Mercurial > dropbear
comparison session.h @ 579:8c737cd7c1af
merge of '48fdaa8706d1acda35e9d564adc9a1fbc96c18c8'
and '658fd03abd21e0da7c4c89b9fff9dc693c72daae'
author | Matt Johnston <matt@ucc.asn.au> |
---|---|
date | Sat, 27 Feb 2010 11:53:18 +0000 |
parents | f9b5dc0cba61 |
children | 00eca37e47e8 |
comparison
equal
deleted
inserted
replaced
577:69e98c45db7c | 579:8c737cd7c1af |
---|---|
39 #include "chansession.h" | 39 #include "chansession.h" |
40 | 40 |
41 extern int sessinitdone; /* Is set to 0 somewhere */ | 41 extern int sessinitdone; /* Is set to 0 somewhere */ |
42 extern int exitflag; | 42 extern int exitflag; |
43 | 43 |
44 void common_session_init(int sock_in, int sock_out, char* remotehost); | 44 void common_session_init(int sock_in, int sock_out); |
45 void session_loop(void(*loophandler)()); | 45 void session_loop(void(*loophandler)()); |
46 void common_session_cleanup(); | 46 void common_session_cleanup(); |
47 void session_identification(); | 47 void session_identification(); |
48 void send_msg_ignore(); | 48 void send_msg_ignore(); |
49 | 49 |
50 const char* get_user_shell(); | 50 const char* get_user_shell(); |
51 void fill_passwd(const char* username); | 51 void fill_passwd(const char* username); |
52 | 52 |
53 /* Server */ | 53 /* Server */ |
54 void svr_session(int sock, int childpipe, char *remotehost, char *addrstring); | 54 void svr_session(int sock, int childpipe); |
55 void svr_dropbear_exit(int exitcode, const char* format, va_list param); | 55 void svr_dropbear_exit(int exitcode, const char* format, va_list param); |
56 void svr_dropbear_log(int priority, const char* format, va_list param); | 56 void svr_dropbear_log(int priority, const char* format, va_list param); |
57 | 57 |
58 /* Client */ | 58 /* Client */ |
59 void cli_session(int sock_in, int sock_out, char *remotehost); | 59 void cli_session(int sock_in, int sock_out); |
60 void cli_session_cleanup(); | 60 void cli_session_cleanup(); |
61 void cleantext(unsigned char* dirtytext); | 61 void cleantext(unsigned char* dirtytext); |
62 | 62 |
63 struct key_context { | 63 /* crypto parameters that are stored individually for transmit and receive */ |
64 | 64 struct key_context_directional { |
65 const struct dropbear_cipher *recv_algo_crypt; /* NULL for none */ | 65 const struct dropbear_cipher *algo_crypt; /* NULL for none */ |
66 const struct dropbear_cipher *trans_algo_crypt; /* NULL for none */ | 66 const struct dropbear_cipher_mode *crypt_mode; |
67 const struct dropbear_cipher_mode *recv_crypt_mode; | 67 const struct dropbear_hash *algo_mac; /* NULL for none */ |
68 const struct dropbear_cipher_mode *trans_crypt_mode; | 68 int hash_index; /* lookup for libtomcrypt */ |
69 const struct dropbear_hash *recv_algo_mac; /* NULL for none */ | 69 char algo_comp; /* compression */ |
70 const struct dropbear_hash *trans_algo_mac; /* NULL for none */ | |
71 char algo_kex; | |
72 char algo_hostkey; | |
73 | |
74 char recv_algo_comp; /* compression */ | |
75 char trans_algo_comp; | |
76 int allow_compress; /* whether compression has started (useful in | |
77 [email protected] delayed compression case) */ | |
78 #ifndef DISABLE_ZLIB | 70 #ifndef DISABLE_ZLIB |
79 z_streamp recv_zstream; | 71 z_streamp zstream; |
80 z_streamp trans_zstream; | 72 #endif |
81 #endif | |
82 | |
83 /* actual keys */ | 73 /* actual keys */ |
84 union { | 74 union { |
85 symmetric_CBC cbc; | 75 symmetric_CBC cbc; |
86 #ifdef DROPBEAR_ENABLE_CTR_MODE | 76 #ifdef DROPBEAR_ENABLE_CTR_MODE |
87 symmetric_CTR ctr; | 77 symmetric_CTR ctr; |
88 #endif | 78 #endif |
89 } recv_cipher_state; | 79 } cipher_state; |
90 union { | 80 unsigned char mackey[MAX_MAC_KEY]; |
91 symmetric_CBC cbc; | 81 }; |
92 #ifdef DROPBEAR_ENABLE_CTR_MODE | 82 |
93 symmetric_CTR ctr; | 83 struct key_context { |
94 #endif | 84 |
95 } trans_cipher_state; | 85 struct key_context_directional recv; |
96 unsigned char recvmackey[MAX_MAC_KEY]; | 86 struct key_context_directional trans; |
97 unsigned char transmackey[MAX_MAC_KEY]; | 87 |
98 | 88 char algo_kex; |
89 char algo_hostkey; | |
90 | |
91 int allow_compress; /* whether compression has started (useful in | |
92 [email protected] delayed compression case) */ | |
99 }; | 93 }; |
100 | 94 |
101 struct packetlist; | 95 struct packetlist; |
102 struct packetlist { | 96 struct packetlist { |
103 struct packetlist *next; | 97 struct packetlist *next; |
