Mercurial > dropbear
comparison cli-session.c @ 33:f789045062e6
Progressing client support
| author | Matt Johnston <matt@ucc.asn.au> |
|---|---|
| date | Tue, 27 Jul 2004 16:30:46 +0000 |
| parents | 0969767bca0d |
| children | e2a1eaa19f22 |
comparison
equal
deleted
inserted
replaced
| 32:8fd0cdbb5b1b | 33:f789045062e6 |
|---|---|
| 6 #include "packet.h" | 6 #include "packet.h" |
| 7 #include "tcpfwd-direct.h" | 7 #include "tcpfwd-direct.h" |
| 8 #include "tcpfwd-remote.h" | 8 #include "tcpfwd-remote.h" |
| 9 #include "channel.h" | 9 #include "channel.h" |
| 10 #include "random.h" | 10 #include "random.h" |
| 11 #include "service.h" | |
| 11 | 12 |
| 12 static void cli_remoteclosed(); | 13 static void cli_remoteclosed(); |
| 13 static void cli_sessionloop(); | 14 static void cli_sessionloop(); |
| 15 static void cli_session_init(); | |
| 14 | 16 |
| 15 struct clientsession cli_ses; /* GLOBAL */ | 17 struct clientsession cli_ses; /* GLOBAL */ |
| 16 | 18 |
| 17 static const packettype cli_packettypes[] = { | 19 static const packettype cli_packettypes[] = { |
| 18 /* TYPE, AUTHREQUIRED, FUNCTION */ | 20 /* TYPE, AUTHREQUIRED, FUNCTION */ |
| 26 {SSH_MSG_CHANNEL_OPEN, recv_msg_channel_open}, | 28 {SSH_MSG_CHANNEL_OPEN, recv_msg_channel_open}, |
| 27 {SSH_MSG_CHANNEL_EOF, recv_msg_channel_eof}, | 29 {SSH_MSG_CHANNEL_EOF, recv_msg_channel_eof}, |
| 28 {SSH_MSG_CHANNEL_CLOSE, recv_msg_channel_close}, | 30 {SSH_MSG_CHANNEL_CLOSE, recv_msg_channel_close}, |
| 29 {SSH_MSG_CHANNEL_OPEN_CONFIRMATION, recv_msg_channel_open_confirmation}, | 31 {SSH_MSG_CHANNEL_OPEN_CONFIRMATION, recv_msg_channel_open_confirmation}, |
| 30 {SSH_MSG_CHANNEL_OPEN_FAILURE, recv_msg_channel_open_failure}, | 32 {SSH_MSG_CHANNEL_OPEN_FAILURE, recv_msg_channel_open_failure}, |
| 33 {SSH_MSG_USERAUTH_FAILURE, recv_msg_userauth_failure}, | |
| 34 {SSH_MSG_USERAUTH_SUCCESS, recv_msg_userauth_success}, | |
| 31 {0, 0} /* End */ | 35 {0, 0} /* End */ |
| 32 }; | 36 }; |
| 33 | 37 |
| 34 static const struct ChanType *cli_chantypes[] = { | 38 static const struct ChanType *cli_chantypes[] = { |
| 35 // &clichansess, | 39 // &clichansess, |
| 36 /* &chan_tcpdirect etc, though need to only allow if we've requested | 40 /* &chan_tcpdirect etc, though need to only allow if we've requested |
| 37 * that forwarding */ | 41 * that forwarding */ |
| 38 NULL /* Null termination */ | 42 NULL /* Null termination */ |
| 39 }; | 43 }; |
| 44 | |
| 40 void cli_session(int sock, char* remotehost) { | 45 void cli_session(int sock, char* remotehost) { |
| 41 | 46 |
| 42 crypto_init(); | 47 crypto_init(); |
| 43 common_session_init(sock, remotehost); | 48 common_session_init(sock, remotehost); |
| 44 | 49 |
| 45 chaninitialise(cli_chantypes); | 50 chaninitialise(cli_chantypes); |
| 46 | 51 |
| 47 /* For printing "remote host closed" for the user */ | |
| 48 session_remoteclosed = cli_remoteclosed; | |
| 49 | 52 |
| 50 /* packet handlers */ | 53 /* Set up cli_ses vars */ |
| 51 ses.packettypes = cli_packettypes; | 54 cli_session_init(); |
| 52 | 55 |
| 53 /* Ready to go */ | 56 /* Ready to go */ |
| 54 sessinitdone = 1; | 57 sessinitdone = 1; |
| 55 | 58 |
| 56 /* Exchange identification */ | 59 /* Exchange identification */ |
| 64 | 67 |
| 65 session_loop(cli_sessionloop); | 68 session_loop(cli_sessionloop); |
| 66 | 69 |
| 67 /* Not reached */ | 70 /* Not reached */ |
| 68 | 71 |
| 69 | |
| 70 } | 72 } |
| 71 | 73 |
| 74 static void cli_session_init() { | |
| 75 | |
| 76 cli_ses.state = STATE_NOTHING; | |
| 77 cli_ses.kex_state = KEX_NOTHING; | |
| 78 | |
