dropbear: common-session.c annotate

annotate common-session.c @ 994:5c5ade336926

Prefer stronger algorithms in algorithm negotiation. Prefer diffie-hellman-group14-sha1 (2048 bit) over diffie-hellman-group1-sha1 (1024 bit). Due to meet-in-the-middle attacks the effective key length of three key 3DES is 112 bits. AES is stronger and faster then 3DES. Prefer to delay the start of compression until after authentication has completed. This avoids exposing compression code to attacks from unauthenticated users. (github pull request #9)

author	Fedor Brunner <fedor.brunner@azet.sk>
date	Fri, 23 Jan 2015 23:00:25 +0800
parents	0bb16232e7c4
children	73ea0dce9a57 363c0feca5d4

rev	line source
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	1 /*
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	2 * Dropbear - a SSH2 server
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	3 *
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	4 * Copyright (c) 2002,2003 Matt Johnston
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	5 * All rights reserved.
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	6 *
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	7 * Permission is hereby granted, free of charge, to any person obtaining a copy
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	8 * of this software and associated documentation files (the "Software"), to deal
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	9 * in the Software without restriction, including without limitation the rights
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	10 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	11 * copies of the Software, and to permit persons to whom the Software is
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	12 * furnished to do so, subject to the following conditions:
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	13 *
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	14 * The above copyright notice and this permission notice shall be included in
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	15 * all copies or substantial portions of the Software.
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	16 *
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	17 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	18 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	19 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	20 * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	21 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	22 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	23 * SOFTWARE. */
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	24
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	25 #include "includes.h"
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	26 #include "session.h"
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	27 #include "dbutil.h"
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	28 #include "packet.h"
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	29 #include "algo.h"
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	30 #include "buffer.h"
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	31 #include "dss.h"
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	32 #include "ssh.h"
858 220f55d540ae rename random.h to dbrandom.h since some OSes have a system random.h Matt Johnston <matt@ucc.asn.au> parents: 857 diff changeset	33 #include "dbrandom.h"
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	34 #include "kex.h"
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	35 #include "channel.h"
454 7e43f5e473b9 - Add -K keepalive flag for dropbear and dbclient Matt Johnston <matt@ucc.asn.au> parents: 452 diff changeset	36 #include "runopts.h"
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	37
108 10f4d3319780 - added circular buffering for channels Matt Johnston <matt@ucc.asn.au> parents: 107 diff changeset	38 static void checktimeouts();
454 7e43f5e473b9 - Add -K keepalive flag for dropbear and dbclient Matt Johnston <matt@ucc.asn.au> parents: 452 diff changeset	39 static long select_timeout();
108 10f4d3319780 - added circular buffering for channels Matt Johnston <matt@ucc.asn.au> parents: 107 diff changeset	40 static int ident_readln(int fd, char* buf, int count);
726 78eda530c000 send out our kexinit packet before blocking to read the SSH version string Matt Johnston <matt@ucc.asn.au> parents: 705 diff changeset	41 static void read_session_identification();
26 0969767bca0d snapshot of stuff Matt Johnston <matt@ucc.asn.au> parents: 24 diff changeset	42
24 469950e86d0f switching to global vars Matt Johnston <matt@ucc.asn.au> parents: 22 diff changeset	43 struct sshsession ses; /* GLOBAL */
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	44
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	45 /* need to know if the session struct has been initialised, this way isn't the
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	46 * cleanest, but works OK */
24 469950e86d0f switching to global vars Matt Johnston <matt@ucc.asn.au> parents: 22 diff changeset	47 int sessinitdone = 0; /* GLOBAL */
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	48
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	49 /* this is set when we get SIGINT or SIGTERM, the handler is in main.c */
24 469950e86d0f switching to global vars Matt Johnston <matt@ucc.asn.au> parents: 22 diff changeset	50 int exitflag = 0; /* GLOBAL */
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	51
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	52 /* called only at the start of a session, set up initial state */
568 005530560594 Rearrange getaddrstring() etc Matt Johnston <matt@ucc.asn.au> parents: 537 diff changeset	53 void common_session_init(int sock_in, int sock_out) {
939 a0819ecfee0b Make -K keepalive behave like OpenSSH's ServerAliveInterval Matt Johnston <matt@ucc.asn.au> parents: 929 diff changeset	54 time_t now;
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	55
165 0cfba3034be5 Fixed DEBUG_TRACE macro so that we don't get semicolons left about the place Matt Johnston <matt@ucc.asn.au> parents: 135 diff changeset	56 TRACE(("enter session_init"))
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	57
479 e3db1f7a2e43 - Split main socket var into ses.sock_in/ses.sock_out in preparation Matt Johnston <matt@ucc.asn.au> parents: 454 diff changeset	58 ses.sock_in = sock_in;
e3db1f7a2e43 - Split main socket var into ses.sock_in/ses.sock_out in preparation Matt Johnston <matt@ucc.asn.au> parents: 454 diff changeset	59 ses.sock_out = sock_out;
e3db1f7a2e43 - Split main socket var into ses.sock_in/ses.sock_out in preparation Matt Johnston <matt@ucc.asn.au> parents: 454 diff changeset	60 ses.maxfd = MAX(sock_in, sock_out);
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	61
941 5daedffd0769 Set tcp priority as follows: Matt Johnston <matt@ucc.asn.au> parents: 940 diff changeset	62 ses.socket_prio = DROPBEAR_PRIO_DEFAULT;
5daedffd0769 Set tcp priority as follows: Matt Johnston <matt@ucc.asn.au> parents: 940 diff changeset	63 /* Sets it to lowdelay */
5daedffd0769 Set tcp priority as follows: Matt Johnston <matt@ucc.asn.au> parents: 940 diff changeset	64 update_channel_prio();
5daedffd0769 Set tcp priority as follows: Matt Johnston <matt@ucc.asn.au> parents: 940 diff changeset	65
939 a0819ecfee0b Make -K keepalive behave like OpenSSH's ServerAliveInterval Matt Johnston <matt@ucc.asn.au> parents: 929 diff changeset	66 now = monotonic_now();
a0819ecfee0b Make -K keepalive behave like OpenSSH's ServerAliveInterval Matt Johnston <matt@ucc.asn.au> parents: 929 diff changeset	67 ses.last_packet_time_keepalive_recv = now;
a0819ecfee0b Make -K keepalive behave like OpenSSH's ServerAliveInterval Matt Johnston <matt@ucc.asn.au> parents: 929 diff changeset	68 ses.last_packet_time_idle = now;
a0819ecfee0b Make -K keepalive behave like OpenSSH's ServerAliveInterval Matt Johnston <matt@ucc.asn.au> parents: 929 diff changeset	69 ses.last_packet_time_any_sent = 0;
a0819ecfee0b Make -K keepalive behave like OpenSSH's ServerAliveInterval Matt Johnston <matt@ucc.asn.au> parents: 929 diff changeset	70 ses.last_packet_time_keepalive_sent = 0;
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	71
416 a01c0c8e543a Improve behaviour when flushing out after a process has exited. Matt Johnston <matt@ucc.asn.au> parents: 373 diff changeset	72 if (pipe(ses.signal_pipe) < 0) {
594 a98a2138364a Improve capitalisation for all logged strings Matt Johnston <matt@ucc.asn.au> parents: 568 diff changeset	73 dropbear_exit("Signal pipe failed");
416 a01c0c8e543a Improve behaviour when flushing out after a process has exited. Matt Johnston <matt@ucc.asn.au> parents: 373 diff changeset	74 }
a01c0c8e543a Improve behaviour when flushing out after a process has exited. Matt Johnston <matt@ucc.asn.au> parents: 373 diff changeset	75 setnonblocking(ses.signal_pipe[0]);
a01c0c8e543a Improve behaviour when flushing out after a process has exited. Matt Johnston <matt@ucc.asn.au> parents: 373 diff changeset	76 setnonblocking(ses.signal_pipe[1]);
537 7de2f22ea759 - Add the signal pipe to maxfd Matt Johnston <matt@ucc.asn.au> parents: 534 diff changeset	77
7de2f22ea759 - Add the signal pipe to maxfd Matt Johnston <matt@ucc.asn.au> parents: 534 diff changeset	78 ses.maxfd = MAX(ses.maxfd, ses.signal_pipe[0]);
7de2f22ea759 - Add the signal pipe to maxfd Matt Johnston <matt@ucc.asn.au> parents: 534 diff changeset	79 ses.maxfd = MAX(ses.maxfd, ses.signal_pipe[1]);
416 a01c0c8e543a Improve behaviour when flushing out after a process has exited. Matt Johnston <matt@ucc.asn.au> parents: 373 diff changeset	80
33 f789045062e6 Progressing client support Matt Johnston <matt@ucc.asn.au> parents: 26 diff changeset	81 kexfirstinitialise(); /* initialise the kex state */
