]>
Commit | Line | Data |
---|---|---|
bcbf86ec | 1 | /* |
2 | * Author: Tatu Ylonen <ylo@cs.hut.fi> | |
3 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland | |
4 | * All rights reserved | |
5 | * | |
6 | * As far as I am concerned, the code I have written for this software | |
7 | * can be used freely for any purpose. Any derived versions of this | |
8 | * software must be clearly marked as such, and if the derived work is | |
9 | * incompatible with the protocol description in the RFC file, it must be | |
10 | * called by a name other than "ssh" or "Secure Shell". | |
11 | */ | |
12 | /* | |
13 | * Copyright (c) 2000 Markus Friedl. All rights reserved. | |
14 | * | |
15 | * Redistribution and use in source and binary forms, with or without | |
16 | * modification, are permitted provided that the following conditions | |
17 | * are met: | |
18 | * 1. Redistributions of source code must retain the above copyright | |
19 | * notice, this list of conditions and the following disclaimer. | |
20 | * 2. Redistributions in binary form must reproduce the above copyright | |
21 | * notice, this list of conditions and the following disclaimer in the | |
22 | * documentation and/or other materials provided with the distribution. | |
23 | * | |
24 | * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR | |
25 | * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES | |
26 | * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. | |
27 | * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, | |
28 | * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT | |
29 | * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, | |
30 | * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY | |
31 | * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT | |
32 | * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF | |
33 | * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. | |
34 | */ | |
6fd8622b | 35 | /* RCSID("$OpenBSD: channels.h,v 1.33 2001/05/28 23:14:49 markus Exp $"); */ |
8efc0c15 | 36 | |
37 | #ifndef CHANNELS_H | |
38 | #define CHANNELS_H | |
39 | ||
01794848 | 40 | #include "buffer.h" |
41 | ||
8efc0c15 | 42 | /* Definitions for channel types. */ |
aa3378df | 43 | #define SSH_CHANNEL_X11_LISTENER 1 /* Listening for inet X11 conn. */ |
5260325f | 44 | #define SSH_CHANNEL_PORT_LISTENER 2 /* Listening on a port. */ |
45 | #define SSH_CHANNEL_OPENING 3 /* waiting for confirmation */ | |
46 | #define SSH_CHANNEL_OPEN 4 /* normal open two-way channel */ | |
aa3378df | 47 | #define SSH_CHANNEL_CLOSED 5 /* waiting for close confirmation */ |
7368a6c8 | 48 | #define SSH_CHANNEL_AUTH_SOCKET 6 /* authentication socket */ |
49 | #define SSH_CHANNEL_X11_OPEN 7 /* reading first X11 packet */ | |
50 | #define SSH_CHANNEL_INPUT_DRAINING 8 /* sending remaining data to conn */ | |
51 | #define SSH_CHANNEL_OUTPUT_DRAINING 9 /* sending remaining data to app */ | |
52 | #define SSH_CHANNEL_LARVAL 10 /* larval session */ | |
fa08c86b | 53 | #define SSH_CHANNEL_RPORT_LISTENER 11 /* Listening to a R-style port */ |
97fb6912 | 54 | #define SSH_CHANNEL_CONNECTING 12 |
0490e609 | 55 | #define SSH_CHANNEL_DYNAMIC 13 |
6fd8622b | 56 | #define SSH_CHANNEL_ZOMBIE 14 /* Almost dead. */ |
57 | #define SSH_CHANNEL_MAX_TYPE 15 | |
8efc0c15 | 58 | |
719fc62f | 59 | #define SSH_CHANNEL_PATH_LEN 30 |
60 | ||
aa3378df | 61 | /* |
719fc62f | 62 | * Data structure for channel data. This is initialized in channel_new |
aa3378df | 63 | * and cleared in channel_free. |
64 | */ | |
2e73a022 | 65 | struct Channel; |
66 | typedef struct Channel Channel; | |
67 | ||
7368a6c8 | 68 | typedef void channel_callback_fn(int id, void *arg); |
