session.h 8.78 KB
Newer Older
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
/*
 * Dropbear - a SSH2 server
 * 
 * Copyright (c) 2002,2003 Matt Johnston
 * All rights reserved.
 * 
 * Permission is hereby granted, free of charge, to any person obtaining a copy
 * of this software and associated documentation files (the "Software"), to deal
 * in the Software without restriction, including without limitation the rights
 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
 * copies of the Software, and to permit persons to whom the Software is
 * furnished to do so, subject to the following conditions:
 * 
 * The above copyright notice and this permission notice shall be included in
 * all copies or substantial portions of the Software.
 * 
 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
 * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
 * SOFTWARE. */

#ifndef _SESSION_H_
#define _SESSION_H_

#include "includes.h"
Matt Johnston's avatar
Matt Johnston committed
29
#include "options.h"
30
31
32
33
34
35
#include "buffer.h"
#include "signkey.h"
#include "kex.h"
#include "auth.h"
#include "channel.h"
#include "queue.h"
36
#include "listener.h"
37
#include "packet.h"
Matt Johnston's avatar
Matt Johnston committed
38
#include "tcpfwd.h"
39
#include "chansession.h"
40
#include "dbutil.h"
41
42
43
44

extern int sessinitdone; /* Is set to 0 somewhere */
extern int exitflag;

Matt Johnston's avatar
Matt Johnston committed
45
void common_session_init(int sock_in, int sock_out);
Matt Johnston's avatar
Matt Johnston committed
46
void session_loop(void(*loophandler)());
47
48
void common_session_cleanup();
void session_identification();
49
void send_msg_ignore();
50

51
const char* get_user_shell();
52
void fill_passwd(const char* username);
53
54

/* Server */
Matt Johnston's avatar
Matt Johnston committed
55
void svr_session(int sock, int childpipe);
56
void svr_dropbear_exit(int exitcode, const char* format, va_list param) ATTRIB_NORETURN;
57
58
void svr_dropbear_log(int priority, const char* format, va_list param);

Matt Johnston's avatar
Matt Johnston committed
59
/* Client */
Matt Johnston's avatar
Matt Johnston committed
60
void cli_session(int sock_in, int sock_out);
61
void cli_session_cleanup();
Matt Johnston's avatar
Matt Johnston committed
62
void cleantext(unsigned char* dirtytext);
63

64
65
/* crypto parameters that are stored individually for transmit and receive */
struct key_context_directional {
66
	const struct dropbear_cipher *algo_crypt;
67
	const struct dropbear_cipher_mode *crypt_mode;
68
	const struct dropbear_hash *algo_mac;
69
70
	int hash_index; /* lookup for libtomcrypt */
	char algo_comp; /* compression */
71
#ifndef DISABLE_ZLIB
72
	z_streamp zstream;
73
74
#endif
	/* actual keys */
Matt Johnston's avatar
Matt Johnston committed
75
76
77
78
79
	union {
		symmetric_CBC cbc;
#ifdef DROPBEAR_ENABLE_CTR_MODE
		symmetric_CTR ctr;
#endif
80
81
82
83
84
85
86
87
	} cipher_state;
	unsigned char mackey[MAX_MAC_KEY];
};

struct key_context {

	struct key_context_directional recv;
	struct key_context_directional trans;
88

89
90
91
92
93
	char algo_kex;
	char algo_hostkey;

	int allow_compress; /* whether compression has started (useful in 
							[email protected] delayed compression case) */
94
95
};

96
97
98
99
100
101
struct packetlist;
struct packetlist {
	struct packetlist *next;
	buffer * payload;
};

102
103
104
105
106
struct sshsession {

	/* Is it a client or server? */
	unsigned char isserver;

107
108
109
	time_t connect_time; /* time the connection was established
							(cleared after auth once we're not
							respecting AUTH_TIMEOUT any more) */
110

