X-Git-Url: http://andersk.mit.edu/gitweb/openssh.git/blobdiff_plain/7819b5c305d08e18530a4cc4ebc3ee0c0cefadff..f9e4952c0d45a2afdc9267c8cc9500462a82ad11:/clientloop.c

diff --git a/clientloop.c b/clientloop.c
index e66b60cf..626b29a5 100644
--- a/clientloop.c
+++ b/clientloop.c
@@ -59,7 +59,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: clientloop.c,v 1.94 2001/12/28 15:06:00 markus Exp $");
+RCSID("$OpenBSD: clientloop.c,v 1.117 2003/12/16 15:49:51 markus Exp $");
 
 #include "ssh.h"
 #include "ssh1.h"
@@ -81,6 +81,7 @@ RCSID("$OpenBSD: clientloop.c,v 1.94 2001/12/28 15:06:00 markus Exp $");
 #include "atomicio.h"
 #include "sshtty.h"
 #include "misc.h"
+#include "readpass.h"
 
 /* import options */
 extern Options options;
@@ -88,6 +89,9 @@ extern Options options;
 /* Flag indicating that stdin should be redirected from /dev/null. */
 extern int stdin_null_flag;
 
+/* Flag indicating that no shell has been requested */
+extern int no_shell_flag;
+
 /*
  * Name of the host we are connecting to.  This is the name given on the
  * command line, or the HostName specified for the user-supplied name in a
@@ -123,6 +127,7 @@ static int connection_in;	/* Connection to server (input). */
 static int connection_out;	/* Connection to server (output). */
 static int need_rekeying;	/* Set to non-zero if rekeying is requested. */
 static int session_closed = 0;	/* In SSH2: login session closed. */
+static int server_alive_timeouts = 0;
 
 static void client_init_dispatch(void);
 int	session_ident = -1;
@@ -138,7 +143,6 @@ leave_non_blocking(void)
 	if (in_non_blocking_mode) {
 		(void) fcntl(fileno(stdin), F_SETFL, 0);
 		in_non_blocking_mode = 0;
-		fatal_remove_cleanup((void (*) (void *)) leave_non_blocking, NULL);
 	}
 }
 
@@ -149,7 +153,6 @@ enter_non_blocking(void)
 {
 	in_non_blocking_mode = 1;
 	(void) fcntl(fileno(stdin), F_SETFL, O_NONBLOCK);
-	fatal_add_cleanup((void (*) (void *)) leave_non_blocking, NULL);
 }
 
 /*
@@ -311,6 +314,24 @@ client_check_window_change(void)
 	}
 }
 
+static void
+client_global_request_reply(int type, u_int32_t seq, void *ctxt)
+{
+	server_alive_timeouts = 0;
+	client_global_request_reply_fwd(type, seq, ctxt);
+}
+
+static void
+server_alive_check(void)
+{
+	if (++server_alive_timeouts > options.server_alive_count_max)
+		packet_disconnect("Timeout, server not responding.");
+	packet_start(SSH2_MSG_GLOBAL_REQUEST);
+	packet_put_cstring("keepalive@openssh.com");
+	packet_put_char(1);     /* boolean: want reply */
+	packet_send();
+}
+
 /*
  * Waits until the client can do something (some data becomes available on
  * one of the file descriptors).
@@ -320,6 +341,9 @@ static void
 client_wait_until_can_do_something(fd_set **readsetp, fd_set **writesetp,
     int *maxfdp, int *nallocp, int rekeying)
 {
+	struct timeval tv, *tvp;
+	int ret;
+
 	/* Add any selections by the channel mechanism. */
 	channel_prepare_select(readsetp, writesetp, maxfdp, nallocp, rekeying);
 
@@ -361,13 +385,18 @@ client_wait_until_can_do_something(fd_set **readsetp, fd_set **writesetp,
 	/*
 	 * Wait for something to happen.  This will suspend the process until
 	 * some selected descriptor can be read, written, or has some other
-	 * event pending. Note: if you want to implement SSH_MSG_IGNORE
-	 * messages to fool traffic analysis, this might be the place to do
-	 * it: just have a random timeout for the select, and send a random
-	 * SSH_MSG_IGNORE packet when the timeout expires.
+	 * event pending.
 	 */
 
