Mercurial > dropbear

comparison cli-session.c @ 285:1b9e69c058d2

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 20dccfc09627970a312d77fb41dc2970b62689c3) to branch 'au.asn.ucc.matt.dropbear' (head fdf4a7a3b97ae5046139915de7e40399cceb2c01)
author Matt Johnston <matt@ucc.asn.au>
date Wed, 08 Mar 2006 13:23:58 +0000
parents 3be7ae2e8dfa
children 6b41e2cbf071 79bf1023cf11 973fccb59ea4 0e4f225b7e07
comparison
equal deleted inserted replaced
281:997e6f7dc01e 285:1b9e69c058d2
1 /*
2 * Dropbear SSH
3 *
4 * Copyright (c) 2002,2003 Matt Johnston
5 * Copyright (c) 2004 by Mihnea Stoenescu
6 * All rights reserved.
7 *
8 * Permission is hereby granted, free of charge, to any person obtaining a copy
9 * of this software and associated documentation files (the "Software"), to deal
10 * in the Software without restriction, including without limitation the rights
11 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
12 * copies of the Software, and to permit persons to whom the Software is
13 * furnished to do so, subject to the following conditions:
14 *
15 * The above copyright notice and this permission notice shall be included in
16 * all copies or substantial portions of the Software.
17 *
18 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
19 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
20 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
21 * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
22 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
23 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
24 * SOFTWARE. */
25
26 #include "includes.h"
27 #include "session.h"
28 #include "dbutil.h"
29 #include "kex.h"
30 #include "ssh.h"
31 #include "packet.h"
32 #include "tcpfwd.h"
33 #include "channel.h"
34 #include "random.h"
35 #include "service.h"
36 #include "runopts.h"
37 #include "chansession.h"
38
39 static void cli_remoteclosed();
40 static void cli_sessionloop();
41 static void cli_session_init();
42 static void cli_finished();
43
44 struct clientsession cli_ses; /* GLOBAL */
45
46 /* Sorted in decreasing frequency will be more efficient - data and window
47 * should be first */
48 static const packettype cli_packettypes[] = {
49 /* TYPE, FUNCTION */
50 {SSH_MSG_CHANNEL_DATA, recv_msg_channel_data},
51 {SSH_MSG_CHANNEL_EXTENDED_DATA, recv_msg_channel_extended_data},
52 {SSH_MSG_CHANNEL_WINDOW_ADJUST, recv_msg_channel_window_adjust},
53 {SSH_MSG_USERAUTH_FAILURE, recv_msg_userauth_failure}, /* client */
54 {SSH_MSG_USERAUTH_SUCCESS, recv_msg_userauth_success}, /* client */
55 {SSH_MSG_KEXINIT, recv_msg_kexinit},
56 {SSH_MSG_KEXDH_REPLY, recv_msg_kexdh_reply}, /* client */
57 {SSH_MSG_NEWKEYS, recv_msg_newkeys},
58 {SSH_MSG_SERVICE_ACCEPT, recv_msg_service_accept}, /* client */
59 {SSH_MSG_CHANNEL_REQUEST, recv_msg_channel_request},
60 {SSH_MSG_CHANNEL_OPEN, recv_msg_channel_open},
61 {SSH_MSG_CHANNEL_EOF, recv_msg_channel_eof},
62 {SSH_MSG_CHANNEL_CLOSE, recv_msg_channel_close},
63 {SSH_MSG_CHANNEL_OPEN_CONFIRMATION, recv_msg_channel_open_confirmation},
64 {SSH_MSG_CHANNEL_OPEN_FAILURE, recv_msg_channel_open_failure},
65 {SSH_MSG_USERAUTH_BANNER, recv_msg_userauth_banner}, /* client */
