nhyatt/putty-source
1
0
Fork 0
mirror of https://git.tartarus.org/simon/putty.git synced 2025-01-10 01:48:00 +00:00
Code Issues Projects Releases Wiki Activity

Start of an SSH-server-specific config structure.

Browse Source 
This is much simpler than Conf, because I don't expect to have to copy
it around, load or save it to disk (or the Windows registry), or
serialise it between processes. So it can be a straightforward struct.

As yet there's nothing actually _in_ it. I've just created the
structure and arranged to pass it through to all the SSH layers. But
now it's here, it will be a place I can add configuration items as I
find I need them.
This commit is contained in:
Simon Tatham 2019-03-28 18:29:13 +00:00
parent 4d69032d2c
commit 8a884eaef9
14 changed files with 57 additions and 17 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
defs.h
View File

@ -79,6 +79,7 @@ typedef struct MontgomeryPoint MontgomeryPoint;
typedef struct EdwardsCurve EdwardsCurve; typedef struct EdwardsCurve EdwardsCurve;
typedef struct EdwardsPoint EdwardsPoint; typedef struct EdwardsPoint EdwardsPoint;
typedef struct SshServerConfig SshServerConfig;
typedef struct SftpServer SftpServer; typedef struct SftpServer SftpServer;
typedef struct SftpServerVtable SftpServerVtable; typedef struct SftpServerVtable SftpServerVtable;

2
ssh.c
View File

@ -283,7 +283,7 @@ static void ssh_got_ssh_version(struct ssh_version_receiver *rcv,
#else #else
NULL, NULL,
#endif #endif
&ssh->stats, transport_child_layer, false); &ssh->stats, transport_child_layer, NULL);
ssh_connect_ppl(ssh, ssh->base_layer); ssh_connect_ppl(ssh, ssh->base_layer);
if (userauth_layer) if (userauth_layer)

8
ssh1connection-server.c
View File

@ -45,6 +45,14 @@ static const struct SshChannelVtable ssh1sesschan_vtable = {
NULL /* hint_channel_is_simple */, NULL /* hint_channel_is_simple */,
}; };
void ssh1connection_server_configure(
PacketProtocolLayer *ppl, const SshServerConfig *ssc)
{
struct ssh1_connection_state *s =
container_of(ppl, struct ssh1_connection_state, ppl);
s->ssc = ssc;
}
void ssh1_connection_direction_specific_setup( void ssh1_connection_direction_specific_setup(
struct ssh1_connection_state *s) struct ssh1_connection_state *s)
{ {

2
ssh1connection.h
View File

@ -52,6 +52,8 @@ struct ssh1_connection_state {
bool compressing; /* used in server mode only */ bool compressing; /* used in server mode only */
bool sent_exit_status; /* also for server mode */ bool sent_exit_status; /* also for server mode */
const SshServerConfig *ssc;
ConnectionLayer cl; ConnectionLayer cl;
PacketProtocolLayer ppl; PacketProtocolLayer ppl;
}; };

5
ssh1login-server.c
View File

@ -17,6 +17,8 @@ struct ssh1_login_server_state {
PacketProtocolLayer *successor_layer; PacketProtocolLayer *successor_layer;
const SshServerConfig *ssc;
int remote_protoflags; int remote_protoflags;
int local_protoflags; int local_protoflags;
unsigned long supported_ciphers_mask, supported_auths_mask; unsigned long supported_ciphers_mask, supported_auths_mask;
@ -70,12 +72,13 @@ static void no_progress(void *param, int action, int phase, int iprogress) {}
PacketProtocolLayer *ssh1_login_server_new( PacketProtocolLayer *ssh1_login_server_new(
PacketProtocolLayer *successor_layer, RSAKey *hostkey, PacketProtocolLayer *successor_layer, RSAKey *hostkey,
AuthPolicy *authpolicy) AuthPolicy *authpolicy, const SshServerConfig *ssc)
{ {
struct ssh1_login_server_state *s = snew(struct ssh1_login_server_state); struct ssh1_login_server_state *s = snew(struct ssh1_login_server_state);
memset(s, 0, sizeof(*s)); memset(s, 0, sizeof(*s));
s->ppl.vt = &ssh1_login_server_vtable; s->ppl.vt = &ssh1_login_server_vtable;
s->ssc = ssc;
s->hostkey = hostkey; s->hostkey = hostkey;
s->authpolicy = authpolicy; s->authpolicy = authpolicy;