-	if (select((*maxfdp)+1, *readsetp, *writesetp, NULL, NULL) < 0) {
+	if (options.server_alive_interval == 0 || !compat20)
+		tvp = NULL;
+	else {  
+		tv.tv_sec = options.server_alive_interval;
+		tv.tv_usec = 0;
+		tvp = &tv;
+	}
+	ret = select((*maxfdp)+1, *readsetp, *writesetp, NULL, tvp);
+	if (ret < 0) {
 		char buf[100];
 
 		/*
@@ -384,7 +413,8 @@ client_wait_until_can_do_something(fd_set **readsetp, fd_set **writesetp,
 		snprintf(buf, sizeof buf, "select: %s\r\n", strerror(errno));
 		buffer_append(&stderr_buffer, buf, strlen(buf));
 		quit_pending = 1;
-	}
+	} else if (ret == 0)
+		server_alive_check();
 }
 
 static void
@@ -394,9 +424,9 @@ client_suspend_self(Buffer *bin, Buffer *bout, Buffer *berr)
 
 	/* Flush stdout and stderr buffers. */
 	if (buffer_len(bout) > 0)
-		atomicio(write, fileno(stdout), buffer_ptr(bout), buffer_len(bout));
+		atomicio(vwrite, fileno(stdout), buffer_ptr(bout), buffer_len(bout));
 	if (buffer_len(berr) > 0)
-		atomicio(write, fileno(stderr), buffer_ptr(berr), buffer_len(berr));
+		atomicio(vwrite, fileno(stderr), buffer_ptr(berr), buffer_len(berr));
 
 	leave_raw_mode();
 
@@ -470,6 +500,67 @@ client_process_net_input(fd_set * readset)
 	}
 }
 
+static void
+process_cmdline(void)
+{
+	void (*handler)(int);
+	char *s, *cmd;
+	u_short fwd_port, fwd_host_port;
+	char buf[1024], sfwd_port[6], sfwd_host_port[6];
+	int local = 0;
+
+	leave_raw_mode();
+	handler = signal(SIGINT, SIG_IGN);
+	cmd = s = read_passphrase("\r\nssh> ", RP_ECHO);
+	if (s == NULL)
+		goto out;
+	while (*s && isspace(*s))
+		s++;
+	if (*s == 0)
+		goto out;
+	if (strlen(s) < 2 || s[0] != '-' || !(s[1] == 'L' || s[1] == 'R')) {
+		logit("Invalid command.");
+		goto out;
+	}
+	if (s[1] == 'L')
+		local = 1;
+	if (!local && !compat20) {
+		logit("Not supported for SSH protocol version 1.");
+		goto out;
+	}
+	s += 2;
+	while (*s && isspace(*s))
+		s++;
+
+	if (sscanf(s, "%5[0-9]:%255[^:]:%5[0-9]",
+	    sfwd_port, buf, sfwd_host_port) != 3 &&
+	    sscanf(s, "%5[0-9]/%255[^/]/%5[0-9]",
+	    sfwd_port, buf, sfwd_host_port) != 3) {
+		logit("Bad forwarding specification.");
+		goto out;
+	}
+	if ((fwd_port = a2port(sfwd_port)) == 0 ||
+	    (fwd_host_port = a2port(sfwd_host_port)) == 0) {
+		logit("Bad forwarding port(s).");
+		goto out;
+	}
+	if (local) {
+		if (channel_setup_local_fwd_listener(fwd_port, buf,
+		    fwd_host_port, options.gateway_ports) < 0) {
+			logit("Port forwarding failed.");
+			goto out;
+		}
+	} else
+		channel_request_remote_forwarding(fwd_port, buf,
+		    fwd_host_port);
+	logit("Forwarding port.");
+out:
+	signal(SIGINT, handler);
+	enter_raw_mode();
+	if (cmd)
+		xfree(cmd);
+}
+
 /* process the characters one by one */
 static int
 process_escapes(Buffer *bin, Buffer *bout, Buffer *berr, char *buf, int len)
@@ -512,10 +603,23 @@ process_escapes(Buffer *bin, Buffer *bout, Buffer *berr, char *buf, int len)
 				/* We have been continued. */
 				continue;
 
+			case 'B':
+				if (compat20) {
+					snprintf(string, sizeof string,
+					    "%cB\r\n", escape_char);
+					buffer_append(berr, string,
+					    strlen(string));
+					channel_request_start(session_ident,
+					    "break", 0);
+					packet_put_int(1000);
+					packet_send();
+				}
+				continue;
+
 			case 'R':
 				if (compat20) {
 					if (datafellows & SSH_BUG_NOREKEY)
-						log("Server does not support re-keying");
+						logit("Server does not support re-keying");
 					else
 						need_rekeying = 1;
 				}
@@ -573,15 +677,19 @@ process_escapes(Buffer *bin, Buffer *bout, Buffer *berr, char *buf, int len)
 				snprintf(string, sizeof string,
 "%c?\r\n\
 Supported escape sequences:\r\n\
-~.  - terminate connection\r\n\
-~R  - Request rekey (SSH protocol 2 only)\r\n\
-~^Z - suspend ssh\r\n\
-~#  - list forwarded connections\r\n\
-~&  - background ssh (when waiting for connections to terminate)\r\n\
-~?  - this message\r\n\
-~~  - send the escape character by typing it twice\r\n\
+%c.  - terminate connection\r\n\
+%cB  - send a BREAK to the remote system\r\n\
+%cC  - open a command line\r\n\
+%cR  - Request rekey (SSH protocol 2 only)\r\n\
+%c^Z - suspend ssh\r\n\
+%c#  - list forwarded connections\r\n\
+%c&  - background ssh (when waiting for connections to terminate)\r\n\
+%c?  - this message\r\n\
+%c%c  - send the escape character by typing it twice\r\n\
 (Note that escapes are only recognized immediately after newline.)\r\n",
-					 escape_char);
+				    escape_char, escape_char, escape_char, escape_char,
+				    escape_char, escape_char, escape_char, escape_char,
+				    escape_char, escape_char, escape_char);
 				buffer_append(berr, string, strlen(string));
 				continue;
 
@@ -593,6 +701,10 @@ Supported escape sequences:\r\n\
 				xfree(s);
 				continue;
 
+			case 'C':
+				process_cmdline();
+				continue;
+
 			default:
 				if (ch != escape_char) {
 					buffer_put_char(bin, escape_char);
@@ -761,8 +873,7 @@ client_channel_closed(int id, void *arg)
 		    id, session_ident);
 	channel_cancel_cleanup(id);
 	session_closed = 1;
-	if (in_raw_mode())
-		leave_raw_mode();
+	leave_raw_mode();
 }
 
 /*
@@ -819,10 +930,16 @@ client_loop(int have_pty, int escape_char_arg, int ssh2_chan_id)
 
 	client_init_dispatch();
 
-	/* Set signal handlers to restore non-blocking mode.  */
-	signal(SIGINT, signal_handler);
-	signal(SIGQUIT, signal_handler);
-	signal(SIGTERM, signal_handler);
+	/*
+	 * Set signal handlers, (e.g. to restore non-blocking mode)
+	 * but don't overwrite SIG_IGN, matches behaviour from rsh(1)
+	 */
+	if (signal(SIGINT, SIG_IGN) != SIG_IGN)
+		signal(SIGINT, signal_handler);
+	if (signal(SIGQUIT, SIG_IGN) != SIG_IGN)
+		signal(SIGQUIT, signal_handler);
+	if (signal(SIGTERM, SIG_IGN) != SIG_IGN)
+		signal(SIGTERM, signal_handler);
 	if (have_pty)
 		signal(SIGWINCH, window_change_handler);
 
@@ -893,9 +1010,8 @@ client_loop(int have_pty, int escape_char_arg, int ssh2_chan_id)
 		/* Do channel operations unless rekeying in progress. */
 		if (!rekeying) {
 			channel_after_select(readset, writeset);
-
-			if (need_rekeying) {
-				debug("user requests rekeying");
+			if (need_rekeying || packet_need_rekeying()) {
+				debug("need rekeying");
 				xxx_kex->done = 0;
 				kex_send_kexinit(xxx_kex);
 				need_rekeying = 0;
@@ -946,12 +1062,19 @@ client_loop(int have_pty, int escape_char_arg, int ssh2_chan_id)
 	if (!isatty(fileno(stderr)))
 		unset_nonblock(fileno(stderr));
 
