dropbear: svr-main.c comparison

comparison svr-main.c @ 399:a707e6148060

merge of '5fdf69ca60d1683cdd9f4c2595134bed26394834' and '6b61c50f4cf888bea302ac8fcf5dbb573b443251'

author	Matt Johnston <matt@ucc.asn.au>
date	Sat, 03 Feb 2007 08:20:34 +0000
parents	b66a00272a90
children	1afa503e33f5

comparison

equal deleted inserted replaced

-:17d097fc111c
+:a707e6148060
 /*
 * Dropbear - a SSH2 server
 *
-* Copyright (c) 2002,2003 Matt Johnston
+* Copyright (c) 2002-2006 Matt Johnston
 * All rights reserved.
 *
 * Permission is hereby granted, free of charge, to any person obtaining a copy
 * of this software and associated documentation files (the "Software"), to deal
 * in the Software without restriction, including without limitation the rights
 #include "dbutil.h"
 #include "session.h"
 #include "buffer.h"
 #include "signkey.h"
 #include "runopts.h"
+#include "random.h"
-static int listensockets(int *sock, int sockcount, int *maxfd);
+static size_t listensockets(int *sock, size_t sockcount, int *maxfd);
 static void sigchld_handler(int dummy);
 static void sigsegv_handler(int);
 static void sigintterm_handler(int fish);
 #ifdef INETD_MODE
 static void main_inetd();
 #ifdef NON_INETD_MODE
 static void main_noinetd();
 #endif
 static void commonsetup();
-static int childpipes[MAX_UNAUTH_CLIENTS];
 #if defined(DBMULTI_dropbear) || !defined(DROPBEAR_MULTI)
 #if defined(DBMULTI_dropbear) && defined(DROPBEAR_MULTI)
 int dropbear_main(int argc, char ** argv)
 #else
 int main(int argc, char ** argv)
 #endif
 {
 	_dropbear_exit = svr_dropbear_exit;
 	_dropbear_log = svr_dropbear_log;
 	/* get commandline options */
 	svr_getopts(argc, argv);
 #ifdef INETD_MODE
 static void main_inetd() {
 	struct sockaddr_storage remoteaddr;
-	int remoteaddrlen;
+	socklen_t remoteaddrlen;
 	char * addrstring = NULL;
-	/* Set up handlers, syslog */
+	/* Set up handlers, syslog, seed random */
 	commonsetup();
 	remoteaddrlen = sizeof(remoteaddr);
 	if (getpeername(0, (struct sockaddr*)&remoteaddr, &remoteaddrlen) < 0) {
 		dropbear_exit("Unable to getpeername: %s", strerror(errno));
 	fd_set fds;
 	struct timeval seltimeout;
 	unsigned int i, j;
 	int val;
 	int maxsock = -1;
-	struct sockaddr_storage remoteaddr;
-	int remoteaddrlen;
 	int listensocks[MAX_LISTEN_ADDR];
-	int listensockcount = 0;
+	size_t listensockcount = 0;
 	FILE *pidfile = NULL;
+	int childpipes[MAX_UNAUTH_CLIENTS];
+	char * preauth_addrs[MAX_UNAUTH_CLIENTS];
 	int childsock;
-	pid_t childpid;
 	int childpipe[2];
+	// Note: commonsetup() must happen before we daemon()ise. Otherwise
+	// daemon() will chdir("/"), and we won't be able to find local-dir hostkeys.
+	commonsetup();
 	/* fork */
 	if (svr_opts.forkbg) {
 		int closefds = 0;
 #ifndef DEBUG_TRACE
 		if (daemon(0, closefds) < 0) {
 			dropbear_exit("Failed to daemonize: %s", strerror(errno));
 		}
 	}
-	commonsetup();
 	/* should be done after syslog is working */
 	if (svr_opts.forkbg) {
 		dropbear_log(LOG_INFO, "Running in background");
 	} else {
 		dropbear_log(LOG_INFO, "Not forking");
 	}
 	/* create a PID file so that we can be killed easily */
-	pidfile = fopen(DROPBEAR_PIDFILE, "w");
+	pidfile = fopen(svr_opts.pidfile, "w");
 	if (pidfile) {
 		fprintf(pidfile, "%d\n", getpid());
 		fclose(pidfile);
 	}
 	/* sockets to identify pre-authenticated clients */
 	for (i = 0; i < MAX_UNAUTH_CLIENTS; i++) {
 		childpipes[i] = -1;
 	}
+	bzero(preauth_addrs, sizeof(preauth_addrs));
 	/* Set up the listening sockets */
-	/* XXX XXX ports */
 	listensockcount = listensockets(listensocks, MAX_LISTEN_ADDR, &maxsock);
-	if (listensockcount < 0) {
+	if (listensockcount == 0)
+	{
 		dropbear_exit("No listening ports available.");
 	}
 	/* incoming connection select loop */
 	for(;;) {
 		seltimeout.tv_sec = 60;
 		seltimeout.tv_usec = 0;
 		/* listening sockets */
-		for (i = 0; i < (unsigned int)listensockcount; i++) {
+		for (i = 0; i < listensockcount; i++) {
 			FD_SET(listensocks[i], &fds);
 		}
 		/* pre-authentication clients */
 		for (i = 0; i < MAX_UNAUTH_CLIENTS; i++) {
 		}
 		val = select(maxsock+1, &fds, NULL, NULL, &seltimeout);
 		if (exitflag) {
-			unlink(DROPBEAR_PIDFILE);
+			unlink(svr_opts.pidfile);
 			dropbear_exit("Terminated by signal");
 		}
 		if (val == 0) {
 			/* timeout reached */
 				continue;
 			}
 			dropbear_exit("Listening socket error");
 		}
-		/* close fds which have been authed or closed - auth.c handles
