | 9438 | if (strlen > c->local_window) { |
9423 | - // TODO: logging | |
9424 | 9439 | // local window sizeより大きなパケットは捨てる |
9425 | 9440 | logprintf(LOG_LEVEL_WARNING, "%s: Data length is larger than local_window. " |
9426 | 9441 | "len:%d local_window:%d", __FUNCTION__, strlen, c->local_window); |
@@ -9478,7 +9493,6 @@ static BOOL handle_SSH2_channel_eof(PTInstVar pvar) | ||
9478 | 9493 | |
9479 | 9494 | c = ssh2_channel_lookup(id); |
9480 | 9495 | if (c == NULL) { |
9481 | - // TODO: | |
9482 | 9496 | logprintf(LOG_LEVEL_ERROR, "%s: channel not found. (%d)", __FUNCTION__, id); |
9483 | 9497 | return FALSE; |
9484 | 9498 | } |
@@ -9596,8 +9610,7 @@ static BOOL handle_SSH2_channel_open(PTInstVar pvar) | ||
9596 | 9610 | |
9597 | 9611 | free(orig_str); |
9598 | 9612 | |
9599 | - // X server(port 6000)へ接続する。接続に失敗するとTera Term自身が切断される。 | |
9600 | - // TODO: 将来、切断されないようにしたい。(2005.7.3 yutaka) | |
9613 | + // X server へ接続する。 | |
9601 | 9614 | FWD_X11_open(pvar, remote_id, NULL, 0, &chan_num); |
9602 | 9615 | |
9603 | 9616 | // channelをアロケートし、必要な情報(remote window size)をここで取っておく。 |
@@ -9634,7 +9647,6 @@ static BOOL handle_SSH2_channel_open(PTInstVar pvar) | ||
9634 | 9647 | else { |
9635 | 9648 | msg = buffer_init(); |
9636 | 9649 | if (msg == NULL) { |
9637 | - // TODO: error check | |
9638 | 9650 | logprintf(LOG_LEVEL_ERROR, "%s: buffer_init returns NULL.", __FUNCTION__); |
9639 | 9651 | return FALSE; |
9640 | 9652 | } |
@@ -9684,7 +9696,6 @@ static BOOL handle_SSH2_channel_close(PTInstVar pvar) | ||
9684 | 9696 | data += 4; |
9685 | 9697 | c = ssh2_channel_lookup(id); |
9686 | 9698 | if (c == NULL) { |
9687 | - // TODO: | |
9688 | 9699 | logprintf(LOG_LEVEL_ERROR, "%s: channel not found. (%d)", __FUNCTION__, id); |
9689 | 9700 | return FALSE; |
9690 | 9701 | } |
@@ -9744,10 +9755,13 @@ static BOOL handle_SSH2_channel_request(PTInstVar pvar) | ||
9744 | 9755 | data += 4; |
9745 | 9756 | c = ssh2_channel_lookup(id); |
9746 | 9757 | if (c == NULL) { |
9747 | - // TODO: | |
9748 | 9758 | logprintf(LOG_LEVEL_ERROR, "%s: channel not found. (%d)", __FUNCTION__, id); |
9749 | 9759 | return FALSE; |
9750 | 9760 | } |
9761 | + if (c->remote_id == SSH_CHANNEL_INVALID) { | |
9762 | + logprintf(LOG_LEVEL_ERROR, "%s: remote shell channel number is unknown.", __FUNCTION__); | |
9763 | + return FALSE; | |
9764 | + } | |
9751 | 9765 | |
9752 | 9766 | request = buffer_get_string(&data, NULL); |
9753 | 9767 |
@@ -9790,7 +9804,6 @@ static BOOL handle_SSH2_channel_request(PTInstVar pvar) | ||
9790 | 9804 | |
9791 | 9805 | msg = buffer_init(); |
9792 | 9806 | if (msg == NULL) { |
9793 | - // TODO: error check | |
9794 | 9807 | logprintf(LOG_LEVEL_ERROR, "%s: buffer_init returns NULL.", __FUNCTION__); |
9795 | 9808 | return FALSE; |
9796 | 9809 | } |
@@ -9841,6 +9854,10 @@ static BOOL handle_SSH2_window_adjust(PTInstVar pvar) | ||
9841 | 9854 | logprintf(LOG_LEVEL_WARNING, "%s: channel not found. (%d)", __FUNCTION__, id); |
9842 | 9855 | return TRUE; |
9843 | 9856 | } |
9857 | + if (c->remote_id == SSH_CHANNEL_INVALID) { | |
9858 | + logprintf(LOG_LEVEL_ERROR, "%s: remote shell channel number is unknown.", __FUNCTION__); | |
9859 | + return FALSE; | |
9860 | + } | |
9844 | 9861 | |
9845 | 9862 | adjust = get_uint32_MSBfirst(data); |
9846 | 9863 | data += 4; |
@@ -281,7 +281,6 @@ typedef struct _TInstVar { | ||
281 | 281 | EVP_CIPHER_CTX *evpcip[MODE_MAX]; |
282 | 282 | int userauth_success; |
283 | 283 | int shell_id; |
284 | - /*int remote_id;*/ | |
285 | 284 | int session_nego_status; |
286 | 285 | /* |
287 | 286 | unsigned int local_window; |