66 {SSH_MSG_USERAUTH_SPECIFIC_60, recv_msg_userauth_specific_60}, /* client */
67 {0, 0} /* End */
68 };
69
70 static const struct ChanType *cli_chantypes[] = {
71 #ifdef ENABLE_CLI_REMOTETCPFWD
72 &cli_chan_tcpremote,
73 #endif
74 NULL /* Null termination */
75 };
76
77 void cli_session(int sock, char* remotehost) {
78
79 seedrandom();
80
81 crypto_init();
82
83 common_session_init(sock, remotehost);
84
85 chaninitialise(cli_chantypes);
86
87 /* Set up cli_ses vars */
88 cli_session_init();
89
90 /* Ready to go */
91 sessinitdone = 1;
92
93 /* Exchange identification */
94 session_identification();
95
96 send_msg_kexinit();
97
98 session_loop(cli_sessionloop);
99
100 /* Not reached */
101
102 }
103
104 static void cli_session_init() {
105
106 cli_ses.state = STATE_NOTHING;
107 cli_ses.kex_state = KEX_NOTHING;
108
109 cli_ses.tty_raw_mode = 0;
110 cli_ses.winchange = 0;
111
112 /* We store std{in,out,err}'s flags, so we can set them back on exit
113 * (otherwise busybox's ash isn't happy */
114 cli_ses.stdincopy = dup(STDIN_FILENO);
115 cli_ses.stdinflags = fcntl(STDIN_FILENO, F_GETFL, 0);
116 cli_ses.stdoutcopy = dup(STDOUT_FILENO);
117 cli_ses.stdoutflags = fcntl(STDOUT_FILENO, F_GETFL, 0);
118 cli_ses.stderrcopy = dup(STDERR_FILENO);
119 cli_ses.stderrflags = fcntl(STDERR_FILENO, F_GETFL, 0);
120
121 cli_ses.retval = EXIT_SUCCESS; /* Assume it's clean if we don't get a
122 specific exit status */
123
124 /* Auth */
125 cli_ses.lastprivkey = NULL;
126 cli_ses.lastauthtype = 0;
127
128 /* For printing "remote host closed" for the user */
129 ses.remoteclosed = cli_remoteclosed;
130 ses.buf_match_algo = cli_buf_match_algo;
131
132 /* packet handlers */
133 ses.packettypes = cli_packettypes;
134
135 ses.isserver = 0;
136 }
137
138 /* This function drives the progress of the session - it initiates KEX,
139 * service, userauth and channel requests */
140 static void cli_sessionloop() {
141
142 TRACE(("enter cli_sessionloop"))
143
144 if (ses.lastpacket == SSH_MSG_KEXINIT && cli_ses.kex_state == KEX_NOTHING) {
145 cli_ses.kex_state = KEXINIT_RCVD;
146 }
147
148 if (cli_ses.kex_state == KEXINIT_RCVD) {
149
150 /* We initiate the KEXDH. If DH wasn't the correct type, the KEXINIT
151 * negotiation would have failed. */
152 send_msg_kexdh_init();
153 cli_ses.kex_state = KEXDH_INIT_SENT;
154 TRACE(("leave cli_sessionloop: done with KEXINIT_RCVD"))
155 return;
156 }
157
158 /* A KEX has finished, so we should go back to our KEX_NOTHING state */
159 if (cli_ses.kex_state != KEX_NOTHING && ses.kexstate.recvkexinit == 0
160 && ses.kexstate.sentkexinit == 0) {
161 cli_ses.kex_state = KEX_NOTHING;
162 }
163
164 /* We shouldn't do anything else if a KEX is in progress */
165 if (cli_ses.kex_state != KEX_NOTHING) {
166 TRACE(("leave cli_sessionloop: kex_state != KEX_NOTHING"))
167 return;
168 }
169
170 /* We should exit if we haven't donefirstkex: we shouldn't reach here
171 * in normal operation */
172 if (ses.kexstate.donefirstkex == 0) {
173 TRACE(("XXX XXX might be bad! leave cli_sessionloop: haven't donefirstkex"))
174 return;
175 }
176
177 switch (cli_ses.state) {
178
179 case STATE_NOTHING:
180 /* We've got the transport layer sorted, we now need to request
