| version 1.57.2.2, 2000/09/01 18:23:18 |
version 1.57.2.3, 2000/11/08 21:30:32 |
|
|
| /* |
/* |
| * |
|
| * channels.c |
|
| * |
|
| * Author: Tatu Ylonen <ylo@cs.hut.fi> |
* Author: Tatu Ylonen <ylo@cs.hut.fi> |
| * |
|
| * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
| * All rights reserved |
* All rights reserved |
| * |
|
| * Created: Fri Mar 24 16:35:24 1995 ylo |
|
| * |
|
| * This file contains functions for generic socket connection forwarding. |
* This file contains functions for generic socket connection forwarding. |
| * There is also code for initiating connection forwarding for X11 connections, |
* There is also code for initiating connection forwarding for X11 connections, |
| * arbitrary tcp/ip connections, and the authentication agent connection. |
* arbitrary tcp/ip connections, and the authentication agent connection. |
| * |
* |
| |
* As far as I am concerned, the code I have written for this software |
| |
* can be used freely for any purpose. Any derived versions of this |
| |
* software must be clearly marked as such, and if the derived work is |
| |
* incompatible with the protocol description in the RFC file, it must be |
| |
* called by a name other than "ssh" or "Secure Shell". |
| |
* |
| |
* |
| * SSH2 support added by Markus Friedl. |
* SSH2 support added by Markus Friedl. |
| |
* Copyright (c) 1999,2000 Markus Friedl. All rights reserved. |
| |
* Copyright (c) 1999 Dug Song. All rights reserved. |
| |
* Copyright (c) 1999 Theo de Raadt. All rights reserved. |
| |
* |
| |
* Redistribution and use in source and binary forms, with or without |
| |
* modification, are permitted provided that the following conditions |
| |
* are met: |
| |
* 1. Redistributions of source code must retain the above copyright |
| |
* notice, this list of conditions and the following disclaimer. |
| |
* 2. Redistributions in binary form must reproduce the above copyright |
| |
* notice, this list of conditions and the following disclaimer in the |
| |
* documentation and/or other materials provided with the distribution. |
| |
* |
| |
* THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR |
| |
* IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES |
| |
* OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. |
| |
* IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, |
| |
* INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT |
| |
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, |
| |
* DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY |
| |
* THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT |
| |
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF |
| |
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |
| */ |
*/ |
| |
|
| #include "includes.h" |
#include "includes.h" |
|
|
| /* Max len of agent socket */ |
/* Max len of agent socket */ |
| #define MAX_SOCKET_NAME 100 |
#define MAX_SOCKET_NAME 100 |
| |
|
| /* default window/packet sizes for tcp/x11-fwd-channel */ |
|
| #define CHAN_TCP_WINDOW_DEFAULT (8*1024) |
|
| #define CHAN_TCP_PACKET_DEFAULT (CHAN_TCP_WINDOW_DEFAULT/2) |
|
| #define CHAN_X11_WINDOW_DEFAULT (4*1024) |
|
| #define CHAN_X11_PACKET_DEFAULT (CHAN_X11_WINDOW_DEFAULT/2) |
|
| |
|
| /* |
/* |
| * Pointer to an array containing all allocated channels. The array is |
* Pointer to an array containing all allocated channels. The array is |
| * dynamically extended as needed. |
* dynamically extended as needed. |
|
|
| */ |
*/ |
| |
|
