int connexion_disconnect(t_peer *peer)
{
if (ssh_is_connected(peer->connexion.session) == 1)
ssh_disconnect(peer->connexion.session);
peer->connexion.connexion_origin = NOT_CONNECTED;
return (0);
}
void
Session::disconnect() {
if (ssh_is_connected(this->c_session)) {
ssh_disconnect(this->c_session);
} else {
throw std::runtime_error("Session not connected");
}
}
Session::~Session() {
#ifndef NDEBUG
std::cout << "Destroing Session" << std::endl;
#endif
if (ssh_is_connected(this->c_session)) {
ssh_disconnect(this->c_session);
this->c_session = NULL;
}
}
static void teardown(void **state)
{
ssh_session session = (ssh_session) *state;
assert_non_null(session);
if (ssh_is_connected(session)) {
ssh_disconnect(session);
}
ssh_free(session);
}
static int teardown(void **state)
{
ssh_session session = *state;
assert_false(session == NULL);
if (ssh_is_connected(session)) {
ssh_disconnect(session);
}
ssh_free(session);
return 0;
}
static void on_ssh_read(__unused evutil_socket_t fd, __unused short what, void *arg)
{
struct tmate_ssh_client *client = arg;
ssh_execute_message_callbacks(client->session);
if (!ssh_is_connected(client->session)) {
tmate_warn("SSH Disconnected");
event_del(&client->ev_ssh);
/* For graceful tmux client termination */
request_server_termination();
}
}
/* does not really log, only fatal errors */
int
nc_session_is_connected(struct nc_session *session)
{
int ret;
struct pollfd fds;
switch (session->ti_type) {
case NC_TI_FD:
fds.fd = session->ti.fd.in;
break;
#ifdef NC_ENABLED_SSH
case NC_TI_LIBSSH:
return ssh_is_connected(session->ti.libssh.session);
#endif
#ifdef NC_ENABLED_TLS
case NC_TI_OPENSSL:
fds.fd = SSL_get_fd(session->ti.tls);
break;
#endif
default:
return 0;
}
if (fds.fd == -1) {
return 0;
}
fds.events = POLLIN;
fds.revents = 0;
errno = 0;
while (((ret = poll(&fds, 1, 0)) == -1) && (errno == EINTR));
if (ret == -1) {
ERR("Session %u: poll failed (%s).", session->id, strerror(errno));
return 0;
} else if ((ret > 0) && (fds.revents & (POLLHUP | POLLERR))) {
return 0;
}
return 1;
}
bool SSHConnection::is_connected() const
{
if (!session.get()) return false;
return ssh_is_connected(session.get()) == 1;
}
static gint
mock_ssh_server (const gchar *server_addr,
gint server_port,
const gchar *user,
const gchar *password,
gboolean multi_step)
{
char portname[16];
char addrname[16];
struct sockaddr_storage addr;
socklen_t addrlen;
ssh_bind sshbind;
const char *msg;
int r;
gint rounds = 0;
state.event = ssh_event_new ();
if (state.event == NULL)
g_return_val_if_reached (-1);
sshbind = ssh_bind_new ();
state.session = ssh_new ();
if (server_addr == NULL)
server_addr = "127.0.0.1";
ssh_bind_options_set (sshbind, SSH_BIND_OPTIONS_BINDADDR, server_addr);
ssh_bind_options_set (sshbind, SSH_BIND_OPTIONS_BINDPORT, &server_port);
ssh_bind_options_set (sshbind, SSH_BIND_OPTIONS_RSAKEY, SRCDIR "/src/ws/mock_rsa_key");
ssh_bind_options_set (sshbind, SSH_BIND_OPTIONS_DSAKEY, SRCDIR "/src/ws/mock_dsa_key");
if (ssh_bind_listen (sshbind) < 0)
{
g_critical ("couldn't listen on socket: %s", ssh_get_error (sshbind));
