Line | Count | Source (jump to first uncovered line) |
1 | | /* |
2 | | * server.c - functions for creating a SSH server |
3 | | * |
4 | | * This file is part of the SSH Library |
5 | | * |
6 | | * Copyright (c) 2004-2013 by Aris Adamantiadis |
7 | | * |
8 | | * The SSH Library is free software; you can redistribute it and/or modify |
9 | | * it under the terms of the GNU Lesser General Public License as published by |
10 | | * the Free Software Foundation; either version 2.1 of the License, or (at your |
11 | | * option) any later version. |
12 | | * |
13 | | * The SSH Library is distributed in the hope that it will be useful, but |
14 | | * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY |
15 | | * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public |
16 | | * License for more details. |
17 | | * |
18 | | * You should have received a copy of the GNU Lesser General Public License |
19 | | * along with the SSH Library; see the file COPYING. If not, write to |
20 | | * the Free Software Foundation, Inc., 59 Temple Place - Suite 330, Boston, |
21 | | * MA 02111-1307, USA. |
22 | | */ |
23 | | |
24 | | #include "config.h" |
25 | | |
26 | | #include <errno.h> |
27 | | #include <fcntl.h> |
28 | | #include <stdio.h> |
29 | | #include <string.h> |
30 | | #include <stdlib.h> |
31 | | |
32 | | #ifdef _WIN32 |
33 | | # include <winsock2.h> |
34 | | # include <ws2tcpip.h> |
35 | | |
36 | | /* |
37 | | * <wspiapi.h> is necessary for getaddrinfo before Windows XP, but it isn't |
38 | | * available on some platforms like MinGW. |
39 | | */ |
40 | | # ifdef HAVE_WSPIAPI_H |
41 | | # include <wspiapi.h> |
42 | | # endif |
43 | | #else |
44 | | # include <netinet/in.h> |
45 | | #endif |
46 | | |
47 | | #include "libssh/priv.h" |
48 | | #include "libssh/libssh.h" |
49 | | #include "libssh/server.h" |
50 | | #include "libssh/ssh2.h" |
51 | | #include "libssh/buffer.h" |
52 | | #include "libssh/packet.h" |
53 | | #include "libssh/socket.h" |
54 | | #include "libssh/session.h" |
55 | | #include "libssh/kex.h" |
56 | | #include "libssh/misc.h" |
57 | | #include "libssh/pki.h" |
58 | | #include "libssh/dh.h" |
59 | | #include "libssh/messages.h" |
60 | | #include "libssh/options.h" |
61 | | #include "libssh/curve25519.h" |
62 | | #include "libssh/token.h" |
63 | | |
64 | 0 | #define set_status(session, status) do {\ |
65 | 0 | if (session->common.callbacks && session->common.callbacks->connect_status_function) \ |
66 | 0 | session->common.callbacks->connect_status_function(session->common.callbacks->userdata, status); \ |
67 | 0 | } while (0) |
68 | | |
69 | | /** |
70 | | * @addtogroup libssh_server |
71 | | * |
72 | | * @{ |
73 | | */ |
74 | | |
75 | | /** @internal |
76 | | * |
77 | | * @brief initialize the set of key exchange, hostkey, ciphers, MACs, and |
78 | | * compression algorithms for the given ssh_session |
79 | | * |
80 | | * The selection of algorithms and keys used are determined by the |
81 | | * options that are currently set in the given ssh_session structure. |
82 | | */ |
83 | | |
84 | | int server_set_kex(ssh_session session) |
85 | 0 | { |
86 | 0 | struct ssh_kex_struct *server = &session->next_crypto->server_kex; |
87 | 0 | int i, j, rc; |
88 | 0 | const char *wanted, *allowed; |
89 | 0 | char *kept; |
90 | 0 | char hostkeys[128] = {0}; |
91 | 0 | enum ssh_keytypes_e keytype; |
92 | 0 | size_t len; |
93 | 0 | int ok; |
94 | | |
95 | | /* Skip if already set, for example for the rekey or when we do the guessing |
96 | | * it could have been already used to make some protocol decisions. */ |
97 | 0 | if (server->methods[0] != NULL) { |
98 | 0 | return SSH_OK; |
99 | 0 | } |
100 | | |
101 | 0 | ok = ssh_get_random(server->cookie, 16, 0); |
102 | 0 | if (!ok) { |
103 | 0 | ssh_set_error(session, SSH_FATAL, "PRNG error"); |
104 | 0 | return -1; |
105 | 0 | } |
106 | | |
107 | 0 | if (session->srv.ed25519_key != NULL) { |
108 | 0 | snprintf(hostkeys, |
109 | 0 | sizeof(hostkeys), |
110 | 0 | "%s", |
111 | 0 | ssh_key_type_to_char(ssh_key_type(session->srv.ed25519_key))); |
112 | 0 | } |
113 | 0 | #ifdef HAVE_ECC |
114 | 0 | if (session->srv.ecdsa_key != NULL) { |
115 | 0 | len = strlen(hostkeys); |
116 | 0 | snprintf(hostkeys + len, sizeof(hostkeys) - len, |
117 | 0 | ",%s", session->srv.ecdsa_key->type_c); |
118 | 0 | } |
119 | 0 | #endif |
120 | 0 | if (session->srv.rsa_key != NULL) { |
121 | | /* We support also the SHA2 variants */ |
122 | 0 | len = strlen(hostkeys); |
123 | 0 | snprintf(hostkeys + len, sizeof(hostkeys) - len, |
124 | 0 | ",rsa-sha2-512,rsa-sha2-256"); |
125 | |
|
126 | 0 | len = strlen(hostkeys); |
127 | 0 | keytype = ssh_key_type(session->srv.rsa_key); |
128 | |
|
129 | 0 | snprintf(hostkeys + len, sizeof(hostkeys) - len, |
130 | 0 | ",%s", ssh_key_type_to_char(keytype)); |
131 | 0 | } |
132 | |
|
133 | 0 | if (strlen(hostkeys) == 0) { |
134 | 0 | return -1; |
135 | 0 | } |
136 | | |
137 | 0 | if (session->opts.wanted_methods[SSH_HOSTKEYS]) { |
138 | 0 | allowed = session->opts.wanted_methods[SSH_HOSTKEYS]; |
139 | 0 | } else { |
140 | 0 | if (ssh_fips_mode()) { |
141 | 0 | allowed = ssh_kex_get_fips_methods(SSH_HOSTKEYS); |
142 | 0 | } else { |
143 | 0 | allowed = ssh_kex_get_default_methods(SSH_HOSTKEYS); |
144 | 0 | } |
145 | 0 | } |
146 | | |
147 | | /* It is expected for the list of allowed hostkeys to be ordered by |
148 | | * preference */ |
149 | 0 | kept = ssh_find_all_matching(hostkeys[0] == ',' ? hostkeys + 1 : hostkeys, |
150 | 0 | allowed); |
151 | 0 | if (kept == NULL) { |
152 | | /* Nothing was allowed */ |
153 | 0 | return -1; |
154 | 0 | } |
155 | | |
156 | 0 | rc = ssh_options_set_algo(session, |
157 | 0 | SSH_HOSTKEYS, |
158 | 0 | kept, |
