mirror of
https://git.libssh.org/projects/libssh.git
synced 2025-08-05 20:55:46 +03:00
fixed server segfaults on exit (double frees)
sftp_server_init() git-svn-id: svn+ssh://svn.berlios.de/svnroot/repos/libssh/trunk@15 7dcaeef0-15fb-0310-b436-a5af3365683c
This commit is contained in:
Aris Adamantiadis
@@ -30,6 +30,7 @@ typedef struct sftp_session_struct {
|
|||||||
SSH_SESSION *session;
|
SSH_SESSION *session;
|
||||||
CHANNEL *channel;
|
CHANNEL *channel;
|
||||||
int server_version;
|
int server_version;
|
||||||
|
int client_version;
|
||||||
struct request_queue *queue;
|
struct request_queue *queue;
|
||||||
u32 id_counter;
|
u32 id_counter;
|
||||||
} SFTP_SESSION ;
|
} SFTP_SESSION ;
|
||||||
@@ -138,6 +139,12 @@ int sftp_rename(SFTP_SESSION *sftp, char *original, char *newname);
|
|||||||
int sftp_setstat(SFTP_SESSION *sftp, char *file, SFTP_ATTRIBUTES *attr);
|
int sftp_setstat(SFTP_SESSION *sftp, char *file, SFTP_ATTRIBUTES *attr);
|
||||||
char *sftp_canonicalize_path(SFTP_SESSION *sftp, char *path);
|
char *sftp_canonicalize_path(SFTP_SESSION *sftp, char *path);
|
||||||
|
|
||||||
|
#ifndef NO_SERVER
|
||||||
|
SFTP_SESSION *sftp_server_new(SSH_SESSION *session, CHANNEL *chan);
|
||||||
|
int sftp_server_init(SFTP_SESSION *sftp);
|
||||||
|
#endif
|
||||||
|
|
||||||
|
|
||||||
/* SFTP commands and constants */
|
/* SFTP commands and constants */
|
||||||
#define SSH_FXP_INIT 1
|
#define SSH_FXP_INIT 1
|
||||||
#define SSH_FXP_VERSION 2
|
#define SSH_FXP_VERSION 2
|
||||||
|
|||||||
@@ -2,7 +2,7 @@
|
|||||||
OBJECTS= client.o packet.o dh.o crypt.o connect.o error.o buffer.o \
|
OBJECTS= client.o packet.o dh.o crypt.o connect.o error.o buffer.o \
|
||||||
string.o kex.o channels.o options.o keys.o auth.o base64.o \
|
string.o kex.o channels.o options.o keys.o auth.o base64.o \
|
||||||
keyfiles.o misc.o gzip.o wrapper.o sftp.o server.o crc32.o \
|
keyfiles.o misc.o gzip.o wrapper.o sftp.o server.o crc32.o \
|
||||||
session.o messages.o channels1.o auth1.o
|
session.o messages.o channels1.o auth1.o sftpserver.o
|
||||||
SHELL = /bin/sh
|
SHELL = /bin/sh
|
||||||
VPATH = @srcdir@
|
VPATH = @srcdir@
|
||||||
|
|
||||||
|
|||||||
@@ -186,6 +186,7 @@ CHANNEL *ssh_message_channel_request_open_reply_accept(SSH_MESSAGE *msg){
|
|||||||
chan->remote_channel=msg->channel_request_open.sender;
|
chan->remote_channel=msg->channel_request_open.sender;
|
||||||
chan->remote_maxpacket=msg->channel_request_open.packet_size;
|
chan->remote_maxpacket=msg->channel_request_open.packet_size;
|
||||||
chan->remote_window=msg->channel_request_open.window;
|
chan->remote_window=msg->channel_request_open.window;
|
||||||
|
chan->open=1;
|
||||||
packet_clear_out(msg->session);
|
packet_clear_out(msg->session);
|
||||||
buffer_add_u8(msg->session->out_buffer,SSH2_MSG_CHANNEL_OPEN_CONFIRMATION);
|
buffer_add_u8(msg->session->out_buffer,SSH2_MSG_CHANNEL_OPEN_CONFIRMATION);
|
||||||
buffer_add_u32(msg->session->out_buffer,htonl(chan->remote_channel));
|
buffer_add_u32(msg->session->out_buffer,htonl(chan->remote_channel));
|
||||||
|
|||||||
@@ -177,14 +177,9 @@ int server_set_kex(SSH_SESSION * session) {
|
|||||||
for (i = 0; i < 10; i++) {
|
for (i = 0; i < 10; i++) {
|
||||||
if (!(wanted = options->wanted_methods[i]))
|
if (!(wanted = options->wanted_methods[i]))
|
||||||
wanted = supported_methods[i];
|
wanted = supported_methods[i];
|
||||||
server->methods[i] = wanted;
|
server->methods[i] = strdup(wanted);
|
||||||
