annotate session.h @ 1902:4a6725ac957c

Revert "Don't include sk keys at all in KEX list" This reverts git commit f972813ecdc7bb981d25b5a63638bd158f1c8e72. The sk algorithms need to remain in the sigalgs list so that they are included in the server-sig-algs ext-info message sent by the server. RFC8308 for server-sig-algs requires that all algorithms are listed (though OpenSSH client 8.4p1 tested doesn't require that)
author Matt Johnston <matt@ucc.asn.au>
date Thu, 24 Mar 2022 13:42:08 +0800
parents df8d8ec1801c
children
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
rev   line source
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1 /*
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
2 * Dropbear - a SSH2 server
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
3 *
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
4 * Copyright (c) 2002,2003 Matt Johnston
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
5 * All rights reserved.
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
6 *
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
7 * Permission is hereby granted, free of charge, to any person obtaining a copy
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
8 * of this software and associated documentation files (the "Software"), to deal
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
9 * in the Software without restriction, including without limitation the rights
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
10 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
11 * copies of the Software, and to permit persons to whom the Software is
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
12 * furnished to do so, subject to the following conditions:
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
13 *
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
14 * The above copyright notice and this permission notice shall be included in
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
15 * all copies or substantial portions of the Software.
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
16 *
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
17 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
18 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
19 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
20 * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
21 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
22 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
23 * SOFTWARE. */
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
24
1036
deed0571cacc DROPBEAR_ prefix for include guards to avoid collisions
Thorsten Horstmann <thorsten.horstmann@web.de>
parents: 970
diff changeset
25 #ifndef DROPBEAR_SESSION_H_
deed0571cacc DROPBEAR_ prefix for include guards to avoid collisions
Thorsten Horstmann <thorsten.horstmann@web.de>
parents: 970
diff changeset
26 #define DROPBEAR_SESSION_H_
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
27
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
28 #include "includes.h"
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
29 #include "buffer.h"
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
30 #include "signkey.h"
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
31 #include "kex.h"
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
32 #include "auth.h"
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
33 #include "channel.h"
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
34 #include "queue.h"
9
7f77962de998 - Reworked non-channel fd handling to listener.c
Matt Johnston <matt@ucc.asn.au>
parents: 6
diff changeset
35 #include "listener.h"
22
c1e5d9195402 merge of abac2150ee4f4031a98016241fbd136d24fed127
Matt Johnston <matt@ucc.asn.au>
parents: 21
diff changeset
36 #include "packet.h"
64
efb5e0b335cf TCP forwarding works.
Matt Johnston <matt@ucc.asn.au>
parents: 47
diff changeset
37 #include "tcpfwd.h"
130
154c8d5a6d1e propagate of 82bb923d0154750ef716b66b498561f882891946 and f51a272341ee12268fe7028bc2f2bad66c603069 from branch 'matt.dbclient.work' to 'matt.dbclient.rez'
Matt Johnston <matt@ucc.asn.au>
parents: 108
diff changeset
38 #include "chansession.h"
614
00eca37e47e8 Add noreturn and format attribute hints for some functions.
Matt Johnston <matt@ucc.asn.au>
parents: 575
diff changeset
39 #include "dbutil.h"
1032
0da8ba489c23 Move generic network routines to netio.c
Matt Johnston <matt@ucc.asn.au>
parents: 1027
diff changeset
40 #include "netio.h"
1654
cc0fc5131c5c Rename EPKA -> Plugin
Matt Johnston <matt@ucc.asn.au>
parents: 1653
diff changeset
41 #if DROPBEAR_PLUGIN
1653
76189c9ffea2 External Public-Key Authentication API (#72)
fabriziobertocci <fabriziobertocci@gmail.com>
parents: 1531
diff changeset
42 #include "pubkeyapi.h"
76189c9ffea2 External Public-Key Authentication API (#72)
fabriziobertocci <fabriziobertocci@gmail.com>
parents: 1531
diff changeset
43 #endif
1672
3a97f14c0235 Add Chacha20-Poly1305, AES128-GCM and AES256-GCM support (#93)
Vladislav Grishenko <themiron@users.noreply.github.com>
parents: 1654
diff changeset
44 #include "gcm.h"
3a97f14c0235 Add Chacha20-Poly1305, AES128-GCM and AES256-GCM support (#93)
Vladislav Grishenko <themiron@users.noreply.github.com>
parents: 1654
diff changeset
45 #include "chachapoly.h"
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
46
568
005530560594 Rearrange getaddrstring() etc
Matt Johnston <matt@ucc.asn.au>
parents: 559
diff changeset
47 void common_session_init(int sock_in, int sock_out);
1531
fa733a314bee use a full prototype (#56)
François Perrad <francois.perrad@gadz.org>
parents: 1515
diff changeset
48 void session_loop(void(*loophandler)(void)) ATTRIB_NORETURN;
1276
9169e4e7cbee fix empty C prototypes
Francois Perrad <francois.perrad@gadz.org>
parents: 1215
diff changeset
49 void session_cleanup(void);
9169e4e7cbee fix empty C prototypes
Francois Perrad <francois.perrad@gadz.org>
parents: 1215
diff changeset
50 void send_session_identification(void);
9169e4e7cbee fix empty C prototypes
Francois Perrad <francois.perrad@gadz.org>
parents: 1215
diff changeset
51 void send_msg_ignore(void);
9169e4e7cbee fix empty C prototypes
Francois Perrad <francois.perrad@gadz.org>
parents: 1215
diff changeset
52 void ignore_recv_response(void);
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
53
1276
9169e4e7cbee fix empty C prototypes
Francois Perrad <francois.perrad@gadz.org>
parents: 1215
diff changeset
54 void update_channel_prio(void);
941
5daedffd0769 Set tcp priority as follows:
Matt Johnston <matt@ucc.asn.au>
parents: 940
diff changeset
55
1276
9169e4e7cbee fix empty C prototypes
Francois Perrad <francois.perrad@gadz.org>
parents: 1215
diff changeset
56 const char* get_user_shell(void);
483
738313e73b1c - "-J 'nc localhost 22'" kind of works, needs fixing hostkeys, ptys etc.
Matt Johnston <matt@ucc.asn.au>
parents: 482
diff changeset
57 void fill_passwd(const char* username);
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
58
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
59 /* Server */
1043
38d2f6b2d1b8 Add more ATTRIB_NORETURN annotations, from Thorsten Horstmann
Matt Johnston <matt@ucc.asn.au>
parents: 1036
diff changeset
60 void svr_session(int sock, int childpipe) ATTRIB_NORETURN;
614
00eca37e47e8 Add noreturn and format attribute hints for some functions.
