]> andersk Git - openssh.git/blame - clientloop.c
andersk / openssh.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
- (djm) OpenBSD CVS Sync
[openssh.git] / clientloop.c
CommitLineData
8efc0c15 1/*
5260325f 2 * Author: Tatu Ylonen <ylo@cs.hut.fi>
5260325f 3 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
4 * All rights reserved
bcbf86ec 5 * The main loop for the interactive session (client side).
6ae2364d 6 *
bcbf86ec 7 * As far as I am concerned, the code I have written for this software
8 * can be used freely for any purpose. Any derived versions of this
9 * software must be clearly marked as such, and if the derived work is
10 * incompatible with the protocol description in the RFC file, it must be
11 * called by a name other than "ssh" or "Secure Shell".
6ae2364d 12 *
6ae2364d 13 *
bcbf86ec 14 * Copyright (c) 1999 Theo de Raadt. All rights reserved.
15 *
16 * Redistribution and use in source and binary forms, with or without
17 * modification, are permitted provided that the following conditions
18 * are met:
19 * 1. Redistributions of source code must retain the above copyright
20 * notice, this list of conditions and the following disclaimer.
21 * 2. Redistributions in binary form must reproduce the above copyright
22 * notice, this list of conditions and the following disclaimer in the
23 * documentation and/or other materials provided with the distribution.
24 *
25 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
26 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
27 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
28 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
29 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
30 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
31 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
32 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
33 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
34 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
35 *
6ae2364d 36 *
8ce64345 37 * SSH2 support added by Markus Friedl.
a96070d4 38 * Copyright (c) 1999, 2000, 2001 Markus Friedl. All rights reserved.
bcbf86ec 39 *
40 * Redistribution and use in source and binary forms, with or without
41 * modification, are permitted provided that the following conditions
42 * are met:
43 * 1. Redistributions of source code must retain the above copyright
44 * notice, this list of conditions and the following disclaimer.
45 * 2. Redistributions in binary form must reproduce the above copyright
46 * notice, this list of conditions and the following disclaimer in the
47 * documentation and/or other materials provided with the distribution.
48 *
49 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
50 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
51 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
52 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
53 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
54 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
55 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
56 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
57 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
58 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
5260325f 59 */
8efc0c15 60
61#include "includes.h"
1908529f 62RCSID("$OpenBSD: clientloop.c,v 1.148 2005/12/28 22:46:06 stevesk Exp $");
8efc0c15 63
8efc0c15 64#include "ssh.h"
42f11eb2 65#include "ssh1.h"
66#include "ssh2.h"
67#include "xmalloc.h"
8efc0c15 68#include "packet.h"
69#include "buffer.h"
7368a6c8 70#include "compat.h"
a5efa1bb 71#include "channels.h"
7368a6c8 72#include "dispatch.h"
2e73a022 73#include "buffer.h"
74#include "bufaux.h"
fa08c86b 75#include "key.h"
e092ce67 76#include "kex.h"
42f11eb2 77#include "log.h"
78#include "readconf.h"
b5c334cc 79#include "clientloop.h"
ceec33f3 80#include "sshconnect.h"
42f11eb2 81#include "authfd.h"
82#include "atomicio.h"
07d80252 83#include "sshpty.h"
e968270c 84#include "misc.h"
5e96b616 85#include "monitor_fdpass.h"
86#include "match.h"
87#include "msg.h"
a22aff1f 88
89/* import options */
90extern Options options;
91
8efc0c15 92/* Flag indicating that stdin should be redirected from /dev/null. */
93extern int stdin_null_flag;
94
66357af5 95/* Flag indicating that no shell has been requested */
96extern int no_shell_flag;
97
5e96b616 98/* Control socket */
99extern int control_fd;
100
aa3378df 101/*
102 * Name of the host we are connecting to. This is the name given on the
103 * command line, or the HostName specified for the user-supplied name in a
104 * configuration file.
105 */
8efc0c15 106extern char *host;
107
aa3378df 108/*
109 * Flag to indicate that we have received a window change signal which has
110 * not yet been processed. This will cause a message indicating the new
111 * window size to be sent to the server a little later. This is volatile
112 * because this is updated in a signal handler.
113 */
7a934d1b 114static volatile sig_atomic_t received_window_change_signal = 0;
115static volatile sig_atomic_t received_signal = 0;
8efc0c15 116
7b9b0103 117/* Flag indicating whether the user's terminal is in non-blocking mode. */
8efc0c15 118static int in_non_blocking_mode = 0;
119
120/* Common data for the client loop code. */
2e73a022 121static int quit_pending; /* Set to non-zero to quit the client loop. */
122static int escape_char; /* Escape character. */
5260325f 123static int escape_pending; /* Last character was the escape character */
124static int last_was_cr; /* Last character was a newline. */
125static int exit_status; /* Used to store the exit status of the command. */
126static int stdin_eof; /* EOF has been encountered on standard error. */
127static Buffer stdin_buffer; /* Buffer for stdin data. */
128static Buffer stdout_buffer; /* Buffer for stdout data. */
129static Buffer stderr_buffer; /* Buffer for stderr data. */
1e3b8b07 130static u_long stdin_bytes, stdout_bytes, stderr_bytes;
131static u_int buffer_high;/* Soft max buffer size. */
5260325f 132static int connection_in; /* Connection to server (input). */
133static int connection_out; /* Connection to server (output). */
c422989b 134static int need_rekeying; /* Set to non-zero if rekeying is requested. */
eb0dd41f 135static int session_closed = 0; /* In SSH2: login session closed. */
5d8d32a3 136static int server_alive_timeouts = 0;
8efc0c15 137
396c147e 138static void client_init_dispatch(void);
8ce64345 139int session_ident = -1;
140
5e96b616 141struct confirm_ctx {
142 int want_tty;
143 int want_subsys;
ef07103c 144 int want_x_fwd;
145 int want_agent_fwd;
5e96b616 146 Buffer cmd;
147 char *term;
148 struct termios tio;
1786be35 149 char **env;
5e96b616 150};
151
e092ce67 152/*XXX*/
153extern Kex *xxx_kex;
154
5e96b616 155void ssh_process_session2_setup(int, int, int, Buffer *);
156
8efc0c15 157/* Restores stdin to blocking mode. */
158
396c147e 159static void
5ca51e19 160leave_non_blocking(void)
8efc0c15 161{
5260325f 162 if (in_non_blocking_mode) {
1b273ece 163 unset_nonblock(fileno(stdin));
5260325f 164 in_non_blocking_mode = 0;
5260325f 165 }
8efc0c15 166}
167
5260325f 168/* Puts stdin terminal in non-blocking mode. */
169
396c147e 170static void
5ca51e19 171enter_non_blocking(void)
8efc0c15 172{
5260325f 173 in_non_blocking_mode = 1;
170694d7 174 set_nonblock(fileno(stdin));
8efc0c15 175}
176
aa3378df 177/*
178 * Signal handler for the window change signal (SIGWINCH). This just sets a
179 * flag indicating that the window has changed.
180 */
8efc0c15 181
396c147e 182static void
5260325f 183window_change_handler(int sig)
8efc0c15 184{
5260325f 185 received_window_change_signal = 1;
186 signal(SIGWINCH, window_change_handler);
8efc0c15 187}
188
aa3378df 189/*
190 * Signal handler for signals that cause the program to terminate. These
191 * signals must be trapped to restore terminal modes.
192 */
8efc0c15 193
396c147e 194static void
5260325f 195signal_handler(int sig)
8efc0c15 196{
c9130033 197 received_signal = sig;
198 quit_pending = 1;
8efc0c15 199}
200
aa3378df 201/*
202 * Returns current time in seconds from Jan 1, 1970 with the maximum
203 * available resolution.
204 */
8efc0c15 205
396c147e 206static double
5ca51e19 207get_current_time(void)
8efc0c15 208{
5260325f 209 struct timeval tv;
210 gettimeofday(&tv, NULL);
211 return (double) tv.tv_sec + (double) tv.tv_usec / 1000000.0;
8efc0c15 212}
213
9bf083eb 214#define SSH_X11_PROTO "MIT-MAGIC-COOKIE-1"
215void
216client_x11_get_proto(const char *display, const char *xauth_path,
217 u_int trusted, char **_proto, char **_data)
218{
219 char cmd[1024];
220 char line[512];
221 char xdisplay[512];
222 static char proto[512], data[512];
223 FILE *f;
224 int got_data = 0, generated = 0, do_unlink = 0, i;
225 char *xauthdir, *xauthfile;
226 struct stat st;
227
228 xauthdir = xauthfile = NULL;
229 *_proto = proto;
230 *_data = data;
231 proto[0] = data[0] = '\0';
232
233 if (xauth_path == NULL ||(stat(xauth_path, &st) == -1)) {
234 debug("No xauth program.");
235 } else {
236 if (display == NULL) {
237 debug("x11_get_proto: DISPLAY not set");
238 return;
239 }
240 /*
241 * Handle FamilyLocal case where $DISPLAY does
242 * not match an authorization entry. For this we
243 * just try "xauth list unix:displaynum.screennum".
244 * XXX: "localhost" match to determine FamilyLocal
245 * is not perfect.