printf("server->methods[%d]=%s\n",i,wanted);
|
printf("server->methods[%d]=%s\n",i,wanted);
|
||||||
}
|
}
|
||||||
if (!server->methods[i]) {
|
|
||||||
ssh_set_error(session, SSH_FATAL,
|
|
||||||
"kex error : did not find algo");
|
|
||||||
return -1;
|
|
||||||
}
|
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -222,7 +217,15 @@ static int dh_handshake_server(SSH_SESSION *session){
|
|||||||
make_sessionid(session);
|
make_sessionid(session);
|
||||||
sign=ssh_sign_session_id(session,prv);
|
sign=ssh_sign_session_id(session,prv);
|
||||||
buffer_free(buf);
|
buffer_free(buf);
|
||||||
private_key_free(prv);
|
/* free private keys as they should not be readable past this point */
|
||||||
|
if(session->rsa_key){
|
||||||
|
private_key_free(session->rsa_key);
|
||||||
|
session->rsa_key=NULL;
|
||||||
|
}
|
||||||
|
if(session->dsa_key){
|
||||||
|
private_key_free(session->dsa_key);
|
||||||
|
session->dsa_key=NULL;
|
||||||
|
}
|
||||||
buffer_add_u8(session->out_buffer,SSH2_MSG_KEXDH_REPLY);
|
buffer_add_u8(session->out_buffer,SSH2_MSG_KEXDH_REPLY);
|
||||||
buffer_add_ssh_string(session->out_buffer,pubkey);
|
buffer_add_ssh_string(session->out_buffer,pubkey);
|
||||||
buffer_add_ssh_string(session->out_buffer,f);
|
buffer_add_ssh_string(session->out_buffer,f);
|
||||||
|
|||||||
@@ -42,6 +42,8 @@ MA 02111-1307, USA. */
|
|||||||
static void sftp_packet_free(SFTP_PACKET *packet);
|
static void sftp_packet_free(SFTP_PACKET *packet);
|
||||||
void sftp_enqueue(SFTP_SESSION *session, SFTP_MESSAGE *msg);
|
void sftp_enqueue(SFTP_SESSION *session, SFTP_MESSAGE *msg);
|
||||||
static void sftp_message_free(SFTP_MESSAGE *msg);
|
static void sftp_message_free(SFTP_MESSAGE *msg);
|
||||||
|
SFTP_PACKET *sftp_packet_read(SFTP_SESSION *sftp);
|
||||||
|
int sftp_packet_write(SFTP_SESSION *sftp,u8 type, BUFFER *payload);
|
||||||
|
|
||||||
SFTP_SESSION *sftp_new(SSH_SESSION *session){
|
SFTP_SESSION *sftp_new(SSH_SESSION *session){
|
||||||
SFTP_SESSION *sftp=malloc(sizeof(SFTP_SESSION));
|
SFTP_SESSION *sftp=malloc(sizeof(SFTP_SESSION));
|
||||||
@@ -68,6 +70,35 @@ SFTP_SESSION *sftp_server_new(SSH_SESSION *session, CHANNEL *chan){
|
|||||||
sftp->channel=chan;
|
sftp->channel=chan;
|
||||||
return sftp;
|
return sftp;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
int sftp_server_init(SFTP_SESSION *sftp){
|
||||||
|
SFTP_PACKET *packet=sftp_packet_read(sftp);
|
||||||
|
u32 version;
|
||||||
|
BUFFER *reply;
|
||||||
|
if(!packet)
|
||||||
|
return -1;
|
||||||
|
if(packet->type != SSH_FXP_INIT){
|
||||||
|
ssh_set_error(sftp->session,SSH_FATAL,"Packet read of type %d instead of SSH_FXP_INIT",
|
||||||
|
packet->type);
|
||||||
|
sftp_packet_free(packet);
|
||||||
|
return -1;
|
||||||
|
}
|
||||||
|
ssh_say(2,"received SSH_FXP_INIT\n");
|
||||||
|
buffer_get_u32(packet->payload,&version);
|
||||||
|
version=ntohl(version);
|
||||||
|
ssh_say(2,"client version %d\n");
|
||||||
|
sftp->client_version=version;
|
||||||
|
sftp_packet_free(packet);
|
||||||
|
reply=buffer_new();
|
||||||
|
buffer_add_u32(reply,ntohl(LIBSFTP_VERSION));
|
||||||
|
if(sftp_packet_write(sftp,SSH_FXP_VERSION,reply)==-1){
|
||||||
|
buffer_free(reply);
|
||||||
|
return -1;
|
||||||
|
}
|
||||||
|
buffer_free(reply);
|
||||||
|
ssh_say(2,"server version sent\n");
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
void sftp_free(SFTP_SESSION *sftp){
|
void sftp_free(SFTP_SESSION *sftp){
|
||||||
|
|||||||
Reference in New Issue
Block a user