annotate cli-session.c @ 1004:d63b569a7c86

changes for 2015.67
author Matt Johnston <matt@ucc.asn.au>
date Wed, 28 Jan 2015 22:49:28 +0800
parents 0bb16232e7c4
children 73ea0dce9a57 02baa0b334e8 38d2f6b2d1b8
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
rev   line source
74
e3adf4cf5465 License boilerplate etc, add Mihnea as an author to some of the files
Matt Johnston <matt@ucc.asn.au>
parents: 68
diff changeset
1 /*
e3adf4cf5465 License boilerplate etc, add Mihnea as an author to some of the files
Matt Johnston <matt@ucc.asn.au>
parents: 68
diff changeset
2 * Dropbear SSH
e3adf4cf5465 License boilerplate etc, add Mihnea as an author to some of the files
Matt Johnston <matt@ucc.asn.au>
parents: 68
diff changeset
3 *
e3adf4cf5465 License boilerplate etc, add Mihnea as an author to some of the files
Matt Johnston <matt@ucc.asn.au>
parents: 68
diff changeset
4 * Copyright (c) 2002,2003 Matt Johnston
e3adf4cf5465 License boilerplate etc, add Mihnea as an author to some of the files
Matt Johnston <matt@ucc.asn.au>
parents: 68
diff changeset
5 * Copyright (c) 2004 by Mihnea Stoenescu
e3adf4cf5465 License boilerplate etc, add Mihnea as an author to some of the files
Matt Johnston <matt@ucc.asn.au>
parents: 68
diff changeset
6 * All rights reserved.
e3adf4cf5465 License boilerplate etc, add Mihnea as an author to some of the files
Matt Johnston <matt@ucc.asn.au>
parents: 68
diff changeset
7 *
e3adf4cf5465 License boilerplate etc, add Mihnea as an author to some of the files
Matt Johnston <matt@ucc.asn.au>
parents: 68
diff changeset
8 * Permission is hereby granted, free of charge, to any person obtaining a copy
e3adf4cf5465 License boilerplate etc, add Mihnea as an author to some of the files
Matt Johnston <matt@ucc.asn.au>
parents: 68
diff changeset
9 * of this software and associated documentation files (the "Software"), to deal
e3adf4cf5465 License boilerplate etc, add Mihnea as an author to some of the files
Matt Johnston <matt@ucc.asn.au>
parents: 68
diff changeset
10 * in the Software without restriction, including without limitation the rights
e3adf4cf5465 License boilerplate etc, add Mihnea as an author to some of the files
Matt Johnston <matt@ucc.asn.au>
parents: 68
diff changeset
11 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
e3adf4cf5465 License boilerplate etc, add Mihnea as an author to some of the files
Matt Johnston <matt@ucc.asn.au>
parents: 68
diff changeset
12 * copies of the Software, and to permit persons to whom the Software is
e3adf4cf5465 License boilerplate etc, add Mihnea as an author to some of the files
Matt Johnston <matt@ucc.asn.au>
parents: 68
diff changeset
13 * furnished to do so, subject to the following conditions:
e3adf4cf5465 License boilerplate etc, add Mihnea as an author to some of the files
Matt Johnston <matt@ucc.asn.au>
parents: 68
diff changeset
14 *
e3adf4cf5465 License boilerplate etc, add Mihnea as an author to some of the files
Matt Johnston <matt@ucc.asn.au>
parents: 68
diff changeset
15 * The above copyright notice and this permission notice shall be included in
e3adf4cf5465 License boilerplate etc, add Mihnea as an author to some of the files
Matt Johnston <matt@ucc.asn.au>
parents: 68
diff changeset
16 * all copies or substantial portions of the Software.
e3adf4cf5465 License boilerplate etc, add Mihnea as an author to some of the files
Matt Johnston <matt@ucc.asn.au>
parents: 68
diff changeset
17 *
e3adf4cf5465 License boilerplate etc, add Mihnea as an author to some of the files
Matt Johnston <matt@ucc.asn.au>
parents: 68
diff changeset
18 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
e3adf4cf5465 License boilerplate etc, add Mihnea as an author to some of the files
Matt Johnston <matt@ucc.asn.au>
parents: 68
diff changeset
19 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
e3adf4cf5465 License boilerplate etc, add Mihnea as an author to some of the files
Matt Johnston <matt@ucc.asn.au>
parents: 68
diff changeset
20 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
e3adf4cf5465 License boilerplate etc, add Mihnea as an author to some of the files
Matt Johnston <matt@ucc.asn.au>
parents: 68
diff changeset
21 * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
e3adf4cf5465 License boilerplate etc, add Mihnea as an author to some of the files
Matt Johnston <matt@ucc.asn.au>
parents: 68
diff changeset
22 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
e3adf4cf5465 License boilerplate etc, add Mihnea as an author to some of the files
Matt Johnston <matt@ucc.asn.au>
parents: 68
diff changeset
23 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
e3adf4cf5465 License boilerplate etc, add Mihnea as an author to some of the files
Matt Johnston <matt@ucc.asn.au>
parents: 68
diff changeset
24 * SOFTWARE. */
e3adf4cf5465 License boilerplate etc, add Mihnea as an author to some of the files
Matt Johnston <matt@ucc.asn.au>
parents: 68
diff changeset
25
26
0969767bca0d snapshot of stuff
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
26 #include "includes.h"
0969767bca0d snapshot of stuff
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
27 #include "session.h"
0969767bca0d snapshot of stuff
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
28 #include "dbutil.h"
0969767bca0d snapshot of stuff
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
29 #include "kex.h"
0969767bca0d snapshot of stuff
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
30 #include "ssh.h"
0969767bca0d snapshot of stuff
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
31 #include "packet.h"
64
efb5e0b335cf TCP forwarding works.
Matt Johnston <matt@ucc.asn.au>
parents: 62
diff changeset
32 #include "tcpfwd.h"
26
0969767bca0d snapshot of stuff
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
33 #include "channel.h"
858
220f55d540ae rename random.h to dbrandom.h since some OSes have a system random.h
Matt Johnston <matt@ucc.asn.au>
parents: 857
diff changeset
34 #include "dbrandom.h"
33
f789045062e6 Progressing client support
Matt Johnston <matt@ucc.asn.au>
parents: 26
diff changeset
35 #include "service.h"
40
b4874d772210 - Added terminal mode handling etc for the client, and window change
Matt Johnston <matt@ucc.asn.au>
parents: 39
diff changeset
36 #include "runopts.h"
b4874d772210 - Added terminal mode handling etc for the client, and window change
Matt Johnston <matt@ucc.asn.au>
parents: 39
diff changeset
37 #include "chansession.h"
547
cf376c696dfc Make it compile, update for changes in channel structure.
