Commit Graph

125 Commits

Author SHA1 Message Date
Russ Magee 3b35751e2e WIP tunnel states, re-dial when not required needs debugging. 2018-11-07 19:35:32 -08:00
Russ Magee 492c7290b0 Much improved tunnel state management: server-side mostly working, client-side re-Accept() -> svr re-Dial() still required 2018-11-01 22:14:44 -07:00
Russ Magee a425afe9b6 Tunnels working again to basic level w/o re-connect or re-dial 2018-11-01 18:52:01 -07:00
Russ Magee 081d88b9ad tunnel setup stubs moved into Conn Read()/Write() handling 2018-10-31 20:11:00 -07:00
Russ Magee fcbdb77c79 Cleaned up error handling in hkexnet.Conn.Read() a bit 2018-10-30 21:07:42 -07:00
Russ Magee 632f24354b Tunnel rough work-in-progress; data sent (wrong length) and CSOTunClose handling needs work, but it's a start... 2018-10-28 19:17:47 -07:00
Russ Magee 1e6da733a2 Work on setup for tunnels
Signed-off-by: Russ Magee <rmagee@gmail.com>
2018-10-27 01:51:40 -07:00
Russ Magee 2f83d488d6 Pushed logging into sub-package to preserve windows client build
Signed-off-by: Russ Magee <rmagee@gmail.com>
2018-10-26 16:05:01 -07:00
Russ Magee 752dbf6080 logging now uses syslog 2018-10-25 22:14:18 -07:00
Russ Magee 4cb535fcc9 Added support for cryptMTv1
Signed-off-by: Russ Magee <rmagee@gmail.com>
2018-10-24 00:16:34 -07:00
Russ Magee 798661a0cf kex-spurious-failures branch:
-Modified KyberDialSetup()/KyberAcceptSetup() to use []byte for reading/writing
ciphertext to avoid errors caused by leading zero bytes (big.Int can't explicitly
represent these)

-TODO: Consider the same for HerraduraKEx HKexDialSetup()/HKexAcceptSetup()
2018-10-18 20:44:23 -07:00
Russ Magee 5d9a110d57 Added more (explicit) sizes for all KEX algs 2018-10-12 16:16:49 -07:00
Russ Magee 231ede1734 KYBER768 KEM works. :O 2018-10-10 21:12:38 -07:00
Russ Magee 4c286ae6c1 Set up to handle Kyber768 KEM 2018-10-08 21:31:11 -07:00
Russ Magee cd9f7914e0 Dial() and Accept() again conform to net.Dial(), net.Accept() return signature 2018-09-29 12:15:53 -07:00
Russ Magee b810fa7f4a tightened up some const types 2018-09-17 23:07:04 -07:00
Russ Magee 8b0b833d6e Split hkexsh and hkexnet consts into separate files 2018-09-17 17:27:13 -07:00
Russ Magee 84e29bdf51 Fixes to authtoken/password indication at login 2018-09-16 22:22:14 -07:00
Russ Magee d25b883873 Fixed bug in fallback from authtoken (-g) to password login 2018-09-16 17:30:02 -07:00
Russ Magee 19697d5164 Remote exit status now reflected in client->server copies 2018-09-16 17:14:50 -07:00
Russ Magee e02764bf4b .hkexsh_id file supports multiple authtokens (multi remote hosts, aliases for same remote host) 2018-09-14 11:58:10 -07:00
Russ Magee d9b34fa631 GenAuthToken() now uses client-supplied ConnHost 2018-09-14 01:13:14 -07:00
Russ Magee 1efc1337df -TODO items; scrub authCookie after use 2018-09-14 00:40:20 -07:00
Russ Magee c9eb6bcb38 Added -a authtoken feature for scripted use 2018-09-13 23:51:49 -07:00
Russ Magee bee0bececf -Bumped version to 0.2pre to reflect protocol break w/0.1pre
-Added design principle note (no downgrade attack-enabling protocol features)
2018-09-10 20:28:41 -07:00
