Mercurial > dropbear

comparison common-channel.c @ 4:fe6bca95afa7

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Makefile.in contains updated files required
author Matt Johnston <matt@ucc.asn.au>
date Tue, 01 Jun 2004 02:46:09 +0000
parents
children ab00ef513e97
comparison
equal deleted inserted replaced
-1:000000000000 4:fe6bca95afa7
1 /*
2 * Dropbear - a SSH2 server
3 *
4 * Copyright (c) 2002,2003 Matt Johnston
5 * All rights reserved.
6 *
7 * Permission is hereby granted, free of charge, to any person obtaining a copy
8 * of this software and associated documentation files (the "Software"), to deal
9 * in the Software without restriction, including without limitation the rights
10 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
11 * copies of the Software, and to permit persons to whom the Software is
12 * furnished to do so, subject to the following conditions:
13 *
14 * The above copyright notice and this permission notice shall be included in
15 * all copies or substantial portions of the Software.
16 *
17 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
18 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
19 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
20 * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
21 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
22 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
23 * SOFTWARE. */
24
25 /* Handle the multiplexed channels, such as sessions, x11, agent connections */
26
27 #include "includes.h"
28 #include "session.h"
29 #include "packet.h"
30 #include "ssh.h"
31 #include "buffer.h"
32 #include "dbutil.h"
33 #include "channel.h"
34 #include "ssh.h"
35 #include "localtcpfwd.h"
36 #include "remotetcpfwd.h"
37 #include "tcpfwd.h"
38
39 static void send_msg_channel_open_failure(unsigned int remotechan, int reason,
40 const unsigned char *text, const unsigned char *lang);
41 static void send_msg_channel_open_confirmation(struct Channel* channel,
42 unsigned int recvwindow,
43 unsigned int recvmaxpacket);
44 static void writechannel(struct Channel *channel);
45 static void send_msg_channel_window_adjust(struct Channel *channel,
46 unsigned int incr);
47 static void send_msg_channel_data(struct Channel *channel, int isextended,
48 unsigned int exttype);
49 static void send_msg_channel_eof(struct Channel *channel);
50 static void send_msg_channel_close(struct Channel *channel);
51 static void removechannel(struct Channel *channel);
52 static void deletechannel(struct Channel *channel);
53 static void checkinitdone(struct Channel *channel);
54 static void checkclose(struct Channel *channel);
55
56 static void closeinfd(struct Channel * channel);
57 static void closeoutfd(struct Channel * channel, int fd);
58 static void closechanfd(struct Channel *channel, int fd, int how);
59
60 #define FD_UNINIT (-2)
61 #define FD_CLOSED (-1)
62
63 /* Initialise all the channels */
64 void chaninitialise(struct ChanType *chantypes[]) {
65
66 /* may as well create space for a single channel */
67 ses.channels = (struct Channel**)m_malloc(sizeof(struct Channel*));
68 ses.chansize = 1;
69 ses.channels[0] = NULL;
70
71 ses.chantypes = chantypes;
72
73 #ifdef USING_TCP_LISTENERS
74 tcp_fwd_initialise();
75 #endif
76
77 }
78
79 /* Clean up channels, freeing allocated memory */
80 void chancleanup() {
81
82 unsigned int i;
83
84 TRACE(("enter chancleanup"));
85 for (i = 0; i < ses.chansize; i++) {
86 if (ses.channels[i] != NULL) {
87 TRACE(("channel %d closing", i));
88 removechannel(ses.channels[i]);
89 }
90 }
91 m_free(ses.channels);
92 TRACE(("leave chancleanup"));
93 }
94
95 /* Create a new channel entry, send a reply confirm or failure */
96 /* If remotechan, transwindow and transmaxpacket are not know (for a new
97 * outgoing connection, with them to be filled on confirmation), they should
98 * all be set to 0 */
99 struct Channel* newchannel(unsigned int remotechan, struct ChanType *type,
100 unsigned int transwindow, unsigned int transmaxpacket) {
101
102 struct Channel * newchan;
103 unsigned int i, j;
104
105 TRACE(("enter newchannel"));
106
107 /* first see if we can use existing channels */
108 for (i = 0; i < ses.chansize; i++) {
109 if (ses.channels[i] == NULL) {
110 break;
111 }
112 }
113
114 /* otherwise extend the list */
115 if (i == ses.chansize) {