| 79 /* For printing "remote host closed" for the user */ | |
| 80 ses.remoteclosed = cli_remoteclosed; | |
| 81 ses.buf_match_algo = cli_buf_match_algo; | |
| 82 | |
| 83 /* packet handlers */ | |
| 84 ses.packettypes = cli_packettypes; | |
| 85 } | |
| 86 | |
| 87 /* This function drives the progress of the session - it initiates KEX, | |
| 88 * service, userauth and channel requests */ | |
| 72 static void cli_sessionloop() { | 89 static void cli_sessionloop() { |
| 90 | |
| 91 TRACE(("enter cli_sessionloop")); | |
| 92 | |
| 93 if (cli_ses.kex_state == KEX_NOTHING && ses.kexstate.recvkexinit) { | |
| 94 cli_ses.state = KEXINIT_RCVD; | |
| 95 } | |
| 96 | |
| 97 if (cli_ses.state == KEXINIT_RCVD) { | |
| 98 | |
| 99 /* We initiate the KEXDH. If DH wasn't the correct type, the KEXINIT | |
| 100 * negotiation would have failed. */ | |
| 101 send_msg_kexdh_init(); | |
| 102 cli_ses.kex_state = KEXDH_INIT_SENT; | |
| 103 TRACE(("leave cli_sessionloop: done with KEXINIT_RCVD")); | |
| 104 return; | |
| 105 } | |
| 106 | |
| 107 /* A KEX has finished, so we should go back to our KEX_NOTHING state */ | |
| 108 if (cli_ses.kex_state != KEX_NOTHING && ses.kexstate.recvkexinit == 0 | |
| 109 && ses.kexstate.sentkexinit == 0) { | |
| 110 cli_ses.kex_state = KEX_NOTHING; | |
| 111 } | |
| 112 | |
| 113 /* We shouldn't do anything else if a KEX is in progress */ | |
| 114 if (cli_ses.kex_state != KEX_NOTHING) { | |
| 115 TRACE(("leave cli_sessionloop: kex_state != KEX_NOTHING")); | |
| 116 return; | |
| 117 } | |
| 118 | |
| 119 /* We should exit if we haven't donefirstkex: we shouldn't reach here | |
| 120 * in normal operation */ | |
| 121 if (ses.kexstate.donefirstkex == 0) { | |
| 122 TRACE(("XXX XXX might be bad! leave cli_sessionloop: haven't donefirstkex")); | |
| 123 } | |
| 73 | 124 |
| 74 switch (cli_ses.state) { | 125 switch (cli_ses.state) { |
| 75 | 126 |
| 76 KEXINIT_RCVD: | 127 case STATE_NOTHING: |
| 77 /* We initiate the KEX. If DH wasn't the correct type, the KEXINIT | 128 /* We've got the transport layer sorted, we now need to request |
| 78 * negotiation would have failed. */ | 129 * userauth */ |
| 79 send_msg_kexdh_init(); | 130 send_msg_service_request(SSH_SERVICE_USERAUTH); |
| 80 cli_ses.state = KEXDH_INIT_SENT; | 131 cli_ses.state = SERVICE_AUTH_REQ_SENT; |
| 81 break; | 132 return; |
| 82 | 133 |
| 83 default: | 134 /* userauth code */ |
| 84 break; | 135 case SERVICE_AUTH_ACCEPT_RCVD: |
| 136 cli_get_user(); | |
| 137 cli_auth_getmethods(); | |
| 138 cli_ses.state = USERAUTH_METHODS_SENT; | |
| 139 return; | |
| 140 | |
| 141 case USERAUTH_FAIL_RCVD: | |
| 142 cli_auth_try(); | |
| 143 return; | |
| 144 | |
| 145 /* XXX more here needed */ | |
| 146 | |
| 147 | |
| 148 default: | |
| 149 break; | |
| 85 } | 150 } |
| 86 | |
| 87 if (cli_ses.donefirstkex && !cli_ses.authdone) { | |
| 88 | |
| 89 | 151 |
| 90 | 152 |
| 91 } | 153 } |
| 92 | 154 |
| 93 /* called when the remote side closes the connection */ | 155 /* called when the remote side closes the connection */ |
| 95 | 157 |
| 96 /* XXX TODO perhaps print a friendlier message if we get this but have | 158 /* XXX TODO perhaps print a friendlier message if we get this but have |
| 97 * already sent/received disconnect message(s) ??? */ | 159 * already sent/received disconnect message(s) ??? */ |
| 98 close(ses.sock); | 160 close(ses.sock); |
| 99 ses.sock = -1; | 161 ses.sock = -1; |
| 100 dropbear_exit("%s closed the connection", ses.remotehost); | 162 dropbear_exit("remote closed the connection"); |
| 101 } | 163 } |