Mercurial > dropbear
annotate cli-session.c @ 795:7f604f9b3756 ecc
ecdsa is working
| author | Matt Johnston <matt@ucc.asn.au> |
|---|---|
| date | Fri, 03 May 2013 23:07:48 +0800 |
| parents | d1575fdc29a6 |
| children | 7dcb46da72d9 |
| rev | line source |
|---|---|
|
74
e3adf4cf5465
License boilerplate etc, add Mihnea as an author to some of the files
Matt Johnston <matt@ucc.asn.au>
parents:
68
diff
changeset
|
1 /* |
|
e3adf4cf5465
License boilerplate etc, add Mihnea as an author to some of the files
Matt Johnston <matt@ucc.asn.au>
parents:
68
diff
changeset
|
2 * Dropbear SSH |
|
e3adf4cf5465
License boilerplate etc, add Mihnea as an author to some of the files
Matt Johnston <matt@ucc.asn.au>
parents:
68
diff
changeset
|
3 * |
|
e3adf4cf5465
License boilerplate etc, add Mihnea as an author to some of the files
Matt Johnston <matt@ucc.asn.au>
parents:
68
diff
changeset
|
4 * Copyright (c) 2002,2003 Matt Johnston |
|
e3adf4cf5465
License boilerplate etc, add Mihnea as an author to some of the files
Matt Johnston <matt@ucc.asn.au>
parents:
68
diff
changeset
|
5 * Copyright (c) 2004 by Mihnea Stoenescu |
|
e3adf4cf5465
License boilerplate etc, add Mihnea as an author to some of the files
Matt Johnston <matt@ucc.asn.au>
parents:
68
diff
changeset
|
6 * All rights reserved. |
|
e3adf4cf5465
License boilerplate etc, add Mihnea as an author to some of the files
Matt Johnston <matt@ucc.asn.au>
parents:
68
diff
changeset
|
7 * |
|
e3adf4cf5465
License boilerplate etc, add Mihnea as an author to some of the files
Matt Johnston <matt@ucc.asn.au>
parents:
68
diff
changeset
|
8 * Permission is hereby granted, free of charge, to any person obtaining a copy |
|
e3adf4cf5465
License boilerplate etc, add Mihnea as an author to some of the files
Matt Johnston <matt@ucc.asn.au>
parents:
68
diff
changeset
|
9 * of this software and associated documentation files (the "Software"), to deal |
|
e3adf4cf5465
License boilerplate etc, add Mihnea as an author to some of the files
Matt Johnston <matt@ucc.asn.au>
parents:
68
diff
changeset
|
10 * in the Software without restriction, including without limitation the rights |
|
e3adf4cf5465
License boilerplate etc, add Mihnea as an author to some of the files
Matt Johnston <matt@ucc.asn.au>
parents:
68
diff
changeset
|
11 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell |
|
e3adf4cf5465
License boilerplate etc, add Mihnea as an author to some of the files
Matt Johnston <matt@ucc.asn.au>
parents:
68
diff
changeset
|
12 * copies of the Software, and to permit persons to whom the Software is |
|
e3adf4cf5465
License boilerplate etc, add Mihnea as an author to some of the files
Matt Johnston <matt@ucc.asn.au>
parents:
68
diff
changeset
|
13 * furnished to do so, subject to the following conditions: |
|
e3adf4cf5465
License boilerplate etc, add Mihnea as an author to some of the files
Matt Johnston <matt@ucc.asn.au>
parents:
68
diff
changeset
|
14 * |
|
e3adf4cf5465
License boilerplate etc, add Mihnea as an author to some of the files
Matt Johnston <matt@ucc.asn.au>
parents:
68
diff
changeset
|
15 * The above copyright notice and this permission notice shall be included in |
|
e3adf4cf5465
License boilerplate etc, add Mihnea as an author to some of the files
Matt Johnston <matt@ucc.asn.au>
parents:
68
diff
changeset
|
16 * all copies or substantial portions of the Software. |
|
e3adf4cf5465
License boilerplate etc, add Mihnea as an author to some of the files
Matt Johnston <matt@ucc.asn.au>
parents:
68
diff
changeset
|
17 * |
|
e3adf4cf5465
License boilerplate etc, add Mihnea as an author to some of the files
Matt Johnston <matt@ucc.asn.au>
parents:
68
diff
changeset
|
18 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR |
|
e3adf4cf5465
License boilerplate etc, add Mihnea as an author to some of the files
Matt Johnston <matt@ucc.asn.au>
parents:
68
diff
changeset
|
19 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, |
|
e3adf4cf5465
License boilerplate etc, add Mihnea as an author to some of the files
Matt Johnston <matt@ucc.asn.au>
parents:
68
diff
changeset
|
20 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE |
|
e3adf4cf5465
License boilerplate etc, add Mihnea as an author to some of the files
Matt Johnston <matt@ucc.asn.au>
parents:
68
diff
changeset
|
21 * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER |
|
e3adf4cf5465
License boilerplate etc, add Mihnea as an author to some of the files
Matt Johnston <matt@ucc.asn.au>
parents:
68
diff
changeset
|
22 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, |
|
e3adf4cf5465
License boilerplate etc, add Mihnea as an author to some of the files
Matt Johnston <matt@ucc.asn.au>
parents:
68
diff
changeset
|
23 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE |
|
e3adf4cf5465
License boilerplate etc, add Mihnea as an author to some of the files
Matt Johnston <matt@ucc.asn.au>
parents:
68
diff
changeset
|
24 * SOFTWARE. */ |
|
e3adf4cf5465
License boilerplate etc, add Mihnea as an author to some of the files
Matt Johnston <matt@ucc.asn.au>
parents:
68
diff
changeset
|
25 |
| 26 | 26 #include "includes.h" |
| 27 #include "session.h" | |
| 28 #include "dbutil.h" | |
| 29 #include "kex.h" | |
| 30 #include "ssh.h" | |
| 31 #include "packet.h" | |
| 64 | 32 #include "tcpfwd.h" |
| 26 | 33 #include "channel.h" |
| 34 #include "random.h" | |
| 33 | 35 #include "service.h" |
|
40
b4874d772210
- Added terminal mode handling etc for the client, and window change
Matt Johnston <matt@ucc.asn.au>
parents:
39
diff
changeset
|
36 #include "runopts.h" |
|
b4874d772210
- Added terminal mode handling etc for the client, and window change
Matt Johnston <matt@ucc.asn.au>
parents:
39
diff
changeset
|
37 #include "chansession.h" |
|
547
cf376c696dfc
Make it compile, update for changes in channel structure.
