"Fossies" - the Fresh Open Source Software Archive

Member "shellinabox-2.20/shellinabox/session.c" (9 Nov 2016, 7850 Bytes) of package /linux/privat/shellinabox-2.20.tar.gz:


As a special service "Fossies" has tried to format the requested source page into HTML format using (guessed) C and C++ source code syntax highlighting (style: standard) with prefixed line numbers and code folding option. Alternatively you can here view or download the uninterpreted source code file. For more information about "session.c" see the Fossies "Dox" file reference documentation and the latest Fossies "Diffs" side-by-side code changes report: 2.19_vs_2.20.

    1 // session.c -- Session management for HTTP/HTTPS connections
    2 // Copyright (C) 2008-2010 Markus Gutschke <markus@shellinabox.com>
    3 //
    4 // This program is free software; you can redistribute it and/or modify
    5 // it under the terms of the GNU General Public License version 2 as
    6 // published by the Free Software Foundation.
    7 //
    8 // This program is distributed in the hope that it will be useful,
    9 // but WITHOUT ANY WARRANTY; without even the implied warranty of
   10 // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
   11 // GNU General Public License for more details.
   12 //
   13 // You should have received a copy of the GNU General Public License along
   14 // with this program; if not, write to the Free Software Foundation, Inc.,
   15 // 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
   16 //
   17 // In addition to these license terms, the author grants the following
   18 // additional rights:
   19 //
   20 // If you modify this program, or any covered work, by linking or
   21 // combining it with the OpenSSL project's OpenSSL library (or a
   22 // modified version of that library), containing parts covered by the
   23 // terms of the OpenSSL or SSLeay licenses, the author
   24 // grants you additional permission to convey the resulting work.
   25 // Corresponding Source for a non-source form of such a combination
   26 // shall include the source code for the parts of OpenSSL used as well
   27 // as that of the covered work.
   28 //
   29 // You may at your option choose to remove this additional permission from
   30 // the work, or from any part of it.
   31 //
   32 // It is possible to build this program in a way that it loads OpenSSL
   33 // libraries at run-time. If doing so, the following notices are required
   34 // by the OpenSSL and SSLeay licenses:
   35 //
   36 // This product includes software developed by the OpenSSL Project
   37 // for use in the OpenSSL Toolkit. (http://www.openssl.org/)
   38 //
   39 // This product includes cryptographic software written by Eric Young
   40 // (eay@cryptsoft.com)
   41 //
   42 //
   43 // The most up-to-date version of this program is always available from
   44 // http://shellinabox.com
   45 
   46 #include "config.h"
   47 
   48 #include <stdlib.h>
   49 #include <string.h>
   50 #include <time.h>
   51 #include <fcntl.h>
   52 #include <unistd.h>
   53 
   54 #include "shellinabox/session.h"
   55 #include "logging/logging.h"
   56 
   57 #ifdef HAVE_UNUSED
   58 #defined ATTR_UNUSED __attribute__((unused))
   59 #defined UNUSED(x)   do { } while (0)
   60 #else
   61 #define ATTR_UNUSED
   62 #define UNUSED(x)    do { (void)(x); } while (0)
   63 #endif
   64 
   65 static HashMap *sessions;
   66 
   67 
   68 static struct Graveyard {
   69   struct Graveyard *next;
   70   time_t           timeout;
   71   const char       *sessionKey;
   72 } *graveyard;
   73 
   74 void addToGraveyard(struct Session *session) {
   75   // It is possible for a child process to die, but for the Session to
   76   // linger around, because the browser has also navigated away and thus
   77   // nobody ever calls completePendingRequest(). We put these Sessions into
   78   // the graveyard and reap them after a while.
   79   struct Graveyard *g;
   80   check(g       = malloc(sizeof(struct Graveyard)));
   81   g->next       = graveyard;
   82   g->timeout    = time(NULL) + AJAX_TIMEOUT;
   83   g->sessionKey = strdup(session->sessionKey);
   84   graveyard     = g;
   85 }
   86 
   87 static void checkGraveyardInternal(int expireAll) {
   88   if (!graveyard) {
   89     return;
   90   }
   91   time_t timeout = time(NULL) - (expireAll ? 2*AJAX_TIMEOUT : 0);
   92   for (struct Graveyard **g = &graveyard, *old = *g;
   93        old; ) {
   94     if (old->timeout < timeout) {
   95       *g         = old->next;
   96       deleteFromHashMap(sessions, old->sessionKey);
   97       free((char *)old->sessionKey);
   98       free(old);
   99     } else {
  100       g          = &old->next;
  101     }
  102     old          = *g;
  103   }
  104 }
  105 
  106 void checkGraveyard(void) {
  107   checkGraveyardInternal(0);
  108 }
  109 
  110 void initSession(struct Session *session, const char *sessionKey,
  111                  Server *server, const char *peerName) {
