annotate svr-session.c @ 1659:d32bcb5c557d

Add Ed25519 support (#91) * Add support for Ed25519 as a public key type Ed25519 is a elliptic curve signature scheme that offers better security than ECDSA and DSA and good performance. It may be used for both user and host keys. OpenSSH key import and fuzzer are not supported yet. Initially inspired by Peter Szabo. * Add curve25519 and ed25519 fuzzers * Add import and export of Ed25519 keys
author Vladislav Grishenko <themiron@users.noreply.github.com>
date Wed, 11 Mar 2020 21:09:45 +0500
parents cc0fc5131c5c
children 7c17995bcdfb
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
rev   line source
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1 /*
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
2 * Dropbear - a SSH2 server
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
3 *
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
4 * Copyright (c) 2002,2003 Matt Johnston
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
5 * All rights reserved.
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
6 *
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
7 * Permission is hereby granted, free of charge, to any person obtaining a copy
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
8 * of this software and associated documentation files (the "Software"), to deal
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
9 * in the Software without restriction, including without limitation the rights
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
10 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
11 * copies of the Software, and to permit persons to whom the Software is
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
12 * furnished to do so, subject to the following conditions:
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
13 *
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
14 * The above copyright notice and this permission notice shall be included in
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
15 * all copies or substantial portions of the Software.
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
16 *
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
17 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
18 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
19 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
20 * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
21 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
22 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
23 * SOFTWARE. */
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
24
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
25 #include "includes.h"
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
26 #include "session.h"
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
27 #include "dbutil.h"
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
28 #include "packet.h"
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
29 #include "algo.h"
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
30 #include "buffer.h"
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
31 #include "dss.h"
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
32 #include "ssh.h"
858
220f55d540ae rename random.h to dbrandom.h since some OSes have a system random.h
Matt Johnston <matt@ucc.asn.au>
parents: 801
diff changeset
33 #include "dbrandom.h"
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
34 #include "kex.h"
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
35 #include "channel.h"
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
36 #include "chansession.h"
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
37 #include "atomicio.h"
68
eee77ac31ccc cleaning up the pubkey defines
Matt Johnston <matt@ucc.asn.au>
parents: 62
diff changeset
38 #include "tcpfwd.h"
22
c1e5d9195402 merge of abac2150ee4f4031a98016241fbd136d24fed127
Matt Johnston <matt@ucc.asn.au>
parents: 14
diff changeset
39 #include "service.h"
c1e5d9195402 merge of abac2150ee4f4031a98016241fbd136d24fed127
Matt Johnston <matt@ucc.asn.au>
parents: 14
diff changeset
40 #include "auth.h"
24
469950e86d0f switching to global vars
Matt Johnston <matt@ucc.asn.au>
parents: 22
diff changeset
41 #include "runopts.h"
766
d1575fdc29a6 start on ecdsa keys
Matt Johnston <matt@ucc.asn.au>
parents: 687
diff changeset
42 #include "crypto_desc.h"
1348
5c2899e35b63 fuzz harness
Matt Johnston <matt@ucc.asn.au>
parents: 1347
diff changeset
43 #include "fuzz.h"
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
44
1276
9169e4e7cbee fix empty C prototypes
Francois Perrad <francois.perrad@gadz.org>
parents: 1237
diff changeset
45 static void svr_remoteclosed(void);
1544
d1a8a05216ff make group1 client-only
Matt Johnston <matt@ucc.asn.au>
parents: 1495
diff changeset
46 static void svr_algos_initialise(void);
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
47
24
469950e86d0f switching to global vars
Matt Johnston <matt@ucc.asn.au>
parents: 22
diff changeset
48 struct serversession svr_ses; /* GLOBAL */
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
49
22
c1e5d9195402 merge of abac2150ee4f4031a98016241fbd136d24fed127
Matt Johnston <matt@ucc.asn.au>
parents: 14
diff changeset
50 static const packettype svr_packettypes[] = {
c1e5d9195402 merge of abac2150ee4f4031a98016241fbd136d24fed127
Matt Johnston <matt@ucc.asn.au>
parents: 14
diff changeset
51 {SSH_MSG_CHANNEL_DATA, recv_msg_channel_data},
c1e5d9195402 merge of abac2150ee4f4031a98016241fbd136d24fed127
Matt Johnston <matt@ucc.asn.au>
parents: 14
diff changeset
52 {SSH_MSG_CHANNEL_WINDOW_ADJUST, recv_msg_channel_window_adjust},
45
9ee8996a375f Pubkey auth is mostly there for the client. Something strange with
Matt Johnston <matt@ucc.asn.au>
parents: 35
diff changeset
53 {SSH_MSG_USERAUTH_REQUEST, recv_msg_userauth_request}, /* server */
9ee8996a375f Pubkey auth is mostly there for the client. Something strange with