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	82
448 9c61e7af0156 Rearrange the channel buffer sizes into three neat use-editable values in Matt Johnston <matt@ucc.asn.au> parents: 416 diff changeset	83 ses.writepayload = buf_new(TRANS_MAX_PAYLOAD_LEN);
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	84 ses.transseq = 0;
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	85
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	86 ses.readbuf = NULL;
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	87 ses.payload = NULL;
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	88 ses.recvseq = 0;
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	89
135 d663445c1533 Initialise the outgoing packet queue Matt Johnston <matt@ucc.asn.au> parents: 108 diff changeset	90 initqueue(&ses.writequeue);
d663445c1533 Initialise the outgoing packet queue Matt Johnston <matt@ucc.asn.au> parents: 108 diff changeset	91
886 cbc73a5aefb0 requirenext doesn't need two values Matt Johnston <matt@ucc.asn.au> parents: 858 diff changeset	92 ses.requirenext = SSH_MSG_KEXINIT;
452 4cab61369879 Prevent invalid packets being sent during key-exchange, instead queue Matt Johnston <matt@ucc.asn.au> parents: 448 diff changeset	93 ses.dataallowed = 1; /* we can send data until we actually
4cab61369879 Prevent invalid packets being sent during key-exchange, instead queue Matt Johnston <matt@ucc.asn.au> parents: 448 diff changeset	94 send the SSH_MSG_KEXINIT */
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	95 ses.ignorenext = 0;
34 e2a1eaa19f22 Client mostly works up to password auth Matt Johnston <matt@ucc.asn.au> parents: 33 diff changeset	96 ses.lastpacket = 0;
452 4cab61369879 Prevent invalid packets being sent during key-exchange, instead queue Matt Johnston <matt@ucc.asn.au> parents: 448 diff changeset	97 ses.reply_queue_head = NULL;
4cab61369879 Prevent invalid packets being sent during key-exchange, instead queue Matt Johnston <matt@ucc.asn.au> parents: 448 diff changeset	98 ses.reply_queue_tail = NULL;
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	99
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	100 /* set all the algos to none */
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	101 ses.keys = (struct key_context*)m_malloc(sizeof(struct key_context));
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	102 ses.newkeys = NULL;
534 0431915df79f - Get rid of decryptreadbuf, just decrypt in-place with readbuf Matt Johnston <matt@ucc.asn.au> parents: 531 diff changeset	103 ses.keys->recv.algo_crypt = &dropbear_nocipher;
0431915df79f - Get rid of decryptreadbuf, just decrypt in-place with readbuf Matt Johnston <matt@ucc.asn.au> parents: 531 diff changeset	104 ses.keys->trans.algo_crypt = &dropbear_nocipher;
0431915df79f - Get rid of decryptreadbuf, just decrypt in-place with readbuf Matt Johnston <matt@ucc.asn.au> parents: 531 diff changeset	105 ses.keys->recv.crypt_mode = &dropbear_mode_none;
0431915df79f - Get rid of decryptreadbuf, just decrypt in-place with readbuf Matt Johnston <matt@ucc.asn.au> parents: 531 diff changeset	106 ses.keys->trans.crypt_mode = &dropbear_mode_none;
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	107
534 0431915df79f - Get rid of decryptreadbuf, just decrypt in-place with readbuf Matt Johnston <matt@ucc.asn.au> parents: 531 diff changeset	108 ses.keys->recv.algo_mac = &dropbear_nohash;
0431915df79f - Get rid of decryptreadbuf, just decrypt in-place with readbuf Matt Johnston <matt@ucc.asn.au> parents: 531 diff changeset	109 ses.keys->trans.algo_mac = &dropbear_nohash;
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	110
761 ac2158e3e403 ecc kind of works, needs fixing/testing Matt Johnston <matt@ucc.asn.au> parents: 705 diff changeset	111 ses.keys->algo_kex = NULL;
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	112 ses.keys->algo_hostkey = -1;
534 0431915df79f - Get rid of decryptreadbuf, just decrypt in-place with readbuf Matt Johnston <matt@ucc.asn.au> parents: 531 diff changeset	113 ses.keys->recv.algo_comp = DROPBEAR_COMP_NONE;
0431915df79f - Get rid of decryptreadbuf, just decrypt in-place with readbuf Matt Johnston <matt@ucc.asn.au> parents: 531 diff changeset	114 ses.keys->trans.algo_comp = DROPBEAR_COMP_NONE;
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	115
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	116 #ifndef DISABLE_ZLIB
534 0431915df79f - Get rid of decryptreadbuf, just decrypt in-place with readbuf Matt Johnston <matt@ucc.asn.au> parents: 531 diff changeset	117 ses.keys->recv.zstream = NULL;
0431915df79f - Get rid of decryptreadbuf, just decrypt in-place with readbuf Matt Johnston <matt@ucc.asn.au> parents: 531 diff changeset	118 ses.keys->trans.zstream = NULL;
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	119 #endif
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	120
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	121 /* key exchange buffers */
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	122 ses.session_id = NULL;
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	123 ses.kexhashbuf = NULL;
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	124 ses.transkexinit = NULL;
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	125 ses.dh_K = NULL;
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	126 ses.remoteident = NULL;
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	127
6 ab00ef513e97 Sorted out the first channel init issues. Matt Johnston <matt@ucc.asn.au> parents: 4 diff changeset	128 ses.chantypes = NULL;
ab00ef513e97 Sorted out the first channel init issues. Matt Johnston <matt@ucc.asn.au> parents: 4 diff changeset	129
21 d7cc5b484a2e - Port restriction code back in Matt Johnston <matt@ucc.asn.au> parents: 6 diff changeset	130 ses.allowprivport = 0;
d7cc5b484a2e - Port restriction code back in Matt Johnston <matt@ucc.asn.au> parents: 6 diff changeset	131
165 0cfba3034be5 Fixed DEBUG_TRACE macro so that we don't get semicolons left about the place Matt Johnston <matt@ucc.asn.au> parents: 135 diff changeset	132 TRACE(("leave session_init"))
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	133 }
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	134
26 0969767bca0d snapshot of stuff Matt Johnston <matt@ucc.asn.au> parents: 24 diff changeset	135 void session_loop(void(*loophandler)()) {
0969767bca0d snapshot of stuff Matt Johnston <matt@ucc.asn.au> parents: 24 diff changeset	136
0969767bca0d snapshot of stuff Matt Johnston <matt@ucc.asn.au> parents: 24 diff changeset	137 fd_set readfd, writefd;
0969767bca0d snapshot of stuff Matt Johnston <matt@ucc.asn.au> parents: 24 diff changeset	138 struct timeval timeout;
0969767bca0d snapshot of stuff Matt Johnston <matt@ucc.asn.au> parents: 24 diff changeset	139 int val;
0969767bca0d snapshot of stuff Matt Johnston <matt@ucc.asn.au> parents: 24 diff changeset	140
0969767bca0d snapshot of stuff Matt Johnston <matt@ucc.asn.au> parents: 24 diff changeset	141 /* main loop, select()s for all sockets in use */
0969767bca0d snapshot of stuff Matt Johnston <matt@ucc.asn.au> parents: 24 diff changeset	142 for(;;) {
0969767bca0d snapshot of stuff Matt Johnston <matt@ucc.asn.au> parents: 24 diff changeset	143
454 7e43f5e473b9 - Add -K keepalive flag for dropbear and dbclient Matt Johnston <matt@ucc.asn.au> parents: 452 diff changeset	144 timeout.tv_sec = select_timeout();
26 0969767bca0d snapshot of stuff Matt Johnston <matt@ucc.asn.au> parents: 24 diff changeset	145 timeout.tv_usec = 0;
0969767bca0d snapshot of stuff Matt Johnston <matt@ucc.asn.au> parents: 24 diff changeset	146 FD_ZERO(&writefd);
0969767bca0d snapshot of stuff Matt Johnston <matt@ucc.asn.au> parents: 24 diff changeset	147 FD_ZERO(&readfd);
241 c5d3ef11155f * use own assertions which should get logged properly Matt Johnston <matt@ucc.asn.au> parents: 165 diff changeset	148 dropbear_assert(ses.payload == NULL);
726 78eda530c000 send out our kexinit packet before blocking to read the SSH version string Matt Johnston <matt@ucc.asn.au> parents: 705 diff changeset	149
78eda530c000 send out our kexinit packet before blocking to read the SSH version string Matt Johnston <matt@ucc.asn.au> parents: 705 diff changeset	150 /* during initial setup we flush out the KEXINIT packet before
78eda530c000 send out our kexinit packet before blocking to read the SSH version string Matt Johnston <matt@ucc.asn.au> parents: 705 diff changeset	151 * attempting to read the remote version string, which might block */
78eda530c000 send out our kexinit packet before blocking to read the SSH version string Matt Johnston <matt@ucc.asn.au> parents: 705 diff changeset	152 if (ses.sock_in != -1 && (ses.remoteident \|\| isempty(&ses.writequeue))) {
479 e3db1f7a2e43 - Split main socket var into ses.sock_in/ses.sock_out in preparation Matt Johnston <matt@ucc.asn.au> parents: 454 diff changeset	153 FD_SET(ses.sock_in, &readfd);
e3db1f7a2e43 - Split main socket var into ses.sock_in/ses.sock_out in preparation Matt Johnston <matt@ucc.asn.au> parents: 454 diff changeset	154 }
e3db1f7a2e43 - Split main socket var into ses.sock_in/ses.sock_out in preparation Matt Johnston <matt@ucc.asn.au> parents: 454 diff changeset	155 if (ses.sock_out != -1 && !isempty(&ses.writequeue)) {
e3db1f7a2e43 - Split main socket var into ses.sock_in/ses.sock_out in preparation Matt Johnston <matt@ucc.asn.au> parents: 454 diff changeset	156 FD_SET(ses.sock_out, &writefd);
26 0969767bca0d snapshot of stuff Matt Johnston <matt@ucc.asn.au> parents: 24 diff changeset	157 }
416 a01c0c8e543a Improve behaviour when flushing out after a process has exited. Matt Johnston <matt@ucc.asn.au> parents: 373 diff changeset	158
a01c0c8e543a Improve behaviour when flushing out after a process has exited. Matt Johnston <matt@ucc.asn.au> parents: 373 diff changeset	159 /* We get woken up when signal handlers write to this pipe.
