annotate cli-session.c @ 1523:1d163552145f coverity

merge coverity
author Matt Johnston <matt@ucc.asn.au>
date Mon, 19 Feb 2018 23:14:49 +0800
parents 0c16b4ccbd54
children f20038b513a5
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
rev   line source
74
e3adf4cf5465 License boilerplate etc, add Mihnea as an author to some of the files
Matt Johnston <matt@ucc.asn.au>
parents: 68
diff changeset
1 /*
e3adf4cf5465 License boilerplate etc, add Mihnea as an author to some of the files
Matt Johnston <matt@ucc.asn.au>
parents: 68
diff changeset
2 * Dropbear SSH
e3adf4cf5465 License boilerplate etc, add Mihnea as an author to some of the files
Matt Johnston <matt@ucc.asn.au>
parents: 68
diff changeset
3 *
e3adf4cf5465 License boilerplate etc, add Mihnea as an author to some of the files
Matt Johnston <matt@ucc.asn.au>
parents: 68
diff changeset
4 * Copyright (c) 2002,2003 Matt Johnston
e3adf4cf5465 License boilerplate etc, add Mihnea as an author to some of the files
Matt Johnston <matt@ucc.asn.au>
parents: 68
diff changeset
5 * Copyright (c) 2004 by Mihnea Stoenescu
e3adf4cf5465 License boilerplate etc, add Mihnea as an author to some of the files
Matt Johnston <matt@ucc.asn.au>
parents: 68
diff changeset
6 * All rights reserved.
e3adf4cf5465 License boilerplate etc, add Mihnea as an author to some of the files
Matt Johnston <matt@ucc.asn.au>
parents: 68
diff changeset
7 *
e3adf4cf5465 License boilerplate etc, add Mihnea as an author to some of the files
Matt Johnston <matt@ucc.asn.au>
parents: 68
diff changeset
8 * Permission is hereby granted, free of charge, to any person obtaining a copy
e3adf4cf5465 License boilerplate etc, add Mihnea as an author to some of the files
Matt Johnston <matt@ucc.asn.au>
parents: 68
diff changeset
9 * of this software and associated documentation files (the "Software"), to deal
e3adf4cf5465 License boilerplate etc, add Mihnea as an author to some of the files
Matt Johnston <matt@ucc.asn.au>
parents: 68
diff changeset
10 * in the Software without restriction, including without limitation the rights
e3adf4cf5465 License boilerplate etc, add Mihnea as an author to some of the files
Matt Johnston <matt@ucc.asn.au>
parents: 68
diff changeset
11 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
e3adf4cf5465 License boilerplate etc, add Mihnea as an author to some of the files
Matt Johnston <matt@ucc.asn.au>
parents: 68
diff changeset
12 * copies of the Software, and to permit persons to whom the Software is
e3adf4cf5465 License boilerplate etc, add Mihnea as an author to some of the files
Matt Johnston <matt@ucc.asn.au>
parents: 68
diff changeset
13 * furnished to do so, subject to the following conditions:
e3adf4cf5465 License boilerplate etc, add Mihnea as an author to some of the files
Matt Johnston <matt@ucc.asn.au>
parents: 68
diff changeset
14 *
e3adf4cf5465 License boilerplate etc, add Mihnea as an author to some of the files
Matt Johnston <matt@ucc.asn.au>
parents: 68
diff changeset
15 * The above copyright notice and this permission notice shall be included in
e3adf4cf5465 License boilerplate etc, add Mihnea as an author to some of the files
Matt Johnston <matt@ucc.asn.au>
parents: 68
diff changeset
16 * all copies or substantial portions of the Software.
e3adf4cf5465 License boilerplate etc, add Mihnea as an author to some of the files
Matt Johnston <matt@ucc.asn.au>
parents: 68
diff changeset
17 *
e3adf4cf5465 License boilerplate etc, add Mihnea as an author to some of the files
Matt Johnston <matt@ucc.asn.au>
parents: 68
diff changeset
18 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
e3adf4cf5465 License boilerplate etc, add Mihnea as an author to some of the files
Matt Johnston <matt@ucc.asn.au>
parents: 68
diff changeset
19 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
e3adf4cf5465 License boilerplate etc, add Mihnea as an author to some of the files
Matt Johnston <matt@ucc.asn.au>
parents: 68
diff changeset
20 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
e3adf4cf5465 License boilerplate etc, add Mihnea as an author to some of the files
Matt Johnston <matt@ucc.asn.au>
parents: 68
diff changeset
21 * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
e3adf4cf5465 License boilerplate etc, add Mihnea as an author to some of the files
Matt Johnston <matt@ucc.asn.au>
parents: 68
diff changeset
22 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
e3adf4cf5465 License boilerplate etc, add Mihnea as an author to some of the files
Matt Johnston <matt@ucc.asn.au>
parents: 68
diff changeset
23 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
e3adf4cf5465 License boilerplate etc, add Mihnea as an author to some of the files
Matt Johnston <matt@ucc.asn.au>
parents: 68
diff changeset
24 * SOFTWARE. */
e3adf4cf5465 License boilerplate etc, add Mihnea as an author to some of the files
Matt Johnston <matt@ucc.asn.au>
parents: 68
diff changeset
25
26
0969767bca0d snapshot of stuff
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
26 #include "includes.h"
0969767bca0d snapshot of stuff
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
27 #include "session.h"
0969767bca0d snapshot of stuff
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
28 #include "dbutil.h"
0969767bca0d snapshot of stuff
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
29 #include "kex.h"
0969767bca0d snapshot of stuff
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
30 #include "ssh.h"
0969767bca0d snapshot of stuff
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
31 #include "packet.h"
64
efb5e0b335cf TCP forwarding works.
Matt Johnston <matt@ucc.asn.au>
parents: 62
diff changeset
32 #include "tcpfwd.h"
26
0969767bca0d snapshot of stuff
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
33 #include "channel.h"
858
220f55d540ae rename random.h to dbrandom.h since some OSes have a system random.h
Matt Johnston <matt@ucc.asn.au>
parents: 857
diff changeset
34 #include "dbrandom.h"
33
f789045062e6 Progressing client support
Matt Johnston <matt@ucc.asn.au>
parents: 26
diff changeset
35 #include "service.h"
40
b4874d772210 - Added terminal mode handling etc for the client, and window change
Matt Johnston <matt@ucc.asn.au>
parents: 39
diff changeset
36 #include "runopts.h"
b4874d772210 - Added terminal mode handling etc for the client, and window change
Matt Johnston <matt@ucc.asn.au>
parents: 39
diff changeset
37 #include "chansession.h"
547
cf376c696dfc Make it compile, update for changes in channel structure.
Matt Johnston <matt@ucc.asn.au>
parents: 546
diff changeset
38 #include "agentfwd.h"
766
d1575fdc29a6 start on ecdsa keys
Matt Johnston <matt@ucc.asn.au>
parents: 686
diff changeset
39 #include "crypto_desc.h"
1032
0da8ba489c23 Move generic network routines to netio.c
Matt Johnston <matt@ucc.asn.au>
parents: 1031
diff changeset
40 #include "netio.h"
26
0969767bca0d snapshot of stuff
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
41
1276
9169e4e7cbee fix empty C prototypes
Francois Perrad <francois.perrad@gadz.org>
parents: 1212
diff changeset
42 static void cli_remoteclosed(void) ATTRIB_NORETURN;
9169e4e7cbee fix empty C prototypes
Francois Perrad <francois.perrad@gadz.org>
parents: 1212
diff changeset
43 static void cli_sessionloop(void);
1208
fb58cf341951 Client: kill proxy command when exiting application.
