guacamole-spice-protocol/src/common-ssh/guac_ssh.c

/*
 * Copyright (C) 2015 Glyptodon LLC
 *
 * Permission is hereby granted, free of charge, to any person obtaining a copy
 * of this software and associated documentation files (the "Software"), to deal
 * in the Software without restriction, including without limitation the rights
 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
 * copies of the Software, and to permit persons to whom the Software is
 * furnished to do so, subject to the following conditions:
 *
 * The above copyright notice and this permission notice shall be included in
 * all copies or substantial portions of the Software.
 *
 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
 * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
 * THE SOFTWARE.
 */

#include "guac_ssh.h"
#include "guac_ssh_key.h"

#include <guacamole/client.h>
#include <libssh2.h>

#ifdef LIBSSH2_USES_GCRYPT
#include <gcrypt.h>
#endif

#include <openssl/err.h>
#include <openssl/ssl.h>

#include <errno.h>
#include <netdb.h>
#include <netinet/in.h>
#include <pthread.h>
#include <stddef.h>
#include <stdlib.h>
#include <string.h>
#include <sys/socket.h>

#ifdef LIBSSH2_USES_GCRYPT
GCRY_THREAD_OPTION_PTHREAD_IMPL;
#endif

/**
 * Array of mutexes, used by OpenSSL.
 */
static pthread_mutex_t* guac_common_ssh_openssl_locks;

/**
 * Called by OpenSSL when locking or unlocking the Nth mutex.
 */
static void guac_common_ssh_openssl_locking_callback(int mode, int n,
        const char* file, int line){

    /* Lock given mutex upon request */
    if (mode & CRYPTO_LOCK)
        pthread_mutex_lock(&(guac_common_ssh_openssl_locks[n]));

    /* Unlock given mutex upon request */
    else if (mode & CRYPTO_UNLOCK)
        pthread_mutex_unlock(&(guac_common_ssh_openssl_locks[n]));

}

/**
 * Called by OpenSSL when determining the current thread ID.
 */
static unsigned long guac_common_ssh_openssl_id_callback() {
    return (unsigned long) pthread_self();
}

/**
 * Creates the given number of mutexes, such that OpenSSL will have at least
 * this number of mutexes at its disposal.
 */
static void guac_common_ssh_openssl_init_locks(int count) {

    int i;

    /* Allocate required number of locks */
    guac_common_ssh_openssl_locks =
        malloc(sizeof(pthread_mutex_t) * CRYPTO_num_locks());

    /* Initialize each lock */
    for (i=0; i < count; i++)
        pthread_mutex_init(&(guac_common_ssh_openssl_locks[i]), NULL);

}

/**
 * Frees the given number of mutexes.
 */
static void guac_common_ssh_openssl_free_locks(int count) {

    int i;

    /* Free all locks */
    for (i=0; i < count; i++)
        pthread_mutex_destroy(&(guac_common_ssh_openssl_locks[i]));

}

int guac_common_ssh_init(guac_client* client) {

#ifdef LIBSSH2_USES_GCRYPT
    /* Init threadsafety in libgcrypt */
    gcry_control(GCRYCTL_SET_THREAD_CBS, &gcry_threads_pthread);
    if (!gcry_check_version(GCRYPT_VERSION)) {
        guac_client_log(client, GUAC_LOG_ERROR, "libgcrypt version mismatch.");
        return 1;
    }
#endif

    /* Init threadsafety in OpenSSL */
    guac_common_ssh_openssl_init_locks(CRYPTO_num_locks());
    CRYPTO_set_id_callback(guac_common_ssh_openssl_id_callback);
    CRYPTO_set_locking_callback(guac_common_ssh_openssl_locking_callback);

    /* Init OpenSSL */
    SSL_library_init();
    ERR_load_crypto_strings();

    /* Init libssh2 */
    libssh2_init(0);

    /* Success */
    return 0;

}

void guac_common_ssh_uninit() {
    guac_common_ssh_openssl_free_locks(CRYPTO_num_locks());
}

/**
 * Connects to the SSH server running at the given hostname and port, but does
 * not perform any authentication. Authentication must be immediately performed
 * after creation of the session for the session to become usable. If an error
 * occurs while connecting, the Guacamole client will automatically and fatally
 * abort.
 *
 * @param client
 *     The Guacamole client that will be using SSH.
 *
 * @param hostname
 *     The hostname of the SSH server to connect to.
 *
 * @param port
 *     The port to connect to on the given hostname.
 *
 * @param socket_fd
 *     A pointer to an integer in which the newly-allocated file descriptor for
 *     the SSH socket should be stored.
 *
 * @return
 *     A new SSH session if the connection succeeds, or NULL if the connection
 *     was not successful.
 */
static LIBSSH2_SESSION* guac_common_ssh_connect(guac_client* client,
        const char* hostname, const char* port, int* socket_fd) {

    int retval;

    int fd;
    struct addrinfo* addresses;
    struct addrinfo* current_address;

    char connected_address[1024];
    char connected_port[64];

    struct addrinfo hints = {
        .ai_family   = AF_UNSPEC,
        .ai_socktype = SOCK_STREAM,
        .ai_protocol = IPPROTO_TCP
    };

    /* Get socket */
    fd = socket(AF_INET, SOCK_STREAM, 0);

    /* Get addresses connection */
    if ((retval = getaddrinfo(hostname, port, &hints, &addresses))) {
        guac_client_abort(client, GUAC_PROTOCOL_STATUS_SERVER_ERROR,
                "Error parsing given address or port: %s",
                gai_strerror(retval));
        return NULL;
    }

    /* Attempt connection to each address until success */
    current_address = addresses;
    while (current_address != NULL) {