111
112
	int sock_in;
	int sock_out;
113
114
115
116
117
118
119
120
121
122
123

	unsigned char *remoteident;

	int maxfd; /* the maximum file descriptor to check with select() */


	/* Packet buffers/values etc */
	buffer *writepayload; /* Unencrypted payload to write - this is used
							 throughout the code, as handlers fill out this
							 buffer with the packet to send. */
	struct Queue writequeue; /* A queue of encrypted packets to send */
124
	buffer *readbuf; /* From the wire, decrypted in-place */
125
126
127
128
	buffer *payload; /* Post-decompression, the actual SSH packet */
	unsigned int transseq, recvseq; /* Sequence IDs */

	/* Packet-handling flags */
129
130
131
	const packettype * packettypes; /* Packet handler mappings for this
										session, see process-packet.c */

132
133
134
	unsigned dataallowed : 1; /* whether we can send data packets or we are in
								 the middle of a KEX or something */

135
	unsigned char requirenext; /* byte indicating what packet we require next, 
136
137
138
139
								or 0x00 for any */

	unsigned char ignorenext; /* whether to ignore the next packet,
								 used for kex_follows stuff */
140
141

	unsigned char lastpacket; /* What the last received packet type was */
142
	
143
	int signal_pipe[2]; /* stores endpoints of a self-pipe used for
144
						   race-free signal handling */
145
						
146
	time_t last_trx_packet_time; /* time of the last packet transmission, for
147
							keepalive purposes */
148

149
150
151
152
	time_t last_packet_time; /* time of the last packet transmission or receive, for
								idle timeout purposes */


153
154
155
156
157
158
159
160
161
162
163
	/* KEX/encryption related */
	struct KEXState kexstate;
	struct key_context *keys;
	struct key_context *newkeys;
	unsigned char *session_id; /* this is the hash from the first kex */
	/* The below are used temorarily during kex, are freed after use */
	mp_int * dh_K; /* SSH_MSG_KEXDH_REPLY and sending SSH_MSH_NEWKEYS */
	unsigned char hash[SHA1_HASH_SIZE]; /* the hash*/
	buffer* kexhashbuf; /* session hash buffer calculated from various packets*/
	buffer* transkexinit; /* the kexinit packet we send should be kept so we
							 can add it to the hash when generating keys */
164
165
166

	/* Enables/disables compression */
	algo_type *compress_algos;
167
168
169
170
							
	/* a list of queued replies that should be sent after a KEX has
	   concluded (ie, while dataallowed was unset)*/
	struct packetlist *reply_queue_head, *reply_queue_tail;
171

Matt Johnston's avatar
Matt Johnston committed
172
173
174
175
176
	algo_type*(*buf_match_algo)(buffer*buf, algo_type localalgos[],
			int *goodguess); /* The function to use to choose which algorithm
								to use from the ones presented by the remote
								side. Is specific to the client/server mode,
								hence the function-pointer callback.*/
177

Matt Johnston's avatar
Matt Johnston committed
178
179
180
181
182
183
	void(*remoteclosed)(); /* A callback to handle closure of the
									  remote connection */


	struct AuthState authstate; /* Common amongst client and server, since most
								   struct elements are common */
184
185
186
187

	/* Channel related */
	struct Channel ** channels; /* these pointers may be null */
	unsigned int chansize; /* the number of Channel*s allocated for channels */
Matt Johnston's avatar
Matt Johnston committed
188
	unsigned int chancount; /* the number of Channel*s in use */
189
	const struct ChanType **chantypes; /* The valid channel types */
190
191
192

	
	/* TCP forwarding - where manage listeners */
193
194
	struct Listener ** listeners;
	unsigned int listensize;
195

196
197
198
	/* Whether to allow binding to privileged ports (<1024). This doesn't
	 * really belong here, but nowhere else fits nicely */
	int allowprivport;
199
200
201
202
203
204
205
206
207
208
209
210

