1 /* $OpenBSD: nchan.c,v 1.56 2006/07/22 20:48:23 stevesk Exp $ */
3 * Copyright (c) 1999, 2000, 2001, 2002 Markus Friedl. All rights reserved.
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions
8 * 1. Redistributions of source code must retain the above copyright
9 * notice, this list of conditions and the following disclaimer.
10 * 2. Redistributions in binary form must reproduce the above copyright
11 * notice, this list of conditions and the following disclaimer in the
12 * documentation and/or other materials provided with the distribution.
14 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
15 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
16 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
17 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
18 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
19 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
20 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
21 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
22 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
23 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
28 #include <sys/types.h>
29 #include <sys/socket.h>
43 * SSH Protocol 1.5 aka New Channel Protocol
44 * Thanks to Martina, Axel and everyone who left Erlangen, leaving me bored.
45 * Written by Markus Friedl in October 1999
47 * Protocol versions 1.3 and 1.5 differ in the handshake protocol used for the
48 * tear down of channels:
50 * 1.3: strict request-ack-protocol:
54 * 1.5: uses variations of:
59 * i.e. both sides have to close the channel
61 * 2.0: the EOF messages are optional
63 * See the debugging output from 'ssh -v' and 'sshd -d' of
64 * ssh-1.2.27 as an example.
68 /* functions manipulating channel states */
70 * EVENTS update channel input/output states execute ACTIONS
73 * ACTIONS: should never update the channel states
75 static void chan_send_ieof1(Channel *);
76 static void chan_send_oclose1(Channel *);
77 static void chan_send_close2(Channel *);
78 static void chan_send_eof2(Channel *);
81 static void chan_shutdown_write(Channel *);
82 static void chan_shutdown_read(Channel *);
84 static char *ostates[] = { "open", "drain", "wait_ieof", "closed" };
85 static char *istates[] = { "open", "drain", "wait_oclose", "closed" };
88 chan_set_istate(Channel *c, u_int next)
90 if (c->istate > CHAN_INPUT_CLOSED || next > CHAN_INPUT_CLOSED)
91 fatal("chan_set_istate: bad state %d -> %d", c->istate, next);
92 debug2("channel %d: input %s -> %s", c->self, istates[c->istate],
97 chan_set_ostate(Channel *c, u_int next)
99 if (c->ostate > CHAN_OUTPUT_CLOSED || next > CHAN_OUTPUT_CLOSED)
100 fatal("chan_set_ostate: bad state %d -> %d", c->ostate, next);
101 debug2("channel %d: output %s -> %s", c->self, ostates[c->ostate],
107 * SSH1 specific implementation of event functions
111 chan_rcvd_oclose1(Channel *c)
113 debug2("channel %d: rcvd oclose", c->self);
115 case CHAN_INPUT_WAIT_OCLOSE:
116 chan_set_istate(c, CHAN_INPUT_CLOSED);
118 case CHAN_INPUT_OPEN:
119 chan_shutdown_read(c);
121 chan_set_istate(c, CHAN_INPUT_CLOSED);
123 case CHAN_INPUT_WAIT_DRAIN:
124 /* both local read_failed and remote write_failed */
126 chan_set_istate(c, CHAN_INPUT_CLOSED);
129 error("channel %d: protocol error: rcvd_oclose for istate %d",
