Mercurial > dropbear
annotate svr-session.c @ 1659:d32bcb5c557d
Add Ed25519 support (#91)
* Add support for Ed25519 as a public key type
Ed25519 is a elliptic curve signature scheme that offers
better security than ECDSA and DSA and good performance. It may be
used for both user and host keys.
OpenSSH key import and fuzzer are not supported yet.
Initially inspired by Peter Szabo.
* Add curve25519 and ed25519 fuzzers
* Add import and export of Ed25519 keys
author | Vladislav Grishenko <themiron@users.noreply.github.com> |
---|---|
date | Wed, 11 Mar 2020 21:09:45 +0500 |
parents | cc0fc5131c5c |
children | 7c17995bcdfb |
rev | line source |
---|---|
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
1 /* |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
2 * Dropbear - a SSH2 server |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
3 * |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
4 * Copyright (c) 2002,2003 Matt Johnston |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
5 * All rights reserved. |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
6 * |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
7 * Permission is hereby granted, free of charge, to any person obtaining a copy |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
8 * of this software and associated documentation files (the "Software"), to deal |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
9 * in the Software without restriction, including without limitation the rights |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
10 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
11 * copies of the Software, and to permit persons to whom the Software is |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
12 * furnished to do so, subject to the following conditions: |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
13 * |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
14 * The above copyright notice and this permission notice shall be included in |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
15 * all copies or substantial portions of the Software. |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
16 * |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
17 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
18 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
19 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
20 * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
21 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
22 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
23 * SOFTWARE. */ |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
24 |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
25 #include "includes.h" |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
26 #include "session.h" |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
27 #include "dbutil.h" |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
28 #include "packet.h" |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
29 #include "algo.h" |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
30 #include "buffer.h" |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
31 #include "dss.h" |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
32 #include "ssh.h" |
858
220f55d540ae
rename random.h to dbrandom.h since some OSes have a system random.h
Matt Johnston <matt@ucc.asn.au>
parents:
801
diff
changeset
|
33 #include "dbrandom.h" |
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
34 #include "kex.h" |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
35 #include "channel.h" |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
36 #include "chansession.h" |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
37 #include "atomicio.h" |
68
eee77ac31ccc
cleaning up the pubkey defines
Matt Johnston <matt@ucc.asn.au>
parents:
62
diff
changeset
|
38 #include "tcpfwd.h" |
22
c1e5d9195402
merge of abac2150ee4f4031a98016241fbd136d24fed127
Matt Johnston <matt@ucc.asn.au>
parents:
14
diff
changeset
|
39 #include "service.h" |
c1e5d9195402
merge of abac2150ee4f4031a98016241fbd136d24fed127
Matt Johnston <matt@ucc.asn.au>
parents:
14
diff
changeset
|
40 #include "auth.h" |
24 | 41 #include "runopts.h" |
766 | 42 #include "crypto_desc.h" |
1348 | 43 #include "fuzz.h" |
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
44 |
1276
9169e4e7cbee
fix empty C prototypes
Francois Perrad <francois.perrad@gadz.org>
parents:
1237
diff
changeset
|
45 static void svr_remoteclosed(void); |
1544 | 46 static void svr_algos_initialise(void); |
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
47 |
24 | 48 struct serversession svr_ses; /* GLOBAL */ |
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
49 |
22
c1e5d9195402
merge of abac2150ee4f4031a98016241fbd136d24fed127
Matt Johnston <matt@ucc.asn.au>
parents:
14
diff
changeset
|
50 static const packettype svr_packettypes[] = { |
c1e5d9195402
merge of abac2150ee4f4031a98016241fbd136d24fed127
Matt Johnston <matt@ucc.asn.au>
parents:
14
diff
changeset
|
51 {SSH_MSG_CHANNEL_DATA, recv_msg_channel_data}, |
c1e5d9195402
merge of abac2150ee4f4031a98016241fbd136d24fed127
Matt Johnston <matt@ucc.asn.au>
parents:
14
diff
changeset
|
52 {SSH_MSG_CHANNEL_WINDOW_ADJUST, recv_msg_channel_window_adjust}, |
45
9ee8996a375f
Pubkey auth is mostly there for the client. Something strange with
Matt Johnston <matt@ucc.asn.au>
parents:
35
diff
changeset
|
53 {SSH_MSG_USERAUTH_REQUEST, recv_msg_userauth_request}, /* server */ |
9ee8996a375f
