aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorAndreas Schneider <asn@cryptomilk.org>2018-08-27 09:08:28 +0200
committerAndreas Schneider <asn@cryptomilk.org>2018-08-27 09:30:24 +0200
commit73c9d60e5abf6bc20093e105dec112b071c83871 (patch)
tree2c08401a56a30337e83b744d50374f64ce93b865
parentae3825dfb2c6364bc088353640d59b0546b8d6f6 (diff)
downloadlibssh-73c9d60e5abf6bc20093e105dec112b071c83871.tar.gz
libssh-73c9d60e5abf6bc20093e105dec112b071c83871.tar.xz
libssh-73c9d60e5abf6bc20093e105dec112b071c83871.zip
session: Group auth variables in a struct
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
-rw-r--r--include/libssh/session.h12
-rw-r--r--src/auth.c75
-rw-r--r--src/client.c10
-rw-r--r--src/gssapi.c14
-rw-r--r--src/packet_cb.c2
-rw-r--r--src/server.c18
-rw-r--r--src/session.c7
7 files changed, 70 insertions, 68 deletions
diff --git a/include/libssh/session.h b/include/libssh/session.h
index 5421056f..325f6a37 100644
--- a/include/libssh/session.h
+++ b/include/libssh/session.h
@@ -128,11 +128,15 @@ struct ssh_session_struct {
enum ssh_session_state_e session_state;
int packet_state;
enum ssh_dh_state_e dh_handshake_state;
- enum ssh_auth_service_state_e auth_service_state;
- enum ssh_auth_state_e auth_state;
enum ssh_channel_request_state_e global_req_state;
struct ssh_agent_state_struct *agent_state;
- struct ssh_auth_auto_state_struct *auth_auto_state;
+
+ struct {
+ struct ssh_auth_auto_state_struct *auto_state;
+ enum ssh_auth_service_state_e service_state;
+ enum ssh_auth_state_e state;
+ uint32_t supported_methods;
+ } auth;
/*
* RFC 4253, 7.1: if the first_kex_packet_follows flag was set in
@@ -167,8 +171,8 @@ struct ssh_session_struct {
/* The type of host key wanted by client */
enum ssh_keytypes_e hostkey;
} srv;
+
/* auths accepted by server */
- int auth_methods;
struct ssh_list *ssh_message_list; /* list of delayed SSH messages */
int (*ssh_message_callback)( struct ssh_session_struct *session, ssh_message msg, void *userdata);
void *ssh_message_callback_data;
diff --git a/src/auth.c b/src/auth.c
index 06af7163..84d2b238 100644
--- a/src/auth.c
+++ b/src/auth.c
@@ -79,7 +79,7 @@ static int ssh_userauth_request_service(ssh_session session) {
static int ssh_auth_response_termination(void *user) {
ssh_session session = (ssh_session)user;
- switch (session->auth_state) {
+ switch (session->auth.state) {
case SSH_AUTH_STATE_NONE:
case SSH_AUTH_STATE_KBDINT_SENT:
case SSH_AUTH_STATE_GSSAPI_REQUEST_SENT:
@@ -116,7 +116,7 @@ static int ssh_userauth_get_response(ssh_session session) {
return SSH_AUTH_AGAIN;
}
- switch(session->auth_state) {
+ switch(session->auth.state) {
case SSH_AUTH_STATE_ERROR:
rc = SSH_AUTH_ERROR;
break;
@@ -191,17 +191,17 @@ SSH_PACKET_CALLBACK(ssh_packet_userauth_failure) {
if (rc != SSH_OK) {
ssh_set_error(session, SSH_FATAL,
"Invalid SSH_MSG_USERAUTH_FAILURE message");
- session->auth_state=SSH_AUTH_STATE_ERROR;
+ session->auth.state = SSH_AUTH_STATE_ERROR;
goto end;
}
if (partial) {
- session->auth_state=SSH_AUTH_STATE_PARTIAL;
+ session->auth.state = SSH_AUTH_STATE_PARTIAL;