a01c0c8e543a Improve behaviour when flushing out after a process has exited. Matt Johnston <matt@ucc.asn.au> parents: 373 diff changeset	160 SIGCHLD in svr-chansession is the only one currently. */
a01c0c8e543a Improve behaviour when flushing out after a process has exited. Matt Johnston <matt@ucc.asn.au> parents: 373 diff changeset	161 FD_SET(ses.signal_pipe[0], &readfd);
26 0969767bca0d snapshot of stuff Matt Johnston <matt@ucc.asn.au> parents: 24 diff changeset	162
896 a1a97e98b0c1 Read (and enqueue) packets from interactive input even when Matt Johnston <matt@ucc.asn.au> parents: 891 diff changeset	163 /* set up for channels which can be read/written */
a1a97e98b0c1 Read (and enqueue) packets from interactive input even when Matt Johnston <matt@ucc.asn.au> parents: 891 diff changeset	164 setchannelfds(&readfd, &writefd);
a1a97e98b0c1 Read (and enqueue) packets from interactive input even when Matt Johnston <matt@ucc.asn.au> parents: 891 diff changeset	165
26 0969767bca0d snapshot of stuff Matt Johnston <matt@ucc.asn.au> parents: 24 diff changeset	166 val = select(ses.maxfd+1, &readfd, &writefd, NULL, &timeout);
0969767bca0d snapshot of stuff Matt Johnston <matt@ucc.asn.au> parents: 24 diff changeset	167
0969767bca0d snapshot of stuff Matt Johnston <matt@ucc.asn.au> parents: 24 diff changeset	168 if (exitflag) {
0969767bca0d snapshot of stuff Matt Johnston <matt@ucc.asn.au> parents: 24 diff changeset	169 dropbear_exit("Terminated by signal");
0969767bca0d snapshot of stuff Matt Johnston <matt@ucc.asn.au> parents: 24 diff changeset	170 }
0969767bca0d snapshot of stuff Matt Johnston <matt@ucc.asn.au> parents: 24 diff changeset	171
373 70caa99bfe3a Tidy up behaviour when select() is interrupted. We follow normal Matt Johnston <matt@ucc.asn.au> parents: 344 diff changeset	172 if (val < 0 && errno != EINTR) {
70caa99bfe3a Tidy up behaviour when select() is interrupted. We follow normal Matt Johnston <matt@ucc.asn.au> parents: 344 diff changeset	173 dropbear_exit("Error in select");
70caa99bfe3a Tidy up behaviour when select() is interrupted. We follow normal Matt Johnston <matt@ucc.asn.au> parents: 344 diff changeset	174 }
70caa99bfe3a Tidy up behaviour when select() is interrupted. We follow normal Matt Johnston <matt@ucc.asn.au> parents: 344 diff changeset	175
70caa99bfe3a Tidy up behaviour when select() is interrupted. We follow normal Matt Johnston <matt@ucc.asn.au> parents: 344 diff changeset	176 if (val <= 0) {
70caa99bfe3a Tidy up behaviour when select() is interrupted. We follow normal Matt Johnston <matt@ucc.asn.au> parents: 344 diff changeset	177 /* If we were interrupted or the select timed out, we still
70caa99bfe3a Tidy up behaviour when select() is interrupted. We follow normal Matt Johnston <matt@ucc.asn.au> parents: 344 diff changeset	178 * want to iterate over channels etc for reading, to handle
70caa99bfe3a Tidy up behaviour when select() is interrupted. We follow normal Matt Johnston <matt@ucc.asn.au> parents: 344 diff changeset	179 * server processes exiting etc.
70caa99bfe3a Tidy up behaviour when select() is interrupted. We follow normal Matt Johnston <matt@ucc.asn.au> parents: 344 diff changeset	180 * We don't want to read/write FDs. */
70caa99bfe3a Tidy up behaviour when select() is interrupted. We follow normal Matt Johnston <matt@ucc.asn.au> parents: 344 diff changeset	181 FD_ZERO(&writefd);
70caa99bfe3a Tidy up behaviour when select() is interrupted. We follow normal Matt Johnston <matt@ucc.asn.au> parents: 344 diff changeset	182 FD_ZERO(&readfd);
26 0969767bca0d snapshot of stuff Matt Johnston <matt@ucc.asn.au> parents: 24 diff changeset	183 }
416 a01c0c8e543a Improve behaviour when flushing out after a process has exited. Matt Johnston <matt@ucc.asn.au> parents: 373 diff changeset	184
a01c0c8e543a Improve behaviour when flushing out after a process has exited. Matt Johnston <matt@ucc.asn.au> parents: 373 diff changeset	185 /* We'll just empty out the pipe if required. We don't do
a01c0c8e543a Improve behaviour when flushing out after a process has exited. Matt Johnston <matt@ucc.asn.au> parents: 373 diff changeset	186 any thing with the data, since the pipe's purpose is purely to
a01c0c8e543a Improve behaviour when flushing out after a process has exited. Matt Johnston <matt@ucc.asn.au> parents: 373 diff changeset	187 wake up the select() above. */
a01c0c8e543a Improve behaviour when flushing out after a process has exited. Matt Johnston <matt@ucc.asn.au> parents: 373 diff changeset	188 if (FD_ISSET(ses.signal_pipe[0], &readfd)) {
a01c0c8e543a Improve behaviour when flushing out after a process has exited. Matt Johnston <matt@ucc.asn.au> parents: 373 diff changeset	189 char x;
a01c0c8e543a Improve behaviour when flushing out after a process has exited. Matt Johnston <matt@ucc.asn.au> parents: 373 diff changeset	190 while (read(ses.signal_pipe[0], &x, 1) > 0) {}
a01c0c8e543a Improve behaviour when flushing out after a process has exited. Matt Johnston <matt@ucc.asn.au> parents: 373 diff changeset	191 }
26 0969767bca0d snapshot of stuff Matt Johnston <matt@ucc.asn.au> parents: 24 diff changeset	192
0969767bca0d snapshot of stuff Matt Johnston <matt@ucc.asn.au> parents: 24 diff changeset	193 /* check for auth timeout, rekeying required etc */
0969767bca0d snapshot of stuff Matt Johnston <matt@ucc.asn.au> parents: 24 diff changeset	194 checktimeouts();
0969767bca0d snapshot of stuff Matt Johnston <matt@ucc.asn.au> parents: 24 diff changeset	195
929 9d40ed1da686 Experiment of always writing data if available. Might waste a writev() with Matt Johnston <matt@ucc.asn.au> parents: 928 diff changeset	196 /* process session socket's incoming data */
479 e3db1f7a2e43 - Split main socket var into ses.sock_in/ses.sock_out in preparation Matt Johnston <matt@ucc.asn.au> parents: 454 diff changeset	197 if (ses.sock_in != -1) {
e3db1f7a2e43 - Split main socket var into ses.sock_in/ses.sock_out in preparation Matt Johnston <matt@ucc.asn.au> parents: 454 diff changeset	198 if (FD_ISSET(ses.sock_in, &readfd)) {
726 78eda530c000 send out our kexinit packet before blocking to read the SSH version string Matt Johnston <matt@ucc.asn.au> parents: 705 diff changeset	199 if (!ses.remoteident) {
78eda530c000 send out our kexinit packet before blocking to read the SSH version string Matt Johnston <matt@ucc.asn.au> parents: 705 diff changeset	200 /* blocking read of the version string */
78eda530c000 send out our kexinit packet before blocking to read the SSH version string Matt Johnston <matt@ucc.asn.au> parents: 705 diff changeset	201 read_session_identification();
78eda530c000 send out our kexinit packet before blocking to read the SSH version string Matt Johnston <matt@ucc.asn.au> parents: 705 diff changeset	202 } else {
78eda530c000 send out our kexinit packet before blocking to read the SSH version string Matt Johnston <matt@ucc.asn.au> parents: 705 diff changeset	203 read_packet();
78eda530c000 send out our kexinit packet before blocking to read the SSH version string Matt Johnston <matt@ucc.asn.au> parents: 705 diff changeset	204 }
26 0969767bca0d snapshot of stuff Matt Johnston <matt@ucc.asn.au> parents: 24 diff changeset	205 }
0969767bca0d snapshot of stuff Matt Johnston <matt@ucc.asn.au> parents: 24 diff changeset	206
0969767bca0d snapshot of stuff Matt Johnston <matt@ucc.asn.au> parents: 24 diff changeset	207 /* Process the decrypted packet. After this, the read buffer
0969767bca0d snapshot of stuff Matt Johnston <matt@ucc.asn.au> parents: 24 diff changeset	208 * will be ready for a new packet */
0969767bca0d snapshot of stuff Matt Johnston <matt@ucc.asn.au> parents: 24 diff changeset	209 if (ses.payload != NULL) {
0969767bca0d snapshot of stuff Matt Johnston <matt@ucc.asn.au> parents: 24 diff changeset	210 process_packet();
0969767bca0d snapshot of stuff Matt Johnston <matt@ucc.asn.au> parents: 24 diff changeset	211 }
0969767bca0d snapshot of stuff Matt Johnston <matt@ucc.asn.au> parents: 24 diff changeset	212 }
452 4cab61369879 Prevent invalid packets being sent during key-exchange, instead queue Matt Johnston <matt@ucc.asn.au> parents: 448 diff changeset	213
4cab61369879 Prevent invalid packets being sent during key-exchange, instead queue Matt Johnston <matt@ucc.asn.au> parents: 448 diff changeset	214 /* if required, flush out any queued reply packets that
4cab61369879 Prevent invalid packets being sent during key-exchange, instead queue Matt Johnston <matt@ucc.asn.au> parents: 448 diff changeset	215 were being held up during a KEX */
4cab61369879 Prevent invalid packets being sent during key-exchange, instead queue Matt Johnston <matt@ucc.asn.au> parents: 448 diff changeset	216 maybe_flush_reply_queue();
26 0969767bca0d snapshot of stuff Matt Johnston <matt@ucc.asn.au> parents: 24 diff changeset	217
0969767bca0d snapshot of stuff Matt Johnston <matt@ucc.asn.au> parents: 24 diff changeset	218 /* process pipes etc for the channels, ses.dataallowed == 0
0969767bca0d snapshot of stuff Matt Johnston <matt@ucc.asn.au> parents: 24 diff changeset	219 * during rekeying ) */
896 a1a97e98b0c1 Read (and enqueue) packets from interactive input even when Matt Johnston <matt@ucc.asn.au> parents: 891 diff changeset	220 channelio(&readfd, &writefd);
26 0969767bca0d snapshot of stuff Matt Johnston <matt@ucc.asn.au> parents: 24 diff changeset	221
929 9d40ed1da686 Experiment of always writing data if available. Might waste a writev() with Matt Johnston <matt@ucc.asn.au> parents: 928 diff changeset	222 /* process session socket's outgoing data */
9d40ed1da686 Experiment of always writing data if available. Might waste a writev() with Matt Johnston <matt@ucc.asn.au> parents: 928 diff changeset	223 if (ses.sock_out != -1) {
