Mercurial > dropbear
annotate cli-session.c @ 1306:34e6127ef02e
merge fixes from PuTTY import.c
toint() from misc.c
(revids are from hggit conversion)
changeset: 4620:60a336a6c85c
user: Simon Tatham <[email protected]>
date: Thu Feb 25 20:26:33 2016 +0000
files: import.c
description:
Fix potential segfaults in reading OpenSSH's ASN.1 key format.
The length coming back from ber_read_id_len might have overflowed, so
treat it as potentially negative. Also, while I'm here, accumulate it
inside ber_read_id_len as an unsigned, so as to avoid undefined
behaviour on integer overflow, and toint() it before return.
Thanks to Hanno Böck for spotting this, with the aid of AFL.
(cherry picked from commit 5b7833cd474a24ec098654dcba8cb9509f3bf2c1)
Conflicts:
import.c
(cherry-picker's note: resolving the conflict involved removing an
entire section of the original commit which fixed ECDSA code not
present on this branch)
changeset: 4619:9c6c638d98d8
user: Simon Tatham <[email protected]>
date: Sun Jul 14 10:45:54 2013 +0000
files: import.c ssh.c sshdss.c sshpubk.c sshrsa.c
description:
Tighten up a lot of casts from unsigned to int which are read by one
of the GET_32BIT macros and then used as length fields. Missing bounds
checks against zero have been added, and also I've introduced a helper
function toint() which casts from unsigned to int in such a way as to
avoid C undefined behaviour, since I'm not sure I trust compilers any
more to do the obviously sensible thing.
[originally from svn r9918]
changeset: 4618:3957829f24d3
user: Simon Tatham <[email protected]>
date: Mon Jul 08 22:36:04 2013 +0000
files: import.c sshdss.c sshrsa.c
description:
Add an assortment of extra safety checks.
[originally from svn r9896]
changeset: 4617:2cddee0bce12
user: Jacob Nevins <[email protected]>
date: Wed Dec 07 00:24:45 2005 +0000
files: import.c
description:
Institutional failure to memset() things pointed at rather than pointers.
Things should now be zeroed and memory not leaked. Spotted by Brant Thomsen.
[originally from svn r6476]
changeset: 4616:24ac78a9c71d
user: Simon Tatham <[email protected]>
date: Wed Feb 11 13:58:27 2004 +0000
files: import.c
description:
Jacob's last-minute testing found a couple of trivial bugs in
import.c, and my attempts to reproduce them in cmdgen found another
one there :-)
[originally from svn r3847]
changeset: 4615:088d39a73db0
user: Simon Tatham <[email protected]>
date: Thu Jan 22 18:52:49 2004 +0000
files: import.c
description:
Placate some gcc warnings.
[originally from svn r3761]
changeset: 4614:e4288bad4d93
parent: 1758:108b8924593d
user: Simon Tatham <[email protected]>
date: Fri Oct 03 21:21:23 2003 +0000
files: import.c
description:
My ASN.1 decoder returned wrong IDs for anything above 0x1E! Good
job it's never had to yet. Ahem.
[originally from svn r3479]
author | Matt Johnston <matt@ucc.asn.au> |
---|---|
date | Tue, 12 Jul 2016 23:00:01 +0800 |
parents | 0c47d97aa9d5 |
children | 750ec4ec4cbe |
rev | line source |
---|---|
74
e3adf4cf5465
License boilerplate etc, add Mihnea as an author to some of the files
Matt Johnston <matt@ucc.asn.au>
parents:
68
diff
changeset
|
1 /* |
e3adf4cf5465
License boilerplate etc, add Mihnea as an author to some of the files
Matt Johnston <matt@ucc.asn.au>
parents:
68
diff
changeset
|
2 * Dropbear SSH |
e3adf4cf5465
License boilerplate etc, add Mihnea as an author to some of the files
Matt Johnston <matt@ucc.asn.au>
parents:
68
diff
changeset
|
3 * |
e3adf4cf5465
License boilerplate etc, add Mihnea as an author to some of the files
Matt Johnston <matt@ucc.asn.au>
parents:
68
diff
changeset
|
4 * Copyright (c) 2002,2003 Matt Johnston |
e3adf4cf5465
License boilerplate etc, add Mihnea as an author to some of the files
Matt Johnston <matt@ucc.asn.au>
parents:
68
diff
changeset
|
5 * Copyright (c) 2004 by Mihnea Stoenescu |
e3adf4cf5465
License boilerplate etc, add Mihnea as an author to some of the files
Matt Johnston <matt@ucc.asn.au>
parents:
68
diff
changeset
|
6 * All rights reserved. |
e3adf4cf5465
License boilerplate etc, add Mihnea as an author to some of the files
Matt Johnston <matt@ucc.asn.au>
parents:
68
diff
changeset
|
7 * |
e3adf4cf5465
License boilerplate etc, add Mihnea as an author to some of the files
Matt Johnston <matt@ucc.asn.au>
parents:
68
diff
changeset
|
8 * Permission is hereby granted, free of charge, to any person obtaining a copy |
e3adf4cf5465
License boilerplate etc, add Mihnea as an author to some of the files
Matt Johnston <matt@ucc.asn.au>
parents:
68
diff
changeset
|
9 * of this software and associated documentation files (the "Software"), to deal |
e3adf4cf5465
License boilerplate etc, add Mihnea as an author to some of the files
Matt Johnston <matt@ucc.asn.au>
parents:
68
diff
changeset
|
10 * in the Software without restriction, including without limitation the rights |
e3adf4cf5465
License boilerplate etc, add Mihnea as an author to some of the files
Matt Johnston <matt@ucc.asn.au>
parents:
68
diff
changeset
|
11 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell |
e3adf4cf5465
License boilerplate etc, add Mihnea as an author to some of the files
Matt Johnston <matt@ucc.asn.au>
parents:
68
diff
changeset
|
12 * copies of the Software, and to permit persons to whom the Software is |
e3adf4cf5465
License boilerplate etc, add Mihnea as an author to some of the files
Matt Johnston <matt@ucc.asn.au>
parents:
68
diff
changeset
|
13 * furnished to do so, subject to the following conditions: |
e3adf4cf5465
License boilerplate etc, add Mihnea as an author to some of the files
Matt Johnston <matt@ucc.asn.au>
parents:
68
diff
changeset
|
14 * |
e3adf4cf5465
License boilerplate etc, add Mihnea as an author to some of the files
Matt Johnston <matt@ucc.asn.au>
parents:
68
diff
changeset
|
15 * The above copyright notice and this permission notice shall be included in |
e3adf4cf5465
License boilerplate etc, add Mihnea as an author to some of the files
Matt Johnston <matt@ucc.asn.au>
parents:
68
diff
changeset
|
16 * all copies or substantial portions of the Software. |
e3adf4cf5465
License boilerplate etc, add Mihnea as an author to some of the files
Matt Johnston <matt@ucc.asn.au>
parents:
68
diff
changeset
|
17 * |
e3adf4cf5465
License boilerplate etc, add Mihnea as an author to some of the files
Matt Johnston <matt@ucc.asn.au>
parents:
68
diff
changeset
|
18 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR |
e3adf4cf5465
License boilerplate etc, add Mihnea as an author to some of the files
Matt Johnston <matt@ucc.asn.au>
parents:
68
diff
changeset
|
19 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, |
e3adf4cf5465
License boilerplate etc, add Mihnea as an author to some of the files
Matt Johnston <matt@ucc.asn.au>
parents:
68
diff
changeset
|
20 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE |
e3adf4cf5465
License boilerplate etc, add Mihnea as an author to some of the files
Matt Johnston <matt@ucc.asn.au>
parents:
68
diff
changeset
|
21 * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER |
e3adf4cf5465
License boilerplate etc, add Mihnea as an author to some of the files
Matt Johnston <matt@ucc.asn.au>
parents:
68
diff
changeset
|
22 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, |
e3adf4cf5465
License boilerplate etc, add Mihnea as an author to some of the files
Matt Johnston <matt@ucc.asn.au>
parents:
68
diff
changeset
|
23 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE |
e3adf4cf5465
License boilerplate etc, add Mihnea as an author to some of the files
Matt Johnston <matt@ucc.asn.au>
parents:
68
diff
changeset
|
24 * SOFTWARE. */ |
e3adf4cf5465
License boilerplate etc, add Mihnea as an author to some of the files
Matt Johnston <matt@ucc.asn.au>
parents:
68
diff
changeset
|
25 |
26 | 26 #include "includes.h" |
27 #include "session.h" | |
28 #include "dbutil.h" | |
29 #include "kex.h" | |
30 #include "ssh.h" | |
31 #include "packet.h" | |
64 | 32 #include "tcpfwd.h" |
26 | 33 #include "channel.h" |
858
220f55d540ae
rename random.h to dbrandom.h since some OSes have a system random.h
Matt Johnston <matt@ucc.asn.au>
parents:
857
diff
changeset
|
34 #include "dbrandom.h" |
33 | 35 #include "service.h" |
40
b4874d772210
- Added terminal mode handling etc for the client, and window change
Matt Johnston <matt@ucc.asn.au>
parents:
39
diff
changeset
|
36 #include "runopts.h" |
b4874d772210
- Added terminal mode handling etc for the client, and window change
Matt Johnston <matt@ucc.asn.au>
parents:
39
diff
changeset
|
37 #include "chansession.h" |
547
cf376c696dfc
Make it compile, update for changes in channel structure.
