add connection status from sshd and remote protocol version to telemetry (#539)
This commit is contained in:
Tess Gauthier
GitHub
parent
45f2b0e099
commit
1d40f24cf8
6
auth2.c
6
auth2.c
|
|
@ -58,6 +58,9 @@
|
||||||
#endif
|
#endif
|
||||||
#include "monitor_wrap.h"
|
#include "monitor_wrap.h"
|
||||||
#include "digest.h"
|
#include "digest.h"
|
||||||
|
#ifdef WINDOWS
|
||||||
|
#include "sshTelemetry.h"
|
||||||
|
#endif
|
||||||
|
|
||||||
/* import */
|
/* import */
|
||||||
extern ServerOptions options;
|
extern ServerOptions options;
|
||||||
|
|
@ -432,6 +435,9 @@ userauth_finish(struct ssh *ssh, int authenticated, const char *method,
|
||||||
methods = authmethods_get(authctxt);
|
methods = authmethods_get(authctxt);
|
||||||
debug3_f("failure partial=%d next methods=\"%s\"",
|
debug3_f("failure partial=%d next methods=\"%s\"",
|
||||||
partial, methods);
|
partial, methods);
|
||||||
|
#ifdef WINDOWS
|
||||||
|
send_auth_method_telemetry(methods);
|
||||||
|
#endif
|
||||||
if ((r = sshpkt_start(ssh, SSH2_MSG_USERAUTH_FAILURE)) != 0 ||
|
if ((r = sshpkt_start(ssh, SSH2_MSG_USERAUTH_FAILURE)) != 0 ||
|
||||||
(r = sshpkt_put_cstring(ssh, methods)) != 0 ||
|
(r = sshpkt_put_cstring(ssh, methods)) != 0 ||
|
||||||
(r = sshpkt_put_u8(ssh, partial)) != 0 ||
|
(r = sshpkt_put_u8(ssh, partial)) != 0 ||
|
||||||
|
|
|
||||||
|
|
@ -69,6 +69,19 @@ void send_auth_telemetry(const int status, const char* auth_type)
|
||||||
TraceLoggingUnregister(g_hProvider1);
|
TraceLoggingUnregister(g_hProvider1);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
void send_auth_method_telemetry(const char* auth_methods)
|
||||||
|
{
|
||||||
|
TraceLoggingRegister(g_hProvider1);
|
||||||
|
TraceLoggingWrite(
|
||||||
|
g_hProvider1,
|
||||||
|
"AuthMethods",
|
||||||
|
TelemetryPrivacyDataTag(PDT_ProductAndServiceUsage),
|
||||||
|
TraceLoggingKeyword(MICROSOFT_KEYWORD_MEASURES),
|
||||||
|
TraceLoggingString(auth_methods, "authMethodsConfigured")
|
||||||
|
);
|
||||||
|
TraceLoggingUnregister(g_hProvider1);
|
||||||
|
}
|
||||||
|
|
||||||
void send_encryption_telemetry(const char* direction,
|
void send_encryption_telemetry(const char* direction,
|
||||||
const char* cipher, const char* kex, const char* mac,
|
const char* cipher, const char* kex, const char* mac,
|
||||||
const char* comp, const char* host_key,
|
const char* comp, const char* host_key,
|
||||||
|
|
@ -164,44 +177,21 @@ void send_ssh_connection_telemetry(const char* conn, const char* port)
|
||||||
TraceLoggingUnregister(g_hProvider1);
|
TraceLoggingUnregister(g_hProvider1);
|
||||||
}
|
}
|
||||||
|
|
||||||
void send_sshd_config_telemetry(const int num_auth_methods,
|
void send_sshd_connection_telemetry(const char* conn)
|
||||||
const char** auth_methods)
|
|
||||||
{
|
{
|
||||||
char* auth_buffer = NULL;
|
|
||||||
if (num_auth_methods == 0) {
|
|
||||||
auth_buffer = (char*)malloc(5 * sizeof(char));
|
|
||||||
strcpy_s(auth_buffer, 5, "none");
|
|
||||||
}
|
|
||||||
else {
|
|
||||||
// concatenate all the auth methods into a
|
|
||||||
// single string to pass to tracelogging
|
|
||||||
size_t buffer_size = (size_t)num_auth_methods;
|
|
||||||
for (int i = 0; i < num_auth_methods; i++) {
|
|
||||||
buffer_size += strlen(auth_methods[i]);
|
|
||||||
}
|
|
||||||