Matt Johnston <matt@ucc.asn.au>
parents: 35
diff changeset
54 {SSH_MSG_SERVICE_REQUEST, recv_msg_service_request}, /* server */
9ee8996a375f Pubkey auth is mostly there for the client. Something strange with
Matt Johnston <matt@ucc.asn.au>
parents: 35
diff changeset
55 {SSH_MSG_KEXINIT, recv_msg_kexinit},
9ee8996a375f Pubkey auth is mostly there for the client. Something strange with
Matt Johnston <matt@ucc.asn.au>
parents: 35
diff changeset
56 {SSH_MSG_KEXDH_INIT, recv_msg_kexdh_init}, /* server */
9ee8996a375f Pubkey auth is mostly there for the client. Something strange with
Matt Johnston <matt@ucc.asn.au>
parents: 35
diff changeset
57 {SSH_MSG_NEWKEYS, recv_msg_newkeys},
22
c1e5d9195402 merge of abac2150ee4f4031a98016241fbd136d24fed127
Matt Johnston <matt@ucc.asn.au>
parents: 14
diff changeset
58 {SSH_MSG_GLOBAL_REQUEST, recv_msg_global_request_remotetcp},
c1e5d9195402 merge of abac2150ee4f4031a98016241fbd136d24fed127
Matt Johnston <matt@ucc.asn.au>
parents: 14
diff changeset
59 {SSH_MSG_CHANNEL_REQUEST, recv_msg_channel_request},
c1e5d9195402 merge of abac2150ee4f4031a98016241fbd136d24fed127
Matt Johnston <matt@ucc.asn.au>
parents: 14
diff changeset
60 {SSH_MSG_CHANNEL_OPEN, recv_msg_channel_open},
c1e5d9195402 merge of abac2150ee4f4031a98016241fbd136d24fed127
Matt Johnston <matt@ucc.asn.au>
parents: 14
diff changeset
61 {SSH_MSG_CHANNEL_EOF, recv_msg_channel_eof},
c1e5d9195402 merge of abac2150ee4f4031a98016241fbd136d24fed127
Matt Johnston <matt@ucc.asn.au>
parents: 14
diff changeset
62 {SSH_MSG_CHANNEL_CLOSE, recv_msg_channel_close},
970
0bb16232e7c4 Make keepalive handling more robust, this should now match what OpenSSH does
Matt Johnston <matt@ucc.asn.au>
parents: 968
diff changeset
63 {SSH_MSG_CHANNEL_SUCCESS, ignore_recv_response},
0bb16232e7c4 Make keepalive handling more robust, this should now match what OpenSSH does
Matt Johnston <matt@ucc.asn.au>
parents: 968
diff changeset
64 {SSH_MSG_CHANNEL_FAILURE, ignore_recv_response},
0bb16232e7c4 Make keepalive handling more robust, this should now match what OpenSSH does
Matt Johnston <matt@ucc.asn.au>
parents: 968
diff changeset
65 {SSH_MSG_REQUEST_FAILURE, ignore_recv_response}, /* for keepalive */
0bb16232e7c4 Make keepalive handling more robust, this should now match what OpenSSH does
Matt Johnston <matt@ucc.asn.au>
parents: 968
diff changeset
66 {SSH_MSG_REQUEST_SUCCESS, ignore_recv_response}, /* client */
1295
750ec4ec4cbe Convert #ifdef to #if, other build changes
Matt Johnston <matt@ucc.asn.au>
parents: 1276
diff changeset
67 #if DROPBEAR_LISTENERS
22
c1e5d9195402 merge of abac2150ee4f4031a98016241fbd136d24fed127
Matt Johnston <matt@ucc.asn.au>
parents: 14
diff changeset
68 {SSH_MSG_CHANNEL_OPEN_CONFIRMATION, recv_msg_channel_open_confirmation},
c1e5d9195402 merge of abac2150ee4f4031a98016241fbd136d24fed127
Matt Johnston <matt@ucc.asn.au>
parents: 14
diff changeset
69 {SSH_MSG_CHANNEL_OPEN_FAILURE, recv_msg_channel_open_failure},
156
8c2b3506f112 Rearrange preprocessor parts so that compilation with various options
Matt Johnston <matt@ucc.asn.au>
parents: 98
diff changeset
70 #endif
1404
e8f67918fdc9 when pointer, use NULL instead of 0
Francois Perrad <francois.perrad@gadz.org>
parents: 1316
diff changeset
71 {0, NULL} /* End */
22
c1e5d9195402 merge of abac2150ee4f4031a98016241fbd136d24fed127
Matt Johnston <matt@ucc.asn.au>
parents: 14
diff changeset
72 };
c1e5d9195402 merge of abac2150ee4f4031a98016241fbd136d24fed127
Matt Johnston <matt@ucc.asn.au>
parents: 14
diff changeset
73
c1e5d9195402 merge of abac2150ee4f4031a98016241fbd136d24fed127
Matt Johnston <matt@ucc.asn.au>
parents: 14
diff changeset
74 static const struct ChanType *svr_chantypes[] = {
6
ab00ef513e97 Sorted out the first channel init issues.
Matt Johnston <matt@ucc.asn.au>
parents: 5
diff changeset
75 &svrchansess,
1295
750ec4ec4cbe Convert #ifdef to #if, other build changes
Matt Johnston <matt@ucc.asn.au>
parents: 1276
diff changeset
76 #if DROPBEAR_SVR_LOCALTCPFWD
62
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents: 45
diff changeset
77 &svr_chan_tcpdirect,
156
8c2b3506f112 Rearrange preprocessor parts so that compilation with various options
Matt Johnston <matt@ucc.asn.au>
parents: 98
diff changeset
78 #endif
6
ab00ef513e97 Sorted out the first channel init issues.
Matt Johnston <matt@ucc.asn.au>
parents: 5
diff changeset
79 NULL /* Null termination is mandatory. */
ab00ef513e97 Sorted out the first channel init issues.
Matt Johnston <matt@ucc.asn.au>
parents: 5
diff changeset
80 };
ab00ef513e97 Sorted out the first channel init issues.
Matt Johnston <matt@ucc.asn.au>
parents: 5
diff changeset
81
733
70811267715c Run the cleanup handler also when we close due to TCP connection being closed
Matt Johnston <matt@ucc.asn.au>
parents: 726
diff changeset
82 static void
1040
2b4fd440399d Free memory before exiting. Based on patch from Thorsten Horstmann.
Matt Johnston <matt@ucc.asn.au>
parents: 970
diff changeset
83 svr_session_cleanup(void) {
733
70811267715c Run the cleanup handler also when we close due to TCP connection being closed
Matt Johnston <matt@ucc.asn.au>
parents: 726
diff changeset
84 /* free potential public key options */
70811267715c Run the cleanup handler also when we close due to TCP connection being closed
Matt Johnston <matt@ucc.asn.au>
parents: 726
diff changeset
85 svr_pubkey_options_cleanup();
1040
2b4fd440399d Free memory before exiting. Based on patch from Thorsten Horstmann.
Matt Johnston <matt@ucc.asn.au>
parents: 970
diff changeset
86
2b4fd440399d Free memory before exiting. Based on patch from Thorsten Horstmann.
Matt Johnston <matt@ucc.asn.au>
parents: 970
diff changeset
87 m_free(svr_ses.addrstring);
1041
3fb883a6aa81 Some additional cleanup functions
Matt Johnston <matt@ucc.asn.au>
parents: 1040
diff changeset
88 m_free(svr_ses.remotehost);
1040
2b4fd440399d Free memory before exiting. Based on patch from Thorsten Horstmann.