Matt Johnston <matt@ucc.asn.au>
parents: 575
diff changeset
61 void svr_dropbear_exit(int exitcode, const char* format, va_list param) ATTRIB_NORETURN;
5
bc6477a6c393 syntactical fixups - it compiles, but channel handling code requires fixing.
Matt Johnston <matt@ucc.asn.au>
parents: 4
diff changeset
62 void svr_dropbear_log(int priority, const char* format, va_list param);
bc6477a6c393 syntactical fixups - it compiles, but channel handling code requires fixing.
Matt Johnston <matt@ucc.asn.au>
parents: 4
diff changeset
63
26
0969767bca0d snapshot of stuff
Matt Johnston <matt@ucc.asn.au>
parents: 24
diff changeset
64 /* Client */
1208
fb58cf341951 Client: kill proxy command when exiting application.
Konstantin Tokarev <ktokarev@smartlabs.tv>
parents: 1155
diff changeset
65 void cli_session(int sock_in, int sock_out, struct dropbear_progress_connection *progress, pid_t proxy_cmd_pid) ATTRIB_NORETURN;
1025
02baa0b334e8 async connections working
Matt Johnston <matt@ucc.asn.au>
parents: 1024
diff changeset
66 void cli_connected(int result, int sock, void* userdata, const char *errstring);
1741
d1b279aa5ed1 Get client fuzzer building and starting (fails straight away)
Matt Johnston <matt@ucc.asn.au>
parents: 1683
diff changeset
67 void cli_dropbear_exit(int exitcode, const char* format, va_list param) ATTRIB_NORETURN;
d1b279aa5ed1 Get client fuzzer building and starting (fails straight away)
Matt Johnston <matt@ucc.asn.au>
parents: 1683
diff changeset
68 void cli_dropbear_log(int priority, const char* format, va_list param);
1101
94ff5316980f Turn cleantext()'s dirtytext argument into char *
Gaël PORTAY <gael.portay@gmail.com>
parents: 1074
diff changeset
69 void cleantext(char* dirtytext);
1276
9169e4e7cbee fix empty C prototypes
Francois Perrad <francois.perrad@gadz.org>
parents: 1215
diff changeset
70 void kill_proxy_command(void);
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
71
534
0431915df79f - Get rid of decryptreadbuf, just decrypt in-place with readbuf
Matt Johnston <matt@ucc.asn.au>
parents: 513
diff changeset
72 /* crypto parameters that are stored individually for transmit and receive */
0431915df79f - Get rid of decryptreadbuf, just decrypt in-place with readbuf
Matt Johnston <matt@ucc.asn.au>
parents: 513
diff changeset
73 struct key_context_directional {
712
bf0ac0512ef7 Fix "-m none" case and ugly typo
Matt Johnston <matt@ucc.asn.au>
parents: 686
diff changeset
74 const struct dropbear_cipher *algo_crypt;
534
0431915df79f - Get rid of decryptreadbuf, just decrypt in-place with readbuf
Matt Johnston <matt@ucc.asn.au>
parents: 513
diff changeset
75 const struct dropbear_cipher_mode *crypt_mode;
712
bf0ac0512ef7 Fix "-m none" case and ugly typo
Matt Johnston <matt@ucc.asn.au>
parents: 686
diff changeset
76 const struct dropbear_hash *algo_mac;
534
0431915df79f - Get rid of decryptreadbuf, just decrypt in-place with readbuf
Matt Johnston <matt@ucc.asn.au>
parents: 513
diff changeset
77 int hash_index; /* lookup for libtomcrypt */
755
b07eb3dc23ec refactor kexdh code a bit, start working on ecdh etc
Matt Johnston <matt@ucc.asn.au>
parents: 722
diff changeset
78 int algo_comp; /* compression */
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
79 #ifndef DISABLE_ZLIB
534
0431915df79f - Get rid of decryptreadbuf, just decrypt in-place with readbuf
Matt Johnston <matt@ucc.asn.au>
parents: 513
diff changeset
80 z_streamp zstream;
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
81 #endif
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
82 /* actual keys */
502
43bbe17d6ba0 - Add Counter Mode support
Matt Johnston <matt@ucc.asn.au>
parents: 501
diff changeset
83 union {
1673
e0871128e61f CBC mode cleanup (#95)
Vladislav Grishenko <themiron@users.noreply.github.com>
parents: 1672
diff changeset
84 #if DROPBEAR_ENABLE_CBC_MODE
502
43bbe17d6ba0 - Add Counter Mode support
Matt Johnston <matt@ucc.asn.au>
parents: 501
diff changeset
85 symmetric_CBC cbc;
1673
e0871128e61f CBC mode cleanup (#95)
Vladislav Grishenko <themiron@users.noreply.github.com>
parents: 1672
diff changeset
86 #endif
1295
750ec4ec4cbe Convert #ifdef to #if, other build changes
Matt Johnston <matt@ucc.asn.au>
parents: 1276
diff changeset
87 #if DROPBEAR_ENABLE_CTR_MODE
502
43bbe17d6ba0 - Add Counter Mode support
Matt Johnston <matt@ucc.asn.au>
parents: 501
diff changeset
88 symmetric_CTR ctr;
43bbe17d6ba0 - Add Counter Mode support
Matt Johnston <matt@ucc.asn.au>
parents: 501
diff changeset
89 #endif
1672
3a97f14c0235 Add Chacha20-Poly1305, AES128-GCM and AES256-GCM support (#93)
Vladislav Grishenko <themiron@users.noreply.github.com>
parents: 1654
diff changeset
90 #if DROPBEAR_ENABLE_GCM_MODE
3a97f14c0235 Add Chacha20-Poly1305, AES128-GCM and AES256-GCM support (#93)
Vladislav Grishenko <themiron@users.noreply.github.com>
parents: 1654
diff changeset
91 dropbear_gcm_state gcm;
3a97f14c0235 Add Chacha20-Poly1305, AES128-GCM and AES256-GCM support (#93)
Vladislav Grishenko <themiron@users.noreply.github.com>
parents: 1654
diff changeset
92 #endif
3a97f14c0235 Add Chacha20-Poly1305, AES128-GCM and AES256-GCM support (#93)
Vladislav Grishenko <themiron@users.noreply.github.com>
parents: 1654
diff changeset
93 #if DROPBEAR_CHACHA20POLY1305
3a97f14c0235 Add Chacha20-Poly1305, AES128-GCM and AES256-GCM support (#93)
Vladislav Grishenko <themiron@users.noreply.github.com>
parents: 1654
diff changeset
94 dropbear_chachapoly_state chachapoly;
3a97f14c0235 Add Chacha20-Poly1305, AES128-GCM and AES256-GCM support (#93)
Vladislav Grishenko <themiron@users.noreply.github.com>
parents: 1654
diff changeset
95 #endif
534
0431915df79f - Get rid of decryptreadbuf, just decrypt in-place with readbuf
Matt Johnston <matt@ucc.asn.au>
parents: 513
diff changeset
96 } cipher_state;
715
cd3d3c63d189 Make hmac-sha2-256 and hmac-sha2-512 work
Matt Johnston <matt@ucc.asn.au>
parents: 712
diff changeset
97 unsigned char mackey[MAX_MAC_LEN];
753
d63ef1e211ea Take transmit and receive keys into use separately
Matt Johnston <matt@ucc.asn.au>
parents: 747
diff changeset
98 int valid;
534
0431915df79f - Get rid of decryptreadbuf, just decrypt in-place with readbuf
Matt Johnston <matt@ucc.asn.au>
parents: 513
diff changeset
99 };
0431915df79f - Get rid of decryptreadbuf, just decrypt in-place with readbuf
