2 * Copyright (c) 1999, 2000, 2001, 2002 Markus Friedl. All rights reserved.
4 * Redistribution and use in source and binary forms, with or without
5 * modification, are permitted provided that the following conditions
7 * 1. Redistributions of source code must retain the above copyright
8 * notice, this list of conditions and the following disclaimer.
9 * 2. Redistributions in binary form must reproduce the above copyright
10 * notice, this list of conditions and the following disclaimer in the
11 * documentation and/or other materials provided with the distribution.
13 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
14 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
15 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
16 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
17 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
18 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
19 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
20 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
21 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
22 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
36 * SSH Protocol 1.5 aka New Channel Protocol
37 * Thanks to Martina, Axel and everyone who left Erlangen, leaving me bored.
38 * Written by Markus Friedl in October 1999
40 * Protocol versions 1.3 and 1.5 differ in the handshake protocol used for the
41 * tear down of channels:
43 * 1.3: strict request-ack-protocol:
47 * 1.5: uses variations of:
52 * i.e. both sides have to close the channel
54 * 2.0: the EOF messages are optional
56 * See the debugging output from 'ssh -v' and 'sshd -d' of
57 * ssh-1.2.27 as an example.
61 /* functions manipulating channel states */
63 * EVENTS update channel input/output states execute ACTIONS
66 * ACTIONS: should never update the channel states
68 static void chan_send_ieof1(Channel *);
69 static void chan_send_oclose1(Channel *);
70 static void chan_send_close2(Channel *);
71 static void chan_send_eof2(Channel *);
74 static void chan_shutdown_write(Channel *);
75 static void chan_shutdown_read(Channel *);
77 static char *ostates[] = { "open", "drain", "wait_ieof", "closed" };
78 static char *istates[] = { "open", "drain", "wait_oclose", "closed" };
81 chan_set_istate(Channel *c, u_int next)
83 if (c->istate > CHAN_INPUT_CLOSED || next > CHAN_INPUT_CLOSED)
84 fatal("chan_set_istate: bad state %d -> %d", c->istate, next);
85 debug2("channel %d: input %s -> %s", c->self, istates[c->istate],
90 chan_set_ostate(Channel *c, u_int next)
92 if (c->ostate > CHAN_OUTPUT_CLOSED || next > CHAN_OUTPUT_CLOSED)
93 fatal("chan_set_ostate: bad state %d -> %d", c->ostate, next);
94 debug2("channel %d: output %s -> %s", c->self, ostates[c->ostate],
100 * SSH1 specific implementation of event functions
104 chan_rcvd_oclose1(Channel *c)
106 debug2("channel %d: rcvd oclose", c->self);
108 case CHAN_INPUT_WAIT_OCLOSE:
109 chan_set_istate(c, CHAN_INPUT_CLOSED);
111 case CHAN_INPUT_OPEN:
112 chan_shutdown_read(c);
114 chan_set_istate(c, CHAN_INPUT_CLOSED);
116 case CHAN_INPUT_WAIT_DRAIN:
117 /* both local read_failed and remote write_failed */
119 chan_set_istate(c, CHAN_INPUT_CLOSED);
122 error("channel %d: protocol error: rcvd_oclose for istate %d",
