Mercurial > dropbear
annotate common-session.c @ 1629:258b57b208ae
Fix for issue successfull login of disabled user (#78)
This commit introduces fix for scenario:
1. Root login disabled on dropbear
2. PAM authentication model enabled
While login as root user, after prompt for password
user is being notified about login failrue, but
after second attempt of prompt for password within
same session, login becames succesfull.
Signed-off-by: Pawel Rapkiewicz <[email protected]>
| author | vincentto13 <33652988+vincentto13@users.noreply.github.com> |
|---|---|
| date | Wed, 20 Mar 2019 15:03:40 +0100 |
| parents | 60fceff95858 |
| children | aabde6f57fce |
| rev | line source |
|---|---|
|
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
1 /* |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
2 * Dropbear - a SSH2 server |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
3 * |
| 1079 | 4 * Copyright (c) Matt Johnston |
|
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
5 * All rights reserved. |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
6 * |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
7 * Permission is hereby granted, free of charge, to any person obtaining a copy |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
8 * of this software and associated documentation files (the "Software"), to deal |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
9 * in the Software without restriction, including without limitation the rights |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
10 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
11 * copies of the Software, and to permit persons to whom the Software is |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
12 * furnished to do so, subject to the following conditions: |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
13 * |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
14 * The above copyright notice and this permission notice shall be included in |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
15 * all copies or substantial portions of the Software. |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
16 * |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
17 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
18 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
19 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
20 * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
21 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
22 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
23 * SOFTWARE. */ |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
24 |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
25 #include "includes.h" |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
26 #include "session.h" |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
27 #include "dbutil.h" |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
28 #include "packet.h" |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
29 #include "algo.h" |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
30 #include "buffer.h" |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
31 #include "dss.h" |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
32 #include "ssh.h" |
|
858
220f55d540ae
rename random.h to dbrandom.h since some OSes have a system random.h
Matt Johnston <matt@ucc.asn.au>
parents:
857
diff
changeset
|
33 #include "dbrandom.h" |
|
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
34 #include "kex.h" |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
35 #include "channel.h" |
|
454
7e43f5e473b9
- Add -K keepalive flag for dropbear and dbclient
Matt Johnston <matt@ucc.asn.au>
parents:
452
diff
changeset
|
36 #include "runopts.h" |
|
1032
0da8ba489c23
Move generic network routines to netio.c
Matt Johnston <matt@ucc.asn.au>
parents:
1031
diff
changeset
|
37 #include "netio.h" |
|
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
38 |
|
1276
9169e4e7cbee
fix empty C prototypes
Francois Perrad <francois.perrad@gadz.org>
parents:
1191
diff
changeset
|
39 static void checktimeouts(void); |
|
9169e4e7cbee
fix empty C prototypes
Francois Perrad <francois.perrad@gadz.org>
parents:
1191
diff
changeset
|
40 static long select_timeout(void); |
|
108
10f4d3319780
- added circular buffering for channels
Matt Johnston <matt@ucc.asn.au>
parents:
107
diff
changeset
|
41 static int ident_readln(int fd, char* buf, int count); |
|
1276
9169e4e7cbee
fix empty C prototypes
Francois Perrad <francois.perrad@gadz.org>
parents:
1191
diff
changeset
|
42 static void read_session_identification(void); |
| 26 | 43 |
| 24 | 44 struct sshsession ses; /* GLOBAL */ |
|
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
45 |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
46 /* called only at the start of a session, set up initial state */ |
|
568
005530560594
Rearrange getaddrstring() etc
Matt Johnston <matt@ucc.asn.au>
parents:
537
diff
changeset
|
47 void common_session_init(int sock_in, int sock_out) { |
|
939
a0819ecfee0b
Make -K keepalive behave like OpenSSH's ServerAliveInterval
Matt Johnston <matt@ucc.asn.au>
parents:
929
diff
changeset
|
48 time_t now; |
|
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
49 |
|
1295
750ec4ec4cbe
Convert #ifdef to #if, other build changes
Matt Johnston <matt@ucc.asn.au>
parents:
1292
diff
changeset
|
50 #if DEBUG_TRACE |
|
1021
24135c8e1d46
Add envirnonment variable for debug timestamps to roughly match
Matt Johnston <matt@ucc.asn.au>
parents:
1020
diff
changeset
|
51 debug_start_net(); |
|
24135c8e1d46
Add envirnonment variable for debug timestamps to roughly match
Matt Johnston <matt@ucc.asn.au>
parents:
1020
diff
changeset
|
52 #endif |
|
24135c8e1d46
Add envirnonment variable for debug timestamps to roughly match
Matt Johnston <matt@ucc.asn.au>
parents:
1020
diff
changeset
|
53 |
|
165
0cfba3034be5
Fixed DEBUG_TRACE macro so that we don't get semicolons left about the place
Matt Johnston <matt@ucc.asn.au>
parents:
135
diff
changeset
|
54 TRACE(("enter session_init")) |
|
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
55 |
|
479
e3db1f7a2e43
- Split main socket var into ses.sock_in/ses.sock_out in preparation
Matt Johnston <matt@ucc.asn.au>
parents:
454
diff
changeset
|
56 ses.sock_in = sock_in; |
|
e3db1f7a2e43
- Split main socket var into ses.sock_in/ses.sock_out in preparation
Matt Johnston <matt@ucc.asn.au>
parents:
454
diff
changeset
|
57 ses.sock_out = sock_out; |
|
e3db1f7a2e43
- Split main socket var into ses.sock_in/ses.sock_out in preparation
Matt Johnston <matt@ucc.asn.au>
parents:
454
diff
changeset
|
58 ses.maxfd = MAX(sock_in, sock_out); |
|
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
59 |
|
1074
10f198d4a308
Make main socket nonblocking. Limit writequeue size.
Matt Johnston <matt@ucc.asn.au>
parents:
1060
diff
changeset
|
60 if (sock_in >= 0) { |
|
10f198d4a308
Make main socket nonblocking. Limit writequeue size.
Matt Johnston <matt@ucc.asn.au>
parents:
1060
diff
changeset
|
61 setnonblocking(sock_in); |
|
10f198d4a308
Make main socket nonblocking. Limit writequeue size.
Matt Johnston <matt@ucc.asn.au>
parents:
1060
diff
changeset
|
62 } |
|
10f198d4a308
Make main socket nonblocking. Limit writequeue size.
Matt Johnston <matt@ucc.asn.au>
parents:
1060
diff
changeset
|
63 if (sock_out >= 0) { |
|
10f198d4a308
Make main socket nonblocking. Limit writequeue size.
Matt Johnston <matt@ucc.asn.au>
parents:
1060
diff
changeset
|
64 setnonblocking(sock_out); |
|
10f198d4a308
Make main socket nonblocking. Limit writequeue size.
Matt Johnston <matt@ucc.asn.au>
parents:
1060
diff
changeset
|
65 } |
|
10f198d4a308
Make main socket nonblocking. Limit writequeue size.
Matt Johnston <matt@ucc.asn.au>
parents:
1060
diff
changeset
|
66 |
|
941
5daedffd0769
Set tcp priority as follows:
Matt Johnston <matt@ucc.asn.au>
parents:
940
diff
changeset
|
67 ses.socket_prio = DROPBEAR_PRIO_DEFAULT; |
|
5daedffd0769
Set tcp priority as follows:
Matt Johnston <matt@ucc.asn.au>
parents:
940
diff
changeset
|
68 /* Sets it to lowdelay */ |
|
5daedffd0769
Set tcp priority as follows:
Matt Johnston <matt@ucc.asn.au>
parents:
940
diff
changeset
|
69 update_channel_prio(); |
|
5daedffd0769
Set tcp priority as follows:
Matt Johnston <matt@ucc.asn.au>
parents:
940
diff
changeset
|
70 |
|
939
a0819ecfee0b
Make -K keepalive behave like OpenSSH's ServerAliveInterval
Matt Johnston <matt@ucc.asn.au>
parents:
929
diff
changeset
|
71 now = monotonic_now(); |
|
1139
43a8ea69b24c
Fix problem where auth timeout wasn't checked when waiting for ident
Matt Johnston <matt@ucc.asn.au>
parents:
1124
diff
changeset
|
72 ses.connect_time = now; |
|
939
a0819ecfee0b
Make -K keepalive behave like OpenSSH's ServerAliveInterval
Matt Johnston <matt@ucc.asn.au>
parents:
929
diff
changeset
|
73 ses.last_packet_time_keepalive_recv = now; |
|
a0819ecfee0b
Make -K keepalive behave like OpenSSH's ServerAliveInterval
Matt Johnston <matt@ucc.asn.au>
parents:
929
diff
changeset
|
74 ses.last_packet_time_idle = now; |
|
a0819ecfee0b
Make -K keepalive behave like OpenSSH's ServerAliveInterval
Matt Johnston <matt@ucc.asn.au>
parents:
929
diff
changeset
|
75 ses.last_packet_time_any_sent = 0; |
|
a0819ecfee0b
Make -K keepalive behave like OpenSSH's ServerAliveInterval
Matt Johnston <matt@ucc.asn.au>
parents:
929
diff
changeset
|
76 ses.last_packet_time_keepalive_sent = 0; |
|
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
77 |
|
1558
2f64cb3d3007
- #if not #ifdef for DROPBEAR_FUZZ
Matt Johnston <matt@ucc.asn.au>
parents:
1546
diff
changeset
|
78 #if DROPBEAR_FUZZ |
|
1358
6b89eb92f872
glaring wrapfd problems fixed
Matt Johnston <matt@ucc.asn.au>
parents:
1357
diff
changeset
|
79 if (!fuzz.fuzzing) |
|
6b89eb92f872
glaring wrapfd problems fixed
Matt Johnston <matt@ucc.asn.au>
parents:
1357
diff
changeset
|
80 #endif |
|
6b89eb92f872
glaring wrapfd problems fixed
Matt Johnston <matt@ucc.asn.au>
parents:
1357
diff
changeset
|
81 { |
|
416
a01c0c8e543a
Improve behaviour when flushing out after a process has exited.
Matt Johnston <matt@ucc.asn.au>
parents:
373
diff
changeset
|
82 if (pipe(ses.signal_pipe) < 0) { |
|
594
a98a2138364a
Improve capitalisation for all logged strings
Matt Johnston <matt@ucc.asn.au>
parents:
568
diff
changeset
|
83 dropbear_exit("Signal pipe failed"); |
|
416
a01c0c8e543a
Improve behaviour when flushing out after a process has exited.
Matt Johnston <matt@ucc.asn.au>
parents:
373
diff
changeset
|
84 } |
|
a01c0c8e543a
Improve behaviour when flushing out after a process has exited.
Matt Johnston <matt@ucc.asn.au>
parents:
373
diff
changeset
|
85 setnonblocking(ses.signal_pipe[0]); |
|
a01c0c8e543a
Improve behaviour when flushing out after a process has exited.
Matt Johnston <matt@ucc.asn.au>
parents:
373
diff
changeset
|
86 setnonblocking(ses.signal_pipe[1]); |
|
537
7de2f22ea759
- Add the signal pipe to maxfd
Matt Johnston <matt@ucc.asn.au>
parents:
534
diff
changeset
|
87 ses.maxfd = MAX(ses.maxfd, ses.signal_pipe[0]); |
|
7de2f22ea759
- Add the signal pipe to maxfd
Matt Johnston <matt@ucc.asn.au>
parents:
534
diff
changeset
|
88 ses.maxfd = MAX(ses.maxfd, ses.signal_pipe[1]); |
|
416
a01c0c8e543a
Improve behaviour when flushing out after a process has exited.
Matt Johnston <matt@ucc.asn.au>
parents:
373
diff
changeset
|
89 } |
|
a01c0c8e543a
Improve behaviour when flushing out after a process has exited.