Matt Johnston <matt@ucc.asn.au>
parents: 513
diff changeset
100
0431915df79f - Get rid of decryptreadbuf, just decrypt in-place with readbuf
Matt Johnston <matt@ucc.asn.au>
parents: 513
diff changeset
101 struct key_context {
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
102
534
0431915df79f - Get rid of decryptreadbuf, just decrypt in-place with readbuf
Matt Johnston <matt@ucc.asn.au>
parents: 513
diff changeset
103 struct key_context_directional recv;
0431915df79f - Get rid of decryptreadbuf, just decrypt in-place with readbuf
Matt Johnston <matt@ucc.asn.au>
parents: 513
diff changeset
104 struct key_context_directional trans;
0431915df79f - Get rid of decryptreadbuf, just decrypt in-place with readbuf
Matt Johnston <matt@ucc.asn.au>
parents: 513
diff changeset
105
756
bf9dc2d9c2b1 more bits on ecc branch
Matt Johnston <matt@ucc.asn.au>
parents: 755
diff changeset
106 const struct dropbear_kex *algo_kex;
1675
ae41624c2198 split signkey_type and signature_type for RSA sha1 vs sha256
Matt Johnston <matt@ucc.asn.au>
parents: 1674
diff changeset
107 enum signkey_type algo_hostkey; /* server key type */
ae41624c2198 split signkey_type and signature_type for RSA sha1 vs sha256
Matt Johnston <matt@ucc.asn.au>
parents: 1674
diff changeset
108 enum signature_type algo_signature; /* server signature type */
534
0431915df79f - Get rid of decryptreadbuf, just decrypt in-place with readbuf
Matt Johnston <matt@ucc.asn.au>
parents: 513
diff changeset
109
0431915df79f - Get rid of decryptreadbuf, just decrypt in-place with readbuf
Matt Johnston <matt@ucc.asn.au>
parents: 513
diff changeset
110 int allow_compress; /* whether compression has started (useful in
0431915df79f - Get rid of decryptreadbuf, just decrypt in-place with readbuf
Matt Johnston <matt@ucc.asn.au>
parents: 513
diff changeset
111 [email protected] delayed compression case) */
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
112 };
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
113
452
4cab61369879 Prevent invalid packets being sent during key-exchange, instead queue
Matt Johnston <matt@ucc.asn.au>
parents: 433
diff changeset
114 struct packetlist;
4cab61369879 Prevent invalid packets being sent during key-exchange, instead queue
Matt Johnston <matt@ucc.asn.au>
parents: 433
diff changeset
115 struct packetlist {
4cab61369879 Prevent invalid packets being sent during key-exchange, instead queue
Matt Johnston <matt@ucc.asn.au>
parents: 433
diff changeset
116 struct packetlist *next;
4cab61369879 Prevent invalid packets being sent during key-exchange, instead queue
Matt Johnston <matt@ucc.asn.au>
parents: 433
diff changeset
117 buffer * payload;
4cab61369879 Prevent invalid packets being sent during key-exchange, instead queue
Matt Johnston <matt@ucc.asn.au>
parents: 433
diff changeset
118 };
4cab61369879 Prevent invalid packets being sent during key-exchange, instead queue
Matt Johnston <matt@ucc.asn.au>
parents: 433
diff changeset
119
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
120 struct sshsession {
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
121
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
122 /* Is it a client or server? */
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
123 unsigned char isserver;
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
124
1139
43a8ea69b24c Fix problem where auth timeout wasn't checked when waiting for ident
Matt Johnston <matt@ucc.asn.au>
parents: 1108
diff changeset
125 time_t connect_time; /* time the connection was established
43a8ea69b24c Fix problem where auth timeout wasn't checked when waiting for ident
Matt Johnston <matt@ucc.asn.au>
parents: 1108
diff changeset
126 (cleared after auth once we're not
43a8ea69b24c Fix problem where auth timeout wasn't checked when waiting for ident
Matt Johnston <matt@ucc.asn.au>
parents: 1108
diff changeset
127 respecting AUTH_TIMEOUT any more).
43a8ea69b24c Fix problem where auth timeout wasn't checked when waiting for ident
Matt Johnston <matt@ucc.asn.au>
parents: 1108
diff changeset
128 A monotonic time, not realworld */
43a8ea69b24c Fix problem where auth timeout wasn't checked when waiting for ident
Matt Johnston <matt@ucc.asn.au>
parents: 1108
diff changeset
129
479
e3db1f7a2e43 - Split main socket var into ses.sock_in/ses.sock_out in preparation
Matt Johnston <matt@ucc.asn.au>
parents: 454
diff changeset
130 int sock_in;
e3db1f7a2e43 - Split main socket var into ses.sock_in/ses.sock_out in preparation
Matt Johnston <matt@ucc.asn.au>
parents: 454
diff changeset
131 int sock_out;
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
132
726
78eda530c000 send out our kexinit packet before blocking to read the SSH version string
Matt Johnston <matt@ucc.asn.au>
parents: 722
diff changeset
133 /* remotehost will be initially NULL as we delay
78eda530c000 send out our kexinit packet before blocking to read the SSH version string
Matt Johnston <matt@ucc.asn.au>
parents: 722
diff changeset
134 * reading the remote version string. it will be set
78eda530c000 send out our kexinit packet before blocking to read the SSH version string
Matt Johnston <matt@ucc.asn.au>
parents: 722
diff changeset
135 * by the time any recv_() packet methods are called */
1108
2ebf450edc2d Turn sshsession's remoteident attribute into char *
Gaël PORTAY <gael.portay@gmail.com>
parents: 1101
diff changeset
136 char *remoteident;
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
137
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
138 int maxfd; /* the maximum file descriptor to check with select() */
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
139
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
140
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
141 /* Packet buffers/values etc */
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
142 buffer *writepayload; /* Unencrypted payload to write - this is used
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
143 throughout the code, as handlers fill out this
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
144 buffer with the packet to send. */
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
145 struct Queue writequeue; /* A queue of encrypted packets to send */
1074
10f198d4a308 Make main socket nonblocking. Limit writequeue size.