246 */
247 if (strncmp(display, "localhost:", 10) == 0) {
248 snprintf(xdisplay, sizeof(xdisplay), "unix:%s",
249 display + 10);
250 display = xdisplay;
251 }
252 if (trusted == 0) {
253 xauthdir = xmalloc(MAXPATHLEN);
254 xauthfile = xmalloc(MAXPATHLEN);
255 strlcpy(xauthdir, "/tmp/ssh-XXXXXXXXXX", MAXPATHLEN);
256 if (mkdtemp(xauthdir) != NULL) {
257 do_unlink = 1;
258 snprintf(xauthfile, MAXPATHLEN, "%s/xauthfile",
259 xauthdir);
260 snprintf(cmd, sizeof(cmd),
261 "%s -f %s generate %s " SSH_X11_PROTO
262 " untrusted timeout 1200 2>" _PATH_DEVNULL,
263 xauth_path, xauthfile, display);
264 debug2("x11_get_proto: %s", cmd);
265 if (system(cmd) == 0)
266 generated = 1;
267 }
268 }
269 snprintf(cmd, sizeof(cmd),
b5443199 270 "%s %s%s list %s 2>" _PATH_DEVNULL,
9bf083eb 271 xauth_path,
272 generated ? "-f " : "" ,
273 generated ? xauthfile : "",
274 display);
275 debug2("x11_get_proto: %s", cmd);
276 f = popen(cmd, "r");
277 if (f && fgets(line, sizeof(line), f) &&
278 sscanf(line, "%*s %511s %511s", proto, data) == 2)
279 got_data = 1;
280 if (f)
281 pclose(f);
282 }
283
284 if (do_unlink) {
285 unlink(xauthfile);
286 rmdir(xauthdir);
287 }
288 if (xauthdir)
289 xfree(xauthdir);
290 if (xauthfile)
291 xfree(xauthfile);
292
293 /*
294 * If we didn't get authentication data, just make up some
295 * data. The forwarding code will check the validity of the
296 * response anyway, and substitute this data. The X11
297 * server, however, will ignore this fake data and use
298 * whatever authentication mechanisms it was using otherwise
299 * for the local connection.
300 */
301 if (!got_data) {
302 u_int32_t rnd = 0;
303
304 logit("Warning: No xauth data; "
305 "using fake authentication data for X11 forwarding.");
306 strlcpy(proto, SSH_X11_PROTO, sizeof proto);
307 for (i = 0; i < 16; i++) {
308 if (i % 4 == 0)
309 rnd = arc4random();
310 snprintf(data + 2 * i, sizeof data - 2 * i, "%02x",
311 rnd & 0xff);
312 rnd >>= 8;
313 }
314 }
315}
316
aa3378df 317/*
318 * This is called when the interactive is entered. This checks if there is
319 * an EOF coming on stdin. We must check this explicitly, as select() does
320 * not appear to wake up when redirecting from /dev/null.
321 */
8efc0c15 322
396c147e 323static void
5ca51e19 324client_check_initial_eof_on_stdin(void)
8efc0c15 325{
5260325f 326 int len;
327 char buf[1];
328
aa3378df 329 /*
330 * If standard input is to be "redirected from /dev/null", we simply
331 * mark that we have seen an EOF and send an EOF message to the
332 * server. Otherwise, we try to read a single character; it appears
333 * that for some files, such /dev/null, select() never wakes up for
334 * read for this descriptor, which means that we never get EOF. This
335 * way we will get the EOF if stdin comes from /dev/null or similar.
336 */
5260325f 337 if (stdin_null_flag) {
338 /* Fake EOF on stdin. */
339 debug("Sending eof.");
340 stdin_eof = 1;
341 packet_start(SSH_CMSG_EOF);
342 packet_send();
343 } else {
5260325f 344 enter_non_blocking();
345
346 /* Check for immediate EOF on stdin. */
347 len = read(fileno(stdin), buf, 1);
348 if (len == 0) {
aa3378df 349 /* EOF. Record that we have seen it and send EOF to server. */
5260325f 350 debug("Sending eof.");
351 stdin_eof = 1;
352 packet_start(SSH_CMSG_EOF);
353 packet_send();
354 } else if (len > 0) {
aa3378df 355 /*
356 * Got data. We must store the data in the buffer,
357 * and also process it as an escape character if
358 * appropriate.
359 */
1e3b8b07 360 if ((u_char) buf[0] == escape_char)
5260325f 361 escape_pending = 1;
7e8911cd 362 else
5260325f 363 buffer_append(&stdin_buffer, buf, 1);
5260325f 364 }
5260325f 365 leave_non_blocking();
8efc0c15 366 }
8efc0c15 367}
368
8efc0c15 369
aa3378df 370/*
371 * Make packets from buffered stdin data, and buffer them for sending to the
372 * connection.
373 */
8efc0c15 374
396c147e 375static void
5ca51e19 376client_make_packets_from_stdin_data(void)
8efc0c15 377{
1e3b8b07 378 u_int len;
5260325f 379
380 /* Send buffered stdin data to the server. */
381 while (buffer_len(&stdin_buffer) > 0 &&
184eed6a 382 packet_not_very_much_data_to_write()) {
5260325f 383 len = buffer_len(&stdin_buffer);
384 /* Keep the packets at reasonable size. */
385 if (len > packet_get_maxsize())
386 len = packet_get_maxsize();
387 packet_start(SSH_CMSG_STDIN_DATA);
388 packet_put_string(buffer_ptr(&stdin_buffer), len);
389 packet_send();
390 buffer_consume(&stdin_buffer, len);
7e8911cd 391 stdin_bytes += len;
5260325f 392 /* If we have a pending EOF, send it now. */
393 if (stdin_eof && buffer_len(&stdin_buffer) == 0) {
394 packet_start(SSH_CMSG_EOF);
395 packet_send();
396 }
8efc0c15 397 }
8efc0c15 398}
399
aa3378df 400/*
401 * Checks if the client window has changed, and sends a packet about it to
402 * the server if so. The actual change is detected elsewhere (by a software
403 * interrupt on Unix); this just checks the flag and sends a message if
404 * appropriate.
405 */
8efc0c15 406
396c147e 407static void
5ca51e19 408client_check_window_change(void)
8efc0c15 409{
8ce64345 410 struct winsize ws;
411
412 if (! received_window_change_signal)
413 return;
414 /** XXX race */
415 received_window_change_signal = 0;
416
de273eef 417 debug2("client_check_window_change: changed");
8ce64345 418
419 if (compat20) {
5e96b616 420 channel_send_window_changes();
8ce64345 421 } else {
5e96b616 422 if (ioctl(fileno(stdin), TIOCGWINSZ, &ws) < 0)
423 return;
8ce64345 424 packet_start(SSH_CMSG_WINDOW_SIZE);
425 packet_put_int(ws.ws_row);
426 packet_put_int(ws.ws_col);
427 packet_put_int(ws.ws_xpixel);
428 packet_put_int(ws.ws_ypixel);
429 packet_send();
8efc0c15 430 }
8efc0c15 431}
432
5d8d32a3 433static void
434client_global_request_reply(int type, u_int32_t seq, void *ctxt)
435{
436 server_alive_timeouts = 0;
437 client_global_request_reply_fwd(type, seq, ctxt);
438}
439
440static void
441server_alive_check(void)
442{
443 if (++server_alive_timeouts > options.server_alive_count_max)
444 packet_disconnect("Timeout, server not responding.");
445 packet_start(SSH2_MSG_GLOBAL_REQUEST);
446 packet_put_cstring("keepalive@openssh.com");
447 packet_put_char(1); /* boolean: want reply */
448 packet_send();
449}
450
aa3378df 451/*
452 * Waits until the client can do something (some data becomes available on
453 * one of the file descriptors).
454 */
396c147e 455static void
39929cdb 456client_wait_until_can_do_something(fd_set **readsetp, fd_set **writesetp,
9a995072 457 int *maxfdp, u_int *nallocp, int rekeying)
8efc0c15 458{
5d8d32a3 459 struct timeval tv, *tvp;
460 int ret;
461
39929cdb 462 /* Add any selections by the channel mechanism. */
489aa2e9 463 channel_prepare_select(readsetp, writesetp, maxfdp, nallocp, rekeying);
5260325f 464
8ce64345 465 if (!compat20) {
466 /* Read from the connection, unless our buffers are full. */
467 if (buffer_len(&stdout_buffer) < buffer_high &&
468 buffer_len(&stderr_buffer) < buffer_high &&
469 channel_not_very_much_buffered_data())
39929cdb 470 FD_SET(connection_in, *readsetp);
8ce64345 471 /*
472 * Read from stdin, unless we have seen EOF or have very much
473 * buffered data to send to the server.
474 */
475 if (!stdin_eof && packet_not_very_much_data_to_write())
39929cdb 476 FD_SET(fileno(stdin), *readsetp);
8ce64345 477
478 /* Select stdout/stderr if have data in buffer. */
479 if (buffer_len(&stdout_buffer) > 0)
39929cdb 480 FD_SET(fileno(stdout), *writesetp);
8ce64345 481 if (buffer_len(&stderr_buffer) > 0)
39929cdb 482 FD_SET(fileno(stderr), *writesetp);
8ce64345 483 } else {
24b6b45f 484 /* channel_prepare_select could have closed the last channel */
fd6cfbaf 485 if (session_closed && !channel_still_open() &&
486 !packet_have_data_to_write()) {
487 /* clear mask since we did not call select() */
b3ad8fe6 488 memset(*readsetp, 0, *nallocp);
489 memset(*writesetp, 0, *nallocp);
fd6cfbaf 490 return;
24b6b45f 491 } else {
492 FD_SET(connection_in, *readsetp);
493 }
8ce64345 494 }
5260325f 495
5260325f 496 /* Select server connection if have data to write to the server. */
497 if (packet_have_data_to_write())
39929cdb 498 FD_SET(connection_out, *writesetp);
5260325f 499
5e96b616 500 if (control_fd != -1)
501 FD_SET(control_fd, *readsetp);
502
aa3378df 503 /*
504 * Wait for something to happen. This will suspend the process until
505 * some selected descriptor can be read, written, or has some other
5d8d32a3 506 * event pending.
aa3378df 507 */
5260325f 508
5d8d32a3 509 if (options.server_alive_interval == 0 || !compat20)
510 tvp = NULL;
f2107e97 511 else {
5d8d32a3 512 tv.tv_sec = options.server_alive_interval;
513 tv.tv_usec = 0;
514 tvp = &tv;
515 }
516 ret = select((*maxfdp)+1, *readsetp, *writesetp, NULL, tvp);
517 if (ret < 0) {
5260325f 518 char buf[100];
fd193ca4 519
520 /*
521 * We have to clear the select masks, because we return.
522 * We have to return, because the mainloop checks for the flags
523 * set by the signal handlers.
