Skip to content

Commit

Permalink
Rename EPKA -> Plugin
Browse files Browse the repository at this point in the history
  • Loading branch information
mkj committed May 15, 2019
1 parent 8c6aaf8 commit fa116e9
Show file tree
Hide file tree
Showing 11 changed files with 81 additions and 81 deletions.
8 changes: 4 additions & 4 deletions Makefile.in
Original file line number Diff line number Diff line change
Expand Up @@ -80,13 +80,13 @@ else
scpobjs=$(SCPOBJS)
endif

ifeq (@DROPBEAR_EPKA@, 1)
ifeq (@DROPBEAR_PLUGIN@, 1)
# rdynamic makes all the global symbols of dropbear available to all the loaded shared libraries
# this allow a plugin to reuse existing crypto/utilities like base64_decode/base64_encode without
# the need to rewrite them.
EPKA_LIBS=-ldl -rdynamic
PLUGIN_LIBS=-ldl -rdynamic
else
EPKA_LIBS=
PLUGIN_LIBS=
endif

VPATH=@srcdir@
Expand Down Expand Up @@ -198,7 +198,7 @@ dropbearkey: $(dropbearkeyobjs)
dropbearconvert: $(dropbearconvertobjs)

dropbear: $(HEADERS) $(LIBTOM_DEPS) Makefile
$(CC) $(LDFLAGS) -o $@$(EXEEXT) $($@objs) $(LIBTOM_LIBS) $(LIBS) @CRYPTLIB@ $(EPKA_LIBS)
$(CC) $(LDFLAGS) -o $@$(EXEEXT) $($@objs) $(LIBTOM_LIBS) $(LIBS) @CRYPTLIB@ $(PLUGIN_LIBS)

dbclient: $(HEADERS) $(LIBTOM_DEPS) Makefile
$(CC) $(LDFLAGS) -o $@$(EXEEXT) $($@objs) $(LIBTOM_LIBS) $(LIBS)
Expand Down
4 changes: 2 additions & 2 deletions common-session.c
Original file line number Diff line number Diff line change
Expand Up @@ -147,8 +147,8 @@ void common_session_init(int sock_in, int sock_out) {

ses.allowprivport = 0;

#if DROPBEAR_EPKA
ses.epka_session = NULL;
#if DROPBEAR_PLUGIN
ses.plugin_session = NULL;
#endif

TRACE(("leave session_init"))
Expand Down
14 changes: 7 additions & 7 deletions configure.ac
Original file line number Diff line number Diff line change
Expand Up @@ -323,20 +323,20 @@ AC_ARG_ENABLE(shadow,
]
)

AC_ARG_ENABLE(epka,
[ --enable-epka Enable support for External Public Key Authentication plug-in],
AC_ARG_ENABLE(plugin,
[ --enable-plugin Enable support for External Public Key Authentication plug-in],
[
AC_DEFINE(DROPBEAR_EPKA, 1, External Public Key Authentication)
AC_DEFINE(DROPBEAR_PLUGIN, 1, External Public Key Authentication)
AC_MSG_NOTICE(Enabling support for External Public Key Authentication)
DROPBEAR_EPKA=1
DROPBEAR_PLUGIN=1
],
[
AC_DEFINE(DROPBEAR_EPKA, 0, External Public Key Authentication)
DROPBEAR_EPKA=0
AC_DEFINE(DROPBEAR_PLUGIN, 0, External Public Key Authentication)
DROPBEAR_PLUGIN=0
]

)
AC_SUBST(DROPBEAR_EPKA)
AC_SUBST(DROPBEAR_PLUGIN)

AC_ARG_ENABLE(fuzz,
[ --enable-fuzz Build fuzzing. Not recommended for deployment.],
Expand Down
2 changes: 1 addition & 1 deletion includes.h
Original file line number Diff line number Diff line change
Expand Up @@ -164,7 +164,7 @@ typedef u_int32_t uint32_t;
#include <linux/pkt_sched.h>
#endif

#if DROPBEAR_EPKA
#if DROPBEAR_PLUGIN
#include <dlfcn.h>
#endif

Expand Down
34 changes: 17 additions & 17 deletions pubkeyapi.h
Original file line number Diff line number Diff line change
Expand Up @@ -33,21 +33,21 @@
*
*/

struct EPKAInstance;
struct EPKASession;
struct PluginInstance;
struct PluginSession;

/* API VERSION INFORMATION -
* Dropbear will:
* - Reject any plugin with a major version mismatch
* - Load and print a warning if the plugin's minor version is HIGHER than
* dropbear's minor version (assumes properties are added at the end of
* EPKAInstance or EPKASession). This is a case of plugin newer than dropbear.
* PluginInstance or PluginSession). This is a case of plugin newer than dropbear.
* - Reject if the plugin minor version is SMALLER than dropbear one (case
* of plugin older than dropbear).
* - Load (with no warnings) if version match.
*/
#define DROPBEAR_EPKA_VERSION_MAJOR 1
#define DROPBEAR_EPKA_VERSION_MINOR 0
#define DROPBEAR_PLUGIN_VERSION_MAJOR 1
#define DROPBEAR_PLUGIN_VERSION_MINOR 0