4
ssh2connection-server.c
View File

@ -14,11 +14,13 @@
#include "sshserver.h" #include "sshserver.h"
void ssh2connection_server_configure( void ssh2connection_server_configure(
PacketProtocolLayer *ppl, const SftpServerVtable *sftpserver_vt) PacketProtocolLayer *ppl, const SftpServerVtable *sftpserver_vt,
const SshServerConfig *ssc)
{ {
struct ssh2_connection_state *s = struct ssh2_connection_state *s =
container_of(ppl, struct ssh2_connection_state, ppl); container_of(ppl, struct ssh2_connection_state, ppl);
s->sftpserver_vt = sftpserver_vt; s->sftpserver_vt = sftpserver_vt;
s->ssc = ssc;
} }
static ChanopenResult chan_open_session( static ChanopenResult chan_open_session(

1
ssh2connection.h
View File

@ -41,6 +41,7 @@ struct ssh2_connection_state {
int antispoof_ret; int antispoof_ret;
const SftpServerVtable *sftpserver_vt; const SftpServerVtable *sftpserver_vt;
const SshServerConfig *ssc;
/* /*
* These store the list of global requests that we're waiting for * These store the list of global requests that we're waiting for

5
ssh2transport.c
View File

@ -115,7 +115,7 @@ PacketProtocolLayer *ssh2_transport_new(
const char *client_greeting, const char *server_greeting, const char *client_greeting, const char *server_greeting,
struct ssh_connection_shared_gss_state *shgss, struct ssh_connection_shared_gss_state *shgss,
struct DataTransferStats *stats, PacketProtocolLayer *higher_layer, struct DataTransferStats *stats, PacketProtocolLayer *higher_layer,
bool is_server) const SshServerConfig *ssc)
{ {
struct ssh2_transport_state *s = snew(struct ssh2_transport_state); struct ssh2_transport_state *s = snew(struct ssh2_transport_state);
memset(s, 0, sizeof(*s)); memset(s, 0, sizeof(*s));
@ -151,7 +151,8 @@ PacketProtocolLayer *ssh2_transport_new(
s->outgoing_kexinit = strbuf_new(); s->outgoing_kexinit = strbuf_new();
s->incoming_kexinit = strbuf_new(); s->incoming_kexinit = strbuf_new();
if (is_server) { if (ssc) {
s->ssc = ssc;
s->client_kexinit = s->incoming_kexinit; s->client_kexinit = s->incoming_kexinit;
s->server_kexinit = s->outgoing_kexinit; s->server_kexinit = s->outgoing_kexinit;
s->out.mkkey_adjust = 1; s->out.mkkey_adjust = 1;

2
ssh2transport.h
View File

@ -139,6 +139,8 @@ struct ssh2_transport_state {
struct DataTransferStats *stats; struct DataTransferStats *stats;
const SshServerConfig *ssc;
char *client_greeting, *server_greeting; char *client_greeting, *server_greeting;
bool kex_in_progress; bool kex_in_progress;

5
ssh2userauth-server.c
View File

@ -24,6 +24,7 @@ struct ssh2_userauth_server_state {
ptrlen session_id; ptrlen session_id;
AuthPolicy *authpolicy; AuthPolicy *authpolicy;
const SshServerConfig *ssc;
ptrlen username, service, method; ptrlen username, service, method;
unsigned methods, this_method; unsigned methods, this_method;
@ -64,7 +65,8 @@ static void free_auth_kbdint(AuthKbdInt *aki)
} }
PacketProtocolLayer *ssh2_userauth_server_new( PacketProtocolLayer *ssh2_userauth_server_new(
PacketProtocolLayer *successor_layer, AuthPolicy *authpolicy) PacketProtocolLayer *successor_layer, AuthPolicy *authpolicy,
const SshServerConfig *ssc)
{ {
struct ssh2_userauth_server_state *s = struct ssh2_userauth_server_state *s =
snew(struct ssh2_userauth_server_state); snew(struct ssh2_userauth_server_state);
@ -73,6 +75,7 @@ PacketProtocolLayer *ssh2_userauth_server_new(
s->successor_layer = successor_layer; s->successor_layer = successor_layer;
s->authpolicy = authpolicy; s->authpolicy = authpolicy;
s->ssc = ssc;
return &s->ppl; return &s->ppl;
} }