| void |
void |
| channel_register_fds(Channel *c, int rfd, int wfd, int efd, int extusage) |
channel_register_fds(Channel *c, int rfd, int wfd, int efd, |
| |
int extusage, int nonblock) |
| { |
{ |
| /* Update the maximum file descriptor value. */ |
/* Update the maximum file descriptor value. */ |
| if (rfd > channel_max_fd_value) |
if (rfd > channel_max_fd_value) |
|
|
| c->sock = (rfd == wfd) ? rfd : -1; |
c->sock = (rfd == wfd) ? rfd : -1; |
| c->efd = efd; |
c->efd = efd; |
| c->extended_usage = extusage; |
c->extended_usage = extusage; |
| if (rfd != -1) |
|
| set_nonblock(rfd); |
/* enable nonblocking mode */ |
| if (wfd != -1) |
if (nonblock) { |
| set_nonblock(wfd); |
if (rfd != -1) |
| if (efd != -1) |
set_nonblock(rfd); |
| set_nonblock(efd); |
if (wfd != -1) |
| |
set_nonblock(wfd); |
| |
if (efd != -1) |
| |
set_nonblock(efd); |
| |
} |
| } |
} |
| |
|
| /* |
/* |
|
|
| |
|
| int |
int |
| channel_new(char *ctype, int type, int rfd, int wfd, int efd, |
channel_new(char *ctype, int type, int rfd, int wfd, int efd, |
| int window, int maxpack, int extusage, char *remote_name) |
int window, int maxpack, int extusage, char *remote_name, int nonblock) |
| { |
{ |
| int i, found; |
int i, found; |
| Channel *c; |
Channel *c; |
|
|
| /* There are no free slots. Take last+1 slot and expand the array. */ |
/* There are no free slots. Take last+1 slot and expand the array. */ |
| found = channels_alloc; |
found = channels_alloc; |
| channels_alloc += 10; |
channels_alloc += 10; |
| debug("channel: expanding %d", channels_alloc); |
debug2("channel: expanding %d", channels_alloc); |
| channels = xrealloc(channels, channels_alloc * sizeof(Channel)); |
channels = xrealloc(channels, channels_alloc * sizeof(Channel)); |
| for (i = found; i < channels_alloc; i++) |
for (i = found; i < channels_alloc; i++) |
| channels[i].type = SSH_CHANNEL_FREE; |
channels[i].type = SSH_CHANNEL_FREE; |
|
|
| buffer_init(&c->output); |
buffer_init(&c->output); |
| buffer_init(&c->extended); |
buffer_init(&c->extended); |
| chan_init_iostates(c); |
chan_init_iostates(c); |
| channel_register_fds(c, rfd, wfd, efd, extusage); |
channel_register_fds(c, rfd, wfd, efd, extusage, nonblock); |
| c->self = found; |
c->self = found; |
| c->type = type; |
c->type = type; |
| c->ctype = ctype; |
c->ctype = ctype; |
|
|
| int |
int |
| channel_allocate(int type, int sock, char *remote_name) |
channel_allocate(int type, int sock, char *remote_name) |
| { |
{ |
| return channel_new("", type, sock, sock, -1, 0, 0, 0, remote_name); |
return channel_new("", type, sock, sock, -1, 0, 0, 0, remote_name, 1); |
| } |
} |
| |
|
| |
|
|
|
| newch = channel_new("x11", |
newch = channel_new("x11", |
| SSH_CHANNEL_OPENING, newsock, newsock, -1, |
SSH_CHANNEL_OPENING, newsock, newsock, -1, |
| c->local_window_max, c->local_maxpacket, |
c->local_window_max, c->local_maxpacket, |
| 0, xstrdup(buf)); |
0, xstrdup(buf), 1); |
| if (compat20) { |
if (compat20) { |
| packet_start(SSH2_MSG_CHANNEL_OPEN); |
packet_start(SSH2_MSG_CHANNEL_OPEN); |
| packet_put_cstring("x11"); |
packet_put_cstring("x11"); |
|
|
| newch = channel_new("direct-tcpip", |
newch = channel_new("direct-tcpip", |
| SSH_CHANNEL_OPENING, newsock, newsock, -1, |
SSH_CHANNEL_OPENING, newsock, newsock, -1, |
| c->local_window_max, c->local_maxpacket, |
c->local_window_max, c->local_maxpacket, |
| 0, xstrdup(buf)); |
0, xstrdup(buf), 1); |
| if (compat20) { |
if (compat20) { |
| packet_start(SSH2_MSG_CHANNEL_OPEN); |
