Annotation of src/usr.bin/ssh/channels.h, Revision 1.22.2.5
1.17 deraadt 1: /*
1.19 markus 2: * Author: Tatu Ylonen <ylo@cs.hut.fi>
3: * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
4: * All rights reserved
5: *
6: * As far as I am concerned, the code I have written for this software
7: * can be used freely for any purpose. Any derived versions of this
8: * software must be clearly marked as such, and if the derived work is
9: * incompatible with the protocol description in the RFC file, it must be
10: * called by a name other than "ssh" or "Secure Shell".
11: */
12: /*
1.17 deraadt 13: * Copyright (c) 2000 Markus Friedl. All rights reserved.
14: *
15: * Redistribution and use in source and binary forms, with or without
16: * modification, are permitted provided that the following conditions
17: * are met:
18: * 1. Redistributions of source code must retain the above copyright
19: * notice, this list of conditions and the following disclaimer.
20: * 2. Redistributions in binary form must reproduce the above copyright
21: * notice, this list of conditions and the following disclaimer in the
22: * documentation and/or other materials provided with the distribution.
23: *
24: * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
25: * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
26: * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
27: * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
28: * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
29: * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
30: * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
31: * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
32: * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
33: * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
34: */
1.22.2.5! miod 35: /* RCSID("$OpenBSD: channels.h,v 1.22.2.4 2001/05/07 21:09:27 jason Exp $"); */
1.2 markus 36:
1.1 markus 37: #ifndef CHANNELS_H
38: #define CHANNELS_H
39:
1.22.2.3 jason 40: #include "buffer.h"
41:
1.1 markus 42: /* Definitions for channel types. */
1.6 markus 43: #define SSH_CHANNEL_FREE 0 /* This channel is free (unused). */
44: #define SSH_CHANNEL_X11_LISTENER 1 /* Listening for inet X11 conn. */
1.5 deraadt 45: #define SSH_CHANNEL_PORT_LISTENER 2 /* Listening on a port. */
46: #define SSH_CHANNEL_OPENING 3 /* waiting for confirmation */
47: #define SSH_CHANNEL_OPEN 4 /* normal open two-way channel */
1.6 markus 48: #define SSH_CHANNEL_CLOSED 5 /* waiting for close confirmation */
1.7 markus 49: #define SSH_CHANNEL_AUTH_SOCKET 6 /* authentication socket */
50: #define SSH_CHANNEL_X11_OPEN 7 /* reading first X11 packet */
51: #define SSH_CHANNEL_INPUT_DRAINING 8 /* sending remaining data to conn */
52: #define SSH_CHANNEL_OUTPUT_DRAINING 9 /* sending remaining data to app */
53: #define SSH_CHANNEL_LARVAL 10 /* larval session */
1.22.2.1 jason 54: #define SSH_CHANNEL_RPORT_LISTENER 11 /* Listening to a R-style port */
55: #define SSH_CHANNEL_CONNECTING 12
1.22.2.4 jason 56: #define SSH_CHANNEL_DYNAMIC 13
57: #define SSH_CHANNEL_MAX_TYPE 14
1.1 markus 58:
1.6 markus 59: /*
60: * Data structure for channel data. This is iniailized in channel_allocate
61: * and cleared in channel_free.
62: */
1.16 markus 63: struct Channel;
64: typedef struct Channel Channel;
65:
1.7 markus 66: typedef void channel_callback_fn(int id, void *arg);
1.16 markus 67: typedef int channel_filter_fn(struct Channel *c, char *buf, int len);
1.1 markus 68:
1.16 markus 69: struct Channel {
1.5 deraadt 70: int type; /* channel type/state */
71: int self; /* my own channel identifier */
72: int remote_id; /* channel identifier for remote peer */
73: /* peer can be reached over encrypted connection, via packet-sent */
74: int istate; /* input from channel (state of receive half) */
75: int ostate; /* output to channel (state of transmit half) */
1.8 markus 76: int flags; /* close sent/rcvd */
1.7 markus 77: int rfd; /* read fd */
78: int wfd; /* write fd */
79: int efd; /* extended fd */
80: int sock; /* sock fd */
1.22.2.1 jason 81: int isatty; /* rfd is a tty */
1.5 deraadt 82: Buffer input; /* data read from socket, to be sent over
83: * encrypted connection */
84: Buffer output; /* data received over encrypted connection for
85: * send on socket */
1.7 markus 86: Buffer extended;
1.5 deraadt 87: char path[200]; /* path for unix domain sockets, or host name