Pubkey auth is mostly there for the client. Something strange with
Matt Johnston <matt@ucc.asn.au>
parents:
35
diff
changeset
|
54 {SSH_MSG_SERVICE_REQUEST, recv_msg_service_request}, /* server */ |
9ee8996a375f
Pubkey auth is mostly there for the client. Something strange with
Matt Johnston <matt@ucc.asn.au>
parents:
35
diff
changeset
|
55 {SSH_MSG_KEXINIT, recv_msg_kexinit}, |
9ee8996a375f
Pubkey auth is mostly there for the client. Something strange with
Matt Johnston <matt@ucc.asn.au>
parents:
35
diff
changeset
|
56 {SSH_MSG_KEXDH_INIT, recv_msg_kexdh_init}, /* server */ |
9ee8996a375f
Pubkey auth is mostly there for the client. Something strange with
Matt Johnston <matt@ucc.asn.au>
parents:
35
diff
changeset
|
57 {SSH_MSG_NEWKEYS, recv_msg_newkeys}, |
22
c1e5d9195402
merge of abac2150ee4f4031a98016241fbd136d24fed127
Matt Johnston <matt@ucc.asn.au>
parents:
14
diff
changeset
|
58 {SSH_MSG_GLOBAL_REQUEST, recv_msg_global_request_remotetcp}, |
c1e5d9195402
merge of abac2150ee4f4031a98016241fbd136d24fed127
Matt Johnston <matt@ucc.asn.au>
parents:
14
diff
changeset
|
59 {SSH_MSG_CHANNEL_REQUEST, recv_msg_channel_request}, |
c1e5d9195402
merge of abac2150ee4f4031a98016241fbd136d24fed127
Matt Johnston <matt@ucc.asn.au>
parents:
14
diff
changeset
|
60 {SSH_MSG_CHANNEL_OPEN, recv_msg_channel_open}, |
c1e5d9195402
merge of abac2150ee4f4031a98016241fbd136d24fed127
Matt Johnston <matt@ucc.asn.au>
parents:
14
diff
changeset
|
61 {SSH_MSG_CHANNEL_EOF, recv_msg_channel_eof}, |
c1e5d9195402
merge of abac2150ee4f4031a98016241fbd136d24fed127
Matt Johnston <matt@ucc.asn.au>
parents:
14
diff
changeset
|
62 {SSH_MSG_CHANNEL_CLOSE, recv_msg_channel_close}, |
970
0bb16232e7c4
Make keepalive handling more robust, this should now match what OpenSSH does
Matt Johnston <matt@ucc.asn.au>
parents:
968
diff
changeset
|
63 {SSH_MSG_CHANNEL_SUCCESS, ignore_recv_response}, |
0bb16232e7c4
Make keepalive handling more robust, this should now match what OpenSSH does
Matt Johnston <matt@ucc.asn.au>
parents:
968
diff
changeset
|
64 {SSH_MSG_CHANNEL_FAILURE, ignore_recv_response}, |
0bb16232e7c4
Make keepalive handling more robust, this should now match what OpenSSH does
Matt Johnston <matt@ucc.asn.au>
parents:
968
diff
changeset
|
65 {SSH_MSG_REQUEST_FAILURE, ignore_recv_response}, /* for keepalive */ |
0bb16232e7c4
Make keepalive handling more robust, this should now match what OpenSSH does
Matt Johnston <matt@ucc.asn.au>
parents:
968
diff
changeset
|
66 {SSH_MSG_REQUEST_SUCCESS, ignore_recv_response}, /* client */ |
1295
750ec4ec4cbe
Convert #ifdef to #if, other build changes
Matt Johnston <matt@ucc.asn.au>
parents:
1276
diff
changeset
|
67 #if DROPBEAR_LISTENERS |
22
c1e5d9195402
merge of abac2150ee4f4031a98016241fbd136d24fed127
Matt Johnston <matt@ucc.asn.au>
parents:
14
diff
changeset
|
68 {SSH_MSG_CHANNEL_OPEN_CONFIRMATION, recv_msg_channel_open_confirmation}, |
c1e5d9195402
merge of abac2150ee4f4031a98016241fbd136d24fed127
Matt Johnston <matt@ucc.asn.au>
parents:
14
diff
changeset
|
69 {SSH_MSG_CHANNEL_OPEN_FAILURE, recv_msg_channel_open_failure}, |
156
8c2b3506f112
Rearrange preprocessor parts so that compilation with various options
Matt Johnston <matt@ucc.asn.au>
parents:
98
diff
changeset
|
70 #endif |
1404
e8f67918fdc9
when pointer, use NULL instead of 0
Francois Perrad <francois.perrad@gadz.org>
parents:
1316
diff
changeset
|
71 {0, NULL} /* End */ |
22
c1e5d9195402
merge of abac2150ee4f4031a98016241fbd136d24fed127
Matt Johnston <matt@ucc.asn.au>
parents:
14
diff
changeset
|
72 }; |
c1e5d9195402
merge of abac2150ee4f4031a98016241fbd136d24fed127
Matt Johnston <matt@ucc.asn.au>
parents:
14
diff
changeset
|
73 |
c1e5d9195402
merge of abac2150ee4f4031a98016241fbd136d24fed127
Matt Johnston <matt@ucc.asn.au>
parents:
14
diff
changeset
|
74 static const struct ChanType *svr_chantypes[] = { |
6
ab00ef513e97
Sorted out the first channel init issues.
Matt Johnston <matt@ucc.asn.au>
parents:
5
diff
changeset
|
75 &svrchansess, |
1295
750ec4ec4cbe
Convert #ifdef to #if, other build changes
Matt Johnston <matt@ucc.asn.au>
parents:
1276
diff
changeset
|
76 #if DROPBEAR_SVR_LOCALTCPFWD |
62 | 77 &svr_chan_tcpdirect, |
156
8c2b3506f112
Rearrange preprocessor parts so that compilation with various options
Matt Johnston <matt@ucc.asn.au>
parents:
98
diff
changeset
|
78 #endif |
6
ab00ef513e97
Sorted out the first channel init issues.
Matt Johnston <matt@ucc.asn.au>
parents:
5
diff
changeset
|
79 NULL /* Null termination is mandatory. */ |
ab00ef513e97
Sorted out the first channel init issues.
Matt Johnston <matt@ucc.asn.au>
parents:
5
diff
changeset
|
80 }; |
ab00ef513e97
Sorted out the first channel init issues.
Matt Johnston <matt@ucc.asn.au>
parents:
5
diff
changeset
|
81 |
733
70811267715c
Run the cleanup handler also when we close due to TCP connection being closed
Matt Johnston <matt@ucc.asn.au>
parents:
726
diff
changeset
|
82 static void |
1040
2b4fd440399d
Free memory before exiting. Based on patch from Thorsten Horstmann.
Matt Johnston <matt@ucc.asn.au>
parents:
970
diff
changeset
|
83 svr_session_cleanup(void) { |
733
70811267715c
Run the cleanup handler also when we close due to TCP connection being closed
Matt Johnston <matt@ucc.asn.au>
parents:
726
diff
changeset
|
84 /* free potential public key options */ |
70811267715c
Run the cleanup handler also when we close due to TCP connection being closed
Matt Johnston <matt@ucc.asn.au>
parents:
726
diff
changeset
|
85 svr_pubkey_options_cleanup(); |
1040
2b4fd440399d
Free memory before exiting. Based on patch from Thorsten Horstmann.