Matt Johnston <matt@ucc.asn.au>
parents: 970
diff changeset
89 m_free(svr_ses.childpids);
1041
3fb883a6aa81 Some additional cleanup functions
Matt Johnston <matt@ucc.asn.au>
parents: 1040
diff changeset
90 svr_ses.childpidsize = 0;
1653
76189c9ffea2 External Public-Key Authentication API (#72)
fabriziobertocci <fabriziobertocci@gmail.com>
parents: 1559
diff changeset
91
1654
cc0fc5131c5c Rename EPKA -> Plugin
Matt Johnston <matt@ucc.asn.au>
parents: 1653
diff changeset
92 #if DROPBEAR_PLUGIN
cc0fc5131c5c Rename EPKA -> Plugin
Matt Johnston <matt@ucc.asn.au>
parents: 1653
diff changeset
93 if (svr_ses.plugin_handle != NULL) {
cc0fc5131c5c Rename EPKA -> Plugin
Matt Johnston <matt@ucc.asn.au>
parents: 1653
diff changeset
94 if (svr_ses.plugin_instance) {
cc0fc5131c5c Rename EPKA -> Plugin
Matt Johnston <matt@ucc.asn.au>
parents: 1653
diff changeset
95 svr_ses.plugin_instance->delete_plugin(svr_ses.plugin_instance);
cc0fc5131c5c Rename EPKA -> Plugin
Matt Johnston <matt@ucc.asn.au>
parents: 1653
diff changeset
96 svr_ses.plugin_instance = NULL;
1653
76189c9ffea2 External Public-Key Authentication API (#72)
fabriziobertocci <fabriziobertocci@gmail.com>
parents: 1559
diff changeset
97 }
76189c9ffea2 External Public-Key Authentication API (#72)
fabriziobertocci <fabriziobertocci@gmail.com>
parents: 1559
diff changeset
98
1654
cc0fc5131c5c Rename EPKA -> Plugin
Matt Johnston <matt@ucc.asn.au>
parents: 1653
diff changeset
99 dlclose(svr_ses.plugin_handle);
cc0fc5131c5c Rename EPKA -> Plugin
Matt Johnston <matt@ucc.asn.au>
parents: 1653
diff changeset
100 svr_ses.plugin_handle = NULL;
1653
76189c9ffea2 External Public-Key Authentication API (#72)
fabriziobertocci <fabriziobertocci@gmail.com>
parents: 1559
diff changeset
101 }
76189c9ffea2 External Public-Key Authentication API (#72)
fabriziobertocci <fabriziobertocci@gmail.com>
parents: 1559
diff changeset
102 #endif
733
70811267715c Run the cleanup handler also when we close due to TCP connection being closed
Matt Johnston <matt@ucc.asn.au>
parents: 726
diff changeset
103 }
70811267715c Run the cleanup handler also when we close due to TCP connection being closed
Matt Johnston <matt@ucc.asn.au>
parents: 726
diff changeset
104
568
005530560594 Rearrange getaddrstring() etc
Matt Johnston <matt@ucc.asn.au>
parents: 553
diff changeset
105 void svr_session(int sock, int childpipe) {
005530560594 Rearrange getaddrstring() etc
Matt Johnston <matt@ucc.asn.au>
parents: 553
diff changeset
106 char *host, *port;
005530560594 Rearrange getaddrstring() etc
Matt Johnston <matt@ucc.asn.au>
parents: 553
diff changeset
107 size_t len;
272
3be7ae2e8dfa Only read /dev/random once when the program starts
Matt Johnston <matt@ucc.asn.au>
parents: 158
diff changeset
108
568
005530560594 Rearrange getaddrstring() etc
Matt Johnston <matt@ucc.asn.au>
parents: 553
diff changeset
109 common_session_init(sock, sock);
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
110
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
111 /* Initialise server specific parts of the session */
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
112 svr_ses.childpipe = childpipe;
1295
750ec4ec4cbe Convert #ifdef to #if, other build changes
Matt Johnston <matt@ucc.asn.au>
parents: 1276
diff changeset
113 #if DROPBEAR_VFORK
553
8711f20b89ab - For uclinux, only cleanup on exit for the main process. This avoids
Matt Johnston <matt@ucc.asn.au>
parents: 496
diff changeset
114 svr_ses.server_pid = getpid();
8711f20b89ab - For uclinux, only cleanup on exit for the main process. This avoids
Matt Johnston <matt@ucc.asn.au>
parents: 496
diff changeset
115 #endif
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
116
568
005530560594 Rearrange getaddrstring() etc
Matt Johnston <matt@ucc.asn.au>
parents: 553
diff changeset
117 /* for logging the remote address */
005530560594 Rearrange getaddrstring() etc
Matt Johnston <matt@ucc.asn.au>
parents: 553
diff changeset
118 get_socket_address(ses.sock_in, NULL, NULL, &host, &port, 0);
005530560594 Rearrange getaddrstring() etc
Matt Johnston <matt@ucc.asn.au>
parents: 553
diff changeset
119 len = strlen(host) + strlen(port) + 2;
005530560594 Rearrange getaddrstring() etc
Matt Johnston <matt@ucc.asn.au>
parents: 553
diff changeset
120 svr_ses.addrstring = m_malloc(len);
005530560594 Rearrange getaddrstring() etc
Matt Johnston <matt@ucc.asn.au>
parents: 553
diff changeset
121 snprintf(svr_ses.addrstring, len, "%s:%s", host, port);
005530560594 Rearrange getaddrstring() etc
Matt Johnston <matt@ucc.asn.au>
parents: 553
diff changeset
122 m_free(host);
005530560594 Rearrange getaddrstring() etc
Matt Johnston <matt@ucc.asn.au>
parents: 553
diff changeset
123 m_free(port);
005530560594 Rearrange getaddrstring() etc
Matt Johnston <matt@ucc.asn.au>
parents: 553
diff changeset
124
1654
cc0fc5131c5c Rename EPKA -> Plugin
Matt Johnston <matt@ucc.asn.au>
parents: 1653
diff changeset
125 #if DROPBEAR_PLUGIN
cc0fc5131c5c Rename EPKA -> Plugin
Matt Johnston <matt@ucc.asn.au>
parents: 1653
diff changeset
126 /* Initializes the PLUGIN Plugin */
cc0fc5131c5c Rename EPKA -> Plugin
Matt Johnston <matt@ucc.asn.au>
parents: 1653
diff changeset
127 svr_ses.plugin_handle = NULL;
cc0fc5131c5c Rename EPKA -> Plugin
Matt Johnston <matt@ucc.asn.au>
parents: 1653
diff changeset
128 svr_ses.plugin_instance = NULL;
1653
76189c9ffea2 External Public-Key Authentication API (#72)
fabriziobertocci <fabriziobertocci@gmail.com>
parents: 1559
diff changeset
129 if (svr_opts.pubkey_plugin) {
76189c9ffea2 External Public-Key Authentication API (#72)
fabriziobertocci <fabriziobertocci@gmail.com>
parents: 1559
diff changeset
130 #if DEBUG_TRACE
