1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
|
/*
* ProFTPD - mod_proxy SSH service
* Copyright (c) 2021-2022 TJ Saunders
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Suite 500, Boston, MA 02110-1335, USA.
*
* As a special exemption, TJ Saunders and other respective copyright holders
* give permission to link this program with OpenSSL, and distribute the
* resulting executable, without including the source code for OpenSSL in the
* source distribution.
*/
#include "mod_proxy.h"
#include "proxy/ssh/ssh2.h"
#include "proxy/ssh/packet.h"
#include "proxy/ssh/service.h"
#if defined(PR_USE_OPENSSL)
static const char *trace_channel = "proxy.ssh.service";
int proxy_ssh_service_handle(struct proxy_ssh_packet *pkt,
const struct proxy_session *proxy_sess) {
int poll_timeout_secs, res, xerrno = 0;
unsigned int poll_attempts;
unsigned long poll_timeout_ms;
char msg_type;
res = proxy_ssh_packet_write(proxy_sess->backend_ctrl_conn, pkt);
if (res < 0) {
destroy_pool(pkt->pool);
return -1;
}
destroy_pool(pkt->pool);
proxy_ssh_packet_get_poll_attempts(&poll_attempts);
proxy_ssh_packet_get_poll_timeout(&poll_timeout_secs, &poll_timeout_ms);
proxy_ssh_packet_set_poll_attempts(3);
proxy_ssh_packet_set_poll_timeout(0, 250);
while (TRUE) {
pr_signals_handle();
pkt = proxy_ssh_packet_create(proxy_pool);
res = proxy_ssh_packet_read(proxy_sess->backend_ctrl_conn, pkt);
if (res < 0) {
xerrno = errno;
destroy_pool(pkt->pool);
proxy_ssh_packet_set_poll_attempts(poll_attempts);
proxy_ssh_packet_set_poll_timeout(poll_timeout_secs, poll_timeout_ms);
errno = xerrno;
return -1;
}
msg_type = proxy_ssh_packet_peek_msg_type(pkt);
pr_trace_msg(trace_channel, 3, "received %s (%d) packet (from mod_%s.c)",
proxy_ssh_packet_get_msg_type_desc(msg_type), msg_type,
pkt->m->name);
/* Be sure to handle the messages that can come at any time as well. */
switch (msg_type) {
case PROXY_SSH_MSG_SERVICE_ACCEPT:
/* Expected */
break;
case PROXY_SSH_MSG_DEBUG:
case PROXY_SSH_MSG_DISCONNECT:
case PROXY_SSH_MSG_EXT_INFO:
case PROXY_SSH_MSG_IGNORE:
case PROXY_SSH_MSG_UNIMPLEMENTED:
proxy_ssh_packet_handle(pkt);
continue;
default:
proxy_ssh_packet_set_poll_attempts(poll_attempts);
proxy_ssh_packet_set_poll_timeout(poll_timeout_secs, poll_timeout_ms);
destroy_pool(pkt->pool);
/* Invalid protocol sequence */
(void) pr_log_writefile(proxy_logfd, MOD_PROXY_VERSION,
"received unexpected %s packet during SSH service setup, failing",
proxy_ssh_packet_get_msg_type_desc(msg_type));
errno = ENOSYS;
return -1;
}
break;
}
proxy_ssh_packet_set_poll_attempts(poll_attempts);
proxy_ssh_packet_set_poll_timeout(poll_timeout_secs, poll_timeout_ms);
proxy_ssh_packet_log_cmd(pkt, FALSE);
res = proxy_ssh_packet_proxied(proxy_sess, pkt, FALSE);
xerrno = errno;
destroy_pool(pkt->pool);
errno = xerrno;
return res;
}
#endif /* PR_USE_OPENSSL */
|