116 if (ses.chansize >= MAX_CHANNELS) {
117 TRACE(("leave newchannel: max chans reached"));
118 return NULL;
119 }
120
121 /* extend the channels */
122 ses.channels = (struct Channel**)m_realloc(ses.channels,
123 (ses.chansize+CHAN_EXTEND_SIZE)*sizeof(struct Channel*));
124
125 ses.chansize += CHAN_EXTEND_SIZE;
126
127 /* set the new channels to null */
128 for (j = i; j < ses.chansize; j++) {
129 ses.channels[j] = NULL;
130 }
131
132 }
133
134 newchan = (struct Channel*)m_malloc(sizeof(struct Channel));
135 newchan->type = type;
136 newchan->index = i;
137 newchan->sentclosed = newchan->recvclosed = 0;
138 newchan->senteof = newchan->recveof = 0;
139
140 newchan->remotechan = remotechan;
141 newchan->transwindow = transwindow;
142 newchan->transmaxpacket = transmaxpacket;
143
144 newchan->typedata = NULL;
145 newchan->infd = FD_UNINIT;
146 newchan->outfd = FD_UNINIT;
147 newchan->errfd = FD_CLOSED; /* this isn't always set to start with */
148 newchan->initconn = 0;
149
150 newchan->writebuf = buf_new(RECV_MAXWINDOW);
151 newchan->recvwindow = RECV_MAXWINDOW;
152 newchan->recvmaxpacket = RECV_MAXPACKET;
153
154 ses.channels[i] = newchan;
155
156 TRACE(("leave newchannel"));
157
158 return newchan;
159 }
160
161 /* Get the channel structure corresponding to a channel number */
162 static struct Channel* getchannel(unsigned int chan) {
163 if (chan >= ses.chansize || ses.channels[chan] == NULL) {
164 return NULL;
165 }
166 return ses.channels[chan];
167 }
168
169 /* Iterate through the channels, performing IO if available */
170 void channelio(fd_set *readfd, fd_set *writefd) {
171
172 struct Channel *channel;
173 unsigned int i;
174
175 /* iterate through all the possible channels */
176 for (i = 0; i < ses.chansize; i++) {
177
178 channel = ses.channels[i];
179 if (channel == NULL) {
180 /* only process in-use channels */
181 continue;
182 }
183
184 /* read from program/pipe stdout */
185 if (channel->outfd >= 0 && FD_ISSET(channel->outfd, readfd)) {
186 send_msg_channel_data(channel, 0, 0);
187 }
188
189 /* read from program/pipe stderr */
190 if (channel->errfd >= 0 && FD_ISSET(channel->errfd, readfd)) {
191 send_msg_channel_data(channel, 1, SSH_EXTENDED_DATA_STDERR);
192 }
193
194 /* if we can read from the infd, it might be closed, so we try to
195 * see if it has errors */
196 if (channel->infd >= 0 && channel->infd != channel->outfd
197 && FD_ISSET(channel->infd, readfd)) {
198 int ret;
199 ret = write(channel->infd, NULL, 0);
200 if (ret < 0 && errno != EINTR && errno != EAGAIN) {
201 closeinfd(channel);
202 }
203 }
204
205 /* write to program/pipe stdin */
206 if (channel->infd >= 0 && FD_ISSET(channel->infd, writefd)) {
207 if (channel->initconn) {
208 checkinitdone(channel);
209 continue; /* Important not to use the channel after
210 checkinitdone(), as it may be NULL */
211 } else {
212 writechannel(channel);
213 }
214 }
215
216 /* now handle any of the channel-closing type stuff */
217 checkclose(channel);
218
219 } /* foreach channel */
220
221 /* Not channel specific */
222 #ifdef USING_TCP_LISTENERS
223 handle_tcp_fwd(readfd);
224 #endif
225 }
226
227
228 /* do all the EOF/close type stuff checking for a channel */
229 static void checkclose(struct Channel *channel) {
230
231 if (!channel->sentclosed) {
232
233 /* check for exited - currently only used for server sessions,
234 * if the shell has exited etc */
235 if (channel->type->checkclose) {
236 if (channel->type->checkclose(channel)) {
237 closeinfd(channel);
238 }
239 }
240
241 if (!channel->senteof
242 && channel->outfd == FD_CLOSED
243 && channel->errfd == FD_CLOSED) {
244 send_msg_channel_eof(channel);
245 }
246
247 if (channel->infd == FD_CLOSED
248 && channel->outfd == FD_CLOSED
249 && channel->errfd == FD_CLOSED) {
250 send_msg_channel_close(channel);
251 }
252 }
253
254 /* When either party wishes to terminate the channel, it sends
255 * SSH_MSG_CHANNEL_CLOSE. Upon receiving this message, a party MUST
256 * send back a SSH_MSG_CHANNEL_CLOSE unless it has already sent this
257 * message for the channel. The channel is considered closed for a
258 * party when it has both sent and received SSH_MSG_CHANNEL_CLOSE, and
259 * the party may then reuse the channel number. A party MAY send
260 * SSH_MSG_CHANNEL_CLOSE without having sent or received
261 * SSH_MSG_CHANNEL_EOF.