9d40ed1da686 Experiment of always writing data if available. Might waste a writev() with Matt Johnston <matt@ucc.asn.au> parents: 928 diff changeset	224 if (!isempty(&ses.writequeue)) {
9d40ed1da686 Experiment of always writing data if available. Might waste a writev() with Matt Johnston <matt@ucc.asn.au> parents: 928 diff changeset	225 write_packet();
9d40ed1da686 Experiment of always writing data if available. Might waste a writev() with Matt Johnston <matt@ucc.asn.au> parents: 928 diff changeset	226 }
9d40ed1da686 Experiment of always writing data if available. Might waste a writev() with Matt Johnston <matt@ucc.asn.au> parents: 928 diff changeset	227 }
9d40ed1da686 Experiment of always writing data if available. Might waste a writev() with Matt Johnston <matt@ucc.asn.au> parents: 928 diff changeset	228
9d40ed1da686 Experiment of always writing data if available. Might waste a writev() with Matt Johnston <matt@ucc.asn.au> parents: 928 diff changeset	229
26 0969767bca0d snapshot of stuff Matt Johnston <matt@ucc.asn.au> parents: 24 diff changeset	230 if (loophandler) {
0969767bca0d snapshot of stuff Matt Johnston <matt@ucc.asn.au> parents: 24 diff changeset	231 loophandler();
0969767bca0d snapshot of stuff Matt Johnston <matt@ucc.asn.au> parents: 24 diff changeset	232 }
0969767bca0d snapshot of stuff Matt Johnston <matt@ucc.asn.au> parents: 24 diff changeset	233
0969767bca0d snapshot of stuff Matt Johnston <matt@ucc.asn.au> parents: 24 diff changeset	234 } /* for(;;) */
0969767bca0d snapshot of stuff Matt Johnston <matt@ucc.asn.au> parents: 24 diff changeset	235
0969767bca0d snapshot of stuff Matt Johnston <matt@ucc.asn.au> parents: 24 diff changeset	236 /* Not reached */
0969767bca0d snapshot of stuff Matt Johnston <matt@ucc.asn.au> parents: 24 diff changeset	237 }
0969767bca0d snapshot of stuff Matt Johnston <matt@ucc.asn.au> parents: 24 diff changeset	238
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	239 /* clean up a session on exit */
733 70811267715c Run the cleanup handler also when we close due to TCP connection being closed Matt Johnston <matt@ucc.asn.au> parents: 726 diff changeset	240 void session_cleanup() {
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	241
165 0cfba3034be5 Fixed DEBUG_TRACE macro so that we don't get semicolons left about the place Matt Johnston <matt@ucc.asn.au> parents: 135 diff changeset	242 TRACE(("enter session_cleanup"))
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	243
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	244 /* we can't cleanup if we don't know the session state */
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	245 if (!sessinitdone) {
165 0cfba3034be5 Fixed DEBUG_TRACE macro so that we don't get semicolons left about the place Matt Johnston <matt@ucc.asn.au> parents: 135 diff changeset	246 TRACE(("leave session_cleanup: !sessinitdone"))
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	247 return;
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	248 }
733 70811267715c Run the cleanup handler also when we close due to TCP connection being closed Matt Johnston <matt@ucc.asn.au> parents: 726 diff changeset	249
70811267715c Run the cleanup handler also when we close due to TCP connection being closed Matt Johnston <matt@ucc.asn.au> parents: 726 diff changeset	250 if (ses.extra_session_cleanup) {
70811267715c Run the cleanup handler also when we close due to TCP connection being closed Matt Johnston <matt@ucc.asn.au> parents: 726 diff changeset	251 ses.extra_session_cleanup();
70811267715c Run the cleanup handler also when we close due to TCP connection being closed Matt Johnston <matt@ucc.asn.au> parents: 726 diff changeset	252 }
891 e78f5ce6e7bb cleanup before clearing keys Matt Johnston <matt@ucc.asn.au> parents: 886 diff changeset	253
e78f5ce6e7bb cleanup before clearing keys Matt Johnston <matt@ucc.asn.au> parents: 886 diff changeset	254 chancleanup();
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	255
891 e78f5ce6e7bb cleanup before clearing keys Matt Johnston <matt@ucc.asn.au> parents: 886 diff changeset	256 /* Cleaning up keys must happen after other cleanup
e78f5ce6e7bb cleanup before clearing keys Matt Johnston <matt@ucc.asn.au> parents: 886 diff changeset	257 functions which might queue packets */
761 ac2158e3e403 ecc kind of works, needs fixing/testing Matt Johnston <matt@ucc.asn.au> parents: 705 diff changeset	258 if (ses.session_id) {
ac2158e3e403 ecc kind of works, needs fixing/testing Matt Johnston <matt@ucc.asn.au> parents: 705 diff changeset	259 buf_burn(ses.session_id);
ac2158e3e403 ecc kind of works, needs fixing/testing Matt Johnston <matt@ucc.asn.au> parents: 705 diff changeset	260 buf_free(ses.session_id);
ac2158e3e403 ecc kind of works, needs fixing/testing Matt Johnston <matt@ucc.asn.au> parents: 705 diff changeset	261 ses.session_id = NULL;
ac2158e3e403 ecc kind of works, needs fixing/testing Matt Johnston <matt@ucc.asn.au> parents: 705 diff changeset	262 }
ac2158e3e403 ecc kind of works, needs fixing/testing Matt Johnston <matt@ucc.asn.au> parents: 705 diff changeset	263 if (ses.hash) {
ac2158e3e403 ecc kind of works, needs fixing/testing Matt Johnston <matt@ucc.asn.au> parents: 705 diff changeset	264 buf_burn(ses.hash);
ac2158e3e403 ecc kind of works, needs fixing/testing Matt Johnston <matt@ucc.asn.au> parents: 705 diff changeset	265 buf_free(ses.hash);
ac2158e3e403 ecc kind of works, needs fixing/testing Matt Johnston <matt@ucc.asn.au> parents: 705 diff changeset	266 ses.hash = NULL;
ac2158e3e403 ecc kind of works, needs fixing/testing Matt Johnston <matt@ucc.asn.au> parents: 705 diff changeset	267 }
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	268 m_burn(ses.keys, sizeof(struct key_context));
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	269 m_free(ses.keys);
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	270
165 0cfba3034be5 Fixed DEBUG_TRACE macro so that we don't get semicolons left about the place Matt Johnston <matt@ucc.asn.au> parents: 135 diff changeset	271 TRACE(("leave session_cleanup"))
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	272 }
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	273
726 78eda530c000 send out our kexinit packet before blocking to read the SSH version string Matt Johnston <matt@ucc.asn.au> parents: 705 diff changeset	274 void send_session_identification() {
751 685d05f1cc5c Just put the version string on the queue, don't use atomicio Matt Johnston <matt@ucc.asn.au> parents: 733 diff changeset	275 buffer *writebuf = buf_new(strlen(LOCAL_IDENT "\r\n") + 1);
685d05f1cc5c Just put the version string on the queue, don't use atomicio Matt Johnston <matt@ucc.asn.au> parents: 733 diff changeset	276 buf_putbytes(writebuf, LOCAL_IDENT "\r\n", strlen(LOCAL_IDENT "\r\n"));
857 c19acba28590 use oldstyle comments Matt Johnston <matt@ucc.asn.au> parents: 801 diff changeset	277 buf_putbyte(writebuf, 0x0); /* packet type */
751 685d05f1cc5c Just put the version string on the queue, don't use atomicio Matt Johnston <matt@ucc.asn.au> parents: 733 diff changeset	278 buf_setpos(writebuf, 0);
685d05f1cc5c Just put the version string on the queue, don't use atomicio Matt Johnston <matt@ucc.asn.au> parents: 733 diff changeset	279 enqueue(&ses.writequeue, writebuf);
726 78eda530c000 send out our kexinit packet before blocking to read the SSH version string Matt Johnston <matt@ucc.asn.au> parents: 705 diff changeset	280 }
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	281
726 78eda530c000 send out our kexinit packet before blocking to read the SSH version string Matt Johnston <matt@ucc.asn.au> parents: 705 diff changeset	282 static void read_session_identification() {
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	283 /* max length of 255 chars */
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	284 char linebuf[256];
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	285 int len = 0;
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	286 char done = 0;
103 8aeac62a968f Allow leading lines before the ident banner when connecting Matt Johnston <matt@ucc.asn.au> parents: 41 diff changeset	287 int i;
513 a3748e54273c Idle timeout patch from Farrell Aultman. Needs testing, unsure if server Matt Johnston <matt@ucc.asn.au> parents: 502 diff changeset	288 /* If they send more than 50 lines, something is wrong */
275 7f9adaf85fca Exit with a message if the ssh protocol version is incompatible Matt Johnston <matt@ucc.asn.au> parents: 242 diff changeset	289 for (i = 0; i < 50; i++) {
479 e3db1f7a2e43 - Split main socket var into ses.sock_in/ses.sock_out in preparation Matt Johnston <matt@ucc.asn.au> parents: 454 diff changeset	290 len = ident_readln(ses.sock_in, linebuf, sizeof(linebuf));
103 8aeac62a968f Allow leading lines before the ident banner when connecting Matt Johnston <matt@ucc.asn.au> parents: 41 diff changeset	291
8aeac62a968f Allow leading lines before the ident banner when connecting Matt Johnston <matt@ucc.asn.au> parents: 41 diff changeset	292 if (len < 0 && errno != EINTR) {
8aeac62a968f Allow leading lines before the ident banner when connecting Matt Johnston <matt@ucc.asn.au> parents: 41 diff changeset	293 /* It failed */
8aeac62a968f Allow leading lines before the ident banner when connecting Matt Johnston <matt@ucc.asn.au> parents: 41 diff changeset	294 break;
8aeac62a968f Allow leading lines before the ident banner when connecting Matt Johnston <matt@ucc.asn.au> parents: 41 diff changeset	295 }
8aeac62a968f Allow leading lines before the ident banner when connecting Matt Johnston <matt@ucc.asn.au> parents: 41 diff changeset	296