88: * for forwards */
89: int listening_port; /* port being listened for forwards */
90: int host_port; /* remote port to connect for forwards */
91: char *remote_name; /* remote hostname */
1.7 markus 92:
93: int remote_window;
94: int remote_maxpacket;
95: int local_window;
96: int local_window_max;
97: int local_consumed;
98: int local_maxpacket;
99: int extended_usage;
100:
101: char *ctype; /* type */
102:
1.11 markus 103: /* callback */
1.7 markus 104: channel_callback_fn *cb_fn;
105: void *cb_arg;
106: int cb_event;
107: channel_callback_fn *dettach_user;
1.15 markus 108:
109: /* filter */
110: channel_filter_fn *input_filter;
1.16 markus 111: };
1.7 markus 112:
113: #define CHAN_EXTENDED_IGNORE 0
114: #define CHAN_EXTENDED_READ 1
115: #define CHAN_EXTENDED_WRITE 2
1.18 markus 116:
117: /* default window/packet sizes for tcp/x11-fwd-channel */
118: #define CHAN_SES_WINDOW_DEFAULT (32*1024)
119: #define CHAN_SES_PACKET_DEFAULT (CHAN_SES_WINDOW_DEFAULT/2)
120: #define CHAN_TCP_WINDOW_DEFAULT (32*1024)
121: #define CHAN_TCP_PACKET_DEFAULT (CHAN_TCP_WINDOW_DEFAULT/2)
122: #define CHAN_X11_WINDOW_DEFAULT (4*1024)
123: #define CHAN_X11_PACKET_DEFAULT (CHAN_X11_WINDOW_DEFAULT/2)
124:
1.7 markus 125:
126: void channel_open(int id);
1.8 markus 127: void channel_request(int id, char *service, int wantconfirm);
128: void channel_request_start(int id, char *service, int wantconfirm);
129: void channel_register_callback(int id, int mtype, channel_callback_fn *fn, void *arg);
130: void channel_register_cleanup(int id, channel_callback_fn *fn);
1.15 markus 131: void channel_register_filter(int id, channel_filter_fn *fn);
1.8 markus 132: void channel_cancel_cleanup(int id);
1.7 markus 133: Channel *channel_lookup(int id);
134:
135: int
136: channel_new(char *ctype, int type, int rfd, int wfd, int efd,
1.21 markus 137: int window, int maxpack, int extended_usage, char *remote_name,
138: int nonblock);
139: void
140: channel_set_fds(int id, int rfd, int wfd, int efd,
141: int extusage, int nonblock);
1.22 markus 142:
143: void deny_input_open(int type, int plen, void *ctxt);
1.7 markus 144:
1.20 markus 145: void channel_input_channel_request(int type, int plen, void *ctxt);
146: void channel_input_close(int type, int plen, void *ctxt);
147: void channel_input_close_confirmation(int type, int plen, void *ctxt);
148: void channel_input_data(int type, int plen, void *ctxt);
149: void channel_input_extended_data(int type, int plen, void *ctxt);
150: void channel_input_ieof(int type, int plen, void *ctxt);
151: void channel_input_oclose(int type, int plen, void *ctxt);
152: void channel_input_open_confirmation(int type, int plen, void *ctxt);
153: void channel_input_open_failure(int type, int plen, void *ctxt);
154: void channel_input_port_open(int type, int plen, void *ctxt);
155: void channel_input_window_adjust(int type, int plen, void *ctxt);
1.7 markus 156:
157: /* Sets specific protocol options. */
158: void channel_set_options(int hostname_in_open);
159:
160: /*
161: * Allocate a new channel object and set its type and socket. Remote_name
162: * must have been allocated with xmalloc; this will free it when the channel
163: * is freed.
164: */
165: int channel_allocate(int type, int sock, char *remote_name);
166:
167: /* Free the channel and close its socket. */
168: void channel_free(int channel);
169:
1.22.2.1 jason 170: /*
171: * Allocate/update select bitmasks and add any bits relevant to channels in
172: * select bitmasks.
173: */
174: void
1.22.2.4 jason 175: channel_prepare_select(fd_set **readsetp, fd_set **writesetp, int *maxfdp,
176: int rekeying);
1.7 markus 177:
178: /*
179: * After select, perform any appropriate operations for channels which have
180: * events pending.
181: */
182: void channel_after_select(fd_set * readset, fd_set * writeset);
183:
184: /* If there is data to send to the connection, send some of it now. */
185: void channel_output_poll(void);
186:
187: /* Returns true if no channel has too much buffered data. */
188: int channel_not_very_much_buffered_data(void);
189:
190: /* This closes any sockets that are listening for connections; this removes
191: any unix domain sockets. */
192: void channel_stop_listening(void);
193:
194: /*
195: * Closes the sockets of all channels. This is used to close extra file
196: * descriptors after a fork.
