1 /* $OpenBSD: nchan.c,v 1.54 2006/07/08 21:47:12 stevesk Exp $ */
3 * Copyright (c) 1999, 2000, 2001, 2002 Markus Friedl. All rights reserved.
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions
8 * 1. Redistributions of source code must retain the above copyright
9 * notice, this list of conditions and the following disclaimer.
10 * 2. Redistributions in binary form must reproduce the above copyright
11 * notice, this list of conditions and the following disclaimer in the
12 * documentation and/or other materials provided with the distribution.
14 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
15 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
16 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
17 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
18 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
19 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
20 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
21 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
22 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
23 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
28 #include <sys/types.h>
29 #include <sys/socket.h>
40 * SSH Protocol 1.5 aka New Channel Protocol
41 * Thanks to Martina, Axel and everyone who left Erlangen, leaving me bored.
42 * Written by Markus Friedl in October 1999
44 * Protocol versions 1.3 and 1.5 differ in the handshake protocol used for the
45 * tear down of channels:
47 * 1.3: strict request-ack-protocol:
51 * 1.5: uses variations of:
56 * i.e. both sides have to close the channel
58 * 2.0: the EOF messages are optional
60 * See the debugging output from 'ssh -v' and 'sshd -d' of
61 * ssh-1.2.27 as an example.
65 /* functions manipulating channel states */
67 * EVENTS update channel input/output states execute ACTIONS
70 * ACTIONS: should never update the channel states
72 static void chan_send_ieof1(Channel *);
73 static void chan_send_oclose1(Channel *);
74 static void chan_send_close2(Channel *);
75 static void chan_send_eof2(Channel *);
78 static void chan_shutdown_write(Channel *);
79 static void chan_shutdown_read(Channel *);
81 static char *ostates[] = { "open", "drain", "wait_ieof", "closed" };
82 static char *istates[] = { "open", "drain", "wait_oclose", "closed" };
85 chan_set_istate(Channel *c, u_int next)
87 if (c->istate > CHAN_INPUT_CLOSED || next > CHAN_INPUT_CLOSED)
88 fatal("chan_set_istate: bad state %d -> %d", c->istate, next);
89 debug2("channel %d: input %s -> %s", c->self, istates[c->istate],
94 chan_set_ostate(Channel *c, u_int next)
96 if (c->ostate > CHAN_OUTPUT_CLOSED || next > CHAN_OUTPUT_CLOSED)
97 fatal("chan_set_ostate: bad state %d -> %d", c->ostate, next);
98 debug2("channel %d: output %s -> %s", c->self, ostates[c->ostate],
104 * SSH1 specific implementation of event functions
108 chan_rcvd_oclose1(Channel *c)
110 debug2("channel %d: rcvd oclose", c->self);
112 case CHAN_INPUT_WAIT_OCLOSE:
113 chan_set_istate(c, CHAN_INPUT_CLOSED);
115 case CHAN_INPUT_OPEN:
116 chan_shutdown_read(c);
118 chan_set_istate(c, CHAN_INPUT_CLOSED);
120 case CHAN_INPUT_WAIT_DRAIN:
121 /* both local read_failed and remote write_failed */
123 chan_set_istate(c, CHAN_INPUT_CLOSED);
126 error("channel %d: protocol error: rcvd_oclose for istate %d",