135 chan_read_failed(Channel *c)
137 debug2("channel %d: read failed", c->self);
139 case CHAN_INPUT_OPEN:
140 chan_shutdown_read(c);
141 chan_set_istate(c, CHAN_INPUT_WAIT_DRAIN);
144 error("channel %d: chan_read_failed for istate %d",
150 chan_ibuf_empty(Channel *c)
152 debug2("channel %d: ibuf empty", c->self);
153 if (buffer_len(&c->input)) {
154 error("channel %d: chan_ibuf_empty for non empty buffer",
159 case CHAN_INPUT_WAIT_DRAIN:
161 if (!(c->flags & CHAN_CLOSE_SENT))
163 chan_set_istate(c, CHAN_INPUT_CLOSED);
166 chan_set_istate(c, CHAN_INPUT_WAIT_OCLOSE);
170 error("channel %d: chan_ibuf_empty for istate %d",
176 chan_rcvd_ieof1(Channel *c)
178 debug2("channel %d: rcvd ieof", c->self);
180 case CHAN_OUTPUT_OPEN:
181 chan_set_ostate(c, CHAN_OUTPUT_WAIT_DRAIN);
183 case CHAN_OUTPUT_WAIT_IEOF:
184 chan_set_ostate(c, CHAN_OUTPUT_CLOSED);
187 error("channel %d: protocol error: rcvd_ieof for ostate %d",
193 chan_write_failed1(Channel *c)
195 debug2("channel %d: write failed", c->self);
197 case CHAN_OUTPUT_OPEN:
198 chan_shutdown_write(c);
199 chan_send_oclose1(c);
200 chan_set_ostate(c, CHAN_OUTPUT_WAIT_IEOF);
202 case CHAN_OUTPUT_WAIT_DRAIN:
203 chan_shutdown_write(c);
204 chan_send_oclose1(c);
205 chan_set_ostate(c, CHAN_OUTPUT_CLOSED);
208 error("channel %d: chan_write_failed for ostate %d",
214 chan_obuf_empty(Channel *c)
216 debug2("channel %d: obuf empty", c->self);
217 if (buffer_len(&c->output)) {
218 error("channel %d: chan_obuf_empty for non empty buffer",
223 case CHAN_OUTPUT_WAIT_DRAIN:
224 chan_shutdown_write(c);
226 chan_send_oclose1(c);
227 chan_set_ostate(c, CHAN_OUTPUT_CLOSED);
230 error("channel %d: internal error: obuf_empty for ostate %d",
236 chan_send_ieof1(Channel *c)
238 debug2("channel %d: send ieof", c->self);
240 case CHAN_INPUT_OPEN:
241 case CHAN_INPUT_WAIT_DRAIN:
242 packet_start(SSH_MSG_CHANNEL_INPUT_EOF);
243 packet_put_int(c->remote_id);
247 error("channel %d: cannot send ieof for istate %d",
253 chan_send_oclose1(Channel *c)
255 debug2("channel %d: send oclose", c->self);
257 case CHAN_OUTPUT_OPEN:
258 case CHAN_OUTPUT_WAIT_DRAIN:
259 buffer_clear(&c->output);
260 packet_start(SSH_MSG_CHANNEL_OUTPUT_CLOSE);
261 packet_put_int(c->remote_id);
265 error("channel %d: cannot send oclose for ostate %d",
275 chan_rcvd_close2(Channel *c)
277 debug2("channel %d: rcvd close", c->self);
278 if (c->flags & CHAN_CLOSE_RCVD)
279 error("channel %d: protocol error: close rcvd twice", c->self);
280 c->flags |= CHAN_CLOSE_RCVD;
281 if (c->type == SSH_CHANNEL_LARVAL) {
282 /* tear down larval channels immediately */
283 chan_set_ostate(c, CHAN_OUTPUT_CLOSED);
284 chan_set_istate(c, CHAN_INPUT_CLOSED);
288 case CHAN_OUTPUT_OPEN:
290 * wait until a data from the channel is consumed if a CLOSE
293 chan_set_ostate(c, CHAN_OUTPUT_WAIT_DRAIN);
297 case CHAN_INPUT_OPEN:
298 chan_shutdown_read(c);
299 chan_set_istate(c, CHAN_INPUT_CLOSED);
301 case CHAN_INPUT_WAIT_DRAIN:
303 chan_set_istate(c, CHAN_INPUT_CLOSED);
308 chan_rcvd_eof2(Channel *c)
310 debug2("channel %d: rcvd eof", c->self);
311 c->flags |= CHAN_EOF_RCVD;
312 if (c->ostate == CHAN_OUTPUT_OPEN)
313 chan_set_ostate(c, CHAN_OUTPUT_WAIT_DRAIN);
316 chan_write_failed2(Channel *c)
318 debug2("channel %d: write failed", c->self);