Matt Johnston <matt@ucc.asn.au>
parents:
373
diff
changeset
|
90 |
|
448
9c61e7af0156
Rearrange the channel buffer sizes into three neat use-editable values in
Matt Johnston <matt@ucc.asn.au>
parents:
416
diff
changeset
|
91 ses.writepayload = buf_new(TRANS_MAX_PAYLOAD_LEN); |
|
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
92 ses.transseq = 0; |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
93 |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
94 ses.readbuf = NULL; |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
95 ses.payload = NULL; |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
96 ses.recvseq = 0; |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
97 |
|
135
d663445c1533
Initialise the outgoing packet queue
Matt Johnston <matt@ucc.asn.au>
parents:
108
diff
changeset
|
98 initqueue(&ses.writequeue); |
|
d663445c1533
Initialise the outgoing packet queue
Matt Johnston <matt@ucc.asn.au>
parents:
108
diff
changeset
|
99 |
|
886
cbc73a5aefb0
requirenext doesn't need two values
Matt Johnston <matt@ucc.asn.au>
parents:
858
diff
changeset
|
100 ses.requirenext = SSH_MSG_KEXINIT; |
|
452
4cab61369879
Prevent invalid packets being sent during key-exchange, instead queue
Matt Johnston <matt@ucc.asn.au>
parents:
448
diff
changeset
|
101 ses.dataallowed = 1; /* we can send data until we actually |
|
4cab61369879
Prevent invalid packets being sent during key-exchange, instead queue
Matt Johnston <matt@ucc.asn.au>
parents:
448
diff
changeset
|
102 send the SSH_MSG_KEXINIT */ |
|
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
103 ses.ignorenext = 0; |
|
34
e2a1eaa19f22
Client mostly works up to password auth
Matt Johnston <matt@ucc.asn.au>
parents:
33
diff
changeset
|
104 ses.lastpacket = 0; |
|
452
4cab61369879
Prevent invalid packets being sent during key-exchange, instead queue
Matt Johnston <matt@ucc.asn.au>
parents:
448
diff
changeset
|
105 ses.reply_queue_head = NULL; |
|
4cab61369879
Prevent invalid packets being sent during key-exchange, instead queue
Matt Johnston <matt@ucc.asn.au>
parents:
448
diff
changeset
|
106 ses.reply_queue_tail = NULL; |
|
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
107 |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
108 /* set all the algos to none */ |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
109 ses.keys = (struct key_context*)m_malloc(sizeof(struct key_context)); |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
110 ses.newkeys = NULL; |
|
534
0431915df79f
- Get rid of decryptreadbuf, just decrypt in-place with readbuf
Matt Johnston <matt@ucc.asn.au>
parents:
531
diff
changeset
|
111 ses.keys->recv.algo_crypt = &dropbear_nocipher; |
|
0431915df79f
- Get rid of decryptreadbuf, just decrypt in-place with readbuf
Matt Johnston <matt@ucc.asn.au>
parents:
531
diff
changeset
|
112 ses.keys->trans.algo_crypt = &dropbear_nocipher; |
|
0431915df79f
- Get rid of decryptreadbuf, just decrypt in-place with readbuf
Matt Johnston <matt@ucc.asn.au>
parents:
531
diff
changeset
|
113 ses.keys->recv.crypt_mode = &dropbear_mode_none; |
|
0431915df79f
- Get rid of decryptreadbuf, just decrypt in-place with readbuf
Matt Johnston <matt@ucc.asn.au>
parents:
531
diff
changeset
|
114 ses.keys->trans.crypt_mode = &dropbear_mode_none; |
|
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
115 |
|
534
0431915df79f
- Get rid of decryptreadbuf, just decrypt in-place with readbuf
Matt Johnston <matt@ucc.asn.au>
parents:
531
diff
changeset
|
116 ses.keys->recv.algo_mac = &dropbear_nohash; |
|
0431915df79f
- Get rid of decryptreadbuf, just decrypt in-place with readbuf
Matt Johnston <matt@ucc.asn.au>
parents:
531
diff
changeset
|
117 ses.keys->trans.algo_mac = &dropbear_nohash; |
|
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
118 |
|
761
ac2158e3e403
ecc kind of works, needs fixing/testing
Matt Johnston <matt@ucc.asn.au>
parents:
705
diff
changeset
|
119 ses.keys->algo_kex = NULL; |
|
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
120 ses.keys->algo_hostkey = -1; |
|
534
0431915df79f
- Get rid of decryptreadbuf, just decrypt in-place with readbuf
Matt Johnston <matt@ucc.asn.au>
parents:
531
diff
changeset
|
121 ses.keys->recv.algo_comp = DROPBEAR_COMP_NONE; |
|
0431915df79f
- Get rid of decryptreadbuf, just decrypt in-place with readbuf
Matt Johnston <matt@ucc.asn.au>
parents:
531
diff
changeset
|
122 ses.keys->trans.algo_comp = DROPBEAR_COMP_NONE; |
|
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
123 |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
124 #ifndef DISABLE_ZLIB |
|
534
0431915df79f
- Get rid of decryptreadbuf, just decrypt in-place with readbuf
Matt Johnston <matt@ucc.asn.au>
parents:
531
diff
changeset
|
125 ses.keys->recv.zstream = NULL; |
|
0431915df79f
- Get rid of decryptreadbuf, just decrypt in-place with readbuf
Matt Johnston <matt@ucc.asn.au>
parents:
531
diff
changeset
|
126 ses.keys->trans.zstream = NULL; |
|
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
127 #endif |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
128 |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
129 /* key exchange buffers */ |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
130 ses.session_id = NULL; |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
131 ses.kexhashbuf = NULL; |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
132 ses.transkexinit = NULL; |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
133 ses.dh_K = NULL; |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
134 ses.remoteident = NULL; |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
135 |
|
6
ab00ef513e97
Sorted out the first channel init issues.
Matt Johnston <matt@ucc.asn.au>
parents:
4
diff
changeset
|
136 ses.chantypes = NULL; |
|
ab00ef513e97
Sorted out the first channel init issues.
Matt Johnston <matt@ucc.asn.au>
parents:
4
diff
changeset
|
137 |
|
21
d7cc5b484a2e
- Port restriction code back in
Matt Johnston <matt@ucc.asn.au>
parents:
6
diff
changeset
|
138 ses.allowprivport = 0; |
|
d7cc5b484a2e
- Port restriction code back in
Matt Johnston <matt@ucc.asn.au>
parents:
6
diff
changeset
|
139 |
|
165
0cfba3034be5
Fixed DEBUG_TRACE macro so that we don't get semicolons left about the place
Matt Johnston <matt@ucc.asn.au>
parents:
135
diff
changeset
|
140 TRACE(("leave session_init")) |
|
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
141 } |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
142 |
|
1531
fa733a314bee
use a full prototype (#56)
François Perrad <francois.perrad@gadz.org>
parents:
1495
diff
changeset
|
143 void session_loop(void(*loophandler)(void)) { |
| 26 | 144 |
| 145 fd_set readfd, writefd; | |
| 146 struct timeval timeout; | |
| 147 int val; | |
| 148 | |
| 149 /* main loop, select()s for all sockets in use */ | |
| 150 for(;;) { | |
|
1074
10f198d4a308
Make main socket nonblocking. Limit writequeue size.
Matt Johnston <matt@ucc.asn.au>
parents:
1060
diff
changeset
|
151 const int writequeue_has_space = (ses.writequeue_len <= 2*TRANS_MAX_PAYLOAD_LEN); |
| 26 | 152 |
|
454
7e43f5e473b9
- Add -K keepalive flag for dropbear and dbclient
Matt Johnston <matt@ucc.asn.au>
parents:
452
diff
changeset
|
153 timeout.tv_sec = select_timeout(); |
| 26 | 154 timeout.tv_usec = 0; |
|
1596
60fceff95858
workaround memory sanitizer FD_ZERO false positives
Matt Johnston <matt@ucc.asn.au>
parents:
1577
diff
changeset
|
155 DROPBEAR_FD_ZERO(&writefd); |
|
60fceff95858
workaround memory sanitizer FD_ZERO false positives
Matt Johnston <matt@ucc.asn.au>
parents:
1577
diff
changeset
|
156 DROPBEAR_FD_ZERO(&readfd); |
|
60fceff95858
workaround memory sanitizer FD_ZERO false positives
Matt Johnston <matt@ucc.asn.au>
parents:
1577
diff
changeset
|
157 |
|
241
c5d3ef11155f
* use own assertions which should get logged properly
Matt Johnston <matt@ucc.asn.au>
parents:
165
diff
changeset
|
158 dropbear_assert(ses.payload == NULL); |
|
726
78eda530c000
send out our kexinit packet before blocking to read the SSH version string
Matt Johnston <matt@ucc.asn.au>
parents:
705
diff
changeset
|
159 |
|
1151
a550e1e2e2a9
make sure that the test for queued packets to write occurs after
Matt Johnston <matt@ucc.asn.au>
parents:
1143
diff
changeset
|
160 /* We get woken up when signal handlers write to this pipe. |
|
a550e1e2e2a9
make sure that the test for queued packets to write occurs after
Matt Johnston <matt@ucc.asn.au>
parents:
1143
diff
changeset
|
161 SIGCHLD in svr-chansession is the only one currently. */ |
|
1558
2f64cb3d3007
- #if not #ifdef for DROPBEAR_FUZZ
Matt Johnston <matt@ucc.asn.au>
parents:
1546
diff
changeset
|
162 #if DROPBEAR_FUZZ |
| 1357 | 163 if (!fuzz.fuzzing) |
| 164 #endif | |
| 165 { | |
|
1151
a550e1e2e2a9
make sure that the test for queued packets to write occurs after
Matt Johnston <matt@ucc.asn.au>
parents:
1143
diff
changeset
|
166 FD_SET(ses.signal_pipe[0], &readfd); |
| 1357 | 167 } |
|
1151
a550e1e2e2a9
make sure that the test for queued packets to write occurs after
Matt Johnston <matt@ucc.asn.au>
parents:
1143
diff
changeset
|
168 |
|
a550e1e2e2a9
make sure that the test for queued packets to write occurs after
Matt Johnston <matt@ucc.asn.au>
parents:
1143
diff
changeset
|
169 /* set up for channels which can be read/written */ |
|
a550e1e2e2a9
make sure that the test for queued packets to write occurs after
Matt Johnston <matt@ucc.asn.au>
parents:
1143
diff
changeset
|
170 setchannelfds(&readfd, &writefd, writequeue_has_space); |
|
a550e1e2e2a9
make sure that the test for queued packets to write occurs after
Matt Johnston <matt@ucc.asn.au>
parents:
1143
diff
changeset
|
171 |
|
a550e1e2e2a9
make sure that the test for queued packets to write occurs after
Matt Johnston <matt@ucc.asn.au>
parents:
1143
diff
changeset
|
172 /* Pending connections to test */ |
|
a550e1e2e2a9
make sure that the test for queued packets to write occurs after
Matt Johnston <matt@ucc.asn.au>
parents:
1143
diff
changeset
|
173 set_connect_fds(&writefd); |
|
a550e1e2e2a9
make sure that the test for queued packets to write occurs after
Matt Johnston <matt@ucc.asn.au>
parents:
1143
diff
changeset
|
174 |
|
1060
4c733310c21d
reword comment for clarity
Matt Johnston <matt@ucc.asn.au>
parents:
1050
diff
changeset
|
175 /* We delay reading from the input socket during initial setup until |
|
4c733310c21d
reword comment for clarity
Matt Johnston <matt@ucc.asn.au>
parents:
1050
diff
changeset
|
176 after we have written out our initial KEXINIT packet (empty writequeue). |
|
4c733310c21d
reword comment for clarity
Matt Johnston <matt@ucc.asn.au>
parents:
1050
diff
changeset
|
177 This means our initial packet can be in-flight while we're doing a blocking |
|
1074
10f198d4a308
Make main socket nonblocking. Limit writequeue size.
Matt Johnston <matt@ucc.asn.au>
parents:
1060
diff
changeset
|
178 read for the remote ident. |
|
10f198d4a308
Make main socket nonblocking. Limit writequeue size.
Matt Johnston <matt@ucc.asn.au>
parents:
1060
diff
changeset
|
179 We also avoid reading from the socket if the writequeue is full, that avoids |
|
10f198d4a308
Make main socket nonblocking. Limit writequeue size.
Matt Johnston <matt@ucc.asn.au>
parents:
1060
diff
changeset
|
180 replies backing up */ |
|
10f198d4a308
Make main socket nonblocking. Limit writequeue size.
Matt Johnston <matt@ucc.asn.au>
parents:
1060
diff
changeset
|
181 if (ses.sock_in != -1 |
|
10f198d4a308
Make main socket nonblocking. Limit writequeue size.
Matt Johnston <matt@ucc.asn.au>
parents:
1060
diff
changeset
|
182 && (ses.remoteident || isempty(&ses.writequeue)) |
|
10f198d4a308
Make main socket nonblocking. Limit writequeue size.