Matt Johnston <matt@ucc.asn.au>
parents: 546
diff changeset
38 #include "agentfwd.h"
766
d1575fdc29a6 start on ecdsa keys
Matt Johnston <matt@ucc.asn.au>
parents: 686
diff changeset
39 #include "crypto_desc.h"
26
0969767bca0d snapshot of stuff
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
40
0969767bca0d snapshot of stuff
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
41 static void cli_remoteclosed();
0969767bca0d snapshot of stuff
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
42 static void cli_sessionloop();
33
f789045062e6 Progressing client support
Matt Johnston <matt@ucc.asn.au>
parents: 26
diff changeset
43 static void cli_session_init();
40
b4874d772210 - Added terminal mode handling etc for the client, and window change
Matt Johnston <matt@ucc.asn.au>
parents: 39
diff changeset
44 static void cli_finished();
727
00bc3df3a9c3 Don't bother waiting for a ssh-connection service reply - the server
Matt Johnston <matt@ucc.asn.au>
parents: 726
diff changeset
45 static void recv_msg_service_accept(void);
733
70811267715c Run the cleanup handler also when we close due to TCP connection being closed
Matt Johnston <matt@ucc.asn.au>
parents: 731
diff changeset
46 static void cli_session_cleanup(void);
937
4ad38e223ccd Send a failure response if a client receives a global request
Matt Johnston <matt@ucc.asn.au>
parents: 883
diff changeset
47 static void recv_msg_global_request_cli(void);
26
0969767bca0d snapshot of stuff
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
48
0969767bca0d snapshot of stuff
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
49 struct clientsession cli_ses; /* GLOBAL */
0969767bca0d snapshot of stuff
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
50
45
9ee8996a375f Pubkey auth is mostly there for the client. Something strange with
Matt Johnston <matt@ucc.asn.au>
parents: 43
diff changeset
51 /* Sorted in decreasing frequency will be more efficient - data and window
9ee8996a375f Pubkey auth is mostly there for the client. Something strange with
Matt Johnston <matt@ucc.asn.au>
parents: 43
diff changeset
52 * should be first */
26
0969767bca0d snapshot of stuff
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
53 static const packettype cli_packettypes[] = {
74
e3adf4cf5465 License boilerplate etc, add Mihnea as an author to some of the files
Matt Johnston <matt@ucc.asn.au>
parents: 68
diff changeset
54 /* TYPE, FUNCTION */
26
0969767bca0d snapshot of stuff
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
55 {SSH_MSG_CHANNEL_DATA, recv_msg_channel_data},
107
Matt Johnston <matt@ucc.asn.au>
parents: 100
diff changeset
56 {SSH_MSG_CHANNEL_EXTENDED_DATA, recv_msg_channel_extended_data},
26
0969767bca0d snapshot of stuff
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
57 {SSH_MSG_CHANNEL_WINDOW_ADJUST, recv_msg_channel_window_adjust},
45
9ee8996a375f Pubkey auth is mostly there for the client. Something strange with
Matt Johnston <matt@ucc.asn.au>
parents: 43
diff changeset
58 {SSH_MSG_USERAUTH_FAILURE, recv_msg_userauth_failure}, /* client */
9ee8996a375f Pubkey auth is mostly there for the client. Something strange with
Matt Johnston <matt@ucc.asn.au>
parents: 43
diff changeset
59 {SSH_MSG_USERAUTH_SUCCESS, recv_msg_userauth_success}, /* client */
9ee8996a375f Pubkey auth is mostly there for the client. Something strange with
Matt Johnston <matt@ucc.asn.au>
parents: 43
diff changeset
60 {SSH_MSG_KEXINIT, recv_msg_kexinit},
9ee8996a375f Pubkey auth is mostly there for the client. Something strange with
Matt Johnston <matt@ucc.asn.au>
parents: 43
diff changeset
61 {SSH_MSG_KEXDH_REPLY, recv_msg_kexdh_reply}, /* client */
9ee8996a375f Pubkey auth is mostly there for the client. Something strange with
Matt Johnston <matt@ucc.asn.au>
parents: 43
diff changeset
62 {SSH_MSG_NEWKEYS, recv_msg_newkeys},
9ee8996a375f Pubkey auth is mostly there for the client. Something strange with
Matt Johnston <matt@ucc.asn.au>
parents: 43
diff changeset
63 {SSH_MSG_SERVICE_ACCEPT, recv_msg_service_accept}, /* client */
26
0969767bca0d snapshot of stuff
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
64 {SSH_MSG_CHANNEL_REQUEST, recv_msg_channel_request},
0969767bca0d snapshot of stuff
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
65 {SSH_MSG_CHANNEL_OPEN, recv_msg_channel_open},
0969767bca0d snapshot of stuff
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
66 {SSH_MSG_CHANNEL_EOF, recv_msg_channel_eof},
0969767bca0d snapshot of stuff
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
67 {SSH_MSG_CHANNEL_CLOSE, recv_msg_channel_close},
0969767bca0d snapshot of stuff
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
68 {SSH_MSG_CHANNEL_OPEN_CONFIRMATION, recv_msg_channel_open_confirmation},
0969767bca0d snapshot of stuff
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
69 {SSH_MSG_CHANNEL_OPEN_FAILURE, recv_msg_channel_open_failure},
45
9ee8996a375f Pubkey auth is mostly there for the client. Something strange with
Matt Johnston <matt@ucc.asn.au>
parents: 43
diff changeset
70 {SSH_MSG_USERAUTH_BANNER, recv_msg_userauth_banner}, /* client */
249
efbaf6b03837 added keyboard-interactive client support
Matt Johnston <matt@ucc.asn.au>
parents: 215
diff changeset
71 {SSH_MSG_USERAUTH_SPECIFIC_60, recv_msg_userauth_specific_60}, /* client */
937
4ad38e223ccd Send a failure response if a client receives a global request
Matt Johnston <matt@ucc.asn.au>
parents: 883
diff changeset
72 {SSH_MSG_GLOBAL_REQUEST, recv_msg_global_request_cli},
970
0bb16232e7c4 Make keepalive handling more robust, this should now match what OpenSSH does
Matt Johnston <matt@ucc.asn.au>
parents: 968
diff changeset
73 {SSH_MSG_CHANNEL_SUCCESS, ignore_recv_response},
0bb16232e7c4 Make keepalive handling more robust, this should now match what OpenSSH does
Matt Johnston <matt@ucc.asn.au>
parents: 968
diff changeset
74 {SSH_MSG_CHANNEL_FAILURE, ignore_recv_response},
505
805e557fdff7 Report errors if a remote request fails
Matt Johnston <matt@ucc.asn.au>
parents: 486
diff changeset
75 #ifdef ENABLE_CLI_REMOTETCPFWD
805e557fdff7 Report errors if a remote request fails
Matt Johnston <matt@ucc.asn.au>
parents: 486
diff changeset
76 {SSH_MSG_REQUEST_SUCCESS, cli_recv_msg_request_success}, /* client */
805e557fdff7 Report errors if a remote request fails
Matt Johnston <matt@ucc.asn.au>
parents: 486
diff changeset
77 {SSH_MSG_REQUEST_FAILURE, cli_recv_msg_request_failure}, /* client */
968
f7f6c15b0ec3 Don't send SSH_MSG_UNIMPLEMENTED for keepalive responses
Matt Johnston <matt@ucc.asn.au>
parents: 937
diff changeset
78 #else
970
0bb16232e7c4 Make keepalive handling more robust, this should now match what OpenSSH does
Matt Johnston <matt@ucc.asn.au>
parents: 968
diff changeset
79 /* For keepalive */
0bb16232e7c4 Make keepalive handling more robust, this should now match what OpenSSH does
Matt Johnston <matt@ucc.asn.au>
parents: 968
diff changeset
80 {SSH_MSG_REQUEST_SUCCESS, ignore_recv_response},
0bb16232e7c4 Make keepalive handling more robust, this should now match what OpenSSH does
Matt Johnston <matt@ucc.asn.au>
parents: 968
diff changeset
81 {SSH_MSG_REQUEST_FAILURE, ignore_recv_response},
505
805e557fdff7 Report errors if a remote request fails
Matt Johnston <matt@ucc.asn.au>
parents: 486
diff changeset
82 #endif
26
0969767bca0d snapshot of stuff
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
83 {0, 0} /* End */
0969767bca0d snapshot of stuff
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
84 };
0969767bca0d snapshot of stuff
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
85
0969767bca0d snapshot of stuff
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
86 static const struct ChanType *cli_chantypes[] = {
64
efb5e0b335cf TCP forwarding works.
Matt Johnston <matt@ucc.asn.au>
parents: 62
diff changeset
87 #ifdef ENABLE_CLI_REMOTETCPFWD
efb5e0b335cf TCP forwarding works.
Matt Johnston <matt@ucc.asn.au>
parents: 62
diff changeset
88 &cli_chan_tcpremote,
efb5e0b335cf TCP forwarding works.
