/[LeafOK_CVS]/lbbs/src/test_ssh_server.c
ViewVC logotype

Contents of /lbbs/src/test_ssh_server.c

Parent Directory Parent Directory | Revision Log Revision Log

Revision 1.16 - (show annotations)
Fri Nov 28 03:23:58 2025 UTC (3 months, 2 weeks ago) by sysadm
Branch: MAIN
Changes since 1.15: +28 -9 lines
Content type: text/x-csrc 
Add support for SSH ED25519 key
1 /* SPDX-License-Identifier: GPL-3.0-or-later */
2 /*
3 * test_ssh_server
4 * - tester for network server with SSH support
5 *
6 * Copyright (C) 2004-2025 Leaflet <leaflet@leafok.com>
7 */
8
9 // This test was written based on libssh example/proxy.c
10
11 #ifdef HAVE_CONFIG_H
12 #include "config.h"
13 #endif
14
15 #include "log.h"
16 #include <stdio.h>
17 #include <libssh/callbacks.h>
18 #include <libssh/libssh.h>
19 #include <libssh/server.h>
20
21 enum test_ssh_server_constant_t
22 {
23 BUF_SIZE = 2048,
24 };
25
26 static const char SSH_HOST_RSA_KEY_FILE[] = "../conf/ssh_host_rsa_key";
27 static const char SSH_HOST_ED25519_KEY_FILE[] = "../conf/ssh_host_ed25519_key";
28
29 static const char USER[] = "test";
30 static const char PASSWORD[] = "123456";
31
32 static ssh_channel SSH_channel;
33 static int authenticated = 0;
34 static int tries = 0;
35 static int error = 0;
36
37 static int auth_password(ssh_session session, const char *user,
38 const char *password, void *userdata)
39 {
40 (void)userdata;
41
42 log_common("Authenticating user %s pwd %s\n", user, password);
43 if (strcmp(user, USER) == 0 && strcmp(password, PASSWORD) == 0)
44 {
45 authenticated = 1;
46 log_common("Authenticated\n");
47 return SSH_AUTH_SUCCESS;
48 }
49 if (tries >= 3)
50 {
51 log_error("Too many authentication tries\n");
52 ssh_disconnect(session);
53 error = 1;
54 return SSH_AUTH_DENIED;
55 }
56 tries++;
57 return SSH_AUTH_DENIED;
58 }
59
60 static int pty_request(ssh_session session, ssh_channel channel, const char *term,
61 int x, int y, int px, int py, void *userdata)
62 {
63 (void)session;
64 (void)channel;
65 (void)term;
66 (void)x;
67 (void)y;
68 (void)px;
69 (void)py;
70 (void)userdata;
71 log_common("Allocated terminal\n");
72 return 0;
73 }
74
75 static int shell_request(ssh_session session, ssh_channel channel, void *userdata)
76 {
77 (void)session;
78 (void)channel;
79 (void)userdata;
80 log_common("Allocated shell\n");
81 return 0;
82 }
83
84 struct ssh_channel_callbacks_struct channel_cb = {
85 .channel_pty_request_function = pty_request,
86 .channel_shell_request_function = shell_request};
87
88 static ssh_channel channel_open(ssh_session session, void *userdata)
89 {
90 (void)session;
91 (void)userdata;
92
93 if (SSH_channel != NULL)
94 return NULL;
95
96 log_common("Allocated session channel\n");
97 SSH_channel = ssh_channel_new(session);
98 ssh_callbacks_init(&channel_cb);
99 ssh_set_channel_callbacks(SSH_channel, &channel_cb);
100
101 return SSH_channel;
102 }
103
104 int ssh_server(const char *hostaddr, unsigned int port)
105 {
106 ssh_bind sshbind;
107 ssh_session session;
108 ssh_event event;
109
110 struct ssh_server_callbacks_struct cb = {
111 .userdata = NULL,
112 .auth_password_function = auth_password,
113 .channel_open_request_session_function = channel_open};
114
115 long int ssh_timeout = 0;
116
117 char buf[BUF_SIZE];
118 char host[128] = "";
119 int i, r;
120
121 int ssh_key_valid = 0;
122 int ssh_log_level = SSH_LOG_PROTOCOL;
123
124 ssh_init();
125
126 sshbind = ssh_bind_new();
127
128 if (ssh_bind_options_set(sshbind, SSH_BIND_OPTIONS_HOSTKEY, SSH_HOST_RSA_KEY_FILE) < 0)
129 {
130 log_error("Error setting SSH RSA key: %s\n", SSH_HOST_RSA_KEY_FILE);
131 }
132 else
133 {
134 ssh_key_valid = 1;
135 }
136 if (ssh_bind_options_set(sshbind, SSH_BIND_OPTIONS_HOSTKEY, SSH_HOST_ED25519_KEY_FILE) < 0)
137 {
138 log_error("Error setting SSH ED25519 key: %s\n", SSH_HOST_ED25519_KEY_FILE);
139 }
140 else
141 {
142 ssh_key_valid = 1;
143 }
144
145 if (!ssh_key_valid)
146 {
147 log_error("Error: no valid SSH host key\n");