auth_buffer = (char*)malloc((buffer_size + 1) * sizeof(char));
|
|
||||||
auth_buffer[0] = '\0';
|
|
||||||
for (int i = 0; i < num_auth_methods; i++) {
|
|
||||||
strcat_s(auth_buffer, buffer_size, auth_methods[i]);
|
|
||||||
if (i < num_auth_methods - 1) {
|
|
||||||
strcat_s(auth_buffer, buffer_size, ",");
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
TraceLoggingRegister(g_hProvider1);
|
TraceLoggingRegister(g_hProvider1);
|
||||||
TraceLoggingWrite(
|
TraceLoggingWrite(
|
||||||
g_hProvider1,
|
g_hProvider1,
|
||||||
"SSHD",
|
"SSHD",
|
||||||
TelemetryPrivacyDataTag(PDT_ProductAndServiceUsage),
|
TelemetryPrivacyDataTag(PDT_ProductAndServiceUsage),
|
||||||
TraceLoggingKeyword(MICROSOFT_KEYWORD_MEASURES),
|
TraceLoggingKeyword(MICROSOFT_KEYWORD_MEASURES),
|
||||||
TraceLoggingString(auth_buffer, "authMethods")
|
TraceLoggingString(conn, "connStatus")
|
||||||
);
|
);
|
||||||
TraceLoggingUnregister(g_hProvider1);
|
TraceLoggingUnregister(g_hProvider1);
|
||||||
free(auth_buffer);
|
|
||||||
}
|
}
|
||||||
|
|
||||||
void send_ssh_version_telemetry(const char* ssh_version, const char* peer_version,
|
void send_ssh_version_telemetry(const char* ssh_version,
|
||||||
const char* remote_protocol_supported)
|
const char* peer_version, const char* remote_protocol_error)
|
||||||
{
|
{
|
||||||
TraceLoggingRegister(g_hProvider1);
|
TraceLoggingRegister(g_hProvider1);
|
||||||
TraceLoggingWrite(
|
TraceLoggingWrite(
|
||||||
|
|
@ -210,7 +200,7 @@ void send_ssh_version_telemetry(const char* ssh_version, const char* peer_versio
|
||||||
TelemetryPrivacyDataTag(PDT_ProductAndServiceUsage),
|
TelemetryPrivacyDataTag(PDT_ProductAndServiceUsage),
|
||||||
TraceLoggingKeyword(MICROSOFT_KEYWORD_MEASURES),
|
TraceLoggingKeyword(MICROSOFT_KEYWORD_MEASURES),
|
||||||
TraceLoggingString(ssh_version, "ourVersion"),
|
TraceLoggingString(ssh_version, "ourVersion"),
|
||||||
TraceLoggingString(remote_protocol_supported, "remoteProtocolError"),
|
TraceLoggingString(remote_protocol_error, "remoteProtocolError"),
|
||||||
TraceLoggingString(peer_version, "peerVersion")
|
TraceLoggingString(peer_version, "peerVersion")
|
||||||
);
|
);
|
||||||
TraceLoggingUnregister(g_hProvider1);
|
TraceLoggingUnregister(g_hProvider1);
|
||||||
|
|
|
||||||
|
|
@ -3,6 +3,9 @@
|
||||||
// sends authentication type and status
|
// sends authentication type and status
|
||||||
void send_auth_telemetry(const int status, const char* auth_type);
|
void send_auth_telemetry(const int status, const char* auth_type);
|
||||||
|
|
||||||
|
// sends authentication methods configured by SSHD
|
||||||
|
void send_auth_method_telemetry(const char* auth_methods);
|
||||||
|
|
||||||
// sends crypto information like cipher, kex, and mac
|
// sends crypto information like cipher, kex, and mac
|
||||||
void send_encryption_telemetry(const char* direction,
|
void send_encryption_telemetry(const char* direction,
|
||||||
const char* cipher, const char* kex, const char* mac,
|
const char* cipher, const char* kex, const char* mac,
|
||||||
|
|
@ -21,10 +24,9 @@ void send_pubkey_sign_telemetry(const char* pubKeySignStatus);
|
||||||
// sends connection status from ssh client
|
// sends connection status from ssh client
|
||||||
void send_ssh_connection_telemetry(const char* conn, const char* port);
|