Matt Johnston <matt@ucc.asn.au>
parents:
970
diff
changeset
|
86 |
2b4fd440399d
Free memory before exiting. Based on patch from Thorsten Horstmann.
Matt Johnston <matt@ucc.asn.au>
parents:
970
diff
changeset
|
87 m_free(svr_ses.addrstring); |
1041
3fb883a6aa81
Some additional cleanup functions
Matt Johnston <matt@ucc.asn.au>
parents:
1040
diff
changeset
|
88 m_free(svr_ses.remotehost); |
1040
2b4fd440399d
Free memory before exiting. Based on patch from Thorsten Horstmann.
Matt Johnston <matt@ucc.asn.au>
parents:
970
diff
changeset
|
89 m_free(svr_ses.childpids); |
1041
3fb883a6aa81
Some additional cleanup functions
Matt Johnston <matt@ucc.asn.au>
parents:
1040
diff
changeset
|
90 svr_ses.childpidsize = 0; |
1653
76189c9ffea2
External Public-Key Authentication API (#72)
fabriziobertocci <fabriziobertocci@gmail.com>
parents:
1559
diff
changeset
|
91 |
1654 | 92 #if DROPBEAR_PLUGIN |
93 if (svr_ses.plugin_handle != NULL) { | |
94 if (svr_ses.plugin_instance) { | |
95 svr_ses.plugin_instance->delete_plugin(svr_ses.plugin_instance); | |
96 svr_ses.plugin_instance = NULL; | |
1653
76189c9ffea2
External Public-Key Authentication API (#72)
fabriziobertocci <fabriziobertocci@gmail.com>
parents:
1559
diff
changeset
|
97 } |
76189c9ffea2
External Public-Key Authentication API (#72)
fabriziobertocci <fabriziobertocci@gmail.com>
parents:
1559
diff
changeset
|
98 |
1654 | 99 dlclose(svr_ses.plugin_handle); |
100 svr_ses.plugin_handle = NULL; | |
1653
76189c9ffea2
External Public-Key Authentication API (#72)
fabriziobertocci <fabriziobertocci@gmail.com>
parents:
1559
diff
changeset
|
101 } |
76189c9ffea2
External Public-Key Authentication API (#72)
fabriziobertocci <fabriziobertocci@gmail.com>
parents:
1559
diff
changeset
|
102 #endif |
733
70811267715c
Run the cleanup handler also when we close due to TCP connection being closed
Matt Johnston <matt@ucc.asn.au>
parents:
726
diff
changeset
|
103 } |
70811267715c
Run the cleanup handler also when we close due to TCP connection being closed
Matt Johnston <matt@ucc.asn.au>
parents:
726
diff
changeset
|
104 |
568
005530560594
Rearrange getaddrstring() etc
Matt Johnston <matt@ucc.asn.au>
parents:
553
diff
changeset
|
105 void svr_session(int sock, int childpipe) { |
005530560594
Rearrange getaddrstring() etc
Matt Johnston <matt@ucc.asn.au>
parents:
553
diff
changeset
|
106 char *host, *port; |
005530560594
Rearrange getaddrstring() etc
Matt Johnston <matt@ucc.asn.au>
parents:
553
diff
changeset
|
107 size_t len; |
272
3be7ae2e8dfa
Only read /dev/random once when the program starts
Matt Johnston <matt@ucc.asn.au>
parents:
158
diff
changeset
|
108 |
568
005530560594
Rearrange getaddrstring() etc
Matt Johnston <matt@ucc.asn.au>
parents:
553
diff
changeset
|
109 common_session_init(sock, sock); |
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
110 |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
111 /* Initialise server specific parts of the session */ |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
112 svr_ses.childpipe = childpipe; |
1295
750ec4ec4cbe
Convert #ifdef to #if, other build changes
Matt Johnston <matt@ucc.asn.au>
parents:
1276
diff
changeset
|
113 #if DROPBEAR_VFORK |
553
8711f20b89ab
- For uclinux, only cleanup on exit for the main process. This avoids
Matt Johnston <matt@ucc.asn.au>
parents:
496
diff
changeset
|
114 svr_ses.server_pid = getpid(); |
8711f20b89ab
- For uclinux, only cleanup on exit for the main process. This avoids
Matt Johnston <matt@ucc.asn.au>
parents:
496
diff
changeset
|
115 #endif |
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
116 |
568
005530560594
Rearrange getaddrstring() etc
Matt Johnston <matt@ucc.asn.au>
parents:
553
diff
changeset
|
117 /* for logging the remote address */ |
005530560594
Rearrange getaddrstring() etc
Matt Johnston <matt@ucc.asn.au>
parents:
553
diff
changeset
|
118 get_socket_address(ses.sock_in, NULL, NULL, &host, &port, 0); |
005530560594
Rearrange getaddrstring() etc
Matt Johnston <matt@ucc.asn.au>
parents:
553
diff
changeset
|
119 len = strlen(host) + strlen(port) + 2; |
005530560594
Rearrange getaddrstring() etc
Matt Johnston <matt@ucc.asn.au>
parents:
553
diff
changeset
|
120 svr_ses.addrstring = m_malloc(len); |
005530560594
Rearrange getaddrstring() etc
Matt Johnston <matt@ucc.asn.au>
parents:
553
diff
changeset
|
121 snprintf(svr_ses.addrstring, len, "%s:%s", host, port); |
005530560594
Rearrange getaddrstring() etc
Matt Johnston <matt@ucc.asn.au>
parents:
553
diff
changeset
|
122 m_free(host); |
005530560594
Rearrange getaddrstring() etc
Matt Johnston <matt@ucc.asn.au>
parents:
553
diff
changeset
|
123 m_free(port); |
005530560594
Rearrange getaddrstring() etc
Matt Johnston <matt@ucc.asn.au>
parents:
553
diff
changeset
|
124 |
1654 | 125 #if DROPBEAR_PLUGIN |
126 /* Initializes the PLUGIN Plugin */ | |
127 svr_ses.plugin_handle = NULL; | |
128 svr_ses.plugin_instance = NULL; | |
1653
76189c9ffea2
External Public-Key Authentication API (#72)
fabriziobertocci <fabriziobertocci@gmail.com>
parents:
1559
diff
changeset
|
129 if (svr_opts.pubkey_plugin) { |
76189c9ffea2
External Public-Key Authentication API (#72)
