RusstopiaLabs
/
xs
mirror of https://gogs.blitter.com/RLabs/xs
1
0
Fork 0
Code Issues Releases Wiki Activity

More misc. fixes to connection handling w/chaff e=0/1 client-side, both interactive and oneshot cmd (-x)

This commit is contained in:
Russ Magee 2018-08-06 00:06:09 -07:00
parent 00e03c1d54
commit 04e8b94b5d
2 changed files with 10 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
hkexnet/hkexnet.go
View File

@ -443,7 +443,7 @@ func (hc Conn) Read(b []byte) (n int, err error) {
*hc.closeStat = uint8(payloadBytes[0]) *hc.closeStat = uint8(payloadBytes[0])
} else { } else {
log.Println("[truncated payload, cannot determine CSOExitStatus]") log.Println("[truncated payload, cannot determine CSOExitStatus]")
*hc.closeStat = 99 *hc.closeStat = 98
} }
} else { } else {
hc.dBuf.Write(payloadBytes) hc.dBuf.Write(payloadBytes)
@ -455,7 +455,7 @@ func (hc Conn) Read(b []byte) (n int, err error) {
hTmp := hc.rm.Sum(nil)[0:4] hTmp := hc.rm.Sum(nil)[0:4]
log.Printf("<%04x) HMAC:(i)%s (c)%02x\r\n", decryptN, hex.EncodeToString([]byte(hmacIn[0:])), hTmp) log.Printf("<%04x) HMAC:(i)%s (c)%02x\r\n", decryptN, hex.EncodeToString([]byte(hmacIn[0:])), hTmp)
if *hc.closeStat == 99 { if *hc.closeStat >90 {
log.Println("[cannot verify HMAC]") log.Println("[cannot verify HMAC]")
} else { } else {
// Log alert if hmac didn't match, corrupted channel // Log alert if hmac didn't match, corrupted channel

15
hkexsh/hkexsh.go
View File

@ -302,14 +302,15 @@ func main() {
conn.SetupChaff(chaffFreqMin, chaffFreqMax, chaffBytesMax) // enable client->server chaffing conn.SetupChaff(chaffFreqMin, chaffFreqMax, chaffBytesMax) // enable client->server chaffing
if chaffEnabled { if chaffEnabled {
conn.EnableChaff() conn.EnableChaff()
//defer conn.DisableChaff() defer conn.DisableChaff()
//defer conn.ShutdownChaff() defer conn.ShutdownChaff()
} }
//client reader (from server) goroutine //client reader (from server) goroutine
//Read remote end's stdout //Read remote end's stdout
wg.Add(1) wg.Add(1)
go func() { go func() {
defer wg.Done()
// By deferring a call to wg.Done(), // By deferring a call to wg.Done(),
// each goroutine guarantees that it marks // each goroutine guarantees that it marks
// its direction's stream as finished. // its direction's stream as finished.
@ -330,7 +331,6 @@ func main() {
log.Println("[* Got EOF *]") log.Println("[* Got EOF *]")
_ = hkexsh.Restore(int(os.Stdin.Fd()), oldState) // Best effort. _ = hkexsh.Restore(int(os.Stdin.Fd()), oldState) // Best effort.
} }
wg.Done()
}() }()
// Only look for data from stdin to send to remote end // Only look for data from stdin to send to remote end
@ -343,6 +343,7 @@ func main() {
wg.Add(1) wg.Add(1)
go func() { go func() {
defer wg.Done() defer wg.Done()
//!defer wg.Done()
// Copy() expects EOF so this will // Copy() expects EOF so this will
// exit with outerr == nil // exit with outerr == nil
//!_, outerr := io.Copy(conn, os.Stdin) //!_, outerr := io.Copy(conn, os.Stdin)
@ -358,15 +359,15 @@ func main() {
os.Exit(255) os.Exit(255)
} }
log.Println("[Sent EOF]") log.Println("[Sent EOF]")
wg.Done()
}() }()
} }
// Wait until both stdin and stdout goroutines finish // Wait until both stdin and stdout goroutines finish
// ** IMPORTANT! This must come before the Restore() tty call below
// in order to maintain raw mode for interactive sessions. -rlm 20180805
wg.Wait() wg.Wait()
conn.DisableChaff()
conn.ShutdownChaff()
_ = hkexsh.Restore(int(os.Stdin.Fd()), oldState) // Best effort. _ = hkexsh.Restore(int(os.Stdin.Fd()), oldState) // Best effort.
os.Exit(rec.status) os.Exit(rec.status)
} }