/**
* @internal
*
* @brief Add a message to the current queue of messages to be parsed and/or call
* the various callback functions.
*
* @param[in] session The SSH session to add the message.
*
* @param[in] message The message to add to the queue.
*/
void ssh_message_queue(ssh_session session, ssh_message message){
if (message != NULL) {
#ifdef WITH_SERVER
int ret;
/* probably not the best place to execute server callbacks, but still better
* than nothing.
*/
ret = ssh_execute_server_callbacks(session, message);
if (ret == SSH_OK){
ssh_message_free(message);
return;
}
#endif /* WITH_SERVER */
if(session->ssh_message_callback != NULL) {
ssh_execute_message_callback(session, message);
return;
}
if (session->server_callbacks != NULL){
/* if we have server callbacks, but nothing was executed, it means we are
* in non-synchronous mode, and we just don't care about the message we
* received. Just send a default response. Do not queue it.
*/
ssh_message_reply_default(message);
ssh_message_free(message);
return;
}
if(session->ssh_message_list == NULL) {
session->ssh_message_list = ssh_list_new();
}
if (session->ssh_message_list != NULL) {
ssh_list_append(session->ssh_message_list, message);
}
}
}
int ssh_execute_message_callbacks(ssh_session session){
ssh_message msg=NULL;
int ret;
ssh_handle_packets(session, SSH_TIMEOUT_NONBLOCKING);
if(!session->ssh_message_list)
return SSH_OK;
if(session->ssh_message_callback){
while((msg=ssh_message_pop_head(session)) != NULL) {
ret=session->ssh_message_callback(session,msg,
session->ssh_message_callback_data);
if(ret==1){
ret = ssh_message_reply_default(msg);
ssh_message_free(msg);
if(ret != SSH_OK)
return ret;
} else {
ssh_message_free(msg);
}
}
} else {
while((msg=ssh_message_pop_head(session)) != NULL) {
ret = ssh_message_reply_default(msg);
ssh_message_free(msg);
if(ret != SSH_OK)
return ret;
}
}
return SSH_OK;
}
static int authenticate(ssh_session session) {
ssh_message message;
do {
message=ssh_message_get(session);
if(!message)
break;
switch(ssh_message_type(message)){
case SSH_REQUEST_AUTH:
switch(ssh_message_subtype(message)){
case SSH_AUTH_METHOD_PASSWORD:
printf("User %s wants to auth with pass %s\n",
ssh_message_auth_user(message),
ssh_message_auth_password(message));
if(auth_password(ssh_message_auth_user(message),
ssh_message_auth_password(message))){
ssh_message_auth_reply_success(message,0);
ssh_message_free(message);
return 1;
}
ssh_message_auth_set_methods(message,
SSH_AUTH_METHOD_PASSWORD |
SSH_AUTH_METHOD_INTERACTIVE);
// not authenticated, send default message
ssh_message_reply_default(message);
break;
case SSH_AUTH_METHOD_NONE:
default:
printf("User %s wants to auth with unknown auth %d\n",
ssh_message_auth_user(message),
ssh_message_subtype(message));
ssh_message_auth_set_methods(message,
SSH_AUTH_METHOD_PASSWORD |
SSH_AUTH_METHOD_INTERACTIVE);
ssh_message_reply_default(message);
break;
}
break;
default:
ssh_message_auth_set_methods(message,
SSH_AUTH_METHOD_PASSWORD |
SSH_AUTH_METHOD_INTERACTIVE);
ssh_message_reply_default(message);
}
ssh_message_free(message);
} while (1);
return 0;
}
/* Logs password auth attempts. Always replies with SSH_MESSAGE_USERAUTH_FAILURE. */
int handle_auth(ssh_session session) {
struct connection con;
con.session = session;
/* Perform key exchange. */
if (ssh_handle_key_exchange(con.session)) {