76189c9ffea2 External Public-Key Authentication API (#72)
fabriziobertocci <fabriziobertocci@gmail.com>
parents: 1559
diff changeset
131 const int verbose = debug_trace;
76189c9ffea2 External Public-Key Authentication API (#72)
fabriziobertocci <fabriziobertocci@gmail.com>
parents: 1559
diff changeset
132 #else
76189c9ffea2 External Public-Key Authentication API (#72)
fabriziobertocci <fabriziobertocci@gmail.com>
parents: 1559
diff changeset
133 const int verbose = 0;
76189c9ffea2 External Public-Key Authentication API (#72)
fabriziobertocci <fabriziobertocci@gmail.com>
parents: 1559
diff changeset
134 #endif
76189c9ffea2 External Public-Key Authentication API (#72)
fabriziobertocci <fabriziobertocci@gmail.com>
parents: 1559
diff changeset
135 PubkeyExtPlugin_newFn pluginConstructor;
76189c9ffea2 External Public-Key Authentication API (#72)
fabriziobertocci <fabriziobertocci@gmail.com>
parents: 1559
diff changeset
136
76189c9ffea2 External Public-Key Authentication API (#72)
fabriziobertocci <fabriziobertocci@gmail.com>
parents: 1559
diff changeset
137 /* RTLD_NOW: fails if not all the symbols are resolved now. Better fail now than at run-time */
1654
cc0fc5131c5c Rename EPKA -> Plugin
Matt Johnston <matt@ucc.asn.au>
parents: 1653
diff changeset
138 svr_ses.plugin_handle = dlopen(svr_opts.pubkey_plugin, RTLD_NOW);
cc0fc5131c5c Rename EPKA -> Plugin
Matt Johnston <matt@ucc.asn.au>
parents: 1653
diff changeset
139 if (svr_ses.plugin_handle == NULL) {
1653
76189c9ffea2 External Public-Key Authentication API (#72)
fabriziobertocci <fabriziobertocci@gmail.com>
parents: 1559
diff changeset
140 dropbear_exit("failed to load external pubkey plugin '%s': %s", svr_opts.pubkey_plugin, dlerror());
76189c9ffea2 External Public-Key Authentication API (#72)
fabriziobertocci <fabriziobertocci@gmail.com>
parents: 1559
diff changeset
141 }
1654
cc0fc5131c5c Rename EPKA -> Plugin
Matt Johnston <matt@ucc.asn.au>
parents: 1653
diff changeset
142 pluginConstructor = (PubkeyExtPlugin_newFn)dlsym(svr_ses.plugin_handle, DROPBEAR_PUBKEY_PLUGIN_FNNAME_NEW);
1653
76189c9ffea2 External Public-Key Authentication API (#72)
fabriziobertocci <fabriziobertocci@gmail.com>
parents: 1559
diff changeset
143 if (!pluginConstructor) {
76189c9ffea2 External Public-Key Authentication API (#72)
fabriziobertocci <fabriziobertocci@gmail.com>
parents: 1559
diff changeset
144 dropbear_exit("plugin constructor method not found in external pubkey plugin");
76189c9ffea2 External Public-Key Authentication API (#72)
fabriziobertocci <fabriziobertocci@gmail.com>
parents: 1559
diff changeset
145 }
76189c9ffea2 External Public-Key Authentication API (#72)
fabriziobertocci <fabriziobertocci@gmail.com>
parents: 1559
diff changeset
146
76189c9ffea2 External Public-Key Authentication API (#72)
fabriziobertocci <fabriziobertocci@gmail.com>
parents: 1559
diff changeset
147 /* Create an instance of the plugin */
1654
cc0fc5131c5c Rename EPKA -> Plugin
Matt Johnston <matt@ucc.asn.au>
parents: 1653
diff changeset
148 svr_ses.plugin_instance = pluginConstructor(verbose, svr_opts.pubkey_plugin_options, svr_ses.addrstring);
cc0fc5131c5c Rename EPKA -> Plugin
Matt Johnston <matt@ucc.asn.au>
parents: 1653
diff changeset
149 if (svr_ses.plugin_instance == NULL) {
1653
76189c9ffea2 External Public-Key Authentication API (#72)
fabriziobertocci <fabriziobertocci@gmail.com>
parents: 1559
diff changeset
150 dropbear_exit("external plugin initialization failed");
76189c9ffea2 External Public-Key Authentication API (#72)
fabriziobertocci <fabriziobertocci@gmail.com>
parents: 1559
diff changeset
151 }
76189c9ffea2 External Public-Key Authentication API (#72)
fabriziobertocci <fabriziobertocci@gmail.com>
parents: 1559
diff changeset
152 /* Check if the plugin is compatible */
1654
cc0fc5131c5c Rename EPKA -> Plugin
Matt Johnston <matt@ucc.asn.au>
parents: 1653
diff changeset
153 if ( (svr_ses.plugin_instance->api_version[0] != DROPBEAR_PLUGIN_VERSION_MAJOR) ||
cc0fc5131c5c Rename EPKA -> Plugin
Matt Johnston <matt@ucc.asn.au>
parents: 1653
diff changeset
154 (svr_ses.plugin_instance->api_version[1] < DROPBEAR_PLUGIN_VERSION_MINOR) ) {
1653
76189c9ffea2 External Public-Key Authentication API (#72)
fabriziobertocci <fabriziobertocci@gmail.com>
parents: 1559
diff changeset
155 dropbear_exit("plugin version check failed: "
76189c9ffea2 External Public-Key Authentication API (#72)
fabriziobertocci <fabriziobertocci@gmail.com>
parents: 1559
diff changeset
156 "Dropbear=%d.%d, plugin=%d.%d",
1654
cc0fc5131c5c Rename EPKA -> Plugin
Matt Johnston <matt@ucc.asn.au>
parents: 1653
diff changeset
157 DROPBEAR_PLUGIN_VERSION_MAJOR, DROPBEAR_PLUGIN_VERSION_MINOR,
cc0fc5131c5c Rename EPKA -> Plugin
Matt Johnston <matt@ucc.asn.au>
parents: 1653
diff changeset
158 svr_ses.plugin_instance->api_version[0], svr_ses.plugin_instance->api_version[1]);
1653
76189c9ffea2 External Public-Key Authentication API (#72)
fabriziobertocci <fabriziobertocci@gmail.com>
parents: 1559
diff changeset
159 }
1654
cc0fc5131c5c Rename EPKA -> Plugin
Matt Johnston <matt@ucc.asn.au>
parents: 1653
diff changeset
160 if (svr_ses.plugin_instance->api_version[1] > DROPBEAR_PLUGIN_VERSION_MINOR) {
1653
76189c9ffea2 External Public-Key Authentication API (#72)
fabriziobertocci <fabriziobertocci@gmail.com>
parents: 1559
diff changeset
161 dropbear_log(LOG_WARNING, "plugin API newer than dropbear API: "
76189c9ffea2 External Public-Key Authentication API (#72)
fabriziobertocci <fabriziobertocci@gmail.com>
parents: 1559
diff changeset
162 "Dropbear=%d.%d, plugin=%d.%d",
1654
cc0fc5131c5c Rename EPKA -> Plugin
Matt Johnston <matt@ucc.asn.au>
parents: 1653
diff changeset
163 DROPBEAR_PLUGIN_VERSION_MAJOR, DROPBEAR_PLUGIN_VERSION_MINOR,