Matt Johnston <matt@ucc.asn.au>
parents:
546
diff
changeset
|
38 #include "agentfwd.h" |
766 | 39 #include "crypto_desc.h" |
1032
0da8ba489c23
Move generic network routines to netio.c
Matt Johnston <matt@ucc.asn.au>
parents:
1031
diff
changeset
|
40 #include "netio.h" |
26 | 41 |
1276
9169e4e7cbee
fix empty C prototypes
Francois Perrad <francois.perrad@gadz.org>
parents:
1212
diff
changeset
|
42 static void cli_remoteclosed(void) ATTRIB_NORETURN; |
9169e4e7cbee
fix empty C prototypes
Francois Perrad <francois.perrad@gadz.org>
parents:
1212
diff
changeset
|
43 static void cli_sessionloop(void); |
1208
fb58cf341951
Client: kill proxy command when exiting application.
Konstantin Tokarev <ktokarev@smartlabs.tv>
parents:
1124
diff
changeset
|
44 static void cli_session_init(pid_t proxy_cmd_pid); |
1276
9169e4e7cbee
fix empty C prototypes
Francois Perrad <francois.perrad@gadz.org>
parents:
1212
diff
changeset
|
45 static void cli_finished(void) ATTRIB_NORETURN; |
727
00bc3df3a9c3
Don't bother waiting for a ssh-connection service reply - the server
Matt Johnston <matt@ucc.asn.au>
parents:
726
diff
changeset
|
46 static void recv_msg_service_accept(void); |
733
70811267715c
Run the cleanup handler also when we close due to TCP connection being closed
Matt Johnston <matt@ucc.asn.au>
parents:
731
diff
changeset
|
47 static void cli_session_cleanup(void); |
937
4ad38e223ccd
Send a failure response if a client receives a global request
Matt Johnston <matt@ucc.asn.au>
parents:
883
diff
changeset
|
48 static void recv_msg_global_request_cli(void); |
26 | 49 |
50 struct clientsession cli_ses; /* GLOBAL */ | |
51 | |
45
9ee8996a375f
Pubkey auth is mostly there for the client. Something strange with
Matt Johnston <matt@ucc.asn.au>
parents:
43
diff
changeset
|
52 /* Sorted in decreasing frequency will be more efficient - data and window |
9ee8996a375f
Pubkey auth is mostly there for the client. Something strange with
Matt Johnston <matt@ucc.asn.au>
parents:
43
diff
changeset
|
53 * should be first */ |
26 | 54 static const packettype cli_packettypes[] = { |
74
e3adf4cf5465
License boilerplate etc, add Mihnea as an author to some of the files
Matt Johnston <matt@ucc.asn.au>
parents:
68
diff
changeset
|
55 /* TYPE, FUNCTION */ |
26 | 56 {SSH_MSG_CHANNEL_DATA, recv_msg_channel_data}, |
107 | 57 {SSH_MSG_CHANNEL_EXTENDED_DATA, recv_msg_channel_extended_data}, |
26 | 58 {SSH_MSG_CHANNEL_WINDOW_ADJUST, recv_msg_channel_window_adjust}, |
45
9ee8996a375f
Pubkey auth is mostly there for the client. Something strange with
Matt Johnston <matt@ucc.asn.au>
parents:
43
diff
changeset
|
59 {SSH_MSG_USERAUTH_FAILURE, recv_msg_userauth_failure}, /* client */ |
9ee8996a375f
Pubkey auth is mostly there for the client. Something strange with
Matt Johnston <matt@ucc.asn.au>
parents:
43
diff
changeset
|
60 {SSH_MSG_USERAUTH_SUCCESS, recv_msg_userauth_success}, /* client */ |
9ee8996a375f
Pubkey auth is mostly there for the client. Something strange with
Matt Johnston <matt@ucc.asn.au>
parents:
43
diff
changeset
|
61 {SSH_MSG_KEXINIT, recv_msg_kexinit}, |
9ee8996a375f
Pubkey auth is mostly there for the client. Something strange with
Matt Johnston <matt@ucc.asn.au>
parents:
43
diff
changeset
|
62 {SSH_MSG_KEXDH_REPLY, recv_msg_kexdh_reply}, /* client */ |
9ee8996a375f
Pubkey auth is mostly there for the client. Something strange with
Matt Johnston <matt@ucc.asn.au>
parents:
43
diff
changeset
|
63 {SSH_MSG_NEWKEYS, recv_msg_newkeys}, |
9ee8996a375f
Pubkey auth is mostly there for the client. Something strange with
Matt Johnston <matt@ucc.asn.au>
parents:
43
diff
changeset
|
64 {SSH_MSG_SERVICE_ACCEPT, recv_msg_service_accept}, /* client */ |
26 | 65 {SSH_MSG_CHANNEL_REQUEST, recv_msg_channel_request}, |
66 {SSH_MSG_CHANNEL_OPEN, recv_msg_channel_open}, | |
67 {SSH_MSG_CHANNEL_EOF, recv_msg_channel_eof}, | |
68 {SSH_MSG_CHANNEL_CLOSE, recv_msg_channel_close}, | |
69 {SSH_MSG_CHANNEL_OPEN_CONFIRMATION, recv_msg_channel_open_confirmation}, | |
70 {SSH_MSG_CHANNEL_OPEN_FAILURE, recv_msg_channel_open_failure}, | |
45
9ee8996a375f
Pubkey auth is mostly there for the client. Something strange with
Matt Johnston <matt@ucc.asn.au>
parents:
43
diff
changeset
|
71 {SSH_MSG_USERAUTH_BANNER, recv_msg_userauth_banner}, /* client */ |
249
efbaf6b03837
added keyboard-interactive client support
Matt Johnston <matt@ucc.asn.au>
parents:
215
diff
changeset
|
72 {SSH_MSG_USERAUTH_SPECIFIC_60, recv_msg_userauth_specific_60}, /* client */ |
937
4ad38e223ccd
Send a failure response if a client receives a global request
Matt Johnston <matt@ucc.asn.au>
parents:
883
diff
changeset
|
73 {SSH_MSG_GLOBAL_REQUEST, recv_msg_global_request_cli}, |
970
0bb16232e7c4
Make keepalive handling more robust, this should now match what OpenSSH does
Matt Johnston <matt@ucc.asn.au>
parents:
968
diff
changeset
|
74 {SSH_MSG_CHANNEL_SUCCESS, ignore_recv_response}, |
0bb16232e7c4
Make keepalive handling more robust, this should now match what OpenSSH does
Matt Johnston <matt@ucc.asn.au>
parents:
968
diff
changeset
|
75 {SSH_MSG_CHANNEL_FAILURE, ignore_recv_response}, |
505
805e557fdff7
Report errors if a remote request fails
Matt Johnston <matt@ucc.asn.au>
parents:
486
diff
changeset
|
76 #ifdef ENABLE_CLI_REMOTETCPFWD |
805e557fdff7
Report errors if a remote request fails
Matt Johnston <matt@ucc.asn.au>
parents:
486
diff
changeset
|
77 {SSH_MSG_REQUEST_SUCCESS, cli_recv_msg_request_success}, /* client */ |
805e557fdff7
Report errors if a remote request fails
Matt Johnston <matt@ucc.asn.au>
parents:
486
diff
changeset
|
78 {SSH_MSG_REQUEST_FAILURE, cli_recv_msg_request_failure}, /* client */ |
968
f7f6c15b0ec3