Matt Johnston <matt@ucc.asn.au>
parents: 62
diff changeset
89 #endif
225
ca7e76d981d9 - progress towards client agent forwarding
Matt Johnston <matt@ucc.asn.au>
parents: 215
diff changeset
90 #ifdef ENABLE_CLI_AGENTFWD
ca7e76d981d9 - progress towards client agent forwarding
Matt Johnston <matt@ucc.asn.au>
parents: 215
diff changeset
91 &cli_chan_agent,
ca7e76d981d9 - progress towards client agent forwarding
Matt Johnston <matt@ucc.asn.au>
parents: 215
diff changeset
92 #endif
26
0969767bca0d snapshot of stuff
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
93 NULL /* Null termination */
0969767bca0d snapshot of stuff
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
94 };
33
f789045062e6 Progressing client support
Matt Johnston <matt@ucc.asn.au>
parents: 26
diff changeset
95
568
005530560594 Rearrange getaddrstring() etc
Matt Johnston <matt@ucc.asn.au>
parents: 560
diff changeset
96 void cli_session(int sock_in, int sock_out) {
26
0969767bca0d snapshot of stuff
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
97
568
005530560594 Rearrange getaddrstring() etc
Matt Johnston <matt@ucc.asn.au>
parents: 560
diff changeset
98 common_session_init(sock_in, sock_out);
26
0969767bca0d snapshot of stuff
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
99
0969767bca0d snapshot of stuff
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
100 chaninitialise(cli_chantypes);
0969767bca0d snapshot of stuff
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
101
33
f789045062e6 Progressing client support
Matt Johnston <matt@ucc.asn.au>
parents: 26
diff changeset
102 /* Set up cli_ses vars */
f789045062e6 Progressing client support
Matt Johnston <matt@ucc.asn.au>
parents: 26
diff changeset
103 cli_session_init();
26
0969767bca0d snapshot of stuff
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
104
0969767bca0d snapshot of stuff
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
105 /* Ready to go */
0969767bca0d snapshot of stuff
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
106 sessinitdone = 1;
0969767bca0d snapshot of stuff
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
107
0969767bca0d snapshot of stuff
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
108 /* Exchange identification */
726
78eda530c000 send out our kexinit packet before blocking to read the SSH version string
Matt Johnston <matt@ucc.asn.au>
parents: 686
diff changeset
109 send_session_identification();
26
0969767bca0d snapshot of stuff
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
110
0969767bca0d snapshot of stuff
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
111 send_msg_kexinit();
0969767bca0d snapshot of stuff
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
112
0969767bca0d snapshot of stuff
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
113 session_loop(cli_sessionloop);
0969767bca0d snapshot of stuff
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
114
0969767bca0d snapshot of stuff
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
115 /* Not reached */
0969767bca0d snapshot of stuff
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
116
33
f789045062e6 Progressing client support
Matt Johnston <matt@ucc.asn.au>
parents: 26
diff changeset
117 }
26
0969767bca0d snapshot of stuff
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
118
746
465fefc4f6e0 Put some #ifdef options around first-follows options in case they
Matt Johnston <matt@ucc.asn.au>
parents: 745
diff changeset
119 #ifdef USE_KEX_FIRST_FOLLOWS
739
d44325108d0e first_kex_packet_follows working, needs tidying
Matt Johnston <matt@ucc.asn.au>
parents: 686
diff changeset
120 static void cli_send_kex_first_guess() {
d44325108d0e first_kex_packet_follows working, needs tidying
Matt Johnston <matt@ucc.asn.au>
parents: 686
diff changeset
121 send_msg_kexdh_init();
d44325108d0e first_kex_packet_follows working, needs tidying
Matt Johnston <matt@ucc.asn.au>
parents: 686
diff changeset
122 }
746
465fefc4f6e0 Put some #ifdef options around first-follows options in case they
Matt Johnston <matt@ucc.asn.au>
parents: 745
diff changeset
123 #endif
739
d44325108d0e first_kex_packet_follows working, needs tidying
Matt Johnston <matt@ucc.asn.au>
parents: 686
diff changeset
124
33
f789045062e6 Progressing client support
Matt Johnston <matt@ucc.asn.au>
parents: 26
diff changeset
125 static void cli_session_init() {
f789045062e6 Progressing client support
Matt Johnston <matt@ucc.asn.au>
parents: 26
diff changeset
126
f789045062e6 Progressing client support
Matt Johnston <matt@ucc.asn.au>
parents: 26
diff changeset
127 cli_ses.state = STATE_NOTHING;
f789045062e6 Progressing client support
Matt Johnston <matt@ucc.asn.au>
parents: 26
diff changeset
128 cli_ses.kex_state = KEX_NOTHING;
f789045062e6 Progressing client support
Matt Johnston <matt@ucc.asn.au>
parents: 26
diff changeset
129
39
0883c0906870 tty raw mode support works mostly
Matt Johnston <matt@ucc.asn.au>
parents: 37
diff changeset
130 cli_ses.tty_raw_mode = 0;
41
18eccbfb9641 added window-size change handling
Matt Johnston <matt@ucc.asn.au>
parents: 40
diff changeset
131 cli_ses.winchange = 0;
39
0883c0906870 tty raw mode support works mostly
Matt Johnston <matt@ucc.asn.au>
parents: 37
diff changeset
132
175
2c5741e4b855 * Reset the non-blocking status of stdout and stderr as well on exit
Matt Johnston <matt@ucc.asn.au>
parents: 165
diff changeset
133 /* We store std{in,out,err}'s flags, so we can set them back on exit
2c5741e4b855 * Reset the non-blocking status of stdout and stderr as well on exit
Matt Johnston <matt@ucc.asn.au>
parents: 165
diff changeset
134 * (otherwise busybox's ash isn't happy */
99
0247fbd9379d Move the revert-to-non-blocking-stdin code to cli-session so it
Matt Johnston <matt@ucc.asn.au>
parents: 74
diff changeset
135 cli_ses.stdincopy = dup(STDIN_FILENO);
0247fbd9379d Move the revert-to-non-blocking-stdin code to cli-session so it
Matt Johnston <matt@ucc.asn.au>
parents: 74
diff changeset
136 cli_ses.stdinflags = fcntl(STDIN_FILENO, F_GETFL, 0);
175
2c5741e4b855 * Reset the non-blocking status of stdout and stderr as well on exit
Matt Johnston <matt@ucc.asn.au>
parents: 165
diff changeset
137 cli_ses.stdoutcopy = dup(STDOUT_FILENO);
2c5741e4b855 * Reset the non-blocking status of stdout and stderr as well on exit
Matt Johnston <matt@ucc.asn.au>
parents: 165
diff changeset
138 cli_ses.stdoutflags = fcntl(STDOUT_FILENO, F_GETFL, 0);
2c5741e4b855 * Reset the non-blocking status of stdout and stderr as well on exit
Matt Johnston <matt@ucc.asn.au>
parents: 165
diff changeset
139 cli_ses.stderrcopy = dup(STDERR_FILENO);
2c5741e4b855 * Reset the non-blocking status of stdout and stderr as well on exit
Matt Johnston <matt@ucc.asn.au>
parents: 165
diff changeset
140 cli_ses.stderrflags = fcntl(STDERR_FILENO, F_GETFL, 0);
99
0247fbd9379d Move the revert-to-non-blocking-stdin code to cli-session so it
Matt Johnston <matt@ucc.asn.au>
parents: 74
diff changeset
141
108
