Mercurial > dropbear
annotate agentfwd.h @ 1665:7c17995bcdfb
Improve address logging on early exit messages (#83)
Change 'Early exit' and 'Exit before auth' messages to include the IP
address & port as part of the message.
This allows log scanning utilities such as 'fail2ban' to obtain the
offending IP address as part of the failure event instead of extracting
the PID from the message and then scanning the log again for match
'child connection from' messages
Signed-off-by: Kevin Darbyshire-Bryant <[email protected]>
| author | Kevin Darbyshire-Bryant <6500011+ldir-EDB0@users.noreply.github.com> |
|---|---|
| date | Wed, 18 Mar 2020 15:28:56 +0000 |
| parents | 06d52bcb8094 |
| children | a53e7d2d60be |
| rev | line source |
|---|---|
|
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
1 /* |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
2 * Dropbear - a SSH2 server |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
3 * |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
4 * Copyright (c) 2002,2003 Matt Johnston |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
5 * All rights reserved. |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
6 * |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
7 * Permission is hereby granted, free of charge, to any person obtaining a copy |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
8 * of this software and associated documentation files (the "Software"), to deal |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
9 * in the Software without restriction, including without limitation the rights |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
10 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
11 * copies of the Software, and to permit persons to whom the Software is |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
12 * furnished to do so, subject to the following conditions: |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
13 * |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
14 * The above copyright notice and this permission notice shall be included in |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
15 * all copies or substantial portions of the Software. |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
16 * |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
17 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
18 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
19 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
20 * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
21 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
22 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
23 * SOFTWARE. */ |
|
1036
deed0571cacc
DROPBEAR_ prefix for include guards to avoid collisions
Thorsten Horstmann <thorsten.horstmann@web.de>
parents:
760
diff
changeset
|
24 #ifndef DROPBEAR_AGENTFWD_H_ |
|
deed0571cacc
DROPBEAR_ prefix for include guards to avoid collisions
Thorsten Horstmann <thorsten.horstmann@web.de>
parents:
760
diff
changeset
|
25 #define DROPBEAR_AGENTFWD_H_ |
|
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
26 |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
27 #include "includes.h" |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
28 #include "chansession.h" |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
29 #include "channel.h" |
|
547
cf376c696dfc
Make it compile, update for changes in channel structure.
Matt Johnston <matt@ucc.asn.au>
parents:
225
diff
changeset
|
30 #include "auth.h" |
|
551
c3f2ec71e3d4
New standard linked list to use, rather than adhoc SignKeyList or TCPFwdList
Matt Johnston <matt@ucc.asn.au>
parents:
550
diff
changeset
|
31 #include "list.h" |
|
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
32 |
|
1295
750ec4ec4cbe
Convert #ifdef to #if, other build changes
Matt Johnston <matt@ucc.asn.au>
parents:
1036
diff
changeset
|
33 #if DROPBEAR_CLI_AGENTFWD |
|
668
405418f7dc5e
Fixed compilation with unset ENABLE_{SVR,CLI}_AGENTFWD.