Don't send SSH_MSG_UNIMPLEMENTED for keepalive responses
Matt Johnston <matt@ucc.asn.au>
parents:
937
diff
changeset
|
79 #else |
970
0bb16232e7c4
Make keepalive handling more robust, this should now match what OpenSSH does
Matt Johnston <matt@ucc.asn.au>
parents:
968
diff
changeset
|
80 /* For keepalive */ |
0bb16232e7c4
Make keepalive handling more robust, this should now match what OpenSSH does
Matt Johnston <matt@ucc.asn.au>
parents:
968
diff
changeset
|
81 {SSH_MSG_REQUEST_SUCCESS, ignore_recv_response}, |
0bb16232e7c4
Make keepalive handling more robust, this should now match what OpenSSH does
Matt Johnston <matt@ucc.asn.au>
parents:
968
diff
changeset
|
82 {SSH_MSG_REQUEST_FAILURE, ignore_recv_response}, |
505
805e557fdff7
Report errors if a remote request fails
Matt Johnston <matt@ucc.asn.au>
parents:
486
diff
changeset
|
83 #endif |
26 | 84 {0, 0} /* End */ |
85 }; | |
86 | |
87 static const struct ChanType *cli_chantypes[] = { | |
64 | 88 #ifdef ENABLE_CLI_REMOTETCPFWD |
89 &cli_chan_tcpremote, | |
90 #endif | |
225
ca7e76d981d9
- progress towards client agent forwarding
Matt Johnston <matt@ucc.asn.au>
parents:
215
diff
changeset
|
91 #ifdef ENABLE_CLI_AGENTFWD |
ca7e76d981d9
- progress towards client agent forwarding
Matt Johnston <matt@ucc.asn.au>
parents:
215
diff
changeset
|
92 &cli_chan_agent, |
ca7e76d981d9
- progress towards client agent forwarding
Matt Johnston <matt@ucc.asn.au>
parents:
215
diff
changeset
|
93 #endif |
26 | 94 NULL /* Null termination */ |
95 }; | |
33 | 96 |
1025 | 97 void cli_connected(int result, int sock, void* userdata, const char *errstring) |
98 { | |
1032
0da8ba489c23
Move generic network routines to netio.c
Matt Johnston <matt@ucc.asn.au>
parents:
1031
diff
changeset
|
99 struct sshsession *myses = userdata; |
0da8ba489c23
Move generic network routines to netio.c
Matt Johnston <matt@ucc.asn.au>
parents:
1031
diff
changeset
|
100 if (result == DROPBEAR_FAILURE) { |
1025 | 101 dropbear_exit("Connect failed: %s", errstring); |
102 } | |
1032
0da8ba489c23
Move generic network routines to netio.c
Matt Johnston <matt@ucc.asn.au>
parents:
1031
diff
changeset
|
103 myses->sock_in = myses->sock_out = sock; |
1031
64c0aa01e2b6
Update priority once the socket is open
Matt Johnston <matt@ucc.asn.au>
parents:
1027
diff
changeset
|
104 update_channel_prio(); |
1025 | 105 } |
106 | |
1208
fb58cf341951
Client: kill proxy command when exiting application.
Konstantin Tokarev <ktokarev@smartlabs.tv>
parents:
1124
diff
changeset
|
107 void cli_session(int sock_in, int sock_out, struct dropbear_progress_connection *progress, pid_t proxy_cmd_pid) { |
26 | 108 |
568
005530560594
Rearrange getaddrstring() etc
Matt Johnston <matt@ucc.asn.au>
parents:
560
diff
changeset
|
109 common_session_init(sock_in, sock_out); |
26 | 110 |
1027
daf21fd50abf
In theory TFO should work. Needs platform cleanup and testing
Matt Johnston <matt@ucc.asn.au>
parents:
1025
diff
changeset
|
111 if (progress) { |
daf21fd50abf
In theory TFO should work. Needs platform cleanup and testing
Matt Johnston <matt@ucc.asn.au>
parents:
1025
diff
changeset
|
112 connect_set_writequeue(progress, &ses.writequeue); |
daf21fd50abf
In theory TFO should work. Needs platform cleanup and testing
Matt Johnston <matt@ucc.asn.au>
parents:
1025
diff
changeset
|
113 } |
daf21fd50abf
In theory TFO should work. Needs platform cleanup and testing
Matt Johnston <matt@ucc.asn.au>
parents:
1025
diff
changeset
|
114 |
26 | 115 chaninitialise(cli_chantypes); |
116 | |
33 | 117 /* Set up cli_ses vars */ |
1208
fb58cf341951
Client: kill proxy command when exiting application.
Konstantin Tokarev <ktokarev@smartlabs.tv>
parents:
1124
diff
changeset
|
118 cli_session_init(proxy_cmd_pid); |
1027
daf21fd50abf
In theory TFO should work. Needs platform cleanup and testing
Matt Johnston <matt@ucc.asn.au>
parents:
1025
diff
changeset
|
119 |
26 | 120 /* Ready to go */ |
121 sessinitdone = 1; | |
122 | |
123 /* Exchange identification */ | |
726
78eda530c000
send out our kexinit packet before blocking to read the SSH version string
Matt Johnston <matt@ucc.asn.au>
parents:
686
diff
changeset
|
124 send_session_identification(); |
26 | 125 |
1083
8e0280986710
Make sure kexfirstinitialise is called early enough
Matt Johnston <matt@ucc.asn.au>
parents:
1049
diff
changeset
|
126 kexfirstinitialise(); /* initialise the kex state */ |
8e0280986710
Make sure kexfirstinitialise is called early enough
Matt Johnston <matt@ucc.asn.au>
parents:
1049
diff
changeset
|
127 |
26 | 128 send_msg_kexinit(); |
129 | |
130 session_loop(cli_sessionloop); | |
131 | |
132 /* Not reached */ | |
133 | |
33 | 134 } |
26 | 135 |
746
465fefc4f6e0
Put some #ifdef options around first-follows options in case they
Matt Johnston <matt@ucc.asn.au>
parents:
745
diff
changeset
|
136 #ifdef USE_KEX_FIRST_FOLLOWS |
739
d44325108d0e
first_kex_packet_follows working, needs tidying
Matt Johnston <matt@ucc.asn.au>
parents:
686
diff
changeset
|
137 static void cli_send_kex_first_guess() { |
d44325108d0e
first_kex_packet_follows working, needs tidying
Matt Johnston <matt@ucc.asn.au>
parents:
686
diff
changeset
|
138 send_msg_kexdh_init(); |
d44325108d0e
first_kex_packet_follows working, needs tidying
Matt Johnston <matt@ucc.asn.au>
parents:
686
diff
changeset
|
139 } |
746
465fefc4f6e0
Put some #ifdef options around first-follows options in case they
Matt Johnston <matt@ucc.asn.au>
parents:
745
diff
changeset
|
140 #endif |
739
d44325108d0e
first_kex_packet_follows working, needs tidying
Matt Johnston <matt@ucc.asn.au>
parents:
686
diff
changeset
|
141 |
1208
fb58cf341951
Client: kill proxy command when exiting application.
Konstantin Tokarev <ktokarev@smartlabs.tv>
parents:
1124
diff
changeset
|
142 static void cli_session_init(pid_t proxy_cmd_pid) { |
33 | 143 |
144 cli_ses.state = STATE_NOTHING; | |
145 cli_ses.kex_state = KEX_NOTHING; | |
146 | |
39
0883c0906870
tty raw mode support works mostly
Matt Johnston <matt@ucc.asn.au>
parents:
37
diff
changeset
|
147 cli_ses.tty_raw_mode = 0; |
41
18eccbfb9641
added window-size change handling
Matt Johnston <matt@ucc.asn.au>
parents:
40
diff
changeset
|
148 cli_ses.winchange = 0; |
39
0883c0906870
tty raw mode support works mostly
Matt Johnston <matt@ucc.asn.au>
parents:
37
diff
changeset
|
149 |
175
2c5741e4b855
* Reset the non-blocking status of stdout and stderr as well on exit
Matt Johnston <matt@ucc.asn.au>
parents:
165
diff
changeset
|
150 /* We store std{in,out,err}'s flags, so we can set them back on exit |
2c5741e4b855
* Reset the non-blocking status of stdout and stderr as well on exit
Matt Johnston <matt@ucc.asn.au>
parents:
165
diff
changeset
|
151 * (otherwise busybox's ash isn't happy */ |
99
0247fbd9379d
Move the revert-to-non-blocking-stdin code to cli-session so it
Matt Johnston <matt@ucc.asn.au>
parents:
74
diff
changeset
|
152 cli_ses.stdincopy = dup(STDIN_FILENO); |
0247fbd9379d
Move the revert-to-non-blocking-stdin code to cli-session so it
Matt Johnston <matt@ucc.asn.au>
parents:
74
diff
changeset
|
153 cli_ses.stdinflags = fcntl(STDIN_FILENO, F_GETFL, 0); |
175
2c5741e4b855
* Reset the non-blocking status of stdout and stderr as well on exit
Matt Johnston <matt@ucc.asn.au>
parents:
165
diff
changeset
|
154 cli_ses.stdoutcopy = dup(STDOUT_FILENO); |
2c5741e4b855
* Reset the non-blocking status of stdout and stderr as well on exit
Matt Johnston <matt@ucc.asn.au>
parents:
165
diff
changeset
|
155 cli_ses.stdoutflags = fcntl(STDOUT_FILENO, F_GETFL, 0); |
2c5741e4b855
* Reset the non-blocking status of stdout and stderr as well on exit
Matt Johnston <matt@ucc.asn.au>
parents:
165
diff
changeset
|
156 cli_ses.stderrcopy = dup(STDERR_FILENO); |
2c5741e4b855
* Reset the non-blocking status of stdout and stderr as well on exit
Matt Johnston <matt@ucc.asn.au>
parents:
165
diff
changeset
|
157 cli_ses.stderrflags = fcntl(STDERR_FILENO, F_GETFL, 0); |
99
0247fbd9379d
Move the revert-to-non-blocking-stdin code to cli-session so it
Matt Johnston <matt@ucc.asn.au>
parents:
74
diff
changeset
|
158 |
108
10f4d3319780
- added circular buffering for channels
Matt Johnston <matt@ucc.asn.au>
parents:
107
diff
changeset
|
159 cli_ses.retval = EXIT_SUCCESS; /* Assume it's clean if we don't get a |
10f4d3319780
- added circular buffering for channels
Matt Johnston <matt@ucc.asn.au>
parents:
107
diff
changeset
|
160 specific exit status */ |
1208
fb58cf341951
Client: kill proxy command when exiting application.
Konstantin Tokarev <ktokarev@smartlabs.tv>
parents:
1124
diff
changeset
|
161 cli_ses.proxy_cmd_pid = proxy_cmd_pid; |
fb58cf341951
Client: kill proxy command when exiting application.
Konstantin Tokarev <ktokarev@smartlabs.tv>
parents:
1124
diff
changeset
|
162 TRACE(("proxy command PID='%d'", proxy_cmd_pid)); |
108
10f4d3319780
- added circular buffering for channels
Matt Johnston <matt@ucc.asn.au>
parents:
107
diff
changeset
|
163 |
47 | 164 /* Auth */ |
215
aad4b3f58556
rename PubkeyList to SignKeyList for clarity
Matt Johnston <matt@ucc.asn.au>
parents:
175
diff
changeset
|
165 cli_ses.lastprivkey = NULL; |
136
fb7147e2fb04
- Fixed a couple of compile warnings
Matt Johnston <matt@ucc.asn.au>
parents:
108
diff
changeset
|
166 cli_ses.lastauthtype = 0; |
47 | 167 |
686
983a817f8e41
- Only request "none" cipher after auth has succeeded
Matt Johnston <matt@ucc.asn.au>
parents:
594
diff
changeset
|
168 #ifdef DROPBEAR_NONE_CIPHER |
983a817f8e41
- Only request "none" cipher after auth has succeeded
Matt Johnston <matt@ucc.asn.au>
parents:
594
diff
changeset
|
169 cli_ses.cipher_none_after_auth = get_algo_usable(sshciphers, "none"); |
983a817f8e41
- Only request "none" cipher after auth has succeeded
Matt Johnston <matt@ucc.asn.au>
parents:
594
diff
changeset
|
170 set_algo_usable(sshciphers, "none", 0); |
983a817f8e41
- Only request "none" cipher after auth has succeeded
Matt Johnston <matt@ucc.asn.au>
parents:
594
diff
changeset
|
171 #else |
983a817f8e41
- Only request "none" cipher after auth has succeeded
Matt Johnston <matt@ucc.asn.au>
parents:
594
diff
changeset
|
172 cli_ses.cipher_none_after_auth = 0; |
983a817f8e41
- Only request "none" cipher after auth has succeeded
Matt Johnston <matt@ucc.asn.au>
parents:
594
diff
changeset
|
173 #endif |
983a817f8e41
- Only request "none" cipher after auth has succeeded
Matt Johnston <matt@ucc.asn.au>
parents:
594
diff
changeset
|
174 |
33 | 175 /* For printing "remote host closed" for the user */ |
176 ses.remoteclosed = cli_remoteclosed; | |
177 | |
733
70811267715c
Run the cleanup handler also when we close due to TCP connection being closed
Matt Johnston <matt@ucc.asn.au>
parents:
731
diff
changeset
|
178 ses.extra_session_cleanup = cli_session_cleanup; |
33 | 179 |
180 /* packet handlers */ | |
181 ses.packettypes = cli_packettypes; | |
35
0ad5fb979f42
set the isserver flag (oops)
Matt Johnston <matt@ucc.asn.au>
parents:
34
diff
changeset
|
182 |
0ad5fb979f42
set the isserver flag (oops)
Matt Johnston <matt@ucc.asn.au>
parents:
34
diff
changeset
|
183 ses.isserver = 0; |
739
d44325108d0e
first_kex_packet_follows working, needs tidying
Matt Johnston <matt@ucc.asn.au>
parents:
686
diff
changeset
|
184 |
746
465fefc4f6e0
Put some #ifdef options around first-follows options in case they
Matt Johnston <matt@ucc.asn.au>
parents:
745
diff
changeset
|
185 #ifdef USE_KEX_FIRST_FOLLOWS |
739
d44325108d0e
first_kex_packet_follows working, needs tidying
Matt Johnston <matt@ucc.asn.au>
parents:
686
diff
changeset
|
186 ses.send_kex_first_guess = cli_send_kex_first_guess; |
746
465fefc4f6e0
Put some #ifdef options around first-follows options in case they
Matt Johnston <matt@ucc.asn.au>
parents:
745
diff
changeset
|
187 #endif |
739
d44325108d0e
first_kex_packet_follows working, needs tidying
Matt Johnston <matt@ucc.asn.au>
parents:
686
diff
changeset
|
188 |
26 | 189 } |
190 | |
727
00bc3df3a9c3
Don't bother waiting for a ssh-connection service reply - the server
Matt Johnston <matt@ucc.asn.au>
parents:
726
diff
changeset
|
191 static void send_msg_service_request(char* servicename) { |
00bc3df3a9c3
Don't bother waiting for a ssh-connection service reply - the server
Matt Johnston <matt@ucc.asn.au>
parents:
726
diff
changeset
|
192 |
00bc3df3a9c3
Don't bother waiting for a ssh-connection service reply - the server
Matt Johnston <matt@ucc.asn.au>
parents:
726
diff
changeset
|
193 TRACE(("enter send_msg_service_request: servicename='%s'", servicename)) |
00bc3df3a9c3
Don't bother waiting for a ssh-connection service reply - the server
Matt Johnston <matt@ucc.asn.au>
parents:
726
diff
changeset
|
194 |
00bc3df3a9c3
Don't bother waiting for a ssh-connection service reply - the server
Matt Johnston <matt@ucc.asn.au>
parents:
726
diff
changeset
|
195 CHECKCLEARTOWRITE(); |
00bc3df3a9c3
Don't bother waiting for a ssh-connection service reply - the server
Matt Johnston <matt@ucc.asn.au>
parents:
726
diff
changeset
|
196 |
00bc3df3a9c3
Don't bother waiting for a ssh-connection service reply - the server
Matt Johnston <matt@ucc.asn.au>
parents:
726
diff
changeset
|
197 buf_putbyte(ses.writepayload, SSH_MSG_SERVICE_REQUEST); |
00bc3df3a9c3
Don't bother waiting for a ssh-connection service reply - the server
Matt Johnston <matt@ucc.asn.au>
parents:
726
diff
changeset
|
198 buf_putstring(ses.writepayload, servicename, strlen(servicename)); |
00bc3df3a9c3
Don't bother waiting for a ssh-connection service reply - the server
