scmno****@osdn*****
scmno****@osdn*****
2018年 1月 11日 (木) 22:20:07 JST
Tera TermRevision: 7021
http://sourceforge.jp/projects/ttssh2/scm/svn/commits/7021
Author: doda
Date: 2018-01-11 22:20:07 +0900 (Thu, 11 Jan 2018)
Log Message:
-----------
SSH_MSG_KEXINIT で、未確認だったパラメータをログに残すようにした。
何か問題が有った時等に確認できるようにする為。
Modified Paths:
--------------
trunk/ttssh2/ttxssh/ssh.c
-------------- next part --------------
Modified: trunk/ttssh2/ttxssh/ssh.c
===================================================================
--- trunk/ttssh2/ttxssh/ssh.c 2018-01-11 13:20:04 UTC (rev 7020)
+++ trunk/ttssh2/ttxssh/ssh.c 2018-01-11 13:20:07 UTC (rev 7021)
@@ -4826,8 +4826,26 @@
}
-// \x83L\x81[\x8C\xF0\x8A\xB7\x8AJ\x8En\x91O\x82̃`\x83F\x83b\x83N (SSH2_MSG_KEXINIT)
-// \x81\xA6\x93\x96\x8AY\x8A\x94\x82̓f\x81[\x83^\x92ʐM\x92\x86\x82ɂ\xE0\x8CĂ\xEA\x82Ă\xAD\x82\xE9\x89”\\x90\xAB\x82\xA0\x82\xE8
+/*
+ * \x83L\x81[\x8C\xF0\x8A\xB7\x8AJ\x8En\x91O\x82̃`\x83F\x83b\x83N (SSH2_MSG_KEXINIT)
+ * \x81\xA6\x93\x96\x8AY\x8A\x94\x82̓f\x81[\x83^\x92ʐM\x92\x86\x82ɂ\xE0\x8CĂ\xEA\x82Ă\xAD\x82\xE9\x89”\\x90\xAB\x82\xA0\x82\xE8
+ *
+ * SSH2_MSG_KEXINIT:
+ * byte SSH_MSG_KEXINIT
+ * byte[16] cookie (random bytes)
+ * name-list kex_algorithms
+ * name-list server_host_key_algorithms
+ * name-list encryption_algorithms (c2s)
+ * name-list encryption_algorithms (s2c)
+ * name-list mac_algorithms (c2s)
+ * name-list mac_algorithms (s2c)
+ * name-list compression_algorithms (c2s)
+ * name-list compression_algorithms (s2c)
+ * name-list languages (c2s)
+ * name-list languages (s2c)
+ * boolean first_kex_packet_follows
+ * uint32 0 (reserved for future extension)
+ */
static BOOL handle_SSH2_kexinit(PTInstVar pvar)
{
char buf[1024];
@@ -5094,6 +5112,68 @@
goto error;
}
+ // \x8C\xBE\x8C\xEA(\x83N\x83\x89\x83C\x83A\x83\x93\x83g -> \x83T\x81[\x83o)
+ // \x8C\xBB\x8F\xF3\x82ł͖\xA2\x8Eg\x97p\x81B\x83\x8D\x83O\x82ɋL\x98^\x82\xB7\x82邾\x82\xAF\x81B
+ if (!grab_payload(pvar, 4)
+ || !grab_payload(pvar, size = get_uint32(data))) {
+ // \x8C\xBE\x8C\xEA\x82\xCC name-list \x82\xAA\x8E\xE6\x82\xEA\x82Ȃ\xA2\x82Ƃ\xA2\x82\xA4\x8E\x96\x82\xCD KEXINIT \x83p\x83P\x83b\x83g\x82̃t\x83H\x81[\x83}\x83b\x83g\x8E\xA9\x91̂\xAA\x91z\x92\xE8\x8AO\x82ł\xA0\x82\xE8
+ // \x88ُ\xED\x82ȏ\xF3\x91Ԃł\xA0\x82邪\x81A\x92ʐM\x82ɕK\x97v\x82ȃA\x83\x8B\x83S\x83\x8A\x83Y\x83\x80\x82͂\xB7\x82łɃl\x83S\x8Dς݂ŒʐM\x8E\xA9\x91͍̂s\x82\xA6\x82\xE9\x81B
+ // \x8D\xA1\x82܂ł͂\xB1\x82̕\x94\x95\xAA\x82̃`\x83F\x83b\x83N\x82\xF0\x8Ds\x82\xC1\x82Ă\xA2\x82Ȃ\xA9\x82\xC1\x82\xBD\x82̂ŁA\x8Cx\x8D\x90\x82\xF0\x8BL\x98^\x82\xB7\x82\xE9\x82݂̂ŏ\x88\x97\x9D\x82s\x82\xB7\x82\xE9\x81B
+ logputs(LOG_LEVEL_WARNING, __FUNCTION__ ": truncated packet (language client to server)");
+ goto skip;
+ }
+ data += 4;
+
+ if (size >= sizeof(buf)) {