113 (cleared after auth once we're not | 107 (cleared after auth once we're not |
114 respecting AUTH_TIMEOUT any more) */ | 108 respecting AUTH_TIMEOUT any more) */ |
115 | 109 |
116 int sock_in; | 110 int sock_in; |
117 int sock_out; | 111 int sock_out; |
118 | |
119 unsigned char *remotehost; /* the peer hostname */ | |
120 | 112 |
121 unsigned char *remoteident; | 113 unsigned char *remoteident; |
122 | 114 |
123 int maxfd; /* the maximum file descriptor to check with select() */ | 115 int maxfd; /* the maximum file descriptor to check with select() */ |
124 | 116 |
126 /* Packet buffers/values etc */ | 118 /* Packet buffers/values etc */ |
127 buffer *writepayload; /* Unencrypted payload to write - this is used | 119 buffer *writepayload; /* Unencrypted payload to write - this is used |
128 throughout the code, as handlers fill out this | 120 throughout the code, as handlers fill out this |
129 buffer with the packet to send. */ | 121 buffer with the packet to send. */ |
130 struct Queue writequeue; /* A queue of encrypted packets to send */ | 122 struct Queue writequeue; /* A queue of encrypted packets to send */ |
131 buffer *readbuf; /* Encrypted */ | 123 buffer *readbuf; /* From the wire, decrypted in-place */ |
132 buffer *decryptreadbuf; /* Post-decryption */ | |
133 buffer *payload; /* Post-decompression, the actual SSH packet */ | 124 buffer *payload; /* Post-decompression, the actual SSH packet */ |
134 unsigned int transseq, recvseq; /* Sequence IDs */ | 125 unsigned int transseq, recvseq; /* Sequence IDs */ |
135 | 126 |
136 /* Packet-handling flags */ | 127 /* Packet-handling flags */ |
137 const packettype * packettypes; /* Packet handler mappings for this | 128 const packettype * packettypes; /* Packet handler mappings for this |
167 mp_int * dh_K; /* SSH_MSG_KEXDH_REPLY and sending SSH_MSH_NEWKEYS */ | 158 mp_int * dh_K; /* SSH_MSG_KEXDH_REPLY and sending SSH_MSH_NEWKEYS */ |
168 unsigned char hash[SHA1_HASH_SIZE]; /* the hash*/ | 159 unsigned char hash[SHA1_HASH_SIZE]; /* the hash*/ |
169 buffer* kexhashbuf; /* session hash buffer calculated from various packets*/ | 160 buffer* kexhashbuf; /* session hash buffer calculated from various packets*/ |
170 buffer* transkexinit; /* the kexinit packet we send should be kept so we | 161 buffer* transkexinit; /* the kexinit packet we send should be kept so we |
171 can add it to the hash when generating keys */ | 162 can add it to the hash when generating keys */ |
163 | |
164 /* Enables/disables compression */ | |
165 algo_type *compress_algos; | |
172 | 166 |
173 /* a list of queued replies that should be sent after a KEX has | 167 /* a list of queued replies that should be sent after a KEX has |
174 concluded (ie, while dataallowed was unset)*/ | 168 concluded (ie, while dataallowed was unset)*/ |
175 struct packetlist *reply_queue_head, *reply_queue_tail; | 169 struct packetlist *reply_queue_head, *reply_queue_tail; |
176 | 170 |
217 * svr-chansession.c for details */ | 211 * svr-chansession.c for details */ |
218 struct exitinfo lastexit; | 212 struct exitinfo lastexit; |
219 | 213 |
220 /* The numeric address they connected from, used for logging */ | 214 /* The numeric address they connected from, used for logging */ |
221 char * addrstring; | 215 char * addrstring; |
216 | |
217 /* The resolved remote address, used for lastlog etc */ | |
218 char *remotehost; | |
219 | |
220 #ifdef __uClinux__ | |
221 pid_t server_pid; | |
222 #endif | |
222 | 223 |
223 }; | 224 }; |
224 | 225 |
225 typedef enum { | 226 typedef enum { |
226 KEX_NOTHING, | 227 KEX_NOTHING, |
266 be used */ | 267 be used */ |
267 int interact_request_received; /* flag whether we've received an | 268 int interact_request_received; /* flag whether we've received an |
268 info request from the server for | 269 info request from the server for |
269 interactive auth.*/ | 270 interactive auth.*/ |
270 #endif | 271 #endif |
271 struct SignKeyList *lastprivkey; | 272 sign_key *lastprivkey; |
272 | 273 |
273 int retval; /* What the command exit status was - we emulate it */ | 274 int retval; /* What the command exit status was - we emulate it */ |
274 #if 0 | 275 #if 0 |
275 TODO | 276 TODO |
276 struct AgentkeyList *agentkeys; /* Keys to use for public-key auth */ | 277 struct AgentkeyList *agentkeys; /* Keys to use for public-key auth */ |