Matt Johnston <matt@ucc.asn.au>
parents:
546
diff
changeset
|
38 #include "agentfwd.h" |
| 766 | 39 #include "crypto_desc.h" |
| 26 | 40 |
| 41 static void cli_remoteclosed(); | |
| 42 static void cli_sessionloop(); | |
| 33 | 43 static void cli_session_init(); |
|
40
b4874d772210
- Added terminal mode handling etc for the client, and window change
Matt Johnston <matt@ucc.asn.au>
parents:
39
diff
changeset
|
44 static void cli_finished(); |
| 26 | 45 |
| 46 struct clientsession cli_ses; /* GLOBAL */ | |
| 47 | |
|
45
9ee8996a375f
Pubkey auth is mostly there for the client. Something strange with
Matt Johnston <matt@ucc.asn.au>
parents:
43
diff
changeset
|
48 /* Sorted in decreasing frequency will be more efficient - data and window |
|
9ee8996a375f
Pubkey auth is mostly there for the client. Something strange with
Matt Johnston <matt@ucc.asn.au>
parents:
43
diff
changeset
|
49 * should be first */ |
| 26 | 50 static const packettype cli_packettypes[] = { |
|
74
e3adf4cf5465
License boilerplate etc, add Mihnea as an author to some of the files
Matt Johnston <matt@ucc.asn.au>
parents:
68
diff
changeset
|
51 /* TYPE, FUNCTION */ |
| 26 | 52 {SSH_MSG_CHANNEL_DATA, recv_msg_channel_data}, |
| 107 | 53 {SSH_MSG_CHANNEL_EXTENDED_DATA, recv_msg_channel_extended_data}, |
| 26 | 54 {SSH_MSG_CHANNEL_WINDOW_ADJUST, recv_msg_channel_window_adjust}, |
|
45
9ee8996a375f
Pubkey auth is mostly there for the client. Something strange with
Matt Johnston <matt@ucc.asn.au>
parents:
43
diff
changeset
|
55 {SSH_MSG_USERAUTH_FAILURE, recv_msg_userauth_failure}, /* client */ |
|
9ee8996a375f
Pubkey auth is mostly there for the client. Something strange with
Matt Johnston <matt@ucc.asn.au>
parents:
43
diff
changeset
|
56 {SSH_MSG_USERAUTH_SUCCESS, recv_msg_userauth_success}, /* client */ |
|
9ee8996a375f
Pubkey auth is mostly there for the client. Something strange with
Matt Johnston <matt@ucc.asn.au>
parents:
43
diff
changeset
|
57 {SSH_MSG_KEXINIT, recv_msg_kexinit}, |
|
9ee8996a375f
Pubkey auth is mostly there for the client. Something strange with
Matt Johnston <matt@ucc.asn.au>
parents:
43
diff
changeset
|
58 {SSH_MSG_KEXDH_REPLY, recv_msg_kexdh_reply}, /* client */ |
|
9ee8996a375f
Pubkey auth is mostly there for the client. Something strange with
Matt Johnston <matt@ucc.asn.au>
parents:
43
diff
changeset
|
59 {SSH_MSG_NEWKEYS, recv_msg_newkeys}, |
|
9ee8996a375f
Pubkey auth is mostly there for the client. Something strange with
Matt Johnston <matt@ucc.asn.au>
parents:
43
diff
changeset
|
60 {SSH_MSG_SERVICE_ACCEPT, recv_msg_service_accept}, /* client */ |
| 26 | 61 {SSH_MSG_CHANNEL_REQUEST, recv_msg_channel_request}, |
| 62 {SSH_MSG_CHANNEL_OPEN, recv_msg_channel_open}, | |
| 63 {SSH_MSG_CHANNEL_EOF, recv_msg_channel_eof}, | |
| 64 {SSH_MSG_CHANNEL_CLOSE, recv_msg_channel_close}, | |
| 65 {SSH_MSG_CHANNEL_OPEN_CONFIRMATION, recv_msg_channel_open_confirmation}, | |
| 66 {SSH_MSG_CHANNEL_OPEN_FAILURE, recv_msg_channel_open_failure}, | |
|
45
9ee8996a375f
Pubkey auth is mostly there for the client. Something strange with
Matt Johnston <matt@ucc.asn.au>
parents:
43
diff
changeset
|
67 {SSH_MSG_USERAUTH_BANNER, recv_msg_userauth_banner}, /* client */ |
|
249
efbaf6b03837
added keyboard-interactive client support
Matt Johnston <matt@ucc.asn.au>
parents:
215
diff
changeset
|
68 {SSH_MSG_USERAUTH_SPECIFIC_60, recv_msg_userauth_specific_60}, /* client */ |
|
505
805e557fdff7
Report errors if a remote request fails
Matt Johnston <matt@ucc.asn.au>
parents:
486
diff
changeset
|
69 #ifdef ENABLE_CLI_REMOTETCPFWD |
|
805e557fdff7
Report errors if a remote request fails
Matt Johnston <matt@ucc.asn.au>
parents:
486
diff
changeset
|
70 {SSH_MSG_REQUEST_SUCCESS, cli_recv_msg_request_success}, /* client */ |
|
805e557fdff7
Report errors if a remote request fails
Matt Johnston <matt@ucc.asn.au>
parents:
486
diff
changeset
|
71 {SSH_MSG_REQUEST_FAILURE, cli_recv_msg_request_failure}, /* client */ |
|
805e557fdff7
Report errors if a remote request fails
