static ssh_bind prepare_ssh(const char *keys_dir, int port)
{
ssh_bind bind;
char buffer[PATH_MAX];
int verbosity = SSH_LOG_NOLOG;
ssh_set_log_callback(ssh_log_function);
bind = ssh_bind_new();
if (!bind)
tmate_fatal("Cannot initialize ssh");
ssh_bind_options_set(bind, SSH_BIND_OPTIONS_BINDPORT, &port);
ssh_bind_options_set(bind, SSH_BIND_OPTIONS_BANNER, TMATE_SSH_BANNER);
ssh_bind_options_set(bind, SSH_BIND_OPTIONS_LOG_VERBOSITY, &verbosity);
sprintf(buffer, "%s/ssh_host_rsa_key", keys_dir);
ssh_bind_options_set(bind, SSH_BIND_OPTIONS_RSAKEY, buffer);
sprintf(buffer, "%s/ssh_host_ecdsa_key", keys_dir);
ssh_bind_options_set(bind, SSH_BIND_OPTIONS_ECDSAKEY, buffer);
if (ssh_bind_listen(bind) < 0)
tmate_fatal("Error listening to socket: %s\n", ssh_get_error(bind));
tmate_notice("Accepting connections on %d", port);
return bind;
}
static void client_bootstrap(struct tmate_session *_session)
{
struct tmate_ssh_client *client = &_session->ssh_client;
int grace_period = TMATE_SSH_GRACE_PERIOD;
ssh_event mainloop;
ssh_session session = client->session;
tmate_notice("Bootstrapping ssh client ip=%s", client->ip_address);
_session->ev_base = osdep_event_init();
/* new process group, we don't want to die with our parent (upstart) */
setpgid(0, 0);
{
int flag = 1;
setsockopt(ssh_get_fd(session), IPPROTO_TCP, TCP_NODELAY,
&flag, sizeof(flag));
}
signal(SIGALRM, handle_sigalrm);
alarm(grace_period);
/*
* We should die early if we can't connect to proxy. This way the
* tmate daemon will pick another server to work on.
*/
_session->proxy_fd = -1;
if (tmate_has_proxy())
_session->proxy_fd = tmate_connect_to_proxy();
ssh_server_cb.userdata = client;
ssh_callbacks_init(&ssh_server_cb);
ssh_set_server_callbacks(client->session, &ssh_server_cb);
ssh_options_set(session, SSH_OPTIONS_TIMEOUT, &grace_period);
ssh_options_set(session, SSH_OPTIONS_COMPRESSION, "yes");
ssh_set_auth_methods(client->session, SSH_AUTH_METHOD_PUBLICKEY);
tmate_info("Exchanging DH keys");
if (ssh_handle_key_exchange(session) < 0)
tmate_fatal("Error doing the key exchange: %s",
ssh_get_error(session));
mainloop = ssh_event_new();
ssh_event_add_session(mainloop, session);
while (!client->role) {
if (ssh_event_dopoll(mainloop, -1) == SSH_ERROR)
tmate_fatal("Error polling ssh socket: %s", ssh_get_error(session));
}
alarm(0);
/* The latency is callback set later */
tmate_start_ssh_latency_probes(client, &ssh_server_cb, TMATE_SSH_KEEPALIVE * 1000);
register_on_ssh_read(client);
tmate_spawn(_session);
/* never reached */
}