2
sshppl.h
View File

@ -103,7 +103,7 @@ PacketProtocolLayer *ssh2_transport_new(
const char *client_greeting, const char *server_greeting, const char *client_greeting, const char *server_greeting,
struct ssh_connection_shared_gss_state *shgss, struct ssh_connection_shared_gss_state *shgss,
struct DataTransferStats *stats, PacketProtocolLayer *higher_layer, struct DataTransferStats *stats, PacketProtocolLayer *higher_layer,
bool is_server); const SshServerConfig *ssc);
PacketProtocolLayer *ssh2_userauth_new( PacketProtocolLayer *ssh2_userauth_new(
PacketProtocolLayer *successor_layer, PacketProtocolLayer *successor_layer,
const char *hostname, const char *fullhostname, const char *hostname, const char *fullhostname,

15
sshserver.c
View File

@ -36,6 +36,7 @@ struct server {
bool frozen; bool frozen;
Conf *conf; Conf *conf;
const SshServerConfig *ssc;
ssh_key *const *hostkeys; ssh_key *const *hostkeys;
int nhostkeys; int nhostkeys;
RSAKey *hostkey1; RSAKey *hostkey1;
@ -223,7 +224,8 @@ static const PlugVtable ssh_server_plugvt = {
}; };
Plug *ssh_server_plug( Plug *ssh_server_plug(
Conf *conf, ssh_key *const *hostkeys, int nhostkeys, Conf *conf, const SshServerConfig *ssc,
ssh_key *const *hostkeys, int nhostkeys,
RSAKey *hostkey1, AuthPolicy *authpolicy, LogPolicy *logpolicy, RSAKey *hostkey1, AuthPolicy *authpolicy, LogPolicy *logpolicy,
const SftpServerVtable *sftpserver_vt) const SftpServerVtable *sftpserver_vt)
{ {
@ -233,6 +235,7 @@ Plug *ssh_server_plug(
srv->plug.vt = &ssh_server_plugvt; srv->plug.vt = &ssh_server_plugvt;
srv->conf = conf_copy(conf); srv->conf = conf_copy(conf);
srv->ssc = ssc;
srv->logctx = log_init(logpolicy, conf); srv->logctx = log_init(logpolicy, conf);
conf_set_bool(srv->conf, CONF_ssh_no_shell, true); conf_set_bool(srv->conf, CONF_ssh_no_shell, true);
srv->nhostkeys = nhostkeys; srv->nhostkeys = nhostkeys;
@ -431,7 +434,8 @@ static void server_got_ssh_version(struct ssh_version_receiver *rcv,
connection_layer = ssh2_connection_new( connection_layer = ssh2_connection_new(
&srv->ssh, NULL, false, srv->conf, &srv->ssh, NULL, false, srv->conf,
ssh_verstring_get_local(old_bpp), &srv->cl); ssh_verstring_get_local(old_bpp), &srv->cl);
ssh2connection_server_configure(connection_layer, srv->sftpserver_vt); ssh2connection_server_configure(connection_layer,
srv->sftpserver_vt, srv->ssc);
server_connect_ppl(srv, connection_layer); server_connect_ppl(srv, connection_layer);
if (conf_get_bool(srv->conf, CONF_ssh_no_userauth)) { if (conf_get_bool(srv->conf, CONF_ssh_no_userauth)) {
@ -439,7 +443,7 @@ static void server_got_ssh_version(struct ssh_version_receiver *rcv,
transport_child_layer = connection_layer; transport_child_layer = connection_layer;
} else { } else {
userauth_layer = ssh2_userauth_server_new( userauth_layer = ssh2_userauth_server_new(
connection_layer, srv->authpolicy); connection_layer, srv->authpolicy, srv->ssc);
server_connect_ppl(srv, userauth_layer); server_connect_ppl(srv, userauth_layer);
transport_child_layer = userauth_layer; transport_child_layer = userauth_layer;
} }
@ -453,7 +457,7 @@ static void server_got_ssh_version(struct ssh_version_receiver *rcv,
#else #else
NULL, NULL,
#endif #endif
&srv->stats, transport_child_layer, true); &srv->stats, transport_child_layer, srv->ssc);
ssh2_transport_provide_hostkeys( ssh2_transport_provide_hostkeys(
srv->base_layer, srv->hostkeys, srv->nhostkeys); srv->base_layer, srv->hostkeys, srv->nhostkeys);
if (userauth_layer) if (userauth_layer)
@ -466,10 +470,11 @@ static void server_got_ssh_version(struct ssh_version_receiver *rcv,
server_connect_bpp(srv); server_connect_bpp(srv);
connection_layer = ssh1_connection_new(&srv->ssh, srv->conf, &srv->cl); connection_layer = ssh1_connection_new(&srv->ssh, srv->conf, &srv->cl);
ssh1connection_server_configure(connection_layer, srv->ssc);
server_connect_ppl(srv, connection_layer); server_connect_ppl(srv, connection_layer);
srv->base_layer = ssh1_login_server_new( srv->base_layer = ssh1_login_server_new(
connection_layer, srv->hostkey1, srv->authpolicy); connection_layer, srv->hostkey1, srv->authpolicy, srv->ssc);
server_connect_ppl(srv, srv->base_layer); server_connect_ppl(srv, srv->base_layer);
} }