fprintf(stderr, "Error exchanging keys: `%s'.\n", ssh_get_error(con.session));
return -1;
}
if (DEBUG) { printf("Successful key exchange.\n"); }
/* Wait for a message, which should be an authentication attempt. Send the default
* reply if it isn't. Log the attempt and quit. */
while (1) {
if ((con.message = ssh_message_get(con.session)) == NULL) {
break;
}
/* Log the authentication request and disconnect. */
if (ssh_message_subtype(con.message) == SSH_AUTH_METHOD_PASSWORD) {
log_attempt(&con);
}
else {
if (DEBUG) { fprintf(stderr, "Not a password authentication attempt.\n"); }
}
/* Send the default message regardless of the request type. */
ssh_message_reply_default(con.message);
ssh_message_free(con.message);
}
if (DEBUG) { printf("Exiting child.\n"); }
return 0;
}
CHANNEL *recv_channel(SSH_SESSION *session){
CHANNEL *chan=NULL;
SSH_MESSAGE *message;
int sftp=0;
do {
message=ssh_message_get(session);
if(message){
switch(ssh_message_type(message)){
case SSH_CHANNEL_REQUEST_OPEN:
if(ssh_message_subtype(message)==SSH_CHANNEL_SESSION){
chan=ssh_message_channel_request_open_reply_accept(message);
break;
}
default:
ssh_message_reply_default(message);
}
ssh_message_free(message);
}
} while(message && !chan);
if(!chan)
return NULL;
do {
message=ssh_message_get(session);
if(message && ssh_message_type(message)==SSH_CHANNEL_REQUEST &&
ssh_message_subtype(message)==SSH_CHANNEL_REQUEST_SUBSYSTEM){
if(!strcmp(ssh_message_channel_request_subsystem(message),"sftp")){
sftp=1;
ssh_message_channel_request_reply_success(message);
break;
}
}
if(!sftp){
ssh_message_reply_default(message);
}
ssh_message_free(message);
} while (message && !sftp);
if(!message)
return NULL;
return chan;
}
static int ssh_execute_message_callback(ssh_session session, ssh_message msg) {
int ret;
if(session->ssh_message_callback != NULL) {
ret = session->ssh_message_callback(session, msg,
session->ssh_message_callback_data);
if(ret == 1) {
ret = ssh_message_reply_default(msg);
ssh_message_free(msg);
if(ret != SSH_OK) {
return ret;
}
} else {
ssh_message_free(msg);
}
} else {
ret = ssh_message_reply_default(msg);
ssh_message_free(msg);
if(ret != SSH_OK) {
return ret;
}
}
return SSH_OK;
}
// Listen for incoming SSH connections.
// When a connection is established, write all data received to stdout.
void server_pipe(char *host, int port)
{
ssh_bind b = ssh_bind_new();
ssh_session s = ssh_new();
ssh_bind_options_set(b, SSH_BIND_OPTIONS_BINDADDR, host);
ssh_bind_options_set(b, SSH_BIND_OPTIONS_BINDPORT, &port);
ssh_bind_options_set(b, SSH_BIND_OPTIONS_RSAKEY, "test-server-key");
ssh_bind_options_set(b, SSH_BIND_OPTIONS_LOG_VERBOSITY_STR, "5");
if(ssh_bind_listen(b) < 0)
session_error(b, "listen");
if(ssh_bind_accept(b, s) != SSH_OK)
session_error(b, "accept");
if(ssh_accept(s) < 0)
session_error(s, "handshake");
int state = SERVER_CONNECTED;
while(1)
{
ssh_message m = ssh_message_get(s);
if(m)
{
int type = ssh_message_type(m);
int subtype = ssh_message_subtype(m);
ssh_message_auth_set_methods(m, SSH_AUTH_METHOD_PUBLICKEY);
server_handle_message(s, m, type, subtype, &state);
ssh_message_free(m);
if(state == SERVER_CLOSED)
{
ssh_disconnect(s);
ssh_bind_free(b);
ssh_finalize();
return;
}
}
else
{
session_error(s, "session");
}
}
}
/**
* @brief Disconnect from a session (client or server).
* The session can then be reused to open a new session.
*
* @param[in] session The SSH session to use.