10f4d3319780 - added circular buffering for channels
Matt Johnston <matt@ucc.asn.au>
parents: 107
diff changeset
142 cli_ses.retval = EXIT_SUCCESS; /* Assume it's clean if we don't get a
10f4d3319780 - added circular buffering for channels
Matt Johnston <matt@ucc.asn.au>
parents: 107
diff changeset
143 specific exit status */
10f4d3319780 - added circular buffering for channels
Matt Johnston <matt@ucc.asn.au>
parents: 107
diff changeset
144
47
4b53a43f0082 - client pubkey auth works
Matt Johnston <matt@ucc.asn.au>
parents: 45
diff changeset
145 /* Auth */
215
aad4b3f58556 rename PubkeyList to SignKeyList for clarity
Matt Johnston <matt@ucc.asn.au>
parents: 175
diff changeset
146 cli_ses.lastprivkey = NULL;
136
fb7147e2fb04 - Fixed a couple of compile warnings
Matt Johnston <matt@ucc.asn.au>
parents: 108
diff changeset
147 cli_ses.lastauthtype = 0;
47
4b53a43f0082 - client pubkey auth works
Matt Johnston <matt@ucc.asn.au>
parents: 45
diff changeset
148
686
983a817f8e41 - Only request "none" cipher after auth has succeeded
Matt Johnston <matt@ucc.asn.au>
parents: 594
diff changeset
149 #ifdef DROPBEAR_NONE_CIPHER
983a817f8e41 - Only request "none" cipher after auth has succeeded
Matt Johnston <matt@ucc.asn.au>
parents: 594
diff changeset
150 cli_ses.cipher_none_after_auth = get_algo_usable(sshciphers, "none");
983a817f8e41 - Only request "none" cipher after auth has succeeded
Matt Johnston <matt@ucc.asn.au>
parents: 594
diff changeset
151 set_algo_usable(sshciphers, "none", 0);
983a817f8e41 - Only request "none" cipher after auth has succeeded
Matt Johnston <matt@ucc.asn.au>
parents: 594
diff changeset
152 #else
983a817f8e41 - Only request "none" cipher after auth has succeeded
Matt Johnston <matt@ucc.asn.au>
parents: 594
diff changeset
153 cli_ses.cipher_none_after_auth = 0;
983a817f8e41 - Only request "none" cipher after auth has succeeded
Matt Johnston <matt@ucc.asn.au>
parents: 594
diff changeset
154 #endif
983a817f8e41 - Only request "none" cipher after auth has succeeded
Matt Johnston <matt@ucc.asn.au>
parents: 594
diff changeset
155
33
f789045062e6 Progressing client support
Matt Johnston <matt@ucc.asn.au>
parents: 26
diff changeset
156 /* For printing "remote host closed" for the user */
f789045062e6 Progressing client support
Matt Johnston <matt@ucc.asn.au>
parents: 26
diff changeset
157 ses.remoteclosed = cli_remoteclosed;
f789045062e6 Progressing client support
Matt Johnston <matt@ucc.asn.au>
parents: 26
diff changeset
158
733
70811267715c Run the cleanup handler also when we close due to TCP connection being closed
Matt Johnston <matt@ucc.asn.au>
parents: 731
diff changeset
159 ses.extra_session_cleanup = cli_session_cleanup;
33
f789045062e6 Progressing client support
Matt Johnston <matt@ucc.asn.au>
parents: 26
diff changeset
160
f789045062e6 Progressing client support
Matt Johnston <matt@ucc.asn.au>
parents: 26
diff changeset
161 /* packet handlers */
f789045062e6 Progressing client support
Matt Johnston <matt@ucc.asn.au>
parents: 26
diff changeset
162 ses.packettypes = cli_packettypes;
35
0ad5fb979f42 set the isserver flag (oops)
Matt Johnston <matt@ucc.asn.au>
parents: 34
diff changeset
163
0ad5fb979f42 set the isserver flag (oops)
Matt Johnston <matt@ucc.asn.au>
parents: 34
diff changeset
164 ses.isserver = 0;
739
d44325108d0e first_kex_packet_follows working, needs tidying
Matt Johnston <matt@ucc.asn.au>
parents: 686
diff changeset
165
746
465fefc4f6e0 Put some #ifdef options around first-follows options in case they
Matt Johnston <matt@ucc.asn.au>
parents: 745
diff changeset
166 #ifdef USE_KEX_FIRST_FOLLOWS
739
d44325108d0e first_kex_packet_follows working, needs tidying
Matt Johnston <matt@ucc.asn.au>
parents: 686
diff changeset
167 ses.send_kex_first_guess = cli_send_kex_first_guess;
746
465fefc4f6e0 Put some #ifdef options around first-follows options in case they
Matt Johnston <matt@ucc.asn.au>
parents: 745
diff changeset
168 #endif
739
d44325108d0e first_kex_packet_follows working, needs tidying
Matt Johnston <matt@ucc.asn.au>
parents: 686
diff changeset
169
26
0969767bca0d snapshot of stuff
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
170 }
0969767bca0d snapshot of stuff
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
171
727
00bc3df3a9c3 Don't bother waiting for a ssh-connection service reply - the server
Matt Johnston <matt@ucc.asn.au>
parents: 726
diff changeset
172 static void send_msg_service_request(char* servicename) {
00bc3df3a9c3 Don't bother waiting for a ssh-connection service reply - the server
Matt Johnston <matt@ucc.asn.au>
parents: 726
diff changeset
173
00bc3df3a9c3 Don't bother waiting for a ssh-connection service reply - the server
Matt Johnston <matt@ucc.asn.au>
parents: 726
diff changeset
174 TRACE(("enter send_msg_service_request: servicename='%s'", servicename))
00bc3df3a9c3 Don't bother waiting for a ssh-connection service reply - the server
Matt Johnston <matt@ucc.asn.au>
parents: 726
diff changeset
175
00bc3df3a9c3 Don't bother waiting for a ssh-connection service reply - the server
Matt Johnston <matt@ucc.asn.au>
parents: 726
diff changeset
176 CHECKCLEARTOWRITE();
00bc3df3a9c3 Don't bother waiting for a ssh-connection service reply - the server
Matt Johnston <matt@ucc.asn.au>
parents: 726
diff changeset
177
00bc3df3a9c3 Don't bother waiting for a ssh-connection service reply - the server
Matt Johnston <matt@ucc.asn.au>
parents: 726
diff changeset
178 buf_putbyte(ses.writepayload, SSH_MSG_SERVICE_REQUEST);
00bc3df3a9c3 Don't bother waiting for a ssh-connection service reply - the server
Matt Johnston <matt@ucc.asn.au>
parents: 726
diff changeset
179 buf_putstring(ses.writepayload, servicename, strlen(servicename));
00bc3df3a9c3 Don't bother waiting for a ssh-connection service reply - the server
Matt Johnston <matt@ucc.asn.au>
parents: 726
diff changeset
180
00bc3df3a9c3 Don't bother waiting for a ssh-connection service reply - the server
Matt Johnston <matt@ucc.asn.au>
parents: 726
diff changeset
181 encrypt_packet();
00bc3df3a9c3 Don't bother waiting for a ssh-connection service reply - the server
Matt Johnston <matt@ucc.asn.au>
parents: 726
diff changeset
182 TRACE(("leave send_msg_service_request"))
00bc3df3a9c3 Don't bother waiting for a ssh-connection service reply - the server
Matt Johnston <matt@ucc.asn.au>
parents: 726
diff changeset
183 }
00bc3df3a9c3 Don't bother waiting for a ssh-connection service reply - the server
Matt Johnston <matt@ucc.asn.au>
parents: 726
diff changeset
184
00bc3df3a9c3 Don't bother waiting for a ssh-connection service reply - the server
Matt Johnston <matt@ucc.asn.au>
parents: 726
diff changeset
185 static void recv_msg_service_accept(void) {
857
c19acba28590 use oldstyle comments
Matt Johnston <matt@ucc.asn.au>
parents: 801
diff changeset
186 /* do nothing, if it failed then the server MUST have disconnected */
727
00bc3df3a9c3 Don't bother waiting for a ssh-connection service reply - the server
Matt Johnston <matt@ucc.asn.au>
parents: 726
diff changeset
187 }
