diff options
author | Julien Dessaux | 2018-07-31 08:52:51 +0200 |
---|---|---|
committer | Julien Dessaux | 2018-07-31 08:52:51 +0200 |
commit | 5975503d881f5dab86e85a4b680b9e96673256eb (patch) | |
tree | a08578a636ed2a8d4a77da3240fbed1daaf06bcb | |
parent | Made a working ssh proxy server (diff) | |
download | bastion-5975503d881f5dab86e85a4b680b9e96673256eb.tar.gz bastion-5975503d881f5dab86e85a4b680b9e96673256eb.tar.bz2 bastion-5975503d881f5dab86e85a4b680b9e96673256eb.zip |
Code cleaning and added error handling
Diffstat (limited to '')
-rw-r--r-- | GNUmakefile | 2 | ||||
-rw-r--r-- | config.h | 14 | ||||
-rw-r--r-- | src/main.c | 6 | ||||
-rw-r--r-- | src/proxy.c | 78 | ||||
-rw-r--r-- | src/session.c | 4 |
5 files changed, 56 insertions, 48 deletions
diff --git a/GNUmakefile b/GNUmakefile index 3bbefd6..38004ed 100644 --- a/GNUmakefile +++ b/GNUmakefile @@ -1,6 +1,6 @@ CC=clang DEBUG=-g -CFLAGS= ${DEBUG} -Wall -Werror -Wextra -Weverything -Wno-missing-prototypes -Wno-disabled-macro-expansion +CFLAGS= ${DEBUG} -Wall -Werror -Wextra -Weverything -Wno-disabled-macro-expansion sources=$(wildcard src/*.c) OBJ=$(sources:.c=.o) diff --git a/config.h b/config.h new file mode 100644 index 0000000..a1555f7 --- /dev/null +++ b/config.h @@ -0,0 +1,14 @@ +#ifndef CONFIG_H_ +#define CONFIG_H_ + +#define LISTEN_PORT 2222 +#define MAX_HOSTNAME_LENGTH 48 +#define USER_RSA_PUBKEY "AAAAB3NzaC1yc2EAAAADAQABAAACAQDMdBAFjENiPMTtq90GT3+NZ68nfGxQiRExaYYnLzm1ecmulCvsuA4AOpeLY6f+FWe+ludiw7nhrXzssDdsKBy0QL+XQyvjjjW4X+k9MYhP1gAWXEOGJnjJ/1ovEsMt++6fLyNKLUTA46kErbEehDs22r+rIiEKatrn0BNrJcRI94H44oEL1/ImzVam0cSBL0tPiaJxe60sBs7M76zfyFtVdMGkeuBpS7ee+FLA58fsS3/sEZmkas8MT0QdvZz1y/66MknXYbIaqDSOUACXGF4yVKpogLRRJ1SgNo1Ujo/U3VOR1O4CiQczsZOcbSdjgl0x3fJb7BaIxrZy9iW2I7G/L/chfTvRws+x1s1y5FNZOOiXMCdZjhgLaRwb6p5gMsMVn9sJbhDjmejcAkBKQDkzbvxxhfVkH225FoVXA9YF0msWLyOEyZQYbA8autLDJsAOT5RDfw/G82DQBufAPEBR/bPby0Hl5kjqW75bpSVxDvzmKwt3EpITg9iuYEhvYZ/Zq5qC1UJ54ZfOvaf0PsTUzFePty6ve/JzfxCV1XgFQ+B8l4NSz11loDfNXSUngf7lL4qu5X4aN6WmLFO1YbyFlfpvt3K1CekJmWVeE5mV9EFTUJ4ParVWRGiA4W+zaCOsHgRkcGkp4eYGyWW8gOR/lVxYU2IFl9mbMrC9bkdRbQ==" +#define PRIVKEY_PATH "./id_rsa" +#define USER_TO_LOGIN_AS "root" + +#define DSAKEY_PATH "./ssh_host_dsa_key" +#define RSAKEY_PATH "./ssh_host_rsa_key" +#define ECDSAKEY_PATH "./ssh_host_ecdsa_key" + +#endif @@ -17,7 +17,7 @@ static void sigchld_handler(int signo) { static ssh_bind sshbind; static ssh_session session; -__attribute__((noreturn)) void sigint_handler(int signo) +__attribute__((noreturn)) static void sigint_handler(int signo) { (void) signo; ssh_free(session); @@ -56,8 +56,8 @@ int main() fprintf(stderr, "Error initializing ssh_bind\n"); exit(-1); } - int port = 2222; - ssh_bind_options_set(sshbind, SSH_BIND_OPTIONS_BINDPORT, &port); + int listen_port = LISTEN_PORT; + ssh_bind_options_set(sshbind, SSH_BIND_OPTIONS_BINDPORT, &listen_port); ssh_bind_options_set(sshbind, SSH_BIND_OPTIONS_DSAKEY, DSAKEY_PATH); ssh_bind_options_set(sshbind, SSH_BIND_OPTIONS_RSAKEY, RSAKEY_PATH); ssh_bind_options_set(sshbind, SSH_BIND_OPTIONS_ECDSAKEY, ECDSAKEY_PATH); diff --git a/src/proxy.c b/src/proxy.c index 7d3290e..bfeeed8 100644 --- a/src/proxy.c +++ b/src/proxy.c @@ -30,14 +30,15 @@ static int proxy_pty_request(ssh_session session, ssh_channel channel, (void) py; (void) px; - printf("pty request\n"); - int rc = ssh_channel_request_pty_size(pdata->client_channel, term, cols, rows); - if (rc == SSH_OK) { - printf("pty request successfull\n"); + if (ssh_channel_is_open(pdata->client_channel)) { + if (ssh_channel_request_pty_size(pdata->client_channel, term, cols, rows) == SSH_OK) + return SSH_OK; + else + fprintf(stderr, "pty request failed\n"); } else { - printf("pty request failed\n"); + fprintf(stderr, "pty request while client_channel not opened\n"); } - return rc; + return SSH_ERROR; } // callback function for SSH channel PTY resize from a client @@ -50,18 +51,15 @@ static int proxy_pty_resize(ssh_session session, ssh_channel channel, int cols, (void) py; (void) px; - if (pdata->client_channel == NULL || ssh_channel_is_open(pdata->client_channel) == 0) { - fprintf(stderr, "proxy pty oups!!!!!