aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorJulien Dessaux2018-07-31 08:52:51 +0200
committerJulien Dessaux2018-07-31 08:52:51 +0200
commit5975503d881f5dab86e85a4b680b9e96673256eb (patch)
treea08578a636ed2a8d4a77da3240fbed1daaf06bcb
parentMade a working ssh proxy server (diff)
downloadbastion-5975503d881f5dab86e85a4b680b9e96673256eb.tar.gz
bastion-5975503d881f5dab86e85a4b680b9e96673256eb.tar.bz2
bastion-5975503d881f5dab86e85a4b680b9e96673256eb.zip
Code cleaning and added error handling
-rw-r--r--GNUmakefile2
-rw-r--r--config.h14
-rw-r--r--src/main.c6
-rw-r--r--src/proxy.c78
-rw-r--r--src/session.c4
5 files changed, 56 insertions, 48 deletions
diff --git a/GNUmakefile b/GNUmakefile
index 3bbefd6..38004ed 100644
--- a/GNUmakefile
+++ b/GNUmakefile
@@ -1,6 +1,6 @@
CC=clang
DEBUG=-g
-CFLAGS= ${DEBUG} -Wall -Werror -Wextra -Weverything -Wno-missing-prototypes -Wno-disabled-macro-expansion
+CFLAGS= ${DEBUG} -Wall -Werror -Wextra -Weverything -Wno-disabled-macro-expansion
sources=$(wildcard src/*.c)
OBJ=$(sources:.c=.o)
diff --git a/config.h b/config.h
new file mode 100644
index 0000000..a1555f7
--- /dev/null
+++ b/config.h
@@ -0,0 +1,14 @@
+#ifndef CONFIG_H_
+#define CONFIG_H_
+
+#define LISTEN_PORT 2222
+#define MAX_HOSTNAME_LENGTH 48
+#define USER_RSA_PUBKEY "AAAAB3NzaC1yc2EAAAADAQABAAACAQDMdBAFjENiPMTtq90GT3+NZ68nfGxQiRExaYYnLzm1ecmulCvsuA4AOpeLY6f+FWe+ludiw7nhrXzssDdsKBy0QL+XQyvjjjW4X+k9MYhP1gAWXEOGJnjJ/1ovEsMt++6fLyNKLUTA46kErbEehDs22r+rIiEKatrn0BNrJcRI94H44oEL1/ImzVam0cSBL0tPiaJxe60sBs7M76zfyFtVdMGkeuBpS7ee+FLA58fsS3/sEZmkas8MT0QdvZz1y/66MknXYbIaqDSOUACXGF4yVKpogLRRJ1SgNo1Ujo/U3VOR1O4CiQczsZOcbSdjgl0x3fJb7BaIxrZy9iW2I7G/L/chfTvRws+x1s1y5FNZOOiXMCdZjhgLaRwb6p5gMsMVn9sJbhDjmejcAkBKQDkzbvxxhfVkH225FoVXA9YF0msWLyOEyZQYbA8autLDJsAOT5RDfw/G82DQBufAPEBR/bPby0Hl5kjqW75bpSVxDvzmKwt3EpITg9iuYEhvYZ/Zq5qC1UJ54ZfOvaf0PsTUzFePty6ve/JzfxCV1XgFQ+B8l4NSz11loDfNXSUngf7lL4qu5X4aN6WmLFO1YbyFlfpvt3K1CekJmWVeE5mV9EFTUJ4ParVWRGiA4W+zaCOsHgRkcGkp4eYGyWW8gOR/lVxYU2IFl9mbMrC9bkdRbQ=="
+#define PRIVKEY_PATH "./id_rsa"
+#define USER_TO_LOGIN_AS "root"
+
+#define DSAKEY_PATH "./ssh_host_dsa_key"
+#define RSAKEY_PATH "./ssh_host_rsa_key"
+#define ECDSAKEY_PATH "./ssh_host_ecdsa_key"
+
+#endif
diff --git a/src/main.c b/src/main.c
index 0c6b6cb..c3d7108 100644
--- a/src/main.c
+++ b/src/main.c
@@ -17,7 +17,7 @@ static void sigchld_handler(int signo) {
static ssh_bind sshbind;
static ssh_session session;
-__attribute__((noreturn)) void sigint_handler(int signo)
+__attribute__((noreturn)) static void sigint_handler(int signo)
{
(void) signo;
ssh_free(session);
@@ -56,8 +56,8 @@ int main()
fprintf(stderr, "Error initializing ssh_bind\n");
exit(-1);
}
- int port = 2222;
- ssh_bind_options_set(sshbind, SSH_BIND_OPTIONS_BINDPORT, &port);
+ int listen_port = LISTEN_PORT;
+ ssh_bind_options_set(sshbind, SSH_BIND_OPTIONS_BINDPORT, &listen_port);