cc0fc5131c5c Rename EPKA -> Plugin
Matt Johnston <matt@ucc.asn.au>
parents: 1653
diff changeset
164 svr_ses.plugin_instance->api_version[0], svr_ses.plugin_instance->api_version[1]);
1653
76189c9ffea2 External Public-Key Authentication API (#72)
fabriziobertocci <fabriziobertocci@gmail.com>
parents: 1559
diff changeset
165 }
76189c9ffea2 External Public-Key Authentication API (#72)
fabriziobertocci <fabriziobertocci@gmail.com>
parents: 1559
diff changeset
166 dropbear_log(LOG_INFO, "successfully loaded and initialized pubkey plugin '%s'", svr_opts.pubkey_plugin);
76189c9ffea2 External Public-Key Authentication API (#72)
fabriziobertocci <fabriziobertocci@gmail.com>
parents: 1559
diff changeset
167 }
76189c9ffea2 External Public-Key Authentication API (#72)
fabriziobertocci <fabriziobertocci@gmail.com>
parents: 1559
diff changeset
168 #endif
76189c9ffea2 External Public-Key Authentication API (#72)
fabriziobertocci <fabriziobertocci@gmail.com>
parents: 1559
diff changeset
169
76189c9ffea2 External Public-Key Authentication API (#72)
fabriziobertocci <fabriziobertocci@gmail.com>
parents: 1559
diff changeset
170 svr_authinitialise();
76189c9ffea2 External Public-Key Authentication API (#72)
fabriziobertocci <fabriziobertocci@gmail.com>
parents: 1559
diff changeset
171 chaninitialise(svr_chantypes);
76189c9ffea2 External Public-Key Authentication API (#72)
fabriziobertocci <fabriziobertocci@gmail.com>
parents: 1559
diff changeset
172 svr_chansessinitialise();
76189c9ffea2 External Public-Key Authentication API (#72)
fabriziobertocci <fabriziobertocci@gmail.com>
parents: 1559
diff changeset
173 svr_algos_initialise();
76189c9ffea2 External Public-Key Authentication API (#72)
fabriziobertocci <fabriziobertocci@gmail.com>
parents: 1559
diff changeset
174
572
8fd0ac8c8cab Move remotehost into svr_ses structure since we can't look it up
Matt Johnston <matt@ucc.asn.au>
parents: 568
diff changeset
175 get_socket_address(ses.sock_in, NULL, NULL,
8fd0ac8c8cab Move remotehost into svr_ses structure since we can't look it up
Matt Johnston <matt@ucc.asn.au>
parents: 568
diff changeset
176 &svr_ses.remotehost, NULL, 1);
8fd0ac8c8cab Move remotehost into svr_ses structure since we can't look it up
Matt Johnston <matt@ucc.asn.au>
parents: 568
diff changeset
177
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
178 /* set up messages etc */
33
f789045062e6 Progressing client support
Matt Johnston <matt@ucc.asn.au>
parents: 26
diff changeset
179 ses.remoteclosed = svr_remoteclosed;
733
70811267715c Run the cleanup handler also when we close due to TCP connection being closed
Matt Johnston <matt@ucc.asn.au>
parents: 726
diff changeset
180 ses.extra_session_cleanup = svr_session_cleanup;
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
181
22
c1e5d9195402 merge of abac2150ee4f4031a98016241fbd136d24fed127
Matt Johnston <matt@ucc.asn.au>
parents: 14
diff changeset
182 /* packet handlers */
c1e5d9195402 merge of abac2150ee4f4031a98016241fbd136d24fed127
Matt Johnston <matt@ucc.asn.au>
parents: 14
diff changeset
183 ses.packettypes = svr_packettypes;
c1e5d9195402 merge of abac2150ee4f4031a98016241fbd136d24fed127
Matt Johnston <matt@ucc.asn.au>
parents: 14
diff changeset
184
35
0ad5fb979f42 set the isserver flag (oops)
Matt Johnston <matt@ucc.asn.au>
parents: 33
diff changeset
185 ses.isserver = 1;
0ad5fb979f42 set the isserver flag (oops)
Matt Johnston <matt@ucc.asn.au>
parents: 33
diff changeset
186
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
187 /* We're ready to go now */
1495
0c16b4ccbd54 make signal flags volatile, simplify handling
Matt Johnston <matt@ucc.asn.au>
parents: 1404
diff changeset
188 ses.init_done = 1;
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
189
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
190 /* exchange identification, version etc */
726
78eda530c000 send out our kexinit packet before blocking to read the SSH version string
Matt Johnston <matt@ucc.asn.au>
parents: 687
diff changeset
191 send_session_identification();
1083
8e0280986710 Make sure kexfirstinitialise is called early enough
Matt Johnston <matt@ucc.asn.au>
parents: 1041
diff changeset
192
8e0280986710 Make sure kexfirstinitialise is called early enough
Matt Johnston <matt@ucc.asn.au>
parents: 1041
diff changeset
193 kexfirstinitialise(); /* initialise the kex state */
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
194
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
195 /* start off with key exchange */
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
196 send_msg_kexinit();
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
197
26
0969767bca0d snapshot of stuff
Matt Johnston <matt@ucc.asn.au>
parents: 24
diff changeset
198 /* Run the main for loop. NULL is for the dispatcher - only the client
0969767bca0d snapshot of stuff
Matt Johnston <matt@ucc.asn.au>
parents: 24
diff changeset
199 * code makes use of it */
1495
0c16b4ccbd54 make signal flags volatile, simplify handling
Matt Johnston <matt@ucc.asn.au>
parents: 1404
diff changeset
200 session_loop(svr_chansess_checksignal);
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
201
26
0969767bca0d snapshot of stuff
Matt Johnston <matt@ucc.asn.au>
parents: 24
diff changeset
202 /* Not reached */
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
203
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
204 }
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
205
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
206 /* failure exit - format must be <= 100 chars */
5
bc6477a6c393 syntactical fixups - it compiles, but channel handling code requires fixing.