SSH_LOG(SSH_LOG_INFO,
"Partial success. Authentication that can continue: %s",
auth_methods);
} else {
- session->auth_state=SSH_AUTH_STATE_FAILED;
+ session->auth.state = SSH_AUTH_STATE_FAILED;
SSH_LOG(SSH_LOG_INFO,
"Access denied. Authentication that can continue: %s",
auth_methods);
@@ -210,21 +210,21 @@ SSH_PACKET_CALLBACK(ssh_packet_userauth_failure) {
auth_methods);
}
- session->auth_methods = 0;
+ session->auth.supported_methods = 0;
if (strstr(auth_methods, "password") != NULL) {
- session->auth_methods |= SSH_AUTH_METHOD_PASSWORD;
+ session->auth.supported_methods |= SSH_AUTH_METHOD_PASSWORD;
}
if (strstr(auth_methods, "keyboard-interactive") != NULL) {
- session->auth_methods |= SSH_AUTH_METHOD_INTERACTIVE;
+ session->auth.supported_methods |= SSH_AUTH_METHOD_INTERACTIVE;
}
if (strstr(auth_methods, "publickey") != NULL) {
- session->auth_methods |= SSH_AUTH_METHOD_PUBLICKEY;
+ session->auth.supported_methods |= SSH_AUTH_METHOD_PUBLICKEY;
}
if (strstr(auth_methods, "hostbased") != NULL) {
- session->auth_methods |= SSH_AUTH_METHOD_HOSTBASED;
+ session->auth.supported_methods |= SSH_AUTH_METHOD_HOSTBASED;
}
if (strstr(auth_methods, "gssapi-with-mic") != NULL) {
- session->auth_methods |= SSH_AUTH_METHOD_GSSAPI_MIC;
+ session->auth.supported_methods |= SSH_AUTH_METHOD_GSSAPI_MIC;
}
end:
@@ -248,7 +248,7 @@ SSH_PACKET_CALLBACK(ssh_packet_userauth_success) {
SSH_LOG(SSH_LOG_DEBUG, "Authentication successful");
SSH_LOG(SSH_LOG_TRACE, "Received SSH_USERAUTH_SUCCESS");
- session->auth_state = SSH_AUTH_STATE_SUCCESS;
+ session->auth.state = SSH_AUTH_STATE_SUCCESS;
session->session_state = SSH_SESSION_STATE_AUTHENTICATED;
session->flags |= SSH_SESSION_FLAG_AUTHENTICATED;
@@ -277,17 +277,17 @@ SSH_PACKET_CALLBACK(ssh_packet_userauth_pk_ok) {
SSH_LOG(SSH_LOG_TRACE, "Received SSH_USERAUTH_PK_OK/INFO_REQUEST/GSSAPI_RESPONSE");
- if (session->auth_state==SSH_AUTH_STATE_KBDINT_SENT) {
+ if (session->auth.state == SSH_AUTH_STATE_KBDINT_SENT) {
/* Assuming we are in keyboard-interactive context */
SSH_LOG(SSH_LOG_TRACE,
"keyboard-interactive context, assuming SSH_USERAUTH_INFO_REQUEST");
rc = ssh_packet_userauth_info_request(session,type,packet,user);
#ifdef WITH_GSSAPI
- } else if (session->auth_state == SSH_AUTH_STATE_GSSAPI_REQUEST_SENT) {
+ } else if (session->auth.state == SSH_AUTH_STATE_GSSAPI_REQUEST_SENT) {
rc = ssh_packet_userauth_gssapi_response(session, type, packet, user);
#endif
} else {
- session->auth_state = SSH_AUTH_STATE_PK_OK;
+ session->auth.state = SSH_AUTH_STATE_PK_OK;
SSH_LOG(SSH_LOG_TRACE, "Assuming SSH_USERAUTH_PK_OK");
rc = SSH_PACKET_USED;
}
@@ -323,7 +323,7 @@ int ssh_userauth_list(ssh_session session, const char *username)
return 0;
}
- return session->auth_methods;
+ return session->auth.supported_methods;
}
/**
@@ -378,7 +378,7 @@ int ssh_userauth_none(ssh_session session, const char *username) {
goto fail;
}
- session->auth_state = SSH_AUTH_STATE_NONE;
+ session->auth.state = SSH_AUTH_STATE_NONE;
session->pending_call_state = SSH_PENDING_CALL_AUTH_NONE;
rc = ssh_packet_send(session);