Russ Magee dcb42d43f1 -BREAKING CHANGE: pre-KEx byte sent for KEx alg (default and only for now: KEX_HERRADURA) 2018-09-10 20:22:09 -07:00
Russ Magee 075ca7521c Client now passes xterm-256color in Session 2018-09-07 20:37:47 -07:00
Russ Magee 9e803ffc19 -Moved recCmd out of hkexsh and hkexshd into hkexsession.go (now abstract Session type) 2018-09-07 15:35:33 -07:00
Russ Magee bff56a2c61 -Added -z option back to tarpipes
-Moved remaining chatty fmt.Prints to log.Print
2018-09-06 16:37:17 -07:00
Russ Magee b33e9de139 -Moved taunting of failed logins to client-side
-Added byte auth pass/fail stage prior to shell/copy session start
2018-09-06 16:23:57 -07:00
Russ Magee 9ff35a69fe -Converted exit status to uint32 (0-255: UNIX exit codes), above for OOB (out-of-band) status
-Failed auth for shell logins now returns extended code CSEBadAuth to client
2018-09-06 13:50:56 -07:00
Russ Magee 8a24fb113f client prints nonzero remote end exit status; comment cleanup 2018-09-06 11:40:13 -07:00
Russ Magee db1b494d00 Fixed shell (interative & non-) exit status after cp status fixes 2018-09-06 00:16:44 -07:00
Russ Magee a6979298fd Steps toward getting remote cp(tar) status back to client 2018-09-05 21:58:55 -07:00
Russ Magee b419b2e002 File copy remote close signal to ensure completed tar pipe data 2018-09-04 22:24:16 -07:00
Russ Magee 7295492aa3 hkexcp: fixed copy chunked payload logic (now 2*32-1 MAX_PAYLOAD_LEN w/chunking) 2018-09-02 19:58:13 -07:00
Russ Magee 52ea229118 Fixed errors in copy scatter/gather logic. Added block-chunking to hc.Write() to allow
writes of larger data blocks
TODO: copies of files > hc.Read() block size fails w/incomplete tarfile (last partial block
likely incorrectly written or client exits before data is flushed?)
2018-09-01 10:20:33 -07:00
Russ Magee 143990da34 Scatter/gather for client->server copy now functional 2018-08-30 20:06:42 -07:00
Russ Magee 6389ad49d5 Improved flag.Usage() for cp/sh and removed more recursiveCopy flag remnants 2018-08-26 00:12:42 -07:00
Russ Magee 9025ee3c24 Cleaned up flag help txts; removed unused doCopyMode() recurs arg 2018-08-25 23:51:11 -07:00
Russ Magee 1986ec6f0c Removed :port: from 'fancy' arg syntax; more improvements to src/dest file spec logic (esp. fixing bug in multiple src file/dir args to remote dest) 2018-08-25 23:38:58 -07:00
Russ Magee ca2b6efd9b client->server and server->client file/dir copies minimally working 2018-08-24 23:22:07 -07:00
Russ Magee 7867f84b87 WIP: server->client copy primitively functional; TODO client->server copy 2018-08-24 18:50:45 -07:00
Russ Magee 0b9b8b8320 WIP tarpipe construction: server-side, TODOL client-side, -r behaviour 2018-08-23 11:03:19 -07:00
Russ Magee 5859131678 Continuing groundwork for cp mode - refactor main client code into shell/copy subroutines; -r option 2018-08-06 22:29:51 -07:00
Russ Magee 04e8b94b5d More misc. fixes to connection handling w/chaff e=0/1 client-side, both interactive and oneshot cmd (-x) 2018-08-06 00:06:09 -07:00
Russ Magee 00e03c1d54 Misc. fixes to end-of-session conn handling. Outstanding bug w/client chaff enabled & truncated client data 2018-08-05 21:43:21 -07:00
Russ Magee c6bfa2771b Simplified hostPortPath parsing (colons mandatory if specifying more than just host) 2018-07-29 13:22:35 -07:00