Matt Johnston <matt@ucc.asn.au>
parents: 4
diff changeset
207 void svr_dropbear_exit(int exitcode, const char* format, va_list param) {
1304
b66a483f3dcb Improve exit message formatting
Matt Johnston <matt@ucc.asn.au>
parents: 1276
diff changeset
208 char exitmsg[150];
b66a483f3dcb Improve exit message formatting
Matt Johnston <matt@ucc.asn.au>
parents: 1276
diff changeset
209 char fullmsg[300];
1040
2b4fd440399d Free memory before exiting. Based on patch from Thorsten Horstmann.
Matt Johnston <matt@ucc.asn.au>
parents: 970
diff changeset
210 int i;
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
211
1654
cc0fc5131c5c Rename EPKA -> Plugin
Matt Johnston <matt@ucc.asn.au>
parents: 1653
diff changeset
212 #if DROPBEAR_PLUGIN
cc0fc5131c5c Rename EPKA -> Plugin
Matt Johnston <matt@ucc.asn.au>
parents: 1653
diff changeset
213 if ((ses.plugin_session != NULL)) {
cc0fc5131c5c Rename EPKA -> Plugin
Matt Johnston <matt@ucc.asn.au>
parents: 1653
diff changeset
214 svr_ses.plugin_instance->delete_session(ses.plugin_session);
1653
76189c9ffea2 External Public-Key Authentication API (#72)
fabriziobertocci <fabriziobertocci@gmail.com>
parents: 1559
diff changeset
215 }
1654
cc0fc5131c5c Rename EPKA -> Plugin
Matt Johnston <matt@ucc.asn.au>
parents: 1653
diff changeset
216 ses.plugin_session = NULL;
1653
76189c9ffea2 External Public-Key Authentication API (#72)
fabriziobertocci <fabriziobertocci@gmail.com>
parents: 1559
diff changeset
217 #endif
76189c9ffea2 External Public-Key Authentication API (#72)
fabriziobertocci <fabriziobertocci@gmail.com>
parents: 1559
diff changeset
218
1304
b66a483f3dcb Improve exit message formatting
Matt Johnston <matt@ucc.asn.au>
parents: 1276
diff changeset
219 /* Render the formatted exit message */
b66a483f3dcb Improve exit message formatting
Matt Johnston <matt@ucc.asn.au>
parents: 1276
diff changeset
220 vsnprintf(exitmsg, sizeof(exitmsg), format, param);
b66a483f3dcb Improve exit message formatting
Matt Johnston <matt@ucc.asn.au>
parents: 1276
diff changeset
221
b66a483f3dcb Improve exit message formatting
Matt Johnston <matt@ucc.asn.au>
parents: 1276
diff changeset
222 /* Add the prefix depending on session/auth state */
1495
0c16b4ccbd54 make signal flags volatile, simplify handling
Matt Johnston <matt@ucc.asn.au>
parents: 1404
diff changeset
223 if (!ses.init_done) {
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
224 /* before session init */
1304
b66a483f3dcb Improve exit message formatting
Matt Johnston <matt@ucc.asn.au>
parents: 1276
diff changeset
225 snprintf(fullmsg, sizeof(fullmsg), "Early exit: %s", exitmsg);
33
f789045062e6 Progressing client support
Matt Johnston <matt@ucc.asn.au>
parents: 26
diff changeset
226 } else if (ses.authstate.authdone) {
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
227 /* user has authenticated */
1304
b66a483f3dcb Improve exit message formatting
Matt Johnston <matt@ucc.asn.au>
parents: 1276
diff changeset
228 snprintf(fullmsg, sizeof(fullmsg),
594
a98a2138364a Improve capitalisation for all logged strings
Matt Johnston <matt@ucc.asn.au>
parents: 572
diff changeset
229 "Exit (%s): %s",
1304
b66a483f3dcb Improve exit message formatting
Matt Johnston <matt@ucc.asn.au>
parents: 1276
diff changeset
230 ses.authstate.pw_name, exitmsg);
464
4317be8b7cf9 Make a copy of passwd fields since getpwnam()'s retval isn't safe to keep
Matt Johnston <matt@ucc.asn.au>
parents: 454
diff changeset
231 } else if (ses.authstate.pw_name) {
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
232 /* we have a potential user */
1304
b66a483f3dcb Improve exit message formatting
Matt Johnston <matt@ucc.asn.au>
parents: 1276
diff changeset
233 snprintf(fullmsg, sizeof(fullmsg),
1237
888e3d17e962 Fix print format specifier
Chocobo1 <Chocobo1@users.noreply.github.com>
parents: 1215
diff changeset
234 "Exit before auth (user '%s', %u fails): %s",
1304
b66a483f3dcb Improve exit message formatting
Matt Johnston <matt@ucc.asn.au>
parents: 1276
diff changeset
235 ses.authstate.pw_name, ses.authstate.failcount, exitmsg);
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
236 } else {
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
237 /* before userauth */
1304
b66a483f3dcb Improve exit message formatting
Matt Johnston <matt@ucc.asn.au>
parents: 1276
diff changeset
238 snprintf(fullmsg, sizeof(fullmsg), "Exit before auth: %s", exitmsg);
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
239 }
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
240
1304
b66a483f3dcb Improve exit message formatting
Matt Johnston <matt@ucc.asn.au>
parents: 1276
diff changeset
241 dropbear_log(LOG_INFO, "%s", fullmsg);
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
242
1295
750ec4ec4cbe Convert #ifdef to #if, other build changes
Matt Johnston <matt@ucc.asn.au>
parents: 1276
diff changeset
243 #if DROPBEAR_VFORK
667
fc7ae88e63b3 Rename HAVE_FORK to USE_VFORK
Matt Johnston <matt@ucc.asn.au>
parents: 666
diff changeset
244 /* For uclinux only the main server process should cleanup - we don't want
553