524 */
b3ad8fe6 525 memset(*readsetp, 0, *nallocp);
526 memset(*writesetp, 0, *nallocp);
fd193ca4 527
5260325f 528 if (errno == EINTR)
529 return;
530 /* Note: we might still have data in the buffers. */
531 snprintf(buf, sizeof buf, "select: %s\r\n", strerror(errno));
532 buffer_append(&stderr_buffer, buf, strlen(buf));
5260325f 533 quit_pending = 1;
5d8d32a3 534 } else if (ret == 0)
535 server_alive_check();
8efc0c15 536}
537
396c147e 538static void
2e73a022 539client_suspend_self(Buffer *bin, Buffer *bout, Buffer *berr)
8efc0c15 540{
5260325f 541 /* Flush stdout and stderr buffers. */
2e73a022 542 if (buffer_len(bout) > 0)
dc54438a 543 atomicio(vwrite, fileno(stdout), buffer_ptr(bout), buffer_len(bout));
2e73a022 544 if (buffer_len(berr) > 0)
dc54438a 545 atomicio(vwrite, fileno(stderr), buffer_ptr(berr), buffer_len(berr));
5260325f 546
5260325f 547 leave_raw_mode();
548
aa3378df 549 /*
550 * Free (and clear) the buffer to reduce the amount of data that gets
551 * written to swap.
552 */
2e73a022 553 buffer_free(bin);
554 buffer_free(bout);
555 buffer_free(berr);
5260325f 556
5260325f 557 /* Send the suspend signal to the program itself. */
558 kill(getpid(), SIGTSTP);
559
2c9a4d41 560 /* Reset window sizes in case they have changed */
561 received_window_change_signal = 1;
5260325f 562
563 /* OK, we have been continued by the user. Reinitialize buffers. */
2e73a022 564 buffer_init(bin);
565 buffer_init(bout);
566 buffer_init(berr);
5260325f 567
5260325f 568 enter_raw_mode();
8efc0c15 569}
570
396c147e 571static void
8ce64345 572client_process_net_input(fd_set * readset)
8efc0c15 573{
8ce64345 574 int len;
575 char buf[8192];
5260325f 576
aa3378df 577 /*
578 * Read input from the server, and add any such data to the buffer of
579 * the packet subsystem.
580 */
5260325f 581 if (FD_ISSET(connection_in, readset)) {
582 /* Read as much as possible. */
583 len = read(connection_in, buf, sizeof(buf));
584 if (len == 0) {
585 /* Received EOF. The remote host has closed the connection. */
586 snprintf(buf, sizeof buf, "Connection to %.300s closed by remote host.\r\n",
587 host);
8efc0c15 588 buffer_append(&stderr_buffer, buf, strlen(buf));
8efc0c15 589 quit_pending = 1;
590 return;
5260325f 591 }
aa3378df 592 /*
593 * There is a kernel bug on Solaris that causes select to
594 * sometimes wake up even though there is no data available.
595 */
09cb311c 596 if (len < 0 && (errno == EAGAIN || errno == EINTR))
5260325f 597 len = 0;
598
599 if (len < 0) {
600 /* An error has encountered. Perhaps there is a network problem. */
601 snprintf(buf, sizeof buf, "Read from remote host %.300s: %.100s\r\n",
602 host, strerror(errno));
603 buffer_append(&stderr_buffer, buf, strlen(buf));
5260325f 604 quit_pending = 1;
605 return;
606 }
607 packet_process_incoming(buf, len);
608 }
8ce64345 609}
610
5e96b616 611static void
612client_subsystem_reply(int type, u_int32_t seq, void *ctxt)
613{
614 int id;
615 Channel *c;
f2107e97 616
5e96b616 617 id = packet_get_int();
618 packet_check_eom();
619
620 if ((c = channel_lookup(id)) == NULL) {
621 error("%s: no channel for id %d", __func__, id);
622 return;
623 }
624
625 if (type == SSH2_MSG_CHANNEL_SUCCESS)
626 debug2("Request suceeded on channel %d", id);
627 else if (type == SSH2_MSG_CHANNEL_FAILURE) {
628 error("Request failed on channel %d", id);
629 channel_free(c);
630 }
631}
632
633static void
634client_extra_session2_setup(int id, void *arg)
635{
636 struct confirm_ctx *cctx = arg;
ef07103c 637 const char *display;
5e96b616 638 Channel *c;
1786be35 639 int i;
f2107e97 640
5e96b616 641 if (cctx == NULL)
642 fatal("%s: cctx == NULL", __func__);
643 if ((c = channel_lookup(id)) == NULL)
644 fatal("%s: no channel for id %d", __func__, id);
645
56964485 646 display = getenv("DISPLAY");
ef07103c 647 if (cctx->want_x_fwd && options.forward_x11 && display != NULL) {
648 char *proto, *data;
649 /* Get reasonable local authentication information. */
650 client_x11_get_proto(display, options.xauth_location,
651 options.forward_x11_trusted, &proto, &data);
652 /* Request forwarding with authentication spoofing. */
653 debug("Requesting X11 forwarding with authentication spoofing.");
654 x11_request_forwarding_with_spoofing(id, display, proto, data);
655 /* XXX wait for reply */
656 }
657
658 if (cctx->want_agent_fwd && options.forward_agent) {
659 debug("Requesting authentication agent forwarding.");
660 channel_request_start(id, "auth-agent-req@openssh.com", 0);
661 packet_send();
662 }
663
f2107e97 664 client_session2_setup(id, cctx->want_tty, cctx->want_subsys,
1786be35 665 cctx->term, &cctx->tio, c->rfd, &cctx->cmd, cctx->env,
5e96b616 666 client_subsystem_reply);
0d34d6ce 667
5e96b616 668 c->confirm_ctx = NULL;
669 buffer_free(&cctx->cmd);
1786be35 670 xfree(cctx->term);
671 if (cctx->env != NULL) {
672 for (i = 0; cctx->env[i] != NULL; i++)
673 xfree(cctx->env[i]);
674 xfree(cctx->env);
f2107e97 675 }
1786be35 676 xfree(cctx);
5e96b616 677}
678
679static void
680client_process_control(fd_set * readset)
681{
682 Buffer m;
683 Channel *c;
2ceb8101 684 int client_fd, new_fd[3], ver, allowed;
5e96b616 685 socklen_t addrlen;
686 struct sockaddr_storage addr;
687 struct confirm_ctx *cctx;
688 char *cmd;
2ceb8101 689 u_int i, len, env_len, command, flags;
5e96b616 690 uid_t euid;
691 gid_t egid;
692
693 /*
694 * Accept connection on control socket
695 */
696 if (control_fd == -1 || !FD_ISSET(control_fd, readset))
697 return;
698
699 memset(&addr, 0, sizeof(addr));
700 addrlen = sizeof(addr);
701 if ((client_fd = accept(control_fd,
702 (struct sockaddr*)&addr, &addrlen)) == -1) {
703 error("%s accept: %s", __func__, strerror(errno));
704 return;
705 }
706
707 if (getpeereid(client_fd, &euid, &egid) < 0) {
708 error("%s getpeereid failed: %s", __func__, strerror(errno));
709 close(client_fd);
710 return;
711 }
712 if ((euid != 0) && (getuid() != euid)) {
713 error("control mode uid mismatch: peer euid %u != uid %u",
714 (u_int) euid, (u_int) getuid());
715 close(client_fd);
716 return;
717 }
0d34d6ce 718
5e96b616 719 unset_nonblock(client_fd);
720
f8c6db83 721 /* Read command */
5e96b616 722 buffer_init(&m);
f8c6db83 723 if (ssh_msg_recv(client_fd, &m) == -1) {
724 error("%s: client msg_recv failed", __func__);
725 close(client_fd);
726 buffer_free(&m);
727 return;
728 }
ef07103c 729 if ((ver = buffer_get_char(&m)) != SSHMUX_VER) {
f8c6db83 730 error("%s: wrong client version %d", __func__, ver);
731 buffer_free(&m);
732 close(client_fd);
733 return;
734 }
735
736 allowed = 1;
737 command = buffer_get_int(&m);
738 flags = buffer_get_int(&m);
739
740 buffer_clear(&m);
5e96b616 741
f8c6db83 742 switch (command) {
743 case SSHMUX_COMMAND_OPEN:
9dfd96d6 744 if (options.control_master == SSHCTL_MASTER_ASK ||
745 options.control_master == SSHCTL_MASTER_AUTO_ASK)
f8c6db83 746 allowed = ask_permission("Allow shared connection "
747 "to %s? ", host);
748 /* continue below */
749 break;
750 case SSHMUX_COMMAND_TERMINATE:
9dfd96d6 751 if (options.control_master == SSHCTL_MASTER_ASK ||
752 options.control_master == SSHCTL_MASTER_AUTO_ASK)
f8c6db83 753 allowed = ask_permission("Terminate shared connection "
754 "to %s? ", host);
755 if (allowed)
756 quit_pending = 1;
f8cc7664 757 /* FALLTHROUGH */
f8c6db83 758 case SSHMUX_COMMAND_ALIVE_CHECK:
759 /* Reply for SSHMUX_COMMAND_TERMINATE and ALIVE_CHECK */
760 buffer_clear(&m);
761 buffer_put_int(&m, allowed);
762 buffer_put_int(&m, getpid());
ef07103c 763 if (ssh_msg_send(client_fd, SSHMUX_VER, &m) == -1) {
f8c6db83 764 error("%s: client msg_send failed", __func__);
765 close(client_fd);
766 buffer_free(&m);
767 return;
768 }
769 buffer_free(&m);
770 close(client_fd);
771 return;
772 default:
773 error("Unsupported command %d", command);
774 buffer_free(&m);
775 close(client_fd);
776 return;
777 }
778
779 /* Reply for SSHMUX_COMMAND_OPEN */
780 buffer_clear(&m);
0d34d6ce 781 buffer_put_int(&m, allowed);
5e96b616 782 buffer_put_int(&m, getpid());
ef07103c 783 if (ssh_msg_send(client_fd, SSHMUX_VER, &m) == -1) {
5e96b616 784 error("%s: client msg_send failed", __func__);