Matt Johnston <matt@ucc.asn.au>
parents:
726
diff
changeset
|
199 |
00bc3df3a9c3
Don't bother waiting for a ssh-connection service reply - the server
Matt Johnston <matt@ucc.asn.au>
parents:
726
diff
changeset
|
200 encrypt_packet(); |
00bc3df3a9c3
Don't bother waiting for a ssh-connection service reply - the server
Matt Johnston <matt@ucc.asn.au>
parents:
726
diff
changeset
|
201 TRACE(("leave send_msg_service_request")) |
00bc3df3a9c3
Don't bother waiting for a ssh-connection service reply - the server
Matt Johnston <matt@ucc.asn.au>
parents:
726
diff
changeset
|
202 } |
00bc3df3a9c3
Don't bother waiting for a ssh-connection service reply - the server
Matt Johnston <matt@ucc.asn.au>
parents:
726
diff
changeset
|
203 |
00bc3df3a9c3
Don't bother waiting for a ssh-connection service reply - the server
Matt Johnston <matt@ucc.asn.au>
parents:
726
diff
changeset
|
204 static void recv_msg_service_accept(void) { |
857 | 205 /* do nothing, if it failed then the server MUST have disconnected */ |
727
00bc3df3a9c3
Don't bother waiting for a ssh-connection service reply - the server
Matt Johnston <matt@ucc.asn.au>
parents:
726
diff
changeset
|
206 } |
00bc3df3a9c3
Don't bother waiting for a ssh-connection service reply - the server
Matt Johnston <matt@ucc.asn.au>
parents:
726
diff
changeset
|
207 |
33 | 208 /* This function drives the progress of the session - it initiates KEX, |
209 * service, userauth and channel requests */ | |
26 | 210 static void cli_sessionloop() { |
211 | |
731
9a5438271556
Move the more verbose TRACE() statements into TRACE2()
Matt Johnston <matt@ucc.asn.au>
parents:
727
diff
changeset
|
212 TRACE2(("enter cli_sessionloop")) |
33 | 213 |
745
15999b098cc9
Don't usually need to recalculate dh_e for the repeated kexdh_init packet
Matt Johnston <matt@ucc.asn.au>
parents:
743
diff
changeset
|
214 if (ses.lastpacket == 0) { |
15999b098cc9
Don't usually need to recalculate dh_e for the repeated kexdh_init packet
Matt Johnston <matt@ucc.asn.au>
parents:
743
diff
changeset
|
215 TRACE2(("exit cli_sessionloop: no real packets yet")) |
15999b098cc9
Don't usually need to recalculate dh_e for the repeated kexdh_init packet
Matt Johnston <matt@ucc.asn.au>
parents:
743
diff
changeset
|
216 return; |
15999b098cc9
Don't usually need to recalculate dh_e for the repeated kexdh_init packet
Matt Johnston <matt@ucc.asn.au>
parents:
743
diff
changeset
|
217 } |
15999b098cc9
Don't usually need to recalculate dh_e for the repeated kexdh_init packet
Matt Johnston <matt@ucc.asn.au>
parents:
743
diff
changeset
|
218 |
34
e2a1eaa19f22
Client mostly works up to password auth
Matt Johnston <matt@ucc.asn.au>
parents:
33
diff
changeset
|
219 if (ses.lastpacket == SSH_MSG_KEXINIT && cli_ses.kex_state == KEX_NOTHING) { |
33 | 220 /* We initiate the KEXDH. If DH wasn't the correct type, the KEXINIT |
221 * negotiation would have failed. */ | |
739
d44325108d0e
first_kex_packet_follows working, needs tidying
Matt Johnston <matt@ucc.asn.au>
parents:
686
diff
changeset
|
222 if (!ses.kexstate.our_first_follows_matches) { |
d44325108d0e
first_kex_packet_follows working, needs tidying
Matt Johnston <matt@ucc.asn.au>
parents:
686
diff
changeset
|
223 send_msg_kexdh_init(); |
d44325108d0e
first_kex_packet_follows working, needs tidying
Matt Johnston <matt@ucc.asn.au>
parents:
686
diff
changeset
|
224 } |
d44325108d0e
first_kex_packet_follows working, needs tidying
Matt Johnston <matt@ucc.asn.au>
parents:
686
diff
changeset
|
225 cli_ses.kex_state = KEXDH_INIT_SENT; |
165
0cfba3034be5
Fixed DEBUG_TRACE macro so that we don't get semicolons left about the place
Matt Johnston <matt@ucc.asn.au>
parents:
136
diff
changeset
|
226 TRACE(("leave cli_sessionloop: done with KEXINIT_RCVD")) |
33 | 227 return; |
228 } | |
229 | |
230 /* A KEX has finished, so we should go back to our KEX_NOTHING state */ | |
753
d63ef1e211ea
Take transmit and receive keys into use separately
Matt Johnston <matt@ucc.asn.au>
parents:
750
diff
changeset
|
231 if (cli_ses.kex_state != KEX_NOTHING && ses.kexstate.sentnewkeys) { |
33 | 232 cli_ses.kex_state = KEX_NOTHING; |
233 } | |
234 | |
235 /* We shouldn't do anything else if a KEX is in progress */ | |
236 if (cli_ses.kex_state != KEX_NOTHING) { | |
165
0cfba3034be5
Fixed DEBUG_TRACE macro so that we don't get semicolons left about the place
Matt Johnston <matt@ucc.asn.au>
parents:
136
diff
changeset
|
237 TRACE(("leave cli_sessionloop: kex_state != KEX_NOTHING")) |
33 | 238 return; |
239 } | |
240 | |
241 if (ses.kexstate.donefirstkex == 0) { | |
745
15999b098cc9
Don't usually need to recalculate dh_e for the repeated kexdh_init packet
Matt Johnston <matt@ucc.asn.au>
parents:
743
diff
changeset
|
242 /* We might reach here if we have partial packet reads or have |
15999b098cc9
Don't usually need to recalculate dh_e for the repeated kexdh_init packet
Matt Johnston <matt@ucc.asn.au>
parents:
743
diff
changeset
|
243 * received SSG_MSG_IGNORE etc. Just skip it */ |
753
d63ef1e211ea
Take transmit and receive keys into use separately
Matt Johnston <matt@ucc.asn.au>
parents:
750
diff
changeset
|
244 TRACE2(("donefirstkex false\n")) |
34
e2a1eaa19f22
Client mostly works up to password auth
Matt Johnston <matt@ucc.asn.au>
parents:
33
diff
changeset
|
245 return; |
33 | 246 } |
247 | |
26 | 248 switch (cli_ses.state) { |
249 | |
33 | 250 case STATE_NOTHING: |
251 /* We've got the transport layer sorted, we now need to request | |
252 * userauth */ | |
253 send_msg_service_request(SSH_SERVICE_USERAUTH); | |
254 cli_auth_getmethods(); | |
45
9ee8996a375f
Pubkey auth is mostly there for the client. Something strange with
Matt Johnston <matt@ucc.asn.au>
parents:
43
diff
changeset
|
255 cli_ses.state = USERAUTH_REQ_SENT; |
165
0cfba3034be5
Fixed DEBUG_TRACE macro so that we don't get semicolons left about the place
Matt Johnston <matt@ucc.asn.au>
parents:
136
diff
changeset
|
256 TRACE(("leave cli_sessionloop: sent userauth methods req")) |
33 | 257 return; |
883
ff597bf2cfb0
DROPBEAR_CLI_AUTH_IMMEDIATE fixed, now enabled by default
Matt Johnston <matt@ucc.asn.au>
parents:
858
diff
changeset
|
258 |
ff597bf2cfb0
DROPBEAR_CLI_AUTH_IMMEDIATE fixed, now enabled by default
Matt Johnston <matt@ucc.asn.au>
parents:
858
diff
changeset
|
259 case USERAUTH_REQ_SENT: |
ff597bf2cfb0
DROPBEAR_CLI_AUTH_IMMEDIATE fixed, now enabled by default
Matt Johnston <matt@ucc.asn.au>
parents:
858
diff
changeset
|
260 TRACE(("leave cli_sessionloop: waiting, req_sent")) |
ff597bf2cfb0
DROPBEAR_CLI_AUTH_IMMEDIATE fixed, now enabled by default
Matt Johnston <matt@ucc.asn.au>
parents:
858
diff
changeset
|
261 return; |
33 | 262 |
263 case USERAUTH_FAIL_RCVD: | |
734
619b1ed837fd
Be a bit more careful about when we want to use CLI_AUTH_IMMEDIATE
Matt Johnston <matt@ucc.asn.au>
parents:
733
diff
changeset
|
264 if (cli_auth_try() == DROPBEAR_FAILURE) { |
619b1ed837fd
Be a bit more careful about when we want to use CLI_AUTH_IMMEDIATE
Matt Johnston <matt@ucc.asn.au>
parents:
733
diff
changeset
|
265 dropbear_exit("No auth methods could be used."); |
619b1ed837fd
Be a bit more careful about when we want to use CLI_AUTH_IMMEDIATE
Matt Johnston <matt@ucc.asn.au>
parents:
733
diff
changeset
|
266 } |
45
9ee8996a375f
Pubkey auth is mostly there for the client. Something strange with
Matt Johnston <matt@ucc.asn.au>
parents:
43
diff
changeset
|
267 cli_ses.state = USERAUTH_REQ_SENT; |
165
0cfba3034be5
Fixed DEBUG_TRACE macro so that we don't get semicolons left about the place
Matt Johnston <matt@ucc.asn.au>
parents:
136
diff
changeset
|
268 TRACE(("leave cli_sessionloop: cli_auth_try")) |
33 | 269 return; |
270 | |
37 | 271 case USERAUTH_SUCCESS_RCVD: |
1212
bf626d259eb1
Support syslog logging in dbclient.
