nhyatt/putty-source
1
0
Fork 0
mirror of https://git.tartarus.org/simon/putty.git synced 2025-01-09 17:38:00 +00:00
Code Issues Projects Releases Wiki Activity

Start of an SSH-server-specific config structure.

Browse Source 
This is much simpler than Conf, because I don't expect to have to copy
it around, load or save it to disk (or the Windows registry), or
serialise it between processes. So it can be a straightforward struct.

As yet there's nothing actually _in_ it. I've just created the
structure and arranged to pass it through to all the SSH layers. But
now it's here, it will be a place I can add configuration items as I
find I need them.
This commit is contained in:
Simon Tatham 2019-03-28 18:29:13 +00:00
parent 4d69032d2c
commit 8a884eaef9
14 changed files with 57 additions and 17 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
defs.h
View File

@ -79,6 +79,7 @@ typedef struct MontgomeryPoint MontgomeryPoint;
typedef struct EdwardsCurve EdwardsCurve;
typedef struct EdwardsPoint EdwardsPoint;
typedef struct SshServerConfig SshServerConfig;
typedef struct SftpServer SftpServer;
typedef struct SftpServerVtable SftpServerVtable;

2
ssh.c
View File

@ -283,7 +283,7 @@ static void ssh_got_ssh_version(struct ssh_version_receiver *rcv,
#else
NULL,
#endif
&ssh->stats, transport_child_layer, false);
&ssh->stats, transport_child_layer, NULL);
ssh_connect_ppl(ssh, ssh->base_layer);
if (userauth_layer)

8
ssh1connection-server.c
View File

@ -45,6 +45,14 @@ static const struct SshChannelVtable ssh1sesschan_vtable = {
NULL /* hint_channel_is_simple */,
};
void ssh1connection_server_configure(
PacketProtocolLayer *ppl, const SshServerConfig *ssc)
{
struct ssh1_connection_state *s =
container_of(ppl, struct ssh1_connection_state, ppl);
s->ssc = ssc;
}
void ssh1_connection_direction_specific_setup(
struct ssh1_connection_state *s)
{

2
ssh1connection.h
View File

@ -52,6 +52,8 @@ struct ssh1_connection_state {
bool compressing; /* used in server mode only */
bool sent_exit_status; /* also for server mode */
const SshServerConfig *ssc;
ConnectionLayer cl;
PacketProtocolLayer ppl;
};

5
ssh1login-server.c
View File

@ -17,6 +17,8 @@ struct ssh1_login_server_state {
PacketProtocolLayer *successor_layer;
const SshServerConfig *ssc;
int remote_protoflags;
int local_protoflags;
unsigned long supported_ciphers_mask, supported_auths_mask;
@ -70,12 +72,13 @@ static void no_progress(void *param, int action, int phase, int iprogress) {}
PacketProtocolLayer *ssh1_login_server_new(
PacketProtocolLayer *successor_layer, RSAKey *hostkey,
AuthPolicy *authpolicy)
AuthPolicy *authpolicy, const SshServerConfig *ssc)
{
struct ssh1_login_server_state *s = snew(struct ssh1_login_server_state);
memset(s, 0, sizeof(*s));
s->ppl.vt = &ssh1_login_server_vtable;
s->ssc = ssc;
s->hostkey = hostkey;
s->authpolicy = authpolicy;

4
ssh2connection-server.c
View File

@ -14,11 +14,13 @@
#include "sshserver.h"
void ssh2connection_server_configure(
PacketProtocolLayer *ppl, const SftpServerVtable *sftpserver_vt)
PacketProtocolLayer *ppl, const SftpServerVtable *sftpserver_vt,
const SshServerConfig *ssc)
{
struct ssh2_connection_state *s =
container_of(ppl, struct ssh2_connection_state, ppl);
s->sftpserver_vt = sftpserver_vt;
s->ssc = ssc;
}
static ChanopenResult chan_open_session(

1
ssh2connection.h
View File

@ -41,6 +41,7 @@ struct ssh2_connection_state {
int antispoof_ret;
const SftpServerVtable *sftpserver_vt;
const SshServerConfig *ssc;
/*
* These store the list of global requests that we're waiting for