Konstantin Tokarev <ktokarev@smartlabs.tv>
parents: 1124
diff changeset
44 static void cli_session_init(pid_t proxy_cmd_pid);
1276
9169e4e7cbee fix empty C prototypes
Francois Perrad <francois.perrad@gadz.org>
parents: 1212
diff changeset
45 static void cli_finished(void) ATTRIB_NORETURN;
727
00bc3df3a9c3 Don't bother waiting for a ssh-connection service reply - the server
Matt Johnston <matt@ucc.asn.au>
parents: 726
diff changeset
46 static void recv_msg_service_accept(void);
733
70811267715c Run the cleanup handler also when we close due to TCP connection being closed
Matt Johnston <matt@ucc.asn.au>
parents: 731
diff changeset
47 static void cli_session_cleanup(void);
937
4ad38e223ccd Send a failure response if a client receives a global request
Matt Johnston <matt@ucc.asn.au>
parents: 883
diff changeset
48 static void recv_msg_global_request_cli(void);
26
0969767bca0d snapshot of stuff
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
49
0969767bca0d snapshot of stuff
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
50 struct clientsession cli_ses; /* GLOBAL */
0969767bca0d snapshot of stuff
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
51
45
9ee8996a375f Pubkey auth is mostly there for the client. Something strange with
Matt Johnston <matt@ucc.asn.au>
parents: 43
diff changeset
52 /* Sorted in decreasing frequency will be more efficient - data and window
9ee8996a375f Pubkey auth is mostly there for the client. Something strange with
Matt Johnston <matt@ucc.asn.au>
parents: 43
diff changeset
53 * should be first */
26
0969767bca0d snapshot of stuff
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
54 static const packettype cli_packettypes[] = {
74
e3adf4cf5465 License boilerplate etc, add Mihnea as an author to some of the files
Matt Johnston <matt@ucc.asn.au>
parents: 68
diff changeset
55 /* TYPE, FUNCTION */
26
0969767bca0d snapshot of stuff
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
56 {SSH_MSG_CHANNEL_DATA, recv_msg_channel_data},
107
Matt Johnston <matt@ucc.asn.au>
parents: 100
diff changeset
57 {SSH_MSG_CHANNEL_EXTENDED_DATA, recv_msg_channel_extended_data},
26
0969767bca0d snapshot of stuff
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
58 {SSH_MSG_CHANNEL_WINDOW_ADJUST, recv_msg_channel_window_adjust},
45
9ee8996a375f Pubkey auth is mostly there for the client. Something strange with
Matt Johnston <matt@ucc.asn.au>
parents: 43
diff changeset
59 {SSH_MSG_USERAUTH_FAILURE, recv_msg_userauth_failure}, /* client */
9ee8996a375f Pubkey auth is mostly there for the client. Something strange with
Matt Johnston <matt@ucc.asn.au>
parents: 43
diff changeset
60 {SSH_MSG_USERAUTH_SUCCESS, recv_msg_userauth_success}, /* client */
9ee8996a375f Pubkey auth is mostly there for the client. Something strange with
Matt Johnston <matt@ucc.asn.au>
parents: 43
diff changeset
61 {SSH_MSG_KEXINIT, recv_msg_kexinit},
9ee8996a375f Pubkey auth is mostly there for the client. Something strange with
Matt Johnston <matt@ucc.asn.au>
parents: 43
diff changeset
62 {SSH_MSG_KEXDH_REPLY, recv_msg_kexdh_reply}, /* client */
9ee8996a375f Pubkey auth is mostly there for the client. Something strange with
Matt Johnston <matt@ucc.asn.au>
parents: 43
diff changeset
63 {SSH_MSG_NEWKEYS, recv_msg_newkeys},
9ee8996a375f Pubkey auth is mostly there for the client. Something strange with
Matt Johnston <matt@ucc.asn.au>
parents: 43
diff changeset
64 {SSH_MSG_SERVICE_ACCEPT, recv_msg_service_accept}, /* client */
26
0969767bca0d snapshot of stuff
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
65 {SSH_MSG_CHANNEL_REQUEST, recv_msg_channel_request},
0969767bca0d snapshot of stuff
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
66 {SSH_MSG_CHANNEL_OPEN, recv_msg_channel_open},
0969767bca0d snapshot of stuff
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
67 {SSH_MSG_CHANNEL_EOF, recv_msg_channel_eof},
0969767bca0d snapshot of stuff
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
68 {SSH_MSG_CHANNEL_CLOSE, recv_msg_channel_close},
0969767bca0d snapshot of stuff
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
69 {SSH_MSG_CHANNEL_OPEN_CONFIRMATION, recv_msg_channel_open_confirmation},
0969767bca0d snapshot of stuff
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
70 {SSH_MSG_CHANNEL_OPEN_FAILURE, recv_msg_channel_open_failure},
45
9ee8996a375f Pubkey auth is mostly there for the client. Something strange with
Matt Johnston <matt@ucc.asn.au>
parents: 43
diff changeset
71 {SSH_MSG_USERAUTH_BANNER, recv_msg_userauth_banner}, /* client */
249
efbaf6b03837 added keyboard-interactive client support
Matt Johnston <matt@ucc.asn.au>
parents: 215
diff changeset
72 {SSH_MSG_USERAUTH_SPECIFIC_60, recv_msg_userauth_specific_60}, /* client */
937
4ad38e223ccd Send a failure response if a client receives a global request
Matt Johnston <matt@ucc.asn.au>
parents: 883
diff changeset
73 {SSH_MSG_GLOBAL_REQUEST, recv_msg_global_request_cli},
970
0bb16232e7c4 Make keepalive handling more robust, this should now match what OpenSSH does
Matt Johnston <matt@ucc.asn.au>
parents: 968
diff changeset
74 {SSH_MSG_CHANNEL_SUCCESS, ignore_recv_response},
0bb16232e7c4 Make keepalive handling more robust, this should now match what OpenSSH does
Matt Johnston <matt@ucc.asn.au>
parents: 968
diff changeset
75 {SSH_MSG_CHANNEL_FAILURE, ignore_recv_response},
1295
750ec4ec4cbe Convert #ifdef to #if, other build changes
Matt Johnston <matt@ucc.asn.au>
parents: 1278
diff changeset
76 #if DROPBEAR_CLI_REMOTETCPFWD
505
805e557fdff7 Report errors if a remote request fails
Matt Johnston <matt@ucc.asn.au>
parents: 486
diff changeset
77 {SSH_MSG_REQUEST_SUCCESS, cli_recv_msg_request_success}, /* client */
805e557fdff7 Report errors if a remote request fails
Matt Johnston <matt@ucc.asn.au>
parents: 486
diff changeset
78 {SSH_MSG_REQUEST_FAILURE, cli_recv_msg_request_failure}, /* client */
968
f7f6c15b0ec3 Don't send SSH_MSG_UNIMPLEMENTED for keepalive responses
Matt Johnston <matt@ucc.asn.au>
parents: 937
diff changeset
79 #else
970
0bb16232e7c4 Make keepalive handling more robust, this should now match what OpenSSH does
Matt Johnston <matt@ucc.asn.au>
parents: 968
diff changeset
80 /* For keepalive */
0bb16232e7c4 Make keepalive handling more robust, this should now match what OpenSSH does
Matt Johnston <matt@ucc.asn.au>
parents: 968
diff changeset
81 {SSH_MSG_REQUEST_SUCCESS, ignore_recv_response},
0bb16232e7c4 Make keepalive handling more robust, this should now match what OpenSSH does
Matt Johnston <matt@ucc.asn.au>
parents: 968
diff changeset
82 {SSH_MSG_REQUEST_FAILURE, ignore_recv_response},
505
805e557fdff7 Report errors if a remote request fails
Matt Johnston <matt@ucc.asn.au>
parents: 486
diff changeset
83 #endif
1404
e8f67918fdc9 when pointer, use NULL instead of 0
Francois Perrad <francois.perrad@gadz.org>
parents: 1387
diff changeset
84 {0, NULL} /* End */
26
0969767bca0d snapshot of stuff
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
85 };
0969767bca0d snapshot of stuff
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
86
0969767bca0d snapshot of stuff
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
87 static const struct ChanType *cli_chantypes[] = {
1295
750ec4ec4cbe Convert #ifdef to #if, other build changes
Matt Johnston <matt@ucc.asn.au>
parents: 1278
diff changeset
88 #if DROPBEAR_CLI_REMOTETCPFWD
64
efb5e0b335cf TCP forwarding works.
Matt Johnston <matt@ucc.asn.au>
parents: 62
diff changeset
89 &cli_chan_tcpremote,
efb5e0b335cf TCP forwarding works.
