Commit 3739d98e authored by Michal Horejsek's avatar Michal Horejsek

Handle KeyError in shs_CHANNEL_DATA

parent d4a85358
=== 1.8 (2018-07-16) ===
* Fix of KeyError in ssh_CHANNEL_DATA
=== 1.7 (2018-05-21) ===
* Fix of path to sshpass
......
......@@ -45,7 +45,7 @@ class SSHConnection(SSHConnectionTwisted):
Overridden SSHConnection for disabling logs a traceback about a failed direct-tcpip connections
"""
# pylint: disable=invalid-name,inconsistent-return-statements
# pylint: disable=invalid-name
def ssh_CHANNEL_OPEN(self, packet):
# pylint: disable=unbalanced-tuple-unpacking
channel_type, rest = common.getNS(packet)
......@@ -53,14 +53,28 @@ class SSHConnection(SSHConnectionTwisted):
if channel_type != b'direct-tcpip':
return SSHConnectionTwisted.ssh_CHANNEL_OPEN(self, packet)
senderChannel, _ = struct.unpack('>3L', rest[:12])
log.err('channel open failed, direct-tcpip is not allowed')
reason = OPEN_CONNECT_FAILED
self.transport.sendPacket(
MSG_CHANNEL_OPEN_FAILURE,
struct.pack('>2L', senderChannel, reason) +
common.NS(networkString('unknown failure')) + common.NS(b'')
)
try:
senderChannel, _ = struct.unpack('>3L', rest[:12])
except ValueError:
# Some bad packet, ignore it completely without responding.
pass
else:
self.transport.sendPacket(
MSG_CHANNEL_OPEN_FAILURE,
struct.pack('>2L', senderChannel, OPEN_CONNECT_FAILED) +
common.NS(networkString('unknown failure')) + common.NS(b'')
)
# pylint: disable=invalid-name
def ssh_CHANNEL_DATA(self, packet):
try:
return SSHConnectionTwisted.ssh_CHANNEL_DATA(self, packet)
except KeyError:
# Some packets send data to the channel even it's not successfully opened.
# Very probably direct-tcpip types which has bad packet resulting in not
# responding in `ssh_CHANNEL_OPEN`. Ignore it as it's unimportant.
pass
# pylint: disable=abstract-method
......
......@@ -21,7 +21,7 @@ if sys.version_info < (3, 0):
setup(
name='haas-proxy',
version='1.7',
version='1.8',
packages=[
'haas_proxy',
'haas_proxy.twisted.plugins',
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment