*/
#include "includes.h"
-RCSID("$OpenBSD: channels.c,v 1.164 2002/02/03 17:55:55 markus Exp $");
+RCSID("$OpenBSD: channels.c,v 1.179 2002/06/26 08:55:02 markus Exp $");
#include "ssh.h"
#include "ssh1.h"
#include "ssh2.h"
#include "packet.h"
#include "xmalloc.h"
-#include "uidswap.h"
#include "log.h"
#include "misc.h"
#include "channels.h"
#define NUM_SOCKS 10
-/* Name and directory of socket for authentication agent forwarding. */
-static char *auth_sock_name = NULL;
-static char *auth_sock_dir = NULL;
-
/* AF_UNSPEC or AF_INET or AF_INET6 */
static int IPv4or6 = AF_UNSPEC;
{
Channel *c;
- if (id < 0 || id > channels_alloc) {
+ if (id < 0 || id >= channels_alloc) {
log("channel_lookup: %d: bad id", id);
return NULL;
}
Channel *
channel_new(char *ctype, int type, int rfd, int wfd, int efd,
- int window, int maxpack, int extusage, char *remote_name, int nonblock)
+ u_int window, u_int maxpack, int extusage, char *remote_name, int nonblock)
{
int i, found;
Channel *c;
/* There are no free slots. Take last+1 slot and expand the array. */
found = channels_alloc;
channels_alloc += 10;
+ if (channels_alloc > 10000)
+ fatal("channel_new: internal error: channels_alloc %d "
+ "too big.", channels_alloc);
debug2("channel: expanding %d", channels_alloc);
channels = xrealloc(channels, channels_alloc * sizeof(Channel *));
for (i = found; i < channels_alloc; i++)
c->remote_name = remote_name;
c->remote_window = 0;
c->remote_maxpacket = 0;
- c->cb_fn = NULL;
- c->cb_arg = NULL;
- c->cb_event = 0;
c->force_drain = 0;
c->single_connection = 0;
c->detach_user = NULL;
+ c->confirm = NULL;
c->input_filter = NULL;
debug("channel %d: new [%s]", found, remote_name);
return c;
}
void
-channel_request(int id, char *service, int wantconfirm)
-{
- channel_request_start(id, service, wantconfirm);
- packet_send();
- debug("channel request %d: %s", id, service) ;
-}
-void
-channel_request_start(int id, char *service, int wantconfirm)
+channel_request_start(int local_id, char *service, int wantconfirm)
{
- Channel *c = channel_lookup(id);
+ Channel *c = channel_lookup(local_id);
if (c == NULL) {
- log("channel_request: %d: bad id", id);
+ log("channel_request_start: %d: unknown channel id", local_id);
return;
}
+ debug("channel request %d: %s", local_id, service) ;
packet_start(SSH2_MSG_CHANNEL_REQUEST);
packet_put_int(c->remote_id);
packet_put_cstring(service);
packet_put_char(wantconfirm);
}
void
-channel_register_callback(int id, int mtype, channel_callback_fn *fn, void *arg)
+channel_register_confirm(int id, channel_callback_fn *fn)
{
Channel *c = channel_lookup(id);
if (c == NULL) {
- log("channel_register_callback: %d: bad id", id);
+ log("channel_register_comfirm: %d: bad id", id);
return;
}
- c->cb_event = mtype;
- c->cb_fn = fn;
- c->cb_arg = arg;
+ c->confirm = fn;
}
void
channel_register_cleanup(int id, channel_callback_fn *fn)
void
channel_set_fds(int id, int rfd, int wfd, int efd,
- int extusage, int nonblock)
+ int extusage, int nonblock, u_int window_max)
{
Channel *c = channel_lookup(id);
if (c == NULL || c->type != SSH_CHANNEL_LARVAL)
fatal("channel_activate for non-larval channel %d.", id);
channel_register_fds(c, rfd, wfd, efd, extusage, nonblock);
c->type = SSH_CHANNEL_OPEN;
- /* XXX window size? */
- c->local_window = c->local_window_max = c->local_maxpacket * 2;
+ c->local_window = c->local_window_max = window_max;
packet_start(SSH2_MSG_CHANNEL_WINDOW_ADJUST);
packet_put_int(c->remote_id);
packet_put_int(c->local_window);
if (buffer_len(&c->output) > 0) {
FD_SET(c->wfd, writeset);
} else if (c->ostate == CHAN_OUTPUT_WAIT_DRAIN) {
- chan_obuf_empty(c);
+ if (CHANNEL_EFD_OUTPUT_ACTIVE(c))
+ debug2("channel %d: obuf_empty delayed efd %d/(%d)",
+ c->self, c->efd, buffer_len(&c->extended));
+ else
+ chan_obuf_empty(c);
}
}
/** XXX check close conditions, too */
if (c->extended_usage == CHAN_EXTENDED_WRITE &&
buffer_len(&c->extended) > 0)
FD_SET(c->efd, writeset);
- else if (c->extended_usage == CHAN_EXTENDED_READ &&
+ else if (!(c->flags & CHAN_EOF_SENT) &&
+ c->extended_usage == CHAN_EXTENDED_READ &&
buffer_len(&c->extended) < c->remote_window)
FD_SET(c->efd, readset);
}
SSH_CHANNEL_OPENING, newsock, newsock, -1,
c->local_window_max, c->local_maxpacket,
0, xstrdup(buf), 1);
- if (nc == NULL) {
- close(newsock);
- xfree(remote_ipaddr);
- return;
- }
if (compat20) {
packet_start(SSH2_MSG_CHANNEL_OPEN);
packet_put_cstring("x11");
error("accept: %.100s", strerror(errno));
return;
}
+ set_nodelay(newsock);
nc = channel_new(rtype,
nextstate, newsock, newsock, -1,
c->local_window_max, c->local_maxpacket,
0, xstrdup(rtype), 1);
- if (nc == NULL) {
- error("channel_post_port_listener: no new channel:");
- close(newsock);
- return;
- }
nc->listening_port = c->listening_port;
nc->host_port = c->host_port;
strlcpy(nc->path, c->path, sizeof(nc->path));
SSH_CHANNEL_OPENING, newsock, newsock, -1,
c->local_window_max, c->local_maxpacket,
0, name, 1);
- if (nc == NULL) {
- error("channel_post_auth_listener: channel_new failed");
- xfree(name);
- close(newsock);
- }
if (compat20) {
packet_start(SSH2_MSG_CHANNEL_OPEN);
packet_put_cstring("auth-agent@openssh.com");
socklen_t sz = sizeof(err);
if (FD_ISSET(c->sock, writeset)) {
- if (getsockopt(c->sock, SOL_SOCKET, SO_ERROR, (char *)&err,
- &sz) < 0) {
+ if (getsockopt(c->sock, SOL_SOCKET, SO_ERROR, &err, &sz) < 0) {
err = errno;
error("getsockopt SO_ERROR failed");
}
data = buffer_ptr(&c->output);
dlen = buffer_len(&c->output);
len = write(c->wfd, data, dlen);
+#ifdef _AIX
+ /* XXX: Later AIX versions can't push as much data to tty */
+ if (compat20 && c->isatty && dlen >= 8*1024)
+ dlen = 8*1024;
+#endif
if (len < 0 && (errno == EINTR || errno == EAGAIN))
return 1;
if (len <= 0) {
void
channel_output_poll(void)
{
- int len, i;
Channel *c;
+ int i;
+ u_int len;
for (i = 0; i < channels_alloc; i++) {
c = channels[i];
fatal("cannot happen: istate == INPUT_WAIT_DRAIN for proto 1.3");
/*
* input-buffer is empty and read-socket shutdown:
- * tell peer, that we will not send more data: send IEOF
+ * tell peer, that we will not send more data: send IEOF.
+ * hack for extended data: delay EOF if EFD still in use.
*/
- chan_ibuf_empty(c);
+ if (CHANNEL_EFD_INPUT_ACTIVE(c))
+ debug2("channel %d: ibuf_empty delayed efd %d/(%d)",
+ c->self, c->efd, buffer_len(&c->extended));
+ else
+ chan_ibuf_empty(c);
}
/* Send extended data, i.e. stderr */
if (compat20 &&
+ !(c->flags & CHAN_EOF_SENT) &&
c->remote_window > 0 &&
(len = buffer_len(&c->extended)) > 0 &&
c->extended_usage == CHAN_EXTENDED_READ) {
- debug2("channel %d: rwin %d elen %d euse %d",
+ debug2("channel %d: rwin %u elen %u euse %d",
c->self, c->remote_window, buffer_len(&c->extended),
c->extended_usage);
if (len > c->remote_window)
channel_input_extended_data(int type, u_int32_t seq, void *ctxt)
{
int id;
- int tcode;
char *data;
- u_int data_len;
+ u_int data_len, tcode;
Channel *c;
/* Get the channel number and verify it. */
log("channel %d: ext data for non open", id);
return;
}
+ if (c->flags & CHAN_EOF_RCVD) {
+ if (datafellows & SSH_BUG_EXTEOF)
+ debug("channel %d: accepting ext data after eof", id);
+ else
+ packet_disconnect("Received extended_data after EOF "
+ "on channel %d.", id);
+ }
tcode = packet_get_int();
if (c->efd == -1 ||
c->extended_usage != CHAN_EXTENDED_WRITE ||
if (compat20) {
c->remote_window = packet_get_int();
c->remote_maxpacket = packet_get_int();
- if (c->cb_fn != NULL && c->cb_event == type) {
+ if (c->confirm) {
debug2("callback start");
- c->cb_fn(c->self, c->cb_arg);
+ c->confirm(c->self, NULL);
debug2("callback done");
}
- debug("channel %d: open confirm rwindow %d rmax %d", c->self,
+ debug("channel %d: open confirm rwindow %u rmax %u", c->self,
c->remote_window, c->remote_maxpacket);
}
packet_check_eom();
channel_input_window_adjust(int type, u_int32_t seq, void *ctxt)
{
Channel *c;
- int id, adjust;
+ int id;
+ u_int adjust;
if (!compat20)
return;
}
adjust = packet_get_int();
packet_check_eom();
- debug2("channel %d: rcvd adjust %d", id, adjust);
+ debug2("channel %d: rcvd adjust %u", id, adjust);
c->remote_window += adjust;
}
c = channel_new("connected socket",
SSH_CHANNEL_CONNECTING, sock, sock, -1, 0, 0, 0,
originator_string, 1);
- if (c == NULL) {
- error("channel_input_port_open: channel_new failed");
- close(sock);
- } else {
- c->remote_id = remote_id;
- }
+ c->remote_id = remote_id;
}
if (c == NULL) {
packet_start(SSH_MSG_CHANNEL_OPEN_FAILURE);
* Set socket options. We would like the socket to disappear
* as soon as it has been closed for whatever reason.
*/
- setsockopt(sock, SOL_SOCKET, SO_REUSEADDR, (void *)&on, sizeof(on));
+ setsockopt(sock, SOL_SOCKET, SO_REUSEADDR, &on, sizeof(on));
linger.l_onoff = 1;
linger.l_linger = 5;
- setsockopt(sock, SOL_SOCKET, SO_LINGER, (void *)&linger, sizeof(linger));
+ setsockopt(sock, SOL_SOCKET, SO_LINGER, &linger, sizeof(linger));
debug("Local forwarding listening on %s port %s.", ntop, strport);
/* Bind the socket to the address. */
c = channel_new("port listener", type, sock, sock, -1,
CHAN_TCP_WINDOW_DEFAULT, CHAN_TCP_PACKET_DEFAULT,
0, xstrdup("port listener"), 1);
- if (c == NULL) {
- error("channel_setup_fwd_listener: channel_new failed");
- close(sock);
- continue;
- }
strlcpy(c->path, host, sizeof(c->path));
c->host_port = port_to_connect;
c->listening_port = listen_port;
const char *address_to_bind = "0.0.0.0";
packet_start(SSH2_MSG_GLOBAL_REQUEST);
packet_put_cstring("tcpip-forward");
- packet_put_char(0); /* boolean: want reply */
+ packet_put_char(1); /* boolean: want reply */
packet_put_cstring(address_to_bind);
packet_put_int(listen_port);
packet_send();
return -1;
}
/* success */
+ set_nodelay(sock);
return sock;
}
/*
* Creates an internet domain socket for listening for X11 connections.
- * Returns a suitable display number for the DISPLAY variable, or -1 if
- * an error occurs.
+ * Returns 0 and a suitable display number for the DISPLAY variable
+ * stored in display_numberp , or -1 if an error occurs.
*/
int
x11_create_display_inet(int x11_display_offset, int x11_use_localhost,
- int single_connection)
+ int single_connection, u_int *display_numberp)
{
Channel *nc = NULL;
int display_number, sock;
continue;
}
}
+#ifdef IPV6_V6ONLY
+ if (ai->ai_family == AF_INET6) {
+ int on = 1;
+ if (setsockopt(sock, IPPROTO_IPV6, IPV6_V6ONLY, &on, sizeof(on)) < 0)
+ error("setsockopt IPV6_V6ONLY: %.100s", strerror(errno));
+ }
+#endif
if (bind(sock, ai->ai_addr, ai->ai_addrlen) < 0) {
debug("bind port %d: %.100s", port, strerror(errno));
close(sock);
if (num_socks == NUM_SOCKS)
break;
#else
- break;
+ if (x11_use_localhost) {
+ if (num_socks == NUM_SOCKS)
+ break;
+ } else {
+ break;
+ }
#endif
}
freeaddrinfo(aitop);
SSH_CHANNEL_X11_LISTENER, sock, sock, -1,
CHAN_X11_WINDOW_DEFAULT, CHAN_X11_PACKET_DEFAULT,
0, xstrdup("X11 inet listener"), 1);
- if (nc != NULL)
- nc->single_connection = single_connection;
+ nc->single_connection = single_connection;
}
/* Return the display number for the DISPLAY environment variable. */
- return display_number;
+ *display_numberp = display_number;
+ return (0);
}
static int
c = channel_new("connected x11 socket",
SSH_CHANNEL_X11_OPEN, sock, sock, -1, 0, 0, 0,
remote_host, 1);
- if (c == NULL) {
- error("x11_input_open: channel_new failed");
- close(sock);
- } else {
- c->remote_id = remote_id;
- c->force_drain = 1;
- }
+ c->remote_id = remote_id;
+ c->force_drain = 1;
}
if (c == NULL) {
/* Send refusal to the remote host. */
packet_write_wait();
}
-/*
- * Returns the name of the forwarded authentication socket. Returns NULL if
- * there is no forwarded authentication socket. The returned value points to
- * a static buffer.
