Code cleaning and added error handling

author: Julien Dessaux 2018-07-31 08:52:51 +0200
committer: Julien Dessaux 2018-07-31 08:52:51 +0200
commit: 5975503d881f5dab86e85a4b680b9e96673256eb (patch)
tree: a08578a636ed2a8d4a77da3240fbed1daaf06bcb
parent: Made a working ssh proxy server (diff)
download: bastion-5975503d881f5dab86e85a4b680b9e96673256eb.tar.gz
bastion-5975503d881f5dab86e85a4b680b9e96673256eb.tar.bz2
bastion-5975503d881f5dab86e85a4b680b9e96673256eb.zip
5 files changed, 56 insertions, 48 deletions
diff --git a/GNUmakefile b/GNUmakefile
index 3bbefd6..38004ed 100644
--- a/GNUmakefile
+++ b/GNUmakefile
@@ -1,6 +1,6 @@
 CC=clang
 DEBUG=-g
-CFLAGS= ${DEBUG} -Wall -Werror -Wextra -Weverything -Wno-missing-prototypes -Wno-disabled-macro-expansion
+CFLAGS= ${DEBUG} -Wall -Werror -Wextra -Weverything -Wno-disabled-macro-expansion
 
 sources=$(wildcard src/*.c)
 OBJ=$(sources:.c=.o)
diff --git a/config.h b/config.h
new file mode 100644
index 0000000..a1555f7
--- /dev/null
+++ b/config.h
@@ -0,0 +1,14 @@
+#ifndef CONFIG_H_
+#define CONFIG_H_
+
+#define LISTEN_PORT 2222
+#define MAX_HOSTNAME_LENGTH 48
+#define USER_RSA_PUBKEY "AAAAB3NzaC1yc2EAAAADAQABAAACAQDMdBAFjENiPMTtq90GT3+NZ68nfGxQiRExaYYnLzm1ecmulCvsuA4AOpeLY6f+FWe+ludiw7nhrXzssDdsKBy0QL+XQyvjjjW4X+k9MYhP1gAWXEOGJnjJ/1ovEsMt++6fLyNKLUTA46kErbEehDs22r+rIiEKatrn0BNrJcRI94H44oEL1/ImzVam0cSBL0tPiaJxe60sBs7M76zfyFtVdMGkeuBpS7ee+FLA58fsS3/sEZmkas8MT0QdvZz1y/66MknXYbIaqDSOUACXGF4yVKpogLRRJ1SgNo1Ujo/U3VOR1O4CiQczsZOcbSdjgl0x3fJb7BaIxrZy9iW2I7G/L/chfTvRws+x1s1y5FNZOOiXMCdZjhgLaRwb6p5gMsMVn9sJbhDjmejcAkBKQDkzbvxxhfVkH225FoVXA9YF0msWLyOEyZQYbA8autLDJsAOT5RDfw/G82DQBufAPEBR/bPby0Hl5kjqW75bpSVxDvzmKwt3EpITg9iuYEhvYZ/Zq5qC1UJ54ZfOvaf0PsTUzFePty6ve/JzfxCV1XgFQ+B8l4NSz11loDfNXSUngf7lL4qu5X4aN6WmLFO1YbyFlfpvt3K1CekJmWVeE5mV9EFTUJ4ParVWRGiA4W+zaCOsHgRkcGkp4eYGyWW8gOR/lVxYU2IFl9mbMrC9bkdRbQ=="
+#define PRIVKEY_PATH "./id_rsa"
+#define USER_TO_LOGIN_AS "root"
+
+#define DSAKEY_PATH "./ssh_host_dsa_key"
+#define RSAKEY_PATH "./ssh_host_rsa_key"
+#define ECDSAKEY_PATH "./ssh_host_ecdsa_key"
+
+#endif
diff --git a/src/main.c b/src/main.c
index 0c6b6cb..c3d7108 100644
--- a/src/main.c
+++ b/src/main.c
@@ -17,7 +17,7 @@ static void sigchld_handler(int signo) {
 static ssh_bind sshbind;
 static ssh_session session;
 