*/
void ssh_disconnect(ssh_session session) {
ssh_string str = NULL;
struct ssh_iterator *it;
if (session == NULL) {
return;
}
if (session->socket != NULL && ssh_socket_is_open(session->socket)) {
if (buffer_add_u8(session->out_buffer, SSH2_MSG_DISCONNECT) < 0) {
goto error;
}
if (buffer_add_u32(session->out_buffer,
htonl(SSH2_DISCONNECT_BY_APPLICATION)) < 0) {
goto error;
}
str = ssh_string_from_char("Bye Bye");
if (str == NULL) {
goto error;
}
if (buffer_add_ssh_string(session->out_buffer,str) < 0) {
ssh_string_free(str);
goto error;
}
ssh_string_free(str);
packet_send(session);
ssh_socket_close(session->socket);
}
error:
session->alive = 0;
if (session->socket != NULL){
ssh_socket_reset(session->socket);
}
session->opts.fd = SSH_INVALID_SOCKET;
session->session_state=SSH_SESSION_STATE_DISCONNECTED;
while ((it=ssh_list_get_iterator(session->channels)) != NULL) {
ssh_channel_do_free(ssh_iterator_value(ssh_channel,it));
ssh_list_remove(session->channels, it);
}
if(session->current_crypto){
crypto_free(session->current_crypto);
session->current_crypto=NULL;
}
if (session->in_buffer) {
ssh_buffer_reinit(session->in_buffer);
}
if (session->out_buffer) {
ssh_buffer_reinit(session->out_buffer);
}
if (session->in_hashbuf) {
ssh_buffer_reinit(session->in_hashbuf);
}
if (session->out_hashbuf) {
ssh_buffer_reinit(session->out_hashbuf);
}
session->auth_methods = 0;
SAFE_FREE(session->serverbanner);
SAFE_FREE(session->clientbanner);
if(session->ssh_message_list){
ssh_message msg;
while((msg=ssh_list_pop_head(ssh_message ,session->ssh_message_list))
!= NULL){
ssh_message_free(msg);
}
ssh_list_free(session->ssh_message_list);
session->ssh_message_list=NULL;
}
if (session->packet_callbacks){
ssh_list_free(session->packet_callbacks);
session->packet_callbacks=NULL;
}
}
/**
* @brief Deallocate a SSH session handle.
*
* @param[in] session The SSH session to free.
*
* @see ssh_disconnect()
* @see ssh_new()
*/
void ssh_free(ssh_session session) {
int i;
struct ssh_iterator *it;
if (session == NULL) {
return;
}
/*
* Delete all channels
*
* This needs the first thing we clean up cause if there is still an open
* channel we call ssh_channel_close() first. So we need a working socket
* and poll context for it.
*/
for (it = ssh_list_get_iterator(session->channels);
it != NULL;
it = ssh_list_get_iterator(session->channels)) {
ssh_channel_do_free(ssh_iterator_value(ssh_channel,it));
ssh_list_remove(session->channels, it);
}
ssh_list_free(session->channels);
session->channels = NULL;
#ifdef WITH_PCAP
if (session->pcap_ctx) {
ssh_pcap_context_free(session->pcap_ctx);
session->pcap_ctx = NULL;
}
#endif
ssh_socket_free(session->socket);
session->socket = NULL;
if (session->default_poll_ctx) {
ssh_poll_ctx_free(session->default_poll_ctx);
}
ssh_buffer_free(session->in_buffer);
ssh_buffer_free(session->out_buffer);
session->in_buffer = session->out_buffer = NULL;
if (session->in_hashbuf != NULL) {
ssh_buffer_free(session->in_hashbuf);
}
if (session->out_hashbuf != NULL) {
ssh_buffer_free(session->out_hashbuf);
}
crypto_free(session->current_crypto);
crypto_free(session->next_crypto);
#ifndef _WIN32
agent_free(session->agent);
#endif /* _WIN32 */
ssh_key_free(session->srv.dsa_key);
ssh_key_free(session->srv.rsa_key);
if (session->ssh_message_list) {
ssh_message msg;
for (msg = ssh_list_pop_head(ssh_message, session->ssh_message_list);
msg != NULL;
msg = ssh_list_pop_head(ssh_message, session->ssh_message_list)) {
ssh_message_free(msg);
}
ssh_list_free(session->ssh_message_list);
}
if (session->packet_callbacks) {
ssh_list_free(session->packet_callbacks);
}
/* options */
if (session->opts.identity) {
char *id;
for (id = ssh_list_pop_head(char *, session->opts.identity);
id != NULL;
id = ssh_list_pop_head(char *, session->opts.identity)) {
SAFE_FREE(id);
}
ssh_list_free(session->opts.identity);
}
int main(int argc, char **argv){
ssh_session session;
ssh_bind sshbind;
ssh_message message;
ssh_channel chan=0;
char buf[2048];
int auth=0;
int sftp=0;
int i;
int r;
sshbind=ssh_bind_new();
session=ssh_new();
ssh_bind_options_set(sshbind, SSH_BIND_OPTIONS_DSAKEY, KEYS_FOLDER "ssh_host_dsa_key");
ssh_bind_options_set(sshbind, SSH_BIND_OPTIONS_RSAKEY, KEYS_FOLDER "ssh_host_rsa_key");
#ifdef HAVE_ARGP_H
/*
* Parse our arguments; every option seen by parse_opt will
* be reflected in arguments.