181 * userauth */
182 send_msg_service_request(SSH_SERVICE_USERAUTH);
183 cli_ses.state = SERVICE_AUTH_REQ_SENT;
184 TRACE(("leave cli_sessionloop: sent userauth service req"))
185 return;
186
187 /* userauth code */
188 case SERVICE_AUTH_ACCEPT_RCVD:
189 cli_auth_getmethods();
190 cli_ses.state = USERAUTH_REQ_SENT;
191 TRACE(("leave cli_sessionloop: sent userauth methods req"))
192 return;
193
194 case USERAUTH_FAIL_RCVD:
195 cli_auth_try();
196 cli_ses.state = USERAUTH_REQ_SENT;
197 TRACE(("leave cli_sessionloop: cli_auth_try"))
198 return;
199
200 /*
201 case USERAUTH_SUCCESS_RCVD:
202 send_msg_service_request(SSH_SERVICE_CONNECTION);
203 cli_ses.state = SERVICE_CONN_REQ_SENT;
204 TRACE(("leave cli_sessionloop: sent ssh-connection service req"))
205 return;
206
207 case SERVICE_CONN_ACCEPT_RCVD:
208 cli_send_chansess_request();
209 TRACE(("leave cli_sessionloop: cli_send_chansess_request"))
210 cli_ses.state = SESSION_RUNNING;
211 return;
212 */
213
214 case USERAUTH_SUCCESS_RCVD:
215 #ifdef ENABLE_CLI_LOCALTCPFWD
216 setup_localtcp();
217 #endif
218 #ifdef ENABLE_CLI_REMOTETCPFWD
219 setup_remotetcp();
220 #endif
221 cli_send_chansess_request();
222 TRACE(("leave cli_sessionloop: cli_send_chansess_request"))
223 cli_ses.state = SESSION_RUNNING;
224 return;
225
226 case SESSION_RUNNING:
227 if (ses.chancount < 1) {
228 cli_finished();
229 }
230
231 if (cli_ses.winchange) {
232 cli_chansess_winchange();
233 }
234 return;
235
236 /* XXX more here needed */
237
238
239 default:
240 break;
241 }
242
243 TRACE(("leave cli_sessionloop: fell out"))
244
245 }
246
247 void cli_session_cleanup() {
248
249 if (!sessinitdone) {
250 return;
251 }
252
253 /* Set std{in,out,err} back to non-blocking - busybox ash dies nastily if
254 * we don't revert the flags */
255 fcntl(cli_ses.stdincopy, F_SETFL, cli_ses.stdinflags);
256 fcntl(cli_ses.stdoutcopy, F_SETFL, cli_ses.stdoutflags);
257 fcntl(cli_ses.stderrcopy, F_SETFL, cli_ses.stderrflags);
258
259 cli_tty_cleanup();
260
261 }
262
263 static void cli_finished() {
264
265 cli_session_cleanup();
266 common_session_cleanup();
267 fprintf(stderr, "Connection to %s@%s:%s closed.\n", cli_opts.username,
268 cli_opts.remotehost, cli_opts.remoteport);
269 exit(cli_ses.retval);
270 }
271
272
273 /* called when the remote side closes the connection */
274 static void cli_remoteclosed() {
275
276 /* XXX TODO perhaps print a friendlier message if we get this but have
277 * already sent/received disconnect message(s) ??? */
278 close(ses.sock);
279 ses.sock = -1;
280 dropbear_exit("remote closed the connection");
281 }
282
283 /* Operates in-place turning dirty (untrusted potentially containing control
284 * characters) text into clean text.
285 * Note: this is safe only with ascii - other charsets could have problems. */
286 void cleantext(unsigned char* dirtytext) {
287
288 unsigned int i, j;
289 unsigned char c;
290
291 j = 0;
292 for (i = 0; dirtytext[i] != '\0'; i++) {
293
294 c = dirtytext[i];
295 /* We can ignore '\r's */
296 if ( (c >= ' ' && c <= '~') || c == '\n' || c == '\t') {
297 dirtytext[j] = c;
298 j++;
299 }
300 }
301 /* Null terminate */
302 dirtytext[j] = '\0';
303 }