Mercurial > dropbear
comparison common-session.c @ 1739:13d834efc376 fuzz
merge from main
author | Matt Johnston <matt@ucc.asn.au> |
---|---|
date | Thu, 15 Oct 2020 19:55:15 +0800 |
parents | 3974f087d9c0 |
children | 3b9b427925a0 |
comparison
equal
deleted
inserted
replaced
1562:768ebf737aa0 | 1739:13d834efc376 |
---|---|
66 | 66 |
67 ses.socket_prio = DROPBEAR_PRIO_DEFAULT; | 67 ses.socket_prio = DROPBEAR_PRIO_DEFAULT; |
68 /* Sets it to lowdelay */ | 68 /* Sets it to lowdelay */ |
69 update_channel_prio(); | 69 update_channel_prio(); |
70 | 70 |
71 #if !DROPBEAR_SVR_MULTIUSER | |
72 /* A sanity check to prevent an accidental configuration option | |
73 leaving multiuser systems exposed */ | |
74 errno = 0; | |
75 getuid(); | |
76 if (errno != ENOSYS) { | |
77 dropbear_exit("Non-multiuser Dropbear requires a non-multiuser kernel"); | |
78 } | |
79 #endif | |
80 | |
71 now = monotonic_now(); | 81 now = monotonic_now(); |
72 ses.connect_time = now; | 82 ses.connect_time = now; |
73 ses.last_packet_time_keepalive_recv = now; | 83 ses.last_packet_time_keepalive_recv = now; |
74 ses.last_packet_time_idle = now; | 84 ses.last_packet_time_idle = now; |
75 ses.last_packet_time_any_sent = 0; | 85 ses.last_packet_time_any_sent = 0; |
135 | 145 |
136 ses.chantypes = NULL; | 146 ses.chantypes = NULL; |
137 | 147 |
138 ses.allowprivport = 0; | 148 ses.allowprivport = 0; |
139 | 149 |
150 #if DROPBEAR_PLUGIN | |
151 ses.plugin_session = NULL; | |
152 #endif | |
153 | |
140 TRACE(("leave session_init")) | 154 TRACE(("leave session_init")) |
141 } | 155 } |
142 | 156 |
143 void session_loop(void(*loophandler)(void)) { | 157 void session_loop(void(*loophandler)(void)) { |
144 | 158 |
150 for(;;) { | 164 for(;;) { |
151 const int writequeue_has_space = (ses.writequeue_len <= 2*TRANS_MAX_PAYLOAD_LEN); | 165 const int writequeue_has_space = (ses.writequeue_len <= 2*TRANS_MAX_PAYLOAD_LEN); |
152 | 166 |
153 timeout.tv_sec = select_timeout(); | 167 timeout.tv_sec = select_timeout(); |
154 timeout.tv_usec = 0; | 168 timeout.tv_usec = 0; |
155 FD_ZERO(&writefd); | 169 DROPBEAR_FD_ZERO(&writefd); |
156 FD_ZERO(&readfd); | 170 DROPBEAR_FD_ZERO(&readfd); |
171 | |
157 dropbear_assert(ses.payload == NULL); | 172 dropbear_assert(ses.payload == NULL); |
158 | 173 |
159 /* We get woken up when signal handlers write to this pipe. | 174 /* We get woken up when signal handlers write to this pipe. |
160 SIGCHLD in svr-chansession is the only one currently. */ | 175 SIGCHLD in svr-chansession is the only one currently. */ |
161 #if DROPBEAR_FUZZ | 176 #if DROPBEAR_FUZZ |
202 if (val <= 0) { | 217 if (val <= 0) { |
203 /* If we were interrupted or the select timed out, we still | 218 /* If we were interrupted or the select timed out, we still |
204 * want to iterate over channels etc for reading, to handle | 219 * want to iterate over channels etc for reading, to handle |
205 * server processes exiting etc. | 220 * server processes exiting etc. |
206 * We don't want to read/write FDs. */ | 221 * We don't want to read/write FDs. */ |
207 FD_ZERO(&writefd); | 222 DROPBEAR_FD_ZERO(&writefd); |
208 FD_ZERO(&readfd); | 223 DROPBEAR_FD_ZERO(&readfd); |
209 } | 224 } |
210 | 225 |
211 /* We'll just empty out the pipe if required. We don't do | 226 /* We'll just empty out the pipe if required. We don't do |
212 any thing with the data, since the pipe's purpose is purely to | 227 any thing with the data, since the pipe's purpose is purely to |
213 wake up the select() above. */ | 228 wake up the select() above. */ |
344 } | 359 } |
345 | 360 |
346 void send_session_identification() { | 361 void send_session_identification() { |
347 buffer *writebuf = buf_new(strlen(LOCAL_IDENT "\r\n") + 1); | 362 buffer *writebuf = buf_new(strlen(LOCAL_IDENT "\r\n") + 1); |
348 buf_putbytes(writebuf, (const unsigned char *) LOCAL_IDENT "\r\n", strlen(LOCAL_IDENT "\r\n")); | 363 buf_putbytes(writebuf, (const unsigned char *) LOCAL_IDENT "\r\n", strlen(LOCAL_IDENT "\r\n")); |
349 writebuf_enqueue(writebuf, 0); | 364 writebuf_enqueue(writebuf); |
350 } | 365 } |
351 | 366 |
352 static void read_session_identification() { | 367 static void read_session_identification() { |
353 /* max length of 255 chars */ | 368 /* max length of 255 chars */ |
354 char linebuf[256]; | 369 char linebuf[256]; |
355 int len = 0; | 370 int len = 0; |
356 char done = 0; | 371 char done = 0; |
357 int i; | 372 int i; |
358 /* If they send more than 50 lines, something is wrong */ | 373 |
359 for (i = 0; i < 50; i++) { | 374 /* Servers may send other lines of data before sending the |
375 * version string, client must be able to process such lines. | |
376 * If they send more than 50 lines, something is wrong */ | |
377 for (i = IS_DROPBEAR_CLIENT ? 50 : 1; i > 0; i--) { | |
360 len = ident_readln(ses.sock_in, linebuf, sizeof(linebuf)); | 378 len = ident_readln(ses.sock_in, linebuf, sizeof(linebuf)); |
361 | 379 |
362 if (len < 0 && errno != EINTR) { | 380 if (len < 0 && errno != EINTR) { |
363 /* It failed */ | 381 /* It failed */ |
364 break; | 382 break; |
404 | 422 |
405 if (count < 1) { | 423 if (count < 1) { |
406 return -1; | 424 return -1; |
407 } | 425 } |
408 | 426 |
409 FD_ZERO(&fds); | 427 DROPBEAR_FD_ZERO(&fds); |
410 | 428 |
411 /* select since it's a non-blocking fd */ | 429 /* select since it's a non-blocking fd */ |
412 | 430 |
413 /* leave space to null-terminate */ | 431 /* leave space to null-terminate */ |
414 while (pos < count-1) { | 432 while (pos < count-1) { |