/* Creates an instance of the plugin.
Expand All @@ -60,15 +60,15 @@ struct EPKASession;
* If the version MINOR is different, dropbear will allow the plugin to run
* only if: plugin_MINOR > dropbear_MINOR
*
* If plugin_MINOR < dropbeart_MINOR or if the MAJOR version is different
* If plugin_MINOR < dropbear_MINOR or if the MAJOR version is different
* dropbear will reject the plugin and terminate the execution.
*
* addrstring is the IP address of the client.
*
* Returns NULL in case of failure, otherwise a void * of the instance that need
* to be passed to all the subsequent call to the plugin
*/
typedef struct EPKAInstance *(* PubkeyExtPlugin_newFn)(int verbose,
typedef struct PluginInstance *(* PubkeyExtPlugin_newFn)(int verbose,
const char *options,
const char *addrstring);
#define DROPBEAR_PUBKEY_PLUGIN_FNNAME_NEW "plugin_new"
Expand All @@ -83,8 +83,8 @@ typedef struct EPKAInstance *(* PubkeyExtPlugin_newFn)(int verbose,
* Returns DROPBEAR_SUCCESS (0) if success or DROPBEAR_FAILURE (-1) if
* authentication fails
*/
typedef int (* PubkeyExtPlugin_checkPubKeyFn)(struct EPKAInstance *pluginInstance,
struct EPKASession **sessionInOut,
typedef int (* PubkeyExtPlugin_checkPubKeyFn)(struct PluginInstance *PluginInstance,
struct PluginSession **sessionInOut,
const char* algo,
unsigned int algolen,
const unsigned char* keyblob,
Expand All @@ -93,18 +93,18 @@ typedef int (* PubkeyExtPlugin_checkPubKeyFn)(struct EPKAInstance *pluginInstanc

/* Notify the plugin that auth completed (after signature verification)
*/
typedef void (* PubkeyExtPlugin_authSuccessFn)(struct EPKASession *session);
typedef void (* PubkeyExtPlugin_authSuccessFn)(struct PluginSession *session);

/* Deletes a session
* TODO: Add a reason why the session is terminated. See svr_dropbear_exit (in svr-session.c)
*/
typedef void (* PubkeyExtPlugin_sessionDeleteFn)(struct EPKASession *session);
typedef void (* PubkeyExtPlugin_sessionDeleteFn)(struct PluginSession *session);

/* Deletes the plugin instance */
typedef void (* PubkeyExtPlugin_deleteFn)(struct EPKAInstance *pluginInstance);
typedef void (* PubkeyExtPlugin_deleteFn)(struct PluginInstance *PluginInstance);


/* The EPKAInstance object - A simple container of the pointer to the functions used
/* The PluginInstance object - A simple container of the pointer to the functions used
* by Dropbear.
*
* A plug-in can extend it to add its own properties
Expand All @@ -113,7 +113,7 @@ typedef void (* PubkeyExtPlugin_deleteFn)(struct EPKAInstance *pluginInstance);
* shared library.
* The delete_plugin function should delete the object.
*/
struct EPKAInstance {
struct PluginInstance {
int api_version[2]; /* 0=Major, 1=Minor */

PubkeyExtPlugin_checkPubKeyFn checkpubkey; /* mandatory */
Expand All @@ -129,7 +129,7 @@ struct EPKAInstance {
* The returned buffer will be destroyed when the session is deleted.
* Option buffer string NULL-terminated
*/
typedef char * (* PubkeyExtPlugin_getOptionsFn)(struct EPKASession *session);
typedef char * (* PubkeyExtPlugin_getOptionsFn)(struct PluginSession *session);


/* An SSH Session. Created during pre-auth and reused during the authentication.
Expand All @@ -142,8 +142,8 @@ typedef char * (* PubkeyExtPlugin_getOptionsFn)(struct EPKASession *session);
*
* Store any optional auth options in the auth_options property of the session.
*/
struct EPKASession {
struct EPKAInstance * plugin_instance;
struct PluginSession {
struct PluginInstance * plugin_instance;

PubkeyExtPlugin_getOptionsFn get_options;
};
Expand Down
2 changes: 1 addition & 1 deletion runopts.h
Original file line number Diff line number Diff line change
Expand Up @@ -125,7 +125,7 @@ typedef struct svr_runopts {

char * forced_command;

#if DROPBEAR_EPKA
#if DROPBEAR_PLUGIN
char *pubkey_plugin;
char *pubkey_plugin_options;
#endif
Expand Down
12 changes: 6 additions & 6 deletions session.h
Original file line number Diff line number Diff line change
Expand Up @@ -38,7 +38,7 @@
#include "chansession.h"
#include "dbutil.h"
#include "netio.h"
#if DROPBEAR_EPKA
#if DROPBEAR_PLUGIN
#include "pubkeyapi.h"
#endif