2e73a022 | 69 | typedef int channel_filter_fn(struct Channel *c, char *buf, int len); |
8efc0c15 | 70 | |
2e73a022 | 71 | struct Channel { |
5260325f | 72 | int type; /* channel type/state */ |
73 | int self; /* my own channel identifier */ | |
74 | int remote_id; /* channel identifier for remote peer */ | |
75 | /* peer can be reached over encrypted connection, via packet-sent */ | |
76 | int istate; /* input from channel (state of receive half) */ | |
77 | int ostate; /* output to channel (state of transmit half) */ | |
7e7327a1 | 78 | int flags; /* close sent/rcvd */ |
7368a6c8 | 79 | int rfd; /* read fd */ |
80 | int wfd; /* write fd */ | |
81 | int efd; /* extended fd */ | |
82 | int sock; /* sock fd */ | |
0ae4fe1d | 83 | int isatty; /* rfd is a tty */ |
5260325f | 84 | Buffer input; /* data read from socket, to be sent over |
85 | * encrypted connection */ | |
86 | Buffer output; /* data received over encrypted connection for | |
87 | * send on socket */ | |
7368a6c8 | 88 | Buffer extended; |
719fc62f | 89 | char path[SSH_CHANNEL_PATH_LEN]; |
90 | /* path for unix domain sockets, or host name for forwards */ | |
5260325f | 91 | int listening_port; /* port being listened for forwards */ |
92 | int host_port; /* remote port to connect for forwards */ | |
93 | char *remote_name; /* remote hostname */ | |
7368a6c8 | 94 | |
95 | int remote_window; | |
96 | int remote_maxpacket; | |
97 | int local_window; | |
98 | int local_window_max; | |
99 | int local_consumed; | |
100 | int local_maxpacket; | |
101 | int extended_usage; | |
102 | ||
103 | char *ctype; /* type */ | |
104 | ||
1d1ffb87 | 105 | /* callback */ |
7368a6c8 | 106 | channel_callback_fn *cb_fn; |
107 | void *cb_arg; | |
108 | int cb_event; | |
109 | channel_callback_fn *dettach_user; | |
2e73a022 | 110 | |
111 | /* filter */ | |
112 | channel_filter_fn *input_filter; | |
113 | }; | |
7368a6c8 | 114 | |
115 | #define CHAN_EXTENDED_IGNORE 0 | |
116 | #define CHAN_EXTENDED_READ 1 | |
117 | #define CHAN_EXTENDED_WRITE 2 | |
118 | ||
bcbf86ec | 119 | /* default window/packet sizes for tcp/x11-fwd-channel */ |
120 | #define CHAN_SES_WINDOW_DEFAULT (32*1024) | |
121 | #define CHAN_SES_PACKET_DEFAULT (CHAN_SES_WINDOW_DEFAULT/2) | |
122 | #define CHAN_TCP_WINDOW_DEFAULT (32*1024) | |
123 | #define CHAN_TCP_PACKET_DEFAULT (CHAN_TCP_WINDOW_DEFAULT/2) | |
124 | #define CHAN_X11_WINDOW_DEFAULT (4*1024) | |
125 | #define CHAN_X11_PACKET_DEFAULT (CHAN_X11_WINDOW_DEFAULT/2) | |
126 | ||
127 | ||
7368a6c8 | 128 | void channel_open(int id); |
7e7327a1 | 129 | void channel_request(int id, char *service, int wantconfirm); |
130 | void channel_request_start(int id, char *service, int wantconfirm); | |
131 | void channel_register_callback(int id, int mtype, channel_callback_fn *fn, void *arg); | |
132 | void channel_register_cleanup(int id, channel_callback_fn *fn); | |
2e73a022 | 133 | void channel_register_filter(int id, channel_filter_fn *fn); |
7e7327a1 | 134 | void channel_cancel_cleanup(int id); |
7368a6c8 | 135 | Channel *channel_lookup(int id); |
136 | ||
a22aff1f | 137 | void |
138 | channel_set_fds(int id, int rfd, int wfd, int efd, | |
139 | int extusage, int nonblock); | |
140 | ||
141 | void deny_input_open(int type, int plen, void *ctxt); | |
7368a6c8 | 142 | |
188adeb2 | 143 | void channel_input_channel_request(int type, int plen, void *ctxt); |
144 | void channel_input_close(int type, int plen, void *ctxt); | |
145 | void channel_input_close_confirmation(int type, int plen, void *ctxt); | |
146 | void channel_input_data(int type, int plen, void *ctxt); | |
147 | void channel_input_extended_data(int type, int plen, void *ctxt); | |
148 | void channel_input_ieof(int type, int plen, void *ctxt); | |