*/
argp_parse (&argp, argc, argv, 0, 0, sshbind);
#else
(void) argc;
(void) argv;
#endif
#ifdef WITH_PCAP
set_pcap(session);
#endif
if(ssh_bind_listen(sshbind)<0){
printf("Error listening to socket: %s\n",ssh_get_error(sshbind));
return 1;
}
r=ssh_bind_accept(sshbind,session);
if(r==SSH_ERROR){
printf("error accepting a connection : %s\n",ssh_get_error(sshbind));
return 1;
}
if (ssh_handle_key_exchange(session)) {
printf("ssh_handle_key_exchange: %s\n", ssh_get_error(session));
return 1;
}
do {
message=ssh_message_get(session);
if(!message)
break;
switch(ssh_message_type(message)){
case SSH_REQUEST_AUTH:
switch(ssh_message_subtype(message)){
case SSH_AUTH_METHOD_PASSWORD:
printf("User %s wants to auth with pass %s\n",
ssh_message_auth_user(message),
ssh_message_auth_password(message));
if(auth_password(ssh_message_auth_user(message),
ssh_message_auth_password(message))){
auth=1;
ssh_message_auth_reply_success(message,0);
break;
}
// not authenticated, send default message
case SSH_AUTH_METHOD_NONE:
default:
ssh_message_auth_set_methods(message,SSH_AUTH_METHOD_PASSWORD);
ssh_message_reply_default(message);
break;
}
break;
default:
ssh_message_reply_default(message);
}
ssh_message_free(message);
} while (!auth);
if(!auth){
printf("auth error: %s\n",ssh_get_error(session));
ssh_disconnect(session);
return 1;
}
do {
message=ssh_message_get(session);
if(message){
switch(ssh_message_type(message)){
case SSH_REQUEST_CHANNEL_OPEN:
if(ssh_message_subtype(message)==SSH_CHANNEL_SESSION){
chan=ssh_message_channel_request_open_reply_accept(message);
break;
}
default:
ssh_message_reply_default(message);
}
ssh_message_free(message);
}
} while(message && !chan);
if(!chan){
printf("error : %s\n",ssh_get_error(session));
ssh_finalize();
return 1;
}
do {
message=ssh_message_get(session);
if(message && ssh_message_type(message)==SSH_REQUEST_CHANNEL &&
ssh_message_subtype(message)==SSH_CHANNEL_REQUEST_SHELL){
// if(!strcmp(ssh_message_channel_request_subsystem(message),"sftp")){
sftp=1;
ssh_message_channel_request_reply_success(message);
break;
// }
}
if(!sftp){
ssh_message_reply_default(message);
}
ssh_message_free(message);
} while (message && !sftp);
if(!sftp){
printf("error : %s\n",ssh_get_error(session));
return 1;
}
printf("it works !\n");
do{
i=ssh_channel_read(chan,buf, 2048, 0);
if(i>0) {
ssh_channel_write(chan, buf, i);
if (write(1,buf,i) < 0) {
printf("error writing to buffer\n");
return 1;
}
}
} while (i>0);
ssh_disconnect(session);
ssh_bind_free(sshbind);
#ifdef WITH_PCAP
cleanup_pcap();
#endif
ssh_finalize();
return 0;
}
int main(int argc, char **argv){
ssh_session session;
ssh_bind sshbind;
ssh_message message;
ssh_channel chan=0;
char buf[2048];
int auth=0;
int shell=0;
int i;
int r;
sshbind=ssh_bind_new();
session=ssh_new();
ssh_bind_options_set(sshbind, SSH_BIND_OPTIONS_DSAKEY,
KEYS_FOLDER "ssh_host_dsa_key");
ssh_bind_options_set(sshbind, SSH_BIND_OPTIONS_RSAKEY,
KEYS_FOLDER "ssh_host_rsa_key");
#ifdef HAVE_ARGP_H
/*
* Parse our arguments; every option seen by parse_opt will
* be reflected in arguments.