128 chan_read_failed(Channel *c)
130 debug2("channel %d: read failed", c->self);
132 case CHAN_INPUT_OPEN:
133 chan_shutdown_read(c);
134 chan_set_istate(c, CHAN_INPUT_WAIT_DRAIN);
137 error("channel %d: chan_read_failed for istate %d",
143 chan_ibuf_empty(Channel *c)
145 debug2("channel %d: ibuf empty", c->self);
146 if (buffer_len(&c->input)) {
147 error("channel %d: chan_ibuf_empty for non empty buffer",
152 case CHAN_INPUT_WAIT_DRAIN:
154 if (!(c->flags & CHAN_CLOSE_SENT))
156 chan_set_istate(c, CHAN_INPUT_CLOSED);
159 chan_set_istate(c, CHAN_INPUT_WAIT_OCLOSE);
163 error("channel %d: chan_ibuf_empty for istate %d",
169 chan_rcvd_ieof1(Channel *c)
171 debug2("channel %d: rcvd ieof", c->self);
173 case CHAN_OUTPUT_OPEN:
174 chan_set_ostate(c, CHAN_OUTPUT_WAIT_DRAIN);
176 case CHAN_OUTPUT_WAIT_IEOF:
177 chan_set_ostate(c, CHAN_OUTPUT_CLOSED);
180 error("channel %d: protocol error: rcvd_ieof for ostate %d",
186 chan_write_failed1(Channel *c)
188 debug2("channel %d: write failed", c->self);
190 case CHAN_OUTPUT_OPEN:
191 chan_shutdown_write(c);
192 chan_send_oclose1(c);
193 chan_set_ostate(c, CHAN_OUTPUT_WAIT_IEOF);
195 case CHAN_OUTPUT_WAIT_DRAIN:
196 chan_shutdown_write(c);
197 chan_send_oclose1(c);
198 chan_set_ostate(c, CHAN_OUTPUT_CLOSED);
201 error("channel %d: chan_write_failed for ostate %d",
207 chan_obuf_empty(Channel *c)
209 debug2("channel %d: obuf empty", c->self);
210 if (buffer_len(&c->output)) {
211 error("channel %d: chan_obuf_empty for non empty buffer",
216 case CHAN_OUTPUT_WAIT_DRAIN:
217 chan_shutdown_write(c);
219 chan_send_oclose1(c);
220 chan_set_ostate(c, CHAN_OUTPUT_CLOSED);
223 error("channel %d: internal error: obuf_empty for ostate %d",
229 chan_send_ieof1(Channel *c)
231 debug2("channel %d: send ieof", c->self);
233 case CHAN_INPUT_OPEN:
234 case CHAN_INPUT_WAIT_DRAIN:
235 packet_start(SSH_MSG_CHANNEL_INPUT_EOF);
236 packet_put_int(c->remote_id);
240 error("channel %d: cannot send ieof for istate %d",
246 chan_send_oclose1(Channel *c)
248 debug2("channel %d: send oclose", c->self);
250 case CHAN_OUTPUT_OPEN:
251 case CHAN_OUTPUT_WAIT_DRAIN:
252 buffer_clear(&c->output);
253 packet_start(SSH_MSG_CHANNEL_OUTPUT_CLOSE);
254 packet_put_int(c->remote_id);
258 error("channel %d: cannot send oclose for ostate %d",
268 chan_rcvd_close2(Channel *c)
270 debug2("channel %d: rcvd close", c->self);
271 if (c->flags & CHAN_CLOSE_RCVD)
272 error("channel %d: protocol error: close rcvd twice", c->self);
273 c->flags |= CHAN_CLOSE_RCVD;
274 if (c->type == SSH_CHANNEL_LARVAL) {
275 /* tear down larval channels immediately */
276 chan_set_ostate(c, CHAN_OUTPUT_CLOSED);
277 chan_set_istate(c, CHAN_INPUT_CLOSED);
281 case CHAN_OUTPUT_OPEN:
283 * wait until a data from the channel is consumed if a CLOSE
286 chan_set_ostate(c, CHAN_OUTPUT_WAIT_DRAIN);
290 case CHAN_INPUT_OPEN:
291 chan_shutdown_read(c);
292 chan_set_istate(c, CHAN_INPUT_CLOSED);
294 case CHAN_INPUT_WAIT_DRAIN:
296 chan_set_istate(c, CHAN_INPUT_CLOSED);
301 chan_rcvd_eof2(Channel *c)
303 debug2("channel %d: rcvd eof", c->self);
304 c->flags |= CHAN_EOF_RCVD;
305 if (c->ostate == CHAN_OUTPUT_OPEN)
306 chan_set_ostate(c, CHAN_OUTPUT_WAIT_DRAIN);
309 chan_write_failed2(Channel *c)
311 debug2("channel %d: write failed", c->self);