8711f20b89ab - For uclinux, only cleanup on exit for the main process. This avoids
Matt Johnston <matt@ucc.asn.au>
parents: 496
diff changeset
245 * forked children doing that */
8711f20b89ab - For uclinux, only cleanup on exit for the main process. This avoids
Matt Johnston <matt@ucc.asn.au>
parents: 496
diff changeset
246 if (svr_ses.server_pid == getpid())
8711f20b89ab - For uclinux, only cleanup on exit for the main process. This avoids
Matt Johnston <matt@ucc.asn.au>
parents: 496
diff changeset
247 #endif
8711f20b89ab - For uclinux, only cleanup on exit for the main process. This avoids
Matt Johnston <matt@ucc.asn.au>
parents: 496
diff changeset
248 {
8711f20b89ab - For uclinux, only cleanup on exit for the main process. This avoids
Matt Johnston <matt@ucc.asn.au>
parents: 496
diff changeset
249 /* must be after we've done with username etc */
733
70811267715c Run the cleanup handler also when we close due to TCP connection being closed
Matt Johnston <matt@ucc.asn.au>
parents: 726
diff changeset
250 session_cleanup();
553
8711f20b89ab - For uclinux, only cleanup on exit for the main process. This avoids
Matt Johnston <matt@ucc.asn.au>
parents: 496
diff changeset
251 }
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
252
1558
2f64cb3d3007 - #if not #ifdef for DROPBEAR_FUZZ
Matt Johnston <matt@ucc.asn.au>
parents: 1546
diff changeset
253 #if DROPBEAR_FUZZ
1559
92c93b4a3646 Fix to be able to compile normal(ish) binaries with --enable-fuzz
Matt Johnston <matt@ucc.asn.au>
parents: 1558
diff changeset
254 /* longjmp before cleaning up svr_opts */
1385
6c92e97553f1 Add a flag whether to longjmp, missed that last commit
Matt Johnston <matt@ucc.asn.au>
parents: 1358
diff changeset
255 if (fuzz.do_jmp) {
1348
5c2899e35b63 fuzz harness
Matt Johnston <matt@ucc.asn.au>
parents: 1347
diff changeset
256 longjmp(fuzz.jmp, 1);
5c2899e35b63 fuzz harness
Matt Johnston <matt@ucc.asn.au>
parents: 1347
diff changeset
257 }
5c2899e35b63 fuzz harness
Matt Johnston <matt@ucc.asn.au>
parents: 1347
diff changeset
258 #endif
5c2899e35b63 fuzz harness
Matt Johnston <matt@ucc.asn.au>
parents: 1347
diff changeset
259
1040
2b4fd440399d Free memory before exiting. Based on patch from Thorsten Horstmann.
Matt Johnston <matt@ucc.asn.au>
parents: 970
diff changeset
260 if (svr_opts.hostkey) {
2b4fd440399d Free memory before exiting. Based on patch from Thorsten Horstmann.
Matt Johnston <matt@ucc.asn.au>
parents: 970
diff changeset
261 sign_key_free(svr_opts.hostkey);
2b4fd440399d Free memory before exiting. Based on patch from Thorsten Horstmann.
Matt Johnston <matt@ucc.asn.au>
parents: 970
diff changeset
262 svr_opts.hostkey = NULL;
2b4fd440399d Free memory before exiting. Based on patch from Thorsten Horstmann.
Matt Johnston <matt@ucc.asn.au>
parents: 970
diff changeset
263 }
2b4fd440399d Free memory before exiting. Based on patch from Thorsten Horstmann.
Matt Johnston <matt@ucc.asn.au>
parents: 970
diff changeset
264 for (i = 0; i < DROPBEAR_MAX_PORTS; i++) {
2b4fd440399d Free memory before exiting. Based on patch from Thorsten Horstmann.
Matt Johnston <matt@ucc.asn.au>
parents: 970
diff changeset
265 m_free(svr_opts.addresses[i]);
2b4fd440399d Free memory before exiting. Based on patch from Thorsten Horstmann.
Matt Johnston <matt@ucc.asn.au>
parents: 970
diff changeset
266 m_free(svr_opts.ports[i]);
2b4fd440399d Free memory before exiting. Based on patch from Thorsten Horstmann.
Matt Johnston <matt@ucc.asn.au>
parents: 970
diff changeset
267 }
2b4fd440399d Free memory before exiting. Based on patch from Thorsten Horstmann.
Matt Johnston <matt@ucc.asn.au>
parents: 970
diff changeset
268
1347
b28624698130 copy over some fuzzing code from AFL branch
Matt Johnston <matt@ucc.asn.au>
parents: 1304
diff changeset
269
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
270 exit(exitcode);
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
271
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
272 }
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
273
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
274 /* priority is priority as with syslog() */
5
bc6477a6c393 syntactical fixups - it compiles, but channel handling code requires fixing.
Matt Johnston <matt@ucc.asn.au>
parents: 4
diff changeset
275 void svr_dropbear_log(int priority, const char* format, va_list param) {
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
276
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
277 char printbuf[1024];
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
278 char datestr[20];
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
279 time_t timesec;
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
280 int havetrace = 0;
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
281
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
282 vsnprintf(printbuf, sizeof(printbuf), format, param);
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
283
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
284 #ifndef DISABLE_SYSLOG
1210
64a50eac1030 Moved usingsyslog from svr_runopts to runopts.