fabriziobertocci <fabriziobertocci@gmail.com>
parents:
1559
diff
changeset
|
130 #if DEBUG_TRACE |
76189c9ffea2
External Public-Key Authentication API (#72)
fabriziobertocci <fabriziobertocci@gmail.com>
parents:
1559
diff
changeset
|
131 const int verbose = debug_trace; |
76189c9ffea2
External Public-Key Authentication API (#72)
fabriziobertocci <fabriziobertocci@gmail.com>
parents:
1559
diff
changeset
|
132 #else |
76189c9ffea2
External Public-Key Authentication API (#72)
fabriziobertocci <fabriziobertocci@gmail.com>
parents:
1559
diff
changeset
|
133 const int verbose = 0; |
76189c9ffea2
External Public-Key Authentication API (#72)
fabriziobertocci <fabriziobertocci@gmail.com>
parents:
1559
diff
changeset
|
134 #endif |
76189c9ffea2
External Public-Key Authentication API (#72)
fabriziobertocci <fabriziobertocci@gmail.com>
parents:
1559
diff
changeset
|
135 PubkeyExtPlugin_newFn pluginConstructor; |
76189c9ffea2
External Public-Key Authentication API (#72)
fabriziobertocci <fabriziobertocci@gmail.com>
parents:
1559
diff
changeset
|
136 |
76189c9ffea2
External Public-Key Authentication API (#72)
fabriziobertocci <fabriziobertocci@gmail.com>
parents:
1559
diff
changeset
|
137 /* RTLD_NOW: fails if not all the symbols are resolved now. Better fail now than at run-time */ |
1654 | 138 svr_ses.plugin_handle = dlopen(svr_opts.pubkey_plugin, RTLD_NOW); |
139 if (svr_ses.plugin_handle == NULL) { | |
1653
76189c9ffea2
External Public-Key Authentication API (#72)
fabriziobertocci <fabriziobertocci@gmail.com>
parents:
1559
diff
changeset
|
140 dropbear_exit("failed to load external pubkey plugin '%s': %s", svr_opts.pubkey_plugin, dlerror()); |
76189c9ffea2
External Public-Key Authentication API (#72)
fabriziobertocci <fabriziobertocci@gmail.com>
parents:
1559
diff
changeset
|
141 } |
1654 | 142 pluginConstructor = (PubkeyExtPlugin_newFn)dlsym(svr_ses.plugin_handle, DROPBEAR_PUBKEY_PLUGIN_FNNAME_NEW); |
1653
76189c9ffea2
External Public-Key Authentication API (#72)
fabriziobertocci <fabriziobertocci@gmail.com>
parents:
1559
diff
changeset
|
143 if (!pluginConstructor) { |
76189c9ffea2
External Public-Key Authentication API (#72)
fabriziobertocci <fabriziobertocci@gmail.com>
parents:
1559
diff
changeset
|
144 dropbear_exit("plugin constructor method not found in external pubkey plugin"); |
76189c9ffea2
External Public-Key Authentication API (#72)
fabriziobertocci <fabriziobertocci@gmail.com>
parents:
1559
diff
changeset
|
145 } |
76189c9ffea2
External Public-Key Authentication API (#72)
fabriziobertocci <fabriziobertocci@gmail.com>
parents:
1559
diff
changeset
|
146 |
76189c9ffea2
External Public-Key Authentication API (#72)
fabriziobertocci <fabriziobertocci@gmail.com>
parents:
1559
diff
changeset
|
147 /* Create an instance of the plugin */ |
1654 | 148 svr_ses.plugin_instance = pluginConstructor(verbose, svr_opts.pubkey_plugin_options, svr_ses.addrstring); |
149 if (svr_ses.plugin_instance == NULL) { | |
1653
76189c9ffea2
External Public-Key Authentication API (#72)
fabriziobertocci <fabriziobertocci@gmail.com>
parents:
1559
diff
changeset
|
150 dropbear_exit("external plugin initialization failed"); |
76189c9ffea2
External Public-Key Authentication API (#72)
fabriziobertocci <fabriziobertocci@gmail.com>
parents:
1559
diff
changeset
|
151 } |
76189c9ffea2
External Public-Key Authentication API (#72)
fabriziobertocci <fabriziobertocci@gmail.com>
parents:
1559
diff
changeset
|
152 /* Check if the plugin is compatible */ |
1654 | 153 if ( (svr_ses.plugin_instance->api_version[0] != DROPBEAR_PLUGIN_VERSION_MAJOR) || |
154 (svr_ses.plugin_instance->api_version[1] < DROPBEAR_PLUGIN_VERSION_MINOR) ) { | |
1653
76189c9ffea2
External Public-Key Authentication API (#72)
fabriziobertocci <fabriziobertocci@gmail.com>
parents:
1559
diff
changeset
|
155 dropbear_exit("plugin version check failed: " |
76189c9ffea2
External Public-Key Authentication API (#72)
fabriziobertocci <fabriziobertocci@gmail.com>
parents:
1559
diff
changeset
|
156 "Dropbear=%d.%d, plugin=%d.%d", |
1654 | 157 DROPBEAR_PLUGIN_VERSION_MAJOR, DROPBEAR_PLUGIN_VERSION_MINOR, |
158 svr_ses.plugin_instance->api_version[0], svr_ses.plugin_instance->api_version[1]); | |
1653
76189c9ffea2
External Public-Key Authentication API (#72)
fabriziobertocci <fabriziobertocci@gmail.com>
parents:
1559
diff
changeset
|
159 } |
1654 | 160 if (svr_ses.plugin_instance->api_version[1] > DROPBEAR_PLUGIN_VERSION_MINOR) { |
1653
76189c9ffea2
External Public-Key Authentication API (#72)
fabriziobertocci <fabriziobertocci@gmail.com>
parents:
1559
diff
changeset
|
161 dropbear_log(LOG_WARNING, "plugin API newer than dropbear API: " |
76189c9ffea2
External Public-Key Authentication API (#72)
fabriziobertocci <fabriziobertocci@gmail.com>
parents:
1559
diff
changeset
|
162 "Dropbear=%d.%d, plugin=%d.%d", |
1654 | 163 DROPBEAR_PLUGIN_VERSION_MAJOR, DROPBEAR_PLUGIN_VERSION_MINOR, |
164 svr_ses.plugin_instance->api_version[0], svr_ses.plugin_instance->api_version[1]); | |
1653
76189c9ffea2
External Public-Key Authentication API (#72)
fabriziobertocci <fabriziobertocci@gmail.com>