132 chan_read_failed(Channel *c)
134 debug2("channel %d: read failed", c->self);
136 case CHAN_INPUT_OPEN:
137 chan_shutdown_read(c);
138 chan_set_istate(c, CHAN_INPUT_WAIT_DRAIN);
141 error("channel %d: chan_read_failed for istate %d",
147 chan_ibuf_empty(Channel *c)
149 debug2("channel %d: ibuf empty", c->self);
150 if (buffer_len(&c->input)) {
151 error("channel %d: chan_ibuf_empty for non empty buffer",
156 case CHAN_INPUT_WAIT_DRAIN:
158 if (!(c->flags & CHAN_CLOSE_SENT))
160 chan_set_istate(c, CHAN_INPUT_CLOSED);
163 chan_set_istate(c, CHAN_INPUT_WAIT_OCLOSE);
167 error("channel %d: chan_ibuf_empty for istate %d",
173 chan_rcvd_ieof1(Channel *c)
175 debug2("channel %d: rcvd ieof", c->self);
177 case CHAN_OUTPUT_OPEN:
178 chan_set_ostate(c, CHAN_OUTPUT_WAIT_DRAIN);
180 case CHAN_OUTPUT_WAIT_IEOF:
181 chan_set_ostate(c, CHAN_OUTPUT_CLOSED);
184 error("channel %d: protocol error: rcvd_ieof for ostate %d",
190 chan_write_failed1(Channel *c)
192 debug2("channel %d: write failed", c->self);
194 case CHAN_OUTPUT_OPEN:
195 chan_shutdown_write(c);
196 chan_send_oclose1(c);
197 chan_set_ostate(c, CHAN_OUTPUT_WAIT_IEOF);
199 case CHAN_OUTPUT_WAIT_DRAIN:
200 chan_shutdown_write(c);
201 chan_send_oclose1(c);
202 chan_set_ostate(c, CHAN_OUTPUT_CLOSED);
205 error("channel %d: chan_write_failed for ostate %d",
211 chan_obuf_empty(Channel *c)
213 debug2("channel %d: obuf empty", c->self);
214 if (buffer_len(&c->output)) {
215 error("channel %d: chan_obuf_empty for non empty buffer",
220 case CHAN_OUTPUT_WAIT_DRAIN:
221 chan_shutdown_write(c);
223 chan_send_oclose1(c);
224 chan_set_ostate(c, CHAN_OUTPUT_CLOSED);
227 error("channel %d: internal error: obuf_empty for ostate %d",
233 chan_send_ieof1(Channel *c)
235 debug2("channel %d: send ieof", c->self);
237 case CHAN_INPUT_OPEN:
238 case CHAN_INPUT_WAIT_DRAIN:
239 packet_start(SSH_MSG_CHANNEL_INPUT_EOF);
240 packet_put_int(c->remote_id);
244 error("channel %d: cannot send ieof for istate %d",
250 chan_send_oclose1(Channel *c)
252 debug2("channel %d: send oclose", c->self);
254 case CHAN_OUTPUT_OPEN:
255 case CHAN_OUTPUT_WAIT_DRAIN:
256 buffer_clear(&c->output);
257 packet_start(SSH_MSG_CHANNEL_OUTPUT_CLOSE);
258 packet_put_int(c->remote_id);
262 error("channel %d: cannot send oclose for ostate %d",
272 chan_rcvd_close2(Channel *c)
274 debug2("channel %d: rcvd close", c->self);
275 if (c->flags & CHAN_CLOSE_RCVD)
276 error("channel %d: protocol error: close rcvd twice", c->self);
277 c->flags |= CHAN_CLOSE_RCVD;
278 if (c->type == SSH_CHANNEL_LARVAL) {
279 /* tear down larval channels immediately */
280 chan_set_ostate(c, CHAN_OUTPUT_CLOSED);
281 chan_set_istate(c, CHAN_INPUT_CLOSED);
285 case CHAN_OUTPUT_OPEN:
287 * wait until a data from the channel is consumed if a CLOSE
290 chan_set_ostate(c, CHAN_OUTPUT_WAIT_DRAIN);
294 case CHAN_INPUT_OPEN:
295 chan_shutdown_read(c);
296 chan_set_istate(c, CHAN_INPUT_CLOSED);
298 case CHAN_INPUT_WAIT_DRAIN:
300 chan_set_istate(c, CHAN_INPUT_CLOSED);
305 chan_rcvd_eof2(Channel *c)
307 debug2("channel %d: rcvd eof", c->self);
308 c->flags |= CHAN_EOF_RCVD;
309 if (c->ostate == CHAN_OUTPUT_OPEN)
310 chan_set_ostate(c, CHAN_OUTPUT_WAIT_DRAIN);
313 chan_write_failed2(Channel *c)
315 debug2("channel %d: write failed", c->self);