if (rc == SSH_ERROR) {
@@ -485,7 +485,7 @@ int ssh_userauth_try_publickey(ssh_session session,
ssh_string_free(pubkey_s);
- session->auth_state = SSH_AUTH_STATE_NONE;
+ session->auth.state = SSH_AUTH_STATE_NONE;
session->pending_call_state = SSH_PENDING_CALL_AUTH_OFFER_PUBKEY;
rc = ssh_packet_send(session);
if (rc == SSH_ERROR) {
@@ -605,7 +605,7 @@ int ssh_userauth_publickey(ssh_session session,
goto fail;
}
- session->auth_state = SSH_AUTH_STATE_NONE;
+ session->auth.state = SSH_AUTH_STATE_NONE;
session->pending_call_state = SSH_PENDING_CALL_AUTH_PUBKEY;
rc = ssh_packet_send(session);
if (rc == SSH_ERROR) {
@@ -690,7 +690,7 @@ static int ssh_userauth_agent_publickey(ssh_session session,
goto fail;
}
- session->auth_state = SSH_AUTH_STATE_NONE;
+ session->auth.state = SSH_AUTH_STATE_NONE;
session->pending_call_state = SSH_PENDING_CALL_AUTH_AGENT;
rc = ssh_packet_send(session);
if (rc == SSH_ERROR) {
@@ -905,23 +905,22 @@ int ssh_userauth_publickey_auto(ssh_session session,
return SSH_AUTH_ERROR;
}
if (! (session->opts.flags & SSH_OPT_FLAG_PUBKEY_AUTH)) {
- session->auth_methods &= ~SSH_AUTH_METHOD_PUBLICKEY;
+ session->auth.supported_methods &= ~SSH_AUTH_METHOD_PUBLICKEY;
return SSH_AUTH_DENIED;
}
if (session->common.callbacks) {
auth_fn = session->common.callbacks->auth_function;
auth_data = session->common.callbacks->userdata;
}
- if (!session->auth_auto_state) {
- session->auth_auto_state =
- malloc(sizeof(struct ssh_auth_auto_state_struct));
- if (!session->auth_auto_state) {
+ if (!session->auth.auto_state) {
+ session->auth.auto_state =
+ calloc(1, sizeof(struct ssh_auth_auto_state_struct));
+ if (!session->auth.auto_state) {
ssh_set_error_oom(session);
return SSH_AUTH_ERROR;
}
- ZERO_STRUCTP(session->auth_auto_state);
}
- state = session->auth_auto_state;
+ state = session->auth.auto_state;
if (state->state == SSH_AUTH_AUTO_STATE_NONE) {
#ifndef _WIN32
/* Try authentication with ssh-agent first */
@@ -954,7 +953,7 @@ int ssh_userauth_publickey_auto(ssh_session session,
SSH_FATAL,
"Failed to import public key: %s",
pubkey_file);
- SAFE_FREE(session->auth_auto_state);
+ SAFE_FREE(session->auth.auto_state);
return SSH_AUTH_ERROR;
} else if (rc == SSH_EOF) {
/* Read the private key and save the public key to file */
@@ -982,7 +981,7 @@ int ssh_userauth_publickey_auto(ssh_session session,
rc = ssh_pki_export_privkey_to_pubkey(state->privkey, &state->pubkey);
if (rc == SSH_ERROR) {
ssh_key_free(state->privkey);
- SAFE_FREE(session->auth_auto_state);
+ SAFE_FREE(session->auth.auto_state);
return SSH_AUTH_ERROR;
}
@@ -1003,7 +1002,7 @@ int ssh_userauth_publickey_auto(ssh_session session,
privkey_file);
ssh_key_free(state->privkey);
ssh_key_free(state->pubkey);
- SAFE_FREE(session->auth_auto_state);
+ SAFE_FREE(session->auth.auto_state);
return rc;
} else if (rc == SSH_AUTH_AGAIN) {
return rc;
@@ -1056,7 +1055,7 @@ int ssh_userauth_publickey_auto(ssh_session session,
if (rc != SSH_AUTH_AGAIN && rc != SSH_AUTH_DENIED) {
ssh_key_free(state->privkey);
ssh_key_free(state->pubkey);