Matt Johnston <matt@ucc.asn.au>
parents:
486
diff
changeset
|
72 #endif |
| 26 | 73 {0, 0} /* End */ |
| 74 }; | |
| 75 | |
| 76 static const struct ChanType *cli_chantypes[] = { | |
| 64 | 77 #ifdef ENABLE_CLI_REMOTETCPFWD |
| 78 &cli_chan_tcpremote, | |
| 79 #endif | |
|
225
ca7e76d981d9
- progress towards client agent forwarding
Matt Johnston <matt@ucc.asn.au>
parents:
215
diff
changeset
|
80 #ifdef ENABLE_CLI_AGENTFWD |
|
ca7e76d981d9
- progress towards client agent forwarding
Matt Johnston <matt@ucc.asn.au>
parents:
215
diff
changeset
|
81 &cli_chan_agent, |
|
ca7e76d981d9
- progress towards client agent forwarding
Matt Johnston <matt@ucc.asn.au>
parents:
215
diff
changeset
|
82 #endif |
| 26 | 83 NULL /* Null termination */ |
| 84 }; | |
| 33 | 85 |
|
568
005530560594
Rearrange getaddrstring() etc
Matt Johnston <matt@ucc.asn.au>
parents:
560
diff
changeset
|
86 void cli_session(int sock_in, int sock_out) { |
| 26 | 87 |
|
568
005530560594
Rearrange getaddrstring() etc
Matt Johnston <matt@ucc.asn.au>
parents:
560
diff
changeset
|
88 common_session_init(sock_in, sock_out); |
| 26 | 89 |
| 90 chaninitialise(cli_chantypes); | |
| 91 | |
| 33 | 92 /* Set up cli_ses vars */ |
| 93 cli_session_init(); | |
| 26 | 94 |
| 95 /* Ready to go */ | |
| 96 sessinitdone = 1; | |
| 97 | |
| 98 /* Exchange identification */ | |
| 99 session_identification(); | |
| 100 | |
| 101 send_msg_kexinit(); | |
| 102 | |
| 103 session_loop(cli_sessionloop); | |
| 104 | |
| 105 /* Not reached */ | |
| 106 | |
| 33 | 107 } |
| 26 | 108 |
| 33 | 109 static void cli_session_init() { |
| 110 | |
| 111 cli_ses.state = STATE_NOTHING; | |
| 112 cli_ses.kex_state = KEX_NOTHING; | |
| 113 | |
|
39
0883c0906870
tty raw mode support works mostly
Matt Johnston <matt@ucc.asn.au>
parents:
37
diff
changeset
|
114 cli_ses.tty_raw_mode = 0; |
|
41
18eccbfb9641
added window-size change handling
Matt Johnston <matt@ucc.asn.au>
parents:
40
diff
changeset
|
115 cli_ses.winchange = 0; |
|
39
0883c0906870
tty raw mode support works mostly
Matt Johnston <matt@ucc.asn.au>
parents:
37
diff
changeset
|
116 |
|
175
2c5741e4b855
* Reset the non-blocking status of stdout and stderr as well on exit
Matt Johnston <matt@ucc.asn.au>
parents:
165
diff
changeset
|
117 /* We store std{in,out,err}'s flags, so we can set them back on exit |
|
2c5741e4b855
* Reset the non-blocking status of stdout and stderr as well on exit
Matt Johnston <matt@ucc.asn.au>
parents:
165
diff
changeset
|
118 * (otherwise busybox's ash isn't happy */ |
|
99
0247fbd9379d
Move the revert-to-non-blocking-stdin code to cli-session so it
Matt Johnston <matt@ucc.asn.au>
parents:
74
diff
changeset
|
119 cli_ses.stdincopy = dup(STDIN_FILENO); |
|
0247fbd9379d
Move the revert-to-non-blocking-stdin code to cli-session so it
Matt Johnston <matt@ucc.asn.au>
parents:
74
diff
changeset
|
120 cli_ses.stdinflags = fcntl(STDIN_FILENO, F_GETFL, 0); |
|
175
2c5741e4b855
* Reset the non-blocking status of stdout and stderr as well on exit
Matt Johnston <matt@ucc.asn.au>
parents:
165
diff
changeset
|
121 cli_ses.stdoutcopy = dup(STDOUT_FILENO); |
|
2c5741e4b855
* Reset the non-blocking status of stdout and stderr as well on exit
Matt Johnston <matt@ucc.asn.au>
parents:
165
diff
changeset
|
122 cli_ses.stdoutflags = fcntl(STDOUT_FILENO, F_GETFL, 0); |
|
2c5741e4b855
* Reset the non-blocking status of stdout and stderr as well on exit
Matt Johnston <matt@ucc.asn.au>
parents:
165
diff
changeset
|
123 cli_ses.stderrcopy = dup(STDERR_FILENO); |
|
2c5741e4b855
* Reset the non-blocking status of stdout and stderr as well on exit
Matt Johnston <matt@ucc.asn.au>
parents:
165
diff
changeset
|
124 cli_ses.stderrflags = fcntl(STDERR_FILENO, F_GETFL, 0); |
|
99
0247fbd9379d
Move the revert-to-non-blocking-stdin code to cli-session so it
Matt Johnston <matt@ucc.asn.au>
parents:
74
diff
changeset
|
125 |
|
108
10f4d3319780
- added circular buffering for channels
Matt Johnston <matt@ucc.asn.au>
parents:
107
diff
changeset
|