ssh_bind_options_set(sshbind, SSH_BIND_OPTIONS_DSAKEY, DSAKEY_PATH);
ssh_bind_options_set(sshbind, SSH_BIND_OPTIONS_RSAKEY, RSAKEY_PATH);
ssh_bind_options_set(sshbind, SSH_BIND_OPTIONS_ECDSAKEY, ECDSAKEY_PATH);
diff --git a/src/proxy.c b/src/proxy.c
index 7d3290e..bfeeed8 100644
--- a/src/proxy.c
+++ b/src/proxy.c
@@ -30,14 +30,15 @@ static int proxy_pty_request(ssh_session session, ssh_channel channel,
(void) py;
(void) px;
- printf("pty request\n");
- int rc = ssh_channel_request_pty_size(pdata->client_channel, term, cols, rows);
- if (rc == SSH_OK) {
- printf("pty request successfull\n");
+ if (ssh_channel_is_open(pdata->client_channel)) {
+ if (ssh_channel_request_pty_size(pdata->client_channel, term, cols, rows) == SSH_OK)
+ return SSH_OK;
+ else
+ fprintf(stderr, "pty request failed\n");
} else {
- printf("pty request failed\n");
+ fprintf(stderr, "pty request while client_channel not opened\n");
}
- return rc;
+ return SSH_ERROR;
}
// callback function for SSH channel PTY resize from a client
@@ -50,18 +51,15 @@ static int proxy_pty_resize(ssh_session session, ssh_channel channel, int cols,
(void) py;
(void) px;
- if (pdata->client_channel == NULL || ssh_channel_is_open(pdata->client_channel) == 0) {
- fprintf(stderr, "proxy pty oups!!!!!\n");
- return SSH_ERROR;
- }
- printf("pty resize\n");
- int rc = ssh_channel_change_pty_size(pdata->client_channel, cols, rows);
- if (rc == SSH_OK) {
- printf("pty resize successfull\n");
+ if (ssh_channel_is_open(pdata->client_channel)) {
+ if (ssh_channel_change_pty_size(pdata->client_channel, cols, rows) == SSH_OK)
+ return SSH_OK;
+ else
+ fprintf(stderr, "pty resize failed\n");
} else {
- printf("pty resize failed\n");
+ fprintf(stderr, "pty resize while client_channel not opened\n");
}
- return rc;
+ return SSH_ERROR;
}
static int proxy_exec_request(ssh_session session, ssh_channel channel,
@@ -71,14 +69,15 @@ static int proxy_exec_request(ssh_session session, ssh_channel channel,
(void) session;
(void) channel;
- printf("exec request : %s\n", command); // TODO
- int rc = ssh_channel_request_exec(pdata->client_channel, command);
- if (rc == SSH_OK) {
- printf("exec request successfull\n");
+ if (ssh_channel_is_open(pdata->client_channel)) {
+ if (ssh_channel_request_exec(pdata->client_channel, command) == SSH_OK)
+ return SSH_OK;
+ else
+ printf("exec request failed\n");
} else {
- printf("exec request failed\n");
+ fprintf(stderr, "exec request while client_channel not opened\n");
}
- return rc;
+ return SSH_ERROR;
}
static int proxy_shell_request(ssh_session session, ssh_channel channel,
@@ -88,44 +87,44 @@ static int proxy_shell_request(ssh_session session, ssh_channel channel,
(void) session;
(void) channel;
- printf("shell request\n");
- int rc = ssh_channel_request_shell(pdata->client_channel);
- if (rc == SSH_OK) {
- printf("shell request successfull\n");