- SAFE_FREE(session->auth_auto_state);
+ SAFE_FREE(session->auth.auto_state);
if (rc == SSH_AUTH_SUCCESS) {
SSH_LOG(SSH_LOG_INFO,
"Successfully authenticated using %s",
@@ -1077,7 +1076,7 @@ int ssh_userauth_publickey_auto(ssh_session session,
}
SSH_LOG(SSH_LOG_INFO,
"Tried every public key, none matched");
- SAFE_FREE(session->auth_auto_state);
+ SAFE_FREE(session->auth.auto_state);
return SSH_AUTH_DENIED;
}
@@ -1151,7 +1150,7 @@ int ssh_userauth_password(ssh_session session,
goto fail;
}
- session->auth_state = SSH_AUTH_STATE_NONE;
+ session->auth.state = SSH_AUTH_STATE_NONE;
session->pending_call_state = SSH_PENDING_CALL_AUTH_OFFER_PUBKEY;
rc = ssh_packet_send(session);
if (rc == SSH_ERROR) {
@@ -1323,7 +1322,7 @@ static int ssh_userauth_kbdint_init(ssh_session session,
}
- session->auth_state = SSH_AUTH_STATE_KBDINT_SENT;
+ session->auth.state = SSH_AUTH_STATE_KBDINT_SENT;
session->pending_call_state = SSH_PENDING_CALL_AUTH_KBDINT_INIT;
SSH_LOG(SSH_LOG_DEBUG,
@@ -1382,7 +1381,7 @@ static int ssh_userauth_kbdint_send(ssh_session session)
}
}
- session->auth_state = SSH_AUTH_STATE_KBDINT_SENT;
+ session->auth.state = SSH_AUTH_STATE_KBDINT_SENT;
session->pending_call_state = SSH_PENDING_CALL_AUTH_KBDINT_SEND;
ssh_kbdint_free(session->kbdint);
session->kbdint = NULL;
@@ -1495,7 +1494,7 @@ SSH_PACKET_CALLBACK(ssh_packet_userauth_info_request) {
return SSH_PACKET_USED;
}
}
- session->auth_state=SSH_AUTH_STATE_INFO;
+ session->auth.state=SSH_AUTH_STATE_INFO;
return SSH_PACKET_USED;
}
@@ -1795,12 +1794,12 @@ int ssh_userauth_gssapi(ssh_session session) {
return SSH_AUTH_ERROR;
}
SSH_LOG(SSH_LOG_PROTOCOL, "Authenticating with gssapi-with-mic");
- session->auth_state = SSH_AUTH_STATE_NONE;
+ session->auth.state = SSH_AUTH_STATE_NONE;
session->pending_call_state = SSH_PENDING_CALL_AUTH_GSSAPI_MIC;
rc = ssh_gssapi_auth_mic(session);
if (rc == SSH_AUTH_ERROR || rc == SSH_AUTH_DENIED) {
- session->auth_state = SSH_AUTH_STATE_NONE;
+ session->auth.state = SSH_AUTH_STATE_NONE;
session->pending_call_state = SSH_PENDING_CALL_NONE;
return rc;
}
diff --git a/src/client.c b/src/client.c
index 00cbad38..a4745380 100644
--- a/src/client.c
+++ b/src/client.c
@@ -295,7 +295,7 @@ static int dh_handshake(ssh_session session) {
static int ssh_service_request_termination(void *s){
ssh_session session = (ssh_session)s;
if(session->session_state == SSH_SESSION_STATE_ERROR ||
- session->auth_service_state != SSH_AUTH_SERVICE_SENT)
+ session->auth.service_state != SSH_AUTH_SERVICE_SENT)
return 1;
else
return 0;
@@ -319,7 +319,7 @@ static int ssh_service_request_termination(void *s){
int ssh_service_request(ssh_session session, const char *service) {
int rc=SSH_ERROR;
- if(session->auth_service_state != SSH_AUTH_SERVICE_NONE)
+ if(session->auth.service_state != SSH_AUTH_SERVICE_NONE)
goto pending;
rc = ssh_buffer_pack(session->out_buffer,
@@ -330,7 +330,7 @@ int ssh_service_request(ssh_session session, const char *service) {
ssh_set_error_oom(session);
return SSH_ERROR;
}
- session->auth_service_state=SSH_AUTH_SERVICE_SENT;
+ session->auth.service_state = SSH_AUTH_SERVICE_SENT;