Matt Johnston <matt@ucc.asn.au>
parents:
1060
diff
changeset
|
183 && writequeue_has_space) { |
|
479
e3db1f7a2e43
- Split main socket var into ses.sock_in/ses.sock_out in preparation
Matt Johnston <matt@ucc.asn.au>
parents:
454
diff
changeset
|
184 FD_SET(ses.sock_in, &readfd); |
|
e3db1f7a2e43
- Split main socket var into ses.sock_in/ses.sock_out in preparation
Matt Johnston <matt@ucc.asn.au>
parents:
454
diff
changeset
|
185 } |
|
1151
a550e1e2e2a9
make sure that the test for queued packets to write occurs after
Matt Johnston <matt@ucc.asn.au>
parents:
1143
diff
changeset
|
186 |
|
a550e1e2e2a9
make sure that the test for queued packets to write occurs after
Matt Johnston <matt@ucc.asn.au>
parents:
1143
diff
changeset
|
187 /* Ordering is important, this test must occur after any other function |
|
a550e1e2e2a9
make sure that the test for queued packets to write occurs after
Matt Johnston <matt@ucc.asn.au>
parents:
1143
diff
changeset
|
188 might have queued packets (such as connection handlers) */ |
|
479
e3db1f7a2e43
- Split main socket var into ses.sock_in/ses.sock_out in preparation
Matt Johnston <matt@ucc.asn.au>
parents:
454
diff
changeset
|
189 if (ses.sock_out != -1 && !isempty(&ses.writequeue)) { |
|
e3db1f7a2e43
- Split main socket var into ses.sock_in/ses.sock_out in preparation
Matt Johnston <matt@ucc.asn.au>
parents:
454
diff
changeset
|
190 FD_SET(ses.sock_out, &writefd); |
| 26 | 191 } |
| 1025 | 192 |
| 26 | 193 val = select(ses.maxfd+1, &readfd, &writefd, NULL, &timeout); |
| 194 | |
|
1495
0c16b4ccbd54
make signal flags volatile, simplify handling
Matt Johnston <matt@ucc.asn.au>
parents:
1316
diff
changeset
|
195 if (ses.exitflag) { |
| 26 | 196 dropbear_exit("Terminated by signal"); |
| 197 } | |
| 198 | |
|
373
70caa99bfe3a
Tidy up behaviour when select() is interrupted. We follow normal
Matt Johnston <matt@ucc.asn.au>
parents:
344
diff
changeset
|
199 if (val < 0 && errno != EINTR) { |
|
70caa99bfe3a
Tidy up behaviour when select() is interrupted. We follow normal
Matt Johnston <matt@ucc.asn.au>
parents:
344
diff
changeset
|
200 dropbear_exit("Error in select"); |
|
70caa99bfe3a
Tidy up behaviour when select() is interrupted. We follow normal
Matt Johnston <matt@ucc.asn.au>
parents:
344
diff
changeset
|
201 } |
|
70caa99bfe3a
Tidy up behaviour when select() is interrupted. We follow normal
Matt Johnston <matt@ucc.asn.au>
parents:
344
diff
changeset
|
202 |
|
70caa99bfe3a
Tidy up behaviour when select() is interrupted. We follow normal
Matt Johnston <matt@ucc.asn.au>
parents:
344
diff
changeset
|
203 if (val <= 0) { |
|
70caa99bfe3a
Tidy up behaviour when select() is interrupted. We follow normal
Matt Johnston <matt@ucc.asn.au>
parents:
344
diff
changeset
|
204 /* If we were interrupted or the select timed out, we still |
|
70caa99bfe3a
Tidy up behaviour when select() is interrupted. We follow normal
Matt Johnston <matt@ucc.asn.au>
parents:
344
diff
changeset
|
205 * want to iterate over channels etc for reading, to handle |
|
70caa99bfe3a
Tidy up behaviour when select() is interrupted. We follow normal
Matt Johnston <matt@ucc.asn.au>
parents:
344
diff
changeset
|
206 * server processes exiting etc. |
|
70caa99bfe3a
Tidy up behaviour when select() is interrupted. We follow normal
Matt Johnston <matt@ucc.asn.au>
parents:
344
diff
changeset
|
207 * We don't want to read/write FDs. */ |
|
1596
60fceff95858
workaround memory sanitizer FD_ZERO false positives
Matt Johnston <matt@ucc.asn.au>
parents:
1577
diff
changeset
|
208 DROPBEAR_FD_ZERO(&writefd); |
|
60fceff95858
workaround memory sanitizer FD_ZERO false positives
Matt Johnston <matt@ucc.asn.au>
parents:
1577
diff
changeset
|
209 DROPBEAR_FD_ZERO(&readfd); |
| 26 | 210 } |
|
416
a01c0c8e543a
Improve behaviour when flushing out after a process has exited.
Matt Johnston <matt@ucc.asn.au>
parents:
373
diff
changeset
|
211 |
|
a01c0c8e543a
Improve behaviour when flushing out after a process has exited.
Matt Johnston <matt@ucc.asn.au>
parents:
373
diff
changeset
|
212 /* We'll just empty out the pipe if required. We don't do |
|
a01c0c8e543a
Improve behaviour when flushing out after a process has exited.
Matt Johnston <matt@ucc.asn.au>
parents:
373
diff
changeset
|
213 any thing with the data, since the pipe's purpose is purely to |
|
a01c0c8e543a
Improve behaviour when flushing out after a process has exited.
Matt Johnston <matt@ucc.asn.au>
parents:
373
diff
changeset
|
214 wake up the select() above. */ |
|
1495
0c16b4ccbd54
make signal flags volatile, simplify handling
Matt Johnston <matt@ucc.asn.au>
parents:
1316
diff
changeset
|
215 ses.channel_signal_pending = 0; |
|
416
a01c0c8e543a
Improve behaviour when flushing out after a process has exited.
Matt Johnston <matt@ucc.asn.au>
parents:
373
diff
changeset
|
216 if (FD_ISSET(ses.signal_pipe[0], &readfd)) { |
|
a01c0c8e543a
Improve behaviour when flushing out after a process has exited.
Matt Johnston <matt@ucc.asn.au>
parents:
373
diff
changeset
|
217 char x; |
|
1191
b370b4b172d0
Fix ses.channel_signal_pending race
Matt Johnston <matt@ucc.asn.au>
parents:
1151
diff
changeset
|
218 TRACE(("signal pipe set")) |
|
416
a01c0c8e543a
Improve behaviour when flushing out after a process has exited.
Matt Johnston <matt@ucc.asn.au>
parents:
373
diff
changeset
|
219 while (read(ses.signal_pipe[0], &x, 1) > 0) {} |
|
1191
b370b4b172d0
Fix ses.channel_signal_pending race
Matt Johnston <matt@ucc.asn.au>
parents:
1151
diff
changeset
|
220 ses.channel_signal_pending = 1; |
|
416
a01c0c8e543a
Improve behaviour when flushing out after a process has exited.
Matt Johnston <matt@ucc.asn.au>
parents:
373
diff
changeset
|
221 } |
| 26 | 222 |
| 223 /* check for auth timeout, rekeying required etc */ | |
| 224 checktimeouts(); | |
| 225 | |
|
929
9d40ed1da686
Experiment of always writing data if available. Might waste a writev() with
Matt Johnston <matt@ucc.asn.au>
parents:
928
diff
changeset
|
226 /* process session socket's incoming data */ |
|
479
e3db1f7a2e43
- Split main socket var into ses.sock_in/ses.sock_out in preparation
Matt Johnston <matt@ucc.asn.au>
parents:
454
diff
changeset
|
227 if (ses.sock_in != -1) { |
|
e3db1f7a2e43
- Split main socket var into ses.sock_in/ses.sock_out in preparation
Matt Johnston <matt@ucc.asn.au>
parents:
454
diff
changeset
|
228 if (FD_ISSET(ses.sock_in, &readfd)) { |
|
726
78eda530c000
send out our kexinit packet before blocking to read the SSH version string
Matt Johnston <matt@ucc.asn.au>
parents:
705
diff
changeset
|
229 if (!ses.remoteident) { |
|
78eda530c000
send out our kexinit packet before blocking to read the SSH version string
Matt Johnston <matt@ucc.asn.au>
parents:
705
diff
changeset
|
230 /* blocking read of the version string */ |
|
78eda530c000
send out our kexinit packet before blocking to read the SSH version string
Matt Johnston <matt@ucc.asn.au>
parents:
705
diff
changeset
|
231 read_session_identification(); |
|
78eda530c000
send out our kexinit packet before blocking to read the SSH version string
Matt Johnston <matt@ucc.asn.au>
parents:
705
diff
changeset
|
232 } else { |
|
78eda530c000
send out our kexinit packet before blocking to read the SSH version string
Matt Johnston <matt@ucc.asn.au>
parents:
705
diff
changeset
|
233 read_packet(); |
|
78eda530c000
send out our kexinit packet before blocking to read the SSH version string
Matt Johnston <matt@ucc.asn.au>
parents:
705
diff
changeset
|
234 } |
| 26 | 235 } |
| 236 | |
| 237 /* Process the decrypted packet. After this, the read buffer | |
| 238 * will be ready for a new packet */ | |
| 239 if (ses.payload != NULL) { | |
| 240 process_packet(); | |
| 241 } | |
| 242 } | |
| 1025 | 243 |
|
452
4cab61369879
Prevent invalid packets being sent during key-exchange, instead queue
Matt Johnston <matt@ucc.asn.au>
parents:
448
diff
changeset
|
244 /* if required, flush out any queued reply packets that |
|
4cab61369879
Prevent invalid packets being sent during key-exchange, instead queue
Matt Johnston <matt@ucc.asn.au>
parents:
448
diff
changeset
|
245 were being held up during a KEX */ |
|
4cab61369879
Prevent invalid packets being sent during key-exchange, instead queue
Matt Johnston <matt@ucc.asn.au>
parents:
448
diff
changeset
|
246 maybe_flush_reply_queue(); |
| 26 | 247 |
| 1025 | 248 handle_connect_fds(&writefd); |
| 249 | |
|
1495
0c16b4ccbd54
make signal flags volatile, simplify handling
Matt Johnston <matt@ucc.asn.au>
parents:
1316
diff
changeset
|
250 /* loop handler prior to channelio, in case the server loophandler closes |
|
0c16b4ccbd54
make signal flags volatile, simplify handling
Matt Johnston <matt@ucc.asn.au>
parents:
1316
diff
changeset
|
251 channels on process exit */ |
|
0c16b4ccbd54
make signal flags volatile, simplify handling
Matt Johnston <matt@ucc.asn.au>
parents:
1316
diff
changeset
|
252 loophandler(); |
|
0c16b4ccbd54
make signal flags volatile, simplify handling
Matt Johnston <matt@ucc.asn.au>
parents:
1316
diff
changeset
|
253 |
| 26 | 254 /* process pipes etc for the channels, ses.dataallowed == 0 |
| 255 * during rekeying ) */ | |
|
896
a1a97e98b0c1
Read (and enqueue) packets from interactive input even when
Matt Johnston <matt@ucc.asn.au>
parents:
891
diff
changeset
|
256 channelio(&readfd, &writefd); |
| 26 | 257 |
|
929
9d40ed1da686
Experiment of always writing data if available. Might waste a writev() with
Matt Johnston <matt@ucc.asn.au>
parents:
928
diff
changeset
|
258 /* process session socket's outgoing data */ |
|
9d40ed1da686
Experiment of always writing data if available. Might waste a writev() with
Matt Johnston <matt@ucc.asn.au>
parents:
928
diff
changeset
|
259 if (ses.sock_out != -1) { |
|
9d40ed1da686
Experiment of always writing data if available. Might waste a writev() with
Matt Johnston <matt@ucc.asn.au>
parents:
928
diff
changeset
|
260 if (!isempty(&ses.writequeue)) { |
|
9d40ed1da686
Experiment of always writing data if available. Might waste a writev() with
Matt Johnston <matt@ucc.asn.au>
parents:
928
diff
changeset
|
261 write_packet(); |
|
9d40ed1da686
Experiment of always writing data if available. Might waste a writev() with
Matt Johnston <matt@ucc.asn.au>
parents:
928
diff
changeset
|
262 } |
|
9d40ed1da686
Experiment of always writing data if available. Might waste a writev() with
Matt Johnston <matt@ucc.asn.au>
parents:
928
diff
changeset
|
263 } |
|
9d40ed1da686
Experiment of always writing data if available. Might waste a writev() with
Matt Johnston <matt@ucc.asn.au>
parents:
928
diff
changeset
|
264 |
| 26 | 265 } /* for(;;) */ |
| 266 | |
| 267 /* Not reached */ | |
| 268 } | |
| 269 | |
|
1040
2b4fd440399d
Free memory before exiting. Based on patch from Thorsten Horstmann.
Matt Johnston <matt@ucc.asn.au>
parents:
1038
diff
changeset
|
270 static void cleanup_buf(buffer **buf) { |
|
2b4fd440399d
Free memory before exiting. Based on patch from Thorsten Horstmann.
Matt Johnston <matt@ucc.asn.au>
parents:
1038
diff
changeset
|
271 if (!*buf) { |
|
2b4fd440399d
Free memory before exiting. Based on patch from Thorsten Horstmann.
Matt Johnston <matt@ucc.asn.au>
parents:
1038
diff
changeset
|
272 return; |
|
2b4fd440399d
Free memory before exiting. Based on patch from Thorsten Horstmann.
Matt Johnston <matt@ucc.asn.au>
parents:
1038
diff
changeset
|
273 } |
|
2b4fd440399d
Free memory before exiting. Based on patch from Thorsten Horstmann.
Matt Johnston <matt@ucc.asn.au>
parents:
1038
diff
changeset
|
274 buf_burn(*buf); |
|
2b4fd440399d
Free memory before exiting. Based on patch from Thorsten Horstmann.
Matt Johnston <matt@ucc.asn.au>
parents:
1038
diff
changeset
|
275 buf_free(*buf); |
|
2b4fd440399d
Free memory before exiting. Based on patch from Thorsten Horstmann.
Matt Johnston <matt@ucc.asn.au>
parents:
1038
diff
changeset
|
276 *buf = NULL; |
|
2b4fd440399d
Free memory before exiting. Based on patch from Thorsten Horstmann.
Matt Johnston <matt@ucc.asn.au>
parents:
1038
diff
changeset
|
277 } |
|
2b4fd440399d
Free memory before exiting. Based on patch from Thorsten Horstmann.