126 cli_ses.retval = EXIT_SUCCESS; /* Assume it's clean if we don't get a |
|
10f4d3319780
- added circular buffering for channels
Matt Johnston <matt@ucc.asn.au>
parents:
107
diff
changeset
|
127 specific exit status */ |
|
10f4d3319780
- added circular buffering for channels
Matt Johnston <matt@ucc.asn.au>
parents:
107
diff
changeset
|
128 |
| 47 | 129 /* Auth */ |
|
215
aad4b3f58556
rename PubkeyList to SignKeyList for clarity
Matt Johnston <matt@ucc.asn.au>
parents:
175
diff
changeset
|
130 cli_ses.lastprivkey = NULL; |
|
136
fb7147e2fb04
- Fixed a couple of compile warnings
Matt Johnston <matt@ucc.asn.au>
parents:
108
diff
changeset
|
131 cli_ses.lastauthtype = 0; |
| 47 | 132 |
|
686
983a817f8e41
- Only request "none" cipher after auth has succeeded
Matt Johnston <matt@ucc.asn.au>
parents:
594
diff
changeset
|
133 #ifdef DROPBEAR_NONE_CIPHER |
|
983a817f8e41
- Only request "none" cipher after auth has succeeded
Matt Johnston <matt@ucc.asn.au>
parents:
594
diff
changeset
|
134 cli_ses.cipher_none_after_auth = get_algo_usable(sshciphers, "none"); |
|
983a817f8e41
- Only request "none" cipher after auth has succeeded
Matt Johnston <matt@ucc.asn.au>
parents:
594
diff
changeset
|
135 set_algo_usable(sshciphers, "none", 0); |
|
983a817f8e41
- Only request "none" cipher after auth has succeeded
Matt Johnston <matt@ucc.asn.au>
parents:
594
diff
changeset
|
136 #else |
|
983a817f8e41
- Only request "none" cipher after auth has succeeded
Matt Johnston <matt@ucc.asn.au>
parents:
594
diff
changeset
|
137 cli_ses.cipher_none_after_auth = 0; |
|
983a817f8e41
- Only request "none" cipher after auth has succeeded
Matt Johnston <matt@ucc.asn.au>
parents:
594
diff
changeset
|
138 #endif |
|
983a817f8e41
- Only request "none" cipher after auth has succeeded
Matt Johnston <matt@ucc.asn.au>
parents:
594
diff
changeset
|
139 |
| 33 | 140 /* For printing "remote host closed" for the user */ |
| 141 ses.remoteclosed = cli_remoteclosed; | |
| 142 ses.buf_match_algo = cli_buf_match_algo; | |
| 143 | |
| 144 /* packet handlers */ | |
| 145 ses.packettypes = cli_packettypes; | |
|
35
0ad5fb979f42
set the isserver flag (oops)
Matt Johnston <matt@ucc.asn.au>
parents:
34
diff
changeset
|
146 |
|
0ad5fb979f42
set the isserver flag (oops)
Matt Johnston <matt@ucc.asn.au>
parents:
34
diff
changeset
|
147 ses.isserver = 0; |
| 26 | 148 } |
| 149 | |
| 33 | 150 /* This function drives the progress of the session - it initiates KEX, |
| 151 * service, userauth and channel requests */ | |
| 26 | 152 static void cli_sessionloop() { |
| 153 | |
|
165
0cfba3034be5
Fixed DEBUG_TRACE macro so that we don't get semicolons left about the place
Matt Johnston <matt@ucc.asn.au>
parents:
136
diff
changeset
|
154 TRACE(("enter cli_sessionloop")) |
| 33 | 155 |
|
34
e2a1eaa19f22
Client mostly works up to password auth
Matt Johnston <matt@ucc.asn.au>
parents:
33
diff
changeset
|
156 if (ses.lastpacket == SSH_MSG_KEXINIT && cli_ses.kex_state == KEX_NOTHING) { |
|
e2a1eaa19f22
Client mostly works up to password auth
Matt Johnston <matt@ucc.asn.au>
parents:
33
diff
changeset
|
157 cli_ses.kex_state = KEXINIT_RCVD; |
| 33 | 158 } |
| 159 | |
|
34
e2a1eaa19f22
Client mostly works up to password auth
Matt Johnston <matt@ucc.asn.au>
parents:
33
diff
changeset
|
160 if (cli_ses.kex_state == KEXINIT_RCVD) { |
| 33 | 161 |
| 162 /* We initiate the KEXDH. If DH wasn't the correct type, the KEXINIT | |
| 163 * negotiation would have failed. */ | |
| 164 send_msg_kexdh_init(); | |
| 165 cli_ses.kex_state = KEXDH_INIT_SENT; | |
|
165
0cfba3034be5
Fixed DEBUG_TRACE macro so that we don't get semicolons left about the place
Matt Johnston <matt@ucc.asn.au>
parents:
136
diff
changeset
|
166 TRACE(("leave cli_sessionloop: done with KEXINIT_RCVD")) |
| 33 | 167 return; |
| 168 } | |
| 169 | |
| 170 /* A KEX has finished, so we should go back to our KEX_NOTHING state */ | |
| 171 if (cli_ses.kex_state != KEX_NOTHING && ses.kexstate.recvkexinit == 0 | |
| 172 && ses.kexstate.sentkexinit == 0) { | |