-__attribute__((noreturn)) void sigint_handler(int signo)
+__attribute__((noreturn)) static void sigint_handler(int signo)
 {
     (void) signo;
     ssh_free(session);
@@ -56,8 +56,8 @@ int main()
         fprintf(stderr, "Error initializing ssh_bind\n");
         exit(-1);
     }
-    int port = 2222;
-    ssh_bind_options_set(sshbind, SSH_BIND_OPTIONS_BINDPORT, &port);
+    int listen_port = LISTEN_PORT;
+    ssh_bind_options_set(sshbind, SSH_BIND_OPTIONS_BINDPORT, &listen_port);
     ssh_bind_options_set(sshbind, SSH_BIND_OPTIONS_DSAKEY, DSAKEY_PATH);
     ssh_bind_options_set(sshbind, SSH_BIND_OPTIONS_RSAKEY, RSAKEY_PATH);
     ssh_bind_options_set(sshbind, SSH_BIND_OPTIONS_ECDSAKEY, ECDSAKEY_PATH);
diff --git a/src/proxy.c b/src/proxy.c
index 7d3290e..bfeeed8 100644
--- a/src/proxy.c
+++ b/src/proxy.c
@@ -30,14 +30,15 @@ static int proxy_pty_request(ssh_session session, ssh_channel channel,
     (void) py;
     (void) px;
 
-    printf("pty request\n");
-    int rc = ssh_channel_request_pty_size(pdata->client_channel, term, cols, rows);
-    if (rc == SSH_OK) {
-        printf("pty request successfull\n");
+    if (ssh_channel_is_open(pdata->client_channel)) {
+        if (ssh_channel_request_pty_size(pdata->client_channel, term, cols, rows) == SSH_OK)
+            return SSH_OK;
+        else
+            fprintf(stderr, "pty request failed\n");
     } else {
-        printf("pty request failed\n");
+        fprintf(stderr, "pty request while client_channel not opened\n");
     }
-    return rc;
+    return SSH_ERROR;
 }
 
 // callback function for SSH channel PTY resize from a client
@@ -50,18 +51,15 @@ static int proxy_pty_resize(ssh_session session, ssh_channel channel, int cols,
     (void) py;
     (void) px;
 
-    if (pdata->client_channel == NULL || ssh_channel_is_open(pdata->client_channel) == 0) {
-        fprintf(stderr, "proxy pty oups!!!!!\n");
-        return SSH_ERROR;
-    }
-    printf("pty resize\n");
-    int rc = ssh_channel_change_pty_size(pdata->client_channel, cols, rows);
-    if (rc == SSH_OK) {
-        printf("pty resize successfull\n");
+    if (ssh_channel_is_open(pdata->client_channel)) {
+        if (ssh_channel_change_pty_size(pdata->client_channel, cols, rows) == SSH_OK)
+            return SSH_OK;
+        else
+            fprintf(stderr, "pty resize failed\n");
     } else {
-        printf("pty resize failed\n");
+        fprintf(stderr, "pty resize while client_channel not opened\n");
     }
-    return rc;
+    return SSH_ERROR;
 }
 
 static int proxy_exec_request(ssh_session session, ssh_channel channel,
@@ -71,14 +69,15 @@ static int proxy_exec_request(ssh_session session, ssh_channel channel,
     (void) session;
     (void) channel;
 
-    printf("exec request : %s\n", command); // TODO
-    int rc = ssh_channel_request_exec(pdata->client_channel, command);
-    if (rc == SSH_OK) {
-        printf("exec request successfull\n");
+    if (ssh_channel_is_open(pdata->client_channel)) {
+        if (ssh_channel_request_exec(pdata->client_channel, command) == SSH_OK)
+            return SSH_OK;
+        else
+            printf("exec request failed\n");
     } else {
-        printf("exec request failed\n");
+        fprintf(stderr, "exec request while client_channel not opened\n");
     }
-    return rc;
+    return SSH_ERROR;
 }
 
 static int proxy_shell_request(ssh_session session, ssh_channel channel,
@@ -88,44 +87,44 @@ static int proxy_shell_request(ssh_session session, ssh_channel channel,
     (void) session;
     (void) channel;
 