Matt Johnston <matt@ucc.asn.au>
parents: 62
diff changeset
90 #endif
1295
750ec4ec4cbe Convert #ifdef to #if, other build changes
Matt Johnston <matt@ucc.asn.au>
parents: 1278
diff changeset
91 #if DROPBEAR_CLI_AGENTFWD
225
ca7e76d981d9 - progress towards client agent forwarding
Matt Johnston <matt@ucc.asn.au>
parents: 215
diff changeset
92 &cli_chan_agent,
ca7e76d981d9 - progress towards client agent forwarding
Matt Johnston <matt@ucc.asn.au>
parents: 215
diff changeset
93 #endif
26
0969767bca0d snapshot of stuff
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
94 NULL /* Null termination */
0969767bca0d snapshot of stuff
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
95 };
33
f789045062e6 Progressing client support
Matt Johnston <matt@ucc.asn.au>
parents: 26
diff changeset
96
1025
02baa0b334e8 async connections working
Matt Johnston <matt@ucc.asn.au>
parents: 970
diff changeset
97 void cli_connected(int result, int sock, void* userdata, const char *errstring)
02baa0b334e8 async connections working
Matt Johnston <matt@ucc.asn.au>
parents: 970
diff changeset
98 {
1032
0da8ba489c23 Move generic network routines to netio.c
Matt Johnston <matt@ucc.asn.au>
parents: 1031
diff changeset
99 struct sshsession *myses = userdata;
0da8ba489c23 Move generic network routines to netio.c
Matt Johnston <matt@ucc.asn.au>
parents: 1031
diff changeset
100 if (result == DROPBEAR_FAILURE) {
1025
02baa0b334e8 async connections working
Matt Johnston <matt@ucc.asn.au>
parents: 970
diff changeset
101 dropbear_exit("Connect failed: %s", errstring);
02baa0b334e8 async connections working
Matt Johnston <matt@ucc.asn.au>
parents: 970
diff changeset
102 }
1032
0da8ba489c23 Move generic network routines to netio.c
Matt Johnston <matt@ucc.asn.au>
parents: 1031
diff changeset
103 myses->sock_in = myses->sock_out = sock;
1031
64c0aa01e2b6 Update priority once the socket is open
Matt Johnston <matt@ucc.asn.au>
parents: 1027
diff changeset
104 update_channel_prio();
1025
02baa0b334e8 async connections working
Matt Johnston <matt@ucc.asn.au>
parents: 970
diff changeset
105 }
02baa0b334e8 async connections working
Matt Johnston <matt@ucc.asn.au>
parents: 970
diff changeset
106
1208
fb58cf341951 Client: kill proxy command when exiting application.
Konstantin Tokarev <ktokarev@smartlabs.tv>
parents: 1124
diff changeset
107 void cli_session(int sock_in, int sock_out, struct dropbear_progress_connection *progress, pid_t proxy_cmd_pid) {
26
0969767bca0d snapshot of stuff
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
108
568
005530560594 Rearrange getaddrstring() etc
Matt Johnston <matt@ucc.asn.au>
parents: 560
diff changeset
109 common_session_init(sock_in, sock_out);
26
0969767bca0d snapshot of stuff
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
110
1027
daf21fd50abf In theory TFO should work. Needs platform cleanup and testing
Matt Johnston <matt@ucc.asn.au>
parents: 1025
diff changeset
111 if (progress) {
daf21fd50abf In theory TFO should work. Needs platform cleanup and testing
Matt Johnston <matt@ucc.asn.au>
parents: 1025
diff changeset
112 connect_set_writequeue(progress, &ses.writequeue);
daf21fd50abf In theory TFO should work. Needs platform cleanup and testing
Matt Johnston <matt@ucc.asn.au>
parents: 1025
diff changeset
113 }
daf21fd50abf In theory TFO should work. Needs platform cleanup and testing
Matt Johnston <matt@ucc.asn.au>
parents: 1025
diff changeset
114
26
0969767bca0d snapshot of stuff
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
115 chaninitialise(cli_chantypes);
0969767bca0d snapshot of stuff
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
116
33
f789045062e6 Progressing client support
Matt Johnston <matt@ucc.asn.au>
parents: 26
diff changeset
117 /* Set up cli_ses vars */
1208
fb58cf341951 Client: kill proxy command when exiting application.
Konstantin Tokarev <ktokarev@smartlabs.tv>
parents: 1124
diff changeset
118 cli_session_init(proxy_cmd_pid);
1027
daf21fd50abf In theory TFO should work. Needs platform cleanup and testing
Matt Johnston <matt@ucc.asn.au>
parents: 1025
diff changeset
119
26
0969767bca0d snapshot of stuff
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
120 /* Ready to go */
1495
0c16b4ccbd54 make signal flags volatile, simplify handling
Matt Johnston <matt@ucc.asn.au>
parents: 1479
diff changeset
121 ses.init_done = 1;
26
0969767bca0d snapshot of stuff
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
122
0969767bca0d snapshot of stuff
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
123 /* Exchange identification */
726
78eda530c000 send out our kexinit packet before blocking to read the SSH version string
Matt Johnston <matt@ucc.asn.au>
parents: 686
diff changeset
124 send_session_identification();
26
0969767bca0d snapshot of stuff
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
125
1083
8e0280986710 Make sure kexfirstinitialise is called early enough
Matt Johnston <matt@ucc.asn.au>
parents: 1049
diff changeset
126 kexfirstinitialise(); /* initialise the kex state */
8e0280986710 Make sure kexfirstinitialise is called early enough
Matt Johnston <matt@ucc.asn.au>
parents: 1049
diff changeset
127
26
0969767bca0d snapshot of stuff
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
128 send_msg_kexinit();
0969767bca0d snapshot of stuff
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
129
0969767bca0d snapshot of stuff
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
130 session_loop(cli_sessionloop);
0969767bca0d snapshot of stuff
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
131
0969767bca0d snapshot of stuff
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
132 /* Not reached */
0969767bca0d snapshot of stuff
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
133
33
f789045062e6 Progressing client support
Matt Johnston <matt@ucc.asn.au>
parents: 26
diff changeset
134 }
26
0969767bca0d snapshot of stuff
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
135
1295
750ec4ec4cbe Convert #ifdef to #if, other build changes
Matt Johnston <matt@ucc.asn.au>
parents: 1278
diff changeset
136 #if DROPBEAR_KEX_FIRST_FOLLOWS
739
d44325108d0e first_kex_packet_follows working, needs tidying
Matt Johnston <matt@ucc.asn.au>
parents: 686
diff changeset
137 static void cli_send_kex_first_guess() {
d44325108d0e first_kex_packet_follows working, needs tidying
Matt Johnston <matt@ucc.asn.au>
parents: 686
diff changeset
138 send_msg_kexdh_init();
d44325108d0e first_kex_packet_follows working, needs tidying
Matt Johnston <matt@ucc.asn.au>
parents: 686
diff changeset
139 }
746
465fefc4f6e0 Put some #ifdef options around first-follows options in case they
Matt Johnston <matt@ucc.asn.au>
parents: 745
diff changeset
140 #endif
739
d44325108d0e first_kex_packet_follows working, needs tidying
Matt Johnston <matt@ucc.asn.au>
parents: 686
diff changeset
141
1208
fb58cf341951 Client: kill proxy command when exiting application.
Konstantin Tokarev <ktokarev@smartlabs.tv>
parents: 1124
diff changeset
142 static void cli_session_init(pid_t proxy_cmd_pid) {
33
f789045062e6 Progressing client support
Matt Johnston <matt@ucc.asn.au>
parents: 26
diff changeset
143
f789045062e6 Progressing client support
Matt Johnston <matt@ucc.asn.au>
parents: 26
diff changeset
144 cli_ses.state = STATE_NOTHING;
f789045062e6 Progressing client support
Matt Johnston <matt@ucc.asn.au>
parents: 26
diff changeset
145 cli_ses.kex_state = KEX_NOTHING;
f789045062e6 Progressing client support
Matt Johnston <matt@ucc.asn.au>
parents: 26
diff changeset
146
39
0883c0906870 tty raw mode support works mostly
Matt Johnston <matt@ucc.asn.au>
parents: 37
diff changeset
147 cli_ses.tty_raw_mode = 0;
41
18eccbfb9641 added window-size change handling
Matt Johnston <matt@ucc.asn.au>
parents: 40
diff changeset
148 cli_ses.winchange = 0;
39
0883c0906870 tty raw mode support works mostly
Matt Johnston <matt@ucc.asn.au>
parents: 37
diff changeset
149
175
2c5741e4b855 * Reset the non-blocking status of stdout and stderr as well on exit
Matt Johnston <matt@ucc.asn.au>
parents: 165
diff changeset
150 /* We store std{in,out,err}'s flags, so we can set them back on exit
2c5741e4b855 * Reset the non-blocking status of stdout and stderr as well on exit
Matt Johnston <matt@ucc.asn.au>
parents: 165
diff changeset
151 * (otherwise busybox's ash isn't happy */
99
0247fbd9379d Move the revert-to-non-blocking-stdin code to cli-session so it
Matt Johnston <matt@ucc.asn.au>
parents: 74
diff changeset
152 cli_ses.stdincopy = dup(STDIN_FILENO);
0247fbd9379d Move the revert-to-non-blocking-stdin code to cli-session so it
Matt Johnston <matt@ucc.asn.au>
parents: 74
diff changeset
153 cli_ses.stdinflags = fcntl(STDIN_FILENO, F_GETFL, 0);
175
2c5741e4b855 * Reset the non-blocking status of stdout and stderr as well on exit
Matt Johnston <matt@ucc.asn.au>
parents: 165
diff changeset
154 cli_ses.stdoutcopy = dup(STDOUT_FILENO);
2c5741e4b855 * Reset the non-blocking status of stdout and stderr as well on exit
Matt Johnston <matt@ucc.asn.au>
parents: 165
diff changeset
155 cli_ses.stdoutflags = fcntl(STDOUT_FILENO, F_GETFL, 0);
2c5741e4b855 * Reset the non-blocking status of stdout and stderr as well on exit
Matt Johnston <matt@ucc.asn.au>
parents: 165
diff changeset
156 cli_ses.stderrcopy = dup(STDERR_FILENO);
2c5741e4b855 * Reset the non-blocking status of stdout and stderr as well on exit
Matt Johnston <matt@ucc.asn.au>
parents: 165
diff changeset
157 cli_ses.stderrflags = fcntl(STDERR_FILENO, F_GETFL, 0);
99
0247fbd9379d Move the revert-to-non-blocking-stdin code to cli-session so it
Matt Johnston <matt@ucc.asn.au>
parents: 74
diff changeset
158
108
10f4d3319780 - added circular buffering for channels
Matt Johnston <matt@ucc.asn.au>
parents: 107
diff changeset
159 cli_ses.retval = EXIT_SUCCESS; /* Assume it's clean if we don't get a
10f4d3319780 - added circular buffering for channels
Matt Johnston <matt@ucc.asn.au>
parents: 107
diff changeset
160 specific exit status */
1208
fb58cf341951 Client: kill proxy command when exiting application.