+ logputs(LOG_LEVEL_WARNING, __FUNCTION__ ": server proposed language (client to server) is too long.");
+ }
+ strncpy_s(buf, sizeof(buf), data, _TRUNCATE);
+ data += size;
+
+ logprintf(LOG_LEVEL_VERBOSE, "server proposal: language client to server: %s", buf);
+
+ // \x8C\xBE\x8C\xEA(\x83T\x81[\x83o -> \x83N\x83\x89\x83C\x83A\x83\x93\x83g)
+ // \x8C\xBB\x8F\xF3\x82ł͖\xA2\x8Eg\x97p\x81B\x83\x8D\x83O\x82ɋL\x98^\x82\xB7\x82邾\x82\xAF\x81B
+ if (!grab_payload(pvar, 4)
+ || !grab_payload(pvar, size = get_uint32(data))) {
+ // \x8C\xBE\x8C\xEA(\x83N\x83\x89\x83C\x83A\x83\x93\x83g -> \x83T\x81[\x83o) \x82Ɠ\xAF\x97l\x82ɁA\x96\xE2\x91肪\x82\xA0\x82\xC1\x82Ă\xE0\x8Cx\x8D\x90\x82݂̂Ƃ\xB7\x82\xE9\x81B
+ logputs(LOG_LEVEL_WARNING, __FUNCTION__ ": truncated packet (language server to client)");
+ goto skip;
+ }
+ data += 4;
+
+ if (size >= sizeof(buf)) {
+ logputs(LOG_LEVEL_WARNING, __FUNCTION__ ": server proposed language (server to client) is too long.");
+ }
+ strncpy_s(buf, sizeof(buf), data, _TRUNCATE);
+ data += size;
+
+ logprintf(LOG_LEVEL_VERBOSE, "server proposal: language server to client: %s", buf);
+
+ // first_kex_packet_follows:
+ // KEXINIT \x83p\x83P\x83b\x83g\x82̌\xE3\x82ɁA\x83A\x83\x8B\x83S\x83\x8A\x83Y\x83\x80\x82̃l\x83S\x8C\x8B\x89ʂ𐄑\xAA\x82\xB5\x82Č\xAE\x8C\xF0\x8A\xB7\x83p\x83P\x83b\x83g\x82𑗂\xC1\x82Ă\xA2\x82邩\x81B
+ // SSH_MSG_KEXINIT \x82̌\xE3\x82̌\xAE\x8C\xF0\x8A\xB7\x82̓N\x83\x89\x83C\x83A\x83\x93\x83g\x91\xA4\x82\xA9\x82瑗\x82\xE9\x82̂ŃT\x81[\x83o\x91\xA4\x82\xAA 1 \x82ɂ\xB7\x82鎖\x82͂Ȃ\xA2\x82͂\xB8\x81B
+ if (!grab_payload(pvar, 1)) {
+ // \x8C\xBE\x8C\xEA(\x83N\x83\x89\x83C\x83A\x83\x93\x83g -> \x83T\x81[\x83o) \x82Ɠ\xAF\x97l\x82ɁA\x96\xE2\x91肪\x82\xA0\x82\xC1\x82Ă\xE0\x8Cx\x8D\x90\x82݂̂Ƃ\xB7\x82\xE9\x81B
+ logputs(LOG_LEVEL_WARNING, __FUNCTION__ ": truncated packet (first_kex_packet_follows)");
+ goto skip;
+ }
+ if (data[0] != 0) {
+ // \x91O\x8Fq\x82̂悤\x82ɃT\x81[\x83o\x91\xA4\x82\xCD 0 \x88ȊO\x82ɂ\xB7\x82鎖\x82͂Ȃ\xA2\x82͂\xB8\x82Ȃ̂ŁA\x8Cx\x8D\x90\x82\xF0\x8BL\x98^\x82\xB7\x82\xE9\x81B
+ logprintf(LOG_LEVEL_WARNING, __FUNCTION__ ": first_kex_packet_follows is not 0. (%d)", data[0]);
+ }
+ data++;
+
+ // reserved: \x8C\xBB\x8F\xF3\x82͏\xED\x82\xC9 0 \x82ƂȂ\xE9\x81B
+ if (!grab_payload(pvar, 4)) {
+ // \x8C\xBE\x8C\xEA(\x83N\x83\x89\x83C\x83A\x83\x93\x83g -> \x83T\x81[\x83o) \x82Ɠ\xAF\x97l\x82ɁA\x96\xE2\x91肪\x82\xA0\x82\xC1\x82Ă\xE0\x8Cx\x8D\x90\x82݂̂Ƃ\xB7\x82\xE9\x81B
+ logputs(LOG_LEVEL_WARNING, __FUNCTION__ ": truncated packet (reserved)");
+ goto skip;
+ }
+ if ((size = get_uint32(data)) != 0) {
+ logprintf(LOG_LEVEL_INFO, __FUNCTION__ ": reserved data is not 0. (%d)", size);
+ }
+
skip:
// \x8C\x88\x92肵\x82\xBD\x95\xFB\x8E\xAE\x82\xF0\x83\x8D\x83O\x82ɏo\x97\xCD
logprintf(LOG_LEVEL_VERBOSE, "KEX algorithm: %s",