-	if (received_signal) {
-		if (in_non_blocking_mode)	/* XXX */
-			leave_non_blocking();
-		fatal("Killed by signal %d.", (int) received_signal);
+	/*
+	 * If there was no shell or command requested, there will be no remote
+	 * exit status to be returned.  In that case, clear error code if the
+	 * connection was deliberately terminated at this end.
+	 */
+	if (no_shell_flag && received_signal == SIGTERM) {
+		received_signal = 0;
+		exit_status = 0;
 	}
 
+	if (received_signal)
+		fatal("Killed by signal %d.", (int) received_signal);
+
 	/*
 	 * In interactive mode (with pseudo tty) display a message indicating
 	 * that the connection has been closed.
@@ -1043,11 +1166,51 @@ client_input_exit_status(int type, u_int32_t seq, void *ctxt)
 	/* Flag that we want to exit. */
 	quit_pending = 1;
 }
+static void
+client_input_agent_open(int type, u_int32_t seq, void *ctxt)
+{
+	Channel *c = NULL;
+	int remote_id, sock;
+
+	/* Read the remote channel number from the message. */
+	remote_id = packet_get_int();
+	packet_check_eom();
+
+	/*
+	 * Get a connection to the local authentication agent (this may again
+	 * get forwarded).
+	 */
+	sock = ssh_get_authentication_socket();
+
+	/*
+	 * If we could not connect the agent, send an error message back to
+	 * the server. This should never happen unless the agent dies,
+	 * because authentication forwarding is only enabled if we have an
+	 * agent.
+	 */
+	if (sock >= 0) {
+		c = channel_new("", SSH_CHANNEL_OPEN, sock, sock,
+		    -1, 0, 0, 0, "authentication agent connection", 1);
+		c->remote_id = remote_id;
+		c->force_drain = 1;
+	}
+	if (c == NULL) {
+		packet_start(SSH_MSG_CHANNEL_OPEN_FAILURE);
+		packet_put_int(remote_id);
+	} else {
+		/* Send a confirmation to the remote host. */
+		debug("Forwarding authentication connection.");
+		packet_start(SSH_MSG_CHANNEL_OPEN_CONFIRMATION);
+		packet_put_int(remote_id);
+		packet_put_int(c->self);
+	}
+	packet_send();
+}
 
 static Channel *
 client_request_forwarded_tcpip(const char *request_type, int rchan)
 {
-	Channel* c = NULL;
+	Channel *c = NULL;
 	char *listen_address, *originator_address;
 	int listen_port, originator_port;
 	int sock;
@@ -1071,17 +1234,13 @@ client_request_forwarded_tcpip(const char *request_type, int rchan)
 	c = channel_new("forwarded-tcpip",
 	    SSH_CHANNEL_CONNECTING, sock, sock, -1,
 	    CHAN_TCP_WINDOW_DEFAULT, CHAN_TCP_WINDOW_DEFAULT, 0,
-	    xstrdup(originator_address), 1);
-	if (c == NULL) {
-		error("client_request_forwarded_tcpip: channel_new failed");
-		close(sock);
-	}
+	    originator_address, 1);
 	xfree(originator_address);
 	xfree(listen_address);
 	return c;
 }
 
-static Channel*
+static Channel *
 client_request_x11(const char *request_type, int rchan)
 {
 	Channel *c = NULL;
@@ -1111,17 +1270,12 @@ client_request_x11(const char *request_type, int rchan)
 		return NULL;
 	c = channel_new("x11",
 	    SSH_CHANNEL_X11_OPEN, sock, sock, -1,
-	    CHAN_TCP_WINDOW_DEFAULT, CHAN_X11_PACKET_DEFAULT, 0,
-	    xstrdup("x11"), 1);
-	if (c == NULL) {
-		error("client_request_x11: channel_new failed");
-		close(sock);
-	}
+	    CHAN_TCP_WINDOW_DEFAULT, CHAN_X11_PACKET_DEFAULT, 0, "x11", 1);
 	c->force_drain = 1;
 	return c;
 }
 