00bc3df3a9c3 Don't bother waiting for a ssh-connection service reply - the server
Matt Johnston <matt@ucc.asn.au>
parents: 726
diff changeset
188
33
f789045062e6 Progressing client support
Matt Johnston <matt@ucc.asn.au>
parents: 26
diff changeset
189 /* This function drives the progress of the session - it initiates KEX,
f789045062e6 Progressing client support
Matt Johnston <matt@ucc.asn.au>
parents: 26
diff changeset
190 * service, userauth and channel requests */
26
0969767bca0d snapshot of stuff
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
191 static void cli_sessionloop() {
0969767bca0d snapshot of stuff
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
192
731
9a5438271556 Move the more verbose TRACE() statements into TRACE2()
Matt Johnston <matt@ucc.asn.au>
parents: 727
diff changeset
193 TRACE2(("enter cli_sessionloop"))
33
f789045062e6 Progressing client support
Matt Johnston <matt@ucc.asn.au>
parents: 26
diff changeset
194
745
15999b098cc9 Don't usually need to recalculate dh_e for the repeated kexdh_init packet
Matt Johnston <matt@ucc.asn.au>
parents: 743
diff changeset
195 if (ses.lastpacket == 0) {
15999b098cc9 Don't usually need to recalculate dh_e for the repeated kexdh_init packet
Matt Johnston <matt@ucc.asn.au>
parents: 743
diff changeset
196 TRACE2(("exit cli_sessionloop: no real packets yet"))
15999b098cc9 Don't usually need to recalculate dh_e for the repeated kexdh_init packet
Matt Johnston <matt@ucc.asn.au>
parents: 743
diff changeset
197 return;
15999b098cc9 Don't usually need to recalculate dh_e for the repeated kexdh_init packet
Matt Johnston <matt@ucc.asn.au>
parents: 743
diff changeset
198 }
15999b098cc9 Don't usually need to recalculate dh_e for the repeated kexdh_init packet
Matt Johnston <matt@ucc.asn.au>
parents: 743
diff changeset
199
34
e2a1eaa19f22 Client mostly works up to password auth
Matt Johnston <matt@ucc.asn.au>
parents: 33
diff changeset
200 if (ses.lastpacket == SSH_MSG_KEXINIT && cli_ses.kex_state == KEX_NOTHING) {
33
f789045062e6 Progressing client support
Matt Johnston <matt@ucc.asn.au>
parents: 26
diff changeset
201 /* We initiate the KEXDH. If DH wasn't the correct type, the KEXINIT
f789045062e6 Progressing client support
Matt Johnston <matt@ucc.asn.au>
parents: 26
diff changeset
202 * negotiation would have failed. */
739
d44325108d0e first_kex_packet_follows working, needs tidying
Matt Johnston <matt@ucc.asn.au>
parents: 686
diff changeset
203 if (!ses.kexstate.our_first_follows_matches) {
d44325108d0e first_kex_packet_follows working, needs tidying
Matt Johnston <matt@ucc.asn.au>
parents: 686
diff changeset
204 send_msg_kexdh_init();
d44325108d0e first_kex_packet_follows working, needs tidying
Matt Johnston <matt@ucc.asn.au>
parents: 686
diff changeset
205 }
d44325108d0e first_kex_packet_follows working, needs tidying
Matt Johnston <matt@ucc.asn.au>
parents: 686
diff changeset
206 cli_ses.kex_state = KEXDH_INIT_SENT;
165
0cfba3034be5 Fixed DEBUG_TRACE macro so that we don't get semicolons left about the place
Matt Johnston <matt@ucc.asn.au>
parents: 136
diff changeset
207 TRACE(("leave cli_sessionloop: done with KEXINIT_RCVD"))
33
f789045062e6 Progressing client support
Matt Johnston <matt@ucc.asn.au>
parents: 26
diff changeset
208 return;
f789045062e6 Progressing client support
Matt Johnston <matt@ucc.asn.au>
parents: 26
diff changeset
209 }
f789045062e6 Progressing client support
Matt Johnston <matt@ucc.asn.au>
parents: 26
diff changeset
210
f789045062e6 Progressing client support
Matt Johnston <matt@ucc.asn.au>
parents: 26
diff changeset
211 /* A KEX has finished, so we should go back to our KEX_NOTHING state */
753
d63ef1e211ea Take transmit and receive keys into use separately
Matt Johnston <matt@ucc.asn.au>
parents: 750
diff changeset
212 if (cli_ses.kex_state != KEX_NOTHING && ses.kexstate.sentnewkeys) {
33
f789045062e6 Progressing client support
Matt Johnston <matt@ucc.asn.au>
parents: 26
diff changeset
213 cli_ses.kex_state = KEX_NOTHING;
f789045062e6 Progressing client support
Matt Johnston <matt@ucc.asn.au>
parents: 26
diff changeset
214 }
f789045062e6 Progressing client support
Matt Johnston <matt@ucc.asn.au>
parents: 26
diff changeset
215
f789045062e6 Progressing client support
Matt Johnston <matt@ucc.asn.au>
parents: 26
diff changeset
216 /* We shouldn't do anything else if a KEX is in progress */
f789045062e6 Progressing client support
Matt Johnston <matt@ucc.asn.au>
parents: 26
diff changeset
217 if (cli_ses.kex_state != KEX_NOTHING) {
165
0cfba3034be5 Fixed DEBUG_TRACE macro so that we don't get semicolons left about the place
Matt Johnston <matt@ucc.asn.au>
parents: 136
diff changeset
218 TRACE(("leave cli_sessionloop: kex_state != KEX_NOTHING"))
33
f789045062e6 Progressing client support
Matt Johnston <matt@ucc.asn.au>
parents: 26
diff changeset
219 return;
f789045062e6 Progressing client support
Matt Johnston <matt@ucc.asn.au>
parents: 26
diff changeset
220 }
f789045062e6 Progressing client support
Matt Johnston <matt@ucc.asn.au>
parents: 26
diff changeset
221
f789045062e6 Progressing client support
Matt Johnston <matt@ucc.asn.au>
parents: 26
diff changeset
222 if (ses.kexstate.donefirstkex == 0) {
745
15999b098cc9 Don't usually need to recalculate dh_e for the repeated kexdh_init packet
Matt Johnston <matt@ucc.asn.au>
parents: 743
diff changeset
223 /* We might reach here if we have partial packet reads or have
15999b098cc9 Don't usually need to recalculate dh_e for the repeated kexdh_init packet
Matt Johnston <matt@ucc.asn.au>
parents: 743
diff changeset
224 * received SSG_MSG_IGNORE etc. Just skip it */
753
d63ef1e211ea Take transmit and receive keys into use separately
Matt Johnston <matt@ucc.asn.au>
parents: 750
diff changeset
225 TRACE2(("donefirstkex false\n"))
34
e2a1eaa19f22 Client mostly works up to password auth
Matt Johnston <matt@ucc.asn.au>
parents: 33
diff changeset
226 return;
33
f789045062e6 Progressing client support
Matt Johnston <matt@ucc.asn.au>
parents: 26
diff changeset
227 }
f789045062e6 Progressing client support
Matt Johnston <matt@ucc.asn.au>
parents: 26
diff changeset
228
26
0969767bca0d snapshot of stuff
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
229 switch (cli_ses.state) {
0969767bca0d snapshot of stuff
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
230
33
f789045062e6 Progressing client support
Matt Johnston <matt@ucc.asn.au>
parents: 26
diff changeset
231 case STATE_NOTHING:
f789045062e6 Progressing client support
Matt Johnston <matt@ucc.asn.au>
parents: 26
diff changeset
232 /* We've got the transport layer sorted, we now need to request
f789045062e6 Progressing client support
Matt Johnston <matt@ucc.asn.au>
parents: 26
diff changeset
233 * userauth */
f789045062e6 Progressing client support
Matt Johnston <matt@ucc.asn.au>
parents: 26
diff changeset
234 send_msg_service_request(SSH_SERVICE_USERAUTH);
f789045062e6 Progressing client support
Matt Johnston <matt@ucc.asn.au>
parents: 26
diff changeset
235 cli_auth_getmethods();
45
