Mercurial > dropbear
comparison common-session.c @ 1739:13d834efc376 fuzz
merge from main
| author | Matt Johnston <matt@ucc.asn.au> |
|---|---|
| date | Thu, 15 Oct 2020 19:55:15 +0800 |
| parents | 3974f087d9c0 |
| children | 3b9b427925a0 |
comparison
equal
deleted
inserted
replaced
| 1562:768ebf737aa0 | 1739:13d834efc376 |
|---|---|
| 66 | 66 |
| 67 ses.socket_prio = DROPBEAR_PRIO_DEFAULT; | 67 ses.socket_prio = DROPBEAR_PRIO_DEFAULT; |
| 68 /* Sets it to lowdelay */ | 68 /* Sets it to lowdelay */ |
| 69 update_channel_prio(); | 69 update_channel_prio(); |
| 70 | 70 |
| 71 #if !DROPBEAR_SVR_MULTIUSER | |
| 72 /* A sanity check to prevent an accidental configuration option | |
| 73 leaving multiuser systems exposed */ | |
| 74 errno = 0; | |
| 75 getuid(); | |
| 76 if (errno != ENOSYS) { | |
| 77 dropbear_exit("Non-multiuser Dropbear requires a non-multiuser kernel"); | |
| 78 } | |
| 79 #endif | |
| 80 | |
| 71 now = monotonic_now(); | 81 now = monotonic_now(); |
| 72 ses.connect_time = now; | 82 ses.connect_time = now; |
| 73 ses.last_packet_time_keepalive_recv = now; | 83 ses.last_packet_time_keepalive_recv = now; |
| 74 ses.last_packet_time_idle = now; | 84 ses.last_packet_time_idle = now; |
| 75 ses.last_packet_time_any_sent = 0; | 85 ses.last_packet_time_any_sent = 0; |
| 135 | 145 |
| 136 ses.chantypes = NULL; | 146 ses.chantypes = NULL; |
| 137 | 147 |
| 138 ses.allowprivport = 0; | 148 ses.allowprivport = 0; |
| 139 | 149 |
| 150 #if DROPBEAR_PLUGIN | |
| 151 ses.plugin_session = NULL; | |
| 152 #endif | |
| 153 | |
| 140 TRACE(("leave session_init")) | 154 TRACE(("leave session_init")) |
| 141 } | 155 } |
| 142 | 156 |
| 143 void session_loop(void(*loophandler)(void)) { | 157 void session_loop(void(*loophandler)(void)) { |
| 144 | 158 |
| 150 for(;;) { | 164 for(;;) { |
| 151 const int writequeue_has_space = (ses.writequeue_len <= 2*TRANS_MAX_PAYLOAD_LEN); | 165 const int writequeue_has_space = (ses.writequeue_len <= 2*TRANS_MAX_PAYLOAD_LEN); |
| 152 | 166 |
| 153 timeout.tv_sec = select_timeout(); | 167 timeout.tv_sec = select_timeout(); |
| 154 timeout.tv_usec = 0; | 168 timeout.tv_usec = 0; |
| 155 FD_ZERO(&writefd); | 169 DROPBEAR_FD_ZERO(&writefd); |
| 156 FD_ZERO(&readfd); | 170 DROPBEAR_FD_ZERO(&readfd); |
| 171 | |
| 157 dropbear_assert(ses.payload == NULL); | 172 dropbear_assert(ses.payload == NULL); |
| 158 | 173 |
| 159 /* We get woken up when signal handlers write to this pipe. | 174 /* We get woken up when signal handlers write to this pipe. |
| 160 SIGCHLD in svr-chansession is the only one currently. */ | 175 SIGCHLD in svr-chansession is the only one currently. */ |
| 161 #if DROPBEAR_FUZZ | 176 #if DROPBEAR_FUZZ |
| 202 if (val <= 0) { | 217 if (val <= 0) { |
| 203 /* If we were interrupted or the select timed out, we still | 218 /* If we were interrupted or the select timed out, we still |
| 204 * want to iterate over channels etc for reading, to handle | 219 * want to iterate over channels etc for reading, to handle |
| 205 * server processes exiting etc. | 220 * server processes exiting etc. |
| 206 * We don't want to read/write FDs. */ | 221 * We don't want to read/write FDs. */ |
| 207 FD_ZERO(&writefd); | 222 DROPBEAR_FD_ZERO(&writefd); |
| 208 FD_ZERO(&readfd); | 223 DROPBEAR_FD_ZERO(&readfd); |
| 209 } | 224 } |
| 210 | 225 |
| 211 /* We'll just empty out the pipe if required. We don't do | 226 /* We'll just empty out the pipe if required. We don't do |
| 212 any thing with the data, since the pipe's purpose is purely to | 227 any thing with the data, since the pipe's purpose is purely to |
| 213 wake up the select() above. */ | 228 wake up the select() above. */ |
| 344 } | 359 } |
| 345 | 360 |
| 346 void send_session_identification() { | 361 void send_session_identification() { |
| 347 buffer *writebuf = buf_new(strlen(LOCAL_IDENT "\r\n") + 1); | 362 buffer *writebuf = buf_new(strlen(LOCAL_IDENT "\r\n") + 1); |
| 348 buf_putbytes(writebuf, (const unsigned char *) LOCAL_IDENT "\r\n", strlen(LOCAL_IDENT "\r\n")); | 363 buf_putbytes(writebuf, (const unsigned char *) LOCAL_IDENT "\r\n", strlen(LOCAL_IDENT "\r\n")); |
| 349 writebuf_enqueue(writebuf, 0); | 364 writebuf_enqueue(writebuf); |
| 350 } | 365 } |
| 351 | 366 |
| 352 static void read_session_identification() { | 367 static void read_session_identification() { |
| 353 /* max length of 255 chars */ | 368 /* max length of 255 chars */ |
| 354 char linebuf[256]; | 369 char linebuf[256]; |
| 355 int len = 0; | 370 int len = 0; |
| 356 char done = 0; | 371 char done = 0; |
| 357 int i; | 372 int i; |
| 358 /* If they send more than 50 lines, something is wrong */ | 373 |
| 359 for (i = 0; i < 50; i++) { | 374 /* Servers may send other lines of data before sending the |
| 375 * version string, client must be able to process such lines. | |
| 376 * If they send more than 50 lines, something is wrong */ | |
| 377 for (i = IS_DROPBEAR_CLIENT ? 50 : 1; i > 0; i--) { | |
| 360 len = ident_readln(ses.sock_in, linebuf, sizeof(linebuf)); | 378 len = ident_readln(ses.sock_in, linebuf, sizeof(linebuf)); |
| 361 | 379 |
| 362 if (len < 0 && errno != EINTR) { | 380 if (len < 0 && errno != EINTR) { |
| 363 /* It failed */ | 381 /* It failed */ |
| 364 break; | 382 break; |
| 404 | 422 |
| 405 if (count < 1) { | 423 if (count < 1) { |
| 406 return -1; | 424 return -1; |
| 407 } | 425 } |
| 408 | 426 |
| 409 FD_ZERO(&fds); | 427 DROPBEAR_FD_ZERO(&fds); |
| 410 | 428 |
| 411 /* select since it's a non-blocking fd */ | 429 /* select since it's a non-blocking fd */ |
| 412 | 430 |
| 413 /* leave space to null-terminate */ | 431 /* leave space to null-terminate */ |
| 414 while (pos < count-1) { | 432 while (pos < count-1) { |