159 | 0 | &session->opts.wanted_methods[SSH_HOSTKEYS]); |
160 | 0 | SAFE_FREE(kept); |
161 | 0 | if (rc < 0) { |
162 | 0 | return -1; |
163 | 0 | } |
164 | | |
165 | 0 | for (i = 0; i < SSH_KEX_METHODS; i++) { |
166 | 0 | wanted = session->opts.wanted_methods[i]; |
167 | 0 | if (wanted == NULL) { |
168 | 0 | if (ssh_fips_mode()) { |
169 | 0 | wanted = ssh_kex_get_fips_methods(i); |
170 | 0 | } else { |
171 | 0 | wanted = ssh_kex_get_default_methods(i); |
172 | 0 | } |
173 | 0 | } |
174 | 0 | if (wanted == NULL) { |
175 | 0 | for (j = 0; j < i; j++) { |
176 | 0 | SAFE_FREE(server->methods[j]); |
177 | 0 | } |
178 | 0 | return -1; |
179 | 0 | } |
180 | | |
181 | 0 | server->methods[i] = strdup(wanted); |
182 | 0 | if (server->methods[i] == NULL) { |
183 | 0 | for (j = 0; j < i; j++) { |
184 | 0 | SAFE_FREE(server->methods[j]); |
185 | 0 | } |
186 | 0 | return -1; |
187 | 0 | } |
188 | 0 | } |
189 | | |
190 | 0 | return 0; |
191 | 0 | } |
192 | | |
193 | 0 | int ssh_server_init_kex(ssh_session session) { |
194 | 0 | int i; |
195 | |
|
196 | 0 | if (session->session_state > SSH_SESSION_STATE_BANNER_RECEIVED) { |
197 | 0 | return SSH_ERROR; |
198 | 0 | } |
199 | | |
200 | | /* free any currently-set methods: server_set_kex will allocate new ones */ |
201 | 0 | for (i = 0; i < SSH_KEX_METHODS; i++) { |
202 | 0 | SAFE_FREE(session->next_crypto->server_kex.methods[i]); |
203 | 0 | } |
204 | |
|
205 | 0 | return server_set_kex(session); |
206 | 0 | } |
207 | | |
208 | 0 | static int ssh_server_send_extensions(ssh_session session) { |
209 | 0 | int rc; |
210 | 0 | const char *hostkey_algorithms; |
211 | |
|
212 | 0 | SSH_LOG(SSH_LOG_PACKET, "Sending SSH_MSG_EXT_INFO"); |
213 | |
|
214 | 0 | if (session->opts.pubkey_accepted_types) { |
215 | 0 | hostkey_algorithms = session->opts.pubkey_accepted_types; |
216 | 0 | } else { |
217 | 0 | if (ssh_fips_mode()) { |
218 | 0 | hostkey_algorithms = ssh_kex_get_fips_methods(SSH_HOSTKEYS); |
219 | 0 | } else { |
220 | | /* There are no restrictions to the accepted public keys */ |
221 | 0 | hostkey_algorithms = ssh_kex_get_default_methods(SSH_HOSTKEYS); |
222 | 0 | } |
223 | 0 | } |
224 | |
|
225 | 0 | rc = ssh_buffer_pack(session->out_buffer, |
226 | 0 | "bdss", |
227 | 0 | SSH2_MSG_EXT_INFO, |
228 | 0 | 1, /* nr. of extensions */ |
229 | 0 | "server-sig-algs", |
230 | 0 | hostkey_algorithms); |
231 | 0 | if (rc != SSH_OK) { |
232 | 0 | goto error; |
233 | 0 | } |
234 | | |
235 | 0 | if (ssh_packet_send(session) == SSH_ERROR) { |
236 | 0 | goto error; |
237 | 0 | } |
238 | | |
239 | 0 | return 0; |
240 | 0 | error: |
241 | 0 | ssh_buffer_reinit(session->out_buffer); |
242 | |
|
243 | 0 | return -1; |
244 | 0 | } |
245 | | |
246 | 0 | SSH_PACKET_CALLBACK(ssh_packet_kexdh_init){ |
247 | 0 | (void)packet; |
248 | 0 | (void)type; |
249 | 0 | (void)user; |
250 | |
|
251 | 0 | SSH_LOG(SSH_LOG_PACKET,"Received SSH_MSG_KEXDH_INIT"); |
252 | 0 | if(session->dh_handshake_state != DH_STATE_INIT){ |
253 | 0 | SSH_LOG(SSH_LOG_RARE,"Invalid state for SSH_MSG_KEXDH_INIT"); |
254 | 0 | session->session_state = SSH_SESSION_STATE_ERROR; |
255 | 0 | return SSH_PACKET_USED; |
256 | 0 | } |
257 | | |
258 | | /* If first_kex_packet_follows guess was wrong, ignore this message. */ |
259 | 0 | if (session->first_kex_follows_guess_wrong != 0) { |
260 | 0 | SSH_LOG(SSH_LOG_RARE, "first_kex_packet_follows guess was wrong, " |
261 | 0 | "ignoring first SSH_MSG_KEXDH_INIT message"); |
262 | 0 | session->first_kex_follows_guess_wrong = 0; |
263 | |
|
264 | 0 | return SSH_PACKET_USED; |
265 | 0 | } |
266 | 0 | SSH_LOG(SSH_LOG_DEBUG, "Calling next KEXDH handler"); |
267 | 0 | return SSH_PACKET_NOT_USED; |
268 | 0 | } |
269 | | |
270 | | int |
271 | | ssh_get_key_params(ssh_session session, |
272 | | ssh_key *privkey, |
273 | | enum ssh_digest_e *digest) |
274 | 0 | { |
275 | 0 | ssh_key pubkey; |
276 | 0 | ssh_string pubkey_blob; |
277 | 0 | int rc; |
278 | |
|
279 | 0 | switch(session->srv.hostkey) { |
280 | 0 | case SSH_KEYTYPE_RSA: |
281 | 0 | *privkey = session->srv.rsa_key; |
282 | 0 | break; |
283 | 0 | case SSH_KEYTYPE_ECDSA_P256: |
284 | 0 | case SSH_KEYTYPE_ECDSA_P384: |
285 | 0 | case SSH_KEYTYPE_ECDSA_P521: |
286 | 0 | *privkey = session->srv.ecdsa_key; |
287 | 0 | break; |
288 | 0 | case SSH_KEYTYPE_ED25519: |
289 | 0 | *privkey = session->srv.ed25519_key; |
290 | 0 | break; |
291 | 0 | case SSH_KEYTYPE_RSA1: |
292 | 0 | case SSH_KEYTYPE_UNKNOWN: |
293 | 0 | default: |
294 | 0 | *privkey = NULL; |
295 | 0 | } |
296 | | |
297 | 0 | *digest = session->srv.hostkey_digest; |
298 | 0 | rc = ssh_pki_export_privkey_to_pubkey(*privkey, &pubkey); |
299 | 0 | if (rc < 0) { |
300 | 0 | ssh_set_error(session, SSH_FATAL, |
301 | 0 | "Could not get the public key from the private key"); |
302 | |
|
303 | 0 | return -1; |
304 | 0 | } |
305 | | |
306 | 0 | rc = ssh_pki_export_pubkey_blob(pubkey, &pubkey_blob); |
307 | 0 | ssh_key_free(pubkey); |
308 | 0 | if (rc < 0) { |
309 | 0 | ssh_set_error_oom(session); |
310 | 0 | return -1; |
311 | 0 | } |
312 | | |
313 | 0 | rc = ssh_dh_import_next_pubkey_blob(session, pubkey_blob); |
314 | 0 | SSH_STRING_FREE(pubkey_blob); |
315 | 0 | if (rc != 0) { |
316 | 0 | ssh_set_error(session, |
317 | 0 | SSH_FATAL, |
318 | 0 | "Could not import server public key"); |
319 | 0 | return -1; |
320 | 0 | } |
321 | | |
322 | 0 | return SSH_OK; |
323 | 0 | } |
324 | | |
325 | | /** |
326 | | * @internal |
327 | | * |
328 | | * @brief A function to be called each time a step has been done in the |
329 | | * connection. |
330 | | */ |
331 | | static void ssh_server_connection_callback(ssh_session session) |
332 | 0 | { |
333 | 0 | int rc; |
334 | |
|
335 | 0 | switch (session->session_state) { |