*/
argp_parse (&argp, argc, argv, 0, 0, sshbind);
#else
(void) argc;
(void) argv;
#endif
#ifdef WITH_PCAP
set_pcap(session);
#endif
if(ssh_bind_listen(sshbind)<0){
printf("Error listening to socket: %s\n", ssh_get_error(sshbind));
return 1;
}
printf("Started sample libssh sshd on port %d\n", port);
printf("You can login as the user %s with the password %s\n", SSHD_USER,
SSHD_PASSWORD);
r = ssh_bind_accept(sshbind, session);
if(r==SSH_ERROR){
printf("Error accepting a connection: %s\n", ssh_get_error(sshbind));
return 1;
}
if (ssh_handle_key_exchange(session)) {
printf("ssh_handle_key_exchange: %s\n", ssh_get_error(session));
return 1;
}
/* proceed to authentication */
auth = authenticate(session);
if (!auth || !authenticated) {
printf("Authentication error: %s\n", ssh_get_error(session));
ssh_disconnect(session);
return 1;
}
/* wait for a channel session */
do {
message = ssh_message_get(session);
if(message){
if(ssh_message_type(message) == SSH_REQUEST_CHANNEL_OPEN &&
ssh_message_subtype(message) == SSH_CHANNEL_SESSION) {
chan = ssh_message_channel_request_open_reply_accept(message);
ssh_message_free(message);
break;
} else {
ssh_message_reply_default(message);
ssh_message_free(message);
}
} else {
break;
}
} while(!chan);
if(!chan) {
printf("Error: cleint did not ask for a channel session (%s)\n",
ssh_get_error(session));
ssh_finalize();
return 1;
}
/* wait for a shell */
do {
message = ssh_message_get(session);
if(message != NULL) {
if(ssh_message_type(message) == SSH_REQUEST_CHANNEL &&
ssh_message_subtype(message) == SSH_CHANNEL_REQUEST_SHELL) {
shell = 1;
ssh_message_channel_request_reply_success(message);
ssh_message_free(message);
break;
}
ssh_message_reply_default(message);
ssh_message_free(message);
} else {
break;
}
} while(!shell);
if(!shell) {
printf("Error: No shell requested (%s)\n", ssh_get_error(session));
return 1;
}
printf("it works !\n");
do{
i=ssh_channel_read(chan,buf, 2048, 0);
if(i>0) {
if(*buf == '' || *buf == '')
break;
if(i == 1 && *buf == '\r')
ssh_channel_write(chan, "\r\n", 2);
else
ssh_channel_write(chan, buf, i);
if (write(1,buf,i) < 0) {
printf("error writing to buffer\n");
return 1;
}
}
} while (i>0);
ssh_channel_close(chan);
ssh_disconnect(session);
ssh_bind_free(sshbind);
#ifdef WITH_PCAP
cleanup_pcap();
#endif
ssh_finalize();
return 0;
}
static int authenticate(ssh_session session) {
ssh_message message;
name = "\n\nKeyboard-Interactive Fancy Authentication\n";
instruction = "Please enter your real name and your password";
prompts[0] = "Real name: ";
prompts[1] = "Password: "******"User %s wants to auth with pass %s\n",
ssh_message_auth_user(message),
ssh_message_auth_password(message));
if(auth_password(ssh_message_auth_user(message),
ssh_message_auth_password(message))){
ssh_message_auth_reply_success(message,0);
ssh_message_free(message);
return 1;
}
ssh_message_auth_set_methods(message,
SSH_AUTH_METHOD_PASSWORD |
SSH_AUTH_METHOD_INTERACTIVE);
// not authenticated, send default message
ssh_message_reply_default(message);
break;
case SSH_AUTH_METHOD_INTERACTIVE:
if(!ssh_message_auth_kbdint_is_response(message)) {
printf("User %s wants to auth with kbdint\n",
ssh_message_auth_user(message));
ssh_message_auth_interactive_request(message, name,
instruction, 2, prompts, echo);
} else {
if(kbdint_check_response(session)) {
ssh_message_auth_reply_success(message,0);
ssh_message_free(message);
return 1;
}
ssh_message_auth_set_methods(message,
SSH_AUTH_METHOD_PASSWORD |
SSH_AUTH_METHOD_INTERACTIVE);
ssh_message_reply_default(message);
}
break;
case SSH_AUTH_METHOD_NONE:
default:
printf("User %s wants to auth with unknown auth %d\n",
ssh_message_auth_user(message),
ssh_message_subtype(message));
ssh_message_auth_set_methods(message,
SSH_AUTH_METHOD_PASSWORD |
SSH_AUTH_METHOD_INTERACTIVE);
ssh_message_reply_default(message);
break;
}
break;
default:
ssh_message_auth_set_methods(message,
SSH_AUTH_METHOD_PASSWORD |
SSH_AUTH_METHOD_INTERACTIVE);
ssh_message_reply_default(message);
}
ssh_message_free(message);
} while (1);
return 0;
}
/**
* @internal
*
* @brief This function parses the last end of a channel request packet.