void send_ssh_connection_telemetry(const char* conn, const char* port);
|
||||||
|
|
||||||
// sends ports and auth methods configured by sshd
|
// sends connection status from ssh server
|
||||||
void send_sshd_config_telemetry(const int num_auth_methods,
|
void send_sshd_connection_telemetry(const char* conn);
|
||||||
const char** auth_methods);
|
|
||||||
|
|
||||||
// sends version and peer version from ssh & sshd
|
// sends version and peer version from ssh & sshd
|
||||||
void send_ssh_version_telemetry(const char* ssh_version,
|
void send_ssh_version_telemetry(const char* ssh_version,
|
||||||
const char* peer_version, const char* remote_protocol_supported);
|
const char* peer_version, const char* remote_protocol_error);
|
||||||
|
|
|
||||||
19
sshd.c
19
sshd.c
|
|
@ -2230,10 +2230,6 @@ main(int ac, char **av)
|
||||||
|
|
||||||
debug("sshd version %s, %s", SSH_VERSION, SSH_OPENSSL_VERSION);
|
debug("sshd version %s, %s", SSH_VERSION, SSH_OPENSSL_VERSION);
|
||||||
|
|
||||||
#ifdef WINDOWS
|
|
||||||
send_sshd_config_telemetry(options.num_auth_methods,
|
|
||||||
options.auth_methods);
|
|
||||||
#endif
|
|
||||||
/* Store privilege separation user for later use if required. */
|
/* Store privilege separation user for later use if required. */
|
||||||
privsep_chroot = use_privsep && (getuid() == 0 || geteuid() == 0);
|
privsep_chroot = use_privsep && (getuid() == 0 || geteuid() == 0);
|
||||||
if ((privsep_pw = getpwnam(SSH_PRIVSEP_USER)) == NULL) {
|
if ((privsep_pw = getpwnam(SSH_PRIVSEP_USER)) == NULL) {
|
||||||
|
|
@ -2602,7 +2598,15 @@ done_loading_hostkeys:
|
||||||
io_sock_in = sock_in;
|
io_sock_in = sock_in;
|
||||||
io_sock_out = sock_out;
|
io_sock_out = sock_out;
|
||||||
if ((ssh = ssh_packet_set_connection(NULL, sock_in, sock_out)) == NULL)
|
if ((ssh = ssh_packet_set_connection(NULL, sock_in, sock_out)) == NULL)
|
||||||
|
#ifdef WINDOWS
|
||||||
|
{
|
||||||
|
send_sshd_connection_telemetry(
|
||||||
|
"connection failed: unable to create connection");
|
||||||
fatal("Unable to create connection");
|
fatal("Unable to create connection");
|
||||||
|
}
|
||||||
|
#else
|
||||||
|
fatal("Unable to create connection");
|
||||||
|
#endif
|
||||||
the_active_state = ssh;
|
the_active_state = ssh;
|
||||||
ssh_packet_set_server(ssh);
|
ssh_packet_set_server(ssh);
|
||||||
|
|
||||||
|
|
@ -2620,6 +2624,10 @@ done_loading_hostkeys:
|
||||||
|
|
||||||
if ((remote_port = ssh_remote_port(ssh)) < 0) {
|
if ((remote_port = ssh_remote_port(ssh)) < 0) {
|
||||||
debug("ssh_remote_port failed");
|
debug("ssh_remote_port failed");
|
||||||
|
#ifdef WINDOWS
|
||||||
|
send_sshd_connection_telemetry(
|
||||||
|
"connection failed: ssh_remote_port failed");
|
||||||
|
#endif
|
||||||
cleanup_exit(255);
|
cleanup_exit(255);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
@ -2650,6 +2658,9 @@ done_loading_hostkeys:
|
||||||
rdomain == NULL ? "" : " rdomain \"",
|
rdomain == NULL ? "" : " rdomain \"",
|
||||||
rdomain == NULL ? "" : rdomain,
|
rdomain == NULL ? "" : rdomain,
|
||||||
rdomain == NULL ? "" : "\"");
|
rdomain == NULL ? "" : "\"");
|
||||||
|
#ifdef WINDOWS
|
||||||
|
send_sshd_connection_telemetry("connection established");
|
||||||
|
#endif
|
||||||
free(laddr);
|
free(laddr);
|
||||||
|
|
||||||
/*
|
/*
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue