Mercurial > dropbear
comparison common-session.c @ 546:568638be7203 agent-client
propagate from branch 'au.asn.ucc.matt.dropbear' (head 899a8851a5edf840b2f7925bcc26ffe99dcac54d)
to branch 'au.asn.ucc.matt.dropbear.cli-agent' (head 6bbab8364de17bd9ecb1dee5ffb796e48c0380d2)
author | Matt Johnston <matt@ucc.asn.au> |
---|---|
date | Wed, 01 Jul 2009 04:16:32 +0000 |
parents | 7de2f22ea759 |
children | 005530560594 |
comparison
equal
deleted
inserted
replaced
500:d588e3ea557a | 546:568638be7203 |
---|---|
61 ses.sock_in = sock_in; | 61 ses.sock_in = sock_in; |
62 ses.sock_out = sock_out; | 62 ses.sock_out = sock_out; |
63 ses.maxfd = MAX(sock_in, sock_out); | 63 ses.maxfd = MAX(sock_in, sock_out); |
64 | 64 |
65 ses.connect_time = 0; | 65 ses.connect_time = 0; |
66 ses.last_trx_packet_time = 0; | |
66 ses.last_packet_time = 0; | 67 ses.last_packet_time = 0; |
67 | 68 |
68 if (pipe(ses.signal_pipe) < 0) { | 69 if (pipe(ses.signal_pipe) < 0) { |
69 dropbear_exit("signal pipe failed"); | 70 dropbear_exit("signal pipe failed"); |
70 } | 71 } |
71 setnonblocking(ses.signal_pipe[0]); | 72 setnonblocking(ses.signal_pipe[0]); |
72 setnonblocking(ses.signal_pipe[1]); | 73 setnonblocking(ses.signal_pipe[1]); |
74 | |
75 ses.maxfd = MAX(ses.maxfd, ses.signal_pipe[0]); | |
76 ses.maxfd = MAX(ses.maxfd, ses.signal_pipe[1]); | |
73 | 77 |
74 kexfirstinitialise(); /* initialise the kex state */ | 78 kexfirstinitialise(); /* initialise the kex state */ |
75 | 79 |
76 ses.writepayload = buf_new(TRANS_MAX_PAYLOAD_LEN); | 80 ses.writepayload = buf_new(TRANS_MAX_PAYLOAD_LEN); |
77 ses.transseq = 0; | 81 ses.transseq = 0; |
78 | 82 |
79 ses.readbuf = NULL; | 83 ses.readbuf = NULL; |
80 ses.decryptreadbuf = NULL; | |
81 ses.payload = NULL; | 84 ses.payload = NULL; |
82 ses.recvseq = 0; | 85 ses.recvseq = 0; |
83 | 86 |
84 initqueue(&ses.writequeue); | 87 initqueue(&ses.writequeue); |
85 | 88 |
92 ses.reply_queue_tail = NULL; | 95 ses.reply_queue_tail = NULL; |
93 | 96 |
94 /* set all the algos to none */ | 97 /* set all the algos to none */ |
95 ses.keys = (struct key_context*)m_malloc(sizeof(struct key_context)); | 98 ses.keys = (struct key_context*)m_malloc(sizeof(struct key_context)); |
96 ses.newkeys = NULL; | 99 ses.newkeys = NULL; |
97 ses.keys->recv_algo_crypt = &dropbear_nocipher; | 100 ses.keys->recv.algo_crypt = &dropbear_nocipher; |
98 ses.keys->trans_algo_crypt = &dropbear_nocipher; | 101 ses.keys->trans.algo_crypt = &dropbear_nocipher; |
99 | 102 ses.keys->recv.crypt_mode = &dropbear_mode_none; |
100 ses.keys->recv_algo_mac = &dropbear_nohash; | 103 ses.keys->trans.crypt_mode = &dropbear_mode_none; |
101 ses.keys->trans_algo_mac = &dropbear_nohash; | 104 |
105 ses.keys->recv.algo_mac = &dropbear_nohash; | |
106 ses.keys->trans.algo_mac = &dropbear_nohash; | |
102 | 107 |
103 ses.keys->algo_kex = -1; | 108 ses.keys->algo_kex = -1; |
104 ses.keys->algo_hostkey = -1; | 109 ses.keys->algo_hostkey = -1; |
105 ses.keys->recv_algo_comp = DROPBEAR_COMP_NONE; | 110 ses.keys->recv.algo_comp = DROPBEAR_COMP_NONE; |
106 ses.keys->trans_algo_comp = DROPBEAR_COMP_NONE; | 111 ses.keys->trans.algo_comp = DROPBEAR_COMP_NONE; |
107 | 112 |
108 #ifndef DISABLE_ZLIB | 113 #ifndef DISABLE_ZLIB |
109 ses.keys->recv_zstream = NULL; | 114 ses.keys->recv.zstream = NULL; |
110 ses.keys->trans_zstream = NULL; | 115 ses.keys->trans.zstream = NULL; |
111 #endif | 116 #endif |
112 | 117 |
113 /* key exchange buffers */ | 118 /* key exchange buffers */ |
