upstream commit
Add a per-packet input hook that is called with the decrypted packet contents. This will be used for fuzzing; ok markus@ Upstream-ID: a3221cee6b1725dd4ae1dd2c13841b4784cb75dc
This commit is contained in:
parent
ec165c392c
commit
39af7b444d
17
packet.c
17
packet.c
|
@ -1,4 +1,4 @@
|
||||||
/* $OpenBSD: packet.c,v 1.242 2016/09/30 09:19:13 markus Exp $ */
|
/* $OpenBSD: packet.c,v 1.243 2016/10/11 21:47:45 djm Exp $ */
|
||||||
/*
|
/*
|
||||||
* Author: Tatu Ylonen <ylo@cs.hut.fi>
|
* Author: Tatu Ylonen <ylo@cs.hut.fi>
|
||||||
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
|
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
|
||||||
|
@ -219,6 +219,10 @@ struct session_state {
|
||||||
/* SSH1 CRC compensation attack detector */
|
/* SSH1 CRC compensation attack detector */
|
||||||
struct deattack_ctx deattack;
|
struct deattack_ctx deattack;
|
||||||
|
|
||||||
|
/* Hook for fuzzing inbound packets */
|
||||||
|
ssh_packet_hook_fn *hook_in;
|
||||||
|
void *hook_in_ctx;
|
||||||
|
|
||||||
TAILQ_HEAD(, packet) outgoing;
|
TAILQ_HEAD(, packet) outgoing;
|
||||||
};
|
};
|
||||||
|
|
||||||
|
@ -263,6 +267,13 @@ ssh_alloc_session_state(void)
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
void
|
||||||
|
ssh_packet_set_input_hook(struct ssh *ssh, ssh_packet_hook_fn *hook, void *ctx)
|
||||||
|
{
|
||||||
|
ssh->state->hook_in = hook;
|
||||||
|
ssh->state->hook_in_ctx = ctx;
|
||||||
|
}
|
||||||
|
|
||||||
/* Returns nonzero if rekeying is in progress */
|
/* Returns nonzero if rekeying is in progress */
|
||||||
int
|
int
|
||||||
ssh_packet_is_rekeying(struct ssh *ssh)
|
ssh_packet_is_rekeying(struct ssh *ssh)
|
||||||
|
@ -1884,6 +1895,10 @@ ssh_packet_read_poll2(struct ssh *ssh, u_char *typep, u_int32_t *seqnr_p)
|
||||||
return r;
|
return r;
|
||||||
return SSH_ERR_PROTOCOL_ERROR;
|
return SSH_ERR_PROTOCOL_ERROR;
|
||||||
}
|
}
|
||||||
|
if (state->hook_in != NULL &&
|
||||||
|
(r = state->hook_in(ssh, state->incoming_packet, typep,
|
||||||
|
state->hook_in_ctx)) != 0)
|
||||||
|
return r;
|
||||||
if (*typep == SSH2_MSG_USERAUTH_SUCCESS && !state->server_side)
|
if (*typep == SSH2_MSG_USERAUTH_SUCCESS && !state->server_side)
|
||||||
r = ssh_packet_enable_delayed_compress(ssh);
|
r = ssh_packet_enable_delayed_compress(ssh);
|
||||||
else
|
else
|
||||||
|
|
7
packet.h
7
packet.h
|
@ -1,4 +1,4 @@
|
||||||
/* $OpenBSD: packet.h,v 1.73 2016/09/30 09:19:13 markus Exp $ */
|
/* $OpenBSD: packet.h,v 1.74 2016/10/11 21:47:45 djm Exp $ */
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* Author: Tatu Ylonen <ylo@cs.hut.fi>
|
* Author: Tatu Ylonen <ylo@cs.hut.fi>
|
||||||
|
@ -78,6 +78,9 @@ struct ssh {
|
||||||
void *app_data;
|
void *app_data;
|
||||||
};
|
};
|
||||||
|
|
||||||
|
typedef int (ssh_packet_hook_fn)(struct ssh *, struct sshbuf *,
|
||||||
|
u_char *, void *);
|
||||||
|
|
||||||
struct ssh *ssh_alloc_session_state(void);
|
struct ssh *ssh_alloc_session_state(void);
|
||||||
struct ssh *ssh_packet_set_connection(struct ssh *, int, int);
|
struct ssh *ssh_packet_set_connection(struct ssh *, int, int);
|
||||||
void ssh_packet_set_timeout(struct ssh *, int, int);
|
void ssh_packet_set_timeout(struct ssh *, int, int);
|
||||||
|
@ -88,6 +91,8 @@ int ssh_packet_get_connection_in(struct ssh *);
|
||||||
int ssh_packet_get_connection_out(struct ssh *);
|
int ssh_packet_get_connection_out(struct ssh *);
|
||||||
void ssh_packet_close(struct ssh *);
|
void ssh_packet_close(struct ssh *);
|
||||||
void ssh_packet_set_encryption_key(struct ssh *, const u_char *, u_int, int);
|
void ssh_packet_set_encryption_key(struct ssh *, const u_char *, u_int, int);
|
||||||
|
void ssh_packet_set_input_hook(struct ssh *, ssh_packet_hook_fn *, void *);
|
||||||
|
|
||||||
int ssh_packet_is_rekeying(struct ssh *);
|
int ssh_packet_is_rekeying(struct ssh *);
|
||||||
void ssh_packet_set_protocol_flags(struct ssh *, u_int);
|
void ssh_packet_set_protocol_flags(struct ssh *, u_int);
|
||||||
u_int ssh_packet_get_protocol_flags(struct ssh *);
|
u_int ssh_packet_get_protocol_flags(struct ssh *);
|
||||||
|
|
Loading…
Reference in New Issue