336 | 0 | case SSH_SESSION_STATE_NONE: |
337 | 0 | case SSH_SESSION_STATE_CONNECTING: |
338 | 0 | case SSH_SESSION_STATE_SOCKET_CONNECTED: |
339 | 0 | break; |
340 | 0 | case SSH_SESSION_STATE_BANNER_RECEIVED: |
341 | 0 | if (session->clientbanner == NULL) { |
342 | 0 | goto error; |
343 | 0 | } |
344 | 0 | set_status(session, 0.4f); |
345 | 0 | SSH_LOG(SSH_LOG_DEBUG, |
346 | 0 | "SSH client banner: %s", session->clientbanner); |
347 | | |
348 | | /* Here we analyze the different protocols the server allows. */ |
349 | 0 | rc = ssh_analyze_banner(session, 1); |
350 | 0 | if (rc < 0) { |
351 | 0 | ssh_set_error(session, SSH_FATAL, |
352 | 0 | "No version of SSH protocol usable (banner: %s)", |
353 | 0 | session->clientbanner); |
354 | 0 | goto error; |
355 | 0 | } |
356 | | |
357 | | /* from now, the packet layer is handling incoming packets */ |
358 | 0 | ssh_packet_register_socket_callback(session, session->socket); |
359 | |
|
360 | 0 | ssh_packet_set_default_callbacks(session); |
361 | 0 | set_status(session, 0.5f); |
362 | 0 | session->session_state = SSH_SESSION_STATE_INITIAL_KEX; |
363 | 0 | rc = ssh_send_kex(session); |
364 | 0 | if (rc < 0) { |
365 | 0 | goto error; |
366 | 0 | } |
367 | 0 | break; |
368 | 0 | case SSH_SESSION_STATE_INITIAL_KEX: |
369 | | /* TODO: This state should disappear in favor of get_key handle */ |
370 | 0 | break; |
371 | 0 | case SSH_SESSION_STATE_KEXINIT_RECEIVED: |
372 | 0 | set_status(session, 0.6f); |
373 | 0 | if ((session->flags & SSH_SESSION_FLAG_KEXINIT_SENT) == 0) { |
374 | 0 | rc = server_set_kex(session); |
375 | 0 | if (rc == SSH_ERROR) { |
376 | 0 | goto error; |
377 | 0 | } |
378 | | /* We are in a rekeying, so we need to send the server kex */ |
379 | 0 | rc = ssh_send_kex(session); |
380 | 0 | if (rc < 0) { |
381 | 0 | goto error; |
382 | 0 | } |
383 | 0 | } |
384 | 0 | ssh_list_kex(&session->next_crypto->client_kex); // log client kex |
385 | 0 | rc = ssh_kex_select_methods(session); |
386 | 0 | if (rc < 0) { |
387 | 0 | goto error; |
388 | 0 | } |
389 | 0 | rc = crypt_set_algorithms_server(session); |
390 | 0 | if (rc == SSH_ERROR) { |
391 | 0 | goto error; |
392 | 0 | } |
393 | 0 | set_status(session, 0.8f); |
394 | 0 | session->session_state = SSH_SESSION_STATE_DH; |
395 | 0 | break; |
396 | 0 | case SSH_SESSION_STATE_DH: |
397 | 0 | if (session->dh_handshake_state == DH_STATE_FINISHED) { |
398 | |
|
399 | 0 | rc = ssh_packet_set_newkeys(session, SSH_DIRECTION_IN); |
400 | 0 | if (rc != SSH_OK) { |
401 | 0 | goto error; |
402 | 0 | } |
403 | | |
404 | | /* |
405 | | * If the client supports extension negotiation, we will send |
406 | | * our supported extensions now. This is the first message after |
407 | | * sending NEWKEYS message and after turning on crypto. |
408 | | */ |
409 | 0 | if (session->extensions & SSH_EXT_NEGOTIATION && |
410 | 0 | session->session_state != SSH_SESSION_STATE_AUTHENTICATED) { |
411 | | /* |
412 | | * Only send an SSH_MSG_EXT_INFO message the first time the |
413 | | * client undergoes NEWKEYS. It is unexpected for this message |
414 | | * to be sent upon rekey, and may cause clients to log error |
415 | | * messages. |
416 | | * |
417 | | * The session_state can not be used for this purpose because it |
418 | | * is re-set to SSH_SESSION_STATE_KEXINIT_RECEIVED during rekey. |
419 | | * So, use the connected flag which transitions from non-zero |
420 | | * below. |
421 | | * |
422 | | * See also: |
423 | | * - https://bugzilla.mindrot.org/show_bug.cgi?id=2929 |
424 | | */ |
425 | 0 | if (session->connected == 0) { |
426 | 0 | ssh_server_send_extensions(session); |
427 | 0 | } |
428 | 0 | } |
429 | |
|
430 | 0 | set_status(session, 1.0f); |
431 | 0 | session->connected = 1; |
432 | 0 | session->session_state = SSH_SESSION_STATE_AUTHENTICATING; |
433 | 0 | if (session->flags & SSH_SESSION_FLAG_AUTHENTICATED) |
434 | 0 | session->session_state = SSH_SESSION_STATE_AUTHENTICATED; |
435 | |
|
436 | 0 | } |
437 | 0 | break; |
438 | 0 | case SSH_SESSION_STATE_AUTHENTICATING: |
439 | 0 | break; |
440 | 0 | case SSH_SESSION_STATE_ERROR: |
441 | 0 | goto error; |
442 | 0 | default: |
443 | 0 | ssh_set_error(session, SSH_FATAL, "Invalid state %d", |
444 | 0 | session->session_state); |
445 | 0 | } |
446 | | |
447 | 0 | return; |
448 | 0 | error: |
449 | 0 | ssh_socket_close(session->socket); |
450 | 0 | session->alive = 0; |
451 | 0 | session->session_state = SSH_SESSION_STATE_ERROR; |
452 | 0 | } |
453 | | |
454 | | /** |
455 | | * @internal |
456 | | * |
457 | | * @brief Gets the banner from socket and saves it in session. |
458 | | * Updates the session state |
459 | | * |
460 | | * @param data pointer to the beginning of header |
461 | | * @param len size of the banner |
462 | | * @param user is a pointer to session |
463 | | * @returns Number of bytes processed, or zero if the banner is not complete. |
464 | | */ |
465 | | static size_t callback_receive_banner(const void *data, size_t len, void *user) |
466 | 0 | { |
467 | 0 | char *buffer = (char *)data; |
468 | 0 | ssh_session session = (ssh_session)user; |
469 | 0 | char *str = NULL; |
470 | 0 | size_t i; |
471 | 0 | size_t processed = 0; |
472 | |
|
473 | 0 | for (i = 0; i < len; i++) { |
474 | 0 | #ifdef WITH_PCAP |
475 | 0 | if (session->pcap_ctx && buffer[i] == '\n') { |
476 | 0 | ssh_pcap_context_write(session->pcap_ctx, |
477 | 0 | SSH_PCAP_DIR_IN, |
478 | 0 | buffer, |
479 | 0 | i + 1, |
480 | 0 | i + 1); |
481 | 0 | } |
482 | 0 | #endif |
483 | 0 | if (buffer[i] == '\r') { |
484 | 0 | buffer[i] = '\0'; |
485 | 0 | } |
486 | |
|
487 | 0 | if (buffer[i] == '\n') { |
488 | 0 | buffer[i] = '\0'; |
489 | |
|
490 | 0 | str = strdup(buffer); |
491 | | /* number of bytes read */ |