parents:
1559
diff
changeset
|
165 } |
76189c9ffea2
External Public-Key Authentication API (#72)
fabriziobertocci <fabriziobertocci@gmail.com>
parents:
1559
diff
changeset
|
166 dropbear_log(LOG_INFO, "successfully loaded and initialized pubkey plugin '%s'", svr_opts.pubkey_plugin); |
76189c9ffea2
External Public-Key Authentication API (#72)
fabriziobertocci <fabriziobertocci@gmail.com>
parents:
1559
diff
changeset
|
167 } |
76189c9ffea2
External Public-Key Authentication API (#72)
fabriziobertocci <fabriziobertocci@gmail.com>
parents:
1559
diff
changeset
|
168 #endif |
76189c9ffea2
External Public-Key Authentication API (#72)
fabriziobertocci <fabriziobertocci@gmail.com>
parents:
1559
diff
changeset
|
169 |
76189c9ffea2
External Public-Key Authentication API (#72)
fabriziobertocci <fabriziobertocci@gmail.com>
parents:
1559
diff
changeset
|
170 svr_authinitialise(); |
76189c9ffea2
External Public-Key Authentication API (#72)
fabriziobertocci <fabriziobertocci@gmail.com>
parents:
1559
diff
changeset
|
171 chaninitialise(svr_chantypes); |
76189c9ffea2
External Public-Key Authentication API (#72)
fabriziobertocci <fabriziobertocci@gmail.com>
parents:
1559
diff
changeset
|
172 svr_chansessinitialise(); |
76189c9ffea2
External Public-Key Authentication API (#72)
fabriziobertocci <fabriziobertocci@gmail.com>
parents:
1559
diff
changeset
|
173 svr_algos_initialise(); |
76189c9ffea2
External Public-Key Authentication API (#72)
fabriziobertocci <fabriziobertocci@gmail.com>
parents:
1559
diff
changeset
|
174 |
572
8fd0ac8c8cab
Move remotehost into svr_ses structure since we can't look it up
Matt Johnston <matt@ucc.asn.au>
parents:
568
diff
changeset
|
175 get_socket_address(ses.sock_in, NULL, NULL, |
8fd0ac8c8cab
Move remotehost into svr_ses structure since we can't look it up
Matt Johnston <matt@ucc.asn.au>
parents:
568
diff
changeset
|
176 &svr_ses.remotehost, NULL, 1); |
8fd0ac8c8cab
Move remotehost into svr_ses structure since we can't look it up
Matt Johnston <matt@ucc.asn.au>
parents:
568
diff
changeset
|
177 |
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
178 /* set up messages etc */ |
33 | 179 ses.remoteclosed = svr_remoteclosed; |
733
70811267715c
Run the cleanup handler also when we close due to TCP connection being closed
Matt Johnston <matt@ucc.asn.au>
parents:
726
diff
changeset
|
180 ses.extra_session_cleanup = svr_session_cleanup; |
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
181 |
22
c1e5d9195402
merge of abac2150ee4f4031a98016241fbd136d24fed127
Matt Johnston <matt@ucc.asn.au>
parents:
14
diff
changeset
|
182 /* packet handlers */ |
c1e5d9195402
merge of abac2150ee4f4031a98016241fbd136d24fed127
Matt Johnston <matt@ucc.asn.au>
parents:
14
diff
changeset
|
183 ses.packettypes = svr_packettypes; |
c1e5d9195402
merge of abac2150ee4f4031a98016241fbd136d24fed127
Matt Johnston <matt@ucc.asn.au>
parents:
14
diff
changeset
|
184 |
35
0ad5fb979f42
set the isserver flag (oops)
Matt Johnston <matt@ucc.asn.au>
parents:
33
diff
changeset
|
185 ses.isserver = 1; |
0ad5fb979f42
set the isserver flag (oops)
Matt Johnston <matt@ucc.asn.au>
parents:
33
diff
changeset
|
186 |
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
187 /* We're ready to go now */ |
1495
0c16b4ccbd54
make signal flags volatile, simplify handling
Matt Johnston <matt@ucc.asn.au>
parents:
1404
diff
changeset
|
188 ses.init_done = 1; |
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
189 |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
190 /* exchange identification, version etc */ |
726
78eda530c000
send out our kexinit packet before blocking to read the SSH version string
Matt Johnston <matt@ucc.asn.au>
parents:
687
diff
changeset
|
191 send_session_identification(); |
1083
8e0280986710
Make sure kexfirstinitialise is called early enough
Matt Johnston <matt@ucc.asn.au>
parents:
1041
diff
changeset
|
192 |
8e0280986710
Make sure kexfirstinitialise is called early enough
Matt Johnston <matt@ucc.asn.au>
parents:
1041
diff
changeset
|
193 kexfirstinitialise(); /* initialise the kex state */ |
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
194 |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
195 /* start off with key exchange */ |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
196 send_msg_kexinit(); |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
197 |
26 | 198 /* Run the main for loop. NULL is for the dispatcher - only the client |
199 * code makes use of it */ | |
1495
0c16b4ccbd54
make signal flags volatile, simplify handling
Matt Johnston <matt@ucc.asn.au>
parents:
1404
diff
changeset
|
200 session_loop(svr_chansess_checksignal); |
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
201 |
26 | 202 /* Not reached */ |
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
203 |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
204 } |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
205 |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
206 /* failure exit - format must be <= 100 chars */ |
5
bc6477a6c393
syntactical fixups - it compiles, but channel handling code requires fixing.