Russ Magee 55cf5a9277 Improved 'fancy arg' parsing - gathering up otherArgs (non-flag) as path src list 2018-07-29 12:47:44 -07:00
Russ Magee 5eb7d4d1e6 Initial (buggy) support for 'fancy arg' style ala ssh: eg user@example.org:port:path 2018-07-29 00:48:42 -07:00
Russ Magee f48b0c17ed Prep for hkexsh alternate op mode via symlink/exe name: hkexcp - a secure remote file copier 2018-07-18 22:32:49 -07:00
Russ Magee a8a4f1671a Added -h handling to mintty_wrapper (MSYS/Win client) 2018-07-06 13:29:34 -07:00
Russ Magee a3367fc6ae Fixes for MSYS Windows build (client) 2018-07-06 13:25:28 -07:00
Russ Magee 9edcc5110c Fixed syntax errors from re-org 2018-07-04 22:06:07 -07:00
Russ Magee 216bfa3326 Exit status of remote commands now reflect in client exit 2018-06-29 19:23:11 -07:00
Russ Magee 22da88af7d Attempts to handle disconnects better.. TODO: torture tests and implement exit status for -x commands 2018-06-26 20:14:43 -07:00
Russ Magee 0ba85e2ee8 Grr, added new Makefiles
Signed-off-by: Russ Magee <rmagee@gmail.com>
2018-05-26 23:46:55 -07:00
Russ Magee fc1625a0ed Fixed termsize_linux.go errors and misnamed termsize_windows.go 2018-05-26 14:11:27 -07:00
Russ Magee f92085bb86 Further work on term resizing platform support for Linux and Windows/mintty 2018-05-26 13:43:09 -07:00
Russ Magee 89dd225910 Experiment - moved sigwinch goroutine out of main client 2018-05-20 14:48:24 -07:00
Russ Magee 8f087e9ca1 Added -v option (version) 2018-05-12 18:41:39 -07:00
Russ Magee dfeb0d709e Moved client chaff config up so it works for non-interactive (-x) invocations. 2018-05-06 18:20:12 -07:00
Russ Magee a1f4e0342a Added chaff cmdline options to client & server 2018-05-06 17:41:09 -07:00
Russ Magee 70448dda08 No need for custom hkexsh.Copy() 2018-05-04 23:31:06 -07:00
Russ Magee c5498642fc Got client hangup working again. Security scrub auth vars. 2018-05-04 23:25:26 -07:00
Russ Magee a49a5d4cc2 Locking in WritePacket() apparently working, client and server-side chaffing functional 2018-05-03 23:53:47 -07:00
Russ Magee 6d606bbbd9 Moved mutex into hkexsh.Conn (hkexnet) 2018-05-02 13:22:37 -07:00
Russ Magee 4d85236d16 Chaffing slight improvements (rand size, timing). TODO: Move into hkexsh.Conn 2018-05-02 12:28:56 -07:00
Russ Magee b8a07e9648 Chaff packets w/sync.Mutex to allow chaff & main goroutine to both input to server.
TODO: smart chaff, mutating or mimicking recent input.
2018-05-01 02:39:45 -07:00
Russ Magee 8162707ffa - got term resizing working (client SIGWINCH signals -> server_pty(rows,cols) 2018-04-28 19:28:37 -07:00
Russ Magee 50f0433579 -Added error checking for all stages of hkex.Conn.Accept() and GetStream()
-Server will log such errors without panic/exit
-Const added but not yet used for 'chaff' packets
2018-04-28 16:05:33 -07:00
Russ Magee b45784e07b Minimal hmac channel verification w/close on tampering 2018-04-15 12:58:24 -07:00
Russ Magee 351f58b6c5 misc. cleanup, LICENSE.{gpl,mit} updates 2018-04-07 13:04:10 -07:00
Russ Magee ae5a8cfa3b Quick 'n dirty Makefile 2018-04-04 15:51:03 +00:00
Russ Magee 5da70447b0 MSYS+mintty support; pkg renaming to hkexsh 2018-04-04 15:43:27 -07:00