-static Channel*
+static Channel *
 client_request_agent(const char *request_type, int rchan)
 {
 	Channel *c = NULL;
@@ -1138,11 +1292,7 @@ client_request_agent(const char *request_type, int rchan)
 	c = channel_new("authentication agent connection",
 	    SSH_CHANNEL_OPEN, sock, sock, -1,
 	    CHAN_X11_WINDOW_DEFAULT, CHAN_TCP_WINDOW_DEFAULT, 0,
-	    xstrdup("authentication agent connection"), 1);
-	if (c == NULL) {
-		error("client_request_agent: channel_new failed");
-		close(sock);
-	}
+	    "authentication agent connection", 1);
 	c->force_drain = 1;
 	return c;
 }
@@ -1153,10 +1303,8 @@ client_input_channel_open(int type, u_int32_t seq, void *ctxt)
 {
 	Channel *c = NULL;
 	char *ctype;
-	u_int len;
 	int rchan;
-	int rmaxpack;
-	int rwindow;
+	u_int rmaxpack, rwindow, len;
 
 	ctype = packet_get_string(&len);
 	rchan = packet_get_int();
@@ -1236,11 +1384,31 @@ client_input_channel_req(int type, u_int32_t seq, void *ctxt)
 	}
 	xfree(rtype);
 }
+static void
+client_input_global_request(int type, u_int32_t seq, void *ctxt)
+{
+	char *rtype;
+	int want_reply;
+	int success = 0;
+
+	rtype = packet_get_string(NULL);
+	want_reply = packet_get_char();
+	debug("client_input_global_request: rtype %s want_reply %d",
+	    rtype, want_reply);
+	if (want_reply) {
+		packet_start(success ?
+		    SSH2_MSG_REQUEST_SUCCESS : SSH2_MSG_REQUEST_FAILURE);
+		packet_send();
+		packet_write_wait();
+	}
+	xfree(rtype);
+}
 
 static void
 client_init_dispatch_20(void)
 {
 	dispatch_init(&dispatch_protocol_error);
+
 	dispatch_set(SSH2_MSG_CHANNEL_CLOSE, &channel_input_oclose);
 	dispatch_set(SSH2_MSG_CHANNEL_DATA, &channel_input_data);
 	dispatch_set(SSH2_MSG_CHANNEL_EOF, &channel_input_ieof);
@@ -1250,9 +1418,14 @@ client_init_dispatch_20(void)
 	dispatch_set(SSH2_MSG_CHANNEL_OPEN_FAILURE, &channel_input_open_failure);
 	dispatch_set(SSH2_MSG_CHANNEL_REQUEST, &client_input_channel_req);
 	dispatch_set(SSH2_MSG_CHANNEL_WINDOW_ADJUST, &channel_input_window_adjust);
+	dispatch_set(SSH2_MSG_GLOBAL_REQUEST, &client_input_global_request);
 
 	/* rekeying */
 	dispatch_set(SSH2_MSG_KEXINIT, &kex_input_kexinit);
+
+	/* global request reply messages */
+	dispatch_set(SSH2_MSG_REQUEST_FAILURE, &client_global_request_reply);
+	dispatch_set(SSH2_MSG_REQUEST_SUCCESS, &client_global_request_reply);
 }
 static void
 client_init_dispatch_13(void)
@@ -1269,7 +1442,7 @@ client_init_dispatch_13(void)
 	dispatch_set(SSH_SMSG_STDOUT_DATA, &client_input_stdout_data);
 
 	dispatch_set(SSH_SMSG_AGENT_OPEN, options.forward_agent ?
-	    &auth_input_open_request : &deny_input_open);
+	    &client_input_agent_open : &deny_input_open);
 	dispatch_set(SSH_SMSG_X11_OPEN, options.forward_x11 ?
 	    &x11_input_open : &deny_input_open);
 }
@@ -1290,3 +1463,12 @@ client_init_dispatch(void)
 	else
 		client_init_dispatch_15();
 }
+
+/* client specific fatal cleanup */
+void
+cleanup_exit(int i)
+{
+	leave_raw_mode();
+	leave_non_blocking();
+	_exit(i);
+}