Konstantin Tokarev <ktokarev@smartlabs.tv>
parents:
1208
diff
changeset
|
272 #ifndef DISABLE_SYSLOG |
bf626d259eb1
Support syslog logging in dbclient.
Konstantin Tokarev <ktokarev@smartlabs.tv>
parents:
1208
diff
changeset
|
273 if (opts.usingsyslog) { |
bf626d259eb1
Support syslog logging in dbclient.
Konstantin Tokarev <ktokarev@smartlabs.tv>
parents:
1208
diff
changeset
|
274 dropbear_log(LOG_INFO, "Authentication succeeded."); |
bf626d259eb1
Support syslog logging in dbclient.
Konstantin Tokarev <ktokarev@smartlabs.tv>
parents:
1208
diff
changeset
|
275 } |
bf626d259eb1
Support syslog logging in dbclient.
Konstantin Tokarev <ktokarev@smartlabs.tv>
parents:
1208
diff
changeset
|
276 #endif |
326
d965110e3f5c
add -f background option to dbclient
Matt Johnston <matt@ucc.asn.au>
parents:
325
diff
changeset
|
277 |
686
983a817f8e41
- Only request "none" cipher after auth has succeeded
Matt Johnston <matt@ucc.asn.au>
parents:
594
diff
changeset
|
278 #ifdef DROPBEAR_NONE_CIPHER |
983a817f8e41
- Only request "none" cipher after auth has succeeded
Matt Johnston <matt@ucc.asn.au>
parents:
594
diff
changeset
|
279 if (cli_ses.cipher_none_after_auth) |
983a817f8e41
- Only request "none" cipher after auth has succeeded
Matt Johnston <matt@ucc.asn.au>
parents:
594
diff
changeset
|
280 { |
983a817f8e41
- Only request "none" cipher after auth has succeeded
Matt Johnston <matt@ucc.asn.au>
parents:
594
diff
changeset
|
281 set_algo_usable(sshciphers, "none", 1); |
983a817f8e41
- Only request "none" cipher after auth has succeeded
Matt Johnston <matt@ucc.asn.au>
parents:
594
diff
changeset
|
282 send_msg_kexinit(); |
983a817f8e41
- Only request "none" cipher after auth has succeeded
Matt Johnston <matt@ucc.asn.au>
parents:
594
diff
changeset
|
283 } |
983a817f8e41
- Only request "none" cipher after auth has succeeded
Matt Johnston <matt@ucc.asn.au>
parents:
594
diff
changeset
|
284 #endif |
983a817f8e41
- Only request "none" cipher after auth has succeeded
Matt Johnston <matt@ucc.asn.au>
parents:
594
diff
changeset
|
285 |
326
d965110e3f5c
add -f background option to dbclient
Matt Johnston <matt@ucc.asn.au>
parents:
325
diff
changeset
|
286 if (cli_opts.backgrounded) { |
d965110e3f5c
add -f background option to dbclient
Matt Johnston <matt@ucc.asn.au>
parents:
325
diff
changeset
|
287 int devnull; |
433
c216212001fc
Fix for -pedantic -ansi compilation, change // to /**/, plus some signedness
Matt Johnston <matt@ucc.asn.au>
parents:
326
diff
changeset
|
288 /* keeping stdin open steals input from the terminal and |
c216212001fc
Fix for -pedantic -ansi compilation, change // to /**/, plus some signedness
Matt Johnston <matt@ucc.asn.au>
parents:
326
diff
changeset
|
289 is confusing, though stdout/stderr could be useful. */ |
326
d965110e3f5c
add -f background option to dbclient
Matt Johnston <matt@ucc.asn.au>
parents:
325
diff
changeset
|
290 devnull = open(_PATH_DEVNULL, O_RDONLY); |
d965110e3f5c
add -f background option to dbclient
Matt Johnston <matt@ucc.asn.au>
parents:
325
diff
changeset
|
291 if (devnull < 0) { |
594
a98a2138364a
Improve capitalisation for all logged strings
Matt Johnston <matt@ucc.asn.au>
parents:
568
diff
changeset
|
292 dropbear_exit("Opening /dev/null: %d %s", |
326
d965110e3f5c
add -f background option to dbclient
Matt Johnston <matt@ucc.asn.au>
parents:
325
diff
changeset
|
293 errno, strerror(errno)); |
d965110e3f5c
add -f background option to dbclient
Matt Johnston <matt@ucc.asn.au>
parents:
325
diff
changeset
|
294 } |
d965110e3f5c
add -f background option to dbclient
Matt Johnston <matt@ucc.asn.au>
parents:
325
diff
changeset
|
295 dup2(devnull, STDIN_FILENO); |
d965110e3f5c
add -f background option to dbclient
Matt Johnston <matt@ucc.asn.au>
parents:
325
diff
changeset
|
296 if (daemon(0, 1) < 0) { |
d965110e3f5c
add -f background option to dbclient
Matt Johnston <matt@ucc.asn.au>
parents:
325
diff
changeset
|
297 dropbear_exit("Backgrounding failed: %d %s", |
d965110e3f5c
add -f background option to dbclient
Matt Johnston <matt@ucc.asn.au>
parents:
325
diff
changeset
|
298 errno, strerror(errno)); |
d965110e3f5c
add -f background option to dbclient
Matt Johnston <matt@ucc.asn.au>
parents:
325
diff
changeset
|
299 } |
d965110e3f5c
add -f background option to dbclient
Matt Johnston <matt@ucc.asn.au>
parents:
325
diff
changeset
|
300 } |
d965110e3f5c
add -f background option to dbclient
Matt Johnston <matt@ucc.asn.au>
parents:
325
diff
changeset
|
301 |
485
12d845ab7b5f
Rework netcat-alike to be a proper mode, with -B argument.
Matt Johnston <matt@ucc.asn.au>
parents:
478
diff
changeset
|
302 #ifdef ENABLE_CLI_NETCAT |
12d845ab7b5f
Rework netcat-alike to be a proper mode, with -B argument.
Matt Johnston <matt@ucc.asn.au>
parents:
478
diff
changeset
|
303 if (cli_opts.netcat_host) { |
12d845ab7b5f
Rework netcat-alike to be a proper mode, with -B argument.
Matt Johnston <matt@ucc.asn.au>
parents:
478
diff
changeset
|
304 cli_send_netcat_request(); |
12d845ab7b5f
Rework netcat-alike to be a proper mode, with -B argument.