| 173 cli_ses.kex_state = KEX_NOTHING; | |
| 174 } | |
| 175 | |
| 176 /* We shouldn't do anything else if a KEX is in progress */ | |
| 177 if (cli_ses.kex_state != KEX_NOTHING) { | |
|
165
0cfba3034be5
Fixed DEBUG_TRACE macro so that we don't get semicolons left about the place
Matt Johnston <matt@ucc.asn.au>
parents:
136
diff
changeset
|
178 TRACE(("leave cli_sessionloop: kex_state != KEX_NOTHING")) |
| 33 | 179 return; |
| 180 } | |
| 181 | |
| 182 /* We should exit if we haven't donefirstkex: we shouldn't reach here | |
| 183 * in normal operation */ | |
| 184 if (ses.kexstate.donefirstkex == 0) { | |
|
165
0cfba3034be5
Fixed DEBUG_TRACE macro so that we don't get semicolons left about the place
Matt Johnston <matt@ucc.asn.au>
parents:
136
diff
changeset
|
185 TRACE(("XXX XXX might be bad! leave cli_sessionloop: haven't donefirstkex")) |
|
34
e2a1eaa19f22
Client mostly works up to password auth
Matt Johnston <matt@ucc.asn.au>
parents:
33
diff
changeset
|
186 return; |
| 33 | 187 } |
| 188 | |
| 26 | 189 switch (cli_ses.state) { |
| 190 | |
| 33 | 191 case STATE_NOTHING: |
| 192 /* We've got the transport layer sorted, we now need to request | |
| 193 * userauth */ | |
| 194 send_msg_service_request(SSH_SERVICE_USERAUTH); | |
| 195 cli_ses.state = SERVICE_AUTH_REQ_SENT; | |
|
165
0cfba3034be5
Fixed DEBUG_TRACE macro so that we don't get semicolons left about the place
Matt Johnston <matt@ucc.asn.au>
parents:
136
diff
changeset
|
196 TRACE(("leave cli_sessionloop: sent userauth service req")) |
| 33 | 197 return; |
| 26 | 198 |
| 33 | 199 /* userauth code */ |
| 200 case SERVICE_AUTH_ACCEPT_RCVD: | |
| 201 cli_auth_getmethods(); | |
|
45
9ee8996a375f
Pubkey auth is mostly there for the client. Something strange with
Matt Johnston <matt@ucc.asn.au>
parents:
43
diff
changeset
|
202 cli_ses.state = USERAUTH_REQ_SENT; |
|
165
0cfba3034be5
Fixed DEBUG_TRACE macro so that we don't get semicolons left about the place
Matt Johnston <matt@ucc.asn.au>
parents:
136
diff
changeset
|
203 TRACE(("leave cli_sessionloop: sent userauth methods req")) |
| 33 | 204 return; |
| 205 | |
| 206 case USERAUTH_FAIL_RCVD: | |
| 207 cli_auth_try(); | |
|
45
9ee8996a375f
Pubkey auth is mostly there for the client. Something strange with
Matt Johnston <matt@ucc.asn.au>
parents:
43
diff
changeset
|
208 cli_ses.state = USERAUTH_REQ_SENT; |
|
165
0cfba3034be5
Fixed DEBUG_TRACE macro so that we don't get semicolons left about the place
Matt Johnston <matt@ucc.asn.au>
parents:
136
diff
changeset
|
209 TRACE(("leave cli_sessionloop: cli_auth_try")) |
| 33 | 210 return; |
| 211 | |
| 37 | 212 case USERAUTH_SUCCESS_RCVD: |
|
326
d965110e3f5c
add -f background option to dbclient
Matt Johnston <matt@ucc.asn.au>
parents:
325
diff
changeset
|
213 |
|
686
983a817f8e41
- Only request "none" cipher after auth has succeeded
Matt Johnston <matt@ucc.asn.au>
parents:
594
diff
changeset
|
214 #ifdef DROPBEAR_NONE_CIPHER |
|
983a817f8e41
- Only request "none" cipher after auth has succeeded
Matt Johnston <matt@ucc.asn.au>
parents:
594
diff
changeset
|
215 if (cli_ses.cipher_none_after_auth) |
|
983a817f8e41
- Only request "none" cipher after auth has succeeded
Matt Johnston <matt@ucc.asn.au>
parents:
594
diff
changeset
|
216 { |
|
983a817f8e41
- Only request "none" cipher after auth has succeeded
Matt Johnston <matt@ucc.asn.au>
parents:
594
diff
changeset
|
217 set_algo_usable(sshciphers, "none", 1); |
|
983a817f8e41
- Only request "none" cipher after auth has succeeded
Matt Johnston <matt@ucc.asn.au>
parents:
594
diff
changeset
|
218 send_msg_kexinit(); |
|
983a817f8e41
- Only request "none" cipher after auth has succeeded
Matt Johnston <matt@ucc.asn.au>
parents:
594
diff
changeset
|
219 } |
|
983a817f8e41
- Only request "none" cipher after auth has succeeded
Matt Johnston <matt@ucc.asn.au>
parents:
594
diff
changeset
|
220 #endif |
|
983a817f8e41
- Only request "none" cipher after auth has succeeded
Matt Johnston <matt@ucc.asn.au>
parents:
594
diff
changeset
|
221 |