17
sshserver.h
View File

@ -1,7 +1,12 @@
typedef struct AuthPolicy AuthPolicy; typedef struct AuthPolicy AuthPolicy;
struct SshServerConfig {
int dummy; /* no fields in here yet */
};
Plug *ssh_server_plug( Plug *ssh_server_plug(
Conf *conf, ssh_key *const *hostkeys, int nhostkeys, Conf *conf, const SshServerConfig *ssc,
ssh_key *const *hostkeys, int nhostkeys,
RSAKey *hostkey1, AuthPolicy *authpolicy, LogPolicy *logpolicy, RSAKey *hostkey1, AuthPolicy *authpolicy, LogPolicy *logpolicy,
const SftpServerVtable *sftpserver_vt); const SftpServerVtable *sftpserver_vt);
void ssh_server_start(Plug *plug, Socket *socket); void ssh_server_start(Plug *plug, Socket *socket);
@ -67,16 +72,20 @@ RSAKey *auth_publickey_ssh1(
bool auth_successful(AuthPolicy *, ptrlen username, unsigned method); bool auth_successful(AuthPolicy *, ptrlen username, unsigned method);
PacketProtocolLayer *ssh2_userauth_server_new( PacketProtocolLayer *ssh2_userauth_server_new(
PacketProtocolLayer *successor_layer, AuthPolicy *authpolicy); PacketProtocolLayer *successor_layer, AuthPolicy *authpolicy,
const SshServerConfig *ssc);
void ssh2_userauth_server_set_transport_layer( void ssh2_userauth_server_set_transport_layer(
PacketProtocolLayer *userauth, PacketProtocolLayer *transport); PacketProtocolLayer *userauth, PacketProtocolLayer *transport);
void ssh2connection_server_configure( void ssh2connection_server_configure(
PacketProtocolLayer *ppl, const SftpServerVtable *sftpserver_vt); PacketProtocolLayer *ppl, const SftpServerVtable *sftpserver_vt,
const SshServerConfig *ssc);
void ssh1connection_server_configure(
PacketProtocolLayer *ppl, const SshServerConfig *ssc);
PacketProtocolLayer *ssh1_login_server_new( PacketProtocolLayer *ssh1_login_server_new(
PacketProtocolLayer *successor_layer, RSAKey *hostkey, PacketProtocolLayer *successor_layer, RSAKey *hostkey,
AuthPolicy *authpolicy); AuthPolicy *authpolicy, const SshServerConfig *ssc);
Channel *sesschan_new(SshChannel *c, LogContext *logctx, Channel *sesschan_new(SshChannel *c, LogContext *logctx,
const SftpServerVtable *sftpserver_vt); const SftpServerVtable *sftpserver_vt);

5
unix/uxserver.c
View File

@ -366,6 +366,7 @@ int main(int argc, char **argv)
RSAKey *hostkey1 = NULL; RSAKey *hostkey1 = NULL;
AuthPolicy ap; AuthPolicy ap;
SshServerConfig ssc;
Conf *conf = conf_new(); Conf *conf = conf_new();
load_open_settings(NULL, conf); load_open_settings(NULL, conf);
@ -374,6 +375,8 @@ int main(int argc, char **argv)
ap.ssh1keys = NULL; ap.ssh1keys = NULL;
ap.ssh2keys = NULL; ap.ssh2keys = NULL;
memset(&ssc, 0, sizeof(ssc));
if (argc <= 1) { if (argc <= 1) {
/* /*
* We're going to terminate with an error message below, * We're going to terminate with an error message below,
@ -548,7 +551,7 @@ int main(int argc, char **argv)
{ {
Plug *plug = ssh_server_plug( Plug *plug = ssh_server_plug(
conf, hostkeys, nhostkeys, hostkey1, &ap, server_logpolicy, conf, &ssc, hostkeys, nhostkeys, hostkey1, &ap, server_logpolicy,
&unix_live_sftpserver_vt); &unix_live_sftpserver_vt);
ssh_server_start(plug, make_fd_socket(0, 1, -1, plug)); ssh_server_start(plug, make_fd_socket(0, 1, -1, plug));
} }