785 close(client_fd);
0d34d6ce 786 buffer_free(&m);
5e96b616 787 return;
788 }
5e96b616 789
0d34d6ce 790 if (!allowed) {
791 error("Refused control connection");
792 close(client_fd);
793 buffer_free(&m);
794 return;
795 }
796
f8c6db83 797 buffer_clear(&m);
5e96b616 798 if (ssh_msg_recv(client_fd, &m) == -1) {
799 error("%s: client msg_recv failed", __func__);
800 close(client_fd);
0d34d6ce 801 buffer_free(&m);
5e96b616 802 return;
803 }
ef07103c 804 if ((ver = buffer_get_char(&m)) != SSHMUX_VER) {
5e96b616 805 error("%s: wrong client version %d", __func__, ver);
806 buffer_free(&m);
807 close(client_fd);
808 return;
809 }
810
811 cctx = xmalloc(sizeof(*cctx));
812 memset(cctx, 0, sizeof(*cctx));
f8c6db83 813 cctx->want_tty = (flags & SSHMUX_FLAG_TTY) != 0;
814 cctx->want_subsys = (flags & SSHMUX_FLAG_SUBSYS) != 0;
ef07103c 815 cctx->want_x_fwd = (flags & SSHMUX_FLAG_X11_FWD) != 0;
816 cctx->want_agent_fwd = (flags & SSHMUX_FLAG_AGENT_FWD) != 0;
5e96b616 817 cctx->term = buffer_get_string(&m, &len);
818
819 cmd = buffer_get_string(&m, &len);
820 buffer_init(&cctx->cmd);
821 buffer_append(&cctx->cmd, cmd, strlen(cmd));
822
1786be35 823 env_len = buffer_get_int(&m);
824 env_len = MIN(env_len, 4096);
825 debug3("%s: receiving %d env vars", __func__, env_len);
826 if (env_len != 0) {
827 cctx->env = xmalloc(sizeof(*cctx->env) * (env_len + 1));
828 for (i = 0; i < env_len; i++)
829 cctx->env[i] = buffer_get_string(&m, &len);
830 cctx->env[i] = NULL;
831 }
832
5e96b616 833 debug2("%s: accepted tty %d, subsys %d, cmd %s", __func__,
834 cctx->want_tty, cctx->want_subsys, cmd);
835
836 /* Gather fds from client */
837 new_fd[0] = mm_receive_fd(client_fd);
838 new_fd[1] = mm_receive_fd(client_fd);
839 new_fd[2] = mm_receive_fd(client_fd);
840
841 debug2("%s: got fds stdin %d, stdout %d, stderr %d", __func__,
842 new_fd[0], new_fd[1], new_fd[2]);
843
844 /* Try to pick up ttymodes from client before it goes raw */
845 if (cctx->want_tty && tcgetattr(new_fd[0], &cctx->tio) == -1)
846 error("%s: tcgetattr: %s", __func__, strerror(errno));
847
f8c6db83 848 /* This roundtrip is just for synchronisation of ttymodes */
5e96b616 849 buffer_clear(&m);
ef07103c 850 if (ssh_msg_send(client_fd, SSHMUX_VER, &m) == -1) {
5e96b616 851 error("%s: client msg_send failed", __func__);
852 close(client_fd);
853 close(new_fd[0]);
854 close(new_fd[1]);
855 close(new_fd[2]);
0d34d6ce 856 buffer_free(&m);
f8c6db83 857 xfree(cctx->term);
858 if (env_len != 0) {
859 for (i = 0; i < env_len; i++)
860 xfree(cctx->env[i]);
861 xfree(cctx->env);
862 }
5e96b616 863 return;
864 }
865 buffer_free(&m);
866
867 /* enable nonblocking unless tty */
868 if (!isatty(new_fd[0]))
869 set_nonblock(new_fd[0]);
870 if (!isatty(new_fd[1]))
871 set_nonblock(new_fd[1]);
872 if (!isatty(new_fd[2]))
873 set_nonblock(new_fd[2]);
874
875 set_nonblock(client_fd);
876
f2107e97 877 c = channel_new("session", SSH_CHANNEL_OPENING,
5e96b616 878 new_fd[0], new_fd[1], new_fd[2],
879 CHAN_SES_WINDOW_DEFAULT, CHAN_SES_PACKET_DEFAULT,
880 CHAN_EXTENDED_WRITE, "client-session", /*nonblock*/0);
881
882 /* XXX */
883 c->ctl_fd = client_fd;
884
885 debug3("%s: channel_new: %d", __func__, c->self);
886
887 channel_send_open(c->self);
888 channel_register_confirm(c->self, client_extra_session2_setup, cctx);
889}
890
c53c54c2 891static void
ec9b7086 892process_cmdline(void)
c53c54c2 893{
c53c54c2 894 void (*handler)(int);
3867aa0a 895 char *s, *cmd, *cancel_host;
d740ec16 896 int delete = 0;
c53c54c2 897 int local = 0;
3867aa0a 898 u_short cancel_port;
899 Forward fwd;
c53c54c2 900
901 leave_raw_mode();
875ec275 902 handler = signal(SIGINT, SIG_IGN);
ec9b7086 903 cmd = s = read_passphrase("\r\nssh> ", RP_ECHO);
c53c54c2 904 if (s == NULL)
905 goto out;
c53c54c2 906 while (*s && isspace(*s))
907 s++;
d740ec16 908 if (*s == '-')
909 s++; /* Skip cmdline '-', if any */
27c6fcae 910 if (*s == '\0')
c53c54c2 911 goto out;
d740ec16 912
7069a5e2 913 if (*s == 'h' || *s == 'H' || *s == '?') {
d740ec16 914 logit("Commands:");
915 logit(" -Lport:host:hostport Request local forward");
916 logit(" -Rport:host:hostport Request remote forward");
917 logit(" -KRhostport Cancel remote forward");
d20f3c9e 918 if (!options.permit_local_command)
919 goto out;
920 logit(" !args Execute local command");
921 goto out;
922 }
923
924 if (*s == '!' && options.permit_local_command) {
925 s++;
926 ssh_local_cmd(s);
d740ec16 927 goto out;
928 }
929
930 if (*s == 'K') {
931 delete = 1;
932 s++;
933 }
934 if (*s != 'L' && *s != 'R') {
bbe88b6d 935 logit("Invalid command.");
c53c54c2 936 goto out;
937 }
d740ec16 938 if (*s == 'L')
c53c54c2 939 local = 1;
d740ec16 940 if (local && delete) {
941 logit("Not supported.");
942 goto out;
943 }
944 if ((!local || delete) && !compat20) {
bbe88b6d 945 logit("Not supported for SSH protocol version 1.");
c53c54c2 946 goto out;
947 }
d740ec16 948
949 s++;
c53c54c2 950 while (*s && isspace(*s))
951 s++;
952
d740ec16 953 if (delete) {
3867aa0a 954 cancel_port = 0;
955 cancel_host = hpdelim(&s); /* may be NULL */
956 if (s != NULL) {
957 cancel_port = a2port(s);
958 cancel_host = cleanhostname(cancel_host);
959 } else {
960 cancel_port = a2port(cancel_host);
961 cancel_host = NULL;
d740ec16 962 }
3867aa0a 963 if (cancel_port == 0) {
964 logit("Bad forwarding close port");
c53c54c2 965 goto out;
966 }
3867aa0a 967 channel_request_rforward_cancel(cancel_host, cancel_port);
d740ec16 968 } else {
3867aa0a 969 if (!parse_forward(&fwd, s)) {
d740ec16 970 logit("Bad forwarding specification.");
971 goto out;
972 }
d740ec16 973 if (local) {
3867aa0a 974 if (channel_setup_local_fwd_listener(fwd.listen_host,
975 fwd.listen_port, fwd.connect_host,
976 fwd.connect_port, options.gateway_ports) < 0) {
d740ec16 977 logit("Port forwarding failed.");
978 goto out;
979 }
3867aa0a 980 } else {
981 channel_request_remote_forwarding(fwd.listen_host,
982 fwd.listen_port, fwd.connect_host,
983 fwd.connect_port);
984 }
985
d740ec16 986 logit("Forwarding port.");
987 }
988
c53c54c2 989out:
990 signal(SIGINT, handler);
991 enter_raw_mode();
992 if (cmd)
993 xfree(cmd);
994}
995
2e73a022 996/* process the characters one by one */
396c147e 997static int
2e73a022 998process_escapes(Buffer *bin, Buffer *bout, Buffer *berr, char *buf, int len)
999{
1000 char string[1024];
1001 pid_t pid;
1002 int bytes = 0;
1e3b8b07 1003 u_int i;
1004 u_char ch;
2e73a022 1005 char *s;
1006
2ceb8101 1007 if (len <= 0)
1008 return (0);
1009
1010 for (i = 0; i < (u_int)len; i++) {
2e73a022 1011 /* Get one character at a time. */
1012 ch = buf[i];
1013
1014 if (escape_pending) {
1015 /* We have previously seen an escape character. */
1016 /* Clear the flag now. */
1017 escape_pending = 0;
1018
1019 /* Process the escaped character. */
1020 switch (ch) {
1021 case '.':
1022 /* Terminate the connection. */
1023 snprintf(string, sizeof string, "%c.\r\n", escape_char);
1024 buffer_append(berr, string, strlen(string));
2e73a022 1025
1026 quit_pending = 1;
1027 return -1;
1028
1029 case 'Z' - 64:
1030 /* Suspend the program. */
1031 /* Print a message to that effect to the user. */
1032 snprintf(string, sizeof string, "%c^Z [suspend ssh]\r\n", escape_char);
1033 buffer_append(berr, string, strlen(string));
2e73a022 1034
1035 /* Restore terminal modes and suspend. */
1036 client_suspend_self(bin, bout, berr);
1037
1038 /* We have been continued. */
1039 continue;
1040
16a79097 1041 case 'B':
1042 if (compat20) {
1043 snprintf(string, sizeof string,
1044 "%cB\r\n", escape_char);
1045 buffer_append(berr, string,
1046 strlen(string));
1047 channel_request_start(session_ident,
1048 "break", 0);
1049 packet_put_int(1000);
1050 packet_send();
1051 }
1052 continue;
1053
e092ce67 1054 case 'R':
54506d2e 1055 if (compat20) {
1056 if (datafellows & SSH_BUG_NOREKEY)
bbe88b6d 1057 logit("Server does not support re-keying");
54506d2e 1058 else
1059 need_rekeying = 1;
1060 }
e092ce67 1061 continue;
1062
2e73a022 1063 case '&':
2e73a022 1064 /*
1065 * Detach the program (continue to serve connections,
1066 * but put in background and no more new connections).