Matt Johnston <matt@ucc.asn.au>
parents:
4
diff
changeset
|
207 void svr_dropbear_exit(int exitcode, const char* format, va_list param) { |
1304
b66a483f3dcb
Improve exit message formatting
Matt Johnston <matt@ucc.asn.au>
parents:
1276
diff
changeset
|
208 char exitmsg[150]; |
b66a483f3dcb
Improve exit message formatting
Matt Johnston <matt@ucc.asn.au>
parents:
1276
diff
changeset
|
209 char fullmsg[300]; |
1040
2b4fd440399d
Free memory before exiting. Based on patch from Thorsten Horstmann.
Matt Johnston <matt@ucc.asn.au>
parents:
970
diff
changeset
|
210 int i; |
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
211 |
1654 | 212 #if DROPBEAR_PLUGIN |
213 if ((ses.plugin_session != NULL)) { | |
214 svr_ses.plugin_instance->delete_session(ses.plugin_session); | |
1653
76189c9ffea2
External Public-Key Authentication API (#72)
fabriziobertocci <fabriziobertocci@gmail.com>
parents:
1559
diff
changeset
|
215 } |
1654 | 216 ses.plugin_session = NULL; |
1653
76189c9ffea2
External Public-Key Authentication API (#72)
fabriziobertocci <fabriziobertocci@gmail.com>
parents:
1559
diff
changeset
|
217 #endif |
76189c9ffea2
External Public-Key Authentication API (#72)
fabriziobertocci <fabriziobertocci@gmail.com>
parents:
1559
diff
changeset
|
218 |
1304
b66a483f3dcb
Improve exit message formatting
Matt Johnston <matt@ucc.asn.au>
parents:
1276
diff
changeset
|
219 /* Render the formatted exit message */ |
b66a483f3dcb
Improve exit message formatting
Matt Johnston <matt@ucc.asn.au>
parents:
1276
diff
changeset
|
220 vsnprintf(exitmsg, sizeof(exitmsg), format, param); |
b66a483f3dcb
Improve exit message formatting
Matt Johnston <matt@ucc.asn.au>
parents:
1276
diff
changeset
|
221 |
b66a483f3dcb
Improve exit message formatting
Matt Johnston <matt@ucc.asn.au>
parents:
1276
diff
changeset
|
222 /* Add the prefix depending on session/auth state */ |
1495
0c16b4ccbd54
make signal flags volatile, simplify handling
Matt Johnston <matt@ucc.asn.au>
parents:
1404
diff
changeset
|
223 if (!ses.init_done) { |
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
224 /* before session init */ |
1304
b66a483f3dcb
Improve exit message formatting
Matt Johnston <matt@ucc.asn.au>
parents:
1276
diff
changeset
|
225 snprintf(fullmsg, sizeof(fullmsg), "Early exit: %s", exitmsg); |
33 | 226 } else if (ses.authstate.authdone) { |
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
227 /* user has authenticated */ |
1304
b66a483f3dcb
Improve exit message formatting
Matt Johnston <matt@ucc.asn.au>
parents:
1276
diff
changeset
|
228 snprintf(fullmsg, sizeof(fullmsg), |
594
a98a2138364a
Improve capitalisation for all logged strings
Matt Johnston <matt@ucc.asn.au>
parents:
572
diff
changeset
|
229 "Exit (%s): %s", |
1304
b66a483f3dcb
Improve exit message formatting
Matt Johnston <matt@ucc.asn.au>
parents:
1276
diff
changeset
|
230 ses.authstate.pw_name, exitmsg); |
464
4317be8b7cf9
Make a copy of passwd fields since getpwnam()'s retval isn't safe to keep
Matt Johnston <matt@ucc.asn.au>
parents:
454
diff
changeset
|
231 } else if (ses.authstate.pw_name) { |
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
232 /* we have a potential user */ |
1304
b66a483f3dcb
Improve exit message formatting
Matt Johnston <matt@ucc.asn.au>
parents:
1276
diff
changeset
|
233 snprintf(fullmsg, sizeof(fullmsg), |
1237
888e3d17e962
Fix print format specifier
Chocobo1 <Chocobo1@users.noreply.github.com>
parents:
1215
diff
changeset
|
234 "Exit before auth (user '%s', %u fails): %s", |
1304
b66a483f3dcb
Improve exit message formatting
Matt Johnston <matt@ucc.asn.au>
parents:
1276
diff
changeset
|
235 ses.authstate.pw_name, ses.authstate.failcount, exitmsg); |
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
236 } else { |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
237 /* before userauth */ |
1304
b66a483f3dcb
Improve exit message formatting
Matt Johnston <matt@ucc.asn.au>
parents:
1276
diff
changeset
|
238 snprintf(fullmsg, sizeof(fullmsg), "Exit before auth: %s", exitmsg); |
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
239 } |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
240 |
1304
b66a483f3dcb
Improve exit message formatting
Matt Johnston <matt@ucc.asn.au>
parents:
1276
diff
changeset
|
241 dropbear_log(LOG_INFO, "%s", fullmsg); |
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
242 |
1295
750ec4ec4cbe
Convert #ifdef to #if, other build changes
Matt Johnston <matt@ucc.asn.au>
parents:
1276
diff
changeset
|
243 #if DROPBEAR_VFORK |
667
fc7ae88e63b3
Rename HAVE_FORK to USE_VFORK
Matt Johnston <matt@ucc.asn.au>
parents:
666
diff
changeset
|
244 /* For uclinux only the main server process should cleanup - we don't want |
553
8711f20b89ab
- For uclinux, only cleanup on exit for the main process. This avoids