if (ssh_packet_send(session) == SSH_ERROR) {
ssh_set_error(session, SSH_FATAL,
"Sending SSH2_MSG_SERVICE_REQUEST failed.");
@@ -345,7 +345,7 @@ pending:
if (rc == SSH_ERROR) {
return SSH_ERROR;
}
- switch(session->auth_service_state){
+ switch(session->auth.service_state) {
case SSH_AUTH_SERVICE_DENIED:
ssh_set_error(session,SSH_FATAL,"ssh_auth_service request denied");
break;
@@ -700,7 +700,7 @@ error:
if (session->out_hashbuf) {
ssh_buffer_reinit(session->out_hashbuf);
}
- session->auth_methods = 0;
+ session->auth.supported_methods = 0;
SAFE_FREE(session->serverbanner);
SAFE_FREE(session->clientbanner);
diff --git a/src/gssapi.c b/src/gssapi.c
index 9473fef2..51b69e7a 100644
--- a/src/gssapi.c
+++ b/src/gssapi.c
@@ -598,7 +598,7 @@ static int ssh_gssapi_send_auth_mic(ssh_session session, ssh_string *oid_set, in
}
}
- session->auth_state = SSH_AUTH_STATE_GSSAPI_REQUEST_SENT;
+ session->auth.state = SSH_AUTH_STATE_GSSAPI_REQUEST_SENT;
return ssh_packet_send(session);
fail:
ssh_buffer_reinit(session->out_buffer);
@@ -797,7 +797,7 @@ SSH_PACKET_CALLBACK(ssh_packet_userauth_gssapi_response){
(void)user;
SSH_LOG(SSH_LOG_PACKET, "Received SSH_USERAUTH_GSSAPI_RESPONSE");
- if (session->auth_state != SSH_AUTH_STATE_GSSAPI_REQUEST_SENT){
+ if (session->auth.state != SSH_AUTH_STATE_GSSAPI_REQUEST_SENT){
ssh_set_error(session, SSH_FATAL, "Invalid state in ssh_packet_userauth_gssapi_response");
goto error;
}
@@ -845,12 +845,12 @@ SSH_PACKET_CALLBACK(ssh_packet_userauth_gssapi_response){
output_token.length,
(size_t)output_token.length, output_token.value);
ssh_packet_send(session);
- session->auth_state = SSH_AUTH_STATE_GSSAPI_TOKEN;
+ session->auth.state = SSH_AUTH_STATE_GSSAPI_TOKEN;
}
return SSH_PACKET_USED;
error:
- session->auth_state = SSH_AUTH_STATE_ERROR;
+ session->auth.state = SSH_AUTH_STATE_ERROR;
ssh_gssapi_free(session);
session->gssapi = NULL;
return SSH_PACKET_USED;
@@ -907,7 +907,7 @@ SSH_PACKET_CALLBACK(ssh_packet_userauth_gssapi_token_client){
(void)type;
SSH_LOG(SSH_LOG_PACKET,"Received SSH_MSG_USERAUTH_GSSAPI_TOKEN");
- if (!session->gssapi || session->auth_state != SSH_AUTH_STATE_GSSAPI_TOKEN) {
+ if (!session->gssapi || session->auth.state != SSH_AUTH_STATE_GSSAPI_TOKEN) {
ssh_set_error(session, SSH_FATAL,
"Received SSH_MSG_USERAUTH_GSSAPI_TOKEN in invalid state");
goto error;
@@ -960,14 +960,14 @@ SSH_PACKET_CALLBACK(ssh_packet_userauth_gssapi_token_client){
}
if (maj_stat == GSS_S_COMPLETE) {
- session->auth_state = SSH_AUTH_STATE_NONE;
+ session->auth.state = SSH_AUTH_STATE_NONE;
ssh_gssapi_send_mic(session);
}
return SSH_PACKET_USED;
error:
- session->auth_state = SSH_AUTH_STATE_ERROR;
+ session->auth.state = SSH_AUTH_STATE_ERROR;
ssh_gssapi_free(session);
session->gssapi = NULL;
return SSH_PACKET_USED;
diff --git a/src/packet_cb.c b/src/packet_cb.c
index 2c8d9935..ecf327ef 100644
--- a/src/packet_cb.c
+++ b/src/packet_cb.c
@@ -264,7 +264,7 @@ SSH_PACKET_CALLBACK(ssh_packet_service_accept){
(void)type;
(void)user;
- session->auth_service_state=SSH_AUTH_SERVICE_ACCEPTED;