320 case CHAN_OUTPUT_OPEN:
321 case CHAN_OUTPUT_WAIT_DRAIN:
322 chan_shutdown_write(c);
323 chan_set_ostate(c, CHAN_OUTPUT_CLOSED);
326 error("channel %d: chan_write_failed for ostate %d",
332 chan_send_eof2(Channel *c)
334 debug2("channel %d: send eof", c->self);
336 case CHAN_INPUT_WAIT_DRAIN:
337 packet_start(SSH2_MSG_CHANNEL_EOF);
338 packet_put_int(c->remote_id);
340 c->flags |= CHAN_EOF_SENT;
343 error("channel %d: cannot send eof for istate %d",
349 chan_send_close2(Channel *c)
351 debug2("channel %d: send close", c->self);
352 if (c->ostate != CHAN_OUTPUT_CLOSED ||
353 c->istate != CHAN_INPUT_CLOSED) {
354 error("channel %d: cannot send close for istate/ostate %d/%d",
355 c->self, c->istate, c->ostate);
356 } else if (c->flags & CHAN_CLOSE_SENT) {
357 error("channel %d: already sent close", c->self);
359 packet_start(SSH2_MSG_CHANNEL_CLOSE);
360 packet_put_int(c->remote_id);
362 c->flags |= CHAN_CLOSE_SENT;
369 chan_rcvd_ieof(Channel *c)
375 if (c->ostate == CHAN_OUTPUT_WAIT_DRAIN &&
376 buffer_len(&c->output) == 0 &&
377 !CHANNEL_EFD_OUTPUT_ACTIVE(c))
381 chan_rcvd_oclose(Channel *c)
386 chan_rcvd_oclose1(c);
389 chan_write_failed(Channel *c)
392 chan_write_failed2(c);
394 chan_write_failed1(c);
398 chan_mark_dead(Channel *c)
400 c->type = SSH_CHANNEL_ZOMBIE;
404 chan_is_dead(Channel *c, int do_send)
406 if (c->type == SSH_CHANNEL_ZOMBIE) {
407 debug2("channel %d: zombie", c->self);
410 if (c->istate != CHAN_INPUT_CLOSED || c->ostate != CHAN_OUTPUT_CLOSED)
413 debug2("channel %d: is dead", c->self);
416 if ((datafellows & SSH_BUG_EXTEOF) &&
417 c->extended_usage == CHAN_EXTENDED_WRITE &&
419 buffer_len(&c->extended) > 0) {
420 debug2("channel %d: active efd: %d len %d",
421 c->self, c->efd, buffer_len(&c->extended));
424 if (!(c->flags & CHAN_CLOSE_SENT)) {
428 /* channel would be dead if we sent a close */
429 if (c->flags & CHAN_CLOSE_RCVD) {
430 debug2("channel %d: almost dead",
436 if ((c->flags & CHAN_CLOSE_SENT) &&
437 (c->flags & CHAN_CLOSE_RCVD)) {
438 debug2("channel %d: is dead", c->self);
446 chan_shutdown_write(Channel *c)
448 buffer_clear(&c->output);
449 if (compat20 && c->type == SSH_CHANNEL_LARVAL)
451 /* shutdown failure is allowed if write failed already */
452 debug2("channel %d: close_write", c->self);
454 if (shutdown(c->sock, SHUT_WR) < 0)
455 debug2("channel %d: chan_shutdown_write: "
456 "shutdown() failed for fd%d: %.100s",
457 c->self, c->sock, strerror(errno));
459 if (channel_close_fd(&c->wfd) < 0)
460 logit("channel %d: chan_shutdown_write: "
461 "close() failed for fd%d: %.100s",
462 c->self, c->wfd, strerror(errno));
466 chan_shutdown_read(Channel *c)
468 if (compat20 && c->type == SSH_CHANNEL_LARVAL)
470 debug2("channel %d: close_read", c->self);
473 * shutdown(sock, SHUT_READ) may return ENOTCONN if the
474 * write side has been closed already. (bug on Linux)
475 * HP-UX may return ENOTCONN also.
477 if (shutdown(c->sock, SHUT_RD) < 0
478 && errno != ENOTCONN)
479 error("channel %d: chan_shutdown_read: "
480 "shutdown() failed for fd%d [i%d o%d]: %.100s",
481 c->self, c->sock, c->istate, c->ostate,
484 if (channel_close_fd(&c->rfd) < 0)
485 logit("channel %d: chan_shutdown_read: "
486 "close() failed for fd%d: %.100s",
487 c->self, c->rfd, strerror(errno));