return 1;
}
state.bind_fd = ssh_bind_get_fd (sshbind);
state.user = user;
state.password = password;
state.multi_step = multi_step;
ssh_pki_import_pubkey_file (SRCDIR "/src/ws/test_rsa.pub",
&state.pkey);
state.buffer = g_byte_array_new ();
/* Print out the port */
if (server_port == 0)
{
addrlen = sizeof (addr);
if (getsockname (state.bind_fd, (struct sockaddr *)&addr, &addrlen) < 0)
{
g_critical ("couldn't get local address: %s", g_strerror (errno));
return 1;
}
r = getnameinfo ((struct sockaddr *)&addr, addrlen, addrname, sizeof (addrname),
portname, sizeof (portname), NI_NUMERICHOST | NI_NUMERICSERV);
if (r != 0)
{
g_critical ("couldn't get local port: %s", gai_strerror (r));
return 1;
}
/* Caller wants to know the port */
g_print ("%s\n", portname);
}
/* Close stdout (once above info is printed) */
close (1);
ssh_set_message_callback (state.session, authenticate_callback, &rounds);
r = ssh_bind_accept (sshbind, state.session);
if (r == SSH_ERROR)
{
g_critical ("accepting connection failed: %s", ssh_get_error (sshbind));
return 1;
}
state.session_fd = ssh_get_fd (state.session);
if (ssh_handle_key_exchange (state.session))
{
msg = ssh_get_error (state.session);
if (!strstr (msg, "_DISCONNECT"))
g_critical ("key exchange failed: %s", msg);
return 1;
}
if (ssh_event_add_session (state.event, state.session) != SSH_OK)
g_return_val_if_reached (-1);
do
{
ssh_event_dopoll (state.event, 10000);
}
while (ssh_is_connected (state.session));
ssh_event_remove_session (state.event, state.session);
ssh_event_free (state.event);
ssh_free (state.session);
ssh_key_free (state.pkey);
g_byte_array_free (state.buffer, TRUE);
ssh_bind_free (sshbind);
return 0;
}
static int pkd_exec_hello(int fd, struct pkd_daemon_args *args) {
int rc = -1;
ssh_bind b = NULL;
ssh_session s = NULL;
ssh_event e = NULL;
ssh_channel c = NULL;
enum ssh_bind_options_e opts = -1;
int level = args->opts.libssh_log_level;
enum pkd_hostkey_type_e type = args->type;
const char *hostkeypath = args->hostkeypath;
pkd_state.eof_received = 0;
pkd_state.close_received = 0;
pkd_state.req_exec_received = 0;
b = ssh_bind_new();
if (b == NULL) {
pkderr("ssh_bind_new\n");
goto outclose;
}
if (type == PKD_RSA) {
opts = SSH_BIND_OPTIONS_RSAKEY;
} else if (type == PKD_ED25519) {
opts = SSH_BIND_OPTIONS_HOSTKEY;
#ifdef HAVE_DSA
} else if (type == PKD_DSA) {
opts = SSH_BIND_OPTIONS_DSAKEY;
#endif
} else if (type == PKD_ECDSA) {
opts = SSH_BIND_OPTIONS_ECDSAKEY;
} else {
pkderr("unknown kex algorithm: %d\n", type);
rc = -1;
goto outclose;
}
rc = ssh_bind_options_set(b, opts, hostkeypath);
if (rc != 0) {
pkderr("ssh_bind_options_set: %s\n", ssh_get_error(b));
goto outclose;
}
rc = ssh_bind_options_set(b, SSH_BIND_OPTIONS_LOG_VERBOSITY, &level);
if (rc != 0) {
pkderr("ssh_bind_options_set log verbosity: %s\n", ssh_get_error(b));
goto outclose;
}
s = ssh_new();
if (s == NULL) {
pkderr("ssh_new\n");
goto outclose;
}
/*
* ssh_bind_accept loads host key as side-effect. If this
* succeeds, the given 'fd' will be closed upon 'ssh_free(s)'.