|
326
d965110e3f5c
add -f background option to dbclient
Matt Johnston <matt@ucc.asn.au>
parents:
325
diff
changeset
|
222 if (cli_opts.backgrounded) { |
|
d965110e3f5c
add -f background option to dbclient
Matt Johnston <matt@ucc.asn.au>
parents:
325
diff
changeset
|
223 int devnull; |
|
433
c216212001fc
Fix for -pedantic -ansi compilation, change // to /**/, plus some signedness
Matt Johnston <matt@ucc.asn.au>
parents:
326
diff
changeset
|
224 /* keeping stdin open steals input from the terminal and |
|
c216212001fc
Fix for -pedantic -ansi compilation, change // to /**/, plus some signedness
Matt Johnston <matt@ucc.asn.au>
parents:
326
diff
changeset
|
225 is confusing, though stdout/stderr could be useful. */ |
|
326
d965110e3f5c
add -f background option to dbclient
Matt Johnston <matt@ucc.asn.au>
parents:
325
diff
changeset
|
226 devnull = open(_PATH_DEVNULL, O_RDONLY); |
|
d965110e3f5c
add -f background option to dbclient
Matt Johnston <matt@ucc.asn.au>
parents:
325
diff
changeset
|
227 if (devnull < 0) { |
|
594
a98a2138364a
Improve capitalisation for all logged strings
Matt Johnston <matt@ucc.asn.au>
parents:
568
diff
changeset
|
228 dropbear_exit("Opening /dev/null: %d %s", |
|
326
d965110e3f5c
add -f background option to dbclient
Matt Johnston <matt@ucc.asn.au>
parents:
325
diff
changeset
|
229 errno, strerror(errno)); |
|
d965110e3f5c
add -f background option to dbclient
Matt Johnston <matt@ucc.asn.au>
parents:
325
diff
changeset
|
230 } |
|
d965110e3f5c
add -f background option to dbclient
Matt Johnston <matt@ucc.asn.au>
parents:
325
diff
changeset
|
231 dup2(devnull, STDIN_FILENO); |
|
d965110e3f5c
add -f background option to dbclient
Matt Johnston <matt@ucc.asn.au>
parents:
325
diff
changeset
|
232 if (daemon(0, 1) < 0) { |
|
d965110e3f5c
add -f background option to dbclient
Matt Johnston <matt@ucc.asn.au>
parents:
325
diff
changeset
|
233 dropbear_exit("Backgrounding failed: %d %s", |
|
d965110e3f5c
add -f background option to dbclient
Matt Johnston <matt@ucc.asn.au>
parents:
325
diff
changeset
|
234 errno, strerror(errno)); |
|
d965110e3f5c
add -f background option to dbclient
Matt Johnston <matt@ucc.asn.au>
parents:
325
diff
changeset
|
235 } |
|
d965110e3f5c
add -f background option to dbclient
Matt Johnston <matt@ucc.asn.au>
parents:
325
diff
changeset
|
236 } |
|
d965110e3f5c
add -f background option to dbclient
Matt Johnston <matt@ucc.asn.au>
parents:
325
diff
changeset
|
237 |
| 64 | 238 #ifdef ENABLE_CLI_LOCALTCPFWD |
|
485
12d845ab7b5f
Rework netcat-alike to be a proper mode, with -B argument.
Matt Johnston <matt@ucc.asn.au>
parents:
478
diff
changeset
|
239 setup_localtcp(); |
| 64 | 240 #endif |
|
65
02e4a7f614f8
Oops, forgot to call the actual code.
Matt Johnston <matt@ucc.asn.au>
parents:
64
diff
changeset
|
241 #ifdef ENABLE_CLI_REMOTETCPFWD |
|
485
12d845ab7b5f
Rework netcat-alike to be a proper mode, with -B argument.
Matt Johnston <matt@ucc.asn.au>
parents:
478
diff
changeset
|
242 setup_remotetcp(); |
|
65
02e4a7f614f8
Oops, forgot to call the actual code.
Matt Johnston <matt@ucc.asn.au>
parents:
64
diff
changeset
|
243 #endif |
|
485
12d845ab7b5f
Rework netcat-alike to be a proper mode, with -B argument.
Matt Johnston <matt@ucc.asn.au>
parents:
478
diff
changeset
|
244 |
|
12d845ab7b5f
Rework netcat-alike to be a proper mode, with -B argument.
Matt Johnston <matt@ucc.asn.au>
parents:
478
diff
changeset
|
245 #ifdef ENABLE_CLI_NETCAT |
|
12d845ab7b5f
Rework netcat-alike to be a proper mode, with -B argument.
Matt Johnston <matt@ucc.asn.au>
parents:
478
diff
changeset
|
246 if (cli_opts.netcat_host) { |
|
12d845ab7b5f
Rework netcat-alike to be a proper mode, with -B argument.
Matt Johnston <matt@ucc.asn.au>
parents:
478
diff
changeset
|
247 cli_send_netcat_request(); |
|
12d845ab7b5f
Rework netcat-alike to be a proper mode, with -B argument.
Matt Johnston <matt@ucc.asn.au>
parents:
478
diff
changeset
|
248 } else |
|
12d845ab7b5f
Rework netcat-alike to be a proper mode, with -B argument.