+ if (ssh_channel_is_open(pdata->client_channel)) {
+ if (ssh_channel_request_shell(pdata->client_channel) == SSH_OK)
+ return SSH_OK;
+ else
+ fprintf(stderr, "shell request failed\n");
} else {
- printf("shell request failed\n");
+ fprintf(stderr, "shell request while client channel not opened\n");
}
- return rc;
+ return SSH_ERROR;
}
static int proxy_subsystem_request(ssh_session session, ssh_channel channel,
const char *subsystem, void *userdata) {
- ///* subsystem requests behave simillarly to exec requests. */
- //if (strcmp(subsystem, "sftp") == 0) {
- // printf("sftp request\n"); // TODO
- // return exec_request(session, channel, SFTP_SERVER_PATH, userdata);
- //}
(void) session;
(void) channel;
(void) subsystem;
(void) userdata;
return SSH_ERROR; // TODO
+ //if (ssh_channel_is_open(pdata->client_channel)) {
+ //}
}
static void proxy_channel_eof_callback (ssh_session session, ssh_channel channel, void *userdata)
{
+ struct proxy_channel_data_struct *pdata = (struct proxy_channel_data_struct *) userdata;
(void) session;
(void) channel;
- (void) userdata;
- printf("proxy eof callback\n");
+ if (ssh_channel_is_open(pdata->client_channel))
+ ssh_channel_send_eof(pdata->client_channel);
}
static void proxy_channel_close_callback (ssh_session session, ssh_channel channel, void *userdata)
{
+ struct proxy_channel_data_struct *pdata = (struct proxy_channel_data_struct *) userdata;
(void) session;
(void) channel;
- (void) userdata;
- printf("proxy close callback\n");
+ if (ssh_channel_is_open(pdata->client_channel))
+ ssh_channel_close(pdata->client_channel);
}
static void proxy_channel_exit_status_callback (ssh_session session, ssh_channel channel, int exit_status, void *userdata)
@@ -170,12 +169,7 @@ void handle_proxy_session(ssh_event event, ssh_session session, ssh_channel my_c
.client_channel = NULL,
};
- //ssh_event_remove_session(event, session);
cdata = client_dial(event, &pdata, hostname);
- //for (int n = 0; n < 10; n++) {
- // ssh_event_dopoll(event, 100);
- //}
- //ssh_event_add_session(event, session);
if (cdata == NULL) {
return;
diff --git a/src/session.c b/src/session.c
index 90e2855..22d10de 100644
--- a/src/session.c
+++ b/src/session.c
@@ -12,7 +12,7 @@
#include "proxy.h"
#include "session.h"
-int auth_pubkey(ssh_session session, const char *user,
+static int auth_pubkey(ssh_session session, const char *user,
struct ssh_key_struct *pubkey,
char signature_state, void *userdata) {
struct session_data_struct *sdata = (struct session_data_struct *) userdata;
@@ -51,7 +51,7 @@ int auth_pubkey(ssh_session session, const char *user,
}
}
-ssh_channel channel_open(ssh_session session, void *userdata) {
+static ssh_channel channel_open(ssh_session session, void *userdata) {
struct session_data_struct *sdata = (struct session_data_struct *) userdata;
if (sdata->channel == NULL) {