1067 */
2e73a022 1068 /* Restore tty modes. */
1069 leave_raw_mode();
1070
1071 /* Stop listening for new connections. */
c6940381 1072 channel_stop_listening();
2e73a022 1073
c6940381 1074 snprintf(string, sizeof string,
1075 "%c& [backgrounded]\n", escape_char);
1076 buffer_append(berr, string, strlen(string));
2e73a022 1077
1078 /* Fork into background. */
1079 pid = fork();
1080 if (pid < 0) {
1081 error("fork: %.100s", strerror(errno));
1082 continue;
1083 }
1084 if (pid != 0) { /* This is the parent. */
1085 /* The parent just exits. */
1086 exit(0);
1087 }
1088 /* The child continues serving connections. */
c6940381 1089 if (compat20) {
1090 buffer_append(bin, "\004", 1);
1091 /* fake EOF on stdin */
1092 return -1;
1093 } else if (!stdin_eof) {
1094 /*
1095 * Sending SSH_CMSG_EOF alone does not always appear
1096 * to be enough. So we try to send an EOF character
1097 * first.
1098 */
1099 packet_start(SSH_CMSG_STDIN_DATA);
1100 packet_put_string("\004", 1);
1101 packet_send();
1102 /* Close stdin. */
1103 stdin_eof = 1;
1104 if (buffer_len(bin) == 0) {
1105 packet_start(SSH_CMSG_EOF);
1106 packet_send();
1107 }
1108 }
1109 continue;
2e73a022 1110
1111 case '?':
1112 snprintf(string, sizeof string,
1113"%c?\r\n\
1114Supported escape sequences:\r\n\
1d77f8cb 1115%c. - terminate connection\r\n\
16a79097 1116%cB - send a BREAK to the remote system\r\n\
1d77f8cb 1117%cC - open a command line\r\n\
1118%cR - Request rekey (SSH protocol 2 only)\r\n\
1119%c^Z - suspend ssh\r\n\
1120%c# - list forwarded connections\r\n\
1121%c& - background ssh (when waiting for connections to terminate)\r\n\
1122%c? - this message\r\n\
1123%c%c - send the escape character by typing it twice\r\n\
2e73a022 1124(Note that escapes are only recognized immediately after newline.)\r\n",
1d77f8cb 1125 escape_char, escape_char, escape_char, escape_char,
1126 escape_char, escape_char, escape_char, escape_char,
16a79097 1127 escape_char, escape_char, escape_char);
2e73a022 1128 buffer_append(berr, string, strlen(string));
1129 continue;
1130
1131 case '#':
1132 snprintf(string, sizeof string, "%c#\r\n", escape_char);
1133 buffer_append(berr, string, strlen(string));
1134 s = channel_open_message();
1135 buffer_append(berr, s, strlen(s));
1136 xfree(s);
1137 continue;
1138
c53c54c2 1139 case 'C':
ec9b7086 1140 process_cmdline();
c53c54c2 1141 continue;
1142
2e73a022 1143 default:
1144 if (ch != escape_char) {
1145 buffer_put_char(bin, escape_char);
1146 bytes++;
1147 }
1148 /* Escaped characters fall through here */
1149 break;
1150 }
1151 } else {
1152 /*
1153 * The previous character was not an escape char. Check if this
1154 * is an escape.
1155 */
1156 if (last_was_cr && ch == escape_char) {
1157 /* It is. Set the flag and continue to next character. */
1158 escape_pending = 1;
1159 continue;
1160 }
1161 }
1162
1163 /*
1164 * Normal character. Record whether it was a newline,
1165 * and append it to the buffer.
1166 */
1167 last_was_cr = (ch == '\r' || ch == '\n');
1168 buffer_put_char(bin, ch);
1169 bytes++;
1170 }
1171 return bytes;
1172}
1173
396c147e 1174static void
8ce64345 1175client_process_input(fd_set * readset)
1176{
9da5c3c9 1177 int len;
2e73a022 1178 char buf[8192];
8ce64345 1179
5260325f 1180 /* Read input from stdin. */
1181 if (FD_ISSET(fileno(stdin), readset)) {
1182 /* Read as much as possible. */
1183 len = read(fileno(stdin), buf, sizeof(buf));
cf6bc93c 1184 if (len < 0 && (errno == EAGAIN || errno == EINTR))
1185 return; /* we'll try again later */
5260325f 1186 if (len <= 0) {
aa3378df 1187 /*
1188 * Received EOF or error. They are treated
1189 * similarly, except that an error message is printed
1190 * if it was an error condition.
1191 */
5260325f 1192 if (len < 0) {
1193 snprintf(buf, sizeof buf, "read: %.100s\r\n", strerror(errno));
1194 buffer_append(&stderr_buffer, buf, strlen(buf));
5260325f 1195 }
1196 /* Mark that we have seen EOF. */
1197 stdin_eof = 1;
aa3378df 1198 /*
1199 * Send an EOF message to the server unless there is
1200 * data in the buffer. If there is data in the
1201 * buffer, no message will be sent now. Code
1202 * elsewhere will send the EOF when the buffer
1203 * becomes empty if stdin_eof is set.
1204 */
5260325f 1205 if (buffer_len(&stdin_buffer) == 0) {
8efc0c15 1206 packet_start(SSH_CMSG_EOF);
1207 packet_send();
5260325f 1208 }
4bf9c10e 1209 } else if (escape_char == SSH_ESCAPECHAR_NONE) {
aa3378df 1210 /*
1211 * Normal successful read, and no escape character.
1212 * Just append the data to buffer.
1213 */
5260325f 1214 buffer_append(&stdin_buffer, buf, len);
5260325f 1215 } else {
aa3378df 1216 /*
1217 * Normal, successful read. But we have an escape character
1218 * and have to process the characters one by one.
1219 */
7e8911cd 1220 if (process_escapes(&stdin_buffer, &stdout_buffer,
1221 &stderr_buffer, buf, len) == -1)
2e73a022 1222 return;
5260325f 1223 }
1224 }
8efc0c15 1225}
1226
396c147e 1227static void
5260325f 1228client_process_output(fd_set * writeset)
8efc0c15 1229{
5260325f 1230 int len;
1231 char buf[100];
1232
1233 /* Write buffered output to stdout. */
1234 if (FD_ISSET(fileno(stdout), writeset)) {
1235 /* Write as much data as possible. */
1236 len = write(fileno(stdout), buffer_ptr(&stdout_buffer),
a408af76 1237 buffer_len(&stdout_buffer));
5260325f 1238 if (len <= 0) {
cf6bc93c 1239 if (errno == EINTR || errno == EAGAIN)
5260325f 1240 len = 0;
1241 else {
aa3378df 1242 /*
1243 * An error or EOF was encountered. Put an
1244 * error message to stderr buffer.
1245 */
5260325f 1246 snprintf(buf, sizeof buf, "write stdout: %.50s\r\n", strerror(errno));
1247 buffer_append(&stderr_buffer, buf, strlen(buf));
5260325f 1248 quit_pending = 1;
1249 return;
1250 }
1251 }
1252 /* Consume printed data from the buffer. */
1253 buffer_consume(&stdout_buffer, len);
cd332296 1254 stdout_bytes += len;
5260325f 1255 }
1256 /* Write buffered output to stderr. */
1257 if (FD_ISSET(fileno(stderr), writeset)) {
1258 /* Write as much data as possible. */
1259 len = write(fileno(stderr), buffer_ptr(&stderr_buffer),
a408af76 1260 buffer_len(&stderr_buffer));
5260325f 1261 if (len <= 0) {
cf6bc93c 1262 if (errno == EINTR || errno == EAGAIN)
5260325f 1263 len = 0;
1264 else {
aa3378df 1265 /* EOF or error, but can't even print error message. */
5260325f 1266 quit_pending = 1;
1267 return;
1268 }
1269 }
1270 /* Consume printed characters from the buffer. */
1271 buffer_consume(&stderr_buffer, len);
cd332296 1272 stderr_bytes += len;
8efc0c15 1273 }
8efc0c15 1274}
1275
7368a6c8 1276/*
1277 * Get packets from the connection input buffer, and process them as long as
1278 * there are packets available.
1279 *
1280 * Any unknown packets received during the actual
1281 * session cause the session to terminate. This is
1282 * intended to make debugging easier since no
1283 * confirmations are sent. Any compatible protocol
1284 * extensions must be negotiated during the
1285 * preparatory phase.