*
* This is normally converted to a SSH message and placed in the queue.
*
* @param[in] session The SSH session.
*
* @param[in] channel The channel the request is made on.
*
* @param[in] packet The rest of the packet to be parsed.
*
* @param[in] request The type of request.
*
* @param[in] want_reply The want_reply field from the request.
*
* @returns SSH_OK on success, SSH_ERROR if an error occured.
*/
int ssh_message_handle_channel_request(ssh_session session, ssh_channel channel, ssh_buffer packet,
const char *request, uint8_t want_reply) {
ssh_message msg = NULL;
enter_function();
msg = ssh_message_new(session);
if (msg == NULL) {
ssh_set_error_oom(session);
goto error;
}
ssh_log(session, SSH_LOG_PACKET,
"Received a %s channel_request for channel (%d:%d) (want_reply=%hhd)",
request, channel->local_channel, channel->remote_channel, want_reply);
msg->type = SSH_REQUEST_CHANNEL;
msg->channel_request.channel = channel;
msg->channel_request.want_reply = want_reply;
if (strcmp(request, "pty-req") == 0) {
ssh_string term = NULL;
char *term_c = NULL;
term = buffer_get_ssh_string(packet);
if (term == NULL) {
ssh_set_error_oom(session);
goto error;
}
term_c = ssh_string_to_char(term);
if (term_c == NULL) {
ssh_set_error_oom(session);
ssh_string_free(term);
goto error;
}
ssh_string_free(term);
msg->channel_request.type = SSH_CHANNEL_REQUEST_PTY;
msg->channel_request.TERM = term_c;
buffer_get_u32(packet, &msg->channel_request.width);
buffer_get_u32(packet, &msg->channel_request.height);
buffer_get_u32(packet, &msg->channel_request.pxwidth);
buffer_get_u32(packet, &msg->channel_request.pxheight);
msg->channel_request.width = ntohl(msg->channel_request.width);
msg->channel_request.height = ntohl(msg->channel_request.height);
msg->channel_request.pxwidth = ntohl(msg->channel_request.pxwidth);
msg->channel_request.pxheight = ntohl(msg->channel_request.pxheight);
msg->channel_request.modes = buffer_get_ssh_string(packet);
if (msg->channel_request.modes == NULL) {
SAFE_FREE(term_c);
goto error;
}
goto end;
}
if (strcmp(request, "window-change") == 0) {
msg->channel_request.type = SSH_CHANNEL_REQUEST_WINDOW_CHANGE;
buffer_get_u32(packet, &msg->channel_request.width);
buffer_get_u32(packet, &msg->channel_request.height);
buffer_get_u32(packet, &msg->channel_request.pxwidth);
buffer_get_u32(packet, &msg->channel_request.pxheight);
msg->channel_request.width = ntohl(msg->channel_request.width);
msg->channel_request.height = ntohl(msg->channel_request.height);
msg->channel_request.pxwidth = ntohl(msg->channel_request.pxwidth);
msg->channel_request.pxheight = ntohl(msg->channel_request.pxheight);
goto end;
}
if (strcmp(request, "subsystem") == 0) {
ssh_string subsys = NULL;
char *subsys_c = NULL;
subsys = buffer_get_ssh_string(packet);
if (subsys == NULL) {
ssh_set_error_oom(session);
goto error;
}
subsys_c = ssh_string_to_char(subsys);
if (subsys_c == NULL) {
ssh_set_error_oom(session);
ssh_string_free(subsys);
goto error;
}
ssh_string_free(subsys);
msg->channel_request.type = SSH_CHANNEL_REQUEST_SUBSYSTEM;
msg->channel_request.subsystem = subsys_c;
goto end;
}
if (strcmp(request, "shell") == 0) {
msg->channel_request.type = SSH_CHANNEL_REQUEST_SHELL;
goto end;
}
if (strcmp(request, "exec") == 0) {
ssh_string cmd = NULL;
cmd = buffer_get_ssh_string(packet);
if (cmd == NULL) {
ssh_set_error_oom(session);
goto error;
}
msg->channel_request.type = SSH_CHANNEL_REQUEST_EXEC;
msg->channel_request.command = ssh_string_to_char(cmd);
ssh_string_free(cmd);