149 | void channel_input_oclose(int type, int plen, void *ctxt); | |
150 | void channel_input_open_confirmation(int type, int plen, void *ctxt); | |
151 | void channel_input_open_failure(int type, int plen, void *ctxt); | |
152 | void channel_input_port_open(int type, int plen, void *ctxt); | |
153 | void channel_input_window_adjust(int type, int plen, void *ctxt); | |
7368a6c8 | 154 | |
155 | /* Sets specific protocol options. */ | |
156 | void channel_set_options(int hostname_in_open); | |
157 | ||
158 | /* | |
159 | * Allocate a new channel object and set its type and socket. Remote_name | |
160 | * must have been allocated with xmalloc; this will free it when the channel | |
161 | * is freed. | |
162 | */ | |
719fc62f | 163 | Channel * |
164 | channel_new(char *ctype, int type, int rfd, int wfd, int efd, | |
165 | int window, int maxpack, int extended_usage, char *remote_name, | |
166 | int nonblock); | |
7368a6c8 | 167 | |
168 | /* Free the channel and close its socket. */ | |
719fc62f | 169 | void channel_free(Channel *c); |
7368a6c8 | 170 | |
39929cdb | 171 | /* |
172 | * Allocate/update select bitmasks and add any bits relevant to channels in | |
173 | * select bitmasks. | |
174 | */ | |
175 | void | |
c422989b | 176 | channel_prepare_select(fd_set **readsetp, fd_set **writesetp, int *maxfdp, |
177 | int rekeying); | |
7368a6c8 | 178 | |
179 | /* | |
180 | * After select, perform any appropriate operations for channels which have | |
181 | * events pending. | |
182 | */ | |
183 | void channel_after_select(fd_set * readset, fd_set * writeset); | |
184 | ||
185 | /* If there is data to send to the connection, send some of it now. */ | |
186 | void channel_output_poll(void); | |
187 | ||
188 | /* Returns true if no channel has too much buffered data. */ | |
189 | int channel_not_very_much_buffered_data(void); | |
190 | ||
191 | /* This closes any sockets that are listening for connections; this removes | |
192 | any unix domain sockets. */ | |
193 | void channel_stop_listening(void); | |
194 | ||
195 | /* | |
196 | * Closes the sockets of all channels. This is used to close extra file | |
197 | * descriptors after a fork. | |
198 | */ | |
199 | void channel_close_all(void); | |
200 | ||
7368a6c8 | 201 | /* Returns true if there is still an open channel over the connection. */ |
202 | int channel_still_open(void); | |
203 | ||
204 | /* | |
205 | * Returns a string containing a list of all open channels. The list is | |
206 | * suitable for displaying to the user. It uses crlf instead of newlines. | |
207 | * The caller should free the string with xfree. | |
208 | */ | |
209 | char *channel_open_message(void); | |
210 | ||
211 | /* | |
212 | * Initiate forwarding of connections to local port "port" through the secure | |
fa08c86b | 213 | * channel to host:port from remote side. |
7368a6c8 | 214 | */ |
02a024dd | 215 | int |
fa08c86b | 216 | channel_request_local_forwarding(u_short listen_port, |
217 | const char *host_to_connect, u_short port_to_connect, int gateway_ports); | |
02a024dd | 218 | int |
fa08c86b | 219 | channel_request_forwarding(const char *listen_address, u_short listen_port, |
220 | const char *host_to_connect, u_short port_to_connect, int gateway_ports, | |
221 | int remote_fwd); | |
7368a6c8 | 222 | |
223 | /* | |
224 | * Initiate forwarding of connections to port "port" on remote host through | |
225 | * the secure channel to host:port from local side. This never returns if | |
226 | * there was an error. This registers that open requests for that port are | |
227 | * permitted. | |
228 | */ | |
6ae2364d | 229 | void |
7368a6c8 | 230 | channel_request_remote_forwarding(u_short port, const char *host, |