Matt Johnston <matt@ucc.asn.au>
parents:
496
diff
changeset
|
245 * forked children doing that */ |
8711f20b89ab
- For uclinux, only cleanup on exit for the main process. This avoids
Matt Johnston <matt@ucc.asn.au>
parents:
496
diff
changeset
|
246 if (svr_ses.server_pid == getpid()) |
8711f20b89ab
- For uclinux, only cleanup on exit for the main process. This avoids
Matt Johnston <matt@ucc.asn.au>
parents:
496
diff
changeset
|
247 #endif |
8711f20b89ab
- For uclinux, only cleanup on exit for the main process. This avoids
Matt Johnston <matt@ucc.asn.au>
parents:
496
diff
changeset
|
248 { |
8711f20b89ab
- For uclinux, only cleanup on exit for the main process. This avoids
Matt Johnston <matt@ucc.asn.au>
parents:
496
diff
changeset
|
249 /* must be after we've done with username etc */ |
733
70811267715c
Run the cleanup handler also when we close due to TCP connection being closed
Matt Johnston <matt@ucc.asn.au>
parents:
726
diff
changeset
|
250 session_cleanup(); |
553
8711f20b89ab
- For uclinux, only cleanup on exit for the main process. This avoids
Matt Johnston <matt@ucc.asn.au>
parents:
496
diff
changeset
|
251 } |
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
252 |
1558
2f64cb3d3007
- #if not #ifdef for DROPBEAR_FUZZ
Matt Johnston <matt@ucc.asn.au>
parents:
1546
diff
changeset
|
253 #if DROPBEAR_FUZZ |
1559
92c93b4a3646
Fix to be able to compile normal(ish) binaries with --enable-fuzz
Matt Johnston <matt@ucc.asn.au>
parents:
1558
diff
changeset
|
254 /* longjmp before cleaning up svr_opts */ |
1385
6c92e97553f1
Add a flag whether to longjmp, missed that last commit
Matt Johnston <matt@ucc.asn.au>
parents:
1358
diff
changeset
|
255 if (fuzz.do_jmp) { |
1348 | 256 longjmp(fuzz.jmp, 1); |
257 } | |
258 #endif | |
259 | |
1040
2b4fd440399d
Free memory before exiting. Based on patch from Thorsten Horstmann.
Matt Johnston <matt@ucc.asn.au>
parents:
970
diff
changeset
|
260 if (svr_opts.hostkey) { |
2b4fd440399d
Free memory before exiting. Based on patch from Thorsten Horstmann.
Matt Johnston <matt@ucc.asn.au>
parents:
970
diff
changeset
|
261 sign_key_free(svr_opts.hostkey); |
2b4fd440399d
Free memory before exiting. Based on patch from Thorsten Horstmann.
Matt Johnston <matt@ucc.asn.au>
parents:
970
diff
changeset
|
262 svr_opts.hostkey = NULL; |
2b4fd440399d
Free memory before exiting. Based on patch from Thorsten Horstmann.
Matt Johnston <matt@ucc.asn.au>
parents:
970
diff
changeset
|
263 } |
2b4fd440399d
Free memory before exiting. Based on patch from Thorsten Horstmann.
Matt Johnston <matt@ucc.asn.au>
parents:
970
diff
changeset
|
264 for (i = 0; i < DROPBEAR_MAX_PORTS; i++) { |
2b4fd440399d
Free memory before exiting. Based on patch from Thorsten Horstmann.
Matt Johnston <matt@ucc.asn.au>
parents:
970
diff
changeset
|
265 m_free(svr_opts.addresses[i]); |
2b4fd440399d
Free memory before exiting. Based on patch from Thorsten Horstmann.
Matt Johnston <matt@ucc.asn.au>
parents:
970
diff
changeset
|
266 m_free(svr_opts.ports[i]); |
2b4fd440399d
Free memory before exiting. Based on patch from Thorsten Horstmann.
Matt Johnston <matt@ucc.asn.au>
parents:
970
diff
changeset
|
267 } |
2b4fd440399d
Free memory before exiting. Based on patch from Thorsten Horstmann.
Matt Johnston <matt@ucc.asn.au>
parents:
970
diff
changeset
|
268 |
1347
b28624698130
copy over some fuzzing code from AFL branch
Matt Johnston <matt@ucc.asn.au>
parents:
1304
diff
changeset
|
269 |
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
270 exit(exitcode); |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
271 |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
272 } |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
273 |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
274 /* priority is priority as with syslog() */ |
5
bc6477a6c393
syntactical fixups - it compiles, but channel handling code requires fixing.
Matt Johnston <matt@ucc.asn.au>
parents:
4
diff
changeset
|
275 void svr_dropbear_log(int priority, const char* format, va_list param) { |
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
276 |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
277 char printbuf[1024]; |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
278 char datestr[20]; |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
279 time_t timesec; |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
280 int havetrace = 0; |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
281 |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
282 vsnprintf(printbuf, sizeof(printbuf), format, param); |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
283 |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
284 #ifndef DISABLE_SYSLOG |
1210
64a50eac1030
Moved usingsyslog from svr_runopts to runopts.