Matt Johnston <matt@ucc.asn.au>
parents: 1059
diff changeset
146 unsigned int writequeue_len; /* Number of bytes pending to send in writequeue */
534
0431915df79f - Get rid of decryptreadbuf, just decrypt in-place with readbuf
Matt Johnston <matt@ucc.asn.au>
parents: 513
diff changeset
147 buffer *readbuf; /* From the wire, decrypted in-place */
1059
703c7cdd2577 Fix pubkey auth after change to reuse ses.readbuf as ses.payload
Matt Johnston <matt@ucc.asn.au>
parents: 1055
diff changeset
148 buffer *payload; /* Post-decompression, the actual SSH packet.
703c7cdd2577 Fix pubkey auth after change to reuse ses.readbuf as ses.payload
Matt Johnston <matt@ucc.asn.au>
parents: 1055
diff changeset
149 May have extra data at the beginning, will be
703c7cdd2577 Fix pubkey auth after change to reuse ses.readbuf as ses.payload
Matt Johnston <matt@ucc.asn.au>
parents: 1055
diff changeset
150 passed to packet processing functions positioned past
703c7cdd2577 Fix pubkey auth after change to reuse ses.readbuf as ses.payload
Matt Johnston <matt@ucc.asn.au>
parents: 1055
diff changeset
151 that, see payload_beginning */
1055
4d7b4c5526c5 A bit of a bodge to avoid memcpy if zlib is disabled
Matt Johnston <matt@ucc.asn.au>
parents: 1049
diff changeset
152 unsigned int payload_beginning;
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
153 unsigned int transseq, recvseq; /* Sequence IDs */
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
154
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
155 /* Packet-handling flags */
22
c1e5d9195402 merge of abac2150ee4f4031a98016241fbd136d24fed127
Matt Johnston <matt@ucc.asn.au>
parents: 21
diff changeset
156 const packettype * packettypes; /* Packet handler mappings for this
c1e5d9195402 merge of abac2150ee4f4031a98016241fbd136d24fed127
Matt Johnston <matt@ucc.asn.au>
parents: 21
diff changeset
157 session, see process-packet.c */
c1e5d9195402 merge of abac2150ee4f4031a98016241fbd136d24fed127
Matt Johnston <matt@ucc.asn.au>
parents: 21
diff changeset
158
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
159 unsigned dataallowed : 1; /* whether we can send data packets or we are in
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
160 the middle of a KEX or something */
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
161
886
cbc73a5aefb0 requirenext doesn't need two values
Matt Johnston <matt@ucc.asn.au>
parents: 883
diff changeset
162 unsigned char requirenext; /* byte indicating what packets we require next,
cbc73a5aefb0 requirenext doesn't need two values
Matt Johnston <matt@ucc.asn.au>
parents: 883
diff changeset
163 or 0x00 for any. */
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
164
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
165 unsigned char ignorenext; /* whether to ignore the next packet,
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
166 used for kex_follows stuff */
34
e2a1eaa19f22 Client mostly works up to password auth
Matt Johnston <matt@ucc.asn.au>
parents: 33
diff changeset
167
e2a1eaa19f22 Client mostly works up to password auth
Matt Johnston <matt@ucc.asn.au>
parents: 33
diff changeset
168 unsigned char lastpacket; /* What the last received packet type was */
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
169
513
a3748e54273c Idle timeout patch from Farrell Aultman. Needs testing, unsure if server
Matt Johnston <matt@ucc.asn.au>
parents: 502
diff changeset
170 int signal_pipe[2]; /* stores endpoints of a self-pipe used for
416
a01c0c8e543a Improve behaviour when flushing out after a process has exited.
Matt Johnston <matt@ucc.asn.au>
parents: 249
diff changeset
171 race-free signal handling */
1495
0c16b4ccbd54 make signal flags volatile, simplify handling
Matt Johnston <matt@ucc.asn.au>
parents: 1477
diff changeset
172 int channel_signal_pending; /* Flag set when the signal pipe is triggered */
1024
aac0095dc3b4 work in progress for async connect
Matt Johnston <matt@ucc.asn.au>
parents: 970
diff changeset
173
aac0095dc3b4 work in progress for async connect
Matt Johnston <matt@ucc.asn.au>
parents: 970
diff changeset
174 m_list conn_pending;
454
7e43f5e473b9 - Add -K keepalive flag for dropbear and dbclient
Matt Johnston <matt@ucc.asn.au>
parents: 452
diff changeset
175
939
a0819ecfee0b Make -K keepalive behave like OpenSSH's ServerAliveInterval
Matt Johnston <matt@ucc.asn.au>
parents: 928
diff changeset
176 /* time of the last packet send/receive, for keepalive. Not real-world clock */
a0819ecfee0b Make -K keepalive behave like OpenSSH's ServerAliveInterval
Matt Johnston <matt@ucc.asn.au>
parents: 928
diff changeset
177 time_t last_packet_time_keepalive_sent;
a0819ecfee0b Make -K keepalive behave like OpenSSH's ServerAliveInterval
Matt Johnston <matt@ucc.asn.au>
parents: 928
diff changeset
178 time_t last_packet_time_keepalive_recv;
a0819ecfee0b Make -K keepalive behave like OpenSSH's ServerAliveInterval
Matt Johnston <matt@ucc.asn.au>
parents: 928
diff changeset
179 time_t last_packet_time_any_sent;
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
180
939
a0819ecfee0b Make -K keepalive behave like OpenSSH's ServerAliveInterval
Matt Johnston <matt@ucc.asn.au>
parents: 928
diff changeset
181 time_t last_packet_time_idle; /* time of the last packet transmission or receive, for
a0819ecfee0b Make -K keepalive behave like OpenSSH's ServerAliveInterval
Matt Johnston <matt@ucc.asn.au>
parents: 928
diff changeset
182 idle timeout purposes so ignores SSH_MSG_IGNORE