8aeac62a968f Allow leading lines before the ident banner when connecting Matt Johnston <matt@ucc.asn.au> parents: 41 diff changeset	297 if (len >= 4 && memcmp(linebuf, "SSH-", 4) == 0) {
8aeac62a968f Allow leading lines before the ident banner when connecting Matt Johnston <matt@ucc.asn.au> parents: 41 diff changeset	298 /* start of line matches */
8aeac62a968f Allow leading lines before the ident banner when connecting Matt Johnston <matt@ucc.asn.au> parents: 41 diff changeset	299 done = 1;
8aeac62a968f Allow leading lines before the ident banner when connecting Matt Johnston <matt@ucc.asn.au> parents: 41 diff changeset	300 break;
8aeac62a968f Allow leading lines before the ident banner when connecting Matt Johnston <matt@ucc.asn.au> parents: 41 diff changeset	301 }
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	302 }
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	303
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	304 if (!done) {
165 0cfba3034be5 Fixed DEBUG_TRACE macro so that we don't get semicolons left about the place Matt Johnston <matt@ucc.asn.au> parents: 135 diff changeset	305 TRACE(("err: %s for '%s'\n", strerror(errno), linebuf))
344 bf29e6659fb9 Just use the normal "remote closed" handler when reading ident stings Matt Johnston <matt@ucc.asn.au> parents: 275 diff changeset	306 ses.remoteclosed();
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	307 } else {
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	308 /* linebuf is already null terminated */
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	309 ses.remoteident = m_malloc(len);
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	310 memcpy(ses.remoteident, linebuf, len);
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	311 }
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	312
513 a3748e54273c Idle timeout patch from Farrell Aultman. Needs testing, unsure if server Matt Johnston <matt@ucc.asn.au> parents: 502 diff changeset	313 /* Shall assume that 2.x will be backwards compatible. */
a3748e54273c Idle timeout patch from Farrell Aultman. Needs testing, unsure if server Matt Johnston <matt@ucc.asn.au> parents: 502 diff changeset	314 if (strncmp(ses.remoteident, "SSH-2.", 6) != 0
a3748e54273c Idle timeout patch from Farrell Aultman. Needs testing, unsure if server Matt Johnston <matt@ucc.asn.au> parents: 502 diff changeset	315 && strncmp(ses.remoteident, "SSH-1.99-", 9) != 0) {
a3748e54273c Idle timeout patch from Farrell Aultman. Needs testing, unsure if server Matt Johnston <matt@ucc.asn.au> parents: 502 diff changeset	316 dropbear_exit("Incompatible remote version '%s'", ses.remoteident);
a3748e54273c Idle timeout patch from Farrell Aultman. Needs testing, unsure if server Matt Johnston <matt@ucc.asn.au> parents: 502 diff changeset	317 }
275 7f9adaf85fca Exit with a message if the ssh protocol version is incompatible Matt Johnston <matt@ucc.asn.au> parents: 242 diff changeset	318
165 0cfba3034be5 Fixed DEBUG_TRACE macro so that we don't get semicolons left about the place Matt Johnston <matt@ucc.asn.au> parents: 135 diff changeset	319 TRACE(("remoteident: %s", ses.remoteident))
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	320
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	321 }
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	322
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	323 /* returns the length including null-terminating zero on success,
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	324 * or -1 on failure */
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	325 static int ident_readln(int fd, char* buf, int count) {
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	326
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	327 char in;
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	328 int pos = 0;
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	329 int num = 0;
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	330 fd_set fds;
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	331 struct timeval timeout;
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	332
165 0cfba3034be5 Fixed DEBUG_TRACE macro so that we don't get semicolons left about the place Matt Johnston <matt@ucc.asn.au> parents: 135 diff changeset	333 TRACE(("enter ident_readln"))
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	334
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	335 if (count < 1) {
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	336 return -1;
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	337 }
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	338
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	339 FD_ZERO(&fds);
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	340
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	341 /* select since it's a non-blocking fd */
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	342
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	343 /* leave space to null-terminate */
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	344 while (pos < count-1) {
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	345
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	346 FD_SET(fd, &fds);
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	347
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	348 timeout.tv_sec = 1;
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	349 timeout.tv_usec = 0;
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	350 if (select(fd+1, &fds, NULL, NULL, &timeout) < 0) {
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	351 if (errno == EINTR) {
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	352 continue;
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	353 }
165 0cfba3034be5 Fixed DEBUG_TRACE macro so that we don't get semicolons left about the place Matt Johnston <matt@ucc.asn.au> parents: 135 diff changeset	354 TRACE(("leave ident_readln: select error"))
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	355 return -1;
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	356 }
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	357
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	358 checktimeouts();
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	359
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	360 /* Have to go one byte at a time, since we don't want to read past
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	361 * the end, and have to somehow shove bytes back into the normal
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	362 * packet reader */
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	363 if (FD_ISSET(fd, &fds)) {
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	364 num = read(fd, &in, 1);
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	365 /* a "\n" is a newline, "\r" we want to read in and keep going
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	366 * so that it won't be read as part of the next line */
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	367 if (num < 0) {
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	368 /* error */
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	369 if (errno == EINTR) {
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	370 continue; /* not a real error */
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	371 }
165 0cfba3034be5 Fixed DEBUG_TRACE macro so that we don't get semicolons left about the place Matt Johnston <matt@ucc.asn.au> parents: 135 diff changeset	372 TRACE(("leave ident_readln: read error"))
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	373 return -1;
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	374 }
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	375 if (num == 0) {
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	376 /* EOF */
165 0cfba3034be5 Fixed DEBUG_TRACE macro so that we don't get semicolons left about the place Matt Johnston <matt@ucc.asn.au> parents: 135 diff changeset	377 TRACE(("leave ident_readln: EOF"))
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	378 return -1;
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	379 }
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	380 if (in == '\n') {
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	381 /* end of ident string */
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	382 break;
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	383 }
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	384 /* we don't want to include '\r's */
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	385 if (in != '\r') {
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	386 buf[pos] = in;
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	387 pos++;
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	388 }
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	389 }
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	390 }
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	391
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	392 buf[pos] = '\0';
165 0cfba3034be5 Fixed DEBUG_TRACE macro so that we don't get semicolons left about the place Matt Johnston <matt@ucc.asn.au> parents: 135 diff changeset	393 TRACE(("leave ident_readln: return %d", pos+1))
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	394 return pos+1;
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	395 }
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	396
970 0bb16232e7c4 Make keepalive handling more robust, this should now match what OpenSSH does Matt Johnston <matt@ucc.asn.au> parents: 968 diff changeset	397 void ignore_recv_response() {