- */
-
-char *
-auth_get_socket_name(void)
-{
- return auth_sock_name;
-}
-
-/* removes the agent forwarding socket */
-
-void
-auth_sock_cleanup_proc(void *_pw)
-{
- struct passwd *pw = _pw;
-
- if (auth_sock_name) {
- temporarily_use_uid(pw);
- unlink(auth_sock_name);
- rmdir(auth_sock_dir);
- auth_sock_name = NULL;
- restore_uid();
- }
-}
-
-/*
- * This is called to process SSH_CMSG_AGENT_REQUEST_FORWARDING on the server.
- * This starts forwarding authentication requests.
- */
-
-int
-auth_input_request_forwarding(struct passwd * pw)
-{
- Channel *nc;
- int sock;
- struct sockaddr_un sunaddr;
-
- if (auth_get_socket_name() != NULL) {
- error("authentication forwarding requested twice.");
- return 0;
- }
-
- /* Temporarily drop privileged uid for mkdir/bind. */
- temporarily_use_uid(pw);
-
- /* Allocate a buffer for the socket name, and format the name. */
- auth_sock_name = xmalloc(MAXPATHLEN);
- auth_sock_dir = xmalloc(MAXPATHLEN);
- strlcpy(auth_sock_dir, "/tmp/ssh-XXXXXXXX", MAXPATHLEN);
-
- /* Create private directory for socket */
- if (mkdtemp(auth_sock_dir) == NULL) {
- packet_send_debug("Agent forwarding disabled: "
- "mkdtemp() failed: %.100s", strerror(errno));
- restore_uid();
- xfree(auth_sock_name);
- xfree(auth_sock_dir);
- auth_sock_name = NULL;
- auth_sock_dir = NULL;
- return 0;
- }
- snprintf(auth_sock_name, MAXPATHLEN, "%s/agent.%d",
- auth_sock_dir, (int) getpid());
-
- /* delete agent socket on fatal() */
- fatal_add_cleanup(auth_sock_cleanup_proc, pw);
-
- /* Create the socket. */
- sock = socket(AF_UNIX, SOCK_STREAM, 0);
- if (sock < 0)
- packet_disconnect("socket: %.100s", strerror(errno));
-
- /* Bind it to the name. */
- memset(&sunaddr, 0, sizeof(sunaddr));
- sunaddr.sun_family = AF_UNIX;
- strlcpy(sunaddr.sun_path, auth_sock_name, sizeof(sunaddr.sun_path));
-
- if (bind(sock, (struct sockaddr *) & sunaddr, sizeof(sunaddr)) < 0)
- packet_disconnect("bind: %.100s", strerror(errno));
-
- /* Restore the privileged uid. */
- restore_uid();
-
- /* Start listening on the socket. */
- if (listen(sock, 5) < 0)
- packet_disconnect("listen: %.100s", strerror(errno));
-
- /* Allocate a channel for the authentication agent socket. */
- nc = channel_new("auth socket",
- SSH_CHANNEL_AUTH_SOCKET, sock, sock, -1,
- CHAN_X11_WINDOW_DEFAULT, CHAN_X11_PACKET_DEFAULT,
- 0, xstrdup("auth socket"), 1);
- if (nc == NULL) {
- error("auth_input_request_forwarding: channel_new failed");
- auth_sock_cleanup_proc(pw);
- fatal_remove_cleanup(auth_sock_cleanup_proc, pw);
- close(sock);
- return 0;
- }
- strlcpy(nc->path, auth_sock_name, sizeof(nc->path));
- return 1;
-}
-
/* This is called to process an SSH_SMSG_AGENT_OPEN message. */
void
name = xstrdup("authentication agent connection");
c = channel_new("", SSH_CHANNEL_OPEN, sock, sock,
-1, 0, 0, 0, name, 1);
- if (c == NULL) {
- error("auth_input_open_request: channel_new failed");
- xfree(name);
- close(sock);
- } else {
- c->remote_id = remote_id;
- c->force_drain = 1;
- }
+ c->remote_id = remote_id;
+ c->force_drain = 1;
}
if (c == NULL) {
packet_start(SSH_MSG_CHANNEL_OPEN_FAILURE);