\n"); - return SSH_ERROR; - } - printf("pty resize\n"); - int rc = ssh_channel_change_pty_size(pdata->client_channel, cols, rows); - if (rc == SSH_OK) { - printf("pty resize successfull\n"); + if (ssh_channel_is_open(pdata->client_channel)) { + if (ssh_channel_change_pty_size(pdata->client_channel, cols, rows) == SSH_OK) + return SSH_OK; + else + fprintf(stderr, "pty resize failed\n"); } else { - printf("pty resize failed\n"); + fprintf(stderr, "pty resize while client_channel not opened\n"); } - return rc; + return SSH_ERROR; } static int proxy_exec_request(ssh_session session, ssh_channel channel, @@ -71,14 +69,15 @@ static int proxy_exec_request(ssh_session session, ssh_channel channel, (void) session; (void) channel; - printf("exec request : %s\n", command); // TODO - int rc = ssh_channel_request_exec(pdata->client_channel, command); - if (rc == SSH_OK) { - printf("exec request successfull\n"); + if (ssh_channel_is_open(pdata->client_channel)) { + if (ssh_channel_request_exec(pdata->client_channel, command) == SSH_OK) + return SSH_OK; + else + printf("exec request failed\n"); } else { - printf("exec request failed\n"); + fprintf(stderr, "exec request while client_channel not opened\n"); } - return rc; + return SSH_ERROR; } static int proxy_shell_request(ssh_session session, ssh_channel channel, @@ -88,44 +87,44 @@ static int proxy_shell_request(ssh_session session, ssh_channel channel, (void) session; (void) channel; - printf("shell request\n"); - int rc = ssh_channel_request_shell(pdata->client_channel); - if (rc == SSH_OK) { - printf("shell request successfull\n"); + if (ssh_channel_is_open(pdata->client_channel)) { + if (ssh_channel_request_shell(pdata->client_channel) == SSH_OK) + return SSH_OK; + else + fprintf(stderr, "shell request failed\n"); } else { - printf("shell request failed\n"); + fprintf(stderr, "shell request while client channel not opened\n"); } - return rc; + return SSH_ERROR; } static int proxy_subsystem_request(ssh_session session, ssh_channel channel, const char *subsystem, void *userdata) { - ///* subsystem requests behave simillarly to exec requests. */ - //if (strcmp(subsystem, "sftp") == 0) { - // printf("sftp request\n"); // TODO - // return exec_request(session, channel, SFTP_SERVER_PATH, userdata); - //} (void) session; (void) channel; (void) subsystem; (void) userdata; return SSH_ERROR; // TODO + //if (ssh_channel_is_open(pdata->client_channel)) { + //} } static void proxy_channel_eof_callback (ssh_session session, ssh_channel channel, void *userdata) { + struct proxy_channel_data_struct *pdata = (struct proxy_channel_data_struct *) userdata; (void) session; (void) channel; - (void) userdata; - printf("proxy eof callback\n"); + if (ssh_channel_is_open(pdata->client_channel)) + ssh_channel_send_eof(pdata->client_channel); } static void proxy_channel_close_callback (ssh_session session, ssh_channel channel, void *userdata) { + struct proxy_channel_data_struct *pdata = (struct proxy_channel_data_struct *) userdata; (void) session; (void) channel; - (void) userdata; - printf("proxy close callback\n"); + if (ssh_channel_is_open(pdata->client_channel)) + ssh_channel_close(pdata->client_channel); } static void proxy_channel_exit_status_callback (ssh_session session, ssh_channel channel, int exit_status, void *userdata) @@ -170,12 +169,7 @@ void handle_proxy_session(ssh_event event, ssh_session session, ssh_channel my_c .client_channel = NULL, }; - //ssh_event_remove_session(event, session); cdata = client_dial(event, &pdata, hostname); - //for (int n = 0; n < 10; n++) { - // ssh_event_dopoll(event, 100); - //} - //ssh_event_add_session(event, session); if (cdata == NULL) { return; diff --git a/src/session.c b/src/session.c index 90e2855..22d10de 100644 --- a/src/session.c +++ b/src/session.c @@ -12,7 +12,7 @@ #include "proxy.h" #include "session.h" -int auth_pubkey(ssh_session session, const char *user, +static int auth_pubkey(ssh_session session, const char *user, struct ssh_key_struct *pubkey, char signature_state, void *userdata) { struct session_data_struct *sdata = (struct session_data_struct *) userdata; @@ -51,7 +51,7 @@ int auth_pubkey(ssh_session session, const char *user, } } -ssh_channel channel_open(ssh_session session, void *userdata) { +static ssh_channel channel_open(ssh_session session, void *userdata) { struct session_data_struct *sdata = (struct session_data_struct *) userdata; if (sdata->channel == NULL) { |