};

struct serversession {

	/* Server specific options */
	int childpipe; /* kept open until we successfully authenticate */
	/* userauth */

	struct ChildPid * childpids; /* array of mappings childpid<->channel */
	unsigned int childpidsize;

211
212
213
214
	/* Used to avoid a race in the exit returncode handling - see
	 * svr-chansession.c for details */
	struct exitinfo lastexit;

215
216
217
	/* The numeric address they connected from, used for logging */
	char * addrstring;

218
219
220
	/* The resolved remote address, used for lastlog etc */
	char *remotehost;

Matt Johnston's avatar
Matt Johnston committed
221
#ifdef USE_VFORK
222
223
224
	pid_t server_pid;
#endif

225
226
};

Matt Johnston's avatar
Matt Johnston committed
227
typedef enum {
Matt Johnston's avatar
Matt Johnston committed
228
	KEX_NOTHING,
Matt Johnston's avatar
Matt Johnston committed
229
230
	KEXINIT_RCVD,
	KEXDH_INIT_SENT,
231
	KEXDONE
Matt Johnston's avatar
Matt Johnston committed
232
233
234
235
236
237
238
239
240
241
} cli_kex_state;

typedef enum {
	STATE_NOTHING,
	SERVICE_AUTH_REQ_SENT,
	SERVICE_AUTH_ACCEPT_RCVD,
	SERVICE_CONN_REQ_SENT,
	SERVICE_CONN_ACCEPT_RCVD,
	USERAUTH_REQ_SENT,
	USERAUTH_FAIL_RCVD,
Matt Johnston's avatar
Matt Johnston committed
242
	USERAUTH_SUCCESS_RCVD,
243
	SESSION_RUNNING
Matt Johnston's avatar
Matt Johnston committed
244
} cli_state;
245
246
247

struct clientsession {

Matt Johnston's avatar
Matt Johnston committed
248
	mp_int *dh_e, *dh_x; /* Used during KEX */
Matt Johnston's avatar
Matt Johnston committed
249
250
	cli_kex_state kex_state; /* Used for progressing KEX */
	cli_state state; /* Used to progress auth/channelsession etc */
Matt Johnston's avatar
Matt Johnston committed
251
	unsigned donefirstkex : 1; /* Set when we set sentnewkeys, never reset */
252

253
254
	int tty_raw_mode; /* Whether we're in raw mode (and have to clean up) */
	struct termios saved_tio;
255
256
	int stdincopy;
	int stdinflags;
257
258
259
260
	int stdoutcopy;
	int stdoutflags;
	int stderrcopy;
	int stderrflags;
261

262
263
	int winchange; /* Set to 1 when a windowchange signal happens */

264
265
	int lastauthtype; /* either AUTH_TYPE_PUBKEY or AUTH_TYPE_PASSWORD,
						 for the last type of auth we tried */
266
267
268
269
270
271
#ifdef ENABLE_CLI_INTERACT_AUTH
	int auth_interact_failed; /* flag whether interactive auth can still
								 be used */
	int interact_request_received; /* flag whether we've received an 
									  info request from the server for
									  interactive auth.*/
272
273
274

	int cipher_none_after_auth; /* Set to 1 if the user requested "none"
								   auth */
275
#endif
276
	sign_key *lastprivkey;
277
278

	int retval; /* What the command exit status was - we emulate it */
279
280
281
282
283
#if 0
	TODO
	struct AgentkeyList *agentkeys; /* Keys to use for public-key auth */
#endif

284
285
286
287
288
289
290
291
292
293
};

/* Global structs storing the state */
extern struct sshsession ses;

#ifdef DROPBEAR_SERVER
extern struct serversession svr_ses;
#endif /* DROPBEAR_SERVER */

#ifdef DROPBEAR_CLIENT
Matt Johnston's avatar
Matt Johnston committed
294
extern struct clientsession cli_ses;
295
296
297
#endif /* DROPBEAR_CLIENT */

#endif /* _SESSION_H_ */