968 f7f6c15b0ec3 Don't send SSH_MSG_UNIMPLEMENTED for keepalive responses Matt Johnston <matt@ucc.asn.au> parents: 941 diff changeset	398 // Do nothing
970 0bb16232e7c4 Make keepalive handling more robust, this should now match what OpenSSH does Matt Johnston <matt@ucc.asn.au> parents: 968 diff changeset	399 TRACE(("Ignored msg_request_response"))
968 f7f6c15b0ec3 Don't send SSH_MSG_UNIMPLEMENTED for keepalive responses Matt Johnston <matt@ucc.asn.au> parents: 941 diff changeset	400 }
f7f6c15b0ec3 Don't send SSH_MSG_UNIMPLEMENTED for keepalive responses Matt Johnston <matt@ucc.asn.au> parents: 941 diff changeset	401
939 a0819ecfee0b Make -K keepalive behave like OpenSSH's ServerAliveInterval Matt Johnston <matt@ucc.asn.au> parents: 929 diff changeset	402 static void send_msg_keepalive() {
454 7e43f5e473b9 - Add -K keepalive flag for dropbear and dbclient Matt Johnston <matt@ucc.asn.au> parents: 452 diff changeset	403 CHECKCLEARTOWRITE();
939 a0819ecfee0b Make -K keepalive behave like OpenSSH's ServerAliveInterval Matt Johnston <matt@ucc.asn.au> parents: 929 diff changeset	404 time_t old_time_idle = ses.last_packet_time_idle;
970 0bb16232e7c4 Make keepalive handling more robust, this should now match what OpenSSH does Matt Johnston <matt@ucc.asn.au> parents: 968 diff changeset	405
0bb16232e7c4 Make keepalive handling more robust, this should now match what OpenSSH does Matt Johnston <matt@ucc.asn.au> parents: 968 diff changeset	406 struct Channel *chan = get_any_ready_channel();
0bb16232e7c4 Make keepalive handling more robust, this should now match what OpenSSH does Matt Johnston <matt@ucc.asn.au> parents: 968 diff changeset	407
0bb16232e7c4 Make keepalive handling more robust, this should now match what OpenSSH does Matt Johnston <matt@ucc.asn.au> parents: 968 diff changeset	408 if (chan) {
0bb16232e7c4 Make keepalive handling more robust, this should now match what OpenSSH does Matt Johnston <matt@ucc.asn.au> parents: 968 diff changeset	409 /* Channel requests are preferable, more implementations
0bb16232e7c4 Make keepalive handling more robust, this should now match what OpenSSH does Matt Johnston <matt@ucc.asn.au> parents: 968 diff changeset	410 handle them than SSH_MSG_GLOBAL_REQUEST */
0bb16232e7c4 Make keepalive handling more robust, this should now match what OpenSSH does Matt Johnston <matt@ucc.asn.au> parents: 968 diff changeset	411 TRACE(("keepalive channel request %d", chan->index))
0bb16232e7c4 Make keepalive handling more robust, this should now match what OpenSSH does Matt Johnston <matt@ucc.asn.au> parents: 968 diff changeset	412 start_send_channel_request(chan, DROPBEAR_KEEPALIVE_STRING);
0bb16232e7c4 Make keepalive handling more robust, this should now match what OpenSSH does Matt Johnston <matt@ucc.asn.au> parents: 968 diff changeset	413 } else {
0bb16232e7c4 Make keepalive handling more robust, this should now match what OpenSSH does Matt Johnston <matt@ucc.asn.au> parents: 968 diff changeset	414 TRACE(("keepalive global request"))
0bb16232e7c4 Make keepalive handling more robust, this should now match what OpenSSH does Matt Johnston <matt@ucc.asn.au> parents: 968 diff changeset	415 /* Some peers will reply with SSH_MSG_REQUEST_FAILURE,
0bb16232e7c4 Make keepalive handling more robust, this should now match what OpenSSH does Matt Johnston <matt@ucc.asn.au> parents: 968 diff changeset	416 some will reply with SSH_MSG_UNIMPLEMENTED, some will exit. */
0bb16232e7c4 Make keepalive handling more robust, this should now match what OpenSSH does Matt Johnston <matt@ucc.asn.au> parents: 968 diff changeset	417 buf_putbyte(ses.writepayload, SSH_MSG_GLOBAL_REQUEST);
0bb16232e7c4 Make keepalive handling more robust, this should now match what OpenSSH does Matt Johnston <matt@ucc.asn.au> parents: 968 diff changeset	418 buf_putstring(ses.writepayload, DROPBEAR_KEEPALIVE_STRING,
0bb16232e7c4 Make keepalive handling more robust, this should now match what OpenSSH does Matt Johnston <matt@ucc.asn.au> parents: 968 diff changeset	419 strlen(DROPBEAR_KEEPALIVE_STRING));
0bb16232e7c4 Make keepalive handling more robust, this should now match what OpenSSH does Matt Johnston <matt@ucc.asn.au> parents: 968 diff changeset	420 }
939 a0819ecfee0b Make -K keepalive behave like OpenSSH's ServerAliveInterval Matt Johnston <matt@ucc.asn.au> parents: 929 diff changeset	421 buf_putbyte(ses.writepayload, 1); /* want_reply */
454 7e43f5e473b9 - Add -K keepalive flag for dropbear and dbclient Matt Johnston <matt@ucc.asn.au> parents: 452 diff changeset	422 encrypt_packet();
939 a0819ecfee0b Make -K keepalive behave like OpenSSH's ServerAliveInterval Matt Johnston <matt@ucc.asn.au> parents: 929 diff changeset	423
a0819ecfee0b Make -K keepalive behave like OpenSSH's ServerAliveInterval Matt Johnston <matt@ucc.asn.au> parents: 929 diff changeset	424 ses.last_packet_time_keepalive_sent = monotonic_now();
a0819ecfee0b Make -K keepalive behave like OpenSSH's ServerAliveInterval Matt Johnston <matt@ucc.asn.au> parents: 929 diff changeset	425
a0819ecfee0b Make -K keepalive behave like OpenSSH's ServerAliveInterval Matt Johnston <matt@ucc.asn.au> parents: 929 diff changeset	426 /* keepalives shouldn't update idle timeout, reset it back */
a0819ecfee0b Make -K keepalive behave like OpenSSH's ServerAliveInterval Matt Johnston <matt@ucc.asn.au> parents: 929 diff changeset	427 ses.last_packet_time_idle = old_time_idle;
454 7e43f5e473b9 - Add -K keepalive flag for dropbear and dbclient Matt Johnston <matt@ucc.asn.au> parents: 452 diff changeset	428 }
7e43f5e473b9 - Add -K keepalive flag for dropbear and dbclient Matt Johnston <matt@ucc.asn.au> parents: 452 diff changeset	429
26 0969767bca0d snapshot of stuff Matt Johnston <matt@ucc.asn.au> parents: 24 diff changeset	430 /* Check all timeouts which are required. Currently these are the time for
0969767bca0d snapshot of stuff Matt Johnston <matt@ucc.asn.au> parents: 24 diff changeset	431 * user authentication, and the automatic rekeying. */
0969767bca0d snapshot of stuff Matt Johnston <matt@ucc.asn.au> parents: 24 diff changeset	432 static void checktimeouts() {
0969767bca0d snapshot of stuff Matt Johnston <matt@ucc.asn.au> parents: 24 diff changeset	433
454 7e43f5e473b9 - Add -K keepalive flag for dropbear and dbclient Matt Johnston <matt@ucc.asn.au> parents: 452 diff changeset	434 time_t now;
928 7cd89d4e0335 Add new monotonic_now() wrapper so that timeouts are unaffected by Matt Johnston <matt@ucc.asn.au> parents: 927 diff changeset	435 now = monotonic_now();
26 0969767bca0d snapshot of stuff Matt Johnston <matt@ucc.asn.au> parents: 24 diff changeset	436
0969767bca0d snapshot of stuff Matt Johnston <matt@ucc.asn.au> parents: 24 diff changeset	437 /* we can't rekey if we haven't done remote ident exchange yet */
0969767bca0d snapshot of stuff Matt Johnston <matt@ucc.asn.au> parents: 24 diff changeset	438 if (ses.remoteident == NULL) {
0969767bca0d snapshot of stuff Matt Johnston <matt@ucc.asn.au> parents: 24 diff changeset	439 return;
0969767bca0d snapshot of stuff Matt Johnston <matt@ucc.asn.au> parents: 24 diff changeset	440 }
0969767bca0d snapshot of stuff Matt Johnston <matt@ucc.asn.au> parents: 24 diff changeset	441
0969767bca0d snapshot of stuff Matt Johnston <matt@ucc.asn.au> parents: 24 diff changeset	442 if (!ses.kexstate.sentkexinit
454 7e43f5e473b9 - Add -K keepalive flag for dropbear and dbclient Matt Johnston <matt@ucc.asn.au> parents: 452 diff changeset	443 && (now - ses.kexstate.lastkextime >= KEX_REKEY_TIMEOUT
7e43f5e473b9 - Add -K keepalive flag for dropbear and dbclient Matt Johnston <matt@ucc.asn.au> parents: 452 diff changeset	444 \|\| ses.kexstate.datarecv+ses.kexstate.datatrans >= KEX_REKEY_DATA)) {
165 0cfba3034be5 Fixed DEBUG_TRACE macro so that we don't get semicolons left about the place Matt Johnston <matt@ucc.asn.au> parents: 135 diff changeset	445 TRACE(("rekeying after timeout or max data reached"))
26 0969767bca0d snapshot of stuff Matt Johnston <matt@ucc.asn.au> parents: 24 diff changeset	446 send_msg_kexinit();
0969767bca0d snapshot of stuff Matt Johnston <matt@ucc.asn.au> parents: 24 diff changeset	447 }
454 7e43f5e473b9 - Add -K keepalive flag for dropbear and dbclient Matt Johnston <matt@ucc.asn.au> parents: 452 diff changeset	448
970 0bb16232e7c4 Make keepalive handling more robust, this should now match what OpenSSH does Matt Johnston <matt@ucc.asn.au> parents: 968 diff changeset	449 if (opts.keepalive_secs > 0 && ses.authstate.authdone) {
0bb16232e7c4 Make keepalive handling more robust, this should now match what OpenSSH does Matt Johnston <matt@ucc.asn.au> parents: 968 diff changeset	450 /* Avoid sending keepalives prior to auth - those are
0bb16232e7c4 Make keepalive handling more robust, this should now match what OpenSSH does Matt Johnston <matt@ucc.asn.au> parents: 968 diff changeset	451 not valid pre-auth packet types */
0bb16232e7c4 Make keepalive handling more robust, this should now match what OpenSSH does Matt Johnston <matt@ucc.asn.au> parents: 968 diff changeset	452
939 a0819ecfee0b Make -K keepalive behave like OpenSSH's ServerAliveInterval Matt Johnston <matt@ucc.asn.au> parents: 929 diff changeset	453 /* Send keepalives if we've been idle */
a0819ecfee0b Make -K keepalive behave like OpenSSH's ServerAliveInterval Matt Johnston <matt@ucc.asn.au> parents: 929 diff changeset	454 if (now - ses.last_packet_time_any_sent >= opts.keepalive_secs) {
a0819ecfee0b Make -K keepalive behave like OpenSSH's ServerAliveInterval Matt Johnston <matt@ucc.asn.au> parents: 929 diff changeset	455 send_msg_keepalive();
a0819ecfee0b Make -K keepalive behave like OpenSSH's ServerAliveInterval Matt Johnston <matt@ucc.asn.au> parents: 929 diff changeset	456 }