9ee8996a375f Pubkey auth is mostly there for the client. Something strange with
Matt Johnston <matt@ucc.asn.au>
parents: 43
diff changeset
236 cli_ses.state = USERAUTH_REQ_SENT;
165
0cfba3034be5 Fixed DEBUG_TRACE macro so that we don't get semicolons left about the place
Matt Johnston <matt@ucc.asn.au>
parents: 136
diff changeset
237 TRACE(("leave cli_sessionloop: sent userauth methods req"))
33
f789045062e6 Progressing client support
Matt Johnston <matt@ucc.asn.au>
parents: 26
diff changeset
238 return;
883
ff597bf2cfb0 DROPBEAR_CLI_AUTH_IMMEDIATE fixed, now enabled by default
Matt Johnston <matt@ucc.asn.au>
parents: 858
diff changeset
239
ff597bf2cfb0 DROPBEAR_CLI_AUTH_IMMEDIATE fixed, now enabled by default
Matt Johnston <matt@ucc.asn.au>
parents: 858
diff changeset
240 case USERAUTH_REQ_SENT:
ff597bf2cfb0 DROPBEAR_CLI_AUTH_IMMEDIATE fixed, now enabled by default
Matt Johnston <matt@ucc.asn.au>
parents: 858
diff changeset
241 TRACE(("leave cli_sessionloop: waiting, req_sent"))
ff597bf2cfb0 DROPBEAR_CLI_AUTH_IMMEDIATE fixed, now enabled by default
Matt Johnston <matt@ucc.asn.au>
parents: 858
diff changeset
242 return;
33
f789045062e6 Progressing client support
Matt Johnston <matt@ucc.asn.au>
parents: 26
diff changeset
243
f789045062e6 Progressing client support
Matt Johnston <matt@ucc.asn.au>
parents: 26
diff changeset
244 case USERAUTH_FAIL_RCVD:
734
619b1ed837fd Be a bit more careful about when we want to use CLI_AUTH_IMMEDIATE
Matt Johnston <matt@ucc.asn.au>
parents: 733
diff changeset
245 if (cli_auth_try() == DROPBEAR_FAILURE) {
619b1ed837fd Be a bit more careful about when we want to use CLI_AUTH_IMMEDIATE
Matt Johnston <matt@ucc.asn.au>
parents: 733
diff changeset
246 dropbear_exit("No auth methods could be used.");
619b1ed837fd Be a bit more careful about when we want to use CLI_AUTH_IMMEDIATE
Matt Johnston <matt@ucc.asn.au>
parents: 733
diff changeset
247 }
45
9ee8996a375f Pubkey auth is mostly there for the client. Something strange with
Matt Johnston <matt@ucc.asn.au>
parents: 43
diff changeset
248 cli_ses.state = USERAUTH_REQ_SENT;
165
0cfba3034be5 Fixed DEBUG_TRACE macro so that we don't get semicolons left about the place
Matt Johnston <matt@ucc.asn.au>
parents: 136
diff changeset
249 TRACE(("leave cli_sessionloop: cli_auth_try"))
33
f789045062e6 Progressing client support
Matt Johnston <matt@ucc.asn.au>
parents: 26
diff changeset
250 return;
f789045062e6 Progressing client support
Matt Johnston <matt@ucc.asn.au>
parents: 26
diff changeset
251
37
0913e2ee3545 we're nearly there yet
Matt Johnston <matt@ucc.asn.au>
parents: 35
diff changeset
252 case USERAUTH_SUCCESS_RCVD:
326
d965110e3f5c add -f background option to dbclient
Matt Johnston <matt@ucc.asn.au>
parents: 325
diff changeset
253
686
983a817f8e41 - Only request "none" cipher after auth has succeeded
Matt Johnston <matt@ucc.asn.au>
parents: 594
diff changeset
254 #ifdef DROPBEAR_NONE_CIPHER
983a817f8e41 - Only request "none" cipher after auth has succeeded
Matt Johnston <matt@ucc.asn.au>
parents: 594
diff changeset
255 if (cli_ses.cipher_none_after_auth)
983a817f8e41 - Only request "none" cipher after auth has succeeded
Matt Johnston <matt@ucc.asn.au>
parents: 594
diff changeset
256 {
983a817f8e41 - Only request "none" cipher after auth has succeeded
Matt Johnston <matt@ucc.asn.au>
parents: 594
diff changeset
257 set_algo_usable(sshciphers, "none", 1);
983a817f8e41 - Only request "none" cipher after auth has succeeded
Matt Johnston <matt@ucc.asn.au>
parents: 594
diff changeset
258 send_msg_kexinit();
983a817f8e41 - Only request "none" cipher after auth has succeeded
Matt Johnston <matt@ucc.asn.au>
parents: 594
diff changeset
259 }
983a817f8e41 - Only request "none" cipher after auth has succeeded
Matt Johnston <matt@ucc.asn.au>
parents: 594
diff changeset
260 #endif
983a817f8e41 - Only request "none" cipher after auth has succeeded
Matt Johnston <matt@ucc.asn.au>
parents: 594
diff changeset
261
326
d965110e3f5c add -f background option to dbclient
Matt Johnston <matt@ucc.asn.au>
parents: 325
diff changeset
262 if (cli_opts.backgrounded) {
d965110e3f5c add -f background option to dbclient
Matt Johnston <matt@ucc.asn.au>
parents: 325
diff changeset
263 int devnull;
433
c216212001fc Fix for -pedantic -ansi compilation, change // to /**/, plus some signedness
Matt Johnston <matt@ucc.asn.au>
parents: 326
diff changeset
264 /* keeping stdin open steals input from the terminal and
c216212001fc Fix for -pedantic -ansi compilation, change // to /**/, plus some signedness
Matt Johnston <matt@ucc.asn.au>
parents: 326
diff changeset
265 is confusing, though stdout/stderr could be useful. */
326
d965110e3f5c add -f background option to dbclient
Matt Johnston <matt@ucc.asn.au>
parents: 325
diff changeset
266 devnull = open(_PATH_DEVNULL, O_RDONLY);
d965110e3f5c add -f background option to dbclient
Matt Johnston <matt@ucc.asn.au>
parents: 325
diff changeset
267 if (devnull < 0) {
594
a98a2138364a Improve capitalisation for all logged strings
Matt Johnston <matt@ucc.asn.au>
parents: 568
diff changeset
268 dropbear_exit("Opening /dev/null: %d %s",
326
d965110e3f5c add -f background option to dbclient
Matt Johnston <matt@ucc.asn.au>
parents: 325
diff changeset
269 errno, strerror(errno));
d965110e3f5c add -f background option to dbclient
Matt Johnston <matt@ucc.asn.au>
parents: 325
diff changeset
270 }
d965110e3f5c add -f background option to dbclient
Matt Johnston <matt@ucc.asn.au>
parents: 325
diff changeset
271 dup2(devnull, STDIN_FILENO);
d965110e3f5c add -f background option to dbclient
Matt Johnston <matt@ucc.asn.au>
parents: 325
diff changeset
272 if (daemon(0, 1) < 0) {
d965110e3f5c add -f background option to dbclient
Matt Johnston <matt@ucc.asn.au>
parents: 325
diff changeset
273 dropbear_exit("Backgrounding failed: %d %s",
d965110e3f5c add -f background option to dbclient
Matt Johnston <matt@ucc.asn.au>
parents: 325
diff changeset
274 errno, strerror(errno));
d965110e3f5c add -f background option to dbclient
Matt Johnston <matt@ucc.asn.au>
parents: 325
diff changeset
275 }
d965110e3f5c add -f background option to dbclient
Matt Johnston <matt@ucc.asn.au>
parents: 325
diff changeset
276 }
d965110e3f5c add -f background option to dbclient
Matt Johnston <matt@ucc.asn.au>
parents: 325
diff changeset
277
485
12d845ab7b5f Rework netcat-alike to be a proper mode, with -B argument.
Matt Johnston <matt@ucc.asn.au>
parents: 478
diff changeset
278 #ifdef ENABLE_CLI_NETCAT
12d845ab7b5f Rework netcat-alike to be a proper mode, with -B argument.
Matt Johnston <matt@ucc.asn.au>
parents: 478
diff changeset
279 if (cli_opts.netcat_host) {
12d845ab7b5f Rework netcat-alike to be a proper mode, with -B argument.
Matt Johnston <matt@ucc.asn.au>
parents: 478
diff changeset
280 cli_send_netcat_request();
12d845ab7b5f Rework netcat-alike to be a proper mode, with -B argument.
Matt Johnston <matt@ucc.asn.au>
parents: 478
diff changeset
281 } else
12d845ab7b5f Rework netcat-alike to be a proper mode, with -B argument.