1286 */
1287
396c147e 1288static void
5ca51e19 1289client_process_buffered_input_packets(void)
7368a6c8 1290{
e092ce67 1291 dispatch_run(DISPATCH_NONBLOCK, &quit_pending, compat20 ? xxx_kex : NULL);
7368a6c8 1292}
1293
2e73a022 1294/* scan buf[] for '~' before sending data to the peer */
1295
396c147e 1296static int
2e73a022 1297simple_escape_filter(Channel *c, char *buf, int len)
1298{
1299 /* XXX we assume c->extended is writeable */
1300 return process_escapes(&c->input, &c->output, &c->extended, buf, len);
1301}
1302
396c147e 1303static void
eb0dd41f 1304client_channel_closed(int id, void *arg)
1305{
418e724c 1306 channel_cancel_cleanup(id);
eb0dd41f 1307 session_closed = 1;
82de775c 1308 leave_raw_mode();
eb0dd41f 1309}
1310
aa3378df 1311/*
1312 * Implements the interactive session with the server. This is called after
1313 * the user has been authenticated, and a command has been started on the
4bf9c10e 1314 * remote host. If escape_char != SSH_ESCAPECHAR_NONE, it is the character
1315 * used as an escape character for terminating or suspending the session.
aa3378df 1316 */
8efc0c15 1317
6ae2364d 1318int
2e73a022 1319client_loop(int have_pty, int escape_char_arg, int ssh2_chan_id)
8efc0c15 1320{
39929cdb 1321 fd_set *readset = NULL, *writeset = NULL;
5260325f 1322 double start_time, total_time;
9a995072 1323 int max_fd = 0, max_fd2 = 0, len, rekeying = 0;
1324 u_int nalloc = 0;
5260325f 1325 char buf[100];
1326
1327 debug("Entering interactive session.");
1328
1329 start_time = get_current_time();
1330
1331 /* Initialize variables. */
1332 escape_pending = 0;
1333 last_was_cr = 1;
1334 exit_status = -1;
1335 stdin_eof = 0;
1336 buffer_high = 64 * 1024;
1337 connection_in = packet_get_connection_in();
1338 connection_out = packet_get_connection_out();
39929cdb 1339 max_fd = MAX(connection_in, connection_out);
5e96b616 1340 if (control_fd != -1)
1341 max_fd = MAX(max_fd, control_fd);
39929cdb 1342
1343 if (!compat20) {
e968270c 1344 /* enable nonblocking unless tty */
1345 if (!isatty(fileno(stdin)))
1346 set_nonblock(fileno(stdin));
1347 if (!isatty(fileno(stdout)))
1348 set_nonblock(fileno(stdout));
1349 if (!isatty(fileno(stderr)))
1350 set_nonblock(fileno(stderr));
39929cdb 1351 max_fd = MAX(max_fd, fileno(stdin));
1352 max_fd = MAX(max_fd, fileno(stdout));
1353 max_fd = MAX(max_fd, fileno(stderr));
1354 }
5260325f 1355 stdin_bytes = 0;
1356 stdout_bytes = 0;
1357 stderr_bytes = 0;
1358 quit_pending = 0;
1359 escape_char = escape_char_arg;
1360
1361 /* Initialize buffers. */
1362 buffer_init(&stdin_buffer);
1363 buffer_init(&stdout_buffer);
1364 buffer_init(&stderr_buffer);
1365
7368a6c8 1366 client_init_dispatch();
1367
3c93c917 1368 /*
1369 * Set signal handlers, (e.g. to restore non-blocking mode)
1370 * but don't overwrite SIG_IGN, matches behaviour from rsh(1)
1371 */
d3e5d1e9 1372 if (signal(SIGHUP, SIG_IGN) != SIG_IGN)
1373 signal(SIGHUP, signal_handler);
3c93c917 1374 if (signal(SIGINT, SIG_IGN) != SIG_IGN)
1375 signal(SIGINT, signal_handler);
1376 if (signal(SIGQUIT, SIG_IGN) != SIG_IGN)
1377 signal(SIGQUIT, signal_handler);
1378 if (signal(SIGTERM, SIG_IGN) != SIG_IGN)
1379 signal(SIGTERM, signal_handler);
2c9a4d41 1380 signal(SIGWINCH, window_change_handler);
5260325f 1381
5260325f 1382 if (have_pty)
1383 enter_raw_mode();
1384
1fc8ccdf 1385 if (compat20) {
1386 session_ident = ssh2_chan_id;
4bf9c10e 1387 if (escape_char != SSH_ESCAPECHAR_NONE)
1fc8ccdf 1388 channel_register_filter(session_ident,
1389 simple_escape_filter);
eb0dd41f 1390 if (session_ident != -1)
1391 channel_register_cleanup(session_ident,
8cd0437d 1392 client_channel_closed, 0);
1fc8ccdf 1393 } else {
1394 /* Check if we should immediately send eof on stdin. */
8ce64345 1395 client_check_initial_eof_on_stdin();
1fc8ccdf 1396 }
2e73a022 1397
5260325f 1398 /* Main loop of the client for the interactive session mode. */
1399 while (!quit_pending) {
5260325f 1400
aa3378df 1401 /* Process buffered packets sent by the server. */
5260325f 1402 client_process_buffered_input_packets();
1403
eb0dd41f 1404 if (compat20 && session_closed && !channel_still_open())
8ce64345 1405 break;
eb0dd41f 1406
1407 rekeying = (xxx_kex != NULL && !xxx_kex->done);
8ce64345 1408
c422989b 1409 if (rekeying) {
1410 debug("rekeying in progress");
1411 } else {
1412 /*
1413 * Make packets of buffered stdin data, and buffer
1414 * them for sending to the server.
1415 */
1416 if (!compat20)
1417 client_make_packets_from_stdin_data();
5260325f 1418
c422989b 1419 /*
1420 * Make packets from buffered channel data, and
1421 * enqueue them for sending to the server.
1422 */
1423 if (packet_not_very_much_data_to_write())
1424 channel_output_poll();
5260325f 1425
c422989b 1426 /*
1427 * Check if the window size has changed, and buffer a
1428 * message about it to the server if so.
1429 */
1430 client_check_window_change();
5260325f 1431
c422989b 1432 if (quit_pending)
1433 break;
1434 }
aa3378df 1435 /*
1436 * Wait until we have something to do (something becomes
1437 * available on one of the descriptors).
1438 */
489aa2e9 1439 max_fd2 = max_fd;
c422989b 1440 client_wait_until_can_do_something(&readset, &writeset,
489aa2e9 1441 &max_fd2, &nalloc, rekeying);
5260325f 1442
1443 if (quit_pending)
1444 break;
1445
c422989b 1446 /* Do channel operations unless rekeying in progress. */
1447 if (!rekeying) {
1448 channel_after_select(readset, writeset);
ffd7b36b 1449 if (need_rekeying || packet_need_rekeying()) {
1450 debug("need rekeying");
c422989b 1451 xxx_kex->done = 0;
1452 kex_send_kexinit(xxx_kex);
1453 need_rekeying = 0;
1454 }
1455 }
5260325f 1456
8ce64345 1457 /* Buffer input from the connection. */
39929cdb 1458 client_process_net_input(readset);
5260325f 1459
5e96b616 1460 /* Accept control connections. */
1461 client_process_control(readset);
1462
8ce64345 1463 if (quit_pending)
1464 break;
1465
1466 if (!compat20) {
1467 /* Buffer data from stdin */
39929cdb 1468 client_process_input(readset);
8ce64345 1469 /*
1470 * Process output to stdout and stderr. Output to
1471 * the connection is processed elsewhere (above).
1472 */
39929cdb 1473 client_process_output(writeset);
8ce64345 1474 }
5260325f 1475
aa3378df 1476 /* Send as much buffered packet data as possible to the sender. */
39929cdb 1477 if (FD_ISSET(connection_out, writeset))
5260325f 1478 packet_write_poll();
1479 }
39929cdb 1480 if (readset)
1481 xfree(readset);
1482 if (writeset)
1483 xfree(writeset);
5260325f 1484
1485 /* Terminate the session. */
1486
1487 /* Stop watching for window change. */
2c9a4d41 1488 signal(SIGWINCH, SIG_DFL);
5260325f 1489
d6746a0b 1490 channel_free_all();
5260325f 1491
c9130033 1492 if (have_pty)
1493 leave_raw_mode();
89aa792b 1494
1495 /* restore blocking io */
1496 if (!isatty(fileno(stdin)))
1497 unset_nonblock(fileno(stdin));
1498 if (!isatty(fileno(stdout)))
1499 unset_nonblock(fileno(stdout));
1500 if (!isatty(fileno(stderr)))
1501 unset_nonblock(fileno(stderr));
1502
66357af5 1503 /*
1504 * If there was no shell or command requested, there will be no remote
1505 * exit status to be returned. In that case, clear error code if the
1506 * connection was deliberately terminated at this end.
1507 */
1508 if (no_shell_flag && received_signal == SIGTERM) {
1509 received_signal = 0;
1510 exit_status = 0;
1511 }
1512
82de775c 1513 if (received_signal)
010f9726 1514 fatal("Killed by signal %d.", (int) received_signal);
c9130033 1515
1516 /*
1517 * In interactive mode (with pseudo tty) display a message indicating
1518 * that the connection has been closed.
1519 */
1520 if (have_pty && options.log_level != SYSLOG_LEVEL_QUIET) {
1521 snprintf(buf, sizeof buf, "Connection to %.64s closed.\r\n", host);
1522 buffer_append(&stderr_buffer, buf, strlen(buf));
1523 }
1524
5260325f 1525 /* Output any buffered data for stdout. */
89aa792b 1526 while (buffer_len(&stdout_buffer) > 0) {
1527 len = write(fileno(stdout), buffer_ptr(&stdout_buffer),
a408af76 1528 buffer_len(&stdout_buffer));
89aa792b 1529 if (len <= 0) {
5260325f 1530 error("Write failed flushing stdout buffer.");
89aa792b 1531 break;
1532 }
5260325f 1533 buffer_consume(&stdout_buffer, len);
cd332296 1534 stdout_bytes += len;
8efc0c15 1535 }
5260325f 1536
1537 /* Output any buffered data for stderr. */
89aa792b 1538 while (buffer_len(&stderr_buffer) > 0) {
1539 len = write(fileno(stderr), buffer_ptr(&stderr_buffer),
a408af76 1540 buffer_len(&stderr_buffer));
89aa792b 1541 if (len <= 0) {
5260325f 1542 error("Write failed flushing stderr buffer.");
89aa792b 1543 break;
1544 }
5260325f 1545 buffer_consume(&stderr_buffer, len);
cd332296 1546 stderr_bytes += len;
5260325f 1547 }
1548
5260325f 1549 /* Clear and free any buffers. */
1550 memset(buf, 0, sizeof(buf));
1551 buffer_free(&stdin_buffer);
1552 buffer_free(&stdout_buffer);
1553 buffer_free(&stderr_buffer);
1554
1555 /* Report bytes transferred, and transfer rates. */
1556 total_time = get_current_time() - start_time;
1557 debug("Transferred: stdin %lu, stdout %lu, stderr %lu bytes in %.1f seconds",
184eed6a 1558 stdin_bytes, stdout_bytes, stderr_bytes, total_time);
5260325f 1559 if (total_time > 0)
1560 debug("Bytes per second: stdin %.1f, stdout %.1f, stderr %.1f",
184eed6a 1561 stdin_bytes / total_time, stdout_bytes / total_time,
1562 stderr_bytes / total_time);
5260325f 1563
1564 /* Return the exit status of the program. */
1565 debug("Exit status %d", exit_status);
1566 return exit_status;
8efc0c15 1567}
7368a6c8 1568
1569/*********/
1570
396c147e 1571static void
7819b5c3 1572client_input_stdout_data(int type, u_int32_t seq, void *ctxt)
7368a6c8 1573{
1e3b8b07 1574 u_int data_len;
7368a6c8 1575 char *data = packet_get_string(&data_len);
95500969 1576 packet_check_eom();
7368a6c8 1577 buffer_append(&stdout_buffer, data, data_len);
7368a6c8 1578 memset(data, 0, data_len);
1579 xfree(data);
1580}
396c147e 1581static void
7819b5c3 1582client_input_stderr_data(int type, u_int32_t seq, void *ctxt)
7368a6c8 1583{
1e3b8b07 1584 u_int data_len;
7368a6c8 1585 char *data = packet_get_string(&data_len);
95500969 1586 packet_check_eom();
7368a6c8 1587 buffer_append(&stderr_buffer, data, data_len);
7368a6c8 1588 memset(data, 0, data_len);
1589 xfree(data);
1590}
396c147e 1591static void
7819b5c3 1592client_input_exit_status(int type, u_int32_t seq, void *ctxt)
7368a6c8 1593{
7368a6c8 1594 exit_status = packet_get_int();
95500969 1595 packet_check_eom();
7368a6c8 1596 /* Acknowledge the exit. */
1597 packet_start(SSH_CMSG_EXIT_CONFIRMATION);
1598 packet_send();
1599 /*
1600 * Must wait for packet to be sent since we are
1601 * exiting the loop.
