Mercurial > dropbear

comparison common-session.c @ 1511:5916af64acd4 fuzz

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
merge from main
author Matt Johnston <matt@ucc.asn.au>
date Sat, 17 Feb 2018 19:29:51 +0800
parents 6b89eb92f872 0c16b4ccbd54
children bb8eaa26bc93
comparison
equal deleted inserted replaced
1457:32f990cc96b1 1511:5916af64acd4
41 static int ident_readln(int fd, char* buf, int count); 41 static int ident_readln(int fd, char* buf, int count);
42 static void read_session_identification(void); 42 static void read_session_identification(void);
43 43
44 struct sshsession ses; /* GLOBAL */ 44 struct sshsession ses; /* GLOBAL */
45 45
46 /* need to know if the session struct has been initialised, this way isn't the
47 * cleanest, but works OK */
48 int sessinitdone = 0; /* GLOBAL */
49
50 /* this is set when we get SIGINT or SIGTERM, the handler is in main.c */
51 int exitflag = 0; /* GLOBAL */
52
53 /* called only at the start of a session, set up initial state */ 46 /* called only at the start of a session, set up initial state */
54 void common_session_init(int sock_in, int sock_out) { 47 void common_session_init(int sock_in, int sock_out) {
55 time_t now; 48 time_t now;
56 49
57 #if DEBUG_TRACE 50 #if DEBUG_TRACE
84 77
85 #ifdef DROPBEAR_FUZZ 78 #ifdef DROPBEAR_FUZZ
86 if (!fuzz.fuzzing) 79 if (!fuzz.fuzzing)
87 #endif 80 #endif
88 { 81 {
89 if (pipe(ses.signal_pipe) < 0) { 82 if (pipe(ses.signal_pipe) < 0) {
90 dropbear_exit("Signal pipe failed"); 83 dropbear_exit("Signal pipe failed");
91 } 84 }
92 setnonblocking(ses.signal_pipe[0]); 85 setnonblocking(ses.signal_pipe[0]);
93 setnonblocking(ses.signal_pipe[1]); 86 setnonblocking(ses.signal_pipe[1]);
94 ses.maxfd = MAX(ses.maxfd, ses.signal_pipe[0]); 87 ses.maxfd = MAX(ses.maxfd, ses.signal_pipe[0]);
95 ses.maxfd = MAX(ses.maxfd, ses.signal_pipe[1]); 88 ses.maxfd = MAX(ses.maxfd, ses.signal_pipe[1]);
96 } 89 }
97 90
98 ses.writepayload = buf_new(TRANS_MAX_PAYLOAD_LEN); 91 ses.writepayload = buf_new(TRANS_MAX_PAYLOAD_LEN);
99 ses.transseq = 0; 92 ses.transseq = 0;
100 93
167 SIGCHLD in svr-chansession is the only one currently. */ 160 SIGCHLD in svr-chansession is the only one currently. */
168 #ifdef DROPBEAR_FUZZ 161 #ifdef DROPBEAR_FUZZ
169 if (!fuzz.fuzzing) 162 if (!fuzz.fuzzing)
170 #endif 163 #endif
171 { 164 {
172 FD_SET(ses.signal_pipe[0], &readfd); 165 FD_SET(ses.signal_pipe[0], &readfd);
173 } 166 }
174 ses.channel_signal_pending = 0;
175 167
176 /* set up for channels which can be read/written */ 168 /* set up for channels which can be read/written */
177 setchannelfds(&readfd, &writefd, writequeue_has_space); 169 setchannelfds(&readfd, &writefd, writequeue_has_space);
178 170
179 /* Pending connections to test */ 171 /* Pending connections to test */
197 FD_SET(ses.sock_out, &writefd); 189 FD_SET(ses.sock_out, &writefd);
198 } 190 }
199 191
200 val = select(ses.maxfd+1, &readfd, &writefd, NULL, &timeout); 192 val = select(ses.maxfd+1, &readfd, &writefd, NULL, &timeout);
201 193
202 if (exitflag) { 194 if (ses.exitflag) {
203 dropbear_exit("Terminated by signal"); 195 dropbear_exit("Terminated by signal");
204 } 196 }
205 197
206 if (val < 0 && errno != EINTR) { 198 if (val < 0 && errno != EINTR) {
207 dropbear_exit("Error in select"); 199 dropbear_exit("Error in select");
217 } 209 }
218 210
219 /* We'll just empty out the pipe if required. We don't do 211 /* We'll just empty out the pipe if required. We don't do
220 any thing with the data, since the pipe's purpose is purely to 212 any thing with the data, since the pipe's purpose is purely to
221 wake up the select() above. */ 213 wake up the select() above. */
214 ses.channel_signal_pending = 0;
222 if (FD_ISSET(ses.signal_pipe[0], &readfd)) { 215 if (FD_ISSET(ses.signal_pipe[0], &readfd)) {
223 char x; 216 char x;
224 TRACE(("signal pipe set")) 217 TRACE(("signal pipe set"))
225 while (read(ses.signal_pipe[0], &x, 1) > 0) {} 218 while (read(ses.signal_pipe[0], &x, 1) > 0) {}
226 ses.channel_signal_pending = 1; 219 ses.channel_signal_pending = 1;
251 were being held up during a KEX */ 244 were being held up during a KEX */
252 maybe_flush_reply_queue(); 245 maybe_flush_reply_queue();
253 246
254 handle_connect_fds(&writefd); 247 handle_connect_fds(&writefd);
255 248
249 /* loop handler prior to channelio, in case the server loophandler closes
250 channels on process exit */
251 loophandler();
252
256 /* process pipes etc for the channels, ses.dataallowed == 0 253 /* process pipes etc for the channels, ses.dataallowed == 0
257 * during rekeying ) */ 254 * during rekeying ) */
258 channelio(&readfd, &writefd); 255 channelio(&readfd, &writefd);
259 256
260 /* process session socket's outgoing data */ 257 /* process session socket's outgoing data */
262 if (!isempty(&ses.writequeue)) { 259 if (!isempty(&ses.writequeue)) {
263 write_packet(); 260 write_packet();
264 } 261 }
265 } 262 }
266 263
267
268 if (loophandler) {
269 loophandler();
270 }
271
272 } /* for(;;) */ 264 } /* for(;;) */
273 265
274 /* Not reached */ 266 /* Not reached */
275 } 267 }
276 268
287 void session_cleanup() { 279 void session_cleanup() {
288 280
289 TRACE(("enter session_cleanup")) 281 TRACE(("enter session_cleanup"))
290 282
291 /* we can't cleanup if we don't know the session state */ 283 /* we can't cleanup if we don't know the session state */
292 if (!sessinitdone) { 284 if (!ses.init_done) {
293 TRACE(("leave session_cleanup: !sessinitdone")) 285 TRACE(("leave session_cleanup: !ses.init_done"))
294 return; 286 return;
295 } 287 }
296 288
297 /* BEWARE of changing order of functions here. */ 289 /* BEWARE of changing order of functions here. */
298 290