Expand Down Expand Up @@ -220,8 +220,8 @@ struct sshsession {
/* set once the ses structure (and cli_ses/svr_ses) have been populated to their initial state */
int init_done;

#if DROPBEAR_EPKA
struct EPKASession * epka_session;
#if DROPBEAR_PLUGIN
struct PluginSession * plugin_session;
#endif
};

Expand All @@ -248,12 +248,12 @@ struct serversession {
pid_t server_pid;
#endif

#if DROPBEAR_EPKA
#if DROPBEAR_PLUGIN
/* The shared library handle */
void *epka_plugin_handle;
void *plugin_handle;

/* The instance created by the plugin_new function */
struct EPKAInstance *epka_instance;
struct PluginInstance *plugin_instance;
#endif

};
Expand Down
18 changes: 9 additions & 9 deletions svr-authpubkey.c
Original file line number Diff line number Diff line change
Expand Up @@ -111,12 +111,12 @@ void svr_auth_pubkey(int valid_user) {
send_msg_userauth_failure(0, 0);
goto out;
}
#if DROPBEAR_EPKA
if (svr_ses.epka_instance != NULL) {
#if DROPBEAR_PLUGIN
if (svr_ses.plugin_instance != NULL) {
char *options_buf;
if (svr_ses.epka_instance->checkpubkey(
svr_ses.epka_instance,
&ses.epka_session,
if (svr_ses.plugin_instance->checkpubkey(
svr_ses.plugin_instance,
&ses.plugin_session,
algo,
algolen,
keyblob,
Expand All @@ -126,7 +126,7 @@ void svr_auth_pubkey(int valid_user) {
auth_failure = 0;

/* Options provided? */
options_buf = ses.epka_session->get_options(ses.epka_session);
options_buf = ses.plugin_session->get_options(ses.plugin_session);
if (options_buf) {
struct buf temp_buf = {
.data = (unsigned char *)options_buf,
Expand Down Expand Up @@ -193,10 +193,10 @@ void svr_auth_pubkey(int valid_user) {
"Pubkey auth succeeded for '%s' with key %s from %s",
ses.authstate.pw_name, fp, svr_ses.addrstring);
send_msg_userauth_success();
#if DROPBEAR_EPKA
if ((ses.epka_session != NULL) && (svr_ses.epka_instance->auth_success != NULL)) {
#if DROPBEAR_PLUGIN
if ((ses.plugin_session != NULL) && (svr_ses.plugin_instance->auth_success != NULL)) {
/* Was authenticated through the external plugin. tell plugin that signature verification was ok */
svr_ses.epka_instance->auth_success(ses.epka_session);
svr_ses.plugin_instance->auth_success(ses.plugin_session);
}
#endif

Expand Down
10 changes: 5 additions & 5 deletions svr-runopts.c
Original file line number Diff line number Diff line change
Expand Up @@ -99,7 +99,7 @@ static void printhelp(const char * progname) {
"-W <receive_window_buffer> (default %d, larger may be faster, max 1MB)\n"
"-K <keepalive> (0 is never, default %d, in seconds)\n"
"-I <idle_timeout> (0 is never, default %d, in seconds)\n"
#if DROPBEAR_EPKA
#if DROPBEAR_PLUGIN
"-A <authplugin>[,<options>]\n"
" Enable external public key auth through <authplugin>\n"
#endif
Expand Down Expand Up @@ -133,7 +133,7 @@ void svr_getopts(int argc, char ** argv) {
char* maxauthtries_arg = NULL;
char* keyfile = NULL;
char c;
#if DROPBEAR_EPKA
#if DROPBEAR_PLUGIN
char* pubkey_plugin = NULL;
#endif

Expand Down Expand Up @@ -163,7 +163,7 @@ void svr_getopts(int argc, char ** argv) {
#if DROPBEAR_SVR_REMOTETCPFWD
svr_opts.noremotetcp = 0;
#endif
#if DROPBEAR_EPKA
#if DROPBEAR_PLUGIN
svr_opts.pubkey_plugin = NULL;
svr_opts.pubkey_plugin_options = NULL;
#endif
Expand Down Expand Up @@ -285,7 +285,7 @@ void svr_getopts(int argc, char ** argv) {
case 'u':
/* backwards compatibility with old urandom option */
break;
#if DROPBEAR_EPKA
#if DROPBEAR_PLUGIN
case 'A':
next = &pubkey_plugin;
break;
Expand Down Expand Up @@ -410,7 +410,7 @@ void svr_getopts(int argc, char ** argv) {
if (svr_opts.forced_command) {
dropbear_log(LOG_INFO, "Forced command set to '%s'", svr_opts.forced_command);
}
#if DROPBEAR_EPKA
#if DROPBEAR_PLUGIN
if (pubkey_plugin) {
char *args = strchr(pubkey_plugin, ',');
if (args) {
Expand Down
Loading

0 comments on commit fa116e9

Please sign in to comment.