a0819ecfee0b Make -K keepalive behave like OpenSSH's ServerAliveInterval Matt Johnston <matt@ucc.asn.au> parents: 929 diff changeset	457
a0819ecfee0b Make -K keepalive behave like OpenSSH's ServerAliveInterval Matt Johnston <matt@ucc.asn.au> parents: 929 diff changeset	458 /* Also send an explicit keepalive message to trigger a response
a0819ecfee0b Make -K keepalive behave like OpenSSH's ServerAliveInterval Matt Johnston <matt@ucc.asn.au> parents: 929 diff changeset	459 if the remote end hasn't sent us anything */
a0819ecfee0b Make -K keepalive behave like OpenSSH's ServerAliveInterval Matt Johnston <matt@ucc.asn.au> parents: 929 diff changeset	460 if (now - ses.last_packet_time_keepalive_recv >= opts.keepalive_secs
a0819ecfee0b Make -K keepalive behave like OpenSSH's ServerAliveInterval Matt Johnston <matt@ucc.asn.au> parents: 929 diff changeset	461 && now - ses.last_packet_time_keepalive_sent >= opts.keepalive_secs) {
a0819ecfee0b Make -K keepalive behave like OpenSSH's ServerAliveInterval Matt Johnston <matt@ucc.asn.au> parents: 929 diff changeset	462 send_msg_keepalive();
a0819ecfee0b Make -K keepalive behave like OpenSSH's ServerAliveInterval Matt Johnston <matt@ucc.asn.au> parents: 929 diff changeset	463 }
a0819ecfee0b Make -K keepalive behave like OpenSSH's ServerAliveInterval Matt Johnston <matt@ucc.asn.au> parents: 929 diff changeset	464
a0819ecfee0b Make -K keepalive behave like OpenSSH's ServerAliveInterval Matt Johnston <matt@ucc.asn.au> parents: 929 diff changeset	465 if (now - ses.last_packet_time_keepalive_recv
a0819ecfee0b Make -K keepalive behave like OpenSSH's ServerAliveInterval Matt Johnston <matt@ucc.asn.au> parents: 929 diff changeset	466 >= opts.keepalive_secs * DEFAULT_KEEPALIVE_LIMIT) {
a0819ecfee0b Make -K keepalive behave like OpenSSH's ServerAliveInterval Matt Johnston <matt@ucc.asn.au> parents: 929 diff changeset	467 dropbear_exit("Keepalive timeout");
a0819ecfee0b Make -K keepalive behave like OpenSSH's ServerAliveInterval Matt Johnston <matt@ucc.asn.au> parents: 929 diff changeset	468 }
454 7e43f5e473b9 - Add -K keepalive flag for dropbear and dbclient Matt Johnston <matt@ucc.asn.au> parents: 452 diff changeset	469 }
513 a3748e54273c Idle timeout patch from Farrell Aultman. Needs testing, unsure if server Matt Johnston <matt@ucc.asn.au> parents: 502 diff changeset	470
939 a0819ecfee0b Make -K keepalive behave like OpenSSH's ServerAliveInterval Matt Johnston <matt@ucc.asn.au> parents: 929 diff changeset	471 if (opts.idle_timeout_secs > 0
a0819ecfee0b Make -K keepalive behave like OpenSSH's ServerAliveInterval Matt Johnston <matt@ucc.asn.au> parents: 929 diff changeset	472 && now - ses.last_packet_time_idle >= opts.idle_timeout_secs) {
513 a3748e54273c Idle timeout patch from Farrell Aultman. Needs testing, unsure if server Matt Johnston <matt@ucc.asn.au> parents: 502 diff changeset	473 dropbear_close("Idle timeout");
a3748e54273c Idle timeout patch from Farrell Aultman. Needs testing, unsure if server Matt Johnston <matt@ucc.asn.au> parents: 502 diff changeset	474 }
26 0969767bca0d snapshot of stuff Matt Johnston <matt@ucc.asn.au> parents: 24 diff changeset	475 }
0969767bca0d snapshot of stuff Matt Johnston <matt@ucc.asn.au> parents: 24 diff changeset	476
454 7e43f5e473b9 - Add -K keepalive flag for dropbear and dbclient Matt Johnston <matt@ucc.asn.au> parents: 452 diff changeset	477 static long select_timeout() {
7e43f5e473b9 - Add -K keepalive flag for dropbear and dbclient Matt Johnston <matt@ucc.asn.au> parents: 452 diff changeset	478 /* determine the minimum timeout that might be required, so
7e43f5e473b9 - Add -K keepalive flag for dropbear and dbclient Matt Johnston <matt@ucc.asn.au> parents: 452 diff changeset	479 as to avoid waking when unneccessary */
7e43f5e473b9 - Add -K keepalive flag for dropbear and dbclient Matt Johnston <matt@ucc.asn.au> parents: 452 diff changeset	480 long ret = LONG_MAX;
7e43f5e473b9 - Add -K keepalive flag for dropbear and dbclient Matt Johnston <matt@ucc.asn.au> parents: 452 diff changeset	481 if (KEX_REKEY_TIMEOUT > 0)
7e43f5e473b9 - Add -K keepalive flag for dropbear and dbclient Matt Johnston <matt@ucc.asn.au> parents: 452 diff changeset	482 ret = MIN(KEX_REKEY_TIMEOUT, ret);
926 b8208506322e Use AUTH_TIMEOUT only before authdone != 1. Yousong Zhou <yszhou4tech@gmail.com> parents: 896 diff changeset	483 /* AUTH_TIMEOUT is only relevant before authdone */
927 122fb3532038 Fix typo Matt Johnston <matt@ucc.asn.au> parents: 926 diff changeset	484 if (ses.authstate.authdone != 1 && AUTH_TIMEOUT > 0)
454 7e43f5e473b9 - Add -K keepalive flag for dropbear and dbclient Matt Johnston <matt@ucc.asn.au> parents: 452 diff changeset	485 ret = MIN(AUTH_TIMEOUT, ret);
7e43f5e473b9 - Add -K keepalive flag for dropbear and dbclient Matt Johnston <matt@ucc.asn.au> parents: 452 diff changeset	486 if (opts.keepalive_secs > 0)
7e43f5e473b9 - Add -K keepalive flag for dropbear and dbclient Matt Johnston <matt@ucc.asn.au> parents: 452 diff changeset	487 ret = MIN(opts.keepalive_secs, ret);
926 b8208506322e Use AUTH_TIMEOUT only before authdone != 1. Yousong Zhou <yszhou4tech@gmail.com> parents: 896 diff changeset	488 if (opts.idle_timeout_secs > 0)
b8208506322e Use AUTH_TIMEOUT only before authdone != 1. Yousong Zhou <yszhou4tech@gmail.com> parents: 896 diff changeset	489 ret = MIN(opts.idle_timeout_secs, ret);
454 7e43f5e473b9 - Add -K keepalive flag for dropbear and dbclient Matt Johnston <matt@ucc.asn.au> parents: 452 diff changeset	490 return ret;
7e43f5e473b9 - Add -K keepalive flag for dropbear and dbclient Matt Johnston <matt@ucc.asn.au> parents: 452 diff changeset	491 }
482 7ad49f34a122 - Add run_shell_command() function to run a "sh -c" command, handling Matt Johnston <matt@ucc.asn.au> parents: 479 diff changeset	492
7ad49f34a122 - Add run_shell_command() function to run a "sh -c" command, handling Matt Johnston <matt@ucc.asn.au> parents: 479 diff changeset	493 const char* get_user_shell() {
7ad49f34a122 - Add run_shell_command() function to run a "sh -c" command, handling Matt Johnston <matt@ucc.asn.au> parents: 479 diff changeset	494 /* an empty shell should be interpreted as "/bin/sh" */
7ad49f34a122 - Add run_shell_command() function to run a "sh -c" command, handling Matt Johnston <matt@ucc.asn.au> parents: 479 diff changeset	495 if (ses.authstate.pw_shell[0] == '\0') {
7ad49f34a122 - Add run_shell_command() function to run a "sh -c" command, handling Matt Johnston <matt@ucc.asn.au> parents: 479 diff changeset	496 return "/bin/sh";
7ad49f34a122 - Add run_shell_command() function to run a "sh -c" command, handling Matt Johnston <matt@ucc.asn.au> parents: 479 diff changeset	497 } else {
7ad49f34a122 - Add run_shell_command() function to run a "sh -c" command, handling Matt Johnston <matt@ucc.asn.au> parents: 479 diff changeset	498 return ses.authstate.pw_shell;
7ad49f34a122 - Add run_shell_command() function to run a "sh -c" command, handling Matt Johnston <matt@ucc.asn.au> parents: 479 diff changeset	499 }
7ad49f34a122 - Add run_shell_command() function to run a "sh -c" command, handling Matt Johnston <matt@ucc.asn.au> parents: 479 diff changeset	500 }
483 738313e73b1c - "-J 'nc localhost 22'" kind of works, needs fixing hostkeys, ptys etc. Matt Johnston <matt@ucc.asn.au> parents: 482 diff changeset	501 void fill_passwd(const char* username) {
738313e73b1c - "-J 'nc localhost 22'" kind of works, needs fixing hostkeys, ptys etc. Matt Johnston <matt@ucc.asn.au> parents: 482 diff changeset	502 struct passwd *pw = NULL;
738313e73b1c - "-J 'nc localhost 22'" kind of works, needs fixing hostkeys, ptys etc. Matt Johnston <matt@ucc.asn.au> parents: 482 diff changeset	503 if (ses.authstate.pw_name)
738313e73b1c - "-J 'nc localhost 22'" kind of works, needs fixing hostkeys, ptys etc. Matt Johnston <matt@ucc.asn.au> parents: 482 diff changeset	504 m_free(ses.authstate.pw_name);
738313e73b1c - "-J 'nc localhost 22'" kind of works, needs fixing hostkeys, ptys etc. Matt Johnston <matt@ucc.asn.au> parents: 482 diff changeset	505 if (ses.authstate.pw_dir)
738313e73b1c - "-J 'nc localhost 22'" kind of works, needs fixing hostkeys, ptys etc. Matt Johnston <matt@ucc.asn.au> parents: 482 diff changeset	506 m_free(ses.authstate.pw_dir);
738313e73b1c - "-J 'nc localhost 22'" kind of works, needs fixing hostkeys, ptys etc. Matt Johnston <matt@ucc.asn.au> parents: 482 diff changeset	507 if (ses.authstate.pw_shell)
738313e73b1c - "-J 'nc localhost 22'" kind of works, needs fixing hostkeys, ptys etc. Matt Johnston <matt@ucc.asn.au> parents: 482 diff changeset	508 m_free(ses.authstate.pw_shell);
738313e73b1c - "-J 'nc localhost 22'" kind of works, needs fixing hostkeys, ptys etc. Matt Johnston <matt@ucc.asn.au> parents: 482 diff changeset	509 if (ses.authstate.pw_passwd)
738313e73b1c - "-J 'nc localhost 22'" kind of works, needs fixing hostkeys, ptys etc. Matt Johnston <matt@ucc.asn.au> parents: 482 diff changeset	510 m_free(ses.authstate.pw_passwd);
738313e73b1c - "-J 'nc localhost 22'" kind of works, needs fixing hostkeys, ptys etc. Matt Johnston <matt@ucc.asn.au> parents: 482 diff changeset	511
738313e73b1c - "-J 'nc localhost 22'" kind of works, needs fixing hostkeys, ptys etc. Matt Johnston <matt@ucc.asn.au> parents: 482 diff changeset	512 pw = getpwnam(username);
738313e73b1c - "-J 'nc localhost 22'" kind of works, needs fixing hostkeys, ptys etc. Matt Johnston <matt@ucc.asn.au> parents: 482 diff changeset	513 if (!pw) {
738313e73b1c - "-J 'nc localhost 22'" kind of works, needs fixing hostkeys, ptys etc. Matt Johnston <matt@ucc.asn.au> parents: 482 diff changeset	514 return;