Konstantin Tokarev <ktokarev@smartlabs.tv>
parents: 1139
diff changeset
285 if (opts.usingsyslog) {
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
286 syslog(priority, "%s", printbuf);
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
287 }
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
288 #endif
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
289
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
290 /* if we are using DEBUG_TRACE, we want to print to stderr even if
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
291 * syslog is used, so it is included in error reports */
1295
750ec4ec4cbe Convert #ifdef to #if, other build changes
Matt Johnston <matt@ucc.asn.au>
parents: 1276
diff changeset
292 #if DEBUG_TRACE
98
297167ef41bd Fix for printing out things with inetd mode when we have DEBUG_TRACE
Matt Johnston <matt@ucc.asn.au>
parents: 68
diff changeset
293 havetrace = debug_trace;
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
294 #endif
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
295
1215
d058e15ea213 A few minor style fixes
Matt Johnston <matt@ucc.asn.au>
parents: 1210
diff changeset
296 if (!opts.usingsyslog || havetrace) {
404
a588558bfc94 Fix potential null pointer dereference found by Klokwork
Matt Johnston <matt@ucc.asn.au>
parents: 272
diff changeset
297 struct tm * local_tm = NULL;
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
298 timesec = time(NULL);
404
a588558bfc94 Fix potential null pointer dereference found by Klokwork
Matt Johnston <matt@ucc.asn.au>
parents: 272
diff changeset
299 local_tm = localtime(&timesec);
a588558bfc94 Fix potential null pointer dereference found by Klokwork
Matt Johnston <matt@ucc.asn.au>
parents: 272
diff changeset
300 if (local_tm == NULL
a588558bfc94 Fix potential null pointer dereference found by Klokwork
Matt Johnston <matt@ucc.asn.au>
parents: 272
diff changeset
301 || strftime(datestr, sizeof(datestr), "%b %d %H:%M:%S",
618
b5cc8878d5ec Properly fix the bug found years ago by Klocwork, refound again.
Matt Johnston <matt@ucc.asn.au>
parents: 594
diff changeset
302 local_tm) == 0)
404
a588558bfc94 Fix potential null pointer dereference found by Klokwork
Matt Johnston <matt@ucc.asn.au>
parents: 272
diff changeset
303 {
433
c216212001fc Fix for -pedantic -ansi compilation, change // to /**/, plus some signedness
Matt Johnston <matt@ucc.asn.au>
parents: 404
diff changeset
304 /* upon failure, just print the epoch-seconds time. */
479
e3db1f7a2e43 - Split main socket var into ses.sock_in/ses.sock_out in preparation
Matt Johnston <matt@ucc.asn.au>
parents: 464
diff changeset
305 snprintf(datestr, sizeof(datestr), "%d", (int)timesec);
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
306 }
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
307 fprintf(stderr, "[%d] %s %s\n", getpid(), datestr, printbuf);
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
308 }
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
309 }
5
bc6477a6c393 syntactical fixups - it compiles, but channel handling code requires fixing.
Matt Johnston <matt@ucc.asn.au>
parents: 4
diff changeset
310
bc6477a6c393 syntactical fixups - it compiles, but channel handling code requires fixing.
Matt Johnston <matt@ucc.asn.au>
parents: 4
diff changeset
311 /* called when the remote side closes the connection */
bc6477a6c393 syntactical fixups - it compiles, but channel handling code requires fixing.
Matt Johnston <matt@ucc.asn.au>
parents: 4
diff changeset
312 static void svr_remoteclosed() {
bc6477a6c393 syntactical fixups - it compiles, but channel handling code requires fixing.
Matt Johnston <matt@ucc.asn.au>
parents: 4
diff changeset
313
479
e3db1f7a2e43 - Split main socket var into ses.sock_in/ses.sock_out in preparation
Matt Johnston <matt@ucc.asn.au>
parents: 464
diff changeset
314 m_close(ses.sock_in);
1358
6b89eb92f872 glaring wrapfd problems fixed
Matt Johnston <matt@ucc.asn.au>
parents: 1355
diff changeset
315 if (ses.sock_in != ses.sock_out) {
6b89eb92f872 glaring wrapfd problems fixed
Matt Johnston <matt@ucc.asn.au>
parents: 1355
diff changeset
316 m_close(ses.sock_out);
6b89eb92f872 glaring wrapfd problems fixed
Matt Johnston <matt@ucc.asn.au>
parents: 1355
diff changeset
317 }
479
e3db1f7a2e43 - Split main socket var into ses.sock_in/ses.sock_out in preparation
Matt Johnston <matt@ucc.asn.au>
parents: 464
diff changeset
318 ses.sock_in = -1;
e3db1f7a2e43 - Split main socket var into ses.sock_in/ses.sock_out in preparation
Matt Johnston <matt@ucc.asn.au>
parents: 464
diff changeset
319 ses.sock_out = -1;
5
bc6477a6c393 syntactical fixups - it compiles, but channel handling code requires fixing.
Matt Johnston <matt@ucc.asn.au>
parents: 4
diff changeset
320 dropbear_close("Exited normally");
bc6477a6c393 syntactical fixups - it compiles, but channel handling code requires fixing.
Matt Johnston <matt@ucc.asn.au>
parents: 4
diff changeset
321
bc6477a6c393 syntactical fixups - it compiles, but channel handling code requires fixing.
Matt Johnston <matt@ucc.asn.au>
parents: 4
diff changeset
322 }
bc6477a6c393 syntactical fixups - it compiles, but channel handling code requires fixing.
Matt Johnston <matt@ucc.asn.au>
parents: 4
diff changeset
323
1544
d1a8a05216ff make group1 client-only
Matt Johnston <matt@ucc.asn.au>
parents: 1495
diff changeset
324 static void svr_algos_initialise(void) {
d1a8a05216ff make group1 client-only
Matt Johnston <matt@ucc.asn.au>
parents: 1495
diff changeset
325 #if DROPBEAR_DH_GROUP1 && DROPBEAR_DH_GROUP1_CLIENTONLY
d1a8a05216ff make group1 client-only
Matt Johnston <matt@ucc.asn.au>
parents: 1495
diff changeset
326 algo_type *algo;
d1a8a05216ff make group1 client-only
Matt Johnston <matt@ucc.asn.au>
parents: 1495
diff changeset
327 for (algo = sshkex; algo->name; algo++) {
d1a8a05216ff make group1 client-only
Matt Johnston <matt@ucc.asn.au>
parents: 1495
diff changeset
328 if (strcmp(algo->name, "diffie-hellman-group1-sha1") == 0) {
d1a8a05216ff make group1 client-only
Matt Johnston <matt@ucc.asn.au>
parents: 1495
diff changeset
329 algo->usable = 0;
d1a8a05216ff make group1 client-only
Matt Johnston <matt@ucc.asn.au>
parents: 1495
diff changeset
330 }
d1a8a05216ff make group1 client-only
Matt Johnston <matt@ucc.asn.au>
parents: 1495
diff changeset
331 }
d1a8a05216ff make group1 client-only
Matt Johnston <matt@ucc.asn.au>
parents: 1495
diff changeset
332 #endif
d1a8a05216ff make group1 client-only
Matt Johnston <matt@ucc.asn.au>
parents: 1495
diff changeset
333 }
d1a8a05216ff make group1 client-only
Matt Johnston <matt@ucc.asn.au>
parents: 1495
diff changeset
334