*/
rc = ssh_bind_accept_fd(b, s, fd);
if (rc != SSH_OK) {
pkderr("ssh_bind_accept_fd: %s\n", ssh_get_error(b));
goto outclose;
}
/* accept only publickey-based auth */
ssh_set_auth_methods(s, SSH_AUTH_METHOD_PUBLICKEY);
/* initialize callbacks */
ssh_callbacks_init(&pkd_server_cb);
pkd_server_cb.userdata = &c;
rc = ssh_set_server_callbacks(s, &pkd_server_cb);
if (rc != SSH_OK) {
pkderr("ssh_set_server_callbacks: %s\n", ssh_get_error(s));
goto out;
}
/* first do key exchange */
rc = ssh_handle_key_exchange(s);
if (rc != SSH_OK) {
pkderr("ssh_handle_key_exchange: %s\n", ssh_get_error(s));
goto out;
}
/* setup and pump event to carry out exec channel */
e = ssh_event_new();
if (e == NULL) {
pkderr("ssh_event_new\n");
goto out;
}
rc = ssh_event_add_session(e, s);
if (rc != SSH_OK) {
pkderr("ssh_event_add_session\n");
goto out;
}
/* poll until exec channel established */
while ((ctx.keep_going != 0) &&
(rc != SSH_ERROR) && (pkd_state.req_exec_received == 0)) {
rc = ssh_event_dopoll(e, -1 /* infinite timeout */);
}
if (rc == SSH_ERROR) {
pkderr("ssh_event_dopoll\n");
goto out;
} else if (c == NULL) {
pkderr("poll loop exited but exec channel not ready\n");
rc = -1;
goto out;
}
rc = ssh_channel_write(c, "hello\n", 6); /* XXX: customizable payloads */
if (rc != 6) {
pkderr("ssh_channel_write partial (%d)\n", rc);
}
rc = ssh_channel_request_send_exit_status(c, 0);
if (rc != SSH_OK) {
pkderr("ssh_channel_request_send_exit_status: %s\n",
ssh_get_error(s));
goto out;
}
rc = ssh_channel_send_eof(c);
if (rc != SSH_OK) {
pkderr("ssh_channel_send_eof: %s\n", ssh_get_error(s));
goto out;
}
rc = ssh_channel_close(c);
if (rc != SSH_OK) {
pkderr("ssh_channel_close: %s\n", ssh_get_error(s));
goto out;
}
while ((ctx.keep_going != 0) &&
(pkd_state.eof_received == 0) &&
(pkd_state.close_received == 0)) {
rc = ssh_event_dopoll(e, 1000 /* milliseconds */);
if (rc == SSH_ERROR) {
/* log, but don't consider this fatal */
pkdout("ssh_event_dopoll for eof + close: %s\n", ssh_get_error(s));
rc = 0;
break;
} else {
rc = 0;
}
}
while ((ctx.keep_going != 0) &&
(ssh_is_connected(s))) {
rc = ssh_event_dopoll(e, 1000 /* milliseconds */);
if (rc == SSH_ERROR) {
/* log, but don't consider this fatal */
pkdout("ssh_event_dopoll for session connection: %s\n", ssh_get_error(s));
rc = 0;
break;
} else {
rc = 0;
}
}
goto out;
outclose:
close(fd);
out:
if (c != NULL) {
ssh_channel_free(c);
}
if (e != NULL) {
ssh_event_remove_session(e, s);
ssh_event_free(e);
}
if (s != NULL) {
ssh_disconnect(s);
ssh_free(s);
}
if (b != NULL) {
ssh_bind_free(b);
}
return rc;
}
int32_t start_ssh(int32_t s, char *ip, int32_t port, unsigned char options, char *miscptr, FILE * fp) {
char *empty = "";
char *login, *pass, keep_login[300];
int32_t auth_state = 0, rc = 0, i = 0;
if (strlen(login = hydra_get_next_login()) == 0)
login = empty;
if (strlen(pass = hydra_get_next_password()) == 0)
pass = empty;
if (new_session) {
if (session) {
ssh_disconnect(session);
ssh_finalize();
ssh_free(session);
}
session = ssh_new();
ssh_options_set(session, SSH_OPTIONS_PORT, &port);