114 ses.session_id = NULL; | 119 ses.session_id = NULL; |
115 ses.kexhashbuf = NULL; | 120 ses.kexhashbuf = NULL; |
254 if (atomicio(write, ses.sock_out, LOCAL_IDENT "\r\n", | 259 if (atomicio(write, ses.sock_out, LOCAL_IDENT "\r\n", |
255 strlen(LOCAL_IDENT "\r\n")) == DROPBEAR_FAILURE) { | 260 strlen(LOCAL_IDENT "\r\n")) == DROPBEAR_FAILURE) { |
256 ses.remoteclosed(); | 261 ses.remoteclosed(); |
257 } | 262 } |
258 | 263 |
259 /* If they send more than 50 lines, something is wrong */ | 264 /* If they send more than 50 lines, something is wrong */ |
260 for (i = 0; i < 50; i++) { | 265 for (i = 0; i < 50; i++) { |
261 len = ident_readln(ses.sock_in, linebuf, sizeof(linebuf)); | 266 len = ident_readln(ses.sock_in, linebuf, sizeof(linebuf)); |
262 | 267 |
263 if (len < 0 && errno != EINTR) { | 268 if (len < 0 && errno != EINTR) { |
264 /* It failed */ | 269 /* It failed */ |
279 /* linebuf is already null terminated */ | 284 /* linebuf is already null terminated */ |
280 ses.remoteident = m_malloc(len); | 285 ses.remoteident = m_malloc(len); |
281 memcpy(ses.remoteident, linebuf, len); | 286 memcpy(ses.remoteident, linebuf, len); |
282 } | 287 } |
283 | 288 |
284 /* Shall assume that 2.x will be backwards compatible. */ | 289 /* Shall assume that 2.x will be backwards compatible. */ |
285 if (strncmp(ses.remoteident, "SSH-2.", 6) != 0 | 290 if (strncmp(ses.remoteident, "SSH-2.", 6) != 0 |
286 && strncmp(ses.remoteident, "SSH-1.99-", 9) != 0) { | 291 && strncmp(ses.remoteident, "SSH-1.99-", 9) != 0) { |
287 dropbear_exit("Incompatible remote version '%s'", ses.remoteident); | 292 dropbear_exit("Incompatible remote version '%s'", ses.remoteident); |
288 } | 293 } |
289 | 294 |
290 TRACE(("remoteident: %s", ses.remoteident)) | 295 TRACE(("remoteident: %s", ses.remoteident)) |
291 | 296 |
292 } | 297 } |
293 | 298 |
395 TRACE(("rekeying after timeout or max data reached")) | 400 TRACE(("rekeying after timeout or max data reached")) |
396 send_msg_kexinit(); | 401 send_msg_kexinit(); |
397 } | 402 } |
398 | 403 |
399 if (opts.keepalive_secs > 0 | 404 if (opts.keepalive_secs > 0 |
400 && now - ses.last_packet_time >= opts.keepalive_secs) { | 405 && now - ses.last_trx_packet_time >= opts.keepalive_secs) { |
401 send_msg_ignore(); | 406 send_msg_ignore(); |
407 } | |
408 | |
409 if (opts.idle_timeout_secs > 0 && ses.last_packet_time > 0 | |
410 && now - ses.last_packet_time >= opts.idle_timeout_secs) { | |
411 dropbear_close("Idle timeout"); | |
402 } | 412 } |
403 } | 413 } |
404 | 414 |
405 static long select_timeout() { | 415 static long select_timeout() { |
406 /* determine the minimum timeout that might be required, so | 416 /* determine the minimum timeout that might be required, so |
410 ret = MIN(KEX_REKEY_TIMEOUT, ret); | 420 ret = MIN(KEX_REKEY_TIMEOUT, ret); |
411 if (AUTH_TIMEOUT > 0) | 421 if (AUTH_TIMEOUT > 0) |
412 ret = MIN(AUTH_TIMEOUT, ret); | 422 ret = MIN(AUTH_TIMEOUT, ret); |
413 if (opts.keepalive_secs > 0) | 423 if (opts.keepalive_secs > 0) |
414 ret = MIN(opts.keepalive_secs, ret); | 424 ret = MIN(opts.keepalive_secs, ret); |
425 if (opts.idle_timeout_secs > 0) | |
426 ret = MIN(opts.idle_timeout_secs, ret); | |
415 return ret; | 427 return ret; |
416 } | 428 } |
417 | 429 |
418 const char* get_user_shell() { | 430 const char* get_user_shell() { |
419 /* an empty shell should be interpreted as "/bin/sh" */ | 431 /* an empty shell should be interpreted as "/bin/sh" */ |