Konstantin Tokarev <ktokarev@smartlabs.tv>
parents: 1124
diff changeset
161 cli_ses.proxy_cmd_pid = proxy_cmd_pid;
fb58cf341951 Client: kill proxy command when exiting application.
Konstantin Tokarev <ktokarev@smartlabs.tv>
parents: 1124
diff changeset
162 TRACE(("proxy command PID='%d'", proxy_cmd_pid));
108
10f4d3319780 - added circular buffering for channels
Matt Johnston <matt@ucc.asn.au>
parents: 107
diff changeset
163
47
4b53a43f0082 - client pubkey auth works
Matt Johnston <matt@ucc.asn.au>
parents: 45
diff changeset
164 /* Auth */
215
aad4b3f58556 rename PubkeyList to SignKeyList for clarity
Matt Johnston <matt@ucc.asn.au>
parents: 175
diff changeset
165 cli_ses.lastprivkey = NULL;
136
fb7147e2fb04 - Fixed a couple of compile warnings
Matt Johnston <matt@ucc.asn.au>
parents: 108
diff changeset
166 cli_ses.lastauthtype = 0;
47
4b53a43f0082 - client pubkey auth works
Matt Johnston <matt@ucc.asn.au>
parents: 45
diff changeset
167
33
f789045062e6 Progressing client support
Matt Johnston <matt@ucc.asn.au>
parents: 26
diff changeset
168 /* For printing "remote host closed" for the user */
f789045062e6 Progressing client support
Matt Johnston <matt@ucc.asn.au>
parents: 26
diff changeset
169 ses.remoteclosed = cli_remoteclosed;
f789045062e6 Progressing client support
Matt Johnston <matt@ucc.asn.au>
parents: 26
diff changeset
170
733
70811267715c Run the cleanup handler also when we close due to TCP connection being closed
Matt Johnston <matt@ucc.asn.au>
parents: 731
diff changeset
171 ses.extra_session_cleanup = cli_session_cleanup;
33
f789045062e6 Progressing client support
Matt Johnston <matt@ucc.asn.au>
parents: 26
diff changeset
172
f789045062e6 Progressing client support
Matt Johnston <matt@ucc.asn.au>
parents: 26
diff changeset
173 /* packet handlers */
f789045062e6 Progressing client support
Matt Johnston <matt@ucc.asn.au>
parents: 26
diff changeset
174 ses.packettypes = cli_packettypes;
35
0ad5fb979f42 set the isserver flag (oops)
Matt Johnston <matt@ucc.asn.au>
parents: 34
diff changeset
175
0ad5fb979f42 set the isserver flag (oops)
Matt Johnston <matt@ucc.asn.au>
parents: 34
diff changeset
176 ses.isserver = 0;
739
d44325108d0e first_kex_packet_follows working, needs tidying
Matt Johnston <matt@ucc.asn.au>
parents: 686
diff changeset
177
1295
750ec4ec4cbe Convert #ifdef to #if, other build changes
Matt Johnston <matt@ucc.asn.au>
parents: 1278
diff changeset
178 #if DROPBEAR_KEX_FIRST_FOLLOWS
739
d44325108d0e first_kex_packet_follows working, needs tidying
Matt Johnston <matt@ucc.asn.au>
parents: 686
diff changeset
179 ses.send_kex_first_guess = cli_send_kex_first_guess;
746
465fefc4f6e0 Put some #ifdef options around first-follows options in case they
Matt Johnston <matt@ucc.asn.au>
parents: 745
diff changeset
180 #endif
739
d44325108d0e first_kex_packet_follows working, needs tidying
Matt Johnston <matt@ucc.asn.au>
parents: 686
diff changeset
181
26
0969767bca0d snapshot of stuff
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
182 }
0969767bca0d snapshot of stuff
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
183
727
00bc3df3a9c3 Don't bother waiting for a ssh-connection service reply - the server
Matt Johnston <matt@ucc.asn.au>
parents: 726
diff changeset
184 static void send_msg_service_request(char* servicename) {
00bc3df3a9c3 Don't bother waiting for a ssh-connection service reply - the server
Matt Johnston <matt@ucc.asn.au>
parents: 726
diff changeset
185
00bc3df3a9c3 Don't bother waiting for a ssh-connection service reply - the server
Matt Johnston <matt@ucc.asn.au>
parents: 726
diff changeset
186 TRACE(("enter send_msg_service_request: servicename='%s'", servicename))
00bc3df3a9c3 Don't bother waiting for a ssh-connection service reply - the server
Matt Johnston <matt@ucc.asn.au>
parents: 726
diff changeset
187
00bc3df3a9c3 Don't bother waiting for a ssh-connection service reply - the server
Matt Johnston <matt@ucc.asn.au>
parents: 726
diff changeset
188 CHECKCLEARTOWRITE();
00bc3df3a9c3 Don't bother waiting for a ssh-connection service reply - the server
Matt Johnston <matt@ucc.asn.au>
parents: 726
diff changeset
189
00bc3df3a9c3 Don't bother waiting for a ssh-connection service reply - the server
Matt Johnston <matt@ucc.asn.au>
parents: 726
diff changeset
190 buf_putbyte(ses.writepayload, SSH_MSG_SERVICE_REQUEST);
00bc3df3a9c3 Don't bother waiting for a ssh-connection service reply - the server
Matt Johnston <matt@ucc.asn.au>
parents: 726
diff changeset
191 buf_putstring(ses.writepayload, servicename, strlen(servicename));
00bc3df3a9c3 Don't bother waiting for a ssh-connection service reply - the server
Matt Johnston <matt@ucc.asn.au>
parents: 726
diff changeset
192
00bc3df3a9c3 Don't bother waiting for a ssh-connection service reply - the server
Matt Johnston <matt@ucc.asn.au>
parents: 726
diff changeset
193 encrypt_packet();
00bc3df3a9c3 Don't bother waiting for a ssh-connection service reply - the server
Matt Johnston <matt@ucc.asn.au>
parents: 726
diff changeset
194 TRACE(("leave send_msg_service_request"))
00bc3df3a9c3 Don't bother waiting for a ssh-connection service reply - the server
Matt Johnston <matt@ucc.asn.au>
parents: 726
diff changeset
195 }
00bc3df3a9c3 Don't bother waiting for a ssh-connection service reply - the server
Matt Johnston <matt@ucc.asn.au>
parents: 726
diff changeset
196
00bc3df3a9c3 Don't bother waiting for a ssh-connection service reply - the server
Matt Johnston <matt@ucc.asn.au>
parents: 726
diff changeset
197 static void recv_msg_service_accept(void) {
857
c19acba28590 use oldstyle comments
Matt Johnston <matt@ucc.asn.au>
parents: 801
diff changeset
198 /* do nothing, if it failed then the server MUST have disconnected */
727
00bc3df3a9c3 Don't bother waiting for a ssh-connection service reply - the server
Matt Johnston <matt@ucc.asn.au>
parents: 726
diff changeset
199 }
00bc3df3a9c3 Don't bother waiting for a ssh-connection service reply - the server
Matt Johnston <matt@ucc.asn.au>
parents: 726
diff changeset
200
33
f789045062e6 Progressing client support
Matt Johnston <matt@ucc.asn.au>
parents: 26
diff changeset
201 /* This function drives the progress of the session - it initiates KEX,
f789045062e6 Progressing client support
Matt Johnston <matt@ucc.asn.au>
parents: 26
diff changeset
202 * service, userauth and channel requests */
26
0969767bca0d snapshot of stuff
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
203 static void cli_sessionloop() {
0969767bca0d snapshot of stuff
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
204
731
9a5438271556 Move the more verbose TRACE() statements into TRACE2()
Matt Johnston <matt@ucc.asn.au>
parents: 727
diff changeset
205 TRACE2(("enter cli_sessionloop"))
33
f789045062e6 Progressing client support
Matt Johnston <matt@ucc.asn.au>
parents: 26
diff changeset
206
745
15999b098cc9 Don't usually need to recalculate dh_e for the repeated kexdh_init packet
Matt Johnston <matt@ucc.asn.au>
parents: 743
diff changeset
207 if (ses.lastpacket == 0) {
15999b098cc9 Don't usually need to recalculate dh_e for the repeated kexdh_init packet
Matt Johnston <matt@ucc.asn.au>
parents: 743
diff changeset
208 TRACE2(("exit cli_sessionloop: no real packets yet"))
15999b098cc9 Don't usually need to recalculate dh_e for the repeated kexdh_init packet
Matt Johnston <matt@ucc.asn.au>
parents: 743
diff changeset
209 return;
15999b098cc9 Don't usually need to recalculate dh_e for the repeated kexdh_init packet
Matt Johnston <matt@ucc.asn.au>
parents: 743
diff changeset
210 }
15999b098cc9 Don't usually need to recalculate dh_e for the repeated kexdh_init packet
Matt Johnston <matt@ucc.asn.au>
parents: 743
diff changeset
211
34
e2a1eaa19f22 Client mostly works up to password auth
Matt Johnston <matt@ucc.asn.au>
parents: 33