Matt Johnston <matt@ucc.asn.au>
parents:
1038
diff
changeset
|
278 |
|
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
279 /* clean up a session on exit */ |
|
733
70811267715c
Run the cleanup handler also when we close due to TCP connection being closed
Matt Johnston <matt@ucc.asn.au>
parents:
726
diff
changeset
|
280 void session_cleanup() { |
|
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
281 |
|
165
0cfba3034be5
Fixed DEBUG_TRACE macro so that we don't get semicolons left about the place
Matt Johnston <matt@ucc.asn.au>
parents:
135
diff
changeset
|
282 TRACE(("enter session_cleanup")) |
|
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
283 |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
284 /* we can't cleanup if we don't know the session state */ |
|
1495
0c16b4ccbd54
make signal flags volatile, simplify handling
Matt Johnston <matt@ucc.asn.au>
parents:
1316
diff
changeset
|
285 if (!ses.init_done) { |
|
0c16b4ccbd54
make signal flags volatile, simplify handling
Matt Johnston <matt@ucc.asn.au>
parents:
1316
diff
changeset
|
286 TRACE(("leave session_cleanup: !ses.init_done")) |
|
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
287 return; |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
288 } |
|
733
70811267715c
Run the cleanup handler also when we close due to TCP connection being closed
Matt Johnston <matt@ucc.asn.au>
parents:
726
diff
changeset
|
289 |
| 1079 | 290 /* BEWARE of changing order of functions here. */ |
|
1041
3fb883a6aa81
Some additional cleanup functions
Matt Johnston <matt@ucc.asn.au>
parents:
1040
diff
changeset
|
291 |
|
3fb883a6aa81
Some additional cleanup functions
Matt Johnston <matt@ucc.asn.au>
parents:
1040
diff
changeset
|
292 /* Must be before extra_session_cleanup() */ |
|
3fb883a6aa81
Some additional cleanup functions
Matt Johnston <matt@ucc.asn.au>
parents:
1040
diff
changeset
|
293 chancleanup(); |
|
3fb883a6aa81
Some additional cleanup functions
Matt Johnston <matt@ucc.asn.au>
parents:
1040
diff
changeset
|
294 |
|
733
70811267715c
Run the cleanup handler also when we close due to TCP connection being closed
Matt Johnston <matt@ucc.asn.au>
parents:
726
diff
changeset
|
295 if (ses.extra_session_cleanup) { |
|
70811267715c
Run the cleanup handler also when we close due to TCP connection being closed
Matt Johnston <matt@ucc.asn.au>
parents:
726
diff
changeset
|
296 ses.extra_session_cleanup(); |
|
70811267715c
Run the cleanup handler also when we close due to TCP connection being closed
Matt Johnston <matt@ucc.asn.au>
parents:
726
diff
changeset
|
297 } |
|
891
e78f5ce6e7bb
cleanup before clearing keys
Matt Johnston <matt@ucc.asn.au>
parents:
886
diff
changeset
|
298 |
| 1079 | 299 /* After these are freed most functions will fail */ |
|
1295
750ec4ec4cbe
Convert #ifdef to #if, other build changes
Matt Johnston <matt@ucc.asn.au>
parents:
1292
diff
changeset
|
300 #if DROPBEAR_CLEANUP |
|
1040
2b4fd440399d
Free memory before exiting. Based on patch from Thorsten Horstmann.
Matt Johnston <matt@ucc.asn.au>
parents:
1038
diff
changeset
|
301 /* listeners call cleanup functions, this should occur before |
|
2b4fd440399d
Free memory before exiting. Based on patch from Thorsten Horstmann.
Matt Johnston <matt@ucc.asn.au>
parents:
1038
diff
changeset
|
302 other session state is freed. */ |
|
2b4fd440399d
Free memory before exiting. Based on patch from Thorsten Horstmann.
Matt Johnston <matt@ucc.asn.au>
parents:
1038
diff
changeset
|
303 remove_all_listeners(); |
|
2b4fd440399d
Free memory before exiting. Based on patch from Thorsten Horstmann.
Matt Johnston <matt@ucc.asn.au>
parents:
1038
diff
changeset
|
304 |
| 1050 | 305 remove_connect_pending(); |
| 306 | |
|
1040
2b4fd440399d
Free memory before exiting. Based on patch from Thorsten Horstmann.
Matt Johnston <matt@ucc.asn.au>
parents:
1038
diff
changeset
|
307 while (!isempty(&ses.writequeue)) { |
|
2b4fd440399d
Free memory before exiting. Based on patch from Thorsten Horstmann.
Matt Johnston <matt@ucc.asn.au>
parents:
1038
diff
changeset
|
308 buf_free(dequeue(&ses.writequeue)); |
|
761
ac2158e3e403
ecc kind of works, needs fixing/testing
Matt Johnston <matt@ucc.asn.au>
parents:
705
diff
changeset
|
309 } |
|
1040
2b4fd440399d
Free memory before exiting. Based on patch from Thorsten Horstmann.
Matt Johnston <matt@ucc.asn.au>
parents:
1038
diff
changeset
|
310 |
|
1358
6b89eb92f872
glaring wrapfd problems fixed
Matt Johnston <matt@ucc.asn.au>
parents:
1357
diff
changeset
|
311 m_free(ses.newkeys); |
|
6b89eb92f872
glaring wrapfd problems fixed
Matt Johnston <matt@ucc.asn.au>
parents:
1357
diff
changeset
|
312 #ifndef DISABLE_ZLIB |
|
6b89eb92f872
glaring wrapfd problems fixed
Matt Johnston <matt@ucc.asn.au>
parents:
1357
diff
changeset
|
313 if (ses.keys->recv.zstream != NULL) { |
|
6b89eb92f872
glaring wrapfd problems fixed
Matt Johnston <matt@ucc.asn.au>
parents:
1357
diff
changeset
|
314 if (inflateEnd(ses.keys->recv.zstream) == Z_STREAM_ERROR) { |
|
6b89eb92f872
glaring wrapfd problems fixed
Matt Johnston <matt@ucc.asn.au>
parents:
1357
diff
changeset
|
315 dropbear_exit("Crypto error"); |
|
6b89eb92f872
glaring wrapfd problems fixed
Matt Johnston <matt@ucc.asn.au>
parents:
1357
diff
changeset
|
316 } |
|
6b89eb92f872
glaring wrapfd problems fixed
Matt Johnston <matt@ucc.asn.au>
parents:
1357
diff
changeset
|
317 m_free(ses.keys->recv.zstream); |
|
6b89eb92f872
glaring wrapfd problems fixed
Matt Johnston <matt@ucc.asn.au>
parents:
1357
diff
changeset
|
318 } |
|
6b89eb92f872
glaring wrapfd problems fixed
Matt Johnston <matt@ucc.asn.au>
parents:
1357
diff
changeset
|
319 #endif |
|
6b89eb92f872
glaring wrapfd problems fixed
Matt Johnston <matt@ucc.asn.au>
parents:
1357
diff
changeset
|
320 |
|
1040
2b4fd440399d
Free memory before exiting. Based on patch from Thorsten Horstmann.
Matt Johnston <matt@ucc.asn.au>
parents:
1038
diff
changeset
|
321 m_free(ses.remoteident); |
|
2b4fd440399d
Free memory before exiting. Based on patch from Thorsten Horstmann.
Matt Johnston <matt@ucc.asn.au>
parents:
1038
diff
changeset
|
322 m_free(ses.authstate.pw_dir); |
|
2b4fd440399d
Free memory before exiting. Based on patch from Thorsten Horstmann.
Matt Johnston <matt@ucc.asn.au>
parents:
1038
diff
changeset
|
323 m_free(ses.authstate.pw_name); |
|
2b4fd440399d
Free memory before exiting. Based on patch from Thorsten Horstmann.
Matt Johnston <matt@ucc.asn.au>
parents:
1038
diff
changeset
|
324 m_free(ses.authstate.pw_shell); |
|
2b4fd440399d
Free memory before exiting. Based on patch from Thorsten Horstmann.
Matt Johnston <matt@ucc.asn.au>
parents:
1038
diff
changeset
|
325 m_free(ses.authstate.pw_passwd); |
|
2b4fd440399d
Free memory before exiting. Based on patch from Thorsten Horstmann.
Matt Johnston <matt@ucc.asn.au>
parents:
1038
diff
changeset
|
326 m_free(ses.authstate.username); |
|
2b4fd440399d
Free memory before exiting. Based on patch from Thorsten Horstmann.
Matt Johnston <matt@ucc.asn.au>
parents:
1038
diff
changeset
|
327 #endif |
|
2b4fd440399d
Free memory before exiting. Based on patch from Thorsten Horstmann.
Matt Johnston <matt@ucc.asn.au>
parents:
1038
diff
changeset
|
328 |
|
2b4fd440399d
Free memory before exiting. Based on patch from Thorsten Horstmann.
Matt Johnston <matt@ucc.asn.au>
parents:
1038
diff
changeset
|
329 cleanup_buf(&ses.session_id); |
|
2b4fd440399d
Free memory before exiting. Based on patch from Thorsten Horstmann.
Matt Johnston <matt@ucc.asn.au>
parents:
1038
diff
changeset
|
330 cleanup_buf(&ses.hash); |
|
2b4fd440399d
Free memory before exiting. Based on patch from Thorsten Horstmann.
Matt Johnston <matt@ucc.asn.au>
parents:
1038
diff
changeset
|
331 cleanup_buf(&ses.payload); |
|
2b4fd440399d
Free memory before exiting. Based on patch from Thorsten Horstmann.
Matt Johnston <matt@ucc.asn.au>
parents:
1038
diff
changeset
|
332 cleanup_buf(&ses.readbuf); |
|
2b4fd440399d
Free memory before exiting. Based on patch from Thorsten Horstmann.
Matt Johnston <matt@ucc.asn.au>
parents:
1038
diff
changeset
|
333 cleanup_buf(&ses.writepayload); |
|
1041
3fb883a6aa81
Some additional cleanup functions
Matt Johnston <matt@ucc.asn.au>
parents:
1040
diff
changeset
|
334 cleanup_buf(&ses.kexhashbuf); |
|
3fb883a6aa81
Some additional cleanup functions
Matt Johnston <matt@ucc.asn.au>
parents:
1040
diff
changeset
|
335 cleanup_buf(&ses.transkexinit); |
|
3fb883a6aa81
Some additional cleanup functions
Matt Johnston <matt@ucc.asn.au>
parents:
1040
diff
changeset
|
336 if (ses.dh_K) { |
|
3fb883a6aa81
Some additional cleanup functions
Matt Johnston <matt@ucc.asn.au>
parents:
1040
diff
changeset
|
337 mp_clear(ses.dh_K); |
|
3fb883a6aa81
Some additional cleanup functions
Matt Johnston <matt@ucc.asn.au>
parents:
1040
diff
changeset
|
338 } |
|
3fb883a6aa81
Some additional cleanup functions
Matt Johnston <matt@ucc.asn.au>
parents:
1040
diff
changeset
|
339 m_free(ses.dh_K); |
|
1040
2b4fd440399d
Free memory before exiting. Based on patch from Thorsten Horstmann.
