Cleaning and reordering.

author: Julien Dessaux 2019-03-27 14:09:12 +0100
committer: Julien Dessaux 2019-03-27 15:21:16 +0100
commit: 3b22502cbdfd0f1c2e58d6cb0a394a817a741f49 (patch)
tree: b0911a447edf96f990715160e71f94314ec0685b
parent: Added uthash as a git submodule (diff)
download: bastion-3b22502cbdfd0f1c2e58d6cb0a394a817a741f49.tar.gz
bastion-3b22502cbdfd0f1c2e58d6cb0a394a817a741f49.tar.bz2
bastion-3b22502cbdfd0f1c2e58d6cb0a394a817a741f49.zip
6 files changed, 38 insertions, 25 deletions
diff --git a/CMakeLists.txt b/CMakeLists.txt
index db4fc3c..34ead63 100644
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -14,16 +14,17 @@ if(NOT CMAKE_BUILD_TYPE AND NOT CMAKE_CONFIGURATION_TYPES)
 endif()
 
 set(CMAKE_C_FLAGS "-Wall -Werror -Wextra -pedantic")
-set(CMAKE_C_FLAGS_DEBUG "-O0 -g -ggdb -pg -fsanitize=address")
+set(CMAKE_C_FLAGS_DEBUG "-O0 -ggdb3 -pg -fsanitize=address")
 set(CMAKE_C_FLAGS_RELEASE "-O2")
 set(CMAKE_C_FLAGS_MinSizeRel "-Os")
-set(CMAKE_C_FLAGS_RELWITHDEBINFO "-O2 -g -ggdb -pg -fsanitize=address")
+set(CMAKE_C_FLAGS_RELWITHDEBINFO "-O2 -ggdb3 -pg")
 
 option(LIBSSH_VERBOSE_OUTPUT "whether or not verbose output for libssh mode is activated" OFF)
 option(SESSION_RECORDING "whether or not recording feature based on lib termrec is activated" ON)
 
 configure_file("common/config.h.in" "common/config.h")
 include_directories("${CMAKE_CURRENT_BINARY_DIR}")
+include_directories("${CMAKE_CURRENT_SOURCE_DIR}")
 
 add_subdirectory(bastion)
 add_subdirectory(common)
diff --git a/bastion/CMakeLists.txt b/bastion/CMakeLists.txt
index f07111b..298cfe7 100644
--- a/bastion/CMakeLists.txt
+++ b/bastion/CMakeLists.txt
@@ -1,5 +1,4 @@
-include_directories("${bastion_SOURCE_DIR}/external/termrec/libtty")
-include_directories("${bastion_SOURCE_DIR}/")
+include_directories("${PROJECT_SOURCE_DIR}/external/termrec/libtty")
 
 file(GLOB_RECURSE SOURCES *.c)
 
@@ -14,3 +13,4 @@ install(TARGETS bastion DESTINATION bin)
 
 configure_file("bastion.conf.example.in" "bastion.conf.example")
 install(FILES "${CMAKE_CURRENT_BINARY_DIR}/bastion.conf.example" DESTINATION etc/bastion)
+install(DIRECTORY DESTINATION var/log/bastion)
diff --git a/bastion/main.c b/bastion/main.c
index 886bfac..4f93652 100644
--- a/bastion/main.c
+++ b/bastion/main.c
@@ -7,6 +7,7 @@
 #include "common/config.h"
 #include "common/mysql.h"
 #include "session.h"
+#include "state.h"
 
 /* SIGCHLD handler for cleaning up dead children. */
 static void sigchld_handler(int signo) {
@@ -24,6 +25,8 @@ __attribute__((noreturn)) static void sigint_handler(int signo)
     ssh_disconnect(session);
     ssh_free(session);
     ssh_bind_free(sshbind);
+    state_clean();
+    config_clean();
     ssh_finalize();
     db_clean();
     exit(0);
@@ -47,22 +50,30 @@ int main()
     sa2.sa_flags = 0;
     if (sigaction(SIGINT, &sa2, NULL) != 0) {
         fprintf(stderr, "Failed to register SIGINT handler\n");
-        return 1;
+        return 2;
     }
 
-    // Initializing configuration context
-    if (config_load() != 0)
-        fprintf(stderr, "Failed to load configuration file %s, using built-in defaults.\n", CONFIG_PATH);
-
     // Initializing ssh context
-    ssh_init();
+    if (ssh_init() != 0) {
+        fprintf(stderr, "Failed to initialize libssh global cryptographic data structures.\n");
+        return 3;
+    };
+
+    // Initializing configuration context
+    if (config_load() != 0) {
+        fprintf(stderr, "Failed to load configuration file %s.\n", CONFIG_PATH);
+        config_clean();
+        ssh_finalize();
+        return 4;
+    }
 
