diff --git a/auth2.c b/auth2.c index 1f9ec63..02e87a4 100644 --- a/auth2.c +++ b/auth2.c @@ -370,8 +370,11 @@ userauth_finish(struct ssh *ssh, int authenticated, const char *method, if (authenticated == 1) { /* turn off userauth */ ssh_dispatch_set(ssh, SSH2_MSG_USERAUTH_REQUEST, &dispatch_protocol_ignore); + debug3("starting USERAUTH_SUCCESS packet"); packet_start(SSH2_MSG_USERAUTH_SUCCESS); + debug3("sending USERAUTH_SUCCESS packet"); packet_send(); + debug3("writing USERAUTH_SUCCESS packet"); packet_write_wait(); /* now we can break out */ authctxt->success = 1; diff --git a/packet.c b/packet.c index f114ea5..74505a1 100644 --- a/packet.c +++ b/packet.c @@ -1030,6 +1030,8 @@ ssh_packet_send2_wrapped(struct ssh *ssh) struct sshcomp *comp = NULL; int r, block_size; + debug3("%s entering", __func__); + if (state->newkeys[MODE_OUT] != NULL) { enc = &state->newkeys[MODE_OUT]->enc; mac = &state->newkeys[MODE_OUT]->mac; @@ -1049,6 +1051,7 @@ ssh_packet_send2_wrapped(struct ssh *ssh) sshbuf_dump(state->outgoing_packet, stderr); #endif + debug3("checking compression"); if (comp && comp->enabled) { len = sshbuf_len(state->outgoing_packet); /* skip header, compress only payload */ @@ -1075,6 +1078,7 @@ ssh_packet_send2_wrapped(struct ssh *ssh) * calc size of padding, alloc space, get random data, * minimum padding is 4 bytes */ + debug3("calculating padding"); len -= aadlen; /* packet length is not encrypted for EtM modes */ padlen = block_size - (len % block_size); if (padlen < 4) @@ -1104,6 +1108,7 @@ ssh_packet_send2_wrapped(struct ssh *ssh) goto out; if (enc && !cipher_ctx_is_plaintext(state->send_context)) { /* random padding */ + debug3("adding random padding"); arc4random_buf(cp, padlen); } else { /* clear padding */ @@ -1124,6 +1129,7 @@ ssh_packet_send2_wrapped(struct ssh *ssh) /* compute MAC over seqnr and packet(length fields, payload, padding) */ if (mac && mac->enabled && !mac->etm) { + debug3("calculating MAC"); if ((r = mac_compute(mac, state->p_send.seqnr, sshbuf_ptr(state->outgoing_packet), len, macbuf, sizeof(macbuf))) != 0) @@ -1131,6 +1137,7 @@ ssh_packet_send2_wrapped(struct ssh *ssh) DBG(debug("done calc MAC out #%d", state->p_send.seqnr)); } /* encrypt packet and append to output buffer. */ + debug3("encrypting packet"); if ((r = sshbuf_reserve(state->output, sshbuf_len(state->outgoing_packet) + authlen, &cp)) != 0) goto out; @@ -1140,6 +1147,7 @@ ssh_packet_send2_wrapped(struct ssh *ssh) goto out; /* append unencrypted MAC */ if (mac && mac->enabled) { + debug3("appending unencrypted MAC"); if (mac->etm) { /* EtM: compute mac over aadlen + cipher text */ if ((r = mac_compute(mac, state->p_send.seqnr, @@ -1156,6 +1164,7 @@ ssh_packet_send2_wrapped(struct ssh *ssh) sshbuf_dump(state->output, stderr); #endif /* increment sequence number for outgoing packets */ + debug3("inc seqnr"); if (++state->p_send.seqnr == 0) logit("outgoing seqnr wraps around"); if (++state->p_send.packets == 0) @@ -1165,13 +1174,16 @@ ssh_packet_send2_wrapped(struct ssh *ssh) state->p_send.bytes += len; sshbuf_reset(state->outgoing_packet); - if (type == SSH2_MSG_NEWKEYS) + if (type == SSH2_MSG_NEWKEYS) { + debug3("newkeys"); r = ssh_set_newkeys(ssh, MODE_OUT); - else if (type == SSH2_MSG_USERAUTH_SUCCESS && state->server_side) + } else if (type == SSH2_MSG_USERAUTH_SUCCESS && state->server_side) { + debug3("enabling delayed compression"); r = ssh_packet_enable_delayed_compress(ssh); - else + } else r = 0; out: + debug3("%s returning %d", __func__, r); return r; } @@ -1925,6 +1937,8 @@ ssh_packet_write_wait(struct ssh *ssh) struct timeval start, timeout, *timeoutp = NULL; struct session_state *state = ssh->state; + debug3("%s entering", __func__); + setp = calloc(howmany(state->connection_out + 1, NFDBITS), sizeof(fd_mask)); if (setp == NULL)