diff options
| -rw-r--r-- | include/libssh/session.h | 35 | ||||
| -rw-r--r-- | src/auth.c | 14 | ||||
| -rw-r--r-- | src/bind.c | 12 | ||||
| -rw-r--r-- | src/client.c | 37 | ||||
| -rw-r--r-- | src/config.c | 6 | ||||
| -rw-r--r-- | src/gzip.c | 2 | ||||
| -rw-r--r-- | src/kex.c | 2 | ||||
| -rw-r--r-- | src/known_hosts.c | 33 | ||||
| -rw-r--r-- | src/legacy.c | 2 | ||||
| -rw-r--r-- | src/misc.c | 10 | ||||
| -rw-r--r-- | src/options.c | 182 | ||||
| -rw-r--r-- | src/packet_cb.c | 6 | ||||
| -rw-r--r-- | src/server.c | 8 | ||||
| -rw-r--r-- | src/session.c | 78 | ||||
| -rw-r--r-- | tests/unittests/torture_misc.c | 8 | ||||
| -rw-r--r-- | tests/unittests/torture_options.c | 28 |
16 files changed, 236 insertions, 227 deletions
diff --git a/include/libssh/session.h b/include/libssh/session.h index 9d03f47..20c94da 100644 --- a/include/libssh/session.h +++ b/include/libssh/session.h @@ -160,23 +160,24 @@ struct ssh_session_struct { #ifdef WITH_PCAP ssh_pcap_context pcap_ctx; /* pcap debugging context */ #endif - char *username; - char *host; - char *bindaddr; /* bind the client to an ip addr */ - char *xbanner; /* TODO: looks like it is not needed */ - struct ssh_list *identity; - char *sshdir; - char *knownhosts; - char *wanted_methods[10]; - char compressionlevel; - unsigned long timeout; /* seconds */ - unsigned long timeout_usec; - unsigned int port; - socket_t fd; - int ssh2; - int ssh1; - int StrictHostKeyChecking; - char *ProxyCommand; + struct { + struct ssh_list *identity; + char *username; + char *host; + char *bindaddr; /* bind the client to an ip addr */ + char *sshdir; + char *knownhosts; + char *wanted_methods[10]; + char *ProxyCommand; + unsigned long timeout; /* seconds */ + unsigned long timeout_usec; + unsigned int port; + socket_t fd; + int StrictHostKeyChecking; + int ssh2; + int ssh1; + char compressionlevel; + } opts; }; /** @internal @@ -385,7 +385,7 @@ int ssh_userauth_none(ssh_session session, const char *username) { if (username) { str = ssh_string_from_char(username); } else { - str = ssh_string_from_char(session->username); + str = ssh_string_from_char(session->opts.username); } if (str == NULL) { goto fail; @@ -521,7 +521,7 @@ int ssh_userauth_try_publickey(ssh_session session, if (username) { str = ssh_string_from_char(username); } else { - str = ssh_string_from_char(session->username); + str = ssh_string_from_char(session->opts.username); } if (str == NULL) { goto fail; @@ -683,7 +683,7 @@ int ssh_userauth_publickey(ssh_session session, if (username) { str = ssh_string_from_char(username); } else { - str = ssh_string_from_char(session->username); + str = ssh_string_from_char(session->opts.username); } if (str == NULL) { goto fail; @@ -819,7 +819,7 @@ static int ssh_userauth_agent_publickey(ssh_session session, if (username) { str = ssh_string_from_char(username); } else { - str = ssh_string_from_char(session->username); + str = ssh_string_from_char(session->opts.username); } if (str == NULL) { goto fail; @@ -1115,7 +1115,7 @@ int ssh_userauth_publickey_auto(ssh_session session, state->state = SSH_AUTH_AUTO_STATE_PUBKEY; } if (state->it == NULL) { - state->it = ssh_list_get_iterator(session->identity); + state->it = ssh_list_get_iterator(session->opts.identity); } while (state->it != NULL){ @@ -1341,7 +1341,7 @@ int ssh_userauth_password(ssh_session session, if (username) { str = ssh_string_from_char(username); } else { - str = ssh_string_from_char(session->username); + str = ssh_string_from_char(session->opts.username); } if (str == NULL) { goto fail; @@ -1557,7 +1557,7 @@ static int ssh_userauth_kbdint_init(ssh_session session, if (username) { str = ssh_string_from_char(username); } else { - str = ssh_string_from_char(session->username); + str = ssh_string_from_char(session->opts.username); } if (str == NULL) { goto fail; @@ -356,19 +356,19 @@ int ssh_bind_accept_fd(ssh_bind sshbind, ssh_session session, socket_t fd){ /* copy options */ for (i = 0; i < 10; ++i) { if (sshbind->wanted_methods[i]) { - session->wanted_methods[i] = strdup(sshbind->wanted_methods[i]); - if (session->wanted_methods[i] == NULL) { + session->opts.wanted_methods[i] = strdup(sshbind->wanted_methods[i]); + if (session->opts.wanted_methods[i] == NULL) { return SSH_ERROR; } } } if (sshbind->bindaddr == NULL) - session->bindaddr = NULL; + session->opts.bindaddr = NULL; else { - SAFE_FREE(session->bindaddr); - session->bindaddr = strdup(sshbind->bindaddr); - if (session->bindaddr == NULL) { + SAFE_FREE(session->opts.bindaddr); + session->opts.bindaddr = strdup(sshbind->bindaddr); + if (session->opts.bindaddr == NULL) { return SSH_ERROR; } } diff --git a/src/client.c b/src/client.c index 2531dd9..ca827eb 100644 --- a/src/client.c +++ b/src/client.c @@ -149,10 +149,6 @@ int ssh_send_banner(ssh_session session, int server) { banner = session->version == 1 ? CLIENTBANNER1 : CLIENTBANNER2; - if (session->xbanner) { - banner = session->xbanner; - } - if (server) { session->serverbanner = strdup(banner); if (session->serverbanner == NULL) { @@ -345,13 +341,13 @@ static void ssh_client_connection_callback(ssh_session session){ goto error; } /* Here we decide which version of the protocol to use. */ - if (ssh2 && session->ssh2) { + if (ssh2 && session->opts.ssh2) { session->version = 2; #ifdef WITH_SSH1 - } else if(ssh1 && session->ssh1) { + } else if(ssh1 && session->opts.ssh1) { session->version = 1; #endif - } else if(ssh1 && !session->ssh1){ + } else if(ssh1 && !session->opts.ssh1){ #ifdef WITH_SSH1 ssh_set_error(session, SSH_FATAL, "SSH-1 protocol not available (configure session to allow SSH-1)"); @@ -483,7 +479,9 @@ int ssh_connect(ssh_session session) { leave_function(); return SSH_ERROR; } - if (session->fd == SSH_INVALID_SOCKET && session->host == NULL && session->ProxyCommand == NULL) { + if (session->opts.fd == SSH_INVALID_SOCKET && + session->opts.host == NULL && + session->opts.ProxyCommand == NULL) { ssh_set_error(session, SSH_FATAL, "Hostname required"); leave_function(); return SSH_ERROR; @@ -503,16 +501,19 @@ int ssh_connect(ssh_session session) { session->socket_callbacks.data=callback_receive_banner; session->socket_callbacks.exception=ssh_socket_exception_callback; session->socket_callbacks.userdata=session; - if (session->fd != SSH_INVALID_SOCKET) { - ssh_socket_set_fd(session->socket, session->fd); + if (session->opts.fd != SSH_INVALID_SOCKET) { + ssh_socket_set_fd(session->socket, session->opts.fd); ret=SSH_OK; #ifndef _WIN32 - } else if (session->ProxyCommand != NULL){ - ret=ssh_socket_connect_proxycommand(session->socket, session->ProxyCommand); + } else if (session->opts.ProxyCommand != NULL){ + ret = ssh_socket_connect_proxycommand(session->socket, + session->opts.ProxyCommand); #endif } else { - ret=ssh_socket_connect(session->socket, session->host, session->port, - session->bindaddr); + ret=ssh_socket_connect(session->socket, + session->opts.host, + session->opts.port, + session->opts.bindaddr); } if (ret == SSH_ERROR) { leave_function(); @@ -526,14 +527,16 @@ int ssh_connect(ssh_session session) { pending: session->pending_call_state=SSH_PENDING_CALL_CONNECT; if(ssh_is_blocking(session)) { - int timeout = (session->timeout * 1000) + (session->timeout_usec / 1000); + int timeout = (session->opts.timeout * 1000) + + (session->opts.timeout_usec / 1000); if (timeout == 0) { timeout = 10 * 1000; } ssh_log(session,SSH_LOG_PACKET,"ssh_connect: Actual timeout : %d", timeout); ssh_handle_packets_termination(session, timeout, ssh_connect_termination, session); if(!ssh_connect_termination(session)){ - ssh_set_error(session,SSH_FATAL,"Timeout connecting to %s",session->host); + ssh_set_error(session, SSH_FATAL, + "Timeout connecting to %s", session->opts.host); session->session_state = SSH_SESSION_STATE_ERROR; } } @@ -635,7 +638,7 @@ error: if(session->socket){ ssh_socket_reset(session->socket); } - session->fd = SSH_INVALID_SOCKET; + session->opts.fd = SSH_INVALID_SOCKET; session->session_state=SSH_SESSION_STATE_DISCONNECTED; while ((it=ssh_list_get_iterator(session->channels)) != NULL) { diff --git a/src/config.c b/src/config.c index d9a95a2..bb81491 100644 --- a/src/config.c +++ b/src/config.c @@ -195,7 +195,7 @@ static int ssh_config_parse_line(ssh_session session, const char *line, switch (opcode) { case SOC_HOST: *parsing = 0; - lowerhost = (session->host) ? ssh_lowercase(session->host) : NULL; + lowerhost = (session->opts.host) ? ssh_lowercase(session->opts.host) : NULL; for (p = ssh_config_get_str(&s, NULL); p && *p; p = ssh_config_get_str(&s, NULL)) { if (match_hostname(lowerhost, p, strlen(p))) { @@ -211,7 +211,7 @@ static int ssh_config_parse_line(ssh_session session, const char *line, } break; case SOC_PORT: - if (session->port == 22) { + if (session->opts.port == 22) { p = ssh_config_get_str(&s, NULL); if (p && *parsing) { ssh_options_set(session, SSH_OPTIONS_PORT_STR, p); @@ -219,7 +219,7 @@ static int ssh_config_parse_line(ssh_session session, const char *line, } break; case SOC_USERNAME: - if (session->username == NULL) { + if (session->opts.username == NULL) { p = ssh_config_get_str(&s, NULL); if (p && *parsing) { ssh_options_set(session, SSH_OPTIONS_USER, p); @@ -103,7 +103,7 @@ static ssh_buffer gzip_compress(ssh_session session,ssh_buffer source,int level) int compress_buffer(ssh_session session, ssh_buffer buf) { ssh_buffer dest = NULL; - dest = gzip_compress(session, buf, session->compressionlevel); + dest = gzip_compress(session, buf, session->opts.compressionlevel); if (dest == NULL) { return -1; } @@ -360,7 +360,7 @@ int set_client_kex(ssh_session session){ memset(client->methods, 0, KEX_METHODS_SIZE * sizeof(char **)); for (i = 0; i < KEX_METHODS_SIZE; i++) { - wanted = session->wanted_methods[i]; + wanted = session->opts.wanted_methods[i]; if (wanted == NULL) wanted = default_methods[i]; client->methods[i] = strdup(wanted); diff --git a/src/known_hosts.c b/src/known_hosts.c index 5cfec52..f903684 100644 --- a/src/known_hosts.c +++ b/src/known_hosts.c @@ -422,7 +422,7 @@ int ssh_is_server_known(ssh_session session) { enter_function(); - if (session->knownhosts == NULL) { + if (session->opts.knownhosts == NULL) { if (ssh_options_apply(session) < 0) { ssh_set_error(session, SSH_REQUEST_DENIED, "Can't find a known_hosts file"); @@ -431,7 +431,7 @@ int ssh_is_server_known(ssh_session session) { } } - if (session->host == NULL) { + if (session->opts.host == NULL) { ssh_set_error(session, SSH_FATAL, "Can't verify host in known hosts if the hostname isn't known"); leave_function(); @@ -444,8 +444,8 @@ int ssh_is_server_known(ssh_session session) { leave_function(); return SSH_SERVER_ERROR; } - host = ssh_lowercase(session->host); - hostport = ssh_hostport(host,session->port); + host = ssh_lowercase(session->opts.host); + hostport = ssh_hostport(host, session->opts.port); if (host == NULL || hostport == NULL) { ssh_set_error_oom(session); SAFE_FREE(host); @@ -455,8 +455,10 @@ int ssh_is_server_known(ssh_session session) { } do { - tokens = ssh_get_knownhost_line(session, &file, - session->knownhosts, &type); + tokens = ssh_get_knownhost_line(session, + &file, + session->opts.knownhosts, + &type); /* End of file, return the current state */ if (tokens == NULL) { @@ -507,7 +509,8 @@ int ssh_is_server_known(ssh_session session) { } } while (1); - if ( (ret == SSH_SERVER_NOT_KNOWN) && (session->StrictHostKeyChecking == 0) ) { + if ((ret == SSH_SERVER_NOT_KNOWN) && + (session->opts.StrictHostKeyChecking == 0)) { ssh_write_knownhost(session); ret = SSH_SERVER_KNOWN_OK; } @@ -544,22 +547,22 @@ int ssh_write_knownhost(ssh_session session) { char *hostport; int rc; - if (session->host == NULL) { + if (session->opts.host == NULL) { ssh_set_error(session, SSH_FATAL, "Can't write host in known hosts if the hostname isn't known"); return SSH_ERROR; } - host = ssh_lowercase(session->host); + host = ssh_lowercase(session->opts.host); /* If using a nonstandard port, save the host in the [host]:port format */ - if(session->port != 22){ - hostport = ssh_hostport(host, session->port); + if(session->opts.port != 22) { + hostport = ssh_hostport(host, session->opts.port); SAFE_FREE(host); host = hostport; hostport = NULL; } - if (session->knownhosts == NULL) { + if (session->opts.knownhosts == NULL) { if (ssh_options_apply(session) < 0) { ssh_set_error(session, SSH_FATAL, "Can't find a known_hosts file"); return SSH_ERROR; @@ -578,7 +581,7 @@ int ssh_write_knownhost(ssh_session session) { } /* Check if ~/.ssh exists and create it if not */ - dir = ssh_dirname(session->knownhosts); + dir = ssh_dirname(session->opts.knownhosts); if (dir == NULL) { ssh_set_error(session, SSH_FATAL, "%s", strerror(errno)); return SSH_ERROR; @@ -594,11 +597,11 @@ int ssh_write_knownhost(ssh_session session) { } SAFE_FREE(dir); - file = fopen(session->knownhosts, "a"); + file = fopen(session->opts.knownhosts, "a"); if (file == NULL) { ssh_set_error(session, SSH_FATAL, "Couldn't open known_hosts file %s for appending: %s", - session->knownhosts, strerror(errno)); + session->opts.knownhosts, strerror(errno)); SAFE_FREE(host); return SSH_ERROR; } diff --git a/src/legacy.c b/src/legacy.c index 65abebc..f735f68 100644 --- a/src/legacy.c +++ b/src/legacy.c @@ -644,7 +644,7 @@ int ssh_try_publickey_from_file(ssh_session session, return -1; } - if (session->sshdir == NULL) { + if (session->opts.sshdir == NULL) { if (ssh_options_apply(session) < 0) { return -1; } @@ -729,7 +729,7 @@ char *ssh_path_expand_escape(ssh_session session, const char *s) { switch (*p) { case 'd': - x = strdup(session->sshdir); + x = strdup(session->opts.sshdir); break; case 'u': x = ssh_get_local_username(); @@ -740,16 +740,16 @@ char *ssh_path_expand_escape(ssh_session session, const char *s) { } break; case 'h': - x = strdup(session->host); + x = strdup(session->opts.host); break; case 'r': - x = strdup(session->username); + x = strdup(session->opts.username); break; case 'p': - if (session->port < 65536) { + if (session->opts.port < 65536) { char tmp[6]; - snprintf(tmp, sizeof(tmp), "%u", session->port); + snprintf(tmp, sizeof(tmp), "%u", session->opts.port); x = strdup(tmp); } break; diff --git a/src/options.c b/src/options.c index 41a0dac..2b63c92 100644 --- a/src/options.c +++ b/src/options.c @@ -74,32 +74,32 @@ int ssh_options_copy(ssh_session src, ssh_session *dest) { return -1; } - if (src->username) { - new->username = strdup(src->username); - if (new->username == NULL) { + if (src->opts.username) { + new->opts.username = strdup(src->opts.username); + if (new->opts.username == NULL) { ssh_free(new); return -1; } } - if (src->host) { - new->host = strdup(src->host); - if (new->host == NULL) { + if (src->opts.host) { + new->opts.host = strdup(src->opts.host); + if (new->opts.host == NULL) { ssh_free(new); return -1; } } - if (src->identity) { + if (src->opts.identity) { struct ssh_iterator *it; - new->identity = ssh_list_new(); - if (new->identity == NULL) { + new->opts.identity = ssh_list_new(); + if (new->opts.identity == NULL) { ssh_free(new); return -1; } - it = ssh_list_get_iterator(src->identity); + it = ssh_list_get_iterator(src->opts.identity); while (it) { char *id; int rc; @@ -110,7 +110,7 @@ int ssh_options_copy(ssh_session src, ssh_session *dest) { return -1; } - rc = ssh_list_append(new->identity, id); + rc = ssh_list_append(new->opts.identity, id); if (rc < 0) { ssh_free(new); return -1; @@ -119,48 +119,48 @@ int ssh_options_copy(ssh_session src, ssh_session *dest) { } } - if (src->sshdir) { - new->sshdir = strdup(src->sshdir); - if (new->sshdir == NULL) { + if (src->opts.sshdir) { + new->opts.sshdir = strdup(src->opts.sshdir); + if (new->opts.sshdir == NULL) { ssh_free(new); return -1; } } - if (src->knownhosts) { - new->knownhosts = strdup(src->knownhosts); - if (new->knownhosts == NULL) { + if (src->opts.knownhosts) { + new->opts.knownhosts = strdup(src->opts.knownhosts); + if (new->opts.knownhosts == NULL) { ssh_free(new); return -1; } } for (i = 0; i < 10; ++i) { - if (src->wanted_methods[i]) { - new->wanted_methods[i] = strdup(src->wanted_methods[i]); - if (new->wanted_methods[i] == NULL) { + if (src->opts.wanted_methods[i]) { + new->opts.wanted_methods[i] = strdup(src->opts.wanted_methods[i]); + if (new->opts.wanted_methods[i] == NULL) { ssh_free(new); return -1; } } } - if(src->ProxyCommand) { - new->ProxyCommand = strdup(src->ProxyCommand); - if(new->ProxyCommand == NULL) { + if (src->opts.ProxyCommand) { + new->opts.ProxyCommand = strdup(src->opts.ProxyCommand); + if (new->opts.ProxyCommand == NULL) { ssh_free(new); return -1; } } - new->fd = src->fd; - new->port = src->port; - new->common.callbacks = src->common.callbacks; - new->timeout = src->timeout; - new->timeout_usec = src->timeout_usec; - new->ssh2 = src->ssh2; - new->ssh1 = src->ssh1; - new->common.log_verbosity = src->common.log_verbosity; - new->compressionlevel = src->compressionlevel; + new->opts.fd = src->opts.fd; + new->opts.port = src->opts.port; + new->opts.timeout = src->opts.timeout; + new->opts.timeout_usec = src->opts.timeout_usec; + new->opts.ssh2 = src->opts.ssh2; + new->opts.ssh1 = src->opts.ssh1; + new->opts.compressionlevel = src->opts.compressionlevel; + new->common.log_verbosity = src->common.log_verbosity; + new->common.callbacks = src->common.callbacks; *dest = new; @@ -176,9 +176,9 @@ int ssh_options_set_algo(ssh_session session, int algo, return -1; } - SAFE_FREE(session->wanted_methods[algo]); - session->wanted_methods[algo] = strdup(list); - if (session->wanted_methods[algo] == NULL) { + SAFE_FREE(session->opts.wanted_methods[algo]); + session->opts.wanted_methods[algo] = strdup(list); + if (session->opts.wanted_methods[algo] == NULL) { ssh_set_error_oom(session); return -1; } @@ -392,26 +392,26 @@ int ssh_options_set(ssh_session session, enum ssh_options_e type, } p = strchr(q, '@'); - SAFE_FREE(session->host); + SAFE_FREE(session->opts.host); if (p) { *p = '\0'; - session->host = strdup(p + 1); - if (session->host == NULL) { + session->opts.host = strdup(p + 1); + if (session->opts.host == NULL) { SAFE_FREE(q); ssh_set_error_oom(session); return -1; } - SAFE_FREE(session->username); - session->username = strdup(q); + SAFE_FREE(session->opts.username); + session->opts.username = strdup(q); SAFE_FREE(q); - if (session->username == NULL) { + if (session->opts.username == NULL) { ssh_set_error_oom(session); return -1; } } else { - session->host = q; + session->opts.host = q; } } break; @@ -426,7 +426,7 @@ int ssh_options_set(ssh_session session, enum ssh_options_e type, return -1; } - session->port = *x & 0xffff; + session->opts.port = *x & 0xffff; } break; case SSH_OPTIONS_PORT_STR: @@ -450,23 +450,23 @@ int ssh_options_set(ssh_session session, enum ssh_options_e type, return -1; } - session->port = i & 0xffff; + session->opts.port = i & 0xffff; } break; case SSH_OPTIONS_FD: if (value == NULL) { - session->fd = SSH_INVALID_SOCKET; + session->opts.fd = SSH_INVALID_SOCKET; ssh_set_error_invalid(session); return -1; } else { socket_t *x = (socket_t *) value; if (*x < 0) { - session->fd = SSH_INVALID_SOCKET; + session->opts.fd = SSH_INVALID_SOCKET; ssh_set_error_invalid(session); return -1; } - session->fd = *x & 0xffff; + session->opts.fd = *x & 0xffff; } break; case SSH_OPTIONS_BINDADDR: @@ -480,25 +480,25 @@ int ssh_options_set(ssh_session session, enum ssh_options_e type, if (q == NULL) { return -1; } - SAFE_FREE(session->bindaddr); - session->bindaddr = q; + SAFE_FREE(session->opts.bindaddr); + session->opts.bindaddr = q; break; case SSH_OPTIONS_USER: v = value; - SAFE_FREE(session->username); + SAFE_FREE(session->opts.username); if (v == NULL) { q = ssh_get_local_username(); if (q == NULL) { ssh_set_error_oom(session); return -1; } - session->username = q; + session->opts.username = q; } else if (v[0] == '\0') { ssh_set_error_oom(session); return -1; } else { /* username provided */ - session->username = strdup(value); - if (session->username == NULL) { + session->opts.username = strdup(value); + if (session->opts.username == NULL) { ssh_set_error_oom(session); return -1; } @@ -506,18 +506,18 @@ int ssh_options_set(ssh_session session, enum ssh_options_e type, break; case SSH_OPTIONS_SSH_DIR: v = value; - SAFE_FREE(session->sshdir); + SAFE_FREE(session->opts.sshdir); if (v == NULL) { - session->sshdir = ssh_path_expand_tilde("~/.ssh"); - if (session->sshdir == NULL) { + session->opts.sshdir = ssh_path_expand_tilde("~/.ssh"); + if (session->opts.sshdir == NULL) { return -1; } } else if (v[0] == '\0') { ssh_set_error_oom(session); return -1; } else { - session->sshdir = ssh_path_expand_tilde(v); - if (session->sshdir == NULL) { + session->opts.sshdir = ssh_path_expand_tilde(v); + if (session->opts.sshdir == NULL) { ssh_set_error_oom(session); return -1; } @@ -534,18 +534,18 @@ int ssh_options_set(ssh_session session, enum ssh_options_e type, if (q == NULL) { return -1; } - rc = ssh_list_prepend(session->identity, q); + rc = ssh_list_prepend(session->opts.identity, q); if (rc < 0) { return -1; } break; case SSH_OPTIONS_KNOWNHOSTS: v = value; - SAFE_FREE(session->knownhosts); + SAFE_FREE(session->opts.knownhosts); if (v == NULL) { - session->knownhosts = ssh_path_expand_escape(session, + session->opts.knownhosts = ssh_path_expand_escape(session, "%d/known_hosts"); - if (session->knownhosts == NULL) { + if (session->opts.knownhosts == NULL) { ssh_set_error_oom(session); return -1; } @@ -553,8 +553,8 @@ int ssh_options_set(ssh_session session, enum ssh_options_e type, ssh_set_error_invalid(session); return -1; } else { - session->knownhosts = strdup(v); - if (session->knownhosts == NULL) { + session->opts.knownhosts = strdup(v); + if (session->opts.knownhosts == NULL) { ssh_set_error_oom(session); return -1; } @@ -571,7 +571,7 @@ int ssh_options_set(ssh_session session, enum ssh_options_e type, return -1; } - session->timeout = *x & 0xffffffff; + session->opts.timeout = *x & 0xffffffff; } break; case SSH_OPTIONS_TIMEOUT_USEC: @@ -585,7 +585,7 @@ int ssh_options_set(ssh_session session, enum ssh_options_e type, return -1; } - session->timeout_usec = *x & 0xffffffff; + session->opts.timeout_usec = *x & 0xffffffff; } break; case SSH_OPTIONS_SSH1: @@ -599,7 +599,7 @@ int ssh_options_set(ssh_session session, enum ssh_options_e type, return -1; } - session->ssh1 = *x; + session->opts.ssh1 = *x; } break; case SSH_OPTIONS_SSH2: @@ -613,7 +613,7 @@ int ssh_options_set(ssh_session session, enum ssh_options_e type, return -1; } - session->ssh2 = *x & 0xffff; + session->opts.ssh2 = *x & 0xffff; } break; case SSH_OPTIONS_LOG_VERBOSITY: @@ -742,7 +742,7 @@ int ssh_options_set(ssh_session session, enum ssh_options_e type, ssh_set_error_invalid(session); return -1; } - session->compressionlevel = *x & 0xff; + session->opts.compressionlevel = *x & 0xff; } break; case SSH_OPTIONS_STRICTHOSTKEYCHECK: @@ -752,9 +752,9 @@ int ssh_options_set(ssh_session session, enum ssh_options_e type, } else { int *x = (int *) value; - session->StrictHostKeyChecking = (*x & 0xff) > 0 ? 