diff changeset
212 if (ses.lastpacket == SSH_MSG_KEXINIT && cli_ses.kex_state == KEX_NOTHING) {
33
f789045062e6 Progressing client support
Matt Johnston <matt@ucc.asn.au>
parents: 26
diff changeset
213 /* We initiate the KEXDH. If DH wasn't the correct type, the KEXINIT
f789045062e6 Progressing client support
Matt Johnston <matt@ucc.asn.au>
parents: 26
diff changeset
214 * negotiation would have failed. */
739
d44325108d0e first_kex_packet_follows working, needs tidying
Matt Johnston <matt@ucc.asn.au>
parents: 686
diff changeset
215 if (!ses.kexstate.our_first_follows_matches) {
d44325108d0e first_kex_packet_follows working, needs tidying
Matt Johnston <matt@ucc.asn.au>
parents: 686
diff changeset
216 send_msg_kexdh_init();
d44325108d0e first_kex_packet_follows working, needs tidying
Matt Johnston <matt@ucc.asn.au>
parents: 686
diff changeset
217 }
d44325108d0e first_kex_packet_follows working, needs tidying
Matt Johnston <matt@ucc.asn.au>
parents: 686
diff changeset
218 cli_ses.kex_state = KEXDH_INIT_SENT;
165
0cfba3034be5 Fixed DEBUG_TRACE macro so that we don't get semicolons left about the place
Matt Johnston <matt@ucc.asn.au>
parents: 136
diff changeset
219 TRACE(("leave cli_sessionloop: done with KEXINIT_RCVD"))
33
f789045062e6 Progressing client support
Matt Johnston <matt@ucc.asn.au>
parents: 26
diff changeset
220 return;
f789045062e6 Progressing client support
Matt Johnston <matt@ucc.asn.au>
parents: 26
diff changeset
221 }
f789045062e6 Progressing client support
Matt Johnston <matt@ucc.asn.au>
parents: 26
diff changeset
222
f789045062e6 Progressing client support
Matt Johnston <matt@ucc.asn.au>
parents: 26
diff changeset
223 /* A KEX has finished, so we should go back to our KEX_NOTHING state */
753
d63ef1e211ea Take transmit and receive keys into use separately
Matt Johnston <matt@ucc.asn.au>
parents: 750
diff changeset
224 if (cli_ses.kex_state != KEX_NOTHING && ses.kexstate.sentnewkeys) {
33
f789045062e6 Progressing client support
Matt Johnston <matt@ucc.asn.au>
parents: 26
diff changeset
225 cli_ses.kex_state = KEX_NOTHING;
f789045062e6 Progressing client support
Matt Johnston <matt@ucc.asn.au>
parents: 26
diff changeset
226 }
f789045062e6 Progressing client support
Matt Johnston <matt@ucc.asn.au>
parents: 26
diff changeset
227
f789045062e6 Progressing client support
Matt Johnston <matt@ucc.asn.au>
parents: 26
diff changeset
228 /* We shouldn't do anything else if a KEX is in progress */
f789045062e6 Progressing client support
Matt Johnston <matt@ucc.asn.au>
parents: 26
diff changeset
229 if (cli_ses.kex_state != KEX_NOTHING) {
165
0cfba3034be5 Fixed DEBUG_TRACE macro so that we don't get semicolons left about the place
Matt Johnston <matt@ucc.asn.au>
parents: 136
diff changeset
230 TRACE(("leave cli_sessionloop: kex_state != KEX_NOTHING"))
33
f789045062e6 Progressing client support
Matt Johnston <matt@ucc.asn.au>
parents: 26
diff changeset
231 return;
f789045062e6 Progressing client support
Matt Johnston <matt@ucc.asn.au>
parents: 26
diff changeset
232 }
f789045062e6 Progressing client support
Matt Johnston <matt@ucc.asn.au>
parents: 26
diff changeset
233
f789045062e6 Progressing client support
Matt Johnston <matt@ucc.asn.au>
parents: 26
diff changeset
234 if (ses.kexstate.donefirstkex == 0) {
745
15999b098cc9 Don't usually need to recalculate dh_e for the repeated kexdh_init packet
Matt Johnston <matt@ucc.asn.au>
parents: 743
diff changeset
235 /* We might reach here if we have partial packet reads or have
15999b098cc9 Don't usually need to recalculate dh_e for the repeated kexdh_init packet
Matt Johnston <matt@ucc.asn.au>
parents: 743
diff changeset
236 * received SSG_MSG_IGNORE etc. Just skip it */
753
d63ef1e211ea Take transmit and receive keys into use separately
Matt Johnston <matt@ucc.asn.au>
parents: 750
diff changeset
237 TRACE2(("donefirstkex false\n"))
34
e2a1eaa19f22 Client mostly works up to password auth
Matt Johnston <matt@ucc.asn.au>
parents: 33
diff changeset
238 return;
33
f789045062e6 Progressing client support
Matt Johnston <matt@ucc.asn.au>
parents: 26
diff changeset
239 }
f789045062e6 Progressing client support
Matt Johnston <matt@ucc.asn.au>
parents: 26
diff changeset
240
26
0969767bca0d snapshot of stuff
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
241 switch (cli_ses.state) {
0969767bca0d snapshot of stuff
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
242
33
f789045062e6 Progressing client support
Matt Johnston <matt@ucc.asn.au>
parents: 26
diff changeset
243 case STATE_NOTHING:
f789045062e6 Progressing client support
Matt Johnston <matt@ucc.asn.au>
parents: 26
diff changeset
244 /* We've got the transport layer sorted, we now need to request
f789045062e6 Progressing client support
Matt Johnston <matt@ucc.asn.au>
parents: 26
diff changeset
245 * userauth */
f789045062e6 Progressing client support
Matt Johnston <matt@ucc.asn.au>
parents: 26
diff changeset
246 send_msg_service_request(SSH_SERVICE_USERAUTH);
f789045062e6 Progressing client support
Matt Johnston <matt@ucc.asn.au>
parents: 26
diff changeset
247 cli_auth_getmethods();
45
9ee8996a375f Pubkey auth is mostly there for the client. Something strange with
Matt Johnston <matt@ucc.asn.au>
parents: 43
diff changeset
248 cli_ses.state = USERAUTH_REQ_SENT;
165
0cfba3034be5 Fixed DEBUG_TRACE macro so that we don't get semicolons left about the place
Matt Johnston <matt@ucc.asn.au>
parents: 136
diff changeset
249 TRACE(("leave cli_sessionloop: sent userauth methods req"))
33
f789045062e6 Progressing client support
Matt Johnston <matt@ucc.asn.au>
parents: 26
diff changeset
250 return;
883
ff597bf2cfb0 DROPBEAR_CLI_AUTH_IMMEDIATE fixed, now enabled by default
Matt Johnston <matt@ucc.asn.au>
parents: 858
diff changeset
251
ff597bf2cfb0 DROPBEAR_CLI_AUTH_IMMEDIATE fixed, now enabled by default
Matt Johnston <matt@ucc.asn.au>
parents: 858
diff changeset
252 case USERAUTH_REQ_SENT:
ff597bf2cfb0 DROPBEAR_CLI_AUTH_IMMEDIATE fixed, now enabled by default
Matt Johnston <matt@ucc.asn.au>
parents: 858
diff changeset
253 TRACE(("leave cli_sessionloop: waiting, req_sent"))
ff597bf2cfb0 DROPBEAR_CLI_AUTH_IMMEDIATE fixed, now enabled by default
Matt Johnston <matt@ucc.asn.au>
parents: 858
diff changeset
254 return;
33
f789045062e6 Progressing client support
Matt Johnston <matt@ucc.asn.au>
parents: 26
diff changeset
255
f789045062e6 Progressing client support
Matt Johnston <matt@ucc.asn.au>
parents: 26
diff changeset
256 case USERAUTH_FAIL_RCVD:
734
619b1ed837fd Be a bit more careful about when we want to use CLI_AUTH_IMMEDIATE
Matt Johnston <matt@ucc.asn.au>
parents: 733
diff changeset
257 if (cli_auth_try() == DROPBEAR_FAILURE) {
619b1ed837fd Be a bit more careful about when we want to use CLI_AUTH_IMMEDIATE
Matt Johnston <matt@ucc.asn.au>
parents: 733
diff changeset
258 dropbear_exit("No auth methods could be used.");
619b1ed837fd Be a bit more careful about when we want to use CLI_AUTH_IMMEDIATE
Matt Johnston <matt@ucc.asn.au>
parents: 733
diff changeset
259 }
45
9ee8996a375f Pubkey auth is mostly there for the client. Something strange with
Matt Johnston <matt@ucc.asn.au>
parents: 43
diff changeset
260 cli_ses.state = USERAUTH_REQ_SENT;
165
0cfba3034be5 Fixed DEBUG_TRACE macro so that we don't get semicolons left about the place
Matt Johnston <matt@ucc.asn.au>
parents: 136
diff changeset
261 TRACE(("leave cli_sessionloop: cli_auth_try"))
33
f789045062e6 Progressing client support
Matt Johnston <matt@ucc.asn.au>
parents: 26
diff changeset
262 return;
f789045062e6 Progressing client support
Matt Johnston <matt@ucc.asn.au>
parents: 26
diff changeset
263
37
0913e2ee3545 we're nearly there yet
Matt Johnston <matt@ucc.asn.au>
parents: 35
diff changeset
264 case USERAUTH_SUCCESS_RCVD:
1212
bf626d259eb1 Support syslog logging in dbclient.