packet_start(SSH2_MSG_CHANNEL_OPEN); |
| packet_put_cstring("direct-tcpip"); |
packet_put_cstring("direct-tcpip"); |
|
|
| buffer_len(&c->extended) > 0) { |
buffer_len(&c->extended) > 0) { |
| len = write(c->efd, buffer_ptr(&c->extended), |
len = write(c->efd, buffer_ptr(&c->extended), |
| buffer_len(&c->extended)); |
buffer_len(&c->extended)); |
| debug("channel %d: written %d to efd %d", |
debug2("channel %d: written %d to efd %d", |
| c->self, len, c->efd); |
c->self, len, c->efd); |
| if (len > 0) { |
if (len > 0) { |
| buffer_consume(&c->extended, len); |
buffer_consume(&c->extended, len); |
|
|
| } else if (c->extended_usage == CHAN_EXTENDED_READ && |
} else if (c->extended_usage == CHAN_EXTENDED_READ && |
| FD_ISSET(c->efd, readset)) { |
FD_ISSET(c->efd, readset)) { |
| len = read(c->efd, buf, sizeof(buf)); |
len = read(c->efd, buf, sizeof(buf)); |
| debug("channel %d: read %d from efd %d", |
debug2("channel %d: read %d from efd %d", |
| c->self, len, c->efd); |
c->self, len, c->efd); |
| if (len == 0) { |
if (len == 0) { |
| debug("channel %d: closing efd %d", |
debug("channel %d: closing efd %d", |
|
|
| packet_put_int(c->remote_id); |
packet_put_int(c->remote_id); |
| packet_put_int(c->local_consumed); |
packet_put_int(c->local_consumed); |
| packet_send(); |
packet_send(); |
| debug("channel %d: window %d sent adjust %d", |
debug2("channel %d: window %d sent adjust %d", |
| c->self, c->local_window, |
c->self, c->local_window, |
| c->local_consumed); |
c->local_consumed); |
| c->local_window += c->local_consumed; |
c->local_window += c->local_consumed; |
|
|
| */ |
*/ |
| |
|
| void |
void |
| channel_input_data(int type, int plen) |
channel_input_data(int type, int plen, void *ctxt) |
| { |
{ |
| int id; |
int id; |
| char *data; |
char *data; |
|
|
| xfree(data); |
xfree(data); |
| } |
} |
| void |
void |
| channel_input_extended_data(int type, int plen) |
channel_input_extended_data(int type, int plen, void *ctxt) |
| { |
{ |
| int id; |
int id; |
| int tcode; |
int tcode; |
|
|
| xfree(data); |
xfree(data); |
| return; |
return; |
| } |
} |
| debug("channel %d: rcvd ext data %d", c->self, data_len); |
debug2("channel %d: rcvd ext data %d", c->self, data_len); |
| c->local_window -= data_len; |
c->local_window -= data_len; |
| buffer_append(&c->extended, data, data_len); |
buffer_append(&c->extended, data, data_len); |
| xfree(data); |
xfree(data); |
|
|
| } |
} |
| |
|
| void |
void |
| channel_input_ieof(int type, int plen) |
channel_input_ieof(int type, int plen, void *ctxt) |
| { |
{ |
| int id; |
int id; |
| Channel *c; |
Channel *c; |
|
|
| } |
} |
| |
|
| void |
void |
| channel_input_close(int type, int plen) |
channel_input_close(int type, int plen, void *ctxt) |
| { |
{ |
| int id; |
int id; |
| Channel *c; |
Channel *c; |
|
|
| |
|
| /* proto version 1.5 overloads CLOSE_CONFIRMATION with OCLOSE */ |
/* proto version 1.5 overloads CLOSE_CONFIRMATION with OCLOSE */ |
| void |
void |
| channel_input_oclose(int type, int plen) |
channel_input_oclose(int type, int plen, void *ctxt) |
| { |
{ |
| int id = packet_get_int(); |
int id = packet_get_int(); |
| Channel *c = channel_lookup(id); |
Channel *c = channel_lookup(id); |
|
|
| } |
} |
| |
|
| void |
void |
| channel_input_close_confirmation(int type, int plen) |
channel_input_close_confirmation(int type, int plen, void *ctxt) |
| { |
{ |
| int id = packet_get_int(); |
int id = packet_get_int(); |
| Channel *c = channel_lookup(id); |