5
ssh2transport.c
View File

@ -115,7 +115,7 @@ PacketProtocolLayer *ssh2_transport_new(
const char *client_greeting, const char *server_greeting,
struct ssh_connection_shared_gss_state *shgss,
struct DataTransferStats *stats, PacketProtocolLayer *higher_layer,
bool is_server)
const SshServerConfig *ssc)
{
struct ssh2_transport_state *s = snew(struct ssh2_transport_state);
memset(s, 0, sizeof(*s));
@ -151,7 +151,8 @@ PacketProtocolLayer *ssh2_transport_new(
s->outgoing_kexinit = strbuf_new();
s->incoming_kexinit = strbuf_new();
if (is_server) {
if (ssc) {
s->ssc = ssc;
s->client_kexinit = s->incoming_kexinit;
s->server_kexinit = s->outgoing_kexinit;
s->out.mkkey_adjust = 1;

2
ssh2transport.h
View File

@ -139,6 +139,8 @@ struct ssh2_transport_state {
struct DataTransferStats *stats;
const SshServerConfig *ssc;
char *client_greeting, *server_greeting;
bool kex_in_progress;

5
ssh2userauth-server.c
View File

@ -24,6 +24,7 @@ struct ssh2_userauth_server_state {
ptrlen session_id;
AuthPolicy *authpolicy;
const SshServerConfig *ssc;
ptrlen username, service, method;
unsigned methods, this_method;
@ -64,7 +65,8 @@ static void free_auth_kbdint(AuthKbdInt *aki)
}
PacketProtocolLayer *ssh2_userauth_server_new(
PacketProtocolLayer *successor_layer, AuthPolicy *authpolicy)
PacketProtocolLayer *successor_layer, AuthPolicy *authpolicy,
const SshServerConfig *ssc)
{
struct ssh2_userauth_server_state *s =
snew(struct ssh2_userauth_server_state);
@ -73,6 +75,7 @@ PacketProtocolLayer *ssh2_userauth_server_new(
s->successor_layer = successor_layer;
s->authpolicy = authpolicy;
s->ssc = ssc;
return &s->ppl;
}

2
sshppl.h
View File

@ -103,7 +103,7 @@ PacketProtocolLayer *ssh2_transport_new(
const char *client_greeting, const char *server_greeting,
struct ssh_connection_shared_gss_state *shgss,
struct DataTransferStats *stats, PacketProtocolLayer *higher_layer,
bool is_server);
const SshServerConfig *ssc);
PacketProtocolLayer *ssh2_userauth_new(
PacketProtocolLayer *successor_layer,
const char *hostname, const char *fullhostname,

15
sshserver.c
View File

@ -36,6 +36,7 @@ struct server {
bool frozen;
Conf *conf;
const SshServerConfig *ssc;
ssh_key *const *hostkeys;
int nhostkeys;
RSAKey *hostkey1;
@ -223,7 +224,8 @@ static const PlugVtable ssh_server_plugvt = {
};
Plug *ssh_server_plug(
Conf *conf, ssh_key *const *hostkeys, int nhostkeys,
Conf *conf, const SshServerConfig *ssc,
ssh_key *const *hostkeys, int nhostkeys,
RSAKey *hostkey1, AuthPolicy *authpolicy, LogPolicy *logpolicy,
const SftpServerVtable *sftpserver_vt)
{
@ -233,6 +235,7 @@ Plug *ssh_server_plug(
srv->plug.vt = &ssh_server_plugvt;
srv->conf = conf_copy(conf);
srv->ssc = ssc;
srv->logctx = log_init(logpolicy, conf);
conf_set_bool(srv->conf, CONF_ssh_no_shell, true);
srv->nhostkeys = nhostkeys;
@ -431,7 +434,8 @@ static void server_got_ssh_version(struct ssh_version_receiver *rcv,
connection_layer = ssh2_connection_new(
&srv->ssh, NULL, false, srv->conf,
ssh_verstring_get_local(old_bpp), &srv->cl);
ssh2connection_server_configure(connection_layer, srv->sftpserver_vt);
ssh2connection_server_configure(connection_layer,
srv->sftpserver_vt, srv->ssc);
server_connect_ppl(srv, connection_layer);
if (conf_get_bool(srv->conf, CONF_ssh_no_userauth)) {
@ -439,7 +443,7 @@ static void server_got_ssh_version(struct ssh_version_receiver *rcv,
transport_child_layer = connection_layer;
} else {
userauth_layer = ssh2_userauth_server_new(
connection_layer, srv->authpolicy);
connection_layer, srv->authpolicy, srv->ssc);
server_connect_ppl(srv, userauth_layer);
transport_child_layer = userauth_layer;
}
@ -453,7 +457,7 @@ static void server_got_ssh_version(struct ssh_version_receiver *rcv,
#else
NULL,
#endif
&srv->stats, transport_child_layer, true);
&srv->stats, transport_child_layer, srv->ssc);
ssh2_transport_provide_hostkeys(
srv->base_layer, srv->hostkeys, srv->nhostkeys);
if (userauth_layer)
@ -466,10 +470,11 @@ static void server_got_ssh_version(struct ssh_version_receiver *rcv,
server_connect_bpp(srv);
connection_layer = ssh1_connection_new(&srv->ssh, srv->conf, &srv->cl);
ssh1connection_server_configure(connection_layer, srv->ssc);
server_connect_ppl(srv, connection_layer);
srv->base_layer = ssh1_login_server_new(
connection_layer, srv->hostkey1, srv->authpolicy);
connection_layer, srv->hostkey1, srv->authpolicy, srv->ssc);
server_connect_ppl(srv, srv->base_layer);
}