Matt Johnston <matt@ucc.asn.au>
parents:
478
diff
changeset
|
305 } else |
12d845ab7b5f
Rework netcat-alike to be a proper mode, with -B argument.
Matt Johnston <matt@ucc.asn.au>
parents:
478
diff
changeset
|
306 #endif |
560 | 307 if (!cli_opts.no_cmd) { |
325
0e4f225b7e07
Add -N "no remote command" dbclient option.
Matt Johnston <matt@ucc.asn.au>
parents:
272
diff
changeset
|
308 cli_send_chansess_request(); |
0e4f225b7e07
Add -N "no remote command" dbclient option.
Matt Johnston <matt@ucc.asn.au>
parents:
272
diff
changeset
|
309 } |
754
2400b8685762
setup tcp after requesting a channel - might hide some DNS latency
Matt Johnston <matt@ucc.asn.au>
parents:
753
diff
changeset
|
310 |
2400b8685762
setup tcp after requesting a channel - might hide some DNS latency
Matt Johnston <matt@ucc.asn.au>
parents:
753
diff
changeset
|
311 #ifdef ENABLE_CLI_LOCALTCPFWD |
2400b8685762
setup tcp after requesting a channel - might hide some DNS latency
Matt Johnston <matt@ucc.asn.au>
parents:
753
diff
changeset
|
312 setup_localtcp(); |
2400b8685762
setup tcp after requesting a channel - might hide some DNS latency
Matt Johnston <matt@ucc.asn.au>
parents:
753
diff
changeset
|
313 #endif |
2400b8685762
setup tcp after requesting a channel - might hide some DNS latency
Matt Johnston <matt@ucc.asn.au>
parents:
753
diff
changeset
|
314 #ifdef ENABLE_CLI_REMOTETCPFWD |
2400b8685762
setup tcp after requesting a channel - might hide some DNS latency
Matt Johnston <matt@ucc.asn.au>
parents:
753
diff
changeset
|
315 setup_remotetcp(); |
2400b8685762
setup tcp after requesting a channel - might hide some DNS latency
Matt Johnston <matt@ucc.asn.au>
parents:
753
diff
changeset
|
316 #endif |
2400b8685762
setup tcp after requesting a channel - might hide some DNS latency
Matt Johnston <matt@ucc.asn.au>
parents:
753
diff
changeset
|
317 |
325
0e4f225b7e07
Add -N "no remote command" dbclient option.
Matt Johnston <matt@ucc.asn.au>
parents:
272
diff
changeset
|
318 TRACE(("leave cli_sessionloop: running")) |
37 | 319 cli_ses.state = SESSION_RUNNING; |
320 return; | |
321 | |
40
b4874d772210
- Added terminal mode handling etc for the client, and window change
Matt Johnston <matt@ucc.asn.au>
parents:
39
diff
changeset
|
322 case SESSION_RUNNING: |
325
0e4f225b7e07
Add -N "no remote command" dbclient option.
Matt Johnston <matt@ucc.asn.au>
parents:
272
diff
changeset
|
323 if (ses.chancount < 1 && !cli_opts.no_cmd) { |
40
b4874d772210
- Added terminal mode handling etc for the client, and window change
Matt Johnston <matt@ucc.asn.au>
parents:
39
diff
changeset
|
324 cli_finished(); |
b4874d772210
- Added terminal mode handling etc for the client, and window change
Matt Johnston <matt@ucc.asn.au>
parents:
39
diff
changeset
|
325 } |
41
18eccbfb9641
added window-size change handling
Matt Johnston <matt@ucc.asn.au>
parents:
40
diff
changeset
|
326 |
18eccbfb9641
added window-size change handling
Matt Johnston <matt@ucc.asn.au>
parents:
40
diff
changeset
|
327 if (cli_ses.winchange) { |
18eccbfb9641
added window-size change handling
Matt Johnston <matt@ucc.asn.au>
parents:
40
diff
changeset
|
328 cli_chansess_winchange(); |
18eccbfb9641
added window-size change handling
Matt Johnston <matt@ucc.asn.au>
parents:
40
diff
changeset
|
329 } |
40
b4874d772210
- Added terminal mode handling etc for the client, and window change
Matt Johnston <matt@ucc.asn.au>
parents:
39
diff
changeset
|
330 return; |
b4874d772210
- Added terminal mode handling etc for the client, and window change
Matt Johnston <matt@ucc.asn.au>
parents:
39
diff
changeset
|
331 |
33 | 332 /* XXX more here needed */ |
333 | |
334 | |
335 default: | |
336 break; | |
26 | 337 } |
338 | |
731
9a5438271556
Move the more verbose TRACE() statements into TRACE2()
Matt Johnston <matt@ucc.asn.au>
parents:
727
diff
changeset
|
339 TRACE2(("leave cli_sessionloop: fell out")) |
26 | 340 |
341 } | |
342 | |
1208
fb58cf341951
Client: kill proxy command when exiting application.
Konstantin Tokarev <ktokarev@smartlabs.tv>
parents:
1124
diff
changeset
|
343 void kill_proxy_command(void) { |
fb58cf341951
Client: kill proxy command when exiting application.
Konstantin Tokarev <ktokarev@smartlabs.tv>
parents:
1124
diff
changeset
|
344 /* |
fb58cf341951
Client: kill proxy command when exiting application.
Konstantin Tokarev <ktokarev@smartlabs.tv>
parents:
1124
diff
changeset
|
345 * Send SIGHUP to proxy command if used. We don't wait() in |
fb58cf341951
Client: kill proxy command when exiting application.
Konstantin Tokarev <ktokarev@smartlabs.tv>
parents:
1124
diff
changeset
|
346 * case it hangs and instead rely on init to reap the child |
fb58cf341951
Client: kill proxy command when exiting application.
Konstantin Tokarev <ktokarev@smartlabs.tv>
parents:
1124
diff
changeset
|
347 */ |
fb58cf341951
Client: kill proxy command when exiting application.
Konstantin Tokarev <ktokarev@smartlabs.tv>
parents:
1124
diff
changeset
|
348 if (cli_ses.proxy_cmd_pid > 1) { |
fb58cf341951
Client: kill proxy command when exiting application.
Konstantin Tokarev <ktokarev@smartlabs.tv>
parents:
1124
diff
changeset
|
349 TRACE(("killing proxy command with PID='%d'", cli_ses.proxy_cmd_pid)); |
fb58cf341951
Client: kill proxy command when exiting application.
Konstantin Tokarev <ktokarev@smartlabs.tv>
parents:
1124
diff
changeset
|
350 kill(cli_ses.proxy_cmd_pid, SIGHUP); |
fb58cf341951
Client: kill proxy command when exiting application.
Konstantin Tokarev <ktokarev@smartlabs.tv>
parents:
1124
diff
changeset
|
351 } |
fb58cf341951
Client: kill proxy command when exiting application.
Konstantin Tokarev <ktokarev@smartlabs.tv>
parents:
1124
diff
changeset
|
352 } |
fb58cf341951
Client: kill proxy command when exiting application.
Konstantin Tokarev <ktokarev@smartlabs.tv>
parents:
1124
diff
changeset
|
353 |
733
70811267715c
Run the cleanup handler also when we close due to TCP connection being closed
Matt Johnston <matt@ucc.asn.au>
parents:
731
diff
changeset
|
354 static void cli_session_cleanup(void) { |
40
b4874d772210
- Added terminal mode handling etc for the client, and window change
Matt Johnston <matt@ucc.asn.au>
parents:
39
diff
changeset
|
355 |
b4874d772210
- Added terminal mode handling etc for the client, and window change
Matt Johnston <matt@ucc.asn.au>
parents:
39
diff
changeset
|
356 if (!sessinitdone) { |
b4874d772210
- Added terminal mode handling etc for the client, and window change
Matt Johnston <matt@ucc.asn.au>
parents:
39
diff
changeset
|
357 return; |
b4874d772210
- Added terminal mode handling etc for the client, and window change
Matt Johnston <matt@ucc.asn.au>
parents:
39
diff
changeset
|
358 } |
99
0247fbd9379d
Move the revert-to-non-blocking-stdin code to cli-session so it
Matt Johnston <matt@ucc.asn.au>
parents:
74
diff
changeset
|
359 |
1208
fb58cf341951
Client: kill proxy command when exiting application.