Channel *c = channel_lookup(id); |
|
|
| } |
} |
| |
|
| void |
void |
| channel_input_open_confirmation(int type, int plen) |
channel_input_open_confirmation(int type, int plen, void *ctxt) |
| { |
{ |
| int id, remote_id; |
int id, remote_id; |
| Channel *c; |
Channel *c; |
|
|
| c->remote_maxpacket = packet_get_int(); |
c->remote_maxpacket = packet_get_int(); |
| packet_done(); |
packet_done(); |
| if (c->cb_fn != NULL && c->cb_event == type) { |
if (c->cb_fn != NULL && c->cb_event == type) { |
| debug("callback start"); |
debug2("callback start"); |
| c->cb_fn(c->self, c->cb_arg); |
c->cb_fn(c->self, c->cb_arg); |
| debug("callback done"); |
debug2("callback done"); |
| } |
} |
| debug("channel %d: open confirm rwindow %d rmax %d", c->self, |
debug("channel %d: open confirm rwindow %d rmax %d", c->self, |
| c->remote_window, c->remote_maxpacket); |
c->remote_window, c->remote_maxpacket); |
|
|
| } |
} |
| |
|
| void |
void |
| channel_input_open_failure(int type, int plen) |
channel_input_open_failure(int type, int plen, void *ctxt) |
| { |
{ |
| int id; |
int id; |
| Channel *c; |
Channel *c; |
|
|
| } |
} |
| |
|
| void |
void |
| channel_input_channel_request(int type, int plen) |
channel_input_channel_request(int type, int plen, void *ctxt) |
| { |
{ |
| int id; |
int id; |
| Channel *c; |
Channel *c; |
|
|
| packet_disconnect("Received request for " |
packet_disconnect("Received request for " |
| "non-open channel %d.", id); |
"non-open channel %d.", id); |
| if (c->cb_fn != NULL && c->cb_event == type) { |
if (c->cb_fn != NULL && c->cb_event == type) { |
| debug("callback start"); |
debug2("callback start"); |
| c->cb_fn(c->self, c->cb_arg); |
c->cb_fn(c->self, c->cb_arg); |
| debug("callback done"); |
debug2("callback done"); |
| } else { |
} else { |
| char *service = packet_get_string(NULL); |
char *service = packet_get_string(NULL); |
| debug("channel: %d rcvd request for %s", c->self, service); |
debug("channel: %d rcvd request for %s", c->self, service); |
| debug("cb_fn %p cb_event %d", c->cb_fn , c->cb_event); |
debug("cb_fn %p cb_event %d", c->cb_fn , c->cb_event); |
| xfree(service); |
xfree(service); |
| } |
} |
| } |
} |
| |
|
| void |
void |
| channel_input_window_adjust(int type, int plen) |
channel_input_window_adjust(int type, int plen, void *ctxt) |
| { |
{ |
| Channel *c; |
Channel *c; |
| int id, adjust; |
int id, adjust; |
|
|
| } |
} |
| adjust = packet_get_int(); |
adjust = packet_get_int(); |
| packet_done(); |
packet_done(); |
| debug("channel %d: rcvd adjust %d", id, adjust); |
debug2("channel %d: rcvd adjust %d", id, adjust); |
| c->remote_window += adjust; |
c->remote_window += adjust; |
| } |
} |
| |
|
|
|
| "port listener", SSH_CHANNEL_PORT_LISTENER, |
"port listener", SSH_CHANNEL_PORT_LISTENER, |
| sock, sock, -1, |
sock, sock, -1, |
| CHAN_TCP_WINDOW_DEFAULT, CHAN_TCP_PACKET_DEFAULT, |
CHAN_TCP_WINDOW_DEFAULT, CHAN_TCP_PACKET_DEFAULT, |
| 0, xstrdup("port listener")); |
0, xstrdup("port listener"), 1); |
| strlcpy(channels[ch].path, host, sizeof(channels[ch].path)); |
strlcpy(channels[ch].path, host, sizeof(channels[ch].path)); |
| channels[ch].host_port = host_port; |
channels[ch].host_port = host_port; |
| channels[ch].listening_port = port; |
channels[ch].listening_port = port; |
|
|
| */ |
*/ |
| |
|
| void |
void |
| channel_input_port_open(int type, int plen) |
channel_input_port_open(int type, int plen, void *ctxt) |
| { |
{ |
| u_short host_port; |