Konstantin Tokarev <ktokarev@smartlabs.tv>
parents: 1208
diff changeset
265 #ifndef DISABLE_SYSLOG
bf626d259eb1 Support syslog logging in dbclient.
Konstantin Tokarev <ktokarev@smartlabs.tv>
parents: 1208
diff changeset
266 if (opts.usingsyslog) {
bf626d259eb1 Support syslog logging in dbclient.
Konstantin Tokarev <ktokarev@smartlabs.tv>
parents: 1208
diff changeset
267 dropbear_log(LOG_INFO, "Authentication succeeded.");
bf626d259eb1 Support syslog logging in dbclient.
Konstantin Tokarev <ktokarev@smartlabs.tv>
parents: 1208
diff changeset
268 }
bf626d259eb1 Support syslog logging in dbclient.
Konstantin Tokarev <ktokarev@smartlabs.tv>
parents: 1208
diff changeset
269 #endif
326
d965110e3f5c add -f background option to dbclient
Matt Johnston <matt@ucc.asn.au>
parents: 325
diff changeset
270
d965110e3f5c add -f background option to dbclient
Matt Johnston <matt@ucc.asn.au>
parents: 325
diff changeset
271 if (cli_opts.backgrounded) {
d965110e3f5c add -f background option to dbclient
Matt Johnston <matt@ucc.asn.au>
parents: 325
diff changeset
272 int devnull;
433
c216212001fc Fix for -pedantic -ansi compilation, change // to /**/, plus some signedness
Matt Johnston <matt@ucc.asn.au>
parents: 326
diff changeset
273 /* keeping stdin open steals input from the terminal and
c216212001fc Fix for -pedantic -ansi compilation, change // to /**/, plus some signedness
Matt Johnston <matt@ucc.asn.au>
parents: 326
diff changeset
274 is confusing, though stdout/stderr could be useful. */
1387
e7f11ed5fe28 Use DROPBEAR_PATH_DEVNULL instead of undefined _PATH_DEVNULL
Ben Gardner <bgardner@wabtec.com>
parents: 1295
diff changeset
275 devnull = open(DROPBEAR_PATH_DEVNULL, O_RDONLY);
326
d965110e3f5c add -f background option to dbclient
Matt Johnston <matt@ucc.asn.au>
parents: 325
diff changeset
276 if (devnull < 0) {
594
a98a2138364a Improve capitalisation for all logged strings
Matt Johnston <matt@ucc.asn.au>
parents: 568
diff changeset
277 dropbear_exit("Opening /dev/null: %d %s",
326
d965110e3f5c add -f background option to dbclient
Matt Johnston <matt@ucc.asn.au>
parents: 325
diff changeset
278 errno, strerror(errno));
d965110e3f5c add -f background option to dbclient
Matt Johnston <matt@ucc.asn.au>
parents: 325
diff changeset
279 }
d965110e3f5c add -f background option to dbclient
Matt Johnston <matt@ucc.asn.au>
parents: 325
diff changeset
280 dup2(devnull, STDIN_FILENO);
d965110e3f5c add -f background option to dbclient
Matt Johnston <matt@ucc.asn.au>
parents: 325
diff changeset
281 if (daemon(0, 1) < 0) {
d965110e3f5c add -f background option to dbclient
Matt Johnston <matt@ucc.asn.au>
parents: 325
diff changeset
282 dropbear_exit("Backgrounding failed: %d %s",
d965110e3f5c add -f background option to dbclient
Matt Johnston <matt@ucc.asn.au>
parents: 325
diff changeset
283 errno, strerror(errno));
d965110e3f5c add -f background option to dbclient
Matt Johnston <matt@ucc.asn.au>
parents: 325
diff changeset
284 }
d965110e3f5c add -f background option to dbclient
Matt Johnston <matt@ucc.asn.au>
parents: 325
diff changeset
285 }
d965110e3f5c add -f background option to dbclient
Matt Johnston <matt@ucc.asn.au>
parents: 325
diff changeset
286
1295
750ec4ec4cbe Convert #ifdef to #if, other build changes
Matt Johnston <matt@ucc.asn.au>
parents: 1278
diff changeset
287 #if DROPBEAR_CLI_NETCAT
485
12d845ab7b5f Rework netcat-alike to be a proper mode, with -B argument.
Matt Johnston <matt@ucc.asn.au>
parents: 478
diff changeset
288 if (cli_opts.netcat_host) {
12d845ab7b5f Rework netcat-alike to be a proper mode, with -B argument.
Matt Johnston <matt@ucc.asn.au>
parents: 478
diff changeset
289 cli_send_netcat_request();
12d845ab7b5f Rework netcat-alike to be a proper mode, with -B argument.
Matt Johnston <matt@ucc.asn.au>
parents: 478
diff changeset
290 } else
12d845ab7b5f Rework netcat-alike to be a proper mode, with -B argument.
Matt Johnston <matt@ucc.asn.au>
parents: 478
diff changeset
291 #endif
560
52d7301e46bd Agent forwarding works
Matt Johnston <matt@ucc.asn.au>
parents: 547
diff changeset
292 if (!cli_opts.no_cmd) {
325
0e4f225b7e07 Add -N "no remote command" dbclient option.
Matt Johnston <matt@ucc.asn.au>
parents: 272
diff changeset
293 cli_send_chansess_request();
0e4f225b7e07 Add -N "no remote command" dbclient option.
Matt Johnston <matt@ucc.asn.au>
parents: 272
diff changeset
294 }
754
2400b8685762 setup tcp after requesting a channel - might hide some DNS latency
Matt Johnston <matt@ucc.asn.au>
parents: 753
diff changeset
295
1295
750ec4ec4cbe Convert #ifdef to #if, other build changes
Matt Johnston <matt@ucc.asn.au>
parents: 1278
diff changeset
296 #if DROPBEAR_CLI_LOCALTCPFWD
754
2400b8685762 setup tcp after requesting a channel - might hide some DNS latency
Matt Johnston <matt@ucc.asn.au>
parents: 753
diff changeset
297 setup_localtcp();
2400b8685762 setup tcp after requesting a channel - might hide some DNS latency
Matt Johnston <matt@ucc.asn.au>
parents: 753
diff changeset
298 #endif
1295
750ec4ec4cbe Convert #ifdef to #if, other build changes
Matt Johnston <matt@ucc.asn.au>
parents: 1278
diff changeset
299 #if DROPBEAR_CLI_REMOTETCPFWD
754
2400b8685762 setup tcp after requesting a channel - might hide some DNS latency
Matt Johnston <matt@ucc.asn.au>
parents: 753
diff changeset
300 setup_remotetcp();
2400b8685762 setup tcp after requesting a channel - might hide some DNS latency
Matt Johnston <matt@ucc.asn.au>
parents: 753
diff changeset
301 #endif
2400b8685762 setup tcp after requesting a channel - might hide some DNS latency
Matt Johnston <matt@ucc.asn.au>
parents: 753
diff changeset
302
325
0e4f225b7e07 Add -N "no remote command" dbclient option.