     // Initializing ssh_bind
     sshbind = ssh_bind_new();
     if (sshbind == NULL) {
         fprintf(stderr, "Error initializing ssh_bind\n");
         config_clean();
-        return 3;
+        ssh_finalize();
+        return 5;
     }
     int listen_port = config_get_port();
     ssh_bind_options_set(sshbind, SSH_BIND_OPTIONS_BINDPORT, &listen_port);
@@ -73,9 +84,9 @@ int main()
     if (ssh_bind_listen(sshbind) < 0) {
         printf("Error listening to socket: %s\n", ssh_get_error(sshbind));
         ssh_bind_free(sshbind);
-        ssh_finalize();
         config_clean();
-        return 4;
+        ssh_finalize();
+        return 6;
     }
 
     while (1) {
@@ -100,9 +111,6 @@ int main()
                 ssh_bind_free(sshbind);
                 sshbind = NULL;
 
-                if (db_init() !=0)
-                    goto child_cleaning;
-
                 ssh_event event = ssh_event_new();
                 if (event != NULL) {
                     /* Blocks until the SSH session ends */
@@ -111,11 +119,11 @@ int main()
                 } else {
                     fprintf(stderr, "Could not create polling context\n");
                 }
-child_cleaning:
+
                 ssh_disconnect(session);
                 ssh_free(session);
-                ssh_finalize();
                 config_clean();
+                ssh_finalize();
 
                 return 0;
               case -1:
@@ -126,17 +134,17 @@ child_cleaning:
             ssh_disconnect(session);
             ssh_free(session);
             ssh_bind_free(sshbind);
-            ssh_finalize();
             config_clean();
-            return 5;
+            ssh_finalize();
+            return 7;
         }
         /* Since the session has been passed to a child fork, do some cleaning up at the parent process. */
         ssh_disconnect(session);
         ssh_free(session);
     }
     ssh_bind_free(sshbind);
-    ssh_finalize();
     config_clean();
+    ssh_finalize();
     db_clean();
     return 0;
 }
diff --git a/bastion/proxy.c b/bastion/proxy.c
index 7fbf816..f608d31 100644
--- a/bastion/proxy.c
+++ b/bastion/proxy.c
@@ -210,10 +210,10 @@ void handle_proxy_session(ssh_event event, ssh_session session, ssh_channel my_c
             break;
         }
     } while(ssh_channel_is_open(my_channel) && ssh_channel_is_open(pdata.client_channel));
-    if (ssh_channel_is_open(my_channel))
-        ssh_channel_close(my_channel);
     if (ssh_channel_is_open(cdata->my_channel))
         ssh_channel_close(cdata->my_channel);
+    if (ssh_channel_is_open(my_channel))
+        ssh_channel_close(my_channel);
 
     client_cleanup(cdata);
 }
diff --git a/bastion/session.c b/bastion/session.c
index 5e9f5b8..f86fe44 100644
--- a/bastion/session.c
+++ b/bastion/session.c
@@ -106,13 +106,16 @@ void handle_session(ssh_event event, ssh_session session) {
     handle_proxy_session(event, session, sdata.channel);
 
     if (ssh_channel_is_open(sdata.channel)) {
+        ssh_channel_send_eof(sdata.channel);
         ssh_channel_close(sdata.channel);
     }
 
     /* Wait up to 5 seconds for the client to terminate the session. */
     for (int n = 0; n < 50 && (ssh_get_status(session) & SESSION_END) == 0; n++) {
-        ssh_event_dopoll(event, 100);
+        if (ssh_event_dopoll(event, 100) == SSH_ERROR)
+            break;
     }
     state_clean();
+    ssh_channel_free(sdata.channel);
     ssh_event_remove_session(event, session);
 }
diff --git a/common/config.h.in b/common/config.h.in
index 189e725..a1fe21b 100644
--- a/common/config.h.in
+++ b/common/config.h.in
@@ -1,7 +1,8 @@
 #ifndef COMMON_CONFIG_H_
 #define COMMON_CONFIG_H_
 
-#define CONFIG_PATH "@CMAKE_INSTALL_PREFIX@/etc/bastion/bastion.conf"
+#define CONFIG_DIR "@CMAKE_INSTALL_PREFIX@/etc/bastion/"
+#define CONFIG_PATH CONFIG_DIR "bastion.conf"
 
 #define MAX_HOSTNAME_LENGTH 64
 #define MAX_USERNAME_LENGTH 64
author	Julien Dessaux	2019-03-27 14:09:12 +0100
committer	Julien Dessaux	2019-03-27 15:21:16 +0100
commit	3b22502cbdfd0f1c2e58d6cb0a394a817a741f49 (patch)
tree	b0911a447edf96f990715160e71f94314ec0685b
parent	Added uthash as a git submodule (diff)
download	bastion-3b22502cbdfd0f1c2e58d6cb0a394a817a741f49.tar.gz bastion-3b22502cbdfd0f1c2e58d6cb0a394a817a741f49.tar.bz2 bastion-3b22502cbdfd0f1c2e58d6cb0a394a817a741f49.zip