+ session->auth.service_state = SSH_AUTH_SERVICE_ACCEPTED;
SSH_LOG(SSH_LOG_PACKET,
"Received SSH_MSG_SERVICE_ACCEPT");
diff --git a/src/server.c b/src/server.c
index d1ff497a..8984e6a0 100644
--- a/src/server.c
+++ b/src/server.c
@@ -574,7 +574,7 @@ static int ssh_server_kex_termination(void *s){
void ssh_set_auth_methods(ssh_session session, int auth_methods){
/* accept only methods in range */
- session->auth_methods = auth_methods & 0x3f;
+ session->auth.supported_methods = auth_methods & 0x3f;
}
/* Do the banner and key exchange */
@@ -625,26 +625,26 @@ int ssh_auth_reply_default(ssh_session session,int partial) {
int rc = SSH_ERROR;
- if (session->auth_methods == 0) {
- session->auth_methods = SSH_AUTH_METHOD_PUBLICKEY | SSH_AUTH_METHOD_PASSWORD;
+ if (session->auth.supported_methods == 0) {
+ session->auth.supported_methods = SSH_AUTH_METHOD_PUBLICKEY | SSH_AUTH_METHOD_PASSWORD;
}
- if (session->auth_methods & SSH_AUTH_METHOD_PUBLICKEY) {
+ if (session->auth.supported_methods & SSH_AUTH_METHOD_PUBLICKEY) {
strncat(methods_c, "publickey,",
sizeof(methods_c) - strlen(methods_c) - 1);
}
- if (session->auth_methods & SSH_AUTH_METHOD_GSSAPI_MIC){
+ if (session->auth.supported_methods & SSH_AUTH_METHOD_GSSAPI_MIC){
strncat(methods_c,"gssapi-with-mic,",
sizeof(methods_c) - strlen(methods_c) - 1);
}
- if (session->auth_methods & SSH_AUTH_METHOD_INTERACTIVE) {
+ if (session->auth.supported_methods & SSH_AUTH_METHOD_INTERACTIVE) {
strncat(methods_c, "keyboard-interactive,",
sizeof(methods_c) - strlen(methods_c) - 1);
}
- if (session->auth_methods & SSH_AUTH_METHOD_PASSWORD) {
+ if (session->auth.supported_methods & SSH_AUTH_METHOD_PASSWORD) {
strncat(methods_c, "password,",
sizeof(methods_c) - strlen(methods_c) - 1);
}
- if (session->auth_methods & SSH_AUTH_METHOD_HOSTBASED) {
+ if (session->auth.supported_methods & SSH_AUTH_METHOD_HOSTBASED) {
strncat(methods_c, "hostbased,",
sizeof(methods_c) - strlen(methods_c) - 1);
}
@@ -887,7 +887,7 @@ int ssh_message_auth_set_methods(ssh_message msg, int methods) {
return -1;
}
- msg->session->auth_methods = methods;
+ msg->session->auth.supported_methods = methods;
return 0;
}
diff --git a/src/session.c b/src/session.c
index c8c7414c..a1959d48 100644
--- a/src/session.c
+++ b/src/session.c
@@ -60,11 +60,10 @@ ssh_session ssh_new(void) {
char *id = NULL;
int rc;
- session = malloc(sizeof (struct ssh_session_struct));
+ session = calloc(1, sizeof (struct ssh_session_struct));
if (session == NULL) {
return NULL;
}
- ZERO_STRUCTP(session);
session->next_crypto = crypto_new();
if (session->next_crypto == NULL) {
@@ -87,7 +86,7 @@ ssh_session ssh_new(void) {
}
session->alive = 0;
- session->auth_methods = 0;
+ session->auth.supported_methods = 0;
ssh_set_blocking(session, 1);
session->maxchannel = FIRST_CHANNEL;
@@ -268,7 +267,7 @@ void ssh_free(ssh_session session) {
#endif
session->agent_state = NULL;
- SAFE_FREE(session->auth_auto_state);
+ SAFE_FREE(session->auth.auto_state);
SAFE_FREE(session->serverbanner);
SAFE_FREE(session->clientbanner);
SAFE_FREE(session->banner);