738313e73b1c - "-J 'nc localhost 22'" kind of works, needs fixing hostkeys, ptys etc. Matt Johnston <matt@ucc.asn.au> parents: 482 diff changeset	515 }
738313e73b1c - "-J 'nc localhost 22'" kind of works, needs fixing hostkeys, ptys etc. Matt Johnston <matt@ucc.asn.au> parents: 482 diff changeset	516 ses.authstate.pw_uid = pw->pw_uid;
738313e73b1c - "-J 'nc localhost 22'" kind of works, needs fixing hostkeys, ptys etc. Matt Johnston <matt@ucc.asn.au> parents: 482 diff changeset	517 ses.authstate.pw_gid = pw->pw_gid;
738313e73b1c - "-J 'nc localhost 22'" kind of works, needs fixing hostkeys, ptys etc. Matt Johnston <matt@ucc.asn.au> parents: 482 diff changeset	518 ses.authstate.pw_name = m_strdup(pw->pw_name);
738313e73b1c - "-J 'nc localhost 22'" kind of works, needs fixing hostkeys, ptys etc. Matt Johnston <matt@ucc.asn.au> parents: 482 diff changeset	519 ses.authstate.pw_dir = m_strdup(pw->pw_dir);
738313e73b1c - "-J 'nc localhost 22'" kind of works, needs fixing hostkeys, ptys etc. Matt Johnston <matt@ucc.asn.au> parents: 482 diff changeset	520 ses.authstate.pw_shell = m_strdup(pw->pw_shell);
676 0edf08895a33 Return immediate success for blank passwords if allowed Matt Johnston <matt@ucc.asn.au> parents: 594 diff changeset	521 {
0edf08895a33 Return immediate success for blank passwords if allowed Matt Johnston <matt@ucc.asn.au> parents: 594 diff changeset	522 char *passwd_crypt = pw->pw_passwd;
0edf08895a33 Return immediate success for blank passwords if allowed Matt Johnston <matt@ucc.asn.au> parents: 594 diff changeset	523 #ifdef HAVE_SHADOW_H
0edf08895a33 Return immediate success for blank passwords if allowed Matt Johnston <matt@ucc.asn.au> parents: 594 diff changeset	524 /* get the shadow password if possible */
0edf08895a33 Return immediate success for blank passwords if allowed Matt Johnston <matt@ucc.asn.au> parents: 594 diff changeset	525 struct spwd *spasswd = getspnam(ses.authstate.pw_name);
0edf08895a33 Return immediate success for blank passwords if allowed Matt Johnston <matt@ucc.asn.au> parents: 594 diff changeset	526 if (spasswd && spasswd->sp_pwdp) {
0edf08895a33 Return immediate success for blank passwords if allowed Matt Johnston <matt@ucc.asn.au> parents: 594 diff changeset	527 passwd_crypt = spasswd->sp_pwdp;
0edf08895a33 Return immediate success for blank passwords if allowed Matt Johnston <matt@ucc.asn.au> parents: 594 diff changeset	528 }
0edf08895a33 Return immediate success for blank passwords if allowed Matt Johnston <matt@ucc.asn.au> parents: 594 diff changeset	529 #endif
705 2e573f39b88e Android returns NULL for pw_crypt, set it to something else Matt Johnston <matt@ucc.asn.au> parents: 676 diff changeset	530 if (!passwd_crypt) {
2e573f39b88e Android returns NULL for pw_crypt, set it to something else Matt Johnston <matt@ucc.asn.au> parents: 676 diff changeset	531 /* android supposedly returns NULL */
2e573f39b88e Android returns NULL for pw_crypt, set it to something else Matt Johnston <matt@ucc.asn.au> parents: 676 diff changeset	532 passwd_crypt = "!!";
2e573f39b88e Android returns NULL for pw_crypt, set it to something else Matt Johnston <matt@ucc.asn.au> parents: 676 diff changeset	533 }
676 0edf08895a33 Return immediate success for blank passwords if allowed Matt Johnston <matt@ucc.asn.au> parents: 594 diff changeset	534 ses.authstate.pw_passwd = m_strdup(passwd_crypt);
0edf08895a33 Return immediate success for blank passwords if allowed Matt Johnston <matt@ucc.asn.au> parents: 594 diff changeset	535 }
483 738313e73b1c - "-J 'nc localhost 22'" kind of works, needs fixing hostkeys, ptys etc. Matt Johnston <matt@ucc.asn.au> parents: 482 diff changeset	536 }
738313e73b1c - "-J 'nc localhost 22'" kind of works, needs fixing hostkeys, ptys etc. Matt Johnston <matt@ucc.asn.au> parents: 482 diff changeset	537
941 5daedffd0769 Set tcp priority as follows: Matt Johnston <matt@ucc.asn.au> parents: 940 diff changeset	538 /* Called when channels are modified */
5daedffd0769 Set tcp priority as follows: Matt Johnston <matt@ucc.asn.au> parents: 940 diff changeset	539 void update_channel_prio() {
5daedffd0769 Set tcp priority as follows: Matt Johnston <matt@ucc.asn.au> parents: 940 diff changeset	540 enum dropbear_prio new_prio;
5daedffd0769 Set tcp priority as follows: Matt Johnston <matt@ucc.asn.au> parents: 940 diff changeset	541 int any = 0;
5daedffd0769 Set tcp priority as follows: Matt Johnston <matt@ucc.asn.au> parents: 940 diff changeset	542 unsigned int i;
5daedffd0769 Set tcp priority as follows: Matt Johnston <matt@ucc.asn.au> parents: 940 diff changeset	543
5daedffd0769 Set tcp priority as follows: Matt Johnston <matt@ucc.asn.au> parents: 940 diff changeset	544 TRACE(("update_channel_prio"))
5daedffd0769 Set tcp priority as follows: Matt Johnston <matt@ucc.asn.au> parents: 940 diff changeset	545
5daedffd0769 Set tcp priority as follows: Matt Johnston <matt@ucc.asn.au> parents: 940 diff changeset	546 new_prio = DROPBEAR_PRIO_BULK;
5daedffd0769 Set tcp priority as follows: Matt Johnston <matt@ucc.asn.au> parents: 940 diff changeset	547 for (i = 0; i < ses.chansize; i++) {
5daedffd0769 Set tcp priority as follows: Matt Johnston <matt@ucc.asn.au> parents: 940 diff changeset	548 struct Channel *channel = ses.channels[i];
5daedffd0769 Set tcp priority as follows: Matt Johnston <matt@ucc.asn.au> parents: 940 diff changeset	549 if (!channel \|\| channel->prio == DROPBEAR_CHANNEL_PRIO_EARLY) {
5daedffd0769 Set tcp priority as follows: Matt Johnston <matt@ucc.asn.au> parents: 940 diff changeset	550 if (channel && channel->prio == DROPBEAR_CHANNEL_PRIO_EARLY) {
5daedffd0769 Set tcp priority as follows: Matt Johnston <matt@ucc.asn.au> parents: 940 diff changeset	551 TRACE(("update_channel_prio: early %d", channel->index))
5daedffd0769 Set tcp priority as follows: Matt Johnston <matt@ucc.asn.au> parents: 940 diff changeset	552 }
5daedffd0769 Set tcp priority as follows: Matt Johnston <matt@ucc.asn.au> parents: 940 diff changeset	553 continue;
5daedffd0769 Set tcp priority as follows: Matt Johnston <matt@ucc.asn.au> parents: 940 diff changeset	554 }
5daedffd0769 Set tcp priority as follows: Matt Johnston <matt@ucc.asn.au> parents: 940 diff changeset	555 any = 1;
5daedffd0769 Set tcp priority as follows: Matt Johnston <matt@ucc.asn.au> parents: 940 diff changeset	556 if (channel->prio == DROPBEAR_CHANNEL_PRIO_INTERACTIVE)
5daedffd0769 Set tcp priority as follows: Matt Johnston <matt@ucc.asn.au> parents: 940 diff changeset	557 {
5daedffd0769 Set tcp priority as follows: Matt Johnston <matt@ucc.asn.au> parents: 940 diff changeset	558 TRACE(("update_channel_prio: lowdelay %d", channel->index))
5daedffd0769 Set tcp priority as follows: Matt Johnston <matt@ucc.asn.au> parents: 940 diff changeset	559 new_prio = DROPBEAR_PRIO_LOWDELAY;
5daedffd0769 Set tcp priority as follows: Matt Johnston <matt@ucc.asn.au> parents: 940 diff changeset	560 break;
5daedffd0769 Set tcp priority as follows: Matt Johnston <matt@ucc.asn.au> parents: 940 diff changeset	561 } else if (channel->prio == DROPBEAR_CHANNEL_PRIO_UNKNOWABLE
5daedffd0769 Set tcp priority as follows: Matt Johnston <matt@ucc.asn.au> parents: 940 diff changeset	562 && new_prio == DROPBEAR_PRIO_BULK)
5daedffd0769 Set tcp priority as follows: Matt Johnston <matt@ucc.asn.au> parents: 940 diff changeset	563 {
5daedffd0769 Set tcp priority as follows: Matt Johnston <matt@ucc.asn.au> parents: 940 diff changeset	564 TRACE(("update_channel_prio: unknowable %d", channel->index))
5daedffd0769 Set tcp priority as follows: Matt Johnston <matt@ucc.asn.au> parents: 940 diff changeset	565 new_prio = DROPBEAR_PRIO_DEFAULT;
5daedffd0769 Set tcp priority as follows: Matt Johnston <matt@ucc.asn.au> parents: 940 diff changeset	566 }
5daedffd0769 Set tcp priority as follows: Matt Johnston <matt@ucc.asn.au> parents: 940 diff changeset	567 }
5daedffd0769 Set tcp priority as follows: Matt Johnston <matt@ucc.asn.au> parents: 940 diff changeset	568
5daedffd0769 Set tcp priority as follows: Matt Johnston <matt@ucc.asn.au> parents: 940 diff changeset	569 if (any == 0) {
5daedffd0769 Set tcp priority as follows: Matt Johnston <matt@ucc.asn.au> parents: 940 diff changeset	570 /* lowdelay during setup */
5daedffd0769 Set tcp priority as follows: Matt Johnston <matt@ucc.asn.au> parents: 940 diff changeset	571 TRACE(("update_channel_prio: not any"))
5daedffd0769 Set tcp priority as follows: Matt Johnston <matt@ucc.asn.au> parents: 940 diff changeset	572 new_prio = DROPBEAR_PRIO_LOWDELAY;
5daedffd0769 Set tcp priority as follows: Matt Johnston <matt@ucc.asn.au> parents: 940 diff changeset	573 }
5daedffd0769 Set tcp priority as follows: Matt Johnston <matt@ucc.asn.au> parents: 940 diff changeset	574
5daedffd0769 Set tcp priority as follows: Matt Johnston <matt@ucc.asn.au> parents: 940 diff changeset	575 if (new_prio != ses.socket_prio) {
5daedffd0769 Set tcp priority as follows: Matt Johnston <matt@ucc.asn.au> parents: 940 diff changeset	576 TRACE(("Dropbear priority transitioning %4.4s -> %4.4s", (char)&ses.socket_prio, (char)&new_prio))
5daedffd0769 Set tcp priority as follows: Matt Johnston <matt@ucc.asn.au> parents: 940 diff changeset	577 set_sock_priority(ses.sock_out, new_prio);
5daedffd0769 Set tcp priority as follows: Matt Johnston <matt@ucc.asn.au> parents: 940 diff changeset	578 ses.socket_prio = new_prio;
5daedffd0769 Set tcp priority as follows: Matt Johnston <matt@ucc.asn.au> parents: 940 diff changeset	579 }
5daedffd0769 Set tcp priority as follows: Matt Johnston <matt@ucc.asn.au> parents: 940 diff changeset	580 }
5daedffd0769 Set tcp priority as follows: Matt Johnston <matt@ucc.asn.au> parents: 940 diff changeset	581

Mercurial > dropbear

annotate common-session.c @ 994:5c5ade336926