317 case CHAN_OUTPUT_OPEN:
318 case CHAN_OUTPUT_WAIT_DRAIN:
319 chan_shutdown_write(c);
320 chan_set_ostate(c, CHAN_OUTPUT_CLOSED);
323 error("channel %d: chan_write_failed for ostate %d",
329 chan_send_eof2(Channel *c)
331 debug2("channel %d: send eof", c->self);
333 case CHAN_INPUT_WAIT_DRAIN:
334 packet_start(SSH2_MSG_CHANNEL_EOF);
335 packet_put_int(c->remote_id);
337 c->flags |= CHAN_EOF_SENT;
340 error("channel %d: cannot send eof for istate %d",
346 chan_send_close2(Channel *c)
348 debug2("channel %d: send close", c->self);
349 if (c->ostate != CHAN_OUTPUT_CLOSED ||
350 c->istate != CHAN_INPUT_CLOSED) {
351 error("channel %d: cannot send close for istate/ostate %d/%d",
352 c->self, c->istate, c->ostate);
353 } else if (c->flags & CHAN_CLOSE_SENT) {
354 error("channel %d: already sent close", c->self);
356 packet_start(SSH2_MSG_CHANNEL_CLOSE);
357 packet_put_int(c->remote_id);
359 c->flags |= CHAN_CLOSE_SENT;
366 chan_rcvd_ieof(Channel *c)
372 if (c->ostate == CHAN_OUTPUT_WAIT_DRAIN &&
373 buffer_len(&c->output) == 0 &&
374 !CHANNEL_EFD_OUTPUT_ACTIVE(c))
378 chan_rcvd_oclose(Channel *c)
383 chan_rcvd_oclose1(c);
386 chan_write_failed(Channel *c)
389 chan_write_failed2(c);
391 chan_write_failed1(c);
395 chan_mark_dead(Channel *c)
397 c->type = SSH_CHANNEL_ZOMBIE;
401 chan_is_dead(Channel *c, int do_send)
403 if (c->type == SSH_CHANNEL_ZOMBIE) {
404 debug2("channel %d: zombie", c->self);
407 if (c->istate != CHAN_INPUT_CLOSED || c->ostate != CHAN_OUTPUT_CLOSED)
410 debug2("channel %d: is dead", c->self);
413 if ((datafellows & SSH_BUG_EXTEOF) &&
414 c->extended_usage == CHAN_EXTENDED_WRITE &&
416 buffer_len(&c->extended) > 0) {
417 debug2("channel %d: active efd: %d len %d",
418 c->self, c->efd, buffer_len(&c->extended));
421 if (!(c->flags & CHAN_CLOSE_SENT)) {
425 /* channel would be dead if we sent a close */
426 if (c->flags & CHAN_CLOSE_RCVD) {
427 debug2("channel %d: almost dead",
433 if ((c->flags & CHAN_CLOSE_SENT) &&
434 (c->flags & CHAN_CLOSE_RCVD)) {
435 debug2("channel %d: is dead", c->self);
443 chan_shutdown_write(Channel *c)
445 buffer_clear(&c->output);
446 if (compat20 && c->type == SSH_CHANNEL_LARVAL)
448 /* shutdown failure is allowed if write failed already */
449 debug2("channel %d: close_write", c->self);
451 if (shutdown(c->sock, SHUT_WR) < 0)
452 debug2("channel %d: chan_shutdown_write: "
453 "shutdown() failed for fd%d: %.100s",
454 c->self, c->sock, strerror(errno));
456 if (channel_close_fd(&c->wfd) < 0)
457 logit("channel %d: chan_shutdown_write: "
458 "close() failed for fd%d: %.100s",
459 c->self, c->wfd, strerror(errno));
463 chan_shutdown_read(Channel *c)
465 if (compat20 && c->type == SSH_CHANNEL_LARVAL)
467 debug2("channel %d: close_read", c->self);
470 * shutdown(sock, SHUT_READ) may return ENOTCONN if the
471 * write side has been closed already. (bug on Linux)
472 * HP-UX may return ENOTCONN also.
474 if (shutdown(c->sock, SHUT_RD) < 0
475 && errno != ENOTCONN)
476 error("channel %d: chan_shutdown_read: "
477 "shutdown() failed for fd%d [i%d o%d]: %.100s",
478 c->self, c->sock, c->istate, c->ostate,
481 if (channel_close_fd(&c->rfd) < 0)
482 logit("channel %d: chan_shutdown_read: "
483 "close() failed for fd%d: %.100s",
484 c->self, c->rfd, strerror(errno));