a0819ecfee0b Make -K keepalive behave like OpenSSH's ServerAliveInterval
Matt Johnston <matt@ucc.asn.au>
parents: 928
diff changeset
183 or responses to keepalives. Not real-world clock */
513
a3748e54273c Idle timeout patch from Farrell Aultman. Needs testing, unsure if server
Matt Johnston <matt@ucc.asn.au>
parents: 502
diff changeset
184
a3748e54273c Idle timeout patch from Farrell Aultman. Needs testing, unsure if server
Matt Johnston <matt@ucc.asn.au>
parents: 502
diff changeset
185
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
186 /* KEX/encryption related */
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
187 struct KEXState kexstate;
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
188 struct key_context *keys;
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
189 struct key_context *newkeys;
759
76fba0856749 More changes for KEX and ECDH. Set up hash descriptors, make ECC code work,
Matt Johnston <matt@ucc.asn.au>
parents: 756
diff changeset
190 buffer *session_id; /* this is the hash from the first kex */
76fba0856749 More changes for KEX and ECDH. Set up hash descriptors, make ECC code work,
Matt Johnston <matt@ucc.asn.au>
parents: 756
diff changeset
191 /* The below are used temporarily during kex, are freed after use */
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
192 mp_int * dh_K; /* SSH_MSG_KEXDH_REPLY and sending SSH_MSH_NEWKEYS */
761
ac2158e3e403 ecc kind of works, needs fixing/testing
Matt Johnston <matt@ucc.asn.au>
parents: 759
diff changeset
193 buffer *hash; /* the session hash */
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
194 buffer* kexhashbuf; /* session hash buffer calculated from various packets*/
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
195 buffer* transkexinit; /* the kexinit packet we send should be kept so we
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
196 can add it to the hash when generating keys */
575
f9b5dc0cba61 - Disable compression for non-final multihops
Matt Johnston <matt@ucc.asn.au>
parents: 572
diff changeset
197
f9b5dc0cba61 - Disable compression for non-final multihops
Matt Johnston <matt@ucc.asn.au>
parents: 572
diff changeset
198 /* Enables/disables compression */
f9b5dc0cba61 - Disable compression for non-final multihops
Matt Johnston <matt@ucc.asn.au>
parents: 572
diff changeset
199 algo_type *compress_algos;
1676
d5cdc60db08e ext-info handling for server-sig-algs
Matt Johnston <matt@ucc.asn.au>
parents: 1675
diff changeset
200
1681
435cfb9ec96e send and handle SSH_MSG_EXT_INFO only at the correct point
Matt Johnston <matt@ucc.asn.au>
parents: 1676
diff changeset
201 /* Other side allows SSH_MSG_EXT_INFO. Currently only set for server */
1676
d5cdc60db08e ext-info handling for server-sig-algs
Matt Johnston <matt@ucc.asn.au>
parents: 1675
diff changeset
202 int allow_ext_info;
452
4cab61369879 Prevent invalid packets being sent during key-exchange, instead queue
Matt Johnston <matt@ucc.asn.au>
parents: 433
diff changeset
203
4cab61369879 Prevent invalid packets being sent during key-exchange, instead queue
Matt Johnston <matt@ucc.asn.au>
parents: 433
diff changeset
204 /* a list of queued replies that should be sent after a KEX has
4cab61369879 Prevent invalid packets being sent during key-exchange, instead queue
Matt Johnston <matt@ucc.asn.au>
parents: 433
diff changeset
205 concluded (ie, while dataallowed was unset)*/
4cab61369879 Prevent invalid packets being sent during key-exchange, instead queue
Matt Johnston <matt@ucc.asn.au>
parents: 433
diff changeset
206 struct packetlist *reply_queue_head, *reply_queue_tail;
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
207
1276
9169e4e7cbee fix empty C prototypes
Francois Perrad <francois.perrad@gadz.org>
parents: 1215
diff changeset
208 void(*remoteclosed)(void); /* A callback to handle closure of the
33
f789045062e6 Progressing client support
Matt Johnston <matt@ucc.asn.au>
parents: 26
diff changeset
209 remote connection */
f789045062e6 Progressing client support
Matt Johnston <matt@ucc.asn.au>
parents: 26
diff changeset
210
1276
9169e4e7cbee fix empty C prototypes
Francois Perrad <francois.perrad@gadz.org>
parents: 1215
diff changeset
211 void(*extra_session_cleanup)(void); /* client or server specific cleanup */
9169e4e7cbee fix empty C prototypes
Francois Perrad <francois.perrad@gadz.org>
parents: 1215
diff changeset
212 void(*send_kex_first_guess)(void);
739
d44325108d0e first_kex_packet_follows working, needs tidying
Matt Johnston <matt@ucc.asn.au>
parents: 722
diff changeset
213
33
f789045062e6 Progressing client support
Matt Johnston <matt@ucc.asn.au>
parents: 26
diff changeset
214 struct AuthState authstate; /* Common amongst client and server, since most
f789045062e6 Progressing client support
Matt Johnston <matt@ucc.asn.au>
parents: 26
diff changeset
215 struct elements are common */
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
216
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
217 /* Channel related */
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
218 struct Channel ** channels; /* these pointers may be null */
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
219 unsigned int chansize; /* the number of Channel*s allocated for channels */
37
0913e2ee3545 we're nearly there yet
Matt Johnston <matt@ucc.asn.au>
parents: 34
diff changeset
220 unsigned int chancount; /* the number of Channel*s in use */
6
ab00ef513e97 Sorted out the first channel init issues.