if (msg->channel_request.command == NULL) {
goto error;
}
goto end;
}
if (strcmp(request, "env") == 0) {
ssh_string name = NULL;
ssh_string value = NULL;
name = buffer_get_ssh_string(packet);
if (name == NULL) {
ssh_set_error_oom(session);
goto error;
}
value = buffer_get_ssh_string(packet);
if (value == NULL) {
ssh_set_error_oom(session);
ssh_string_free(name);
goto error;
}
msg->channel_request.type = SSH_CHANNEL_REQUEST_ENV;
msg->channel_request.var_name = ssh_string_to_char(name);
msg->channel_request.var_value = ssh_string_to_char(value);
if (msg->channel_request.var_name == NULL ||
msg->channel_request.var_value == NULL) {
ssh_string_free(name);
ssh_string_free(value);
goto error;
}
ssh_string_free(name);
ssh_string_free(value);
goto end;
}
if (strcmp(request, "x11-req") == 0) {
ssh_string auth_protocol = NULL;
ssh_string auth_cookie = NULL;
buffer_get_u8(packet, &msg->channel_request.x11_single_connection);
auth_protocol = buffer_get_ssh_string(packet);
if (auth_protocol == NULL) {
ssh_set_error_oom(session);
goto error;
}
auth_cookie = buffer_get_ssh_string(packet);
if (auth_cookie == NULL) {
ssh_set_error_oom(session);
ssh_string_free(auth_protocol);
goto error;
}
msg->channel_request.type = SSH_CHANNEL_REQUEST_X11;
msg->channel_request.x11_auth_protocol = ssh_string_to_char(auth_protocol);
msg->channel_request.x11_auth_cookie = ssh_string_to_char(auth_cookie);
if (msg->channel_request.x11_auth_protocol == NULL ||
msg->channel_request.x11_auth_cookie == NULL) {
ssh_string_free(auth_protocol);
ssh_string_free(auth_cookie);
goto error;
}
ssh_string_free(auth_protocol);
ssh_string_free(auth_cookie);
buffer_get_u32(packet, &msg->channel_request.x11_screen_number);
goto end;
}
msg->channel_request.type = SSH_CHANNEL_UNKNOWN;
end:
ssh_message_queue(session,msg);
leave_function();
return SSH_OK;
error:
ssh_message_free(msg);
leave_function();
return SSH_ERROR;
}
// Parse an SSH command message and do something
bool
SSHServer::processSSHMessage(ssh_message message)
{
if (!message) {
return false;
}
switch(ssh_message_type(message)){
case SSH_REQUEST_AUTH:
switch(ssh_message_subtype(message)) {
// not authenticated, send default message
case SSH_AUTH_METHOD_NONE:
break;
case SSH_AUTH_METHOD_PASSWORD:
{
log_debug(_("User %s wants to auth with pass %s\n"),
ssh_message_auth_user(message),
ssh_message_auth_password(message));
string user = ssh_message_auth_user(message);
string passwd = ssh_message_auth_password(message);
if (authPassword(user, passwd)){
// auth=1;
ssh_message_auth_reply_success(message,0);
break;
}
break;
}
case SSH_AUTH_METHOD_HOSTBASED:
break;
case SSH_AUTH_METHOD_PUBLICKEY:
break;
case SSH_AUTH_METHOD_INTERACTIVE:
break;
case SSH_AUTH_METHOD_UNKNOWN:
break;
default:
ssh_message_auth_set_methods(message,SSH_AUTH_METHOD_PASSWORD);
ssh_message_reply_default(message);
break;
}
case SSH_REQUEST_CHANNEL_OPEN:
if(ssh_message_subtype(message)==SSH_CHANNEL_SESSION){
_channel = ssh_message_channel_request_open_reply_accept(message);
break;
}
break;
// case SSH_CHANNEL_REQUEST_EXEC:
// break;
case SSH_CHANNEL_REQUEST_ENV:
break;
case SSH_CHANNEL_REQUEST_SUBSYSTEM:
break;
case SSH_CHANNEL_REQUEST_WINDOW_CHANGE:
break;
case SSH_CHANNEL_REQUEST_UNKNOWN:
break;
default:
ssh_message_reply_default(message);
}
ssh_message_free(message);
return false;
}
/**
* @brief Disconnect from a session (client or server).
* The session can then be reused to open a new session.
*
* @param[in] session The SSH session to use.