Konstantin Tokarev <ktokarev@smartlabs.tv>
parents:
1139
diff
changeset
|
285 if (opts.usingsyslog) { |
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
286 syslog(priority, "%s", printbuf); |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
287 } |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
288 #endif |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
289 |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
290 /* if we are using DEBUG_TRACE, we want to print to stderr even if |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
291 * syslog is used, so it is included in error reports */ |
1295
750ec4ec4cbe
Convert #ifdef to #if, other build changes
Matt Johnston <matt@ucc.asn.au>
parents:
1276
diff
changeset
|
292 #if DEBUG_TRACE |
98
297167ef41bd
Fix for printing out things with inetd mode when we have DEBUG_TRACE
Matt Johnston <matt@ucc.asn.au>
parents:
68
diff
changeset
|
293 havetrace = debug_trace; |
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
294 #endif |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
295 |
1215 | 296 if (!opts.usingsyslog || havetrace) { |
404
a588558bfc94
Fix potential null pointer dereference found by Klokwork
Matt Johnston <matt@ucc.asn.au>
parents:
272
diff
changeset
|
297 struct tm * local_tm = NULL; |
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
298 timesec = time(NULL); |
404
a588558bfc94
Fix potential null pointer dereference found by Klokwork
Matt Johnston <matt@ucc.asn.au>
parents:
272
diff
changeset
|
299 local_tm = localtime(×ec); |
a588558bfc94
Fix potential null pointer dereference found by Klokwork
Matt Johnston <matt@ucc.asn.au>
parents:
272
diff
changeset
|
300 if (local_tm == NULL |
a588558bfc94
Fix potential null pointer dereference found by Klokwork
Matt Johnston <matt@ucc.asn.au>
parents:
272
diff
changeset
|
301 || strftime(datestr, sizeof(datestr), "%b %d %H:%M:%S", |
618
b5cc8878d5ec
Properly fix the bug found years ago by Klocwork, refound again.
Matt Johnston <matt@ucc.asn.au>
parents:
594
diff
changeset
|
302 local_tm) == 0) |
404
a588558bfc94
Fix potential null pointer dereference found by Klokwork
Matt Johnston <matt@ucc.asn.au>
parents:
272
diff
changeset
|
303 { |
433
c216212001fc
Fix for -pedantic -ansi compilation, change // to /**/, plus some signedness
Matt Johnston <matt@ucc.asn.au>
parents:
404
diff
changeset
|
304 /* upon failure, just print the epoch-seconds time. */ |
479
e3db1f7a2e43
- Split main socket var into ses.sock_in/ses.sock_out in preparation
Matt Johnston <matt@ucc.asn.au>
parents:
464
diff
changeset
|
305 snprintf(datestr, sizeof(datestr), "%d", (int)timesec); |
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
306 } |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
307 fprintf(stderr, "[%d] %s %s\n", getpid(), datestr, printbuf); |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
308 } |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
309 } |
5
bc6477a6c393
syntactical fixups - it compiles, but channel handling code requires fixing.
Matt Johnston <matt@ucc.asn.au>
parents:
4
diff
changeset
|
310 |
bc6477a6c393
syntactical fixups - it compiles, but channel handling code requires fixing.
Matt Johnston <matt@ucc.asn.au>
parents:
4
diff
changeset
|
311 /* called when the remote side closes the connection */ |
bc6477a6c393
syntactical fixups - it compiles, but channel handling code requires fixing.
Matt Johnston <matt@ucc.asn.au>
parents:
4
diff
changeset
|
312 static void svr_remoteclosed() { |
bc6477a6c393
syntactical fixups - it compiles, but channel handling code requires fixing.
Matt Johnston <matt@ucc.asn.au>
parents:
4
diff
changeset
|
313 |
479
e3db1f7a2e43
- Split main socket var into ses.sock_in/ses.sock_out in preparation
Matt Johnston <matt@ucc.asn.au>
parents:
464
diff
changeset
|
314 m_close(ses.sock_in); |
1358
6b89eb92f872
glaring wrapfd problems fixed
Matt Johnston <matt@ucc.asn.au>
parents:
1355
diff
changeset
|
315 if (ses.sock_in != ses.sock_out) { |
6b89eb92f872
glaring wrapfd problems fixed
Matt Johnston <matt@ucc.asn.au>
parents:
1355
diff
changeset
|
316 m_close(ses.sock_out); |
6b89eb92f872
glaring wrapfd problems fixed
Matt Johnston <matt@ucc.asn.au>
parents:
1355
diff
changeset
|
317 } |
479
e3db1f7a2e43
- Split main socket var into ses.sock_in/ses.sock_out in preparation
Matt Johnston <matt@ucc.asn.au>
parents:
464
diff
changeset
|
318 ses.sock_in = -1; |
e3db1f7a2e43
- Split main socket var into ses.sock_in/ses.sock_out in preparation
Matt Johnston <matt@ucc.asn.au>
parents:
464
diff
changeset
|
319 ses.sock_out = -1; |
5
bc6477a6c393
syntactical fixups - it compiles, but channel handling code requires fixing.
Matt Johnston <matt@ucc.asn.au>
parents:
4
diff
changeset
|
320 dropbear_close("Exited normally"); |
bc6477a6c393
syntactical fixups - it compiles, but channel handling code requires fixing.
Matt Johnston <matt@ucc.asn.au>
parents:
4
diff
changeset
|
321 |
bc6477a6c393
syntactical fixups - it compiles, but channel handling code requires fixing.
Matt Johnston <matt@ucc.asn.au>
parents:
4
diff
changeset
|
322 } |
bc6477a6c393
syntactical fixups - it compiles, but channel handling code requires fixing.
Matt Johnston <matt@ucc.asn.au>
parents:
4
diff
changeset
|
323 |
1544 | 324 static void svr_algos_initialise(void) { |
325 #if DROPBEAR_DH_GROUP1 && DROPBEAR_DH_GROUP1_CLIENTONLY | |
326 algo_type *algo; | |
327 for (algo = sshkex; algo->name; algo++) { | |
328 if (strcmp(algo->name, "diffie-hellman-group1-sha1") == 0) { | |
329 algo->usable = 0; | |
330 } | |
331 } | |
332 #endif | |
333 } | |
334 |