diff options
| author | Ian Moffett <ian@osmora.org> | 2024-09-29 22:38:43 -0400 |
|---|---|---|
| committer | Ian Moffett <ian@osmora.org> | 2024-09-29 22:38:43 -0400 |
| commit | 73ead92c2d37d5d091992ef617c4abdfe9907a18 (patch) | |
| tree | 1b689727607d72e525cee5bd298367aadc293615 /lib/libostp/auth.c | |
| parent | 788b1308e86320882245159540ef0a489209bcf1 (diff) | |
project: Massive fixups
- Fix client handling
- Add multithreading
- Fixup bad values
Signed-off-by: Ian Moffett <ian@osmora.org>
Diffstat (limited to 'lib/libostp/auth.c')
| -rw-r--r-- | lib/libostp/auth.c | 86 |
1 files changed, 56 insertions, 30 deletions
diff --git a/lib/libostp/auth.c b/lib/libostp/auth.c index d32c06a..f2097bc 100644 --- a/lib/libostp/auth.c +++ b/lib/libostp/auth.c @@ -35,6 +35,13 @@ #include <stdio.h> #include <unistd.h> #include <stdlib.h> +#include <errno.h> + +struct session_td_args { + struct ostp_client *c; + struct ostp_listener *lp; + unsigned char *session_key; +}; /* * Check a password to see if it matches with @@ -67,7 +74,7 @@ pwcheck(char *username, char *pw) } static int -passwd_auth(struct ostp_session *sp, const unsigned char *session_key) +passwd_auth(struct ostp_client *c, const unsigned char *session_key) { int error; struct session_auth auth; @@ -77,7 +84,7 @@ passwd_auth(struct ostp_session *sp, const unsigned char *session_key) return 0; } - error = recv_frame(sp->sockfd, sizeof(auth), session_key, &auth); + error = recv_frame(c->sockfd, sizeof(auth), session_key, &auth); if (error < 0) { return error; } @@ -85,7 +92,7 @@ passwd_auth(struct ostp_session *sp, const unsigned char *session_key) if (pwcheck(auth.username, auth.password) != 0) { printf("Got bad password for %s\n", auth.username); auth.code = AUTH_BAD_PW; - error = send_frame(sp->sockfd, &auth, sizeof(auth), session_key); + error = send_frame(c->sockfd, &auth, sizeof(auth), session_key); if (error < 0) { printf("Failed to ACK user authentication with frame\n"); } @@ -93,7 +100,7 @@ passwd_auth(struct ostp_session *sp, const unsigned char *session_key) } auth.code = AUTH_SUCCESS; - error = send_frame(sp->sockfd, &auth, sizeof(auth), session_key); + error = send_frame(c->sockfd, &auth, sizeof(auth), session_key); if (error < 0) { printf("Failed to ACK user authentication with frame\n"); return error; @@ -102,31 +109,32 @@ passwd_auth(struct ostp_session *sp, const unsigned char *session_key) } static void -send_motd(struct ostp_session *sp, const unsigned char *session_key) +send_motd(struct ostp_client *c, const unsigned char *session_key) { char motd[] = MOTD; printf("Sending MOTD...\n"); - if (send_frame(sp->sockfd, motd, sizeof(motd), session_key) < 0) { + if (send_frame(c->sockfd, motd, sizeof(motd), session_key) < 0) { printf("Failed to session MOTD\n"); } } static int -session_run(struct ostp_session *sp, struct ostp_listener *lp, - const unsigned char *session_key) +session_run(struct ostp_listener *lp, const unsigned char *session_key) { + struct ostp_client *c; char buf[4096]; size_t len; while (1) { for (int i = 1; i < MAX_CLIENTS; ++i) { - if (lp->clients[i] <= 0) + c = &lp->clients[i]; + if (c->sockfd <= 0) continue; - if (FD_ISSET(lp->clients[i], &lp->client_fds) <= 0) + if (FD_ISSET(c->sockfd, &lp->client_fds) <= 0) continue; - len = recv_frame(lp->clients[i], sizeof(buf) - 1, session_key, buf); + len = recv_frame(c->sockfd, sizeof(buf) - 1, session_key, buf); if (len < 0) { printf("recv_frame() failure, packet lost\n"); continue; @@ -135,22 +143,45 @@ session_run(struct ostp_session *sp, struct ostp_listener *lp, return 0; } if (lp->on_recv != NULL) { - lp->on_recv(sp, buf, len); + lp->on_recv(c, buf, len); } } } } +static void * +session_td(void *args) +{ + struct session_td_args *tmp = args; + int error; + + /* Try user auth, not needed if REQUIRE_USER_AUTH is 0 */ + if (passwd_auth(tmp->c, tmp->session_key) != 0) { + free_session_key(tmp->session_key); + exit(-1); + } + + /* Handle any requested session parameters */ + if ((error = negotiate_spw(tmp->c, tmp->session_key)) < 0) { + free_session_key(tmp->session_key); + exit(error); + } + + send_motd(tmp->c, tmp->session_key); + session_run(tmp->lp, tmp->session_key); + free(args); + return NULL; +} + int -handle_srq(struct ostp_session *sp, struct ostp_listener *lp, struct session_request *srq) +handle_srq(struct ostp_client *c, struct ostp_listener *lp, struct session_request *srq) { struct x25519_keypair keypair; + struct session_td_args *sargs; unsigned char *session_key; - pid_t child; int error; if (REQUIRE_USER_AUTH && !ISSET(srq->options, SESSION_REQ_USER)) { - printf("%x\n", srq->options); printf("User authentication enforced but client 'U' bit not set\n"); printf("Closing connection...\n"); return -1; @@ -164,7 +195,7 @@ handle_srq(struct ostp_session *sp, struct ostp_listener *lp, struct session_req } /* Send back our our public key */ - error = send(sp->sockfd, keypair.pubkey, keypair.pubkey_len, 0); + error = send(c->sockfd, keypair.pubkey, keypair.pubkey_len, 0); if (error < 0) { perror("Failed to send public key"); return error; @@ -176,24 +207,19 @@ handle_srq(struct ostp_session *sp, struct ostp_listener *lp, struct session_req return error; } - /* Try user auth, not needed if REQUIRE_USER_AUTH is 0 */ - if (passwd_auth(sp, session_key) != 0) { - return -1; + sargs = malloc(sizeof(*sargs)); + if (sargs == NULL) { + printf("Failed to allocate session args\n"); + return errno; } - /* Handle any requested session parameters */ - if ((error = negotiate_spw(sp, session_key)) < 0) { - free_session_key(session_key); + sargs->c = c; + sargs->lp = lp; + sargs->session_key = session_key; + error = pthread_create(&c->td, NULL, session_td, sargs); + if (error != 0) { return error; } - send_motd(sp, session_key); - - /* Dispatch a thread and handle this session */ - child = fork(); - if (child == 0) { - session_run(sp, lp, session_key); - exit(0); - } return 0; } |