Konstantin Tokarev <ktokarev@smartlabs.tv>
parents:
1124
diff
changeset
|
360 kill_proxy_command(); |
fb58cf341951
Client: kill proxy command when exiting application.
Konstantin Tokarev <ktokarev@smartlabs.tv>
parents:
1124
diff
changeset
|
361 |
175
2c5741e4b855
* Reset the non-blocking status of stdout and stderr as well on exit
Matt Johnston <matt@ucc.asn.au>
parents:
165
diff
changeset
|
362 /* Set std{in,out,err} back to non-blocking - busybox ash dies nastily if |
2c5741e4b855
* Reset the non-blocking status of stdout and stderr as well on exit
Matt Johnston <matt@ucc.asn.au>
parents:
165
diff
changeset
|
363 * we don't revert the flags */ |
1258
854f39ff5105
ignore return value from fcntl()
Matt Johnston <matt@ucc.asn.au>
parents:
1212
diff
changeset
|
364 /* Ignore return value since there's nothing we can do */ |
854f39ff5105
ignore return value from fcntl()
Matt Johnston <matt@ucc.asn.au>
parents:
1212
diff
changeset
|
365 (void)fcntl(cli_ses.stdincopy, F_SETFL, cli_ses.stdinflags); |
854f39ff5105
ignore return value from fcntl()
Matt Johnston <matt@ucc.asn.au>
parents:
1212
diff
changeset
|
366 (void)fcntl(cli_ses.stdoutcopy, F_SETFL, cli_ses.stdoutflags); |
854f39ff5105
ignore return value from fcntl()
Matt Johnston <matt@ucc.asn.au>
parents:
1212
diff
changeset
|
367 (void)fcntl(cli_ses.stderrcopy, F_SETFL, cli_ses.stderrflags); |
99
0247fbd9379d
Move the revert-to-non-blocking-stdin code to cli-session so it
Matt Johnston <matt@ucc.asn.au>
parents:
74
diff
changeset
|
368 |
40
b4874d772210
- Added terminal mode handling etc for the client, and window change
Matt Johnston <matt@ucc.asn.au>
parents:
39
diff
changeset
|
369 cli_tty_cleanup(); |
b4874d772210
- Added terminal mode handling etc for the client, and window change
Matt Johnston <matt@ucc.asn.au>
parents:
39
diff
changeset
|
370 |
b4874d772210
- Added terminal mode handling etc for the client, and window change
Matt Johnston <matt@ucc.asn.au>
parents:
39
diff
changeset
|
371 } |
b4874d772210
- Added terminal mode handling etc for the client, and window change
Matt Johnston <matt@ucc.asn.au>
parents:
39
diff
changeset
|
372 |
b4874d772210
- Added terminal mode handling etc for the client, and window change
Matt Johnston <matt@ucc.asn.au>
parents:
39
diff
changeset
|
373 static void cli_finished() { |
b4874d772210
- Added terminal mode handling etc for the client, and window change
Matt Johnston <matt@ucc.asn.au>
parents:
39
diff
changeset
|
374 |
733
70811267715c
Run the cleanup handler also when we close due to TCP connection being closed
Matt Johnston <matt@ucc.asn.au>
parents:
731
diff
changeset
|
375 session_cleanup(); |
40
b4874d772210
- Added terminal mode handling etc for the client, and window change
Matt Johnston <matt@ucc.asn.au>
parents:
39
diff
changeset
|
376 fprintf(stderr, "Connection to %s@%s:%s closed.\n", cli_opts.username, |
b4874d772210
- Added terminal mode handling etc for the client, and window change
Matt Johnston <matt@ucc.asn.au>
parents:
39
diff
changeset
|
377 cli_opts.remotehost, cli_opts.remoteport); |
108
10f4d3319780
- added circular buffering for channels
Matt Johnston <matt@ucc.asn.au>
parents:
107
diff
changeset
|
378 exit(cli_ses.retval); |
40
b4874d772210
- Added terminal mode handling etc for the client, and window change
Matt Johnston <matt@ucc.asn.au>
parents:
39
diff
changeset
|
379 } |
b4874d772210
- Added terminal mode handling etc for the client, and window change
Matt Johnston <matt@ucc.asn.au>
parents:
39
diff
changeset
|
380 |
b4874d772210
- Added terminal mode handling etc for the client, and window change
Matt Johnston <matt@ucc.asn.au>
parents:
39
diff
changeset
|
381 |
26 | 382 /* called when the remote side closes the connection */ |
383 static void cli_remoteclosed() { | |
384 | |
385 /* XXX TODO perhaps print a friendlier message if we get this but have | |
386 * already sent/received disconnect message(s) ??? */ | |
479
e3db1f7a2e43
- Split main socket var into ses.sock_in/ses.sock_out in preparation
Matt Johnston <matt@ucc.asn.au>
parents:
433
diff
changeset
|
387 m_close(ses.sock_in); |
e3db1f7a2e43
- Split main socket var into ses.sock_in/ses.sock_out in preparation
Matt Johnston <matt@ucc.asn.au>
parents:
433
diff
changeset
|
388 m_close(ses.sock_out); |
e3db1f7a2e43
- Split main socket var into ses.sock_in/ses.sock_out in preparation
Matt Johnston <matt@ucc.asn.au>
parents:
433
diff
changeset
|
389 ses.sock_in = -1; |
e3db1f7a2e43
- Split main socket var into ses.sock_in/ses.sock_out in preparation
Matt Johnston <matt@ucc.asn.au>
parents:
433
diff
changeset
|
390 ses.sock_out = -1; |
594
a98a2138364a
Improve capitalisation for all logged strings
Matt Johnston <matt@ucc.asn.au>
parents:
568
diff
changeset
|
391 dropbear_exit("Remote closed the connection"); |
26 | 392 } |
43 | 393 |
394 /* Operates in-place turning dirty (untrusted potentially containing control | |
249
efbaf6b03837
added keyboard-interactive client support
Matt Johnston <matt@ucc.asn.au>
parents:
215
diff
changeset
|
395 * characters) text into clean text. |
efbaf6b03837
added keyboard-interactive client support
Matt Johnston <matt@ucc.asn.au>
parents:
215
diff
changeset
|
396 * Note: this is safe only with ascii - other charsets could have problems. */ |
1101
94ff5316980f
Turn cleantext()'s dirtytext argument into char *
Gaël PORTAY <gael.portay@gmail.com>
parents:
1094
diff
changeset
|
397 void cleantext(char* dirtytext) { |
43 | 398 |
399 unsigned int i, j; | |
1101
94ff5316980f
Turn cleantext()'s dirtytext argument into char *
Gaël PORTAY <gael.portay@gmail.com>
parents:
1094
diff
changeset
|
400 char c; |
43 | 401 |
402 j = 0; | |
403 for (i = 0; dirtytext[i] != '\0'; i++) { | |
404 | |
405 c = dirtytext[i]; | |
406 /* We can ignore '\r's */ | |
407 if ( (c >= ' ' && c <= '~') || c == '\n' || c == '\t') { | |
408 dirtytext[j] = c; | |
409 j++; | |
410 } | |
411 } | |
412 /* Null terminate */ | |
413 dirtytext[j] = '\0'; | |
414 } | |
937
4ad38e223ccd
Send a failure response if a client receives a global request
Matt Johnston <matt@ucc.asn.au>
parents:
883
diff
changeset
|
415 |
4ad38e223ccd
Send a failure response if a client receives a global request
Matt Johnston <matt@ucc.asn.au>
parents:
883
diff
changeset
|
416 static void recv_msg_global_request_cli(void) { |
4ad38e223ccd
Send a failure response if a client receives a global request
Matt Johnston <matt@ucc.asn.au>
parents:
883
diff
changeset
|
417 TRACE(("recv_msg_global_request_cli")) |
4ad38e223ccd
Send a failure response if a client receives a global request
Matt Johnston <matt@ucc.asn.au>
parents:
883
diff
changeset
|
418 /* Send a proper rejection */ |
4ad38e223ccd
Send a failure response if a client receives a global request
Matt Johnston <matt@ucc.asn.au>
parents:
883
diff
changeset
|
419 send_msg_request_failure(); |
4ad38e223ccd
Send a failure response if a client receives a global request
Matt Johnston <matt@ucc.asn.au>
parents:
883
diff
changeset
|
420 } |