LIBSSH2_SESSION *start_session_fixture() { int rc; setup_fixture_workdir(); rc = start_openssh_fixture(); if(rc != 0) { return NULL; } rc = libssh2_init(0); if(rc != 0) { fprintf(stderr, "libssh2_init failed (%d)\n", rc); return NULL; } connected_session = libssh2_session_init_ex(NULL, NULL, NULL, NULL); libssh2_session_set_blocking(connected_session, 1); if(connected_session == NULL) { fprintf(stderr, "libssh2_session_init_ex failed\n"); return NULL; } rc = connect_to_server(); if(rc != 0) { return NULL; } return connected_session; }
static LIBSSH2_SESSION* __guac_ssh_create_session(guac_client* client, int* socket_fd) { int retval; int fd; struct addrinfo* addresses; struct addrinfo* current_address; char connected_address[1024]; char connected_port[64]; ssh_guac_client_data* client_data = (ssh_guac_client_data*) client->data; struct addrinfo hints = { .ai_family = AF_UNSPEC, .ai_socktype = SOCK_STREAM, .ai_protocol = IPPROTO_TCP }; /* Get socket */ fd = socket(AF_INET, SOCK_STREAM, 0); /* Get addresses connection */ if ((retval = getaddrinfo(client_data->hostname, client_data->port, &hints, &addresses))) { guac_client_abort(client, GUAC_PROTOCOL_STATUS_SERVER_ERROR, "Error parsing given address or port: %s", gai_strerror(retval)); return NULL; } /* Attempt connection to each address until success */ current_address = addresses; while (current_address != NULL) { int retval; /* Resolve hostname */ if ((retval = getnameinfo(current_address->ai_addr, current_address->ai_addrlen, connected_address, sizeof(connected_address), connected_port, sizeof(connected_port), NI_NUMERICHOST | NI_NUMERICSERV))) guac_client_log_info(client, "Unable to resolve host: %s", gai_strerror(retval)); /* Connect */ if (connect(fd, current_address->ai_addr, current_address->ai_addrlen) == 0) { guac_client_log_info(client, "Successfully connected to " "host %s, port %s", connected_address, connected_port); /* Done if successful connect */ break; } /* Otherwise log information regarding bind failure */ else guac_client_log_info(client, "Unable to connect to " "host %s, port %s: %s", connected_address, connected_port, strerror(errno)); current_address = current_address->ai_next; } /* If unable to connect to anything, fail */ if (current_address == NULL) { guac_client_abort(client, GUAC_PROTOCOL_STATUS_UPSTREAM_ERROR, "Unable to connect to any addresses."); return NULL; } /* Free addrinfo */ freeaddrinfo(addresses); /* Open SSH session */ LIBSSH2_SESSION* session = libssh2_session_init_ex(NULL, NULL, NULL, client); if (session == NULL) { guac_client_abort(client, GUAC_PROTOCOL_STATUS_SERVER_ERROR, "Session allocation failed."); return NULL; } /* Perform handshake */ if (libssh2_session_handshake(session, fd)) { guac_client_abort(client, GUAC_PROTOCOL_STATUS_UPSTREAM_ERROR, "SSH handshake failed."); return NULL; } /* Save file descriptor */ if (socket_fd != NULL) *socket_fd = fd; /* Authenticate with key if available */ if (client_data->key != NULL) { if (!libssh2_userauth_publickey(session, client_data->username, (unsigned char*) client_data->key->public_key, client_data->key->public_key_length, __sign_callback, (void**) client_data->key)) return session; else { char* error_message; libssh2_session_last_error(session, &error_message, NULL, 0); guac_client_abort(client, GUAC_PROTOCOL_STATUS_CLIENT_UNAUTHORIZED, "Public key authentication failed: %s", error_message); return NULL; } } /* Authenticate with password */ if (!libssh2_userauth_password(session, client_data->username, client_data->password)) return session; else { char* error_message; libssh2_session_last_error(session, &error_message, NULL, 0); guac_client_abort(client, GUAC_PROTOCOL_STATUS_CLIENT_UNAUTHORIZED, "Password authentication failed: %s", error_message); return NULL; } }