*/
void ssh_disconnect(ssh_session session) {
ssh_string str = NULL;
int i;
if (session == NULL) {
return;
}
enter_function();
if (ssh_socket_is_open(session->socket)) {
if (buffer_add_u8(session->out_buffer, SSH2_MSG_DISCONNECT) < 0) {
goto error;
}
if (buffer_add_u32(session->out_buffer,
htonl(SSH2_DISCONNECT_BY_APPLICATION)) < 0) {
goto error;
}
str = ssh_string_from_char("Bye Bye");
if (str == NULL) {
goto error;
}
if (buffer_add_ssh_string(session->out_buffer,str) < 0) {
ssh_string_free(str);
goto error;
}
ssh_string_free(str);
packet_send(session);
ssh_socket_close(session->socket);
}
error:
session->alive = 0;
if(session->socket){
ssh_socket_reset(session->socket);
}
session->fd = SSH_INVALID_SOCKET;
session->session_state=SSH_SESSION_STATE_DISCONNECTED;
while (session->channels) {
ssh_channel_free(session->channels);
}
if(session->current_crypto){
crypto_free(session->current_crypto);
session->current_crypto=NULL;
}
if(session->in_buffer)
buffer_reinit(session->in_buffer);
if(session->out_buffer)
buffer_reinit(session->out_buffer);
if(session->in_hashbuf)
buffer_reinit(session->in_hashbuf);
if(session->out_hashbuf)
buffer_reinit(session->out_hashbuf);
session->auth_methods = 0;
SAFE_FREE(session->serverbanner);
SAFE_FREE(session->clientbanner);
if (session->client_kex.methods) {
for (i = 0; i < 10; i++) {
SAFE_FREE(session->client_kex.methods[i]);
}
}
if (session->server_kex.methods) {
for (i = 0; i < 10; i++) {
SAFE_FREE(session->server_kex.methods[i]);
}
}
SAFE_FREE(session->client_kex.methods);
SAFE_FREE(session->server_kex.methods);
if(session->ssh_message_list){
ssh_message msg;
while((msg=ssh_list_pop_head(ssh_message ,session->ssh_message_list))
!= NULL){
ssh_message_free(msg);
}
ssh_list_free(session->ssh_message_list);
session->ssh_message_list=NULL;
}
if (session->packet_callbacks){
ssh_list_free(session->packet_callbacks);
session->packet_callbacks=NULL;
}
leave_function();
}
/**
* @brief Disconnect from a session (client or server).
* The session can then be reused to open a new session.
*
* @param[in] session The SSH session to use.
*/
void ssh_disconnect(ssh_session session) {
struct ssh_iterator *it;
int rc;
if (session == NULL) {
return;
}
if (session->socket != NULL && ssh_socket_is_open(session->socket)) {
rc = ssh_buffer_pack(session->out_buffer,
"bdss",
SSH2_MSG_DISCONNECT,
SSH2_DISCONNECT_BY_APPLICATION,
"Bye Bye",
""); /* language tag */
if (rc != SSH_OK){
ssh_set_error_oom(session);
goto error;
}
ssh_packet_send(session);
ssh_socket_close(session->socket);
}
error:
session->recv_seq = 0;
session->send_seq = 0;
session->alive = 0;
if (session->socket != NULL){
ssh_socket_reset(session->socket);
}
session->opts.fd = SSH_INVALID_SOCKET;
session->session_state=SSH_SESSION_STATE_DISCONNECTED;
while ((it=ssh_list_get_iterator(session->channels)) != NULL) {
ssh_channel_do_free(ssh_iterator_value(ssh_channel,it));
ssh_list_remove(session->channels, it);
}
if(session->current_crypto){
crypto_free(session->current_crypto);
session->current_crypto=NULL;
}
if (session->next_crypto) {
crypto_free(session->next_crypto);
session->next_crypto = crypto_new();
if (session->next_crypto == NULL) {
ssh_set_error_oom(session);
}
}
if (session->in_buffer) {
ssh_buffer_reinit(session->in_buffer);
}
if (session->out_buffer) {
ssh_buffer_reinit(session->out_buffer);
}
if (session->in_hashbuf) {
ssh_buffer_reinit(session->in_hashbuf);
}
if (session->out_hashbuf) {
ssh_buffer_reinit(session->out_hashbuf);
}
session->auth.supported_methods = 0;
SAFE_FREE(session->serverbanner);
SAFE_FREE(session->clientbanner);
if(session->ssh_message_list){
ssh_message msg;
while((msg=ssh_list_pop_head(ssh_message ,session->ssh_message_list))
!= NULL){
ssh_message_free(msg);
}
ssh_list_free(session->ssh_message_list);
session->ssh_message_list=NULL;
}
if (session->packet_callbacks){
ssh_list_free(session->packet_callbacks);
session->packet_callbacks=NULL;
}
}