262 * (from draft-ietf-secsh-connect)
263 */
264 if (channel->recvclosed) {
265 if (! channel->sentclosed) {
266 TRACE(("Sending MSG_CHANNEL_CLOSE in response to same."));
267 send_msg_channel_close(channel);
268 }
269 removechannel(channel);
270 }
271 }
272
273
274 /* Check whether a deferred (EINPROGRESS) connect() was successful, and
275 * if so, set up the channel properly. Otherwise, the channel is cleaned up, so
276 * it is important that the channel reference isn't used after a call to this
277 * function */
278 static void checkinitdone(struct Channel *channel) {
279
280 int val;
281 socklen_t vallen = sizeof(val);
282
283 TRACE(("enter checkinitdone"));
284
285 if (getsockopt(channel->infd, SOL_SOCKET, SO_ERROR, &val, &vallen)
286 || val != 0) {
287 close(channel->infd);
288 deletechannel(channel);
289 TRACE(("leave checkinitdone: fail"));
290 } else {
291 channel->outfd = channel->infd;
292 channel->initconn = 0;
293 TRACE(("leave checkinitdone: success"));
294 }
295 }
296
297
298
299 /* Send the close message and set the channel as closed */
300 static void send_msg_channel_close(struct Channel *channel) {
301
302 TRACE(("enter send_msg_channel_close"));
303 /* XXX server */
304 if (channel->type->closehandler) {
305 channel->type->closehandler(channel);
306 }
307 #if 0
308 if (channel->type == CHANNEL_ID_SESSION) {
309 send_exitsignalstatus(channel);
310
311 closechansess(channel);
312 }
313 #endif
314
315 CHECKCLEARTOWRITE();
316
317 buf_putbyte(ses.writepayload, SSH_MSG_CHANNEL_CLOSE);
318 buf_putint(ses.writepayload, channel->remotechan);
319
320 encrypt_packet();
321
322 channel->senteof = 1;
323 channel->sentclosed = 1;
324 TRACE(("leave send_msg_channel_close"));
325 }
326
327 /* call this when trans/eof channels are closed */
328 static void send_msg_channel_eof(struct Channel *channel) {
329
330 TRACE(("enter send_msg_channel_eof"));
331 CHECKCLEARTOWRITE();
332
333 buf_putbyte(ses.writepayload, SSH_MSG_CHANNEL_EOF);
334 buf_putint(ses.writepayload, channel->remotechan);
335
336 encrypt_packet();
337
338 channel->senteof = 1;
339
340 TRACE(("leave send_msg_channel_eof"));
341 }
342
343 /* Called to write data out to the server side of a channel (eg a shell or a
344 * program.
