From 4da77dcb10c74c4f369d731addf19c6a065e0684 Mon Sep 17 00:00:00 2001 From: Julien Dessaux Date: Thu, 23 Aug 2018 14:07:58 +0200 Subject: Added address sanitization and fixed found bugs --- src/client.c | 3 ++- src/proxy.c | 21 +++++---------------- src/session.c | 5 ++--- 3 files changed, 9 insertions(+), 20 deletions(-) (limited to 'src') diff --git a/src/client.c b/src/client.c index 64df1eb..d7ecca6 100644 --- a/src/client.c +++ b/src/client.c @@ -139,6 +139,7 @@ struct client_channel_data_struct* client_dial(ssh_event event, struct proxy_cha } cdata->client_channel_cb = malloc(sizeof(*cdata->client_channel_cb)); + memset(cdata->client_channel_cb, 0, sizeof(*cdata->client_channel_cb)); cdata->client_channel_cb->userdata = cdata; cdata->client_channel_cb->channel_data_function = client_data_function; cdata->client_channel_cb->channel_eof_function = client_channel_eof_callback; @@ -160,7 +161,7 @@ struct client_channel_data_struct* client_dial(ssh_event event, struct proxy_cha channel_clean: ssh_channel_free(cdata->my_channel); auth_clean: - // TODO + // TODO when pubkey match implemented fix this //pubkey_nomatch_clean: ssh_string_free_char(hexa); pubkey_hash_clean: diff --git a/src/proxy.c b/src/proxy.c index bfeeed8..3bbecf3 100644 --- a/src/proxy.c +++ b/src/proxy.c @@ -104,7 +104,7 @@ static int proxy_subsystem_request(ssh_session session, ssh_channel channel, (void) channel; (void) subsystem; (void) userdata; - return SSH_ERROR; // TODO + return SSH_ERROR; // TODO ssh subsystem request //if (ssh_channel_is_open(pdata->client_channel)) { //} } @@ -190,21 +190,10 @@ void handle_proxy_session(ssh_event event, ssh_session session, ssh_channel my_c .channel_pty_window_change_function = proxy_pty_resize, .channel_exec_request_function = proxy_exec_request, .channel_subsystem_request_function = proxy_subsystem_request, - /** This function will be called when a client requests agent - * authentication forwarding. - */ - //ssh_channel_auth_agent_req_callback channel_auth_agent_req_function; - /** This function will be called when a client requests X11 - * forwarding. - */ - //ssh_channel_x11_req_callback channel_x11_req_function; - /** This function will be called when a client requests an environment - * variable to be set. - */ - /** This function will be called when the channel write is guaranteed - * not to block. - */ - // .channel_write_wontblock_function = proxy_channel_write_wontblock, + .channel_auth_agent_req_function = NULL, + .channel_x11_req_function = NULL, + .channel_env_request_function = NULL, + .channel_write_wontblock_function = NULL, }; ssh_callbacks_init(&channel_cb); ssh_set_channel_callbacks(my_channel, &channel_cb); diff --git a/src/session.c b/src/session.c index 22d10de..1031f7d 100644 --- a/src/session.c +++ b/src/session.c @@ -30,7 +30,7 @@ static int auth_pubkey(ssh_session session, const char *user, // TODO check for an invite - ssh_key reference_key = ssh_key_new(); + ssh_key reference_key; ssh_pki_import_pubkey_base64(USER_RSA_PUBKEY, SSH_KEYTYPE_RSA, &reference_key); // TODO fetch all pubkeys from db if (!ssh_key_cmp(pubkey, reference_key, SSH_KEY_CMP_PUBLIC)) { sdata->authenticated = 1; @@ -41,8 +41,7 @@ static int auth_pubkey(ssh_session session, const char *user, return SSH_ERROR; } sdata->login_username = malloc(len+1); - memset(sdata->login_username, 0, len+1); - strncpy(sdata->login_username, user, len); + strncpy(sdata->login_username, user, len+1); return SSH_AUTH_SUCCESS; } else { ssh_key_free(reference_key); -- cgit v1.2.3