313 case CHAN_OUTPUT_OPEN:
314 case CHAN_OUTPUT_WAIT_DRAIN:
315 chan_shutdown_write(c);
316 chan_set_ostate(c, CHAN_OUTPUT_CLOSED);
319 error("channel %d: chan_write_failed for ostate %d",
325 chan_send_eof2(Channel *c)
327 debug2("channel %d: send eof", c->self);
329 case CHAN_INPUT_WAIT_DRAIN:
330 packet_start(SSH2_MSG_CHANNEL_EOF);
331 packet_put_int(c->remote_id);
333 c->flags |= CHAN_EOF_SENT;
336 error("channel %d: cannot send eof for istate %d",
342 chan_send_close2(Channel *c)
344 debug2("channel %d: send close", c->self);
345 if (c->ostate != CHAN_OUTPUT_CLOSED ||
346 c->istate != CHAN_INPUT_CLOSED) {
347 error("channel %d: cannot send close for istate/ostate %d/%d",
348 c->self, c->istate, c->ostate);
349 } else if (c->flags & CHAN_CLOSE_SENT) {
350 error("channel %d: already sent close", c->self);
352 packet_start(SSH2_MSG_CHANNEL_CLOSE);
353 packet_put_int(c->remote_id);
355 c->flags |= CHAN_CLOSE_SENT;
362 chan_rcvd_ieof(Channel *c)
368 if (c->ostate == CHAN_OUTPUT_WAIT_DRAIN &&
369 buffer_len(&c->output) == 0 &&
370 !CHANNEL_EFD_OUTPUT_ACTIVE(c))
374 chan_rcvd_oclose(Channel *c)
379 chan_rcvd_oclose1(c);
382 chan_write_failed(Channel *c)
385 chan_write_failed2(c);
387 chan_write_failed1(c);
391 chan_mark_dead(Channel *c)
393 c->type = SSH_CHANNEL_ZOMBIE;
397 chan_is_dead(Channel *c, int do_send)
399 if (c->type == SSH_CHANNEL_ZOMBIE) {
400 debug2("channel %d: zombie", c->self);
403 if (c->istate != CHAN_INPUT_CLOSED || c->ostate != CHAN_OUTPUT_CLOSED)
406 debug2("channel %d: is dead", c->self);
409 if ((datafellows & SSH_BUG_EXTEOF) &&
410 c->extended_usage == CHAN_EXTENDED_WRITE &&
412 buffer_len(&c->extended) > 0) {
413 debug2("channel %d: active efd: %d len %d",
414 c->self, c->efd, buffer_len(&c->extended));
417 if (!(c->flags & CHAN_CLOSE_SENT)) {
421 /* channel would be dead if we sent a close */
422 if (c->flags & CHAN_CLOSE_RCVD) {
423 debug2("channel %d: almost dead",
429 if ((c->flags & CHAN_CLOSE_SENT) &&
430 (c->flags & CHAN_CLOSE_RCVD)) {
431 debug2("channel %d: is dead", c->self);
439 chan_shutdown_write(Channel *c)
441 buffer_clear(&c->output);
442 if (compat20 && c->type == SSH_CHANNEL_LARVAL)
444 /* shutdown failure is allowed if write failed already */
445 debug2("channel %d: close_write", c->self);
447 if (shutdown(c->sock, SHUT_WR) < 0)
448 debug2("channel %d: chan_shutdown_write: "
449 "shutdown() failed for fd%d: %.100s",
450 c->self, c->sock, strerror(errno));
452 if (channel_close_fd(&c->wfd) < 0)
453 logit("channel %d: chan_shutdown_write: "
454 "close() failed for fd%d: %.100s",
455 c->self, c->wfd, strerror(errno));
459 chan_shutdown_read(Channel *c)
461 if (compat20 && c->type == SSH_CHANNEL_LARVAL)
463 debug2("channel %d: close_read", c->self);
466 * shutdown(sock, SHUT_READ) may return ENOTCONN if the
467 * write side has been closed already. (bug on Linux)
468 * HP-UX may return ENOTCONN also.
470 if (shutdown(c->sock, SHUT_RD) < 0
471 && errno != ENOTCONN)
472 error("channel %d: chan_shutdown_read: "
473 "shutdown() failed for fd%d [i%d o%d]: %.100s",
474 c->self, c->sock, c->istate, c->ostate,
477 if (channel_close_fd(&c->rfd) < 0)
478 logit("channel %d: chan_shutdown_read: "
479 "close() failed for fd%d: %.100s",
480 c->self, c->rfd, strerror(errno));