Andrey Mazo <ahippo@yandex.ru>
parents:
560
diff
changeset
|
34 |
|
225
ca7e76d981d9
- progress towards client agent forwarding
Matt Johnston <matt@ucc.asn.au>
parents:
11
diff
changeset
|
35 /* An agent reply can be reasonably large, as it can |
|
ca7e76d981d9
- progress towards client agent forwarding
Matt Johnston <matt@ucc.asn.au>
parents:
11
diff
changeset
|
36 * contain a list of all public keys held by the agent. |
|
ca7e76d981d9
- progress towards client agent forwarding
Matt Johnston <matt@ucc.asn.au>
parents:
11
diff
changeset
|
37 * 10000 is arbitrary */ |
|
ca7e76d981d9
- progress towards client agent forwarding
Matt Johnston <matt@ucc.asn.au>
parents:
11
diff
changeset
|
38 #define MAX_AGENT_REPLY 10000 |
|
ca7e76d981d9
- progress towards client agent forwarding
Matt Johnston <matt@ucc.asn.au>
parents:
11
diff
changeset
|
39 |
|
551
c3f2ec71e3d4
New standard linked list to use, rather than adhoc SignKeyList or TCPFwdList
Matt Johnston <matt@ucc.asn.au>
parents:
550
diff
changeset
|
40 /* client functions */ |
| 560 | 41 void cli_load_agent_keys(m_list * ret_list); |
|
551
c3f2ec71e3d4
New standard linked list to use, rather than adhoc SignKeyList or TCPFwdList
Matt Johnston <matt@ucc.asn.au>
parents:
550
diff
changeset
|
42 void agent_buf_sign(buffer *sigblob, sign_key *key, |
|
1459
06d52bcb8094
Pointer parameter could be declared as pointing to const
Francois Perrad <francois.perrad@gadz.org>
parents:
1295
diff
changeset
|
43 const buffer *data_buf); |
|
06d52bcb8094
Pointer parameter could be declared as pointing to const
Francois Perrad <francois.perrad@gadz.org>
parents:
1295
diff
changeset
|
44 void cli_setup_agent(const struct Channel *channel); |
| 560 | 45 |
|
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
46 #ifdef __hpux |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
47 #define seteuid(a) setresuid(-1, (a), -1) |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
48 #define setegid(a) setresgid(-1, (a), -1) |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
49 #endif |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
50 |
|
547
cf376c696dfc
Make it compile, update for changes in channel structure.
Matt Johnston <matt@ucc.asn.au>
parents:
225
diff
changeset
|
51 extern const struct ChanType cli_chan_agent; |
|
225
ca7e76d981d9
- progress towards client agent forwarding
Matt Johnston <matt@ucc.asn.au>
parents:
11
diff
changeset
|
52 |
|
1295
750ec4ec4cbe
Convert #ifdef to #if, other build changes
Matt Johnston <matt@ucc.asn.au>
parents:
1036
diff
changeset
|
53 #endif /* DROPBEAR_CLI_AGENTFWD */ |
|
668
405418f7dc5e
Fixed compilation with unset ENABLE_{SVR,CLI}_AGENTFWD.
Andrey Mazo <ahippo@yandex.ru>
parents:
560
diff
changeset
|
54 |
|
1295
750ec4ec4cbe
Convert #ifdef to #if, other build changes
Matt Johnston <matt@ucc.asn.au>
parents:
1036
diff
changeset
|
55 #if DROPBEAR_SVR_AGENTFWD |
|
668
405418f7dc5e
Fixed compilation with unset ENABLE_{SVR,CLI}_AGENTFWD.
Andrey Mazo <ahippo@yandex.ru>
parents:
560
diff
changeset
|
56 |
|
405418f7dc5e
Fixed compilation with unset ENABLE_{SVR,CLI}_AGENTFWD.
Andrey Mazo <ahippo@yandex.ru>
parents:
560
diff
changeset
|
57 int svr_agentreq(struct ChanSess * chansess); |
|
405418f7dc5e
Fixed compilation with unset ENABLE_{SVR,CLI}_AGENTFWD.
Andrey Mazo <ahippo@yandex.ru>
parents:
560
diff
changeset
|
58 void svr_agentcleanup(struct ChanSess * chansess); |
|
1459
06d52bcb8094
Pointer parameter could be declared as pointing to const
Francois Perrad <francois.perrad@gadz.org>
parents:
1295
diff
changeset
|
59 void svr_agentset(const struct ChanSess *chansess); |
|
668
405418f7dc5e
Fixed compilation with unset ENABLE_{SVR,CLI}_AGENTFWD.
Andrey Mazo <ahippo@yandex.ru>
parents:
560
diff
changeset
|
60 |
|
1295
750ec4ec4cbe
Convert #ifdef to #if, other build changes
Matt Johnston <matt@ucc.asn.au>
parents:
1036
diff
changeset
|
61 #endif /* DROPBEAR_SVR_AGENTFWD */ |
|
668
405418f7dc5e
Fixed compilation with unset ENABLE_{SVR,CLI}_AGENTFWD.
Andrey Mazo <ahippo@yandex.ru>
parents:
560
diff
changeset
|
62 |
|
1036
deed0571cacc
DROPBEAR_ prefix for include guards to avoid collisions
Thorsten Horstmann <thorsten.horstmann@web.de>
parents:
760
diff
changeset
|
63 #endif /* DROPBEAR_AGENTFWD_H_ */ |