Matt Johnston <matt@ucc.asn.au>
parents:
1038
diff
changeset
|
340 |
|
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
341 m_burn(ses.keys, sizeof(struct key_context)); |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
342 m_free(ses.keys); |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
343 |
|
165
0cfba3034be5
Fixed DEBUG_TRACE macro so that we don't get semicolons left about the place
Matt Johnston <matt@ucc.asn.au>
parents:
135
diff
changeset
|
344 TRACE(("leave session_cleanup")) |
|
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
345 } |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
346 |
|
726
78eda530c000
send out our kexinit packet before blocking to read the SSH version string
Matt Johnston <matt@ucc.asn.au>
parents:
705
diff
changeset
|
347 void send_session_identification() { |
|
751
685d05f1cc5c
Just put the version string on the queue, don't use atomicio
Matt Johnston <matt@ucc.asn.au>
parents:
733
diff
changeset
|
348 buffer *writebuf = buf_new(strlen(LOCAL_IDENT "\r\n") + 1); |
|
1094
c45d65392c1a
Fix pointer differ in signess warnings [-Werror=pointer-sign]
Gaël PORTAY <gael.portay@gmail.com>
parents:
1079
diff
changeset
|
349 buf_putbytes(writebuf, (const unsigned char *) LOCAL_IDENT "\r\n", strlen(LOCAL_IDENT "\r\n")); |
|
1577
399d8eb961b5
get rid of unused packet_type in encrypted write queue
Matt Johnston <matt@ucc.asn.au>
parents:
1558
diff
changeset
|
350 writebuf_enqueue(writebuf); |
|
726
78eda530c000
send out our kexinit packet before blocking to read the SSH version string
Matt Johnston <matt@ucc.asn.au>
parents:
705
diff
changeset
|
351 } |
|
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
352 |
|
726
78eda530c000
send out our kexinit packet before blocking to read the SSH version string
Matt Johnston <matt@ucc.asn.au>
parents:
705
diff
changeset
|
353 static void read_session_identification() { |
|
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
354 /* max length of 255 chars */ |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
355 char linebuf[256]; |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
356 int len = 0; |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
357 char done = 0; |
|
103
8aeac62a968f
Allow leading lines before the ident banner when connecting
Matt Johnston <matt@ucc.asn.au>
parents:
41
diff
changeset
|
358 int i; |
|
513
a3748e54273c
Idle timeout patch from Farrell Aultman. Needs testing, unsure if server
Matt Johnston <matt@ucc.asn.au>
parents:
502
diff
changeset
|
359 /* If they send more than 50 lines, something is wrong */ |
|
275
7f9adaf85fca
Exit with a message if the ssh protocol version is incompatible
Matt Johnston <matt@ucc.asn.au>
parents:
242
diff
changeset
|
360 for (i = 0; i < 50; i++) { |
|
479
e3db1f7a2e43
- Split main socket var into ses.sock_in/ses.sock_out in preparation
Matt Johnston <matt@ucc.asn.au>
parents:
454
diff
changeset
|
361 len = ident_readln(ses.sock_in, linebuf, sizeof(linebuf)); |
|
103
8aeac62a968f
Allow leading lines before the ident banner when connecting
Matt Johnston <matt@ucc.asn.au>
parents:
41
diff
changeset
|
362 |
|
8aeac62a968f
Allow leading lines before the ident banner when connecting
Matt Johnston <matt@ucc.asn.au>
parents:
41
diff
changeset
|
363 if (len < 0 && errno != EINTR) { |
|
8aeac62a968f
Allow leading lines before the ident banner when connecting
Matt Johnston <matt@ucc.asn.au>
parents:
41
diff
changeset
|
364 /* It failed */ |
|
8aeac62a968f
Allow leading lines before the ident banner when connecting
Matt Johnston <matt@ucc.asn.au>
parents:
41
diff
changeset
|
365 break; |
|
8aeac62a968f
Allow leading lines before the ident banner when connecting
Matt Johnston <matt@ucc.asn.au>
parents:
41
diff
changeset
|
366 } |
|
8aeac62a968f
Allow leading lines before the ident banner when connecting
Matt Johnston <matt@ucc.asn.au>
parents:
41
diff
changeset
|
367 |
|
8aeac62a968f
Allow leading lines before the ident banner when connecting
Matt Johnston <matt@ucc.asn.au>
parents:
41
diff
changeset
|
368 if (len >= 4 && memcmp(linebuf, "SSH-", 4) == 0) { |
|
8aeac62a968f
Allow leading lines before the ident banner when connecting
Matt Johnston <matt@ucc.asn.au>
parents:
41
diff
changeset
|
369 /* start of line matches */ |
|
8aeac62a968f
Allow leading lines before the ident banner when connecting
Matt Johnston <matt@ucc.asn.au>
parents:
41
diff
changeset
|
370 done = 1; |
|
8aeac62a968f
Allow leading lines before the ident banner when connecting
Matt Johnston <matt@ucc.asn.au>
parents:
41
diff
changeset
|
371 break; |
|
8aeac62a968f
Allow leading lines before the ident banner when connecting
Matt Johnston <matt@ucc.asn.au>
parents:
41
diff
changeset
|
372 } |
|
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
373 } |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
374 |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
375 if (!done) { |
|
1302
6a14b1f6dc04
better TRACE of failed remote ident
Matt Johnston <matt@ucc.asn.au>
parents:
1276
diff
changeset
|
376 TRACE(("error reading remote ident: %s\n", strerror(errno))) |
|
344
bf29e6659fb9
Just use the normal "remote closed" handler when reading ident stings
Matt Johnston <matt@ucc.asn.au>
parents:
275
diff
changeset
|
377 ses.remoteclosed(); |
|
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
378 } else { |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
379 /* linebuf is already null terminated */ |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
380 ses.remoteident = m_malloc(len); |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
381 memcpy(ses.remoteident, linebuf, len); |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
382 } |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
383 |
|
513
a3748e54273c
Idle timeout patch from Farrell Aultman. Needs testing, unsure if server
Matt Johnston <matt@ucc.asn.au>
parents:
502
diff
changeset
|
384 /* Shall assume that 2.x will be backwards compatible. */ |
|
a3748e54273c
Idle timeout patch from Farrell Aultman. Needs testing, unsure if server
Matt Johnston <matt@ucc.asn.au>
parents:
502
diff
changeset
|
385 if (strncmp(ses.remoteident, "SSH-2.", 6) != 0 |
|
a3748e54273c
Idle timeout patch from Farrell Aultman. Needs testing, unsure if server
Matt Johnston <matt@ucc.asn.au>
parents:
502
diff
changeset
|
386 && strncmp(ses.remoteident, "SSH-1.99-", 9) != 0) { |
|
a3748e54273c
Idle timeout patch from Farrell Aultman. Needs testing, unsure if server
Matt Johnston <matt@ucc.asn.au>
parents:
502
diff
changeset
|
387 dropbear_exit("Incompatible remote version '%s'", ses.remoteident); |
|
a3748e54273c
Idle timeout patch from Farrell Aultman. Needs testing, unsure if server
Matt Johnston <matt@ucc.asn.au>
parents:
502
diff
changeset
|
388 } |
|
275
7f9adaf85fca
Exit with a message if the ssh protocol version is incompatible
Matt Johnston <matt@ucc.asn.au>
parents:
242
diff
changeset
|
389 |
|
165
0cfba3034be5
Fixed DEBUG_TRACE macro so that we don't get semicolons left about the place
Matt Johnston <matt@ucc.asn.au>
parents:
135
diff
changeset
|
390 TRACE(("remoteident: %s", ses.remoteident)) |
|
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
391 |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
392 } |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
393 |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
394 /* returns the length including null-terminating zero on success, |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
395 * or -1 on failure */ |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
396 static int ident_readln(int fd, char* buf, int count) { |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
397 |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
398 char in; |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
399 int pos = 0; |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
400 int num = 0; |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
401 fd_set fds; |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
402 struct timeval timeout; |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
403 |
|
165
0cfba3034be5
Fixed DEBUG_TRACE macro so that we don't get semicolons left about the place
Matt Johnston <matt@ucc.asn.au>
parents:
135
diff
changeset
|
404 TRACE(("enter ident_readln")) |
|
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
405 |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
406 if (count < 1) { |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
407 return -1; |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
408 } |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
409 |
|
1596
60fceff95858
workaround memory sanitizer FD_ZERO false positives
Matt Johnston <matt@ucc.asn.au>
parents:
1577
diff
changeset
|
410 DROPBEAR_FD_ZERO(&fds); |
|
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
411 |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
412 /* select since it's a non-blocking fd */ |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
413 |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
414 /* leave space to null-terminate */ |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
415 while (pos < count-1) { |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
416 |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
417 FD_SET(fd, &fds); |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
418 |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
419 timeout.tv_sec = 1; |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
420 timeout.tv_usec = 0; |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
421 if (select(fd+1, &fds, NULL, NULL, &timeout) < 0) { |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
422 if (errno == EINTR) { |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
423 continue; |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
424 } |
|
165
0cfba3034be5
Fixed DEBUG_TRACE macro so that we don't get semicolons left about the place
Matt Johnston <matt@ucc.asn.au>
parents:
135
diff
changeset
|
425 TRACE(("leave ident_readln: select error")) |
|
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
426 return -1; |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
427 } |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
428 |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
429 checktimeouts(); |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
430 |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
431 /* Have to go one byte at a time, since we don't want to read past |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
432 * the end, and have to somehow shove bytes back into the normal |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
433 * packet reader */ |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
434 if (FD_ISSET(fd, &fds)) { |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
435 num = read(fd, &in, 1); |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
436 /* a "\n" is a newline, "\r" we want to read in and keep going |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
437 * so that it won't be read as part of the next line */ |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
438 if (num < 0) { |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
439 /* error */ |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
440 if (errno == EINTR) { |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
441 continue; /* not a real error */ |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
442 } |
|
165
0cfba3034be5
Fixed DEBUG_TRACE macro so that we don't get semicolons left about the place
Matt Johnston <matt@ucc.asn.au>
parents:
135
diff
changeset
|
443 TRACE(("leave ident_readln: read error")) |
|
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
444 return -1; |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
445 } |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
446 if (num == 0) { |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
447 /* EOF */ |
|
165
0cfba3034be5
Fixed DEBUG_TRACE macro so that we don't get semicolons left about the place
Matt Johnston <matt@ucc.asn.au>
parents:
135
diff
changeset
|
448 TRACE(("leave ident_readln: EOF")) |
|
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
449 return -1; |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
450 } |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
451 if (in == '\n') { |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
452 /* end of ident string */ |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
453 break; |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
454 } |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