Matt Johnston <matt@ucc.asn.au>
parents: 5
diff changeset
221 const struct ChanType **chantypes; /* The valid channel types */
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
222
941
5daedffd0769 Set tcp priority as follows:
Matt Johnston <matt@ucc.asn.au>
parents: 940
diff changeset
223 /* TCP priority level for the main "port 22" tcp socket */
5daedffd0769 Set tcp priority as follows:
Matt Johnston <matt@ucc.asn.au>
parents: 940
diff changeset
224 enum dropbear_prio socket_prio;
5daedffd0769 Set tcp priority as follows:
Matt Johnston <matt@ucc.asn.au>
parents: 940
diff changeset
225
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
226 /* TCP forwarding - where manage listeners */
9
7f77962de998 - Reworked non-channel fd handling to listener.c
Matt Johnston <matt@ucc.asn.au>
parents: 6
diff changeset
227 struct Listener ** listeners;
7f77962de998 - Reworked non-channel fd handling to listener.c
Matt Johnston <matt@ucc.asn.au>
parents: 6
diff changeset
228 unsigned int listensize;
156
8c2b3506f112 Rearrange preprocessor parts so that compilation with various options
Matt Johnston <matt@ucc.asn.au>
parents: 130
diff changeset
229
21
d7cc5b484a2e - Port restriction code back in
Matt Johnston <matt@ucc.asn.au>
parents: 9
diff changeset
230 /* Whether to allow binding to privileged ports (<1024). This doesn't
d7cc5b484a2e - Port restriction code back in
Matt Johnston <matt@ucc.asn.au>
parents: 9
diff changeset
231 * really belong here, but nowhere else fits nicely */
d7cc5b484a2e - Port restriction code back in
Matt Johnston <matt@ucc.asn.au>
parents: 9
diff changeset
232 int allowprivport;
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
233
1495
0c16b4ccbd54 make signal flags volatile, simplify handling
Matt Johnston <matt@ucc.asn.au>
parents: 1477
diff changeset
234 /* this is set when we get SIGINT or SIGTERM, the handler is in main.c */
0c16b4ccbd54 make signal flags volatile, simplify handling
Matt Johnston <matt@ucc.asn.au>
parents: 1477
diff changeset
235 volatile int exitflag;
0c16b4ccbd54 make signal flags volatile, simplify handling
Matt Johnston <matt@ucc.asn.au>
parents: 1477
diff changeset
236 /* set once the ses structure (and cli_ses/svr_ses) have been populated to their initial state */
0c16b4ccbd54 make signal flags volatile, simplify handling
Matt Johnston <matt@ucc.asn.au>
parents: 1477
diff changeset
237 int init_done;
1653
76189c9ffea2 External Public-Key Authentication API (#72)
fabriziobertocci <fabriziobertocci@gmail.com>
parents: 1531
diff changeset
238
1654
cc0fc5131c5c Rename EPKA -> Plugin
Matt Johnston <matt@ucc.asn.au>
parents: 1653
diff changeset
239 #if DROPBEAR_PLUGIN
cc0fc5131c5c Rename EPKA -> Plugin
Matt Johnston <matt@ucc.asn.au>
parents: 1653
diff changeset
240 struct PluginSession * plugin_session;
1653
76189c9ffea2 External Public-Key Authentication API (#72)
fabriziobertocci <fabriziobertocci@gmail.com>
parents: 1531
diff changeset
241 #endif
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
242 };
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
243
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
244 struct serversession {
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
245
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
246 /* Server specific options */
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
247 int childpipe; /* kept open until we successfully authenticate */
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
248 /* userauth */
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
249
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
250 struct ChildPid * childpids; /* array of mappings childpid<->channel */
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
251 unsigned int childpidsize;
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
252
130
154c8d5a6d1e propagate of 82bb923d0154750ef716b66b498561f882891946 and f51a272341ee12268fe7028bc2f2bad66c603069 from branch 'matt.dbclient.work' to 'matt.dbclient.rez'
Matt Johnston <matt@ucc.asn.au>
parents: 108
diff changeset
253 /* Used to avoid a race in the exit returncode handling - see
154c8d5a6d1e propagate of 82bb923d0154750ef716b66b498561f882891946 and f51a272341ee12268fe7028bc2f2bad66c603069 from branch 'matt.dbclient.work' to 'matt.dbclient.rez'
Matt Johnston <matt@ucc.asn.au>
parents: 108
diff changeset
254 * svr-chansession.c for details */
154c8d5a6d1e propagate of 82bb923d0154750ef716b66b498561f882891946 and f51a272341ee12268fe7028bc2f2bad66c603069 from branch 'matt.dbclient.work' to 'matt.dbclient.rez'
Matt Johnston <matt@ucc.asn.au>
parents: 108
diff changeset
255 struct exitinfo lastexit;
154c8d5a6d1e propagate of 82bb923d0154750ef716b66b498561f882891946 and f51a272341ee12268fe7028bc2f2bad66c603069 from branch 'matt.dbclient.work' to 'matt.dbclient.rez'
Matt Johnston <matt@ucc.asn.au>
parents: 108
diff changeset
256
158
364a75cfebab Log the IP along with auth success/fail attempts
Matt Johnston <matt@ucc.asn.au>
parents: 156
diff changeset
257 /* The numeric address they connected from, used for logging */
364a75cfebab Log the IP along with auth success/fail attempts
Matt Johnston <matt@ucc.asn.au>
parents: 156
diff changeset
258 char * addrstring;
364a75cfebab Log the IP along with auth success/fail attempts
Matt Johnston <matt@ucc.asn.au>
parents: 156
diff changeset
259
572
8fd0ac8c8cab Move remotehost into svr_ses structure since we can't look it up
Matt Johnston <matt@ucc.asn.au>
parents: 568
diff changeset
260 /* The resolved remote address, used for lastlog etc */
8fd0ac8c8cab Move remotehost into svr_ses structure since we can't look it up
Matt Johnston <matt@ucc.asn.au>
parents: 568
diff changeset
261 char *remotehost;
8fd0ac8c8cab Move remotehost into svr_ses structure since we can't look it up
Matt Johnston <matt@ucc.asn.au>
parents: 568