345 * Only called when we know we can write to a channel, writes as much as
346 * possible */
347 static void writechannel(struct Channel* channel) {
348
349 int len, maxlen;
350 buffer *buf;
351
352 TRACE(("enter writechannel"));
353
354 buf = channel->writebuf;
355 maxlen = buf->len - buf->pos;
356
357 len = write(channel->infd, buf_getptr(buf, maxlen), maxlen);
358 if (len <= 0) {
359 if (len < 0 && errno != EINTR) {
360 /* no more to write */
361 closeinfd(channel);
362 }
363 TRACE(("leave writechannel: len <= 0"));
364 return;
365 }
366
367 if (len == maxlen) {
368 buf_setpos(buf, 0);
369 buf_setlen(buf, 0);
370
371 if (channel->recveof) {
372 /* we're closing up */
373 closeinfd(channel);
374 return;
375 TRACE(("leave writechannel: recveof set"));
376 }
377
378 /* extend the window if we're at the end*/
379 /* TODO - this is inefficient */
380 send_msg_channel_window_adjust(channel, buf->size
381 - channel->recvwindow);
382 channel->recvwindow = buf->size;
383 } else {
384 buf_incrpos(buf, len);
385 }
386 TRACE(("leave writechannel"));
387 }
388
389 /* Set the file descriptors for the main select in session.c
390 * This avoid channels which don't have any window available, are closed, etc*/
391 void setchannelfds(fd_set *readfd, fd_set *writefd) {
392
393 unsigned int i;
394 struct Channel * channel;
395
396 for (i = 0; i < ses.chansize; i++) {
397
398 channel = ses.channels[i];
399 if (channel == NULL) {
400 continue;
401 }
402
403 /* stdout and stderr */
404 if (channel->transwindow > 0) {
405
406 /* stdout */
407 if (channel->outfd >= 0) {
408 /* there's space to read more from the program */
409 FD_SET(channel->outfd, readfd);
410 }
411 /* stderr */
412 if (channel->errfd >= 0) {
413 FD_SET(channel->errfd, readfd);
414 }
415 }
416
417 if (channel->infd >= 0 && channel->infd != channel->outfd) {
418 FD_SET(channel->infd, readfd);
419 }
420
421 /* stdin */
422 if (channel->infd >= 0 &&
423 (channel->writebuf->pos < channel->writebuf->len ||
424 channel->initconn)) {
425 /* there's space to write more to the program */
426 FD_SET(channel->infd, writefd);
427 }
428
429 } /* foreach channel */
430
431 #ifdef USING_TCP_LISTENERS
432 set_tcp_fwd_fds(readfd);
433 #endif
434
435 }
436
437 /* handle the channel EOF event, by closing the channel filedescriptor. The
438 * channel isn't closed yet, it is left until the incoming (from the program
439 * etc) FD is also EOF */
440 void recv_msg_channel_eof() {
441
442 unsigned int chan;
443 struct Channel * channel;
444
445 TRACE(("enter recv_msg_channel_eof"));
446
447 chan = buf_getint(ses.payload);
448 channel = getchannel(chan);
449
450 if (channel == NULL) {
451 dropbear_exit("EOF for unknown channel");
452 }
453
454 channel->recveof = 1;
455 if (channel->writebuf->len == 0) {
456 closeinfd(channel);
457 }
458
459 TRACE(("leave recv_msg_channel_eof"));
460 }
461
462
463 /* Handle channel closure(), respond in kind and close the channels */
464 void recv_msg_channel_close() {
465
466 unsigned int chan;
467 struct Channel * channel;
468
469 TRACE(("enter recv_msg_channel_close"));
470
471 chan = buf_getint(ses.payload);
472 TRACE(("close channel = %d", chan));
473 channel = getchannel(chan);
474
475 if (channel == NULL) {
476 /* disconnect ? */
477 dropbear_exit("Close for unknown channel");
478 }
479
480 channel->recveof = 1;
481 channel->recvclosed = 1;
482
483 if (channel->sentclosed) {
484 removechannel(channel);
485 }
486
487 TRACE(("leave recv_msg_channel_close"));
488 }
489
490 /* Remove a channel entry, this is only executed after both sides have sent
491 * channel close */
492 static void removechannel(struct Channel * channel) {
493
494 TRACE(("enter removechannel"));
