ClearML/dropbear
1
0
Fork 0
mirror of https://github.com/clearml/dropbear synced 2025-03-04 02:57:46 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Send a failure response if a client receives a global request

Browse Source
This commit is contained in:
Matt Johnston 2014-07-08 21:59:36 +08:00
parent ca86726f9f
commit 50a5d3756f
4 changed files with 24 additions and 18 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
channel.h
View File

@ -129,4 +129,7 @@ void recv_msg_channel_open_confirmation();
void recv_msg_channel_open_failure(); void recv_msg_channel_open_failure();
#endif #endif
void send_msg_request_success();
void send_msg_request_failure();
#endif /* _CHANNEL_H_ */ #endif /* _CHANNEL_H_ */

8
cli-session.c
View File

@ -44,6 +44,7 @@ static void cli_session_init();
static void cli_finished(); static void cli_finished();
static void recv_msg_service_accept(void); static void recv_msg_service_accept(void);
static void cli_session_cleanup(void); static void cli_session_cleanup(void);
static void recv_msg_global_request_cli(void);
struct clientsession cli_ses; /* GLOBAL */ struct clientsession cli_ses; /* GLOBAL */
@ -68,6 +69,7 @@ static const packettype cli_packettypes[] = {
{SSH_MSG_CHANNEL_OPEN_FAILURE, recv_msg_channel_open_failure}, {SSH_MSG_CHANNEL_OPEN_FAILURE, recv_msg_channel_open_failure},
{SSH_MSG_USERAUTH_BANNER, recv_msg_userauth_banner}, /* client */ {SSH_MSG_USERAUTH_BANNER, recv_msg_userauth_banner}, /* client */
{SSH_MSG_USERAUTH_SPECIFIC_60, recv_msg_userauth_specific_60}, /* client */ {SSH_MSG_USERAUTH_SPECIFIC_60, recv_msg_userauth_specific_60}, /* client */
{SSH_MSG_GLOBAL_REQUEST, recv_msg_global_request_cli},
#ifdef ENABLE_CLI_REMOTETCPFWD #ifdef ENABLE_CLI_REMOTETCPFWD
{SSH_MSG_REQUEST_SUCCESS, cli_recv_msg_request_success}, /* client */ {SSH_MSG_REQUEST_SUCCESS, cli_recv_msg_request_success}, /* client */
{SSH_MSG_REQUEST_FAILURE, cli_recv_msg_request_failure}, /* client */ {SSH_MSG_REQUEST_FAILURE, cli_recv_msg_request_failure}, /* client */
@ -366,3 +368,9 @@ void cleantext(unsigned char* dirtytext) {
/* Null terminate */ /* Null terminate */
dirtytext[j] = '\0'; dirtytext[j] = '\0';
} }
static void recv_msg_global_request_cli(void) {
TRACE(("recv_msg_global_request_cli"))
/* Send a proper rejection */
send_msg_request_failure();
}

13
common-channel.c
View File

@ -1099,3 +1099,16 @@ void recv_msg_channel_open_failure() {
remove_channel(channel); remove_channel(channel);
} }
#endif /* USING_LISTENERS */ #endif /* USING_LISTENERS */
void send_msg_request_success() {
CHECKCLEARTOWRITE();
buf_putbyte(ses.writepayload, SSH_MSG_REQUEST_SUCCESS);
encrypt_packet();
}
void send_msg_request_failure() {
CHECKCLEARTOWRITE();
buf_putbyte(ses.writepayload, SSH_MSG_REQUEST_FAILURE);
encrypt_packet();
}

18
svr-tcpfwd.c
View File

@ -34,14 +34,6 @@
#include "runopts.h" #include "runopts.h"
#include "auth.h" #include "auth.h"
static void send_msg_request_failure();
static void send_msg_request_failure() {
CHECKCLEARTOWRITE();
buf_putbyte(ses.writepayload, SSH_MSG_REQUEST_FAILURE);
encrypt_packet();
}
#ifndef ENABLE_SVR_REMOTETCPFWD #ifndef ENABLE_SVR_REMOTETCPFWD
/* This is better than SSH_MSG_UNIMPLEMENTED */ /* This is better than SSH_MSG_UNIMPLEMENTED */
@ -53,7 +45,6 @@ void recv_msg_global_request_remotetcp() {
/* */ /* */
#endif /* !ENABLE_SVR_REMOTETCPFWD */ #endif /* !ENABLE_SVR_REMOTETCPFWD */
static void send_msg_request_success();
static int svr_cancelremotetcp(); static int svr_cancelremotetcp();
static int svr_remotetcpreq(); static int svr_remotetcpreq();
static int newtcpdirect(struct Channel * channel); static int newtcpdirect(struct Channel * channel);
@ -115,15 +106,6 @@ out:
TRACE(("leave recv_msg_global_request")) TRACE(("leave recv_msg_global_request"))
} }
static void send_msg_request_success() {
CHECKCLEARTOWRITE();
buf_putbyte(ses.writepayload, SSH_MSG_REQUEST_SUCCESS);
encrypt_packet();
}
static int matchtcp(void* typedata1, void* typedata2) { static int matchtcp(void* typedata1, void* typedata2) {
const struct TCPListener *info1 = (struct TCPListener*)typedata1; const struct TCPListener *info1 = (struct TCPListener*)typedata1;