455 /* we don't want to include '\r's */ |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
456 if (in != '\r') { |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
457 buf[pos] = in; |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
458 pos++; |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
459 } |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
460 } |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
461 } |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
462 |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
463 buf[pos] = '\0'; |
|
165
0cfba3034be5
Fixed DEBUG_TRACE macro so that we don't get semicolons left about the place
Matt Johnston <matt@ucc.asn.au>
parents:
135
diff
changeset
|
464 TRACE(("leave ident_readln: return %d", pos+1)) |
|
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
465 return pos+1; |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
466 } |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
467 |
|
970
0bb16232e7c4
Make keepalive handling more robust, this should now match what OpenSSH does
Matt Johnston <matt@ucc.asn.au>
parents:
968
diff
changeset
|
468 void ignore_recv_response() { |
|
1038
d3925ed45a85
Fix for old compilers, variable declarations at beginning of functions
Thorsten Horstmann <thorsten.horstmann@web.de>
parents:
1021
diff
changeset
|
469 /* Do nothing */ |
|
970
0bb16232e7c4
Make keepalive handling more robust, this should now match what OpenSSH does
Matt Johnston <matt@ucc.asn.au>
parents:
968
diff
changeset
|
470 TRACE(("Ignored msg_request_response")) |
|
968
f7f6c15b0ec3
Don't send SSH_MSG_UNIMPLEMENTED for keepalive responses
Matt Johnston <matt@ucc.asn.au>
parents:
941
diff
changeset
|
471 } |
|
f7f6c15b0ec3
Don't send SSH_MSG_UNIMPLEMENTED for keepalive responses
Matt Johnston <matt@ucc.asn.au>
parents:
941
diff
changeset
|
472 |
|
939
a0819ecfee0b
Make -K keepalive behave like OpenSSH's ServerAliveInterval
Matt Johnston <matt@ucc.asn.au>
parents:
929
diff
changeset
|
473 static void send_msg_keepalive() { |
|
1038
d3925ed45a85
Fix for old compilers, variable declarations at beginning of functions
Thorsten Horstmann <thorsten.horstmann@web.de>
parents:
1021
diff
changeset
|
474 time_t old_time_idle = ses.last_packet_time_idle; |
|
d3925ed45a85
Fix for old compilers, variable declarations at beginning of functions
Thorsten Horstmann <thorsten.horstmann@web.de>
parents:
1021
diff
changeset
|
475 struct Channel *chan = get_any_ready_channel(); |
|
d3925ed45a85
Fix for old compilers, variable declarations at beginning of functions
Thorsten Horstmann <thorsten.horstmann@web.de>
parents:
1021
diff
changeset
|
476 |
|
454
7e43f5e473b9
- Add -K keepalive flag for dropbear and dbclient
Matt Johnston <matt@ucc.asn.au>
parents:
452
diff
changeset
|
477 CHECKCLEARTOWRITE(); |
|
970
0bb16232e7c4
Make keepalive handling more robust, this should now match what OpenSSH does
Matt Johnston <matt@ucc.asn.au>
parents:
968
diff
changeset
|
478 |
|
0bb16232e7c4
Make keepalive handling more robust, this should now match what OpenSSH does
Matt Johnston <matt@ucc.asn.au>
parents:
968
diff
changeset
|
479 if (chan) { |
|
0bb16232e7c4
Make keepalive handling more robust, this should now match what OpenSSH does
Matt Johnston <matt@ucc.asn.au>
parents:
968
diff
changeset
|
480 /* Channel requests are preferable, more implementations |
|
0bb16232e7c4
Make keepalive handling more robust, this should now match what OpenSSH does
Matt Johnston <matt@ucc.asn.au>
parents:
968
diff
changeset
|
481 handle them than SSH_MSG_GLOBAL_REQUEST */ |
|
0bb16232e7c4
Make keepalive handling more robust, this should now match what OpenSSH does
Matt Johnston <matt@ucc.asn.au>
parents:
968
diff
changeset
|
482 TRACE(("keepalive channel request %d", chan->index)) |
|
0bb16232e7c4
Make keepalive handling more robust, this should now match what OpenSSH does
Matt Johnston <matt@ucc.asn.au>
parents:
968
diff
changeset
|
483 start_send_channel_request(chan, DROPBEAR_KEEPALIVE_STRING); |
|
0bb16232e7c4
Make keepalive handling more robust, this should now match what OpenSSH does
Matt Johnston <matt@ucc.asn.au>
parents:
968
diff
changeset
|
484 } else { |
|
0bb16232e7c4
Make keepalive handling more robust, this should now match what OpenSSH does
Matt Johnston <matt@ucc.asn.au>
parents:
968
diff
changeset
|
485 TRACE(("keepalive global request")) |
|
0bb16232e7c4
Make keepalive handling more robust, this should now match what OpenSSH does
Matt Johnston <matt@ucc.asn.au>
parents:
968
diff
changeset
|
486 /* Some peers will reply with SSH_MSG_REQUEST_FAILURE, |
|
0bb16232e7c4
Make keepalive handling more robust, this should now match what OpenSSH does
Matt Johnston <matt@ucc.asn.au>
parents:
968
diff
changeset
|
487 some will reply with SSH_MSG_UNIMPLEMENTED, some will exit. */ |
|
0bb16232e7c4
Make keepalive handling more robust, this should now match what OpenSSH does
Matt Johnston <matt@ucc.asn.au>
parents:
968
diff
changeset
|
488 buf_putbyte(ses.writepayload, SSH_MSG_GLOBAL_REQUEST); |
|
0bb16232e7c4
Make keepalive handling more robust, this should now match what OpenSSH does
Matt Johnston <matt@ucc.asn.au>
parents:
968
diff
changeset
|
489 buf_putstring(ses.writepayload, DROPBEAR_KEEPALIVE_STRING, |
|
0bb16232e7c4
Make keepalive handling more robust, this should now match what OpenSSH does
Matt Johnston <matt@ucc.asn.au>
parents:
968
diff
changeset
|
490 strlen(DROPBEAR_KEEPALIVE_STRING)); |
|
0bb16232e7c4
Make keepalive handling more robust, this should now match what OpenSSH does
Matt Johnston <matt@ucc.asn.au>
parents:
968
diff
changeset
|
491 } |
|
939
a0819ecfee0b
Make -K keepalive behave like OpenSSH's ServerAliveInterval
Matt Johnston <matt@ucc.asn.au>
parents:
929
diff
changeset
|
492 buf_putbyte(ses.writepayload, 1); /* want_reply */ |
|
454
7e43f5e473b9
- Add -K keepalive flag for dropbear and dbclient
Matt Johnston <matt@ucc.asn.au>
parents:
452
diff
changeset
|
493 encrypt_packet(); |
|
939
a0819ecfee0b
Make -K keepalive behave like OpenSSH's ServerAliveInterval
Matt Johnston <matt@ucc.asn.au>
parents:
929
diff
changeset
|
494 |
|
a0819ecfee0b
Make -K keepalive behave like OpenSSH's ServerAliveInterval
Matt Johnston <matt@ucc.asn.au>
parents:
929
diff
changeset
|
495 ses.last_packet_time_keepalive_sent = monotonic_now(); |
|
a0819ecfee0b
Make -K keepalive behave like OpenSSH's ServerAliveInterval
Matt Johnston <matt@ucc.asn.au>
parents:
929
diff
changeset
|
496 |
|
a0819ecfee0b
Make -K keepalive behave like OpenSSH's ServerAliveInterval
Matt Johnston <matt@ucc.asn.au>
parents:
929
diff
changeset
|
497 /* keepalives shouldn't update idle timeout, reset it back */ |
|
a0819ecfee0b
Make -K keepalive behave like OpenSSH's ServerAliveInterval
Matt Johnston <matt@ucc.asn.au>
parents:
929
diff
changeset
|
498 ses.last_packet_time_idle = old_time_idle; |
|
454
7e43f5e473b9
- Add -K keepalive flag for dropbear and dbclient
Matt Johnston <matt@ucc.asn.au>
parents:
452
diff
changeset
|
499 } |
|
7e43f5e473b9
- Add -K keepalive flag for dropbear and dbclient
Matt Johnston <matt@ucc.asn.au>
parents:
452
diff
changeset
|
500 |
| 26 | 501 /* Check all timeouts which are required. Currently these are the time for |
| 502 * user authentication, and the automatic rekeying. */ | |
| 503 static void checktimeouts() { | |
| 504 | |
|
454
7e43f5e473b9
- Add -K keepalive flag for dropbear and dbclient
Matt Johnston <matt@ucc.asn.au>
parents:
452
diff
changeset
|
505 time_t now; |
|
928
7cd89d4e0335
Add new monotonic_now() wrapper so that timeouts are unaffected by
Matt Johnston <matt@ucc.asn.au>
parents:
927
diff
changeset
|
506 now = monotonic_now(); |
| 26 | 507 |
|
1139
43a8ea69b24c
Fix problem where auth timeout wasn't checked when waiting for ident
Matt Johnston <matt@ucc.asn.au>
parents:
1124
diff
changeset
|
508 if (IS_DROPBEAR_SERVER && ses.connect_time != 0 |
|
43a8ea69b24c
Fix problem where auth timeout wasn't checked when waiting for ident
Matt Johnston <matt@ucc.asn.au>
parents:
1124
diff
changeset
|
509 && now - ses.connect_time >= AUTH_TIMEOUT) { |
|
43a8ea69b24c
Fix problem where auth timeout wasn't checked when waiting for ident
Matt Johnston <matt@ucc.asn.au>
parents:
1124
diff
changeset
|
510 dropbear_close("Timeout before auth"); |
|
43a8ea69b24c
Fix problem where auth timeout wasn't checked when waiting for ident
Matt Johnston <matt@ucc.asn.au>
parents:
1124
diff
changeset
|
511 } |
|
43a8ea69b24c
Fix problem where auth timeout wasn't checked when waiting for ident
Matt Johnston <matt@ucc.asn.au>
parents:
1124
diff
changeset
|
512 |
| 26 | 513 /* we can't rekey if we haven't done remote ident exchange yet */ |
| 514 if (ses.remoteident == NULL) { | |
| 515 return; | |
| 516 } | |
| 517 | |
| 518 if (!ses.kexstate.sentkexinit | |
|
454
7e43f5e473b9
- Add -K keepalive flag for dropbear and dbclient
Matt Johnston <matt@ucc.asn.au>
parents:
452
diff
changeset
|
519 && (now - ses.kexstate.lastkextime >= KEX_REKEY_TIMEOUT |
|
7e43f5e473b9
- Add -K keepalive flag for dropbear and dbclient
Matt Johnston <matt@ucc.asn.au>
parents:
452
diff
changeset
|
520 || ses.kexstate.datarecv+ses.kexstate.datatrans >= KEX_REKEY_DATA)) { |
|
165
0cfba3034be5
Fixed DEBUG_TRACE macro so that we don't get semicolons left about the place
Matt Johnston <matt@ucc.asn.au>
parents:
135
diff
changeset
|
521 TRACE(("rekeying after timeout or max data reached")) |
| 26 | 522 send_msg_kexinit(); |
| 523 } | |
|
454
7e43f5e473b9
- Add -K keepalive flag for dropbear and dbclient
Matt Johnston <matt@ucc.asn.au>
parents:
452
diff
changeset
|
524 |
|
970
0bb16232e7c4
Make keepalive handling more robust, this should now match what OpenSSH does
Matt Johnston <matt@ucc.asn.au>
parents:
968
diff
changeset
|
525 if (opts.keepalive_secs > 0 && ses.authstate.authdone) { |
|
0bb16232e7c4
Make keepalive handling more robust, this should now match what OpenSSH does
Matt Johnston <matt@ucc.asn.au>
parents:
968
diff
changeset
|
526 /* Avoid sending keepalives prior to auth - those are |
|
0bb16232e7c4
Make keepalive handling more robust, this should now match what OpenSSH does
Matt Johnston <matt@ucc.asn.au>
parents:
968
diff
changeset
|
527 not valid pre-auth packet types */ |
|
0bb16232e7c4
Make keepalive handling more robust, this should now match what OpenSSH does
Matt Johnston <matt@ucc.asn.au>
parents:
968
diff
changeset
|
528 |
|
939
a0819ecfee0b
Make -K keepalive behave like OpenSSH's ServerAliveInterval
Matt Johnston <matt@ucc.asn.au>
parents:
929
diff
changeset
|
529 /* Send keepalives if we've been idle */ |
|
a0819ecfee0b
Make -K keepalive behave like OpenSSH's ServerAliveInterval
Matt Johnston <matt@ucc.asn.au>
parents:
929
diff
changeset
|
530 if (now - ses.last_packet_time_any_sent >= opts.keepalive_secs) { |
|
a0819ecfee0b
Make -K keepalive behave like OpenSSH's ServerAliveInterval
Matt Johnston <matt@ucc.asn.au>
parents:
929
diff
changeset
|
531 send_msg_keepalive(); |
|
a0819ecfee0b
Make -K keepalive behave like OpenSSH's ServerAliveInterval
Matt Johnston <matt@ucc.asn.au>
parents:
929
diff
changeset
|
532 } |
|
a0819ecfee0b
Make -K keepalive behave like OpenSSH's ServerAliveInterval
Matt Johnston <matt@ucc.asn.au>
parents:
929
diff
changeset
|
533 |
|
a0819ecfee0b
Make -K keepalive behave like OpenSSH's ServerAliveInterval
Matt Johnston <matt@ucc.asn.au>
parents:
929
diff
changeset
|
534 /* Also send an explicit keepalive message to trigger a response |
|
a0819ecfee0b
Make -K keepalive behave like OpenSSH's ServerAliveInterval
Matt Johnston <matt@ucc.asn.au>
parents:
929
diff
changeset
|
535 if the remote end hasn't sent us anything */ |
|
a0819ecfee0b
Make -K keepalive behave like OpenSSH's ServerAliveInterval
Matt Johnston <matt@ucc.asn.au>
parents:
929
diff
changeset
|
536 if (now - ses.last_packet_time_keepalive_recv >= opts.keepalive_secs |
|
a0819ecfee0b
Make -K keepalive behave like OpenSSH's ServerAliveInterval
Matt Johnston <matt@ucc.asn.au>
parents:
929
diff
changeset
|
537 && now - ses.last_packet_time_keepalive_sent >= opts.keepalive_secs) { |
|
a0819ecfee0b
Make -K keepalive behave like OpenSSH's ServerAliveInterval
Matt Johnston <matt@ucc.asn.au>
parents:
929
diff
changeset
|
538 send_msg_keepalive(); |
|
a0819ecfee0b
Make -K keepalive behave like OpenSSH's ServerAliveInterval
Matt Johnston <matt@ucc.asn.au>
parents:
929
diff
changeset
|
539 } |
|
a0819ecfee0b
Make -K keepalive behave like OpenSSH's ServerAliveInterval
Matt Johnston <matt@ucc.asn.au>
parents:
929
diff
changeset
|
540 |
|
a0819ecfee0b
Make -K keepalive behave like OpenSSH's ServerAliveInterval
Matt Johnston <matt@ucc.asn.au>
parents:
929
diff
changeset
|
541 if (now - ses.last_packet_time_keepalive_recv |