+		/* close fds which have been authed or closed - svr-auth.c handles
 		 * closing the auth sockets on success */
 		for (i = 0; i < MAX_UNAUTH_CLIENTS; i++) {
 			if (childpipes[i] >= 0 && FD_ISSET(childpipes[i], &fds)) {
-				close(childpipes[i]);
+				m_close(childpipes[i]);
 				childpipes[i] = -1;
+				m_free(preauth_addrs[i]);
 			}
 		}
 		/* handle each socket which has something to say */
-		for (i = 0; i < (unsigned int)listensockcount; i++) {
+		for (i = 0; i < listensockcount; i++) {
+			struct sockaddr_storage remoteaddr;
+			socklen_t remoteaddrlen = 0;
+			size_t num_unauthed_for_addr = 0;
+			size_t num_unauthed_total = 0;
+			char * remote_addr_str = NULL;
+			pid_t fork_ret = 0;
+			size_t conn_idx = 0;
 			if (!FD_ISSET(listensocks[i], &fds))
 				continue;
 			remoteaddrlen = sizeof(remoteaddr);
 			childsock = accept(listensocks[i],
 			if (childsock < 0) {
 				/* accept failed */
 				continue;
 			}
-			/* check for max number of connections not authorised */
+			/* Limit the number of unauthenticated connections per IP */
+			remote_addr_str = getaddrstring(&remoteaddr, 0);
+			num_unauthed_for_addr = 0;
+			num_unauthed_total = 0;
 			for (j = 0; j < MAX_UNAUTH_CLIENTS; j++) {
-				if (childpipes[j] < 0) {
+				if (childpipes[j] >= 0) {
-					break;
+					num_unauthed_total++;
+					if (strcmp(remote_addr_str, preauth_addrs[j]) == 0) {
+						num_unauthed_for_addr++;
+					}
+				} else {
+					/* a free slot */
+					conn_idx = j;
 				}
 			}
-			if (j == MAX_UNAUTH_CLIENTS) {
+			if (num_unauthed_total >= MAX_UNAUTH_CLIENTS
-				/* no free connections */
+					|| num_unauthed_for_addr >= MAX_UNAUTH_PER_IP) {
-				/* TODO - possibly log, though this would be an easy way
+				goto out;
-				 * to fill logs/disk */
-				close(childsock);
-				continue;
 			}
 			if (pipe(childpipe) < 0) {
 				TRACE(("error creating child pipe"))
-				close(childsock);
+				goto out;
-				continue;
+			}
-			}
+			fork_ret = fork();
-			if ((childpid = fork()) == 0) {
+			if (fork_ret < 0) {
+				dropbear_log(LOG_WARNING, "error forking: %s", strerror(errno));
+				goto out;
+			} else if (fork_ret > 0) {
+				/* parent */
+				childpipes[conn_idx] = childpipe[0];
+				m_close(childpipe[1]);
+				preauth_addrs[conn_idx] = remote_addr_str;
+				remote_addr_str = NULL;
+			} else {
 				/* child */
 				char * addrstring = NULL;
 #ifdef DEBUG_FORKGPROF
 				extern void _start(void), etext(void);
 				monstartup((u_long)&_start, (u_long)&etext);
 #endif /* DEBUG_FORKGPROF */
+				m_free(remote_addr_str);
 				addrstring = getaddrstring(&remoteaddr, 1);
 				dropbear_log(LOG_INFO, "Child connection from %s", addrstring);
 				if (setsid() < 0) {
 					dropbear_exit("setsid: %s", strerror(errno));
 				}
 				/* make sure we close sockets */
-				for (i = 0; i < (unsigned int)listensockcount; i++) {
+				for (i = 0; i < listensockcount; i++) {
-					if (m_close(listensocks[i]) == DROPBEAR_FAILURE) {
+					m_close(listensocks[i]);
-						dropbear_exit("Couldn't close socket");
-					}
 				}
-				if (m_close(childpipe[0]) == DROPBEAR_FAILURE) {
+				m_close(childpipe[0]);
-					dropbear_exit("Couldn't close socket");
-				}
 				/* start the session */
 				svr_session(childsock, childpipe[1],
 								getaddrhostname(&remoteaddr),
 								addrstring);
 				/* don't return */
 				dropbear_assert(0);
 			}
-			/* parent */
+out:
-			childpipes[j] = childpipe[0];
+			/* This section is important for the parent too */
-			if (m_close(childpipe[1]) == DROPBEAR_FAILURE
+			m_close(childsock);
-					|| m_close(childsock) == DROPBEAR_FAILURE) {
+			if (remote_addr_str) {
-				dropbear_exit("Couldn't close socket");
+				m_free(remote_addr_str);
 			}
 		}
 	} /* for(;;) loop */
 	/* don't reach here */
 	}
 	/* Now we can setup the hostkeys - needs to be after logging is on,
 	 * otherwise we might end up blatting error messages to the socket */
 	loadhostkeys();
+seedrandom();
 }
 /* Set up listening sockets for all the requested ports */
-static int listensockets(int *sock, int sockcount, int *maxfd) {
+static size_t listensockets(int *sock, size_t sockcount, int *maxfd) {
 	unsigned int i;
 	char* errstring = NULL;
-	unsigned int sockpos = 0;
+	size_t sockpos = 0;
 	int nsock;
 	TRACE(("listensockets: %d to try\n", svr_opts.portcount))
 	for (i = 0; i < svr_opts.portcount; i++) {

Mercurial > dropbear

comparison svr-main.c @ 399:a707e6148060