Matt Johnston <matt@ucc.asn.au>
parents: 272
diff changeset
303 TRACE(("leave cli_sessionloop: running"))
37
0913e2ee3545 we're nearly there yet
Matt Johnston <matt@ucc.asn.au>
parents: 35
diff changeset
304 cli_ses.state = SESSION_RUNNING;
0913e2ee3545 we're nearly there yet
Matt Johnston <matt@ucc.asn.au>
parents: 35
diff changeset
305 return;
0913e2ee3545 we're nearly there yet
Matt Johnston <matt@ucc.asn.au>
parents: 35
diff changeset
306
40
b4874d772210 - Added terminal mode handling etc for the client, and window change
Matt Johnston <matt@ucc.asn.au>
parents: 39
diff changeset
307 case SESSION_RUNNING:
325
0e4f225b7e07 Add -N "no remote command" dbclient option.
Matt Johnston <matt@ucc.asn.au>
parents: 272
diff changeset
308 if (ses.chancount < 1 && !cli_opts.no_cmd) {
40
b4874d772210 - Added terminal mode handling etc for the client, and window change
Matt Johnston <matt@ucc.asn.au>
parents: 39
diff changeset
309 cli_finished();
b4874d772210 - Added terminal mode handling etc for the client, and window change
Matt Johnston <matt@ucc.asn.au>
parents: 39
diff changeset
310 }
41
18eccbfb9641 added window-size change handling
Matt Johnston <matt@ucc.asn.au>
parents: 40
diff changeset
311
18eccbfb9641 added window-size change handling
Matt Johnston <matt@ucc.asn.au>
parents: 40
diff changeset
312 if (cli_ses.winchange) {
18eccbfb9641 added window-size change handling
Matt Johnston <matt@ucc.asn.au>
parents: 40
diff changeset
313 cli_chansess_winchange();
18eccbfb9641 added window-size change handling
Matt Johnston <matt@ucc.asn.au>
parents: 40
diff changeset
314 }
40
b4874d772210 - Added terminal mode handling etc for the client, and window change
Matt Johnston <matt@ucc.asn.au>
parents: 39
diff changeset
315 return;
b4874d772210 - Added terminal mode handling etc for the client, and window change
Matt Johnston <matt@ucc.asn.au>
parents: 39
diff changeset
316
33
f789045062e6 Progressing client support
Matt Johnston <matt@ucc.asn.au>
parents: 26
diff changeset
317 /* XXX more here needed */
f789045062e6 Progressing client support
Matt Johnston <matt@ucc.asn.au>
parents: 26
diff changeset
318
f789045062e6 Progressing client support
Matt Johnston <matt@ucc.asn.au>
parents: 26
diff changeset
319
f789045062e6 Progressing client support
Matt Johnston <matt@ucc.asn.au>
parents: 26
diff changeset
320 default:
f789045062e6 Progressing client support
Matt Johnston <matt@ucc.asn.au>
parents: 26
diff changeset
321 break;
26
0969767bca0d snapshot of stuff
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
322 }
0969767bca0d snapshot of stuff
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
323
731
9a5438271556 Move the more verbose TRACE() statements into TRACE2()
Matt Johnston <matt@ucc.asn.au>
parents: 727
diff changeset
324 TRACE2(("leave cli_sessionloop: fell out"))
26
0969767bca0d snapshot of stuff
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
325
0969767bca0d snapshot of stuff
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
326 }
0969767bca0d snapshot of stuff
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
327
1208
fb58cf341951 Client: kill proxy command when exiting application.
Konstantin Tokarev <ktokarev@smartlabs.tv>
parents: 1124
diff changeset
328 void kill_proxy_command(void) {
fb58cf341951 Client: kill proxy command when exiting application.
Konstantin Tokarev <ktokarev@smartlabs.tv>
parents: 1124
diff changeset
329 /*
fb58cf341951 Client: kill proxy command when exiting application.
Konstantin Tokarev <ktokarev@smartlabs.tv>
parents: 1124
diff changeset
330 * Send SIGHUP to proxy command if used. We don't wait() in
fb58cf341951 Client: kill proxy command when exiting application.
Konstantin Tokarev <ktokarev@smartlabs.tv>
parents: 1124
diff changeset
331 * case it hangs and instead rely on init to reap the child
fb58cf341951 Client: kill proxy command when exiting application.
Konstantin Tokarev <ktokarev@smartlabs.tv>
parents: 1124
diff changeset
332 */
fb58cf341951 Client: kill proxy command when exiting application.
Konstantin Tokarev <ktokarev@smartlabs.tv>
parents: 1124
diff changeset
333 if (cli_ses.proxy_cmd_pid > 1) {
fb58cf341951 Client: kill proxy command when exiting application.
Konstantin Tokarev <ktokarev@smartlabs.tv>
parents: 1124
diff changeset
334 TRACE(("killing proxy command with PID='%d'", cli_ses.proxy_cmd_pid));
fb58cf341951 Client: kill proxy command when exiting application.
Konstantin Tokarev <ktokarev@smartlabs.tv>
parents: 1124
diff changeset
335 kill(cli_ses.proxy_cmd_pid, SIGHUP);
fb58cf341951 Client: kill proxy command when exiting application.
Konstantin Tokarev <ktokarev@smartlabs.tv>
parents: 1124
diff changeset
336 }
fb58cf341951 Client: kill proxy command when exiting application.
Konstantin Tokarev <ktokarev@smartlabs.tv>
parents: 1124
diff changeset
337 }
fb58cf341951 Client: kill proxy command when exiting application.
Konstantin Tokarev <ktokarev@smartlabs.tv>
parents: 1124
diff changeset
338
733
70811267715c Run the cleanup handler also when we close due to TCP connection being closed
Matt Johnston <matt@ucc.asn.au>
parents: 731
diff changeset
339 static void cli_session_cleanup(void) {
40
b4874d772210 - Added terminal mode handling etc for the client, and window change
Matt Johnston <matt@ucc.asn.au>
parents: 39
diff changeset
340
1495
0c16b4ccbd54 make signal flags volatile, simplify handling
Matt Johnston <matt@ucc.asn.au>
parents: 1479
diff changeset
341 if (!ses.init_done) {
40
b4874d772210 - Added terminal mode handling etc for the client, and window change
Matt Johnston <matt@ucc.asn.au>
parents: 39
diff changeset
342 return;
b4874d772210 - Added terminal mode handling etc for the client, and window change
Matt Johnston <matt@ucc.asn.au>
parents: 39
diff changeset
343 }
99
0247fbd9379d Move the revert-to-non-blocking-stdin code to cli-session so it
Matt Johnston <matt@ucc.asn.au>
parents: 74
diff changeset
344
1208
fb58cf341951 Client: kill proxy command when exiting application.
Konstantin Tokarev <ktokarev@smartlabs.tv>
parents: 1124
diff changeset
345 kill_proxy_command();
fb58cf341951 Client: kill proxy command when exiting application.