1602 */
1603 packet_write_wait();
1604 /* Flag that we want to exit. */
1605 quit_pending = 1;
1606}
c15706e2 1607static void
1608client_input_agent_open(int type, u_int32_t seq, void *ctxt)
1609{
1610 Channel *c = NULL;
1611 int remote_id, sock;
1612
1613 /* Read the remote channel number from the message. */
1614 remote_id = packet_get_int();
1615 packet_check_eom();
1616
1617 /*
1618 * Get a connection to the local authentication agent (this may again
1619 * get forwarded).
1620 */
1621 sock = ssh_get_authentication_socket();
1622
1623 /*
1624 * If we could not connect the agent, send an error message back to
1625 * the server. This should never happen unless the agent dies,
1626 * because authentication forwarding is only enabled if we have an
1627 * agent.
1628 */
1629 if (sock >= 0) {
1630 c = channel_new("", SSH_CHANNEL_OPEN, sock, sock,
1631 -1, 0, 0, 0, "authentication agent connection", 1);
1632 c->remote_id = remote_id;
1633 c->force_drain = 1;
1634 }
1635 if (c == NULL) {
1636 packet_start(SSH_MSG_CHANNEL_OPEN_FAILURE);
1637 packet_put_int(remote_id);
1638 } else {
1639 /* Send a confirmation to the remote host. */
1640 debug("Forwarding authentication connection.");
1641 packet_start(SSH_MSG_CHANNEL_OPEN_CONFIRMATION);
1642 packet_put_int(remote_id);
1643 packet_put_int(c->self);
1644 }
1645 packet_send();
1646}
7368a6c8 1647
396c147e 1648static Channel *
fa08c86b 1649client_request_forwarded_tcpip(const char *request_type, int rchan)
1650{
343288b8 1651 Channel *c = NULL;
fa08c86b 1652 char *listen_address, *originator_address;
1653 int listen_port, originator_port;
719fc62f 1654 int sock;
fa08c86b 1655
1656 /* Get rest of the packet */
1657 listen_address = packet_get_string(NULL);
1658 listen_port = packet_get_int();
1659 originator_address = packet_get_string(NULL);
1660 originator_port = packet_get_int();
95500969 1661 packet_check_eom();
fa08c86b 1662
1663 debug("client_request_forwarded_tcpip: listen %s port %d, originator %s port %d",
1664 listen_address, listen_port, originator_address, originator_port);
1665
b3f8a79c 1666 sock = channel_connect_by_listen_address(listen_port);
719fc62f 1667 if (sock < 0) {
1668 xfree(originator_address);
1669 xfree(listen_address);
1670 return NULL;
1671 }
1672 c = channel_new("forwarded-tcpip",
1673 SSH_CHANNEL_CONNECTING, sock, sock, -1,
1674 CHAN_TCP_WINDOW_DEFAULT, CHAN_TCP_WINDOW_DEFAULT, 0,
0d942eff 1675 originator_address, 1);
fa08c86b 1676 xfree(originator_address);
1677 xfree(listen_address);
1678 return c;
1679}
1680
343288b8 1681static Channel *
fa08c86b 1682client_request_x11(const char *request_type, int rchan)
1683{
1684 Channel *c = NULL;
1685 char *originator;
1686 int originator_port;
719fc62f 1687 int sock;
fa08c86b 1688
1689 if (!options.forward_x11) {
1690 error("Warning: ssh server tried X11 forwarding.");
1908529f 1691 error("Warning: this is probably a break-in attempt by a malicious server.");
fa08c86b 1692 return NULL;
1693 }
1694 originator = packet_get_string(NULL);
1695 if (datafellows & SSH_BUG_X11FWD) {
1696 debug2("buggy server: x11 request w/o originator_port");
1697 originator_port = 0;
1698 } else {
1699 originator_port = packet_get_int();
1700 }
95500969 1701 packet_check_eom();
fa08c86b 1702 /* XXX check permission */
865ac82e 1703 debug("client_request_x11: request from %s %d", originator,
1704 originator_port);
719fc62f 1705 xfree(originator);
fa08c86b 1706 sock = x11_connect_display();
719fc62f 1707 if (sock < 0)
1708 return NULL;
1709 c = channel_new("x11",
1710 SSH_CHANNEL_X11_OPEN, sock, sock, -1,
0d942eff 1711 CHAN_TCP_WINDOW_DEFAULT, CHAN_X11_PACKET_DEFAULT, 0, "x11", 1);
a5f82435 1712 c->force_drain = 1;
fa08c86b 1713 return c;
1714}
1715
343288b8 1716static Channel *
fa08c86b 1717client_request_agent(const char *request_type, int rchan)
1718{
1719 Channel *c = NULL;
719fc62f 1720 int sock;
fa08c86b 1721
1722 if (!options.forward_agent) {
1723 error("Warning: ssh server tried agent forwarding.");
1908529f 1724 error("Warning: this is probably a break-in attempt by a malicious server.");
fa08c86b 1725 return NULL;
1726 }
1727 sock = ssh_get_authentication_socket();
719fc62f 1728 if (sock < 0)
1729 return NULL;
1730 c = channel_new("authentication agent connection",
1731 SSH_CHANNEL_OPEN, sock, sock, -1,
1732 CHAN_X11_WINDOW_DEFAULT, CHAN_TCP_WINDOW_DEFAULT, 0,
0d942eff 1733 "authentication agent connection", 1);
a5f82435 1734 c->force_drain = 1;
fa08c86b 1735 return c;
1736}
1737
0b242b12 1738/* XXXX move to generic input handler */
396c147e 1739static void
7819b5c3 1740client_input_channel_open(int type, u_int32_t seq, void *ctxt)
0b242b12 1741{
1742 Channel *c = NULL;
1743 char *ctype;
0b242b12 1744 int rchan;
f91d9a89 1745 u_int rmaxpack, rwindow, len;
0b242b12 1746
1747 ctype = packet_get_string(&len);
1748 rchan = packet_get_int();
1749 rwindow = packet_get_int();
1750 rmaxpack = packet_get_int();
1751
1d1ffb87 1752 debug("client_input_channel_open: ctype %s rchan %d win %d max %d",
0b242b12 1753 ctype, rchan, rwindow, rmaxpack);
1754
fa08c86b 1755 if (strcmp(ctype, "forwarded-tcpip") == 0) {
1756 c = client_request_forwarded_tcpip(ctype, rchan);
1757 } else if (strcmp(ctype, "x11") == 0) {
1758 c = client_request_x11(ctype, rchan);
1759 } else if (strcmp(ctype, "auth-agent@openssh.com") == 0) {
1760 c = client_request_agent(ctype, rchan);
0b242b12 1761 }
1762/* XXX duplicate : */
1763 if (c != NULL) {
1764 debug("confirm %s", ctype);
1765 c->remote_id = rchan;
1766 c->remote_window = rwindow;
1767 c->remote_maxpacket = rmaxpack;
a01a10dd 1768 if (c->type != SSH_CHANNEL_CONNECTING) {
1769 packet_start(SSH2_MSG_CHANNEL_OPEN_CONFIRMATION);
1770 packet_put_int(c->remote_id);
1771 packet_put_int(c->self);
1772 packet_put_int(c->local_window);
1773 packet_put_int(c->local_maxpacket);
1774 packet_send();
1775 }
0b242b12 1776 } else {
1777 debug("failure %s", ctype);
1778 packet_start(SSH2_MSG_CHANNEL_OPEN_FAILURE);
1779 packet_put_int(rchan);
1780 packet_put_int(SSH2_OPEN_ADMINISTRATIVELY_PROHIBITED);
fbe90f7b 1781 if (!(datafellows & SSH_BUG_OPENFAILURE)) {
a01a10dd 1782 packet_put_cstring("open failed");
fbe90f7b 1783 packet_put_cstring("");
1784 }
0b242b12 1785 packet_send();
1786 }
1787 xfree(ctype);
1788}
396c147e 1789static void
7819b5c3 1790client_input_channel_req(int type, u_int32_t seq, void *ctxt)
1fc8ccdf 1791{
1792 Channel *c = NULL;
5e96b616 1793 int exitval, id, reply, success = 0;
1fc8ccdf 1794 char *rtype;
1795
1796 id = packet_get_int();
1797 rtype = packet_get_string(NULL);
1798 reply = packet_get_char();
1799
1800 debug("client_input_channel_req: channel %d rtype %s reply %d",
1801 id, rtype, reply);
1802
13de3560 1803 if (id == -1) {
1804 error("client_input_channel_req: request for channel -1");
1805 } else if ((c = channel_lookup(id)) == NULL) {
1fc8ccdf 1806 error("client_input_channel_req: channel %d: unknown channel", id);
1807 } else if (strcmp(rtype, "exit-status") == 0) {
5e96b616 1808 exitval = packet_get_int();
1809 if (id == session_ident) {
1810 success = 1;
1811 exit_status = exitval;
1812 } else if (c->ctl_fd == -1) {
1813 error("client_input_channel_req: unexpected channel %d",
1814 session_ident);
1815 } else {
1816 atomicio(vwrite, c->ctl_fd, &exitval, sizeof(exitval));
1817 success = 1;
1818 }
95500969 1819 packet_check_eom();
1fc8ccdf 1820 }
1821 if (reply) {
1822 packet_start(success ?