        /* Resolve hostname */
        if ((retval = getnameinfo(current_address->ai_addr,
                current_address->ai_addrlen,
                connected_address, sizeof(connected_address),
                connected_port, sizeof(connected_port),
                NI_NUMERICHOST | NI_NUMERICSERV)))
            guac_client_log(client, GUAC_LOG_DEBUG,
                    "Unable to resolve host: %s", gai_strerror(retval));

        /* Connect */
        if (connect(fd, current_address->ai_addr,
                        current_address->ai_addrlen) == 0) {

            guac_client_log(client, GUAC_LOG_DEBUG,
                    "Successfully connected to host %s, port %s",
                    connected_address, connected_port);

            /* Done if successful connect */
            break;

        }

        /* Otherwise log information regarding bind failure */
        else
            guac_client_log(client, GUAC_LOG_DEBUG, "Unable to connect to "
                    "host %s, port %s: %s",
                    connected_address, connected_port, strerror(errno));

        current_address = current_address->ai_next;

    }

    /* If unable to connect to anything, fail */
    if (current_address == NULL) {
        guac_client_abort(client, GUAC_PROTOCOL_STATUS_UPSTREAM_ERROR,
                "Unable to connect to any addresses.");
        return NULL;
    }

    /* Free addrinfo */
    freeaddrinfo(addresses);

    /* Open SSH session */
    LIBSSH2_SESSION* session = libssh2_session_init_ex(NULL, NULL,
            NULL, client);
    if (session == NULL) {
        guac_client_abort(client, GUAC_PROTOCOL_STATUS_SERVER_ERROR,
                "Session allocation failed.");
        return NULL;
    }

    /* Perform handshake */
    if (libssh2_session_handshake(session, fd)) {
        guac_client_abort(client, GUAC_PROTOCOL_STATUS_UPSTREAM_ERROR,
                "SSH handshake failed.");
        return NULL;
    }

    /* Save file descriptor */
    if (socket_fd != NULL)
        *socket_fd = fd;

    /* Return created session */
    return session;

}

LIBSSH2_SESSION* guac_common_ssh_connect_password(guac_client* client,
        const char* hostname, const char* port,
        const char* username, const char* password,
        int* socket_fd) {

    LIBSSH2_SESSION* session = guac_common_ssh_connect(client,
            hostname, port, socket_fd);

    /* STUB */

    return session;

}

static int __sign_callback(LIBSSH2_SESSION* session,
        unsigned char** sig, size_t* sig_len,
        const unsigned char* data, size_t data_len, void **abstract) {

    guac_common_ssh_key* key = (guac_common_ssh_key*) abstract;
    int length;

    /* Allocate space for signature */
    *sig = malloc(4096);

    /* Sign with key */
    length = guac_common_ssh_key_sign(key, (const char*) data, data_len, *sig);
    if (length < 0)
        return 1;

    *sig_len = length;
    return 0;
}

LIBSSH2_SESSION* guac_common_ssh_connect_private_key(guac_client* client,
        const char* hostname, const char* port,
        const char* username, char* private_key, char* passphrase,
        int* socket_fd) {

    LIBSSH2_SESSION* session = guac_common_ssh_connect(client,
            hostname, port, socket_fd);

    guac_client_log(client, GUAC_LOG_DEBUG,
            "Attempting private key import (WITHOUT passphrase)");

    /* Attempt to read key without passphrase */
    guac_common_ssh_key* key = guac_common_ssh_key_alloc(private_key,
            strlen(private_key), "");

#if 0
    /* On failure, attempt with passphrase */
    if (key == NULL) {

        /* Log failure of initial attempt */
        guac_client_log(client, GUAC_LOG_DEBUG,
                "Initial import failed: %s", guac_common_ssh_key_error());

        guac_client_log(client, GUAC_LOG_DEBUG,
                "Re-attempting private key import (WITH passphrase)");

        /* Prompt for passphrase if missing */
        if (client_data->key_passphrase[0] == 0)
            guac_terminal_prompt(client_data->term, "Key passphrase: ",
                                 client_data->key_passphrase, sizeof(client_data->key_passphrase), false);

        /* Import key with passphrase */
        client_data->key = guac_common_ssh_key_alloc(client_data->key_base64,
                strlen(client_data->key_base64),
                client_data->key_passphrase);

        /* If still failing, give up */
        if (client_data->key == NULL) {
            guac_client_abort(client,
                    GUAC_PROTOCOL_STATUS_CLIENT_UNAUTHORIZED,
                    "Auth key import failed: %s", guac_common_ssh_key_error());
            return NULL;
        }

    } /* end decrypt key with passphrase */
#endif

    /* Success */
    guac_client_log(client, GUAC_LOG_INFO, "Auth key successfully imported.");

    /* Get list of suported authentication methods */
    char* user_authlist = libssh2_userauth_list(session, username,
            strlen(username));
    guac_client_log(client, GUAC_LOG_DEBUG,
            "Supported authentication methods: %s", user_authlist);

    /* Check if public key auth is suported on the server */
    if (strstr(user_authlist, "publickey") == NULL) {
        guac_client_abort(client, GUAC_PROTOCOL_STATUS_CLIENT_UNAUTHORIZED,
                           "Public key authentication not suported");
        return NULL;
    }

    /* Attempt public key auth */
    if (libssh2_userauth_publickey(session, username,
                (unsigned char*) key->public_key, key->public_key_length,
                __sign_callback, (void**) key)) {

        /* Abort on failure */
        char* error_message;
        libssh2_session_last_error(session, &error_message, NULL, 0);
        guac_client_abort(client, GUAC_PROTOCOL_STATUS_CLIENT_UNAUTHORIZED,
                "Public key authentication failed: %s", error_message);

        return NULL;

    }

    /* Return new session on success */
    return session;

}