492 | 0 | processed = i + 1; |
493 | 0 | session->clientbanner = str; |
494 | 0 | session->session_state = SSH_SESSION_STATE_BANNER_RECEIVED; |
495 | 0 | SSH_LOG(SSH_LOG_PACKET, "Received banner: %s", str); |
496 | 0 | session->ssh_connection_callback(session); |
497 | |
|
498 | 0 | return processed; |
499 | 0 | } |
500 | | |
501 | 0 | if (i > 127) { |
502 | | /* Too big banner */ |
503 | 0 | session->session_state = SSH_SESSION_STATE_ERROR; |
504 | 0 | ssh_set_error(session, SSH_FATAL, |
505 | 0 | "Receiving banner: too large banner"); |
506 | |
|
507 | 0 | return 0; |
508 | 0 | } |
509 | 0 | } |
510 | | |
511 | 0 | return processed; |
512 | 0 | } |
513 | | |
514 | | /* returns 0 until the key exchange is not finished */ |
515 | 0 | static int ssh_server_kex_termination(void *s){ |
516 | 0 | ssh_session session = s; |
517 | 0 | if (session->session_state != SSH_SESSION_STATE_ERROR && |
518 | 0 | session->session_state != SSH_SESSION_STATE_AUTHENTICATING && |
519 | 0 | session->session_state != SSH_SESSION_STATE_DISCONNECTED) |
520 | 0 | return 0; |
521 | 0 | else |
522 | 0 | return 1; |
523 | 0 | } |
524 | | |
525 | | /* FIXME: auth_methods should be unsigned */ |
526 | | void ssh_set_auth_methods(ssh_session session, int auth_methods) |
527 | 0 | { |
528 | | /* accept only methods in range */ |
529 | 0 | session->auth.supported_methods = (uint32_t)auth_methods & 0x3fU; |
530 | 0 | } |
531 | | |
532 | | int ssh_send_issue_banner(ssh_session session, const ssh_string banner) |
533 | 0 | { |
534 | 0 | int rc = SSH_ERROR; |
535 | |
|
536 | 0 | if (session == NULL) { |
537 | 0 | return SSH_ERROR; |
538 | 0 | } |
539 | | |
540 | 0 | SSH_LOG(SSH_LOG_PACKET, |
541 | 0 | "Sending a server issue banner"); |
542 | |
|
543 | 0 | rc = ssh_buffer_pack(session->out_buffer, |
544 | 0 | "bSs", |
545 | 0 | SSH2_MSG_USERAUTH_BANNER, |
546 | 0 | banner, |
547 | 0 | ""); |
548 | 0 | if (rc != SSH_OK) { |
549 | 0 | ssh_set_error_oom(session); |
550 | 0 | return SSH_ERROR; |
551 | 0 | } |
552 | | |
553 | 0 | rc = ssh_packet_send(session); |
554 | 0 | return rc; |
555 | 0 | } |
556 | | |
557 | | /* Do the banner and key exchange */ |
558 | | int ssh_handle_key_exchange(ssh_session session) |
559 | 0 | { |
560 | 0 | int rc; |
561 | |
|
562 | 0 | if (session->session_state != SSH_SESSION_STATE_NONE) { |
563 | 0 | goto pending; |
564 | 0 | } |
565 | | |
566 | 0 | rc = ssh_send_banner(session, 1); |
567 | 0 | if (rc < 0) { |
568 | 0 | return SSH_ERROR; |
569 | 0 | } |
570 | | |
571 | 0 | session->alive = 1; |
572 | |
|
573 | 0 | session->ssh_connection_callback = ssh_server_connection_callback; |
574 | 0 | session->session_state = SSH_SESSION_STATE_SOCKET_CONNECTED; |
575 | 0 | ssh_socket_set_callbacks(session->socket,&session->socket_callbacks); |
576 | 0 | session->socket_callbacks.data = callback_receive_banner; |
577 | 0 | session->socket_callbacks.exception = ssh_socket_exception_callback; |
578 | 0 | session->socket_callbacks.userdata = session; |
579 | |
|
580 | 0 | rc = server_set_kex(session); |
581 | 0 | if (rc < 0) { |
582 | 0 | return SSH_ERROR; |
583 | 0 | } |
584 | 0 | pending: |
585 | 0 | rc = ssh_handle_packets_termination(session, SSH_TIMEOUT_USER, |
586 | 0 | ssh_server_kex_termination,session); |
587 | 0 | SSH_LOG(SSH_LOG_PACKET, "ssh_handle_key_exchange: current state : %d", |
588 | 0 | session->session_state); |
589 | 0 | if (rc != SSH_OK) { |
590 | 0 | return rc; |
591 | 0 | } |
592 | 0 | if (session->session_state == SSH_SESSION_STATE_ERROR || |
593 | 0 | session->session_state == SSH_SESSION_STATE_DISCONNECTED) { |
594 | 0 | return SSH_ERROR; |
595 | 0 | } |
596 | | |
597 | 0 | return SSH_OK; |
598 | 0 | } |
599 | | |
600 | | /* messages */ |
601 | | |
602 | | /** @internal |
603 | | * replies to an SSH_AUTH packet with a default (denied) response. |
604 | | */ |
605 | 0 | int ssh_auth_reply_default(ssh_session session,int partial) { |
606 | 0 | char methods_c[128] = {0}; |
607 | 0 | int rc = SSH_ERROR; |
608 | | |
609 | |
|
610 | 0 | if (session->auth.supported_methods == 0) { |
611 | 0 | session->auth.supported_methods = SSH_AUTH_METHOD_PUBLICKEY | SSH_AUTH_METHOD_PASSWORD; |
612 | 0 | } |
613 | 0 | if (session->auth.supported_methods & SSH_AUTH_METHOD_PUBLICKEY) { |
614 | 0 | strncat(methods_c, "publickey,", |
615 | 0 | sizeof(methods_c) - strlen(methods_c) - 1); |
616 | 0 | } |
617 | 0 | if (session->auth.supported_methods & SSH_AUTH_METHOD_GSSAPI_MIC){ |
618 | 0 | strncat(methods_c,"gssapi-with-mic,", |
619 | 0 | sizeof(methods_c) - strlen(methods_c) - 1); |
620 | 0 | } |
621 | 0 | if (session->auth.supported_methods & SSH_AUTH_METHOD_INTERACTIVE) { |
622 | 0 | strncat(methods_c, "keyboard-interactive,", |
623 | 0 | sizeof(methods_c) - strlen(methods_c) - 1); |
624 | 0 | } |
625 | 0 | if (session->auth.supported_methods & SSH_AUTH_METHOD_PASSWORD) { |
626 | 0 | strncat(methods_c, "password,", |
627 | 0 | sizeof(methods_c) - strlen(methods_c) - 1); |
628 | 0 | } |
629 | 0 | if (session->auth.supported_methods & SSH_AUTH_METHOD_HOSTBASED) { |
630 | 0 | strncat(methods_c, "hostbased,", |
631 | 0 | sizeof(methods_c) - strlen(methods_c) - 1); |
632 | 0 | } |
633 | |
|
634 | 0 | if (methods_c[0] == '\0' || methods_c[strlen(methods_c)-1] != ',') { |
635 | 0 | return SSH_ERROR; |
636 | 0 | } |
637 | | |
638 | | /* Strip the comma. */ |
639 | 0 | methods_c[strlen(methods_c) - 1] = '\0'; // strip the comma. We are sure there is at |
640 | |
|
641 | 0 | SSH_LOG(SSH_LOG_PACKET, |
642 | 0 | "Sending a auth failure. methods that can continue: %s", methods_c); |
643 | |
|
644 | 0 | rc = ssh_buffer_pack(session->out_buffer, |
645 | 0 | "bsb", |
646 | 0 | SSH2_MSG_USERAUTH_FAILURE, |
647 | 0 | methods_c, |
648 | 0 | partial ? 1 : 0); |