-    printf("shell request\n");
-    int rc = ssh_channel_request_shell(pdata->client_channel);
-    if (rc == SSH_OK) {
-        printf("shell request successfull\n");
+    if (ssh_channel_is_open(pdata->client_channel)) {
+        if (ssh_channel_request_shell(pdata->client_channel) == SSH_OK)
+            return SSH_OK;
+        else
+            fprintf(stderr, "shell request failed\n");
     } else {
-        printf("shell request failed\n");
+        fprintf(stderr, "shell request while client channel not opened\n");
     }
-    return rc;
+    return SSH_ERROR;
 }
 
 static int proxy_subsystem_request(ssh_session session, ssh_channel channel,
                              const char *subsystem, void *userdata) {
-    ///* subsystem requests behave simillarly to exec requests. */
-    //if (strcmp(subsystem, "sftp") == 0) {
-    //    printf("sftp request\n"); // TODO
-    //    return exec_request(session, channel, SFTP_SERVER_PATH, userdata);
-    //}
     (void) session;
     (void) channel;
     (void) subsystem;
     (void) userdata;
     return SSH_ERROR; // TODO
+    //if (ssh_channel_is_open(pdata->client_channel)) {
+    //}
 }
 
 static void proxy_channel_eof_callback (ssh_session session, ssh_channel channel, void *userdata)
 {
+    struct proxy_channel_data_struct *pdata = (struct proxy_channel_data_struct *) userdata;
     (void) session;
     (void) channel;
-    (void) userdata;
-    printf("proxy eof callback\n");
+    if (ssh_channel_is_open(pdata->client_channel))
+        ssh_channel_send_eof(pdata->client_channel);
 }
 
 static void proxy_channel_close_callback (ssh_session session, ssh_channel channel, void *userdata)
 {
+    struct proxy_channel_data_struct *pdata = (struct proxy_channel_data_struct *) userdata;
     (void) session;
     (void) channel;
-    (void) userdata;
-    printf("proxy close callback\n");
+    if (ssh_channel_is_open(pdata->client_channel))
+        ssh_channel_close(pdata->client_channel);
 }
 
 static void proxy_channel_exit_status_callback (ssh_session session, ssh_channel channel, int exit_status, void *userdata)
@@ -170,12 +169,7 @@ void handle_proxy_session(ssh_event event, ssh_session session, ssh_channel my_c
         .client_channel = NULL,
     };
 
-    //ssh_event_remove_session(event, session);
     cdata = client_dial(event, &pdata, hostname);
-    //for (int n = 0; n < 10; n++) {
-    //    ssh_event_dopoll(event, 100);
-    //}
-    //ssh_event_add_session(event, session);
 
     if (cdata == NULL) {
         return;
diff --git a/src/session.c b/src/session.c
index 90e2855..22d10de 100644
--- a/src/session.c
+++ b/src/session.c
@@ -12,7 +12,7 @@
 #include "proxy.h"
 #include "session.h"
 
-int auth_pubkey(ssh_session session, const char *user,
+static int auth_pubkey(ssh_session session, const char *user,
                        struct ssh_key_struct *pubkey,
                        char signature_state, void *userdata) {
     struct session_data_struct *sdata = (struct session_data_struct *) userdata;
@@ -51,7 +51,7 @@ int auth_pubkey(ssh_session session, const char *user,
     }
 }
 
-ssh_channel channel_open(ssh_session session, void *userdata) {
+static ssh_channel channel_open(ssh_session session, void *userdata) {
     struct session_data_struct *sdata = (struct session_data_struct *) userdata;
 
     if (sdata->channel == NULL) {
author	Julien Dessaux	2018-07-31 08:52:51 +0200
committer	Julien Dessaux	2018-07-31 08:52:51 +0200
commit	5975503d881f5dab86e85a4b680b9e96673256eb (patch)
tree	a08578a636ed2a8d4a77da3240fbed1daaf06bcb
parent	Made a working ssh proxy server (diff)
download	bastion-5975503d881f5dab86e85a4b680b9e96673256eb.tar.gz bastion-5975503d881f5dab86e85a4b680b9e96673256eb.tar.bz2 bastion-5975503d881f5dab86e85a4b680b9e96673256eb.zip