495 TRACE(("channel index is %d", channel->index));
496
497 buf_free(channel->writebuf);
498
499 /* close the FDs in case they haven't been done
500 * yet (ie they were shutdown etc */
501 close(channel->infd);
502 close(channel->outfd);
503 if (channel->errfd >= 0) {
504 close(channel->errfd);
505 }
506
507 deletechannel(channel);
508
509 TRACE(("leave removechannel"));
510 }
511
512 /* Remove a channel entry */
513 static void deletechannel(struct Channel *channel) {
514
515 ses.channels[channel->index] = NULL;
516 m_free(channel);
517
518 }
519
520
521 /* Handle channel specific requests, passing off to corresponding handlers
522 * such as chansession or x11fwd */
523 void recv_msg_channel_request() {
524
525 unsigned int chan;
526 struct Channel *channel;
527
528 TRACE(("enter recv_msg_channel_request"));
529
530 chan = buf_getint(ses.payload);
531 channel = getchannel(chan);
532
533 if (channel == NULL) {
534 /* disconnect ? */
535 dropbear_exit("Unknown channel");
536 }
537
538 TRACE(("chan type is %d", channel->type));
539
540 if (channel->type->reqhandler) {
541 channel->type->reqhandler(channel);
542 } else {
543 send_msg_channel_failure(channel);
544 }
545
546 #if 0
547 /* handle according to channel type */
548 switch (channel->type) {
549
550 case CHANNEL_ID_SESSION:
551 TRACE(("continue recv_msg_channel_request: session request"));
552 /* XXX server */
553 /* Here we need to do things channel-specific style. Function
554 * pointer callbacks perhaps */
555 chansessionrequest(channel);
556 break;
557
558 default:
559 send_msg_channel_failure(channel);
560 }
561 #endif
562
563 TRACE(("leave recv_msg_channel_request"));
564
565 }
566
567 /* Reads data from the server's program/shell/etc, and puts it in a
568 * channel_data packet to send.
569 * chan is the remote channel, isextended is 0 if it is normal data, 1
570 * if it is extended data. if it is extended, then the type is in
571 * exttype */
572 static void send_msg_channel_data(struct Channel *channel, int isextended,
573 unsigned int exttype) {
574
575 buffer *buf;
576 int len;
577 unsigned int maxlen;
578 int fd;
579
580 /* TRACE(("enter send_msg_channel_data"));
581 TRACE(("extended = %d type = %d", isextended, exttype));*/
582
583 CHECKCLEARTOWRITE();
584
585 assert(!channel->sentclosed);
586
587 if (isextended) {
588 fd = channel->errfd;
589 } else {
590 fd = channel->outfd;
591 }
592 assert(fd >= 0);
593
594 maxlen = MIN(channel->transwindow, channel->transmaxpacket);
595 /* -(1+4+4) is SSH_MSG_CHANNEL_DATA, channel number, string length, and
596 * exttype if is extended */
597 maxlen = MIN(maxlen,
598 ses.writepayload->size - 1 - 4 - 4 - (isextended ? 4 : 0));
599 if (maxlen == 0) {
600 TRACE(("leave send_msg_channel_data: no window"));
601 return; /* the data will get written later */
602 }
603
604 /* read the data */
605 buf = buf_new(maxlen);
606 len = read(fd, buf_getwriteptr(buf, maxlen), maxlen);
607 if (len <= 0) {
608 /* on error/eof, send eof */
609 if (len == 0 || errno != EINTR) {
610 closeoutfd(channel, fd);
611 TRACE(("leave send_msg_channel_data: read err"));
612 }
613 buf_free(buf);
614 return;
615 }
616 buf_incrlen(buf, len);
617
618 buf_putbyte(ses.writepayload,
619 isextended ? SSH_MSG_CHANNEL_EXTENDED_DATA : SSH_MSG_CHANNEL_DATA);
620 buf_putint(ses.writepayload, channel->remotechan);
621
622 if (isextended) {
623 buf_putint(ses.writepayload, exttype);
624 }
625
626 buf_putstring(ses.writepayload, buf_getptr(buf, len), len);
627 buf_free(buf);
628
629 channel->transwindow -= len;
630
631 encrypt_packet();
632 TRACE(("leave send_msg_channel_data"));
633 }
634
635
636 /* when we receive channel data, put it in a buffer for writing to the program/