1823 SSH2_MSG_CHANNEL_SUCCESS : SSH2_MSG_CHANNEL_FAILURE);
13de3560 1824 packet_put_int(id);
1fc8ccdf 1825 packet_send();
1826 }
1827 xfree(rtype);
1828}
3d209bbe 1829static void
1830client_input_global_request(int type, u_int32_t seq, void *ctxt)
1831{
1832 char *rtype;
1833 int want_reply;
1834 int success = 0;
1835
1836 rtype = packet_get_string(NULL);
1837 want_reply = packet_get_char();
5d8d32a3 1838 debug("client_input_global_request: rtype %s want_reply %d",
1839 rtype, want_reply);
3d209bbe 1840 if (want_reply) {
1841 packet_start(success ?
1842 SSH2_MSG_REQUEST_SUCCESS : SSH2_MSG_REQUEST_FAILURE);
1843 packet_send();
1844 packet_write_wait();
1845 }
1846 xfree(rtype);
1847}
0b242b12 1848
5e96b616 1849void
f2107e97 1850client_session2_setup(int id, int want_tty, int want_subsystem,
1786be35 1851 const char *term, struct termios *tiop, int in_fd, Buffer *cmd, char **env,
5e96b616 1852 dispatch_fn *subsys_repl)
1853{
1854 int len;
2c9a4d41 1855 Channel *c = NULL;
5e96b616 1856
1857 debug2("%s: id %d", __func__, id);
1858
2c9a4d41 1859 if ((c = channel_lookup(id)) == NULL)
1860 fatal("client_session2_setup: channel %d: unknown channel", id);
1861
5e96b616 1862 if (want_tty) {
1863 struct winsize ws;
1864 struct termios tio;
1865
1866 /* Store window size in the packet. */
1867 if (ioctl(in_fd, TIOCGWINSZ, &ws) < 0)
1868 memset(&ws, 0, sizeof(ws));
1869
1870 channel_request_start(id, "pty-req", 0);
1871 packet_put_cstring(term != NULL ? term : "");
1872 packet_put_int(ws.ws_col);
1873 packet_put_int(ws.ws_row);
1874 packet_put_int(ws.ws_xpixel);
1875 packet_put_int(ws.ws_ypixel);
1876 tio = get_saved_tio();
1877 tty_make_modes(-1, tiop != NULL ? tiop : &tio);
1878 packet_send();
1879 /* XXX wait for reply */
2c9a4d41 1880 c->client_tty = 1;
5e96b616 1881 }
1882
1883 /* Transfer any environment variables from client to server */
1786be35 1884 if (options.num_send_env != 0 && env != NULL) {
5e96b616 1885 int i, j, matched;
5e96b616 1886 char *name, *val;
1887
1888 debug("Sending environment.");
1786be35 1889 for (i = 0; env[i] != NULL; i++) {
5e96b616 1890 /* Split */
1786be35 1891 name = xstrdup(env[i]);
5e96b616 1892 if ((val = strchr(name, '=')) == NULL) {
8c4bd764 1893 xfree(name);
5e96b616 1894 continue;
1895 }
1896 *val++ = '\0';
1897
1898 matched = 0;
1899 for (j = 0; j < options.num_send_env; j++) {
1900 if (match_pattern(name, options.send_env[j])) {
1901 matched = 1;
1902 break;
1903 }
1904 }
1905 if (!matched) {
1906 debug3("Ignored env %s", name);
8c4bd764 1907 xfree(name);
5e96b616 1908 continue;
1909 }
1910
1911 debug("Sending env %s = %s", name, val);
1912 channel_request_start(id, "env", 0);
1913 packet_put_cstring(name);
1914 packet_put_cstring(val);
1915 packet_send();
8c4bd764 1916 xfree(name);
5e96b616 1917 }
1918 }
1919
1920 len = buffer_len(cmd);
1921 if (len > 0) {
1922 if (len > 900)
1923 len = 900;
1924 if (want_subsystem) {
1925 debug("Sending subsystem: %.*s", len, (u_char*)buffer_ptr(cmd));
1926 channel_request_start(id, "subsystem", subsys_repl != NULL);
1927 if (subsys_repl != NULL) {
1928 /* register callback for reply */
1929 /* XXX we assume that client_loop has already been called */
1930 dispatch_set(SSH2_MSG_CHANNEL_FAILURE, subsys_repl);
1931 dispatch_set(SSH2_MSG_CHANNEL_SUCCESS, subsys_repl);
1932 }
1933 } else {
1934 debug("Sending command: %.*s", len, (u_char*)buffer_ptr(cmd));
1935 channel_request_start(id, "exec", 0);
1936 }
1937 packet_put_string(buffer_ptr(cmd), buffer_len(cmd));
1938 packet_send();
1939 } else {
1940 channel_request_start(id, "shell", 0);
1941 packet_send();
1942 }
1943}
1944
396c147e 1945static void
5ca51e19 1946client_init_dispatch_20(void)
8ce64345 1947{
7a37c112 1948 dispatch_init(&dispatch_protocol_error);
e0ae8728 1949
8ce64345 1950 dispatch_set(SSH2_MSG_CHANNEL_CLOSE, &channel_input_oclose);
1951 dispatch_set(SSH2_MSG_CHANNEL_DATA, &channel_input_data);
1952 dispatch_set(SSH2_MSG_CHANNEL_EOF, &channel_input_ieof);
1953 dispatch_set(SSH2_MSG_CHANNEL_EXTENDED_DATA, &channel_input_extended_data);
0b242b12 1954 dispatch_set(SSH2_MSG_CHANNEL_OPEN, &client_input_channel_open);
8ce64345 1955 dispatch_set(SSH2_MSG_CHANNEL_OPEN_CONFIRMATION, &channel_input_open_confirmation);
1956 dispatch_set(SSH2_MSG_CHANNEL_OPEN_FAILURE, &channel_input_open_failure);
1fc8ccdf 1957 dispatch_set(SSH2_MSG_CHANNEL_REQUEST, &client_input_channel_req);
8ce64345 1958 dispatch_set(SSH2_MSG_CHANNEL_WINDOW_ADJUST, &channel_input_window_adjust);
3d209bbe 1959 dispatch_set(SSH2_MSG_GLOBAL_REQUEST, &client_input_global_request);
7a37c112 1960
1961 /* rekeying */
1962 dispatch_set(SSH2_MSG_KEXINIT, &kex_input_kexinit);
e0ae8728 1963
1964 /* global request reply messages */
1965 dispatch_set(SSH2_MSG_REQUEST_FAILURE, &client_global_request_reply);
1966 dispatch_set(SSH2_MSG_REQUEST_SUCCESS, &client_global_request_reply);
8ce64345 1967}
396c147e 1968static void
5ca51e19 1969client_init_dispatch_13(void)
7368a6c8 1970{
1971 dispatch_init(NULL);
1972 dispatch_set(SSH_MSG_CHANNEL_CLOSE, &channel_input_close);
1973 dispatch_set(SSH_MSG_CHANNEL_CLOSE_CONFIRMATION, &channel_input_close_confirmation);
1974 dispatch_set(SSH_MSG_CHANNEL_DATA, &channel_input_data);
7368a6c8 1975 dispatch_set(SSH_MSG_CHANNEL_OPEN_CONFIRMATION, &channel_input_open_confirmation);
1976 dispatch_set(SSH_MSG_CHANNEL_OPEN_FAILURE, &channel_input_open_failure);
1977 dispatch_set(SSH_MSG_PORT_OPEN, &channel_input_port_open);
7368a6c8 1978 dispatch_set(SSH_SMSG_EXITSTATUS, &client_input_exit_status);
1979 dispatch_set(SSH_SMSG_STDERR_DATA, &client_input_stderr_data);
1980 dispatch_set(SSH_SMSG_STDOUT_DATA, &client_input_stdout_data);
a22aff1f 1981
1982 dispatch_set(SSH_SMSG_AGENT_OPEN, options.forward_agent ?
c15706e2 1983 &client_input_agent_open : &deny_input_open);
a22aff1f 1984 dispatch_set(SSH_SMSG_X11_OPEN, options.forward_x11 ?
1985 &x11_input_open : &deny_input_open);
7368a6c8 1986}
396c147e 1987static void
5ca51e19 1988client_init_dispatch_15(void)
7368a6c8 1989{
1990 client_init_dispatch_13();
1991 dispatch_set(SSH_MSG_CHANNEL_CLOSE, &channel_input_ieof);
1992 dispatch_set(SSH_MSG_CHANNEL_CLOSE_CONFIRMATION, & channel_input_oclose);
1993}
eea46d13 1994static void
5ca51e19 1995client_init_dispatch(void)
7368a6c8 1996{
8ce64345 1997 if (compat20)
1998 client_init_dispatch_20();
1999 else if (compat13)
7368a6c8 2000 client_init_dispatch_13();
2001 else
2002 client_init_dispatch_15();
2003}
82de775c 2004
2005/* client specific fatal cleanup */
2006void
2362db19 2007cleanup_exit(int i)
82de775c 2008{
82de775c 2009 leave_raw_mode();
2010 leave_non_blocking();
5e96b616 2011 if (options.control_path != NULL && control_fd != -1)
2012 unlink(options.control_path);
2362db19 2013 _exit(i);
82de775c 2014}
git-cvsimport mirror of OpenSSH
This page took 0.536638 seconds and 5 git commands to generate.