Konstantin Tokarev <ktokarev@smartlabs.tv>
parents: 1124
diff changeset
346
175
2c5741e4b855 * Reset the non-blocking status of stdout and stderr as well on exit
Matt Johnston <matt@ucc.asn.au>
parents: 165
diff changeset
347 /* Set std{in,out,err} back to non-blocking - busybox ash dies nastily if
2c5741e4b855 * Reset the non-blocking status of stdout and stderr as well on exit
Matt Johnston <matt@ucc.asn.au>
parents: 165
diff changeset
348 * we don't revert the flags */
1258
854f39ff5105 ignore return value from fcntl()
Matt Johnston <matt@ucc.asn.au>
parents: 1212
diff changeset
349 /* Ignore return value since there's nothing we can do */
854f39ff5105 ignore return value from fcntl()
Matt Johnston <matt@ucc.asn.au>
parents: 1212
diff changeset
350 (void)fcntl(cli_ses.stdincopy, F_SETFL, cli_ses.stdinflags);
854f39ff5105 ignore return value from fcntl()
Matt Johnston <matt@ucc.asn.au>
parents: 1212
diff changeset
351 (void)fcntl(cli_ses.stdoutcopy, F_SETFL, cli_ses.stdoutflags);
854f39ff5105 ignore return value from fcntl()
Matt Johnston <matt@ucc.asn.au>
parents: 1212
diff changeset
352 (void)fcntl(cli_ses.stderrcopy, F_SETFL, cli_ses.stderrflags);
99
0247fbd9379d Move the revert-to-non-blocking-stdin code to cli-session so it
Matt Johnston <matt@ucc.asn.au>
parents: 74
diff changeset
353
40
b4874d772210 - Added terminal mode handling etc for the client, and window change
Matt Johnston <matt@ucc.asn.au>
parents: 39
diff changeset
354 cli_tty_cleanup();
b4874d772210 - Added terminal mode handling etc for the client, and window change
Matt Johnston <matt@ucc.asn.au>
parents: 39
diff changeset
355
b4874d772210 - Added terminal mode handling etc for the client, and window change
Matt Johnston <matt@ucc.asn.au>
parents: 39
diff changeset
356 }
b4874d772210 - Added terminal mode handling etc for the client, and window change
Matt Johnston <matt@ucc.asn.au>
parents: 39
diff changeset
357
b4874d772210 - Added terminal mode handling etc for the client, and window change
Matt Johnston <matt@ucc.asn.au>
parents: 39
diff changeset
358 static void cli_finished() {
b4874d772210 - Added terminal mode handling etc for the client, and window change
Matt Johnston <matt@ucc.asn.au>
parents: 39
diff changeset
359
733
70811267715c Run the cleanup handler also when we close due to TCP connection being closed
Matt Johnston <matt@ucc.asn.au>
parents: 731
diff changeset
360 session_cleanup();
40
b4874d772210 - Added terminal mode handling etc for the client, and window change
Matt Johnston <matt@ucc.asn.au>
parents: 39
diff changeset
361 fprintf(stderr, "Connection to %s@%s:%s closed.\n", cli_opts.username,
b4874d772210 - Added terminal mode handling etc for the client, and window change
Matt Johnston <matt@ucc.asn.au>
parents: 39
diff changeset
362 cli_opts.remotehost, cli_opts.remoteport);
108
10f4d3319780 - added circular buffering for channels
Matt Johnston <matt@ucc.asn.au>
parents: 107
diff changeset
363 exit(cli_ses.retval);
40
b4874d772210 - Added terminal mode handling etc for the client, and window change
Matt Johnston <matt@ucc.asn.au>
parents: 39
diff changeset
364 }
b4874d772210 - Added terminal mode handling etc for the client, and window change
Matt Johnston <matt@ucc.asn.au>
parents: 39
diff changeset
365
b4874d772210 - Added terminal mode handling etc for the client, and window change
Matt Johnston <matt@ucc.asn.au>
parents: 39
diff changeset
366
26
0969767bca0d snapshot of stuff
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
367 /* called when the remote side closes the connection */
0969767bca0d snapshot of stuff
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
368 static void cli_remoteclosed() {
0969767bca0d snapshot of stuff
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
369
0969767bca0d snapshot of stuff
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
370 /* XXX TODO perhaps print a friendlier message if we get this but have
0969767bca0d snapshot of stuff
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
371 * already sent/received disconnect message(s) ??? */
479
e3db1f7a2e43 - Split main socket var into ses.sock_in/ses.sock_out in preparation
Matt Johnston <matt@ucc.asn.au>
parents: 433
diff changeset
372 m_close(ses.sock_in);
e3db1f7a2e43 - Split main socket var into ses.sock_in/ses.sock_out in preparation
Matt Johnston <matt@ucc.asn.au>
parents: 433
diff changeset
373 m_close(ses.sock_out);
e3db1f7a2e43 - Split main socket var into ses.sock_in/ses.sock_out in preparation
Matt Johnston <matt@ucc.asn.au>
parents: 433
diff changeset
374 ses.sock_in = -1;
e3db1f7a2e43 - Split main socket var into ses.sock_in/ses.sock_out in preparation
Matt Johnston <matt@ucc.asn.au>
parents: 433
diff changeset
375 ses.sock_out = -1;
594
a98a2138364a Improve capitalisation for all logged strings
Matt Johnston <matt@ucc.asn.au>
parents: 568
diff changeset
376 dropbear_exit("Remote closed the connection");
26
0969767bca0d snapshot of stuff
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
377 }
43
942b22d7dd1c Banner printing
Matt Johnston <matt@ucc.asn.au>
parents: 41
diff changeset
378
942b22d7dd1c Banner printing
Matt Johnston <matt@ucc.asn.au>
parents: 41
diff changeset
379 /* Operates in-place turning dirty (untrusted potentially containing control
249
efbaf6b03837 added keyboard-interactive client support
Matt Johnston <matt@ucc.asn.au>
parents: 215
diff changeset
380 * characters) text into clean text.
efbaf6b03837 added keyboard-interactive client support
Matt Johnston <matt@ucc.asn.au>
parents: 215
diff changeset
381 * Note: this is safe only with ascii - other charsets could have problems. */
1101
94ff5316980f Turn cleantext()'s dirtytext argument into char *
Gaël PORTAY <gael.portay@gmail.com>
parents: 1094
diff changeset
382 void cleantext(char* dirtytext) {
43
942b22d7dd1c Banner printing
Matt Johnston <matt@ucc.asn.au>
parents: 41
diff changeset
383
942b22d7dd1c Banner printing
Matt Johnston <matt@ucc.asn.au>
parents: 41
diff changeset
384 unsigned int i, j;
1101
94ff5316980f Turn cleantext()'s dirtytext argument into char *
Gaël PORTAY <gael.portay@gmail.com>
parents: 1094
diff changeset
385 char c;
43
942b22d7dd1c Banner printing
Matt Johnston <matt@ucc.asn.au>
parents: 41
diff changeset
386
942b22d7dd1c Banner printing
Matt Johnston <matt@ucc.asn.au>
parents: 41
diff changeset
387 j = 0;
942b22d7dd1c Banner printing
Matt Johnston <matt@ucc.asn.au>
parents: 41
diff changeset
388 for (i = 0; dirtytext[i] != '\0'; i++) {
942b22d7dd1c Banner printing
Matt Johnston <matt@ucc.asn.au>
parents: 41
diff changeset
389
942b22d7dd1c Banner printing
Matt Johnston <matt@ucc.asn.au>
parents: 41
diff changeset
390 c = dirtytext[i];
942b22d7dd1c Banner printing
Matt Johnston <matt@ucc.asn.au>
parents: 41
diff changeset
391 /* We can ignore '\r's */
942b22d7dd1c Banner printing
Matt Johnston <matt@ucc.asn.au>
parents: 41
diff changeset
392 if ( (c >= ' ' && c <= '~') || c == '\n' || c == '\t') {
942b22d7dd1c Banner printing
Matt Johnston <matt@ucc.asn.au>
parents: 41
diff changeset
393 dirtytext[j] = c;
942b22d7dd1c Banner printing
Matt Johnston <matt@ucc.asn.au>
parents: 41
diff changeset
394 j++;
942b22d7dd1c Banner printing
Matt Johnston <matt@ucc.asn.au>
parents: 41
diff changeset
395 }
942b22d7dd1c Banner printing
Matt Johnston <matt@ucc.asn.au>
parents: 41
diff changeset
396 }
942b22d7dd1c Banner printing
Matt Johnston <matt@ucc.asn.au>
parents: 41
diff changeset
397 /* Null terminate */
942b22d7dd1c Banner printing
Matt Johnston <matt@ucc.asn.au>
parents: 41
diff changeset
398 dirtytext[j] = '\0';
942b22d7dd1c Banner printing
Matt Johnston <matt@ucc.asn.au>
parents: 41
diff changeset
399 }
937
4ad38e223ccd Send a failure response if a client receives a global request
Matt Johnston <matt@ucc.asn.au>
parents: 883
diff changeset
400
4ad38e223ccd Send a failure response if a client receives a global request
Matt Johnston <matt@ucc.asn.au>
parents: 883
diff changeset
401 static void recv_msg_global_request_cli(void) {
4ad38e223ccd Send a failure response if a client receives a global request
Matt Johnston <matt@ucc.asn.au>
parents: 883
diff changeset
402 TRACE(("recv_msg_global_request_cli"))
4ad38e223ccd Send a failure response if a client receives a global request
Matt Johnston <matt@ucc.asn.au>
parents: 883
diff changeset
403 /* Send a proper rejection */
4ad38e223ccd Send a failure response if a client receives a global request
Matt Johnston <matt@ucc.asn.au>
parents: 883
diff changeset
404 send_msg_request_failure();
4ad38e223ccd Send a failure response if a client receives a global request
Matt Johnston <matt@ucc.asn.au>
parents: 883
diff changeset
405 }