637 * shell etc */
638 void recv_msg_channel_data() {
639
640 unsigned int chan;
641 struct Channel * channel;
642 unsigned int datalen;
643 unsigned int pos;
644 unsigned int maxdata;
645
646 TRACE(("enter recv_msg_channel_data"));
647
648 chan = buf_getint(ses.payload);
649 channel = getchannel(chan);
650 if (channel == NULL) {
651 dropbear_exit("Unknown channel");
652 }
653
654 if (channel->recveof) {
655 dropbear_exit("received data after eof");
656 }
657
658 if (channel->infd < 0) {
659 dropbear_exit("received data with bad infd");
660 }
661
662 datalen = buf_getint(ses.payload);
663
664 /* if the client is going to send us more data than we've allocated, then
665 * it has ignored the windowsize, so we "MAY ignore all extra data" */
666 maxdata = channel->writebuf->size - channel->writebuf->pos;
667 if (datalen > maxdata) {
668 TRACE(("Warning: recv_msg_channel_data: extra data past window"));
669 datalen = maxdata;
670 }
671
672 /* write to the buffer - we always append to the end of the buffer */
673 pos = channel->writebuf->pos;
674 buf_setpos(channel->writebuf, channel->writebuf->len);
675 memcpy(buf_getwriteptr(channel->writebuf, datalen),
676 buf_getptr(ses.payload, datalen), datalen);
677 buf_incrwritepos(channel->writebuf, datalen);
678 buf_setpos(channel->writebuf, pos); /* revert pos */
679
680 channel->recvwindow -= datalen;
681
682 /* matt - this might be for later */
683 /* if (channel->recvwindow < RECV_MINWINDOW) {
684 send_msg_channel_window_adjust(channel,
685 RECV_MAXWINDOW - channel->recvwindow);
686 channel->recvwindow = RECV_MAXWINDOW;
687 }*/
688
689 TRACE(("leave recv_msg_channel_data"));
690 }
691
692 /* Increment the outgoing data window for a channel - the remote end limits
693 * the amount of data which may be transmitted, this window is decremented
694 * as data is sent, and incremented upon receiving window-adjust messages */
695 void recv_msg_channel_window_adjust() {
696
697 unsigned int chan;
698 struct Channel * channel;
699 unsigned int incr;
700
701 chan = buf_getint(ses.payload);
702 channel = getchannel(chan);
703
704 if (channel == NULL) {
705 dropbear_exit("Unknown channel");
706 }
707
708 incr = buf_getint(ses.payload);
709 TRACE(("received window increment %d", incr));
710 incr = MIN(incr, MAX_TRANS_WIN_INCR);
711
712 channel->transwindow += incr;
713 channel->transwindow = MIN(channel->transwindow, MAX_TRANS_WINDOW);
714
715 }
716
717 /* Increment the incoming data window for a channel, and let the remote
718 * end know */
719 static void send_msg_channel_window_adjust(struct Channel* channel,
720 unsigned int incr) {
721
722 TRACE(("sending window adjust %d", incr));
723 CHECKCLEARTOWRITE();
724
725 buf_putbyte(ses.writepayload, SSH_MSG_CHANNEL_WINDOW_ADJUST);
726 buf_putint(ses.writepayload, channel->remotechan);
727 buf_putint(ses.writepayload, incr);
728
729 encrypt_packet();
730 }
731
732 /* Handle a new channel request, performing any channel-type-specific setup */
733 /* XXX server */
734 void recv_msg_channel_open() {
735
736 unsigned char *type;
737 unsigned int typelen;
738 unsigned int remotechan, transwindow, transmaxpacket;
739 struct Channel *channel;
740 struct ChanType *chantype;
741 unsigned int errtype = SSH_OPEN_UNKNOWN_CHANNEL_TYPE;
742 int ret;
743
744
745 TRACE(("enter recv_msg_channel_open"));
746
747 /* get the packet contents */
748 type = buf_getstring(ses.payload, &typelen);
749
750 remotechan = buf_getint(ses.payload);
751 transwindow = buf_getint(ses.payload);
752 transwindow = MIN(transwindow, MAX_TRANS_WINDOW);
753 transmaxpacket = buf_getint(ses.payload);
754 transmaxpacket = MIN(transmaxpacket, MAX_TRANS_PAYLOAD_LEN);
755