17
sshserver.h
View File

@ -1,7 +1,12 @@
typedef struct AuthPolicy AuthPolicy;
struct SshServerConfig {
int dummy; /* no fields in here yet */
};
Plug *ssh_server_plug(
Conf *conf, ssh_key *const *hostkeys, int nhostkeys,
Conf *conf, const SshServerConfig *ssc,
ssh_key *const *hostkeys, int nhostkeys,
RSAKey *hostkey1, AuthPolicy *authpolicy, LogPolicy *logpolicy,
const SftpServerVtable *sftpserver_vt);
void ssh_server_start(Plug *plug, Socket *socket);
@ -67,16 +72,20 @@ RSAKey *auth_publickey_ssh1(
bool auth_successful(AuthPolicy *, ptrlen username, unsigned method);
PacketProtocolLayer *ssh2_userauth_server_new(
PacketProtocolLayer *successor_layer, AuthPolicy *authpolicy);
PacketProtocolLayer *successor_layer, AuthPolicy *authpolicy,
const SshServerConfig *ssc);
void ssh2_userauth_server_set_transport_layer(
PacketProtocolLayer *userauth, PacketProtocolLayer *transport);
void ssh2connection_server_configure(
PacketProtocolLayer *ppl, const SftpServerVtable *sftpserver_vt);
PacketProtocolLayer *ppl, const SftpServerVtable *sftpserver_vt,
const SshServerConfig *ssc);
void ssh1connection_server_configure(
PacketProtocolLayer *ppl, const SshServerConfig *ssc);
PacketProtocolLayer *ssh1_login_server_new(
PacketProtocolLayer *successor_layer, RSAKey *hostkey,
AuthPolicy *authpolicy);
AuthPolicy *authpolicy, const SshServerConfig *ssc);
Channel *sesschan_new(SshChannel *c, LogContext *logctx,
const SftpServerVtable *sftpserver_vt);

5
unix/uxserver.c
View File

@ -366,6 +366,7 @@ int main(int argc, char **argv)
RSAKey *hostkey1 = NULL;
AuthPolicy ap;
SshServerConfig ssc;
Conf *conf = conf_new();
load_open_settings(NULL, conf);
@ -374,6 +375,8 @@ int main(int argc, char **argv)
ap.ssh1keys = NULL;
ap.ssh2keys = NULL;
memset(&ssc, 0, sizeof(ssc));
if (argc <= 1) {
/*
* We're going to terminate with an error message below,
@ -548,7 +551,7 @@ int main(int argc, char **argv)
{
Plug *plug = ssh_server_plug(
conf, hostkeys, nhostkeys, hostkey1, &ap, server_logpolicy,
conf, &ssc, hostkeys, nhostkeys, hostkey1, &ap, server_logpolicy,
&unix_live_sftpserver_vt);
ssh_server_start(plug, make_fd_socket(0, 1, -1, plug));
}