|
a0819ecfee0b
Make -K keepalive behave like OpenSSH's ServerAliveInterval
Matt Johnston <matt@ucc.asn.au>
parents:
929
diff
changeset
|
542 >= opts.keepalive_secs * DEFAULT_KEEPALIVE_LIMIT) { |
|
a0819ecfee0b
Make -K keepalive behave like OpenSSH's ServerAliveInterval
Matt Johnston <matt@ucc.asn.au>
parents:
929
diff
changeset
|
543 dropbear_exit("Keepalive timeout"); |
|
a0819ecfee0b
Make -K keepalive behave like OpenSSH's ServerAliveInterval
Matt Johnston <matt@ucc.asn.au>
parents:
929
diff
changeset
|
544 } |
|
454
7e43f5e473b9
- Add -K keepalive flag for dropbear and dbclient
Matt Johnston <matt@ucc.asn.au>
parents:
452
diff
changeset
|
545 } |
|
513
a3748e54273c
Idle timeout patch from Farrell Aultman. Needs testing, unsure if server
Matt Johnston <matt@ucc.asn.au>
parents:
502
diff
changeset
|
546 |
|
939
a0819ecfee0b
Make -K keepalive behave like OpenSSH's ServerAliveInterval
Matt Johnston <matt@ucc.asn.au>
parents:
929
diff
changeset
|
547 if (opts.idle_timeout_secs > 0 |
|
a0819ecfee0b
Make -K keepalive behave like OpenSSH's ServerAliveInterval
Matt Johnston <matt@ucc.asn.au>
parents:
929
diff
changeset
|
548 && now - ses.last_packet_time_idle >= opts.idle_timeout_secs) { |
|
513
a3748e54273c
Idle timeout patch from Farrell Aultman. Needs testing, unsure if server
Matt Johnston <matt@ucc.asn.au>
parents:
502
diff
changeset
|
549 dropbear_close("Idle timeout"); |
|
a3748e54273c
Idle timeout patch from Farrell Aultman. Needs testing, unsure if server
Matt Johnston <matt@ucc.asn.au>
parents:
502
diff
changeset
|
550 } |
| 26 | 551 } |
| 552 | |
|
1140
f6d3a16ecc71
set timeouts to time remaining rather than timeout duration
Matt Johnston <matt@ucc.asn.au>
parents:
1139
diff
changeset
|
553 static void update_timeout(long limit, long now, long last_event, long * timeout) { |
|
1143
924ff1b959a2
only update keepalive timeout post-auth (when keepalives are sent)
Matt Johnston <matt@ucc.asn.au>
parents:
1140
diff
changeset
|
554 TRACE2(("update_timeout limit %ld, now %ld, last %ld, timeout %ld", |
|
1140
f6d3a16ecc71
set timeouts to time remaining rather than timeout duration
Matt Johnston <matt@ucc.asn.au>
parents:
1139
diff
changeset
|
555 limit, now, last_event, *timeout)) |
|
f6d3a16ecc71
set timeouts to time remaining rather than timeout duration
Matt Johnston <matt@ucc.asn.au>
parents:
1139
diff
changeset
|
556 if (last_event > 0 && limit > 0) { |
|
f6d3a16ecc71
set timeouts to time remaining rather than timeout duration
Matt Johnston <matt@ucc.asn.au>
parents:
1139
diff
changeset
|
557 *timeout = MIN(*timeout, last_event+limit-now); |
|
1143
924ff1b959a2
only update keepalive timeout post-auth (when keepalives are sent)
Matt Johnston <matt@ucc.asn.au>
parents:
1140
diff
changeset
|
558 TRACE2(("new timeout %ld", *timeout)) |
|
1140
f6d3a16ecc71
set timeouts to time remaining rather than timeout duration
Matt Johnston <matt@ucc.asn.au>
parents:
1139
diff
changeset
|
559 } |
|
f6d3a16ecc71
set timeouts to time remaining rather than timeout duration
Matt Johnston <matt@ucc.asn.au>
parents:
1139
diff
changeset
|
560 } |
|
f6d3a16ecc71
set timeouts to time remaining rather than timeout duration
Matt Johnston <matt@ucc.asn.au>
parents:
1139
diff
changeset
|
561 |
|
454
7e43f5e473b9
- Add -K keepalive flag for dropbear and dbclient
Matt Johnston <matt@ucc.asn.au>
parents:
452
diff
changeset
|
562 static long select_timeout() { |
|
7e43f5e473b9
- Add -K keepalive flag for dropbear and dbclient
Matt Johnston <matt@ucc.asn.au>
parents:
452
diff
changeset
|
563 /* determine the minimum timeout that might be required, so |
|
7e43f5e473b9
- Add -K keepalive flag for dropbear and dbclient
Matt Johnston <matt@ucc.asn.au>
parents:
452
diff
changeset
|
564 as to avoid waking when unneccessary */ |
|
1310
090033317ca1
Avoid busy loop while waiting for rekey response
Matt Johnston <matt@ucc.asn.au>
parents:
1302
diff
changeset
|
565 long timeout = KEX_REKEY_TIMEOUT; |
|
1140
f6d3a16ecc71
set timeouts to time remaining rather than timeout duration
Matt Johnston <matt@ucc.asn.au>
parents:
1139
diff
changeset
|
566 long now = monotonic_now(); |
|
f6d3a16ecc71
set timeouts to time remaining rather than timeout duration
Matt Johnston <matt@ucc.asn.au>
parents:
1139
diff
changeset
|
567 |
|
1310
090033317ca1
Avoid busy loop while waiting for rekey response
Matt Johnston <matt@ucc.asn.au>
parents:
1302
diff
changeset
|
568 if (!ses.kexstate.sentkexinit) { |
|
090033317ca1
Avoid busy loop while waiting for rekey response
Matt Johnston <matt@ucc.asn.au>
parents:
1302
diff
changeset
|
569 update_timeout(KEX_REKEY_TIMEOUT, now, ses.kexstate.lastkextime, &timeout); |
|
090033317ca1
Avoid busy loop while waiting for rekey response
Matt Johnston <matt@ucc.asn.au>
parents:
1302
diff
changeset
|
570 } |
|
1140
f6d3a16ecc71
set timeouts to time remaining rather than timeout duration
Matt Johnston <matt@ucc.asn.au>
parents:
1139
diff
changeset
|
571 |
|
f6d3a16ecc71
set timeouts to time remaining rather than timeout duration
Matt Johnston <matt@ucc.asn.au>
parents:
1139
diff
changeset
|
572 if (ses.authstate.authdone != 1 && IS_DROPBEAR_SERVER) { |
|
f6d3a16ecc71
set timeouts to time remaining rather than timeout duration
Matt Johnston <matt@ucc.asn.au>
parents:
1139
diff
changeset
|
573 /* AUTH_TIMEOUT is only relevant before authdone */ |
|
f6d3a16ecc71
set timeouts to time remaining rather than timeout duration
Matt Johnston <matt@ucc.asn.au>
parents:
1139
diff
changeset
|
574 update_timeout(AUTH_TIMEOUT, now, ses.connect_time, &timeout); |
|
f6d3a16ecc71
set timeouts to time remaining rather than timeout duration
Matt Johnston <matt@ucc.asn.au>
parents:
1139
diff
changeset
|
575 } |
|
f6d3a16ecc71
set timeouts to time remaining rather than timeout duration
Matt Johnston <matt@ucc.asn.au>
parents:
1139
diff
changeset
|
576 |
|
1143
924ff1b959a2
only update keepalive timeout post-auth (when keepalives are sent)
Matt Johnston <matt@ucc.asn.au>
parents:
1140
diff
changeset
|
577 if (ses.authstate.authdone) { |
|
924ff1b959a2
only update keepalive timeout post-auth (when keepalives are sent)
Matt Johnston <matt@ucc.asn.au>
parents:
1140
diff
changeset
|
578 update_timeout(opts.keepalive_secs, now, |
|
924ff1b959a2
only update keepalive timeout post-auth (when keepalives are sent)
Matt Johnston <matt@ucc.asn.au>
parents:
1140
diff
changeset
|
579 MAX(ses.last_packet_time_keepalive_recv, ses.last_packet_time_keepalive_sent), |
|
924ff1b959a2
only update keepalive timeout post-auth (when keepalives are sent)
Matt Johnston <matt@ucc.asn.au>
parents:
1140
diff
changeset
|
580 &timeout); |
|
924ff1b959a2
only update keepalive timeout post-auth (when keepalives are sent)
Matt Johnston <matt@ucc.asn.au>
parents:
1140
diff
changeset
|
581 } |
|
1140
f6d3a16ecc71
set timeouts to time remaining rather than timeout duration
Matt Johnston <matt@ucc.asn.au>
parents:
1139
diff
changeset
|
582 |
|
f6d3a16ecc71
set timeouts to time remaining rather than timeout duration
Matt Johnston <matt@ucc.asn.au>
parents:
1139
diff
changeset
|
583 update_timeout(opts.idle_timeout_secs, now, ses.last_packet_time_idle, |
|
f6d3a16ecc71
set timeouts to time remaining rather than timeout duration
Matt Johnston <matt@ucc.asn.au>
parents:
1139
diff
changeset
|
584 &timeout); |
|
f6d3a16ecc71
set timeouts to time remaining rather than timeout duration
Matt Johnston <matt@ucc.asn.au>
parents:
1139
diff
changeset
|
585 |
|
f6d3a16ecc71
set timeouts to time remaining rather than timeout duration
Matt Johnston <matt@ucc.asn.au>
parents:
1139
diff
changeset
|
586 /* clamp negative timeouts to zero - event has already triggered */ |
|
f6d3a16ecc71
set timeouts to time remaining rather than timeout duration
Matt Johnston <matt@ucc.asn.au>
parents:
1139
diff
changeset
|
587 return MAX(timeout, 0); |
|
454
7e43f5e473b9
- Add -K keepalive flag for dropbear and dbclient
Matt Johnston <matt@ucc.asn.au>
parents:
452
diff
changeset
|
588 } |
|
482
7ad49f34a122
- Add run_shell_command() function to run a "sh -c" command, handling
Matt Johnston <matt@ucc.asn.au>
parents:
479
diff
changeset
|
589 |
|
7ad49f34a122
- Add run_shell_command() function to run a "sh -c" command, handling
Matt Johnston <matt@ucc.asn.au>
parents:
479
diff
changeset
|
590 const char* get_user_shell() { |
|
7ad49f34a122
- Add run_shell_command() function to run a "sh -c" command, handling
Matt Johnston <matt@ucc.asn.au>
parents:
479
diff
changeset
|
591 /* an empty shell should be interpreted as "/bin/sh" */ |
|
7ad49f34a122
- Add run_shell_command() function to run a "sh -c" command, handling
Matt Johnston <matt@ucc.asn.au>
parents:
479
diff
changeset
|
592 if (ses.authstate.pw_shell[0] == '\0') { |
|
7ad49f34a122
- Add run_shell_command() function to run a "sh -c" command, handling
Matt Johnston <matt@ucc.asn.au>
parents:
479
diff
changeset
|
593 return "/bin/sh"; |
|
7ad49f34a122
- Add run_shell_command() function to run a "sh -c" command, handling
Matt Johnston <matt@ucc.asn.au>
parents:
479
diff
changeset
|
594 } else { |
|
7ad49f34a122
- Add run_shell_command() function to run a "sh -c" command, handling
Matt Johnston <matt@ucc.asn.au>
parents:
479
diff
changeset
|
595 return ses.authstate.pw_shell; |
|
7ad49f34a122
- Add run_shell_command() function to run a "sh -c" command, handling
Matt Johnston <matt@ucc.asn.au>
parents:
479
diff
changeset
|
596 } |
|
7ad49f34a122
- Add run_shell_command() function to run a "sh -c" command, handling
Matt Johnston <matt@ucc.asn.au>
parents:
479
diff
changeset
|
597 } |
|
483
738313e73b1c
- "-J 'nc localhost 22'" kind of works, needs fixing hostkeys, ptys etc.
Matt Johnston <matt@ucc.asn.au>
parents:
482
diff
changeset
|
598 void fill_passwd(const char* username) { |
|
738313e73b1c
- "-J 'nc localhost 22'" kind of works, needs fixing hostkeys, ptys etc.
Matt Johnston <matt@ucc.asn.au>
parents:
482
diff
changeset
|
599 struct passwd *pw = NULL; |
|
738313e73b1c
- "-J 'nc localhost 22'" kind of works, needs fixing hostkeys, ptys etc.
Matt Johnston <matt@ucc.asn.au>
parents:
482
diff
changeset
|
600 if (ses.authstate.pw_name) |
|
738313e73b1c
- "-J 'nc localhost 22'" kind of works, needs fixing hostkeys, ptys etc.
Matt Johnston <matt@ucc.asn.au>
parents:
482
diff
changeset
|
601 m_free(ses.authstate.pw_name); |
|
738313e73b1c
- "-J 'nc localhost 22'" kind of works, needs fixing hostkeys, ptys etc.
Matt Johnston <matt@ucc.asn.au>
parents:
482
diff
changeset
|
602 if (ses.authstate.pw_dir) |
|
738313e73b1c
- "-J 'nc localhost 22'" kind of works, needs fixing hostkeys, ptys etc.
Matt Johnston <matt@ucc.asn.au>
parents:
482
diff
changeset
|
603 m_free(ses.authstate.pw_dir); |
|
738313e73b1c
- "-J 'nc localhost 22'" kind of works, needs fixing hostkeys, ptys etc.
Matt Johnston <matt@ucc.asn.au>
parents:
482
diff
changeset
|
604 if (ses.authstate.pw_shell) |
|
738313e73b1c
- "-J 'nc localhost 22'" kind of works, needs fixing hostkeys, ptys etc.
Matt Johnston <matt@ucc.asn.au>
parents:
482
diff
changeset
|
605 m_free(ses.authstate.pw_shell); |
|
738313e73b1c
- "-J 'nc localhost 22'" kind of works, needs fixing hostkeys, ptys etc.
Matt Johnston <matt@ucc.asn.au>
parents:
482
diff
changeset
|
606 if (ses.authstate.pw_passwd) |
|
738313e73b1c
- "-J 'nc localhost 22'" kind of works, needs fixing hostkeys, ptys etc.
Matt Johnston <matt@ucc.asn.au>
parents:
482
diff
changeset
|
607 m_free(ses.authstate.pw_passwd); |
|
738313e73b1c
- "-J 'nc localhost 22'" kind of works, needs fixing hostkeys, ptys etc.
Matt Johnston <matt@ucc.asn.au>
parents:
482
diff
changeset
|
608 |
|
738313e73b1c
- "-J 'nc localhost 22'" kind of works, needs fixing hostkeys, ptys etc.
Matt Johnston <matt@ucc.asn.au>
parents:
482
diff
changeset
|
609 pw = getpwnam(username); |
|
738313e73b1c
- "-J 'nc localhost 22'" kind of works, needs fixing hostkeys, ptys etc.
Matt Johnston <matt@ucc.asn.au>
parents:
482
diff
changeset
|
610 if (!pw) { |
|
738313e73b1c
- "-J 'nc localhost 22'" kind of works, needs fixing hostkeys, ptys etc.
Matt Johnston <matt@ucc.asn.au>
parents:
482
diff
changeset
|
611 return; |
|
738313e73b1c
- "-J 'nc localhost 22'" kind of works, needs fixing hostkeys, ptys etc.
Matt Johnston <matt@ucc.asn.au>
parents:
482
diff
changeset
|
612 } |
|
738313e73b1c
- "-J 'nc localhost 22'" kind of works, needs fixing hostkeys, ptys etc.
Matt Johnston <matt@ucc.asn.au>
parents:
482
diff
changeset
|
613 ses.authstate.pw_uid = pw->pw_uid; |
|
738313e73b1c
- "-J 'nc localhost 22'" kind of works, needs fixing hostkeys, ptys etc.
Matt Johnston <matt@ucc.asn.au>
parents:
482
diff
changeset
|
614 ses.authstate.pw_gid = pw->pw_gid; |
|
738313e73b1c
- "-J 'nc localhost 22'" kind of works, needs fixing hostkeys, ptys etc.