u_short host_port; |
| char *host, *originator_string; |
char *host, *originator_string; |
|
|
| (void) channel_new("x11 listener", |
(void) channel_new("x11 listener", |
| SSH_CHANNEL_X11_LISTENER, sock, sock, -1, |
SSH_CHANNEL_X11_LISTENER, sock, sock, -1, |
| CHAN_X11_WINDOW_DEFAULT, CHAN_X11_PACKET_DEFAULT, |
CHAN_X11_WINDOW_DEFAULT, CHAN_X11_PACKET_DEFAULT, |
| 0, xstrdup("X11 inet listener")); |
0, xstrdup("X11 inet listener"), 1); |
| } |
} |
| |
|
| /* Return a suitable value for the DISPLAY environment variable. */ |
/* Return a suitable value for the DISPLAY environment variable. */ |
|
|
| */ |
*/ |
| |
|
| void |
void |
| x11_input_open(int type, int plen) |
x11_input_open(int type, int plen, void *ctxt) |
| { |
{ |
| int remote_channel, sock = 0, newch; |
int remote_channel, sock = 0, newch; |
| char *remote_host; |
char *remote_host; |
|
|
| } |
} |
| } |
} |
| |
|
| |
/* dummy protocol handler that denies SSH-1 requests (agent/x11) */ |
| |
void |
| |
deny_input_open(int type, int plen, void *ctxt) |
| |
{ |
| |
int rchan = packet_get_int(); |
| |
switch(type){ |
| |
case SSH_SMSG_AGENT_OPEN: |
| |
error("Warning: ssh server tried agent forwarding."); |
| |
break; |
| |
case SSH_SMSG_X11_OPEN: |
| |
error("Warning: ssh server tried X11 forwarding."); |
| |
break; |
| |
default: |
| |
error("deny_input_open: type %d plen %d", type, plen); |
| |
break; |
| |
} |
| |
error("Warning: this is probably a break in attempt by a malicious server."); |
| |
packet_start(SSH_MSG_CHANNEL_OPEN_FAILURE); |
| |
packet_put_int(rchan); |
| |
packet_send(); |
| |
} |
| |
|
| /* |
/* |
| * Requests forwarding of X11 connections, generates fake authentication |
* Requests forwarding of X11 connections, generates fake authentication |
| * data, and enables authentication spoofing. |
* data, and enables authentication spoofing. |
|
|
| /* This is called to process an SSH_SMSG_AGENT_OPEN message. */ |
/* This is called to process an SSH_SMSG_AGENT_OPEN message. */ |
| |
|
| void |
void |
| auth_input_open_request(int type, int plen) |
auth_input_open_request(int type, int plen, void *ctxt) |
| { |
{ |
| int remch, sock, newch; |
int remch, sock, newch; |
| char *dummyname; |
char *dummyname; |
|
|
| } |
} |
| |
|
| void |
void |
| channel_set_fds(int id, int rfd, int wfd, int efd, int extusage) |
channel_set_fds(int id, int rfd, int wfd, int efd, |
| |
int extusage, int nonblock) |
| { |
{ |
| Channel *c = channel_lookup(id); |
Channel *c = channel_lookup(id); |
| if (c == NULL || c->type != SSH_CHANNEL_LARVAL) |
if (c == NULL || c->type != SSH_CHANNEL_LARVAL) |
| fatal("channel_activate for non-larval channel %d.", id); |
fatal("channel_activate for non-larval channel %d.", id); |
| |
channel_register_fds(c, rfd, wfd, efd, extusage, nonblock); |
| channel_register_fds(c, rfd, wfd, efd, extusage); |
|
| c->type = SSH_CHANNEL_OPEN; |
c->type = SSH_CHANNEL_OPEN; |
| /* XXX window size? */ |
/* XXX window size? */ |
| c->local_window = c->local_window_max = c->local_maxpacket/2; |
c->local_window = c->local_window_max = c->local_maxpacket * 2; |
| packet_start(SSH2_MSG_CHANNEL_WINDOW_ADJUST); |
packet_start(SSH2_MSG_CHANNEL_WINDOW_ADJUST); |
| packet_put_int(c->remote_id); |
packet_put_int(c->remote_id); |
| packet_put_int(c->local_window); |
packet_put_int(c->local_window); |
![[BACK]](/icons/back.gif){kind=icon}
Return to channels.c CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [local] / src / usr.bin / ssh