[openssh-commits] [openssh] 02/06: upstream commit

git+noreply at mindrot.org git+noreply at mindrot.org
Thu Oct 13 18:55:40 AEDT 2016


This is an automated email from the git hooks/post-receive script.

djm pushed a commit to branch master
in repository openssh.

commit 39af7b444db28c1cb01b7ea468a4f574a44f375b
Author: djm at openbsd.org <djm at openbsd.org>
Date:   Tue Oct 11 21:47:45 2016 +0000

    upstream commit
    
    Add a per-packet input hook that is called with the
    decrypted packet contents. This will be used for fuzzing; ok markus@
    
    Upstream-ID: a3221cee6b1725dd4ae1dd2c13841b4784cb75dc
---
 packet.c | 17 ++++++++++++++++-
 packet.h |  7 ++++++-
 2 files changed, 22 insertions(+), 2 deletions(-)

diff --git a/packet.c b/packet.c
index 783ae5b..ad1f6b4 100644
--- a/packet.c
+++ b/packet.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: packet.c,v 1.242 2016/09/30 09:19:13 markus Exp $ */
+/* $OpenBSD: packet.c,v 1.243 2016/10/11 21:47:45 djm Exp $ */
 /*
  * Author: Tatu Ylonen <ylo at cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo at cs.hut.fi>, Espoo, Finland
@@ -219,6 +219,10 @@ struct session_state {
 	/* SSH1 CRC compensation attack detector */
 	struct deattack_ctx deattack;
 
+	/* Hook for fuzzing inbound packets */
+	ssh_packet_hook_fn *hook_in;
+	void *hook_in_ctx;
+
 	TAILQ_HEAD(, packet) outgoing;
 };
 
@@ -263,6 +267,13 @@ ssh_alloc_session_state(void)
 	return NULL;
 }
 
+void
+ssh_packet_set_input_hook(struct ssh *ssh, ssh_packet_hook_fn *hook, void *ctx)
+{
+	ssh->state->hook_in = hook;
+	ssh->state->hook_in_ctx = ctx;
+}
+
 /* Returns nonzero if rekeying is in progress */
 int
 ssh_packet_is_rekeying(struct ssh *ssh)
@@ -1884,6 +1895,10 @@ ssh_packet_read_poll2(struct ssh *ssh, u_char *typep, u_int32_t *seqnr_p)
 			return r;
 		return SSH_ERR_PROTOCOL_ERROR;
 	}
+	if (state->hook_in != NULL &&
+	    (r = state->hook_in(ssh, state->incoming_packet, typep,
+	    state->hook_in_ctx)) != 0)
+		return r;
 	if (*typep == SSH2_MSG_USERAUTH_SUCCESS && !state->server_side)
 		r = ssh_packet_enable_delayed_compress(ssh);
 	else
diff --git a/packet.h b/packet.h
index 0a64eb2..bfe7da6 100644
--- a/packet.h
+++ b/packet.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: packet.h,v 1.73 2016/09/30 09:19:13 markus Exp $ */
+/* $OpenBSD: packet.h,v 1.74 2016/10/11 21:47:45 djm Exp $ */
 
 /*
  * Author: Tatu Ylonen <ylo at cs.hut.fi>
@@ -78,6 +78,9 @@ struct ssh {
 	void *app_data;
 };
 
+typedef int (ssh_packet_hook_fn)(struct ssh *, struct sshbuf *,
+    u_char *, void *);
+
 struct ssh *ssh_alloc_session_state(void);
 struct ssh *ssh_packet_set_connection(struct ssh *, int, int);
 void     ssh_packet_set_timeout(struct ssh *, int, int);
@@ -88,6 +91,8 @@ int      ssh_packet_get_connection_in(struct ssh *);
 int      ssh_packet_get_connection_out(struct ssh *);
 void     ssh_packet_close(struct ssh *);
 void	 ssh_packet_set_encryption_key(struct ssh *, const u_char *, u_int, int);
+void	 ssh_packet_set_input_hook(struct ssh *, ssh_packet_hook_fn *, void *);
+
 int	 ssh_packet_is_rekeying(struct ssh *);
 void     ssh_packet_set_protocol_flags(struct ssh *, u_int);
 u_int	 ssh_packet_get_protocol_flags(struct ssh *);

-- 
To stop receiving notification emails like this one, please contact
djm at mindrot.org.


More information about the openssh-commits mailing list