Matt Johnston <matt@ucc.asn.au>
parents:
478
diff
changeset
|
249 #endif |
| 560 | 250 if (!cli_opts.no_cmd) { |
|
325
0e4f225b7e07
Add -N "no remote command" dbclient option.
Matt Johnston <matt@ucc.asn.au>
parents:
272
diff
changeset
|
251 cli_send_chansess_request(); |
|
0e4f225b7e07
Add -N "no remote command" dbclient option.
Matt Johnston <matt@ucc.asn.au>
parents:
272
diff
changeset
|
252 } |
|
0e4f225b7e07
Add -N "no remote command" dbclient option.
Matt Johnston <matt@ucc.asn.au>
parents:
272
diff
changeset
|
253 TRACE(("leave cli_sessionloop: running")) |
| 37 | 254 cli_ses.state = SESSION_RUNNING; |
| 255 return; | |
| 256 | |
|
40
b4874d772210
- Added terminal mode handling etc for the client, and window change
Matt Johnston <matt@ucc.asn.au>
parents:
39
diff
changeset
|
257 case SESSION_RUNNING: |
|
325
0e4f225b7e07
Add -N "no remote command" dbclient option.
Matt Johnston <matt@ucc.asn.au>
parents:
272
diff
changeset
|
258 if (ses.chancount < 1 && !cli_opts.no_cmd) { |
|
40
b4874d772210
- Added terminal mode handling etc for the client, and window change
Matt Johnston <matt@ucc.asn.au>
parents:
39
diff
changeset
|
259 cli_finished(); |
|
b4874d772210
- Added terminal mode handling etc for the client, and window change
Matt Johnston <matt@ucc.asn.au>
parents:
39
diff
changeset
|
260 } |
|
41
18eccbfb9641
added window-size change handling
Matt Johnston <matt@ucc.asn.au>
parents:
40
diff
changeset
|
261 |
|
18eccbfb9641
added window-size change handling
Matt Johnston <matt@ucc.asn.au>
parents:
40
diff
changeset
|
262 if (cli_ses.winchange) { |
|
18eccbfb9641
added window-size change handling
Matt Johnston <matt@ucc.asn.au>
parents:
40
diff
changeset
|
263 cli_chansess_winchange(); |
|
18eccbfb9641
added window-size change handling
Matt Johnston <matt@ucc.asn.au>
parents:
40
diff
changeset
|
264 } |
|
40
b4874d772210
- Added terminal mode handling etc for the client, and window change
Matt Johnston <matt@ucc.asn.au>
parents:
39
diff
changeset
|
265 return; |
|
b4874d772210
- Added terminal mode handling etc for the client, and window change
Matt Johnston <matt@ucc.asn.au>
parents:
39
diff
changeset
|
266 |
| 33 | 267 /* XXX more here needed */ |
| 268 | |
| 269 | |
| 270 default: | |
| 271 break; | |
| 26 | 272 } |
| 273 | |
|
165
0cfba3034be5
Fixed DEBUG_TRACE macro so that we don't get semicolons left about the place
Matt Johnston <matt@ucc.asn.au>
parents:
136
diff
changeset
|
274 TRACE(("leave cli_sessionloop: fell out")) |
| 26 | 275 |
| 276 } | |
| 277 | |
|
40
b4874d772210
- Added terminal mode handling etc for the client, and window change
Matt Johnston <matt@ucc.asn.au>
parents:
39
diff
changeset
|
278 void cli_session_cleanup() { |
|
b4874d772210
- Added terminal mode handling etc for the client, and window change
Matt Johnston <matt@ucc.asn.au>
parents:
39
diff
changeset
|
279 |
|
b4874d772210
- Added terminal mode handling etc for the client, and window change
Matt Johnston <matt@ucc.asn.au>
parents:
39
diff
changeset
|
280 if (!sessinitdone) { |
|
b4874d772210
- Added terminal mode handling etc for the client, and window change
Matt Johnston <matt@ucc.asn.au>
parents:
39
diff
changeset
|
281 return; |
|
b4874d772210
- Added terminal mode handling etc for the client, and window change
Matt Johnston <matt@ucc.asn.au>
parents:
39
diff
changeset
|
282 } |
|
99
0247fbd9379d
Move the revert-to-non-blocking-stdin code to cli-session so it
Matt Johnston <matt@ucc.asn.au>
parents:
74
diff
changeset
|
283 |
|
175
2c5741e4b855
* Reset the non-blocking status of stdout and stderr as well on exit
Matt Johnston <matt@ucc.asn.au>
parents:
165
diff
changeset
|
284 /* Set std{in,out,err} back to non-blocking - busybox ash dies nastily if |
|
2c5741e4b855
* Reset the non-blocking status of stdout and stderr as well on exit
Matt Johnston <matt@ucc.asn.au>
parents:
165
diff
changeset
|
285 * we don't revert the flags */ |
|
100
c72f5c10125d
oops, the fcntl() was commented out
Matt Johnston <matt@ucc.asn.au>
parents:
99
diff
changeset
|
286 fcntl(cli_ses.stdincopy, F_SETFL, cli_ses.stdinflags); |
|
175
2c5741e4b855
* Reset the non-blocking status of stdout and stderr as well on exit
Matt Johnston <matt@ucc.asn.au>
parents:
165
diff
changeset
|
287 fcntl(cli_ses.stdoutcopy, F_SETFL, cli_ses.stdoutflags); |
|
2c5741e4b855
* Reset the non-blocking status of stdout and stderr as well on exit
Matt Johnston <matt@ucc.asn.au>
parents:
165
diff
changeset
|
288 fcntl(cli_ses.stderrcopy, F_SETFL, cli_ses.stderrflags); |
|
99
0247fbd9379d