649 | 0 | if (rc != SSH_OK){ |
650 | 0 | ssh_set_error_oom(session); |
651 | 0 | return SSH_ERROR; |
652 | 0 | } |
653 | 0 | rc = ssh_packet_send(session); |
654 | 0 | return rc; |
655 | 0 | } |
656 | | |
657 | 0 | static int ssh_message_channel_request_open_reply_default(ssh_message msg) { |
658 | 0 | int rc; |
659 | |
|
660 | 0 | SSH_LOG(SSH_LOG_FUNCTIONS, "Refusing a channel"); |
661 | |
|
662 | 0 | rc = ssh_buffer_pack(msg->session->out_buffer, |
663 | 0 | "bdddd", |
664 | 0 | SSH2_MSG_CHANNEL_OPEN_FAILURE, |
665 | 0 | msg->channel_request_open.sender, |
666 | 0 | SSH2_OPEN_ADMINISTRATIVELY_PROHIBITED, |
667 | 0 | 0, /* reason is empty string */ |
668 | 0 | 0); /* language string */ |
669 | 0 | if (rc != SSH_OK){ |
670 | 0 | ssh_set_error_oom(msg->session); |
671 | 0 | return SSH_ERROR; |
672 | 0 | } |
673 | | |
674 | 0 | rc = ssh_packet_send(msg->session); |
675 | 0 | return rc; |
676 | 0 | } |
677 | | |
678 | 0 | static int ssh_message_channel_request_reply_default(ssh_message msg) { |
679 | 0 | uint32_t channel; |
680 | 0 | int rc; |
681 | |
|
682 | 0 | if (msg->channel_request.want_reply) { |
683 | 0 | channel = msg->channel_request.channel->remote_channel; |
684 | |
|
685 | 0 | SSH_LOG(SSH_LOG_PACKET, |
686 | 0 | "Sending a default channel_request denied to channel %" PRIu32, channel); |
687 | |
|
688 | 0 | rc = ssh_buffer_pack(msg->session->out_buffer, |
689 | 0 | "bd", |
690 | 0 | SSH2_MSG_CHANNEL_FAILURE, |
691 | 0 | channel); |
692 | 0 | if (rc != SSH_OK){ |
693 | 0 | ssh_set_error_oom(msg->session); |
694 | 0 | return SSH_ERROR; |
695 | 0 | } |
696 | 0 | return ssh_packet_send(msg->session); |
697 | 0 | } |
698 | | |
699 | 0 | SSH_LOG(SSH_LOG_PACKET, |
700 | 0 | "The client doesn't want to know the request failed!"); |
701 | |
|
702 | 0 | return SSH_OK; |
703 | 0 | } |
704 | | |
705 | 0 | static int ssh_message_service_request_reply_default(ssh_message msg) { |
706 | | /* The only return code accepted by specifications are success or disconnect */ |
707 | 0 | return ssh_message_service_reply_success(msg); |
708 | 0 | } |
709 | | |
710 | | /** |
711 | | * @brief Sends SERVICE_ACCEPT to the client |
712 | | * |
713 | | * @param msg The message to reply to |
714 | | * |
715 | | * @returns SSH_OK when success otherwise SSH_ERROR |
716 | | */ |
717 | 0 | int ssh_message_service_reply_success(ssh_message msg) { |
718 | 0 | ssh_session session; |
719 | 0 | int rc; |
720 | |
|
721 | 0 | if (msg == NULL) { |
722 | 0 | return SSH_ERROR; |
723 | 0 | } |
724 | 0 | session = msg->session; |
725 | |
|
726 | 0 | SSH_LOG(SSH_LOG_PACKET, |
727 | 0 | "Sending a SERVICE_ACCEPT for service %s", msg->service_request.service); |
728 | |
|
729 | 0 | rc = ssh_buffer_pack(session->out_buffer, |
730 | 0 | "bs", |
731 | 0 | SSH2_MSG_SERVICE_ACCEPT, |
732 | 0 | msg->service_request.service); |
733 | 0 | if (rc != SSH_OK){ |
734 | 0 | ssh_set_error_oom(session); |
735 | 0 | return SSH_ERROR; |
736 | 0 | } |
737 | 0 | rc = ssh_packet_send(msg->session); |
738 | 0 | return rc; |
739 | 0 | } |
740 | | |
741 | | /** |
742 | | * @brief Send a global request success message |
743 | | * |
744 | | * @param msg The message |
745 | | * |
746 | | * @param bound_port The remote bind port |
747 | | * |
748 | | * @returns SSH_OK on success, otherwise SSH_ERROR |
749 | | */ |
750 | 0 | int ssh_message_global_request_reply_success(ssh_message msg, uint16_t bound_port) { |
751 | 0 | int rc; |
752 | |
|
753 | 0 | SSH_LOG(SSH_LOG_FUNCTIONS, "Accepting a global request"); |
754 | |
|
755 | 0 | if (msg->global_request.want_reply) { |
756 | 0 | if (ssh_buffer_add_u8(msg->session->out_buffer |
757 | 0 | , SSH2_MSG_REQUEST_SUCCESS) < 0) { |
758 | 0 | goto error; |
759 | 0 | } |
760 | | |
761 | 0 | if(msg->global_request.type == SSH_GLOBAL_REQUEST_TCPIP_FORWARD |
762 | 0 | && msg->global_request.bind_port == 0) { |
763 | 0 | rc = ssh_buffer_pack(msg->session->out_buffer, "d", bound_port); |
764 | 0 | if (rc != SSH_OK) { |
765 | 0 | ssh_set_error_oom(msg->session); |
766 | 0 | goto error; |
767 | 0 | } |
768 | 0 | } |
769 | | |
770 | 0 | return ssh_packet_send(msg->session); |
771 | 0 | } |
772 | | |
773 | 0 | if(msg->global_request.type == SSH_GLOBAL_REQUEST_TCPIP_FORWARD |
774 | 0 | && msg->global_request.bind_port == 0) { |
775 | 0 | SSH_LOG(SSH_LOG_PACKET, |
776 | 0 | "The client doesn't want to know the remote port!"); |
777 | 0 | } |
778 | |
|
779 | 0 | return SSH_OK; |
780 | 0 | error: |
781 | 0 | return SSH_ERROR; |
782 | 0 | } |
783 | | |
784 | 0 | static int ssh_message_global_request_reply_default(ssh_message msg) { |
785 | 0 | SSH_LOG(SSH_LOG_FUNCTIONS, "Refusing a global request"); |
786 | |
|
787 | 0 | if (msg->global_request.want_reply) { |
788 | 0 | if (ssh_buffer_add_u8(msg->session->out_buffer |
789 | 0 | , SSH2_MSG_REQUEST_FAILURE) < 0) { |
790 | 0 | goto error; |
791 | 0 | } |
792 | 0 | return ssh_packet_send(msg->session); |
793 | 0 | } |
794 | 0 | SSH_LOG(SSH_LOG_PACKET, |
795 | 0 | "The client doesn't want to know the request failed!"); |
796 | |
|
797 | 0 | return SSH_OK; |
798 | 0 | error: |
799 | 0 | return SSH_ERROR; |
800 | 0 | } |
801 | | |
802 | 0 | int ssh_message_reply_default(ssh_message msg) { |
803 | 0 | if (msg == NULL) { |
804 | 0 | return -1; |
805 | 0 | } |
806 | | |
807 | 0 | switch(msg->type) { |
808 | 0 | case SSH_REQUEST_AUTH: |
809 | 0 | return ssh_auth_reply_default(msg->session, 0); |
810 | 0 | case SSH_REQUEST_CHANNEL_OPEN: |
811 | 0 | return ssh_message_channel_request_open_reply_default(msg); |
812 | 0 | case SSH_REQUEST_CHANNEL: |
813 | 0 | return ssh_message_channel_request_reply_default(msg); |
814 | 0 | case SSH_REQUEST_SERVICE: |
815 | 0 | return ssh_message_service_request_reply_default(msg); |