Matt Johnston <matt@ucc.asn.au>
parents: 478
diff changeset
282 #endif
560
52d7301e46bd Agent forwarding works
Matt Johnston <matt@ucc.asn.au>
parents: 547
diff changeset
283 if (!cli_opts.no_cmd) {
325
0e4f225b7e07 Add -N "no remote command" dbclient option.
Matt Johnston <matt@ucc.asn.au>
parents: 272
diff changeset
284 cli_send_chansess_request();
0e4f225b7e07 Add -N "no remote command" dbclient option.
Matt Johnston <matt@ucc.asn.au>
parents: 272
diff changeset
285 }
754
2400b8685762 setup tcp after requesting a channel - might hide some DNS latency
Matt Johnston <matt@ucc.asn.au>
parents: 753
diff changeset
286
2400b8685762 setup tcp after requesting a channel - might hide some DNS latency
Matt Johnston <matt@ucc.asn.au>
parents: 753
diff changeset
287 #ifdef ENABLE_CLI_LOCALTCPFWD
2400b8685762 setup tcp after requesting a channel - might hide some DNS latency
Matt Johnston <matt@ucc.asn.au>
parents: 753
diff changeset
288 setup_localtcp();
2400b8685762 setup tcp after requesting a channel - might hide some DNS latency
Matt Johnston <matt@ucc.asn.au>
parents: 753
diff changeset
289 #endif
2400b8685762 setup tcp after requesting a channel - might hide some DNS latency
Matt Johnston <matt@ucc.asn.au>
parents: 753
diff changeset
290 #ifdef ENABLE_CLI_REMOTETCPFWD
2400b8685762 setup tcp after requesting a channel - might hide some DNS latency
Matt Johnston <matt@ucc.asn.au>
parents: 753
diff changeset
291 setup_remotetcp();
2400b8685762 setup tcp after requesting a channel - might hide some DNS latency
Matt Johnston <matt@ucc.asn.au>
parents: 753
diff changeset
292 #endif
2400b8685762 setup tcp after requesting a channel - might hide some DNS latency
Matt Johnston <matt@ucc.asn.au>
parents: 753
diff changeset
293
325
0e4f225b7e07 Add -N "no remote command" dbclient option.
Matt Johnston <matt@ucc.asn.au>
parents: 272
diff changeset
294 TRACE(("leave cli_sessionloop: running"))
37
0913e2ee3545 we're nearly there yet
Matt Johnston <matt@ucc.asn.au>
parents: 35
diff changeset
295 cli_ses.state = SESSION_RUNNING;
0913e2ee3545 we're nearly there yet
Matt Johnston <matt@ucc.asn.au>
parents: 35
diff changeset
296 return;
0913e2ee3545 we're nearly there yet
Matt Johnston <matt@ucc.asn.au>
parents: 35
diff changeset
297
40
b4874d772210 - Added terminal mode handling etc for the client, and window change
Matt Johnston <matt@ucc.asn.au>
parents: 39
diff changeset
298 case SESSION_RUNNING:
325
0e4f225b7e07 Add -N "no remote command" dbclient option.
Matt Johnston <matt@ucc.asn.au>
parents: 272
diff changeset
299 if (ses.chancount < 1 && !cli_opts.no_cmd) {
40
b4874d772210 - Added terminal mode handling etc for the client, and window change
Matt Johnston <matt@ucc.asn.au>
parents: 39
diff changeset
300 cli_finished();
b4874d772210 - Added terminal mode handling etc for the client, and window change
Matt Johnston <matt@ucc.asn.au>
parents: 39
diff changeset
301 }
41
18eccbfb9641 added window-size change handling
Matt Johnston <matt@ucc.asn.au>
parents: 40
diff changeset
302
18eccbfb9641 added window-size change handling
Matt Johnston <matt@ucc.asn.au>
parents: 40
diff changeset
303 if (cli_ses.winchange) {
18eccbfb9641 added window-size change handling
Matt Johnston <matt@ucc.asn.au>
parents: 40
diff changeset
304 cli_chansess_winchange();
18eccbfb9641 added window-size change handling
Matt Johnston <matt@ucc.asn.au>
parents: 40
diff changeset
305 }
40
b4874d772210 - Added terminal mode handling etc for the client, and window change
Matt Johnston <matt@ucc.asn.au>
parents: 39
diff changeset
306 return;
b4874d772210 - Added terminal mode handling etc for the client, and window change
Matt Johnston <matt@ucc.asn.au>
parents: 39
diff changeset
307
33
f789045062e6 Progressing client support
Matt Johnston <matt@ucc.asn.au>
parents: 26
diff changeset
308 /* XXX more here needed */
f789045062e6 Progressing client support
Matt Johnston <matt@ucc.asn.au>
parents: 26
diff changeset
309
f789045062e6 Progressing client support
Matt Johnston <matt@ucc.asn.au>
parents: 26
diff changeset
310
f789045062e6 Progressing client support
Matt Johnston <matt@ucc.asn.au>
parents: 26
diff changeset
311 default:
f789045062e6 Progressing client support
Matt Johnston <matt@ucc.asn.au>
parents: 26
diff changeset
312 break;
26
0969767bca0d snapshot of stuff
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
313 }
0969767bca0d snapshot of stuff
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
314
731
9a5438271556 Move the more verbose TRACE() statements into TRACE2()
Matt Johnston <matt@ucc.asn.au>
parents: 727
diff changeset
315 TRACE2(("leave cli_sessionloop: fell out"))
26
0969767bca0d snapshot of stuff
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
316
0969767bca0d snapshot of stuff
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
317 }
0969767bca0d snapshot of stuff
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
318
733
70811267715c Run the cleanup handler also when we close due to TCP connection being closed
Matt Johnston <matt@ucc.asn.au>
parents: 731
diff changeset
319 static void cli_session_cleanup(void) {
40
b4874d772210 - Added terminal mode handling etc for the client, and window change
Matt Johnston <matt@ucc.asn.au>
parents: 39
diff changeset
320
b4874d772210 - Added terminal mode handling etc for the client, and window change
Matt Johnston <matt@ucc.asn.au>
parents: 39
diff changeset
321 if (!sessinitdone) {
b4874d772210 - Added terminal mode handling etc for the client, and window change
Matt Johnston <matt@ucc.asn.au>
parents: 39
diff changeset
322 return;
b4874d772210 - Added terminal mode handling etc for the client, and window change
Matt Johnston <matt@ucc.asn.au>
parents: 39
diff changeset
323 }
99
0247fbd9379d Move the revert-to-non-blocking-stdin code to cli-session so it
Matt Johnston <matt@ucc.asn.au>
parents: 74
diff changeset
324
175
2c5741e4b855 * Reset the non-blocking status of stdout and stderr as well on exit
Matt Johnston <matt@ucc.asn.au>
parents: 165
diff changeset
325 /* Set std{in,out,err} back to non-blocking - busybox ash dies nastily if
2c5741e4b855 * Reset the non-blocking status of stdout and stderr as well on exit
Matt Johnston <matt@ucc.asn.au>
parents: 165
diff changeset
326 * we don't revert the flags */
100
c72f5c10125d oops, the fcntl() was commented out
Matt Johnston <matt@ucc.asn.au>
parents: 99
diff changeset
327 fcntl(cli_ses.stdincopy, F_SETFL, cli_ses.stdinflags);
175
2c5741e4b855 * Reset the non-blocking status of stdout and stderr as well on exit
Matt Johnston <matt@ucc.asn.au>
parents: 165
diff changeset
328 fcntl(cli_ses.stdoutcopy, F_SETFL, cli_ses.stdoutflags);
2c5741e4b855 * Reset the non-blocking status of stdout and stderr as well on exit
Matt Johnston <matt@ucc.asn.au>
parents: 165
diff changeset
329 fcntl(cli_ses.stderrcopy, F_SETFL, cli_ses.stderrflags);
99
0247fbd9379d Move the revert-to-non-blocking-stdin code to cli-session so it
Matt Johnston <matt@ucc.asn.au>
parents: 74
diff changeset
330
40
b4874d772210 - Added terminal mode handling etc for the client, and window change
Matt Johnston <matt@ucc.asn.au>
parents: 39
diff changeset