/* {{{ php_ssh2_session_connect * Connect to an SSH server with requested methods */ LIBSSH2_SESSION *php_ssh2_session_connect(char *host, int port, zval *methods, zval *callbacks) { LIBSSH2_SESSION *session; int socket; php_ssh2_session_data *data; struct timeval tv; zend_string *hash_lookup_zstring; tv.tv_sec = FG(default_socket_timeout); tv.tv_usec = 0; socket = php_network_connect_socket_to_host(host, port, SOCK_STREAM, 0, &tv, NULL, NULL, NULL, 0, STREAM_SOCKOP_NONE); if (socket <= 0) { php_error_docref(NULL, E_WARNING, "Unable to connect to %s on port %d", host, port); return NULL; } data = ecalloc(1, sizeof(php_ssh2_session_data)); data->socket = socket; session = libssh2_session_init_ex(php_ssh2_alloc_cb, php_ssh2_free_cb, php_ssh2_realloc_cb, data); if (!session) { php_error_docref(NULL, E_WARNING, "Unable to initialize SSH2 session"); efree(data); closesocket(socket); return NULL; } libssh2_banner_set(session, LIBSSH2_SSH_DEFAULT_BANNER " PHP"); /* Override method preferences */ if (methods) { zval *container; if (php_ssh2_set_method(session, HASH_OF(methods), "kex", sizeof("kex") - 1, LIBSSH2_METHOD_KEX)) { php_error_docref(NULL, E_WARNING, "Failed overriding KEX method"); } if (php_ssh2_set_method(session, HASH_OF(methods), "hostkey", sizeof("hostkey") - 1, LIBSSH2_METHOD_HOSTKEY)) { php_error_docref(NULL, E_WARNING, "Failed overriding HOSTKEY method"); } hash_lookup_zstring = zend_string_init("client_to_server", sizeof("client_to_server") - 1, 0); if ((container = zend_hash_find(HASH_OF(methods), hash_lookup_zstring)) != NULL && Z_TYPE_P(container) == IS_ARRAY) { if (php_ssh2_set_method(session, HASH_OF(container), "crypt", sizeof("crypt") - 1, LIBSSH2_METHOD_CRYPT_CS)) { php_error_docref(NULL, E_WARNING, "Failed overriding client to server CRYPT method"); } if (php_ssh2_set_method(session, HASH_OF(container), "mac", sizeof("mac") - 1, LIBSSH2_METHOD_MAC_CS)) { php_error_docref(NULL, E_WARNING, "Failed overriding client to server MAC method"); } if (php_ssh2_set_method(session, HASH_OF(container), "comp", sizeof("comp") - 1, LIBSSH2_METHOD_COMP_CS)) { php_error_docref(NULL, E_WARNING, "Failed overriding client to server COMP method"); } if (php_ssh2_set_method(session, HASH_OF(container), "lang", sizeof("lang") - 1, LIBSSH2_METHOD_LANG_CS)) { php_error_docref(NULL, E_WARNING, "Failed overriding client to server LANG method"); } } zend_string_release(hash_lookup_zstring); hash_lookup_zstring = zend_string_init("server_to_client", sizeof("server_to_client") - 1, 0); if ((container = zend_hash_find(HASH_OF(methods), hash_lookup_zstring)) != NULL && Z_TYPE_P(container) == IS_ARRAY) { if (php_ssh2_set_method(session, HASH_OF(container), "crypt", sizeof("crypt") - 1, LIBSSH2_METHOD_CRYPT_SC)) { php_error_docref(NULL, E_WARNING, "Failed overriding server to client CRYPT method"); } if (php_ssh2_set_method(session, HASH_OF(container), "mac", sizeof("mac") - 1, LIBSSH2_METHOD_MAC_SC)) { php_error_docref(NULL, E_WARNING, "Failed overriding server to client MAC method"); } if (php_ssh2_set_method(session, HASH_OF(container), "comp", sizeof("comp") - 1, LIBSSH2_METHOD_COMP_SC)) { php_error_docref(NULL, E_WARNING, "Failed overriding server to client COMP method"); } if (php_ssh2_set_method(session, HASH_OF(container), "lang", sizeof("lang") - 1, LIBSSH2_METHOD_LANG_SC)) { php_error_docref(NULL, E_WARNING, "Failed overriding server to client LANG method"); } } zend_string_release(hash_lookup_zstring); } /* Register Callbacks */ if (callbacks) { /* ignore debug disconnect macerror */ if (php_ssh2_set_callback(session, HASH_OF(callbacks), "ignore", sizeof("ignore") - 1, LIBSSH2_CALLBACK_IGNORE, data)) { php_error_docref(NULL, E_WARNING, "Failed setting IGNORE callback"); } if (php_ssh2_set_callback(session, HASH_OF(callbacks), "debug", sizeof("debug") - 1, LIBSSH2_CALLBACK_DEBUG, data)) { php_error_docref(NULL, E_WARNING, "Failed setting DEBUG callback"); } if (php_ssh2_set_callback(session, HASH_OF(callbacks), "macerror", sizeof("macerror") - 1, LIBSSH2_CALLBACK_MACERROR, data)) { php_error_docref(NULL, E_WARNING, "Failed setting MACERROR callback"); } if (php_ssh2_set_callback(session, HASH_OF(callbacks), "disconnect", sizeof("disconnect") - 1, LIBSSH2_CALLBACK_DISCONNECT, data)) { php_error_docref(NULL, E_WARNING, "Failed setting DISCONNECT callback"); } } if (libssh2_session_startup(session, socket)) { int last_error = 0; char *error_msg = NULL; last_error = libssh2_session_last_error(session, &error_msg, NULL, 0); php_error_docref(NULL, E_WARNING, "Error starting up SSH connection(%d): %s", last_error, error_msg); closesocket(socket); libssh2_session_free(session); efree(data); return NULL; } return session; }
guac_common_ssh_session* guac_common_ssh_create_session(guac_client* client, const char* hostname, const char* port, guac_common_ssh_user* user) { int retval; int fd; struct addrinfo* addresses; struct addrinfo* current_address; char connected_address[1024]; char connected_port[64]; struct addrinfo hints = { .ai_family = AF_UNSPEC, .ai_socktype = SOCK_STREAM, .ai_protocol = IPPROTO_TCP }; /* Get socket */ fd = socket(AF_INET, SOCK_STREAM, 0); if (fd < 0) { guac_client_abort(client, GUAC_PROTOCOL_STATUS_SERVER_ERROR, "Unable to create socket: %s", strerror(errno)); return NULL; } /* Get addresses connection */ if ((retval = getaddrinfo(hostname, port, &hints, &addresses))) { guac_client_abort(client, GUAC_PROTOCOL_STATUS_SERVER_ERROR, "Error parsing given address or port: %s", gai_strerror(retval)); close(fd); return NULL; } /* Attempt connection to each address until success */ current_address = addresses; while (current_address != NULL) { /* Resolve hostname */ if ((retval = getnameinfo(current_address->ai_addr, current_address->ai_addrlen, connected_address, sizeof(connected_address), connected_port, sizeof(connected_port), NI_NUMERICHOST | NI_NUMERICSERV))) guac_client_log(client, GUAC_LOG_DEBUG, "Unable to resolve host: %s", gai_strerror(retval)); /* Connect */ if (connect(fd, current_address->ai_addr, current_address->ai_addrlen) == 0) { guac_client_log(client, GUAC_LOG_DEBUG, "Successfully connected to host %s, port %s", connected_address, connected_port); /* Done if successful connect */ break; } /* Otherwise log information regarding bind failure */ else guac_client_log(client, GUAC_LOG_DEBUG, "Unable to connect to " "host %s, port %s: %s", connected_address, connected_port, strerror(errno)); current_address = current_address->ai_next; } /* If unable to connect to anything, fail */ if (current_address == NULL) { guac_client_abort(client, GUAC_PROTOCOL_STATUS_UPSTREAM_ERROR, "Unable to connect to any addresses."); close(fd); return NULL; } /* Free addrinfo */ freeaddrinfo(addresses); /* Allocate new session */ guac_common_ssh_session* common_session = malloc(sizeof(guac_common_ssh_session)); /* Open SSH session */ LIBSSH2_SESSION* session = libssh2_session_init_ex(NULL, NULL, NULL, common_session); if (session == NULL) { guac_client_abort(client, GUAC_PROTOCOL_STATUS_SERVER_ERROR, "Session allocation failed."); free(common_session); close(fd); return NULL; } /* Perform handshake */ if (libssh2_session_handshake(session, fd)) { guac_client_abort(client, GUAC_PROTOCOL_STATUS_UPSTREAM_ERROR, "SSH handshake failed."); free(common_session); close(fd); return NULL; } /* Store basic session data */ common_session->client = client; common_session->user = user; common_session->session = session; common_session->fd = fd; /* Attempt authentication */ if (guac_common_ssh_authenticate(common_session)) { free(common_session); close(fd); return NULL; } /* Return created session */ return common_session; }
/* * Curl_ssh_connect() gets called from Curl_protocol_connect() to allow us to * do protocol-specific actions at connect-time. */ CURLcode Curl_ssh_connect(struct connectdata *conn, bool *done) { int i; struct SSHPROTO *ssh; const char *fingerprint; const char *authlist; char *home; char rsa_pub[PATH_MAX]; char rsa[PATH_MAX]; char tempHome[PATH_MAX]; curl_socket_t sock; char *real_path; char *working_path; int working_path_len; bool authed = FALSE; CURLcode result; struct SessionHandle *data = conn->data; rsa_pub[0] = rsa[0] = '\0'; result = ssh_init(conn); if (result) return result; ssh = data->reqdata.proto.ssh; working_path = curl_easy_unescape(data, data->reqdata.path, 0, &working_path_len); if (!working_path) return CURLE_OUT_OF_MEMORY; #ifdef CURL_LIBSSH2_DEBUG if (ssh->user) { infof(data, "User: %s\n", ssh->user); } if (ssh->passwd) { infof(data, "Password: %s\n", ssh->passwd); } #endif /* CURL_LIBSSH2_DEBUG */ sock = conn->sock[FIRSTSOCKET]; ssh->ssh_session = libssh2_session_init_ex(libssh2_malloc, libssh2_free, libssh2_realloc, ssh); if (ssh->ssh_session == NULL) { failf(data, "Failure initialising ssh session\n"); Curl_safefree(ssh->path); return CURLE_FAILED_INIT; } #ifdef CURL_LIBSSH2_DEBUG infof(data, "SSH socket: %d\n", sock); #endif /* CURL_LIBSSH2_DEBUG */ if (libssh2_session_startup(ssh->ssh_session, sock)) { failf(data, "Failure establishing ssh session\n"); libssh2_session_free(ssh->ssh_session); ssh->ssh_session = NULL; Curl_safefree(ssh->path); return CURLE_FAILED_INIT; } /* * Before we authenticate we should check the hostkey's fingerprint against * our known hosts. How that is handled (reading from file, whatever) is * up to us. As for know not much is implemented, besides showing how to * get the fingerprint. */ fingerprint = libssh2_hostkey_hash(ssh->ssh_session, LIBSSH2_HOSTKEY_HASH_MD5); #ifdef CURL_LIBSSH2_DEBUG /* The fingerprint points to static storage (!), don't free() it. */ infof(data, "Fingerprint: "); for (i = 0; i < 16; i++) { infof(data, "%02X ", (unsigned char) fingerprint[i]); } infof(data, "\n"); #endif /* CURL_LIBSSH2_DEBUG */ /* TBD - methods to check the host keys need to be done */ /* * Figure out authentication methods * NB: As soon as we have provided a username to an openssh server we must * never change it later. Thus, always specify the correct username here, * even though the libssh2 docs kind of indicate that it should be possible * to get a 'generic' list (not user-specific) of authentication methods, * presumably with a blank username. That won't work in my experience. * So always specify it here. */ authlist = libssh2_userauth_list(ssh->ssh_session, ssh->user, strlen(ssh->user)); /* * Check the supported auth types in the order I feel is most secure with the * requested type of authentication */ if ((data->set.ssh_auth_types & CURLSSH_AUTH_PUBLICKEY) && (strstr(authlist, "publickey") != NULL)) { /* To ponder about: should really the lib be messing about with the HOME environment variable etc? */ home = curl_getenv("HOME"); if (data->set.ssh_public_key) snprintf(rsa_pub, sizeof(rsa_pub), "%s", data->set.ssh_public_key); else if (home) snprintf(rsa_pub, sizeof(rsa_pub), "%s/.ssh/id_dsa.pub", home); if (data->set.ssh_private_key) snprintf(rsa, sizeof(rsa), "%s", data->set.ssh_private_key); else if (home) snprintf(rsa, sizeof(rsa), "%s/.ssh/id_dsa", home); curl_free(home); if (rsa_pub[0]) { /* The function below checks if the files exists, no need to stat() here. */ if (libssh2_userauth_publickey_fromfile(ssh->ssh_session, ssh->user, rsa_pub, rsa, "") == 0) { authed = TRUE; } } } if (!authed && (data->set.ssh_auth_types & CURLSSH_AUTH_PASSWORD) && (strstr(authlist, "password") != NULL)) { if (!libssh2_userauth_password(ssh->ssh_session, ssh->user, ssh->passwd)) authed = TRUE; } if (!authed && (data->set.ssh_auth_types & CURLSSH_AUTH_HOST) && (strstr(authlist, "hostbased") != NULL)) { } if (!authed && (data->set.ssh_auth_types & CURLSSH_AUTH_KEYBOARD) && (strstr(authlist, "keyboard-interactive") != NULL)) { /* Authentication failed. Continue with keyboard-interactive now. */ if (libssh2_userauth_keyboard_interactive_ex(ssh->ssh_session, ssh->user, strlen(ssh->user), &kbd_callback) == 0) { authed = TRUE; } } if (!authed) { failf(data, "Authentication failure\n"); libssh2_session_free(ssh->ssh_session); ssh->ssh_session = NULL; Curl_safefree(ssh->path); return CURLE_FAILED_INIT; } /* * At this point we have an authenticated ssh session. */ conn->sockfd = sock; conn->writesockfd = CURL_SOCKET_BAD; if (conn->protocol == PROT_SFTP) { /* * Start the libssh2 sftp session */ ssh->sftp_session = libssh2_sftp_init(ssh->ssh_session); if (ssh->sftp_session == NULL) { failf(data, "Failure initialising sftp session\n"); libssh2_sftp_shutdown(ssh->sftp_session); ssh->sftp_session = NULL; libssh2_session_free(ssh->ssh_session); ssh->ssh_session = NULL; return CURLE_FAILED_INIT; } /* * Get the "home" directory */ i = libssh2_sftp_realpath(ssh->sftp_session, ".", tempHome, PATH_MAX-1); if (i > 0) { /* It seems that this string is not always NULL terminated */ tempHome[i] = '\0'; ssh->homedir = (char *)strdup(tempHome); if (!ssh->homedir) { libssh2_sftp_shutdown(ssh->sftp_session); ssh->sftp_session = NULL; libssh2_session_free(ssh->ssh_session); ssh->ssh_session = NULL; return CURLE_OUT_OF_MEMORY; } } else { /* Return the error type */ i = libssh2_sftp_last_error(ssh->sftp_session); DEBUGF(infof(data, "error = %d\n", i)); } } /* Check for /~/ , indicating realative to the users home directory */ if (conn->protocol == PROT_SCP) { real_path = (char *)malloc(working_path_len+1); if (real_path == NULL) { Curl_safefree(working_path); libssh2_session_free(ssh->ssh_session); ssh->ssh_session = NULL; return CURLE_OUT_OF_MEMORY; } if (working_path[1] == '~') /* It is referenced to the home directory, so strip the leading '/' */ memcpy(real_path, working_path+1, 1 + working_path_len-1); else memcpy(real_path, working_path, 1 + working_path_len); } else if (conn->protocol == PROT_SFTP) { if (working_path[1] == '~') { real_path = (char *)malloc(strlen(ssh->homedir) + working_path_len + 1); if (real_path == NULL) { libssh2_sftp_shutdown(ssh->sftp_session); ssh->sftp_session = NULL; libssh2_session_free(ssh->ssh_session); ssh->ssh_session = NULL; Curl_safefree(working_path); return CURLE_OUT_OF_MEMORY; } /* It is referenced to the home directory, so strip the leading '/' */ memcpy(real_path, ssh->homedir, strlen(ssh->homedir)); real_path[strlen(ssh->homedir)] = '/'; real_path[strlen(ssh->homedir)+1] = '\0'; if (working_path_len > 3) { memcpy(real_path+strlen(ssh->homedir)+1, working_path + 3, 1 + working_path_len -3); } } else { real_path = (char *)malloc(working_path_len+1); if (real_path == NULL) { libssh2_session_free(ssh->ssh_session); ssh->ssh_session = NULL; Curl_safefree(working_path); return CURLE_OUT_OF_MEMORY; } memcpy(real_path, working_path, 1+working_path_len); } } else return CURLE_FAILED_INIT; Curl_safefree(working_path); ssh->path = real_path; *done = TRUE; return CURLE_OK; }
static int ssh_new_connection(obfsproxyssh_client_session_t *session, struct sockaddr_in *addr, const char *args) { obfsproxyssh_t *state = session->client->state; char addr_buf[INET_ADDRSTRLEN]; char *cached_arg; uint32_t tmp; bstring tmp_addr; int rval; evutil_inet_ntop(AF_INET, &addr->sin_addr, addr_buf, INET_ADDRSTRLEN); tmp_addr = bformat("%s:%d", addr_buf, ntohs(addr->sin_port)); if (0 == state->unsafe_logging) { tmp = ntohl(addr->sin_addr.s_addr); tmp &= 0x000000ff; session->ssh_addr = bformat("xxx.xxx.xxx.%d:%d", tmp, ntohs(addr->sin_port)); } else { session->ssh_addr = bstrcpy(tmp_addr); } log_f(state, "SOCKS: %s SOCKS 4 CONNECT -> %s", bdata(session->socks_addr), bdata(session->ssh_addr)); cached_arg = client_arg_cache(session->client, tmp_addr, args); bdestroy(tmp_addr); rval = ssh_parse_args(session, cached_arg); if (rval) { log_f(state, "SOCKS: Error: %s Invalid arguments in CONNECT", bdata(session->socks_addr)); return -1; } /* Note: Yes, this needs defered callbacks */ session->ssh_ev = bufferevent_socket_new(state->base, -1, BEV_OPT_CLOSE_ON_FREE | BEV_OPT_DEFER_CALLBACKS); if (NULL == session->ssh_ev) { log_f(state, "SOCKS: Error: %s Failed to allocate ssh event", bdata(session->socks_addr)); return -1; } bufferevent_setcb(session->ssh_ev, NULL, NULL, ssh_event_cb, session); rval = bufferevent_socket_connect(session->ssh_ev, (struct sockaddr *) addr, sizeof (struct sockaddr_in)); if (rval < 0) { log_f(state, "SOCKS: Error: %s Failed to connect ssh socket", bdata(session->socks_addr)); return -1; } session->ssh_session = libssh2_session_init_ex(NULL, NULL, NULL, session); if (NULL == session->ssh_session) { log_f(state, "SOCKS: Error: %s Failed to initialize libssh2 session", bdata(session->socks_addr)); return -1; } libssh2_session_callback_set(session->ssh_session, LIBSSH2_CALLBACK_RECV, libssh2_recv_cb); libssh2_session_callback_set(session->ssh_session, LIBSSH2_CALLBACK_SEND, libssh2_send_cb); libssh2_session_set_blocking(session->ssh_session, 0); rval = ssh_client_profile_set(session); if (rval < 0) { log_f(state, "SOCKS: Error: Failed to enable fingerprint resistance", bdata(session->socks_addr)); return -1; } /* * This only works with debug builds of libssh2 and creates an * astronomical amount of log spam. */ #ifdef TRACE_LIBSSH2 if (1 == state->unsafe_logging) { libssh2_trace(session->ssh_session, LIBSSH2_TRACE_SOCKET | LIBSSH2_TRACE_TRANS | LIBSSH2_TRACE_KEX | LIBSSH2_TRACE_AUTH | LIBSSH2_TRACE_CONN | LIBSSH2_TRACE_ERROR); libssh2_trace_sethandler(session->ssh_session, state, libssh2_trace_cb); } #endif return 0; }