148 ssh_bind_free(sshbind);
149 return -1;
150 }
151
152 if (ssh_bind_options_set(sshbind, SSH_BIND_OPTIONS_BINDADDR, hostaddr) < 0 ||
153 ssh_bind_options_set(sshbind, SSH_BIND_OPTIONS_BINDPORT, &port) < 0 ||
154 ssh_bind_options_set(sshbind, SSH_BIND_OPTIONS_HOSTKEY_ALGORITHMS, "ssh-rsa,rsa-sha2-512,rsa-sha2-256,ssh-ed25519") < 0 ||
155 ssh_bind_options_set(sshbind, SSH_BIND_OPTIONS_LOG_VERBOSITY, &ssh_log_level) < 0)
156 {
157 log_error("Error setting SSH bind options: %s\n", ssh_get_error(sshbind));
158 ssh_bind_free(sshbind);
159 return -1;
160 }
161
162 if (ssh_bind_listen(sshbind) < 0)
163 {
164 log_error("Error listening at SSH server port: %s\n", ssh_get_error(sshbind));
165 ssh_bind_free(sshbind);
166 return -1;
167 }
168
169 while (1)
170 {
171 session = ssh_new();
172
173 if (ssh_bind_accept(sshbind, session) == SSH_OK)
174 {
175 pid_t pid = fork();
176 switch (pid)
177 {
178 case 0:
179 ssh_bind_free(sshbind);
180
181 ssh_callbacks_init(&cb);
182 ssh_set_server_callbacks(session, &cb);
183
184 ssh_timeout = 60; // second
185 if (ssh_options_set(session, SSH_OPTIONS_TIMEOUT, &ssh_timeout) < 0)
186 {
187 log_error("Error setting SSH options: %s\n", ssh_get_error(session));
188 ssh_disconnect(session);
189 _exit(1);
190 }
191
192 if (ssh_handle_key_exchange(session))
193 {
194 log_error("ssh_handle_key_exchange: %s\n", ssh_get_error(session));
195 ssh_disconnect(session);
196 _exit(1);
197 }
198 ssh_set_auth_methods(session, SSH_AUTH_METHOD_PASSWORD | SSH_AUTH_METHOD_GSSAPI_MIC);
199
200 event = ssh_event_new();
201 ssh_event_add_session(event, session);
202
203 while (!(authenticated && SSH_channel != NULL))
204 {
205 if (error)
206 break;
207 r = ssh_event_dopoll(event, -1);
208 if (r == SSH_ERROR)
209 {
210 log_error("Error : %s\n", ssh_get_error(session));
211 ssh_disconnect(session);
212 _exit(1);
213 }
214 }
215
216 if (error)
217 {
218 log_error("Error, exiting loop\n");
219 _exit(1);
220 }
221 else
222 {
223 log_common("Authenticated and got a channel\n");
224 }
225
226 ssh_timeout = 0;
227 if (ssh_options_set(session, SSH_OPTIONS_TIMEOUT, &ssh_timeout) < 0)
228 {
229 log_error("Error setting SSH options: %s\n", ssh_get_error(session));
230 ssh_disconnect(session);
231 _exit(1);
232 }
233
234 snprintf(buf, sizeof(buf), "Hello, welcome to the Sample SSH proxy.\r\nPlease select your destination: ");
235 ssh_channel_write(SSH_channel, buf, (uint32_t)strlen(buf));
236 do
237 {
238 i = ssh_channel_read(SSH_channel, buf, sizeof(buf), 0);
239 if (i > 0)
240 {
241 ssh_channel_write(SSH_channel, buf, (uint32_t)i);
242 if (strlen(host) + (size_t)i < sizeof(host))
243 {
244 strncat(host, buf, (size_t)i);
245 }
246 if (strchr(host, '\x0d'))
247 {
248 *strchr(host, '\x0d') = '\0';
249 ssh_channel_write(SSH_channel, "\n", 1);
250 break;
251 }
252 }
253 else
254 {
255 log_error("Error: %s\n", ssh_get_error(session));
256 _exit(1);
257 }
258 } while (i > 0);
259 snprintf(buf, sizeof(buf), "Trying to connect to \"%s\"\r\n", host);
260 ssh_channel_write(SSH_channel, buf, (uint32_t)strlen(buf));
261 log_common("%s", buf);
262
263 ssh_disconnect(session);
264 ssh_free(session);
265
266 _exit(0);
267 case -1:
268 log_error("Failed to fork\n");
269 break;
270 }
271 }
272 else
273 {
274 log_error("%s\n", ssh_get_error(sshbind));
275 }
276
277 /* Since the session has been passed to a child fork, do some cleaning
278 * up at the parent process. */
279 ssh_disconnect(session);
280 ssh_free(session);
281 }
282
283 ssh_bind_free(sshbind);
284 ssh_finalize();
285
286 return 0;
287 }
288
289 int main(int argc, char *argv[])
290 {
291 if (log_begin("../log/bbsd.log", "../log/error.log") < 0)
292 {
293 printf("Open log error\n");
294 return -1;
295 }
296
297 log_common_redir(STDOUT_FILENO);
298 log_error_redir(STDERR_FILENO);
299
300 ssh_server("0.0.0.0", 2322);
301
302 log_end();
303
304 return 0;
305 }
webmaster@leafok.com
 ViewVC Help
Powered by ViewVC 1.3.0-beta1