diff changeset
262
1295
750ec4ec4cbe Convert #ifdef to #if, other build changes
Matt Johnston <matt@ucc.asn.au>
parents: 1276
diff changeset
263 #if DROPBEAR_VFORK
553
8711f20b89ab - For uclinux, only cleanup on exit for the main process. This avoids
Matt Johnston <matt@ucc.asn.au>
parents: 534
diff changeset
264 pid_t server_pid;
8711f20b89ab - For uclinux, only cleanup on exit for the main process. This avoids
Matt Johnston <matt@ucc.asn.au>
parents: 534
diff changeset
265 #endif
8711f20b89ab - For uclinux, only cleanup on exit for the main process. This avoids
Matt Johnston <matt@ucc.asn.au>
parents: 534
diff changeset
266
1654
cc0fc5131c5c Rename EPKA -> Plugin
Matt Johnston <matt@ucc.asn.au>
parents: 1653
diff changeset
267 #if DROPBEAR_PLUGIN
1681
435cfb9ec96e send and handle SSH_MSG_EXT_INFO only at the correct point
Matt Johnston <matt@ucc.asn.au>
parents: 1676
diff changeset
268 /* The shared library handle */
435cfb9ec96e send and handle SSH_MSG_EXT_INFO only at the correct point
Matt Johnston <matt@ucc.asn.au>
parents: 1676
diff changeset
269 void *plugin_handle;
1653
76189c9ffea2 External Public-Key Authentication API (#72)
fabriziobertocci <fabriziobertocci@gmail.com>
parents: 1531
diff changeset
270
1681
435cfb9ec96e send and handle SSH_MSG_EXT_INFO only at the correct point
Matt Johnston <matt@ucc.asn.au>
parents: 1676
diff changeset
271 /* The instance created by the plugin_new function */
435cfb9ec96e send and handle SSH_MSG_EXT_INFO only at the correct point
Matt Johnston <matt@ucc.asn.au>
parents: 1676
diff changeset
272 struct PluginInstance *plugin_instance;
1653
76189c9ffea2 External Public-Key Authentication API (#72)
fabriziobertocci <fabriziobertocci@gmail.com>
parents: 1531
diff changeset
273 #endif
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
274 };
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
275
26
0969767bca0d snapshot of stuff
Matt Johnston <matt@ucc.asn.au>
parents: 24
diff changeset
276 typedef enum {
33
f789045062e6 Progressing client support
Matt Johnston <matt@ucc.asn.au>
parents: 26
diff changeset
277 KEX_NOTHING,
26
0969767bca0d snapshot of stuff
Matt Johnston <matt@ucc.asn.au>
parents: 24
diff changeset
278 KEXINIT_RCVD,
0969767bca0d snapshot of stuff
Matt Johnston <matt@ucc.asn.au>
parents: 24
diff changeset
279 KEXDH_INIT_SENT,
433
c216212001fc Fix for -pedantic -ansi compilation, change // to /**/, plus some signedness
Matt Johnston <matt@ucc.asn.au>
parents: 416
diff changeset
280 KEXDONE
33
f789045062e6 Progressing client support
Matt Johnston <matt@ucc.asn.au>
parents: 26
diff changeset
281 } cli_kex_state;
f789045062e6 Progressing client support
Matt Johnston <matt@ucc.asn.au>
parents: 26
diff changeset
282
f789045062e6 Progressing client support
Matt Johnston <matt@ucc.asn.au>
parents: 26
diff changeset
283 typedef enum {
f789045062e6 Progressing client support
Matt Johnston <matt@ucc.asn.au>
parents: 26
diff changeset
284 STATE_NOTHING,
883
ff597bf2cfb0 DROPBEAR_CLI_AUTH_IMMEDIATE fixed, now enabled by default
Matt Johnston <matt@ucc.asn.au>
parents: 857
diff changeset
285 USERAUTH_WAIT,
33
f789045062e6 Progressing client support
Matt Johnston <matt@ucc.asn.au>
parents: 26
diff changeset
286 USERAUTH_REQ_SENT,
f789045062e6 Progressing client support
Matt Johnston <matt@ucc.asn.au>
parents: 26
diff changeset
287 USERAUTH_FAIL_RCVD,
37
0913e2ee3545 we're nearly there yet
Matt Johnston <matt@ucc.asn.au>
parents: 34
diff changeset
288 USERAUTH_SUCCESS_RCVD,
433
c216212001fc Fix for -pedantic -ansi compilation, change // to /**/, plus some signedness
Matt Johnston <matt@ucc.asn.au>
parents: 416
diff changeset
289 SESSION_RUNNING
26
0969767bca0d snapshot of stuff
Matt Johnston <matt@ucc.asn.au>
parents: 24
diff changeset
290 } cli_state;
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
291
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
292 struct clientsession {
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
293
857
c19acba28590 use oldstyle comments
Matt Johnston <matt@ucc.asn.au>
parents: 848
diff changeset
294 /* XXX - move these to kexstate? */
755
b07eb3dc23ec refactor kexdh code a bit, start working on ecdh etc
Matt Johnston <matt@ucc.asn.au>
parents: 722
diff changeset
295 struct kex_dh_param *dh_param;
b07eb3dc23ec refactor kexdh code a bit, start working on ecdh etc
Matt Johnston <matt@ucc.asn.au>
parents: 722
diff changeset
296 struct kex_ecdh_param *ecdh_param;
848
6c69e7df3621 curve25519
Matt Johnston <matt@ucc.asn.au>
parents: 801
diff changeset
297 struct kex_curve25519_param *curve25519_param;
801
7dcb46da72d9 merge in HEAD
Matt Johnston <matt@ucc.asn.au>
parents: 761 775
diff changeset
298 const struct dropbear_kex *param_kex_algo; /* KEX algorithm corresponding to current dh_e and dh_x */
7dcb46da72d9 merge in HEAD
Matt Johnston <matt@ucc.asn.au>
parents: 761 775
diff changeset
299
33
f789045062e6 Progressing client support
Matt Johnston <matt@ucc.asn.au>
parents: 26
diff changeset
300 cli_kex_state kex_state; /* Used for progressing KEX */
f789045062e6 Progressing client support
Matt Johnston <matt@ucc.asn.au>
parents: 26
diff changeset
301 cli_state state; /* Used to progress auth/channelsession etc */
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
302
39
0883c0906870 tty raw mode support works mostly
Matt Johnston <matt@ucc.asn.au>
parents: 37
diff changeset
303 int tty_raw_mode; /* Whether we're in raw mode (and have to clean up) */
0883c0906870 tty raw mode support works mostly
Matt Johnston <matt@ucc.asn.au>
parents: 37
diff changeset
304 struct termios saved_tio;
93
5dda5a4d475c Don't leave the stdin FD non-blocking on exit - busybox doesn't like it.
Matt Johnston <matt@ucc.asn.au>
parents: 64
diff changeset
305 int stdincopy;
5dda5a4d475c Don't leave the stdin FD non-blocking on exit - busybox doesn't like it.
