Noratrieb/cluelessh
1
0
Fork 0
mirror of https://github.com/Noratrieb/cluelessh.git synced 2026-01-14 16:35:06 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

misc improvements

Browse source
This commit is contained in:
nora 2024-08-26 19:50:24 +02:00
parent ca4213ba81
commit 26cdcd0524
7 changed files with 39 additions and 31 deletions
Download patch file Download diff file Expand all files Collapse all files

2
bin/cluelessh-faked/src/readline.rs
View file

@ -43,7 +43,7 @@ impl InteractiveShell {
127 => { 127 => {
// Backspace, space, backspace. // Backspace, space, backspace.
// We literally erase it. // We literally erase it.
if self.line_buf.len() > 0 { if !self.line_buf.is_empty() {
self.write(&[8, 32, 8]); self.write(&[8, 32, 8]);
self.line_buf.truncate(self.line_buf.len() - 1); self.line_buf.truncate(self.line_buf.len() - 1);
} }

4
bin/cluelesshd/src/auth.rs
View file

@ -39,11 +39,11 @@ impl UserPublicKey {
let file = tokio::fs::read_to_string(sshd_dir) let file = tokio::fs::read_to_string(sshd_dir)
.await .await
.map_err(|err| AuthError::NoAuthorizedKeys(err))?; .map_err(AuthError::NoAuthorizedKeys)?;
let authorized_keys = AuthorizedKeys::parse(&file)?; let authorized_keys = AuthorizedKeys::parse(&file)?;
if let Some(key) = authorized_keys.contains(&provided_key) { if let Some(key) = authorized_keys.contains(provided_key) {
Ok(Self(key.clone())) Ok(Self(key.clone()))
} else { } else {
Err(AuthError::UnauthorizedPublicKey) Err(AuthError::UnauthorizedPublicKey)

36
bin/cluelesshd/src/main.rs
View file

@ -192,7 +192,7 @@ async fn handle_connection(
} }
}, },
}, },
result = futures::future::try_join_all(&mut channel_tasks), if channel_tasks.len() > 0 => { result = futures::future::try_join_all(&mut channel_tasks), if !channel_tasks.is_empty() => {
match result { match result {
Ok(_) => channel_tasks.clear(), Ok(_) => channel_tasks.clear(),
Err(err) => return Err((err as eyre::Report).wrap_err("channel task failed")), Err(err) => return Err((err as eyre::Report).wrap_err("channel task failed")),
@ -259,20 +259,17 @@ async fn handle_session_channel(user: String, channel: Channel) -> Result<()> {
} }
} }
exit = state.process_exit_recv.recv() => { exit = state.process_exit_recv.recv() => {
match exit { if let Some(exit) = exit {
Some(exit) => { let exit = exit?;
let exit = exit?; state.channel.send(ChannelOperationKind::Eof).await?;
state.channel.send(ChannelOperationKind::Eof).await?; // TODO: also handle exit-signal
// TODO: also handle exit-signal state.channel
state.channel .send(ChannelOperationKind::Request(ChannelRequest::ExitStatus {
.send(ChannelOperationKind::Request(ChannelRequest::ExitStatus { status: exit.code().unwrap_or(0) as u32,
status: exit.code().unwrap_or(0) as u32, }))
})) .await?;
.await?; state.channel.send(ChannelOperationKind::Close).await?;
state.channel.send(ChannelOperationKind::Close).await?; return Ok(());
return Ok(());
}
None => {}
} }
} }
read = read => { read = read => {
@ -346,12 +343,11 @@ impl SessionState {
}; };
} }
ChannelUpdateKind::OpenFailed { .. } => todo!(), ChannelUpdateKind::OpenFailed { .. } => todo!(),
ChannelUpdateKind::Data { data } => match &mut self.writer { ChannelUpdateKind::Data { data } => {
Some(pty) => { if let Some(writer) = &mut self.writer {
pty.write_all(&data).await?; writer.write_all(&data).await?;
} }
None => {} }
},
ChannelUpdateKind::Open(_) ChannelUpdateKind::Open(_)
| ChannelUpdateKind::Closed | ChannelUpdateKind::Closed
| ChannelUpdateKind::ExtendedData { .. } | ChannelUpdateKind::ExtendedData { .. }