816 | 0 | case SSH_REQUEST_GLOBAL: |
817 | 0 | return ssh_message_global_request_reply_default(msg); |
818 | 0 | default: |
819 | 0 | SSH_LOG(SSH_LOG_PACKET, |
820 | 0 | "Don't know what to default reply to %d type", |
821 | 0 | msg->type); |
822 | 0 | break; |
823 | 0 | } |
824 | | |
825 | 0 | return -1; |
826 | 0 | } |
827 | | |
828 | | /** |
829 | | * @brief Gets the service name from the service request message |
830 | | * |
831 | | * @param msg The service request message |
832 | | * |
833 | | * @returns the service name from the message |
834 | | */ |
835 | 0 | const char *ssh_message_service_service(ssh_message msg){ |
836 | 0 | if (msg == NULL) { |
837 | 0 | return NULL; |
838 | 0 | } |
839 | 0 | return msg->service_request.service; |
840 | 0 | } |
841 | | |
842 | 0 | const char *ssh_message_auth_user(ssh_message msg) { |
843 | 0 | if (msg == NULL) { |
844 | 0 | return NULL; |
845 | 0 | } |
846 | | |
847 | 0 | return msg->auth_request.username; |
848 | 0 | } |
849 | | |
850 | 0 | const char *ssh_message_auth_password(ssh_message msg){ |
851 | 0 | if (msg == NULL) { |
852 | 0 | return NULL; |
853 | 0 | } |
854 | | |
855 | 0 | return msg->auth_request.password; |
856 | 0 | } |
857 | | |
858 | 0 | ssh_key ssh_message_auth_pubkey(ssh_message msg) { |
859 | 0 | if (msg == NULL) { |
860 | 0 | return NULL; |
861 | 0 | } |
862 | | |
863 | 0 | return msg->auth_request.pubkey; |
864 | 0 | } |
865 | | |
866 | 0 | ssh_public_key ssh_message_auth_publickey(ssh_message msg){ |
867 | 0 | if (msg == NULL) { |
868 | 0 | return NULL; |
869 | 0 | } |
870 | | |
871 | 0 | return ssh_pki_convert_key_to_publickey(msg->auth_request.pubkey); |
872 | 0 | } |
873 | | |
874 | 0 | enum ssh_publickey_state_e ssh_message_auth_publickey_state(ssh_message msg){ |
875 | 0 | if (msg == NULL) { |
876 | 0 | return -1; |
877 | 0 | } |
878 | 0 | return msg->auth_request.signature_state; |
879 | 0 | } |
880 | | |
881 | | /** |
882 | | * @brief Check if the message is a keyboard-interactive response |
883 | | * |
884 | | * @param msg The message to check |
885 | | * |
886 | | * @returns 1 if the message is a response, otherwise 0 |
887 | | */ |
888 | 0 | int ssh_message_auth_kbdint_is_response(ssh_message msg) { |
889 | 0 | if (msg == NULL) { |
890 | 0 | return -1; |
891 | 0 | } |
892 | | |
893 | 0 | return msg->auth_request.kbdint_response != 0; |
894 | 0 | } |
895 | | |
896 | | /* FIXME: methods should be unsigned */ |
897 | | /** |
898 | | * @brief Sets the supported authentication methods to a message |
899 | | * |
900 | | * @param msg The message |
901 | | * |
902 | | * @param methods Methods to set to the message. |
903 | | * The supported methods are listed in ssh_set_auth_methods |
904 | | * @see ssh_set_auth_methods |
905 | | * |
906 | | * @returns 0 on success, otherwise -1 |
907 | | */ |
908 | 0 | int ssh_message_auth_set_methods(ssh_message msg, int methods) { |
909 | 0 | if (msg == NULL || msg->session == NULL) { |
910 | 0 | return -1; |
911 | 0 | } |
912 | | |
913 | 0 | if (methods < 0) { |
914 | 0 | return -1; |
915 | 0 | } |
916 | | |
917 | 0 | msg->session->auth.supported_methods = (uint32_t)methods; |
918 | |
|
919 | 0 | return 0; |
920 | 0 | } |
921 | | |
922 | | int ssh_message_auth_interactive_request(ssh_message msg, const char *name, |
923 | | const char *instruction, unsigned int num_prompts, |
924 | 0 | const char **prompts, char *echo) { |
925 | 0 | int rc; |
926 | 0 | unsigned int i = 0; |
927 | |
|
928 | 0 | if(name == NULL || instruction == NULL) { |
929 | 0 | return SSH_ERROR; |
930 | 0 | } |
931 | 0 | if(num_prompts > 0 && (prompts == NULL || echo == NULL)) { |
932 | 0 | return SSH_ERROR; |
933 | 0 | } |
934 | | |
935 | 0 | rc = ssh_buffer_pack(msg->session->out_buffer, |
936 | 0 | "bsssd", |
937 | 0 | SSH2_MSG_USERAUTH_INFO_REQUEST, |
938 | 0 | name, |
939 | 0 | instruction, |
940 | 0 | "", /* language tag */ |
941 | 0 | num_prompts); |
942 | 0 | if (rc != SSH_OK){ |
943 | 0 | ssh_set_error_oom(msg->session); |
944 | 0 | return SSH_ERROR; |
945 | 0 | } |
946 | | |
947 | 0 | for(i = 0; i < num_prompts; i++) { |
948 | 0 | rc = ssh_buffer_pack(msg->session->out_buffer, |
949 | 0 | "sb", |
950 | 0 | prompts[i], |
951 | 0 | echo[i] ? 1 : 0); |
952 | 0 | if (rc != SSH_OK){ |
953 | 0 | ssh_set_error_oom(msg->session); |
954 | 0 | return SSH_ERROR; |
955 | 0 | } |
956 | 0 | } |
957 | | |
958 | 0 | rc = ssh_packet_send(msg->session); |
959 | | |
960 | | /* fill in the kbdint structure */ |
961 | 0 | if (msg->session->kbdint == NULL) { |
962 | 0 | SSH_LOG(SSH_LOG_DEBUG, "Warning: Got a keyboard-interactive response " |
963 | 0 | "but it seems we didn't send the request."); |
964 | |
|
965 | 0 | msg->session->kbdint = ssh_kbdint_new(); |
966 | 0 | if (msg->session->kbdint == NULL) { |
967 | 0 | ssh_set_error_oom(msg->session); |
968 | |
|
969 | 0 | return SSH_ERROR; |
970 | 0 | } |
971 | 0 | } else { |
972 | 0 | ssh_kbdint_clean(msg->session->kbdint); |
973 | 0 | } |
974 | | |
975 | 0 | msg->session->kbdint->name = strdup(name); |
976 | 0 | if(msg->session->kbdint->name == NULL) { |
977 | 0 | ssh_set_error_oom(msg->session); |
978 | 0 | ssh_kbdint_free(msg->session->kbdint); |
979 | 0 | msg->session->kbdint = NULL; |
980 | 0 | return SSH_PACKET_USED; |
981 | 0 | } |
982 | 0 | msg->session->kbdint->instruction = strdup(instruction); |
983 | 0 | if(msg->session->kbdint->instruction == NULL) { |
984 | 0 | ssh_set_error_oom(msg->session); |
985 | 0 | ssh_kbdint_free(msg->session->kbdint); |
986 | 0 | msg->session->kbdint = NULL; |
987 | 0 | return SSH_PACKET_USED; |
988 | 0 | } |
989 | | |
990 | 0 | msg->session->kbdint->nprompts = num_prompts; |
991 | 0 | if(num_prompts > 0) { |