Matt Johnston <matt@ucc.asn.au>
parents: 64
diff changeset
306 int stdinflags;
175
2c5741e4b855 * Reset the non-blocking status of stdout and stderr as well on exit
Matt Johnston <matt@ucc.asn.au>
parents: 158
diff changeset
307 int stdoutcopy;
2c5741e4b855 * Reset the non-blocking status of stdout and stderr as well on exit
Matt Johnston <matt@ucc.asn.au>
parents: 158
diff changeset
308 int stdoutflags;
2c5741e4b855 * Reset the non-blocking status of stdout and stderr as well on exit
Matt Johnston <matt@ucc.asn.au>
parents: 158
diff changeset
309 int stderrcopy;
2c5741e4b855 * Reset the non-blocking status of stdout and stderr as well on exit
Matt Johnston <matt@ucc.asn.au>
parents: 158
diff changeset
310 int stderrflags;
39
0883c0906870 tty raw mode support works mostly
Matt Johnston <matt@ucc.asn.au>
parents: 37
diff changeset
311
722
4a274f47eabd Add ~. and ~^Z handling to exit/suspend dbclient
Matt Johnston <matt@ucc.asn.au>
parents: 715
diff changeset
312 /* for escape char handling */
4a274f47eabd Add ~. and ~^Z handling to exit/suspend dbclient
Matt Johnston <matt@ucc.asn.au>
parents: 715
diff changeset
313 int last_char;
4a274f47eabd Add ~. and ~^Z handling to exit/suspend dbclient
Matt Johnston <matt@ucc.asn.au>
parents: 715
diff changeset
314
1495
0c16b4ccbd54 make signal flags volatile, simplify handling
Matt Johnston <matt@ucc.asn.au>
parents: 1477
diff changeset
315 volatile int winchange; /* Set to 1 when a windowchange signal happens */
41
18eccbfb9641 added window-size change handling
Matt Johnston <matt@ucc.asn.au>
parents: 40
diff changeset
316
45
9ee8996a375f Pubkey auth is mostly there for the client. Something strange with
Matt Johnston <matt@ucc.asn.au>
parents: 43
diff changeset
317 int lastauthtype; /* either AUTH_TYPE_PUBKEY or AUTH_TYPE_PASSWORD,
9ee8996a375f Pubkey auth is mostly there for the client. Something strange with
Matt Johnston <matt@ucc.asn.au>
parents: 43
diff changeset
318 for the last type of auth we tried */
1821
df8d8ec1801c added option to disable trivial auth methods (#128)
Manfred Kaiser <37737811+manfred-kaiser@users.noreply.github.com>
parents: 1741
diff changeset
319 int is_trivial_auth;
883
ff597bf2cfb0 DROPBEAR_CLI_AUTH_IMMEDIATE fixed, now enabled by default
Matt Johnston <matt@ucc.asn.au>
parents: 857
diff changeset
320 int ignore_next_auth_response;
1295
750ec4ec4cbe Convert #ifdef to #if, other build changes
Matt Johnston <matt@ucc.asn.au>
parents: 1276
diff changeset
321 #if DROPBEAR_CLI_INTERACT_AUTH
249
efbaf6b03837 added keyboard-interactive client support
Matt Johnston <matt@ucc.asn.au>
parents: 215
diff changeset
322 int auth_interact_failed; /* flag whether interactive auth can still
efbaf6b03837 added keyboard-interactive client support
Matt Johnston <matt@ucc.asn.au>
parents: 215
diff changeset
323 be used */
efbaf6b03837 added keyboard-interactive client support
Matt Johnston <matt@ucc.asn.au>
parents: 215
diff changeset
324 int interact_request_received; /* flag whether we've received an
efbaf6b03837 added keyboard-interactive client support
Matt Johnston <matt@ucc.asn.au>
parents: 215
diff changeset
325 info request from the server for
efbaf6b03837 added keyboard-interactive client support
Matt Johnston <matt@ucc.asn.au>
parents: 215
diff changeset
326 interactive auth.*/
1155
80b45616e1f3 fix build when ENABLE_CLI_INTERACT_AUTH is disabled
Mike Frysinger <vapier@gentoo.org>
parents: 1139
diff changeset
327 #endif
551
c3f2ec71e3d4 New standard linked list to use, rather than adhoc SignKeyList or TCPFwdList
Matt Johnston <matt@ucc.asn.au>
parents: 550
diff changeset
328 sign_key *lastprivkey;
108
10f4d3319780 - added circular buffering for channels
Matt Johnston <matt@ucc.asn.au>
parents: 93
diff changeset
329
1676
d5cdc60db08e ext-info handling for server-sig-algs
Matt Johnston <matt@ucc.asn.au>
parents: 1675
diff changeset
330 buffer *server_sig_algs;
1675
ae41624c2198 split signkey_type and signature_type for RSA sha1 vs sha256
Matt Johnston <matt@ucc.asn.au>
parents: 1674
diff changeset
331
108
10f4d3319780 - added circular buffering for channels
Matt Johnston <matt@ucc.asn.au>
parents: 93
diff changeset
332 int retval; /* What the command exit status was - we emulate it */
45
9ee8996a375f Pubkey auth is mostly there for the client. Something strange with
Matt Johnston <matt@ucc.asn.au>
parents: 43
diff changeset
333 #if 0
9ee8996a375f Pubkey auth is mostly there for the client. Something strange with
Matt Johnston <matt@ucc.asn.au>
parents: 43
diff changeset
334 TODO
9ee8996a375f Pubkey auth is mostly there for the client. Something strange with
Matt Johnston <matt@ucc.asn.au>
parents: 43
diff changeset
335 struct AgentkeyList *agentkeys; /* Keys to use for public-key auth */
9ee8996a375f Pubkey auth is mostly there for the client. Something strange with
Matt Johnston <matt@ucc.asn.au>
parents: 43
diff changeset
336 #endif
9ee8996a375f Pubkey auth is mostly there for the client. Something strange with
Matt Johnston <matt@ucc.asn.au>
parents: 43
diff changeset
337
1215
d058e15ea213 A few minor style fixes
Matt Johnston <matt@ucc.asn.au>
parents: 1208
diff changeset
338 pid_t proxy_cmd_pid;
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
339 };
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
340
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
341 /* Global structs storing the state */
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
342 extern struct sshsession ses;
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
343
1295
750ec4ec4cbe Convert #ifdef to #if, other build changes
Matt Johnston <matt@ucc.asn.au>
parents: 1276
diff changeset
344 #if DROPBEAR_SERVER
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
345 extern struct serversession svr_ses;
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
346 #endif /* DROPBEAR_SERVER */
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
347
1295
750ec4ec4cbe Convert #ifdef to #if, other build changes
Matt Johnston <matt@ucc.asn.au>
parents: 1276
diff changeset
348 #if DROPBEAR_CLIENT
26
0969767bca0d snapshot of stuff
Matt Johnston <matt@ucc.asn.au>
parents: 24
diff changeset
349 extern struct clientsession cli_ses;
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
350 #endif /* DROPBEAR_CLIENT */
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
351
1036
deed0571cacc DROPBEAR_ prefix for include guards to avoid collisions
Thorsten Horstmann <thorsten.horstmann@web.de>
parents: 970
diff changeset
352 #endif /* DROPBEAR_SESSION_H_ */