756 /* figure what type of packet it is */
757 if (typelen > MAX_NAME_LEN) {
758 goto failure;
759 }
760
761 /* Get the channel type. This will depend if it is a client or a server,
762 * so we iterate through the connection-specific list which was
763 * set up when the connection started */
764 for (chantype = ses.chantypes[0]; chantype != NULL; chantype++) {
765 if (strcmp(type, chantype->name) == 0) {
766 break;
767 }
768 }
769
770 if (chantype == NULL) {
771 goto failure;
772 }
773
774 /* create the channel */
775 channel = newchannel(remotechan, chantype, transwindow, transmaxpacket);
776
777 if (channel == NULL) {
778 goto failure;
779 }
780
781 if (channel->type->inithandler) {
782 ret = channel->type->inithandler(channel);
783 if (ret >= 0) {
784 errtype = ret;
785 deletechannel(channel);
786 goto failure;
787 }
788 }
789
790 #if 0
791 /* type specific initialisation */
792 if (typeval == CHANNEL_ID_SESSION) {
793 newchansess(channel);
794 #ifndef DISABLE_LOCALTCPFWD
795 } else if (typeval == CHANNEL_ID_TCPDIRECT) {
796 if (ses.opts->nolocaltcp) {
797 errtype = SSH_OPEN_ADMINISTRATIVELY_PROHIBITED;
798 } else if (newtcpdirect(channel) == DROPBEAR_FAILURE) {
799 errtype = SSH_OPEN_CONNECT_FAILED;
800 deletechannel(channel);
801 goto failure;
802 }
803 #endif
804 }
805 #endif
806
807 /* success */
808 send_msg_channel_open_confirmation(channel, channel->recvwindow,
809 channel->recvmaxpacket);
810 goto cleanup;
811
812 failure:
813 send_msg_channel_open_failure(remotechan, errtype, "", "");
814
815 cleanup:
816 m_free(type);
817
818 TRACE(("leave recv_msg_channel_open"));
819 }
820
821 /* Send a failure message */
822 void send_msg_channel_failure(struct Channel *channel) {
823
824 TRACE(("enter send_msg_channel_failure"));
825 CHECKCLEARTOWRITE();
826
827 buf_putbyte(ses.writepayload, SSH_MSG_CHANNEL_FAILURE);
828 buf_putint(ses.writepayload, channel->remotechan);
829
830 encrypt_packet();
831 TRACE(("leave send_msg_channel_failure"));
832 }
833
834 /* Send a success message */
835 void send_msg_channel_success(struct Channel *channel) {
836
837 TRACE(("enter send_msg_channel_success"));
838 CHECKCLEARTOWRITE();
839
840 buf_putbyte(ses.writepayload, SSH_MSG_CHANNEL_SUCCESS);
841 buf_putint(ses.writepayload, channel->remotechan);
842
843 encrypt_packet();
844 TRACE(("leave send_msg_channel_success"));
845 }
846
847 /* Send a channel open failure message, with a corresponding reason
848 * code (usually resource shortage or unknown chan type) */
849 static void send_msg_channel_open_failure(unsigned int remotechan,
850 int reason, const unsigned char *text, const unsigned char *lang) {
851
852 TRACE(("enter send_msg_channel_open_failure"));
853 CHECKCLEARTOWRITE();
854
855 buf_putbyte(ses.writepayload, SSH_MSG_CHANNEL_OPEN_FAILURE);
856 buf_putint(ses.writepayload, remotechan);
857 buf_putint(ses.writepayload, reason);
858 buf_putstring(ses.writepayload, text, strlen((char*)text));
859 buf_putstring(ses.writepayload, lang, strlen((char*)lang));
860
861 encrypt_packet();
862 TRACE(("leave send_msg_channel_open_failure"));
863 }
864
865 /* Confirm a channel open, and let the remote end know what number we've
866 * allocated and the receive parameters */
867 static void send_msg_channel_open_confirmation(struct Channel* channel,
868 unsigned int recvwindow,
869 unsigned int recvmaxpacket) {
870
871 TRACE(("enter send_msg_channel_open_confirmation"));
872 CHECKCLEARTOWRITE();
873
874 buf_putbyte(ses.writepayload, SSH_MSG_CHANNEL_OPEN_CONFIRMATION);
875 buf_putint(ses.writepayload, channel->remotechan);
876 buf_putint(ses.writepayload, channel->index);
877 buf_putint(ses.writepayload, recvwindow);
878 buf_putint(ses.writepayload, recvmaxpacket);