1
lib/cluelessh-keys/src/private.rs
View file

@ -33,6 +33,7 @@ impl Debug for PlaintextPrivateKey {
} }
#[derive(Clone)] #[derive(Clone)]
#[allow(clippy::large_enum_variant)]
pub enum PrivateKey { pub enum PrivateKey {
Ed25519 { Ed25519 {
public_key: ed25519_dalek::VerifyingKey, public_key: ed25519_dalek::VerifyingKey,

16
lib/cluelessh-tokio/src/server.rs
View file

@ -24,8 +24,7 @@ use crate::{Channel, ChannelState, PendingChannel};
pub struct ServerListener { pub struct ServerListener {
listener: TcpListener, listener: TcpListener,
auth_verify: ServerAuthVerify, auth_verify: ServerAuthVerify,
transport_config: cluelessh_transport::server::ServerConfig transport_config: cluelessh_transport::server::ServerConfig, // TODO ratelimits etc
// TODO ratelimits etc
} }
pub struct ServerConnection<S> { pub struct ServerConnection<S> {
@ -80,7 +79,11 @@ impl From<eyre::Report> for Error {
} }
impl ServerListener { impl ServerListener {
pub fn new(listener: TcpListener, auth_verify: ServerAuthVerify, transport_config: cluelessh_transport::server::ServerConfig) -> Self { pub fn new(
listener: TcpListener,
auth_verify: ServerAuthVerify,
transport_config: cluelessh_transport::server::ServerConfig,
) -> Self {
Self { Self {
listener, listener,
auth_verify, auth_verify,
@ -101,7 +104,12 @@ impl ServerListener {
} }
impl<S: AsyncRead + AsyncWrite> ServerConnection<S> { impl<S: AsyncRead + AsyncWrite> ServerConnection<S> {
pub fn new(stream: S, peer_addr: SocketAddr, auth_verify: ServerAuthVerify, transport_config: cluelessh_transport::server::ServerConfig) -> Self { pub fn new(
stream: S,
peer_addr: SocketAddr,
auth_verify: ServerAuthVerify,
transport_config: cluelessh_transport::server::ServerConfig,
) -> Self {
let (operations_send, operations_recv) = tokio::sync::mpsc::channel(15); let (operations_send, operations_recv) = tokio::sync::mpsc::channel(15);
let (channel_ops_send, channel_ops_recv) = tokio::sync::mpsc::channel(15); let (channel_ops_send, channel_ops_recv) = tokio::sync::mpsc::channel(15);

6
lib/cluelessh-transport/src/crypto.rs
View file

@ -110,7 +110,7 @@ impl AlgorithmName for EncryptionAlgorithm {
pub struct EncodedSshSignature(pub Vec<u8>); pub struct EncodedSshSignature(pub Vec<u8>);
pub struct HostKeySigningAlgorithm { pub struct HostKeySigningAlgorithm {
private_key: PrivateKey, private_key: Box<PrivateKey>,
} }
impl AlgorithmName for HostKeySigningAlgorithm { impl AlgorithmName for HostKeySigningAlgorithm {
@ -121,7 +121,9 @@ impl AlgorithmName for HostKeySigningAlgorithm {
impl HostKeySigningAlgorithm { impl HostKeySigningAlgorithm {
pub fn new(private_key: PrivateKey) -> Self { pub fn new(private_key: PrivateKey) -> Self {
Self { private_key } Self {
private_key: Box::new(private_key),
}
} }
pub fn sign(&self, data: &[u8]) -> Signature { pub fn sign(&self, data: &[u8]) -> Signature {
self.private_key.sign(data) self.private_key.sign(data)

5
lib/cluelessh-transport/src/server.rs
View file

@ -145,8 +145,9 @@ impl ServerConnection {
let kex_algorithm = sup_algs.key_exchange.find(kex.kex_algorithms.0)?; let kex_algorithm = sup_algs.key_exchange.find(kex.kex_algorithms.0)?;
debug!(name = %kex_algorithm.name(), "Using KEX algorithm"); debug!(name = %kex_algorithm.name(), "Using KEX algorithm");
let server_host_key_algorithm = let server_host_key_algorithm = sup_algs
sup_algs.hostkey_sign.find(kex.server_host_key_algorithms.0)?; .hostkey_sign
.find(kex.server_host_key_algorithms.0)?;
debug!(name = %server_host_key_algorithm.name(), "Using host key algorithm"); debug!(name = %server_host_key_algorithm.name(), "Using host key algorithm");
// TODO: Implement aes128-ctr // TODO: Implement aes128-ctr