Matt Johnston <matt@ucc.asn.au>
parents:
482
diff
changeset
|
615 ses.authstate.pw_name = m_strdup(pw->pw_name); |
|
738313e73b1c
- "-J 'nc localhost 22'" kind of works, needs fixing hostkeys, ptys etc.
Matt Johnston <matt@ucc.asn.au>
parents:
482
diff
changeset
|
616 ses.authstate.pw_dir = m_strdup(pw->pw_dir); |
|
738313e73b1c
- "-J 'nc localhost 22'" kind of works, needs fixing hostkeys, ptys etc.
Matt Johnston <matt@ucc.asn.au>
parents:
482
diff
changeset
|
617 ses.authstate.pw_shell = m_strdup(pw->pw_shell); |
|
676
0edf08895a33
Return immediate success for blank passwords if allowed
Matt Johnston <matt@ucc.asn.au>
parents:
594
diff
changeset
|
618 { |
|
0edf08895a33
Return immediate success for blank passwords if allowed
Matt Johnston <matt@ucc.asn.au>
parents:
594
diff
changeset
|
619 char *passwd_crypt = pw->pw_passwd; |
|
0edf08895a33
Return immediate success for blank passwords if allowed
Matt Johnston <matt@ucc.asn.au>
parents:
594
diff
changeset
|
620 #ifdef HAVE_SHADOW_H |
|
0edf08895a33
Return immediate success for blank passwords if allowed
Matt Johnston <matt@ucc.asn.au>
parents:
594
diff
changeset
|
621 /* get the shadow password if possible */ |
|
0edf08895a33
Return immediate success for blank passwords if allowed
Matt Johnston <matt@ucc.asn.au>
parents:
594
diff
changeset
|
622 struct spwd *spasswd = getspnam(ses.authstate.pw_name); |
|
0edf08895a33
Return immediate success for blank passwords if allowed
Matt Johnston <matt@ucc.asn.au>
parents:
594
diff
changeset
|
623 if (spasswd && spasswd->sp_pwdp) { |
|
0edf08895a33
Return immediate success for blank passwords if allowed
Matt Johnston <matt@ucc.asn.au>
parents:
594
diff
changeset
|
624 passwd_crypt = spasswd->sp_pwdp; |
|
0edf08895a33
Return immediate success for blank passwords if allowed
Matt Johnston <matt@ucc.asn.au>
parents:
594
diff
changeset
|
625 } |
|
0edf08895a33
Return immediate success for blank passwords if allowed
Matt Johnston <matt@ucc.asn.au>
parents:
594
diff
changeset
|
626 #endif |
|
705
2e573f39b88e
Android returns NULL for pw_crypt, set it to something else
Matt Johnston <matt@ucc.asn.au>
parents:
676
diff
changeset
|
627 if (!passwd_crypt) { |
|
2e573f39b88e
Android returns NULL for pw_crypt, set it to something else
Matt Johnston <matt@ucc.asn.au>
parents:
676
diff
changeset
|
628 /* android supposedly returns NULL */ |
|
2e573f39b88e
Android returns NULL for pw_crypt, set it to something else
Matt Johnston <matt@ucc.asn.au>
parents:
676
diff
changeset
|
629 passwd_crypt = "!!"; |
|
2e573f39b88e
Android returns NULL for pw_crypt, set it to something else
Matt Johnston <matt@ucc.asn.au>
parents:
676
diff
changeset
|
630 } |
|
676
0edf08895a33
Return immediate success for blank passwords if allowed
Matt Johnston <matt@ucc.asn.au>
parents:
594
diff
changeset
|
631 ses.authstate.pw_passwd = m_strdup(passwd_crypt); |
|
0edf08895a33
Return immediate success for blank passwords if allowed
Matt Johnston <matt@ucc.asn.au>
parents:
594
diff
changeset
|
632 } |
|
483
738313e73b1c
- "-J 'nc localhost 22'" kind of works, needs fixing hostkeys, ptys etc.
Matt Johnston <matt@ucc.asn.au>
parents:
482
diff
changeset
|
633 } |
|
738313e73b1c
- "-J 'nc localhost 22'" kind of works, needs fixing hostkeys, ptys etc.
Matt Johnston <matt@ucc.asn.au>
parents:
482
diff
changeset
|
634 |
|
941
5daedffd0769
Set tcp priority as follows:
Matt Johnston <matt@ucc.asn.au>
parents:
940
diff
changeset
|
635 /* Called when channels are modified */ |
|
5daedffd0769
Set tcp priority as follows:
Matt Johnston <matt@ucc.asn.au>
parents:
940
diff
changeset
|
636 void update_channel_prio() { |
|
5daedffd0769
Set tcp priority as follows:
Matt Johnston <matt@ucc.asn.au>
parents:
940
diff
changeset
|
637 enum dropbear_prio new_prio; |
|
5daedffd0769
Set tcp priority as follows:
Matt Johnston <matt@ucc.asn.au>
parents:
940
diff
changeset
|
638 int any = 0; |
|
5daedffd0769
Set tcp priority as follows:
Matt Johnston <matt@ucc.asn.au>
parents:
940
diff
changeset
|
639 unsigned int i; |
|
5daedffd0769
Set tcp priority as follows:
Matt Johnston <matt@ucc.asn.au>
parents:
940
diff
changeset
|
640 |
|
5daedffd0769
Set tcp priority as follows:
Matt Johnston <matt@ucc.asn.au>
parents:
940
diff
changeset
|
641 TRACE(("update_channel_prio")) |
|
5daedffd0769
Set tcp priority as follows:
Matt Johnston <matt@ucc.asn.au>
parents:
940
diff
changeset
|
642 |
|
1031
64c0aa01e2b6
Update priority once the socket is open
Matt Johnston <matt@ucc.asn.au>
parents:
1025
diff
changeset
|
643 if (ses.sock_out < 0) { |
|
64c0aa01e2b6
Update priority once the socket is open
Matt Johnston <matt@ucc.asn.au>
parents:
1025
diff
changeset
|
644 TRACE(("leave update_channel_prio: no socket")) |
|
64c0aa01e2b6
Update priority once the socket is open
Matt Johnston <matt@ucc.asn.au>
parents:
1025
diff
changeset
|
645 return; |
|
64c0aa01e2b6
Update priority once the socket is open
Matt Johnston <matt@ucc.asn.au>
parents:
1025
diff
changeset
|
646 } |
|
64c0aa01e2b6
Update priority once the socket is open
Matt Johnston <matt@ucc.asn.au>
parents:
1025
diff
changeset
|
647 |
|
941
5daedffd0769
Set tcp priority as follows:
Matt Johnston <matt@ucc.asn.au>
parents:
940
diff
changeset
|
648 new_prio = DROPBEAR_PRIO_BULK; |
|
5daedffd0769
Set tcp priority as follows:
Matt Johnston <matt@ucc.asn.au>
parents:
940
diff
changeset
|
649 for (i = 0; i < ses.chansize; i++) { |
|
5daedffd0769
Set tcp priority as follows:
Matt Johnston <matt@ucc.asn.au>
parents:
940
diff
changeset
|
650 struct Channel *channel = ses.channels[i]; |
|
5daedffd0769
Set tcp priority as follows:
Matt Johnston <matt@ucc.asn.au>
parents:
940
diff
changeset
|
651 if (!channel || channel->prio == DROPBEAR_CHANNEL_PRIO_EARLY) { |
|
5daedffd0769
Set tcp priority as follows:
Matt Johnston <matt@ucc.asn.au>
parents:
940
diff
changeset
|
652 if (channel && channel->prio == DROPBEAR_CHANNEL_PRIO_EARLY) { |
|
5daedffd0769
Set tcp priority as follows:
Matt Johnston <matt@ucc.asn.au>
parents:
940
diff
changeset
|
653 TRACE(("update_channel_prio: early %d", channel->index)) |
|
5daedffd0769
Set tcp priority as follows:
Matt Johnston <matt@ucc.asn.au>
parents:
940
diff
changeset
|
654 } |
|
5daedffd0769
Set tcp priority as follows:
Matt Johnston <matt@ucc.asn.au>
parents:
940
diff
changeset
|
655 continue; |
|
5daedffd0769
Set tcp priority as follows:
Matt Johnston <matt@ucc.asn.au>
parents:
940
diff
changeset
|
656 } |
|
5daedffd0769
Set tcp priority as follows:
Matt Johnston <matt@ucc.asn.au>
parents:
940
diff
changeset
|
657 any = 1; |
|
5daedffd0769
Set tcp priority as follows:
Matt Johnston <matt@ucc.asn.au>
parents:
940
diff
changeset
|
658 if (channel->prio == DROPBEAR_CHANNEL_PRIO_INTERACTIVE) |
|
5daedffd0769
Set tcp priority as follows:
Matt Johnston <matt@ucc.asn.au>
parents:
940
diff
changeset
|
659 { |
|
5daedffd0769
Set tcp priority as follows:
Matt Johnston <matt@ucc.asn.au>
parents:
940
diff
changeset
|
660 TRACE(("update_channel_prio: lowdelay %d", channel->index)) |
|
5daedffd0769
Set tcp priority as follows:
Matt Johnston <matt@ucc.asn.au>
parents:
940
diff
changeset
|
661 new_prio = DROPBEAR_PRIO_LOWDELAY; |
|
5daedffd0769
Set tcp priority as follows:
Matt Johnston <matt@ucc.asn.au>
parents:
940
diff
changeset
|
662 break; |
|
5daedffd0769
Set tcp priority as follows:
Matt Johnston <matt@ucc.asn.au>
parents:
940
diff
changeset
|
663 } else if (channel->prio == DROPBEAR_CHANNEL_PRIO_UNKNOWABLE |
|
5daedffd0769
Set tcp priority as follows:
Matt Johnston <matt@ucc.asn.au>
parents:
940
diff
changeset
|
664 && new_prio == DROPBEAR_PRIO_BULK) |
|
5daedffd0769
Set tcp priority as follows:
Matt Johnston <matt@ucc.asn.au>
parents:
940
diff
changeset
|
665 { |
|
5daedffd0769
Set tcp priority as follows:
Matt Johnston <matt@ucc.asn.au>
parents:
940
diff
changeset
|
666 TRACE(("update_channel_prio: unknowable %d", channel->index)) |
|
5daedffd0769
Set tcp priority as follows:
Matt Johnston <matt@ucc.asn.au>
parents:
940
diff
changeset
|
667 new_prio = DROPBEAR_PRIO_DEFAULT; |
|
5daedffd0769
Set tcp priority as follows:
Matt Johnston <matt@ucc.asn.au>
parents:
940
diff
changeset
|
668 } |
|
5daedffd0769
Set tcp priority as follows:
Matt Johnston <matt@ucc.asn.au>
parents:
940
diff
changeset
|
669 } |
|
5daedffd0769
Set tcp priority as follows:
Matt Johnston <matt@ucc.asn.au>
parents:
940
diff
changeset
|
670 |
|
5daedffd0769
Set tcp priority as follows:
Matt Johnston <matt@ucc.asn.au>
parents:
940
diff
changeset
|
671 if (any == 0) { |
|
5daedffd0769
Set tcp priority as follows:
Matt Johnston <matt@ucc.asn.au>
parents:
940
diff
changeset
|
672 /* lowdelay during setup */ |
|
5daedffd0769
Set tcp priority as follows:
Matt Johnston <matt@ucc.asn.au>
parents:
940
diff
changeset
|
673 TRACE(("update_channel_prio: not any")) |
|
5daedffd0769
Set tcp priority as follows:
Matt Johnston <matt@ucc.asn.au>
parents:
940
diff
changeset
|
674 new_prio = DROPBEAR_PRIO_LOWDELAY; |
|
5daedffd0769
Set tcp priority as follows:
Matt Johnston <matt@ucc.asn.au>
parents:
940
diff
changeset
|
675 } |
|
5daedffd0769
Set tcp priority as follows:
Matt Johnston <matt@ucc.asn.au>
parents:
940
diff
changeset
|
676 |
|
5daedffd0769
Set tcp priority as follows:
Matt Johnston <matt@ucc.asn.au>
parents:
940
diff
changeset
|
677 if (new_prio != ses.socket_prio) { |
|
1020
363c0feca5d4
Fix print that no longer works since we're not using fourCCs
Matt Johnston <matt@ucc.asn.au>
parents:
970
diff
changeset
|
678 TRACE(("Dropbear priority transitioning %d -> %d", ses.socket_prio, new_prio)) |
|
941
5daedffd0769
Set tcp priority as follows:
Matt Johnston <matt@ucc.asn.au>
parents:
940
diff
changeset
|
679 set_sock_priority(ses.sock_out, new_prio); |
|
5daedffd0769
Set tcp priority as follows:
Matt Johnston <matt@ucc.asn.au>
parents:
940
diff
changeset
|
680 ses.socket_prio = new_prio; |
|
5daedffd0769
Set tcp priority as follows:
Matt Johnston <matt@ucc.asn.au>
parents:
940
diff
changeset
|
681 } |
|
5daedffd0769
Set tcp priority as follows:
Matt Johnston <matt@ucc.asn.au>
parents:
940
diff
changeset
|
682 } |
|
5daedffd0769
Set tcp priority as follows:
Matt Johnston <matt@ucc.asn.au>
parents:
940
diff
changeset
|
683 |