879
880 encrypt_packet();
881 TRACE(("leave send_msg_channel_open_confirmation"));
882 }
883
884 #ifdef USE_LISTENERS
885 /* Create a new channel, and start the open request. This is intended
886 * for X11, agent, tcp forwarding, and should be filled with channel-specific
887 * options, with the calling function calling encrypt_packet() after
888 * completion. It is mandatory for the caller to encrypt_packet() if
889 * DROPBEAR_SUCCESS is returned */
890 int send_msg_channel_open_init(int fd, struct ChanType *type,
891 const char * typestring) {
892
893 struct Channel* chan;
894
895 TRACE(("enter send_msg_channel_open_init()"));
896 chan = newchannel(0, type, 0, 0);
897 if (!chan) {
898 TRACE(("leave send_msg_channel_open_init() - FAILED in newchannel()"));
899 return DROPBEAR_FAILURE;
900 }
901
902 /* set fd non-blocking */
903 if (fcntl(fd, F_SETFL, O_NONBLOCK) < 0) {
904 TRACE(("leave send_msg_channel_open_init() - FAILED in fcntl()"));
905 return DROPBEAR_FAILURE;
906 }
907
908 chan->infd = chan->outfd = fd;
909 ses.maxfd = MAX(ses.maxfd, fd);
910
911 /* now open the channel connection */
912 CHECKCLEARTOWRITE();
913
914 buf_putbyte(ses.writepayload, SSH_MSG_CHANNEL_OPEN);
915 buf_putstring(ses.writepayload, typestring, strlen(typestring));
916 buf_putint(ses.writepayload, chan->index);
917 buf_putint(ses.writepayload, RECV_MAXWINDOW);
918 buf_putint(ses.writepayload, RECV_MAXPACKET);
919
920 TRACE(("leave send_msg_channel_open_init()"));
921 return DROPBEAR_SUCCESS;
922 }
923
924 /* Confirmation that our channel open request (for forwardings) was
925 * successful*/
926 void recv_msg_channel_open_confirmation() {
927
928 unsigned int chan;
929 struct Channel * channel;
930
931 TRACE(("enter recv_msg_channel_open_confirmation"));
932 chan = buf_getint(ses.payload);
933
934 channel = getchannel(chan);
935 if (channel == NULL) {
936 dropbear_exit("Unknown channel");
937 }
938
939 channel->remotechan = buf_getint(ses.payload);
940 channel->transwindow = buf_getint(ses.payload);
941 channel->transmaxpacket = buf_getint(ses.payload);
942
943 TRACE(("leave recv_msg_channel_open_confirmation"));
944 }
945
946 /* Notification that our channel open request failed */
947 void recv_msg_channel_open_failure() {
948
949 unsigned int chan;
950 struct Channel * channel;
951 chan = buf_getbyte(ses.payload);
952
953 channel = getchannel(chan);
954 if (channel == NULL) {
955 dropbear_exit("Unknown channel");
956 }
957
958 removechannel(channel);
959 }
960
961 /* close a stdout/stderr fd */
962 static void closeoutfd(struct Channel * channel, int fd) {
963
964 /* don't close it if it is the same as infd,
965 * unless infd is already set -1 */
966 TRACE(("enter closeoutfd"));
967 closechanfd(channel, fd, 0);
968 TRACE(("leave closeoutfd"));
969 }
970
971 /* close a stdin fd */
972 static void closeinfd(struct Channel * channel) {
973
974 TRACE(("enter closeinfd"));
975 closechanfd(channel, channel->infd, 1);
976 TRACE(("leave closeinfd"));
977 }
978
979 /* close a fd, how is 0 for stdout/stderr, 1 for stdin */
980 static void closechanfd(struct Channel *channel, int fd, int how) {
981
982 int closein = 0, closeout = 0;
983
984 /* XXX server */
985 if (channel->type->sepfds) {
986 shutdown(fd, how);
987 if (how == 0) {
988 closeout = 1;
989 } else {
990 closein = 1;
991 }
992 } else {
993 close(fd);
994 closein = closeout = 1;
995 }
996
997 if (closeout && fd == channel->errfd) {
998 channel->errfd = FD_CLOSED;
999 }
1000 if (closeout && fd == channel->outfd) {
1001 channel->outfd = FD_CLOSED;
1002 }
1003 if (closein && fd == channel->infd) {
1004 channel->infd = FD_CLOSED;
1005 }
1006 }
1007
1008 #endif /* USE_LISTENERS */