331 cli_tty_cleanup();
b4874d772210 - Added terminal mode handling etc for the client, and window change
Matt Johnston <matt@ucc.asn.au>
parents: 39
diff changeset
332
b4874d772210 - Added terminal mode handling etc for the client, and window change
Matt Johnston <matt@ucc.asn.au>
parents: 39
diff changeset
333 }
b4874d772210 - Added terminal mode handling etc for the client, and window change
Matt Johnston <matt@ucc.asn.au>
parents: 39
diff changeset
334
b4874d772210 - Added terminal mode handling etc for the client, and window change
Matt Johnston <matt@ucc.asn.au>
parents: 39
diff changeset
335 static void cli_finished() {
b4874d772210 - Added terminal mode handling etc for the client, and window change
Matt Johnston <matt@ucc.asn.au>
parents: 39
diff changeset
336
733
70811267715c Run the cleanup handler also when we close due to TCP connection being closed
Matt Johnston <matt@ucc.asn.au>
parents: 731
diff changeset
337 session_cleanup();
40
b4874d772210 - Added terminal mode handling etc for the client, and window change
Matt Johnston <matt@ucc.asn.au>
parents: 39
diff changeset
338 fprintf(stderr, "Connection to %s@%s:%s closed.\n", cli_opts.username,
b4874d772210 - Added terminal mode handling etc for the client, and window change
Matt Johnston <matt@ucc.asn.au>
parents: 39
diff changeset
339 cli_opts.remotehost, cli_opts.remoteport);
108
10f4d3319780 - added circular buffering for channels
Matt Johnston <matt@ucc.asn.au>
parents: 107
diff changeset
340 exit(cli_ses.retval);
40
b4874d772210 - Added terminal mode handling etc for the client, and window change
Matt Johnston <matt@ucc.asn.au>
parents: 39
diff changeset
341 }
b4874d772210 - Added terminal mode handling etc for the client, and window change
Matt Johnston <matt@ucc.asn.au>
parents: 39
diff changeset
342
b4874d772210 - Added terminal mode handling etc for the client, and window change
Matt Johnston <matt@ucc.asn.au>
parents: 39
diff changeset
343
26
0969767bca0d snapshot of stuff
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
344 /* called when the remote side closes the connection */
0969767bca0d snapshot of stuff
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
345 static void cli_remoteclosed() {
0969767bca0d snapshot of stuff
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
346
0969767bca0d snapshot of stuff
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
347 /* XXX TODO perhaps print a friendlier message if we get this but have
0969767bca0d snapshot of stuff
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
348 * already sent/received disconnect message(s) ??? */
479
e3db1f7a2e43 - Split main socket var into ses.sock_in/ses.sock_out in preparation
Matt Johnston <matt@ucc.asn.au>
parents: 433
diff changeset
349 m_close(ses.sock_in);
e3db1f7a2e43 - Split main socket var into ses.sock_in/ses.sock_out in preparation
Matt Johnston <matt@ucc.asn.au>
parents: 433
diff changeset
350 m_close(ses.sock_out);
e3db1f7a2e43 - Split main socket var into ses.sock_in/ses.sock_out in preparation
Matt Johnston <matt@ucc.asn.au>
parents: 433
diff changeset
351 ses.sock_in = -1;
e3db1f7a2e43 - Split main socket var into ses.sock_in/ses.sock_out in preparation
Matt Johnston <matt@ucc.asn.au>
parents: 433
diff changeset
352 ses.sock_out = -1;
594
a98a2138364a Improve capitalisation for all logged strings
Matt Johnston <matt@ucc.asn.au>
parents: 568
diff changeset
353 dropbear_exit("Remote closed the connection");
26
0969767bca0d snapshot of stuff
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
354 }
43
942b22d7dd1c Banner printing
Matt Johnston <matt@ucc.asn.au>
parents: 41
diff changeset
355
942b22d7dd1c Banner printing
Matt Johnston <matt@ucc.asn.au>
parents: 41
diff changeset
356 /* Operates in-place turning dirty (untrusted potentially containing control
249
efbaf6b03837 added keyboard-interactive client support
Matt Johnston <matt@ucc.asn.au>
parents: 215
diff changeset
357 * characters) text into clean text.
efbaf6b03837 added keyboard-interactive client support
Matt Johnston <matt@ucc.asn.au>
parents: 215
diff changeset
358 * Note: this is safe only with ascii - other charsets could have problems. */
43
942b22d7dd1c Banner printing
Matt Johnston <matt@ucc.asn.au>
parents: 41
diff changeset
359 void cleantext(unsigned char* dirtytext) {
942b22d7dd1c Banner printing
Matt Johnston <matt@ucc.asn.au>
parents: 41
diff changeset
360
942b22d7dd1c Banner printing
Matt Johnston <matt@ucc.asn.au>
parents: 41
diff changeset
361 unsigned int i, j;
47
4b53a43f0082 - client pubkey auth works
Matt Johnston <matt@ucc.asn.au>
parents: 45
diff changeset
362 unsigned char c;
43
942b22d7dd1c Banner printing
Matt Johnston <matt@ucc.asn.au>
parents: 41
diff changeset
363
942b22d7dd1c Banner printing
Matt Johnston <matt@ucc.asn.au>
parents: 41
diff changeset
364 j = 0;
942b22d7dd1c Banner printing
Matt Johnston <matt@ucc.asn.au>
parents: 41
diff changeset
365 for (i = 0; dirtytext[i] != '\0'; i++) {
942b22d7dd1c Banner printing
Matt Johnston <matt@ucc.asn.au>
parents: 41
diff changeset
366
942b22d7dd1c Banner printing
Matt Johnston <matt@ucc.asn.au>
parents: 41
diff changeset
367 c = dirtytext[i];
942b22d7dd1c Banner printing
Matt Johnston <matt@ucc.asn.au>
parents: 41
diff changeset
368 /* We can ignore '\r's */
942b22d7dd1c Banner printing
Matt Johnston <matt@ucc.asn.au>
parents: 41
diff changeset
369 if ( (c >= ' ' && c <= '~') || c == '\n' || c == '\t') {
942b22d7dd1c Banner printing
Matt Johnston <matt@ucc.asn.au>
parents: 41
diff changeset
370 dirtytext[j] = c;
942b22d7dd1c Banner printing
Matt Johnston <matt@ucc.asn.au>
parents: 41
diff changeset
371 j++;
942b22d7dd1c Banner printing
Matt Johnston <matt@ucc.asn.au>
parents: 41
diff changeset
372 }
942b22d7dd1c Banner printing
Matt Johnston <matt@ucc.asn.au>
parents: 41
diff changeset
373 }
942b22d7dd1c Banner printing
Matt Johnston <matt@ucc.asn.au>
parents: 41
diff changeset
374 /* Null terminate */
942b22d7dd1c Banner printing
Matt Johnston <matt@ucc.asn.au>
parents: 41
diff changeset
375 dirtytext[j] = '\0';
942b22d7dd1c Banner printing
Matt Johnston <matt@ucc.asn.au>
parents: 41
diff changeset
376 }
937
4ad38e223ccd Send a failure response if a client receives a global request
Matt Johnston <matt@ucc.asn.au>
parents: 883
diff changeset
377
4ad38e223ccd Send a failure response if a client receives a global request
Matt Johnston <matt@ucc.asn.au>
parents: 883
diff changeset
378 static void recv_msg_global_request_cli(void) {
4ad38e223ccd Send a failure response if a client receives a global request
Matt Johnston <matt@ucc.asn.au>
parents: 883
diff changeset
379 TRACE(("recv_msg_global_request_cli"))
4ad38e223ccd Send a failure response if a client receives a global request
Matt Johnston <matt@ucc.asn.au>
parents: 883
diff changeset
380 /* Send a proper rejection */
4ad38e223ccd Send a failure response if a client receives a global request
Matt Johnston <matt@ucc.asn.au>
parents: 883
diff changeset
381 send_msg_request_failure();
4ad38e223ccd Send a failure response if a client receives a global request
Matt Johnston <matt@ucc.asn.au>
parents: 883
diff changeset
382 }