ssh_options_set(session, SSH_OPTIONS_HOST, hydra_address2string(ip));
ssh_options_set(session, SSH_OPTIONS_USER, login);
ssh_options_set(session, SSH_OPTIONS_COMPRESSION_C_S, "none");
ssh_options_set(session, SSH_OPTIONS_COMPRESSION_S_C, "none");
if (ssh_connect(session) != 0) {
//if the connection was drop, exit and let hydra main handle it
if (verbose)
hydra_report(stderr, "[ERROR] could not connect to target port %d: %s\n", port, ssh_get_error(session));
return 3;
}
if ((rc = ssh_userauth_none(session, NULL)) == SSH_AUTH_ERROR) {
return 3;
} else if (rc == SSH_AUTH_SUCCESS) {
hydra_report_found_host(port, ip, "ssh", fp);
hydra_completed_pair_found();
if (memcmp(hydra_get_next_pair(), &HYDRA_EXIT, sizeof(HYDRA_EXIT)) == 0)
return 2;
else
return 1;
}
} else
new_session = 1;
auth_state = ssh_auth_list(session);
if ((auth_state & SSH_AUTH_METHOD_PASSWORD) > 0) {
auth_state = ssh_userauth_password(session, NULL, pass);
} else if ((auth_state & SSH_AUTH_METHOD_INTERACTIVE) > 0) {
auth_state = ssh_userauth_kbdint(session, NULL, NULL);
while (auth_state == SSH_AUTH_INFO) {
rc = ssh_userauth_kbdint_getnprompts(session);
for (i = 0; i < rc; i++)
ssh_userauth_kbdint_setanswer(session, i, pass);
auth_state = ssh_userauth_kbdint(session, NULL, NULL);
}
} else {
return 4;
}
if (auth_state == SSH_AUTH_ERROR || !ssh_is_connected(session)) {
new_session = 1;
return 1;
}
if (auth_state == SSH_AUTH_SUCCESS || auth_state == SSH_AUTH_PARTIAL) {
hydra_report_found_host(port, ip, "ssh", fp);
hydra_completed_pair_found();
if (memcmp(hydra_get_next_pair(), &HYDRA_EXIT, sizeof(HYDRA_EXIT)) == 0)
return 2;
return 1;
} else {
strncpy(keep_login, login, sizeof(keep_login) - 1);
keep_login[sizeof(keep_login) - 1] = '\0';
hydra_completed_pair();
if (memcmp(hydra_get_next_pair(), &HYDRA_EXIT, sizeof(HYDRA_EXIT)) == 0)
return 2;
login = hydra_get_next_login();
if (strcmp(login, keep_login) == 0)
new_session = 0;
return 1;
}
/* not reached */
return 1;
}
ssh_session torture_ssh_session(const char *host,
const char *user,
const char *password) {
ssh_session session;
int rc;
if (host == NULL) {
return NULL;
}
session = ssh_new();
if (session == NULL) {
return NULL;
}
if (ssh_options_set(session, SSH_OPTIONS_HOST, host) < 0) {
goto failed;
}
if (user != NULL) {
if (ssh_options_set(session, SSH_OPTIONS_USER, user) < 0) {
goto failed;
}
}
if (ssh_options_set(session, SSH_OPTIONS_LOG_VERBOSITY, &verbosity) < 0) {
goto failed;
}
if (ssh_connect(session)) {
goto failed;
}
/* We are in testing mode, so consinder the hostkey as verified ;) */
/* This request should return a SSH_REQUEST_DENIED error */
rc = ssh_userauth_none(session, NULL);
if (rc == SSH_ERROR) {
goto failed;
}
if (!(ssh_auth_list(session) & SSH_AUTH_METHOD_INTERACTIVE)) {
goto failed;
}
if (password != NULL) {
rc = _torture_auth_kbdint(session, password);
} else {
rc = ssh_userauth_autopubkey(session, NULL);
if (rc == SSH_AUTH_ERROR) {
goto failed;
}
}
if (rc != SSH_AUTH_SUCCESS) {
goto failed;
}
return session;
failed:
if (ssh_is_connected(session)) {
ssh_disconnect(session);
}
ssh_free(session);
return NULL;
}