231 | u_short remote_port); | |
232 | ||
233 | /* | |
01794848 | 234 | * Permits opening to any host/port if permitted_opens[] is empty. This is |
235 | * usually called by the server, because the user could connect to any port | |
236 | * anyway, and the server has no way to know but to trust the client anyway. | |
7368a6c8 | 237 | */ |
238 | void channel_permit_all_opens(void); | |
239 | ||
01794848 | 240 | /* Add host/port to list of allowed targets for port forwarding */ |
241 | void channel_add_permitted_opens(char *host, int port); | |
242 | ||
243 | /* Flush list */ | |
244 | void channel_clear_permitted_opens(void); | |
245 | ||
7368a6c8 | 246 | /* |
247 | * This is called after receiving CHANNEL_FORWARDING_REQUEST. This initates | |
248 | * listening for the port, and sends back a success reply (or disconnect | |
249 | * message if there was an error). This never returns if there was an error. | |
250 | */ | |
1d1ffb87 | 251 | void channel_input_port_forward_request(int is_root, int gateway_ports); |
7368a6c8 | 252 | |
253 | /* | |
254 | * Creates a port for X11 connections, and starts listening for it. Returns | |
255 | * the display name, or NULL if an error was encountered. | |
256 | */ | |
257 | char *x11_create_display(int screen); | |
258 | ||
259 | /* | |
260 | * Creates an internet domain socket for listening for X11 connections. | |
261 | * Returns a suitable value for the DISPLAY variable, or NULL if an error | |
262 | * occurs. | |
263 | */ | |
264 | char *x11_create_display_inet(int screen, int x11_display_offset); | |
265 | ||
266 | /* | |
267 | * This is called when SSH_SMSG_X11_OPEN is received. The packet contains | |
268 | * the remote channel number. We should do whatever we want, and respond | |
269 | * with either SSH_MSG_OPEN_CONFIRMATION or SSH_MSG_OPEN_FAILURE. | |
270 | */ | |
188adeb2 | 271 | void x11_input_open(int type, int plen, void *ctxt); |
7368a6c8 | 272 | |
273 | /* | |
274 | * Requests forwarding of X11 connections. This should be called on the | |
275 | * client only. | |
276 | */ | |
277 | void x11_request_forwarding(void); | |
278 | ||
279 | /* | |
280 | * Requests forwarding for X11 connections, with authentication spoofing. | |
281 | * This should be called in the client only. | |
282 | */ | |
0b242b12 | 283 | void |
284 | x11_request_forwarding_with_spoofing(int client_session_id, | |
285 | const char *proto, const char *data); | |
7368a6c8 | 286 | |
287 | /* Sends a message to the server to request authentication fd forwarding. */ | |
288 | void auth_request_forwarding(void); | |
289 | ||
290 | /* | |
291 | * Returns the name of the forwarded authentication socket. Returns NULL if | |
292 | * there is no forwarded authentication socket. The returned value points to | |
293 | * a static buffer. | |
294 | */ | |
295 | char *auth_get_socket_name(void); | |
296 | ||
297 | /* | |
fa649821 | 298 | * This is called to process SSH_CMSG_AGENT_REQUEST_FORWARDING on the server. |
7368a6c8 | 299 | * This starts forwarding authentication requests. |
300 | */ | |
fa649821 | 301 | int auth_input_request_forwarding(struct passwd * pw); |
7368a6c8 | 302 | |
303 | /* This is called to process an SSH_SMSG_AGENT_OPEN message. */ | |
188adeb2 | 304 | void auth_input_open_request(int type, int plen, void *ctxt); |
7368a6c8 | 305 | |
7e7327a1 | 306 | /* XXX */ |
307 | int channel_connect_to(const char *host, u_short host_port); | |
fa08c86b | 308 | int channel_connect_by_listen_adress(u_short listen_port); |
0b242b12 | 309 | int x11_connect_display(void); |
7e7327a1 | 310 | |
3ffc6336 | 311 | int channel_find_open(void); |
312 | ||
8efc0c15 | 313 | #endif |