992 | 0 | msg->session->kbdint->prompts = calloc(num_prompts, sizeof(char *)); |
993 | 0 | if (msg->session->kbdint->prompts == NULL) { |
994 | 0 | msg->session->kbdint->nprompts = 0; |
995 | 0 | ssh_set_error_oom(msg->session); |
996 | 0 | ssh_kbdint_free(msg->session->kbdint); |
997 | 0 | msg->session->kbdint = NULL; |
998 | 0 | return SSH_ERROR; |
999 | 0 | } |
1000 | 0 | msg->session->kbdint->echo = calloc(num_prompts, sizeof(unsigned char)); |
1001 | 0 | if (msg->session->kbdint->echo == NULL) { |
1002 | 0 | ssh_set_error_oom(msg->session); |
1003 | 0 | ssh_kbdint_free(msg->session->kbdint); |
1004 | 0 | msg->session->kbdint = NULL; |
1005 | 0 | return SSH_ERROR; |
1006 | 0 | } |
1007 | 0 | for (i = 0; i < num_prompts; i++) { |
1008 | 0 | msg->session->kbdint->echo[i] = echo[i]; |
1009 | 0 | msg->session->kbdint->prompts[i] = strdup(prompts[i]); |
1010 | 0 | if (msg->session->kbdint->prompts[i] == NULL) { |
1011 | 0 | ssh_set_error_oom(msg->session); |
1012 | 0 | msg->session->kbdint->nprompts = i; |
1013 | 0 | ssh_kbdint_free(msg->session->kbdint); |
1014 | 0 | msg->session->kbdint = NULL; |
1015 | 0 | return SSH_PACKET_USED; |
1016 | 0 | } |
1017 | 0 | } |
1018 | 0 | } else { |
1019 | 0 | msg->session->kbdint->prompts = NULL; |
1020 | 0 | msg->session->kbdint->echo = NULL; |
1021 | 0 | } |
1022 | 0 | msg->session->auth.state = SSH_AUTH_STATE_INFO; |
1023 | |
|
1024 | 0 | return rc; |
1025 | 0 | } |
1026 | | |
1027 | | /** |
1028 | | * @brief Sends SSH2_MSG_USERAUTH_SUCCESS or SSH2_MSG_USERAUTH_FAILURE message |
1029 | | * depending on the success of the authentication method |
1030 | | * |
1031 | | * @param session The session to reply to |
1032 | | * |
1033 | | * @param partial Denotes if the authentication process was partially completed |
1034 | | * (unsuccessful) |
1035 | | * |
1036 | | * @returns SSH_OK on success, otherwise SSH_ERROR |
1037 | | */ |
1038 | | int ssh_auth_reply_success(ssh_session session, int partial) |
1039 | 0 | { |
1040 | 0 | struct ssh_crypto_struct *crypto = NULL; |
1041 | 0 | int r; |
1042 | |
|
1043 | 0 | if (session == NULL) { |
1044 | 0 | return SSH_ERROR; |
1045 | 0 | } |
1046 | | |
1047 | 0 | if (partial) { |
1048 | 0 | return ssh_auth_reply_default(session, partial); |
1049 | 0 | } |
1050 | | |
1051 | 0 | r = ssh_buffer_add_u8(session->out_buffer,SSH2_MSG_USERAUTH_SUCCESS); |
1052 | 0 | if (r < 0) { |
1053 | 0 | return SSH_ERROR; |
1054 | 0 | } |
1055 | | |
1056 | 0 | r = ssh_packet_send(session); |
1057 | | |
1058 | | /* |
1059 | | * Consider the session as having been authenticated only after sending |
1060 | | * the USERAUTH_SUCCESS message. Setting these flags after ssh_packet_send |
1061 | | * ensures that a rekey is not triggered prematurely, causing the message |
1062 | | * to be queued. |
1063 | | */ |
1064 | 0 | session->session_state = SSH_SESSION_STATE_AUTHENTICATED; |
1065 | 0 | session->flags |= SSH_SESSION_FLAG_AUTHENTICATED; |
1066 | |
|
1067 | 0 | crypto = ssh_packet_get_current_crypto(session, SSH_DIRECTION_OUT); |
1068 | 0 | if (crypto != NULL && crypto->delayed_compress_out) { |
1069 | 0 | SSH_LOG(SSH_LOG_DEBUG, "Enabling delayed compression OUT"); |
1070 | 0 | crypto->do_compress_out = 1; |
1071 | 0 | } |
1072 | |
|
1073 | 0 | crypto = ssh_packet_get_current_crypto(session, SSH_DIRECTION_IN); |
1074 | 0 | if (crypto != NULL && crypto->delayed_compress_in) { |
1075 | 0 | SSH_LOG(SSH_LOG_DEBUG, "Enabling delayed compression IN"); |
1076 | 0 | crypto->do_compress_in = 1; |
1077 | 0 | } |
1078 | 0 | return r; |
1079 | 0 | } |
1080 | | |
1081 | 0 | int ssh_message_auth_reply_success(ssh_message msg, int partial) { |
1082 | 0 | if(msg == NULL) |
1083 | 0 | return SSH_ERROR; |
1084 | 0 | return ssh_auth_reply_success(msg->session, partial); |
1085 | 0 | } |
1086 | | |
1087 | | /** |
1088 | | * @brief Answer SSH2_MSG_USERAUTH_PK_OK to a pubkey authentication request |
1089 | | * |
1090 | | * @param msg The message |
1091 | | * |
1092 | | * @param algo The algorithm of the accepted public key |
1093 | | * |
1094 | | * @param pubkey The accepted public key |
1095 | | * |
1096 | | * @returns SSH_OK on success, otherwise SSH_ERROR |
1097 | | */ |
1098 | 0 | int ssh_message_auth_reply_pk_ok(ssh_message msg, ssh_string algo, ssh_string pubkey) { |
1099 | 0 | int rc; |
1100 | 0 | if (msg == NULL) { |
1101 | 0 | return SSH_ERROR; |
1102 | 0 | } |
1103 | | |
1104 | 0 | rc = ssh_buffer_pack(msg->session->out_buffer, |
1105 | 0 | "bSS", |
1106 | 0 | SSH2_MSG_USERAUTH_PK_OK, |
1107 | 0 | algo, |
1108 | 0 | pubkey); |
1109 | 0 | if(rc != SSH_OK){ |
1110 | 0 | ssh_set_error_oom(msg->session); |
1111 | 0 | return SSH_ERROR; |
1112 | 0 | } |
1113 | | |
1114 | 0 | rc = ssh_packet_send(msg->session); |
1115 | 0 | return rc; |
1116 | 0 | } |
1117 | | |
1118 | | /** |
1119 | | * @brief Answer SSH2_MSG_USERAUTH_PK_OK to a pubkey authentication request |
1120 | | * |
1121 | | * @param msg The message |
1122 | | * |
1123 | | * @returns SSH_OK on success, otherwise SSH_ERROR |
1124 | | */ |
1125 | 0 | int ssh_message_auth_reply_pk_ok_simple(ssh_message msg) { |
1126 | 0 | ssh_string algo; |
1127 | 0 | ssh_string pubkey_blob = NULL; |
1128 | 0 | int ret; |
1129 | |
|
1130 | 0 | algo = ssh_string_from_char(msg->auth_request.sigtype); |
1131 | 0 | if (algo == NULL) { |
1132 | 0 | return SSH_ERROR; |
1133 | 0 | } |
1134 | | |
1135 | 0 | ret = ssh_pki_export_pubkey_blob(msg->auth_request.pubkey, &pubkey_blob); |
1136 | 0 | if (ret < 0) { |
1137 | 0 | SSH_STRING_FREE(algo); |
1138 | 0 | return SSH_ERROR; |
1139 | 0 | } |
1140 | | |
1141 | 0 | ret = ssh_message_auth_reply_pk_ok(msg, algo, pubkey_blob); |
1142 | |
|
1143 | 0 | SSH_STRING_FREE(algo); |
1144 | 0 | SSH_STRING_FREE(pubkey_blob); |
1145 | |
|
1146 | 0 | return ret; |
1147 | 0 | } |
1148 | | |
1149 | | |
1150 | 0 | const char *ssh_message_channel_request_open_originator(ssh_message msg){ |
1151 | 0 | return msg->channel_request_open.originator; |
1152 | 0 | } |
1153 | | |
1154 | 0 | int ssh_message_channel_request_open_originator_port(ssh_message msg){ |
1155 | 0 | return msg->channel_request_open.originator_port; |
1156 | 0 | } |
1157 | | |
1158 | 0 | const char *ssh_message_channel_request_open_destination(ssh_message msg){ |
1159 | 0 | return msg->channel_request_open.destination; |
1160 | 0 | } |
1161 | | |
1162 | 0 | int ssh_message_channel_request_open_destination_port(ssh_message msg){ |
1163 | 0 | return msg->channel_request_open.destination_port; |
1164 | 0 | } |
1165 | | |
1166 | 0 | ssh_channel ssh_message_channel_request_channel(ssh_message msg){ |
1167 | 0 | return msg->channel_request.channel; |
1168 | 0 | } |
1169 | | |
1170 | 0 | const char *ssh_message_channel_request_pty_term(ssh_message msg){ |
1171 | 0 | return msg->channel_request.TERM; |
1172 | 0 | } |
1173 | | |
1174 | 0 | int ssh_message_channel_request_pty_width(ssh_message msg){ |
1175 | 0 | return msg->channel_request.width; |
1176 | 0 | } |
1177 | | |
1178 | 0 | int ssh_message_channel_request_pty_height(ssh_message msg){ |
1179 | 0 | return msg->channel_request.height; |
1180 | 0 | } |
1181 | | |
1182 | 0 | int ssh_message_channel_request_pty_pxwidth(ssh_message msg){ |
1183 | 0 | return msg->channel_request.pxwidth; |
1184 | 0 | } |
1185 | | |
1186 | 0 | int ssh_message_channel_request_pty_pxheight(ssh_message msg){ |
1187 | 0 | return msg->channel_request.pxheight; |
1188 | 0 | } |
1189 | | |
1190 | 0 | const char *ssh_message_channel_request_env_name(ssh_message msg){ |
1191 | 0 | return msg->channel_request.var_name; |
1192 | 0 | } |
1193 | | |
1194 | 0 | const char *ssh_message_channel_request_env_value(ssh_message msg){ |
1195 | 0 | return msg->channel_request.var_value; |
1196 | 0 | } |
1197 | | |
1198 | 0 | const char *ssh_message_channel_request_command(ssh_message msg){ |
1199 | 0 | return msg->channel_request.command; |
1200 | 0 | } |
1201 | | |
1202 | 0 | const char *ssh_message_channel_request_subsystem(ssh_message msg){ |
1203 | 0 | return msg->channel_request.subsystem; |
1204 | 0 | } |
1205 | | |
1206 | 0 | int ssh_message_channel_request_x11_single_connection(ssh_message msg){ |
1207 | 0 | return msg->channel_request.x11_single_connection ? 1 : 0; |
1208 | 0 | } |
1209 | | |
1210 | 0 | const char *ssh_message_channel_request_x11_auth_protocol(ssh_message msg){ |
1211 | 0 | return msg->channel_request.x11_auth_protocol; |
1212 | 0 | } |
1213 | | |
1214 | 0 | const char *ssh_message_channel_request_x11_auth_cookie(ssh_message msg){ |
1215 | 0 | return msg->channel_request.x11_auth_cookie; |
1216 | 0 | } |
1217 | | |
1218 | 0 | int ssh_message_channel_request_x11_screen_number(ssh_message msg){ |
1219 | 0 | return msg->channel_request.x11_screen_number; |
1220 | 0 | } |
1221 | | |
1222 | 0 | const char *ssh_message_global_request_address(ssh_message msg){ |
1223 | 0 | return msg->global_request.bind_address; |
1224 | 0 | } |
1225 | | |
1226 | 0 | int ssh_message_global_request_port(ssh_message msg){ |
1227 | 0 | return msg->global_request.bind_port; |
1228 | 0 | } |
1229 | | |
1230 | | /** @brief defines the ssh_message callback |
1231 | | * @param session the current ssh session |
1232 | | * @param[in] ssh_bind_message_callback a function pointer to a callback taking the |
1233 | | * current ssh session and received message as parameters. the function returns |
1234 | | * 0 if the message has been parsed and treated successfully, 1 otherwise (libssh |
1235 | | * must take care of the response). |
1236 | | * @param[in] data void pointer to be passed to callback functions |
1237 | | */ |
1238 | | void ssh_set_message_callback(ssh_session session, |
1239 | | int(*ssh_bind_message_callback)(ssh_session session, ssh_message msg, void *data), |
1240 | 0 | void *data) { |
1241 | 0 | session->ssh_message_callback = ssh_bind_message_callback; |
1242 | 0 | session->ssh_message_callback_data = data; |
1243 | 0 | } |
1244 | | |
1245 | 0 | int ssh_execute_message_callbacks(ssh_session session){ |
1246 | 0 | ssh_message msg=NULL; |
1247 | 0 | int ret; |
1248 | 0 | ssh_handle_packets(session, SSH_TIMEOUT_NONBLOCKING); |
1249 | 0 | if(!session->ssh_message_list) |
1250 | 0 | return SSH_OK; |
1251 | 0 | if(session->ssh_message_callback){ |
1252 | 0 | while((msg=ssh_message_pop_head(session)) != NULL) { |
1253 | 0 | ret=session->ssh_message_callback(session,msg, |
1254 | 0 | session->ssh_message_callback_data); |
1255 | 0 | if(ret==1){ |
1256 | 0 | ret = ssh_message_reply_default(msg); |
1257 | 0 | ssh_message_free(msg); |
1258 | 0 | if(ret != SSH_OK) |
1259 | 0 | return ret; |
1260 | 0 | } else { |
1261 | 0 | ssh_message_free(msg); |
1262 | 0 | } |
1263 | 0 | } |
1264 | 0 | } else { |
1265 | 0 | while((msg=ssh_message_pop_head(session)) != NULL) { |
1266 | 0 | ret = ssh_message_reply_default(msg); |
1267 | 0 | ssh_message_free(msg); |
1268 | 0 | if(ret != SSH_OK) |
1269 | 0 | return ret; |
1270 | 0 | } |
1271 | 0 | } |
1272 | 0 | return SSH_OK; |
1273 | 0 | } |
1274 | | |
1275 | | /** |
1276 | | * @brief Sends a keepalive message to the session |
1277 | | * |
1278 | | * @param session The session to send the message to |
1279 | | * |
1280 | | * @returns SSH_OK |
1281 | | */ |
1282 | | int ssh_send_keepalive(ssh_session session) |
1283 | 0 | { |
1284 | | /* Client denies the request, so the error code is not meaningful */ |
1285 | 0 | (void)ssh_global_request(session, "keepalive@openssh.com", NULL, 1); |
1286 | |
|
1287 | 0 | return SSH_OK; |
1288 | 0 | } |
1289 | | |
1290 | | /** @} */ |