197: */
198: void channel_close_all(void);
199:
200: /* Returns true if there is still an open channel over the connection. */
201: int channel_still_open(void);
202:
203: /*
204: * Returns a string containing a list of all open channels. The list is
205: * suitable for displaying to the user. It uses crlf instead of newlines.
206: * The caller should free the string with xfree.
207: */
208: char *channel_open_message(void);
209:
210: /*
211: * Initiate forwarding of connections to local port "port" through the secure
1.22.2.1 jason 212: * channel to host:port from remote side.
1.7 markus 213: */
1.22.2.1 jason 214: int
215: channel_request_local_forwarding(u_short listen_port,
216: const char *host_to_connect, u_short port_to_connect, int gateway_ports);
217: int
218: channel_request_forwarding(const char *listen_address, u_short listen_port,
219: const char *host_to_connect, u_short port_to_connect, int gateway_ports,
220: int remote_fwd);
1.7 markus 221:
222: /*
223: * Initiate forwarding of connections to port "port" on remote host through
224: * the secure channel to host:port from local side. This never returns if
225: * there was an error. This registers that open requests for that port are
226: * permitted.
227: */
1.9 markus 228: void
1.7 markus 229: channel_request_remote_forwarding(u_short port, const char *host,
230: u_short remote_port);
231:
232: /*
1.22.2.3 jason 233: * Permits opening to any host/port if permitted_opens[] is empty. This is
234: * usually called by the server, because the user could connect to any port
235: * anyway, and the server has no way to know but to trust the client anyway.
1.7 markus 236: */
237: void channel_permit_all_opens(void);
1.22.2.3 jason 238:
239: /* Add host/port to list of allowed targets for port forwarding */
240: void channel_add_permitted_opens(char *host, int port);
241:
242: /* Flush list */
243: void channel_clear_permitted_opens(void);
1.7 markus 244:
245: /*
246: * This is called after receiving CHANNEL_FORWARDING_REQUEST. This initates
247: * listening for the port, and sends back a success reply (or disconnect
248: * message if there was an error). This never returns if there was an error.
249: */
1.12 markus 250: void channel_input_port_forward_request(int is_root, int gateway_ports);
1.7 markus 251:
252: /*
253: * Creates a port for X11 connections, and starts listening for it. Returns
254: * the display name, or NULL if an error was encountered.
255: */
256: char *x11_create_display(int screen);
257:
258: /*
259: * Creates an internet domain socket for listening for X11 connections.
260: * Returns a suitable value for the DISPLAY variable, or NULL if an error
261: * occurs.
262: */
263: char *x11_create_display_inet(int screen, int x11_display_offset);
264:
265: /*
266: * This is called when SSH_SMSG_X11_OPEN is received. The packet contains
267: * the remote channel number. We should do whatever we want, and respond
268: * with either SSH_MSG_OPEN_CONFIRMATION or SSH_MSG_OPEN_FAILURE.
269: */
1.20 markus 270: void x11_input_open(int type, int plen, void *ctxt);
1.7 markus 271:
272: /*
273: * Requests forwarding of X11 connections. This should be called on the
274: * client only.
275: */
276: void x11_request_forwarding(void);
277:
278: /*
279: * Requests forwarding for X11 connections, with authentication spoofing.
280: * This should be called in the client only.
281: */
1.10 markus 282: void
283: x11_request_forwarding_with_spoofing(int client_session_id,
284: const char *proto, const char *data);
1.7 markus 285:
286: /* Sends a message to the server to request authentication fd forwarding. */
287: void auth_request_forwarding(void);
288:
289: /*
290: * Returns the name of the forwarded authentication socket. Returns NULL if
291: * there is no forwarded authentication socket. The returned value points to
292: * a static buffer.
293: */
294: char *auth_get_socket_name(void);
1.22.2.5! miod 295:
! 296: void auth_sock_cleanup_proc(void *_pw);
1.7 markus 297:
298: /*
1.13 markus 299: * This is called to process SSH_CMSG_AGENT_REQUEST_FORWARDING on the server.
1.7 markus 300: * This starts forwarding authentication requests.
301: */
1.13 markus 302: int auth_input_request_forwarding(struct passwd * pw);
1.7 markus 303:
304: /* This is called to process an SSH_SMSG_AGENT_OPEN message. */
1.20 markus 305: void auth_input_open_request(int type, int plen, void *ctxt);
1.8 markus 306:
307: /* XXX */
308: int channel_connect_to(const char *host, u_short host_port);
1.22.2.1 jason 309: int channel_connect_by_listen_adress(u_short listen_port);
1.10 markus 310: int x11_connect_display(void);
1.22.2.4 jason 311:
312: int channel_find_open(void);
1.7 markus 313:
1.1 markus 314: #endif