  112   session->sessionKey     = sessionKey;
  113   session->server         = server;
  114   check(session->peerName = strdup(peerName));
  115   session->connection     = NULL;
  116   session->http           = NULL;
  117   session->done           = 0;
  118   session->pty            = -1;
  119   session->ptyFirstRead   = 1;
  120   session->width          = 0;
  121   session->height         = 0;
  122   session->buffered       = NULL;
  123   session->useLogin       = 0;
  124   session->len            = 0;
  125   session->pid            = 0;
  126   session->cleanup        = 0;
  127 }
  128 
  129 struct Session *newSession(const char *sessionKey, Server *server,
  130                            const char *peerName) {
  131   struct Session *session;
  132   check(session = malloc(sizeof(struct Session)));
  133   initSession(session, sessionKey, server, peerName);
  134   return session;
  135 }
  136 
  137 void destroySession(struct Session *session) {
  138   if (session) {
  139     free((char *)session->peerName);
  140     free((char *)session->sessionKey);
  141     if (session->pty >= 0) {
  142       NOINTR(close(session->pty));
  143     }
  144   }
  145 }
  146 
  147 void deleteSession(struct Session *session) {
  148   destroySession(session);
  149   free(session);
  150 }
  151 
  152 void abandonSession(struct Session *session) {
  153   deleteFromHashMap(sessions, session->sessionKey);
  154 }
  155 
  156 void finishSession(struct Session *session) {
  157   deleteFromHashMap(sessions, session->sessionKey);
  158 }
  159 
  160 void finishAllSessions(void) {
  161   checkGraveyardInternal(1);
  162   deleteHashMap(sessions);
  163 }
  164 
  165 static void destroySessionHashEntry(void *arg ATTR_UNUSED,
  166                                     char *key ATTR_UNUSED, char *value) {
  167   UNUSED(arg);
  168   UNUSED(key);
  169 
  170   deleteSession((struct Session *)value);
  171 }
  172 
  173 char *newSessionKey(void) {
  174   int fd;
  175   check((fd = NOINTR(open("/dev/urandom", O_RDONLY))) >= 0);
  176   unsigned char buf[16];
  177   check(NOINTR(read(fd, buf, sizeof(buf))) == sizeof(buf));
  178   NOINTR(close(fd));
  179   char *sessionKey;
  180   check(sessionKey   = malloc((8*sizeof(buf) + 5)/6 + 1));
  181   char *ptr          = sessionKey;
  182   int count          = 0;
  183   int bits           = 0;
  184   for (unsigned i = 0;;) {
  185     bits             = (bits << 8) | buf[i];
  186     count           += 8;
  187   drain:
  188     while (count >= 6) {
  189       *ptr++         = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdef"
  190                        "ghijklmnopqrstuvwxyz0123456789-/"
  191                        [(bits >> (count -= 6)) & 0x3F];
  192     }
  193     if (++i >= sizeof(buf)) {
  194       if (count && i == sizeof(buf)) {
  195         bits       <<= 8;
  196         count       += 8;
  197         goto drain;
  198       } else {
  199         break;
  200       }
  201     }
  202   }
  203   *ptr               = '\000';
  204   check(!sessions || !getFromHashMap(sessions, sessionKey));
  205   return sessionKey;
  206 }
  207 
  208 struct Session *findSession(const char *sessionKey, const char *cgiSessionKey,
  209                             int *sessionIsNew, HttpConnection *http) {
  210   *sessionIsNew          = 1;
  211   if (!sessions) {
  212     sessions             = newHashMap(destroySessionHashEntry, NULL);
  213   }
  214 
  215   struct Session *session= NULL;
  216   if (cgiSessionKey &&
  217       (!sessionKey || strcmp(cgiSessionKey, sessionKey))) {
  218     // In CGI mode, we only ever allow exactly one session with a
  219     // pre-negotiated key.
  220   } else {
  221     if (sessionKey && *sessionKey) {
  222       session            = (struct Session *)getFromHashMap(sessions,
  223                                                             sessionKey);
  224     }
  225     if (session) {
  226       *sessionIsNew      = 0;
  227     } else if (!cgiSessionKey && sessionKey && *sessionKey) {
  228       *sessionIsNew      = 0;
  229       debug("[server] Failed to find session: %s", sessionKey);
  230     } else {
  231       // First contact. Create session, now.
  232       check(sessionKey   = cgiSessionKey ? strdup(cgiSessionKey)
  233                                          : newSessionKey());
  234       session            = newSession(sessionKey, httpGetServer(http),
  235                                       httpGetPeerName(http));
  236       addToHashMap(sessions, sessionKey, (const char *)session);
  237       debug("[server] Creating a new session: %s", sessionKey);
  238     }
  239   }
  240   return session;
  241 }
  242 
  243 void iterateOverSessions(int (*fnc)(void *, const char *, char **), void *arg){
  244   iterateOverHashMap(sessions, fnc, arg);
  245 }
  246 
  247 int numSessions(void) {
  248   return getHashmapSize(sessions);
  249 }