1 : 0; + session->opts.StrictHostKeyChecking = (*x & 0xff) > 0 ? 1 : 0; } - session->StrictHostKeyChecking = *(int*)value; + session->opts.StrictHostKeyChecking = *(int*)value; break; case SSH_OPTIONS_PROXYCOMMAND: v = value; @@ -762,12 +762,12 @@ int ssh_options_set(ssh_session session, enum ssh_options_e type, ssh_set_error_invalid(session); return -1; } else { - SAFE_FREE(session->ProxyCommand); + SAFE_FREE(session->opts.ProxyCommand); q = strdup(v); if (q == NULL) { return -1; } - session->ProxyCommand = q; + session->opts.ProxyCommand = q; } break; default: @@ -797,11 +797,11 @@ int ssh_options_get_port(ssh_session session, unsigned int* port_target) { if (session == NULL) { return -1; } - if (!session->port) { + if (!session->opts.port) { ssh_set_error_invalid(session); return -1; } - *port_target = session->port; + *port_target = session->opts.port; return 0; } @@ -857,15 +857,15 @@ int ssh_options_get(ssh_session session, enum ssh_options_e type, char** value) switch(type) { case SSH_OPTIONS_HOST: { - src = session->host; + src = session->opts.host; break; } case SSH_OPTIONS_USER: { - src = session->username; + src = session->opts.username; break; } case SSH_OPTIONS_IDENTITY: { - src = ssh_iterator_value(char *, ssh_list_get_iterator(session->identity)); + src = ssh_iterator_value(char *, ssh_list_get_iterator(session->opts.identity)); break; } default: @@ -1082,12 +1082,12 @@ int ssh_options_parse_config(ssh_session session, const char *filename) { if (session == NULL) { return -1; } - if (session->host == NULL) { + if (session->opts.host == NULL) { ssh_set_error_invalid(session); return -1; } - if (session->sshdir == NULL) { + if (session->opts.sshdir == NULL) { r = ssh_options_set(session, SSH_OPTIONS_SSH_DIR, NULL); if (r < 0) { ssh_set_error_oom(session); @@ -1123,41 +1123,41 @@ int ssh_options_apply(ssh_session session) { char *tmp; int rc; - if (session->sshdir == NULL) { + if (session->opts.sshdir == NULL) { rc = ssh_options_set(session, SSH_OPTIONS_SSH_DIR, NULL); if (rc < 0) { return -1; } } - if (session->username == NULL) { + if (session->opts.username == NULL) { rc = ssh_options_set(session, SSH_OPTIONS_USER, NULL); if (rc < 0) { return -1; } } - if (session->knownhosts == NULL) { + if (session->opts.knownhosts == NULL) { tmp = ssh_path_expand_escape(session, "%d/known_hosts"); } else { - tmp = ssh_path_expand_escape(session, session->knownhosts); + tmp = ssh_path_expand_escape(session, session->opts.knownhosts); } if (tmp == NULL) { return -1; } - free(session->knownhosts); - session->knownhosts = tmp; + free(session->opts.knownhosts); + session->opts.knownhosts = tmp; - if (session->ProxyCommand != NULL) { - tmp = ssh_path_expand_escape(session, session->ProxyCommand); + if (session->opts.ProxyCommand != NULL) { + tmp = ssh_path_expand_escape(session, session->opts.ProxyCommand); if (tmp == NULL) { return -1; } - free(session->ProxyCommand); - session->ProxyCommand = tmp; + free(session->opts.ProxyCommand); + session->opts.ProxyCommand = tmp; } - for (it = ssh_list_get_iterator(session->identity); + for (it = ssh_list_get_iterator(session->opts.identity); it != NULL; it = it->next) { char *id = (char *) it->data; diff --git a/src/packet_cb.c b/src/packet_cb.c index 764f568..df284ef 100644 --- a/src/packet_cb.c +++ b/src/packet_cb.c @@ -161,15 +161,15 @@ SSH_PACKET_CALLBACK(ssh_packet_newkeys){ } /* check if public key from server matches user preferences */ - if (session->wanted_methods[SSH_HOSTKEYS]) { - if(!ssh_match_group(session->wanted_methods[SSH_HOSTKEYS], + if (session->opts.wanted_methods[SSH_HOSTKEYS]) { + if(!ssh_match_group(session->opts.wanted_methods[SSH_HOSTKEYS], key->type_c)) { ssh_set_error(session, SSH_FATAL, "Public key from server (%s) doesn't match user " "preference (%s)", key->type_c, - session->wanted_methods[SSH_HOSTKEYS]); + session->opts.wanted_methods[SSH_HOSTKEYS]); ssh_key_free(key); return -1; } diff --git a/src/server.c b/src/server.c index 3f7721b..5f1d823 100644 --- a/src/server.c +++ b/src/server.c @@ -105,7 +105,7 @@ static int server_set_kex(ssh_session session) { } for (i = 0; i < 10; i++) { - if ((wanted = session->wanted_methods[i]) == NULL) { + if ((wanted = session->opts.wanted_methods[i]) == NULL) { wanted = supported_methods[i]; } server->methods[i] = strdup(wanted); @@ -322,11 +322,11 @@ static void ssh_server_connection_callback(ssh_session session){ goto error; } /* Here we decide which version of the protocol to use. */ - if (ssh2 && session->ssh2) { + if (ssh2 && session->opts.ssh2) { session->version = 2; - } else if(ssh1 && session->ssh1) { + } else if (ssh1 && session->opts.ssh1) { session->version = 1; - } else if(ssh1 && !session->ssh1){ + } else if (ssh1 && !session->opts.ssh1) { #ifdef WITH_SSH1 ssh_set_error(session, SSH_FATAL, "SSH-1 protocol not available (configure session to allow SSH-1)"); diff --git a/src/session.c b/src/session.c index 6bcc3f6..1e81edc 100644 --- a/src/session.c +++ b/src/session.c @@ -92,18 +92,6 @@ ssh_session ssh_new(void) { session->common.log_indent = 0; session->maxchannel = FIRST_CHANNEL; - /* options */ - session->StrictHostKeyChecking = 1; - session->port = 22; - session->fd = -1; - session->ssh2 = 1; - session->compressionlevel=7; -#ifdef WITH_SSH1 - session->ssh1 = 1; -#else - session->ssh1 = 0; -#endif - #ifndef _WIN32 session->agent = agent_new(session); if (session->agent == NULL) { @@ -111,8 +99,20 @@ ssh_session ssh_new(void) { } #endif /* _WIN32 */ - session->identity = ssh_list_new(); - if (session->identity == NULL) { + /* OPTIONS */ + session->opts.StrictHostKeyChecking = 1; + session->opts.port = 22; + session->opts.fd = -1; + session->opts.ssh2 = 1; + session->opts.compressionlevel=7; +#ifdef WITH_SSH1 + session->opts.ssh1 = 1; +#else + session->opts.ssh1 = 0; +#endif + + session->opts.identity = ssh_list_new(); + if (session->opts.identity == NULL) { goto err; } @@ -120,7 +120,7 @@ ssh_session ssh_new(void) { if (id == NULL) { goto err; } - rc = ssh_list_append(session->identity, id); + rc = ssh_list_append(session->opts.identity, id); if (rc == SSH_ERROR) { goto err; } @@ -129,7 +129,7 @@ ssh_session ssh_new(void) { if (id == NULL) { goto err; } - rc = ssh_list_append(session->identity, id); + rc = ssh_list_append(session->opts.identity, id); if (rc == SSH_ERROR) { goto err; } @@ -138,7 +138,7 @@ ssh_session ssh_new(void) { if (id == NULL) { goto err; } - rc = ssh_list_append(session->identity, id); + rc = ssh_list_append(session->opts.identity, id); if (rc == SSH_ERROR) { goto err; } @@ -169,7 +169,6 @@ void ssh_free(ssh_session session) { SAFE_FREE(session->serverbanner); SAFE_FREE(session->clientbanner); - SAFE_FREE(session->bindaddr); SAFE_FREE(session->banner); #ifdef WITH_PCAP if(session->pcap_ctx){ @@ -216,28 +215,29 @@ void ssh_free(ssh_session session) { if (session->packet_callbacks) ssh_list_free(session->packet_callbacks); - if (session->identity) { - char *id; - - for (id = ssh_list_pop_head(char *, session->identity); - id != NULL; - id = ssh_list_pop_head(char *, session->identity)) { - SAFE_FREE(id); - } - ssh_list_free(session->identity); + /* options */ + if (session->opts.identity) { + char *id; + + for (id = ssh_list_pop_head(char *, session->opts.identity); + id != NULL; + id = ssh_list_pop_head(char *, session->opts.identity)) { + SAFE_FREE(id); + } + ssh_list_free(session->opts.identity); } - /* options */ - SAFE_FREE(session->username); - SAFE_FREE(session->host); - SAFE_FREE(session->sshdir); - SAFE_FREE(session->knownhosts); - SAFE_FREE(session->ProxyCommand); + SAFE_FREE(session->opts.bindaddr); + SAFE_FREE(session->opts.username); + SAFE_FREE(session->opts.host); + SAFE_FREE(session->opts.sshdir); + SAFE_FREE(session->opts.knownhosts); + SAFE_FREE(session->opts.ProxyCommand); for (i = 0; i < 10; i++) { - if (session->wanted_methods[i]) { - SAFE_FREE(session->wanted_methods[i]); - } + if (session->opts.wanted_methods[i]) { + SAFE_FREE(session->opts.wanted_methods[i]); + } } /* burn connection, it could hang sensitive datas */ @@ -461,7 +461,8 @@ int ssh_handle_packets(ssh_session session, int timeout) { if (timeout == SSH_TIMEOUT_USER) { if (ssh_is_blocking(session)) - tm = ssh_make_milliseconds(session->timeout, session->timeout_usec); + tm = ssh_make_milliseconds(session->opts.timeout, + session->opts.timeout_usec); else tm = 0; } @@ -503,7 +504,8 @@ int ssh_handle_packets_termination(ssh_session session, int timeout, int tm; if (timeout == SSH_TIMEOUT_USER) { if (ssh_is_blocking(session)) - timeout = ssh_make_milliseconds(session->timeout, session->timeout_usec); + timeout = ssh_make_milliseconds(session->opts.timeout, + session->opts.timeout_usec); else timeout = SSH_TIMEOUT_NONBLOCKING; } diff --git a/tests/unittests/torture_misc.c b/tests/unittests/torture_misc.c index f95f866..2677032 100644 --- a/tests/unittests/torture_misc.c +++ b/tests/unittests/torture_misc.c @@ -141,9 +141,9 @@ static void torture_path_expand_escape(void **state) { const char *s = "%d/%h/by/%r"; char *e; - session->sshdir = strdup("guru"); - session->host = strdup("meditation"); - session->username = strdup("root"); + session->opts.sshdir = strdup("guru"); + session->opts.host = strdup("meditation"); + session->opts.username = strdup("root"); e = ssh_path_expand_escape(session, s); assert_string_equal(e, "guru/meditation/by/root"); @@ -154,7 +154,7 @@ static void torture_path_expand_known_hosts(void **state) { ssh_session session = *state; char *tmp; - session->sshdir = strdup("/home/guru/.ssh"); + session->opts.sshdir = strdup("/home/guru/.ssh"); tmp = ssh_path_expand_escape(session, "%d/known_hosts"); assert_string_equal(tmp, "/home/guru/.ssh/known_hosts"); diff --git a/tests/unittests/torture_options.c b/tests/unittests/torture_options.c index b90d163..faa8ac2 100644 --- a/tests/unittests/torture_options.c +++ b/tests/unittests/torture_options.c @@ -24,12 +24,12 @@ static void torture_options_set_host(void **state) { rc = ssh_options_set(session, SSH_OPTIONS_HOST, "localhost"); assert_true(rc == 0); - assert_string_equal(session->host, "localhost"); + assert_string_equal(session->opts.host, "localhost"); rc = ssh_options_set(session, SSH_OPTIONS_HOST, "guru@meditation"); assert_true(rc == 0); - assert_string_equal(session->host, "meditation"); - assert_string_equal(session->username, "guru"); + assert_string_equal(session->opts.host, "meditation"); + assert_string_equal(session->opts.username, "guru"); } static void torture_options_get_host(void **state) { @@ -39,7 +39,7 @@ static void torture_options_get_host(void **state) { rc = ssh_options_set(session, SSH_OPTIONS_HOST, "localhost"); assert_true(rc == 0); - assert_string_equal(session->host, "localhost"); + assert_string_equal(session->opts.host, "localhost"); assert_false(ssh_options_get(session, SSH_OPTIONS_HOST, &host)); @@ -53,11 +53,11 @@ static void torture_options_set_port(void **state) { rc = ssh_options_set(session, SSH_OPTIONS_PORT, &port); assert_true(rc == 0); - assert_true(session->port == port); + assert_true(session->opts.port == port); rc = ssh_options_set(session, SSH_OPTIONS_PORT_STR, "23"); assert_true(rc == 0); - assert_true(session->port == 23); + assert_true(session->opts.port == 23); rc = ssh_options_set(session, SSH_OPTIONS_PORT_STR, "five"); assert_true(rc == -1); @@ -95,11 +95,11 @@ static void torture_options_set_fd(void **state) { rc = ssh_options_set(session, SSH_OPTIONS_FD, &fd); assert_true(rc == 0); - assert_true(session->fd == fd); + assert_true(session->opts.fd == fd); rc = ssh_options_set(session, SSH_OPTIONS_FD, NULL); assert_true(rc == SSH_ERROR); - assert_true(session->fd == SSH_INVALID_SOCKET); + assert_true(session->opts.fd == SSH_INVALID_SOCKET); } static void torture_options_set_user(void **state) { @@ -120,14 +120,14 @@ static void torture_options_set_user(void **state) { rc = ssh_options_set(session, SSH_OPTIONS_USER, "guru"); assert_true(rc == 0); - assert_string_equal(session->username, "guru"); + assert_string_equal(session->opts.username, "guru"); rc = ssh_options_set(session, SSH_OPTIONS_USER, NULL); assert_true(rc == 0); #ifndef _WIN32 - assert_string_equal(session->username, pwd.pw_name); + assert_string_equal(session->opts.username, pwd.pw_name); #endif } @@ -145,12 +145,12 @@ static void torture_options_set_identity(void **state) { rc = ssh_options_set(session, SSH_OPTIONS_ADD_IDENTITY, "identity1"); assert_true(rc == 0); - assert_string_equal(session->identity->root->data, "identity1"); + assert_string_equal(session->opts.identity->root->data, "identity1"); rc = ssh_options_set(session, SSH_OPTIONS_IDENTITY, "identity2"); assert_true(rc == 0); - assert_string_equal(session->identity->root->data, "identity2"); - assert_string_equal(session->identity->root->next->data, "identity1"); + assert_string_equal(session->opts.identity->root->data, "identity2"); + assert_string_equal(session->opts.identity->root->next->data, "identity1"); } static void torture_options_get_identity(void **state) { @@ -166,7 +166,7 @@ static void torture_options_get_identity(void **state) { rc = ssh_options_set(session, SSH_OPTIONS_IDENTITY, "identity2"); assert_true(rc == 0); - assert_string_equal(session->identity->root->data, "identity2"); + assert_string_equal(session->opts.identity->root->data, "identity2"); rc = ssh_options_get(session, SSH_OPTIONS_IDENTITY, &identity); assert_true(rc == SSH_OK); assert_string_equal(identity, "identity2"); |