Move the revert-to-non-blocking-stdin code to cli-session so it
Matt Johnston <matt@ucc.asn.au>
parents:
74
diff
changeset
|
289 |
|
40
b4874d772210
- Added terminal mode handling etc for the client, and window change
Matt Johnston <matt@ucc.asn.au>
parents:
39
diff
changeset
|
290 cli_tty_cleanup(); |
|
b4874d772210
- Added terminal mode handling etc for the client, and window change
Matt Johnston <matt@ucc.asn.au>
parents:
39
diff
changeset
|
291 |
|
b4874d772210
- Added terminal mode handling etc for the client, and window change
Matt Johnston <matt@ucc.asn.au>
parents:
39
diff
changeset
|
292 } |
|
b4874d772210
- Added terminal mode handling etc for the client, and window change
Matt Johnston <matt@ucc.asn.au>
parents:
39
diff
changeset
|
293 |
|
b4874d772210
- Added terminal mode handling etc for the client, and window change
Matt Johnston <matt@ucc.asn.au>
parents:
39
diff
changeset
|
294 static void cli_finished() { |
|
b4874d772210
- Added terminal mode handling etc for the client, and window change
Matt Johnston <matt@ucc.asn.au>
parents:
39
diff
changeset
|
295 |
|
b4874d772210
- Added terminal mode handling etc for the client, and window change
Matt Johnston <matt@ucc.asn.au>
parents:
39
diff
changeset
|
296 cli_session_cleanup(); |
|
b4874d772210
- Added terminal mode handling etc for the client, and window change
Matt Johnston <matt@ucc.asn.au>
parents:
39
diff
changeset
|
297 common_session_cleanup(); |
|
b4874d772210
- Added terminal mode handling etc for the client, and window change
Matt Johnston <matt@ucc.asn.au>
parents:
39
diff
changeset
|
298 fprintf(stderr, "Connection to %s@%s:%s closed.\n", cli_opts.username, |
|
b4874d772210
- Added terminal mode handling etc for the client, and window change
Matt Johnston <matt@ucc.asn.au>
parents:
39
diff
changeset
|
299 cli_opts.remotehost, cli_opts.remoteport); |
|
108
10f4d3319780
- added circular buffering for channels
Matt Johnston <matt@ucc.asn.au>
parents:
107
diff
changeset
|
300 exit(cli_ses.retval); |
|
40
b4874d772210
- Added terminal mode handling etc for the client, and window change
Matt Johnston <matt@ucc.asn.au>
parents:
39
diff
changeset
|
301 } |
|
b4874d772210
- Added terminal mode handling etc for the client, and window change
Matt Johnston <matt@ucc.asn.au>
parents:
39
diff
changeset
|
302 |
|
b4874d772210
- Added terminal mode handling etc for the client, and window change
Matt Johnston <matt@ucc.asn.au>
parents:
39
diff
changeset
|
303 |
| 26 | 304 /* called when the remote side closes the connection */ |
| 305 static void cli_remoteclosed() { | |
| 306 | |
| 307 /* XXX TODO perhaps print a friendlier message if we get this but have | |
| 308 * already sent/received disconnect message(s) ??? */ | |
|
479
e3db1f7a2e43
- Split main socket var into ses.sock_in/ses.sock_out in preparation
Matt Johnston <matt@ucc.asn.au>
parents:
433
diff
changeset
|
309 m_close(ses.sock_in); |
|
e3db1f7a2e43
- Split main socket var into ses.sock_in/ses.sock_out in preparation
Matt Johnston <matt@ucc.asn.au>
parents:
433
diff
changeset
|
310 m_close(ses.sock_out); |
|
e3db1f7a2e43
- Split main socket var into ses.sock_in/ses.sock_out in preparation
Matt Johnston <matt@ucc.asn.au>
parents:
433
diff
changeset
|
311 ses.sock_in = -1; |
|
e3db1f7a2e43
- Split main socket var into ses.sock_in/ses.sock_out in preparation
Matt Johnston <matt@ucc.asn.au>
parents:
433
diff
changeset
|
312 ses.sock_out = -1; |
|
594
a98a2138364a
Improve capitalisation for all logged strings
Matt Johnston <matt@ucc.asn.au>
parents:
568
diff
changeset
|
313 dropbear_exit("Remote closed the connection"); |
| 26 | 314 } |
| 43 | 315 |
| 316 /* Operates in-place turning dirty (untrusted potentially containing control | |
|
249
efbaf6b03837
added keyboard-interactive client support
Matt Johnston <matt@ucc.asn.au>
parents:
215
diff
changeset
|
317 * characters) text into clean text. |
|
efbaf6b03837
added keyboard-interactive client support
Matt Johnston <matt@ucc.asn.au>
parents:
215
diff
changeset
|
318 * Note: this is safe only with ascii - other charsets could have problems. */ |
| 43 | 319 void cleantext(unsigned char* dirtytext) { |
| 320 | |
| 321 unsigned int i, j; | |
| 47 | 322 unsigned char c; |
| 43 | 323 |
| 324 j = 0; | |
| 325 for (i = 0; dirtytext[i] != '\0'; i++) { | |
| 326 | |
| 327 c = dirtytext[i]; | |
| 328 /* We can ignore '\r's */ | |
| 329 if ( (c >= ' ' && c <= '~') || c == '\n' || c == '\t') { | |
| 330 dirtytext[j] = c; | |
| 331 j++; | |
| 332 } | |
| 333 } | |
| 334 /* Null terminate */ | |
| 335 dirtytext[j] = '\0'; | |
| 336 } |